From 7bc7316ac8e7208d7be5922c0b4557ca17e79684 Mon Sep 17 00:00:00 2001
From: developer4 <support@d-logic.rs>
Date: Fri, 6 Oct 2017 08:33:18 +0200
Subject: [PATCH] version 1.0.0.0

---
 App.config                                    |    6 +
 ClassDiagram1.cd                              |    2 +
 Program.cs                                    |   22 +
 Properties/AssemblyInfo.cs                    |   36 +
 Properties/Resources.Designer.cs              |   63 +
 Properties/Resources.resx                     |  117 +
 Properties/Settings.Designer.cs               |   26 +
 Properties/Settings.settings                  |    7 +
 bc-sharp-crypto/bzip2/src/BZip2Constants.cs   |  103 +
 .../bzip2/src/CBZip2InputStream.cs            |  921 +++++
 .../bzip2/src/CBZip2OutputStream.cs           | 1709 ++++++++
 bc-sharp-crypto/bzip2/src/CRC.cs              |  134 +
 bc-sharp-crypto/src/asn1/ASN1Generator.cs     |   27 +
 .../src/asn1/ASN1OctetStringParser.cs         |   10 +
 .../src/asn1/ASN1SequenceParser.cs            |    8 +
 bc-sharp-crypto/src/asn1/ASN1SetParser.cs     |    8 +
 bc-sharp-crypto/src/asn1/ASN1StreamParser.cs  |  234 ++
 .../src/asn1/ASN1TaggedObjectParser.cs        |   10 +
 bc-sharp-crypto/src/asn1/Asn1Encodable.cs     |   78 +
 .../src/asn1/Asn1EncodableVector.cs           |   93 +
 bc-sharp-crypto/src/asn1/Asn1Exception.cs     |   30 +
 bc-sharp-crypto/src/asn1/Asn1InputStream.cs   |  371 ++
 bc-sharp-crypto/src/asn1/Asn1Null.cs          |   18 +
 bc-sharp-crypto/src/asn1/Asn1Object.cs        |   70 +
 bc-sharp-crypto/src/asn1/Asn1OctetString.cs   |  119 +
 bc-sharp-crypto/src/asn1/Asn1OutputStream.cs  |   35 +
 .../src/asn1/Asn1ParsingException.cs          |   29 +
 bc-sharp-crypto/src/asn1/Asn1Sequence.cs      |  268 ++
 bc-sharp-crypto/src/asn1/Asn1Set.cs           |  372 ++
 bc-sharp-crypto/src/asn1/Asn1TaggedObject.cs  |  188 +
 bc-sharp-crypto/src/asn1/Asn1Tags.cs          |   36 +
 bc-sharp-crypto/src/asn1/BERBitString.cs      |   43 +
 bc-sharp-crypto/src/asn1/BERGenerator.cs      |  102 +
 .../src/asn1/BEROctetStringGenerator.cs       |  133 +
 .../src/asn1/BEROctetStringParser.cs          |   36 +
 .../src/asn1/BERSequenceGenerator.cs          |   24 +
 bc-sharp-crypto/src/asn1/BERSequenceParser.cs |   24 +
 bc-sharp-crypto/src/asn1/BERSetGenerator.cs   |   24 +
 bc-sharp-crypto/src/asn1/BERSetParser.cs      |   24 +
 .../src/asn1/BERTaggedObjectParser.cs         |   71 +
 .../src/asn1/BerApplicationSpecific.cs        |   15 +
 .../src/asn1/BerApplicationSpecificParser.cs  |   29 +
 bc-sharp-crypto/src/asn1/BerNull.cs           |   35 +
 bc-sharp-crypto/src/asn1/BerOctetString.cs    |  135 +
 bc-sharp-crypto/src/asn1/BerOutputStream.cs   |   36 +
 bc-sharp-crypto/src/asn1/BerSequence.cs       |   69 +
 bc-sharp-crypto/src/asn1/BerSet.cs            |   70 +
 bc-sharp-crypto/src/asn1/BerTaggedObject.cs   |  108 +
 .../src/asn1/ConstructedOctetStream.cs        |  102 +
 bc-sharp-crypto/src/asn1/DERExternal.cs       |  202 +
 bc-sharp-crypto/src/asn1/DERExternalParser.cs |   26 +
 bc-sharp-crypto/src/asn1/DERGenerator.cs      |  107 +
 .../src/asn1/DEROctetStringParser.cs          |   36 +
 .../src/asn1/DERSequenceGenerator.cs          |   40 +
 bc-sharp-crypto/src/asn1/DERSequenceParser.cs |   24 +
 bc-sharp-crypto/src/asn1/DERSetGenerator.cs   |   40 +
 bc-sharp-crypto/src/asn1/DERSetParser.cs      |   24 +
 .../src/asn1/DefiniteLengthInputStream.cs     |  100 +
 .../src/asn1/DerApplicationSpecific.cs        |  237 ++
 bc-sharp-crypto/src/asn1/DerBMPString.cs      |  117 +
 bc-sharp-crypto/src/asn1/DerBitString.cs      |  276 ++
 bc-sharp-crypto/src/asn1/DerBoolean.cs        |  124 +
 bc-sharp-crypto/src/asn1/DerEnumerated.cs     |  135 +
 bc-sharp-crypto/src/asn1/DerGeneralString.cs  |   81 +
 .../src/asn1/DerGeneralizedTime.cs            |  320 ++
 bc-sharp-crypto/src/asn1/DerGraphicString.cs  |  103 +
 bc-sharp-crypto/src/asn1/DerIA5String.cs      |  145 +
 bc-sharp-crypto/src/asn1/DerInteger.cs        |  128 +
 bc-sharp-crypto/src/asn1/DerNull.cs           |   41 +
 bc-sharp-crypto/src/asn1/DerNumericString.cs  |  138 +
 .../src/asn1/DerObjectIdentifier.cs           |  347 ++
 bc-sharp-crypto/src/asn1/DerOctetString.cs    |   34 +
 bc-sharp-crypto/src/asn1/DerOutputStream.cs   |  171 +
 .../src/asn1/DerPrintableString.cs            |  163 +
 bc-sharp-crypto/src/asn1/DerSequence.cs       |   88 +
 bc-sharp-crypto/src/asn1/DerSet.cs            |  111 +
 bc-sharp-crypto/src/asn1/DerStringBase.cs     |   22 +
 bc-sharp-crypto/src/asn1/DerT61String.cs      |  102 +
 bc-sharp-crypto/src/asn1/DerTaggedObject.cs   |   72 +
 bc-sharp-crypto/src/asn1/DerUTCTime.cs        |  267 ++
 bc-sharp-crypto/src/asn1/DerUTF8String.cs     |   98 +
 .../src/asn1/DerUniversalString.cs            |  107 +
 bc-sharp-crypto/src/asn1/DerVideotexString.cs |  103 +
 bc-sharp-crypto/src/asn1/DerVisibleString.cs  |  111 +
 .../asn1/IAsn1ApplicationSpecificParser.cs    |   10 +
 bc-sharp-crypto/src/asn1/IAsn1Choice.cs       |   17 +
 bc-sharp-crypto/src/asn1/IAsn1Convertible.cs  |    7 +
 bc-sharp-crypto/src/asn1/IAsn1String.cs       |   10 +
 .../src/asn1/IndefiniteLengthInputStream.cs   |  170 +
 .../src/asn1/LazyASN1InputStream.cs           |   33 +
 bc-sharp-crypto/src/asn1/LazyDERSequence.cs   |   80 +
 bc-sharp-crypto/src/asn1/LazyDERSet.cs        |   80 +
 .../src/asn1/LimitedInputStream.cs            |   35 +
 bc-sharp-crypto/src/asn1/OidTokenizer.cs      |   45 +
 .../src/asn1/anssi/ANSSINamedCurves.cs        |  123 +
 .../src/asn1/anssi/ANSSIObjectIdentifiers.cs  |   13 +
 .../src/asn1/bc/BCObjectIdentifiers.cs        |   39 +
 .../src/asn1/cmp/CAKeyUpdAnnContent.cs        |   62 +
 .../src/asn1/cmp/CertConfirmContent.cs        |   49 +
 bc-sharp-crypto/src/asn1/cmp/CertOrEncCert.cs |   86 +
 .../src/asn1/cmp/CertRepMessage.cs            |   96 +
 bc-sharp-crypto/src/asn1/cmp/CertResponse.cs  |  116 +
 bc-sharp-crypto/src/asn1/cmp/CertStatus.cs    |   85 +
 .../src/asn1/cmp/CertifiedKeyPair.cs          |  115 +
 bc-sharp-crypto/src/asn1/cmp/Challenge.cs     |   80 +
 .../src/asn1/cmp/CmpCertificate.cs            |   81 +
 .../src/asn1/cmp/CmpObjectIdentifiers.cs      |  106 +
 bc-sharp-crypto/src/asn1/cmp/CrlAnnContent.cs |   50 +
 .../src/asn1/cmp/ErrorMsgContent.cs           |   95 +
 bc-sharp-crypto/src/asn1/cmp/GenMsgContent.cs |   54 +
 bc-sharp-crypto/src/asn1/cmp/GenRepContent.cs |   54 +
 .../src/asn1/cmp/InfoTypeAndValue.cs          |  123 +
 .../src/asn1/cmp/KeyRecRepContent.cs          |  117 +
 bc-sharp-crypto/src/asn1/cmp/OobCertHash.cs   |   88 +
 bc-sharp-crypto/src/asn1/cmp/PKIBody.cs       |  187 +
 .../src/asn1/cmp/PKIConfirmContent.cs         |   36 +
 .../src/asn1/cmp/PKIFailureInfo.cs            |   96 +
 bc-sharp-crypto/src/asn1/cmp/PKIFreeText.cs   |   99 +
 bc-sharp-crypto/src/asn1/cmp/PKIHeader.cs     |  238 ++
 .../src/asn1/cmp/PKIHeaderBuilder.cs          |  223 +
 bc-sharp-crypto/src/asn1/cmp/PKIMessage.cs    |  140 +
 bc-sharp-crypto/src/asn1/cmp/PKIMessages.cs   |   54 +
 bc-sharp-crypto/src/asn1/cmp/PKIStatus.cs     |   63 +
 bc-sharp-crypto/src/asn1/cmp/PKIStatusInfo.cs |  166 +
 bc-sharp-crypto/src/asn1/cmp/PbmParameter.cs  |  101 +
 .../src/asn1/cmp/PollRepContent.cs            |   68 +
 .../src/asn1/cmp/PollReqContent.cs            |   61 +
 .../src/asn1/cmp/PopoDecKeyChallContent.cs    |   49 +
 .../src/asn1/cmp/PopoDecKeyRespContent.cs     |   49 +
 bc-sharp-crypto/src/asn1/cmp/ProtectedPart.cs |   60 +
 bc-sharp-crypto/src/asn1/cmp/RevAnnContent.cs |   87 +
 bc-sharp-crypto/src/asn1/cmp/RevDetails.cs    |   75 +
 bc-sharp-crypto/src/asn1/cmp/RevRepContent.cs |  113 +
 .../src/asn1/cmp/RevRepContentBuilder.cs      |   55 +
 bc-sharp-crypto/src/asn1/cmp/RevReqContent.cs |   54 +
 bc-sharp-crypto/src/asn1/cms/Attribute.cs     |   70 +
 .../src/asn1/cms/AttributeTable.cs            |  231 ++
 bc-sharp-crypto/src/asn1/cms/Attributes.cs    |   55 +
 .../src/asn1/cms/AuthEnvelopedData.cs         |  205 +
 .../src/asn1/cms/AuthEnvelopedDataParser.cs   |  145 +
 .../src/asn1/cms/AuthenticatedData.cs         |  271 ++
 .../src/asn1/cms/AuthenticatedDataParser.cs   |  182 +
 bc-sharp-crypto/src/asn1/cms/CMSAttributes.cs |   14 +
 .../src/asn1/cms/CMSObjectIdentifiers.cs      |   28 +
 .../src/asn1/cms/CompressedData.cs            |   96 +
 .../src/asn1/cms/CompressedDataParser.cs      |   47 +
 bc-sharp-crypto/src/asn1/cms/ContentInfo.cs   |   88 +
 .../src/asn1/cms/ContentInfoParser.cs         |   40 +
 .../src/asn1/cms/EncryptedContentInfo.cs      |   94 +
 .../asn1/cms/EncryptedContentInfoParser.cs    |   46 +
 bc-sharp-crypto/src/asn1/cms/EncryptedData.cs |   97 +
 bc-sharp-crypto/src/asn1/cms/EnvelopedData.cs |  176 +
 .../src/asn1/cms/EnvelopedDataParser.cs       |  107 +
 bc-sharp-crypto/src/asn1/cms/Evidence.cs      |   49 +
 .../src/asn1/cms/IssuerAndSerialNumber.cs     |   64 +
 bc-sharp-crypto/src/asn1/cms/KEKIdentifier.cs |  119 +
 .../src/asn1/cms/KEKRecipientInfo.cs          |  106 +
 .../asn1/cms/KeyAgreeRecipientIdentifier.cs   |   94 +
 .../src/asn1/cms/KeyAgreeRecipientInfo.cs     |  141 +
 .../src/asn1/cms/KeyTransRecipientInfo.cs     |   99 +
 bc-sharp-crypto/src/asn1/cms/MetaData.cs      |   94 +
 .../src/asn1/cms/OriginatorIdentifierOrKey.cs |  168 +
 .../src/asn1/cms/OriginatorInfo.cs            |  121 +
 .../src/asn1/cms/OriginatorPublicKey.cs       |   88 +
 .../src/asn1/cms/OtherKeyAttribute.cs         |   70 +
 .../src/asn1/cms/OtherRecipientInfo.cs        |   83 +
 .../src/asn1/cms/OtherRevocationInfoFormat.cs |   77 +
 .../src/asn1/cms/PasswordRecipientInfo.cs     |  133 +
 .../src/asn1/cms/RecipientEncryptedKey.cs     |   90 +
 .../src/asn1/cms/RecipientIdentifier.cs       |   89 +
 bc-sharp-crypto/src/asn1/cms/RecipientInfo.cs |  145 +
 .../src/asn1/cms/RecipientKeyIdentifier.cs    |  137 +
 bc-sharp-crypto/src/asn1/cms/SCVPReqRes.cs    |   77 +
 bc-sharp-crypto/src/asn1/cms/SignedData.cs    |  287 ++
 .../src/asn1/cms/SignedDataParser.cs          |  114 +
 .../src/asn1/cms/SignerIdentifier.cs          |   89 +
 bc-sharp-crypto/src/asn1/cms/SignerInfo.cs    |  185 +
 bc-sharp-crypto/src/asn1/cms/Time.cs          |  115 +
 .../src/asn1/cms/TimeStampAndCRL.cs           |   62 +
 .../src/asn1/cms/TimeStampTokenEvidence.cs    |   65 +
 .../src/asn1/cms/TimeStampedData.cs           |   95 +
 .../src/asn1/cms/TimeStampedDataParser.cs     |   76 +
 .../src/asn1/cms/ecc/MQVuserKeyingMaterial.cs |  105 +
 .../src/asn1/crmf/AttributeTypeAndValue.cs    |   68 +
 bc-sharp-crypto/src/asn1/crmf/CertId.cs       |   59 +
 .../src/asn1/crmf/CertReqMessages.cs          |   54 +
 bc-sharp-crypto/src/asn1/crmf/CertReqMsg.cs   |  112 +
 bc-sharp-crypto/src/asn1/crmf/CertRequest.cs  |   82 +
 bc-sharp-crypto/src/asn1/crmf/CertTemplate.cs |  149 +
 .../src/asn1/crmf/CertTemplateBuilder.cs      |  125 +
 bc-sharp-crypto/src/asn1/crmf/Controls.cs     |   54 +
 .../src/asn1/crmf/CrmfObjectIdentifiers.cs    |   23 +
 bc-sharp-crypto/src/asn1/crmf/EncKeyWithID.cs |  103 +
 bc-sharp-crypto/src/asn1/crmf/EncryptedKey.cs |   78 +
 .../src/asn1/crmf/EncryptedValue.cs           |  154 +
 .../src/asn1/crmf/OptionalValidity.cs         |   71 +
 .../src/asn1/crmf/PKIArchiveOptions.cs        |  107 +
 .../src/asn1/crmf/PKIPublicationInfo.cs       |   66 +
 bc-sharp-crypto/src/asn1/crmf/PKMacValue.cs   |   90 +
 bc-sharp-crypto/src/asn1/crmf/PopoPrivKey.cs  |   84 +
 .../src/asn1/crmf/PopoSigningKey.cs           |  116 +
 .../src/asn1/crmf/PopoSigningKeyInput.cs      |  116 +
 .../src/asn1/crmf/ProofOfPossession.cs        |  100 +
 .../src/asn1/crmf/SinglePubInfo.cs            |   59 +
 .../src/asn1/crmf/SubsequentMessage.cs        |   27 +
 .../cryptopro/CryptoProObjectIdentifiers.cs   |   51 +
 .../asn1/cryptopro/ECGOST3410NamedCurves.cs   |  184 +
 .../cryptopro/ECGOST3410ParamSetParameters.cs |   87 +
 .../src/asn1/cryptopro/GOST28147Parameters.cs |   63 +
 .../asn1/cryptopro/GOST3410NamedParameters.cs |  123 +
 .../cryptopro/GOST3410ParamSetParameters.cs   |   87 +
 .../GOST3410PublicKeyAlgParameters.cs         |   99 +
 .../src/asn1/eac/EACObjectIdentifiers.cs      |   50 +
 .../src/asn1/esf/CertificateValues.cs         |   86 +
 .../src/asn1/esf/CommitmentTypeIdentifier.cs  |   17 +
 .../src/asn1/esf/CommitmentTypeIndication.cs  |   95 +
 .../src/asn1/esf/CommitmentTypeQualifier.cs   |  119 +
 .../src/asn1/esf/CompleteCertificateRefs.cs   |   85 +
 .../src/asn1/esf/CompleteRevocationRefs.cs    |   85 +
 bc-sharp-crypto/src/asn1/esf/CrlIdentifier.cs |  111 +
 bc-sharp-crypto/src/asn1/esf/CrlListID.cs     |   90 +
 bc-sharp-crypto/src/asn1/esf/CrlOcspRef.cs    |  113 +
 .../src/asn1/esf/CrlValidatedID.cs            |   91 +
 bc-sharp-crypto/src/asn1/esf/ESFAttributes.cs |   25 +
 .../src/asn1/esf/OcspIdentifier.cs            |   78 +
 bc-sharp-crypto/src/asn1/esf/OcspListID.cs    |   89 +
 .../src/asn1/esf/OcspResponsesID.cs           |   94 +
 bc-sharp-crypto/src/asn1/esf/OtherCertID.cs   |   94 +
 bc-sharp-crypto/src/asn1/esf/OtherHash.cs     |   88 +
 .../src/asn1/esf/OtherHashAlgAndValue.cs      |   95 +
 bc-sharp-crypto/src/asn1/esf/OtherRevRefs.cs  |   80 +
 bc-sharp-crypto/src/asn1/esf/OtherRevVals.cs  |   80 +
 .../src/asn1/esf/OtherSigningCertificate.cs   |  139 +
 .../src/asn1/esf/RevocationValues.cs          |  165 +
 .../src/asn1/esf/SigPolicyQualifierInfo.cs    |   73 +
 .../src/asn1/esf/SignaturePolicyId.cs         |  146 +
 .../src/asn1/esf/SignaturePolicyIdentifier.cs |   66 +
 .../src/asn1/esf/SignerAttribute.cs           |   97 +
 .../src/asn1/esf/SignerLocation.cs            |  144 +
 bc-sharp-crypto/src/asn1/ess/ContentHints.cs  |   94 +
 .../src/asn1/ess/ContentIdentifier.cs         |   67 +
 bc-sharp-crypto/src/asn1/ess/ESSCertID.cs     |   94 +
 bc-sharp-crypto/src/asn1/ess/ESSCertIDv2.cs   |  146 +
 bc-sharp-crypto/src/asn1/ess/OtherCertID.cs   |  134 +
 .../src/asn1/ess/OtherSigningCertificate.cs   |  110 +
 .../src/asn1/ess/SigningCertificate.cs        |  109 +
 .../src/asn1/ess/SigningCertificateV2.cs      |  113 +
 bc-sharp-crypto/src/asn1/gm/GMNamedCurves.cs  |  157 +
 .../src/asn1/gm/GMObjectIdentifiers.cs        |   85 +
 .../src/asn1/gnu/GNUObjectIdentifiers.cs      |   36 +
 .../src/asn1/iana/IANAObjectIdentifiers.cs    |   18 +
 .../src/asn1/icao/CscaMasterList.cs           |   83 +
 .../src/asn1/icao/DataGroupHash.cs            |   86 +
 .../src/asn1/icao/ICAOObjectIdentifiers.cs    |   34 +
 .../src/asn1/icao/LDSSecurityObject.cs        |  145 +
 .../src/asn1/icao/LDSVersionInfo.cs           |   61 +
 .../asn1/isismtt/ISISMTTObjectIdentifiers.cs  |  177 +
 .../src/asn1/isismtt/ocsp/CertHash.cs         |  122 +
 .../asn1/isismtt/ocsp/RequestedCertificate.cs |  188 +
 .../x509/AdditionalInformationSyntax.cs       |   71 +
 .../src/asn1/isismtt/x509/AdmissionSyntax.cs  |  278 ++
 .../src/asn1/isismtt/x509/Admissions.cs       |  187 +
 .../isismtt/x509/DeclarationOfMajority.cs     |  172 +
 .../src/asn1/isismtt/x509/MonetaryLimit.cs    |  122 +
 .../src/asn1/isismtt/x509/NamingAuthority.cs  |  215 +
 .../asn1/isismtt/x509/ProcurationSyntax.cs    |  233 ++
 .../src/asn1/isismtt/x509/ProfessionInfo.cs   |  387 ++
 .../src/asn1/isismtt/x509/Restriction.cs      |   82 +
 .../src/asn1/kisa/KISAObjectIdentifiers.cs    |    8 +
 .../microsoft/MicrosoftObjectIdentifiers.cs   |   19 +
 .../src/asn1/misc/CAST5CBCParameters.cs       |   74 +
 bc-sharp-crypto/src/asn1/misc/IDEACBCPar.cs   |   68 +
 .../src/asn1/misc/MiscObjectIdentifiers.cs    |   79 +
 .../src/asn1/misc/NetscapeCertType.cs         |   54 +
 .../src/asn1/misc/NetscapeRevocationURL.cs    |   18 +
 .../src/asn1/misc/VerisignCzagExtension.cs    |   18 +
 .../src/asn1/mozilla/PublicKeyAndChallenge.cs |   68 +
 .../src/asn1/nist/NISTNamedCurves.cs          |  102 +
 .../src/asn1/nist/NISTObjectIdentifiers.cs    |   71 +
 .../src/asn1/ntt/NTTObjectIdentifiers.cs      |   14 +
 .../src/asn1/ocsp/BasicOCSPResponse.cs        |  137 +
 bc-sharp-crypto/src/asn1/ocsp/CertID.cs       |   99 +
 bc-sharp-crypto/src/asn1/ocsp/CertStatus.cs   |   96 +
 bc-sharp-crypto/src/asn1/ocsp/CrlID.cs        |   82 +
 .../src/asn1/ocsp/OCSPObjectIdentifiers.cs    |   23 +
 bc-sharp-crypto/src/asn1/ocsp/OCSPRequest.cs  |   89 +
 bc-sharp-crypto/src/asn1/ocsp/OCSPResponse.cs |   90 +
 .../src/asn1/ocsp/OCSPResponseStatus.cs       |   41 +
 bc-sharp-crypto/src/asn1/ocsp/Request.cs      |   91 +
 bc-sharp-crypto/src/asn1/ocsp/ResponderID.cs  |  107 +
 .../src/asn1/ocsp/ResponseBytes.cs            |   82 +
 bc-sharp-crypto/src/asn1/ocsp/ResponseData.cs |  158 +
 bc-sharp-crypto/src/asn1/ocsp/RevokedInfo.cs  |   96 +
 .../src/asn1/ocsp/ServiceLocator.cs           |   95 +
 bc-sharp-crypto/src/asn1/ocsp/Signature.cs    |  115 +
 .../src/asn1/ocsp/SingleResponse.cs           |  137 +
 bc-sharp-crypto/src/asn1/ocsp/TBSRequest.cs   |  151 +
 .../src/asn1/oiw/ElGamalParameter.cs          |   47 +
 .../src/asn1/oiw/OIWObjectIdentifiers.cs      |   29 +
 bc-sharp-crypto/src/asn1/pkcs/Attribute.cs    |   79 +
 .../src/asn1/pkcs/AuthenticatedSafe.cs        |   37 +
 bc-sharp-crypto/src/asn1/pkcs/CertBag.cs      |   46 +
 .../src/asn1/pkcs/CertificationRequest.cs     |   87 +
 .../src/asn1/pkcs/CertificationRequestInfo.cs |  137 +
 bc-sharp-crypto/src/asn1/pkcs/ContentInfo.cs  |   74 +
 bc-sharp-crypto/src/asn1/pkcs/DHParameter.cs  |   72 +
 .../src/asn1/pkcs/EncryptedData.cs            |  105 +
 .../src/asn1/pkcs/EncryptedPrivateKeyInfo.cs  |   79 +
 .../src/asn1/pkcs/EncryptionScheme.cs         |   49 +
 .../src/asn1/pkcs/IssuerAndSerialNumber.cs    |   72 +
 .../src/asn1/pkcs/KeyDerivationFunc.cs        |   21 +
 bc-sharp-crypto/src/asn1/pkcs/MacData.cs      |   96 +
 bc-sharp-crypto/src/asn1/pkcs/PBEParameter.cs |   60 +
 .../src/asn1/pkcs/PBES2Parameters.cs          |   65 +
 bc-sharp-crypto/src/asn1/pkcs/PBKDF2Params.cs |  144 +
 .../src/asn1/pkcs/PKCS12PBEParams.cs          |   63 +
 .../src/asn1/pkcs/PKCSObjectIdentifiers.cs    |  293 ++
 bc-sharp-crypto/src/asn1/pkcs/Pfx.cs          |   65 +
 .../src/asn1/pkcs/PrivateKeyInfo.cs           |  135 +
 .../src/asn1/pkcs/RC2CBCParameter.cs          |   80 +
 .../src/asn1/pkcs/RSAESOAEPparams.cs          |  146 +
 .../src/asn1/pkcs/RSAPrivateKeyStructure.cs   |  146 +
 .../src/asn1/pkcs/RSASSAPSSparams.cs          |  166 +
 bc-sharp-crypto/src/asn1/pkcs/SafeBag.cs      |   70 +
 bc-sharp-crypto/src/asn1/pkcs/SignedData.cs   |  157 +
 bc-sharp-crypto/src/asn1/pkcs/SignerInfo.cs   |  154 +
 .../src/asn1/sec/ECPrivateKeyStructure.cs     |  184 +
 .../src/asn1/sec/SECNamedCurves.cs            | 1184 ++++++
 .../src/asn1/sec/SECObjectIdentifiers.cs      |   52 +
 .../src/asn1/smime/SMIMEAttributes.cs         |   11 +
 .../src/asn1/smime/SMIMECapabilities.cs       |  134 +
 .../asn1/smime/SMIMECapabilitiesAttribute.cs  |   16 +
 .../src/asn1/smime/SMIMECapability.cs         |  101 +
 .../src/asn1/smime/SMIMECapabilityVector.cs   |   37 +
 .../SMIMEEncryptionKeyPreferenceAttribute.cs  |   44 +
 .../asn1/teletrust/TeleTrusTNamedCurves.cs    |  470 +++
 .../teletrust/TeleTrusTObjectIdentifiers.cs   |   45 +
 bc-sharp-crypto/src/asn1/tsp/Accuracy.cs      |  151 +
 .../src/asn1/tsp/MessageImprint.cs            |   75 +
 bc-sharp-crypto/src/asn1/tsp/TSTInfo.cs       |  250 ++
 bc-sharp-crypto/src/asn1/tsp/TimeStampReq.cs  |  165 +
 bc-sharp-crypto/src/asn1/tsp/TimeStampResp.cs |   80 +
 bc-sharp-crypto/src/asn1/util/Asn1Dump.cs     |  381 ++
 bc-sharp-crypto/src/asn1/util/Dump.cs         |   31 +
 bc-sharp-crypto/src/asn1/util/FilterStream.cs |   83 +
 .../src/asn1/x500/DirectoryString.cs          |   77 +
 .../src/asn1/x509/AccessDescription.cs        |   85 +
 .../src/asn1/x509/AlgorithmIdentifier.cs      |   96 +
 .../src/asn1/x509/AttCertIssuer.cs            |   86 +
 .../src/asn1/x509/AttCertValidityPeriod.cs    |   78 +
 bc-sharp-crypto/src/asn1/x509/Attribute.cs    |   82 +
 .../src/asn1/x509/AttributeCertificate.cs     |   86 +
 .../src/asn1/x509/AttributeCertificateInfo.cs |  156 +
 .../src/asn1/x509/AttributeTable.cs           |   73 +
 .../asn1/x509/AuthorityInformationAccess.cs   |   98 +
 .../src/asn1/x509/AuthorityKeyIdentifier.cs   |  211 +
 .../src/asn1/x509/BasicConstraints.cs         |  133 +
 bc-sharp-crypto/src/asn1/x509/CRLDistPoint.cs |   93 +
 bc-sharp-crypto/src/asn1/x509/CRLNumber.cs    |   30 +
 bc-sharp-crypto/src/asn1/x509/CRLReason.cs    |   61 +
 bc-sharp-crypto/src/asn1/x509/CertPolicyId.cs |   20 +
 .../src/asn1/x509/CertificateList.cs          |  113 +
 .../src/asn1/x509/CertificatePair.cs          |  162 +
 .../src/asn1/x509/CertificatePolicies.cs      |   81 +
 bc-sharp-crypto/src/asn1/x509/DSAParameter.cs |   78 +
 bc-sharp-crypto/src/asn1/x509/DigestInfo.cs   |   78 +
 bc-sharp-crypto/src/asn1/x509/DisplayText.cs  |  174 +
 .../src/asn1/x509/DistributionPoint.cs        |  161 +
 .../src/asn1/x509/DistributionPointName.cs    |  130 +
 .../src/asn1/x509/ExtendedKeyUsage.cs         |  132 +
 bc-sharp-crypto/src/asn1/x509/GeneralName.cs  |  419 ++
 bc-sharp-crypto/src/asn1/x509/GeneralNames.cs |   95 +
 .../src/asn1/x509/GeneralSubtree.cs           |  189 +
 bc-sharp-crypto/src/asn1/x509/Holder.cs       |  259 ++
 .../src/asn1/x509/IetfAttrSyntax.cs           |  161 +
 bc-sharp-crypto/src/asn1/x509/IssuerSerial.cs |  100 +
 .../src/asn1/x509/IssuingDistributionPoint.cs |  247 ++
 bc-sharp-crypto/src/asn1/x509/KeyPurposeId.cs |   38 +
 bc-sharp-crypto/src/asn1/x509/KeyUsage.cs     |   78 +
 .../src/asn1/x509/NameConstraints.cs          |  120 +
 .../src/asn1/x509/NoticeReference.cs          |  143 +
 .../src/asn1/x509/ObjectDigestInfo.cs         |  179 +
 .../src/asn1/x509/PolicyInformation.cs        |   80 +
 .../src/asn1/x509/PolicyMappings.cs           |   70 +
 .../src/asn1/x509/PolicyQualifierId.cs        |   28 +
 .../src/asn1/x509/PolicyQualifierInfo.cs      |   95 +
 .../src/asn1/x509/PrivateKeyUsagePeriod.cs    |   84 +
 .../src/asn1/x509/RSAPublicKeyStructure.cs    |   93 +
 bc-sharp-crypto/src/asn1/x509/ReasonFlags.cs  |   45 +
 bc-sharp-crypto/src/asn1/x509/RoleSyntax.cs   |  230 ++
 .../asn1/x509/SubjectDirectoryAttributes.cs   |  142 +
 .../src/asn1/x509/SubjectKeyIdentifier.cs     |  142 +
 .../src/asn1/x509/SubjectPublicKeyInfo.cs     |  102 +
 bc-sharp-crypto/src/asn1/x509/TBSCertList.cs  |  275 ++
 .../src/asn1/x509/TBSCertificateStructure.cs  |  185 +
 bc-sharp-crypto/src/asn1/x509/Target.cs       |  141 +
 .../src/asn1/x509/TargetInformation.cs        |  125 +
 bc-sharp-crypto/src/asn1/x509/Targets.cs      |  123 +
 bc-sharp-crypto/src/asn1/x509/Time.cs         |  122 +
 bc-sharp-crypto/src/asn1/x509/UserNotice.cs   |  130 +
 .../asn1/x509/V1TBSCertificateGenerator.cs    |  108 +
 .../V2AttributeCertificateInfoGenerator.cs    |  137 +
 bc-sharp-crypto/src/asn1/x509/V2Form.cs       |  137 +
 .../src/asn1/x509/V2TBSCertListGenerator.cs   |  201 +
 .../asn1/x509/V3TBSCertificateGenerator.cs    |  168 +
 .../src/asn1/x509/X509Attributes.cs           |    9 +
 .../src/asn1/x509/X509CertificateStructure.cs |  132 +
 .../asn1/x509/X509DefaultEntryConverter.cs    |   63 +
 .../src/asn1/x509/X509Extension.cs            |   79 +
 .../src/asn1/x509/X509Extensions.cs           |  456 +++
 .../src/asn1/x509/X509ExtensionsGenerator.cs  |   81 +
 bc-sharp-crypto/src/asn1/x509/X509Name.cs     | 1077 +++++
 .../src/asn1/x509/X509NameEntryConverter.cs   |   89 +
 .../src/asn1/x509/X509NameTokenizer.cs        |  104 +
 .../src/asn1/x509/X509ObjectIdentifiers.cs    |   59 +
 .../src/asn1/x509/qualified/BiometricData.cs  |  110 +
 .../x509/qualified/ETSIQCObjectIdentifiers.cs |   19 +
 .../x509/qualified/Iso4217CurrencyCode.cs     |   84 +
 .../src/asn1/x509/qualified/MonetaryValue.cs  |   83 +
 .../src/asn1/x509/qualified/QCStatement.cs    |   84 +
 .../qualified/RFC3739QCObjectIdentifiers.cs   |   21 +
 .../x509/qualified/SemanticsInformation.cs    |  124 +
 .../x509/qualified/TypeOfBiometricData.cs     |   91 +
 .../src/asn1/x509/sigi/NameOrPseudonym.cs     |  178 +
 .../src/asn1/x509/sigi/PersonalData.cs        |  211 +
 .../asn1/x509/sigi/SigIObjectIdentifiers.cs   |   49 +
 .../src/asn1/x9/DHDomainParameters.cs         |  118 +
 bc-sharp-crypto/src/asn1/x9/DHPublicKey.cs    |   46 +
 .../src/asn1/x9/DHValidationParms.cs          |   64 +
 .../src/asn1/x9/ECNamedCurveTable.cs          |  162 +
 .../src/asn1/x9/KeySpecificInfo.cs            |   58 +
 bc-sharp-crypto/src/asn1/x9/OtherInfo.cs      |   88 +
 .../src/asn1/x9/X962NamedCurves.cs            |  751 ++++
 bc-sharp-crypto/src/asn1/x9/X962Parameters.cs |   88 +
 bc-sharp-crypto/src/asn1/x9/X9Curve.cs        |  146 +
 bc-sharp-crypto/src/asn1/x9/X9ECParameters.cs |  233 ++
 .../src/asn1/x9/X9ECParametersHolder.cs       |   25 +
 bc-sharp-crypto/src/asn1/x9/X9ECPoint.cs      |   80 +
 bc-sharp-crypto/src/asn1/x9/X9FieldElement.cs |   69 +
 bc-sharp-crypto/src/asn1/x9/X9FieldID.cs      |  132 +
 .../src/asn1/x9/X9IntegerConverter.cs         |   40 +
 .../src/asn1/x9/X9ObjectIdentifiers.cs        |  137 +
 .../src/bcpg/ArmoredInputStream.cs            |  524 +++
 .../src/bcpg/ArmoredOutputStream.cs           |  375 ++
 bc-sharp-crypto/src/bcpg/BcpgInputStream.cs   |  363 ++
 bc-sharp-crypto/src/bcpg/BcpgObject.cs        |   22 +
 bc-sharp-crypto/src/bcpg/BcpgOutputStream.cs  |  404 ++
 .../src/bcpg/CompressedDataPacket.cs          |   24 +
 .../src/bcpg/CompressionAlgorithmTags.cs      |   11 +
 bc-sharp-crypto/src/bcpg/ContainedPacket.cs   |   22 +
 bc-sharp-crypto/src/bcpg/Crc24.cs             |   46 +
 bc-sharp-crypto/src/bcpg/DsaPublicBcpgKey.cs  |   80 +
 bc-sharp-crypto/src/bcpg/DsaSecretBcpgKey.cs  |   61 +
 bc-sharp-crypto/src/bcpg/ECDHPublicBCPGKey.cs |  102 +
 .../src/bcpg/ECDsaPublicBCPGKey.cs            |   34 +
 bc-sharp-crypto/src/bcpg/ECPublicBCPGKey.cs   |   97 +
 bc-sharp-crypto/src/bcpg/ECSecretBCPGKey.cs   |   56 +
 .../src/bcpg/ElGamalPublicBcpgKey.cs          |   71 +
 .../src/bcpg/ElGamalSecretBcpgKey.cs          |   61 +
 .../src/bcpg/ExperimentalPacket.cs            |   38 +
 bc-sharp-crypto/src/bcpg/HashAlgorithmTags.cs |   19 +
 bc-sharp-crypto/src/bcpg/IBcpgKey.cs          |   16 +
 bc-sharp-crypto/src/bcpg/InputStreamPacket.cs |   20 +
 bc-sharp-crypto/src/bcpg/LiteralDataPacket.cs |   57 +
 bc-sharp-crypto/src/bcpg/MPInteger.cs         |   59 +
 bc-sharp-crypto/src/bcpg/MarkerPacket.cs      |   24 +
 .../src/bcpg/ModDetectionCodePacket.cs        |   42 +
 .../src/bcpg/OnePassSignaturePacket.cs        |   93 +
 .../src/bcpg/OutputStreamPacket.cs            |   24 +
 bc-sharp-crypto/src/bcpg/Packet.cs            |    7 +
 bc-sharp-crypto/src/bcpg/PacketTags.cs        |   30 +
 .../src/bcpg/PublicKeyAlgorithmTags.cs        |   32 +
 .../src/bcpg/PublicKeyEncSessionPacket.cs     |  115 +
 bc-sharp-crypto/src/bcpg/PublicKeyPacket.cs   |  121 +
 .../src/bcpg/PublicSubkeyPacket.cs            |   30 +
 bc-sharp-crypto/src/bcpg/RsaPublicBcpgKey.cs  |   66 +
 bc-sharp-crypto/src/bcpg/RsaSecretBcpgKey.cs  |  114 +
 bc-sharp-crypto/src/bcpg/S2k.cs               |  149 +
 bc-sharp-crypto/src/bcpg/SecretKeyPacket.cs   |  170 +
 .../src/bcpg/SecretSubkeyPacket.cs            |   43 +
 bc-sharp-crypto/src/bcpg/SignaturePacket.cs   |  477 +++
 .../src/bcpg/SignatureSubpacket.cs            |   94 +
 .../src/bcpg/SignatureSubpacketTags.cs        |   33 +
 .../src/bcpg/SignatureSubpacketsReader.cs     |  128 +
 .../src/bcpg/SymmetricEncDataPacket.cs        |   15 +
 .../src/bcpg/SymmetricEncIntegrityPacket.cs   |   18 +
 .../src/bcpg/SymmetricKeyAlgorithmTags.cs     |   23 +
 .../src/bcpg/SymmetricKeyEncSessionPacket.cs  |   91 +
 bc-sharp-crypto/src/bcpg/TrustPacket.cs       |   43 +
 .../src/bcpg/UserAttributePacket.cs           |   61 +
 .../src/bcpg/UserAttributeSubpacket.cs        |   90 +
 .../src/bcpg/UserAttributeSubpacketTags.cs    |   10 +
 .../src/bcpg/UserAttributeSubpacketsReader.cs |   65 +
 bc-sharp-crypto/src/bcpg/UserIdPacket.cs      |   37 +
 bc-sharp-crypto/src/bcpg/attr/ImageAttrib.cs  |   72 +
 .../src/bcpg/sig/EmbeddedSignature.cs         |   19 +
 bc-sharp-crypto/src/bcpg/sig/Exportable.cs    |   46 +
 bc-sharp-crypto/src/bcpg/sig/Features.cs      |   75 +
 bc-sharp-crypto/src/bcpg/sig/IssuerKeyId.cs   |   62 +
 .../src/bcpg/sig/KeyExpirationTime.cs         |   55 +
 bc-sharp-crypto/src/bcpg/sig/KeyFlags.cs      |   75 +
 bc-sharp-crypto/src/bcpg/sig/NotationData.cs  |  113 +
 .../src/bcpg/sig/PreferredAlgorithms.cs       |   53 +
 bc-sharp-crypto/src/bcpg/sig/PrimaryUserId.cs |   47 +
 bc-sharp-crypto/src/bcpg/sig/Revocable.cs     |   47 +
 bc-sharp-crypto/src/bcpg/sig/RevocationKey.cs |   63 +
 .../src/bcpg/sig/RevocationKeyTags.cs         |    9 +
 .../src/bcpg/sig/RevocationReason.cs          |   59 +
 .../src/bcpg/sig/RevocationReasonTags.cs      |   14 +
 .../src/bcpg/sig/SignatureCreationTime.cs     |   51 +
 .../src/bcpg/sig/SignatureExpirationTime.cs   |   51 +
 bc-sharp-crypto/src/bcpg/sig/SignerUserId.cs  |   53 +
 .../src/bcpg/sig/TrustSignature.cs            |   44 +
 .../src/cms/BaseDigestCalculator.cs           |   23 +
 .../CMSAttributeTableGenerationException.cs   |   28 +
 .../src/cms/CMSAttributeTableGenerator.cs     |   25 +
 .../src/cms/CMSAuthEnvelopedData.cs           |  112 +
 .../src/cms/CMSAuthEnvelopedGenerator.cs      |   16 +
 .../src/cms/CMSAuthenticatedData.cs           |  137 +
 .../src/cms/CMSAuthenticatedDataGenerator.cs  |  156 +
 .../src/cms/CMSAuthenticatedDataParser.cs     |  214 +
 .../CMSAuthenticatedDataStreamGenerator.cs    |  297 ++
 .../src/cms/CMSAuthenticatedGenerator.cs      |   35 +
 bc-sharp-crypto/src/cms/CMSCompressedData.cs  |  108 +
 .../src/cms/CMSCompressedDataGenerator.cs     |   67 +
 .../src/cms/CMSCompressedDataParser.cs        |   57 +
 .../cms/CMSCompressedDataStreamGenerator.cs   |  158 +
 .../src/cms/CMSContentInfoParser.cs           |   48 +
 bc-sharp-crypto/src/cms/CMSEnvelopedData.cs   |  115 +
 .../src/cms/CMSEnvelopedDataGenerator.cs      |  178 +
 .../src/cms/CMSEnvelopedDataParser.cs         |  161 +
 .../cms/CMSEnvelopedDataStreamGenerator.cs    |  308 ++
 .../src/cms/CMSEnvelopedGenerator.cs          |  331 ++
 bc-sharp-crypto/src/cms/CMSEnvelopedHelper.cs |  311 ++
 bc-sharp-crypto/src/cms/CMSException.cs       |   28 +
 bc-sharp-crypto/src/cms/CMSPBEKey.cs          |  109 +
 bc-sharp-crypto/src/cms/CMSProcessable.cs     |   19 +
 .../src/cms/CMSProcessableByteArray.cs        |   36 +
 bc-sharp-crypto/src/cms/CMSProcessableFile.cs |   52 +
 .../src/cms/CMSProcessableInputStream.cs      |   53 +
 bc-sharp-crypto/src/cms/CMSReadable.cs        |   10 +
 bc-sharp-crypto/src/cms/CMSSecureReadable.cs  |   14 +
 bc-sharp-crypto/src/cms/CMSSignedData.cs      |  425 ++
 .../src/cms/CMSSignedDataGenerator.cs         |  585 +++
 .../src/cms/CMSSignedDataParser.cs            |  450 +++
 .../src/cms/CMSSignedDataStreamGenerator.cs   |  929 +++++
 bc-sharp-crypto/src/cms/CMSSignedGenerator.cs |  267 ++
 bc-sharp-crypto/src/cms/CMSSignedHelper.cs    |  426 ++
 bc-sharp-crypto/src/cms/CMSStreamException.cs |   29 +
 bc-sharp-crypto/src/cms/CMSTypedStream.cs     |   72 +
 bc-sharp-crypto/src/cms/CMSUtils.cs           |  186 +
 .../cms/CounterSignatureDigestCalculator.cs   |   28 +
 ...ultAuthenticatedAttributeTableGenerator.cs |   90 +
 .../DefaultSignedAttributeTableGenerator.cs   |  124 +
 bc-sharp-crypto/src/cms/DigOutputStream.cs    |   28 +
 bc-sharp-crypto/src/cms/IDigestCalculator.cs  |    9 +
 .../src/cms/KEKRecipientInfoGenerator.cs      |  138 +
 .../src/cms/KEKRecipientInformation.cs        |   62 +
 .../src/cms/KeyAgreeRecipientInfoGenerator.cs |  171 +
 .../src/cms/KeyAgreeRecipientInformation.cs   |  226 ++
 .../src/cms/KeyTransRecipientInfoGenerator.cs |   87 +
 .../src/cms/KeyTransRecipientInformation.cs   |  113 +
 bc-sharp-crypto/src/cms/MacOutputStream.cs    |   28 +
 bc-sharp-crypto/src/cms/OriginatorId.cs       |   51 +
 .../src/cms/OriginatorInfoGenerator.cs        |   42 +
 .../src/cms/OriginatorInformation.cs          |   96 +
 bc-sharp-crypto/src/cms/PKCS5Scheme2PBEKey.cs |   64 +
 .../src/cms/PKCS5Scheme2UTF8PBEKey.cs         |   64 +
 .../src/cms/PasswordRecipientInfoGenerator.cs |   70 +
 .../src/cms/PasswordRecipientInformation.cs   |   79 +
 bc-sharp-crypto/src/cms/RecipientId.cs        |   58 +
 .../src/cms/RecipientInfoGenerator.cs         |   26 +
 .../src/cms/RecipientInformation.cs           |  126 +
 .../src/cms/RecipientInformationStore.cs      |   86 +
 bc-sharp-crypto/src/cms/SigOutputStream.cs    |   43 +
 bc-sharp-crypto/src/cms/SignerId.cs           |   51 +
 .../src/cms/SignerInfoGenerator.cs            |  166 +
 bc-sharp-crypto/src/cms/SignerInformation.cs  |  761 ++++
 .../src/cms/SignerInformationStore.cs         |   95 +
 .../src/cms/SimpleAttributeTableGenerator.cs  |   28 +
 .../src/crypto/AsymmetricCipherKeyPair.cs     |   52 +
 .../src/crypto/AsymmetricKeyParameter.cs      |   47 +
 .../src/crypto/BufferedAeadBlockCipher.cs     |  247 ++
 .../crypto/BufferedAsymmetricBlockCipher.cs   |  152 +
 .../src/crypto/BufferedBlockCipher.cs         |  367 ++
 .../src/crypto/BufferedCipherBase.cs          |  113 +
 .../src/crypto/BufferedIesCipher.cs           |  113 +
 .../src/crypto/BufferedStreamCipher.cs        |  131 +
 bc-sharp-crypto/src/crypto/Check.cs           |   25 +
 .../src/crypto/CipherKeyGenerator.cs          |   83 +
 bc-sharp-crypto/src/crypto/CryptoException.cs |   28 +
 .../src/crypto/DataLengthException.cs         |   42 +
 .../src/crypto/IAsymmetricBlockCipher.cs      |   30 +
 .../IAsymmetricCipherKeyPairGenerator.cs      |   24 +
 bc-sharp-crypto/src/crypto/IBasicAgreement.cs |   29 +
 bc-sharp-crypto/src/crypto/IBlockCipher.cs    |   36 +
 bc-sharp-crypto/src/crypto/IBlockResult.cs    |   24 +
 bc-sharp-crypto/src/crypto/IBufferedCipher.cs |   44 +
 .../src/crypto/ICipherParameters.cs           |   11 +
 bc-sharp-crypto/src/crypto/IDSA.cs            |   40 +
 .../src/crypto/IDerivationFunction.cs         |   24 +
 .../src/crypto/IDerivationParameters.cs       |   11 +
 bc-sharp-crypto/src/crypto/IDigest.cs         |   61 +
 bc-sharp-crypto/src/crypto/IEntropySource.cs  |   29 +
 .../src/crypto/IEntropySourceProvider.cs      |   17 +
 bc-sharp-crypto/src/crypto/IMac.cs            |   69 +
 .../src/crypto/ISignatureFactory.cs           |   23 +
 bc-sharp-crypto/src/crypto/ISigner.cs         |   50 +
 .../src/crypto/ISignerWithRecovery.cs         |   37 +
 .../src/crypto/IStreamCalculator.cs           |   23 +
 bc-sharp-crypto/src/crypto/IStreamCipher.cs   |   45 +
 bc-sharp-crypto/src/crypto/IVerifier.cs       |   25 +
 .../src/crypto/IVerifierFactory.cs            |   21 +
 .../src/crypto/IVerifierFactoryProvider.cs    |   18 +
 bc-sharp-crypto/src/crypto/IWrapper.cs        |   18 +
 bc-sharp-crypto/src/crypto/IXof.cs            |   31 +
 .../src/crypto/InvalidCipherTextException.cs  |   40 +
 .../src/crypto/KeyGenerationParameters.cs     |   55 +
 .../src/crypto/MaxBytesExceededException.cs   |   32 +
 .../src/crypto/OutputLengthException.cs       |   28 +
 .../src/crypto/PbeParametersGenerator.cs      |  202 +
 .../src/crypto/StreamBlockCipher.cs           |  109 +
 .../src/crypto/agreement/DHAgreement.cs       |   99 +
 .../src/crypto/agreement/DHBasicAgreement.cs  |   72 +
 .../src/crypto/agreement/DHStandardGroups.cs  |  307 ++
 .../crypto/agreement/ECDHBasicAgreement.cs    |   60 +
 .../crypto/agreement/ECDHCBasicAgreement.cs   |   68 +
 .../agreement/ECDHWithKdfBasicAgreement.cs    |   63 +
 .../crypto/agreement/ECMqvBasicAgreement.cs   |   93 +
 .../agreement/ECMqvWithKdfBasicAgreement.cs   |   63 +
 .../agreement/jpake/JPakeParticipant.cs       |  456 +++
 .../agreement/jpake/JPakePrimeOrderGroup.cs   |  103 +
 .../agreement/jpake/JPakePrimeOrderGroups.cs  |  108 +
 .../agreement/jpake/JPakeRound1Payload.cs     |  101 +
 .../agreement/jpake/JPakeRound2Payload.cs     |   72 +
 .../agreement/jpake/JPakeRound3Payload.cs     |   51 +
 .../crypto/agreement/jpake/JPakeUtilities.cs  |  390 ++
 .../crypto/agreement/kdf/DHKdfParameters.cs   |   57 +
 .../crypto/agreement/kdf/DHKekGenerator.cs    |  112 +
 .../crypto/agreement/kdf/ECDHKekGenerator.cs  |   55 +
 .../src/crypto/agreement/srp/SRP6Client.cs    |  164 +
 .../src/crypto/agreement/srp/SRP6Server.cs    |  163 +
 .../agreement/srp/SRP6StandardGroups.cs       |  159 +
 .../src/crypto/agreement/srp/SRP6Utilities.cs |  153 +
 .../agreement/srp/SRP6VerifierGenerator.cs    |   55 +
 .../src/crypto/digests/DSTU7564Digest.cs      |  562 +++
 .../src/crypto/digests/GOST3411Digest.cs      |  356 ++
 .../src/crypto/digests/GOST3411_2012Digest.cs | 1036 +++++
 .../crypto/digests/GOST3411_2012_256Digest.cs |   54 +
 .../crypto/digests/GOST3411_2012_512Digest.cs |   43 +
 .../src/crypto/digests/GeneralDigest.cs       |  133 +
 .../src/crypto/digests/KeccakDigest.cs        |  479 +++
 .../src/crypto/digests/LongDigest.cs          |  355 ++
 .../src/crypto/digests/MD2Digest.cs           |  269 ++
 .../src/crypto/digests/MD4Digest.cs           |  292 ++
 .../src/crypto/digests/MD5Digest.cs           |  313 ++
 .../src/crypto/digests/NonMemoableDigest.cs   |   62 +
 .../src/crypto/digests/NullDigest.cs          |   49 +
 .../src/crypto/digests/RipeMD128Digest.cs     |  484 +++
 .../src/crypto/digests/RipeMD160Digest.cs     |  445 ++
 .../src/crypto/digests/RipeMD256Digest.cs     |  430 ++
 .../src/crypto/digests/RipeMD320Digest.cs     |  459 +++
 .../src/crypto/digests/SHA3Digest.cs          |   85 +
 .../src/crypto/digests/SM3Digest.cs           |  328 ++
 .../src/crypto/digests/Sha1Digest.cs          |  284 ++
 .../src/crypto/digests/Sha224Digest.cs        |  289 ++
 .../src/crypto/digests/Sha256Digest.cs        |  330 ++
 .../src/crypto/digests/Sha384Digest.cs        |  101 +
 .../src/crypto/digests/Sha512Digest.cs        |  104 +
 .../src/crypto/digests/Sha512tDigest.cs       |  200 +
 .../src/crypto/digests/ShakeDigest.cs         |  119 +
 .../src/crypto/digests/ShortenedDigest.cs     |   82 +
 .../src/crypto/digests/SkeinDigest.cs         |  117 +
 .../src/crypto/digests/SkeinEngine.cs         |  804 ++++
 .../src/crypto/digests/TigerDigest.cs         |  883 ++++
 .../src/crypto/digests/WhirlpoolDigest.cs     |  413 ++
 .../src/crypto/ec/CustomNamedCurves.cs        |  913 +++++
 .../src/crypto/encodings/ISO9796d1Encoding.cs |  273 ++
 .../src/crypto/encodings/OaepEncoding.cs      |  345 ++
 .../src/crypto/encodings/Pkcs1Encoding.cs     |  384 ++
 .../src/crypto/engines/AesEngine.cs           |  610 +++
 .../src/crypto/engines/AesFastEngine.cs       |  948 +++++
 .../src/crypto/engines/AesLightEngine.cs      |  504 +++
 .../src/crypto/engines/AesWrapEngine.cs       |   16 +
 .../src/crypto/engines/BlowfishEngine.cs      |  553 +++
 .../src/crypto/engines/CamelliaEngine.cs      |  668 +++
 .../src/crypto/engines/CamelliaLightEngine.cs |  580 +++
 .../src/crypto/engines/CamelliaWrapEngine.cs  |   16 +
 .../src/crypto/engines/Cast5Engine.cs         |  802 ++++
 .../src/crypto/engines/Cast6Engine.cs         |  279 ++
 .../src/crypto/engines/ChaCha7539Engine.cs    |   65 +
 .../src/crypto/engines/ChaChaEngine.cs        |  157 +
 .../src/crypto/engines/DesEdeEngine.cs        |  100 +
 .../src/crypto/engines/DesEdeWrapEngine.cs    |  322 ++
 .../src/crypto/engines/DesEngine.cs           |  475 +++
 .../src/crypto/engines/Dstu7624Engine.cs      |  766 ++++
 .../src/crypto/engines/Dstu7624WrapEngine.cs  |  216 +
 .../src/crypto/engines/ElGamalEngine.cs       |  178 +
 .../src/crypto/engines/GOST28147Engine.cs     |  368 ++
 .../src/crypto/engines/HC128Engine.cs         |  235 ++
 .../src/crypto/engines/HC256Engine.cs         |  224 +
 .../src/crypto/engines/ISAACEngine.cs         |  212 +
 .../src/crypto/engines/IdeaEngine.cs          |  332 ++
 .../src/crypto/engines/IesEngine.cs           |  243 ++
 .../src/crypto/engines/NaccacheSternEngine.cs |  358 ++
 .../src/crypto/engines/NoekeonEngine.cs       |  241 ++
 .../src/crypto/engines/NullEngine.cs          |   69 +
 .../src/crypto/engines/RC2Engine.cs           |  311 ++
 .../src/crypto/engines/RC2WrapEngine.cs       |  370 ++
 .../src/crypto/engines/RC4Engine.cs           |  139 +
 .../src/crypto/engines/RC532Engine.cs         |  294 ++
 .../src/crypto/engines/RC564Engine.cs         |  295 ++
 .../src/crypto/engines/RC6Engine.cs           |  361 ++
 .../src/crypto/engines/RFC3211WrapEngine.cs   |  168 +
 .../src/crypto/engines/RFC3394WrapEngine.cs   |  178 +
 .../src/crypto/engines/RSABlindedEngine.cs    |  128 +
 .../src/crypto/engines/RSABlindingEngine.cs   |  139 +
 .../src/crypto/engines/RSACoreEngine.cs       |  156 +
 .../src/crypto/engines/RijndaelEngine.cs      |  738 ++++
 .../src/crypto/engines/RsaEngine.cs           |   78 +
 .../src/crypto/engines/SEEDEngine.cs          |  360 ++
 .../src/crypto/engines/SEEDWrapEngine.cs      |   16 +
 .../src/crypto/engines/Salsa20Engine.cs       |  362 ++
 .../src/crypto/engines/SerpentEngine.cs       |  292 ++
 .../src/crypto/engines/SerpentEngineBase.cs   |  469 +++
 .../src/crypto/engines/SkipjackEngine.cs      |  254 ++
 .../src/crypto/engines/TEAEngine.cs           |  166 +
 .../src/crypto/engines/ThreefishEngine.cs     | 1491 +++++++
 .../src/crypto/engines/TnepresEngine.cs       |  299 ++
 .../src/crypto/engines/TwofishEngine.cs       |  675 ++++
 .../src/crypto/engines/VMPCEngine.cs          |  133 +
 .../src/crypto/engines/VMPCKSA3Engine.cs      |   51 +
 .../src/crypto/engines/XSalsa20Engine.cs      |   64 +
 .../src/crypto/engines/XTEAEngine.cs          |  166 +
 .../src/crypto/generators/BCrypt.cs           |  617 +++
 .../generators/BaseKdfBytesGenerator.cs       |  132 +
 .../generators/DHBasicKeyPairGenerator.cs     |   38 +
 .../crypto/generators/DHKeyGeneratorHelper.cs |   72 +
 .../crypto/generators/DHKeyPairGenerator.cs   |   38 +
 .../generators/DHParametersGenerator.cs       |   45 +
 .../crypto/generators/DHParametersHelper.cs   |  156 +
 .../crypto/generators/DesEdeKeyGenerator.cs   |   67 +
 .../src/crypto/generators/DesKeyGenerator.cs  |   57 +
 .../crypto/generators/DsaKeyPairGenerator.cs  |   72 +
 .../generators/DsaParametersGenerator.cs      |  355 ++
 .../crypto/generators/ECKeyPairGenerator.cs   |  162 +
 .../generators/ElGamalKeyPairGenerator.cs     |   40 +
 .../generators/ElGamalParametersGenerator.cs  |   46 +
 .../generators/GOST3410KeyPairGenerator.cs    |   82 +
 .../generators/GOST3410ParametersGenerator.cs |  530 +++
 .../crypto/generators/HKDFBytesGenerator.cs   |  153 +
 .../crypto/generators/Kdf1BytesGenerator.cs   |   26 +
 .../crypto/generators/Kdf2BytesGenerator.cs   |   27 +
 .../crypto/generators/Mgf1BytesGenerator.cs   |  117 +
 .../NaccacheSternKeyPairGenerator.cs          |  268 ++
 .../src/crypto/generators/OpenBsdBCrypt.cs    |  270 ++
 .../OpenSSLPBEParametersGenerator.cs          |  167 +
 .../generators/Pkcs12ParametersGenerator.cs   |  243 ++
 .../generators/Pkcs5S1ParametersGenerator.cs  |  160 +
 .../generators/Pkcs5S2ParametersGenerator.cs  |  178 +
 .../crypto/generators/Poly1305KeyGenerator.cs |  116 +
 .../generators/RSABlindingFactorGenerator.cs  |   69 +
 .../crypto/generators/RsaKeyPairGenerator.cs  |  163 +
 .../src/crypto/generators/SCrypt.cs           |  140 +
 bc-sharp-crypto/src/crypto/io/CipherStream.cs |  252 ++
 bc-sharp-crypto/src/crypto/io/DigestStream.cs |  151 +
 bc-sharp-crypto/src/crypto/io/MacStream.cs    |  150 +
 bc-sharp-crypto/src/crypto/io/SignerStream.cs |  151 +
 bc-sharp-crypto/src/crypto/macs/CMac.cs       |  257 ++
 .../src/crypto/macs/CbcBlockCipherMac.cs      |  209 +
 .../src/crypto/macs/CfbBlockCipherMac.cs      |  368 ++
 .../src/crypto/macs/DSTU7564Mac.cs            |  143 +
 .../src/crypto/macs/DSTU7624Mac.cs            |  160 +
 bc-sharp-crypto/src/crypto/macs/GMac.cs       |  112 +
 .../src/crypto/macs/GOST28147Mac.cs           |  297 ++
 bc-sharp-crypto/src/crypto/macs/HMac.cs       |  154 +
 .../src/crypto/macs/ISO9797Alg3Mac.cs         |  275 ++
 bc-sharp-crypto/src/crypto/macs/Poly1305.cs   |  293 ++
 bc-sharp-crypto/src/crypto/macs/SipHash.cs    |  199 +
 bc-sharp-crypto/src/crypto/macs/SkeinMac.cs   |  118 +
 bc-sharp-crypto/src/crypto/macs/VMPCMac.cs    |  173 +
 .../src/crypto/modes/CbcBlockCipher.cs        |  241 ++
 .../src/crypto/modes/CcmBlockCipher.cs        |  449 +++
 .../src/crypto/modes/CfbBlockCipher.cs        |  224 +
 .../src/crypto/modes/CtsBlockCipher.cs        |  253 ++
 .../src/crypto/modes/EAXBlockCipher.cs        |  379 ++
 .../src/crypto/modes/GCMBlockCipher.cs        |  594 +++
 .../src/crypto/modes/GOFBBlockCipher.cs       |  234 ++
 .../src/crypto/modes/IAeadBlockCipher.cs      |  105 +
 .../src/crypto/modes/KCcmBlockCipher.cs       |  490 +++
 .../src/crypto/modes/KCtrBlockCipher.cs       |  235 ++
 .../src/crypto/modes/OCBBlockCipher.cs        |  565 +++
 .../src/crypto/modes/OfbBlockCipher.cs        |  182 +
 .../src/crypto/modes/OpenPgpCfbBlockCipher.cs |  337 ++
 .../src/crypto/modes/SicBlockCipher.cs        |  120 +
 .../crypto/modes/gcm/BasicGcmExponentiator.cs |   40 +
 .../crypto/modes/gcm/BasicGcmMultiplier.cs    |   22 +
 .../src/crypto/modes/gcm/GcmUtilities.cs      |  319 ++
 .../src/crypto/modes/gcm/IGcmExponentiator.cs |   10 +
 .../src/crypto/modes/gcm/IGcmMultiplier.cs    |   10 +
 .../modes/gcm/Tables1kGcmExponentiator.cs     |   59 +
 .../modes/gcm/Tables64kGcmMultiplier.cs       |   77 +
 .../crypto/modes/gcm/Tables8kGcmMultiplier.cs |  103 +
 .../src/crypto/operators/Asn1Signature.cs     |  555 +++
 .../src/crypto/paddings/BlockCipherPadding.cs |   43 +
 .../src/crypto/paddings/ISO10126d2Padding.cs  |   76 +
 .../src/crypto/paddings/ISO7816d4Padding.cs   |   79 +
 .../paddings/PaddedBufferedBlockCipher.cs     |  285 ++
 .../src/crypto/paddings/Pkcs7Padding.cs       |   76 +
 .../src/crypto/paddings/TbcPadding.cs         |   79 +
 .../src/crypto/paddings/X923Padding.cs        |   82 +
 .../src/crypto/paddings/ZeroBytePadding.cs    |   68 +
 .../src/crypto/parameters/AEADParameters.cs   |   65 +
 .../src/crypto/parameters/CcmParameters.cs    |   26 +
 .../parameters/DHKeyGenerationParameters.cs   |   31 +
 .../src/crypto/parameters/DHKeyParameters.cs  |   76 +
 .../src/crypto/parameters/DHParameters.cs     |  185 +
 .../parameters/DHPrivateKeyParameters.cs      |   60 +
 .../parameters/DHPublicKeyParameters.cs       |   79 +
 .../parameters/DHValidationParameters.cs      |   59 +
 .../DSAParameterGenerationParameters.cs       |   74 +
 .../src/crypto/parameters/DesEdeParameters.cs |  140 +
 .../src/crypto/parameters/DesParameters.cs    |  139 +
 .../parameters/DsaKeyGenerationParameters.cs  |   26 +
 .../src/crypto/parameters/DsaKeyParameters.cs |   59 +
 .../src/crypto/parameters/DsaParameters.cs    |   85 +
 .../parameters/DsaPrivateKeyParameters.cs     |   53 +
 .../parameters/DsaPublicKeyParameters.cs      |   68 +
 .../parameters/DsaValidationParameters.cs     |   72 +
 .../crypto/parameters/ECDomainParameters.cs   |  117 +
 .../parameters/ECKeyGenerationParameters.cs   |   41 +
 .../src/crypto/parameters/ECKeyParameters.cs  |  136 +
 .../parameters/ECPrivateKeyParameters.cs      |   87 +
 .../parameters/ECPublicKeyParameters.cs       |  101 +
 .../ElGamalKeyGenerationParameters.cs         |   31 +
 .../crypto/parameters/ElGamalKeyParameters.cs |   59 +
 .../crypto/parameters/ElGamalParameters.cs    |   81 +
 .../parameters/ElGamalPrivateKeyParameters.cs |   53 +
 .../parameters/ElGamalPublicKeyParameters.cs  |   53 +
 .../GOST3410KeyGenerationParameters.cs        |   55 +
 .../parameters/GOST3410KeyParameters.cs       |   58 +
 .../crypto/parameters/GOST3410Parameters.cs   |   86 +
 .../GOST3410PrivateKeyParameters.cs           |   41 +
 .../parameters/GOST3410PublicKeyParameters.cs |   40 +
 .../GOST3410ValidationParameters.cs           |   51 +
 .../src/crypto/parameters/HKDFParameters.cs   |  119 +
 .../parameters/ISO18033KDFParameters.cs       |   25 +
 .../src/crypto/parameters/IesParameters.cs    |   49 +
 .../parameters/IesWithCipherParameters.cs     |   33 +
 .../src/crypto/parameters/KdfParameters.cs    |   33 +
 .../src/crypto/parameters/KeyParameter.cs     |   43 +
 .../src/crypto/parameters/MgfParameters.cs    |   31 +
 .../crypto/parameters/MqvPrivateParameters.cs |   64 +
 .../crypto/parameters/MqvPublicParameters.cs  |   36 +
 .../NaccacheSternKeyGenerationParameters.cs   |   98 +
 .../parameters/NaccacheSternKeyParameters.cs  |   44 +
 .../NaccacheSternPrivateKeyParameters.cs      |   79 +
 .../src/crypto/parameters/ParametersWithIV.cs |   43 +
 .../crypto/parameters/ParametersWithRandom.cs |   48 +
 .../crypto/parameters/ParametersWithSBox.cs   |   24 +
 .../crypto/parameters/ParametersWithSalt.cs   |   39 +
 .../src/crypto/parameters/RC2Parameters.cs    |   47 +
 .../src/crypto/parameters/RC5Parameters.cs    |   27 +
 .../parameters/RSABlindingParameters.cs       |   34 +
 .../parameters/RsaKeyGenerationParameters.cs  |   55 +
 .../src/crypto/parameters/RsaKeyParameters.cs |   85 +
 .../parameters/RsaPrivateCrtKeyParameters.cs  |  104 +
 .../src/crypto/parameters/SkeinParameters.cs  |  286 ++
 .../crypto/parameters/Srp6GroupParameters.cs  |   27 +
 .../TweakableBlockCipherParameters.cs         |   40 +
 .../crypto/prng/BasicEntropySourceProvider.cs |   71 +
 .../prng/CryptoApiEntropySourceProvider.cs    |   70 +
 .../crypto/prng/CryptoApiRandomGenerator.cs   |   66 +
 .../src/crypto/prng/DigestRandomGenerator.cs  |  127 +
 .../src/crypto/prng/EntropyUtilities.cs       |   30 +
 .../src/crypto/prng/IDrbgProvider.cs          |   11 +
 .../src/crypto/prng/IRandomGenerator.cs       |   26 +
 .../crypto/prng/ReversedWindowGenerator.cs    |   98 +
 .../src/crypto/prng/SP800SecureRandom.cs      |   95 +
 .../crypto/prng/SP800SecureRandomBuilder.cs   |  208 +
 .../src/crypto/prng/ThreadedSeedGenerator.cs  |  129 +
 .../src/crypto/prng/VMPCRandomGenerator.cs    |  114 +
 bc-sharp-crypto/src/crypto/prng/X931Rng.cs    |  146 +
 .../src/crypto/prng/X931SecureRandom.cs       |   70 +
 .../crypto/prng/X931SecureRandomBuilder.cs    |   87 +
 .../src/crypto/prng/drbg/CtrSP800Drbg.cs      |  466 +++
 .../src/crypto/prng/drbg/DrbgUtilities.cs     |  103 +
 .../src/crypto/prng/drbg/HMacSP800Drbg.cs     |  186 +
 .../src/crypto/prng/drbg/HashSP800Drbg.cs     |  287 ++
 .../src/crypto/prng/drbg/ISP80090Drbg.cs      |   35 +
 .../src/crypto/signers/DsaDigestSigner.cs     |  145 +
 .../src/crypto/signers/DsaSigner.cs           |  156 +
 .../src/crypto/signers/ECDsaSigner.cs         |  240 ++
 .../src/crypto/signers/ECGOST3410Signer.cs    |  162 +
 .../src/crypto/signers/ECNRSigner.cs          |  188 +
 .../crypto/signers/GOST3410DigestSigner.cs    |  145 +
 .../src/crypto/signers/GOST3410Signer.cs      |  132 +
 .../src/crypto/signers/GenericSigner.cs       |  130 +
 .../src/crypto/signers/HMacDsaKCalculator.cs  |  150 +
 .../src/crypto/signers/IDsaKCalculator.cs     |   44 +
 .../src/crypto/signers/Iso9796d2PssSigner.cs  |  619 +++
 .../src/crypto/signers/Iso9796d2Signer.cs     |  556 +++
 .../src/crypto/signers/IsoTrailers.cs         |   57 +
 .../src/crypto/signers/PssSigner.cs           |  386 ++
 .../crypto/signers/RandomDsaKCalculator.cs    |   44 +
 .../src/crypto/signers/RsaDigestSigner.cs     |  217 +
 .../src/crypto/signers/X931Signer.cs          |  225 ++
 .../tls/AbstractTlsAgreementCredentials.cs    |   12 +
 .../crypto/tls/AbstractTlsCipherFactory.cs    |   15 +
 .../src/crypto/tls/AbstractTlsClient.cs       |  256 ++
 .../src/crypto/tls/AbstractTlsContext.cs      |  152 +
 .../src/crypto/tls/AbstractTlsCredentials.cs  |   10 +
 .../tls/AbstractTlsEncryptionCredentials.cs   |   12 +
 .../src/crypto/tls/AbstractTlsKeyExchange.cs  |  177 +
 .../src/crypto/tls/AbstractTlsPeer.cs         |   48 +
 .../src/crypto/tls/AbstractTlsServer.cs       |  351 ++
 .../src/crypto/tls/AbstractTlsSigner.cs       |   50 +
 .../tls/AbstractTlsSignerCredentials.cs       |   20 +
 .../src/crypto/tls/AlertDescription.cs        |  304 ++
 bc-sharp-crypto/src/crypto/tls/AlertLevel.cs  |   29 +
 .../src/crypto/tls/BasicTlsPskIdentity.cs     |   43 +
 .../src/crypto/tls/BulkCipherAlgorithm.cs     |   25 +
 bc-sharp-crypto/src/crypto/tls/ByteQueue.cs   |  211 +
 .../src/crypto/tls/ByteQueueStream.cs         |  110 +
 .../src/crypto/tls/CertChainType.cs           |   18 +
 bc-sharp-crypto/src/crypto/tls/Certificate.cs |  136 +
 .../src/crypto/tls/CertificateRequest.cs      |  156 +
 .../src/crypto/tls/CertificateStatus.cs       |  102 +
 .../crypto/tls/CertificateStatusRequest.cs    |   95 +
 .../src/crypto/tls/CertificateStatusType.cs   |   12 +
 .../src/crypto/tls/CertificateType.cs         |   18 +
 .../src/crypto/tls/CertificateUrl.cs          |  125 +
 .../src/crypto/tls/Chacha20Poly1305.cs        |  199 +
 .../src/crypto/tls/ChangeCipherSpec.cs        |    9 +
 bc-sharp-crypto/src/crypto/tls/CipherSuite.cs |  377 ++
 bc-sharp-crypto/src/crypto/tls/CipherType.cs  |   20 +
 .../crypto/tls/ClientAuthenticationType.cs    |   14 +
 .../src/crypto/tls/ClientCertificateType.cs   |   23 +
 .../src/crypto/tls/CombinedHash.cs            |  133 +
 .../src/crypto/tls/CompressionMethod.cs       |   22 +
 .../src/crypto/tls/ConnectionEnd.cs           |   15 +
 bc-sharp-crypto/src/crypto/tls/ContentType.cs |   14 +
 .../src/crypto/tls/DatagramTransport.cs       |   23 +
 .../tls/DefaultTlsAgreementCredentials.cs     |   69 +
 .../src/crypto/tls/DefaultTlsCipherFactory.cs |  227 ++
 .../src/crypto/tls/DefaultTlsClient.cs        |  113 +
 .../tls/DefaultTlsEncryptionCredentials.cs    |   52 +
 .../src/crypto/tls/DefaultTlsServer.cs        |  166 +
 .../crypto/tls/DefaultTlsSignerCredentials.cs |   93 +
 .../crypto/tls/DefaultTlsSrpGroupVerifier.cs  |   70 +
 .../src/crypto/tls/DeferredHash.cs            |  201 +
 .../src/crypto/tls/DigestInputBuffer.cs       |   37 +
 .../src/crypto/tls/DigitallySigned.cs         |   70 +
 .../src/crypto/tls/DtlsClientProtocol.cs      |  857 ++++
 bc-sharp-crypto/src/crypto/tls/DtlsEpoch.cs   |   51 +
 .../src/crypto/tls/DtlsHandshakeRetransmit.cs |   11 +
 .../src/crypto/tls/DtlsProtocol.cs            |   92 +
 .../src/crypto/tls/DtlsReassembler.cs         |  125 +
 .../src/crypto/tls/DtlsRecordLayer.cs         |  530 +++
 .../src/crypto/tls/DtlsReliableHandshake.cs   |  434 ++
 .../src/crypto/tls/DtlsReplayWindow.cs        |   85 +
 .../src/crypto/tls/DtlsServerProtocol.cs      |  696 ++++
 .../src/crypto/tls/DtlsTransport.cs           |   77 +
 bc-sharp-crypto/src/crypto/tls/ECBasisType.cs |   16 +
 bc-sharp-crypto/src/crypto/tls/ECCurveType.cs |   29 +
 .../src/crypto/tls/ECPointFormat.cs           |   16 +
 .../src/crypto/tls/EncryptionAlgorithm.cs     |   69 +
 .../src/crypto/tls/ExporterLabel.cs           |   37 +
 .../src/crypto/tls/ExtensionType.cs           |  128 +
 .../src/crypto/tls/FiniteFieldDheGroup.cs     |   21 +
 .../src/crypto/tls/HandshakeType.cs           |   40 +
 .../src/crypto/tls/HashAlgorithm.cs           |   49 +
 .../src/crypto/tls/HeartbeatExtension.cs      |   52 +
 .../src/crypto/tls/HeartbeatMessage.cs        |  109 +
 .../src/crypto/tls/HeartbeatMessageType.cs    |   18 +
 .../src/crypto/tls/HeartbeatMode.cs           |   18 +
 .../src/crypto/tls/KeyExchangeAlgorithm.cs    |   54 +
 .../src/crypto/tls/MacAlgorithm.cs            |   25 +
 .../src/crypto/tls/MaxFragmentLength.cs       |   20 +
 bc-sharp-crypto/src/crypto/tls/NameType.cs    |   17 +
 bc-sharp-crypto/src/crypto/tls/NamedCurve.cs  |   77 +
 .../src/crypto/tls/NewSessionTicket.cs        |   53 +
 .../src/crypto/tls/OcspStatusRequest.cs       |  131 +
 .../src/crypto/tls/PrfAlgorithm.cs            |   24 +
 .../src/crypto/tls/ProtocolVersion.cs         |  159 +
 .../src/crypto/tls/PskTlsClient.cs            |   70 +
 .../src/crypto/tls/PskTlsServer.cs            |   93 +
 .../src/crypto/tls/RecordStream.cs            |  412 ++
 .../src/crypto/tls/SecurityParameters.cs      |  103 +
 .../src/crypto/tls/ServerDHParams.cs          |   61 +
 bc-sharp-crypto/src/crypto/tls/ServerName.cs  |  105 +
 .../src/crypto/tls/ServerNameList.cs          |  105 +
 .../crypto/tls/ServerOnlyTlsAuthentication.cs |   15 +
 .../src/crypto/tls/ServerSrpParams.cs         |   75 +
 .../src/crypto/tls/SessionParameters.cs       |  165 +
 .../src/crypto/tls/SignatureAlgorithm.cs      |   15 +
 .../crypto/tls/SignatureAndHashAlgorithm.cs   |   94 +
 .../src/crypto/tls/SignerInputBuffer.cs       |   37 +
 .../tls/SimulatedTlsSrpIdentityManager.cs     |   69 +
 .../src/crypto/tls/SrpTlsClient.cs            |  104 +
 .../src/crypto/tls/SrpTlsServer.cs            |  121 +
 .../src/crypto/tls/SrtpProtectionProfile.cs   |   21 +
 bc-sharp-crypto/src/crypto/tls/Ssl3Mac.cs     |  110 +
 .../src/crypto/tls/SupplementalDataEntry.cs   |   26 +
 .../src/crypto/tls/SupplementalDataType.cs    |   13 +
 .../src/crypto/tls/TlsAeadCipher.cs           |  249 ++
 .../src/crypto/tls/TlsAgreementCredentials.cs |   12 +
 .../src/crypto/tls/TlsAuthentication.cs       |   31 +
 .../src/crypto/tls/TlsBlockCipher.cs          |  395 ++
 bc-sharp-crypto/src/crypto/tls/TlsCipher.cs   |   16 +
 .../src/crypto/tls/TlsCipherFactory.cs        |   11 +
 bc-sharp-crypto/src/crypto/tls/TlsClient.cs   |  148 +
 .../src/crypto/tls/TlsClientContext.cs        |   11 +
 .../src/crypto/tls/TlsClientContextImpl.cs    |   20 +
 .../src/crypto/tls/TlsClientProtocol.cs       |  912 +++++
 .../src/crypto/tls/TlsCompression.cs          |   12 +
 bc-sharp-crypto/src/crypto/tls/TlsContext.cs  |   45 +
 .../src/crypto/tls/TlsCredentials.cs          |    9 +
 .../src/crypto/tls/TlsDHKeyExchange.cs        |  259 ++
 .../src/crypto/tls/TlsDHUtilities.cs          |  462 +++
 .../src/crypto/tls/TlsDeflateCompression.cs   |   68 +
 .../src/crypto/tls/TlsDheKeyExchange.cs       |   94 +
 .../src/crypto/tls/TlsDsaSigner.cs            |   82 +
 .../src/crypto/tls/TlsDssSigner.cs            |   26 +
 .../src/crypto/tls/TlsECDHKeyExchange.cs      |  252 ++
 .../src/crypto/tls/TlsECDheKeyExchange.cs     |  131 +
 .../src/crypto/tls/TlsECDsaSigner.cs          |   26 +
 .../src/crypto/tls/TlsEccUtilities.cs         |  705 ++++
 .../crypto/tls/TlsEncryptionCredentials.cs    |   12 +
 .../src/crypto/tls/TlsException.cs            |   14 +
 .../src/crypto/tls/TlsExtensionsUtilities.cs  |  368 ++
 .../src/crypto/tls/TlsFatalAlert.cs           |   26 +
 .../src/crypto/tls/TlsFatalAlertReceived.cs   |   21 +
 .../src/crypto/tls/TlsHandshakeHash.cs        |   22 +
 .../src/crypto/tls/TlsKeyExchange.cs          |   54 +
 bc-sharp-crypto/src/crypto/tls/TlsMac.cs      |  173 +
 .../crypto/tls/TlsNoCloseNotifyException.cs   |   23 +
 .../src/crypto/tls/TlsNullCipher.cs           |  118 +
 .../src/crypto/tls/TlsNullCompression.cs      |   19 +
 bc-sharp-crypto/src/crypto/tls/TlsPeer.cs     |   62 +
 bc-sharp-crypto/src/crypto/tls/TlsProtocol.cs | 1450 +++++++
 .../src/crypto/tls/TlsProtocolHandler.cs      |   39 +
 .../src/crypto/tls/TlsPskIdentity.cs          |   15 +
 .../src/crypto/tls/TlsPskIdentityManager.cs   |   11 +
 .../src/crypto/tls/TlsPskKeyExchange.cs       |  328 ++
 .../src/crypto/tls/TlsRsaKeyExchange.cs       |  140 +
 .../src/crypto/tls/TlsRsaSigner.cs            |  102 +
 .../src/crypto/tls/TlsRsaUtilities.cs         |  132 +
 bc-sharp-crypto/src/crypto/tls/TlsServer.cs   |   93 +
 .../src/crypto/tls/TlsServerContext.cs        |   11 +
 .../src/crypto/tls/TlsServerContextImpl.cs    |   20 +
 .../src/crypto/tls/TlsServerProtocol.cs       |  833 ++++
 bc-sharp-crypto/src/crypto/tls/TlsSession.cs  |   15 +
 .../src/crypto/tls/TlsSessionImpl.cs          |   54 +
 bc-sharp-crypto/src/crypto/tls/TlsSigner.cs   |   29 +
 .../src/crypto/tls/TlsSignerCredentials.cs    |   14 +
 .../src/crypto/tls/TlsSrpGroupVerifier.cs     |   17 +
 .../src/crypto/tls/TlsSrpIdentityManager.cs   |   21 +
 .../src/crypto/tls/TlsSrpKeyExchange.cs       |  285 ++
 .../src/crypto/tls/TlsSrpLoginParameters.cs   |   36 +
 .../src/crypto/tls/TlsSrpUtilities.cs         |   74 +
 .../src/crypto/tls/TlsSrtpUtilities.cs        |   62 +
 bc-sharp-crypto/src/crypto/tls/TlsStream.cs   |   97 +
 .../src/crypto/tls/TlsStreamCipher.cs         |  152 +
 .../src/crypto/tls/TlsUtilities.cs            | 2398 +++++++++++
 bc-sharp-crypto/src/crypto/tls/UrlAndHash.cs  |   94 +
 bc-sharp-crypto/src/crypto/tls/UseSrtpData.cs |   56 +
 .../src/crypto/tls/UserMappingType.cs         |   13 +
 bc-sharp-crypto/src/crypto/util/Pack.cs       |  345 ++
 bc-sharp-crypto/src/math/BigInteger.cs        | 3592 +++++++++++++++++
 bc-sharp-crypto/src/math/Primes.cs            |  629 +++
 bc-sharp-crypto/src/math/ec/ECAlgorithms.cs   |  479 +++
 bc-sharp-crypto/src/math/ec/ECCurve.cs        | 1131 ++++++
 bc-sharp-crypto/src/math/ec/ECFieldElement.cs |  928 +++++
 bc-sharp-crypto/src/math/ec/ECPoint.cs        | 2064 ++++++++++
 bc-sharp-crypto/src/math/ec/ECPointMap.cs     |    9 +
 bc-sharp-crypto/src/math/ec/LongArray.cs      | 2201 ++++++++++
 bc-sharp-crypto/src/math/ec/ScaleXPointMap.cs |   20 +
 bc-sharp-crypto/src/math/ec/ScaleYPointMap.cs |   20 +
 .../src/math/ec/abc/SimpleBigDecimal.cs       |  241 ++
 bc-sharp-crypto/src/math/ec/abc/Tnaf.cs       |  845 ++++
 .../src/math/ec/abc/ZTauElement.cs            |   36 +
 .../src/math/ec/custom/djb/Curve25519.cs      |   77 +
 .../src/math/ec/custom/djb/Curve25519Field.cs |  253 ++
 .../ec/custom/djb/Curve25519FieldElement.cs   |  233 ++
 .../src/math/ec/custom/djb/Curve25519Point.cs |  313 ++
 .../src/math/ec/custom/gm/SM2P256V1Curve.cs   |   77 +
 .../src/math/ec/custom/gm/SM2P256V1Field.cs   |  307 ++
 .../ec/custom/gm/SM2P256V1FieldElement.cs     |  211 +
 .../src/math/ec/custom/gm/SM2P256V1Point.cs   |  279 ++
 .../src/math/ec/custom/sec/SecP128R1Curve.cs  |   78 +
 .../src/math/ec/custom/sec/SecP128R1Field.cs  |  218 +
 .../ec/custom/sec/SecP128R1FieldElement.cs    |  198 +
 .../src/math/ec/custom/sec/SecP128R1Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP160K1Curve.cs  |   74 +
 .../src/math/ec/custom/sec/SecP160K1Point.cs  |  269 ++
 .../src/math/ec/custom/sec/SecP160R1Curve.cs  |   78 +
 .../src/math/ec/custom/sec/SecP160R1Field.cs  |  186 +
 .../ec/custom/sec/SecP160R1FieldElement.cs    |  203 +
 .../src/math/ec/custom/sec/SecP160R1Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP160R2Curve.cs  |   78 +
 .../src/math/ec/custom/sec/SecP160R2Field.cs  |  178 +
 .../ec/custom/sec/SecP160R2FieldElement.cs    |  218 +
 .../src/math/ec/custom/sec/SecP160R2Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP192K1Curve.cs  |   75 +
 .../src/math/ec/custom/sec/SecP192K1Field.cs  |  178 +
 .../ec/custom/sec/SecP192K1FieldElement.cs    |  213 +
 .../src/math/ec/custom/sec/SecP192K1Point.cs  |  267 ++
 .../src/math/ec/custom/sec/SecP192R1Curve.cs  |   78 +
 .../src/math/ec/custom/sec/SecP192R1Field.cs  |  283 ++
 .../ec/custom/sec/SecP192R1FieldElement.cs    |  188 +
 .../src/math/ec/custom/sec/SecP192R1Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP224K1Curve.cs  |   75 +
 .../src/math/ec/custom/sec/SecP224K1Field.cs  |  179 +
 .../ec/custom/sec/SecP224K1FieldElement.cs    |  242 ++
 .../src/math/ec/custom/sec/SecP224K1Point.cs  |  267 ++
 .../src/math/ec/custom/sec/SecP224R1Curve.cs  |   78 +
 .../src/math/ec/custom/sec/SecP224R1Field.cs  |  297 ++
 .../ec/custom/sec/SecP224R1FieldElement.cs    |  269 ++
 .../src/math/ec/custom/sec/SecP224R1Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP256K1Curve.cs  |   75 +
 .../src/math/ec/custom/sec/SecP256K1Field.cs  |  180 +
 .../ec/custom/sec/SecP256K1FieldElement.cs    |  214 +
 .../src/math/ec/custom/sec/SecP256K1Point.cs  |  267 ++
 .../src/math/ec/custom/sec/SecP256R1Curve.cs  |   77 +
 .../src/math/ec/custom/sec/SecP256R1Field.cs  |  312 ++
 .../ec/custom/sec/SecP256R1FieldElement.cs    |  188 +
 .../src/math/ec/custom/sec/SecP256R1Point.cs  |  279 ++
 .../src/math/ec/custom/sec/SecP384R1Curve.cs  |   77 +
 .../src/math/ec/custom/sec/SecP384R1Field.cs  |  295 ++
 .../ec/custom/sec/SecP384R1FieldElement.cs    |  210 +
 .../src/math/ec/custom/sec/SecP384R1Point.cs  |  280 ++
 .../src/math/ec/custom/sec/SecP521R1Curve.cs  |   77 +
 .../src/math/ec/custom/sec/SecP521R1Field.cs  |  155 +
 .../ec/custom/sec/SecP521R1FieldElement.cs    |  167 +
 .../src/math/ec/custom/sec/SecP521R1Point.cs  |  275 ++
 .../src/math/ec/custom/sec/SecT113Field.cs    |  225 ++
 .../math/ec/custom/sec/SecT113FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT113R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT113R1Point.cs  |  281 ++
 .../src/math/ec/custom/sec/SecT113R2Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT113R2Point.cs  |  291 ++
 .../src/math/ec/custom/sec/SecT131Field.cs    |  330 ++
 .../math/ec/custom/sec/SecT131FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT131R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT131R1Point.cs  |  287 ++
 .../src/math/ec/custom/sec/SecT131R2Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT131R2Point.cs  |  283 ++
 .../src/math/ec/custom/sec/SecT163Field.cs    |  340 ++
 .../math/ec/custom/sec/SecT163FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT163K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT163K1Point.cs  |  281 ++
 .../src/math/ec/custom/sec/SecT163R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT163R1Point.cs  |  283 ++
 .../src/math/ec/custom/sec/SecT163R2Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT163R2Point.cs  |  286 ++
 .../src/math/ec/custom/sec/SecT193Field.cs    |  305 ++
 .../math/ec/custom/sec/SecT193FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT193R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT193R1Point.cs  |  283 ++
 .../src/math/ec/custom/sec/SecT193R2Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT193R2Point.cs  |  283 ++
 .../src/math/ec/custom/sec/SecT233Field.cs    |  317 ++
 .../math/ec/custom/sec/SecT233FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT233K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT233K1Point.cs  |  295 ++
 .../src/math/ec/custom/sec/SecT233R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT233R1Point.cs  |  278 ++
 .../src/math/ec/custom/sec/SecT239Field.cs    |  328 ++
 .../math/ec/custom/sec/SecT239FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT239K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT239K1Point.cs  |  290 ++
 .../src/math/ec/custom/sec/SecT283Field.cs    |  402 ++
 .../math/ec/custom/sec/SecT283FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT283K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT283K1Point.cs  |  289 ++
 .../src/math/ec/custom/sec/SecT283R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT283R1Point.cs  |  278 ++
 .../src/math/ec/custom/sec/SecT409Field.cs    |  331 ++
 .../math/ec/custom/sec/SecT409FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT409K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT409K1Point.cs  |  289 ++
 .../src/math/ec/custom/sec/SecT409R1Curve.cs  |   98 +
 .../src/math/ec/custom/sec/SecT409R1Point.cs  |  278 ++
 .../src/math/ec/custom/sec/SecT571Field.cs    |  333 ++
 .../math/ec/custom/sec/SecT571FieldElement.cs |  216 +
 .../src/math/ec/custom/sec/SecT571K1Curve.cs  |  104 +
 .../src/math/ec/custom/sec/SecT571K1Point.cs  |  289 ++
 .../src/math/ec/custom/sec/SecT571R1Curve.cs  |  102 +
 .../src/math/ec/custom/sec/SecT571R1Point.cs  |  278 ++
 .../src/math/ec/endo/ECEndomorphism.cs        |   11 +
 .../src/math/ec/endo/GlvEndomorphism.cs       |   10 +
 .../src/math/ec/endo/GlvTypeBEndomorphism.cs  |   55 +
 .../src/math/ec/endo/GlvTypeBParameters.cs    |   60 +
 .../ec/multiplier/AbstractECMultiplier.cs     |   24 +
 .../math/ec/multiplier/DoubleAddMultiplier.cs |   24 +
 .../src/math/ec/multiplier/ECMultiplier.cs    |   18 +
 .../ec/multiplier/FixedPointCombMultiplier.cs |   59 +
 .../ec/multiplier/FixedPointPreCompInfo.cs    |   34 +
 .../math/ec/multiplier/FixedPointUtilities.cs |   72 +
 .../src/math/ec/multiplier/GlvMultiplier.cs   |   40 +
 .../ec/multiplier/MixedNafR2LMultiplier.cs    |   75 +
 .../multiplier/MontgomeryLadderMultiplier.cs  |   25 +
 .../math/ec/multiplier/NafL2RMultiplier.cs    |   30 +
 .../math/ec/multiplier/NafR2LMultiplier.cs    |   31 +
 .../src/math/ec/multiplier/PreCompInfo.cs     |   11 +
 .../math/ec/multiplier/ReferenceMultiplier.cs |   11 +
 .../math/ec/multiplier/WNafL2RMultiplier.cs   |   98 +
 .../src/math/ec/multiplier/WNafPreCompInfo.cs |   46 +
 .../src/math/ec/multiplier/WNafUtilities.cs   |  524 +++
 .../math/ec/multiplier/WTauNafMultiplier.cs   |  125 +
 .../math/ec/multiplier/WTauNafPreCompInfo.cs  |   24 +
 .../multiplier/ZSignedDigitL2RMultiplier.cs   |   29 +
 .../multiplier/ZSignedDigitR2LMultiplier.cs   |   30 +
 .../src/math/field/FiniteFields.cs            |   54 +
 .../src/math/field/GF2Polynomial.cs           |   46 +
 .../field/GenericPolynomialExtensionField.cs  |   63 +
 .../src/math/field/IExtensionField.cs         |   12 +
 .../src/math/field/IFiniteField.cs            |   11 +
 bc-sharp-crypto/src/math/field/IPolynomial.cs |   15 +
 .../math/field/IPolynomialExtensionField.cs   |   10 +
 bc-sharp-crypto/src/math/field/PrimeField.cs  |   44 +
 bc-sharp-crypto/src/math/raw/Interleave.cs    |  107 +
 bc-sharp-crypto/src/math/raw/Mod.cs           |  186 +
 bc-sharp-crypto/src/math/raw/Nat.cs           | 1053 +++++
 bc-sharp-crypto/src/math/raw/Nat128.cs        |  856 ++++
 bc-sharp-crypto/src/math/raw/Nat160.cs        |  874 ++++
 bc-sharp-crypto/src/math/raw/Nat192.cs        | 1048 +++++
 bc-sharp-crypto/src/math/raw/Nat224.cs        | 1176 ++++++
 bc-sharp-crypto/src/math/raw/Nat256.cs        | 1387 +++++++
 bc-sharp-crypto/src/math/raw/Nat320.cs        |   98 +
 bc-sharp-crypto/src/math/raw/Nat384.cs        |   46 +
 bc-sharp-crypto/src/math/raw/Nat448.cs        |  100 +
 bc-sharp-crypto/src/math/raw/Nat512.cs        |   46 +
 bc-sharp-crypto/src/math/raw/Nat576.cs        |  102 +
 bc-sharp-crypto/src/ocsp/BasicOCSPResp.cs     |  220 +
 .../src/ocsp/BasicOCSPRespGenerator.cs        |  313 ++
 bc-sharp-crypto/src/ocsp/CertificateID.cs     |  141 +
 bc-sharp-crypto/src/ocsp/CertificateStatus.cs |    9 +
 bc-sharp-crypto/src/ocsp/OCSPException.cs     |   28 +
 bc-sharp-crypto/src/ocsp/OCSPReq.cs           |  268 ++
 bc-sharp-crypto/src/ocsp/OCSPReqGenerator.cs  |  243 ++
 bc-sharp-crypto/src/ocsp/OCSPResp.cs          |  100 +
 bc-sharp-crypto/src/ocsp/OCSPRespGenerator.cs |   54 +
 bc-sharp-crypto/src/ocsp/OCSPRespStatus.cs    |   22 +
 bc-sharp-crypto/src/ocsp/OCSPUtil.cs          |  132 +
 bc-sharp-crypto/src/ocsp/Req.cs               |   38 +
 bc-sharp-crypto/src/ocsp/RespData.cs          |   60 +
 bc-sharp-crypto/src/ocsp/RespID.cs            |   72 +
 bc-sharp-crypto/src/ocsp/RevokedStatus.cs     |   58 +
 bc-sharp-crypto/src/ocsp/SingleResp.cs        |   81 +
 bc-sharp-crypto/src/ocsp/UnknownStatus.cs     |   15 +
 .../src/openpgp/IStreamGenerator.cs           |    7 +
 bc-sharp-crypto/src/openpgp/PGPKeyRing.cs     |   79 +
 bc-sharp-crypto/src/openpgp/PGPObject.cs      |    9 +
 ...GPUserAttributeSubpacketVectorGenerator.cs |   33 +
 .../src/openpgp/PgpCompressedData.cs          |   50 +
 .../src/openpgp/PgpCompressedDataGenerator.cs |  221 +
 .../src/openpgp/PgpDataValidationException.cs |   18 +
 .../src/openpgp/PgpEncryptedData.cs           |  151 +
 .../src/openpgp/PgpEncryptedDataGenerator.cs  |  598 +++
 .../src/openpgp/PgpEncryptedDataList.cs       |   72 +
 bc-sharp-crypto/src/openpgp/PgpException.cs   |   22 +
 .../src/openpgp/PgpExperimental.cs            |   16 +
 bc-sharp-crypto/src/openpgp/PgpKeyFlags.cs    |   13 +
 bc-sharp-crypto/src/openpgp/PgpKeyPair.cs     |   67 +
 .../src/openpgp/PgpKeyRingGenerator.cs        |  402 ++
 .../src/openpgp/PgpKeyValidationException.cs  |   18 +
 bc-sharp-crypto/src/openpgp/PgpLiteralData.cs |   63 +
 .../src/openpgp/PgpLiteralDataGenerator.cs    |  182 +
 bc-sharp-crypto/src/openpgp/PgpMarker.cs      |   18 +
 .../src/openpgp/PgpObjectFactory.cs           |  143 +
 .../src/openpgp/PgpOnePassSignature.cs        |  179 +
 .../src/openpgp/PgpOnePassSignatureList.cs    |   51 +
 bc-sharp-crypto/src/openpgp/PgpPad.cs         |   45 +
 .../src/openpgp/PgpPbeEncryptedData.cs        |  160 +
 bc-sharp-crypto/src/openpgp/PgpPrivateKey.cs  |   51 +
 bc-sharp-crypto/src/openpgp/PgpPublicKey.cs   |  980 +++++
 .../src/openpgp/PgpPublicKeyEncryptedData.cs  |  272 ++
 .../src/openpgp/PgpPublicKeyRing.cs           |  200 +
 .../src/openpgp/PgpPublicKeyRingBundle.cs     |  279 ++
 bc-sharp-crypto/src/openpgp/PgpSecretKey.cs   | 1295 ++++++
 .../src/openpgp/PgpSecretKeyRing.cs           |  308 ++
 .../src/openpgp/PgpSecretKeyRingBundle.cs     |  280 ++
 bc-sharp-crypto/src/openpgp/PgpSignature.cs   |  447 ++
 .../src/openpgp/PgpSignatureGenerator.cs      |  393 ++
 .../src/openpgp/PgpSignatureList.cs           |   51 +
 .../openpgp/PgpSignatureSubpacketGenerator.cs |  210 +
 .../openpgp/PgpSignatureSubpacketVector.cs    |  239 ++
 .../PgpUserAttributeSubpacketVector.cs        |   81 +
 bc-sharp-crypto/src/openpgp/PgpUtilities.cs   |  518 +++
 .../src/openpgp/PgpV3SignatureGenerator.cs    |  199 +
 .../src/openpgp/Rfc6637Utilities.cs           |  138 +
 bc-sharp-crypto/src/openpgp/SXprUtilities.cs  |  102 +
 .../src/openpgp/WrappedGeneratorStream.cs     |   37 +
 .../src/openssl/EncryptionException.cs        |   25 +
 .../src/openssl/IPasswordFinder.cs            |    9 +
 .../src/openssl/MiscPemGenerator.cs           |  275 ++
 bc-sharp-crypto/src/openssl/PEMException.cs   |   25 +
 bc-sharp-crypto/src/openssl/PEMReader.cs      |  401 ++
 bc-sharp-crypto/src/openssl/PEMUtilities.cs   |  158 +
 bc-sharp-crypto/src/openssl/PEMWriter.cs      |   61 +
 .../src/openssl/PasswordException.cs          |   25 +
 bc-sharp-crypto/src/openssl/Pkcs8Generator.cs |  111 +
 .../src/pkcs/AsymmetricKeyEntry.cs            |   60 +
 .../pkcs/EncryptedPrivateKeyInfoFactory.cs    |   64 +
 .../src/pkcs/PKCS12StoreBuilder.cs            |   41 +
 .../src/pkcs/Pkcs10CertificationRequest.cs    |  464 +++
 .../Pkcs10CertificationRequestDelaySigned.cs  |  150 +
 bc-sharp-crypto/src/pkcs/Pkcs12Entry.cs       |   64 +
 bc-sharp-crypto/src/pkcs/Pkcs12Store.cs       | 1100 +++++
 bc-sharp-crypto/src/pkcs/Pkcs12Utilities.cs   |   77 +
 .../src/pkcs/PrivateKeyInfoFactory.cs         |  205 +
 .../src/pkcs/X509CertificateEntry.cs          |   60 +
 bc-sharp-crypto/src/pkix/CertStatus.cs        |   35 +
 .../src/pkix/PkixAttrCertChecker.cs           |   57 +
 .../src/pkix/PkixAttrCertPathBuilder.cs       |  215 +
 .../src/pkix/PkixAttrCertPathValidator.cs     |   76 +
 .../src/pkix/PkixBuilderParameters.cs         |  140 +
 bc-sharp-crypto/src/pkix/PkixCertPath.cs      |  460 +++
 .../src/pkix/PkixCertPathBuilder.cs           |  205 +
 .../src/pkix/PkixCertPathBuilderException.cs  |   22 +
 .../src/pkix/PkixCertPathBuilderResult.cs     |   45 +
 .../src/pkix/PkixCertPathChecker.cs           |   99 +
 .../src/pkix/PkixCertPathValidator.cs         |  420 ++
 .../pkix/PkixCertPathValidatorException.cs    |  221 +
 .../src/pkix/PkixCertPathValidatorResult.cs   |   69 +
 .../pkix/PkixCertPathValidatorUtilities.cs    | 1194 ++++++
 bc-sharp-crypto/src/pkix/PkixCrlUtilities.cs  |  114 +
 .../src/pkix/PkixNameConstraintValidator.cs   | 1939 +++++++++
 .../PkixNameConstraintValidatorException.cs   |   16 +
 bc-sharp-crypto/src/pkix/PkixParameters.cs    |  893 ++++
 bc-sharp-crypto/src/pkix/PkixPolicyNode.cs    |  158 +
 bc-sharp-crypto/src/pkix/ReasonsMask.cs       |   96 +
 .../src/pkix/Rfc3280CertPathUtilities.cs      | 2448 +++++++++++
 .../src/pkix/Rfc3281CertPathUtilities.cs      |  608 +++
 bc-sharp-crypto/src/pkix/TrustAnchor.cs       |  259 ++
 .../src/security/AgreementUtilities.cs        |  105 +
 .../src/security/CipherUtilities.cs           |  755 ++++
 .../src/security/DigestUtilities.cs           |  222 +
 .../src/security/DotNetUtilities.cs           |  245 ++
 .../src/security/GeneralSecurityException.cs  |   29 +
 .../src/security/GeneratorUtilities.cs        |  352 ++
 .../src/security/InvalidKeyException.cs       |   14 +
 .../src/security/InvalidParameterException.cs |   14 +
 bc-sharp-crypto/src/security/KeyException.cs  |   14 +
 bc-sharp-crypto/src/security/MacUtilities.cs  |  256 ++
 .../src/security/NoSuchAlgorithmException.cs  |   15 +
 .../src/security/ParameterUtilities.cs        |  325 ++
 bc-sharp-crypto/src/security/PbeUtilities.cs  |  663 +++
 .../src/security/PrivateKeyFactory.cs         |  222 +
 .../src/security/PublicKeyFactory.cs          |  253 ++
 bc-sharp-crypto/src/security/SecureRandom.cs  |  262 ++
 .../src/security/SecurityUtilityException.cs  |   36 +
 .../src/security/SignatureException.cs        |   14 +
 .../src/security/SignerUtilities.cs           |  566 +++
 .../src/security/WrapperUtilities.cs          |  153 +
 .../cert/CertificateEncodingException.cs      |   14 +
 .../src/security/cert/CertificateException.cs |   14 +
 .../cert/CertificateExpiredException.cs       |   14 +
 .../cert/CertificateNotYetValidException.cs   |   14 +
 .../cert/CertificateParsingException.cs       |   14 +
 .../src/security/cert/CrlException.cs         |   14 +
 bc-sharp-crypto/src/tsp/GenTimeAccuracy.cs    |   33 +
 bc-sharp-crypto/src/tsp/TSPAlgorithms.cs      |   48 +
 bc-sharp-crypto/src/tsp/TSPException.cs       |   28 +
 bc-sharp-crypto/src/tsp/TSPUtil.cs            |  202 +
 .../src/tsp/TSPValidationException.cs         |   44 +
 bc-sharp-crypto/src/tsp/TimeStampRequest.cs   |  186 +
 .../src/tsp/TimeStampRequestGenerator.cs      |  139 +
 bc-sharp-crypto/src/tsp/TimeStampResponse.cs  |  184 +
 .../src/tsp/TimeStampResponseGenerator.cs     |  209 +
 bc-sharp-crypto/src/tsp/TimeStampToken.cs     |  305 ++
 .../src/tsp/TimeStampTokenGenerator.cs        |  245 ++
 bc-sharp-crypto/src/tsp/TimeStampTokenInfo.cs |  107 +
 bc-sharp-crypto/src/util/Arrays.cs            |  704 ++++
 bc-sharp-crypto/src/util/BigIntegers.cs       |   90 +
 bc-sharp-crypto/src/util/Enums.cs             |   78 +
 bc-sharp-crypto/src/util/IMemoable.cs         |   29 +
 bc-sharp-crypto/src/util/Integers.cs          |   17 +
 .../src/util/MemoableResetException.cs        |   27 +
 bc-sharp-crypto/src/util/Platform.cs          |  229 ++
 bc-sharp-crypto/src/util/Strings.cs           |  103 +
 bc-sharp-crypto/src/util/Times.cs             |   14 +
 bc-sharp-crypto/src/util/TypeExtensions.cs    |   17 +
 .../util/collections/CollectionUtilities.cs   |   64 +
 .../src/util/collections/EmptyEnumerable.cs   |   44 +
 .../src/util/collections/EnumerableProxy.cs   |   25 +
 .../src/util/collections/HashSet.cs           |   99 +
 bc-sharp-crypto/src/util/collections/ISet.cs  |   19 +
 .../src/util/collections/LinkedDictionary.cs  |  178 +
 .../collections/UnmodifiableDictionary.cs     |   64 +
 .../UnmodifiableDictionaryProxy.cs            |   66 +
 .../src/util/collections/UnmodifiableList.cs  |   67 +
 .../util/collections/UnmodifiableListProxy.cs |   61 +
 .../src/util/collections/UnmodifiableSet.cs   |   59 +
 .../util/collections/UnmodifiableSetProxy.cs  |   56 +
 .../src/util/date/DateTimeObject.cs           |   25 +
 .../src/util/date/DateTimeUtilities.cs        |   47 +
 bc-sharp-crypto/src/util/encoders/Base64.cs   |  120 +
 .../src/util/encoders/Base64Encoder.cs        |  324 ++
 .../src/util/encoders/BufferedDecoder.cs      |  117 +
 .../src/util/encoders/BufferedEncoder.cs      |  117 +
 bc-sharp-crypto/src/util/encoders/Hex.cs      |  130 +
 .../src/util/encoders/HexEncoder.cs           |  176 +
 .../src/util/encoders/HexTranslator.cs        |  108 +
 bc-sharp-crypto/src/util/encoders/IEncoder.cs |   18 +
 .../src/util/encoders/Translator.cs           |   19 +
 .../src/util/encoders/UrlBase64.cs            |  127 +
 .../src/util/encoders/UrlBase64Encoder.cs     |   31 +
 .../src/util/io/BaseInputStream.cs            |   64 +
 .../src/util/io/BaseOutputStream.cs           |   69 +
 bc-sharp-crypto/src/util/io/FilterStream.cs   |   78 +
 .../src/util/io/NullOutputStream.cs           |   18 +
 bc-sharp-crypto/src/util/io/PushbackStream.cs |   52 +
 .../src/util/io/StreamOverflowException.cs    |   30 +
 bc-sharp-crypto/src/util/io/Streams.cs        |  100 +
 bc-sharp-crypto/src/util/io/TeeInputStream.cs |   64 +
 .../src/util/io/TeeOutputStream.cs            |   52 +
 .../src/util/io/pem/PemGenerationException.cs |   29 +
 bc-sharp-crypto/src/util/io/pem/PemHeader.cs  |   55 +
 bc-sharp-crypto/src/util/io/pem/PemObject.cs  |   47 +
 .../src/util/io/pem/PemObjectGenerator.cs     |   13 +
 .../src/util/io/pem/PemObjectParser.cs        |   17 +
 bc-sharp-crypto/src/util/io/pem/PemReader.cs  |   96 +
 bc-sharp-crypto/src/util/io/pem/PemWriter.cs  |  120 +
 bc-sharp-crypto/src/util/net/IPAddress.cs     |  197 +
 bc-sharp-crypto/src/util/zlib/Adler32.cs      |   88 +
 bc-sharp-crypto/src/util/zlib/Deflate.cs      | 1640 ++++++++
 bc-sharp-crypto/src/util/zlib/InfBlocks.cs    |  618 +++
 bc-sharp-crypto/src/util/zlib/InfCodes.cs     |  611 +++
 bc-sharp-crypto/src/util/zlib/InfTree.cs      |  523 +++
 bc-sharp-crypto/src/util/zlib/Inflate.cs      |  387 ++
 bc-sharp-crypto/src/util/zlib/JZlib.cs        |   73 +
 bc-sharp-crypto/src/util/zlib/StaticTree.cs   |  152 +
 bc-sharp-crypto/src/util/zlib/Tree.cs         |  367 ++
 .../src/util/zlib/ZDeflaterOutputStream.cs    |  171 +
 .../src/util/zlib/ZInflaterInputStream.cs     |  140 +
 bc-sharp-crypto/src/util/zlib/ZInputStream.cs |  238 ++
 .../src/util/zlib/ZOutputStream.cs            |  265 ++
 bc-sharp-crypto/src/util/zlib/ZStream.cs      |  214 +
 .../src/x509/AttributeCertificateHolder.cs    |  442 ++
 .../src/x509/AttributeCertificateIssuer.cs    |  199 +
 .../src/x509/IX509AttributeCertificate.cs     |   57 +
 bc-sharp-crypto/src/x509/IX509Extension.cs    |   27 +
 bc-sharp-crypto/src/x509/PEMParser.cs         |   95 +
 bc-sharp-crypto/src/x509/PrincipalUtil.cs     |   70 +
 .../src/x509/SubjectPublicKeyInfoFactory.cs   |  184 +
 .../src/x509/X509AttrCertParser.cs            |  173 +
 bc-sharp-crypto/src/x509/X509Attribute.cs     |   76 +
 .../src/x509/X509CertPairParser.cs            |   95 +
 bc-sharp-crypto/src/x509/X509Certificate.cs   |  604 +++
 .../src/x509/X509CertificatePair.cs           |  123 +
 .../src/x509/X509CertificateParser.cs         |  183 +
 bc-sharp-crypto/src/x509/X509Crl.cs           |  426 ++
 bc-sharp-crypto/src/x509/X509CrlEntry.cs      |  201 +
 bc-sharp-crypto/src/x509/X509CrlParser.cs     |  195 +
 bc-sharp-crypto/src/x509/X509ExtensionBase.cs |   82 +
 bc-sharp-crypto/src/x509/X509KeyUsage.cs      |   59 +
 bc-sharp-crypto/src/x509/X509SignatureUtil.cs |  128 +
 bc-sharp-crypto/src/x509/X509Utilities.cs     |  187 +
 .../src/x509/X509V1CertificateGenerator.cs    |  210 +
 .../src/x509/X509V2AttributeCertificate.cs    |  280 ++
 .../X509V2AttributeCertificateGenerator.cs    |  203 +
 .../src/x509/X509V2CRLGenerator.cs            |  278 ++
 .../src/x509/X509V3CertificateGenerator.cs    |  344 ++
 .../AuthorityKeyIdentifierStructure.cs        |  102 +
 .../SubjectKeyIdentifierStructure.cs          |   49 +
 .../src/x509/extension/X509ExtensionUtil.cs   |   91 +
 .../src/x509/store/IX509Selector.cs           |   15 +
 bc-sharp-crypto/src/x509/store/IX509Store.cs  |   11 +
 .../src/x509/store/IX509StoreParameters.cs    |    8 +
 .../src/x509/store/NoSuchStoreException.cs    |   28 +
 .../x509/store/X509AttrCertStoreSelector.cs   |  376 ++
 .../x509/store/X509CertPairStoreSelector.cs   |   92 +
 .../src/x509/store/X509CertStoreSelector.cs   |  337 ++
 .../src/x509/store/X509CollectionStore.cs     |   51 +
 .../store/X509CollectionStoreParameters.cs    |   60 +
 .../src/x509/store/X509CrlStoreSelector.cs    |  283 ++
 .../src/x509/store/X509StoreException.cs      |   28 +
 .../src/x509/store/X509StoreFactory.cs        |   62 +
 bin/x64/Debug/ufr-signer.exe                  |  Bin 0 -> 2455552 bytes
 bin/x64/Debug/ufr-signer.exe.config           |    6 +
 bin/x64/Release/ufr-signer.exe                |  Bin 0 -> 2176512 bytes
 bin/x64/Release/ufr-signer.exe.config         |    6 +
 bin/x86/Release/ufr-signer.exe                |  Bin 0 -> 2177024 bytes
 bin/x86/Release/ufr-signer.exe.config         |    6 +
 digital-signature-verifier.csproj             | 1625 ++++++++
 digital-signature-verifier.sln                |   32 +
 frmMain.cs                                    | 1304 ++++++
 frmMain.designer.cs                           | 1155 ++++++
 frmMain.resx                                  |  120 +
 frmPassword.cs                                |   25 +
 frmPassword.designer.cs                       |  102 +
 frmPassword.resx                              |  120 +
 1495 files changed, 242138 insertions(+)
 create mode 100644 App.config
 create mode 100644 ClassDiagram1.cd
 create mode 100644 Program.cs
 create mode 100644 Properties/AssemblyInfo.cs
 create mode 100644 Properties/Resources.Designer.cs
 create mode 100644 Properties/Resources.resx
 create mode 100644 Properties/Settings.Designer.cs
 create mode 100644 Properties/Settings.settings
 create mode 100644 bc-sharp-crypto/bzip2/src/BZip2Constants.cs
 create mode 100644 bc-sharp-crypto/bzip2/src/CBZip2InputStream.cs
 create mode 100644 bc-sharp-crypto/bzip2/src/CBZip2OutputStream.cs
 create mode 100644 bc-sharp-crypto/bzip2/src/CRC.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1Generator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1OctetStringParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1SequenceParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1SetParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1StreamParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ASN1TaggedObjectParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Encodable.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1EncodableVector.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Exception.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1InputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Null.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Object.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1OctetString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1OutputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1ParsingException.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Sequence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Set.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1TaggedObject.cs
 create mode 100644 bc-sharp-crypto/src/asn1/Asn1Tags.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERBitString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BEROctetStringGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BEROctetStringParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERSequenceGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERSequenceParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERSetGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERSetParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BERTaggedObjectParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerApplicationSpecific.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerApplicationSpecificParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerNull.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerOctetString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerSequence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerSet.cs
 create mode 100644 bc-sharp-crypto/src/asn1/BerTaggedObject.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ConstructedOctetStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERExternal.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERExternalParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DEROctetStringParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERSequenceGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERSequenceParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERSetGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DERSetParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DefiniteLengthInputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerApplicationSpecific.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerBMPString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerBitString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerBoolean.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerEnumerated.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerGeneralString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerGeneralizedTime.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerGraphicString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerIA5String.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerInteger.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerNull.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerNumericString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerObjectIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerOctetString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerPrintableString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerSequence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerSet.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerStringBase.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerT61String.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerTaggedObject.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerUTCTime.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerUTF8String.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerUniversalString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerVideotexString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/DerVisibleString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/IAsn1ApplicationSpecificParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/IAsn1Choice.cs
 create mode 100644 bc-sharp-crypto/src/asn1/IAsn1Convertible.cs
 create mode 100644 bc-sharp-crypto/src/asn1/IAsn1String.cs
 create mode 100644 bc-sharp-crypto/src/asn1/IndefiniteLengthInputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/LazyASN1InputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/LazyDERSequence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/LazyDERSet.cs
 create mode 100644 bc-sharp-crypto/src/asn1/LimitedInputStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/OidTokenizer.cs
 create mode 100644 bc-sharp-crypto/src/asn1/anssi/ANSSINamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/bc/BCObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertConfirmContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertOrEncCert.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertRepMessage.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertResponse.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertStatus.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CertifiedKeyPair.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/Challenge.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CmpCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/CrlAnnContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/ErrorMsgContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/GenMsgContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/GenRepContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/InfoTypeAndValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/KeyRecRepContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/OobCertHash.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIBody.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIConfirmContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIFailureInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIFreeText.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIHeader.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIHeaderBuilder.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIMessage.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIMessages.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIStatus.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PKIStatusInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PbmParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PollRepContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PollReqContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/ProtectedPart.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/RevAnnContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/RevDetails.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/RevRepContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/RevRepContentBuilder.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cmp/RevReqContent.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/Attribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/AttributeTable.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/Attributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/AuthEnvelopedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/AuthEnvelopedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/AuthenticatedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/AuthenticatedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/CMSAttributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/CMSObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/CompressedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/CompressedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/ContentInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/ContentInfoParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/EncryptedContentInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/EncryptedContentInfoParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/EncryptedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/EnvelopedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/EnvelopedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/Evidence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/IssuerAndSerialNumber.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/KEKIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/KEKRecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/KeyTransRecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/MetaData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OriginatorInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OriginatorPublicKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OtherKeyAttribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OtherRecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/OtherRevocationInfoFormat.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/PasswordRecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/RecipientEncryptedKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/RecipientIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/RecipientInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/RecipientKeyIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/SCVPReqRes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/SignedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/SignedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/SignerIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/SignerInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/Time.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/TimeStampAndCRL.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/TimeStampTokenEvidence.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/TimeStampedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/TimeStampedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/AttributeTypeAndValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertId.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertReqMessages.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertReqMsg.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertRequest.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertTemplate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CertTemplateBuilder.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/Controls.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/EncKeyWithID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/EncryptedKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/EncryptedValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/OptionalValidity.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PKIArchiveOptions.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PKIPublicationInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PKMacValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PopoPrivKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PopoSigningKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/PopoSigningKeyInput.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/ProofOfPossession.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/SinglePubInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/crmf/SubsequentMessage.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/GOST28147Parameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/eac/EACObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CertificateValues.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CommitmentTypeIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CommitmentTypeIndication.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CommitmentTypeQualifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CompleteCertificateRefs.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CompleteRevocationRefs.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CrlIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CrlListID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CrlOcspRef.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/CrlValidatedID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/ESFAttributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OcspIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OcspListID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OcspResponsesID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherCertID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherHash.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherHashAlgAndValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherRevRefs.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherRevVals.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/OtherSigningCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/RevocationValues.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/SigPolicyQualifierInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/SignaturePolicyId.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/SignaturePolicyIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/SignerAttribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/esf/SignerLocation.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/ContentHints.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/ContentIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/ESSCertID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/ESSCertIDv2.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/OtherCertID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/OtherSigningCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/SigningCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ess/SigningCertificateV2.cs
 create mode 100644 bc-sharp-crypto/src/asn1/gm/GMNamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/gm/GMObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/iana/IANAObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/icao/CscaMasterList.cs
 create mode 100644 bc-sharp-crypto/src/asn1/icao/DataGroupHash.cs
 create mode 100644 bc-sharp-crypto/src/asn1/icao/ICAOObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/icao/LDSSecurityObject.cs
 create mode 100644 bc-sharp-crypto/src/asn1/icao/LDSVersionInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/ocsp/CertHash.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/Admissions.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/MonetaryLimit.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/NamingAuthority.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/ProfessionInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/isismtt/x509/Restriction.cs
 create mode 100644 bc-sharp-crypto/src/asn1/kisa/KISAObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/CAST5CBCParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/IDEACBCPar.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/MiscObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/NetscapeCertType.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/NetscapeRevocationURL.cs
 create mode 100644 bc-sharp-crypto/src/asn1/misc/VerisignCzagExtension.cs
 create mode 100644 bc-sharp-crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs
 create mode 100644 bc-sharp-crypto/src/asn1/nist/NISTNamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/nist/NISTObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ntt/NTTObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/BasicOCSPResponse.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/CertID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/CertStatus.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/CrlID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/OCSPRequest.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/OCSPResponse.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/OCSPResponseStatus.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/Request.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/ResponderID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/ResponseBytes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/ResponseData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/RevokedInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/ServiceLocator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/Signature.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/SingleResponse.cs
 create mode 100644 bc-sharp-crypto/src/asn1/ocsp/TBSRequest.cs
 create mode 100644 bc-sharp-crypto/src/asn1/oiw/ElGamalParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/oiw/OIWObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/Attribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/AuthenticatedSafe.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/CertBag.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/CertificationRequest.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/CertificationRequestInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/ContentInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/DHParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/EncryptedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/EncryptionScheme.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/KeyDerivationFunc.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/MacData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PBEParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PBES2Parameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PBKDF2Params.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PKCS12PBEParams.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/Pfx.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/PrivateKeyInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/RC2CBCParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/RSAESOAEPparams.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/RSASSAPSSparams.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/SafeBag.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/SignedData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/pkcs/SignerInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/sec/ECPrivateKeyStructure.cs
 create mode 100644 bc-sharp-crypto/src/asn1/sec/SECNamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/sec/SECObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMEAttributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMECapabilities.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMECapability.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMECapabilityVector.cs
 create mode 100644 bc-sharp-crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/tsp/Accuracy.cs
 create mode 100644 bc-sharp-crypto/src/asn1/tsp/MessageImprint.cs
 create mode 100644 bc-sharp-crypto/src/asn1/tsp/TSTInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/tsp/TimeStampReq.cs
 create mode 100644 bc-sharp-crypto/src/asn1/tsp/TimeStampResp.cs
 create mode 100644 bc-sharp-crypto/src/asn1/util/Asn1Dump.cs
 create mode 100644 bc-sharp-crypto/src/asn1/util/Dump.cs
 create mode 100644 bc-sharp-crypto/src/asn1/util/FilterStream.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x500/DirectoryString.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AccessDescription.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AlgorithmIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AttCertIssuer.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AttCertValidityPeriod.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/Attribute.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AttributeCertificate.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AttributeCertificateInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AttributeTable.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AuthorityInformationAccess.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/AuthorityKeyIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/BasicConstraints.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CRLDistPoint.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CRLNumber.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CRLReason.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CertPolicyId.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CertificateList.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CertificatePair.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/CertificatePolicies.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/DSAParameter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/DigestInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/DisplayText.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/DistributionPoint.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/DistributionPointName.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/ExtendedKeyUsage.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/GeneralName.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/GeneralNames.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/GeneralSubtree.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/Holder.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/IetfAttrSyntax.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/IssuerSerial.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/IssuingDistributionPoint.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/KeyPurposeId.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/KeyUsage.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/NameConstraints.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/NoticeReference.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/ObjectDigestInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/PolicyInformation.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/PolicyMappings.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/PolicyQualifierId.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/PolicyQualifierInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/RSAPublicKeyStructure.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/ReasonFlags.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/RoleSyntax.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/SubjectDirectoryAttributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/SubjectKeyIdentifier.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/TBSCertList.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/TBSCertificateStructure.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/Target.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/TargetInformation.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/Targets.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/Time.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/UserNotice.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/V1TBSCertificateGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/V2Form.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/V2TBSCertListGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/V3TBSCertificateGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509Attributes.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509CertificateStructure.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509DefaultEntryConverter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509Extension.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509Extensions.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509ExtensionsGenerator.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509Name.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509NameEntryConverter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509NameTokenizer.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/X509ObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/BiometricData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/MonetaryValue.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/QCStatement.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/SemanticsInformation.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/sigi/NameOrPseudonym.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/sigi/PersonalData.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/DHDomainParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/DHPublicKey.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/DHValidationParms.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/ECNamedCurveTable.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/KeySpecificInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/OtherInfo.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X962NamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X962Parameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9Curve.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9ECParameters.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9ECParametersHolder.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9ECPoint.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9FieldID.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9IntegerConverter.cs
 create mode 100644 bc-sharp-crypto/src/asn1/x9/X9ObjectIdentifiers.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ArmoredInputStream.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ArmoredOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/BcpgInputStream.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/BcpgObject.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/BcpgOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/CompressedDataPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/CompressionAlgorithmTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ContainedPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/Crc24.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/DsaPublicBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/DsaSecretBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ECDHPublicBCPGKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ECDsaPublicBCPGKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ECPublicBCPGKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ECSecretBCPGKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ElGamalPublicBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ElGamalSecretBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ExperimentalPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/HashAlgorithmTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/IBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/InputStreamPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/LiteralDataPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/MPInteger.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/MarkerPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/ModDetectionCodePacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/OnePassSignaturePacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/OutputStreamPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/Packet.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/PacketTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/PublicKeyAlgorithmTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/PublicKeyEncSessionPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/PublicKeyPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/PublicSubkeyPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/RsaPublicBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/RsaSecretBcpgKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/S2k.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SecretKeyPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SecretSubkeyPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SignaturePacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SignatureSubpacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SignatureSubpacketTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SignatureSubpacketsReader.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SymmetricEncDataPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SymmetricEncIntegrityPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/TrustPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/UserAttributePacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/UserAttributeSubpacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/UserAttributeSubpacketTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/UserAttributeSubpacketsReader.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/UserIdPacket.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/attr/ImageAttrib.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/EmbeddedSignature.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/Exportable.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/Features.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/IssuerKeyId.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/KeyExpirationTime.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/KeyFlags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/NotationData.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/PreferredAlgorithms.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/PrimaryUserId.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/Revocable.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/RevocationKey.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/RevocationKeyTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/RevocationReason.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/RevocationReasonTags.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/SignatureCreationTime.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/SignatureExpirationTime.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/SignerUserId.cs
 create mode 100644 bc-sharp-crypto/src/bcpg/sig/TrustSignature.cs
 create mode 100644 bc-sharp-crypto/src/cms/BaseDigestCalculator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAttributeTableGenerationException.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAttributeTableGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthEnvelopedData.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthEnvelopedGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthenticatedData.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthenticatedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthenticatedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSAuthenticatedGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSCompressedData.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSCompressedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSCompressedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSCompressedDataStreamGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSContentInfoParser.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedData.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSEnvelopedHelper.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSException.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSPBEKey.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSProcessable.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSProcessableByteArray.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSProcessableFile.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSProcessableInputStream.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSReadable.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSecureReadable.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedData.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedDataParser.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedDataStreamGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSSignedHelper.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSStreamException.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSTypedStream.cs
 create mode 100644 bc-sharp-crypto/src/cms/CMSUtils.cs
 create mode 100644 bc-sharp-crypto/src/cms/CounterSignatureDigestCalculator.cs
 create mode 100644 bc-sharp-crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/DefaultSignedAttributeTableGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/DigOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/cms/IDigestCalculator.cs
 create mode 100644 bc-sharp-crypto/src/cms/KEKRecipientInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/KEKRecipientInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/KeyAgreeRecipientInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/KeyTransRecipientInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/KeyTransRecipientInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/MacOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/cms/OriginatorId.cs
 create mode 100644 bc-sharp-crypto/src/cms/OriginatorInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/OriginatorInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/PKCS5Scheme2PBEKey.cs
 create mode 100644 bc-sharp-crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
 create mode 100644 bc-sharp-crypto/src/cms/PasswordRecipientInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/PasswordRecipientInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/RecipientId.cs
 create mode 100644 bc-sharp-crypto/src/cms/RecipientInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/RecipientInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/RecipientInformationStore.cs
 create mode 100644 bc-sharp-crypto/src/cms/SigOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/cms/SignerId.cs
 create mode 100644 bc-sharp-crypto/src/cms/SignerInfoGenerator.cs
 create mode 100644 bc-sharp-crypto/src/cms/SignerInformation.cs
 create mode 100644 bc-sharp-crypto/src/cms/SignerInformationStore.cs
 create mode 100644 bc-sharp-crypto/src/cms/SimpleAttributeTableGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/AsymmetricCipherKeyPair.cs
 create mode 100644 bc-sharp-crypto/src/crypto/AsymmetricKeyParameter.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedAeadBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedAsymmetricBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedCipherBase.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedIesCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/BufferedStreamCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/Check.cs
 create mode 100644 bc-sharp-crypto/src/crypto/CipherKeyGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/CryptoException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/DataLengthException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IAsymmetricBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IBlockResult.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IBufferedCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/ICipherParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IDSA.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IDerivationFunction.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IDerivationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IEntropySource.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IEntropySourceProvider.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/ISignatureFactory.cs
 create mode 100644 bc-sharp-crypto/src/crypto/ISigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/ISignerWithRecovery.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IStreamCalculator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IStreamCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IVerifier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IVerifierFactory.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IVerifierFactoryProvider.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IWrapper.cs
 create mode 100644 bc-sharp-crypto/src/crypto/IXof.cs
 create mode 100644 bc-sharp-crypto/src/crypto/InvalidCipherTextException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/KeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/MaxBytesExceededException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/OutputLengthException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/PbeParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/StreamBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/DHAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/DHBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/DHStandardGroups.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/ECDHBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/ECMqvBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/jpake/JPakeUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/kdf/DHKdfParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/kdf/DHKekGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/srp/SRP6Client.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/srp/SRP6Server.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/srp/SRP6Utilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/DSTU7564Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/GOST3411Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/GOST3411_2012Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/GOST3411_2012_256Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/GOST3411_2012_512Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/GeneralDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/KeccakDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/LongDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/MD2Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/MD4Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/MD5Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/NonMemoableDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/NullDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/RipeMD128Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/RipeMD160Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/RipeMD256Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/RipeMD320Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/SHA3Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/SM3Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha1Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha224Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha256Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha384Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha512Digest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/Sha512tDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/ShakeDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/ShortenedDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/SkeinDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/SkeinEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/TigerDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/digests/WhirlpoolDigest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/ec/CustomNamedCurves.cs
 create mode 100644 bc-sharp-crypto/src/crypto/encodings/ISO9796d1Encoding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/encodings/OaepEncoding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/encodings/Pkcs1Encoding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/AesEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/AesFastEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/AesLightEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/AesWrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/BlowfishEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/CamelliaEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/CamelliaLightEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/CamelliaWrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/Cast5Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/Cast6Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/ChaCha7539Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/ChaChaEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/DesEdeEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/DesEdeWrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/DesEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/Dstu7624Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/Dstu7624WrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/ElGamalEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/GOST28147Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/HC128Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/HC256Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/ISAACEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/IdeaEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/IesEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/NaccacheSternEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/NoekeonEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/NullEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC2Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC2WrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC4Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC532Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC564Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RC6Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RFC3211WrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RFC3394WrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RSABlindedEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RSABlindingEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RSACoreEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RijndaelEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/RsaEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/SEEDEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/SEEDWrapEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/Salsa20Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/SerpentEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/SerpentEngineBase.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/SkipjackEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/TEAEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/ThreefishEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/TnepresEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/TwofishEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/VMPCEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/VMPCKSA3Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/XSalsa20Engine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/engines/XTEAEngine.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/BCrypt.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/BaseKdfBytesGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DHKeyGeneratorHelper.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DHKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DHParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DHParametersHelper.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DesEdeKeyGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DesKeyGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DsaKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/DsaParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/ECKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/ElGamalParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/GOST3410ParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/HKDFBytesGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Kdf1BytesGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Kdf2BytesGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Mgf1BytesGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/OpenBsdBCrypt.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/Poly1305KeyGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/RsaKeyPairGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/generators/SCrypt.cs
 create mode 100644 bc-sharp-crypto/src/crypto/io/CipherStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/io/DigestStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/io/MacStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/io/SignerStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/CMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/CbcBlockCipherMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/CfbBlockCipherMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/DSTU7564Mac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/DSTU7624Mac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/GMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/GOST28147Mac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/HMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/ISO9797Alg3Mac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/Poly1305.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/SipHash.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/SkeinMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/macs/VMPCMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/CbcBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/CcmBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/CfbBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/CtsBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/EAXBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/GCMBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/GOFBBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/IAeadBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/KCcmBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/KCtrBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/OCBBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/OfbBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/SicBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/GcmUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/IGcmExponentiator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/IGcmMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/operators/Asn1Signature.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/BlockCipherPadding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/ISO10126d2Padding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/ISO7816d4Padding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/Pkcs7Padding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/TbcPadding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/X923Padding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/paddings/ZeroBytePadding.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/AEADParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/CcmParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHPrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHPublicKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DHValidationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DesEdeParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DesParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaPublicKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/DsaValidationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ECDomainParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ECKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ECKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ECPrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ECPublicKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ElGamalKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ElGamalParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410KeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410Parameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/GOST3410ValidationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/HKDFParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ISO18033KDFParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/IesParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/IesWithCipherParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/KdfParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/KeyParameter.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/MgfParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/MqvPrivateParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/MqvPublicParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ParametersWithIV.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ParametersWithRandom.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ParametersWithSBox.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/ParametersWithSalt.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RC2Parameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RC5Parameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RSABlindingParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RsaKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/SkeinParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/Srp6GroupParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/BasicEntropySourceProvider.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/CryptoApiRandomGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/DigestRandomGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/EntropyUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/IDrbgProvider.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/IRandomGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/ReversedWindowGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/SP800SecureRandom.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/ThreadedSeedGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/VMPCRandomGenerator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/X931Rng.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/X931SecureRandom.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/X931SecureRandomBuilder.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/drbg/DrbgUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/drbg/HashSP800Drbg.cs
 create mode 100644 bc-sharp-crypto/src/crypto/prng/drbg/ISP80090Drbg.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/DsaDigestSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/DsaSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/ECDsaSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/ECGOST3410Signer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/ECNRSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/GOST3410DigestSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/GOST3410Signer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/GenericSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/HMacDsaKCalculator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/IDsaKCalculator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/Iso9796d2PssSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/Iso9796d2Signer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/IsoTrailers.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/PssSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/RandomDsaKCalculator.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/RsaDigestSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/signers/X931Signer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsCipherFactory.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsClient.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsContext.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsPeer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsServer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AlertDescription.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/AlertLevel.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/BasicTlsPskIdentity.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/BulkCipherAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ByteQueue.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ByteQueueStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertChainType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/Certificate.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateRequest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateStatus.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateStatusRequest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateStatusType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CertificateUrl.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/Chacha20Poly1305.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ChangeCipherSpec.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CipherSuite.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CipherType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ClientAuthenticationType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ClientCertificateType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CombinedHash.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/CompressionMethod.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ConnectionEnd.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ContentType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DatagramTransport.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsClient.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsServer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DeferredHash.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DigestInputBuffer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DigitallySigned.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsClientProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsEpoch.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsReassembler.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsRecordLayer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsReliableHandshake.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsReplayWindow.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsServerProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/DtlsTransport.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ECBasisType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ECCurveType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ECPointFormat.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/EncryptionAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ExporterLabel.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ExtensionType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/FiniteFieldDheGroup.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HandshakeType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HashAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HeartbeatExtension.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HeartbeatMessage.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HeartbeatMessageType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/HeartbeatMode.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/MacAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/MaxFragmentLength.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/NameType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/NamedCurve.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/NewSessionTicket.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/OcspStatusRequest.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/PrfAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ProtocolVersion.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/PskTlsClient.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/PskTlsServer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/RecordStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SecurityParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ServerDHParams.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ServerName.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ServerNameList.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/ServerSrpParams.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SessionParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SignatureAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SignerInputBuffer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SrpTlsClient.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SrpTlsServer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SrtpProtectionProfile.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/Ssl3Mac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SupplementalDataEntry.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/SupplementalDataType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsAeadCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsAgreementCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsAuthentication.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsBlockCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsCipherFactory.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsClient.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsClientContext.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsClientContextImpl.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsClientProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsCompression.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsContext.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDHKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDHUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDeflateCompression.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDheKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDsaSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsDssSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsECDHKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsECDheKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsECDsaSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsEccUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsEncryptionCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsExtensionsUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsFatalAlert.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsFatalAlertReceived.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsHandshakeHash.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsMac.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsNoCloseNotifyException.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsNullCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsNullCompression.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsPeer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsProtocolHandler.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsPskIdentity.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsPskIdentityManager.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsPskKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsRsaKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsRsaSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsRsaUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsServer.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsServerContext.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsServerContextImpl.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsServerProtocol.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSession.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSessionImpl.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSigner.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSignerCredentials.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrpGroupVerifier.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrpIdentityManager.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrpKeyExchange.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrpLoginParameters.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrpUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsSrtpUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsStream.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsStreamCipher.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/TlsUtilities.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/UrlAndHash.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/UseSrtpData.cs
 create mode 100644 bc-sharp-crypto/src/crypto/tls/UserMappingType.cs
 create mode 100644 bc-sharp-crypto/src/crypto/util/Pack.cs
 create mode 100644 bc-sharp-crypto/src/math/BigInteger.cs
 create mode 100644 bc-sharp-crypto/src/math/Primes.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ECAlgorithms.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ECCurve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ECFieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ECPoint.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ECPointMap.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/LongArray.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ScaleXPointMap.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/ScaleYPointMap.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/abc/SimpleBigDecimal.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/abc/Tnaf.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/abc/ZTauElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/djb/Curve25519.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT239Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT239FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571Field.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571FieldElement.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Curve.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Point.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/endo/ECEndomorphism.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/endo/GlvEndomorphism.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/endo/GlvTypeBParameters.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/AbstractECMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/ECMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/FixedPointUtilities.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/GlvMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/NafL2RMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/NafR2LMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/PreCompInfo.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/ReferenceMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/WNafPreCompInfo.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/WNafUtilities.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/WTauNafMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs
 create mode 100644 bc-sharp-crypto/src/math/field/FiniteFields.cs
 create mode 100644 bc-sharp-crypto/src/math/field/GF2Polynomial.cs
 create mode 100644 bc-sharp-crypto/src/math/field/GenericPolynomialExtensionField.cs
 create mode 100644 bc-sharp-crypto/src/math/field/IExtensionField.cs
 create mode 100644 bc-sharp-crypto/src/math/field/IFiniteField.cs
 create mode 100644 bc-sharp-crypto/src/math/field/IPolynomial.cs
 create mode 100644 bc-sharp-crypto/src/math/field/IPolynomialExtensionField.cs
 create mode 100644 bc-sharp-crypto/src/math/field/PrimeField.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Interleave.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Mod.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat128.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat160.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat192.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat224.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat256.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat320.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat384.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat448.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat512.cs
 create mode 100644 bc-sharp-crypto/src/math/raw/Nat576.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/BasicOCSPResp.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/BasicOCSPRespGenerator.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/CertificateID.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/CertificateStatus.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPException.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPReq.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPReqGenerator.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPResp.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPRespGenerator.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPRespStatus.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/OCSPUtil.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/Req.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/RespData.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/RespID.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/RevokedStatus.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/SingleResp.cs
 create mode 100644 bc-sharp-crypto/src/ocsp/UnknownStatus.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/IStreamGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PGPKeyRing.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PGPObject.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpCompressedData.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpCompressedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpDataValidationException.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpEncryptedData.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpEncryptedDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpEncryptedDataList.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpException.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpExperimental.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpKeyFlags.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpKeyPair.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpKeyRingGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpKeyValidationException.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpLiteralData.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpLiteralDataGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpMarker.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpObjectFactory.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpOnePassSignature.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpOnePassSignatureList.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPad.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPbeEncryptedData.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPrivateKey.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPublicKey.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPublicKeyRing.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpPublicKeyRingBundle.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSecretKey.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSecretKeyRing.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSecretKeyRingBundle.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSignature.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSignatureGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSignatureList.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketVector.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpUtilities.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/PgpV3SignatureGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/Rfc6637Utilities.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/SXprUtilities.cs
 create mode 100644 bc-sharp-crypto/src/openpgp/WrappedGeneratorStream.cs
 create mode 100644 bc-sharp-crypto/src/openssl/EncryptionException.cs
 create mode 100644 bc-sharp-crypto/src/openssl/IPasswordFinder.cs
 create mode 100644 bc-sharp-crypto/src/openssl/MiscPemGenerator.cs
 create mode 100644 bc-sharp-crypto/src/openssl/PEMException.cs
 create mode 100644 bc-sharp-crypto/src/openssl/PEMReader.cs
 create mode 100644 bc-sharp-crypto/src/openssl/PEMUtilities.cs
 create mode 100644 bc-sharp-crypto/src/openssl/PEMWriter.cs
 create mode 100644 bc-sharp-crypto/src/openssl/PasswordException.cs
 create mode 100644 bc-sharp-crypto/src/openssl/Pkcs8Generator.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/AsymmetricKeyEntry.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/PKCS12StoreBuilder.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequest.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/Pkcs12Entry.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/Pkcs12Store.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/Pkcs12Utilities.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/PrivateKeyInfoFactory.cs
 create mode 100644 bc-sharp-crypto/src/pkcs/X509CertificateEntry.cs
 create mode 100644 bc-sharp-crypto/src/pkix/CertStatus.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixAttrCertChecker.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixAttrCertPathBuilder.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixAttrCertPathValidator.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixBuilderParameters.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPath.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathBuilder.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathBuilderException.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathBuilderResult.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathChecker.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathValidator.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathValidatorException.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathValidatorResult.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCertPathValidatorUtilities.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixCrlUtilities.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixNameConstraintValidator.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixNameConstraintValidatorException.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixParameters.cs
 create mode 100644 bc-sharp-crypto/src/pkix/PkixPolicyNode.cs
 create mode 100644 bc-sharp-crypto/src/pkix/ReasonsMask.cs
 create mode 100644 bc-sharp-crypto/src/pkix/Rfc3280CertPathUtilities.cs
 create mode 100644 bc-sharp-crypto/src/pkix/Rfc3281CertPathUtilities.cs
 create mode 100644 bc-sharp-crypto/src/pkix/TrustAnchor.cs
 create mode 100644 bc-sharp-crypto/src/security/AgreementUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/CipherUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/DigestUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/DotNetUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/GeneralSecurityException.cs
 create mode 100644 bc-sharp-crypto/src/security/GeneratorUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/InvalidKeyException.cs
 create mode 100644 bc-sharp-crypto/src/security/InvalidParameterException.cs
 create mode 100644 bc-sharp-crypto/src/security/KeyException.cs
 create mode 100644 bc-sharp-crypto/src/security/MacUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/NoSuchAlgorithmException.cs
 create mode 100644 bc-sharp-crypto/src/security/ParameterUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/PbeUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/PrivateKeyFactory.cs
 create mode 100644 bc-sharp-crypto/src/security/PublicKeyFactory.cs
 create mode 100644 bc-sharp-crypto/src/security/SecureRandom.cs
 create mode 100644 bc-sharp-crypto/src/security/SecurityUtilityException.cs
 create mode 100644 bc-sharp-crypto/src/security/SignatureException.cs
 create mode 100644 bc-sharp-crypto/src/security/SignerUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/WrapperUtilities.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CertificateEncodingException.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CertificateException.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CertificateExpiredException.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CertificateNotYetValidException.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CertificateParsingException.cs
 create mode 100644 bc-sharp-crypto/src/security/cert/CrlException.cs
 create mode 100644 bc-sharp-crypto/src/tsp/GenTimeAccuracy.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TSPAlgorithms.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TSPException.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TSPUtil.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TSPValidationException.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampRequest.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampRequestGenerator.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampResponse.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampResponseGenerator.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampToken.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampTokenGenerator.cs
 create mode 100644 bc-sharp-crypto/src/tsp/TimeStampTokenInfo.cs
 create mode 100644 bc-sharp-crypto/src/util/Arrays.cs
 create mode 100644 bc-sharp-crypto/src/util/BigIntegers.cs
 create mode 100644 bc-sharp-crypto/src/util/Enums.cs
 create mode 100644 bc-sharp-crypto/src/util/IMemoable.cs
 create mode 100644 bc-sharp-crypto/src/util/Integers.cs
 create mode 100644 bc-sharp-crypto/src/util/MemoableResetException.cs
 create mode 100644 bc-sharp-crypto/src/util/Platform.cs
 create mode 100644 bc-sharp-crypto/src/util/Strings.cs
 create mode 100644 bc-sharp-crypto/src/util/Times.cs
 create mode 100644 bc-sharp-crypto/src/util/TypeExtensions.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/CollectionUtilities.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/EmptyEnumerable.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/EnumerableProxy.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/HashSet.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/ISet.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/LinkedDictionary.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableDictionary.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableDictionaryProxy.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableList.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableListProxy.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableSet.cs
 create mode 100644 bc-sharp-crypto/src/util/collections/UnmodifiableSetProxy.cs
 create mode 100644 bc-sharp-crypto/src/util/date/DateTimeObject.cs
 create mode 100644 bc-sharp-crypto/src/util/date/DateTimeUtilities.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/Base64.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/Base64Encoder.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/BufferedDecoder.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/BufferedEncoder.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/Hex.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/HexEncoder.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/HexTranslator.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/IEncoder.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/Translator.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/UrlBase64.cs
 create mode 100644 bc-sharp-crypto/src/util/encoders/UrlBase64Encoder.cs
 create mode 100644 bc-sharp-crypto/src/util/io/BaseInputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/BaseOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/FilterStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/NullOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/PushbackStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/StreamOverflowException.cs
 create mode 100644 bc-sharp-crypto/src/util/io/Streams.cs
 create mode 100644 bc-sharp-crypto/src/util/io/TeeInputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/TeeOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemGenerationException.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemHeader.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemObject.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemObjectGenerator.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemObjectParser.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemReader.cs
 create mode 100644 bc-sharp-crypto/src/util/io/pem/PemWriter.cs
 create mode 100644 bc-sharp-crypto/src/util/net/IPAddress.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/Adler32.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/Deflate.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/InfBlocks.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/InfCodes.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/InfTree.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/Inflate.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/JZlib.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/StaticTree.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/Tree.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/ZDeflaterOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/ZInflaterInputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/ZInputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/ZOutputStream.cs
 create mode 100644 bc-sharp-crypto/src/util/zlib/ZStream.cs
 create mode 100644 bc-sharp-crypto/src/x509/AttributeCertificateHolder.cs
 create mode 100644 bc-sharp-crypto/src/x509/AttributeCertificateIssuer.cs
 create mode 100644 bc-sharp-crypto/src/x509/IX509AttributeCertificate.cs
 create mode 100644 bc-sharp-crypto/src/x509/IX509Extension.cs
 create mode 100644 bc-sharp-crypto/src/x509/PEMParser.cs
 create mode 100644 bc-sharp-crypto/src/x509/PrincipalUtil.cs
 create mode 100644 bc-sharp-crypto/src/x509/SubjectPublicKeyInfoFactory.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509AttrCertParser.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509Attribute.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509CertPairParser.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509Certificate.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509CertificatePair.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509CertificateParser.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509Crl.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509CrlEntry.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509CrlParser.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509ExtensionBase.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509KeyUsage.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509SignatureUtil.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509Utilities.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509V1CertificateGenerator.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509V2AttributeCertificate.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509V2AttributeCertificateGenerator.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509V2CRLGenerator.cs
 create mode 100644 bc-sharp-crypto/src/x509/X509V3CertificateGenerator.cs
 create mode 100644 bc-sharp-crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs
 create mode 100644 bc-sharp-crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs
 create mode 100644 bc-sharp-crypto/src/x509/extension/X509ExtensionUtil.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/IX509Selector.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/IX509Store.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/IX509StoreParameters.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/NoSuchStoreException.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509AttrCertStoreSelector.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509CertPairStoreSelector.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509CertStoreSelector.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509CollectionStore.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509CollectionStoreParameters.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509CrlStoreSelector.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509StoreException.cs
 create mode 100644 bc-sharp-crypto/src/x509/store/X509StoreFactory.cs
 create mode 100644 bin/x64/Debug/ufr-signer.exe
 create mode 100644 bin/x64/Debug/ufr-signer.exe.config
 create mode 100644 bin/x64/Release/ufr-signer.exe
 create mode 100644 bin/x64/Release/ufr-signer.exe.config
 create mode 100644 bin/x86/Release/ufr-signer.exe
 create mode 100644 bin/x86/Release/ufr-signer.exe.config
 create mode 100644 digital-signature-verifier.csproj
 create mode 100644 digital-signature-verifier.sln
 create mode 100644 frmMain.cs
 create mode 100644 frmMain.designer.cs
 create mode 100644 frmMain.resx
 create mode 100644 frmPassword.cs
 create mode 100644 frmPassword.designer.cs
 create mode 100644 frmPassword.resx

diff --git a/App.config b/App.config
new file mode 100644
index 0000000..8324aa6
--- /dev/null
+++ b/App.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" />
+    </startup>
+</configuration>
\ No newline at end of file
diff --git a/ClassDiagram1.cd b/ClassDiagram1.cd
new file mode 100644
index 0000000..7b89419
--- /dev/null
+++ b/ClassDiagram1.cd
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ClassDiagram /> 
\ No newline at end of file
diff --git a/Program.cs b/Program.cs
new file mode 100644
index 0000000..94e9cf3
--- /dev/null
+++ b/Program.cs
@@ -0,0 +1,22 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using System.Windows.Forms;
+
+namespace SignatureVerifier
+{
+    static class Program
+    {
+        /// <summary>
+        /// The main entry point for the application.
+        /// </summary>
+        [STAThread]
+        static void Main()
+        {
+            Application.EnableVisualStyles();
+            Application.SetCompatibleTextRenderingDefault(false);
+            Application.Run(new frmMain());
+        }
+    }
+}
diff --git a/Properties/AssemblyInfo.cs b/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..96d1a97
--- /dev/null
+++ b/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("ufr-signer")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("ufr-signer")]
+[assembly: AssemblyCopyright("Copyright ©  2017")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("0d346cc0-83c5-4117-b2e6-2a33686b3fc0")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("0.0.0.1")]
+[assembly: AssemblyFileVersion("0.0.0.1")]
diff --git a/Properties/Resources.Designer.cs b/Properties/Resources.Designer.cs
new file mode 100644
index 0000000..a048735
--- /dev/null
+++ b/Properties/Resources.Designer.cs
@@ -0,0 +1,63 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.42000
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace SignatureVerifier.Properties {
+    using System;
+    
+    
+    /// <summary>
+    ///   A strongly-typed resource class, for looking up localized strings, etc.
+    /// </summary>
+    // This class was auto-generated by the StronglyTypedResourceBuilder
+    // class via a tool like ResGen or Visual Studio.
+    // To add or remove a member, edit your .ResX file then rerun ResGen
+    // with the /str option, or rebuild your VS project.
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")]
+    [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
+    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+    internal class Resources {
+        
+        private static global::System.Resources.ResourceManager resourceMan;
+        
+        private static global::System.Globalization.CultureInfo resourceCulture;
+        
+        [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
+        internal Resources() {
+        }
+        
+        /// <summary>
+        ///   Returns the cached ResourceManager instance used by this class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        internal static global::System.Resources.ResourceManager ResourceManager {
+            get {
+                if (object.ReferenceEquals(resourceMan, null)) {
+                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("EcdsaTest.Properties.Resources", typeof(Resources).Assembly);
+                    resourceMan = temp;
+                }
+                return resourceMan;
+            }
+        }
+        
+        /// <summary>
+        ///   Overrides the current thread's CurrentUICulture property for all
+        ///   resource lookups using this strongly typed resource class.
+        /// </summary>
+        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
+        internal static global::System.Globalization.CultureInfo Culture {
+            get {
+                return resourceCulture;
+            }
+            set {
+                resourceCulture = value;
+            }
+        }
+    }
+}
diff --git a/Properties/Resources.resx b/Properties/Resources.resx
new file mode 100644
index 0000000..af7dbeb
--- /dev/null
+++ b/Properties/Resources.resx
@@ -0,0 +1,117 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+</root>
\ No newline at end of file
diff --git a/Properties/Settings.Designer.cs b/Properties/Settings.Designer.cs
new file mode 100644
index 0000000..82e72d3
--- /dev/null
+++ b/Properties/Settings.Designer.cs
@@ -0,0 +1,26 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//     Runtime Version:4.0.30319.42000
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated.
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace SignatureVerifier.Properties {
+    
+    
+    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
+    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "14.0.0.0")]
+    internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
+        
+        private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));
+        
+        public static Settings Default {
+            get {
+                return defaultInstance;
+            }
+        }
+    }
+}
diff --git a/Properties/Settings.settings b/Properties/Settings.settings
new file mode 100644
index 0000000..3964565
--- /dev/null
+++ b/Properties/Settings.settings
@@ -0,0 +1,7 @@
+<?xml version='1.0' encoding='utf-8'?>
+<SettingsFile xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings" CurrentProfile="(Default)">
+  <Profiles>
+    <Profile Name="(Default)" />
+  </Profiles>
+  <Settings />
+</SettingsFile>
diff --git a/bc-sharp-crypto/bzip2/src/BZip2Constants.cs b/bc-sharp-crypto/bzip2/src/BZip2Constants.cs
new file mode 100644
index 0000000..4a5442d
--- /dev/null
+++ b/bc-sharp-crypto/bzip2/src/BZip2Constants.cs
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/*
+ * This package is based on the work done by Keiron Liddle, Aftex Software
+ * <keiron@aftexsw.com> to whom the Ant project is very grateful for his
+ * great code.
+ */
+
+using System;
+
+namespace Org.BouncyCastle.Apache.Bzip2
+{
+    /**
+    * Base class for both the compress and decompress classes.
+    * Holds common arrays, and static data.
+    *
+    * @author <a href="mailto:keiron@aftexsw.com">Keiron Liddle</a>
+    */
+    public class BZip2Constants {
+
+        public const int baseBlockSize = 100000;
+        public const int MAX_ALPHA_SIZE = 258;
+        public const int MAX_CODE_LEN = 23;
+        public const int RUNA = 0;
+        public const int RUNB = 1;
+        public const int N_GROUPS = 6;
+        public const int G_SIZE = 50;
+        public const int N_ITERS = 4;
+        public const int MAX_SELECTORS = (2 + (900000 / G_SIZE));
+        public const int NUM_OVERSHOOT_BYTES = 20;
+
+        public static readonly int[] rNums = {
+            619, 720, 127, 481, 931, 816, 813, 233, 566, 247,
+            985, 724, 205, 454, 863, 491, 741, 242, 949, 214,
+            733, 859, 335, 708, 621, 574, 73, 654, 730, 472,
+            419, 436, 278, 496, 867, 210, 399, 680, 480, 51,
+            878, 465, 811, 169, 869, 675, 611, 697, 867, 561,
+            862, 687, 507, 283, 482, 129, 807, 591, 733, 623,
+            150, 238, 59, 379, 684, 877, 625, 169, 643, 105,
+            170, 607, 520, 932, 727, 476, 693, 425, 174, 647,
+            73, 122, 335, 530, 442, 853, 695, 249, 445, 515,
+            909, 545, 703, 919, 874, 474, 882, 500, 594, 612,
+            641, 801, 220, 162, 819, 984, 589, 513, 495, 799,
+            161, 604, 958, 533, 221, 400, 386, 867, 600, 782,
+            382, 596, 414, 171, 516, 375, 682, 485, 911, 276,
+            98, 553, 163, 354, 666, 933, 424, 341, 533, 870,
+            227, 730, 475, 186, 263, 647, 537, 686, 600, 224,
+            469, 68, 770, 919, 190, 373, 294, 822, 808, 206,
+            184, 943, 795, 384, 383, 461, 404, 758, 839, 887,
+            715, 67, 618, 276, 204, 918, 873, 777, 604, 560,
+            951, 160, 578, 722, 79, 804, 96, 409, 713, 940,
+            652, 934, 970, 447, 318, 353, 859, 672, 112, 785,
+            645, 863, 803, 350, 139, 93, 354, 99, 820, 908,
+            609, 772, 154, 274, 580, 184, 79, 626, 630, 742,
+            653, 282, 762, 623, 680, 81, 927, 626, 789, 125,
+            411, 521, 938, 300, 821, 78, 343, 175, 128, 250,
+            170, 774, 972, 275, 999, 639, 495, 78, 352, 126,
+            857, 956, 358, 619, 580, 124, 737, 594, 701, 612,
+            669, 112, 134, 694, 363, 992, 809, 743, 168, 974,
+            944, 375, 748, 52, 600, 747, 642, 182, 862, 81,
+            344, 805, 988, 739, 511, 655, 814, 334, 249, 515,
+            897, 955, 664, 981, 649, 113, 974, 459, 893, 228,
+            433, 837, 553, 268, 926, 240, 102, 654, 459, 51,
+            686, 754, 806, 760, 493, 403, 415, 394, 687, 700,
+            946, 670, 656, 610, 738, 392, 760, 799, 887, 653,
+            978, 321, 576, 617, 626, 502, 894, 679, 243, 440,
+            680, 879, 194, 572, 640, 724, 926, 56, 204, 700,
+            707, 151, 457, 449, 797, 195, 791, 558, 945, 679,
+            297, 59, 87, 824, 713, 663, 412, 693, 342, 606,
+            134, 108, 571, 364, 631, 212, 174, 643, 304, 329,
+            343, 97, 430, 751, 497, 314, 983, 374, 822, 928,
+            140, 206, 73, 263, 980, 736, 876, 478, 430, 305,
+            170, 514, 364, 692, 829, 82, 855, 953, 676, 246,
+            369, 970, 294, 750, 807, 827, 150, 790, 288, 923,
+            804, 378, 215, 828, 592, 281, 565, 555, 710, 82,
+            896, 831, 547, 261, 524, 462, 293, 465, 502, 56,
+            661, 821, 976, 991, 658, 869, 905, 758, 745, 193,
+            768, 550, 608, 933, 378, 286, 215, 979, 792, 961,
+            61, 688, 793, 644, 986, 403, 106, 366, 905, 644,
+            372, 567, 466, 434, 645, 210, 389, 550, 919, 135,
+            780, 773, 635, 389, 707, 100, 626, 958, 165, 504,
+            920, 176, 193, 713, 857, 265, 203, 50, 668, 108,
+            645, 990, 626, 197, 510, 357, 358, 850, 858, 364,
+            936, 638
+        };
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/bzip2/src/CBZip2InputStream.cs b/bc-sharp-crypto/bzip2/src/CBZip2InputStream.cs
new file mode 100644
index 0000000..82ff83e
--- /dev/null
+++ b/bc-sharp-crypto/bzip2/src/CBZip2InputStream.cs
@@ -0,0 +1,921 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/*
+ * This package is based on the work done by Keiron Liddle, Aftex Software
+ * <keiron@aftexsw.com> to whom the Ant project is very grateful for his
+ * great code.
+ */
+
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Apache.Bzip2
+{
+	/**
+    * An input stream that decompresses from the BZip2 format (with the file
+    * header chars) to be read as any other stream.
+    *
+    * @author <a href="mailto:keiron@aftexsw.com">Keiron Liddle</a>
+    *
+    * <b>NB:</b> note this class has been modified to read the leading BZ from the
+    * start of the BZIP2 stream to make it compatible with other PGP programs.
+    */
+    public class CBZip2InputStream : Stream 
+	{
+        private static void Cadvise() {
+            //System.out.Println("CRC Error");
+            //throw new CCoruptionError();
+        }
+
+//        private static void BadBGLengths() {
+//            Cadvise();
+//        }
+//
+//        private static void BitStreamEOF() {
+//            Cadvise();
+//        }
+
+        private static void CompressedStreamEOF() {
+            Cadvise();
+        }
+
+        private void MakeMaps() {
+            int i;
+            nInUse = 0;
+            for (i = 0; i < 256; i++) {
+                if (inUse[i]) {
+                    seqToUnseq[nInUse] = (char) i;
+                    unseqToSeq[i] = (char) nInUse;
+                    nInUse++;
+                }
+            }
+        }
+
+        /*
+        index of the last char in the block, so
+        the block size == last + 1.
+        */
+        private int  last;
+
+        /*
+        index in zptr[] of original string after sorting.
+        */
+        private int  origPtr;
+
+        /*
+        always: in the range 0 .. 9.
+        The current block size is 100000 * this number.
+        */
+        private int blockSize100k;
+
+        private bool blockRandomised;
+
+        private int bsBuff;
+        private int bsLive;
+        private CRC mCrc = new CRC();
+
+        private bool[] inUse = new bool[256];
+        private int nInUse;
+
+        private char[] seqToUnseq = new char[256];
+        private char[] unseqToSeq = new char[256];
+
+        private char[] selector = new char[BZip2Constants.MAX_SELECTORS];
+        private char[] selectorMtf = new char[BZip2Constants.MAX_SELECTORS];
+
+        private int[] tt;
+        private char[] ll8;
+
+        /*
+        freq table collected to save a pass over the data
+        during decompression.
+        */
+        private int[] unzftab = new int[256];
+
+        private int[][] limit = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+        private int[][] basev = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+        private int[][] perm = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+        private int[] minLens = new int[BZip2Constants.N_GROUPS];
+
+        private Stream bsStream;
+
+        private bool streamEnd = false;
+
+        private int currentChar = -1;
+
+        private const int START_BLOCK_STATE = 1;
+        private const int RAND_PART_A_STATE = 2;
+        private const int RAND_PART_B_STATE = 3;
+        private const int RAND_PART_C_STATE = 4;
+        private const int NO_RAND_PART_A_STATE = 5;
+        private const int NO_RAND_PART_B_STATE = 6;
+        private const int NO_RAND_PART_C_STATE = 7;
+
+        private int currentState = START_BLOCK_STATE;
+
+        private int storedBlockCRC, storedCombinedCRC;
+        private int computedBlockCRC, computedCombinedCRC;
+
+        int i2, count, chPrev, ch2;
+        int i, tPos;
+        int rNToGo = 0;
+        int rTPos  = 0;
+        int j2;
+        char z;
+
+        public CBZip2InputStream(Stream zStream) {
+            ll8 = null;
+            tt = null;
+            BsSetStream(zStream);
+            Initialize();
+            InitBlock();
+            SetupBlock();
+        }
+
+        internal static int[][] InitIntArray(int n1, int n2) {
+            int[][] a = new int[n1][];
+            for (int k = 0; k < n1; ++k) {
+                a[k] = new int[n2];
+            }
+            return a;
+        }
+
+        internal static char[][] InitCharArray(int n1, int n2) {
+            char[][] a = new char[n1][];
+            for (int k = 0; k < n1; ++k) {
+                a[k] = new char[n2];
+            }
+            return a;
+        }
+
+        public override int ReadByte() {
+            if (streamEnd) {
+                return -1;
+            } else {
+                int retChar = currentChar;
+                switch (currentState) {
+                case START_BLOCK_STATE:
+                    break;
+                case RAND_PART_A_STATE:
+                    break;
+                case RAND_PART_B_STATE:
+                    SetupRandPartB();
+                    break;
+                case RAND_PART_C_STATE:
+                    SetupRandPartC();
+                    break;
+                case NO_RAND_PART_A_STATE:
+                    break;
+                case NO_RAND_PART_B_STATE:
+                    SetupNoRandPartB();
+                    break;
+                case NO_RAND_PART_C_STATE:
+                    SetupNoRandPartC();
+                    break;
+                default:
+                    break;
+                }
+                return retChar;
+            }
+        }
+
+        private void Initialize() {
+            char magic3, magic4;
+            magic3 = BsGetUChar();
+            magic4 = BsGetUChar();
+            if (magic3 != 'B' && magic4 != 'Z')
+            {
+                throw new IOException("Not a BZIP2 marked stream");
+            }
+            magic3 = BsGetUChar();
+            magic4 = BsGetUChar();
+            if (magic3 != 'h' || magic4 < '1' || magic4 > '9') {
+                BsFinishedWithStream();
+                streamEnd = true;
+                return;
+            }
+
+            SetDecompressStructureSizes(magic4 - '0');
+            computedCombinedCRC = 0;
+        }
+
+        private void InitBlock() {
+            char magic1, magic2, magic3, magic4;
+            char magic5, magic6;
+            magic1 = BsGetUChar();
+            magic2 = BsGetUChar();
+            magic3 = BsGetUChar();
+            magic4 = BsGetUChar();
+            magic5 = BsGetUChar();
+            magic6 = BsGetUChar();
+            if (magic1 == 0x17 && magic2 == 0x72 && magic3 == 0x45
+                && magic4 == 0x38 && magic5 == 0x50 && magic6 == 0x90) {
+                Complete();
+                return;
+            }
+
+            if (magic1 != 0x31 || magic2 != 0x41 || magic3 != 0x59
+                || magic4 != 0x26 || magic5 != 0x53 || magic6 != 0x59) {
+                BadBlockHeader();
+                streamEnd = true;
+                return;
+            }
+
+            storedBlockCRC = BsGetInt32();
+
+            if (BsR(1) == 1) {
+                blockRandomised = true;
+            } else {
+                blockRandomised = false;
+            }
+
+            //        currBlockNo++;
+            GetAndMoveToFrontDecode();
+
+            mCrc.InitialiseCRC();
+            currentState = START_BLOCK_STATE;
+        }
+
+        private void EndBlock() {
+            computedBlockCRC = mCrc.GetFinalCRC();
+            /* A bad CRC is considered a fatal error. */
+            if (storedBlockCRC != computedBlockCRC) {
+                CrcError();
+            }
+
+            computedCombinedCRC = (computedCombinedCRC << 1)
+                | (int)(((uint)computedCombinedCRC) >> 31);
+            computedCombinedCRC ^= computedBlockCRC;
+        }
+
+        private void Complete() {
+            storedCombinedCRC = BsGetInt32();
+            if (storedCombinedCRC != computedCombinedCRC) {
+                CrcError();
+            }
+
+            BsFinishedWithStream();
+            streamEnd = true;
+        }
+
+        private static void BlockOverrun() {
+            Cadvise();
+        }
+
+        private static void BadBlockHeader() {
+            Cadvise();
+        }
+
+        private static void CrcError() {
+            Cadvise();
+        }
+
+        private void BsFinishedWithStream() {
+            try {
+                if (this.bsStream != null) {
+                    Platform.Dispose(this.bsStream);
+                    this.bsStream = null;
+                }
+            } catch {
+                //ignore
+            }
+        }
+
+		private void BsSetStream(Stream f) {
+            bsStream = f;
+            bsLive = 0;
+            bsBuff = 0;
+        }
+
+        private int BsR(int n) {
+            int v;
+            while (bsLive < n) {
+                int zzi;
+                char thech = '\0';
+                try {
+                    thech = (char) bsStream.ReadByte();
+                } catch (IOException) {
+                    CompressedStreamEOF();
+                }
+                if (thech == '\uffff') {
+                    CompressedStreamEOF();
+                }
+                zzi = thech;
+                bsBuff = (bsBuff << 8) | (zzi & 0xff);
+                bsLive += 8;
+            }
+
+            v = (bsBuff >> (bsLive - n)) & ((1 << n) - 1);
+            bsLive -= n;
+            return v;
+        }
+
+        private char BsGetUChar() {
+            return (char) BsR(8);
+        }
+
+        private int BsGetint() {
+            int u = 0;
+            u = (u << 8) | BsR(8);
+            u = (u << 8) | BsR(8);
+            u = (u << 8) | BsR(8);
+            u = (u << 8) | BsR(8);
+            return u;
+        }
+
+        private int BsGetIntVS(int numBits) {
+            return (int) BsR(numBits);
+        }
+
+        private int BsGetInt32() {
+            return (int) BsGetint();
+        }
+
+        private void HbCreateDecodeTables(int[] limit, int[] basev,
+                                        int[] perm, char[] length,
+                                        int minLen, int maxLen, int alphaSize) {
+            int pp, i, j, vec;
+
+            pp = 0;
+            for (i = minLen; i <= maxLen; i++) {
+                for (j = 0; j < alphaSize; j++) {
+                    if (length[j] == i) {
+                        perm[pp] = j;
+                        pp++;
+                    }
+                }
+            }
+
+            for (i = 0; i < BZip2Constants.MAX_CODE_LEN; i++) {
+                basev[i] = 0;
+            }
+            for (i = 0; i < alphaSize; i++) {
+                basev[length[i] + 1]++;
+            }
+
+            for (i = 1; i < BZip2Constants.MAX_CODE_LEN; i++) {
+                basev[i] += basev[i - 1];
+            }
+
+            for (i = 0; i < BZip2Constants.MAX_CODE_LEN; i++) {
+                limit[i] = 0;
+            }
+            vec = 0;
+
+            for (i = minLen; i <= maxLen; i++) {
+                vec += (basev[i + 1] - basev[i]);
+                limit[i] = vec - 1;
+                vec <<= 1;
+            }
+            for (i = minLen + 1; i <= maxLen; i++) {
+                basev[i] = ((limit[i - 1] + 1) << 1) - basev[i];
+            }
+        }
+
+        private void RecvDecodingTables() {
+            char[][] len = InitCharArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+            int i, j, t, nGroups, nSelectors, alphaSize;
+            int minLen, maxLen;
+            bool[] inUse16 = new bool[16];
+
+            /* Receive the mapping table */
+            for (i = 0; i < 16; i++) {
+                if (BsR(1) == 1) {
+                    inUse16[i] = true;
+                } else {
+                    inUse16[i] = false;
+                }
+            }
+
+            for (i = 0; i < 256; i++) {
+                inUse[i] = false;
+            }
+
+            for (i = 0; i < 16; i++) {
+                if (inUse16[i]) {
+                    for (j = 0; j < 16; j++) {
+                        if (BsR(1) == 1) {
+                            inUse[i * 16 + j] = true;
+                        }
+                    }
+                }
+            }
+
+            MakeMaps();
+            alphaSize = nInUse + 2;
+
+            /* Now the selectors */
+            nGroups = BsR(3);
+            nSelectors = BsR(15);
+            for (i = 0; i < nSelectors; i++) {
+                j = 0;
+                while (BsR(1) == 1) {
+                    j++;
+                }
+                selectorMtf[i] = (char) j;
+            }
+
+            /* Undo the MTF values for the selectors. */
+            {
+                char[] pos = new char[BZip2Constants.N_GROUPS];
+                char tmp, v;
+                for (v = '\0'; v < nGroups; v++) {
+                    pos[v] = v;
+                }
+
+                for (i = 0; i < nSelectors; i++) {
+                    v = selectorMtf[i];
+                    tmp = pos[v];
+                    while (v > 0) {
+                        pos[v] = pos[v - 1];
+                        v--;
+                    }
+                    pos[0] = tmp;
+                    selector[i] = tmp;
+                }
+            }
+
+            /* Now the coding tables */
+            for (t = 0; t < nGroups; t++) {
+                int curr = BsR(5);
+                for (i = 0; i < alphaSize; i++) {
+                    while (BsR(1) == 1) {
+                        if (BsR(1) == 0) {
+                            curr++;
+                        } else {
+                            curr--;
+                        }
+                    }
+                    len[t][i] = (char) curr;
+                }
+            }
+
+            /* Create the Huffman decoding tables */
+            for (t = 0; t < nGroups; t++) {
+                minLen = 32;
+                maxLen = 0;
+                for (i = 0; i < alphaSize; i++) {
+                    if (len[t][i] > maxLen) {
+                        maxLen = len[t][i];
+                    }
+                    if (len[t][i] < minLen) {
+                        minLen = len[t][i];
+                    }
+                }
+                HbCreateDecodeTables(limit[t], basev[t], perm[t], len[t], minLen,
+                                    maxLen, alphaSize);
+                minLens[t] = minLen;
+            }
+        }
+
+        private void GetAndMoveToFrontDecode() {
+            char[] yy = new char[256];
+            int i, j, nextSym, limitLast;
+            int EOB, groupNo, groupPos;
+
+            limitLast = BZip2Constants.baseBlockSize * blockSize100k;
+            origPtr = BsGetIntVS(24);
+
+            RecvDecodingTables();
+            EOB = nInUse + 1;
+            groupNo = -1;
+            groupPos = 0;
+
+            /*
+            Setting up the unzftab entries here is not strictly
+            necessary, but it does save having to do it later
+            in a separate pass, and so saves a block's worth of
+            cache misses.
+            */
+            for (i = 0; i <= 255; i++) {
+                unzftab[i] = 0;
+            }
+
+            for (i = 0; i <= 255; i++) {
+                yy[i] = (char) i;
+            }
+
+            last = -1;
+
+            {
+                int zt, zn, zvec, zj;
+                if (groupPos == 0) {
+                    groupNo++;
+                    groupPos = BZip2Constants.G_SIZE;
+                }
+                groupPos--;
+                zt = selector[groupNo];
+                zn = minLens[zt];
+                zvec = BsR(zn);
+                while (zvec > limit[zt][zn]) {
+                    zn++;
+                    {
+                        {
+                            while (bsLive < 1) {
+                                int zzi;
+                                char thech = '\0';
+                                try {
+                                    thech = (char) bsStream.ReadByte();
+                                } catch (IOException) {
+                                    CompressedStreamEOF();
+                                }
+                                if (thech == '\uffff') {
+                                    CompressedStreamEOF();
+                                }
+                                zzi = thech;
+                                bsBuff = (bsBuff << 8) | (zzi & 0xff);
+                                bsLive += 8;
+                            }
+                        }
+                        zj = (bsBuff >> (bsLive - 1)) & 1;
+                        bsLive--;
+                    }
+                    zvec = (zvec << 1) | zj;
+                }
+                nextSym = perm[zt][zvec - basev[zt][zn]];
+            }
+
+            while (true) {
+
+                if (nextSym == EOB) {
+                    break;
+                }
+
+                if (nextSym == BZip2Constants.RUNA || nextSym == BZip2Constants.RUNB) {
+                    char ch;
+                    int s = -1;
+                    int N = 1;
+                    do {
+                        if (nextSym == BZip2Constants.RUNA) {
+                            s = s + (0 + 1) * N;
+                        } else if (nextSym == BZip2Constants.RUNB) {
+                            s = s + (1 + 1) * N;
+                            }
+                        N = N * 2;
+                        {
+                            int zt, zn, zvec, zj;
+                            if (groupPos == 0) {
+                                groupNo++;
+                                groupPos = BZip2Constants.G_SIZE;
+                            }
+                            groupPos--;
+                            zt = selector[groupNo];
+                            zn = minLens[zt];
+                            zvec = BsR(zn);
+                            while (zvec > limit[zt][zn]) {
+                                zn++;
+                                {
+                                    {
+                                        while (bsLive < 1) {
+                                            int zzi;
+                                            char thech = '\0';
+                                            try {
+                                                thech = (char) bsStream.ReadByte();
+                                            } catch (IOException) {
+                                                CompressedStreamEOF();
+                                            }
+                                            if (thech == '\uffff') {
+                                                CompressedStreamEOF();
+                                            }
+                                            zzi = thech;
+                                            bsBuff = (bsBuff << 8) | (zzi & 0xff);
+                                            bsLive += 8;
+                                        }
+                                    }
+                                    zj = (bsBuff >> (bsLive - 1)) & 1;
+                                    bsLive--;
+                                }
+                                zvec = (zvec << 1) | zj;
+                            }
+                            nextSym = perm[zt][zvec - basev[zt][zn]];
+                        }
+                    } while (nextSym == BZip2Constants.RUNA || nextSym == BZip2Constants.RUNB);
+
+                    s++;
+                    ch = seqToUnseq[yy[0]];
+                    unzftab[ch] += s;
+
+                    while (s > 0) {
+                        last++;
+                        ll8[last] = ch;
+                        s--;
+                    }
+
+                    if (last >= limitLast) {
+                        BlockOverrun();
+                    }
+                    continue;
+                } else {
+                    char tmp;
+                    last++;
+                    if (last >= limitLast) {
+                        BlockOverrun();
+                    }
+
+                    tmp = yy[nextSym - 1];
+                    unzftab[seqToUnseq[tmp]]++;
+                    ll8[last] = seqToUnseq[tmp];
+
+                    /*
+                    This loop is hammered during decompression,
+                    hence the unrolling.
+
+                    for (j = nextSym-1; j > 0; j--) yy[j] = yy[j-1];
+                    */
+
+                    j = nextSym - 1;
+                    for (; j > 3; j -= 4) {
+                        yy[j]     = yy[j - 1];
+                        yy[j - 1] = yy[j - 2];
+                        yy[j - 2] = yy[j - 3];
+                        yy[j - 3] = yy[j - 4];
+                    }
+                    for (; j > 0; j--) {
+                        yy[j] = yy[j - 1];
+                    }
+
+                    yy[0] = tmp;
+                    {
+                        int zt, zn, zvec, zj;
+                        if (groupPos == 0) {
+                            groupNo++;
+                            groupPos = BZip2Constants.G_SIZE;
+                        }
+                        groupPos--;
+                        zt = selector[groupNo];
+                        zn = minLens[zt];
+                        zvec = BsR(zn);
+                        while (zvec > limit[zt][zn]) {
+                            zn++;
+                            {
+                                {
+                                    while (bsLive < 1) {
+                                        int zzi;
+                                        char thech = '\0';
+                                        try {
+                                            thech = (char) bsStream.ReadByte();
+                                        } catch (IOException) {
+                                            CompressedStreamEOF();
+                                        }
+                                        zzi = thech;
+                                        bsBuff = (bsBuff << 8) | (zzi & 0xff);
+                                        bsLive += 8;
+                                    }
+                                }
+                                zj = (bsBuff >> (bsLive - 1)) & 1;
+                                bsLive--;
+                            }
+                            zvec = (zvec << 1) | zj;
+                        }
+                        nextSym = perm[zt][zvec - basev[zt][zn]];
+                    }
+                    continue;
+                }
+            }
+        }
+
+        private void SetupBlock() {
+            int[] cftab = new int[257];
+            char ch;
+
+            cftab[0] = 0;
+            for (i = 1; i <= 256; i++) {
+                cftab[i] = unzftab[i - 1];
+            }
+            for (i = 1; i <= 256; i++) {
+                cftab[i] += cftab[i - 1];
+            }
+
+            for (i = 0; i <= last; i++) {
+                ch = (char) ll8[i];
+                tt[cftab[ch]] = i;
+                cftab[ch]++;
+            }
+            cftab = null;
+
+            tPos = tt[origPtr];
+
+            count = 0;
+            i2 = 0;
+            ch2 = 256;   /* not a char and not EOF */
+
+            if (blockRandomised) {
+                rNToGo = 0;
+                rTPos = 0;
+                SetupRandPartA();
+            } else {
+                SetupNoRandPartA();
+            }
+        }
+
+        private void SetupRandPartA() {
+            if (i2 <= last) {
+                chPrev = ch2;
+                ch2 = ll8[tPos];
+                tPos = tt[tPos];
+                if (rNToGo == 0) {
+                    rNToGo = BZip2Constants.rNums[rTPos];
+                    rTPos++;
+                    if (rTPos == 512) {
+                        rTPos = 0;
+                    }
+                }
+                rNToGo--;
+                ch2 ^= (int) ((rNToGo == 1) ? 1 : 0);
+                i2++;
+
+                currentChar = ch2;
+                currentState = RAND_PART_B_STATE;
+                mCrc.UpdateCRC(ch2);
+            } else {
+                EndBlock();
+                InitBlock();
+                SetupBlock();
+            }
+        }
+
+        private void SetupNoRandPartA() {
+            if (i2 <= last) {
+                chPrev = ch2;
+                ch2 = ll8[tPos];
+                tPos = tt[tPos];
+                i2++;
+
+                currentChar = ch2;
+                currentState = NO_RAND_PART_B_STATE;
+                mCrc.UpdateCRC(ch2);
+            } else {
+                EndBlock();
+                InitBlock();
+                SetupBlock();
+            }
+        }
+
+        private void SetupRandPartB() {
+            if (ch2 != chPrev) {
+                currentState = RAND_PART_A_STATE;
+                count = 1;
+                SetupRandPartA();
+            } else {
+                count++;
+                if (count >= 4) {
+                    z = ll8[tPos];
+                    tPos = tt[tPos];
+                    if (rNToGo == 0) {
+                        rNToGo = BZip2Constants.rNums[rTPos];
+                        rTPos++;
+                        if (rTPos == 512) {
+                            rTPos = 0;
+                        }
+                    }
+                    rNToGo--;
+                    z ^= (char)((rNToGo == 1) ? 1 : 0);
+                    j2 = 0;
+                    currentState = RAND_PART_C_STATE;
+                    SetupRandPartC();
+                } else {
+                    currentState = RAND_PART_A_STATE;
+                    SetupRandPartA();
+                }
+            }
+        }
+
+        private void SetupRandPartC() {
+            if (j2 < (int) z) {
+                currentChar = ch2;
+                mCrc.UpdateCRC(ch2);
+                j2++;
+            } else {
+                currentState = RAND_PART_A_STATE;
+                i2++;
+                count = 0;
+                SetupRandPartA();
+            }
+        }
+
+        private void SetupNoRandPartB() {
+            if (ch2 != chPrev) {
+                currentState = NO_RAND_PART_A_STATE;
+                count = 1;
+                SetupNoRandPartA();
+            } else {
+                count++;
+                if (count >= 4) {
+                    z = ll8[tPos];
+                    tPos = tt[tPos];
+                    currentState = NO_RAND_PART_C_STATE;
+                    j2 = 0;
+                    SetupNoRandPartC();
+                } else {
+                    currentState = NO_RAND_PART_A_STATE;
+                    SetupNoRandPartA();
+                }
+            }
+        }
+
+        private void SetupNoRandPartC() {
+            if (j2 < (int) z) {
+                currentChar = ch2;
+                mCrc.UpdateCRC(ch2);
+                j2++;
+            } else {
+                currentState = NO_RAND_PART_A_STATE;
+                i2++;
+                count = 0;
+                SetupNoRandPartA();
+            }
+        }
+
+        private void SetDecompressStructureSizes(int newSize100k) {
+            if (!(0 <= newSize100k && newSize100k <= 9 && 0 <= blockSize100k
+                && blockSize100k <= 9)) {
+                // throw new IOException("Invalid block size");
+            }
+
+            blockSize100k = newSize100k;
+
+            if (newSize100k == 0) {
+                return;
+            }
+
+            int n = BZip2Constants.baseBlockSize * newSize100k;
+            ll8 = new char[n];
+            tt = new int[n];
+        }
+    
+        public override void Flush() {
+        }
+    
+        public override int Read(byte[] buffer, int offset, int count) {
+            int c = -1;
+            int k;
+            for (k = 0; k < count; ++k) {
+                c = ReadByte();
+                if (c == -1)
+                    break;
+                buffer[k + offset] = (byte)c;
+            }
+            return k;
+        }
+    
+        public override long Seek(long offset, SeekOrigin origin) {
+            return 0;
+        }
+    
+        public override void SetLength(long value) {
+        }
+    
+        public override void Write(byte[] buffer, int offset, int count) {
+        }
+    
+        public override bool CanRead {
+            get {
+                return true;
+            }
+        }
+    
+        public override bool CanSeek {
+            get {
+                return false;
+            }
+        }
+    
+        public override bool CanWrite {
+            get {
+                return false;
+            }
+        }
+    
+        public override long Length {
+            get {
+                return 0;
+            }
+        }
+    
+        public override long Position {
+            get {
+                return 0;
+            }
+            set {
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/bzip2/src/CBZip2OutputStream.cs b/bc-sharp-crypto/bzip2/src/CBZip2OutputStream.cs
new file mode 100644
index 0000000..ffac073
--- /dev/null
+++ b/bc-sharp-crypto/bzip2/src/CBZip2OutputStream.cs
@@ -0,0 +1,1709 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/*
+ * This package is based on the work done by Keiron Liddle, Aftex Software
+ * <keiron@aftexsw.com> to whom the Ant project is very grateful for his
+ * great code.
+ */
+
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Apache.Bzip2
+{
+	/**
+    * An output stream that compresses into the BZip2 format (with the file
+    * header chars) into another stream.
+    *
+    * @author <a href="mailto:keiron@aftexsw.com">Keiron Liddle</a>
+    *
+    * TODO:    Update to BZip2 1.0.1
+    * <b>NB:</b> note this class has been modified to add a leading BZ to the
+    * start of the BZIP2 stream to make it compatible with other PGP programs.
+    */
+    public class CBZip2OutputStream : Stream 
+	{
+        protected const int SETMASK = (1 << 21);
+        protected const int CLEARMASK = (~SETMASK);
+        protected const int GREATER_ICOST = 15;
+        protected const int LESSER_ICOST = 0;
+        protected const int SMALL_THRESH = 20;
+        protected const int DEPTH_THRESH = 10;
+
+        /*
+        If you are ever unlucky/improbable enough
+        to get a stack overflow whilst sorting,
+        increase the following constant and try
+        again.  In practice I have never seen the
+        stack go above 27 elems, so the following
+        limit seems very generous.
+        */
+        protected const int QSORT_STACK_SIZE = 1000;
+        private bool finished;
+
+        private static void Panic() {
+            //System.out.Println("panic");
+            //throw new CError();
+        }
+
+        private void MakeMaps() {
+            int i;
+            nInUse = 0;
+            for (i = 0; i < 256; i++) {
+                if (inUse[i]) {
+                    seqToUnseq[nInUse] = (char) i;
+                    unseqToSeq[i] = (char) nInUse;
+                    nInUse++;
+                }
+            }
+        }
+
+        protected static void HbMakeCodeLengths(char[] len, int[] freq,
+                                                int alphaSize, int maxLen) {
+            /*
+            Nodes and heap entries run from 1.  Entry 0
+            for both the heap and nodes is a sentinel.
+            */
+            int nNodes, nHeap, n1, n2, i, j, k;
+            bool  tooLong;
+
+            int[] heap = new int[BZip2Constants.MAX_ALPHA_SIZE + 2];
+            int[] weight = new int[BZip2Constants.MAX_ALPHA_SIZE * 2];
+            int[] parent = new int[BZip2Constants.MAX_ALPHA_SIZE * 2];
+
+            for (i = 0; i < alphaSize; i++) {
+                weight[i + 1] = (freq[i] == 0 ? 1 : freq[i]) << 8;
+            }
+
+            while (true) {
+                nNodes = alphaSize;
+                nHeap = 0;
+
+                heap[0] = 0;
+                weight[0] = 0;
+                parent[0] = -2;
+
+                for (i = 1; i <= alphaSize; i++) {
+                    parent[i] = -1;
+                    nHeap++;
+                    heap[nHeap] = i;
+                    {
+                        int zz, tmp;
+                        zz = nHeap;
+                        tmp = heap[zz];
+                        while (weight[tmp] < weight[heap[zz >> 1]]) {
+                            heap[zz] = heap[zz >> 1];
+                            zz >>= 1;
+                        }
+                        heap[zz] = tmp;
+                    }
+                }
+                if (!(nHeap < (BZip2Constants.MAX_ALPHA_SIZE + 2))) {
+                    Panic();
+                }
+
+                while (nHeap > 1) {
+                    n1 = heap[1];
+                    heap[1] = heap[nHeap];
+                    nHeap--;
+                    {
+                        int zz = 0, yy = 0, tmp = 0;
+                        zz = 1;
+                        tmp = heap[zz];
+                        while (true) {
+                            yy = zz << 1;
+                            if (yy > nHeap) {
+                                break;
+                            }
+                            if (yy < nHeap
+                                && weight[heap[yy + 1]] < weight[heap[yy]]) {
+                                yy++;
+                            }
+                            if (weight[tmp] < weight[heap[yy]]) {
+                                break;
+                            }
+                            heap[zz] = heap[yy];
+                            zz = yy;
+                        }
+                        heap[zz] = tmp;
+                    }
+                    n2 = heap[1];
+                    heap[1] = heap[nHeap];
+                    nHeap--;
+                    {
+                        int zz = 0, yy = 0, tmp = 0;
+                        zz = 1;
+                        tmp = heap[zz];
+                        while (true) {
+                            yy = zz << 1;
+                            if (yy > nHeap) {
+                                break;
+                            }
+                            if (yy < nHeap
+                                && weight[heap[yy + 1]] < weight[heap[yy]]) {
+                                yy++;
+                            }
+                            if (weight[tmp] < weight[heap[yy]]) {
+                                break;
+                            }
+                            heap[zz] = heap[yy];
+                            zz = yy;
+                        }
+                        heap[zz] = tmp;
+                    }
+                    nNodes++;
+                    parent[n1] = parent[n2] = nNodes;
+
+                    weight[nNodes] = (int)((uint)((weight[n1] & 0xffffff00)
+                                    + (weight[n2] & 0xffffff00))
+                        | (uint)(1 + (((weight[n1] & 0x000000ff) >
+                                (weight[n2] & 0x000000ff)) ?
+                                (weight[n1] & 0x000000ff) :
+                                (weight[n2] & 0x000000ff))));
+
+                    parent[nNodes] = -1;
+                    nHeap++;
+                    heap[nHeap] = nNodes;
+                    {
+                        int zz = 0, tmp = 0;
+                        zz = nHeap;
+                        tmp = heap[zz];
+                        while (weight[tmp] < weight[heap[zz >> 1]]) {
+                            heap[zz] = heap[zz >> 1];
+                            zz >>= 1;
+                        }
+                        heap[zz] = tmp;
+                    }
+                }
+                if (!(nNodes < (BZip2Constants.MAX_ALPHA_SIZE * 2))) {
+                    Panic();
+                }
+
+                tooLong = false;
+                for (i = 1; i <= alphaSize; i++) {
+                    j = 0;
+                    k = i;
+                    while (parent[k] >= 0) {
+                        k = parent[k];
+                        j++;
+                    }
+                    len[i - 1] = (char) j;
+                    if (j > maxLen) {
+                        tooLong = true;
+                    }
+                }
+
+                if (!tooLong) {
+                    break;
+                }
+
+                for (i = 1; i < alphaSize; i++) {
+                    j = weight[i] >> 8;
+                    j = 1 + (j / 2);
+                    weight[i] = j << 8;
+                }
+            }
+        }
+
+        /*
+        index of the last char in the block, so
+        the block size == last + 1.
+        */
+        int last;
+
+        /*
+        index in zptr[] of original string after sorting.
+        */
+        int origPtr;
+
+        /*
+        always: in the range 0 .. 9.
+        The current block size is 100000 * this number.
+        */
+        int blockSize100k;
+
+        bool blockRandomised;
+
+        int bytesOut;
+        int bsBuff;
+        int bsLive;
+        CRC mCrc = new CRC();
+
+        private bool[] inUse = new bool[256];
+        private int nInUse;
+
+        private char[] seqToUnseq = new char[256];
+        private char[] unseqToSeq = new char[256];
+
+        private char[] selector = new char[BZip2Constants.MAX_SELECTORS];
+        private char[] selectorMtf = new char[BZip2Constants.MAX_SELECTORS];
+
+        private char[] block;
+        private int[] quadrant;
+        private int[] zptr;
+        private short[] szptr;
+        private int[] ftab;
+
+        private int nMTF;
+
+        private int[] mtfFreq = new int[BZip2Constants.MAX_ALPHA_SIZE];
+
+        /*
+        * Used when sorting.  If too many long comparisons
+        * happen, we stop sorting, randomise the block
+        * slightly, and try again.
+        */
+        private int workFactor;
+        private int workDone;
+        private int workLimit;
+        private bool firstAttempt;
+        private int nBlocksRandomised;
+
+        private int currentChar = -1;
+        private int runLength = 0;
+
+        public CBZip2OutputStream(Stream inStream) : this(inStream, 9) {
+        }
+
+        public CBZip2OutputStream(Stream inStream, int inBlockSize)
+            {
+            block = null;
+            quadrant = null;
+            zptr = null;
+            ftab = null;
+
+            inStream.WriteByte((byte)'B');
+            inStream.WriteByte((byte)'Z');
+
+            BsSetStream(inStream);
+
+            workFactor = 50;
+            if (inBlockSize > 9) {
+                inBlockSize = 9;
+            }
+            if (inBlockSize < 1) {
+                inBlockSize = 1;
+            }
+            blockSize100k = inBlockSize;
+            AllocateCompressStructures();
+            Initialize();
+            InitBlock();
+        }
+
+        /**
+        *
+        * modified by Oliver Merkel, 010128
+        *
+        */
+        public override void WriteByte(byte bv) {
+            int b = (256 + bv) % 256;
+            if (currentChar != -1) {
+                if (currentChar == b) {
+                    runLength++;
+                    if (runLength > 254) {
+                        WriteRun();
+                        currentChar = -1;
+                        runLength = 0;
+                    }
+                } else {
+                    WriteRun();
+                    runLength = 1;
+                    currentChar = b;
+                }
+            } else {
+                currentChar = b;
+                runLength++;
+            }
+        }
+
+        private void WriteRun() {
+            if (last < allowableBlockSize) {
+                inUse[currentChar] = true;
+                for (int i = 0; i < runLength; i++) {
+                    mCrc.UpdateCRC((char) currentChar);
+                }
+                switch (runLength) {
+                case 1:
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    break;
+                case 2:
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    break;
+                case 3:
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    break;
+                default:
+                    inUse[runLength - 4] = true;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) currentChar;
+                    last++;
+                    block[last + 1] = (char) (runLength - 4);
+                    break;
+                }
+            } else {
+                EndBlock();
+                InitBlock();
+                WriteRun();
+            }
+        }
+
+        bool closed = false;
+
+//        protected void Finalize() {
+//            Close();
+//        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                if (closed)
+                    return;
+
+                Finish();
+                closed = true;
+                Platform.Dispose(this.bsStream);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close() {
+            if (closed)
+                return;
+
+            Finish();
+
+            closed = true;
+            Platform.Dispose(this.bsStream);
+
+            base.Close();
+        }
+#endif
+
+        public void Finish() {
+            if (finished) {
+                return;
+            }
+
+            if (runLength > 0) {
+                WriteRun();
+            }
+            currentChar = -1;
+            EndBlock();
+            EndCompression();
+            finished = true;
+            Flush();
+        }
+        
+        public override void Flush() {
+            bsStream.Flush();
+        }
+
+        private int blockCRC, combinedCRC;
+
+        private void Initialize() {
+            bytesOut = 0;
+            nBlocksRandomised = 0;
+
+            /* Write `magic' bytes h indicating file-format == huffmanised,
+            followed by a digit indicating blockSize100k.
+            */
+            BsPutUChar('h');
+            BsPutUChar('0' + blockSize100k);
+
+            combinedCRC = 0;
+        }
+
+        private int allowableBlockSize;
+
+        private void InitBlock() {
+            //        blockNo++;
+            mCrc.InitialiseCRC();
+            last = -1;
+            //        ch = 0;
+
+            for (int i = 0; i < 256; i++) {
+                inUse[i] = false;
+            }
+
+            /* 20 is just a paranoia constant */
+            allowableBlockSize = BZip2Constants.baseBlockSize * blockSize100k - 20;
+        }
+
+        private void EndBlock() {
+            blockCRC = mCrc.GetFinalCRC();
+            combinedCRC = (combinedCRC << 1) | (int)(((uint)combinedCRC) >> 31);
+            combinedCRC ^= blockCRC;
+
+            /* sort the block and establish posn of original string */
+            DoReversibleTransformation();
+
+            /*
+            A 6-byte block header, the value chosen arbitrarily
+            as 0x314159265359 :-).  A 32 bit value does not really
+            give a strong enough guarantee that the value will not
+            appear by chance in the compressed datastream.  Worst-case
+            probability of this event, for a 900k block, is about
+            2.0e-3 for 32 bits, 1.0e-5 for 40 bits and 4.0e-8 for 48 bits.
+            For a compressed file of size 100Gb -- about 100000 blocks --
+            only a 48-bit marker will do.  NB: normal compression/
+            decompression do *not* rely on these statistical properties.
+            They are only important when trying to recover blocks from
+            damaged files.
+            */
+            BsPutUChar(0x31);
+            BsPutUChar(0x41);
+            BsPutUChar(0x59);
+            BsPutUChar(0x26);
+            BsPutUChar(0x53);
+            BsPutUChar(0x59);
+
+            /* Now the block's CRC, so it is in a known place. */
+            BsPutint(blockCRC);
+
+            /* Now a single bit indicating randomisation. */
+            if (blockRandomised) {
+                BsW(1, 1);
+                nBlocksRandomised++;
+            } else {
+                BsW(1, 0);
+            }
+
+            /* Finally, block's contents proper. */
+            MoveToFrontCodeAndSend();
+        }
+
+        private void EndCompression() {
+            /*
+            Now another magic 48-bit number, 0x177245385090, to
+            indicate the end of the last block.  (Sqrt(pi), if
+            you want to know.  I did want to use e, but it contains
+            too much repetition -- 27 18 28 18 28 46 -- for me
+            to feel statistically comfortable.  Call me paranoid.)
+            */
+            BsPutUChar(0x17);
+            BsPutUChar(0x72);
+            BsPutUChar(0x45);
+            BsPutUChar(0x38);
+            BsPutUChar(0x50);
+            BsPutUChar(0x90);
+
+            BsPutint(combinedCRC);
+
+            BsFinishedWithStream();
+        }
+
+        private void HbAssignCodes(int[] code, char[] length, int minLen,
+                                    int maxLen, int alphaSize) {
+            int n, vec, i;
+
+            vec = 0;
+            for (n = minLen; n <= maxLen; n++) {
+                for (i = 0; i < alphaSize; i++) {
+                    if (length[i] == n) {
+                        code[i] = vec;
+                        vec++;
+                    }
+                };
+                vec <<= 1;
+            }
+        }
+
+        private void BsSetStream(Stream f) {
+            bsStream = f;
+            bsLive = 0;
+            bsBuff = 0;
+            bytesOut = 0;
+        }
+
+        private void BsFinishedWithStream() {
+            while (bsLive > 0) {
+                int ch = (bsBuff >> 24);
+                try {
+                    bsStream.WriteByte((byte)ch); // write 8-bit
+                } catch (IOException e) {
+                    throw  e;
+                }
+                bsBuff <<= 8;
+                bsLive -= 8;
+                bytesOut++;
+            }
+        }
+
+        private void BsW(int n, int v) {
+            while (bsLive >= 8) {
+                int ch = (bsBuff >> 24);
+                try {
+                    bsStream.WriteByte((byte)ch); // write 8-bit
+                } catch (IOException e) {
+                    throw e;
+                }
+                bsBuff <<= 8;
+                bsLive -= 8;
+                bytesOut++;
+            }
+            bsBuff |= (v << (32 - bsLive - n));
+            bsLive += n;
+        }
+
+        private void BsPutUChar(int c) {
+            BsW(8, c);
+        }
+
+        private void BsPutint(int u) {
+            BsW(8, (u >> 24) & 0xff);
+            BsW(8, (u >> 16) & 0xff);
+            BsW(8, (u >>  8) & 0xff);
+            BsW(8,  u        & 0xff);
+        }
+
+        private void BsPutIntVS(int numBits, int c) {
+            BsW(numBits, c);
+        }
+
+        private void SendMTFValues() {
+            char[][] len = CBZip2InputStream.InitCharArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+
+            int v, t, i, j, gs, ge, totc, bt, bc, iter;
+            int nSelectors = 0, alphaSize, minLen, maxLen, selCtr;
+            int nGroups;
+
+            alphaSize = nInUse + 2;
+            for (t = 0; t < BZip2Constants.N_GROUPS; t++) {
+                for (v = 0; v < alphaSize; v++) {
+                    len[t][v] = (char) GREATER_ICOST;
+                }
+            }
+
+            /* Decide how many coding tables to use */
+            if (nMTF <= 0) {
+                Panic();
+            }
+
+            if (nMTF < 200) {
+                nGroups = 2;
+            } else if (nMTF < 600) {
+                nGroups = 3;
+            } else if (nMTF < 1200) {
+                nGroups = 4;
+            } else if (nMTF < 2400) {
+                nGroups = 5;
+            } else {
+                nGroups = 6;
+            }
+
+            /* Generate an initial set of coding tables */ {
+                int nPart, remF, tFreq, aFreq;
+
+                nPart = nGroups;
+                remF  = nMTF;
+                gs = 0;
+                while (nPart > 0) {
+                    tFreq = remF / nPart;
+                    ge = gs - 1;
+                    aFreq = 0;
+                    while (aFreq < tFreq && ge < alphaSize - 1) {
+                        ge++;
+                        aFreq += mtfFreq[ge];
+                    }
+
+                    if (ge > gs && nPart != nGroups && nPart != 1
+                        && ((nGroups - nPart) % 2 == 1)) {
+                        aFreq -= mtfFreq[ge];
+                        ge--;
+                    }
+
+                    for (v = 0; v < alphaSize; v++) {
+                        if (v >= gs && v <= ge) {
+                            len[nPart - 1][v] = (char) LESSER_ICOST;
+                        } else {
+                            len[nPart - 1][v] = (char) GREATER_ICOST;
+                        }
+                    }
+
+                    nPart--;
+                    gs = ge + 1;
+                    remF -= aFreq;
+                }
+            }
+
+            int[][] rfreq = CBZip2InputStream.InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+            int[] fave = new int[BZip2Constants.N_GROUPS];
+            short[] cost = new short[BZip2Constants.N_GROUPS];
+            /*
+            Iterate up to N_ITERS times to improve the tables.
+            */
+            for (iter = 0; iter < BZip2Constants.N_ITERS; iter++) {
+                for (t = 0; t < nGroups; t++) {
+                    fave[t] = 0;
+                }
+
+                for (t = 0; t < nGroups; t++) {
+                    for (v = 0; v < alphaSize; v++) {
+                        rfreq[t][v] = 0;
+                    }
+                }
+
+                nSelectors = 0;
+                totc = 0;
+                gs = 0;
+                while (true) {
+
+                    /* Set group start & end marks. */
+                    if (gs >= nMTF) {
+                        break;
+                    }
+                    ge = gs + BZip2Constants.G_SIZE - 1;
+                    if (ge >= nMTF) {
+                        ge = nMTF - 1;
+                    }
+
+                    /*
+                    Calculate the cost of this group as coded
+                    by each of the coding tables.
+                    */
+                    for (t = 0; t < nGroups; t++) {
+                        cost[t] = 0;
+                    }
+
+                    if (nGroups == 6) {
+                        short cost0, cost1, cost2, cost3, cost4, cost5;
+                        cost0 = cost1 = cost2 = cost3 = cost4 = cost5 = 0;
+                        for (i = gs; i <= ge; i++) {
+                            short icv = szptr[i];
+                            cost0 += (short)len[0][icv];
+                            cost1 += (short)len[1][icv];
+                            cost2 += (short)len[2][icv];
+                            cost3 += (short)len[3][icv];
+                            cost4 += (short)len[4][icv];
+                            cost5 += (short)len[5][icv];
+                        }
+                        cost[0] = cost0;
+                        cost[1] = cost1;
+                        cost[2] = cost2;
+                        cost[3] = cost3;
+                        cost[4] = cost4;
+                        cost[5] = cost5;
+                    } else {
+                        for (i = gs; i <= ge; i++) {
+                            short icv = szptr[i];
+                            for (t = 0; t < nGroups; t++) {
+                                cost[t] += (short)len[t][icv];
+                            }
+                        }
+                    }
+
+                    /*
+                    Find the coding table which is best for this group,
+                    and record its identity in the selector table.
+                    */
+                    bc = 999999999;
+                    bt = -1;
+                    for (t = 0; t < nGroups; t++) {
+                        if (cost[t] < bc) {
+                            bc = cost[t];
+                            bt = t;
+                        }
+                    };
+                    totc += bc;
+                    fave[bt]++;
+                    selector[nSelectors] = (char) bt;
+                    nSelectors++;
+
+                    /*
+                    Increment the symbol frequencies for the selected table.
+                    */
+                    for (i = gs; i <= ge; i++) {
+                        rfreq[bt][szptr[i]]++;
+                    }
+
+                    gs = ge + 1;
+                }
+
+                /*
+                Recompute the tables based on the accumulated frequencies.
+                */
+                for (t = 0; t < nGroups; t++) {
+                    HbMakeCodeLengths(len[t], rfreq[t], alphaSize, 20);
+                }
+            }
+
+            rfreq = null;
+            fave = null;
+            cost = null;
+
+            if (!(nGroups < 8)) {
+                Panic();
+            }
+            if (!(nSelectors < 32768 && nSelectors <= (2 + (900000 / BZip2Constants.G_SIZE)))) {
+                Panic();
+            }
+
+
+            /* Compute MTF values for the selectors. */
+            {
+                char[] pos = new char[BZip2Constants.N_GROUPS];
+                char ll_i, tmp2, tmp;
+                for (i = 0; i < nGroups; i++) {
+                    pos[i] = (char) i;
+                }
+                for (i = 0; i < nSelectors; i++) {
+                    ll_i = selector[i];
+                    j = 0;
+                    tmp = pos[j];
+                    while (ll_i != tmp) {
+                        j++;
+                        tmp2 = tmp;
+                        tmp = pos[j];
+                        pos[j] = tmp2;
+                    }
+                    pos[0] = tmp;
+                    selectorMtf[i] = (char) j;
+                }
+            }
+
+            int[][] code = CBZip2InputStream.InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE);
+
+            /* Assign actual codes for the tables. */
+            for (t = 0; t < nGroups; t++) {
+                minLen = 32;
+                maxLen = 0;
+                for (i = 0; i < alphaSize; i++) {
+                    if (len[t][i] > maxLen) {
+                        maxLen = len[t][i];
+                    }
+                    if (len[t][i] < minLen) {
+                        minLen = len[t][i];
+                    }
+                }
+                if (maxLen > 20) {
+                    Panic();
+                }
+                if (minLen < 1) {
+                    Panic();
+                }
+                HbAssignCodes(code[t], len[t], minLen, maxLen, alphaSize);
+            }
+
+            /* Transmit the mapping table. */
+            {
+                bool[] inUse16 = new bool[16];
+                for (i = 0; i < 16; i++) {
+                    inUse16[i] = false;
+                    for (j = 0; j < 16; j++) {
+                        if (inUse[i * 16 + j]) {
+                            inUse16[i] = true;
+                        }
+                    }
+                }
+
+				for (i = 0; i < 16; i++) {
+                    if (inUse16[i]) {
+                        BsW(1, 1);
+                    } else {
+                        BsW(1, 0);
+                    }
+                }
+
+                for (i = 0; i < 16; i++) {
+                    if (inUse16[i]) {
+                        for (j = 0; j < 16; j++) {
+                            if (inUse[i * 16 + j]) {
+                                BsW(1, 1);
+                            } else {
+                                BsW(1, 0);
+                            }
+                        }
+                    }
+                }
+
+            }
+
+            /* Now the selectors. */
+            BsW(3, nGroups);
+            BsW(15, nSelectors);
+            for (i = 0; i < nSelectors; i++) {
+                for (j = 0; j < selectorMtf[i]; j++) {
+                    BsW(1, 1);
+                }
+                BsW(1, 0);
+            }
+
+            /* Now the coding tables. */
+            for (t = 0; t < nGroups; t++) {
+                int curr = len[t][0];
+                BsW(5, curr);
+                for (i = 0; i < alphaSize; i++) {
+                    while (curr < len[t][i]) {
+                        BsW(2, 2);
+                        curr++; /* 10 */
+                    }
+                    while (curr > len[t][i]) {
+                        BsW(2, 3);
+                        curr--; /* 11 */
+                    }
+                    BsW(1, 0);
+                }
+            }
+
+            /* And finally, the block data proper */
+            selCtr = 0;
+            gs = 0;
+            while (true) {
+                if (gs >= nMTF) {
+                    break;
+                }
+                ge = gs + BZip2Constants.G_SIZE - 1;
+                if (ge >= nMTF) {
+                    ge = nMTF - 1;
+                }
+                for (i = gs; i <= ge; i++) {
+                    BsW(len[selector[selCtr]][szptr[i]],
+                        code[selector[selCtr]][szptr[i]]);
+                }
+
+                gs = ge + 1;
+                selCtr++;
+            }
+            if (!(selCtr == nSelectors)) {
+                Panic();
+            }
+        }
+
+        private void MoveToFrontCodeAndSend() {
+            BsPutIntVS(24, origPtr);
+            GenerateMTFValues();
+            SendMTFValues();
+        }
+
+        private Stream bsStream;
+
+        private void SimpleSort(int lo, int hi, int d) {
+            int i, j, h, bigN, hp;
+            int v;
+
+            bigN = hi - lo + 1;
+            if (bigN < 2) {
+                return;
+            }
+
+            hp = 0;
+            while (incs[hp] < bigN) {
+                hp++;
+            }
+            hp--;
+
+            for (; hp >= 0; hp--) {
+                h = incs[hp];
+
+                i = lo + h;
+                while (true) {
+                    /* copy 1 */
+                    if (i > hi) {
+                        break;
+                    }
+                    v = zptr[i];
+                    j = i;
+                    while (FullGtU(zptr[j - h] + d, v + d)) {
+                        zptr[j] = zptr[j - h];
+                        j = j - h;
+                        if (j <= (lo + h - 1)) {
+                            break;
+                        }
+                    }
+                    zptr[j] = v;
+                    i++;
+
+                    /* copy 2 */
+                    if (i > hi) {
+                        break;
+                    }
+                    v = zptr[i];
+                    j = i;
+                    while (FullGtU(zptr[j - h] + d, v + d)) {
+                        zptr[j] = zptr[j - h];
+                        j = j - h;
+                        if (j <= (lo + h - 1)) {
+                            break;
+                        }
+                    }
+                    zptr[j] = v;
+                    i++;
+
+                    /* copy 3 */
+                    if (i > hi) {
+                        break;
+                    }
+                    v = zptr[i];
+                    j = i;
+                    while (FullGtU(zptr[j - h] + d, v + d)) {
+                        zptr[j] = zptr[j - h];
+                        j = j - h;
+                        if (j <= (lo + h - 1)) {
+                            break;
+                        }
+                    }
+                    zptr[j] = v;
+                    i++;
+
+                    if (workDone > workLimit && firstAttempt) {
+                        return;
+                    }
+                }
+            }
+        }
+
+        private void Vswap(int p1, int p2, int n) {
+            int temp = 0;
+            while (n > 0) {
+                temp = zptr[p1];
+                zptr[p1] = zptr[p2];
+                zptr[p2] = temp;
+                p1++;
+                p2++;
+                n--;
+            }
+        }
+
+        private char Med3(char a, char b, char c) {
+            char t;
+            if (a > b) {
+                t = a;
+                a = b;
+                b = t;
+            }
+            if (b > c) {
+                t = b;
+                b = c;
+                c = t;
+            }
+            if (a > b) {
+                b = a;
+            }
+            return b;
+        }
+
+        internal class StackElem {
+            internal int ll;
+            internal int hh;
+            internal int dd;
+        }
+
+        private void QSort3(int loSt, int hiSt, int dSt) {
+            int unLo, unHi, ltLo, gtHi, med, n, m;
+            int sp, lo, hi, d;
+            StackElem[] stack = new StackElem[QSORT_STACK_SIZE];
+            for (int count = 0; count < QSORT_STACK_SIZE; count++) {
+                stack[count] = new StackElem();
+            }
+
+            sp = 0;
+
+            stack[sp].ll = loSt;
+            stack[sp].hh = hiSt;
+            stack[sp].dd = dSt;
+            sp++;
+
+            while (sp > 0) {
+                if (sp >= QSORT_STACK_SIZE) {
+                    Panic();
+                }
+
+                sp--;
+                lo = stack[sp].ll;
+                hi = stack[sp].hh;
+                d = stack[sp].dd;
+
+                if (hi - lo < SMALL_THRESH || d > DEPTH_THRESH) {
+                    SimpleSort(lo, hi, d);
+                    if (workDone > workLimit && firstAttempt) {
+                        return;
+                    }
+                    continue;
+                }
+
+                med = Med3(block[zptr[lo] + d + 1],
+                        block[zptr[hi            ] + d  + 1],
+                        block[zptr[(lo + hi) >> 1] + d + 1]);
+
+                unLo = ltLo = lo;
+                unHi = gtHi = hi;
+
+                while (true) {
+                    while (true) {
+                        if (unLo > unHi) {
+                            break;
+                        }
+                        n = ((int) block[zptr[unLo] + d + 1]) - med;
+                        if (n == 0) {
+                            int temp = 0;
+                            temp = zptr[unLo];
+                            zptr[unLo] = zptr[ltLo];
+                            zptr[ltLo] = temp;
+                            ltLo++;
+                            unLo++;
+                            continue;
+                        };
+                        if (n >  0) {
+                            break;
+                        }
+                        unLo++;
+                    }
+                    while (true) {
+                        if (unLo > unHi) {
+                            break;
+                        }
+                        n = ((int) block[zptr[unHi] + d + 1]) - med;
+                        if (n == 0) {
+                            int temp = 0;
+                            temp = zptr[unHi];
+                            zptr[unHi] = zptr[gtHi];
+                            zptr[gtHi] = temp;
+                            gtHi--;
+                            unHi--;
+                            continue;
+                        };
+                        if (n <  0) {
+                            break;
+                        }
+                        unHi--;
+                    }
+                    if (unLo > unHi) {
+                        break;
+                    }
+                    int tempx = zptr[unLo];
+                    zptr[unLo] = zptr[unHi];
+                    zptr[unHi] = tempx;
+                    unLo++;
+                    unHi--;
+                }
+
+                if (gtHi < ltLo) {
+                    stack[sp].ll = lo;
+                    stack[sp].hh = hi;
+                    stack[sp].dd = d + 1;
+                    sp++;
+                    continue;
+                }
+
+                n = ((ltLo - lo) < (unLo - ltLo)) ? (ltLo - lo) : (unLo - ltLo);
+                Vswap(lo, unLo - n, n);
+                m = ((hi - gtHi) < (gtHi - unHi)) ? (hi - gtHi) : (gtHi - unHi);
+                Vswap(unLo, hi - m + 1, m);
+
+                n = lo + unLo - ltLo - 1;
+                m = hi - (gtHi - unHi) + 1;
+
+                stack[sp].ll = lo;
+                stack[sp].hh = n;
+                stack[sp].dd = d;
+                sp++;
+
+                stack[sp].ll = n + 1;
+                stack[sp].hh = m - 1;
+                stack[sp].dd = d + 1;
+                sp++;
+
+                stack[sp].ll = m;
+                stack[sp].hh = hi;
+                stack[sp].dd = d;
+                sp++;
+            }
+        }
+
+        private void MainSort() {
+            int i, j, ss, sb;
+            int[] runningOrder = new int[256];
+            int[] copy = new int[256];
+            bool[] bigDone = new bool[256];
+            int c1, c2;
+            int numQSorted;
+
+            /*
+            In the various block-sized structures, live data runs
+            from 0 to last+NUM_OVERSHOOT_BYTES inclusive.  First,
+            set up the overshoot area for block.
+            */
+
+            //   if (verbosity >= 4) fprintf ( stderr, "   sort initialise ...\n" );
+            for (i = 0; i < BZip2Constants.NUM_OVERSHOOT_BYTES; i++) {
+                block[last + i + 2] = block[(i % (last + 1)) + 1];
+            }
+            for (i = 0; i <= last + BZip2Constants.NUM_OVERSHOOT_BYTES; i++) {
+                quadrant[i] = 0;
+            }
+
+            block[0] = (char) (block[last + 1]);
+
+            if (last < 4000) {
+                /*
+                Use SimpleSort(), since the full sorting mechanism
+                has quite a large constant overhead.
+                */
+                for (i = 0; i <= last; i++) {
+                    zptr[i] = i;
+                }
+                firstAttempt = false;
+                workDone = workLimit = 0;
+                SimpleSort(0, last, 0);
+            } else {
+                numQSorted = 0;
+                for (i = 0; i <= 255; i++) {
+                    bigDone[i] = false;
+                }
+
+                for (i = 0; i <= 65536; i++) {
+                    ftab[i] = 0;
+                }
+
+                c1 = block[0];
+                for (i = 0; i <= last; i++) {
+                    c2 = block[i + 1];
+                    ftab[(c1 << 8) + c2]++;
+                    c1 = c2;
+                }
+
+                for (i = 1; i <= 65536; i++) {
+                    ftab[i] += ftab[i - 1];
+                }
+
+                c1 = block[1];
+                for (i = 0; i < last; i++) {
+                    c2 = block[i + 2];
+                    j = (c1 << 8) + c2;
+                    c1 = c2;
+                    ftab[j]--;
+                    zptr[ftab[j]] = i;
+                }
+
+                j = ((block[last + 1]) << 8) + (block[1]);
+                ftab[j]--;
+                zptr[ftab[j]] = last;
+
+                /*
+                Now ftab contains the first loc of every small bucket.
+                Calculate the running order, from smallest to largest
+                big bucket.
+                */
+
+                for (i = 0; i <= 255; i++) {
+                    runningOrder[i] = i;
+                }
+
+                {
+                    int vv;
+                    int h = 1;
+                    do {
+                        h = 3 * h + 1;
+                    }
+                    while (h <= 256);
+                    do {
+                        h = h / 3;
+                        for (i = h; i <= 255; i++) {
+                            vv = runningOrder[i];
+                            j = i;
+                            while ((ftab[((runningOrder[j - h]) + 1) << 8]
+                                    - ftab[(runningOrder[j - h]) << 8]) >
+                                (ftab[((vv) + 1) << 8] - ftab[(vv) << 8])) {
+                                runningOrder[j] = runningOrder[j - h];
+                                j = j - h;
+                                if (j <= (h - 1)) {
+                                    break;
+                                }
+                            }
+                            runningOrder[j] = vv;
+                        }
+                    } while (h != 1);
+                }
+
+                /*
+                The main sorting loop.
+                */
+                for (i = 0; i <= 255; i++) {
+
+                    /*
+                    Process big buckets, starting with the least full.
+                    */
+                    ss = runningOrder[i];
+
+                    /*
+                    Complete the big bucket [ss] by quicksorting
+                    any unsorted small buckets [ss, j].  Hopefully
+                    previous pointer-scanning phases have already
+                    completed many of the small buckets [ss, j], so
+                    we don't have to sort them at all.
+                    */
+                    for (j = 0; j <= 255; j++) {
+                        sb = (ss << 8) + j;
+                        if (!((ftab[sb] & SETMASK) == SETMASK)) {
+                            int lo = ftab[sb] & CLEARMASK;
+                            int hi = (ftab[sb + 1] & CLEARMASK) - 1;
+                            if (hi > lo) {
+                                QSort3(lo, hi, 2);
+                                numQSorted += (hi - lo + 1);
+                                if (workDone > workLimit && firstAttempt) {
+                                    return;
+                                }
+                            }
+                            ftab[sb] |= SETMASK;
+                        }
+                    }
+
+                    /*
+                    The ss big bucket is now done.  Record this fact,
+                    and update the quadrant descriptors.  Remember to
+                    update quadrants in the overshoot area too, if
+                    necessary.  The "if (i < 255)" test merely skips
+                    this updating for the last bucket processed, since
+                    updating for the last bucket is pointless.
+                    */
+                    bigDone[ss] = true;
+
+                    if (i < 255) {
+                        int bbStart  = ftab[ss << 8] & CLEARMASK;
+                        int bbSize   = (ftab[(ss + 1) << 8] & CLEARMASK) - bbStart;
+                        int shifts   = 0;
+
+                        while ((bbSize >> shifts) > 65534) {
+                            shifts++;
+                        }
+
+                        for (j = 0; j < bbSize; j++) {
+                            int a2update = zptr[bbStart + j];
+                            int qVal = (j >> shifts);
+                            quadrant[a2update] = qVal;
+                            if (a2update < BZip2Constants.NUM_OVERSHOOT_BYTES) {
+                                quadrant[a2update + last + 1] = qVal;
+                            }
+                        }
+
+                        if (!(((bbSize - 1) >> shifts) <= 65535)) {
+                            Panic();
+                        }
+                    }
+
+                    /*
+                    Now scan this big bucket so as to synthesise the
+                    sorted order for small buckets [t, ss] for all t != ss.
+                    */
+                    for (j = 0; j <= 255; j++) {
+                        copy[j] = ftab[(j << 8) + ss] & CLEARMASK;
+                    }
+
+                    for (j = ftab[ss << 8] & CLEARMASK;
+                        j < (ftab[(ss + 1) << 8] & CLEARMASK); j++) {
+                        c1 = block[zptr[j]];
+                        if (!bigDone[c1]) {
+                            zptr[copy[c1]] = zptr[j] == 0 ? last : zptr[j] - 1;
+                            copy[c1]++;
+                        }
+                    }
+
+                    for (j = 0; j <= 255; j++) {
+                        ftab[(j << 8) + ss] |= SETMASK;
+                    }
+                }
+            }
+        }
+
+        private void RandomiseBlock() {
+            int i;
+            int rNToGo = 0;
+            int rTPos  = 0;
+            for (i = 0; i < 256; i++) {
+                inUse[i] = false;
+            }
+
+            for (i = 0; i <= last; i++) {
+                if (rNToGo == 0) {
+                    rNToGo = (char) BZip2Constants.rNums[rTPos];
+                    rTPos++;
+                    if (rTPos == 512) {
+                        rTPos = 0;
+                    }
+                }
+                rNToGo--;
+                block[i + 1] ^= (char)((rNToGo == 1) ? 1 : 0);
+                // handle 16 bit signed numbers
+                block[i + 1] &= (char)0xFF;
+
+                inUse[block[i + 1]] = true;
+            }
+        }
+
+        private void DoReversibleTransformation() {
+            int i;
+
+            workLimit = workFactor * last;
+            workDone = 0;
+            blockRandomised = false;
+            firstAttempt = true;
+
+            MainSort();
+
+            if (workDone > workLimit && firstAttempt) {
+                RandomiseBlock();
+                workLimit = workDone = 0;
+                blockRandomised = true;
+                firstAttempt = false;
+                MainSort();
+            }
+
+            origPtr = -1;
+            for (i = 0; i <= last; i++) {
+                if (zptr[i] == 0) {
+                    origPtr = i;
+                    break;
+                }
+            };
+
+            if (origPtr == -1) {
+                Panic();
+            }
+        }
+
+        private bool FullGtU(int i1, int i2) {
+            int k;
+            char c1, c2;
+            int s1, s2;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            c1 = block[i1 + 1];
+            c2 = block[i2 + 1];
+            if (c1 != c2) {
+                return (c1 > c2);
+            }
+            i1++;
+            i2++;
+
+            k = last + 1;
+
+            do {
+                c1 = block[i1 + 1];
+                c2 = block[i2 + 1];
+                if (c1 != c2) {
+                    return (c1 > c2);
+                }
+                s1 = quadrant[i1];
+                s2 = quadrant[i2];
+                if (s1 != s2) {
+                    return (s1 > s2);
+                }
+                i1++;
+                i2++;
+
+                c1 = block[i1 + 1];
+                c2 = block[i2 + 1];
+                if (c1 != c2) {
+                    return (c1 > c2);
+                }
+                s1 = quadrant[i1];
+                s2 = quadrant[i2];
+                if (s1 != s2) {
+                    return (s1 > s2);
+                }
+                i1++;
+                i2++;
+
+                c1 = block[i1 + 1];
+                c2 = block[i2 + 1];
+                if (c1 != c2) {
+                    return (c1 > c2);
+                }
+                s1 = quadrant[i1];
+                s2 = quadrant[i2];
+                if (s1 != s2) {
+                    return (s1 > s2);
+                }
+                i1++;
+                i2++;
+
+                c1 = block[i1 + 1];
+                c2 = block[i2 + 1];
+                if (c1 != c2) {
+                    return (c1 > c2);
+                }
+                s1 = quadrant[i1];
+                s2 = quadrant[i2];
+                if (s1 != s2) {
+                    return (s1 > s2);
+                }
+                i1++;
+                i2++;
+
+                if (i1 > last) {
+                    i1 -= last;
+                    i1--;
+                };
+                if (i2 > last) {
+                    i2 -= last;
+                    i2--;
+                };
+
+                k -= 4;
+                workDone++;
+            } while (k >= 0);
+
+            return false;
+        }
+
+        /*
+        Knuth's increments seem to work better
+        than Incerpi-Sedgewick here.  Possibly
+        because the number of elems to sort is
+        usually small, typically <= 20.
+        */
+        private int[] incs = { 1, 4, 13, 40, 121, 364, 1093, 3280,
+                            9841, 29524, 88573, 265720,
+                            797161, 2391484 };
+
+        private void AllocateCompressStructures() {
+            int n = BZip2Constants.baseBlockSize * blockSize100k;
+            block = new char[(n + 1 + BZip2Constants.NUM_OVERSHOOT_BYTES)];
+            quadrant = new int[(n + BZip2Constants.NUM_OVERSHOOT_BYTES)];
+            zptr = new int[n];
+            ftab = new int[65537];
+
+            if (block == null || quadrant == null || zptr == null
+                || ftab == null) {
+                //int totalDraw = (n + 1 + NUM_OVERSHOOT_BYTES) + (n + NUM_OVERSHOOT_BYTES) + n + 65537;
+                //compressOutOfMemory ( totalDraw, n );
+            }
+
+            /*
+            The back end needs a place to store the MTF values
+            whilst it calculates the coding tables.  We could
+            put them in the zptr array.  However, these values
+            will fit in a short, so we overlay szptr at the
+            start of zptr, in the hope of reducing the number
+            of cache misses induced by the multiple traversals
+            of the MTF values when calculating coding tables.
+            Seems to improve compression speed by about 1%.
+            */
+            //    szptr = zptr;
+
+
+            szptr = new short[2 * n];
+        }
+
+        private void GenerateMTFValues() {
+            char[] yy = new char[256];
+            int  i, j;
+            char tmp;
+            char tmp2;
+            int zPend;
+            int wr;
+            int EOB;
+
+            MakeMaps();
+            EOB = nInUse + 1;
+
+            for (i = 0; i <= EOB; i++) {
+                mtfFreq[i] = 0;
+            }
+
+            wr = 0;
+            zPend = 0;
+            for (i = 0; i < nInUse; i++) {
+                yy[i] = (char) i;
+            }
+
+
+            for (i = 0; i <= last; i++) {
+                char ll_i;
+
+                ll_i = unseqToSeq[block[zptr[i]]];
+
+                j = 0;
+                tmp = yy[j];
+                while (ll_i != tmp) {
+                    j++;
+                    tmp2 = tmp;
+                    tmp = yy[j];
+                    yy[j] = tmp2;
+                };
+                yy[0] = tmp;
+
+                if (j == 0) {
+                    zPend++;
+                } else {
+                    if (zPend > 0) {
+                        zPend--;
+                        while (true) {
+                            switch (zPend % 2) {
+                            case 0:
+                                szptr[wr] = (short) BZip2Constants.RUNA;
+                                wr++;
+                                mtfFreq[BZip2Constants.RUNA]++;
+                                break;
+                            case 1:
+                                szptr[wr] = (short) BZip2Constants.RUNB;
+                                wr++;
+                                mtfFreq[BZip2Constants.RUNB]++;
+                                break;
+                            };
+                            if (zPend < 2) {
+                                break;
+                            }
+                            zPend = (zPend - 2) / 2;
+                        };
+                        zPend = 0;
+                    }
+                    szptr[wr] = (short) (j + 1);
+                    wr++;
+                    mtfFreq[j + 1]++;
+                }
+            }
+
+            if (zPend > 0) {
+                zPend--;
+                while (true) {
+                    switch (zPend % 2) {
+                    case 0:
+                        szptr[wr] = (short) BZip2Constants.RUNA;
+                        wr++;
+                        mtfFreq[BZip2Constants.RUNA]++;
+                        break;
+                    case 1:
+                        szptr[wr] = (short) BZip2Constants.RUNB;
+                        wr++;
+                        mtfFreq[BZip2Constants.RUNB]++;
+                        break;
+                    }
+                    if (zPend < 2) {
+                        break;
+                    }
+                    zPend = (zPend - 2) / 2;
+                }
+            }
+
+            szptr[wr] = (short) EOB;
+            wr++;
+            mtfFreq[EOB]++;
+
+            nMTF = wr;
+        }
+
+        public override int Read(byte[] buffer, int offset, int count) {
+            return 0;
+        }
+    
+        public override long Seek(long offset, SeekOrigin origin) {
+            return 0;
+        }
+    
+        public override void SetLength(long value) {
+        }
+    
+        public override void Write(byte[] buffer, int offset, int count) {
+            for (int k = 0; k < count; ++k) {
+                WriteByte(buffer[k + offset]);
+            }
+        }
+    
+        public override bool CanRead {
+            get {
+                return false;
+            }
+        }
+    
+        public override bool CanSeek {
+            get {
+                return false;
+            }
+        }
+    
+        public override bool CanWrite {
+            get {
+                return true;
+            }
+        }
+    
+        public override long Length {
+            get {
+                return 0;
+            }
+        }
+    
+        public override long Position {
+            get {
+                return 0;
+            }
+            set {
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/bzip2/src/CRC.cs b/bc-sharp-crypto/bzip2/src/CRC.cs
new file mode 100644
index 0000000..278a9f3
--- /dev/null
+++ b/bc-sharp-crypto/bzip2/src/CRC.cs
@@ -0,0 +1,134 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+/*
+ * This package is based on the work done by Keiron Liddle), Aftex Software
+ * <keiron@aftexsw.com> to whom the Ant project is very grateful for his
+ * great code.
+ */
+
+using System;
+
+namespace Org.BouncyCastle.Apache.Bzip2
+{
+	/**
+    * A simple class the hold and calculate the CRC for sanity checking
+    * of the data.
+    *
+    * @author <a href="mailto:keiron@aftexsw.com">Keiron Liddle</a>
+    */
+    internal class CRC 
+	{
+        public static readonly int[] crc32Table = {
+            unchecked((int)0x00000000), unchecked((int)0x04c11db7), unchecked((int)0x09823b6e), unchecked((int)0x0d4326d9),
+            unchecked((int)0x130476dc), unchecked((int)0x17c56b6b), unchecked((int)0x1a864db2), unchecked((int)0x1e475005),
+            unchecked((int)0x2608edb8), unchecked((int)0x22c9f00f), unchecked((int)0x2f8ad6d6), unchecked((int)0x2b4bcb61),
+            unchecked((int)0x350c9b64), unchecked((int)0x31cd86d3), unchecked((int)0x3c8ea00a), unchecked((int)0x384fbdbd),
+            unchecked((int)0x4c11db70), unchecked((int)0x48d0c6c7), unchecked((int)0x4593e01e), unchecked((int)0x4152fda9),
+            unchecked((int)0x5f15adac), unchecked((int)0x5bd4b01b), unchecked((int)0x569796c2), unchecked((int)0x52568b75),
+            unchecked((int)0x6a1936c8), unchecked((int)0x6ed82b7f), unchecked((int)0x639b0da6), unchecked((int)0x675a1011),
+            unchecked((int)0x791d4014), unchecked((int)0x7ddc5da3), unchecked((int)0x709f7b7a), unchecked((int)0x745e66cd),
+            unchecked((int)0x9823b6e0), unchecked((int)0x9ce2ab57), unchecked((int)0x91a18d8e), unchecked((int)0x95609039),
+            unchecked((int)0x8b27c03c), unchecked((int)0x8fe6dd8b), unchecked((int)0x82a5fb52), unchecked((int)0x8664e6e5),
+            unchecked((int)0xbe2b5b58), unchecked((int)0xbaea46ef), unchecked((int)0xb7a96036), unchecked((int)0xb3687d81),
+            unchecked((int)0xad2f2d84), unchecked((int)0xa9ee3033), unchecked((int)0xa4ad16ea), unchecked((int)0xa06c0b5d),
+            unchecked((int)0xd4326d90), unchecked((int)0xd0f37027), unchecked((int)0xddb056fe), unchecked((int)0xd9714b49),
+            unchecked((int)0xc7361b4c), unchecked((int)0xc3f706fb), unchecked((int)0xceb42022), unchecked((int)0xca753d95),
+            unchecked((int)0xf23a8028), unchecked((int)0xf6fb9d9f), unchecked((int)0xfbb8bb46), unchecked((int)0xff79a6f1),
+            unchecked((int)0xe13ef6f4), unchecked((int)0xe5ffeb43), unchecked((int)0xe8bccd9a), unchecked((int)0xec7dd02d),
+            unchecked((int)0x34867077), unchecked((int)0x30476dc0), unchecked((int)0x3d044b19), unchecked((int)0x39c556ae),
+            unchecked((int)0x278206ab), unchecked((int)0x23431b1c), unchecked((int)0x2e003dc5), unchecked((int)0x2ac12072),
+            unchecked((int)0x128e9dcf), unchecked((int)0x164f8078), unchecked((int)0x1b0ca6a1), unchecked((int)0x1fcdbb16),
+            unchecked((int)0x018aeb13), unchecked((int)0x054bf6a4), unchecked((int)0x0808d07d), unchecked((int)0x0cc9cdca),
+            unchecked((int)0x7897ab07), unchecked((int)0x7c56b6b0), unchecked((int)0x71159069), unchecked((int)0x75d48dde),
+            unchecked((int)0x6b93dddb), unchecked((int)0x6f52c06c), unchecked((int)0x6211e6b5), unchecked((int)0x66d0fb02),
+            unchecked((int)0x5e9f46bf), unchecked((int)0x5a5e5b08), unchecked((int)0x571d7dd1), unchecked((int)0x53dc6066),
+            unchecked((int)0x4d9b3063), unchecked((int)0x495a2dd4), unchecked((int)0x44190b0d), unchecked((int)0x40d816ba),
+            unchecked((int)0xaca5c697), unchecked((int)0xa864db20), unchecked((int)0xa527fdf9), unchecked((int)0xa1e6e04e),
+            unchecked((int)0xbfa1b04b), unchecked((int)0xbb60adfc), unchecked((int)0xb6238b25), unchecked((int)0xb2e29692),
+            unchecked((int)0x8aad2b2f), unchecked((int)0x8e6c3698), unchecked((int)0x832f1041), unchecked((int)0x87ee0df6),
+            unchecked((int)0x99a95df3), unchecked((int)0x9d684044), unchecked((int)0x902b669d), unchecked((int)0x94ea7b2a),
+            unchecked((int)0xe0b41de7), unchecked((int)0xe4750050), unchecked((int)0xe9362689), unchecked((int)0xedf73b3e),
+            unchecked((int)0xf3b06b3b), unchecked((int)0xf771768c), unchecked((int)0xfa325055), unchecked((int)0xfef34de2),
+            unchecked((int)0xc6bcf05f), unchecked((int)0xc27dede8), unchecked((int)0xcf3ecb31), unchecked((int)0xcbffd686),
+            unchecked((int)0xd5b88683), unchecked((int)0xd1799b34), unchecked((int)0xdc3abded), unchecked((int)0xd8fba05a),
+            unchecked((int)0x690ce0ee), unchecked((int)0x6dcdfd59), unchecked((int)0x608edb80), unchecked((int)0x644fc637),
+            unchecked((int)0x7a089632), unchecked((int)0x7ec98b85), unchecked((int)0x738aad5c), unchecked((int)0x774bb0eb),
+            unchecked((int)0x4f040d56), unchecked((int)0x4bc510e1), unchecked((int)0x46863638), unchecked((int)0x42472b8f),
+            unchecked((int)0x5c007b8a), unchecked((int)0x58c1663d), unchecked((int)0x558240e4), unchecked((int)0x51435d53),
+            unchecked((int)0x251d3b9e), unchecked((int)0x21dc2629), unchecked((int)0x2c9f00f0), unchecked((int)0x285e1d47),
+            unchecked((int)0x36194d42), unchecked((int)0x32d850f5), unchecked((int)0x3f9b762c), unchecked((int)0x3b5a6b9b),
+            unchecked((int)0x0315d626), unchecked((int)0x07d4cb91), unchecked((int)0x0a97ed48), unchecked((int)0x0e56f0ff),
+            unchecked((int)0x1011a0fa), unchecked((int)0x14d0bd4d), unchecked((int)0x19939b94), unchecked((int)0x1d528623),
+            unchecked((int)0xf12f560e), unchecked((int)0xf5ee4bb9), unchecked((int)0xf8ad6d60), unchecked((int)0xfc6c70d7),
+            unchecked((int)0xe22b20d2), unchecked((int)0xe6ea3d65), unchecked((int)0xeba91bbc), unchecked((int)0xef68060b),
+            unchecked((int)0xd727bbb6), unchecked((int)0xd3e6a601), unchecked((int)0xdea580d8), unchecked((int)0xda649d6f),
+            unchecked((int)0xc423cd6a), unchecked((int)0xc0e2d0dd), unchecked((int)0xcda1f604), unchecked((int)0xc960ebb3),
+            unchecked((int)0xbd3e8d7e), unchecked((int)0xb9ff90c9), unchecked((int)0xb4bcb610), unchecked((int)0xb07daba7),
+            unchecked((int)0xae3afba2), unchecked((int)0xaafbe615), unchecked((int)0xa7b8c0cc), unchecked((int)0xa379dd7b),
+            unchecked((int)0x9b3660c6), unchecked((int)0x9ff77d71), unchecked((int)0x92b45ba8), unchecked((int)0x9675461f),
+            unchecked((int)0x8832161a), unchecked((int)0x8cf30bad), unchecked((int)0x81b02d74), unchecked((int)0x857130c3),
+            unchecked((int)0x5d8a9099), unchecked((int)0x594b8d2e), unchecked((int)0x5408abf7), unchecked((int)0x50c9b640),
+            unchecked((int)0x4e8ee645), unchecked((int)0x4a4ffbf2), unchecked((int)0x470cdd2b), unchecked((int)0x43cdc09c),
+            unchecked((int)0x7b827d21), unchecked((int)0x7f436096), unchecked((int)0x7200464f), unchecked((int)0x76c15bf8),
+            unchecked((int)0x68860bfd), unchecked((int)0x6c47164a), unchecked((int)0x61043093), unchecked((int)0x65c52d24),
+            unchecked((int)0x119b4be9), unchecked((int)0x155a565e), unchecked((int)0x18197087), unchecked((int)0x1cd86d30),
+            unchecked((int)0x029f3d35), unchecked((int)0x065e2082), unchecked((int)0x0b1d065b), unchecked((int)0x0fdc1bec),
+            unchecked((int)0x3793a651), unchecked((int)0x3352bbe6), unchecked((int)0x3e119d3f), unchecked((int)0x3ad08088),
+            unchecked((int)0x2497d08d), unchecked((int)0x2056cd3a), unchecked((int)0x2d15ebe3), unchecked((int)0x29d4f654),
+            unchecked((int)0xc5a92679), unchecked((int)0xc1683bce), unchecked((int)0xcc2b1d17), unchecked((int)0xc8ea00a0),
+            unchecked((int)0xd6ad50a5), unchecked((int)0xd26c4d12), unchecked((int)0xdf2f6bcb), unchecked((int)0xdbee767c),
+            unchecked((int)0xe3a1cbc1), unchecked((int)0xe760d676), unchecked((int)0xea23f0af), unchecked((int)0xeee2ed18),
+            unchecked((int)0xf0a5bd1d), unchecked((int)0xf464a0aa), unchecked((int)0xf9278673), unchecked((int)0xfde69bc4),
+            unchecked((int)0x89b8fd09), unchecked((int)0x8d79e0be), unchecked((int)0x803ac667), unchecked((int)0x84fbdbd0),
+            unchecked((int)0x9abc8bd5), unchecked((int)0x9e7d9662), unchecked((int)0x933eb0bb), unchecked((int)0x97ffad0c),
+            unchecked((int)0xafb010b1), unchecked((int)0xab710d06), unchecked((int)0xa6322bdf), unchecked((int)0xa2f33668),
+            unchecked((int)0xbcb4666d), unchecked((int)0xb8757bda), unchecked((int)0xb5365d03), unchecked((int)0xb1f740b4)
+        };
+
+        public CRC() {
+            InitialiseCRC();
+        }
+
+        internal void InitialiseCRC() {
+            globalCrc = unchecked((int)0xffffffff);
+        }
+
+        internal int GetFinalCRC() {
+            return ~globalCrc;
+        }
+
+        internal int GetGlobalCRC() {
+            return globalCrc;
+        }
+
+        internal void SetGlobalCRC(int newCrc) {
+            globalCrc = newCrc;
+        }
+
+        internal void UpdateCRC(int inCh) {
+            int temp = (globalCrc >> 24) ^ inCh;
+            if (temp < 0) {
+                temp = 256 + temp;
+            }
+            globalCrc = (globalCrc << 8) ^ CRC.crc32Table[temp];
+        }
+
+        internal int globalCrc;
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/asn1/ASN1Generator.cs b/bc-sharp-crypto/src/asn1/ASN1Generator.cs
new file mode 100644
index 0000000..e560517
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1Generator.cs
@@ -0,0 +1,27 @@
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public abstract class Asn1Generator
+    {
+		private Stream _out;
+
+		protected Asn1Generator(
+			Stream outStream)
+        {
+            _out = outStream;
+        }
+
+		protected Stream Out
+		{
+			get { return _out; }
+		}
+
+		public abstract void AddObject(Asn1Encodable obj);
+
+		public abstract Stream GetRawOutputStream();
+
+		public abstract void Close();
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ASN1OctetStringParser.cs b/bc-sharp-crypto/src/asn1/ASN1OctetStringParser.cs
new file mode 100644
index 0000000..5815aa4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1OctetStringParser.cs
@@ -0,0 +1,10 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public interface Asn1OctetStringParser
+		: IAsn1Convertible
+	{
+		Stream GetOctetStream();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ASN1SequenceParser.cs b/bc-sharp-crypto/src/asn1/ASN1SequenceParser.cs
new file mode 100644
index 0000000..9e88ac7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1SequenceParser.cs
@@ -0,0 +1,8 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public interface Asn1SequenceParser
+		: IAsn1Convertible
+	{
+		IAsn1Convertible ReadObject();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ASN1SetParser.cs b/bc-sharp-crypto/src/asn1/ASN1SetParser.cs
new file mode 100644
index 0000000..d1b9c64
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1SetParser.cs
@@ -0,0 +1,8 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public interface Asn1SetParser
+		: IAsn1Convertible
+	{
+		IAsn1Convertible ReadObject();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ASN1StreamParser.cs b/bc-sharp-crypto/src/asn1/ASN1StreamParser.cs
new file mode 100644
index 0000000..0c6b441
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1StreamParser.cs
@@ -0,0 +1,234 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class Asn1StreamParser
+	{
+		private readonly Stream _in;
+		private readonly int _limit;
+
+        private readonly byte[][] tmpBuffers;
+
+        public Asn1StreamParser(
+			Stream inStream)
+			: this(inStream, Asn1InputStream.FindLimit(inStream))
+		{
+		}
+
+		public Asn1StreamParser(
+			Stream	inStream,
+			int		limit)
+		{
+			if (!inStream.CanRead)
+				throw new ArgumentException("Expected stream to be readable", "inStream");
+
+			this._in = inStream;
+			this._limit = limit;
+            this.tmpBuffers = new byte[16][];
+        }
+
+		public Asn1StreamParser(
+			byte[] encoding)
+			: this(new MemoryStream(encoding, false), encoding.Length)
+		{
+		}
+
+		internal IAsn1Convertible ReadIndef(int tagValue)
+		{
+			// Note: INDEF => CONSTRUCTED
+
+			// TODO There are other tags that may be constructed (e.g. BIT_STRING)
+			switch (tagValue)
+			{
+				case Asn1Tags.External:
+					return new DerExternalParser(this);
+				case Asn1Tags.OctetString:
+					return new BerOctetStringParser(this);
+				case Asn1Tags.Sequence:
+					return new BerSequenceParser(this);
+				case Asn1Tags.Set:
+					return new BerSetParser(this);
+				default:
+					throw new Asn1Exception("unknown BER object encountered: 0x" + tagValue.ToString("X"));
+			}
+		}
+
+		internal IAsn1Convertible ReadImplicit(bool constructed, int tag)
+		{
+			if (_in is IndefiniteLengthInputStream)
+			{
+				if (!constructed)
+					throw new IOException("indefinite length primitive encoding encountered");
+
+				return ReadIndef(tag);
+			}
+
+			if (constructed)
+			{
+				switch (tag)
+				{
+					case Asn1Tags.Set:
+						return new DerSetParser(this);
+					case Asn1Tags.Sequence:
+						return new DerSequenceParser(this);
+					case Asn1Tags.OctetString:
+						return new BerOctetStringParser(this);
+				}
+			}
+			else
+			{
+				switch (tag)
+				{
+					case Asn1Tags.Set:
+						throw new Asn1Exception("sequences must use constructed encoding (see X.690 8.9.1/8.10.1)");
+					case Asn1Tags.Sequence:
+						throw new Asn1Exception("sets must use constructed encoding (see X.690 8.11.1/8.12.1)");
+					case Asn1Tags.OctetString:
+						return new DerOctetStringParser((DefiniteLengthInputStream)_in);
+				}
+			}
+
+			throw new Asn1Exception("implicit tagging not implemented");
+		}
+
+		internal Asn1Object ReadTaggedObject(bool constructed, int tag)
+		{
+			if (!constructed)
+			{
+				// Note: !CONSTRUCTED => IMPLICIT
+				DefiniteLengthInputStream defIn = (DefiniteLengthInputStream)_in;
+				return new DerTaggedObject(false, tag, new DerOctetString(defIn.ToArray()));
+			}
+
+			Asn1EncodableVector v = ReadVector();
+
+			if (_in is IndefiniteLengthInputStream)
+			{
+				return v.Count == 1
+					?   new BerTaggedObject(true, tag, v[0])
+					:   new BerTaggedObject(false, tag, BerSequence.FromVector(v));
+			}
+
+			return v.Count == 1
+				?   new DerTaggedObject(true, tag, v[0])
+				:   new DerTaggedObject(false, tag, DerSequence.FromVector(v));
+		}
+
+		public virtual IAsn1Convertible ReadObject()
+		{
+			int tag = _in.ReadByte();
+			if (tag == -1)
+				return null;
+
+			// turn of looking for "00" while we resolve the tag
+			Set00Check(false);
+
+			//
+			// calculate tag number
+			//
+			int tagNo = Asn1InputStream.ReadTagNumber(_in, tag);
+
+			bool isConstructed = (tag & Asn1Tags.Constructed) != 0;
+
+			//
+			// calculate length
+			//
+			int length = Asn1InputStream.ReadLength(_in, _limit);
+
+			if (length < 0) // indefinite length method
+			{
+				if (!isConstructed)
+					throw new IOException("indefinite length primitive encoding encountered");
+
+				IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(_in, _limit);
+				Asn1StreamParser sp = new Asn1StreamParser(indIn, _limit);
+
+				if ((tag & Asn1Tags.Application) != 0)
+				{
+					return new BerApplicationSpecificParser(tagNo, sp);
+				}
+
+				if ((tag & Asn1Tags.Tagged) != 0)
+				{
+					return new BerTaggedObjectParser(true, tagNo, sp);
+				}
+
+				return sp.ReadIndef(tagNo);
+			}
+			else
+			{
+				DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(_in, length);
+
+				if ((tag & Asn1Tags.Application) != 0)
+				{
+					return new DerApplicationSpecific(isConstructed, tagNo, defIn.ToArray());
+				}
+
+				if ((tag & Asn1Tags.Tagged) != 0)
+				{
+					return new BerTaggedObjectParser(isConstructed, tagNo, new Asn1StreamParser(defIn));
+				}
+
+				if (isConstructed)
+				{
+					// TODO There are other tags that may be constructed (e.g. BitString)
+					switch (tagNo)
+					{
+						case Asn1Tags.OctetString:
+							//
+							// yes, people actually do this...
+							//
+							return new BerOctetStringParser(new Asn1StreamParser(defIn));
+						case Asn1Tags.Sequence:
+							return new DerSequenceParser(new Asn1StreamParser(defIn));
+						case Asn1Tags.Set:
+							return new DerSetParser(new Asn1StreamParser(defIn));
+						case Asn1Tags.External:
+							return new DerExternalParser(new Asn1StreamParser(defIn));
+						default:
+                            throw new IOException("unknown tag " + tagNo + " encountered");
+                    }
+				}
+
+				// Some primitive encodings can be handled by parsers too...
+				switch (tagNo)
+				{
+					case Asn1Tags.OctetString:
+						return new DerOctetStringParser(defIn);
+				}
+
+				try
+				{
+					return Asn1InputStream.CreatePrimitiveDerObject(tagNo, defIn, tmpBuffers);
+				}
+				catch (ArgumentException e)
+				{
+					throw new Asn1Exception("corrupted stream detected", e);
+				}
+			}
+		}
+
+		private void Set00Check(
+			bool enabled)
+		{
+			if (_in is IndefiniteLengthInputStream)
+			{
+				((IndefiniteLengthInputStream) _in).SetEofOn00(enabled);
+			}
+		}
+
+		internal Asn1EncodableVector ReadVector()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			IAsn1Convertible obj;
+			while ((obj = ReadObject()) != null)
+			{
+				v.Add(obj.ToAsn1Object());
+			}
+
+			return v;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ASN1TaggedObjectParser.cs b/bc-sharp-crypto/src/asn1/ASN1TaggedObjectParser.cs
new file mode 100644
index 0000000..32327a2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ASN1TaggedObjectParser.cs
@@ -0,0 +1,10 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public interface Asn1TaggedObjectParser
+		: IAsn1Convertible
+	{
+		int TagNo { get; }
+
+		IAsn1Convertible GetObjectParser(int tag, bool isExplicit);
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Encodable.cs b/bc-sharp-crypto/src/asn1/Asn1Encodable.cs
new file mode 100644
index 0000000..e3dd9a1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Encodable.cs
@@ -0,0 +1,78 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public abstract class Asn1Encodable
+		: IAsn1Convertible
+    {
+		public const string Der = "DER";
+		public const string Ber = "BER";
+
+		public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+            Asn1OutputStream aOut = new Asn1OutputStream(bOut);
+
+			aOut.WriteObject(this);
+
+			return bOut.ToArray();
+        }
+
+		public byte[] GetEncoded(
+			string encoding)
+		{
+			if (encoding.Equals(Der))
+			{
+				MemoryStream bOut = new MemoryStream();
+				DerOutputStream dOut = new DerOutputStream(bOut);
+
+				dOut.WriteObject(this);
+
+				return bOut.ToArray();
+			}
+
+			return GetEncoded();
+		}
+
+		/**
+		* Return the DER encoding of the object, null if the DER encoding can not be made.
+		*
+		* @return a DER byte array, null otherwise.
+		*/
+		public byte[] GetDerEncoded()
+		{
+			try
+			{
+				return GetEncoded(Der);
+			}
+			catch (IOException)
+			{
+				return null;
+			}
+		}
+
+		public sealed override int GetHashCode()
+		{
+			return ToAsn1Object().CallAsn1GetHashCode();
+		}
+
+		public sealed override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			IAsn1Convertible other = obj as IAsn1Convertible;
+
+			if (other == null)
+				return false;
+
+			Asn1Object o1 = ToAsn1Object();
+			Asn1Object o2 = other.ToAsn1Object();
+
+			return o1 == o2 || o1.CallAsn1Equals(o2);
+		}
+
+		public abstract Asn1Object ToAsn1Object();
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1EncodableVector.cs b/bc-sharp-crypto/src/asn1/Asn1EncodableVector.cs
new file mode 100644
index 0000000..49532fe
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1EncodableVector.cs
@@ -0,0 +1,93 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class Asn1EncodableVector
+		: IEnumerable
+    {
+        private IList v = Platform.CreateArrayList();
+
+		public static Asn1EncodableVector FromEnumerable(
+			IEnumerable e)
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+			foreach (Asn1Encodable obj in e)
+			{
+				v.Add(obj);
+			}
+			return v;
+		}
+
+//		public Asn1EncodableVector()
+//		{
+//		}
+
+		public Asn1EncodableVector(
+			params Asn1Encodable[] v)
+		{
+			Add(v);
+		}
+
+//		public void Add(
+//			Asn1Encodable obj)
+//		{
+//			v.Add(obj);
+//		}
+
+		public void Add(
+			params Asn1Encodable[] objs)
+		{
+			foreach (Asn1Encodable obj in objs)
+			{
+				v.Add(obj);
+			}
+		}
+
+		public void AddOptional(
+			params Asn1Encodable[] objs)
+		{
+			if (objs != null)
+			{
+				foreach (Asn1Encodable obj in objs)
+				{
+					if (obj != null)
+					{
+						v.Add(obj);
+					}
+				}
+			}
+		}
+
+		public Asn1Encodable this[
+			int index]
+		{
+			get { return (Asn1Encodable) v[index]; }
+		}
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public Asn1Encodable Get(
+            int index)
+        {
+            return this[index];
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+		{
+			get { return v.Count; }
+		}
+
+		public int Count
+		{
+			get { return v.Count; }
+		}
+
+		public IEnumerator GetEnumerator()
+		{
+			return v.GetEnumerator();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Exception.cs b/bc-sharp-crypto/src/asn1/Asn1Exception.cs
new file mode 100644
index 0000000..1dfe173
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Exception.cs
@@ -0,0 +1,30 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class Asn1Exception
+		: IOException
+	{
+		public Asn1Exception()
+			: base()
+		{
+		}
+
+		public Asn1Exception(
+			string message)
+			: base(message)
+		{
+		}
+
+		public Asn1Exception(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1InputStream.cs b/bc-sharp-crypto/src/asn1/Asn1InputStream.cs
new file mode 100644
index 0000000..a94ae52
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1InputStream.cs
@@ -0,0 +1,371 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * a general purpose ASN.1 decoder - note: this class differs from the
+     * others in that it returns null after it has read the last object in
+     * the stream. If an ASN.1 Null is encountered a Der/BER Null object is
+     * returned.
+     */
+    public class Asn1InputStream
+        : FilterStream
+    {
+        private readonly int limit;
+
+        private readonly byte[][] tmpBuffers;
+
+        internal static int FindLimit(Stream input)
+        {
+            if (input is LimitedInputStream)
+            {
+                return ((LimitedInputStream)input).GetRemaining();
+            }
+            else if (input is MemoryStream)
+            {
+                MemoryStream mem = (MemoryStream)input;
+                return (int)(mem.Length - mem.Position);
+            }
+
+            return int.MaxValue;
+        }
+
+        public Asn1InputStream(
+            Stream inputStream)
+            : this(inputStream, FindLimit(inputStream))
+        {
+        }
+
+        /**
+         * Create an ASN1InputStream where no DER object will be longer than limit.
+         *
+         * @param input stream containing ASN.1 encoded data.
+         * @param limit maximum size of a DER encoded object.
+         */
+        public Asn1InputStream(
+            Stream	inputStream,
+            int		limit)
+            : base(inputStream)
+        {
+            this.limit = limit;
+            this.tmpBuffers = new byte[16][];
+        }
+
+        /**
+         * Create an ASN1InputStream based on the input byte array. The length of DER objects in
+         * the stream is automatically limited to the length of the input array.
+         *
+         * @param input array containing ASN.1 encoded data.
+         */
+        public Asn1InputStream(
+            byte[] input)
+            : this(new MemoryStream(input, false), input.Length)
+        {
+        }
+
+        /**
+        * build an object given its tag and the number of bytes to construct it from.
+        */
+        private Asn1Object BuildObject(
+            int	tag,
+            int	tagNo,
+            int	length)
+        {
+            bool isConstructed = (tag & Asn1Tags.Constructed) != 0;
+
+            DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(this.s, length);
+
+            if ((tag & Asn1Tags.Application) != 0)
+            {
+                return new DerApplicationSpecific(isConstructed, tagNo, defIn.ToArray());
+            }
+
+            if ((tag & Asn1Tags.Tagged) != 0)
+            {
+                return new Asn1StreamParser(defIn).ReadTaggedObject(isConstructed, tagNo);
+            }
+
+            if (isConstructed)
+            {
+                // TODO There are other tags that may be constructed (e.g. BitString)
+                switch (tagNo)
+                {
+                    case Asn1Tags.OctetString:
+                        //
+                        // yes, people actually do this...
+                        //
+                        return new BerOctetString(BuildDerEncodableVector(defIn));
+                    case Asn1Tags.Sequence:
+                        return CreateDerSequence(defIn);
+                    case Asn1Tags.Set:
+                        return CreateDerSet(defIn);
+                    case Asn1Tags.External:
+                        return new DerExternal(BuildDerEncodableVector(defIn));                
+                    default:
+                        throw new IOException("unknown tag " + tagNo + " encountered");
+                }
+            }
+
+            return CreatePrimitiveDerObject(tagNo, defIn, tmpBuffers);
+        }
+
+        internal Asn1EncodableVector BuildEncodableVector()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            Asn1Object o;
+            while ((o = ReadObject()) != null)
+            {
+                v.Add(o);
+            }
+
+            return v;
+        }
+
+        internal virtual Asn1EncodableVector BuildDerEncodableVector(
+            DefiniteLengthInputStream dIn)
+        {
+            return new Asn1InputStream(dIn).BuildEncodableVector();
+        }
+
+        internal virtual DerSequence CreateDerSequence(
+            DefiniteLengthInputStream dIn)
+        {
+            return DerSequence.FromVector(BuildDerEncodableVector(dIn));
+        }
+
+        internal virtual DerSet CreateDerSet(
+            DefiniteLengthInputStream dIn)
+        {
+            return DerSet.FromVector(BuildDerEncodableVector(dIn), false);
+        }
+
+        public Asn1Object ReadObject()
+        {
+            int tag = ReadByte();
+            if (tag <= 0)
+            {
+                if (tag == 0)
+                    throw new IOException("unexpected end-of-contents marker");
+
+                return null;
+            }
+
+            //
+            // calculate tag number
+            //
+            int tagNo = ReadTagNumber(this.s, tag);
+
+            bool isConstructed = (tag & Asn1Tags.Constructed) != 0;
+
+            //
+            // calculate length
+            //
+            int length = ReadLength(this.s, limit);
+
+            if (length < 0) // indefinite length method
+            {
+                if (!isConstructed)
+                    throw new IOException("indefinite length primitive encoding encountered");
+
+                IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(this.s, limit);
+                Asn1StreamParser sp = new Asn1StreamParser(indIn, limit);
+
+                if ((tag & Asn1Tags.Application) != 0)
+                {
+                    return new BerApplicationSpecificParser(tagNo, sp).ToAsn1Object();
+                }
+
+                if ((tag & Asn1Tags.Tagged) != 0)
+                {
+                    return new BerTaggedObjectParser(true, tagNo, sp).ToAsn1Object();
+                }
+
+                // TODO There are other tags that may be constructed (e.g. BitString)
+                switch (tagNo)
+                {
+                    case Asn1Tags.OctetString:
+                        return new BerOctetStringParser(sp).ToAsn1Object();
+                    case Asn1Tags.Sequence:
+                        return new BerSequenceParser(sp).ToAsn1Object();
+                    case Asn1Tags.Set:
+                        return new BerSetParser(sp).ToAsn1Object();
+                    case Asn1Tags.External:
+                        return new DerExternalParser(sp).ToAsn1Object();
+                    default:
+                        throw new IOException("unknown BER object encountered");
+                }
+            }
+            else
+            {
+                try
+                {
+                    return BuildObject(tag, tagNo, length);
+                }
+                catch (ArgumentException e)
+                {
+                    throw new Asn1Exception("corrupted stream detected", e);
+                }
+            }
+        }
+
+        internal static int ReadTagNumber(
+            Stream	s,
+            int		tag)
+        {
+            int tagNo = tag & 0x1f;
+
+            //
+            // with tagged object tag number is bottom 5 bits, or stored at the start of the content
+            //
+            if (tagNo == 0x1f)
+            {
+                tagNo = 0;
+
+                int b = s.ReadByte();
+
+                // X.690-0207 8.1.2.4.2
+                // "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
+                if ((b & 0x7f) == 0) // Note: -1 will pass
+                {
+                    throw new IOException("Corrupted stream - invalid high tag number found");
+                }
+
+                while ((b >= 0) && ((b & 0x80) != 0))
+                {
+                    tagNo |= (b & 0x7f);
+                    tagNo <<= 7;
+                    b = s.ReadByte();
+                }
+
+                if (b < 0)
+                    throw new EndOfStreamException("EOF found inside tag value.");
+
+                tagNo |= (b & 0x7f);
+            }
+
+            return tagNo;
+        }
+
+        internal static int ReadLength(
+            Stream	s,
+            int		limit)
+        {
+            int length = s.ReadByte();
+            if (length < 0)
+                throw new EndOfStreamException("EOF found when length expected");
+
+            if (length == 0x80)
+                return -1;      // indefinite-length encoding
+
+            if (length > 127)
+            {
+                int size = length & 0x7f;
+
+                // Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
+                if (size > 4)
+                    throw new IOException("DER length more than 4 bytes: " + size);
+
+                length = 0;
+                for (int i = 0; i < size; i++)
+                {
+                    int next = s.ReadByte();
+
+                    if (next < 0)
+                        throw new EndOfStreamException("EOF found reading length");
+
+                    length = (length << 8) + next;
+                }
+
+                if (length < 0)
+                    throw new IOException("Corrupted stream - negative length found");
+
+                if (length >= limit)   // after all we must have read at least 1 byte
+                    throw new IOException("Corrupted stream - out of bounds length found");
+            }
+
+            return length;
+        }
+
+        internal static byte[] GetBuffer(DefiniteLengthInputStream defIn, byte[][] tmpBuffers)
+        {
+            int len = defIn.GetRemaining();
+            if (len >= tmpBuffers.Length)
+            {
+                return defIn.ToArray();
+            }
+
+            byte[] buf = tmpBuffers[len];
+            if (buf == null)
+            {
+                buf = tmpBuffers[len] = new byte[len];
+            }
+
+            defIn.ReadAllIntoByteArray(buf);
+
+            return buf;
+        }
+
+        internal static Asn1Object CreatePrimitiveDerObject(
+            int                         tagNo,
+            DefiniteLengthInputStream   defIn,
+            byte[][]                    tmpBuffers)
+        {
+            switch (tagNo)
+            {
+                case Asn1Tags.Boolean:
+                    return DerBoolean.FromOctetString(GetBuffer(defIn, tmpBuffers));
+                case Asn1Tags.Enumerated:
+                    return DerEnumerated.FromOctetString(GetBuffer(defIn, tmpBuffers));
+                case Asn1Tags.ObjectIdentifier:
+                    return DerObjectIdentifier.FromOctetString(GetBuffer(defIn, tmpBuffers));
+            }
+
+            byte[] bytes = defIn.ToArray();
+
+            switch (tagNo)
+            {
+                case Asn1Tags.BitString:
+                    return DerBitString.FromAsn1Octets(bytes);
+                case Asn1Tags.BmpString:
+                    return new DerBmpString(bytes);
+                case Asn1Tags.GeneralizedTime:
+                    return new DerGeneralizedTime(bytes);
+                case Asn1Tags.GeneralString:
+                    return new DerGeneralString(bytes);
+                case Asn1Tags.GraphicString:
+                    return new DerGraphicString(bytes);
+                case Asn1Tags.IA5String:
+                    return new DerIA5String(bytes);
+                case Asn1Tags.Integer:
+                    return new DerInteger(bytes);
+                case Asn1Tags.Null:
+                    return DerNull.Instance;   // actual content is ignored (enforce 0 length?)
+                case Asn1Tags.NumericString:
+                    return new DerNumericString(bytes);
+                case Asn1Tags.OctetString:
+                    return new DerOctetString(bytes);
+                case Asn1Tags.PrintableString:
+                    return new DerPrintableString(bytes);
+                case Asn1Tags.T61String:
+                    return new DerT61String(bytes);
+                case Asn1Tags.UniversalString:
+                    return new DerUniversalString(bytes);
+                case Asn1Tags.UtcTime:
+                    return new DerUtcTime(bytes);
+                case Asn1Tags.Utf8String:
+                    return new DerUtf8String(bytes);
+                case Asn1Tags.VideotexString:
+                    return new DerVideotexString(bytes);
+                case Asn1Tags.VisibleString:
+                    return new DerVisibleString(bytes);
+                default:
+                    throw new IOException("unknown tag " + tagNo + " encountered");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Null.cs b/bc-sharp-crypto/src/asn1/Asn1Null.cs
new file mode 100644
index 0000000..d54019f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Null.cs
@@ -0,0 +1,18 @@
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * A Null object.
+     */
+    public abstract class Asn1Null
+        : Asn1Object
+    {
+        internal Asn1Null()
+        {
+        }
+
+		public override string ToString()
+		{
+			return "NULL";
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Object.cs b/bc-sharp-crypto/src/asn1/Asn1Object.cs
new file mode 100644
index 0000000..4faa81a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Object.cs
@@ -0,0 +1,70 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public abstract class Asn1Object
+		: Asn1Encodable
+    {
+        /// <summary>Create a base ASN.1 object from a byte array.</summary>
+        /// <param name="data">The byte array to parse.</param>
+        /// <returns>The base ASN.1 object represented by the byte array.</returns>
+        /// <exception cref="IOException">
+        /// If there is a problem parsing the data, or parsing an object did not exhaust the available data.
+        /// </exception>
+        public static Asn1Object FromByteArray(
+			byte[] data)
+		{
+            try
+			{
+                MemoryStream input = new MemoryStream(data, false);
+                Asn1InputStream asn1 = new Asn1InputStream(input, data.Length);
+                Asn1Object result = asn1.ReadObject();
+                if (input.Position != input.Length)
+                    throw new IOException("extra data found after object");
+                return result;
+			}
+			catch (InvalidCastException)
+			{
+				throw new IOException("cannot recognise object in byte array");
+			}
+		}
+
+		/// <summary>Read a base ASN.1 object from a stream.</summary>
+		/// <param name="inStr">The stream to parse.</param>
+		/// <returns>The base ASN.1 object represented by the byte array.</returns>
+		/// <exception cref="IOException">If there is a problem parsing the data.</exception>
+		public static Asn1Object FromStream(
+			Stream inStr)
+		{
+			try
+			{
+				return new Asn1InputStream(inStr).ReadObject();
+			}
+			catch (InvalidCastException)
+			{
+				throw new IOException("cannot recognise object in stream");
+			}
+		}
+
+		public sealed override Asn1Object ToAsn1Object()
+        {
+            return this;
+        }
+
+		internal abstract void Encode(DerOutputStream derOut);
+
+		protected abstract bool Asn1Equals(Asn1Object asn1Object);
+		protected abstract int Asn1GetHashCode();
+
+		internal bool CallAsn1Equals(Asn1Object obj)
+		{
+			return Asn1Equals(obj);
+		}
+
+		internal int CallAsn1GetHashCode()
+		{
+			return Asn1GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1OctetString.cs b/bc-sharp-crypto/src/asn1/Asn1OctetString.cs
new file mode 100644
index 0000000..73b6e51
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1OctetString.cs
@@ -0,0 +1,119 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public abstract class Asn1OctetString
+        : Asn1Object, Asn1OctetStringParser
+    {
+        internal byte[] str;
+
+		/**
+         * return an Octet string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *              be converted.
+         */
+		public static Asn1OctetString GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is Asn1OctetString)
+			{
+				return GetInstance(o);
+			}
+
+			return BerOctetString.FromSequence(Asn1Sequence.GetInstance(o));
+		}
+
+        /**
+         * return an Octet string from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+		public static Asn1OctetString GetInstance(object obj)
+		{
+			if (obj == null || obj is Asn1OctetString)
+			{
+				return (Asn1OctetString)obj;
+			}
+
+			// TODO: this needs to be deleted in V2
+			if (obj is Asn1TaggedObject)
+				return GetInstance(((Asn1TaggedObject)obj).GetObject());
+
+			throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+		}
+
+        /**
+         * @param string the octets making up the octet string.
+         */
+        internal Asn1OctetString(
+            byte[] str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+        internal Asn1OctetString(
+            Asn1Encodable obj)
+        {
+            try
+            {
+				this.str = obj.GetEncoded(Asn1Encodable.Der);
+            }
+            catch (IOException e)
+            {
+                throw new ArgumentException("Error processing object : " + e.ToString());
+            }
+        }
+
+		public Stream GetOctetStream()
+		{
+			return new MemoryStream(str, false);
+		}
+
+		public Asn1OctetStringParser Parser
+		{
+			get { return this; }
+		}
+
+		public virtual byte[] GetOctets()
+        {
+            return str;
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+			return Arrays.GetHashCode(GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerOctetString other = asn1Object as DerOctetString;
+
+			if (other == null)
+				return false;
+
+			return Arrays.AreEqual(GetOctets(), other.GetOctets());
+		}
+
+		public override string ToString()
+		{
+			return "#" + Hex.ToHexString(str);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1OutputStream.cs b/bc-sharp-crypto/src/asn1/Asn1OutputStream.cs
new file mode 100644
index 0000000..39c8b1e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1OutputStream.cs
@@ -0,0 +1,35 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class Asn1OutputStream
+        : DerOutputStream
+    {
+        public Asn1OutputStream(Stream os) : base(os)
+        {
+        }
+
+		[Obsolete("Use version taking an Asn1Encodable arg instead")]
+        public override void WriteObject(
+            object    obj)
+        {
+            if (obj == null)
+            {
+                WriteNull();
+            }
+            else if (obj is Asn1Object)
+            {
+                ((Asn1Object)obj).Encode(this);
+            }
+            else if (obj is Asn1Encodable)
+            {
+                ((Asn1Encodable)obj).ToAsn1Object().Encode(this);
+            }
+            else
+            {
+                throw new IOException("object not Asn1Encodable");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1ParsingException.cs b/bc-sharp-crypto/src/asn1/Asn1ParsingException.cs
new file mode 100644
index 0000000..84cdb78
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1ParsingException.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class Asn1ParsingException
+		: InvalidOperationException
+	{
+		public Asn1ParsingException()
+			: base()
+		{
+		}
+
+		public Asn1ParsingException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public Asn1ParsingException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Sequence.cs b/bc-sharp-crypto/src/asn1/Asn1Sequence.cs
new file mode 100644
index 0000000..849f5e3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Sequence.cs
@@ -0,0 +1,268 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public abstract class Asn1Sequence
+        : Asn1Object, IEnumerable
+    {
+        private readonly IList seq;
+
+        /**
+         * return an Asn1Sequence from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static Asn1Sequence GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Asn1Sequence)
+            {
+                return (Asn1Sequence)obj;
+            }
+            else if (obj is Asn1SequenceParser)
+            {
+                return Asn1Sequence.GetInstance(((Asn1SequenceParser)obj).ToAsn1Object());
+            }
+            else if (obj is byte[])
+            {
+                try
+                {
+                    return Asn1Sequence.GetInstance(FromByteArray((byte[])obj));
+                }
+                catch (IOException e)
+                {
+                    throw new ArgumentException("failed to construct sequence from byte[]: " + e.Message);
+                }
+            }
+            else if (obj is Asn1Encodable)
+            {
+                Asn1Object primitive = ((Asn1Encodable)obj).ToAsn1Object();
+                
+                if (primitive is Asn1Sequence)
+                {
+                    return (Asn1Sequence)primitive;
+                }
+            }
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * Return an ASN1 sequence from a tagged object. There is a special
+         * case here, if an object appears to have been explicitly tagged on
+         * reading but we were expecting it to be implicitly tagged in the
+         * normal course of events it indicates that we lost the surrounding
+         * sequence - so we need to add it back (this will happen if the tagged
+         * object is a sequence that contains other sequences). If you are
+         * dealing with implicitly tagged sequences you really <b>should</b>
+         * be using this method.
+         *
+         * @param obj the tagged object.
+         * @param explicitly true if the object is meant to be explicitly tagged,
+         *          false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *          be converted.
+         */
+        public static Asn1Sequence GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            Asn1Object inner = obj.GetObject();
+
+            if (explicitly)
+            {
+                if (!obj.IsExplicit())
+                    throw new ArgumentException("object implicit - explicit expected.");
+
+                return (Asn1Sequence) inner;
+            }
+
+            //
+            // constructed object which appears to be explicitly tagged
+            // when it should be implicit means we have to add the
+            // surrounding sequence.
+            //
+            if (obj.IsExplicit())
+            {
+                if (obj is BerTaggedObject)
+                {
+                    return new BerSequence(inner);
+                }
+
+                return new DerSequence(inner);
+            }
+
+            if (inner is Asn1Sequence)
+            {
+                return (Asn1Sequence) inner;
+            }
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        protected internal Asn1Sequence(
+            int capacity)
+        {
+            seq = Platform.CreateArrayList(capacity);
+        }
+
+        public virtual IEnumerator GetEnumerator()
+        {
+            return seq.GetEnumerator();
+        }
+
+        [Obsolete("Use GetEnumerator() instead")]
+        public IEnumerator GetObjects()
+        {
+            return GetEnumerator();
+        }
+
+        private class Asn1SequenceParserImpl
+            : Asn1SequenceParser
+        {
+            private readonly Asn1Sequence outer;
+            private readonly int max;
+            private int index;
+
+            public Asn1SequenceParserImpl(
+                Asn1Sequence outer)
+            {
+                this.outer = outer;
+                this.max = outer.Count;
+            }
+
+            public IAsn1Convertible ReadObject()
+            {
+                if (index == max)
+                    return null;
+
+                Asn1Encodable obj = outer[index++];
+
+                if (obj is Asn1Sequence)
+                    return ((Asn1Sequence)obj).Parser;
+
+                if (obj is Asn1Set)
+                    return ((Asn1Set)obj).Parser;
+
+                // NB: Asn1OctetString implements Asn1OctetStringParser directly
+//				if (obj is Asn1OctetString)
+//					return ((Asn1OctetString)obj).Parser;
+
+                return obj;
+            }
+
+            public Asn1Object ToAsn1Object()
+            {
+                return outer;
+            }
+        }
+
+        public virtual Asn1SequenceParser Parser
+        {
+            get { return new Asn1SequenceParserImpl(this); }
+        }
+
+        /**
+         * return the object at the sequence position indicated by index.
+         *
+         * @param index the sequence number (starting at zero) of the object
+         * @return the object at the sequence position indicated by index.
+         */
+        public virtual Asn1Encodable this[int index]
+        {
+            get { return (Asn1Encodable) seq[index]; }
+        }
+
+        [Obsolete("Use 'object[index]' syntax instead")]
+        public Asn1Encodable GetObjectAt(
+            int index)
+        {
+             return this[index];
+        }
+
+        [Obsolete("Use 'Count' property instead")]
+        public int Size
+        {
+            get { return Count; }
+        }
+
+        public virtual int Count
+        {
+            get { return seq.Count; }
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            int hc = Count;
+
+            foreach (object o in this)
+            {
+                hc *= 17;
+                if (o == null)
+                {
+                    hc ^= DerNull.Instance.GetHashCode();
+                }
+                else
+                {
+                    hc ^= o.GetHashCode();
+                }
+            }
+
+            return hc;
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            Asn1Sequence other = asn1Object as Asn1Sequence;
+
+            if (other == null)
+                return false;
+
+            if (Count != other.Count)
+                return false;
+
+            IEnumerator s1 = GetEnumerator();
+            IEnumerator s2 = other.GetEnumerator();
+
+            while (s1.MoveNext() && s2.MoveNext())
+            {
+                Asn1Object o1 = GetCurrent(s1).ToAsn1Object();
+                Asn1Object o2 = GetCurrent(s2).ToAsn1Object();
+
+                if (!o1.Equals(o2))
+                    return false;
+            }
+
+            return true;
+        }
+
+        private Asn1Encodable GetCurrent(IEnumerator e)
+        {
+            Asn1Encodable encObj = (Asn1Encodable)e.Current;
+
+            // unfortunately null was allowed as a substitute for DER null
+            if (encObj == null)
+                return DerNull.Instance;
+
+            return encObj;
+        }
+
+        protected internal void AddObject(
+            Asn1Encodable obj)
+        {
+            seq.Add(obj);
+        }
+
+        public override string ToString()
+        {
+            return CollectionUtilities.ToString(seq);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Set.cs b/bc-sharp-crypto/src/asn1/Asn1Set.cs
new file mode 100644
index 0000000..bf83dbd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Set.cs
@@ -0,0 +1,372 @@
+using System;
+using System.Collections;
+using System.IO;
+
+#if PORTABLE
+using System.Collections.Generic;
+using System.Linq;
+#endif
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1
+{
+    abstract public class Asn1Set
+        : Asn1Object, IEnumerable
+    {
+        private readonly IList _set;
+
+        /**
+         * return an ASN1Set from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static Asn1Set GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Asn1Set)
+            {
+                return (Asn1Set)obj;
+            }
+            else if (obj is Asn1SetParser)
+            {
+                return Asn1Set.GetInstance(((Asn1SetParser)obj).ToAsn1Object());
+            }
+            else if (obj is byte[])
+            {
+                try
+                {
+                    return Asn1Set.GetInstance(FromByteArray((byte[])obj));
+                }
+                catch (IOException e)
+                {
+                    throw new ArgumentException("failed to construct set from byte[]: " + e.Message);
+                }
+            }
+            else if (obj is Asn1Encodable)
+            {
+                Asn1Object primitive = ((Asn1Encodable)obj).ToAsn1Object();
+
+                if (primitive is Asn1Set)
+                {
+                    return (Asn1Set)primitive;
+                }
+            }
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * Return an ASN1 set from a tagged object. There is a special
+         * case here, if an object appears to have been explicitly tagged on
+         * reading but we were expecting it to be implicitly tagged in the
+         * normal course of events it indicates that we lost the surrounding
+         * set - so we need to add it back (this will happen if the tagged
+         * object is a sequence that contains other sequences). If you are
+         * dealing with implicitly tagged sets you really <b>should</b>
+         * be using this method.
+         *
+         * @param obj the tagged object.
+         * @param explicitly true if the object is meant to be explicitly tagged
+         *          false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *          be converted.
+         */
+        public static Asn1Set GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            Asn1Object inner = obj.GetObject();
+
+            if (explicitly)
+            {
+                if (!obj.IsExplicit())
+                    throw new ArgumentException("object implicit - explicit expected.");
+
+                return (Asn1Set) inner;
+            }
+
+            //
+            // constructed object which appears to be explicitly tagged
+            // and it's really implicit means we have to add the
+            // surrounding sequence.
+            //
+            if (obj.IsExplicit())
+            {
+                return new DerSet(inner);
+            }
+
+            if (inner is Asn1Set)
+            {
+                return (Asn1Set) inner;
+            }
+
+            //
+            // in this case the parser returns a sequence, convert it
+            // into a set.
+            //
+            if (inner is Asn1Sequence)
+            {
+                Asn1EncodableVector v = new Asn1EncodableVector();
+                Asn1Sequence s = (Asn1Sequence) inner;
+
+                foreach (Asn1Encodable ae in s)
+                {
+                    v.Add(ae);
+                }
+
+                // TODO Should be able to construct set directly from sequence?
+                return new DerSet(v, false);
+            }
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        protected internal Asn1Set(
+            int capacity)
+        {
+            _set = Platform.CreateArrayList(capacity);
+        }
+
+        public virtual IEnumerator GetEnumerator()
+        {
+            return _set.GetEnumerator();
+        }
+
+        [Obsolete("Use GetEnumerator() instead")]
+        public IEnumerator GetObjects()
+        {
+            return GetEnumerator();
+        }
+
+        /**
+         * return the object at the set position indicated by index.
+         *
+         * @param index the set number (starting at zero) of the object
+         * @return the object at the set position indicated by index.
+         */
+        public virtual Asn1Encodable this[int index]
+        {
+            get { return (Asn1Encodable) _set[index]; }
+        }
+
+        [Obsolete("Use 'object[index]' syntax instead")]
+        public Asn1Encodable GetObjectAt(
+            int index)
+        {
+             return this[index];
+        }
+
+        [Obsolete("Use 'Count' property instead")]
+        public int Size
+        {
+            get { return Count; }
+        }
+
+        public virtual int Count
+        {
+            get { return _set.Count; }
+        }
+
+        public virtual Asn1Encodable[] ToArray()
+        {
+            Asn1Encodable[] values = new Asn1Encodable[this.Count];
+            for (int i = 0; i < this.Count; ++i)
+            {
+                values[i] = this[i];
+            }
+            return values;
+        }
+
+        private class Asn1SetParserImpl
+            : Asn1SetParser
+        {
+            private readonly Asn1Set outer;
+            private readonly int max;
+            private int index;
+
+            public Asn1SetParserImpl(
+                Asn1Set outer)
+            {
+                this.outer = outer;
+                this.max = outer.Count;
+            }
+
+            public IAsn1Convertible ReadObject()
+            {
+                if (index == max)
+                    return null;
+
+                Asn1Encodable obj = outer[index++];
+                if (obj is Asn1Sequence)
+                    return ((Asn1Sequence)obj).Parser;
+
+                if (obj is Asn1Set)
+                    return ((Asn1Set)obj).Parser;
+
+                // NB: Asn1OctetString implements Asn1OctetStringParser directly
+//				if (obj is Asn1OctetString)
+//					return ((Asn1OctetString)obj).Parser;
+
+                return obj;
+            }
+
+            public virtual Asn1Object ToAsn1Object()
+            {
+                return outer;
+            }
+        }
+
+        public Asn1SetParser Parser
+        {
+            get { return new Asn1SetParserImpl(this); }
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            int hc = Count;
+
+            foreach (object o in this)
+            {
+                hc *= 17;
+                if (o == null)
+                {
+                    hc ^= DerNull.Instance.GetHashCode();
+                }
+                else
+                {
+                    hc ^= o.GetHashCode();
+                }
+            }
+
+            return hc;
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            Asn1Set other = asn1Object as Asn1Set;
+
+            if (other == null)
+                return false;
+
+            if (Count != other.Count)
+            {
+                return false;
+            }
+
+            IEnumerator s1 = GetEnumerator();
+            IEnumerator s2 = other.GetEnumerator();
+
+            while (s1.MoveNext() && s2.MoveNext())
+            {
+                Asn1Object o1 = GetCurrent(s1).ToAsn1Object();
+                Asn1Object o2 = GetCurrent(s2).ToAsn1Object();
+
+                if (!o1.Equals(o2))
+                    return false;
+            }
+
+            return true;
+        }
+
+        private Asn1Encodable GetCurrent(IEnumerator e)
+        {
+            Asn1Encodable encObj = (Asn1Encodable)e.Current;
+
+            // unfortunately null was allowed as a substitute for DER null
+            if (encObj == null)
+                return DerNull.Instance;
+
+            return encObj;
+        }
+
+        protected internal void Sort()
+        {
+            if (_set.Count < 2)
+                return;
+
+#if PORTABLE
+            var sorted = _set.Cast<Asn1Encodable>()
+                             .Select(a => new { Item = a, Key = a.GetEncoded(Asn1Encodable.Der) })
+                             .OrderBy(t => t.Key, new DerComparer())
+                             .Select(t => t.Item)
+                             .ToList();
+
+            for (int i = 0; i < _set.Count; ++i)
+            {
+                _set[i] = sorted[i];
+            }
+#else
+            Asn1Encodable[] items = new Asn1Encodable[_set.Count];
+            byte[][] keys = new byte[_set.Count][];
+
+            for (int i = 0; i < _set.Count; ++i)
+            {
+                Asn1Encodable item = (Asn1Encodable)_set[i];
+                items[i] = item;
+                keys[i] = item.GetEncoded(Asn1Encodable.Der);
+            }
+
+            Array.Sort(keys, items, new DerComparer());
+
+            for (int i = 0; i < _set.Count; ++i)
+            {
+                _set[i] = items[i];
+            }
+#endif
+        }
+
+        protected internal void AddObject(Asn1Encodable obj)
+        {
+            _set.Add(obj);
+        }
+
+        public override string ToString()
+        {
+            return CollectionUtilities.ToString(_set);
+        }
+
+#if PORTABLE
+        private class DerComparer
+            : IComparer<byte[]>
+        {
+            public int Compare(byte[] x, byte[] y)
+            {
+                byte[] a = x, b = y;
+#else
+        private class DerComparer
+            : IComparer
+        {
+            public int Compare(object x, object y)
+            {
+                byte[] a = (byte[])x, b = (byte[])y;
+#endif
+                int len = System.Math.Min(a.Length, b.Length);
+                for (int i = 0; i != len; ++i)
+                {
+                    byte ai = a[i], bi = b[i];
+                    if (ai != bi)
+                        return ai < bi ? -1 : 1;
+                }
+                if (a.Length > b.Length)
+                    return AllZeroesFrom(a, len) ? 0 : 1;
+                if (a.Length < b.Length)
+                    return AllZeroesFrom(b, len) ? 0 : -1;
+                return 0;
+            }
+
+            private bool AllZeroesFrom(byte[] bs, int pos)
+            {
+                while (pos < bs.Length)
+                {
+                    if (bs[pos++] != 0)
+                        return false;
+                }
+                return true;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1TaggedObject.cs b/bc-sharp-crypto/src/asn1/Asn1TaggedObject.cs
new file mode 100644
index 0000000..a6d4b2c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1TaggedObject.cs
@@ -0,0 +1,188 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by
+     * a [n] where n is some number - these are assumed to follow the construction
+     * rules (as with sequences).
+     */
+    public abstract class Asn1TaggedObject
+		: Asn1Object, Asn1TaggedObjectParser
+    {
+        internal static bool IsConstructed(bool isExplicit, Asn1Object obj)
+        {
+            if (isExplicit || obj is Asn1Sequence || obj is Asn1Set)
+                return true;
+            Asn1TaggedObject tagged = obj as Asn1TaggedObject;
+            if (tagged == null)
+                return false;
+            return IsConstructed(tagged.IsExplicit(), tagged.GetObject());
+        }
+
+        internal int            tagNo;
+//        internal bool           empty;
+        internal bool           explicitly = true;
+        internal Asn1Encodable  obj;
+
+		static public Asn1TaggedObject GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            if (explicitly)
+            {
+                return (Asn1TaggedObject) obj.GetObject();
+            }
+
+            throw new ArgumentException("implicitly tagged tagged object");
+        }
+
+		static public Asn1TaggedObject GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is Asn1TaggedObject)
+			{
+				return (Asn1TaggedObject) obj;
+			}
+
+			throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+         * @param tagNo the tag number for this object.
+         * @param obj the tagged object.
+         */
+        protected Asn1TaggedObject(
+            int             tagNo,
+            Asn1Encodable   obj)
+        {
+            this.explicitly = true;
+            this.tagNo = tagNo;
+            this.obj = obj;
+        }
+
+		/**
+         * @param explicitly true if the object is explicitly tagged.
+         * @param tagNo the tag number for this object.
+         * @param obj the tagged object.
+         */
+        protected Asn1TaggedObject(
+            bool            explicitly,
+            int             tagNo,
+            Asn1Encodable   obj)
+        {
+			// IAsn1Choice marker interface 'insists' on explicit tagging
+            this.explicitly = explicitly || (obj is IAsn1Choice);
+            this.tagNo = tagNo;
+            this.obj = obj;
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+        {
+			Asn1TaggedObject other = asn1Object as Asn1TaggedObject;
+
+			if (other == null)
+				return false;
+
+			return this.tagNo == other.tagNo
+//				&& this.empty == other.empty
+				&& this.explicitly == other.explicitly   // TODO Should this be part of equality?
+				&& Platform.Equals(GetObject(), other.GetObject());
+		}
+
+		protected override int Asn1GetHashCode()
+		{
+            int code = tagNo.GetHashCode();
+
+			// TODO: actually this is wrong - the problem is that a re-encoded
+			// object may end up with a different hashCode due to implicit
+			// tagging. As implicit tagging is ambiguous if a sequence is involved
+			// it seems the only correct method for both equals and hashCode is to
+			// compare the encodings...
+//			code ^= explicitly.GetHashCode();
+
+			if (obj != null)
+            {
+                code ^= obj.GetHashCode();
+            }
+
+			return code;
+        }
+
+		public int TagNo
+        {
+			get { return tagNo; }
+        }
+
+		/**
+         * return whether or not the object may be explicitly tagged.
+         * <p>
+         * Note: if the object has been read from an input stream, the only
+         * time you can be sure if isExplicit is returning the true state of
+         * affairs is if it returns false. An implicitly tagged object may appear
+         * to be explicitly tagged, so you need to understand the context under
+         * which the reading was done as well, see GetObject below.</p>
+         */
+        public bool IsExplicit()
+        {
+            return explicitly;
+        }
+
+        public bool IsEmpty()
+        {
+            return false; //empty;
+        }
+
+		/**
+         * return whatever was following the tag.
+         * <p>
+         * Note: tagged objects are generally context dependent if you're
+         * trying to extract a tagged object you should be going via the
+         * appropriate GetInstance method.</p>
+         */
+        public Asn1Object GetObject()
+        {
+            if (obj != null)
+            {
+                return obj.ToAsn1Object();
+            }
+
+			return null;
+        }
+
+		/**
+		* Return the object held in this tagged object as a parser assuming it has
+		* the type of the passed in tag. If the object doesn't have a parser
+		* associated with it, the base object is returned.
+		*/
+		public IAsn1Convertible GetObjectParser(
+			int		tag,
+			bool	isExplicit)
+		{
+			switch (tag)
+			{
+				case Asn1Tags.Set:
+					return Asn1Set.GetInstance(this, isExplicit).Parser;
+				case Asn1Tags.Sequence:
+					return Asn1Sequence.GetInstance(this, isExplicit).Parser;
+				case Asn1Tags.OctetString:
+					return Asn1OctetString.GetInstance(this, isExplicit).Parser;
+			}
+
+			if (isExplicit)
+			{
+				return GetObject();
+			}
+
+			throw Platform.CreateNotImplementedException("implicit tagging for tag: " + tag);
+		}
+
+		public override string ToString()
+		{
+			return "[" + tagNo + "]" + obj;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/Asn1Tags.cs b/bc-sharp-crypto/src/asn1/Asn1Tags.cs
new file mode 100644
index 0000000..32ac6bc
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/Asn1Tags.cs
@@ -0,0 +1,36 @@
+namespace Org.BouncyCastle.Asn1
+{
+    public class Asn1Tags
+    {
+        public const int Boolean = 0x01;
+        public const int Integer = 0x02;
+        public const int BitString = 0x03;
+        public const int OctetString = 0x04;
+        public const int Null = 0x05;
+        public const int ObjectIdentifier = 0x06;
+        public const int External = 0x08;
+        public const int Enumerated = 0x0a;
+        public const int Sequence = 0x10;
+        public const int SequenceOf = 0x10; // for completeness
+        public const int Set = 0x11;
+        public const int SetOf = 0x11; // for completeness
+
+        public const int NumericString = 0x12;
+        public const int PrintableString = 0x13;
+        public const int T61String = 0x14;
+        public const int VideotexString = 0x15;
+        public const int IA5String = 0x16;
+        public const int UtcTime = 0x17;
+        public const int GeneralizedTime = 0x18;
+        public const int GraphicString = 0x19;
+        public const int VisibleString = 0x1a;
+        public const int GeneralString = 0x1b;
+        public const int UniversalString = 0x1c;
+        public const int BmpString = 0x1e;
+        public const int Utf8String = 0x0c;
+
+        public const int Constructed = 0x20;
+        public const int Application = 0x40;
+        public const int Tagged = 0x80;
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BERBitString.cs b/bc-sharp-crypto/src/asn1/BERBitString.cs
new file mode 100644
index 0000000..d8cd003
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERBitString.cs
@@ -0,0 +1,43 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class BerBitString
+        : DerBitString
+    {
+        public BerBitString(byte[] data, int padBits)
+            : base(data, padBits)
+		{
+		}
+
+		public BerBitString(byte[] data)
+            : base(data)
+		{
+		}
+
+        public BerBitString(int namedBits)
+            : base(namedBits)
+        {
+        }
+
+        public BerBitString(Asn1Encodable obj)
+            : base(obj)
+		{
+		}
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+            {
+                derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData);
+            }
+            else
+            {
+                base.Encode(derOut);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BERGenerator.cs b/bc-sharp-crypto/src/asn1/BERGenerator.cs
new file mode 100644
index 0000000..271572c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERGenerator.cs
@@ -0,0 +1,102 @@
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class BerGenerator
+        : Asn1Generator
+    {
+        private bool      _tagged = false;
+        private bool      _isExplicit;
+        private int          _tagNo;
+
+        protected BerGenerator(
+            Stream outStream)
+            : base(outStream)
+        {
+        }
+
+        public BerGenerator(
+            Stream outStream,
+            int tagNo,
+            bool isExplicit)
+            : base(outStream)
+        {
+            _tagged = true;
+            _isExplicit = isExplicit;
+            _tagNo = tagNo;
+        }
+
+		public override void AddObject(
+			Asn1Encodable obj)
+		{
+			new BerOutputStream(Out).WriteObject(obj);
+		}
+
+		public override Stream GetRawOutputStream()
+        {
+            return Out;
+        }
+
+		public override void Close()
+		{
+			WriteBerEnd();
+		}
+
+        private void WriteHdr(
+            int tag)
+        {
+            Out.WriteByte((byte) tag);
+            Out.WriteByte(0x80);
+        }
+
+        protected void WriteBerHeader(
+            int tag)
+        {
+            if (_tagged)
+            {
+                int tagNum = _tagNo | Asn1Tags.Tagged;
+
+                if (_isExplicit)
+                {
+                    WriteHdr(tagNum | Asn1Tags.Constructed);
+                    WriteHdr(tag);
+                }
+                else
+                {
+                    if ((tag & Asn1Tags.Constructed) != 0)
+                    {
+                        WriteHdr(tagNum | Asn1Tags.Constructed);
+                    }
+                    else
+                    {
+                        WriteHdr(tagNum);
+                    }
+                }
+            }
+            else
+            {
+                WriteHdr(tag);
+            }
+        }
+
+		protected void WriteBerBody(
+            Stream contentStream)
+        {
+			Streams.PipeAll(contentStream, Out);
+        }
+
+		protected void WriteBerEnd()
+        {
+            Out.WriteByte(0x00);
+            Out.WriteByte(0x00);
+
+            if (_tagged && _isExplicit)  // write extra end for tag header
+            {
+                Out.WriteByte(0x00);
+                Out.WriteByte(0x00);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BEROctetStringGenerator.cs b/bc-sharp-crypto/src/asn1/BEROctetStringGenerator.cs
new file mode 100644
index 0000000..f34538f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BEROctetStringGenerator.cs
@@ -0,0 +1,133 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerOctetStringGenerator
+		: BerGenerator
+	{
+		public BerOctetStringGenerator(Stream outStream)
+			: base(outStream)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.OctetString);
+		}
+
+		public BerOctetStringGenerator(
+			Stream	outStream,
+			int		tagNo,
+			bool	isExplicit)
+			: base(outStream, tagNo, isExplicit)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.OctetString);
+		}
+
+		public Stream GetOctetOutputStream()
+		{
+			return GetOctetOutputStream(new byte[1000]); // limit for CER encoding.
+		}
+
+		public Stream GetOctetOutputStream(
+			int bufSize)
+		{
+			return bufSize < 1
+				?	GetOctetOutputStream()
+				:	GetOctetOutputStream(new byte[bufSize]);
+		}
+
+		public Stream GetOctetOutputStream(
+			byte[] buf)
+		{
+			return new BufferedBerOctetStream(this, buf);
+		}
+
+		private class BufferedBerOctetStream
+			: BaseOutputStream
+		{
+			private byte[] _buf;
+			private int    _off;
+			private readonly BerOctetStringGenerator _gen;
+			private readonly DerOutputStream _derOut;
+
+			internal BufferedBerOctetStream(
+				BerOctetStringGenerator	gen,
+				byte[]					buf)
+			{
+				_gen = gen;
+				_buf = buf;
+				_off = 0;
+				_derOut = new DerOutputStream(_gen.Out);
+			}
+
+			public override void WriteByte(
+				byte b)
+			{
+				_buf[_off++] = b;
+
+				if (_off == _buf.Length)
+				{
+					DerOctetString.Encode(_derOut, _buf, 0, _off);
+					_off = 0;
+				}
+			}
+
+			public override void Write(
+				byte[] buf,
+				int    offset,
+				int    len)
+			{
+				while (len > 0)
+				{
+					int numToCopy = System.Math.Min(len, _buf.Length - _off);
+
+					if (numToCopy == _buf.Length)
+					{
+						DerOctetString.Encode(_derOut, buf, offset, numToCopy);
+					}
+					else
+					{
+						Array.Copy(buf, offset, _buf, _off, numToCopy);
+
+						_off += numToCopy;
+						if (_off < _buf.Length)
+							break;
+
+						DerOctetString.Encode(_derOut, _buf, 0, _off);
+						_off = 0;
+					}
+
+					offset += numToCopy;
+					len -= numToCopy;
+				}
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+				    if (_off != 0)
+				    {
+					    DerOctetString.Encode(_derOut, _buf, 0, _off);
+				    }
+
+				    _gen.WriteBerEnd();
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+				if (_off != 0)
+				{
+					DerOctetString.Encode(_derOut, _buf, 0, _off);
+				}
+
+				_gen.WriteBerEnd();
+				base.Close();
+			}
+#endif
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BEROctetStringParser.cs b/bc-sharp-crypto/src/asn1/BEROctetStringParser.cs
new file mode 100644
index 0000000..3bfd2a9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BEROctetStringParser.cs
@@ -0,0 +1,36 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerOctetStringParser
+		: Asn1OctetStringParser
+	{
+		private readonly Asn1StreamParser _parser;
+
+		internal BerOctetStringParser(
+			Asn1StreamParser parser)
+		{
+			_parser = parser;
+		}
+
+		public Stream GetOctetStream()
+		{
+			return new ConstructedOctetStream(_parser);
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			try
+			{
+				return new BerOctetString(Streams.ReadAll(GetOctetStream()));
+			}
+			catch (IOException e)
+			{
+				throw new Asn1ParsingException("IOException converting stream to byte array: " + e.Message, e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BERSequenceGenerator.cs b/bc-sharp-crypto/src/asn1/BERSequenceGenerator.cs
new file mode 100644
index 0000000..5ea2c9b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERSequenceGenerator.cs
@@ -0,0 +1,24 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerSequenceGenerator
+		: BerGenerator
+	{
+		public BerSequenceGenerator(
+			Stream outStream)
+			: base(outStream)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Sequence);
+		}
+
+		public BerSequenceGenerator(
+			Stream	outStream,
+			int		tagNo,
+			bool	isExplicit)
+			: base(outStream, tagNo, isExplicit)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Sequence);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BERSequenceParser.cs b/bc-sharp-crypto/src/asn1/BERSequenceParser.cs
new file mode 100644
index 0000000..8474b8d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERSequenceParser.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerSequenceParser
+		: Asn1SequenceParser
+	{
+		private readonly Asn1StreamParser _parser;
+
+		internal BerSequenceParser(
+			Asn1StreamParser parser)
+		{
+			this._parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return _parser.ReadObject();
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			return new BerSequence(_parser.ReadVector());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BERSetGenerator.cs b/bc-sharp-crypto/src/asn1/BERSetGenerator.cs
new file mode 100644
index 0000000..72b1f90
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERSetGenerator.cs
@@ -0,0 +1,24 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerSetGenerator
+		: BerGenerator
+	{
+		public BerSetGenerator(
+			Stream outStream)
+			: base(outStream)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Set);
+		}
+
+		public BerSetGenerator(
+			Stream	outStream,
+			int		tagNo,
+			bool	isExplicit)
+			: base(outStream, tagNo, isExplicit)
+		{
+			WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Set);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BERSetParser.cs b/bc-sharp-crypto/src/asn1/BERSetParser.cs
new file mode 100644
index 0000000..aa9ccbc
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERSetParser.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerSetParser
+		: Asn1SetParser
+	{
+		private readonly Asn1StreamParser _parser;
+
+		internal BerSetParser(
+			Asn1StreamParser parser)
+		{
+			this._parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return _parser.ReadObject();
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			return new BerSet(_parser.ReadVector(), false);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BERTaggedObjectParser.cs b/bc-sharp-crypto/src/asn1/BERTaggedObjectParser.cs
new file mode 100644
index 0000000..354437a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BERTaggedObjectParser.cs
@@ -0,0 +1,71 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerTaggedObjectParser
+		: Asn1TaggedObjectParser
+	{
+		private bool				_constructed;
+		private int					_tagNumber;
+		private Asn1StreamParser	_parser;
+
+		[Obsolete]
+		internal BerTaggedObjectParser(
+			int		baseTag,
+			int		tagNumber,
+			Stream	contentStream)
+			: this((baseTag & Asn1Tags.Constructed) != 0, tagNumber, new Asn1StreamParser(contentStream))
+		{
+		}
+
+		internal BerTaggedObjectParser(
+			bool				constructed,
+			int					tagNumber,
+			Asn1StreamParser	parser)
+		{
+			_constructed = constructed;
+			_tagNumber = tagNumber;
+			_parser = parser;
+		}
+
+		public bool IsConstructed
+		{
+			get { return _constructed; }
+		}
+
+		public int TagNo
+		{
+			get { return _tagNumber; }
+		}
+
+		public IAsn1Convertible GetObjectParser(
+			int		tag,
+			bool	isExplicit)
+		{
+			if (isExplicit)
+			{
+				if (!_constructed)
+					throw new IOException("Explicit tags must be constructed (see X.690 8.14.2)");
+
+				return _parser.ReadObject();
+			}
+
+			return _parser.ReadImplicit(_constructed, tag);
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			try
+			{
+				return _parser.ReadTaggedObject(_constructed, _tagNumber);
+			}
+			catch (IOException e)
+			{
+				throw new Asn1ParsingException(e.Message);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BerApplicationSpecific.cs b/bc-sharp-crypto/src/asn1/BerApplicationSpecific.cs
new file mode 100644
index 0000000..65fbecb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerApplicationSpecific.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerApplicationSpecific
+		: DerApplicationSpecific
+	{
+		public BerApplicationSpecific(
+			int					tagNo,
+			Asn1EncodableVector	vec)
+			: base(tagNo, vec)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BerApplicationSpecificParser.cs b/bc-sharp-crypto/src/asn1/BerApplicationSpecificParser.cs
new file mode 100644
index 0000000..7d2c4b3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerApplicationSpecificParser.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerApplicationSpecificParser
+		: IAsn1ApplicationSpecificParser
+	{
+		private readonly int tag;
+		private readonly Asn1StreamParser parser;
+
+		internal BerApplicationSpecificParser(
+			int					tag,
+			Asn1StreamParser	parser)
+		{
+			this.tag = tag;
+			this.parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return parser.ReadObject();
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			return new BerApplicationSpecific(tag, parser.ReadVector());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BerNull.cs b/bc-sharp-crypto/src/asn1/BerNull.cs
new file mode 100644
index 0000000..0751bba
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerNull.cs
@@ -0,0 +1,35 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * A BER Null object.
+	 */
+	public class BerNull
+		: DerNull
+	{
+		public static new readonly BerNull Instance = new BerNull(0);
+
+		[Obsolete("Use static Instance object")]
+		public BerNull()
+		{
+		}
+
+		private BerNull(int dummy) : base(dummy)
+		{
+		}
+
+		internal override void Encode(
+			DerOutputStream  derOut)
+		{
+			if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+			{
+				derOut.WriteByte(Asn1Tags.Null);
+			}
+			else
+			{
+				base.Encode(derOut);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BerOctetString.cs b/bc-sharp-crypto/src/asn1/BerOctetString.cs
new file mode 100644
index 0000000..a7c8ad3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerOctetString.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class BerOctetString
+        : DerOctetString, IEnumerable
+    {
+		public static BerOctetString FromSequence(Asn1Sequence seq)
+		{
+			IList v = Platform.CreateArrayList();
+
+			foreach (Asn1Encodable obj in seq)
+			{
+				v.Add(obj);
+			}
+
+			return new BerOctetString(v);
+		}
+
+		private const int MaxLength = 1000;
+
+		/**
+         * convert a vector of octet strings into a single byte string
+         */
+        private static byte[] ToBytes(
+            IEnumerable octs)
+        {
+            MemoryStream bOut = new MemoryStream();
+			foreach (DerOctetString o in octs)
+			{
+                byte[] octets = o.GetOctets();
+                bOut.Write(octets, 0, octets.Length);
+            }
+			return bOut.ToArray();
+        }
+
+		private readonly IEnumerable octs;
+
+		/// <param name="str">The octets making up the octet string.</param>
+		public BerOctetString(
+			byte[] str)
+			: base(str)
+		{
+		}
+
+		public BerOctetString(
+			IEnumerable octets)
+			: base(ToBytes(octets))
+        {
+            this.octs = octets;
+        }
+
+        public BerOctetString(
+			Asn1Object obj)
+			: base(obj)
+        {
+        }
+
+        public BerOctetString(
+			Asn1Encodable obj)
+			: base(obj.ToAsn1Object())
+        {
+        }
+
+        public override byte[] GetOctets()
+        {
+            return str;
+        }
+
+        /**
+         * return the DER octets that make up this string.
+         */
+		public IEnumerator GetEnumerator()
+		{
+			if (octs == null)
+			{
+				return GenerateOcts().GetEnumerator();
+			}
+
+			return octs.GetEnumerator();
+		}
+
+		[Obsolete("Use GetEnumerator() instead")]
+        public IEnumerator GetObjects()
+        {
+			return GetEnumerator();
+		}
+
+		private IList GenerateOcts()
+        {
+            IList vec = Platform.CreateArrayList();
+			for (int i = 0; i < str.Length; i += MaxLength)
+			{
+				int end = System.Math.Min(str.Length, i + MaxLength);
+
+				byte[] nStr = new byte[end - i];
+
+				Array.Copy(str, i, nStr, 0, nStr.Length);
+
+				vec.Add(new DerOctetString(nStr));
+			}
+			return vec;
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+            {
+                derOut.WriteByte(Asn1Tags.Constructed | Asn1Tags.OctetString);
+
+                derOut.WriteByte(0x80);
+
+                //
+                // write out the octet array
+                //
+                foreach (DerOctetString oct in this)
+                {
+                    derOut.WriteObject(oct);
+                }
+
+				derOut.WriteByte(0x00);
+                derOut.WriteByte(0x00);
+            }
+            else
+            {
+                base.Encode(derOut);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BerOutputStream.cs b/bc-sharp-crypto/src/asn1/BerOutputStream.cs
new file mode 100644
index 0000000..b3ece10
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerOutputStream.cs
@@ -0,0 +1,36 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	// TODO Make Obsolete in favour of Asn1OutputStream?
+    public class BerOutputStream
+        : DerOutputStream
+    {
+        public BerOutputStream(Stream os) : base(os)
+        {
+        }
+
+		[Obsolete("Use version taking an Asn1Encodable arg instead")]
+        public override void WriteObject(
+            object    obj)
+        {
+            if (obj == null)
+            {
+                WriteNull();
+            }
+            else if (obj is Asn1Object)
+            {
+                ((Asn1Object)obj).Encode(this);
+            }
+            else if (obj is Asn1Encodable)
+            {
+                ((Asn1Encodable)obj).ToAsn1Object().Encode(this);
+            }
+            else
+            {
+                throw new IOException("object not BerEncodable");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BerSequence.cs b/bc-sharp-crypto/src/asn1/BerSequence.cs
new file mode 100644
index 0000000..70b43fc
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerSequence.cs
@@ -0,0 +1,69 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public class BerSequence
+		: DerSequence
+	{
+		public static new readonly BerSequence Empty = new BerSequence();
+
+		public static new BerSequence FromVector(
+			Asn1EncodableVector v)
+		{
+			return v.Count < 1 ? Empty : new BerSequence(v);
+		}
+
+		/**
+		 * create an empty sequence
+		 */
+		public BerSequence()
+		{
+		}
+
+		/**
+		 * create a sequence containing one object
+		 */
+		public BerSequence(
+			Asn1Encodable obj)
+			: base(obj)
+		{
+		}
+
+		public BerSequence(
+			params Asn1Encodable[] v)
+			: base(v)
+		{
+		}
+
+		/**
+		 * create a sequence containing a vector of objects.
+		 */
+		public BerSequence(
+			Asn1EncodableVector v)
+			: base(v)
+		{
+		}
+
+		/*
+		 */
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+			{
+				derOut.WriteByte(Asn1Tags.Sequence | Asn1Tags.Constructed);
+				derOut.WriteByte(0x80);
+
+				foreach (Asn1Encodable o in this)
+				{
+					derOut.WriteObject(o);
+				}
+
+				derOut.WriteByte(0x00);
+				derOut.WriteByte(0x00);
+			}
+			else
+			{
+				base.Encode(derOut);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/BerSet.cs b/bc-sharp-crypto/src/asn1/BerSet.cs
new file mode 100644
index 0000000..a181e17
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerSet.cs
@@ -0,0 +1,70 @@
+namespace Org.BouncyCastle.Asn1
+{
+    public class BerSet
+        : DerSet
+    {
+		public static new readonly BerSet Empty = new BerSet();
+
+		public static new BerSet FromVector(
+			Asn1EncodableVector v)
+		{
+			return v.Count < 1 ? Empty : new BerSet(v);
+		}
+
+		internal static new BerSet FromVector(
+			Asn1EncodableVector v,
+			bool				needsSorting)
+		{
+			return v.Count < 1 ? Empty : new BerSet(v, needsSorting);
+		}
+
+		/**
+         * create an empty sequence
+         */
+        public BerSet()
+        {
+        }
+
+        /**
+         * create a set containing one object
+         */
+        public BerSet(Asn1Encodable obj) : base(obj)
+        {
+        }
+
+        /**
+         * create a set containing a vector of objects.
+         */
+        public BerSet(Asn1EncodableVector v) : base(v, false)
+        {
+        }
+
+        internal BerSet(Asn1EncodableVector v, bool needsSorting) : base(v, needsSorting)
+        {
+        }
+
+        /*
+         */
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+            {
+                derOut.WriteByte(Asn1Tags.Set | Asn1Tags.Constructed);
+                derOut.WriteByte(0x80);
+
+                foreach (Asn1Encodable o in this)
+				{
+                    derOut.WriteObject(o);
+                }
+
+                derOut.WriteByte(0x00);
+                derOut.WriteByte(0x00);
+            }
+            else
+            {
+                base.Encode(derOut);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/BerTaggedObject.cs b/bc-sharp-crypto/src/asn1/BerTaggedObject.cs
new file mode 100644
index 0000000..fd0bdc2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/BerTaggedObject.cs
@@ -0,0 +1,108 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * BER TaggedObject - in ASN.1 notation this is any object preceded by
+	 * a [n] where n is some number - these are assumed to follow the construction
+	 * rules (as with sequences).
+	 */
+	public class BerTaggedObject
+		: DerTaggedObject
+	{
+		/**
+		 * @param tagNo the tag number for this object.
+		 * @param obj the tagged object.
+		 */
+		public BerTaggedObject(
+			int				tagNo,
+			Asn1Encodable	obj)
+			: base(tagNo, obj)
+		{
+		}
+
+		/**
+		 * @param explicitly true if an explicitly tagged object.
+		 * @param tagNo the tag number for this object.
+		 * @param obj the tagged object.
+		 */
+		public BerTaggedObject(
+			bool			explicitly,
+			int				tagNo,
+			Asn1Encodable	obj)
+			: base(explicitly, tagNo, obj)
+		{
+		}
+
+		/**
+		 * create an implicitly tagged object that contains a zero
+		 * length sequence.
+		 */
+		public BerTaggedObject(
+			int tagNo)
+			: base(false, tagNo, BerSequence.Empty)
+		{
+		}
+
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			if (derOut is Asn1OutputStream || derOut is BerOutputStream)
+			{
+				derOut.WriteTag((byte)(Asn1Tags.Constructed | Asn1Tags.Tagged), tagNo);
+				derOut.WriteByte(0x80);
+
+				if (!IsEmpty())
+				{
+					if (!explicitly)
+					{
+						IEnumerable eObj;
+						if (obj is Asn1OctetString)
+						{
+							if (obj is BerOctetString)
+							{
+								eObj = (BerOctetString) obj;
+							}
+							else
+							{
+								Asn1OctetString octs = (Asn1OctetString)obj;
+								eObj = new BerOctetString(octs.GetOctets());
+							}
+						}
+						else if (obj is Asn1Sequence)
+						{
+							eObj = (Asn1Sequence) obj;
+						}
+						else if (obj is Asn1Set)
+						{
+							eObj = (Asn1Set) obj;
+						}
+						else
+						{
+							throw Platform.CreateNotImplementedException(Platform.GetTypeName(obj));
+						}
+
+						foreach (Asn1Encodable o in eObj)
+						{
+							derOut.WriteObject(o);
+						}
+					}
+					else
+					{
+						derOut.WriteObject(obj);
+					}
+				}
+
+				derOut.WriteByte(0x00);
+				derOut.WriteByte(0x00);
+			}
+			else
+			{
+				base.Encode(derOut);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ConstructedOctetStream.cs b/bc-sharp-crypto/src/asn1/ConstructedOctetStream.cs
new file mode 100644
index 0000000..1773b22
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ConstructedOctetStream.cs
@@ -0,0 +1,102 @@
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	internal class ConstructedOctetStream
+		: BaseInputStream
+	{
+		private readonly Asn1StreamParser _parser;
+
+		private bool _first = true;
+		private Stream _currentStream;
+
+		internal ConstructedOctetStream(
+			Asn1StreamParser parser)
+		{
+			_parser = parser;
+		}
+
+		public override int Read(byte[] buffer, int offset, int count)
+		{
+			if (_currentStream == null)
+			{
+				if (!_first)
+					return 0;
+
+				Asn1OctetStringParser s = (Asn1OctetStringParser)_parser.ReadObject();
+
+				if (s == null)
+					return 0;
+
+				_first = false;
+				_currentStream = s.GetOctetStream();
+			}
+
+			int totalRead = 0;
+
+			for (;;)
+			{
+				int numRead = _currentStream.Read(buffer, offset + totalRead, count - totalRead);
+
+				if (numRead > 0)
+				{
+					totalRead += numRead;
+
+					if (totalRead == count)
+						return totalRead;
+				}
+				else
+				{
+					Asn1OctetStringParser aos = (Asn1OctetStringParser)_parser.ReadObject();
+
+					if (aos == null)
+					{
+						_currentStream = null;
+						return totalRead;
+					}
+
+					_currentStream = aos.GetOctetStream();
+				}
+			}
+		}
+
+		public override int ReadByte()
+		{
+			if (_currentStream == null)
+			{
+				if (!_first)
+					return 0;
+
+				Asn1OctetStringParser s = (Asn1OctetStringParser)_parser.ReadObject();
+
+				if (s == null)
+					return 0;
+
+				_first = false;
+				_currentStream = s.GetOctetStream();
+			}
+
+			for (;;)
+			{
+				int b = _currentStream.ReadByte();
+
+				if (b >= 0)
+				{
+					return b;
+				}
+
+				Asn1OctetStringParser aos = (Asn1OctetStringParser)_parser.ReadObject();
+
+				if (aos == null)
+				{
+					_currentStream = null;
+					return -1;
+				}
+
+				_currentStream = aos.GetOctetStream();
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERExternal.cs b/bc-sharp-crypto/src/asn1/DERExternal.cs
new file mode 100644
index 0000000..c299751
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERExternal.cs
@@ -0,0 +1,202 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	* Class representing the DER-type External
+	*/
+	public class DerExternal
+		: Asn1Object
+	{
+		private DerObjectIdentifier	directReference;
+		private DerInteger			indirectReference;
+		private Asn1Object			dataValueDescriptor;
+		private int					encoding;
+		private Asn1Object			externalContent;
+
+		public DerExternal(
+			Asn1EncodableVector vector)
+		{
+			int offset = 0;
+			Asn1Object enc = GetObjFromVector(vector, offset);
+			if (enc is DerObjectIdentifier)
+			{
+				directReference = (DerObjectIdentifier)enc;
+				offset++;
+				enc = GetObjFromVector(vector, offset);
+			}
+			if (enc is DerInteger)
+			{
+				indirectReference = (DerInteger) enc;
+				offset++;
+				enc = GetObjFromVector(vector, offset);
+			}
+			if (!(enc is Asn1TaggedObject))
+			{
+				dataValueDescriptor = enc;
+				offset++;
+				enc = GetObjFromVector(vector, offset);
+			}
+
+            if (vector.Count != offset + 1)
+				throw new ArgumentException("input vector too large", "vector");
+
+            if (!(enc is Asn1TaggedObject))
+				throw new ArgumentException("No tagged object found in vector. Structure doesn't seem to be of type External", "vector");
+
+            Asn1TaggedObject obj = (Asn1TaggedObject)enc;
+
+			// Use property accessor to include check on value
+			Encoding = obj.TagNo;
+
+			if (encoding < 0 || encoding > 2)
+				throw new InvalidOperationException("invalid encoding value");
+
+			externalContent = obj.GetObject();
+		}
+
+		/**
+		* Creates a new instance of DerExternal
+		* See X.690 for more informations about the meaning of these parameters
+		* @param directReference The direct reference or <code>null</code> if not set.
+		* @param indirectReference The indirect reference or <code>null</code> if not set.
+		* @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+		* @param externalData The external data in its encoded form.
+		*/
+		public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, Asn1Object dataValueDescriptor, DerTaggedObject externalData)
+			: this(directReference, indirectReference, dataValueDescriptor, externalData.TagNo, externalData.ToAsn1Object())
+		{
+		}
+
+		/**
+		* Creates a new instance of DerExternal.
+		* See X.690 for more informations about the meaning of these parameters
+		* @param directReference The direct reference or <code>null</code> if not set.
+		* @param indirectReference The indirect reference or <code>null</code> if not set.
+		* @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+		* @param encoding The encoding to be used for the external data
+		* @param externalData The external data
+		*/
+		public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, Asn1Object dataValueDescriptor, int encoding, Asn1Object externalData)
+		{
+			DirectReference = directReference;
+			IndirectReference = indirectReference;
+			DataValueDescriptor = dataValueDescriptor;
+			Encoding = encoding;
+			ExternalContent = externalData.ToAsn1Object();
+		}
+
+		internal override void Encode(DerOutputStream derOut)
+		{
+			MemoryStream ms = new MemoryStream();
+			WriteEncodable(ms, directReference);
+			WriteEncodable(ms, indirectReference);
+			WriteEncodable(ms, dataValueDescriptor);
+			WriteEncodable(ms, new DerTaggedObject(Asn1Tags.External, externalContent));
+
+			derOut.WriteEncoded(Asn1Tags.Constructed, Asn1Tags.External, ms.ToArray());
+		}
+
+		protected override int Asn1GetHashCode()
+		{
+			int ret = externalContent.GetHashCode();
+			if (directReference != null)
+			{
+				ret ^= directReference.GetHashCode();
+			}
+			if (indirectReference != null)
+			{
+				ret ^= indirectReference.GetHashCode();
+			}
+			if (dataValueDescriptor != null)
+			{
+				ret ^= dataValueDescriptor.GetHashCode();
+			}
+			return ret;
+		}
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			if (this == asn1Object)
+				return true;
+
+			DerExternal other = asn1Object as DerExternal;
+
+			if (other == null)
+				return false;
+
+			return Platform.Equals(directReference, other.directReference)
+				&& Platform.Equals(indirectReference, other.indirectReference)
+				&& Platform.Equals(dataValueDescriptor, other.dataValueDescriptor)
+				&& externalContent.Equals(other.externalContent);
+		}
+
+		public Asn1Object DataValueDescriptor
+		{
+			get { return dataValueDescriptor; }
+			set { this.dataValueDescriptor = value; }
+		}
+
+		public DerObjectIdentifier DirectReference
+		{
+			get { return directReference; }
+			set { this.directReference = value; }
+		}
+
+		/**
+		* The encoding of the content. Valid values are
+		* <ul>
+		* <li><code>0</code> single-ASN1-type</li>
+		* <li><code>1</code> OCTET STRING</li>
+		* <li><code>2</code> BIT STRING</li>
+		* </ul>
+		*/
+		public int Encoding
+		{
+			get
+			{
+				return encoding;
+			}
+			set
+			{
+				if (encoding < 0 || encoding > 2)
+					throw new InvalidOperationException("invalid encoding value: " + encoding);
+
+				this.encoding = value;
+			}
+		}
+
+		public Asn1Object ExternalContent
+		{
+			get { return externalContent; }
+			set { this.externalContent = value; }
+		}
+
+		public DerInteger IndirectReference
+		{
+			get { return indirectReference; }
+			set { this.indirectReference = value; }
+		}
+
+		private static Asn1Object GetObjFromVector(Asn1EncodableVector v, int index)
+		{
+			if (v.Count <= index)
+				throw new ArgumentException("too few objects in input vector", "v");
+
+			return v[index].ToAsn1Object();
+		}
+
+		private static void WriteEncodable(MemoryStream ms, Asn1Encodable e)
+		{
+			if (e != null)
+			{
+				byte[] bs = e.GetDerEncoded();
+				ms.Write(bs, 0, bs.Length);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERExternalParser.cs b/bc-sharp-crypto/src/asn1/DERExternalParser.cs
new file mode 100644
index 0000000..70e426f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERExternalParser.cs
@@ -0,0 +1,26 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerExternalParser
+		: Asn1Encodable
+	{
+		private readonly Asn1StreamParser _parser;
+
+		public DerExternalParser(Asn1StreamParser parser)
+		{
+			this._parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return _parser.ReadObject();
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerExternal(_parser.ReadVector());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERGenerator.cs b/bc-sharp-crypto/src/asn1/DERGenerator.cs
new file mode 100644
index 0000000..aab40fe
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERGenerator.cs
@@ -0,0 +1,107 @@
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public abstract class DerGenerator
+        : Asn1Generator
+    {
+        private bool _tagged = false;
+        private bool _isExplicit;
+        private int _tagNo;
+
+		protected DerGenerator(
+            Stream outStream)
+            : base(outStream)
+		{
+        }
+
+        protected DerGenerator(
+            Stream outStream,
+            int tagNo,
+            bool isExplicit)
+            : base(outStream)
+        {
+            _tagged = true;
+            _isExplicit = isExplicit;
+            _tagNo = tagNo;
+        }
+
+		private static void WriteLength(
+            Stream	outStr,
+            int		length)
+        {
+            if (length > 127)
+            {
+                int size = 1;
+                int val = length;
+
+				while ((val >>= 8) != 0)
+                {
+                    size++;
+                }
+
+				outStr.WriteByte((byte)(size | 0x80));
+
+				for (int i = (size - 1) * 8; i >= 0; i -= 8)
+                {
+                    outStr.WriteByte((byte)(length >> i));
+                }
+            }
+            else
+            {
+                outStr.WriteByte((byte)length);
+            }
+        }
+
+		internal static void WriteDerEncoded(
+            Stream	outStream,
+            int		tag,
+            byte[]	bytes)
+        {
+            outStream.WriteByte((byte) tag);
+            WriteLength(outStream, bytes.Length);
+            outStream.Write(bytes, 0, bytes.Length);
+        }
+
+		internal void WriteDerEncoded(
+            int		tag,
+            byte[]	bytes)
+        {
+            if (_tagged)
+            {
+                int tagNum = _tagNo | Asn1Tags.Tagged;
+
+                if (_isExplicit)
+                {
+                    int newTag = _tagNo | Asn1Tags.Constructed | Asn1Tags.Tagged;
+					MemoryStream bOut = new MemoryStream();
+                    WriteDerEncoded(bOut, tag, bytes);
+                    WriteDerEncoded(Out, newTag, bOut.ToArray());
+                }
+                else
+                {
+					if ((tag & Asn1Tags.Constructed) != 0)
+					{
+						tagNum |= Asn1Tags.Constructed;
+					}
+
+					WriteDerEncoded(Out, tagNum, bytes);
+                }
+            }
+            else
+            {
+                WriteDerEncoded(Out, tag, bytes);
+            }
+        }
+
+		internal static void WriteDerEncoded(
+            Stream	outStr,
+            int		tag,
+            Stream	inStr)
+        {
+			WriteDerEncoded(outStr, tag, Streams.ReadAll(inStr));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DEROctetStringParser.cs b/bc-sharp-crypto/src/asn1/DEROctetStringParser.cs
new file mode 100644
index 0000000..b0d3ad8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DEROctetStringParser.cs
@@ -0,0 +1,36 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerOctetStringParser
+		: Asn1OctetStringParser
+	{
+		private readonly DefiniteLengthInputStream stream;
+
+		internal DerOctetStringParser(
+			DefiniteLengthInputStream stream)
+		{
+			this.stream = stream;
+		}
+
+		public Stream GetOctetStream()
+		{
+			return stream;
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			try
+			{
+				return new DerOctetString(stream.ToArray());
+			}
+			catch (IOException e)
+			{
+				throw new InvalidOperationException("IOException converting stream to byte array: " + e.Message, e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERSequenceGenerator.cs b/bc-sharp-crypto/src/asn1/DERSequenceGenerator.cs
new file mode 100644
index 0000000..4c2bfd0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERSequenceGenerator.cs
@@ -0,0 +1,40 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerSequenceGenerator
+		: DerGenerator
+	{
+		private readonly MemoryStream _bOut = new MemoryStream();
+
+		public DerSequenceGenerator(
+			Stream outStream)
+			: base(outStream)
+		{
+		}
+
+		public DerSequenceGenerator(
+			Stream	outStream,
+			int		tagNo,
+			bool	isExplicit)
+			: base(outStream, tagNo, isExplicit)
+		{
+		}
+
+		public override void AddObject(
+			Asn1Encodable obj)
+		{
+			new DerOutputStream(_bOut).WriteObject(obj);
+		}
+
+		public override Stream GetRawOutputStream()
+		{
+			return _bOut;
+		}
+
+		public override void Close()
+		{
+			WriteDerEncoded(Asn1Tags.Constructed | Asn1Tags.Sequence, _bOut.ToArray());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERSequenceParser.cs b/bc-sharp-crypto/src/asn1/DERSequenceParser.cs
new file mode 100644
index 0000000..69c2b9b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERSequenceParser.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerSequenceParser
+		: Asn1SequenceParser
+	{
+		private readonly Asn1StreamParser _parser;
+
+		internal DerSequenceParser(
+			Asn1StreamParser parser)
+		{
+			this._parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return _parser.ReadObject();
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(_parser.ReadVector());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERSetGenerator.cs b/bc-sharp-crypto/src/asn1/DERSetGenerator.cs
new file mode 100644
index 0000000..455ca88
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERSetGenerator.cs
@@ -0,0 +1,40 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerSetGenerator
+		: DerGenerator
+	{
+		private readonly MemoryStream _bOut = new MemoryStream();
+
+		public DerSetGenerator(
+			Stream outStream)
+			: base(outStream)
+		{
+		}
+
+		public DerSetGenerator(
+			Stream	outStream,
+			int		tagNo,
+			bool	isExplicit)
+			: base(outStream, tagNo, isExplicit)
+		{
+		}
+
+		public override void AddObject(
+			Asn1Encodable obj)
+		{
+			new DerOutputStream(_bOut).WriteObject(obj);
+		}
+
+		public override Stream GetRawOutputStream()
+		{
+			return _bOut;
+		}
+
+		public override void Close()
+		{
+			WriteDerEncoded(Asn1Tags.Constructed | Asn1Tags.Set, _bOut.ToArray());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DERSetParser.cs b/bc-sharp-crypto/src/asn1/DERSetParser.cs
new file mode 100644
index 0000000..d67f135
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DERSetParser.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerSetParser
+		: Asn1SetParser
+	{
+		private readonly Asn1StreamParser _parser;
+
+		internal DerSetParser(
+			Asn1StreamParser parser)
+		{
+			this._parser = parser;
+		}
+
+		public IAsn1Convertible ReadObject()
+		{
+			return _parser.ReadObject();
+		}
+
+		public Asn1Object ToAsn1Object()
+		{
+			return new DerSet(_parser.ReadVector(), false);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DefiniteLengthInputStream.cs b/bc-sharp-crypto/src/asn1/DefiniteLengthInputStream.cs
new file mode 100644
index 0000000..4ae803c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DefiniteLengthInputStream.cs
@@ -0,0 +1,100 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    class DefiniteLengthInputStream
+        : LimitedInputStream
+    {
+		private static readonly byte[] EmptyBytes = new byte[0];
+
+		private readonly int _originalLength;
+		private int _remaining;
+
+        internal DefiniteLengthInputStream(
+            Stream	inStream,
+            int		length)
+            : base(inStream, length)
+        {
+			if (length < 0)
+				throw new ArgumentException("negative lengths not allowed", "length");
+
+			this._originalLength = length;
+			this._remaining = length;
+
+			if (length == 0)
+			{
+				SetParentEofDetect(true);
+			}
+        }
+
+		internal int Remaining
+		{
+			get { return _remaining; }
+		}
+
+		public override int ReadByte()
+        {
+			if (_remaining == 0)
+				return -1;
+
+			int b = _in.ReadByte();
+
+			if (b < 0)
+				throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining);
+
+			if (--_remaining == 0)
+			{
+				SetParentEofDetect(true);
+			}
+
+			return b;
+        }
+
+		public override int Read(
+			byte[]	buf,
+			int		off,
+			int		len)
+		{
+			if (_remaining == 0)
+				return 0;
+
+			int toRead = System.Math.Min(len, _remaining);
+			int numRead = _in.Read(buf, off, toRead);
+
+			if (numRead < 1)
+				throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining);
+
+			if ((_remaining -= numRead) == 0)
+			{
+				SetParentEofDetect(true);
+			}
+
+			return numRead;
+		}
+
+        internal void ReadAllIntoByteArray(byte[] buf)
+        {
+            if (_remaining != buf.Length)
+                throw new ArgumentException("buffer length not right for data");
+
+            if ((_remaining -= Streams.ReadFully(_in, buf)) != 0)
+                throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining);
+            SetParentEofDetect(true);
+        }
+
+        internal byte[] ToArray()
+		{
+			if (_remaining == 0)
+				return EmptyBytes;
+
+			byte[] bytes = new byte[_remaining];
+			if ((_remaining -= Streams.ReadFully(_in, bytes)) != 0)
+				throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining);
+			SetParentEofDetect(true);
+			return bytes;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerApplicationSpecific.cs b/bc-sharp-crypto/src/asn1/DerApplicationSpecific.cs
new file mode 100644
index 0000000..52467fa
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerApplicationSpecific.cs
@@ -0,0 +1,237 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Base class for an application specific object
+     */
+    public class DerApplicationSpecific
+        : Asn1Object
+    {
+		private readonly bool	isConstructed;
+        private readonly int	tag;
+        private readonly byte[]	octets;
+
+		internal DerApplicationSpecific(
+			bool	isConstructed,
+			int		tag,
+			byte[]	octets)
+		{
+			this.isConstructed = isConstructed;
+			this.tag = tag;
+			this.octets = octets;
+		}
+
+		public DerApplicationSpecific(
+            int		tag,
+            byte[]	octets)
+			: this(false, tag, octets)
+        {
+        }
+
+		public DerApplicationSpecific(
+			int				tag, 
+			Asn1Encodable	obj) 
+			: this(true, tag, obj)
+		{
+		}
+
+		public DerApplicationSpecific(
+			bool			isExplicit,
+			int				tag,
+			Asn1Encodable	obj)
+		{
+            Asn1Object asn1Obj = obj.ToAsn1Object();
+
+            byte[] data = asn1Obj.GetDerEncoded();
+
+            this.isConstructed = Asn1TaggedObject.IsConstructed(isExplicit, asn1Obj);
+			this.tag = tag;
+
+			if (isExplicit)
+			{
+				this.octets = data;
+			}
+			else
+			{
+				int lenBytes = GetLengthOfHeader(data);
+				byte[] tmp = new byte[data.Length - lenBytes];
+				Array.Copy(data, lenBytes, tmp, 0, tmp.Length);
+				this.octets = tmp;
+			}
+		}
+
+		public DerApplicationSpecific(
+			int					tagNo,
+			Asn1EncodableVector	vec)
+		{
+			this.tag = tagNo;
+			this.isConstructed = true;
+			MemoryStream bOut = new MemoryStream();
+
+			for (int i = 0; i != vec.Count; i++)
+			{
+				try
+				{
+					byte[] bs = vec[i].GetDerEncoded();
+					bOut.Write(bs, 0, bs.Length);
+                }
+				catch (IOException e)
+				{
+					throw new InvalidOperationException("malformed object", e);
+				}
+			}
+			this.octets = bOut.ToArray();
+		}
+
+		private int GetLengthOfHeader(
+			byte[] data)
+		{
+            int length = data[1]; // TODO: assumes 1 byte tag
+
+            if (length == 0x80)
+            {
+                return 2;      // indefinite-length encoding
+            }
+
+            if (length > 127)
+            {
+                int size = length & 0x7f;
+
+                // Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
+                if (size > 4)
+                {
+                    throw new InvalidOperationException("DER length more than 4 bytes: " + size);
+                }
+
+                return size + 2;
+            }
+
+            return 2;
+        }
+
+		public bool IsConstructed()
+        {
+			return isConstructed;
+        }
+
+		public byte[] GetContents()
+        {
+            return octets;
+        }
+
+		public int ApplicationTag
+        {
+            get { return tag; }
+        }
+
+		/**
+		 * Return the enclosed object assuming explicit tagging.
+		 *
+		 * @return  the resulting object
+		 * @throws IOException if reconstruction fails.
+		 */
+		public Asn1Object GetObject()
+        {
+			return FromByteArray(GetContents());
+		}
+
+		/**
+		 * Return the enclosed object assuming implicit tagging.
+		 *
+		 * @param derTagNo the type tag that should be applied to the object's contents.
+		 * @return  the resulting object
+		 * @throws IOException if reconstruction fails.
+		 */
+		public Asn1Object GetObject(
+			int derTagNo)
+		{
+			if (derTagNo >= 0x1f)
+				throw new IOException("unsupported tag number");
+
+			byte[] orig = this.GetEncoded();
+			byte[] tmp = ReplaceTagNumber(derTagNo, orig);
+
+			if ((orig[0] & Asn1Tags.Constructed) != 0)
+			{
+				tmp[0] |= Asn1Tags.Constructed;
+			}
+
+			return FromByteArray(tmp);
+		}
+
+		internal override void Encode(
+			DerOutputStream derOut)
+        {
+			int classBits = Asn1Tags.Application;
+			if (isConstructed)
+			{
+				classBits |= Asn1Tags.Constructed; 
+			}
+
+			derOut.WriteEncoded(classBits, tag, octets);
+		}
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+        {
+			DerApplicationSpecific other = asn1Object as DerApplicationSpecific;
+
+			if (other == null)
+				return false;
+
+			return this.isConstructed == other.isConstructed
+				&& this.tag == other.tag
+				&& Arrays.AreEqual(this.octets, other.octets);
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+			return isConstructed.GetHashCode() ^ tag.GetHashCode() ^ Arrays.GetHashCode(octets);
+        }
+
+		private byte[] ReplaceTagNumber(
+			int		newTag,
+			byte[]	input)
+		{
+			int tagNo = input[0] & 0x1f;
+			int index = 1;
+			//
+			// with tagged object tag number is bottom 5 bits, or stored at the start of the content
+			//
+			if (tagNo == 0x1f)
+			{
+				tagNo = 0;
+
+				int b = input[index++] & 0xff;
+
+				// X.690-0207 8.1.2.4.2
+				// "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
+				if ((b & 0x7f) == 0) // Note: -1 will pass
+				{
+					throw new InvalidOperationException("corrupted stream - invalid high tag number found");
+				}
+
+				while ((b >= 0) && ((b & 0x80) != 0))
+				{
+					tagNo |= (b & 0x7f);
+					tagNo <<= 7;
+					b = input[index++] & 0xff;
+				}
+
+				tagNo |= (b & 0x7f);
+			}
+
+			byte[] tmp = new byte[input.Length - index + 1];
+
+			Array.Copy(input, index, tmp, 1, tmp.Length - 1);
+
+			tmp[0] = (byte)newTag;
+
+			return tmp;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerBMPString.cs b/bc-sharp-crypto/src/asn1/DerBMPString.cs
new file mode 100644
index 0000000..33d950f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerBMPString.cs
@@ -0,0 +1,117 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der BMPString object.
+     */
+    public class DerBmpString
+		: DerStringBase
+    {
+        private readonly string str;
+
+		/**
+         * return a BMP string from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerBmpString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerBmpString)
+            {
+                return (DerBmpString)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return a BMP string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *              be converted.
+         */
+        public static DerBmpString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerBmpString)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerBmpString(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+		/**
+         * basic constructor - byte encoded string.
+         */
+        public DerBmpString(
+            byte[] str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+            char[] cs = new char[str.Length / 2];
+
+			for (int i = 0; i != cs.Length; i++)
+            {
+                cs[i] = (char)((str[2 * i] << 8) | (str[2 * i + 1] & 0xff));
+            }
+
+			this.str = new string(cs);
+        }
+
+        /**
+         * basic constructor
+         */
+        public DerBmpString(
+            string str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+        public override string GetString()
+        {
+            return str;
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+        {
+			DerBmpString other = asn1Object as DerBmpString;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            char[] c = str.ToCharArray();
+            byte[] b = new byte[c.Length * 2];
+
+			for (int i = 0; i != c.Length; i++)
+            {
+                b[2 * i] = (byte)(c[i] >> 8);
+                b[2 * i + 1] = (byte)c[i];
+            }
+
+            derOut.WriteEncoded(Asn1Tags.BmpString, b);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerBitString.cs b/bc-sharp-crypto/src/asn1/DerBitString.cs
new file mode 100644
index 0000000..26adc57
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerBitString.cs
@@ -0,0 +1,276 @@
+using System;
+using System.Diagnostics;
+using System.Text;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerBitString
+		: DerStringBase
+	{
+		private static readonly char[] table
+			= { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+
+		protected readonly byte[]   mData;
+		protected readonly int      mPadBits;
+
+        /**
+		 * return a Bit string from the passed in object
+		 *
+		 * @exception ArgumentException if the object cannot be converted.
+		 */
+		public static DerBitString GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is DerBitString)
+			{
+				return (DerBitString) obj;
+			}
+            if (obj is byte[])
+            {
+                try
+                {
+                    return (DerBitString)FromByteArray((byte[])obj);
+                }
+                catch (Exception e)
+                {
+                    throw new ArgumentException("encoding error in GetInstance: " + e.ToString());
+                }
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+		}
+
+		/**
+		 * return a Bit string from a tagged object.
+		 *
+		 * @param obj the tagged object holding the object we want
+		 * @param explicitly true if the object is meant to be explicitly
+		 *              tagged false otherwise.
+		 * @exception ArgumentException if the tagged object cannot
+		 *               be converted.
+		 */
+		public static DerBitString GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerBitString)
+			{
+				return GetInstance(o);
+			}
+
+			return FromAsn1Octets(((Asn1OctetString)o).GetOctets());
+		}
+
+        /**
+		 * @param data the octets making up the bit string.
+		 * @param padBits the number of extra bits at the end of the string.
+		 */
+		public DerBitString(
+			byte[]	data,
+			int		padBits)
+		{
+            if (data == null)
+                throw new ArgumentNullException("data");
+            if (padBits < 0 || padBits > 7)
+                throw new ArgumentException("must be in the range 0 to 7", "padBits");
+            if (data.Length == 0 && padBits != 0)
+                throw new ArgumentException("if 'data' is empty, 'padBits' must be 0");
+
+            this.mData = Arrays.Clone(data);
+			this.mPadBits = padBits;
+		}
+
+		public DerBitString(
+			byte[] data)
+            : this(data, 0)
+		{
+		}
+
+        public DerBitString(
+            int namedBits)
+        {
+            if (namedBits == 0)
+            {
+                this.mData = new byte[0];
+                this.mPadBits = 0;
+                return;
+            }
+
+            int bits = BigInteger.BitLen(namedBits);
+            int bytes = (bits + 7) / 8;
+
+            Debug.Assert(0 < bytes && bytes <= 4);
+
+            byte[] data = new byte[bytes];
+            --bytes;
+
+            for (int i = 0; i < bytes; i++)
+            {
+                data[i] = (byte)namedBits;
+                namedBits >>= 8;
+            }
+
+            Debug.Assert((namedBits & 0xFF) != 0);
+
+            data[bytes] = (byte)namedBits;
+
+            int padBits = 0;
+            while ((namedBits & (1 << padBits)) == 0)
+            {
+                ++padBits;
+            }
+
+            Debug.Assert(padBits < 8);
+
+            this.mData = data;
+            this.mPadBits = padBits;
+        }
+
+        public DerBitString(
+			Asn1Encodable obj)
+            : this(obj.GetDerEncoded())
+		{
+		}
+
+        /**
+         * Return the octets contained in this BIT STRING, checking that this BIT STRING really
+         * does represent an octet aligned string. Only use this method when the standard you are
+         * following dictates that the BIT STRING will be octet aligned.
+         *
+         * @return a copy of the octet aligned data.
+         */
+        public virtual byte[] GetOctets()
+        {
+            if (mPadBits != 0)
+                throw new InvalidOperationException("attempt to get non-octet aligned data from BIT STRING");
+
+            return Arrays.Clone(mData);
+        }
+
+        public virtual byte[] GetBytes()
+		{
+            byte[] data = Arrays.Clone(mData);
+
+            // DER requires pad bits be zero
+            if (mPadBits > 0)
+            {
+                data[data.Length - 1] &= (byte)(0xFF << mPadBits);
+            }
+
+            return data;
+		}
+
+        public virtual int PadBits
+		{
+			get { return mPadBits; }
+		}
+
+		/**
+		 * @return the value of the bit string as an int (truncating if necessary)
+		 */
+        public virtual int IntValue
+		{
+			get
+			{
+                int value = 0, length = System.Math.Min(4, mData.Length);
+                for (int i = 0; i < length; ++i)
+                {
+                    value |= (int)mData[i] << (8 * i);
+                }
+                if (mPadBits > 0 && length == mData.Length)
+                {
+                    int mask = (1 << mPadBits) - 1;
+                    value &= ~(mask << (8 * (length - 1)));
+                }
+                return value;
+			}
+		}
+
+        internal override void Encode(
+			DerOutputStream derOut)
+		{
+            if (mPadBits > 0)
+            {
+                int last = mData[mData.Length - 1];
+                int mask = (1 << mPadBits) - 1;
+                int unusedBits = last & mask;
+
+                if (unusedBits != 0)
+                {
+                    byte[] contents = Arrays.Prepend(mData, (byte)mPadBits);
+
+                    /*
+                     * X.690-0207 11.2.1: Each unused bit in the final octet of the encoding of a bit string value shall be set to zero.
+                     */
+                    contents[contents.Length - 1] = (byte)(last ^ unusedBits);
+
+                    derOut.WriteEncoded(Asn1Tags.BitString, contents);
+                    return;
+                }
+            }
+
+            derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData);
+		}
+
+        protected override int Asn1GetHashCode()
+		{
+			return mPadBits.GetHashCode() ^ Arrays.GetHashCode(mData);
+		}
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerBitString other = asn1Object as DerBitString;
+
+			if (other == null)
+				return false;
+
+			return this.mPadBits == other.mPadBits
+				&& Arrays.AreEqual(this.mData, other.mData);
+		}
+
+		public override string GetString()
+		{
+			StringBuilder buffer = new StringBuilder("#");
+
+			byte[] str = GetDerEncoded();
+
+			for (int i = 0; i != str.Length; i++)
+			{
+				uint ubyte = str[i];
+				buffer.Append(table[(ubyte >> 4) & 0xf]);
+				buffer.Append(table[str[i] & 0xf]);
+			}
+
+			return buffer.ToString();
+		}
+
+		internal static DerBitString FromAsn1Octets(byte[] octets)
+		{
+	        if (octets.Length < 1)
+	            throw new ArgumentException("truncated BIT STRING detected", "octets");
+
+            int padBits = octets[0];
+            byte[] data = Arrays.CopyOfRange(octets, 1, octets.Length);
+
+            if (padBits > 0 && padBits < 8 && data.Length > 0)
+            {
+                int last = data[data.Length - 1];
+                int mask = (1 << padBits) - 1;
+
+                if ((last & mask) != 0)
+                {
+                    return new BerBitString(data, padBits);
+                }
+            }
+
+            return new DerBitString(data, padBits);
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/asn1/DerBoolean.cs b/bc-sharp-crypto/src/asn1/DerBoolean.cs
new file mode 100644
index 0000000..709f4dd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerBoolean.cs
@@ -0,0 +1,124 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerBoolean
+        : Asn1Object
+    {
+        private readonly byte value;
+
+        public static readonly DerBoolean False = new DerBoolean(false);
+        public static readonly DerBoolean True  = new DerBoolean(true);
+
+        /**
+         * return a bool from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerBoolean GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerBoolean)
+            {
+                return (DerBoolean) obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return a DerBoolean from the passed in bool.
+         */
+        public static DerBoolean GetInstance(
+            bool value)
+        {
+            return value ? True : False;
+        }
+
+        /**
+         * return a Boolean from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerBoolean GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            Asn1Object o = obj.GetObject();
+
+            if (isExplicit || o is DerBoolean)
+            {
+                return GetInstance(o);
+            }
+
+            return FromOctetString(((Asn1OctetString)o).GetOctets());
+        }
+
+        public DerBoolean(
+            byte[] val)
+        {
+            if (val.Length != 1)
+                throw new ArgumentException("byte value should have 1 byte in it", "val");
+
+            // TODO Are there any constraints on the possible byte values?
+            this.value = val[0];
+        }
+
+        private DerBoolean(
+            bool value)
+        {
+            this.value = value ? (byte)0xff : (byte)0;
+        }
+
+        public bool IsTrue
+        {
+            get { return value != 0; }
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            // TODO Should we make sure the byte value is one of '0' or '0xff' here?
+            derOut.WriteEncoded(Asn1Tags.Boolean, new byte[]{ value });
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            DerBoolean other = asn1Object as DerBoolean;
+
+            if (other == null)
+                return false;
+
+            return IsTrue == other.IsTrue;
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            return IsTrue.GetHashCode();
+        }
+
+        public override string ToString()
+        {
+            return IsTrue ? "TRUE" : "FALSE";
+        }
+
+        internal static DerBoolean FromOctetString(byte[] value)
+        {
+            if (value.Length != 1)
+            {
+                throw new ArgumentException("BOOLEAN value should have 1 byte in it", "value");
+            }
+
+            byte b = value[0];
+
+            return b == 0 ? False : b == 0xFF ? True : new DerBoolean(value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerEnumerated.cs b/bc-sharp-crypto/src/asn1/DerEnumerated.cs
new file mode 100644
index 0000000..db27065
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerEnumerated.cs
@@ -0,0 +1,135 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerEnumerated
+        : Asn1Object
+    {
+        private readonly byte[] bytes;
+
+        /**
+         * return an integer from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerEnumerated GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerEnumerated)
+            {
+                return (DerEnumerated)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an Enumerated from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerEnumerated GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            Asn1Object o = obj.GetObject();
+
+            if (isExplicit || o is DerEnumerated)
+            {
+                return GetInstance(o);
+            }
+
+            return FromOctetString(((Asn1OctetString)o).GetOctets());
+        }
+
+        public DerEnumerated(
+            int val)
+        {
+            bytes = BigInteger.ValueOf(val).ToByteArray();
+        }
+
+        public DerEnumerated(
+            BigInteger val)
+        {
+            bytes = val.ToByteArray();
+        }
+
+        public DerEnumerated(
+            byte[]   bytes)
+        {
+            if (bytes.Length > 1)
+            {
+                if (bytes[0] == 0 && (bytes[1] & 0x80) == 0)
+                {
+                    throw new ArgumentException("malformed enumerated");
+                }
+                if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)
+                {
+                    throw new ArgumentException("malformed enumerated");
+                }
+            }
+            this.bytes = Arrays.Clone(bytes);
+        }
+
+        public BigInteger Value
+        {
+            get { return new BigInteger(bytes); }
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.Enumerated, bytes);
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            DerEnumerated other = asn1Object as DerEnumerated;
+
+            if (other == null)
+                return false;
+
+            return Arrays.AreEqual(this.bytes, other.bytes);
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            return Arrays.GetHashCode(bytes);
+        }
+
+        private static readonly DerEnumerated[] cache = new DerEnumerated[12];
+
+        internal static DerEnumerated FromOctetString(byte[] enc)
+        {
+            if (enc.Length == 0)
+            {
+                throw new ArgumentException("ENUMERATED has zero length", "enc");
+            }
+
+            if (enc.Length == 1)
+            {
+                int value = enc[0];
+                if (value < cache.Length)
+                {
+                    DerEnumerated cached = cache[value];
+                    if (cached != null)
+                    {
+                        return cached;
+                    }
+
+                    return cache[value] = new DerEnumerated(Arrays.Clone(enc));
+                }
+            }
+
+            return new DerEnumerated(Arrays.Clone(enc));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerGeneralString.cs b/bc-sharp-crypto/src/asn1/DerGeneralString.cs
new file mode 100644
index 0000000..553b0e0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerGeneralString.cs
@@ -0,0 +1,81 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerGeneralString
+        : DerStringBase
+    {
+        private readonly string str;
+
+        public static DerGeneralString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerGeneralString)
+            {
+                return (DerGeneralString) obj;
+            }
+
+			throw new ArgumentException("illegal object in GetInstance: "
+                    + Platform.GetTypeName(obj));
+        }
+
+        public static DerGeneralString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerGeneralString)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerGeneralString(((Asn1OctetString)o).GetOctets());
+        }
+
+        public DerGeneralString(
+			byte[] str)
+			: this(Strings.FromAsciiByteArray(str))
+        {
+        }
+
+		public DerGeneralString(
+			string str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+        public override string GetString()
+        {
+            return str;
+        }
+
+		public byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(str);
+        }
+
+		internal override void Encode(
+			DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.GeneralString, GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+        {
+			DerGeneralString other = asn1Object as DerGeneralString;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerGeneralizedTime.cs b/bc-sharp-crypto/src/asn1/DerGeneralizedTime.cs
new file mode 100644
index 0000000..b224ebe
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerGeneralizedTime.cs
@@ -0,0 +1,320 @@
+using System;
+using System.Globalization;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Generalized time object.
+     */
+    public class DerGeneralizedTime
+        : Asn1Object
+    {
+        private readonly string time;
+
+        /**
+         * return a generalized time from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerGeneralizedTime GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerGeneralizedTime)
+            {
+                return (DerGeneralizedTime)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * return a Generalized Time object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerGeneralizedTime GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            Asn1Object o = obj.GetObject();
+
+            if (isExplicit || o is DerGeneralizedTime)
+            {
+                return GetInstance(o);
+            }
+
+            return new DerGeneralizedTime(((Asn1OctetString)o).GetOctets());
+        }
+
+        /**
+         * The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z
+         * for local time, or Z+-HHMM on the end, for difference between local
+         * time and UTC time. The fractional second amount f must consist of at
+         * least one number with trailing zeroes removed.
+         *
+         * @param time the time string.
+         * @exception ArgumentException if string is an illegal format.
+         */
+        public DerGeneralizedTime(
+            string time)
+        {
+            this.time = time;
+
+            try
+            {
+                ToDateTime();
+            }
+            catch (FormatException e)
+            {
+                throw new ArgumentException("invalid date string: " + e.Message);
+            }
+        }
+
+        /**
+         * base constructor from a local time object
+         */
+        public DerGeneralizedTime(
+            DateTime time)
+        {
+#if PORTABLE
+            this.time = time.ToUniversalTime().ToString(@"yyyyMMddHHmmss\Z");
+#else
+            this.time = time.ToString(@"yyyyMMddHHmmss\Z");
+#endif
+        }
+
+        internal DerGeneralizedTime(
+            byte[] bytes)
+        {
+            //
+            // explicitly convert to characters
+            //
+            this.time = Strings.FromAsciiByteArray(bytes);
+        }
+
+        /**
+         * Return the time.
+         * @return The time string as it appeared in the encoded object.
+         */
+        public string TimeString
+        {
+            get { return time; }
+        }
+
+        /**
+         * return the time - always in the form of
+         *  YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm).
+         * <p>
+         * Normally in a certificate we would expect "Z" rather than "GMT",
+         * however adding the "GMT" means we can just use:
+         * <pre>
+         *     dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+         * </pre>
+         * To read in the time and Get a date which is compatible with our local
+         * time zone.</p>
+         */
+        public string GetTime()
+        {
+            //
+            // standardise the format.
+            //
+            if (time[time.Length - 1] == 'Z')
+            {
+                return time.Substring(0, time.Length - 1) + "GMT+00:00";
+            }
+            else
+            {
+                int signPos = time.Length - 5;
+                char sign = time[signPos];
+                if (sign == '-' || sign == '+')
+                {
+                    return time.Substring(0, signPos)
+                        + "GMT"
+                        + time.Substring(signPos, 3)
+                        + ":"
+                        + time.Substring(signPos + 3);
+                }
+                else
+                {
+                    signPos = time.Length - 3;
+                    sign = time[signPos];
+                    if (sign == '-' || sign == '+')
+                    {
+                        return time.Substring(0, signPos)
+                            + "GMT"
+                            + time.Substring(signPos)
+                            + ":00";
+                    }
+                }
+            }
+
+            return time + CalculateGmtOffset();
+        }
+
+        private string CalculateGmtOffset()
+        {
+            char sign = '+';
+            DateTime time = ToDateTime();
+
+#if SILVERLIGHT || PORTABLE
+            long offset = time.Ticks - time.ToUniversalTime().Ticks;
+            if (offset < 0)
+            {
+                sign = '-';
+                offset = -offset;
+            }
+            int hours = (int)(offset / TimeSpan.TicksPerHour);
+            int minutes = (int)(offset / TimeSpan.TicksPerMinute) % 60;
+#else
+            // Note: GetUtcOffset incorporates Daylight Savings offset
+            TimeSpan offset =  TimeZone.CurrentTimeZone.GetUtcOffset(time);
+            if (offset.CompareTo(TimeSpan.Zero) < 0)
+            {
+                sign = '-';
+                offset = offset.Duration();
+            }
+            int hours = offset.Hours;
+            int minutes = offset.Minutes;
+#endif
+
+            return "GMT" + sign + Convert(hours) + ":" + Convert(minutes);
+        }
+
+        private static string Convert(
+            int time)
+        {
+            if (time < 10)
+            {
+                return "0" + time;
+            }
+
+            return time.ToString();
+        }
+
+        public DateTime ToDateTime()
+        {
+            string formatStr;
+            string d = time;
+            bool makeUniversal = false;
+
+            if (Platform.EndsWith(d, "Z"))
+            {
+                if (HasFractionalSeconds)
+                {
+                    int fCount = d.Length - d.IndexOf('.') - 2;
+                    formatStr = @"yyyyMMddHHmmss." + FString(fCount) + @"\Z";
+                }
+                else
+                {
+                    formatStr = @"yyyyMMddHHmmss\Z";
+                }
+            }
+            else if (time.IndexOf('-') > 0 || time.IndexOf('+') > 0)
+            {
+                d = GetTime();
+                makeUniversal = true;
+
+                if (HasFractionalSeconds)
+                {
+                    int fCount = Platform.IndexOf(d, "GMT") - 1 - d.IndexOf('.');
+                    formatStr = @"yyyyMMddHHmmss." + FString(fCount) + @"'GMT'zzz";
+                }
+                else
+                {
+                    formatStr = @"yyyyMMddHHmmss'GMT'zzz";
+                }
+            }
+            else
+            {
+                if (HasFractionalSeconds)
+                {
+                    int fCount = d.Length - 1 - d.IndexOf('.');
+                    formatStr = @"yyyyMMddHHmmss." + FString(fCount);
+                }
+                else
+                {
+                    formatStr = @"yyyyMMddHHmmss";
+                }
+
+                // TODO?
+//				dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));
+            }
+
+            return ParseDateString(d, formatStr, makeUniversal);
+        }
+
+        private string FString(
+            int count)
+        {
+            StringBuilder sb = new StringBuilder();
+            for (int i = 0; i < count; ++i)
+            {
+                sb.Append('f');
+            }
+            return sb.ToString();
+        }
+
+        private DateTime ParseDateString(string	s, string format, bool makeUniversal)
+        {
+            /*
+             * NOTE: DateTime.Kind and DateTimeStyles.AssumeUniversal not available in .NET 1.1
+             */
+            DateTimeStyles style = DateTimeStyles.None;
+            if (Platform.EndsWith(format, "Z"))
+            {
+                try
+                {
+                    style = (DateTimeStyles)Enums.GetEnumValue(typeof(DateTimeStyles), "AssumeUniversal");
+                }
+                catch (Exception)
+                {
+                }
+
+                style |= DateTimeStyles.AdjustToUniversal;
+            }
+
+            DateTime dt = DateTime.ParseExact(s, format, DateTimeFormatInfo.InvariantInfo, style);
+
+            return makeUniversal ? dt.ToUniversalTime() : dt;
+        }
+
+        private bool HasFractionalSeconds
+        {
+            get { return time.IndexOf('.') == 14; }
+        }
+
+        private byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(time);
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.GeneralizedTime, GetOctets());
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            DerGeneralizedTime other = asn1Object as DerGeneralizedTime;
+
+            if (other == null)
+                return false;
+
+            return this.time.Equals(other.time);
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            return time.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerGraphicString.cs b/bc-sharp-crypto/src/asn1/DerGraphicString.cs
new file mode 100644
index 0000000..f213f46
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerGraphicString.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerGraphicString
+        : DerStringBase
+    {
+        private readonly byte[] mString;
+
+        /**
+         * return a Graphic String from the passed in object
+         *
+         * @param obj a DerGraphicString or an object that can be converted into one.
+         * @exception IllegalArgumentException if the object cannot be converted.
+         * @return a DerGraphicString instance, or null.
+         */
+        public static DerGraphicString GetInstance(object obj)
+        {
+            if (obj == null || obj is DerGraphicString)
+            {
+                return (DerGraphicString)obj;
+            }
+
+            if (obj is byte[])
+            {
+                try
+                {
+                    return (DerGraphicString)FromByteArray((byte[])obj);
+                }
+                catch (Exception e)
+                {
+                    throw new ArgumentException("encoding error in GetInstance: " + e.ToString(), "obj");
+                }
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * return a Graphic String from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicit true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception IllegalArgumentException if the tagged object cannot
+         *               be converted.
+         * @return a DerGraphicString instance, or null.
+         */
+        public static DerGraphicString GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+            if (isExplicit || o is DerGraphicString)
+			{
+				return GetInstance(o);
+			}
+
+            return new DerGraphicString(((Asn1OctetString)o).GetOctets());
+        }
+
+        /**
+         * basic constructor - with bytes.
+         * @param string the byte encoding of the characters making up the string.
+         */
+        public DerGraphicString(byte[] encoding)
+        {
+            this.mString = Arrays.Clone(encoding);
+        }
+
+        public override string GetString()
+        {
+            return Strings.FromByteArray(mString);
+        }
+
+        public byte[] GetOctets()
+        {
+            return Arrays.Clone(mString);
+        }
+
+        internal override void Encode(DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.GraphicString, mString);
+        }
+
+        protected override int Asn1GetHashCode()
+		{
+            return Arrays.GetHashCode(mString);
+        }
+
+		protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+			DerGraphicString other = asn1Object as DerGraphicString;
+
+            if (other == null)
+				return false;
+
+            return Arrays.AreEqual(mString, other.mString);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerIA5String.cs b/bc-sharp-crypto/src/asn1/DerIA5String.cs
new file mode 100644
index 0000000..63e9158
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerIA5String.cs
@@ -0,0 +1,145 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der IA5String object - this is an ascii string.
+     */
+    public class DerIA5String
+        : DerStringBase
+    {
+        private readonly string str;
+
+        /**
+         * return a IA5 string from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerIA5String GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerIA5String)
+            {
+                return (DerIA5String)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an IA5 string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerIA5String GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerIA5String)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerIA5String(((Asn1OctetString)o).GetOctets());
+        }
+
+        /**
+         * basic constructor - with bytes.
+         */
+        public DerIA5String(
+            byte[] str)
+            : this(Strings.FromAsciiByteArray(str), false)
+        {
+        }
+
+		/**
+		* basic constructor - without validation.
+		*/
+		public DerIA5String(
+			string str)
+			: this(str, false)
+		{
+		}
+
+		/**
+		* Constructor with optional validation.
+		*
+		* @param string the base string to wrap.
+		* @param validate whether or not to check the string.
+		* @throws ArgumentException if validate is true and the string
+		* contains characters that should not be in an IA5String.
+		*/
+		public DerIA5String(
+			string	str,
+			bool	validate)
+		{
+			if (str == null)
+				throw new ArgumentNullException("str");
+			if (validate && !IsIA5String(str))
+				throw new ArgumentException("string contains illegal characters", "str");
+
+			this.str = str;
+		}
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+		public byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(str);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.IA5String, GetOctets());
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+            return this.str.GetHashCode();
+        }
+
+		protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+			DerIA5String other = asn1Object as DerIA5String;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		/**
+		 * return true if the passed in String can be represented without
+		 * loss as an IA5String, false otherwise.
+		 *
+		 * @return true if in printable set, false otherwise.
+		 */
+		public static bool IsIA5String(
+			string str)
+		{
+			foreach (char ch in str)
+			{
+				if (ch > 0x007f)
+				{
+					return false;
+				}
+			}
+
+			return true;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerInteger.cs b/bc-sharp-crypto/src/asn1/DerInteger.cs
new file mode 100644
index 0000000..5b240d2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerInteger.cs
@@ -0,0 +1,128 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerInteger
+        : Asn1Object
+    {
+        private readonly byte[] bytes;
+
+        /**
+         * return an integer from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerInteger GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerInteger)
+            {
+                return (DerInteger)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an Integer from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param isExplicit true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerInteger GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            if (obj == null)
+                throw new ArgumentNullException("obj");
+
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerInteger)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerInteger(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+		public DerInteger(
+            int value)
+        {
+            bytes = BigInteger.ValueOf(value).ToByteArray();
+        }
+
+		public DerInteger(
+            BigInteger value)
+        {
+            if (value == null)
+                throw new ArgumentNullException("value");
+
+			bytes = value.ToByteArray();
+        }
+
+		public DerInteger(
+            byte[] bytes)
+        {
+            if (bytes.Length > 1)
+            {
+                if (bytes[0] == 0 && (bytes[1] & 0x80) == 0)
+                {
+                    throw new ArgumentException("malformed integer");
+                }
+                if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)
+                {
+                    throw new ArgumentException("malformed integer");
+                }
+            }
+            this.bytes = Arrays.Clone(bytes);
+        }
+
+		public BigInteger Value
+        {
+            get { return new BigInteger(bytes); }
+        }
+
+		/**
+         * in some cases positive values Get crammed into a space,
+         * that's not quite big enough...
+         */
+        public BigInteger PositiveValue
+        {
+            get { return new BigInteger(1, bytes); }
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.Integer, bytes);
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+			return Arrays.GetHashCode(bytes);
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerInteger other = asn1Object as DerInteger;
+
+			if (other == null)
+				return false;
+
+			return Arrays.AreEqual(this.bytes, other.bytes);
+        }
+
+		public override string ToString()
+		{
+			return Value.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerNull.cs b/bc-sharp-crypto/src/asn1/DerNull.cs
new file mode 100644
index 0000000..a802f64
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerNull.cs
@@ -0,0 +1,41 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * A Null object.
+	 */
+	public class DerNull
+		: Asn1Null
+	{
+		public static readonly DerNull Instance = new DerNull(0);
+
+		byte[] zeroBytes = new byte[0];
+
+		[Obsolete("Use static Instance object")]
+		public DerNull()
+		{
+		}
+
+		protected internal DerNull(int dummy)
+		{
+		}
+
+		internal override void Encode(
+			DerOutputStream  derOut)
+		{
+			derOut.WriteEncoded(Asn1Tags.Null, zeroBytes);
+		}
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			return asn1Object is DerNull;
+		}
+
+		protected override int Asn1GetHashCode()
+		{
+			return -1;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerNumericString.cs b/bc-sharp-crypto/src/asn1/DerNumericString.cs
new file mode 100644
index 0000000..a729f9e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerNumericString.cs
@@ -0,0 +1,138 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
+     */
+    public class DerNumericString
+        : DerStringBase
+    {
+        private readonly string str;
+
+        /**
+         * return a Numeric string from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerNumericString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerNumericString)
+            {
+                return (DerNumericString)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an Numeric string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerNumericString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerNumericString)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerNumericString(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+		/**
+		 * basic constructor - with bytes.
+		 */
+		public DerNumericString(
+			byte[] str)
+            : this(Strings.FromAsciiByteArray(str), false)
+		{
+		}
+
+		/**
+		 * basic constructor -  without validation..
+		 */
+		public DerNumericString(
+			string str)
+			: this(str, false)
+		{
+		}
+
+		/**
+		* Constructor with optional validation.
+		*
+		* @param string the base string to wrap.
+		* @param validate whether or not to check the string.
+		* @throws ArgumentException if validate is true and the string
+		* contains characters that should not be in a NumericString.
+		*/
+		public DerNumericString(
+			string	str,
+			bool	validate)
+		{
+			if (str == null)
+				throw new ArgumentNullException("str");
+			if (validate && !IsNumericString(str))
+				throw new ArgumentException("string contains illegal characters", "str");
+
+			this.str = str;
+		}
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+		public byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(str);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.NumericString, GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerNumericString other = asn1Object as DerNumericString;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		/**
+		 * Return true if the string can be represented as a NumericString ('0'..'9', ' ')
+		 *
+		 * @param str string to validate.
+		 * @return true if numeric, fale otherwise.
+		 */
+		public static bool IsNumericString(
+			string str)
+		{
+			foreach (char ch in str)
+			{
+				if (ch > 0x007f || (ch != ' ' && !char.IsDigit(ch)))
+					return false;
+			}
+
+			return true;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerObjectIdentifier.cs b/bc-sharp-crypto/src/asn1/DerObjectIdentifier.cs
new file mode 100644
index 0000000..6ac2b7e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerObjectIdentifier.cs
@@ -0,0 +1,347 @@
+using System;
+using System.IO;
+using System.Text;
+using System.Text.RegularExpressions;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerObjectIdentifier
+        : Asn1Object
+    {
+        private readonly string identifier;
+
+        private byte[] body = null;
+
+        /**
+         * return an Oid from the passed in object
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerObjectIdentifier GetInstance(object obj)
+        {
+            if (obj == null || obj is DerObjectIdentifier)
+                return (DerObjectIdentifier) obj;
+            if (obj is byte[])
+                return FromOctetString((byte[])obj);
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * return an object Identifier from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerObjectIdentifier GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(obj.GetObject());
+        }
+
+        public DerObjectIdentifier(
+            string identifier)
+        {
+            if (identifier == null)
+                throw new ArgumentNullException("identifier");
+            if (!IsValidIdentifier(identifier))
+                throw new FormatException("string " + identifier + " not an OID");
+
+            this.identifier = identifier;
+        }
+
+        internal DerObjectIdentifier(DerObjectIdentifier oid, string branchID)
+        {
+            if (!IsValidBranchID(branchID, 0))
+                throw new ArgumentException("string " + branchID + " not a valid OID branch", "branchID");
+
+            this.identifier = oid.Id + "." + branchID;
+        }
+
+        // TODO Change to ID?
+        public string Id
+        {
+            get { return identifier; }
+        }
+
+        public virtual DerObjectIdentifier Branch(string branchID)
+        {
+            return new DerObjectIdentifier(this, branchID);
+        }
+
+        /**
+         * Return  true if this oid is an extension of the passed in branch, stem.
+         * @param stem the arc or branch that is a possible parent.
+         * @return  true if the branch is on the passed in stem, false otherwise.
+         */
+        public virtual bool On(DerObjectIdentifier stem)
+        {
+            string id = Id, stemId = stem.Id;
+            return id.Length > stemId.Length && id[stemId.Length] == '.' && Platform.StartsWith(id, stemId);
+        }
+
+        internal DerObjectIdentifier(byte[] bytes)
+        {
+            this.identifier = MakeOidStringFromBytes(bytes);
+            this.body = Arrays.Clone(bytes);
+        }
+
+        private void WriteField(
+            Stream	outputStream,
+            long	fieldValue)
+        {
+            byte[] result = new byte[9];
+            int pos = 8;
+            result[pos] = (byte)(fieldValue & 0x7f);
+            while (fieldValue >= (1L << 7))
+            {
+                fieldValue >>= 7;
+                result[--pos] = (byte)((fieldValue & 0x7f) | 0x80);
+            }
+            outputStream.Write(result, pos, 9 - pos);
+        }
+
+        private void WriteField(
+            Stream		outputStream,
+            BigInteger	fieldValue)
+        {
+            int byteCount = (fieldValue.BitLength + 6) / 7;
+            if (byteCount == 0)
+            {
+                outputStream.WriteByte(0);
+            }
+            else
+            {
+                BigInteger tmpValue = fieldValue;
+                byte[] tmp = new byte[byteCount];
+                for (int i = byteCount-1; i >= 0; i--)
+                {
+                    tmp[i] = (byte) ((tmpValue.IntValue & 0x7f) | 0x80);
+                    tmpValue = tmpValue.ShiftRight(7);
+                }
+                tmp[byteCount-1] &= 0x7f;
+                outputStream.Write(tmp, 0, tmp.Length);
+            }
+        }
+
+        private void DoOutput(MemoryStream bOut)
+        {
+            OidTokenizer tok = new OidTokenizer(identifier);
+
+            string token = tok.NextToken();
+            int first = int.Parse(token) * 40;
+
+            token = tok.NextToken();
+            if (token.Length <= 18)
+            {
+                WriteField(bOut, first + Int64.Parse(token));
+            }
+            else
+            {
+                WriteField(bOut, new BigInteger(token).Add(BigInteger.ValueOf(first)));
+            }
+
+            while (tok.HasMoreTokens)
+            {
+                token = tok.NextToken();
+                if (token.Length <= 18)
+                {
+                    WriteField(bOut, Int64.Parse(token));
+                }
+                else
+                {
+                    WriteField(bOut, new BigInteger(token));
+                }
+            }
+        }
+
+        internal byte[] GetBody()
+        {
+            lock (this)
+            {
+                if (body == null)
+                {
+                    MemoryStream bOut = new MemoryStream();
+                    DoOutput(bOut);
+                    body = bOut.ToArray();
+                }
+            }
+
+            return body;
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.ObjectIdentifier, GetBody());
+        }
+
+        protected override int Asn1GetHashCode()
+        {
+            return identifier.GetHashCode();
+        }
+
+        protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            DerObjectIdentifier other = asn1Object as DerObjectIdentifier;
+
+            if (other == null)
+                return false;
+
+            return this.identifier.Equals(other.identifier);
+        }
+
+        public override string ToString()
+        {
+            return identifier;
+        }
+
+        private static bool IsValidBranchID(
+            String branchID, int start)
+        {
+            bool periodAllowed = false;
+
+            int pos = branchID.Length;
+            while (--pos >= start)
+            {
+                char ch = branchID[pos];
+
+                // TODO Leading zeroes?
+                if ('0' <= ch && ch <= '9')
+                {
+                    periodAllowed = true;
+                    continue;
+                }
+
+                if (ch == '.')
+                {
+                    if (!periodAllowed)
+                        return false;
+
+                    periodAllowed = false;
+                    continue;
+                }
+
+                return false;
+            }
+
+            return periodAllowed;
+        }
+
+        private static bool IsValidIdentifier(string identifier)
+        {
+            if (identifier.Length < 3 || identifier[1] != '.')
+                return false;
+
+            char first = identifier[0];
+            if (first < '0' || first > '2')
+                return false;
+
+            return IsValidBranchID(identifier, 2);
+        }
+
+        private const long LONG_LIMIT = (long.MaxValue >> 7) - 0x7f;
+
+        private static string MakeOidStringFromBytes(
+            byte[] bytes)
+        {
+            StringBuilder	objId = new StringBuilder();
+            long			value = 0;
+            BigInteger		bigValue = null;
+            bool			first = true;
+
+            for (int i = 0; i != bytes.Length; i++)
+            {
+                int b = bytes[i];
+
+                if (value <= LONG_LIMIT)
+                {
+                    value += (b & 0x7f);
+                    if ((b & 0x80) == 0)             // end of number reached
+                    {
+                        if (first)
+                        {
+                            if (value < 40)
+                            {
+                                objId.Append('0');
+                            }
+                            else if (value < 80)
+                            {
+                                objId.Append('1');
+                                value -= 40;
+                            }
+                            else
+                            {
+                                objId.Append('2');
+                                value -= 80;
+                            }
+                            first = false;
+                        }
+
+                        objId.Append('.');
+                        objId.Append(value);
+                        value = 0;
+                    }
+                    else
+                    {
+                        value <<= 7;
+                    }
+                }
+                else
+                {
+                    if (bigValue == null)
+                    {
+                        bigValue = BigInteger.ValueOf(value);
+                    }
+                    bigValue = bigValue.Or(BigInteger.ValueOf(b & 0x7f));
+                    if ((b & 0x80) == 0)
+                    {
+                        if (first)
+                        {
+                            objId.Append('2');
+                            bigValue = bigValue.Subtract(BigInteger.ValueOf(80));
+                            first = false;
+                        }
+
+                        objId.Append('.');
+                        objId.Append(bigValue);
+                        bigValue = null;
+                        value = 0;
+                    }
+                    else
+                    {
+                        bigValue = bigValue.ShiftLeft(7);
+                    }
+                }
+            }
+
+            return objId.ToString();
+        }
+
+        private static readonly DerObjectIdentifier[] cache = new DerObjectIdentifier[1024];
+
+        internal static DerObjectIdentifier FromOctetString(byte[] enc)
+        {
+            int hashCode = Arrays.GetHashCode(enc);
+            int first = hashCode & 1023;
+
+            lock (cache)
+            {
+                DerObjectIdentifier entry = cache[first];
+                if (entry != null && Arrays.AreEqual(enc, entry.GetBody()))
+                {
+                    return entry;
+                }
+
+                return cache[first] = new DerObjectIdentifier(enc);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerOctetString.cs b/bc-sharp-crypto/src/asn1/DerOctetString.cs
new file mode 100644
index 0000000..c046c94
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerOctetString.cs
@@ -0,0 +1,34 @@
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerOctetString
+        : Asn1OctetString
+    {
+		/// <param name="str">The octets making up the octet string.</param>
+        public DerOctetString(
+			byte[] str)
+			: base(str)
+        {
+        }
+
+		public DerOctetString(
+			Asn1Encodable obj)
+			: base(obj)
+        {
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.OctetString, str);
+        }
+
+		internal static void Encode(
+			DerOutputStream	derOut,
+			byte[]			bytes,
+			int				offset,
+			int				length)
+		{
+			derOut.WriteEncoded(Asn1Tags.OctetString, bytes, offset, length);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerOutputStream.cs b/bc-sharp-crypto/src/asn1/DerOutputStream.cs
new file mode 100644
index 0000000..69d5d5f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerOutputStream.cs
@@ -0,0 +1,171 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerOutputStream
+		: FilterStream
+	{
+		public DerOutputStream(Stream os)
+			: base(os)
+		{
+		}
+
+		private void WriteLength(
+			int length)
+		{
+			if (length > 127)
+			{
+				int size = 1;
+				uint val = (uint)length;
+
+				while ((val >>= 8) != 0)
+				{
+					size++;
+				}
+
+				WriteByte((byte)(size | 0x80));
+
+				for (int i = (size - 1) * 8; i >= 0; i -= 8)
+				{
+					WriteByte((byte)(length >> i));
+				}
+			}
+			else
+			{
+				WriteByte((byte)length);
+			}
+		}
+
+		internal void WriteEncoded(
+			int		tag,
+			byte[]	bytes)
+		{
+			WriteByte((byte)tag);
+			WriteLength(bytes.Length);
+			Write(bytes, 0, bytes.Length);
+		}
+
+        internal void WriteEncoded(
+            int     tag,
+            byte    first,
+            byte[]  bytes)
+        {
+            WriteByte((byte)tag);
+            WriteLength(bytes.Length + 1);
+            WriteByte(first);
+            Write(bytes, 0, bytes.Length);
+        }
+
+        internal void WriteEncoded(
+			int		tag,
+			byte[]	bytes,
+			int		offset,
+			int		length)
+		{
+			WriteByte((byte)tag);
+			WriteLength(length);
+			Write(bytes, offset, length);
+		}
+
+		internal void WriteTag(
+			int	flags,
+			int	tagNo)
+		{
+			if (tagNo < 31)
+			{
+				WriteByte((byte)(flags | tagNo));
+			}
+			else
+			{
+				WriteByte((byte)(flags | 0x1f));
+				if (tagNo < 128)
+				{
+					WriteByte((byte)tagNo);
+				}
+				else
+				{
+					byte[] stack = new byte[5];
+					int pos = stack.Length;
+
+					stack[--pos] = (byte)(tagNo & 0x7F);
+
+					do
+					{
+						tagNo >>= 7;
+						stack[--pos] = (byte)(tagNo & 0x7F | 0x80);
+					}
+					while (tagNo > 127);
+
+					Write(stack, pos, stack.Length - pos);
+				}
+			}
+		}
+
+		internal void WriteEncoded(
+			int		flags,
+			int		tagNo,
+			byte[]	bytes)
+		{
+			WriteTag(flags, tagNo);
+			WriteLength(bytes.Length);
+			Write(bytes, 0, bytes.Length);
+		}
+
+		protected void WriteNull()
+		{
+			WriteByte(Asn1Tags.Null);
+			WriteByte(0x00);
+		}
+
+		[Obsolete("Use version taking an Asn1Encodable arg instead")]
+		public virtual void WriteObject(
+			object obj)
+		{
+			if (obj == null)
+			{
+				WriteNull();
+			}
+			else if (obj is Asn1Object)
+			{
+				((Asn1Object)obj).Encode(this);
+			}
+			else if (obj is Asn1Encodable)
+			{
+				((Asn1Encodable)obj).ToAsn1Object().Encode(this);
+			}
+			else
+			{
+				throw new IOException("object not Asn1Object");
+			}
+		}
+
+		public virtual void WriteObject(
+			Asn1Encodable obj)
+		{
+			if (obj == null)
+			{
+				WriteNull();
+			}
+			else
+			{
+				obj.ToAsn1Object().Encode(this);
+			}
+		}
+
+		public virtual void WriteObject(
+			Asn1Object obj)
+		{
+			if (obj == null)
+			{
+				WriteNull();
+			}
+			else
+			{
+				obj.Encode(this);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerPrintableString.cs b/bc-sharp-crypto/src/asn1/DerPrintableString.cs
new file mode 100644
index 0000000..e179734
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerPrintableString.cs
@@ -0,0 +1,163 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der PrintableString object.
+     */
+    public class DerPrintableString
+        : DerStringBase
+    {
+        private readonly string str;
+
+		/**
+         * return a printable string from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerPrintableString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerPrintableString)
+            {
+                return (DerPrintableString)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return a Printable string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerPrintableString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerPrintableString)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerPrintableString(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+        /**
+         * basic constructor - byte encoded string.
+         */
+        public DerPrintableString(
+            byte[] str)
+            : this(Strings.FromAsciiByteArray(str), false)
+        {
+        }
+
+		/**
+		 * basic constructor - this does not validate the string
+		 */
+		public DerPrintableString(
+			string str)
+			: this(str, false)
+		{
+		}
+
+		/**
+		* Constructor with optional validation.
+		*
+		* @param string the base string to wrap.
+		* @param validate whether or not to check the string.
+		* @throws ArgumentException if validate is true and the string
+		* contains characters that should not be in a PrintableString.
+		*/
+		public DerPrintableString(
+			string	str,
+			bool	validate)
+		{
+			if (str == null)
+				throw new ArgumentNullException("str");
+			if (validate && !IsPrintableString(str))
+				throw new ArgumentException("string contains illegal characters", "str");
+
+			this.str = str;
+		}
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+		public byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(str);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.PrintableString, GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerPrintableString other = asn1Object as DerPrintableString;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		/**
+		 * return true if the passed in String can be represented without
+		 * loss as a PrintableString, false otherwise.
+		 *
+		 * @return true if in printable set, false otherwise.
+		 */
+		public static bool IsPrintableString(
+			string str)
+		{
+			foreach (char ch in str)
+			{
+				if (ch > 0x007f)
+					return false;
+
+				if (char.IsLetterOrDigit(ch))
+					continue;
+
+//				if (char.IsPunctuation(ch))
+//					continue;
+
+				switch (ch)
+				{
+					case ' ':
+					case '\'':
+					case '(':
+					case ')':
+					case '+':
+					case '-':
+					case '.':
+					case ':':
+					case '=':
+					case '?':
+					case '/':
+					case ',':
+						continue;
+				}
+
+				return false;
+			}
+
+			return true;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerSequence.cs b/bc-sharp-crypto/src/asn1/DerSequence.cs
new file mode 100644
index 0000000..a76cf28
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerSequence.cs
@@ -0,0 +1,88 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class DerSequence
+		: Asn1Sequence
+	{
+		public static readonly DerSequence Empty = new DerSequence();
+
+		public static DerSequence FromVector(
+			Asn1EncodableVector v)
+		{
+			return v.Count < 1 ? Empty : new DerSequence(v);
+		}
+
+		/**
+		 * create an empty sequence
+		 */
+		public DerSequence()
+			: base(0)
+		{
+		}
+
+		/**
+		 * create a sequence containing one object
+		 */
+		public DerSequence(
+			Asn1Encodable obj)
+			: base(1)
+		{
+			AddObject(obj);
+		}
+
+		public DerSequence(
+			params Asn1Encodable[] v)
+			: base(v.Length)
+		{
+			foreach (Asn1Encodable ae in v)
+			{
+				AddObject(ae);
+			}
+		}
+
+		/**
+		 * create a sequence containing a vector of objects.
+		 */
+		public DerSequence(
+			Asn1EncodableVector v)
+			: base(v.Count)
+		{
+			foreach (Asn1Encodable ae in v)
+			{
+				AddObject(ae);
+			}
+		}
+
+		/*
+		 * A note on the implementation:
+		 * <p>
+		 * As Der requires the constructed, definite-length model to
+		 * be used for structured types, this varies slightly from the
+		 * ASN.1 descriptions given. Rather than just outputing Sequence,
+		 * we also have to specify Constructed, and the objects length.
+		 */
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			// TODO Intermediate buffer could be avoided if we could calculate expected length
+			MemoryStream bOut = new MemoryStream();
+			DerOutputStream dOut = new DerOutputStream(bOut);
+
+			foreach (Asn1Encodable obj in this)
+			{
+				dOut.WriteObject(obj);
+			}
+
+            Platform.Dispose(dOut);
+
+            byte[] bytes = bOut.ToArray();
+
+			derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, bytes);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerSet.cs b/bc-sharp-crypto/src/asn1/DerSet.cs
new file mode 100644
index 0000000..3df1a67
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerSet.cs
@@ -0,0 +1,111 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * A Der encoded set object
+	 */
+	public class DerSet
+		: Asn1Set
+	{
+		public static readonly DerSet Empty = new DerSet();
+
+		public static DerSet FromVector(
+			Asn1EncodableVector v)
+		{
+			return v.Count < 1 ? Empty : new DerSet(v);
+		}
+
+		internal static DerSet FromVector(
+			Asn1EncodableVector	v,
+			bool				needsSorting)
+		{
+			return v.Count < 1 ? Empty : new DerSet(v, needsSorting);
+		}
+
+		/**
+		 * create an empty set
+		 */
+		public DerSet()
+			: base(0)
+		{
+		}
+
+		/**
+		 * @param obj - a single object that makes up the set.
+		 */
+		public DerSet(
+			Asn1Encodable obj)
+			: base(1)
+		{
+			AddObject(obj);
+		}
+
+		public DerSet(
+			params Asn1Encodable[] v)
+			: base(v.Length)
+		{
+			foreach (Asn1Encodable o in v)
+			{
+				AddObject(o);
+			}
+
+			Sort();
+		}
+
+		/**
+		 * @param v - a vector of objects making up the set.
+		 */
+		public DerSet(
+			Asn1EncodableVector v)
+			: this(v, true)
+		{
+		}
+
+		internal DerSet(
+			Asn1EncodableVector	v,
+			bool				needsSorting)
+			: base(v.Count)
+		{
+			foreach (Asn1Encodable o in v)
+			{
+				AddObject(o);
+			}
+
+			if (needsSorting)
+			{
+				Sort();
+			}
+		}
+
+		/*
+		 * A note on the implementation:
+		 * <p>
+		 * As Der requires the constructed, definite-length model to
+		 * be used for structured types, this varies slightly from the
+		 * ASN.1 descriptions given. Rather than just outputing Set,
+		 * we also have to specify Constructed, and the objects length.
+		 */
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			// TODO Intermediate buffer could be avoided if we could calculate expected length
+			MemoryStream bOut = new MemoryStream();
+			DerOutputStream dOut = new DerOutputStream(bOut);
+
+			foreach (Asn1Encodable obj in this)
+			{
+				dOut.WriteObject(obj);
+			}
+
+            Platform.Dispose(dOut);
+
+            byte[] bytes = bOut.ToArray();
+
+			derOut.WriteEncoded(Asn1Tags.Set | Asn1Tags.Constructed, bytes);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerStringBase.cs b/bc-sharp-crypto/src/asn1/DerStringBase.cs
new file mode 100644
index 0000000..2a5fb04
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerStringBase.cs
@@ -0,0 +1,22 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public abstract class DerStringBase
+		: Asn1Object, IAsn1String
+	{
+		protected DerStringBase()
+		{
+		}
+
+		public abstract string GetString();
+
+		public override string ToString()
+		{
+			return GetString();
+		}
+
+		protected override int Asn1GetHashCode()
+		{
+			return GetString().GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerT61String.cs b/bc-sharp-crypto/src/asn1/DerT61String.cs
new file mode 100644
index 0000000..746ccfe
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerT61String.cs
@@ -0,0 +1,102 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der T61String (also the teletex string) - 8-bit characters
+     */
+    public class DerT61String
+        : DerStringBase
+    {
+		private readonly string str;
+
+		/**
+         * return a T61 string from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerT61String GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerT61String)
+            {
+                return (DerT61String)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an T61 string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerT61String GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerT61String)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerT61String(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+        /**
+         * basic constructor - with bytes.
+         */
+        public DerT61String(
+            byte[] str)
+			: this(Strings.FromByteArray(str))
+		{
+        }
+
+		/**
+         * basic constructor - with string.
+         */
+        public DerT61String(
+            string str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+        internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.T61String, GetOctets());
+        }
+
+        public byte[] GetOctets()
+        {
+			return Strings.ToByteArray(str);
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerT61String other = asn1Object as DerT61String;
+
+			if (other == null)
+				return false;
+
+            return this.str.Equals(other.str);
+        }
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerTaggedObject.cs b/bc-sharp-crypto/src/asn1/DerTaggedObject.cs
new file mode 100644
index 0000000..717d724
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerTaggedObject.cs
@@ -0,0 +1,72 @@
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * DER TaggedObject - in ASN.1 notation this is any object preceded by
+	 * a [n] where n is some number - these are assumed to follow the construction
+	 * rules (as with sequences).
+	 */
+	public class DerTaggedObject
+		: Asn1TaggedObject
+	{
+		/**
+		 * @param tagNo the tag number for this object.
+		 * @param obj the tagged object.
+		 */
+		public DerTaggedObject(
+			int				tagNo,
+			Asn1Encodable	obj)
+			: base(tagNo, obj)
+		{
+		}
+
+		/**
+		 * @param explicitly true if an explicitly tagged object.
+		 * @param tagNo the tag number for this object.
+		 * @param obj the tagged object.
+		 */
+		public DerTaggedObject(
+			bool			explicitly,
+			int				tagNo,
+			Asn1Encodable	obj)
+			: base(explicitly, tagNo, obj)
+		{
+		}
+
+		/**
+		 * create an implicitly tagged object that contains a zero
+		 * length sequence.
+		 */
+		public DerTaggedObject(
+			int tagNo)
+			: base(false, tagNo, DerSequence.Empty)
+		{
+		}
+
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			if (!IsEmpty())
+			{
+				byte[] bytes = obj.GetDerEncoded();
+
+				if (explicitly)
+				{
+					derOut.WriteEncoded(Asn1Tags.Constructed | Asn1Tags.Tagged, tagNo, bytes);
+				}
+				else
+				{
+					//
+					// need to mark constructed types... (preserve Constructed tag)
+					//
+					int flags = (bytes[0] & Asn1Tags.Constructed) | Asn1Tags.Tagged;
+					derOut.WriteTag(flags, tagNo);
+					derOut.Write(bytes, 1, bytes.Length - 1);
+				}
+			}
+			else
+			{
+				derOut.WriteEncoded(Asn1Tags.Constructed | Asn1Tags.Tagged, tagNo, new byte[0]);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerUTCTime.cs b/bc-sharp-crypto/src/asn1/DerUTCTime.cs
new file mode 100644
index 0000000..99af8bf
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerUTCTime.cs
@@ -0,0 +1,267 @@
+using System;
+using System.Globalization;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * UTC time object.
+     */
+    public class DerUtcTime
+        : Asn1Object
+    {
+        private readonly string time;
+
+		/**
+         * return an UTC Time from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerUtcTime GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerUtcTime)
+            {
+                return (DerUtcTime)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an UTC Time from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerUtcTime GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerUtcTime)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerUtcTime(((Asn1OctetString)o).GetOctets());
+        }
+
+        /**
+         * The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were
+         * never encoded. When you're creating one of these objects from scratch, that's
+         * what you want to use, otherwise we'll try to deal with whatever Gets read from
+         * the input stream... (this is why the input format is different from the GetTime()
+         * method output).
+         * <p>
+         * @param time the time string.</p>
+         */
+        public DerUtcTime(
+            string time)
+        {
+			if (time == null)
+				throw new ArgumentNullException("time");
+
+			this.time = time;
+
+			try
+			{
+				ToDateTime();
+			}
+			catch (FormatException e)
+			{
+				throw new ArgumentException("invalid date string: " + e.Message);
+			}
+        }
+
+		/**
+         * base constructor from a DateTime object
+         */
+        public DerUtcTime(
+            DateTime time)
+        {
+#if PORTABLE
+            this.time = time.ToUniversalTime().ToString("yyMMddHHmmss", CultureInfo.InvariantCulture) + "Z";
+#else
+            this.time = time.ToString("yyMMddHHmmss", CultureInfo.InvariantCulture) + "Z";
+#endif
+        }
+
+        internal DerUtcTime(
+            byte[] bytes)
+        {
+            //
+            // explicitly convert to characters
+            //
+            this.time = Strings.FromAsciiByteArray(bytes);
+        }
+
+//		public DateTime ToDateTime()
+//		{
+//			string tm = this.AdjustedTimeString;
+//
+//			return new DateTime(
+//				Int16.Parse(tm.Substring(0, 4)),
+//				Int16.Parse(tm.Substring(4, 2)),
+//				Int16.Parse(tm.Substring(6, 2)),
+//				Int16.Parse(tm.Substring(8, 2)),
+//				Int16.Parse(tm.Substring(10, 2)),
+//				Int16.Parse(tm.Substring(12, 2)));
+//		}
+
+		/**
+		 * return the time as a date based on whatever a 2 digit year will return. For
+		 * standardised processing use ToAdjustedDateTime().
+		 *
+		 * @return the resulting date
+		 * @exception ParseException if the date string cannot be parsed.
+		 */
+		public DateTime ToDateTime()
+		{
+			return ParseDateString(TimeString, @"yyMMddHHmmss'GMT'zzz");
+		}
+
+		/**
+		* return the time as an adjusted date
+		* in the range of 1950 - 2049.
+		*
+		* @return a date in the range of 1950 to 2049.
+		* @exception ParseException if the date string cannot be parsed.
+		*/
+		public DateTime ToAdjustedDateTime()
+		{
+			return ParseDateString(AdjustedTimeString, @"yyyyMMddHHmmss'GMT'zzz");
+		}
+
+		private DateTime ParseDateString(
+			string	dateStr,
+			string	formatStr)
+		{
+			DateTime dt = DateTime.ParseExact(
+				dateStr,
+				formatStr,
+				DateTimeFormatInfo.InvariantInfo);
+
+			return dt.ToUniversalTime();
+		}
+
+		/**
+         * return the time - always in the form of
+         *  YYMMDDhhmmssGMT(+hh:mm|-hh:mm).
+         * <p>
+         * Normally in a certificate we would expect "Z" rather than "GMT",
+         * however adding the "GMT" means we can just use:
+         * <pre>
+         *     dateF = new SimpleDateFormat("yyMMddHHmmssz");
+         * </pre>
+         * To read in the time and Get a date which is compatible with our local
+         * time zone.</p>
+         * <p>
+         * <b>Note:</b> In some cases, due to the local date processing, this
+         * may lead to unexpected results. If you want to stick the normal
+         * convention of 1950 to 2049 use the GetAdjustedTime() method.</p>
+         */
+        public string TimeString
+        {
+			get
+			{
+				//
+				// standardise the format.
+				//
+				if (time.IndexOf('-') < 0 && time.IndexOf('+') < 0)
+				{
+					if (time.Length == 11)
+					{
+						return time.Substring(0, 10) + "00GMT+00:00";
+					}
+					else
+					{
+						return time.Substring(0, 12) + "GMT+00:00";
+					}
+				}
+				else
+				{
+					int index = time.IndexOf('-');
+					if (index < 0)
+					{
+						index = time.IndexOf('+');
+					}
+					string d = time;
+
+					if (index == time.Length - 3)
+					{
+						d += "00";
+					}
+
+					if (index == 10)
+					{
+						return d.Substring(0, 10) + "00GMT" + d.Substring(10, 3) + ":" + d.Substring(13, 2);
+					}
+					else
+					{
+						return d.Substring(0, 12) + "GMT" + d.Substring(12, 3) + ":" +  d.Substring(15, 2);
+					}
+				}
+			}
+        }
+
+		[Obsolete("Use 'AdjustedTimeString' property instead")]
+		public string AdjustedTime
+		{
+			get { return AdjustedTimeString; }
+		}
+
+		/// <summary>
+		/// Return a time string as an adjusted date with a 4 digit year.
+		/// This goes in the range of 1950 - 2049.
+		/// </summary>
+		public string AdjustedTimeString
+		{
+			get
+			{
+				string d = TimeString;
+				string c = d[0] < '5' ? "20" : "19";
+
+				return c + d;
+			}
+		}
+
+        private byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(time);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.UtcTime, GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerUtcTime other = asn1Object as DerUtcTime;
+
+			if (other == null)
+				return false;
+
+			return this.time.Equals(other.time);
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+            return time.GetHashCode();
+        }
+
+		public override string ToString()
+		{
+			return time;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/DerUTF8String.cs b/bc-sharp-crypto/src/asn1/DerUTF8String.cs
new file mode 100644
index 0000000..758a506
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerUTF8String.cs
@@ -0,0 +1,98 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der UTF8String object.
+     */
+    public class DerUtf8String
+        : DerStringBase
+    {
+        private readonly string str;
+
+		/**
+         * return an UTF8 string from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerUtf8String GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerUtf8String)
+            {
+                return (DerUtf8String)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return an UTF8 string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerUtf8String GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerUtf8String)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerUtf8String(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+        /**
+         * basic constructor - byte encoded string.
+         */
+        public DerUtf8String(
+            byte[] str)
+			: this(Encoding.UTF8.GetString(str, 0, str.Length))
+        {
+        }
+
+		/**
+         * basic constructor
+         */
+        public DerUtf8String(
+            string str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerUtf8String other = asn1Object as DerUtf8String;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		internal override void Encode(
+			DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.Utf8String, Encoding.UTF8.GetBytes(str));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerUniversalString.cs b/bc-sharp-crypto/src/asn1/DerUniversalString.cs
new file mode 100644
index 0000000..284d0f8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerUniversalString.cs
@@ -0,0 +1,107 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der UniversalString object.
+     */
+    public class DerUniversalString
+        : DerStringBase
+    {
+        private static readonly char[] table = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+
+		private readonly byte[] str;
+
+		/**
+         * return a Universal string from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerUniversalString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerUniversalString)
+            {
+                return (DerUniversalString)obj;
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return a Universal string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerUniversalString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+			if (isExplicit || o is DerUniversalString)
+			{
+				return GetInstance(o);
+			}
+
+			return new DerUniversalString(Asn1OctetString.GetInstance(o).GetOctets());
+        }
+
+        /**
+         * basic constructor - byte encoded string.
+         */
+        public DerUniversalString(
+            byte[] str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+        public override string GetString()
+        {
+			StringBuilder buffer = new StringBuilder("#");
+			byte[] enc = GetDerEncoded();
+
+			for (int i = 0; i != enc.Length; i++)
+			{
+				uint ubyte = enc[i];
+				buffer.Append(table[(ubyte >> 4) & 0xf]);
+				buffer.Append(table[enc[i] & 0xf]);
+			}
+
+            return buffer.ToString();
+        }
+
+		public byte[] GetOctets()
+        {
+            return (byte[]) str.Clone();
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.UniversalString, this.str);
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerUniversalString other = asn1Object as DerUniversalString;
+
+			if (other == null)
+				return false;
+
+//			return this.GetString().Equals(other.GetString());
+			return Arrays.AreEqual(this.str, other.str);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerVideotexString.cs b/bc-sharp-crypto/src/asn1/DerVideotexString.cs
new file mode 100644
index 0000000..b254010
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerVideotexString.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    public class DerVideotexString
+        : DerStringBase
+    {
+        private readonly byte[] mString;
+
+        /**
+         * return a Videotex String from the passed in object
+         *
+         * @param obj a DERVideotexString or an object that can be converted into one.
+         * @exception IllegalArgumentException if the object cannot be converted.
+         * @return a DERVideotexString instance, or null.
+         */
+        public static DerVideotexString GetInstance(object obj)
+        {
+            if (obj == null || obj is DerVideotexString)
+            {
+                return (DerVideotexString)obj;
+            }
+
+            if (obj is byte[])
+            {
+                try
+                {
+                    return (DerVideotexString)FromByteArray((byte[])obj);
+                }
+                catch (Exception e)
+                {
+                    throw new ArgumentException("encoding error in GetInstance: " + e.ToString(), "obj");
+                }
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+         * return a Videotex String from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicit true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception IllegalArgumentException if the tagged object cannot
+         *               be converted.
+         * @return a DERVideotexString instance, or null.
+         */
+        public static DerVideotexString GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+			Asn1Object o = obj.GetObject();
+
+            if (isExplicit || o is DerVideotexString)
+			{
+				return GetInstance(o);
+			}
+
+            return new DerVideotexString(((Asn1OctetString)o).GetOctets());
+        }
+
+        /**
+         * basic constructor - with bytes.
+         * @param string the byte encoding of the characters making up the string.
+         */
+        public DerVideotexString(byte[] encoding)
+        {
+            this.mString = Arrays.Clone(encoding);
+        }
+
+        public override string GetString()
+        {
+            return Strings.FromByteArray(mString);
+        }
+
+        public byte[] GetOctets()
+        {
+            return Arrays.Clone(mString);
+        }
+
+        internal override void Encode(DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.VideotexString, mString);
+        }
+
+        protected override int Asn1GetHashCode()
+		{
+            return Arrays.GetHashCode(mString);
+        }
+
+		protected override bool Asn1Equals(
+            Asn1Object asn1Object)
+        {
+            DerVideotexString other = asn1Object as DerVideotexString;
+
+            if (other == null)
+				return false;
+
+            return Arrays.AreEqual(mString, other.mString);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/DerVisibleString.cs b/bc-sharp-crypto/src/asn1/DerVisibleString.cs
new file mode 100644
index 0000000..e111220
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/DerVisibleString.cs
@@ -0,0 +1,111 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * Der VisibleString object.
+     */
+    public class DerVisibleString
+        : DerStringBase
+    {
+        private readonly string str;
+
+        /**
+         * return a Visible string from the passed in object.
+         *
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static DerVisibleString GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DerVisibleString)
+            {
+                return (DerVisibleString)obj;
+            }
+
+            if (obj is Asn1OctetString)
+            {
+                return new DerVisibleString(((Asn1OctetString)obj).GetOctets());
+            }
+
+            if (obj is Asn1TaggedObject)
+            {
+                return GetInstance(((Asn1TaggedObject)obj).GetObject());
+            }
+
+            throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj));
+        }
+
+        /**
+         * return a Visible string from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the tagged object cannot
+         *               be converted.
+         */
+        public static DerVisibleString GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(obj.GetObject());
+        }
+
+        /**
+         * basic constructor - byte encoded string.
+         */
+        public DerVisibleString(
+            byte[] str)
+			: this(Strings.FromAsciiByteArray(str))
+        {
+        }
+
+		/**
+         * basic constructor
+         */
+        public DerVisibleString(
+            string str)
+        {
+			if (str == null)
+				throw new ArgumentNullException("str");
+
+			this.str = str;
+        }
+
+		public override string GetString()
+        {
+            return str;
+        }
+
+		public byte[] GetOctets()
+        {
+            return Strings.ToAsciiByteArray(str);
+        }
+
+		internal override void Encode(
+            DerOutputStream derOut)
+        {
+            derOut.WriteEncoded(Asn1Tags.VisibleString, GetOctets());
+        }
+
+		protected override bool Asn1Equals(
+			Asn1Object asn1Object)
+		{
+			DerVisibleString other = asn1Object as DerVisibleString;
+
+			if (other == null)
+				return false;
+
+			return this.str.Equals(other.str);
+        }
+
+		protected override int Asn1GetHashCode()
+		{
+            return this.str.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/IAsn1ApplicationSpecificParser.cs b/bc-sharp-crypto/src/asn1/IAsn1ApplicationSpecificParser.cs
new file mode 100644
index 0000000..89cf64c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/IAsn1ApplicationSpecificParser.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public interface IAsn1ApplicationSpecificParser
+    	: IAsn1Convertible
+	{
+    	IAsn1Convertible ReadObject();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/IAsn1Choice.cs b/bc-sharp-crypto/src/asn1/IAsn1Choice.cs
new file mode 100644
index 0000000..ecd76e4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/IAsn1Choice.cs
@@ -0,0 +1,17 @@
+
+namespace Org.BouncyCastle.Asn1
+{
+	/**
+	 * Marker interface for CHOICE objects - if you implement this in a roll-your-own
+	 * object, any attempt to tag the object implicitly will convert the tag to an
+	 * explicit one as the encoding rules require.
+	 * <p>
+	 * If you use this interface your class should also implement the getInstance
+	 * pattern which takes a tag object and the tagging mode used. 
+	 * </p>
+	 */
+	public interface IAsn1Choice
+	{
+		// marker interface
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/IAsn1Convertible.cs b/bc-sharp-crypto/src/asn1/IAsn1Convertible.cs
new file mode 100644
index 0000000..d3f83af
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/IAsn1Convertible.cs
@@ -0,0 +1,7 @@
+namespace Org.BouncyCastle.Asn1
+{
+	public interface IAsn1Convertible
+	{
+		Asn1Object ToAsn1Object();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/IAsn1String.cs b/bc-sharp-crypto/src/asn1/IAsn1String.cs
new file mode 100644
index 0000000..cbc2635
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/IAsn1String.cs
@@ -0,0 +1,10 @@
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * basic interface for Der string objects.
+     */
+    public interface IAsn1String
+    {
+        string GetString();
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/IndefiniteLengthInputStream.cs b/bc-sharp-crypto/src/asn1/IndefiniteLengthInputStream.cs
new file mode 100644
index 0000000..09d0e3a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/IndefiniteLengthInputStream.cs
@@ -0,0 +1,170 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	class IndefiniteLengthInputStream
+		: LimitedInputStream
+	{
+        private int _lookAhead;
+        private bool _eofOn00 = true;
+
+		internal IndefiniteLengthInputStream(
+			Stream	inStream,
+			int		limit)
+			: base(inStream, limit)
+		{
+            _lookAhead = RequireByte();
+            CheckForEof();
+		}
+
+		internal void SetEofOn00(
+			bool eofOn00)
+		{
+			_eofOn00 = eofOn00;
+            if (_eofOn00)
+            {
+                CheckForEof();
+            }
+        }
+
+        private bool CheckForEof()
+		{
+            if (_lookAhead == 0x00)
+            {
+                int extra = RequireByte();
+                if (extra != 0)
+                {
+                    throw new IOException("malformed end-of-contents marker");
+                }
+
+                _lookAhead = -1;
+                SetParentEofDetect(true);
+                return true;
+            }
+            return _lookAhead < 0;
+        }
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			// Only use this optimisation if we aren't checking for 00
+			if (_eofOn00 || count <= 1)
+				return base.Read(buffer, offset, count);
+
+			if (_lookAhead < 0)
+				return 0;
+
+			int numRead = _in.Read(buffer, offset + 1, count - 1);
+
+			if (numRead <= 0)
+			{
+				// Corrupted stream
+				throw new EndOfStreamException();
+			}
+
+			buffer[offset] = (byte)_lookAhead;
+			_lookAhead = RequireByte();
+
+			return numRead + 1;
+		}
+
+		public override int ReadByte()
+		{
+            if (_eofOn00 && CheckForEof())
+				return -1;
+
+            int result = _lookAhead;
+            _lookAhead = RequireByte();
+            return result;
+		}
+
+        private int RequireByte()
+        {
+            int b = _in.ReadByte();
+            if (b < 0)
+            {
+                // Corrupted stream
+                throw new EndOfStreamException();
+            }
+            return b;
+        }
+	}
+}
+
+//using System;
+//using System.IO;
+
+//namespace Org.BouncyCastle.Asn1
+//{
+//    class IndefiniteLengthInputStream
+//        : LimitedInputStream
+//    {
+//        private bool _eofReached = false;
+//        private bool _eofOn00 = true;
+
+//        internal IndefiniteLengthInputStream(
+//            Stream	inStream,
+//            int		limit)
+//            : base(inStream, limit)
+//        {
+//        }
+
+//        internal void SetEofOn00(
+//            bool eofOn00)
+//        {
+//            _eofOn00 = eofOn00;
+//        }
+
+//        public override int Read(
+//            byte[]	buffer,
+//            int		offset,
+//            int		count)
+//        {
+//            if (_eofReached)
+//                return 0;
+
+//            if (_eofOn00)
+//                return base.Read(buffer, offset, count);
+
+//            int numRead = _in.Read(buffer, offset, count);
+
+//            if (numRead <= 0)
+//                throw new EndOfStreamException();
+
+//            return numRead;
+//        }
+
+//        public override int ReadByte()
+//        {
+//            if (_eofReached)
+//                return -1;
+
+//            int b1 = _in.ReadByte();
+
+//            if (b1 < 0)
+//                throw new EndOfStreamException();
+
+//            if (b1 == 0 && _eofOn00)
+//            {
+//                int b2 = _in.ReadByte();
+
+//                if (b2 < 0)
+//                    throw new EndOfStreamException();
+
+//                if (b2 == 0)
+//                {
+//                    _eofReached = true;
+//                    SetParentEofDetect(true);
+//                    return -1;
+//                }
+
+//                throw new InvalidDataException();
+//            }
+
+//            return b1;
+//        }
+//    }
+//}
diff --git a/bc-sharp-crypto/src/asn1/LazyASN1InputStream.cs b/bc-sharp-crypto/src/asn1/LazyASN1InputStream.cs
new file mode 100644
index 0000000..4cf2305
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/LazyASN1InputStream.cs
@@ -0,0 +1,33 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+	public class LazyAsn1InputStream
+		: Asn1InputStream
+	{
+		public LazyAsn1InputStream(
+			byte[] input)
+			: base(input)
+		{
+		}
+
+		public LazyAsn1InputStream(
+			Stream inputStream)
+			: base(inputStream)
+		{
+		}
+
+		internal override DerSequence CreateDerSequence(
+			DefiniteLengthInputStream dIn)
+		{
+			return new LazyDerSequence(dIn.ToArray());
+		}
+
+		internal override DerSet CreateDerSet(
+			DefiniteLengthInputStream dIn)
+		{
+			return new LazyDerSet(dIn.ToArray());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/LazyDERSequence.cs b/bc-sharp-crypto/src/asn1/LazyDERSequence.cs
new file mode 100644
index 0000000..7301bc1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/LazyDERSequence.cs
@@ -0,0 +1,80 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+
+namespace Org.BouncyCastle.Asn1
+{
+	internal class LazyDerSequence
+		: DerSequence
+	{
+		private byte[] encoded;
+
+        internal LazyDerSequence(
+			byte[] encoded)
+		{
+			this.encoded = encoded;
+		}
+
+		private void Parse()
+		{
+			lock (this)
+			{
+				if (encoded != null)
+				{
+					Asn1InputStream e = new LazyAsn1InputStream(encoded);
+
+					Asn1Object o;
+					while ((o = e.ReadObject()) != null)
+					{
+						AddObject(o);
+					}
+
+					encoded = null;
+				}
+			}
+		}
+
+		public override Asn1Encodable this[int index]
+		{
+			get
+			{
+				Parse();
+
+				return base[index];
+			}
+		}
+
+		public override IEnumerator GetEnumerator()
+		{
+			Parse();
+
+			return base.GetEnumerator();
+		}
+
+		public override int Count
+		{
+			get
+			{
+				Parse();
+
+				return base.Count;
+			}
+		}
+
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			lock (this)
+			{
+				if (encoded == null)
+				{
+					base.Encode(derOut);
+				}
+				else
+				{
+					derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, encoded);
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/LazyDERSet.cs b/bc-sharp-crypto/src/asn1/LazyDERSet.cs
new file mode 100644
index 0000000..e6c9319
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/LazyDERSet.cs
@@ -0,0 +1,80 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+
+namespace Org.BouncyCastle.Asn1
+{
+	internal class LazyDerSet
+		: DerSet
+	{
+		private byte[] encoded;
+
+        internal LazyDerSet(
+			byte[] encoded)
+		{
+			this.encoded = encoded;
+		}
+
+		private void Parse()
+		{
+			lock (this)
+			{
+				if (encoded != null)
+				{
+					Asn1InputStream e = new LazyAsn1InputStream(encoded);
+
+					Asn1Object o;
+					while ((o = e.ReadObject()) != null)
+					{
+						AddObject(o);
+					}
+
+					encoded = null;
+				}
+			}
+		}
+
+		public override Asn1Encodable this[int index]
+		{
+			get
+			{
+				Parse();
+
+				return base[index];
+			}
+		}
+
+		public override IEnumerator GetEnumerator()
+		{
+			Parse();
+
+			return base.GetEnumerator();
+		}
+
+		public override int Count
+		{
+			get
+			{
+				Parse();
+
+				return base.Count;
+			}
+		}
+
+		internal override void Encode(
+			DerOutputStream derOut)
+		{
+			lock (this)
+			{
+				if (encoded == null)
+				{
+					base.Encode(derOut);
+				}
+				else
+				{
+					derOut.WriteEncoded(Asn1Tags.Set | Asn1Tags.Constructed, encoded);
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/LimitedInputStream.cs b/bc-sharp-crypto/src/asn1/LimitedInputStream.cs
new file mode 100644
index 0000000..62486aa
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/LimitedInputStream.cs
@@ -0,0 +1,35 @@
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Asn1
+{
+    internal abstract class LimitedInputStream
+        : BaseInputStream
+    {
+        protected readonly Stream _in;
+		private int _limit;
+
+        internal LimitedInputStream(
+            Stream	inStream,
+			int		limit)
+        {
+            this._in = inStream;
+			this._limit = limit;
+        }
+
+	    internal virtual int GetRemaining()
+	    {
+	        // TODO: maybe one day this can become more accurate
+	        return _limit;
+	    }
+
+		protected virtual void SetParentEofDetect(bool on)
+        {
+            if (_in is IndefiniteLengthInputStream)
+            {
+                ((IndefiniteLengthInputStream)_in).SetEofOn00(on);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/OidTokenizer.cs b/bc-sharp-crypto/src/asn1/OidTokenizer.cs
new file mode 100644
index 0000000..6e76e8c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/OidTokenizer.cs
@@ -0,0 +1,45 @@
+namespace Org.BouncyCastle.Asn1
+{
+    /**
+     * class for breaking up an Oid into it's component tokens, ala
+     * java.util.StringTokenizer. We need this class as some of the
+     * lightweight Java environment don't support classes like
+     * StringTokenizer.
+     */
+    public class OidTokenizer
+    {
+        private string  oid;
+        private int     index;
+
+		public OidTokenizer(
+            string oid)
+        {
+            this.oid = oid;
+        }
+
+		public bool HasMoreTokens
+        {
+			get { return index != -1; }
+        }
+
+		public string NextToken()
+        {
+            if (index == -1)
+            {
+                return null;
+            }
+
+            int end = oid.IndexOf('.', index);
+            if (end == -1)
+            {
+                string lastToken = oid.Substring(index);
+                index = -1;
+                return lastToken;
+            }
+
+            string nextToken = oid.Substring(index, end - index);
+			index = end + 1;
+            return nextToken;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/anssi/ANSSINamedCurves.cs b/bc-sharp-crypto/src/asn1/anssi/ANSSINamedCurves.cs
new file mode 100644
index 0000000..d0c90eb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/anssi/ANSSINamedCurves.cs
@@ -0,0 +1,123 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.Anssi
+{
+    public class AnssiNamedCurves
+    {
+        private static ECCurve ConfigureCurve(ECCurve curve)
+        {
+            return curve;
+        }
+
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        /*
+         * FRP256v1
+         */
+        internal class Frp256v1Holder
+            : X9ECParametersHolder
+        {
+            private Frp256v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Frp256v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger p = FromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C03");
+                BigInteger a = FromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C00");
+                BigInteger b = FromHex("EE353FCA5428A9300D4ABA754A44C00FDFEC0C9AE4B1A1803075ED967B7BB73F");
+                byte[] S = null;
+                BigInteger n = FromHex("F1FD178C0B3AD58F10126DE8CE42435B53DC67E140D2BF941FFDD459C6D655E1");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "B6B3D4C356C139EB31183D4749D423958C27D2DCAF98B70164C97A2DD98F5CFF"
+                    + "6142E0F7C8B204911F9271F0F3ECEF8C2701C307E8E4C9E183115A1554062CFB"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        };
+
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary curves = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurve(
+            string					name,
+            DerObjectIdentifier		oid,
+            X9ECParametersHolder	holder)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+            curves.Add(oid, holder);
+        }
+
+        static AnssiNamedCurves()
+        {
+            DefineCurve("FRP256v1", AnssiObjectIdentifiers.FRP256v1, Frp256v1Holder.Instance);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+         * return the X9ECParameters object for the named curve represented by
+         * the passed in object identifier. Null if the curve isn't present.
+         *
+         * @param oid an object identifier representing a named curve, if present.
+         */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)curves[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+         * return the named curve name represented by the given object identifier.
+         */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string)names[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs
new file mode 100644
index 0000000..d230832
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Anssi
+{
+    public sealed class AnssiObjectIdentifiers
+    {
+        private AnssiObjectIdentifiers()
+        {
+        }
+
+        public static readonly DerObjectIdentifier FRP256v1 = new DerObjectIdentifier("1.2.250.1.223.101.256.1");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/bc/BCObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/bc/BCObjectIdentifiers.cs
new file mode 100644
index 0000000..075e538
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/bc/BCObjectIdentifiers.cs
@@ -0,0 +1,39 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.BC
+{
+	public abstract class BCObjectIdentifiers
+	{
+		// iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle
+		// 1.3.6.1.4.1.22554
+		public static readonly DerObjectIdentifier bc = new DerObjectIdentifier("1.3.6.1.4.1.22554");
+
+		// pbe(1) algorithms
+		public static readonly DerObjectIdentifier bc_pbe = new DerObjectIdentifier(bc + ".1");
+
+		// SHA-1(1)
+		public static readonly DerObjectIdentifier bc_pbe_sha1 = new DerObjectIdentifier(bc_pbe + ".1");
+
+		// SHA-2(2) . (SHA-256(1)|SHA-384(2)|SHA-512(3)|SHA-224(4))
+		public static readonly DerObjectIdentifier bc_pbe_sha256 = new DerObjectIdentifier(bc_pbe + ".2.1");
+		public static readonly DerObjectIdentifier bc_pbe_sha384 = new DerObjectIdentifier(bc_pbe + ".2.2");
+		public static readonly DerObjectIdentifier bc_pbe_sha512 = new DerObjectIdentifier(bc_pbe + ".2.3");
+		public static readonly DerObjectIdentifier bc_pbe_sha224 = new DerObjectIdentifier(bc_pbe + ".2.4");
+		
+		// PKCS-5(1)|PKCS-12(2)
+		public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs5 = new DerObjectIdentifier(bc_pbe_sha1 + ".1");
+		public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12 = new DerObjectIdentifier(bc_pbe_sha1 + ".2");
+		
+		public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs5 = new DerObjectIdentifier(bc_pbe_sha256 + ".1");
+		public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12 = new DerObjectIdentifier(bc_pbe_sha256 + ".2");
+
+		// AES(1) . (CBC-128(2)|CBC-192(22)|CBC-256(42))
+		public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes128_cbc = new DerObjectIdentifier(bc_pbe_sha1_pkcs12 + ".1.2");
+		public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes192_cbc = new DerObjectIdentifier(bc_pbe_sha1_pkcs12 + ".1.22");
+		public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes256_cbc = new DerObjectIdentifier(bc_pbe_sha1_pkcs12 + ".1.42");
+
+		public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes128_cbc = new DerObjectIdentifier(bc_pbe_sha256_pkcs12 + ".1.2");
+		public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes192_cbc = new DerObjectIdentifier(bc_pbe_sha256_pkcs12 + ".1.22");
+		public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes256_cbc = new DerObjectIdentifier(bc_pbe_sha256_pkcs12 + ".1.42");
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs b/bc-sharp-crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
new file mode 100644
index 0000000..b74bac8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
@@ -0,0 +1,62 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CAKeyUpdAnnContent
+		: Asn1Encodable
+	{
+		private readonly CmpCertificate oldWithNew;
+		private readonly CmpCertificate newWithOld;
+		private readonly CmpCertificate newWithNew;
+
+		private CAKeyUpdAnnContent(Asn1Sequence seq)
+		{
+			oldWithNew = CmpCertificate.GetInstance(seq[0]);
+			newWithOld = CmpCertificate.GetInstance(seq[1]);
+			newWithNew = CmpCertificate.GetInstance(seq[2]);
+		}
+
+		public static CAKeyUpdAnnContent GetInstance(object obj)
+		{
+			if (obj is CAKeyUpdAnnContent)
+				return (CAKeyUpdAnnContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new CAKeyUpdAnnContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual CmpCertificate OldWithNew
+		{
+			get { return oldWithNew; }
+		}
+		
+		public virtual CmpCertificate NewWithOld
+		{
+			get { return newWithOld; }
+		}
+
+		public virtual CmpCertificate NewWithNew
+		{
+			get { return newWithNew; }
+		}
+
+		/**
+		 * <pre>
+		 * CAKeyUpdAnnContent ::= SEQUENCE {
+		 *                             oldWithNew   CmpCertificate, -- old pub signed with new priv
+		 *                             newWithOld   CmpCertificate, -- new pub signed with old priv
+		 *                             newWithNew   CmpCertificate  -- new pub signed with new priv
+		 *  }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(oldWithNew, newWithOld, newWithNew);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertConfirmContent.cs b/bc-sharp-crypto/src/asn1/cmp/CertConfirmContent.cs
new file mode 100644
index 0000000..370a9e7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertConfirmContent.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertConfirmContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private CertConfirmContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static CertConfirmContent GetInstance(object obj)
+		{
+			if (obj is CertConfirmContent)
+				return (CertConfirmContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new CertConfirmContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual CertStatus[] ToCertStatusArray()
+		{
+			CertStatus[] result = new CertStatus[content.Count];
+			for (int i = 0; i != result.Length; i++)
+			{
+				result[i] = CertStatus.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * CertConfirmContent ::= SEQUENCE OF CertStatus
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertOrEncCert.cs b/bc-sharp-crypto/src/asn1/cmp/CertOrEncCert.cs
new file mode 100644
index 0000000..eb200e1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertOrEncCert.cs
@@ -0,0 +1,86 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertOrEncCert
+		: Asn1Encodable, IAsn1Choice
+	{
+		private readonly CmpCertificate certificate;
+		private readonly EncryptedValue encryptedCert;
+
+		private CertOrEncCert(Asn1TaggedObject tagged)
+		{
+			if (tagged.TagNo == 0)
+			{
+				certificate = CmpCertificate.GetInstance(tagged.GetObject());
+			}
+			else if (tagged.TagNo == 1)
+			{
+				encryptedCert = EncryptedValue.GetInstance(tagged.GetObject());
+			}
+			else
+			{
+				throw new ArgumentException("unknown tag: " + tagged.TagNo, "tagged");
+			}
+		}
+		
+		public static CertOrEncCert GetInstance(object obj)
+		{
+			if (obj is CertOrEncCert)
+				return (CertOrEncCert)obj;
+
+			if (obj is Asn1TaggedObject)
+				return new CertOrEncCert((Asn1TaggedObject)obj);
+
+			throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public CertOrEncCert(CmpCertificate certificate)
+		{
+			if (certificate == null)
+				throw new ArgumentNullException("certificate");
+
+			this.certificate = certificate;
+		}
+
+		public CertOrEncCert(EncryptedValue encryptedCert)
+		{
+			if (encryptedCert == null)
+				throw new ArgumentNullException("encryptedCert");
+
+			this.encryptedCert = encryptedCert;
+		}
+
+		public virtual CmpCertificate Certificate
+		{
+			get { return certificate; }
+		}
+
+		public virtual EncryptedValue EncryptedCert
+		{
+			get { return encryptedCert; }
+		}
+
+		/**
+		 * <pre>
+		 * CertOrEncCert ::= CHOICE {
+		 *                      certificate     [0] CMPCertificate,
+		 *                      encryptedCert   [1] EncryptedValue
+		 *           }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			if (certificate != null)
+			{
+				return new DerTaggedObject(true, 0, certificate);
+			}
+
+			return new DerTaggedObject(true, 1, encryptedCert);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertRepMessage.cs b/bc-sharp-crypto/src/asn1/cmp/CertRepMessage.cs
new file mode 100644
index 0000000..8286978
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertRepMessage.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertRepMessage
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence caPubs;
+		private readonly Asn1Sequence response;
+		
+		private CertRepMessage(Asn1Sequence seq)
+		{
+			int index = 0;
+
+			if (seq.Count > 1)
+			{
+				caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true);
+			}
+
+			response = Asn1Sequence.GetInstance(seq[index]);
+		}
+
+		public static CertRepMessage GetInstance(object obj)
+		{
+			if (obj is CertRepMessage)
+				return (CertRepMessage)obj;
+
+			if (obj is Asn1Sequence)
+				return new CertRepMessage((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public CertRepMessage(CmpCertificate[] caPubs, CertResponse[] response)
+		{
+			if (response == null)
+				throw new ArgumentNullException("response");
+
+			if (caPubs != null)
+			{
+				this.caPubs = new DerSequence(caPubs);
+			}
+
+			this.response = new DerSequence(response);
+		}
+
+		public virtual CmpCertificate[] GetCAPubs()
+		{
+			if (caPubs == null)
+				return null;
+
+			CmpCertificate[] results = new CmpCertificate[caPubs.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CmpCertificate.GetInstance(caPubs[i]);
+			}
+			return results;
+		}
+
+		public virtual CertResponse[] GetResponse()
+		{
+			CertResponse[] results = new CertResponse[response.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CertResponse.GetInstance(response[i]);
+			}
+			return results;
+		}
+
+		/**
+		 * <pre>
+		 * CertRepMessage ::= SEQUENCE {
+		 *                          caPubs       [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
+		 *                                                                             OPTIONAL,
+		 *                          response         SEQUENCE OF CertResponse
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (caPubs != null)
+			{
+				v.Add(new DerTaggedObject(true, 1, caPubs));
+			}
+
+			v.Add(response);
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertResponse.cs b/bc-sharp-crypto/src/asn1/cmp/CertResponse.cs
new file mode 100644
index 0000000..843fd92
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertResponse.cs
@@ -0,0 +1,116 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertResponse
+		: Asn1Encodable
+	{
+		private readonly DerInteger certReqId;
+		private readonly PkiStatusInfo status;
+		private readonly CertifiedKeyPair certifiedKeyPair;
+		private readonly Asn1OctetString rspInfo;
+
+		private CertResponse(Asn1Sequence seq)
+		{
+			certReqId = DerInteger.GetInstance(seq[0]);
+			status = PkiStatusInfo.GetInstance(seq[1]);
+
+			if (seq.Count >= 3)
+			{
+				if (seq.Count == 3)
+				{
+					Asn1Encodable o = seq[2];
+					if (o is Asn1OctetString)
+					{
+						rspInfo = Asn1OctetString.GetInstance(o);
+					}
+					else
+					{
+						certifiedKeyPair = CertifiedKeyPair.GetInstance(o);
+					}
+				}
+				else
+				{
+					certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]);
+					rspInfo = Asn1OctetString.GetInstance(seq[3]);
+				}
+			}
+		}
+
+		public static CertResponse GetInstance(object obj)
+		{
+			if (obj is CertResponse)
+				return (CertResponse)obj;
+
+			if (obj is Asn1Sequence)
+				return new CertResponse((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public CertResponse(
+			DerInteger certReqId,
+			PkiStatusInfo status)
+			: this(certReqId, status, null, null)
+		{
+		}
+
+		public CertResponse(
+			DerInteger			certReqId,
+			PkiStatusInfo		status,
+			CertifiedKeyPair	certifiedKeyPair,
+			Asn1OctetString		rspInfo)
+		{
+			if (certReqId == null)
+				throw new ArgumentNullException("certReqId");
+
+			if (status == null)
+				throw new ArgumentNullException("status");
+
+			this.certReqId = certReqId;
+			this.status = status;
+			this.certifiedKeyPair = certifiedKeyPair;
+			this.rspInfo = rspInfo;
+		}
+
+		public virtual DerInteger CertReqID
+		{
+			get { return certReqId; }
+		}
+
+		public virtual PkiStatusInfo Status
+		{
+			get { return status; }
+		}
+
+		public virtual CertifiedKeyPair CertifiedKeyPair
+		{
+			get { return certifiedKeyPair; }
+		}
+
+		/**
+		 * <pre>
+		 * CertResponse ::= SEQUENCE {
+		 *                            certReqId           INTEGER,
+		 *                            -- to match this response with corresponding request (a value
+		 *                            -- of -1 is to be used if certReqId is not specified in the
+		 *                            -- corresponding request)
+		 *                            status              PKIStatusInfo,
+		 *                            certifiedKeyPair    CertifiedKeyPair    OPTIONAL,
+		 *                            rspInfo             OCTET STRING        OPTIONAL
+		 *                            -- analogous to the id-regInfo-utf8Pairs string defined
+		 *                            -- for regInfo in CertReqMsg [CRMF]
+		 *             }
+		 * </pre> 
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certReqId, status);
+			v.AddOptional(certifiedKeyPair, rspInfo);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertStatus.cs b/bc-sharp-crypto/src/asn1/cmp/CertStatus.cs
new file mode 100644
index 0000000..d437b57
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertStatus.cs
@@ -0,0 +1,85 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertStatus
+		: Asn1Encodable
+	{
+		private readonly Asn1OctetString certHash;
+		private readonly DerInteger certReqId;
+		private readonly PkiStatusInfo statusInfo;
+
+		private CertStatus(Asn1Sequence seq)
+		{
+			certHash = Asn1OctetString.GetInstance(seq[0]);
+			certReqId = DerInteger.GetInstance(seq[1]);
+
+			if (seq.Count > 2)
+			{
+				statusInfo = PkiStatusInfo.GetInstance(seq[2]);
+			}
+		}
+
+		public CertStatus(byte[] certHash, BigInteger certReqId)
+		{
+			this.certHash = new DerOctetString(certHash);
+			this.certReqId = new DerInteger(certReqId);
+		}
+
+		public CertStatus(byte[] certHash, BigInteger certReqId, PkiStatusInfo statusInfo)
+		{
+			this.certHash = new DerOctetString(certHash);
+			this.certReqId = new DerInteger(certReqId);
+			this.statusInfo = statusInfo;
+		}
+
+		public static CertStatus GetInstance(object obj)
+		{
+			if (obj is CertStatus)
+				return (CertStatus)obj;
+
+			if (obj is Asn1Sequence)
+				return new CertStatus((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual Asn1OctetString CertHash
+		{
+			get { return certHash; }
+		}
+
+		public virtual DerInteger CertReqID
+		{
+			get { return certReqId; }
+		}
+
+		public virtual PkiStatusInfo StatusInfo
+		{
+			get { return statusInfo; }
+		}
+
+		/**
+		 * <pre>
+		 * CertStatus ::= SEQUENCE {
+		 *                   certHash    OCTET STRING,
+		 *                   -- the hash of the certificate, using the same hash algorithm
+		 *                   -- as is used to create and verify the certificate signature
+		 *                   certReqId   INTEGER,
+		 *                   -- to match this confirmation with the corresponding req/rep
+		 *                   statusInfo  PKIStatusInfo OPTIONAL
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certHash, certReqId);
+			v.AddOptional(statusInfo);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CertifiedKeyPair.cs b/bc-sharp-crypto/src/asn1/cmp/CertifiedKeyPair.cs
new file mode 100644
index 0000000..c06f000
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CertifiedKeyPair.cs
@@ -0,0 +1,115 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CertifiedKeyPair
+		: Asn1Encodable
+	{
+		private readonly CertOrEncCert certOrEncCert;
+		private readonly EncryptedValue privateKey;
+		private readonly PkiPublicationInfo publicationInfo;
+
+		private CertifiedKeyPair(Asn1Sequence seq)
+		{
+			certOrEncCert = CertOrEncCert.GetInstance(seq[0]);
+
+			if (seq.Count >= 2)
+			{
+				if (seq.Count == 2)
+				{
+					Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[1]);
+					if (tagged.TagNo == 0)
+					{
+						privateKey = EncryptedValue.GetInstance(tagged.GetObject());
+					}
+					else
+					{
+						publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject());
+					}
+				}
+				else
+				{
+					privateKey = EncryptedValue.GetInstance(Asn1TaggedObject.GetInstance(seq[1]));
+					publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2]));
+				}
+			}
+		}
+
+		public static CertifiedKeyPair GetInstance(object obj)
+		{
+			if (obj is CertifiedKeyPair)
+				return (CertifiedKeyPair)obj;
+
+			if (obj is Asn1Sequence)
+				return new CertifiedKeyPair((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public CertifiedKeyPair(
+			CertOrEncCert certOrEncCert)
+			: this(certOrEncCert, null, null)
+		{
+		}
+
+		public CertifiedKeyPair(
+			CertOrEncCert		certOrEncCert,
+			EncryptedValue		privateKey,
+			PkiPublicationInfo	publicationInfo
+		)
+		{
+			if (certOrEncCert == null)
+				throw new ArgumentNullException("certOrEncCert");
+
+			this.certOrEncCert = certOrEncCert;
+			this.privateKey = privateKey;
+			this.publicationInfo = publicationInfo;
+		}
+
+		public virtual CertOrEncCert CertOrEncCert
+		{
+			get { return certOrEncCert; }
+		}
+
+		public virtual EncryptedValue PrivateKey
+		{
+			get { return privateKey; }
+		}
+
+		public virtual PkiPublicationInfo PublicationInfo
+		{
+			get { return publicationInfo; }
+		}
+
+		/**
+		 * <pre>
+		 * CertifiedKeyPair ::= SEQUENCE {
+		 *                                  certOrEncCert       CertOrEncCert,
+		 *                                  privateKey      [0] EncryptedValue      OPTIONAL,
+		 *                                  -- see [CRMF] for comment on encoding
+		 *                                  publicationInfo [1] PKIPublicationInfo  OPTIONAL
+		 *       }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certOrEncCert);
+
+			if (privateKey != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, privateKey));
+			}
+
+			if (publicationInfo != null)
+			{
+				v.Add(new DerTaggedObject(true, 1, publicationInfo));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/Challenge.cs b/bc-sharp-crypto/src/asn1/cmp/Challenge.cs
new file mode 100644
index 0000000..5c78c2a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/Challenge.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class Challenge
+		: Asn1Encodable
+	{
+		private readonly AlgorithmIdentifier owf;
+		private readonly Asn1OctetString witness;
+		private readonly Asn1OctetString challenge;
+
+		private Challenge(Asn1Sequence seq)
+		{
+			int index = 0;
+
+			if (seq.Count == 3)
+			{
+				owf = AlgorithmIdentifier.GetInstance(seq[index++]);
+			}
+
+			witness = Asn1OctetString.GetInstance(seq[index++]);
+			challenge = Asn1OctetString.GetInstance(seq[index]);
+		}
+
+		public static Challenge GetInstance(object obj)
+		{
+			if (obj is Challenge)
+				return (Challenge)obj;
+
+			if (obj is Asn1Sequence)
+				return new Challenge((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual AlgorithmIdentifier Owf
+		{
+			get { return owf; }
+		}
+
+		/**
+		 * <pre>
+		 * Challenge ::= SEQUENCE {
+		 *                 owf                 AlgorithmIdentifier  OPTIONAL,
+		 *
+		 *                 -- MUST be present in the first Challenge; MAY be omitted in
+		 *                 -- any subsequent Challenge in POPODecKeyChallContent (if
+		 *                 -- omitted, then the owf used in the immediately preceding
+		 *                 -- Challenge is to be used).
+		 *
+		 *                 witness             OCTET STRING,
+		 *                 -- the result of applying the one-way function (owf) to a
+		 *                 -- randomly-generated INTEGER, A.  [Note that a different
+		 *                 -- INTEGER MUST be used for each Challenge.]
+		 *                 challenge           OCTET STRING
+		 *                 -- the encryption (under the public key for which the cert.
+		 *                 -- request is being made) of Rand, where Rand is specified as
+		 *                 --   Rand ::= SEQUENCE {
+		 *                 --      int      INTEGER,
+		 *                 --       - the randomly-generated INTEGER A (above)
+		 *                 --      sender   GeneralName
+		 *                 --       - the sender's name (as included in PKIHeader)
+		 *                 --   }
+		 *      }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+			v.AddOptional(owf);
+			v.Add(witness);
+			v.Add(challenge);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CmpCertificate.cs b/bc-sharp-crypto/src/asn1/cmp/CmpCertificate.cs
new file mode 100644
index 0000000..33356b4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CmpCertificate.cs
@@ -0,0 +1,81 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class CmpCertificate
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly X509CertificateStructure x509v3PKCert;
+        private readonly AttributeCertificate x509v2AttrCert;
+
+        /**
+         * Note: the addition of attribute certificates is a BC extension.
+         */
+        public CmpCertificate(AttributeCertificate x509v2AttrCert)
+        {
+            this.x509v2AttrCert = x509v2AttrCert;
+        }
+
+        public CmpCertificate(X509CertificateStructure x509v3PKCert)
+        {
+            if (x509v3PKCert.Version != 3)
+                throw new ArgumentException("only version 3 certificates allowed", "x509v3PKCert");
+
+            this.x509v3PKCert = x509v3PKCert;
+        }
+
+        public static CmpCertificate GetInstance(object obj)
+        {
+            if (obj is CmpCertificate)
+                return (CmpCertificate)obj;
+
+            if (obj is Asn1Sequence)
+                return new CmpCertificate(X509CertificateStructure.GetInstance(obj));
+
+            if (obj is Asn1TaggedObject)
+                return new CmpCertificate(AttributeCertificate.GetInstance(((Asn1TaggedObject)obj).GetObject()));
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public virtual bool IsX509v3PKCert
+        {
+            get { return x509v3PKCert != null; }
+        }
+
+        public virtual X509CertificateStructure X509v3PKCert
+        {
+            get { return x509v3PKCert; }
+        }
+
+        public virtual AttributeCertificate X509v2AttrCert
+        {
+            get { return x509v2AttrCert; }
+        }
+
+        /**
+         * <pre>
+         * CMPCertificate ::= CHOICE {
+         *            x509v3PKCert        Certificate
+         *            x509v2AttrCert      [1] AttributeCertificate
+         *  }
+         * </pre>
+         * Note: the addition of attribute certificates is a BC extension.
+         *
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            if (x509v2AttrCert != null)
+            {
+                // explicit following CMP conventions
+                return new DerTaggedObject(true, 1, x509v2AttrCert);
+            }
+
+            return x509v3PKCert.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CmpObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
new file mode 100644
index 0000000..7e82741
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
@@ -0,0 +1,106 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public abstract class CmpObjectIdentifiers
+	{
+		// RFC 4210
+
+		// id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13}
+		public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13");
+
+		// id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30}
+		public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30");
+
+		// Example InfoTypeAndValue contents include, but are not limited
+		// to, the following (un-comment in this ASN.1 module and use as
+		// appropriate for a given environment):
+		//
+		// id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1}
+		// CAProtEncCertValue ::= CMPCertificate
+		// id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
+		// SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
+		// id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3}
+		// EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
+		// id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
+		// PreferredSymmAlgValue ::= AlgorithmIdentifier
+		// id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5}
+		// CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent
+		// id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6}
+		// CurrentCRLValue ::= CertificateList
+		// id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7}
+		// UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER
+		// id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10}
+		// KeyPairParamReqValue ::= OBJECT IDENTIFIER
+		// id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11}
+		// KeyPairParamRepValue ::= AlgorithmIdentifer
+		// id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12}
+		// RevPassphraseValue ::= EncryptedValue
+		// id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13}
+		// ImplicitConfirmValue ::= NULL
+		// id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14}
+		// ConfirmWaitTimeValue ::= GeneralizedTime
+		// id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15}
+		// OrigPKIMessageValue ::= PKIMessages
+		// id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16}
+		// SuppLangTagsValue ::= SEQUENCE OF UTF8String
+		//
+		// where
+		//
+		// id-pkix OBJECT IDENTIFIER ::= {
+		// iso(1) identified-organization(3)
+		// dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
+		// and
+		// id-it OBJECT IDENTIFIER ::= {id-pkix 4}
+		public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1");
+		public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2");
+		public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3");
+		public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4");
+		public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5");
+		public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6");
+		public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7");
+		public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10");
+		public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11");
+		public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12");
+		public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13");
+		public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14");
+		public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15");
+		public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16");
+
+		// RFC 4211
+
+		// id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+		// dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
+		//
+		// arc for Internet X.509 PKI protocols and their components
+		// id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) }
+		//
+		// arc for Registration Controls in CRMF
+		// id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) }
+		//
+		// arc for Registration Info in CRMF
+		// id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) }
+
+		public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1");
+		public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2");
+		public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3");
+		public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4");
+		public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5");
+		public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6");
+
+		// From RFC4210:
+		// id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}
+		public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7");
+
+		public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1");
+		public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2");
+
+		// id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+		// us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 }
+		//
+		// id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types
+		//
+		// id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21}
+		public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/CrlAnnContent.cs b/bc-sharp-crypto/src/asn1/cmp/CrlAnnContent.cs
new file mode 100644
index 0000000..db8ecfa
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/CrlAnnContent.cs
@@ -0,0 +1,50 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class CrlAnnContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private CrlAnnContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static CrlAnnContent GetInstance(object obj)
+		{
+			if (obj is CrlAnnContent)
+				return (CrlAnnContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new CrlAnnContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual CertificateList[] ToCertificateListArray()
+		{
+			CertificateList[] result = new CertificateList[content.Count];
+			for (int i = 0; i != result.Length; ++ i)
+			{
+				result[i] = CertificateList.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * CrlAnnContent ::= SEQUENCE OF CertificateList
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/ErrorMsgContent.cs b/bc-sharp-crypto/src/asn1/cmp/ErrorMsgContent.cs
new file mode 100644
index 0000000..5d2132b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/ErrorMsgContent.cs
@@ -0,0 +1,95 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class ErrorMsgContent
+		: Asn1Encodable
+	{
+		private readonly PkiStatusInfo pkiStatusInfo;
+		private readonly DerInteger errorCode;
+		private readonly PkiFreeText errorDetails;
+
+		private ErrorMsgContent(Asn1Sequence seq)
+		{
+			pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]);
+
+			for (int pos = 1; pos < seq.Count; ++pos)
+			{
+				Asn1Encodable ae = seq[pos];
+				if (ae is DerInteger)
+				{
+					errorCode = DerInteger.GetInstance(ae);
+				}
+				else
+				{
+					errorDetails = PkiFreeText.GetInstance(ae);
+				}
+			}
+		}
+
+		public static ErrorMsgContent GetInstance(object obj)
+		{
+			if (obj is ErrorMsgContent)
+				return (ErrorMsgContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new ErrorMsgContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public ErrorMsgContent(PkiStatusInfo pkiStatusInfo)
+			: this(pkiStatusInfo, null, null)
+		{
+		}
+
+		public ErrorMsgContent(
+			PkiStatusInfo	pkiStatusInfo,
+			DerInteger		errorCode,
+			PkiFreeText		errorDetails)
+		{
+			if (pkiStatusInfo == null)
+				throw new ArgumentNullException("pkiStatusInfo");
+
+			this.pkiStatusInfo = pkiStatusInfo;
+			this.errorCode = errorCode;
+			this.errorDetails = errorDetails;
+		}
+		
+		public virtual PkiStatusInfo PkiStatusInfo
+		{
+			get { return pkiStatusInfo; }
+		}
+
+		public virtual DerInteger ErrorCode
+		{
+			get { return errorCode; }
+		}
+
+		public virtual PkiFreeText ErrorDetails
+		{
+			get { return errorDetails; }
+		}
+
+		/**
+		 * <pre>
+		 * ErrorMsgContent ::= SEQUENCE {
+		 *                        pKIStatusInfo          PKIStatusInfo,
+		 *                        errorCode              INTEGER           OPTIONAL,
+		 *                        -- implementation-specific error codes
+		 *                        errorDetails           PKIFreeText       OPTIONAL
+		 *                        -- implementation-specific error details
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo);
+			v.AddOptional(errorCode, errorDetails);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/GenMsgContent.cs b/bc-sharp-crypto/src/asn1/cmp/GenMsgContent.cs
new file mode 100644
index 0000000..f3142b5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/GenMsgContent.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class GenMsgContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private GenMsgContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static GenMsgContent GetInstance(object obj)
+		{
+			if (obj is GenMsgContent)
+				return (GenMsgContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new GenMsgContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public GenMsgContent(params InfoTypeAndValue[] itv)
+		{
+			content = new DerSequence(itv);
+		}
+
+		public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray()
+		{
+			InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = InfoTypeAndValue.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * GenMsgContent ::= SEQUENCE OF InfoTypeAndValue
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/GenRepContent.cs b/bc-sharp-crypto/src/asn1/cmp/GenRepContent.cs
new file mode 100644
index 0000000..3c3573e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/GenRepContent.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class GenRepContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private GenRepContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static GenRepContent GetInstance(object obj)
+		{
+			if (obj is GenRepContent)
+				return (GenRepContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new GenRepContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public GenRepContent(params InfoTypeAndValue[] itv)
+		{
+			content = new DerSequence(itv);
+		}
+
+		public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray()
+		{
+			InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = InfoTypeAndValue.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * GenRepContent ::= SEQUENCE OF InfoTypeAndValue
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/InfoTypeAndValue.cs b/bc-sharp-crypto/src/asn1/cmp/InfoTypeAndValue.cs
new file mode 100644
index 0000000..0ce6f73
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/InfoTypeAndValue.cs
@@ -0,0 +1,123 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    /**
+     * Example InfoTypeAndValue contents include, but are not limited
+     * to, the following (un-comment in this ASN.1 module and use as
+     * appropriate for a given environment):
+     * <pre>
+     *   id-it-caProtEncCert    OBJECT IDENTIFIER ::= {id-it 1}
+     *      CAProtEncCertValue      ::= CMPCertificate
+     *   id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
+     *     SignKeyPairTypesValue   ::= SEQUENCE OF AlgorithmIdentifier
+     *   id-it-encKeyPairTypes  OBJECT IDENTIFIER ::= {id-it 3}
+     *     EncKeyPairTypesValue    ::= SEQUENCE OF AlgorithmIdentifier
+     *   id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
+     *      PreferredSymmAlgValue   ::= AlgorithmIdentifier
+     *   id-it-caKeyUpdateInfo  OBJECT IDENTIFIER ::= {id-it 5}
+     *      CAKeyUpdateInfoValue    ::= CAKeyUpdAnnContent
+     *   id-it-currentCRL       OBJECT IDENTIFIER ::= {id-it 6}
+     *      CurrentCRLValue         ::= CertificateList
+     *   id-it-unsupportedOIDs  OBJECT IDENTIFIER ::= {id-it 7}
+     *      UnsupportedOIDsValue    ::= SEQUENCE OF OBJECT IDENTIFIER
+     *   id-it-keyPairParamReq  OBJECT IDENTIFIER ::= {id-it 10}
+     *      KeyPairParamReqValue    ::= OBJECT IDENTIFIER
+     *   id-it-keyPairParamRep  OBJECT IDENTIFIER ::= {id-it 11}
+     *      KeyPairParamRepValue    ::= AlgorithmIdentifer
+     *   id-it-revPassphrase    OBJECT IDENTIFIER ::= {id-it 12}
+     *      RevPassphraseValue      ::= EncryptedValue
+     *   id-it-implicitConfirm  OBJECT IDENTIFIER ::= {id-it 13}
+     *      ImplicitConfirmValue    ::= NULL
+     *   id-it-confirmWaitTime  OBJECT IDENTIFIER ::= {id-it 14}
+     *      ConfirmWaitTimeValue    ::= GeneralizedTime
+     *   id-it-origPKIMessage   OBJECT IDENTIFIER ::= {id-it 15}
+     *      OrigPKIMessageValue     ::= PKIMessages
+     *   id-it-suppLangTags     OBJECT IDENTIFIER ::= {id-it 16}
+     *      SuppLangTagsValue       ::= SEQUENCE OF UTF8String
+     *
+     * where
+     *
+     *   id-pkix OBJECT IDENTIFIER ::= {
+     *      iso(1) identified-organization(3)
+     *      dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
+     * and
+     *      id-it   OBJECT IDENTIFIER ::= {id-pkix 4}
+     * </pre>
+     */
+    public class InfoTypeAndValue
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier infoType;
+        private readonly Asn1Encodable infoValue;
+
+        private InfoTypeAndValue(Asn1Sequence seq)
+        {
+            infoType = DerObjectIdentifier.GetInstance(seq[0]);
+
+            if (seq.Count > 1)
+            {
+                infoValue = (Asn1Encodable)seq[1];
+            }
+        }
+
+        public static InfoTypeAndValue GetInstance(object obj)
+        {
+            if (obj is InfoTypeAndValue)
+                return (InfoTypeAndValue)obj;
+
+            if (obj is Asn1Sequence)
+                return new InfoTypeAndValue((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public InfoTypeAndValue(
+            DerObjectIdentifier infoType)
+        {
+            this.infoType = infoType;
+            this.infoValue = null;
+        }
+
+        public InfoTypeAndValue(
+            DerObjectIdentifier infoType,
+            Asn1Encodable       optionalValue)
+        {
+            this.infoType = infoType;
+            this.infoValue = optionalValue;
+        }
+
+        public virtual DerObjectIdentifier InfoType
+        {
+            get { return infoType; }
+        }
+
+        public virtual Asn1Encodable InfoValue
+        {
+            get { return infoValue; }
+        }
+
+        /**
+         * <pre>
+         * InfoTypeAndValue ::= SEQUENCE {
+         *                         infoType               OBJECT IDENTIFIER,
+         *                         infoValue              ANY DEFINED BY infoType  OPTIONAL
+         * }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(infoType);
+
+            if (infoValue != null)
+            {
+                v.Add(infoValue);
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/KeyRecRepContent.cs b/bc-sharp-crypto/src/asn1/cmp/KeyRecRepContent.cs
new file mode 100644
index 0000000..00c4612
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/KeyRecRepContent.cs
@@ -0,0 +1,117 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class KeyRecRepContent
+		: Asn1Encodable
+	{
+		private readonly PkiStatusInfo status;
+		private readonly CmpCertificate newSigCert;
+		private readonly Asn1Sequence caCerts;
+		private readonly Asn1Sequence keyPairHist;
+
+		private KeyRecRepContent(Asn1Sequence seq)
+		{
+			status = PkiStatusInfo.GetInstance(seq[0]);
+
+			for (int pos = 1; pos < seq.Count; ++pos)
+			{
+				Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[pos]);
+
+				switch (tObj.TagNo)
+				{
+					case 0:
+						newSigCert = CmpCertificate.GetInstance(tObj.GetObject());
+						break;
+					case 1:
+						caCerts = Asn1Sequence.GetInstance(tObj.GetObject());
+						break;
+					case 2:
+						keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject());
+						break;
+					default:
+						throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
+				}
+			}
+		}
+
+		public static KeyRecRepContent GetInstance(object obj)
+		{
+			if (obj is KeyRecRepContent)
+				return (KeyRecRepContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new KeyRecRepContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual PkiStatusInfo Status
+		{
+			get { return status; }
+		}
+
+		public virtual CmpCertificate NewSigCert
+		{
+			get { return newSigCert; }
+		}
+
+		public virtual CmpCertificate[] GetCACerts()
+		{
+			if (caCerts == null)
+				return null;
+
+			CmpCertificate[] results = new CmpCertificate[caCerts.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CmpCertificate.GetInstance(caCerts[i]);
+			}
+			return results;
+		}
+
+		public virtual CertifiedKeyPair[] GetKeyPairHist()
+		{
+			if (keyPairHist == null)
+				return null;
+
+			CertifiedKeyPair[] results = new CertifiedKeyPair[keyPairHist.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CertifiedKeyPair.GetInstance(keyPairHist[i]);
+			}
+			return results;
+		}
+
+		/**
+		 * <pre>
+		 * KeyRecRepContent ::= SEQUENCE {
+		 *                         status                  PKIStatusInfo,
+		 *                         newSigCert          [0] CMPCertificate OPTIONAL,
+		 *                         caCerts             [1] SEQUENCE SIZE (1..MAX) OF
+		 *                                                           CMPCertificate OPTIONAL,
+		 *                         keyPairHist         [2] SEQUENCE SIZE (1..MAX) OF
+		 *                                                           CertifiedKeyPair OPTIONAL
+		 *              }
+		 * </pre> 
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(status);
+			AddOptional(v, 0, newSigCert);
+			AddOptional(v, 1, caCerts);
+			AddOptional(v, 2, keyPairHist);
+			return new DerSequence(v);
+		}
+
+		private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+		{
+			if (obj != null)
+			{
+				v.Add(new DerTaggedObject(true, tagNo, obj));
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/OobCertHash.cs b/bc-sharp-crypto/src/asn1/cmp/OobCertHash.cs
new file mode 100644
index 0000000..cd8192b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/OobCertHash.cs
@@ -0,0 +1,88 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class OobCertHash
+		: Asn1Encodable
+	{
+		private readonly AlgorithmIdentifier hashAlg;
+		private readonly CertId certId;
+		private readonly DerBitString  hashVal;
+
+		private OobCertHash(Asn1Sequence seq)
+		{
+			int index = seq.Count - 1;
+
+			hashVal = DerBitString.GetInstance(seq[index--]);
+
+			for (int i = index; i >= 0; i--)
+			{
+				Asn1TaggedObject tObj = (Asn1TaggedObject)seq[i];
+
+				if (tObj.TagNo == 0)
+				{
+					hashAlg = AlgorithmIdentifier.GetInstance(tObj, true);
+				}
+				else
+				{
+					certId = CertId.GetInstance(tObj, true);
+				}
+			}
+		}
+
+		public static OobCertHash GetInstance(object obj)
+		{
+			if (obj is OobCertHash)
+				return (OobCertHash)obj;
+
+			if (obj is Asn1Sequence)
+				return new OobCertHash((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+		
+		public virtual AlgorithmIdentifier HashAlg
+		{
+			get { return hashAlg; }
+		}
+		
+		public virtual CertId CertID
+		{
+			get { return certId; }
+		}
+		
+		/**
+		 * <pre>
+		 * OobCertHash ::= SEQUENCE {
+		 *                      hashAlg     [0] AlgorithmIdentifier     OPTIONAL,
+		 *                      certId      [1] CertId                  OPTIONAL,
+		 *                      hashVal         BIT STRING
+		 *                      -- hashVal is calculated over the Der encoding of the
+		 *                      -- self-signed certificate with the identifier certID.
+		 *       }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+			AddOptional(v, 0, hashAlg);
+			AddOptional(v, 1, certId);
+			v.Add(hashVal);
+			return new DerSequence(v);
+		}
+
+		private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+		{
+			if (obj != null)
+			{
+				v.Add(new DerTaggedObject(true, tagNo, obj));
+			}
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIBody.cs b/bc-sharp-crypto/src/asn1/cmp/PKIBody.cs
new file mode 100644
index 0000000..f17eed6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIBody.cs
@@ -0,0 +1,187 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class PkiBody
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int TYPE_INIT_REQ = 0;
+        public const int TYPE_INIT_REP = 1;
+        public const int TYPE_CERT_REQ = 2;
+        public const int TYPE_CERT_REP = 3;
+        public const int TYPE_P10_CERT_REQ = 4;
+        public const int TYPE_POPO_CHALL = 5;
+        public const int TYPE_POPO_REP = 6;
+        public const int TYPE_KEY_UPDATE_REQ = 7;
+        public const int TYPE_KEY_UPDATE_REP = 8;
+        public const int TYPE_KEY_RECOVERY_REQ = 9;
+        public const int TYPE_KEY_RECOVERY_REP = 10;
+        public const int TYPE_REVOCATION_REQ = 11;
+        public const int TYPE_REVOCATION_REP = 12;
+        public const int TYPE_CROSS_CERT_REQ = 13;
+        public const int TYPE_CROSS_CERT_REP = 14;
+        public const int TYPE_CA_KEY_UPDATE_ANN = 15;
+        public const int TYPE_CERT_ANN = 16;
+        public const int TYPE_REVOCATION_ANN = 17;
+        public const int TYPE_CRL_ANN = 18;
+        public const int TYPE_CONFIRM = 19;
+        public const int TYPE_NESTED = 20;
+        public const int TYPE_GEN_MSG = 21;
+        public const int TYPE_GEN_REP = 22;
+        public const int TYPE_ERROR = 23;
+        public const int TYPE_CERT_CONFIRM = 24;
+        public const int TYPE_POLL_REQ = 25;
+        public const int TYPE_POLL_REP = 26;
+
+        private int tagNo;
+        private Asn1Encodable body;
+
+        public static PkiBody GetInstance(object obj)
+        {
+            if (obj is PkiBody)
+                return (PkiBody)obj;
+
+            if (obj is Asn1TaggedObject)
+                return new PkiBody((Asn1TaggedObject)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        private PkiBody(Asn1TaggedObject tagged)
+        {
+            tagNo = tagged.TagNo;
+            body = GetBodyForType(tagNo, tagged.GetObject());
+        }
+
+        /**
+         * Creates a new PkiBody.
+         * @param type one of the TYPE_* constants
+         * @param content message content
+         */
+        public PkiBody(
+            int type,
+            Asn1Encodable content)
+        {
+            tagNo = type;
+            body = GetBodyForType(type, content);
+        }
+
+        private static Asn1Encodable GetBodyForType(
+            int type,
+            Asn1Encodable o)
+        {
+            switch (type)
+            {
+                case TYPE_INIT_REQ:
+                    return CertReqMessages.GetInstance(o);
+	            case TYPE_INIT_REP:
+	                return CertRepMessage.GetInstance(o);
+                case TYPE_CERT_REQ:
+                    return CertReqMessages.GetInstance(o);
+	            case TYPE_CERT_REP:
+	                return CertRepMessage.GetInstance(o);
+	            case TYPE_P10_CERT_REQ:
+	                return CertificationRequest.GetInstance(o);
+	            case TYPE_POPO_CHALL:
+	                return PopoDecKeyChallContent.GetInstance(o);
+	            case TYPE_POPO_REP:
+	                return PopoDecKeyRespContent.GetInstance(o);
+                case TYPE_KEY_UPDATE_REQ:
+                    return CertReqMessages.GetInstance(o);
+	            case TYPE_KEY_UPDATE_REP:
+	                return CertRepMessage.GetInstance(o);
+                case TYPE_KEY_RECOVERY_REQ:
+                    return CertReqMessages.GetInstance(o);
+	            case TYPE_KEY_RECOVERY_REP:
+	                return KeyRecRepContent.GetInstance(o);
+	            case TYPE_REVOCATION_REQ:
+	                return RevReqContent.GetInstance(o);
+	            case TYPE_REVOCATION_REP:
+	                return RevRepContent.GetInstance(o);
+                case TYPE_CROSS_CERT_REQ:
+                    return CertReqMessages.GetInstance(o);
+	            case TYPE_CROSS_CERT_REP:
+	                return CertRepMessage.GetInstance(o);
+	            case TYPE_CA_KEY_UPDATE_ANN:
+	                return CAKeyUpdAnnContent.GetInstance(o);
+	            case TYPE_CERT_ANN:
+	                return CmpCertificate.GetInstance(o);
+	            case TYPE_REVOCATION_ANN:
+	                return RevAnnContent.GetInstance(o);
+	            case TYPE_CRL_ANN:
+	                return CrlAnnContent.GetInstance(o);
+	            case TYPE_CONFIRM:
+	                return PkiConfirmContent.GetInstance(o);
+                case TYPE_NESTED:
+                    return PkiMessages.GetInstance(o);
+	            case TYPE_GEN_MSG:
+	                return GenMsgContent.GetInstance(o);
+	            case TYPE_GEN_REP:
+	                return GenRepContent.GetInstance(o);
+	            case TYPE_ERROR:
+	                return ErrorMsgContent.GetInstance(o);
+	            case TYPE_CERT_CONFIRM:
+	                return CertConfirmContent.GetInstance(o);
+	            case TYPE_POLL_REQ:
+	                return PollReqContent.GetInstance(o);
+	            case TYPE_POLL_REP:
+	                return PollRepContent.GetInstance(o);
+	            default:
+	                throw new ArgumentException("unknown tag number: " + type, "type");
+            }
+        }
+
+        public virtual int Type
+        {
+            get { return tagNo; }
+        }
+
+        public virtual Asn1Encodable Content
+        {
+            get { return body; }
+        }
+
+        /**
+         * <pre>
+         * PkiBody ::= CHOICE {       -- message-specific body elements
+         *        ir       [0]  CertReqMessages,        --Initialization Request
+         *        ip       [1]  CertRepMessage,         --Initialization Response
+         *        cr       [2]  CertReqMessages,        --Certification Request
+         *        cp       [3]  CertRepMessage,         --Certification Response
+         *        p10cr    [4]  CertificationRequest,   --imported from [PKCS10]
+         *        popdecc  [5]  POPODecKeyChallContent, --pop Challenge
+         *        popdecr  [6]  POPODecKeyRespContent,  --pop Response
+         *        kur      [7]  CertReqMessages,        --Key Update Request
+         *        kup      [8]  CertRepMessage,         --Key Update Response
+         *        krr      [9]  CertReqMessages,        --Key Recovery Request
+         *        krp      [10] KeyRecRepContent,       --Key Recovery Response
+         *        rr       [11] RevReqContent,          --Revocation Request
+         *        rp       [12] RevRepContent,          --Revocation Response
+         *        ccr      [13] CertReqMessages,        --Cross-Cert. Request
+         *        ccp      [14] CertRepMessage,         --Cross-Cert. Response
+         *        ckuann   [15] CAKeyUpdAnnContent,     --CA Key Update Ann.
+         *        cann     [16] CertAnnContent,         --Certificate Ann.
+         *        rann     [17] RevAnnContent,          --Revocation Ann.
+         *        crlann   [18] CRLAnnContent,          --CRL Announcement
+         *        pkiconf  [19] PKIConfirmContent,      --Confirmation
+         *        nested   [20] NestedMessageContent,   --Nested Message
+         *        genm     [21] GenMsgContent,          --General Message
+         *        genp     [22] GenRepContent,          --General Response
+         *        error    [23] ErrorMsgContent,        --Error Message
+         *        certConf [24] CertConfirmContent,     --Certificate confirm
+         *        pollReq  [25] PollReqContent,         --Polling request
+         *        pollRep  [26] PollRepContent          --Polling response
+         * }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerTaggedObject(true, tagNo, body);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIConfirmContent.cs b/bc-sharp-crypto/src/asn1/cmp/PKIConfirmContent.cs
new file mode 100644
index 0000000..d154427
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIConfirmContent.cs
@@ -0,0 +1,36 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PkiConfirmContent
+		: Asn1Encodable
+	{
+		public static PkiConfirmContent GetInstance(object obj)
+		{
+			if (obj is PkiConfirmContent)
+				return (PkiConfirmContent)obj;
+
+			if (obj is Asn1Null)
+				return new PkiConfirmContent();
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public PkiConfirmContent()
+		{
+		}
+
+		/**
+		 * <pre>
+		 * PkiConfirmContent ::= NULL
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return DerNull.Instance;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIFailureInfo.cs b/bc-sharp-crypto/src/asn1/cmp/PKIFailureInfo.cs
new file mode 100644
index 0000000..75a3ff0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIFailureInfo.cs
@@ -0,0 +1,96 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    /**
+     * <pre>
+     * PKIFailureInfo ::= BIT STRING {
+     * badAlg               (0),
+     *   -- unrecognized or unsupported Algorithm Identifier
+     * badMessageCheck      (1), -- integrity check failed (e.g., signature did not verify)
+     * badRequest           (2),
+     *   -- transaction not permitted or supported
+     * badTime              (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+     * badCertId            (4), -- no certificate could be found matching the provided criteria
+     * badDataFormat        (5),
+     *   -- the data submitted has the wrong format
+     * wrongAuthority       (6), -- the authority indicated in the request is different from the one creating the response token
+     * incorrectData        (7), -- the requester's data is incorrect (for notary services)
+     * missingTimeStamp     (8), -- when the timestamp is missing but should be there (by policy)
+     * badPOP               (9)  -- the proof-of-possession failed
+     * certRevoked         (10),
+     * certConfirmed       (11),
+     * wrongIntegrity      (12),
+     * badRecipientNonce   (13), 
+     * timeNotAvailable    (14),
+     *   -- the TSA's time source is not available
+     * unacceptedPolicy    (15),
+     *   -- the requested TSA policy is not supported by the TSA
+     * unacceptedExtension (16),
+     *   -- the requested extension is not supported by the TSA
+     * addInfoNotAvailable (17)
+     *   -- the additional information requested could not be understood
+     *   -- or is not available
+     * badSenderNonce      (18),
+     * badCertTemplate     (19),
+     * signerNotTrusted    (20),
+     * transactionIdInUse  (21),
+     * unsupportedVersion  (22),
+     * notAuthorized       (23),
+     * systemUnavail       (24),    
+     * systemFailure       (25),
+     *   -- the request cannot be handled due to system failure
+     * duplicateCertReq    (26) 
+     * </pre>
+     */
+	public class PkiFailureInfo
+		: DerBitString
+	{
+        public const int BadAlg               = (1 << 7); // unrecognized or unsupported Algorithm Identifier
+        public const int BadMessageCheck      = (1 << 6); // integrity check failed (e.g., signature did not verify)
+        public const int BadRequest           = (1 << 5);
+        public const int BadTime              = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
+        public const int BadCertId            = (1 << 3); // no certificate could be found matching the provided criteria
+        public const int BadDataFormat        = (1 << 2);
+        public const int WrongAuthority       = (1 << 1); // the authority indicated in the request is different from the one creating the response token
+        public const int IncorrectData        = 1;        // the requester's data is incorrect (for notary services)
+        public const int MissingTimeStamp     = (1 << 15); // when the timestamp is missing but should be there (by policy)
+        public const int BadPop               = (1 << 14); // the proof-of-possession failed
+        public const int CertRevoked          = (1 << 13);
+        public const int CertConfirmed        = (1 << 12);
+        public const int WrongIntegrity       = (1 << 11);
+        public const int BadRecipientNonce    = (1 << 10);
+        public const int TimeNotAvailable     = (1 << 9); // the TSA's time source is not available
+        public const int UnacceptedPolicy     = (1 << 8); // the requested TSA policy is not supported by the TSA
+        public const int UnacceptedExtension  = (1 << 23); //the requested extension is not supported by the TSA
+        public const int AddInfoNotAvailable  = (1 << 22); //the additional information requested could not be understood or is not available
+        public const int BadSenderNonce       = (1 << 21);
+        public const int BadCertTemplate      = (1 << 20);
+        public const int SignerNotTrusted     = (1 << 19);
+        public const int TransactionIdInUse   = (1 << 18);
+        public const int UnsupportedVersion   = (1 << 17);
+        public const int NotAuthorized        = (1 << 16);
+        public const int SystemUnavail        = (1 << 31);
+        public const int SystemFailure        = (1 << 30); //the request cannot be handled due to system failure
+        public const int DuplicateCertReq     = (1 << 29);
+
+        /**
+		 * Basic constructor.
+		 */
+		public PkiFailureInfo(int info)
+			: base(info)
+		{
+		}
+
+		public PkiFailureInfo(
+			DerBitString info)
+			: base(info.GetBytes(), info.PadBits)
+		{
+		}
+
+		public override string ToString()
+		{
+			return "PkiFailureInfo: 0x" + this.IntValue.ToString("X");
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIFreeText.cs b/bc-sharp-crypto/src/asn1/cmp/PKIFreeText.cs
new file mode 100644
index 0000000..fef5254
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIFreeText.cs
@@ -0,0 +1,99 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PkiFreeText
+		: Asn1Encodable
+	{
+		internal Asn1Sequence strings;
+
+		public static PkiFreeText GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		public static PkiFreeText GetInstance(
+			object obj)
+		{
+			if (obj is PkiFreeText)
+			{
+				return (PkiFreeText)obj;
+			}
+			else if (obj is Asn1Sequence)
+			{
+				return new PkiFreeText((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public PkiFreeText(
+			Asn1Sequence seq)
+		{
+			foreach (object o in seq)
+			{
+				if (!(o is DerUtf8String))
+				{
+					throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText");
+				}
+			}
+
+			this.strings = seq;
+		}
+
+		public PkiFreeText(
+			DerUtf8String p)
+		{
+			strings = new DerSequence(p);
+		}
+
+		/**
+		 * Return the number of string elements present.
+		 *
+		 * @return number of elements present.
+		 */
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+		{
+			get { return strings.Count; }
+		}
+
+		public int Count
+		{
+			get { return strings.Count; }
+		}
+
+		/**
+		 * Return the UTF8STRING at index.
+		 *
+		 * @param index index of the string of interest
+		 * @return the string at index.
+		 */
+		public DerUtf8String this[int index]
+		{
+			get { return (DerUtf8String) strings[index]; }
+		}
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public DerUtf8String GetStringAt(
+			int index)
+		{
+			return this[index];
+		}
+
+		/**
+		 * <pre>
+		 * PkiFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return strings;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIHeader.cs b/bc-sharp-crypto/src/asn1/cmp/PKIHeader.cs
new file mode 100644
index 0000000..577cb45
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIHeader.cs
@@ -0,0 +1,238 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class PkiHeader
+        : Asn1Encodable
+    {
+        /**
+         * Value for a "null" recipient or sender.
+         */
+        public static readonly GeneralName NULL_NAME = new GeneralName(X509Name.GetInstance(new DerSequence()));
+
+        public static readonly int CMP_1999 = 1;
+        public static readonly int CMP_2000 = 2;
+
+        private readonly DerInteger pvno;
+        private readonly GeneralName sender;
+        private readonly GeneralName recipient;
+        private readonly DerGeneralizedTime messageTime;
+        private readonly AlgorithmIdentifier protectionAlg;
+        private readonly Asn1OctetString senderKID;       // KeyIdentifier
+        private readonly Asn1OctetString recipKID;        // KeyIdentifier
+        private readonly Asn1OctetString transactionID;
+        private readonly Asn1OctetString senderNonce;
+        private readonly Asn1OctetString recipNonce;
+        private readonly PkiFreeText freeText;
+        private readonly Asn1Sequence generalInfo;
+
+        private PkiHeader(Asn1Sequence seq)
+        {
+            pvno = DerInteger.GetInstance(seq[0]);
+            sender = GeneralName.GetInstance(seq[1]);
+            recipient = GeneralName.GetInstance(seq[2]);
+
+            for (int pos = 3; pos < seq.Count; ++pos)
+            {
+                Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos];
+
+                switch (tObj.TagNo)
+                {
+                    case 0:
+                        messageTime = DerGeneralizedTime.GetInstance(tObj, true);
+                        break;
+                    case 1:
+                        protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true);
+                        break;
+                    case 2:
+                        senderKID = Asn1OctetString.GetInstance(tObj, true);
+                        break;
+                    case 3:
+                        recipKID = Asn1OctetString.GetInstance(tObj, true);
+                        break;
+                    case 4:
+                        transactionID = Asn1OctetString.GetInstance(tObj, true);
+                        break;
+                    case 5:
+                        senderNonce = Asn1OctetString.GetInstance(tObj, true);
+                        break;
+                    case 6:
+                        recipNonce = Asn1OctetString.GetInstance(tObj, true);
+                        break;
+                    case 7:
+                        freeText = PkiFreeText.GetInstance(tObj, true);
+                        break;
+                    case 8:
+                        generalInfo = Asn1Sequence.GetInstance(tObj, true);
+                        break;
+                    default:
+                        throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
+                }
+            }
+        }
+
+        public static PkiHeader GetInstance(object obj)
+        {
+            if (obj is PkiHeader)
+                return (PkiHeader)obj;
+
+            if (obj is Asn1Sequence)
+                return new PkiHeader((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public PkiHeader(
+            int pvno,
+            GeneralName sender,
+            GeneralName recipient)
+            : this(new DerInteger(pvno), sender, recipient)
+        {
+        }
+
+        private PkiHeader(
+            DerInteger pvno,
+            GeneralName sender,
+            GeneralName recipient)
+        {
+            this.pvno = pvno;
+            this.sender = sender;
+            this.recipient = recipient;
+        }
+
+        public virtual DerInteger Pvno
+        {
+            get { return pvno; }
+        }
+
+        public virtual GeneralName Sender
+        {
+            get { return sender; }
+        }
+
+        public virtual GeneralName Recipient
+        {
+            get { return recipient; }
+        }
+
+        public virtual DerGeneralizedTime MessageTime
+        {
+            get { return messageTime; }
+        }
+
+        public virtual AlgorithmIdentifier ProtectionAlg
+        {
+            get { return protectionAlg; }
+        }
+
+        public virtual Asn1OctetString SenderKID
+        {   
+            get { return senderKID; }
+        }
+
+        public virtual Asn1OctetString RecipKID
+        {   
+            get { return recipKID; }
+        }
+
+        public virtual Asn1OctetString TransactionID
+        {   
+            get { return transactionID; }
+        }
+
+        public virtual Asn1OctetString SenderNonce
+        {   
+            get { return senderNonce; }
+        }
+
+        public virtual Asn1OctetString RecipNonce
+        {   
+            get { return recipNonce; }
+        }
+
+        public virtual PkiFreeText FreeText
+        {
+            get { return freeText; }
+        }
+
+        public virtual InfoTypeAndValue[] GetGeneralInfo()
+        {
+            if (generalInfo == null)
+            {
+                return null;
+            }
+            InfoTypeAndValue[] results = new InfoTypeAndValue[generalInfo.Count];
+            for (int i = 0; i < results.Length; i++)
+            {
+                results[i] = InfoTypeAndValue.GetInstance(generalInfo[i]);
+            }
+            return results;
+        }
+
+        /**
+         * <pre>
+         *  PkiHeader ::= SEQUENCE {
+         *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
+         *            sender              GeneralName,
+         *            -- identifies the sender
+         *            recipient           GeneralName,
+         *            -- identifies the intended recipient
+         *            messageTime     [0] GeneralizedTime         OPTIONAL,
+         *            -- time of production of this message (used when sender
+         *            -- believes that the transport will be "suitable"; i.e.,
+         *            -- that the time will still be meaningful upon receipt)
+         *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
+         *            -- algorithm used for calculation of protection bits
+         *            senderKID       [2] KeyIdentifier           OPTIONAL,
+         *            recipKID        [3] KeyIdentifier           OPTIONAL,
+         *            -- to identify specific keys used for protection
+         *            transactionID   [4] OCTET STRING            OPTIONAL,
+         *            -- identifies the transaction; i.e., this will be the same in
+         *            -- corresponding request, response, certConf, and PKIConf
+         *            -- messages
+         *            senderNonce     [5] OCTET STRING            OPTIONAL,
+         *            recipNonce      [6] OCTET STRING            OPTIONAL,
+         *            -- nonces used to provide replay protection, senderNonce
+         *            -- is inserted by the creator of this message; recipNonce
+         *            -- is a nonce previously inserted in a related message by
+         *            -- the intended recipient of this message
+         *            freeText        [7] PKIFreeText             OPTIONAL,
+         *            -- this may be used to indicate context-specific instructions
+         *            -- (this field is intended for human consumption)
+         *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
+         *                                 InfoTypeAndValue     OPTIONAL
+         *            -- this may be used to convey context-specific information
+         *            -- (this field not primarily intended for human consumption)
+         * }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(pvno, sender, recipient);
+
+            AddOptional(v, 0, messageTime);
+            AddOptional(v, 1, protectionAlg);
+            AddOptional(v, 2, senderKID);
+            AddOptional(v, 3, recipKID);
+            AddOptional(v, 4, transactionID);
+            AddOptional(v, 5, senderNonce);
+            AddOptional(v, 6, recipNonce);
+            AddOptional(v, 7, freeText);
+            AddOptional(v, 8, generalInfo);
+
+            return new DerSequence(v);
+        }
+
+        private static void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+        {
+            if (obj != null)
+            {
+                v.Add(new DerTaggedObject(true, tagNo, obj));
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIHeaderBuilder.cs b/bc-sharp-crypto/src/asn1/cmp/PKIHeaderBuilder.cs
new file mode 100644
index 0000000..00073c0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIHeaderBuilder.cs
@@ -0,0 +1,223 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PkiHeaderBuilder
+	{
+		private DerInteger pvno;
+		private GeneralName sender;
+		private GeneralName recipient;
+		private DerGeneralizedTime messageTime;
+		private AlgorithmIdentifier protectionAlg;
+		private Asn1OctetString senderKID;       // KeyIdentifier
+		private Asn1OctetString recipKID;        // KeyIdentifier
+		private Asn1OctetString transactionID;
+		private Asn1OctetString senderNonce;
+		private Asn1OctetString recipNonce;
+		private PkiFreeText     freeText;
+		private Asn1Sequence    generalInfo;
+
+		public PkiHeaderBuilder(
+			int			pvno,
+			GeneralName	sender,
+			GeneralName	recipient)
+			: this(new DerInteger(pvno), sender, recipient)
+		{
+		}
+
+		private PkiHeaderBuilder(
+			DerInteger	pvno,
+			GeneralName	sender,
+			GeneralName	recipient)
+		{
+			this.pvno = pvno;
+			this.sender = sender;
+			this.recipient = recipient;
+		}
+
+		public virtual PkiHeaderBuilder SetMessageTime(DerGeneralizedTime time)
+		{
+			messageTime = time;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetProtectionAlg(AlgorithmIdentifier aid)
+		{
+			protectionAlg = aid;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetSenderKID(byte[] kid)
+		{
+            return SetSenderKID(kid == null ? null : new DerOctetString(kid));
+		}
+
+		public virtual PkiHeaderBuilder SetSenderKID(Asn1OctetString kid)
+		{
+			senderKID = kid;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetRecipKID(byte[] kid)
+		{
+            return SetRecipKID(kid == null ? null : new DerOctetString(kid));
+		}
+		
+		public virtual PkiHeaderBuilder SetRecipKID(DerOctetString kid)
+		{
+			recipKID = kid;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetTransactionID(byte[] tid)
+		{
+			return SetTransactionID(tid == null ? null : new DerOctetString(tid));
+		}
+
+		public virtual PkiHeaderBuilder SetTransactionID(Asn1OctetString tid)
+		{
+			transactionID = tid;
+			return this;
+		}
+		
+		public virtual PkiHeaderBuilder SetSenderNonce(byte[] nonce)
+		{
+            return SetSenderNonce(nonce == null ? null : new DerOctetString(nonce));
+		}
+
+		public virtual PkiHeaderBuilder SetSenderNonce(Asn1OctetString nonce)
+		{
+			senderNonce = nonce;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetRecipNonce(byte[] nonce)
+		{
+            return SetRecipNonce(nonce == null ? null : new DerOctetString(nonce));
+		}
+
+		public virtual PkiHeaderBuilder SetRecipNonce(Asn1OctetString nonce)
+		{
+			recipNonce = nonce;
+			return this;
+		}
+
+		public virtual PkiHeaderBuilder SetFreeText(PkiFreeText text)
+		{
+			freeText = text;
+			return this;
+		}
+		
+		public virtual PkiHeaderBuilder SetGeneralInfo(InfoTypeAndValue genInfo)
+		{
+			return SetGeneralInfo(MakeGeneralInfoSeq(genInfo));
+		}
+		
+		public virtual PkiHeaderBuilder SetGeneralInfo(InfoTypeAndValue[] genInfos)
+		{
+			return SetGeneralInfo(MakeGeneralInfoSeq(genInfos));
+		}
+		
+		public virtual PkiHeaderBuilder SetGeneralInfo(Asn1Sequence seqOfInfoTypeAndValue)
+		{
+			generalInfo = seqOfInfoTypeAndValue;
+			return this;
+		}
+
+		private static Asn1Sequence MakeGeneralInfoSeq(
+			InfoTypeAndValue generalInfo)
+		{
+			return new DerSequence(generalInfo);
+		}
+		
+		private static Asn1Sequence MakeGeneralInfoSeq(
+			InfoTypeAndValue[] generalInfos)
+		{
+			Asn1Sequence genInfoSeq = null;
+			if (generalInfos != null)
+			{
+				Asn1EncodableVector v = new Asn1EncodableVector();
+				for (int i = 0; i < generalInfos.Length; ++i)
+				{
+					v.Add(generalInfos[i]);
+				}
+				genInfoSeq = new DerSequence(v);
+			}
+			return genInfoSeq;
+		}
+
+		/**
+		 * <pre>
+		 *  PKIHeader ::= SEQUENCE {
+		 *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
+		 *            sender              GeneralName,
+		 *            -- identifies the sender
+		 *            recipient           GeneralName,
+		 *            -- identifies the intended recipient
+		 *            messageTime     [0] GeneralizedTime         OPTIONAL,
+		 *            -- time of production of this message (used when sender
+		 *            -- believes that the transport will be "suitable"; i.e.,
+		 *            -- that the time will still be meaningful upon receipt)
+		 *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
+		 *            -- algorithm used for calculation of protection bits
+		 *            senderKID       [2] KeyIdentifier           OPTIONAL,
+		 *            recipKID        [3] KeyIdentifier           OPTIONAL,
+		 *            -- to identify specific keys used for protection
+		 *            transactionID   [4] OCTET STRING            OPTIONAL,
+		 *            -- identifies the transaction; i.e., this will be the same in
+		 *            -- corresponding request, response, certConf, and PKIConf
+		 *            -- messages
+		 *            senderNonce     [5] OCTET STRING            OPTIONAL,
+		 *            recipNonce      [6] OCTET STRING            OPTIONAL,
+		 *            -- nonces used to provide replay protection, senderNonce
+		 *            -- is inserted by the creator of this message; recipNonce
+		 *            -- is a nonce previously inserted in a related message by
+		 *            -- the intended recipient of this message
+		 *            freeText        [7] PKIFreeText             OPTIONAL,
+		 *            -- this may be used to indicate context-specific instructions
+		 *            -- (this field is intended for human consumption)
+		 *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
+		 *                                 InfoTypeAndValue     OPTIONAL
+		 *            -- this may be used to convey context-specific information
+		 *            -- (this field not primarily intended for human consumption)
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public virtual PkiHeader Build()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(pvno, sender, recipient);
+			AddOptional(v, 0, messageTime);
+			AddOptional(v, 1, protectionAlg);
+			AddOptional(v, 2, senderKID);
+			AddOptional(v, 3, recipKID);
+			AddOptional(v, 4, transactionID);
+			AddOptional(v, 5, senderNonce);
+			AddOptional(v, 6, recipNonce);
+			AddOptional(v, 7, freeText);
+			AddOptional(v, 8, generalInfo);
+
+			messageTime = null;
+			protectionAlg = null;
+			senderKID = null;
+			recipKID = null;
+			transactionID = null;
+			senderNonce = null;
+			recipNonce = null;
+			freeText = null;
+			generalInfo = null;
+
+			return PkiHeader.GetInstance(new DerSequence(v));
+		}
+
+		private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+		{
+			if (obj != null)
+			{
+				v.Add(new DerTaggedObject(true, tagNo, obj));
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIMessage.cs b/bc-sharp-crypto/src/asn1/cmp/PKIMessage.cs
new file mode 100644
index 0000000..086a2d9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIMessage.cs
@@ -0,0 +1,140 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class PkiMessage
+        : Asn1Encodable
+    {
+        private readonly PkiHeader header;
+        private readonly PkiBody body;
+        private readonly DerBitString protection;
+        private readonly Asn1Sequence extraCerts;
+
+        private PkiMessage(Asn1Sequence seq)
+        {
+            header = PkiHeader.GetInstance(seq[0]);
+            body = PkiBody.GetInstance(seq[1]);
+
+            for (int pos = 2; pos < seq.Count; ++pos)
+            {
+                Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos].ToAsn1Object();
+
+                if (tObj.TagNo == 0)
+                {
+                    protection = DerBitString.GetInstance(tObj, true);
+                }
+                else
+                {
+                    extraCerts = Asn1Sequence.GetInstance(tObj, true);
+                }
+            }
+        }
+
+        public static PkiMessage GetInstance(object obj)
+        {
+            if (obj is PkiMessage)
+                return (PkiMessage)obj;
+
+            if (obj != null)
+                return new PkiMessage(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        /**
+         * Creates a new PkiMessage.
+         *
+         * @param header message header
+         * @param body message body
+         * @param protection message protection (may be null)
+         * @param extraCerts extra certificates (may be null)
+         */
+        public PkiMessage(
+            PkiHeader header,
+            PkiBody body,
+            DerBitString protection,
+            CmpCertificate[] extraCerts)
+        {
+            this.header = header;
+            this.body = body;
+            this.protection = protection;
+            if (extraCerts != null)
+            {
+                this.extraCerts = new DerSequence(extraCerts);
+            }
+        }
+
+        public PkiMessage(
+            PkiHeader header,
+            PkiBody body,
+            DerBitString protection)
+            : this(header, body, protection, null)
+        {
+        }
+
+        public PkiMessage(
+            PkiHeader header,
+            PkiBody body)
+            : this(header, body, null, null)
+        {
+        }
+
+        public virtual PkiHeader Header
+        {
+            get { return header; }
+        }
+
+        public virtual PkiBody Body
+        {
+            get { return body; }
+        }
+
+        public virtual DerBitString Protection
+        {
+            get { return protection; }
+        }
+
+        public virtual CmpCertificate[] GetExtraCerts()
+        {
+            if (extraCerts == null)
+                return null;
+
+            CmpCertificate[] results = new CmpCertificate[extraCerts.Count];
+            for (int i = 0; i < results.Length; ++i)
+            {
+                results[i] = CmpCertificate.GetInstance(extraCerts[i]);
+            }
+            return results;
+        }
+
+        /**
+         * <pre>
+         * PkiMessage ::= SEQUENCE {
+         *                  header           PKIHeader,
+         *                  body             PKIBody,
+         *                  protection   [0] PKIProtection OPTIONAL,
+         *                  extraCerts   [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
+         *                                                                     OPTIONAL
+         * }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(header, body);
+
+            AddOptional(v, 0, protection);
+            AddOptional(v, 1, extraCerts);
+
+            return new DerSequence(v);
+        }
+
+        private static void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+        {
+            if (obj != null)
+            {
+                v.Add(new DerTaggedObject(true, tagNo, obj));
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIMessages.cs b/bc-sharp-crypto/src/asn1/cmp/PKIMessages.cs
new file mode 100644
index 0000000..eb01e54
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIMessages.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class PkiMessages
+        : Asn1Encodable
+    {
+        private Asn1Sequence content;
+
+        private PkiMessages(Asn1Sequence seq)
+        {
+            content = seq;
+        }
+
+        public static PkiMessages GetInstance(object obj)
+        {
+            if (obj is PkiMessages)
+                return (PkiMessages)obj;
+
+            if (obj is Asn1Sequence)
+                return new PkiMessages((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public PkiMessages(params PkiMessage[] msgs)
+        {
+            content = new DerSequence(msgs);
+        }
+
+        public virtual PkiMessage[] ToPkiMessageArray()
+        {
+            PkiMessage[] result = new PkiMessage[content.Count];
+            for (int i = 0; i != result.Length; ++i)
+            {
+                result[i] = PkiMessage.GetInstance(content[i]);
+            }
+            return result;
+        }
+
+        /**
+         * <pre>
+         * PkiMessages ::= SEQUENCE SIZE (1..MAX) OF PkiMessage
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return content;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIStatus.cs b/bc-sharp-crypto/src/asn1/cmp/PKIStatus.cs
new file mode 100644
index 0000000..ba757df
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIStatus.cs
@@ -0,0 +1,63 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public enum PkiStatus
+	{
+		Granted					= 0,
+		GrantedWithMods			= 1,
+		Rejection				= 2,
+		Waiting					= 3,
+		RevocationWarning		= 4,
+		RevocationNotification	= 5,
+    	KeyUpdateWarning		= 6,
+	}
+
+	public class PkiStatusEncodable
+		: Asn1Encodable
+	{
+		public static readonly PkiStatusEncodable granted = new PkiStatusEncodable(PkiStatus.Granted);
+		public static readonly PkiStatusEncodable grantedWithMods = new PkiStatusEncodable(PkiStatus.GrantedWithMods);
+		public static readonly PkiStatusEncodable rejection = new PkiStatusEncodable(PkiStatus.Rejection);
+		public static readonly PkiStatusEncodable waiting = new PkiStatusEncodable(PkiStatus.Waiting);
+		public static readonly PkiStatusEncodable revocationWarning = new PkiStatusEncodable(PkiStatus.RevocationWarning);
+		public static readonly PkiStatusEncodable revocationNotification = new PkiStatusEncodable(PkiStatus.RevocationNotification);
+		public static readonly PkiStatusEncodable keyUpdateWaiting = new PkiStatusEncodable(PkiStatus.KeyUpdateWarning);
+
+		private readonly DerInteger status;
+
+		private PkiStatusEncodable(PkiStatus status)
+			: this(new DerInteger((int)status))
+		{
+		}
+
+		private PkiStatusEncodable(DerInteger status)
+		{
+			this.status = status;
+		}
+
+		public static PkiStatusEncodable GetInstance(object obj)
+		{
+			if (obj is PkiStatusEncodable)
+				return (PkiStatusEncodable)obj;
+
+			if (obj is DerInteger)
+				return new PkiStatusEncodable((DerInteger)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual BigInteger Value
+		{
+			get { return status.Value; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return status;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PKIStatusInfo.cs b/bc-sharp-crypto/src/asn1/cmp/PKIStatusInfo.cs
new file mode 100644
index 0000000..b19bf74
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PKIStatusInfo.cs
@@ -0,0 +1,166 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PkiStatusInfo
+		: Asn1Encodable
+	{
+		DerInteger      status;
+		PkiFreeText     statusString;
+		DerBitString    failInfo;
+
+		public static PkiStatusInfo GetInstance(
+			Asn1TaggedObject obj,
+			bool isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		public static PkiStatusInfo GetInstance(
+			object obj)
+		{
+			if (obj is PkiStatusInfo)
+			{
+				return (PkiStatusInfo)obj;
+			}
+			else if (obj is Asn1Sequence)
+			{
+				return new PkiStatusInfo((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public PkiStatusInfo(
+			Asn1Sequence seq)
+		{
+			this.status = DerInteger.GetInstance(seq[0]);
+
+			this.statusString = null;
+			this.failInfo = null;
+
+			if (seq.Count > 2)
+			{
+				this.statusString = PkiFreeText.GetInstance(seq[1]);
+				this.failInfo = DerBitString.GetInstance(seq[2]);
+			}
+			else if (seq.Count > 1)
+			{
+				object obj = seq[1];
+				if (obj is DerBitString)
+				{
+					this.failInfo = DerBitString.GetInstance(obj);
+				}
+				else
+				{
+					this.statusString = PkiFreeText.GetInstance(obj);
+				}
+			}
+		}
+
+		/**
+		 * @param status
+		 */
+		public PkiStatusInfo(int status)
+		{
+			this.status = new DerInteger(status);
+		}
+
+		/**
+		 * @param status
+		 * @param statusString
+		 */
+		public PkiStatusInfo(
+			int			status,
+			PkiFreeText	statusString)
+		{
+			this.status = new DerInteger(status);
+			this.statusString = statusString;
+		}
+
+		public PkiStatusInfo(
+			int				status,
+			PkiFreeText		statusString,
+			PkiFailureInfo	failInfo)
+		{
+			this.status = new DerInteger(status);
+			this.statusString = statusString;
+			this.failInfo = failInfo;
+		}
+
+		public BigInteger Status
+		{
+			get
+			{
+				return status.Value;
+			}
+		}
+
+		public PkiFreeText StatusString
+		{
+			get
+			{
+				return statusString;
+			}
+		}
+
+		public DerBitString FailInfo
+		{
+			get
+			{
+				return failInfo;
+			}
+		}
+
+		/**
+		 * <pre>
+		 * PkiStatusInfo ::= SEQUENCE {
+		 *     status        PKIStatus,                (INTEGER)
+		 *     statusString  PkiFreeText     OPTIONAL,
+		 *     failInfo      PkiFailureInfo  OPTIONAL  (BIT STRING)
+		 * }
+		 *
+		 * PKIStatus:
+		 *   granted                (0), -- you got exactly what you asked for
+		 *   grantedWithMods        (1), -- you got something like what you asked for
+		 *   rejection              (2), -- you don't get it, more information elsewhere in the message
+		 *   waiting                (3), -- the request body part has not yet been processed, expect to hear more later
+		 *   revocationWarning      (4), -- this message contains a warning that a revocation is imminent
+		 *   revocationNotification (5), -- notification that a revocation has occurred
+		 *   keyUpdateWarning       (6)  -- update already done for the oldCertId specified in CertReqMsg
+		 *
+		 * PkiFailureInfo:
+		 *   badAlg           (0), -- unrecognized or unsupported Algorithm Identifier
+		 *   badMessageCheck  (1), -- integrity check failed (e.g., signature did not verify)
+		 *   badRequest       (2), -- transaction not permitted or supported
+		 *   badTime          (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+		 *   badCertId        (4), -- no certificate could be found matching the provided criteria
+		 *   badDataFormat    (5), -- the data submitted has the wrong format
+		 *   wrongAuthority   (6), -- the authority indicated in the request is different from the one creating the response token
+		 *   incorrectData    (7), -- the requester's data is incorrect (for notary services)
+		 *   missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
+		 *   badPOP           (9)  -- the proof-of-possession failed
+		 *
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(status);
+
+			if (statusString != null)
+			{
+				v.Add(statusString);
+			}
+
+			if (failInfo!= null)
+			{
+				v.Add(failInfo);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PbmParameter.cs b/bc-sharp-crypto/src/asn1/cmp/PbmParameter.cs
new file mode 100644
index 0000000..206b89b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PbmParameter.cs
@@ -0,0 +1,101 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+    public class PbmParameter
+        : Asn1Encodable
+    {
+        private Asn1OctetString salt;
+        private AlgorithmIdentifier owf;
+        private DerInteger iterationCount;
+        private AlgorithmIdentifier mac;
+
+        private PbmParameter(Asn1Sequence seq)
+        {
+            salt = Asn1OctetString.GetInstance(seq[0]);
+            owf = AlgorithmIdentifier.GetInstance(seq[1]);
+            iterationCount = DerInteger.GetInstance(seq[2]);
+            mac = AlgorithmIdentifier.GetInstance(seq[3]);
+        }
+
+        public static PbmParameter GetInstance(object obj)
+        {
+            if (obj is PbmParameter)
+                return (PbmParameter)obj;
+
+            if (obj is Asn1Sequence)
+                return new PbmParameter((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public PbmParameter(
+            byte[] salt,
+            AlgorithmIdentifier owf,
+            int iterationCount,
+            AlgorithmIdentifier mac)
+            : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac)
+        {
+        }
+
+        public PbmParameter(
+            Asn1OctetString salt,
+            AlgorithmIdentifier owf,
+            DerInteger iterationCount,
+            AlgorithmIdentifier mac)
+        {
+            this.salt = salt;
+            this.owf = owf;
+            this.iterationCount = iterationCount;
+            this.mac = mac;
+        }
+
+        public virtual Asn1OctetString Salt
+        {
+            get { return salt; }
+        }
+
+        public virtual AlgorithmIdentifier Owf
+        {
+            get { return owf; }
+        }
+
+        public virtual DerInteger IterationCount
+        {
+            get { return iterationCount; }
+        }
+
+        public virtual AlgorithmIdentifier Mac
+        {
+            get { return mac; }
+        }
+
+        /**
+         * <pre>
+         *  PbmParameter ::= SEQUENCE {
+         *                        salt                OCTET STRING,
+         *                        -- note:  implementations MAY wish to limit acceptable sizes
+         *                        -- of this string to values appropriate for their environment
+         *                        -- in order to reduce the risk of denial-of-service attacks
+         *                        owf                 AlgorithmIdentifier,
+         *                        -- AlgId for a One-Way Function (SHA-1 recommended)
+         *                        iterationCount      INTEGER,
+         *                        -- number of times the OWF is applied
+         *                        -- note:  implementations MAY wish to limit acceptable sizes
+         *                        -- of this integer to values appropriate for their environment
+         *                        -- in order to reduce the risk of denial-of-service attacks
+         *                        mac                 AlgorithmIdentifier
+         *                        -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
+         *    }   -- or HMAC [RFC2104, RFC2202])
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(salt, owf, iterationCount, mac);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PollRepContent.cs b/bc-sharp-crypto/src/asn1/cmp/PollRepContent.cs
new file mode 100644
index 0000000..f8bb098
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PollRepContent.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PollRepContent
+		: Asn1Encodable
+	{
+		private readonly DerInteger certReqId;
+		private readonly DerInteger checkAfter;
+		private readonly PkiFreeText reason;
+
+		private PollRepContent(Asn1Sequence seq)
+		{
+			certReqId = DerInteger.GetInstance(seq[0]);
+			checkAfter = DerInteger.GetInstance(seq[1]);
+
+			if (seq.Count > 2)
+			{
+				reason = PkiFreeText.GetInstance(seq[2]);
+			}
+		}
+
+		public static PollRepContent GetInstance(object obj)
+		{
+			if (obj is PollRepContent)
+				return (PollRepContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new PollRepContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual DerInteger CertReqID
+		{
+			get { return certReqId; }
+		}
+
+		public virtual DerInteger CheckAfter
+		{
+			get { return checkAfter; }
+		}
+
+		public virtual PkiFreeText Reason
+		{
+			get { return reason; }
+		}
+
+		/**
+		 * <pre>
+		 * PollRepContent ::= SEQUENCE OF SEQUENCE {
+		 *         certReqId              INTEGER,
+		 *         checkAfter             INTEGER,  -- time in seconds
+		 *         reason                 PKIFreeText OPTIONAL
+		 *     }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certReqId, checkAfter);
+			v.AddOptional(reason);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PollReqContent.cs b/bc-sharp-crypto/src/asn1/cmp/PollReqContent.cs
new file mode 100644
index 0000000..dd9b0c3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PollReqContent.cs
@@ -0,0 +1,61 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PollReqContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private PollReqContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static PollReqContent GetInstance(object obj)
+		{
+			if (obj is PollReqContent)
+				return (PollReqContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new PollReqContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual DerInteger[][] GetCertReqIDs()
+		{
+			DerInteger[][] result = new DerInteger[content.Count][];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = SequenceToDerIntegerArray((Asn1Sequence)content[i]);
+			}
+			return result;
+		}
+
+		private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq)
+		{
+			DerInteger[] result = new DerInteger[seq.Count];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = DerInteger.GetInstance(seq[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * PollReqContent ::= SEQUENCE OF SEQUENCE {
+		 *                        certReqId              INTEGER
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyChallContent.cs b/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
new file mode 100644
index 0000000..03a13a5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PopoDecKeyChallContent
+	    : Asn1Encodable
+	{
+	    private readonly Asn1Sequence content;
+
+	    private PopoDecKeyChallContent(Asn1Sequence seq)
+	    {
+	        content = seq;
+	    }
+
+	    public static PopoDecKeyChallContent GetInstance(object obj)
+	    {
+	        if (obj is PopoDecKeyChallContent)
+	            return (PopoDecKeyChallContent)obj;
+
+			if (obj is Asn1Sequence)
+	            return new PopoDecKeyChallContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+	    }
+
+	    public virtual Challenge[] ToChallengeArray()
+	    {
+	        Challenge[] result = new Challenge[content.Count];
+	        for (int i = 0; i != result.Length; ++i)
+	        {
+	            result[i] = Challenge.GetInstance(content[i]);
+	        }
+	        return result;
+	    }
+
+	    /**
+	     * <pre>
+	     * PopoDecKeyChallContent ::= SEQUENCE OF Challenge
+	     * </pre>
+	     * @return a basic ASN.1 object representation.
+	     */
+	    public override Asn1Object ToAsn1Object()
+	    {
+	        return content;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyRespContent.cs b/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
new file mode 100644
index 0000000..73f59b7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class PopoDecKeyRespContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+
+		private PopoDecKeyRespContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static PopoDecKeyRespContent GetInstance(object obj)
+		{
+			if (obj is PopoDecKeyRespContent)
+				return (PopoDecKeyRespContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new PopoDecKeyRespContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual DerInteger[] ToDerIntegerArray()
+		{
+			DerInteger[] result = new DerInteger[content.Count];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = DerInteger.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * PopoDecKeyRespContent ::= SEQUENCE OF INTEGER
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/ProtectedPart.cs b/bc-sharp-crypto/src/asn1/cmp/ProtectedPart.cs
new file mode 100644
index 0000000..ed90708
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/ProtectedPart.cs
@@ -0,0 +1,60 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class ProtectedPart
+		: Asn1Encodable
+	{
+		private readonly PkiHeader header;
+		private readonly PkiBody body;
+		
+		private ProtectedPart(Asn1Sequence seq)
+		{
+			header = PkiHeader.GetInstance(seq[0]);
+			body = PkiBody.GetInstance(seq[1]);
+		}
+
+		public static ProtectedPart GetInstance(object obj)
+		{
+			if (obj is ProtectedPart)
+				return (ProtectedPart)obj;
+
+			if (obj is Asn1Sequence)
+				return new ProtectedPart((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public ProtectedPart(PkiHeader header, PkiBody body)
+		{
+			this.header = header;
+			this.body = body;
+		}
+
+		public virtual PkiHeader Header
+		{
+			get { return header; }
+		}
+
+		public virtual PkiBody Body
+		{
+			get { return body; }
+		}
+
+		/**
+		 * <pre>
+		 * ProtectedPart ::= SEQUENCE {
+		 *                    header    PKIHeader,
+		 *                    body      PKIBody
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(header, body);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/RevAnnContent.cs b/bc-sharp-crypto/src/asn1/cmp/RevAnnContent.cs
new file mode 100644
index 0000000..d5d4262
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/RevAnnContent.cs
@@ -0,0 +1,87 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class RevAnnContent
+		: Asn1Encodable
+	{
+		private readonly PkiStatusEncodable status;
+		private readonly CertId certId;
+		private readonly DerGeneralizedTime willBeRevokedAt;
+		private readonly DerGeneralizedTime badSinceDate;
+		private readonly X509Extensions crlDetails;
+
+		private RevAnnContent(Asn1Sequence seq)
+		{
+			status = PkiStatusEncodable.GetInstance(seq[0]);
+			certId = CertId.GetInstance(seq[1]);
+			willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]);
+			badSinceDate = DerGeneralizedTime.GetInstance(seq[3]);
+
+			if (seq.Count > 4)
+			{
+				crlDetails = X509Extensions.GetInstance(seq[4]);
+			}
+		}
+
+		public static RevAnnContent GetInstance(object obj)
+		{
+			if (obj is RevAnnContent)
+				return (RevAnnContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new RevAnnContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual PkiStatusEncodable Status
+		{
+			get { return status; }
+		}
+
+		public virtual CertId CertID
+		{
+			get { return certId; }
+		}
+
+		public virtual DerGeneralizedTime WillBeRevokedAt
+		{
+			get { return willBeRevokedAt; }
+		}
+
+		public virtual DerGeneralizedTime BadSinceDate
+		{
+			get { return badSinceDate; }
+		}
+
+		public virtual X509Extensions CrlDetails
+		{
+			get { return crlDetails; }
+		}
+
+		/**
+		 * <pre>
+		 * RevAnnContent ::= SEQUENCE {
+		 *       status              PKIStatus,
+		 *       certId              CertId,
+		 *       willBeRevokedAt     GeneralizedTime,
+		 *       badSinceDate        GeneralizedTime,
+		 *       crlDetails          Extensions  OPTIONAL
+		 *        -- extra CRL details (e.g., crl number, reason, location, etc.)
+		 * }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(status, certId, willBeRevokedAt, badSinceDate);
+			v.AddOptional(crlDetails);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/RevDetails.cs b/bc-sharp-crypto/src/asn1/cmp/RevDetails.cs
new file mode 100644
index 0000000..7d2a65a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/RevDetails.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class RevDetails
+		: Asn1Encodable
+	{
+		private readonly CertTemplate certDetails;
+		private readonly X509Extensions crlEntryDetails;
+
+        private RevDetails(Asn1Sequence seq)
+		{
+			certDetails = CertTemplate.GetInstance(seq[0]);
+            crlEntryDetails = seq.Count <= 1
+                ?   null
+                :   X509Extensions.GetInstance(seq[1]);
+		}
+
+        public static RevDetails GetInstance(object obj)
+		{
+			if (obj is RevDetails)
+				return (RevDetails)obj;
+
+			if (obj is Asn1Sequence)
+				return new RevDetails((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public RevDetails(CertTemplate certDetails)
+            :   this(certDetails, null)
+		{
+		}
+
+        public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails)
+		{
+            this.certDetails = certDetails;
+            this.crlEntryDetails = crlEntryDetails;
+		}
+
+        public virtual CertTemplate CertDetails
+		{
+			get { return certDetails; }
+		}
+
+        public virtual X509Extensions CrlEntryDetails
+		{
+			get { return crlEntryDetails; }
+		}
+
+		/**
+		* <pre>
+		* RevDetails ::= SEQUENCE {
+		*                  certDetails         CertTemplate,
+		*                   -- allows requester to specify as much as they can about
+		*                   -- the cert. for which revocation is requested
+		*                   -- (e.g., for cases in which serialNumber is not available)
+		*                   crlEntryDetails     Extensions       OPTIONAL
+		*                   -- requested crlEntryExtensions
+		*             }
+		* </pre>
+		* @return a basic ASN.1 object representation.
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certDetails);
+			v.AddOptional(crlEntryDetails);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/RevRepContent.cs b/bc-sharp-crypto/src/asn1/cmp/RevRepContent.cs
new file mode 100644
index 0000000..8e382a6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/RevRepContent.cs
@@ -0,0 +1,113 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class RevRepContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence status;
+		private readonly Asn1Sequence revCerts;
+		private readonly Asn1Sequence crls;
+
+		private RevRepContent(Asn1Sequence seq)
+		{
+			status = Asn1Sequence.GetInstance(seq[0]);
+
+			for (int pos = 1; pos < seq.Count; ++pos)
+			{
+				Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[pos]);
+
+				if (tObj.TagNo == 0)
+				{
+					revCerts = Asn1Sequence.GetInstance(tObj, true);
+				}
+				else
+				{
+					crls = Asn1Sequence.GetInstance(tObj, true);
+				}
+			}
+		}
+
+		public static RevRepContent GetInstance(object obj)
+		{
+			if (obj is RevRepContent)
+				return (RevRepContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new RevRepContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+		
+		public virtual PkiStatusInfo[] GetStatus()
+		{
+			PkiStatusInfo[] results = new PkiStatusInfo[status.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = PkiStatusInfo.GetInstance(status[i]);
+			}
+			return results;
+		}
+
+		public virtual CertId[] GetRevCerts()
+		{
+			if (revCerts == null)
+				return null;
+
+			CertId[] results = new CertId[revCerts.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CertId.GetInstance(revCerts[i]);
+			}
+			return results;
+		}
+
+		public virtual CertificateList[] GetCrls()
+		{
+			if (crls == null)
+				return null;
+
+			CertificateList[] results = new CertificateList[crls.Count];
+			for (int i = 0; i != results.Length; ++i)
+			{
+				results[i] = CertificateList.GetInstance(crls[i]);
+			}
+			return results;
+		}
+
+		/**
+		 * <pre>
+		 * RevRepContent ::= SEQUENCE {
+		 *        status       SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
+		 *        -- in same order as was sent in RevReqContent
+		 *        revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL,
+		 *        -- IDs for which revocation was requested
+		 *        -- (same order as status)
+		 *        crls     [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL
+		 *        -- the resulting CRLs (there may be more than one)
+		 *   }
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(status);
+			AddOptional(v, 0, revCerts);
+			AddOptional(v, 1, crls);
+			return new DerSequence(v);
+		}
+
+		private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+		{
+			if (obj != null)
+			{
+				v.Add(new DerTaggedObject(true, tagNo, obj));
+			}
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/asn1/cmp/RevRepContentBuilder.cs b/bc-sharp-crypto/src/asn1/cmp/RevRepContentBuilder.cs
new file mode 100644
index 0000000..cc17d1d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/RevRepContentBuilder.cs
@@ -0,0 +1,55 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class RevRepContentBuilder
+	{
+		private readonly Asn1EncodableVector status = new Asn1EncodableVector();
+		private readonly Asn1EncodableVector revCerts = new Asn1EncodableVector();
+		private readonly Asn1EncodableVector crls = new Asn1EncodableVector();
+
+		public virtual RevRepContentBuilder Add(PkiStatusInfo status)
+		{
+			this.status.Add(status);
+			return this;
+		}
+
+		public virtual RevRepContentBuilder Add(PkiStatusInfo status, CertId certId)
+		{
+			if (this.status.Count != this.revCerts.Count)
+				throw new InvalidOperationException("status and revCerts sequence must be in common order");
+
+			this.status.Add(status);
+			this.revCerts.Add(certId);
+			return this;
+		}
+
+		public virtual RevRepContentBuilder AddCrl(CertificateList crl)
+		{
+			this.crls.Add(crl);
+			return this;
+		}
+
+		public virtual RevRepContent Build()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			v.Add(new DerSequence(status));
+
+			if (revCerts.Count != 0)
+			{
+				v.Add(new DerTaggedObject(true, 0, new DerSequence(revCerts)));
+			}
+
+			if (crls.Count != 0)
+			{
+				v.Add(new DerTaggedObject(true, 1, new DerSequence(crls)));
+			}
+
+			return RevRepContent.GetInstance(new DerSequence(v));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cmp/RevReqContent.cs b/bc-sharp-crypto/src/asn1/cmp/RevReqContent.cs
new file mode 100644
index 0000000..1522d37
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cmp/RevReqContent.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+	public class RevReqContent
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence content;
+		
+		private RevReqContent(Asn1Sequence seq)
+		{
+			content = seq;
+		}
+
+		public static RevReqContent GetInstance(object obj)
+		{
+			if (obj is RevReqContent)
+				return (RevReqContent)obj;
+
+			if (obj is Asn1Sequence)
+				return new RevReqContent((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public RevReqContent(params RevDetails[] revDetails)
+		{
+			this.content = new DerSequence(revDetails);
+		}
+
+		public virtual RevDetails[] ToRevDetailsArray()
+		{
+			RevDetails[] result = new RevDetails[content.Count];
+			for (int i = 0; i != result.Length; ++i)
+			{
+				result[i] = RevDetails.GetInstance(content[i]);
+			}
+			return result;
+		}
+
+		/**
+		 * <pre>
+		 * RevReqContent ::= SEQUENCE OF RevDetails
+		 * </pre>
+		 * @return a basic ASN.1 object representation.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return content;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/Attribute.cs b/bc-sharp-crypto/src/asn1/cms/Attribute.cs
new file mode 100644
index 0000000..69ac441
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/Attribute.cs
@@ -0,0 +1,70 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class Attribute
+        : Asn1Encodable
+    {
+        private DerObjectIdentifier	attrType;
+        private Asn1Set				attrValues;
+
+		/**
+        * return an Attribute object from the given object.
+        *
+        * @param o the object we want converted.
+        * @exception ArgumentException if the object cannot be converted.
+        */
+        public static Attribute GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Attribute)
+				return (Attribute) obj;
+
+			if (obj is Asn1Sequence)
+                return new Attribute((Asn1Sequence) obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public Attribute(
+            Asn1Sequence seq)
+        {
+            attrType = (DerObjectIdentifier)seq[0];
+            attrValues = (Asn1Set)seq[1];
+        }
+
+		public Attribute(
+            DerObjectIdentifier attrType,
+            Asn1Set             attrValues)
+        {
+            this.attrType = attrType;
+            this.attrValues = attrValues;
+        }
+
+        public DerObjectIdentifier AttrType
+		{
+			get { return attrType; }
+		}
+
+		public Asn1Set AttrValues
+		{
+			get { return attrValues; }
+		}
+
+		/**
+        * Produce an object suitable for an Asn1OutputStream.
+        * <pre>
+        * Attribute ::= SEQUENCE {
+        *     attrType OBJECT IDENTIFIER,
+        *     attrValues SET OF AttributeValue
+        * }
+        * </pre>
+        */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(attrType, attrValues);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/AttributeTable.cs b/bc-sharp-crypto/src/asn1/cms/AttributeTable.cs
new file mode 100644
index 0000000..8d357f1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/AttributeTable.cs
@@ -0,0 +1,231 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class AttributeTable
+    {
+        private readonly IDictionary attributes;
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public AttributeTable(
+            Hashtable attrs)
+        {
+            this.attributes = Platform.CreateHashtable(attrs);
+        }
+#endif
+
+        public AttributeTable(
+            IDictionary attrs)
+        {
+            this.attributes = Platform.CreateHashtable(attrs);
+        }
+
+        public AttributeTable(
+            Asn1EncodableVector v)
+        {
+            this.attributes = Platform.CreateHashtable(v.Count);
+
+			foreach (Asn1Encodable o in v)
+            {
+                Attribute a = Attribute.GetInstance(o);
+
+				AddAttribute(a);
+            }
+        }
+
+        public AttributeTable(
+            Asn1Set s)
+        {
+            this.attributes = Platform.CreateHashtable(s.Count);
+
+			for (int i = 0; i != s.Count; i++)
+            {
+                Attribute a = Attribute.GetInstance(s[i]);
+
+                AddAttribute(a);
+            }
+        }
+
+		public AttributeTable(
+			Attributes attrs)
+			: this(Asn1Set.GetInstance(attrs.ToAsn1Object()))
+		{
+		}
+
+		private void AddAttribute(
+            Attribute a)
+        {
+			DerObjectIdentifier oid = a.AttrType;
+            object obj = attributes[oid];
+
+            if (obj == null)
+            {
+                attributes[oid] = a;
+            }
+            else
+            {
+                IList v;
+
+                if (obj is Attribute)
+                {
+                    v = Platform.CreateArrayList();
+
+                    v.Add(obj);
+                    v.Add(a);
+                }
+                else
+                {
+                    v = (IList) obj;
+
+                    v.Add(a);
+                }
+
+                attributes[oid] = v;
+            }
+        }
+
+		/// <summary>Return the first attribute matching the given OBJECT IDENTIFIER</summary>
+		public Attribute this[DerObjectIdentifier oid]
+		{
+			get
+			{
+				object obj = attributes[oid];
+
+				if (obj is IList)
+				{
+					return (Attribute)((IList)obj)[0];
+				}
+
+				return (Attribute) obj;
+			}
+		}
+
+		[Obsolete("Use 'object[oid]' syntax instead")]
+        public Attribute Get(
+            DerObjectIdentifier oid)
+        {
+			return this[oid];
+        }
+
+		/**
+        * Return all the attributes matching the OBJECT IDENTIFIER oid. The vector will be
+        * empty if there are no attributes of the required type present.
+        *
+        * @param oid type of attribute required.
+        * @return a vector of all the attributes found of type oid.
+        */
+        public Asn1EncodableVector GetAll(
+            DerObjectIdentifier oid)
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            object obj = attributes[oid];
+
+			if (obj is IList)
+            {
+                foreach (Attribute a in (IList)obj)
+                {
+                    v.Add(a);
+                }
+            }
+            else if (obj != null)
+            {
+                v.Add((Attribute) obj);
+            }
+
+			return v;
+        }
+
+		public int Count
+		{
+			get
+			{
+				int total = 0;
+
+				foreach (object o in attributes.Values)
+				{
+					if (o is IList)
+					{
+						total += ((IList)o).Count;
+					}
+					else
+					{
+						++total;
+					}
+				}
+
+				return total;
+			}
+		}
+
+        public IDictionary ToDictionary()
+        {
+            return Platform.CreateHashtable(attributes);
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete("Use 'ToDictionary' instead")]
+		public Hashtable ToHashtable()
+        {
+            return new Hashtable(attributes);
+        }
+#endif
+
+		public Asn1EncodableVector ToAsn1EncodableVector()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			foreach (object obj in attributes.Values)
+            {
+                if (obj is IList)
+                {
+                    foreach (object el in (IList)obj)
+                    {
+                        v.Add(Attribute.GetInstance(el));
+                    }
+                }
+                else
+                {
+                    v.Add(Attribute.GetInstance(obj));
+                }
+            }
+
+			return v;
+        }
+
+		public Attributes ToAttributes()
+		{
+			return new Attributes(this.ToAsn1EncodableVector());
+		}
+
+		/**
+		 * Return a new table with the passed in attribute added.
+		 *
+		 * @param attrType
+		 * @param attrValue
+		 * @return
+		 */
+		public AttributeTable Add(DerObjectIdentifier attrType, Asn1Encodable attrValue)
+		{
+			AttributeTable newTable = new AttributeTable(attributes);
+
+			newTable.AddAttribute(new Attribute(attrType, new DerSet(attrValue)));
+
+			return newTable;
+		}
+
+		public AttributeTable Remove(DerObjectIdentifier attrType)
+		{
+			AttributeTable newTable = new AttributeTable(attributes);
+
+			newTable.attributes.Remove(attrType);
+
+			return newTable;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/Attributes.cs b/bc-sharp-crypto/src/asn1/cms/Attributes.cs
new file mode 100644
index 0000000..5b6b130
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/Attributes.cs
@@ -0,0 +1,55 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class Attributes
+        : Asn1Encodable
+    {
+        private readonly Asn1Set attributes;
+
+        private Attributes(Asn1Set attributes)
+        {
+            this.attributes = attributes;
+        }
+
+        public Attributes(Asn1EncodableVector v)
+        {
+            attributes = new BerSet(v);
+        }
+
+        public static Attributes GetInstance(object obj)
+        {
+            if (obj is Attributes)
+                return (Attributes)obj;
+
+            if (obj != null)
+                return new Attributes(Asn1Set.GetInstance(obj));
+
+            return null;
+        }
+
+        public virtual Attribute[] GetAttributes()
+        {
+            Attribute[] rv = new Attribute[attributes.Count];
+
+            for (int i = 0; i != rv.Length; i++)
+            {
+                rv[i] = Attribute.GetInstance(attributes[i]);
+            }
+
+            return rv;
+        }
+
+        /**
+         * <pre>
+         * Attributes ::=
+         *   SET SIZE(1..MAX) OF Attribute -- according to RFC 5652
+         * </pre>
+         * @return
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return attributes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedData.cs b/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedData.cs
new file mode 100644
index 0000000..c30ec6b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedData.cs
@@ -0,0 +1,205 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class AuthEnvelopedData
+		: Asn1Encodable
+	{
+		private DerInteger				version;
+		private OriginatorInfo			originatorInfo;
+		private Asn1Set					recipientInfos;
+		private EncryptedContentInfo	authEncryptedContentInfo;
+		private Asn1Set					authAttrs;
+		private Asn1OctetString			mac;
+		private Asn1Set					unauthAttrs;
+
+		public AuthEnvelopedData(
+			OriginatorInfo			originatorInfo,
+			Asn1Set					recipientInfos,
+			EncryptedContentInfo	authEncryptedContentInfo,
+			Asn1Set					authAttrs,
+			Asn1OctetString			mac,
+			Asn1Set					unauthAttrs)
+		{
+			// "It MUST be set to 0."
+			this.version = new DerInteger(0);
+
+			this.originatorInfo = originatorInfo;
+
+			// TODO
+			// "There MUST be at least one element in the collection."
+			this.recipientInfos = recipientInfos;
+
+			this.authEncryptedContentInfo = authEncryptedContentInfo;
+
+			// TODO
+			// "The authAttrs MUST be present if the content type carried in
+			// EncryptedContentInfo is not id-data."
+			this.authAttrs = authAttrs;
+
+			this.mac = mac;
+
+			this.unauthAttrs = unauthAttrs;
+	    }
+
+		private AuthEnvelopedData(
+			Asn1Sequence	seq)
+		{
+			int index = 0;
+
+			// TODO
+			// "It MUST be set to 0."
+			Asn1Object tmp = seq[index++].ToAsn1Object();
+			version = (DerInteger)tmp;
+
+			tmp = seq[index++].ToAsn1Object();
+			if (tmp is Asn1TaggedObject)
+			{
+				originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject)tmp, false);
+				tmp = seq[index++].ToAsn1Object();
+			}
+
+			// TODO
+			// "There MUST be at least one element in the collection."
+			recipientInfos = Asn1Set.GetInstance(tmp);
+
+			tmp = seq[index++].ToAsn1Object();
+			authEncryptedContentInfo = EncryptedContentInfo.GetInstance(tmp);
+
+			tmp = seq[index++].ToAsn1Object();
+			if (tmp is Asn1TaggedObject)
+			{
+				authAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false);
+				tmp = seq[index++].ToAsn1Object();
+			}
+			else
+			{
+				// TODO
+				// "The authAttrs MUST be present if the content type carried in
+				// EncryptedContentInfo is not id-data."
+			}
+
+			mac = Asn1OctetString.GetInstance(tmp);
+
+			if (seq.Count > index)
+			{
+				tmp = seq[index++].ToAsn1Object();
+				unauthAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false);
+			}
+		}
+
+		/**
+		 * return an AuthEnvelopedData object from a tagged object.
+		 *
+		 * @param obj      the tagged object holding the object we want.
+		 * @param isExplicit true if the object is meant to be explicitly
+		 *                 tagged false otherwise.
+		 * @throws ArgumentException if the object held by the
+		 *                                  tagged object cannot be converted.
+		 */
+		public static AuthEnvelopedData GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		/**
+		 * return an AuthEnvelopedData object from the given object.
+		 *
+		 * @param obj the object we want converted.
+		 * @throws ArgumentException if the object cannot be converted.
+		 */
+		public static AuthEnvelopedData GetInstance(
+			object	obj)
+		{
+			if (obj == null || obj is AuthEnvelopedData)
+				return (AuthEnvelopedData)obj;
+
+			if (obj is Asn1Sequence)
+				return new AuthEnvelopedData((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid AuthEnvelopedData: " + Platform.GetTypeName(obj));
+		}
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public OriginatorInfo OriginatorInfo
+		{
+			get { return originatorInfo; }
+		}
+
+		public Asn1Set RecipientInfos
+		{
+			get { return recipientInfos; }
+		}
+
+		public EncryptedContentInfo AuthEncryptedContentInfo
+		{
+			get { return authEncryptedContentInfo; }
+		}
+
+		public Asn1Set AuthAttrs
+		{
+			get { return authAttrs; }
+		}
+
+		public Asn1OctetString Mac
+		{
+			get { return mac; }
+		}
+
+		public Asn1Set UnauthAttrs
+		{
+			get { return unauthAttrs; }
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * <pre>
+		 * AuthEnvelopedData ::= SEQUENCE {
+		 *   version CMSVersion,
+		 *   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+		 *   recipientInfos RecipientInfos,
+		 *   authEncryptedContentInfo EncryptedContentInfo,
+		 *   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
+		 *   mac MessageAuthenticationCode,
+		 *   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
+		 * </pre>
+		 */
+	    public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(version);
+
+			if (originatorInfo != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, originatorInfo));
+			}
+
+			v.Add(recipientInfos, authEncryptedContentInfo);
+
+			// "authAttrs optionally contains the authenticated attributes."
+			if (authAttrs != null)
+			{
+				// "AuthAttributes MUST be DER encoded, even if the rest of the
+				// AuthEnvelopedData structure is BER encoded."
+				v.Add(new DerTaggedObject(false, 1, authAttrs));
+			}
+
+			v.Add(mac);
+
+			// "unauthAttrs optionally contains the unauthenticated attributes."
+			if (unauthAttrs != null)
+			{
+				v.Add(new DerTaggedObject(false, 2, unauthAttrs));
+			}
+
+			return new BerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedDataParser.cs
new file mode 100644
index 0000000..35cb3bf
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/AuthEnvelopedDataParser.cs
@@ -0,0 +1,145 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	 * Produce an object suitable for an Asn1OutputStream.
+	 * 
+	 * <pre>
+	 * AuthEnvelopedData ::= SEQUENCE {
+	 *   version CMSVersion,
+	 *   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	 *   recipientInfos RecipientInfos,
+	 *   authEncryptedContentInfo EncryptedContentInfo,
+	 *   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
+	 *   mac MessageAuthenticationCode,
+	 *   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
+	 * </pre>
+	*/
+	public class AuthEnvelopedDataParser
+	{
+		private Asn1SequenceParser	seq;
+		private DerInteger			version;
+		private IAsn1Convertible	nextObject;
+		private bool				originatorInfoCalled;
+
+		public AuthEnvelopedDataParser(
+			Asn1SequenceParser	seq)
+		{
+			this.seq = seq;
+
+			// TODO
+			// "It MUST be set to 0."
+			this.version = (DerInteger)seq.ReadObject();
+		}
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public OriginatorInfo GetOriginatorInfo()
+		{
+			originatorInfoCalled = true;
+
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			if (nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)nextObject).TagNo == 0)
+			{
+				Asn1SequenceParser originatorInfo = (Asn1SequenceParser) ((Asn1TaggedObjectParser)nextObject).GetObjectParser(Asn1Tags.Sequence, false);
+				nextObject = null;
+				return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object());
+			}
+
+			return null;
+		}
+
+		public Asn1SetParser GetRecipientInfos()
+		{
+			if (!originatorInfoCalled)
+			{
+				GetOriginatorInfo();
+			}
+
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			Asn1SetParser recipientInfos = (Asn1SetParser)nextObject;
+			nextObject = null;
+			return recipientInfos;
+		}
+
+		public EncryptedContentInfoParser GetAuthEncryptedContentInfo() 
+		{
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			if (nextObject != null)
+			{
+				Asn1SequenceParser o = (Asn1SequenceParser) nextObject;
+				nextObject = null;
+				return new EncryptedContentInfoParser(o);
+			}
+
+			return null;
+		}
+		
+		public Asn1SetParser GetAuthAttrs()
+		{
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			if (nextObject is Asn1TaggedObjectParser)
+			{
+				IAsn1Convertible o = nextObject;
+				nextObject = null;
+				return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false);
+			}
+
+			// TODO
+			// "The authAttrs MUST be present if the content type carried in
+			// EncryptedContentInfo is not id-data."
+
+			return null;
+		}
+		
+		public Asn1OctetString GetMac()
+		{
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			IAsn1Convertible o = nextObject;
+			nextObject = null;
+
+			return Asn1OctetString.GetInstance(o.ToAsn1Object());
+		}
+		
+		public Asn1SetParser GetUnauthAttrs()
+		{
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			if (nextObject != null)
+			{
+				IAsn1Convertible o = nextObject;
+				nextObject = null;
+				return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false);
+			}
+
+			return null;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/AuthenticatedData.cs b/bc-sharp-crypto/src/asn1/cms/AuthenticatedData.cs
new file mode 100644
index 0000000..6f13a6f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/AuthenticatedData.cs
@@ -0,0 +1,271 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class AuthenticatedData
+		: Asn1Encodable
+	{
+		private DerInteger version;
+		private OriginatorInfo originatorInfo;
+		private Asn1Set recipientInfos;
+		private AlgorithmIdentifier macAlgorithm;
+		private AlgorithmIdentifier digestAlgorithm;
+		private ContentInfo encapsulatedContentInfo;
+		private Asn1Set authAttrs;
+		private Asn1OctetString mac;
+		private Asn1Set unauthAttrs;
+
+		public AuthenticatedData(
+			OriginatorInfo		originatorInfo,
+			Asn1Set				recipientInfos,
+			AlgorithmIdentifier	macAlgorithm,
+			AlgorithmIdentifier	digestAlgorithm,
+			ContentInfo			encapsulatedContent,
+			Asn1Set				authAttrs,
+			Asn1OctetString		mac,
+			Asn1Set				unauthAttrs)
+		{
+			if (digestAlgorithm != null || authAttrs != null)
+			{
+				if (digestAlgorithm == null || authAttrs == null)
+				{
+					throw new ArgumentException("digestAlgorithm and authAttrs must be set together");
+				}
+			}
+
+			version = new DerInteger(CalculateVersion(originatorInfo));
+
+			this.originatorInfo = originatorInfo;
+			this.macAlgorithm = macAlgorithm;
+			this.digestAlgorithm = digestAlgorithm;
+			this.recipientInfos = recipientInfos;
+			this.encapsulatedContentInfo = encapsulatedContent;
+			this.authAttrs = authAttrs;
+			this.mac = mac;
+			this.unauthAttrs = unauthAttrs;
+		}
+
+		private AuthenticatedData(
+			Asn1Sequence	seq)
+		{
+			int index = 0;
+
+			version = (DerInteger)seq[index++];
+
+			Asn1Encodable tmp = seq[index++];
+			if (tmp is Asn1TaggedObject)
+			{
+				originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject)tmp, false);
+				tmp = seq[index++];
+			}
+
+			recipientInfos = Asn1Set.GetInstance(tmp);
+			macAlgorithm = AlgorithmIdentifier.GetInstance(seq[index++]);
+
+			tmp = seq[index++];
+			if (tmp is Asn1TaggedObject)
+			{
+				digestAlgorithm = AlgorithmIdentifier.GetInstance((Asn1TaggedObject)tmp, false);
+				tmp = seq[index++];
+			}
+
+			encapsulatedContentInfo = ContentInfo.GetInstance(tmp);
+
+			tmp = seq[index++];
+			if (tmp is Asn1TaggedObject)
+			{
+				authAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false);
+				tmp = seq[index++];
+			}
+
+			mac = Asn1OctetString.GetInstance(tmp);
+
+			if (seq.Count > index)
+			{
+				unauthAttrs = Asn1Set.GetInstance((Asn1TaggedObject)seq[index], false);
+			}
+		}
+
+		/**
+		 * return an AuthenticatedData object from a tagged object.
+		 *
+		 * @param obj      the tagged object holding the object we want.
+		 * @param isExplicit true if the object is meant to be explicitly
+		 *                 tagged false otherwise.
+		 * @throws ArgumentException if the object held by the
+		 *                                  tagged object cannot be converted.
+		 */
+		public static AuthenticatedData GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		/**
+		 * return an AuthenticatedData object from the given object.
+		 *
+		 * @param obj the object we want converted.
+		 * @throws ArgumentException if the object cannot be converted.
+		 */
+		public static AuthenticatedData GetInstance(
+			object	obj)
+		{
+			if (obj == null || obj is AuthenticatedData)
+			{
+				return (AuthenticatedData)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new AuthenticatedData((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("Invalid AuthenticatedData: " + Platform.GetTypeName(obj));
+		}
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public OriginatorInfo OriginatorInfo
+		{
+			get { return originatorInfo; }
+		}
+
+		public Asn1Set RecipientInfos
+		{
+			get { return recipientInfos; }
+		}
+
+		public AlgorithmIdentifier MacAlgorithm
+		{
+			get { return macAlgorithm; }
+		}
+
+        public AlgorithmIdentifier DigestAlgorithm
+        {
+            get { return digestAlgorithm; }
+        }
+
+		public ContentInfo EncapsulatedContentInfo
+		{
+			get { return encapsulatedContentInfo; }
+		}
+
+		public Asn1Set AuthAttrs
+		{
+			get { return authAttrs; }
+		}
+
+		public Asn1OctetString Mac
+		{
+			get { return mac; }
+		}
+
+		public Asn1Set UnauthAttrs
+		{
+			get { return unauthAttrs; }
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * <pre>
+		 * AuthenticatedData ::= SEQUENCE {
+		 *       version CMSVersion,
+		 *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+		 *       recipientInfos RecipientInfos,
+		 *       macAlgorithm MessageAuthenticationCodeAlgorithm,
+		 *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
+		 *       encapContentInfo EncapsulatedContentInfo,
+		 *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
+		 *       mac MessageAuthenticationCode,
+		 *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
+		 *
+		 * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
+		 *
+		 * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
+		 *
+		 * MessageAuthenticationCode ::= OCTET STRING
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(version);
+
+			if (originatorInfo != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, originatorInfo));
+			}
+
+			v.Add(recipientInfos, macAlgorithm);
+
+			if (digestAlgorithm != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, digestAlgorithm));
+			}
+
+			v.Add(encapsulatedContentInfo);
+
+			if (authAttrs != null)
+			{
+				v.Add(new DerTaggedObject(false, 2, authAttrs));
+			}
+
+			v.Add(mac);
+
+			if (unauthAttrs != null)
+			{
+				v.Add(new DerTaggedObject(false, 3, unauthAttrs));
+			}
+
+			return new BerSequence(v);
+		}
+
+		public static int CalculateVersion(OriginatorInfo origInfo)
+		{
+			if (origInfo == null)
+				return 0;
+
+			int ver = 0;
+
+			foreach (object obj in origInfo.Certificates)
+			{
+				if (obj is Asn1TaggedObject)
+				{
+					Asn1TaggedObject tag = (Asn1TaggedObject)obj;
+
+					if (tag.TagNo == 2)
+					{
+						ver = 1;
+					}
+					else if (tag.TagNo == 3)
+					{
+						ver = 3;
+						break;
+					}
+				}
+			}
+
+			foreach (object obj in origInfo.Crls)
+			{
+				if (obj is Asn1TaggedObject)
+				{
+					Asn1TaggedObject tag = (Asn1TaggedObject)obj;
+
+					if (tag.TagNo == 1)
+					{
+						ver = 3;
+						break;
+					}
+				}
+			}
+
+			return ver;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/AuthenticatedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/AuthenticatedDataParser.cs
new file mode 100644
index 0000000..4b80d1b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/AuthenticatedDataParser.cs
@@ -0,0 +1,182 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	 * Produce an object suitable for an Asn1OutputStream.
+	 * <pre>
+	 * AuthenticatedData ::= SEQUENCE {
+	 *       version CMSVersion,
+	 *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	 *       recipientInfos RecipientInfos,
+	 *       macAlgorithm MessageAuthenticationCodeAlgorithm,
+	 *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
+	 *       encapContentInfo EncapsulatedContentInfo,
+	 *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
+	 *       mac MessageAuthenticationCode,
+	 *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
+	 *
+	 * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
+	 *
+	 * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
+	 *
+	 * MessageAuthenticationCode ::= OCTET STRING
+	 * </pre>
+	 */
+	public class AuthenticatedDataParser
+	{
+	    private Asn1SequenceParser	seq;
+	    private DerInteger			version;
+	    private IAsn1Convertible	nextObject;
+	    private bool				originatorInfoCalled;
+
+	    public AuthenticatedDataParser(
+	        Asn1SequenceParser	seq)
+	    {
+	        this.seq = seq;
+	        this.version = (DerInteger)seq.ReadObject();
+	    }
+
+	    public DerInteger Version
+	    {
+	        get { return version; }
+	    }
+
+	    public OriginatorInfo GetOriginatorInfo()
+	    {
+	        originatorInfoCalled = true;
+
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        if (nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)nextObject).TagNo == 0)
+	        {
+	            Asn1SequenceParser originatorInfo = (Asn1SequenceParser) ((Asn1TaggedObjectParser)nextObject).GetObjectParser(Asn1Tags.Sequence, false);
+	            nextObject = null;
+	            return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object());
+	        }
+
+	        return null;
+	    }
+
+	    public Asn1SetParser GetRecipientInfos()
+	    {
+	        if (!originatorInfoCalled)
+	        {
+	            GetOriginatorInfo();
+	        }
+
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        Asn1SetParser recipientInfos = (Asn1SetParser)nextObject;
+	        nextObject = null;
+	        return recipientInfos;
+	    }
+
+	    public AlgorithmIdentifier GetMacAlgorithm()
+	    {
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        if (nextObject != null)
+	        {
+	            Asn1SequenceParser o = (Asn1SequenceParser)nextObject;
+	            nextObject = null;
+	            return AlgorithmIdentifier.GetInstance(o.ToAsn1Object());
+	        }
+
+	        return null;
+	    }
+
+		public AlgorithmIdentifier GetDigestAlgorithm()
+		{
+			if (nextObject == null)
+			{
+				nextObject = seq.ReadObject();
+			}
+
+			if (nextObject is Asn1TaggedObjectParser)
+			{
+				AlgorithmIdentifier obj = AlgorithmIdentifier.GetInstance(
+					(Asn1TaggedObject)nextObject.ToAsn1Object(), false);
+				nextObject = null;
+				return obj;
+			}
+
+			return null;
+		}
+
+	    public ContentInfoParser GetEnapsulatedContentInfo()
+	    {
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        if (nextObject != null)
+	        {
+	            Asn1SequenceParser o = (Asn1SequenceParser)nextObject;
+	            nextObject = null;
+	            return new ContentInfoParser(o);
+	        }
+
+	        return null;
+	    }
+
+	    public Asn1SetParser GetAuthAttrs()
+	    {
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        if (nextObject is Asn1TaggedObjectParser)
+	        {
+	            IAsn1Convertible o = nextObject;
+	            nextObject = null;
+	            return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false);
+	        }
+
+	        return null;
+	    }
+
+	    public Asn1OctetString GetMac()
+	    {
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        IAsn1Convertible o = nextObject;
+	        nextObject = null;
+
+	        return Asn1OctetString.GetInstance(o.ToAsn1Object());
+	    }
+
+	    public Asn1SetParser GetUnauthAttrs()
+	    {
+	        if (nextObject == null)
+	        {
+	            nextObject = seq.ReadObject();
+	        }
+
+	        if (nextObject != null)
+	        {
+	            IAsn1Convertible o = nextObject;
+	            nextObject = null;
+	            return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false);
+	        }
+
+	        return null;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/CMSAttributes.cs b/bc-sharp-crypto/src/asn1/cms/CMSAttributes.cs
new file mode 100644
index 0000000..fca2b67
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/CMSAttributes.cs
@@ -0,0 +1,14 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public abstract class CmsAttributes
+    {
+        public static readonly DerObjectIdentifier ContentType		= PkcsObjectIdentifiers.Pkcs9AtContentType;
+        public static readonly DerObjectIdentifier MessageDigest	= PkcsObjectIdentifiers.Pkcs9AtMessageDigest;
+        public static readonly DerObjectIdentifier SigningTime		= PkcsObjectIdentifiers.Pkcs9AtSigningTime;
+		public static readonly DerObjectIdentifier CounterSignature = PkcsObjectIdentifiers.Pkcs9AtCounterSignature;
+		public static readonly DerObjectIdentifier ContentHint		= PkcsObjectIdentifiers.IdAAContentHint;
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/CMSObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/cms/CMSObjectIdentifiers.cs
new file mode 100644
index 0000000..2ad0a3c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/CMSObjectIdentifiers.cs
@@ -0,0 +1,28 @@
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public abstract class CmsObjectIdentifiers
+    {
+        public static readonly DerObjectIdentifier Data = PkcsObjectIdentifiers.Data;
+        public static readonly DerObjectIdentifier SignedData = PkcsObjectIdentifiers.SignedData;
+        public static readonly DerObjectIdentifier EnvelopedData = PkcsObjectIdentifiers.EnvelopedData;
+        public static readonly DerObjectIdentifier SignedAndEnvelopedData = PkcsObjectIdentifiers.SignedAndEnvelopedData;
+        public static readonly DerObjectIdentifier DigestedData = PkcsObjectIdentifiers.DigestedData;
+        public static readonly DerObjectIdentifier EncryptedData = PkcsObjectIdentifiers.EncryptedData;
+        public static readonly DerObjectIdentifier AuthenticatedData = PkcsObjectIdentifiers.IdCTAuthData;
+        public static readonly DerObjectIdentifier CompressedData = PkcsObjectIdentifiers.IdCTCompressedData;
+        public static readonly DerObjectIdentifier AuthEnvelopedData = PkcsObjectIdentifiers.IdCTAuthEnvelopedData;
+        public static readonly DerObjectIdentifier timestampedData = PkcsObjectIdentifiers.IdCTTimestampedData;
+
+        /**
+         * The other Revocation Info arc
+         * id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+         *                                   dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) }
+         */
+        public static readonly DerObjectIdentifier id_ri = new DerObjectIdentifier("1.3.6.1.5.5.7.16");
+
+        public static readonly DerObjectIdentifier id_ri_ocsp_response = id_ri.Branch("2");
+        public static readonly DerObjectIdentifier id_ri_scvp = id_ri.Branch("4");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/CompressedData.cs b/bc-sharp-crypto/src/asn1/cms/CompressedData.cs
new file mode 100644
index 0000000..154ed35
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/CompressedData.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    /**
+     * RFC 3274 - CMS Compressed Data.
+     * <pre>
+     * CompressedData ::= Sequence {
+     *  version CMSVersion,
+     *  compressionAlgorithm CompressionAlgorithmIdentifier,
+     *  encapContentInfo EncapsulatedContentInfo
+     * }
+     * </pre>
+     */
+    public class CompressedData
+        : Asn1Encodable
+    {
+        private DerInteger			version;
+        private AlgorithmIdentifier	compressionAlgorithm;
+        private ContentInfo			encapContentInfo;
+
+		public CompressedData(
+            AlgorithmIdentifier	compressionAlgorithm,
+            ContentInfo			encapContentInfo)
+        {
+            this.version = new DerInteger(0);
+            this.compressionAlgorithm = compressionAlgorithm;
+            this.encapContentInfo = encapContentInfo;
+        }
+
+		public CompressedData(
+            Asn1Sequence seq)
+        {
+            this.version = (DerInteger) seq[0];
+            this.compressionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+            this.encapContentInfo = ContentInfo.GetInstance(seq[2]);
+        }
+
+		/**
+         * return a CompressedData object from a tagged object.
+         *
+         * @param ato the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static CompressedData GetInstance(
+            Asn1TaggedObject ato,
+            bool explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(ato, explicitly));
+        }
+
+        /**
+         * return a CompressedData object from the given object.
+         *
+         * @param _obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static CompressedData GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is CompressedData)
+                return (CompressedData)obj;
+
+			if (obj is Asn1Sequence)
+                return new CompressedData((Asn1Sequence) obj);
+
+            throw new ArgumentException("Invalid CompressedData: " + Platform.GetTypeName(obj));
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public AlgorithmIdentifier CompressionAlgorithmIdentifier
+		{
+			get { return compressionAlgorithm; }
+		}
+
+		public ContentInfo EncapContentInfo
+		{
+			get { return encapContentInfo; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new BerSequence(version, compressionAlgorithm, encapContentInfo);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/CompressedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/CompressedDataParser.cs
new file mode 100644
index 0000000..7c53453
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/CompressedDataParser.cs
@@ -0,0 +1,47 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	* RFC 3274 - CMS Compressed Data.
+	* <pre>
+	* CompressedData ::= SEQUENCE {
+	*  version CMSVersion,
+	*  compressionAlgorithm CompressionAlgorithmIdentifier,
+	*  encapContentInfo EncapsulatedContentInfo
+	* }
+	* </pre>
+	*/
+	public class CompressedDataParser
+	{
+		private DerInteger			_version;
+		private AlgorithmIdentifier	_compressionAlgorithm;
+		private ContentInfoParser	_encapContentInfo;
+
+		public CompressedDataParser(
+			Asn1SequenceParser seq)
+		{
+			this._version = (DerInteger)seq.ReadObject();
+			this._compressionAlgorithm = AlgorithmIdentifier.GetInstance(seq.ReadObject().ToAsn1Object());
+			this._encapContentInfo = new ContentInfoParser((Asn1SequenceParser)seq.ReadObject());
+		}
+
+		public DerInteger Version
+		{
+			get { return _version; }
+		}
+
+		public AlgorithmIdentifier CompressionAlgorithmIdentifier
+		{
+			get { return _compressionAlgorithm; }
+		}
+
+		public ContentInfoParser GetEncapContentInfo()
+		{
+			return _encapContentInfo;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/ContentInfo.cs b/bc-sharp-crypto/src/asn1/cms/ContentInfo.cs
new file mode 100644
index 0000000..f130a4b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/ContentInfo.cs
@@ -0,0 +1,88 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class ContentInfo
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	contentType;
+        private readonly Asn1Encodable			content;
+
+        public static ContentInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is ContentInfo)
+                return (ContentInfo) obj;
+
+            if (obj is Asn1Sequence)
+                return new ContentInfo((Asn1Sequence) obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj));
+        }
+
+        public static ContentInfo GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        private ContentInfo(
+            Asn1Sequence seq)
+        {
+            if (seq.Count < 1 || seq.Count > 2)
+                throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            contentType = (DerObjectIdentifier) seq[0];
+
+            if (seq.Count > 1)
+            {
+                Asn1TaggedObject tagged = (Asn1TaggedObject) seq[1];
+                if (!tagged.IsExplicit() || tagged.TagNo != 0)
+                    throw new ArgumentException("Bad tag for 'content'", "seq");
+
+                content = tagged.GetObject();
+            }
+        }
+
+        public ContentInfo(
+            DerObjectIdentifier	contentType,
+            Asn1Encodable		content)
+        {
+            this.contentType = contentType;
+            this.content = content;
+        }
+
+        public DerObjectIdentifier ContentType
+        {
+            get { return contentType; }
+        }
+
+        public Asn1Encodable Content
+        {
+            get { return content; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ContentInfo ::= Sequence {
+         *          contentType ContentType,
+         *          content
+         *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(contentType);
+
+            if (content != null)
+            {
+                v.Add(new BerTaggedObject(0, content));
+            }
+
+            return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/ContentInfoParser.cs b/bc-sharp-crypto/src/asn1/cms/ContentInfoParser.cs
new file mode 100644
index 0000000..541cc0f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/ContentInfoParser.cs
@@ -0,0 +1,40 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	* Produce an object suitable for an Asn1OutputStream.
+	* <pre>
+	* ContentInfo ::= SEQUENCE {
+	*          contentType ContentType,
+	*          content
+	*          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+	* </pre>
+	*/
+	public class ContentInfoParser
+	{
+		private DerObjectIdentifier		contentType;
+		private Asn1TaggedObjectParser	content;
+
+		public ContentInfoParser(
+			Asn1SequenceParser seq)
+		{
+			contentType = (DerObjectIdentifier)seq.ReadObject();
+			content = (Asn1TaggedObjectParser)seq.ReadObject();
+		}
+
+		public DerObjectIdentifier ContentType
+		{
+			get { return contentType; }
+		}
+
+		public IAsn1Convertible GetContent(
+			int tag)
+		{
+			if (content == null)
+				return null;
+
+			return content.GetObjectParser(tag, true);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfo.cs b/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfo.cs
new file mode 100644
index 0000000..999f2a0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfo.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class EncryptedContentInfo
+        : Asn1Encodable
+    {
+        private DerObjectIdentifier	contentType;
+        private AlgorithmIdentifier	contentEncryptionAlgorithm;
+        private Asn1OctetString		encryptedContent;
+
+		public EncryptedContentInfo(
+            DerObjectIdentifier	contentType,
+            AlgorithmIdentifier	contentEncryptionAlgorithm,
+            Asn1OctetString		encryptedContent)
+        {
+            this.contentType = contentType;
+            this.contentEncryptionAlgorithm = contentEncryptionAlgorithm;
+            this.encryptedContent = encryptedContent;
+        }
+
+		public EncryptedContentInfo(
+            Asn1Sequence seq)
+        {
+            contentType = (DerObjectIdentifier) seq[0];
+            contentEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+
+			if (seq.Count > 2)
+            {
+                encryptedContent = Asn1OctetString.GetInstance(
+					(Asn1TaggedObject) seq[2], false);
+            }
+        }
+
+		/**
+         * return an EncryptedContentInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static EncryptedContentInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is EncryptedContentInfo)
+                return (EncryptedContentInfo)obj;
+
+			if (obj is Asn1Sequence)
+                return new EncryptedContentInfo((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid EncryptedContentInfo: " + Platform.GetTypeName(obj));
+        }
+
+        public DerObjectIdentifier ContentType
+        {
+            get { return contentType; }
+        }
+
+		public AlgorithmIdentifier ContentEncryptionAlgorithm
+        {
+			get { return contentEncryptionAlgorithm; }
+        }
+
+		public Asn1OctetString EncryptedContent
+        {
+			get { return encryptedContent; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * EncryptedContentInfo ::= Sequence {
+         *     contentType ContentType,
+         *     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+         *     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				contentType, contentEncryptionAlgorithm);
+
+			if (encryptedContent != null)
+            {
+                v.Add(new BerTaggedObject(false, 0, encryptedContent));
+            }
+
+			return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfoParser.cs b/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfoParser.cs
new file mode 100644
index 0000000..af748b1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/EncryptedContentInfoParser.cs
@@ -0,0 +1,46 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	* <pre>
+	* EncryptedContentInfo ::= SEQUENCE {
+	*     contentType ContentType,
+	*     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+	*     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+	* }
+	* </pre>
+	*/
+	public class EncryptedContentInfoParser
+	{
+		private DerObjectIdentifier		_contentType;
+		private AlgorithmIdentifier		_contentEncryptionAlgorithm;
+		private Asn1TaggedObjectParser	_encryptedContent;
+
+		public EncryptedContentInfoParser(
+			Asn1SequenceParser seq)
+		{
+			_contentType = (DerObjectIdentifier)seq.ReadObject();
+			_contentEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq.ReadObject().ToAsn1Object());
+			_encryptedContent = (Asn1TaggedObjectParser)seq.ReadObject();
+		}
+
+		public DerObjectIdentifier ContentType
+		{
+			get { return _contentType; }
+		}
+
+		public AlgorithmIdentifier ContentEncryptionAlgorithm
+		{
+			get { return _contentEncryptionAlgorithm; }
+		}
+
+		public IAsn1Convertible GetEncryptedContent(
+			int tag)
+		{
+			return _encryptedContent.GetObjectParser(tag, false);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/EncryptedData.cs b/bc-sharp-crypto/src/asn1/cms/EncryptedData.cs
new file mode 100644
index 0000000..b8492d1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/EncryptedData.cs
@@ -0,0 +1,97 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class EncryptedData
+		: Asn1Encodable
+	{
+		private readonly DerInteger				version;
+		private readonly EncryptedContentInfo	encryptedContentInfo;
+		private readonly Asn1Set				unprotectedAttrs;
+
+		public static EncryptedData GetInstance(
+			object obj)
+		{
+			if (obj is EncryptedData)
+				return (EncryptedData) obj;
+
+			if (obj is Asn1Sequence)
+				return new EncryptedData((Asn1Sequence) obj);
+
+            throw new ArgumentException("Invalid EncryptedData: " + Platform.GetTypeName(obj));
+		}
+
+		public EncryptedData(
+			EncryptedContentInfo encInfo)
+			: this(encInfo, null)
+		{
+		}
+
+		public EncryptedData(
+			EncryptedContentInfo	encInfo,
+			Asn1Set					unprotectedAttrs)
+		{
+			if (encInfo == null)
+				throw new ArgumentNullException("encInfo");
+
+			this.version = new DerInteger((unprotectedAttrs == null) ? 0 : 2);
+			this.encryptedContentInfo = encInfo;
+			this.unprotectedAttrs = unprotectedAttrs;
+		}
+
+		private EncryptedData(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 2 || seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.version = DerInteger.GetInstance(seq[0]);
+			this.encryptedContentInfo = EncryptedContentInfo.GetInstance(seq[1]);
+
+			if (seq.Count > 2)
+			{
+                this.unprotectedAttrs = Asn1Set.GetInstance((Asn1TaggedObject)seq[2], false);
+            }
+		}
+
+		public virtual DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public virtual EncryptedContentInfo EncryptedContentInfo
+		{
+			get { return encryptedContentInfo; }
+		}
+
+		public virtual Asn1Set UnprotectedAttrs
+		{
+			get { return unprotectedAttrs; }
+		}
+
+		/**
+		* <pre>
+		*       EncryptedData ::= SEQUENCE {
+		*                     version CMSVersion,
+		*                     encryptedContentInfo EncryptedContentInfo,
+		*                     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
+		* </pre>
+		* @return a basic ASN.1 object representation.
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(version, encryptedContentInfo);
+
+			if (unprotectedAttrs != null)
+			{
+				v.Add(new BerTaggedObject(false, 1, unprotectedAttrs));
+			}
+
+			return new BerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/EnvelopedData.cs b/bc-sharp-crypto/src/asn1/cms/EnvelopedData.cs
new file mode 100644
index 0000000..09f291a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/EnvelopedData.cs
@@ -0,0 +1,176 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class EnvelopedData
+        : Asn1Encodable
+    {
+        private DerInteger				version;
+        private OriginatorInfo			originatorInfo;
+        private Asn1Set					recipientInfos;
+        private EncryptedContentInfo	encryptedContentInfo;
+        private Asn1Set					unprotectedAttrs;
+
+        public EnvelopedData(
+            OriginatorInfo			originatorInfo,
+            Asn1Set					recipientInfos,
+            EncryptedContentInfo	encryptedContentInfo,
+            Asn1Set					unprotectedAttrs)
+        {
+            this.version = new DerInteger(CalculateVersion(originatorInfo, recipientInfos, unprotectedAttrs));
+            this.originatorInfo = originatorInfo;
+            this.recipientInfos = recipientInfos;
+            this.encryptedContentInfo = encryptedContentInfo;
+            this.unprotectedAttrs = unprotectedAttrs;
+        }
+
+        public EnvelopedData(
+            OriginatorInfo originatorInfo,
+            Asn1Set recipientInfos,
+            EncryptedContentInfo encryptedContentInfo,
+            Attributes unprotectedAttrs)
+        {
+            this.version = new DerInteger(CalculateVersion(originatorInfo, recipientInfos, Asn1Set.GetInstance(unprotectedAttrs)));
+            this.originatorInfo = originatorInfo;
+            this.recipientInfos = recipientInfos;
+            this.encryptedContentInfo = encryptedContentInfo;
+            this.unprotectedAttrs = Asn1Set.GetInstance(unprotectedAttrs);
+        }
+
+        [Obsolete("Use 'GetInstance' instead")]
+        public EnvelopedData(
+            Asn1Sequence seq)
+        {
+            int index = 0;
+
+            version = (DerInteger) seq[index++];
+
+            object tmp = seq[index++];
+
+            if (tmp is Asn1TaggedObject)
+            {
+                originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject) tmp, false);
+                tmp = seq[index++];
+            }
+
+            recipientInfos = Asn1Set.GetInstance(tmp);
+            encryptedContentInfo = EncryptedContentInfo.GetInstance(seq[index++]);
+
+            if (seq.Count > index)
+            {
+                unprotectedAttrs = Asn1Set.GetInstance((Asn1TaggedObject) seq[index], false);
+            }
+        }
+
+        /**
+         * return an EnvelopedData object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static EnvelopedData GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        /**
+         * return an EnvelopedData object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static EnvelopedData GetInstance(
+            object obj)
+        {
+            if (obj is EnvelopedData)
+                return (EnvelopedData)obj;
+            if (obj == null)
+                return null;
+            return new EnvelopedData(Asn1Sequence.GetInstance(obj));
+        }
+
+        public DerInteger Version
+        {
+            get { return version; }
+        }
+
+        public OriginatorInfo OriginatorInfo
+        {
+            get { return originatorInfo; }
+        }
+
+        public Asn1Set RecipientInfos
+        {
+            get { return recipientInfos; }
+        }
+
+        public EncryptedContentInfo EncryptedContentInfo
+        {
+            get { return encryptedContentInfo; }
+        }
+
+        public Asn1Set UnprotectedAttrs
+        {
+            get { return unprotectedAttrs; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * EnvelopedData ::= Sequence {
+         *     version CMSVersion,
+         *     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+         *     recipientInfos RecipientInfos,
+         *     encryptedContentInfo EncryptedContentInfo,
+         *     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(version);
+
+            if (originatorInfo != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, originatorInfo));
+            }
+
+            v.Add(recipientInfos, encryptedContentInfo);
+
+            if (unprotectedAttrs != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, unprotectedAttrs));
+            }
+
+            return new BerSequence(v);
+        }
+
+        public static int CalculateVersion(OriginatorInfo originatorInfo, Asn1Set recipientInfos, Asn1Set unprotectedAttrs)
+        {
+            if (originatorInfo != null || unprotectedAttrs != null)
+            {
+                return 2;
+            }
+
+            foreach (object o in recipientInfos)
+            {
+                RecipientInfo ri = RecipientInfo.GetInstance(o);
+
+                if (ri.Version.Value.IntValue != 0)
+                {
+                    return 2;
+                }
+            }
+
+            return 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/EnvelopedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/EnvelopedDataParser.cs
new file mode 100644
index 0000000..5993537
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/EnvelopedDataParser.cs
@@ -0,0 +1,107 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	* Produce an object suitable for an Asn1OutputStream.
+	* <pre>
+	* EnvelopedData ::= SEQUENCE {
+	*     version CMSVersion,
+	*     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	*     recipientInfos RecipientInfos,
+	*     encryptedContentInfo EncryptedContentInfo,
+	*     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
+	* }
+	* </pre>
+	*/
+	public class EnvelopedDataParser
+	{
+		private Asn1SequenceParser	_seq;
+		private DerInteger			_version;
+		private IAsn1Convertible	_nextObject;
+		private bool				_originatorInfoCalled;
+
+		public EnvelopedDataParser(
+			Asn1SequenceParser seq)
+		{
+			this._seq = seq;
+			this._version = (DerInteger)seq.ReadObject();
+		}
+
+		public DerInteger Version
+		{
+			get { return _version; }
+		}
+
+		public OriginatorInfo GetOriginatorInfo() 
+		{
+			_originatorInfoCalled = true; 
+
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 0)
+			{
+				Asn1SequenceParser originatorInfo = (Asn1SequenceParser)
+					((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Sequence, false);
+				_nextObject = null;
+				return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object());
+			}
+
+			return null;
+		}
+
+		public Asn1SetParser GetRecipientInfos()
+		{
+			if (!_originatorInfoCalled)
+			{
+				GetOriginatorInfo();
+			}
+
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			Asn1SetParser recipientInfos = (Asn1SetParser)_nextObject;
+			_nextObject = null;
+			return recipientInfos;
+		}
+
+		public EncryptedContentInfoParser GetEncryptedContentInfo()
+		{
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			if (_nextObject != null)
+			{
+				Asn1SequenceParser o = (Asn1SequenceParser) _nextObject;
+				_nextObject = null;
+				return new EncryptedContentInfoParser(o);
+			}
+
+			return null;
+		}
+
+		public Asn1SetParser GetUnprotectedAttrs()
+		{
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			if (_nextObject != null)
+			{
+				IAsn1Convertible o = _nextObject;
+				_nextObject = null;
+				return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false);
+			}
+        
+			return null;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/Evidence.cs b/bc-sharp-crypto/src/asn1/cms/Evidence.cs
new file mode 100644
index 0000000..8374aed
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/Evidence.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class Evidence
+		: Asn1Encodable, IAsn1Choice
+	{
+		private TimeStampTokenEvidence tstEvidence;
+
+		public Evidence(TimeStampTokenEvidence tstEvidence)
+		{
+			this.tstEvidence = tstEvidence;
+		}
+
+		private Evidence(Asn1TaggedObject tagged)
+		{
+			if (tagged.TagNo == 0)
+			{
+				this.tstEvidence = TimeStampTokenEvidence.GetInstance(tagged, false);
+			}
+		}
+
+		public static Evidence GetInstance(object obj)
+		{
+			if (obj is Evidence)
+				return (Evidence)obj;
+
+			if (obj is Asn1TaggedObject)
+				return new Evidence(Asn1TaggedObject.GetInstance(obj));
+
+			throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public virtual TimeStampTokenEvidence TstEvidence
+		{
+			get { return tstEvidence; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			if (tstEvidence != null)
+				return new DerTaggedObject(false, 0, tstEvidence);
+
+			return null;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/IssuerAndSerialNumber.cs b/bc-sharp-crypto/src/asn1/cms/IssuerAndSerialNumber.cs
new file mode 100644
index 0000000..b509e7e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/IssuerAndSerialNumber.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class IssuerAndSerialNumber
+        : Asn1Encodable
+    {
+        private X509Name	name;
+        private DerInteger	serialNumber;
+
+        public static IssuerAndSerialNumber GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            IssuerAndSerialNumber existing = obj as IssuerAndSerialNumber;
+            if (existing != null)
+                return existing;
+            return new IssuerAndSerialNumber(Asn1Sequence.GetInstance(obj));
+        }
+
+        [Obsolete("Use GetInstance() instead")]
+        public IssuerAndSerialNumber(
+            Asn1Sequence seq)
+        {
+            this.name = X509Name.GetInstance(seq[0]);
+            this.serialNumber = (DerInteger) seq[1];
+        }
+
+        public IssuerAndSerialNumber(
+            X509Name	name,
+            BigInteger	serialNumber)
+        {
+            this.name = name;
+            this.serialNumber = new DerInteger(serialNumber);
+        }
+
+        public IssuerAndSerialNumber(
+            X509Name	name,
+            DerInteger	serialNumber)
+        {
+            this.name = name;
+            this.serialNumber = serialNumber;
+        }
+
+        public X509Name Name
+        {
+            get { return name; }
+        }
+
+        public DerInteger SerialNumber
+        {
+            get { return serialNumber; }
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(name, serialNumber);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/KEKIdentifier.cs b/bc-sharp-crypto/src/asn1/cms/KEKIdentifier.cs
new file mode 100644
index 0000000..a422174
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/KEKIdentifier.cs
@@ -0,0 +1,119 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class KekIdentifier
+        : Asn1Encodable
+    {
+        private Asn1OctetString		keyIdentifier;
+        private DerGeneralizedTime	date;
+        private OtherKeyAttribute	other;
+
+		public KekIdentifier(
+            byte[]              keyIdentifier,
+            DerGeneralizedTime  date,
+            OtherKeyAttribute   other)
+        {
+            this.keyIdentifier = new DerOctetString(keyIdentifier);
+            this.date = date;
+            this.other = other;
+        }
+
+		public KekIdentifier(
+            Asn1Sequence seq)
+        {
+            keyIdentifier = (Asn1OctetString) seq[0];
+
+			switch (seq.Count)
+            {
+            case 1:
+				break;
+            case 2:
+				if (seq[1] is DerGeneralizedTime)
+				{
+					date = (DerGeneralizedTime) seq[1];
+				}
+				else
+				{
+					other = OtherKeyAttribute.GetInstance(seq[2]);
+				}
+				break;
+            case 3:
+				date  = (DerGeneralizedTime) seq[1];
+				other = OtherKeyAttribute.GetInstance(seq[2]);
+				break;
+            default:
+				throw new ArgumentException("Invalid KekIdentifier");
+            }
+        }
+
+		/**
+         * return a KekIdentifier object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static KekIdentifier GetInstance(
+            Asn1TaggedObject obj,
+            bool explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        /**
+         * return a KekIdentifier object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static KekIdentifier GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is KekIdentifier)
+                return (KekIdentifier)obj;
+
+			if (obj is Asn1Sequence)
+                return new KekIdentifier((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid KekIdentifier: " + Platform.GetTypeName(obj));
+        }
+
+		public Asn1OctetString KeyIdentifier
+		{
+			get { return keyIdentifier; }
+		}
+
+		public DerGeneralizedTime Date
+		{
+			get { return date; }
+		}
+
+		public OtherKeyAttribute Other
+		{
+			get { return other; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * KekIdentifier ::= Sequence {
+         *     keyIdentifier OCTET STRING,
+         *     date GeneralizedTime OPTIONAL,
+         *     other OtherKeyAttribute OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(keyIdentifier);
+			v.AddOptional(date, other);
+			return new DerSequence(v);
+        }
+    }
+}
+
diff --git a/bc-sharp-crypto/src/asn1/cms/KEKRecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/KEKRecipientInfo.cs
new file mode 100644
index 0000000..810e7fc
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/KEKRecipientInfo.cs
@@ -0,0 +1,106 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class KekRecipientInfo
+        : Asn1Encodable
+    {
+        private DerInteger			version;
+        private KekIdentifier       kekID;
+        private AlgorithmIdentifier keyEncryptionAlgorithm;
+        private Asn1OctetString     encryptedKey;
+
+		public KekRecipientInfo(
+            KekIdentifier       kekID,
+            AlgorithmIdentifier keyEncryptionAlgorithm,
+            Asn1OctetString     encryptedKey)
+        {
+            this.version = new DerInteger(4);
+            this.kekID = kekID;
+            this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
+            this.encryptedKey = encryptedKey;
+        }
+
+		public KekRecipientInfo(
+            Asn1Sequence seq)
+        {
+            version = (DerInteger) seq[0];
+            kekID = KekIdentifier.GetInstance(seq[1]);
+            keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]);
+            encryptedKey = (Asn1OctetString) seq[3];
+        }
+
+		/**
+         * return a KekRecipientInfo object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static KekRecipientInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        /**
+         * return a KekRecipientInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static KekRecipientInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is KekRecipientInfo)
+                return (KekRecipientInfo)obj;
+
+			if(obj is Asn1Sequence)
+                return new KekRecipientInfo((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid KekRecipientInfo: " + Platform.GetTypeName(obj));
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public KekIdentifier KekID
+		{
+			get { return kekID; }
+		}
+
+		public AlgorithmIdentifier KeyEncryptionAlgorithm
+		{
+			get { return keyEncryptionAlgorithm; }
+		}
+
+		public Asn1OctetString EncryptedKey
+		{
+			get { return encryptedKey; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * KekRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 4
+         *     kekID KekIdentifier,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     encryptedKey EncryptedKey
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(version, kekID, keyEncryptionAlgorithm, encryptedKey);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs b/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs
new file mode 100644
index 0000000..0256c2d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class KeyAgreeRecipientIdentifier
+		: Asn1Encodable, IAsn1Choice
+	{
+		/**
+		 * return an KeyAgreeRecipientIdentifier object from a tagged object.
+		 *
+		 * @param obj the tagged object holding the object we want.
+		 * @param isExplicit true if the object is meant to be explicitly
+		 *              tagged false otherwise.
+		 * @exception ArgumentException if the object held by the
+		 *          tagged object cannot be converted.
+		 */
+		public static KeyAgreeRecipientIdentifier GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+    
+		/**
+		 * return an KeyAgreeRecipientIdentifier object from the given object.
+		 *
+		 * @param obj the object we want converted.
+		 * @exception ArgumentException if the object cannot be converted.
+		 */
+		public static KeyAgreeRecipientIdentifier GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is KeyAgreeRecipientIdentifier)
+				return (KeyAgreeRecipientIdentifier)obj;
+
+			if (obj is Asn1Sequence)
+				return new KeyAgreeRecipientIdentifier(IssuerAndSerialNumber.GetInstance(obj));
+
+			if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 0)
+			{
+				return new KeyAgreeRecipientIdentifier(RecipientKeyIdentifier.GetInstance(
+					(Asn1TaggedObject)obj, false));
+			}
+
+			throw new ArgumentException("Invalid KeyAgreeRecipientIdentifier: " + Platform.GetTypeName(obj), "obj");
+		} 
+
+		private readonly IssuerAndSerialNumber issuerSerial;
+		private readonly RecipientKeyIdentifier rKeyID;
+
+		public KeyAgreeRecipientIdentifier(
+			IssuerAndSerialNumber issuerSerial)
+		{
+			this.issuerSerial = issuerSerial;
+		}
+
+		public KeyAgreeRecipientIdentifier(
+			RecipientKeyIdentifier rKeyID)
+		{
+			this.rKeyID = rKeyID;
+		}
+
+		public IssuerAndSerialNumber IssuerAndSerialNumber
+		{
+			get { return issuerSerial; }
+		}
+
+		public RecipientKeyIdentifier RKeyID
+		{
+			get { return rKeyID; }
+		}
+
+		/** 
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * <pre>
+		 * KeyAgreeRecipientIdentifier ::= CHOICE {
+		 *     issuerAndSerialNumber IssuerAndSerialNumber,
+		 *     rKeyId [0] IMPLICIT RecipientKeyIdentifier
+		 * }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			if (issuerSerial != null)
+			{
+				return issuerSerial.ToAsn1Object();
+			}
+
+			return new DerTaggedObject(false, 0, rKeyID);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs
new file mode 100644
index 0000000..62a3892
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs
@@ -0,0 +1,141 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class KeyAgreeRecipientInfo
+        : Asn1Encodable
+    {
+        private DerInteger                  version;
+        private OriginatorIdentifierOrKey   originator;
+        private Asn1OctetString             ukm;
+        private AlgorithmIdentifier         keyEncryptionAlgorithm;
+        private Asn1Sequence                recipientEncryptedKeys;
+
+		public KeyAgreeRecipientInfo(
+            OriginatorIdentifierOrKey   originator,
+            Asn1OctetString             ukm,
+            AlgorithmIdentifier         keyEncryptionAlgorithm,
+            Asn1Sequence                recipientEncryptedKeys)
+        {
+            this.version = new DerInteger(3);
+            this.originator = originator;
+            this.ukm = ukm;
+            this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
+            this.recipientEncryptedKeys = recipientEncryptedKeys;
+        }
+
+		public KeyAgreeRecipientInfo(
+            Asn1Sequence seq)
+        {
+            int index = 0;
+
+            version = (DerInteger) seq[index++];
+            originator = OriginatorIdentifierOrKey.GetInstance(
+				(Asn1TaggedObject) seq[index++], true);
+
+			if (seq[index] is Asn1TaggedObject)
+            {
+                ukm = Asn1OctetString.GetInstance(
+					(Asn1TaggedObject) seq[index++], true);
+            }
+
+			keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(
+				seq[index++]);
+
+			recipientEncryptedKeys = (Asn1Sequence) seq[index++];
+        }
+
+		/**
+         * return a KeyAgreeRecipientInfo object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static KeyAgreeRecipientInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		/**
+         * return a KeyAgreeRecipientInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static KeyAgreeRecipientInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is KeyAgreeRecipientInfo)
+                return (KeyAgreeRecipientInfo)obj;
+
+			if (obj is Asn1Sequence)
+                return new KeyAgreeRecipientInfo((Asn1Sequence)obj);
+
+			throw new ArgumentException(
+                "Illegal object in KeyAgreeRecipientInfo: " + Platform.GetTypeName(obj));
+
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public OriginatorIdentifierOrKey Originator
+		{
+			get { return originator; }
+		}
+
+		public Asn1OctetString UserKeyingMaterial
+		{
+			get { return ukm; }
+		}
+
+		public AlgorithmIdentifier KeyEncryptionAlgorithm
+		{
+			get { return keyEncryptionAlgorithm; }
+		}
+
+		public Asn1Sequence RecipientEncryptedKeys
+		{
+			get { return recipientEncryptedKeys; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * KeyAgreeRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 3
+         *     originator [0] EXPLICIT OriginatorIdentifierOrKey,
+         *     ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     recipientEncryptedKeys RecipientEncryptedKeys
+         * }
+		 *
+		 * UserKeyingMaterial ::= OCTET STRING
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				version, new DerTaggedObject(true, 0, originator));
+
+			if (ukm != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, ukm));
+            }
+
+			v.Add(keyEncryptionAlgorithm, recipientEncryptedKeys);
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/KeyTransRecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/KeyTransRecipientInfo.cs
new file mode 100644
index 0000000..5e4fd22
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/KeyTransRecipientInfo.cs
@@ -0,0 +1,99 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class KeyTransRecipientInfo
+        : Asn1Encodable
+    {
+        private DerInteger          version;
+        private RecipientIdentifier rid;
+        private AlgorithmIdentifier keyEncryptionAlgorithm;
+        private Asn1OctetString     encryptedKey;
+
+		public KeyTransRecipientInfo(
+            RecipientIdentifier rid,
+            AlgorithmIdentifier keyEncryptionAlgorithm,
+            Asn1OctetString     encryptedKey)
+        {
+            if (rid.ToAsn1Object() is Asn1TaggedObject)
+            {
+                this.version = new DerInteger(2);
+            }
+            else
+            {
+                this.version = new DerInteger(0);
+            }
+
+			this.rid = rid;
+            this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
+            this.encryptedKey = encryptedKey;
+        }
+
+		public KeyTransRecipientInfo(
+            Asn1Sequence seq)
+        {
+            this.version = (DerInteger) seq[0];
+            this.rid = RecipientIdentifier.GetInstance(seq[1]);
+            this.keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]);
+            this.encryptedKey = (Asn1OctetString) seq[3];
+        }
+
+		/**
+         * return a KeyTransRecipientInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static KeyTransRecipientInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is KeyTransRecipientInfo)
+                return (KeyTransRecipientInfo) obj;
+
+			if(obj is Asn1Sequence)
+                return new KeyTransRecipientInfo((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+                "Illegal object in KeyTransRecipientInfo: " + Platform.GetTypeName(obj));
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public RecipientIdentifier RecipientIdentifier
+		{
+			get { return rid; }
+		}
+
+		public AlgorithmIdentifier KeyEncryptionAlgorithm
+		{
+			get { return keyEncryptionAlgorithm; }
+		}
+
+		public Asn1OctetString EncryptedKey
+		{
+			get { return encryptedKey; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * KeyTransRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 0 or 2
+         *     rid RecipientIdentifier,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     encryptedKey EncryptedKey
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(version, rid, keyEncryptionAlgorithm, encryptedKey);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/MetaData.cs b/bc-sharp-crypto/src/asn1/cms/MetaData.cs
new file mode 100644
index 0000000..ad2b5c4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/MetaData.cs
@@ -0,0 +1,94 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class MetaData
+		: Asn1Encodable
+	{
+		private DerBoolean hashProtected;
+		private DerUtf8String fileName;
+		private DerIA5String  mediaType;
+		private Attributes otherMetaData;
+
+		public MetaData(
+			DerBoolean		hashProtected,
+			DerUtf8String	fileName,
+			DerIA5String	mediaType,
+			Attributes		otherMetaData)
+		{
+			this.hashProtected = hashProtected;
+			this.fileName = fileName;
+			this.mediaType = mediaType;
+			this.otherMetaData = otherMetaData;
+		}
+
+		private MetaData(Asn1Sequence seq)
+		{
+			this.hashProtected = DerBoolean.GetInstance(seq[0]);
+
+			int index = 1;
+
+			if (index < seq.Count && seq[index] is DerUtf8String)
+			{
+				this.fileName = DerUtf8String.GetInstance(seq[index++]);
+			}
+			if (index < seq.Count && seq[index] is DerIA5String)
+			{
+				this.mediaType = DerIA5String.GetInstance(seq[index++]);
+			}
+			if (index < seq.Count)
+			{
+				this.otherMetaData = Attributes.GetInstance(seq[index++]);
+			}
+		}
+
+		public static MetaData GetInstance(object obj)
+		{
+			if (obj is MetaData)
+				return (MetaData)obj;
+
+			if (obj != null)
+				return new MetaData(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		/**
+		 * <pre>
+		 * MetaData ::= SEQUENCE {
+		 *   hashProtected        BOOLEAN,
+		 *   fileName             UTF8String OPTIONAL,
+		 *   mediaType            IA5String OPTIONAL,
+		 *   otherMetaData        Attributes OPTIONAL
+		 * }
+		 * </pre>
+		 * @return
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(hashProtected);
+			v.AddOptional(fileName, mediaType, otherMetaData);
+			return new DerSequence(v);
+		}
+
+		public virtual bool IsHashProtected
+		{
+			get { return hashProtected.IsTrue; }
+		}
+
+		public virtual DerUtf8String FileName
+		{
+			get { return fileName; }
+		}
+
+		public virtual DerIA5String MediaType
+		{
+			get { return mediaType; }
+		}
+
+		public virtual Attributes OtherMetaData
+		{
+			get { return otherMetaData; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs b/bc-sharp-crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs
new file mode 100644
index 0000000..f197fe9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs
@@ -0,0 +1,168 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OriginatorIdentifierOrKey
+        : Asn1Encodable, IAsn1Choice
+    {
+        private Asn1Encodable id;
+
+        public OriginatorIdentifierOrKey(
+            IssuerAndSerialNumber id)
+        {
+            this.id = id;
+        }
+
+		[Obsolete("Use version taking a 'SubjectKeyIdentifier'")]
+        public OriginatorIdentifierOrKey(
+            Asn1OctetString id)
+			: this(new SubjectKeyIdentifier(id))
+        {
+        }
+
+        public OriginatorIdentifierOrKey(
+            SubjectKeyIdentifier id)
+        {
+            this.id = new DerTaggedObject(false, 0, id);
+        }
+
+        public OriginatorIdentifierOrKey(
+            OriginatorPublicKey id)
+        {
+            this.id = new DerTaggedObject(false, 1, id);
+        }
+
+		[Obsolete("Use more specific version")]
+        public OriginatorIdentifierOrKey(
+            Asn1Object id)
+        {
+            this.id = id;
+        }
+
+		private OriginatorIdentifierOrKey(
+			Asn1TaggedObject id)
+		{
+			// TODO Add validation
+			this.id = id;
+		}
+
+		/**
+         * return an OriginatorIdentifierOrKey object from a tagged object.
+         *
+         * @param o the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static OriginatorIdentifierOrKey GetInstance(
+            Asn1TaggedObject	o,
+            bool				explicitly)
+        {
+            if (!explicitly)
+            {
+                throw new ArgumentException(
+                        "Can't implicitly tag OriginatorIdentifierOrKey");
+            }
+
+			return GetInstance(o.GetObject());
+        }
+
+        /**
+         * return an OriginatorIdentifierOrKey object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static OriginatorIdentifierOrKey GetInstance(
+            object o)
+        {
+            if (o == null || o is OriginatorIdentifierOrKey)
+                return (OriginatorIdentifierOrKey)o;
+
+			if (o is IssuerAndSerialNumber)
+				return new OriginatorIdentifierOrKey((IssuerAndSerialNumber)o);
+
+			if (o is SubjectKeyIdentifier)
+				return new OriginatorIdentifierOrKey((SubjectKeyIdentifier)o);
+
+			if (o is OriginatorPublicKey)
+				return new OriginatorIdentifierOrKey((OriginatorPublicKey)o);
+
+			if (o is Asn1TaggedObject)
+				return new OriginatorIdentifierOrKey((Asn1TaggedObject)o);
+
+            throw new ArgumentException("Invalid OriginatorIdentifierOrKey: " + Platform.GetTypeName(o));
+        }
+
+		public Asn1Encodable ID
+		{
+			get { return id; }
+		}
+
+		public IssuerAndSerialNumber IssuerAndSerialNumber
+		{
+			get
+			{
+				if (id is IssuerAndSerialNumber)
+				{
+					return (IssuerAndSerialNumber)id;
+				}
+
+				return null;
+			}
+		}
+
+		public SubjectKeyIdentifier SubjectKeyIdentifier
+		{
+			get
+			{
+				if (id is Asn1TaggedObject && ((Asn1TaggedObject)id).TagNo == 0)
+				{
+					return SubjectKeyIdentifier.GetInstance((Asn1TaggedObject)id, false);
+				}
+
+				return null;
+			}
+		}
+
+		[Obsolete("Use 'OriginatorPublicKey' property")]
+		public OriginatorPublicKey OriginatorKey
+		{
+			get { return OriginatorPublicKey; }
+		}
+
+		public OriginatorPublicKey OriginatorPublicKey
+		{
+			get
+			{
+				if (id is Asn1TaggedObject && ((Asn1TaggedObject)id).TagNo == 1)
+				{
+					return OriginatorPublicKey.GetInstance((Asn1TaggedObject)id, false);
+				}
+
+				return null;
+			}
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OriginatorIdentifierOrKey ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier,
+         *     originatorKey [1] OriginatorPublicKey
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return id.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OriginatorInfo.cs b/bc-sharp-crypto/src/asn1/cms/OriginatorInfo.cs
new file mode 100644
index 0000000..33b049e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OriginatorInfo.cs
@@ -0,0 +1,121 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OriginatorInfo
+        : Asn1Encodable
+    {
+        private Asn1Set certs;
+        private Asn1Set crls;
+
+        public OriginatorInfo(
+            Asn1Set certs,
+            Asn1Set crls)
+        {
+            this.certs = certs;
+            this.crls = crls;
+        }
+
+		public OriginatorInfo(
+            Asn1Sequence seq)
+        {
+            switch (seq.Count)
+            {
+            case 0:     // empty
+                break;
+            case 1:
+                Asn1TaggedObject o = (Asn1TaggedObject) seq[0];
+                switch (o.TagNo)
+                {
+                case 0 :
+                    certs = Asn1Set.GetInstance(o, false);
+                    break;
+                case 1 :
+                    crls = Asn1Set.GetInstance(o, false);
+                    break;
+                default:
+                    throw new ArgumentException("Bad tag in OriginatorInfo: " + o.TagNo);
+                }
+                break;
+            case 2:
+                certs = Asn1Set.GetInstance((Asn1TaggedObject) seq[0], false);
+                crls  = Asn1Set.GetInstance((Asn1TaggedObject) seq[1], false);
+                break;
+            default:
+                throw new ArgumentException("OriginatorInfo too big");
+            }
+        }
+
+		/**
+         * return an OriginatorInfo object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static OriginatorInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		/**
+         * return an OriginatorInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static OriginatorInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is OriginatorInfo)
+                return (OriginatorInfo)obj;
+
+			if (obj is Asn1Sequence)
+                return new OriginatorInfo((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid OriginatorInfo: " + Platform.GetTypeName(obj));
+        }
+
+		public Asn1Set Certificates
+		{
+			get { return certs; }
+		}
+
+		public Asn1Set Crls
+		{
+			get { return crls; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OriginatorInfo ::= Sequence {
+         *     certs [0] IMPLICIT CertificateSet OPTIONAL,
+         *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (certs != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, certs));
+            }
+
+			if (crls != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, crls));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OriginatorPublicKey.cs b/bc-sharp-crypto/src/asn1/cms/OriginatorPublicKey.cs
new file mode 100644
index 0000000..9f29c62
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OriginatorPublicKey.cs
@@ -0,0 +1,88 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OriginatorPublicKey
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier mAlgorithm;
+        private readonly DerBitString        mPublicKey;
+
+        public OriginatorPublicKey(
+            AlgorithmIdentifier algorithm,
+            byte[]              publicKey)
+        {
+            this.mAlgorithm = algorithm;
+            this.mPublicKey = new DerBitString(publicKey);
+        }
+
+        [Obsolete("Use 'GetInstance' instead")]
+		public OriginatorPublicKey(
+            Asn1Sequence seq)
+        {
+            this.mAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+            this.mPublicKey = DerBitString.GetInstance(seq[1]);
+        }
+
+		/**
+         * return an OriginatorPublicKey object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static OriginatorPublicKey GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		/**
+         * return an OriginatorPublicKey object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static OriginatorPublicKey GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is OriginatorPublicKey)
+                return (OriginatorPublicKey)obj;
+
+			if (obj is Asn1Sequence)
+                return new OriginatorPublicKey(Asn1Sequence.GetInstance(obj));
+
+            throw new ArgumentException("Invalid OriginatorPublicKey: " + Platform.GetTypeName(obj));
+        }
+
+		public AlgorithmIdentifier Algorithm
+		{
+			get { return mAlgorithm; }
+		}
+
+		public DerBitString PublicKey
+		{
+			get { return mPublicKey; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OriginatorPublicKey ::= Sequence {
+         *     algorithm AlgorithmIdentifier,
+         *     publicKey BIT STRING
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(mAlgorithm, mPublicKey);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OtherKeyAttribute.cs b/bc-sharp-crypto/src/asn1/cms/OtherKeyAttribute.cs
new file mode 100644
index 0000000..285c881
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OtherKeyAttribute.cs
@@ -0,0 +1,70 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OtherKeyAttribute
+        : Asn1Encodable
+    {
+        private DerObjectIdentifier	keyAttrId;
+        private Asn1Encodable		keyAttr;
+
+		/**
+         * return an OtherKeyAttribute object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static OtherKeyAttribute GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is OtherKeyAttribute)
+                return (OtherKeyAttribute) obj;
+
+			if (obj is Asn1Sequence)
+                return new OtherKeyAttribute((Asn1Sequence) obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public OtherKeyAttribute(
+            Asn1Sequence seq)
+        {
+            keyAttrId = (DerObjectIdentifier) seq[0];
+            keyAttr = seq[1];
+        }
+
+		public OtherKeyAttribute(
+            DerObjectIdentifier	keyAttrId,
+            Asn1Encodable		keyAttr)
+        {
+            this.keyAttrId = keyAttrId;
+            this.keyAttr = keyAttr;
+        }
+
+		public DerObjectIdentifier KeyAttrId
+		{
+			get { return keyAttrId; }
+		}
+
+		public Asn1Encodable KeyAttr
+		{
+			get { return keyAttr; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OtherKeyAttribute ::= Sequence {
+         *     keyAttrId OBJECT IDENTIFIER,
+         *     keyAttr ANY DEFINED BY keyAttrId OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(keyAttrId, keyAttr);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OtherRecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/OtherRecipientInfo.cs
new file mode 100644
index 0000000..80dd68e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OtherRecipientInfo.cs
@@ -0,0 +1,83 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OtherRecipientInfo
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier oriType;
+        private readonly Asn1Encodable oriValue;
+
+        public OtherRecipientInfo(
+            DerObjectIdentifier	oriType,
+            Asn1Encodable		oriValue)
+        {
+            this.oriType = oriType;
+            this.oriValue = oriValue;
+        }
+
+        [Obsolete("Use GetInstance() instead")]
+        public OtherRecipientInfo(
+            Asn1Sequence seq)
+        {
+            oriType = DerObjectIdentifier.GetInstance(seq[0]);
+            oriValue = seq[1];
+        }
+
+        /**
+         * return a OtherRecipientInfo object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static OtherRecipientInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        /**
+         * return a OtherRecipientInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static OtherRecipientInfo GetInstance(
+            object obj)
+        {
+            if (obj == null)
+                return null;
+            OtherRecipientInfo existing = obj as OtherRecipientInfo;
+            if (existing != null)
+                return existing;
+            return new OtherRecipientInfo(Asn1Sequence.GetInstance(obj));
+        }
+
+        public virtual DerObjectIdentifier OriType
+        {
+            get { return oriType; }
+        }
+
+        public virtual Asn1Encodable OriValue
+        {
+            get { return oriValue; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OtherRecipientInfo ::= Sequence {
+         *    oriType OBJECT IDENTIFIER,
+         *    oriValue ANY DEFINED BY oriType }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(oriType, oriValue);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/OtherRevocationInfoFormat.cs b/bc-sharp-crypto/src/asn1/cms/OtherRevocationInfoFormat.cs
new file mode 100644
index 0000000..7835489
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/OtherRevocationInfoFormat.cs
@@ -0,0 +1,77 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class OtherRevocationInfoFormat
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier otherRevInfoFormat;
+        private readonly Asn1Encodable otherRevInfo;
+
+        public OtherRevocationInfoFormat(
+            DerObjectIdentifier otherRevInfoFormat,
+            Asn1Encodable otherRevInfo)
+        {
+            this.otherRevInfoFormat = otherRevInfoFormat;
+            this.otherRevInfo = otherRevInfo;
+        }
+
+        private OtherRevocationInfoFormat(Asn1Sequence seq)
+        {
+            otherRevInfoFormat = DerObjectIdentifier.GetInstance(seq[0]);
+            otherRevInfo = seq[1];
+        }
+
+        /**
+         * return a OtherRevocationInfoFormat object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicit true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception IllegalArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static OtherRevocationInfoFormat GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        /**
+         * return a OtherRevocationInfoFormat object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception IllegalArgumentException if the object cannot be converted.
+         */
+        public static OtherRevocationInfoFormat GetInstance(object obj)
+        {
+            if (obj is OtherRevocationInfoFormat)
+                return (OtherRevocationInfoFormat)obj;
+            if (obj != null)
+                return new OtherRevocationInfoFormat(Asn1Sequence.GetInstance(obj));
+            return null;
+        }
+
+        public virtual DerObjectIdentifier InfoFormat
+        {
+            get { return otherRevInfoFormat; }
+        }
+
+        public virtual Asn1Encodable Info
+        {
+            get { return otherRevInfo; }
+        }
+
+        /** 
+         * Produce an object suitable for an ASN1OutputStream.
+         * <pre>
+         * OtherRevocationInfoFormat ::= SEQUENCE {
+         *      otherRevInfoFormat OBJECT IDENTIFIER,
+         *      otherRevInfo ANY DEFINED BY otherRevInfoFormat }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(otherRevInfoFormat, otherRevInfo);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/PasswordRecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/PasswordRecipientInfo.cs
new file mode 100644
index 0000000..7f275fd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/PasswordRecipientInfo.cs
@@ -0,0 +1,133 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class PasswordRecipientInfo
+        : Asn1Encodable
+    {
+        private readonly DerInteger				version;
+        private readonly AlgorithmIdentifier	keyDerivationAlgorithm;
+        private readonly AlgorithmIdentifier	keyEncryptionAlgorithm;
+        private readonly Asn1OctetString		encryptedKey;
+
+		public PasswordRecipientInfo(
+            AlgorithmIdentifier	keyEncryptionAlgorithm,
+            Asn1OctetString		encryptedKey)
+        {
+            this.version = new DerInteger(0);
+            this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
+            this.encryptedKey = encryptedKey;
+        }
+
+		public PasswordRecipientInfo(
+			AlgorithmIdentifier	keyDerivationAlgorithm,
+			AlgorithmIdentifier	keyEncryptionAlgorithm,
+			Asn1OctetString		encryptedKey)
+		{
+			this.version = new DerInteger(0);
+			this.keyDerivationAlgorithm = keyDerivationAlgorithm;
+			this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
+			this.encryptedKey = encryptedKey;
+		}
+
+		public PasswordRecipientInfo(
+            Asn1Sequence seq)
+        {
+            version = (DerInteger) seq[0];
+
+			if (seq[1] is Asn1TaggedObject)
+            {
+                keyDerivationAlgorithm = AlgorithmIdentifier.GetInstance((Asn1TaggedObject) seq[1], false);
+                keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]);
+                encryptedKey = (Asn1OctetString) seq[3];
+            }
+            else
+            {
+                keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+                encryptedKey = (Asn1OctetString) seq[2];
+            }
+        }
+
+		/**
+         * return a PasswordRecipientInfo object from a tagged object.
+         *
+         * @param obj the tagged object holding the object we want.
+         * @param explicitly true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static PasswordRecipientInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		/**
+         * return a PasswordRecipientInfo object from the given object.
+         *
+         * @param obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static PasswordRecipientInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is PasswordRecipientInfo)
+                return (PasswordRecipientInfo) obj;
+
+			if (obj is Asn1Sequence)
+                return new PasswordRecipientInfo((Asn1Sequence) obj);
+
+            throw new ArgumentException("Invalid PasswordRecipientInfo: " + Platform.GetTypeName(obj));
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public AlgorithmIdentifier KeyDerivationAlgorithm
+		{
+			get { return keyDerivationAlgorithm; }
+		}
+
+		public AlgorithmIdentifier KeyEncryptionAlgorithm
+		{
+			get { return keyEncryptionAlgorithm; }
+		}
+
+		public Asn1OctetString EncryptedKey
+		{
+			get { return encryptedKey; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * PasswordRecipientInfo ::= Sequence {
+         *   version CMSVersion,   -- Always set to 0
+         *   keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier
+         *                             OPTIONAL,
+         *  keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *  encryptedKey EncryptedKey }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(version);
+
+			if (keyDerivationAlgorithm != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, keyDerivationAlgorithm));
+            }
+
+			v.Add(keyEncryptionAlgorithm, encryptedKey);
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/RecipientEncryptedKey.cs b/bc-sharp-crypto/src/asn1/cms/RecipientEncryptedKey.cs
new file mode 100644
index 0000000..1afba4a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/RecipientEncryptedKey.cs
@@ -0,0 +1,90 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class RecipientEncryptedKey
+		: Asn1Encodable
+	{
+		private readonly KeyAgreeRecipientIdentifier identifier;
+		private readonly Asn1OctetString encryptedKey;
+
+		private RecipientEncryptedKey(
+			Asn1Sequence seq)
+		{
+			identifier = KeyAgreeRecipientIdentifier.GetInstance(seq[0]);
+			encryptedKey = (Asn1OctetString) seq[1];
+		}
+
+		/**
+		 * return an RecipientEncryptedKey object from a tagged object.
+		 *
+		 * @param obj the tagged object holding the object we want.
+		 * @param isExplicit true if the object is meant to be explicitly
+		 *              tagged false otherwise.
+		 * @exception ArgumentException if the object held by the
+		 *          tagged object cannot be converted.
+		 */
+		public static RecipientEncryptedKey GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		/**
+		 * return a RecipientEncryptedKey object from the given object.
+		 *
+		 * @param obj the object we want converted.
+		 * @exception ArgumentException if the object cannot be converted.
+		 */
+		public static RecipientEncryptedKey GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is RecipientEncryptedKey)
+			{
+				return (RecipientEncryptedKey) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new RecipientEncryptedKey((Asn1Sequence) obj);
+			}
+
+			throw new ArgumentException("Invalid RecipientEncryptedKey: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public RecipientEncryptedKey(
+			KeyAgreeRecipientIdentifier	id,
+			Asn1OctetString				encryptedKey)
+		{
+			this.identifier = id;
+			this.encryptedKey = encryptedKey;
+		}
+
+		public KeyAgreeRecipientIdentifier Identifier
+		{
+			get { return identifier; }
+		}
+
+		public Asn1OctetString EncryptedKey
+		{
+			get { return encryptedKey; }
+		}
+
+		/** 
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * <pre>
+		 * RecipientEncryptedKey ::= SEQUENCE {
+		 *     rid KeyAgreeRecipientIdentifier,
+		 *     encryptedKey EncryptedKey
+		 * }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(identifier, encryptedKey);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/RecipientIdentifier.cs b/bc-sharp-crypto/src/asn1/cms/RecipientIdentifier.cs
new file mode 100644
index 0000000..f29fa8d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/RecipientIdentifier.cs
@@ -0,0 +1,89 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class RecipientIdentifier
+        : Asn1Encodable, IAsn1Choice
+    {
+        private Asn1Encodable id;
+
+		public RecipientIdentifier(
+            IssuerAndSerialNumber id)
+        {
+            this.id = id;
+        }
+
+		public RecipientIdentifier(
+            Asn1OctetString id)
+        {
+            this.id = new DerTaggedObject(false, 0, id);
+        }
+
+		public RecipientIdentifier(
+            Asn1Object id)
+        {
+            this.id = id;
+        }
+
+		/**
+         * return a RecipientIdentifier object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static RecipientIdentifier GetInstance(
+            object o)
+        {
+            if (o == null || o is RecipientIdentifier)
+                return (RecipientIdentifier)o;
+
+			if (o is IssuerAndSerialNumber)
+                return new RecipientIdentifier((IssuerAndSerialNumber) o);
+
+			if (o is Asn1OctetString)
+                return new RecipientIdentifier((Asn1OctetString) o);
+
+			if (o is Asn1Object)
+                return new RecipientIdentifier((Asn1Object) o);
+
+			throw new ArgumentException(
+              "Illegal object in RecipientIdentifier: " + Platform.GetTypeName(o));
+        }
+
+		public bool IsTagged
+		{
+			get { return (id is Asn1TaggedObject); }
+		}
+
+		public Asn1Encodable ID
+        {
+            get
+            {
+                if (id is Asn1TaggedObject)
+                {
+                    return Asn1OctetString.GetInstance((Asn1TaggedObject) id, false);
+                }
+
+				return IssuerAndSerialNumber.GetInstance(id);
+            }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * RecipientIdentifier ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return id.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/RecipientInfo.cs b/bc-sharp-crypto/src/asn1/cms/RecipientInfo.cs
new file mode 100644
index 0000000..c03ad90
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/RecipientInfo.cs
@@ -0,0 +1,145 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class RecipientInfo
+        : Asn1Encodable, IAsn1Choice
+    {
+        internal Asn1Encodable info;
+
+		public RecipientInfo(
+            KeyTransRecipientInfo info)
+        {
+            this.info = info;
+        }
+
+		public RecipientInfo(
+            KeyAgreeRecipientInfo info)
+        {
+            this.info = new DerTaggedObject(false, 1, info);
+        }
+
+		public RecipientInfo(
+            KekRecipientInfo info)
+        {
+            this.info = new DerTaggedObject(false, 2, info);
+        }
+
+		public RecipientInfo(
+            PasswordRecipientInfo info)
+        {
+            this.info = new DerTaggedObject(false, 3, info);
+        }
+
+		public RecipientInfo(
+            OtherRecipientInfo info)
+        {
+            this.info = new DerTaggedObject(false, 4, info);
+        }
+
+		public RecipientInfo(
+            Asn1Object   info)
+        {
+            this.info = info;
+        }
+
+		public static RecipientInfo GetInstance(
+            object o)
+        {
+            if (o == null || o is RecipientInfo)
+                return (RecipientInfo) o;
+
+			if (o is Asn1Sequence)
+                return new RecipientInfo((Asn1Sequence) o);
+
+			if (o is Asn1TaggedObject)
+                return new RecipientInfo((Asn1TaggedObject) o);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(o));
+        }
+
+		public DerInteger Version
+        {
+			get
+			{
+				if (info is Asn1TaggedObject)
+				{
+					Asn1TaggedObject o = (Asn1TaggedObject) info;
+
+					switch (o.TagNo)
+					{
+						case 1:
+							return KeyAgreeRecipientInfo.GetInstance(o, false).Version;
+						case 2:
+							return GetKekInfo(o).Version;
+						case 3:
+							return PasswordRecipientInfo.GetInstance(o, false).Version;
+						case 4:
+							return new DerInteger(0);    // no syntax version for OtherRecipientInfo
+						default:
+							throw new InvalidOperationException("unknown tag");
+					}
+				}
+
+				return KeyTransRecipientInfo.GetInstance(info).Version;
+			}
+        }
+
+		public bool IsTagged
+		{
+			get { return info is Asn1TaggedObject; }
+		}
+
+		public Asn1Encodable Info
+        {
+			get
+			{
+				if (info is Asn1TaggedObject)
+				{
+					Asn1TaggedObject o = (Asn1TaggedObject) info;
+
+					switch (o.TagNo)
+					{
+						case 1:
+							return KeyAgreeRecipientInfo.GetInstance(o, false);
+						case 2:
+							return GetKekInfo(o);
+						case 3:
+							return PasswordRecipientInfo.GetInstance(o, false);
+						case 4:
+							return OtherRecipientInfo.GetInstance(o, false);
+						default:
+							throw new InvalidOperationException("unknown tag");
+					}
+				}
+
+				return KeyTransRecipientInfo.GetInstance(info);
+			}
+        }
+
+		private KekRecipientInfo GetKekInfo(
+			Asn1TaggedObject o)
+		{
+			// For compatibility with erroneous version, we don't always pass 'false' here
+			return KekRecipientInfo.GetInstance(o, o.IsExplicit());
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * RecipientInfo ::= CHOICE {
+         *     ktri KeyTransRecipientInfo,
+         *     kari [1] KeyAgreeRecipientInfo,
+         *     kekri [2] KekRecipientInfo,
+         *     pwri [3] PasswordRecipientInfo,
+         *     ori [4] OtherRecipientInfo }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return info.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/RecipientKeyIdentifier.cs b/bc-sharp-crypto/src/asn1/cms/RecipientKeyIdentifier.cs
new file mode 100644
index 0000000..995ddab
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/RecipientKeyIdentifier.cs
@@ -0,0 +1,137 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class RecipientKeyIdentifier
+        : Asn1Encodable
+    {
+        private Asn1OctetString      subjectKeyIdentifier;
+        private DerGeneralizedTime   date;
+        private OtherKeyAttribute    other;
+
+		public RecipientKeyIdentifier(
+            Asn1OctetString         subjectKeyIdentifier,
+            DerGeneralizedTime      date,
+            OtherKeyAttribute       other)
+        {
+            this.subjectKeyIdentifier = subjectKeyIdentifier;
+            this.date = date;
+            this.other = other;
+        }
+		
+		public RecipientKeyIdentifier(
+			byte[] subjectKeyIdentifier)
+			: this(subjectKeyIdentifier, null, null)
+		{
+		}
+
+		public RecipientKeyIdentifier(
+			byte[]				subjectKeyIdentifier,
+			DerGeneralizedTime	date,
+			OtherKeyAttribute	other)
+		{
+			this.subjectKeyIdentifier = new DerOctetString(subjectKeyIdentifier);
+			this.date = date;
+			this.other = other;
+		}
+
+		public RecipientKeyIdentifier(
+            Asn1Sequence seq)
+        {
+            subjectKeyIdentifier = Asn1OctetString.GetInstance(
+				seq[0]);
+
+			switch(seq.Count)
+            {
+				case 1:
+					break;
+				case 2:
+					if (seq[1] is DerGeneralizedTime)
+					{
+						date = (DerGeneralizedTime) seq[1];
+					}
+					else
+					{
+						other = OtherKeyAttribute.GetInstance(seq[2]);
+					}
+					break;
+				case 3:
+					date  = (DerGeneralizedTime) seq[1];
+					other = OtherKeyAttribute.GetInstance(seq[2]);
+					break;
+				default:
+					throw new ArgumentException("Invalid RecipientKeyIdentifier");
+            }
+        }
+
+		/**
+         * return a RecipientKeyIdentifier object from a tagged object.
+         *
+         * @param _ato the tagged object holding the object we want.
+         * @param _explicit true if the object is meant to be explicitly
+         *              tagged false otherwise.
+         * @exception ArgumentException if the object held by the
+         *          tagged object cannot be converted.
+         */
+        public static RecipientKeyIdentifier GetInstance(
+			Asn1TaggedObject	ato,
+			bool				explicitly)
+		{
+            return GetInstance(Asn1Sequence.GetInstance(ato, explicitly));
+        }
+
+		/**
+         * return a RecipientKeyIdentifier object from the given object.
+         *
+         * @param _obj the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static RecipientKeyIdentifier GetInstance(
+			object obj)
+		{
+            if (obj == null || obj is RecipientKeyIdentifier)
+                return (RecipientKeyIdentifier) obj;
+
+			if (obj is Asn1Sequence)
+				return new RecipientKeyIdentifier((Asn1Sequence) obj);
+
+            throw new ArgumentException("Invalid RecipientKeyIdentifier: " + Platform.GetTypeName(obj));
+        }
+
+		public Asn1OctetString SubjectKeyIdentifier
+		{
+			get { return subjectKeyIdentifier; }
+		}
+
+		public DerGeneralizedTime Date
+		{
+			get { return date; }
+		}
+
+		public OtherKeyAttribute OtherKeyAttribute
+		{
+			get { return other; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * RecipientKeyIdentifier ::= Sequence {
+         *     subjectKeyIdentifier SubjectKeyIdentifier,
+         *     date GeneralizedTime OPTIONAL,
+         *     other OtherKeyAttribute OPTIONAL
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(subjectKeyIdentifier);
+			v.AddOptional(date, other);
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/SCVPReqRes.cs b/bc-sharp-crypto/src/asn1/cms/SCVPReqRes.cs
new file mode 100644
index 0000000..486979a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/SCVPReqRes.cs
@@ -0,0 +1,77 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class ScvpReqRes
+        : Asn1Encodable
+    {
+        private readonly ContentInfo request;
+        private readonly ContentInfo response;
+
+        public static ScvpReqRes GetInstance(object  obj)
+        {
+            if (obj is ScvpReqRes)
+                return (ScvpReqRes)obj;
+            if (obj != null)
+                return new ScvpReqRes(Asn1Sequence.GetInstance(obj));
+            return null;
+        }
+
+        private ScvpReqRes(Asn1Sequence seq)
+        {
+            if (seq[0] is Asn1TaggedObject)
+            {
+                this.request = ContentInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[0]), true);
+                this.response = ContentInfo.GetInstance(seq[1]);
+            }
+            else
+            {
+                this.request = null;
+                this.response = ContentInfo.GetInstance(seq[0]);
+            }
+        }
+
+        public ScvpReqRes(ContentInfo response)
+            : this(null, response)
+        {
+        }
+
+        public ScvpReqRes(ContentInfo request, ContentInfo response)
+        {
+            this.request = request;
+            this.response = response;
+        }
+
+        public virtual ContentInfo Request
+        {
+            get { return request; }
+        }
+
+        public virtual ContentInfo Response
+        {
+            get { return response; }
+        }
+
+        /**
+         * <pre>
+         *    ScvpReqRes ::= SEQUENCE {
+         *    request  [0] EXPLICIT ContentInfo OPTIONAL,
+         *    response     ContentInfo }
+         * </pre>
+         * @return  the ASN.1 primitive representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (request != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, request));
+            }
+
+            v.Add(response);
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/SignedData.cs b/bc-sharp-crypto/src/asn1/cms/SignedData.cs
new file mode 100644
index 0000000..957b81c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/SignedData.cs
@@ -0,0 +1,287 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    /**
+     * a signed data object.
+     */
+    public class SignedData
+        : Asn1Encodable
+    {
+        private static readonly DerInteger Version1 = new DerInteger(1);
+        private static readonly DerInteger Version3 = new DerInteger(3);
+        private static readonly DerInteger Version4 = new DerInteger(4);
+        private static readonly DerInteger Version5 = new DerInteger(5);
+
+        private readonly DerInteger		version;
+        private readonly Asn1Set		digestAlgorithms;
+        private readonly ContentInfo	contentInfo;
+        private readonly Asn1Set		certificates;
+        private readonly Asn1Set		crls;
+        private readonly Asn1Set		signerInfos;
+        private readonly bool			certsBer;
+        private readonly bool		    crlsBer;
+
+        public static SignedData GetInstance(
+            object obj)
+        {
+            if (obj is SignedData)
+                return (SignedData) obj;
+
+            if (obj is Asn1Sequence)
+                return new SignedData((Asn1Sequence) obj);
+
+            throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public SignedData(
+            Asn1Set     digestAlgorithms,
+            ContentInfo contentInfo,
+            Asn1Set     certificates,
+            Asn1Set     crls,
+            Asn1Set     signerInfos)
+        {
+            this.version = CalculateVersion(contentInfo.ContentType, certificates, crls, signerInfos);
+            this.digestAlgorithms = digestAlgorithms;
+            this.contentInfo = contentInfo;
+            this.certificates = certificates;
+            this.crls = crls;
+            this.signerInfos = signerInfos;
+            this.crlsBer = crls is BerSet;
+            this.certsBer = certificates is BerSet;
+        }
+
+        // RFC3852, section 5.1:
+        // IF ((certificates is present) AND
+        //    (any certificates with a type of other are present)) OR
+        //    ((crls is present) AND
+        //    (any crls with a type of other are present))
+        // THEN version MUST be 5
+        // ELSE
+        //    IF (certificates is present) AND
+        //       (any version 2 attribute certificates are present)
+        //    THEN version MUST be 4
+        //    ELSE
+        //       IF ((certificates is present) AND
+        //          (any version 1 attribute certificates are present)) OR
+        //          (any SignerInfo structures are version 3) OR
+        //          (encapContentInfo eContentType is other than id-data)
+        //       THEN version MUST be 3
+        //       ELSE version MUST be 1
+        //
+        private DerInteger CalculateVersion(
+            DerObjectIdentifier	contentOid,
+            Asn1Set				certs,
+            Asn1Set				crls,
+            Asn1Set				signerInfs)
+        {
+            bool otherCert = false;
+            bool otherCrl = false;
+            bool attrCertV1Found = false;
+            bool attrCertV2Found = false;
+
+            if (certs != null)
+            {
+                foreach (object obj in certs)
+                {
+                    if (obj is Asn1TaggedObject)
+                    {
+                        Asn1TaggedObject tagged = (Asn1TaggedObject)obj;
+
+                        if (tagged.TagNo == 1)
+                        {
+                            attrCertV1Found = true;
+                        }
+                        else if (tagged.TagNo == 2)
+                        {
+                            attrCertV2Found = true;
+                        }
+                        else if (tagged.TagNo == 3)
+                        {
+                            otherCert = true;
+                            break;
+                        }
+                    }
+                }
+            }
+
+            if (otherCert)
+            {
+                return Version5;
+            }
+
+            if (crls != null)
+            {
+                foreach (object obj in crls)
+                {
+                    if (obj is Asn1TaggedObject)
+                    {
+                        otherCrl = true;
+                        break;
+                    }
+                }
+            }
+
+            if (otherCrl)
+            {
+                return Version5;
+            }
+
+            if (attrCertV2Found)
+            {
+                return Version4;
+            }
+
+            if (attrCertV1Found || !CmsObjectIdentifiers.Data.Equals(contentOid) || CheckForVersion3(signerInfs))
+            {
+                return Version3;
+            }
+
+            return Version1;
+        }
+
+        private bool CheckForVersion3(
+            Asn1Set signerInfs)
+        {
+            foreach (object obj in signerInfs)
+            {
+                SignerInfo s = SignerInfo.GetInstance(obj);
+
+                if (s.Version.Value.IntValue == 3)
+                {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+
+        private SignedData(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+            e.MoveNext();
+            version = (DerInteger)e.Current;
+
+            e.MoveNext();
+            digestAlgorithms = ((Asn1Set)e.Current);
+
+            e.MoveNext();
+            contentInfo = ContentInfo.GetInstance(e.Current);
+
+            while (e.MoveNext())
+            {
+                Asn1Object o = (Asn1Object)e.Current;
+
+                //
+                // an interesting feature of SignedData is that there appear
+                // to be varying implementations...
+                // for the moment we ignore anything which doesn't fit.
+                //
+                if (o is Asn1TaggedObject)
+                {
+                    Asn1TaggedObject tagged = (Asn1TaggedObject)o;
+
+                    switch (tagged.TagNo)
+                    {
+                        case 0:
+                            certsBer = tagged is BerTaggedObject;
+                            certificates = Asn1Set.GetInstance(tagged, false);
+                            break;
+                        case 1:
+                            crlsBer = tagged is BerTaggedObject;
+                            crls = Asn1Set.GetInstance(tagged, false);
+                            break;
+                        default:
+                            throw new ArgumentException("unknown tag value " + tagged.TagNo);
+                    }
+                }
+                else
+                {
+                    signerInfos = (Asn1Set) o;
+                }
+            }
+        }
+
+        public DerInteger Version
+        {
+            get { return version; }
+        }
+
+        public Asn1Set DigestAlgorithms
+        {
+            get { return digestAlgorithms; }
+        }
+
+        public ContentInfo EncapContentInfo
+        {
+            get { return contentInfo; }
+        }
+
+        public Asn1Set Certificates
+        {
+            get { return certificates; }
+        }
+
+        public Asn1Set CRLs
+        {
+            get { return crls; }
+        }
+
+        public Asn1Set SignerInfos
+        {
+            get { return signerInfos; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * SignedData ::= Sequence {
+         *     version CMSVersion,
+         *     digestAlgorithms DigestAlgorithmIdentifiers,
+         *     encapContentInfo EncapsulatedContentInfo,
+         *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
+         *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+         *     signerInfos SignerInfos
+         *   }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                version, digestAlgorithms, contentInfo);
+
+            if (certificates != null)
+            {
+                if (certsBer)
+                {
+                    v.Add(new BerTaggedObject(false, 0, certificates));
+                }
+                else
+                {
+                    v.Add(new DerTaggedObject(false, 0, certificates));
+                }
+            }
+
+            if (crls != null)
+            {
+                if (crlsBer)
+                {
+                    v.Add(new BerTaggedObject(false, 1, crls));
+                }
+                else
+                {
+                    v.Add(new DerTaggedObject(false, 1, crls));
+                }
+            }
+
+            v.Add(signerInfos);
+
+            return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/SignedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/SignedDataParser.cs
new file mode 100644
index 0000000..cd07f40
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/SignedDataParser.cs
@@ -0,0 +1,114 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	/**
+	* <pre>
+	* SignedData ::= SEQUENCE {
+	*     version CMSVersion,
+	*     digestAlgorithms DigestAlgorithmIdentifiers,
+	*     encapContentInfo EncapsulatedContentInfo,
+	*     certificates [0] IMPLICIT CertificateSet OPTIONAL,
+	*     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+	*     signerInfos SignerInfos
+	*   }
+	* </pre>
+	*/
+	public class SignedDataParser
+	{
+		private Asn1SequenceParser	_seq;
+		private DerInteger			_version;
+		private object				_nextObject;
+		private bool				_certsCalled;
+		private bool				_crlsCalled;
+
+		public static SignedDataParser GetInstance(
+			object o)
+		{
+			if (o is Asn1Sequence)
+				return new SignedDataParser(((Asn1Sequence)o).Parser);
+
+			if (o is Asn1SequenceParser)
+				return new SignedDataParser((Asn1SequenceParser)o);
+
+            throw new IOException("unknown object encountered: " + Platform.GetTypeName(o));
+		}
+
+		public SignedDataParser(
+			Asn1SequenceParser seq)
+		{
+			this._seq = seq;
+			this._version = (DerInteger)seq.ReadObject();
+		}
+
+		public DerInteger Version
+		{
+			get { return _version; }
+		}
+
+		public Asn1SetParser GetDigestAlgorithms()
+		{
+			return (Asn1SetParser)_seq.ReadObject();
+		}
+
+		public ContentInfoParser GetEncapContentInfo()
+		{
+			return new ContentInfoParser((Asn1SequenceParser)_seq.ReadObject());
+		}
+
+		public Asn1SetParser GetCertificates()
+		{
+			_certsCalled = true;
+			_nextObject = _seq.ReadObject();
+
+			if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 0)
+			{
+				Asn1SetParser certs = (Asn1SetParser)((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Set, false);
+				_nextObject = null;
+
+				return certs;
+			}
+
+			return null;
+		}
+
+		public Asn1SetParser GetCrls()
+		{
+			if (!_certsCalled)
+				throw new IOException("GetCerts() has not been called.");
+
+			_crlsCalled = true;
+
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 1)
+			{
+				Asn1SetParser crls = (Asn1SetParser)((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Set, false);
+				_nextObject = null;
+
+				return crls;
+			}
+
+			return null;
+		}
+
+		public Asn1SetParser GetSignerInfos()
+		{
+			if (!_certsCalled || !_crlsCalled)
+				throw new IOException("GetCerts() and/or GetCrls() has not been called.");
+
+			if (_nextObject == null)
+			{
+				_nextObject = _seq.ReadObject();
+			}
+
+			return (Asn1SetParser)_nextObject;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/SignerIdentifier.cs b/bc-sharp-crypto/src/asn1/cms/SignerIdentifier.cs
new file mode 100644
index 0000000..195ab74
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/SignerIdentifier.cs
@@ -0,0 +1,89 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class SignerIdentifier
+        : Asn1Encodable, IAsn1Choice
+    {
+        private Asn1Encodable id;
+
+		public SignerIdentifier(
+            IssuerAndSerialNumber id)
+        {
+            this.id = id;
+        }
+
+		public SignerIdentifier(
+            Asn1OctetString id)
+        {
+            this.id = new DerTaggedObject(false, 0, id);
+        }
+
+		public SignerIdentifier(
+            Asn1Object id)
+        {
+            this.id = id;
+        }
+
+		/**
+         * return a SignerIdentifier object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static SignerIdentifier GetInstance(
+            object o)
+        {
+            if (o == null || o is SignerIdentifier)
+                return (SignerIdentifier) o;
+
+			if (o is IssuerAndSerialNumber)
+                return new SignerIdentifier((IssuerAndSerialNumber) o);
+
+			if (o is Asn1OctetString)
+                return new SignerIdentifier((Asn1OctetString) o);
+
+			if (o is Asn1Object)
+                return new SignerIdentifier((Asn1Object) o);
+
+			throw new ArgumentException(
+                "Illegal object in SignerIdentifier: " + Platform.GetTypeName(o));
+        }
+
+		public bool IsTagged
+		{
+			get { return (id is Asn1TaggedObject); }
+		}
+
+		public Asn1Encodable ID
+        {
+            get
+            {
+                if (id is Asn1TaggedObject)
+                {
+                    return Asn1OctetString.GetInstance((Asn1TaggedObject)id, false);
+                }
+
+				return id;
+            }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * SignerIdentifier ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return id.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/SignerInfo.cs b/bc-sharp-crypto/src/asn1/cms/SignerInfo.cs
new file mode 100644
index 0000000..b6bd319
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/SignerInfo.cs
@@ -0,0 +1,185 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class SignerInfo
+        : Asn1Encodable
+    {
+        private DerInteger              version;
+        private SignerIdentifier        sid;
+        private AlgorithmIdentifier     digAlgorithm;
+        private Asn1Set                 authenticatedAttributes;
+        private AlgorithmIdentifier     digEncryptionAlgorithm;
+        private Asn1OctetString         encryptedDigest;
+        private Asn1Set                 unauthenticatedAttributes;
+
+        public static SignerInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is SignerInfo)
+                return (SignerInfo) obj;
+
+            if (obj is Asn1Sequence)
+                return new SignerInfo((Asn1Sequence) obj);
+
+            throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public SignerInfo(
+            SignerIdentifier        sid,
+            AlgorithmIdentifier     digAlgorithm,
+            Asn1Set                 authenticatedAttributes,
+            AlgorithmIdentifier     digEncryptionAlgorithm,
+            Asn1OctetString         encryptedDigest,
+            Asn1Set                 unauthenticatedAttributes)
+        {
+            this.version = new DerInteger(sid.IsTagged ? 3 : 1);
+            this.sid = sid;
+            this.digAlgorithm = digAlgorithm;
+            this.authenticatedAttributes = authenticatedAttributes;
+            this.digEncryptionAlgorithm = digEncryptionAlgorithm;
+            this.encryptedDigest = encryptedDigest;
+            this.unauthenticatedAttributes = unauthenticatedAttributes;
+        }
+
+        public SignerInfo(
+            SignerIdentifier        sid,
+            AlgorithmIdentifier     digAlgorithm,
+            Attributes              authenticatedAttributes,
+            AlgorithmIdentifier     digEncryptionAlgorithm,
+            Asn1OctetString         encryptedDigest,
+            Attributes              unauthenticatedAttributes)
+        {
+            this.version = new DerInteger(sid.IsTagged ? 3 : 1);
+            this.sid = sid;
+            this.digAlgorithm = digAlgorithm;
+            this.authenticatedAttributes = Asn1Set.GetInstance(authenticatedAttributes);
+            this.digEncryptionAlgorithm = digEncryptionAlgorithm;
+            this.encryptedDigest = encryptedDigest;
+            this.unauthenticatedAttributes = Asn1Set.GetInstance(unauthenticatedAttributes);
+        }
+
+        [Obsolete("Use 'GetInstance' instead")]
+        public SignerInfo(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+            e.MoveNext();
+            version = (DerInteger) e.Current;
+
+            e.MoveNext();
+            sid = SignerIdentifier.GetInstance(e.Current);
+
+            e.MoveNext();
+            digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
+
+            e.MoveNext();
+            object obj = e.Current;
+
+            if (obj is Asn1TaggedObject)
+            {
+                authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) obj, false);
+
+                e.MoveNext();
+                digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
+            }
+            else
+            {
+                authenticatedAttributes = null;
+                digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj);
+            }
+
+            e.MoveNext();
+            encryptedDigest = DerOctetString.GetInstance(e.Current);
+
+            if (e.MoveNext())
+            {
+                unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) e.Current, false);
+            }
+            else
+            {
+                unauthenticatedAttributes = null;
+            }
+        }
+
+        public DerInteger Version
+        {
+            get { return version; }
+        }
+
+        public SignerIdentifier SignerID
+        {
+            get { return sid; }
+        }
+
+        public Asn1Set AuthenticatedAttributes
+        {
+            get { return authenticatedAttributes; }
+        }
+
+        public AlgorithmIdentifier DigestAlgorithm
+        {
+            get { return digAlgorithm; }
+        }
+
+        public Asn1OctetString EncryptedDigest
+        {
+            get { return encryptedDigest; }
+        }
+
+        public AlgorithmIdentifier DigestEncryptionAlgorithm
+        {
+            get { return digEncryptionAlgorithm; }
+        }
+
+        public Asn1Set UnauthenticatedAttributes
+        {
+            get { return unauthenticatedAttributes; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  SignerInfo ::= Sequence {
+         *      version Version,
+         *      SignerIdentifier sid,
+         *      digestAlgorithm DigestAlgorithmIdentifier,
+         *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
+         *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+         *      encryptedDigest EncryptedDigest,
+         *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
+         *  }
+         *
+         *  EncryptedDigest ::= OCTET STRING
+         *
+         *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                version, sid, digAlgorithm);
+
+            if (authenticatedAttributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, authenticatedAttributes));
+            }
+
+            v.Add(digEncryptionAlgorithm, encryptedDigest);
+
+            if (unauthenticatedAttributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, unauthenticatedAttributes));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/Time.cs b/bc-sharp-crypto/src/asn1/cms/Time.cs
new file mode 100644
index 0000000..52fb4f9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/Time.cs
@@ -0,0 +1,115 @@
+using System;
+using System.Globalization;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+    public class Time
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly Asn1Object time;
+
+		public static Time GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(obj.GetObject());
+        }
+
+		public Time(
+            Asn1Object time)
+        {
+            if (time == null)
+                throw new ArgumentNullException("time");
+            if (!(time is DerUtcTime) && !(time is DerGeneralizedTime))
+                throw new ArgumentException("unknown object passed to Time");
+
+            this.time = time;
+        }
+
+		/**
+         * creates a time object from a given date - if the date is between 1950
+         * and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime
+         * is used.
+         */
+        public Time(
+            DateTime date)
+        {
+            string d = date.ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z";
+
+			int year = int.Parse(d.Substring(0, 4));
+
+			if (year < 1950 || year > 2049)
+            {
+                time = new DerGeneralizedTime(d);
+            }
+            else
+            {
+                time = new DerUtcTime(d.Substring(2));
+            }
+        }
+
+		public static Time GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Time)
+                return (Time)obj;
+			if (obj is DerUtcTime)
+                return new Time((DerUtcTime)obj);
+			if (obj is DerGeneralizedTime)
+                return new Time((DerGeneralizedTime)obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public string TimeString
+        {
+			get
+			{
+				if (time is DerUtcTime)
+				{
+					return ((DerUtcTime)time).AdjustedTimeString;
+				}
+				else
+				{
+					return ((DerGeneralizedTime)time).GetTime();
+				}
+			}
+        }
+
+		public DateTime Date
+        {
+			get
+			{
+				try
+				{
+					if (time is DerUtcTime)
+					{
+						return ((DerUtcTime)time).ToAdjustedDateTime();
+					}
+
+					return ((DerGeneralizedTime)time).ToDateTime();
+				}
+				catch (FormatException e)
+				{
+					// this should never happen
+					throw new InvalidOperationException("invalid date string: " + e.Message);
+				}
+			}
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Time ::= CHOICE {
+         *             utcTime        UTCTime,
+         *             generalTime    GeneralizedTime }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return time;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/TimeStampAndCRL.cs b/bc-sharp-crypto/src/asn1/cms/TimeStampAndCRL.cs
new file mode 100644
index 0000000..4cb5f2a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/TimeStampAndCRL.cs
@@ -0,0 +1,62 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class TimeStampAndCrl
+		: Asn1Encodable
+	{
+		private ContentInfo timeStamp;
+		private X509.CertificateList crl;
+
+		public TimeStampAndCrl(ContentInfo timeStamp)
+		{
+			this.timeStamp = timeStamp;
+		}
+
+		private TimeStampAndCrl(Asn1Sequence seq)
+		{
+			this.timeStamp = ContentInfo.GetInstance(seq[0]);
+			if (seq.Count == 2)
+			{
+				this.crl = X509.CertificateList.GetInstance(seq[1]);
+			}
+		}
+
+		public static TimeStampAndCrl GetInstance(object obj)
+		{
+			if (obj is TimeStampAndCrl)
+				return (TimeStampAndCrl)obj;
+
+			if (obj != null)
+				return new TimeStampAndCrl(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		public virtual ContentInfo TimeStampToken
+		{
+			get { return this.timeStamp; }
+		}
+
+		public virtual X509.CertificateList Crl
+		{
+			get { return this.crl; }
+		}
+
+		/**
+		 * <pre>
+		 * TimeStampAndCRL ::= SEQUENCE {
+		 *     timeStamp   TimeStampToken,          -- according to RFC 3161
+		 *     crl         CertificateList OPTIONAL -- according to RFC 5280
+		 *  }
+		 * </pre>
+		 * @return
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(timeStamp);
+			v.AddOptional(crl);
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/TimeStampTokenEvidence.cs b/bc-sharp-crypto/src/asn1/cms/TimeStampTokenEvidence.cs
new file mode 100644
index 0000000..8625d05
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/TimeStampTokenEvidence.cs
@@ -0,0 +1,65 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class TimeStampTokenEvidence
+		: Asn1Encodable
+	{
+		private TimeStampAndCrl[] timeStampAndCrls;
+
+		public TimeStampTokenEvidence(TimeStampAndCrl[] timeStampAndCrls)
+		{
+			this.timeStampAndCrls = timeStampAndCrls;
+		}
+
+		public TimeStampTokenEvidence(TimeStampAndCrl timeStampAndCrl)
+		{
+			this.timeStampAndCrls = new TimeStampAndCrl[]{ timeStampAndCrl };
+		}
+
+		private TimeStampTokenEvidence(Asn1Sequence seq)
+		{
+			this.timeStampAndCrls = new TimeStampAndCrl[seq.Count];
+
+			int count = 0;
+
+			foreach (Asn1Encodable ae in seq)
+			{
+				this.timeStampAndCrls[count++] = TimeStampAndCrl.GetInstance(ae.ToAsn1Object());
+			}
+		}
+
+		public static TimeStampTokenEvidence GetInstance(Asn1TaggedObject tagged, bool isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(tagged, isExplicit));
+		}
+
+		public static TimeStampTokenEvidence GetInstance(object obj)
+		{
+			if (obj is TimeStampTokenEvidence)
+				return (TimeStampTokenEvidence)obj;
+
+			if (obj != null)
+				return new TimeStampTokenEvidence(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		public virtual TimeStampAndCrl[] ToTimeStampAndCrlArray()
+		{
+			return (TimeStampAndCrl[])timeStampAndCrls.Clone();
+		}
+
+		/**
+		 * <pre>
+		 * TimeStampTokenEvidence ::=
+		 *    SEQUENCE SIZE(1..MAX) OF TimeStampAndCrl
+		 * </pre>
+		 * @return
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(timeStampAndCrls);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/TimeStampedData.cs b/bc-sharp-crypto/src/asn1/cms/TimeStampedData.cs
new file mode 100644
index 0000000..15448a9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/TimeStampedData.cs
@@ -0,0 +1,95 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class TimeStampedData
+		: Asn1Encodable
+	{
+		private DerInteger version;
+		private DerIA5String dataUri;
+		private MetaData metaData;
+		private Asn1OctetString content;
+		private Evidence temporalEvidence;
+
+		public TimeStampedData(DerIA5String dataUri, MetaData metaData, Asn1OctetString content,
+			Evidence temporalEvidence)
+		{
+			this.version = new DerInteger(1);
+			this.dataUri = dataUri;
+			this.metaData = metaData;
+			this.content = content;
+			this.temporalEvidence = temporalEvidence;
+		}
+
+		private TimeStampedData(Asn1Sequence seq)
+		{
+			this.version = DerInteger.GetInstance(seq[0]);
+			
+			int index = 1;
+			if (seq[index] is DerIA5String)
+			{
+				this.dataUri = DerIA5String.GetInstance(seq[index++]);
+			}
+			if (seq[index] is MetaData || seq[index] is Asn1Sequence)
+			{
+				this.metaData = MetaData.GetInstance(seq[index++]);
+			}
+			if (seq[index] is Asn1OctetString)
+			{
+				this.content = Asn1OctetString.GetInstance(seq[index++]);
+			}
+			this.temporalEvidence = Evidence.GetInstance(seq[index]);
+		}
+
+		public static TimeStampedData GetInstance(object obj)
+		{
+			if (obj is TimeStampedData)
+				return (TimeStampedData)obj;
+
+			if (obj != null)
+				return new TimeStampedData(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		public virtual DerIA5String DataUri
+		{
+			get { return dataUri; }
+		}
+
+		public MetaData MetaData
+		{
+			get { return metaData; }
+		}
+
+		public Asn1OctetString Content
+		{
+			get { return content; }
+		}
+
+		public Evidence TemporalEvidence
+		{
+			get { return temporalEvidence; }
+		}
+
+		/**
+		 * <pre>
+		 * TimeStampedData ::= SEQUENCE {
+		 *   version              INTEGER { v1(1) },
+		 *   dataUri              IA5String OPTIONAL,
+		 *   metaData             MetaData OPTIONAL,
+		 *   content              OCTET STRING OPTIONAL,
+		 *   temporalEvidence     Evidence
+		 * }
+		 * </pre>
+		 * @return
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(version);
+			v.AddOptional(dataUri, metaData, content);
+			v.Add(temporalEvidence);
+			return new BerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/TimeStampedDataParser.cs b/bc-sharp-crypto/src/asn1/cms/TimeStampedDataParser.cs
new file mode 100644
index 0000000..90307bf
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/TimeStampedDataParser.cs
@@ -0,0 +1,76 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cms
+{
+	public class TimeStampedDataParser
+	{
+		private DerInteger version;
+		private DerIA5String dataUri;
+		private MetaData metaData;
+		private Asn1OctetStringParser content;
+		private Evidence temporalEvidence;
+		private Asn1SequenceParser parser;
+		
+		private TimeStampedDataParser(Asn1SequenceParser parser)
+		{
+			this.parser = parser;
+			this.version = DerInteger.GetInstance(parser.ReadObject());
+
+			Asn1Object obj = parser.ReadObject().ToAsn1Object();
+
+			if (obj is DerIA5String)
+			{
+				this.dataUri = DerIA5String.GetInstance(obj);
+				obj = parser.ReadObject().ToAsn1Object();
+			}
+
+            if (//obj is MetaData ||
+                obj is Asn1SequenceParser)
+			{
+				this.metaData = MetaData.GetInstance(obj.ToAsn1Object());
+				obj = parser.ReadObject().ToAsn1Object();
+			}
+
+			if (obj is Asn1OctetStringParser)
+			{
+				this.content = (Asn1OctetStringParser)obj;
+			}
+		}
+
+		public static TimeStampedDataParser GetInstance(object obj)
+		{
+			if (obj is Asn1Sequence)
+				return new TimeStampedDataParser(((Asn1Sequence)obj).Parser);
+
+			if (obj is Asn1SequenceParser)
+				return new TimeStampedDataParser((Asn1SequenceParser)obj);
+
+			return null;
+		}
+		
+		public virtual DerIA5String DataUri
+		{
+			get { return dataUri; }
+		}
+
+		public virtual MetaData MetaData
+		{
+			get { return metaData; }
+		}
+
+		public virtual Asn1OctetStringParser Content
+		{
+			get { return content; }
+		}
+
+		public virtual Evidence GetTemporalEvidence()
+		{
+			if (temporalEvidence == null)
+			{
+				temporalEvidence = Evidence.GetInstance(parser.ReadObject().ToAsn1Object());
+			}
+
+			return temporalEvidence;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs b/bc-sharp-crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs
new file mode 100644
index 0000000..dc4ac1a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs
@@ -0,0 +1,105 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cms.Ecc
+{
+	public class MQVuserKeyingMaterial
+		: Asn1Encodable
+	{
+		private OriginatorPublicKey	ephemeralPublicKey;
+		private Asn1OctetString		addedukm;
+
+		public MQVuserKeyingMaterial(
+			OriginatorPublicKey	ephemeralPublicKey,
+			Asn1OctetString		addedukm)
+		{
+			// TODO Check ephemeralPublicKey not null
+
+			this.ephemeralPublicKey = ephemeralPublicKey;
+			this.addedukm = addedukm;
+		}
+
+		private MQVuserKeyingMaterial(
+			Asn1Sequence seq)
+		{
+			// TODO Check seq has either 1 or 2 elements
+
+			this.ephemeralPublicKey = OriginatorPublicKey.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				this.addedukm = Asn1OctetString.GetInstance(
+					(Asn1TaggedObject)seq[1], true);
+			}
+		}
+
+		/**
+		 * return an AuthEnvelopedData object from a tagged object.
+		 *
+		 * @param obj      the tagged object holding the object we want.
+		 * @param isExplicit true if the object is meant to be explicitly
+		 *                 tagged false otherwise.
+		 * @throws ArgumentException if the object held by the
+		 *                                  tagged object cannot be converted.
+		 */
+		public static MQVuserKeyingMaterial GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		/**
+		 * return an AuthEnvelopedData object from the given object.
+		 *
+		 * @param obj the object we want converted.
+		 * @throws ArgumentException if the object cannot be converted.
+		 */
+		public static MQVuserKeyingMaterial GetInstance(
+			object	obj)
+		{
+			if (obj == null || obj is MQVuserKeyingMaterial)
+			{
+				return (MQVuserKeyingMaterial)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new MQVuserKeyingMaterial((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("Invalid MQVuserKeyingMaterial: " + Platform.GetTypeName(obj));
+		}
+		
+		public OriginatorPublicKey EphemeralPublicKey
+		{
+			get { return ephemeralPublicKey; }
+		}
+
+		public Asn1OctetString AddedUkm
+		{
+			get { return addedukm; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <pre>
+		* MQVuserKeyingMaterial ::= SEQUENCE {
+		*   ephemeralPublicKey OriginatorPublicKey,
+		*   addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL  }
+		* </pre>
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(ephemeralPublicKey);
+
+			if (addedukm != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, addedukm));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/AttributeTypeAndValue.cs b/bc-sharp-crypto/src/asn1/crmf/AttributeTypeAndValue.cs
new file mode 100644
index 0000000..0a4b5bd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/AttributeTypeAndValue.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class AttributeTypeAndValue
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier type;
+        private readonly Asn1Encodable value;
+
+        private AttributeTypeAndValue(Asn1Sequence seq)
+        {
+            type = (DerObjectIdentifier)seq[0];
+            value = (Asn1Encodable)seq[1];
+        }
+
+        public static AttributeTypeAndValue GetInstance(object obj)
+        {
+            if (obj is AttributeTypeAndValue)
+                return (AttributeTypeAndValue)obj;
+
+            if (obj is Asn1Sequence)
+                return new AttributeTypeAndValue((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public AttributeTypeAndValue(
+            String oid,
+            Asn1Encodable value)
+            : this(new DerObjectIdentifier(oid), value)
+        {
+        }
+
+        public AttributeTypeAndValue(
+            DerObjectIdentifier type,
+            Asn1Encodable value)
+        {
+            this.type = type;
+            this.value = value;
+        }
+
+        public virtual DerObjectIdentifier Type
+        {
+            get { return type; }
+        }
+
+        public virtual Asn1Encodable Value
+        {
+            get { return value; }
+        }
+
+        /**
+         * <pre>
+         * AttributeTypeAndValue ::= SEQUENCE {
+         *           type         OBJECT IDENTIFIER,
+         *           value        ANY DEFINED BY type }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(type, value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertId.cs b/bc-sharp-crypto/src/asn1/crmf/CertId.cs
new file mode 100644
index 0000000..f0cc946
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertId.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertId
+        : Asn1Encodable
+    {
+        private readonly GeneralName issuer;
+        private readonly DerInteger serialNumber;
+
+        private CertId(Asn1Sequence seq)
+        {
+            issuer = GeneralName.GetInstance(seq[0]);
+            serialNumber = DerInteger.GetInstance(seq[1]);
+        }
+
+        public static CertId GetInstance(object obj)
+        {
+            if (obj is CertId)
+                return (CertId)obj;
+
+            if (obj is Asn1Sequence)
+                return new CertId((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public static CertId GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        public virtual GeneralName Issuer
+        {
+            get { return issuer; }
+        }
+
+        public virtual DerInteger SerialNumber
+        {
+            get { return serialNumber; }
+        }
+
+        /**
+         * <pre>
+         * CertId ::= SEQUENCE {
+         *                 issuer           GeneralName,
+         *                 serialNumber     INTEGER }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(issuer, serialNumber);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertReqMessages.cs b/bc-sharp-crypto/src/asn1/crmf/CertReqMessages.cs
new file mode 100644
index 0000000..422950b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertReqMessages.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertReqMessages
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence content;
+
+        private CertReqMessages(Asn1Sequence seq)
+        {
+            content = seq;
+        }
+
+        public static CertReqMessages GetInstance(object obj)
+        {
+            if (obj is CertReqMessages)
+                return (CertReqMessages)obj;
+
+            if (obj is Asn1Sequence)
+                return new CertReqMessages((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public CertReqMessages(params CertReqMsg[] msgs)
+        {
+            content = new DerSequence(msgs);
+        }
+
+        public virtual CertReqMsg[] ToCertReqMsgArray()
+        {
+            CertReqMsg[] result = new CertReqMsg[content.Count];
+            for (int i = 0; i != result.Length; ++i)
+            {
+                result[i] = CertReqMsg.GetInstance(content[i]);
+            }
+            return result;
+        }
+
+        /**
+         * <pre>
+         * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return content;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertReqMsg.cs b/bc-sharp-crypto/src/asn1/crmf/CertReqMsg.cs
new file mode 100644
index 0000000..03ce32d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertReqMsg.cs
@@ -0,0 +1,112 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertReqMsg
+        : Asn1Encodable
+    {
+        private readonly CertRequest certReq;
+        private readonly ProofOfPossession popo;
+        private readonly Asn1Sequence regInfo;
+
+        private CertReqMsg(Asn1Sequence seq)
+        {
+            certReq = CertRequest.GetInstance(seq[0]);
+
+            for (int pos = 1; pos < seq.Count; ++pos)
+            {
+                object o = seq[pos];
+
+                if (o is Asn1TaggedObject || o is ProofOfPossession)
+                {
+                    popo = ProofOfPossession.GetInstance(o);
+                }
+                else
+                {
+                    regInfo = Asn1Sequence.GetInstance(o);
+                }
+            }
+        }
+
+        public static CertReqMsg GetInstance(object obj)
+        {
+            if (obj is CertReqMsg)
+                return (CertReqMsg)obj;
+
+            if (obj != null)
+                return new CertReqMsg(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        public static CertReqMsg GetInstance(
+            Asn1TaggedObject obj,
+            bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        /**
+         * Creates a new CertReqMsg.
+         * @param certReq CertRequest
+         * @param popo may be null
+         * @param regInfo may be null
+         */
+        public CertReqMsg(
+            CertRequest				certReq,
+            ProofOfPossession		popo,
+            AttributeTypeAndValue[]	regInfo)
+        {
+            if (certReq == null)
+                throw new ArgumentNullException("certReq");
+
+            this.certReq = certReq;
+            this.popo = popo;
+
+            if (regInfo != null)
+            {
+                this.regInfo = new DerSequence(regInfo);
+            }
+        }
+
+        public virtual CertRequest CertReq
+        {
+            get { return certReq; }
+        }
+
+        public virtual ProofOfPossession Popo
+        {
+            get { return popo; }
+        }
+
+        public virtual AttributeTypeAndValue[] GetRegInfo()
+        {
+            if (regInfo == null)
+                return null;
+
+            AttributeTypeAndValue[] results = new AttributeTypeAndValue[regInfo.Count];
+            for (int i = 0; i != results.Length; ++i)
+            {
+                results[i] = AttributeTypeAndValue.GetInstance(regInfo[i]);
+            }
+            return results;
+        }
+
+        /**
+         * <pre>
+         * CertReqMsg ::= SEQUENCE {
+         *                    certReq   CertRequest,
+         *                    pop       ProofOfPossession  OPTIONAL,
+         *                    -- content depends upon key type
+         *                    regInfo   SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(certReq);
+            v.AddOptional(popo, regInfo);
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertRequest.cs b/bc-sharp-crypto/src/asn1/crmf/CertRequest.cs
new file mode 100644
index 0000000..625a9b5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertRequest.cs
@@ -0,0 +1,82 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertRequest
+        : Asn1Encodable
+    {
+        private readonly DerInteger certReqId;
+        private readonly CertTemplate certTemplate;
+        private readonly Controls controls;
+
+        private CertRequest(Asn1Sequence seq)
+        {
+            certReqId = DerInteger.GetInstance(seq[0]);
+            certTemplate = CertTemplate.GetInstance(seq[1]);
+            if (seq.Count > 2)
+            {
+                controls = Controls.GetInstance(seq[2]);
+            }
+        }
+
+        public static CertRequest GetInstance(object obj)
+        {
+            if (obj is CertRequest)
+                return (CertRequest)obj;
+
+            if (obj != null)
+                return new CertRequest(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        public CertRequest(
+            int certReqId,
+            CertTemplate certTemplate,
+            Controls controls)
+            : this(new DerInteger(certReqId), certTemplate, controls)
+        {
+        }
+
+        public CertRequest(
+            DerInteger certReqId,
+            CertTemplate certTemplate,
+            Controls controls)
+        {
+            this.certReqId = certReqId;
+            this.certTemplate = certTemplate;
+            this.controls = controls;
+        }
+
+        public virtual DerInteger CertReqID
+        {
+            get { return certReqId; }
+        }
+
+        public virtual CertTemplate CertTemplate
+        {
+            get { return certTemplate; }
+        }
+
+        public virtual Controls Controls
+        {
+            get { return controls; }
+        }
+
+        /**
+         * <pre>
+         * CertRequest ::= SEQUENCE {
+         *                      certReqId     INTEGER,          -- ID for matching request and reply
+         *                      certTemplate  CertTemplate,  -- Selected fields of cert to be issued
+         *                      controls      Controls OPTIONAL }   -- Attributes affecting issuance
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(certReqId, certTemplate);
+            v.AddOptional(controls);
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertTemplate.cs b/bc-sharp-crypto/src/asn1/crmf/CertTemplate.cs
new file mode 100644
index 0000000..3de9f1d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertTemplate.cs
@@ -0,0 +1,149 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertTemplate
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence seq;
+
+        private readonly DerInteger version;
+        private readonly DerInteger serialNumber;
+        private readonly AlgorithmIdentifier signingAlg;
+        private readonly X509Name issuer;
+        private readonly OptionalValidity validity;
+        private readonly X509Name subject;
+        private readonly SubjectPublicKeyInfo publicKey;
+        private readonly DerBitString issuerUID;
+        private readonly DerBitString subjectUID;
+        private readonly X509Extensions extensions;
+
+        private CertTemplate(Asn1Sequence seq)
+        {
+            this.seq = seq;
+
+            foreach (Asn1TaggedObject tObj in seq)
+            {
+                switch (tObj.TagNo)
+                {
+                case 0:
+                    version = DerInteger.GetInstance(tObj, false);
+                    break;
+                case 1:
+                    serialNumber = DerInteger.GetInstance(tObj, false);
+                    break;
+                case 2:
+                    signingAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+                    break;
+                case 3:
+                    issuer = X509Name.GetInstance(tObj, true); // CHOICE
+                    break;
+                case 4:
+                    validity = OptionalValidity.GetInstance(Asn1Sequence.GetInstance(tObj, false));
+                    break;
+                case 5:
+                    subject = X509Name.GetInstance(tObj, true); // CHOICE
+                    break;
+                case 6:
+                    publicKey = SubjectPublicKeyInfo.GetInstance(tObj, false);
+                    break;
+                case 7:
+                    issuerUID = DerBitString.GetInstance(tObj, false);
+                    break;
+                case 8:
+                    subjectUID = DerBitString.GetInstance(tObj, false);
+                    break;
+                case 9:
+                    extensions = X509Extensions.GetInstance(tObj, false);
+                    break;
+                default:
+                    throw new ArgumentException("unknown tag: " + tObj.TagNo, "seq");
+                }
+            }
+        }
+
+        public static CertTemplate GetInstance(object obj)
+        {
+            if (obj is CertTemplate)
+                return (CertTemplate)obj;
+
+            if (obj != null)
+                return new CertTemplate(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        public virtual int Version
+        {
+            get { return version.Value.IntValue; }
+        }
+
+        public virtual DerInteger SerialNumber
+        {
+            get { return serialNumber; }
+        }
+
+        public virtual AlgorithmIdentifier SigningAlg
+        {
+            get { return signingAlg; }
+        }
+
+        public virtual X509Name Issuer
+        {
+            get { return issuer; }
+        }
+
+        public virtual OptionalValidity Validity
+        {
+            get { return validity; }
+        }
+
+        public virtual X509Name Subject
+        {
+            get { return subject; }
+        }
+
+        public virtual SubjectPublicKeyInfo PublicKey
+        {
+            get { return publicKey; }
+        }
+
+        public virtual DerBitString IssuerUID
+        {
+            get { return issuerUID; }
+        }
+
+        public virtual DerBitString SubjectUID
+        {
+            get { return subjectUID; }
+        }
+
+        public virtual X509Extensions Extensions
+        {
+            get { return extensions; }
+        }
+
+        /**
+         * <pre>
+         *  CertTemplate ::= SEQUENCE {
+         *      version      [0] Version               OPTIONAL,
+         *      serialNumber [1] INTEGER               OPTIONAL,
+         *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
+         *      issuer       [3] Name                  OPTIONAL,
+         *      validity     [4] OptionalValidity      OPTIONAL,
+         *      subject      [5] Name                  OPTIONAL,
+         *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
+         *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
+         *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
+         *      extensions   [9] Extensions            OPTIONAL }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CertTemplateBuilder.cs b/bc-sharp-crypto/src/asn1/crmf/CertTemplateBuilder.cs
new file mode 100644
index 0000000..51c73c4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CertTemplateBuilder.cs
@@ -0,0 +1,125 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class CertTemplateBuilder
+    {
+        private DerInteger version;
+        private DerInteger serialNumber;
+        private AlgorithmIdentifier signingAlg;
+        private X509Name issuer;
+        private OptionalValidity validity;
+        private X509Name subject;
+        private SubjectPublicKeyInfo publicKey;
+        private DerBitString issuerUID;
+        private DerBitString subjectUID;
+        private X509Extensions extensions;
+
+        /** Sets the X.509 version. Note: for X509v3, use 2 here. */
+        public virtual CertTemplateBuilder SetVersion(int ver)
+        {
+            version = new DerInteger(ver);
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetSerialNumber(DerInteger ser)
+        {
+            serialNumber = ser;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetSigningAlg(AlgorithmIdentifier aid)
+        {
+            signingAlg = aid;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetIssuer(X509Name name)
+        {
+            issuer = name;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetValidity(OptionalValidity v)
+        {
+            validity = v;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetSubject(X509Name name)
+        {
+            subject = name;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetPublicKey(SubjectPublicKeyInfo spki)
+        {
+            publicKey = spki;
+            return this;
+        }
+
+        /** Sets the issuer unique ID (deprecated in X.509v3) */
+        public virtual CertTemplateBuilder SetIssuerUID(DerBitString uid)
+        {
+            issuerUID = uid;
+            return this;
+        }
+
+        /** Sets the subject unique ID (deprecated in X.509v3) */
+        public virtual CertTemplateBuilder SetSubjectUID(DerBitString uid)
+        {
+            subjectUID = uid;
+            return this;
+        }
+
+        public virtual CertTemplateBuilder SetExtensions(X509Extensions extens)
+        {
+            extensions = extens;
+            return this;
+        }
+
+        /**
+         * <pre>
+         *  CertTemplate ::= SEQUENCE {
+         *      version      [0] Version               OPTIONAL,
+         *      serialNumber [1] INTEGER               OPTIONAL,
+         *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
+         *      issuer       [3] Name                  OPTIONAL,
+         *      validity     [4] OptionalValidity      OPTIONAL,
+         *      subject      [5] Name                  OPTIONAL,
+         *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
+         *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
+         *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
+         *      extensions   [9] Extensions            OPTIONAL }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public virtual CertTemplate Build()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            AddOptional(v, 0, false, version);
+            AddOptional(v, 1, false, serialNumber);
+            AddOptional(v, 2, false, signingAlg);
+            AddOptional(v, 3, true, issuer); // CHOICE
+            AddOptional(v, 4, false, validity);
+            AddOptional(v, 5, true, subject); // CHOICE
+            AddOptional(v, 6, false, publicKey);
+            AddOptional(v, 7, false, issuerUID);
+            AddOptional(v, 8, false, subjectUID);
+            AddOptional(v, 9, false, extensions);
+
+            return CertTemplate.GetInstance(new DerSequence(v));
+        }
+
+        private void AddOptional(Asn1EncodableVector v, int tagNo, bool isExplicit, Asn1Encodable obj)
+        {
+            if (obj != null)
+            {
+                v.Add(new DerTaggedObject(isExplicit, tagNo, obj));
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/Controls.cs b/bc-sharp-crypto/src/asn1/crmf/Controls.cs
new file mode 100644
index 0000000..e8b9f3d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/Controls.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class Controls
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence content;
+
+        private Controls(Asn1Sequence seq)
+        {
+            content = seq;
+        }
+
+        public static Controls GetInstance(object obj)
+        {
+            if (obj is Controls)
+                return (Controls)obj;
+
+            if (obj is Asn1Sequence)
+                return new Controls((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public Controls(params AttributeTypeAndValue[] atvs)
+        {
+            content = new DerSequence(atvs);
+        }
+
+        public virtual AttributeTypeAndValue[] ToAttributeTypeAndValueArray()
+        {
+            AttributeTypeAndValue[] result = new AttributeTypeAndValue[content.Count];
+            for (int i = 0; i != result.Length; ++i)
+            {
+                result[i] = AttributeTypeAndValue.GetInstance(content[i]);
+            }
+            return result;
+        }
+
+        /**
+         * <pre>
+         * Controls  ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return content;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs
new file mode 100644
index 0000000..eaa1f7b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs
@@ -0,0 +1,23 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public abstract class CrmfObjectIdentifiers
+    {
+        public static readonly DerObjectIdentifier id_pkix = new DerObjectIdentifier("1.3.6.1.5.5.7");
+
+        // arc for Internet X.509 PKI protocols and their components
+
+        public static readonly DerObjectIdentifier id_pkip  = id_pkix.Branch("5");
+
+        public static readonly DerObjectIdentifier id_regCtrl = id_pkip.Branch("1");
+        public static readonly DerObjectIdentifier id_regCtrl_regToken = id_regCtrl.Branch("1");
+        public static readonly DerObjectIdentifier id_regCtrl_authenticator = id_regCtrl.Branch("2");
+        public static readonly DerObjectIdentifier id_regCtrl_pkiPublicationInfo = id_regCtrl.Branch("3");
+        public static readonly DerObjectIdentifier id_regCtrl_pkiArchiveOptions = id_regCtrl.Branch("4");
+
+        public static readonly DerObjectIdentifier id_ct_encKeyWithID = new DerObjectIdentifier(PkcsObjectIdentifiers.IdCT + ".21");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/EncKeyWithID.cs b/bc-sharp-crypto/src/asn1/crmf/EncKeyWithID.cs
new file mode 100644
index 0000000..6de56fa
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/EncKeyWithID.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class EncKeyWithID
+        : Asn1Encodable
+    {
+        private readonly PrivateKeyInfo privKeyInfo;
+        private readonly Asn1Encodable identifier;
+
+        public static EncKeyWithID GetInstance(object obj)
+        {
+            if (obj is EncKeyWithID)
+                return (EncKeyWithID)obj;
+
+            if (obj != null)
+                return new EncKeyWithID(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        private EncKeyWithID(Asn1Sequence seq)
+        {
+            this.privKeyInfo = PrivateKeyInfo.GetInstance(seq[0]);
+
+            if (seq.Count > 1)
+            {
+                if (!(seq[1] is DerUtf8String))
+                {
+                    this.identifier = GeneralName.GetInstance(seq[1]);
+                }
+                else
+                {
+                    this.identifier = (Asn1Encodable)seq[1];
+                }
+            }
+            else
+            {
+                this.identifier = null;
+            }
+        }
+
+        public EncKeyWithID(PrivateKeyInfo privKeyInfo)
+        {
+            this.privKeyInfo = privKeyInfo;
+            this.identifier = null;
+        }
+
+        public EncKeyWithID(PrivateKeyInfo privKeyInfo, DerUtf8String str)
+        {
+            this.privKeyInfo = privKeyInfo;
+            this.identifier = str;
+        }
+
+        public EncKeyWithID(PrivateKeyInfo privKeyInfo, GeneralName generalName)
+        {
+            this.privKeyInfo = privKeyInfo;
+            this.identifier = generalName;
+        }
+
+        public virtual PrivateKeyInfo PrivateKey
+        {
+            get { return privKeyInfo; }
+        }
+
+        public virtual bool HasIdentifier
+        {
+            get { return identifier != null; }
+        }
+
+        public virtual bool IsIdentifierUtf8String
+        {
+            get { return identifier is DerUtf8String; }
+        }
+
+        public virtual Asn1Encodable Identifier
+        {
+            get { return identifier; }
+        }
+
+        /**
+         * <pre>
+         * EncKeyWithID ::= SEQUENCE {
+         *      privateKey           PrivateKeyInfo,
+         *      identifier CHOICE {
+         *         string               UTF8String,
+         *         generalName          GeneralName
+         *     } OPTIONAL
+         * }
+         * </pre>
+         * @return
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(privKeyInfo);
+            v.AddOptional(identifier);
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/EncryptedKey.cs b/bc-sharp-crypto/src/asn1/crmf/EncryptedKey.cs
new file mode 100644
index 0000000..850fbd2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/EncryptedKey.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Cms;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class EncryptedKey
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly EnvelopedData envelopedData;
+        private readonly EncryptedValue encryptedValue;
+
+        public static EncryptedKey GetInstance(object o)
+        {
+            if (o is EncryptedKey)
+            {
+                return (EncryptedKey)o;
+            }
+            else if (o is Asn1TaggedObject)
+            {
+                return new EncryptedKey(EnvelopedData.GetInstance((Asn1TaggedObject)o, false));
+            }
+            else if (o is EncryptedValue)
+            {
+                return new EncryptedKey((EncryptedValue)o);
+            }
+            else
+            {
+                return new EncryptedKey(EncryptedValue.GetInstance(o));
+            }
+        }
+
+        public EncryptedKey(EnvelopedData envelopedData)
+        {
+            this.envelopedData = envelopedData;
+        }
+
+        public EncryptedKey(EncryptedValue encryptedValue)
+        {
+            this.encryptedValue = encryptedValue;
+        }
+
+        public virtual bool IsEncryptedValue
+        {
+            get { return encryptedValue != null; }
+        }
+
+        public virtual Asn1Encodable Value
+        {
+            get
+            {
+                if (encryptedValue != null)
+                    return encryptedValue;
+
+                return envelopedData;
+            }
+        }
+
+        /**
+         * <pre>
+         *    EncryptedKey ::= CHOICE {
+         *        encryptedValue        EncryptedValue, -- deprecated
+         *        envelopedData     [0] EnvelopedData }
+         *        -- The encrypted private key MUST be placed in the envelopedData
+         *        -- encryptedContentInfo encryptedContent OCTET STRING.
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            if (encryptedValue != null)
+            {
+                return encryptedValue.ToAsn1Object();
+            }
+
+            return new DerTaggedObject(false, 0, envelopedData);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/EncryptedValue.cs b/bc-sharp-crypto/src/asn1/crmf/EncryptedValue.cs
new file mode 100644
index 0000000..83122e2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/EncryptedValue.cs
@@ -0,0 +1,154 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class EncryptedValue
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier intendedAlg;
+        private readonly AlgorithmIdentifier symmAlg;
+        private readonly DerBitString encSymmKey;
+        private readonly AlgorithmIdentifier keyAlg;
+        private readonly Asn1OctetString valueHint;
+        private readonly DerBitString encValue;
+
+        private EncryptedValue(Asn1Sequence seq)
+        {
+            int index = 0;
+            while (seq[index] is Asn1TaggedObject)
+            {
+                Asn1TaggedObject tObj = (Asn1TaggedObject)seq[index];
+
+                switch (tObj.TagNo)
+                {
+                    case 0:
+                        intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+                        break;
+                    case 1:
+                        symmAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+                        break;
+                    case 2:
+                        encSymmKey = DerBitString.GetInstance(tObj, false);
+                        break;
+                    case 3:
+                        keyAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+                        break;
+                    case 4:
+                        valueHint = Asn1OctetString.GetInstance(tObj, false);
+                        break;
+                }
+                ++index;
+            }
+
+            encValue = DerBitString.GetInstance(seq[index]);
+        }
+
+        public static EncryptedValue GetInstance(object obj)
+        {
+            if (obj is EncryptedValue)
+                return (EncryptedValue)obj;
+
+            if (obj != null)
+                return new EncryptedValue(Asn1Sequence.GetInstance(obj));
+
+            return null;
+        }
+
+        public EncryptedValue(
+            AlgorithmIdentifier intendedAlg,
+            AlgorithmIdentifier symmAlg,
+            DerBitString encSymmKey,
+            AlgorithmIdentifier keyAlg,
+            Asn1OctetString valueHint,
+            DerBitString encValue)
+        {
+            if (encValue == null)
+            {
+                throw new ArgumentNullException("encValue");
+            }
+
+            this.intendedAlg = intendedAlg;
+            this.symmAlg = symmAlg;
+            this.encSymmKey = encSymmKey;
+            this.keyAlg = keyAlg;
+            this.valueHint = valueHint;
+            this.encValue = encValue;
+        }
+
+        public virtual AlgorithmIdentifier IntendedAlg
+        {
+            get { return intendedAlg; }
+        }
+
+        public virtual AlgorithmIdentifier SymmAlg
+        {
+            get { return symmAlg; }
+        }
+
+        public virtual DerBitString EncSymmKey
+        {
+            get { return encSymmKey; }
+        }
+
+        public virtual AlgorithmIdentifier KeyAlg
+        {
+            get { return keyAlg; }
+        }
+
+        public virtual Asn1OctetString ValueHint
+        {
+            get { return valueHint; }
+        }
+
+        public virtual DerBitString EncValue
+        {
+            get { return encValue; }
+        }
+
+        /**
+         * <pre>
+         * EncryptedValue ::= SEQUENCE {
+         *                     intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
+         *                     -- the intended algorithm for which the value will be used
+         *                     symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
+         *                     -- the symmetric algorithm used to encrypt the value
+         *                     encSymmKey    [2] BIT STRING           OPTIONAL,
+         *                     -- the (encrypted) symmetric key used to encrypt the value
+         *                     keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
+         *                     -- algorithm used to encrypt the symmetric key
+         *                     valueHint     [4] OCTET STRING         OPTIONAL,
+         *                     -- a brief description or identifier of the encValue content
+         *                     -- (may be meaningful only to the sending entity, and used only
+         *                     -- if EncryptedValue might be re-examined by the sending entity
+         *                     -- in the future)
+         *                     encValue       BIT STRING }
+         *                     -- the encrypted value itself
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            AddOptional(v, 0, intendedAlg);
+            AddOptional(v, 1, symmAlg);
+            AddOptional(v, 2, encSymmKey);
+            AddOptional(v, 3, keyAlg);
+            AddOptional(v, 4, valueHint);
+
+            v.Add(encValue);
+
+            return new DerSequence(v);
+        }
+
+        private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj)
+        {
+            if (obj != null)
+            {
+                v.Add(new DerTaggedObject(false, tagNo, obj));
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/OptionalValidity.cs b/bc-sharp-crypto/src/asn1/crmf/OptionalValidity.cs
new file mode 100644
index 0000000..d1a0f7f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/OptionalValidity.cs
@@ -0,0 +1,71 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class OptionalValidity
+        : Asn1Encodable
+    {
+        private readonly Time notBefore;
+        private readonly Time notAfter;
+
+        private OptionalValidity(Asn1Sequence seq)
+        {
+            foreach (Asn1TaggedObject tObj in seq)
+            {
+                if (tObj.TagNo == 0)
+                {
+                    notBefore = Time.GetInstance(tObj, true);
+                }
+                else
+                {
+                    notAfter = Time.GetInstance(tObj, true);
+                }
+            }
+        }
+
+        public static OptionalValidity GetInstance(object obj)
+        {
+            if (obj == null || obj is OptionalValidity)
+                return (OptionalValidity)obj;
+
+            return new OptionalValidity(Asn1Sequence.GetInstance(obj));
+        }
+
+        public virtual Time NotBefore
+        {
+            get { return notBefore; }
+        }
+
+        public virtual Time NotAfter
+        {
+            get { return notAfter; }
+        }
+
+        /**
+         * <pre>
+         * OptionalValidity ::= SEQUENCE {
+         *                        notBefore  [0] Time OPTIONAL,
+         *                        notAfter   [1] Time OPTIONAL } --at least one MUST be present
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (notBefore != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, notBefore));
+            }
+
+            if (notAfter != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, notAfter));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PKIArchiveOptions.cs b/bc-sharp-crypto/src/asn1/crmf/PKIArchiveOptions.cs
new file mode 100644
index 0000000..1813d87
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PKIArchiveOptions.cs
@@ -0,0 +1,107 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class PkiArchiveOptions
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int encryptedPrivKey = 0;
+        public const int keyGenParameters = 1;
+        public const int archiveRemGenPrivKey = 2;
+
+        private readonly Asn1Encodable value;
+
+        public static PkiArchiveOptions GetInstance(object obj)
+        {
+            if (obj is PkiArchiveOptions)
+                return (PkiArchiveOptions)obj;
+
+            if (obj is Asn1TaggedObject)
+                return new PkiArchiveOptions((Asn1TaggedObject)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        private PkiArchiveOptions(Asn1TaggedObject tagged)
+        {
+            switch (tagged.TagNo)
+            {
+                case encryptedPrivKey:
+                    value = EncryptedKey.GetInstance(tagged.GetObject());
+                    break;
+                case keyGenParameters:
+                    value = Asn1OctetString.GetInstance(tagged, false);
+                    break;
+                case archiveRemGenPrivKey:
+                    value = DerBoolean.GetInstance(tagged, false);
+                    break;
+                default:
+                    throw new ArgumentException("unknown tag number: " + tagged.TagNo, "tagged");
+            }
+        }
+
+        public PkiArchiveOptions(EncryptedKey encKey)
+        {
+            this.value = encKey;
+        }
+
+        public PkiArchiveOptions(Asn1OctetString keyGenParameters)
+        {
+            this.value = keyGenParameters;
+        }
+
+        public PkiArchiveOptions(bool archiveRemGenPrivKey)
+        {
+            this.value = DerBoolean.GetInstance(archiveRemGenPrivKey);
+        }
+
+        public virtual int Type
+        {
+            get
+            {
+                if (value is EncryptedKey)
+                    return encryptedPrivKey;
+
+                if (value is Asn1OctetString)
+                    return keyGenParameters;
+
+                return archiveRemGenPrivKey;
+            }
+        }
+
+        public virtual Asn1Encodable Value
+        {
+            get { return value; }
+        }
+
+        /**
+         * <pre>
+         *  PkiArchiveOptions ::= CHOICE {
+         *      encryptedPrivKey     [0] EncryptedKey,
+         *      -- the actual value of the private key
+         *      keyGenParameters     [1] KeyGenParameters,
+         *      -- parameters which allow the private key to be re-generated
+         *      archiveRemGenPrivKey [2] BOOLEAN }
+         *      -- set to TRUE if sender wishes receiver to archive the private
+         *      -- key of a key pair that the receiver generates in response to
+         *      -- this request; set to FALSE if no archival is desired.
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            if (value is EncryptedKey)
+            {
+                return new DerTaggedObject(true, encryptedPrivKey, value);  // choice
+            }
+
+            if (value is Asn1OctetString)
+            {
+                return new DerTaggedObject(false, keyGenParameters, value);
+            }
+
+            return new DerTaggedObject(false, archiveRemGenPrivKey, value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PKIPublicationInfo.cs b/bc-sharp-crypto/src/asn1/crmf/PKIPublicationInfo.cs
new file mode 100644
index 0000000..a7d2bc6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PKIPublicationInfo.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class PkiPublicationInfo
+        : Asn1Encodable
+    {
+        private readonly DerInteger action;
+        private readonly Asn1Sequence pubInfos;
+
+        private PkiPublicationInfo(Asn1Sequence seq)
+        {
+            action = DerInteger.GetInstance(seq[0]);
+            pubInfos = Asn1Sequence.GetInstance(seq[1]);
+        }
+
+        public static PkiPublicationInfo GetInstance(object obj)
+        {
+            if (obj is PkiPublicationInfo)
+                return (PkiPublicationInfo)obj;
+
+            if (obj is Asn1Sequence)
+                return new PkiPublicationInfo((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public virtual DerInteger Action
+        {
+            get { return action; }
+        }
+
+        public virtual SinglePubInfo[] GetPubInfos()
+        {
+            if (pubInfos == null)
+                return null;
+
+            SinglePubInfo[] results = new SinglePubInfo[pubInfos.Count];
+            for (int i = 0; i != results.Length; ++i)
+            {
+                results[i] = SinglePubInfo.GetInstance(pubInfos[i]);
+            }
+            return results;
+        }
+
+        /**
+         * <pre>
+         * PkiPublicationInfo ::= SEQUENCE {
+         *                  action     INTEGER {
+         *                                 dontPublish (0),
+         *                                 pleasePublish (1) },
+         *                  pubInfos  SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
+         * -- pubInfos MUST NOT be present if action is "dontPublish"
+         * -- (if action is "pleasePublish" and pubInfos is omitted,
+         * -- "dontCare" is assumed)
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(action, pubInfos);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PKMacValue.cs b/bc-sharp-crypto/src/asn1/crmf/PKMacValue.cs
new file mode 100644
index 0000000..e104c08
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PKMacValue.cs
@@ -0,0 +1,90 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    /**
+     * Password-based MAC value for use with POPOSigningKeyInput.
+     */
+    public class PKMacValue
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier  algID;
+        private readonly DerBitString         macValue;
+
+        private PKMacValue(Asn1Sequence seq)
+        {
+            this.algID = AlgorithmIdentifier.GetInstance(seq[0]);
+            this.macValue = DerBitString.GetInstance(seq[1]);
+        }
+
+        public static PKMacValue GetInstance(object obj)
+        {
+            if (obj is PKMacValue)
+                return (PKMacValue)obj;
+
+            if (obj is Asn1Sequence)
+                return new PKMacValue((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public static PKMacValue GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        /**
+         * Creates a new PKMACValue.
+         * @param params parameters for password-based MAC
+         * @param value MAC of the DER-encoded SubjectPublicKeyInfo
+         */
+        public PKMacValue(
+            PbmParameter pbmParams,
+            DerBitString macValue)
+            : this(new AlgorithmIdentifier(CmpObjectIdentifiers.passwordBasedMac, pbmParams), macValue)
+        {
+        }
+
+        /**
+         * Creates a new PKMACValue.
+         * @param aid CMPObjectIdentifiers.passwordBasedMAC, with PBMParameter
+         * @param value MAC of the DER-encoded SubjectPublicKeyInfo
+         */
+        public PKMacValue(
+            AlgorithmIdentifier algID,
+            DerBitString        macValue)
+        {
+            this.algID = algID;
+            this.macValue = macValue;
+        }
+
+        public virtual AlgorithmIdentifier AlgID
+        {
+            get { return algID; }
+        }
+
+        public virtual DerBitString MacValue
+        {
+            get { return macValue; }
+        }
+
+        /**
+         * <pre>
+         * PKMACValue ::= SEQUENCE {
+         *      algId  AlgorithmIdentifier,
+         *      -- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13
+         *      -- parameter value is PBMParameter
+         *      value  BIT STRING }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(algID, macValue);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PopoPrivKey.cs b/bc-sharp-crypto/src/asn1/crmf/PopoPrivKey.cs
new file mode 100644
index 0000000..0cedc51
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PopoPrivKey.cs
@@ -0,0 +1,84 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Cms;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class PopoPrivKey
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int thisMessage = 0;
+        public const int subsequentMessage = 1;
+        public const int dhMAC = 2;
+        public const int agreeMAC = 3;
+        public const int encryptedKey = 4;
+
+        private readonly int tagNo;
+        private readonly Asn1Encodable obj;
+
+        private PopoPrivKey(Asn1TaggedObject obj)
+        {
+            this.tagNo = obj.TagNo;
+
+            switch (tagNo)
+            {
+            case thisMessage:
+                this.obj = DerBitString.GetInstance(obj, false);
+                break;
+            case subsequentMessage:
+                this.obj = SubsequentMessage.ValueOf(DerInteger.GetInstance(obj, false).Value.IntValue);
+                break;
+            case dhMAC:
+                this.obj = DerBitString.GetInstance(obj, false);
+                break;
+            case agreeMAC:
+                this.obj = PKMacValue.GetInstance(obj, false);
+                break;
+            case encryptedKey:
+                this.obj = EnvelopedData.GetInstance(obj, false);
+                break;
+            default:
+                throw new ArgumentException("unknown tag in PopoPrivKey", "obj");
+            }
+        }
+
+        public static PopoPrivKey GetInstance(Asn1TaggedObject tagged, bool isExplicit)
+        {
+            return new PopoPrivKey(Asn1TaggedObject.GetInstance(tagged.GetObject()));
+        }
+
+        public PopoPrivKey(SubsequentMessage msg)
+        {
+            this.tagNo = subsequentMessage;
+            this.obj = msg;
+        }
+
+        public virtual int Type
+        {
+            get { return tagNo; }
+        }
+
+        public virtual Asn1Encodable Value
+        {
+            get { return obj; }
+        }
+
+        /**
+         * <pre>
+         * PopoPrivKey ::= CHOICE {
+         *        thisMessage       [0] BIT STRING,         -- Deprecated
+         *         -- possession is proven in this message (which contains the private
+         *         -- key itself (encrypted for the CA))
+         *        subsequentMessage [1] SubsequentMessage,
+         *         -- possession will be proven in a subsequent message
+         *        dhMAC             [2] BIT STRING,         -- Deprecated
+         *        agreeMAC          [3] PKMACValue,
+         *        encryptedKey      [4] EnvelopedData }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerTaggedObject(false, tagNo, obj);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PopoSigningKey.cs b/bc-sharp-crypto/src/asn1/crmf/PopoSigningKey.cs
new file mode 100644
index 0000000..1c24db8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PopoSigningKey.cs
@@ -0,0 +1,116 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class PopoSigningKey
+        : Asn1Encodable
+    {
+        private readonly PopoSigningKeyInput poposkInput;
+        private readonly AlgorithmIdentifier algorithmIdentifier;
+        private readonly DerBitString signature;
+
+        private PopoSigningKey(Asn1Sequence seq)
+        {
+            int index = 0;
+
+            if (seq[index] is Asn1TaggedObject)
+            {
+                Asn1TaggedObject tagObj
+                    = (Asn1TaggedObject) seq[index++];
+                if (tagObj.TagNo != 0)
+                {
+                    throw new ArgumentException( "Unknown PopoSigningKeyInput tag: " + tagObj.TagNo, "seq");
+                }
+                poposkInput = PopoSigningKeyInput.GetInstance(tagObj.GetObject());
+            }
+            algorithmIdentifier = AlgorithmIdentifier.GetInstance(seq[index++]);
+            signature = DerBitString.GetInstance(seq[index]);
+        }
+
+        public static PopoSigningKey GetInstance(object obj)
+        {
+            if (obj is PopoSigningKey)
+                return (PopoSigningKey)obj;
+
+            if (obj is Asn1Sequence)
+                return new PopoSigningKey((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public static PopoSigningKey GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        /**
+         * Creates a new Proof of Possession object for a signing key.
+         * @param poposkIn the PopoSigningKeyInput structure, or null if the
+         *     CertTemplate includes both subject and publicKey values.
+         * @param aid the AlgorithmIdentifier used to sign the proof of possession.
+         * @param signature a signature over the DER-encoded value of poposkIn,
+         *     or the DER-encoded value of certReq if poposkIn is null.
+         */
+        public PopoSigningKey(
+            PopoSigningKeyInput poposkIn,
+            AlgorithmIdentifier aid,
+            DerBitString signature)
+        {
+            this.poposkInput = poposkIn;
+            this.algorithmIdentifier = aid;
+            this.signature = signature;
+        }
+
+        public virtual PopoSigningKeyInput PoposkInput
+        {
+            get { return poposkInput; }
+        }
+
+        public virtual AlgorithmIdentifier AlgorithmIdentifier
+        {
+            get { return algorithmIdentifier; }
+        }
+
+        public virtual DerBitString Signature
+        {
+            get { return signature; }
+        }
+
+        /**
+         * <pre>
+         * PopoSigningKey ::= SEQUENCE {
+         *                      poposkInput           [0] PopoSigningKeyInput OPTIONAL,
+         *                      algorithmIdentifier   AlgorithmIdentifier,
+         *                      signature             BIT STRING }
+         *  -- The signature (using "algorithmIdentifier") is on the
+         *  -- DER-encoded value of poposkInput.  NOTE: If the CertReqMsg
+         *  -- certReq CertTemplate contains the subject and publicKey values,
+         *  -- then poposkInput MUST be omitted and the signature MUST be
+         *  -- computed on the DER-encoded value of CertReqMsg certReq.  If
+         *  -- the CertReqMsg certReq CertTemplate does not contain the public
+         *  -- key and subject values, then poposkInput MUST be present and
+         *  -- MUST be signed.  This strategy ensures that the public key is
+         *  -- not present in both the poposkInput and CertReqMsg certReq
+         *  -- CertTemplate fields.
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (poposkInput != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, poposkInput));
+            }
+
+            v.Add(algorithmIdentifier);
+            v.Add(signature);
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/PopoSigningKeyInput.cs b/bc-sharp-crypto/src/asn1/crmf/PopoSigningKeyInput.cs
new file mode 100644
index 0000000..e43fa13
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/PopoSigningKeyInput.cs
@@ -0,0 +1,116 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class PopoSigningKeyInput
+        : Asn1Encodable
+    {
+        private readonly GeneralName            sender;
+        private readonly PKMacValue             publicKeyMac;
+        private readonly SubjectPublicKeyInfo   publicKey;
+
+        private PopoSigningKeyInput(Asn1Sequence seq)
+        {
+            Asn1Encodable authInfo = (Asn1Encodable)seq[0];
+
+            if (authInfo is Asn1TaggedObject)
+            {
+                Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo;
+                if (tagObj.TagNo != 0)
+                {
+                    throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq");
+                }
+                sender = GeneralName.GetInstance(tagObj.GetObject());
+            }
+            else
+            {
+                publicKeyMac = PKMacValue.GetInstance(authInfo);
+            }
+
+            publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
+        }
+
+        public static PopoSigningKeyInput GetInstance(object obj)
+        {
+            if (obj is PopoSigningKeyInput)
+                return (PopoSigningKeyInput)obj;
+
+            if (obj is Asn1Sequence)
+                return new PopoSigningKeyInput((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /** Creates a new PopoSigningKeyInput with sender name as authInfo. */
+        public PopoSigningKeyInput(
+            GeneralName sender,
+            SubjectPublicKeyInfo spki)
+        {
+            this.sender = sender;
+            this.publicKey = spki;
+        }
+
+        /** Creates a new PopoSigningKeyInput using password-based MAC. */
+        public PopoSigningKeyInput(
+            PKMacValue pkmac,
+            SubjectPublicKeyInfo spki)
+        {
+            this.publicKeyMac = pkmac;
+            this.publicKey = spki;
+        }
+
+        /** Returns the sender field, or null if authInfo is publicKeyMac */
+        public virtual GeneralName Sender
+        {
+            get { return sender; }
+        }
+
+        /** Returns the publicKeyMac field, or null if authInfo is sender */
+        public virtual PKMacValue PublicKeyMac
+        {
+            get { return publicKeyMac; }
+        }
+
+        public virtual SubjectPublicKeyInfo PublicKey
+        {
+            get { return publicKey; }
+        }
+
+        /**
+         * <pre>
+         * PopoSigningKeyInput ::= SEQUENCE {
+         *        authInfo             CHOICE {
+         *                                 sender              [0] GeneralName,
+         *                                 -- used only if an authenticated identity has been
+         *                                 -- established for the sender (e.g., a DN from a
+         *                                 -- previously-issued and currently-valid certificate
+         *                                 publicKeyMac        PKMacValue },
+         *                                 -- used if no authenticated GeneralName currently exists for
+         *                                 -- the sender; publicKeyMac contains a password-based MAC
+         *                                 -- on the DER-encoded value of publicKey
+         *        publicKey           SubjectPublicKeyInfo }  -- from CertTemplate
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (sender != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, sender));
+            }
+            else
+            {
+                v.Add(publicKeyMac);
+            }
+
+            v.Add(publicKey);
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/ProofOfPossession.cs b/bc-sharp-crypto/src/asn1/crmf/ProofOfPossession.cs
new file mode 100644
index 0000000..8957169
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/ProofOfPossession.cs
@@ -0,0 +1,100 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class ProofOfPossession
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int TYPE_RA_VERIFIED = 0;
+        public const int TYPE_SIGNING_KEY = 1;
+        public const int TYPE_KEY_ENCIPHERMENT = 2;
+        public const int TYPE_KEY_AGREEMENT = 3;
+
+        private readonly int tagNo;
+        private readonly Asn1Encodable obj;
+
+        private ProofOfPossession(Asn1TaggedObject tagged)
+        {
+            tagNo = tagged.TagNo;
+            switch (tagNo)
+            {
+            case 0:
+                obj = DerNull.Instance;
+                break;
+            case 1:
+                obj = PopoSigningKey.GetInstance(tagged, false);
+                break;
+            case 2:
+            case 3:
+                obj = PopoPrivKey.GetInstance(tagged, false);
+                break;
+            default:
+                throw new ArgumentException("unknown tag: " + tagNo, "tagged");
+            }
+        }
+
+        public static ProofOfPossession GetInstance(object obj)
+        {
+            if (obj is ProofOfPossession)
+                return (ProofOfPossession)obj;
+
+            if (obj is Asn1TaggedObject)
+                return new ProofOfPossession((Asn1TaggedObject)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /** Creates a ProofOfPossession with type raVerified. */
+        public ProofOfPossession()
+        {
+            tagNo = TYPE_RA_VERIFIED;
+            obj = DerNull.Instance;
+        }
+
+        /** Creates a ProofOfPossession for a signing key. */
+        public ProofOfPossession(PopoSigningKey Poposk)
+        {
+            tagNo = TYPE_SIGNING_KEY;
+            obj = Poposk;
+        }
+
+        /**
+         * Creates a ProofOfPossession for key encipherment or agreement.
+         * @param type one of TYPE_KEY_ENCIPHERMENT or TYPE_KEY_AGREEMENT
+         */
+        public ProofOfPossession(int type, PopoPrivKey privkey)
+        {
+            tagNo = type;
+            obj = privkey;
+        }
+
+        public virtual int Type
+        {
+            get { return tagNo; }
+        }
+
+        public virtual Asn1Encodable Object
+        {
+            get { return obj; }
+        }
+
+        /**
+         * <pre>
+         * ProofOfPossession ::= CHOICE {
+         *                           raVerified        [0] NULL,
+         *                           -- used if the RA has already verified that the requester is in
+         *                           -- possession of the private key
+         *                           signature         [1] PopoSigningKey,
+         *                           keyEncipherment   [2] PopoPrivKey,
+         *                           keyAgreement      [3] PopoPrivKey }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerTaggedObject(false, tagNo, obj);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/SinglePubInfo.cs b/bc-sharp-crypto/src/asn1/crmf/SinglePubInfo.cs
new file mode 100644
index 0000000..5205ce3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/SinglePubInfo.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class SinglePubInfo
+        : Asn1Encodable
+    {
+        private readonly DerInteger pubMethod;
+        private readonly GeneralName pubLocation;
+
+        private SinglePubInfo(Asn1Sequence seq)
+        {
+            pubMethod = DerInteger.GetInstance(seq[0]);
+
+            if (seq.Count == 2)
+            {
+                pubLocation = GeneralName.GetInstance(seq[1]);
+            }
+        }
+
+        public static SinglePubInfo GetInstance(object obj)
+        {
+            if (obj is SinglePubInfo)
+                return (SinglePubInfo)obj;
+
+            if (obj is Asn1Sequence)
+                return new SinglePubInfo((Asn1Sequence)obj);
+
+            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public virtual GeneralName PubLocation
+        {
+            get { return pubLocation; }
+        }
+
+        /**
+         * <pre>
+         * SinglePubInfo ::= SEQUENCE {
+         *        pubMethod    INTEGER {
+         *           dontCare    (0),
+         *           x500        (1),
+         *           web         (2),
+         *           ldap        (3) },
+         *       pubLocation  GeneralName OPTIONAL }
+         * </pre>
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(pubMethod);
+            v.AddOptional(pubLocation);
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/crmf/SubsequentMessage.cs b/bc-sharp-crypto/src/asn1/crmf/SubsequentMessage.cs
new file mode 100644
index 0000000..cc1c164
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/crmf/SubsequentMessage.cs
@@ -0,0 +1,27 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Crmf
+{
+    public class SubsequentMessage
+        : DerInteger
+    {
+        public static readonly SubsequentMessage encrCert = new SubsequentMessage(0);
+        public static readonly SubsequentMessage challengeResp = new SubsequentMessage(1);
+    
+        private SubsequentMessage(int value)
+            : base(value)
+        {
+        }
+
+        public static SubsequentMessage ValueOf(int value)
+        {
+            if (value == 0)
+                return encrCert;
+
+            if (value == 1)
+                return challengeResp;
+
+            throw new ArgumentException("unknown value: " + value, "value");
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs
new file mode 100644
index 0000000..e2f2c18
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    public abstract class CryptoProObjectIdentifiers
+    {
+        // GOST Algorithms OBJECT IDENTIFIERS :
+        // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)}
+        public const string GostID = "1.2.643.2.2";
+
+		public static readonly DerObjectIdentifier GostR3411 = new DerObjectIdentifier(GostID + ".9");
+        public static readonly DerObjectIdentifier GostR3411Hmac = new DerObjectIdentifier(GostID + ".10");
+
+        public static readonly DerObjectIdentifier GostR28147Cbc = new DerObjectIdentifier(GostID + ".21");
+
+        public static readonly DerObjectIdentifier ID_Gost28147_89_CryptoPro_A_ParamSet = new DerObjectIdentifier(GostID + ".31.1");
+
+        public static readonly DerObjectIdentifier GostR3410x94 = new DerObjectIdentifier(GostID + ".20");
+        public static readonly DerObjectIdentifier GostR3410x2001 = new DerObjectIdentifier(GostID + ".19");
+        public static readonly DerObjectIdentifier GostR3411x94WithGostR3410x94 = new DerObjectIdentifier(GostID + ".4");
+        public static readonly DerObjectIdentifier GostR3411x94WithGostR3410x2001 = new DerObjectIdentifier(GostID + ".3");
+
+		// { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) }
+        public static readonly DerObjectIdentifier GostR3411x94CryptoProParamSet = new DerObjectIdentifier(GostID + ".30.1");
+
+		// { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) }
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProA = new DerObjectIdentifier(GostID + ".32.2");
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProB = new DerObjectIdentifier(GostID + ".32.3");
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProC = new DerObjectIdentifier(GostID + ".32.4");
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProD = new DerObjectIdentifier(GostID + ".32.5");
+
+		// { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) }
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProXchA = new DerObjectIdentifier(GostID + ".33.1");
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProXchB = new DerObjectIdentifier(GostID + ".33.2");
+        public static readonly DerObjectIdentifier GostR3410x94CryptoProXchC = new DerObjectIdentifier(GostID + ".33.3");
+
+		//{ iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) }
+        public static readonly DerObjectIdentifier GostR3410x2001CryptoProA = new DerObjectIdentifier(GostID + ".35.1");
+        public static readonly DerObjectIdentifier GostR3410x2001CryptoProB = new DerObjectIdentifier(GostID + ".35.2");
+        public static readonly DerObjectIdentifier GostR3410x2001CryptoProC = new DerObjectIdentifier(GostID + ".35.3");
+
+		// { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) }
+        public static readonly DerObjectIdentifier GostR3410x2001CryptoProXchA  = new DerObjectIdentifier(GostID + ".36.0");
+        public static readonly DerObjectIdentifier GostR3410x2001CryptoProXchB  = new DerObjectIdentifier(GostID + ".36.1");
+
+		public static readonly DerObjectIdentifier GostElSgDH3410Default = new DerObjectIdentifier(GostID + ".36.0");
+        public static readonly DerObjectIdentifier GostElSgDH3410x1 = new DerObjectIdentifier(GostID + ".36.1");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs b/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs
new file mode 100644
index 0000000..32d3103
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs
@@ -0,0 +1,184 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    /**
+    * table of the available named parameters for GOST 3410-2001.
+    */
+    public sealed class ECGost3410NamedCurves
+    {
+        private ECGost3410NamedCurves()
+        {
+        }
+
+        internal static readonly IDictionary objIds = Platform.CreateHashtable();
+        internal static readonly IDictionary parameters = Platform.CreateHashtable();
+        internal static readonly IDictionary names = Platform.CreateHashtable();
+
+        static ECGost3410NamedCurves()
+        {
+            BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
+            BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
+
+            FpCurve curve = new FpCurve(
+                mod_p, // p
+                new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
+                new BigInteger("166"), // b
+                mod_q,
+                BigInteger.One);
+
+            ECDomainParameters ecParams = new ECDomainParameters(
+                curve,
+                curve.CreatePoint(
+                    new BigInteger("1"), // x
+                    new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
+                mod_q);
+
+            parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = ecParams;
+
+            mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
+            mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
+
+            curve = new FpCurve(
+                mod_p, // p
+                new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"),
+                new BigInteger("166"),
+                mod_q,
+                BigInteger.One);
+
+            ecParams = new ECDomainParameters(
+                curve,
+                curve.CreatePoint(
+                    new BigInteger("1"), // x
+                    new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
+                mod_q);
+
+            parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = ecParams;
+
+            mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
+            mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q
+
+            curve = new FpCurve(
+                mod_p, // p
+                new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
+                new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b
+                mod_q,
+                BigInteger.One);
+
+            ecParams = new ECDomainParameters(
+                curve,
+                curve.CreatePoint(
+                    new BigInteger("1"), // x
+                    new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y
+                mod_q); // q
+
+            parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = ecParams;
+
+            mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619");
+            mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601");
+
+            curve = new FpCurve(
+                mod_p, // p
+                new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"),
+                new BigInteger("32858"),
+                mod_q,
+                BigInteger.One);
+
+            ecParams = new ECDomainParameters(
+                curve,
+                curve.CreatePoint(
+                    new BigInteger("0"),
+                    new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")),
+                mod_q);
+
+            parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = ecParams;
+
+            mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
+            mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q
+            curve = new FpCurve(
+                mod_p, // p
+                new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
+                new BigInteger("32858"), // b
+                mod_q,
+                BigInteger.One);
+
+            ecParams = new ECDomainParameters(
+                curve,
+                curve.CreatePoint(
+                    new BigInteger("0"), // x
+                    new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y
+                mod_q); // q
+
+            parameters[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = ecParams;
+
+            objIds["GostR3410-2001-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProA;
+            objIds["GostR3410-2001-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProB;
+            objIds["GostR3410-2001-CryptoPro-C"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProC;
+            objIds["GostR3410-2001-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA;
+            objIds["GostR3410-2001-CryptoPro-XchB"] = CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB;
+
+            names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProA] = "GostR3410-2001-CryptoPro-A";
+            names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProB] = "GostR3410-2001-CryptoPro-B";
+            names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProC] = "GostR3410-2001-CryptoPro-C";
+            names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA] = "GostR3410-2001-CryptoPro-XchA";
+            names[CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB] = "GostR3410-2001-CryptoPro-XchB";
+        }
+
+        /**
+        * return the ECDomainParameters object for the given OID, null if it
+        * isn't present.
+        *
+        * @param oid an object identifier representing a named parameters, if present.
+        */
+        public static ECDomainParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            return (ECDomainParameters) parameters[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+
+        public static ECDomainParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = (DerObjectIdentifier) objIds[name];
+
+            if (oid != null)
+            {
+                return (ECDomainParameters) parameters[oid];
+            }
+
+            return null;
+        }
+
+        /**
+        * return the named curve name represented by the given object identifier.
+        */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string) names[oid];
+        }
+
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier) objIds[name];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs b/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs
new file mode 100644
index 0000000..8e568a2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs
@@ -0,0 +1,87 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    public class ECGost3410ParamSetParameters
+        : Asn1Encodable
+    {
+        internal readonly DerInteger p, q, a, b, x, y;
+
+        public static ECGost3410ParamSetParameters GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static ECGost3410ParamSetParameters GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is ECGost3410ParamSetParameters)
+            {
+                return (ECGost3410ParamSetParameters) obj;
+            }
+
+            if (obj is Asn1Sequence)
+            {
+                return new ECGost3410ParamSetParameters((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj));
+        }
+
+        public ECGost3410ParamSetParameters(
+            BigInteger a,
+            BigInteger b,
+            BigInteger p,
+            BigInteger q,
+            int        x,
+            BigInteger y)
+        {
+            this.a = new DerInteger(a);
+            this.b = new DerInteger(b);
+            this.p = new DerInteger(p);
+            this.q = new DerInteger(q);
+            this.x = new DerInteger(x);
+            this.y = new DerInteger(y);
+        }
+
+        public ECGost3410ParamSetParameters(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 6)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.a = DerInteger.GetInstance(seq[0]);
+			this.b = DerInteger.GetInstance(seq[1]);
+			this.p = DerInteger.GetInstance(seq[2]);
+			this.q = DerInteger.GetInstance(seq[3]);
+			this.x = DerInteger.GetInstance(seq[4]);
+			this.y = DerInteger.GetInstance(seq[5]);
+        }
+
+		public BigInteger P
+		{
+			get { return p.PositiveValue; }
+		}
+
+		public BigInteger Q
+		{
+			get { return q.PositiveValue; }
+		}
+
+		public BigInteger A
+		{
+			get { return a.PositiveValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(a, b, p, q, x, y);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/GOST28147Parameters.cs b/bc-sharp-crypto/src/asn1/cryptopro/GOST28147Parameters.cs
new file mode 100644
index 0000000..fc0d792
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/GOST28147Parameters.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    public class Gost28147Parameters
+        : Asn1Encodable
+    {
+        private readonly Asn1OctetString iv;
+        private readonly DerObjectIdentifier paramSet;
+
+		public static Gost28147Parameters GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static Gost28147Parameters GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Gost28147Parameters)
+            {
+                return (Gost28147Parameters) obj;
+            }
+
+            if (obj is Asn1Sequence)
+            {
+                return new Gost28147Parameters((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj));
+        }
+
+        private Gost28147Parameters(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.iv = Asn1OctetString.GetInstance(seq[0]);
+			this.paramSet = DerObjectIdentifier.GetInstance(seq[1]);
+        }
+
+		/**
+         * <pre>
+         * Gost28147-89-Parameters ::=
+         *               SEQUENCE {
+         *                       iv                   Gost28147-89-IV,
+         *                       encryptionParamSet   OBJECT IDENTIFIER
+         *                }
+         *
+         *   Gost28147-89-IV ::= OCTET STRING (SIZE (8))
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(iv, paramSet);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs
new file mode 100644
index 0000000..66dba51
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs
@@ -0,0 +1,123 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    /**
+    * table of the available named parameters for GOST 3410-94.
+    */
+    public sealed class Gost3410NamedParameters
+    {
+		private Gost3410NamedParameters()
+		{
+		}
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary parameters = Platform.CreateHashtable();
+
+        private static readonly Gost3410ParamSetParameters cryptoProA = new Gost3410ParamSetParameters(
+            1024,
+            new BigInteger("127021248288932417465907042777176443525787653508916535812817507265705031260985098497423188333483401180925999995120988934130659205614996724254121049274349357074920312769561451689224110579311248812610229678534638401693520013288995000362260684222750813532307004517341633685004541062586971416883686778842537820383"),
+            new BigInteger("68363196144955700784444165611827252895102170888761442055095051287550314083023"),
+            new BigInteger("100997906755055304772081815535925224869841082572053457874823515875577147990529272777244152852699298796483356699682842027972896052747173175480590485607134746852141928680912561502802222185647539190902656116367847270145019066794290930185446216399730872221732889830323194097355403213400972588322876850946740663962")
+            //            validationAlgorithm {
+            //                    algorithm
+            //                        id-GostR3410-94-bBis,
+            //                    parameters
+            //                        GostR3410-94-ValidationBisParameters: {
+            //                            x0      1376285941,
+            //                            c       3996757427
+            //                        }
+            //                }
+
+            );
+
+        private static readonly Gost3410ParamSetParameters cryptoProB = new Gost3410ParamSetParameters(
+            1024,
+            new BigInteger("139454871199115825601409655107690713107041707059928031797758001454375765357722984094124368522288239833039114681648076688236921220737322672160740747771700911134550432053804647694904686120113087816240740184800477047157336662926249423571248823968542221753660143391485680840520336859458494803187341288580489525163"),
+            new BigInteger("79885141663410976897627118935756323747307951916507639758300472692338873533959"),
+            new BigInteger("42941826148615804143873447737955502392672345968607143066798112994089471231420027060385216699563848719957657284814898909770759462613437669456364882730370838934791080835932647976778601915343474400961034231316672578686920482194932878633360203384797092684342247621055760235016132614780652761028509445403338652341")
+            //    validationAlgorithm {
+            //            algorithm
+            //                id-GostR3410-94-bBis,
+            //            parameters
+            //                GostR3410-94-ValidationBisParameters: {
+            //                    x0      1536654555,
+            //                    c       1855361757,
+            //                    d       14408629386140014567655
+            //4902939282056547857802241461782996702017713059974755104394739915140
+            //6115284791024439062735788342744854120601660303926203867703556828005
+            //8957203818114895398976594425537561271800850306
+            //                }
+            //        }
+            //}
+            );
+
+        private static readonly Gost3410ParamSetParameters cryptoProXchA = new Gost3410ParamSetParameters(
+            1024,
+            new BigInteger("142011741597563481196368286022318089743276138395243738762872573441927459393512718973631166078467600360848946623567625795282774719212241929071046134208380636394084512691828894000571524625445295769349356752728956831541775441763139384457191755096847107846595662547942312293338483924514339614727760681880609734239"),
+            new BigInteger("91771529896554605945588149018382750217296858393520724172743325725474374979801"),
+            new BigInteger("133531813272720673433859519948319001217942375967847486899482359599369642528734712461590403327731821410328012529253871914788598993103310567744136196364803064721377826656898686468463277710150809401182608770201615324990468332931294920912776241137878030224355746606283971659376426832674269780880061631528163475887")
+            );
+
+		static Gost3410NamedParameters()
+        {
+            parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProA] = cryptoProA;
+            parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProB] = cryptoProB;
+            //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProC] = cryptoProC;
+            //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProD] = cryptoProD;
+            parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchA] = cryptoProXchA;
+            //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchB] = cryptoProXchA;
+            //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchC] = cryptoProXchA;
+
+			objIds["GostR3410-94-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProA;
+            objIds["GostR3410-94-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProB;
+            objIds["GostR3410-94-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProXchA;
+        }
+
+		/**
+        * return the GOST3410ParamSetParameters object for the given OID, null if it
+        * isn't present.
+        *
+        * @param oid an object identifier representing a named parameters, if present.
+        */
+        public static Gost3410ParamSetParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            return (Gost3410ParamSetParameters) parameters[oid];
+        }
+
+		/**
+        * returns an enumeration containing the name strings for parameters
+        * contained in this structure.
+        */
+        public static IEnumerable Names
+        {
+			get { return new EnumerableProxy(objIds.Keys); }
+        }
+
+		public static Gost3410ParamSetParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = (DerObjectIdentifier) objIds[name];
+
+            if (oid != null)
+            {
+                return (Gost3410ParamSetParameters) parameters[oid];
+            }
+
+            return null;
+        }
+
+        public static DerObjectIdentifier GetOid(
+			string name)
+        {
+            return (DerObjectIdentifier) objIds[name];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs
new file mode 100644
index 0000000..b347f8d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs
@@ -0,0 +1,87 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    public class Gost3410ParamSetParameters
+        : Asn1Encodable
+    {
+        private readonly int keySize;
+        private readonly DerInteger	p, q, a;
+
+		public static Gost3410ParamSetParameters GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static Gost3410ParamSetParameters GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Gost3410ParamSetParameters)
+            {
+                return (Gost3410ParamSetParameters) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new Gost3410ParamSetParameters((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj));
+        }
+
+		public Gost3410ParamSetParameters(
+            int			keySize,
+            BigInteger	p,
+            BigInteger	q,
+            BigInteger	a)
+        {
+            this.keySize = keySize;
+            this.p = new DerInteger(p);
+            this.q = new DerInteger(q);
+            this.a = new DerInteger(a);
+        }
+
+		private Gost3410ParamSetParameters(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 4)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.keySize = DerInteger.GetInstance(seq[0]).Value.IntValue;
+			this.p = DerInteger.GetInstance(seq[1]);
+            this.q = DerInteger.GetInstance(seq[2]);
+			this.a = DerInteger.GetInstance(seq[3]);
+        }
+
+		public int KeySize
+		{
+			get { return keySize; }
+		}
+
+		public BigInteger P
+		{
+			get { return p.PositiveValue; }
+		}
+
+		public BigInteger Q
+		{
+			get { return q.PositiveValue; }
+		}
+
+		public BigInteger A
+		{
+			get { return a.PositiveValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(new DerInteger(keySize), p, q, a);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
new file mode 100644
index 0000000..10c45ba
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs
@@ -0,0 +1,99 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.CryptoPro
+{
+    public class Gost3410PublicKeyAlgParameters
+        : Asn1Encodable
+    {
+        private DerObjectIdentifier	publicKeyParamSet;
+        private DerObjectIdentifier	digestParamSet;
+        private DerObjectIdentifier	encryptionParamSet;
+
+		public static Gost3410PublicKeyAlgParameters GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static Gost3410PublicKeyAlgParameters GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Gost3410PublicKeyAlgParameters)
+            {
+                return (Gost3410PublicKeyAlgParameters) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new Gost3410PublicKeyAlgParameters((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj));
+        }
+
+		public Gost3410PublicKeyAlgParameters(
+            DerObjectIdentifier	publicKeyParamSet,
+            DerObjectIdentifier	digestParamSet)
+			: this (publicKeyParamSet, digestParamSet, null)
+        {
+        }
+
+		public Gost3410PublicKeyAlgParameters(
+            DerObjectIdentifier  publicKeyParamSet,
+            DerObjectIdentifier  digestParamSet,
+            DerObjectIdentifier  encryptionParamSet)
+        {
+			if (publicKeyParamSet == null)
+				throw new ArgumentNullException("publicKeyParamSet");
+			if (digestParamSet == null)
+				throw new ArgumentNullException("digestParamSet");
+
+			this.publicKeyParamSet = publicKeyParamSet;
+            this.digestParamSet = digestParamSet;
+            this.encryptionParamSet = encryptionParamSet;
+        }
+
+		public Gost3410PublicKeyAlgParameters(
+            Asn1Sequence seq)
+        {
+            this.publicKeyParamSet = (DerObjectIdentifier) seq[0];
+            this.digestParamSet = (DerObjectIdentifier) seq[1];
+
+			if (seq.Count > 2)
+            {
+                this.encryptionParamSet = (DerObjectIdentifier) seq[2];
+            }
+        }
+
+		public DerObjectIdentifier PublicKeyParamSet
+		{
+			get { return publicKeyParamSet; }
+		}
+
+		public DerObjectIdentifier DigestParamSet
+		{
+			get { return digestParamSet; }
+		}
+
+		public DerObjectIdentifier EncryptionParamSet
+		{
+			get { return encryptionParamSet; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				publicKeyParamSet, digestParamSet);
+
+			if (encryptionParamSet != null)
+            {
+                v.Add(encryptionParamSet);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/eac/EACObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/eac/EACObjectIdentifiers.cs
new file mode 100644
index 0000000..d54ef0e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/eac/EACObjectIdentifiers.cs
@@ -0,0 +1,50 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Eac
+{
+	public abstract class EacObjectIdentifiers
+	{
+		// bsi-de OBJECT IDENTIFIER ::= {
+		//         itu-t(0) identified-organization(4) etsi(0)
+		//         reserved(127) etsi-identified-organization(0) 7
+		//     }
+		public static readonly DerObjectIdentifier bsi_de = new DerObjectIdentifier("0.4.0.127.0.7");
+
+		// id-PK OBJECT IDENTIFIER ::= {
+		//         bsi-de protocols(2) smartcard(2) 1
+		//     }
+		public static readonly DerObjectIdentifier id_PK = new DerObjectIdentifier(bsi_de + ".2.2.1");
+
+		public static readonly DerObjectIdentifier id_PK_DH = new DerObjectIdentifier(id_PK + ".1");
+		public static readonly DerObjectIdentifier id_PK_ECDH = new DerObjectIdentifier(id_PK + ".2");
+
+		// id-CA OBJECT IDENTIFIER ::= {
+		//         bsi-de protocols(2) smartcard(2) 3
+		//     }
+		public static readonly DerObjectIdentifier id_CA = new DerObjectIdentifier(bsi_de + ".2.2.3");
+		public static readonly DerObjectIdentifier id_CA_DH = new DerObjectIdentifier(id_CA + ".1");
+		public static readonly DerObjectIdentifier id_CA_DH_3DES_CBC_CBC = new DerObjectIdentifier(id_CA_DH + ".1");
+		public static readonly DerObjectIdentifier id_CA_ECDH = new DerObjectIdentifier(id_CA + ".2");
+		public static readonly DerObjectIdentifier id_CA_ECDH_3DES_CBC_CBC = new DerObjectIdentifier(id_CA_ECDH + ".1");
+
+		//
+		// id-TA OBJECT IDENTIFIER ::= {
+		//     bsi-de protocols(2) smartcard(2) 2
+		// }
+		public static readonly DerObjectIdentifier id_TA = new DerObjectIdentifier(bsi_de + ".2.2.2");
+
+		public static readonly DerObjectIdentifier id_TA_RSA = new DerObjectIdentifier(id_TA + ".1");
+		public static readonly DerObjectIdentifier id_TA_RSA_v1_5_SHA_1 = new DerObjectIdentifier(id_TA_RSA + ".1");
+		public static readonly DerObjectIdentifier id_TA_RSA_v1_5_SHA_256 = new DerObjectIdentifier(id_TA_RSA + ".2");
+		public static readonly DerObjectIdentifier id_TA_RSA_PSS_SHA_1 = new DerObjectIdentifier(id_TA_RSA + ".3");
+		public static readonly DerObjectIdentifier id_TA_RSA_PSS_SHA_256 = new DerObjectIdentifier(id_TA_RSA + ".4");
+		public static readonly DerObjectIdentifier id_TA_ECDSA = new DerObjectIdentifier(id_TA + ".2");
+		public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_1 = new DerObjectIdentifier(id_TA_ECDSA + ".1");
+		public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_224 = new DerObjectIdentifier(id_TA_ECDSA + ".2");
+		public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_256 = new DerObjectIdentifier(id_TA_ECDSA + ".3");
+		public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_384 = new DerObjectIdentifier(id_TA_ECDSA + ".4");
+		public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_512 = new DerObjectIdentifier(id_TA_ECDSA + ".5");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CertificateValues.cs b/bc-sharp-crypto/src/asn1/esf/CertificateValues.cs
new file mode 100644
index 0000000..30a7191
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CertificateValues.cs
@@ -0,0 +1,86 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.3.1 Certificate Values Attribute Definition
+	/// <code>
+	/// CertificateValues ::= SEQUENCE OF Certificate
+	/// </code>
+	/// </remarks>
+	public class CertificateValues
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence certificates;
+
+		public static CertificateValues GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CertificateValues)
+				return (CertificateValues) obj;
+
+			if (obj is Asn1Sequence)
+				return new CertificateValues((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CertificateValues' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CertificateValues(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+
+			foreach (Asn1Encodable ae in seq)
+			{
+				X509CertificateStructure.GetInstance(ae.ToAsn1Object());
+			}
+
+			this.certificates = seq;
+		}
+
+		public CertificateValues(
+			params X509CertificateStructure[] certificates)
+		{
+			if (certificates == null)
+				throw new ArgumentNullException("certificates");
+
+			this.certificates = new DerSequence(certificates);
+		}
+
+		public CertificateValues(
+			IEnumerable certificates)
+		{
+			if (certificates == null)
+				throw new ArgumentNullException("certificates");
+			if (!CollectionUtilities.CheckElementsAreOfType(certificates, typeof(X509CertificateStructure)))
+				throw new ArgumentException("Must contain only 'X509CertificateStructure' objects", "certificates");
+
+			this.certificates = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(certificates));
+		}
+
+		public X509CertificateStructure[] GetCertificates()
+		{
+			X509CertificateStructure[] result = new X509CertificateStructure[certificates.Count];
+			for (int i = 0; i < certificates.Count; ++i)
+			{
+				result[i] = X509CertificateStructure.GetInstance(certificates[i]);
+			}
+			return result;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return certificates;
+		}
+ 	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIdentifier.cs b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIdentifier.cs
new file mode 100644
index 0000000..65cd45b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIdentifier.cs
@@ -0,0 +1,17 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+    public abstract class CommitmentTypeIdentifier
+    {
+        public static readonly DerObjectIdentifier ProofOfOrigin = PkcsObjectIdentifiers.IdCtiEtsProofOfOrigin;
+        public static readonly DerObjectIdentifier ProofOfReceipt = PkcsObjectIdentifiers.IdCtiEtsProofOfReceipt;
+        public static readonly DerObjectIdentifier ProofOfDelivery = PkcsObjectIdentifiers.IdCtiEtsProofOfDelivery;
+        public static readonly DerObjectIdentifier ProofOfSender = PkcsObjectIdentifiers.IdCtiEtsProofOfSender;
+        public static readonly DerObjectIdentifier ProofOfApproval = PkcsObjectIdentifiers.IdCtiEtsProofOfApproval;
+        public static readonly DerObjectIdentifier ProofOfCreation = PkcsObjectIdentifiers.IdCtiEtsProofOfCreation;
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIndication.cs b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIndication.cs
new file mode 100644
index 0000000..196a613
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeIndication.cs
@@ -0,0 +1,95 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+    public class CommitmentTypeIndication
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	commitmentTypeId;
+        private readonly Asn1Sequence			commitmentTypeQualifier;
+
+		public static CommitmentTypeIndication GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CommitmentTypeIndication)
+				return (CommitmentTypeIndication) obj;
+
+			if (obj is Asn1Sequence)
+				return new CommitmentTypeIndication((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CommitmentTypeIndication' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		public CommitmentTypeIndication(
+            Asn1Sequence seq)
+        {
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.commitmentTypeId = (DerObjectIdentifier) seq[0].ToAsn1Object();
+
+			if (seq.Count > 1)
+            {
+                this.commitmentTypeQualifier = (Asn1Sequence) seq[1].ToAsn1Object();
+            }
+        }
+
+		public CommitmentTypeIndication(
+            DerObjectIdentifier commitmentTypeId)
+			: this(commitmentTypeId, null)
+        {
+        }
+
+		public CommitmentTypeIndication(
+            DerObjectIdentifier	commitmentTypeId,
+            Asn1Sequence		commitmentTypeQualifier)
+        {
+			if (commitmentTypeId == null)
+				throw new ArgumentNullException("commitmentTypeId");
+
+			this.commitmentTypeId = commitmentTypeId;
+
+			if (commitmentTypeQualifier != null)
+			{
+				this.commitmentTypeQualifier = commitmentTypeQualifier;
+			}
+        }
+
+		public DerObjectIdentifier CommitmentTypeID
+		{
+			get { return commitmentTypeId; }
+		}
+
+		public Asn1Sequence CommitmentTypeQualifier
+		{
+			get { return commitmentTypeQualifier; }
+		}
+
+		/**
+        * <pre>
+        * CommitmentTypeIndication ::= SEQUENCE {
+        *      commitmentTypeId   CommitmentTypeIdentifier,
+        *      commitmentTypeQualifier   SEQUENCE SIZE (1..MAX) OF
+        *              CommitmentTypeQualifier OPTIONAL }
+        * </pre>
+        */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(commitmentTypeId);
+
+			if (commitmentTypeQualifier != null)
+            {
+                v.Add(commitmentTypeQualifier);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CommitmentTypeQualifier.cs b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeQualifier.cs
new file mode 100644
index 0000000..30bf0ed
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CommitmentTypeQualifier.cs
@@ -0,0 +1,119 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+    /**
+    * Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126).
+    *
+    * <pre>
+    *   CommitmentTypeQualifier ::= SEQUENCE {
+    *       commitmentTypeIdentifier  CommitmentTypeIdentifier,
+    *       qualifier          ANY DEFINED BY commitmentTypeIdentifier OPTIONAL }
+    * </pre>
+    */
+    public class CommitmentTypeQualifier
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	commitmentTypeIdentifier;
+        private readonly Asn1Object				qualifier;
+
+        /**
+        * Creates a new <code>CommitmentTypeQualifier</code> instance.
+        *
+        * @param commitmentTypeIdentifier a <code>CommitmentTypeIdentifier</code> value
+        */
+        public CommitmentTypeQualifier(
+            DerObjectIdentifier commitmentTypeIdentifier)
+            : this(commitmentTypeIdentifier, null)
+        {
+        }
+
+    /**
+        * Creates a new <code>CommitmentTypeQualifier</code> instance.
+        *
+        * @param commitmentTypeIdentifier a <code>CommitmentTypeIdentifier</code> value
+        * @param qualifier the qualifier, defined by the above field.
+        */
+        public CommitmentTypeQualifier(
+            DerObjectIdentifier	commitmentTypeIdentifier,
+            Asn1Encodable		qualifier)
+        {
+			if (commitmentTypeIdentifier == null)
+				throw new ArgumentNullException("commitmentTypeIdentifier");
+
+			this.commitmentTypeIdentifier = commitmentTypeIdentifier;
+
+			if (qualifier != null)
+			{
+				this.qualifier = qualifier.ToAsn1Object();
+			}
+        }
+
+        /**
+        * Creates a new <code>CommitmentTypeQualifier</code> instance.
+        *
+        * @param as <code>CommitmentTypeQualifier</code> structure
+        * encoded as an Asn1Sequence.
+        */
+        public CommitmentTypeQualifier(
+            Asn1Sequence seq)
+        {
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			commitmentTypeIdentifier = (DerObjectIdentifier) seq[0].ToAsn1Object();
+
+			if (seq.Count > 1)
+            {
+                qualifier = seq[1].ToAsn1Object();
+            }
+        }
+
+		public static CommitmentTypeQualifier GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CommitmentTypeQualifier)
+				return (CommitmentTypeQualifier) obj;
+
+			if (obj is Asn1Sequence)
+				return new CommitmentTypeQualifier((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CommitmentTypeQualifier' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		public DerObjectIdentifier CommitmentTypeIdentifier
+		{
+			get { return commitmentTypeIdentifier; }
+		}
+
+		public Asn1Object Qualifier
+		{
+			get { return qualifier; }
+		}
+
+		/**
+        * Returns a DER-encodable representation of this instance.
+        *
+        * @return a <code>Asn1Object</code> value
+        */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				commitmentTypeIdentifier);
+
+			if (qualifier != null)
+			{
+				v.Add(qualifier);
+			}
+
+			return new DerSequence(v);
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CompleteCertificateRefs.cs b/bc-sharp-crypto/src/asn1/esf/CompleteCertificateRefs.cs
new file mode 100644
index 0000000..af93700
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CompleteCertificateRefs.cs
@@ -0,0 +1,85 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.1 Complete Certificate Refs Attribute Definition
+	/// <code>
+	/// CompleteCertificateRefs ::= SEQUENCE OF OtherCertID
+	/// </code>
+	/// </remarks>
+	public class CompleteCertificateRefs
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence otherCertIDs;
+
+		public static CompleteCertificateRefs GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CompleteCertificateRefs)
+				return (CompleteCertificateRefs) obj;
+
+			if (obj is Asn1Sequence)
+				return new CompleteCertificateRefs((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CompleteCertificateRefs' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CompleteCertificateRefs(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+
+			foreach (Asn1Encodable ae in seq)
+			{
+				OtherCertID.GetInstance(ae.ToAsn1Object());
+			}
+
+			this.otherCertIDs = seq;
+		}
+
+		public CompleteCertificateRefs(
+			params OtherCertID[] otherCertIDs)
+		{
+			if (otherCertIDs == null)
+				throw new ArgumentNullException("otherCertIDs");
+
+			this.otherCertIDs = new DerSequence(otherCertIDs);
+		}
+
+		public CompleteCertificateRefs(
+			IEnumerable otherCertIDs)
+		{
+			if (otherCertIDs == null)
+				throw new ArgumentNullException("otherCertIDs");
+			if (!CollectionUtilities.CheckElementsAreOfType(otherCertIDs, typeof(OtherCertID)))
+				throw new ArgumentException("Must contain only 'OtherCertID' objects", "otherCertIDs");
+
+			this.otherCertIDs = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(otherCertIDs));
+		}
+
+		public OtherCertID[] GetOtherCertIDs()
+		{
+			OtherCertID[] result = new OtherCertID[otherCertIDs.Count];
+			for (int i = 0; i < otherCertIDs.Count; ++i)
+			{
+				result[i] = OtherCertID.GetInstance(otherCertIDs[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return otherCertIDs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CompleteRevocationRefs.cs b/bc-sharp-crypto/src/asn1/esf/CompleteRevocationRefs.cs
new file mode 100644
index 0000000..348e63f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CompleteRevocationRefs.cs
@@ -0,0 +1,85 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRef
+	/// </code>
+	/// </remarks>
+	public class CompleteRevocationRefs
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence crlOcspRefs;
+
+		public static CompleteRevocationRefs GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CompleteRevocationRefs)
+				return (CompleteRevocationRefs) obj;
+
+			if (obj is Asn1Sequence)
+				return new CompleteRevocationRefs((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CompleteRevocationRefs' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CompleteRevocationRefs(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+
+			foreach (Asn1Encodable ae in seq)
+			{
+				CrlOcspRef.GetInstance(ae.ToAsn1Object());
+			}
+
+			this.crlOcspRefs = seq;
+		}
+
+		public CompleteRevocationRefs(
+			params CrlOcspRef[] crlOcspRefs)
+		{
+			if (crlOcspRefs == null)
+				throw new ArgumentNullException("crlOcspRefs");
+
+			this.crlOcspRefs = new DerSequence(crlOcspRefs);
+		}
+
+		public CompleteRevocationRefs(
+			IEnumerable crlOcspRefs)
+		{
+			if (crlOcspRefs == null)
+				throw new ArgumentNullException("crlOcspRefs");
+			if (!CollectionUtilities.CheckElementsAreOfType(crlOcspRefs, typeof(CrlOcspRef)))
+				throw new ArgumentException("Must contain only 'CrlOcspRef' objects", "crlOcspRefs");
+
+			this.crlOcspRefs = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(crlOcspRefs));
+		}
+
+		public CrlOcspRef[] GetCrlOcspRefs()
+		{
+			CrlOcspRef[] result = new CrlOcspRef[crlOcspRefs.Count];
+			for (int i = 0; i < crlOcspRefs.Count; ++i)
+			{
+				result[i] = CrlOcspRef.GetInstance(crlOcspRefs[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return crlOcspRefs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CrlIdentifier.cs b/bc-sharp-crypto/src/asn1/esf/CrlIdentifier.cs
new file mode 100644
index 0000000..96b50e2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CrlIdentifier.cs
@@ -0,0 +1,111 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// CrlIdentifier ::= SEQUENCE 
+	/// {
+	/// 	crlissuer		Name,
+	/// 	crlIssuedTime	UTCTime,
+	/// 	crlNumber		INTEGER OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class CrlIdentifier
+		: Asn1Encodable
+	{
+		private readonly X509Name	crlIssuer;
+		private readonly DerUtcTime	crlIssuedTime;
+		private readonly DerInteger	crlNumber;
+
+		public static CrlIdentifier GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CrlIdentifier)
+				return (CrlIdentifier) obj;
+
+			if (obj is Asn1Sequence)
+				return new CrlIdentifier((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CrlIdentifier' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CrlIdentifier(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 2 || seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.crlIssuer = X509Name.GetInstance(seq[0]);
+			this.crlIssuedTime = DerUtcTime.GetInstance(seq[1]);
+
+			if (seq.Count > 2)
+			{
+				this.crlNumber = DerInteger.GetInstance(seq[2]);
+			}
+		}
+
+		public CrlIdentifier(
+			X509Name	crlIssuer,
+			DateTime	crlIssuedTime)
+			: this(crlIssuer, crlIssuedTime, null)
+		{
+		}
+
+		public CrlIdentifier(
+			X509Name	crlIssuer,
+			DateTime	crlIssuedTime,
+			BigInteger	crlNumber)
+		{
+			if (crlIssuer == null)
+				throw new ArgumentNullException("crlIssuer");
+
+			this.crlIssuer = crlIssuer;
+			this.crlIssuedTime = new DerUtcTime(crlIssuedTime);
+
+			if (crlNumber != null)
+			{
+				this.crlNumber = new DerInteger(crlNumber);
+			}
+		}
+
+		public X509Name CrlIssuer
+		{
+			get { return crlIssuer; }
+		}
+
+		public DateTime CrlIssuedTime
+		{
+			get { return crlIssuedTime.ToAdjustedDateTime(); }
+		}
+
+		public BigInteger CrlNumber
+		{
+			get { return crlNumber == null ? null : crlNumber.Value; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				crlIssuer.ToAsn1Object(), crlIssuedTime);
+
+			if (crlNumber != null)
+			{
+				v.Add(crlNumber);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CrlListID.cs b/bc-sharp-crypto/src/asn1/esf/CrlListID.cs
new file mode 100644
index 0000000..fbd4fb2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CrlListID.cs
@@ -0,0 +1,90 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// CRLListID ::= SEQUENCE 
+	/// {
+	///		crls	SEQUENCE OF CrlValidatedID
+	/// }
+	/// </code>
+	/// </remarks>
+	public class CrlListID
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence crls;
+
+		public static CrlListID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CrlListID)
+				return (CrlListID) obj;
+
+			if (obj is Asn1Sequence)
+				return new CrlListID((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CrlListID' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CrlListID(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 1)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.crls = (Asn1Sequence) seq[0].ToAsn1Object();
+
+			foreach (Asn1Encodable ae in this.crls)
+			{
+				CrlValidatedID.GetInstance(ae.ToAsn1Object());
+			}
+		}
+
+		public CrlListID(
+			params CrlValidatedID[] crls)
+		{
+			if (crls == null)
+				throw new ArgumentNullException("crls");
+
+			this.crls = new DerSequence(crls);
+		}
+
+		public CrlListID(
+			IEnumerable crls)
+		{
+			if (crls == null)
+				throw new ArgumentNullException("crls");
+			if (!CollectionUtilities.CheckElementsAreOfType(crls, typeof(CrlValidatedID)))
+				throw new ArgumentException("Must contain only 'CrlValidatedID' objects", "crls");
+
+			this.crls = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(crls));
+		}
+
+		public CrlValidatedID[] GetCrls()
+		{
+			CrlValidatedID[] result = new CrlValidatedID[crls.Count];
+			for (int i = 0; i < crls.Count; ++i)
+			{
+				result[i] = CrlValidatedID.GetInstance(crls[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(crls);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CrlOcspRef.cs b/bc-sharp-crypto/src/asn1/esf/CrlOcspRef.cs
new file mode 100644
index 0000000..6153e0c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CrlOcspRef.cs
@@ -0,0 +1,113 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// CrlOcspRef ::= SEQUENCE {
+	///		crlids		[0] CRLListID		OPTIONAL,
+	/// 	ocspids		[1] OcspListID		OPTIONAL,
+	/// 	otherRev	[2] OtherRevRefs	OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class CrlOcspRef
+		: Asn1Encodable
+	{
+		private readonly CrlListID		crlids;
+		private readonly OcspListID		ocspids;
+		private readonly OtherRevRefs	otherRev;
+
+		public static CrlOcspRef GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CrlOcspRef)
+				return (CrlOcspRef) obj;
+
+			if (obj is Asn1Sequence)
+				return new CrlOcspRef((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CrlOcspRef' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CrlOcspRef(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+
+			foreach (Asn1TaggedObject taggedObj in seq)
+			{
+				Asn1Object asn1Obj = taggedObj.GetObject();
+
+				switch (taggedObj.TagNo)
+				{
+					case 0:
+						this.crlids = CrlListID.GetInstance(asn1Obj);
+						break;
+					case 1:
+						this.ocspids = OcspListID.GetInstance(asn1Obj);
+						break;
+					case 2:
+						this.otherRev = OtherRevRefs.GetInstance(asn1Obj);
+						break;
+					default:
+						throw new ArgumentException("Illegal tag in CrlOcspRef", "seq");
+				}
+			}
+		}
+
+		public CrlOcspRef(
+			CrlListID		crlids,
+			OcspListID		ocspids,
+			OtherRevRefs	otherRev)
+		{
+			this.crlids = crlids;
+			this.ocspids = ocspids;
+			this.otherRev = otherRev;
+		}
+
+		public CrlListID CrlIDs
+		{
+			get { return crlids; }
+		}
+
+		public OcspListID OcspIDs
+		{
+			get { return ocspids; }
+		}
+
+		public OtherRevRefs OtherRev
+		{
+			get { return otherRev; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (crlids != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, crlids.ToAsn1Object()));
+			}
+
+			if (ocspids != null)
+			{
+				v.Add(new DerTaggedObject(true, 1, ocspids.ToAsn1Object()));
+			}
+
+			if (otherRev != null)
+			{
+				v.Add(new DerTaggedObject(true, 2, otherRev.ToAsn1Object()));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/CrlValidatedID.cs b/bc-sharp-crypto/src/asn1/esf/CrlValidatedID.cs
new file mode 100644
index 0000000..e8cd17a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/CrlValidatedID.cs
@@ -0,0 +1,91 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// CrlValidatedID ::= SEQUENCE {
+	///		crlHash			OtherHash,
+	///		crlIdentifier	CrlIdentifier OPTIONAL}
+	/// </code>
+	/// </remarks>
+	public class CrlValidatedID
+		: Asn1Encodable
+	{
+		private readonly OtherHash		crlHash;
+		private readonly CrlIdentifier	crlIdentifier;
+
+		public static CrlValidatedID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CrlValidatedID)
+				return (CrlValidatedID) obj;
+
+			if (obj is Asn1Sequence)
+				return new CrlValidatedID((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'CrlValidatedID' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private CrlValidatedID(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.crlHash = OtherHash.GetInstance(seq[0].ToAsn1Object());
+
+			if (seq.Count > 1)
+			{
+				this.crlIdentifier = CrlIdentifier.GetInstance(seq[1].ToAsn1Object());
+			}
+		}
+
+		public CrlValidatedID(
+			OtherHash crlHash)
+			: this(crlHash, null)
+		{
+		}
+
+		public CrlValidatedID(
+			OtherHash		crlHash,
+			CrlIdentifier	crlIdentifier)
+		{
+			if (crlHash == null)
+				throw new ArgumentNullException("crlHash");
+
+			this.crlHash = crlHash;
+			this.crlIdentifier = crlIdentifier;
+		}
+
+		public OtherHash CrlHash
+		{
+			get { return crlHash; }
+		}
+
+		public CrlIdentifier CrlIdentifier
+		{
+			get { return crlIdentifier; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(crlHash.ToAsn1Object());
+
+			if (crlIdentifier != null)
+			{
+				v.Add(crlIdentifier.ToAsn1Object());
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/ESFAttributes.cs b/bc-sharp-crypto/src/asn1/esf/ESFAttributes.cs
new file mode 100644
index 0000000..9401ffb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/ESFAttributes.cs
@@ -0,0 +1,25 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+    public abstract class EsfAttributes
+    {
+        public static readonly DerObjectIdentifier SigPolicyId = PkcsObjectIdentifiers.IdAAEtsSigPolicyID;
+        public static readonly DerObjectIdentifier CommitmentType = PkcsObjectIdentifiers.IdAAEtsCommitmentType;
+        public static readonly DerObjectIdentifier SignerLocation = PkcsObjectIdentifiers.IdAAEtsSignerLocation;
+		public static readonly DerObjectIdentifier SignerAttr = PkcsObjectIdentifiers.IdAAEtsSignerAttr;
+		public static readonly DerObjectIdentifier OtherSigCert = PkcsObjectIdentifiers.IdAAEtsOtherSigCert;
+		public static readonly DerObjectIdentifier ContentTimestamp = PkcsObjectIdentifiers.IdAAEtsContentTimestamp;
+		public static readonly DerObjectIdentifier CertificateRefs = PkcsObjectIdentifiers.IdAAEtsCertificateRefs;
+		public static readonly DerObjectIdentifier RevocationRefs = PkcsObjectIdentifiers.IdAAEtsRevocationRefs;
+		public static readonly DerObjectIdentifier CertValues = PkcsObjectIdentifiers.IdAAEtsCertValues;
+		public static readonly DerObjectIdentifier RevocationValues = PkcsObjectIdentifiers.IdAAEtsRevocationValues;
+		public static readonly DerObjectIdentifier EscTimeStamp = PkcsObjectIdentifiers.IdAAEtsEscTimeStamp;
+		public static readonly DerObjectIdentifier CertCrlTimestamp = PkcsObjectIdentifiers.IdAAEtsCertCrlTimestamp;
+		public static readonly DerObjectIdentifier ArchiveTimestamp = PkcsObjectIdentifiers.IdAAEtsArchiveTimestamp;
+		public static readonly DerObjectIdentifier ArchiveTimestampV2 = new DerObjectIdentifier(PkcsObjectIdentifiers.IdAA + ".48");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OcspIdentifier.cs b/bc-sharp-crypto/src/asn1/esf/OcspIdentifier.cs
new file mode 100644
index 0000000..e65f1cf
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OcspIdentifier.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// OcspIdentifier ::= SEQUENCE {
+	///		ocspResponderID		ResponderID,
+	///			-- As in OCSP response data
+	///		producedAt			GeneralizedTime
+	///			-- As in OCSP response data
+	/// }
+	/// </code>
+	/// </remarks>
+	public class OcspIdentifier
+		: Asn1Encodable
+	{
+		private readonly ResponderID		ocspResponderID;
+		private readonly DerGeneralizedTime	producedAt;
+
+		public static OcspIdentifier GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OcspIdentifier)
+				return (OcspIdentifier) obj;
+
+			if (obj is Asn1Sequence)
+				return new OcspIdentifier((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OcspIdentifier' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OcspIdentifier(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.ocspResponderID = ResponderID.GetInstance(seq[0].ToAsn1Object());
+			this.producedAt = (DerGeneralizedTime) seq[1].ToAsn1Object();
+		}
+
+		public OcspIdentifier(
+			ResponderID	ocspResponderID,
+			DateTime	producedAt)
+		{
+			if (ocspResponderID == null)
+				throw new ArgumentNullException();
+
+			this.ocspResponderID = ocspResponderID;
+			this.producedAt = new DerGeneralizedTime(producedAt);
+		}
+
+		public ResponderID OcspResponderID
+		{
+			get { return ocspResponderID; }
+		}
+
+		public DateTime ProducedAt
+		{
+			get { return producedAt.ToDateTime(); }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(ocspResponderID, producedAt);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OcspListID.cs b/bc-sharp-crypto/src/asn1/esf/OcspListID.cs
new file mode 100644
index 0000000..1c8edb1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OcspListID.cs
@@ -0,0 +1,89 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// OcspListID ::=  SEQUENCE {
+	///		ocspResponses	SEQUENCE OF OcspResponsesID
+	/// }
+	/// </code>
+	/// </remarks>
+	public class OcspListID
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence ocspResponses;
+
+		public static OcspListID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OcspListID)
+				return (OcspListID) obj;
+
+			if (obj is Asn1Sequence)
+				return new OcspListID((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OcspListID' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OcspListID(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 1)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.ocspResponses = (Asn1Sequence) seq[0].ToAsn1Object();
+
+			foreach (Asn1Encodable ae in this.ocspResponses)
+			{
+				OcspResponsesID.GetInstance(ae.ToAsn1Object());
+			}
+		}
+
+		public OcspListID(
+			params OcspResponsesID[] ocspResponses)
+		{
+			if (ocspResponses == null)
+				throw new ArgumentNullException("ocspResponses");
+
+			this.ocspResponses = new DerSequence(ocspResponses);
+		}
+
+		public OcspListID(
+			IEnumerable ocspResponses)
+		{
+			if (ocspResponses == null)
+				throw new ArgumentNullException("ocspResponses");
+			if (!CollectionUtilities.CheckElementsAreOfType(ocspResponses, typeof(OcspResponsesID)))
+				throw new ArgumentException("Must contain only 'OcspResponsesID' objects", "ocspResponses");
+
+			this.ocspResponses = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(ocspResponses));
+		}
+
+		public OcspResponsesID[] GetOcspResponses()
+		{
+			OcspResponsesID[] result = new OcspResponsesID[ocspResponses.Count];
+			for (int i = 0; i < ocspResponses.Count; ++i)
+			{
+				result[i] = OcspResponsesID.GetInstance(ocspResponses[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(ocspResponses);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OcspResponsesID.cs b/bc-sharp-crypto/src/asn1/esf/OcspResponsesID.cs
new file mode 100644
index 0000000..8718188
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OcspResponsesID.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// OcspResponsesID ::= SEQUENCE {
+	///		ocspIdentifier	OcspIdentifier,
+	///		ocspRepHash		OtherHash OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class OcspResponsesID
+		: Asn1Encodable
+	{
+		private readonly OcspIdentifier	ocspIdentifier;
+		private readonly OtherHash		ocspRepHash;
+
+		public static OcspResponsesID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OcspResponsesID)
+				return (OcspResponsesID) obj;
+
+			if (obj is Asn1Sequence)
+				return new OcspResponsesID((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OcspResponsesID' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OcspResponsesID(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.ocspIdentifier = OcspIdentifier.GetInstance(seq[0].ToAsn1Object());
+
+			if (seq.Count > 1)
+			{
+				this.ocspRepHash = OtherHash.GetInstance(seq[1].ToAsn1Object());
+			}
+		}
+
+		public OcspResponsesID(
+			OcspIdentifier ocspIdentifier)
+			: this(ocspIdentifier, null)
+		{
+		}
+
+		public OcspResponsesID(
+			OcspIdentifier	ocspIdentifier,
+			OtherHash		ocspRepHash)
+		{
+			if (ocspIdentifier == null)
+				throw new ArgumentNullException("ocspIdentifier");
+
+			this.ocspIdentifier = ocspIdentifier;
+			this.ocspRepHash = ocspRepHash;
+		}
+
+		public OcspIdentifier OcspIdentifier
+		{
+			get { return ocspIdentifier; }
+		}
+
+		public OtherHash OcspRepHash
+		{
+			get { return ocspRepHash; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				ocspIdentifier.ToAsn1Object());
+
+			if (ocspRepHash != null)
+			{
+				v.Add(ocspRepHash.ToAsn1Object());
+			}
+
+			return new DerSequence(v);
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherCertID.cs b/bc-sharp-crypto/src/asn1/esf/OtherCertID.cs
new file mode 100644
index 0000000..19d173a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherCertID.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// OtherCertID ::= SEQUENCE {
+	/// 	otherCertHash	OtherHash,
+	/// 	issuerSerial	IssuerSerial OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class OtherCertID
+		: Asn1Encodable
+	{
+		private readonly OtherHash		otherCertHash;
+		private readonly IssuerSerial	issuerSerial;
+
+		public static OtherCertID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherCertID)
+				return (OtherCertID) obj;
+
+			if (obj is Asn1Sequence)
+				return new OtherCertID((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OtherCertID' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OtherCertID(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.otherCertHash = OtherHash.GetInstance(seq[0].ToAsn1Object());
+
+			if (seq.Count > 1)
+			{
+				this.issuerSerial = IssuerSerial.GetInstance(seq[1].ToAsn1Object());
+			}
+		}
+
+		public OtherCertID(
+			OtherHash otherCertHash)
+			: this(otherCertHash, null)
+		{
+		}
+
+		public OtherCertID(
+			OtherHash		otherCertHash,
+			IssuerSerial	issuerSerial)
+		{
+			if (otherCertHash == null)
+				throw new ArgumentNullException("otherCertHash");
+
+			this.otherCertHash = otherCertHash;
+			this.issuerSerial = issuerSerial;
+		}
+
+		public OtherHash OtherCertHash
+		{
+			get { return otherCertHash; }
+		}
+
+		public IssuerSerial IssuerSerial
+		{
+			get { return issuerSerial; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				otherCertHash.ToAsn1Object());
+
+			if (issuerSerial != null)
+			{
+				v.Add(issuerSerial.ToAsn1Object());
+			}
+
+			return new DerSequence(v);
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherHash.cs b/bc-sharp-crypto/src/asn1/esf/OtherHash.cs
new file mode 100644
index 0000000..2ee1624
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherHash.cs
@@ -0,0 +1,88 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// OtherHash ::= CHOICE {
+	///		sha1Hash	OtherHashValue, -- This contains a SHA-1 hash
+	/// 	otherHash	OtherHashAlgAndValue
+	///	}
+	///	
+	///	OtherHashValue ::= OCTET STRING
+	/// </code>
+	/// </remarks>
+	public class OtherHash
+		: Asn1Encodable, IAsn1Choice
+	{
+		private readonly Asn1OctetString		sha1Hash;
+		private readonly OtherHashAlgAndValue	otherHash;
+
+		public static OtherHash GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherHash)
+				return (OtherHash) obj;
+
+			if (obj is Asn1OctetString)
+				return new OtherHash((Asn1OctetString) obj);
+
+			return new OtherHash(
+				OtherHashAlgAndValue.GetInstance(obj));
+		}
+
+		public OtherHash(
+			byte[] sha1Hash)
+		{
+			if (sha1Hash == null)
+				throw new ArgumentNullException("sha1Hash");
+
+			this.sha1Hash = new DerOctetString(sha1Hash);
+		}
+
+		public OtherHash(
+			Asn1OctetString sha1Hash)
+		{
+			if (sha1Hash == null)
+				throw new ArgumentNullException("sha1Hash");
+
+			this.sha1Hash = sha1Hash;
+		}
+
+		public OtherHash(
+			OtherHashAlgAndValue otherHash)
+		{
+			if (otherHash == null)
+				throw new ArgumentNullException("otherHash");
+
+			this.otherHash = otherHash;
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get
+			{
+				return otherHash == null
+					?	new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1)
+					:	otherHash.HashAlgorithm;
+			}
+		}
+
+		public byte[] GetHashValue()
+		{
+			return otherHash == null
+				?	sha1Hash.GetOctets()
+				:	otherHash.GetHashValue();
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return otherHash == null
+				?	sha1Hash
+				:	otherHash.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherHashAlgAndValue.cs b/bc-sharp-crypto/src/asn1/esf/OtherHashAlgAndValue.cs
new file mode 100644
index 0000000..00eb24c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherHashAlgAndValue.cs
@@ -0,0 +1,95 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <summary>
+	/// Summary description for OtherHashAlgAndValue.
+	/// </summary>
+	/// <remarks>
+	/// <code>
+	/// OtherHashAlgAndValue ::= SEQUENCE {
+	///		hashAlgorithm	AlgorithmIdentifier,
+	/// 	hashValue		OtherHashValue
+	/// }
+	/// 
+	/// OtherHashValue ::= OCTET STRING
+	/// </code>
+	/// </remarks>
+	public class OtherHashAlgAndValue
+		: Asn1Encodable
+	{
+		private readonly AlgorithmIdentifier	hashAlgorithm;
+		private readonly Asn1OctetString		hashValue;
+
+		public static OtherHashAlgAndValue GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherHashAlgAndValue)
+				return (OtherHashAlgAndValue) obj;
+
+			if (obj is Asn1Sequence)
+				return new OtherHashAlgAndValue((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OtherHashAlgAndValue' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OtherHashAlgAndValue(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0].ToAsn1Object());
+			this.hashValue = (Asn1OctetString) seq[1].ToAsn1Object();
+		}
+
+		public OtherHashAlgAndValue(
+			AlgorithmIdentifier	hashAlgorithm,
+			byte[]				hashValue)
+		{
+			if (hashAlgorithm == null)
+				throw new ArgumentNullException("hashAlgorithm");
+			if (hashValue == null)
+				throw new ArgumentNullException("hashValue");
+
+			this.hashAlgorithm = hashAlgorithm;
+			this.hashValue = new DerOctetString(hashValue);
+		}
+
+		public OtherHashAlgAndValue(
+			AlgorithmIdentifier	hashAlgorithm,
+			Asn1OctetString		hashValue)
+		{
+			if (hashAlgorithm == null)
+				throw new ArgumentNullException("hashAlgorithm");
+			if (hashValue == null)
+				throw new ArgumentNullException("hashValue");
+
+			this.hashAlgorithm = hashAlgorithm;
+			this.hashValue = hashValue;
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public byte[] GetHashValue()
+		{
+			return hashValue.GetOctets();
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(hashAlgorithm, hashValue);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherRevRefs.cs b/bc-sharp-crypto/src/asn1/esf/OtherRevRefs.cs
new file mode 100644
index 0000000..446031e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherRevRefs.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
+	/// <code>
+	/// OtherRevRefs ::= SEQUENCE 
+	/// {
+	///		otherRevRefType      OtherRevRefType,
+	///		otherRevRefs         ANY DEFINED BY otherRevRefType
+	/// }
+	///
+	/// OtherRevRefType ::= OBJECT IDENTIFIER
+	/// </code>
+	/// </remarks>
+	public class OtherRevRefs
+		: Asn1Encodable
+	{
+		private readonly DerObjectIdentifier	otherRevRefType;
+		private readonly Asn1Object				otherRevRefs;
+
+		public static OtherRevRefs GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherRevRefs)
+				return (OtherRevRefs) obj;
+
+			if (obj is Asn1Sequence)
+				return new OtherRevRefs((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OtherRevRefs' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OtherRevRefs(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.otherRevRefType = (DerObjectIdentifier) seq[0].ToAsn1Object();
+			this.otherRevRefs = seq[1].ToAsn1Object();
+		}
+
+		public OtherRevRefs(
+			DerObjectIdentifier	otherRevRefType,
+			Asn1Encodable		otherRevRefs)
+		{
+			if (otherRevRefType == null)
+				throw new ArgumentNullException("otherRevRefType");
+			if (otherRevRefs == null)
+				throw new ArgumentNullException("otherRevRefs");
+
+			this.otherRevRefType = otherRevRefType;
+			this.otherRevRefs = otherRevRefs.ToAsn1Object();
+		}
+
+		public DerObjectIdentifier OtherRevRefType
+		{
+			get { return otherRevRefType; }
+		}
+
+		public Asn1Object OtherRevRefsObject
+		{
+			get { return otherRevRefs; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(otherRevRefType, otherRevRefs);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherRevVals.cs b/bc-sharp-crypto/src/asn1/esf/OtherRevVals.cs
new file mode 100644
index 0000000..7b90456
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherRevVals.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 3126: 4.3.2 Revocation Values Attribute Definition
+	/// <code>
+	/// OtherRevVals ::= SEQUENCE 
+	/// {
+	///		otherRevValType      OtherRevValType,
+	///		otherRevVals         ANY DEFINED BY otherRevValType
+	/// }
+	///
+	/// OtherRevValType ::= OBJECT IDENTIFIER
+	/// </code>
+	/// </remarks>
+	public class OtherRevVals
+		: Asn1Encodable
+	{
+		private readonly DerObjectIdentifier	otherRevValType;
+		private readonly Asn1Object				otherRevVals;
+
+		public static OtherRevVals GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherRevVals)
+				return (OtherRevVals) obj;
+
+			if (obj is Asn1Sequence)
+				return new OtherRevVals((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OtherRevVals' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OtherRevVals(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.otherRevValType = (DerObjectIdentifier) seq[0].ToAsn1Object();
+			this.otherRevVals = seq[1].ToAsn1Object();
+		}
+
+		public OtherRevVals(
+			DerObjectIdentifier	otherRevValType,
+			Asn1Encodable		otherRevVals)
+		{
+			if (otherRevValType == null)
+				throw new ArgumentNullException("otherRevValType");
+			if (otherRevVals == null)
+				throw new ArgumentNullException("otherRevVals");
+
+			this.otherRevValType = otherRevValType;
+			this.otherRevVals = otherRevVals.ToAsn1Object();
+		}
+
+		public DerObjectIdentifier OtherRevValType
+		{
+			get { return otherRevValType; }
+		}
+
+		public Asn1Object OtherRevValsObject
+		{
+			get { return otherRevVals; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(otherRevValType, otherRevVals);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/OtherSigningCertificate.cs b/bc-sharp-crypto/src/asn1/esf/OtherSigningCertificate.cs
new file mode 100644
index 0000000..f7b9f5e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/OtherSigningCertificate.cs
@@ -0,0 +1,139 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// OtherSigningCertificate ::= SEQUENCE {
+	/// 	certs		SEQUENCE OF OtherCertID,
+	/// 	policies	SEQUENCE OF PolicyInformation OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class OtherSigningCertificate
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence	certs;
+		private readonly Asn1Sequence	policies;
+
+		public static OtherSigningCertificate GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OtherSigningCertificate)
+				return (OtherSigningCertificate) obj;
+
+			if (obj is Asn1Sequence)
+				return new OtherSigningCertificate((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'OtherSigningCertificate' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private OtherSigningCertificate(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 1 || seq.Count > 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.certs = Asn1Sequence.GetInstance(seq[0].ToAsn1Object());
+
+			if (seq.Count > 1)
+			{
+				this.policies = Asn1Sequence.GetInstance(seq[1].ToAsn1Object());
+			}
+		}
+
+		public OtherSigningCertificate(
+			params OtherCertID[] certs)
+			: this(certs, null)
+		{
+		}
+
+		public OtherSigningCertificate(
+			OtherCertID[]				certs,
+			params PolicyInformation[]	policies)
+		{
+			if (certs == null)
+				throw new ArgumentNullException("certs");
+
+			this.certs = new DerSequence(certs);
+
+			if (policies != null)
+			{
+				this.policies = new DerSequence(policies);
+			}
+		}
+
+		public OtherSigningCertificate(
+			IEnumerable certs)
+			: this(certs, null)
+		{
+		}
+
+		public OtherSigningCertificate(
+			IEnumerable	certs,
+			IEnumerable	policies)
+		{
+			if (certs == null)
+				throw new ArgumentNullException("certs");
+			if (!CollectionUtilities.CheckElementsAreOfType(certs, typeof(OtherCertID)))
+				throw new ArgumentException("Must contain only 'OtherCertID' objects", "certs");
+
+			this.certs = new DerSequence(
+				Asn1EncodableVector.FromEnumerable(certs));
+
+			if (policies != null)
+			{
+				if (!CollectionUtilities.CheckElementsAreOfType(policies, typeof(PolicyInformation)))
+					throw new ArgumentException("Must contain only 'PolicyInformation' objects", "policies");
+
+				this.policies = new DerSequence(
+					Asn1EncodableVector.FromEnumerable(policies));
+			}
+		}
+
+		public OtherCertID[] GetCerts()
+		{
+			OtherCertID[] cs = new OtherCertID[certs.Count];
+			for (int i = 0; i < certs.Count; ++i)
+			{
+				cs[i] = OtherCertID.GetInstance(certs[i].ToAsn1Object());
+			}
+			return cs;
+		}
+
+		public PolicyInformation[] GetPolicies()
+		{
+			if (policies == null)
+				return null;
+
+			PolicyInformation[] ps = new PolicyInformation[policies.Count];
+			for (int i = 0; i < policies.Count; ++i)
+			{
+				ps[i] = PolicyInformation.GetInstance(policies[i].ToAsn1Object());
+			}
+			return ps;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certs);
+
+			if (policies != null)
+			{
+				v.Add(policies);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/RevocationValues.cs b/bc-sharp-crypto/src/asn1/esf/RevocationValues.cs
new file mode 100644
index 0000000..a7b47b4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/RevocationValues.cs
@@ -0,0 +1,165 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// RFC 5126: 6.3.4.  revocation-values Attribute Definition
+	/// <code>
+	/// RevocationValues ::=  SEQUENCE {
+	///		crlVals			[0] SEQUENCE OF CertificateList     OPTIONAL,
+	///		ocspVals		[1] SEQUENCE OF BasicOCSPResponse   OPTIONAL,
+	///		otherRevVals	[2] OtherRevVals OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class RevocationValues
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence	crlVals;
+		private readonly Asn1Sequence	ocspVals;
+		private readonly OtherRevVals	otherRevVals;
+
+		public static RevocationValues GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is RevocationValues)
+				return (RevocationValues) obj;
+
+			return new RevocationValues(Asn1Sequence.GetInstance(obj));
+		}
+
+		private RevocationValues(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			foreach (Asn1TaggedObject taggedObj in seq)
+			{
+				Asn1Object asn1Obj = taggedObj.GetObject();
+				switch (taggedObj.TagNo)
+				{
+					case 0:
+						Asn1Sequence crlValsSeq = (Asn1Sequence) asn1Obj;
+						foreach (Asn1Encodable ae in crlValsSeq)
+						{
+							CertificateList.GetInstance(ae.ToAsn1Object());
+						}
+						this.crlVals = crlValsSeq;
+						break;
+					case 1:
+						Asn1Sequence ocspValsSeq = (Asn1Sequence) asn1Obj;
+						foreach (Asn1Encodable ae in ocspValsSeq)
+						{
+							BasicOcspResponse.GetInstance(ae.ToAsn1Object());
+						}
+						this.ocspVals = ocspValsSeq;
+						break;
+					case 2:
+						this.otherRevVals = OtherRevVals.GetInstance(asn1Obj);
+						break;
+					default:
+						throw new ArgumentException("Illegal tag in RevocationValues", "seq");
+				}
+			}
+		}
+
+		public RevocationValues(
+			CertificateList[]	crlVals,
+			BasicOcspResponse[]	ocspVals,
+			OtherRevVals		otherRevVals)
+		{
+			if (crlVals != null)
+			{
+				this.crlVals = new DerSequence(crlVals);
+			}
+
+			if (ocspVals != null)
+			{
+				this.ocspVals = new DerSequence(ocspVals);
+			}
+
+			this.otherRevVals = otherRevVals;
+		}
+
+		public RevocationValues(
+			IEnumerable			crlVals,
+			IEnumerable			ocspVals,
+			OtherRevVals		otherRevVals)
+		{
+			if (crlVals != null)
+			{
+				if (!CollectionUtilities.CheckElementsAreOfType(crlVals, typeof(CertificateList)))
+					throw new ArgumentException("Must contain only 'CertificateList' objects", "crlVals");
+
+				this.crlVals = new DerSequence(
+					Asn1EncodableVector.FromEnumerable(crlVals));
+			}
+
+			if (ocspVals != null)
+			{
+				if (!CollectionUtilities.CheckElementsAreOfType(ocspVals, typeof(BasicOcspResponse)))
+					throw new ArgumentException("Must contain only 'BasicOcspResponse' objects", "ocspVals");
+
+				this.ocspVals = new DerSequence(
+					Asn1EncodableVector.FromEnumerable(ocspVals));
+			}
+
+			this.otherRevVals = otherRevVals;
+		}
+
+		public CertificateList[] GetCrlVals()
+		{
+			CertificateList[] result = new CertificateList[crlVals.Count];
+			for (int i = 0; i < crlVals.Count; ++i)
+			{
+				result[i] = CertificateList.GetInstance(crlVals[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public BasicOcspResponse[] GetOcspVals()
+		{
+			BasicOcspResponse[] result = new BasicOcspResponse[ocspVals.Count];
+			for (int i = 0; i < ocspVals.Count; ++i)
+			{
+				result[i] = BasicOcspResponse.GetInstance(ocspVals[i].ToAsn1Object());
+			}
+			return result;
+		}
+
+		public OtherRevVals OtherRevVals
+		{
+			get { return otherRevVals; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (crlVals != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, crlVals));
+			}
+
+			if (ocspVals != null)
+			{
+				v.Add(new DerTaggedObject(true, 1, ocspVals));
+			}
+
+			if (otherRevVals != null)
+			{
+				v.Add(new DerTaggedObject(true, 2, otherRevVals.ToAsn1Object()));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/SigPolicyQualifierInfo.cs b/bc-sharp-crypto/src/asn1/esf/SigPolicyQualifierInfo.cs
new file mode 100644
index 0000000..470c5c8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/SigPolicyQualifierInfo.cs
@@ -0,0 +1,73 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// SigPolicyQualifierInfo ::= SEQUENCE {
+    ///		sigPolicyQualifierId  SigPolicyQualifierId,
+	///		sigQualifier          ANY DEFINED BY sigPolicyQualifierId
+	/// }
+	/// 
+	/// SigPolicyQualifierId ::= OBJECT IDENTIFIER
+	/// </code>
+	/// </remarks>
+	public class SigPolicyQualifierInfo
+		: Asn1Encodable
+	{
+		private readonly DerObjectIdentifier	sigPolicyQualifierId;
+		private readonly Asn1Object				sigQualifier;
+
+		public static SigPolicyQualifierInfo GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SigPolicyQualifierInfo)
+				return (SigPolicyQualifierInfo) obj;
+
+			if (obj is Asn1Sequence)
+				return new SigPolicyQualifierInfo((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'SigPolicyQualifierInfo' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private SigPolicyQualifierInfo(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.sigPolicyQualifierId = (DerObjectIdentifier) seq[0].ToAsn1Object();
+			this.sigQualifier = seq[1].ToAsn1Object();
+		}
+
+		public SigPolicyQualifierInfo(
+			DerObjectIdentifier	sigPolicyQualifierId,
+			Asn1Encodable		sigQualifier)
+		{
+			this.sigPolicyQualifierId = sigPolicyQualifierId;
+			this.sigQualifier = sigQualifier.ToAsn1Object();
+		}
+
+		public DerObjectIdentifier SigPolicyQualifierId
+		{
+			get { return sigPolicyQualifierId; }
+		}
+
+		public Asn1Object SigQualifier
+		{
+			get { return sigQualifier; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(sigPolicyQualifierId, sigQualifier);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/SignaturePolicyId.cs b/bc-sharp-crypto/src/asn1/esf/SignaturePolicyId.cs
new file mode 100644
index 0000000..7146bb4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/SignaturePolicyId.cs
@@ -0,0 +1,146 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// SignaturePolicyId ::= SEQUENCE {
+	/// 	sigPolicyIdentifier		SigPolicyId,
+	/// 	sigPolicyHash			SigPolicyHash,
+	/// 	sigPolicyQualifiers		SEQUENCE SIZE (1..MAX) OF SigPolicyQualifierInfo OPTIONAL
+	/// }
+	/// 
+	/// SigPolicyId ::= OBJECT IDENTIFIER
+	/// 
+	/// SigPolicyHash ::= OtherHashAlgAndValue
+	/// </code>
+	/// </remarks>
+	public class SignaturePolicyId
+		: Asn1Encodable
+	{
+		private readonly DerObjectIdentifier	sigPolicyIdentifier;
+		private readonly OtherHashAlgAndValue	sigPolicyHash;
+		private readonly Asn1Sequence			sigPolicyQualifiers;
+
+		public static SignaturePolicyId GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SignaturePolicyId)
+				return (SignaturePolicyId) obj;
+
+			if (obj is Asn1Sequence)
+				return new SignaturePolicyId((Asn1Sequence) obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'SignaturePolicyId' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private SignaturePolicyId(
+			Asn1Sequence seq)
+		{
+			if (seq == null)
+				throw new ArgumentNullException("seq");
+			if (seq.Count < 2 || seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.sigPolicyIdentifier = (DerObjectIdentifier) seq[0].ToAsn1Object();
+			this.sigPolicyHash = OtherHashAlgAndValue.GetInstance(seq[1].ToAsn1Object());
+
+			if (seq.Count > 2)
+			{
+				this.sigPolicyQualifiers = (Asn1Sequence) seq[2].ToAsn1Object();
+			}
+		}
+
+		public SignaturePolicyId(
+			DerObjectIdentifier		sigPolicyIdentifier,
+			OtherHashAlgAndValue	sigPolicyHash)
+			: this(sigPolicyIdentifier, sigPolicyHash, null)
+		{
+		}
+
+		public SignaturePolicyId(
+			DerObjectIdentifier				sigPolicyIdentifier,
+			OtherHashAlgAndValue			sigPolicyHash,
+			params SigPolicyQualifierInfo[]	sigPolicyQualifiers)
+		{
+			if (sigPolicyIdentifier == null)
+				throw new ArgumentNullException("sigPolicyIdentifier");
+			if (sigPolicyHash == null)
+				throw new ArgumentNullException("sigPolicyHash");
+
+			this.sigPolicyIdentifier = sigPolicyIdentifier;
+			this.sigPolicyHash = sigPolicyHash;
+
+			if (sigPolicyQualifiers != null)
+			{
+				this.sigPolicyQualifiers = new DerSequence(sigPolicyQualifiers);
+			}
+		}
+
+		public SignaturePolicyId(
+			DerObjectIdentifier		sigPolicyIdentifier,
+			OtherHashAlgAndValue	sigPolicyHash,
+			IEnumerable				sigPolicyQualifiers)
+		{
+			if (sigPolicyIdentifier == null)
+				throw new ArgumentNullException("sigPolicyIdentifier");
+			if (sigPolicyHash == null)
+				throw new ArgumentNullException("sigPolicyHash");
+
+			this.sigPolicyIdentifier = sigPolicyIdentifier;
+			this.sigPolicyHash = sigPolicyHash;
+
+			if (sigPolicyQualifiers != null)
+			{
+				if (!CollectionUtilities.CheckElementsAreOfType(sigPolicyQualifiers, typeof(SigPolicyQualifierInfo)))
+					throw new ArgumentException("Must contain only 'SigPolicyQualifierInfo' objects", "sigPolicyQualifiers");
+
+				this.sigPolicyQualifiers = new DerSequence(
+					Asn1EncodableVector.FromEnumerable(sigPolicyQualifiers));
+			}
+		}
+
+		public DerObjectIdentifier SigPolicyIdentifier
+		{
+			get { return sigPolicyIdentifier; }
+		}
+
+		public OtherHashAlgAndValue SigPolicyHash
+		{
+			get { return sigPolicyHash; }
+		}
+
+		public SigPolicyQualifierInfo[] GetSigPolicyQualifiers()
+		{
+			if (sigPolicyQualifiers == null)
+				return null;
+
+			SigPolicyQualifierInfo[] infos = new SigPolicyQualifierInfo[sigPolicyQualifiers.Count];
+			for (int i = 0; i < sigPolicyQualifiers.Count; ++i)
+			{
+				infos[i] = SigPolicyQualifierInfo.GetInstance(sigPolicyQualifiers[i]);
+			}
+			return infos;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				sigPolicyIdentifier, sigPolicyHash.ToAsn1Object());
+
+			if (sigPolicyQualifiers != null)
+			{
+				v.Add(sigPolicyQualifiers.ToAsn1Object());
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/SignaturePolicyIdentifier.cs b/bc-sharp-crypto/src/asn1/esf/SignaturePolicyIdentifier.cs
new file mode 100644
index 0000000..12257f2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/SignaturePolicyIdentifier.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/// <remarks>
+	/// <code>
+	/// SignaturePolicyIdentifier ::= CHOICE {
+	///		SignaturePolicyId		SignaturePolicyId,
+	///		SignaturePolicyImplied	SignaturePolicyImplied
+	/// }
+	/// 
+	/// SignaturePolicyImplied ::= NULL
+	/// </code>
+	/// </remarks>
+	public class SignaturePolicyIdentifier
+		: Asn1Encodable, IAsn1Choice
+	{
+		private readonly SignaturePolicyId sigPolicy;
+
+		public static SignaturePolicyIdentifier GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SignaturePolicyIdentifier)
+				return (SignaturePolicyIdentifier) obj;
+
+			if (obj is SignaturePolicyId)
+				return new SignaturePolicyIdentifier((SignaturePolicyId) obj);
+
+			if (obj is Asn1Null)
+				return new SignaturePolicyIdentifier();
+
+			throw new ArgumentException(
+				"Unknown object in 'SignaturePolicyIdentifier' factory: "
+                    + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		public SignaturePolicyIdentifier()
+		{
+			this.sigPolicy = null;
+		}
+
+		public SignaturePolicyIdentifier(
+			SignaturePolicyId signaturePolicyId)
+		{
+			if (signaturePolicyId == null)
+				throw new ArgumentNullException("signaturePolicyId");
+
+			this.sigPolicy = signaturePolicyId;
+		}
+
+		public SignaturePolicyId SignaturePolicyId
+		{
+			get { return sigPolicy; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return sigPolicy == null
+				?	DerNull.Instance
+				:	sigPolicy.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/SignerAttribute.cs b/bc-sharp-crypto/src/asn1/esf/SignerAttribute.cs
new file mode 100644
index 0000000..39bd910
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/SignerAttribute.cs
@@ -0,0 +1,97 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	public class SignerAttribute
+		: Asn1Encodable
+	{
+		private Asn1Sequence			claimedAttributes;
+		private AttributeCertificate	certifiedAttributes;
+
+		public static SignerAttribute GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SignerAttribute)
+				return (SignerAttribute) obj;
+
+			if (obj is Asn1Sequence)
+				return new SignerAttribute(obj);
+
+			throw new ArgumentException(
+				"Unknown object in 'SignerAttribute' factory: "
+                + Platform.GetTypeName(obj),
+				"obj");
+		}
+
+		private SignerAttribute(
+			object obj)
+		{
+			Asn1Sequence seq = (Asn1Sequence) obj;
+			DerTaggedObject taggedObject = (DerTaggedObject) seq[0];
+			if (taggedObject.TagNo == 0)
+			{
+				claimedAttributes = Asn1Sequence.GetInstance(taggedObject, true);
+			}
+			else if (taggedObject.TagNo == 1)
+			{
+				certifiedAttributes = AttributeCertificate.GetInstance(taggedObject);
+			}
+			else
+			{
+				throw new ArgumentException("illegal tag.", "obj");
+			}
+		}
+
+		public SignerAttribute(
+			Asn1Sequence claimedAttributes)
+		{
+			this.claimedAttributes = claimedAttributes;
+		}
+
+		public SignerAttribute(
+			AttributeCertificate certifiedAttributes)
+		{
+			this.certifiedAttributes = certifiedAttributes;
+		}
+
+		public virtual Asn1Sequence ClaimedAttributes
+		{
+			get { return claimedAttributes; }
+		}
+
+		public virtual AttributeCertificate CertifiedAttributes
+		{
+			get { return certifiedAttributes; }
+		}
+
+		/**
+		*
+		* <pre>
+		*  SignerAttribute ::= SEQUENCE OF CHOICE {
+		*      claimedAttributes   [0] ClaimedAttributes,
+		*      certifiedAttributes [1] CertifiedAttributes }
+		*
+		*  ClaimedAttributes ::= SEQUENCE OF Attribute
+		*  CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
+		* </pre>
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (claimedAttributes != null)
+			{
+				v.Add(new DerTaggedObject(0, claimedAttributes));
+			}
+			else
+			{
+				v.Add(new DerTaggedObject(1, certifiedAttributes));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/esf/SignerLocation.cs b/bc-sharp-crypto/src/asn1/esf/SignerLocation.cs
new file mode 100644
index 0000000..d2cef51
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/esf/SignerLocation.cs
@@ -0,0 +1,144 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Esf
+{
+	/**
+	* Signer-Location attribute (RFC3126).
+	*
+	* <pre>
+	*   SignerLocation ::= SEQUENCE {
+	*       countryName        [0] DirectoryString OPTIONAL,
+	*       localityName       [1] DirectoryString OPTIONAL,
+	*       postalAddress      [2] PostalAddress OPTIONAL }
+	*
+	*   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
+	* </pre>
+	*/
+	public class SignerLocation
+		: Asn1Encodable
+	{
+		// TODO Should these be using DirectoryString?
+		private DerUtf8String	countryName;
+		private DerUtf8String	localityName;
+		private Asn1Sequence	postalAddress;
+
+		public SignerLocation(
+			Asn1Sequence seq)
+		{
+			foreach (Asn1TaggedObject obj in seq)
+			{
+				switch (obj.TagNo)
+				{
+					case 0:
+						this.countryName = DerUtf8String.GetInstance(obj, true);
+						break;
+					case 1:
+						this.localityName = DerUtf8String.GetInstance(obj, true);
+						break;
+					case 2:
+						bool isExplicit = obj.IsExplicit();	// handle erroneous implicitly tagged sequences
+						this.postalAddress = Asn1Sequence.GetInstance(obj, isExplicit);
+						if (postalAddress != null && postalAddress.Count > 6)
+							throw new ArgumentException("postal address must contain less than 6 strings");
+						break;
+					default:
+						throw new ArgumentException("illegal tag");
+				}
+			}
+		}
+
+		public SignerLocation(
+			DerUtf8String	countryName,
+			DerUtf8String	localityName,
+			Asn1Sequence	postalAddress)
+		{
+			if (postalAddress != null && postalAddress.Count > 6)
+			{
+				throw new ArgumentException("postal address must contain less than 6 strings");
+			}
+
+			if (countryName != null)
+			{
+				this.countryName = DerUtf8String.GetInstance(countryName.ToAsn1Object());
+			}
+
+			if (localityName != null)
+			{
+				this.localityName = DerUtf8String.GetInstance(localityName.ToAsn1Object());
+			}
+
+			if (postalAddress != null)
+			{
+				this.postalAddress = (Asn1Sequence) postalAddress.ToAsn1Object();
+			}
+		}
+
+		public static SignerLocation GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SignerLocation)
+			{
+				return (SignerLocation) obj;
+			}
+
+			return new SignerLocation(Asn1Sequence.GetInstance(obj));
+		}
+
+		public DerUtf8String CountryName
+		{
+			get { return countryName; }
+		}
+
+		public DerUtf8String LocalityName
+		{
+			get { return localityName; }
+		}
+
+		public Asn1Sequence PostalAddress
+		{
+			get { return postalAddress; }
+		}
+
+		/**
+		* <pre>
+		*   SignerLocation ::= SEQUENCE {
+		*       countryName        [0] DirectoryString OPTIONAL,
+		*       localityName       [1] DirectoryString OPTIONAL,
+		*       postalAddress      [2] PostalAddress OPTIONAL }
+		*
+		*   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
+		*
+		*   DirectoryString ::= CHOICE {
+		*         teletexString           TeletexString (SIZE (1..MAX)),
+		*         printableString         PrintableString (SIZE (1..MAX)),
+		*         universalString         UniversalString (SIZE (1..MAX)),
+		*         utf8String              UTF8String (SIZE (1.. MAX)),
+		*         bmpString               BMPString (SIZE (1..MAX)) }
+		* </pre>
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (countryName != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, countryName));
+			}
+
+			if (localityName != null)
+			{
+				v.Add(new DerTaggedObject(true, 1, localityName));
+			}
+
+			if (postalAddress != null)
+			{
+				v.Add(new DerTaggedObject(true, 2, postalAddress));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/ContentHints.cs b/bc-sharp-crypto/src/asn1/ess/ContentHints.cs
new file mode 100644
index 0000000..cfd174b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/ContentHints.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	public class ContentHints
+		: Asn1Encodable
+	{
+		private readonly DerUtf8String contentDescription;
+		private readonly DerObjectIdentifier contentType;
+
+		public static ContentHints GetInstance(
+			object o)
+		{
+			if (o == null || o is ContentHints)
+			{
+				return (ContentHints)o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new ContentHints((Asn1Sequence)o);
+			}
+
+			throw new ArgumentException("unknown object in 'ContentHints' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * constructor
+		 */
+		private ContentHints(
+			Asn1Sequence seq)
+		{
+			IAsn1Convertible field = seq[0];
+			if (field.ToAsn1Object() is DerUtf8String)
+			{
+				contentDescription = DerUtf8String.GetInstance(field);
+				contentType = DerObjectIdentifier.GetInstance(seq[1]);
+			}
+			else
+			{
+				contentType = DerObjectIdentifier.GetInstance(seq[0]);
+			}
+		}
+
+		public ContentHints(
+			DerObjectIdentifier contentType)
+		{
+			this.contentType = contentType;
+			this.contentDescription = null;
+		}
+
+		public ContentHints(
+			DerObjectIdentifier	contentType,
+			DerUtf8String		contentDescription)
+		{
+			this.contentType = contentType;
+			this.contentDescription = contentDescription;
+		}
+
+		public DerObjectIdentifier ContentType
+		{
+			get { return contentType; }
+		}
+
+		public DerUtf8String ContentDescription
+		{
+			get { return contentDescription; }
+		}
+
+		/**
+		 * <pre>
+		 * ContentHints ::= SEQUENCE {
+		 *   contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
+		 *   contentType ContentType }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (contentDescription != null)
+			{
+				v.Add(contentDescription);
+			}
+
+			v.Add(contentType);
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/ContentIdentifier.cs b/bc-sharp-crypto/src/asn1/ess/ContentIdentifier.cs
new file mode 100644
index 0000000..430185e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/ContentIdentifier.cs
@@ -0,0 +1,67 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	public class ContentIdentifier
+		: Asn1Encodable
+	{
+		private Asn1OctetString value;
+
+		public static ContentIdentifier GetInstance(
+			object o)
+		{
+			if (o == null || o is ContentIdentifier)
+			{
+				return (ContentIdentifier) o;
+			}
+
+			if (o is Asn1OctetString)
+			{
+				return new ContentIdentifier((Asn1OctetString) o);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'ContentIdentifier' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * Create from OCTET STRING whose octets represent the identifier.
+		 */
+		public ContentIdentifier(
+			Asn1OctetString value)
+		{
+			this.value = value;
+		}
+
+		/**
+		 * Create from byte array representing the identifier.
+		 */
+		public ContentIdentifier(
+			byte[] value)
+			: this(new DerOctetString(value))
+		{
+		}
+
+		public Asn1OctetString Value
+		{
+			get { return value; }
+		}
+
+		/**
+		 * The definition of ContentIdentifier is
+		 * <pre>
+		 * ContentIdentifier ::=  OCTET STRING
+		 * </pre>
+		 * id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1)
+		 *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
+		 *  smime(16) id-aa(2) 7 }
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return value;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/ESSCertID.cs b/bc-sharp-crypto/src/asn1/ess/ESSCertID.cs
new file mode 100644
index 0000000..b4465ea
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/ESSCertID.cs
@@ -0,0 +1,94 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	public class EssCertID
+		: Asn1Encodable
+	{
+		private Asn1OctetString certHash;
+		private IssuerSerial issuerSerial;
+
+		public static EssCertID GetInstance(
+			object o)
+		{
+			if (o == null || o is EssCertID)
+			{
+				return (EssCertID) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new EssCertID((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'EssCertID' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * constructor
+		 */
+		public EssCertID(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			this.certHash = Asn1OctetString.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				issuerSerial = IssuerSerial.GetInstance(seq[1]);
+			}
+		}
+
+		public EssCertID(
+			byte[] hash)
+		{
+			certHash = new DerOctetString(hash);
+		}
+
+		public EssCertID(
+			byte[]			hash,
+			IssuerSerial	issuerSerial)
+		{
+			this.certHash = new DerOctetString(hash);
+			this.issuerSerial = issuerSerial;
+		}
+
+		public byte[] GetCertHash()
+		{
+			return certHash.GetOctets();
+		}
+
+		public IssuerSerial IssuerSerial
+		{
+			get { return issuerSerial; }
+		}
+
+		/**
+		 * <pre>
+		 * EssCertID ::= SEQUENCE {
+		 *     certHash Hash,
+		 *     issuerSerial IssuerSerial OPTIONAL }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certHash);
+
+			if (issuerSerial != null)
+			{
+				v.Add(issuerSerial);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/ESSCertIDv2.cs b/bc-sharp-crypto/src/asn1/ess/ESSCertIDv2.cs
new file mode 100644
index 0000000..35ce699
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/ESSCertIDv2.cs
@@ -0,0 +1,146 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+    public class EssCertIDv2
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier hashAlgorithm;
+        private readonly byte[]              certHash;
+        private readonly IssuerSerial        issuerSerial;
+
+        private static readonly AlgorithmIdentifier DefaultAlgID = new AlgorithmIdentifier(
+            NistObjectIdentifiers.IdSha256);
+
+        public static EssCertIDv2 GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            EssCertIDv2 existing = obj as EssCertIDv2;
+            if (existing != null)
+                return existing;
+            return new EssCertIDv2(Asn1Sequence.GetInstance(obj));
+        }
+
+        private EssCertIDv2(
+            Asn1Sequence seq)
+        {
+            if (seq.Count > 3)
+                throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            int count = 0;
+
+            if (seq[0] is Asn1OctetString)
+            {
+                // Default value
+                this.hashAlgorithm = DefaultAlgID;
+            }
+            else
+            {
+                this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[count++].ToAsn1Object());
+            }
+
+            this.certHash = Asn1OctetString.GetInstance(seq[count++].ToAsn1Object()).GetOctets();
+
+            if (seq.Count > count)
+            {
+                this.issuerSerial = IssuerSerial.GetInstance(
+                    Asn1Sequence.GetInstance(seq[count].ToAsn1Object()));
+            }
+        }
+
+        public EssCertIDv2(byte[] certHash)
+            : this(null, certHash, null)
+        {
+        }
+
+        public EssCertIDv2(
+            AlgorithmIdentifier	algId,
+            byte[]				certHash)
+            : this(algId, certHash, null)
+        {
+        }
+
+        public EssCertIDv2(
+            byte[]              certHash,
+            IssuerSerial        issuerSerial)
+            : this(null, certHash, issuerSerial)
+        {
+        }
+
+        public EssCertIDv2(
+            AlgorithmIdentifier	algId,
+            byte[]				certHash,
+            IssuerSerial		issuerSerial)
+        {
+            if (algId == null)
+            {
+                // Default value
+                this.hashAlgorithm = DefaultAlgID;
+            }
+            else
+            {
+                this.hashAlgorithm = algId;
+            }
+
+            this.certHash = certHash;
+            this.issuerSerial = issuerSerial;
+        }
+
+        public AlgorithmIdentifier HashAlgorithm
+        {
+            get { return this.hashAlgorithm; }
+        }
+
+        public byte[] GetCertHash()
+        {
+            return Arrays.Clone(certHash);
+        }
+
+        public IssuerSerial IssuerSerial
+        {
+            get { return issuerSerial; }
+        }
+
+        /**
+         * <pre>
+         * EssCertIDv2 ::=  SEQUENCE {
+         *     hashAlgorithm     AlgorithmIdentifier
+         *              DEFAULT {algorithm id-sha256},
+         *     certHash          Hash,
+         *     issuerSerial      IssuerSerial OPTIONAL
+         * }
+         *
+         * Hash ::= OCTET STRING
+         *
+         * IssuerSerial ::= SEQUENCE {
+         *     issuer         GeneralNames,
+         *     serialNumber   CertificateSerialNumber
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (!hashAlgorithm.Equals(DefaultAlgID))
+            {
+                v.Add(hashAlgorithm);
+            }
+
+            v.Add(new DerOctetString(certHash).ToAsn1Object());
+
+            if (issuerSerial != null)
+            {
+                v.Add(issuerSerial);
+            }
+
+            return new DerSequence(v);
+        }
+
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/OtherCertID.cs b/bc-sharp-crypto/src/asn1/ess/OtherCertID.cs
new file mode 100644
index 0000000..7794c81
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/OtherCertID.cs
@@ -0,0 +1,134 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	[Obsolete("Use version in Asn1.Esf instead")]
+	public class OtherCertID
+		: Asn1Encodable
+	{
+		private Asn1Encodable otherCertHash;
+		private IssuerSerial issuerSerial;
+
+		public static OtherCertID GetInstance(
+			object o)
+		{
+			if (o == null || o is OtherCertID)
+			{
+				return (OtherCertID) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new OtherCertID((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'OtherCertID' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * constructor
+		 */
+		public OtherCertID(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			if (seq[0].ToAsn1Object() is Asn1OctetString)
+			{
+				otherCertHash = Asn1OctetString.GetInstance(seq[0]);
+			}
+			else
+			{
+				otherCertHash = DigestInfo.GetInstance(seq[0]);
+			}
+
+			if (seq.Count > 1)
+			{
+				issuerSerial = IssuerSerial.GetInstance(Asn1Sequence.GetInstance(seq[1]));
+			}
+		}
+
+		public OtherCertID(
+			AlgorithmIdentifier	algId,
+			byte[]				digest)
+		{
+			this.otherCertHash = new DigestInfo(algId, digest);
+		}
+
+		public OtherCertID(
+			AlgorithmIdentifier	algId,
+			byte[]				digest,
+			IssuerSerial		issuerSerial)
+		{
+			this.otherCertHash = new DigestInfo(algId, digest);
+			this.issuerSerial = issuerSerial;
+		}
+
+		public AlgorithmIdentifier AlgorithmHash
+		{
+			get
+			{
+				if (otherCertHash.ToAsn1Object() is Asn1OctetString)
+				{
+					// SHA-1
+					return new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1);
+				}
+
+				return DigestInfo.GetInstance(otherCertHash).AlgorithmID;
+			}
+		}
+
+		public byte[] GetCertHash()
+		{
+			if (otherCertHash.ToAsn1Object() is Asn1OctetString)
+			{
+				// SHA-1
+				return ((Asn1OctetString) otherCertHash.ToAsn1Object()).GetOctets();
+			}
+
+			return DigestInfo.GetInstance(otherCertHash).GetDigest();
+		}
+
+		public IssuerSerial IssuerSerial
+		{
+			get { return issuerSerial; }
+		}
+
+		/**
+		 * <pre>
+		 * OtherCertID ::= SEQUENCE {
+		 *     otherCertHash    OtherHash,
+		 *     issuerSerial     IssuerSerial OPTIONAL }
+		 *
+		 * OtherHash ::= CHOICE {
+		 *     sha1Hash     OCTET STRING,
+		 *     otherHash    OtherHashAlgAndValue }
+		 *
+		 * OtherHashAlgAndValue ::= SEQUENCE {
+		 *     hashAlgorithm    AlgorithmIdentifier,
+		 *     hashValue        OCTET STRING }
+		 *
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(otherCertHash);
+
+			if (issuerSerial != null)
+			{
+				v.Add(issuerSerial);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/OtherSigningCertificate.cs b/bc-sharp-crypto/src/asn1/ess/OtherSigningCertificate.cs
new file mode 100644
index 0000000..6cef92b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/OtherSigningCertificate.cs
@@ -0,0 +1,110 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	[Obsolete("Use version in Asn1.Esf instead")]
+	public class OtherSigningCertificate
+		: Asn1Encodable
+	{
+		private Asn1Sequence certs, policies;
+
+		public static OtherSigningCertificate GetInstance(
+			object o)
+		{
+			if (o == null || o is OtherSigningCertificate)
+			{
+				return (OtherSigningCertificate) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new OtherSigningCertificate((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'OtherSigningCertificate' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * constructors
+		 */
+		public OtherSigningCertificate(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			this.certs = Asn1Sequence.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				this.policies = Asn1Sequence.GetInstance(seq[1]);
+			}
+		}
+
+		public OtherSigningCertificate(
+			OtherCertID otherCertID)
+		{
+			certs = new DerSequence(otherCertID);
+		}
+
+		public OtherCertID[] GetCerts()
+		{
+			OtherCertID[] cs = new OtherCertID[certs.Count];
+
+			for (int i = 0; i != certs.Count; ++i)
+			{
+				cs[i] = OtherCertID.GetInstance(certs[i]);
+			}
+
+			return cs;
+		}
+
+		public PolicyInformation[] GetPolicies()
+		{
+			if (policies == null)
+			{
+				return null;
+			}
+
+			PolicyInformation[] ps = new PolicyInformation[policies.Count];
+
+			for (int i = 0; i != policies.Count; i++)
+			{
+				ps[i] = PolicyInformation.GetInstance(policies[i]);
+			}
+
+			return ps;
+		}
+
+		/**
+		 * The definition of OtherSigningCertificate is
+		 * <pre>
+		 * OtherSigningCertificate ::=  SEQUENCE {
+		 *      certs        SEQUENCE OF OtherCertID,
+		 *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+		 * }
+		 * </pre>
+		 * id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
+		 *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
+		 *  smime(16) id-aa(2) 19 }
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certs);
+
+			if (policies != null)
+			{
+				v.Add(policies);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/SigningCertificate.cs b/bc-sharp-crypto/src/asn1/ess/SigningCertificate.cs
new file mode 100644
index 0000000..51f67c1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/SigningCertificate.cs
@@ -0,0 +1,109 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+	public class SigningCertificate
+		: Asn1Encodable
+	{
+		private Asn1Sequence certs, policies;
+
+		public static SigningCertificate GetInstance(
+			object o)
+		{
+			if (o == null || o is SigningCertificate)
+			{
+				return (SigningCertificate) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new SigningCertificate((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'SigningCertificate' factory : "
+                + Platform.GetTypeName(o) + ".");
+		}
+
+		/**
+		 * constructors
+		 */
+		public SigningCertificate(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			this.certs = Asn1Sequence.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				this.policies = Asn1Sequence.GetInstance(seq[1]);
+			}
+		}
+
+		public SigningCertificate(
+			EssCertID essCertID)
+		{
+			certs = new DerSequence(essCertID);
+		}
+
+		public EssCertID[] GetCerts()
+		{
+			EssCertID[] cs = new EssCertID[certs.Count];
+
+			for (int i = 0; i != certs.Count; i++)
+			{
+				cs[i] = EssCertID.GetInstance(certs[i]);
+			}
+
+			return cs;
+		}
+
+		public PolicyInformation[] GetPolicies()
+		{
+			if (policies == null)
+			{
+				return null;
+			}
+
+			PolicyInformation[] ps = new PolicyInformation[policies.Count];
+
+			for (int i = 0; i != policies.Count; i++)
+			{
+				ps[i] = PolicyInformation.GetInstance(policies[i]);
+			}
+
+			return ps;
+		}
+
+		/**
+		 * The definition of SigningCertificate is
+		 * <pre>
+		 * SigningCertificate ::=  SEQUENCE {
+		 *      certs        SEQUENCE OF EssCertID,
+		 *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+		 * }
+		 * </pre>
+		 * id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
+		 *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
+		 *  smime(16) id-aa(2) 12 }
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(certs);
+
+			if (policies != null)
+			{
+				v.Add(policies);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ess/SigningCertificateV2.cs b/bc-sharp-crypto/src/asn1/ess/SigningCertificateV2.cs
new file mode 100644
index 0000000..91eda9e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ess/SigningCertificateV2.cs
@@ -0,0 +1,113 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ess
+{
+    public class SigningCertificateV2
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence certs;
+        private readonly Asn1Sequence policies;
+
+        public static SigningCertificateV2 GetInstance(
+            object o)
+        {
+            if (o == null || o is SigningCertificateV2)
+                return (SigningCertificateV2) o;
+
+            if (o is Asn1Sequence)
+                return new SigningCertificateV2((Asn1Sequence) o);
+
+            throw new ArgumentException(
+                "unknown object in 'SigningCertificateV2' factory : "
+                + Platform.GetTypeName(o) + ".");
+        }
+
+        private SigningCertificateV2(
+            Asn1Sequence seq)
+        {
+            if (seq.Count < 1 || seq.Count > 2)
+                throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            this.certs = Asn1Sequence.GetInstance(seq[0].ToAsn1Object());
+
+            if (seq.Count > 1)
+            {
+                this.policies = Asn1Sequence.GetInstance(seq[1].ToAsn1Object());
+            }
+        }
+
+        public SigningCertificateV2(
+            EssCertIDv2 cert)
+        {
+            this.certs = new DerSequence(cert);
+        }
+
+        public SigningCertificateV2(
+            EssCertIDv2[] certs)
+        {
+            this.certs = new DerSequence(certs);
+        }
+
+        public SigningCertificateV2(
+            EssCertIDv2[]		certs,
+            PolicyInformation[]	policies)
+        {
+            this.certs = new DerSequence(certs);
+
+            if (policies != null)
+            {
+                this.policies = new DerSequence(policies);
+            }
+        }
+
+        public EssCertIDv2[] GetCerts()
+        {
+            EssCertIDv2[] certIds = new EssCertIDv2[certs.Count];
+            for (int i = 0; i != certs.Count; i++)
+            {
+                certIds[i] = EssCertIDv2.GetInstance(certs[i]);
+            }
+            return certIds;
+        }
+
+        public PolicyInformation[] GetPolicies()
+        {
+            if (policies == null)
+                return null;
+
+            PolicyInformation[] policyInformations = new PolicyInformation[policies.Count];
+            for (int i = 0; i != policies.Count; i++)
+            {
+                policyInformations[i] = PolicyInformation.GetInstance(policies[i]);
+            }
+            return policyInformations;
+        }
+
+        /**
+         * The definition of SigningCertificateV2 is
+         * <pre>
+         * SigningCertificateV2 ::=  SEQUENCE {
+         *      certs        SEQUENCE OF EssCertIDv2,
+         *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+         * }
+         * </pre>
+         * id-aa-signingCertificateV2 OBJECT IDENTIFIER ::= { iso(1)
+         *    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
+         *    smime(16) id-aa(2) 47 }
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(certs);
+
+            if (policies != null)
+            {
+                v.Add(policies);
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/gm/GMNamedCurves.cs b/bc-sharp-crypto/src/asn1/gm/GMNamedCurves.cs
new file mode 100644
index 0000000..e2ec6d8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/gm/GMNamedCurves.cs
@@ -0,0 +1,157 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Endo;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.GM
+{
+    public sealed class GMNamedCurves
+    {
+        private GMNamedCurves()
+        {
+        }
+
+        private static ECCurve ConfigureCurve(ECCurve curve)
+        {
+            return curve;
+        }
+
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        /*
+         * sm2p256v1
+         */
+        internal class SM2P256V1Holder
+            : X9ECParametersHolder
+        {
+            private SM2P256V1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new SM2P256V1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger p = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC");
+                BigInteger b = FromHex("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93");
+                byte[] S = null;
+                BigInteger n = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
+                    + "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * wapip192v1
+         */
+        internal class WapiP192V1Holder
+            : X9ECParametersHolder
+        {
+            private WapiP192V1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new WapiP192V1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger p = FromHex("BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F");
+                BigInteger a = FromHex("BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985");
+                BigInteger b = FromHex("1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1");
+                byte[] S = null;
+                BigInteger n = FromHex("BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "4AD5F7048DE709AD51236DE6" + "5E4D4B482C836DC6E4106640"
+                    + "02BB3A02D4AAADACAE24817A" + "4CA3A1B014B5270432DB27D2"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary curves = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurve(
+            string					name,
+            DerObjectIdentifier		oid,
+            X9ECParametersHolder	holder)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+            curves.Add(oid, holder);
+        }
+
+        static GMNamedCurves()
+        {
+            DefineCurve("wapip192v1", GMObjectIdentifiers.wapip192v1, WapiP192V1Holder.Instance);
+            DefineCurve("sm2p256v1", GMObjectIdentifiers.sm2p256v1, SM2P256V1Holder.Instance);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+         * return the X9ECParameters object for the named curve represented by
+         * the passed in object identifier. Null if the curve isn't present.
+         *
+         * @param oid an object identifier representing a named curve, if present.
+         */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)curves[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+         * return the named curve name represented by the given object identifier.
+         */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string)names[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/gm/GMObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/gm/GMObjectIdentifiers.cs
new file mode 100644
index 0000000..edb3a41
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/gm/GMObjectIdentifiers.cs
@@ -0,0 +1,85 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.GM
+{
+	public abstract class GMObjectIdentifiers
+	{
+        public static readonly DerObjectIdentifier sm_scheme = new DerObjectIdentifier("1.2.156.10197.1");
+
+        public static readonly DerObjectIdentifier sm6_ecb = sm_scheme.Branch("101.1");
+        public static readonly DerObjectIdentifier sm6_cbc = sm_scheme.Branch("101.2");
+        public static readonly DerObjectIdentifier sm6_ofb128 = sm_scheme.Branch("101.3");
+        public static readonly DerObjectIdentifier sm6_cfb128 = sm_scheme.Branch("101.4");
+
+        public static readonly DerObjectIdentifier sm1_ecb = sm_scheme.Branch("102.1");
+        public static readonly DerObjectIdentifier sm1_cbc = sm_scheme.Branch("102.2");
+        public static readonly DerObjectIdentifier sm1_ofb128 = sm_scheme.Branch("102.3");
+        public static readonly DerObjectIdentifier sm1_cfb128 = sm_scheme.Branch("102.4");
+        public static readonly DerObjectIdentifier sm1_cfb1 = sm_scheme.Branch("102.5");
+        public static readonly DerObjectIdentifier sm1_cfb8 = sm_scheme.Branch("102.6");
+
+        public static readonly DerObjectIdentifier ssf33_ecb = sm_scheme.Branch("103.1");
+        public static readonly DerObjectIdentifier ssf33_cbc = sm_scheme.Branch("103.2");
+        public static readonly DerObjectIdentifier ssf33_ofb128 = sm_scheme.Branch("103.3");
+        public static readonly DerObjectIdentifier ssf33_cfb128 = sm_scheme.Branch("103.4");
+        public static readonly DerObjectIdentifier ssf33_cfb1 = sm_scheme.Branch("103.5");
+        public static readonly DerObjectIdentifier ssf33_cfb8 = sm_scheme.Branch("103.6");
+
+        public static readonly DerObjectIdentifier sms4_ecb = sm_scheme.Branch("104.1");
+        public static readonly DerObjectIdentifier sms4_cbc = sm_scheme.Branch("104.2");
+        public static readonly DerObjectIdentifier sms4_ofb128 = sm_scheme.Branch("104.3");
+        public static readonly DerObjectIdentifier sms4_cfb128 = sm_scheme.Branch("104.4");
+        public static readonly DerObjectIdentifier sms4_cfb1 = sm_scheme.Branch("104.5");
+        public static readonly DerObjectIdentifier sms4_cfb8 = sm_scheme.Branch("104.6");
+        public static readonly DerObjectIdentifier sms4_ctr = sm_scheme.Branch("104.7");
+        public static readonly DerObjectIdentifier sms4_gcm = sm_scheme.Branch("104.8");
+        public static readonly DerObjectIdentifier sms4_ccm = sm_scheme.Branch("104.9");
+        public static readonly DerObjectIdentifier sms4_xts = sm_scheme.Branch("104.10");
+        public static readonly DerObjectIdentifier sms4_wrap = sm_scheme.Branch("104.11");
+        public static readonly DerObjectIdentifier sms4_wrap_pad = sm_scheme.Branch("104.12");
+        public static readonly DerObjectIdentifier sms4_ocb = sm_scheme.Branch("104.100");
+
+        public static readonly DerObjectIdentifier sm5 = sm_scheme.Branch("201");
+
+        public static readonly DerObjectIdentifier sm2p256v1 = sm_scheme.Branch("301");
+        public static readonly DerObjectIdentifier sm2sign = sm_scheme.Branch("301.1");
+        public static readonly DerObjectIdentifier sm2exchange = sm_scheme.Branch("301.2");
+        public static readonly DerObjectIdentifier sm2encrypt = sm_scheme.Branch("301.3");
+
+        public static readonly DerObjectIdentifier wapip192v1 = sm_scheme.Branch("301.101");
+
+        public static readonly DerObjectIdentifier sm2encrypt_recommendedParameters = sm2encrypt.Branch("1");
+        public static readonly DerObjectIdentifier sm2encrypt_specifiedParameters = sm2encrypt.Branch("2");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sm3 = sm2encrypt.Branch("2.1");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sha1 = sm2encrypt.Branch("2.2");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sha224 = sm2encrypt.Branch("2.3");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sha256 = sm2encrypt.Branch("2.4");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sha384 = sm2encrypt.Branch("2.5");
+        public static readonly DerObjectIdentifier sm2encrypt_with_sha512 = sm2encrypt.Branch("2.6");
+        public static readonly DerObjectIdentifier sm2encrypt_with_rmd160 = sm2encrypt.Branch("2.7");
+        public static readonly DerObjectIdentifier sm2encrypt_with_whirlpool = sm2encrypt.Branch("2.8");
+        public static readonly DerObjectIdentifier sm2encrypt_with_blake2b512 = sm2encrypt.Branch("2.9");
+        public static readonly DerObjectIdentifier sm2encrypt_with_blake2s256 = sm2encrypt.Branch("2.10");
+        public static readonly DerObjectIdentifier sm2encrypt_with_md5 = sm2encrypt.Branch("2.11");
+
+        public static readonly DerObjectIdentifier id_sm9PublicKey = sm_scheme.Branch("302");
+        public static readonly DerObjectIdentifier sm9sign = sm_scheme.Branch("302.1");
+        public static readonly DerObjectIdentifier sm9keyagreement = sm_scheme.Branch("302.2");
+        public static readonly DerObjectIdentifier sm9encrypt = sm_scheme.Branch("302.3");
+
+        public static readonly DerObjectIdentifier sm3 = sm_scheme.Branch("401");
+
+        public static readonly DerObjectIdentifier hmac_sm3 = sm3.Branch("2");
+
+        public static readonly DerObjectIdentifier sm2sign_with_sm3 = sm_scheme.Branch("501");
+        public static readonly DerObjectIdentifier sm2sign_with_sha1 = sm_scheme.Branch("502");
+        public static readonly DerObjectIdentifier sm2sign_with_sha256 = sm_scheme.Branch("503");
+        public static readonly DerObjectIdentifier sm2sign_with_sha512 = sm_scheme.Branch("504");
+        public static readonly DerObjectIdentifier sm2sign_with_sha224 = sm_scheme.Branch("505");
+        public static readonly DerObjectIdentifier sm2sign_with_sha384 = sm_scheme.Branch("506");
+        public static readonly DerObjectIdentifier sm2sign_with_rmd160 = sm_scheme.Branch("507");
+        public static readonly DerObjectIdentifier sm2sign_with_whirlpool = sm_scheme.Branch("520");
+        public static readonly DerObjectIdentifier sm2sign_with_blake2b512 = sm_scheme.Branch("521");
+        public static readonly DerObjectIdentifier sm2sign_with_blake2s256 = sm_scheme.Branch("522");
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/asn1/gnu/GNUObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
new file mode 100644
index 0000000..b322ef2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
@@ -0,0 +1,36 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Gnu
+{
+	public abstract class GnuObjectIdentifiers
+	{
+		public static readonly DerObjectIdentifier Gnu					= new DerObjectIdentifier("1.3.6.1.4.1.11591.1"); // GNU Radius
+		public static readonly DerObjectIdentifier GnuPG				= new DerObjectIdentifier("1.3.6.1.4.1.11591.2"); // GnuPG (Ägypten)
+		public static readonly DerObjectIdentifier Notation				= new DerObjectIdentifier("1.3.6.1.4.1.11591.2.1"); // notation
+		public static readonly DerObjectIdentifier PkaAddress			= new DerObjectIdentifier("1.3.6.1.4.1.11591.2.1.1"); // pkaAddress
+		public static readonly DerObjectIdentifier GnuRadar				= new DerObjectIdentifier("1.3.6.1.4.1.11591.3"); // GNU Radar
+		public static readonly DerObjectIdentifier DigestAlgorithm		= new DerObjectIdentifier("1.3.6.1.4.1.11591.12"); // digestAlgorithm
+		public static readonly DerObjectIdentifier Tiger192				= new DerObjectIdentifier("1.3.6.1.4.1.11591.12.2"); // TIGER/192
+		public static readonly DerObjectIdentifier EncryptionAlgorithm	= new DerObjectIdentifier("1.3.6.1.4.1.11591.13"); // encryptionAlgorithm
+		public static readonly DerObjectIdentifier Serpent				= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2"); // Serpent
+		public static readonly DerObjectIdentifier Serpent128Ecb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.1"); // Serpent-128-ECB
+		public static readonly DerObjectIdentifier Serpent128Cbc		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.2"); // Serpent-128-CBC
+		public static readonly DerObjectIdentifier Serpent128Ofb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.3"); // Serpent-128-OFB
+		public static readonly DerObjectIdentifier Serpent128Cfb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.4"); // Serpent-128-CFB
+		public static readonly DerObjectIdentifier Serpent192Ecb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.21"); // Serpent-192-ECB
+		public static readonly DerObjectIdentifier Serpent192Cbc		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.22"); // Serpent-192-CBC
+		public static readonly DerObjectIdentifier Serpent192Ofb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.23"); // Serpent-192-OFB
+		public static readonly DerObjectIdentifier Serpent192Cfb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.24"); // Serpent-192-CFB
+		public static readonly DerObjectIdentifier Serpent256Ecb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.41"); // Serpent-256-ECB
+		public static readonly DerObjectIdentifier Serpent256Cbc		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.42"); // Serpent-256-CBC
+		public static readonly DerObjectIdentifier Serpent256Ofb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.43"); // Serpent-256-OFB
+		public static readonly DerObjectIdentifier Serpent256Cfb		= new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.44"); // Serpent-256-CFB
+		public static readonly DerObjectIdentifier Crc					= new DerObjectIdentifier("1.3.6.1.4.1.11591.14"); // CRC algorithms
+		public static readonly DerObjectIdentifier Crc32				= new DerObjectIdentifier("1.3.6.1.4.1.11591.14.1"); // CRC 32
+
+        /** 1.3.6.1.4.1.11591.15 - ellipticCurve */
+        public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier("1.3.6.1.4.1.11591.15");
+
+        public static readonly DerObjectIdentifier Ed25519   = EllipticCurve.Branch("1");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/iana/IANAObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/iana/IANAObjectIdentifiers.cs
new file mode 100644
index 0000000..63343f5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/iana/IANAObjectIdentifiers.cs
@@ -0,0 +1,18 @@
+namespace Org.BouncyCastle.Asn1.Iana
+{
+	public abstract class IanaObjectIdentifiers
+	{
+		// id-SHA1 OBJECT IDENTIFIER ::=
+		// {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1)}
+		//
+
+		public static readonly DerObjectIdentifier IsakmpOakley = new DerObjectIdentifier("1.3.6.1.5.5.8.1");
+
+		public static readonly DerObjectIdentifier HmacMD5 = new DerObjectIdentifier(IsakmpOakley + ".1");
+		public static readonly DerObjectIdentifier HmacSha1 = new DerObjectIdentifier(IsakmpOakley + ".2");
+
+		public static readonly DerObjectIdentifier HmacTiger = new DerObjectIdentifier(IsakmpOakley + ".3");
+
+		public static readonly DerObjectIdentifier HmacRipeMD160 = new DerObjectIdentifier(IsakmpOakley + ".4");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/icao/CscaMasterList.cs b/bc-sharp-crypto/src/asn1/icao/CscaMasterList.cs
new file mode 100644
index 0000000..6890d8a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/icao/CscaMasterList.cs
@@ -0,0 +1,83 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Icao
+{
+	/**
+	 * The CscaMasterList object. This object can be wrapped in a
+	 * CMSSignedData to be published in LDAP.
+	 *
+	 * <pre>
+	 * CscaMasterList ::= SEQUENCE {
+	 *   version                CscaMasterListVersion,
+	 *   certList               SET OF Certificate }
+	 *   
+	 * CscaMasterListVersion :: INTEGER {v0(0)}
+	 * </pre>
+	 */
+	public class CscaMasterList 
+		: Asn1Encodable 
+	{
+		private DerInteger version = new DerInteger(0);
+		private X509CertificateStructure[] certList;
+
+		public static CscaMasterList GetInstance(
+			object obj)
+		{
+			if (obj is CscaMasterList)
+				return (CscaMasterList)obj;
+
+			if (obj != null)
+				return new CscaMasterList(Asn1Sequence.GetInstance(obj));            
+
+			return null;
+		}
+
+		private CscaMasterList(
+			Asn1Sequence seq)
+		{
+			if (seq == null || seq.Count == 0)
+				throw new ArgumentException("null or empty sequence passed.");
+
+			if (seq.Count != 2)
+				throw new ArgumentException("Incorrect sequence size: " + seq.Count);
+
+			this.version = DerInteger.GetInstance(seq[0]);
+
+			Asn1Set certSet = Asn1Set.GetInstance(seq[1]);
+
+			this.certList = new X509CertificateStructure[certSet.Count];
+			for (int i = 0; i < certList.Length; i++)
+			{
+				certList[i] = X509CertificateStructure.GetInstance(certSet[i]);
+			}
+		}
+
+		public CscaMasterList(
+			X509CertificateStructure[] certStructs)
+		{
+			certList = CopyCertList(certStructs);
+		}
+
+		public virtual int Version
+		{
+			get { return version.Value.IntValue; }
+		}
+
+		public X509CertificateStructure[] GetCertStructs()
+		{
+			return CopyCertList(certList);
+		}
+
+		private static X509CertificateStructure[] CopyCertList(X509CertificateStructure[] orig)
+		{
+			return (X509CertificateStructure[])orig.Clone();
+		}
+
+		public override Asn1Object ToAsn1Object() 
+		{
+			return new DerSequence(version, new DerSet(certList));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/icao/DataGroupHash.cs b/bc-sharp-crypto/src/asn1/icao/DataGroupHash.cs
new file mode 100644
index 0000000..e0d7eee
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/icao/DataGroupHash.cs
@@ -0,0 +1,86 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Icao
+{
+    /**
+    * The DataGroupHash object.
+    * <pre>
+    * DataGroupHash  ::=  SEQUENCE {
+    *      dataGroupNumber         DataGroupNumber,
+    *      dataGroupHashValue     OCTET STRING }
+    *
+    * DataGroupNumber ::= INTEGER {
+    *         dataGroup1    (1),
+    *         dataGroup1    (2),
+    *         dataGroup1    (3),
+    *         dataGroup1    (4),
+    *         dataGroup1    (5),
+    *         dataGroup1    (6),
+    *         dataGroup1    (7),
+    *         dataGroup1    (8),
+    *         dataGroup1    (9),
+    *         dataGroup1    (10),
+    *         dataGroup1    (11),
+    *         dataGroup1    (12),
+    *         dataGroup1    (13),
+    *         dataGroup1    (14),
+    *         dataGroup1    (15),
+    *         dataGroup1    (16) }
+    *
+    * </pre>
+    */
+    public class DataGroupHash
+        : Asn1Encodable
+    {
+        private readonly DerInteger dataGroupNumber;
+        private readonly Asn1OctetString dataGroupHashValue;
+
+		public static DataGroupHash GetInstance(
+            object obj)
+        {
+            if (obj is DataGroupHash)
+                return (DataGroupHash)obj;
+
+			if (obj != null)
+				return new DataGroupHash(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		private DataGroupHash(
+			Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.dataGroupNumber = DerInteger.GetInstance(seq[0]);
+            this.dataGroupHashValue = Asn1OctetString.GetInstance(seq[1]);
+        }
+
+		public DataGroupHash(
+            int				dataGroupNumber,
+            Asn1OctetString	dataGroupHashValue)
+        {
+            this.dataGroupNumber = new DerInteger(dataGroupNumber);
+            this.dataGroupHashValue = dataGroupHashValue;
+        }
+
+		public int DataGroupNumber
+		{
+			get { return dataGroupNumber.Value.IntValue; }
+		}
+
+		public Asn1OctetString DataGroupHashValue
+		{
+			get { return dataGroupHashValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(dataGroupNumber, dataGroupHashValue);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/icao/ICAOObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/icao/ICAOObjectIdentifiers.cs
new file mode 100644
index 0000000..389d4da
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/icao/ICAOObjectIdentifiers.cs
@@ -0,0 +1,34 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Icao
+{
+	public abstract class IcaoObjectIdentifiers
+	{
+		//
+		// base id
+		//
+		public static readonly DerObjectIdentifier IdIcao = new DerObjectIdentifier("2.23.136");
+
+		public static readonly DerObjectIdentifier IdIcaoMrtd = IdIcao.Branch("1");
+		public static readonly DerObjectIdentifier IdIcaoMrtdSecurity = IdIcaoMrtd.Branch("1");
+
+		// LDS security object, see ICAO Doc 9303-Volume 2-Section IV-A3.2
+		public static readonly DerObjectIdentifier IdIcaoLdsSecurityObject = IdIcaoMrtdSecurity.Branch("1");
+
+		// CSCA master list, see TR CSCA Countersigning and Master List issuance
+		public static readonly DerObjectIdentifier IdIcaoCscaMasterList = IdIcaoMrtdSecurity.Branch("2");
+		public static readonly DerObjectIdentifier IdIcaoCscaMasterListSigningKey = IdIcaoMrtdSecurity.Branch("3");
+
+		// document type list, see draft TR LDS and PKI Maintenance, par. 3.2.1
+		public static readonly DerObjectIdentifier IdIcaoDocumentTypeList = IdIcaoMrtdSecurity.Branch("4");
+
+		// Active Authentication protocol, see draft TR LDS and PKI Maintenance,
+		// par. 5.2.2
+		public static readonly DerObjectIdentifier IdIcaoAAProtocolObject = IdIcaoMrtdSecurity.Branch("5");
+
+		// CSCA name change and key reoll-over, see draft TR LDS and PKI
+		// Maintenance, par. 3.2.1
+		public static readonly DerObjectIdentifier IdIcaoExtensions = IdIcaoMrtdSecurity.Branch("6");
+		public static readonly DerObjectIdentifier IdIcaoExtensionsNamechangekeyrollover = IdIcaoExtensions.Branch("1");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/icao/LDSSecurityObject.cs b/bc-sharp-crypto/src/asn1/icao/LDSSecurityObject.cs
new file mode 100644
index 0000000..c33ca68
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/icao/LDSSecurityObject.cs
@@ -0,0 +1,145 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Icao
+{
+	/**
+	 * The LDSSecurityObject object (V1.8).
+	 * <pre>
+	 * LDSSecurityObject ::= SEQUENCE {
+	 *   version                LDSSecurityObjectVersion,
+	 *   hashAlgorithm          DigestAlgorithmIdentifier,
+	 *   dataGroupHashValues    SEQUENCE SIZE (2..ub-DataGroups) OF DataHashGroup,
+	 *   ldsVersionInfo         LDSVersionInfo OPTIONAL
+	 *     -- if present, version MUST be v1 }
+	 *
+	 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier,
+	 *
+	 * LDSSecurityObjectVersion :: INTEGER {V0(0)}
+	 * </pre>
+	 */
+	public class LdsSecurityObject
+		: Asn1Encodable
+	{
+		public const int UBDataGroups = 16;
+
+		private DerInteger version = new DerInteger(0);
+		private AlgorithmIdentifier digestAlgorithmIdentifier;
+		private DataGroupHash[] datagroupHash;
+		private LdsVersionInfo versionInfo;
+
+		public static LdsSecurityObject GetInstance(
+			object obj)
+		{
+			if (obj is LdsSecurityObject)
+				return (LdsSecurityObject)obj;
+
+			if (obj != null)
+				return new LdsSecurityObject(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		private LdsSecurityObject(
+			Asn1Sequence seq)
+		{
+			if (seq == null || seq.Count == 0)
+				throw new ArgumentException("null or empty sequence passed.");
+
+			IEnumerator e = seq.GetEnumerator();
+
+			// version
+			e.MoveNext();
+			version = DerInteger.GetInstance(e.Current);
+			// digestAlgorithmIdentifier
+			e.MoveNext();
+			digestAlgorithmIdentifier = AlgorithmIdentifier.GetInstance(e.Current);
+
+			e.MoveNext();
+			Asn1Sequence datagroupHashSeq = Asn1Sequence.GetInstance(e.Current);
+
+			if (version.Value.Equals(BigInteger.One))
+			{
+				e.MoveNext();
+				versionInfo = LdsVersionInfo.GetInstance(e.Current);
+			}
+
+			CheckDatagroupHashSeqSize(datagroupHashSeq.Count);
+
+			datagroupHash = new DataGroupHash[datagroupHashSeq.Count];
+			for (int i= 0; i< datagroupHashSeq.Count; i++)
+			{
+				datagroupHash[i] = DataGroupHash.GetInstance(datagroupHashSeq[i]);
+			}
+		}
+
+		public LdsSecurityObject(
+			AlgorithmIdentifier	digestAlgorithmIdentifier,
+			DataGroupHash[]		datagroupHash)
+		{
+			this.version = new DerInteger(0);
+			this.digestAlgorithmIdentifier = digestAlgorithmIdentifier;
+			this.datagroupHash = datagroupHash;
+
+			CheckDatagroupHashSeqSize(datagroupHash.Length);
+		}
+
+
+		public LdsSecurityObject(
+			AlgorithmIdentifier	digestAlgorithmIdentifier,
+			DataGroupHash[]		datagroupHash,
+			LdsVersionInfo		versionInfo)
+		{
+			this.version = new DerInteger(1);
+			this.digestAlgorithmIdentifier = digestAlgorithmIdentifier;
+			this.datagroupHash = datagroupHash;
+			this.versionInfo = versionInfo;
+
+			CheckDatagroupHashSeqSize(datagroupHash.Length);
+		}
+
+		private void CheckDatagroupHashSeqSize(int size)
+		{
+			if (size < 2 || size > UBDataGroups)
+				throw new ArgumentException("wrong size in DataGroupHashValues : not in (2.."+ UBDataGroups +")");
+		}
+
+		public BigInteger Version
+		{
+			get { return version.Value; }
+		}
+
+		public AlgorithmIdentifier DigestAlgorithmIdentifier
+		{
+			get { return digestAlgorithmIdentifier; }
+		}
+
+		public DataGroupHash[] GetDatagroupHash()
+		{
+			return datagroupHash;
+		}
+
+		public LdsVersionInfo VersionInfo
+		{
+			get { return versionInfo; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			DerSequence hashSeq = new DerSequence(datagroupHash);
+
+			Asn1EncodableVector v = new Asn1EncodableVector(version, digestAlgorithmIdentifier, hashSeq);
+
+			if (versionInfo != null)
+			{
+				v.Add(versionInfo);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/icao/LDSVersionInfo.cs b/bc-sharp-crypto/src/asn1/icao/LDSVersionInfo.cs
new file mode 100644
index 0000000..2cdcad2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/icao/LDSVersionInfo.cs
@@ -0,0 +1,61 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Icao
+{
+	public class LdsVersionInfo
+		: Asn1Encodable
+	{
+		private DerPrintableString ldsVersion;
+		private DerPrintableString unicodeVersion;
+
+		public LdsVersionInfo(string ldsVersion, string unicodeVersion)
+		{
+			this.ldsVersion = new DerPrintableString(ldsVersion);
+			this.unicodeVersion = new DerPrintableString(unicodeVersion);
+		}
+
+		private LdsVersionInfo(Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("sequence wrong size for LDSVersionInfo", "seq");
+
+			this.ldsVersion = DerPrintableString.GetInstance(seq[0]);
+			this.unicodeVersion = DerPrintableString.GetInstance(seq[1]);
+		}
+
+		public static LdsVersionInfo GetInstance(object obj)
+		{
+			if (obj is LdsVersionInfo)
+				return (LdsVersionInfo)obj;
+
+			if (obj != null)
+				return new LdsVersionInfo(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		public virtual string GetLdsVersion()
+		{
+			return ldsVersion.GetString();
+		}
+
+		public virtual string GetUnicodeVersion()
+		{
+			return unicodeVersion.GetString();
+		}
+
+		/**
+		 * <pre>
+		 * LDSVersionInfo ::= SEQUENCE {
+		 *    ldsVersion PRINTABLE STRING
+		 *    unicodeVersion PRINTABLE STRING
+		 *  }
+		 * </pre>
+		 * @return
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(ldsVersion, unicodeVersion);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs
new file mode 100644
index 0000000..af60b03
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs
@@ -0,0 +1,177 @@
+namespace Org.BouncyCastle.Asn1.IsisMtt
+{
+	public abstract class IsisMttObjectIdentifiers
+	{
+		public static readonly DerObjectIdentifier IdIsisMtt = new DerObjectIdentifier("1.3.36.8");
+
+		public static readonly DerObjectIdentifier IdIsisMttCP = new DerObjectIdentifier(IdIsisMtt + ".1");
+
+		/**
+		 * The id-isismtt-cp-accredited OID indicates that the certificate is a
+		 * qualified certificate according to Directive 1999/93/EC of the European
+		 * Parliament and of the Council of 13 December 1999 on a Community
+		 * Framework for Electronic Signatures, which additionally conforms the
+		 * special requirements of the SigG and has been issued by an accredited CA.
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttCPAccredited = new DerObjectIdentifier(IdIsisMttCP + ".1");
+
+		public static readonly DerObjectIdentifier IdIsisMttAT = new DerObjectIdentifier(IdIsisMtt + ".3");
+
+		/**
+		 * Certificate extensionDate of certificate generation
+		 * 
+		 * <pre>
+		 *		DateOfCertGenSyntax ::= GeneralizedTime
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATDateOfCertGen = new DerObjectIdentifier(IdIsisMttAT + ".1");
+
+		/**
+		 * Attribute to indicate that the certificate holder may sign in the name of
+		 * a third person. May also be used as extension in a certificate.
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATProcuration = new DerObjectIdentifier(IdIsisMttAT + ".2");
+
+		/**
+		 * Attribute to indicate admissions to certain professions. May be used as
+		 * attribute in attribute certificate or as extension in a certificate
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATAdmission = new DerObjectIdentifier(IdIsisMttAT + ".3");
+
+		/**
+		 * Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST
+		 * be used in new certificates in place of the extension/attribute
+		 * MonetaryLimit since January 1, 2004. For the sake of backward
+		 * compatibility with certificates already in use, SigG conforming
+		 * components MUST support MonetaryLimit (as well as QcEuLimitValue).
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATMonetaryLimit = new DerObjectIdentifier(IdIsisMttAT + ".4");
+
+		/**
+		 * A declaration of majority. May be used as attribute in attribute
+		 * certificate or as extension in a certificate
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATDeclarationOfMajority = new DerObjectIdentifier(IdIsisMttAT + ".5");
+
+		/**
+		 * 
+		 * Serial number of the smart card containing the corresponding private key
+		 * 
+		 * <pre>
+		 *		ICCSNSyntax ::= OCTET STRING (SIZE(8..20))
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATIccsn = new DerObjectIdentifier(IdIsisMttAT + ".6");
+
+		/**
+		 * 
+		 * Reference for a file of a smartcard that stores the public key of this
+		 * certificate and that is used as �security anchor�.
+		 * 
+		 * <pre>
+		 *		PKReferenceSyntax ::= OCTET STRING (SIZE(20))
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATPKReference = new DerObjectIdentifier(IdIsisMttAT + ".7");
+
+		/**
+		 * Some other restriction regarding the usage of this certificate. May be
+		 * used as attribute in attribute certificate or as extension in a
+		 * certificate.
+		 * 
+		 * <pre>
+		 *		RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		 * </pre>
+		 * 
+		 * @see Org.BouncyCastle.Asn1.IsisMtt.X509.Restriction
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATRestriction = new DerObjectIdentifier(IdIsisMttAT + ".8");
+
+		/**
+		 * 
+		 * (Single)Request extension: Clients may include this extension in a
+		 * (single) Request to request the responder to send the certificate in the
+		 * response message along with the status information. Besides the LDAP
+		 * service, this extension provides another mechanism for the distribution
+		 * of certificates, which MAY optionally be provided by certificate
+		 * repositories.
+		 * 
+		 * <pre>
+		 *		RetrieveIfAllowed ::= BOOLEAN
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATRetrieveIfAllowed = new DerObjectIdentifier(IdIsisMttAT + ".9");
+
+		/**
+		 * SingleOCSPResponse extension: The certificate requested by the client by
+		 * inserting the RetrieveIfAllowed extension in the request, will be
+		 * returned in this extension.
+		 * 
+		 * @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.RequestedCertificate
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATRequestedCertificate = new DerObjectIdentifier(IdIsisMttAT + ".10");
+
+		/**
+		 * Base ObjectIdentifier for naming authorities
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATNamingAuthorities = new DerObjectIdentifier(IdIsisMttAT + ".11");
+
+		/**
+		 * SingleOCSPResponse extension: Date, when certificate has been published
+		 * in the directory and status information has become available. Currently,
+		 * accrediting authorities enforce that SigG-conforming OCSP servers include
+		 * this extension in the responses.
+		 * 
+		 * <pre>
+		 *		CertInDirSince ::= GeneralizedTime
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATCertInDirSince = new DerObjectIdentifier(IdIsisMttAT + ".12");
+
+		/**
+		 * Hash of a certificate in OCSP.
+		 *
+		 * @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.CertHash
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATCertHash = new DerObjectIdentifier(IdIsisMttAT + ".13");
+
+		/**
+		 * <pre>
+		 *		NameAtBirth ::= DirectoryString(SIZE(1..64)
+		 * </pre>
+		 * 
+		 * Used in
+		 * {@link Org.BouncyCastle.Asn1.X509.SubjectDirectoryAttributes SubjectDirectoryAttributes}
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATNameAtBirth = new DerObjectIdentifier(IdIsisMttAT + ".14");
+
+		/**
+		 * Some other information of non-restrictive nature regarding the usage of
+		 * this certificate. May be used as attribute in atribute certificate or as
+		 * extension in a certificate.
+		 * 
+		 * <pre>
+		 *               AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+		 * </pre>
+		 * 
+		 * @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdditionalInformationSyntax
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATAdditionalInformation = new DerObjectIdentifier(IdIsisMttAT + ".15");
+
+		/**
+		 * Indicates that an attribute certificate exists, which limits the
+		 * usability of this public key certificate. Whenever verifying a signature
+		 * with the help of this certificate, the content of the corresponding
+		 * attribute certificate should be concerned. This extension MUST be
+		 * included in a PKC, if a corresponding attribute certificate (having the
+		 * PKC as base certificate) contains some attribute that restricts the
+		 * usability of the PKC too. Attribute certificates with restricting content
+		 * MUST always be included in the signed document.
+		 * 
+		 * <pre>
+		 *		LiabilityLimitationFlagSyntax ::= BOOLEAN
+		 * </pre>
+		 */
+		public static readonly DerObjectIdentifier IdIsisMttATLiabilityLimitationFlag = new DerObjectIdentifier("0.2.262.1.10.12.0");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/ocsp/CertHash.cs b/bc-sharp-crypto/src/asn1/isismtt/ocsp/CertHash.cs
new file mode 100644
index 0000000..5773e1c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/ocsp/CertHash.cs
@@ -0,0 +1,122 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.Ocsp
+{
+	/**
+	* ISIS-MTT PROFILE: The responder may include this extension in a response to
+	* send the hash of the requested certificate to the responder. This hash is
+	* cryptographically bound to the certificate and serves as evidence that the
+	* certificate is known to the responder (i.e. it has been issued and is present
+	* in the directory). Hence, this extension is a means to provide a positive
+	* statement of availability as described in T8.[8]. As explained in T13.[1],
+	* clients may rely on this information to be able to validate signatures after
+	* the expiry of the corresponding certificate. Hence, clients MUST support this
+	* extension. If a positive statement of availability is to be delivered, this
+	* extension syntax and OID MUST be used.
+	* <p/>
+	* <p/>
+	* <pre>
+	*     CertHash ::= SEQUENCE {
+	*       hashAlgorithm AlgorithmIdentifier,
+	*       certificateHash OCTET STRING
+	*     }
+	* </pre>
+	*/
+	public class CertHash
+		: Asn1Encodable
+	{
+		private readonly AlgorithmIdentifier	hashAlgorithm;
+		private readonly byte[]					certificateHash;
+
+		public static CertHash GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CertHash)
+			{
+				return (CertHash) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new CertHash((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type CertHash:
+		* <p/>
+		* <pre>
+		*     CertHash ::= SEQUENCE {
+		*       hashAlgorithm AlgorithmIdentifier,
+		*       certificateHash OCTET STRING
+		*     }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private CertHash(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+			this.certificateHash = DerOctetString.GetInstance(seq[1]).GetOctets();
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param hashAlgorithm   The hash algorithm identifier.
+		* @param certificateHash The hash of the whole DER encoding of the certificate.
+		*/
+		public CertHash(
+			AlgorithmIdentifier	hashAlgorithm,
+			byte[]				certificateHash)
+		{
+			if (hashAlgorithm == null)
+				throw new ArgumentNullException("hashAlgorithm");
+			if (certificateHash == null)
+				throw new ArgumentNullException("certificateHash");
+
+			this.hashAlgorithm = hashAlgorithm;
+			this.certificateHash = (byte[]) certificateHash.Clone();
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public byte[] CertificateHash
+		{
+			get { return (byte[]) certificateHash.Clone(); }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*     CertHash ::= SEQUENCE {
+		*       hashAlgorithm AlgorithmIdentifier,
+		*       certificateHash OCTET STRING
+		*     }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(hashAlgorithm, new DerOctetString(certificateHash));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs b/bc-sharp-crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs
new file mode 100644
index 0000000..413b3bd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs
@@ -0,0 +1,188 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.Ocsp
+{
+	/**
+	* ISIS-MTT-Optional: The certificate requested by the client by inserting the
+	* RetrieveIfAllowed extension in the request, will be returned in this
+	* extension.
+	* <p/>
+	* ISIS-MTT-SigG: The signature act allows publishing certificates only then,
+	* when the certificate owner gives his isExplicit permission. Accordingly, there
+	* may be �nondownloadable� certificates, about which the responder must provide
+	* status information, but MUST NOT include them in the response. Clients may
+	* get therefore the following three kind of answers on a single request
+	* including the RetrieveIfAllowed extension:
+	* <ul>
+	* <li> a) the responder supports the extension and is allowed to publish the
+	* certificate: RequestedCertificate returned including the requested
+	* certificate</li>
+	* <li>b) the responder supports the extension but is NOT allowed to publish
+	* the certificate: RequestedCertificate returned including an empty OCTET
+	* STRING</li>
+	* <li>c) the responder does not support the extension: RequestedCertificate is
+	* not included in the response</li>
+	* </ul>
+	* Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If
+	* any of the OCTET STRING options is used, it MUST contain the DER encoding of
+	* the requested certificate.
+	* <p/>
+	* <pre>
+	*            RequestedCertificate ::= CHOICE {
+	*              Certificate Certificate,
+	*              publicKeyCertificate [0] EXPLICIT OCTET STRING,
+	*              attributeCertificate [1] EXPLICIT OCTET STRING
+	*            }
+	* </pre>
+	*/
+	public class RequestedCertificate
+		: Asn1Encodable, IAsn1Choice
+	{
+		public enum Choice
+		{
+			Certificate = -1,
+			PublicKeyCertificate = 0,
+			AttributeCertificate = 1
+		}
+
+		private readonly X509CertificateStructure	cert;
+		private readonly byte[]						publicKeyCert;
+		private readonly byte[]						attributeCert;
+
+		public static RequestedCertificate GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is RequestedCertificate)
+			{
+				return (RequestedCertificate) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new RequestedCertificate(X509CertificateStructure.GetInstance(obj));
+			}
+
+			if (obj is Asn1TaggedObject)
+			{
+				return new RequestedCertificate((Asn1TaggedObject) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static RequestedCertificate GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			if (!isExplicit)
+				throw new ArgumentException("choice item must be explicitly tagged");
+
+			return GetInstance(obj.GetObject());
+		}
+
+		private RequestedCertificate(
+			Asn1TaggedObject tagged)
+		{
+			switch ((Choice) tagged.TagNo)
+			{
+				case Choice.AttributeCertificate:
+					this.attributeCert = Asn1OctetString.GetInstance(tagged, true).GetOctets();
+					break;
+				case Choice.PublicKeyCertificate:
+					this.publicKeyCert = Asn1OctetString.GetInstance(tagged, true).GetOctets();
+					break;
+				default:
+					throw new ArgumentException("unknown tag number: " + tagged.TagNo);
+			}
+		}
+
+		/**
+		* Constructor from a given details.
+		* <p/>
+		* Only one parameter can be given. All other must be <code>null</code>.
+		*
+		* @param certificate Given as Certificate
+		*/
+		public RequestedCertificate(
+			X509CertificateStructure certificate)
+		{
+			this.cert = certificate;
+		}
+
+		public RequestedCertificate(
+			Choice	type,
+			byte[]	certificateOctets)
+			: this(new DerTaggedObject((int) type, new DerOctetString(certificateOctets)))
+		{
+		}
+
+		public Choice Type
+		{
+			get
+			{
+				if (cert != null)
+					return Choice.Certificate;
+
+				if (publicKeyCert != null)
+					return Choice.PublicKeyCertificate;
+
+				return Choice.AttributeCertificate;
+			}
+		}
+
+		public byte[] GetCertificateBytes()
+		{
+			if (cert != null)
+			{
+				try
+				{
+					return cert.GetEncoded();
+				}
+				catch (IOException e)
+				{
+					throw new InvalidOperationException("can't decode certificate: " + e);
+				}
+			}
+
+			if (publicKeyCert != null)
+				return publicKeyCert;
+
+			return attributeCert;
+		}
+    
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*            RequestedCertificate ::= CHOICE {
+		*              Certificate Certificate,
+		*              publicKeyCertificate [0] EXPLICIT OCTET STRING,
+		*              attributeCertificate [1] EXPLICIT OCTET STRING
+		*            }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			if (publicKeyCert != null)
+			{
+				return new DerTaggedObject(0, new DerOctetString(publicKeyCert));
+			}
+
+			if (attributeCert != null)
+			{
+				return new DerTaggedObject(1, new DerOctetString(attributeCert));
+			}
+
+			return cert.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs
new file mode 100644
index 0000000..53a8e98
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs
@@ -0,0 +1,71 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Some other information of non-restrictive nature regarding the usage of this
+	* certificate.
+	* 
+	* <pre>
+	*    AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+	* </pre>
+	*/
+	public class AdditionalInformationSyntax
+		: Asn1Encodable
+	{
+		private readonly DirectoryString information;
+
+		public static AdditionalInformationSyntax GetInstance(
+			object obj)
+		{
+			if (obj is AdditionalInformationSyntax)
+				return (AdditionalInformationSyntax) obj;
+
+			if (obj is IAsn1String)
+				return new AdditionalInformationSyntax(DirectoryString.GetInstance(obj));
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private AdditionalInformationSyntax(
+			DirectoryString information)
+		{
+			this.information = information;
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param information The describtion of the information.
+		*/
+		public AdditionalInformationSyntax(
+			string information)
+		{
+			this.information = new DirectoryString(information);
+		}
+
+		public virtual DirectoryString Information
+		{
+			get { return information; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*   AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			return information.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs
new file mode 100644
index 0000000..4b6264a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs
@@ -0,0 +1,278 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+    /**
+    * Attribute to indicate admissions to certain professions.
+    * <p/>
+    * <pre>
+    *     AdmissionSyntax ::= SEQUENCE
+    *     {
+    *       admissionAuthority GeneralName OPTIONAL,
+    *       contentsOfAdmissions SEQUENCE OF Admissions
+    *     }
+    * <p/>
+    *     Admissions ::= SEQUENCE
+    *     {
+    *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+    *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+    *       professionInfos SEQUENCE OF ProfessionInfo
+    *     }
+    * <p/>
+    *     NamingAuthority ::= SEQUENCE
+    *     {
+    *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+    *       namingAuthorityUrl IA5String OPTIONAL,
+    *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+    *     }
+    * <p/>
+    *     ProfessionInfo ::= SEQUENCE
+    *     {
+    *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+    *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+    *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+    *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+    *       addProfessionInfo OCTET STRING OPTIONAL
+    *     }
+    * </pre>
+    * <p/>
+    * <p/>
+    * ISIS-MTT PROFILE: The relatively complex structure of AdmissionSyntax
+    * supports the following concepts and requirements:
+    * <ul>
+    * <li> External institutions (e.g. professional associations, chambers, unions,
+    * administrative bodies, companies, etc.), which are responsible for granting
+    * and verifying professional admissions, are indicated by means of the data
+    * field admissionAuthority. An admission authority is indicated by a
+    * GeneralName object. Here an X.501 directory name (distinguished name) can be
+    * indicated in the field directoryName, a URL address can be indicated in the
+    * field uniformResourceIdentifier, and an object identifier can be indicated in
+    * the field registeredId.</li>
+    * <li> The names of authorities which are responsible for the administration of
+    * title registers are indicated in the data field namingAuthority. The name of
+    * the authority can be identified by an object identifier in the field
+    * namingAuthorityId, by means of a text string in the field
+    * namingAuthorityText, by means of a URL address in the field
+    * namingAuthorityUrl, or by a combination of them. For example, the text string
+    * can contain the name of the authority, the country and the name of the title
+    * register. The URL-option refers to a web page which contains lists with
+    * officially registered professions (text and possibly OID) as well as
+    * further information on these professions. Object identifiers for the
+    * component namingAuthorityId are grouped under the OID-branch
+    * id-isis-at-namingAuthorities and must be applied for.</li>
+    * <li>See http://www.teletrust.de/anwend.asp?Id=30200&amp;Sprache=E_&amp;HomePG=0
+    * for an application form and http://www.teletrust.de/links.asp?id=30220,11
+    * for an overview of registered naming authorities.</li>
+    * <li> By means of the data type ProfessionInfo certain professions,
+    * specializations, disciplines, fields of activity, etc. are identified. A
+    * profession is represented by one or more text strings, resp. profession OIDs
+    * in the fields professionItems and professionOIDs and by a registration number
+    * in the field registrationNumber. An indication in text form must always be
+    * present, whereas the other indications are optional. The component
+    * addProfessionInfo may contain additional applicationspecific information in
+    * DER-encoded form.</li>
+    * </ul>
+    * <p/>
+    * By means of different namingAuthority-OIDs or profession OIDs hierarchies of
+    * professions, specializations, disciplines, fields of activity, etc. can be
+    * expressed. The issuing admission authority should always be indicated (field
+    * admissionAuthority), whenever a registration number is presented. Still,
+    * information on admissions can be given without indicating an admission or a
+    * naming authority by the exclusive use of the component professionItems. In
+    * this case the certification authority is responsible for the verification of
+    * the admission information.
+    * <p/>
+    * <p/>
+    * <p/>
+    * This attribute is single-valued. Still, several admissions can be captured in
+    * the sequence structure of the component contentsOfAdmissions of
+    * AdmissionSyntax or in the component professionInfos of Admissions. The
+    * component admissionAuthority of AdmissionSyntax serves as default value for
+    * the component admissionAuthority of Admissions. Within the latter component
+    * the default value can be overwritten, in case that another authority is
+    * responsible. The component namingAuthority of Admissions serves as a default
+    * value for the component namingAuthority of ProfessionInfo. Within the latter
+    * component the default value can be overwritten, in case that another naming
+    * authority needs to be recorded.
+    * <p/>
+    * The length of the string objects is limited to 128 characters. It is
+    * recommended to indicate a namingAuthorityURL in all issued attribute
+    * certificates. If a namingAuthorityURL is indicated, the field professionItems
+    * of ProfessionInfo should contain only registered titles. If the field
+    * professionOIDs exists, it has to contain the OIDs of the professions listed
+    * in professionItems in the same order. In general, the field professionInfos
+    * should contain only one entry, unless the admissions that are to be listed
+    * are logically connected (e.g. they have been issued under the same admission
+    * number).
+    *
+    * @see Org.BouncyCastle.Asn1.IsisMtt.X509.Admissions
+    * @see Org.BouncyCastle.Asn1.IsisMtt.X509.ProfessionInfo
+    * @see Org.BouncyCastle.Asn1.IsisMtt.X509.NamingAuthority
+    */
+    public class AdmissionSyntax
+        : Asn1Encodable
+    {
+        private readonly GeneralName admissionAuthority;
+        private readonly Asn1Sequence contentsOfAdmissions;
+
+        public static AdmissionSyntax GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is AdmissionSyntax)
+            {
+                return (AdmissionSyntax)obj;
+            }
+
+            if (obj is Asn1Sequence)
+            {
+                return new AdmissionSyntax((Asn1Sequence)obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        /**
+        * Constructor from Asn1Sequence.
+        * <p/>
+        * The sequence is of type ProcurationSyntax:
+        * <p/>
+        * <pre>
+        *     AdmissionSyntax ::= SEQUENCE
+        *     {
+        *       admissionAuthority GeneralName OPTIONAL,
+        *       contentsOfAdmissions SEQUENCE OF Admissions
+        *     }
+        * <p/>
+        *     Admissions ::= SEQUENCE
+        *     {
+        *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+        *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+        *       professionInfos SEQUENCE OF ProfessionInfo
+        *     }
+        * <p/>
+        *     NamingAuthority ::= SEQUENCE
+        *     {
+        *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+        *       namingAuthorityUrl IA5String OPTIONAL,
+        *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+        *     }
+        * <p/>
+        *     ProfessionInfo ::= SEQUENCE
+        *     {
+        *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+        *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+        *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+        *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+        *       addProfessionInfo OCTET STRING OPTIONAL
+        *     }
+        * </pre>
+        *
+        * @param seq The ASN.1 sequence.
+        */
+        private AdmissionSyntax(
+            Asn1Sequence seq)
+        {
+            switch (seq.Count)
+            {
+                case 1:
+                    this.contentsOfAdmissions = DerSequence.GetInstance(seq[0]);
+                    break;
+                case 2:
+                    admissionAuthority = GeneralName.GetInstance(seq[0]);
+                    contentsOfAdmissions = DerSequence.GetInstance(seq[1]);
+                    break;
+                default:
+                    throw new ArgumentException("Bad sequence size: " + seq.Count);
+            }
+        }
+
+        /**
+        * Constructor from given details.
+        *
+        * @param admissionAuthority   The admission authority.
+        * @param contentsOfAdmissions The admissions.
+        */
+        public AdmissionSyntax(
+            GeneralName admissionAuthority,
+            Asn1Sequence contentsOfAdmissions)
+        {
+            this.admissionAuthority = admissionAuthority;
+            this.contentsOfAdmissions = contentsOfAdmissions;
+        }
+
+        /**
+        * Produce an object suitable for an Asn1OutputStream.
+        * <p/>
+        * Returns:
+        * <p/>
+        * <pre>
+        *     AdmissionSyntax ::= SEQUENCE
+        *     {
+        *       admissionAuthority GeneralName OPTIONAL,
+        *       contentsOfAdmissions SEQUENCE OF Admissions
+        *     }
+        * <p/>
+        *     Admissions ::= SEQUENCE
+        *     {
+        *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+        *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+        *       professionInfos SEQUENCE OF ProfessionInfo
+        *     }
+        * <p/>
+        *     NamingAuthority ::= SEQUENCE
+        *     {
+        *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+        *       namingAuthorityUrl IA5String OPTIONAL,
+        *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+        *     }
+        * <p/>
+        *     ProfessionInfo ::= SEQUENCE
+        *     {
+        *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+        *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+        *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+        *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+        *       addProfessionInfo OCTET STRING OPTIONAL
+        *     }
+        * </pre>
+        *
+        * @return an Asn1Object
+        */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector vec = new Asn1EncodableVector();
+            if (admissionAuthority != null)
+            {
+                vec.Add(admissionAuthority);
+            }
+            vec.Add(contentsOfAdmissions);
+            return new DerSequence(vec);
+        }
+
+        /**
+        * @return Returns the admissionAuthority if present, null otherwise.
+        */
+        public virtual GeneralName AdmissionAuthority
+        {
+            get { return admissionAuthority; }
+        }
+
+        /**
+        * @return Returns the contentsOfAdmissions.
+        */
+        public virtual Admissions[] GetContentsOfAdmissions()
+        {
+            Admissions[] result = new Admissions[contentsOfAdmissions.Count];
+
+            for (int i = 0; i < contentsOfAdmissions.Count; ++i)
+            {
+                result[i] = Admissions.GetInstance(contentsOfAdmissions[i]);
+            }
+
+            return result;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/Admissions.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/Admissions.cs
new file mode 100644
index 0000000..e914db0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/Admissions.cs
@@ -0,0 +1,187 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* An Admissions structure.
+	* <p/>
+	* <pre>
+	*            Admissions ::= SEQUENCE
+	*            {
+	*              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+	*              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+	*              professionInfos SEQUENCE OF ProfessionInfo
+	*            }
+	* <p/>
+	* </pre>
+	*
+	* @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax
+	* @see Org.BouncyCastle.Asn1.IsisMtt.X509.ProfessionInfo
+	* @see Org.BouncyCastle.Asn1.IsisMtt.X509.NamingAuthority
+	*/
+	public class Admissions
+		: Asn1Encodable
+	{
+		private readonly GeneralName		admissionAuthority;
+		private readonly NamingAuthority	namingAuthority;
+		private readonly Asn1Sequence		professionInfos;
+
+		public static Admissions GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is Admissions)
+			{
+				return (Admissions) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new Admissions((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type ProcurationSyntax:
+		* <p/>
+		* <pre>
+		*            Admissions ::= SEQUENCE
+		*            {
+		*              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+		*              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+		*              professionInfos SEQUENCE OF ProfessionInfo
+		*            }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private Admissions(
+			Asn1Sequence seq)
+		{
+			if (seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+			Asn1Encodable o = (Asn1Encodable) e.Current;
+			if (o is Asn1TaggedObject)
+			{
+				switch (((Asn1TaggedObject)o).TagNo)
+				{
+					case 0:
+						admissionAuthority = GeneralName.GetInstance((Asn1TaggedObject)o, true);
+						break;
+					case 1:
+						namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true);
+						break;
+					default:
+						throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo);
+				}
+				e.MoveNext();
+				o = (Asn1Encodable) e.Current;
+			}
+			if (o is Asn1TaggedObject)
+			{
+				switch (((Asn1TaggedObject)o).TagNo)
+				{
+					case 1:
+						namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true);
+						break;
+					default:
+						throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo);
+				}
+				e.MoveNext();
+				o = (Asn1Encodable) e.Current;
+			}
+			professionInfos = Asn1Sequence.GetInstance(o);
+			if (e.MoveNext())
+			{
+                throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(e.Current));
+			}
+		}
+
+		/**
+		* Constructor from a given details.
+		* <p/>
+		* Parameter <code>professionInfos</code> is mandatory.
+		*
+		* @param admissionAuthority The admission authority.
+		* @param namingAuthority    The naming authority.
+		* @param professionInfos    The profession infos.
+		*/
+		public Admissions(
+			GeneralName			admissionAuthority,
+			NamingAuthority		namingAuthority,
+			ProfessionInfo[]	professionInfos)
+		{
+			this.admissionAuthority = admissionAuthority;
+			this.namingAuthority = namingAuthority;
+			this.professionInfos = new DerSequence(professionInfos);
+		}
+
+		public virtual GeneralName AdmissionAuthority
+		{
+			get { return admissionAuthority; }
+		}
+
+		public virtual NamingAuthority NamingAuthority
+		{
+			get { return namingAuthority; }
+		}
+
+		public ProfessionInfo[] GetProfessionInfos()
+		{
+			ProfessionInfo[] infos = new ProfessionInfo[professionInfos.Count];
+			int count = 0;
+			foreach (Asn1Encodable ae in professionInfos)
+			{
+				infos[count++] = ProfessionInfo.GetInstance(ae);
+			}
+			return infos;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*       Admissions ::= SEQUENCE
+		*       {
+		*         admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+		*         namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+		*         professionInfos SEQUENCE OF ProfessionInfo
+		*       }
+		* <p/>
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+
+			if (admissionAuthority != null)
+			{
+				vec.Add(new DerTaggedObject(true, 0, admissionAuthority));
+			}
+
+			if (namingAuthority != null)
+			{
+				vec.Add(new DerTaggedObject(true, 1, namingAuthority));
+			}
+
+			vec.Add(professionInfos);
+
+			return new DerSequence(vec);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs
new file mode 100644
index 0000000..c4ebb2b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs
@@ -0,0 +1,172 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* A declaration of majority.
+	* <p/>
+	* <pre>
+	*           DeclarationOfMajoritySyntax ::= CHOICE
+	*           {
+	*             notYoungerThan [0] IMPLICIT INTEGER,
+	*             fullAgeAtCountry [1] IMPLICIT SEQUENCE
+	*             {
+	*               fullAge BOOLEAN DEFAULT TRUE,
+	*               country PrintableString (SIZE(2))
+	*             }
+	*             dateOfBirth [2] IMPLICIT GeneralizedTime
+	*           }
+	* </pre>
+	* <p/>
+	* fullAgeAtCountry indicates the majority of the owner with respect to the laws
+	* of a specific country.
+	*/
+	public class DeclarationOfMajority
+		: Asn1Encodable, IAsn1Choice
+	{
+		public enum Choice
+		{
+			NotYoungerThan = 0,
+			FullAgeAtCountry = 1,
+			DateOfBirth = 2
+		};
+
+		private readonly Asn1TaggedObject declaration;
+
+		public DeclarationOfMajority(
+			int notYoungerThan)
+		{
+			declaration = new DerTaggedObject(false, 0, new DerInteger(notYoungerThan));
+		}
+
+		public DeclarationOfMajority(
+			bool	fullAge,
+			string	country)
+		{
+			if (country.Length > 2)
+				throw new ArgumentException("country can only be 2 characters");
+
+			DerPrintableString countryString = new DerPrintableString(country, true);
+
+			DerSequence seq;
+			if (fullAge)
+			{
+				seq = new DerSequence(countryString);
+			}
+			else
+			{
+				seq = new DerSequence(DerBoolean.False, countryString);
+			}
+
+			this.declaration = new DerTaggedObject(false, 1, seq);
+		}
+
+		public DeclarationOfMajority(
+			DerGeneralizedTime dateOfBirth)
+		{
+			this.declaration = new DerTaggedObject(false, 2, dateOfBirth);
+		}
+
+		public static DeclarationOfMajority GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is DeclarationOfMajority)
+			{
+				return (DeclarationOfMajority) obj;
+			}
+
+			if (obj is Asn1TaggedObject)
+			{
+				return new DeclarationOfMajority((Asn1TaggedObject) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private DeclarationOfMajority(
+			Asn1TaggedObject o)
+		{
+			if (o.TagNo > 2)
+				throw new ArgumentException("Bad tag number: " + o.TagNo);
+
+			this.declaration = o;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*           DeclarationOfMajoritySyntax ::= CHOICE
+		*           {
+		*             notYoungerThan [0] IMPLICIT INTEGER,
+		*             fullAgeAtCountry [1] IMPLICIT SEQUENCE
+		*             {
+		*               fullAge BOOLEAN DEFAULT TRUE,
+		*               country PrintableString (SIZE(2))
+		*             }
+		*             dateOfBirth [2] IMPLICIT GeneralizedTime
+		*           }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			return declaration;
+		}
+
+		public Choice Type
+		{
+			get { return (Choice) declaration.TagNo; }
+		}
+
+		/**
+		* @return notYoungerThan if that's what we are, -1 otherwise
+		*/
+		public virtual int NotYoungerThan
+		{
+			get
+			{
+				switch ((Choice) declaration.TagNo)
+				{
+					case Choice.NotYoungerThan:
+						return DerInteger.GetInstance(declaration, false).Value.IntValue;
+					default:
+						return -1;
+				}
+			}
+		}
+
+		public virtual Asn1Sequence FullAgeAtCountry
+		{
+			get
+			{
+				switch ((Choice) declaration.TagNo)
+				{
+					case Choice.FullAgeAtCountry:
+						return Asn1Sequence.GetInstance(declaration, false);
+					default:
+						return null;
+				}
+			}
+		}
+
+		public virtual DerGeneralizedTime DateOfBirth
+		{
+			get
+			{
+				switch ((Choice) declaration.TagNo)
+				{
+					case Choice.DateOfBirth:
+						return DerGeneralizedTime.GetInstance(declaration, false);
+					default:
+						return null;
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/MonetaryLimit.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/MonetaryLimit.cs
new file mode 100644
index 0000000..b792fff
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/MonetaryLimit.cs
@@ -0,0 +1,122 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST be
+	* used in new certificates in place of the extension/attribute MonetaryLimit
+	* since January 1, 2004. For the sake of backward compatibility with
+	* certificates already in use, components SHOULD support MonetaryLimit (as well
+	* as QcEuLimitValue).
+	* <p/>
+	* Indicates a monetary limit within which the certificate holder is authorized
+	* to act. (This value DOES NOT express a limit on the liability of the
+	* certification authority).
+	* <p/>
+	* <pre>
+	*    MonetaryLimitSyntax ::= SEQUENCE
+	*    {
+	*      currency PrintableString (SIZE(3)),
+	*      amount INTEGER,
+	*      exponent INTEGER
+	*    }
+	* </pre>
+	* <p/>
+	* currency must be the ISO code.
+	* <p/>
+	* value = amount�10*exponent
+	*/
+	public class MonetaryLimit
+		: Asn1Encodable
+	{
+		private readonly DerPrintableString	currency;
+		private readonly DerInteger			amount;
+		private readonly DerInteger			exponent;
+
+		public static MonetaryLimit GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is MonetaryLimit)
+			{
+				return (MonetaryLimit) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new MonetaryLimit(Asn1Sequence.GetInstance(obj));
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private MonetaryLimit(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			currency = DerPrintableString.GetInstance(seq[0]);
+			amount = DerInteger.GetInstance(seq[1]);
+			exponent = DerInteger.GetInstance(seq[2]);
+		}
+
+		/**
+		* Constructor from a given details.
+		* <p/>
+		* <p/>
+		* value = amount�10^exponent
+		*
+		* @param currency The currency. Must be the ISO code.
+		* @param amount   The amount
+		* @param exponent The exponent
+		*/
+		public MonetaryLimit(
+			string	currency,
+			int		amount,
+			int		exponent)
+		{
+			this.currency = new DerPrintableString(currency, true);
+			this.amount = new DerInteger(amount);
+			this.exponent = new DerInteger(exponent);
+		}
+
+		public virtual string Currency
+		{
+			get { return currency.GetString(); }
+		}
+
+		public virtual BigInteger Amount
+		{
+			get { return amount.Value; }
+		}
+
+		public virtual BigInteger Exponent
+		{
+			get { return exponent.Value; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*    MonetaryLimitSyntax ::= SEQUENCE
+		*    {
+		*      currency PrintableString (SIZE(3)),
+		*      amount INTEGER,
+		*      exponent INTEGER
+		*    }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(currency, amount, exponent);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/NamingAuthority.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/NamingAuthority.cs
new file mode 100644
index 0000000..35539f4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/NamingAuthority.cs
@@ -0,0 +1,215 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Names of authorities which are responsible for the administration of title
+	* registers.
+	* 
+	* <pre>
+	*             NamingAuthority ::= SEQUENCE 
+	*             {
+	*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+	*               namingAuthorityUrl IA5String OPTIONAL,
+	*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+	*             }
+	* </pre>
+	* @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax
+	* 
+	*/
+	public class NamingAuthority
+		: Asn1Encodable
+	{
+		/**
+		* Profession OIDs should always be defined under the OID branch of the
+		* responsible naming authority. At the time of this writing, the work group
+		* �Recht, Wirtschaft, Steuern� (�Law, Economy, Taxes�) is registered as the
+		* first naming authority under the OID id-isismtt-at-namingAuthorities.
+		*/
+		public static readonly DerObjectIdentifier IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern
+			= new DerObjectIdentifier(IsisMttObjectIdentifiers.IdIsisMttATNamingAuthorities + ".1");
+
+		private readonly DerObjectIdentifier	namingAuthorityID;
+		private readonly string					namingAuthorityUrl;
+		private readonly DirectoryString		namingAuthorityText;
+
+		public static NamingAuthority GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is NamingAuthority)
+			{
+				return (NamingAuthority) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new NamingAuthority((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static NamingAuthority GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* <p/>
+		* <pre>
+		*             NamingAuthority ::= SEQUENCE
+		*             {
+		*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+		*               namingAuthorityUrl IA5String OPTIONAL,
+		*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+		*             }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private NamingAuthority(
+			Asn1Sequence seq)
+		{
+			if (seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			IEnumerator e = seq.GetEnumerator();
+
+			if (e.MoveNext())
+			{
+				Asn1Encodable o = (Asn1Encodable) e.Current;
+				if (o is DerObjectIdentifier)
+				{
+					namingAuthorityID = (DerObjectIdentifier) o;
+				}
+				else if (o is DerIA5String)
+				{
+					namingAuthorityUrl = DerIA5String.GetInstance(o).GetString();
+				}
+				else if (o is IAsn1String)
+				{
+					namingAuthorityText = DirectoryString.GetInstance(o);
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+
+			if (e.MoveNext())
+			{
+				Asn1Encodable o = (Asn1Encodable) e.Current;
+				if (o is DerIA5String)
+				{
+					namingAuthorityUrl = DerIA5String.GetInstance(o).GetString();
+				}
+				else if (o is IAsn1String)
+				{
+					namingAuthorityText = DirectoryString.GetInstance(o);
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+
+			if (e.MoveNext())
+			{
+				Asn1Encodable o = (Asn1Encodable) e.Current;
+				if (o is IAsn1String)
+				{
+					namingAuthorityText = DirectoryString.GetInstance(o);
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+		}
+
+		/**
+		* @return Returns the namingAuthorityID.
+		*/
+		public virtual DerObjectIdentifier NamingAuthorityID
+		{
+			get { return namingAuthorityID; }
+		}
+
+		/**
+		* @return Returns the namingAuthorityText.
+		*/
+		public virtual DirectoryString NamingAuthorityText
+		{
+			get { return namingAuthorityText; }
+		}
+
+		/**
+		* @return Returns the namingAuthorityUrl.
+		*/
+		public virtual string NamingAuthorityUrl
+		{
+			get { return namingAuthorityUrl; }
+		}
+
+		/**
+		* Constructor from given details.
+		* <p/>
+		* All parameters can be combined.
+		*
+		* @param namingAuthorityID   ObjectIdentifier for naming authority.
+		* @param namingAuthorityUrl  URL for naming authority.
+		* @param namingAuthorityText Textual representation of naming authority.
+		*/
+		public NamingAuthority(
+			DerObjectIdentifier	namingAuthorityID,
+			string				namingAuthorityUrl,
+			DirectoryString		namingAuthorityText)
+		{
+			this.namingAuthorityID = namingAuthorityID;
+			this.namingAuthorityUrl = namingAuthorityUrl;
+			this.namingAuthorityText = namingAuthorityText;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*             NamingAuthority ::= SEQUENCE
+		*             {
+		*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+		*               namingAuthorityUrl IA5String OPTIONAL,
+		*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+		*             }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+			if (namingAuthorityID != null)
+			{
+				vec.Add(namingAuthorityID);
+			}
+			if (namingAuthorityUrl != null)
+			{
+				vec.Add(new DerIA5String(namingAuthorityUrl, true));
+			}
+			if (namingAuthorityText != null)
+			{
+				vec.Add(namingAuthorityText);
+			}
+			return new DerSequence(vec);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs
new file mode 100644
index 0000000..f423646
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs
@@ -0,0 +1,233 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Attribute to indicate that the certificate holder may sign in the name of a
+	* third person.
+	* <p>
+	* ISIS-MTT PROFILE: The corresponding ProcurationSyntax contains either the
+	* name of the person who is represented (subcomponent thirdPerson) or a
+	* reference to his/her base certificate (in the component signingFor,
+	* subcomponent certRef), furthermore the optional components country and
+	* typeSubstitution to indicate the country whose laws apply, and respectively
+	* the type of procuration (e.g. manager, procuration, custody).
+	* </p>
+	* <p>
+	* ISIS-MTT PROFILE: The GeneralName MUST be of type directoryName and MAY only
+	* contain: - RFC3039 attributes, except pseudonym (countryName, commonName,
+	* surname, givenName, serialNumber, organizationName, organizationalUnitName,
+	* stateOrProvincename, localityName, postalAddress) and - SubjectDirectoryName
+	* attributes (title, dateOfBirth, placeOfBirth, gender, countryOfCitizenship,
+	* countryOfResidence and NameAtBirth).
+	* </p>
+	* <pre>
+	*               ProcurationSyntax ::= SEQUENCE {
+	*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+	*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+	*                 signingFor [3] EXPLICIT SigningFor 
+	*               }
+	*               
+	*               SigningFor ::= CHOICE 
+	*               { 
+	*                 thirdPerson GeneralName,
+	*                 certRef IssuerSerial 
+	*               }
+	* </pre>
+	* 
+	*/
+	public class ProcurationSyntax
+		: Asn1Encodable
+	{
+		private readonly string				country;
+		private readonly DirectoryString	typeOfSubstitution;
+		private readonly GeneralName		thirdPerson;
+		private readonly IssuerSerial		certRef;
+
+		public static ProcurationSyntax GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is ProcurationSyntax)
+			{
+				return (ProcurationSyntax) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new ProcurationSyntax((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type ProcurationSyntax:
+		* <p/>
+		* <pre>
+		*               ProcurationSyntax ::= SEQUENCE {
+		*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+		*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+		*                 signingFor [3] EXPLICIT SigningFor
+		*               }
+		* <p/>
+		*               SigningFor ::= CHOICE
+		*               {
+		*                 thirdPerson GeneralName,
+		*                 certRef IssuerSerial
+		*               }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private ProcurationSyntax(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			IEnumerator e = seq.GetEnumerator();
+
+			while (e.MoveNext())
+			{
+				Asn1TaggedObject o = Asn1TaggedObject.GetInstance(e.Current);
+				switch (o.TagNo)
+				{
+					case 1:
+						country = DerPrintableString.GetInstance(o, true).GetString();
+						break;
+					case 2:
+						typeOfSubstitution = DirectoryString.GetInstance(o, true);
+						break;
+					case 3:
+						Asn1Object signingFor = o.GetObject();
+						if (signingFor is Asn1TaggedObject)
+						{
+							thirdPerson = GeneralName.GetInstance(signingFor);
+						}
+						else
+						{
+							certRef = IssuerSerial.GetInstance(signingFor);
+						}
+						break;
+					default:
+						throw new ArgumentException("Bad tag number: " + o.TagNo);
+				}
+			}
+		}
+
+		/**
+		* Constructor from a given details.
+		* <p/>
+		* <p/>
+		* Either <code>generalName</code> or <code>certRef</code> MUST be
+		* <code>null</code>.
+		*
+		* @param country            The country code whose laws apply.
+		* @param typeOfSubstitution The type of procuration.
+		* @param certRef            Reference to certificate of the person who is represented.
+		*/
+		public ProcurationSyntax(
+			string			country,
+			DirectoryString	typeOfSubstitution,
+			IssuerSerial	certRef)
+		{
+			this.country = country;
+			this.typeOfSubstitution = typeOfSubstitution;
+			this.thirdPerson = null;
+			this.certRef = certRef;
+		}
+
+		/**
+		 * Constructor from a given details.
+		 * <p/>
+		 * <p/>
+		 * Either <code>generalName</code> or <code>certRef</code> MUST be
+		 * <code>null</code>.
+		 *
+		 * @param country            The country code whose laws apply.
+		 * @param typeOfSubstitution The type of procuration.
+		 * @param thirdPerson        The GeneralName of the person who is represented.
+		 */
+		public ProcurationSyntax(
+			string			country,
+			DirectoryString	typeOfSubstitution,
+			GeneralName		thirdPerson)
+		{
+			this.country = country;
+			this.typeOfSubstitution = typeOfSubstitution;
+			this.thirdPerson = thirdPerson;
+			this.certRef = null;
+		}
+
+		public virtual string Country
+		{
+			get { return country; }
+		}
+
+		public virtual DirectoryString TypeOfSubstitution
+		{
+			get { return typeOfSubstitution; }
+		}
+
+		public virtual GeneralName ThirdPerson
+		{
+			get { return thirdPerson; }
+		}
+
+		public virtual IssuerSerial CertRef
+		{
+			get { return certRef; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*               ProcurationSyntax ::= SEQUENCE {
+		*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+		*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+		*                 signingFor [3] EXPLICIT SigningFor
+		*               }
+		* <p/>
+		*               SigningFor ::= CHOICE
+		*               {
+		*                 thirdPerson GeneralName,
+		*                 certRef IssuerSerial
+		*               }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+			if (country != null)
+			{
+				vec.Add(new DerTaggedObject(true, 1, new DerPrintableString(country, true)));
+			}
+			if (typeOfSubstitution != null)
+			{
+				vec.Add(new DerTaggedObject(true, 2, typeOfSubstitution));
+			}
+			if (thirdPerson != null)
+			{
+				vec.Add(new DerTaggedObject(true, 3, thirdPerson));
+			}
+			else
+			{
+				vec.Add(new DerTaggedObject(true, 3, certRef));
+			}
+
+			return new DerSequence(vec);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/ProfessionInfo.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/ProfessionInfo.cs
new file mode 100644
index 0000000..671a465
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/ProfessionInfo.cs
@@ -0,0 +1,387 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Professions, specializations, disciplines, fields of activity, etc.
+	* 
+	* <pre>
+	*               ProfessionInfo ::= SEQUENCE 
+	*               {
+	*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+	*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+	*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+	*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+	*                 addProfessionInfo OCTET STRING OPTIONAL 
+	*               }
+	* </pre>
+	* 
+	* @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax
+	*/
+	public class ProfessionInfo
+		: Asn1Encodable
+	{
+		/**
+		* Rechtsanw�ltin
+		*/
+		public static readonly DerObjectIdentifier Rechtsanwltin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".1");
+
+		/**
+		* Rechtsanwalt
+		*/
+		public static readonly DerObjectIdentifier Rechtsanwalt = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".2");
+
+		/**
+		* Rechtsbeistand
+		*/
+		public static readonly DerObjectIdentifier Rechtsbeistand = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".3");
+
+		/**
+		* Steuerberaterin
+		*/
+		public static readonly DerObjectIdentifier Steuerberaterin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".4");
+
+		/**
+		* Steuerberater
+		*/
+		public static readonly DerObjectIdentifier Steuerberater = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".5");
+
+		/**
+		* Steuerbevollm�chtigte
+		*/
+		public static readonly DerObjectIdentifier Steuerbevollmchtigte = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".6");
+
+		/**
+		* Steuerbevollm�chtigter
+		*/
+		public static readonly DerObjectIdentifier Steuerbevollmchtigter = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".7");
+
+		/**
+		* Notarin
+		*/
+		public static readonly DerObjectIdentifier Notarin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".8");
+
+		/**
+		* Notar
+		*/
+		public static readonly DerObjectIdentifier Notar = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".9");
+
+		/**
+		* Notarvertreterin
+		*/
+		public static readonly DerObjectIdentifier Notarvertreterin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".10");
+
+		/**
+		* Notarvertreter
+		*/
+		public static readonly DerObjectIdentifier Notarvertreter = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".11");
+
+		/**
+		* Notariatsverwalterin
+		*/
+		public static readonly DerObjectIdentifier Notariatsverwalterin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".12");
+
+		/**
+		* Notariatsverwalter
+		*/
+		public static readonly DerObjectIdentifier Notariatsverwalter = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".13");
+
+		/**
+		* Wirtschaftspr�ferin
+		*/
+		public static readonly DerObjectIdentifier Wirtschaftsprferin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".14");
+
+		/**
+		* Wirtschaftspr�fer
+		*/
+		public static readonly DerObjectIdentifier Wirtschaftsprfer = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".15");
+
+		/**
+		* Vereidigte Buchpr�ferin
+		*/
+		public static readonly DerObjectIdentifier VereidigteBuchprferin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".16");
+
+		/**
+		* Vereidigter Buchpr�fer
+		*/
+		public static readonly DerObjectIdentifier VereidigterBuchprfer = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".17");
+
+		/**
+		* Patentanw�ltin
+		*/
+		public static readonly DerObjectIdentifier Patentanwltin = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".18");
+
+		/**
+		* Patentanwalt
+		*/
+		public static readonly DerObjectIdentifier Patentanwalt = new DerObjectIdentifier(
+			NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".19");
+
+		private readonly NamingAuthority	namingAuthority;
+		private readonly Asn1Sequence		professionItems;
+		private readonly Asn1Sequence		professionOids;
+		private readonly string				registrationNumber;
+		private readonly Asn1OctetString	addProfessionInfo;
+
+		public static ProfessionInfo GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is ProfessionInfo)
+			{
+				return (ProfessionInfo) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new ProfessionInfo((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* <p/>
+		* <pre>
+		*               ProfessionInfo ::= SEQUENCE
+		*               {
+		*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+		*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+		*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+		*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+		*                 addProfessionInfo OCTET STRING OPTIONAL
+		*               }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private ProfessionInfo(
+			Asn1Sequence seq)
+		{
+			if (seq.Count > 5)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+			Asn1Encodable o = (Asn1Encodable) e.Current;
+
+			if (o is Asn1TaggedObject)
+			{
+				Asn1TaggedObject ato = (Asn1TaggedObject) o;
+				if (ato.TagNo != 0)
+					throw new ArgumentException("Bad tag number: " + ato.TagNo);
+
+				namingAuthority = NamingAuthority.GetInstance(ato, true);
+				e.MoveNext();
+				o = (Asn1Encodable) e.Current;
+			}
+
+			professionItems = Asn1Sequence.GetInstance(o);
+
+			if (e.MoveNext())
+			{
+				o = (Asn1Encodable) e.Current;
+				if (o is Asn1Sequence)
+				{
+					professionOids = Asn1Sequence.GetInstance(o);
+				}
+				else if (o is DerPrintableString)
+				{
+					registrationNumber = DerPrintableString.GetInstance(o).GetString();
+				}
+				else if (o is Asn1OctetString)
+				{
+					addProfessionInfo = Asn1OctetString.GetInstance(o);
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+
+			if (e.MoveNext())
+			{
+				o = (Asn1Encodable) e.Current;
+				if (o is DerPrintableString)
+				{
+					registrationNumber = DerPrintableString.GetInstance(o).GetString();
+				}
+				else if (o is DerOctetString)
+				{
+					addProfessionInfo = (DerOctetString) o;
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+
+			if (e.MoveNext())
+			{
+				o = (Asn1Encodable) e.Current;
+				if (o is DerOctetString)
+				{
+					addProfessionInfo = (DerOctetString) o;
+				}
+				else
+				{
+                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
+				}
+			}
+		}
+
+		/**
+		* Constructor from given details.
+		* <p/>
+		* <code>professionItems</code> is mandatory, all other parameters are
+		* optional.
+		*
+		* @param namingAuthority    The naming authority.
+		* @param professionItems    Directory strings of the profession.
+		* @param professionOids     DERObjectIdentfier objects for the
+		*                           profession.
+		* @param registrationNumber Registration number.
+		* @param addProfessionInfo  Additional infos in encoded form.
+		*/
+		public ProfessionInfo(
+			NamingAuthority			namingAuthority,
+			DirectoryString[]		professionItems,
+			DerObjectIdentifier[]	professionOids,
+			string					registrationNumber,
+			Asn1OctetString			addProfessionInfo)
+		{
+			this.namingAuthority = namingAuthority;
+			this.professionItems = new DerSequence(professionItems);
+			if (professionOids != null)
+			{
+				this.professionOids = new DerSequence(professionOids);
+			}
+			this.registrationNumber = registrationNumber;
+			this.addProfessionInfo = addProfessionInfo;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*               ProfessionInfo ::= SEQUENCE
+		*               {
+		*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+		*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+		*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+		*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+		*                 addProfessionInfo OCTET STRING OPTIONAL
+		*               }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+			if (namingAuthority != null)
+			{
+				vec.Add(new DerTaggedObject(true, 0, namingAuthority));
+			}
+			vec.Add(professionItems);
+			if (professionOids != null)
+			{
+				vec.Add(professionOids);
+			}
+			if (registrationNumber != null)
+			{
+				vec.Add(new DerPrintableString(registrationNumber, true));
+			}
+			if (addProfessionInfo != null)
+			{
+				vec.Add(addProfessionInfo);
+			}
+			return new DerSequence(vec);
+		}
+
+		/**
+		* @return Returns the addProfessionInfo.
+		*/
+		public virtual Asn1OctetString AddProfessionInfo
+		{
+			get { return addProfessionInfo; }
+		}
+
+		/**
+		* @return Returns the namingAuthority.
+		*/
+		public virtual NamingAuthority NamingAuthority
+		{
+			get { return namingAuthority; }
+		}
+
+		/**
+		* @return Returns the professionItems.
+		*/
+		public virtual DirectoryString[] GetProfessionItems()
+		{
+			DirectoryString[] result = new DirectoryString[professionItems.Count];
+
+			for (int i = 0; i < professionItems.Count; ++i)
+			{
+				result[i] = DirectoryString.GetInstance(professionItems[i]);
+			}
+
+			return result;
+		}
+
+		/**
+		* @return Returns the professionOids.
+		*/
+		public virtual DerObjectIdentifier[] GetProfessionOids()
+		{
+			if (professionOids == null)
+			{
+				return new DerObjectIdentifier[0];
+			}
+
+			DerObjectIdentifier[] result = new DerObjectIdentifier[professionOids.Count];
+
+			for (int i = 0; i < professionOids.Count; ++i)
+			{
+				result[i] = DerObjectIdentifier.GetInstance(professionOids[i]);
+			}
+
+			return result;
+		}
+
+		/**
+		* @return Returns the registrationNumber.
+		*/
+		public virtual string RegistrationNumber
+		{
+			get { return registrationNumber; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/isismtt/x509/Restriction.cs b/bc-sharp-crypto/src/asn1/isismtt/x509/Restriction.cs
new file mode 100644
index 0000000..75df252
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/isismtt/x509/Restriction.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.IsisMtt.X509
+{
+	/**
+	* Some other restriction regarding the usage of this certificate.
+	* <p/>
+	* <pre>
+	*  RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+	* </pre>
+	*/
+	public class Restriction
+		: Asn1Encodable
+	{
+		private readonly DirectoryString restriction;
+
+		public static Restriction GetInstance(
+			object obj)
+		{
+			if (obj is Restriction)
+				return (Restriction) obj;
+
+			if (obj is IAsn1String)
+				return new Restriction(DirectoryString.GetInstance(obj));
+
+            throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from DirectoryString.
+		* <p/>
+		* The DirectoryString is of type RestrictionSyntax:
+		* <p/>
+		* <pre>
+		*      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		* </pre>
+		*
+		* @param restriction A IAsn1String.
+		*/
+		private Restriction(
+			DirectoryString restriction)
+		{
+			this.restriction = restriction;
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param restriction The description of the restriction.
+		*/
+		public Restriction(
+			string restriction)
+		{
+			this.restriction = new DirectoryString(restriction);
+		}
+
+		public virtual DirectoryString RestrictionString
+		{
+			get { return restriction; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		* <p/>
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			return restriction.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/kisa/KISAObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/kisa/KISAObjectIdentifiers.cs
new file mode 100644
index 0000000..05351ec
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/kisa/KISAObjectIdentifiers.cs
@@ -0,0 +1,8 @@
+namespace Org.BouncyCastle.Asn1.Kisa
+{
+	public abstract class KisaObjectIdentifiers
+	{
+		public static readonly DerObjectIdentifier IdSeedCbc = new DerObjectIdentifier("1.2.410.200004.1.4");
+		public static readonly DerObjectIdentifier IdNpkiAppCmsSeedWrap = new DerObjectIdentifier("1.2.410.200004.7.1.1.1");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs
new file mode 100644
index 0000000..bc48c3f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs
@@ -0,0 +1,19 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Microsoft
+{
+    public abstract class MicrosoftObjectIdentifiers
+    {
+        //
+        // Microsoft
+        //       iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) Microsoft(311)
+        //
+        public static readonly DerObjectIdentifier Microsoft               = new DerObjectIdentifier("1.3.6.1.4.1.311");
+        public static readonly DerObjectIdentifier MicrosoftCertTemplateV1 = Microsoft.Branch("20.2");
+        public static readonly DerObjectIdentifier MicrosoftCAVersion      = Microsoft.Branch("21.1");
+        public static readonly DerObjectIdentifier MicrosoftPrevCACertHash = Microsoft.Branch("21.2");
+        public static readonly DerObjectIdentifier MicrosoftCrlNextPublish = Microsoft.Branch("21.4");
+        public static readonly DerObjectIdentifier MicrosoftCertTemplateV2 = Microsoft.Branch("21.7");
+        public static readonly DerObjectIdentifier MicrosoftAppPolicies    = Microsoft.Branch("21.10");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/CAST5CBCParameters.cs b/bc-sharp-crypto/src/asn1/misc/CAST5CBCParameters.cs
new file mode 100644
index 0000000..51fd660
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/CAST5CBCParameters.cs
@@ -0,0 +1,74 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    public class Cast5CbcParameters
+        : Asn1Encodable
+    {
+        private readonly DerInteger keyLength;
+        private readonly Asn1OctetString iv;
+
+		public static Cast5CbcParameters GetInstance(
+            object o)
+        {
+            if (o is Cast5CbcParameters)
+            {
+                return (Cast5CbcParameters) o;
+            }
+
+			if (o is Asn1Sequence)
+            {
+                return new Cast5CbcParameters((Asn1Sequence) o);
+            }
+
+			throw new ArgumentException("unknown object in Cast5CbcParameters factory");
+        }
+
+		public Cast5CbcParameters(
+            byte[]	iv,
+            int		keyLength)
+        {
+            this.iv = new DerOctetString(iv);
+            this.keyLength = new DerInteger(keyLength);
+        }
+
+		private Cast5CbcParameters(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			iv = (Asn1OctetString) seq[0];
+            keyLength = (DerInteger) seq[1];
+        }
+
+		public byte[] GetIV()
+        {
+			return Arrays.Clone(iv.GetOctets());
+		}
+
+		public int KeyLength
+		{
+			get { return keyLength.Value.IntValue; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * cast5CBCParameters ::= Sequence {
+         *                           iv         OCTET STRING DEFAULT 0,
+         *                                  -- Initialization vector
+         *                           keyLength  Integer
+         *                                  -- Key length, in bits
+         *                      }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(iv, keyLength);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/IDEACBCPar.cs b/bc-sharp-crypto/src/asn1/misc/IDEACBCPar.cs
new file mode 100644
index 0000000..72a60b9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/IDEACBCPar.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    public class IdeaCbcPar
+        : Asn1Encodable
+    {
+        internal Asn1OctetString iv;
+
+		public static IdeaCbcPar GetInstance(
+            object o)
+        {
+            if (o is IdeaCbcPar)
+            {
+                return (IdeaCbcPar) o;
+            }
+
+			if (o is Asn1Sequence)
+            {
+                return new IdeaCbcPar((Asn1Sequence) o);
+            }
+
+			throw new ArgumentException("unknown object in IDEACBCPar factory");
+        }
+
+		public IdeaCbcPar(
+            byte[] iv)
+        {
+            this.iv = new DerOctetString(iv);
+        }
+
+		private IdeaCbcPar(
+            Asn1Sequence seq)
+        {
+			if (seq.Count == 1)
+			{
+				iv = (Asn1OctetString) seq[0];
+			}
+        }
+
+		public byte[] GetIV()
+        {
+			return iv == null ? null : iv.GetOctets();
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * IDEA-CBCPar ::= Sequence {
+         *                      iv    OCTET STRING OPTIONAL -- exactly 8 octets
+         *                  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (iv != null)
+            {
+                v.Add(iv);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/MiscObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/misc/MiscObjectIdentifiers.cs
new file mode 100644
index 0000000..8128b69
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/MiscObjectIdentifiers.cs
@@ -0,0 +1,79 @@
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    public abstract class MiscObjectIdentifiers
+    {
+        //
+        // Netscape
+        //       iso/itu(2) joint-assign(16) us(840) uscompany(1) Netscape(113730) cert-extensions(1) }
+        //
+        public static readonly DerObjectIdentifier Netscape                = new DerObjectIdentifier("2.16.840.1.113730.1");
+        public static readonly DerObjectIdentifier NetscapeCertType        = Netscape.Branch("1");
+        public static readonly DerObjectIdentifier NetscapeBaseUrl         = Netscape.Branch("2");
+        public static readonly DerObjectIdentifier NetscapeRevocationUrl   = Netscape.Branch("3");
+        public static readonly DerObjectIdentifier NetscapeCARevocationUrl = Netscape.Branch("4");
+        public static readonly DerObjectIdentifier NetscapeRenewalUrl      = Netscape.Branch("7");
+        public static readonly DerObjectIdentifier NetscapeCAPolicyUrl     = Netscape.Branch("8");
+        public static readonly DerObjectIdentifier NetscapeSslServerName   = Netscape.Branch("12");
+        public static readonly DerObjectIdentifier NetscapeCertComment     = Netscape.Branch("13");
+
+        //
+        // Verisign
+        //       iso/itu(2) joint-assign(16) us(840) uscompany(1) verisign(113733) cert-extensions(1) }
+        //
+        public static readonly DerObjectIdentifier Verisign = new DerObjectIdentifier("2.16.840.1.113733.1");
+
+        //
+        // CZAG - country, zip, age, and gender
+        //
+        public static readonly DerObjectIdentifier VerisignCzagExtension          = Verisign.Branch("6.3");
+
+        public static readonly DerObjectIdentifier VerisignPrivate_6_9            = Verisign.Branch("6.9");
+        public static readonly DerObjectIdentifier VerisignOnSiteJurisdictionHash = Verisign.Branch("6.11");
+        public static readonly DerObjectIdentifier VerisignBitString_6_13         = Verisign.Branch("6.13");
+
+        // D&B D-U-N-S number
+        public static readonly DerObjectIdentifier VerisignDnbDunsNumber          = Verisign.Branch("6.15");
+
+        public static readonly DerObjectIdentifier VerisignIssStrongCrypto        = Verisign.Branch("8.1");
+
+        //
+        // Novell
+        //       iso/itu(2) country(16) us(840) organization(1) novell(113719)
+        //
+        public static readonly string				Novell					= "2.16.840.1.113719";
+        public static readonly DerObjectIdentifier NovellSecurityAttribs	= new DerObjectIdentifier(Novell + ".1.9.4.1");
+
+        //
+        // Entrust
+        //       iso(1) member-body(16) us(840) nortelnetworks(113533) entrust(7)
+        //
+        public static readonly string				Entrust					= "1.2.840.113533.7";
+        public static readonly DerObjectIdentifier EntrustVersionExtension = new DerObjectIdentifier(Entrust + ".65.0");
+
+        //
+        // Ascom
+        //
+        public static readonly DerObjectIdentifier as_sys_sec_alg_ideaCBC = new DerObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2");
+
+        //
+        // Peter Gutmann's Cryptlib
+        //
+        public static readonly DerObjectIdentifier cryptlib = new DerObjectIdentifier("1.3.6.1.4.1.3029");
+
+        public static readonly DerObjectIdentifier cryptlib_algorithm = cryptlib.Branch("1");
+        public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_ECB = cryptlib_algorithm.Branch("1.1");
+        public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_CBC = cryptlib_algorithm.Branch("1.2");
+        public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_CFB = cryptlib_algorithm.Branch("1.3");
+        public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_OFB = cryptlib_algorithm.Branch("1.4");
+
+        //
+        // Blake2b
+        //
+        public static readonly DerObjectIdentifier blake2 = new DerObjectIdentifier("1.3.6.1.4.1.1722.12.2");
+
+        public static readonly DerObjectIdentifier id_blake2b160 = blake2.Branch("1.5");
+        public static readonly DerObjectIdentifier id_blake2b256 = blake2.Branch("1.8");
+        public static readonly DerObjectIdentifier id_blake2b384 = blake2.Branch("1.12");
+        public static readonly DerObjectIdentifier id_blake2b512 = blake2.Branch("1.16");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/NetscapeCertType.cs b/bc-sharp-crypto/src/asn1/misc/NetscapeCertType.cs
new file mode 100644
index 0000000..d809eae
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/NetscapeCertType.cs
@@ -0,0 +1,54 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    /**
+     * The NetscapeCertType object.
+     * <pre>
+     *    NetscapeCertType ::= BIT STRING {
+     *         SSLClient               (0),
+     *         SSLServer               (1),
+     *         S/MIME                  (2),
+     *         Object Signing          (3),
+     *         Reserved                (4),
+     *         SSL CA                  (5),
+     *         S/MIME CA               (6),
+     *         Object Signing CA       (7) }
+     * </pre>
+     */
+    public class NetscapeCertType
+        : DerBitString
+    {
+        public const int SslClient        = (1 << 7);
+        public const int SslServer        = (1 << 6);
+        public const int Smime            = (1 << 5);
+        public const int ObjectSigning    = (1 << 4);
+        public const int Reserved         = (1 << 3);
+        public const int SslCA            = (1 << 2);
+        public const int SmimeCA          = (1 << 1);
+        public const int ObjectSigningCA  = (1 << 0);
+
+		/**
+         * Basic constructor.
+         *
+         * @param usage - the bitwise OR of the Key Usage flags giving the
+         * allowed uses for the key.
+         * e.g. (X509NetscapeCertType.sslCA | X509NetscapeCertType.smimeCA)
+         */
+        public NetscapeCertType(int usage)
+			: base(usage)
+        {
+        }
+
+		public NetscapeCertType(DerBitString usage)
+			: base(usage.GetBytes(), usage.PadBits)
+        {
+        }
+
+		public override string ToString()
+        {
+			byte[] data = GetBytes();
+			return "NetscapeCertType: 0x" + (data[0] & 0xff).ToString("X");
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/NetscapeRevocationURL.cs b/bc-sharp-crypto/src/asn1/misc/NetscapeRevocationURL.cs
new file mode 100644
index 0000000..6cac031
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/NetscapeRevocationURL.cs
@@ -0,0 +1,18 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    public class NetscapeRevocationUrl
+        : DerIA5String
+    {
+        public NetscapeRevocationUrl(DerIA5String str)
+			: base(str.GetString())
+        {
+        }
+
+        public override string ToString()
+        {
+            return "NetscapeRevocationUrl: " + this.GetString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/misc/VerisignCzagExtension.cs b/bc-sharp-crypto/src/asn1/misc/VerisignCzagExtension.cs
new file mode 100644
index 0000000..1c3054b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/misc/VerisignCzagExtension.cs
@@ -0,0 +1,18 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Misc
+{
+    public class VerisignCzagExtension
+        : DerIA5String
+    {
+        public VerisignCzagExtension(DerIA5String str)
+			: base(str.GetString())
+        {
+        }
+
+        public override string ToString()
+        {
+            return "VerisignCzagExtension: " + this.GetString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs b/bc-sharp-crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs
new file mode 100644
index 0000000..ff2a119
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Mozilla
+{
+	/**
+	 * This is designed to parse
+	 * the PublicKeyAndChallenge created by the KEYGEN tag included by
+	 * Mozilla based browsers.
+	 *  <pre>
+	 *  PublicKeyAndChallenge ::= SEQUENCE {
+	 *    spki SubjectPublicKeyInfo,
+	 *    challenge IA5STRING
+	 *  }
+	 *
+	 *  </pre>
+	 */
+	public class PublicKeyAndChallenge
+		: Asn1Encodable
+	{
+		private Asn1Sequence			pkacSeq;
+		private SubjectPublicKeyInfo	spki;
+		private DerIA5String			challenge;
+
+		public static PublicKeyAndChallenge GetInstance(
+			object obj)
+		{
+			if (obj is PublicKeyAndChallenge)
+			{
+				return (PublicKeyAndChallenge) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new PublicKeyAndChallenge((Asn1Sequence) obj);
+			}
+
+			throw new ArgumentException(
+				"unknown object in 'PublicKeyAndChallenge' factory : "
+                + Platform.GetTypeName(obj) + ".");
+		}
+
+		public PublicKeyAndChallenge(
+			Asn1Sequence seq)
+		{
+			pkacSeq = seq;
+			spki = SubjectPublicKeyInfo.GetInstance(seq[0]);
+			challenge = DerIA5String.GetInstance(seq[1]);
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return pkacSeq;
+		}
+
+		public SubjectPublicKeyInfo SubjectPublicKeyInfo
+		{
+			get { return spki; }
+		}
+
+		public DerIA5String Challenge
+		{
+			get { return challenge; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/nist/NISTNamedCurves.cs b/bc-sharp-crypto/src/asn1/nist/NISTNamedCurves.cs
new file mode 100644
index 0000000..f6c1598
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/nist/NISTNamedCurves.cs
@@ -0,0 +1,102 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.Nist
+{
+    /**
+    * Utility class for fetching curves using their NIST names as published in FIPS-PUB 186-3
+    */
+    public sealed class NistNamedCurves
+    {
+        private NistNamedCurves()
+        {
+        }
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurveAlias(
+            string				name,
+            DerObjectIdentifier	oid)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+        }
+
+        static NistNamedCurves()
+        {
+            DefineCurveAlias("B-163", SecObjectIdentifiers.SecT163r2);
+            DefineCurveAlias("B-233", SecObjectIdentifiers.SecT233r1);
+            DefineCurveAlias("B-283", SecObjectIdentifiers.SecT283r1);
+            DefineCurveAlias("B-409", SecObjectIdentifiers.SecT409r1);
+            DefineCurveAlias("B-571", SecObjectIdentifiers.SecT571r1);
+
+            DefineCurveAlias("K-163", SecObjectIdentifiers.SecT163k1);
+            DefineCurveAlias("K-233", SecObjectIdentifiers.SecT233k1);
+            DefineCurveAlias("K-283", SecObjectIdentifiers.SecT283k1);
+            DefineCurveAlias("K-409", SecObjectIdentifiers.SecT409k1);
+            DefineCurveAlias("K-571", SecObjectIdentifiers.SecT571k1);
+
+            DefineCurveAlias("P-192", SecObjectIdentifiers.SecP192r1);
+            DefineCurveAlias("P-224", SecObjectIdentifiers.SecP224r1);
+            DefineCurveAlias("P-256", SecObjectIdentifiers.SecP256r1);
+            DefineCurveAlias("P-384", SecObjectIdentifiers.SecP384r1);
+            DefineCurveAlias("P-521", SecObjectIdentifiers.SecP521r1);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+        * return the X9ECParameters object for the named curve represented by
+        * the passed in object identifier. Null if the curve isn't present.
+        *
+        * @param oid an object identifier representing a named curve, if present.
+        */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            return SecNamedCurves.GetByOid(oid);
+        }
+
+        /**
+        * return the object identifier signified by the passed in name. Null
+        * if there is no object identifier associated with name.
+        *
+        * @return the object identifier associated with name, if present.
+        */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier) objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+        * return the named curve name represented by the given object identifier.
+        */
+        public static string GetName(
+            DerObjectIdentifier  oid)
+        {
+            return (string) names[oid];
+        }
+
+        /**
+        * returns an enumeration containing the name strings for curves
+        * contained in this structure.
+        */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/nist/NISTObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/nist/NISTObjectIdentifiers.cs
new file mode 100644
index 0000000..55b9d8e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/nist/NISTObjectIdentifiers.cs
@@ -0,0 +1,71 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Nist
+{
+    public sealed class NistObjectIdentifiers
+    {
+        private NistObjectIdentifiers()
+        {
+        }
+
+        //
+        // NIST
+        //     iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3)
+
+        //
+        // nistalgorithms(4)
+        //
+        public static readonly DerObjectIdentifier NistAlgorithm = new DerObjectIdentifier("2.16.840.1.101.3.4");
+
+        public static readonly DerObjectIdentifier HashAlgs = NistAlgorithm.Branch("2");
+
+        public static readonly DerObjectIdentifier IdSha256 = HashAlgs.Branch("1");
+        public static readonly DerObjectIdentifier IdSha384 = HashAlgs.Branch("2");
+        public static readonly DerObjectIdentifier IdSha512 = HashAlgs.Branch("3");
+        public static readonly DerObjectIdentifier IdSha224 = HashAlgs.Branch("4");
+        public static readonly DerObjectIdentifier IdSha512_224 = HashAlgs.Branch("5");
+        public static readonly DerObjectIdentifier IdSha512_256 = HashAlgs.Branch("6");
+        public static readonly DerObjectIdentifier IdSha3_224 = HashAlgs.Branch("7");
+        public static readonly DerObjectIdentifier IdSha3_256 = HashAlgs.Branch("8");
+        public static readonly DerObjectIdentifier IdSha3_384 = HashAlgs.Branch("9");
+        public static readonly DerObjectIdentifier IdSha3_512 = HashAlgs.Branch("10");
+        public static readonly DerObjectIdentifier IdShake128 = HashAlgs.Branch("11");
+        public static readonly DerObjectIdentifier IdShake256 = HashAlgs.Branch("12");
+
+        public static readonly DerObjectIdentifier Aes = new DerObjectIdentifier(NistAlgorithm + ".1");
+
+        public static readonly DerObjectIdentifier IdAes128Ecb	= new DerObjectIdentifier(Aes + ".1");
+        public static readonly DerObjectIdentifier IdAes128Cbc	= new DerObjectIdentifier(Aes + ".2");
+        public static readonly DerObjectIdentifier IdAes128Ofb	= new DerObjectIdentifier(Aes + ".3");
+        public static readonly DerObjectIdentifier IdAes128Cfb	= new DerObjectIdentifier(Aes + ".4");
+        public static readonly DerObjectIdentifier IdAes128Wrap	= new DerObjectIdentifier(Aes + ".5");
+        public static readonly DerObjectIdentifier IdAes128Gcm	= new DerObjectIdentifier(Aes + ".6");
+        public static readonly DerObjectIdentifier IdAes128Ccm	= new DerObjectIdentifier(Aes + ".7");
+
+        public static readonly DerObjectIdentifier IdAes192Ecb	= new DerObjectIdentifier(Aes + ".21");
+        public static readonly DerObjectIdentifier IdAes192Cbc	= new DerObjectIdentifier(Aes + ".22");
+        public static readonly DerObjectIdentifier IdAes192Ofb	= new DerObjectIdentifier(Aes + ".23");
+        public static readonly DerObjectIdentifier IdAes192Cfb	= new DerObjectIdentifier(Aes + ".24");
+        public static readonly DerObjectIdentifier IdAes192Wrap	= new DerObjectIdentifier(Aes + ".25");
+        public static readonly DerObjectIdentifier IdAes192Gcm	= new DerObjectIdentifier(Aes + ".26");
+        public static readonly DerObjectIdentifier IdAes192Ccm	= new DerObjectIdentifier(Aes + ".27");
+
+        public static readonly DerObjectIdentifier IdAes256Ecb	= new DerObjectIdentifier(Aes + ".41");
+        public static readonly DerObjectIdentifier IdAes256Cbc	= new DerObjectIdentifier(Aes + ".42");
+        public static readonly DerObjectIdentifier IdAes256Ofb	= new DerObjectIdentifier(Aes + ".43");
+        public static readonly DerObjectIdentifier IdAes256Cfb	= new DerObjectIdentifier(Aes + ".44");
+        public static readonly DerObjectIdentifier IdAes256Wrap	= new DerObjectIdentifier(Aes + ".45");
+        public static readonly DerObjectIdentifier IdAes256Gcm	= new DerObjectIdentifier(Aes + ".46");
+        public static readonly DerObjectIdentifier IdAes256Ccm	= new DerObjectIdentifier(Aes + ".47");
+
+        //
+        // signatures
+        //
+        public static readonly DerObjectIdentifier IdDsaWithSha2 = new DerObjectIdentifier(NistAlgorithm + ".3");
+
+        public static readonly DerObjectIdentifier DsaWithSha224 = new DerObjectIdentifier(IdDsaWithSha2 + ".1");
+        public static readonly DerObjectIdentifier DsaWithSha256 = new DerObjectIdentifier(IdDsaWithSha2 + ".2");
+        public static readonly DerObjectIdentifier DsaWithSha384 = new DerObjectIdentifier(IdDsaWithSha2 + ".3");
+        public static readonly DerObjectIdentifier DsaWithSha512 = new DerObjectIdentifier(IdDsaWithSha2 + ".4"); 
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ntt/NTTObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/ntt/NTTObjectIdentifiers.cs
new file mode 100644
index 0000000..cd25956
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ntt/NTTObjectIdentifiers.cs
@@ -0,0 +1,14 @@
+namespace Org.BouncyCastle.Asn1.Ntt
+{
+	/// <summary>From RFC 3657</summary>
+	public abstract class NttObjectIdentifiers
+	{
+		public static readonly DerObjectIdentifier IdCamellia128Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.2");
+		public static readonly DerObjectIdentifier IdCamellia192Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.3");
+		public static readonly DerObjectIdentifier IdCamellia256Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.4");
+
+		public static readonly DerObjectIdentifier IdCamellia128Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.2");
+		public static readonly DerObjectIdentifier IdCamellia192Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.3");
+		public static readonly DerObjectIdentifier IdCamellia256Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.4");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/BasicOCSPResponse.cs b/bc-sharp-crypto/src/asn1/ocsp/BasicOCSPResponse.cs
new file mode 100644
index 0000000..e6aa1f8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/BasicOCSPResponse.cs
@@ -0,0 +1,137 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class BasicOcspResponse
+        : Asn1Encodable
+    {
+        private readonly ResponseData			tbsResponseData;
+        private readonly AlgorithmIdentifier	signatureAlgorithm;
+        private readonly DerBitString			signature;
+        private readonly Asn1Sequence			certs;
+
+		public static BasicOcspResponse GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static BasicOcspResponse GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is BasicOcspResponse)
+			{
+				return (BasicOcspResponse)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new BasicOcspResponse((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public BasicOcspResponse(
+            ResponseData		tbsResponseData,
+            AlgorithmIdentifier	signatureAlgorithm,
+            DerBitString		signature,
+            Asn1Sequence		certs)
+        {
+            this.tbsResponseData = tbsResponseData;
+            this.signatureAlgorithm = signatureAlgorithm;
+            this.signature = signature;
+            this.certs = certs;
+        }
+
+		private BasicOcspResponse(
+            Asn1Sequence seq)
+        {
+            this.tbsResponseData = ResponseData.GetInstance(seq[0]);
+            this.signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+            this.signature = (DerBitString)seq[2];
+
+			if (seq.Count > 3)
+            {
+                this.certs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[3], true);
+            }
+        }
+
+		[Obsolete("Use TbsResponseData property instead")]
+		public ResponseData GetTbsResponseData()
+        {
+            return tbsResponseData;
+        }
+
+		public ResponseData TbsResponseData
+		{
+			get { return tbsResponseData; }
+		}
+
+		[Obsolete("Use SignatureAlgorithm property instead")]
+		public AlgorithmIdentifier GetSignatureAlgorithm()
+        {
+            return signatureAlgorithm;
+        }
+
+		public AlgorithmIdentifier SignatureAlgorithm
+		{
+			get { return signatureAlgorithm; }
+		}
+
+		[Obsolete("Use Signature property instead")]
+		public DerBitString GetSignature()
+        {
+            return signature;
+        }
+
+		public DerBitString Signature
+		{
+			get { return signature; }
+		}
+
+        public byte[] GetSignatureOctets()
+        {
+            return signature.GetOctets();
+        }
+
+        [Obsolete("Use Certs property instead")]
+		public Asn1Sequence GetCerts()
+        {
+            return certs;
+        }
+
+		public Asn1Sequence Certs
+		{
+			get { return certs; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * BasicOcspResponse       ::= Sequence {
+         *      tbsResponseData      ResponseData,
+         *      signatureAlgorithm   AlgorithmIdentifier,
+         *      signature            BIT STRING,
+         *      certs                [0] EXPLICIT Sequence OF Certificate OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				tbsResponseData, signatureAlgorithm, signature);
+
+			if (certs != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, certs));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/CertID.cs b/bc-sharp-crypto/src/asn1/ocsp/CertID.cs
new file mode 100644
index 0000000..523f6b8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/CertID.cs
@@ -0,0 +1,99 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class CertID
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier    hashAlgorithm;
+        private readonly Asn1OctetString        issuerNameHash;
+        private readonly Asn1OctetString        issuerKeyHash;
+        private readonly DerInteger             serialNumber;
+
+		public static CertID GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static CertID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CertID)
+			{
+				return (CertID)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new CertID((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public CertID(
+            AlgorithmIdentifier hashAlgorithm,
+            Asn1OctetString     issuerNameHash,
+            Asn1OctetString     issuerKeyHash,
+            DerInteger          serialNumber)
+        {
+            this.hashAlgorithm = hashAlgorithm;
+            this.issuerNameHash = issuerNameHash;
+            this.issuerKeyHash = issuerKeyHash;
+            this.serialNumber = serialNumber;
+        }
+
+		private CertID(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 4)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+            this.issuerNameHash = Asn1OctetString.GetInstance(seq[1]);
+            this.issuerKeyHash = Asn1OctetString.GetInstance(seq[2]);
+            this.serialNumber = DerInteger.GetInstance(seq[3]);
+        }
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public Asn1OctetString IssuerNameHash
+		{
+			get { return issuerNameHash; }
+		}
+
+		public Asn1OctetString IssuerKeyHash
+		{
+			get { return issuerKeyHash; }
+		}
+
+		public DerInteger SerialNumber
+		{
+			get { return serialNumber; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * CertID          ::=     Sequence {
+         *     hashAlgorithm       AlgorithmIdentifier,
+         *     issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+         *     issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+         *     serialNumber        CertificateSerialNumber }
+         * </pre>
+         */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(hashAlgorithm, issuerNameHash, issuerKeyHash, serialNumber);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/CertStatus.cs b/bc-sharp-crypto/src/asn1/ocsp/CertStatus.cs
new file mode 100644
index 0000000..7dd99b8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/CertStatus.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class CertStatus
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly int			tagNo;
+        private readonly Asn1Encodable	value;
+
+		/**
+         * create a CertStatus object with a tag of zero.
+         */
+        public CertStatus()
+        {
+            tagNo = 0;
+            value = DerNull.Instance;
+        }
+
+		public CertStatus(
+            RevokedInfo info)
+        {
+            tagNo = 1;
+            value = info;
+        }
+
+		public CertStatus(
+            int				tagNo,
+            Asn1Encodable	value)
+        {
+            this.tagNo = tagNo;
+            this.value = value;
+        }
+
+		public CertStatus(
+            Asn1TaggedObject choice)
+        {
+            this.tagNo = choice.TagNo;
+
+			switch (choice.TagNo)
+            {
+				case 1:
+					value = RevokedInfo.GetInstance(choice, false);
+					break;
+				case 0:
+				case 2:
+					value = DerNull.Instance;
+					break;
+				default:
+					throw new ArgumentException("Unknown tag encountered: " + choice.TagNo);
+            }
+        }
+
+		public static CertStatus GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is CertStatus)
+            {
+                return (CertStatus)obj;
+            }
+
+			if (obj is Asn1TaggedObject)
+            {
+                return new CertStatus((Asn1TaggedObject)obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public int TagNo
+		{
+			get { return tagNo; }
+		}
+
+		public Asn1Encodable Status
+		{
+			get { return value; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  CertStatus ::= CHOICE {
+         *                  good        [0]     IMPLICIT Null,
+         *                  revoked     [1]     IMPLICIT RevokedInfo,
+         *                  unknown     [2]     IMPLICIT UnknownInfo }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerTaggedObject(false, tagNo, value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/CrlID.cs b/bc-sharp-crypto/src/asn1/ocsp/CrlID.cs
new file mode 100644
index 0000000..cfb3d6f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/CrlID.cs
@@ -0,0 +1,82 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class CrlID
+        : Asn1Encodable
+    {
+        private readonly DerIA5String		crlUrl;
+        private readonly DerInteger			crlNum;
+        private readonly DerGeneralizedTime	crlTime;
+
+		// TODO Add GetInstance method(s) and amke this private?
+		public CrlID(
+            Asn1Sequence seq)
+        {
+			foreach (Asn1TaggedObject o in seq)
+			{
+				switch (o.TagNo)
+                {
+                case 0:
+                    crlUrl = DerIA5String.GetInstance(o, true);
+                    break;
+                case 1:
+                    crlNum = DerInteger.GetInstance(o, true);
+                    break;
+                case 2:
+                    crlTime = DerGeneralizedTime.GetInstance(o, true);
+                    break;
+                default:
+                    throw new ArgumentException("unknown tag number: " + o.TagNo);
+                }
+            }
+        }
+
+		public DerIA5String CrlUrl
+		{
+			get { return crlUrl; }
+		}
+
+		public DerInteger CrlNum
+		{
+			get { return crlNum; }
+		}
+
+		public DerGeneralizedTime CrlTime
+		{
+			get { return crlTime; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * CrlID ::= Sequence {
+         *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
+         *     crlNum               [1]     EXPLICIT Integer OPTIONAL,
+         *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (crlUrl != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, crlUrl));
+            }
+
+			if (crlNum != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, crlNum));
+            }
+
+			if (crlTime != null)
+            {
+                v.Add(new DerTaggedObject(true, 2, crlTime));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs
new file mode 100644
index 0000000..a37c855
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs
@@ -0,0 +1,23 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public abstract class OcspObjectIdentifiers
+    {
+        internal const string PkixOcspId = "1.3.6.1.5.5.7.48.1";
+
+		public static readonly DerObjectIdentifier PkixOcsp = new DerObjectIdentifier(PkixOcspId);
+        public static readonly DerObjectIdentifier PkixOcspBasic = new DerObjectIdentifier(PkixOcspId + ".1");
+
+		//
+		// extensions
+		//
+		public static readonly DerObjectIdentifier PkixOcspNonce = new DerObjectIdentifier(PkixOcsp + ".2");
+		public static readonly DerObjectIdentifier PkixOcspCrl = new DerObjectIdentifier(PkixOcsp + ".3");
+
+		public static readonly DerObjectIdentifier PkixOcspResponse = new DerObjectIdentifier(PkixOcsp + ".4");
+		public static readonly DerObjectIdentifier PkixOcspNocheck = new DerObjectIdentifier(PkixOcsp + ".5");
+		public static readonly DerObjectIdentifier PkixOcspArchiveCutoff = new DerObjectIdentifier(PkixOcsp + ".6");
+		public static readonly DerObjectIdentifier PkixOcspServiceLocator = new DerObjectIdentifier(PkixOcsp + ".7");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/OCSPRequest.cs b/bc-sharp-crypto/src/asn1/ocsp/OCSPRequest.cs
new file mode 100644
index 0000000..2407678
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/OCSPRequest.cs
@@ -0,0 +1,89 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class OcspRequest
+        : Asn1Encodable
+    {
+        private readonly TbsRequest	tbsRequest;
+        private readonly Signature	optionalSignature;
+
+		public static OcspRequest GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static OcspRequest GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OcspRequest)
+			{
+				return (OcspRequest)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new OcspRequest((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public OcspRequest(
+            TbsRequest	tbsRequest,
+            Signature	optionalSignature)
+        {
+			if (tbsRequest == null)
+				throw new ArgumentNullException("tbsRequest");
+
+			this.tbsRequest = tbsRequest;
+            this.optionalSignature = optionalSignature;
+        }
+
+		private OcspRequest(
+            Asn1Sequence seq)
+        {
+            tbsRequest = TbsRequest.GetInstance(seq[0]);
+
+			if (seq.Count == 2)
+            {
+                optionalSignature = Signature.GetInstance(
+					(Asn1TaggedObject)seq[1], true);
+            }
+        }
+
+		public TbsRequest TbsRequest
+		{
+			get { return tbsRequest; }
+		}
+
+		public Signature OptionalSignature
+		{
+			get { return optionalSignature; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OcspRequest     ::=     Sequence {
+         *     tbsRequest                  TBSRequest,
+         *     optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(tbsRequest);
+
+			if (optionalSignature != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, optionalSignature));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/OCSPResponse.cs b/bc-sharp-crypto/src/asn1/ocsp/OCSPResponse.cs
new file mode 100644
index 0000000..9477b61
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/OCSPResponse.cs
@@ -0,0 +1,90 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class OcspResponse
+        : Asn1Encodable
+    {
+        private readonly OcspResponseStatus	responseStatus;
+        private readonly ResponseBytes		responseBytes;
+
+		public static OcspResponse GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static OcspResponse GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is OcspResponse)
+			{
+				return (OcspResponse)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new OcspResponse((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public OcspResponse(
+            OcspResponseStatus	responseStatus,
+            ResponseBytes		responseBytes)
+        {
+			if (responseStatus == null)
+				throw new ArgumentNullException("responseStatus");
+
+			this.responseStatus = responseStatus;
+            this.responseBytes = responseBytes;
+        }
+
+		private OcspResponse(
+            Asn1Sequence seq)
+        {
+            responseStatus = new OcspResponseStatus(
+				DerEnumerated.GetInstance(seq[0]));
+
+			if (seq.Count == 2)
+            {
+                responseBytes = ResponseBytes.GetInstance(
+					(Asn1TaggedObject)seq[1], true);
+            }
+        }
+
+		public OcspResponseStatus ResponseStatus
+		{
+			get { return responseStatus; }
+		}
+
+		public ResponseBytes ResponseBytes
+		{
+			get { return responseBytes; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * OcspResponse ::= Sequence {
+         *     responseStatus         OcspResponseStatus,
+         *     responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(responseStatus);
+
+			if (responseBytes != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, responseBytes));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/OCSPResponseStatus.cs b/bc-sharp-crypto/src/asn1/ocsp/OCSPResponseStatus.cs
new file mode 100644
index 0000000..653317e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/OCSPResponseStatus.cs
@@ -0,0 +1,41 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class OcspResponseStatus
+        : DerEnumerated
+    {
+        public const int Successful = 0;
+        public const int MalformedRequest = 1;
+        public const int InternalError = 2;
+        public const int TryLater = 3;
+        public const int SignatureRequired = 5;
+        public const int Unauthorized = 6;
+
+		/**
+         * The OcspResponseStatus enumeration.
+         * <pre>
+         * OcspResponseStatus ::= Enumerated {
+         *     successful            (0),  --Response has valid confirmations
+         *     malformedRequest      (1),  --Illegal confirmation request
+         *     internalError         (2),  --Internal error in issuer
+         *     tryLater              (3),  --Try again later
+         *                                 --(4) is not used
+         *     sigRequired           (5),  --Must sign the request
+         *     unauthorized          (6)   --Request unauthorized
+         * }
+         * </pre>
+         */
+        public OcspResponseStatus(int value)
+			: base(value)
+        {
+        }
+
+		public OcspResponseStatus(DerEnumerated value)
+			: base(value.Value.IntValue)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/Request.cs b/bc-sharp-crypto/src/asn1/ocsp/Request.cs
new file mode 100644
index 0000000..26e81ba
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/Request.cs
@@ -0,0 +1,91 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class Request
+        : Asn1Encodable
+    {
+        private readonly CertID			reqCert;
+        private readonly X509Extensions	singleRequestExtensions;
+
+		public static Request GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static Request GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is Request)
+			{
+				return (Request)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new Request((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public Request(
+            CertID			reqCert,
+            X509Extensions	singleRequestExtensions)
+        {
+			if (reqCert == null)
+				throw new ArgumentNullException("reqCert");
+
+			this.reqCert = reqCert;
+            this.singleRequestExtensions = singleRequestExtensions;
+        }
+
+		private Request(
+			Asn1Sequence seq)
+        {
+			reqCert = CertID.GetInstance(seq[0]);
+
+			if (seq.Count == 2)
+            {
+                singleRequestExtensions = X509Extensions.GetInstance(
+					(Asn1TaggedObject)seq[1], true);
+            }
+        }
+
+		public CertID ReqCert
+		{
+			get { return reqCert; }
+		}
+
+		public X509Extensions SingleRequestExtensions
+		{
+			get { return singleRequestExtensions; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Request         ::=     Sequence {
+         *     reqCert                     CertID,
+         *     singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(reqCert);
+
+			if (singleRequestExtensions != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, singleRequestExtensions));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/ResponderID.cs b/bc-sharp-crypto/src/asn1/ocsp/ResponderID.cs
new file mode 100644
index 0000000..143b173
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/ResponderID.cs
@@ -0,0 +1,107 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class ResponderID
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly Asn1Encodable id;
+
+		public static ResponderID GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is ResponderID)
+			{
+				return (ResponderID)obj;
+			}
+
+			if (obj is DerOctetString)
+			{
+				return new ResponderID((DerOctetString)obj);
+			}
+
+			if (obj is Asn1TaggedObject)
+			{
+				Asn1TaggedObject o = (Asn1TaggedObject)obj;
+
+				if (o.TagNo == 1)
+				{
+					return new ResponderID(X509Name.GetInstance(o, true));
+				}
+
+				return new ResponderID(Asn1OctetString.GetInstance(o, true));
+			}
+
+			return new ResponderID(X509Name.GetInstance(obj));
+		}
+
+		public ResponderID(
+            Asn1OctetString id)
+        {
+			if (id == null)
+				throw new ArgumentNullException("id");
+
+			this.id = id;
+        }
+
+		public ResponderID(
+            X509Name id)
+        {
+			if (id == null)
+				throw new ArgumentNullException("id");
+
+			this.id = id;
+        }
+
+		public static ResponderID GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(obj.GetObject()); // must be explicitly tagged
+		}
+
+		public virtual byte[] GetKeyHash()
+		{
+			if (id is Asn1OctetString)
+			{
+				return ((Asn1OctetString)id).GetOctets();
+			}
+
+			return null;
+		}
+
+		public virtual X509Name Name
+		{
+			get
+			{
+				if (id is Asn1OctetString)
+				{
+					return null;
+				}
+
+				return X509Name.GetInstance(id);
+			}
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ResponderID ::= CHOICE {
+         *      byName          [1] Name,
+         *      byKey           [2] KeyHash }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            if (id is Asn1OctetString)
+            {
+                return new DerTaggedObject(true, 2, id);
+            }
+
+			return new DerTaggedObject(true, 1, id);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/ResponseBytes.cs b/bc-sharp-crypto/src/asn1/ocsp/ResponseBytes.cs
new file mode 100644
index 0000000..d3ea044
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/ResponseBytes.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class ResponseBytes
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier responseType;
+        private readonly Asn1OctetString response;
+
+		public static ResponseBytes GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static ResponseBytes GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is ResponseBytes)
+			{
+				return (ResponseBytes)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new ResponseBytes((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public ResponseBytes(
+            DerObjectIdentifier	responseType,
+            Asn1OctetString		response)
+        {
+			if (responseType == null)
+				throw new ArgumentNullException("responseType");
+			if (response == null)
+				throw new ArgumentNullException("response");
+
+			this.responseType = responseType;
+            this.response = response;
+        }
+
+		private ResponseBytes(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.responseType = DerObjectIdentifier.GetInstance(seq[0]);
+            this.response = Asn1OctetString.GetInstance(seq[1]);
+        }
+
+		public DerObjectIdentifier ResponseType
+		{
+			get { return responseType; }
+		}
+
+		public Asn1OctetString Response
+		{
+			get { return response; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ResponseBytes ::=       Sequence {
+         *     responseType   OBJECT IDENTIFIER,
+         *     response       OCTET STRING }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(responseType, response);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/ResponseData.cs b/bc-sharp-crypto/src/asn1/ocsp/ResponseData.cs
new file mode 100644
index 0000000..70620cb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/ResponseData.cs
@@ -0,0 +1,158 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+	public class ResponseData
+		: Asn1Encodable
+	{
+		private static readonly DerInteger V1 = new DerInteger(0);
+
+		private readonly bool                versionPresent;
+		private readonly DerInteger          version;
+		private readonly ResponderID         responderID;
+		private readonly DerGeneralizedTime  producedAt;
+		private readonly Asn1Sequence        responses;
+		private readonly X509Extensions      responseExtensions;
+
+		public static ResponseData GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static ResponseData GetInstance(
+			object  obj)
+		{
+			if (obj == null || obj is ResponseData)
+			{
+				return (ResponseData)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new ResponseData((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public ResponseData(
+			DerInteger          version,
+			ResponderID         responderID,
+			DerGeneralizedTime  producedAt,
+			Asn1Sequence        responses,
+			X509Extensions      responseExtensions)
+		{
+			this.version = version;
+			this.responderID = responderID;
+			this.producedAt = producedAt;
+			this.responses = responses;
+			this.responseExtensions = responseExtensions;
+		}
+
+		public ResponseData(
+			ResponderID         responderID,
+			DerGeneralizedTime  producedAt,
+			Asn1Sequence        responses,
+			X509Extensions      responseExtensions)
+			: this(V1, responderID, producedAt, responses, responseExtensions)
+		{
+		}
+
+		private ResponseData(
+			Asn1Sequence seq)
+		{
+			int index = 0;
+
+			Asn1Encodable enc = seq[0];
+			if (enc is Asn1TaggedObject)
+			{
+				Asn1TaggedObject o = (Asn1TaggedObject)enc;
+
+				if (o.TagNo == 0)
+				{
+					this.versionPresent = true;
+					this.version = DerInteger.GetInstance(o, true);
+					index++;
+				}
+				else
+				{
+					this.version = V1;
+				}
+			}
+			else
+			{
+				this.version = V1;
+			}
+
+			this.responderID = ResponderID.GetInstance(seq[index++]);
+			this.producedAt = (DerGeneralizedTime)seq[index++];
+			this.responses = (Asn1Sequence)seq[index++];
+
+			if (seq.Count > index)
+			{
+				this.responseExtensions = X509Extensions.GetInstance(
+					(Asn1TaggedObject)seq[index], true);
+			}
+		}
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public ResponderID ResponderID
+		{
+			get { return responderID; }
+		}
+
+		public DerGeneralizedTime ProducedAt
+		{
+			get { return producedAt; }
+		}
+
+		public Asn1Sequence Responses
+		{
+			get { return responses; }
+		}
+
+		public X509Extensions ResponseExtensions
+		{
+			get { return responseExtensions; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ResponseData ::= Sequence {
+         *     version              [0] EXPLICIT Version DEFAULT v1,
+         *     responderID              ResponderID,
+         *     producedAt               GeneralizedTime,
+         *     responses                Sequence OF SingleResponse,
+         *     responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (versionPresent || !version.Equals(V1))
+			{
+				v.Add(new DerTaggedObject(true, 0, version));
+			}
+
+			v.Add(responderID, producedAt, responses);
+
+			if (responseExtensions != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, responseExtensions));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/RevokedInfo.cs b/bc-sharp-crypto/src/asn1/ocsp/RevokedInfo.cs
new file mode 100644
index 0000000..ee9e554
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/RevokedInfo.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class RevokedInfo
+        : Asn1Encodable
+    {
+        private readonly DerGeneralizedTime revocationTime;
+        private readonly CrlReason revocationReason;
+
+		public static RevokedInfo GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static RevokedInfo GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is RevokedInfo)
+			{
+				return (RevokedInfo) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new RevokedInfo((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public RevokedInfo(
+			DerGeneralizedTime revocationTime)
+			: this(revocationTime, null)
+		{
+		}
+
+		public RevokedInfo(
+            DerGeneralizedTime  revocationTime,
+            CrlReason           revocationReason)
+        {
+			if (revocationTime == null)
+				throw new ArgumentNullException("revocationTime");
+
+			this.revocationTime = revocationTime;
+            this.revocationReason = revocationReason;
+        }
+
+		private RevokedInfo(
+            Asn1Sequence seq)
+        {
+            this.revocationTime = (DerGeneralizedTime) seq[0];
+
+			if (seq.Count > 1)
+            {
+                this.revocationReason = new CrlReason(
+					DerEnumerated.GetInstance((Asn1TaggedObject) seq[1], true));
+            }
+        }
+
+		public DerGeneralizedTime RevocationTime
+		{
+			get { return revocationTime; }
+		}
+
+		public CrlReason RevocationReason
+		{
+			get { return revocationReason; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * RevokedInfo ::= Sequence {
+         *      revocationTime              GeneralizedTime,
+         *      revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			Asn1EncodableVector v = new Asn1EncodableVector(revocationTime);
+
+			if (revocationReason != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, revocationReason));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/ServiceLocator.cs b/bc-sharp-crypto/src/asn1/ocsp/ServiceLocator.cs
new file mode 100644
index 0000000..4ba252b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/ServiceLocator.cs
@@ -0,0 +1,95 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class ServiceLocator
+        : Asn1Encodable
+    {
+        private readonly X509Name issuer;
+        private readonly Asn1Object locator;
+
+		public static ServiceLocator GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static ServiceLocator GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is ServiceLocator)
+			{
+				return (ServiceLocator) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new ServiceLocator((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public ServiceLocator(
+			X509Name	issuer)
+			: this(issuer, null)
+		{
+		}
+
+		public ServiceLocator(
+			X509Name	issuer,
+			Asn1Object	locator)
+		{
+			if (issuer == null)
+				throw new ArgumentNullException("issuer");
+
+			this.issuer = issuer;
+			this.locator = locator;
+		}
+
+		private ServiceLocator(
+			Asn1Sequence seq)
+		{
+			this.issuer = X509Name.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				this.locator = seq[1].ToAsn1Object();
+			}
+		}
+
+		public X509Name Issuer
+		{
+			get { return issuer; }
+		}
+
+		public Asn1Object Locator
+		{
+			get { return locator; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ServiceLocator ::= Sequence {
+         *     issuer    Name,
+         *     locator   AuthorityInfoAccessSyntax OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(issuer);
+
+			if (locator != null)
+            {
+                v.Add(locator);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/Signature.cs b/bc-sharp-crypto/src/asn1/ocsp/Signature.cs
new file mode 100644
index 0000000..d6b4ccf
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/Signature.cs
@@ -0,0 +1,115 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class Signature
+        : Asn1Encodable
+    {
+        internal AlgorithmIdentifier	signatureAlgorithm;
+        internal DerBitString			signatureValue;
+        internal Asn1Sequence			certs;
+
+		public static Signature GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static Signature GetInstance(
+			object  obj)
+		{
+			if (obj == null || obj is Signature)
+			{
+				return (Signature)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new Signature((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public Signature(
+            AlgorithmIdentifier signatureAlgorithm,
+            DerBitString        signatureValue)
+			: this(signatureAlgorithm, signatureValue, null)
+        {
+        }
+
+		public Signature(
+            AlgorithmIdentifier	signatureAlgorithm,
+            DerBitString		signatureValue,
+            Asn1Sequence		certs)
+        {
+			if (signatureAlgorithm == null)
+				throw new ArgumentException("signatureAlgorithm");
+			if (signatureValue == null)
+				throw new ArgumentException("signatureValue");
+
+			this.signatureAlgorithm = signatureAlgorithm;
+            this.signatureValue = signatureValue;
+            this.certs = certs;
+        }
+
+		private Signature(
+            Asn1Sequence seq)
+        {
+            signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+            signatureValue = (DerBitString)seq[1];
+
+			if (seq.Count == 3)
+            {
+                certs = Asn1Sequence.GetInstance(
+					(Asn1TaggedObject)seq[2], true);
+            }
+        }
+
+		public AlgorithmIdentifier SignatureAlgorithm
+		{
+			get { return signatureAlgorithm; }
+		}
+
+		public DerBitString SignatureValue
+		{
+			get { return signatureValue; }
+		}
+
+        public byte[] GetSignatureOctets()
+        {
+            return signatureValue.GetOctets();
+        }
+
+        public Asn1Sequence Certs
+		{
+			get { return certs; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Signature       ::=     Sequence {
+         *     signatureAlgorithm      AlgorithmIdentifier,
+         *     signature               BIT STRING,
+         *     certs               [0] EXPLICIT Sequence OF Certificate OPTIONAL}
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				signatureAlgorithm, signatureValue);
+
+			if (certs != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, certs));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/SingleResponse.cs b/bc-sharp-crypto/src/asn1/ocsp/SingleResponse.cs
new file mode 100644
index 0000000..544232a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/SingleResponse.cs
@@ -0,0 +1,137 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class SingleResponse
+        : Asn1Encodable
+    {
+        private readonly CertID              certID;
+        private readonly CertStatus          certStatus;
+        private readonly DerGeneralizedTime  thisUpdate;
+        private readonly DerGeneralizedTime  nextUpdate;
+        private readonly X509Extensions      singleExtensions;
+
+		public SingleResponse(
+            CertID              certID,
+            CertStatus          certStatus,
+            DerGeneralizedTime  thisUpdate,
+            DerGeneralizedTime  nextUpdate,
+            X509Extensions      singleExtensions)
+        {
+            this.certID = certID;
+            this.certStatus = certStatus;
+            this.thisUpdate = thisUpdate;
+            this.nextUpdate = nextUpdate;
+            this.singleExtensions = singleExtensions;
+        }
+
+		public SingleResponse(
+            Asn1Sequence seq)
+        {
+            this.certID = CertID.GetInstance(seq[0]);
+            this.certStatus = CertStatus.GetInstance(seq[1]);
+            this.thisUpdate = (DerGeneralizedTime)seq[2];
+
+			if (seq.Count > 4)
+            {
+                this.nextUpdate = DerGeneralizedTime.GetInstance(
+					(Asn1TaggedObject) seq[3], true);
+                this.singleExtensions = X509Extensions.GetInstance(
+					(Asn1TaggedObject) seq[4], true);
+            }
+            else if (seq.Count > 3)
+            {
+                Asn1TaggedObject o = (Asn1TaggedObject) seq[3];
+
+				if (o.TagNo == 0)
+                {
+                    this.nextUpdate = DerGeneralizedTime.GetInstance(o, true);
+                }
+                else
+                {
+                    this.singleExtensions = X509Extensions.GetInstance(o, true);
+                }
+            }
+        }
+
+		public static SingleResponse GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static SingleResponse GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is SingleResponse)
+            {
+                return (SingleResponse)obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new SingleResponse((Asn1Sequence)obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public CertID CertId
+		{
+			get { return certID; }
+		}
+
+		public CertStatus CertStatus
+		{
+			get { return certStatus; }
+		}
+
+		public DerGeneralizedTime ThisUpdate
+		{
+			get { return thisUpdate; }
+		}
+
+		public DerGeneralizedTime NextUpdate
+		{
+			get { return nextUpdate; }
+		}
+
+		public X509Extensions SingleExtensions
+		{
+			get { return singleExtensions; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  SingleResponse ::= Sequence {
+         *          certID                       CertID,
+         *          certStatus                   CertStatus,
+         *          thisUpdate                   GeneralizedTime,
+         *          nextUpdate         [0]       EXPLICIT GeneralizedTime OPTIONAL,
+         *          singleExtensions   [1]       EXPLICIT Extensions OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				certID, certStatus, thisUpdate);
+
+			if (nextUpdate != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, nextUpdate));
+            }
+
+			if (singleExtensions != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, singleExtensions));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/ocsp/TBSRequest.cs b/bc-sharp-crypto/src/asn1/ocsp/TBSRequest.cs
new file mode 100644
index 0000000..1ad8649
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/ocsp/TBSRequest.cs
@@ -0,0 +1,151 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Ocsp
+{
+    public class TbsRequest
+        : Asn1Encodable
+    {
+		private static readonly DerInteger V1 = new DerInteger(0);
+
+		private readonly DerInteger      version;
+        private readonly GeneralName     requestorName;
+        private readonly Asn1Sequence    requestList;
+        private readonly X509Extensions  requestExtensions;
+
+		private bool versionSet;
+
+		public static TbsRequest GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static TbsRequest GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is TbsRequest)
+			{
+				return (TbsRequest)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new TbsRequest((Asn1Sequence)obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public TbsRequest(
+            GeneralName     requestorName,
+            Asn1Sequence    requestList,
+            X509Extensions  requestExtensions)
+        {
+            this.version = V1;
+            this.requestorName = requestorName;
+            this.requestList = requestList;
+            this.requestExtensions = requestExtensions;
+        }
+
+		private TbsRequest(
+            Asn1Sequence seq)
+        {
+            int index = 0;
+
+			Asn1Encodable enc = seq[0];
+			if (enc is Asn1TaggedObject)
+            {
+                Asn1TaggedObject o = (Asn1TaggedObject) enc;
+
+				if (o.TagNo == 0)
+                {
+					versionSet = true;
+					version = DerInteger.GetInstance(o, true);
+                    index++;
+                }
+                else
+                {
+                    version = V1;
+                }
+            }
+            else
+            {
+                version = V1;
+            }
+
+			if (seq[index] is Asn1TaggedObject)
+            {
+                requestorName = GeneralName.GetInstance((Asn1TaggedObject) seq[index++], true);
+            }
+
+			requestList = (Asn1Sequence) seq[index++];
+
+			if (seq.Count == (index + 1))
+            {
+                requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true);
+            }
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public GeneralName RequestorName
+		{
+			get { return requestorName; }
+		}
+
+		public Asn1Sequence RequestList
+		{
+			get { return requestList; }
+		}
+
+		public X509Extensions RequestExtensions
+		{
+			get { return requestExtensions; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * TBSRequest      ::=     Sequence {
+         *     version             [0]     EXPLICIT Version DEFAULT v1,
+         *     requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
+         *     requestList                 Sequence OF Request,
+         *     requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			//
+			// if default don't include - unless explicitly provided. Not strictly correct
+			// but required for some requests
+			//
+			if (!version.Equals(V1) || versionSet)
+			{
+                v.Add(new DerTaggedObject(true, 0, version));
+            }
+
+			if (requestorName != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, requestorName));
+            }
+
+			v.Add(requestList);
+
+			if (requestExtensions != null)
+            {
+                v.Add(new DerTaggedObject(true, 2, requestExtensions));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/oiw/ElGamalParameter.cs b/bc-sharp-crypto/src/asn1/oiw/ElGamalParameter.cs
new file mode 100644
index 0000000..3e020f0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/oiw/ElGamalParameter.cs
@@ -0,0 +1,47 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Oiw
+{
+    public class ElGamalParameter
+        : Asn1Encodable
+    {
+        internal DerInteger p, g;
+
+		public ElGamalParameter(
+            BigInteger	p,
+            BigInteger	g)
+        {
+            this.p = new DerInteger(p);
+            this.g = new DerInteger(g);
+        }
+
+		public ElGamalParameter(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			p = DerInteger.GetInstance(seq[0]);
+			g = DerInteger.GetInstance(seq[1]);
+        }
+
+		public BigInteger P
+		{
+			get { return p.PositiveValue; }
+		}
+
+		public BigInteger G
+		{
+			get { return g.PositiveValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(p, g);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/oiw/OIWObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/oiw/OIWObjectIdentifiers.cs
new file mode 100644
index 0000000..3da2263
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/oiw/OIWObjectIdentifiers.cs
@@ -0,0 +1,29 @@
+namespace Org.BouncyCastle.Asn1.Oiw
+{
+	public abstract class OiwObjectIdentifiers
+	{
+		public static readonly DerObjectIdentifier MD4WithRsa			= new DerObjectIdentifier("1.3.14.3.2.2");
+		public static readonly DerObjectIdentifier MD5WithRsa			= new DerObjectIdentifier("1.3.14.3.2.3");
+		public static readonly DerObjectIdentifier MD4WithRsaEncryption	= new DerObjectIdentifier("1.3.14.3.2.4");
+
+		public static readonly DerObjectIdentifier DesEcb				= new DerObjectIdentifier("1.3.14.3.2.6");
+		public static readonly DerObjectIdentifier DesCbc				= new DerObjectIdentifier("1.3.14.3.2.7");
+		public static readonly DerObjectIdentifier DesOfb				= new DerObjectIdentifier("1.3.14.3.2.8");
+		public static readonly DerObjectIdentifier DesCfb				= new DerObjectIdentifier("1.3.14.3.2.9");
+
+		public static readonly DerObjectIdentifier DesEde				= new DerObjectIdentifier("1.3.14.3.2.17");
+
+		// id-SHA1 OBJECT IDENTIFIER ::=
+		//   {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }    //
+		public static readonly DerObjectIdentifier IdSha1				= new DerObjectIdentifier("1.3.14.3.2.26");
+
+		public static readonly DerObjectIdentifier DsaWithSha1			= new DerObjectIdentifier("1.3.14.3.2.27");
+
+		public static readonly DerObjectIdentifier Sha1WithRsa			= new DerObjectIdentifier("1.3.14.3.2.29");
+
+		// ElGamal Algorithm OBJECT IDENTIFIER ::=
+		// {iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 }
+		//
+		public static readonly DerObjectIdentifier ElGamalAlgorithm		= new DerObjectIdentifier("1.3.14.7.2.1.1");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/Attribute.cs b/bc-sharp-crypto/src/asn1/pkcs/Attribute.cs
new file mode 100644
index 0000000..1858285
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/Attribute.cs
@@ -0,0 +1,79 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class AttributePkcs
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier attrType;
+        private readonly Asn1Set attrValues;
+
+		/**
+         * return an Attribute object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static AttributePkcs GetInstance(
+            object obj)
+        {
+            AttributePkcs attr = obj as AttributePkcs;
+            if (obj == null || attr != null)
+            {
+                return attr;
+            }
+
+			Asn1Sequence seq = obj as Asn1Sequence;
+            if (seq != null)
+            {
+                return new AttributePkcs(seq);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private AttributePkcs(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			attrType = DerObjectIdentifier.GetInstance(seq[0]);
+            attrValues = Asn1Set.GetInstance(seq[1]);
+        }
+
+		public AttributePkcs(
+            DerObjectIdentifier	attrType,
+            Asn1Set				attrValues)
+        {
+            this.attrType = attrType;
+            this.attrValues = attrValues;
+        }
+
+		public DerObjectIdentifier AttrType
+		{
+			get { return attrType; }
+		}
+
+		public Asn1Set AttrValues
+		{
+			get { return attrValues; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Attr ::= Sequence {
+         *     attrType OBJECT IDENTIFIER,
+         *     attrValues Set OF AttributeValue
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(attrType, attrValues);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/AuthenticatedSafe.cs b/bc-sharp-crypto/src/asn1/pkcs/AuthenticatedSafe.cs
new file mode 100644
index 0000000..f3dabb8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/AuthenticatedSafe.cs
@@ -0,0 +1,37 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class AuthenticatedSafe
+        : Asn1Encodable
+    {
+        private readonly ContentInfo[] info;
+
+		public AuthenticatedSafe(
+            Asn1Sequence seq)
+        {
+            info = new ContentInfo[seq.Count];
+
+			for (int i = 0; i != info.Length; i++)
+            {
+                info[i] = ContentInfo.GetInstance(seq[i]);
+            }
+        }
+
+		public AuthenticatedSafe(
+            ContentInfo[] info)
+        {
+            this.info = (ContentInfo[]) info.Clone();
+        }
+
+		public ContentInfo[] GetContentInfo()
+        {
+            return (ContentInfo[]) info.Clone();
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new BerSequence(info);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/CertBag.cs b/bc-sharp-crypto/src/asn1/pkcs/CertBag.cs
new file mode 100644
index 0000000..b6f4c8a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/CertBag.cs
@@ -0,0 +1,46 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class CertBag
+        : Asn1Encodable
+    {
+//		private readonly Asn1Sequence seq;
+        private readonly DerObjectIdentifier certID;
+        private readonly Asn1Object certValue;
+
+		public CertBag(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+//			this.seq = seq;
+            this.certID = DerObjectIdentifier.GetInstance(seq[0]);
+            this.certValue = DerTaggedObject.GetInstance(seq[1]).GetObject();
+        }
+
+		public CertBag(
+            DerObjectIdentifier	certID,
+            Asn1Object			certValue)
+        {
+            this.certID = certID;
+            this.certValue = certValue;
+        }
+
+		public DerObjectIdentifier CertID
+		{
+			get { return certID; }
+		}
+
+		public Asn1Object CertValue
+		{
+			get { return certValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(certID, new DerTaggedObject(0, certValue));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/CertificationRequest.cs b/bc-sharp-crypto/src/asn1/pkcs/CertificationRequest.cs
new file mode 100644
index 0000000..98caa22
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/CertificationRequest.cs
@@ -0,0 +1,87 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * Pkcs10 Certfication request object.
+     * <pre>
+     * CertificationRequest ::= Sequence {
+     *   certificationRequestInfo  CertificationRequestInfo,
+     *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+     *   signature                 BIT STRING
+     * }
+     * </pre>
+     */
+    public class CertificationRequest
+        : Asn1Encodable
+    {
+        protected CertificationRequestInfo	reqInfo;
+        protected AlgorithmIdentifier		sigAlgId;
+        protected DerBitString				sigBits;
+
+		public static CertificationRequest GetInstance(
+			object obj)
+		{
+			if (obj is CertificationRequest)
+				return (CertificationRequest)obj;
+
+			if (obj != null)
+				return new CertificationRequest((Asn1Sequence)obj);
+
+			return null;
+		}
+
+		protected CertificationRequest()
+        {
+        }
+
+		public CertificationRequest(
+            CertificationRequestInfo	requestInfo,
+            AlgorithmIdentifier			algorithm,
+            DerBitString				signature)
+        {
+            this.reqInfo = requestInfo;
+            this.sigAlgId = algorithm;
+            this.sigBits = signature;
+        }
+
+        [Obsolete("Use 'GetInstance' instead")]
+        public CertificationRequest(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 3)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			reqInfo = CertificationRequestInfo.GetInstance(seq[0]);
+            sigAlgId = AlgorithmIdentifier.GetInstance(seq[1]);
+            sigBits = DerBitString.GetInstance(seq[2]);
+        }
+
+		public CertificationRequestInfo GetCertificationRequestInfo()
+        {
+            return reqInfo;
+        }
+
+		public AlgorithmIdentifier SignatureAlgorithm
+		{
+			get { return sigAlgId; }
+		}
+
+		public DerBitString Signature
+		{
+			get { return sigBits; }
+		}
+
+        public byte[] GetSignatureOctets()
+        {
+            return sigBits.GetOctets();
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(reqInfo, sigAlgId, sigBits);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/CertificationRequestInfo.cs b/bc-sharp-crypto/src/asn1/pkcs/CertificationRequestInfo.cs
new file mode 100644
index 0000000..6d98013
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/CertificationRequestInfo.cs
@@ -0,0 +1,137 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * Pkcs10 CertificationRequestInfo object.
+     * <pre>
+     *  CertificationRequestInfo ::= Sequence {
+     *   version             Integer { v1(0) } (v1,...),
+     *   subject             Name,
+     *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+     *   attributes          [0] Attributes{{ CRIAttributes }}
+     *  }
+     *
+     *  Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
+     *
+     *  Attr { ATTRIBUTE:IOSet } ::= Sequence {
+     *    type    ATTRIBUTE.&amp;id({IOSet}),
+     *    values  Set SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
+     *  }
+     * </pre>
+     */
+    public class CertificationRequestInfo
+        : Asn1Encodable
+    {
+        internal DerInteger				version = new DerInteger(0);
+        internal X509Name				subject;
+        internal SubjectPublicKeyInfo	subjectPKInfo;
+        internal Asn1Set				attributes;
+
+		public static CertificationRequestInfo GetInstance(object obj)
+        {
+            if (obj is CertificationRequestInfo)
+                return (CertificationRequestInfo)obj;
+            if (obj != null)
+                return new CertificationRequestInfo(Asn1Sequence.GetInstance(obj));
+            return null;
+		}
+
+		public CertificationRequestInfo(
+            X509Name				subject,
+            SubjectPublicKeyInfo	pkInfo,
+            Asn1Set					attributes)
+        {
+            this.subject = subject;
+            this.subjectPKInfo = pkInfo;
+            this.attributes = attributes;
+
+            ValidateAttributes(attributes);
+
+            if (subject == null || version == null || subjectPKInfo == null)
+            {
+                throw new ArgumentException(
+					"Not all mandatory fields set in CertificationRequestInfo generator.");
+            }
+        }
+
+		private CertificationRequestInfo(
+            Asn1Sequence seq)
+        {
+            version = (DerInteger) seq[0];
+
+			subject = X509Name.GetInstance(seq[1]);
+            subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]);
+
+			//
+            // some CertificationRequestInfo objects seem to treat this field
+            // as optional.
+            //
+            if (seq.Count > 3)
+            {
+                DerTaggedObject tagobj = (DerTaggedObject) seq[3];
+                attributes = Asn1Set.GetInstance(tagobj, false);
+            }
+
+            ValidateAttributes(attributes);
+
+            if (subject == null || version == null || subjectPKInfo == null)
+            {
+                throw new ArgumentException(
+					"Not all mandatory fields set in CertificationRequestInfo generator.");
+            }
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public X509Name Subject
+		{
+			get { return subject; }
+		}
+
+		public SubjectPublicKeyInfo SubjectPublicKeyInfo
+		{
+			get { return subjectPKInfo; }
+		}
+
+		public Asn1Set Attributes
+		{
+			get { return attributes; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				version, subject, subjectPKInfo);
+
+			if (attributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, attributes));
+            }
+
+			return new DerSequence(v);
+        }
+
+        private static void ValidateAttributes(Asn1Set attributes)
+        {
+            if (attributes == null)
+                return;
+
+            foreach (Asn1Encodable ae in attributes)
+            {
+                Asn1Object obj = ae.ToAsn1Object();
+                AttributePkcs attr = AttributePkcs.GetInstance(obj);
+                if (attr.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtChallengePassword))
+                {
+                    if (attr.AttrValues.Count != 1)
+                        throw new ArgumentException("challengePassword attribute must have one value");
+                }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/ContentInfo.cs b/bc-sharp-crypto/src/asn1/pkcs/ContentInfo.cs
new file mode 100644
index 0000000..526a3c4
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/ContentInfo.cs
@@ -0,0 +1,74 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class ContentInfo
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	contentType;
+        private readonly Asn1Encodable			content;
+
+        public static ContentInfo GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            ContentInfo existing = obj as ContentInfo;
+            if (existing != null)
+                return existing;
+            return new ContentInfo(Asn1Sequence.GetInstance(obj));
+        }
+
+        private ContentInfo(
+            Asn1Sequence seq)
+        {
+            contentType = (DerObjectIdentifier) seq[0];
+
+            if (seq.Count > 1)
+            {
+                content = ((Asn1TaggedObject) seq[1]).GetObject();
+            }
+        }
+
+        public ContentInfo(
+            DerObjectIdentifier	contentType,
+            Asn1Encodable		content)
+        {
+            this.contentType = contentType;
+            this.content = content;
+        }
+
+        public DerObjectIdentifier ContentType
+        {
+            get { return contentType; }
+        }
+
+        public Asn1Encodable Content
+        {
+            get { return content; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * ContentInfo ::= Sequence {
+         *          contentType ContentType,
+         *          content
+         *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(contentType);
+
+            if (content != null)
+            {
+                v.Add(new BerTaggedObject(0, content));
+            }
+
+            return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/DHParameter.cs b/bc-sharp-crypto/src/asn1/pkcs/DHParameter.cs
new file mode 100644
index 0000000..25a091a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/DHParameter.cs
@@ -0,0 +1,72 @@
+using Org.BouncyCastle.Asn1;
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class DHParameter
+        : Asn1Encodable
+    {
+        internal DerInteger p, g, l;
+
+		public DHParameter(
+            BigInteger	p,
+            BigInteger	g,
+            int			l)
+        {
+            this.p = new DerInteger(p);
+            this.g = new DerInteger(g);
+
+			if (l != 0)
+            {
+                this.l = new DerInteger(l);
+            }
+        }
+
+		public DHParameter(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+            p = (DerInteger)e.Current;
+
+			e.MoveNext();
+            g = (DerInteger)e.Current;
+
+			if (e.MoveNext())
+            {
+                l = (DerInteger) e.Current;
+            }
+        }
+
+		public BigInteger P
+		{
+			get { return p.PositiveValue; }
+		}
+
+		public BigInteger G
+		{
+			get { return g.PositiveValue; }
+		}
+
+		public BigInteger L
+		{
+            get { return l == null ? null : l.PositiveValue; }
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(p, g);
+
+			if (this.l != null)
+            {
+                v.Add(l);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/EncryptedData.cs b/bc-sharp-crypto/src/asn1/pkcs/EncryptedData.cs
new file mode 100644
index 0000000..7e95eb5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/EncryptedData.cs
@@ -0,0 +1,105 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * The EncryptedData object.
+     * <pre>
+     *      EncryptedData ::= Sequence {
+     *           version Version,
+     *           encryptedContentInfo EncryptedContentInfo
+     *      }
+     *
+     *
+     *      EncryptedContentInfo ::= Sequence {
+     *          contentType ContentType,
+     *          contentEncryptionAlgorithm  ContentEncryptionAlgorithmIdentifier,
+     *          encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+     *    }
+     *
+     *    EncryptedContent ::= OCTET STRING
+     * </pre>
+     */
+    public class EncryptedData
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence data;
+//        private readonly DerObjectIdentifier bagId;
+//        private readonly Asn1Object bagValue;
+
+		public static EncryptedData GetInstance(
+             object obj)
+        {
+			if (obj is EncryptedData)
+			{
+				return (EncryptedData) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new EncryptedData((Asn1Sequence) obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private EncryptedData(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			int version = ((DerInteger) seq[0]).Value.IntValue;
+			if (version != 0)
+            {
+                throw new ArgumentException("sequence not version 0");
+            }
+
+			this.data = (Asn1Sequence) seq[1];
+        }
+
+		public EncryptedData(
+            DerObjectIdentifier	contentType,
+            AlgorithmIdentifier	encryptionAlgorithm,
+            Asn1Encodable		content)
+        {
+			data = new BerSequence(
+				contentType,
+				encryptionAlgorithm.ToAsn1Object(),
+				new BerTaggedObject(false, 0, content));
+        }
+
+		public DerObjectIdentifier ContentType
+        {
+            get { return (DerObjectIdentifier) data[0]; }
+        }
+
+		public AlgorithmIdentifier EncryptionAlgorithm
+        {
+			get { return AlgorithmIdentifier.GetInstance(data[1]); }
+        }
+
+		public Asn1OctetString Content
+        {
+			get
+			{
+				if (data.Count == 3)
+				{
+					DerTaggedObject o = (DerTaggedObject) data[2];
+
+					return Asn1OctetString.GetInstance(o, false);
+				}
+
+				return null;
+			}
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new BerSequence(new DerInteger(0), data);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs b/bc-sharp-crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs
new file mode 100644
index 0000000..9870270
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs
@@ -0,0 +1,79 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class EncryptedPrivateKeyInfo
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier algId;
+        private readonly Asn1OctetString data;
+
+		private EncryptedPrivateKeyInfo(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+            algId = AlgorithmIdentifier.GetInstance(seq[0]);
+            data = Asn1OctetString.GetInstance(seq[1]);
+        }
+
+		public EncryptedPrivateKeyInfo(
+            AlgorithmIdentifier	algId,
+            byte[]				encoding)
+        {
+            this.algId = algId;
+            this.data = new DerOctetString(encoding);
+        }
+
+		public static EncryptedPrivateKeyInfo GetInstance(
+             object obj)
+        {
+			if (obj is EncryptedPrivateKeyInfo)
+			{
+				return (EncryptedPrivateKeyInfo) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new EncryptedPrivateKeyInfo((Asn1Sequence) obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public AlgorithmIdentifier EncryptionAlgorithm
+		{
+			get { return algId; }
+		}
+
+		public byte[] GetEncryptedData()
+        {
+            return data.GetOctets();
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * EncryptedPrivateKeyInfo ::= Sequence {
+         *      encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
+         *      encryptedData EncryptedData
+         * }
+         *
+         * EncryptedData ::= OCTET STRING
+         *
+         * KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
+         *          ... -- For local profiles
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(algId, data);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/EncryptionScheme.cs b/bc-sharp-crypto/src/asn1/pkcs/EncryptionScheme.cs
new file mode 100644
index 0000000..7b90ece
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/EncryptionScheme.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class EncryptionScheme
+        : AlgorithmIdentifier
+    {
+		public EncryptionScheme(
+            DerObjectIdentifier	objectID,
+            Asn1Encodable		parameters)
+			: base(objectID, parameters)
+		{
+		}
+
+		internal EncryptionScheme(
+			Asn1Sequence seq)
+			: this((DerObjectIdentifier)seq[0], seq[1])
+        {
+        }
+
+		public new static EncryptionScheme GetInstance(object obj)
+		{
+			if (obj is EncryptionScheme)
+			{
+				return (EncryptionScheme)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new EncryptionScheme((Asn1Sequence)obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public Asn1Object Asn1Object
+		{
+			get { return Parameters.ToAsn1Object(); }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(Algorithm, Parameters);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs b/bc-sharp-crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs
new file mode 100644
index 0000000..da863cb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class IssuerAndSerialNumber
+        : Asn1Encodable
+    {
+        private readonly X509Name name;
+        private readonly DerInteger certSerialNumber;
+
+		public static IssuerAndSerialNumber GetInstance(
+            object obj)
+        {
+            if (obj is IssuerAndSerialNumber)
+            {
+                return (IssuerAndSerialNumber) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new IssuerAndSerialNumber((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private IssuerAndSerialNumber(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.name = X509Name.GetInstance(seq[0]);
+            this.certSerialNumber = DerInteger.GetInstance(seq[1]);
+        }
+
+		public IssuerAndSerialNumber(
+            X509Name	name,
+            BigInteger	certSerialNumber)
+        {
+            this.name = name;
+            this.certSerialNumber = new DerInteger(certSerialNumber);
+        }
+
+		public IssuerAndSerialNumber(
+            X509Name	name,
+            DerInteger	certSerialNumber)
+        {
+            this.name = name;
+            this.certSerialNumber = certSerialNumber;
+        }
+
+		public X509Name Name
+		{
+			get { return name; }
+		}
+
+		public DerInteger CertificateSerialNumber
+		{
+			get { return certSerialNumber; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(name, certSerialNumber);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/KeyDerivationFunc.cs b/bc-sharp-crypto/src/asn1/pkcs/KeyDerivationFunc.cs
new file mode 100644
index 0000000..9fc8985
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/KeyDerivationFunc.cs
@@ -0,0 +1,21 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+	public class KeyDerivationFunc
+		: AlgorithmIdentifier
+	{
+		internal KeyDerivationFunc(Asn1Sequence seq)
+			: base(seq)
+		{
+		}
+
+		public KeyDerivationFunc(
+			DerObjectIdentifier	id,
+			Asn1Encodable		parameters)
+			: base(id, parameters)
+		{
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/asn1/pkcs/MacData.cs b/bc-sharp-crypto/src/asn1/pkcs/MacData.cs
new file mode 100644
index 0000000..c4b7df1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/MacData.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class MacData
+        : Asn1Encodable
+    {
+        internal DigestInfo	digInfo;
+        internal byte[]		salt;
+        internal BigInteger	iterationCount;
+
+		public static MacData GetInstance(
+            object obj)
+        {
+            if (obj is MacData)
+            {
+                return (MacData) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new MacData((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private MacData(
+            Asn1Sequence seq)
+        {
+            this.digInfo = DigestInfo.GetInstance(seq[0]);
+            this.salt = ((Asn1OctetString) seq[1]).GetOctets();
+
+			if (seq.Count == 3)
+            {
+                this.iterationCount = ((DerInteger) seq[2]).Value;
+            }
+            else
+            {
+                this.iterationCount = BigInteger.One;
+            }
+        }
+
+		public MacData(
+            DigestInfo	digInfo,
+            byte[]		salt,
+            int			iterationCount)
+        {
+            this.digInfo = digInfo;
+            this.salt = (byte[]) salt.Clone();
+            this.iterationCount = BigInteger.ValueOf(iterationCount);
+        }
+
+		public DigestInfo Mac
+		{
+			get { return digInfo; }
+		}
+
+		public byte[] GetSalt()
+        {
+            return (byte[]) salt.Clone();
+        }
+
+		public BigInteger IterationCount
+		{
+			get { return iterationCount; }
+		}
+
+		/**
+		 * <pre>
+		 * MacData ::= SEQUENCE {
+		 *     mac      DigestInfo,
+		 *     macSalt  OCTET STRING,
+		 *     iterations INTEGER DEFAULT 1
+		 *     -- Note: The default is for historic reasons and its use is deprecated. A
+		 *     -- higher value, like 1024 is recommended.
+		 * </pre>
+		 * @return the basic DERObject construction.
+		 */
+		public override Asn1Object ToAsn1Object()
+        {
+			Asn1EncodableVector v = new Asn1EncodableVector(digInfo, new DerOctetString(salt));
+
+			if (!iterationCount.Equals(BigInteger.One))
+			{
+				v.Add(new DerInteger(iterationCount));
+			}
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PBEParameter.cs b/bc-sharp-crypto/src/asn1/pkcs/PBEParameter.cs
new file mode 100644
index 0000000..56cea5f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PBEParameter.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+	public class PbeParameter
+		: Asn1Encodable
+	{
+		private readonly Asn1OctetString	salt;
+		private readonly DerInteger			iterationCount;
+
+		public static PbeParameter GetInstance(object obj)
+		{
+			if (obj is PbeParameter || obj == null)
+			{
+				return (PbeParameter) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new PbeParameter((Asn1Sequence) obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private PbeParameter(Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			salt = Asn1OctetString.GetInstance(seq[0]);
+			iterationCount = DerInteger.GetInstance(seq[1]);
+		}
+
+		public PbeParameter(byte[] salt, int iterationCount)
+		{
+			this.salt = new DerOctetString(salt);
+			this.iterationCount = new DerInteger(iterationCount);
+		}
+
+		public byte[] GetSalt()
+		{
+			return salt.GetOctets();
+		}
+
+		public BigInteger IterationCount
+		{
+			get { return iterationCount.Value; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(salt, iterationCount);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PBES2Parameters.cs b/bc-sharp-crypto/src/asn1/pkcs/PBES2Parameters.cs
new file mode 100644
index 0000000..fc6904e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PBES2Parameters.cs
@@ -0,0 +1,65 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class PbeS2Parameters
+        : Asn1Encodable
+    {
+        private readonly KeyDerivationFunc func;
+        private readonly EncryptionScheme scheme;
+
+        public static PbeS2Parameters GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            PbeS2Parameters existing = obj as PbeS2Parameters;
+            if (existing != null)
+                return existing;
+            return new PbeS2Parameters(Asn1Sequence.GetInstance(obj));
+        }
+
+        public PbeS2Parameters(KeyDerivationFunc keyDevFunc, EncryptionScheme encScheme)
+        {
+            this.func = keyDevFunc;
+            this.scheme = encScheme;
+        }
+
+        [Obsolete("Use GetInstance() instead")]
+        public PbeS2Parameters(
+            Asn1Sequence seq)
+        {
+            if (seq.Count != 2)
+                throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+            Asn1Sequence funcSeq = (Asn1Sequence)seq[0].ToAsn1Object();
+
+            // TODO Not sure if this special case is really necessary/appropriate
+            if (funcSeq[0].Equals(PkcsObjectIdentifiers.IdPbkdf2))
+            {
+                func = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2,
+                    Pbkdf2Params.GetInstance(funcSeq[1]));
+            }
+            else
+            {
+                func = new KeyDerivationFunc(funcSeq);
+            }
+
+            scheme = EncryptionScheme.GetInstance(seq[1].ToAsn1Object());
+        }
+
+        public KeyDerivationFunc KeyDerivationFunc
+        {
+            get { return func; }
+        }
+
+        public EncryptionScheme EncryptionScheme
+        {
+            get { return scheme; }
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(func, scheme);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PBKDF2Params.cs b/bc-sharp-crypto/src/asn1/pkcs/PBKDF2Params.cs
new file mode 100644
index 0000000..279f30d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PBKDF2Params.cs
@@ -0,0 +1,144 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class Pbkdf2Params
+        : Asn1Encodable
+    {
+        private static AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdHmacWithSha1, DerNull.Instance);
+
+        private readonly Asn1OctetString     octStr;
+        private readonly DerInteger          iterationCount, keyLength;
+        private readonly AlgorithmIdentifier prf;
+
+        public static Pbkdf2Params GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Pbkdf2Params)
+                return (Pbkdf2Params)obj;
+
+            if (obj is Asn1Sequence)
+                return new Pbkdf2Params((Asn1Sequence)obj);
+
+            throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public Pbkdf2Params(
+            Asn1Sequence seq)
+        {
+            if (seq.Count < 2 || seq.Count > 4)
+                throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+            this.octStr = (Asn1OctetString)seq[0];
+            this.iterationCount = (DerInteger)seq[1];
+
+            Asn1Encodable kl = null, d = null;
+            if (seq.Count > 3)
+            {
+                kl = seq[2];
+                d = seq[3];
+            }
+            else if (seq.Count > 2)
+            {
+                if (seq[2] is DerInteger)
+                {
+                    kl = seq[2];
+                }
+                else
+                {
+                    d = seq[2];
+                }
+            }
+            if (kl != null)
+            {
+                keyLength = (DerInteger)kl;
+            }
+            if (d != null)
+            {
+                prf = AlgorithmIdentifier.GetInstance(d);
+            }
+        }
+
+        public Pbkdf2Params(
+            byte[] salt,
+            int iterationCount)
+        {
+            this.octStr = new DerOctetString(salt);
+            this.iterationCount = new DerInteger(iterationCount);
+        }
+
+        public Pbkdf2Params(
+            byte[]  salt,
+            int     iterationCount,
+            int     keyLength)
+            : this(salt, iterationCount)
+        {
+            this.keyLength = new DerInteger(keyLength);
+        }
+
+        public Pbkdf2Params(
+            byte[] salt,
+            int iterationCount,
+            int keyLength,
+            AlgorithmIdentifier prf)
+            : this(salt, iterationCount, keyLength)
+        {
+            this.prf = prf;
+        }
+
+        public Pbkdf2Params(
+            byte[] salt,
+            int iterationCount,
+            AlgorithmIdentifier prf)
+            : this(salt, iterationCount)
+        {
+            this.prf = prf;
+        }
+
+        public byte[] GetSalt()
+        {
+            return octStr.GetOctets();
+        }
+
+        public BigInteger IterationCount
+        {
+            get { return iterationCount.Value; }
+        }
+
+        public BigInteger KeyLength
+        {
+            get { return keyLength == null ? null : keyLength.Value; }
+        }
+
+        public bool IsDefaultPrf
+        {
+            get { return prf == null || prf.Equals(algid_hmacWithSHA1); }
+        }
+
+        public AlgorithmIdentifier Prf
+        {
+            get { return prf != null ? prf : algid_hmacWithSHA1; }
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                octStr, iterationCount);
+
+            if (keyLength != null)
+            {
+                v.Add(keyLength);
+            }
+            if (!IsDefaultPrf)
+            {
+                v.Add(prf);
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PKCS12PBEParams.cs b/bc-sharp-crypto/src/asn1/pkcs/PKCS12PBEParams.cs
new file mode 100644
index 0000000..b41c289
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PKCS12PBEParams.cs
@@ -0,0 +1,63 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class Pkcs12PbeParams
+        : Asn1Encodable
+    {
+        private readonly DerInteger iterations;
+        private readonly Asn1OctetString iv;
+
+		public Pkcs12PbeParams(
+            byte[]	salt,
+            int		iterations)
+        {
+            this.iv = new DerOctetString(salt);
+            this.iterations = new DerInteger(iterations);
+        }
+
+		private Pkcs12PbeParams(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			iv = Asn1OctetString.GetInstance(seq[0]);
+            iterations = DerInteger.GetInstance(seq[1]);
+        }
+
+		public static Pkcs12PbeParams GetInstance(
+            object obj)
+        {
+            if (obj is Pkcs12PbeParams)
+            {
+                return (Pkcs12PbeParams) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new Pkcs12PbeParams((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public BigInteger Iterations
+		{
+			get { return iterations.Value; }
+		}
+
+		public byte[] GetIV()
+        {
+            return iv.GetOctets();
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(iv, iterations);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
new file mode 100644
index 0000000..1a9a03e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
@@ -0,0 +1,293 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public abstract class PkcsObjectIdentifiers
+    {
+        //
+        // pkcs-1 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
+        //
+        public const string Pkcs1 = "1.2.840.113549.1.1";
+        internal static readonly DerObjectIdentifier Pkcs1Oid                 = new DerObjectIdentifier(Pkcs1);
+
+        public static readonly DerObjectIdentifier RsaEncryption            = Pkcs1Oid.Branch("1");
+        public static readonly DerObjectIdentifier MD2WithRsaEncryption		= Pkcs1Oid.Branch("2");
+        public static readonly DerObjectIdentifier MD4WithRsaEncryption		= Pkcs1Oid.Branch("3");
+        public static readonly DerObjectIdentifier MD5WithRsaEncryption		= Pkcs1Oid.Branch("4");
+        public static readonly DerObjectIdentifier Sha1WithRsaEncryption	= Pkcs1Oid.Branch("5");
+        public static readonly DerObjectIdentifier SrsaOaepEncryptionSet	= Pkcs1Oid.Branch("6");
+        public static readonly DerObjectIdentifier IdRsaesOaep				= Pkcs1Oid.Branch("7");
+        public static readonly DerObjectIdentifier IdMgf1					= Pkcs1Oid.Branch("8");
+        public static readonly DerObjectIdentifier IdPSpecified				= Pkcs1Oid.Branch("9");
+        public static readonly DerObjectIdentifier IdRsassaPss				= Pkcs1Oid.Branch("10");
+        public static readonly DerObjectIdentifier Sha256WithRsaEncryption	= Pkcs1Oid.Branch("11");
+        public static readonly DerObjectIdentifier Sha384WithRsaEncryption	= Pkcs1Oid.Branch("12");
+        public static readonly DerObjectIdentifier Sha512WithRsaEncryption	= Pkcs1Oid.Branch("13");
+        public static readonly DerObjectIdentifier Sha224WithRsaEncryption	= Pkcs1Oid.Branch("14");
+        /** PKCS#1: 1.2.840.113549.1.1.15 */
+        public static readonly DerObjectIdentifier Sha512_224WithRSAEncryption = Pkcs1Oid.Branch("15");
+        /** PKCS#1: 1.2.840.113549.1.1.16 */
+        public static readonly DerObjectIdentifier Sha512_256WithRSAEncryption = Pkcs1Oid.Branch("16");
+
+        //
+        // pkcs-3 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 }
+        //
+        public const string Pkcs3 = "1.2.840.113549.1.3";
+
+		public static readonly DerObjectIdentifier    DhKeyAgreement          = new DerObjectIdentifier(Pkcs3 + ".1");
+
+		//
+        // pkcs-5 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 }
+        //
+        public const string Pkcs5 = "1.2.840.113549.1.5";
+
+		public static readonly DerObjectIdentifier PbeWithMD2AndDesCbc    = new DerObjectIdentifier(Pkcs5 + ".1");
+        public static readonly DerObjectIdentifier PbeWithMD2AndRC2Cbc    = new DerObjectIdentifier(Pkcs5 + ".4");
+        public static readonly DerObjectIdentifier PbeWithMD5AndDesCbc    = new DerObjectIdentifier(Pkcs5 + ".3");
+        public static readonly DerObjectIdentifier PbeWithMD5AndRC2Cbc    = new DerObjectIdentifier(Pkcs5 + ".6");
+        public static readonly DerObjectIdentifier PbeWithSha1AndDesCbc   = new DerObjectIdentifier(Pkcs5 + ".10");
+        public static readonly DerObjectIdentifier PbeWithSha1AndRC2Cbc   = new DerObjectIdentifier(Pkcs5 + ".11");
+
+        public static readonly DerObjectIdentifier IdPbeS2 = new DerObjectIdentifier(Pkcs5 + ".13");
+        public static readonly DerObjectIdentifier IdPbkdf2	= new DerObjectIdentifier(Pkcs5 + ".12");
+
+		//
+        // encryptionAlgorithm OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) 3 }
+        //
+        public const string EncryptionAlgorithm = "1.2.840.113549.3";
+
+		public static readonly DerObjectIdentifier DesEde3Cbc	= new DerObjectIdentifier(EncryptionAlgorithm + ".7");
+        public static readonly DerObjectIdentifier RC2Cbc		= new DerObjectIdentifier(EncryptionAlgorithm + ".2");
+
+		//
+        // object identifiers for digests
+        //
+        public const string DigestAlgorithm = "1.2.840.113549.2";
+
+		//
+        // md2 OBJECT IDENTIFIER ::=
+        //      {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 2}
+        //
+        public static readonly DerObjectIdentifier MD2 = new DerObjectIdentifier(DigestAlgorithm + ".2");
+
+        //
+        // md4 OBJECT IDENTIFIER ::=
+        //      {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 4}
+        //
+        public static readonly DerObjectIdentifier MD4 = new DerObjectIdentifier(DigestAlgorithm + ".4");
+
+        //
+        // md5 OBJECT IDENTIFIER ::=
+        //      {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 5}
+        //
+        public static readonly DerObjectIdentifier MD5 = new DerObjectIdentifier(DigestAlgorithm + ".5");
+
+		public static readonly DerObjectIdentifier IdHmacWithSha1	= new DerObjectIdentifier(DigestAlgorithm + ".7");
+        public static readonly DerObjectIdentifier IdHmacWithSha224	= new DerObjectIdentifier(DigestAlgorithm + ".8");
+        public static readonly DerObjectIdentifier IdHmacWithSha256	= new DerObjectIdentifier(DigestAlgorithm + ".9");
+        public static readonly DerObjectIdentifier IdHmacWithSha384	= new DerObjectIdentifier(DigestAlgorithm + ".10");
+        public static readonly DerObjectIdentifier IdHmacWithSha512	= new DerObjectIdentifier(DigestAlgorithm + ".11");
+
+		//
+        // pkcs-7 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7 }
+        //
+        public const string Pkcs7 = "1.2.840.113549.1.7";
+
+		public static readonly DerObjectIdentifier Data                    = new DerObjectIdentifier(Pkcs7 + ".1");
+        public static readonly DerObjectIdentifier SignedData              = new DerObjectIdentifier(Pkcs7 + ".2");
+        public static readonly DerObjectIdentifier EnvelopedData           = new DerObjectIdentifier(Pkcs7 + ".3");
+        public static readonly DerObjectIdentifier SignedAndEnvelopedData  = new DerObjectIdentifier(Pkcs7 + ".4");
+        public static readonly DerObjectIdentifier DigestedData            = new DerObjectIdentifier(Pkcs7 + ".5");
+        public static readonly DerObjectIdentifier EncryptedData           = new DerObjectIdentifier(Pkcs7 + ".6");
+
+        //
+        // pkcs-9 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
+        //
+        public const string Pkcs9 = "1.2.840.113549.1.9";
+
+		public static readonly DerObjectIdentifier Pkcs9AtEmailAddress					= new DerObjectIdentifier(Pkcs9 + ".1");
+        public static readonly DerObjectIdentifier Pkcs9AtUnstructuredName				= new DerObjectIdentifier(Pkcs9 + ".2");
+        public static readonly DerObjectIdentifier Pkcs9AtContentType					= new DerObjectIdentifier(Pkcs9 + ".3");
+        public static readonly DerObjectIdentifier Pkcs9AtMessageDigest					= new DerObjectIdentifier(Pkcs9 + ".4");
+        public static readonly DerObjectIdentifier Pkcs9AtSigningTime					= new DerObjectIdentifier(Pkcs9 + ".5");
+        public static readonly DerObjectIdentifier Pkcs9AtCounterSignature				= new DerObjectIdentifier(Pkcs9 + ".6");
+        public static readonly DerObjectIdentifier Pkcs9AtChallengePassword				= new DerObjectIdentifier(Pkcs9 + ".7");
+        public static readonly DerObjectIdentifier Pkcs9AtUnstructuredAddress			= new DerObjectIdentifier(Pkcs9 + ".8");
+        public static readonly DerObjectIdentifier Pkcs9AtExtendedCertificateAttributes	= new DerObjectIdentifier(Pkcs9 + ".9");
+        public static readonly DerObjectIdentifier Pkcs9AtSigningDescription			= new DerObjectIdentifier(Pkcs9 + ".13");
+        public static readonly DerObjectIdentifier Pkcs9AtExtensionRequest				= new DerObjectIdentifier(Pkcs9 + ".14");
+        public static readonly DerObjectIdentifier Pkcs9AtSmimeCapabilities				= new DerObjectIdentifier(Pkcs9 + ".15");
+        public static readonly DerObjectIdentifier IdSmime                              = new DerObjectIdentifier(Pkcs9 + ".16");
+
+        public static readonly DerObjectIdentifier Pkcs9AtFriendlyName					= new DerObjectIdentifier(Pkcs9 + ".20");
+        public static readonly DerObjectIdentifier Pkcs9AtLocalKeyID					= new DerObjectIdentifier(Pkcs9 + ".21");
+
+		[Obsolete("Use X509Certificate instead")]
+        public static readonly DerObjectIdentifier X509CertType = new DerObjectIdentifier(Pkcs9 + ".22.1");
+
+		public const string CertTypes = Pkcs9 + ".22";
+		public static readonly DerObjectIdentifier X509Certificate = new DerObjectIdentifier(CertTypes + ".1");
+		public static readonly DerObjectIdentifier SdsiCertificate = new DerObjectIdentifier(CertTypes + ".2");
+
+		public const string CrlTypes = Pkcs9 + ".23";
+		public static readonly DerObjectIdentifier X509Crl = new DerObjectIdentifier(CrlTypes + ".1");
+
+        public static readonly DerObjectIdentifier IdAlg = IdSmime.Branch("3");
+
+        public static readonly DerObjectIdentifier IdAlgEsdh        = IdAlg.Branch("5");
+        public static readonly DerObjectIdentifier IdAlgCms3DesWrap = IdAlg.Branch("6");
+        public static readonly DerObjectIdentifier IdAlgCmsRC2Wrap  = IdAlg.Branch("7");
+        public static readonly DerObjectIdentifier IdAlgPwriKek     = IdAlg.Branch("9");
+        public static readonly DerObjectIdentifier IdAlgSsdh        = IdAlg.Branch("10");
+
+        /*
+         * <pre>
+         * -- RSA-KEM Key Transport Algorithm
+         *
+         * id-rsa-kem OID ::= {
+         *      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+         *      pkcs-9(9) smime(16) alg(3) 14
+         *   }
+         * </pre>
+         */
+        public static readonly DerObjectIdentifier IdRsaKem = IdAlg.Branch("14");
+
+        //
+        // SMIME capability sub oids.
+        //
+        public static readonly DerObjectIdentifier PreferSignedData				= Pkcs9AtSmimeCapabilities.Branch("1");
+        public static readonly DerObjectIdentifier CannotDecryptAny             = Pkcs9AtSmimeCapabilities.Branch("2");
+        public static readonly DerObjectIdentifier SmimeCapabilitiesVersions    = Pkcs9AtSmimeCapabilities.Branch("3");
+
+        //
+        // other SMIME attributes
+        //
+        public static readonly DerObjectIdentifier IdAAReceiptRequest = IdSmime.Branch("2.1");
+
+        //
+        // id-ct OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+        // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1)}
+        //
+        public const string IdCT = "1.2.840.113549.1.9.16.1";
+
+        public static readonly DerObjectIdentifier IdCTAuthData          = new DerObjectIdentifier(IdCT + ".2");
+        public static readonly DerObjectIdentifier IdCTTstInfo           = new DerObjectIdentifier(IdCT + ".4");
+        public static readonly DerObjectIdentifier IdCTCompressedData    = new DerObjectIdentifier(IdCT + ".9");
+		public static readonly DerObjectIdentifier IdCTAuthEnvelopedData = new DerObjectIdentifier(IdCT + ".23");
+		public static readonly DerObjectIdentifier IdCTTimestampedData   = new DerObjectIdentifier(IdCT + ".31");
+
+        //
+        // id-cti OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+        // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6)}
+        //
+        public const string IdCti = "1.2.840.113549.1.9.16.6";
+
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfOrigin	= new DerObjectIdentifier(IdCti + ".1");
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfReceipt	= new DerObjectIdentifier(IdCti + ".2");
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfDelivery	= new DerObjectIdentifier(IdCti + ".3");
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfSender	= new DerObjectIdentifier(IdCti + ".4");
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfApproval	= new DerObjectIdentifier(IdCti + ".5");
+        public static readonly DerObjectIdentifier IdCtiEtsProofOfCreation	= new DerObjectIdentifier(IdCti + ".6");
+
+        //
+        // id-aa OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+        // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)}
+        //
+        public const string IdAA = "1.2.840.113549.1.9.16.2";
+        public static readonly DerObjectIdentifier IdAAOid = new DerObjectIdentifier(IdAA);
+
+		public static readonly DerObjectIdentifier IdAAContentHint = new DerObjectIdentifier(IdAA + ".4"); // See RFC 2634
+    	public static readonly DerObjectIdentifier IdAAMsgSigDigest = new DerObjectIdentifier(IdAA + ".5");
+    	public static readonly DerObjectIdentifier IdAAContentReference = new DerObjectIdentifier(IdAA + ".10");
+
+		/*
+        * id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11}
+        *
+        */
+        public static readonly DerObjectIdentifier IdAAEncrypKeyPref = new DerObjectIdentifier(IdAA + ".11");
+        public static readonly DerObjectIdentifier IdAASigningCertificate = new DerObjectIdentifier(IdAA + ".12");
+		public static readonly DerObjectIdentifier IdAASigningCertificateV2 = new DerObjectIdentifier(IdAA + ".47");
+
+		public static readonly DerObjectIdentifier IdAAContentIdentifier = new DerObjectIdentifier(IdAA + ".7"); // See RFC 2634
+
+		/*
+		 * RFC 3126
+		 */
+		public static readonly DerObjectIdentifier IdAASignatureTimeStampToken = new DerObjectIdentifier(IdAA + ".14");
+
+		public static readonly DerObjectIdentifier IdAAEtsSigPolicyID = new DerObjectIdentifier(IdAA + ".15");
+		public static readonly DerObjectIdentifier IdAAEtsCommitmentType = new DerObjectIdentifier(IdAA + ".16");
+		public static readonly DerObjectIdentifier IdAAEtsSignerLocation = new DerObjectIdentifier(IdAA + ".17");
+		public static readonly DerObjectIdentifier IdAAEtsSignerAttr = new DerObjectIdentifier(IdAA + ".18");
+		public static readonly DerObjectIdentifier IdAAEtsOtherSigCert = new DerObjectIdentifier(IdAA + ".19");
+		public static readonly DerObjectIdentifier IdAAEtsContentTimestamp = new DerObjectIdentifier(IdAA + ".20");
+		public static readonly DerObjectIdentifier IdAAEtsCertificateRefs = new DerObjectIdentifier(IdAA + ".21");
+		public static readonly DerObjectIdentifier IdAAEtsRevocationRefs = new DerObjectIdentifier(IdAA + ".22");
+		public static readonly DerObjectIdentifier IdAAEtsCertValues = new DerObjectIdentifier(IdAA + ".23");
+		public static readonly DerObjectIdentifier IdAAEtsRevocationValues = new DerObjectIdentifier(IdAA + ".24");
+		public static readonly DerObjectIdentifier IdAAEtsEscTimeStamp = new DerObjectIdentifier(IdAA + ".25");
+		public static readonly DerObjectIdentifier IdAAEtsCertCrlTimestamp = new DerObjectIdentifier(IdAA + ".26");
+		public static readonly DerObjectIdentifier IdAAEtsArchiveTimestamp = new DerObjectIdentifier(IdAA + ".27");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.6.2.37 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.5">RFC 4108</a> */
+        public static readonly DerObjectIdentifier IdAADecryptKeyID = IdAAOid.Branch("37");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.6.2.38 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.6">RFC 4108</a> */
+        public static readonly DerObjectIdentifier IdAAImplCryptoAlgs = IdAAOid.Branch("38");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.54 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAAAsymmDecryptKeyID = IdAAOid.Branch("54");
+
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.43   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAAImplCompressAlgs = IdAAOid.Branch("43");
+        /** PKCS#9: 1.2.840.113549.1.9.16.2.40   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+        public static readonly DerObjectIdentifier IdAACommunityIdentifiers = IdAAOid.Branch("40");
+
+		[Obsolete("Use 'IdAAEtsSigPolicyID' instead")]
+		public static readonly DerObjectIdentifier IdAASigPolicyID = IdAAEtsSigPolicyID;
+		[Obsolete("Use 'IdAAEtsCommitmentType' instead")]
+		public static readonly DerObjectIdentifier IdAACommitmentType = IdAAEtsCommitmentType;
+		[Obsolete("Use 'IdAAEtsSignerLocation' instead")]
+		public static readonly DerObjectIdentifier IdAASignerLocation = IdAAEtsSignerLocation;
+		[Obsolete("Use 'IdAAEtsOtherSigCert' instead")]
+		public static readonly DerObjectIdentifier IdAAOtherSigCert = IdAAEtsOtherSigCert;
+
+		//
+		// id-spq OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+		// rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-spq(5)}
+		//
+		public const string IdSpq = "1.2.840.113549.1.9.16.5";
+
+		public static readonly DerObjectIdentifier IdSpqEtsUri = new DerObjectIdentifier(IdSpq + ".1");
+		public static readonly DerObjectIdentifier IdSpqEtsUNotice = new DerObjectIdentifier(IdSpq + ".2");
+
+		//
+        // pkcs-12 OBJECT IDENTIFIER ::= {
+        //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 }
+        //
+        public const string Pkcs12 = "1.2.840.113549.1.12";
+        public const string BagTypes = Pkcs12 + ".10.1";
+
+        public static readonly DerObjectIdentifier KeyBag				= new DerObjectIdentifier(BagTypes + ".1");
+        public static readonly DerObjectIdentifier Pkcs8ShroudedKeyBag	= new DerObjectIdentifier(BagTypes + ".2");
+        public static readonly DerObjectIdentifier CertBag				= new DerObjectIdentifier(BagTypes + ".3");
+        public static readonly DerObjectIdentifier CrlBag				= new DerObjectIdentifier(BagTypes + ".4");
+        public static readonly DerObjectIdentifier SecretBag			= new DerObjectIdentifier(BagTypes + ".5");
+        public static readonly DerObjectIdentifier SafeContentsBag		= new DerObjectIdentifier(BagTypes + ".6");
+
+        public const string Pkcs12PbeIds = Pkcs12 + ".1";
+
+        public static readonly DerObjectIdentifier PbeWithShaAnd128BitRC4			= new DerObjectIdentifier(Pkcs12PbeIds + ".1");
+        public static readonly DerObjectIdentifier PbeWithShaAnd40BitRC4			= new DerObjectIdentifier(Pkcs12PbeIds + ".2");
+        public static readonly DerObjectIdentifier PbeWithShaAnd3KeyTripleDesCbc	= new DerObjectIdentifier(Pkcs12PbeIds + ".3");
+        public static readonly DerObjectIdentifier PbeWithShaAnd2KeyTripleDesCbc	= new DerObjectIdentifier(Pkcs12PbeIds + ".4");
+        public static readonly DerObjectIdentifier PbeWithShaAnd128BitRC2Cbc		= new DerObjectIdentifier(Pkcs12PbeIds + ".5");
+        public static readonly DerObjectIdentifier PbewithShaAnd40BitRC2Cbc			= new DerObjectIdentifier(Pkcs12PbeIds + ".6");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/Pfx.cs b/bc-sharp-crypto/src/asn1/pkcs/Pfx.cs
new file mode 100644
index 0000000..9676f64
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/Pfx.cs
@@ -0,0 +1,65 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * the infamous Pfx from Pkcs12
+     */
+    public class Pfx
+        : Asn1Encodable
+    {
+        private ContentInfo	contentInfo;
+        private MacData		macData;
+
+		public Pfx(
+            Asn1Sequence seq)
+        {
+            BigInteger version = ((DerInteger) seq[0]).Value;
+            if (version.IntValue != 3)
+            {
+                throw new ArgumentException("wrong version for PFX PDU");
+            }
+
+			contentInfo = ContentInfo.GetInstance(seq[1]);
+
+			if (seq.Count == 3)
+            {
+                macData = MacData.GetInstance(seq[2]);
+            }
+        }
+
+		public Pfx(
+            ContentInfo	contentInfo,
+            MacData		macData)
+        {
+            this.contentInfo = contentInfo;
+            this.macData = macData;
+        }
+
+		public ContentInfo AuthSafe
+		{
+			get { return contentInfo; }
+		}
+
+		public MacData MacData
+		{
+			get { return macData; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				new DerInteger(3), contentInfo);
+
+			if (macData != null)
+            {
+                v.Add(macData);
+            }
+
+			return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/PrivateKeyInfo.cs b/bc-sharp-crypto/src/asn1/pkcs/PrivateKeyInfo.cs
new file mode 100644
index 0000000..c5be7a3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/PrivateKeyInfo.cs
@@ -0,0 +1,135 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class PrivateKeyInfo
+        : Asn1Encodable
+    {
+        private readonly Asn1OctetString        privKey;
+        private readonly AlgorithmIdentifier	algID;
+        private readonly Asn1Set				attributes;
+
+        public static PrivateKeyInfo GetInstance(Asn1TaggedObject obj, bool explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static PrivateKeyInfo GetInstance(
+            object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is PrivateKeyInfo)
+                return (PrivateKeyInfo) obj;
+            return new PrivateKeyInfo(Asn1Sequence.GetInstance(obj));
+        }
+
+        public PrivateKeyInfo(AlgorithmIdentifier algID, Asn1Encodable privateKey)
+            : this(algID, privateKey, null)
+        {
+        }
+
+        public PrivateKeyInfo(
+            AlgorithmIdentifier	algID,
+            Asn1Encodable       privateKey,
+            Asn1Set				attributes)
+        {
+            this.algID = algID;
+            this.privKey = new DerOctetString(privateKey.GetEncoded(Asn1Encodable.Der));
+            this.attributes = attributes;
+        }
+
+        private PrivateKeyInfo(Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+            e.MoveNext();
+            BigInteger version = ((DerInteger)e.Current).Value;
+            if (version.IntValue != 0)
+            {
+                throw new ArgumentException("wrong version for private key info: " + version.IntValue);
+            }
+
+            e.MoveNext();
+            algID = AlgorithmIdentifier.GetInstance(e.Current);
+            e.MoveNext();
+            privKey = Asn1OctetString.GetInstance(e.Current);
+
+            if (e.MoveNext())
+            {
+                attributes = Asn1Set.GetInstance((Asn1TaggedObject)e.Current, false);
+            }
+        }
+
+        public virtual AlgorithmIdentifier PrivateKeyAlgorithm
+        {
+            get { return algID; }
+        }
+
+        [Obsolete("Use 'PrivateKeyAlgorithm' property instead")]
+        public virtual AlgorithmIdentifier AlgorithmID
+        {
+            get { return algID; }
+        }
+
+        public virtual Asn1Object ParsePrivateKey()
+        {
+            return Asn1Object.FromByteArray(privKey.GetOctets());
+        }
+
+        [Obsolete("Use 'ParsePrivateKey' instead")]
+        public virtual Asn1Object PrivateKey
+        {
+            get
+            {
+                try
+                {
+                    return ParsePrivateKey();
+                }
+                catch (IOException)
+                {
+                    throw new InvalidOperationException("unable to parse private key");
+                }
+            }
+        }
+
+        public virtual Asn1Set Attributes
+        {
+            get { return attributes; }
+        }
+
+        /**
+         * write out an RSA private key with its associated information
+         * as described in Pkcs8.
+         * <pre>
+         *      PrivateKeyInfo ::= Sequence {
+         *                              version Version,
+         *                              privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
+         *                              privateKey PrivateKey,
+         *                              attributes [0] IMPLICIT Attributes OPTIONAL
+         *                          }
+         *      Version ::= Integer {v1(0)} (v1,...)
+         *
+         *      PrivateKey ::= OCTET STRING
+         *
+         *      Attributes ::= Set OF Attr
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(new DerInteger(0), algID, privKey);
+
+            if (attributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, attributes));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/RC2CBCParameter.cs b/bc-sharp-crypto/src/asn1/pkcs/RC2CBCParameter.cs
new file mode 100644
index 0000000..880ca74
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/RC2CBCParameter.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class RC2CbcParameter
+        : Asn1Encodable
+    {
+        internal DerInteger			version;
+        internal Asn1OctetString	iv;
+
+		public static RC2CbcParameter GetInstance(
+            object obj)
+        {
+            if (obj is Asn1Sequence)
+            {
+                return new RC2CbcParameter((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public RC2CbcParameter(
+            byte[] iv)
+        {
+            this.iv = new DerOctetString(iv);
+        }
+
+		public RC2CbcParameter(
+            int		parameterVersion,
+            byte[]	iv)
+        {
+            this.version = new DerInteger(parameterVersion);
+            this.iv = new DerOctetString(iv);
+        }
+
+		private RC2CbcParameter(
+            Asn1Sequence seq)
+        {
+            if (seq.Count == 1)
+            {
+                iv = (Asn1OctetString)seq[0];
+            }
+            else
+            {
+                version = (DerInteger)seq[0];
+                iv = (Asn1OctetString)seq[1];
+            }
+        }
+
+		public BigInteger RC2ParameterVersion
+        {
+            get
+            {
+				return version == null ? null : version.Value;
+            }
+        }
+
+		public byte[] GetIV()
+        {
+			return Arrays.Clone(iv.GetOctets());
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (version != null)
+            {
+                v.Add(version);
+            }
+
+			v.Add(iv);
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/RSAESOAEPparams.cs b/bc-sharp-crypto/src/asn1/pkcs/RSAESOAEPparams.cs
new file mode 100644
index 0000000..0cf22f8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/RSAESOAEPparams.cs
@@ -0,0 +1,146 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+	public class RsaesOaepParameters
+		: Asn1Encodable
+	{
+		private AlgorithmIdentifier hashAlgorithm;
+		private AlgorithmIdentifier maskGenAlgorithm;
+		private AlgorithmIdentifier pSourceAlgorithm;
+
+		public readonly static AlgorithmIdentifier DefaultHashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+		public readonly static AlgorithmIdentifier DefaultMaskGenFunction = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm);
+		public readonly static AlgorithmIdentifier DefaultPSourceAlgorithm = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]));
+
+		public static RsaesOaepParameters GetInstance(
+			object obj)
+		{
+			if (obj is RsaesOaepParameters)
+			{
+				return (RsaesOaepParameters)obj;
+			}
+			else if (obj is Asn1Sequence)
+			{
+				return new RsaesOaepParameters((Asn1Sequence)obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * The default version
+		 */
+		public RsaesOaepParameters()
+		{
+			hashAlgorithm = DefaultHashAlgorithm;
+			maskGenAlgorithm = DefaultMaskGenFunction;
+			pSourceAlgorithm = DefaultPSourceAlgorithm;
+		}
+
+		public RsaesOaepParameters(
+			AlgorithmIdentifier hashAlgorithm,
+			AlgorithmIdentifier maskGenAlgorithm,
+			AlgorithmIdentifier pSourceAlgorithm)
+		{
+			this.hashAlgorithm = hashAlgorithm;
+			this.maskGenAlgorithm = maskGenAlgorithm;
+			this.pSourceAlgorithm = pSourceAlgorithm;
+		}
+
+		public RsaesOaepParameters(
+			Asn1Sequence seq)
+		{
+			hashAlgorithm = DefaultHashAlgorithm;
+			maskGenAlgorithm = DefaultMaskGenFunction;
+			pSourceAlgorithm = DefaultPSourceAlgorithm;
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				Asn1TaggedObject o = (Asn1TaggedObject)seq[i];
+
+				switch (o.TagNo)
+				{
+					case 0:
+						hashAlgorithm = AlgorithmIdentifier.GetInstance(o, true);
+						break;
+					case 1:
+						maskGenAlgorithm = AlgorithmIdentifier.GetInstance(o, true);
+						break;
+					case 2:
+						pSourceAlgorithm = AlgorithmIdentifier.GetInstance(o, true);
+						break;
+					default:
+						throw new ArgumentException("unknown tag");
+				}
+			}
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public AlgorithmIdentifier MaskGenAlgorithm
+		{
+			get { return maskGenAlgorithm; }
+		}
+
+		public AlgorithmIdentifier PSourceAlgorithm
+		{
+			get { return pSourceAlgorithm; }
+		}
+
+		/**
+		 * <pre>
+		 *  RSAES-OAEP-params ::= SEQUENCE {
+		 *     hashAlgorithm      [0] OAEP-PSSDigestAlgorithms     DEFAULT sha1,
+		 *     maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+		 *     pSourceAlgorithm   [2] PKCS1PSourceAlgorithms  DEFAULT pSpecifiedEmpty
+		 *   }
+		 *
+		 *   OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-sha1 PARAMETERS NULL   }|
+		 *     { OID id-sha256 PARAMETERS NULL }|
+		 *     { OID id-sha384 PARAMETERS NULL }|
+		 *     { OID id-sha512 PARAMETERS NULL },
+		 *     ...  -- Allows for future expansion --
+		 *   }
+		 *   PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+		 *    ...  -- Allows for future expansion --
+		 *   }
+		 *   PKCS1PSourceAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-pSpecified PARAMETERS OCTET STRING },
+		 *     ...  -- Allows for future expansion --
+		 *  }
+		 * </pre>
+		 * @return the asn1 primitive representing the parameters.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (!hashAlgorithm.Equals(DefaultHashAlgorithm))
+			{
+				v.Add(new DerTaggedObject(true, 0, hashAlgorithm));
+			}
+
+			if (!maskGenAlgorithm.Equals(DefaultMaskGenFunction))
+			{
+				v.Add(new DerTaggedObject(true, 1, maskGenAlgorithm));
+			}
+
+			if (!pSourceAlgorithm.Equals(DefaultPSourceAlgorithm))
+			{
+				v.Add(new DerTaggedObject(true, 2, pSourceAlgorithm));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs b/bc-sharp-crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs
new file mode 100644
index 0000000..7212991
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs
@@ -0,0 +1,146 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class RsaPrivateKeyStructure
+        : Asn1Encodable
+    {
+        private readonly BigInteger	modulus;
+        private readonly BigInteger	publicExponent;
+        private readonly BigInteger	privateExponent;
+        private readonly BigInteger	prime1;
+        private readonly BigInteger	prime2;
+        private readonly BigInteger	exponent1;
+        private readonly BigInteger	exponent2;
+        private readonly BigInteger	coefficient;
+
+        public static RsaPrivateKeyStructure GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        public static RsaPrivateKeyStructure GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is RsaPrivateKeyStructure)
+                return (RsaPrivateKeyStructure)obj;
+            return new RsaPrivateKeyStructure(Asn1Sequence.GetInstance(obj));
+        }
+
+        public RsaPrivateKeyStructure(
+            BigInteger	modulus,
+            BigInteger	publicExponent,
+            BigInteger	privateExponent,
+            BigInteger	prime1,
+            BigInteger	prime2,
+            BigInteger	exponent1,
+            BigInteger	exponent2,
+            BigInteger	coefficient)
+        {
+            this.modulus = modulus;
+            this.publicExponent = publicExponent;
+            this.privateExponent = privateExponent;
+            this.prime1 = prime1;
+            this.prime2 = prime2;
+            this.exponent1 = exponent1;
+            this.exponent2 = exponent2;
+            this.coefficient = coefficient;
+        }
+
+        [Obsolete("Use 'GetInstance' method(s) instead")]
+        public RsaPrivateKeyStructure(
+            Asn1Sequence seq)
+        {
+            BigInteger version = ((DerInteger) seq[0]).Value;
+            if (version.IntValue != 0)
+                throw new ArgumentException("wrong version for RSA private key");
+
+            modulus = ((DerInteger) seq[1]).Value;
+            publicExponent = ((DerInteger) seq[2]).Value;
+            privateExponent = ((DerInteger) seq[3]).Value;
+            prime1 = ((DerInteger) seq[4]).Value;
+            prime2 = ((DerInteger) seq[5]).Value;
+            exponent1 = ((DerInteger) seq[6]).Value;
+            exponent2 = ((DerInteger) seq[7]).Value;
+            coefficient = ((DerInteger) seq[8]).Value;
+        }
+
+        public BigInteger Modulus
+        {
+            get { return modulus; }
+        }
+
+        public BigInteger PublicExponent
+        {
+            get { return publicExponent; }
+        }
+
+        public BigInteger PrivateExponent
+        {
+            get { return privateExponent; }
+        }
+
+        public BigInteger Prime1
+        {
+            get { return prime1; }
+        }
+
+        public BigInteger Prime2
+        {
+            get { return prime2; }
+        }
+
+        public BigInteger Exponent1
+        {
+            get { return exponent1; }
+        }
+
+        public BigInteger Exponent2
+        {
+            get { return exponent2; }
+        }
+
+        public BigInteger Coefficient
+        {
+            get { return coefficient; }
+        }
+
+        /**
+         * This outputs the key in Pkcs1v2 format.
+         * <pre>
+         *      RsaPrivateKey ::= Sequence {
+         *                          version Version,
+         *                          modulus Integer, -- n
+         *                          publicExponent Integer, -- e
+         *                          privateExponent Integer, -- d
+         *                          prime1 Integer, -- p
+         *                          prime2 Integer, -- q
+         *                          exponent1 Integer, -- d mod (p-1)
+         *                          exponent2 Integer, -- d mod (q-1)
+         *                          coefficient Integer -- (inverse of q) mod p
+         *                      }
+         *
+         *      Version ::= Integer
+         * </pre>
+         * <p>This routine is written to output Pkcs1 version 0, private keys.</p>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(
+                new DerInteger(0), // version
+                new DerInteger(Modulus),
+                new DerInteger(PublicExponent),
+                new DerInteger(PrivateExponent),
+                new DerInteger(Prime1),
+                new DerInteger(Prime2),
+                new DerInteger(Exponent1),
+                new DerInteger(Exponent2),
+                new DerInteger(Coefficient));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/RSASSAPSSparams.cs b/bc-sharp-crypto/src/asn1/pkcs/RSASSAPSSparams.cs
new file mode 100644
index 0000000..85849c3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/RSASSAPSSparams.cs
@@ -0,0 +1,166 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+	public class RsassaPssParameters
+		: Asn1Encodable
+	{
+		private AlgorithmIdentifier hashAlgorithm;
+		private AlgorithmIdentifier maskGenAlgorithm;
+		private DerInteger saltLength;
+		private DerInteger trailerField;
+
+		public readonly static AlgorithmIdentifier DefaultHashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+		public readonly static AlgorithmIdentifier DefaultMaskGenFunction = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm);
+		public readonly static DerInteger DefaultSaltLength = new DerInteger(20);
+		public readonly static DerInteger DefaultTrailerField = new DerInteger(1);
+
+		public static RsassaPssParameters GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is RsassaPssParameters)
+			{
+				return (RsassaPssParameters)obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new RsassaPssParameters((Asn1Sequence)obj);
+			}
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * The default version
+		 */
+		public RsassaPssParameters()
+		{
+			hashAlgorithm = DefaultHashAlgorithm;
+			maskGenAlgorithm = DefaultMaskGenFunction;
+			saltLength = DefaultSaltLength;
+			trailerField = DefaultTrailerField;
+		}
+
+		public RsassaPssParameters(
+			AlgorithmIdentifier hashAlgorithm,
+			AlgorithmIdentifier maskGenAlgorithm,
+			DerInteger saltLength,
+			DerInteger trailerField)
+		{
+			this.hashAlgorithm = hashAlgorithm;
+			this.maskGenAlgorithm = maskGenAlgorithm;
+			this.saltLength = saltLength;
+			this.trailerField = trailerField;
+		}
+
+		public RsassaPssParameters(
+			Asn1Sequence seq)
+		{
+			hashAlgorithm = DefaultHashAlgorithm;
+			maskGenAlgorithm = DefaultMaskGenFunction;
+			saltLength = DefaultSaltLength;
+			trailerField = DefaultTrailerField;
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				Asn1TaggedObject o = (Asn1TaggedObject)seq[i];
+
+				switch (o.TagNo)
+				{
+					case 0:
+						hashAlgorithm = AlgorithmIdentifier.GetInstance(o, true);
+						break;
+					case 1:
+						maskGenAlgorithm = AlgorithmIdentifier.GetInstance(o, true);
+						break;
+					case 2:
+						saltLength = DerInteger.GetInstance(o, true);
+						break;
+					case 3:
+						trailerField = DerInteger.GetInstance(o, true);
+						break;
+					default:
+						throw new ArgumentException("unknown tag");
+				}
+			}
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public AlgorithmIdentifier MaskGenAlgorithm
+		{
+			get { return maskGenAlgorithm; }
+		}
+
+		public DerInteger SaltLength
+		{
+			get { return saltLength; }
+		}
+
+		public DerInteger TrailerField
+		{
+			get { return trailerField; }
+		}
+
+		/**
+		 * <pre>
+		 * RSASSA-PSS-params ::= SEQUENCE {
+		 *   hashAlgorithm      [0] OAEP-PSSDigestAlgorithms  DEFAULT sha1,
+		 *    maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+		 *    saltLength         [2] INTEGER  DEFAULT 20,
+		 *    trailerField       [3] TrailerField  DEFAULT trailerFieldBC
+		 *  }
+		 *
+		 * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *    { OID id-sha1 PARAMETERS NULL   }|
+		 *    { OID id-sha256 PARAMETERS NULL }|
+		 *    { OID id-sha384 PARAMETERS NULL }|
+		 *    { OID id-sha512 PARAMETERS NULL },
+		 *    ...  -- Allows for future expansion --
+		 * }
+		 *
+		 * PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *   { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+		 *    ...  -- Allows for future expansion --
+		 * }
+		 *
+		 * TrailerField ::= INTEGER { trailerFieldBC(1) }
+		 * </pre>
+		 * @return the asn1 primitive representing the parameters.
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (!hashAlgorithm.Equals(DefaultHashAlgorithm))
+			{
+				v.Add(new DerTaggedObject(true, 0, hashAlgorithm));
+			}
+
+			if (!maskGenAlgorithm.Equals(DefaultMaskGenFunction))
+			{
+				v.Add(new DerTaggedObject(true, 1, maskGenAlgorithm));
+			}
+
+			if (!saltLength.Equals(DefaultSaltLength))
+			{
+				v.Add(new DerTaggedObject(true, 2, saltLength));
+			}
+
+			if (!trailerField.Equals(DefaultTrailerField))
+			{
+				v.Add(new DerTaggedObject(true, 3, trailerField));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/SafeBag.cs b/bc-sharp-crypto/src/asn1/pkcs/SafeBag.cs
new file mode 100644
index 0000000..4b9350b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/SafeBag.cs
@@ -0,0 +1,70 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    public class SafeBag
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier bagID;
+        private readonly Asn1Object bagValue;
+        private readonly Asn1Set bagAttributes;
+
+		public SafeBag(
+            DerObjectIdentifier	oid,
+            Asn1Object			obj)
+        {
+            this.bagID = oid;
+            this.bagValue = obj;
+            this.bagAttributes = null;
+        }
+
+		public SafeBag(
+            DerObjectIdentifier	oid,
+            Asn1Object			obj,
+            Asn1Set				bagAttributes)
+        {
+            this.bagID = oid;
+            this.bagValue = obj;
+            this.bagAttributes = bagAttributes;
+        }
+
+		public SafeBag(
+            Asn1Sequence seq)
+        {
+            this.bagID = (DerObjectIdentifier) seq[0];
+            this.bagValue = ((DerTaggedObject) seq[1]).GetObject();
+            if (seq.Count == 3)
+            {
+                this.bagAttributes = (Asn1Set) seq[2];
+            }
+        }
+
+		public DerObjectIdentifier BagID
+		{
+			get { return bagID; }
+		}
+
+		public Asn1Object BagValue
+		{
+			get { return bagValue; }
+		}
+
+		public Asn1Set BagAttributes
+		{
+			get { return bagAttributes; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				bagID, new DerTaggedObject(0, bagValue));
+
+			if (bagAttributes != null)
+            {
+                v.Add(bagAttributes);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/SignedData.cs b/bc-sharp-crypto/src/asn1/pkcs/SignedData.cs
new file mode 100644
index 0000000..6e72bd0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/SignedData.cs
@@ -0,0 +1,157 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * a Pkcs#7 signed data object.
+     */
+    public class SignedData
+        : Asn1Encodable
+    {
+        private readonly DerInteger		version;
+        private readonly Asn1Set		digestAlgorithms;
+        private readonly ContentInfo	contentInfo;
+        private readonly Asn1Set		certificates;
+        private readonly Asn1Set		crls;
+        private readonly Asn1Set		signerInfos;
+
+        public static SignedData GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            SignedData existing = obj as SignedData;
+            if (existing != null)
+                return existing;
+            return new SignedData(Asn1Sequence.GetInstance(obj));
+        }
+
+        public SignedData(
+            DerInteger        _version,
+            Asn1Set           _digestAlgorithms,
+            ContentInfo       _contentInfo,
+            Asn1Set           _certificates,
+            Asn1Set           _crls,
+            Asn1Set           _signerInfos)
+        {
+            version          = _version;
+            digestAlgorithms = _digestAlgorithms;
+            contentInfo      = _contentInfo;
+            certificates     = _certificates;
+            crls             = _crls;
+            signerInfos      = _signerInfos;
+        }
+
+        private SignedData(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+            e.MoveNext();
+            version = (DerInteger) e.Current;
+
+            e.MoveNext();
+            digestAlgorithms = (Asn1Set) e.Current;
+
+            e.MoveNext();
+            contentInfo = ContentInfo.GetInstance(e.Current);
+
+            while (e.MoveNext())
+            {
+                Asn1Object o = (Asn1Object) e.Current;
+
+                //
+                // an interesting feature of SignedData is that there appear to be varying implementations...
+                // for the moment we ignore anything which doesn't fit.
+                //
+                if (o is DerTaggedObject)
+                {
+                    DerTaggedObject tagged = (DerTaggedObject) o;
+
+                    switch (tagged.TagNo)
+                    {
+                        case 0:
+                            certificates = Asn1Set.GetInstance(tagged, false);
+                            break;
+                        case 1:
+                            crls = Asn1Set.GetInstance(tagged, false);
+                            break;
+                        default:
+                            throw new ArgumentException("unknown tag value " + tagged.TagNo);
+                    }
+                }
+                else
+                {
+                    signerInfos = (Asn1Set) o;
+                }
+            }
+        }
+
+        public DerInteger Version
+        {
+            get { return version; }
+        }
+
+        public Asn1Set DigestAlgorithms
+        {
+            get { return digestAlgorithms; }
+        }
+
+        public ContentInfo ContentInfo
+        {
+            get { return contentInfo; }
+        }
+
+        public Asn1Set Certificates
+        {
+            get { return certificates; }
+        }
+
+        public Asn1Set Crls
+        {
+            get { return crls; }
+        }
+
+        public Asn1Set SignerInfos
+        {
+            get { return signerInfos; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  SignedData ::= Sequence {
+         *      version Version,
+         *      digestAlgorithms DigestAlgorithmIdentifiers,
+         *      contentInfo ContentInfo,
+         *      certificates
+         *          [0] IMPLICIT ExtendedCertificatesAndCertificates
+         *                   OPTIONAL,
+         *      crls
+         *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+         *      signerInfos SignerInfos }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                version, digestAlgorithms, contentInfo);
+
+            if (certificates != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, certificates));
+            }
+
+            if (crls != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, crls));
+            }
+
+            v.Add(signerInfos);
+
+            return new BerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/pkcs/SignerInfo.cs b/bc-sharp-crypto/src/asn1/pkcs/SignerInfo.cs
new file mode 100644
index 0000000..a3dc48b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/pkcs/SignerInfo.cs
@@ -0,0 +1,154 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Pkcs
+{
+    /**
+     * a Pkcs#7 signer info object.
+     */
+    public class SignerInfo
+        : Asn1Encodable
+    {
+        private DerInteger              version;
+        private IssuerAndSerialNumber   issuerAndSerialNumber;
+        private AlgorithmIdentifier     digAlgorithm;
+        private Asn1Set                 authenticatedAttributes;
+        private AlgorithmIdentifier     digEncryptionAlgorithm;
+        private Asn1OctetString         encryptedDigest;
+        private Asn1Set                 unauthenticatedAttributes;
+
+		public static SignerInfo GetInstance(
+            object obj)
+        {
+            if (obj is SignerInfo)
+            {
+                return (SignerInfo) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new SignerInfo((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public SignerInfo(
+            DerInteger              version,
+            IssuerAndSerialNumber   issuerAndSerialNumber,
+            AlgorithmIdentifier     digAlgorithm,
+            Asn1Set                 authenticatedAttributes,
+            AlgorithmIdentifier     digEncryptionAlgorithm,
+            Asn1OctetString         encryptedDigest,
+            Asn1Set                 unauthenticatedAttributes)
+        {
+            this.version = version;
+            this.issuerAndSerialNumber = issuerAndSerialNumber;
+            this.digAlgorithm = digAlgorithm;
+            this.authenticatedAttributes = authenticatedAttributes;
+            this.digEncryptionAlgorithm = digEncryptionAlgorithm;
+            this.encryptedDigest = encryptedDigest;
+            this.unauthenticatedAttributes = unauthenticatedAttributes;
+        }
+
+		public SignerInfo(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+            version = (DerInteger) e.Current;
+
+			e.MoveNext();
+            issuerAndSerialNumber = IssuerAndSerialNumber.GetInstance(e.Current);
+
+			e.MoveNext();
+            digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
+
+			e.MoveNext();
+            object obj = e.Current;
+
+			if (obj is Asn1TaggedObject)
+            {
+                authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) obj, false);
+
+				e.MoveNext();
+                digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
+            }
+            else
+            {
+                authenticatedAttributes = null;
+                digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj);
+            }
+
+			e.MoveNext();
+            encryptedDigest = DerOctetString.GetInstance(e.Current);
+
+			if (e.MoveNext())
+            {
+                unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)e.Current, false);
+            }
+            else
+            {
+                unauthenticatedAttributes = null;
+            }
+        }
+
+		public DerInteger Version { get { return version; } }
+
+		public IssuerAndSerialNumber IssuerAndSerialNumber { get { return issuerAndSerialNumber; } }
+
+		public Asn1Set AuthenticatedAttributes { get { return authenticatedAttributes; } }
+
+		public AlgorithmIdentifier DigestAlgorithm { get { return digAlgorithm; } }
+
+		public Asn1OctetString EncryptedDigest { get { return encryptedDigest; } }
+
+		public AlgorithmIdentifier DigestEncryptionAlgorithm { get { return digEncryptionAlgorithm; } }
+
+		public Asn1Set UnauthenticatedAttributes { get { return unauthenticatedAttributes; } }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  SignerInfo ::= Sequence {
+         *      version Version,
+         *      issuerAndSerialNumber IssuerAndSerialNumber,
+         *      digestAlgorithm DigestAlgorithmIdentifier,
+         *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
+         *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+         *      encryptedDigest EncryptedDigest,
+         *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
+         *  }
+         *
+         *  EncryptedDigest ::= OCTET STRING
+         *
+         *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				version, issuerAndSerialNumber, digAlgorithm);
+
+			if (authenticatedAttributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, authenticatedAttributes));
+            }
+
+			v.Add(digEncryptionAlgorithm, encryptedDigest);
+
+			if (unauthenticatedAttributes != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, unauthenticatedAttributes));
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/sec/ECPrivateKeyStructure.cs b/bc-sharp-crypto/src/asn1/sec/ECPrivateKeyStructure.cs
new file mode 100644
index 0000000..32e020c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/sec/ECPrivateKeyStructure.cs
@@ -0,0 +1,184 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Sec
+{
+    /**
+     * the elliptic curve private key object from SEC 1
+     */
+    public class ECPrivateKeyStructure
+        : Asn1Encodable
+    {
+        private readonly Asn1Sequence seq;
+
+        public static ECPrivateKeyStructure GetInstance(object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is ECPrivateKeyStructure)
+                return (ECPrivateKeyStructure)obj;
+            return new ECPrivateKeyStructure(Asn1Sequence.GetInstance(obj));
+        }
+
+        [Obsolete("Use 'GetInstance' instead")]
+        public ECPrivateKeyStructure(
+            Asn1Sequence seq)
+        {
+            if (seq == null)
+                throw new ArgumentNullException("seq");
+
+            this.seq = seq;
+        }
+
+        [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")]
+        public ECPrivateKeyStructure(
+            BigInteger key)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+
+            this.seq = new DerSequence(
+                new DerInteger(1),
+                new DerOctetString(key.ToByteArrayUnsigned()));
+        }
+
+        public ECPrivateKeyStructure(
+            int         orderBitLength,
+            BigInteger  key)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+            if (orderBitLength < key.BitLength)
+                throw new ArgumentException("must be >= key bitlength", "orderBitLength");
+
+            byte[] bytes = BigIntegers.AsUnsignedByteArray((orderBitLength + 7) / 8, key);
+
+            this.seq = new DerSequence(
+                new DerInteger(1),
+                new DerOctetString(bytes));
+        }
+
+        [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")]
+        public ECPrivateKeyStructure(
+            BigInteger		key,
+            Asn1Encodable	parameters)
+            : this(key, null, parameters)
+        {
+        }
+
+        [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")]
+        public ECPrivateKeyStructure(
+            BigInteger		key,
+            DerBitString	publicKey,
+            Asn1Encodable	parameters)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                new DerInteger(1),
+                new DerOctetString(key.ToByteArrayUnsigned()));
+
+            if (parameters != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, parameters));
+            }
+
+            if (publicKey != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, publicKey));
+            }
+
+            this.seq = new DerSequence(v);
+        }
+
+        public ECPrivateKeyStructure(
+            int             orderBitLength,
+            BigInteger      key,
+            Asn1Encodable   parameters)
+            : this(orderBitLength, key, null, parameters)
+        {
+        }
+
+        public ECPrivateKeyStructure(
+            int             orderBitLength,
+            BigInteger      key,
+            DerBitString    publicKey,
+            Asn1Encodable   parameters)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+            if (orderBitLength < key.BitLength)
+                throw new ArgumentException("must be >= key bitlength", "orderBitLength");
+
+            byte[] bytes = BigIntegers.AsUnsignedByteArray((orderBitLength + 7) / 8, key);
+
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                new DerInteger(1),
+                new DerOctetString(bytes));
+
+            if (parameters != null)
+            {
+                v.Add(new DerTaggedObject(true, 0, parameters));
+            }
+
+            if (publicKey != null)
+            {
+                v.Add(new DerTaggedObject(true, 1, publicKey));
+            }
+
+            this.seq = new DerSequence(v);
+        }
+
+        public virtual BigInteger GetKey()
+        {
+            Asn1OctetString octs = (Asn1OctetString) seq[1];
+
+            return new BigInteger(1, octs.GetOctets());
+        }
+
+        public virtual DerBitString GetPublicKey()
+        {
+            return (DerBitString) GetObjectInTag(1);
+        }
+
+        public virtual Asn1Object GetParameters()
+        {
+            return GetObjectInTag(0);
+        }
+
+        private Asn1Object GetObjectInTag(int tagNo)
+        {
+            foreach (Asn1Encodable ae in seq)
+            {
+                Asn1Object obj = ae.ToAsn1Object();
+
+                if (obj is Asn1TaggedObject)
+                {
+                    Asn1TaggedObject tag = (Asn1TaggedObject) obj;
+                    if (tag.TagNo == tagNo)
+                    {
+                        return tag.GetObject();
+                    }
+                }
+            }
+
+            return null;
+        }
+
+        /**
+         * ECPrivateKey ::= SEQUENCE {
+         *     version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+         *     privateKey OCTET STRING,
+         *     parameters [0] Parameters OPTIONAL,
+         *     publicKey [1] BIT STRING OPTIONAL }
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/sec/SECNamedCurves.cs b/bc-sharp-crypto/src/asn1/sec/SECNamedCurves.cs
new file mode 100644
index 0000000..b753ac5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/sec/SECNamedCurves.cs
@@ -0,0 +1,1184 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Endo;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.Sec
+{
+    public sealed class SecNamedCurves
+    {
+        private SecNamedCurves()
+        {
+        }
+
+        private static ECCurve ConfigureCurve(ECCurve curve)
+        {
+            return curve;
+        }
+
+        private static ECCurve ConfigureCurveGlv(ECCurve c, GlvTypeBParameters p)
+        {
+            return c.Configure().SetEndomorphism(new GlvTypeBEndomorphism(c, p)).Create();
+        }
+
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        /*
+         * secp112r1
+         */
+        internal class Secp112r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp112r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp112r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = (2^128 - 3) / 76439
+                BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B");
+                BigInteger a = FromHex("DB7C2ABF62E35E668076BEAD2088");
+                BigInteger b = FromHex("659EF8BA043916EEDE8911702B22");
+                byte[] S = Hex.Decode("00F50B028E4D696E676875615175290472783FB1");
+                BigInteger n = FromHex("DB7C2ABF62E35E7628DFAC6561C5");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "09487239995A5EE76B55F9C2F098"
+                    + "A89CE5AF8724C0A23E0E0FF77500"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp112r2
+         */
+        internal class Secp112r2Holder
+            : X9ECParametersHolder
+        {
+            private Secp112r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp112r2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = (2^128 - 3) / 76439
+                BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B");
+                BigInteger a = FromHex("6127C24C05F38A0AAAF65C0EF02C");
+                BigInteger b = FromHex("51DEF1815DB5ED74FCC34C85D709");
+                byte[] S = Hex.Decode("002757A1114D696E6768756151755316C05E0BD4");
+                BigInteger n = FromHex("36DF0AAFD8B8D7597CA10520D04B");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "4BA30AB5E892B4E1649DD0928643"
+                    + "ADCD46F5882E3747DEF36E956E97"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp128r1
+         */
+        internal class Secp128r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp128r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp128r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^128 - 2^97 - 1
+                BigInteger p = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC");
+                BigInteger b = FromHex("E87579C11079F43DD824993C2CEE5ED3");
+                byte[] S = Hex.Decode("000E0D4D696E6768756151750CC03A4473D03679");
+                BigInteger n = FromHex("FFFFFFFE0000000075A30D1B9038A115");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "161FF7528B899B2D0C28607CA52C5B86"
+                    + "CF5AC8395BAFEB13C02DA292DDED7A83"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp128r2
+         */
+        internal class Secp128r2Holder
+            : X9ECParametersHolder
+        {
+            private Secp128r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp128r2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^128 - 2^97 - 1
+                BigInteger p = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("D6031998D1B3BBFEBF59CC9BBFF9AEE1");
+                BigInteger b = FromHex("5EEEFCA380D02919DC2C6558BB6D8A5D");
+                byte[] S = Hex.Decode("004D696E67687561517512D8F03431FCE63B88F4");
+                BigInteger n = FromHex("3FFFFFFF7FFFFFFFBE0024720613B5A3");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "7B6AA5D85E572983E6FB32A7CDEBC140"
+                    + "27B6916A894D3AEE7106FE805FC34B44"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp160k1
+         */
+        internal class Secp160k1Holder
+            : X9ECParametersHolder
+        {
+            private Secp160k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp160k1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.ValueOf(7);
+                byte[] S = null;
+                BigInteger n = FromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3");
+                BigInteger h = BigInteger.One;
+
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
+                    new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
+                    new BigInteger[]{
+                        new BigInteger("9162fbe73984472a0a9e", 16),
+                        new BigInteger("-96341f1138933bc2f505", 16) },
+                    new BigInteger[]{
+                        new BigInteger("127971af8721782ecffa3", 16),
+                        new BigInteger("9162fbe73984472a0a9e", 16) },
+                    new BigInteger("9162fbe73984472a0a9d0590", 16),
+                    new BigInteger("96341f1138933bc2f503fd44", 16),
+                    176);
+
+                ECCurve curve = ConfigureCurveGlv(new FpCurve(p, a, b, n, h), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+                    + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp160r1
+         */
+        internal class Secp160r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp160r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp160r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^160 - 2^31 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF");
+                BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC");
+                BigInteger b = FromHex("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45");
+                byte[] S = Hex.Decode("1053CDE42C14D696E67687561517533BF3F83345");
+                BigInteger n = FromHex("0100000000000000000001F4C8F927AED3CA752257");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "4A96B5688EF573284664698968C38BB913CBFC82"
+                    + "23A628553168947D59DCC912042351377AC5FB32"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp160r2
+         */
+        internal class Secp160r2Holder
+            : X9ECParametersHolder
+        {
+            private Secp160r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp160r2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
+                BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70");
+                BigInteger b = FromHex("B4E134D3FB59EB8BAB57274904664D5AF50388BA");
+                byte[] S = Hex.Decode("B99B99B099B323E02709A4D696E6768756151751");
+                BigInteger n = FromHex("0100000000000000000000351EE786A818F3A1A16B");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
+                    + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp192k1
+         */
+        internal class Secp192k1Holder
+            : X9ECParametersHolder
+        {
+            private Secp192k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp192k1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37");
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.ValueOf(3);
+                byte[] S = null;
+                BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D");
+                BigInteger h = BigInteger.One;
+
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16),
+                    new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
+                    new BigInteger[]{
+                        new BigInteger("71169be7330b3038edb025f1", 16),
+                        new BigInteger("-b3fb3400dec5c4adceb8655c", 16) },
+                    new BigInteger[]{
+                        new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
+                        new BigInteger("71169be7330b3038edb025f1", 16) },
+                    new BigInteger("71169be7330b3038edb025f1d0f9", 16),
+                    new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16),
+                    208);
+
+                ECCurve curve = ConfigureCurveGlv(new FpCurve(p, a, b, n, h), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+                    + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp192r1
+         */
+        internal class Secp192r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp192r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp192r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^192 - 2^64 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC");
+                BigInteger b = FromHex("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1");
+                byte[] S = Hex.Decode("3045AE6FC8422F64ED579528D38120EAE12196D5");
+                BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"
+                    + "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp224k1
+         */
+        internal class Secp224k1Holder
+            : X9ECParametersHolder
+        {
+            private Secp224k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp224k1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D");
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.ValueOf(5);
+                byte[] S = null;
+                BigInteger n = FromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7");
+                BigInteger h = BigInteger.One;
+
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16),
+                    new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
+                    new BigInteger[]{
+                        new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
+                        new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) },
+                    new BigInteger[]{
+                        new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
+                        new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) },
+                    new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16),
+                    new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16),
+                    240);
+
+                ECCurve curve = ConfigureCurveGlv(new FpCurve(p, a, b, n, h), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"
+                    + "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp224r1
+         */
+        internal class Secp224r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp224r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp224r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^224 - 2^96 + 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001");
+                BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE");
+                BigInteger b = FromHex("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4");
+                byte[] S = Hex.Decode("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5");
+                BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"
+                    + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp256k1
+         */
+        internal class Secp256k1Holder
+            : X9ECParametersHolder
+        {
+            private Secp256k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp256k1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.ValueOf(7);
+                byte[] S = null;
+                BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
+                BigInteger h = BigInteger.One;
+
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16),
+                    new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
+                    new BigInteger[]{
+                        new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
+                        new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) },
+                    new BigInteger[]{
+                        new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
+                        new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) },
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16),
+                    new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16),
+                    272);
+
+                ECCurve curve = ConfigureCurveGlv(new FpCurve(p, a, b, n, h), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
+                    + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp256r1
+         */
+        internal class Secp256r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp256r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp256r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^224 (2^32 - 1) + 2^192 + 2^96 - 1
+                BigInteger p = FromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC");
+                BigInteger b = FromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B");
+                byte[] S = Hex.Decode("C49D360886E704936A6678E1139D26B7819F7E90");
+                BigInteger n = FromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+                    + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp384r1
+         */
+        internal class Secp384r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp384r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp384r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^384 - 2^128 - 2^96 + 2^32 - 1
+                BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF");
+                BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC");
+                BigInteger b = FromHex("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF");
+                byte[] S = Hex.Decode("A335926AA319A27A1D00896A6773A4827ACDAC73");
+                BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"
+                    + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * secp521r1
+         */
+        internal class Secp521r1Holder
+            : X9ECParametersHolder
+        {
+            private Secp521r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Secp521r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                // p = 2^521 - 1
+                BigInteger p = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
+                BigInteger a = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC");
+                BigInteger b = FromHex("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00");
+                byte[] S = Hex.Decode("D09E8800291CB85396CC6717393284AAA0DA64BA");
+                BigInteger n = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409");
+                BigInteger h = BigInteger.One;
+
+                ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h));
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"
+                    + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect113r1
+         */
+        internal class Sect113r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect113r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect113r1Holder();
+
+            private const int m = 113;
+            private const int k = 9;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("003088250CA6E7C7FE649CE85820F7");
+                BigInteger b = FromHex("00E8BEE4D3E2260744188BE0E9C723");
+                byte[] S = Hex.Decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
+                BigInteger n = FromHex("0100000000000000D9CCEC8A39E56F");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "009D73616F35F4AB1407D73562C10F"
+                    + "00A52830277958EE84D1315ED31886"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect113r2
+         */
+        internal class Sect113r2Holder
+            : X9ECParametersHolder
+        {
+            private Sect113r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect113r2Holder();
+
+            private const int m = 113;
+            private const int k = 9;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("00689918DBEC7E5A0DD6DFC0AA55C7");
+                BigInteger b = FromHex("0095E9A9EC9B297BD4BF36E059184F");
+                byte[] S = Hex.Decode("10C0FB15760860DEF1EEF4D696E676875615175D");
+                BigInteger n = FromHex("010000000000000108789B2496AF93");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "01A57A6A7B26CA5EF52FCDB8164797"
+                    + "00B3ADC94ED1FE674C06E695BABA1D"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect131r1
+         */
+        internal class Sect131r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect131r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect131r1Holder();
+
+            private const int m = 131;
+            private const int k1 = 2;
+            private const int k2 = 3;
+            private const int k3 = 8;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("07A11B09A76B562144418FF3FF8C2570B8");
+                BigInteger b = FromHex("0217C05610884B63B9C6C7291678F9D341");
+                byte[] S = Hex.Decode("4D696E676875615175985BD3ADBADA21B43A97E2");
+                BigInteger n = FromHex("0400000000000000023123953A9464B54D");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0081BAF91FDF9833C40F9C181343638399"
+                    + "078C6E7EA38C001F73C8134B1B4EF9E150"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect131r2
+         */
+        internal class Sect131r2Holder
+            : X9ECParametersHolder
+        {
+            private Sect131r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect131r2Holder();
+
+            private const int m = 131;
+            private const int k1 = 2;
+            private const int k2 = 3;
+            private const int k3 = 8;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("03E5A88919D7CAFCBF415F07C2176573B2");
+                BigInteger b = FromHex("04B8266A46C55657AC734CE38F018F2192");
+                byte[] S = Hex.Decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
+                BigInteger n = FromHex("0400000000000000016954A233049BA98F");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0356DCD8F2F95031AD652D23951BB366A8"
+                    + "0648F06D867940A5366D9E265DE9EB240F"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect163k1
+         */
+        internal class Sect163k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect163k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect163k1Holder();
+
+            private const int m = 163;
+            private const int k1 = 3;
+            private const int k2 = 6;
+            private const int k3 = 7;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("04000000000000000000020108A2E0CC0D99F8A5EF");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
+                    + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect163r1
+         */
+        internal class Sect163r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect163r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect163r1Holder();
+
+            private const int m = 163;
+            private const int k1 = 3;
+            private const int k2 = 6;
+            private const int k3 = 7;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2");
+                BigInteger b = FromHex("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9");
+                byte[] S = Hex.Decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
+                BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0369979697AB43897789566789567F787A7876A654"
+                    + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect163r2
+         */
+        internal class Sect163r2Holder
+            : X9ECParametersHolder
+        {
+            private Sect163r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect163r2Holder();
+
+            private const int m = 163;
+            private const int k1 = 3;
+            private const int k2 = 6;
+            private const int k3 = 7;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = FromHex("020A601907B8C953CA1481EB10512F78744A3205FD");
+                byte[] S = Hex.Decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
+                BigInteger n = FromHex("040000000000000000000292FE77E70C12A4234C33");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
+                    + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect193r1
+         */
+        internal class Sect193r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect193r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect193r1Holder();
+
+            private const int m = 193;
+            private const int k = 15;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01");
+                BigInteger b = FromHex("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814");
+                byte[] S = Hex.Decode("103FAEC74D696E676875615175777FC5B191EF30");
+                BigInteger n = FromHex("01000000000000000000000000C7F34A778F443ACC920EBA49");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
+                    + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect193r2
+         */
+        internal class Sect193r2Holder
+            : X9ECParametersHolder
+        {
+            private Sect193r2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect193r2Holder();
+
+            private const int m = 193;
+            private const int k = 15;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = FromHex("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B");
+                BigInteger b = FromHex("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE");
+                byte[] S = Hex.Decode("10B7B4D696E676875615175137C8A16FD0DA2211");
+                BigInteger n = FromHex("010000000000000000000000015AAB561B005413CCD4EE99D5");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
+                    + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect233k1
+         */
+        internal class Sect233k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect233k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect233k1Holder();
+
+            private const int m = 233;
+            private const int k = 74;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
+                    + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect233r1
+         */
+        internal class Sect233r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect233r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect233r1Holder();
+
+            private const int m = 233;
+            private const int k = 74;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = FromHex("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD");
+                byte[] S = Hex.Decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
+                BigInteger n = FromHex("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
+                    + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect239k1
+         */
+        internal class Sect239k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect239k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect239k1Holder();
+
+            private const int m = 239;
+            private const int k = 158;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
+                    + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect283k1
+         */
+        internal class Sect283k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect283k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect283k1Holder();
+
+            private const int m = 283;
+            private const int k1 = 5;
+            private const int k2 = 7;
+            private const int k3 = 12;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+                    + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect283r1
+         */
+        internal class Sect283r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect283r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect283r1Holder();
+
+            private const int m = 283;
+            private const int k1 = 5;
+            private const int k2 = 7;
+            private const int k3 = 12;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = FromHex("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5");
+                byte[] S = Hex.Decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
+                BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+                    + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect409k1
+         */
+        internal class Sect409k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect409k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect409k1Holder();
+
+            private const int m = 409;
+            private const int k = 87;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+                    + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect409r1
+         */
+        internal class Sect409r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect409r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect409r1Holder();
+
+            private const int m = 409;
+            private const int k = 87;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = FromHex("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F");
+                byte[] S = Hex.Decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
+                BigInteger n = FromHex("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+                    + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect571k1
+         */
+        internal class Sect571k1Holder
+            : X9ECParametersHolder
+        {
+            private Sect571k1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect571k1Holder();
+
+            private const int m = 571;
+            private const int k1 = 2;
+            private const int k2 = 5;
+            private const int k3 = 10;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.Zero;
+                BigInteger b = BigInteger.One;
+                byte[] S = null;
+                BigInteger n = FromHex("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001");
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+                    + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+        /*
+         * sect571r1
+         */
+        internal class Sect571r1Holder
+            : X9ECParametersHolder
+        {
+            private Sect571r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Sect571r1Holder();
+
+            private const int m = 571;
+            private const int k1 = 2;
+            private const int k2 = 5;
+            private const int k3 = 10;
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger a = BigInteger.One;
+                BigInteger b = FromHex("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A");
+                byte[] S = Hex.Decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
+                BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47");
+                BigInteger h = BigInteger.ValueOf(2);
+
+                ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b, n, h);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+                    + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
+
+                return new X9ECParameters(curve, G, n, h, S);
+            }
+        }
+
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary curves = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurve(
+            string					name,
+            DerObjectIdentifier		oid,
+            X9ECParametersHolder	holder)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+            curves.Add(oid, holder);
+        }
+
+        static SecNamedCurves()
+        {
+            DefineCurve("secp112r1", SecObjectIdentifiers.SecP112r1, Secp112r1Holder.Instance);
+            DefineCurve("secp112r2", SecObjectIdentifiers.SecP112r2, Secp112r2Holder.Instance);
+            DefineCurve("secp128r1", SecObjectIdentifiers.SecP128r1, Secp128r1Holder.Instance);
+            DefineCurve("secp128r2", SecObjectIdentifiers.SecP128r2, Secp128r2Holder.Instance);
+            DefineCurve("secp160k1", SecObjectIdentifiers.SecP160k1, Secp160k1Holder.Instance);
+            DefineCurve("secp160r1", SecObjectIdentifiers.SecP160r1, Secp160r1Holder.Instance);
+            DefineCurve("secp160r2", SecObjectIdentifiers.SecP160r2, Secp160r2Holder.Instance);
+            DefineCurve("secp192k1", SecObjectIdentifiers.SecP192k1, Secp192k1Holder.Instance);
+            DefineCurve("secp192r1", SecObjectIdentifiers.SecP192r1, Secp192r1Holder.Instance);
+            DefineCurve("secp224k1", SecObjectIdentifiers.SecP224k1, Secp224k1Holder.Instance);
+            DefineCurve("secp224r1", SecObjectIdentifiers.SecP224r1, Secp224r1Holder.Instance);
+            DefineCurve("secp256k1", SecObjectIdentifiers.SecP256k1, Secp256k1Holder.Instance);
+            DefineCurve("secp256r1", SecObjectIdentifiers.SecP256r1, Secp256r1Holder.Instance);
+            DefineCurve("secp384r1", SecObjectIdentifiers.SecP384r1, Secp384r1Holder.Instance);
+            DefineCurve("secp521r1", SecObjectIdentifiers.SecP521r1, Secp521r1Holder.Instance);
+
+            DefineCurve("sect113r1", SecObjectIdentifiers.SecT113r1, Sect113r1Holder.Instance);
+            DefineCurve("sect113r2", SecObjectIdentifiers.SecT113r2, Sect113r2Holder.Instance);
+            DefineCurve("sect131r1", SecObjectIdentifiers.SecT131r1, Sect131r1Holder.Instance);
+            DefineCurve("sect131r2", SecObjectIdentifiers.SecT131r2, Sect131r2Holder.Instance);
+            DefineCurve("sect163k1", SecObjectIdentifiers.SecT163k1, Sect163k1Holder.Instance);
+            DefineCurve("sect163r1", SecObjectIdentifiers.SecT163r1, Sect163r1Holder.Instance);
+            DefineCurve("sect163r2", SecObjectIdentifiers.SecT163r2, Sect163r2Holder.Instance);
+            DefineCurve("sect193r1", SecObjectIdentifiers.SecT193r1, Sect193r1Holder.Instance);
+            DefineCurve("sect193r2", SecObjectIdentifiers.SecT193r2, Sect193r2Holder.Instance);
+            DefineCurve("sect233k1", SecObjectIdentifiers.SecT233k1, Sect233k1Holder.Instance);
+            DefineCurve("sect233r1", SecObjectIdentifiers.SecT233r1, Sect233r1Holder.Instance);
+            DefineCurve("sect239k1", SecObjectIdentifiers.SecT239k1, Sect239k1Holder.Instance);
+            DefineCurve("sect283k1", SecObjectIdentifiers.SecT283k1, Sect283k1Holder.Instance);
+            DefineCurve("sect283r1", SecObjectIdentifiers.SecT283r1, Sect283r1Holder.Instance);
+            DefineCurve("sect409k1", SecObjectIdentifiers.SecT409k1, Sect409k1Holder.Instance);
+            DefineCurve("sect409r1", SecObjectIdentifiers.SecT409r1, Sect409r1Holder.Instance);
+            DefineCurve("sect571k1", SecObjectIdentifiers.SecT571k1, Sect571k1Holder.Instance);
+            DefineCurve("sect571r1", SecObjectIdentifiers.SecT571r1, Sect571r1Holder.Instance);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+         * return the X9ECParameters object for the named curve represented by
+         * the passed in object identifier. Null if the curve isn't present.
+         *
+         * @param oid an object identifier representing a named curve, if present.
+         */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)curves[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+         * return the named curve name represented by the given object identifier.
+         */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string)names[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/sec/SECObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/sec/SECObjectIdentifiers.cs
new file mode 100644
index 0000000..afc10e1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/sec/SECObjectIdentifiers.cs
@@ -0,0 +1,52 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X9;
+
+namespace Org.BouncyCastle.Asn1.Sec
+{
+	public abstract class SecObjectIdentifiers
+	{
+		/**
+		 *  EllipticCurve OBJECT IDENTIFIER ::= {
+		 *        iso(1) identified-organization(3) certicom(132) curve(0)
+		 *  }
+		 */
+		public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier("1.3.132.0");
+
+		public static readonly DerObjectIdentifier SecT163k1 = new DerObjectIdentifier(EllipticCurve + ".1");
+		public static readonly DerObjectIdentifier SecT163r1 = new DerObjectIdentifier(EllipticCurve + ".2");
+		public static readonly DerObjectIdentifier SecT239k1 = new DerObjectIdentifier(EllipticCurve + ".3");
+		public static readonly DerObjectIdentifier SecT113r1 = new DerObjectIdentifier(EllipticCurve + ".4");
+		public static readonly DerObjectIdentifier SecT113r2 = new DerObjectIdentifier(EllipticCurve + ".5");
+		public static readonly DerObjectIdentifier SecP112r1 = new DerObjectIdentifier(EllipticCurve + ".6");
+		public static readonly DerObjectIdentifier SecP112r2 = new DerObjectIdentifier(EllipticCurve + ".7");
+		public static readonly DerObjectIdentifier SecP160r1 = new DerObjectIdentifier(EllipticCurve + ".8");
+		public static readonly DerObjectIdentifier SecP160k1 = new DerObjectIdentifier(EllipticCurve + ".9");
+		public static readonly DerObjectIdentifier SecP256k1 = new DerObjectIdentifier(EllipticCurve + ".10");
+		public static readonly DerObjectIdentifier SecT163r2 = new DerObjectIdentifier(EllipticCurve + ".15");
+		public static readonly DerObjectIdentifier SecT283k1 = new DerObjectIdentifier(EllipticCurve + ".16");
+		public static readonly DerObjectIdentifier SecT283r1 = new DerObjectIdentifier(EllipticCurve + ".17");
+		public static readonly DerObjectIdentifier SecT131r1 = new DerObjectIdentifier(EllipticCurve + ".22");
+		public static readonly DerObjectIdentifier SecT131r2 = new DerObjectIdentifier(EllipticCurve + ".23");
+		public static readonly DerObjectIdentifier SecT193r1 = new DerObjectIdentifier(EllipticCurve + ".24");
+		public static readonly DerObjectIdentifier SecT193r2 = new DerObjectIdentifier(EllipticCurve + ".25");
+		public static readonly DerObjectIdentifier SecT233k1 = new DerObjectIdentifier(EllipticCurve + ".26");
+		public static readonly DerObjectIdentifier SecT233r1 = new DerObjectIdentifier(EllipticCurve + ".27");
+		public static readonly DerObjectIdentifier SecP128r1 = new DerObjectIdentifier(EllipticCurve + ".28");
+		public static readonly DerObjectIdentifier SecP128r2 = new DerObjectIdentifier(EllipticCurve + ".29");
+		public static readonly DerObjectIdentifier SecP160r2 = new DerObjectIdentifier(EllipticCurve + ".30");
+		public static readonly DerObjectIdentifier SecP192k1 = new DerObjectIdentifier(EllipticCurve + ".31");
+		public static readonly DerObjectIdentifier SecP224k1 = new DerObjectIdentifier(EllipticCurve + ".32");
+		public static readonly DerObjectIdentifier SecP224r1 = new DerObjectIdentifier(EllipticCurve + ".33");
+		public static readonly DerObjectIdentifier SecP384r1 = new DerObjectIdentifier(EllipticCurve + ".34");
+		public static readonly DerObjectIdentifier SecP521r1 = new DerObjectIdentifier(EllipticCurve + ".35");
+		public static readonly DerObjectIdentifier SecT409k1 = new DerObjectIdentifier(EllipticCurve + ".36");
+		public static readonly DerObjectIdentifier SecT409r1 = new DerObjectIdentifier(EllipticCurve + ".37");
+		public static readonly DerObjectIdentifier SecT571k1 = new DerObjectIdentifier(EllipticCurve + ".38");
+		public static readonly DerObjectIdentifier SecT571r1 = new DerObjectIdentifier(EllipticCurve + ".39");
+
+		public static readonly DerObjectIdentifier SecP192r1 = X9ObjectIdentifiers.Prime192v1;
+		public static readonly DerObjectIdentifier SecP256r1 = X9ObjectIdentifiers.Prime256v1;
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMEAttributes.cs b/bc-sharp-crypto/src/asn1/smime/SMIMEAttributes.cs
new file mode 100644
index 0000000..e154e5e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMEAttributes.cs
@@ -0,0 +1,11 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    public abstract class SmimeAttributes
+    {
+        public static readonly DerObjectIdentifier SmimeCapabilities = PkcsObjectIdentifiers.Pkcs9AtSmimeCapabilities;
+        public static readonly DerObjectIdentifier EncrypKeyPref = PkcsObjectIdentifiers.IdAAEncrypKeyPref;
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMECapabilities.cs b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilities.cs
new file mode 100644
index 0000000..5bf48f3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilities.cs
@@ -0,0 +1,134 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    /**
+     * Handler class for dealing with S/MIME Capabilities
+     */
+    public class SmimeCapabilities
+        : Asn1Encodable
+    {
+        /**
+         * general preferences
+         */
+        public static readonly DerObjectIdentifier PreferSignedData = PkcsObjectIdentifiers.PreferSignedData;
+        public static readonly DerObjectIdentifier CannotDecryptAny = PkcsObjectIdentifiers.CannotDecryptAny;
+        public static readonly DerObjectIdentifier SmimeCapabilitesVersions = PkcsObjectIdentifiers.SmimeCapabilitiesVersions;
+
+		/**
+         * encryption algorithms preferences
+         */
+        public static readonly DerObjectIdentifier Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc;
+        public static readonly DerObjectIdentifier Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc;
+        public static readonly DerObjectIdentifier Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc;
+        public static readonly DerObjectIdentifier IdeaCbc = new DerObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2");
+        public static readonly DerObjectIdentifier Cast5Cbc = new DerObjectIdentifier("1.2.840.113533.7.66.10");
+        public static readonly DerObjectIdentifier DesCbc = new DerObjectIdentifier("1.3.14.3.2.7");
+        public static readonly DerObjectIdentifier DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc;
+        public static readonly DerObjectIdentifier RC2Cbc = PkcsObjectIdentifiers.RC2Cbc;
+
+		private Asn1Sequence capabilities;
+
+		/**
+         * return an Attr object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static SmimeCapabilities GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is SmimeCapabilities)
+            {
+                return (SmimeCapabilities) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new SmimeCapabilities((Asn1Sequence) obj);
+            }
+
+			if (obj is AttributeX509)
+            {
+                return new SmimeCapabilities(
+                    (Asn1Sequence)(((AttributeX509) obj).AttrValues[0]));
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public SmimeCapabilities(
+            Asn1Sequence seq)
+        {
+            capabilities = seq;
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete("Use 'GetCapabilitiesForOid' instead")]
+        public ArrayList GetCapabilities(
+            DerObjectIdentifier capability)
+        {
+            ArrayList list = new ArrayList();
+            DoGetCapabilitiesForOid(capability, list);
+			return list;
+        }
+#endif
+
+        /**
+         * returns an ArrayList with 0 or more objects of all the capabilities
+         * matching the passed in capability Oid. If the Oid passed is null the
+         * entire set is returned.
+         */
+        public IList GetCapabilitiesForOid(
+            DerObjectIdentifier capability)
+        {
+            IList list = Platform.CreateArrayList();
+            DoGetCapabilitiesForOid(capability, list);
+			return list;
+        }
+
+        private void DoGetCapabilitiesForOid(DerObjectIdentifier capability, IList list)
+        {
+			if (capability == null)
+            {
+				foreach (object o in capabilities)
+				{
+                    SmimeCapability cap = SmimeCapability.GetInstance(o);
+
+					list.Add(cap);
+                }
+            }
+            else
+            {
+				foreach (object o in capabilities)
+				{
+                    SmimeCapability cap = SmimeCapability.GetInstance(o);
+
+					if (capability.Equals(cap.CapabilityID))
+                    {
+                        list.Add(cap);
+                    }
+                }
+            }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * SMIMECapabilities ::= Sequence OF SMIMECapability
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return capabilities;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs
new file mode 100644
index 0000000..310c478
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs
@@ -0,0 +1,16 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    public class SmimeCapabilitiesAttribute
+        : AttributeX509
+    {
+        public SmimeCapabilitiesAttribute(
+            SmimeCapabilityVector capabilities)
+            : base(SmimeAttributes.SmimeCapabilities,
+                    new DerSet(new DerSequence(capabilities.ToAsn1EncodableVector())))
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMECapability.cs b/bc-sharp-crypto/src/asn1/smime/SMIMECapability.cs
new file mode 100644
index 0000000..5709cb8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMECapability.cs
@@ -0,0 +1,101 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    public class SmimeCapability
+        : Asn1Encodable
+    {
+        /**
+         * general preferences
+         */
+        public static readonly DerObjectIdentifier PreferSignedData = PkcsObjectIdentifiers.PreferSignedData;
+        public static readonly DerObjectIdentifier CannotDecryptAny = PkcsObjectIdentifiers.CannotDecryptAny;
+        public static readonly DerObjectIdentifier SmimeCapabilitiesVersions = PkcsObjectIdentifiers.SmimeCapabilitiesVersions;
+
+		/**
+         * encryption algorithms preferences
+         */
+        public static readonly DerObjectIdentifier DesCbc = new DerObjectIdentifier("1.3.14.3.2.7");
+        public static readonly DerObjectIdentifier DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc;
+        public static readonly DerObjectIdentifier RC2Cbc = PkcsObjectIdentifiers.RC2Cbc;
+
+		private DerObjectIdentifier capabilityID;
+        private Asn1Object			parameters;
+
+		public SmimeCapability(
+            Asn1Sequence seq)
+        {
+            capabilityID = (DerObjectIdentifier) seq[0].ToAsn1Object();
+
+			if (seq.Count > 1)
+            {
+                parameters = seq[1].ToAsn1Object();
+            }
+        }
+
+		public SmimeCapability(
+            DerObjectIdentifier	capabilityID,
+            Asn1Encodable		parameters)
+        {
+			if (capabilityID == null)
+				throw new ArgumentNullException("capabilityID");
+
+			this.capabilityID = capabilityID;
+
+			if (parameters != null)
+			{
+				this.parameters = parameters.ToAsn1Object();
+			}
+        }
+
+		public static SmimeCapability GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is SmimeCapability)
+            {
+                return (SmimeCapability) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new SmimeCapability((Asn1Sequence) obj);
+            }
+
+			throw new ArgumentException("Invalid SmimeCapability");
+        }
+
+		public DerObjectIdentifier CapabilityID
+		{
+			get { return capabilityID; }
+		}
+
+		public Asn1Object Parameters
+		{
+			get { return parameters; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * SMIMECapability ::= Sequence {
+         *     capabilityID OBJECT IDENTIFIER,
+         *     parameters ANY DEFINED BY capabilityID OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(capabilityID);
+
+			if (parameters != null)
+            {
+                v.Add(parameters);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMECapabilityVector.cs b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilityVector.cs
new file mode 100644
index 0000000..842825b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMECapabilityVector.cs
@@ -0,0 +1,37 @@
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    /**
+     * Handler for creating a vector S/MIME Capabilities
+     */
+    public class SmimeCapabilityVector
+    {
+        private readonly Asn1EncodableVector capabilities = new Asn1EncodableVector();
+
+		public void AddCapability(
+            DerObjectIdentifier capability)
+        {
+            capabilities.Add(new DerSequence(capability));
+        }
+
+		public void AddCapability(
+            DerObjectIdentifier capability,
+            int                 value)
+        {
+			capabilities.Add(new DerSequence(capability, new DerInteger(value)));
+        }
+
+		public void AddCapability(
+            DerObjectIdentifier capability,
+            Asn1Encodable		parameters)
+        {
+			capabilities.Add(new DerSequence(capability, parameters));
+        }
+
+		public Asn1EncodableVector ToAsn1EncodableVector()
+        {
+            return capabilities;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs b/bc-sharp-crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs
new file mode 100644
index 0000000..19c5fd7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs
@@ -0,0 +1,44 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Smime
+{
+    /**
+     * The SmimeEncryptionKeyPreference object.
+     * <pre>
+     * SmimeEncryptionKeyPreference ::= CHOICE {
+     *     issuerAndSerialNumber   [0] IssuerAndSerialNumber,
+     *     receipentKeyId          [1] RecipientKeyIdentifier,
+     *     subjectAltKeyIdentifier [2] SubjectKeyIdentifier
+     * }
+     * </pre>
+     */
+    public class SmimeEncryptionKeyPreferenceAttribute
+        : AttributeX509
+    {
+        public SmimeEncryptionKeyPreferenceAttribute(
+            IssuerAndSerialNumber issAndSer)
+            : base(SmimeAttributes.EncrypKeyPref,
+                new DerSet(new DerTaggedObject(false, 0, issAndSer)))
+        {
+        }
+
+        public SmimeEncryptionKeyPreferenceAttribute(
+            RecipientKeyIdentifier rKeyID)
+            : base(SmimeAttributes.EncrypKeyPref,
+                new DerSet(new DerTaggedObject(false, 1, rKeyID)))
+        {
+        }
+
+        /**
+         * @param sKeyId the subjectKeyIdentifier value (normally the X.509 one)
+         */
+        public SmimeEncryptionKeyPreferenceAttribute(
+            Asn1OctetString sKeyID)
+            : base(SmimeAttributes.EncrypKeyPref,
+                new DerSet(new DerTaggedObject(false, 2, sKeyID)))
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs b/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
new file mode 100644
index 0000000..9a82db3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs
@@ -0,0 +1,470 @@
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.TeleTrust
+{
+    /**
+    * elliptic curves defined in "ECC Brainpool Standard Curves and Curve Generation"
+    * http://www.ecc-brainpool.org/download/draft_pkix_additional_ecc_dp.txt
+    */
+    public class TeleTrusTNamedCurves
+    {
+        private static ECCurve ConfigureCurve(ECCurve curve)
+        {
+            return curve;
+        }
+
+        internal class BrainpoolP160r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP160r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP160r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q
+                    new BigInteger("340E7BE2A280EB74E2BE61BADA745D97E8F7C300", 16), // a
+                    new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP160t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP160t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP160t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //   new BigInteger("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B", 16), // Z
+                    new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q
+                    new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620C", 16), // a'
+                    new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04B199B13B9B34EFC1397E64BAEB05ACC265FF2378ADD6718B7C7C1961F0991B842443772152C9E0AD")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP192r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP192r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP192r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q
+                    new BigInteger("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", 16), // a
+                    new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP192t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP192t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP192t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") //Z
+                    new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q
+                    new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", 16), // a'
+                    new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("043AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9")), // G'
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP224r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP224r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP224r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q
+                    new BigInteger("68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", 16), // a
+                    new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP224t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP224t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP224t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F") //Z
+                    new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q
+                    new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", 16), // a'
+                    new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("046AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D5800374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C")), // G'
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP256r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP256r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP256r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q
+                    new BigInteger("7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", 16), // a
+                    new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP256t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP256t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP256t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0") //Z
+                    new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q
+                    new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", 16), // a'
+                    new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F42D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE")), // G'
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP320r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP320r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP320r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q
+                    new BigInteger("3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", 16), // a
+                    new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP320t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP320t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP320t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1") //Z
+                    new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q
+                    new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", 16), // a'
+                    new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED5263BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3")), // G'
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP384r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP384r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP384r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q
+                    new BigInteger("7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", 16), // a
+                    new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP384t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP384t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP384t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C") //Z
+                    new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q
+                    new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", 16), // a'
+                    new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("0418DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928")), // G'
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP512r1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP512r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP512r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q
+                    new BigInteger("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", 16), // a
+                    new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16), // b
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892")), // G
+                    n, h);
+            }
+        }
+
+        internal class BrainpoolP512t1Holder
+            : X9ECParametersHolder
+        {
+            private BrainpoolP512t1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new BrainpoolP512t1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16);
+                BigInteger h = new BigInteger("01", 16);
+
+                ECCurve curve = ConfigureCurve(new FpCurve(
+                    //new BigInteger("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") //Z
+                    new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q
+                    new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", 16), // a'
+                    new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16), // b'
+                    n, h));
+
+                return new X9ECParameters(
+                    curve,
+                    new X9ECPoint(curve, Hex.Decode("04640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332")), // G'
+                    n, h);
+            }
+        }
+
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary curves = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurve(
+            string					name,
+            DerObjectIdentifier		oid,
+            X9ECParametersHolder	holder)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+            curves.Add(oid, holder);
+        }
+
+        static TeleTrusTNamedCurves()
+        {
+            DefineCurve("brainpoolP160r1", TeleTrusTObjectIdentifiers.BrainpoolP160R1, BrainpoolP160r1Holder.Instance);
+            DefineCurve("brainpoolP160t1", TeleTrusTObjectIdentifiers.BrainpoolP160T1, BrainpoolP160t1Holder.Instance);
+            DefineCurve("brainpoolP192r1", TeleTrusTObjectIdentifiers.BrainpoolP192R1, BrainpoolP192r1Holder.Instance);
+            DefineCurve("brainpoolP192t1", TeleTrusTObjectIdentifiers.BrainpoolP192T1, BrainpoolP192t1Holder.Instance);
+            DefineCurve("brainpoolP224r1", TeleTrusTObjectIdentifiers.BrainpoolP224R1, BrainpoolP224r1Holder.Instance);
+            DefineCurve("brainpoolP224t1", TeleTrusTObjectIdentifiers.BrainpoolP224T1, BrainpoolP224t1Holder.Instance);
+            DefineCurve("brainpoolP256r1", TeleTrusTObjectIdentifiers.BrainpoolP256R1, BrainpoolP256r1Holder.Instance);
+            DefineCurve("brainpoolP256t1", TeleTrusTObjectIdentifiers.BrainpoolP256T1, BrainpoolP256t1Holder.Instance);
+            DefineCurve("brainpoolP320r1", TeleTrusTObjectIdentifiers.BrainpoolP320R1, BrainpoolP320r1Holder.Instance);
+            DefineCurve("brainpoolP320t1", TeleTrusTObjectIdentifiers.BrainpoolP320T1, BrainpoolP320t1Holder.Instance);
+            DefineCurve("brainpoolP384r1", TeleTrusTObjectIdentifiers.BrainpoolP384R1, BrainpoolP384r1Holder.Instance);
+            DefineCurve("brainpoolP384t1", TeleTrusTObjectIdentifiers.BrainpoolP384T1, BrainpoolP384t1Holder.Instance);
+            DefineCurve("brainpoolP512r1", TeleTrusTObjectIdentifiers.BrainpoolP512R1, BrainpoolP512r1Holder.Instance);
+            DefineCurve("brainpoolP512t1", TeleTrusTObjectIdentifiers.BrainpoolP512T1, BrainpoolP512t1Holder.Instance);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+        * return the X9ECParameters object for the named curve represented by
+        * the passed in object identifier. Null if the curve isn't present.
+        *
+        * @param oid an object identifier representing a named curve, if present.
+        */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)curves[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+        * return the object identifier signified by the passed in name. Null
+        * if there is no object identifier associated with name.
+        *
+        * @return the object identifier associated with name, if present.
+        */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+        * return the named curve name represented by the given object identifier.
+        */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string)names[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+
+        public static DerObjectIdentifier GetOid(
+            short	curvesize,
+            bool	twisted)
+        {
+            return GetOid("brainpoolP" + curvesize + (twisted ? "t" : "r") + "1");
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs
new file mode 100644
index 0000000..56e7084
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs
@@ -0,0 +1,45 @@
+namespace Org.BouncyCastle.Asn1.TeleTrust
+{
+	public sealed class TeleTrusTObjectIdentifiers
+	{
+		private TeleTrusTObjectIdentifiers()
+		{
+		}
+
+		public static readonly DerObjectIdentifier TeleTrusTAlgorithm = new DerObjectIdentifier("1.3.36.3");
+
+		public static readonly DerObjectIdentifier RipeMD160 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.1");
+		public static readonly DerObjectIdentifier RipeMD128 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.2");
+		public static readonly DerObjectIdentifier RipeMD256 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.3");
+
+		public static readonly DerObjectIdentifier TeleTrusTRsaSignatureAlgorithm = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.1");
+
+		public static readonly DerObjectIdentifier RsaSignatureWithRipeMD160 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".2");
+		public static readonly DerObjectIdentifier RsaSignatureWithRipeMD128 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".3");
+		public static readonly DerObjectIdentifier RsaSignatureWithRipeMD256 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".4");
+
+		public static readonly DerObjectIdentifier ECSign = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.2");
+
+		public static readonly DerObjectIdentifier ECSignWithSha1 = new DerObjectIdentifier(ECSign + ".1");
+		public static readonly DerObjectIdentifier ECSignWithRipeMD160 = new DerObjectIdentifier(ECSign + ".2");
+
+		public static readonly DerObjectIdentifier EccBrainpool = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.2.8");
+		public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier(EccBrainpool + ".1");
+		public static readonly DerObjectIdentifier VersionOne = new DerObjectIdentifier(EllipticCurve + ".1");    
+
+		public static readonly DerObjectIdentifier BrainpoolP160R1 = new DerObjectIdentifier(VersionOne + ".1");
+		public static readonly DerObjectIdentifier BrainpoolP160T1 = new DerObjectIdentifier(VersionOne + ".2");
+		public static readonly DerObjectIdentifier BrainpoolP192R1 = new DerObjectIdentifier(VersionOne + ".3");
+		public static readonly DerObjectIdentifier BrainpoolP192T1 = new DerObjectIdentifier(VersionOne + ".4");
+		public static readonly DerObjectIdentifier BrainpoolP224R1 = new DerObjectIdentifier(VersionOne + ".5");
+		public static readonly DerObjectIdentifier BrainpoolP224T1 = new DerObjectIdentifier(VersionOne + ".6");
+		public static readonly DerObjectIdentifier BrainpoolP256R1 = new DerObjectIdentifier(VersionOne + ".7");
+		public static readonly DerObjectIdentifier BrainpoolP256T1 = new DerObjectIdentifier(VersionOne + ".8");
+		public static readonly DerObjectIdentifier BrainpoolP320R1 = new DerObjectIdentifier(VersionOne + ".9");
+		public static readonly DerObjectIdentifier BrainpoolP320T1 = new DerObjectIdentifier(VersionOne + ".10");
+		public static readonly DerObjectIdentifier BrainpoolP384R1 = new DerObjectIdentifier(VersionOne + ".11");
+		public static readonly DerObjectIdentifier BrainpoolP384T1 = new DerObjectIdentifier(VersionOne + ".12");
+		public static readonly DerObjectIdentifier BrainpoolP512R1 = new DerObjectIdentifier(VersionOne + ".13");
+		public static readonly DerObjectIdentifier BrainpoolP512T1 = new DerObjectIdentifier(VersionOne + ".14");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/tsp/Accuracy.cs b/bc-sharp-crypto/src/asn1/tsp/Accuracy.cs
new file mode 100644
index 0000000..9f2c7e8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/tsp/Accuracy.cs
@@ -0,0 +1,151 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Tsp
+{
+	public class Accuracy
+		: Asn1Encodable
+	{
+		private readonly DerInteger seconds;
+		private readonly DerInteger millis;
+		private readonly DerInteger micros;
+
+		// constants
+		protected const int MinMillis = 1;
+		protected const int MaxMillis = 999;
+		protected const int MinMicros = 1;
+		protected const int MaxMicros = 999;
+
+		public Accuracy(
+			DerInteger seconds,
+			DerInteger millis,
+			DerInteger micros)
+		{
+			//Verifications
+			if (millis != null
+				&& (millis.Value.IntValue < MinMillis
+					|| millis.Value.IntValue > MaxMillis))
+			{
+				throw new ArgumentException(
+					"Invalid millis field : not in (1..999)");
+			}
+
+			if (micros != null
+				&& (micros.Value.IntValue < MinMicros
+					|| micros.Value.IntValue > MaxMicros))
+			{
+				throw new ArgumentException(
+					"Invalid micros field : not in (1..999)");
+			}
+
+			this.seconds = seconds;
+			this.millis = millis;
+			this.micros = micros;
+		}
+
+		private Accuracy(
+			Asn1Sequence seq)
+		{
+			for (int i = 0; i < seq.Count; ++i)
+			{
+				// seconds
+				if (seq[i] is DerInteger)
+				{
+					seconds = (DerInteger) seq[i];
+				}
+				else if (seq[i] is DerTaggedObject)
+				{
+					DerTaggedObject extra = (DerTaggedObject) seq[i];
+
+					switch (extra.TagNo)
+					{
+						case 0:
+							millis = DerInteger.GetInstance(extra, false);
+							if (millis.Value.IntValue < MinMillis
+								|| millis.Value.IntValue > MaxMillis)
+							{
+								throw new ArgumentException(
+									"Invalid millis field : not in (1..999).");
+							}
+							break;
+						case 1:
+							micros = DerInteger.GetInstance(extra, false);
+							if (micros.Value.IntValue < MinMicros
+								|| micros.Value.IntValue > MaxMicros)
+							{
+								throw new ArgumentException(
+									"Invalid micros field : not in (1..999).");
+							}
+							break;
+						default:
+							throw new ArgumentException("Invalig tag number");
+					}
+				}
+			}
+		}
+
+		public static Accuracy GetInstance(
+			object o)
+		{
+			if (o == null || o is Accuracy)
+			{
+				return (Accuracy) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new Accuracy((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"Unknown object in 'Accuracy' factory: " + Platform.GetTypeName(o));
+		}
+
+		public DerInteger Seconds
+		{
+			get { return seconds; }
+		}
+
+		public DerInteger Millis
+		{
+			get { return millis; }
+		}
+
+		public DerInteger Micros
+		{
+			get { return micros; }
+		}
+
+		/**
+		 * <pre>
+		 * Accuracy ::= SEQUENCE {
+		 *             seconds        INTEGER              OPTIONAL,
+		 *             millis     [0] INTEGER  (1..999)    OPTIONAL,
+		 *             micros     [1] INTEGER  (1..999)    OPTIONAL
+		 *             }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (seconds != null)
+			{
+				v.Add(seconds);
+			}
+
+			if (millis != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, millis));
+			}
+
+			if (micros != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, micros));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/tsp/MessageImprint.cs b/bc-sharp-crypto/src/asn1/tsp/MessageImprint.cs
new file mode 100644
index 0000000..44ef7d1
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/tsp/MessageImprint.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Tsp
+{
+	public class MessageImprint
+		: Asn1Encodable
+	{
+		private readonly AlgorithmIdentifier	hashAlgorithm;
+		private readonly byte[]					hashedMessage;
+
+		/**
+		 * @param o
+		 * @return a MessageImprint object.
+		 */
+		public static MessageImprint GetInstance(
+			object o)
+		{
+			if (o == null || o is MessageImprint)
+			{
+				return (MessageImprint) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new MessageImprint((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"Unknown object in 'MessageImprint' factory: " + Platform.GetTypeName(o));
+		}
+
+		private MessageImprint(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+			this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]);
+			this.hashedMessage = Asn1OctetString.GetInstance(seq[1]).GetOctets();
+		}
+
+		public MessageImprint(
+			AlgorithmIdentifier	hashAlgorithm,
+			byte[]				hashedMessage)
+		{
+			this.hashAlgorithm = hashAlgorithm;
+			this.hashedMessage = hashedMessage;
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public byte[] GetHashedMessage()
+		{
+			return hashedMessage;
+		}
+
+		/**
+		 * <pre>
+		 *    MessageImprint ::= SEQUENCE  {
+		 *       hashAlgorithm                AlgorithmIdentifier,
+		 *       hashedMessage                OCTET STRING  }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(hashAlgorithm, new DerOctetString(hashedMessage));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/tsp/TSTInfo.cs b/bc-sharp-crypto/src/asn1/tsp/TSTInfo.cs
new file mode 100644
index 0000000..89f3e8b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/tsp/TSTInfo.cs
@@ -0,0 +1,250 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Tsp
+{
+	public class TstInfo
+		: Asn1Encodable
+	{
+		private readonly DerInteger				version;
+		private readonly DerObjectIdentifier	tsaPolicyId;
+		private readonly MessageImprint			messageImprint;
+		private readonly DerInteger				serialNumber;
+		private readonly DerGeneralizedTime		genTime;
+		private readonly Accuracy				accuracy;
+		private readonly DerBoolean				ordering;
+		private readonly DerInteger				nonce;
+		private readonly GeneralName			tsa;
+		private readonly X509Extensions			extensions;
+
+		public static TstInfo GetInstance(
+			object o)
+		{
+			if (o == null || o is TstInfo)
+			{
+				return (TstInfo) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new TstInfo((Asn1Sequence) o);
+			}
+
+			if (o is Asn1OctetString)
+			{
+				try
+				{
+					byte[] octets = ((Asn1OctetString)o).GetOctets();
+					return GetInstance(Asn1Object.FromByteArray(octets));
+				}
+				catch (IOException)
+				{
+					throw new ArgumentException(
+						"Bad object format in 'TstInfo' factory.");
+				}
+			}
+
+			throw new ArgumentException(
+				"Unknown object in 'TstInfo' factory: " + Platform.GetTypeName(o));
+		}
+
+		private TstInfo(
+			Asn1Sequence seq)
+		{
+			IEnumerator e = seq.GetEnumerator();
+
+			// version
+			e.MoveNext();
+			version = DerInteger.GetInstance(e.Current);
+
+			// tsaPolicy
+			e.MoveNext();
+			tsaPolicyId = DerObjectIdentifier.GetInstance(e.Current);
+
+			// messageImprint
+			e.MoveNext();
+			messageImprint = MessageImprint.GetInstance(e.Current);
+
+			// serialNumber
+			e.MoveNext();
+			serialNumber = DerInteger.GetInstance(e.Current);
+
+			// genTime
+			e.MoveNext();
+			genTime = DerGeneralizedTime.GetInstance(e.Current);
+
+			// default for ordering
+			ordering = DerBoolean.False;
+
+			while (e.MoveNext())
+			{
+				Asn1Object o = (Asn1Object) e.Current;
+
+				if (o is Asn1TaggedObject)
+				{
+					DerTaggedObject tagged = (DerTaggedObject) o;
+
+					switch (tagged.TagNo)
+					{
+						case 0:
+							tsa = GeneralName.GetInstance(tagged, true);
+							break;
+						case 1:
+							extensions = X509Extensions.GetInstance(tagged, false);
+							break;
+						default:
+							throw new ArgumentException("Unknown tag value " + tagged.TagNo);
+					}
+				}
+
+				if (o is DerSequence)
+				{
+					accuracy = Accuracy.GetInstance(o);
+				}
+
+				if (o is DerBoolean)
+				{
+					ordering = DerBoolean.GetInstance(o);
+				}
+
+				if (o is DerInteger)
+				{
+					nonce = DerInteger.GetInstance(o);
+				}
+			}
+		}
+
+		public TstInfo(
+			DerObjectIdentifier	tsaPolicyId,
+			MessageImprint		messageImprint,
+			DerInteger			serialNumber,
+			DerGeneralizedTime	genTime,
+			Accuracy			accuracy,
+			DerBoolean			ordering,
+			DerInteger			nonce,
+			GeneralName			tsa,
+			X509Extensions		extensions)
+		{
+			this.version = new DerInteger(1);
+			this.tsaPolicyId = tsaPolicyId;
+			this.messageImprint = messageImprint;
+			this.serialNumber = serialNumber;
+			this.genTime = genTime;
+			this.accuracy = accuracy;
+			this.ordering = ordering;
+			this.nonce = nonce;
+			this.tsa = tsa;
+			this.extensions = extensions;
+		}
+
+        public DerInteger Version
+        {
+            get { return version; }
+        }
+
+		public MessageImprint MessageImprint
+		{
+			get { return messageImprint; }
+		}
+
+		public DerObjectIdentifier Policy
+		{
+			get { return tsaPolicyId; }
+		}
+
+		public DerInteger SerialNumber
+		{
+			get { return serialNumber; }
+		}
+
+		public Accuracy Accuracy
+		{
+			get { return accuracy; }
+		}
+
+		public DerGeneralizedTime GenTime
+		{
+			get { return genTime; }
+		}
+
+		public DerBoolean Ordering
+		{
+			get { return ordering; }
+		}
+
+		public DerInteger Nonce
+		{
+			get { return nonce; }
+		}
+
+		public GeneralName Tsa
+		{
+			get { return tsa; }
+		}
+
+		public X509Extensions Extensions
+		{
+			get { return extensions; }
+		}
+
+		/**
+		 * <pre>
+		 *
+		 *     TstInfo ::= SEQUENCE  {
+		 *        version                      INTEGER  { v1(1) },
+		 *        policy                       TSAPolicyId,
+		 *        messageImprint               MessageImprint,
+		 *          -- MUST have the same value as the similar field in
+		 *          -- TimeStampReq
+		 *        serialNumber                 INTEGER,
+		 *         -- Time-Stamping users MUST be ready to accommodate integers
+		 *         -- up to 160 bits.
+		 *        genTime                      GeneralizedTime,
+		 *        accuracy                     Accuracy                 OPTIONAL,
+		 *        ordering                     BOOLEAN             DEFAULT FALSE,
+		 *        nonce                        INTEGER                  OPTIONAL,
+		 *          -- MUST be present if the similar field was present
+		 *          -- in TimeStampReq.  In that case it MUST have the same value.
+		 *        tsa                          [0] GeneralName          OPTIONAL,
+		 *        extensions                   [1] IMPLICIT Extensions   OPTIONAL  }
+		 *
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				version, tsaPolicyId, messageImprint, serialNumber, genTime);
+
+			if (accuracy != null)
+			{
+				v.Add(accuracy);
+			}
+
+			if (ordering != null && ordering.IsTrue)
+			{
+				v.Add(ordering);
+			}
+
+			if (nonce != null)
+			{
+				v.Add(nonce);
+			}
+
+			if (tsa != null)
+			{
+				v.Add(new DerTaggedObject(true, 0, tsa));
+			}
+
+			if (extensions != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, extensions));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/tsp/TimeStampReq.cs b/bc-sharp-crypto/src/asn1/tsp/TimeStampReq.cs
new file mode 100644
index 0000000..5b05f33
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/tsp/TimeStampReq.cs
@@ -0,0 +1,165 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Tsp
+{
+	public class TimeStampReq
+		: Asn1Encodable
+	{
+		private readonly DerInteger				version;
+		private readonly MessageImprint			messageImprint;
+		private readonly DerObjectIdentifier	tsaPolicy;
+		private readonly DerInteger				nonce;
+		private readonly DerBoolean				certReq;
+		private readonly X509Extensions			extensions;
+
+		public static TimeStampReq GetInstance(
+			object o)
+		{
+			if (o == null || o is TimeStampReq)
+			{
+				return (TimeStampReq) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new TimeStampReq((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"Unknown object in 'TimeStampReq' factory: " + Platform.GetTypeName(o));
+		}
+
+		private TimeStampReq(
+			Asn1Sequence seq)
+		{
+			int nbObjects = seq.Count;
+			int seqStart = 0;
+
+			// version
+			version = DerInteger.GetInstance(seq[seqStart++]);
+
+			// messageImprint
+			messageImprint = MessageImprint.GetInstance(seq[seqStart++]);
+
+			for (int opt = seqStart; opt < nbObjects; opt++)
+			{
+				// tsaPolicy
+				if (seq[opt] is DerObjectIdentifier)
+				{
+					tsaPolicy = DerObjectIdentifier.GetInstance(seq[opt]);
+				}
+				// nonce
+				else if (seq[opt] is DerInteger)
+				{
+					nonce = DerInteger.GetInstance(seq[opt]);
+				}
+				// certReq
+				else if (seq[opt] is DerBoolean)
+				{
+					certReq = DerBoolean.GetInstance(seq[opt]);
+				}
+				// extensions
+				else if (seq[opt] is Asn1TaggedObject)
+				{
+					Asn1TaggedObject tagged = (Asn1TaggedObject) seq[opt];
+					if (tagged.TagNo == 0)
+					{
+						extensions = X509Extensions.GetInstance(tagged, false);
+					}
+				}
+			}
+		}
+
+		public TimeStampReq(
+			MessageImprint		messageImprint,
+			DerObjectIdentifier	tsaPolicy,
+			DerInteger			nonce,
+			DerBoolean			certReq,
+			X509Extensions		extensions)
+		{
+			// default
+			this.version = new DerInteger(1);
+
+			this.messageImprint = messageImprint;
+			this.tsaPolicy = tsaPolicy;
+			this.nonce = nonce;
+			this.certReq = certReq;
+			this.extensions = extensions;
+		}
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public MessageImprint MessageImprint
+		{
+			get { return messageImprint; }
+		}
+
+		public DerObjectIdentifier ReqPolicy
+		{
+			get { return tsaPolicy; }
+		}
+
+		public DerInteger Nonce
+		{
+			get { return nonce; }
+		}
+
+		public DerBoolean CertReq
+		{
+			get { return certReq; }
+		}
+
+		public X509Extensions Extensions
+		{
+			get { return extensions; }
+		}
+
+		/**
+		 * <pre>
+		 * TimeStampReq ::= SEQUENCE  {
+		 *  version                      INTEGER  { v1(1) },
+		 *  messageImprint               MessageImprint,
+		 *    --a hash algorithm OID and the hash value of the data to be
+		 *    --time-stamped
+		 *  reqPolicy             TSAPolicyId              OPTIONAL,
+		 *  nonce                 INTEGER                  OPTIONAL,
+		 *  certReq               BOOLEAN                  DEFAULT FALSE,
+		 *  extensions            [0] IMPLICIT Extensions  OPTIONAL
+		 * }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				version, messageImprint);
+
+			if (tsaPolicy != null)
+			{
+				v.Add(tsaPolicy);
+			}
+
+			if (nonce != null)
+			{
+				v.Add(nonce);
+			}
+
+			if (certReq != null && certReq.IsTrue)
+			{
+				v.Add(certReq);
+			}
+
+			if (extensions != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, extensions));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/tsp/TimeStampResp.cs b/bc-sharp-crypto/src/asn1/tsp/TimeStampResp.cs
new file mode 100644
index 0000000..b910260
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/tsp/TimeStampResp.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Tsp
+{
+	public class TimeStampResp
+		: Asn1Encodable
+	{
+		private readonly PkiStatusInfo	pkiStatusInfo;
+		private readonly ContentInfo	timeStampToken;
+
+		public static TimeStampResp GetInstance(
+			object o)
+		{
+			if (o == null || o is TimeStampResp)
+			{
+				return (TimeStampResp) o;
+			}
+
+			if (o is Asn1Sequence)
+			{
+				return new TimeStampResp((Asn1Sequence) o);
+			}
+
+			throw new ArgumentException(
+				"Unknown object in 'TimeStampResp' factory: " + Platform.GetTypeName(o));
+		}
+
+		private TimeStampResp(
+			Asn1Sequence seq)
+		{
+			this.pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				this.timeStampToken = ContentInfo.GetInstance(seq[1]);
+			}
+		}
+
+		public TimeStampResp(
+			PkiStatusInfo	pkiStatusInfo,
+			ContentInfo		timeStampToken)
+		{
+			this.pkiStatusInfo = pkiStatusInfo;
+			this.timeStampToken = timeStampToken;
+		}
+
+		public PkiStatusInfo Status
+		{
+			get { return pkiStatusInfo; }
+		}
+
+		public ContentInfo TimeStampToken
+		{
+			get { return timeStampToken; }
+		}
+
+		/**
+		 * <pre>
+		 * TimeStampResp ::= SEQUENCE  {
+		 *   status                  PkiStatusInfo,
+		 *   timeStampToken          TimeStampToken     OPTIONAL  }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo);
+
+			if (timeStampToken != null)
+			{
+				v.Add(timeStampToken);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/util/Asn1Dump.cs b/bc-sharp-crypto/src/asn1/util/Asn1Dump.cs
new file mode 100644
index 0000000..6a21ee2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/util/Asn1Dump.cs
@@ -0,0 +1,381 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.Utilities
+{
+    public sealed class Asn1Dump
+    {
+        private static readonly string NewLine = Platform.NewLine;
+
+        private Asn1Dump()
+        {
+        }
+
+        private const string Tab = "    ";
+        private const int SampleSize = 32;
+
+        /**
+         * dump a Der object as a formatted string with indentation
+         *
+         * @param obj the Asn1Object to be dumped out.
+         */
+        private static void AsString(
+            string			indent,
+            bool			verbose,
+            Asn1Object		obj,
+            StringBuilder	buf)
+        {
+            if (obj is Asn1Sequence)
+            {
+                string tab = indent + Tab;
+                buf.Append(indent);
+                if (obj is BerSequence)
+                {
+                    buf.Append("BER Sequence");
+                }
+                else if (obj is DerSequence)
+                {
+                    buf.Append("DER Sequence");
+                }
+                else
+                {
+                    buf.Append("Sequence");
+                }
+
+                buf.Append(NewLine);
+
+                foreach (Asn1Encodable o in ((Asn1Sequence)obj))
+                {
+                    if (o == null || o is Asn1Null)
+                    {
+                        buf.Append(tab);
+                        buf.Append("NULL");
+                        buf.Append(NewLine);
+                    }
+                    else
+                    {
+                        AsString(tab, verbose, o.ToAsn1Object(), buf);
+                    }
+                }
+            }
+            else if (obj is DerTaggedObject)
+            {
+                string tab = indent + Tab;
+                buf.Append(indent);
+                if (obj is BerTaggedObject)
+                {
+                    buf.Append("BER Tagged [");
+                }
+                else
+                {
+                    buf.Append("Tagged [");
+                }
+
+                DerTaggedObject o = (DerTaggedObject)obj;
+
+                buf.Append(((int)o.TagNo).ToString());
+                buf.Append(']');
+
+                if (!o.IsExplicit())
+                {
+                    buf.Append(" IMPLICIT ");
+                }
+
+                buf.Append(NewLine);
+
+                if (o.IsEmpty())
+                {
+                    buf.Append(tab);
+                    buf.Append("EMPTY");
+                    buf.Append(NewLine);
+                }
+                else
+                {
+                    AsString(tab, verbose, o.GetObject(), buf);
+                }
+            }
+            else if (obj is BerSet)
+            {
+                string tab = indent + Tab;
+
+                buf.Append(indent);
+                buf.Append("BER Set");
+                buf.Append(NewLine);
+
+                foreach (Asn1Encodable o in ((Asn1Set)obj))
+                {
+                    if (o == null)
+                    {
+                        buf.Append(tab);
+                        buf.Append("NULL");
+                        buf.Append(NewLine);
+                    }
+                    else
+                    {
+                        AsString(tab, verbose, o.ToAsn1Object(), buf);
+                    }
+                }
+            }
+            else if (obj is DerSet)
+            {
+                string tab = indent + Tab;
+
+                buf.Append(indent);
+                buf.Append("DER Set");
+                buf.Append(NewLine);
+
+                foreach (Asn1Encodable o in ((Asn1Set)obj))
+                {
+                    if (o == null)
+                    {
+                        buf.Append(tab);
+                        buf.Append("NULL");
+                        buf.Append(NewLine);
+                    }
+                    else
+                    {
+                        AsString(tab, verbose, o.ToAsn1Object(), buf);
+                    }
+                }
+            }
+            else if (obj is DerObjectIdentifier)
+            {
+                buf.Append(indent + "ObjectIdentifier(" + ((DerObjectIdentifier)obj).Id + ")" + NewLine);
+            }
+            else if (obj is DerBoolean)
+            {
+                buf.Append(indent + "Boolean(" + ((DerBoolean)obj).IsTrue + ")" + NewLine);
+            }
+            else if (obj is DerInteger)
+            {
+                buf.Append(indent + "Integer(" + ((DerInteger)obj).Value + ")" + NewLine);
+            }
+            else if (obj is BerOctetString)
+            {
+                byte[] octets = ((Asn1OctetString)obj).GetOctets();
+                string extra = verbose ? dumpBinaryDataAsString(indent, octets) : "";
+                buf.Append(indent + "BER Octet String" + "[" + octets.Length + "] " + extra + NewLine);
+            }
+            else if (obj is DerOctetString)
+            {
+                byte[] octets = ((Asn1OctetString)obj).GetOctets();
+                string extra = verbose ? dumpBinaryDataAsString(indent, octets) : "";
+                buf.Append(indent + "DER Octet String" + "[" + octets.Length + "] " + extra + NewLine);
+            }
+            else if (obj is DerBitString)
+            {
+                DerBitString bt = (DerBitString)obj; 
+                byte[] bytes = bt.GetBytes();
+                string extra = verbose ? dumpBinaryDataAsString(indent, bytes) : "";
+                buf.Append(indent + "DER Bit String" + "[" + bytes.Length + ", " + bt.PadBits + "] " + extra + NewLine);
+            }
+            else if (obj is DerIA5String)
+            {
+                buf.Append(indent + "IA5String(" + ((DerIA5String)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerUtf8String)
+            {
+                buf.Append(indent + "UTF8String(" + ((DerUtf8String)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerPrintableString)
+            {
+                buf.Append(indent + "PrintableString(" + ((DerPrintableString)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerVisibleString)
+            {
+                buf.Append(indent + "VisibleString(" + ((DerVisibleString)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerBmpString)
+            {
+                buf.Append(indent + "BMPString(" + ((DerBmpString)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerT61String)
+            {
+                buf.Append(indent + "T61String(" + ((DerT61String)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerGraphicString)
+            {
+                buf.Append(indent + "GraphicString(" + ((DerGraphicString)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerVideotexString)
+            {
+                buf.Append(indent + "VideotexString(" + ((DerVideotexString)obj).GetString() + ") " + NewLine);
+            }
+            else if (obj is DerUtcTime)
+            {
+                buf.Append(indent + "UTCTime(" + ((DerUtcTime)obj).TimeString + ") " + NewLine);
+            }
+            else if (obj is DerGeneralizedTime)
+            {
+                buf.Append(indent + "GeneralizedTime(" + ((DerGeneralizedTime)obj).GetTime() + ") " + NewLine);
+            }
+            else if (obj is BerApplicationSpecific)
+            {
+                buf.Append(outputApplicationSpecific("BER", indent, verbose, (BerApplicationSpecific)obj));
+            }
+            else if (obj is DerApplicationSpecific)
+            {
+                buf.Append(outputApplicationSpecific("DER", indent, verbose, (DerApplicationSpecific)obj));
+            }
+            else if (obj is DerEnumerated)
+            {
+                DerEnumerated en = (DerEnumerated)obj;
+                buf.Append(indent + "DER Enumerated(" + en.Value + ")" + NewLine);
+            }
+            else if (obj is DerExternal)
+            {
+                DerExternal ext = (DerExternal)obj;
+                buf.Append(indent + "External " + NewLine);
+                string tab = indent + Tab;
+
+                if (ext.DirectReference != null)
+                {
+                    buf.Append(tab + "Direct Reference: " + ext.DirectReference.Id + NewLine);
+                }
+                if (ext.IndirectReference != null)
+                {
+                    buf.Append(tab + "Indirect Reference: " + ext.IndirectReference.ToString() + NewLine);
+                }
+                if (ext.DataValueDescriptor != null)
+                {
+                    AsString(tab, verbose, ext.DataValueDescriptor, buf);
+                }
+                buf.Append(tab + "Encoding: " + ext.Encoding + NewLine);
+                AsString(tab, verbose, ext.ExternalContent, buf);
+            }
+            else
+            {
+                buf.Append(indent + obj.ToString() + NewLine);
+            }
+        }
+
+        private static string outputApplicationSpecific(
+            string					type,
+            string					indent,
+            bool					verbose,
+            DerApplicationSpecific	app)
+        {
+            StringBuilder buf = new StringBuilder();
+
+            if (app.IsConstructed())
+            {
+                try
+                {
+                    Asn1Sequence s = Asn1Sequence.GetInstance(app.GetObject(Asn1Tags.Sequence));
+                    buf.Append(indent + type + " ApplicationSpecific[" + app.ApplicationTag + "]" + NewLine);
+                    foreach (Asn1Encodable ae in s)
+                    {
+                        AsString(indent + Tab, verbose, ae.ToAsn1Object(), buf);
+                    }
+                }
+                catch (IOException e)
+                {
+                    buf.Append(e);
+                }
+                return buf.ToString();
+            }
+
+            return indent + type + " ApplicationSpecific[" + app.ApplicationTag + "] ("
+                + Hex.ToHexString(app.GetContents()) + ")" + NewLine;
+        }
+
+        [Obsolete("Use version accepting Asn1Encodable")]
+        public static string DumpAsString(
+            object   obj)
+        {
+            if (obj is Asn1Encodable)
+            {
+                StringBuilder buf = new StringBuilder();
+                AsString("", false, ((Asn1Encodable)obj).ToAsn1Object(), buf);
+                return buf.ToString();
+            }
+
+            return "unknown object type " + obj.ToString();
+        }
+
+        /**
+         * dump out a DER object as a formatted string, in non-verbose mode
+         *
+         * @param obj the Asn1Encodable to be dumped out.
+         * @return  the resulting string.
+         */
+        public static string DumpAsString(
+            Asn1Encodable obj)
+        {
+            return DumpAsString(obj, false);
+        }
+
+        /**
+         * Dump out the object as a string
+         *
+         * @param obj the Asn1Encodable to be dumped out.
+         * @param verbose  if true, dump out the contents of octet and bit strings.
+         * @return  the resulting string.
+         */
+        public static string DumpAsString(
+            Asn1Encodable	obj,
+            bool			verbose)
+        {
+            StringBuilder buf = new StringBuilder();
+            AsString("", verbose, obj.ToAsn1Object(), buf);
+            return buf.ToString();
+        }
+
+        private static string dumpBinaryDataAsString(string indent, byte[] bytes)
+        {
+            indent += Tab;
+
+            StringBuilder buf = new StringBuilder(NewLine);
+
+            for (int i = 0; i < bytes.Length; i += SampleSize)
+            {
+                if (bytes.Length - i > SampleSize)
+                {
+                    buf.Append(indent);
+                    buf.Append(Hex.ToHexString(bytes, i, SampleSize));
+                    buf.Append(Tab);
+                    buf.Append(calculateAscString(bytes, i, SampleSize));
+                    buf.Append(NewLine);
+                }
+                else
+                {
+                    buf.Append(indent);
+                    buf.Append(Hex.ToHexString(bytes, i, bytes.Length - i));
+                    for (int j = bytes.Length - i; j != SampleSize; j++)
+                    {
+                        buf.Append("  ");
+                    }
+                    buf.Append(Tab);
+                    buf.Append(calculateAscString(bytes, i, bytes.Length - i));
+                    buf.Append(NewLine);
+                }
+            }
+
+            return buf.ToString();
+        }
+
+        private static string calculateAscString(
+            byte[]	bytes,
+            int		off,
+            int		len)
+        {
+            StringBuilder buf = new StringBuilder();
+
+            for (int i = off; i != off + len; i++)
+            {
+                char c = (char)bytes[i]; 
+                if (c >= ' ' && c <= '~')
+                {
+                    buf.Append(c);
+                }
+            }
+
+            return buf.ToString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/util/Dump.cs b/bc-sharp-crypto/src/asn1/util/Dump.cs
new file mode 100644
index 0000000..6025c72
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/util/Dump.cs
@@ -0,0 +1,31 @@
+#if !PORTABLE
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Utilities
+{
+    public sealed class Dump
+    {
+        private Dump()
+        {
+        }
+
+        /*        public static void Main(string[] args)
+                {
+                    FileStream fIn = File.OpenRead(args[0]);
+                    Asn1InputStream bIn = new Asn1InputStream(fIn);
+
+                    Asn1Object obj;
+                    while ((obj = bIn.ReadObject()) != null)
+                    {
+                        Console.WriteLine(Asn1Dump.DumpAsString(obj));
+                    }
+
+                    Platform.Dispose(bIn);
+                }
+        */
+    }
+}
+#endif
diff --git a/bc-sharp-crypto/src/asn1/util/FilterStream.cs b/bc-sharp-crypto/src/asn1/util/FilterStream.cs
new file mode 100644
index 0000000..0c38c5b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/util/FilterStream.cs
@@ -0,0 +1,83 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Utilities
+{
+    [Obsolete("Use Org.BouncyCastle.Utilities.IO.FilterStream")]
+    public class FilterStream : Stream
+    {
+        [Obsolete("Use Org.BouncyCastle.Utilities.IO.FilterStream")]
+        public FilterStream(Stream s)
+        {
+            this.s = s;
+        }
+        public override bool CanRead
+        {
+            get { return s.CanRead; }
+        }
+        public override bool CanSeek
+        {
+            get { return s.CanSeek; }
+        }
+        public override bool CanWrite
+        {
+            get { return s.CanWrite; }
+        }
+        public override long Length
+        {
+            get { return s.Length; }
+        }
+        public override long Position
+        {
+            get { return s.Position; }
+            set { s.Position = value; }
+        }
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(s);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            Platform.Dispose(s);
+            base.Close();
+        }
+#endif
+        public override void Flush()
+        {
+            s.Flush();
+        }
+        public override long Seek(long offset, SeekOrigin origin)
+        {
+            return s.Seek(offset, origin);
+        }
+        public override void SetLength(long value)
+        {
+            s.SetLength(value);
+        }
+        public override int Read(byte[] buffer, int offset, int count)
+        {
+            return s.Read(buffer, offset, count);
+        }
+        public override int ReadByte()
+        {
+            return s.ReadByte();
+        }
+        public override void Write(byte[] buffer, int offset, int count)
+        {
+            s.Write(buffer, offset, count);
+        }
+        public override void WriteByte(byte value)
+        {
+            s.WriteByte(value);
+        }
+        protected readonly Stream s;
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x500/DirectoryString.cs b/bc-sharp-crypto/src/asn1/x500/DirectoryString.cs
new file mode 100644
index 0000000..d907c64
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x500/DirectoryString.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X500
+{
+	public class DirectoryString
+		: Asn1Encodable, IAsn1Choice, IAsn1String
+	{
+		private readonly DerStringBase str;
+
+		public static DirectoryString GetInstance(
+			object obj)
+		{
+			if (obj is DirectoryString)
+			{
+				return (DirectoryString) obj;
+			}
+
+			if (obj is DerStringBase)
+			{
+				if (obj is DerT61String
+					|| obj is DerPrintableString
+					|| obj is DerUniversalString
+					|| obj is DerUtf8String
+					|| obj is DerBmpString)
+				{
+					return new DirectoryString((DerStringBase) obj);
+				}
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static DirectoryString GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			if (!isExplicit)
+				throw new ArgumentException("choice item must be explicitly tagged");
+
+			return GetInstance(obj.GetObject());
+		}
+
+		private DirectoryString(
+			DerStringBase str)
+		{
+			this.str = str;
+		}
+
+		public DirectoryString(
+			string str)
+		{
+			this.str = new DerUtf8String(str);
+		}
+
+		public string GetString()
+		{
+			return str.GetString();
+		}
+
+		/**
+		 * <pre>
+		 *  DirectoryString ::= CHOICE {
+		 *    teletexString               TeletexString (SIZE (1..MAX)),
+		 *    printableString             PrintableString (SIZE (1..MAX)),
+		 *    universalString             UniversalString (SIZE (1..MAX)),
+		 *    utf8String                  UTF8String (SIZE (1..MAX)),
+		 *    bmpString                   BMPString (SIZE (1..MAX))  }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return str.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AccessDescription.cs b/bc-sharp-crypto/src/asn1/x509/AccessDescription.cs
new file mode 100644
index 0000000..47374be
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AccessDescription.cs
@@ -0,0 +1,85 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * The AccessDescription object.
+	 * <pre>
+	 * AccessDescription  ::=  SEQUENCE {
+	 *       accessMethod          OBJECT IDENTIFIER,
+	 *       accessLocation        GeneralName  }
+	 * </pre>
+	 */
+	public class AccessDescription
+		: Asn1Encodable
+	{
+		public readonly static DerObjectIdentifier IdADCAIssuers = new DerObjectIdentifier("1.3.6.1.5.5.7.48.2");
+		public readonly static DerObjectIdentifier IdADOcsp = new DerObjectIdentifier("1.3.6.1.5.5.7.48.1");
+
+		private readonly DerObjectIdentifier accessMethod;
+		private readonly GeneralName accessLocation;
+
+		public static AccessDescription GetInstance(
+			object obj)
+		{
+			if (obj is AccessDescription)
+				return (AccessDescription) obj;
+
+			if (obj is Asn1Sequence)
+				return new AccessDescription((Asn1Sequence) obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private AccessDescription(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("wrong number of elements in sequence");
+
+			accessMethod = DerObjectIdentifier.GetInstance(seq[0]);
+			accessLocation = GeneralName.GetInstance(seq[1]);
+		}
+
+		/**
+		 * create an AccessDescription with the oid and location provided.
+		 */
+		public AccessDescription(
+			DerObjectIdentifier	oid,
+			GeneralName			location)
+		{
+			accessMethod = oid;
+			accessLocation = location;
+		}
+
+		/**
+		 *
+		 * @return the access method.
+		 */
+		public DerObjectIdentifier AccessMethod
+		{
+			get { return accessMethod; }
+		}
+
+		/**
+		 *
+		 * @return the access location
+		 */
+		public GeneralName AccessLocation
+		{
+			get { return accessLocation; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(accessMethod, accessLocation);
+		}
+
+		public override string ToString()
+		{
+			return "AccessDescription: Oid(" + this.accessMethod.Id + ")";
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AlgorithmIdentifier.cs b/bc-sharp-crypto/src/asn1/x509/AlgorithmIdentifier.cs
new file mode 100644
index 0000000..00e7ad8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AlgorithmIdentifier.cs
@@ -0,0 +1,96 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AlgorithmIdentifier
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	algorithm;
+        private readonly Asn1Encodable			parameters;
+
+        public static AlgorithmIdentifier GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static AlgorithmIdentifier GetInstance(
+            object obj)
+        {
+            if (obj == null)
+                return null;
+            if (obj is AlgorithmIdentifier)
+                return (AlgorithmIdentifier)obj;
+            return new AlgorithmIdentifier(Asn1Sequence.GetInstance(obj));
+        }
+
+        public AlgorithmIdentifier(
+            DerObjectIdentifier algorithm)
+        {
+            this.algorithm = algorithm;
+        }
+
+        [Obsolete("Use version taking a DerObjectIdentifier")]
+        public AlgorithmIdentifier(
+            string algorithm)
+        {
+            this.algorithm = new DerObjectIdentifier(algorithm);
+        }
+
+        public AlgorithmIdentifier(
+            DerObjectIdentifier algorithm,
+            Asn1Encodable		parameters)
+        {
+            this.algorithm = algorithm;
+            this.parameters = parameters;
+        }
+
+        internal AlgorithmIdentifier(
+            Asn1Sequence seq)
+        {
+            if (seq.Count < 1 || seq.Count > 2)
+                throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+            this.algorithm = DerObjectIdentifier.GetInstance(seq[0]);
+            this.parameters = seq.Count < 2 ? null : seq[1];
+        }
+
+        /// <summary>
+        /// Return the OID in the Algorithm entry of this identifier.
+        /// </summary>
+		public virtual DerObjectIdentifier Algorithm
+		{
+			get { return algorithm; }
+		}
+
+        [Obsolete("Use 'Algorithm' property instead")]
+        public virtual DerObjectIdentifier ObjectID
+        {
+            get { return algorithm; }
+        }
+
+        /// <summary>
+        /// Return the parameters structure in the Parameters entry of this identifier.
+        /// </summary>
+        public virtual Asn1Encodable Parameters
+        {
+            get { return parameters; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *      AlgorithmIdentifier ::= Sequence {
+         *                            algorithm OBJECT IDENTIFIER,
+         *                            parameters ANY DEFINED BY algorithm OPTIONAL }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(algorithm);
+            v.AddOptional(parameters);
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AttCertIssuer.cs b/bc-sharp-crypto/src/asn1/x509/AttCertIssuer.cs
new file mode 100644
index 0000000..407c4ae
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AttCertIssuer.cs
@@ -0,0 +1,86 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttCertIssuer
+        : Asn1Encodable, IAsn1Choice
+    {
+        internal readonly Asn1Encodable	obj;
+        internal readonly Asn1Object	choiceObj;
+
+		public static AttCertIssuer GetInstance(
+			object obj)
+		{
+			if (obj is AttCertIssuer)
+			{
+				return (AttCertIssuer)obj;
+			}
+			else if (obj is V2Form)
+			{
+				return new AttCertIssuer(V2Form.GetInstance(obj));
+			}
+			else if (obj is GeneralNames)
+			{
+				return new AttCertIssuer((GeneralNames)obj);
+			}
+			else if (obj is Asn1TaggedObject)
+			{
+				return new AttCertIssuer(V2Form.GetInstance((Asn1TaggedObject)obj, false));
+			}
+			else if (obj is Asn1Sequence)
+			{
+				return new AttCertIssuer(GeneralNames.GetInstance(obj));
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static AttCertIssuer GetInstance(
+			Asn1TaggedObject	obj,
+			bool				isExplicit)
+		{
+			return GetInstance(obj.GetObject()); // must be explictly tagged
+		}
+
+		/// <summary>
+		/// Don't use this one if you are trying to be RFC 3281 compliant.
+		/// Use it for v1 attribute certificates only.
+		/// </summary>
+		/// <param name="names">Our GeneralNames structure</param>
+		public AttCertIssuer(
+			GeneralNames names)
+		{
+			obj = names;
+			choiceObj = obj.ToAsn1Object();
+		}
+
+		public AttCertIssuer(
+            V2Form v2Form)
+        {
+            obj = v2Form;
+            choiceObj = new DerTaggedObject(false, 0, obj);
+        }
+
+		public Asn1Encodable Issuer
+		{
+			get { return obj; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  AttCertIssuer ::= CHOICE {
+         *       v1Form   GeneralNames,  -- MUST NOT be used in this
+         *                               -- profile
+         *       v2Form   [0] V2Form     -- v2 only
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return choiceObj;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AttCertValidityPeriod.cs b/bc-sharp-crypto/src/asn1/x509/AttCertValidityPeriod.cs
new file mode 100644
index 0000000..d31e074
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AttCertValidityPeriod.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttCertValidityPeriod
+        : Asn1Encodable
+    {
+        private readonly DerGeneralizedTime	notBeforeTime;
+        private readonly DerGeneralizedTime	notAfterTime;
+
+		public static AttCertValidityPeriod GetInstance(
+            object obj)
+        {
+            if (obj is AttCertValidityPeriod || obj == null)
+            {
+                return (AttCertValidityPeriod) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new AttCertValidityPeriod((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static AttCertValidityPeriod GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		private AttCertValidityPeriod(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			notBeforeTime = DerGeneralizedTime.GetInstance(seq[0]);
+			notAfterTime = DerGeneralizedTime.GetInstance(seq[1]);
+        }
+
+		public AttCertValidityPeriod(
+            DerGeneralizedTime	notBeforeTime,
+            DerGeneralizedTime	notAfterTime)
+        {
+            this.notBeforeTime = notBeforeTime;
+            this.notAfterTime = notAfterTime;
+        }
+
+		public DerGeneralizedTime NotBeforeTime
+		{
+			get { return notBeforeTime; }
+		}
+
+		public DerGeneralizedTime NotAfterTime
+		{
+			get { return notAfterTime; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  AttCertValidityPeriod  ::= Sequence {
+         *       notBeforeTime  GeneralizedTime,
+         *       notAfterTime   GeneralizedTime
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(notBeforeTime, notAfterTime);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/Attribute.cs b/bc-sharp-crypto/src/asn1/x509/Attribute.cs
new file mode 100644
index 0000000..da59b42
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/Attribute.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttributeX509
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	attrType;
+        private readonly Asn1Set				attrValues;
+
+		/**
+         * return an Attr object from the given object.
+         *
+         * @param o the object we want converted.
+         * @exception ArgumentException if the object cannot be converted.
+         */
+        public static AttributeX509 GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is AttributeX509)
+            {
+                return (AttributeX509) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new AttributeX509((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private AttributeX509(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			attrType = DerObjectIdentifier.GetInstance(seq[0]);
+			attrValues = Asn1Set.GetInstance(seq[1]);
+        }
+
+		public AttributeX509(
+            DerObjectIdentifier	attrType,
+            Asn1Set				attrValues)
+        {
+            this.attrType = attrType;
+            this.attrValues = attrValues;
+        }
+
+		public DerObjectIdentifier AttrType
+		{
+			get { return attrType; }
+		}
+
+		public Asn1Encodable[] GetAttributeValues()
+		{
+			return attrValues.ToArray();
+		}
+
+		public Asn1Set AttrValues
+		{
+			get { return attrValues; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Attr ::= Sequence {
+         *     attrType OBJECT IDENTIFIER,
+         *     attrValues Set OF AttributeValue
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(attrType, attrValues);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AttributeCertificate.cs b/bc-sharp-crypto/src/asn1/x509/AttributeCertificate.cs
new file mode 100644
index 0000000..41893b6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AttributeCertificate.cs
@@ -0,0 +1,86 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttributeCertificate
+        : Asn1Encodable
+    {
+        private readonly AttributeCertificateInfo	acinfo;
+        private readonly AlgorithmIdentifier		signatureAlgorithm;
+        private readonly DerBitString				signatureValue;
+
+		/**
+         * @param obj
+         * @return
+         */
+        public static AttributeCertificate GetInstance(
+			object obj)
+        {
+            if (obj is AttributeCertificate)
+                return (AttributeCertificate) obj;
+
+			if (obj != null)
+				return new AttributeCertificate(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		public AttributeCertificate(
+            AttributeCertificateInfo	acinfo,
+            AlgorithmIdentifier			signatureAlgorithm,
+            DerBitString				signatureValue)
+        {
+            this.acinfo = acinfo;
+            this.signatureAlgorithm = signatureAlgorithm;
+            this.signatureValue = signatureValue;
+        }
+
+		private AttributeCertificate(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			this.acinfo = AttributeCertificateInfo.GetInstance(seq[0]);
+            this.signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+            this.signatureValue = DerBitString.GetInstance(seq[2]);
+        }
+
+		public AttributeCertificateInfo ACInfo
+		{
+			get { return acinfo; }
+		}
+
+		public AlgorithmIdentifier SignatureAlgorithm
+		{
+			get { return signatureAlgorithm; }
+		}
+
+		public DerBitString SignatureValue
+		{
+			get { return signatureValue; }
+		}
+
+        public byte[] GetSignatureOctets()
+        {
+            return signatureValue.GetOctets();
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  AttributeCertificate ::= Sequence {
+         *       acinfo               AttributeCertificateInfo,
+         *       signatureAlgorithm   AlgorithmIdentifier,
+         *       signatureValue       BIT STRING
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(acinfo, signatureAlgorithm, signatureValue);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AttributeCertificateInfo.cs b/bc-sharp-crypto/src/asn1/x509/AttributeCertificateInfo.cs
new file mode 100644
index 0000000..526f8e6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AttributeCertificateInfo.cs
@@ -0,0 +1,156 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttributeCertificateInfo
+        : Asn1Encodable
+    {
+        internal readonly DerInteger			version;
+        internal readonly Holder				holder;
+        internal readonly AttCertIssuer			issuer;
+        internal readonly AlgorithmIdentifier	signature;
+        internal readonly DerInteger			serialNumber;
+        internal readonly AttCertValidityPeriod	attrCertValidityPeriod;
+        internal readonly Asn1Sequence			attributes;
+        internal readonly DerBitString			issuerUniqueID;
+        internal readonly X509Extensions		extensions;
+
+		public static AttributeCertificateInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+		public static AttributeCertificateInfo GetInstance(
+            object obj)
+        {
+            if (obj is AttributeCertificateInfo)
+            {
+                return (AttributeCertificateInfo) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new AttributeCertificateInfo((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private AttributeCertificateInfo(
+            Asn1Sequence seq)
+        {
+			if (seq.Count < 7 || seq.Count > 9)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			this.version = DerInteger.GetInstance(seq[0]);
+            this.holder = Holder.GetInstance(seq[1]);
+            this.issuer = AttCertIssuer.GetInstance(seq[2]);
+            this.signature = AlgorithmIdentifier.GetInstance(seq[3]);
+            this.serialNumber = DerInteger.GetInstance(seq[4]);
+            this.attrCertValidityPeriod = AttCertValidityPeriod.GetInstance(seq[5]);
+            this.attributes = Asn1Sequence.GetInstance(seq[6]);
+
+			for (int i = 7; i < seq.Count; i++)
+            {
+                Asn1Encodable obj = (Asn1Encodable) seq[i];
+
+				if (obj is DerBitString)
+                {
+                    this.issuerUniqueID = DerBitString.GetInstance(seq[i]);
+                }
+                else if (obj is Asn1Sequence || obj is X509Extensions)
+                {
+                    this.extensions = X509Extensions.GetInstance(seq[i]);
+                }
+            }
+        }
+
+		public DerInteger Version
+		{
+			get { return version; }
+		}
+
+		public Holder Holder
+		{
+			get { return holder; }
+		}
+
+		public AttCertIssuer Issuer
+		{
+			get { return issuer; }
+		}
+
+		public AlgorithmIdentifier Signature
+		{
+			get { return signature; }
+		}
+
+		public DerInteger SerialNumber
+		{
+			get { return serialNumber; }
+		}
+
+		public AttCertValidityPeriod AttrCertValidityPeriod
+		{
+			get { return attrCertValidityPeriod; }
+		}
+
+		public Asn1Sequence Attributes
+		{
+			get { return attributes; }
+		}
+
+		public DerBitString IssuerUniqueID
+		{
+			get { return issuerUniqueID; }
+		}
+
+		public X509Extensions Extensions
+		{
+			get { return extensions; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  AttributeCertificateInfo ::= Sequence {
+         *       version              AttCertVersion -- version is v2,
+         *       holder               Holder,
+         *       issuer               AttCertIssuer,
+         *       signature            AlgorithmIdentifier,
+         *       serialNumber         CertificateSerialNumber,
+         *       attrCertValidityPeriod   AttCertValidityPeriod,
+         *       attributes           Sequence OF Attr,
+         *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+         *       extensions           Extensions OPTIONAL
+         *  }
+         *
+         *  AttCertVersion ::= Integer { v2(1) }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+				version, holder, issuer, signature, serialNumber,
+				attrCertValidityPeriod, attributes);
+
+			if (issuerUniqueID != null)
+            {
+                v.Add(issuerUniqueID);
+            }
+
+			if (extensions != null)
+            {
+                v.Add(extensions);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AttributeTable.cs b/bc-sharp-crypto/src/asn1/x509/AttributeTable.cs
new file mode 100644
index 0000000..33faad6
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AttributeTable.cs
@@ -0,0 +1,73 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class AttributeTable
+    {
+        private readonly IDictionary attributes;
+
+        public AttributeTable(
+            IDictionary attrs)
+        {
+            this.attributes = Platform.CreateHashtable(attrs);
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public AttributeTable(
+            Hashtable attrs)
+        {
+            this.attributes = Platform.CreateHashtable(attrs);
+        }
+#endif
+
+		public AttributeTable(
+            Asn1EncodableVector v)
+        {
+            this.attributes = Platform.CreateHashtable(v.Count);
+
+			for (int i = 0; i != v.Count; i++)
+            {
+                AttributeX509 a = AttributeX509.GetInstance(v[i]);
+
+				attributes.Add(a.AttrType, a);
+            }
+        }
+
+		public AttributeTable(
+            Asn1Set s)
+        {
+            this.attributes = Platform.CreateHashtable(s.Count);
+
+			for (int i = 0; i != s.Count; i++)
+            {
+                AttributeX509 a = AttributeX509.GetInstance(s[i]);
+
+				attributes.Add(a.AttrType, a);
+            }
+        }
+
+		public AttributeX509 Get(
+            DerObjectIdentifier oid)
+        {
+            return (AttributeX509) attributes[oid];
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete("Use 'ToDictionary' instead")]
+		public Hashtable ToHashtable()
+        {
+            return new Hashtable(attributes);
+        }
+#endif
+
+        public IDictionary ToDictionary()
+        {
+            return Platform.CreateHashtable(attributes);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AuthorityInformationAccess.cs b/bc-sharp-crypto/src/asn1/x509/AuthorityInformationAccess.cs
new file mode 100644
index 0000000..9329e2b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AuthorityInformationAccess.cs
@@ -0,0 +1,98 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The AuthorityInformationAccess object.
+     * <pre>
+     * id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
+     *
+     * AuthorityInfoAccessSyntax  ::=
+     *      Sequence SIZE (1..MAX) OF AccessDescription
+     * AccessDescription  ::=  Sequence {
+     *       accessMethod          OBJECT IDENTIFIER,
+     *       accessLocation        GeneralName  }
+     *
+     * id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
+     * id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
+     * id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
+     * </pre>
+     */
+    public class AuthorityInformationAccess
+        : Asn1Encodable
+    {
+        private readonly AccessDescription[] descriptions;
+
+        public static AuthorityInformationAccess GetInstance(object obj)
+        {
+            if (obj is AuthorityInformationAccess)
+                return (AuthorityInformationAccess)obj;
+            if (obj == null)
+                return null;
+            return new AuthorityInformationAccess(Asn1Sequence.GetInstance(obj));
+        }
+
+        private AuthorityInformationAccess(
+            Asn1Sequence seq)
+        {
+            if (seq.Count < 1)
+                throw new ArgumentException("sequence may not be empty");
+
+            this.descriptions = new AccessDescription[seq.Count];
+
+            for (int i = 0; i < seq.Count; ++i)
+            {
+                descriptions[i] = AccessDescription.GetInstance(seq[i]);
+            }
+        }
+
+        public AuthorityInformationAccess(
+            AccessDescription description)
+        {
+            this.descriptions = new AccessDescription[]{ description };
+        }
+
+        /**
+         * create an AuthorityInformationAccess with the oid and location provided.
+         */
+        public AuthorityInformationAccess(DerObjectIdentifier oid, GeneralName location)
+            : this(new AccessDescription(oid, location))
+        {
+        }
+
+        public AccessDescription[] GetAccessDescriptions()
+        {
+            return (AccessDescription[])descriptions.Clone();
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(descriptions);
+        }
+
+        public override string ToString()
+        {
+            //return "AuthorityInformationAccess: Oid(" + this.descriptions[0].AccessMethod.Id + ")";
+
+            StringBuilder buf = new StringBuilder();
+            string sep = Platform.NewLine;
+
+            buf.Append("AuthorityInformationAccess:");
+            buf.Append(sep);
+
+            foreach (AccessDescription description in descriptions)
+            {
+                buf.Append("    ");
+                buf.Append(description);
+                buf.Append(sep);
+            }
+
+            return buf.ToString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/AuthorityKeyIdentifier.cs b/bc-sharp-crypto/src/asn1/x509/AuthorityKeyIdentifier.cs
new file mode 100644
index 0000000..d5a9048
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/AuthorityKeyIdentifier.cs
@@ -0,0 +1,211 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The AuthorityKeyIdentifier object.
+     * <pre>
+     * id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
+     *
+     *   AuthorityKeyIdentifier ::= Sequence {
+     *      keyIdentifier             [0] IMPLICIT KeyIdentifier           OPTIONAL,
+     *      authorityCertIssuer       [1] IMPLICIT GeneralNames            OPTIONAL,
+     *      authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL  }
+     *
+     *   KeyIdentifier ::= OCTET STRING
+     * </pre>
+     *
+     */
+    public class AuthorityKeyIdentifier
+        : Asn1Encodable
+    {
+        internal readonly Asn1OctetString	keyidentifier;
+        internal readonly GeneralNames		certissuer;
+        internal readonly DerInteger		certserno;
+
+		public static AuthorityKeyIdentifier GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static AuthorityKeyIdentifier GetInstance(
+            object obj)
+        {
+            if (obj is AuthorityKeyIdentifier)
+            {
+                return (AuthorityKeyIdentifier) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new AuthorityKeyIdentifier((Asn1Sequence) obj);
+            }
+
+	        if (obj is X509Extension)
+			{
+				return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		protected internal AuthorityKeyIdentifier(
+            Asn1Sequence seq)
+        {
+			foreach (Asn1TaggedObject o in seq)
+			{
+				switch (o.TagNo)
+                {
+					case 0:
+						this.keyidentifier = Asn1OctetString.GetInstance(o, false);
+						break;
+					case 1:
+						this.certissuer = GeneralNames.GetInstance(o, false);
+						break;
+					case 2:
+						this.certserno = DerInteger.GetInstance(o, false);
+						break;
+					default:
+						throw new ArgumentException("illegal tag");
+                }
+            }
+        }
+
+		/**
+         *
+         * Calulates the keyidentifier using a SHA1 hash over the BIT STRING
+         * from SubjectPublicKeyInfo as defined in RFC2459.
+         *
+         * Example of making a AuthorityKeyIdentifier:
+         * <pre>
+	     *   SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
+		 *       publicKey.getEncoded()).readObject());
+         *   AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki);
+         * </pre>
+         *
+         **/
+        public AuthorityKeyIdentifier(
+            SubjectPublicKeyInfo spki)
+        {
+            IDigest digest = new Sha1Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			byte[] bytes = spki.PublicKeyData.GetBytes();
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            digest.DoFinal(resBuf, 0);
+            this.keyidentifier = new DerOctetString(resBuf);
+        }
+
+        /**
+         * create an AuthorityKeyIdentifier with the GeneralNames tag and
+         * the serial number provided as well.
+         */
+        public AuthorityKeyIdentifier(
+            SubjectPublicKeyInfo	spki,
+            GeneralNames			name,
+            BigInteger				serialNumber)
+        {
+            IDigest digest = new Sha1Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			byte[] bytes = spki.PublicKeyData.GetBytes();
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            digest.DoFinal(resBuf, 0);
+
+			this.keyidentifier = new DerOctetString(resBuf);
+            this.certissuer = name;
+            this.certserno = new DerInteger(serialNumber);
+        }
+
+		/**
+		 * create an AuthorityKeyIdentifier with the GeneralNames tag and
+		 * the serial number provided.
+		 */
+		public AuthorityKeyIdentifier(
+			GeneralNames	name,
+			BigInteger		serialNumber)
+		{
+			this.keyidentifier = null;
+			this.certissuer = GeneralNames.GetInstance(name.ToAsn1Object());
+			this.certserno = new DerInteger(serialNumber);
+		}
+
+		/**
+		 * create an AuthorityKeyIdentifier with a precomputed key identifier
+		 */
+		public AuthorityKeyIdentifier(
+			byte[] keyIdentifier)
+		{
+			this.keyidentifier = new DerOctetString(keyIdentifier);
+			this.certissuer = null;
+			this.certserno = null;
+		}
+
+		/**
+		 * create an AuthorityKeyIdentifier with a precomupted key identifier
+		 * and the GeneralNames tag and the serial number provided as well.
+		 */
+		public AuthorityKeyIdentifier(
+			byte[]			keyIdentifier,
+			GeneralNames	name,
+			BigInteger		serialNumber)
+		{
+			this.keyidentifier = new DerOctetString(keyIdentifier);
+			this.certissuer = GeneralNames.GetInstance(name.ToAsn1Object());
+			this.certserno = new DerInteger(serialNumber);
+		}
+
+		public byte[] GetKeyIdentifier()
+        {
+			return keyidentifier == null ? null : keyidentifier.GetOctets();
+        }
+
+		public GeneralNames AuthorityCertIssuer
+		{
+			get { return certissuer; }
+		}
+
+		public BigInteger AuthorityCertSerialNumber
+        {
+            get { return certserno == null ? null : certserno.Value; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (keyidentifier != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, keyidentifier));
+            }
+
+			if (certissuer != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, certissuer));
+            }
+
+			if (certserno != null)
+            {
+                v.Add(new DerTaggedObject(false, 2, certserno));
+            }
+
+			return new DerSequence(v);
+        }
+
+		public override string ToString()
+        {
+            return ("AuthorityKeyIdentifier: KeyID(" + this.keyidentifier.GetOctets() + ")");
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/BasicConstraints.cs b/bc-sharp-crypto/src/asn1/x509/BasicConstraints.cs
new file mode 100644
index 0000000..098801f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/BasicConstraints.cs
@@ -0,0 +1,133 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class BasicConstraints
+        : Asn1Encodable
+    {
+        private readonly DerBoolean	cA;
+        private readonly DerInteger	pathLenConstraint;
+
+		public static BasicConstraints GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static BasicConstraints GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is BasicConstraints)
+            {
+                return (BasicConstraints) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new BasicConstraints((Asn1Sequence) obj);
+            }
+
+			if (obj is X509Extension)
+			{
+				return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private BasicConstraints(
+            Asn1Sequence seq)
+        {
+			if (seq.Count > 0)
+			{
+				if (seq[0] is DerBoolean)
+				{
+					this.cA = DerBoolean.GetInstance(seq[0]);
+				}
+				else
+				{
+					this.pathLenConstraint = DerInteger.GetInstance(seq[0]);
+				}
+
+				if (seq.Count > 1)
+				{
+					if (this.cA == null)
+						throw new ArgumentException("wrong sequence in constructor", "seq");
+
+					this.pathLenConstraint = DerInteger.GetInstance(seq[1]);
+				}
+			}
+        }
+
+		public BasicConstraints(
+            bool cA)
+        {
+			if (cA)
+			{
+				this.cA = DerBoolean.True;
+			}
+        }
+
+		/**
+         * create a cA=true object for the given path length constraint.
+         *
+         * @param pathLenConstraint
+         */
+        public BasicConstraints(
+            int pathLenConstraint)
+        {
+            this.cA = DerBoolean.True;
+            this.pathLenConstraint = new DerInteger(pathLenConstraint);
+        }
+
+		public bool IsCA()
+        {
+            return cA != null && cA.IsTrue;
+        }
+
+		public BigInteger PathLenConstraint
+        {
+            get { return pathLenConstraint == null ? null : pathLenConstraint.Value; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * BasicConstraints := Sequence {
+         *    cA                  Boolean DEFAULT FALSE,
+         *    pathLenConstraint   Integer (0..MAX) OPTIONAL
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (cA != null)
+			{
+				v.Add(cA);
+			}
+
+            if (pathLenConstraint != null)  // yes some people actually do this when cA is false...
+            {
+                v.Add(pathLenConstraint);
+            }
+
+			return new DerSequence(v);
+        }
+
+		public override string ToString()
+        {
+            if (pathLenConstraint == null)
+            {
+				return "BasicConstraints: isCa(" + this.IsCA() + ")";
+            }
+
+			return "BasicConstraints: isCa(" + this.IsCA() + "), pathLenConstraint = " + pathLenConstraint.Value;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CRLDistPoint.cs b/bc-sharp-crypto/src/asn1/x509/CRLDistPoint.cs
new file mode 100644
index 0000000..56ba79c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CRLDistPoint.cs
@@ -0,0 +1,93 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class CrlDistPoint
+        : Asn1Encodable
+    {
+        internal readonly Asn1Sequence seq;
+
+		public static CrlDistPoint GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static CrlDistPoint GetInstance(
+            object obj)
+        {
+            if (obj is CrlDistPoint || obj == null)
+            {
+                return (CrlDistPoint) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new CrlDistPoint((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private CrlDistPoint(
+            Asn1Sequence seq)
+        {
+            this.seq = seq;
+        }
+
+		public CrlDistPoint(
+            DistributionPoint[] points)
+        {
+			seq = new DerSequence(points);
+        }
+
+		/**
+         * Return the distribution points making up the sequence.
+         *
+         * @return DistributionPoint[]
+         */
+        public DistributionPoint[] GetDistributionPoints()
+        {
+            DistributionPoint[] dp = new DistributionPoint[seq.Count];
+
+			for (int i = 0; i != seq.Count; ++i)
+            {
+                dp[i] = DistributionPoint.GetInstance(seq[i]);
+            }
+
+			return dp;
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * CrlDistPoint ::= Sequence SIZE {1..MAX} OF DistributionPoint
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			string sep = Platform.NewLine;
+
+			buf.Append("CRLDistPoint:");
+			buf.Append(sep);
+			DistributionPoint[] dp = GetDistributionPoints();
+			for (int i = 0; i != dp.Length; i++)
+			{
+				buf.Append("    ");
+				buf.Append(dp[i]);
+				buf.Append(sep);
+			}
+			return buf.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CRLNumber.cs b/bc-sharp-crypto/src/asn1/x509/CRLNumber.cs
new file mode 100644
index 0000000..d744416
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CRLNumber.cs
@@ -0,0 +1,30 @@
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The CRLNumber object.
+     * <pre>
+     * CRLNumber::= Integer(0..MAX)
+     * </pre>
+     */
+    public class CrlNumber
+        : DerInteger
+    {
+        public CrlNumber(
+			BigInteger number)
+			: base(number)
+        {
+        }
+
+		public BigInteger Number
+		{
+			get { return PositiveValue; }
+		}
+
+		public override string ToString()
+		{
+			return "CRLNumber: " + Number;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CRLReason.cs b/bc-sharp-crypto/src/asn1/x509/CRLReason.cs
new file mode 100644
index 0000000..e8eb53a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CRLReason.cs
@@ -0,0 +1,61 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The CRLReason enumeration.
+     * <pre>
+     * CRLReason ::= Enumerated {
+     *  unspecified             (0),
+     *  keyCompromise           (1),
+     *  cACompromise            (2),
+     *  affiliationChanged      (3),
+     *  superseded              (4),
+     *  cessationOfOperation    (5),
+     *  certificateHold         (6),
+     *  removeFromCRL           (8),
+     *  privilegeWithdrawn      (9),
+     *  aACompromise           (10)
+     * }
+     * </pre>
+     */
+    public class CrlReason
+        : DerEnumerated
+    {
+        public const int Unspecified = 0;
+        public const int KeyCompromise = 1;
+        public const int CACompromise = 2;
+        public const int AffiliationChanged = 3;
+        public const int Superseded = 4;
+        public const int CessationOfOperation  = 5;
+        public const int CertificateHold = 6;
+		// 7 -> Unknown
+        public const int RemoveFromCrl = 8;
+        public const int PrivilegeWithdrawn = 9;
+        public const int AACompromise = 10;
+
+		private static readonly string[] ReasonString = new string[]
+		{
+			"Unspecified", "KeyCompromise", "CACompromise", "AffiliationChanged",
+			"Superseded", "CessationOfOperation", "CertificateHold", "Unknown",
+			"RemoveFromCrl", "PrivilegeWithdrawn", "AACompromise"
+		};
+
+		public CrlReason(
+			int reason)
+			: base(reason)
+        {
+        }
+
+		public CrlReason(
+			DerEnumerated reason)
+			: base(reason.Value.IntValue)
+        {
+        }
+
+		public override string ToString()
+		{
+			int reason = Value.IntValue;
+			string str = (reason < 0 || reason > 10) ? "Invalid" : ReasonString[reason];
+			return "CrlReason: " + str;
+		}    
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CertPolicyId.cs b/bc-sharp-crypto/src/asn1/x509/CertPolicyId.cs
new file mode 100644
index 0000000..11cebcd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CertPolicyId.cs
@@ -0,0 +1,20 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * CertPolicyId, used in the CertificatePolicies and PolicyMappings
+     * X509V3 Extensions.
+     *
+     * <pre>
+     *     CertPolicyId ::= OBJECT IDENTIFIER
+     * </pre>
+     */
+     public class CertPolicyID
+		 : DerObjectIdentifier
+    {
+       public CertPolicyID(
+		   string id)
+		   : base(id)
+       {
+       }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CertificateList.cs b/bc-sharp-crypto/src/asn1/x509/CertificateList.cs
new file mode 100644
index 0000000..567cf13
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CertificateList.cs
@@ -0,0 +1,113 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * PKIX RFC-2459
+     *
+     * The X.509 v2 CRL syntax is as follows.  For signature calculation,
+     * the data that is to be signed is ASN.1 Der encoded.
+     *
+     * <pre>
+     * CertificateList  ::=  Sequence  {
+     *      tbsCertList          TbsCertList,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     * </pre>
+     */
+    public class CertificateList
+        : Asn1Encodable
+    {
+        private readonly TbsCertificateList	tbsCertList;
+        private readonly AlgorithmIdentifier sigAlgID;
+        private readonly DerBitString sig;
+
+		public static CertificateList GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static CertificateList GetInstance(
+            object obj)
+        {
+            if (obj is CertificateList)
+                return (CertificateList) obj;
+
+			if (obj != null)
+				return new CertificateList(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		private CertificateList(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 3)
+				throw new ArgumentException("sequence wrong size for CertificateList", "seq");
+
+			tbsCertList = TbsCertificateList.GetInstance(seq[0]);
+			sigAlgID = AlgorithmIdentifier.GetInstance(seq[1]);
+			sig = DerBitString.GetInstance(seq[2]);
+        }
+
+		public TbsCertificateList TbsCertList
+		{
+			get { return tbsCertList; }
+		}
+
+		public CrlEntry[] GetRevokedCertificates()
+        {
+            return tbsCertList.GetRevokedCertificates();
+        }
+
+		public IEnumerable GetRevokedCertificateEnumeration()
+		{
+			return tbsCertList.GetRevokedCertificateEnumeration();
+		}
+
+		public AlgorithmIdentifier SignatureAlgorithm
+		{
+			get { return sigAlgID; }
+		}
+
+		public DerBitString Signature
+		{
+			get { return sig; }
+		}
+
+        public byte[] GetSignatureOctets()
+        {
+            return sig.GetOctets();
+        }
+
+        public int Version
+		{
+			get { return tbsCertList.Version; }
+		}
+
+		public X509Name Issuer
+		{
+			get { return tbsCertList.Issuer; }
+		}
+
+		public Time ThisUpdate
+		{
+			get { return tbsCertList.ThisUpdate; }
+		}
+
+		public Time NextUpdate
+		{
+			get { return tbsCertList.NextUpdate; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(tbsCertList, sigAlgID, sig);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CertificatePair.cs b/bc-sharp-crypto/src/asn1/x509/CertificatePair.cs
new file mode 100644
index 0000000..da92360
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CertificatePair.cs
@@ -0,0 +1,162 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	* This class helps to support crossCerfificatePairs in a LDAP directory
+	* according RFC 2587
+	*
+	* <pre>
+	*     crossCertificatePairATTRIBUTE::={
+	*       WITH SYNTAX   CertificatePair
+	*       EQUALITY MATCHING RULE certificatePairExactMatch
+	*       ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
+	* </pre>
+	*
+	* <blockquote> The forward elements of the crossCertificatePair attribute of a
+	* CA's directory entry shall be used to store all, except self-issued
+	* certificates issued to this CA. Optionally, the reverse elements of the
+	* crossCertificatePair attribute, of a CA's directory entry may contain a
+	* subset of certificates issued by this CA to other CAs. When both the forward
+	* and the reverse elements are present in a single attribute value, issuer name
+	* in one certificate shall match the subject name in the other and vice versa,
+	* and the subject public key in one certificate shall be capable of verifying
+	* the digital signature on the other certificate and vice versa.
+	*
+	* When a reverse element is present, the forward element value and the reverse
+	* element value need not be stored in the same attribute value; in other words,
+	* they can be stored in either a single attribute value or two attribute
+	* values. </blockquote>
+	*
+	* <pre>
+	*       CertificatePair ::= SEQUENCE {
+	*         forward		[0]	Certificate OPTIONAL,
+	*         reverse		[1]	Certificate OPTIONAL,
+	*         -- at least one of the pair shall be present -- }
+	* </pre>
+	*/
+	public class CertificatePair
+		: Asn1Encodable
+	{
+		private X509CertificateStructure forward, reverse;
+
+		public static CertificatePair GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is CertificatePair)
+			{
+				return (CertificatePair) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new CertificatePair((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type CertificatePair:
+		* <p/>
+		* <pre>
+		*       CertificatePair ::= SEQUENCE {
+		*         forward		[0]	Certificate OPTIONAL,
+		*         reverse		[1]	Certificate OPTIONAL,
+		*         -- at least one of the pair shall be present -- }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private CertificatePair(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 1 && seq.Count != 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+			}
+
+			foreach (object obj in seq)
+			{
+				Asn1TaggedObject o = Asn1TaggedObject.GetInstance(obj);
+				if (o.TagNo == 0)
+				{
+					forward = X509CertificateStructure.GetInstance(o, true);
+				}
+				else if (o.TagNo == 1)
+				{
+					reverse = X509CertificateStructure.GetInstance(o, true);
+				}
+				else
+				{
+					throw new ArgumentException("Bad tag number: " + o.TagNo);
+				}
+			}
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param forward Certificates issued to this CA.
+		* @param reverse Certificates issued by this CA to other CAs.
+		*/
+		public CertificatePair(
+			X509CertificateStructure	forward,
+			X509CertificateStructure	reverse)
+		{
+			this.forward = forward;
+			this.reverse = reverse;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*       CertificatePair ::= SEQUENCE {
+		*         forward		[0]	Certificate OPTIONAL,
+		*         reverse		[1]	Certificate OPTIONAL,
+		*         -- at least one of the pair shall be present -- }
+		* </pre>
+		*
+		* @return a DERObject
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+
+			if (forward != null)
+			{
+				vec.Add(new DerTaggedObject(0, forward));
+			}
+
+			if (reverse != null)
+			{
+				vec.Add(new DerTaggedObject(1, reverse));
+			}
+
+			return new DerSequence(vec);
+		}
+
+		/**
+		* @return Returns the forward.
+		*/
+		public X509CertificateStructure Forward
+		{
+			get { return forward; }
+		}
+
+		/**
+		* @return Returns the reverse.
+		*/
+		public X509CertificateStructure Reverse
+		{
+			get { return reverse; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/CertificatePolicies.cs b/bc-sharp-crypto/src/asn1/x509/CertificatePolicies.cs
new file mode 100644
index 0000000..a83565b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/CertificatePolicies.cs
@@ -0,0 +1,81 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class CertificatePolicies
+        : Asn1Encodable
+    {
+        private readonly PolicyInformation[] policyInformation;
+
+        public static CertificatePolicies GetInstance(object obj)
+        {
+            if (obj == null || obj is CertificatePolicies)
+                return (CertificatePolicies)obj;
+
+            return new CertificatePolicies(Asn1Sequence.GetInstance(obj));
+        }
+
+        public static CertificatePolicies GetInstance(Asn1TaggedObject obj, bool isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+        /**
+         * Construct a CertificatePolicies object containing one PolicyInformation.
+         * 
+         * @param name the name to be contained.
+         */
+        public CertificatePolicies(PolicyInformation name)
+        {
+            this.policyInformation = new PolicyInformation[] { name };
+        }
+
+        public CertificatePolicies(PolicyInformation[] policyInformation)
+        {
+            this.policyInformation = policyInformation;
+        }
+
+        private CertificatePolicies(Asn1Sequence seq)
+        {
+            this.policyInformation = new PolicyInformation[seq.Count];
+
+            for (int i = 0; i < seq.Count; ++i)
+            {
+                policyInformation[i] = PolicyInformation.GetInstance(seq[i]);
+            }
+        }
+
+        public virtual PolicyInformation[] GetPolicyInformation()
+        {
+            return (PolicyInformation[])policyInformation.Clone();
+        }
+
+        /**
+         * Produce an object suitable for an ASN1OutputStream.
+         * <pre>
+         * CertificatePolicies ::= SEQUENCE SIZE {1..MAX} OF PolicyInformation
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(policyInformation);
+        }
+
+        public override string ToString()
+        {
+            StringBuilder sb = new StringBuilder("CertificatePolicies:");
+            if (policyInformation != null && policyInformation.Length > 0)
+            {
+                sb.Append(' ');
+                sb.Append(policyInformation[0]);
+                for (int i = 1; i < policyInformation.Length; ++i)
+                {
+                    sb.Append(", ");
+                    sb.Append(policyInformation[i]);
+                }
+            }
+            return sb.ToString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/DSAParameter.cs b/bc-sharp-crypto/src/asn1/x509/DSAParameter.cs
new file mode 100644
index 0000000..2eb6502
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/DSAParameter.cs
@@ -0,0 +1,78 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class DsaParameter
+        : Asn1Encodable
+    {
+        internal readonly DerInteger p, q, g;
+
+		public static DsaParameter GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static DsaParameter GetInstance(
+            object obj)
+        {
+            if(obj == null || obj is DsaParameter)
+            {
+                return (DsaParameter) obj;
+            }
+
+			if(obj is Asn1Sequence)
+            {
+                return new DsaParameter((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid DsaParameter: " + Platform.GetTypeName(obj));
+        }
+
+		public DsaParameter(
+            BigInteger	p,
+            BigInteger	q,
+            BigInteger	g)
+        {
+            this.p = new DerInteger(p);
+            this.q = new DerInteger(q);
+            this.g = new DerInteger(g);
+        }
+
+		private DsaParameter(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.p = DerInteger.GetInstance(seq[0]);
+			this.q = DerInteger.GetInstance(seq[1]);
+			this.g = DerInteger.GetInstance(seq[2]);
+        }
+
+		public BigInteger P
+		{
+			get { return p.PositiveValue; }
+		}
+
+		public BigInteger Q
+		{
+			get { return q.PositiveValue; }
+		}
+
+		public BigInteger G
+		{
+			get { return g.PositiveValue; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(p, q, g);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/DigestInfo.cs b/bc-sharp-crypto/src/asn1/x509/DigestInfo.cs
new file mode 100644
index 0000000..3ac535e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/DigestInfo.cs
@@ -0,0 +1,78 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The DigestInfo object.
+     * <pre>
+     * DigestInfo::=Sequence{
+     *          digestAlgorithm  AlgorithmIdentifier,
+     *          digest OCTET STRING }
+     * </pre>
+     */
+    public class DigestInfo
+        : Asn1Encodable
+    {
+        private readonly byte[] digest;
+        private readonly AlgorithmIdentifier algID;
+
+		public static DigestInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static DigestInfo GetInstance(
+            object obj)
+        {
+            if (obj is DigestInfo)
+            {
+                return (DigestInfo) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new DigestInfo((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public DigestInfo(
+            AlgorithmIdentifier	algID,
+            byte[]				digest)
+        {
+            this.digest = digest;
+            this.algID = algID;
+        }
+
+		private DigestInfo(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Wrong number of elements in sequence", "seq");
+
+            algID = AlgorithmIdentifier.GetInstance(seq[0]);
+			digest = Asn1OctetString.GetInstance(seq[1]).GetOctets();
+		}
+
+		public AlgorithmIdentifier AlgorithmID
+		{
+			get { return algID; }
+		}
+
+		public byte[] GetDigest()
+        {
+            return digest;
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(algID, new DerOctetString(digest));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/DisplayText.cs b/bc-sharp-crypto/src/asn1/x509/DisplayText.cs
new file mode 100644
index 0000000..39b3c98
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/DisplayText.cs
@@ -0,0 +1,174 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * <code>DisplayText</code> class, used in
+	 * <code>CertificatePolicies</code> X509 V3 extensions (in policy qualifiers).
+	 *
+	 * <p>It stores a string in a chosen encoding.
+	 * <pre>
+	 * DisplayText ::= CHOICE {
+	 *      ia5String        IA5String      (SIZE (1..200)),
+	 *      visibleString    VisibleString  (SIZE (1..200)),
+	 *      bmpString        BMPString      (SIZE (1..200)),
+	 *      utf8String       UTF8String     (SIZE (1..200)) }
+	 * </pre></p>
+	 * @see PolicyQualifierInfo
+	 * @see PolicyInformation
+	 */
+	public class DisplayText
+		: Asn1Encodable, IAsn1Choice
+	{
+		/**
+		 * Constant corresponding to ia5String encoding.
+		 *
+		 */
+		public const int ContentTypeIA5String = 0;
+		/**
+		 * Constant corresponding to bmpString encoding.
+		 *
+		 */
+		public const int ContentTypeBmpString = 1;
+		/**
+		 * Constant corresponding to utf8String encoding.
+		 *
+		 */
+		public const int ContentTypeUtf8String = 2;
+		/**
+		 * Constant corresponding to visibleString encoding.
+		 *
+		 */
+		public const int ContentTypeVisibleString = 3;
+		/**
+		 * Describe constant <code>DisplayTextMaximumSize</code> here.
+		 *
+		 */
+		public const int DisplayTextMaximumSize = 200;
+
+		internal readonly int contentType;
+		internal readonly IAsn1String contents;
+
+		/**
+		 * Creates a new <code>DisplayText</code> instance.
+		 *
+		 * @param type the desired encoding type for the text.
+		 * @param text the text to store. Strings longer than 200
+		 * characters are truncated.
+		 */
+		public DisplayText(
+			int		type,
+			string	text)
+		{
+			if (text.Length > DisplayTextMaximumSize)
+			{
+				// RFC3280 limits these strings to 200 chars
+				// truncate the string
+				text = text.Substring(0, DisplayTextMaximumSize);
+			}
+
+			contentType = type;
+			switch (type)
+			{
+				case ContentTypeIA5String:
+					contents = (IAsn1String)new DerIA5String (text);
+					break;
+				case ContentTypeUtf8String:
+					contents = (IAsn1String)new DerUtf8String(text);
+					break;
+				case ContentTypeVisibleString:
+					contents = (IAsn1String)new DerVisibleString(text);
+					break;
+				case ContentTypeBmpString:
+					contents = (IAsn1String)new DerBmpString(text);
+					break;
+				default:
+					contents = (IAsn1String)new DerUtf8String(text);
+					break;
+			}
+		}
+
+//		/**
+//		 * return true if the passed in string can be represented without
+//		 * loss as a PrintableString, false otherwise.
+//		 */
+//		private bool CanBePrintable(
+//			string str)
+//		{
+//			for (int i = str.Length - 1; i >= 0; i--)
+//			{
+//				if (str[i] > 0x007f)
+//				{
+//					return false;
+//				}
+//			}
+//
+//			return true;
+//		}
+
+		/**
+		 * Creates a new <code>DisplayText</code> instance.
+		 *
+		 * @param text the text to encapsulate. Strings longer than 200
+		 * characters are truncated.
+		 */
+		public DisplayText(
+			string text)
+		{
+			// by default use UTF8String
+			if (text.Length > DisplayTextMaximumSize)
+			{
+				text = text.Substring(0, DisplayTextMaximumSize);
+			}
+
+			contentType = ContentTypeUtf8String;
+			contents = new DerUtf8String(text);
+		}
+
+		/**
+		 * Creates a new <code>DisplayText</code> instance.
+		 * <p>Useful when reading back a <code>DisplayText</code> class
+		 * from it's Asn1Encodable form.</p>
+		 *
+		 * @param contents an <code>Asn1Encodable</code> instance.
+		 */
+		public DisplayText(
+			IAsn1String contents)
+		{
+			this.contents = contents;
+		}
+
+		public static DisplayText GetInstance(
+			object obj)
+		{
+			if (obj is IAsn1String)
+			{
+				return new DisplayText((IAsn1String) obj);
+			}
+
+			if (obj is DisplayText)
+			{
+				return (DisplayText) obj;
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return (Asn1Object) contents;
+		}
+
+		/**
+		 * Returns the stored <code>string</code> object.
+		 *
+		 * @return the stored text as a <code>string</code>.
+		 */
+		public string GetString()
+		{
+			return contents.GetString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/DistributionPoint.cs b/bc-sharp-crypto/src/asn1/x509/DistributionPoint.cs
new file mode 100644
index 0000000..40814c7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/DistributionPoint.cs
@@ -0,0 +1,161 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The DistributionPoint object.
+     * <pre>
+     * DistributionPoint ::= Sequence {
+     *      distributionPoint [0] DistributionPointName OPTIONAL,
+     *      reasons           [1] ReasonFlags OPTIONAL,
+     *      cRLIssuer         [2] GeneralNames OPTIONAL
+     * }
+     * </pre>
+     */
+    public class DistributionPoint
+        : Asn1Encodable
+    {
+        internal readonly DistributionPointName	distributionPoint;
+        internal readonly ReasonFlags			reasons;
+        internal readonly GeneralNames			cRLIssuer;
+
+		public static DistributionPoint GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static DistributionPoint GetInstance(
+            object obj)
+        {
+            if(obj == null || obj is DistributionPoint)
+            {
+                return (DistributionPoint) obj;
+            }
+
+			if(obj is Asn1Sequence)
+            {
+                return new DistributionPoint((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid DistributionPoint: " + Platform.GetTypeName(obj));
+        }
+
+		private DistributionPoint(
+            Asn1Sequence seq)
+        {
+            for (int i = 0; i != seq.Count; i++)
+            {
+				Asn1TaggedObject t = Asn1TaggedObject.GetInstance(seq[i]);
+
+				switch (t.TagNo)
+                {
+                case 0:
+                    distributionPoint = DistributionPointName.GetInstance(t, true);
+                    break;
+                case 1:
+                    reasons = new ReasonFlags(DerBitString.GetInstance(t, false));
+                    break;
+                case 2:
+                    cRLIssuer = GeneralNames.GetInstance(t, false);
+                    break;
+                }
+            }
+        }
+
+		public DistributionPoint(
+            DistributionPointName	distributionPointName,
+            ReasonFlags				reasons,
+            GeneralNames			crlIssuer)
+        {
+            this.distributionPoint = distributionPointName;
+            this.reasons = reasons;
+            this.cRLIssuer = crlIssuer;
+        }
+
+		public DistributionPointName DistributionPointName
+        {
+			get { return distributionPoint; }
+        }
+
+		public ReasonFlags Reasons
+        {
+			get { return reasons; }
+        }
+
+		public GeneralNames CrlIssuer
+        {
+			get { return cRLIssuer; }
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (distributionPoint != null)
+            {
+                //
+                // as this is a CHOICE it must be explicitly tagged
+                //
+                v.Add(new DerTaggedObject(0, distributionPoint));
+            }
+
+			if (reasons != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, reasons));
+            }
+
+			if (cRLIssuer != null)
+            {
+                v.Add(new DerTaggedObject(false, 2, cRLIssuer));
+            }
+
+			return new DerSequence(v);
+        }
+
+		public override string ToString()
+		{
+			string sep = Platform.NewLine;
+			StringBuilder buf = new StringBuilder();
+			buf.Append("DistributionPoint: [");
+			buf.Append(sep);
+			if (distributionPoint != null)
+			{
+				appendObject(buf, sep, "distributionPoint", distributionPoint.ToString());
+			}
+			if (reasons != null)
+			{
+				appendObject(buf, sep, "reasons", reasons.ToString());
+			}
+			if (cRLIssuer != null)
+			{
+				appendObject(buf, sep, "cRLIssuer", cRLIssuer.ToString());
+			}
+			buf.Append("]");
+			buf.Append(sep);
+			return buf.ToString();
+		}
+
+		private void appendObject(
+			StringBuilder	buf,
+			string			sep,
+			string			name,
+			string			val)
+		{
+			string indent = "    ";
+
+			buf.Append(indent);
+			buf.Append(name);
+			buf.Append(":");
+			buf.Append(sep);
+			buf.Append(indent);
+			buf.Append(indent);
+			buf.Append(val);
+			buf.Append(sep);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/DistributionPointName.cs b/bc-sharp-crypto/src/asn1/x509/DistributionPointName.cs
new file mode 100644
index 0000000..43fdaf5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/DistributionPointName.cs
@@ -0,0 +1,130 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The DistributionPointName object.
+     * <pre>
+     * DistributionPointName ::= CHOICE {
+     *     fullName                 [0] GeneralNames,
+     *     nameRelativeToCRLIssuer  [1] RDN
+     * }
+     * </pre>
+     */
+    public class DistributionPointName
+        : Asn1Encodable, IAsn1Choice
+    {
+        internal readonly Asn1Encodable	name;
+        internal readonly int			type;
+
+		public const int FullName					= 0;
+        public const int NameRelativeToCrlIssuer	= 1;
+
+		public static DistributionPointName GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1TaggedObject.GetInstance(obj, true));
+        }
+
+		public static DistributionPointName GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is DistributionPointName)
+            {
+                return (DistributionPointName) obj;
+            }
+
+			if (obj is Asn1TaggedObject)
+            {
+                return new DistributionPointName((Asn1TaggedObject) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+        public DistributionPointName(
+            int				type,
+            Asn1Encodable	name)
+        {
+            this.type = type;
+            this.name = name;
+        }
+
+		public DistributionPointName(
+			GeneralNames name)
+			:	this(FullName, name)
+		{
+		}
+
+		public int PointType
+        {
+			get { return type; }
+        }
+
+		public Asn1Encodable Name
+        {
+			get { return name; }
+        }
+
+		public DistributionPointName(
+            Asn1TaggedObject obj)
+        {
+            this.type = obj.TagNo;
+
+			if (type == FullName)
+            {
+                this.name = GeneralNames.GetInstance(obj, false);
+            }
+            else
+            {
+                this.name = Asn1Set.GetInstance(obj, false);
+            }
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return new DerTaggedObject(false, type, name);
+        }
+
+		public override string ToString()
+		{
+			string sep = Platform.NewLine;
+			StringBuilder buf = new StringBuilder();
+			buf.Append("DistributionPointName: [");
+			buf.Append(sep);
+			if (type == FullName)
+			{
+				appendObject(buf, sep, "fullName", name.ToString());
+			}
+			else
+			{
+				appendObject(buf, sep, "nameRelativeToCRLIssuer", name.ToString());
+			}
+			buf.Append("]");
+			buf.Append(sep);
+			return buf.ToString();
+		}
+
+		private void appendObject(
+			StringBuilder	buf,
+			string			sep,
+			string			name,
+			string			val)
+		{
+			string indent = "    ";
+
+			buf.Append(indent);
+			buf.Append(name);
+			buf.Append(":");
+			buf.Append(sep);
+			buf.Append(indent);
+			buf.Append(indent);
+			buf.Append(val);
+			buf.Append(sep);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/ExtendedKeyUsage.cs b/bc-sharp-crypto/src/asn1/x509/ExtendedKeyUsage.cs
new file mode 100644
index 0000000..8f7e6a3
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/ExtendedKeyUsage.cs
@@ -0,0 +1,132 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The extendedKeyUsage object.
+     * <pre>
+     *      extendedKeyUsage ::= Sequence SIZE (1..MAX) OF KeyPurposeId
+     * </pre>
+     */
+    public class ExtendedKeyUsage
+        : Asn1Encodable
+    {
+        internal readonly IDictionary usageTable = Platform.CreateHashtable();
+        internal readonly Asn1Sequence seq;
+
+        public static ExtendedKeyUsage GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static ExtendedKeyUsage GetInstance(
+            object obj)
+        {
+            if (obj is ExtendedKeyUsage)
+            {
+                return (ExtendedKeyUsage) obj;
+            }
+
+            if (obj is Asn1Sequence)
+            {
+                return new ExtendedKeyUsage((Asn1Sequence) obj);
+            }
+
+            if (obj is X509Extension)
+            {
+                return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+            }
+
+            throw new ArgumentException("Invalid ExtendedKeyUsage: " + Platform.GetTypeName(obj));
+        }
+
+        private ExtendedKeyUsage(
+            Asn1Sequence seq)
+        {
+            this.seq = seq;
+
+            foreach (object o in seq)
+            {
+                if (!(o is DerObjectIdentifier))
+                    throw new ArgumentException("Only DerObjectIdentifier instances allowed in ExtendedKeyUsage.");
+
+                this.usageTable[o] = o;
+            }
+        }
+
+        public ExtendedKeyUsage(
+            params KeyPurposeID[] usages)
+        {
+            this.seq = new DerSequence(usages);
+
+            foreach (KeyPurposeID usage in usages)
+            {
+                this.usageTable[usage] = usage;
+            }
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public ExtendedKeyUsage(
+            ArrayList usages)
+            : this((IEnumerable)usages)
+        {
+        }
+#endif
+
+        public ExtendedKeyUsage(
+            IEnumerable usages)
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            foreach (object usage in usages)
+            {
+                Asn1Encodable o = KeyPurposeID.GetInstance(usage);
+
+                v.Add(o);
+                this.usageTable[o] = o;
+            }
+
+            this.seq = new DerSequence(v);
+        }
+
+        public bool HasKeyPurposeId(
+            KeyPurposeID keyPurposeId)
+        {
+            return usageTable.Contains(keyPurposeId);
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete("Use 'GetAllUsages'")]
+        public ArrayList GetUsages()
+        {
+            return new ArrayList(usageTable.Values);
+        }
+#endif
+
+        /**
+         * Returns all extended key usages.
+         * The returned ArrayList contains DerObjectIdentifier instances.
+         * @return An ArrayList with all key purposes.
+         */
+        public IList GetAllUsages()
+        {
+            return Platform.CreateArrayList(usageTable.Values);
+        }
+
+        public int Count
+        {
+            get { return usageTable.Count; }
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/GeneralName.cs b/bc-sharp-crypto/src/asn1/x509/GeneralName.cs
new file mode 100644
index 0000000..b8794ea
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/GeneralName.cs
@@ -0,0 +1,419 @@
+using System;
+using System.Collections;
+using System.Globalization;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+using NetUtils = Org.BouncyCastle.Utilities.Net;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The GeneralName object.
+     * <pre>
+     * GeneralName ::= CHOICE {
+     *      otherName                       [0]     OtherName,
+     *      rfc822Name                      [1]     IA5String,
+     *      dNSName                         [2]     IA5String,
+     *      x400Address                     [3]     ORAddress,
+     *      directoryName                   [4]     Name,
+     *      ediPartyName                    [5]     EDIPartyName,
+     *      uniformResourceIdentifier       [6]     IA5String,
+     *      iPAddress                       [7]     OCTET STRING,
+     *      registeredID                    [8]     OBJECT IDENTIFIER}
+     *
+     * OtherName ::= Sequence {
+     *      type-id    OBJECT IDENTIFIER,
+     *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+     *
+     * EDIPartyName ::= Sequence {
+     *      nameAssigner            [0]     DirectoryString OPTIONAL,
+     *      partyName               [1]     DirectoryString }
+     * </pre>
+     */
+    public class GeneralName
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int OtherName					= 0;
+        public const int Rfc822Name					= 1;
+        public const int DnsName					= 2;
+        public const int X400Address				= 3;
+        public const int DirectoryName				= 4;
+        public const int EdiPartyName				= 5;
+        public const int UniformResourceIdentifier	= 6;
+        public const int IPAddress					= 7;
+        public const int RegisteredID				= 8;
+
+		internal readonly Asn1Encodable	obj;
+        internal readonly int			tag;
+
+		public GeneralName(
+            X509Name directoryName)
+        {
+            this.obj = directoryName;
+            this.tag = 4;
+        }
+
+		/**
+         * When the subjectAltName extension contains an Internet mail address,
+         * the address MUST be included as an rfc822Name. The format of an
+         * rfc822Name is an "addr-spec" as defined in RFC 822 [RFC 822].
+         *
+         * When the subjectAltName extension contains a domain name service
+         * label, the domain name MUST be stored in the dNSName (an IA5String).
+         * The name MUST be in the "preferred name syntax," as specified by RFC
+         * 1034 [RFC 1034].
+         *
+         * When the subjectAltName extension contains a URI, the name MUST be
+         * stored in the uniformResourceIdentifier (an IA5String). The name MUST
+         * be a non-relative URL, and MUST follow the URL syntax and encoding
+         * rules specified in [RFC 1738].  The name must include both a scheme
+         * (e.g., "http" or "ftp") and a scheme-specific-part.  The scheme-
+         * specific-part must include a fully qualified domain name or IP
+         * address as the host.
+         *
+         * When the subjectAltName extension contains a iPAddress, the address
+         * MUST be stored in the octet string in "network byte order," as
+         * specified in RFC 791 [RFC 791]. The least significant bit (LSB) of
+         * each octet is the LSB of the corresponding byte in the network
+         * address. For IP Version 4, as specified in RFC 791, the octet string
+         * MUST contain exactly four octets.  For IP Version 6, as specified in
+         * RFC 1883, the octet string MUST contain exactly sixteen octets [RFC
+         * 1883].
+         */
+        public GeneralName(
+            Asn1Object	name,
+			int			tag)
+        {
+            this.obj = name;
+            this.tag = tag;
+        }
+
+		public GeneralName(
+            int				tag,
+            Asn1Encodable	name)
+        {
+            this.obj = name;
+            this.tag = tag;
+        }
+
+		/**
+		 * Create a GeneralName for the given tag from the passed in string.
+		 * <p>
+		 * This constructor can handle:
+		 * <ul>
+		 * <li>rfc822Name</li>
+		 * <li>iPAddress</li>
+		 * <li>directoryName</li>
+		 * <li>dNSName</li>
+		 * <li>uniformResourceIdentifier</li>
+		 * <li>registeredID</li>
+		 * </ul>
+		 * For x400Address, otherName and ediPartyName there is no common string
+		 * format defined.
+		 * </p><p>
+		 * Note: A directory name can be encoded in different ways into a byte
+		 * representation. Be aware of this if the byte representation is used for
+		 * comparing results.
+		 * </p>
+		 *
+		 * @param tag tag number
+		 * @param name string representation of name
+		 * @throws ArgumentException if the string encoding is not correct or
+		 *             not supported.
+		 */
+		public GeneralName(
+            int		tag,
+            string	name)
+        {
+			this.tag = tag;
+
+			if (tag == Rfc822Name || tag == DnsName || tag == UniformResourceIdentifier)
+			{
+				this.obj = new DerIA5String(name);
+			}
+			else if (tag == RegisteredID)
+			{
+				this.obj = new DerObjectIdentifier(name);
+			}
+			else if (tag == DirectoryName)
+			{
+				this.obj = new X509Name(name);
+			}
+			else if (tag == IPAddress)
+			{
+				byte[] enc = toGeneralNameEncoding(name);
+				if (enc == null)
+					throw new ArgumentException("IP Address is invalid", "name");
+
+				this.obj = new DerOctetString(enc);
+			}
+			else
+			{
+				throw new ArgumentException("can't process string for tag: " + tag, "tag");
+			}
+		}
+
+		public static GeneralName GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is GeneralName)
+            {
+                return (GeneralName) obj;
+            }
+
+            if (obj is Asn1TaggedObject)
+            {
+                Asn1TaggedObject	tagObj = (Asn1TaggedObject) obj;
+                int					tag = tagObj.TagNo;
+
+				switch (tag)
+				{
+					case OtherName:
+						return new GeneralName(tag, Asn1Sequence.GetInstance(tagObj, false));
+					case Rfc822Name:
+						return new GeneralName(tag, DerIA5String.GetInstance(tagObj, false));
+					case DnsName:
+						return new GeneralName(tag, DerIA5String.GetInstance(tagObj, false));
+					case X400Address:
+						throw new ArgumentException("unknown tag: " + tag);
+					case DirectoryName:
+						return new GeneralName(tag, X509Name.GetInstance(tagObj, true));
+					case EdiPartyName:
+						return new GeneralName(tag, Asn1Sequence.GetInstance(tagObj, false));
+					case UniformResourceIdentifier:
+						return new GeneralName(tag, DerIA5String.GetInstance(tagObj, false));
+					case IPAddress:
+						return new GeneralName(tag, Asn1OctetString.GetInstance(tagObj, false));
+					case RegisteredID:
+						return new GeneralName(tag, DerObjectIdentifier.GetInstance(tagObj, false));
+				}
+	        }
+
+            if (obj is byte[])
+	        {
+	            try
+	            {
+	                return GetInstance(Asn1Object.FromByteArray((byte[])obj));
+	            }
+	            catch (IOException)
+	            {
+	                throw new ArgumentException("unable to parse encoded general name");
+	            }
+	        }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static GeneralName GetInstance(
+            Asn1TaggedObject	tagObj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1TaggedObject.GetInstance(tagObj, true));
+        }
+
+		public int TagNo
+		{
+			get { return tag; }
+		}
+
+		public Asn1Encodable Name
+		{
+			get { return obj; }
+		}
+
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			buf.Append(tag);
+			buf.Append(": ");
+
+			switch (tag)
+			{
+				case Rfc822Name:
+				case DnsName:
+				case UniformResourceIdentifier:
+					buf.Append(DerIA5String.GetInstance(obj).GetString());
+					break;
+				case DirectoryName:
+					buf.Append(X509Name.GetInstance(obj).ToString());
+					break;
+				default:
+					buf.Append(obj.ToString());
+					break;
+			}
+
+			return buf.ToString();
+		}
+
+		private byte[] toGeneralNameEncoding(
+			string ip)
+		{
+			if (NetUtils.IPAddress.IsValidIPv6WithNetmask(ip) || NetUtils.IPAddress.IsValidIPv6(ip))
+			{
+				int slashIndex = ip.IndexOf('/');
+
+				if (slashIndex < 0)
+				{
+					byte[] addr = new byte[16];
+					int[]  parsedIp = parseIPv6(ip);
+					copyInts(parsedIp, addr, 0);
+
+					return addr;
+				}
+				else
+				{
+					byte[] addr = new byte[32];
+					int[]  parsedIp = parseIPv6(ip.Substring(0, slashIndex));
+					copyInts(parsedIp, addr, 0);
+					string mask = ip.Substring(slashIndex + 1);
+					if (mask.IndexOf(':') > 0)
+					{
+						parsedIp = parseIPv6(mask);
+					}
+					else
+					{
+						parsedIp = parseMask(mask);
+					}
+					copyInts(parsedIp, addr, 16);
+
+					return addr;
+				}
+			}
+			else if (NetUtils.IPAddress.IsValidIPv4WithNetmask(ip) || NetUtils.IPAddress.IsValidIPv4(ip))
+			{
+				int slashIndex = ip.IndexOf('/');
+
+				if (slashIndex < 0)
+				{
+					byte[] addr = new byte[4];
+
+					parseIPv4(ip, addr, 0);
+
+					return addr;
+				}
+				else
+				{
+					byte[] addr = new byte[8];
+
+					parseIPv4(ip.Substring(0, slashIndex), addr, 0);
+
+					string mask = ip.Substring(slashIndex + 1);
+					if (mask.IndexOf('.') > 0)
+					{
+						parseIPv4(mask, addr, 4);
+					}
+					else
+					{
+						parseIPv4Mask(mask, addr, 4);
+					}
+
+					return addr;
+				}
+			}
+
+			return null;
+		}
+
+		private void parseIPv4Mask(string mask, byte[] addr, int offset)
+		{
+			int maskVal = Int32.Parse(mask);
+
+			for (int i = 0; i != maskVal; i++)
+			{
+				addr[(i / 8) + offset] |= (byte)(1 << (i % 8));
+			}
+		}
+
+		private void parseIPv4(string ip, byte[] addr, int offset)
+		{
+			foreach (string token in ip.Split('.', '/'))
+			{
+				addr[offset++] = (byte)Int32.Parse(token);
+			}
+		}
+
+		private int[] parseMask(string mask)
+		{
+			int[] res = new int[8];
+			int   maskVal = Int32.Parse(mask);
+
+			for (int i = 0; i != maskVal; i++)
+			{
+				res[i / 16] |= 1 << (i % 16);
+			}
+			return res;
+		}
+
+		private void copyInts(int[] parsedIp, byte[] addr, int offSet)
+		{
+			for (int i = 0; i != parsedIp.Length; i++)
+			{
+				addr[(i * 2) + offSet] = (byte)(parsedIp[i] >> 8);
+				addr[(i * 2 + 1) + offSet] = (byte)parsedIp[i];
+			}
+		}
+
+		private int[] parseIPv6(string ip)
+		{
+			if (Platform.StartsWith(ip, "::"))
+			{
+				ip = ip.Substring(1);
+			}
+			else if (Platform.EndsWith(ip, "::"))
+			{
+				ip = ip.Substring(0, ip.Length - 1);
+			}
+
+			IEnumerator sEnum = ip.Split(':').GetEnumerator();
+
+			int index = 0;
+			int[] val = new int[8];
+
+			int doubleColon = -1;
+
+			while (sEnum.MoveNext())
+			{
+				string e = (string) sEnum.Current;
+
+				if (e.Length == 0)
+				{
+					doubleColon = index;
+					val[index++] = 0;
+				}
+				else
+				{
+					if (e.IndexOf('.') < 0)
+					{
+						val[index++] = Int32.Parse(e, NumberStyles.AllowHexSpecifier);
+					}
+					else
+					{
+						string[] tokens = e.Split('.');
+
+						val[index++] = (Int32.Parse(tokens[0]) << 8) | Int32.Parse(tokens[1]);
+						val[index++] = (Int32.Parse(tokens[2]) << 8) | Int32.Parse(tokens[3]);
+					}
+				}
+			}
+
+			if (index != val.Length)
+			{
+				Array.Copy(val, doubleColon, val, val.Length - (index - doubleColon), index - doubleColon);
+				for (int i = doubleColon; i != val.Length - (index - doubleColon); i++)
+				{
+					val[i] = 0;
+				}
+			}
+
+			return val;
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			// Explicitly tagged if DirectoryName
+			return new DerTaggedObject(tag == DirectoryName, tag, obj);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/GeneralNames.cs b/bc-sharp-crypto/src/asn1/x509/GeneralNames.cs
new file mode 100644
index 0000000..fcd2ecb
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/GeneralNames.cs
@@ -0,0 +1,95 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	public class GeneralNames
+		: Asn1Encodable
+	{
+		private readonly GeneralName[] names;
+
+		public static GeneralNames GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is GeneralNames)
+			{
+				return (GeneralNames) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new GeneralNames((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static GeneralNames GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		/// <summary>Construct a GeneralNames object containing one GeneralName.</summary>
+		/// <param name="name">The name to be contained.</param>
+		public GeneralNames(
+			GeneralName name)
+		{
+			names = new GeneralName[]{ name };
+		}
+
+        public GeneralNames(
+            GeneralName[] names)
+        {
+            this.names = (GeneralName[])names.Clone();
+        }
+
+		private GeneralNames(
+			Asn1Sequence seq)
+		{
+			this.names = new GeneralName[seq.Count];
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				names[i] = GeneralName.GetInstance(seq[i]);
+			}
+		}
+
+		public GeneralName[] GetNames()
+		{
+			return (GeneralName[]) names.Clone();
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * <pre>
+		 * GeneralNames ::= Sequence SIZE {1..MAX} OF GeneralName
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(names);
+		}
+
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			string sep = Platform.NewLine;
+
+			buf.Append("GeneralNames:");
+			buf.Append(sep);
+
+			foreach (GeneralName name in names)
+			{
+				buf.Append("    ");
+				buf.Append(name);
+				buf.Append(sep);
+			}
+
+			return buf.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/GeneralSubtree.cs b/bc-sharp-crypto/src/asn1/x509/GeneralSubtree.cs
new file mode 100644
index 0000000..e918a02
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/GeneralSubtree.cs
@@ -0,0 +1,189 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * Class for containing a restriction object subtrees in NameConstraints. See
+	 * RFC 3280.
+	 *
+	 * <pre>
+	 *
+	 *       GeneralSubtree ::= SEQUENCE
+	 *       {
+	 *         baseName                    GeneralName,
+	 *         minimum         [0]     BaseDistance DEFAULT 0,
+	 *         maximum         [1]     BaseDistance OPTIONAL
+	 *       }
+	 * </pre>
+	 *
+	 * @see org.bouncycastle.asn1.x509.NameConstraints
+	 *
+	 */
+	public class GeneralSubtree
+		: Asn1Encodable
+	{
+		private readonly GeneralName	baseName;
+		private readonly DerInteger		minimum;
+		private readonly DerInteger		maximum;
+
+		private GeneralSubtree(
+			Asn1Sequence seq)
+		{
+			baseName = GeneralName.GetInstance(seq[0]);
+
+			switch (seq.Count)
+			{
+				case 1:
+					break;
+				case 2:
+				{
+					Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[1]);
+					switch (o.TagNo)
+					{
+						case 0:
+							minimum = DerInteger.GetInstance(o, false);
+							break;
+						case 1:
+							maximum = DerInteger.GetInstance(o, false);
+							break;
+						default:
+							throw new ArgumentException("Bad tag number: " + o.TagNo);
+					}
+					break;
+				}
+				case 3:
+				{
+					{
+						Asn1TaggedObject oMin = Asn1TaggedObject.GetInstance(seq[1]);
+						if (oMin.TagNo != 0)
+							throw new ArgumentException("Bad tag number for 'minimum': " + oMin.TagNo);
+						minimum = DerInteger.GetInstance(oMin, false);
+					}
+
+					{
+						Asn1TaggedObject oMax = Asn1TaggedObject.GetInstance(seq[2]);
+						if (oMax.TagNo != 1)
+							throw new ArgumentException("Bad tag number for 'maximum': " + oMax.TagNo);
+						maximum = DerInteger.GetInstance(oMax, false);
+					}
+
+					break;
+				}
+				default:
+					throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+		}
+
+		/**
+		 * Constructor from a given details.
+		 *
+		 * According RFC 3280, the minimum and maximum fields are not used with any
+		 * name forms, thus minimum MUST be zero, and maximum MUST be absent.
+		 * <p>
+		 * If minimum is <code>null</code>, zero is assumed, if
+		 * maximum is <code>null</code>, maximum is absent.</p>
+		 *
+		 * @param baseName
+		 *            A restriction.
+		 * @param minimum
+		 *            Minimum
+		 *
+		 * @param maximum
+		 *            Maximum
+		 */
+		public GeneralSubtree(
+			GeneralName	baseName,
+			BigInteger	minimum,
+			BigInteger	maximum)
+		{
+			this.baseName = baseName;
+			if (minimum != null)
+			{
+				this.minimum = new DerInteger(minimum);
+			}
+			if (maximum != null)
+			{
+				this.maximum = new DerInteger(maximum);
+			}
+		}
+
+		public GeneralSubtree(
+			GeneralName baseName)
+			: this(baseName, null, null)
+		{
+		}
+
+		public static GeneralSubtree GetInstance(
+			Asn1TaggedObject	o,
+			bool				isExplicit)
+		{
+			return new GeneralSubtree(Asn1Sequence.GetInstance(o, isExplicit));
+		}
+
+		public static GeneralSubtree GetInstance(
+			object obj)
+		{
+			if (obj == null)
+			{
+				return null;
+			}
+
+			if (obj is GeneralSubtree)
+			{
+				return (GeneralSubtree) obj;
+			}
+
+			return new GeneralSubtree(Asn1Sequence.GetInstance(obj));
+		}
+
+		public GeneralName Base
+		{
+			get { return baseName; }
+		}
+
+		public BigInteger Minimum
+		{
+			get { return minimum == null ? BigInteger.Zero : minimum.Value; }
+		}
+
+		public BigInteger Maximum
+		{
+			get { return maximum == null ? null : maximum.Value; }
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 *
+		 * Returns:
+		 *
+		 * <pre>
+		 *       GeneralSubtree ::= SEQUENCE
+		 *       {
+		 *         baseName                    GeneralName,
+		 *         minimum         [0]     BaseDistance DEFAULT 0,
+		 *         maximum         [1]     BaseDistance OPTIONAL
+		 *       }
+		 * </pre>
+		 *
+		 * @return a DERObject
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(baseName);
+
+			if (minimum != null && minimum.Value.SignValue != 0)
+			{
+				v.Add(new DerTaggedObject(false, 0, minimum));
+			}
+
+			if (maximum != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, maximum));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/Holder.cs b/bc-sharp-crypto/src/asn1/x509/Holder.cs
new file mode 100644
index 0000000..6e5315b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/Holder.cs
@@ -0,0 +1,259 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * The Holder object.
+	 * <p>
+	 * For an v2 attribute certificate this is:
+	 * 
+	 * <pre>
+	 *            Holder ::= SEQUENCE {
+	 *                  baseCertificateID   [0] IssuerSerial OPTIONAL,
+	 *                           -- the issuer and serial number of
+	 *                           -- the holder's Public Key Certificate
+	 *                  entityName          [1] GeneralNames OPTIONAL,
+	 *                           -- the name of the claimant or role
+	 *                  objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+	 *                           -- used to directly authenticate the holder,
+	 *                           -- for example, an executable
+	 *            }
+	 * </pre>
+	 * </p>
+	 * <p>
+	 * For an v1 attribute certificate this is:
+	 * 
+	 * <pre>
+	 *         subject CHOICE {
+	 *          baseCertificateID [0] IssuerSerial,
+	 *          -- associated with a Public Key Certificate
+	 *          subjectName [1] GeneralNames },
+	 *          -- associated with a name
+	 * </pre>
+	 * </p>
+	 */
+	public class Holder
+        : Asn1Encodable
+    {
+		internal readonly IssuerSerial		baseCertificateID;
+        internal readonly GeneralNames		entityName;
+        internal readonly ObjectDigestInfo	objectDigestInfo;
+		private readonly int version;
+
+		public static Holder GetInstance(
+            object obj)
+        {
+            if (obj is Holder)
+            {
+                return (Holder) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new Holder((Asn1Sequence) obj);
+            }
+
+			if (obj is Asn1TaggedObject)
+			{
+				return new Holder((Asn1TaggedObject) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor for a holder for an v1 attribute certificate.
+		 * 
+		 * @param tagObj The ASN.1 tagged holder object.
+		 */
+		public Holder(
+			Asn1TaggedObject tagObj)
+		{
+			switch (tagObj.TagNo)
+			{
+				case 0:
+					baseCertificateID = IssuerSerial.GetInstance(tagObj, false);
+					break;
+				case 1:
+					entityName = GeneralNames.GetInstance(tagObj, false);
+					break;
+				default:
+					throw new ArgumentException("unknown tag in Holder");
+			}
+
+			this.version = 0;
+		}
+
+		/**
+		 * Constructor for a holder for an v2 attribute certificate. *
+		 * 
+		 * @param seq The ASN.1 sequence.
+		 */
+		private Holder(
+            Asn1Sequence seq)
+        {
+			if (seq.Count > 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			for (int i = 0; i != seq.Count; i++)
+            {
+				Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[i]);
+
+				switch (tObj.TagNo)
+                {
+                    case 0:
+                        baseCertificateID = IssuerSerial.GetInstance(tObj, false);
+                        break;
+                    case 1:
+                        entityName = GeneralNames.GetInstance(tObj, false);
+                        break;
+                    case 2:
+                        objectDigestInfo = ObjectDigestInfo.GetInstance(tObj, false);
+                        break;
+                    default:
+                        throw new ArgumentException("unknown tag in Holder");
+                }
+            }
+
+			this.version = 1;
+		}
+
+		public Holder(
+			IssuerSerial baseCertificateID)
+			: this(baseCertificateID, 1)
+		{
+		}
+
+		/**
+		 * Constructs a holder from a IssuerSerial.
+		 * @param baseCertificateID The IssuerSerial.
+		 * @param version The version of the attribute certificate. 
+		 */
+		public Holder(
+			IssuerSerial	baseCertificateID,
+			int				version)
+		{
+			this.baseCertificateID = baseCertificateID;
+			this.version = version;
+		}
+
+		/**
+		 * Returns 1 for v2 attribute certificates or 0 for v1 attribute
+		 * certificates. 
+		 * @return The version of the attribute certificate.
+		 */
+		public int Version
+		{
+			get { return version; }
+		}
+
+		/**
+		 * Constructs a holder with an entityName for v2 attribute certificates or
+		 * with a subjectName for v1 attribute certificates.
+		 * 
+		 * @param entityName The entity or subject name.
+		 */
+		public Holder(
+			GeneralNames entityName)
+			: this(entityName, 1)
+		{
+		}
+
+		/**
+		 * Constructs a holder with an entityName for v2 attribute certificates or
+		 * with a subjectName for v1 attribute certificates.
+		 * 
+		 * @param entityName The entity or subject name.
+		 * @param version The version of the attribute certificate. 
+		 */
+		public Holder(
+			GeneralNames	entityName,
+			int				version)
+		{
+			this.entityName = entityName;
+			this.version = version;
+		}
+
+		/**
+		 * Constructs a holder from an object digest info.
+		 * 
+		 * @param objectDigestInfo The object digest info object.
+		 */
+		public Holder(
+			ObjectDigestInfo objectDigestInfo)
+		{
+			this.objectDigestInfo = objectDigestInfo;
+			this.version = 1;
+		}
+
+		public IssuerSerial BaseCertificateID
+		{
+			get { return baseCertificateID; }
+		}
+
+		/**
+		 * Returns the entityName for an v2 attribute certificate or the subjectName
+		 * for an v1 attribute certificate.
+		 * 
+		 * @return The entityname or subjectname.
+		 */
+		public GeneralNames EntityName
+		{
+			get { return entityName; }
+		}
+
+		public ObjectDigestInfo ObjectDigestInfo
+		{
+			get { return objectDigestInfo; }
+		}
+
+		/**
+         * The Holder object.
+         * <pre>
+         *  Holder ::= Sequence {
+         *        baseCertificateID   [0] IssuerSerial OPTIONAL,
+         *                 -- the issuer and serial number of
+         *                 -- the holder's Public Key Certificate
+         *        entityName          [1] GeneralNames OPTIONAL,
+         *                 -- the name of the claimant or role
+         *        objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+         *                 -- used to directly authenticate the holder,
+         *                 -- for example, an executable
+         *  }
+         * </pre>
+         */
+		public override Asn1Object ToAsn1Object()
+		{
+			if (version == 1)
+			{
+				Asn1EncodableVector v = new Asn1EncodableVector();
+
+				if (baseCertificateID != null)
+				{
+					v.Add(new DerTaggedObject(false, 0, baseCertificateID));
+				}
+
+				if (entityName != null)
+				{
+					v.Add(new DerTaggedObject(false, 1, entityName));
+				}
+
+				if (objectDigestInfo != null)
+				{
+					v.Add(new DerTaggedObject(false, 2, objectDigestInfo));
+				}
+
+				return new DerSequence(v);
+			}
+
+			if (entityName != null)
+			{
+				return new DerTaggedObject(false, 1, entityName);
+			}
+
+			return new DerTaggedObject(false, 0, baseCertificateID);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/IetfAttrSyntax.cs b/bc-sharp-crypto/src/asn1/x509/IetfAttrSyntax.cs
new file mode 100644
index 0000000..e719865
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/IetfAttrSyntax.cs
@@ -0,0 +1,161 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Implementation of <code>IetfAttrSyntax</code> as specified by RFC3281.
+     */
+    public class IetfAttrSyntax
+        : Asn1Encodable
+    {
+        public const int ValueOctets	= 1;
+        public const int ValueOid		= 2;
+        public const int ValueUtf8		= 3;
+
+		internal readonly GeneralNames	policyAuthority;
+        internal readonly Asn1EncodableVector values = new Asn1EncodableVector();
+
+		internal int valueChoice = -1;
+
+		/**
+         *
+         */
+        public IetfAttrSyntax(
+			Asn1Sequence seq)
+        {
+            int i = 0;
+
+            if (seq[0] is Asn1TaggedObject)
+            {
+                policyAuthority = GeneralNames.GetInstance(((Asn1TaggedObject)seq[0]), false);
+                i++;
+            }
+            else if (seq.Count == 2)
+            { // VOMS fix
+                policyAuthority = GeneralNames.GetInstance(seq[0]);
+                i++;
+            }
+
+			if (!(seq[i] is Asn1Sequence))
+            {
+                throw new ArgumentException("Non-IetfAttrSyntax encoding");
+            }
+
+			seq = (Asn1Sequence) seq[i];
+
+			foreach (Asn1Object obj in seq)
+			{
+                int type;
+
+                if (obj is DerObjectIdentifier)
+                {
+                    type = ValueOid;
+                }
+                else if (obj is DerUtf8String)
+                {
+                    type = ValueUtf8;
+                }
+                else if (obj is DerOctetString)
+                {
+                    type = ValueOctets;
+                }
+                else
+                {
+                    throw new ArgumentException("Bad value type encoding IetfAttrSyntax");
+                }
+
+				if (valueChoice < 0)
+                {
+                    valueChoice = type;
+                }
+
+				if (type != valueChoice)
+                {
+                    throw new ArgumentException("Mix of value types in IetfAttrSyntax");
+                }
+
+				values.Add(obj);
+            }
+        }
+
+		public GeneralNames PolicyAuthority
+		{
+			get { return policyAuthority; }
+		}
+
+		public int ValueType
+		{
+			get { return valueChoice; }
+		}
+
+		public object[] GetValues()
+        {
+            if (this.ValueType == ValueOctets)
+            {
+                Asn1OctetString[] tmp = new Asn1OctetString[values.Count];
+
+				for (int i = 0; i != tmp.Length; i++)
+                {
+                    tmp[i] = (Asn1OctetString) values[i];
+                }
+
+				return tmp;
+            }
+
+			if (this.ValueType == ValueOid)
+            {
+                DerObjectIdentifier[] tmp = new DerObjectIdentifier[values.Count];
+
+                for (int i = 0; i != tmp.Length; i++)
+                {
+                    tmp[i] = (DerObjectIdentifier) values[i];
+                }
+
+				return tmp;
+            }
+
+			{
+				DerUtf8String[] tmp = new DerUtf8String[values.Count];
+
+				for (int i = 0; i != tmp.Length; i++)
+				{
+					tmp[i] = (DerUtf8String) values[i];
+				}
+
+				return tmp;
+			}
+        }
+
+		/**
+         *
+         * <pre>
+         *
+         *  IetfAttrSyntax ::= Sequence {
+         *    policyAuthority [0] GeneralNames OPTIONAL,
+         *    values Sequence OF CHOICE {
+         *      octets OCTET STRING,
+         *      oid OBJECT IDENTIFIER,
+         *      string UTF8String
+         *    }
+         *  }
+         *
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (policyAuthority != null)
+            {
+                v.Add(new DerTaggedObject(0, policyAuthority));
+            }
+
+			v.Add(new DerSequence(values));
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/IssuerSerial.cs b/bc-sharp-crypto/src/asn1/x509/IssuerSerial.cs
new file mode 100644
index 0000000..1e47e02
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/IssuerSerial.cs
@@ -0,0 +1,100 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class IssuerSerial
+        : Asn1Encodable
+    {
+        internal readonly GeneralNames	issuer;
+        internal readonly DerInteger	serial;
+        internal readonly DerBitString	issuerUid;
+
+		public static IssuerSerial GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is IssuerSerial)
+            {
+                return (IssuerSerial) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new IssuerSerial((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+        public static IssuerSerial GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		private IssuerSerial(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2 && seq.Count != 3)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			issuer = GeneralNames.GetInstance(seq[0]);
+			serial = DerInteger.GetInstance(seq[1]);
+
+			if (seq.Count == 3)
+            {
+				issuerUid = DerBitString.GetInstance(seq[2]);
+			}
+        }
+
+		public IssuerSerial(
+			GeneralNames	issuer,
+			DerInteger		serial)
+		{
+			this.issuer = issuer;
+			this.serial = serial;
+		}
+
+		public GeneralNames Issuer
+		{
+			get { return issuer; }
+		}
+
+		public DerInteger Serial
+		{
+			get { return serial; }
+		}
+
+		public DerBitString IssuerUid
+		{
+			get { return issuerUid; }
+		}
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  IssuerSerial  ::=  Sequence {
+         *       issuer         GeneralNames,
+         *       serial         CertificateSerialNumber,
+         *       issuerUid      UniqueIdentifier OPTIONAL
+         *  }
+         * </pre>
+         */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				issuer, serial);
+
+			if (issuerUid != null)
+			{
+				v.Add(issuerUid);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/IssuingDistributionPoint.cs b/bc-sharp-crypto/src/asn1/x509/IssuingDistributionPoint.cs
new file mode 100644
index 0000000..8e9362b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/IssuingDistributionPoint.cs
@@ -0,0 +1,247 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * <pre>
+	 * IssuingDistributionPoint ::= SEQUENCE { 
+	 *   distributionPoint          [0] DistributionPointName OPTIONAL, 
+	 *   onlyContainsUserCerts      [1] BOOLEAN DEFAULT FALSE, 
+	 *   onlyContainsCACerts        [2] BOOLEAN DEFAULT FALSE, 
+	 *   onlySomeReasons            [3] ReasonFlags OPTIONAL, 
+	 *   indirectCRL                [4] BOOLEAN DEFAULT FALSE,
+	 *   onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
+	 * </pre>
+	 */
+	public class IssuingDistributionPoint
+        : Asn1Encodable
+    {
+		private readonly DistributionPointName	_distributionPoint;
+		private readonly bool					_onlyContainsUserCerts;
+        private readonly bool					_onlyContainsCACerts;
+		private readonly ReasonFlags			_onlySomeReasons;
+		private readonly bool					_indirectCRL;
+        private readonly bool					_onlyContainsAttributeCerts;
+
+		private readonly Asn1Sequence seq;
+
+		public static IssuingDistributionPoint GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static IssuingDistributionPoint GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is IssuingDistributionPoint)
+            {
+                return (IssuingDistributionPoint) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new IssuingDistributionPoint((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor from given details.
+		 * 
+		 * @param distributionPoint
+		 *            May contain an URI as pointer to most current CRL.
+		 * @param onlyContainsUserCerts Covers revocation information for end certificates.
+		 * @param onlyContainsCACerts Covers revocation information for CA certificates.
+		 * 
+		 * @param onlySomeReasons
+		 *            Which revocation reasons does this point cover.
+		 * @param indirectCRL
+		 *            If <code>true</code> then the CRL contains revocation
+		 *            information about certificates ssued by other CAs.
+		 * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
+		 */
+		public IssuingDistributionPoint(
+			DistributionPointName	distributionPoint,
+			bool					onlyContainsUserCerts,
+			bool					onlyContainsCACerts,
+			ReasonFlags				onlySomeReasons,
+			bool					indirectCRL,
+			bool					onlyContainsAttributeCerts)
+		{
+			this._distributionPoint = distributionPoint;
+			this._indirectCRL = indirectCRL;
+			this._onlyContainsAttributeCerts = onlyContainsAttributeCerts;
+			this._onlyContainsCACerts = onlyContainsCACerts;
+			this._onlyContainsUserCerts = onlyContainsUserCerts;
+			this._onlySomeReasons = onlySomeReasons;
+
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+			if (distributionPoint != null)
+			{	// CHOICE item so explicitly tagged
+				vec.Add(new DerTaggedObject(true, 0, distributionPoint));
+			}
+			if (onlyContainsUserCerts)
+			{
+				vec.Add(new DerTaggedObject(false, 1, DerBoolean.True));
+			}
+			if (onlyContainsCACerts)
+			{
+				vec.Add(new DerTaggedObject(false, 2, DerBoolean.True));
+			}
+			if (onlySomeReasons != null)
+			{
+				vec.Add(new DerTaggedObject(false, 3, onlySomeReasons));
+			}
+			if (indirectCRL)
+			{
+				vec.Add(new DerTaggedObject(false, 4, DerBoolean.True));
+			}
+			if (onlyContainsAttributeCerts)
+			{
+				vec.Add(new DerTaggedObject(false, 5, DerBoolean.True));
+			}
+
+			seq = new DerSequence(vec);
+		}
+
+		/**
+         * Constructor from Asn1Sequence
+         */
+        private IssuingDistributionPoint(
+            Asn1Sequence seq)
+        {
+            this.seq = seq;
+
+			for (int i = 0; i != seq.Count; i++)
+            {
+				Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]);
+
+				switch (o.TagNo)
+                {
+					case 0:
+						// CHOICE so explicit
+						_distributionPoint = DistributionPointName.GetInstance(o, true);
+						break;
+					case 1:
+						_onlyContainsUserCerts = DerBoolean.GetInstance(o, false).IsTrue;
+						break;
+					case 2:
+						_onlyContainsCACerts = DerBoolean.GetInstance(o, false).IsTrue;
+						break;
+					case 3:
+						_onlySomeReasons = new ReasonFlags(ReasonFlags.GetInstance(o, false));
+						break;
+					case 4:
+						_indirectCRL = DerBoolean.GetInstance(o, false).IsTrue;
+						break;
+					case 5:
+						_onlyContainsAttributeCerts = DerBoolean.GetInstance(o, false).IsTrue;
+						break;
+					default:
+						throw new ArgumentException("unknown tag in IssuingDistributionPoint");
+                }
+            }
+        }
+
+		public bool OnlyContainsUserCerts
+		{
+			get { return _onlyContainsUserCerts; }
+		}
+
+		public bool OnlyContainsCACerts
+		{
+			get { return _onlyContainsCACerts; }
+		}
+
+		public bool IsIndirectCrl
+		{
+			get { return _indirectCRL; }
+		}
+
+		public bool OnlyContainsAttributeCerts
+		{
+			get { return _onlyContainsAttributeCerts; }
+		}
+
+		/**
+		 * @return Returns the distributionPoint.
+		 */
+		public DistributionPointName DistributionPoint
+		{
+			get { return _distributionPoint; }
+		}
+
+		/**
+		 * @return Returns the onlySomeReasons.
+		 */
+		public ReasonFlags OnlySomeReasons
+		{
+			get { return _onlySomeReasons; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+
+		public override string ToString()
+		{
+			string sep = Platform.NewLine;
+			StringBuilder buf = new StringBuilder();
+
+			buf.Append("IssuingDistributionPoint: [");
+			buf.Append(sep);
+			if (_distributionPoint != null)
+			{
+				appendObject(buf, sep, "distributionPoint", _distributionPoint.ToString());
+			}
+			if (_onlyContainsUserCerts)
+			{
+				appendObject(buf, sep, "onlyContainsUserCerts", _onlyContainsUserCerts.ToString());
+			}
+			if (_onlyContainsCACerts)
+			{
+				appendObject(buf, sep, "onlyContainsCACerts", _onlyContainsCACerts.ToString());
+			}
+			if (_onlySomeReasons != null)
+			{
+				appendObject(buf, sep, "onlySomeReasons", _onlySomeReasons.ToString());
+			}
+			if (_onlyContainsAttributeCerts)
+			{
+				appendObject(buf, sep, "onlyContainsAttributeCerts", _onlyContainsAttributeCerts.ToString());
+			}
+			if (_indirectCRL)
+			{
+				appendObject(buf, sep, "indirectCRL", _indirectCRL.ToString());
+			}
+			buf.Append("]");
+			buf.Append(sep);
+			return buf.ToString();
+		}
+
+		private void appendObject(
+			StringBuilder	buf,
+			string			sep,
+			string			name,
+			string			val)
+		{
+			string indent = "    ";
+
+			buf.Append(indent);
+			buf.Append(name);
+			buf.Append(":");
+			buf.Append(sep);
+			buf.Append(indent);
+			buf.Append(indent);
+			buf.Append(val);
+			buf.Append(sep);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/KeyPurposeId.cs b/bc-sharp-crypto/src/asn1/x509/KeyPurposeId.cs
new file mode 100644
index 0000000..1a564b9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/KeyPurposeId.cs
@@ -0,0 +1,38 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The KeyPurposeID object.
+     * <pre>
+     *     KeyPurposeID ::= OBJECT IDENTIFIER
+     * </pre>
+     */
+    public sealed class KeyPurposeID
+        : DerObjectIdentifier
+    {
+        private const string IdKP = "1.3.6.1.5.5.7.3";
+
+		private KeyPurposeID(
+			string id)
+			: base(id)
+        {
+        }
+
+		public static readonly KeyPurposeID AnyExtendedKeyUsage = new KeyPurposeID(X509Extensions.ExtendedKeyUsage.Id + ".0");
+        public static readonly KeyPurposeID IdKPServerAuth = new KeyPurposeID(IdKP + ".1");
+        public static readonly KeyPurposeID IdKPClientAuth = new KeyPurposeID(IdKP + ".2");
+        public static readonly KeyPurposeID IdKPCodeSigning = new KeyPurposeID(IdKP + ".3");
+        public static readonly KeyPurposeID IdKPEmailProtection = new KeyPurposeID(IdKP + ".4");
+        public static readonly KeyPurposeID IdKPIpsecEndSystem = new KeyPurposeID(IdKP + ".5");
+        public static readonly KeyPurposeID IdKPIpsecTunnel = new KeyPurposeID(IdKP + ".6");
+        public static readonly KeyPurposeID IdKPIpsecUser = new KeyPurposeID(IdKP + ".7");
+        public static readonly KeyPurposeID IdKPTimeStamping = new KeyPurposeID(IdKP + ".8");
+        public static readonly KeyPurposeID IdKPOcspSigning = new KeyPurposeID(IdKP + ".9");
+
+		//
+        // microsoft key purpose ids
+        //
+        public static readonly KeyPurposeID IdKPSmartCardLogon = new KeyPurposeID("1.3.6.1.4.1.311.20.2.2");
+
+        public static readonly KeyPurposeID IdKPMacAddress = new KeyPurposeID("1.3.6.1.1.1.1.22");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/KeyUsage.cs b/bc-sharp-crypto/src/asn1/x509/KeyUsage.cs
new file mode 100644
index 0000000..aeaffb7
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/KeyUsage.cs
@@ -0,0 +1,78 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The KeyUsage object.
+     * <pre>
+     *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+     *
+     *    KeyUsage ::= BIT STRING {
+     *         digitalSignature        (0),
+     *         nonRepudiation          (1),
+     *         keyEncipherment         (2),
+     *         dataEncipherment        (3),
+     *         keyAgreement            (4),
+     *         keyCertSign             (5),
+     *         cRLSign                 (6),
+     *         encipherOnly            (7),
+     *         decipherOnly            (8) }
+     * </pre>
+     */
+    public class KeyUsage
+        : DerBitString
+    {
+        public const int DigitalSignature = (1 << 7);
+        public const int NonRepudiation   = (1 << 6);
+        public const int KeyEncipherment  = (1 << 5);
+        public const int DataEncipherment = (1 << 4);
+        public const int KeyAgreement     = (1 << 3);
+        public const int KeyCertSign      = (1 << 2);
+        public const int CrlSign          = (1 << 1);
+        public const int EncipherOnly     = (1 << 0);
+        public const int DecipherOnly     = (1 << 15);
+
+		public static new KeyUsage GetInstance(
+			object obj)
+		{
+			if (obj is KeyUsage)
+			{
+				return (KeyUsage)obj;
+			}
+
+			if (obj is X509Extension)
+			{
+				return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+			}
+
+			return new KeyUsage(DerBitString.GetInstance(obj));
+		}
+
+		/**
+         * Basic constructor.
+         *
+         * @param usage - the bitwise OR of the Key Usage flags giving the
+         * allowed uses for the key.
+         * e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)
+         */
+        public KeyUsage(int usage)
+			: base(usage)
+        {
+        }
+
+		private KeyUsage(
+			DerBitString usage)
+			: base(usage.GetBytes(), usage.PadBits)
+        {
+        }
+
+		public override string ToString()
+        {
+			byte[] data = GetBytes();
+            if (data.Length == 1)
+            {
+				return "KeyUsage: 0x" + (data[0] & 0xff).ToString("X");
+            }
+
+			return "KeyUsage: 0x" + ((data[1] & 0xff) << 8 | (data[0] & 0xff)).ToString("X");
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/NameConstraints.cs b/bc-sharp-crypto/src/asn1/x509/NameConstraints.cs
new file mode 100644
index 0000000..0c5fea8
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/NameConstraints.cs
@@ -0,0 +1,120 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	public class NameConstraints
+		: Asn1Encodable
+	{
+		private Asn1Sequence permitted, excluded;
+
+		public static NameConstraints GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is NameConstraints)
+			{
+				return (NameConstraints) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new NameConstraints((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public NameConstraints(
+			Asn1Sequence seq)
+		{
+			foreach (Asn1TaggedObject o in seq)
+			{
+				switch (o.TagNo)
+				{
+					case 0:
+						permitted = Asn1Sequence.GetInstance(o, false);
+						break;
+					case 1:
+						excluded = Asn1Sequence.GetInstance(o, false);
+						break;
+				}
+			}
+		}
+
+#if !(SILVERLIGHT || PORTABLE)
+        public NameConstraints(
+            ArrayList permitted,
+            ArrayList excluded)
+            : this((IList)permitted, (IList)excluded)
+        {
+        }
+#endif
+
+        /**
+		 * Constructor from a given details.
+		 *
+		 * <p>permitted and excluded are Vectors of GeneralSubtree objects.</p>
+		 *
+		 * @param permitted Permitted subtrees
+		 * @param excluded Excluded subtrees
+		 */
+		public NameConstraints(
+			IList   permitted,
+			IList   excluded)
+		{
+			if (permitted != null)
+			{
+				this.permitted = CreateSequence(permitted);
+			}
+
+			if (excluded != null)
+			{
+				this.excluded = CreateSequence(excluded);
+			}
+		}
+
+		private DerSequence CreateSequence(
+			IList subtrees)
+		{
+            GeneralSubtree[] gsts = new GeneralSubtree[subtrees.Count];
+            for (int i = 0; i < subtrees.Count; ++i)
+            {
+                gsts[i] = (GeneralSubtree)subtrees[i];
+            }
+            return new DerSequence(gsts);
+		}
+
+		public Asn1Sequence PermittedSubtrees
+		{
+			get { return permitted; }
+		}
+
+		public Asn1Sequence ExcludedSubtrees
+		{
+			get { return excluded; }
+		}
+
+		/*
+		 * NameConstraints ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees
+		 * OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL }
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (permitted != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, permitted));
+			}
+
+			if (excluded != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, excluded));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/NoticeReference.cs b/bc-sharp-crypto/src/asn1/x509/NoticeReference.cs
new file mode 100644
index 0000000..f0d3a7b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/NoticeReference.cs
@@ -0,0 +1,143 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * <code>NoticeReference</code> class, used in
+     * <code>CertificatePolicies</code> X509 V3 extensions
+     * (in policy qualifiers).
+     *
+     * <pre>
+     *  NoticeReference ::= Sequence {
+     *      organization     DisplayText,
+     *      noticeNumbers    Sequence OF Integer }
+     *
+     * </pre>
+     *
+     * @see PolicyQualifierInfo
+     * @see PolicyInformation
+     */
+    public class NoticeReference
+        : Asn1Encodable
+    {
+        private readonly DisplayText organization;
+        private readonly Asn1Sequence noticeNumbers;
+
+        private static Asn1EncodableVector ConvertVector(IList numbers)
+        {
+            Asn1EncodableVector av = new Asn1EncodableVector();
+
+            foreach (object o in numbers)
+            {
+                DerInteger di;
+
+                if (o is BigInteger)
+                {
+                    di = new DerInteger((BigInteger)o);
+                }
+                else if (o is int)
+                {
+                    di = new DerInteger((int)o);
+                }
+                else
+                {
+                    throw new ArgumentException();
+                }
+
+                av.Add(di);
+            }
+            return av;
+        }
+
+        /**
+         * Creates a new <code>NoticeReference</code> instance.
+         *
+         * @param organization a <code>String</code> value
+         * @param numbers a <code>Vector</code> value
+         */
+        public NoticeReference(string organization, IList numbers)
+            : this(organization, ConvertVector(numbers))
+        {
+        }
+
+        /**
+        * Creates a new <code>NoticeReference</code> instance.
+        *
+        * @param organization a <code>String</code> value
+        * @param noticeNumbers an <code>ASN1EncodableVector</code> value
+        */
+        public NoticeReference(string organization, Asn1EncodableVector noticeNumbers)
+            : this(new DisplayText(organization), noticeNumbers)
+        {
+        }
+
+        /**
+         * Creates a new <code>NoticeReference</code> instance.
+         *
+         * @param organization displayText
+         * @param noticeNumbers an <code>ASN1EncodableVector</code> value
+         */
+        public NoticeReference(DisplayText organization, Asn1EncodableVector noticeNumbers)
+        {
+            this.organization = organization;
+            this.noticeNumbers = new DerSequence(noticeNumbers);
+        }
+
+        /**
+         * Creates a new <code>NoticeReference</code> instance.
+         * <p>Useful for reconstructing a <code>NoticeReference</code>
+         * instance from its encodable/encoded form.</p>
+         *
+         * @param as an <code>Asn1Sequence</code> value obtained from either
+         * calling @{link ToAsn1Object()} for a <code>NoticeReference</code>
+         * instance or from parsing it from a Der-encoded stream.
+         */
+        private NoticeReference(Asn1Sequence seq)
+        {
+            if (seq.Count != 2)
+                throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            organization = DisplayText.GetInstance(seq[0]);
+            noticeNumbers = Asn1Sequence.GetInstance(seq[1]);
+        }
+
+        public static NoticeReference GetInstance(object obj)
+        {
+            if (obj is NoticeReference)
+                return (NoticeReference)obj;
+            if (obj == null)
+                return null;
+            return new NoticeReference(Asn1Sequence.GetInstance(obj));
+        }
+
+        public virtual DisplayText Organization
+        {
+            get { return organization; }
+        }
+
+        public virtual DerInteger[] GetNoticeNumbers()
+        {
+            DerInteger[] tmp = new DerInteger[noticeNumbers.Count];
+
+            for (int i = 0; i != noticeNumbers.Count; ++i)
+            {
+                tmp[i] = DerInteger.GetInstance(noticeNumbers[i]);
+            }
+
+            return tmp;
+        }
+
+        /**
+         * Describe <code>ToAsn1Object</code> method here.
+         *
+         * @return a <code>Asn1Object</code> value
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(organization, noticeNumbers);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/ObjectDigestInfo.cs b/bc-sharp-crypto/src/asn1/x509/ObjectDigestInfo.cs
new file mode 100644
index 0000000..9cd9a5f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/ObjectDigestInfo.cs
@@ -0,0 +1,179 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * ObjectDigestInfo ASN.1 structure used in v2 attribute certificates.
+	 * 
+	 * <pre>
+	 *  
+	 *    ObjectDigestInfo ::= SEQUENCE {
+	 *         digestedObjectType  ENUMERATED {
+	 *                 publicKey            (0),
+	 *                 publicKeyCert        (1),
+	 *                 otherObjectTypes     (2) },
+	 *                         -- otherObjectTypes MUST NOT
+	 *                         -- be used in this profile
+	 *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+	 *         digestAlgorithm     AlgorithmIdentifier,
+	 *         objectDigest        BIT STRING
+	 *    }
+	 *   
+	 * </pre>
+	 * 
+	 */
+	public class ObjectDigestInfo
+        : Asn1Encodable
+    {
+		/**
+		 * The public key is hashed.
+		 */
+		public const int PublicKey = 0;
+
+		/**
+		 * The public key certificate is hashed.
+		 */
+		public const int PublicKeyCert = 1;
+
+		/**
+		 * An other object is hashed.
+		 */
+		public const int OtherObjectDigest = 2;
+
+		internal readonly DerEnumerated			digestedObjectType;
+        internal readonly DerObjectIdentifier	otherObjectTypeID;
+        internal readonly AlgorithmIdentifier	digestAlgorithm;
+        internal readonly DerBitString			objectDigest;
+
+		public static ObjectDigestInfo GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is ObjectDigestInfo)
+            {
+                return (ObjectDigestInfo) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new ObjectDigestInfo((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public static ObjectDigestInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				isExplicit)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+        }
+
+		/**
+		 * Constructor from given details.
+		 * <p>
+		 * If <code>digestedObjectType</code> is not {@link #publicKeyCert} or
+		 * {@link #publicKey} <code>otherObjectTypeID</code> must be given,
+		 * otherwise it is ignored.</p>
+		 * 
+		 * @param digestedObjectType The digest object type.
+		 * @param otherObjectTypeID The object type ID for
+		 *            <code>otherObjectDigest</code>.
+		 * @param digestAlgorithm The algorithm identifier for the hash.
+		 * @param objectDigest The hash value.
+		 */
+		public ObjectDigestInfo(
+			int					digestedObjectType,
+			string				otherObjectTypeID,
+			AlgorithmIdentifier	digestAlgorithm,
+			byte[]				objectDigest)
+		{
+			this.digestedObjectType = new DerEnumerated(digestedObjectType);
+
+			if (digestedObjectType == OtherObjectDigest)
+			{
+				this.otherObjectTypeID = new DerObjectIdentifier(otherObjectTypeID);
+			}
+
+			this.digestAlgorithm = digestAlgorithm; 
+
+			this.objectDigest = new DerBitString(objectDigest);
+		}
+
+		private ObjectDigestInfo(
+			Asn1Sequence seq)
+        {
+			if (seq.Count > 4 || seq.Count < 3)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			digestedObjectType = DerEnumerated.GetInstance(seq[0]);
+
+			int offset = 0;
+
+			if (seq.Count == 4)
+            {
+                otherObjectTypeID = DerObjectIdentifier.GetInstance(seq[1]);
+                offset++;
+            }
+
+			digestAlgorithm = AlgorithmIdentifier.GetInstance(seq[1 + offset]);
+			objectDigest = DerBitString.GetInstance(seq[2 + offset]);
+		}
+
+		public DerEnumerated DigestedObjectType
+		{
+			get { return digestedObjectType; }
+		}
+
+		public DerObjectIdentifier OtherObjectTypeID
+		{
+			get { return otherObjectTypeID; }
+		}
+
+		public AlgorithmIdentifier DigestAlgorithm
+		{
+			get { return digestAlgorithm; }
+		}
+
+		public DerBitString ObjectDigest
+		{
+			get { return objectDigest; }
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * 
+		 * <pre>
+		 *  
+		 *    ObjectDigestInfo ::= SEQUENCE {
+		 *         digestedObjectType  ENUMERATED {
+		 *                 publicKey            (0),
+		 *                 publicKeyCert        (1),
+		 *                 otherObjectTypes     (2) },
+		 *                         -- otherObjectTypes MUST NOT
+		 *                         -- be used in this profile
+		 *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+		 *         digestAlgorithm     AlgorithmIdentifier,
+		 *         objectDigest        BIT STRING
+		 *    }
+		 *   
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(digestedObjectType);
+
+			if (otherObjectTypeID != null)
+            {
+                v.Add(otherObjectTypeID);
+            }
+
+			v.Add(digestAlgorithm, objectDigest);
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/PolicyInformation.cs b/bc-sharp-crypto/src/asn1/x509/PolicyInformation.cs
new file mode 100644
index 0000000..29d2450
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/PolicyInformation.cs
@@ -0,0 +1,80 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class PolicyInformation
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	policyIdentifier;
+        private readonly Asn1Sequence			policyQualifiers;
+
+		private PolicyInformation(
+            Asn1Sequence seq)
+        {
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			policyIdentifier = DerObjectIdentifier.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				policyQualifiers = Asn1Sequence.GetInstance(seq[1]);
+			}
+        }
+
+		public PolicyInformation(
+            DerObjectIdentifier policyIdentifier)
+        {
+            this.policyIdentifier = policyIdentifier;
+        }
+
+		public PolicyInformation(
+            DerObjectIdentifier	policyIdentifier,
+            Asn1Sequence		policyQualifiers)
+        {
+            this.policyIdentifier = policyIdentifier;
+            this.policyQualifiers = policyQualifiers;
+        }
+
+		public static PolicyInformation GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is PolicyInformation)
+            {
+                return (PolicyInformation) obj;
+            }
+
+			return new PolicyInformation(Asn1Sequence.GetInstance(obj));
+        }
+
+		public DerObjectIdentifier PolicyIdentifier
+		{
+			get { return policyIdentifier; }
+		}
+
+		public Asn1Sequence PolicyQualifiers
+		{
+			get { return policyQualifiers; }
+		}
+
+		/*
+         * PolicyInformation ::= Sequence {
+         *      policyIdentifier   CertPolicyId,
+         *      policyQualifiers   Sequence SIZE (1..MAX) OF
+         *              PolicyQualifierInfo OPTIONAL }
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(policyIdentifier);
+
+			if (policyQualifiers != null)
+            {
+                v.Add(policyQualifiers);
+            }
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/PolicyMappings.cs b/bc-sharp-crypto/src/asn1/x509/PolicyMappings.cs
new file mode 100644
index 0000000..928ad13
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/PolicyMappings.cs
@@ -0,0 +1,70 @@
+using System.Collections;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * PolicyMappings V3 extension, described in RFC3280.
+	 * <pre>
+	 *    PolicyMappings ::= Sequence SIZE (1..MAX) OF Sequence {
+	 *      issuerDomainPolicy      CertPolicyId,
+	 *      subjectDomainPolicy     CertPolicyId }
+	 * </pre>
+	 *
+	 * @see <a href="http://www.faqs.org/rfc/rfc3280.txt">RFC 3280, section 4.2.1.6</a>
+	 */
+	public class PolicyMappings
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence seq;
+
+		/**
+		 * Creates a new <code>PolicyMappings</code> instance.
+		 *
+		 * @param seq an <code>Asn1Sequence</code> constructed as specified
+		 * in RFC 3280
+		 */
+		public PolicyMappings(
+			Asn1Sequence seq)
+		{
+			this.seq = seq;
+		}
+
+#if !(SILVERLIGHT || PORTABLE)
+        public PolicyMappings(
+            Hashtable mappings)
+            : this((IDictionary)mappings)
+        {
+        }
+#endif
+
+        /**
+		 * Creates a new <code>PolicyMappings</code> instance.
+		 *
+		 * @param mappings a <code>HashMap</code> value that maps
+		 * <code>string</code> oids
+		 * to other <code>string</code> oids.
+		 */
+		public PolicyMappings(
+			IDictionary mappings)
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			foreach (string idp in mappings.Keys)
+			{
+				string sdp = (string) mappings[idp];
+
+				v.Add(
+					new DerSequence(
+						new DerObjectIdentifier(idp),
+						new DerObjectIdentifier(sdp)));
+			}
+
+			seq = new DerSequence(v);
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return seq;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/PolicyQualifierId.cs b/bc-sharp-crypto/src/asn1/x509/PolicyQualifierId.cs
new file mode 100644
index 0000000..c858f08
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/PolicyQualifierId.cs
@@ -0,0 +1,28 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * PolicyQualifierId, used in the CertificatePolicies
+	 * X509V3 extension.
+	 *
+	 * <pre>
+	 *    id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+	 *    id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+	 *    id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+	 *  PolicyQualifierId ::=
+	 *       OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+	 * </pre>
+	 */
+	public sealed class PolicyQualifierID : DerObjectIdentifier
+	{
+		private const string IdQt = "1.3.6.1.5.5.7.2";
+
+		private PolicyQualifierID(
+			string id)
+			: base(id)
+		{
+		}
+
+		public static readonly PolicyQualifierID IdQtCps = new PolicyQualifierID(IdQt + ".1");
+		public static readonly PolicyQualifierID IdQtUnotice = new PolicyQualifierID(IdQt + ".2");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/PolicyQualifierInfo.cs b/bc-sharp-crypto/src/asn1/x509/PolicyQualifierInfo.cs
new file mode 100644
index 0000000..3cf6d7e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/PolicyQualifierInfo.cs
@@ -0,0 +1,95 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Policy qualifiers, used in the X509V3 CertificatePolicies
+     * extension.
+     *
+     * <pre>
+     *   PolicyQualifierInfo ::= Sequence {
+     *       policyQualifierId  PolicyQualifierId,
+     *       qualifier          ANY DEFINED BY policyQualifierId }
+     * </pre>
+     */
+    public class PolicyQualifierInfo
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier policyQualifierId;
+        private readonly Asn1Encodable qualifier;
+
+        /**
+         * Creates a new <code>PolicyQualifierInfo</code> instance.
+         *
+         * @param policyQualifierId a <code>PolicyQualifierId</code> value
+         * @param qualifier the qualifier, defined by the above field.
+         */
+        public PolicyQualifierInfo(
+            DerObjectIdentifier	policyQualifierId,
+            Asn1Encodable		qualifier)
+        {
+            this.policyQualifierId = policyQualifierId;
+            this.qualifier = qualifier;
+        }
+
+        /**
+         * Creates a new <code>PolicyQualifierInfo</code> containing a
+         * cPSuri qualifier.
+         *
+         * @param cps the CPS (certification practice statement) uri as a
+         * <code>string</code>.
+         */
+        public PolicyQualifierInfo(
+            string cps)
+        {
+            policyQualifierId = PolicyQualifierID.IdQtCps;
+            qualifier = new DerIA5String(cps);
+        }
+
+        /**
+         * Creates a new <code>PolicyQualifierInfo</code> instance.
+         *
+         * @param as <code>PolicyQualifierInfo</code> X509 structure
+         * encoded as an Asn1Sequence.
+         */
+        private PolicyQualifierInfo(
+            Asn1Sequence seq)
+        {
+            if (seq.Count != 2)
+                throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            policyQualifierId = DerObjectIdentifier.GetInstance(seq[0]);
+            qualifier = seq[1];
+        }
+
+        public static PolicyQualifierInfo GetInstance(
+            object obj)
+        {
+            if (obj is PolicyQualifierInfo)
+                return (PolicyQualifierInfo)obj;
+            if (obj == null)
+                return null;
+            return new PolicyQualifierInfo(Asn1Sequence.GetInstance(obj));
+        }
+
+        public virtual DerObjectIdentifier PolicyQualifierId
+        {
+            get { return policyQualifierId; }
+        }
+
+        public virtual Asn1Encodable Qualifier
+        {
+            get { return qualifier; }
+        }
+
+        /**
+         * Returns a Der-encodable representation of this instance.
+         *
+         * @return a <code>Asn1Object</code> value
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(policyQualifierId, qualifier);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs b/bc-sharp-crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs
new file mode 100644
index 0000000..a3d7a36
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs
@@ -0,0 +1,84 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/// <remarks>
+	/// <pre>
+	/// PrivateKeyUsagePeriod ::= SEQUENCE
+	/// {
+	/// notBefore       [0]     GeneralizedTime OPTIONAL,
+	/// notAfter        [1]     GeneralizedTime OPTIONAL }
+	/// </pre>
+	/// </remarks>
+	public class PrivateKeyUsagePeriod
+		: Asn1Encodable
+	{
+		public static PrivateKeyUsagePeriod GetInstance(
+			object obj)
+		{
+			if (obj is PrivateKeyUsagePeriod)
+			{
+				return (PrivateKeyUsagePeriod) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new PrivateKeyUsagePeriod((Asn1Sequence) obj);
+			}
+
+			if (obj is X509Extension)
+			{
+				return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+			}
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private DerGeneralizedTime _notBefore, _notAfter;
+
+		private PrivateKeyUsagePeriod(
+			Asn1Sequence seq)
+		{
+			foreach (Asn1TaggedObject tObj in seq)
+			{
+				if (tObj.TagNo == 0)
+				{
+					_notBefore = DerGeneralizedTime.GetInstance(tObj, false);
+				}
+				else if (tObj.TagNo == 1)
+				{
+					_notAfter = DerGeneralizedTime.GetInstance(tObj, false);
+				}
+			}
+		}
+
+		public DerGeneralizedTime NotBefore
+		{
+			get { return _notBefore; }
+		}
+
+		public DerGeneralizedTime NotAfter
+		{
+			get { return _notAfter; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (_notBefore != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, _notBefore));
+			}
+
+			if (_notAfter != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, _notAfter));
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/RSAPublicKeyStructure.cs b/bc-sharp-crypto/src/asn1/x509/RSAPublicKeyStructure.cs
new file mode 100644
index 0000000..20fdd96
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/RSAPublicKeyStructure.cs
@@ -0,0 +1,93 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class RsaPublicKeyStructure
+        : Asn1Encodable
+    {
+        private BigInteger modulus;
+        private BigInteger publicExponent;
+
+		public static RsaPublicKeyStructure GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static RsaPublicKeyStructure GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is RsaPublicKeyStructure)
+            {
+                return (RsaPublicKeyStructure) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new RsaPublicKeyStructure((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("Invalid RsaPublicKeyStructure: " + Platform.GetTypeName(obj));
+        }
+
+		public RsaPublicKeyStructure(
+            BigInteger	modulus,
+            BigInteger	publicExponent)
+        {
+			if (modulus == null)
+				throw new ArgumentNullException("modulus");
+			if (publicExponent == null)
+				throw new ArgumentNullException("publicExponent");
+			if (modulus.SignValue <= 0)
+				throw new ArgumentException("Not a valid RSA modulus", "modulus");
+			if (publicExponent.SignValue <= 0)
+				throw new ArgumentException("Not a valid RSA public exponent", "publicExponent");
+
+            this.modulus = modulus;
+            this.publicExponent = publicExponent;
+        }
+
+		private RsaPublicKeyStructure(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			// Note: we are accepting technically incorrect (i.e. negative) values here
+			modulus = DerInteger.GetInstance(seq[0]).PositiveValue;
+			publicExponent = DerInteger.GetInstance(seq[1]).PositiveValue;
+		}
+
+		public BigInteger Modulus
+        {
+            get { return modulus; }
+        }
+
+		public BigInteger PublicExponent
+        {
+            get { return publicExponent; }
+        }
+
+		/**
+         * This outputs the key in Pkcs1v2 format.
+         * <pre>
+         *      RSAPublicKey ::= Sequence {
+         *                          modulus Integer, -- n
+         *                          publicExponent Integer, -- e
+         *                      }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(
+				new DerInteger(Modulus),
+				new DerInteger(PublicExponent));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/ReasonFlags.cs b/bc-sharp-crypto/src/asn1/x509/ReasonFlags.cs
new file mode 100644
index 0000000..ad45e84
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/ReasonFlags.cs
@@ -0,0 +1,45 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The ReasonFlags object.
+     * <pre>
+     * ReasonFlags ::= BIT STRING {
+     *    unused(0),
+     *    keyCompromise(1),
+     *    cACompromise(2),
+     *    affiliationChanged(3),
+     *    superseded(4),
+     *    cessationOfOperation(5),
+     *    certficateHold(6)
+     * }
+     * </pre>
+     */
+    public class ReasonFlags
+        : DerBitString
+    {
+        public const int Unused                 = (1 << 7);
+        public const int KeyCompromise          = (1 << 6);
+        public const int CACompromise           = (1 << 5);
+        public const int AffiliationChanged     = (1 << 4);
+        public const int Superseded             = (1 << 3);
+        public const int CessationOfOperation   = (1 << 2);
+        public const int CertificateHold        = (1 << 1);
+        public const int PrivilegeWithdrawn     = (1 << 0);
+        public const int AACompromise           = (1 << 15);
+
+		/**
+         * @param reasons - the bitwise OR of the Key Reason flags giving the
+         * allowed uses for the key.
+         */
+        public ReasonFlags(int reasons)
+             : base(reasons)
+        {
+        }
+
+        public ReasonFlags(
+            DerBitString reasons)
+             : base(reasons.GetBytes(), reasons.PadBits)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/RoleSyntax.cs b/bc-sharp-crypto/src/asn1/x509/RoleSyntax.cs
new file mode 100644
index 0000000..48c3c6c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/RoleSyntax.cs
@@ -0,0 +1,230 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	* Implementation of the RoleSyntax object as specified by the RFC3281.
+	*
+	* <pre>
+	* RoleSyntax ::= SEQUENCE {
+	*                 roleAuthority  [0] GeneralNames OPTIONAL,
+	*                 roleName       [1] GeneralName
+	*           }
+	* </pre>
+	*/
+	public class RoleSyntax
+		: Asn1Encodable
+	{
+		private readonly GeneralNames	roleAuthority;
+		private readonly GeneralName	roleName;
+
+		/**
+		 * RoleSyntax factory method.
+		 * @param obj the object used to construct an instance of <code>
+		 * RoleSyntax</code>. It must be an instance of <code>RoleSyntax
+		 * </code> or <code>Asn1Sequence</code>.
+		 * @return the instance of <code>RoleSyntax</code> built from the
+		 * supplied object.
+		 * @throws java.lang.ArgumentException if the object passed
+		 * to the factory is not an instance of <code>RoleSyntax</code> or
+		 * <code>Asn1Sequence</code>.
+		 */
+		public static RoleSyntax GetInstance(
+			object obj)
+		{
+			if (obj is RoleSyntax)
+				return (RoleSyntax)obj;
+
+			if (obj != null)
+				return new RoleSyntax(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		/**
+		* Constructor.
+		* @param roleAuthority the role authority of this RoleSyntax.
+		* @param roleName    the role name of this RoleSyntax.
+		*/
+		public RoleSyntax(
+			GeneralNames	roleAuthority,
+			GeneralName		roleName)
+		{
+			if (roleName == null
+				|| roleName.TagNo != GeneralName.UniformResourceIdentifier
+				|| ((IAsn1String) roleName.Name).GetString().Equals(""))
+			{
+				throw new ArgumentException("the role name MUST be non empty and MUST " +
+					"use the URI option of GeneralName");
+			}
+
+			this.roleAuthority = roleAuthority;
+			this.roleName = roleName;
+		}
+
+		/**
+		* Constructor. Invoking this constructor is the same as invoking
+		* <code>new RoleSyntax(null, roleName)</code>.
+		* @param roleName    the role name of this RoleSyntax.
+		*/
+		public RoleSyntax(
+			GeneralName roleName)
+			: this(null, roleName)
+		{
+		}
+
+		/**
+		* Utility constructor. Takes a <code>string</code> argument representing
+		* the role name, builds a <code>GeneralName</code> to hold the role name
+		* and calls the constructor that takes a <code>GeneralName</code>.
+		* @param roleName
+		*/
+		public RoleSyntax(
+			string roleName)
+			: this(new GeneralName(GeneralName.UniformResourceIdentifier,
+				(roleName == null)? "": roleName))
+		{
+		}
+
+		/**
+		* Constructor that builds an instance of <code>RoleSyntax</code> by
+		* extracting the encoded elements from the <code>Asn1Sequence</code>
+		* object supplied.
+		* @param seq    an instance of <code>Asn1Sequence</code> that holds
+		* the encoded elements used to build this <code>RoleSyntax</code>.
+		*/
+		private RoleSyntax(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1 || seq.Count > 2)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				Asn1TaggedObject taggedObject = Asn1TaggedObject.GetInstance(seq[i]);
+				switch (taggedObject.TagNo)
+				{
+					case 0:
+						roleAuthority = GeneralNames.GetInstance(taggedObject, false);
+						break;
+					case 1:
+						roleName = GeneralName.GetInstance(taggedObject, true);
+						break;
+					default:
+						throw new ArgumentException("Unknown tag in RoleSyntax");
+				}
+			}
+		}
+
+		/**
+		* Gets the role authority of this RoleSyntax.
+		* @return    an instance of <code>GeneralNames</code> holding the
+		* role authority of this RoleSyntax.
+		*/
+		public GeneralNames RoleAuthority
+		{
+			get { return this.roleAuthority; }
+		}
+
+		/**
+		* Gets the role name of this RoleSyntax.
+		* @return    an instance of <code>GeneralName</code> holding the
+		* role name of this RoleSyntax.
+		*/
+		public GeneralName RoleName
+		{
+			get { return this.roleName; }
+		}
+
+		/**
+		* Gets the role name as a <code>java.lang.string</code> object.
+		* @return    the role name of this RoleSyntax represented as a
+		* <code>string</code> object.
+		*/
+		public string GetRoleNameAsString()
+		{
+			return ((IAsn1String) this.roleName.Name).GetString();
+		}
+
+		/**
+		* Gets the role authority as a <code>string[]</code> object.
+		* @return the role authority of this RoleSyntax represented as a
+		* <code>string[]</code> array.
+		*/
+		public string[] GetRoleAuthorityAsString()
+		{
+			if (roleAuthority == null)
+			{
+				return new string[0];
+			}
+
+			GeneralName[] names = roleAuthority.GetNames();
+			string[] namesString = new string[names.Length];
+			for(int i = 0; i < names.Length; i++)
+			{
+				Asn1Encodable asn1Value = names[i].Name;
+				if (asn1Value is IAsn1String)
+				{
+					namesString[i] = ((IAsn1String) asn1Value).GetString();
+				}
+				else
+				{
+					namesString[i] = asn1Value.ToString();
+				}
+			}
+
+			return namesString;
+		}
+
+		/**
+		* Implementation of the method <code>ToAsn1Object</code> as
+		* required by the superclass <code>ASN1Encodable</code>.
+		*
+		* <pre>
+		* RoleSyntax ::= SEQUENCE {
+		*                 roleAuthority  [0] GeneralNames OPTIONAL,
+		*                 roleName       [1] GeneralName
+		*           }
+		* </pre>
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			if (this.roleAuthority != null)
+			{
+				v.Add(new DerTaggedObject(false, 0, roleAuthority));
+			}
+
+			v.Add(new DerTaggedObject(true, 1, roleName));
+
+			return new DerSequence(v);
+		}
+
+		public override string ToString()
+		{
+			StringBuilder buff = new StringBuilder("Name: " + this.GetRoleNameAsString() +
+				" - Auth: ");
+
+			if (this.roleAuthority == null || roleAuthority.GetNames().Length == 0)
+			{
+				buff.Append("N/A");
+			}
+			else
+			{
+				string[] names = this.GetRoleAuthorityAsString();
+				buff.Append('[').Append(names[0]);
+				for(int i = 1; i < names.Length; i++)
+				{
+					buff.Append(", ").Append(names[i]);
+				}
+				buff.Append(']');
+			}
+
+			return buff.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/SubjectDirectoryAttributes.cs b/bc-sharp-crypto/src/asn1/x509/SubjectDirectoryAttributes.cs
new file mode 100644
index 0000000..77923e0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/SubjectDirectoryAttributes.cs
@@ -0,0 +1,142 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * This extension may contain further X.500 attributes of the subject. See also
+	 * RFC 3039.
+	 *
+	 * <pre>
+	 *     SubjectDirectoryAttributes ::= Attributes
+	 *     Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+	 *     Attribute ::= SEQUENCE
+	 *     {
+	 *       type AttributeType
+	 *       values SET OF AttributeValue
+	 *     }
+	 *
+	 *     AttributeType ::= OBJECT IDENTIFIER
+	 *     AttributeValue ::= ANY DEFINED BY AttributeType
+	 * </pre>
+	 *
+	 * @see org.bouncycastle.asn1.x509.X509Name for AttributeType ObjectIdentifiers.
+	 */
+	public class SubjectDirectoryAttributes
+		: Asn1Encodable
+	{
+		private readonly IList attributes;
+
+		public static SubjectDirectoryAttributes GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is SubjectDirectoryAttributes)
+			{
+				return (SubjectDirectoryAttributes) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new SubjectDirectoryAttributes((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor from Asn1Sequence.
+		 *
+		 * The sequence is of type SubjectDirectoryAttributes:
+		 *
+		 * <pre>
+		 *      SubjectDirectoryAttributes ::= Attributes
+		 *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+		 *      Attribute ::= SEQUENCE
+		 *      {
+		 *        type AttributeType
+		 *        values SET OF AttributeValue
+		 *      }
+		 *
+		 *      AttributeType ::= OBJECT IDENTIFIER
+		 *      AttributeValue ::= ANY DEFINED BY AttributeType
+		 * </pre>
+		 *
+		 * @param seq
+		 *            The ASN.1 sequence.
+		 */
+		private SubjectDirectoryAttributes(
+			Asn1Sequence seq)
+		{
+            this.attributes = Platform.CreateArrayList();
+            foreach (object o in seq)
+			{
+				Asn1Sequence s = Asn1Sequence.GetInstance(o);
+				attributes.Add(AttributeX509.GetInstance(s));
+			}
+		}
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public SubjectDirectoryAttributes(
+            ArrayList attributes)
+            : this((IList)attributes)
+        {
+        }
+#endif
+
+        /**
+		 * Constructor from an ArrayList of attributes.
+		 *
+		 * The ArrayList consists of attributes of type {@link Attribute Attribute}
+		 *
+		 * @param attributes The attributes.
+		 *
+		 */
+		public SubjectDirectoryAttributes(
+			IList attributes)
+		{
+            this.attributes = Platform.CreateArrayList(attributes);
+        }
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 *
+		 * Returns:
+		 *
+		 * <pre>
+		 *      SubjectDirectoryAttributes ::= Attributes
+		 *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+		 *      Attribute ::= SEQUENCE
+		 *      {
+		 *        type AttributeType
+		 *        values SET OF AttributeValue
+		 *      }
+		 *
+		 *      AttributeType ::= OBJECT IDENTIFIER
+		 *      AttributeValue ::= ANY DEFINED BY AttributeType
+		 * </pre>
+		 *
+		 * @return a DERObject
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+            AttributeX509[] v = new AttributeX509[attributes.Count];
+            for (int i = 0; i < attributes.Count; ++i)
+            {
+                v[i] = (AttributeX509)attributes[i];
+            }
+            return new DerSequence(v);
+		}
+
+        /**
+		 * @return Returns the attributes.
+		 */
+		public IEnumerable Attributes
+		{
+			get { return new EnumerableProxy(attributes); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/SubjectKeyIdentifier.cs b/bc-sharp-crypto/src/asn1/x509/SubjectKeyIdentifier.cs
new file mode 100644
index 0000000..f2e6cc0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/SubjectKeyIdentifier.cs
@@ -0,0 +1,142 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The SubjectKeyIdentifier object.
+     * <pre>
+     * SubjectKeyIdentifier::= OCTET STRING
+     * </pre>
+     */
+    public class SubjectKeyIdentifier
+        : Asn1Encodable
+    {
+        private readonly byte[] keyIdentifier;
+
+		public static SubjectKeyIdentifier GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1OctetString.GetInstance(obj, explicitly));
+        }
+
+		public static SubjectKeyIdentifier GetInstance(
+            object obj)
+        {
+            if (obj is SubjectKeyIdentifier)
+            {
+                return (SubjectKeyIdentifier) obj;
+            }
+
+			if (obj is SubjectPublicKeyInfo)
+            {
+                return new SubjectKeyIdentifier((SubjectPublicKeyInfo) obj);
+            }
+
+			if (obj is Asn1OctetString)
+            {
+                return new SubjectKeyIdentifier((Asn1OctetString) obj);
+            }
+
+			if (obj is X509Extension)
+			{
+				return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj));
+			}
+
+            throw new ArgumentException("Invalid SubjectKeyIdentifier: " + Platform.GetTypeName(obj));
+        }
+
+		public SubjectKeyIdentifier(
+            byte[] keyID)
+        {
+			if (keyID == null)
+				throw new ArgumentNullException("keyID");
+
+			this.keyIdentifier = keyID;
+        }
+
+		public SubjectKeyIdentifier(
+            Asn1OctetString keyID)
+        {
+            this.keyIdentifier = keyID.GetOctets();
+        }
+
+		/**
+		 * Calculates the keyIdentifier using a SHA1 hash over the BIT STRING
+		 * from SubjectPublicKeyInfo as defined in RFC3280.
+		 *
+		 * @param spki the subject public key info.
+		 */
+		public SubjectKeyIdentifier(
+			SubjectPublicKeyInfo spki)
+		{
+			this.keyIdentifier = GetDigest(spki);
+		}
+
+		public byte[] GetKeyIdentifier()
+		{
+			return keyIdentifier;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerOctetString(keyIdentifier);
+		}
+
+		/**
+		 * Return a RFC 3280 type 1 key identifier. As in:
+		 * <pre>
+		 * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
+		 * value of the BIT STRING subjectPublicKey (excluding the tag,
+		 * length, and number of unused bits).
+		 * </pre>
+		 * @param keyInfo the key info object containing the subjectPublicKey field.
+		 * @return the key identifier.
+		 */
+		public static SubjectKeyIdentifier CreateSha1KeyIdentifier(
+			SubjectPublicKeyInfo keyInfo)
+		{
+			return new SubjectKeyIdentifier(keyInfo);
+		}
+
+		/**
+		 * Return a RFC 3280 type 2 key identifier. As in:
+		 * <pre>
+		 * (2) The keyIdentifier is composed of a four bit type field with
+		 * the value 0100 followed by the least significant 60 bits of the
+		 * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
+		 * </pre>
+		 * @param keyInfo the key info object containing the subjectPublicKey field.
+		 * @return the key identifier.
+		 */
+		public static SubjectKeyIdentifier CreateTruncatedSha1KeyIdentifier(
+			SubjectPublicKeyInfo keyInfo)
+		{
+			byte[] dig = GetDigest(keyInfo);
+			byte[] id = new byte[8];
+
+			Array.Copy(dig, dig.Length - 8, id, 0, id.Length);
+
+			id[0] &= 0x0f;
+			id[0] |= 0x40;
+
+			return new SubjectKeyIdentifier(id);
+		}
+
+		private static byte[] GetDigest(
+			SubjectPublicKeyInfo spki)
+		{
+            IDigest digest = new Sha1Digest();
+            byte[] resBuf = new byte[digest.GetDigestSize()];
+
+			byte[] bytes = spki.PublicKeyData.GetBytes();
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            digest.DoFinal(resBuf, 0);
+            return resBuf;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/SubjectPublicKeyInfo.cs b/bc-sharp-crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
new file mode 100644
index 0000000..477329b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/SubjectPublicKeyInfo.cs
@@ -0,0 +1,102 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The object that contains the public key stored in a certficate.
+     * <p>
+     * The GetEncoded() method in the public keys in the JCE produces a DER
+     * encoded one of these.</p>
+     */
+    public class SubjectPublicKeyInfo
+        : Asn1Encodable
+    {
+        private readonly AlgorithmIdentifier	algID;
+        private readonly DerBitString			keyData;
+
+		public static SubjectPublicKeyInfo GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static SubjectPublicKeyInfo GetInstance(
+            object obj)
+        {
+            if (obj is SubjectPublicKeyInfo)
+                return (SubjectPublicKeyInfo) obj;
+
+			if (obj != null)
+				return new SubjectPublicKeyInfo(Asn1Sequence.GetInstance(obj));
+
+			return null;
+        }
+
+		public SubjectPublicKeyInfo(
+            AlgorithmIdentifier	algID,
+            Asn1Encodable		publicKey)
+        {
+            this.keyData = new DerBitString(publicKey);
+            this.algID = algID;
+        }
+
+		public SubjectPublicKeyInfo(
+            AlgorithmIdentifier	algID,
+            byte[]				publicKey)
+        {
+            this.keyData = new DerBitString(publicKey);
+            this.algID = algID;
+        }
+
+		private SubjectPublicKeyInfo(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            this.algID = AlgorithmIdentifier.GetInstance(seq[0]);
+			this.keyData = DerBitString.GetInstance(seq[1]);
+		}
+
+		public AlgorithmIdentifier AlgorithmID
+        {
+			get { return algID; }
+        }
+
+		/**
+         * for when the public key is an encoded object - if the bitstring
+         * can't be decoded this routine raises an IOException.
+         *
+         * @exception IOException - if the bit string doesn't represent a Der
+         * encoded object.
+         */
+        public Asn1Object GetPublicKey()
+        {
+			return Asn1Object.FromByteArray(keyData.GetOctets());
+        }
+
+		/**
+         * for when the public key is raw bits...
+         */
+        public DerBitString PublicKeyData
+        {
+			get { return keyData; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * SubjectPublicKeyInfo ::= Sequence {
+         *                          algorithm AlgorithmIdentifier,
+         *                          publicKey BIT STRING }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(algID, keyData);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/TBSCertList.cs b/bc-sharp-crypto/src/asn1/x509/TBSCertList.cs
new file mode 100644
index 0000000..5767a7f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/TBSCertList.cs
@@ -0,0 +1,275 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	public class CrlEntry
+		: Asn1Encodable
+	{
+		internal Asn1Sequence	seq;
+		internal DerInteger		userCertificate;
+		internal Time			revocationDate;
+		internal X509Extensions	crlEntryExtensions;
+
+		public CrlEntry(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 2 || seq.Count > 3)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			this.seq = seq;
+
+			userCertificate = DerInteger.GetInstance(seq[0]);
+			revocationDate = Time.GetInstance(seq[1]);
+		}
+
+		public DerInteger UserCertificate
+		{
+			get { return userCertificate; }
+		}
+
+		public Time RevocationDate
+		{
+			get { return revocationDate; }
+		}
+
+		public X509Extensions Extensions
+		{
+			get
+			{
+				if (crlEntryExtensions == null && seq.Count == 3)
+				{
+					crlEntryExtensions = X509Extensions.GetInstance(seq[2]);
+				}
+
+				return crlEntryExtensions;
+			}
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return seq;
+		}
+	}
+
+	/**
+     * PKIX RFC-2459 - TbsCertList object.
+     * <pre>
+     * TbsCertList  ::=  Sequence  {
+     *      version                 Version OPTIONAL,
+     *                                   -- if present, shall be v2
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      thisUpdate              Time,
+     *      nextUpdate              Time OPTIONAL,
+     *      revokedCertificates     Sequence OF Sequence  {
+     *           userCertificate         CertificateSerialNumber,
+     *           revocationDate          Time,
+     *           crlEntryExtensions      Extensions OPTIONAL
+     *                                         -- if present, shall be v2
+     *                                }  OPTIONAL,
+     *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+     *                                         -- if present, shall be v2
+     *                                }
+     * </pre>
+     */
+    public class TbsCertificateList
+        : Asn1Encodable
+    {
+		private class RevokedCertificatesEnumeration
+			: IEnumerable
+		{
+			private readonly IEnumerable en;
+
+			internal RevokedCertificatesEnumeration(
+				IEnumerable en)
+			{
+				this.en = en;
+			}
+
+			public IEnumerator GetEnumerator()
+			{
+				return new RevokedCertificatesEnumerator(en.GetEnumerator());
+			}
+
+			private class RevokedCertificatesEnumerator
+				: IEnumerator
+			{
+				private readonly IEnumerator e;
+
+				internal RevokedCertificatesEnumerator(
+					IEnumerator e)
+				{
+					this.e = e;
+				}
+
+				public bool MoveNext()
+				{
+					return e.MoveNext();
+				}
+
+				public void Reset()
+				{
+					e.Reset();
+				}
+
+				public object Current
+				{
+					get { return new CrlEntry(Asn1Sequence.GetInstance(e.Current)); }
+				}
+			}
+		}
+
+		internal Asn1Sequence			seq;
+		internal DerInteger				version;
+        internal AlgorithmIdentifier	signature;
+        internal X509Name				issuer;
+        internal Time					thisUpdate;
+        internal Time					nextUpdate;
+		internal Asn1Sequence			revokedCertificates;
+		internal X509Extensions			crlExtensions;
+
+		public static TbsCertificateList GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static TbsCertificateList GetInstance(
+            object obj)
+        {
+            TbsCertificateList list = obj as TbsCertificateList;
+
+			if (obj == null || list != null)
+            {
+                return list;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new TbsCertificateList((Asn1Sequence) obj);
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		internal TbsCertificateList(
+            Asn1Sequence seq)
+        {
+			if (seq.Count < 3 || seq.Count > 7)
+			{
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+			}
+
+			int seqPos = 0;
+
+			this.seq = seq;
+
+			if (seq[seqPos] is DerInteger)
+            {
+				version = DerInteger.GetInstance(seq[seqPos++]);
+			}
+            else
+            {
+                version = new DerInteger(0);
+            }
+
+			signature = AlgorithmIdentifier.GetInstance(seq[seqPos++]);
+            issuer = X509Name.GetInstance(seq[seqPos++]);
+            thisUpdate = Time.GetInstance(seq[seqPos++]);
+
+			if (seqPos < seq.Count
+                && (seq[seqPos] is DerUtcTime
+                   || seq[seqPos] is DerGeneralizedTime
+                   || seq[seqPos] is Time))
+            {
+                nextUpdate = Time.GetInstance(seq[seqPos++]);
+            }
+
+			if (seqPos < seq.Count
+                && !(seq[seqPos] is DerTaggedObject))
+            {
+				revokedCertificates = Asn1Sequence.GetInstance(seq[seqPos++]);
+			}
+
+			if (seqPos < seq.Count
+                && seq[seqPos] is DerTaggedObject)
+            {
+				crlExtensions = X509Extensions.GetInstance(seq[seqPos]);
+			}
+        }
+
+		public int Version
+        {
+            get { return version.Value.IntValue + 1; }
+        }
+
+		public DerInteger VersionNumber
+        {
+            get { return version; }
+        }
+
+		public AlgorithmIdentifier Signature
+        {
+            get { return signature; }
+        }
+
+		public X509Name Issuer
+        {
+            get { return issuer; }
+        }
+
+		public Time ThisUpdate
+        {
+            get { return thisUpdate; }
+        }
+
+		public Time NextUpdate
+        {
+            get { return nextUpdate; }
+        }
+
+		public CrlEntry[] GetRevokedCertificates()
+        {
+			if (revokedCertificates == null)
+			{
+				return new CrlEntry[0];
+			}
+
+			CrlEntry[] entries = new CrlEntry[revokedCertificates.Count];
+
+			for (int i = 0; i < entries.Length; i++)
+			{
+				entries[i] = new CrlEntry(Asn1Sequence.GetInstance(revokedCertificates[i]));
+			}
+
+			return entries;
+		}
+
+		public IEnumerable GetRevokedCertificateEnumeration()
+		{
+			if (revokedCertificates == null)
+			{
+				return EmptyEnumerable.Instance;
+			}
+
+			return new RevokedCertificatesEnumeration(revokedCertificates);
+		}
+
+		public X509Extensions Extensions
+        {
+            get { return crlExtensions; }
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/TBSCertificateStructure.cs b/bc-sharp-crypto/src/asn1/x509/TBSCertificateStructure.cs
new file mode 100644
index 0000000..fc7c39b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/TBSCertificateStructure.cs
@@ -0,0 +1,185 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The TbsCertificate object.
+     * <pre>
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      extensions        [ 3 ] Extensions OPTIONAL
+     *      }
+     * </pre>
+     * <p>
+     * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
+     * will parse them, but you really shouldn't be creating new ones.</p>
+     */
+	public class TbsCertificateStructure
+		: Asn1Encodable
+	{
+		internal Asn1Sequence            seq;
+		internal DerInteger              version;
+		internal DerInteger              serialNumber;
+		internal AlgorithmIdentifier     signature;
+		internal X509Name                issuer;
+		internal Time                    startDate, endDate;
+		internal X509Name                subject;
+		internal SubjectPublicKeyInfo    subjectPublicKeyInfo;
+		internal DerBitString            issuerUniqueID;
+		internal DerBitString            subjectUniqueID;
+		internal X509Extensions          extensions;
+
+		public static TbsCertificateStructure GetInstance(
+			Asn1TaggedObject	obj,
+			bool				explicitly)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+		}
+
+		public static TbsCertificateStructure GetInstance(
+			object obj)
+		{
+			if (obj is TbsCertificateStructure)
+				return (TbsCertificateStructure) obj;
+
+			if (obj != null)
+				return new TbsCertificateStructure(Asn1Sequence.GetInstance(obj));
+
+			return null;
+		}
+
+		internal TbsCertificateStructure(
+			Asn1Sequence seq)
+		{
+			int seqStart = 0;
+
+			this.seq = seq;
+
+			//
+			// some certficates don't include a version number - we assume v1
+			//
+			if (seq[0] is DerTaggedObject)
+			{
+				version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true);
+			}
+			else
+			{
+				seqStart = -1;          // field 0 is missing!
+				version = new DerInteger(0);
+			}
+
+			serialNumber = DerInteger.GetInstance(seq[seqStart + 1]);
+
+			signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]);
+			issuer = X509Name.GetInstance(seq[seqStart + 3]);
+
+			//
+			// before and after dates
+			//
+			Asn1Sequence  dates = (Asn1Sequence)seq[seqStart + 4];
+
+			startDate = Time.GetInstance(dates[0]);
+			endDate = Time.GetInstance(dates[1]);
+
+			subject = X509Name.GetInstance(seq[seqStart + 5]);
+
+			//
+			// public key info.
+			//
+			subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]);
+
+			for (int extras = seq.Count - (seqStart + 6) - 1; extras > 0; extras--)
+			{
+				DerTaggedObject extra = (DerTaggedObject) seq[seqStart + 6 + extras];
+
+				switch (extra.TagNo)
+				{
+					case 1:
+						issuerUniqueID = DerBitString.GetInstance(extra, false);
+						break;
+					case 2:
+						subjectUniqueID = DerBitString.GetInstance(extra, false);
+						break;
+					case 3:
+						extensions = X509Extensions.GetInstance(extra);
+						break;
+				}
+			}
+		}
+
+		public int Version
+		{
+			get { return version.Value.IntValue + 1; }
+		}
+
+		public DerInteger VersionNumber
+		{
+			get { return version; }
+		}
+
+		public DerInteger SerialNumber
+		{
+			get { return serialNumber; }
+		}
+
+		public AlgorithmIdentifier Signature
+		{
+			get { return signature; }
+		}
+
+		public X509Name Issuer
+		{
+			get { return issuer; }
+		}
+
+		public Time StartDate
+		{
+			get { return startDate; }
+		}
+
+		public Time EndDate
+		{
+			get { return endDate; }
+		}
+
+		public X509Name Subject
+		{
+			get { return subject; }
+		}
+
+		public SubjectPublicKeyInfo SubjectPublicKeyInfo
+		{
+			get { return subjectPublicKeyInfo; }
+		}
+
+		public DerBitString IssuerUniqueID
+		{
+			get { return issuerUniqueID; }
+        }
+
+		public DerBitString SubjectUniqueID
+        {
+			get { return subjectUniqueID; }
+        }
+
+		public X509Extensions Extensions
+        {
+			get { return extensions; }
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return seq;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/Target.cs b/bc-sharp-crypto/src/asn1/x509/Target.cs
new file mode 100644
index 0000000..7c4f9db
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/Target.cs
@@ -0,0 +1,141 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * Target structure used in target information extension for attribute
+	 * certificates from RFC 3281.
+	 * 
+	 * <pre>
+	 *     Target  ::= CHOICE {
+	 *       targetName          [0] GeneralName,
+	 *       targetGroup         [1] GeneralName,
+	 *       targetCert          [2] TargetCert
+	 *     }
+	 * </pre>
+	 * 
+	 * <p>
+	 * The targetCert field is currently not supported and must not be used
+	 * according to RFC 3281.</p>
+	 */
+	public class Target
+		: Asn1Encodable, IAsn1Choice
+	{
+		public enum Choice
+		{
+			Name = 0,
+			Group = 1
+		};
+
+		private readonly GeneralName targetName;
+		private readonly GeneralName targetGroup;
+
+		/**
+		* Creates an instance of a Target from the given object.
+		* <p>
+		* <code>obj</code> can be a Target or a {@link Asn1TaggedObject}</p>
+		* 
+		* @param obj The object.
+		* @return A Target instance.
+		* @throws ArgumentException if the given object cannot be
+		*             interpreted as Target.
+		*/
+		public static Target GetInstance(
+			object obj)
+		{
+			if (obj is Target)
+			{
+				return (Target) obj;
+			}
+
+			if (obj is Asn1TaggedObject)
+			{
+				return new Target((Asn1TaggedObject) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor from Asn1TaggedObject.
+		 * 
+		 * @param tagObj The tagged object.
+		 * @throws ArgumentException if the encoding is wrong.
+		 */
+		private Target(
+			Asn1TaggedObject tagObj)
+		{
+			switch ((Choice) tagObj.TagNo)
+			{
+				case Choice.Name:	// GeneralName is already a choice so explicit
+					targetName = GeneralName.GetInstance(tagObj, true);
+					break;
+				case Choice.Group:
+					targetGroup = GeneralName.GetInstance(tagObj, true);
+					break;
+				default:
+					throw new ArgumentException("unknown tag: " + tagObj.TagNo);
+			}
+		}
+
+		/**
+		 * Constructor from given details.
+		 * <p>
+		 * Exactly one of the parameters must be not <code>null</code>.</p>
+		 *
+		 * @param type the choice type to apply to the name.
+		 * @param name the general name.
+		 * @throws ArgumentException if type is invalid.
+		 */
+		public Target(
+			Choice		type,
+			GeneralName	name)
+			: this(new DerTaggedObject((int) type, name))
+		{
+		}
+
+		/**
+		 * @return Returns the targetGroup.
+		 */
+		public virtual GeneralName TargetGroup
+		{
+			get { return targetGroup; }
+		}
+
+		/**
+		 * @return Returns the targetName.
+		 */
+		public virtual GeneralName TargetName
+		{
+			get { return targetName; }
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * 
+		 * Returns:
+		 * 
+		 * <pre>
+		 *     Target  ::= CHOICE {
+		 *       targetName          [0] GeneralName,
+		 *       targetGroup         [1] GeneralName,
+		 *       targetCert          [2] TargetCert
+		 *     }
+		 * </pre>
+		 * 
+		 * @return an Asn1Object
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			// GeneralName is a choice already so most be explicitly tagged
+			if (targetName != null)
+			{
+				return new DerTaggedObject(true, 0, targetName);
+			}
+
+			return new DerTaggedObject(true, 1, targetGroup);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/TargetInformation.cs b/bc-sharp-crypto/src/asn1/x509/TargetInformation.cs
new file mode 100644
index 0000000..2bf2189
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/TargetInformation.cs
@@ -0,0 +1,125 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * Target information extension for attributes certificates according to RFC
+	 * 3281.
+	 * 
+	 * <pre>
+	 *           SEQUENCE OF Targets
+	 * </pre>
+	 * 
+	 */
+	public class TargetInformation
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence targets;
+
+		/**
+		 * Creates an instance of a TargetInformation from the given object.
+		 * <p>
+		 * <code>obj</code> can be a TargetInformation or a {@link Asn1Sequence}</p>
+		 * 
+		 * @param obj The object.
+		 * @return A TargetInformation instance.
+		 * @throws ArgumentException if the given object cannot be interpreted as TargetInformation.
+		 */
+		public static TargetInformation GetInstance(
+			object obj)
+		{
+			if (obj is TargetInformation)
+			{
+				return (TargetInformation) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new TargetInformation((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor from a Asn1Sequence.
+		 * 
+		 * @param seq The Asn1Sequence.
+		 * @throws ArgumentException if the sequence does not contain
+		 *             correctly encoded Targets elements.
+		 */
+		private TargetInformation(
+			Asn1Sequence targets)
+		{
+			this.targets = targets;
+		}
+
+		/**
+		 * Returns the targets in this target information extension.
+		 * <p>
+		 * The ArrayList is cloned before it is returned.</p>
+		 * 
+		 * @return Returns the targets.
+		 */
+		public virtual Targets[] GetTargetsObjects()
+		{
+			Targets[] result = new Targets[targets.Count];
+
+			for (int i = 0; i < targets.Count; ++i)
+			{
+				result[i] = Targets.GetInstance(targets[i]);
+			}
+
+			return result;
+		}
+
+		/**
+		 * Constructs a target information from a single targets element. 
+		 * According to RFC 3281 only one targets element must be produced.
+		 * 
+		 * @param targets A Targets instance.
+		 */
+		public TargetInformation(
+			Targets targets)
+		{
+			this.targets = new DerSequence(targets);
+		}
+
+		/**
+		 * According to RFC 3281 only one targets element must be produced. If
+		 * multiple targets are given they must be merged in
+		 * into one targets element.
+		 *
+		 * @param targets An array with {@link Targets}.
+		 */
+		public TargetInformation(
+			Target[] targets)
+			: this(new Targets(targets))
+		{
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * 
+		 * Returns:
+		 * 
+		 * <pre>
+		 *          SEQUENCE OF Targets
+		 * </pre>
+		 * 
+		 * <p>
+		 * According to RFC 3281 only one targets element must be produced. If
+		 * multiple targets are given in the constructor they are merged into one
+		 * targets element. If this was produced from a
+		 * {@link Org.BouncyCastle.Asn1.Asn1Sequence} the encoding is kept.</p>
+		 * 
+		 * @return an Asn1Object
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return targets;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/Targets.cs b/bc-sharp-crypto/src/asn1/x509/Targets.cs
new file mode 100644
index 0000000..0387e1f
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/Targets.cs
@@ -0,0 +1,123 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/**
+	 * Targets structure used in target information extension for attribute
+	 * certificates from RFC 3281.
+	 * 
+	 * <pre>
+	 *            Targets ::= SEQUENCE OF Target
+	 *           
+	 *            Target  ::= CHOICE {
+	 *              targetName          [0] GeneralName,
+	 *              targetGroup         [1] GeneralName,
+	 *              targetCert          [2] TargetCert
+	 *            }
+	 *           
+	 *            TargetCert  ::= SEQUENCE {
+	 *              targetCertificate    IssuerSerial,
+	 *              targetName           GeneralName OPTIONAL,
+	 *              certDigestInfo       ObjectDigestInfo OPTIONAL
+	 *            }
+	 * </pre>
+	 * 
+	 * @see org.bouncycastle.asn1.x509.Target
+	 * @see org.bouncycastle.asn1.x509.TargetInformation
+	 */
+	public class Targets
+		: Asn1Encodable
+	{
+		private readonly Asn1Sequence targets;
+
+		/**
+		 * Creates an instance of a Targets from the given object.
+		 * <p>
+		 * <code>obj</code> can be a Targets or a {@link Asn1Sequence}</p>
+		 * 
+		 * @param obj The object.
+		 * @return A Targets instance.
+		 * @throws ArgumentException if the given object cannot be interpreted as Target.
+		 */
+		public static Targets GetInstance(
+			object obj)
+		{
+			if (obj is Targets)
+			{
+				return (Targets) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new Targets((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		 * Constructor from Asn1Sequence.
+		 * 
+		 * @param targets The ASN.1 SEQUENCE.
+		 * @throws ArgumentException if the contents of the sequence are
+		 *             invalid.
+		 */
+		private Targets(
+			Asn1Sequence targets)
+		{
+			this.targets = targets;
+		}
+
+		/**
+		 * Constructor from given targets.
+		 * <p>
+		 * The ArrayList is copied.</p>
+		 * 
+		 * @param targets An <code>ArrayList</code> of {@link Target}s.
+		 * @see Target
+		 * @throws ArgumentException if the ArrayList contains not only Targets.
+		 */
+		public Targets(
+			Target[] targets)
+		{
+			this.targets = new DerSequence(targets);
+		}
+
+		/**
+		 * Returns the targets in an <code>ArrayList</code>.
+		 * <p>
+		 * The ArrayList is cloned before it is returned.</p>
+		 * 
+		 * @return Returns the targets.
+		 */
+		public virtual Target[] GetTargets()
+		{
+			Target[] result = new Target[targets.Count];
+
+			for (int i = 0; i < targets.Count; ++i)
+			{
+				result[i] = Target.GetInstance(targets[i]);
+			}
+
+			return result;
+		}
+
+		/**
+		 * Produce an object suitable for an Asn1OutputStream.
+		 * 
+		 * Returns:
+		 * 
+		 * <pre>
+		 *            Targets ::= SEQUENCE OF Target
+		 * </pre>
+		 * 
+		 * @return an Asn1Object
+		 */
+		public override Asn1Object ToAsn1Object()
+		{
+			return targets;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/Time.cs b/bc-sharp-crypto/src/asn1/x509/Time.cs
new file mode 100644
index 0000000..fa3936d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/Time.cs
@@ -0,0 +1,122 @@
+using System;
+using System.Globalization;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class Time
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly Asn1Object time;
+
+        public static Time GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(obj.GetObject());
+        }
+
+        public Time(
+            Asn1Object time)
+        {
+            if (time == null)
+                throw new ArgumentNullException("time");
+            if (!(time is DerUtcTime) && !(time is DerGeneralizedTime))
+                throw new ArgumentException("unknown object passed to Time");
+
+            this.time = time;
+        }
+
+        /**
+         * creates a time object from a given date - if the date is between 1950
+         * and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime
+         * is used.
+         */
+        public Time(
+            DateTime date)
+        {
+#if PORTABLE
+            string d = date.ToUniversalTime().ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z";
+#else
+            string d = date.ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z";
+#endif
+
+            int year = int.Parse(d.Substring(0, 4));
+
+            if (year < 1950 || year > 2049)
+            {
+                time = new DerGeneralizedTime(d);
+            }
+            else
+            {
+                time = new DerUtcTime(d.Substring(2));
+            }
+        }
+
+        public static Time GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Time)
+                return (Time)obj;
+            if (obj is DerUtcTime)
+                return new Time((DerUtcTime)obj);
+            if (obj is DerGeneralizedTime)
+                return new Time((DerGeneralizedTime)obj);
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+        }
+
+        public string GetTime()
+        {
+            if (time is DerUtcTime)
+            {
+                return ((DerUtcTime) time).AdjustedTimeString;
+            }
+
+            return ((DerGeneralizedTime) time).GetTime();
+        }
+
+        /// <summary>
+        /// Return our time as DateTime.
+        /// </summary>
+        /// <returns>A date time.</returns>
+        public DateTime ToDateTime()
+        {
+            try
+            {
+                if (time is DerUtcTime)
+                {
+                    return ((DerUtcTime)time).ToAdjustedDateTime();
+                }
+                else
+                {
+                    return ((DerGeneralizedTime)time).ToDateTime();
+                }
+            }
+            catch (FormatException e)
+            {
+                // this should never happen
+                throw new InvalidOperationException("invalid date string: " + e.Message);
+            }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Time ::= CHOICE {
+         *             utcTime        UTCTime,
+         *             generalTime    GeneralizedTime }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return time;
+        }
+
+        public override string ToString()
+        {
+            return GetTime();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/UserNotice.cs b/bc-sharp-crypto/src/asn1/x509/UserNotice.cs
new file mode 100644
index 0000000..f409164
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/UserNotice.cs
@@ -0,0 +1,130 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * <code>UserNotice</code> class, used in
+     * <code>CertificatePolicies</code> X509 extensions (in policy
+     * qualifiers).
+     * <pre>
+     * UserNotice ::= Sequence {
+     *      noticeRef        NoticeReference OPTIONAL,
+     *      explicitText     DisplayText OPTIONAL}
+     *
+     * </pre>
+     *
+     * @see PolicyQualifierId
+     * @see PolicyInformation
+     */
+    public class UserNotice
+        : Asn1Encodable
+    {
+        private readonly NoticeReference noticeRef;
+        private readonly DisplayText explicitText;
+
+        /**
+         * Creates a new <code>UserNotice</code> instance.
+         *
+         * @param noticeRef a <code>NoticeReference</code> value
+         * @param explicitText a <code>DisplayText</code> value
+         */
+        public UserNotice(
+            NoticeReference	noticeRef,
+            DisplayText		explicitText)
+        {
+            this.noticeRef = noticeRef;
+            this.explicitText = explicitText;
+        }
+
+        /**
+         * Creates a new <code>UserNotice</code> instance.
+         *
+         * @param noticeRef a <code>NoticeReference</code> value
+         * @param str the explicitText field as a string.
+         */
+        public UserNotice(
+            NoticeReference	noticeRef,
+            string			str)
+            : this(noticeRef, new DisplayText(str))
+        {
+        }
+
+        /**
+         * Creates a new <code>UserNotice</code> instance.
+         * <p>Useful from reconstructing a <code>UserNotice</code> instance
+         * from its encodable/encoded form.
+         *
+         * @param as an <code>ASN1Sequence</code> value obtained from either
+         * calling @{link toASN1Object()} for a <code>UserNotice</code>
+         * instance or from parsing it from a DER-encoded stream.</p>
+         */
+        [Obsolete("Use GetInstance() instead")]
+        public UserNotice(
+            Asn1Sequence seq)
+        {
+            if (seq.Count == 2)
+            {
+                noticeRef = NoticeReference.GetInstance(seq[0]);
+                explicitText = DisplayText.GetInstance(seq[1]);
+            }
+            else if (seq.Count == 1)
+            {
+                if (seq[0].ToAsn1Object() is Asn1Sequence)
+                {
+                    noticeRef = NoticeReference.GetInstance(seq[0]);
+                    explicitText = null;
+                }
+                else
+                {
+                    noticeRef = null;
+                    explicitText = DisplayText.GetInstance(seq[0]);
+                }
+            }
+            else if (seq.Count == 0)
+            {
+                noticeRef = null;       // neither field set!
+                explicitText = null;
+            }
+            else
+            {
+                throw new ArgumentException("Bad sequence size: " + seq.Count);
+            }
+        }
+
+        public static UserNotice GetInstance(object obj)
+        {
+            if (obj is UserNotice)
+                return (UserNotice)obj;
+            if (obj == null)
+                return null;
+            return new UserNotice(Asn1Sequence.GetInstance(obj));
+        }
+
+        public virtual NoticeReference NoticeRef
+        {
+            get { return noticeRef; }
+        }
+
+        public virtual DisplayText ExplicitText
+        {
+            get { return explicitText; }
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector av = new Asn1EncodableVector();
+
+            if (noticeRef != null)
+            {
+                av.Add(noticeRef);
+            }
+
+            if (explicitText != null)
+            {
+                av.Add(explicitText);
+            }
+
+            return new DerSequence(av);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/V1TBSCertificateGenerator.cs b/bc-sharp-crypto/src/asn1/x509/V1TBSCertificateGenerator.cs
new file mode 100644
index 0000000..20b525a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/V1TBSCertificateGenerator.cs
@@ -0,0 +1,108 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Generator for Version 1 TbsCertificateStructures.
+     * <pre>
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      }
+     * </pre>
+     *
+     */
+    public class V1TbsCertificateGenerator
+    {
+        internal DerTaggedObject		version = new DerTaggedObject(0, new DerInteger(0));
+        internal DerInteger				serialNumber;
+        internal AlgorithmIdentifier	signature;
+        internal X509Name				issuer;
+        internal Time					startDate, endDate;
+        internal X509Name				subject;
+        internal SubjectPublicKeyInfo	subjectPublicKeyInfo;
+
+		public V1TbsCertificateGenerator()
+        {
+        }
+
+		public void SetSerialNumber(
+            DerInteger serialNumber)
+        {
+            this.serialNumber = serialNumber;
+        }
+
+		public void SetSignature(
+            AlgorithmIdentifier signature)
+        {
+            this.signature = signature;
+        }
+
+		public void SetIssuer(
+            X509Name issuer)
+        {
+            this.issuer = issuer;
+        }
+
+		public void SetStartDate(
+            Time startDate)
+        {
+            this.startDate = startDate;
+        }
+
+		public void SetStartDate(
+            DerUtcTime startDate)
+        {
+            this.startDate = new Time(startDate);
+        }
+
+		public void SetEndDate(
+            Time endDate)
+        {
+            this.endDate = endDate;
+        }
+
+		public void SetEndDate(
+            DerUtcTime endDate)
+        {
+            this.endDate = new Time(endDate);
+        }
+
+		public void SetSubject(
+            X509Name subject)
+        {
+            this.subject = subject;
+        }
+
+		public void SetSubjectPublicKeyInfo(
+            SubjectPublicKeyInfo pubKeyInfo)
+        {
+            this.subjectPublicKeyInfo = pubKeyInfo;
+        }
+
+		public TbsCertificateStructure GenerateTbsCertificate()
+        {
+            if ((serialNumber == null) || (signature == null)
+                || (issuer == null) || (startDate == null) || (endDate == null)
+                || (subject == null) || (subjectPublicKeyInfo == null))
+            {
+                throw new InvalidOperationException("not all mandatory fields set in V1 TBScertificate generator");
+            }
+
+			return new TbsCertificateStructure(
+				new DerSequence(
+					//version, - not required as default value
+					serialNumber,
+					signature,
+					issuer,
+					new DerSequence(startDate, endDate), // before and after dates
+					subject,
+					subjectPublicKeyInfo));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs b/bc-sharp-crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs
new file mode 100644
index 0000000..02580b5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs
@@ -0,0 +1,137 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Generator for Version 2 AttributeCertificateInfo
+     * <pre>
+     * AttributeCertificateInfo ::= Sequence {
+     *       version              AttCertVersion -- version is v2,
+     *       holder               Holder,
+     *       issuer               AttCertIssuer,
+     *       signature            AlgorithmIdentifier,
+     *       serialNumber         CertificateSerialNumber,
+     *       attrCertValidityPeriod   AttCertValidityPeriod,
+     *       attributes           Sequence OF Attr,
+     *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+     *       extensions           Extensions OPTIONAL
+     * }
+     * </pre>
+     *
+     */
+    public class V2AttributeCertificateInfoGenerator
+    {
+        internal DerInteger				version;
+        internal Holder					holder;
+        internal AttCertIssuer			issuer;
+        internal AlgorithmIdentifier	signature;
+        internal DerInteger				serialNumber;
+//        internal AttCertValidityPeriod	attrCertValidityPeriod;
+        internal Asn1EncodableVector	attributes;
+        internal DerBitString			issuerUniqueID;
+        internal X509Extensions			extensions;
+        internal DerGeneralizedTime		startDate, endDate;
+
+		public V2AttributeCertificateInfoGenerator()
+        {
+            this.version = new DerInteger(1);
+            attributes = new Asn1EncodableVector();
+        }
+
+		public void SetHolder(
+			Holder holder)
+        {
+            this.holder = holder;
+        }
+
+		public void AddAttribute(
+			string			oid,
+			Asn1Encodable	value)
+        {
+            attributes.Add(new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value)));
+        }
+
+		/**
+         * @param attribute
+         */
+        public void AddAttribute(AttributeX509 attribute)
+        {
+            attributes.Add(attribute);
+        }
+
+		public void SetSerialNumber(
+            DerInteger serialNumber)
+        {
+            this.serialNumber = serialNumber;
+        }
+
+		public void SetSignature(
+            AlgorithmIdentifier signature)
+        {
+            this.signature = signature;
+        }
+
+		public void SetIssuer(
+            AttCertIssuer issuer)
+        {
+            this.issuer = issuer;
+        }
+
+		public void SetStartDate(
+            DerGeneralizedTime startDate)
+        {
+            this.startDate = startDate;
+        }
+
+		public void SetEndDate(
+            DerGeneralizedTime endDate)
+        {
+            this.endDate = endDate;
+        }
+
+		public void SetIssuerUniqueID(
+            DerBitString issuerUniqueID)
+        {
+            this.issuerUniqueID = issuerUniqueID;
+        }
+
+		public void SetExtensions(
+            X509Extensions extensions)
+        {
+            this.extensions = extensions;
+        }
+
+		public AttributeCertificateInfo GenerateAttributeCertificateInfo()
+        {
+            if ((serialNumber == null) || (signature == null)
+                || (issuer == null) || (startDate == null) || (endDate == null)
+                || (holder == null) || (attributes == null))
+            {
+                throw new InvalidOperationException("not all mandatory fields set in V2 AttributeCertificateInfo generator");
+            }
+
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				version, holder, issuer, signature, serialNumber);
+
+			//
+            // before and after dates => AttCertValidityPeriod
+            //
+            v.Add(new AttCertValidityPeriod(startDate, endDate));
+
+			// Attributes
+            v.Add(new DerSequence(attributes));
+
+			if (issuerUniqueID != null)
+            {
+                v.Add(issuerUniqueID);
+            }
+
+			if (extensions != null)
+            {
+                v.Add(extensions);
+            }
+
+			return AttributeCertificateInfo.GetInstance(new DerSequence(v));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/V2Form.cs b/bc-sharp-crypto/src/asn1/x509/V2Form.cs
new file mode 100644
index 0000000..2c6e54a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/V2Form.cs
@@ -0,0 +1,137 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class V2Form
+        : Asn1Encodable
+    {
+        internal GeneralNames        issuerName;
+        internal IssuerSerial        baseCertificateID;
+        internal ObjectDigestInfo    objectDigestInfo;
+
+        public static V2Form GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static V2Form GetInstance(object obj)
+        {
+            if (obj is V2Form)
+                return (V2Form)obj;
+            if (obj != null)
+                return new V2Form(Asn1Sequence.GetInstance(obj));
+            return null;
+        }
+
+        public V2Form(GeneralNames issuerName)
+            : this(issuerName, null, null)
+        {
+        }
+
+        public V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID)
+            : this(issuerName, baseCertificateID, null)
+        {
+        }
+
+        public V2Form(GeneralNames issuerName, ObjectDigestInfo objectDigestInfo)
+            : this(issuerName, null, objectDigestInfo)
+        {
+        }
+
+        public V2Form(
+            GeneralNames issuerName,
+            IssuerSerial baseCertificateID,
+            ObjectDigestInfo objectDigestInfo)
+        {
+            this.issuerName = issuerName;
+            this.baseCertificateID = baseCertificateID;
+            this.objectDigestInfo = objectDigestInfo;
+        }
+
+        private V2Form(
+            Asn1Sequence seq)
+        {
+            if (seq.Count > 3)
+            {
+                throw new ArgumentException("Bad sequence size: " + seq.Count);
+            }
+
+            int index = 0;
+
+            if (!(seq[0] is Asn1TaggedObject))
+            {
+                index++;
+                this.issuerName = GeneralNames.GetInstance(seq[0]);
+            }
+
+            for (int i = index; i != seq.Count; i++)
+            {
+                Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]);
+                if (o.TagNo == 0)
+                {
+                    baseCertificateID = IssuerSerial.GetInstance(o, false);
+                }
+                else if (o.TagNo == 1)
+                {
+                    objectDigestInfo = ObjectDigestInfo.GetInstance(o, false);
+                }
+                else
+                {
+                    throw new ArgumentException("Bad tag number: " + o.TagNo);
+                }
+            }
+        }
+
+        public GeneralNames IssuerName
+        {
+            get { return issuerName; }
+        }
+
+        public IssuerSerial BaseCertificateID
+        {
+            get { return baseCertificateID; }
+        }
+
+        public ObjectDigestInfo ObjectDigestInfo
+        {
+            get { return objectDigestInfo; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  V2Form ::= Sequence {
+         *       issuerName            GeneralNames  OPTIONAL,
+         *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
+         *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
+         *         -- issuerName MUST be present in this profile
+         *         -- baseCertificateID and objectDigestInfo MUST NOT
+         *         -- be present in this profile
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (issuerName != null)
+            {
+                v.Add(issuerName);
+            }
+
+            if (baseCertificateID != null)
+            {
+                v.Add(new DerTaggedObject(false, 0, baseCertificateID));
+            }
+
+            if (objectDigestInfo != null)
+            {
+                v.Add(new DerTaggedObject(false, 1, objectDigestInfo));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/V2TBSCertListGenerator.cs b/bc-sharp-crypto/src/asn1/x509/V2TBSCertListGenerator.cs
new file mode 100644
index 0000000..2c92918
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/V2TBSCertListGenerator.cs
@@ -0,0 +1,201 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Generator for Version 2 TbsCertList structures.
+     * <pre>
+     *  TbsCertList  ::=  Sequence  {
+     *       version                 Version OPTIONAL,
+     *                                    -- if present, shall be v2
+     *       signature               AlgorithmIdentifier,
+     *       issuer                  Name,
+     *       thisUpdate              Time,
+     *       nextUpdate              Time OPTIONAL,
+     *       revokedCertificates     Sequence OF Sequence  {
+     *            userCertificate         CertificateSerialNumber,
+     *            revocationDate          Time,
+     *            crlEntryExtensions      Extensions OPTIONAL
+     *                                          -- if present, shall be v2
+     *                                 }  OPTIONAL,
+     *       crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+     *                                          -- if present, shall be v2
+     *                                 }
+     * </pre>
+     *
+     * <b>Note: This class may be subject to change</b>
+     */
+    public class V2TbsCertListGenerator
+    {
+        private DerInteger			version = new DerInteger(1);
+        private AlgorithmIdentifier	signature;
+        private X509Name			issuer;
+        private Time				thisUpdate, nextUpdate;
+        private X509Extensions		extensions;
+        private IList			    crlEntries;
+
+		public V2TbsCertListGenerator()
+        {
+        }
+
+		public void SetSignature(
+            AlgorithmIdentifier signature)
+        {
+            this.signature = signature;
+        }
+
+		public void SetIssuer(
+            X509Name issuer)
+        {
+            this.issuer = issuer;
+        }
+
+		public void SetThisUpdate(
+            DerUtcTime thisUpdate)
+        {
+            this.thisUpdate = new Time(thisUpdate);
+        }
+
+		public void SetNextUpdate(
+            DerUtcTime nextUpdate)
+        {
+            this.nextUpdate = (nextUpdate != null)
+				?	new Time(nextUpdate)
+				:	null;
+        }
+
+		public void SetThisUpdate(
+            Time thisUpdate)
+        {
+            this.thisUpdate = thisUpdate;
+        }
+
+		public void SetNextUpdate(
+            Time nextUpdate)
+        {
+            this.nextUpdate = nextUpdate;
+        }
+
+		public void AddCrlEntry(
+			Asn1Sequence crlEntry)
+		{
+			if (crlEntries == null)
+			{
+				crlEntries = Platform.CreateArrayList();
+			}
+
+			crlEntries.Add(crlEntry);
+		}
+
+		public void AddCrlEntry(DerInteger userCertificate, DerUtcTime revocationDate, int reason)
+		{
+			AddCrlEntry(userCertificate, new Time(revocationDate), reason);
+		}
+
+		public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason)
+		{
+			AddCrlEntry(userCertificate, revocationDate, reason, null);
+		}
+
+		public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason,
+			DerGeneralizedTime invalidityDate)
+		{
+            IList extOids = Platform.CreateArrayList();
+            IList extValues = Platform.CreateArrayList();
+
+			if (reason != 0)
+			{
+				CrlReason crlReason = new CrlReason(reason);
+
+				try
+				{
+					extOids.Add(X509Extensions.ReasonCode);
+					extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
+				}
+				catch (IOException e)
+				{
+					throw new ArgumentException("error encoding reason: " + e);
+				}
+			}
+
+			if (invalidityDate != null)
+			{
+				try
+				{
+					extOids.Add(X509Extensions.InvalidityDate);
+					extValues.Add(new X509Extension(false, new DerOctetString(invalidityDate.GetEncoded())));
+				}
+				catch (IOException e)
+				{
+					throw new ArgumentException("error encoding invalidityDate: " + e);
+				}
+			}
+
+			if (extOids.Count != 0)
+			{
+				AddCrlEntry(userCertificate, revocationDate, new X509Extensions(extOids, extValues));
+			}
+			else
+			{
+				AddCrlEntry(userCertificate, revocationDate, null);
+			}
+		}
+
+		public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, X509Extensions extensions)
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				userCertificate, revocationDate);
+
+			if (extensions != null)
+			{
+				v.Add(extensions);
+			}
+
+			AddCrlEntry(new DerSequence(v));
+		}
+
+		public void SetExtensions(
+            X509Extensions extensions)
+        {
+            this.extensions = extensions;
+        }
+
+		public TbsCertificateList GenerateTbsCertList()
+        {
+            if ((signature == null) || (issuer == null) || (thisUpdate == null))
+            {
+                throw new InvalidOperationException("Not all mandatory fields set in V2 TbsCertList generator.");
+            }
+
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				version, signature, issuer, thisUpdate);
+
+			if (nextUpdate != null)
+            {
+                v.Add(nextUpdate);
+            }
+
+			// Add CRLEntries if they exist
+            if (crlEntries != null)
+            {
+                Asn1Sequence[] certs = new Asn1Sequence[crlEntries.Count];
+                for (int i = 0; i < crlEntries.Count; ++i)
+                {
+                    certs[i] = (Asn1Sequence)crlEntries[i];
+                }
+				v.Add(new DerSequence(certs));
+            }
+
+			if (extensions != null)
+            {
+                v.Add(new DerTaggedObject(0, extensions));
+            }
+
+			return new TbsCertificateList(new DerSequence(v));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/V3TBSCertificateGenerator.cs b/bc-sharp-crypto/src/asn1/x509/V3TBSCertificateGenerator.cs
new file mode 100644
index 0000000..beb469a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/V3TBSCertificateGenerator.cs
@@ -0,0 +1,168 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * Generator for Version 3 TbsCertificateStructures.
+     * <pre>
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      extensions        [ 3 ] Extensions OPTIONAL
+     *      }
+     * </pre>
+     *
+     */
+    public class V3TbsCertificateGenerator
+    {
+        internal DerTaggedObject         version = new DerTaggedObject(0, new DerInteger(2));
+        internal DerInteger              serialNumber;
+        internal AlgorithmIdentifier     signature;
+        internal X509Name                issuer;
+        internal Time                    startDate, endDate;
+        internal X509Name                subject;
+        internal SubjectPublicKeyInfo    subjectPublicKeyInfo;
+        internal X509Extensions          extensions;
+
+		private bool altNamePresentAndCritical;
+		private DerBitString issuerUniqueID;
+		private DerBitString subjectUniqueID;
+
+		public V3TbsCertificateGenerator()
+        {
+        }
+
+		public void SetSerialNumber(
+            DerInteger serialNumber)
+        {
+            this.serialNumber = serialNumber;
+        }
+
+		public void SetSignature(
+            AlgorithmIdentifier signature)
+        {
+            this.signature = signature;
+        }
+
+		public void SetIssuer(
+            X509Name issuer)
+        {
+            this.issuer = issuer;
+        }
+
+		public void SetStartDate(
+            DerUtcTime startDate)
+        {
+            this.startDate = new Time(startDate);
+        }
+
+		public void SetStartDate(
+            Time startDate)
+        {
+            this.startDate = startDate;
+        }
+
+		public void SetEndDate(
+            DerUtcTime endDate)
+        {
+            this.endDate = new Time(endDate);
+        }
+
+		public void SetEndDate(
+            Time endDate)
+        {
+            this.endDate = endDate;
+        }
+
+		public void SetSubject(
+            X509Name subject)
+        {
+            this.subject = subject;
+        }
+
+		public void SetIssuerUniqueID(
+			DerBitString uniqueID)
+		{
+			this.issuerUniqueID = uniqueID;
+		}
+
+		public void SetSubjectUniqueID(
+			DerBitString uniqueID)
+		{
+			this.subjectUniqueID = uniqueID;
+		}
+
+		public void SetSubjectPublicKeyInfo(
+            SubjectPublicKeyInfo pubKeyInfo)
+        {
+            this.subjectPublicKeyInfo = pubKeyInfo;
+        }
+
+		public void SetExtensions(
+            X509Extensions extensions)
+        {
+            this.extensions = extensions;
+
+			if (extensions != null)
+			{
+				X509Extension altName = extensions.GetExtension(X509Extensions.SubjectAlternativeName);
+
+				if (altName != null && altName.IsCritical)
+				{
+					altNamePresentAndCritical = true;
+				}
+			}
+		}
+
+		public TbsCertificateStructure GenerateTbsCertificate()
+        {
+            if ((serialNumber == null) || (signature == null)
+                || (issuer == null) || (startDate == null) || (endDate == null)
+				|| (subject == null && !altNamePresentAndCritical)
+				|| (subjectPublicKeyInfo == null))
+            {
+                throw new InvalidOperationException("not all mandatory fields set in V3 TBScertificate generator");
+            }
+
+			DerSequence validity = new DerSequence(startDate, endDate); // before and after dates
+
+			Asn1EncodableVector v = new Asn1EncodableVector(
+				version, serialNumber, signature, issuer, validity);
+
+			if (subject != null)
+			{
+				v.Add(subject);
+			}
+			else
+			{
+				v.Add(DerSequence.Empty);
+			}
+
+			v.Add(subjectPublicKeyInfo);
+
+			if (issuerUniqueID != null)
+			{
+				v.Add(new DerTaggedObject(false, 1, issuerUniqueID));
+			}
+
+			if (subjectUniqueID != null)
+			{
+				v.Add(new DerTaggedObject(false, 2, subjectUniqueID));
+			}
+
+			if (extensions != null)
+            {
+                v.Add(new DerTaggedObject(3, extensions));
+            }
+
+			return new TbsCertificateStructure(new DerSequence(v));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509Attributes.cs b/bc-sharp-crypto/src/asn1/x509/X509Attributes.cs
new file mode 100644
index 0000000..291329a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509Attributes.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	public class X509Attributes
+	{
+		public static readonly DerObjectIdentifier RoleSyntax = new DerObjectIdentifier("2.5.4.72");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509CertificateStructure.cs b/bc-sharp-crypto/src/asn1/x509/X509CertificateStructure.cs
new file mode 100644
index 0000000..6e7c85d
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509CertificateStructure.cs
@@ -0,0 +1,132 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * an X509Certificate structure.
+     * <pre>
+     *  Certificate ::= Sequence {
+     *      tbsCertificate          TbsCertificate,
+     *      signatureAlgorithm      AlgorithmIdentifier,
+     *      signature               BIT STRING
+     *  }
+     * </pre>
+     */
+    public class X509CertificateStructure
+        : Asn1Encodable
+    {
+        private readonly TbsCertificateStructure	tbsCert;
+        private readonly AlgorithmIdentifier		sigAlgID;
+        private readonly DerBitString				sig;
+
+        public static X509CertificateStructure GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static X509CertificateStructure GetInstance(
+            object obj)
+        {
+            if (obj is X509CertificateStructure)
+                return (X509CertificateStructure)obj;
+            if (obj == null)
+                return null;
+            return new X509CertificateStructure(Asn1Sequence.GetInstance(obj));
+        }
+
+        public X509CertificateStructure(
+            TbsCertificateStructure	tbsCert,
+            AlgorithmIdentifier		sigAlgID,
+            DerBitString			sig)
+        {
+            if (tbsCert == null)
+                throw new ArgumentNullException("tbsCert");
+            if (sigAlgID == null)
+                throw new ArgumentNullException("sigAlgID");
+            if (sig == null)
+                throw new ArgumentNullException("sig");
+
+            this.tbsCert = tbsCert;
+            this.sigAlgID = sigAlgID;
+            this.sig = sig;
+        }
+
+        private X509CertificateStructure(
+            Asn1Sequence seq)
+        {
+            if (seq.Count != 3)
+                throw new ArgumentException("sequence wrong size for a certificate", "seq");
+
+            //
+            // correct x509 certficate
+            //
+            tbsCert = TbsCertificateStructure.GetInstance(seq[0]);
+            sigAlgID = AlgorithmIdentifier.GetInstance(seq[1]);
+            sig = DerBitString.GetInstance(seq[2]);
+        }
+
+        public TbsCertificateStructure TbsCertificate
+        {
+            get { return tbsCert; }
+        }
+
+        public int Version
+        {
+            get { return tbsCert.Version; }
+        }
+
+        public DerInteger SerialNumber
+        {
+            get { return tbsCert.SerialNumber; }
+        }
+
+        public X509Name Issuer
+        {
+            get { return tbsCert.Issuer; }
+        }
+
+        public Time StartDate
+        {
+            get { return tbsCert.StartDate; }
+        }
+
+        public Time EndDate
+        {
+            get { return tbsCert.EndDate; }
+        }
+
+        public X509Name Subject
+        {
+            get { return tbsCert.Subject; }
+        }
+
+        public SubjectPublicKeyInfo SubjectPublicKeyInfo
+        {
+            get { return tbsCert.SubjectPublicKeyInfo; }
+        }
+
+        public AlgorithmIdentifier SignatureAlgorithm
+        {
+            get { return sigAlgID; }
+        }
+
+        public DerBitString Signature
+        {
+            get { return sig; }
+        }
+
+        public byte[] GetSignatureOctets()
+        {
+            return sig.GetOctets();
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(tbsCert, sigAlgID, sig);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509DefaultEntryConverter.cs b/bc-sharp-crypto/src/asn1/x509/X509DefaultEntryConverter.cs
new file mode 100644
index 0000000..7282ead
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509DefaultEntryConverter.cs
@@ -0,0 +1,63 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * The default converter for X509 DN entries when going from their
+     * string value to ASN.1 strings.
+     */
+    public class X509DefaultEntryConverter
+        : X509NameEntryConverter
+    {
+        /**
+         * Apply default conversion for the given value depending on the oid
+         * and the character range of the value.
+         *
+         * @param oid the object identifier for the DN entry
+         * @param value the value associated with it
+         * @return the ASN.1 equivalent for the string value.
+         */
+        public override Asn1Object GetConvertedValue(
+            DerObjectIdentifier	oid,
+            string				value)
+        {
+            if (value.Length != 0 && value[0] == '#')
+            {
+				try
+				{
+					return ConvertHexEncoded(value, 1);
+				}
+				catch (IOException)
+				{
+					throw new Exception("can't recode value for oid " + oid.Id);
+				}
+			}
+
+			if (value.Length != 0 && value[0] == '\\')
+			{
+				value = value.Substring(1);
+			}
+
+			if (oid.Equals(X509Name.EmailAddress) || oid.Equals(X509Name.DC))
+            {
+                return new DerIA5String(value);
+            }
+
+			if (oid.Equals(X509Name.DateOfBirth)) // accept time string as well as # (for compatibility)
+			{
+				return new DerGeneralizedTime(value);
+			}
+
+			if (oid.Equals(X509Name.C)
+				|| oid.Equals(X509Name.SerialNumber)
+				|| oid.Equals(X509Name.DnQualifier)
+				|| oid.Equals(X509Name.TelephoneNumber))
+			{
+				return new DerPrintableString(value);
+			}
+
+			return new DerUtf8String(value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509Extension.cs b/bc-sharp-crypto/src/asn1/x509/X509Extension.cs
new file mode 100644
index 0000000..430ce44
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509Extension.cs
@@ -0,0 +1,79 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * an object for the elements in the X.509 V3 extension block.
+     */
+    public class X509Extension
+    {
+        internal bool				critical;
+        internal Asn1OctetString	value;
+
+		public X509Extension(
+            DerBoolean		critical,
+            Asn1OctetString	value)
+        {
+            if (critical == null)
+            {
+                throw new ArgumentNullException("critical");
+            }
+
+			this.critical = critical.IsTrue;
+            this.value = value;
+        }
+
+		public X509Extension(
+            bool			critical,
+            Asn1OctetString	value)
+        {
+            this.critical = critical;
+            this.value = value;
+        }
+
+		public bool IsCritical { get { return critical; } }
+
+		public Asn1OctetString Value { get { return value; } }
+
+		public Asn1Encodable GetParsedValue()
+		{
+			return ConvertValueToObject(this);
+		}
+
+		public override int GetHashCode()
+        {
+			int vh = this.Value.GetHashCode();
+
+			return IsCritical ? vh : ~vh;
+        }
+
+		public override bool Equals(
+            object obj)
+        {
+            X509Extension other = obj as X509Extension;
+            if (other == null)
+            {
+                return false;
+            }
+
+			return Value.Equals(other.Value) && IsCritical == other.IsCritical;
+        }
+
+		/// <sumary>Convert the value of the passed in extension to an object.</sumary>
+		/// <param name="ext">The extension to parse.</param>
+		/// <returns>The object the value string contains.</returns>
+		/// <exception cref="ArgumentException">If conversion is not possible.</exception>
+		public static Asn1Object ConvertValueToObject(
+			X509Extension ext)
+		{
+			try
+			{
+				return Asn1Object.FromByteArray(ext.Value.GetOctets());
+			}
+			catch (Exception e)
+			{
+				throw new ArgumentException("can't convert extension", e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509Extensions.cs b/bc-sharp-crypto/src/asn1/x509/X509Extensions.cs
new file mode 100644
index 0000000..049d728
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509Extensions.cs
@@ -0,0 +1,456 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public class X509Extensions
+        : Asn1Encodable
+    {
+		/**
+		 * Subject Directory Attributes
+		 */
+		public static readonly DerObjectIdentifier SubjectDirectoryAttributes = new DerObjectIdentifier("2.5.29.9");
+
+		/**
+         * Subject Key Identifier
+         */
+        public static readonly DerObjectIdentifier SubjectKeyIdentifier = new DerObjectIdentifier("2.5.29.14");
+
+		/**
+         * Key Usage
+         */
+        public static readonly DerObjectIdentifier KeyUsage = new DerObjectIdentifier("2.5.29.15");
+
+		/**
+         * Private Key Usage Period
+         */
+        public static readonly DerObjectIdentifier PrivateKeyUsagePeriod = new DerObjectIdentifier("2.5.29.16");
+
+		/**
+         * Subject Alternative Name
+         */
+        public static readonly DerObjectIdentifier SubjectAlternativeName = new DerObjectIdentifier("2.5.29.17");
+
+		/**
+         * Issuer Alternative Name
+         */
+        public static readonly DerObjectIdentifier IssuerAlternativeName = new DerObjectIdentifier("2.5.29.18");
+
+		/**
+         * Basic Constraints
+         */
+        public static readonly DerObjectIdentifier BasicConstraints = new DerObjectIdentifier("2.5.29.19");
+
+		/**
+         * CRL Number
+         */
+        public static readonly DerObjectIdentifier CrlNumber = new DerObjectIdentifier("2.5.29.20");
+
+		/**
+         * Reason code
+         */
+        public static readonly DerObjectIdentifier ReasonCode = new DerObjectIdentifier("2.5.29.21");
+
+		/**
+         * Hold Instruction Code
+         */
+        public static readonly DerObjectIdentifier InstructionCode = new DerObjectIdentifier("2.5.29.23");
+
+		/**
+         * Invalidity Date
+         */
+        public static readonly DerObjectIdentifier InvalidityDate = new DerObjectIdentifier("2.5.29.24");
+
+		/**
+         * Delta CRL indicator
+         */
+        public static readonly DerObjectIdentifier DeltaCrlIndicator = new DerObjectIdentifier("2.5.29.27");
+
+		/**
+         * Issuing Distribution Point
+         */
+        public static readonly DerObjectIdentifier IssuingDistributionPoint = new DerObjectIdentifier("2.5.29.28");
+
+		/**
+         * Certificate Issuer
+         */
+        public static readonly DerObjectIdentifier CertificateIssuer = new DerObjectIdentifier("2.5.29.29");
+
+		/**
+         * Name Constraints
+         */
+        public static readonly DerObjectIdentifier NameConstraints = new DerObjectIdentifier("2.5.29.30");
+
+		/**
+         * CRL Distribution Points
+         */
+        public static readonly DerObjectIdentifier CrlDistributionPoints = new DerObjectIdentifier("2.5.29.31");
+
+		/**
+         * Certificate Policies
+         */
+        public static readonly DerObjectIdentifier CertificatePolicies = new DerObjectIdentifier("2.5.29.32");
+
+		/**
+         * Policy Mappings
+         */
+        public static readonly DerObjectIdentifier PolicyMappings = new DerObjectIdentifier("2.5.29.33");
+
+		/**
+         * Authority Key Identifier
+         */
+        public static readonly DerObjectIdentifier AuthorityKeyIdentifier = new DerObjectIdentifier("2.5.29.35");
+
+		/**
+         * Policy Constraints
+         */
+        public static readonly DerObjectIdentifier PolicyConstraints = new DerObjectIdentifier("2.5.29.36");
+
+		/**
+         * Extended Key Usage
+         */
+        public static readonly DerObjectIdentifier ExtendedKeyUsage = new DerObjectIdentifier("2.5.29.37");
+
+		/**
+		 * Freshest CRL
+		 */
+		public static readonly DerObjectIdentifier FreshestCrl = new DerObjectIdentifier("2.5.29.46");
+
+		/**
+         * Inhibit Any Policy
+         */
+        public static readonly DerObjectIdentifier InhibitAnyPolicy = new DerObjectIdentifier("2.5.29.54");
+
+		/**
+         * Authority Info Access
+         */
+		public static readonly DerObjectIdentifier AuthorityInfoAccess = new DerObjectIdentifier("1.3.6.1.5.5.7.1.1");
+
+		/**
+		 * Subject Info Access
+		 */
+		public static readonly DerObjectIdentifier SubjectInfoAccess = new DerObjectIdentifier("1.3.6.1.5.5.7.1.11");
+
+		/**
+		 * Logo Type
+		 */
+		public static readonly DerObjectIdentifier LogoType = new DerObjectIdentifier("1.3.6.1.5.5.7.1.12");
+
+		/**
+		 * BiometricInfo
+		 */
+		public static readonly DerObjectIdentifier BiometricInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.1.2");
+
+		/**
+		 * QCStatements
+		 */
+		public static readonly DerObjectIdentifier QCStatements = new DerObjectIdentifier("1.3.6.1.5.5.7.1.3");
+
+		/**
+		 * Audit identity extension in attribute certificates.
+		 */
+		public static readonly DerObjectIdentifier AuditIdentity = new DerObjectIdentifier("1.3.6.1.5.5.7.1.4");
+
+		/**
+		 * NoRevAvail extension in attribute certificates.
+		 */
+		public static readonly DerObjectIdentifier NoRevAvail = new DerObjectIdentifier("2.5.29.56");
+
+		/**
+		 * TargetInformation extension in attribute certificates.
+		 */
+		public static readonly DerObjectIdentifier TargetInformation = new DerObjectIdentifier("2.5.29.55");
+
+        /**
+         * Expired Certificates on CRL extension
+         */
+        public static readonly DerObjectIdentifier ExpiredCertsOnCrl = new DerObjectIdentifier("2.5.29.60");
+
+        private readonly IDictionary extensions = Platform.CreateHashtable();
+        private readonly IList ordering;
+
+		public static X509Extensions GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+		public static X509Extensions GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is X509Extensions)
+            {
+                return (X509Extensions) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new X509Extensions((Asn1Sequence) obj);
+            }
+
+			if (obj is Asn1TaggedObject)
+            {
+                return GetInstance(((Asn1TaggedObject) obj).GetObject());
+            }
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+         * Constructor from Asn1Sequence.
+         *
+         * the extensions are a list of constructed sequences, either with (Oid, OctetString) or (Oid, Boolean, OctetString)
+         */
+        private X509Extensions(
+            Asn1Sequence seq)
+        {
+            this.ordering = Platform.CreateArrayList();
+
+			foreach (Asn1Encodable ae in seq)
+			{
+				Asn1Sequence s = Asn1Sequence.GetInstance(ae.ToAsn1Object());
+
+				if (s.Count < 2 || s.Count > 3)
+					throw new ArgumentException("Bad sequence size: " + s.Count);
+
+				DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(s[0].ToAsn1Object());
+
+				bool isCritical = s.Count == 3
+					&& DerBoolean.GetInstance(s[1].ToAsn1Object()).IsTrue;
+
+				Asn1OctetString octets = Asn1OctetString.GetInstance(s[s.Count - 1].ToAsn1Object());
+
+				extensions.Add(oid, new X509Extension(isCritical, octets));
+				ordering.Add(oid);
+			}
+        }
+
+        /**
+         * constructor from a table of extensions.
+         * <p>
+         * it's is assumed the table contains Oid/string pairs.</p>
+         */
+        public X509Extensions(
+            IDictionary extensions)
+            : this(null, extensions)
+        {
+        }
+
+        /**
+         * Constructor from a table of extensions with ordering.
+         * <p>
+         * It's is assumed the table contains Oid/string pairs.</p>
+         */
+        public X509Extensions(
+            IList       ordering,
+            IDictionary extensions)
+        {
+            if (ordering == null)
+            {
+                this.ordering = Platform.CreateArrayList(extensions.Keys);
+            }
+            else
+            {
+                this.ordering = Platform.CreateArrayList(ordering);
+            }
+
+            foreach (DerObjectIdentifier oid in this.ordering)
+            {
+                this.extensions.Add(oid, (X509Extension)extensions[oid]);
+            }
+        }
+
+        /**
+         * Constructor from two vectors
+         *
+         * @param objectIDs an ArrayList of the object identifiers.
+         * @param values an ArrayList of the extension values.
+         */
+        public X509Extensions(
+            IList oids,
+            IList values)
+        {
+            this.ordering = Platform.CreateArrayList(oids);
+
+            int count = 0;
+            foreach (DerObjectIdentifier oid in this.ordering)
+            {
+                this.extensions.Add(oid, (X509Extension)values[count++]);
+            }
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+		/**
+         * constructor from a table of extensions.
+         * <p>
+         * it's is assumed the table contains Oid/string pairs.</p>
+         */
+        [Obsolete]
+        public X509Extensions(
+            Hashtable extensions)
+             : this(null, extensions)
+        {
+        }
+
+		/**
+         * Constructor from a table of extensions with ordering.
+         * <p>
+         * It's is assumed the table contains Oid/string pairs.</p>
+         */
+        [Obsolete]
+        public X509Extensions(
+            ArrayList	ordering,
+            Hashtable	extensions)
+        {
+            if (ordering == null)
+            {
+                this.ordering = Platform.CreateArrayList(extensions.Keys);
+            }
+            else
+            {
+                this.ordering = Platform.CreateArrayList(ordering);
+            }
+
+            foreach (DerObjectIdentifier oid in this.ordering)
+			{
+				this.extensions.Add(oid, (X509Extension) extensions[oid]);
+			}
+        }
+
+		/**
+		 * Constructor from two vectors
+		 *
+		 * @param objectIDs an ArrayList of the object identifiers.
+		 * @param values an ArrayList of the extension values.
+		 */
+        [Obsolete]
+		public X509Extensions(
+			ArrayList	oids,
+			ArrayList	values)
+		{
+            this.ordering = Platform.CreateArrayList(oids);
+
+            int count = 0;
+			foreach (DerObjectIdentifier oid in this.ordering)
+			{
+				this.extensions.Add(oid, (X509Extension) values[count++]);
+			}
+		}
+#endif
+
+        [Obsolete("Use ExtensionOids IEnumerable property")]
+		public IEnumerator Oids()
+		{
+			return ExtensionOids.GetEnumerator();
+		}
+
+		/**
+		 * return an Enumeration of the extension field's object ids.
+		 */
+		public IEnumerable ExtensionOids
+        {
+			get { return new EnumerableProxy(ordering); }
+        }
+
+		/**
+         * return the extension represented by the object identifier
+         * passed in.
+         *
+         * @return the extension if it's present, null otherwise.
+         */
+        public X509Extension GetExtension(
+            DerObjectIdentifier oid)
+        {
+             return (X509Extension) extensions[oid];
+        }
+
+		/**
+		 * <pre>
+		 *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
+		 *
+		 *     Extension         ::=   SEQUENCE {
+		 *        extnId            EXTENSION.&amp;id ({ExtensionSet}),
+		 *        critical          BOOLEAN DEFAULT FALSE,
+		 *        extnValue         OCTET STRING }
+		 * </pre>
+		 */
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector	vec = new Asn1EncodableVector();
+
+			foreach (DerObjectIdentifier oid in ordering)
+			{
+                X509Extension ext = (X509Extension) extensions[oid];
+                Asn1EncodableVector	v = new Asn1EncodableVector(oid);
+
+				if (ext.IsCritical)
+                {
+                    v.Add(DerBoolean.True);
+                }
+
+				v.Add(ext.Value);
+
+				vec.Add(new DerSequence(v));
+            }
+
+			return new DerSequence(vec);
+        }
+
+		public bool Equivalent(
+			X509Extensions other)
+		{
+			if (extensions.Count != other.extensions.Count)
+				return false;
+
+			foreach (DerObjectIdentifier oid in extensions.Keys)
+			{
+				if (!extensions[oid].Equals(other.extensions[oid]))
+					return false;
+			}
+
+			return true;
+		}
+
+		public DerObjectIdentifier[] GetExtensionOids()
+		{
+			return ToOidArray(ordering);
+		}
+
+		public DerObjectIdentifier[] GetNonCriticalExtensionOids()
+		{
+			return GetExtensionOids(false);
+		}
+
+		public DerObjectIdentifier[] GetCriticalExtensionOids()
+		{
+			return GetExtensionOids(true);
+		}
+
+		private DerObjectIdentifier[] GetExtensionOids(bool isCritical)
+		{
+			IList oids = Platform.CreateArrayList();
+
+			foreach (DerObjectIdentifier oid in this.ordering)
+            {
+				X509Extension ext = (X509Extension)extensions[oid];
+				if (ext.IsCritical == isCritical)
+				{
+					oids.Add(oid);
+				}
+            }
+
+			return ToOidArray(oids);
+		}
+
+		private static DerObjectIdentifier[] ToOidArray(IList oids)
+		{
+			DerObjectIdentifier[] oidArray = new DerObjectIdentifier[oids.Count];
+			oids.CopyTo(oidArray, 0);
+			return oidArray;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509ExtensionsGenerator.cs b/bc-sharp-crypto/src/asn1/x509/X509ExtensionsGenerator.cs
new file mode 100644
index 0000000..d6f567b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509ExtensionsGenerator.cs
@@ -0,0 +1,81 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+	/// <remarks>Generator for X.509 extensions</remarks>
+	public class X509ExtensionsGenerator
+	{
+		private IDictionary extensions = Platform.CreateHashtable();
+        private IList extOrdering = Platform.CreateArrayList();
+
+		/// <summary>Reset the generator</summary>
+		public void Reset()
+		{
+            extensions = Platform.CreateHashtable();
+            extOrdering = Platform.CreateArrayList();
+		}
+
+		/// <summary>
+		/// Add an extension with the given oid and the passed in value to be included
+		/// in the OCTET STRING associated with the extension.
+		/// </summary>
+		/// <param name="oid">OID for the extension.</param>
+		/// <param name="critical">True if critical, false otherwise.</param>
+		/// <param name="extValue">The ASN.1 object to be included in the extension.</param>
+		public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			Asn1Encodable		extValue)
+		{
+			byte[] encoded;
+			try
+			{
+				encoded = extValue.GetDerEncoded();
+			}
+			catch (Exception e)
+			{
+				throw new ArgumentException("error encoding value: " + e);
+			}
+
+			this.AddExtension(oid, critical, encoded);
+		}
+
+		/// <summary>
+		/// Add an extension with the given oid and the passed in byte array to be wrapped
+		/// in the OCTET STRING associated with the extension.
+		/// </summary>
+		/// <param name="oid">OID for the extension.</param>
+		/// <param name="critical">True if critical, false otherwise.</param>
+		/// <param name="extValue">The byte array to be wrapped.</param>
+		public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			byte[]				extValue)
+		{
+			if (extensions.Contains(oid))
+			{
+				throw new ArgumentException("extension " + oid + " already added");
+			}
+
+			extOrdering.Add(oid);
+			extensions.Add(oid, new X509Extension(critical, new DerOctetString(extValue)));
+		}
+
+		/// <summary>Return true if there are no extension present in this generator.</summary>
+		/// <returns>True if empty, false otherwise</returns>
+		public bool IsEmpty
+		{
+			get { return extOrdering.Count < 1; }
+		}
+
+		/// <summary>Generate an X509Extensions object based on the current state of the generator.</summary>
+		/// <returns>An <c>X509Extensions</c> object</returns>
+		public X509Extensions Generate()
+		{
+			return new X509Extensions(extOrdering, extensions);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509Name.cs b/bc-sharp-crypto/src/asn1/x509/X509Name.cs
new file mode 100644
index 0000000..01a7ec0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509Name.cs
@@ -0,0 +1,1077 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+#if SILVERLIGHT || PORTABLE
+using System.Collections.Generic;
+#endif
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+    * <pre>
+    *     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+    *
+    *     RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
+    *
+    *     AttributeTypeAndValue ::= SEQUENCE {
+    *                                   type  OBJECT IDENTIFIER,
+    *                                   value ANY }
+    * </pre>
+    */
+    public class X509Name
+        : Asn1Encodable
+    {
+        /**
+        * country code - StringType(SIZE(2))
+        */
+        public static readonly DerObjectIdentifier C = new DerObjectIdentifier("2.5.4.6");
+
+        /**
+        * organization - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier O = new DerObjectIdentifier("2.5.4.10");
+
+        /**
+        * organizational unit name - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier OU = new DerObjectIdentifier("2.5.4.11");
+
+        /**
+        * Title
+        */
+        public static readonly DerObjectIdentifier T = new DerObjectIdentifier("2.5.4.12");
+
+        /**
+        * common name - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier CN = new DerObjectIdentifier("2.5.4.3");
+
+        /**
+        * street - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier Street = new DerObjectIdentifier("2.5.4.9");
+
+        /**
+        * device serial number name - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier SerialNumber = new DerObjectIdentifier("2.5.4.5");
+
+        /**
+        * locality name - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier L = new DerObjectIdentifier("2.5.4.7");
+
+        /**
+        * state, or province name - StringType(SIZE(1..64))
+        */
+        public static readonly DerObjectIdentifier ST = new DerObjectIdentifier("2.5.4.8");
+
+        /**
+        * Naming attributes of type X520name
+        */
+        public static readonly DerObjectIdentifier Surname = new DerObjectIdentifier("2.5.4.4");
+        public static readonly DerObjectIdentifier GivenName = new DerObjectIdentifier("2.5.4.42");
+        public static readonly DerObjectIdentifier Initials = new DerObjectIdentifier("2.5.4.43");
+        public static readonly DerObjectIdentifier Generation = new DerObjectIdentifier("2.5.4.44");
+        public static readonly DerObjectIdentifier UniqueIdentifier = new DerObjectIdentifier("2.5.4.45");
+
+        /**
+         * businessCategory - DirectoryString(SIZE(1..128)
+         */
+        public static readonly DerObjectIdentifier BusinessCategory = new DerObjectIdentifier(
+                                                                       "2.5.4.15");
+
+        /**
+         * postalCode - DirectoryString(SIZE(1..40)
+         */
+        public static readonly DerObjectIdentifier PostalCode = new DerObjectIdentifier(
+                                                                 "2.5.4.17");
+
+        /**
+         * dnQualifier - DirectoryString(SIZE(1..64)
+         */
+        public static readonly DerObjectIdentifier DnQualifier = new DerObjectIdentifier(
+                                                         "2.5.4.46");
+
+        /**
+         * RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
+         */
+        public static readonly DerObjectIdentifier Pseudonym = new DerObjectIdentifier(
+                                                                "2.5.4.65");
+
+        /**
+         * RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z
+         */
+        public static readonly DerObjectIdentifier DateOfBirth = new DerObjectIdentifier(
+                                                                  "1.3.6.1.5.5.7.9.1");
+
+        /**
+         * RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
+         */
+        public static readonly DerObjectIdentifier PlaceOfBirth = new DerObjectIdentifier(
+                                                                   "1.3.6.1.5.5.7.9.2");
+
+        /**
+         * RFC 3039 DateOfBirth - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
+         */
+        public static readonly DerObjectIdentifier Gender = new DerObjectIdentifier(
+                                                                   "1.3.6.1.5.5.7.9.3");
+
+        /**
+         * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
+         * codes only
+         */
+        public static readonly DerObjectIdentifier CountryOfCitizenship = new DerObjectIdentifier(
+                                                                           "1.3.6.1.5.5.7.9.4");
+
+        /**
+         * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
+         * codes only
+         */
+        public static readonly DerObjectIdentifier CountryOfResidence = new DerObjectIdentifier(
+                                                                         "1.3.6.1.5.5.7.9.5");
+
+        /**
+         * ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64)
+         */
+        public static readonly DerObjectIdentifier NameAtBirth =  new DerObjectIdentifier("1.3.36.8.3.14");
+
+        /**
+         * RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
+         * DirectoryString(SIZE(1..30))
+         */
+        public static readonly DerObjectIdentifier PostalAddress = new DerObjectIdentifier("2.5.4.16");
+
+        /**
+         * RFC 2256 dmdName
+         */
+        public static readonly DerObjectIdentifier DmdName = new DerObjectIdentifier("2.5.4.54");
+
+        /**
+         * id-at-telephoneNumber
+         */
+        public static readonly DerObjectIdentifier TelephoneNumber = X509ObjectIdentifiers.id_at_telephoneNumber;
+
+        /**
+         * id-at-name
+         */
+        public static readonly DerObjectIdentifier Name = X509ObjectIdentifiers.id_at_name;
+
+        /**
+        * Email address (RSA PKCS#9 extension) - IA5String.
+        * <p>Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.</p>
+        */
+        public static readonly DerObjectIdentifier EmailAddress = PkcsObjectIdentifiers.Pkcs9AtEmailAddress;
+
+        /**
+        * more from PKCS#9
+        */
+        public static readonly DerObjectIdentifier UnstructuredName = PkcsObjectIdentifiers.Pkcs9AtUnstructuredName;
+        public static readonly DerObjectIdentifier UnstructuredAddress = PkcsObjectIdentifiers.Pkcs9AtUnstructuredAddress;
+
+        /**
+        * email address in Verisign certificates
+        */
+        public static readonly DerObjectIdentifier E = EmailAddress;
+
+        /*
+        * others...
+        */
+        public static readonly DerObjectIdentifier DC = new DerObjectIdentifier("0.9.2342.19200300.100.1.25");
+
+        /**
+        * LDAP User id.
+        */
+        public static readonly DerObjectIdentifier UID = new DerObjectIdentifier("0.9.2342.19200300.100.1.1");
+
+        /**
+        * determines whether or not strings should be processed and printed
+        * from back to front.
+        */
+//        public static bool DefaultReverse = false;
+        public static bool DefaultReverse
+        {
+            get { return defaultReverse[0]; }
+            set { defaultReverse[0] = value; }
+        }
+
+        private static readonly bool[] defaultReverse = { false };
+
+#if SILVERLIGHT || PORTABLE
+        /**
+        * default look up table translating OID values into their common symbols following
+        * the convention in RFC 2253 with a few extras
+        */
+        public static readonly IDictionary DefaultSymbols = Platform.CreateHashtable();
+
+        /**
+         * look up table translating OID values into their common symbols following the convention in RFC 2253
+         */
+        public static readonly IDictionary RFC2253Symbols = Platform.CreateHashtable();
+
+        /**
+         * look up table translating OID values into their common symbols following the convention in RFC 1779
+         *
+         */
+        public static readonly IDictionary RFC1779Symbols = Platform.CreateHashtable();
+
+        /**
+        * look up table translating common symbols into their OIDS.
+        */
+        public static readonly IDictionary DefaultLookup = Platform.CreateHashtable();
+#else
+        /**
+        * default look up table translating OID values into their common symbols following
+        * the convention in RFC 2253 with a few extras
+        */
+        public static readonly Hashtable DefaultSymbols = new Hashtable();
+
+        /**
+         * look up table translating OID values into their common symbols following the convention in RFC 2253
+         */
+        public static readonly Hashtable RFC2253Symbols = new Hashtable();
+
+        /**
+         * look up table translating OID values into their common symbols following the convention in RFC 1779
+         *
+         */
+        public static readonly Hashtable RFC1779Symbols = new Hashtable();
+
+        /**
+        * look up table translating common symbols into their OIDS.
+        */
+        public static readonly Hashtable DefaultLookup = new Hashtable();
+#endif
+
+        static X509Name()
+        {
+            DefaultSymbols.Add(C, "C");
+            DefaultSymbols.Add(O, "O");
+            DefaultSymbols.Add(T, "T");
+            DefaultSymbols.Add(OU, "OU");
+            DefaultSymbols.Add(CN, "CN");
+            DefaultSymbols.Add(L, "L");
+            DefaultSymbols.Add(ST, "ST");
+            DefaultSymbols.Add(SerialNumber, "SERIALNUMBER");
+            DefaultSymbols.Add(EmailAddress, "E");
+            DefaultSymbols.Add(DC, "DC");
+            DefaultSymbols.Add(UID, "UID");
+            DefaultSymbols.Add(Street, "STREET");
+            DefaultSymbols.Add(Surname, "SURNAME");
+            DefaultSymbols.Add(GivenName, "GIVENNAME");
+            DefaultSymbols.Add(Initials, "INITIALS");
+            DefaultSymbols.Add(Generation, "GENERATION");
+            DefaultSymbols.Add(UnstructuredAddress, "unstructuredAddress");
+            DefaultSymbols.Add(UnstructuredName, "unstructuredName");
+            DefaultSymbols.Add(UniqueIdentifier, "UniqueIdentifier");
+            DefaultSymbols.Add(DnQualifier, "DN");
+            DefaultSymbols.Add(Pseudonym, "Pseudonym");
+            DefaultSymbols.Add(PostalAddress, "PostalAddress");
+            DefaultSymbols.Add(NameAtBirth, "NameAtBirth");
+            DefaultSymbols.Add(CountryOfCitizenship, "CountryOfCitizenship");
+            DefaultSymbols.Add(CountryOfResidence, "CountryOfResidence");
+            DefaultSymbols.Add(Gender, "Gender");
+            DefaultSymbols.Add(PlaceOfBirth, "PlaceOfBirth");
+            DefaultSymbols.Add(DateOfBirth, "DateOfBirth");
+            DefaultSymbols.Add(PostalCode, "PostalCode");
+            DefaultSymbols.Add(BusinessCategory, "BusinessCategory");
+            DefaultSymbols.Add(TelephoneNumber, "TelephoneNumber");
+
+            RFC2253Symbols.Add(C, "C");
+            RFC2253Symbols.Add(O, "O");
+            RFC2253Symbols.Add(OU, "OU");
+            RFC2253Symbols.Add(CN, "CN");
+            RFC2253Symbols.Add(L, "L");
+            RFC2253Symbols.Add(ST, "ST");
+            RFC2253Symbols.Add(Street, "STREET");
+            RFC2253Symbols.Add(DC, "DC");
+            RFC2253Symbols.Add(UID, "UID");
+
+            RFC1779Symbols.Add(C, "C");
+            RFC1779Symbols.Add(O, "O");
+            RFC1779Symbols.Add(OU, "OU");
+            RFC1779Symbols.Add(CN, "CN");
+            RFC1779Symbols.Add(L, "L");
+            RFC1779Symbols.Add(ST, "ST");
+            RFC1779Symbols.Add(Street, "STREET");
+
+            DefaultLookup.Add("c", C);
+            DefaultLookup.Add("o", O);
+            DefaultLookup.Add("t", T);
+            DefaultLookup.Add("ou", OU);
+            DefaultLookup.Add("cn", CN);
+            DefaultLookup.Add("l", L);
+            DefaultLookup.Add("st", ST);
+            DefaultLookup.Add("serialnumber", SerialNumber);
+            DefaultLookup.Add("street", Street);
+            DefaultLookup.Add("emailaddress", E);
+            DefaultLookup.Add("dc", DC);
+            DefaultLookup.Add("e", E);
+            DefaultLookup.Add("uid", UID);
+            DefaultLookup.Add("surname", Surname);
+            DefaultLookup.Add("givenname", GivenName);
+            DefaultLookup.Add("initials", Initials);
+            DefaultLookup.Add("generation", Generation);
+            DefaultLookup.Add("unstructuredaddress", UnstructuredAddress);
+            DefaultLookup.Add("unstructuredname", UnstructuredName);
+            DefaultLookup.Add("uniqueidentifier", UniqueIdentifier);
+            DefaultLookup.Add("dn", DnQualifier);
+            DefaultLookup.Add("pseudonym", Pseudonym);
+            DefaultLookup.Add("postaladdress", PostalAddress);
+            DefaultLookup.Add("nameofbirth", NameAtBirth);
+            DefaultLookup.Add("countryofcitizenship", CountryOfCitizenship);
+            DefaultLookup.Add("countryofresidence", CountryOfResidence);
+            DefaultLookup.Add("gender", Gender);
+            DefaultLookup.Add("placeofbirth", PlaceOfBirth);
+            DefaultLookup.Add("dateofbirth", DateOfBirth);
+            DefaultLookup.Add("postalcode", PostalCode);
+            DefaultLookup.Add("businesscategory", BusinessCategory);
+            DefaultLookup.Add("telephonenumber", TelephoneNumber);
+        }
+
+        private readonly IList ordering = Platform.CreateArrayList();
+        private readonly X509NameEntryConverter converter;
+
+        private IList		    values = Platform.CreateArrayList();
+        private IList           added = Platform.CreateArrayList();
+        private Asn1Sequence	seq;
+
+        /**
+        * Return a X509Name based on the passed in tagged object.
+        *
+        * @param obj tag object holding name.
+        * @param explicitly true if explicitly tagged false otherwise.
+        * @return the X509Name
+        */
+        public static X509Name GetInstance(
+            Asn1TaggedObject	obj,
+            bool				explicitly)
+        {
+            return GetInstance(Asn1Sequence.GetInstance(obj, explicitly));
+        }
+
+        public static X509Name GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is X509Name)
+                return (X509Name)obj;
+
+            if (obj != null)
+                return new X509Name(Asn1Sequence.GetInstance(obj));
+
+            throw new ArgumentException("null object in factory", "obj");
+        }
+
+        protected X509Name()
+        {
+        }
+
+        /**
+        * Constructor from Asn1Sequence
+        *
+        * the principal will be a list of constructed sets, each containing an (OID, string) pair.
+        */
+        protected X509Name(
+            Asn1Sequence seq)
+        {
+            this.seq = seq;
+
+            foreach (Asn1Encodable asn1Obj in seq)
+            {
+                Asn1Set asn1Set = Asn1Set.GetInstance(asn1Obj.ToAsn1Object());
+
+                for (int i = 0; i < asn1Set.Count; i++)
+                {
+                    Asn1Sequence s = Asn1Sequence.GetInstance(asn1Set[i].ToAsn1Object());
+
+                    if (s.Count != 2)
+                        throw new ArgumentException("badly sized pair");
+
+                    ordering.Add(DerObjectIdentifier.GetInstance(s[0].ToAsn1Object()));
+
+                    Asn1Object derValue = s[1].ToAsn1Object();
+                    if (derValue is IAsn1String && !(derValue is DerUniversalString))
+                    {
+                        string v = ((IAsn1String)derValue).GetString();
+                        if (Platform.StartsWith(v, "#"))
+                        {
+                            v = "\\" + v;
+                        }
+
+                        values.Add(v);
+                    }
+                    else
+                    {
+                        values.Add("#" + Hex.ToHexString(derValue.GetEncoded()));
+                    }
+
+                    added.Add(i != 0);
+                }
+            }
+        }
+
+        /**
+        * Constructor from a table of attributes with ordering.
+        * <p>
+        * it's is assumed the table contains OID/string pairs, and the contents
+        * of the table are copied into an internal table as part of the
+        * construction process. The ordering ArrayList should contain the OIDs
+        * in the order they are meant to be encoded or printed in ToString.</p>
+        */
+        public X509Name(
+            IList       ordering,
+            IDictionary attributes)
+            : this(ordering, attributes, new X509DefaultEntryConverter())
+        {
+        }
+
+        /**
+        * Constructor from a table of attributes with ordering.
+        * <p>
+        * it's is assumed the table contains OID/string pairs, and the contents
+        * of the table are copied into an internal table as part of the
+        * construction process. The ordering ArrayList should contain the OIDs
+        * in the order they are meant to be encoded or printed in ToString.</p>
+        * <p>
+        * The passed in converter will be used to convert the strings into their
+        * ASN.1 counterparts.</p>
+        */
+        public X509Name(
+            IList                   ordering,
+            IDictionary             attributes,
+            X509NameEntryConverter	converter)
+        {
+            this.converter = converter;
+
+            foreach (DerObjectIdentifier oid in ordering)
+            {
+                object attribute = attributes[oid];
+                if (attribute == null)
+                {
+                    throw new ArgumentException("No attribute for object id - " + oid + " - passed to distinguished name");
+                }
+
+                this.ordering.Add(oid);
+                this.added.Add(false);
+                this.values.Add(attribute); // copy the hash table
+            }
+        }
+
+        /**
+        * Takes two vectors one of the oids and the other of the values.
+        */
+        public X509Name(
+            IList   oids,
+            IList   values)
+            : this(oids, values, new X509DefaultEntryConverter())
+        {
+        }
+
+        /**
+        * Takes two vectors one of the oids and the other of the values.
+        * <p>
+        * The passed in converter will be used to convert the strings into their
+        * ASN.1 counterparts.</p>
+        */
+        public X509Name(
+            IList			    	oids,
+            IList		    		values,
+            X509NameEntryConverter	converter)
+        {
+            this.converter = converter;
+
+            if (oids.Count != values.Count)
+            {
+                throw new ArgumentException("'oids' must be same length as 'values'.");
+            }
+
+            for (int i = 0; i < oids.Count; i++)
+            {
+                this.ordering.Add(oids[i]);
+                this.values.Add(values[i]);
+                this.added.Add(false);
+            }
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes.
+        */
+        public X509Name(
+            string dirName)
+            : this(DefaultReverse, (IDictionary)DefaultLookup, dirName)
+        {
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes with each
+        * string value being converted to its associated ASN.1 type using the passed
+        * in converter.
+        */
+        public X509Name(
+            string					dirName,
+            X509NameEntryConverter	converter)
+            : this(DefaultReverse, DefaultLookup, dirName, converter)
+        {
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes. If reverse
+        * is true, create the encoded version of the sequence starting from the
+        * last element in the string.
+        */
+        public X509Name(
+            bool	reverse,
+            string	dirName)
+            : this(reverse, (IDictionary)DefaultLookup, dirName)
+        {
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes with each
+        * string value being converted to its associated ASN.1 type using the passed
+        * in converter. If reverse is true the ASN.1 sequence representing the DN will
+        * be built by starting at the end of the string, rather than the start.
+        */
+        public X509Name(
+            bool					reverse,
+            string					dirName,
+            X509NameEntryConverter	converter)
+            : this(reverse, DefaultLookup, dirName, converter)
+        {
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes. lookUp
+        * should provide a table of lookups, indexed by lowercase only strings and
+        * yielding a DerObjectIdentifier, other than that OID. and numeric oids
+        * will be processed automatically.
+        * <br/>
+        * If reverse is true, create the encoded version of the sequence
+        * starting from the last element in the string.
+        * @param reverse true if we should start scanning from the end (RFC 2553).
+        * @param lookUp table of names and their oids.
+        * @param dirName the X.500 string to be parsed.
+        */
+        public X509Name(
+            bool		reverse,
+            IDictionary lookUp,
+            string		dirName)
+            : this(reverse, lookUp, dirName, new X509DefaultEntryConverter())
+        {
+        }
+
+        private DerObjectIdentifier DecodeOid(
+            string		name,
+            IDictionary lookUp)
+        {
+            if (Platform.StartsWith(Platform.ToUpperInvariant(name), "OID."))
+            {
+                return new DerObjectIdentifier(name.Substring(4));
+            }
+            else if (name[0] >= '0' && name[0] <= '9')
+            {
+                return new DerObjectIdentifier(name);
+            }
+
+            DerObjectIdentifier oid = (DerObjectIdentifier)lookUp[Platform.ToLowerInvariant(name)];
+            if (oid == null)
+            {
+                throw new ArgumentException("Unknown object id - " + name + " - passed to distinguished name");
+            }
+
+            return oid;
+        }
+
+        /**
+        * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+        * some such, converting it into an ordered set of name attributes. lookUp
+        * should provide a table of lookups, indexed by lowercase only strings and
+        * yielding a DerObjectIdentifier, other than that OID. and numeric oids
+        * will be processed automatically. The passed in converter is used to convert the
+        * string values to the right of each equals sign to their ASN.1 counterparts.
+        * <br/>
+        * @param reverse true if we should start scanning from the end, false otherwise.
+        * @param lookUp table of names and oids.
+        * @param dirName the string dirName
+        * @param converter the converter to convert string values into their ASN.1 equivalents
+        */
+        public X509Name(
+            bool					reverse,
+            IDictionary				lookUp,
+            string					dirName,
+            X509NameEntryConverter	converter)
+        {
+            this.converter = converter;
+            X509NameTokenizer nTok = new X509NameTokenizer(dirName);
+
+            while (nTok.HasMoreTokens())
+            {
+                string token = nTok.NextToken();
+                int index = token.IndexOf('=');
+
+                if (index == -1)
+                {
+                    throw new ArgumentException("badly formated directory string");
+                }
+
+                string name = token.Substring(0, index);
+                string value = token.Substring(index + 1);
+                DerObjectIdentifier	oid = DecodeOid(name, lookUp);
+
+                if (value.IndexOf('+') > 0)
+                {
+                    X509NameTokenizer vTok = new X509NameTokenizer(value, '+');
+                    string v = vTok.NextToken();
+
+                    this.ordering.Add(oid);
+                    this.values.Add(v);
+                    this.added.Add(false);
+
+                    while (vTok.HasMoreTokens())
+                    {
+                        string sv = vTok.NextToken();
+                        int ndx = sv.IndexOf('=');
+
+                        string nm = sv.Substring(0, ndx);
+                        string vl = sv.Substring(ndx + 1);
+                        this.ordering.Add(DecodeOid(nm, lookUp));
+                        this.values.Add(vl);
+                        this.added.Add(true);
+                    }
+                }
+                else
+                {
+                    this.ordering.Add(oid);
+                    this.values.Add(value);
+                    this.added.Add(false);
+                }
+            }
+
+            if (reverse)
+            {
+//				this.ordering.Reverse();
+//				this.values.Reverse();
+//				this.added.Reverse();
+                IList o = Platform.CreateArrayList();
+                IList v = Platform.CreateArrayList();
+                IList a = Platform.CreateArrayList();
+                int count = 1;
+
+                for (int i = 0; i < this.ordering.Count; i++)
+                {
+                    if (!((bool) this.added[i]))
+                    {
+                        count = 0;
+                    }
+
+                    int index = count++;
+
+                    o.Insert(index, this.ordering[i]);
+                    v.Insert(index, this.values[i]);
+                    a.Insert(index, this.added[i]);
+                }
+
+                this.ordering = o;
+                this.values = v;
+                this.added = a;
+            }
+        }
+
+        /**
+        * return an IList of the oids in the name, in the order they were found.
+        */
+        public IList GetOidList()
+        {
+            return Platform.CreateArrayList(ordering);
+        }
+
+        /**
+        * return an IList of the values found in the name, in the order they
+        * were found.
+        */
+        public IList GetValueList()
+        {
+            return GetValueList(null);
+        }
+
+        /**
+         * return an IList of the values found in the name, in the order they
+         * were found, with the DN label corresponding to passed in oid.
+         */
+        public IList GetValueList(DerObjectIdentifier oid)
+        {
+            IList v = Platform.CreateArrayList();
+            for (int i = 0; i != values.Count; i++)
+            {
+                if (null == oid || oid.Equals(ordering[i]))
+                {
+                    string val = (string)values[i];
+
+                    if (Platform.StartsWith(val, "\\#"))
+                    {
+                        val = val.Substring(1);
+                    }
+
+                    v.Add(val);
+                }
+            }
+            return v;
+        }
+
+        public override Asn1Object ToAsn1Object()
+        {
+            if (seq == null)
+            {
+                Asn1EncodableVector vec = new Asn1EncodableVector();
+                Asn1EncodableVector sVec = new Asn1EncodableVector();
+                DerObjectIdentifier lstOid = null;
+
+                for (int i = 0; i != ordering.Count; i++)
+                {
+                    DerObjectIdentifier oid = (DerObjectIdentifier)ordering[i];
+                    string str = (string)values[i];
+
+                    if (lstOid == null
+                        || ((bool)this.added[i]))
+                    {
+                    }
+                    else
+                    {
+                        vec.Add(new DerSet(sVec));
+                        sVec = new Asn1EncodableVector();
+                    }
+
+                    sVec.Add(
+                        new DerSequence(
+                            oid,
+                            converter.GetConvertedValue(oid, str)));
+
+                    lstOid = oid;
+                }
+
+                vec.Add(new DerSet(sVec));
+
+                seq = new DerSequence(vec);
+            }
+
+            return seq;
+        }
+
+        /// <param name="other">The X509Name object to test equivalency against.</param>
+        /// <param name="inOrder">If true, the order of elements must be the same,
+        /// as well as the values associated with each element.</param>
+        public bool Equivalent(
+            X509Name	other,
+            bool		inOrder)
+        {
+            if (!inOrder)
+                return this.Equivalent(other);
+
+            if (other == null)
+                return false;
+
+            if (other == this)
+                return true;
+
+            int orderingSize = ordering.Count;
+
+            if (orderingSize != other.ordering.Count)
+                return false;
+
+            for (int i = 0; i < orderingSize; i++)
+            {
+                DerObjectIdentifier oid = (DerObjectIdentifier) ordering[i];
+                DerObjectIdentifier oOid = (DerObjectIdentifier) other.ordering[i];
+
+                if (!oid.Equals(oOid))
+                    return false;
+
+                string val = (string) values[i];
+                string oVal = (string) other.values[i];
+
+                if (!equivalentStrings(val, oVal))
+                    return false;
+            }
+
+            return true;
+        }
+
+        /**
+         * test for equivalence - note: case is ignored.
+         */
+        public bool Equivalent(
+            X509Name other)
+        {
+            if (other == null)
+                return false;
+
+            if (other == this)
+                return true;
+
+            int orderingSize = ordering.Count;
+
+            if (orderingSize != other.ordering.Count)
+            {
+                return false;
+            }
+
+            bool[] indexes = new bool[orderingSize];
+            int start, end, delta;
+
+            if (ordering[0].Equals(other.ordering[0]))   // guess forward
+            {
+                start = 0;
+                end = orderingSize;
+                delta = 1;
+            }
+            else  // guess reversed - most common problem
+            {
+                start = orderingSize - 1;
+                end = -1;
+                delta = -1;
+            }
+
+            for (int i = start; i != end; i += delta)
+            {
+                bool found = false;
+                DerObjectIdentifier  oid = (DerObjectIdentifier)ordering[i];
+                string value = (string)values[i];
+
+                for (int j = 0; j < orderingSize; j++)
+                {
+                    if (indexes[j])
+                    {
+                        continue;
+                    }
+
+                    DerObjectIdentifier oOid = (DerObjectIdentifier)other.ordering[j];
+
+                    if (oid.Equals(oOid))
+                    {
+                        string oValue = (string)other.values[j];
+
+                        if (equivalentStrings(value, oValue))
+                        {
+                            indexes[j] = true;
+                            found      = true;
+                            break;
+                        }
+                    }
+                }
+
+                if (!found)
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
+        private static bool equivalentStrings(
+            string	s1,
+            string	s2)
+        {
+            string v1 = canonicalize(s1);
+            string v2 = canonicalize(s2);
+
+            if (!v1.Equals(v2))
+            {
+                v1 = stripInternalSpaces(v1);
+                v2 = stripInternalSpaces(v2);
+
+                if (!v1.Equals(v2))
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
+        private static string canonicalize(
+            string s)
+        {
+            string v = Platform.ToLowerInvariant(s).Trim();
+
+            if (Platform.StartsWith(v, "#"))
+            {
+                Asn1Object obj = decodeObject(v);
+
+                if (obj is IAsn1String)
+                {
+                    v = Platform.ToLowerInvariant(((IAsn1String)obj).GetString()).Trim();
+                }
+            }
+
+            return v;
+        }
+
+        private static Asn1Object decodeObject(
+            string v)
+        {
+            try
+            {
+                return Asn1Object.FromByteArray(Hex.Decode(v.Substring(1)));
+            }
+            catch (IOException e)
+            {
+                throw new InvalidOperationException("unknown encoding in name: " + e.Message, e);
+            }
+        }
+
+        private static string stripInternalSpaces(
+            string str)
+        {
+            StringBuilder res = new StringBuilder();
+
+            if (str.Length != 0)
+            {
+                char c1 = str[0];
+
+                res.Append(c1);
+
+                for (int k = 1; k < str.Length; k++)
+                {
+                    char c2 = str[k];
+                    if (!(c1 == ' ' && c2 == ' '))
+                    {
+                        res.Append(c2);
+                    }
+                    c1 = c2;
+                }
+            }
+
+            return res.ToString();
+        }
+
+        private void AppendValue(
+            StringBuilder		buf,
+            IDictionary         oidSymbols,
+            DerObjectIdentifier	oid,
+            string				val)
+        {
+            string sym = (string)oidSymbols[oid];
+
+            if (sym != null)
+            {
+                buf.Append(sym);
+            }
+            else
+            {
+                buf.Append(oid.Id);
+            }
+
+            buf.Append('=');
+
+            int index = buf.Length;
+
+            buf.Append(val);
+
+            int end = buf.Length;
+
+            if (Platform.StartsWith(val, "\\#"))
+            {
+                index += 2;
+            }
+
+            while (index != end)
+            {
+                if ((buf[index] == ',')
+                || (buf[index] == '"')
+                || (buf[index] == '\\')
+                || (buf[index] == '+')
+                || (buf[index] == '=')
+                || (buf[index] == '<')
+                || (buf[index] == '>')
+                || (buf[index] == ';'))
+                {
+                    buf.Insert(index++, "\\");
+                    end++;
+                }
+
+                index++;
+            }
+        }
+
+        /**
+        * convert the structure to a string - if reverse is true the
+        * oids and values are listed out starting with the last element
+        * in the sequence (ala RFC 2253), otherwise the string will begin
+        * with the first element of the structure. If no string definition
+        * for the oid is found in oidSymbols the string value of the oid is
+        * added. Two standard symbol tables are provided DefaultSymbols, and
+        * RFC2253Symbols as part of this class.
+        *
+        * @param reverse if true start at the end of the sequence and work back.
+        * @param oidSymbols look up table strings for oids.
+        */
+        public string ToString(
+            bool		reverse,
+            IDictionary oidSymbols)
+        {
+#if SILVERLIGHT || PORTABLE
+            List<object> components = new List<object>();
+#else
+            ArrayList components = new ArrayList();
+#endif
+
+            StringBuilder ava = null;
+
+            for (int i = 0; i < ordering.Count; i++)
+            {
+                if ((bool) added[i])
+                {
+                    ava.Append('+');
+                    AppendValue(ava, oidSymbols,
+                        (DerObjectIdentifier)ordering[i],
+                        (string)values[i]);
+                }
+                else
+                {
+                    ava = new StringBuilder();
+                    AppendValue(ava, oidSymbols,
+                        (DerObjectIdentifier)ordering[i],
+                        (string)values[i]);
+                    components.Add(ava);
+                }
+            }
+
+            if (reverse)
+            {
+                components.Reverse();
+            }
+
+            StringBuilder buf = new StringBuilder();
+
+            if (components.Count > 0)
+            {
+                buf.Append(components[0].ToString());
+
+                for (int i = 1; i < components.Count; ++i)
+                {
+                    buf.Append(',');
+                    buf.Append(components[i].ToString());
+                }
+            }
+
+            return buf.ToString();
+        }
+
+        public override string ToString()
+        {
+            return ToString(DefaultReverse, (IDictionary)DefaultSymbols);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509NameEntryConverter.cs b/bc-sharp-crypto/src/asn1/x509/X509NameEntryConverter.cs
new file mode 100644
index 0000000..5872656
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509NameEntryConverter.cs
@@ -0,0 +1,89 @@
+using System;
+using System.Globalization;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * It turns out that the number of standard ways the fields in a DN should be
+     * encoded into their ASN.1 counterparts is rapidly approaching the
+     * number of machines on the internet. By default the X509Name class
+     * will produce UTF8Strings in line with the current recommendations (RFC 3280).
+     * <p>
+     * An example of an encoder look like below:
+     * <pre>
+     * public class X509DirEntryConverter
+     *     : X509NameEntryConverter
+     * {
+     *     public Asn1Object GetConvertedValue(
+     *         DerObjectIdentifier  oid,
+     *         string               value)
+     *     {
+     *         if (str.Length() != 0 &amp;&amp; str.charAt(0) == '#')
+     *         {
+     *             return ConvertHexEncoded(str, 1);
+     *         }
+     *         if (oid.Equals(EmailAddress))
+     *         {
+     *             return new DerIA5String(str);
+     *         }
+     *         else if (CanBePrintable(str))
+     *         {
+     *             return new DerPrintableString(str);
+     *         }
+     *         else if (CanBeUTF8(str))
+     *         {
+     *             return new DerUtf8String(str);
+     *         }
+     *         else
+     *         {
+     *             return new DerBmpString(str);
+     *         }
+     *     }
+     * }
+	 * </pre>
+	 * </p>
+     */
+    public abstract class X509NameEntryConverter
+    {
+        /**
+         * Convert an inline encoded hex string rendition of an ASN.1
+         * object back into its corresponding ASN.1 object.
+         *
+         * @param str the hex encoded object
+         * @param off the index at which the encoding starts
+         * @return the decoded object
+         */
+        protected Asn1Object ConvertHexEncoded(
+            string	hexString,
+            int		offset)
+        {
+			string str = hexString.Substring(offset);
+
+			return Asn1Object.FromByteArray(Hex.Decode(str));
+        }
+
+		/**
+         * return true if the passed in string can be represented without
+         * loss as a PrintableString, false otherwise.
+         */
+        protected bool CanBePrintable(
+            string str)
+        {
+			return DerPrintableString.IsPrintableString(str);
+        }
+
+		/**
+         * Convert the passed in string value into the appropriate ASN.1
+         * encoded object.
+         *
+         * @param oid the oid associated with the value in the DN.
+         * @param value the value of the particular DN component.
+         * @return the ASN.1 equivalent for the value.
+         */
+        public abstract Asn1Object GetConvertedValue(DerObjectIdentifier oid, string value);
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509NameTokenizer.cs b/bc-sharp-crypto/src/asn1/x509/X509NameTokenizer.cs
new file mode 100644
index 0000000..ab55295
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509NameTokenizer.cs
@@ -0,0 +1,104 @@
+using System.Text;
+
+namespace Org.BouncyCastle.Asn1.X509
+{
+    /**
+     * class for breaking up an X500 Name into it's component tokens, ala
+     * java.util.StringTokenizer. We need this class as some of the
+     * lightweight Java environment don't support classes like
+     * StringTokenizer.
+     */
+    public class X509NameTokenizer
+    {
+        private string			value;
+        private int				index;
+        private char			separator;
+        private StringBuilder	buffer = new StringBuilder();
+
+		public X509NameTokenizer(
+            string oid)
+            : this(oid, ',')
+        {
+        }
+
+		public X509NameTokenizer(
+            string	oid,
+            char	separator)
+        {
+            this.value = oid;
+            this.index = -1;
+            this.separator = separator;
+        }
+
+		public bool HasMoreTokens()
+        {
+            return index != value.Length;
+        }
+
+		public string NextToken()
+        {
+            if (index == value.Length)
+            {
+                return null;
+            }
+
+            int end = index + 1;
+            bool quoted = false;
+            bool escaped = false;
+
+			buffer.Remove(0, buffer.Length);
+
+			while (end != value.Length)
+            {
+                char c = value[end];
+
+				if (c == '"')
+                {
+                    if (!escaped)
+                    {
+                        quoted = !quoted;
+                    }
+                    else
+                    {
+                        buffer.Append(c);
+						escaped = false;
+                    }
+                }
+                else
+                {
+                    if (escaped || quoted)
+                    {
+						if (c == '#' && buffer[buffer.Length - 1] == '=')
+						{
+							buffer.Append('\\');
+						}
+						else if (c == '+' && separator != '+')
+						{
+							buffer.Append('\\');
+						}
+						buffer.Append(c);
+                        escaped = false;
+                    }
+                    else if (c == '\\')
+                    {
+                        escaped = true;
+                    }
+                    else if (c == separator)
+                    {
+                        break;
+                    }
+                    else
+                    {
+                        buffer.Append(c);
+                    }
+                }
+
+				end++;
+            }
+
+			index = end;
+
+			return buffer.ToString().Trim();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/X509ObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/x509/X509ObjectIdentifiers.cs
new file mode 100644
index 0000000..f00e314
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/X509ObjectIdentifiers.cs
@@ -0,0 +1,59 @@
+namespace Org.BouncyCastle.Asn1.X509
+{
+    public abstract class X509ObjectIdentifiers
+    {
+        //
+        // base id
+        //
+        internal const string ID = "2.5.4";
+
+		public static readonly DerObjectIdentifier CommonName              = new DerObjectIdentifier(ID + ".3");
+        public static readonly DerObjectIdentifier CountryName             = new DerObjectIdentifier(ID + ".6");
+        public static readonly DerObjectIdentifier LocalityName            = new DerObjectIdentifier(ID + ".7");
+        public static readonly DerObjectIdentifier StateOrProvinceName     = new DerObjectIdentifier(ID + ".8");
+        public static readonly DerObjectIdentifier Organization            = new DerObjectIdentifier(ID + ".10");
+        public static readonly DerObjectIdentifier OrganizationalUnitName  = new DerObjectIdentifier(ID + ".11");
+
+		public static readonly DerObjectIdentifier id_at_telephoneNumber   = new DerObjectIdentifier(ID + ".20");
+		public static readonly DerObjectIdentifier id_at_name              = new DerObjectIdentifier(ID + ".41");
+
+		// id-SHA1 OBJECT IDENTIFIER ::=
+        //   {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }    //
+        public static readonly DerObjectIdentifier IdSha1 = new DerObjectIdentifier("1.3.14.3.2.26");
+
+		//
+        // ripemd160 OBJECT IDENTIFIER ::=
+        //      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RipeMD-160(1)}
+        //
+        public static readonly DerObjectIdentifier RipeMD160 = new DerObjectIdentifier("1.3.36.3.2.1");
+
+		//
+        // ripemd160WithRSAEncryption OBJECT IDENTIFIER ::=
+        //      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) }
+        //
+        public static readonly DerObjectIdentifier RipeMD160WithRsaEncryption = new DerObjectIdentifier("1.3.36.3.3.1.2");
+
+		public static readonly DerObjectIdentifier IdEARsa = new DerObjectIdentifier("2.5.8.1.1");
+
+		// id-pkix
+		public static readonly DerObjectIdentifier IdPkix = new DerObjectIdentifier("1.3.6.1.5.5.7");
+
+		//
+		// private internet extensions
+		//
+		public static readonly DerObjectIdentifier IdPE = new DerObjectIdentifier(IdPkix + ".1");
+
+		//
+		// authority information access
+		//
+		public static readonly DerObjectIdentifier IdAD = new DerObjectIdentifier(IdPkix + ".48");
+		public static readonly DerObjectIdentifier IdADCAIssuers = new DerObjectIdentifier(IdAD + ".2");
+		public static readonly DerObjectIdentifier IdADOcsp = new DerObjectIdentifier(IdAD + ".1");
+
+		//
+		// OID for ocsp and crl uri in AuthorityInformationAccess extension
+		//
+		public static readonly DerObjectIdentifier OcspAccessMethod = IdADOcsp;
+		public static readonly DerObjectIdentifier CrlAccessMethod = IdADCAIssuers;
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/BiometricData.cs b/bc-sharp-crypto/src/asn1/x509/qualified/BiometricData.cs
new file mode 100644
index 0000000..bb70c34
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/BiometricData.cs
@@ -0,0 +1,110 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The BiometricData object.
+    * <pre>
+    * BiometricData  ::=  SEQUENCE {
+    *       typeOfBiometricData  TypeOfBiometricData,
+    *       hashAlgorithm        AlgorithmIdentifier,
+    *       biometricDataHash    OCTET STRING,
+    *       sourceDataUri        IA5String OPTIONAL  }
+    * </pre>
+    */
+    public class BiometricData
+        : Asn1Encodable
+    {
+        private readonly TypeOfBiometricData typeOfBiometricData;
+        private readonly AlgorithmIdentifier hashAlgorithm;
+        private readonly Asn1OctetString     biometricDataHash;
+        private readonly DerIA5String        sourceDataUri;
+
+        public static BiometricData GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is BiometricData)
+            {
+                return (BiometricData)obj;
+            }
+
+            if (obj is Asn1Sequence)
+            {
+				return new BiometricData(Asn1Sequence.GetInstance(obj));
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private BiometricData(
+			Asn1Sequence seq)
+        {
+			typeOfBiometricData = TypeOfBiometricData.GetInstance(seq[0]);
+			hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]);
+			biometricDataHash = Asn1OctetString.GetInstance(seq[2]);
+
+			if (seq.Count > 3)
+			{
+				sourceDataUri = DerIA5String.GetInstance(seq[3]);
+			}
+        }
+
+		public BiometricData(
+            TypeOfBiometricData	typeOfBiometricData,
+            AlgorithmIdentifier	hashAlgorithm,
+            Asn1OctetString		biometricDataHash,
+            DerIA5String		sourceDataUri)
+        {
+            this.typeOfBiometricData = typeOfBiometricData;
+            this.hashAlgorithm = hashAlgorithm;
+            this.biometricDataHash = biometricDataHash;
+            this.sourceDataUri = sourceDataUri;
+        }
+
+        public BiometricData(
+            TypeOfBiometricData	typeOfBiometricData,
+            AlgorithmIdentifier	hashAlgorithm,
+            Asn1OctetString		biometricDataHash)
+        {
+            this.typeOfBiometricData = typeOfBiometricData;
+            this.hashAlgorithm = hashAlgorithm;
+            this.biometricDataHash = biometricDataHash;
+            this.sourceDataUri = null;
+        }
+
+        public TypeOfBiometricData TypeOfBiometricData
+        {
+			get { return typeOfBiometricData; }
+        }
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public Asn1OctetString BiometricDataHash
+		{
+			get { return biometricDataHash; }
+		}
+
+		public DerIA5String SourceDataUri
+		{
+			get { return sourceDataUri; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector seq = new Asn1EncodableVector(
+				typeOfBiometricData, hashAlgorithm, biometricDataHash);
+
+			if (sourceDataUri != null)
+            {
+                seq.Add(sourceDataUri);
+            }
+
+			return new DerSequence(seq);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs
new file mode 100644
index 0000000..86a4eee
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs
@@ -0,0 +1,19 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+	public abstract class EtsiQCObjectIdentifiers
+	{
+		//
+		// base id
+		//
+		public static readonly DerObjectIdentifier IdEtsiQcs                 = new DerObjectIdentifier("0.4.0.1862.1");
+
+		public static readonly DerObjectIdentifier IdEtsiQcsQcCompliance     = new DerObjectIdentifier(IdEtsiQcs+".1");
+		public static readonly DerObjectIdentifier IdEtsiQcsLimitValue       = new DerObjectIdentifier(IdEtsiQcs+".2");
+		public static readonly DerObjectIdentifier IdEtsiQcsRetentionPeriod  = new DerObjectIdentifier(IdEtsiQcs+".3");
+		public static readonly DerObjectIdentifier IdEtsiQcsQcSscd           = new DerObjectIdentifier(IdEtsiQcs+".4");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs b/bc-sharp-crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs
new file mode 100644
index 0000000..9ec88f5
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs
@@ -0,0 +1,84 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The Iso4217CurrencyCode object.
+    * <pre>
+    * Iso4217CurrencyCode  ::=  CHOICE {
+    *       alphabetic              PrintableString (SIZE 3), --Recommended
+    *       numeric              INTEGER (1..999) }
+    * -- Alphabetic or numeric currency code as defined in ISO 4217
+    * -- It is recommended that the Alphabetic form is used
+    * </pre>
+    */
+    public class Iso4217CurrencyCode
+        : Asn1Encodable, IAsn1Choice
+    {
+        internal const int AlphabeticMaxSize = 3;
+        internal const int NumericMinSize = 1;
+        internal const int NumericMaxSize = 999;
+
+		internal Asn1Encodable	obj;
+//        internal int			numeric;
+
+		public static Iso4217CurrencyCode GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is Iso4217CurrencyCode)
+            {
+                return (Iso4217CurrencyCode) obj;
+            }
+
+			if (obj is DerInteger)
+            {
+                DerInteger numericobj = DerInteger.GetInstance(obj);
+                int numeric = numericobj.Value.IntValue;
+                return new Iso4217CurrencyCode(numeric);
+            }
+
+			if (obj is DerPrintableString)
+            {
+                DerPrintableString alphabetic = DerPrintableString.GetInstance(obj);
+                return new Iso4217CurrencyCode(alphabetic.GetString());
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+        }
+
+		public Iso4217CurrencyCode(
+            int numeric)
+        {
+            if (numeric > NumericMaxSize || numeric < NumericMinSize)
+            {
+                throw new ArgumentException("wrong size in numeric code : not in (" + NumericMinSize + ".." + NumericMaxSize + ")");
+            }
+
+			obj = new DerInteger(numeric);
+        }
+
+		public Iso4217CurrencyCode(
+            string alphabetic)
+        {
+            if (alphabetic.Length > AlphabeticMaxSize)
+            {
+                throw new ArgumentException("wrong size in alphabetic code : max size is " + AlphabeticMaxSize);
+            }
+
+			obj = new DerPrintableString(alphabetic);
+        }
+
+		public bool IsAlphabetic { get { return obj is DerPrintableString; } }
+
+		public string Alphabetic { get { return ((DerPrintableString) obj).GetString(); } }
+
+		public int Numeric { get { return ((DerInteger)obj).Value.IntValue; } }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return obj.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/MonetaryValue.cs b/bc-sharp-crypto/src/asn1/x509/qualified/MonetaryValue.cs
new file mode 100644
index 0000000..d703de9
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/MonetaryValue.cs
@@ -0,0 +1,83 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The MonetaryValue object.
+    * <pre>
+    * MonetaryValue  ::=  SEQUENCE {
+    *       currency              Iso4217CurrencyCode,
+    *       amount               INTEGER,
+    *       exponent             INTEGER }
+    * -- value = amount * 10^exponent
+    * </pre>
+    */
+    public class MonetaryValue
+        : Asn1Encodable
+    {
+        internal Iso4217CurrencyCode	currency;
+        internal DerInteger				amount;
+        internal DerInteger				exponent;
+
+		public static MonetaryValue GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is MonetaryValue)
+            {
+                return (MonetaryValue) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new MonetaryValue(Asn1Sequence.GetInstance(obj));
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private MonetaryValue(
+            Asn1Sequence seq)
+        {
+			if (seq.Count != 3)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+            currency = Iso4217CurrencyCode.GetInstance(seq[0]);
+            amount = DerInteger.GetInstance(seq[1]);
+            exponent = DerInteger.GetInstance(seq[2]);
+        }
+
+		public MonetaryValue(
+            Iso4217CurrencyCode	currency,
+            int					amount,
+            int					exponent)
+        {
+            this.currency = currency;
+            this.amount = new DerInteger(amount);
+            this.exponent = new DerInteger(exponent);
+        }
+
+		public Iso4217CurrencyCode Currency
+		{
+			get { return currency; }
+		}
+
+		public BigInteger Amount
+		{
+			get { return amount.Value; }
+		}
+
+		public BigInteger Exponent
+		{
+			get { return exponent.Value; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(currency, amount, exponent);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/QCStatement.cs b/bc-sharp-crypto/src/asn1/x509/qualified/QCStatement.cs
new file mode 100644
index 0000000..a8e214c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/QCStatement.cs
@@ -0,0 +1,84 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The QCStatement object.
+    * <pre>
+    * QCStatement ::= SEQUENCE {
+    *   statementId        OBJECT IDENTIFIER,
+    *   statementInfo      ANY DEFINED BY statementId OPTIONAL}
+    * </pre>
+    */
+    public class QCStatement
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	qcStatementId;
+        private readonly Asn1Encodable			qcStatementInfo;
+
+		public static QCStatement GetInstance(
+            object obj)
+        {
+            if (obj == null || obj is QCStatement)
+            {
+                return (QCStatement) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+				return new QCStatement(Asn1Sequence.GetInstance(obj));
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		private QCStatement(
+            Asn1Sequence seq)
+        {
+			qcStatementId = DerObjectIdentifier.GetInstance(seq[0]);
+
+			if (seq.Count > 1)
+			{
+				qcStatementInfo = seq[1];
+			}
+        }
+
+		public QCStatement(
+            DerObjectIdentifier qcStatementId)
+        {
+            this.qcStatementId = qcStatementId;
+        }
+
+        public QCStatement(
+            DerObjectIdentifier qcStatementId,
+            Asn1Encodable       qcStatementInfo)
+        {
+            this.qcStatementId = qcStatementId;
+            this.qcStatementInfo = qcStatementInfo;
+        }
+
+		public DerObjectIdentifier StatementId
+		{
+			get { return qcStatementId; }
+		}
+
+		public Asn1Encodable StatementInfo
+		{
+			get { return qcStatementInfo; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector seq = new Asn1EncodableVector(qcStatementId);
+
+			if (qcStatementInfo != null)
+            {
+                seq.Add(qcStatementInfo);
+            }
+
+			return new DerSequence(seq);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs
new file mode 100644
index 0000000..8ebd69e
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs
@@ -0,0 +1,21 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    public sealed class Rfc3739QCObjectIdentifiers
+    {
+		private Rfc3739QCObjectIdentifiers()
+		{
+		}
+
+		//
+        // base id
+        //
+        public static readonly DerObjectIdentifier IdQcs = new DerObjectIdentifier("1.3.6.1.5.5.7.11");
+
+        public static readonly DerObjectIdentifier IdQcsPkixQCSyntaxV1 = new DerObjectIdentifier(IdQcs+".1");
+        public static readonly DerObjectIdentifier IdQcsPkixQCSyntaxV2 = new DerObjectIdentifier(IdQcs+".2");
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/SemanticsInformation.cs b/bc-sharp-crypto/src/asn1/x509/qualified/SemanticsInformation.cs
new file mode 100644
index 0000000..5fe5f93
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/SemanticsInformation.cs
@@ -0,0 +1,124 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The SemanticsInformation object.
+    * <pre>
+    *       SemanticsInformation ::= SEQUENCE {
+    *         semanticsIdentifier        OBJECT IDENTIFIER   OPTIONAL,
+    *         nameRegistrationAuthorities NameRegistrationAuthorities
+    *                                                         OPTIONAL }
+    *         (WITH COMPONENTS {..., semanticsIdentifier PRESENT}|
+    *          WITH COMPONENTS {..., nameRegistrationAuthorities PRESENT})
+    *
+    *     NameRegistrationAuthorities ::=  SEQUENCE SIZE (1..MAX) OF
+    *         GeneralName
+    * </pre>
+    */
+    public class SemanticsInformation
+		: Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	semanticsIdentifier;
+        private readonly GeneralName[]			nameRegistrationAuthorities;
+
+		public static SemanticsInformation GetInstance(
+			object obj)
+        {
+            if (obj == null || obj is SemanticsInformation)
+            {
+                return (SemanticsInformation) obj;
+            }
+
+			if (obj is Asn1Sequence)
+            {
+                return new SemanticsInformation(Asn1Sequence.GetInstance(obj));
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public SemanticsInformation(
+			Asn1Sequence seq)
+        {
+            if (seq.Count < 1)
+            {
+                throw new ArgumentException("no objects in SemanticsInformation");
+            }
+
+			IEnumerator e = seq.GetEnumerator();
+			e.MoveNext();
+            object obj = e.Current;
+            if (obj is DerObjectIdentifier)
+            {
+                semanticsIdentifier = DerObjectIdentifier.GetInstance(obj);
+                if (e.MoveNext())
+                {
+                    obj  = e.Current;
+                }
+                else
+                {
+                    obj  = null;
+                }
+            }
+
+			if (obj  != null)
+            {
+                Asn1Sequence generalNameSeq = Asn1Sequence.GetInstance(obj );
+                nameRegistrationAuthorities = new GeneralName[generalNameSeq.Count];
+                for (int i= 0; i < generalNameSeq.Count; i++)
+                {
+                    nameRegistrationAuthorities[i] = GeneralName.GetInstance(generalNameSeq[i]);
+                }
+            }
+        }
+
+		public SemanticsInformation(
+            DerObjectIdentifier semanticsIdentifier,
+            GeneralName[] generalNames)
+        {
+            this.semanticsIdentifier = semanticsIdentifier;
+            this.nameRegistrationAuthorities = generalNames;
+        }
+
+		public SemanticsInformation(
+			DerObjectIdentifier semanticsIdentifier)
+        {
+            this.semanticsIdentifier = semanticsIdentifier;
+        }
+
+        public SemanticsInformation(
+			GeneralName[] generalNames)
+        {
+            this.nameRegistrationAuthorities = generalNames;
+        }
+
+		public DerObjectIdentifier SemanticsIdentifier { get { return semanticsIdentifier; } }
+
+		public GeneralName[] GetNameRegistrationAuthorities()
+        {
+            return nameRegistrationAuthorities;
+        }
+
+		public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector seq = new Asn1EncodableVector();
+
+            if (this.semanticsIdentifier != null)
+            {
+                seq.Add(semanticsIdentifier);
+            }
+
+			if (this.nameRegistrationAuthorities != null)
+            {
+                seq.Add(new DerSequence(nameRegistrationAuthorities));
+            }
+
+			return new DerSequence(seq);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs b/bc-sharp-crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs
new file mode 100644
index 0000000..17b7841
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs
@@ -0,0 +1,91 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.Qualified
+{
+    /**
+    * The TypeOfBiometricData object.
+    * <pre>
+    * TypeOfBiometricData ::= CHOICE {
+    *   predefinedBiometricType   PredefinedBiometricType,
+    *   biometricDataOid          OBJECT IDENTIFIER }
+    *
+    * PredefinedBiometricType ::= INTEGER {
+    *   picture(0),handwritten-signature(1)}
+    *   (picture|handwritten-signature)
+    * </pre>
+    */
+    public class TypeOfBiometricData
+        : Asn1Encodable, IAsn1Choice
+    {
+        public const int Picture				= 0;
+        public const int HandwrittenSignature	= 1;
+
+		internal Asn1Encodable obj;
+
+		public static TypeOfBiometricData GetInstance(
+			object obj)
+        {
+            if (obj == null || obj is TypeOfBiometricData)
+            {
+                return (TypeOfBiometricData) obj;
+            }
+
+			if (obj is DerInteger)
+            {
+                DerInteger predefinedBiometricTypeObj = DerInteger.GetInstance(obj);
+                int predefinedBiometricType = predefinedBiometricTypeObj.Value.IntValue;
+
+				return new TypeOfBiometricData(predefinedBiometricType);
+            }
+
+			if (obj is DerObjectIdentifier)
+            {
+                DerObjectIdentifier BiometricDataOid = DerObjectIdentifier.GetInstance(obj);
+                return new TypeOfBiometricData(BiometricDataOid);
+            }
+
+			throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public TypeOfBiometricData(
+			int predefinedBiometricType)
+        {
+            if (predefinedBiometricType == Picture || predefinedBiometricType == HandwrittenSignature)
+            {
+                obj = new DerInteger(predefinedBiometricType);
+            }
+            else
+            {
+                throw new ArgumentException("unknow PredefinedBiometricType : " + predefinedBiometricType);
+            }
+        }
+
+		public TypeOfBiometricData(
+			DerObjectIdentifier biometricDataOid)
+        {
+            obj = biometricDataOid;
+        }
+
+		public bool IsPredefined
+		{
+			get { return obj is DerInteger; }
+		}
+
+		public int PredefinedBiometricType
+		{
+			get { return ((DerInteger) obj).Value.IntValue; }
+		}
+
+		public DerObjectIdentifier BiometricDataOid
+		{
+			get { return (DerObjectIdentifier) obj; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+        {
+            return obj.ToAsn1Object();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/sigi/NameOrPseudonym.cs b/bc-sharp-crypto/src/asn1/x509/sigi/NameOrPseudonym.cs
new file mode 100644
index 0000000..2402e38
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/sigi/NameOrPseudonym.cs
@@ -0,0 +1,178 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.SigI
+{
+	/**
+	* Structure for a name or pseudonym.
+	* 
+	* <pre>
+	*       NameOrPseudonym ::= CHOICE {
+	*     	   surAndGivenName SEQUENCE {
+	*     	     surName DirectoryString,
+	*     	     givenName SEQUENCE OF DirectoryString 
+	*         },
+	*     	   pseudonym DirectoryString 
+	*       }
+	* </pre>
+	* 
+	* @see org.bouncycastle.asn1.x509.sigi.PersonalData
+	* 
+	*/
+	public class NameOrPseudonym
+		: Asn1Encodable, IAsn1Choice
+	{
+		private readonly DirectoryString	pseudonym;
+		private readonly DirectoryString	surname;
+		private readonly Asn1Sequence		givenName;
+
+		public static NameOrPseudonym GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is NameOrPseudonym)
+			{
+				return (NameOrPseudonym)obj;
+			}
+
+			if (obj is IAsn1String)
+			{
+				return new NameOrPseudonym(DirectoryString.GetInstance(obj));
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new NameOrPseudonym((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from DERString.
+		* <p/>
+		* The sequence is of type NameOrPseudonym:
+		* <p/>
+		* <pre>
+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		* </pre>
+		* @param pseudonym pseudonym value to use.
+		*/
+		public NameOrPseudonym(
+			DirectoryString pseudonym)
+		{
+			this.pseudonym = pseudonym;
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type NameOrPseudonym:
+		* <p/>
+		* <pre>
+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private NameOrPseudonym(
+			Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			if (!(seq[0] is IAsn1String))
+                throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(seq[0]));
+
+			surname = DirectoryString.GetInstance(seq[0]);
+			givenName = Asn1Sequence.GetInstance(seq[1]);
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param pseudonym The pseudonym.
+		*/
+		public NameOrPseudonym(
+			string pseudonym)
+			: this(new DirectoryString(pseudonym))
+		{
+		}
+
+		/**
+		 * Constructor from a given details.
+		 *
+		 * @param surname   The surname.
+		 * @param givenName A sequence of directory strings making up the givenName
+		 */
+		public NameOrPseudonym(
+			DirectoryString	surname,
+			Asn1Sequence	givenName)
+		{
+			this.surname = surname;
+			this.givenName = givenName;
+		}
+
+		public DirectoryString Pseudonym
+		{
+			get { return pseudonym; }
+		}
+
+		public DirectoryString Surname
+		{
+			get { return surname; }
+		}
+
+		public DirectoryString[] GetGivenName()
+		{
+			DirectoryString[] items = new DirectoryString[givenName.Count];
+			int count = 0;
+			foreach (object o in givenName)
+			{
+				items[count++] = DirectoryString.GetInstance(o);
+			}
+			return items;
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			if (pseudonym != null)
+			{
+				return pseudonym.ToAsn1Object();
+			}
+
+			return new DerSequence(surname, givenName);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/sigi/PersonalData.cs b/bc-sharp-crypto/src/asn1/x509/sigi/PersonalData.cs
new file mode 100644
index 0000000..dba345c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/sigi/PersonalData.cs
@@ -0,0 +1,211 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X509.SigI
+{
+	/**
+	* Contains personal data for the otherName field in the subjectAltNames
+	* extension.
+	* <p/>
+	* <pre>
+	*     PersonalData ::= SEQUENCE {
+	*       nameOrPseudonym NameOrPseudonym,
+	*       nameDistinguisher [0] INTEGER OPTIONAL,
+	*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+	*       placeOfBirth [2] DirectoryString OPTIONAL,
+	*       gender [3] PrintableString OPTIONAL,
+	*       postalAddress [4] DirectoryString OPTIONAL
+	*       }
+	* </pre>
+	*
+	* @see org.bouncycastle.asn1.x509.sigi.NameOrPseudonym
+	* @see org.bouncycastle.asn1.x509.sigi.SigIObjectIdentifiers
+	*/
+	public class PersonalData
+		: Asn1Encodable
+	{
+		private readonly NameOrPseudonym	nameOrPseudonym;
+		private readonly BigInteger			nameDistinguisher;
+		private readonly DerGeneralizedTime	dateOfBirth;
+		private readonly DirectoryString	placeOfBirth;
+		private readonly string				gender;
+		private readonly DirectoryString	postalAddress;
+
+		public static PersonalData GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is PersonalData)
+			{
+				return (PersonalData) obj;
+			}
+
+			if (obj is Asn1Sequence)
+			{
+				return new PersonalData((Asn1Sequence) obj);
+			}
+
+            throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		/**
+		* Constructor from Asn1Sequence.
+		* <p/>
+		* The sequence is of type NameOrPseudonym:
+		* <p/>
+		* <pre>
+		*     PersonalData ::= SEQUENCE {
+		*       nameOrPseudonym NameOrPseudonym,
+		*       nameDistinguisher [0] INTEGER OPTIONAL,
+		*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+		*       placeOfBirth [2] DirectoryString OPTIONAL,
+		*       gender [3] PrintableString OPTIONAL,
+		*       postalAddress [4] DirectoryString OPTIONAL
+		*       }
+		* </pre>
+		*
+		* @param seq The ASN.1 sequence.
+		*/
+		private PersonalData(
+			Asn1Sequence seq)
+		{
+			if (seq.Count < 1)
+				throw new ArgumentException("Bad sequence size: " + seq.Count);
+
+			IEnumerator e = seq.GetEnumerator();
+			e.MoveNext();
+
+			nameOrPseudonym = NameOrPseudonym.GetInstance(e.Current);
+
+			while (e.MoveNext())
+			{
+				Asn1TaggedObject o = Asn1TaggedObject.GetInstance(e.Current);
+				int tag = o.TagNo;
+				switch (tag)
+				{
+					case 0:
+						nameDistinguisher = DerInteger.GetInstance(o, false).Value;
+						break;
+					case 1:
+						dateOfBirth = DerGeneralizedTime.GetInstance(o, false);
+						break;
+					case 2:
+						placeOfBirth = DirectoryString.GetInstance(o, true);
+						break;
+					case 3:
+						gender = DerPrintableString.GetInstance(o, false).GetString();
+						break;
+					case 4:
+						postalAddress = DirectoryString.GetInstance(o, true);
+						break;
+					default:
+						throw new ArgumentException("Bad tag number: " + o.TagNo);
+				}
+			}
+		}
+
+		/**
+		* Constructor from a given details.
+		*
+		* @param nameOrPseudonym  Name or pseudonym.
+		* @param nameDistinguisher Name distinguisher.
+		* @param dateOfBirth      Date of birth.
+		* @param placeOfBirth     Place of birth.
+		* @param gender           Gender.
+		* @param postalAddress    Postal Address.
+		*/
+		public PersonalData(
+			NameOrPseudonym		nameOrPseudonym,
+			BigInteger			nameDistinguisher,
+			DerGeneralizedTime	dateOfBirth,
+			DirectoryString		placeOfBirth,
+			string				gender,
+			DirectoryString		postalAddress)
+		{
+			this.nameOrPseudonym = nameOrPseudonym;
+			this.dateOfBirth = dateOfBirth;
+			this.gender = gender;
+			this.nameDistinguisher = nameDistinguisher;
+			this.postalAddress = postalAddress;
+			this.placeOfBirth = placeOfBirth;
+		}
+
+		public NameOrPseudonym NameOrPseudonym
+		{
+			get { return nameOrPseudonym; }
+		}
+
+		public BigInteger NameDistinguisher
+		{
+			get { return nameDistinguisher; }
+		}
+
+		public DerGeneralizedTime DateOfBirth
+		{
+			get { return dateOfBirth; }
+		}
+
+		public DirectoryString PlaceOfBirth
+		{
+			get { return placeOfBirth; }
+		}
+
+		public string Gender
+		{
+			get { return gender; }
+		}
+
+		public DirectoryString PostalAddress
+		{
+			get { return postalAddress; }
+		}
+
+		/**
+		* Produce an object suitable for an Asn1OutputStream.
+		* <p/>
+		* Returns:
+		* <p/>
+		* <pre>
+		*     PersonalData ::= SEQUENCE {
+		*       nameOrPseudonym NameOrPseudonym,
+		*       nameDistinguisher [0] INTEGER OPTIONAL,
+		*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+		*       placeOfBirth [2] DirectoryString OPTIONAL,
+		*       gender [3] PrintableString OPTIONAL,
+		*       postalAddress [4] DirectoryString OPTIONAL
+		*       }
+		* </pre>
+		*
+		* @return an Asn1Object
+		*/
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+			vec.Add(nameOrPseudonym);
+			if (nameDistinguisher != null)
+			{
+				vec.Add(new DerTaggedObject(false, 0, new DerInteger(nameDistinguisher)));
+			}
+			if (dateOfBirth != null)
+			{
+				vec.Add(new DerTaggedObject(false, 1, dateOfBirth));
+			}
+			if (placeOfBirth != null)
+			{
+				vec.Add(new DerTaggedObject(true, 2, placeOfBirth));
+			}
+			if (gender != null)
+			{
+				vec.Add(new DerTaggedObject(false, 3, new DerPrintableString(gender, true)));
+			}
+			if (postalAddress != null)
+			{
+				vec.Add(new DerTaggedObject(true, 4, postalAddress));
+			}
+			return new DerSequence(vec);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs
new file mode 100644
index 0000000..682311a
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs
@@ -0,0 +1,49 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X509.SigI
+{
+	/**
+	 * Object Identifiers of SigI specifciation (German Signature Law
+	 * Interoperability specification).
+	 */
+	public sealed class SigIObjectIdentifiers
+	{
+		private SigIObjectIdentifiers()
+		{
+		}
+
+		public readonly static DerObjectIdentifier IdSigI = new DerObjectIdentifier("1.3.36.8");
+
+		/**
+		* Key purpose IDs for German SigI (Signature Interoperability
+		* Specification)
+		*/
+		public readonly static DerObjectIdentifier IdSigIKP = new DerObjectIdentifier(IdSigI + ".2");
+
+		/**
+		* Certificate policy IDs for German SigI (Signature Interoperability
+		* Specification)
+		*/
+		public readonly static DerObjectIdentifier IdSigICP = new DerObjectIdentifier(IdSigI + ".1");
+
+		/**
+		* Other Name IDs for German SigI (Signature Interoperability Specification)
+		*/
+		public readonly static DerObjectIdentifier IdSigION = new DerObjectIdentifier(IdSigI + ".4");
+
+		/**
+		* To be used for for the generation of directory service certificates.
+		*/
+		public static readonly DerObjectIdentifier IdSigIKPDirectoryService = new DerObjectIdentifier(IdSigIKP + ".1");
+
+		/**
+		* ID for PersonalData
+		*/
+		public static readonly DerObjectIdentifier IdSigIONPersonalData = new DerObjectIdentifier(IdSigION + ".1");
+
+		/**
+		* Certificate is conform to german signature law.
+		*/
+		public static readonly DerObjectIdentifier IdSigICPSigConform = new DerObjectIdentifier(IdSigICP + ".1");
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/DHDomainParameters.cs b/bc-sharp-crypto/src/asn1/x9/DHDomainParameters.cs
new file mode 100644
index 0000000..b8c1ac0
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/DHDomainParameters.cs
@@ -0,0 +1,118 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+	public class DHDomainParameters
+		: Asn1Encodable
+	{
+		private readonly DerInteger p, g, q, j;
+		private readonly DHValidationParms validationParms;
+
+		public static DHDomainParameters GetInstance(Asn1TaggedObject obj, bool isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		public static DHDomainParameters GetInstance(object obj)
+		{
+			if (obj == null || obj is DHDomainParameters)
+				return (DHDomainParameters)obj;
+
+			if (obj is Asn1Sequence)
+				return new DHDomainParameters((Asn1Sequence)obj);
+
+			throw new ArgumentException("Invalid DHDomainParameters: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public DHDomainParameters(DerInteger p, DerInteger g, DerInteger q, DerInteger j,
+			DHValidationParms validationParms)
+		{
+			if (p == null)
+				throw new ArgumentNullException("p");
+			if (g == null)
+				throw new ArgumentNullException("g");
+			if (q == null)
+				throw new ArgumentNullException("q");
+
+			this.p = p;
+			this.g = g;
+			this.q = q;
+			this.j = j;
+			this.validationParms = validationParms;
+		}
+
+		private DHDomainParameters(Asn1Sequence seq)
+		{
+			if (seq.Count < 3 || seq.Count > 5)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			IEnumerator e = seq.GetEnumerator();
+			this.p = DerInteger.GetInstance(GetNext(e));
+			this.g = DerInteger.GetInstance(GetNext(e));
+			this.q = DerInteger.GetInstance(GetNext(e));
+
+			Asn1Encodable next = GetNext(e);
+
+			if (next != null && next is DerInteger)
+			{
+				this.j = DerInteger.GetInstance(next);
+				next = GetNext(e);
+			}
+
+			if (next != null)
+			{
+				this.validationParms = DHValidationParms.GetInstance(next.ToAsn1Object());
+			}
+		}
+
+		private static Asn1Encodable GetNext(IEnumerator e)
+		{
+			return e.MoveNext() ? (Asn1Encodable)e.Current : null;
+		}
+
+		public DerInteger P
+		{
+			get { return this.p; }
+		}
+
+		public DerInteger G
+		{
+			get { return this.g; }
+		}
+
+		public DerInteger Q
+		{
+			get { return this.q; }
+		}
+
+		public DerInteger J
+		{
+			get { return this.j; }
+		}
+
+		public DHValidationParms ValidationParms
+		{
+			get { return this.validationParms; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector(p, g, q);
+
+			if (this.j != null)
+			{
+				v.Add(this.j);
+			}
+
+			if (this.validationParms != null)
+			{
+				v.Add(this.validationParms);
+			}
+
+			return new DerSequence(v);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/DHPublicKey.cs b/bc-sharp-crypto/src/asn1/x9/DHPublicKey.cs
new file mode 100644
index 0000000..74a14a2
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/DHPublicKey.cs
@@ -0,0 +1,46 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+	public class DHPublicKey
+		: Asn1Encodable
+	{
+		private readonly DerInteger y;
+
+		public static DHPublicKey GetInstance(Asn1TaggedObject obj, bool isExplicit)
+		{
+			return GetInstance(DerInteger.GetInstance(obj, isExplicit));
+		}
+
+		public static DHPublicKey GetInstance(object obj)
+		{
+			if (obj == null || obj is DHPublicKey)
+				return (DHPublicKey)obj;
+
+			if (obj is DerInteger)
+				return new DHPublicKey((DerInteger)obj);
+
+			throw new ArgumentException("Invalid DHPublicKey: " + Platform.GetTypeName(obj), "obj");
+		}
+
+		public DHPublicKey(DerInteger y)
+		{
+			if (y == null)
+				throw new ArgumentNullException("y");
+
+			this.y = y;
+		}
+
+		public DerInteger Y
+		{
+			get { return this.y; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return this.y;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/DHValidationParms.cs b/bc-sharp-crypto/src/asn1/x9/DHValidationParms.cs
new file mode 100644
index 0000000..c63c502
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/DHValidationParms.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+	public class DHValidationParms
+		: Asn1Encodable
+	{
+		private readonly DerBitString seed;
+		private readonly DerInteger pgenCounter;
+
+		public static DHValidationParms GetInstance(Asn1TaggedObject obj, bool isExplicit)
+		{
+			return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+		}
+
+		public static DHValidationParms GetInstance(object obj)
+		{
+			if (obj == null || obj is DHDomainParameters)
+				return (DHValidationParms)obj;
+
+			if (obj is Asn1Sequence)
+				return new DHValidationParms((Asn1Sequence)obj);
+
+			throw new ArgumentException("Invalid DHValidationParms: " + Platform.GetTypeName(obj), "obj");
+		}
+		
+		public DHValidationParms(DerBitString seed, DerInteger pgenCounter)
+		{
+			if (seed == null)
+				throw new ArgumentNullException("seed");
+			if (pgenCounter == null)
+				throw new ArgumentNullException("pgenCounter");
+
+			this.seed = seed;
+			this.pgenCounter = pgenCounter;
+		}
+
+		private DHValidationParms(Asn1Sequence seq)
+		{
+			if (seq.Count != 2)
+				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
+
+			this.seed = DerBitString.GetInstance(seq[0]);
+			this.pgenCounter = DerInteger.GetInstance(seq[1]);
+		}
+
+		public DerBitString Seed
+		{
+			get { return this.seed; }
+		}
+
+		public DerInteger PgenCounter
+		{
+			get { return this.pgenCounter; }
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new DerSequence(seed, pgenCounter);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/ECNamedCurveTable.cs b/bc-sharp-crypto/src/asn1/x9/ECNamedCurveTable.cs
new file mode 100644
index 0000000..317ef17
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/ECNamedCurveTable.cs
@@ -0,0 +1,162 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.Anssi;
+using Org.BouncyCastle.Asn1.GM;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * A general class that reads all X9.62 style EC curve tables.
+     */
+    public class ECNamedCurveTable
+    {
+        /**
+         * return a X9ECParameters object representing the passed in named
+         * curve. The routine returns null if the curve is not present.
+         *
+         * @param name the name of the curve requested
+         * @return an X9ECParameters object or null if the curve is not available.
+         */
+        public static X9ECParameters GetByName(string name)
+        {
+            X9ECParameters ecP = X962NamedCurves.GetByName(name);
+            if (ecP == null)
+            {
+                ecP = SecNamedCurves.GetByName(name);
+            }
+            if (ecP == null)
+            {
+                ecP = NistNamedCurves.GetByName(name);
+            }
+            if (ecP == null)
+            {
+                ecP = TeleTrusTNamedCurves.GetByName(name);
+            }
+            if (ecP == null)
+            {
+                ecP = AnssiNamedCurves.GetByName(name);
+            }
+            if (ecP == null)
+            {
+                ecP = GMNamedCurves.GetByName(name);
+            }
+            return ecP;
+        }
+
+        public static string GetName(DerObjectIdentifier oid)
+        {
+            string name = X962NamedCurves.GetName(oid);
+            if (name == null)
+            {
+                name = SecNamedCurves.GetName(oid);
+            }
+            if (name == null)
+            {
+                name = NistNamedCurves.GetName(oid);
+            }
+            if (name == null)
+            {
+                name = TeleTrusTNamedCurves.GetName(oid);
+            }
+            if (name == null)
+            {
+                name = AnssiNamedCurves.GetName(oid);
+            }
+            if (name == null)
+            {
+                name = GMNamedCurves.GetName(oid);
+            }
+            return name;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(string name)
+        {
+            DerObjectIdentifier oid = X962NamedCurves.GetOid(name);
+            if (oid == null)
+            {
+                oid = SecNamedCurves.GetOid(name);
+            }
+            if (oid == null)
+            {
+                oid = NistNamedCurves.GetOid(name);
+            }
+            if (oid == null)
+            {
+                oid = TeleTrusTNamedCurves.GetOid(name);
+            }
+            if (oid == null)
+            {
+                oid = AnssiNamedCurves.GetOid(name);
+            }
+            if (oid == null)
+            {
+                oid = GMNamedCurves.GetOid(name);
+            }
+            return oid;
+        }
+
+        /**
+         * return a X9ECParameters object representing the passed in named
+         * curve.
+         *
+         * @param oid the object id of the curve requested
+         * @return an X9ECParameters object or null if the curve is not available.
+         */
+        public static X9ECParameters GetByOid(DerObjectIdentifier oid)
+        {
+            X9ECParameters ecP = X962NamedCurves.GetByOid(oid);
+            if (ecP == null)
+            {
+                ecP = SecNamedCurves.GetByOid(oid);
+            }
+
+            // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
+
+            if (ecP == null)
+            {
+                ecP = TeleTrusTNamedCurves.GetByOid(oid);
+            }
+            if (ecP == null)
+            {
+                ecP = AnssiNamedCurves.GetByOid(oid);
+            }
+            if (ecP == null)
+            {
+                ecP = GMNamedCurves.GetByOid(oid);
+            }
+            return ecP;
+        }
+
+        /**
+         * return an enumeration of the names of the available curves.
+         *
+         * @return an enumeration of the names of the available curves.
+         */
+        public static IEnumerable Names
+        {
+            get
+            {
+                IList v = Platform.CreateArrayList();
+                CollectionUtilities.AddRange(v, X962NamedCurves.Names);
+                CollectionUtilities.AddRange(v, SecNamedCurves.Names);
+                CollectionUtilities.AddRange(v, NistNamedCurves.Names);
+                CollectionUtilities.AddRange(v, TeleTrusTNamedCurves.Names);
+                CollectionUtilities.AddRange(v, AnssiNamedCurves.Names);
+                CollectionUtilities.AddRange(v, GMNamedCurves.Names);
+                return v;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/KeySpecificInfo.cs b/bc-sharp-crypto/src/asn1/x9/KeySpecificInfo.cs
new file mode 100644
index 0000000..4629864
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/KeySpecificInfo.cs
@@ -0,0 +1,58 @@
+using System.Collections;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure. See
+     * RFC 2631, or X9.42, for further details.
+     */
+    public class KeySpecificInfo
+        : Asn1Encodable
+    {
+        private DerObjectIdentifier	algorithm;
+        private Asn1OctetString		counter;
+
+		public KeySpecificInfo(
+            DerObjectIdentifier	algorithm,
+            Asn1OctetString		counter)
+        {
+            this.algorithm = algorithm;
+            this.counter = counter;
+        }
+
+		public KeySpecificInfo(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+            algorithm = (DerObjectIdentifier)e.Current;
+            e.MoveNext();
+            counter = (Asn1OctetString)e.Current;
+        }
+
+		public DerObjectIdentifier Algorithm
+        {
+            get { return algorithm; }
+        }
+
+		public Asn1OctetString Counter
+        {
+            get { return counter; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  KeySpecificInfo ::= Sequence {
+         *      algorithm OBJECT IDENTIFIER,
+         *      counter OCTET STRING SIZE (4..4)
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+			return new DerSequence(algorithm, counter);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/OtherInfo.cs b/bc-sharp-crypto/src/asn1/x9/OtherInfo.cs
new file mode 100644
index 0000000..21863bd
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/OtherInfo.cs
@@ -0,0 +1,88 @@
+using System.Collections;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * ANS.1 def for Diffie-Hellman key exchange OtherInfo structure. See
+     * RFC 2631, or X9.42, for further details.
+     */
+    public class OtherInfo
+        : Asn1Encodable
+    {
+        private KeySpecificInfo	keyInfo;
+        private Asn1OctetString	partyAInfo;
+        private Asn1OctetString	suppPubInfo;
+
+		public OtherInfo(
+            KeySpecificInfo	keyInfo,
+            Asn1OctetString	partyAInfo,
+            Asn1OctetString	suppPubInfo)
+        {
+            this.keyInfo = keyInfo;
+            this.partyAInfo = partyAInfo;
+            this.suppPubInfo = suppPubInfo;
+        }
+
+		public OtherInfo(
+            Asn1Sequence seq)
+        {
+            IEnumerator e = seq.GetEnumerator();
+
+			e.MoveNext();
+            keyInfo = new KeySpecificInfo((Asn1Sequence) e.Current);
+
+			while (e.MoveNext())
+            {
+                DerTaggedObject o = (DerTaggedObject) e.Current;
+
+				if (o.TagNo == 0)
+                {
+                    partyAInfo = (Asn1OctetString) o.GetObject();
+                }
+                else if ((int) o.TagNo == 2)
+                {
+                    suppPubInfo = (Asn1OctetString) o.GetObject();
+                }
+            }
+        }
+
+		public KeySpecificInfo KeyInfo
+        {
+			get { return keyInfo; }
+        }
+
+		public Asn1OctetString PartyAInfo
+        {
+			get { return partyAInfo; }
+        }
+
+		public Asn1OctetString SuppPubInfo
+        {
+            get { return suppPubInfo; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  OtherInfo ::= Sequence {
+         *      keyInfo KeySpecificInfo,
+         *      partyAInfo [0] OCTET STRING OPTIONAL,
+         *      suppPubInfo [2] OCTET STRING
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(keyInfo);
+
+			if (partyAInfo != null)
+            {
+                v.Add(new DerTaggedObject(0, partyAInfo));
+            }
+
+			v.Add(new DerTaggedObject(2, suppPubInfo));
+
+			return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X962NamedCurves.cs b/bc-sharp-crypto/src/asn1/x9/X962NamedCurves.cs
new file mode 100644
index 0000000..14f7f81
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X962NamedCurves.cs
@@ -0,0 +1,751 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * table of the current named curves defined in X.962 EC-DSA.
+     */
+    public sealed class X962NamedCurves
+    {
+        private X962NamedCurves()
+        {
+        }
+
+        internal class Prime192v1Holder
+            : X9ECParametersHolder
+        {
+            private Prime192v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime192v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp192v1 = new FpCurve(
+                    new BigInteger("6277101735386680763835789423207666416083908700390324961279"),
+                    new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                    new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp192v1,
+                    new X9ECPoint(cFp192v1,
+                        Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")),
+                    n, h,
+                    Hex.Decode("3045AE6FC8422f64ED579528D38120EAE12196D5"));
+            }
+        }
+
+        internal class Prime192v2Holder
+            : X9ECParametersHolder
+        {
+            private Prime192v2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime192v2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp192v2 = new FpCurve(
+                    new BigInteger("6277101735386680763835789423207666416083908700390324961279"),
+                    new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                    new BigInteger("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp192v2,
+                    new X9ECPoint(cFp192v2,
+                        Hex.Decode("03eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a")),
+                    n, h,
+                    Hex.Decode("31a92ee2029fd10d901b113e990710f0d21ac6b6"));
+            }
+        }
+
+        internal class Prime192v3Holder
+            : X9ECParametersHolder
+        {
+            private Prime192v3Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime192v3Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("ffffffffffffffffffffffff7a62d031c83f4294f640ec13", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp192v3 = new FpCurve(
+                    new BigInteger("6277101735386680763835789423207666416083908700390324961279"),
+                    new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                    new BigInteger("22123dc2395a05caa7423daeccc94760a7d462256bd56916", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp192v3,
+                    new X9ECPoint(cFp192v3,
+                        Hex.Decode("027d29778100c65a1da1783716588dce2b8b4aee8e228f1896")),
+                    n, h,
+                    Hex.Decode("c469684435deb378c4b65ca9591e2a5763059a2e"));
+            }
+        }
+
+        internal class Prime239v1Holder
+            : X9ECParametersHolder
+        {
+            private Prime239v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime239v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp239v1 = new FpCurve(
+                    new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                    new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                    new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp239v1,
+                    new X9ECPoint(cFp239v1,
+                        Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")),
+                    n, h,
+                    Hex.Decode("e43bb460f0b80cc0c0b075798e948060f8321b7d"));
+            }
+        }
+
+        internal class Prime239v2Holder
+            : X9ECParametersHolder
+        {
+            private Prime239v2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime239v2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp239v2 = new FpCurve(
+                    new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                    new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                    new BigInteger("617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp239v2,
+                    new X9ECPoint(cFp239v2,
+                        Hex.Decode("0238af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7")),
+                    n, h,
+                    Hex.Decode("e8b4011604095303ca3b8099982be09fcb9ae616"));
+            }
+        }
+
+        internal class Prime239v3Holder
+            : X9ECParametersHolder
+        {
+            private Prime239v3Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime239v3Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp239v3 = new FpCurve(
+                    new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                    new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                    new BigInteger("255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp239v3,
+                    new X9ECPoint(cFp239v3,
+                        Hex.Decode("036768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a")),
+                    n, h,
+                    Hex.Decode("7d7374168ffe3471b60a857686a19475d3bfa2ff"));
+            }
+        }
+
+        internal class Prime256v1Holder
+            : X9ECParametersHolder
+        {
+            private Prime256v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new Prime256v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 16);
+                BigInteger h = BigInteger.One;
+
+                ECCurve cFp256v1 = new FpCurve(
+                    new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853951"),
+                    new BigInteger("ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", 16),
+                    new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    cFp256v1,
+                    new X9ECPoint(cFp256v1,
+                        Hex.Decode("036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")),
+                    n, h,
+                    Hex.Decode("c49d360886e704936a6678e1139d26b7819f7e90"));
+            }
+        }
+
+        /*
+         * F2m Curves
+         */
+        internal class C2pnb163v1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb163v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb163v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0400000000000000000001E60FC8821CC74DAEAFC1", 16);
+                BigInteger h = BigInteger.Two;
+
+                ECCurve c2m163v1 = new F2mCurve(
+                    163,
+                    1, 2, 8,
+                    new BigInteger("072546B5435234A422E0789675F432C89435DE5242", 16),
+                    new BigInteger("00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m163v1,
+                    new X9ECPoint(c2m163v1,
+                        Hex.Decode("0307AF69989546103D79329FCC3D74880F33BBE803CB")),
+                    n, h,
+                    Hex.Decode("D2C0FB15760860DEF1EEF4D696E6768756151754"));
+            }
+        }
+
+        internal class C2pnb163v2Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb163v2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb163v2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 16);
+                BigInteger h = BigInteger.Two;
+
+                ECCurve c2m163v2 = new F2mCurve(
+                    163,
+                    1, 2, 8,
+                    new BigInteger("0108B39E77C4B108BED981ED0E890E117C511CF072", 16),
+                    new BigInteger("0667ACEB38AF4E488C407433FFAE4F1C811638DF20", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m163v2,
+                    new X9ECPoint(c2m163v2,
+                        Hex.Decode("030024266E4EB5106D0A964D92C4860E2671DB9B6CC5")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb163v3Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb163v3Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb163v3Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 16);
+                BigInteger h = BigInteger.Two;
+
+                ECCurve c2m163v3 = new F2mCurve(
+                    163,
+                    1, 2, 8,
+                    new BigInteger("07A526C63D3E25A256A007699F5447E32AE456B50E", 16),
+                    new BigInteger("03F7061798EB99E238FD6F1BF95B48FEEB4854252B", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m163v3,
+                    new X9ECPoint(c2m163v3, Hex.Decode("0202F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb176w1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb176w1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb176w1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("010092537397ECA4F6145799D62B0A19CE06FE26AD", 16);
+                BigInteger h = BigInteger.ValueOf(0xFF6E);
+
+                ECCurve c2m176w1 = new F2mCurve(
+                    176,
+                    1, 2, 43,
+                    new BigInteger("00E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B", 16),
+                    new BigInteger("005DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m176w1,
+                    new X9ECPoint(c2m176w1,
+                        Hex.Decode("038D16C2866798B600F9F08BB4A8E860F3298CE04A5798")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb191v1Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb191v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb191v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("40000000000000000000000004A20E90C39067C893BBB9A5", 16);
+                BigInteger h = BigInteger.Two;
+
+                ECCurve c2m191v1 = new F2mCurve(
+                    191,
+                    9,
+                    new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16),
+                    new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m191v1,
+                    new X9ECPoint(c2m191v1,
+                        Hex.Decode("0236B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D")),
+                    n, h,
+                    Hex.Decode("4E13CA542744D696E67687561517552F279A8C84"));
+            }
+        }
+
+        internal class C2tnb191v2Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb191v2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb191v2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("20000000000000000000000050508CB89F652824E06B8173", 16);
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve c2m191v2 = new F2mCurve(
+                    191,
+                    9,
+                    new BigInteger("401028774D7777C7B7666D1366EA432071274F89FF01E718", 16),
+                    new BigInteger("0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m191v2,
+                    new X9ECPoint(c2m191v2,
+                        Hex.Decode("023809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb191v3Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb191v3Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb191v3Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("155555555555555555555555610C0B196812BFB6288A3EA3", 16);
+                BigInteger h = BigInteger.ValueOf(6);
+
+                ECCurve c2m191v3 = new F2mCurve(
+                    191,
+                    9,
+                    new BigInteger("6C01074756099122221056911C77D77E77A777E7E7E77FCB", 16),
+                    new BigInteger("71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m191v3,
+                    new X9ECPoint(c2m191v3,
+                        Hex.Decode("03375D4CE24FDE434489DE8746E71786015009E66E38A926DD")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb208w1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb208w1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb208w1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 16);
+                BigInteger h = BigInteger.ValueOf(0xFE48);
+
+                ECCurve c2m208w1 = new F2mCurve(
+                    208,
+                    1, 2, 83,
+                    new BigInteger("0", 16),
+                    new BigInteger("00C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m208w1,
+                    new X9ECPoint(c2m208w1,
+                        Hex.Decode("0289FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb239v1Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb239v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb239v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 16);
+                BigInteger h = BigInteger.ValueOf(4);
+
+                ECCurve c2m239v1 = new F2mCurve(
+                    239,
+                    36,
+                    new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16),
+                    new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m239v1,
+                    new X9ECPoint(c2m239v1,
+                        Hex.Decode("0257927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb239v2Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb239v2Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb239v2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 16);
+                BigInteger h = BigInteger.ValueOf(6);
+
+                ECCurve c2m239v2 = new F2mCurve(
+                    239,
+                    36,
+                    new BigInteger("4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F", 16),
+                    new BigInteger("5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m239v2,
+                    new X9ECPoint(c2m239v2,
+                        Hex.Decode("0228F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb239v3Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb239v3Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb239v3Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 16);
+                BigInteger h = BigInteger.ValueOf(10);
+
+                ECCurve c2m239v3 = new F2mCurve(
+                    239,
+                    36,
+                    new BigInteger("01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F", 16),
+                    new BigInteger("6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m239v3,
+                    new X9ECPoint(c2m239v3,
+                        Hex.Decode("0370F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb272w1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb272w1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb272w1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521", 16);
+                BigInteger h = BigInteger.ValueOf(0xFF06);
+
+                ECCurve c2m272w1 = new F2mCurve(
+                    272,
+                    1, 3, 56,
+                    new BigInteger("0091A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20", 16),
+                    new BigInteger("7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m272w1,
+                    new X9ECPoint(c2m272w1,
+                        Hex.Decode("026108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb304w1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb304w1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb304w1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D", 16);
+                BigInteger h = BigInteger.ValueOf(0xFE2E);
+
+                ECCurve c2m304w1 = new F2mCurve(
+                    304,
+                    1, 2, 11,
+                    new BigInteger("00FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681", 16),
+                    new BigInteger("00BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m304w1,
+                    new X9ECPoint(c2m304w1,
+                        Hex.Decode("02197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb359v1Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb359v1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb359v1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B", 16);
+                BigInteger h = BigInteger.ValueOf(0x4C);
+
+                ECCurve c2m359v1 = new F2mCurve(
+                    359,
+                    68,
+                    new BigInteger("5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557", 16),
+                    new BigInteger("2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m359v1,
+                    new X9ECPoint(c2m359v1,
+                        Hex.Decode("033C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2pnb368w1Holder
+            : X9ECParametersHolder
+        {
+            private C2pnb368w1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2pnb368w1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967", 16);
+                BigInteger h = BigInteger.ValueOf(0xFF70);
+
+                ECCurve c2m368w1 = new F2mCurve(
+                    368,
+                    1, 2, 85,
+                    new BigInteger("00E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D", 16),
+                    new BigInteger("00FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m368w1,
+                    new X9ECPoint(c2m368w1,
+                        Hex.Decode("021085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F")),
+                    n, h,
+                    null);
+            }
+        }
+
+        internal class C2tnb431r1Holder
+            : X9ECParametersHolder
+        {
+            private C2tnb431r1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new C2tnb431r1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                BigInteger n = new BigInteger("0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91", 16);
+                BigInteger h = BigInteger.ValueOf(0x2760);
+
+                ECCurve c2m431r1 = new F2mCurve(
+                    431,
+                    120,
+                    new BigInteger("1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F", 16),
+                    new BigInteger("10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618", 16),
+                    n, h);
+
+                return new X9ECParameters(
+                    c2m431r1,
+                    new X9ECPoint(c2m431r1,
+                        Hex.Decode("02120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7")),
+                    n, h,
+                    null);
+            }
+        }
+
+        private static readonly IDictionary objIds = Platform.CreateHashtable();
+        private static readonly IDictionary curves = Platform.CreateHashtable();
+        private static readonly IDictionary names = Platform.CreateHashtable();
+
+        private static void DefineCurve(
+            string					name,
+            DerObjectIdentifier		oid,
+            X9ECParametersHolder	holder)
+        {
+            objIds.Add(Platform.ToUpperInvariant(name), oid);
+            names.Add(oid, name);
+            curves.Add(oid, holder);
+        }
+
+        static X962NamedCurves()
+        {
+            DefineCurve("prime192v1", X9ObjectIdentifiers.Prime192v1, Prime192v1Holder.Instance);
+            DefineCurve("prime192v2", X9ObjectIdentifiers.Prime192v2, Prime192v2Holder.Instance);
+            DefineCurve("prime192v3", X9ObjectIdentifiers.Prime192v3, Prime192v3Holder.Instance);
+            DefineCurve("prime239v1", X9ObjectIdentifiers.Prime239v1, Prime239v1Holder.Instance);
+            DefineCurve("prime239v2", X9ObjectIdentifiers.Prime239v2, Prime239v2Holder.Instance);
+            DefineCurve("prime239v3", X9ObjectIdentifiers.Prime239v3, Prime239v3Holder.Instance);
+            DefineCurve("prime256v1", X9ObjectIdentifiers.Prime256v1, Prime256v1Holder.Instance);
+            DefineCurve("c2pnb163v1", X9ObjectIdentifiers.C2Pnb163v1, C2pnb163v1Holder.Instance);
+            DefineCurve("c2pnb163v2", X9ObjectIdentifiers.C2Pnb163v2, C2pnb163v2Holder.Instance);
+            DefineCurve("c2pnb163v3", X9ObjectIdentifiers.C2Pnb163v3, C2pnb163v3Holder.Instance);
+            DefineCurve("c2pnb176w1", X9ObjectIdentifiers.C2Pnb176w1, C2pnb176w1Holder.Instance);
+            DefineCurve("c2tnb191v1", X9ObjectIdentifiers.C2Tnb191v1, C2tnb191v1Holder.Instance);
+            DefineCurve("c2tnb191v2", X9ObjectIdentifiers.C2Tnb191v2, C2tnb191v2Holder.Instance);
+            DefineCurve("c2tnb191v3", X9ObjectIdentifiers.C2Tnb191v3, C2tnb191v3Holder.Instance);
+            DefineCurve("c2pnb208w1", X9ObjectIdentifiers.C2Pnb208w1, C2pnb208w1Holder.Instance);
+            DefineCurve("c2tnb239v1", X9ObjectIdentifiers.C2Tnb239v1, C2tnb239v1Holder.Instance);
+            DefineCurve("c2tnb239v2", X9ObjectIdentifiers.C2Tnb239v2, C2tnb239v2Holder.Instance);
+            DefineCurve("c2tnb239v3", X9ObjectIdentifiers.C2Tnb239v3, C2tnb239v3Holder.Instance);
+            DefineCurve("c2pnb272w1", X9ObjectIdentifiers.C2Pnb272w1, C2pnb272w1Holder.Instance);
+            DefineCurve("c2pnb304w1", X9ObjectIdentifiers.C2Pnb304w1, C2pnb304w1Holder.Instance);
+            DefineCurve("c2tnb359v1", X9ObjectIdentifiers.C2Tnb359v1, C2tnb359v1Holder.Instance);
+            DefineCurve("c2pnb368w1", X9ObjectIdentifiers.C2Pnb368w1, C2pnb368w1Holder.Instance);
+            DefineCurve("c2tnb431r1", X9ObjectIdentifiers.C2Tnb431r1, C2tnb431r1Holder.Instance);
+        }
+
+        public static X9ECParameters GetByName(
+            string name)
+        {
+            DerObjectIdentifier oid = GetOid(name);
+            return oid == null ? null : GetByOid(oid);
+        }
+
+        /**
+         * return the X9ECParameters object for the named curve represented by
+         * the passed in object identifier. Null if the curve isn't present.
+         *
+         * @param oid an object identifier representing a named curve, if present.
+         */
+        public static X9ECParameters GetByOid(
+            DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)curves[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(
+            string name)
+        {
+            return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+         * return the named curve name represented by the given object identifier.
+         */
+        public static string GetName(
+            DerObjectIdentifier oid)
+        {
+            return (string)names[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names.Values); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X962Parameters.cs b/bc-sharp-crypto/src/asn1/x9/X962Parameters.cs
new file mode 100644
index 0000000..04a5c9c
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X962Parameters.cs
@@ -0,0 +1,88 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    public class X962Parameters
+        : Asn1Encodable, IAsn1Choice
+    {
+        private readonly Asn1Object _params;
+
+		public static X962Parameters GetInstance(
+			object obj)
+		{
+			if (obj == null || obj is X962Parameters) 
+			{
+				return (X962Parameters)obj;
+			}
+
+			if (obj is Asn1Object) 
+			{
+				return new X962Parameters((Asn1Object)obj);
+			}
+
+			if (obj is byte[])
+			{
+				try
+				{
+					return new X962Parameters(Asn1Object.FromByteArray((byte[])obj));
+				}
+				catch (Exception e)
+				{
+					throw new ArgumentException("unable to parse encoded data: " + e.Message, e);
+				}
+			}
+
+			throw new ArgumentException("unknown object in getInstance()");
+		}
+
+		public X962Parameters(
+            X9ECParameters ecParameters)
+        {
+            this._params = ecParameters.ToAsn1Object();
+        }
+
+		public X962Parameters(
+            DerObjectIdentifier namedCurve)
+        {
+            this._params = namedCurve;
+        }
+
+		public X962Parameters(
+            Asn1Object obj)
+        {
+            this._params = obj;
+        }
+
+		public bool IsNamedCurve
+        {
+			get { return (_params is DerObjectIdentifier); }
+        }
+
+		public bool IsImplicitlyCA
+        {
+			get { return (_params is Asn1Null); }
+        }
+
+		public Asn1Object Parameters
+        {
+            get { return _params; }
+        }
+
+		/**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         * Parameters ::= CHOICE {
+         *    ecParameters ECParameters,
+         *    namedCurve   CURVES.&amp;id({CurveNames}),
+         *    implicitlyCA Null
+         * }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return _params;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9Curve.cs b/bc-sharp-crypto/src/asn1/x9/X9Curve.cs
new file mode 100644
index 0000000..f05a946
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9Curve.cs
@@ -0,0 +1,146 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * ASN.1 def for Elliptic-Curve Curve structure. See
+     * X9.62, for further details.
+     */
+    public class X9Curve
+        : Asn1Encodable
+    {
+        private readonly ECCurve curve;
+        private readonly byte[] seed;
+        private readonly DerObjectIdentifier fieldIdentifier;
+
+        public X9Curve(
+            ECCurve curve)
+            : this(curve, null)
+        {
+        }
+
+        public X9Curve(
+            ECCurve	curve,
+            byte[]	seed)
+        {
+            if (curve == null)
+                throw new ArgumentNullException("curve");
+
+            this.curve = curve;
+            this.seed = Arrays.Clone(seed);
+
+            if (ECAlgorithms.IsFpCurve(curve))
+            {
+                this.fieldIdentifier = X9ObjectIdentifiers.PrimeField;
+            }
+            else if (ECAlgorithms.IsF2mCurve(curve))
+            {
+                this.fieldIdentifier = X9ObjectIdentifiers.CharacteristicTwoField;
+            }
+            else
+            {
+                throw new ArgumentException("This type of ECCurve is not implemented");
+            }
+        }
+
+        public X9Curve(
+            X9FieldID		fieldID,
+            Asn1Sequence	seq)
+        {
+            if (fieldID == null)
+                throw new ArgumentNullException("fieldID");
+            if (seq == null)
+                throw new ArgumentNullException("seq");
+
+            this.fieldIdentifier = fieldID.Identifier;
+
+            if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField))
+            {
+                BigInteger q = ((DerInteger) fieldID.Parameters).Value;
+                X9FieldElement x9A = new X9FieldElement(q, (Asn1OctetString) seq[0]);
+                X9FieldElement x9B = new X9FieldElement(q, (Asn1OctetString) seq[1]);
+                curve = new FpCurve(q, x9A.Value.ToBigInteger(), x9B.Value.ToBigInteger());
+            }
+            else
+            {
+                if (fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField)) 
+                {
+                    // Characteristic two field
+                    DerSequence parameters = (DerSequence)fieldID.Parameters;
+                    int m = ((DerInteger)parameters[0]).Value.IntValue;
+                    DerObjectIdentifier representation
+                        = (DerObjectIdentifier)parameters[1];
+
+                    int k1 = 0;
+                    int k2 = 0;
+                    int k3 = 0;
+                    if (representation.Equals(X9ObjectIdentifiers.TPBasis)) 
+                    {
+                        // Trinomial basis representation
+                        k1 = ((DerInteger)parameters[2]).Value.IntValue;
+                    }
+                    else 
+                    {
+                        // Pentanomial basis representation
+                        DerSequence pentanomial = (DerSequence) parameters[2];
+                        k1 = ((DerInteger) pentanomial[0]).Value.IntValue;
+                        k2 = ((DerInteger) pentanomial[1]).Value.IntValue;
+                        k3 = ((DerInteger) pentanomial[2]).Value.IntValue;
+                    }
+                    X9FieldElement x9A = new X9FieldElement(m, k1, k2, k3, (Asn1OctetString)seq[0]);
+                    X9FieldElement x9B = new X9FieldElement(m, k1, k2, k3, (Asn1OctetString)seq[1]);
+                    // TODO Is it possible to get the order (n) and cofactor(h) too?
+                    curve = new F2mCurve(m, k1, k2, k3, x9A.Value.ToBigInteger(), x9B.Value.ToBigInteger());
+                }
+            }
+
+            if (seq.Count == 3)
+            {
+                seed = ((DerBitString) seq[2]).GetBytes();
+            }
+        }
+
+        public ECCurve Curve
+        {
+            get { return curve; }
+        }
+
+        public byte[] GetSeed()
+        {
+            return Arrays.Clone(seed);
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  Curve ::= Sequence {
+         *      a               FieldElement,
+         *      b               FieldElement,
+         *      seed            BIT STRING      OPTIONAL
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+            if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField)
+                || fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField)) 
+            { 
+                v.Add(new X9FieldElement(curve.A).ToAsn1Object());
+                v.Add(new X9FieldElement(curve.B).ToAsn1Object());
+            } 
+
+            if (seed != null)
+            {
+                v.Add(new DerBitString(seed));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9ECParameters.cs b/bc-sharp-crypto/src/asn1/x9/X9ECParameters.cs
new file mode 100644
index 0000000..0fa3437
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9ECParameters.cs
@@ -0,0 +1,233 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.Field;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * ASN.1 def for Elliptic-Curve ECParameters structure. See
+     * X9.62, for further details.
+     */
+    public class X9ECParameters
+        : Asn1Encodable
+    {
+        private X9FieldID	fieldID;
+        private ECCurve		curve;
+        private X9ECPoint	g;
+        private BigInteger	n;
+        private BigInteger	h;
+        private byte[]		seed;
+
+		public static X9ECParameters GetInstance(Object obj)
+		{
+			if (obj is X9ECParameters)
+			{
+				return (X9ECParameters)obj;
+			}
+
+			if (obj != null)
+			{
+				return new X9ECParameters(Asn1Sequence.GetInstance(obj));
+			}
+
+			return null;
+		}
+
+        public X9ECParameters(
+            Asn1Sequence seq)
+        {
+            if (!(seq[0] is DerInteger)
+               || !((DerInteger) seq[0]).Value.Equals(BigInteger.One))
+            {
+                throw new ArgumentException("bad version in X9ECParameters");
+            }
+
+            X9Curve x9c = new X9Curve(
+                X9FieldID.GetInstance(seq[1]),
+                Asn1Sequence.GetInstance(seq[2]));
+
+            this.curve = x9c.Curve;
+            object p = seq[3];
+
+            if (p is X9ECPoint)
+            {
+                this.g = ((X9ECPoint)p);
+            }
+            else
+            {
+                this.g = new X9ECPoint(curve, (Asn1OctetString)p);
+            }
+
+            this.n = ((DerInteger)seq[4]).Value;
+            this.seed = x9c.GetSeed();
+
+            if (seq.Count == 6)
+            {
+                this.h = ((DerInteger)seq[5]).Value;
+            }
+        }
+
+        public X9ECParameters(
+            ECCurve		curve,
+            ECPoint		g,
+            BigInteger	n)
+            : this(curve, g, n, null, null)
+        {
+        }
+
+        public X9ECParameters(
+            ECCurve     curve,
+            X9ECPoint   g,
+            BigInteger  n,
+            BigInteger  h)
+            : this(curve, g, n, h, null)
+        {
+        }
+
+        public X9ECParameters(
+            ECCurve		curve,
+            ECPoint		g,
+            BigInteger	n,
+            BigInteger	h)
+            : this(curve, g, n, h, null)
+        {
+        }
+
+        public X9ECParameters(
+            ECCurve		curve,
+            ECPoint		g,
+            BigInteger	n,
+            BigInteger	h,
+            byte[]		seed)
+            : this(curve, new X9ECPoint(g), n, h, seed)
+        {
+        }
+
+        public X9ECParameters(
+            ECCurve     curve,
+            X9ECPoint   g,
+            BigInteger  n,
+            BigInteger  h,
+            byte[]      seed)
+        {
+            this.curve = curve;
+            this.g = g;
+            this.n = n;
+            this.h = h;
+            this.seed = seed;
+
+            if (ECAlgorithms.IsFpCurve(curve))
+            {
+                this.fieldID = new X9FieldID(curve.Field.Characteristic);
+            }
+            else if (ECAlgorithms.IsF2mCurve(curve))
+            {
+                IPolynomialExtensionField field = (IPolynomialExtensionField)curve.Field;
+                int[] exponents = field.MinimalPolynomial.GetExponentsPresent();
+                if (exponents.Length == 3)
+                {
+                    this.fieldID = new X9FieldID(exponents[2], exponents[1]);
+                }
+                else if (exponents.Length == 5)
+                {
+                    this.fieldID = new X9FieldID(exponents[4], exponents[1], exponents[2], exponents[3]);
+                }
+                else
+                {
+                    throw new ArgumentException("Only trinomial and pentomial curves are supported");
+                }
+            }
+            else
+            {
+                throw new ArgumentException("'curve' is of an unsupported type");
+            }
+        }
+
+        public ECCurve Curve
+        {
+            get { return curve; }
+        }
+
+        public ECPoint G
+        {
+            get { return g.Point; }
+        }
+
+        public BigInteger N
+        {
+            get { return n; }
+        }
+
+        public BigInteger H
+        {
+            get { return h; }
+        }
+
+        public byte[] GetSeed()
+        {
+            return seed;
+        }
+
+        /**
+         * Return the ASN.1 entry representing the Curve.
+         *
+         * @return the X9Curve for the curve in these parameters.
+         */
+        public X9Curve CurveEntry
+        {
+            get { return new X9Curve(curve, seed); }
+        }
+
+        /**
+         * Return the ASN.1 entry representing the FieldID.
+         *
+         * @return the X9FieldID for the FieldID in these parameters.
+         */
+        public X9FieldID FieldIDEntry
+        {
+            get { return fieldID; }
+        }
+
+        /**
+         * Return the ASN.1 entry representing the base point G.
+         *
+         * @return the X9ECPoint for the base point in these parameters.
+         */
+        public X9ECPoint BaseEntry
+        {
+            get { return g; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  ECParameters ::= Sequence {
+         *      version         Integer { ecpVer1(1) } (ecpVer1),
+         *      fieldID         FieldID {{FieldTypes}},
+         *      curve           X9Curve,
+         *      base            X9ECPoint,
+         *      order           Integer,
+         *      cofactor        Integer OPTIONAL
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                new DerInteger(BigInteger.One),
+                fieldID,
+                new X9Curve(curve, seed),
+                g,
+                new DerInteger(n));
+
+            if (h != null)
+            {
+                v.Add(new DerInteger(h));
+            }
+
+            return new DerSequence(v);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9ECParametersHolder.cs b/bc-sharp-crypto/src/asn1/x9/X9ECParametersHolder.cs
new file mode 100644
index 0000000..e802b73
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9ECParametersHolder.cs
@@ -0,0 +1,25 @@
+namespace Org.BouncyCastle.Asn1.X9
+{
+	public abstract class X9ECParametersHolder
+	{
+		private X9ECParameters parameters;
+
+		public X9ECParameters Parameters
+		{
+			get
+			{
+                lock (this)
+                {
+                    if (parameters == null)
+                    {
+                        parameters = CreateParameters();
+                    }
+
+                    return parameters;
+                }
+            }
+        }
+
+		protected abstract X9ECParameters CreateParameters();
+	}
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9ECPoint.cs b/bc-sharp-crypto/src/asn1/x9/X9ECPoint.cs
new file mode 100644
index 0000000..7ef4f13
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9ECPoint.cs
@@ -0,0 +1,80 @@
+using Org.BouncyCastle.Math.EC;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * class for describing an ECPoint as a Der object.
+     */
+    public class X9ECPoint
+        : Asn1Encodable
+    {
+        private readonly Asn1OctetString encoding;
+
+        private ECCurve c;
+        private ECPoint p;
+
+        public X9ECPoint(ECPoint p)
+            : this(p, false)
+        {
+        }
+
+        public X9ECPoint(ECPoint p, bool compressed)
+        {
+            this.p = p.Normalize();
+            this.encoding = new DerOctetString(p.GetEncoded(compressed));
+        }
+
+        public X9ECPoint(ECCurve c, byte[] encoding)
+        {
+            this.c = c;
+            this.encoding = new DerOctetString(Arrays.Clone(encoding));
+        }
+
+        public X9ECPoint(ECCurve c, Asn1OctetString s)
+            : this(c, s.GetOctets())
+        {
+        }
+
+        public byte[] GetPointEncoding()
+        {
+            return Arrays.Clone(encoding.GetOctets());
+        }
+
+        public ECPoint Point
+        {
+            get
+            {
+                if (p == null)
+                {
+                    p = c.DecodePoint(encoding.GetOctets()).Normalize();
+                }
+
+                return p;
+            }
+        }
+
+        public bool IsPointCompressed
+        {
+            get
+            {
+                byte[] octets = encoding.GetOctets();
+                return octets != null && octets.Length > 0 && (octets[0] == 2 || octets[0] == 3);
+            }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  ECPoint ::= OCTET STRING
+         * </pre>
+         * <p>
+         * Octet string produced using ECPoint.GetEncoded().</p>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return encoding;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9FieldElement.cs b/bc-sharp-crypto/src/asn1/x9/X9FieldElement.cs
new file mode 100644
index 0000000..94bd96b
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9FieldElement.cs
@@ -0,0 +1,69 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * Class for processing an ECFieldElement as a DER object.
+     */
+    public class X9FieldElement
+        : Asn1Encodable
+    {
+        private ECFieldElement f;
+
+        public X9FieldElement(
+            ECFieldElement f)
+        {
+            this.f = f;
+        }
+
+        public X9FieldElement(
+            BigInteger		p,
+            Asn1OctetString	s)
+            : this(new FpFieldElement(p, new BigInteger(1, s.GetOctets())))
+        {
+        }
+
+        public X9FieldElement(
+            int				m,
+            int				k1,
+            int				k2,
+            int				k3,
+            Asn1OctetString	s)
+            : this(new F2mFieldElement(m, k1, k2, k3, new BigInteger(1, s.GetOctets())))
+        {
+        }
+
+        public ECFieldElement Value
+        {
+            get { return f; }
+        }
+
+        /**
+         * Produce an object suitable for an Asn1OutputStream.
+         * <pre>
+         *  FieldElement ::= OCTET STRING
+         * </pre>
+         * <p>
+         * <ol>
+         * <li> if <i>q</i> is an odd prime then the field element is
+         * processed as an Integer and converted to an octet string
+         * according to x 9.62 4.3.1.</li>
+         * <li> if <i>q</i> is 2<sup>m</sup> then the bit string
+         * contained in the field element is converted into an octet
+         * string with the same ordering padded at the front if necessary.
+         * </li>
+         * </ol>
+         * </p>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            int byteCount = X9IntegerConverter.GetByteLength(f);
+            byte[] paddedBigInteger = X9IntegerConverter.IntegerToBytes(f.ToBigInteger(), byteCount);
+
+            return new DerOctetString(paddedBigInteger);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9FieldID.cs b/bc-sharp-crypto/src/asn1/x9/X9FieldID.cs
new file mode 100644
index 0000000..08d7d71
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9FieldID.cs
@@ -0,0 +1,132 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    /**
+     * ASN.1 def for Elliptic-Curve Field ID structure. See
+     * X9.62, for further details.
+     */
+    public class X9FieldID
+        : Asn1Encodable
+    {
+        private readonly DerObjectIdentifier	id;
+        private readonly Asn1Object parameters;
+
+        /**
+         * Constructor for elliptic curves over prime fields
+         * <code>F<sub>2</sub></code>.
+         * @param primeP The prime <code>p</code> defining the prime field.
+         */
+        public X9FieldID(
+            BigInteger primeP)
+        {
+            this.id = X9ObjectIdentifiers.PrimeField;
+            this.parameters = new DerInteger(primeP);
+        }
+
+        /**
+         * Constructor for elliptic curves over binary fields
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         */
+        public X9FieldID(int m, int k1)
+            : this(m, k1, 0, 0)
+        {
+        }
+
+        /**
+         * Constructor for elliptic curves over binary fields
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>..
+         */
+        public X9FieldID(
+            int m,
+            int k1,
+            int k2,
+            int k3)
+        {
+            this.id = X9ObjectIdentifiers.CharacteristicTwoField;
+
+            Asn1EncodableVector fieldIdParams = new Asn1EncodableVector(new DerInteger(m));
+
+            if (k2 == 0)
+            {
+                if (k3 != 0)
+                    throw new ArgumentException("inconsistent k values");
+
+                fieldIdParams.Add(
+                    X9ObjectIdentifiers.TPBasis,
+                    new DerInteger(k1));
+            }
+            else
+            {
+                if (k2 <= k1 || k3 <= k2)
+                    throw new ArgumentException("inconsistent k values");
+
+                fieldIdParams.Add(
+                    X9ObjectIdentifiers.PPBasis,
+                    new DerSequence(
+                        new DerInteger(k1),
+                        new DerInteger(k2),
+                        new DerInteger(k3)));
+            }
+
+            this.parameters = new DerSequence(fieldIdParams);
+        }
+
+        private X9FieldID(Asn1Sequence seq)
+        {
+            this.id = DerObjectIdentifier.GetInstance(seq[0]);
+            this.parameters = seq[1].ToAsn1Object();
+        }
+
+        public static X9FieldID GetInstance(object obj)
+        {
+            if (obj is X9FieldID)
+                return (X9FieldID)obj;
+            if (obj == null)
+                return null;
+            return new X9FieldID(Asn1Sequence.GetInstance(obj));
+        }
+
+        public DerObjectIdentifier Identifier
+        {
+            get { return id; }
+        }
+
+        public Asn1Object Parameters
+        {
+            get { return parameters; }
+        }
+
+        /**
+         * Produce a Der encoding of the following structure.
+         * <pre>
+         *  FieldID ::= Sequence {
+         *      fieldType       FIELD-ID.&amp;id({IOSet}),
+         *      parameters      FIELD-ID.&amp;Type({IOSet}{&#64;fieldType})
+         *  }
+         * </pre>
+         */
+        public override Asn1Object ToAsn1Object()
+        {
+            return new DerSequence(id, parameters);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9IntegerConverter.cs b/bc-sharp-crypto/src/asn1/x9/X9IntegerConverter.cs
new file mode 100644
index 0000000..e8f4571
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9IntegerConverter.cs
@@ -0,0 +1,40 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    public abstract class X9IntegerConverter
+    {
+        public static int GetByteLength(ECFieldElement fe)
+        {
+            return (fe.FieldSize + 7) / 8;
+        }
+
+        public static int GetByteLength(ECCurve c)
+        {
+            return (c.FieldSize + 7) / 8;
+        }
+
+        public static byte[] IntegerToBytes(BigInteger s, int qLength)
+        {
+            byte[] bytes = s.ToByteArrayUnsigned();
+
+            if (qLength < bytes.Length)
+            {
+                byte[] tmp = new byte[qLength];
+                Array.Copy(bytes, bytes.Length - tmp.Length, tmp, 0, tmp.Length);
+                return tmp;
+            }
+            else if (qLength > bytes.Length)
+            {
+                byte[] tmp = new byte[qLength];
+                Array.Copy(bytes, 0, tmp, tmp.Length - bytes.Length, bytes.Length);
+                return tmp;
+            }
+
+            return bytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/asn1/x9/X9ObjectIdentifiers.cs b/bc-sharp-crypto/src/asn1/x9/X9ObjectIdentifiers.cs
new file mode 100644
index 0000000..9d7ecae
--- /dev/null
+++ b/bc-sharp-crypto/src/asn1/x9/X9ObjectIdentifiers.cs
@@ -0,0 +1,137 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.X9
+{
+    public abstract class X9ObjectIdentifiers
+    {
+        //
+        // X9.62
+        //
+        // ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+        //            us(840) ansi-x962(10045) }
+        //
+
+        internal const string AnsiX962 = "1.2.840.10045";
+
+        public static readonly DerObjectIdentifier ansi_X9_62 = new DerObjectIdentifier(AnsiX962);
+
+        public static readonly DerObjectIdentifier IdFieldType = ansi_X9_62.Branch("1");
+
+        public static readonly DerObjectIdentifier PrimeField = IdFieldType.Branch("1");
+        public static readonly DerObjectIdentifier CharacteristicTwoField = IdFieldType.Branch("2");
+
+        public static readonly DerObjectIdentifier GNBasis = CharacteristicTwoField.Branch("3.1");
+        public static readonly DerObjectIdentifier TPBasis = CharacteristicTwoField.Branch("3.2");
+        public static readonly DerObjectIdentifier PPBasis = CharacteristicTwoField.Branch("3.3");
+
+        [Obsolete("Use 'id_ecSigType' instead")]
+        public const string IdECSigType = AnsiX962 + ".4";
+        public static readonly DerObjectIdentifier id_ecSigType = ansi_X9_62.Branch("4");
+
+        public static readonly DerObjectIdentifier ECDsaWithSha1 = id_ecSigType.Branch("1");
+
+        [Obsolete("Use 'id_publicKeyType' instead")]
+        public const string IdPublicKeyType = AnsiX962 + ".2";
+        public static readonly DerObjectIdentifier id_publicKeyType = ansi_X9_62.Branch("2");
+
+        public static readonly DerObjectIdentifier IdECPublicKey = id_publicKeyType.Branch("1");
+
+        public static readonly DerObjectIdentifier ECDsaWithSha2 = id_ecSigType.Branch("3");
+
+        public static readonly DerObjectIdentifier ECDsaWithSha224 = ECDsaWithSha2.Branch("1");
+        public static readonly DerObjectIdentifier ECDsaWithSha256 = ECDsaWithSha2.Branch("2");
+        public static readonly DerObjectIdentifier ECDsaWithSha384 = ECDsaWithSha2.Branch("3");
+        public static readonly DerObjectIdentifier ECDsaWithSha512 = ECDsaWithSha2.Branch("4");
+
+
+        //
+        // named curves
+        //
+        public static readonly DerObjectIdentifier EllipticCurve = ansi_X9_62.Branch("3");
+
+        //
+        // Two Curves
+        //
+        public static readonly DerObjectIdentifier CTwoCurve = EllipticCurve.Branch("0");
+
+        public static readonly DerObjectIdentifier C2Pnb163v1 = CTwoCurve.Branch("1");
+        public static readonly DerObjectIdentifier C2Pnb163v2 = CTwoCurve.Branch("2");
+        public static readonly DerObjectIdentifier C2Pnb163v3 = CTwoCurve.Branch("3");
+        public static readonly DerObjectIdentifier C2Pnb176w1 = CTwoCurve.Branch("4");
+        public static readonly DerObjectIdentifier C2Tnb191v1 = CTwoCurve.Branch("5");
+        public static readonly DerObjectIdentifier C2Tnb191v2 = CTwoCurve.Branch("6");
+        public static readonly DerObjectIdentifier C2Tnb191v3 = CTwoCurve.Branch("7");
+        public static readonly DerObjectIdentifier C2Onb191v4 = CTwoCurve.Branch("8");
+        public static readonly DerObjectIdentifier C2Onb191v5 = CTwoCurve.Branch("9");
+        public static readonly DerObjectIdentifier C2Pnb208w1 = CTwoCurve.Branch("10");
+        public static readonly DerObjectIdentifier C2Tnb239v1 = CTwoCurve.Branch("11");
+        public static readonly DerObjectIdentifier C2Tnb239v2 = CTwoCurve.Branch("12");
+        public static readonly DerObjectIdentifier C2Tnb239v3 = CTwoCurve.Branch("13");
+        public static readonly DerObjectIdentifier C2Onb239v4 = CTwoCurve.Branch("14");
+        public static readonly DerObjectIdentifier C2Onb239v5 = CTwoCurve.Branch("15");
+        public static readonly DerObjectIdentifier C2Pnb272w1 = CTwoCurve.Branch("16");
+        public static readonly DerObjectIdentifier C2Pnb304w1 = CTwoCurve.Branch("17");
+        public static readonly DerObjectIdentifier C2Tnb359v1 = CTwoCurve.Branch("18");
+        public static readonly DerObjectIdentifier C2Pnb368w1 = CTwoCurve.Branch("19");
+        public static readonly DerObjectIdentifier C2Tnb431r1 = CTwoCurve.Branch("20");
+
+        //
+        // Prime
+        //
+        public static readonly DerObjectIdentifier PrimeCurve = EllipticCurve.Branch("1");
+
+        public static readonly DerObjectIdentifier Prime192v1 = PrimeCurve.Branch("1");
+        public static readonly DerObjectIdentifier Prime192v2 = PrimeCurve.Branch("2");
+        public static readonly DerObjectIdentifier Prime192v3 = PrimeCurve.Branch("3");
+        public static readonly DerObjectIdentifier Prime239v1 = PrimeCurve.Branch("4");
+        public static readonly DerObjectIdentifier Prime239v2 = PrimeCurve.Branch("5");
+        public static readonly DerObjectIdentifier Prime239v3 = PrimeCurve.Branch("6");
+        public static readonly DerObjectIdentifier Prime256v1 = PrimeCurve.Branch("7");
+
+        //
+        // DSA
+        //
+        // dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+        //            us(840) ansi-x957(10040) number-type(4) 1 }
+        public static readonly DerObjectIdentifier IdDsa = new DerObjectIdentifier("1.2.840.10040.4.1");
+
+        /**
+         *   id-dsa-with-sha1 OBJECT IDENTIFIER ::=  { iso(1) member-body(2)
+         *         us(840) x9-57 (10040) x9cm(4) 3 }
+         */
+        public static readonly DerObjectIdentifier IdDsaWithSha1 = new DerObjectIdentifier("1.2.840.10040.4.3");
+
+        /**
+         * X9.63
+         */
+        public static readonly DerObjectIdentifier X9x63Scheme = new DerObjectIdentifier("1.3.133.16.840.63.0");
+        public static readonly DerObjectIdentifier DHSinglePassStdDHSha1KdfScheme = X9x63Scheme.Branch("2");
+        public static readonly DerObjectIdentifier DHSinglePassCofactorDHSha1KdfScheme = X9x63Scheme.Branch("3");
+        public static readonly DerObjectIdentifier MqvSinglePassSha1KdfScheme = X9x63Scheme.Branch("16");
+
+        /**
+         * X9.42
+         */
+
+        public static readonly DerObjectIdentifier ansi_x9_42 = new DerObjectIdentifier("1.2.840.10046");
+
+        //
+        // Diffie-Hellman
+        //
+        // dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+        //            us(840) ansi-x942(10046) number-type(2) 1 }
+        //
+        public static readonly DerObjectIdentifier DHPublicNumber = ansi_x9_42.Branch("2.1");
+
+        public static readonly DerObjectIdentifier X9x42Schemes = ansi_x9_42.Branch("2.3");
+
+        public static readonly DerObjectIdentifier DHStatic = X9x42Schemes.Branch("1");
+        public static readonly DerObjectIdentifier DHEphem = X9x42Schemes.Branch("2");
+        public static readonly DerObjectIdentifier DHOneFlow = X9x42Schemes.Branch("3");
+        public static readonly DerObjectIdentifier DHHybrid1 = X9x42Schemes.Branch("4");
+        public static readonly DerObjectIdentifier DHHybrid2 = X9x42Schemes.Branch("5");
+        public static readonly DerObjectIdentifier DHHybridOneFlow = X9x42Schemes.Branch("6");
+        public static readonly DerObjectIdentifier Mqv2 = X9x42Schemes.Branch("7");
+        public static readonly DerObjectIdentifier Mqv1 = X9x42Schemes.Branch("8");
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ArmoredInputStream.cs b/bc-sharp-crypto/src/bcpg/ArmoredInputStream.cs
new file mode 100644
index 0000000..d5d9f7f
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ArmoredInputStream.cs
@@ -0,0 +1,524 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * reader for Base64 armored objects - read the headers and then start returning
+    * bytes when the data is reached. An IOException is thrown if the CRC check
+    * fails.
+    */
+    public class ArmoredInputStream
+        : BaseInputStream
+    {
+        /*
+        * set up the decoding table.
+        */
+        private readonly static byte[] decodingTable;
+        static ArmoredInputStream()
+        {
+            decodingTable = new byte[128];
+            for (int i = 'A'; i <= 'Z'; i++)
+            {
+                decodingTable[i] = (byte)(i - 'A');
+            }
+            for (int i = 'a'; i <= 'z'; i++)
+            {
+                decodingTable[i] = (byte)(i - 'a' + 26);
+            }
+            for (int i = '0'; i <= '9'; i++)
+            {
+                decodingTable[i] = (byte)(i - '0' + 52);
+            }
+            decodingTable['+'] = 62;
+            decodingTable['/'] = 63;
+        }
+
+        /**
+        * decode the base 64 encoded input data.
+        *
+        * @return the offset the data starts in out.
+        */
+        private int Decode(
+            int      in0,
+            int      in1,
+            int      in2,
+            int      in3,
+            int[]    result)
+        {
+            if (in3 < 0)
+            {
+                throw new EndOfStreamException("unexpected end of file in armored stream.");
+            }
+
+            int    b1, b2, b3, b4;
+            if (in2 == '=')
+            {
+                b1 = decodingTable[in0] &0xff;
+                b2 = decodingTable[in1] & 0xff;
+                result[2] = ((b1 << 2) | (b2 >> 4)) & 0xff;
+                return 2;
+            }
+            else if (in3 == '=')
+            {
+                b1 = decodingTable[in0];
+                b2 = decodingTable[in1];
+                b3 = decodingTable[in2];
+                result[1] = ((b1 << 2) | (b2 >> 4)) & 0xff;
+                result[2] = ((b2 << 4) | (b3 >> 2)) & 0xff;
+                return 1;
+            }
+            else
+            {
+                b1 = decodingTable[in0];
+                b2 = decodingTable[in1];
+                b3 = decodingTable[in2];
+                b4 = decodingTable[in3];
+                result[0] = ((b1 << 2) | (b2 >> 4)) & 0xff;
+                result[1] = ((b2 << 4) | (b3 >> 2)) & 0xff;
+                result[2] = ((b3 << 6) | b4) & 0xff;
+                return 0;
+            }
+        }
+
+        Stream      input;
+        bool        start = true;
+        int[]       outBuf = new int[3];
+        int         bufPtr = 3;
+        Crc24       crc = new Crc24();
+        bool        crcFound = false;
+        bool        hasHeaders = true;
+        string      header = null;
+        bool        newLineFound = false;
+        bool        clearText = false;
+        bool        restart = false;
+        IList       headerList= Platform.CreateArrayList();
+        int         lastC = 0;
+		bool		isEndOfStream;
+
+        /**
+        * Create a stream for reading a PGP armoured message, parsing up to a header
+        * and then reading the data that follows.
+        *
+        * @param input
+        */
+        public ArmoredInputStream(
+            Stream input)
+			: this(input, true)
+        {
+        }
+
+		/**
+        * Create an armoured input stream which will assume the data starts
+        * straight away, or parse for headers first depending on the value of
+        * hasHeaders.
+        *
+        * @param input
+        * @param hasHeaders true if headers are to be looked for, false otherwise.
+        */
+        public ArmoredInputStream(
+            Stream	input,
+            bool	hasHeaders)
+        {
+            this.input = input;
+            this.hasHeaders = hasHeaders;
+
+			if (hasHeaders)
+            {
+                ParseHeaders();
+            }
+
+			start = false;
+        }
+
+		private bool ParseHeaders()
+        {
+            header = null;
+
+			int		c;
+            int		last = 0;
+            bool	headerFound = false;
+
+            headerList = Platform.CreateArrayList();
+
+			//
+            // if restart we already have a header
+            //
+            if (restart)
+            {
+                headerFound = true;
+            }
+            else
+            {
+                while ((c = input.ReadByte()) >= 0)
+                {
+                    if (c == '-' && (last == 0 || last == '\n' || last == '\r'))
+                    {
+                        headerFound = true;
+                        break;
+                    }
+
+					last = c;
+                }
+            }
+
+			if (headerFound)
+            {
+                StringBuilder    Buffer = new StringBuilder("-");
+                bool             eolReached = false;
+                bool             crLf = false;
+
+				if (restart)    // we've had to look ahead two '-'
+                {
+                    Buffer.Append('-');
+                }
+
+				while ((c = input.ReadByte()) >= 0)
+                {
+                    if (last == '\r' && c == '\n')
+                    {
+                        crLf = true;
+                    }
+                    if (eolReached && (last != '\r' && c == '\n'))
+                    {
+                        break;
+                    }
+                    if (eolReached && c == '\r')
+                    {
+                        break;
+                    }
+                    if (c == '\r' || (last != '\r' && c == '\n'))
+                    {
+						string line = Buffer.ToString();
+						if (line.Trim().Length < 1)
+							break;
+                        headerList.Add(line);
+                        Buffer.Length = 0;
+                    }
+
+                    if (c != '\n' && c != '\r')
+                    {
+                        Buffer.Append((char)c);
+                        eolReached = false;
+                    }
+                    else
+                    {
+                        if (c == '\r' || (last != '\r' && c == '\n'))
+                        {
+                            eolReached = true;
+                        }
+                    }
+
+					last = c;
+                }
+
+				if (crLf)
+                {
+                    input.ReadByte(); // skip last \n
+                }
+            }
+
+			if (headerList.Count > 0)
+            {
+                header = (string) headerList[0];
+            }
+
+			clearText = "-----BEGIN PGP SIGNED MESSAGE-----".Equals(header);
+            newLineFound = true;
+
+			return headerFound;
+        }
+
+		/**
+        * @return true if we are inside the clear text section of a PGP
+        * signed message.
+        */
+        public bool IsClearText()
+        {
+            return clearText;
+        }
+
+		/**
+		 * @return true if the stream is actually at end of file.
+		 */
+		public bool IsEndOfStream()
+		{
+			return isEndOfStream;
+		}
+
+		/**
+        * Return the armor header line (if there is one)
+        * @return the armor header line, null if none present.
+        */
+        public string GetArmorHeaderLine()
+        {
+            return header;
+        }
+
+		/**
+        * Return the armor headers (the lines after the armor header line),
+        * @return an array of armor headers, null if there aren't any.
+        */
+        public string[] GetArmorHeaders()
+        {
+            if (headerList.Count <= 1)
+            {
+                return null;
+            }
+
+			string[] hdrs = new string[headerList.Count - 1];
+            for (int i = 0; i != hdrs.Length; i++)
+            {
+                hdrs[i] = (string) headerList[i + 1];
+            }
+
+			return hdrs;
+        }
+
+		private int ReadIgnoreSpace()
+        {
+            int c;
+            do
+            {
+                c = input.ReadByte();
+            }
+            while (c == ' ' || c == '\t');
+
+			return c;
+        }
+
+		private int ReadIgnoreWhitespace()
+        {
+            int c;
+            do
+            {
+                c = input.ReadByte();
+            }
+            while (c == ' ' || c == '\t' || c == '\r' || c == '\n');
+
+            return c;
+        }
+
+		private int ReadByteClearText()
+        {
+            int c = input.ReadByte();
+
+            if (c == '\r' || (c == '\n' && lastC != '\r'))
+            {
+                newLineFound = true;
+            }
+            else if (newLineFound && c == '-')
+            {
+                c = input.ReadByte();
+                if (c == '-')            // a header, not dash escaped
+                {
+                    clearText = false;
+                    start = true;
+                    restart = true;
+                }
+                else                   // a space - must be a dash escape
+                {
+                    c = input.ReadByte();
+                }
+                newLineFound = false;
+            }
+            else
+            {
+                if (c != '\n' && lastC != '\r')
+                {
+                    newLineFound = false;
+                }
+            }
+
+            lastC = c;
+
+			if (c < 0)
+			{
+				isEndOfStream = true;
+			}
+
+			return c;
+        }
+
+        private int ReadClearText(byte[] buffer, int offset, int count)
+        {
+            int pos = offset;
+            try
+            {
+                int end = offset + count;
+                while (pos < end)
+                {
+                    int c = ReadByteClearText();
+                    if (c == -1)
+                    {
+                        break;
+                    }
+                    buffer[pos++] = (byte) c;
+                }
+            }
+            catch (IOException ioe)
+            {
+                if (pos == offset) throw ioe;
+            }
+
+			return pos - offset;
+        }
+
+        private int DoReadByte()
+        {
+            if (bufPtr > 2 || crcFound)
+            {
+                int c = ReadIgnoreSpace();
+                if (c == '\n' || c == '\r')
+                {
+                    c = ReadIgnoreWhitespace();
+                    if (c == '=')            // crc reached
+                    {
+                        bufPtr = Decode(ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), outBuf);
+
+                        if (bufPtr != 0)
+                        {
+                            throw new IOException("no crc found in armored message.");
+                        }
+
+                        crcFound = true;
+
+                        int i = ((outBuf[0] & 0xff) << 16)
+                            | ((outBuf[1] & 0xff) << 8)
+                            | (outBuf[2] & 0xff);
+
+                        if (i != crc.Value)
+                        {
+                            throw new IOException("crc check failed in armored message.");
+                        }
+
+						return ReadByte();
+                    }
+
+                    if (c == '-')        // end of record reached
+                    {
+                        while ((c = input.ReadByte()) >= 0)
+                        {
+                            if (c == '\n' || c == '\r')
+                            {
+                                break;
+                            }
+                        }
+
+                        if (!crcFound)
+                        {
+                            throw new IOException("crc check not found.");
+                        }
+
+                        crcFound = false;
+                        start = true;
+                        bufPtr = 3;
+
+						if (c < 0)
+						{
+							isEndOfStream = true;
+						}
+
+						return -1;
+                    }
+                }
+
+                if (c < 0)
+                {
+					isEndOfStream = true;
+					return -1;
+                }
+
+                bufPtr = Decode(c, ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), outBuf);
+            }
+
+            return outBuf[bufPtr++];
+        }
+
+        public override int ReadByte()
+        {
+            if (start)
+            {
+                if (hasHeaders)
+                {
+                    ParseHeaders();
+                }
+
+				crc.Reset();
+				start = false;
+            }
+
+			if (clearText)
+            {
+                return ReadByteClearText();
+            }
+
+            int c = DoReadByte();
+
+            crc.Update(c);
+
+            return c;
+        }
+
+        public override int Read(byte[] buffer, int offset, int count)
+        {
+            if (start && count > 0)
+            {
+                if (hasHeaders)
+                {
+                    ParseHeaders();
+                }
+                start = false;
+            }
+
+            if (clearText)
+            {
+                return ReadClearText(buffer, offset, count);
+            }
+
+            int pos = offset;
+            try
+            {
+                int end = offset + count;
+                while (pos < end)
+                {
+                    int c = DoReadByte();
+                    crc.Update(c);
+                    if (c == -1)
+                    {
+                        break;
+                    }
+                    buffer[pos++] = (byte) c;
+                }
+            }
+            catch (IOException ioe)
+            {
+                if (pos == offset) throw ioe;
+            }
+
+            return pos - offset;
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(input);
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+		{
+            Platform.Dispose(input);
+			base.Close();
+		}
+#endif
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ArmoredOutputStream.cs b/bc-sharp-crypto/src/bcpg/ArmoredOutputStream.cs
new file mode 100644
index 0000000..7b39065
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ArmoredOutputStream.cs
@@ -0,0 +1,375 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.IO;
+using System.Reflection;
+using System.Text;
+
+#if PORTABLE
+using System.Linq;
+#endif
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic output stream.
+    */
+    public class ArmoredOutputStream
+        : BaseOutputStream
+    {
+        public static readonly string HeaderVersion = "Version";
+
+        private static readonly byte[] encodingTable =
+        {
+            (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G',
+            (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N',
+            (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U',
+            (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z',
+            (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g',
+            (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n',
+            (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u',
+            (byte)'v',
+            (byte)'w', (byte)'x', (byte)'y', (byte)'z',
+            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6',
+            (byte)'7', (byte)'8', (byte)'9',
+            (byte)'+', (byte)'/'
+        };
+
+        /**
+         * encode the input data producing a base 64 encoded byte array.
+         */
+        private static void Encode(
+            Stream    outStream,
+            int[]    data,
+            int        len)
+        {
+            Debug.Assert(len > 0);
+            Debug.Assert(len < 4);
+
+            byte[] bs = new byte[4];
+            int d1 = data[0];
+            bs[0] = encodingTable[(d1 >> 2) & 0x3f];
+
+            switch (len)
+            {
+                case 1:
+                {
+                    bs[1] = encodingTable[(d1 << 4) & 0x3f];
+                    bs[2] = (byte)'=';
+                    bs[3] = (byte)'=';
+                    break;
+                }
+                case 2:
+                {
+                    int d2 = data[1];
+                    bs[1] = encodingTable[((d1 << 4) | (d2 >> 4)) & 0x3f];
+                    bs[2] = encodingTable[(d2 << 2) & 0x3f];
+                    bs[3] = (byte)'=';
+                    break;
+                }
+                case 3:
+                {
+                    int d2 = data[1];
+                    int d3 = data[2];
+                    bs[1] = encodingTable[((d1 << 4) | (d2 >> 4)) & 0x3f];
+                    bs[2] = encodingTable[((d2 << 2) | (d3 >> 6)) & 0x3f];
+                    bs[3] = encodingTable[d3 & 0x3f];
+                    break;
+                }
+            }
+
+            outStream.Write(bs, 0, bs.Length);
+        }
+
+        private readonly Stream outStream;
+        private int[]           buf = new int[3];
+        private int             bufPtr = 0;
+        private Crc24           crc = new Crc24();
+        private int             chunkCount = 0;
+        private int             lastb;
+
+        private bool            start = true;
+        private bool            clearText = false;
+        private bool            newLine = false;
+
+        private string          type;
+
+        private static readonly string    nl = Platform.NewLine;
+        private static readonly string    headerStart = "-----BEGIN PGP ";
+        private static readonly string    headerTail = "-----";
+        private static readonly string    footerStart = "-----END PGP ";
+        private static readonly string    footerTail = "-----";
+
+        private static readonly string Version = "BCPG C# v1.8.1";//AssemblyInfo.Version;
+
+        private readonly IDictionary headers;
+
+        public ArmoredOutputStream(Stream outStream)
+        {
+            this.outStream = outStream;
+            this.headers = Platform.CreateHashtable(1);
+            this.headers.Add(HeaderVersion, Version);
+        }
+
+        public ArmoredOutputStream(Stream outStream, IDictionary headers)
+        {
+            this.outStream = outStream;
+            this.headers = Platform.CreateHashtable(headers);
+            if (!this.headers.Contains(HeaderVersion))
+            {
+                this.headers.Add(HeaderVersion, Version);
+            }
+        }
+
+        /**
+         * Set an additional header entry. A null value will clear the entry for name.
+         *
+         * @param name the name of the header entry.
+         * @param v the value of the header entry.
+         */
+        public void SetHeader(string name, string v)
+        {
+            if (v == null)
+            {
+                headers.Remove(name);
+            }
+            else
+            {
+                headers[name] = v;
+            }
+        }
+
+        /**
+         * Reset the headers to only contain a Version string (if one is present).
+         */
+        public void ResetHeaders()
+        {
+            string version = (string)headers[HeaderVersion];
+
+            headers.Clear();
+
+            if (version != null)
+            {
+                headers[HeaderVersion] = Version;
+            }
+        }
+
+        /**
+         * Start a clear text signed message.
+         * @param hashAlgorithm
+         */
+        public void BeginClearText(
+            HashAlgorithmTag    hashAlgorithm)
+        {
+            string    hash;
+
+            switch (hashAlgorithm)
+            {
+            case HashAlgorithmTag.Sha1:
+                hash = "SHA1";
+                break;
+            case HashAlgorithmTag.Sha256:
+                hash = "SHA256";
+                break;
+            case HashAlgorithmTag.Sha384:
+                hash = "SHA384";
+                break;
+            case HashAlgorithmTag.Sha512:
+                hash = "SHA512";
+                break;
+            case HashAlgorithmTag.MD2:
+                hash = "MD2";
+                break;
+            case HashAlgorithmTag.MD5:
+                hash = "MD5";
+                break;
+            case HashAlgorithmTag.RipeMD160:
+                hash = "RIPEMD160";
+                break;
+            default:
+                throw new IOException("unknown hash algorithm tag in beginClearText: " + hashAlgorithm);
+            }
+
+            DoWrite("-----BEGIN PGP SIGNED MESSAGE-----" + nl);
+            DoWrite("Hash: " + hash + nl + nl);
+
+            clearText = true;
+            newLine = true;
+            lastb = 0;
+        }
+
+        public void EndClearText()
+        {
+            clearText = false;
+        }
+
+        public override void WriteByte(
+            byte b)
+        {
+            if (clearText)
+            {
+                outStream.WriteByte(b);
+
+                if (newLine)
+                {
+                    if (!(b == '\n' && lastb == '\r'))
+                    {
+                        newLine = false;
+                    }
+                    if (b == '-')
+                    {
+                        outStream.WriteByte((byte)' ');
+                        outStream.WriteByte((byte)'-');      // dash escape
+                    }
+                }
+                if (b == '\r' || (b == '\n' && lastb != '\r'))
+                {
+                    newLine = true;
+                }
+                lastb = b;
+                return;
+            }
+
+            if (start)
+            {
+                bool newPacket = (b & 0x40) != 0;
+
+                int tag;
+                if (newPacket)
+                {
+                    tag = b & 0x3f;
+                }
+                else
+                {
+                    tag = (b & 0x3f) >> 2;
+                }
+
+                switch ((PacketTag)tag)
+                {
+                case PacketTag.PublicKey:
+                    type = "PUBLIC KEY BLOCK";
+                    break;
+                case PacketTag.SecretKey:
+                    type = "PRIVATE KEY BLOCK";
+                    break;
+                case PacketTag.Signature:
+                    type = "SIGNATURE";
+                    break;
+                default:
+                    type = "MESSAGE";
+                    break;
+                }
+
+                DoWrite(headerStart + type + headerTail + nl);
+                if (headers.Contains(HeaderVersion))
+                {
+                    WriteHeaderEntry(HeaderVersion, (string)headers[HeaderVersion]);
+                }
+
+                foreach (DictionaryEntry de in headers)
+                {
+                    string k = (string)de.Key;
+                    if (k != HeaderVersion)
+                    {
+                        string v = (string)de.Value;
+                        WriteHeaderEntry(k, v);
+                    }
+                }
+
+                DoWrite(nl);
+
+                start = false;
+            }
+
+            if (bufPtr == 3)
+            {
+                Encode(outStream, buf, bufPtr);
+                bufPtr = 0;
+                if ((++chunkCount & 0xf) == 0)
+                {
+                    DoWrite(nl);
+                }
+            }
+
+            crc.Update(b);
+            buf[bufPtr++] = b & 0xff;
+        }
+
+        /**
+         * <b>Note</b>: Close() does not close the underlying stream. So it is possible to write
+         * multiple objects using armoring to a single stream.
+         */
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                if (type == null)
+                    return;
+
+                DoClose();
+
+                type = null;
+                start = true;
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            if (type == null)
+                return;
+
+            DoClose();
+
+            type = null;
+            start = true;
+
+            base.Close();
+        }
+#endif
+
+        private void DoClose()
+        {
+            if (bufPtr > 0)
+            {
+                Encode(outStream, buf, bufPtr);
+            }
+
+            DoWrite(nl + '=');
+
+            int crcV = crc.Value;
+
+            buf[0] = ((crcV >> 16) & 0xff);
+            buf[1] = ((crcV >> 8) & 0xff);
+            buf[2] = (crcV & 0xff);
+
+            Encode(outStream, buf, 3);
+
+            DoWrite(nl);
+            DoWrite(footerStart);
+            DoWrite(type);
+            DoWrite(footerTail);
+            DoWrite(nl);
+
+            outStream.Flush();
+        }
+
+        private void WriteHeaderEntry(
+            string name,
+            string v)
+        {
+            DoWrite(name + ": " + v + nl);
+        }
+
+        private void DoWrite(
+            string s)
+        {
+            byte[] bs = Strings.ToAsciiByteArray(s);
+            outStream.Write(bs, 0, bs.Length);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/BcpgInputStream.cs b/bc-sharp-crypto/src/bcpg/BcpgInputStream.cs
new file mode 100644
index 0000000..f9627fd
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/BcpgInputStream.cs
@@ -0,0 +1,363 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Reader for PGP objects.</remarks>
+    public class BcpgInputStream
+        : BaseInputStream
+    {
+        private Stream m_in;
+        private bool next = false;
+        private int nextB;
+
+        internal static BcpgInputStream Wrap(
+			Stream inStr)
+        {
+            if (inStr is BcpgInputStream)
+            {
+                return (BcpgInputStream) inStr;
+            }
+
+            return new BcpgInputStream(inStr);
+        }
+
+        private BcpgInputStream(
+			Stream inputStream)
+        {
+            this.m_in = inputStream;
+        }
+
+        public override int ReadByte()
+        {
+            if (next)
+            {
+                next = false;
+                return nextB;
+            }
+
+            return m_in.ReadByte();
+        }
+
+        public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+        {
+			// Strangely, when count == 0, we should still attempt to read a byte
+//			if (count == 0)
+//				return 0;
+
+			if (!next)
+				return m_in.Read(buffer, offset, count);
+
+			// We have next byte waiting, so return it
+
+			if (nextB < 0)
+				return 0; // EndOfStream
+
+			if (buffer == null)
+				throw new ArgumentNullException("buffer");
+
+			buffer[offset] = (byte) nextB;
+			next = false;
+
+			return 1;
+        }
+
+		public byte[] ReadAll()
+        {
+			return Streams.ReadAll(this);
+		}
+
+		public void ReadFully(
+            byte[]	buffer,
+            int		off,
+            int		len)
+        {
+			if (Streams.ReadFully(this, buffer, off, len) < len)
+				throw new EndOfStreamException();
+        }
+
+		public void ReadFully(
+            byte[] buffer)
+        {
+            ReadFully(buffer, 0, buffer.Length);
+        }
+
+		/// <summary>Returns the next packet tag in the stream.</summary>
+        public PacketTag NextPacketTag()
+        {
+            if (!next)
+            {
+                try
+                {
+                    nextB = m_in.ReadByte();
+                }
+                catch (EndOfStreamException)
+                {
+                    nextB = -1;
+                }
+
+                next = true;
+            }
+
+            if (nextB < 0)
+                return (PacketTag)nextB;
+
+            int maskB = nextB & 0x3f;
+            if ((nextB & 0x40) == 0)    // old
+            {
+                maskB >>= 2;
+            }
+            return (PacketTag)maskB;
+        }
+
+        public Packet ReadPacket()
+        {
+            int hdr = this.ReadByte();
+
+            if (hdr < 0)
+            {
+                return null;
+            }
+
+            if ((hdr & 0x80) == 0)
+            {
+                throw new IOException("invalid header encountered");
+            }
+
+            bool newPacket = (hdr & 0x40) != 0;
+            PacketTag tag = 0;
+            int bodyLen = 0;
+            bool partial = false;
+
+            if (newPacket)
+            {
+                tag = (PacketTag)(hdr & 0x3f);
+
+                int l = this.ReadByte();
+
+                if (l < 192)
+                {
+                    bodyLen = l;
+                }
+                else if (l <= 223)
+                {
+                    int b = m_in.ReadByte();
+                    bodyLen = ((l - 192) << 8) + (b) + 192;
+                }
+                else if (l == 255)
+                {
+                    bodyLen = (m_in.ReadByte() << 24) | (m_in.ReadByte() << 16)
+                        |  (m_in.ReadByte() << 8)  | m_in.ReadByte();
+                }
+                else
+                {
+                    partial = true;
+                    bodyLen = 1 << (l & 0x1f);
+                }
+            }
+            else
+            {
+                int lengthType = hdr & 0x3;
+
+                tag = (PacketTag)((hdr & 0x3f) >> 2);
+
+                switch (lengthType)
+                {
+                    case 0:
+                        bodyLen = this.ReadByte();
+                        break;
+                    case 1:
+                        bodyLen = (this.ReadByte() << 8) | this.ReadByte();
+                        break;
+                    case 2:
+                        bodyLen = (this.ReadByte() << 24) | (this.ReadByte() << 16)
+                            | (this.ReadByte() << 8) | this.ReadByte();
+                        break;
+                    case 3:
+                        partial = true;
+                        break;
+                    default:
+                        throw new IOException("unknown length type encountered");
+                }
+            }
+
+            BcpgInputStream objStream;
+            if (bodyLen == 0 && partial)
+            {
+                objStream = this;
+            }
+            else
+            {
+                PartialInputStream pis = new PartialInputStream(this, partial, bodyLen);
+                objStream = new BcpgInputStream(pis);
+            }
+
+            switch (tag)
+            {
+                case PacketTag.Reserved:
+                    return new InputStreamPacket(objStream);
+                case PacketTag.PublicKeyEncryptedSession:
+                    return new PublicKeyEncSessionPacket(objStream);
+                case PacketTag.Signature:
+                    return new SignaturePacket(objStream);
+                case PacketTag.SymmetricKeyEncryptedSessionKey:
+                    return new SymmetricKeyEncSessionPacket(objStream);
+                case PacketTag.OnePassSignature:
+                    return new OnePassSignaturePacket(objStream);
+                case PacketTag.SecretKey:
+                    return new SecretKeyPacket(objStream);
+                case PacketTag.PublicKey:
+                    return new PublicKeyPacket(objStream);
+                case PacketTag.SecretSubkey:
+                    return new SecretSubkeyPacket(objStream);
+                case PacketTag.CompressedData:
+                    return new CompressedDataPacket(objStream);
+                case PacketTag.SymmetricKeyEncrypted:
+                    return new SymmetricEncDataPacket(objStream);
+                case PacketTag.Marker:
+                    return new MarkerPacket(objStream);
+                case PacketTag.LiteralData:
+                    return new LiteralDataPacket(objStream);
+                case PacketTag.Trust:
+                    return new TrustPacket(objStream);
+                case PacketTag.UserId:
+                    return new UserIdPacket(objStream);
+                case PacketTag.UserAttribute:
+                    return new UserAttributePacket(objStream);
+                case PacketTag.PublicSubkey:
+                    return new PublicSubkeyPacket(objStream);
+                case PacketTag.SymmetricEncryptedIntegrityProtected:
+                    return new SymmetricEncIntegrityPacket(objStream);
+                case PacketTag.ModificationDetectionCode:
+                    return new ModDetectionCodePacket(objStream);
+                case PacketTag.Experimental1:
+                case PacketTag.Experimental2:
+                case PacketTag.Experimental3:
+                case PacketTag.Experimental4:
+                    return new ExperimentalPacket(tag, objStream);
+                default:
+                    throw new IOException("unknown packet type encountered: " + tag);
+            }
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(m_in);
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+		{
+            Platform.Dispose(m_in);
+			base.Close();
+		}
+#endif
+
+		/// <summary>
+		/// A stream that overlays our input stream, allowing the user to only read a segment of it.
+		/// NB: dataLength will be negative if the segment length is in the upper range above 2**31.
+		/// </summary>
+		private class PartialInputStream
+            : BaseInputStream
+        {
+            private BcpgInputStream m_in;
+            private bool partial;
+            private int dataLength;
+
+            internal PartialInputStream(
+                BcpgInputStream	bcpgIn,
+                bool			partial,
+                int				dataLength)
+            {
+                this.m_in = bcpgIn;
+                this.partial = partial;
+                this.dataLength = dataLength;
+            }
+
+			public override int ReadByte()
+			{
+				do
+				{
+					if (dataLength != 0)
+					{
+						int ch = m_in.ReadByte();
+						if (ch < 0)
+						{
+							throw new EndOfStreamException("Premature end of stream in PartialInputStream");
+						}
+						dataLength--;
+						return ch;
+					}
+				}
+				while (partial && ReadPartialDataLength() >= 0);
+
+				return -1;
+			}
+
+			public override int Read(byte[] buffer, int offset, int count)
+			{
+				do
+				{
+					if (dataLength != 0)
+					{
+						int readLen = (dataLength > count || dataLength < 0) ? count : dataLength;
+						int len = m_in.Read(buffer, offset, readLen);
+						if (len < 1)
+						{
+							throw new EndOfStreamException("Premature end of stream in PartialInputStream");
+						}
+						dataLength -= len;
+						return len;
+					}
+				}
+				while (partial && ReadPartialDataLength() >= 0);
+
+				return 0;
+			}
+
+            private int ReadPartialDataLength()
+            {
+                int l = m_in.ReadByte();
+
+				if (l < 0)
+                {
+                    return -1;
+                }
+
+				partial = false;
+
+				if (l < 192)
+                {
+                    dataLength = l;
+                }
+                else if (l <= 223)
+                {
+                    dataLength = ((l - 192) << 8) + (m_in.ReadByte()) + 192;
+                }
+                else if (l == 255)
+                {
+                    dataLength = (m_in.ReadByte() << 24) | (m_in.ReadByte() << 16)
+                        |  (m_in.ReadByte() << 8)  | m_in.ReadByte();
+                }
+                else
+                {
+                    partial = true;
+                    dataLength = 1 << (l & 0x1f);
+                }
+
+                return 0;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/BcpgObject.cs b/bc-sharp-crypto/src/bcpg/BcpgObject.cs
new file mode 100644
index 0000000..4807ad4
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/BcpgObject.cs
@@ -0,0 +1,22 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Base class for a PGP object.</remarks>
+    public abstract class BcpgObject
+    {
+        public virtual byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+            pOut.WriteObject(this);
+
+            return bOut.ToArray();
+        }
+
+        public abstract void Encode(BcpgOutputStream bcpgOut);
+    }
+}
+
diff --git a/bc-sharp-crypto/src/bcpg/BcpgOutputStream.cs b/bc-sharp-crypto/src/bcpg/BcpgOutputStream.cs
new file mode 100644
index 0000000..7ab661e
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/BcpgOutputStream.cs
@@ -0,0 +1,404 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic output stream.</remarks>
+    public class BcpgOutputStream
+        : BaseOutputStream
+    {
+		internal static BcpgOutputStream Wrap(
+			Stream outStr)
+		{
+			if (outStr is BcpgOutputStream)
+			{
+				return (BcpgOutputStream) outStr;
+			}
+
+			return new BcpgOutputStream(outStr);
+		}
+
+		private Stream outStr;
+        private byte[] partialBuffer;
+        private int partialBufferLength;
+        private int partialPower;
+        private int partialOffset;
+        private const int BufferSizePower = 16; // 2^16 size buffer on long files
+
+		/// <summary>Create a stream representing a general packet.</summary>
+		/// <param name="outStr">Output stream to write to.</param>
+		public BcpgOutputStream(
+            Stream outStr)
+        {
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			this.outStr = outStr;
+        }
+
+		/// <summary>Create a stream representing an old style partial object.</summary>
+		/// <param name="outStr">Output stream to write to.</param>
+		/// <param name="tag">The packet tag for the object.</param>
+        public BcpgOutputStream(
+            Stream		outStr,
+            PacketTag	tag)
+        {
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			this.outStr = outStr;
+            this.WriteHeader(tag, true, true, 0);
+        }
+
+		/// <summary>Create a stream representing a general packet.</summary>
+		/// <param name="outStr">Output stream to write to.</param>
+		/// <param name="tag">Packet tag.</param>
+		/// <param name="length">Size of chunks making up the packet.</param>
+		/// <param name="oldFormat">If true, the header is written out in old format.</param>
+		public BcpgOutputStream(
+            Stream		outStr,
+            PacketTag	tag,
+            long		length,
+            bool		oldFormat)
+        {
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			this.outStr = outStr;
+
+            if (length > 0xFFFFFFFFL)
+            {
+                this.WriteHeader(tag, false, true, 0);
+                this.partialBufferLength = 1 << BufferSizePower;
+                this.partialBuffer = new byte[partialBufferLength];
+				this.partialPower = BufferSizePower;
+				this.partialOffset = 0;
+            }
+            else
+            {
+                this.WriteHeader(tag, oldFormat, false, length);
+            }
+        }
+
+		/// <summary>Create a new style partial input stream buffered into chunks.</summary>
+		/// <param name="outStr">Output stream to write to.</param>
+		/// <param name="tag">Packet tag.</param>
+		/// <param name="length">Size of chunks making up the packet.</param>
+		public BcpgOutputStream(
+            Stream		outStr,
+            PacketTag	tag,
+            long		length)
+        {
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+            this.outStr = outStr;
+            this.WriteHeader(tag, false, false, length);
+        }
+
+		/// <summary>Create a new style partial input stream buffered into chunks.</summary>
+		/// <param name="outStr">Output stream to write to.</param>
+		/// <param name="tag">Packet tag.</param>
+		/// <param name="buffer">Buffer to use for collecting chunks.</param>
+        public BcpgOutputStream(
+            Stream		outStr,
+            PacketTag	tag,
+            byte[]		buffer)
+        {
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+            this.outStr = outStr;
+            this.WriteHeader(tag, false, true, 0);
+
+			this.partialBuffer = buffer;
+
+			uint length = (uint) partialBuffer.Length;
+            for (partialPower = 0; length != 1; partialPower++)
+            {
+                length >>= 1;
+            }
+
+			if (partialPower > 30)
+            {
+                throw new IOException("Buffer cannot be greater than 2^30 in length.");
+            }
+            this.partialBufferLength = 1 << partialPower;
+            this.partialOffset = 0;
+        }
+
+		private void WriteNewPacketLength(
+            long bodyLen)
+        {
+            if (bodyLen < 192)
+            {
+                outStr.WriteByte((byte)bodyLen);
+            }
+            else if (bodyLen <= 8383)
+            {
+                bodyLen -= 192;
+
+                outStr.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192));
+                outStr.WriteByte((byte)bodyLen);
+            }
+            else
+            {
+                outStr.WriteByte(0xff);
+                outStr.WriteByte((byte)(bodyLen >> 24));
+                outStr.WriteByte((byte)(bodyLen >> 16));
+                outStr.WriteByte((byte)(bodyLen >> 8));
+                outStr.WriteByte((byte)bodyLen);
+            }
+        }
+
+        private void WriteHeader(
+            PacketTag	tag,
+            bool		oldPackets,
+            bool		partial,
+            long		bodyLen)
+        {
+            int hdr = 0x80;
+
+            if (partialBuffer != null)
+            {
+                PartialFlush(true);
+                partialBuffer = null;
+            }
+
+            if (oldPackets)
+            {
+                hdr |= ((int) tag) << 2;
+
+                if (partial)
+                {
+                    this.WriteByte((byte)(hdr | 0x03));
+                }
+                else
+                {
+                    if (bodyLen <= 0xff)
+                    {
+                        this.WriteByte((byte) hdr);
+                        this.WriteByte((byte)bodyLen);
+                    }
+                    else if (bodyLen <= 0xffff)
+                    {
+                        this.WriteByte((byte)(hdr | 0x01));
+                        this.WriteByte((byte)(bodyLen >> 8));
+                        this.WriteByte((byte)(bodyLen));
+                    }
+                    else
+                    {
+                        this.WriteByte((byte)(hdr | 0x02));
+                        this.WriteByte((byte)(bodyLen >> 24));
+                        this.WriteByte((byte)(bodyLen >> 16));
+                        this.WriteByte((byte)(bodyLen >> 8));
+                        this.WriteByte((byte)bodyLen);
+                    }
+                }
+            }
+            else
+            {
+                hdr |= 0x40 | (int) tag;
+                this.WriteByte((byte) hdr);
+
+                if (partial)
+                {
+                    partialOffset = 0;
+                }
+                else
+                {
+                    this.WriteNewPacketLength(bodyLen);
+                }
+            }
+        }
+
+        private void PartialFlush(
+            bool isLast)
+        {
+            if (isLast)
+            {
+                WriteNewPacketLength(partialOffset);
+                outStr.Write(partialBuffer, 0, partialOffset);
+            }
+            else
+            {
+                outStr.WriteByte((byte)(0xE0 | partialPower));
+                outStr.Write(partialBuffer, 0, partialBufferLength);
+            }
+
+            partialOffset = 0;
+        }
+
+		private void WritePartial(
+            byte b)
+        {
+            if (partialOffset == partialBufferLength)
+            {
+                PartialFlush(false);
+            }
+
+			partialBuffer[partialOffset++] = b;
+        }
+
+		private void WritePartial(
+            byte[]	buffer,
+            int		off,
+            int		len)
+        {
+            if (partialOffset == partialBufferLength)
+            {
+                PartialFlush(false);
+            }
+
+            if (len <= (partialBufferLength - partialOffset))
+            {
+                Array.Copy(buffer, off, partialBuffer, partialOffset, len);
+                partialOffset += len;
+            }
+            else
+            {
+                int diff = partialBufferLength - partialOffset;
+                Array.Copy(buffer, off, partialBuffer, partialOffset, diff);
+                off += diff;
+                len -= diff;
+                PartialFlush(false);
+                while (len > partialBufferLength)
+                {
+                    Array.Copy(buffer, off, partialBuffer, 0, partialBufferLength);
+                    off += partialBufferLength;
+                    len -= partialBufferLength;
+                    PartialFlush(false);
+                }
+                Array.Copy(buffer, off, partialBuffer, 0, len);
+                partialOffset += len;
+            }
+        }
+        public override void WriteByte(
+			byte value)
+        {
+            if (partialBuffer != null)
+            {
+                WritePartial(value);
+            }
+            else
+            {
+                outStr.WriteByte(value);
+            }
+        }
+        public override void Write(
+            byte[]	buffer,
+            int		offset,
+            int		count)
+        {
+            if (partialBuffer != null)
+            {
+                WritePartial(buffer, offset, count);
+            }
+            else
+            {
+                outStr.Write(buffer, offset, count);
+            }
+        }
+
+		// Additional helper methods to write primitive types
+		internal virtual void WriteShort(
+			short n)
+		{
+			this.Write(
+				(byte)(n >> 8),
+				(byte)n);
+		}
+		internal virtual void WriteInt(
+			int n)
+		{
+			this.Write(
+				(byte)(n >> 24),
+				(byte)(n >> 16),
+				(byte)(n >> 8),
+				(byte)n);
+		}
+		internal virtual void WriteLong(
+			long n)
+		{
+			this.Write(
+				(byte)(n >> 56),
+				(byte)(n >> 48),
+				(byte)(n >> 40),
+				(byte)(n >> 32),
+				(byte)(n >> 24),
+				(byte)(n >> 16),
+				(byte)(n >> 8),
+				(byte)n);
+		}
+
+		public void WritePacket(
+            ContainedPacket p)
+        {
+            p.Encode(this);
+        }
+
+        internal void WritePacket(
+            PacketTag	tag,
+            byte[]		body,
+            bool		oldFormat)
+        {
+            this.WriteHeader(tag, oldFormat, false, body.Length);
+            this.Write(body);
+        }
+
+		public void WriteObject(
+            BcpgObject bcpgObject)
+        {
+            bcpgObject.Encode(this);
+        }
+
+		public void WriteObjects(
+			params BcpgObject[] v)
+		{
+			foreach (BcpgObject o in v)
+			{
+				o.Encode(this);
+			}
+		}
+
+		/// <summary>Flush the underlying stream.</summary>
+        public override void Flush()
+        {
+            outStr.Flush();
+        }
+
+		/// <summary>Finish writing out the current packet without closing the underlying stream.</summary>
+        public void Finish()
+        {
+            if (partialBuffer != null)
+            {
+                PartialFlush(true);
+                partialBuffer = null;
+            }
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+			    this.Finish();
+			    outStr.Flush();
+                Platform.Dispose(outStr);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+			this.Finish();
+			outStr.Flush();
+            Platform.Dispose(outStr);
+			base.Close();
+        }
+#endif
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/CompressedDataPacket.cs b/bc-sharp-crypto/src/bcpg/CompressedDataPacket.cs
new file mode 100644
index 0000000..2432825
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/CompressedDataPacket.cs
@@ -0,0 +1,24 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Generic compressed data object.</remarks>
+    public class CompressedDataPacket
+        : InputStreamPacket
+    {
+        private readonly CompressionAlgorithmTag algorithm;
+
+		internal CompressedDataPacket(
+            BcpgInputStream bcpgIn)
+			: base(bcpgIn)
+        {
+            this.algorithm = (CompressionAlgorithmTag) bcpgIn.ReadByte();
+        }
+
+		/// <summary>The algorithm tag value.</summary>
+        public CompressionAlgorithmTag Algorithm
+		{
+			get { return algorithm; }
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/CompressionAlgorithmTags.cs b/bc-sharp-crypto/src/bcpg/CompressionAlgorithmTags.cs
new file mode 100644
index 0000000..0e45229
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/CompressionAlgorithmTags.cs
@@ -0,0 +1,11 @@
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic tags for compression algorithms.</remarks>
+	public enum CompressionAlgorithmTag
+	{
+		Uncompressed = 0,	// Uncompressed
+		Zip = 1,			// ZIP (RFC 1951)
+		ZLib = 2,			// ZLIB (RFC 1950)
+		BZip2 = 3,			// BZ2
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/ContainedPacket.cs b/bc-sharp-crypto/src/bcpg/ContainedPacket.cs
new file mode 100644
index 0000000..e8f387c
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ContainedPacket.cs
@@ -0,0 +1,22 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic type for a PGP packet.</remarks>
+    public abstract class ContainedPacket
+        : Packet
+    {
+        public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+			pOut.WritePacket(this);
+
+			return bOut.ToArray();
+        }
+
+		public abstract void Encode(BcpgOutputStream bcpgOut);
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/Crc24.cs b/bc-sharp-crypto/src/bcpg/Crc24.cs
new file mode 100644
index 0000000..97846f4
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/Crc24.cs
@@ -0,0 +1,46 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    public class Crc24
+    {
+        private const int Crc24Init = 0x0b704ce;
+        private const int Crc24Poly = 0x1864cfb;
+
+        private int crc = Crc24Init;
+
+        public Crc24()
+        {
+        }
+
+        public void Update(
+            int b)
+        {
+            crc ^= b << 16;
+            for (int i = 0; i < 8; i++)
+            {
+                crc <<= 1;
+                if ((crc & 0x1000000) != 0)
+                {
+                    crc ^= Crc24Poly;
+                }
+            }
+        }
+
+		[Obsolete("Use 'Value' property instead")]
+        public int GetValue()
+        {
+            return crc;
+        }
+
+		public int Value
+		{
+			get { return crc; }
+		}
+
+		public void Reset()
+        {
+            crc = Crc24Init;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/DsaPublicBcpgKey.cs b/bc-sharp-crypto/src/bcpg/DsaPublicBcpgKey.cs
new file mode 100644
index 0000000..11294cc
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/DsaPublicBcpgKey.cs
@@ -0,0 +1,80 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Base class for a DSA public key.</remarks>
+    public class DsaPublicBcpgKey
+        : BcpgObject, IBcpgKey
+    {
+        private readonly MPInteger p, q, g, y;
+
+        /// <param name="bcpgIn">The stream to read the packet from.</param>
+        public DsaPublicBcpgKey(
+            BcpgInputStream bcpgIn)
+        {
+            this.p = new MPInteger(bcpgIn);
+            this.q = new MPInteger(bcpgIn);
+            this.g = new MPInteger(bcpgIn);
+            this.y = new MPInteger(bcpgIn);
+        }
+
+        public DsaPublicBcpgKey(
+            BigInteger	p,
+            BigInteger	q,
+            BigInteger	g,
+            BigInteger	y)
+        {
+            this.p = new MPInteger(p);
+            this.q = new MPInteger(q);
+            this.g = new MPInteger(g);
+            this.y = new MPInteger(y);
+        }
+
+        /// <summary>The format, as a string, always "PGP".</summary>
+        public string Format
+        {
+            get { return "PGP"; }
+        }
+
+        /// <summary>Return the standard PGP encoding of the key.</summary>
+        public override byte[] GetEncoded()
+        {
+            try
+            {
+                return base.GetEncoded();
+            }
+            catch (Exception)
+            {
+                return null;
+            }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WriteObjects(p, q, g, y);
+        }
+
+        public BigInteger G
+        {
+            get { return g.Value; }
+        }
+
+        public BigInteger P
+        {
+            get { return p.Value; }
+        }
+
+        public BigInteger Q
+        {
+            get { return q.Value; }
+        }
+
+        public BigInteger Y
+        {
+            get { return y.Value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/DsaSecretBcpgKey.cs b/bc-sharp-crypto/src/bcpg/DsaSecretBcpgKey.cs
new file mode 100644
index 0000000..41835d4
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/DsaSecretBcpgKey.cs
@@ -0,0 +1,61 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for a DSA secret key.</remarks>
+	public class DsaSecretBcpgKey
+		: BcpgObject, IBcpgKey
+    {
+		internal MPInteger x;
+
+		/**
+		* @param in
+		*/
+		public DsaSecretBcpgKey(
+			BcpgInputStream bcpgIn)
+		{
+			this.x = new MPInteger(bcpgIn);
+		}
+
+		public DsaSecretBcpgKey(
+			BigInteger x)
+		{
+			this.x = new MPInteger(x);
+		}
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			bcpgOut.WriteObject(x);
+		}
+
+		/**
+		* @return x
+		*/
+		public BigInteger X
+		{
+			get { return x.Value; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/ECDHPublicBCPGKey.cs b/bc-sharp-crypto/src/bcpg/ECDHPublicBCPGKey.cs
new file mode 100644
index 0000000..dc225e3
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ECDHPublicBCPGKey.cs
@@ -0,0 +1,102 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Base class for an ECDH Public Key.</remarks>
+    public class ECDHPublicBcpgKey
+        : ECPublicBcpgKey
+    {
+        private byte reserved;
+        private HashAlgorithmTag hashFunctionId;
+        private SymmetricKeyAlgorithmTag symAlgorithmId;
+
+        /// <param name="bcpgIn">The stream to read the packet from.</param>
+        public ECDHPublicBcpgKey(
+            BcpgInputStream bcpgIn)
+            : base(bcpgIn)
+        {
+            int length = bcpgIn.ReadByte();
+            byte[] kdfParameters =  new byte[length];
+            if (kdfParameters.Length != 3)
+                throw new InvalidOperationException("kdf parameters size of 3 expected.");
+
+            bcpgIn.ReadFully(kdfParameters);
+
+            reserved = kdfParameters[0];
+            hashFunctionId = (HashAlgorithmTag)kdfParameters[1];
+            symAlgorithmId = (SymmetricKeyAlgorithmTag)kdfParameters[2];
+
+            VerifyHashAlgorithm();
+            VerifySymmetricKeyAlgorithm();
+        }
+
+        public ECDHPublicBcpgKey(
+            DerObjectIdentifier oid,
+            ECPoint point,
+            HashAlgorithmTag hashAlgorithm,
+            SymmetricKeyAlgorithmTag symmetricKeyAlgorithm)
+            : base(oid, point)
+        {
+            reserved = 1;
+            hashFunctionId = hashAlgorithm;
+            symAlgorithmId = symmetricKeyAlgorithm;
+
+            VerifyHashAlgorithm();
+            VerifySymmetricKeyAlgorithm();
+        }
+
+        public virtual byte Reserved
+        {
+            get { return reserved; }
+        }
+
+        public virtual HashAlgorithmTag HashAlgorithm
+        {
+            get { return hashFunctionId; }
+        }
+
+        public virtual SymmetricKeyAlgorithmTag SymmetricKeyAlgorithm
+        {
+            get { return symAlgorithmId; }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            base.Encode(bcpgOut);
+            bcpgOut.WriteByte(0x3);
+            bcpgOut.WriteByte(reserved);
+            bcpgOut.WriteByte((byte)hashFunctionId);
+            bcpgOut.WriteByte((byte)symAlgorithmId);
+        }
+
+        private void VerifyHashAlgorithm()
+        {
+            switch ((HashAlgorithmTag)hashFunctionId)
+            {
+            case HashAlgorithmTag.Sha256:
+            case HashAlgorithmTag.Sha384:
+            case HashAlgorithmTag.Sha512:
+                break;
+            default:
+                throw new InvalidOperationException("Hash algorithm must be SHA-256 or stronger.");
+            }
+        }
+
+        private void VerifySymmetricKeyAlgorithm()
+        {
+            switch ((SymmetricKeyAlgorithmTag)symAlgorithmId)
+            {
+            case SymmetricKeyAlgorithmTag.Aes128:
+            case SymmetricKeyAlgorithmTag.Aes192:
+            case SymmetricKeyAlgorithmTag.Aes256:
+                break;
+            default:
+                throw new InvalidOperationException("Symmetric key algorithm must be AES-128 or stronger.");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ECDsaPublicBCPGKey.cs b/bc-sharp-crypto/src/bcpg/ECDsaPublicBCPGKey.cs
new file mode 100644
index 0000000..5f0c8ac
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ECDsaPublicBCPGKey.cs
@@ -0,0 +1,34 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Base class for an ECDSA Public Key.</remarks>
+    public class ECDsaPublicBcpgKey
+        : ECPublicBcpgKey
+    {
+        /// <param name="bcpgIn">The stream to read the packet from.</param>
+        protected internal ECDsaPublicBcpgKey(
+            BcpgInputStream bcpgIn)
+            : base(bcpgIn)
+        {
+        }
+
+        public ECDsaPublicBcpgKey(
+            DerObjectIdentifier oid,
+            ECPoint point)
+            : base(oid, point)
+        {
+        }
+
+        public ECDsaPublicBcpgKey(
+            DerObjectIdentifier oid,
+            BigInteger encodedPoint)
+            : base(oid, encodedPoint)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ECPublicBCPGKey.cs b/bc-sharp-crypto/src/bcpg/ECPublicBCPGKey.cs
new file mode 100644
index 0000000..f328f9d
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ECPublicBCPGKey.cs
@@ -0,0 +1,97 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Base class for an EC Public Key.</remarks>
+    public abstract class ECPublicBcpgKey
+        : BcpgObject, IBcpgKey
+    {
+        internal DerObjectIdentifier oid;
+        internal BigInteger point;
+
+        /// <param name="bcpgIn">The stream to read the packet from.</param>
+        protected ECPublicBcpgKey(
+            BcpgInputStream bcpgIn)
+        {
+            this.oid = DerObjectIdentifier.GetInstance(Asn1Object.FromByteArray(ReadBytesOfEncodedLength(bcpgIn)));
+            this.point = new MPInteger(bcpgIn).Value;
+        }
+
+        protected ECPublicBcpgKey(
+            DerObjectIdentifier oid,
+            ECPoint point)
+        {
+            this.point = new BigInteger(1, point.GetEncoded());
+            this.oid = oid;
+        }
+
+        protected ECPublicBcpgKey(
+            DerObjectIdentifier oid,
+            BigInteger encodedPoint)
+        {
+            this.point = encodedPoint;
+            this.oid = oid;
+        }
+
+        /// <summary>The format, as a string, always "PGP".</summary>
+        public string Format
+        {
+            get { return "PGP"; }
+        }
+
+        /// <summary>Return the standard PGP encoding of the key.</summary>
+        public override byte[] GetEncoded()
+        {
+            try
+            {
+                return base.GetEncoded();
+            }
+            catch (IOException)
+            {
+                return null;
+            }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            byte[] oid = this.oid.GetEncoded();
+            bcpgOut.Write(oid, 1, oid.Length - 1);
+
+            MPInteger point = new MPInteger(this.point);
+            bcpgOut.WriteObject(point);
+        }
+
+        public virtual BigInteger EncodedPoint
+        {
+            get { return point; }
+        }
+
+        public virtual DerObjectIdentifier CurveOid
+        {
+            get { return oid; }
+        }
+
+        protected static byte[] ReadBytesOfEncodedLength(
+            BcpgInputStream bcpgIn)
+        {
+            int length = bcpgIn.ReadByte();
+            if (length == 0 || length == 0xFF)
+            {
+                throw new IOException("future extensions not yet implemented.");
+            }
+
+            byte[] buffer = new byte[length + 2];
+            bcpgIn.ReadFully(buffer, 2, buffer.Length - 2);
+            buffer[0] = (byte)0x06;
+            buffer[1] = (byte)length;
+
+            return buffer;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ECSecretBCPGKey.cs b/bc-sharp-crypto/src/bcpg/ECSecretBCPGKey.cs
new file mode 100644
index 0000000..22e0a34
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ECSecretBCPGKey.cs
@@ -0,0 +1,56 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for an EC Secret Key.</remarks>
+    public class ECSecretBcpgKey
+        : BcpgObject, IBcpgKey
+    {
+        internal MPInteger x;
+
+        public ECSecretBcpgKey(
+            BcpgInputStream bcpgIn)
+        {
+            this.x = new MPInteger(bcpgIn);
+        }
+
+        public ECSecretBcpgKey(
+            BigInteger x)
+        {
+            this.x = new MPInteger(x);
+        }
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WriteObject(x);
+        }
+
+        public virtual BigInteger X
+        {
+            get { return x.Value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ElGamalPublicBcpgKey.cs b/bc-sharp-crypto/src/bcpg/ElGamalPublicBcpgKey.cs
new file mode 100644
index 0000000..808e427
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ElGamalPublicBcpgKey.cs
@@ -0,0 +1,71 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for an ElGamal public key.</remarks>
+	public class ElGamalPublicBcpgKey
+		: BcpgObject, IBcpgKey
+	{
+		internal MPInteger p, g, y;
+
+		public ElGamalPublicBcpgKey(
+			BcpgInputStream bcpgIn)
+		{
+			this.p = new MPInteger(bcpgIn);
+			this.g = new MPInteger(bcpgIn);
+			this.y = new MPInteger(bcpgIn);
+		}
+
+		public ElGamalPublicBcpgKey(
+			BigInteger p,
+			BigInteger g,
+			BigInteger y)
+		{
+			this.p = new MPInteger(p);
+			this.g = new MPInteger(g);
+			this.y = new MPInteger(y);
+		}
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+		public BigInteger P
+		{
+			get { return p.Value; }
+		}
+
+		public BigInteger G
+		{
+			get { return g.Value; }
+		}
+
+		public BigInteger Y
+		{
+			get { return y.Value; }
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			bcpgOut.WriteObjects(p, g, y);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/ElGamalSecretBcpgKey.cs b/bc-sharp-crypto/src/bcpg/ElGamalSecretBcpgKey.cs
new file mode 100644
index 0000000..2d95b29
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ElGamalSecretBcpgKey.cs
@@ -0,0 +1,61 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for an ElGamal secret key.</remarks>
+	public class ElGamalSecretBcpgKey
+		: BcpgObject, IBcpgKey
+	{
+		internal MPInteger x;
+
+		/**
+		* @param in
+		*/
+		public ElGamalSecretBcpgKey(
+			BcpgInputStream bcpgIn)
+		{
+			this.x = new MPInteger(bcpgIn);
+		}
+
+		/**
+		* @param x
+		*/
+		public ElGamalSecretBcpgKey(
+			BigInteger x)
+		{
+			this.x = new MPInteger(x);
+		}
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		public BigInteger X
+		{
+			get { return x.Value; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			bcpgOut.WriteObject(x);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/ExperimentalPacket.cs b/bc-sharp-crypto/src/bcpg/ExperimentalPacket.cs
new file mode 100644
index 0000000..36a254b
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ExperimentalPacket.cs
@@ -0,0 +1,38 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for an experimental packet.</remarks>
+    public class ExperimentalPacket
+        : ContainedPacket //, PublicKeyAlgorithmTag
+    {
+        private readonly PacketTag	tag;
+        private readonly byte[]		contents;
+
+		internal ExperimentalPacket(
+            PacketTag		tag,
+            BcpgInputStream	bcpgIn)
+        {
+            this.tag = tag;
+
+			this.contents = bcpgIn.ReadAll();
+        }
+
+		public PacketTag Tag
+        {
+			get { return tag; }
+        }
+
+		public byte[] GetContents()
+        {
+			return (byte[]) contents.Clone();
+        }
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(tag, contents, true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/HashAlgorithmTags.cs b/bc-sharp-crypto/src/bcpg/HashAlgorithmTags.cs
new file mode 100644
index 0000000..96c0091
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/HashAlgorithmTags.cs
@@ -0,0 +1,19 @@
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic tags for hash algorithms.</remarks>
+	public enum HashAlgorithmTag
+	{
+		MD5 = 1,			// MD5
+		Sha1 = 2,			// SHA-1
+		RipeMD160 = 3,		// RIPE-MD/160
+		DoubleSha = 4,		// Reserved for double-width SHA (experimental)
+		MD2 = 5,			// MD2
+		Tiger192 = 6,		// Reserved for TIGER/192
+		Haval5pass160 = 7,	// Reserved for HAVAL (5 pass, 160-bit)
+
+		Sha256 = 8,			// SHA-256
+		Sha384 = 9,			// SHA-384
+		Sha512 = 10,		// SHA-512
+		Sha224 = 11,		// SHA-224
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/IBcpgKey.cs b/bc-sharp-crypto/src/bcpg/IBcpgKey.cs
new file mode 100644
index 0000000..2754617
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/IBcpgKey.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base interface for a PGP key.</remarks>
+    public interface IBcpgKey
+    {
+		/// <summary>
+		/// The base format for this key - in the case of the symmetric keys it will generally
+		/// be raw indicating that the key is just a straight byte representation, for an asymmetric
+		/// key the format will be PGP, indicating the key is a string of MPIs encoded in PGP format.
+		/// </summary>
+		/// <returns>"RAW" or "PGP".</returns>
+        string Format { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/InputStreamPacket.cs b/bc-sharp-crypto/src/bcpg/InputStreamPacket.cs
new file mode 100644
index 0000000..c45efab
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/InputStreamPacket.cs
@@ -0,0 +1,20 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    public class InputStreamPacket
+        : Packet
+    {
+        private readonly BcpgInputStream bcpgIn;
+
+		public InputStreamPacket(
+            BcpgInputStream bcpgIn)
+        {
+            this.bcpgIn = bcpgIn;
+        }
+
+		/// <summary>Note: you can only read from this once...</summary>
+		public BcpgInputStream GetInputStream()
+        {
+            return bcpgIn;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/LiteralDataPacket.cs b/bc-sharp-crypto/src/bcpg/LiteralDataPacket.cs
new file mode 100644
index 0000000..63a2c6d
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/LiteralDataPacket.cs
@@ -0,0 +1,57 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Generic literal data packet.</remarks>
+    public class LiteralDataPacket
+        : InputStreamPacket
+	{
+		private int		format;
+        private byte[]	fileName;
+        private long	modDate;
+
+		internal LiteralDataPacket(
+            BcpgInputStream bcpgIn)
+			: base(bcpgIn)
+        {
+            format = bcpgIn.ReadByte();
+            int len = bcpgIn.ReadByte();
+
+			fileName = new byte[len];
+			for (int i = 0; i != len; ++i)
+            {
+                fileName[i] = (byte)bcpgIn.ReadByte();
+            }
+
+			modDate = (((uint)bcpgIn.ReadByte() << 24)
+				| ((uint)bcpgIn.ReadByte() << 16)
+                | ((uint)bcpgIn.ReadByte() << 8)
+				| (uint)bcpgIn.ReadByte()) * 1000L;
+        }
+
+		/// <summary>The format tag value.</summary>
+        public int Format
+		{
+			get { return format; }
+		}
+
+		/// <summary>The modification time of the file in milli-seconds (since Jan 1, 1970 UTC)</summary>
+        public long ModificationTime
+		{
+			get { return modDate; }
+		}
+
+		public string FileName
+		{
+			get { return Strings.FromUtf8ByteArray(fileName); }
+		}
+
+		public byte[] GetRawFileName()
+		{
+			return Arrays.Clone(fileName);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/MPInteger.cs b/bc-sharp-crypto/src/bcpg/MPInteger.cs
new file mode 100644
index 0000000..4414072
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/MPInteger.cs
@@ -0,0 +1,59 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>A multiple precision integer</remarks>
+    public class MPInteger
+        : BcpgObject
+    {
+        private readonly BigInteger val;
+
+        public MPInteger(
+            BcpgInputStream bcpgIn)
+        {
+			if (bcpgIn == null)
+				throw new ArgumentNullException("bcpgIn");
+
+			int length = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte();
+            byte[] bytes = new byte[(length + 7) / 8];
+
+            bcpgIn.ReadFully(bytes);
+
+            this.val = new BigInteger(1, bytes);
+        }
+
+		public MPInteger(
+            BigInteger val)
+        {
+			if (val == null)
+				throw new ArgumentNullException("val");
+			if (val.SignValue < 0)
+				throw new ArgumentException("Values must be positive", "val");
+
+			this.val = val;
+        }
+
+		public BigInteger Value
+        {
+            get { return val; }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+			bcpgOut.WriteShort((short) val.BitLength);
+			bcpgOut.Write(val.ToByteArrayUnsigned());
+        }
+
+		internal static void Encode(
+			BcpgOutputStream	bcpgOut,
+			BigInteger			val)
+		{
+			bcpgOut.WriteShort((short) val.BitLength);
+			bcpgOut.Write(val.ToByteArrayUnsigned());
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/MarkerPacket.cs b/bc-sharp-crypto/src/bcpg/MarkerPacket.cs
new file mode 100644
index 0000000..4dc4b5a
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/MarkerPacket.cs
@@ -0,0 +1,24 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic type for a marker packet.</remarks>
+    public class MarkerPacket
+        : ContainedPacket
+    {
+        // "PGP"
+        byte[] marker = { (byte)0x50, (byte)0x47, (byte)0x50 };
+
+        public MarkerPacket(
+            BcpgInputStream bcpgIn)
+        {
+            bcpgIn.ReadFully(marker);
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.Marker, marker, true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/ModDetectionCodePacket.cs b/bc-sharp-crypto/src/bcpg/ModDetectionCodePacket.cs
new file mode 100644
index 0000000..6bb2364
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/ModDetectionCodePacket.cs
@@ -0,0 +1,42 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for a modification detection code packet.</remarks>
+    public class ModDetectionCodePacket
+        : ContainedPacket
+    {
+        private readonly byte[] digest;
+
+		internal ModDetectionCodePacket(
+            BcpgInputStream bcpgIn)
+        {
+			if (bcpgIn == null)
+				throw new ArgumentNullException("bcpgIn");
+
+			this.digest = new byte[20];
+            bcpgIn.ReadFully(this.digest);
+        }
+
+		public ModDetectionCodePacket(
+            byte[] digest)
+        {
+			if (digest == null)
+				throw new ArgumentNullException("digest");
+
+			this.digest = (byte[]) digest.Clone();
+        }
+
+		public byte[] GetDigest()
+        {
+			return (byte[]) digest.Clone();
+        }
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.ModificationDetectionCode, digest, false);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/OnePassSignaturePacket.cs b/bc-sharp-crypto/src/bcpg/OnePassSignaturePacket.cs
new file mode 100644
index 0000000..b67df0a
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/OnePassSignaturePacket.cs
@@ -0,0 +1,93 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Generic signature object</remarks>
+	public class OnePassSignaturePacket
+		: ContainedPacket
+	{
+		private int version;
+		private int sigType;
+		private HashAlgorithmTag hashAlgorithm;
+		private PublicKeyAlgorithmTag keyAlgorithm;
+		private long keyId;
+		private int nested;
+
+		internal OnePassSignaturePacket(
+			BcpgInputStream	bcpgIn)
+		{
+			version = bcpgIn.ReadByte();
+			sigType = bcpgIn.ReadByte();
+			hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte();
+			keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte();
+
+			keyId |= (long)bcpgIn.ReadByte() << 56;
+			keyId |= (long)bcpgIn.ReadByte() << 48;
+			keyId |= (long)bcpgIn.ReadByte() << 40;
+			keyId |= (long)bcpgIn.ReadByte() << 32;
+			keyId |= (long)bcpgIn.ReadByte() << 24;
+			keyId |= (long)bcpgIn.ReadByte() << 16;
+			keyId |= (long)bcpgIn.ReadByte() << 8;
+			keyId |= (uint)bcpgIn.ReadByte();
+
+			nested = bcpgIn.ReadByte();
+		}
+
+		public OnePassSignaturePacket(
+			int						sigType,
+			HashAlgorithmTag		hashAlgorithm,
+			PublicKeyAlgorithmTag	keyAlgorithm,
+			long					keyId,
+			bool					isNested)
+		{
+			this.version = 3;
+			this.sigType = sigType;
+			this.hashAlgorithm = hashAlgorithm;
+			this.keyAlgorithm = keyAlgorithm;
+			this.keyId = keyId;
+			this.nested = (isNested) ? 0 : 1;
+		}
+
+		public int SignatureType
+		{
+			get { return sigType; }
+		}
+
+		/// <summary>The encryption algorithm tag.</summary>
+		public PublicKeyAlgorithmTag KeyAlgorithm
+		{
+			get { return keyAlgorithm; }
+		}
+
+		/// <summary>The hash algorithm tag.</summary>
+		public HashAlgorithmTag HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+		}
+
+		public long KeyId
+		{
+			get { return keyId; }
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			MemoryStream bOut = new MemoryStream();
+			BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+			pOut.Write(
+				(byte) version,
+				(byte) sigType,
+				(byte) hashAlgorithm,
+				(byte) keyAlgorithm);
+
+			pOut.WriteLong(keyId);
+
+			pOut.WriteByte((byte) nested);
+
+			bcpgOut.WritePacket(PacketTag.OnePassSignature, bOut.ToArray(), true);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/OutputStreamPacket.cs b/bc-sharp-crypto/src/bcpg/OutputStreamPacket.cs
new file mode 100644
index 0000000..aa8316d
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/OutputStreamPacket.cs
@@ -0,0 +1,24 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    public abstract class OutputStreamPacket
+    {
+        private readonly BcpgOutputStream bcpgOut;
+
+		internal OutputStreamPacket(
+            BcpgOutputStream bcpgOut)
+        {
+			if (bcpgOut == null)
+				throw new ArgumentNullException("bcpgOut");
+
+			this.bcpgOut = bcpgOut;
+        }
+
+		public abstract BcpgOutputStream Open();
+
+		public abstract void Close();
+    }
+}
+
diff --git a/bc-sharp-crypto/src/bcpg/Packet.cs b/bc-sharp-crypto/src/bcpg/Packet.cs
new file mode 100644
index 0000000..83f6d1f
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/Packet.cs
@@ -0,0 +1,7 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    public class Packet
+        //: PacketTag
+    {
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/PacketTags.cs b/bc-sharp-crypto/src/bcpg/PacketTags.cs
new file mode 100644
index 0000000..5a53d4e
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/PacketTags.cs
@@ -0,0 +1,30 @@
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic PGP packet tag types.</remarks>
+    public enum PacketTag
+    {
+        Reserved =  0,								//  Reserved - a packet tag must not have this value
+        PublicKeyEncryptedSession = 1,				// Public-Key Encrypted Session Key Packet
+        Signature = 2,								// Signature Packet
+        SymmetricKeyEncryptedSessionKey = 3,		// Symmetric-Key Encrypted Session Key Packet
+        OnePassSignature = 4,						// One-Pass Signature Packet
+        SecretKey = 5,								// Secret Key Packet
+        PublicKey = 6,								// Public Key Packet
+        SecretSubkey = 7,							// Secret Subkey Packet
+        CompressedData = 8,							// Compressed Data Packet
+        SymmetricKeyEncrypted = 9,					// Symmetrically Encrypted Data Packet
+        Marker = 10,								// Marker Packet
+        LiteralData = 11,							// Literal Data Packet
+        Trust = 12,									// Trust Packet
+        UserId = 13,								// User ID Packet
+        PublicSubkey = 14,							// Public Subkey Packet
+        UserAttribute = 17,							// User attribute
+        SymmetricEncryptedIntegrityProtected = 18,	// Symmetric encrypted, integrity protected
+        ModificationDetectionCode = 19,				// Modification detection code
+
+        Experimental1 = 60,							// Private or Experimental Values
+        Experimental2 = 61,
+        Experimental3 = 62,
+        Experimental4 = 63
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/PublicKeyAlgorithmTags.cs b/bc-sharp-crypto/src/bcpg/PublicKeyAlgorithmTags.cs
new file mode 100644
index 0000000..9e30b54
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/PublicKeyAlgorithmTags.cs
@@ -0,0 +1,32 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Public Key Algorithm tag numbers.</remarks>
+    public enum PublicKeyAlgorithmTag
+    {
+        RsaGeneral = 1,			// RSA (Encrypt or Sign)
+        RsaEncrypt = 2,			// RSA Encrypt-Only
+        RsaSign = 3,			// RSA Sign-Only
+        ElGamalEncrypt = 16,	// Elgamal (Encrypt-Only), see [ELGAMAL]
+        Dsa = 17,				// DSA (Digital Signature Standard)
+        [Obsolete("Use 'ECDH' instead")]
+        EC = 18,				// Reserved for Elliptic Curve
+        ECDH = 18,              // Reserved for Elliptic Curve (actual algorithm name)
+        ECDsa = 19,				// Reserved for ECDSA
+        ElGamalGeneral = 20,	// Elgamal (Encrypt or Sign)
+        DiffieHellman = 21,		// Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME)
+
+        Experimental_1 = 100,
+        Experimental_2 = 101,
+        Experimental_3 = 102,
+        Experimental_4 = 103,
+        Experimental_5 = 104,
+        Experimental_6 = 105,
+        Experimental_7 = 106,
+        Experimental_8 = 107,
+        Experimental_9 = 108,
+        Experimental_10 = 109,
+        Experimental_11 = 110,
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/PublicKeyEncSessionPacket.cs b/bc-sharp-crypto/src/bcpg/PublicKeyEncSessionPacket.cs
new file mode 100644
index 0000000..831b5a1
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/PublicKeyEncSessionPacket.cs
@@ -0,0 +1,115 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for a PGP public key.</remarks>
+	public class PublicKeyEncSessionPacket
+		: ContainedPacket //, PublicKeyAlgorithmTag
+	{
+		private int version;
+		private long keyId;
+		private PublicKeyAlgorithmTag algorithm;
+        private byte[][] data;
+
+		internal PublicKeyEncSessionPacket(
+			BcpgInputStream bcpgIn)
+		{
+			version = bcpgIn.ReadByte();
+
+			keyId |= (long)bcpgIn.ReadByte() << 56;
+			keyId |= (long)bcpgIn.ReadByte() << 48;
+			keyId |= (long)bcpgIn.ReadByte() << 40;
+			keyId |= (long)bcpgIn.ReadByte() << 32;
+			keyId |= (long)bcpgIn.ReadByte() << 24;
+			keyId |= (long)bcpgIn.ReadByte() << 16;
+			keyId |= (long)bcpgIn.ReadByte() << 8;
+			keyId |= (uint)bcpgIn.ReadByte();
+
+			algorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte();
+
+			switch ((PublicKeyAlgorithmTag) algorithm)
+			{
+				case PublicKeyAlgorithmTag.RsaEncrypt:
+				case PublicKeyAlgorithmTag.RsaGeneral:
+					data = new byte[][]{ new MPInteger(bcpgIn).GetEncoded() };
+					break;
+				case PublicKeyAlgorithmTag.ElGamalEncrypt:
+				case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    MPInteger p = new MPInteger(bcpgIn);
+                    MPInteger g = new MPInteger(bcpgIn);
+					data = new byte[][]{
+                        p.GetEncoded(),
+                        g.GetEncoded(),
+                    };
+					break;
+                case PublicKeyAlgorithmTag.ECDH:
+                    data = new byte[][]{ Streams.ReadAll(bcpgIn) };
+                    break;
+				default:
+					throw new IOException("unknown PGP public key algorithm encountered");
+			}
+		}
+
+        public PublicKeyEncSessionPacket(
+			long                    keyId,
+			PublicKeyAlgorithmTag   algorithm,
+			byte[][]                data)
+		{
+			this.version = 3;
+			this.keyId = keyId;
+			this.algorithm = algorithm;
+            this.data = new byte[data.Length][];
+            for (int i = 0; i < data.Length; ++i)
+            {
+                this.data[i] = Arrays.Clone(data[i]);
+            }
+		}
+
+        public int Version
+		{
+			get { return version; }
+		}
+
+		public long KeyId
+		{
+			get { return keyId; }
+		}
+
+		public PublicKeyAlgorithmTag Algorithm
+		{
+			get { return algorithm; }
+		}
+
+        public byte[][] GetEncSessionKey()
+		{
+			return data;
+		}
+
+        public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			MemoryStream bOut = new MemoryStream();
+			BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+			pOut.WriteByte((byte) version);
+
+			pOut.WriteLong(keyId);
+
+			pOut.WriteByte((byte)algorithm);
+
+            for (int i = 0; i < data.Length; ++i)
+            {
+                pOut.Write(data[i]);
+            }
+
+            Platform.Dispose(pOut);
+
+            bcpgOut.WritePacket(PacketTag.PublicKeyEncryptedSession , bOut.ToArray(), true);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/PublicKeyPacket.cs b/bc-sharp-crypto/src/bcpg/PublicKeyPacket.cs
new file mode 100644
index 0000000..bbed941
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/PublicKeyPacket.cs
@@ -0,0 +1,121 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <remarks>Basic packet for a PGP public key.</remarks>
+    public class PublicKeyPacket
+        : ContainedPacket //, PublicKeyAlgorithmTag
+    {
+        private int version;
+        private long time;
+        private int validDays;
+        private PublicKeyAlgorithmTag algorithm;
+        private IBcpgKey key;
+
+        internal PublicKeyPacket(
+            BcpgInputStream bcpgIn)
+        {
+            version = bcpgIn.ReadByte();
+
+            time = ((uint)bcpgIn.ReadByte() << 24) | ((uint)bcpgIn.ReadByte() << 16)
+                | ((uint)bcpgIn.ReadByte() << 8) | (uint)bcpgIn.ReadByte();
+
+            if (version <= 3)
+            {
+                validDays = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte();
+            }
+
+            algorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte();
+
+            switch ((PublicKeyAlgorithmTag) algorithm)
+            {
+                case PublicKeyAlgorithmTag.RsaEncrypt:
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                case PublicKeyAlgorithmTag.RsaSign:
+                    key = new RsaPublicBcpgKey(bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.Dsa:
+                    key = new DsaPublicBcpgKey(bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    key = new ElGamalPublicBcpgKey(bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.ECDH:
+                    key = new ECDHPublicBcpgKey(bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.ECDsa:
+                    key = new ECDsaPublicBcpgKey(bcpgIn);
+                    break;
+                default:
+                    throw new IOException("unknown PGP public key algorithm encountered");
+            }
+        }
+
+        /// <summary>Construct a version 4 public key packet.</summary>
+        public PublicKeyPacket(
+            PublicKeyAlgorithmTag	algorithm,
+            DateTime				time,
+            IBcpgKey				key)
+        {
+            this.version = 4;
+            this.time = DateTimeUtilities.DateTimeToUnixMs(time) / 1000L;
+            this.algorithm = algorithm;
+            this.key = key;
+        }
+
+        public virtual int Version
+        {
+            get { return version; }
+        }
+
+        public virtual PublicKeyAlgorithmTag Algorithm
+        {
+            get { return algorithm; }
+        }
+
+        public virtual int ValidDays
+        {
+            get { return validDays; }
+        }
+
+        public virtual DateTime GetTime()
+        {
+            return DateTimeUtilities.UnixMsToDateTime(time * 1000L);
+        }
+
+        public virtual IBcpgKey Key
+        {
+            get { return key; }
+        }
+
+        public virtual byte[] GetEncodedContents()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+            pOut.WriteByte((byte) version);
+            pOut.WriteInt((int) time);
+
+            if (version <= 3)
+            {
+                pOut.WriteShort((short) validDays);
+            }
+
+            pOut.WriteByte((byte) algorithm);
+
+            pOut.WriteObject((BcpgObject)key);
+
+            return bOut.ToArray();
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.PublicKey, GetEncodedContents(), true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/PublicSubkeyPacket.cs b/bc-sharp-crypto/src/bcpg/PublicSubkeyPacket.cs
new file mode 100644
index 0000000..6e1aeda
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/PublicSubkeyPacket.cs
@@ -0,0 +1,30 @@
+using System;
+using System.IO;
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for a PGP public subkey</remarks>
+    public class PublicSubkeyPacket
+        : PublicKeyPacket
+    {
+        internal PublicSubkeyPacket(
+            BcpgInputStream bcpgIn)
+			: base(bcpgIn)
+        {
+        }
+
+		/// <summary>Construct a version 4 public subkey packet.</summary>
+        public PublicSubkeyPacket(
+            PublicKeyAlgorithmTag	algorithm,
+            DateTime				time,
+            IBcpgKey				key)
+            : base(algorithm, time, key)
+        {
+        }
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.PublicSubkey, GetEncodedContents(), true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/RsaPublicBcpgKey.cs b/bc-sharp-crypto/src/bcpg/RsaPublicBcpgKey.cs
new file mode 100644
index 0000000..fd2313c
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/RsaPublicBcpgKey.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for an RSA public key.</remarks>
+	public class RsaPublicBcpgKey
+		: BcpgObject, IBcpgKey
+	{
+		private readonly MPInteger n, e;
+
+		/// <summary>Construct an RSA public key from the passed in stream.</summary>
+		public RsaPublicBcpgKey(
+			BcpgInputStream bcpgIn)
+		{
+			this.n = new MPInteger(bcpgIn);
+			this.e = new MPInteger(bcpgIn);
+		}
+
+		/// <param name="n">The modulus.</param>
+		/// <param name="e">The public exponent.</param>
+		public RsaPublicBcpgKey(
+			BigInteger	n,
+			BigInteger	e)
+		{
+			this.n = new MPInteger(n);
+			this.e = new MPInteger(e);
+		}
+
+		public BigInteger PublicExponent
+		{
+			get { return e.Value; }
+		}
+
+		public BigInteger Modulus
+		{
+			get { return n.Value; }
+		}
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			bcpgOut.WriteObjects(n, e);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/RsaSecretBcpgKey.cs b/bc-sharp-crypto/src/bcpg/RsaSecretBcpgKey.cs
new file mode 100644
index 0000000..5c04d9f
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/RsaSecretBcpgKey.cs
@@ -0,0 +1,114 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Base class for an RSA secret (or priate) key.</remarks>
+	public class RsaSecretBcpgKey
+		: BcpgObject, IBcpgKey
+	{
+		private readonly MPInteger d, p, q, u;
+		private readonly BigInteger expP, expQ, crt;
+
+		public RsaSecretBcpgKey(
+			BcpgInputStream bcpgIn)
+		{
+			this.d = new MPInteger(bcpgIn);
+			this.p = new MPInteger(bcpgIn);
+			this.q = new MPInteger(bcpgIn);
+			this.u = new MPInteger(bcpgIn);
+
+			this.expP = d.Value.Remainder(p.Value.Subtract(BigInteger.One));
+			this.expQ = d.Value.Remainder(q.Value.Subtract(BigInteger.One));
+			this.crt = q.Value.ModInverse(p.Value);
+		}
+
+		public RsaSecretBcpgKey(
+			BigInteger d,
+			BigInteger p,
+			BigInteger q)
+		{
+			// PGP requires (p < q)
+			int cmp = p.CompareTo(q);
+			if (cmp >= 0)
+			{
+				if (cmp == 0)
+					throw new ArgumentException("p and q cannot be equal");
+
+				BigInteger tmp = p;
+				p = q;
+				q = tmp;
+			}
+
+			this.d = new MPInteger(d);
+			this.p = new MPInteger(p);
+			this.q = new MPInteger(q);
+			this.u = new MPInteger(p.ModInverse(q));
+
+			this.expP = d.Remainder(p.Subtract(BigInteger.One));
+			this.expQ = d.Remainder(q.Subtract(BigInteger.One));
+			this.crt = q.ModInverse(p);
+		}
+
+		public BigInteger Modulus
+		{
+			get { return p.Value.Multiply(q.Value); }
+		}
+
+		public BigInteger PrivateExponent
+		{
+			get { return d.Value; }
+		}
+
+		public BigInteger PrimeP
+		{
+			get { return p.Value; }
+		}
+
+		public BigInteger PrimeQ
+		{
+			get { return q.Value; }
+		}
+
+		public BigInteger PrimeExponentP
+		{
+			get { return expP; }
+		}
+
+		public BigInteger PrimeExponentQ
+		{
+			get { return expQ; }
+		}
+
+		public BigInteger CrtCoefficient
+		{
+			get { return crt; }
+		}
+
+		/// <summary>The format, as a string, always "PGP".</summary>
+		public string Format
+		{
+			get { return "PGP"; }
+		}
+
+		/// <summary>Return the standard PGP encoding of the key.</summary>
+		public override byte[] GetEncoded()
+		{
+			try
+			{
+				return base.GetEncoded();
+			}
+			catch (Exception)
+			{
+				return null;
+			}
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+		{
+			bcpgOut.WriteObjects(d, p, q, u);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/S2k.cs b/bc-sharp-crypto/src/bcpg/S2k.cs
new file mode 100644
index 0000000..33fd792
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/S2k.cs
@@ -0,0 +1,149 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>The string to key specifier class.</remarks>
+    public class S2k
+        : BcpgObject
+    {
+        private const int ExpBias = 6;
+
+        public const int Simple = 0;
+        public const int Salted = 1;
+        public const int SaltedAndIterated = 3;
+        public const int GnuDummyS2K = 101;
+        public const int GnuProtectionModeNoPrivateKey = 1;
+        public const int GnuProtectionModeDivertToCard = 2;
+
+        internal int type;
+        internal HashAlgorithmTag algorithm;
+        internal byte[] iv;
+        internal int itCount = -1;
+        internal int protectionMode = -1;
+
+        internal S2k(
+            Stream inStr)
+        {
+			type = inStr.ReadByte();
+            algorithm = (HashAlgorithmTag) inStr.ReadByte();
+
+            //
+            // if this happens we have a dummy-S2k packet.
+            //
+            if (type != GnuDummyS2K)
+            {
+                if (type != 0)
+                {
+					iv = new byte[8];
+					if (Streams.ReadFully(inStr, iv, 0, iv.Length) < iv.Length)
+						throw new EndOfStreamException();
+
+					if (type == 3)
+					{
+						itCount = inStr.ReadByte();
+					}
+				}
+            }
+            else
+            {
+                inStr.ReadByte(); // G
+                inStr.ReadByte(); // N
+                inStr.ReadByte(); // U
+                protectionMode = inStr.ReadByte(); // protection mode
+            }
+        }
+
+        public S2k(
+            HashAlgorithmTag algorithm)
+        {
+            this.type = 0;
+            this.algorithm = algorithm;
+        }
+
+        public S2k(
+            HashAlgorithmTag algorithm,
+            byte[] iv)
+        {
+            this.type = 1;
+            this.algorithm = algorithm;
+            this.iv = iv;
+        }
+
+        public S2k(
+            HashAlgorithmTag algorithm,
+            byte[] iv,
+            int itCount)
+        {
+            this.type = 3;
+            this.algorithm = algorithm;
+            this.iv = iv;
+            this.itCount = itCount;
+        }
+
+        public virtual int Type
+        {
+			get { return type; }
+        }
+
+		/// <summary>The hash algorithm.</summary>
+        public virtual HashAlgorithmTag HashAlgorithm
+        {
+			get { return algorithm; }
+		}
+
+		/// <summary>The IV for the key generation algorithm.</summary>
+        public virtual byte[] GetIV()
+        {
+            return Arrays.Clone(iv);
+        }
+
+		[Obsolete("Use 'IterationCount' property instead")]
+        public long GetIterationCount()
+        {
+            return IterationCount;
+        }
+
+		/// <summary>The iteration count</summary>
+        public virtual long IterationCount
+		{
+			get { return (16 + (itCount & 15)) << ((itCount >> 4) + ExpBias); }
+		}
+
+		/// <summary>The protection mode - only if GnuDummyS2K</summary>
+        public virtual int ProtectionMode
+        {
+			get { return protectionMode; }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WriteByte((byte) type);
+            bcpgOut.WriteByte((byte) algorithm);
+
+            if (type != GnuDummyS2K)
+            {
+                if (type != 0)
+                {
+                    bcpgOut.Write(iv);
+                }
+
+                if (type == 3)
+                {
+                    bcpgOut.WriteByte((byte) itCount);
+                }
+            }
+            else
+            {
+                bcpgOut.WriteByte((byte) 'G');
+                bcpgOut.WriteByte((byte) 'N');
+                bcpgOut.WriteByte((byte) 'U');
+                bcpgOut.WriteByte((byte) protectionMode);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SecretKeyPacket.cs b/bc-sharp-crypto/src/bcpg/SecretKeyPacket.cs
new file mode 100644
index 0000000..d9ceab4
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SecretKeyPacket.cs
@@ -0,0 +1,170 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for a PGP secret key.</remarks>
+    public class SecretKeyPacket
+        : ContainedPacket //, PublicKeyAlgorithmTag
+    {
+		public const int UsageNone = 0x00;
+		public const int UsageChecksum = 0xff;
+		public const int UsageSha1 = 0xfe;
+
+		private PublicKeyPacket pubKeyPacket;
+        private readonly byte[] secKeyData;
+		private int s2kUsage;
+		private SymmetricKeyAlgorithmTag encAlgorithm;
+        private S2k s2k;
+        private byte[] iv;
+
+		internal SecretKeyPacket(
+            BcpgInputStream bcpgIn)
+        {
+			if (this is SecretSubkeyPacket)
+			{
+				pubKeyPacket = new PublicSubkeyPacket(bcpgIn);
+			}
+			else
+			{
+				pubKeyPacket = new PublicKeyPacket(bcpgIn);
+			}
+
+			s2kUsage = bcpgIn.ReadByte();
+
+			if (s2kUsage == UsageChecksum || s2kUsage == UsageSha1)
+            {
+                encAlgorithm = (SymmetricKeyAlgorithmTag) bcpgIn.ReadByte();
+                s2k = new S2k(bcpgIn);
+            }
+            else
+            {
+                encAlgorithm = (SymmetricKeyAlgorithmTag) s2kUsage;
+			}
+
+			if (!(s2k != null && s2k.Type == S2k.GnuDummyS2K && s2k.ProtectionMode == 0x01))
+            {
+				if (s2kUsage != 0)
+				{
+                    if (((int) encAlgorithm) < 7)
+                    {
+                        iv = new byte[8];
+                    }
+                    else
+                    {
+                        iv = new byte[16];
+                    }
+                    bcpgIn.ReadFully(iv);
+                }
+            }
+
+			secKeyData = bcpgIn.ReadAll();
+        }
+
+		public SecretKeyPacket(
+            PublicKeyPacket				pubKeyPacket,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            S2k							s2k,
+            byte[]						iv,
+            byte[]						secKeyData)
+        {
+            this.pubKeyPacket = pubKeyPacket;
+            this.encAlgorithm = encAlgorithm;
+
+			if (encAlgorithm != SymmetricKeyAlgorithmTag.Null)
+			{
+				this.s2kUsage = UsageChecksum;
+			}
+			else
+			{
+				this.s2kUsage = UsageNone;
+			}
+
+			this.s2k = s2k;
+			this.iv = Arrays.Clone(iv);
+			this.secKeyData = secKeyData;
+        }
+
+		public SecretKeyPacket(
+			PublicKeyPacket				pubKeyPacket,
+			SymmetricKeyAlgorithmTag	encAlgorithm,
+			int							s2kUsage,
+			S2k							s2k,
+			byte[]						iv,
+			byte[]						secKeyData)
+		{
+			this.pubKeyPacket = pubKeyPacket;
+			this.encAlgorithm = encAlgorithm;
+			this.s2kUsage = s2kUsage;
+			this.s2k = s2k;
+			this.iv = Arrays.Clone(iv);
+			this.secKeyData = secKeyData;
+		}
+
+		public SymmetricKeyAlgorithmTag EncAlgorithm
+        {
+			get { return encAlgorithm; }
+        }
+
+		public int S2kUsage
+		{
+			get { return s2kUsage; }
+		}
+
+		public byte[] GetIV()
+        {
+            return Arrays.Clone(iv);
+        }
+
+		public S2k S2k
+        {
+			get { return s2k; }
+        }
+
+		public PublicKeyPacket PublicKeyPacket
+        {
+			get { return pubKeyPacket; }
+        }
+
+		public byte[] GetSecretKeyData()
+        {
+            return secKeyData;
+        }
+
+		public byte[] GetEncodedContents()
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+            pOut.Write(pubKeyPacket.GetEncodedContents());
+
+			pOut.WriteByte((byte) s2kUsage);
+
+			if (s2kUsage == UsageChecksum || s2kUsage == UsageSha1)
+            {
+                pOut.WriteByte((byte) encAlgorithm);
+                pOut.WriteObject(s2k);
+            }
+
+			if (iv != null)
+            {
+                pOut.Write(iv);
+            }
+
+            if (secKeyData != null && secKeyData.Length > 0)
+            {
+                pOut.Write(secKeyData);
+            }
+
+            return bOut.ToArray();
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.SecretKey, GetEncodedContents(), true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SecretSubkeyPacket.cs b/bc-sharp-crypto/src/bcpg/SecretSubkeyPacket.cs
new file mode 100644
index 0000000..8f17469
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SecretSubkeyPacket.cs
@@ -0,0 +1,43 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic packet for a PGP secret key.</remarks>
+    public class SecretSubkeyPacket
+        : SecretKeyPacket
+    {
+        internal SecretSubkeyPacket(
+			BcpgInputStream bcpgIn)
+            : base(bcpgIn)
+        {
+        }
+
+		public SecretSubkeyPacket(
+            PublicKeyPacket				pubKeyPacket,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            S2k							s2k,
+            byte[]						iv,
+            byte[]						secKeyData)
+            : base(pubKeyPacket, encAlgorithm, s2k, iv, secKeyData)
+        {
+        }
+
+		public SecretSubkeyPacket(
+			PublicKeyPacket				pubKeyPacket,
+			SymmetricKeyAlgorithmTag	encAlgorithm,
+			int							s2kUsage,
+			S2k							s2k,
+			byte[]						iv,
+			byte[]						secKeyData)
+			: base(pubKeyPacket, encAlgorithm, s2kUsage, s2k, iv, secKeyData)
+		{
+		}
+
+		public override void Encode(
+			BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.SecretSubkey, GetEncodedContents(), true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SignaturePacket.cs b/bc-sharp-crypto/src/bcpg/SignaturePacket.cs
new file mode 100644
index 0000000..5b91c15
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SignaturePacket.cs
@@ -0,0 +1,477 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Generic signature packet.</remarks>
+    public class SignaturePacket
+        : ContainedPacket //, PublicKeyAlgorithmTag
+    {
+		private int						version;
+        private int						signatureType;
+        private long					creationTime;
+        private long					keyId;
+        private PublicKeyAlgorithmTag	keyAlgorithm;
+        private HashAlgorithmTag		hashAlgorithm;
+        private MPInteger[]				signature;
+        private byte[]					fingerprint;
+        private SignatureSubpacket[]	hashedData;
+        private SignatureSubpacket[]	unhashedData;
+		private byte[]					signatureEncoding;
+
+		internal SignaturePacket(
+            BcpgInputStream bcpgIn)
+        {
+            version = bcpgIn.ReadByte();
+
+			if (version == 3 || version == 2)
+            {
+//                int l =
+                bcpgIn.ReadByte();
+
+				signatureType = bcpgIn.ReadByte();
+                creationTime = (((long)bcpgIn.ReadByte() << 24) | ((long)bcpgIn.ReadByte() << 16)
+                    | ((long)bcpgIn.ReadByte() << 8) | (uint)bcpgIn.ReadByte()) * 1000L;
+
+				keyId |= (long)bcpgIn.ReadByte() << 56;
+                keyId |= (long)bcpgIn.ReadByte() << 48;
+                keyId |= (long)bcpgIn.ReadByte() << 40;
+                keyId |= (long)bcpgIn.ReadByte() << 32;
+                keyId |= (long)bcpgIn.ReadByte() << 24;
+                keyId |= (long)bcpgIn.ReadByte() << 16;
+                keyId |= (long)bcpgIn.ReadByte() << 8;
+                keyId |= (uint)bcpgIn.ReadByte();
+
+				keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte();
+                hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte();
+            }
+            else if (version == 4)
+            {
+                signatureType = bcpgIn.ReadByte();
+                keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte();
+                hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte();
+
+				int hashedLength = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte();
+                byte[] hashed = new byte[hashedLength];
+
+				bcpgIn.ReadFully(hashed);
+
+				//
+                // read the signature sub packet data.
+                //
+                SignatureSubpacketsParser sIn = new SignatureSubpacketsParser(
+                    new MemoryStream(hashed, false));
+
+				IList v = Platform.CreateArrayList();
+				SignatureSubpacket sub;
+				while ((sub = sIn.ReadPacket()) != null)
+                {
+                    v.Add(sub);
+                }
+
+				hashedData = new SignatureSubpacket[v.Count];
+
+				for (int i = 0; i != hashedData.Length; i++)
+                {
+                    SignatureSubpacket p = (SignatureSubpacket)v[i];
+                    if (p is IssuerKeyId)
+                    {
+                        keyId = ((IssuerKeyId)p).KeyId;
+                    }
+                    else if (p is SignatureCreationTime)
+                    {
+                        creationTime = DateTimeUtilities.DateTimeToUnixMs(
+							((SignatureCreationTime)p).GetTime());
+                    }
+
+					hashedData[i] = p;
+                }
+
+				int unhashedLength = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte();
+                byte[] unhashed = new byte[unhashedLength];
+
+				bcpgIn.ReadFully(unhashed);
+
+				sIn = new SignatureSubpacketsParser(new MemoryStream(unhashed, false));
+
+				v.Clear();
+
+				while ((sub = sIn.ReadPacket()) != null)
+                {
+                    v.Add(sub);
+                }
+
+				unhashedData = new SignatureSubpacket[v.Count];
+
+				for (int i = 0; i != unhashedData.Length; i++)
+                {
+                    SignatureSubpacket p = (SignatureSubpacket)v[i];
+                    if (p is IssuerKeyId)
+                    {
+                        keyId = ((IssuerKeyId)p).KeyId;
+                    }
+
+					unhashedData[i] = p;
+                }
+            }
+            else
+            {
+                throw new Exception("unsupported version: " + version);
+            }
+
+			fingerprint = new byte[2];
+            bcpgIn.ReadFully(fingerprint);
+
+			switch (keyAlgorithm)
+            {
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                case PublicKeyAlgorithmTag.RsaSign:
+                    MPInteger v = new MPInteger(bcpgIn);
+					signature = new MPInteger[]{ v };
+                    break;
+				case PublicKeyAlgorithmTag.Dsa:
+                    MPInteger r = new MPInteger(bcpgIn);
+                    MPInteger s = new MPInteger(bcpgIn);
+					signature = new MPInteger[]{ r, s };
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt: // yep, this really does happen sometimes.
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    MPInteger p = new MPInteger(bcpgIn);
+                    MPInteger g = new MPInteger(bcpgIn);
+                    MPInteger y = new MPInteger(bcpgIn);
+					signature = new MPInteger[]{ p, g, y };
+                    break;
+                case PublicKeyAlgorithmTag.ECDsa:
+                    MPInteger ecR = new MPInteger(bcpgIn);
+                    MPInteger ecS = new MPInteger(bcpgIn);
+                    signature = new MPInteger[]{ ecR, ecS };
+                    break;
+                default:
+					if (keyAlgorithm >= PublicKeyAlgorithmTag.Experimental_1 && keyAlgorithm <= PublicKeyAlgorithmTag.Experimental_11)
+					{
+						signature = null;
+						MemoryStream bOut = new MemoryStream();
+						int ch;
+						while ((ch = bcpgIn.ReadByte()) >= 0)
+						{
+							bOut.WriteByte((byte) ch);
+						}
+						signatureEncoding = bOut.ToArray();
+					}
+					else
+					{
+						throw new IOException("unknown signature key algorithm: " + keyAlgorithm);
+					}
+					break;
+            }
+        }
+
+		/**
+        * Generate a version 4 signature packet.
+        *
+        * @param signatureType
+        * @param keyAlgorithm
+        * @param hashAlgorithm
+        * @param hashedData
+        * @param unhashedData
+        * @param fingerprint
+        * @param signature
+        */
+        public SignaturePacket(
+            int						signatureType,
+            long					keyId,
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm,
+            SignatureSubpacket[]	hashedData,
+            SignatureSubpacket[]	unhashedData,
+            byte[]					fingerprint,
+            MPInteger[]				signature)
+            : this(4, signatureType, keyId, keyAlgorithm, hashAlgorithm, hashedData, unhashedData, fingerprint, signature)
+        {
+        }
+
+		/**
+        * Generate a version 2/3 signature packet.
+        *
+        * @param signatureType
+        * @param keyAlgorithm
+        * @param hashAlgorithm
+        * @param fingerprint
+        * @param signature
+        */
+        public SignaturePacket(
+            int						version,
+            int						signatureType,
+            long					keyId,
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm,
+            long					creationTime,
+            byte[]					fingerprint,
+            MPInteger[]				signature)
+            : this(version, signatureType, keyId, keyAlgorithm, hashAlgorithm, null, null, fingerprint, signature)
+        {
+			this.creationTime = creationTime;
+        }
+
+		public SignaturePacket(
+            int						version,
+            int						signatureType,
+            long					keyId,
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm,
+            SignatureSubpacket[]	hashedData,
+            SignatureSubpacket[]	unhashedData,
+            byte[]					fingerprint,
+            MPInteger[]				signature)
+        {
+            this.version = version;
+            this.signatureType = signatureType;
+            this.keyId = keyId;
+            this.keyAlgorithm = keyAlgorithm;
+            this.hashAlgorithm = hashAlgorithm;
+            this.hashedData = hashedData;
+            this.unhashedData = unhashedData;
+            this.fingerprint = fingerprint;
+            this.signature = signature;
+
+			if (hashedData != null)
+			{
+				setCreationTime();
+			}
+		}
+
+		public int Version
+        {
+			get { return version; }
+        }
+
+		public int SignatureType
+        {
+			get { return signatureType; }
+		}
+
+		/**
+        * return the keyId
+        * @return the keyId that created the signature.
+        */
+        public long KeyId
+        {
+            get { return keyId; }
+        }
+
+		/**
+        * return the signature trailer that must be included with the data
+        * to reconstruct the signature
+        *
+        * @return byte[]
+        */
+        public byte[] GetSignatureTrailer()
+        {
+            byte[] trailer = null;
+
+			if (version == 3)
+            {
+                trailer = new byte[5];
+
+				long time = creationTime / 1000L;
+
+				trailer[0] = (byte)signatureType;
+                trailer[1] = (byte)(time >> 24);
+                trailer[2] = (byte)(time >> 16);
+                trailer[3] = (byte)(time >> 8);
+                trailer[4] = (byte)(time);
+            }
+            else
+            {
+                MemoryStream sOut = new MemoryStream();
+
+				sOut.WriteByte((byte)this.Version);
+                sOut.WriteByte((byte)this.SignatureType);
+                sOut.WriteByte((byte)this.KeyAlgorithm);
+                sOut.WriteByte((byte)this.HashAlgorithm);
+
+				MemoryStream hOut = new MemoryStream();
+                SignatureSubpacket[] hashed = this.GetHashedSubPackets();
+
+				for (int i = 0; i != hashed.Length; i++)
+                {
+                    hashed[i].Encode(hOut);
+                }
+
+				byte[] data = hOut.ToArray();
+
+				sOut.WriteByte((byte)(data.Length >> 8));
+                sOut.WriteByte((byte)data.Length);
+                sOut.Write(data, 0, data.Length);
+
+				byte[] hData = sOut.ToArray();
+
+				sOut.WriteByte((byte)this.Version);
+                sOut.WriteByte((byte)0xff);
+                sOut.WriteByte((byte)(hData.Length>> 24));
+                sOut.WriteByte((byte)(hData.Length >> 16));
+                sOut.WriteByte((byte)(hData.Length >> 8));
+                sOut.WriteByte((byte)(hData.Length));
+
+				trailer = sOut.ToArray();
+            }
+
+			return trailer;
+        }
+
+		public PublicKeyAlgorithmTag KeyAlgorithm
+        {
+			get { return keyAlgorithm; }
+        }
+
+		public HashAlgorithmTag HashAlgorithm
+		{
+			get { return hashAlgorithm; }
+        }
+
+		/**
+		* return the signature as a set of integers - note this is normalised to be the
+        * ASN.1 encoding of what appears in the signature packet.
+        */
+        public MPInteger[] GetSignature()
+        {
+            return signature;
+        }
+
+		/**
+		 * Return the byte encoding of the signature section.
+		 * @return uninterpreted signature bytes.
+		 */
+		public byte[] GetSignatureBytes()
+		{
+			if (signatureEncoding != null)
+			{
+				return (byte[]) signatureEncoding.Clone();
+			}
+
+			MemoryStream bOut = new MemoryStream();
+			BcpgOutputStream bcOut = new BcpgOutputStream(bOut);
+
+			foreach (MPInteger sigObj in signature)
+			{
+				try
+				{
+					bcOut.WriteObject(sigObj);
+				}
+				catch (IOException e)
+				{
+					throw new Exception("internal error: " + e);
+				}
+			}
+
+			return bOut.ToArray();
+		}
+
+		public SignatureSubpacket[] GetHashedSubPackets()
+        {
+            return hashedData;
+        }
+
+		public SignatureSubpacket[] GetUnhashedSubPackets()
+        {
+            return unhashedData;
+        }
+
+		/// <summary>Return the creation time in milliseconds since 1 Jan., 1970 UTC.</summary>
+        public long CreationTime
+        {
+            get { return creationTime; }
+        }
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+			pOut.WriteByte((byte) version);
+
+			if (version == 3 || version == 2)
+            {
+				pOut.Write(
+					5, // the length of the next block
+					(byte) signatureType);
+
+				pOut.WriteInt((int)(creationTime / 1000L));
+
+				pOut.WriteLong(keyId);
+
+				pOut.Write(
+					(byte) keyAlgorithm,
+					(byte) hashAlgorithm);
+            }
+            else if (version == 4)
+            {
+                pOut.Write(
+					(byte) signatureType,
+					(byte) keyAlgorithm,
+					(byte) hashAlgorithm);
+
+				EncodeLengthAndData(pOut, GetEncodedSubpackets(hashedData));
+
+				EncodeLengthAndData(pOut, GetEncodedSubpackets(unhashedData));
+            }
+            else
+            {
+                throw new IOException("unknown version: " + version);
+            }
+
+			pOut.Write(fingerprint);
+
+			if (signature != null)
+			{
+				pOut.WriteObjects(signature);
+			}
+			else
+			{
+				pOut.Write(signatureEncoding);
+			}
+
+			bcpgOut.WritePacket(PacketTag.Signature, bOut.ToArray(), true);
+        }
+
+		private static void EncodeLengthAndData(
+			BcpgOutputStream	pOut,
+			byte[]				data)
+		{
+			pOut.WriteShort((short) data.Length);
+			pOut.Write(data);
+		}
+
+		private static byte[] GetEncodedSubpackets(
+			SignatureSubpacket[] ps)
+		{
+			MemoryStream sOut = new MemoryStream();
+
+			foreach (SignatureSubpacket p in ps)
+			{
+				p.Encode(sOut);
+			}
+
+			return sOut.ToArray();
+		}
+
+		private void setCreationTime()
+		{
+			foreach (SignatureSubpacket p in hashedData)
+			{
+				if (p is SignatureCreationTime)
+				{
+                    creationTime = DateTimeUtilities.DateTimeToUnixMs(
+						((SignatureCreationTime)p).GetTime());
+					break;
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/SignatureSubpacket.cs b/bc-sharp-crypto/src/bcpg/SignatureSubpacket.cs
new file mode 100644
index 0000000..d993155
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SignatureSubpacket.cs
@@ -0,0 +1,94 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic type for a PGP Signature sub-packet.</remarks>
+    public class SignatureSubpacket
+    {
+        private readonly SignatureSubpacketTag type;
+        private readonly bool critical;
+        private readonly bool isLongLength;
+		internal byte[] data;
+
+		protected internal SignatureSubpacket(
+            SignatureSubpacketTag	type,
+            bool					critical,
+            bool                    isLongLength,
+            byte[]					data)
+        {
+            this.type = type;
+            this.critical = critical;
+            this.isLongLength = isLongLength;
+            this.data = data;
+        }
+
+        public SignatureSubpacketTag SubpacketType
+        {
+			get { return type; }
+        }
+
+        public bool IsCritical()
+        {
+            return critical;
+        }
+
+        public bool IsLongLength()
+        {
+            return isLongLength;
+        }
+
+        /// <summary>Return the generic data making up the packet.</summary>
+        public byte[] GetData()
+        {
+            return (byte[]) data.Clone();
+        }
+
+		public void Encode(
+            Stream os)
+        {
+            int bodyLen = data.Length + 1;
+
+            if (isLongLength)
+            {
+                os.WriteByte(0xff);
+                os.WriteByte((byte)(bodyLen >> 24));
+                os.WriteByte((byte)(bodyLen >> 16));
+                os.WriteByte((byte)(bodyLen >> 8));
+                os.WriteByte((byte)bodyLen);
+            }
+            else
+            {
+                if (bodyLen < 192)
+                {
+                    os.WriteByte((byte)bodyLen);
+                }
+                else if (bodyLen <= 8383)
+                {
+                    bodyLen -= 192;
+
+                    os.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192));
+                    os.WriteByte((byte)bodyLen);
+                }
+                else
+                {
+                    os.WriteByte(0xff);
+                    os.WriteByte((byte)(bodyLen >> 24));
+                    os.WriteByte((byte)(bodyLen >> 16));
+                    os.WriteByte((byte)(bodyLen >> 8));
+                    os.WriteByte((byte)bodyLen);
+                }
+            }
+
+            if (critical)
+            {
+                os.WriteByte((byte)(0x80 | (int) type));
+            }
+            else
+            {
+                os.WriteByte((byte) type);
+            }
+
+            os.Write(data, 0, data.Length);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SignatureSubpacketTags.cs b/bc-sharp-crypto/src/bcpg/SignatureSubpacketTags.cs
new file mode 100644
index 0000000..1a8e254
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SignatureSubpacketTags.cs
@@ -0,0 +1,33 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic PGP signature sub-packet tag types.
+    */
+    public enum SignatureSubpacketTag
+    {
+        CreationTime = 2,						// signature creation time
+        ExpireTime = 3,							// signature expiration time
+        Exportable = 4,							// exportable certification
+        TrustSig = 5,							// trust signature
+        RegExp = 6,								// regular expression
+        Revocable = 7,							// revocable
+        KeyExpireTime = 9,						// key expiration time
+        Placeholder = 10,						// placeholder for backward compatibility
+        PreferredSymmetricAlgorithms = 11,		// preferred symmetric algorithms
+        RevocationKey = 12,						// revocation key
+        IssuerKeyId = 16,						// issuer key ID
+        NotationData = 20,						// notation data
+        PreferredHashAlgorithms = 21,			// preferred hash algorithms
+        PreferredCompressionAlgorithms = 22,	// preferred compression algorithms
+        KeyServerPreferences = 23,				// key server preferences
+        PreferredKeyServer = 24,				// preferred key server
+        PrimaryUserId = 25,						// primary user id
+        PolicyUrl = 26,							// policy URL
+        KeyFlags = 27,							// key flags
+        SignerUserId = 28,						// signer's user id
+        RevocationReason = 29,					// reason for revocation
+		Features = 30,							// features
+		SignatureTarget = 31,					// signature target
+		EmbeddedSignature = 32					// embedded signature
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/SignatureSubpacketsReader.cs b/bc-sharp-crypto/src/bcpg/SignatureSubpacketsReader.cs
new file mode 100644
index 0000000..80bedb0
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SignatureSubpacketsReader.cs
@@ -0,0 +1,128 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/**
+	* reader for signature sub-packets
+	*/
+	public class SignatureSubpacketsParser
+	{
+		private readonly Stream input;
+
+		public SignatureSubpacketsParser(
+			Stream input)
+		{
+			this.input = input;
+		}
+
+		public SignatureSubpacket ReadPacket()
+		{
+			int l = input.ReadByte();
+			if (l < 0)
+				return null;
+
+			int bodyLen = 0;
+            bool isLongLength = false;
+
+            if (l < 192)
+			{
+				bodyLen = l;
+			}
+			else if (l <= 223)
+			{
+				bodyLen = ((l - 192) << 8) + (input.ReadByte()) + 192;
+			}
+			else if (l == 255)
+			{
+                isLongLength = true;
+				bodyLen = (input.ReadByte() << 24) | (input.ReadByte() << 16)
+					|  (input.ReadByte() << 8)  | input.ReadByte();
+			}
+			else
+			{
+                throw new IOException("unexpected length header");
+			}
+
+            int tag = input.ReadByte();
+			if (tag < 0)
+				throw new EndOfStreamException("unexpected EOF reading signature sub packet");
+
+            byte[] data = new byte[bodyLen - 1];
+
+            //
+            // this may seem a bit strange but it turns out some applications miscode the length
+            // in fixed length fields, so we check the length we do get, only throwing an exception if
+            // we really cannot continue
+            //
+            int bytesRead = Streams.ReadFully(input, data);
+
+            bool isCritical = ((tag & 0x80) != 0);
+            SignatureSubpacketTag type = (SignatureSubpacketTag)(tag & 0x7f);
+
+            if (bytesRead != data.Length)
+            {
+                switch (type)
+                {
+                case SignatureSubpacketTag.CreationTime:
+                    data = CheckData(data, 4, bytesRead, "Signature Creation Time");
+                    break;
+                case SignatureSubpacketTag.IssuerKeyId:
+                    data = CheckData(data, 8, bytesRead, "Issuer");
+                    break;
+                case SignatureSubpacketTag.KeyExpireTime:
+                    data = CheckData(data, 4, bytesRead, "Signature Key Expiration Time");
+                    break;
+                case SignatureSubpacketTag.ExpireTime:
+                    data = CheckData(data, 4, bytesRead, "Signature Expiration Time");
+                    break;
+                default:
+                    throw new EndOfStreamException("truncated subpacket data.");
+                }
+            }
+
+            switch (type)
+			{
+				case SignatureSubpacketTag.CreationTime:
+					return new SignatureCreationTime(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.KeyExpireTime:
+                    return new KeyExpirationTime(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.ExpireTime:
+                    return new SignatureExpirationTime(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.Revocable:
+                    return new Revocable(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.Exportable:
+                    return new Exportable(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.IssuerKeyId:
+                    return new IssuerKeyId(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.TrustSig:
+                    return new TrustSignature(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.PreferredCompressionAlgorithms:
+				case SignatureSubpacketTag.PreferredHashAlgorithms:
+				case SignatureSubpacketTag.PreferredSymmetricAlgorithms:
+                    return new PreferredAlgorithms(type, isCritical, isLongLength, data);
+				case SignatureSubpacketTag.KeyFlags:
+                    return new KeyFlags(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.PrimaryUserId:
+                    return new PrimaryUserId(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.SignerUserId:
+                    return new SignerUserId(isCritical, isLongLength, data);
+				case SignatureSubpacketTag.NotationData:
+                    return new NotationData(isCritical, isLongLength, data);
+			}
+            return new SignatureSubpacket(type, isCritical, isLongLength, data);
+		}
+
+        private byte[] CheckData(byte[] data, int expected, int bytesRead, string name)
+        {
+            if (bytesRead != expected)
+                throw new EndOfStreamException("truncated " + name + " subpacket data.");
+
+            return Arrays.CopyOfRange(data, 0, expected);
+        }
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/SymmetricEncDataPacket.cs b/bc-sharp-crypto/src/bcpg/SymmetricEncDataPacket.cs
new file mode 100644
index 0000000..17ee55b
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SymmetricEncDataPacket.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <remarks>Basic type for a symmetric key encrypted packet.</remarks>
+    public class SymmetricEncDataPacket
+        : InputStreamPacket
+    {
+        public SymmetricEncDataPacket(
+            BcpgInputStream bcpgIn)
+            : base(bcpgIn)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SymmetricEncIntegrityPacket.cs b/bc-sharp-crypto/src/bcpg/SymmetricEncIntegrityPacket.cs
new file mode 100644
index 0000000..a9b6d06
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SymmetricEncIntegrityPacket.cs
@@ -0,0 +1,18 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	public class SymmetricEncIntegrityPacket
+		: InputStreamPacket
+	{
+		internal readonly int version;
+
+		internal SymmetricEncIntegrityPacket(
+			BcpgInputStream bcpgIn)
+			: base(bcpgIn)
+        {
+			version = bcpgIn.ReadByte();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs b/bc-sharp-crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs
new file mode 100644
index 0000000..e05a486
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs
@@ -0,0 +1,23 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic tags for symmetric key algorithms
+    */
+    public enum SymmetricKeyAlgorithmTag
+    {
+        Null = 0,         // Plaintext or unencrypted data
+        Idea = 1,         // IDEA [IDEA]
+        TripleDes = 2,    // Triple-DES (DES-EDE, as per spec -168 bit key derived from 192)
+        Cast5 = 3,        // Cast5 (128 bit key, as per RFC 2144)
+        Blowfish = 4,     // Blowfish (128 bit key, 16 rounds) [Blowfish]
+        Safer = 5,        // Safer-SK128 (13 rounds) [Safer]
+        Des = 6,          // Reserved for DES/SK
+        Aes128 = 7,       // Reserved for AES with 128-bit key
+        Aes192 = 8,       // Reserved for AES with 192-bit key
+        Aes256 = 9,       // Reserved for AES with 256-bit key
+        Twofish = 10,     // Reserved for Twofish
+        Camellia128 = 11, // Reserved for AES with 128-bit key
+        Camellia192 = 12, // Reserved for AES with 192-bit key
+        Camellia256 = 13  // Reserved for AES with 256-bit key
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs b/bc-sharp-crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs
new file mode 100644
index 0000000..0381fa3
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs
@@ -0,0 +1,91 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic type for a symmetric encrypted session key packet
+    */
+    public class SymmetricKeyEncSessionPacket
+        : ContainedPacket
+    {
+        private int version;
+        private SymmetricKeyAlgorithmTag encAlgorithm;
+        private S2k s2k;
+        private readonly byte[] secKeyData;
+
+        public SymmetricKeyEncSessionPacket(
+            BcpgInputStream bcpgIn)
+        {
+            version = bcpgIn.ReadByte();
+            encAlgorithm = (SymmetricKeyAlgorithmTag) bcpgIn.ReadByte();
+
+            s2k = new S2k(bcpgIn);
+
+            secKeyData = bcpgIn.ReadAll();
+        }
+
+		public SymmetricKeyEncSessionPacket(
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            S2k							s2k,
+            byte[]						secKeyData)
+        {
+            this.version = 4;
+            this.encAlgorithm = encAlgorithm;
+            this.s2k = s2k;
+            this.secKeyData = secKeyData;
+        }
+
+        /**
+        * @return int
+        */
+        public SymmetricKeyAlgorithmTag EncAlgorithm
+        {
+			get { return encAlgorithm; }
+        }
+
+        /**
+        * @return S2k
+        */
+        public S2k S2k
+        {
+			get { return s2k; }
+        }
+
+        /**
+        * @return byte[]
+        */
+        public byte[] GetSecKeyData()
+        {
+            return secKeyData;
+        }
+
+        /**
+        * @return int
+        */
+        public int Version
+        {
+			get { return version; }
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            MemoryStream bOut = new MemoryStream();
+            BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+            pOut.Write(
+				(byte) version,
+				(byte) encAlgorithm);
+
+			pOut.WriteObject(s2k);
+
+			if (secKeyData != null && secKeyData.Length > 0)
+			{
+                pOut.Write(secKeyData);
+            }
+
+			bcpgOut.WritePacket(PacketTag.SymmetricKeyEncryptedSessionKey, bOut.ToArray(), true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/TrustPacket.cs b/bc-sharp-crypto/src/bcpg/TrustPacket.cs
new file mode 100644
index 0000000..6f1969c
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/TrustPacket.cs
@@ -0,0 +1,43 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+	/// <summary>Basic type for a trust packet.</summary>
+    public class TrustPacket
+        : ContainedPacket
+    {
+        private readonly byte[] levelAndTrustAmount;
+
+		public TrustPacket(
+            BcpgInputStream bcpgIn)
+        {
+            MemoryStream bOut = new MemoryStream();
+
+			int ch;
+            while ((ch = bcpgIn.ReadByte()) >= 0)
+            {
+                bOut.WriteByte((byte) ch);
+            }
+
+			levelAndTrustAmount = bOut.ToArray();
+        }
+
+		public TrustPacket(
+            int trustCode)
+        {
+			this.levelAndTrustAmount = new byte[]{ (byte) trustCode };
+        }
+
+		public byte[] GetLevelAndTrustAmount()
+		{
+			return (byte[]) levelAndTrustAmount.Clone();
+		}
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.Trust, levelAndTrustAmount, true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/UserAttributePacket.cs b/bc-sharp-crypto/src/bcpg/UserAttributePacket.cs
new file mode 100644
index 0000000..20e3598
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/UserAttributePacket.cs
@@ -0,0 +1,61 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic type for a user attribute packet.
+    */
+    public class UserAttributePacket
+        : ContainedPacket
+    {
+        private readonly UserAttributeSubpacket[] subpackets;
+
+        public UserAttributePacket(
+            BcpgInputStream bcpgIn)
+        {
+            UserAttributeSubpacketsParser sIn = new UserAttributeSubpacketsParser(bcpgIn);
+            UserAttributeSubpacket sub;
+
+            IList v = Platform.CreateArrayList();
+            while ((sub = sIn.ReadPacket()) != null)
+            {
+                v.Add(sub);
+            }
+
+            subpackets = new UserAttributeSubpacket[v.Count];
+
+            for (int i = 0; i != subpackets.Length; i++)
+            {
+                subpackets[i] = (UserAttributeSubpacket)v[i];
+            }
+        }
+
+        public UserAttributePacket(
+            UserAttributeSubpacket[] subpackets)
+        {
+            this.subpackets = subpackets;
+        }
+
+        public UserAttributeSubpacket[] GetSubpackets()
+        {
+            return subpackets;
+        }
+
+        public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            MemoryStream bOut = new MemoryStream();
+
+            for (int i = 0; i != subpackets.Length; i++)
+            {
+                subpackets[i].Encode(bOut);
+            }
+
+            bcpgOut.WritePacket(PacketTag.UserAttribute, bOut.ToArray(), false);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/UserAttributeSubpacket.cs b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacket.cs
new file mode 100644
index 0000000..05f60ac
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacket.cs
@@ -0,0 +1,90 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic type for a user attribute sub-packet.
+    */
+    public class UserAttributeSubpacket
+    {
+        internal readonly UserAttributeSubpacketTag	type;
+        private readonly bool longLength;   // we preserve this as not everyone encodes length properly.
+        protected readonly byte[] data;
+
+        protected internal UserAttributeSubpacket(UserAttributeSubpacketTag type, byte[] data)
+            : this(type, false, data)
+        {
+        }
+
+        protected internal UserAttributeSubpacket(UserAttributeSubpacketTag type, bool forceLongLength, byte[] data)
+        {
+            this.type = type;
+            this.longLength = forceLongLength;
+            this.data = data;
+        }
+
+        public virtual UserAttributeSubpacketTag SubpacketType
+        {
+            get { return type; }
+        }
+
+        /**
+        * return the generic data making up the packet.
+        */
+        public virtual byte[] GetData()
+        {
+            return data;
+        }
+
+        public virtual void Encode(Stream os)
+        {
+            int bodyLen = data.Length + 1;
+
+            if (bodyLen < 192 && !longLength)
+            {
+                os.WriteByte((byte)bodyLen);
+            }
+            else if (bodyLen <= 8383 && !longLength)
+            {
+                bodyLen -= 192;
+
+                os.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192));
+                os.WriteByte((byte)bodyLen);
+            }
+            else
+            {
+                os.WriteByte(0xff);
+                os.WriteByte((byte)(bodyLen >> 24));
+                os.WriteByte((byte)(bodyLen >> 16));
+                os.WriteByte((byte)(bodyLen >> 8));
+                os.WriteByte((byte)bodyLen);
+            }
+
+            os.WriteByte((byte) type);
+            os.Write(data, 0, data.Length);
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            UserAttributeSubpacket other = obj as UserAttributeSubpacket;
+
+            if (other == null)
+                return false;
+
+            return type == other.type
+                && Arrays.AreEqual(data, other.data);
+        }
+
+        public override int GetHashCode()
+        {
+            return type.GetHashCode() ^ Arrays.GetHashCode(data);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketTags.cs b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketTags.cs
new file mode 100644
index 0000000..7a9cd1d
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketTags.cs
@@ -0,0 +1,10 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic PGP user attribute sub-packet tag types.
+    */
+    public enum UserAttributeSubpacketTag
+    {
+        ImageAttribute = 1
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketsReader.cs b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketsReader.cs
new file mode 100644
index 0000000..f0cc1b8
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/UserAttributeSubpacketsReader.cs
@@ -0,0 +1,65 @@
+using System;
+using System.IO;
+using Org.BouncyCastle.Bcpg.Attr;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * reader for user attribute sub-packets
+    */
+    public class UserAttributeSubpacketsParser
+    {
+        private readonly Stream input;
+
+        public UserAttributeSubpacketsParser(
+            Stream input)
+        {
+            this.input = input;
+        }
+
+        public virtual UserAttributeSubpacket ReadPacket()
+        {
+            int l = input.ReadByte();
+            if (l < 0)
+                return null;
+
+            int bodyLen = 0;
+            bool longLength = false;
+            if (l < 192)
+            {
+                bodyLen = l;
+            }
+            else if (l <= 223)
+            {
+                bodyLen = ((l - 192) << 8) + (input.ReadByte()) + 192;
+            }
+            else if (l == 255)
+            {
+                bodyLen = (input.ReadByte() << 24) | (input.ReadByte() << 16)
+                    |  (input.ReadByte() << 8)  | input.ReadByte();
+                longLength = true;
+            }
+            else
+            {
+                throw new IOException("unrecognised length reading user attribute sub packet");
+            }
+
+            int tag = input.ReadByte();
+            if (tag < 0)
+                throw new EndOfStreamException("unexpected EOF reading user attribute sub packet");
+
+            byte[] data = new byte[bodyLen - 1];
+            if (Streams.ReadFully(input, data) < data.Length)
+                throw new EndOfStreamException();
+
+            UserAttributeSubpacketTag type = (UserAttributeSubpacketTag) tag;
+            switch (type)
+            {
+                case UserAttributeSubpacketTag.ImageAttribute:
+                    return new ImageAttrib(longLength, data);
+            }
+            return new UserAttributeSubpacket(type, longLength, data);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/UserIdPacket.cs b/bc-sharp-crypto/src/bcpg/UserIdPacket.cs
new file mode 100644
index 0000000..a175e74
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/UserIdPacket.cs
@@ -0,0 +1,37 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /**
+    * Basic type for a user ID packet.
+    */
+    public class UserIdPacket
+        : ContainedPacket
+    {
+        private readonly byte[] idData;
+
+        public UserIdPacket(
+            BcpgInputStream bcpgIn)
+        {
+            this.idData = bcpgIn.ReadAll();
+        }
+
+		public UserIdPacket(
+			string id)
+        {
+            this.idData = Encoding.UTF8.GetBytes(id);
+        }
+
+		public string GetId()
+        {
+			return Encoding.UTF8.GetString(idData, 0, idData.Length);
+        }
+
+		public override void Encode(
+            BcpgOutputStream bcpgOut)
+        {
+            bcpgOut.WritePacket(PacketTag.UserId, idData, true);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/attr/ImageAttrib.cs b/bc-sharp-crypto/src/bcpg/attr/ImageAttrib.cs
new file mode 100644
index 0000000..2d0fef8
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/attr/ImageAttrib.cs
@@ -0,0 +1,72 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Bcpg.Attr
+{
+    /// <remarks>Basic type for a image attribute packet.</remarks>
+    public class ImageAttrib
+        : UserAttributeSubpacket
+    {
+        public enum Format : byte
+        {
+            Jpeg = 1
+        }
+
+        private static readonly byte[] Zeroes = new byte[12];
+
+        private int     hdrLength;
+        private int     _version;
+        private int     _encoding;
+        private byte[]  imageData;
+
+        public ImageAttrib(byte[] data)
+            : this(false, data)
+        {
+        }
+
+        public ImageAttrib(bool forceLongLength, byte[] data)
+            : base(UserAttributeSubpacketTag.ImageAttribute, forceLongLength, data)
+        {
+            hdrLength = ((data[1] & 0xff) << 8) | (data[0] & 0xff);
+            _version = data[2] & 0xff;
+            _encoding = data[3] & 0xff;
+
+            imageData = new byte[data.Length - hdrLength];
+            Array.Copy(data, hdrLength, imageData, 0, imageData.Length);
+        }
+
+        public ImageAttrib(
+            Format	imageType,
+            byte[]	imageData)
+            : this(ToByteArray(imageType, imageData))
+        {
+        }
+
+        private static byte[] ToByteArray(
+            Format	imageType,
+            byte[]	imageData)
+        {
+            MemoryStream bOut = new MemoryStream();
+            bOut.WriteByte(0x10); bOut.WriteByte(0x00); bOut.WriteByte(0x01);
+            bOut.WriteByte((byte) imageType);
+            bOut.Write(Zeroes, 0, Zeroes.Length);
+            bOut.Write(imageData, 0, imageData.Length);
+            return bOut.ToArray();
+        }
+
+        public virtual int Version
+        {
+            get { return _version; }
+        }
+
+        public virtual int Encoding
+        {
+            get { return _encoding; }
+        }
+
+        public virtual byte[] GetImageData()
+        {
+            return imageData;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/EmbeddedSignature.cs b/bc-sharp-crypto/src/bcpg/sig/EmbeddedSignature.cs
new file mode 100644
index 0000000..fffdaef
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/EmbeddedSignature.cs
@@ -0,0 +1,19 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+	/**
+	 * Packet embedded signature
+	 */
+	public class EmbeddedSignature
+		: SignatureSubpacket
+	{
+		public EmbeddedSignature(
+			bool	critical,
+            bool    isLongLength,
+			byte[]	data)
+			: base(SignatureSubpacketTag.EmbeddedSignature, critical, isLongLength, data)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/Exportable.cs b/bc-sharp-crypto/src/bcpg/sig/Exportable.cs
new file mode 100644
index 0000000..4d03034
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/Exportable.cs
@@ -0,0 +1,46 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature creation time.
+    */
+    public class Exportable
+        : SignatureSubpacket
+    {
+        private static byte[] BooleanToByteArray(bool val)
+        {
+            byte[]    data = new byte[1];
+
+            if (val)
+            {
+                data[0] = 1;
+                return data;
+            }
+            else
+            {
+                return data;
+            }
+        }
+
+        public Exportable(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.Exportable, critical, isLongLength, data)
+        {
+        }
+
+        public Exportable(
+            bool    critical,
+            bool    isExportable)
+            : base(SignatureSubpacketTag.Exportable, critical, false, BooleanToByteArray(isExportable))
+        {
+        }
+
+        public bool IsExportable()
+        {
+            return data[0] != 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/Features.cs b/bc-sharp-crypto/src/bcpg/sig/Features.cs
new file mode 100644
index 0000000..2958423
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/Features.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature expiration time.
+    */
+    public class Features
+        : SignatureSubpacket
+    {
+        /** Identifier for the modification detection feature */
+        public static readonly byte FEATURE_MODIFICATION_DETECTION = 1;
+
+        private static byte[] FeatureToByteArray(byte feature)
+        {
+            return new byte[]{ feature };
+        }
+
+        public Features(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.Features, critical, isLongLength, data)
+        {
+        }
+
+        public Features(bool critical, byte feature)
+            : base(SignatureSubpacketTag.Features, critical, false, FeatureToByteArray(feature))
+        {
+        }
+
+        /**
+         * Returns if modification detection is supported.
+         */
+        public bool SupportsModificationDetection
+        {
+            get { return SupportsFeature(FEATURE_MODIFICATION_DETECTION); }
+        }
+
+        /**
+         * Returns if a particular feature is supported.
+         */
+        public bool SupportsFeature(byte feature)
+        {
+            return Array.IndexOf(data, feature) >= 0;
+        }
+
+        /**
+         * Sets support for a particular feature.
+         */
+        private void SetSupportsFeature(byte feature, bool support)
+        {
+            if (feature == 0)
+                throw new ArgumentException("cannot be 0", "feature");
+
+            int i = Array.IndexOf(data, feature);
+            if ((i >= 0) == support)
+                return;
+
+            if (support)
+            {
+                data = Arrays.Append(data, feature);
+            }
+            else
+            {
+                byte[] temp = new byte[data.Length - 1];
+                Array.Copy(data, 0, temp, 0, i);
+                Array.Copy(data, i + 1, temp, i, temp.Length - i);
+                data = temp;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/IssuerKeyId.cs b/bc-sharp-crypto/src/bcpg/sig/IssuerKeyId.cs
new file mode 100644
index 0000000..627ea3e
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/IssuerKeyId.cs
@@ -0,0 +1,62 @@
+using System;
+
+
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature creation time.
+    */
+    public class IssuerKeyId
+        : SignatureSubpacket
+    {
+        protected static byte[] KeyIdToBytes(
+            long    keyId)
+        {
+            byte[]    data = new byte[8];
+
+            data[0] = (byte)(keyId >> 56);
+            data[1] = (byte)(keyId >> 48);
+            data[2] = (byte)(keyId >> 40);
+            data[3] = (byte)(keyId >> 32);
+            data[4] = (byte)(keyId >> 24);
+            data[5] = (byte)(keyId >> 16);
+            data[6] = (byte)(keyId >> 8);
+            data[7] = (byte)keyId;
+
+            return data;
+        }
+
+        public IssuerKeyId(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.IssuerKeyId, critical, isLongLength, data)
+        {
+        }
+
+        public IssuerKeyId(
+            bool    critical,
+            long    keyId)
+            : base(SignatureSubpacketTag.IssuerKeyId, critical, false, KeyIdToBytes(keyId))
+        {
+        }
+
+        public long KeyId
+        {
+			get
+			{
+				long keyId = ((long)(data[0] & 0xff) << 56)
+					| ((long)(data[1] & 0xff) << 48)
+					| ((long)(data[2] & 0xff) << 40)
+					| ((long)(data[3] & 0xff) << 32)
+					| ((long)(data[4] & 0xff) << 24)
+					| ((long)(data[5] & 0xff) << 16)
+					| ((long)(data[6] & 0xff) << 8)
+					| ((long)data[7] & 0xff);
+
+				return keyId;
+			}
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/KeyExpirationTime.cs b/bc-sharp-crypto/src/bcpg/sig/KeyExpirationTime.cs
new file mode 100644
index 0000000..dfd3e76
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/KeyExpirationTime.cs
@@ -0,0 +1,55 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving time after creation at which the key expires.
+    */
+    public class KeyExpirationTime
+        : SignatureSubpacket
+    {
+        protected static byte[] TimeToBytes(
+            long    t)
+        {
+            byte[]    data = new byte[4];
+
+            data[0] = (byte)(t >> 24);
+            data[1] = (byte)(t >> 16);
+            data[2] = (byte)(t >> 8);
+            data[3] = (byte)t;
+
+            return data;
+        }
+
+        public KeyExpirationTime(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.KeyExpireTime, critical, isLongLength, data)
+        {
+        }
+
+        public KeyExpirationTime(
+            bool    critical,
+            long    seconds)
+            : base(SignatureSubpacketTag.KeyExpireTime, critical, false, TimeToBytes(seconds))
+        {
+        }
+
+        /**
+        * Return the number of seconds after creation time a key is valid for.
+        *
+        * @return second count for key validity.
+        */
+        public long Time
+        {
+			get
+			{
+				long time = ((long)(data[0] & 0xff) << 24) | ((long)(data[1] & 0xff) << 16)
+					| ((long)(data[2] & 0xff) << 8) | ((long)data[3] & 0xff);
+
+				return time;
+			}
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/KeyFlags.cs b/bc-sharp-crypto/src/bcpg/sig/KeyFlags.cs
new file mode 100644
index 0000000..5b5d85a
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/KeyFlags.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * Packet holding the key flag values.
+    */
+    public class KeyFlags
+        : SignatureSubpacket
+    {
+		public const int CertifyOther	= 0x01;
+		public const int SignData		= 0x02;
+		public const int EncryptComms	= 0x04;
+		public const int EncryptStorage	= 0x08;
+		public const int Split			= 0x10;
+		public const int Authentication	= 0x20;
+		public const int Shared			= 0x80;
+
+        private static byte[] IntToByteArray(
+            int v)
+        {
+			byte[] tmp = new byte[4];
+			int size = 0;
+
+			for (int i = 0; i != 4; i++)
+			{
+				tmp[i] = (byte)(v >> (i * 8));
+				if (tmp[i] != 0)
+				{
+					size = i;
+				}
+			}
+
+			byte[] data = new byte[size + 1];
+			Array.Copy(tmp, 0, data, 0, data.Length);
+			return data;
+		}
+
+		public KeyFlags(
+            bool	critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.KeyFlags, critical, isLongLength, data)
+        {
+        }
+
+		public KeyFlags(
+			bool    critical,
+			int     flags)
+            : base(SignatureSubpacketTag.KeyFlags, critical, false, IntToByteArray(flags))
+        {
+        }
+
+		/// <summary>
+		/// Return the flag values contained in the first 4 octets (note: at the moment
+		/// the standard only uses the first one).
+		/// </summary>
+		public int Flags
+        {
+			get
+			{
+				int flags = 0;
+
+				for (int i = 0; i != data.Length; i++)
+				{
+					flags |= (data[i] & 0xff) << (i * 8);
+				}
+
+				return flags;
+			}
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/NotationData.cs b/bc-sharp-crypto/src/bcpg/sig/NotationData.cs
new file mode 100644
index 0000000..9ac6f89
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/NotationData.cs
@@ -0,0 +1,113 @@
+using System;
+using System.IO;
+using System.Text;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+	/**
+	* Class provided a NotationData object according to
+	* RFC2440, Chapter 5.2.3.15. Notation Data
+	*/
+	public class NotationData
+		: SignatureSubpacket
+	{
+		public const int HeaderFlagLength = 4;
+		public const int HeaderNameLength = 2;
+		public const int HeaderValueLength = 2;
+
+		public NotationData(
+			bool	critical,
+            bool    isLongLength,
+            byte[]  data)
+			: base(SignatureSubpacketTag.NotationData, critical, isLongLength, data)
+		{
+		}
+
+		public NotationData(
+			bool	critical,
+			bool	humanReadable,
+			string	notationName,
+			string	notationValue)
+			: base(SignatureSubpacketTag.NotationData, critical, false,
+				CreateData(humanReadable, notationName, notationValue))
+		{
+		}
+
+		private static byte[] CreateData(
+			bool	humanReadable,
+			string	notationName,
+			string	notationValue)
+		{
+			MemoryStream os = new MemoryStream();
+
+			// (4 octets of flags, 2 octets of name length (M),
+			// 2 octets of value length (N),
+			// M octets of name data,
+			// N octets of value data)
+
+			// flags
+			os.WriteByte(humanReadable ? (byte)0x80 : (byte)0x00);
+			os.WriteByte(0x0);
+			os.WriteByte(0x0);
+			os.WriteByte(0x0);
+
+			byte[] nameData, valueData = null;
+			int nameLength, valueLength;
+
+			nameData = Encoding.UTF8.GetBytes(notationName);
+			nameLength = System.Math.Min(nameData.Length, 0xFF);
+
+			valueData = Encoding.UTF8.GetBytes(notationValue);
+			valueLength = System.Math.Min(valueData.Length, 0xFF);
+
+			// name length
+			os.WriteByte((byte)(nameLength >> 8));
+			os.WriteByte((byte)(nameLength >> 0));
+
+			// value length
+			os.WriteByte((byte)(valueLength >> 8));
+			os.WriteByte((byte)(valueLength >> 0));
+
+			// name
+			os.Write(nameData, 0, nameLength);
+
+			// value
+			os.Write(valueData, 0, valueLength);
+
+			return os.ToArray();
+		}
+
+		public bool IsHumanReadable
+		{
+			get { return data[0] == (byte)0x80; }
+		}
+
+		public string GetNotationName()
+		{
+			int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0));
+			int namePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength;
+
+			return Encoding.UTF8.GetString(data, namePos, nameLength);
+		}
+
+		public string GetNotationValue()
+		{
+			int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0));
+			int valueLength = ((data[HeaderFlagLength + HeaderNameLength] << 8) + (data[HeaderFlagLength + HeaderNameLength + 1] << 0));
+			int valuePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength + nameLength;
+
+			return Encoding.UTF8.GetString(data, valuePos, valueLength);
+		}
+
+		public byte[] GetNotationValueBytes()
+		{
+			int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0));
+			int valueLength = ((data[HeaderFlagLength + HeaderNameLength] << 8) + (data[HeaderFlagLength + HeaderNameLength + 1] << 0));
+			int valuePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength + nameLength;
+
+			byte[] bytes = new byte[valueLength];
+			Array.Copy(data, valuePos, bytes, 0, valueLength);
+			return bytes;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/PreferredAlgorithms.cs b/bc-sharp-crypto/src/bcpg/sig/PreferredAlgorithms.cs
new file mode 100644
index 0000000..9514bed
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/PreferredAlgorithms.cs
@@ -0,0 +1,53 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature creation time.
+    */
+    public class PreferredAlgorithms
+        : SignatureSubpacket
+    {
+        private static byte[] IntToByteArray(
+            int[]    v)
+        {
+            byte[]    data = new byte[v.Length];
+
+            for (int i = 0; i != v.Length; i++)
+            {
+                data[i] = (byte)v[i];
+            }
+
+            return data;
+        }
+
+        public PreferredAlgorithms(
+            SignatureSubpacketTag   type,
+            bool                    critical,
+            bool                    isLongLength,
+            byte[]                  data)
+            : base(type, critical, isLongLength, data)
+        {
+        }
+
+        public PreferredAlgorithms(
+            SignatureSubpacketTag   type,
+            bool                    critical,
+            int[]                   preferences)
+            : base(type, critical, false, IntToByteArray(preferences))
+        {
+        }
+
+        public int[] GetPreferences()
+        {
+            int[] v = new int[data.Length];
+
+            for (int i = 0; i != v.Length; i++)
+            {
+                v[i] = data[i] & 0xff;
+            }
+
+            return v;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/PrimaryUserId.cs b/bc-sharp-crypto/src/bcpg/sig/PrimaryUserId.cs
new file mode 100644
index 0000000..1f16f40
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/PrimaryUserId.cs
@@ -0,0 +1,47 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving whether or not the signature is signed using the primary user ID for the key.
+    */
+    public class PrimaryUserId
+        : SignatureSubpacket
+    {
+        private static byte[] BooleanToByteArray(
+            bool    val)
+        {
+            byte[]    data = new byte[1];
+
+            if (val)
+            {
+                data[0] = 1;
+                return data;
+            }
+            else
+            {
+                return data;
+            }
+        }
+
+        public PrimaryUserId(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.PrimaryUserId, critical, isLongLength, data)
+        {
+        }
+
+        public PrimaryUserId(
+            bool    critical,
+            bool    isPrimaryUserId)
+            : base(SignatureSubpacketTag.PrimaryUserId, critical, false, BooleanToByteArray(isPrimaryUserId))
+        {
+        }
+
+        public bool IsPrimaryUserId()
+        {
+            return data[0] != 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/Revocable.cs b/bc-sharp-crypto/src/bcpg/sig/Revocable.cs
new file mode 100644
index 0000000..7aa9139
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/Revocable.cs
@@ -0,0 +1,47 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving whether or not is revocable.
+    */
+    public class Revocable
+        : SignatureSubpacket
+    {
+        private static byte[] BooleanToByteArray(
+            bool    value)
+        {
+            byte[]    data = new byte[1];
+
+            if (value)
+            {
+                data[0] = 1;
+                return data;
+            }
+            else
+            {
+                return data;
+            }
+        }
+
+        public Revocable(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.Revocable, critical, isLongLength, data)
+        {
+        }
+
+        public Revocable(
+            bool    critical,
+            bool    isRevocable)
+            : base(SignatureSubpacketTag.Revocable, critical, false, BooleanToByteArray(isRevocable))
+        {
+        }
+
+        public bool IsRevocable()
+        {
+            return data[0] != 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/RevocationKey.cs b/bc-sharp-crypto/src/bcpg/sig/RevocationKey.cs
new file mode 100644
index 0000000..11467d2
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/RevocationKey.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <summary>
+    /// Represents revocation key OpenPGP signature sub packet.
+    /// </summary>
+    public class RevocationKey
+		: SignatureSubpacket
+    {
+		// 1 octet of class, 
+		// 1 octet of public-key algorithm ID, 
+		// 20 octets of fingerprint
+		public RevocationKey(
+			bool	isCritical,
+            bool    isLongLength,
+            byte[]  data)
+			: base(SignatureSubpacketTag.RevocationKey, isCritical, isLongLength, data)
+		{
+		}
+
+        public RevocationKey(
+			bool					isCritical,
+			RevocationKeyTag		signatureClass,
+			PublicKeyAlgorithmTag	keyAlgorithm,
+			byte[]					fingerprint)
+			: base(SignatureSubpacketTag.RevocationKey, isCritical, false,
+				CreateData(signatureClass, keyAlgorithm, fingerprint))
+		{
+		}
+
+		private static byte[] CreateData(
+			RevocationKeyTag		signatureClass,
+			PublicKeyAlgorithmTag	keyAlgorithm,
+			byte[]					fingerprint)
+		{
+			byte[] data = new byte[2 + fingerprint.Length];
+			data[0] = (byte)signatureClass;
+			data[1] = (byte)keyAlgorithm;
+			Array.Copy(fingerprint, 0, data, 2, fingerprint.Length);
+			return data;
+		}
+
+		public virtual RevocationKeyTag SignatureClass
+		{
+			get { return (RevocationKeyTag)this.GetData()[0]; }
+		}
+
+		public virtual PublicKeyAlgorithmTag Algorithm
+		{
+			get { return (PublicKeyAlgorithmTag)this.GetData()[1]; }
+		}
+
+        public virtual byte[] GetFingerprint()
+		{
+			byte[] data = this.GetData();
+			byte[] fingerprint = new byte[data.Length - 2];
+			Array.Copy(data, 2, fingerprint, 0, fingerprint.Length);
+			return fingerprint;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/RevocationKeyTags.cs b/bc-sharp-crypto/src/bcpg/sig/RevocationKeyTags.cs
new file mode 100644
index 0000000..d76d1dc
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/RevocationKeyTags.cs
@@ -0,0 +1,9 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    public enum RevocationKeyTag
+		: byte
+    {
+		ClassDefault = 0x80,
+		ClassSensitive = 0x40
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/RevocationReason.cs b/bc-sharp-crypto/src/bcpg/sig/RevocationReason.cs
new file mode 100644
index 0000000..42afd5f
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/RevocationReason.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg
+{
+    /// <summary>
+    /// Represents revocation reason OpenPGP signature sub packet.
+    /// </summary>
+    public class RevocationReason
+		: SignatureSubpacket
+    {
+        public RevocationReason(bool isCritical, bool isLongLength, byte[] data)
+            : base(SignatureSubpacketTag.RevocationReason, isCritical, isLongLength, data)
+        {
+        }
+
+        public RevocationReason(
+			bool                isCritical,
+			RevocationReasonTag reason,
+			string              description)
+            : base(SignatureSubpacketTag.RevocationReason, isCritical, false, CreateData(reason, description))
+        {
+        }
+
+        private static byte[] CreateData(
+			RevocationReasonTag	reason,
+			string				description)
+        {
+            byte[] descriptionBytes = Strings.ToUtf8ByteArray(description);
+            byte[] data = new byte[1 + descriptionBytes.Length];
+
+            data[0] = (byte)reason;
+            Array.Copy(descriptionBytes, 0, data, 1, descriptionBytes.Length);
+
+            return data;
+        }
+
+        public virtual RevocationReasonTag GetRevocationReason()
+        {
+            return (RevocationReasonTag)GetData()[0];
+        }
+
+        public virtual string GetRevocationDescription()
+        {
+            byte[] data = GetData();
+            if (data.Length == 1)
+            {
+                return string.Empty;
+            }
+
+            byte[] description = new byte[data.Length - 1];
+            Array.Copy(data, 1, description, 0, description.Length);
+
+            return Strings.FromUtf8ByteArray(description);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/RevocationReasonTags.cs b/bc-sharp-crypto/src/bcpg/sig/RevocationReasonTags.cs
new file mode 100644
index 0000000..524a58c
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/RevocationReasonTags.cs
@@ -0,0 +1,14 @@
+namespace Org.BouncyCastle.Bcpg
+{
+    public enum RevocationReasonTag
+		: byte
+    {
+		NoReason = 0,					// No reason specified (key revocations or cert revocations)
+		KeySuperseded = 1,				// Key is superseded (key revocations)
+		KeyCompromised = 2,				// Key material has been compromised (key revocations)
+		KeyRetired = 3,					// Key is retired and no longer used (key revocations)
+		UserNoLongerValid = 32,			// User ID information is no longer valid (cert revocations)
+
+		// 100-110 - Private Use
+	}
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/SignatureCreationTime.cs b/bc-sharp-crypto/src/bcpg/sig/SignatureCreationTime.cs
new file mode 100644
index 0000000..d172e5d
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/SignatureCreationTime.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature creation time.
+    */
+    public class SignatureCreationTime
+        : SignatureSubpacket
+    {
+		protected static byte[] TimeToBytes(
+            DateTime time)
+        {
+			long t = DateTimeUtilities.DateTimeToUnixMs(time) / 1000L;
+			byte[] data = new byte[4];
+			data[0] = (byte)(t >> 24);
+            data[1] = (byte)(t >> 16);
+            data[2] = (byte)(t >> 8);
+            data[3] = (byte)t;
+            return data;
+        }
+
+        public SignatureCreationTime(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.CreationTime, critical, isLongLength, data)
+        {
+        }
+
+        public SignatureCreationTime(
+            bool        critical,
+            DateTime    date)
+            : base(SignatureSubpacketTag.CreationTime, critical, false, TimeToBytes(date))
+        {
+        }
+
+        public DateTime GetTime()
+        {
+			long time = (long)(
+					((uint)data[0] << 24)
+				|	((uint)data[1] << 16)
+				|	((uint)data[2] << 8)
+				|	((uint)data[3])
+				);
+			return DateTimeUtilities.UnixMsToDateTime(time * 1000L);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/SignatureExpirationTime.cs b/bc-sharp-crypto/src/bcpg/sig/SignatureExpirationTime.cs
new file mode 100644
index 0000000..24f0a9f
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/SignatureExpirationTime.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving signature expiration time.
+    */
+    public class SignatureExpirationTime
+        : SignatureSubpacket
+    {
+        protected static byte[] TimeToBytes(
+            long    t)
+        {
+            byte[] data = new byte[4];
+            data[0] = (byte)(t >> 24);
+            data[1] = (byte)(t >> 16);
+            data[2] = (byte)(t >> 8);
+            data[3] = (byte)t;
+            return data;
+        }
+
+        public SignatureExpirationTime(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.ExpireTime, critical, isLongLength, data)
+        {
+        }
+
+        public SignatureExpirationTime(
+            bool    critical,
+            long    seconds)
+            : base(SignatureSubpacketTag.ExpireTime, critical, false, TimeToBytes(seconds))
+        {
+        }
+
+        /**
+        * return time in seconds before signature expires after creation time.
+        */
+        public long Time
+        {
+            get
+            {
+                long time = ((long)(data[0] & 0xff) << 24) | ((long)(data[1] & 0xff) << 16)
+                    | ((long)(data[2] & 0xff) << 8) | ((long)data[3] & 0xff);
+
+                return time;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/SignerUserId.cs b/bc-sharp-crypto/src/bcpg/sig/SignerUserId.cs
new file mode 100644
index 0000000..8ab62ed
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/SignerUserId.cs
@@ -0,0 +1,53 @@
+using System;
+
+
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving the User ID of the signer.
+    */
+    public class SignerUserId
+        : SignatureSubpacket
+    {
+        private static byte[] UserIdToBytes(
+            string id)
+        {
+            byte[] idData = new byte[id.Length];
+
+            for (int i = 0; i != id.Length; i++)
+            {
+                idData[i] = (byte)id[i];
+            }
+
+			return idData;
+        }
+
+        public SignerUserId(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.SignerUserId, critical, isLongLength, data)
+		{
+		}
+
+        public SignerUserId(
+            bool    critical,
+            string  userId)
+            : base(SignatureSubpacketTag.SignerUserId, critical, false, UserIdToBytes(userId))
+		{
+        }
+
+        public string GetId()
+        {
+            char[] chars = new char[data.Length];
+
+			for (int i = 0; i != chars.Length; i++)
+            {
+                chars[i] = (char)(data[i] & 0xff);
+            }
+
+			return new string(chars);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/bcpg/sig/TrustSignature.cs b/bc-sharp-crypto/src/bcpg/sig/TrustSignature.cs
new file mode 100644
index 0000000..9145882
--- /dev/null
+++ b/bc-sharp-crypto/src/bcpg/sig/TrustSignature.cs
@@ -0,0 +1,44 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.Sig
+{
+    /**
+    * packet giving trust.
+    */
+    public class TrustSignature
+        : SignatureSubpacket
+    {
+        private static byte[] IntToByteArray(
+            int	v1,
+            int	v2)
+        {
+			return new byte[]{ (byte)v1, (byte)v2 };
+        }
+
+		public TrustSignature(
+            bool    critical,
+            bool    isLongLength,
+            byte[]  data)
+            : base(SignatureSubpacketTag.TrustSig, critical, isLongLength, data)
+        {
+        }
+
+        public TrustSignature(
+            bool    critical,
+            int     depth,
+            int     trustAmount)
+            : base(SignatureSubpacketTag.TrustSig, critical, false, IntToByteArray(depth, trustAmount))
+        {
+        }
+
+        public int Depth
+        {
+			get { return data[0] & 0xff; }
+        }
+
+        public int TrustAmount
+        {
+			get { return data[1] & 0xff; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/BaseDigestCalculator.cs b/bc-sharp-crypto/src/cms/BaseDigestCalculator.cs
new file mode 100644
index 0000000..3dcbca7
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/BaseDigestCalculator.cs
@@ -0,0 +1,23 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class BaseDigestCalculator
+		: IDigestCalculator
+	{
+		private readonly byte[] digest;
+
+		internal BaseDigestCalculator(
+			byte[] digest)
+		{
+			this.digest = digest;
+		}
+
+		public byte[] GetDigest()
+		{
+			return Arrays.Clone(digest);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAttributeTableGenerationException.cs b/bc-sharp-crypto/src/cms/CMSAttributeTableGenerationException.cs
new file mode 100644
index 0000000..87dad99
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAttributeTableGenerationException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Cms
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CmsAttributeTableGenerationException
+		: CmsException
+	{
+		public CmsAttributeTableGenerationException()
+		{
+		}
+
+		public CmsAttributeTableGenerationException(
+			string name)
+			: base(name)
+		{
+		}
+
+		public CmsAttributeTableGenerationException(
+			string		name,
+			Exception	e)
+			: base(name, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAttributeTableGenerator.cs b/bc-sharp-crypto/src/cms/CMSAttributeTableGenerator.cs
new file mode 100644
index 0000000..92c9a29
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAttributeTableGenerator.cs
@@ -0,0 +1,25 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.Cms;
+
+namespace Org.BouncyCastle.Cms
+{
+	/// <remarks>
+	/// The 'Signature' parameter is only available when generating unsigned attributes.
+	/// </remarks>
+	public enum CmsAttributeTableParameter
+	{
+//		const string ContentType = "contentType";
+//		const string Digest = "digest";
+//		const string Signature = "encryptedDigest";
+//		const string DigestAlgorithmIdentifier = "digestAlgID";
+
+		ContentType, Digest, Signature, DigestAlgorithmIdentifier
+	}
+
+	public interface CmsAttributeTableGenerator
+	{
+		AttributeTable GetAttributes(IDictionary parameters);
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthEnvelopedData.cs b/bc-sharp-crypto/src/cms/CMSAuthEnvelopedData.cs
new file mode 100644
index 0000000..d35e946
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthEnvelopedData.cs
@@ -0,0 +1,112 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* containing class for an CMS AuthEnveloped Data object
+	*/
+	internal class CmsAuthEnvelopedData
+	{
+		internal RecipientInformationStore recipientInfoStore;
+		internal ContentInfo contentInfo;
+
+		private OriginatorInfo      originator;
+		private AlgorithmIdentifier authEncAlg;
+		private Asn1Set             authAttrs;
+		private byte[]              mac;
+		private Asn1Set             unauthAttrs;
+	
+		public CmsAuthEnvelopedData(
+			byte[] authEnvData)
+			: this(CmsUtilities.ReadContentInfo(authEnvData))
+		{
+		}
+
+		public CmsAuthEnvelopedData(
+			Stream authEnvData)
+			: this(CmsUtilities.ReadContentInfo(authEnvData))
+		{
+		}
+
+		public CmsAuthEnvelopedData(
+			ContentInfo contentInfo)
+		{
+			this.contentInfo = contentInfo;
+
+			AuthEnvelopedData authEnvData = AuthEnvelopedData.GetInstance(contentInfo.Content);
+
+			this.originator = authEnvData.OriginatorInfo;
+
+			//
+	        // read the recipients
+	        //
+	        Asn1Set recipientInfos = authEnvData.RecipientInfos;
+
+			//
+			// read the auth-encrypted content info
+			//
+			EncryptedContentInfo authEncInfo = authEnvData.AuthEncryptedContentInfo;
+			this.authEncAlg = authEncInfo.ContentEncryptionAlgorithm;
+			CmsSecureReadable secureReadable = new AuthEnvelopedSecureReadable(this);
+
+			//
+			// build the RecipientInformationStore
+			//
+			this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
+				recipientInfos, secureReadable);
+
+			// FIXME These need to be passed to the AEAD cipher as AAD (Additional Authenticated Data)
+			this.authAttrs = authEnvData.AuthAttrs;
+			this.mac = authEnvData.Mac.GetOctets();
+			this.unauthAttrs = authEnvData.UnauthAttrs;
+		}
+
+		private class AuthEnvelopedSecureReadable : CmsSecureReadable
+		{
+			private readonly CmsAuthEnvelopedData parent;
+
+			internal AuthEnvelopedSecureReadable(CmsAuthEnvelopedData parent)
+			{
+				this.parent = parent;
+			}
+
+			public AlgorithmIdentifier Algorithm
+			{
+				get { return parent.authEncAlg; }
+			}
+
+			public object CryptoObject
+			{
+				get { return null; }
+			}
+
+			public CmsReadable GetReadable(KeyParameter key)
+			{
+				// TODO Create AEAD cipher instance to decrypt and calculate tag ( MAC)
+				throw new CmsException("AuthEnveloped data decryption not yet implemented");
+
+//				RFC 5084 ASN.1 Module
+//				-- Parameters for AlgorithmIdentifier
+//				
+//				CCMParameters ::= SEQUENCE {
+//				  aes-nonce         OCTET STRING (SIZE(7..13)),
+//				  aes-ICVlen        AES-CCM-ICVlen DEFAULT 12 }
+//				
+//				AES-CCM-ICVlen ::= INTEGER (4 | 6 | 8 | 10 | 12 | 14 | 16)
+//				
+//				GCMParameters ::= SEQUENCE {
+//				  aes-nonce        OCTET STRING, -- recommended size is 12 octets
+//				  aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }
+//				
+//				AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)
+			}            
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthEnvelopedGenerator.cs b/bc-sharp-crypto/src/cms/CMSAuthEnvelopedGenerator.cs
new file mode 100644
index 0000000..4273cff
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthEnvelopedGenerator.cs
@@ -0,0 +1,16 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Nist;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class CmsAuthEnvelopedGenerator
+	{
+		public static readonly string Aes128Ccm = NistObjectIdentifiers.IdAes128Ccm.Id;
+		public static readonly string Aes192Ccm = NistObjectIdentifiers.IdAes192Ccm.Id;
+		public static readonly string Aes256Ccm = NistObjectIdentifiers.IdAes256Ccm.Id;
+		public static readonly string Aes128Gcm = NistObjectIdentifiers.IdAes128Gcm.Id;
+		public static readonly string Aes192Gcm = NistObjectIdentifiers.IdAes192Gcm.Id;
+		public static readonly string Aes256Gcm = NistObjectIdentifiers.IdAes256Gcm.Id;
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthenticatedData.cs b/bc-sharp-crypto/src/cms/CMSAuthenticatedData.cs
new file mode 100644
index 0000000..33b4cc2
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthenticatedData.cs
@@ -0,0 +1,137 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* containing class for an CMS Authenticated Data object
+	*/
+	public class CmsAuthenticatedData
+	{
+		internal RecipientInformationStore recipientInfoStore;
+		internal ContentInfo contentInfo;
+
+		private AlgorithmIdentifier macAlg;
+		private Asn1Set authAttrs;
+		private Asn1Set unauthAttrs;
+		private byte[] mac;
+
+		public CmsAuthenticatedData(
+			byte[] authData)
+			: this(CmsUtilities.ReadContentInfo(authData))
+		{
+		}
+
+		public CmsAuthenticatedData(
+			Stream authData)
+			: this(CmsUtilities.ReadContentInfo(authData))
+		{
+		}
+
+		public CmsAuthenticatedData(
+			ContentInfo contentInfo)
+		{
+			this.contentInfo = contentInfo;
+
+			AuthenticatedData authData = AuthenticatedData.GetInstance(contentInfo.Content);
+
+			//
+			// read the recipients
+			//
+			Asn1Set recipientInfos = authData.RecipientInfos;
+
+			this.macAlg = authData.MacAlgorithm;
+
+			//
+			// read the authenticated content info
+			//
+			ContentInfo encInfo = authData.EncapsulatedContentInfo;
+			CmsReadable readable = new CmsProcessableByteArray(
+				Asn1OctetString.GetInstance(encInfo.Content).GetOctets());
+			CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(
+				this.macAlg, readable);
+
+			//
+			// build the RecipientInformationStore
+			//
+			this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
+				recipientInfos, secureReadable);
+
+			this.authAttrs = authData.AuthAttrs;
+			this.mac = authData.Mac.GetOctets();
+			this.unauthAttrs = authData.UnauthAttrs;
+		}
+
+		public byte[] GetMac()
+		{
+			return Arrays.Clone(mac);
+		}
+
+		public AlgorithmIdentifier MacAlgorithmID
+		{
+			get { return macAlg; }
+		}
+
+		/**
+		* return the object identifier for the content MAC algorithm.
+		*/
+		public string MacAlgOid
+		{
+            get { return macAlg.Algorithm.Id; }
+		}
+
+		/**
+		* return a store of the intended recipients for this message
+		*/
+		public RecipientInformationStore GetRecipientInfos()
+		{
+			return recipientInfoStore;
+		}
+
+		/**
+		 * return the ContentInfo 
+		 */
+		public ContentInfo ContentInfo
+		{
+			get { return contentInfo; }
+		}
+
+		/**
+		* return a table of the digested attributes indexed by
+		* the OID of the attribute.
+		*/
+		public Asn1.Cms.AttributeTable GetAuthAttrs()
+		{
+			if (authAttrs == null)
+				return null;
+
+			return new Asn1.Cms.AttributeTable(authAttrs);
+		}
+
+		/**
+		* return a table of the undigested attributes indexed by
+		* the OID of the attribute.
+		*/
+		public Asn1.Cms.AttributeTable GetUnauthAttrs()
+		{
+			if (unauthAttrs == null)
+				return null;
+
+			return new Asn1.Cms.AttributeTable(unauthAttrs);
+		}
+
+		/**
+		* return the ASN.1 encoded representation of this object.
+		*/
+		public byte[] GetEncoded()
+		{
+			return contentInfo.GetEncoded();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthenticatedDataGenerator.cs b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataGenerator.cs
new file mode 100644
index 0000000..131a475
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataGenerator.cs
@@ -0,0 +1,156 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * General class for generating a CMS authenticated-data message.
+	 *
+	 * A simple example of usage.
+	 *
+	 * <pre>
+	 *      CMSAuthenticatedDataGenerator  fact = new CMSAuthenticatedDataGenerator();
+	 *
+	 *      fact.addKeyTransRecipient(cert);
+	 *
+	 *      CMSAuthenticatedData         data = fact.generate(content, algorithm, "BC");
+	 * </pre>
+	 */
+	public class CmsAuthenticatedDataGenerator
+	    : CmsAuthenticatedGenerator
+	{
+	    /**
+	     * base constructor
+	     */
+	    public CmsAuthenticatedDataGenerator()
+	    {
+	    }
+
+	    /**
+	     * constructor allowing specific source of randomness
+	     * @param rand instance of SecureRandom to use
+	     */
+	    public CmsAuthenticatedDataGenerator(
+	        SecureRandom rand)
+	        : base(rand)
+	    {
+	    }
+
+	    /**
+	     * generate an enveloped object that contains an CMS Enveloped Data
+	     * object using the given provider and the passed in key generator.
+	     */
+		private CmsAuthenticatedData Generate(
+			CmsProcessable		content,
+			string				macOid,
+			CipherKeyGenerator	keyGen)
+		{
+			AlgorithmIdentifier macAlgId;
+			KeyParameter encKey;
+			Asn1OctetString encContent;
+			Asn1OctetString macResult;
+
+			try
+			{
+				// FIXME Will this work for macs?
+				byte[] encKeyBytes = keyGen.GenerateKey();
+				encKey = ParameterUtilities.CreateKeyParameter(macOid, encKeyBytes);
+
+				Asn1Encodable asn1Params = GenerateAsn1Parameters(macOid, encKeyBytes);
+
+				ICipherParameters cipherParameters;
+				macAlgId = GetAlgorithmIdentifier(
+				macOid, encKey, asn1Params, out cipherParameters);
+
+				IMac mac = MacUtilities.GetMac(macOid);
+				// TODO Confirm no ParametersWithRandom needed
+				// FIXME Only passing key at the moment
+//	            mac.Init(cipherParameters);
+				mac.Init(encKey);
+
+				MemoryStream bOut = new MemoryStream();
+				Stream mOut = new TeeOutputStream(bOut, new MacOutputStream(mac));
+
+				content.Write(mOut);
+
+                Platform.Dispose(mOut);
+
+                encContent = new BerOctetString(bOut.ToArray());
+
+				byte[] macOctets = MacUtilities.DoFinal(mac);
+				macResult = new DerOctetString(macOctets);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception decoding algorithm parameters.", e);
+			}
+
+			Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
+
+			foreach (RecipientInfoGenerator rig in recipientInfoGenerators) 
+			{
+				try
+				{
+					recipientInfos.Add(rig.Generate(encKey, rand));
+				}
+				catch (InvalidKeyException e)
+				{
+					throw new CmsException("key inappropriate for algorithm.", e);
+				}
+				catch (GeneralSecurityException e)
+				{
+					throw new CmsException("error making encrypted content.", e);
+				}
+			}
+			
+			ContentInfo eci = new ContentInfo(CmsObjectIdentifiers.Data, encContent);
+			
+			ContentInfo contentInfo = new ContentInfo(
+			CmsObjectIdentifiers.AuthenticatedData,
+			new AuthenticatedData(null, new DerSet(recipientInfos), macAlgId, null, eci, null, macResult, null));
+			
+			return new CmsAuthenticatedData(contentInfo);
+		}
+
+	    /**
+	     * generate an authenticated object that contains an CMS Authenticated Data object
+	     */
+	    public CmsAuthenticatedData Generate(
+	        CmsProcessable	content,
+	        string			encryptionOid)
+	    {
+            try
+            {
+				// FIXME Will this work for macs?
+				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+				keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+
+				return Generate(content, encryptionOid, keyGen);
+            }
+            catch (SecurityUtilityException e)
+            {
+                throw new CmsException("can't find key generation algorithm.", e);
+            }
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthenticatedDataParser.cs b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataParser.cs
new file mode 100644
index 0000000..7defafc
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataParser.cs
@@ -0,0 +1,214 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* Parsing class for an CMS Authenticated Data object from an input stream.
+	* <p>
+	* Note: that because we are in a streaming mode only one recipient can be tried and it is important
+	* that the methods on the parser are called in the appropriate order.
+	* </p>
+	* <p>
+	* Example of use - assuming the first recipient matches the private key we have.
+	* <pre>
+	*      CMSAuthenticatedDataParser     ad = new CMSAuthenticatedDataParser(inputStream);
+	*
+	*      RecipientInformationStore  recipients = ad.getRecipientInfos();
+	*
+	*      Collection  c = recipients.getRecipients();
+	*      Iterator    it = c.iterator();
+	*
+	*      if (it.hasNext())
+	*      {
+	*          RecipientInformation   recipient = (RecipientInformation)it.next();
+	*
+	*          CMSTypedStream recData = recipient.getContentStream(privateKey, "BC");
+	*
+	*          processDataStream(recData.getContentStream());
+	*
+	*          if (!Arrays.equals(ad.getMac(), recipient.getMac())
+	*          {
+	*              System.err.println("Data corrupted!!!!");
+	*          }
+	*      }
+	*  </pre>
+	*  Note: this class does not introduce buffering - if you are processing large files you should create
+	*  the parser with:
+	*  <pre>
+	*          CMSAuthenticatedDataParser     ep = new CMSAuthenticatedDataParser(new BufferedInputStream(inputStream, bufSize));
+	*  </pre>
+	*  where bufSize is a suitably large buffer size.
+	* </p>
+	*/
+	public class CmsAuthenticatedDataParser
+		: CmsContentInfoParser
+	{
+		internal RecipientInformationStore	_recipientInfoStore;
+		internal AuthenticatedDataParser	authData;
+
+		private AlgorithmIdentifier			macAlg;
+		private byte[]						mac;
+		private Asn1.Cms.AttributeTable		authAttrs;
+		private Asn1.Cms.AttributeTable		unauthAttrs;
+
+		private bool authAttrNotRead;
+		private bool unauthAttrNotRead;
+
+		public CmsAuthenticatedDataParser(
+			byte[] envelopedData)
+			: this(new MemoryStream(envelopedData, false))
+		{
+		}
+
+		public CmsAuthenticatedDataParser(
+			Stream envelopedData)
+			: base(envelopedData)
+		{
+			this.authAttrNotRead = true;
+			this.authData = new AuthenticatedDataParser(
+				(Asn1SequenceParser)contentInfo.GetContent(Asn1Tags.Sequence));
+
+			// TODO Validate version?
+			//DerInteger version = this.authData.getVersion();
+
+			//
+			// read the recipients
+			//
+			Asn1Set recipientInfos = Asn1Set.GetInstance(authData.GetRecipientInfos().ToAsn1Object());
+
+			this.macAlg = authData.GetMacAlgorithm();
+
+			//
+			// read the authenticated content info
+			//
+			ContentInfoParser data = authData.GetEnapsulatedContentInfo();
+			CmsReadable readable = new CmsProcessableInputStream(
+				((Asn1OctetStringParser)data.GetContent(Asn1Tags.OctetString)).GetOctetStream());
+			CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable(
+				this.macAlg, readable);
+
+			//
+			// build the RecipientInformationStore
+			//
+			this._recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
+				recipientInfos, secureReadable);
+		}
+
+		public AlgorithmIdentifier MacAlgorithmID
+		{
+			get { return macAlg; }
+		}
+
+		/**
+		* return the object identifier for the mac algorithm.
+		*/
+		public string MacAlgOid
+		{
+            get { return macAlg.Algorithm.Id; }
+		}
+
+
+		/**
+		 * return the ASN.1 encoded encryption algorithm parameters, or null if
+		 * there aren't any.
+		 */
+		public Asn1Object MacAlgParams
+		{
+			get
+			{
+				Asn1Encodable ae = macAlg.Parameters;
+
+				return ae == null ? null : ae.ToAsn1Object();
+			}
+		}
+
+		/**
+		* return a store of the intended recipients for this message
+		*/
+		public RecipientInformationStore GetRecipientInfos()
+		{
+			return _recipientInfoStore;
+		}
+
+		public byte[] GetMac()
+		{
+			if (mac == null)
+			{
+				GetAuthAttrs();
+				mac = authData.GetMac().GetOctets();
+			}
+			return Arrays.Clone(mac);
+		}
+
+		/**
+		* return a table of the unauthenticated attributes indexed by
+		* the OID of the attribute.
+		* @exception java.io.IOException
+		*/
+		public Asn1.Cms.AttributeTable GetAuthAttrs()
+		{
+			if (authAttrs == null && authAttrNotRead)
+			{
+				Asn1SetParser s = authData.GetAuthAttrs();
+
+				authAttrNotRead = false;
+
+				if (s != null)
+				{
+					Asn1EncodableVector v = new Asn1EncodableVector();
+
+					IAsn1Convertible o;
+					while ((o = s.ReadObject()) != null)
+					{
+						Asn1SequenceParser seq = (Asn1SequenceParser)o;
+
+						v.Add(seq.ToAsn1Object());
+					}
+
+					authAttrs = new Asn1.Cms.AttributeTable(new DerSet(v));
+				}
+			}
+
+			return authAttrs;
+		}
+
+		/**
+		* return a table of the unauthenticated attributes indexed by
+		* the OID of the attribute.
+		* @exception java.io.IOException
+		*/
+		public Asn1.Cms.AttributeTable GetUnauthAttrs()
+		{
+			if (unauthAttrs == null && unauthAttrNotRead)
+			{
+				Asn1SetParser s = authData.GetUnauthAttrs();
+
+				unauthAttrNotRead = false;
+
+				if (s != null)
+				{
+					Asn1EncodableVector v = new Asn1EncodableVector();
+
+					IAsn1Convertible o;
+					while ((o = s.ReadObject()) != null)
+					{
+						Asn1SequenceParser seq = (Asn1SequenceParser)o;
+
+						v.Add(seq.ToAsn1Object());
+					}
+
+					unauthAttrs = new Asn1.Cms.AttributeTable(new DerSet(v));
+				}
+			}
+
+			return unauthAttrs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
new file mode 100644
index 0000000..4d18d10
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs
@@ -0,0 +1,297 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* General class for generating a CMS authenticated-data message stream.
+	* <p>
+	* A simple example of usage.
+	* <pre>
+	*      CMSAuthenticatedDataStreamGenerator edGen = new CMSAuthenticatedDataStreamGenerator();
+	*
+	*      edGen.addKeyTransRecipient(cert);
+	*
+	*      ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
+	*
+	*      OutputStream out = edGen.open(
+	*                              bOut, CMSAuthenticatedDataGenerator.AES128_CBC, "BC");*
+	*      out.write(data);
+	*
+	*      out.close();
+	* </pre>
+	* </p>
+	*/
+	public class CmsAuthenticatedDataStreamGenerator
+		: CmsAuthenticatedGenerator
+	{
+		// TODO Add support
+//		private object              _originatorInfo = null;
+//		private object              _unprotectedAttributes = null;
+		private int                 _bufferSize;
+		private bool                _berEncodeRecipientSet;
+
+		/**
+		* base constructor
+		*/
+		public CmsAuthenticatedDataStreamGenerator()
+		{
+		}
+
+		/**
+		* constructor allowing specific source of randomness
+		* @param rand instance of SecureRandom to use
+		*/
+		public CmsAuthenticatedDataStreamGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+
+		/**
+		* Set the underlying string size for encapsulated data
+		*
+		* @param bufferSize length of octet strings to buffer the data.
+		*/
+		public void SetBufferSize(
+			int bufferSize)
+		{
+			_bufferSize = bufferSize;
+		}
+
+		/**
+		* Use a BER Set to store the recipient information
+		*/
+		public void SetBerEncodeRecipients(
+			bool berEncodeRecipientSet)
+		{
+			_berEncodeRecipientSet = berEncodeRecipientSet;
+		}
+
+		/**
+		* generate an enveloped object that contains an CMS Enveloped Data
+		* object using the given provider and the passed in key generator.
+		* @throws java.io.IOException
+		*/
+		private Stream Open(
+			Stream				outStr,
+			string				macOid,
+			CipherKeyGenerator	keyGen)
+		{
+			// FIXME Will this work for macs?
+			byte[] encKeyBytes = keyGen.GenerateKey();
+			KeyParameter encKey = ParameterUtilities.CreateKeyParameter(macOid, encKeyBytes);
+
+			Asn1Encodable asn1Params = GenerateAsn1Parameters(macOid, encKeyBytes);
+
+			ICipherParameters cipherParameters;
+			AlgorithmIdentifier macAlgId = GetAlgorithmIdentifier(
+				macOid, encKey, asn1Params, out cipherParameters);
+
+			Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
+
+			foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
+			{
+				try
+				{
+					recipientInfos.Add(rig.Generate(encKey, rand));
+				}
+				catch (InvalidKeyException e)
+				{
+					throw new CmsException("key inappropriate for algorithm.", e);
+				}
+				catch (GeneralSecurityException e)
+				{
+					throw new CmsException("error making encrypted content.", e);
+				}
+			}
+
+			// FIXME Only passing key at the moment
+//			return Open(outStr, macAlgId, cipherParameters, recipientInfos);
+			return Open(outStr, macAlgId, encKey, recipientInfos);
+		}
+
+		protected Stream Open(
+			Stream        			outStr,
+			AlgorithmIdentifier		macAlgId,
+			ICipherParameters		cipherParameters,
+			Asn1EncodableVector		recipientInfos)
+		{
+			try
+			{
+				//
+				// ContentInfo
+				//
+				BerSequenceGenerator cGen = new BerSequenceGenerator(outStr);
+
+				cGen.AddObject(CmsObjectIdentifiers.AuthenticatedData);
+
+				//
+				// Authenticated Data
+				//
+				BerSequenceGenerator authGen = new BerSequenceGenerator(
+					cGen.GetRawOutputStream(), 0, true);
+
+				authGen.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null)));
+
+				Stream authRaw = authGen.GetRawOutputStream();
+				Asn1Generator recipGen = _berEncodeRecipientSet
+					?	(Asn1Generator) new BerSetGenerator(authRaw)
+					:	new DerSetGenerator(authRaw);
+
+				foreach (Asn1Encodable ae in recipientInfos)
+				{
+					recipGen.AddObject(ae);
+				}
+
+				recipGen.Close();
+
+				authGen.AddObject(macAlgId);
+
+				BerSequenceGenerator eiGen = new BerSequenceGenerator(authRaw);
+				eiGen.AddObject(CmsObjectIdentifiers.Data);
+
+				Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
+					eiGen.GetRawOutputStream(), 0, false, _bufferSize);
+
+                IMac mac = MacUtilities.GetMac(macAlgId.Algorithm);
+				// TODO Confirm no ParametersWithRandom needed
+	            mac.Init(cipherParameters);
+				Stream mOut = new TeeOutputStream(octetOutputStream, new MacOutputStream(mac));
+
+				return new CmsAuthenticatedDataOutputStream(mOut, mac, cGen, authGen, eiGen);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception decoding algorithm parameters.", e);
+			}
+		}
+
+		/**
+		* generate an enveloped object that contains an CMS Enveloped Data object
+		*/
+		public Stream Open(
+			Stream	outStr,
+			string	encryptionOid)
+		{
+			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+			keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+
+			return Open(outStr, encryptionOid, keyGen);
+		}
+
+		/**
+		* generate an enveloped object that contains an CMS Enveloped Data object
+		*/
+		public Stream Open(
+			Stream	outStr,
+			string	encryptionOid,
+			int		keySize)
+		{
+			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+			keyGen.Init(new KeyGenerationParameters(rand, keySize));
+
+			return Open(outStr, encryptionOid, keyGen);
+		}
+
+		private class CmsAuthenticatedDataOutputStream
+			: BaseOutputStream
+		{
+			private readonly Stream					macStream;
+			private readonly IMac					mac;
+			private readonly BerSequenceGenerator	cGen;
+			private readonly BerSequenceGenerator	authGen;
+			private readonly BerSequenceGenerator	eiGen;
+
+			public CmsAuthenticatedDataOutputStream(
+				Stream					macStream,
+				IMac					mac,
+				BerSequenceGenerator	cGen,
+				BerSequenceGenerator	authGen,
+				BerSequenceGenerator	eiGen)
+			{
+				this.macStream = macStream;
+				this.mac = mac;
+				this.cGen = cGen;
+				this.authGen = authGen;
+				this.eiGen = eiGen;
+			}
+
+			public override void WriteByte(
+				byte b)
+			{
+				macStream.WriteByte(b);
+			}
+
+			public override void Write(
+				byte[]	bytes,
+				int		off,
+				int		len)
+			{
+				macStream.Write(bytes, off, len);
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+                    Platform.Dispose(macStream);
+
+                    // TODO Parent context(s) should really be be closed explicitly
+
+				    eiGen.Close();
+
+				    // [TODO] auth attributes go here 
+				    byte[] macOctets = MacUtilities.DoFinal(mac);
+				    authGen.AddObject(new DerOctetString(macOctets));
+				    // [TODO] unauth attributes go here
+
+				    authGen.Close();
+				    cGen.Close();
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+                Platform.Dispose(macStream);
+
+                // TODO Parent context(s) should really be be closed explicitly
+
+				eiGen.Close();
+
+				// [TODO] auth attributes go here 
+				byte[] macOctets = MacUtilities.DoFinal(mac);
+				authGen.AddObject(new DerOctetString(macOctets));
+				// [TODO] unauth attributes go here
+
+				authGen.Close();
+				cGen.Close();
+                base.Close();
+			}
+#endif
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSAuthenticatedGenerator.cs b/bc-sharp-crypto/src/cms/CMSAuthenticatedGenerator.cs
new file mode 100644
index 0000000..8824d19
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSAuthenticatedGenerator.cs
@@ -0,0 +1,35 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class CmsAuthenticatedGenerator
+		: CmsEnvelopedGenerator
+	{
+		/**
+		* base constructor
+		*/
+		public CmsAuthenticatedGenerator()
+		{
+		}
+
+		/**
+		* constructor allowing specific source of randomness
+		*
+		* @param rand instance of SecureRandom to use
+		*/
+		public CmsAuthenticatedGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSCompressedData.cs b/bc-sharp-crypto/src/cms/CMSCompressedData.cs
new file mode 100644
index 0000000..21651f0
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSCompressedData.cs
@@ -0,0 +1,108 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * containing class for an CMS Compressed Data object
+    */
+    public class CmsCompressedData
+    {
+        internal ContentInfo contentInfo;
+
+		public CmsCompressedData(
+            byte[] compressedData)
+            : this(CmsUtilities.ReadContentInfo(compressedData))
+        {
+        }
+
+		public CmsCompressedData(
+            Stream compressedDataStream)
+            : this(CmsUtilities.ReadContentInfo(compressedDataStream))
+        {
+        }
+
+		public CmsCompressedData(
+            ContentInfo contentInfo)
+        {
+            this.contentInfo = contentInfo;
+        }
+
+		/**
+		 * Return the uncompressed content.
+		 *
+		 * @return the uncompressed content
+		 * @throws CmsException if there is an exception uncompressing the data.
+		 */
+		public byte[] GetContent()
+        {
+            CompressedData comData = CompressedData.GetInstance(contentInfo.Content);
+            ContentInfo content = comData.EncapContentInfo;
+
+			Asn1OctetString bytes = (Asn1OctetString) content.Content;
+			ZInputStream zIn = new ZInputStream(bytes.GetOctetStream());
+
+			try
+			{
+				return CmsUtilities.StreamToByteArray(zIn);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception reading compressed stream.", e);
+			}
+			finally
+			{
+                Platform.Dispose(zIn);
+			}
+        }
+
+	    /**
+	     * Return the uncompressed content, throwing an exception if the data size
+	     * is greater than the passed in limit. If the content is exceeded getCause()
+	     * on the CMSException will contain a StreamOverflowException
+	     *
+	     * @param limit maximum number of bytes to read
+	     * @return the content read
+	     * @throws CMSException if there is an exception uncompressing the data.
+	     */
+		public byte[] GetContent(int limit)
+		{
+			CompressedData  comData = CompressedData.GetInstance(contentInfo.Content);
+			ContentInfo     content = comData.EncapContentInfo;
+
+			Asn1OctetString bytes = (Asn1OctetString)content.Content;
+
+			ZInputStream zIn = new ZInputStream(new MemoryStream(bytes.GetOctets(), false));
+
+			try
+			{
+				return CmsUtilities.StreamToByteArray(zIn, limit);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception reading compressed stream.", e);
+			}
+		}
+
+		/**
+		 * return the ContentInfo 
+		 */
+		public ContentInfo ContentInfo
+		{
+			get { return contentInfo; }
+		}
+
+		/**
+        * return the ASN.1 encoded representation of this object.
+        */
+        public byte[] GetEncoded()
+        {
+			return contentInfo.GetEncoded();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSCompressedDataGenerator.cs b/bc-sharp-crypto/src/cms/CMSCompressedDataGenerator.cs
new file mode 100644
index 0000000..d51de10
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSCompressedDataGenerator.cs
@@ -0,0 +1,67 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * General class for generating a compressed CMS message.
+    * <p>
+    * A simple example of usage.</p>
+    * <p>
+    * <pre>
+    *      CMSCompressedDataGenerator fact = new CMSCompressedDataGenerator();
+    *      CMSCompressedData data = fact.Generate(content, algorithm);
+    * </pre>
+	* </p>
+    */
+    public class CmsCompressedDataGenerator
+    {
+        public const string ZLib = "1.2.840.113549.1.9.16.3.8";
+
+		public CmsCompressedDataGenerator()
+        {
+        }
+
+		/**
+        * Generate an object that contains an CMS Compressed Data
+        */
+        public CmsCompressedData Generate(
+            CmsProcessable	content,
+            string			compressionOid)
+        {
+            AlgorithmIdentifier comAlgId;
+            Asn1OctetString comOcts;
+
+            try
+            {
+                MemoryStream bOut = new MemoryStream();
+                ZOutputStream zOut = new ZOutputStream(bOut, JZlib.Z_DEFAULT_COMPRESSION);
+
+				content.Write(zOut);
+
+                Platform.Dispose(zOut);
+
+                comAlgId = new AlgorithmIdentifier(new DerObjectIdentifier(compressionOid));
+				comOcts = new BerOctetString(bOut.ToArray());
+            }
+            catch (IOException e)
+            {
+                throw new CmsException("exception encoding data.", e);
+            }
+
+            ContentInfo comContent = new ContentInfo(CmsObjectIdentifiers.Data, comOcts);
+            ContentInfo contentInfo = new ContentInfo(
+                CmsObjectIdentifiers.CompressedData,
+                new CompressedData(comAlgId, comContent));
+
+			return new CmsCompressedData(contentInfo);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSCompressedDataParser.cs b/bc-sharp-crypto/src/cms/CMSCompressedDataParser.cs
new file mode 100644
index 0000000..93dfa12
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSCompressedDataParser.cs
@@ -0,0 +1,57 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * Class for reading a CMS Compressed Data stream.
+    * <pre>
+    *     CMSCompressedDataParser cp = new CMSCompressedDataParser(inputStream);
+    *
+    *     process(cp.GetContent().GetContentStream());
+    * </pre>
+    *  Note: this class does not introduce buffering - if you are processing large files you should create
+    *  the parser with:
+    *  <pre>
+    *      CMSCompressedDataParser     ep = new CMSCompressedDataParser(new BufferedInputStream(inputStream, bufSize));
+    *  </pre>
+    *  where bufSize is a suitably large buffer size.
+    */
+    public class CmsCompressedDataParser
+        : CmsContentInfoParser
+    {
+        public CmsCompressedDataParser(
+            byte[] compressedData)
+            : this(new MemoryStream(compressedData, false))
+        {
+        }
+
+        public CmsCompressedDataParser(
+            Stream compressedData)
+            : base(compressedData)
+        {
+        }
+
+		public CmsTypedStream GetContent()
+        {
+            try
+            {
+                CompressedDataParser comData = new CompressedDataParser((Asn1SequenceParser)this.contentInfo.GetContent(Asn1Tags.Sequence));
+                ContentInfoParser content = comData.GetEncapContentInfo();
+
+                Asn1OctetStringParser bytes = (Asn1OctetStringParser)content.GetContent(Asn1Tags.OctetString);
+
+                return new CmsTypedStream(content.ContentType.ToString(), new ZInputStream(bytes.GetOctetStream()));
+            }
+            catch (IOException e)
+            {
+                throw new CmsException("IOException reading compressed content.", e);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSCompressedDataStreamGenerator.cs b/bc-sharp-crypto/src/cms/CMSCompressedDataStreamGenerator.cs
new file mode 100644
index 0000000..0cb1bb6
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSCompressedDataStreamGenerator.cs
@@ -0,0 +1,158 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* General class for generating a compressed CMS message stream.
+	* <p>
+	* A simple example of usage.
+	* </p>
+	* <pre>
+	*      CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
+	*
+	*      Stream cOut = gen.Open(outputStream, CMSCompressedDataStreamGenerator.ZLIB);
+	*
+	*      cOut.Write(data);
+	*
+	*      cOut.Close();
+	* </pre>
+	*/
+	public class CmsCompressedDataStreamGenerator
+	{
+		public const string ZLib = "1.2.840.113549.1.9.16.3.8";
+
+		private int _bufferSize;
+		
+		/**
+		* base constructor
+		*/
+		public CmsCompressedDataStreamGenerator()
+		{
+		}
+
+		/**
+		* Set the underlying string size for encapsulated data
+		*
+		* @param bufferSize length of octet strings to buffer the data.
+		*/
+		public void SetBufferSize(
+			int bufferSize)
+		{
+			_bufferSize = bufferSize;
+		}
+
+		public Stream Open(
+			Stream	outStream,
+			string	compressionOID)
+		{
+			return Open(outStream, CmsObjectIdentifiers.Data.Id, compressionOID);
+		}
+
+		public Stream Open(
+			Stream	outStream,
+			string	contentOID,
+			string	compressionOID)
+		{
+			BerSequenceGenerator sGen = new BerSequenceGenerator(outStream);
+
+			sGen.AddObject(CmsObjectIdentifiers.CompressedData);
+
+			//
+			// Compressed Data
+			//
+			BerSequenceGenerator cGen = new BerSequenceGenerator(
+				sGen.GetRawOutputStream(), 0, true);
+
+			// CMSVersion
+			cGen.AddObject(new DerInteger(0));
+
+			// CompressionAlgorithmIdentifier
+			cGen.AddObject(new AlgorithmIdentifier(new DerObjectIdentifier(ZLib)));
+
+			//
+			// Encapsulated ContentInfo
+			//
+			BerSequenceGenerator eiGen = new BerSequenceGenerator(cGen.GetRawOutputStream());
+
+			eiGen.AddObject(new DerObjectIdentifier(contentOID));
+
+			Stream octetStream = CmsUtilities.CreateBerOctetOutputStream(
+				eiGen.GetRawOutputStream(), 0, true, _bufferSize);
+
+			return new CmsCompressedOutputStream(
+				new ZOutputStream(octetStream, JZlib.Z_DEFAULT_COMPRESSION), sGen, cGen, eiGen);
+		}
+
+		private class CmsCompressedOutputStream
+			: BaseOutputStream
+		{
+			private ZOutputStream _out;
+			private BerSequenceGenerator _sGen;
+			private BerSequenceGenerator _cGen;
+			private BerSequenceGenerator _eiGen;
+
+			internal CmsCompressedOutputStream(
+				ZOutputStream			outStream,
+				BerSequenceGenerator	sGen,
+				BerSequenceGenerator	cGen,
+				BerSequenceGenerator	eiGen)
+			{
+				_out = outStream;
+				_sGen = sGen;
+				_cGen = cGen;
+				_eiGen = eiGen;
+			}
+
+			public override void WriteByte(
+				byte b)
+			{
+				_out.WriteByte(b);
+			}
+
+			public override void Write(
+				byte[]	bytes,
+				int		off,
+				int		len)
+			{
+				_out.Write(bytes, off, len);
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+                    Platform.Dispose(_out);
+
+                    // TODO Parent context(s) should really be be closed explicitly
+
+                    _eiGen.Close();
+				    _cGen.Close();
+				    _sGen.Close();
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+                Platform.Dispose(_out);
+
+                // TODO Parent context(s) should really be be closed explicitly
+
+                _eiGen.Close();
+				_cGen.Close();
+				_sGen.Close();
+				base.Close();
+			}
+#endif
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSContentInfoParser.cs b/bc-sharp-crypto/src/cms/CMSContentInfoParser.cs
new file mode 100644
index 0000000..a7b43f2
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSContentInfoParser.cs
@@ -0,0 +1,48 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class CmsContentInfoParser
+	{
+		protected ContentInfoParser	contentInfo;
+		protected Stream data;
+
+		protected CmsContentInfoParser(
+			Stream data)
+		{
+			if (data == null)
+				throw new ArgumentNullException("data");
+
+			this.data = data;
+
+			try
+			{
+				Asn1StreamParser inStream = new Asn1StreamParser(data);
+
+				this.contentInfo = new ContentInfoParser((Asn1SequenceParser)inStream.ReadObject());
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("IOException reading content.", e);
+			}
+			catch (InvalidCastException e)
+			{
+				throw new CmsException("Unexpected object reading content.", e);
+			}
+		}
+
+		/**
+		* Close the underlying data stream.
+		* @throws IOException if the close fails.
+		*/
+		public void Close()
+		{
+            Platform.Dispose(this.data);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedData.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedData.cs
new file mode 100644
index 0000000..223d0ca
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedData.cs
@@ -0,0 +1,115 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * containing class for an CMS Enveloped Data object
+    */
+    public class CmsEnvelopedData
+    {
+        internal RecipientInformationStore	recipientInfoStore;
+        internal ContentInfo				contentInfo;
+
+		private AlgorithmIdentifier	encAlg;
+        private Asn1Set				unprotectedAttributes;
+
+		public CmsEnvelopedData(
+            byte[] envelopedData)
+            : this(CmsUtilities.ReadContentInfo(envelopedData))
+        {
+        }
+
+        public CmsEnvelopedData(
+            Stream envelopedData)
+            : this(CmsUtilities.ReadContentInfo(envelopedData))
+        {
+        }
+
+        public CmsEnvelopedData(
+            ContentInfo contentInfo)
+        {
+            this.contentInfo = contentInfo;
+
+			EnvelopedData envData = EnvelopedData.GetInstance(contentInfo.Content);
+
+			//
+			// read the recipients
+			//
+			Asn1Set recipientInfos = envData.RecipientInfos;
+
+			//
+			// read the encrypted content info
+			//
+			EncryptedContentInfo encInfo = envData.EncryptedContentInfo;
+			this.encAlg = encInfo.ContentEncryptionAlgorithm;
+			CmsReadable readable = new CmsProcessableByteArray(encInfo.EncryptedContent.GetOctets());
+			CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable(
+				this.encAlg, readable);
+
+			//
+			// build the RecipientInformationStore
+			//
+			this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
+				recipientInfos, secureReadable);
+
+			this.unprotectedAttributes = envData.UnprotectedAttrs;
+        }
+
+		public AlgorithmIdentifier EncryptionAlgorithmID
+		{
+			get { return encAlg; }
+		}
+
+		/**
+        * return the object identifier for the content encryption algorithm.
+        */
+        public string EncryptionAlgOid
+        {
+            get { return encAlg.Algorithm.Id; }
+        }
+
+		/**
+        * return a store of the intended recipients for this message
+        */
+        public RecipientInformationStore GetRecipientInfos()
+        {
+            return recipientInfoStore;
+        }
+
+		/**
+		 * return the ContentInfo 
+		 */
+		public ContentInfo ContentInfo
+		{
+			get { return contentInfo; }
+		}
+
+		/**
+        * return a table of the unprotected attributes indexed by
+        * the OID of the attribute.
+        */
+        public Asn1.Cms.AttributeTable GetUnprotectedAttributes()
+        {
+            if (unprotectedAttributes == null)
+                return null;
+
+			return new Asn1.Cms.AttributeTable(unprotectedAttributes);
+        }
+
+		/**
+        * return the ASN.1 encoded representation of this object.
+        */
+        public byte[] GetEncoded()
+        {
+			return contentInfo.GetEncoded();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedDataGenerator.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedDataGenerator.cs
new file mode 100644
index 0000000..d260e99
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedDataGenerator.cs
@@ -0,0 +1,178 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+    /// <remarks>
+    /// General class for generating a CMS enveloped-data message.
+    ///
+    /// A simple example of usage.
+    ///
+    /// <pre>
+    ///      CmsEnvelopedDataGenerator  fact = new CmsEnvelopedDataGenerator();
+    ///
+    ///      fact.AddKeyTransRecipient(cert);
+    ///
+    ///      CmsEnvelopedData         data = fact.Generate(content, algorithm);
+    /// </pre>
+    /// </remarks>
+    public class CmsEnvelopedDataGenerator
+		: CmsEnvelopedGenerator
+    {
+		public CmsEnvelopedDataGenerator()
+        {
+        }
+
+		/// <summary>Constructor allowing specific source of randomness</summary>
+		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsEnvelopedDataGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+
+		/// <summary>
+		/// Generate an enveloped object that contains a CMS Enveloped Data
+		/// object using the passed in key generator.
+		/// </summary>
+        private CmsEnvelopedData Generate(
+            CmsProcessable		content,
+            string				encryptionOid,
+            CipherKeyGenerator	keyGen)
+        {
+            AlgorithmIdentifier encAlgId = null;
+			KeyParameter encKey;
+            Asn1OctetString encContent;
+
+			try
+			{
+				byte[] encKeyBytes = keyGen.GenerateKey();
+				encKey = ParameterUtilities.CreateKeyParameter(encryptionOid, encKeyBytes);
+
+				Asn1Encodable asn1Params = GenerateAsn1Parameters(encryptionOid, encKeyBytes);
+
+				ICipherParameters cipherParameters;
+				encAlgId = GetAlgorithmIdentifier(
+					encryptionOid, encKey, asn1Params, out cipherParameters);
+
+				IBufferedCipher cipher = CipherUtilities.GetCipher(encryptionOid);
+				cipher.Init(true, new ParametersWithRandom(cipherParameters, rand));
+
+				MemoryStream bOut = new MemoryStream();
+				CipherStream cOut = new CipherStream(bOut, null, cipher);
+
+				content.Write(cOut);
+
+                Platform.Dispose(cOut);
+
+                encContent = new BerOctetString(bOut.ToArray());
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception decoding algorithm parameters.", e);
+			}
+
+
+			Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
+
+            foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
+            {
+                try
+                {
+                    recipientInfos.Add(rig.Generate(encKey, rand));
+                }
+                catch (InvalidKeyException e)
+                {
+                    throw new CmsException("key inappropriate for algorithm.", e);
+                }
+                catch (GeneralSecurityException e)
+                {
+                    throw new CmsException("error making encrypted content.", e);
+                }
+            }
+
+            EncryptedContentInfo eci = new EncryptedContentInfo(
+                CmsObjectIdentifiers.Data,
+                encAlgId,
+                encContent);
+
+			Asn1Set unprotectedAttrSet = null;
+            if (unprotectedAttributeGenerator != null)
+            {
+                Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable());
+
+                unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector());
+            }
+
+			ContentInfo contentInfo = new ContentInfo(
+                CmsObjectIdentifiers.EnvelopedData,
+                new EnvelopedData(null, new DerSet(recipientInfos), eci, unprotectedAttrSet));
+
+            return new CmsEnvelopedData(contentInfo);
+        }
+
+		/// <summary>Generate an enveloped object that contains an CMS Enveloped Data object.</summary>
+        public CmsEnvelopedData Generate(
+            CmsProcessable	content,
+            string			encryptionOid)
+        {
+            try
+            {
+				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+				keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+
+				return Generate(content, encryptionOid, keyGen);
+            }
+            catch (SecurityUtilityException e)
+            {
+                throw new CmsException("can't find key generation algorithm.", e);
+            }
+        }
+
+		/// <summary>Generate an enveloped object that contains an CMS Enveloped Data object.</summary>
+        public CmsEnvelopedData Generate(
+            CmsProcessable  content,
+            string          encryptionOid,
+            int             keySize)
+        {
+            try
+            {
+				CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+				keyGen.Init(new KeyGenerationParameters(rand, keySize));
+
+				return Generate(content, encryptionOid, keyGen);
+            }
+            catch (SecurityUtilityException e)
+            {
+                throw new CmsException("can't find key generation algorithm.", e);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedDataParser.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedDataParser.cs
new file mode 100644
index 0000000..d5dfaf5
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedDataParser.cs
@@ -0,0 +1,161 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* Parsing class for an CMS Enveloped Data object from an input stream.
+	* <p>
+	* Note: that because we are in a streaming mode only one recipient can be tried and it is important
+	* that the methods on the parser are called in the appropriate order.
+	* </p>
+	* <p>
+	* Example of use - assuming the first recipient matches the private key we have.
+	* <pre>
+	*      CmsEnvelopedDataParser     ep = new CmsEnvelopedDataParser(inputStream);
+	*
+	*      RecipientInformationStore  recipients = ep.GetRecipientInfos();
+	*
+	*      Collection  c = recipients.getRecipients();
+	*      Iterator    it = c.iterator();
+	*
+	*      if (it.hasNext())
+	*      {
+	*          RecipientInformation   recipient = (RecipientInformation)it.next();
+	*
+	*          CMSTypedStream recData = recipient.getContentStream(privateKey);
+	*
+	*          processDataStream(recData.getContentStream());
+	*      }
+	*  </pre>
+	*  Note: this class does not introduce buffering - if you are processing large files you should create
+	*  the parser with:
+	*  <pre>
+	*          CmsEnvelopedDataParser     ep = new CmsEnvelopedDataParser(new BufferedInputStream(inputStream, bufSize));
+	*  </pre>
+	*  where bufSize is a suitably large buffer size.
+	* </p>
+	*/
+	public class CmsEnvelopedDataParser
+		: CmsContentInfoParser
+	{
+		internal RecipientInformationStore	recipientInfoStore;
+		internal EnvelopedDataParser		envelopedData;
+
+		private AlgorithmIdentifier			_encAlg;
+		private Asn1.Cms.AttributeTable		_unprotectedAttributes;
+		private bool						_attrNotRead;
+
+		public CmsEnvelopedDataParser(
+			byte[] envelopedData)
+			: this(new MemoryStream(envelopedData, false))
+		{
+		}
+
+		public CmsEnvelopedDataParser(
+			Stream envelopedData)
+			: base(envelopedData)
+		{
+			this._attrNotRead = true;
+			this.envelopedData = new EnvelopedDataParser(
+				(Asn1SequenceParser)this.contentInfo.GetContent(Asn1Tags.Sequence));
+
+			// TODO Validate version?
+			//DerInteger version = this.envelopedData.Version;
+
+			//
+			// read the recipients
+			//
+			Asn1Set recipientInfos = Asn1Set.GetInstance(this.envelopedData.GetRecipientInfos().ToAsn1Object());
+
+			//
+			// read the encrypted content info
+			//
+			EncryptedContentInfoParser encInfo = this.envelopedData.GetEncryptedContentInfo();
+			this._encAlg = encInfo.ContentEncryptionAlgorithm;
+			CmsReadable readable = new CmsProcessableInputStream(
+				((Asn1OctetStringParser)encInfo.GetEncryptedContent(Asn1Tags.OctetString)).GetOctetStream());
+			CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable(
+				this._encAlg, readable);
+
+			//
+			// build the RecipientInformationStore
+			//
+			this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
+				recipientInfos, secureReadable);
+		}
+
+		public AlgorithmIdentifier EncryptionAlgorithmID
+		{
+			get { return _encAlg; }
+		}
+
+		/**
+		 * return the object identifier for the content encryption algorithm.
+		 */
+		public string EncryptionAlgOid
+		{
+            get { return _encAlg.Algorithm.Id; }
+		}
+
+		/**
+		 * return the ASN.1 encoded encryption algorithm parameters, or null if
+		 * there aren't any.
+		 */
+		public Asn1Object EncryptionAlgParams
+		{
+			get
+			{
+				Asn1Encodable ae = _encAlg.Parameters;
+
+				return ae == null ? null : ae.ToAsn1Object();
+			}
+		}
+
+		/**
+		 * return a store of the intended recipients for this message
+		 */
+		public RecipientInformationStore GetRecipientInfos()
+		{
+			return this.recipientInfoStore;
+		}
+
+		/**
+		 * return a table of the unprotected attributes indexed by
+		 * the OID of the attribute.
+		 * @throws IOException
+		 */
+		public Asn1.Cms.AttributeTable GetUnprotectedAttributes()
+		{
+			if (_unprotectedAttributes == null && _attrNotRead)
+			{
+				Asn1SetParser asn1Set = this.envelopedData.GetUnprotectedAttrs();
+
+				_attrNotRead = false;
+
+				if (asn1Set != null)
+				{
+					Asn1EncodableVector v = new Asn1EncodableVector();
+					IAsn1Convertible o;
+
+					while ((o = asn1Set.ReadObject()) != null)
+					{
+						Asn1SequenceParser seq = (Asn1SequenceParser)o;
+
+						v.Add(seq.ToAsn1Object());
+					}
+
+					_unprotectedAttributes = new Asn1.Cms.AttributeTable(new DerSet(v));
+				}
+			}
+
+			return _unprotectedAttributes;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
new file mode 100644
index 0000000..8e6d272
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs
@@ -0,0 +1,308 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* General class for generating a CMS enveloped-data message stream.
+	* <p>
+	* A simple example of usage.
+	* <pre>
+	*      CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+	*
+	*      edGen.AddKeyTransRecipient(cert);
+	*
+	*      MemoryStream  bOut = new MemoryStream();
+	*
+	*      Stream out = edGen.Open(
+	*                              bOut, CMSEnvelopedDataGenerator.AES128_CBC);*
+	*      out.Write(data);
+	*
+	*      out.Close();
+	* </pre>
+	* </p>
+	*/
+	public class CmsEnvelopedDataStreamGenerator
+		: CmsEnvelopedGenerator
+	{
+		private object	_originatorInfo = null;
+		private object	_unprotectedAttributes = null;
+		private int		_bufferSize;
+		private bool	_berEncodeRecipientSet;
+
+		public CmsEnvelopedDataStreamGenerator()
+		{
+		}
+
+		/// <summary>Constructor allowing specific source of randomness</summary>
+		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsEnvelopedDataStreamGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+
+		/// <summary>Set the underlying string size for encapsulated data.</summary>
+		/// <param name="bufferSize">Length of octet strings to buffer the data.</param>
+		public void SetBufferSize(
+			int bufferSize)
+		{
+			_bufferSize = bufferSize;
+		}
+
+		/// <summary>Use a BER Set to store the recipient information.</summary>
+		public void SetBerEncodeRecipients(
+			bool berEncodeRecipientSet)
+		{
+			_berEncodeRecipientSet = berEncodeRecipientSet;
+		}
+
+		private DerInteger Version
+		{
+			get
+			{
+				int version = (_originatorInfo != null || _unprotectedAttributes != null)
+					?	2
+					:	0;
+
+				return new DerInteger(version);
+			}
+		}
+
+		/// <summary>
+		/// Generate an enveloped object that contains an CMS Enveloped Data
+		/// object using the passed in key generator.
+		/// </summary>
+		private Stream Open(
+			Stream				outStream,
+			string				encryptionOid,
+			CipherKeyGenerator	keyGen)
+		{
+			byte[] encKeyBytes = keyGen.GenerateKey();
+			KeyParameter encKey = ParameterUtilities.CreateKeyParameter(encryptionOid, encKeyBytes);
+
+			Asn1Encodable asn1Params = GenerateAsn1Parameters(encryptionOid, encKeyBytes);
+
+			ICipherParameters cipherParameters;
+			AlgorithmIdentifier encAlgID = GetAlgorithmIdentifier(
+				encryptionOid, encKey, asn1Params, out cipherParameters);
+
+			Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
+
+			foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
+			{
+				try
+				{
+					recipientInfos.Add(rig.Generate(encKey, rand));
+				}
+				catch (InvalidKeyException e)
+				{
+					throw new CmsException("key inappropriate for algorithm.", e);
+				}
+				catch (GeneralSecurityException e)
+				{
+					throw new CmsException("error making encrypted content.", e);
+				}
+			}
+
+			return Open(outStream, encAlgID, cipherParameters, recipientInfos);
+		}
+
+		private Stream Open(
+			Stream				outStream,
+			AlgorithmIdentifier	encAlgID,
+			ICipherParameters	cipherParameters,
+			Asn1EncodableVector	recipientInfos)
+		{
+			try
+			{
+				//
+				// ContentInfo
+				//
+				BerSequenceGenerator cGen = new BerSequenceGenerator(outStream);
+
+				cGen.AddObject(CmsObjectIdentifiers.EnvelopedData);
+
+				//
+				// Encrypted Data
+				//
+				BerSequenceGenerator envGen = new BerSequenceGenerator(
+					cGen.GetRawOutputStream(), 0, true);
+
+				envGen.AddObject(this.Version);
+
+				Stream envRaw = envGen.GetRawOutputStream();
+				Asn1Generator recipGen = _berEncodeRecipientSet
+					?	(Asn1Generator) new BerSetGenerator(envRaw)
+					:	new DerSetGenerator(envRaw);
+
+				foreach (Asn1Encodable ae in recipientInfos)
+				{
+					recipGen.AddObject(ae);
+				}
+
+				recipGen.Close();
+
+				BerSequenceGenerator eiGen = new BerSequenceGenerator(envRaw);
+				eiGen.AddObject(CmsObjectIdentifiers.Data);
+				eiGen.AddObject(encAlgID);
+
+				Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
+					eiGen.GetRawOutputStream(), 0, false, _bufferSize);
+
+                IBufferedCipher cipher = CipherUtilities.GetCipher(encAlgID.Algorithm);
+				cipher.Init(true, new ParametersWithRandom(cipherParameters, rand));
+				CipherStream cOut = new CipherStream(octetOutputStream, null, cipher);
+
+				return new CmsEnvelopedDataOutputStream(this, cOut, cGen, envGen, eiGen);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("exception decoding algorithm parameters.", e);
+			}
+		}
+
+		/**
+		* generate an enveloped object that contains an CMS Enveloped Data object
+		* @throws IOException
+		*/
+		public Stream Open(
+			Stream	outStream,
+			string	encryptionOid)
+		{
+			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+			keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength));
+
+			return Open(outStream, encryptionOid, keyGen);
+		}
+
+		/**
+		* generate an enveloped object that contains an CMS Enveloped Data object
+		* @throws IOException
+		*/
+		public Stream Open(
+			Stream	outStream,
+			string	encryptionOid,
+			int		keySize)
+		{
+			CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
+
+			keyGen.Init(new KeyGenerationParameters(rand, keySize));
+
+			return Open(outStream, encryptionOid, keyGen);
+		}
+
+		private class CmsEnvelopedDataOutputStream
+			: BaseOutputStream
+		{
+            private readonly CmsEnvelopedGenerator _outer;
+
+			private readonly CipherStream			_out;
+			private readonly BerSequenceGenerator	_cGen;
+			private readonly BerSequenceGenerator	_envGen;
+			private readonly BerSequenceGenerator	_eiGen;
+
+			public CmsEnvelopedDataOutputStream(
+				CmsEnvelopedGenerator	outer,
+				CipherStream			outStream,
+				BerSequenceGenerator	cGen,
+				BerSequenceGenerator	envGen,
+				BerSequenceGenerator	eiGen)
+			{
+				_outer = outer;
+				_out = outStream;
+				_cGen = cGen;
+				_envGen = envGen;
+				_eiGen = eiGen;
+			}
+
+			public override void WriteByte(
+				byte b)
+			{
+				_out.WriteByte(b);
+			}
+
+			public override void Write(
+				byte[]	bytes,
+				int		off,
+				int		len)
+			{
+				_out.Write(bytes, off, len);
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+                    Platform.Dispose(_out);
+
+                    // TODO Parent context(s) should really be closed explicitly
+
+				    _eiGen.Close();
+
+                    if (_outer.unprotectedAttributeGenerator != null)
+                    {
+                        Asn1.Cms.AttributeTable attrTable = _outer.unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable());
+
+                        Asn1Set unprotectedAttrs = new BerSet(attrTable.ToAsn1EncodableVector());
+
+                        _envGen.AddObject(new DerTaggedObject(false, 1, unprotectedAttrs));
+                    }
+
+				    _envGen.Close();
+				    _cGen.Close();
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+                Platform.Dispose(_out);
+
+                // TODO Parent context(s) should really be closed explicitly
+
+				_eiGen.Close();
+
+                if (_outer.unprotectedAttributeGenerator != null)
+                {
+                    Asn1.Cms.AttributeTable attrTable = _outer.unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable());
+
+                    Asn1Set unprotectedAttrs = new BerSet(attrTable.ToAsn1EncodableVector());
+
+                    _envGen.AddObject(new DerTaggedObject(false, 1, unprotectedAttrs));
+                }
+
+				_envGen.Close();
+				_cGen.Close();
+				base.Close();
+			}
+#endif
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedGenerator.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedGenerator.cs
new file mode 100644
index 0000000..f92ae38
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedGenerator.cs
@@ -0,0 +1,331 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* General class for generating a CMS enveloped-data message.
+	*
+	* A simple example of usage.
+	*
+	* <pre>
+	*      CMSEnvelopedDataGenerator  fact = new CMSEnvelopedDataGenerator();
+	*
+	*      fact.addKeyTransRecipient(cert);
+	*
+	*      CMSEnvelopedData         data = fact.generate(content, algorithm, "BC");
+	* </pre>
+	*/
+	public class CmsEnvelopedGenerator
+	{
+		// Note: These tables are complementary: If rc2Table[i]==j, then rc2Ekb[j]==i
+		internal static readonly short[] rc2Table =
+		{
+			0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
+			0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
+			0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
+			0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
+			0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
+			0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
+			0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
+			0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
+			0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
+			0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
+			0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
+			0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
+			0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
+			0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
+			0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
+			0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
+		};
+
+//		internal static readonly short[] rc2Ekb =
+//		{
+//			0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
+//			0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
+//			0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
+//			0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
+//			0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
+//			0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
+//			0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
+//			0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
+//			0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
+//			0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
+//			0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
+//			0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
+//			0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
+//			0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
+//			0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
+//			0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
+//		};
+
+
+		// TODO Create named constants for all of these
+		public static readonly string DesEde3Cbc		= PkcsObjectIdentifiers.DesEde3Cbc.Id;
+		public static readonly string RC2Cbc			= PkcsObjectIdentifiers.RC2Cbc.Id;
+		public const string IdeaCbc						= "1.3.6.1.4.1.188.7.1.1.2";
+		public const string Cast5Cbc					= "1.2.840.113533.7.66.10";
+		public static readonly string Aes128Cbc			= NistObjectIdentifiers.IdAes128Cbc.Id;
+		public static readonly string Aes192Cbc			= NistObjectIdentifiers.IdAes192Cbc.Id;
+		public static readonly string Aes256Cbc			= NistObjectIdentifiers.IdAes256Cbc.Id;
+		public static readonly string Camellia128Cbc	= NttObjectIdentifiers.IdCamellia128Cbc.Id;
+		public static readonly string Camellia192Cbc	= NttObjectIdentifiers.IdCamellia192Cbc.Id;
+		public static readonly string Camellia256Cbc	= NttObjectIdentifiers.IdCamellia256Cbc.Id;
+		public static readonly string SeedCbc			= KisaObjectIdentifiers.IdSeedCbc.Id;
+
+		public static readonly string DesEde3Wrap		= PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id;
+		public static readonly string Aes128Wrap		= NistObjectIdentifiers.IdAes128Wrap.Id;
+		public static readonly string Aes192Wrap		= NistObjectIdentifiers.IdAes192Wrap.Id;
+		public static readonly string Aes256Wrap		= NistObjectIdentifiers.IdAes256Wrap.Id;
+		public static readonly string Camellia128Wrap	= NttObjectIdentifiers.IdCamellia128Wrap.Id;
+		public static readonly string Camellia192Wrap	= NttObjectIdentifiers.IdCamellia192Wrap.Id;
+		public static readonly string Camellia256Wrap	= NttObjectIdentifiers.IdCamellia256Wrap.Id;
+		public static readonly string SeedWrap			= KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id;
+
+		public static readonly string ECDHSha1Kdf		= X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.Id;
+		public static readonly string ECMqvSha1Kdf		= X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id;
+
+		internal readonly IList recipientInfoGenerators = Platform.CreateArrayList();
+		internal readonly SecureRandom rand;
+
+        internal CmsAttributeTableGenerator unprotectedAttributeGenerator = null;
+
+		public CmsEnvelopedGenerator()
+			: this(new SecureRandom())
+		{
+		}
+
+		/// <summary>Constructor allowing specific source of randomness</summary>
+		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsEnvelopedGenerator(
+			SecureRandom rand)
+		{
+			this.rand = rand;
+		}
+
+        public CmsAttributeTableGenerator UnprotectedAttributeGenerator
+        {
+            get { return this.unprotectedAttributeGenerator; }
+            set { this.unprotectedAttributeGenerator = value; }
+        }
+
+		/**
+		 * add a recipient.
+		 *
+		 * @param cert recipient's public key certificate
+		 * @exception ArgumentException if there is a problem with the certificate
+		 */
+		public void AddKeyTransRecipient(
+			X509Certificate cert)
+		{
+			KeyTransRecipientInfoGenerator ktrig = new KeyTransRecipientInfoGenerator();
+			ktrig.RecipientCert = cert;
+
+			recipientInfoGenerators.Add(ktrig);
+		}
+
+		/**
+		* add a recipient
+		*
+		* @param key the public key used by the recipient
+		* @param subKeyId the identifier for the recipient's public key
+		* @exception ArgumentException if there is a problem with the key
+		*/
+		public void AddKeyTransRecipient(
+			AsymmetricKeyParameter	pubKey,
+			byte[]					subKeyId)
+		{
+			KeyTransRecipientInfoGenerator ktrig = new KeyTransRecipientInfoGenerator();
+			ktrig.RecipientPublicKey = pubKey;
+			ktrig.SubjectKeyIdentifier = new DerOctetString(subKeyId);
+
+			recipientInfoGenerators.Add(ktrig);
+		}
+
+		/**
+		 * add a KEK recipient.
+		 * @param key the secret key to use for wrapping
+		 * @param keyIdentifier the byte string that identifies the key
+		 */
+		public void AddKekRecipient(
+			string			keyAlgorithm, // TODO Remove need for this parameter
+			KeyParameter	key,
+			byte[]			keyIdentifier)
+		{
+			AddKekRecipient(keyAlgorithm, key, new KekIdentifier(keyIdentifier, null, null));
+		}
+
+		/**
+		* add a KEK recipient.
+		* @param key the secret key to use for wrapping
+		* @param keyIdentifier the byte string that identifies the key
+		*/
+		public void AddKekRecipient(
+			string			keyAlgorithm, // TODO Remove need for this parameter
+			KeyParameter	key,
+			KekIdentifier	kekIdentifier)
+		{
+			KekRecipientInfoGenerator kekrig = new KekRecipientInfoGenerator();
+			kekrig.KekIdentifier = kekIdentifier;
+			kekrig.KeyEncryptionKeyOID = keyAlgorithm;
+			kekrig.KeyEncryptionKey = key;
+
+			recipientInfoGenerators.Add(kekrig);
+		}
+
+		public void AddPasswordRecipient(
+			CmsPbeKey	pbeKey,
+			string		kekAlgorithmOid)
+		{
+			Pbkdf2Params p = new Pbkdf2Params(pbeKey.Salt, pbeKey.IterationCount);
+
+			PasswordRecipientInfoGenerator prig = new PasswordRecipientInfoGenerator();
+			prig.KeyDerivationAlgorithm = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbkdf2, p);
+			prig.KeyEncryptionKeyOID = kekAlgorithmOid;
+			prig.KeyEncryptionKey = pbeKey.GetEncoded(kekAlgorithmOid);
+
+			recipientInfoGenerators.Add(prig);
+		}
+
+		/**
+		* Add a key agreement based recipient.
+		*
+		* @param agreementAlgorithm key agreement algorithm to use.
+		* @param senderPrivateKey private key to initialise sender side of agreement with.
+		* @param senderPublicKey sender public key to include with message.
+		* @param recipientCert recipient's public key certificate.
+		* @param cekWrapAlgorithm OID for key wrapping algorithm to use.
+		* @exception SecurityUtilityException if the algorithm requested cannot be found
+		* @exception InvalidKeyException if the keys are inappropriate for the algorithm specified
+		*/
+		public void AddKeyAgreementRecipient(
+			string					agreementAlgorithm,
+			AsymmetricKeyParameter	senderPrivateKey,
+			AsymmetricKeyParameter	senderPublicKey,
+			X509Certificate			recipientCert,
+			string					cekWrapAlgorithm)
+		{
+            IList recipientCerts = Platform.CreateArrayList(1);
+			recipientCerts.Add(recipientCert);
+
+			AddKeyAgreementRecipients(agreementAlgorithm, senderPrivateKey, senderPublicKey,
+				recipientCerts, cekWrapAlgorithm);
+		}
+
+		/**
+		 * Add multiple key agreement based recipients (sharing a single KeyAgreeRecipientInfo structure).
+		 *
+		 * @param agreementAlgorithm key agreement algorithm to use.
+		 * @param senderPrivateKey private key to initialise sender side of agreement with.
+		 * @param senderPublicKey sender public key to include with message.
+		 * @param recipientCerts recipients' public key certificates.
+		 * @param cekWrapAlgorithm OID for key wrapping algorithm to use.
+		 * @exception SecurityUtilityException if the algorithm requested cannot be found
+		 * @exception InvalidKeyException if the keys are inappropriate for the algorithm specified
+		 */
+		public void AddKeyAgreementRecipients(
+			string					agreementAlgorithm,
+			AsymmetricKeyParameter	senderPrivateKey,
+			AsymmetricKeyParameter	senderPublicKey,
+			ICollection				recipientCerts,
+			string					cekWrapAlgorithm)
+		{
+			if (!senderPrivateKey.IsPrivate)
+				throw new ArgumentException("Expected private key", "senderPrivateKey");
+			if (senderPublicKey.IsPrivate)
+				throw new ArgumentException("Expected public key", "senderPublicKey");
+
+			/* TODO
+			 * "a recipient X.509 version 3 certificate that contains a key usage extension MUST
+			 * assert the keyAgreement bit."
+			 */
+
+			KeyAgreeRecipientInfoGenerator karig = new KeyAgreeRecipientInfoGenerator();
+			karig.KeyAgreementOID = new DerObjectIdentifier(agreementAlgorithm);
+			karig.KeyEncryptionOID = new DerObjectIdentifier(cekWrapAlgorithm);
+			karig.RecipientCerts = recipientCerts;
+			karig.SenderKeyPair = new AsymmetricCipherKeyPair(senderPublicKey, senderPrivateKey);
+
+			recipientInfoGenerators.Add(karig);
+		}
+
+        protected internal virtual AlgorithmIdentifier GetAlgorithmIdentifier(
+			string					encryptionOid,
+			KeyParameter			encKey,
+			Asn1Encodable			asn1Params,
+			out ICipherParameters	cipherParameters)
+		{
+			Asn1Object asn1Object;
+			if (asn1Params != null)
+			{
+				asn1Object = asn1Params.ToAsn1Object();
+				cipherParameters = ParameterUtilities.GetCipherParameters(
+					encryptionOid, encKey, asn1Object);
+			}
+			else
+			{
+				asn1Object = DerNull.Instance;
+				cipherParameters = encKey;
+			}
+
+			return new AlgorithmIdentifier(
+				new DerObjectIdentifier(encryptionOid),
+				asn1Object);
+		}
+
+		protected internal virtual Asn1Encodable GenerateAsn1Parameters(
+			string	encryptionOid,
+			byte[]	encKeyBytes)
+		{
+			Asn1Encodable asn1Params = null;
+
+			try
+			{
+				if (encryptionOid.Equals(RC2Cbc))
+				{
+					byte[] iv = new byte[8];
+					rand.NextBytes(iv);
+
+					// TODO Is this detailed repeat of Java version really necessary?
+					int effKeyBits = encKeyBytes.Length * 8;
+					int parameterVersion;
+
+					if (effKeyBits < 256)
+					{
+						parameterVersion = rc2Table[effKeyBits];
+					}
+					else
+					{
+						parameterVersion = effKeyBits;
+					}
+
+					asn1Params = new RC2CbcParameter(parameterVersion, iv);
+				}
+				else
+				{
+					asn1Params = ParameterUtilities.GenerateParameters(encryptionOid, rand);
+				}
+			}
+			catch (SecurityUtilityException)
+			{
+				// No problem... no parameters generated
+			}
+
+			return asn1Params;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSEnvelopedHelper.cs b/bc-sharp-crypto/src/cms/CMSEnvelopedHelper.cs
new file mode 100644
index 0000000..77d2da4
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSEnvelopedHelper.cs
@@ -0,0 +1,311 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	class CmsEnvelopedHelper
+	{
+		internal static readonly CmsEnvelopedHelper Instance = new CmsEnvelopedHelper();
+
+		private static readonly IDictionary KeySizes = Platform.CreateHashtable();
+		private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable();
+
+		static CmsEnvelopedHelper()
+		{
+			KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192);
+			KeySizes.Add(CmsEnvelopedGenerator.Aes128Cbc, 128);
+			KeySizes.Add(CmsEnvelopedGenerator.Aes192Cbc, 192);
+			KeySizes.Add(CmsEnvelopedGenerator.Aes256Cbc, 256);
+
+			BaseCipherNames.Add(CmsEnvelopedGenerator.DesEde3Cbc,  "DESEDE");
+			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes128Cbc,  "AES");
+			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes192Cbc,  "AES");
+			BaseCipherNames.Add(CmsEnvelopedGenerator.Aes256Cbc,  "AES");
+		}
+
+		private string GetAsymmetricEncryptionAlgName(
+			string encryptionAlgOid)
+		{
+			if (Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption.Id.Equals(encryptionAlgOid))
+			{
+				return "RSA/ECB/PKCS1Padding";
+			}
+
+			return encryptionAlgOid;
+		}
+
+		internal IBufferedCipher CreateAsymmetricCipher(
+			string encryptionOid)
+		{
+			string asymName = GetAsymmetricEncryptionAlgName(encryptionOid);
+			if (!asymName.Equals(encryptionOid))
+			{
+				try
+				{
+					return CipherUtilities.GetCipher(asymName);
+				}
+				catch (SecurityUtilityException)
+				{
+					// Ignore
+				}
+			}
+			return CipherUtilities.GetCipher(encryptionOid);
+		}
+
+		internal IWrapper CreateWrapper(
+			string encryptionOid)
+		{
+			try
+			{
+				return WrapperUtilities.GetWrapper(encryptionOid);
+			}
+			catch (SecurityUtilityException)
+			{
+				return WrapperUtilities.GetWrapper(GetAsymmetricEncryptionAlgName(encryptionOid));
+			}
+		}
+
+		internal string GetRfc3211WrapperName(
+			string oid)
+		{
+			if (oid == null)
+				throw new ArgumentNullException("oid");
+
+			string alg = (string) BaseCipherNames[oid];
+
+			if (alg == null)
+				throw new ArgumentException("no name for " + oid, "oid");
+
+			return alg + "RFC3211Wrap";
+		}
+
+		internal int GetKeySize(
+			string oid)
+		{
+			if (!KeySizes.Contains(oid))
+			{
+				throw new ArgumentException("no keysize for " + oid, "oid");
+			}
+
+			return (int) KeySizes[oid];
+		}
+
+		internal static RecipientInformationStore BuildRecipientInformationStore(
+			Asn1Set recipientInfos, CmsSecureReadable secureReadable)
+		{
+			IList infos = Platform.CreateArrayList();
+			for (int i = 0; i != recipientInfos.Count; i++)
+			{
+				RecipientInfo info = RecipientInfo.GetInstance(recipientInfos[i]);
+
+				ReadRecipientInfo(infos, info, secureReadable);
+			}
+			return new RecipientInformationStore(infos);
+		}
+
+		private static void ReadRecipientInfo(
+			IList infos, RecipientInfo info, CmsSecureReadable secureReadable)
+		{
+			Asn1Encodable recipInfo = info.Info;
+			if (recipInfo is KeyTransRecipientInfo)
+			{
+				infos.Add(new KeyTransRecipientInformation((KeyTransRecipientInfo)recipInfo, secureReadable));
+			}
+			else if (recipInfo is KekRecipientInfo)
+			{
+				infos.Add(new KekRecipientInformation((KekRecipientInfo)recipInfo, secureReadable));
+			}
+			else if (recipInfo is KeyAgreeRecipientInfo)
+			{
+				KeyAgreeRecipientInformation.ReadRecipientInfo(infos, (KeyAgreeRecipientInfo)recipInfo, secureReadable);
+			}
+			else if (recipInfo is PasswordRecipientInfo)
+			{
+				infos.Add(new PasswordRecipientInformation((PasswordRecipientInfo)recipInfo, secureReadable));
+			}
+		}
+
+		internal class CmsAuthenticatedSecureReadable : CmsSecureReadable
+		{
+			private AlgorithmIdentifier algorithm;
+			private IMac mac;
+			private CmsReadable readable;
+
+			internal CmsAuthenticatedSecureReadable(AlgorithmIdentifier algorithm, CmsReadable readable)
+			{
+				this.algorithm = algorithm;
+				this.readable = readable;
+			}
+
+			public AlgorithmIdentifier Algorithm
+			{
+				get { return this.algorithm; }
+			}
+
+			public object CryptoObject
+			{
+				get { return this.mac; }
+			}
+
+			public CmsReadable GetReadable(KeyParameter sKey)
+			{
+                string macAlg = this.algorithm.Algorithm.Id;
+//				Asn1Object sParams = this.algorithm.Parameters.ToAsn1Object();
+
+				try
+				{
+					this.mac = MacUtilities.GetMac(macAlg);
+
+					// FIXME Support for MAC algorithm parameters similar to cipher parameters
+//						ASN1Object sParams = (ASN1Object)macAlg.getParameters();
+//
+//						if (sParams != null && !(sParams instanceof ASN1Null))
+//						{
+//							AlgorithmParameters params = CMSEnvelopedHelper.INSTANCE.createAlgorithmParameters(macAlg.getObjectId().getId(), provider);
+//
+//							params.init(sParams.getEncoded(), "ASN.1");
+//
+//							mac.init(sKey, params.getParameterSpec(IvParameterSpec.class));
+//						}
+//						else
+					{
+						mac.Init(sKey);
+					}
+
+//						Asn1Object asn1Params = asn1Enc == null ? null : asn1Enc.ToAsn1Object();
+//
+//						ICipherParameters cipherParameters = sKey;
+//
+//						if (asn1Params != null && !(asn1Params is Asn1Null))
+//						{
+//							cipherParameters = ParameterUtilities.GetCipherParameters(
+//							macAlg.Algorithm, cipherParameters, asn1Params);
+//						}
+//						else
+//						{
+//							string alg = macAlg.Algorithm.Id;
+//							if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc)
+//								|| alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc)
+//								|| alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc))
+//							{
+//								cipherParameters = new ParametersWithIV(cipherParameters, new byte[8]);
+//							}
+//						}
+//
+//						mac.Init(cipherParameters);
+				}
+				catch (SecurityUtilityException e)
+				{
+					throw new CmsException("couldn't create cipher.", e);
+				}
+				catch (InvalidKeyException e)
+				{
+					throw new CmsException("key invalid in message.", e);
+				}
+				catch (IOException e)
+				{
+					throw new CmsException("error decoding algorithm parameters.", e);
+				}
+
+				try
+				{
+					return new CmsProcessableInputStream(
+						new TeeInputStream(
+							readable.GetInputStream(),
+							new MacOutputStream(this.mac)));
+				}
+				catch (IOException e)
+				{
+					throw new CmsException("error reading content.", e);
+				}
+			}
+		}
+
+		internal class CmsEnvelopedSecureReadable : CmsSecureReadable
+		{
+			private AlgorithmIdentifier algorithm;
+			private IBufferedCipher cipher;
+			private CmsReadable readable;
+
+			internal CmsEnvelopedSecureReadable(AlgorithmIdentifier algorithm, CmsReadable readable)
+			{
+				this.algorithm = algorithm;
+				this.readable = readable;
+			}
+
+			public AlgorithmIdentifier Algorithm
+			{
+				get { return this.algorithm; }
+			}
+
+			public object CryptoObject
+			{
+				get { return this.cipher; }
+			}
+
+			public CmsReadable GetReadable(KeyParameter sKey)
+			{
+				try
+				{
+                    this.cipher = CipherUtilities.GetCipher(this.algorithm.Algorithm);
+
+					Asn1Encodable asn1Enc = this.algorithm.Parameters;
+					Asn1Object asn1Params = asn1Enc == null ? null : asn1Enc.ToAsn1Object();
+
+					ICipherParameters cipherParameters = sKey;
+
+					if (asn1Params != null && !(asn1Params is Asn1Null))
+					{
+						cipherParameters = ParameterUtilities.GetCipherParameters(
+                            this.algorithm.Algorithm, cipherParameters, asn1Params);
+					}
+					else
+					{
+                        string alg = this.algorithm.Algorithm.Id;
+						if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc)
+							|| alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc)
+							|| alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc))
+						{
+							cipherParameters = new ParametersWithIV(cipherParameters, new byte[8]);
+						}
+					}
+
+					cipher.Init(false, cipherParameters);
+				}
+				catch (SecurityUtilityException e)
+				{
+					throw new CmsException("couldn't create cipher.", e);
+				}
+				catch (InvalidKeyException e)
+				{
+					throw new CmsException("key invalid in message.", e);
+				}
+				catch (IOException e)
+				{
+					throw new CmsException("error decoding algorithm parameters.", e);
+				}
+
+				try
+				{
+					return new CmsProcessableInputStream(
+						new CipherStream(readable.GetInputStream(), cipher, null));
+				}
+				catch (IOException e)
+				{
+					throw new CmsException("error reading content.", e);
+				}
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/cms/CMSException.cs b/bc-sharp-crypto/src/cms/CMSException.cs
new file mode 100644
index 0000000..29fe0a6
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Cms
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CmsException
+		: Exception
+	{
+		public CmsException()
+		{
+		}
+
+		public CmsException(
+			string msg)
+			: base(msg)
+		{
+		}
+
+		public CmsException(
+			string		msg,
+			Exception	e)
+			: base(msg, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSPBEKey.cs b/bc-sharp-crypto/src/cms/CMSPBEKey.cs
new file mode 100644
index 0000000..e03307e
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSPBEKey.cs
@@ -0,0 +1,109 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+//import javax.crypto.interfaces.PBEKey;
+
+namespace Org.BouncyCastle.Cms
+{
+	public abstract class CmsPbeKey
+		// TODO Create an equivalent interface somewhere?
+		//	: PBEKey
+		: ICipherParameters
+	{
+		internal readonly char[]	password;
+		internal readonly byte[]	salt;
+		internal readonly int		iterationCount;
+
+		[Obsolete("Use version taking 'char[]' instead")]
+		public CmsPbeKey(
+			string	password,
+			byte[]	salt,
+			int		iterationCount)
+			: this(password.ToCharArray(), salt, iterationCount)
+		{
+		}
+
+		[Obsolete("Use version taking 'char[]' instead")]
+		public CmsPbeKey(
+			string				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+			: this(password.ToCharArray(), keyDerivationAlgorithm)
+		{
+		}
+		
+		public CmsPbeKey(
+			char[]	password,
+			byte[]	salt,
+			int		iterationCount)
+		{
+			this.password = (char[])password.Clone();
+			this.salt = Arrays.Clone(salt);
+			this.iterationCount = iterationCount;
+		}
+
+		public CmsPbeKey(
+			char[]				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+		{
+            if (!keyDerivationAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2))
+				throw new ArgumentException("Unsupported key derivation algorithm: "
+                    + keyDerivationAlgorithm.Algorithm);
+
+			Pbkdf2Params kdfParams = Pbkdf2Params.GetInstance(
+				keyDerivationAlgorithm.Parameters.ToAsn1Object());
+
+			this.password = (char[])password.Clone();
+			this.salt = kdfParams.GetSalt();
+			this.iterationCount = kdfParams.IterationCount.IntValue;
+		}
+
+		~CmsPbeKey()
+		{
+			Array.Clear(this.password, 0, this.password.Length);
+		}
+
+		[Obsolete("Will be removed")]
+		public string Password
+		{
+			get { return new string(password); }
+		}
+
+		public byte[] Salt
+		{
+			get { return Arrays.Clone(salt); }
+		}
+
+		[Obsolete("Use 'Salt' property instead")]
+		public byte[] GetSalt()
+		{
+			return Salt;
+		}
+
+		public int IterationCount
+		{
+			get { return iterationCount; }
+		}
+
+		public string Algorithm
+		{
+			get { return "PKCS5S2"; }
+		}
+
+		public string Format
+		{
+			get { return "RAW"; }
+		}
+
+		public byte[] GetEncoded()
+		{
+			return null;
+		}
+
+		internal abstract KeyParameter GetEncoded(string algorithmOid);
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSProcessable.cs b/bc-sharp-crypto/src/cms/CMSProcessable.cs
new file mode 100644
index 0000000..41018d1
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSProcessable.cs
@@ -0,0 +1,19 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	public interface CmsProcessable
+	{
+		/// <summary>
+		/// Generic routine to copy out the data we want processed.
+		/// </summary>
+		/// <remarks>
+		/// This routine may be called multiple times.
+		/// </remarks>
+		void Write(Stream outStream);
+
+		[Obsolete]
+		object GetContent();
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSProcessableByteArray.cs b/bc-sharp-crypto/src/cms/CMSProcessableByteArray.cs
new file mode 100644
index 0000000..a6ab9b6
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSProcessableByteArray.cs
@@ -0,0 +1,36 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* a holding class for a byte array of data to be processed.
+	*/
+	public class CmsProcessableByteArray
+		: CmsProcessable, CmsReadable
+	{
+		private readonly byte[] bytes;
+
+        public CmsProcessableByteArray(byte[] bytes)
+		{
+			this.bytes = bytes;
+		}
+
+        public virtual Stream GetInputStream()
+		{
+			return new MemoryStream(bytes, false);
+		}
+
+        public virtual void Write(Stream zOut)
+		{
+			zOut.Write(bytes, 0, bytes.Length);
+		}
+
+        /// <returns>A clone of the byte array</returns>
+        [Obsolete]
+		public virtual object GetContent()
+		{
+			return bytes.Clone();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSProcessableFile.cs b/bc-sharp-crypto/src/cms/CMSProcessableFile.cs
new file mode 100644
index 0000000..c74d2a8
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSProcessableFile.cs
@@ -0,0 +1,52 @@
+#if !PORTABLE || DOTNET
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* a holding class for a file of data to be processed.
+	*/
+	public class CmsProcessableFile
+		: CmsProcessable, CmsReadable
+	{
+		private const int DefaultBufSize = 32 * 1024;
+
+        private readonly FileInfo	_file;
+		private readonly int		_bufSize;
+
+        public CmsProcessableFile(FileInfo file)
+			: this(file, DefaultBufSize)
+		{
+		}
+
+        public CmsProcessableFile(FileInfo file, int bufSize)
+		{
+			_file = file;
+			_bufSize = bufSize;
+		}
+
+        public virtual Stream GetInputStream()
+		{
+			return new FileStream(_file.FullName, FileMode.Open, FileAccess.Read, FileShare.Read, _bufSize);
+		}
+
+        public virtual void Write(Stream zOut)
+		{
+			Stream inStr = GetInputStream();
+			Streams.PipeAll(inStr, zOut);
+            Platform.Dispose(inStr);
+		}
+
+        /// <returns>The file handle</returns>
+		[Obsolete]
+		public virtual object GetContent()
+		{
+			return _file;
+		}
+	}
+}
+#endif
diff --git a/bc-sharp-crypto/src/cms/CMSProcessableInputStream.cs b/bc-sharp-crypto/src/cms/CMSProcessableInputStream.cs
new file mode 100644
index 0000000..b2abd6f
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSProcessableInputStream.cs
@@ -0,0 +1,53 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class CmsProcessableInputStream
+		: CmsProcessable, CmsReadable
+	{
+		private readonly Stream input;
+
+        private bool used = false;
+
+        public CmsProcessableInputStream(Stream input)
+		{
+			this.input = input;
+		}
+
+        public virtual Stream GetInputStream()
+		{
+			CheckSingleUsage();
+
+            return input;
+		}
+
+        public virtual void Write(Stream output)
+		{
+			CheckSingleUsage();
+
+			Streams.PipeAll(input, output);
+            Platform.Dispose(input);
+		}
+
+        [Obsolete]
+		public virtual object GetContent()
+		{
+			return GetInputStream();
+		}
+
+        protected virtual void CheckSingleUsage()
+		{
+			lock (this)
+			{
+				if (used)
+					throw new InvalidOperationException("CmsProcessableInputStream can only be used once");
+
+                used = true;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSReadable.cs b/bc-sharp-crypto/src/cms/CMSReadable.cs
new file mode 100644
index 0000000..ad83ba0
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSReadable.cs
@@ -0,0 +1,10 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	public interface CmsReadable
+	{
+		Stream GetInputStream();
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSecureReadable.cs b/bc-sharp-crypto/src/cms/CMSSecureReadable.cs
new file mode 100644
index 0000000..5ceac24
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSecureReadable.cs
@@ -0,0 +1,14 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal interface CmsSecureReadable
+	{
+		AlgorithmIdentifier Algorithm { get; }
+		object CryptoObject { get; }
+		CmsReadable GetReadable(KeyParameter key);
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedData.cs b/bc-sharp-crypto/src/cms/CMSSignedData.cs
new file mode 100644
index 0000000..237c152
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedData.cs
@@ -0,0 +1,425 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* general class for handling a pkcs7-signature message.
+	*
+	* A simple example of usage - note, in the example below the validity of
+	* the certificate isn't verified, just the fact that one of the certs
+	* matches the given signer...
+	*
+	* <pre>
+	*  IX509Store              certs = s.GetCertificates();
+	*  SignerInformationStore  signers = s.GetSignerInfos();
+	*
+	*  foreach (SignerInformation signer in signers.GetSigners())
+	*  {
+	*      ArrayList       certList = new ArrayList(certs.GetMatches(signer.SignerID));
+	*      X509Certificate cert = (X509Certificate) certList[0];
+	*
+	*      if (signer.Verify(cert.GetPublicKey()))
+	*      {
+	*          verified++;
+	*      }
+	*  }
+	* </pre>
+	*/
+	public class CmsSignedData
+	{
+		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
+
+		private readonly CmsProcessable	signedContent;
+		private SignedData				signedData;
+		private ContentInfo				contentInfo;
+		private SignerInformationStore	signerInfoStore;
+		private IX509Store				attrCertStore;
+		private IX509Store				certificateStore;
+		private IX509Store				crlStore;
+		private IDictionary				hashes;
+
+		private CmsSignedData(
+			CmsSignedData c)
+		{
+			this.signedData = c.signedData;
+			this.contentInfo = c.contentInfo;
+			this.signedContent = c.signedContent;
+			this.signerInfoStore = c.signerInfoStore;
+		}
+
+		public CmsSignedData(
+			byte[] sigBlock)
+			: this(CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false)))
+		{
+		}
+
+		public CmsSignedData(
+			CmsProcessable	signedContent,
+			byte[]			sigBlock)
+			: this(signedContent, CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false)))
+		{
+		}
+
+		/**
+		 * Content with detached signature, digests precomputed
+		 *
+		 * @param hashes a map of precomputed digests for content indexed by name of hash.
+		 * @param sigBlock the signature object.
+		 */
+		public CmsSignedData(
+			IDictionary	hashes,
+			byte[]		sigBlock)
+			: this(hashes, CmsUtilities.ReadContentInfo(sigBlock))
+		{
+		}
+
+		/**
+		* base constructor - content with detached signature.
+		*
+		* @param signedContent the content that was signed.
+		* @param sigData the signature object.
+		*/
+		public CmsSignedData(
+			CmsProcessable	signedContent,
+			Stream			sigData)
+			: this(signedContent, CmsUtilities.ReadContentInfo(sigData))
+		{
+		}
+
+		/**
+		* base constructor - with encapsulated content
+		*/
+		public CmsSignedData(
+			Stream sigData)
+			: this(CmsUtilities.ReadContentInfo(sigData))
+		{
+		}
+
+		public CmsSignedData(
+			CmsProcessable  signedContent,
+			ContentInfo     sigData)
+		{
+			this.signedContent = signedContent;
+			this.contentInfo = sigData;
+			this.signedData = SignedData.GetInstance(contentInfo.Content);
+		}
+
+		public CmsSignedData(
+			IDictionary	hashes,
+			ContentInfo	sigData)
+		{
+			this.hashes = hashes;
+			this.contentInfo = sigData;
+			this.signedData = SignedData.GetInstance(contentInfo.Content);
+		}
+
+		public CmsSignedData(
+			ContentInfo sigData)
+		{
+			this.contentInfo = sigData;
+			this.signedData = SignedData.GetInstance(contentInfo.Content);
+
+			//
+			// this can happen if the signed message is sent simply to send a
+			// certificate chain.
+			//
+			if (signedData.EncapContentInfo.Content != null)
+			{
+				this.signedContent = new CmsProcessableByteArray(
+					((Asn1OctetString)(signedData.EncapContentInfo.Content)).GetOctets());
+			}
+//			else
+//			{
+//				this.signedContent = null;
+//			}
+		}
+
+		/// <summary>Return the version number for this object.</summary>
+		public int Version
+		{
+			get { return signedData.Version.Value.IntValue; }
+		}
+
+		/**
+		* return the collection of signers that are associated with the
+		* signatures for the message.
+		*/
+		public SignerInformationStore GetSignerInfos()
+		{
+			if (signerInfoStore == null)
+			{
+                IList signerInfos = Platform.CreateArrayList();
+				Asn1Set s = signedData.SignerInfos;
+
+				foreach (object obj in s)
+				{
+					SignerInfo info = SignerInfo.GetInstance(obj);
+					DerObjectIdentifier contentType = signedData.EncapContentInfo.ContentType;
+
+					if (hashes == null)
+					{
+						signerInfos.Add(new SignerInformation(info, contentType, signedContent, null));
+					}
+					else
+					{
+                        byte[] hash = (byte[])hashes[info.DigestAlgorithm.Algorithm.Id];
+
+						signerInfos.Add(new SignerInformation(info, contentType, null, new BaseDigestCalculator(hash)));
+					}
+				}
+
+				signerInfoStore = new SignerInformationStore(signerInfos);
+			}
+
+			return signerInfoStore;
+		}
+
+		/**
+		 * return a X509Store containing the attribute certificates, if any, contained
+		 * in this message.
+		 *
+		 * @param type type of store to create
+		 * @return a store of attribute certificates
+		 * @exception NoSuchStoreException if the store type isn't available.
+		 * @exception CmsException if a general exception prevents creation of the X509Store
+		 */
+		public IX509Store GetAttributeCertificates(
+			string type)
+		{
+			if (attrCertStore == null)
+			{
+				attrCertStore = Helper.CreateAttributeStore(type, signedData.Certificates);
+			}
+
+			return attrCertStore;
+		}
+
+		/**
+		 * return a X509Store containing the public key certificates, if any, contained
+		 * in this message.
+		 *
+		 * @param type type of store to create
+		 * @return a store of public key certificates
+		 * @exception NoSuchStoreException if the store type isn't available.
+		 * @exception CmsException if a general exception prevents creation of the X509Store
+		 */
+		public IX509Store GetCertificates(
+			string type)
+		{
+			if (certificateStore == null)
+			{
+				certificateStore = Helper.CreateCertificateStore(type, signedData.Certificates);
+			}
+
+			return certificateStore;
+		}
+
+		/**
+		* return a X509Store containing CRLs, if any, contained
+		* in this message.
+		*
+		* @param type type of store to create
+		* @return a store of CRLs
+		* @exception NoSuchStoreException if the store type isn't available.
+		* @exception CmsException if a general exception prevents creation of the X509Store
+		*/
+		public IX509Store GetCrls(
+			string type)
+		{
+			if (crlStore == null)
+			{
+				crlStore = Helper.CreateCrlStore(type, signedData.CRLs);
+			}
+
+			return crlStore;
+		}
+
+		[Obsolete("Use 'SignedContentType' property instead.")]
+		public string SignedContentTypeOid
+		{
+			get { return signedData.EncapContentInfo.ContentType.Id; }
+		}
+
+		/// <summary>
+		/// Return the <c>DerObjectIdentifier</c> associated with the encapsulated
+		/// content info structure carried in the signed data.
+		/// </summary>
+		public DerObjectIdentifier SignedContentType
+		{
+			get { return signedData.EncapContentInfo.ContentType; }
+		}
+
+		public CmsProcessable SignedContent
+		{
+			get { return signedContent; }
+		}
+
+		/**
+		 * return the ContentInfo
+		 */
+		public ContentInfo ContentInfo
+		{
+			get { return contentInfo; }
+		}
+
+		/**
+		* return the ASN.1 encoded representation of this object.
+		*/
+		public byte[] GetEncoded()
+		{
+			return contentInfo.GetEncoded();
+		}
+
+		/**
+		* Replace the signerinformation store associated with this
+		* CmsSignedData object with the new one passed in. You would
+		* probably only want to do this if you wanted to change the unsigned
+		* attributes associated with a signer, or perhaps delete one.
+		*
+		* @param signedData the signed data object to be used as a base.
+		* @param signerInformationStore the new signer information store to use.
+		* @return a new signed data object.
+		*/
+		public static CmsSignedData ReplaceSigners(
+			CmsSignedData           signedData,
+			SignerInformationStore  signerInformationStore)
+		{
+			//
+			// copy
+			//
+			CmsSignedData cms = new CmsSignedData(signedData);
+
+			//
+			// replace the store
+			//
+			cms.signerInfoStore = signerInformationStore;
+
+			//
+			// replace the signers in the SignedData object
+			//
+			Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
+			Asn1EncodableVector vec = new Asn1EncodableVector();
+
+			foreach (SignerInformation signer in signerInformationStore.GetSigners())
+			{
+				digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID));
+				vec.Add(signer.ToSignerInfo());
+			}
+
+			Asn1Set digests = new DerSet(digestAlgs);
+			Asn1Set signers = new DerSet(vec);
+			Asn1Sequence sD = (Asn1Sequence)signedData.signedData.ToAsn1Object();
+
+			//
+			// signers are the last item in the sequence.
+			//
+			vec = new Asn1EncodableVector(
+				sD[0], // version
+				digests);
+
+			for (int i = 2; i != sD.Count - 1; i++)
+			{
+				vec.Add(sD[i]);
+			}
+
+			vec.Add(signers);
+
+			cms.signedData = SignedData.GetInstance(new BerSequence(vec));
+
+			//
+			// replace the contentInfo with the new one
+			//
+			cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData);
+
+			return cms;
+		}
+
+		/**
+		* Replace the certificate and CRL information associated with this
+		* CmsSignedData object with the new one passed in.
+		*
+		* @param signedData the signed data object to be used as a base.
+		* @param x509Certs the new certificates to be used.
+		* @param x509Crls the new CRLs to be used.
+		* @return a new signed data object.
+		* @exception CmsException if there is an error processing the stores
+		*/
+		public static CmsSignedData ReplaceCertificatesAndCrls(
+			CmsSignedData	signedData,
+			IX509Store		x509Certs,
+			IX509Store		x509Crls,
+			IX509Store		x509AttrCerts)
+		{
+			if (x509AttrCerts != null)
+				throw Platform.CreateNotImplementedException("Currently can't replace attribute certificates");
+
+			//
+			// copy
+			//
+			CmsSignedData cms = new CmsSignedData(signedData);
+
+			//
+			// replace the certs and crls in the SignedData object
+			//
+			Asn1Set certs = null;
+			try
+			{
+				Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
+					CmsUtilities.GetCertificatesFromStore(x509Certs));
+
+				if (asn1Set.Count != 0)
+				{
+					certs = asn1Set;
+				}
+			}
+			catch (X509StoreException e)
+			{
+				throw new CmsException("error getting certificates from store", e);
+			}
+
+			Asn1Set crls = null;
+			try
+			{
+				Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
+					CmsUtilities.GetCrlsFromStore(x509Crls));
+
+				if (asn1Set.Count != 0)
+				{
+					crls = asn1Set;
+				}
+			}
+			catch (X509StoreException e)
+			{
+				throw new CmsException("error getting CRLs from store", e);
+			}
+
+			//
+			// replace the CMS structure.
+			//
+			SignedData old = signedData.signedData;
+			cms.signedData = new SignedData(
+				old.DigestAlgorithms,
+				old.EncapContentInfo,
+				certs,
+				crls,
+				old.SignerInfos);
+
+			//
+			// replace the contentInfo with the new one
+			//
+			cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData);
+
+			return cms;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedDataGenerator.cs b/bc-sharp-crypto/src/cms/CMSSignedDataGenerator.cs
new file mode 100644
index 0000000..f63ed87
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedDataGenerator.cs
@@ -0,0 +1,585 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Crypto.Operators;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+     * general class for generating a pkcs7-signature message.
+     * <p>
+     * A simple example of usage.
+     *
+     * <pre>
+     *      IX509Store certs...
+     *      IX509Store crls...
+     *      CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+     *
+     *      gen.AddSigner(privKey, cert, CmsSignedGenerator.DigestSha1);
+     *      gen.AddCertificates(certs);
+     *      gen.AddCrls(crls);
+     *
+     *      CmsSignedData data = gen.Generate(content);
+     * </pre>
+	 * </p>
+     */
+    public class CmsSignedDataGenerator
+        : CmsSignedGenerator
+    {
+		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
+
+		private readonly IList signerInfs = Platform.CreateArrayList();
+
+		private class SignerInf
+        {
+            private readonly CmsSignedGenerator outer;
+
+			private readonly ISignatureFactory		sigCalc;
+			private readonly SignerIdentifier			signerIdentifier;
+			private readonly string						digestOID;
+			private readonly string						encOID;
+			private readonly CmsAttributeTableGenerator	sAttr;
+			private readonly CmsAttributeTableGenerator	unsAttr;
+			private readonly Asn1.Cms.AttributeTable	baseSignedTable;
+
+			internal SignerInf(
+                CmsSignedGenerator			outer,
+	            AsymmetricKeyParameter		key,
+	            SignerIdentifier			signerIdentifier,
+	            string						digestOID,
+	            string						encOID,
+	            CmsAttributeTableGenerator	sAttr,
+	            CmsAttributeTableGenerator	unsAttr,
+	            Asn1.Cms.AttributeTable		baseSignedTable)
+	        {
+                string digestName = Helper.GetDigestAlgName(digestOID);
+
+                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
+
+                this.outer = outer;
+                this.sigCalc = new Asn1SignatureFactory(signatureName, key);
+                this.signerIdentifier = signerIdentifier;
+                this.digestOID = digestOID;
+                this.encOID = encOID;
+	            this.sAttr = sAttr;
+	            this.unsAttr = unsAttr;
+	            this.baseSignedTable = baseSignedTable;
+            }
+
+            internal SignerInf(
+                CmsSignedGenerator outer,
+                ISignatureFactory sigCalc,
+                SignerIdentifier signerIdentifier,
+                CmsAttributeTableGenerator sAttr,
+                CmsAttributeTableGenerator unsAttr,
+                Asn1.Cms.AttributeTable baseSignedTable)
+            {
+                this.outer = outer;
+                this.sigCalc = sigCalc;
+                this.signerIdentifier = signerIdentifier;
+                this.digestOID = new DefaultDigestAlgorithmIdentifierFinder().find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
+                this.encOID = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
+                this.sAttr = sAttr;
+                this.unsAttr = unsAttr;
+                this.baseSignedTable = baseSignedTable;
+            }
+
+            internal AlgorithmIdentifier DigestAlgorithmID
+			{
+				get { return new AlgorithmIdentifier(new DerObjectIdentifier(digestOID), DerNull.Instance); }
+			}
+
+			internal CmsAttributeTableGenerator SignedAttributes
+            {
+				get { return sAttr; }
+            }
+
+            internal CmsAttributeTableGenerator UnsignedAttributes
+            {
+				get { return unsAttr; }
+            }
+
+			internal SignerInfo ToSignerInfo(
+                DerObjectIdentifier	contentType,
+                CmsProcessable		content,
+				SecureRandom		random)
+            {
+                AlgorithmIdentifier digAlgId = DigestAlgorithmID;
+				string digestName = Helper.GetDigestAlgName(digestOID);
+
+				string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
+				
+                byte[] hash;
+                if (outer._digests.Contains(digestOID))
+                {
+                    hash = (byte[])outer._digests[digestOID];
+                }
+                else
+                {
+                    IDigest dig = Helper.GetDigestInstance(digestName);
+                    if (content != null)
+                    {
+                        content.Write(new DigOutputStream(dig));
+                    }
+                    hash = DigestUtilities.DoFinal(dig);
+                    outer._digests.Add(digestOID, hash.Clone());
+                }
+
+                IStreamCalculator calculator = sigCalc.CreateCalculator();
+
+#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE
+				Stream sigStr = calculator.Stream;
+#else
+				Stream sigStr = new BufferedStream(calculator.Stream);
+#endif
+
+				Asn1Set signedAttr = null;
+				if (sAttr != null)
+				{
+					IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
+
+//					Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
+					Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);
+
+                    if (contentType == null) //counter signature
+                    {
+                        if (signed != null && signed[CmsAttributes.ContentType] != null)
+                        {
+                            IDictionary tmpSigned = signed.ToDictionary();
+                            tmpSigned.Remove(CmsAttributes.ContentType);
+                            signed = new Asn1.Cms.AttributeTable(tmpSigned);
+                        }
+                    }
+
+					// TODO Validate proposed signed attributes
+
+					signedAttr = outer.GetAttributeSet(signed);
+
+					// sig must be composed from the DER encoding.
+					new DerOutputStream(sigStr).WriteObject(signedAttr);
+				}
+                else if (content != null)
+                {
+					// TODO Use raw signature of the hash value instead
+					content.Write(sigStr);
+                }
+
+                Platform.Dispose(sigStr);
+                byte[] sigBytes = ((IBlockResult)calculator.GetResult()).Collect();
+
+				Asn1Set unsignedAttr = null;
+				if (unsAttr != null)
+				{
+					IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
+					baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();
+
+//					Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters));
+					Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters);
+
+					// TODO Validate proposed unsigned attributes
+
+					unsignedAttr = outer.GetAttributeSet(unsigned);
+				}
+
+				// TODO[RSAPSS] Need the ability to specify non-default parameters
+				Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
+				AlgorithmIdentifier encAlgId = Helper.GetEncAlgorithmIdentifier(
+					new DerObjectIdentifier(encOID), sigX509Parameters);
+				
+                return new SignerInfo(signerIdentifier, digAlgId,
+                    signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr);
+            }
+        }
+
+		public CmsSignedDataGenerator()
+        {
+        }
+
+		/// <summary>Constructor allowing specific source of randomness</summary>
+		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsSignedDataGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+
+		/**
+        * add a signer - no attributes other than the default ones will be
+        * provided here.
+		*
+		* @param key signing key to use
+		* @param cert certificate containing corresponding public key
+		* @param digestOID digest algorithm OID
+        */
+        public void AddSigner(
+            AsymmetricKeyParameter	privateKey,
+            X509Certificate			cert,
+            string					digestOID)
+        {
+        	AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID);
+		}
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be
+		 * provided here.
+		 *
+		 * @param key signing key to use
+		 * @param cert certificate containing corresponding public key
+		 * @param encryptionOID digest encryption algorithm OID
+		 * @param digestOID digest algorithm OID
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate			cert,
+			string					encryptionOID,
+			string					digestOID)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID,
+				new DefaultSignedAttributeTableGenerator(), null, null);
+		}
+
+	    /**
+	     * add a signer - no attributes other than the default ones will be
+	     * provided here.
+	     */
+	    public void AddSigner(
+            AsymmetricKeyParameter	privateKey,
+	        byte[]					subjectKeyID,
+            string					digestOID)
+	    {
+			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID);
+	    }
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be
+		 * provided here.
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					encryptionOID,
+			string					digestOID)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID,
+				new DefaultSignedAttributeTableGenerator(), null, null);
+		}
+
+        /**
+        * add a signer with extra signed/unsigned attributes.
+		*
+		* @param key signing key to use
+		* @param cert certificate containing corresponding public key
+		* @param digestOID digest algorithm OID
+		* @param signedAttr table of attributes to be included in signature
+		* @param unsignedAttr table of attributes to be included as unsigned
+        */
+        public void AddSigner(
+            AsymmetricKeyParameter	privateKey,
+            X509Certificate			cert,
+            string					digestOID,
+            Asn1.Cms.AttributeTable	signedAttr,
+            Asn1.Cms.AttributeTable	unsignedAttr)
+        {
+			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID,
+				signedAttr, unsignedAttr);
+		}
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
+		 *
+		 * @param key signing key to use
+		 * @param cert certificate containing corresponding public key
+		 * @param encryptionOID digest encryption algorithm OID
+		 * @param digestOID digest algorithm OID
+		 * @param signedAttr table of attributes to be included in signature
+		 * @param unsignedAttr table of attributes to be included as unsigned
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate			cert,
+			string					encryptionOID,
+			string					digestOID,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID,
+				new DefaultSignedAttributeTableGenerator(signedAttr),
+				new SimpleAttributeTableGenerator(unsignedAttr),
+				signedAttr);
+		}
+
+	    /**
+	     * add a signer with extra signed/unsigned attributes.
+		 *
+		 * @param key signing key to use
+		 * @param subjectKeyID subjectKeyID of corresponding public key
+		 * @param digestOID digest algorithm OID
+		 * @param signedAttr table of attributes to be included in signature
+		 * @param unsignedAttr table of attributes to be included as unsigned
+	     */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					digestOID,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+		{
+			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID,
+				signedAttr, unsignedAttr); 
+		}
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
+		 *
+		 * @param key signing key to use
+		 * @param subjectKeyID subjectKeyID of corresponding public key
+		 * @param encryptionOID digest encryption algorithm OID
+		 * @param digestOID digest algorithm OID
+		 * @param signedAttr table of attributes to be included in signature
+		 * @param unsignedAttr table of attributes to be included as unsigned
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					encryptionOID,
+			string					digestOID,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID,
+				new DefaultSignedAttributeTableGenerator(signedAttr),
+				new SimpleAttributeTableGenerator(unsignedAttr),
+				signedAttr);
+		}
+
+		/**
+		 * add a signer with extra signed/unsigned attributes based on generators.
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			X509Certificate				cert,
+			string						digestOID,
+			CmsAttributeTableGenerator	signedAttrGen,
+			CmsAttributeTableGenerator	unsignedAttrGen)
+		{
+			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID,
+				signedAttrGen, unsignedAttrGen);
+		}
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes based on generators.
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			X509Certificate				cert,
+			string						encryptionOID,
+			string						digestOID,
+			CmsAttributeTableGenerator	signedAttrGen,
+			CmsAttributeTableGenerator	unsignedAttrGen)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID, signedAttrGen,
+				unsignedAttrGen, null);
+		}
+
+	    /**
+	     * add a signer with extra signed/unsigned attributes based on generators.
+	     */
+	    public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+	        byte[]						subjectKeyID,
+	        string						digestOID,
+	        CmsAttributeTableGenerator	signedAttrGen,
+	        CmsAttributeTableGenerator	unsignedAttrGen)
+	    {
+			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID,
+				signedAttrGen, unsignedAttrGen);
+	    }
+
+		/**
+		 * add a signer, including digest encryption algorithm, with extra signed/unsigned attributes based on generators.
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			byte[]						subjectKeyID,
+			string						encryptionOID,
+			string						digestOID,
+			CmsAttributeTableGenerator	signedAttrGen,
+			CmsAttributeTableGenerator	unsignedAttrGen)
+		{
+			doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID,
+				signedAttrGen, unsignedAttrGen, null);
+		}
+
+        public void AddSignerInfoGenerator(SignerInfoGenerator signerInfoGenerator)
+        {
+            signerInfs.Add(new SignerInf(this, signerInfoGenerator.contentSigner, signerInfoGenerator.sigId,
+                            signerInfoGenerator.signedGen, signerInfoGenerator.unsignedGen, null));
+        }
+
+        private void doAddSigner(
+			AsymmetricKeyParameter		privateKey,
+			SignerIdentifier            signerIdentifier,
+			string                      encryptionOID,
+			string                      digestOID,
+			CmsAttributeTableGenerator  signedAttrGen,
+			CmsAttributeTableGenerator  unsignedAttrGen,
+			Asn1.Cms.AttributeTable		baseSignedTable)
+		{
+			signerInfs.Add(new SignerInf(this, privateKey, signerIdentifier, digestOID, encryptionOID,
+				signedAttrGen, unsignedAttrGen, baseSignedTable));
+		}
+
+		/**
+        * generate a signed object that for a CMS Signed Data object
+        */
+        public CmsSignedData Generate(
+            CmsProcessable content)
+        {
+            return Generate(content, false);
+        }
+
+        /**
+        * generate a signed object that for a CMS Signed Data
+        * object  - if encapsulate is true a copy
+        * of the message will be included in the signature. The content type
+        * is set according to the OID represented by the string signedContentType.
+        */
+        public CmsSignedData Generate(
+            string			signedContentType,
+			// FIXME Avoid accessing more than once to support CmsProcessableInputStream
+            CmsProcessable	content,
+            bool			encapsulate)
+        {
+            Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
+            Asn1EncodableVector signerInfos = new Asn1EncodableVector();
+
+			_digests.Clear(); // clear the current preserved digest state
+
+			//
+            // add the precalculated SignerInfo objects.
+            //
+            foreach (SignerInformation signer in _signers)
+            {
+				digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID));
+
+				// TODO Verify the content type and calculated digest match the precalculated SignerInfo
+				signerInfos.Add(signer.ToSignerInfo());
+            }
+
+			//
+            // add the SignerInfo objects
+            //
+            bool isCounterSignature = (signedContentType == null);
+
+            DerObjectIdentifier contentTypeOid = isCounterSignature
+                ?   null
+				:	new DerObjectIdentifier(signedContentType);
+
+            foreach (SignerInf signer in signerInfs)
+            {
+				try
+                {
+					digestAlgs.Add(signer.DigestAlgorithmID);
+                    signerInfos.Add(signer.ToSignerInfo(contentTypeOid, content, rand));
+				}
+                catch (IOException e)
+                {
+                    throw new CmsException("encoding error.", e);
+                }
+                catch (InvalidKeyException e)
+                {
+                    throw new CmsException("key inappropriate for signature.", e);
+                }
+                catch (SignatureException e)
+                {
+                    throw new CmsException("error creating signature.", e);
+                }
+                catch (CertificateEncodingException e)
+                {
+                    throw new CmsException("error creating sid.", e);
+                }
+            }
+
+			Asn1Set certificates = null;
+
+			if (_certs.Count != 0)
+			{
+				certificates = CmsUtilities.CreateBerSetFromList(_certs);
+			}
+
+			Asn1Set certrevlist = null;
+
+			if (_crls.Count != 0)
+			{
+				certrevlist = CmsUtilities.CreateBerSetFromList(_crls);
+			}
+
+			Asn1OctetString octs = null;
+			if (encapsulate)
+            {
+                MemoryStream bOut = new MemoryStream();
+				if (content != null)
+				{
+	                try
+	                {
+	                    content.Write(bOut);
+	                }
+	                catch (IOException e)
+	                {
+	                    throw new CmsException("encapsulation error.", e);
+	                }
+				}
+				octs = new BerOctetString(bOut.ToArray());
+            }
+
+            ContentInfo encInfo = new ContentInfo(contentTypeOid, octs);
+
+            SignedData sd = new SignedData(
+                new DerSet(digestAlgs),
+                encInfo,
+                certificates,
+                certrevlist,
+                new DerSet(signerInfos));
+
+            ContentInfo contentInfo = new ContentInfo(CmsObjectIdentifiers.SignedData, sd);
+
+            return new CmsSignedData(content, contentInfo);
+        }
+
+        /**
+        * generate a signed object that for a CMS Signed Data
+        * object - if encapsulate is true a copy
+        * of the message will be included in the signature with the
+        * default content type "data".
+        */
+        public CmsSignedData Generate(
+            CmsProcessable	content,
+            bool			encapsulate)
+        {
+            return this.Generate(Data, content, encapsulate);
+        }
+
+		/**
+		* generate a set of one or more SignerInformation objects representing counter signatures on
+		* the passed in SignerInformation object.
+		*
+		* @param signer the signer to be countersigned
+		* @param sigProvider the provider to be used for counter signing.
+		* @return a store containing the signers.
+		*/
+		public SignerInformationStore GenerateCounterSigners(
+			SignerInformation signer)
+		{
+			return this.Generate(null, new CmsProcessableByteArray(signer.GetSignature()), false).GetSignerInfos();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedDataParser.cs b/bc-sharp-crypto/src/cms/CMSSignedDataParser.cs
new file mode 100644
index 0000000..fb51ab1
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedDataParser.cs
@@ -0,0 +1,450 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* Parsing class for an CMS Signed Data object from an input stream.
+	* <p>
+	* Note: that because we are in a streaming mode only one signer can be tried and it is important
+	* that the methods on the parser are called in the appropriate order.
+	* </p>
+	* <p>
+	* A simple example of usage for an encapsulated signature.
+	* </p>
+	* <p>
+	* Two notes: first, in the example below the validity of
+	* the certificate isn't verified, just the fact that one of the certs
+	* matches the given signer, and, second, because we are in a streaming
+	* mode the order of the operations is important.
+	* </p>
+	* <pre>
+	*      CmsSignedDataParser     sp = new CmsSignedDataParser(encapSigData);
+	*
+	*      sp.GetSignedContent().Drain();
+	*
+	*      IX509Store              certs = sp.GetCertificates();
+	*      SignerInformationStore  signers = sp.GetSignerInfos();
+	*
+	*      foreach (SignerInformation signer in signers.GetSigners())
+	*      {
+	*          ArrayList       certList = new ArrayList(certs.GetMatches(signer.SignerID));
+	*          X509Certificate cert = (X509Certificate) certList[0];
+	*
+	*          Console.WriteLine("verify returns: " + signer.Verify(cert));
+	*      }
+	* </pre>
+	*  Note also: this class does not introduce buffering - if you are processing large files you should create
+	*  the parser with:
+	*  <pre>
+	*          CmsSignedDataParser     ep = new CmsSignedDataParser(new BufferedInputStream(encapSigData, bufSize));
+	*  </pre>
+	*  where bufSize is a suitably large buffer size.
+	*/
+	public class CmsSignedDataParser
+		: CmsContentInfoParser
+	{
+		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
+
+		private SignedDataParser        _signedData;
+		private DerObjectIdentifier		_signedContentType;
+		private CmsTypedStream          _signedContent;
+		private IDictionary				_digests;
+		private ISet					_digestOids;
+
+		private SignerInformationStore  _signerInfoStore;
+		private Asn1Set                 _certSet, _crlSet;
+		private bool					_isCertCrlParsed;
+		private IX509Store				_attributeStore;
+		private IX509Store				_certificateStore;
+		private IX509Store				_crlStore;
+
+		public CmsSignedDataParser(
+			byte[] sigBlock)
+			: this(new MemoryStream(sigBlock, false))
+		{
+		}
+
+		public CmsSignedDataParser(
+			CmsTypedStream	signedContent,
+			byte[]			sigBlock)
+			: this(signedContent, new MemoryStream(sigBlock, false))
+		{
+		}
+
+		/**
+		* base constructor - with encapsulated content
+		*/
+		public CmsSignedDataParser(
+			Stream sigData)
+			: this(null, sigData)
+		{
+		}
+
+		/**
+		* base constructor
+		*
+		* @param signedContent the content that was signed.
+		* @param sigData the signature object.
+		*/
+		public CmsSignedDataParser(
+			CmsTypedStream	signedContent,
+			Stream			sigData)
+			: base(sigData)
+		{
+			try
+			{
+				this._signedContent = signedContent;
+				this._signedData = SignedDataParser.GetInstance(this.contentInfo.GetContent(Asn1Tags.Sequence));
+				this._digests = Platform.CreateHashtable();
+				this._digestOids = new HashSet();
+
+				Asn1SetParser digAlgs = _signedData.GetDigestAlgorithms();
+				IAsn1Convertible o;
+
+				while ((o = digAlgs.ReadObject()) != null)
+				{
+					AlgorithmIdentifier id = AlgorithmIdentifier.GetInstance(o.ToAsn1Object());
+
+					try
+					{
+                        string digestOid = id.Algorithm.Id;
+						string digestName = Helper.GetDigestAlgName(digestOid);
+
+						if (!this._digests.Contains(digestName))
+						{
+							this._digests[digestName] = Helper.GetDigestInstance(digestName);
+							this._digestOids.Add(digestOid);
+						}
+					}
+					catch (SecurityUtilityException)
+					{
+						// TODO Should do something other than ignore it
+					}
+				}
+
+				//
+				// If the message is simply a certificate chain message GetContent() may return null.
+				//
+				ContentInfoParser cont = _signedData.GetEncapContentInfo();
+				Asn1OctetStringParser octs = (Asn1OctetStringParser)
+					cont.GetContent(Asn1Tags.OctetString);
+
+				if (octs != null)
+				{
+					CmsTypedStream ctStr = new CmsTypedStream(
+						cont.ContentType.Id, octs.GetOctetStream());
+
+					if (_signedContent == null)
+					{
+						this._signedContent = ctStr;
+					}
+					else
+					{
+						//
+						// content passed in, need to read past empty encapsulated content info object if present
+						//
+						ctStr.Drain();
+					}
+				}
+
+				_signedContentType = _signedContent == null
+					?	cont.ContentType
+					:	new DerObjectIdentifier(_signedContent.ContentType);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("io exception: " + e.Message, e);
+			}
+		}
+
+		/**
+		 * Return the version number for the SignedData object
+		 *
+		 * @return the version number
+		 */
+		public int Version
+		{
+			get { return _signedData.Version.Value.IntValue; }
+		}
+
+		public ISet DigestOids
+		{
+			get { return new HashSet(_digestOids); }
+		}
+
+		/**
+		* return the collection of signers that are associated with the
+		* signatures for the message.
+		* @throws CmsException
+		*/
+		public SignerInformationStore GetSignerInfos()
+		{
+			if (_signerInfoStore == null)
+			{
+				PopulateCertCrlSets();
+
+                IList signerInfos = Platform.CreateArrayList();
+                IDictionary hashes = Platform.CreateHashtable();
+
+				foreach (object digestKey in _digests.Keys)
+				{
+					hashes[digestKey] = DigestUtilities.DoFinal(
+						(IDigest)_digests[digestKey]);
+				}
+
+				try
+				{
+					Asn1SetParser s = _signedData.GetSignerInfos();
+					IAsn1Convertible o;
+
+					while ((o = s.ReadObject()) != null)
+					{
+						SignerInfo info = SignerInfo.GetInstance(o.ToAsn1Object());
+						string digestName = Helper.GetDigestAlgName(
+                            info.DigestAlgorithm.Algorithm.Id);
+
+						byte[] hash = (byte[]) hashes[digestName];
+
+						signerInfos.Add(new SignerInformation(info, _signedContentType, null, new BaseDigestCalculator(hash)));
+					}
+				}
+				catch (IOException e)
+				{
+					throw new CmsException("io exception: " + e.Message, e);
+				}
+
+				_signerInfoStore = new SignerInformationStore(signerInfos);
+			}
+
+			return _signerInfoStore;
+		}
+
+		/**
+		 * return a X509Store containing the attribute certificates, if any, contained
+		 * in this message.
+		 *
+		 * @param type type of store to create
+		 * @return a store of attribute certificates
+		 * @exception org.bouncycastle.x509.NoSuchStoreException if the store type isn't available.
+		 * @exception CmsException if a general exception prevents creation of the X509Store
+		 */
+		public IX509Store GetAttributeCertificates(
+			string type)
+		{
+			if (_attributeStore == null)
+			{
+				PopulateCertCrlSets();
+
+				_attributeStore = Helper.CreateAttributeStore(type, _certSet);
+			}
+
+			return _attributeStore;
+		}
+
+		/**
+		* return a X509Store containing the public key certificates, if any, contained
+		* in this message.
+		*
+		* @param type type of store to create
+		* @return a store of public key certificates
+		* @exception NoSuchStoreException if the store type isn't available.
+		* @exception CmsException if a general exception prevents creation of the X509Store
+		*/
+		public IX509Store GetCertificates(
+			string type)
+		{
+			if (_certificateStore == null)
+			{
+				PopulateCertCrlSets();
+
+				_certificateStore = Helper.CreateCertificateStore(type, _certSet);
+			}
+
+			return _certificateStore;
+		}
+
+		/**
+		* return a X509Store containing CRLs, if any, contained
+		* in this message.
+		*
+		* @param type type of store to create
+		* @return a store of CRLs
+		* @exception NoSuchStoreException if the store type isn't available.
+		* @exception CmsException if a general exception prevents creation of the X509Store
+		*/
+		public IX509Store GetCrls(
+			string type)
+		{
+			if (_crlStore == null)
+			{
+				PopulateCertCrlSets();
+
+				_crlStore = Helper.CreateCrlStore(type, _crlSet);
+			}
+
+			return _crlStore;
+		}
+
+		private void PopulateCertCrlSets()
+		{
+			if (_isCertCrlParsed)
+				return;
+
+			_isCertCrlParsed = true;
+
+			try
+			{
+				// care! Streaming - Must process the GetCertificates() result before calling GetCrls()
+				_certSet = GetAsn1Set(_signedData.GetCertificates());
+				_crlSet = GetAsn1Set(_signedData.GetCrls());
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("problem parsing cert/crl sets", e);
+			}
+		}
+
+		/// <summary>
+		/// Return the <c>DerObjectIdentifier</c> associated with the encapsulated
+		/// content info structure carried in the signed data.
+		/// </summary>
+		public DerObjectIdentifier SignedContentType
+		{
+			get { return _signedContentType; }
+		}
+
+		public CmsTypedStream GetSignedContent()
+		{
+			if (_signedContent == null)
+			{
+				return null;
+			}
+
+			Stream digStream = _signedContent.ContentStream;
+
+			foreach (IDigest digest in _digests.Values)
+			{
+				digStream = new DigestStream(digStream, digest, null);
+			}
+
+			return new CmsTypedStream(_signedContent.ContentType, digStream);
+		}
+
+		/**
+		 * Replace the signerinformation store associated with the passed
+		 * in message contained in the stream original with the new one passed in.
+		 * You would probably only want to do this if you wanted to change the unsigned
+		 * attributes associated with a signer, or perhaps delete one.
+		 * <p>
+		 * The output stream is returned unclosed.
+		 * </p>
+		 * @param original the signed data stream to be used as a base.
+		 * @param signerInformationStore the new signer information store to use.
+		 * @param out the stream to Write the new signed data object to.
+		 * @return out.
+		 */
+		public static Stream ReplaceSigners(
+			Stream					original,
+			SignerInformationStore	signerInformationStore,
+			Stream					outStr)
+		{
+			// NB: SecureRandom would be ignored since using existing signatures only
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+			CmsSignedDataParser parser = new CmsSignedDataParser(original);
+
+//			gen.AddDigests(parser.DigestOids);
+			gen.AddSigners(signerInformationStore);
+
+			CmsTypedStream signedContent = parser.GetSignedContent();
+			bool encapsulate = (signedContent != null);
+			Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate);
+			if (encapsulate)
+			{
+				Streams.PipeAll(signedContent.ContentStream, contentOut);
+			}
+
+			gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
+			gen.AddCertificates(parser.GetCertificates("Collection"));
+			gen.AddCrls(parser.GetCrls("Collection"));
+
+//			gen.AddSigners(parser.GetSignerInfos());
+
+            Platform.Dispose(contentOut);
+
+			return outStr;
+		}
+
+		/**
+		 * Replace the certificate and CRL information associated with this
+		 * CMSSignedData object with the new one passed in.
+		 * <p>
+		 * The output stream is returned unclosed.
+		 * </p>
+		 * @param original the signed data stream to be used as a base.
+		 * @param certsAndCrls the new certificates and CRLs to be used.
+		 * @param out the stream to Write the new signed data object to.
+		 * @return out.
+		 * @exception CmsException if there is an error processing the CertStore
+		 */
+		public static Stream ReplaceCertificatesAndCrls(
+			Stream			original,
+			IX509Store		x509Certs,
+			IX509Store		x509Crls,
+			IX509Store		x509AttrCerts,
+			Stream			outStr)
+		{
+			// NB: SecureRandom would be ignored since using existing signatures only
+			CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+			CmsSignedDataParser parser = new CmsSignedDataParser(original);
+
+			gen.AddDigests(parser.DigestOids);
+
+			CmsTypedStream signedContent = parser.GetSignedContent();
+			bool encapsulate = (signedContent != null);
+			Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate);
+			if (encapsulate)
+			{
+				Streams.PipeAll(signedContent.ContentStream, contentOut);
+			}
+
+//			gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
+//			gen.AddCertificates(parser.GetCertificates("Collection"));
+//			gen.AddCrls(parser.GetCrls("Collection"));
+			if (x509AttrCerts != null)
+				gen.AddAttributeCertificates(x509AttrCerts);
+			if (x509Certs != null)
+				gen.AddCertificates(x509Certs);
+			if (x509Crls != null)
+				gen.AddCrls(x509Crls);
+
+			gen.AddSigners(parser.GetSignerInfos());
+
+            Platform.Dispose(contentOut);
+
+            return outStr;
+		}
+
+        private static Asn1Set GetAsn1Set(
+			Asn1SetParser asn1SetParser)
+		{
+			return asn1SetParser == null
+				?	null
+				:	Asn1Set.GetInstance(asn1SetParser.ToAsn1Object());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedDataStreamGenerator.cs b/bc-sharp-crypto/src/cms/CMSSignedDataStreamGenerator.cs
new file mode 100644
index 0000000..d0ab742
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedDataStreamGenerator.cs
@@ -0,0 +1,929 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * General class for generating a pkcs7-signature message stream.
+    * <p>
+    * A simple example of usage.
+    * </p>
+    * <pre>
+    *      IX509Store                   certs...
+    *      CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+    *
+    *      gen.AddSigner(privateKey, cert, CmsSignedDataStreamGenerator.DIGEST_SHA1);
+    *
+    *      gen.AddCertificates(certs);
+    *
+    *      Stream sigOut = gen.Open(bOut);
+    *
+    *      sigOut.Write(Encoding.UTF8.GetBytes("Hello World!"));
+    *
+    *      sigOut.Close();
+    * </pre>
+    */
+    public class CmsSignedDataStreamGenerator
+        : CmsSignedGenerator
+    {
+		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
+
+		private readonly IList      _signerInfs = Platform.CreateArrayList();
+		private readonly ISet		_messageDigestOids = new HashSet();
+        private readonly IDictionary _messageDigests = Platform.CreateHashtable();
+        private readonly IDictionary _messageHashes = Platform.CreateHashtable();
+		private bool				_messageDigestsLocked;
+        private int					_bufferSize;
+
+		private class DigestAndSignerInfoGeneratorHolder
+		{
+			internal readonly ISignerInfoGenerator	signerInf;
+			internal readonly string				digestOID;
+
+			internal DigestAndSignerInfoGeneratorHolder(ISignerInfoGenerator signerInf, String digestOID)
+			{
+				this.signerInf = signerInf;
+				this.digestOID = digestOID;
+			}
+
+			internal AlgorithmIdentifier DigestAlgorithm
+			{
+				get { return new AlgorithmIdentifier(new DerObjectIdentifier(this.digestOID), DerNull.Instance); }
+			}
+		}
+
+		private class SignerInfoGeneratorImpl : ISignerInfoGenerator
+        {
+			private readonly CmsSignedDataStreamGenerator outer;
+
+			private readonly SignerIdentifier			_signerIdentifier;
+			private readonly string						_digestOID;
+			private readonly string						_encOID;
+			private readonly CmsAttributeTableGenerator	_sAttr;
+			private readonly CmsAttributeTableGenerator	_unsAttr;
+			private readonly string						_encName;
+			private readonly ISigner					_sig;
+
+			internal SignerInfoGeneratorImpl(
+				CmsSignedDataStreamGenerator	outer,
+				AsymmetricKeyParameter			key,
+				SignerIdentifier				signerIdentifier,
+				string							digestOID,
+				string							encOID,
+				CmsAttributeTableGenerator		sAttr,
+				CmsAttributeTableGenerator		unsAttr)
+			{
+				this.outer = outer;
+
+				_signerIdentifier = signerIdentifier;
+				_digestOID = digestOID;
+				_encOID = encOID;
+				_sAttr = sAttr;
+				_unsAttr = unsAttr;
+				_encName = Helper.GetEncryptionAlgName(_encOID);
+
+				string digestName = Helper.GetDigestAlgName(_digestOID);
+				string signatureName = digestName + "with" + _encName;
+
+				if (_sAttr != null)
+				{
+            		_sig = Helper.GetSignatureInstance(signatureName);
+				}
+				else
+				{
+					// Note: Need to use raw signatures here since we have already calculated the digest
+					if (_encName.Equals("RSA"))
+					{
+						_sig = Helper.GetSignatureInstance("RSA");
+					}
+					else if (_encName.Equals("DSA"))
+					{
+						_sig = Helper.GetSignatureInstance("NONEwithDSA");
+					}
+					// TODO Add support for raw PSS
+//					else if (_encName.equals("RSAandMGF1"))
+//					{
+//						_sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider);
+//						try
+//						{
+//							// Init the params this way to avoid having a 'raw' version of each PSS algorithm
+//							Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider);
+//							PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class);
+//							_sig.setParameter(spec);
+//						}
+//						catch (Exception e)
+//						{
+//							throw new SignatureException("algorithm: " + _encName + " could not be configured.");
+//						}
+//					}
+					else
+					{
+						throw new SignatureException("algorithm: " + _encName + " not supported in base signatures.");
+					}
+				}
+
+				_sig.Init(true, new ParametersWithRandom(key, outer.rand));
+			}
+
+			public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm,
+        		byte[] calculatedDigest)
+			{
+				try
+				{
+					string digestName = Helper.GetDigestAlgName(_digestOID);
+					string signatureName = digestName + "with" + _encName;
+
+//					AlgorithmIdentifier digAlgId = DigestAlgorithmID;
+//
+//					byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];
+//					outer._digests[_digestOID] = hash.Clone();
+
+					byte[] bytesToSign = calculatedDigest;
+
+					/* RFC 3852 5.4
+					 * The result of the message digest calculation process depends on
+					 * whether the signedAttrs field is present.  When the field is absent,
+					 * the result is just the message digest of the content as described
+					 *
+					 * above.  When the field is present, however, the result is the message
+					 * digest of the complete DER encoding of the SignedAttrs value
+					 * contained in the signedAttrs field.
+					 */
+					Asn1Set signedAttr = null;
+					if (_sAttr != null)
+					{
+						IDictionary parameters = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest);
+
+//						Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
+						Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters);
+
+                        if (contentType == null) //counter signature
+                        {
+                            if (signed != null && signed[CmsAttributes.ContentType] != null)
+                            {
+                                IDictionary tmpSigned = signed.ToDictionary();
+                                tmpSigned.Remove(CmsAttributes.ContentType);
+                                signed = new Asn1.Cms.AttributeTable(tmpSigned);
+                            }
+                        }
+
+                        signedAttr = outer.GetAttributeSet(signed);
+
+                		// sig must be composed from the DER encoding.
+						bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der);
+					}
+					else
+					{
+						// Note: Need to use raw signatures here since we have already calculated the digest
+						if (_encName.Equals("RSA"))
+						{
+							DigestInfo dInfo = new DigestInfo(digestAlgorithm, calculatedDigest);
+							bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der);
+						}
+					}
+
+					_sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
+					byte[] sigBytes = _sig.GenerateSignature();
+
+					Asn1Set unsignedAttr = null;
+					if (_unsAttr != null)
+					{
+						IDictionary parameters = outer.GetBaseParameters(
+							contentType, digestAlgorithm, calculatedDigest);
+						parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();
+
+//						Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters));
+						Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters);
+
+						unsignedAttr = outer.GetAttributeSet(unsigned);
+					}
+
+					// TODO[RSAPSS] Need the ability to specify non-default parameters
+					Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
+					AlgorithmIdentifier digestEncryptionAlgorithm = Helper.GetEncAlgorithmIdentifier(
+						new DerObjectIdentifier(_encOID), sigX509Parameters);
+
+					return new SignerInfo(_signerIdentifier, digestAlgorithm,
+						signedAttr, digestEncryptionAlgorithm, new DerOctetString(sigBytes), unsignedAttr);
+				}
+	            catch (IOException e)
+	            {
+	                throw new CmsStreamException("encoding error.", e);
+	            }
+	            catch (SignatureException e)
+	            {
+	                throw new CmsStreamException("error creating signature.", e);
+	            }
+            }
+        }
+
+		public CmsSignedDataStreamGenerator()
+        {
+        }
+
+		/// <summary>Constructor allowing specific source of randomness</summary>
+		/// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+		public CmsSignedDataStreamGenerator(
+			SecureRandom rand)
+			: base(rand)
+		{
+		}
+
+		/**
+        * Set the underlying string size for encapsulated data
+        *
+        * @param bufferSize length of octet strings to buffer the data.
+        */
+        public void SetBufferSize(
+            int bufferSize)
+        {
+            _bufferSize = bufferSize;
+        }
+
+		public void AddDigests(
+       		params string[] digestOids)
+		{
+       		AddDigests((IEnumerable) digestOids);
+		}
+
+		public void AddDigests(
+			IEnumerable digestOids)
+		{
+			foreach (string digestOid in digestOids)
+			{
+				ConfigureDigest(digestOid);
+			}
+		}
+
+		/**
+        * add a signer - no attributes other than the default ones will be
+        * provided here.
+        * @throws NoSuchAlgorithmException
+        * @throws InvalidKeyException
+        */
+        public void AddSigner(
+            AsymmetricKeyParameter	privateKey,
+            X509Certificate			cert,
+            string					digestOid)
+        {
+			AddSigner(privateKey, cert, digestOid,
+				new DefaultSignedAttributeTableGenerator(), null);
+		}
+
+		/**
+		 * add a signer, specifying the digest encryption algorithm - no attributes other than the default ones will be
+		 * provided here.
+		 * @throws NoSuchProviderException
+		 * @throws NoSuchAlgorithmException
+		 * @throws InvalidKeyException
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate			cert,
+			string					encryptionOid,
+			string					digestOid)
+		{
+			AddSigner(privateKey, cert, encryptionOid, digestOid,
+				new DefaultSignedAttributeTableGenerator(),
+				(CmsAttributeTableGenerator)null);
+		}
+
+        /**
+        * add a signer with extra signed/unsigned attributes.
+        * @throws NoSuchAlgorithmException
+        * @throws InvalidKeyException
+        */
+        public void AddSigner(
+            AsymmetricKeyParameter	privateKey,
+            X509Certificate			cert,
+            string					digestOid,
+            Asn1.Cms.AttributeTable	signedAttr,
+            Asn1.Cms.AttributeTable	unsignedAttr)
+        {
+			AddSigner(privateKey, cert, digestOid,
+				new DefaultSignedAttributeTableGenerator(signedAttr),
+				new SimpleAttributeTableGenerator(unsignedAttr));
+		}
+
+		/**
+		 * add a signer with extra signed/unsigned attributes - specifying digest
+		 * encryption algorithm.
+		 * @throws NoSuchProviderException
+		 * @throws NoSuchAlgorithmException
+		 * @throws InvalidKeyException
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate			cert,
+			string					encryptionOid,
+			string					digestOid,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+		{
+			AddSigner(privateKey, cert, encryptionOid, digestOid,
+				new DefaultSignedAttributeTableGenerator(signedAttr),
+				new SimpleAttributeTableGenerator(unsignedAttr));
+		}
+
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			X509Certificate				cert,
+			string						digestOid,
+			CmsAttributeTableGenerator  signedAttrGenerator,
+			CmsAttributeTableGenerator  unsignedAttrGenerator)
+		{
+			AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOid), digestOid,
+				signedAttrGenerator, unsignedAttrGenerator);
+        }
+
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			X509Certificate				cert,
+			string						encryptionOid,
+			string						digestOid,
+			CmsAttributeTableGenerator  signedAttrGenerator,
+			CmsAttributeTableGenerator  unsignedAttrGenerator)
+		{
+			DoAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOid, digestOid,
+				signedAttrGenerator, unsignedAttrGenerator);
+		}
+
+		/**
+		* add a signer - no attributes other than the default ones will be
+		* provided here.
+		* @throws NoSuchAlgorithmException
+		* @throws InvalidKeyException
+		*/
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					digestOid)
+		{
+			AddSigner(privateKey, subjectKeyID, digestOid, new DefaultSignedAttributeTableGenerator(),
+				(CmsAttributeTableGenerator)null);
+		}
+
+		/**
+		 * add a signer - no attributes other than the default ones will be
+		 * provided here.
+		 * @throws NoSuchProviderException
+		 * @throws NoSuchAlgorithmException
+		 * @throws InvalidKeyException
+		 */
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					encryptionOid,
+			string					digestOid)
+		{
+			AddSigner(privateKey, subjectKeyID, encryptionOid, digestOid,
+				new DefaultSignedAttributeTableGenerator(),
+				(CmsAttributeTableGenerator)null);
+		}
+
+		/**
+		* add a signer with extra signed/unsigned attributes.
+		* @throws NoSuchAlgorithmException
+		* @throws InvalidKeyException
+		*/
+		public void AddSigner(
+			AsymmetricKeyParameter	privateKey,
+			byte[]					subjectKeyID,
+			string					digestOid,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+	    {
+	        AddSigner(privateKey, subjectKeyID, digestOid,
+				new DefaultSignedAttributeTableGenerator(signedAttr),
+				new SimpleAttributeTableGenerator(unsignedAttr));
+		}
+
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			byte[]						subjectKeyID,
+			string						digestOid,
+			CmsAttributeTableGenerator	signedAttrGenerator,
+			CmsAttributeTableGenerator	unsignedAttrGenerator)
+		{
+			AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOid),
+				digestOid, signedAttrGenerator, unsignedAttrGenerator);
+		}
+
+		public void AddSigner(
+			AsymmetricKeyParameter		privateKey,
+			byte[]						subjectKeyID,
+			string						encryptionOid,
+			string						digestOid,
+			CmsAttributeTableGenerator	signedAttrGenerator,
+			CmsAttributeTableGenerator	unsignedAttrGenerator)
+		{
+			DoAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOid, digestOid,
+				signedAttrGenerator, unsignedAttrGenerator);
+		}
+
+		private void DoAddSigner(
+			AsymmetricKeyParameter		privateKey,
+			SignerIdentifier			signerIdentifier,
+			string						encryptionOid,
+			string						digestOid,
+			CmsAttributeTableGenerator	signedAttrGenerator,
+			CmsAttributeTableGenerator	unsignedAttrGenerator)
+		{
+			ConfigureDigest(digestOid);
+
+			SignerInfoGeneratorImpl signerInf = new SignerInfoGeneratorImpl(this, privateKey,
+				signerIdentifier, digestOid, encryptionOid, signedAttrGenerator, unsignedAttrGenerator);
+
+			_signerInfs.Add(new DigestAndSignerInfoGeneratorHolder(signerInf, digestOid));
+		}
+
+		internal override void AddSignerCallback(
+			SignerInformation si)
+		{
+			// FIXME If there were parameters in si.DigestAlgorithmID.Parameters, they are lost
+			// NB: Would need to call FixAlgID on the DigestAlgorithmID
+
+			// For precalculated signers, just need to register the algorithm, not configure a digest
+            RegisterDigestOid(si.DigestAlgorithmID.Algorithm.Id);
+		}
+
+		/**
+        * generate a signed object that for a CMS Signed Data object
+        */
+        public Stream Open(
+            Stream outStream)
+        {
+            return Open(outStream, false);
+        }
+
+        /**
+        * generate a signed object that for a CMS Signed Data
+        * object - if encapsulate is true a copy
+        * of the message will be included in the signature with the
+        * default content type "data".
+        */
+        public Stream Open(
+            Stream	outStream,
+            bool	encapsulate)
+        {
+            return Open(outStream, Data, encapsulate);
+        }
+
+		/**
+		 * generate a signed object that for a CMS Signed Data
+		 * object using the given provider - if encapsulate is true a copy
+		 * of the message will be included in the signature with the
+		 * default content type "data". If dataOutputStream is non null the data
+		 * being signed will be written to the stream as it is processed.
+		 * @param out stream the CMS object is to be written to.
+		 * @param encapsulate true if data should be encapsulated.
+		 * @param dataOutputStream output stream to copy the data being signed to.
+		 */
+		public Stream Open(
+			Stream	outStream,
+			bool	encapsulate,
+			Stream	dataOutputStream)
+		{
+			return Open(outStream, Data, encapsulate, dataOutputStream);
+		}
+
+		/**
+        * generate a signed object that for a CMS Signed Data
+        * object - if encapsulate is true a copy
+        * of the message will be included in the signature. The content type
+        * is set according to the OID represented by the string signedContentType.
+        */
+        public Stream Open(
+            Stream	outStream,
+            string	signedContentType,
+            bool	encapsulate)
+        {
+			return Open(outStream, signedContentType, encapsulate, null);
+		}
+
+		/**
+		* generate a signed object that for a CMS Signed Data
+		* object using the given provider - if encapsulate is true a copy
+		* of the message will be included in the signature. The content type
+		* is set according to the OID represented by the string signedContentType.
+		* @param out stream the CMS object is to be written to.
+		* @param signedContentType OID for data to be signed.
+		* @param encapsulate true if data should be encapsulated.
+		* @param dataOutputStream output stream to copy the data being signed to.
+		*/
+		public Stream Open(
+			Stream	outStream,
+			string	signedContentType,
+			bool	encapsulate,
+			Stream	dataOutputStream)
+		{
+			if (outStream == null)
+				throw new ArgumentNullException("outStream");
+			if (!outStream.CanWrite)
+				throw new ArgumentException("Expected writeable stream", "outStream");
+			if (dataOutputStream != null && !dataOutputStream.CanWrite)
+				throw new ArgumentException("Expected writeable stream", "dataOutputStream");
+
+			_messageDigestsLocked = true;
+
+			//
+            // ContentInfo
+            //
+            BerSequenceGenerator sGen = new BerSequenceGenerator(outStream);
+
+			sGen.AddObject(CmsObjectIdentifiers.SignedData);
+
+			//
+            // Signed Data
+            //
+            BerSequenceGenerator sigGen = new BerSequenceGenerator(
+				sGen.GetRawOutputStream(), 0, true);
+
+            bool isCounterSignature = (signedContentType == null);
+
+            DerObjectIdentifier contentTypeOid = isCounterSignature
+                ? null
+                : new DerObjectIdentifier(signedContentType);
+
+            sigGen.AddObject(CalculateVersion(contentTypeOid));
+
+			Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
+
+			foreach (string digestOid in _messageDigestOids)
+            {
+				digestAlgs.Add(
+            		new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance));
+            }
+
+            {
+				byte[] tmp = new DerSet(digestAlgs).GetEncoded();
+				sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length);
+			}
+
+			BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream());
+            eiGen.AddObject(contentTypeOid);
+
+        	// If encapsulating, add the data as an octet string in the sequence
+			Stream encapStream = encapsulate
+				?	CmsUtilities.CreateBerOctetOutputStream(eiGen.GetRawOutputStream(), 0, true, _bufferSize)
+				:	null;
+
+        	// Also send the data to 'dataOutputStream' if necessary
+			Stream teeStream = GetSafeTeeOutputStream(dataOutputStream, encapStream);
+
+        	// Let all the digests see the data as it is written
+			Stream digStream = AttachDigestsToOutputStream(_messageDigests.Values, teeStream);
+
+			return new CmsSignedDataOutputStream(this, digStream, signedContentType, sGen, sigGen, eiGen);
+        }
+
+		private void RegisterDigestOid(
+			string digestOid)
+		{
+       		if (_messageDigestsLocked)
+       		{
+       			if (!_messageDigestOids.Contains(digestOid))
+					throw new InvalidOperationException("Cannot register new digest OIDs after the data stream is opened");
+       		}
+       		else
+       		{
+				_messageDigestOids.Add(digestOid);
+       		}
+		}
+
+		private void ConfigureDigest(
+			string digestOid)
+		{
+       		RegisterDigestOid(digestOid);
+
+       		string digestName = Helper.GetDigestAlgName(digestOid);
+			IDigest dig = (IDigest)_messageDigests[digestName];
+			if (dig == null)
+			{
+				if (_messageDigestsLocked)
+					throw new InvalidOperationException("Cannot configure new digests after the data stream is opened");
+
+            	dig = Helper.GetDigestInstance(digestName);
+            	_messageDigests[digestName] = dig;
+            }
+		}
+
+		// TODO Make public?
+		internal void Generate(
+			Stream			outStream,
+			string			eContentType,
+			bool			encapsulate,
+			Stream			dataOutputStream,
+			CmsProcessable	content)
+		{
+			Stream signedOut = Open(outStream, eContentType, encapsulate, dataOutputStream);
+			if (content != null)
+			{
+				content.Write(signedOut);
+			}
+            Platform.Dispose(signedOut);
+		}
+
+		// RFC3852, section 5.1:
+		// IF ((certificates is present) AND
+		//    (any certificates with a type of other are present)) OR
+		//    ((crls is present) AND
+		//    (any crls with a type of other are present))
+		// THEN version MUST be 5
+		// ELSE
+		//    IF (certificates is present) AND
+		//       (any version 2 attribute certificates are present)
+		//    THEN version MUST be 4
+		//    ELSE
+		//       IF ((certificates is present) AND
+		//          (any version 1 attribute certificates are present)) OR
+		//          (any SignerInfo structures are version 3) OR
+		//          (encapContentInfo eContentType is other than id-data)
+		//       THEN version MUST be 3
+		//       ELSE version MUST be 1
+		//
+		private DerInteger CalculateVersion(
+			DerObjectIdentifier contentOid)
+		{
+			bool otherCert = false;
+			bool otherCrl = false;
+			bool attrCertV1Found = false;
+			bool attrCertV2Found = false;
+
+			if (_certs != null)
+			{
+				foreach (object obj in _certs)
+				{
+					if (obj is Asn1TaggedObject)
+					{
+						Asn1TaggedObject tagged = (Asn1TaggedObject) obj;
+
+						if (tagged.TagNo == 1)
+						{
+							attrCertV1Found = true;
+						}
+						else if (tagged.TagNo == 2)
+						{
+							attrCertV2Found = true;
+						}
+						else if (tagged.TagNo == 3)
+						{
+							otherCert = true;
+							break;
+						}
+					}
+				}
+			}
+
+			if (otherCert)
+			{
+				return new DerInteger(5);
+			}
+
+			if (_crls != null)
+			{
+				foreach (object obj in _crls)
+				{
+					if (obj is Asn1TaggedObject)
+					{
+						otherCrl = true;
+						break;
+					}
+				}
+			}
+
+			if (otherCrl)
+			{
+				return new DerInteger(5);
+			}
+
+			if (attrCertV2Found)
+			{
+				return new DerInteger(4);
+			}
+
+            if (attrCertV1Found || !CmsObjectIdentifiers.Data.Equals(contentOid) || CheckForVersion3(_signers))
+            {
+                return new DerInteger(3);
+            }
+
+            return new DerInteger(1);
+        }
+
+		private bool CheckForVersion3(
+			IList signerInfos)
+		{
+			foreach (SignerInformation si in signerInfos)
+			{
+				SignerInfo s = SignerInfo.GetInstance(si.ToSignerInfo());
+
+				if (s.Version.Value.IntValue == 3)
+				{
+					return true;
+				}
+			}
+
+			return false;
+		}
+
+		private static Stream AttachDigestsToOutputStream(ICollection digests, Stream s)
+		{
+			Stream result = s;
+			foreach (IDigest digest in digests)
+			{
+				result = GetSafeTeeOutputStream(result, new DigOutputStream(digest));
+			}
+			return result;
+		}
+
+		private static Stream GetSafeOutputStream(Stream s)
+		{
+			if (s == null)
+				return new NullOutputStream();
+			return s;
+		}
+
+		private static Stream GetSafeTeeOutputStream(Stream s1, Stream s2)
+		{
+			if (s1 == null)
+				return GetSafeOutputStream(s2);
+			if (s2 == null)
+				return GetSafeOutputStream(s1);
+			return new TeeOutputStream(s1, s2);
+		}
+
+		private class CmsSignedDataOutputStream
+            : BaseOutputStream
+        {
+			private readonly CmsSignedDataStreamGenerator outer;
+
+			private Stream					_out;
+            private DerObjectIdentifier		_contentOID;
+            private BerSequenceGenerator	_sGen;
+            private BerSequenceGenerator	_sigGen;
+            private BerSequenceGenerator	_eiGen;
+
+			public CmsSignedDataOutputStream(
+				CmsSignedDataStreamGenerator	outer,
+				Stream							outStream,
+                string							contentOID,
+                BerSequenceGenerator			sGen,
+                BerSequenceGenerator			sigGen,
+                BerSequenceGenerator			eiGen)
+            {
+				this.outer = outer;
+
+				_out = outStream;
+                _contentOID = new DerObjectIdentifier(contentOID);
+                _sGen = sGen;
+                _sigGen = sigGen;
+                _eiGen = eiGen;
+            }
+
+			public override void WriteByte(
+                byte b)
+            {
+                _out.WriteByte(b);
+            }
+
+			public override void Write(
+                byte[]	bytes,
+                int		off,
+                int		len)
+            {
+                _out.Write(bytes, off, len);
+            }
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+                    DoClose();
+                }
+                base.Dispose(disposing);
+            }
+#else
+			public override void Close()
+            {
+                DoClose();
+				base.Close();
+			}
+#endif
+
+            private void DoClose()
+            {
+                Platform.Dispose(_out);
+
+                // TODO Parent context(s) should really be be closed explicitly
+
+                _eiGen.Close();
+
+				outer._digests.Clear();    // clear the current preserved digest state
+
+				if (outer._certs.Count > 0)
+				{
+					Asn1Set certs = CmsUtilities.CreateBerSetFromList(outer._certs);
+
+					WriteToGenerator(_sigGen, new BerTaggedObject(false, 0, certs));
+				}
+
+				if (outer._crls.Count > 0)
+				{
+					Asn1Set crls = CmsUtilities.CreateBerSetFromList(outer._crls);
+
+					WriteToGenerator(_sigGen, new BerTaggedObject(false, 1, crls));
+				}
+
+				//
+				// Calculate the digest hashes
+				//
+				foreach (DictionaryEntry de in outer._messageDigests)
+				{
+					outer._messageHashes.Add(de.Key, DigestUtilities.DoFinal((IDigest)de.Value));
+				}
+
+				// TODO If the digest OIDs for precalculated signers weren't mixed in with
+				// the others, we could fill in outer._digests here, instead of SignerInfoGenerator.Generate
+
+				//
+				// collect all the SignerInfo objects
+				//
+                Asn1EncodableVector signerInfos = new Asn1EncodableVector();
+
+				//
+                // add the generated SignerInfo objects
+                //
+				{
+					foreach (DigestAndSignerInfoGeneratorHolder holder in outer._signerInfs)
+					{
+						AlgorithmIdentifier digestAlgorithm = holder.DigestAlgorithm;
+
+						byte[] calculatedDigest = (byte[])outer._messageHashes[
+							Helper.GetDigestAlgName(holder.digestOID)];
+						outer._digests[holder.digestOID] = calculatedDigest.Clone();
+
+						signerInfos.Add(holder.signerInf.Generate(_contentOID, digestAlgorithm, calculatedDigest));
+	                }
+				}
+
+				//
+                // add the precalculated SignerInfo objects.
+                //
+				{
+					foreach (SignerInformation signer in outer._signers)
+					{
+						// TODO Verify the content type and calculated digest match the precalculated SignerInfo
+//						if (!signer.ContentType.Equals(_contentOID))
+//						{
+//							// TODO The precalculated content type did not match - error?
+//						}
+//
+//						byte[] calculatedDigest = (byte[])outer._digests[signer.DigestAlgOid];
+//						if (calculatedDigest == null)
+//						{
+//							// TODO We can't confirm this digest because we didn't calculate it - error?
+//						}
+//						else
+//						{
+//							if (!Arrays.AreEqual(signer.GetContentDigest(), calculatedDigest))
+//							{
+//								// TODO The precalculated digest did not match - error?
+//							}
+//						}
+
+						signerInfos.Add(signer.ToSignerInfo());
+	                }
+				}
+
+				WriteToGenerator(_sigGen, new DerSet(signerInfos));
+
+				_sigGen.Close();
+                _sGen.Close();
+            }
+
+			private static void WriteToGenerator(
+				Asn1Generator	ag,
+				Asn1Encodable	ae)
+			{
+				byte[] encoded = ae.GetEncoded();
+				ag.GetRawOutputStream().Write(encoded, 0, encoded.Length);
+			}
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedGenerator.cs b/bc-sharp-crypto/src/cms/CMSSignedGenerator.cs
new file mode 100644
index 0000000..0fb1f31
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedGenerator.cs
@@ -0,0 +1,267 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    public class DefaultDigestAlgorithmIdentifierFinder
+    {
+        private static readonly IDictionary digestOids = Platform.CreateHashtable();
+        private static readonly IDictionary digestNameToOids = Platform.CreateHashtable();
+
+        static DefaultDigestAlgorithmIdentifierFinder()
+        {
+            //
+            // digests
+            //
+            digestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
+            digestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4);
+            digestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1);
+
+            digestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224);
+            digestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256);
+            digestOids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, NistObjectIdentifiers.IdSha384);
+            digestOids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, NistObjectIdentifiers.IdSha512);
+            digestOids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, PkcsObjectIdentifiers.MD2);
+            digestOids.Add(PkcsObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4);
+            digestOids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, PkcsObjectIdentifiers.MD5);
+            digestOids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, OiwObjectIdentifiers.IdSha1);
+
+            digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha1, OiwObjectIdentifiers.IdSha1);
+            digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha224, NistObjectIdentifiers.IdSha224);
+            digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha256, NistObjectIdentifiers.IdSha256);
+            digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha384, NistObjectIdentifiers.IdSha384);
+            digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha512, NistObjectIdentifiers.IdSha512);
+            digestOids.Add(X9ObjectIdentifiers.IdDsaWithSha1, OiwObjectIdentifiers.IdSha1);
+
+            digestOids.Add(NistObjectIdentifiers.DsaWithSha224, NistObjectIdentifiers.IdSha224);
+            digestOids.Add(NistObjectIdentifiers.DsaWithSha256, NistObjectIdentifiers.IdSha256);
+            digestOids.Add(NistObjectIdentifiers.DsaWithSha384, NistObjectIdentifiers.IdSha384);
+            digestOids.Add(NistObjectIdentifiers.DsaWithSha512, NistObjectIdentifiers.IdSha512);
+
+            digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, TeleTrusTObjectIdentifiers.RipeMD128);
+            digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, TeleTrusTObjectIdentifiers.RipeMD160);
+            digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, TeleTrusTObjectIdentifiers.RipeMD256);
+
+            digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, CryptoProObjectIdentifiers.GostR3411);
+            digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, CryptoProObjectIdentifiers.GostR3411);
+
+            digestNameToOids.Add("SHA-1", OiwObjectIdentifiers.IdSha1);
+            digestNameToOids.Add("SHA-224", NistObjectIdentifiers.IdSha224);
+            digestNameToOids.Add("SHA-256", NistObjectIdentifiers.IdSha256);
+            digestNameToOids.Add("SHA-384", NistObjectIdentifiers.IdSha384);
+            digestNameToOids.Add("SHA-512", NistObjectIdentifiers.IdSha512);
+
+            digestNameToOids.Add("SHA1", OiwObjectIdentifiers.IdSha1);
+            digestNameToOids.Add("SHA224", NistObjectIdentifiers.IdSha224);
+            digestNameToOids.Add("SHA256", NistObjectIdentifiers.IdSha256);
+            digestNameToOids.Add("SHA384", NistObjectIdentifiers.IdSha384);
+            digestNameToOids.Add("SHA512", NistObjectIdentifiers.IdSha512);
+
+            digestNameToOids.Add("SHA3-224", NistObjectIdentifiers.IdSha3_224);
+            digestNameToOids.Add("SHA3-256", NistObjectIdentifiers.IdSha3_256);
+            digestNameToOids.Add("SHA3-384", NistObjectIdentifiers.IdSha3_384);
+            digestNameToOids.Add("SHA3-512", NistObjectIdentifiers.IdSha3_512);
+
+            digestNameToOids.Add("SHAKE-128", NistObjectIdentifiers.IdShake128);
+            digestNameToOids.Add("SHAKE-256", NistObjectIdentifiers.IdShake256);
+
+            digestNameToOids.Add("GOST3411", CryptoProObjectIdentifiers.GostR3411);
+
+            digestNameToOids.Add("MD2", PkcsObjectIdentifiers.MD2);
+            digestNameToOids.Add("MD4", PkcsObjectIdentifiers.MD4);
+            digestNameToOids.Add("MD5", PkcsObjectIdentifiers.MD5);
+
+            digestNameToOids.Add("RIPEMD128", TeleTrusTObjectIdentifiers.RipeMD128);
+            digestNameToOids.Add("RIPEMD160", TeleTrusTObjectIdentifiers.RipeMD160);
+            digestNameToOids.Add("RIPEMD256", TeleTrusTObjectIdentifiers.RipeMD256);
+        }
+
+        public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId)
+        {
+            AlgorithmIdentifier digAlgId;
+
+            if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+            {
+                digAlgId = RsassaPssParameters.GetInstance(sigAlgId.Parameters).HashAlgorithm;
+            }
+            else
+            {
+                digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigAlgId.Algorithm], DerNull.Instance);
+            }
+
+            return digAlgId;
+        }
+
+        public AlgorithmIdentifier find(String digAlgName)
+        {
+            return new AlgorithmIdentifier((DerObjectIdentifier)digestNameToOids[digAlgName], DerNull.Instance);
+        }
+    }
+
+    public class CmsSignedGenerator
+    {
+        /**
+        * Default type for the signed data.
+        */
+        public static readonly string Data = CmsObjectIdentifiers.Data.Id;
+
+        public static readonly string DigestSha1 = OiwObjectIdentifiers.IdSha1.Id;
+        public static readonly string DigestSha224 = NistObjectIdentifiers.IdSha224.Id;
+        public static readonly string DigestSha256 = NistObjectIdentifiers.IdSha256.Id;
+        public static readonly string DigestSha384 = NistObjectIdentifiers.IdSha384.Id;
+        public static readonly string DigestSha512 = NistObjectIdentifiers.IdSha512.Id;
+        public static readonly string DigestMD5 = PkcsObjectIdentifiers.MD5.Id;
+        public static readonly string DigestGost3411 = CryptoProObjectIdentifiers.GostR3411.Id;
+        public static readonly string DigestRipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id;
+        public static readonly string DigestRipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id;
+        public static readonly string DigestRipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id;
+
+        public static readonly string EncryptionRsa = PkcsObjectIdentifiers.RsaEncryption.Id;
+        public static readonly string EncryptionDsa = X9ObjectIdentifiers.IdDsaWithSha1.Id;
+        public static readonly string EncryptionECDsa = X9ObjectIdentifiers.ECDsaWithSha1.Id;
+        public static readonly string EncryptionRsaPss = PkcsObjectIdentifiers.IdRsassaPss.Id;
+        public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id;
+        public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id;
+
+        internal IList _certs = Platform.CreateArrayList();
+        internal IList _crls = Platform.CreateArrayList();
+        internal IList _signers = Platform.CreateArrayList();
+        internal IDictionary _digests = Platform.CreateHashtable();
+
+        protected readonly SecureRandom rand;
+
+        protected CmsSignedGenerator()
+            : this(new SecureRandom())
+        {
+        }
+
+        /// <summary>Constructor allowing specific source of randomness</summary>
+        /// <param name="rand">Instance of <c>SecureRandom</c> to use.</param>
+        protected CmsSignedGenerator(
+            SecureRandom rand)
+        {
+            this.rand = rand;
+        }
+
+        internal protected virtual IDictionary GetBaseParameters(
+            DerObjectIdentifier contentType,
+            AlgorithmIdentifier digAlgId,
+            byte[] hash)
+        {
+            IDictionary param = Platform.CreateHashtable();
+
+            if (contentType != null)
+            {
+                param[CmsAttributeTableParameter.ContentType] = contentType;
+            }
+
+            param[CmsAttributeTableParameter.DigestAlgorithmIdentifier] = digAlgId;
+            param[CmsAttributeTableParameter.Digest] = hash.Clone();
+
+            return param;
+        }
+
+        internal protected virtual Asn1Set GetAttributeSet(
+            Asn1.Cms.AttributeTable attr)
+        {
+            return attr == null
+                ? null
+                : new DerSet(attr.ToAsn1EncodableVector());
+        }
+
+        public void AddCertificates(
+            IX509Store certStore)
+        {
+            CollectionUtilities.AddRange(_certs, CmsUtilities.GetCertificatesFromStore(certStore));
+        }
+
+        public void AddCrls(
+            IX509Store crlStore)
+        {
+            CollectionUtilities.AddRange(_crls, CmsUtilities.GetCrlsFromStore(crlStore));
+        }
+
+        /**
+		* Add the attribute certificates contained in the passed in store to the
+		* generator.
+		*
+		* @param store a store of Version 2 attribute certificates
+		* @throws CmsException if an error occurse processing the store.
+		*/
+        public void AddAttributeCertificates(
+            IX509Store store)
+        {
+            try
+            {
+                foreach (IX509AttributeCertificate attrCert in store.GetMatches(null))
+                {
+                    _certs.Add(new DerTaggedObject(false, 2,
+                        AttributeCertificate.GetInstance(Asn1Object.FromByteArray(attrCert.GetEncoded()))));
+                }
+            }
+            catch (Exception e)
+            {
+                throw new CmsException("error processing attribute certs", e);
+            }
+        }
+
+        /**
+		 * Add a store of precalculated signers to the generator.
+		 *
+		 * @param signerStore store of signers
+		 */
+        public void AddSigners(
+            SignerInformationStore signerStore)
+        {
+            foreach (SignerInformation o in signerStore.GetSigners())
+            {
+                _signers.Add(o);
+                AddSignerCallback(o);
+            }
+        }
+
+        /**
+		 * Return a map of oids and byte arrays representing the digests calculated on the content during
+		 * the last generate.
+		 *
+		 * @return a map of oids (as String objects) and byte[] representing digests.
+		 */
+        public IDictionary GetGeneratedDigests()
+        {
+            return Platform.CreateHashtable(_digests);
+        }
+
+        internal virtual void AddSignerCallback(
+            SignerInformation si)
+        {
+        }
+
+        internal static SignerIdentifier GetSignerIdentifier(X509Certificate cert)
+        {
+            return new SignerIdentifier(CmsUtilities.GetIssuerAndSerialNumber(cert));
+        }
+
+        internal static SignerIdentifier GetSignerIdentifier(byte[] subjectKeyIdentifier)
+        {
+            return new SignerIdentifier(new DerOctetString(subjectKeyIdentifier));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSSignedHelper.cs b/bc-sharp-crypto/src/cms/CMSSignedHelper.cs
new file mode 100644
index 0000000..5b6c93b
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSSignedHelper.cs
@@ -0,0 +1,426 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Eac;
+using Org.BouncyCastle.Asn1.Iana;
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Cms
+{
+    internal class CmsSignedHelper
+    {
+        internal static readonly CmsSignedHelper Instance = new CmsSignedHelper();
+
+        private static readonly string EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id;
+        private static readonly string EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id;
+        private static readonly string EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id;
+        private static readonly string EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id;
+        private static readonly string EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id;
+
+        private static readonly IDictionary encryptionAlgs = Platform.CreateHashtable();
+        private static readonly IDictionary digestAlgs = Platform.CreateHashtable();
+        private static readonly IDictionary digestAliases = Platform.CreateHashtable();
+
+        private static readonly ISet noParams = new HashSet();
+        private static readonly IDictionary ecAlgorithms = Platform.CreateHashtable();
+
+        private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption)
+		{
+			string alias = oid.Id;
+			digestAlgs.Add(alias, digest);
+			encryptionAlgs.Add(alias, encryption);
+		}
+
+		static CmsSignedHelper()
+		{
+			AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA");
+			AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA");
+			AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA");
+			AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA");
+			AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+			AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA");
+			AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA");
+			AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA");
+			AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA");
+			AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
+			AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
+
+			encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA");
+			encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA");
+			encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm, "RSA");
+			encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA");
+			encryptionAlgs.Add(CmsSignedGenerator.EncryptionRsaPss, "RSAandMGF1");
+			encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410");
+			encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410");
+			encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
+			encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
+
+			digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2");
+			digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4");
+			digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
+			digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
+			digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
+			digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
+			digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id,  "GOST3411");
+			digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1",  "GOST3411");
+
+			digestAliases.Add("SHA1", new string[] { "SHA-1" });
+			digestAliases.Add("SHA224", new string[] { "SHA-224" });
+			digestAliases.Add("SHA256", new string[] { "SHA-256" });
+			digestAliases.Add("SHA384", new string[] { "SHA-384" });
+			digestAliases.Add("SHA512", new string[] { "SHA-512" });
+
+            noParams.Add(CmsSignedGenerator.EncryptionDsa);
+            //			noParams.Add(EncryptionECDsa);
+            noParams.Add(EncryptionECDsaWithSha1);
+            noParams.Add(EncryptionECDsaWithSha224);
+            noParams.Add(EncryptionECDsaWithSha256);
+            noParams.Add(EncryptionECDsaWithSha384);
+            noParams.Add(EncryptionECDsaWithSha512);
+
+            ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1);
+            ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224);
+            ecAlgorithms.Add(CmsSignedGenerator.DigestSha256, EncryptionECDsaWithSha256);
+            ecAlgorithms.Add(CmsSignedGenerator.DigestSha384, EncryptionECDsaWithSha384);
+            ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512);
+    }
+
+		/**
+        * Return the digest algorithm using one of the standard JCA string
+        * representations rather than the algorithm identifier (if possible).
+        */
+        internal string GetDigestAlgName(
+            string digestAlgOid)
+        {
+			string algName = (string)digestAlgs[digestAlgOid];
+
+			if (algName != null)
+			{
+				return algName;
+			}
+
+			return digestAlgOid;
+        }
+
+    internal AlgorithmIdentifier GetEncAlgorithmIdentifier(
+    DerObjectIdentifier encOid,
+    Asn1Encodable sigX509Parameters)
+    {
+        if (noParams.Contains(encOid.Id))
+        {
+            return new AlgorithmIdentifier(encOid);
+        }
+
+        return new AlgorithmIdentifier(encOid, sigX509Parameters);
+    }
+
+    internal string[] GetDigestAliases(
+			string algName)
+		{
+			string[] aliases = (string[]) digestAliases[algName];
+
+			return aliases == null ? new String[0] : (string[]) aliases.Clone();
+		}
+
+		/**
+        * Return the digest encryption algorithm using one of the standard
+        * JCA string representations rather than the algorithm identifier (if
+        * possible).
+        */
+        internal string GetEncryptionAlgName(
+            string encryptionAlgOid)
+        {
+			string algName = (string) encryptionAlgs[encryptionAlgOid];
+
+			if (algName != null)
+			{
+				return algName;
+			}
+
+			return encryptionAlgOid;
+        }
+
+		internal IDigest GetDigestInstance(
+			string algorithm)
+		{
+			try
+			{
+				return DigestUtilities.GetDigest(algorithm);
+			}
+			catch (SecurityUtilityException e)
+			{
+				// This is probably superfluous on C#, since no provider infrastructure,
+				// assuming DigestUtilities already knows all the aliases
+				foreach (string alias in GetDigestAliases(algorithm))
+				{
+					try { return DigestUtilities.GetDigest(alias); }
+					catch (SecurityUtilityException) {}
+				}
+				throw e;
+			}
+		}
+
+		internal ISigner GetSignatureInstance(
+			string algorithm)
+		{
+			return SignerUtilities.GetSigner(algorithm);
+		}
+
+		internal IX509Store CreateAttributeStore(
+			string	type,
+			Asn1Set	certSet)
+		{
+			IList certs = Platform.CreateArrayList();
+
+			if (certSet != null)
+			{
+				foreach (Asn1Encodable ae in certSet)
+				{
+					try
+					{
+						Asn1Object obj = ae.ToAsn1Object();
+
+						if (obj is Asn1TaggedObject)
+						{
+							Asn1TaggedObject tagged = (Asn1TaggedObject)obj;
+
+							if (tagged.TagNo == 2)
+							{
+								certs.Add(
+									new X509V2AttributeCertificate(
+										Asn1Sequence.GetInstance(tagged, false).GetEncoded()));
+							}
+						}
+					}
+					catch (Exception ex)
+					{
+						throw new CmsException("can't re-encode attribute certificate!", ex);
+					}
+				}
+			}
+
+			try
+			{
+				return X509StoreFactory.Create(
+					"AttributeCertificate/" + type,
+					new X509CollectionStoreParameters(certs));
+			}
+			catch (ArgumentException e)
+			{
+				throw new CmsException("can't setup the X509Store", e);
+			}
+		}
+
+		internal IX509Store CreateCertificateStore(
+			string	type,
+			Asn1Set	certSet)
+		{
+			IList certs = Platform.CreateArrayList();
+
+			if (certSet != null)
+			{
+				AddCertsFromSet(certs, certSet);
+			}
+
+			try
+			{
+				return X509StoreFactory.Create(
+					"Certificate/" + type,
+					new X509CollectionStoreParameters(certs));
+			}
+			catch (ArgumentException e)
+			{
+				throw new CmsException("can't setup the X509Store", e);
+			}
+		}
+
+		internal IX509Store CreateCrlStore(
+			string	type,
+			Asn1Set	crlSet)
+		{
+			IList crls = Platform.CreateArrayList();
+
+			if (crlSet != null)
+			{
+				AddCrlsFromSet(crls, crlSet);
+			}
+
+			try
+			{
+				return X509StoreFactory.Create(
+					"CRL/" + type,
+					new X509CollectionStoreParameters(crls));
+			}
+			catch (ArgumentException e)
+			{
+				throw new CmsException("can't setup the X509Store", e);
+			}
+		}
+
+		private void AddCertsFromSet(
+			IList	certs,
+			Asn1Set	certSet)
+		{
+			X509CertificateParser cf = new X509CertificateParser();
+
+			foreach (Asn1Encodable ae in certSet)
+			{
+				try
+				{
+					Asn1Object obj = ae.ToAsn1Object();
+
+					if (obj is Asn1Sequence)
+					{
+						// TODO Build certificate directly from sequence?
+						certs.Add(cf.ReadCertificate(obj.GetEncoded()));
+					}
+				}
+				catch (Exception ex)
+				{
+					throw new CmsException("can't re-encode certificate!", ex);
+				}
+			}
+		}
+
+		private void AddCrlsFromSet(
+			IList	crls,
+			Asn1Set	crlSet)
+		{
+			X509CrlParser cf = new X509CrlParser();
+
+			foreach (Asn1Encodable ae in crlSet)
+			{
+				try
+				{
+					// TODO Build CRL directly from ae.ToAsn1Object()?
+					crls.Add(cf.ReadCrl(ae.GetEncoded()));
+				}
+				catch (Exception ex)
+				{
+					throw new CmsException("can't re-encode CRL!", ex);
+				}
+			}
+		}
+
+		internal AlgorithmIdentifier FixAlgID(
+			AlgorithmIdentifier algId)
+		{
+			if (algId.Parameters == null)
+                return new AlgorithmIdentifier(algId.Algorithm, DerNull.Instance);
+
+			return algId;
+		}
+
+        internal string GetEncOid(
+            AsymmetricKeyParameter key,
+            string digestOID)
+        {
+            string encOID = null;
+
+            if (key is RsaKeyParameters)
+            {
+                if (!((RsaKeyParameters)key).IsPrivate)
+                    throw new ArgumentException("Expected RSA private key");
+
+                encOID = CmsSignedGenerator.EncryptionRsa;
+            }
+            else if (key is DsaPrivateKeyParameters)
+            {
+                if (digestOID.Equals(CmsSignedGenerator.DigestSha1))
+                {
+                    encOID = CmsSignedGenerator.EncryptionDsa;
+                }
+                else if (digestOID.Equals(CmsSignedGenerator.DigestSha224))
+                {
+                    encOID = NistObjectIdentifiers.DsaWithSha224.Id;
+                }
+                else if (digestOID.Equals(CmsSignedGenerator.DigestSha256))
+                {
+                    encOID = NistObjectIdentifiers.DsaWithSha256.Id;
+                }
+                else if (digestOID.Equals(CmsSignedGenerator.DigestSha384))
+                {
+                    encOID = NistObjectIdentifiers.DsaWithSha384.Id;
+                }
+                else if (digestOID.Equals(CmsSignedGenerator.DigestSha512))
+                {
+                    encOID = NistObjectIdentifiers.DsaWithSha512.Id;
+                }
+                else
+                {
+                    throw new ArgumentException("can't mix DSA with anything but SHA1/SHA2");
+                }
+            }
+            else if (key is ECPrivateKeyParameters)
+            {
+                ECPrivateKeyParameters ecPrivKey = (ECPrivateKeyParameters)key;
+                string algName = ecPrivKey.AlgorithmName;
+
+                if (algName == "ECGOST3410")
+                {
+                    encOID = CmsSignedGenerator.EncryptionECGost3410;
+                }
+                else
+                {
+                    // TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does?
+                    encOID = (string)ecAlgorithms[digestOID];
+
+                    if (encOID == null)
+                        throw new ArgumentException("can't mix ECDSA with anything but SHA family digests");
+                }
+            }
+            else if (key is Gost3410PrivateKeyParameters)
+            {
+                encOID = CmsSignedGenerator.EncryptionGost3410;
+            }
+            else
+            {
+                throw new ArgumentException("Unknown algorithm in CmsSignedGenerator.GetEncOid");
+            }
+
+            return encOID;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSStreamException.cs b/bc-sharp-crypto/src/cms/CMSStreamException.cs
new file mode 100644
index 0000000..68a8be0
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSStreamException.cs
@@ -0,0 +1,29 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CmsStreamException
+        : IOException
+    {
+		public CmsStreamException()
+		{
+		}
+
+		public CmsStreamException(
+			string name)
+			: base(name)
+        {
+        }
+
+		public CmsStreamException(
+			string		name,
+			Exception	e)
+			: base(name, e)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/CMSTypedStream.cs b/bc-sharp-crypto/src/cms/CMSTypedStream.cs
new file mode 100644
index 0000000..6815837
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSTypedStream.cs
@@ -0,0 +1,72 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class CmsTypedStream
+	{
+		private const int BufferSize = 32 * 1024;
+
+		private readonly string	_oid;
+		private readonly Stream	_in;
+
+		public CmsTypedStream(
+			Stream inStream)
+			: this(PkcsObjectIdentifiers.Data.Id, inStream, BufferSize)
+		{
+		}
+
+		public CmsTypedStream(
+			string oid,
+			Stream inStream)
+			: this(oid, inStream, BufferSize)
+		{
+		}
+
+		public CmsTypedStream(
+			string	oid,
+			Stream	inStream,
+			int		bufSize)
+		{
+			_oid = oid;
+#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE
+			_in = new FullReaderStream(inStream);
+#else
+			_in = new FullReaderStream(new BufferedStream(inStream, bufSize));
+#endif
+		}
+
+		public string ContentType
+		{
+			get { return _oid; }
+		}
+
+		public Stream ContentStream
+		{
+			get { return _in; }
+		}
+
+		public void Drain()
+		{
+			Streams.Drain(_in);
+            Platform.Dispose(_in);
+		}
+
+		private class FullReaderStream : FilterStream
+		{
+			internal FullReaderStream(Stream input)
+				: base(input)
+			{
+			}
+
+			public override int Read(byte[]	buf, int off, int len)
+			{
+				return Streams.ReadFully(base.s, buf, off, len);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CMSUtils.cs b/bc-sharp-crypto/src/cms/CMSUtils.cs
new file mode 100644
index 0000000..95d7106
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CMSUtils.cs
@@ -0,0 +1,186 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    internal class CmsUtilities
+    {
+		// TODO Is there a .NET equivalent to this?
+//		private static readonly Runtime RUNTIME = Runtime.getRuntime();
+
+		internal static int MaximumMemory
+		{
+			get
+			{
+				// TODO Is there a .NET equivalent to this?
+				long maxMem = int.MaxValue;//RUNTIME.maxMemory();
+
+				if (maxMem > int.MaxValue)
+				{
+					return int.MaxValue;
+				}
+
+				return (int)maxMem;
+			}
+		}
+
+		internal static ContentInfo ReadContentInfo(
+			byte[] input)
+		{
+			// enforce limit checking as from a byte array
+			return ReadContentInfo(new Asn1InputStream(input));
+		}
+
+		internal static ContentInfo ReadContentInfo(
+			Stream input)
+		{
+			// enforce some limit checking
+			return ReadContentInfo(new Asn1InputStream(input, MaximumMemory));
+		}
+
+		private static ContentInfo ReadContentInfo(
+			Asn1InputStream aIn)
+		{
+			try
+			{
+				return ContentInfo.GetInstance(aIn.ReadObject());
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("IOException reading content.", e);
+			}
+			catch (InvalidCastException e)
+			{
+				throw new CmsException("Malformed content.", e);
+			}
+			catch (ArgumentException e)
+			{
+				throw new CmsException("Malformed content.", e);
+			}
+		}
+
+		public static byte[] StreamToByteArray(
+            Stream inStream)
+        {
+			return Streams.ReadAll(inStream);
+        }
+
+		public static byte[] StreamToByteArray(
+            Stream	inStream,
+			int		limit)
+        {
+			return Streams.ReadAllLimited(inStream, limit);
+        }
+
+		public static IList GetCertificatesFromStore(
+			IX509Store certStore)
+		{
+			try
+			{
+				IList certs = Platform.CreateArrayList();
+
+				if (certStore != null)
+				{
+					foreach (X509Certificate c in certStore.GetMatches(null))
+					{
+						certs.Add(
+							X509CertificateStructure.GetInstance(
+								Asn1Object.FromByteArray(c.GetEncoded())));
+					}
+				}
+
+				return certs;
+			}
+			catch (CertificateEncodingException e)
+			{
+				throw new CmsException("error encoding certs", e);
+			}
+			catch (Exception e)
+			{
+				throw new CmsException("error processing certs", e);
+			}
+		}
+
+		public static IList GetCrlsFromStore(
+			IX509Store crlStore)
+		{
+			try
+			{
+                IList crls = Platform.CreateArrayList();
+
+				if (crlStore != null)
+				{
+					foreach (X509Crl c in crlStore.GetMatches(null))
+					{
+						crls.Add(
+							CertificateList.GetInstance(
+								Asn1Object.FromByteArray(c.GetEncoded())));
+					}
+				}
+
+				return crls;
+			}
+			catch (CrlException e)
+			{
+				throw new CmsException("error encoding crls", e);
+			}
+			catch (Exception e)
+			{
+				throw new CmsException("error processing crls", e);
+			}
+		}
+
+		public static Asn1Set CreateBerSetFromList(
+			IList berObjects)
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			foreach (Asn1Encodable ae in berObjects)
+			{
+				v.Add(ae);
+			}
+
+			return new BerSet(v);
+		}
+
+		public static Asn1Set CreateDerSetFromList(
+			IList derObjects)
+		{
+			Asn1EncodableVector v = new Asn1EncodableVector();
+
+			foreach (Asn1Encodable ae in derObjects)
+			{
+				v.Add(ae);
+			}
+
+			return new DerSet(v);
+		}
+
+		internal static Stream CreateBerOctetOutputStream(Stream s, int tagNo, bool isExplicit, int bufferSize)
+		{
+			BerOctetStringGenerator octGen = new BerOctetStringGenerator(s, tagNo, isExplicit);
+			return octGen.GetOctetOutputStream(bufferSize);
+		}
+
+		internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert)
+		{
+			return TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetTbsCertificate()));
+		}
+
+		internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509Certificate cert)
+		{
+			TbsCertificateStructure tbsCert = GetTbsCertificateStructure(cert);
+			return new IssuerAndSerialNumber(tbsCert.Issuer, tbsCert.SerialNumber.Value);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/CounterSignatureDigestCalculator.cs b/bc-sharp-crypto/src/cms/CounterSignatureDigestCalculator.cs
new file mode 100644
index 0000000..6f8bf65
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/CounterSignatureDigestCalculator.cs
@@ -0,0 +1,28 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class CounterSignatureDigestCalculator
+		: IDigestCalculator
+	{
+		private readonly string alg;
+		private readonly byte[] data;
+
+		internal CounterSignatureDigestCalculator(
+			string	alg,
+			byte[]	data)
+		{
+			this.alg = alg;
+			this.data = data;
+		}
+
+		public byte[] GetDigest()
+		{
+			IDigest digest = CmsSignedHelper.Instance.GetDigestInstance(alg);
+			return DigestUtilities.DoFinal(digest, data);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs b/bc-sharp-crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs
new file mode 100644
index 0000000..d49b1d9
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs
@@ -0,0 +1,90 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * Default authenticated attributes generator.
+	 */
+	public class DefaultAuthenticatedAttributeTableGenerator
+		: CmsAttributeTableGenerator
+	{
+		private readonly IDictionary table;
+
+		/**
+		 * Initialise to use all defaults
+		 */
+		public DefaultAuthenticatedAttributeTableGenerator()
+		{
+			table = Platform.CreateHashtable();
+		}
+
+		/**
+		 * Initialise with some extra attributes or overrides.
+		 *
+		 * @param attributeTable initial attribute table to use.
+		 */
+		public DefaultAuthenticatedAttributeTableGenerator(
+			AttributeTable attributeTable)
+		{
+			if (attributeTable != null)
+			{
+				table = attributeTable.ToDictionary();
+			}
+			else
+			{
+				table = Platform.CreateHashtable();
+			}
+		}
+
+		/**
+		 * Create a standard attribute table from the passed in parameters - this will
+		 * normally include contentType and messageDigest. If the constructor
+		 * using an AttributeTable was used, entries in it for contentType and
+		 * messageDigest will override the generated ones.
+		 *
+		 * @param parameters source parameters for table generation.
+		 *
+		 * @return a filled in IDictionary of attributes.
+		 */
+		protected virtual IDictionary CreateStandardAttributeTable(
+			IDictionary parameters)
+		{
+            IDictionary std = Platform.CreateHashtable(table);
+
+			if (!std.Contains(CmsAttributes.ContentType))
+            {
+                DerObjectIdentifier contentType = (DerObjectIdentifier)
+                    parameters[CmsAttributeTableParameter.ContentType];
+                Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.ContentType,
+                    new DerSet(contentType));
+                std[attr.AttrType] = attr;
+            }
+
+			if (!std.Contains(CmsAttributes.MessageDigest))
+            {
+                byte[] messageDigest = (byte[])parameters[CmsAttributeTableParameter.Digest];
+                Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest,
+                    new DerSet(new DerOctetString(messageDigest)));
+                std[attr.AttrType] = attr;
+            }
+
+            return std;
+		}
+
+        /**
+		 * @param parameters source parameters
+		 * @return the populated attribute table
+		 */
+		public virtual AttributeTable GetAttributes(
+			IDictionary parameters)
+		{
+            IDictionary table = CreateStandardAttributeTable(parameters);
+			return new AttributeTable(table);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/DefaultSignedAttributeTableGenerator.cs b/bc-sharp-crypto/src/cms/DefaultSignedAttributeTableGenerator.cs
new file mode 100644
index 0000000..925a98a
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/DefaultSignedAttributeTableGenerator.cs
@@ -0,0 +1,124 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * Default signed attributes generator.
+	 */
+	public class DefaultSignedAttributeTableGenerator
+		: CmsAttributeTableGenerator
+	{
+		private readonly IDictionary table;
+
+		/**
+		 * Initialise to use all defaults
+		 */
+		public DefaultSignedAttributeTableGenerator()
+		{
+			table = Platform.CreateHashtable();
+		}
+
+		/**
+		 * Initialise with some extra attributes or overrides.
+		 *
+		 * @param attributeTable initial attribute table to use.
+		 */
+		public DefaultSignedAttributeTableGenerator(
+			AttributeTable attributeTable)
+		{
+			if (attributeTable != null)
+			{
+				table = attributeTable.ToDictionary();
+			}
+			else
+			{
+				table = Platform.CreateHashtable();
+			}
+		}
+
+#if SILVERLIGHT || PORTABLE
+		/**
+		 * Create a standard attribute table from the passed in parameters - this will
+		 * normally include contentType, signingTime, and messageDigest. If the constructor
+		 * using an AttributeTable was used, entries in it for contentType, signingTime, and
+		 * messageDigest will override the generated ones.
+		 *
+		 * @param parameters source parameters for table generation.
+		 *
+		 * @return a filled in Hashtable of attributes.
+		 */
+		protected virtual IDictionary createStandardAttributeTable(
+			IDictionary parameters)
+		{
+            IDictionary std = Platform.CreateHashtable(table);
+            DoCreateStandardAttributeTable(parameters, std);
+            return std;
+		}
+#else
+        /**
+		 * Create a standard attribute table from the passed in parameters - this will
+		 * normally include contentType, signingTime, and messageDigest. If the constructor
+		 * using an AttributeTable was used, entries in it for contentType, signingTime, and
+		 * messageDigest will override the generated ones.
+		 *
+		 * @param parameters source parameters for table generation.
+		 *
+		 * @return a filled in Hashtable of attributes.
+		 */
+		protected virtual Hashtable createStandardAttributeTable(
+			IDictionary parameters)
+		{
+            Hashtable std = new Hashtable(table);
+            DoCreateStandardAttributeTable(parameters, std);
+			return std;
+		}
+#endif
+
+        private void DoCreateStandardAttributeTable(IDictionary parameters, IDictionary std)
+        {
+            // contentType will be absent if we're trying to generate a counter signature.
+            if (parameters.Contains(CmsAttributeTableParameter.ContentType))
+            {
+                if (!std.Contains(CmsAttributes.ContentType))
+                {
+                    DerObjectIdentifier contentType = (DerObjectIdentifier)
+                        parameters[CmsAttributeTableParameter.ContentType];
+                    Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.ContentType,
+                        new DerSet(contentType));
+                    std[attr.AttrType] = attr;
+                }
+            }
+
+            if (!std.Contains(CmsAttributes.SigningTime))
+            {
+                Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.SigningTime,
+                    new DerSet(new Time(DateTime.UtcNow)));
+                std[attr.AttrType] = attr;
+            }
+
+            if (!std.Contains(CmsAttributes.MessageDigest))
+            {
+                byte[] messageDigest = (byte[])parameters[CmsAttributeTableParameter.Digest];
+                Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest,
+                    new DerSet(new DerOctetString(messageDigest)));
+                std[attr.AttrType] = attr;
+            }
+        }
+
+        /**
+		 * @param parameters source parameters
+		 * @return the populated attribute table
+		 */
+		public virtual AttributeTable GetAttributes(
+			IDictionary parameters)
+		{
+            IDictionary table = createStandardAttributeTable(parameters);
+			return new AttributeTable(table);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/DigOutputStream.cs b/bc-sharp-crypto/src/cms/DigOutputStream.cs
new file mode 100644
index 0000000..103b45c
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/DigOutputStream.cs
@@ -0,0 +1,28 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class DigOutputStream
+		: BaseOutputStream
+	{
+		private readonly IDigest dig;
+
+		internal DigOutputStream(IDigest dig)
+		{
+			this.dig = dig;
+		}
+
+		public override void WriteByte(byte b)
+		{
+			dig.Update(b);
+		}
+
+		public override void Write(byte[] b, int off, int len)
+		{
+			dig.BlockUpdate(b, off, len);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/IDigestCalculator.cs b/bc-sharp-crypto/src/cms/IDigestCalculator.cs
new file mode 100644
index 0000000..3661e40
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/IDigestCalculator.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal interface IDigestCalculator
+	{
+		byte[] GetDigest();
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/KEKRecipientInfoGenerator.cs b/bc-sharp-crypto/src/cms/KEKRecipientInfoGenerator.cs
new file mode 100644
index 0000000..6f34fec
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KEKRecipientInfoGenerator.cs
@@ -0,0 +1,138 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class KekRecipientInfoGenerator : RecipientInfoGenerator
+	{
+		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
+
+		private KeyParameter	keyEncryptionKey;
+		// TODO Can get this from keyEncryptionKey?		
+		private string			keyEncryptionKeyOID;
+		private KekIdentifier	kekIdentifier;
+
+		// Derived
+		private AlgorithmIdentifier keyEncryptionAlgorithm;
+
+		internal KekRecipientInfoGenerator()
+		{
+		}
+
+		internal KekIdentifier KekIdentifier
+		{
+			set { this.kekIdentifier = value; }
+		}
+
+		internal KeyParameter KeyEncryptionKey
+		{
+			set
+			{
+				this.keyEncryptionKey = value;
+				this.keyEncryptionAlgorithm = DetermineKeyEncAlg(keyEncryptionKeyOID, keyEncryptionKey);
+			}
+		}
+
+		internal string KeyEncryptionKeyOID
+		{
+			set { this.keyEncryptionKeyOID = value; }
+		}
+
+		public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
+		{
+			byte[] keyBytes = contentEncryptionKey.GetKey();
+
+            IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
+			keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
+        	Asn1OctetString encryptedKey = new DerOctetString(
+				keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
+
+			return new RecipientInfo(new KekRecipientInfo(kekIdentifier, keyEncryptionAlgorithm, encryptedKey));
+		}
+
+		private static AlgorithmIdentifier DetermineKeyEncAlg(
+			string algorithm, KeyParameter key)
+		{
+			if (Platform.StartsWith(algorithm, "DES"))
+			{
+				return new AlgorithmIdentifier(
+					PkcsObjectIdentifiers.IdAlgCms3DesWrap,
+					DerNull.Instance);
+			}
+            else if (Platform.StartsWith(algorithm, "RC2"))
+			{
+				return new AlgorithmIdentifier(
+					PkcsObjectIdentifiers.IdAlgCmsRC2Wrap,
+					new DerInteger(58));
+			}
+			else if (Platform.StartsWith(algorithm, "AES"))
+			{
+				int length = key.GetKey().Length * 8;
+				DerObjectIdentifier wrapOid;
+
+				if (length == 128)
+				{
+					wrapOid = NistObjectIdentifiers.IdAes128Wrap;
+				}
+				else if (length == 192)
+				{
+					wrapOid = NistObjectIdentifiers.IdAes192Wrap;
+				}
+				else if (length == 256)
+				{
+					wrapOid = NistObjectIdentifiers.IdAes256Wrap;
+				}
+				else
+				{
+					throw new ArgumentException("illegal keysize in AES");
+				}
+
+				return new AlgorithmIdentifier(wrapOid);  // parameters absent
+			}
+			else if (Platform.StartsWith(algorithm, "SEED"))
+			{
+				// parameters absent
+				return new AlgorithmIdentifier(KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap);
+			}
+			else if (Platform.StartsWith(algorithm, "CAMELLIA"))
+			{
+				int length = key.GetKey().Length * 8;
+				DerObjectIdentifier wrapOid;
+
+				if (length == 128)
+				{
+					wrapOid = NttObjectIdentifiers.IdCamellia128Wrap;
+				}
+				else if (length == 192)
+				{
+					wrapOid = NttObjectIdentifiers.IdCamellia192Wrap;
+				}
+				else if (length == 256)
+				{
+					wrapOid = NttObjectIdentifiers.IdCamellia256Wrap;
+				}
+				else
+				{
+					throw new ArgumentException("illegal keysize in Camellia");
+				}
+
+				return new AlgorithmIdentifier(wrapOid); // parameters must be absent
+			}
+			else
+			{
+				throw new ArgumentException("unknown algorithm");
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/KEKRecipientInformation.cs b/bc-sharp-crypto/src/cms/KEKRecipientInformation.cs
new file mode 100644
index 0000000..871dc76
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KEKRecipientInformation.cs
@@ -0,0 +1,62 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * the RecipientInfo class for a recipient who has been sent a message
+    * encrypted using a secret key known to the other side.
+    */
+    public class KekRecipientInformation
+        : RecipientInformation
+    {
+        private KekRecipientInfo info;
+
+		internal KekRecipientInformation(
+			KekRecipientInfo	info,
+			CmsSecureReadable	secureReadable)
+			: base(info.KeyEncryptionAlgorithm, secureReadable)
+		{
+            this.info = info;
+            this.rid = new RecipientID();
+
+			KekIdentifier kekId = info.KekID;
+
+			rid.KeyIdentifier = kekId.KeyIdentifier.GetOctets();
+        }
+
+		/**
+        * decrypt the content and return an input stream.
+        */
+        public override CmsTypedStream GetContentStream(
+            ICipherParameters key)
+        {
+			try
+			{
+				byte[] encryptedKey = info.EncryptedKey.GetOctets();
+                IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncAlg.Algorithm.Id);
+
+				keyWrapper.Init(false, key);
+
+				KeyParameter sKey = ParameterUtilities.CreateKeyParameter(
+					GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length));
+
+				return GetContentFromSessionKey(sKey);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/bc-sharp-crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
new file mode 100644
index 0000000..6bd2cea
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs
@@ -0,0 +1,171 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Cms.Ecc;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class KeyAgreeRecipientInfoGenerator : RecipientInfoGenerator
+	{
+		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
+
+		private DerObjectIdentifier			keyAgreementOID;
+		private DerObjectIdentifier			keyEncryptionOID;
+		private IList					    recipientCerts;
+		private AsymmetricCipherKeyPair		senderKeyPair;
+
+		internal KeyAgreeRecipientInfoGenerator()
+		{
+		}
+
+		internal DerObjectIdentifier KeyAgreementOID
+		{
+			set { this.keyAgreementOID = value; }
+		}
+
+		internal DerObjectIdentifier KeyEncryptionOID
+		{
+			set { this.keyEncryptionOID = value; }
+		}
+
+		internal ICollection RecipientCerts
+		{
+			set { this.recipientCerts = Platform.CreateArrayList(value); }
+		}
+
+		internal AsymmetricCipherKeyPair SenderKeyPair
+		{
+			set { this.senderKeyPair = value; }
+		}
+
+		public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
+		{
+			byte[] keyBytes = contentEncryptionKey.GetKey();
+
+			AsymmetricKeyParameter senderPublicKey = senderKeyPair.Public;
+			ICipherParameters senderPrivateParams = senderKeyPair.Private;
+
+
+			OriginatorIdentifierOrKey originator;
+			try
+			{
+				originator = new OriginatorIdentifierOrKey(
+					CreateOriginatorPublicKey(senderPublicKey));
+			}
+			catch (IOException e)
+			{
+				throw new InvalidKeyException("cannot extract originator public key: " + e);
+			}
+
+
+			Asn1OctetString ukm = null;
+			if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
+			{
+				try
+				{
+					IAsymmetricCipherKeyPairGenerator ephemKPG =
+						GeneratorUtilities.GetKeyPairGenerator(keyAgreementOID);
+					ephemKPG.Init(
+						((ECPublicKeyParameters)senderPublicKey).CreateKeyGenerationParameters(random));
+
+					AsymmetricCipherKeyPair ephemKP = ephemKPG.GenerateKeyPair();
+
+					ukm = new DerOctetString(
+						new MQVuserKeyingMaterial(
+							CreateOriginatorPublicKey(ephemKP.Public), null));
+
+					senderPrivateParams = new MqvPrivateParameters(
+						(ECPrivateKeyParameters)senderPrivateParams,
+						(ECPrivateKeyParameters)ephemKP.Private,
+						(ECPublicKeyParameters)ephemKP.Public);
+				}
+				catch (IOException e)
+				{
+					throw new InvalidKeyException("cannot extract MQV ephemeral public key: " + e);
+				}
+				catch (SecurityUtilityException e)
+				{
+					throw new InvalidKeyException("cannot determine MQV ephemeral key pair parameters from public key: " + e);
+				}
+			}
+
+
+			DerSequence paramSeq = new DerSequence(
+				keyEncryptionOID,
+				DerNull.Instance);
+			AlgorithmIdentifier keyEncAlg = new AlgorithmIdentifier(keyAgreementOID, paramSeq);
+
+
+			Asn1EncodableVector recipientEncryptedKeys = new Asn1EncodableVector();
+			foreach (X509Certificate recipientCert in recipientCerts)
+			{
+				TbsCertificateStructure tbsCert;
+				try
+				{
+					tbsCert = TbsCertificateStructure.GetInstance(
+						Asn1Object.FromByteArray(recipientCert.GetTbsCertificate()));
+				}
+				catch (Exception)
+				{
+					throw new ArgumentException("can't extract TBS structure from certificate");
+				}
+
+				// TODO Should there be a SubjectKeyIdentifier-based alternative?
+				IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(
+					tbsCert.Issuer, tbsCert.SerialNumber.Value);
+				KeyAgreeRecipientIdentifier karid = new KeyAgreeRecipientIdentifier(issuerSerial);
+
+				ICipherParameters recipientPublicParams = recipientCert.GetPublicKey();
+				if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
+				{
+					recipientPublicParams = new MqvPublicParameters(
+						(ECPublicKeyParameters)recipientPublicParams,
+						(ECPublicKeyParameters)recipientPublicParams);
+				}
+
+				// Use key agreement to choose a wrap key for this recipient
+				IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreementWithKdf(
+					keyAgreementOID, keyEncryptionOID.Id);
+				keyAgreement.Init(new ParametersWithRandom(senderPrivateParams, random));
+				BigInteger agreedValue = keyAgreement.CalculateAgreement(recipientPublicParams);
+
+				int keyEncryptionKeySize = GeneratorUtilities.GetDefaultKeySize(keyEncryptionOID) / 8;
+				byte[] keyEncryptionKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, keyEncryptionKeySize);
+				KeyParameter keyEncryptionKey = ParameterUtilities.CreateKeyParameter(
+					keyEncryptionOID, keyEncryptionKeyBytes);
+
+				// Wrap the content encryption key with the agreement key
+				IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionOID.Id);
+				keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
+				byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+
+	        	Asn1OctetString encryptedKey = new DerOctetString(encryptedKeyBytes);
+
+				recipientEncryptedKeys.Add(new RecipientEncryptedKey(karid, encryptedKey));
+			}
+
+			return new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyEncAlg,
+				new DerSequence(recipientEncryptedKeys)));
+		}
+
+		private static OriginatorPublicKey CreateOriginatorPublicKey(
+			AsymmetricKeyParameter publicKey)
+		{
+			SubjectPublicKeyInfo spki = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
+			return new OriginatorPublicKey(
+                new AlgorithmIdentifier(spki.AlgorithmID.Algorithm, DerNull.Instance),
+				spki.PublicKeyData.GetBytes());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/KeyAgreeRecipientInformation.cs b/bc-sharp-crypto/src/cms/KeyAgreeRecipientInformation.cs
new file mode 100644
index 0000000..73e57a7
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KeyAgreeRecipientInformation.cs
@@ -0,0 +1,226 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Cms.Ecc;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * the RecipientInfo class for a recipient who has been sent a message
+    * encrypted using key agreement.
+    */
+    public class KeyAgreeRecipientInformation
+        : RecipientInformation
+    {
+        private KeyAgreeRecipientInfo info;
+        private Asn1OctetString       encryptedKey;
+
+        internal static void ReadRecipientInfo(IList infos, KeyAgreeRecipientInfo info,
+            CmsSecureReadable secureReadable)
+        {
+            try
+            {
+                foreach (Asn1Encodable rek in info.RecipientEncryptedKeys)
+                {
+                    RecipientEncryptedKey id = RecipientEncryptedKey.GetInstance(rek.ToAsn1Object());
+
+                    RecipientID rid = new RecipientID();
+
+                    Asn1.Cms.KeyAgreeRecipientIdentifier karid = id.Identifier;
+
+                    Asn1.Cms.IssuerAndSerialNumber iAndSN = karid.IssuerAndSerialNumber;
+                    if (iAndSN != null)
+                    {
+                        rid.Issuer = iAndSN.Name;
+                        rid.SerialNumber = iAndSN.SerialNumber.Value;
+                    }
+                    else
+                    {
+                        Asn1.Cms.RecipientKeyIdentifier rKeyID = karid.RKeyID;
+
+                        // Note: 'date' and 'other' fields of RecipientKeyIdentifier appear to be only informational 
+
+                        rid.SubjectKeyIdentifier = rKeyID.SubjectKeyIdentifier.GetOctets();
+                    }
+
+                    infos.Add(new KeyAgreeRecipientInformation(info, rid, id.EncryptedKey,
+                        secureReadable));
+                }
+            }
+            catch (IOException e)
+            {
+                throw new ArgumentException("invalid rid in KeyAgreeRecipientInformation", e);
+            }
+        }
+
+        internal KeyAgreeRecipientInformation(
+            KeyAgreeRecipientInfo	info,
+            RecipientID				rid,
+            Asn1OctetString			encryptedKey,
+            CmsSecureReadable		secureReadable)
+            : base(info.KeyEncryptionAlgorithm, secureReadable)
+        {
+            this.info = info;
+            this.rid = rid;
+            this.encryptedKey = encryptedKey;
+        }
+
+        private AsymmetricKeyParameter GetSenderPublicKey(
+            AsymmetricKeyParameter		receiverPrivateKey,
+            OriginatorIdentifierOrKey	originator)
+        {
+            OriginatorPublicKey opk = originator.OriginatorPublicKey;
+            if (opk != null)
+            {
+                return GetPublicKeyFromOriginatorPublicKey(receiverPrivateKey, opk);
+            }
+            
+            OriginatorID origID = new OriginatorID();
+            
+            Asn1.Cms.IssuerAndSerialNumber iAndSN = originator.IssuerAndSerialNumber;
+            if (iAndSN != null)
+            {
+                origID.Issuer = iAndSN.Name;
+                origID.SerialNumber = iAndSN.SerialNumber.Value;
+            }
+            else
+            {
+                SubjectKeyIdentifier ski = originator.SubjectKeyIdentifier;
+
+                origID.SubjectKeyIdentifier = ski.GetKeyIdentifier();
+            }
+
+            return GetPublicKeyFromOriginatorID(origID);
+        }
+
+        private AsymmetricKeyParameter GetPublicKeyFromOriginatorPublicKey(
+            AsymmetricKeyParameter	receiverPrivateKey,
+            OriginatorPublicKey		originatorPublicKey)
+        {
+            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(receiverPrivateKey);
+            SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(
+                privInfo.PrivateKeyAlgorithm,
+                originatorPublicKey.PublicKey.GetBytes());
+            return PublicKeyFactory.CreateKey(pubInfo);
+        }
+
+        private AsymmetricKeyParameter GetPublicKeyFromOriginatorID(
+            OriginatorID origID)
+        {
+            // TODO Support all alternatives for OriginatorIdentifierOrKey
+            // see RFC 3852 6.2.2
+            throw new CmsException("No support for 'originator' as IssuerAndSerialNumber or SubjectKeyIdentifier");
+        }
+
+        private KeyParameter CalculateAgreedWrapKey(
+            string					wrapAlg,
+            AsymmetricKeyParameter	senderPublicKey,
+            AsymmetricKeyParameter	receiverPrivateKey)
+        {
+            DerObjectIdentifier agreeAlgID = keyEncAlg.Algorithm;
+
+            ICipherParameters senderPublicParams = senderPublicKey;
+            ICipherParameters receiverPrivateParams = receiverPrivateKey;
+
+            if (agreeAlgID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
+            {
+                byte[] ukmEncoding = info.UserKeyingMaterial.GetOctets();
+                MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.GetInstance(
+                    Asn1Object.FromByteArray(ukmEncoding));
+
+                AsymmetricKeyParameter ephemeralKey = GetPublicKeyFromOriginatorPublicKey(
+                    receiverPrivateKey, ukm.EphemeralPublicKey);
+
+                senderPublicParams = new MqvPublicParameters(
+                    (ECPublicKeyParameters)senderPublicParams,
+                    (ECPublicKeyParameters)ephemeralKey);
+                receiverPrivateParams = new MqvPrivateParameters(
+                    (ECPrivateKeyParameters)receiverPrivateParams,
+                    (ECPrivateKeyParameters)receiverPrivateParams);
+            }
+
+            IBasicAgreement agreement = AgreementUtilities.GetBasicAgreementWithKdf(
+                agreeAlgID, wrapAlg);
+            agreement.Init(receiverPrivateParams);
+            BigInteger agreedValue = agreement.CalculateAgreement(senderPublicParams);
+
+            int wrapKeySize = GeneratorUtilities.GetDefaultKeySize(wrapAlg) / 8;
+            byte[] wrapKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, wrapKeySize);
+            return ParameterUtilities.CreateKeyParameter(wrapAlg, wrapKeyBytes);
+        }
+
+        private KeyParameter UnwrapSessionKey(
+            string			wrapAlg,
+            KeyParameter	agreedKey)
+        {
+            byte[] encKeyOctets = encryptedKey.GetOctets();
+
+            IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlg);
+            keyCipher.Init(false, agreedKey);
+            byte[] sKeyBytes = keyCipher.Unwrap(encKeyOctets, 0, encKeyOctets.Length);
+            return ParameterUtilities.CreateKeyParameter(GetContentAlgorithmName(), sKeyBytes);
+        }
+
+        internal KeyParameter GetSessionKey(
+            AsymmetricKeyParameter receiverPrivateKey)
+        {
+            try
+            {
+                string wrapAlg = DerObjectIdentifier.GetInstance(
+                    Asn1Sequence.GetInstance(keyEncAlg.Parameters)[0]).Id;
+
+                AsymmetricKeyParameter senderPublicKey = GetSenderPublicKey(
+                    receiverPrivateKey, info.Originator);
+
+                KeyParameter agreedWrapKey = CalculateAgreedWrapKey(wrapAlg,
+                    senderPublicKey, receiverPrivateKey);
+
+                return UnwrapSessionKey(wrapAlg, agreedWrapKey);
+            }
+            catch (SecurityUtilityException e)
+            {
+                throw new CmsException("couldn't create cipher.", e);
+            }
+            catch (InvalidKeyException e)
+            {
+                throw new CmsException("key invalid in message.", e);
+            }
+            catch (Exception e)
+            {
+                throw new CmsException("originator key invalid.", e);
+            }
+        }
+
+        /**
+        * decrypt the content and return an input stream.
+        */
+        public override CmsTypedStream GetContentStream(
+            ICipherParameters key)
+        {
+            if (!(key is AsymmetricKeyParameter))
+                throw new ArgumentException("KeyAgreement requires asymmetric key", "key");
+
+            AsymmetricKeyParameter receiverPrivateKey = (AsymmetricKeyParameter) key;
+
+            if (!receiverPrivateKey.IsPrivate)
+                throw new ArgumentException("Expected private key", "key");
+
+            KeyParameter sKey = GetSessionKey(receiverPrivateKey);
+
+            return GetContentFromSessionKey(sKey);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/bc-sharp-crypto/src/cms/KeyTransRecipientInfoGenerator.cs
new file mode 100644
index 0000000..a1d8fbf
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KeyTransRecipientInfoGenerator.cs
@@ -0,0 +1,87 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class KeyTransRecipientInfoGenerator : RecipientInfoGenerator
+	{
+		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
+
+		private TbsCertificateStructure	recipientTbsCert;
+		private AsymmetricKeyParameter	recipientPublicKey;
+		private Asn1OctetString			subjectKeyIdentifier;
+
+		// Derived fields
+		private SubjectPublicKeyInfo info;
+
+		internal KeyTransRecipientInfoGenerator()
+		{
+		}
+
+		internal X509Certificate RecipientCert
+		{
+			set
+			{
+				this.recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(value);
+				this.recipientPublicKey = value.GetPublicKey();
+				this.info = recipientTbsCert.SubjectPublicKeyInfo;
+			}
+		}
+		
+		internal AsymmetricKeyParameter RecipientPublicKey
+		{
+			set
+			{
+				this.recipientPublicKey = value;
+
+				try
+				{
+					info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
+						recipientPublicKey);
+				}
+				catch (IOException)
+				{
+					throw new ArgumentException("can't extract key algorithm from this key");
+				}
+			}
+		}
+		
+		internal Asn1OctetString SubjectKeyIdentifier
+		{
+			set { this.subjectKeyIdentifier = value; }
+		}
+
+		public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
+		{
+			byte[] keyBytes = contentEncryptionKey.GetKey();
+			AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID;
+
+            IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id);
+			keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
+			byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
+
+			RecipientIdentifier recipId;
+			if (recipientTbsCert != null)
+			{
+				IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber(
+					recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value);
+				recipId = new RecipientIdentifier(issuerAndSerial);
+			}
+			else
+			{
+				recipId = new RecipientIdentifier(subjectKeyIdentifier);
+			}
+
+			return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm,
+				new DerOctetString(encryptedKeyBytes)));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/KeyTransRecipientInformation.cs b/bc-sharp-crypto/src/cms/KeyTransRecipientInformation.cs
new file mode 100644
index 0000000..3b1ea7b
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/KeyTransRecipientInformation.cs
@@ -0,0 +1,113 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Asn1Pkcs = Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * the KeyTransRecipientInformation class for a recipient who has been sent a secret
+    * key encrypted using their public key that needs to be used to
+    * extract the message.
+    */
+    public class KeyTransRecipientInformation
+        : RecipientInformation
+    {
+        private KeyTransRecipientInfo info;
+
+		internal KeyTransRecipientInformation(
+			KeyTransRecipientInfo	info,
+			CmsSecureReadable		secureReadable)
+			: base(info.KeyEncryptionAlgorithm, secureReadable)
+		{
+            this.info = info;
+            this.rid = new RecipientID();
+
+			RecipientIdentifier r = info.RecipientIdentifier;
+
+			try
+            {
+                if (r.IsTagged)
+                {
+                    Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID);
+
+					rid.SubjectKeyIdentifier = octs.GetOctets();
+                }
+                else
+                {
+                    IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.GetInstance(r.ID);
+
+					rid.Issuer = iAnds.Name;
+                    rid.SerialNumber = iAnds.SerialNumber.Value;
+                }
+            }
+            catch (IOException)
+            {
+                throw new ArgumentException("invalid rid in KeyTransRecipientInformation");
+            }
+        }
+
+		private string GetExchangeEncryptionAlgorithmName(
+			DerObjectIdentifier oid)
+		{
+			if (Asn1Pkcs.PkcsObjectIdentifiers.RsaEncryption.Equals(oid))
+			{
+				return "RSA//PKCS1Padding";
+			}
+
+			return oid.Id;
+		}
+
+		internal KeyParameter UnwrapKey(ICipherParameters key)
+		{
+			byte[] encryptedKey = info.EncryptedKey.GetOctets();
+            string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg.Algorithm);
+
+			try
+			{
+				IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyExchangeAlgorithm);
+				keyWrapper.Init(false, key);
+
+				// FIXME Support for MAC algorithm parameters similar to cipher parameters
+				return ParameterUtilities.CreateKeyParameter(
+					GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length));
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+//			catch (IllegalBlockSizeException e)
+			catch (DataLengthException e)
+			{
+				throw new CmsException("illegal blocksize in message.", e);
+			}
+//			catch (BadPaddingException e)
+			catch (InvalidCipherTextException e)
+			{
+				throw new CmsException("bad padding in message.", e);
+			}
+		}
+		
+		/**
+        * decrypt the content and return it as a byte array.
+        */
+        public override CmsTypedStream GetContentStream(
+            ICipherParameters key)
+        {
+			KeyParameter sKey = UnwrapKey(key);
+
+			return GetContentFromSessionKey(sKey);
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/MacOutputStream.cs b/bc-sharp-crypto/src/cms/MacOutputStream.cs
new file mode 100644
index 0000000..8891dbc
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/MacOutputStream.cs
@@ -0,0 +1,28 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class MacOutputStream
+		: BaseOutputStream
+	{
+		private readonly IMac mac;
+
+		internal MacOutputStream(IMac mac)
+		{
+			this.mac = mac;
+		}
+
+		public override void Write(byte[] b, int off, int len)
+		{
+			mac.BlockUpdate(b, off, len);
+		}
+
+		public override void WriteByte(byte b)
+		{
+			mac.Update(b);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/OriginatorId.cs b/bc-sharp-crypto/src/cms/OriginatorId.cs
new file mode 100644
index 0000000..5a3b737
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/OriginatorId.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * a basic index for an originator.
+    */
+    public class OriginatorID
+        : X509CertStoreSelector
+    {
+        public override int GetHashCode()
+        {
+            int code = Arrays.GetHashCode(this.SubjectKeyIdentifier);
+
+			BigInteger serialNumber = this.SerialNumber;
+			if (serialNumber != null)
+            {
+                code ^= serialNumber.GetHashCode();
+            }
+
+			X509Name issuer = this.Issuer;
+            if (issuer != null)
+            {
+                code ^= issuer.GetHashCode();
+            }
+
+			return code;
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return false;
+
+			OriginatorID id = obj as OriginatorID;
+
+			if (id == null)
+				return false;
+
+			return Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier)
+				&& Platform.Equals(SerialNumber, id.SerialNumber)
+				&& IssuersMatch(Issuer, id.Issuer);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/OriginatorInfoGenerator.cs b/bc-sharp-crypto/src/cms/OriginatorInfoGenerator.cs
new file mode 100644
index 0000000..6bf1087
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/OriginatorInfoGenerator.cs
@@ -0,0 +1,42 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    public class OriginatorInfoGenerator
+    {
+        private readonly IList origCerts;
+        private readonly IList origCrls;
+
+        public OriginatorInfoGenerator(X509Certificate origCert)
+        {
+            this.origCerts = Platform.CreateArrayList(1);
+            this.origCrls = null;
+            origCerts.Add(origCert.CertificateStructure);
+        }
+
+        public OriginatorInfoGenerator(IX509Store origCerts)
+            : this(origCerts, null)
+        {
+        }
+
+        public OriginatorInfoGenerator(IX509Store origCerts, IX509Store origCrls)
+        {
+            this.origCerts = CmsUtilities.GetCertificatesFromStore(origCerts);
+            this.origCrls = origCrls == null ? null : CmsUtilities.GetCrlsFromStore(origCrls);
+        }
+
+        public virtual OriginatorInfo Generate()
+        {
+            Asn1Set certSet = CmsUtilities.CreateDerSetFromList(origCerts);
+            Asn1Set crlSet = origCrls == null ? null : CmsUtilities.CreateDerSetFromList(origCrls);
+            return new OriginatorInfo(certSet, crlSet);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/OriginatorInformation.cs b/bc-sharp-crypto/src/cms/OriginatorInformation.cs
new file mode 100644
index 0000000..618add6
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/OriginatorInformation.cs
@@ -0,0 +1,96 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class OriginatorInformation
+	{
+		private readonly OriginatorInfo originatorInfo;
+
+		internal OriginatorInformation(OriginatorInfo originatorInfo)
+		{
+			this.originatorInfo = originatorInfo;
+		}
+
+		/**
+		* Return the certificates stored in the underlying OriginatorInfo object.
+		*
+		* @return a Store of X509CertificateHolder objects.
+		*/
+		public virtual IX509Store GetCertificates()
+		{
+			Asn1Set certSet = originatorInfo.Certificates;
+
+			if (certSet != null)
+			{
+				IList certList = Platform.CreateArrayList(certSet.Count);
+
+				foreach (Asn1Encodable enc in certSet)
+				{
+					Asn1Object obj = enc.ToAsn1Object();
+					if (obj is Asn1Sequence)
+					{
+						certList.Add(new X509Certificate(X509CertificateStructure.GetInstance(obj)));
+					}
+				}
+
+				return X509StoreFactory.Create(
+					"Certificate/Collection",
+					new X509CollectionStoreParameters(certList));
+			}
+
+			return X509StoreFactory.Create(
+				"Certificate/Collection",
+				new X509CollectionStoreParameters(Platform.CreateArrayList()));
+		}
+
+		/**
+		* Return the CRLs stored in the underlying OriginatorInfo object.
+		*
+		* @return a Store of X509CRLHolder objects.
+		*/
+		public virtual IX509Store GetCrls()
+		{
+			Asn1Set crlSet = originatorInfo.Certificates;
+
+			if (crlSet != null)
+			{
+                IList crlList = Platform.CreateArrayList(crlSet.Count);
+
+				foreach (Asn1Encodable enc in crlSet)
+				{
+					Asn1Object obj = enc.ToAsn1Object();
+					if (obj is Asn1Sequence)
+					{
+						crlList.Add(new X509Crl(CertificateList.GetInstance(obj)));
+					}
+				}
+
+				return X509StoreFactory.Create(
+					"CRL/Collection",
+					new X509CollectionStoreParameters(crlList));
+			}
+
+			return X509StoreFactory.Create(
+				"CRL/Collection",
+                new X509CollectionStoreParameters(Platform.CreateArrayList()));
+		}
+
+		/**
+		* Return the underlying ASN.1 object defining this SignerInformation object.
+		*
+		* @return a OriginatorInfo.
+		*/
+		public virtual OriginatorInfo ToAsn1Structure()
+		{
+			return originatorInfo;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/PKCS5Scheme2PBEKey.cs b/bc-sharp-crypto/src/cms/PKCS5Scheme2PBEKey.cs
new file mode 100644
index 0000000..08b8518
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/PKCS5Scheme2PBEKey.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Cms
+{
+	/// <summary>
+	/// PKCS5 scheme-2 - password converted to bytes assuming ASCII.
+	/// </summary>
+	public class Pkcs5Scheme2PbeKey
+		: CmsPbeKey
+	{
+		[Obsolete("Use version taking 'char[]' instead")]
+		public Pkcs5Scheme2PbeKey(
+			string	password,
+			byte[]	salt,
+			int		iterationCount)
+			: this(password.ToCharArray(), salt, iterationCount)
+		{
+		}
+
+		[Obsolete("Use version taking 'char[]' instead")]
+		public Pkcs5Scheme2PbeKey(
+			string				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+			: this(password.ToCharArray(), keyDerivationAlgorithm)
+		{
+		}
+		
+		public Pkcs5Scheme2PbeKey(
+			char[]	password,
+			byte[]	salt,
+			int		iterationCount)
+			: base(password, salt, iterationCount)
+		{
+		}
+
+		public Pkcs5Scheme2PbeKey(
+			char[]				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+			: base(password, keyDerivationAlgorithm)
+		{
+		}
+
+		internal override KeyParameter GetEncoded(
+			string algorithmOid)
+		{
+			Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator();
+
+			gen.Init(
+				PbeParametersGenerator.Pkcs5PasswordToBytes(password),
+				salt,
+				iterationCount);
+
+			return (KeyParameter) gen.GenerateDerivedParameters(
+				algorithmOid,
+				CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs b/bc-sharp-crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
new file mode 100644
index 0000000..7aecc29
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * PKCS5 scheme-2 - password converted to bytes using UTF-8.
+	 */
+	public class Pkcs5Scheme2Utf8PbeKey
+		: CmsPbeKey
+	{
+		[Obsolete("Use version taking 'char[]' instead")]
+		public Pkcs5Scheme2Utf8PbeKey(
+			string	password,
+			byte[]	salt,
+			int		iterationCount)
+			: this(password.ToCharArray(), salt, iterationCount)
+		{
+		}
+
+		[Obsolete("Use version taking 'char[]' instead")]
+		public Pkcs5Scheme2Utf8PbeKey(
+			string				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+			: this(password.ToCharArray(), keyDerivationAlgorithm)
+		{
+		}
+
+		public Pkcs5Scheme2Utf8PbeKey(
+			char[]	password,
+			byte[]	salt,
+			int		iterationCount)
+			: base(password, salt, iterationCount)
+		{
+		}
+
+		public Pkcs5Scheme2Utf8PbeKey(
+			char[]				password,
+			AlgorithmIdentifier keyDerivationAlgorithm)
+			: base(password, keyDerivationAlgorithm)
+		{
+		}
+
+		internal override KeyParameter GetEncoded(
+			string algorithmOid)
+		{
+			Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator();
+
+			gen.Init(
+				PbeParametersGenerator.Pkcs5PasswordToUtf8Bytes(password),
+				salt,
+				iterationCount);
+
+			return (KeyParameter) gen.GenerateDerivedParameters(
+				algorithmOid,
+				CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/PasswordRecipientInfoGenerator.cs b/bc-sharp-crypto/src/cms/PasswordRecipientInfoGenerator.cs
new file mode 100644
index 0000000..9916edf
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/PasswordRecipientInfoGenerator.cs
@@ -0,0 +1,70 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class PasswordRecipientInfoGenerator : RecipientInfoGenerator
+	{
+		private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance;
+
+		private AlgorithmIdentifier	keyDerivationAlgorithm;
+		private KeyParameter		keyEncryptionKey;
+		// TODO Can get this from keyEncryptionKey?		
+		private string				keyEncryptionKeyOID;
+
+		internal PasswordRecipientInfoGenerator()
+		{
+		}
+
+		internal AlgorithmIdentifier KeyDerivationAlgorithm
+		{
+			set { this.keyDerivationAlgorithm = value; }
+		}
+
+		internal KeyParameter KeyEncryptionKey
+		{
+			set { this.keyEncryptionKey = value; }
+		}
+
+		internal string KeyEncryptionKeyOID
+		{
+			set { this.keyEncryptionKeyOID = value; }
+		}
+
+		public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
+		{
+			byte[] keyBytes = contentEncryptionKey.GetKey();
+
+			string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID);
+			IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName);
+
+			// Note: In Java build, the IV is automatically generated in JCE layer
+			int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16;
+			byte[] iv = new byte[ivLength];
+			random.NextBytes(iv);
+
+			ICipherParameters parameters = new ParametersWithIV(keyEncryptionKey, iv);
+			keyWrapper.Init(true, new ParametersWithRandom(parameters, random));
+        	Asn1OctetString encryptedKey = new DerOctetString(
+				keyWrapper.Wrap(keyBytes, 0, keyBytes.Length));
+
+			DerSequence seq = new DerSequence(
+				new DerObjectIdentifier(keyEncryptionKeyOID),
+				new DerOctetString(iv));
+
+			AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier(
+				PkcsObjectIdentifiers.IdAlgPwriKek, seq);
+
+			return new RecipientInfo(new PasswordRecipientInfo(
+				keyDerivationAlgorithm, keyEncryptionAlgorithm, encryptedKey));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/PasswordRecipientInformation.cs b/bc-sharp-crypto/src/cms/PasswordRecipientInformation.cs
new file mode 100644
index 0000000..f629cab
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/PasswordRecipientInformation.cs
@@ -0,0 +1,79 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * the RecipientInfo class for a recipient who has been sent a message
+	 * encrypted using a password.
+	 */
+	public class PasswordRecipientInformation
+		: RecipientInformation
+	{
+		private readonly PasswordRecipientInfo	info;
+
+		internal PasswordRecipientInformation(
+			PasswordRecipientInfo	info,
+			CmsSecureReadable		secureReadable)
+			: base(info.KeyEncryptionAlgorithm, secureReadable)
+		{
+			this.info = info;
+			this.rid = new RecipientID();
+		}
+
+		/**
+		 * return the object identifier for the key derivation algorithm, or null
+		 * if there is none present.
+		 *
+		 * @return OID for key derivation algorithm, if present.
+		 */
+		public virtual AlgorithmIdentifier KeyDerivationAlgorithm
+		{
+			get { return info.KeyDerivationAlgorithm; }
+		}
+
+		/**
+		 * decrypt the content and return an input stream.
+		 */
+		public override CmsTypedStream GetContentStream(
+			ICipherParameters key)
+		{
+			try
+			{
+				AlgorithmIdentifier kekAlg = AlgorithmIdentifier.GetInstance(info.KeyEncryptionAlgorithm);
+				Asn1Sequence        kekAlgParams = (Asn1Sequence)kekAlg.Parameters;
+				byte[]              encryptedKey = info.EncryptedKey.GetOctets();
+				string              kekAlgName = DerObjectIdentifier.GetInstance(kekAlgParams[0]).Id;
+				string				cName = CmsEnvelopedHelper.Instance.GetRfc3211WrapperName(kekAlgName);
+				IWrapper			keyWrapper = WrapperUtilities.GetWrapper(cName);
+
+				byte[] iv = Asn1OctetString.GetInstance(kekAlgParams[1]).GetOctets();
+
+				ICipherParameters parameters = ((CmsPbeKey)key).GetEncoded(kekAlgName);
+				parameters = new ParametersWithIV(parameters, iv);
+
+				keyWrapper.Init(false, parameters);
+
+				KeyParameter sKey = ParameterUtilities.CreateKeyParameter(
+					GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length));
+
+				return GetContentFromSessionKey(sKey);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new CmsException("couldn't create cipher.", e);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key invalid in message.", e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/RecipientId.cs b/bc-sharp-crypto/src/cms/RecipientId.cs
new file mode 100644
index 0000000..9b6eb09
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/RecipientId.cs
@@ -0,0 +1,58 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    public class RecipientID
+        : X509CertStoreSelector
+    {
+        private byte[] keyIdentifier;
+
+		public byte[] KeyIdentifier
+		{
+			get { return Arrays.Clone(keyIdentifier); }
+			set { keyIdentifier = Arrays.Clone(value); }
+		}
+
+		public override int GetHashCode()
+        {
+            int code = Arrays.GetHashCode(keyIdentifier)
+				^ Arrays.GetHashCode(this.SubjectKeyIdentifier);
+
+			BigInteger serialNumber = this.SerialNumber;
+			if (serialNumber != null)
+            {
+                code ^= serialNumber.GetHashCode();
+            }
+
+			X509Name issuer = this.Issuer;
+            if (issuer != null)
+            {
+                code ^= issuer.GetHashCode();
+            }
+
+            return code;
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return true;
+
+			RecipientID id = obj as RecipientID;
+
+			if (id == null)
+				return false;
+
+			return Arrays.AreEqual(keyIdentifier, id.keyIdentifier)
+				&& Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier)
+				&& Platform.Equals(SerialNumber, id.SerialNumber)
+				&& IssuersMatch(Issuer, id.Issuer);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/RecipientInfoGenerator.cs b/bc-sharp-crypto/src/cms/RecipientInfoGenerator.cs
new file mode 100644
index 0000000..c41db61
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/RecipientInfoGenerator.cs
@@ -0,0 +1,26 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+	interface RecipientInfoGenerator
+	{
+		/// <summary>
+		/// Generate a RecipientInfo object for the given key.
+		/// </summary>
+		/// <param name="contentEncryptionKey">
+		/// A <see cref="KeyParameter"/>
+		/// </param>
+		/// <param name="random">
+		/// A <see cref="SecureRandom"/>
+		/// </param>
+		/// <returns>
+		/// A <see cref="RecipientInfo"/>
+		/// </returns>
+		/// <exception cref="GeneralSecurityException"></exception>
+		RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random);
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/RecipientInformation.cs b/bc-sharp-crypto/src/cms/RecipientInformation.cs
new file mode 100644
index 0000000..272b841
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/RecipientInformation.cs
@@ -0,0 +1,126 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Cms
+{
+    public abstract class RecipientInformation
+    {
+		internal RecipientID			rid = new RecipientID();
+		internal AlgorithmIdentifier	keyEncAlg;
+		internal CmsSecureReadable		secureReadable;
+		
+		private byte[] resultMac;
+
+		internal RecipientInformation(
+			AlgorithmIdentifier	keyEncAlg,
+			CmsSecureReadable	secureReadable)
+		{
+			this.keyEncAlg = keyEncAlg;
+			this.secureReadable = secureReadable;
+		}
+
+		internal string GetContentAlgorithmName()
+		{
+			AlgorithmIdentifier algorithm = secureReadable.Algorithm;
+//			return CmsEnvelopedHelper.Instance.GetSymmetricCipherName(algorithm.Algorithm.Id);
+			return algorithm.Algorithm.Id;
+		}
+
+		public RecipientID RecipientID
+        {
+			get { return rid; }
+        }
+
+		public AlgorithmIdentifier KeyEncryptionAlgorithmID
+		{
+			get { return keyEncAlg; }
+		}
+
+		/**
+        * return the object identifier for the key encryption algorithm.
+        * 
+		* @return OID for key encryption algorithm.
+        */
+        public string KeyEncryptionAlgOid
+        {
+            get { return keyEncAlg.Algorithm.Id; }
+        }
+
+		/**
+        * return the ASN.1 encoded key encryption algorithm parameters, or null if
+        * there aren't any.
+        * 
+		* @return ASN.1 encoding of key encryption algorithm parameters.
+        */
+		public Asn1Object KeyEncryptionAlgParams
+		{
+			get
+			{
+				Asn1Encodable ae = keyEncAlg.Parameters;
+
+				return ae == null ? null : ae.ToAsn1Object();
+			}
+		}
+
+		internal CmsTypedStream GetContentFromSessionKey(
+			KeyParameter sKey)
+		{
+			CmsReadable readable = secureReadable.GetReadable(sKey); 
+
+			try
+			{
+				return new CmsTypedStream(readable.GetInputStream());
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("error getting .", e);
+			}
+		}
+
+		public byte[] GetContent(
+            ICipherParameters key)
+        {
+            try
+            {
+				return CmsUtilities.StreamToByteArray(GetContentStream(key).ContentStream);
+            }
+            catch (IOException e)
+            {
+                throw new Exception("unable to parse internal stream: " + e);
+            }
+        }
+
+		/**
+		* Return the MAC calculated for the content stream. Note: this call is only meaningful once all
+		* the content has been read.
+		*
+		* @return  byte array containing the mac.
+		*/
+		public byte[] GetMac()
+		{
+			if (resultMac == null)
+			{
+				object cryptoObject = secureReadable.CryptoObject;
+				if (cryptoObject is IMac)
+				{
+					resultMac = MacUtilities.DoFinal((IMac)cryptoObject);
+				}
+			}
+
+			return Arrays.Clone(resultMac);
+		}
+		
+		public abstract CmsTypedStream GetContentStream(ICipherParameters key);
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/RecipientInformationStore.cs b/bc-sharp-crypto/src/cms/RecipientInformationStore.cs
new file mode 100644
index 0000000..33b472f
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/RecipientInformationStore.cs
@@ -0,0 +1,86 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+	public class RecipientInformationStore
+	{
+		private readonly IList all; //ArrayList[RecipientInformation]
+		private readonly IDictionary table = Platform.CreateHashtable(); // Hashtable[RecipientID, ArrayList[RecipientInformation]]
+
+		public RecipientInformationStore(
+			ICollection recipientInfos)
+		{
+			foreach (RecipientInformation recipientInformation in recipientInfos)
+			{
+				RecipientID rid = recipientInformation.RecipientID;
+                IList list = (IList)table[rid];
+
+				if (list == null)
+				{
+					table[rid] = list = Platform.CreateArrayList(1);
+				}
+
+				list.Add(recipientInformation);
+			}
+
+            this.all = Platform.CreateArrayList(recipientInfos);
+		}
+
+		public RecipientInformation this[RecipientID selector]
+		{
+			get { return GetFirstRecipient(selector); }
+		}
+
+		/**
+		* Return the first RecipientInformation object that matches the
+		* passed in selector. Null if there are no matches.
+		*
+		* @param selector to identify a recipient
+		* @return a single RecipientInformation object. Null if none matches.
+		*/
+		public RecipientInformation GetFirstRecipient(
+			RecipientID selector)
+		{
+			IList list = (IList) table[selector];
+
+			return list == null ? null : (RecipientInformation) list[0];
+		}
+
+		/**
+		* Return the number of recipients in the collection.
+		*
+		* @return number of recipients identified.
+		*/
+		public int Count
+		{
+			get { return all.Count; }
+		}
+
+		/**
+		* Return all recipients in the collection
+		*
+		* @return a collection of recipients.
+		*/
+		public ICollection GetRecipients()
+		{
+			return Platform.CreateArrayList(all);
+		}
+
+		/**
+		* Return possible empty collection with recipients matching the passed in RecipientID
+		*
+		* @param selector a recipient id to select against.
+		* @return a collection of RecipientInformation objects.
+		*/
+		public ICollection GetRecipients(
+			RecipientID selector)
+		{
+            IList list = (IList)table[selector];
+
+            return list == null ? Platform.CreateArrayList() : Platform.CreateArrayList(list);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/SigOutputStream.cs b/bc-sharp-crypto/src/cms/SigOutputStream.cs
new file mode 100644
index 0000000..a807fa7
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SigOutputStream.cs
@@ -0,0 +1,43 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities.IO;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Cms
+{
+	internal class SigOutputStream
+		: BaseOutputStream
+	{
+		private readonly ISigner sig;
+
+		internal SigOutputStream(ISigner sig)
+		{
+			this.sig = sig;
+		}
+
+		public override void WriteByte(byte b)
+		{
+			try
+			{
+				sig.Update(b);
+			}
+			catch (SignatureException e)
+			{
+				throw new CmsStreamException("signature problem: " + e);
+			}
+		}
+
+		public override void Write(byte[] b, int off, int len)
+		{
+			try
+			{
+				sig.BlockUpdate(b, off, len);
+			}
+			catch (SignatureException e)
+			{
+				throw new CmsStreamException("signature problem: " + e);
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/cms/SignerId.cs b/bc-sharp-crypto/src/cms/SignerId.cs
new file mode 100644
index 0000000..baac936
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SignerId.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Cms
+{
+    /**
+    * a basic index for a signer.
+    */
+    public class SignerID
+        : X509CertStoreSelector
+    {
+        public override int GetHashCode()
+        {
+            int code = Arrays.GetHashCode(this.SubjectKeyIdentifier);
+
+			BigInteger serialNumber = this.SerialNumber;
+			if (serialNumber != null)
+            {
+                code ^= serialNumber.GetHashCode();
+            }
+
+			X509Name issuer = this.Issuer;
+            if (issuer != null)
+            {
+                code ^= issuer.GetHashCode();
+            }
+
+			return code;
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return false;
+
+			SignerID id = obj as SignerID;
+
+			if (id == null)
+				return false;
+
+			return Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier)
+				&& Platform.Equals(SerialNumber, id.SerialNumber)
+				&& IssuersMatch(Issuer, id.Issuer);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/SignerInfoGenerator.cs b/bc-sharp-crypto/src/cms/SignerInfoGenerator.cs
new file mode 100644
index 0000000..7b9318c
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SignerInfoGenerator.cs
@@ -0,0 +1,166 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+    internal interface ISignerInfoGenerator
+    {
+        SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm,
+            byte[] calculatedDigest);
+    }
+
+    public class SignerInfoGenerator
+    {
+        internal X509Certificate certificate;
+        internal ISignatureFactory contentSigner;
+        internal SignerIdentifier sigId;
+        internal CmsAttributeTableGenerator signedGen;
+        internal CmsAttributeTableGenerator unsignedGen;
+        private bool isDirectSignature;
+
+        internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory signerFactory): this(sigId, signerFactory, false)
+        {
+
+        }
+
+        internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory signerFactory, bool isDirectSignature)
+        {
+            this.sigId = sigId;
+            this.contentSigner = signerFactory;
+            this.isDirectSignature = isDirectSignature;
+            if (this.isDirectSignature)
+            {
+                this.signedGen = null;
+                this.unsignedGen = null;
+            }
+            else
+            {
+                this.signedGen = new DefaultSignedAttributeTableGenerator();
+                this.unsignedGen = null;
+            }
+        }
+
+        internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory contentSigner, CmsAttributeTableGenerator signedGen, CmsAttributeTableGenerator unsignedGen)
+        {
+            this.sigId = sigId;
+            this.contentSigner = contentSigner;
+            this.signedGen = signedGen;
+            this.unsignedGen = unsignedGen;
+            this.isDirectSignature = false;
+        }
+
+        internal void setAssociatedCertificate(X509Certificate certificate)
+        {
+            this.certificate = certificate;
+        }
+    }
+
+    public class SignerInfoGeneratorBuilder
+    {
+        private bool directSignature;
+        private CmsAttributeTableGenerator signedGen;
+        private CmsAttributeTableGenerator unsignedGen;
+
+        public SignerInfoGeneratorBuilder()
+        {
+        }
+
+        /**
+         * If the passed in flag is true, the signer signature will be based on the data, not
+         * a collection of signed attributes, and no signed attributes will be included.
+         *
+         * @return the builder object
+         */
+        public SignerInfoGeneratorBuilder SetDirectSignature(bool hasNoSignedAttributes)
+        {
+            this.directSignature = hasNoSignedAttributes;
+
+            return this;
+        }
+
+        /**
+         *  Provide a custom signed attribute generator.
+         *
+         * @param signedGen a generator of signed attributes.
+         * @return the builder object
+         */
+        public SignerInfoGeneratorBuilder WithSignedAttributeGenerator(CmsAttributeTableGenerator signedGen)
+        {
+            this.signedGen = signedGen;
+
+            return this;
+        }
+
+        /**
+         * Provide a generator of unsigned attributes.
+         *
+         * @param unsignedGen  a generator for signed attributes.
+         * @return the builder object
+         */
+        public SignerInfoGeneratorBuilder WithUnsignedAttributeGenerator(CmsAttributeTableGenerator unsignedGen)
+        {
+            this.unsignedGen = unsignedGen;
+
+            return this;
+        }
+
+        /**
+         * Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier.
+         *
+         * @param contentSigner  operator for generating the final signature in the SignerInfo with.
+         * @param certHolder  carrier for the X.509 certificate related to the contentSigner.
+         * @return  a SignerInfoGenerator
+         * @throws OperatorCreationException   if the generator cannot be built.
+         */
+        public SignerInfoGenerator Build(ISignatureFactory contentSigner, X509Certificate certificate)
+        {
+            SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certificate.IssuerDN, new DerInteger(certificate.SerialNumber)));
+
+            SignerInfoGenerator sigInfoGen = CreateGenerator(contentSigner, sigId);
+
+            sigInfoGen.setAssociatedCertificate(certificate);
+
+            return sigInfoGen;
+        }
+
+        /**
+         * Build a generator with the passed in subjectKeyIdentifier as the signerIdentifier. If used  you should
+         * try to follow the calculation described in RFC 5280 section 4.2.1.2.
+         *
+         * @param signerFactory  operator factory for generating the final signature in the SignerInfo with.
+         * @param subjectKeyIdentifier    key identifier to identify the public key for verifying the signature.
+         * @return  a SignerInfoGenerator
+         */
+        public SignerInfoGenerator Build(ISignatureFactory signerFactory, byte[] subjectKeyIdentifier)
+        {
+            SignerIdentifier sigId = new SignerIdentifier(new DerOctetString(subjectKeyIdentifier));
+
+            return CreateGenerator(signerFactory, sigId);
+        }
+
+        private SignerInfoGenerator CreateGenerator(ISignatureFactory contentSigner, SignerIdentifier sigId)
+        {
+            if (directSignature)
+            {
+                return new SignerInfoGenerator(sigId, contentSigner, true);
+            }
+
+            if (signedGen != null || unsignedGen != null)
+            {
+                if (signedGen == null)
+                {
+                    signedGen = new DefaultSignedAttributeTableGenerator();
+                }
+
+                return new SignerInfoGenerator(sigId, contentSigner, signedGen, unsignedGen);
+            }
+
+            return new SignerInfoGenerator(sigId, contentSigner);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/SignerInformation.cs b/bc-sharp-crypto/src/cms/SignerInformation.cs
new file mode 100644
index 0000000..dad1282
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SignerInformation.cs
@@ -0,0 +1,761 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	* an expanded SignerInfo block from a CMS Signed message
+	*/
+	public class SignerInformation
+	{
+		private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance;
+
+		private SignerID			sid;
+		private SignerInfo			info;
+		private AlgorithmIdentifier	digestAlgorithm;
+		private AlgorithmIdentifier	encryptionAlgorithm;
+		private readonly Asn1Set	signedAttributeSet;
+		private readonly Asn1Set	unsignedAttributeSet;
+		private CmsProcessable		content;
+		private byte[]				signature;
+		private DerObjectIdentifier	contentType;
+		private IDigestCalculator	digestCalculator;
+		private byte[]				resultDigest;
+
+		// Derived
+		private Asn1.Cms.AttributeTable	signedAttributeTable;
+		private Asn1.Cms.AttributeTable	unsignedAttributeTable;
+		private readonly bool isCounterSignature;
+
+		internal SignerInformation(
+			SignerInfo			info,
+			DerObjectIdentifier	contentType,
+			CmsProcessable		content,
+			IDigestCalculator	digestCalculator)
+		{
+			this.info = info;
+			this.sid = new SignerID();
+			this.contentType = contentType;
+			this.isCounterSignature = contentType == null;
+
+			try
+			{
+				SignerIdentifier s = info.SignerID;
+
+				if (s.IsTagged)
+				{
+					Asn1OctetString octs = Asn1OctetString.GetInstance(s.ID);
+
+					sid.SubjectKeyIdentifier = octs.GetEncoded();
+				}
+				else
+				{
+					Asn1.Cms.IssuerAndSerialNumber iAnds =
+						Asn1.Cms.IssuerAndSerialNumber.GetInstance(s.ID);
+
+					sid.Issuer = iAnds.Name;
+					sid.SerialNumber = iAnds.SerialNumber.Value;
+				}
+			}
+			catch (IOException)
+			{
+				throw new ArgumentException("invalid sid in SignerInfo");
+			}
+
+			this.digestAlgorithm = info.DigestAlgorithm;
+			this.signedAttributeSet = info.AuthenticatedAttributes;
+			this.unsignedAttributeSet = info.UnauthenticatedAttributes;
+			this.encryptionAlgorithm = info.DigestEncryptionAlgorithm;
+			this.signature = info.EncryptedDigest.GetOctets();
+
+			this.content = content;
+			this.digestCalculator = digestCalculator;
+		}
+
+		public bool IsCounterSignature
+		{
+			get { return isCounterSignature; }
+		}
+
+		public DerObjectIdentifier ContentType
+		{
+			get { return contentType; }
+		}
+
+		public SignerID SignerID
+		{
+			get { return sid; }
+		}
+
+		/**
+		* return the version number for this objects underlying SignerInfo structure.
+		*/
+		public int Version
+		{
+			get { return info.Version.Value.IntValue; }
+		}
+
+		public AlgorithmIdentifier DigestAlgorithmID
+		{
+			get { return digestAlgorithm; }
+		}
+
+		/**
+		* return the object identifier for the signature.
+		*/
+		public string DigestAlgOid
+		{
+            get { return digestAlgorithm.Algorithm.Id; }
+		}
+
+		/**
+		* return the signature parameters, or null if there aren't any.
+		*/
+		public Asn1Object DigestAlgParams
+		{
+			get
+			{
+				Asn1Encodable ae = digestAlgorithm.Parameters;
+
+				return ae == null ? null : ae.ToAsn1Object();
+			}
+		}
+
+		/**
+		 * return the content digest that was calculated during verification.
+		 */
+		public byte[] GetContentDigest()
+		{
+			if (resultDigest == null)
+			{
+				throw new InvalidOperationException("method can only be called after verify.");
+			}
+
+			return (byte[])resultDigest.Clone();
+		}
+
+		public AlgorithmIdentifier EncryptionAlgorithmID
+		{
+			get { return encryptionAlgorithm; }
+		}
+
+		/**
+		* return the object identifier for the signature.
+		*/
+		public string EncryptionAlgOid
+		{
+            get { return encryptionAlgorithm.Algorithm.Id; }
+		}
+
+		/**
+		* return the signature/encryption algorithm parameters, or null if
+		* there aren't any.
+		*/
+		public Asn1Object EncryptionAlgParams
+		{
+			get
+			{
+				Asn1Encodable ae = encryptionAlgorithm.Parameters;
+
+				return ae == null ? null : ae.ToAsn1Object();
+			}
+		}
+
+		/**
+		* return a table of the signed attributes - indexed by
+		* the OID of the attribute.
+		*/
+		public Asn1.Cms.AttributeTable SignedAttributes
+		{
+			get
+			{
+				if (signedAttributeSet != null && signedAttributeTable == null)
+				{
+					signedAttributeTable = new Asn1.Cms.AttributeTable(signedAttributeSet);
+				}
+				return signedAttributeTable;
+			}
+		}
+
+		/**
+		* return a table of the unsigned attributes indexed by
+		* the OID of the attribute.
+		*/
+		public Asn1.Cms.AttributeTable UnsignedAttributes
+		{
+			get
+			{
+				if (unsignedAttributeSet != null && unsignedAttributeTable == null)
+				{
+					unsignedAttributeTable = new Asn1.Cms.AttributeTable(unsignedAttributeSet);
+				}
+				return unsignedAttributeTable;
+			}
+		}
+
+		/**
+		* return the encoded signature
+		*/
+		public byte[] GetSignature()
+		{
+			return (byte[]) signature.Clone();
+		}
+
+		/**
+		* Return a SignerInformationStore containing the counter signatures attached to this
+		* signer. If no counter signatures are present an empty store is returned.
+		*/
+		public SignerInformationStore GetCounterSignatures()
+		{
+			// TODO There are several checks implied by the RFC3852 comments that are missing
+
+			/*
+			The countersignature attribute MUST be an unsigned attribute; it MUST
+			NOT be a signed attribute, an authenticated attribute, an
+			unauthenticated attribute, or an unprotected attribute.
+			*/
+			Asn1.Cms.AttributeTable unsignedAttributeTable = UnsignedAttributes;
+			if (unsignedAttributeTable == null)
+			{
+                return new SignerInformationStore(Platform.CreateArrayList(0));
+			}
+
+            IList counterSignatures = Platform.CreateArrayList();
+
+			/*
+			The UnsignedAttributes syntax is defined as a SET OF Attributes.  The
+			UnsignedAttributes in a signerInfo may include multiple instances of
+			the countersignature attribute.
+			*/
+			Asn1EncodableVector allCSAttrs = unsignedAttributeTable.GetAll(CmsAttributes.CounterSignature);
+
+			foreach (Asn1.Cms.Attribute counterSignatureAttribute in allCSAttrs)
+			{
+				/*
+				A countersignature attribute can have multiple attribute values.  The
+				syntax is defined as a SET OF AttributeValue, and there MUST be one
+				or more instances of AttributeValue present.
+				*/
+				Asn1Set values = counterSignatureAttribute.AttrValues;
+				if (values.Count < 1)
+				{
+					// TODO Throw an appropriate exception?
+				}
+
+				foreach (Asn1Encodable asn1Obj in values)
+				{
+					/*
+					Countersignature values have the same meaning as SignerInfo values
+					for ordinary signatures, except that:
+
+					   1. The signedAttributes field MUST NOT contain a content-type
+					      attribute; there is no content type for countersignatures.
+
+					   2. The signedAttributes field MUST contain a message-digest
+					      attribute if it contains any other attributes.
+
+					   3. The input to the message-digesting process is the contents
+					      octets of the DER encoding of the signatureValue field of the
+					      SignerInfo value with which the attribute is associated.
+					*/
+					SignerInfo si = SignerInfo.GetInstance(asn1Obj.ToAsn1Object());
+
+                    string digestName = CmsSignedHelper.Instance.GetDigestAlgName(si.DigestAlgorithm.Algorithm.Id);
+
+					counterSignatures.Add(new SignerInformation(si, null, null, new CounterSignatureDigestCalculator(digestName, GetSignature())));
+				}
+			}
+
+			return new SignerInformationStore(counterSignatures);
+		}
+
+		/**
+		* return the DER encoding of the signed attributes.
+		* @throws IOException if an encoding error occurs.
+		*/
+		public byte[] GetEncodedSignedAttributes()
+		{
+			return signedAttributeSet == null
+				?	null
+				:	signedAttributeSet.GetEncoded(Asn1Encodable.Der);
+		}
+
+		private bool DoVerify(
+			AsymmetricKeyParameter	key)
+		{
+			string digestName = Helper.GetDigestAlgName(this.DigestAlgOid);
+			IDigest digest = Helper.GetDigestInstance(digestName);
+
+            DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.Algorithm;
+			Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters;
+			ISigner sig;
+
+			if (sigAlgOid.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdRsassaPss))
+			{
+				// RFC 4056 2.2
+				// When the id-RSASSA-PSS algorithm identifier is used for a signature,
+				// the AlgorithmIdentifier parameters field MUST contain RSASSA-PSS-params.
+				if (sigParams == null)
+					throw new CmsException("RSASSA-PSS signature must specify algorithm parameters");
+
+				try
+				{
+					// TODO Provide abstract configuration mechanism
+					// (via alternate SignerUtilities.GetSigner method taking ASN.1 params)
+
+					Asn1.Pkcs.RsassaPssParameters pss = Asn1.Pkcs.RsassaPssParameters.GetInstance(
+						sigParams.ToAsn1Object());
+
+                    if (!pss.HashAlgorithm.Algorithm.Equals(this.digestAlgorithm.Algorithm))
+						throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm");
+                    if (!pss.MaskGenAlgorithm.Algorithm.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1))
+						throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF");
+
+                    IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.Algorithm);
+					int saltLength = pss.SaltLength.Value.IntValue;
+					byte trailerField = (byte) pss.TrailerField.Value.IntValue;
+
+					// RFC 4055 3.1
+					// The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC
+					if (trailerField != 1)
+						throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1");
+
+					sig = new PssSigner(new RsaBlindedEngine(), pssDigest, saltLength);
+				}
+				catch (Exception e)
+				{
+					throw new CmsException("failed to set RSASSA-PSS signature parameters", e);
+				}
+			}
+			else
+			{
+				// TODO Probably too strong a check at the moment
+//				if (sigParams != null)
+//					throw new CmsException("unrecognised signature parameters provided");
+
+                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid);
+
+                sig = Helper.GetSignatureInstance(signatureName);
+
+                //sig = Helper.GetSignatureInstance(this.EncryptionAlgOid);
+                //sig = SignerUtilities.GetSigner(sigAlgOid);
+			}
+
+			try
+			{
+				if (digestCalculator != null)
+				{
+					resultDigest = digestCalculator.GetDigest();
+				}
+				else
+				{
+					if (content != null)
+					{
+						content.Write(new DigOutputStream(digest));
+					}
+					else if (signedAttributeSet == null)
+					{
+						// TODO Get rid of this exception and just treat content==null as empty not missing?
+						throw new CmsException("data not encapsulated in signature - use detached constructor.");
+					}
+
+					resultDigest = DigestUtilities.DoFinal(digest);
+				}
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("can't process mime object to create signature.", e);
+			}
+
+			// RFC 3852 11.1 Check the content-type attribute is correct
+			{
+				Asn1Object validContentType = GetSingleValuedSignedAttribute(
+					CmsAttributes.ContentType, "content-type");
+				if (validContentType == null)
+				{
+					if (!isCounterSignature && signedAttributeSet != null)
+						throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
+				}
+				else
+				{
+					if (isCounterSignature)
+						throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
+
+					if (!(validContentType is DerObjectIdentifier))
+						throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
+
+					DerObjectIdentifier signedContentType = (DerObjectIdentifier)validContentType;
+
+					if (!signedContentType.Equals(contentType))
+						throw new CmsException("content-type attribute value does not match eContentType");
+				}
+			}
+
+			// RFC 3852 11.2 Check the message-digest attribute is correct
+			{
+				Asn1Object validMessageDigest = GetSingleValuedSignedAttribute(
+					CmsAttributes.MessageDigest, "message-digest");
+				if (validMessageDigest == null)
+				{
+				    if (signedAttributeSet != null)
+						throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
+				}
+				else
+				{
+					if (!(validMessageDigest is Asn1OctetString))
+					{
+						throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
+					}
+
+					Asn1OctetString signedMessageDigest = (Asn1OctetString)validMessageDigest;
+
+					if (!Arrays.AreEqual(resultDigest, signedMessageDigest.GetOctets()))
+						throw new CmsException("message-digest attribute value does not match calculated value");
+				}
+			}
+
+			// RFC 3852 11.4 Validate countersignature attribute(s)
+			{
+            	Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes;
+            	if (signedAttrTable != null
+                	&& signedAttrTable.GetAll(CmsAttributes.CounterSignature).Count > 0)
+            	{
+                	throw new CmsException("A countersignature attribute MUST NOT be a signed attribute");
+            	}
+
+            	Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes;
+            	if (unsignedAttrTable != null)
+            	{
+					foreach (Asn1.Cms.Attribute csAttr in unsignedAttrTable.GetAll(CmsAttributes.CounterSignature))
+	                {
+                    	if (csAttr.AttrValues.Count < 1)
+	                        throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue");
+
+						// Note: We don't recursively validate the countersignature value
+    	            }
+	            }
+			}
+
+			try
+			{
+				sig.Init(false, key);
+
+				if (signedAttributeSet == null)
+				{
+					if (digestCalculator != null)
+					{
+						// need to decrypt signature and check message bytes
+						return VerifyDigest(resultDigest, key, this.GetSignature());
+					}
+					else if (content != null)
+					{
+						// TODO Use raw signature of the hash value instead
+						content.Write(new SigOutputStream(sig));
+					}
+				}
+				else
+				{
+					byte[] tmp = this.GetEncodedSignedAttributes();
+					sig.BlockUpdate(tmp, 0, tmp.Length);
+				}
+
+				return sig.VerifySignature(this.GetSignature());
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new CmsException("key not appropriate to signature in message.", e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("can't process mime object to create signature.", e);
+			}
+			catch (SignatureException e)
+			{
+				throw new CmsException("invalid signature format in message: " + e.Message, e);
+			}
+		}
+
+		private bool IsNull(
+			Asn1Encodable o)
+		{
+			return (o is Asn1Null) || (o == null);
+		}
+
+		private DigestInfo DerDecode(
+			byte[] encoding)
+		{
+			if (encoding[0] != (int)(Asn1Tags.Constructed | Asn1Tags.Sequence))
+			{
+				throw new IOException("not a digest info object");
+			}
+
+			DigestInfo digInfo = DigestInfo.GetInstance(Asn1Object.FromByteArray(encoding));
+
+			// length check to avoid Bleichenbacher vulnerability
+
+			if (digInfo.GetEncoded().Length != encoding.Length)
+			{
+				throw new CmsException("malformed RSA signature");
+			}
+
+			return digInfo;
+		}
+
+		private bool VerifyDigest(
+			byte[]					digest,
+			AsymmetricKeyParameter	key,
+			byte[]					signature)
+		{
+			string algorithm = Helper.GetEncryptionAlgName(this.EncryptionAlgOid);
+
+			try
+			{
+				if (algorithm.Equals("RSA"))
+				{
+					IBufferedCipher c = CmsEnvelopedHelper.Instance.CreateAsymmetricCipher("RSA/ECB/PKCS1Padding");
+
+					c.Init(false, key);
+
+					byte[] decrypt = c.DoFinal(signature);
+
+					DigestInfo digInfo = DerDecode(decrypt);
+
+                    if (!digInfo.AlgorithmID.Algorithm.Equals(digestAlgorithm.Algorithm))
+					{
+						return false;
+					}
+
+					if (!IsNull(digInfo.AlgorithmID.Parameters))
+					{
+						return false;
+					}
+
+					byte[] sigHash = digInfo.GetDigest();
+
+					return Arrays.ConstantTimeAreEqual(digest, sigHash);
+				}
+				else if (algorithm.Equals("DSA"))
+				{
+					ISigner sig = SignerUtilities.GetSigner("NONEwithDSA");
+
+					sig.Init(false, key);
+
+					sig.BlockUpdate(digest, 0, digest.Length);
+
+					return sig.VerifySignature(signature);
+				}
+				else
+				{
+					throw new CmsException("algorithm: " + algorithm + " not supported in base signatures.");
+				}
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw e;
+			}
+			catch (GeneralSecurityException e)
+			{
+				throw new CmsException("Exception processing signature: " + e, e);
+			}
+			catch (IOException e)
+			{
+				throw new CmsException("Exception decoding signature: " + e, e);
+			}
+		}
+
+		/**
+		* verify that the given public key successfully handles and confirms the
+		* signature associated with this signer.
+		*/
+		public bool Verify(
+			AsymmetricKeyParameter pubKey)
+		{
+			if (pubKey.IsPrivate)
+				throw new ArgumentException("Expected public key", "pubKey");
+
+			// Optional, but still need to validate if present
+			GetSigningTime();
+
+			return DoVerify(pubKey);
+		}
+
+		/**
+		* verify that the given certificate successfully handles and confirms
+		* the signature associated with this signer and, if a signingTime
+		* attribute is available, that the certificate was valid at the time the
+		* signature was generated.
+		*/
+		public bool Verify(
+			X509Certificate cert)
+		{
+			Asn1.Cms.Time signingTime = GetSigningTime();
+			if (signingTime != null)
+			{
+				cert.CheckValidity(signingTime.Date);
+			}
+
+			return DoVerify(cert.GetPublicKey());
+		}
+
+		/**
+		* Return the base ASN.1 CMS structure that this object contains.
+		*
+		* @return an object containing a CMS SignerInfo structure.
+		*/
+		public SignerInfo ToSignerInfo()
+		{
+			return info;
+		}
+
+		private Asn1Object GetSingleValuedSignedAttribute(
+			DerObjectIdentifier attrOID, string printableName)
+		{
+
+			Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes;
+			if (unsignedAttrTable != null
+				&& unsignedAttrTable.GetAll(attrOID).Count > 0)
+			{
+				throw new CmsException("The " + printableName
+					+ " attribute MUST NOT be an unsigned attribute");
+			}
+
+			Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes;
+			if (signedAttrTable == null)
+			{
+				return null;
+			}
+
+			Asn1EncodableVector v = signedAttrTable.GetAll(attrOID);
+			switch (v.Count)
+			{
+				case 0:
+					return null;
+				case 1:
+					Asn1.Cms.Attribute t = (Asn1.Cms.Attribute) v[0];
+					Asn1Set attrValues = t.AttrValues;
+
+					if (attrValues.Count != 1)
+						throw new CmsException("A " + printableName
+							+ " attribute MUST have a single attribute value");
+
+					return attrValues[0].ToAsn1Object();
+				default:
+					throw new CmsException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the "
+						+ printableName + " attribute");
+			}
+		}
+
+		private Asn1.Cms.Time GetSigningTime()
+		{
+			Asn1Object validSigningTime = GetSingleValuedSignedAttribute(
+				CmsAttributes.SigningTime, "signing-time");
+
+			if (validSigningTime == null)
+				return null;
+
+			try
+			{
+				return Asn1.Cms.Time.GetInstance(validSigningTime);
+			}
+			catch (ArgumentException)
+			{
+				throw new CmsException("signing-time attribute value not a valid 'Time' structure");
+			}
+		}
+
+		/**
+		* Return a signer information object with the passed in unsigned
+		* attributes replacing the ones that are current associated with
+		* the object passed in.
+		*
+		* @param signerInformation the signerInfo to be used as the basis.
+		* @param unsignedAttributes the unsigned attributes to add.
+		* @return a copy of the original SignerInformationObject with the changed attributes.
+		*/
+		public static SignerInformation ReplaceUnsignedAttributes(
+			SignerInformation		signerInformation,
+			Asn1.Cms.AttributeTable	unsignedAttributes)
+		{
+			SignerInfo sInfo = signerInformation.info;
+			Asn1Set unsignedAttr = null;
+
+			if (unsignedAttributes != null)
+			{
+				unsignedAttr = new DerSet(unsignedAttributes.ToAsn1EncodableVector());
+			}
+
+			return new SignerInformation(
+				new SignerInfo(
+					sInfo.SignerID,
+					sInfo.DigestAlgorithm,
+					sInfo.AuthenticatedAttributes,
+					sInfo.DigestEncryptionAlgorithm,
+					sInfo.EncryptedDigest,
+					unsignedAttr),
+				signerInformation.contentType,
+				signerInformation.content,
+				null);
+		}
+
+		/**
+		 * Return a signer information object with passed in SignerInformationStore representing counter
+		 * signatures attached as an unsigned attribute.
+		 *
+		 * @param signerInformation the signerInfo to be used as the basis.
+		 * @param counterSigners signer info objects carrying counter signature.
+		 * @return a copy of the original SignerInformationObject with the changed attributes.
+		 */
+		public static SignerInformation AddCounterSigners(
+			SignerInformation		signerInformation,
+			SignerInformationStore	counterSigners)
+		{
+			// TODO Perform checks from RFC 3852 11.4
+
+			SignerInfo sInfo = signerInformation.info;
+			Asn1.Cms.AttributeTable unsignedAttr = signerInformation.UnsignedAttributes;
+			Asn1EncodableVector v;
+
+			if (unsignedAttr != null)
+			{
+				v = unsignedAttr.ToAsn1EncodableVector();
+			}
+			else
+			{
+				v = new Asn1EncodableVector();
+			}
+
+			Asn1EncodableVector sigs = new Asn1EncodableVector();
+
+			foreach (SignerInformation sigInf in counterSigners.GetSigners())
+			{
+				sigs.Add(sigInf.ToSignerInfo());
+			}
+
+			v.Add(new Asn1.Cms.Attribute(CmsAttributes.CounterSignature, new DerSet(sigs)));
+
+			return new SignerInformation(
+				new SignerInfo(
+					sInfo.SignerID,
+					sInfo.DigestAlgorithm,
+					sInfo.AuthenticatedAttributes,
+					sInfo.DigestEncryptionAlgorithm,
+					sInfo.EncryptedDigest,
+					new DerSet(v)),
+				signerInformation.contentType,
+				signerInformation.content,
+				null);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/cms/SignerInformationStore.cs b/bc-sharp-crypto/src/cms/SignerInformationStore.cs
new file mode 100644
index 0000000..2794086
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SignerInformationStore.cs
@@ -0,0 +1,95 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Cms
+{
+    public class SignerInformationStore
+    {
+        private readonly IList all; //ArrayList[SignerInformation]
+        private readonly IDictionary table = Platform.CreateHashtable(); // Hashtable[SignerID, ArrayList[SignerInformation]]
+
+        /**
+         * Create a store containing a single SignerInformation object.
+         *
+         * @param signerInfo the signer information to contain.
+         */
+        public SignerInformationStore(
+            SignerInformation signerInfo)
+        {
+            this.all = Platform.CreateArrayList(1);
+            this.all.Add(signerInfo);
+
+            SignerID sid = signerInfo.SignerID;
+
+            table[sid] = all;
+        }
+
+        /**
+         * Create a store containing a collection of SignerInformation objects.
+         *
+         * @param signerInfos a collection signer information objects to contain.
+         */
+        public SignerInformationStore(
+            ICollection signerInfos)
+        {
+            foreach (SignerInformation signer in signerInfos)
+            {
+                SignerID sid = signer.SignerID;
+                IList list = (IList)table[sid];
+
+                if (list == null)
+                {
+                    table[sid] = list = Platform.CreateArrayList(1);
+                }
+
+                list.Add(signer);
+            }
+
+            this.all = Platform.CreateArrayList(signerInfos);
+        }
+
+        /**
+        * Return the first SignerInformation object that matches the
+        * passed in selector. Null if there are no matches.
+        *
+        * @param selector to identify a signer
+        * @return a single SignerInformation object. Null if none matches.
+        */
+        public SignerInformation GetFirstSigner(
+            SignerID selector)
+        {
+            IList list = (IList) table[selector];
+
+            return list == null ? null : (SignerInformation) list[0];
+        }
+
+        /// <summary>The number of signers in the collection.</summary>
+        public int Count
+        {
+            get { return all.Count; }
+        }
+
+        /// <returns>An ICollection of all signers in the collection</returns>
+        public ICollection GetSigners()
+        {
+            return Platform.CreateArrayList(all);
+        }
+
+        /**
+        * Return possible empty collection with signers matching the passed in SignerID
+        *
+        * @param selector a signer id to select against.
+        * @return a collection of SignerInformation objects.
+        */
+        public ICollection GetSigners(
+            SignerID selector)
+        {
+            IList list = (IList) table[selector];
+
+            return list == null ? Platform.CreateArrayList() : Platform.CreateArrayList(list);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/cms/SimpleAttributeTableGenerator.cs b/bc-sharp-crypto/src/cms/SimpleAttributeTableGenerator.cs
new file mode 100644
index 0000000..b3df21c
--- /dev/null
+++ b/bc-sharp-crypto/src/cms/SimpleAttributeTableGenerator.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.Cms;
+
+namespace Org.BouncyCastle.Cms
+{
+	/**
+	 * Basic generator that just returns a preconstructed attribute table
+	 */
+	public class SimpleAttributeTableGenerator
+		: CmsAttributeTableGenerator
+	{
+		private readonly AttributeTable attributes;
+
+		public SimpleAttributeTableGenerator(
+			AttributeTable attributes)
+		{
+			this.attributes = attributes;
+		}
+
+		public virtual AttributeTable GetAttributes(
+			IDictionary parameters)
+		{
+			return attributes;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/AsymmetricCipherKeyPair.cs b/bc-sharp-crypto/src/crypto/AsymmetricCipherKeyPair.cs
new file mode 100644
index 0000000..b00a3dc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/AsymmetricCipherKeyPair.cs
@@ -0,0 +1,52 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * a holding class for public/private parameter pairs.
+     */
+    public class AsymmetricCipherKeyPair
+    {
+        private readonly AsymmetricKeyParameter publicParameter;
+        private readonly AsymmetricKeyParameter privateParameter;
+
+		/**
+         * basic constructor.
+         *
+         * @param publicParam a public key parameters object.
+         * @param privateParam the corresponding private key parameters.
+         */
+        public AsymmetricCipherKeyPair(
+            AsymmetricKeyParameter    publicParameter,
+            AsymmetricKeyParameter    privateParameter)
+        {
+			if (publicParameter.IsPrivate)
+				throw new ArgumentException("Expected a public key", "publicParameter");
+			if (!privateParameter.IsPrivate)
+				throw new ArgumentException("Expected a private key", "privateParameter");
+
+			this.publicParameter = publicParameter;
+            this.privateParameter = privateParameter;
+        }
+
+		/**
+         * return the public key parameters.
+         *
+         * @return the public key parameters.
+         */
+        public AsymmetricKeyParameter Public
+        {
+            get { return publicParameter; }
+        }
+
+		/**
+         * return the private key parameters.
+         *
+         * @return the private key parameters.
+         */
+        public AsymmetricKeyParameter Private
+        {
+            get { return privateParameter; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/AsymmetricKeyParameter.cs b/bc-sharp-crypto/src/crypto/AsymmetricKeyParameter.cs
new file mode 100644
index 0000000..7502ee3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/AsymmetricKeyParameter.cs
@@ -0,0 +1,47 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto
+{
+    public abstract class AsymmetricKeyParameter
+		: ICipherParameters
+    {
+        private readonly bool privateKey;
+
+        protected AsymmetricKeyParameter(
+            bool privateKey)
+        {
+            this.privateKey = privateKey;
+        }
+
+		public bool IsPrivate
+        {
+            get { return privateKey; }
+        }
+
+		public override bool Equals(
+			object obj)
+		{
+			AsymmetricKeyParameter other = obj as AsymmetricKeyParameter;
+
+			if (other == null)
+			{
+				return false;
+			}
+
+			return Equals(other);
+		}
+
+		protected bool Equals(
+			AsymmetricKeyParameter other)
+		{
+			return privateKey == other.privateKey;
+		}
+
+		public override int GetHashCode()
+		{
+			return privateKey.GetHashCode();
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedAeadBlockCipher.cs b/bc-sharp-crypto/src/crypto/BufferedAeadBlockCipher.cs
new file mode 100644
index 0000000..7ba4109
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedAeadBlockCipher.cs
@@ -0,0 +1,247 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/**
+	* The AEAD block ciphers already handle buffering internally, so this class
+	* just takes care of implementing IBufferedCipher methods.
+	*/
+	public class BufferedAeadBlockCipher
+		: BufferedCipherBase
+	{
+		private readonly IAeadBlockCipher cipher;
+
+		public BufferedAeadBlockCipher(
+			IAeadBlockCipher cipher)
+		{
+			if (cipher == null)
+				throw new ArgumentNullException("cipher");
+
+			this.cipher = cipher;
+		}
+
+		public override string AlgorithmName
+		{
+			get { return cipher.AlgorithmName; }
+		}
+
+		/**
+		* initialise the cipher.
+		*
+		* @param forEncryption if true the cipher is initialised for
+		*  encryption, if false for decryption.
+		* @param param the key and other data required by the cipher.
+		* @exception ArgumentException if the parameters argument is
+		* inappropriate.
+		*/
+		public override void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithRandom)
+			{
+				parameters = ((ParametersWithRandom) parameters).Parameters;
+			}
+
+			cipher.Init(forEncryption, parameters);
+		}
+
+		/**
+		* return the blocksize for the underlying cipher.
+		*
+		* @return the blocksize for the underlying cipher.
+		*/
+		public override int GetBlockSize()
+		{
+			return cipher.GetBlockSize();
+		}
+
+		/**
+		* return the size of the output buffer required for an update
+		* an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update
+		* with len bytes of input.
+		*/
+		public override int GetUpdateOutputSize(
+			int length)
+		{
+			return cipher.GetUpdateOutputSize(length);
+		}
+
+		/**
+		* return the size of the output buffer required for an update plus a
+		* doFinal with an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update and doFinal
+		* with len bytes of input.
+		*/
+		public override int GetOutputSize(
+			int length)
+		{
+			return cipher.GetOutputSize(length);
+		}
+
+		/**
+		* process a single byte, producing an output block if necessary.
+		*
+		* @param in the input byte.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessByte(
+			byte	input,
+			byte[]	output,
+			int		outOff)
+		{
+			return cipher.ProcessByte(input, output, outOff);
+		}
+
+		public override byte[] ProcessByte(
+			byte input)
+		{
+			int outLength = GetUpdateOutputSize(1);
+
+			byte[] outBytes = outLength > 0 ? new byte[outLength] : null;
+
+			int pos = ProcessByte(input, outBytes, 0);
+
+			if (outLength > 0 && pos < outLength)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+			return outBytes;
+		}
+
+		public override byte[] ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (input == null)
+				throw new ArgumentNullException("input");
+			if (length < 1)
+				return null;
+
+			int outLength = GetUpdateOutputSize(length);
+
+			byte[] outBytes = outLength > 0 ? new byte[outLength] : null;
+
+			int pos = ProcessBytes(input, inOff, length, outBytes, 0);
+
+			if (outLength > 0 && pos < outLength)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+			return outBytes;
+		}
+
+		/**
+		* process an array of bytes, producing output if necessary.
+		*
+		* @param in the input byte array.
+		* @param inOff the offset at which the input data starts.
+		* @param len the number of bytes to be copied out of the input array.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			return cipher.ProcessBytes(input, inOff, length, output, outOff);
+		}
+
+		public override byte[] DoFinal()
+		{
+            byte[] outBytes = new byte[GetOutputSize(0)];
+
+            int pos = DoFinal(outBytes, 0);
+
+            if (pos < outBytes.Length)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+            return outBytes;
+		}
+
+		public override byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		inLen)
+		{
+			if (input == null)
+				throw new ArgumentNullException("input");
+
+            byte[] outBytes = new byte[GetOutputSize(inLen)];
+
+            int pos = (inLen > 0)
+				?	ProcessBytes(input, inOff, inLen, outBytes, 0)
+				:	0;
+
+			pos += DoFinal(outBytes, pos);
+
+            if (pos < outBytes.Length)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+            return outBytes;
+		}
+
+		/**
+		* Process the last block in the buffer.
+		*
+		* @param out the array the block currently being held is copied into.
+		* @param outOff the offset at which the copying starts.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there is insufficient space in out for
+		* the output, or the input is not block size aligned and should be.
+		* @exception InvalidOperationException if the underlying cipher is not
+		* initialised.
+		* @exception InvalidCipherTextException if padding is expected and not found.
+		* @exception DataLengthException if the input is not block size
+		* aligned.
+		*/
+		public override int DoFinal(
+			byte[]	output,
+			int		outOff)
+		{
+			return cipher.DoFinal(output, outOff);
+		}
+
+		/**
+		* Reset the buffer and cipher. After resetting the object is in the same
+		* state as it was after the last init (if there was one).
+		*/
+		public override void Reset()
+		{
+			cipher.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedAsymmetricBlockCipher.cs b/bc-sharp-crypto/src/crypto/BufferedAsymmetricBlockCipher.cs
new file mode 100644
index 0000000..09ec59f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedAsymmetricBlockCipher.cs
@@ -0,0 +1,152 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Engines;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+    * a buffer wrapper for an asymmetric block cipher, allowing input
+    * to be accumulated in a piecemeal fashion until final processing.
+    */
+    public class BufferedAsymmetricBlockCipher
+		: BufferedCipherBase
+    {
+		private readonly IAsymmetricBlockCipher cipher;
+
+		private byte[] buffer;
+		private int bufOff;
+
+		/**
+        * base constructor.
+        *
+        * @param cipher the cipher this buffering object wraps.
+        */
+        public BufferedAsymmetricBlockCipher(
+            IAsymmetricBlockCipher cipher)
+        {
+            this.cipher = cipher;
+		}
+
+		/**
+        * return the amount of data sitting in the buffer.
+        *
+        * @return the amount of data sitting in the buffer.
+        */
+        internal int GetBufferPosition()
+        {
+            return bufOff;
+        }
+
+		public override string AlgorithmName
+        {
+            get { return cipher.AlgorithmName; }
+        }
+
+		public override int GetBlockSize()
+        {
+			return cipher.GetInputBlockSize();
+        }
+
+		public override int GetOutputSize(
+			int length)
+		{
+			return cipher.GetOutputBlockSize();
+		}
+
+		public override int GetUpdateOutputSize(
+			int length)
+		{
+			return 0;
+		}
+
+		/**
+        * initialise the buffer and the underlying cipher.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param param the key and other data required by the cipher.
+        */
+        public override void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+			Reset();
+
+			cipher.Init(forEncryption, parameters);
+
+			//
+			// we allow for an extra byte where people are using their own padding
+			// mechanisms on a raw cipher.
+			//
+			this.buffer = new byte[cipher.GetInputBlockSize() + (forEncryption ? 1 : 0)];
+			this.bufOff = 0;
+        }
+
+		public override byte[] ProcessByte(
+			byte input)
+		{
+			if (bufOff >= buffer.Length)
+				throw new DataLengthException("attempt to process message to long for cipher");
+
+			buffer[bufOff++] = input;
+			return null;
+		}
+
+		public override byte[] ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (length < 1)
+				return null;
+
+			if (input == null)
+				throw new ArgumentNullException("input");
+			if (bufOff + length > buffer.Length)
+				throw new DataLengthException("attempt to process message to long for cipher");
+
+			Array.Copy(input, inOff, buffer, bufOff, length);
+			bufOff += length;
+			return null;
+		}
+
+		/**
+        * process the contents of the buffer using the underlying
+        * cipher.
+        *
+        * @return the result of the encryption/decryption process on the
+        * buffer.
+        * @exception InvalidCipherTextException if we are given a garbage block.
+        */
+        public override byte[] DoFinal()
+        {
+			byte[] outBytes = bufOff > 0
+				?	cipher.ProcessBlock(buffer, 0, bufOff)
+				:	EmptyBuffer;
+
+			Reset();
+
+			return outBytes;
+        }
+
+		public override byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			ProcessBytes(input, inOff, length);
+			return DoFinal();
+		}
+
+		/// <summary>Reset the buffer</summary>
+        public override void Reset()
+        {
+			if (buffer != null)
+			{
+				Array.Clear(buffer, 0, buffer.Length);
+				bufOff = 0;
+			}
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedBlockCipher.cs b/bc-sharp-crypto/src/crypto/BufferedBlockCipher.cs
new file mode 100644
index 0000000..c87d2da
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedBlockCipher.cs
@@ -0,0 +1,367 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/**
+	* A wrapper class that allows block ciphers to be used to process data in
+	* a piecemeal fashion. The BufferedBlockCipher outputs a block only when the
+	* buffer is full and more data is being added, or on a doFinal.
+	* <p>
+	* Note: in the case where the underlying cipher is either a CFB cipher or an
+	* OFB one the last block may not be a multiple of the block size.
+	* </p>
+	*/
+	public class BufferedBlockCipher
+		: BufferedCipherBase
+	{
+		internal byte[]			buf;
+		internal int			bufOff;
+		internal bool			forEncryption;
+		internal IBlockCipher	cipher;
+
+		/**
+		* constructor for subclasses
+		*/
+		protected BufferedBlockCipher()
+		{
+		}
+
+		/**
+		* Create a buffered block cipher without padding.
+		*
+		* @param cipher the underlying block cipher this buffering object wraps.
+		* false otherwise.
+		*/
+		public BufferedBlockCipher(
+			IBlockCipher cipher)
+		{
+			if (cipher == null)
+				throw new ArgumentNullException("cipher");
+
+			this.cipher = cipher;
+			buf = new byte[cipher.GetBlockSize()];
+			bufOff = 0;
+		}
+
+		public override string AlgorithmName
+		{
+			get { return cipher.AlgorithmName; }
+		}
+
+		/**
+		* initialise the cipher.
+		*
+		* @param forEncryption if true the cipher is initialised for
+		*  encryption, if false for decryption.
+		* @param param the key and other data required by the cipher.
+		* @exception ArgumentException if the parameters argument is
+		* inappropriate.
+		*/
+		// Note: This doubles as the Init in the event that this cipher is being used as an IWrapper
+		public override void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+
+            ParametersWithRandom pwr = parameters as ParametersWithRandom;
+            if (pwr != null)
+                parameters = pwr.Parameters;
+
+            Reset();
+
+			cipher.Init(forEncryption, parameters);
+		}
+
+		/**
+		* return the blocksize for the underlying cipher.
+		*
+		* @return the blocksize for the underlying cipher.
+		*/
+		public override int GetBlockSize()
+		{
+			return cipher.GetBlockSize();
+		}
+
+		/**
+		* return the size of the output buffer required for an update
+		* an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update
+		* with len bytes of input.
+		*/
+		public override int GetUpdateOutputSize(
+			int length)
+		{
+			int total = length + bufOff;
+			int leftOver = total % buf.Length;
+			return total - leftOver;
+		}
+
+		/**
+		* return the size of the output buffer required for an update plus a
+		* doFinal with an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update and doFinal
+		* with len bytes of input.
+		*/
+		public override int GetOutputSize(
+			int length)
+		{
+			// Note: Can assume IsPartialBlockOkay is true for purposes of this calculation
+			return length + bufOff;
+		}
+
+		/**
+		* process a single byte, producing an output block if necessary.
+		*
+		* @param in the input byte.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessByte(
+			byte	input,
+			byte[]	output,
+			int		outOff)
+		{
+			buf[bufOff++] = input;
+
+			if (bufOff == buf.Length)
+			{
+				if ((outOff + buf.Length) > output.Length)
+					throw new DataLengthException("output buffer too short");
+
+				bufOff = 0;
+				return cipher.ProcessBlock(buf, 0, output, outOff);
+			}
+
+			return 0;
+		}
+
+		public override byte[] ProcessByte(
+			byte input)
+		{
+			int outLength = GetUpdateOutputSize(1);
+
+			byte[] outBytes = outLength > 0 ? new byte[outLength] : null;
+
+			int pos = ProcessByte(input, outBytes, 0);
+
+			if (outLength > 0 && pos < outLength)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+			return outBytes;
+		}
+
+		public override byte[] ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (input == null)
+				throw new ArgumentNullException("input");
+			if (length < 1)
+				return null;
+
+			int outLength = GetUpdateOutputSize(length);
+
+			byte[] outBytes = outLength > 0 ? new byte[outLength] : null;
+
+			int pos = ProcessBytes(input, inOff, length, outBytes, 0);
+
+			if (outLength > 0 && pos < outLength)
+			{
+				byte[] tmp = new byte[pos];
+				Array.Copy(outBytes, 0, tmp, 0, pos);
+				outBytes = tmp;
+			}
+
+			return outBytes;
+		}
+
+		/**
+		* process an array of bytes, producing output if necessary.
+		*
+		* @param in the input byte array.
+		* @param inOff the offset at which the input data starts.
+		* @param len the number of bytes to be copied out of the input array.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			if (length < 1)
+			{
+				if (length < 0)
+					throw new ArgumentException("Can't have a negative input length!");
+
+				return 0;
+			}
+
+			int blockSize = GetBlockSize();
+			int outLength = GetUpdateOutputSize(length);
+
+			if (outLength > 0)
+			{
+                Check.OutputLength(output, outOff, outLength, "output buffer too short");
+			}
+
+            int resultLen = 0;
+			int gapLen = buf.Length - bufOff;
+			if (length > gapLen)
+			{
+				Array.Copy(input, inOff, buf, bufOff, gapLen);
+				resultLen += cipher.ProcessBlock(buf, 0, output, outOff);
+				bufOff = 0;
+				length -= gapLen;
+				inOff += gapLen;
+				while (length > buf.Length)
+				{
+					resultLen += cipher.ProcessBlock(input, inOff, output, outOff + resultLen);
+					length -= blockSize;
+					inOff += blockSize;
+				}
+			}
+			Array.Copy(input, inOff, buf, bufOff, length);
+			bufOff += length;
+			if (bufOff == buf.Length)
+			{
+				resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen);
+				bufOff = 0;
+			}
+			return resultLen;
+		}
+
+		public override byte[] DoFinal()
+		{
+			byte[] outBytes = EmptyBuffer;
+
+			int length = GetOutputSize(0);
+			if (length > 0)
+			{
+				outBytes = new byte[length];
+
+				int pos = DoFinal(outBytes, 0);
+				if (pos < outBytes.Length)
+				{
+					byte[] tmp = new byte[pos];
+					Array.Copy(outBytes, 0, tmp, 0, pos);
+					outBytes = tmp;
+				}
+			}
+			else
+			{
+				Reset();
+			}
+
+			return outBytes;
+		}
+
+		public override byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		inLen)
+		{
+			if (input == null)
+				throw new ArgumentNullException("input");
+
+			int length = GetOutputSize(inLen);
+
+			byte[] outBytes = EmptyBuffer;
+
+			if (length > 0)
+			{
+				outBytes = new byte[length];
+
+				int pos = (inLen > 0)
+					?	ProcessBytes(input, inOff, inLen, outBytes, 0)
+					:	0;
+
+				pos += DoFinal(outBytes, pos);
+
+				if (pos < outBytes.Length)
+				{
+					byte[] tmp = new byte[pos];
+					Array.Copy(outBytes, 0, tmp, 0, pos);
+					outBytes = tmp;
+				}
+			}
+			else
+			{
+				Reset();
+			}
+
+			return outBytes;
+		}
+
+		/**
+		* Process the last block in the buffer.
+		*
+		* @param out the array the block currently being held is copied into.
+		* @param outOff the offset at which the copying starts.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there is insufficient space in out for
+		* the output, or the input is not block size aligned and should be.
+		* @exception InvalidOperationException if the underlying cipher is not
+		* initialised.
+		* @exception InvalidCipherTextException if padding is expected and not found.
+		* @exception DataLengthException if the input is not block size
+		* aligned.
+		*/
+		public override int DoFinal(
+			byte[]	output,
+			int		outOff)
+		{
+			try
+			{
+				if (bufOff != 0)
+				{
+                    Check.DataLength(!cipher.IsPartialBlockOkay, "data not block size aligned");
+                    Check.OutputLength(output, outOff, bufOff, "output buffer too short for DoFinal()");
+
+                    // NB: Can't copy directly, or we may write too much output
+					cipher.ProcessBlock(buf, 0, buf, 0);
+					Array.Copy(buf, 0, output, outOff, bufOff);
+				}
+
+				return bufOff;
+			}
+			finally
+			{
+				Reset();
+			}
+		}
+
+		/**
+		* Reset the buffer and cipher. After resetting the object is in the same
+		* state as it was after the last init (if there was one).
+		*/
+		public override void Reset()
+		{
+			Array.Clear(buf, 0, buf.Length);
+			bufOff = 0;
+
+			cipher.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedCipherBase.cs b/bc-sharp-crypto/src/crypto/BufferedCipherBase.cs
new file mode 100644
index 0000000..9d86102
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedCipherBase.cs
@@ -0,0 +1,113 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	public abstract class BufferedCipherBase
+		: IBufferedCipher
+	{
+		protected static readonly byte[] EmptyBuffer = new byte[0];
+
+		public abstract string AlgorithmName { get; }
+
+		public abstract void Init(bool forEncryption, ICipherParameters parameters);
+
+		public abstract int GetBlockSize();
+
+		public abstract int GetOutputSize(int inputLen);
+		public abstract int GetUpdateOutputSize(int inputLen);
+
+		public abstract byte[] ProcessByte(byte input);
+
+		public virtual int ProcessByte(
+			byte	input,
+			byte[]	output,
+			int		outOff)
+		{
+			byte[] outBytes = ProcessByte(input);
+			if (outBytes == null)
+				return 0;
+			if (outOff + outBytes.Length > output.Length)
+				throw new DataLengthException("output buffer too short");
+			outBytes.CopyTo(output, outOff);
+			return outBytes.Length;
+		}
+
+		public virtual byte[] ProcessBytes(
+			byte[] input)
+		{
+			return ProcessBytes(input, 0, input.Length);
+		}
+
+		public abstract byte[] ProcessBytes(byte[] input, int inOff, int length);
+
+		public virtual int ProcessBytes(
+			byte[]	input,
+			byte[]	output,
+			int		outOff)
+		{
+			return ProcessBytes(input, 0, input.Length, output, outOff);
+		}
+
+		public virtual int ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			byte[] outBytes = ProcessBytes(input, inOff, length);
+			if (outBytes == null)
+				return 0;
+			if (outOff + outBytes.Length > output.Length)
+				throw new DataLengthException("output buffer too short");
+			outBytes.CopyTo(output, outOff);
+			return outBytes.Length;
+		}
+
+		public abstract byte[] DoFinal();
+
+		public virtual byte[] DoFinal(
+			byte[] input)
+		{
+			return DoFinal(input, 0, input.Length);
+		}
+
+		public abstract byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		length);
+
+		public virtual int DoFinal(
+			byte[]	output,
+			int		outOff)
+		{
+			byte[] outBytes = DoFinal();
+			if (outOff + outBytes.Length > output.Length)
+				throw new DataLengthException("output buffer too short");
+			outBytes.CopyTo(output, outOff);
+			return outBytes.Length;
+		}
+
+		public virtual int DoFinal(
+			byte[]	input,
+			byte[]	output,
+			int		outOff)
+		{
+			return DoFinal(input, 0, input.Length, output, outOff);
+		}
+
+		public virtual int DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			int len = ProcessBytes(input, inOff, length, output, outOff);
+			len += DoFinal(output, outOff + len);
+			return len;
+		}
+
+		public abstract void Reset();
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedIesCipher.cs b/bc-sharp-crypto/src/crypto/BufferedIesCipher.cs
new file mode 100644
index 0000000..6dab4ae
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedIesCipher.cs
@@ -0,0 +1,113 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto
+{
+	public class BufferedIesCipher
+		: BufferedCipherBase
+	{
+		private readonly IesEngine engine;
+		private bool forEncryption;
+		private MemoryStream buffer = new MemoryStream();
+
+		public BufferedIesCipher(
+			IesEngine engine)
+		{
+			if (engine == null)
+				throw new ArgumentNullException("engine");
+
+			this.engine = engine;
+		}
+
+		public override string AlgorithmName
+		{
+			// TODO Create IESEngine.AlgorithmName
+			get { return "IES"; }
+		}
+
+		public override void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+
+			// TODO
+			throw Platform.CreateNotImplementedException("IES");
+		}
+
+		public override int GetBlockSize()
+		{
+			return 0;
+		}
+
+		public override int GetOutputSize(
+			int inputLen)
+		{
+			if (engine == null)
+				throw new InvalidOperationException("cipher not initialised");
+
+			int baseLen = inputLen + (int) buffer.Length;
+			return forEncryption
+				?	baseLen + 20
+				:	baseLen - 20;
+		}
+
+		public override int GetUpdateOutputSize(
+			int inputLen)
+		{
+			return 0;
+		}
+
+		public override byte[] ProcessByte(
+			byte input)
+		{
+			buffer.WriteByte(input);
+			return null;
+		}
+
+		public override byte[] ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (input == null)
+				throw new ArgumentNullException("input");
+			if (inOff < 0)
+				throw new ArgumentException("inOff");
+			if (length < 0)
+				throw new ArgumentException("length");
+			if (inOff + length > input.Length)
+				throw new ArgumentException("invalid offset/length specified for input array");
+
+			buffer.Write(input, inOff, length);
+			return null;
+		}
+
+		public override byte[] DoFinal()
+		{
+			byte[] buf = buffer.ToArray();
+
+			Reset();
+
+			return engine.ProcessBlock(buf, 0, buf.Length);
+		}
+
+		public override byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			ProcessBytes(input, inOff, length);
+			return DoFinal();
+		}
+
+		public override void Reset()
+		{
+			buffer.SetLength(0);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/BufferedStreamCipher.cs b/bc-sharp-crypto/src/crypto/BufferedStreamCipher.cs
new file mode 100644
index 0000000..2d4987b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/BufferedStreamCipher.cs
@@ -0,0 +1,131 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto
+{
+	public class BufferedStreamCipher
+		: BufferedCipherBase
+	{
+		private readonly IStreamCipher cipher;
+
+		public BufferedStreamCipher(
+			IStreamCipher cipher)
+		{
+			if (cipher == null)
+				throw new ArgumentNullException("cipher");
+
+			this.cipher = cipher;
+		}
+
+		public override string AlgorithmName
+		{
+			get { return cipher.AlgorithmName; }
+		}
+
+		public override void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithRandom)
+			{
+				parameters = ((ParametersWithRandom) parameters).Parameters;
+			}
+
+			cipher.Init(forEncryption, parameters);
+		}
+
+		public override int GetBlockSize()
+		{
+			return 0;
+		}
+
+		public override int GetOutputSize(
+			int inputLen)
+		{
+			return inputLen;
+		}
+
+		public override int GetUpdateOutputSize(
+			int inputLen)
+		{
+			return inputLen;
+		}
+
+		public override byte[] ProcessByte(
+			byte input)
+		{
+			return new byte[]{ cipher.ReturnByte(input) };
+		}
+
+		public override int ProcessByte(
+			byte	input,
+			byte[]	output,
+			int		outOff)
+		{
+			if (outOff >= output.Length)
+				throw new DataLengthException("output buffer too short");
+
+			output[outOff] = cipher.ReturnByte(input);
+			return 1;
+		}
+
+		public override byte[] ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (length < 1)
+				return null;
+
+			byte[] output = new byte[length];
+			cipher.ProcessBytes(input, inOff, length, output, 0);
+			return output;
+		}
+
+		public override int ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			if (length < 1)
+				return 0;
+
+			if (length > 0)
+			{
+				cipher.ProcessBytes(input, inOff, length, output, outOff);
+			}
+
+			return length;
+		}
+
+		public override byte[] DoFinal()
+		{
+			Reset();
+
+			return EmptyBuffer;
+		}
+
+		public override byte[] DoFinal(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (length < 1)
+				return EmptyBuffer;
+
+			byte[] output = ProcessBytes(input, inOff, length);
+
+			Reset();
+
+			return output;
+		}
+
+		public override void Reset()
+		{
+			cipher.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/Check.cs b/bc-sharp-crypto/src/crypto/Check.cs
new file mode 100644
index 0000000..96a05c6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/Check.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    internal class Check
+    {
+        internal static void DataLength(bool condition, string msg)
+        {
+            if (condition)
+                throw new DataLengthException(msg);
+        }
+
+        internal static void DataLength(byte[] buf, int off, int len, string msg)
+        {
+            if (off + len > buf.Length)
+                throw new DataLengthException(msg);
+        }
+
+        internal static void OutputLength(byte[] buf, int off, int len, string msg)
+        {
+            if (off + len > buf.Length)
+                throw new OutputLengthException(msg);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/CipherKeyGenerator.cs b/bc-sharp-crypto/src/crypto/CipherKeyGenerator.cs
new file mode 100644
index 0000000..d8d9b29
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/CipherKeyGenerator.cs
@@ -0,0 +1,83 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/**
+	 * The base class for symmetric, or secret, cipher key generators.
+	 */
+	public class CipherKeyGenerator
+	{
+		protected internal SecureRandom	random;
+		protected internal int			strength;
+		private bool uninitialised = true;
+		private int defaultStrength;
+
+		public CipherKeyGenerator()
+		{
+		}
+
+		internal CipherKeyGenerator(
+			int defaultStrength)
+		{
+			if (defaultStrength < 1)
+				throw new ArgumentException("strength must be a positive value", "defaultStrength");
+
+			this.defaultStrength = defaultStrength;
+		}
+
+		public int DefaultStrength
+		{
+			get { return defaultStrength; }
+		}
+
+		/**
+		 * initialise the key generator.
+		 *
+		 * @param param the parameters to be used for key generation
+		 */
+		public void Init(
+			KeyGenerationParameters parameters)
+		{
+			if (parameters == null)
+				throw new ArgumentNullException("parameters");
+
+			this.uninitialised = false;
+
+			engineInit(parameters);
+		}
+
+		protected virtual void engineInit(
+			KeyGenerationParameters parameters)
+		{
+			this.random = parameters.Random;
+			this.strength = (parameters.Strength + 7) / 8;
+		}
+
+		/**
+		 * Generate a secret key.
+		 *
+		 * @return a byte array containing the key value.
+		 */
+		public byte[] GenerateKey()
+		{
+			if (uninitialised)
+			{
+				if (defaultStrength < 1)
+					throw new InvalidOperationException("Generator has not been initialised");
+
+				uninitialised = false;
+
+				engineInit(new KeyGenerationParameters(new SecureRandom(), defaultStrength));
+			}
+
+			return engineGenerateKey();
+		}
+
+        protected virtual byte[] engineGenerateKey()
+		{
+            return SecureRandom.GetNextBytes(random, strength);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/CryptoException.cs b/bc-sharp-crypto/src/crypto/CryptoException.cs
new file mode 100644
index 0000000..73d450b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/CryptoException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CryptoException
+		: Exception
+    {
+        public CryptoException()
+        {
+        }
+
+		public CryptoException(
+            string message)
+			: base(message)
+        {
+        }
+
+		public CryptoException(
+            string		message,
+            Exception	exception)
+			: base(message, exception)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/DataLengthException.cs b/bc-sharp-crypto/src/crypto/DataLengthException.cs
new file mode 100644
index 0000000..447ff2a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/DataLengthException.cs
@@ -0,0 +1,42 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * this exception is thrown if a buffer that is meant to have output
+     * copied into it turns out to be too short, or if we've been given
+     * insufficient input. In general this exception will Get thrown rather
+     * than an ArrayOutOfBounds exception.
+     */
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class DataLengthException
+		: CryptoException
+	{
+        /**
+        * base constructor.
+		*/
+        public DataLengthException()
+        {
+        }
+
+		/**
+         * create a DataLengthException with the given message.
+         *
+         * @param message the message to be carried with the exception.
+         */
+        public DataLengthException(
+            string message)
+			: base(message)
+        {
+		}
+
+		public DataLengthException(
+            string		message,
+            Exception	exception)
+			: base(message, exception)
+        {
+        }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/IAsymmetricBlockCipher.cs b/bc-sharp-crypto/src/crypto/IAsymmetricBlockCipher.cs
new file mode 100644
index 0000000..455cfaa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IAsymmetricBlockCipher.cs
@@ -0,0 +1,30 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <remarks>Base interface for a public/private key block cipher.</remarks>
+	public interface IAsymmetricBlockCipher
+    {
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+        string AlgorithmName { get; }
+
+		/// <summary>Initialise the cipher.</summary>
+		/// <param name="forEncryption">Initialise for encryption if true, for decryption if false.</param>
+		/// <param name="parameters">The key or other data required by the cipher.</param>
+        void Init(bool forEncryption, ICipherParameters parameters);
+
+		/// <returns>The maximum size, in bytes, an input block may be.</returns>
+        int GetInputBlockSize();
+
+		/// <returns>The maximum size, in bytes, an output block will be.</returns>
+		int GetOutputBlockSize();
+
+		/// <summary>Process a block.</summary>
+		/// <param name="inBuf">The input buffer.</param>
+		/// <param name="inOff">The offset into <paramref>inBuf</paramref> that the input block begins.</param>
+		/// <param name="inLen">The length of the input block.</param>
+		/// <exception cref="InvalidCipherTextException">Input decrypts improperly.</exception>
+		/// <exception cref="DataLengthException">Input is too large for the cipher.</exception>
+        byte[] ProcessBlock(byte[] inBuf, int inOff, int inLen);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs
new file mode 100644
index 0000000..9ec5dfa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * interface that a public/private key pair generator should conform to.
+     */
+    public interface IAsymmetricCipherKeyPairGenerator
+    {
+        /**
+         * intialise the key pair generator.
+         *
+         * @param the parameters the key pair is to be initialised with.
+         */
+        void Init(KeyGenerationParameters parameters);
+
+        /**
+         * return an AsymmetricCipherKeyPair containing the Generated keys.
+         *
+         * @return an AsymmetricCipherKeyPair containing the Generated keys.
+         */
+        AsymmetricCipherKeyPair GenerateKeyPair();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IBasicAgreement.cs b/bc-sharp-crypto/src/crypto/IBasicAgreement.cs
new file mode 100644
index 0000000..7dfc618
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IBasicAgreement.cs
@@ -0,0 +1,29 @@
+using System;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * The basic interface that basic Diffie-Hellman implementations
+     * conforms to.
+     */
+    public interface IBasicAgreement
+    {
+        /**
+         * initialise the agreement engine.
+         */
+        void Init(ICipherParameters parameters);
+
+        /**
+         * return the field size for the agreement algorithm in bytes.
+         */
+        int GetFieldSize();
+
+        /**
+         * given a public key from a given party calculate the next
+         * message in the agreement sequence.
+         */
+        BigInteger CalculateAgreement(ICipherParameters pubKey);
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/IBlockCipher.cs b/bc-sharp-crypto/src/crypto/IBlockCipher.cs
new file mode 100644
index 0000000..a3ad6d6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IBlockCipher.cs
@@ -0,0 +1,36 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <remarks>Base interface for a symmetric key block cipher.</remarks>
+    public interface IBlockCipher
+    {
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+		string AlgorithmName { get; }
+
+		/// <summary>Initialise the cipher.</summary>
+		/// <param name="forEncryption">Initialise for encryption if true, for decryption if false.</param>
+		/// <param name="parameters">The key or other data required by the cipher.</param>
+		void Init(bool forEncryption, ICipherParameters parameters);
+
+		/// <returns>The block size for this cipher, in bytes.</returns>
+		int GetBlockSize();
+
+		/// <summary>Indicates whether this cipher can handle partial blocks.</summary>
+		bool IsPartialBlockOkay { get; }
+
+		/// <summary>Process a block.</summary>
+		/// <param name="inBuf">The input buffer.</param>
+		/// <param name="inOff">The offset into <paramref>inBuf</paramref> that the input block begins.</param>
+		/// <param name="outBuf">The output buffer.</param>
+		/// <param name="outOff">The offset into <paramref>outBuf</paramref> to write the output block.</param>
+		/// <exception cref="DataLengthException">If input block is wrong size, or outBuf too small.</exception>
+		/// <returns>The number of bytes processed and produced.</returns>
+		int ProcessBlock(byte[] inBuf, int inOff, byte[] outBuf, int outOff);
+
+		/// <summary>
+		/// Reset the cipher to the same state as it was after the last init (if there was one).
+		/// </summary>
+        void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IBlockResult.cs b/bc-sharp-crypto/src/crypto/IBlockResult.cs
new file mode 100644
index 0000000..0f054fe
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IBlockResult.cs
@@ -0,0 +1,24 @@
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Operators that reduce their input to a single block return an object
+    /// of this type.
+    /// </summary>
+    public interface IBlockResult
+    {
+        /// <summary>
+        /// Return the final result of the operation.
+        /// </summary>
+        /// <returns>A block of bytes, representing the result of an operation.</returns>
+        byte[] Collect();
+
+        /// <summary>
+        /// Store the final result of the operation by copying it into the destination array.
+        /// </summary>
+        /// <returns>The number of bytes copied into destination.</returns>
+        /// <param name="destination">The byte array to copy the result into.</param>
+        /// <param name="offset">The offset into destination to start copying the result at.</param>
+        int Collect(byte[] destination, int offset);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IBufferedCipher.cs b/bc-sharp-crypto/src/crypto/IBufferedCipher.cs
new file mode 100644
index 0000000..69dec95
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IBufferedCipher.cs
@@ -0,0 +1,44 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <remarks>Block cipher engines are expected to conform to this interface.</remarks>
+    public interface IBufferedCipher
+    {
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+		string AlgorithmName { get; }
+
+		/// <summary>Initialise the cipher.</summary>
+		/// <param name="forEncryption">If true the cipher is initialised for encryption,
+		/// if false for decryption.</param>
+		/// <param name="parameters">The key and other data required by the cipher.</param>
+        void Init(bool forEncryption, ICipherParameters parameters);
+
+		int GetBlockSize();
+
+		int GetOutputSize(int inputLen);
+
+		int GetUpdateOutputSize(int inputLen);
+
+		byte[] ProcessByte(byte input);
+		int ProcessByte(byte input, byte[] output, int outOff);
+
+		byte[] ProcessBytes(byte[] input);
+		byte[] ProcessBytes(byte[] input, int inOff, int length);
+		int ProcessBytes(byte[] input, byte[] output, int outOff);
+		int ProcessBytes(byte[] input, int inOff, int length, byte[] output, int outOff);
+
+		byte[] DoFinal();
+		byte[] DoFinal(byte[] input);
+		byte[] DoFinal(byte[] input, int inOff, int length);
+		int DoFinal(byte[] output, int outOff);
+		int DoFinal(byte[] input, byte[] output, int outOff);
+		int DoFinal(byte[] input, int inOff, int length, byte[] output, int outOff);
+
+		/// <summary>
+		/// Reset the cipher. After resetting the cipher is in the same state
+		/// as it was after the last init (if there was one).
+		/// </summary>
+        void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/ICipherParameters.cs b/bc-sharp-crypto/src/crypto/ICipherParameters.cs
new file mode 100644
index 0000000..fff0941
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/ICipherParameters.cs
@@ -0,0 +1,11 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * all parameter classes implement this.
+     */
+    public interface ICipherParameters
+    {
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IDSA.cs b/bc-sharp-crypto/src/crypto/IDSA.cs
new file mode 100644
index 0000000..46056d8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IDSA.cs
@@ -0,0 +1,40 @@
+using System;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * interface for classes implementing the Digital Signature Algorithm
+     */
+    public interface IDsa
+    {
+		string AlgorithmName { get; }
+
+		/**
+         * initialise the signer for signature generation or signature
+         * verification.
+         *
+         * @param forSigning true if we are generating a signature, false
+         * otherwise.
+         * @param param key parameters for signature generation.
+         */
+        void Init(bool forSigning, ICipherParameters parameters);
+
+        /**
+         * sign the passed in message (usually the output of a hash function).
+         *
+         * @param message the message to be signed.
+         * @return two big integers representing the r and s values respectively.
+         */
+        BigInteger[] GenerateSignature(byte[] message);
+
+        /**
+         * verify the message message against the signature values r and s.
+         *
+         * @param message the message that was supposed to have been signed.
+         * @param r the r signature value.
+         * @param s the s signature value.
+         */
+        bool VerifySignature(byte[] message, BigInteger  r, BigInteger s);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IDerivationFunction.cs b/bc-sharp-crypto/src/crypto/IDerivationFunction.cs
new file mode 100644
index 0000000..7f289f7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IDerivationFunction.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * base interface for general purpose byte derivation functions.
+     */
+    public interface IDerivationFunction
+    {
+        void Init(IDerivationParameters parameters);
+
+        /**
+         * return the message digest used as the basis for the function
+         */
+        IDigest Digest
+        {
+            get;
+        }
+
+        int GenerateBytes(byte[] output, int outOff, int length);
+        //throws DataLengthException, ArgumentException;
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/IDerivationParameters.cs b/bc-sharp-crypto/src/crypto/IDerivationParameters.cs
new file mode 100644
index 0000000..f1c8485
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IDerivationParameters.cs
@@ -0,0 +1,11 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * Parameters for key/byte stream derivation classes
+     */
+    public interface IDerivationParameters
+    {
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IDigest.cs b/bc-sharp-crypto/src/crypto/IDigest.cs
new file mode 100644
index 0000000..6769dcc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IDigest.cs
@@ -0,0 +1,61 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * interface that a message digest conforms to.
+     */
+    public interface IDigest
+    {
+        /**
+         * return the algorithm name
+         *
+         * @return the algorithm name
+         */
+        string AlgorithmName { get; }
+
+		/**
+         * return the size, in bytes, of the digest produced by this message digest.
+         *
+         * @return the size, in bytes, of the digest produced by this message digest.
+         */
+		int GetDigestSize();
+
+		/**
+         * return the size, in bytes, of the internal buffer used by this digest.
+         *
+         * @return the size, in bytes, of the internal buffer used by this digest.
+         */
+		int GetByteLength();
+
+		/**
+         * update the message digest with a single byte.
+         *
+         * @param inByte the input byte to be entered.
+         */
+        void Update(byte input);
+
+        /**
+         * update the message digest with a block of bytes.
+         *
+         * @param input the byte array containing the data.
+         * @param inOff the offset into the byte array where the data starts.
+         * @param len the length of the data.
+         */
+        void BlockUpdate(byte[] input, int inOff, int length);
+
+        /**
+         * Close the digest, producing the final digest value. The doFinal
+         * call leaves the digest reset.
+         *
+         * @param output the array the digest is to be copied into.
+         * @param outOff the offset into the out array the digest is to start at.
+         */
+        int DoFinal(byte[] output, int outOff);
+
+        /**
+         * reset the digest back to it's initial state.
+         */
+        void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IEntropySource.cs b/bc-sharp-crypto/src/crypto/IEntropySource.cs
new file mode 100644
index 0000000..62e3bc7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IEntropySource.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <summary>
+	/// Base interface describing an entropy source for a DRBG.
+	/// </summary>
+	public interface IEntropySource
+	{
+		/// <summary>
+		/// Return whether or not this entropy source is regarded as prediction resistant.
+		/// </summary>
+		/// <value><c>true</c> if this instance is prediction resistant; otherwise, <c>false</c>.</value>
+		bool IsPredictionResistant { get; }
+
+		/// <summary>
+		/// Return a byte array of entropy.
+		/// </summary>
+		/// <returns>The entropy bytes.</returns>
+		byte[] GetEntropy();
+
+		/// <summary>
+		/// Return the number of bits of entropy this source can produce.
+		/// </summary>
+		/// <value>The size, in bits, of the return value of getEntropy.</value>
+		int EntropySize { get; }
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/IEntropySourceProvider.cs b/bc-sharp-crypto/src/crypto/IEntropySourceProvider.cs
new file mode 100644
index 0000000..7564141
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IEntropySourceProvider.cs
@@ -0,0 +1,17 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Base interface describing a provider of entropy sources.
+    /// </summary>
+    public interface IEntropySourceProvider
+    {
+        /// <summary>
+        /// Return an entropy source providing a block of entropy.
+        /// </summary>
+        /// <param name="bitsRequired">The size of the block of entropy required.</param>
+        /// <returns>An entropy source providing bitsRequired blocks of entropy.</returns>
+        IEntropySource Get(int bitsRequired);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IMac.cs b/bc-sharp-crypto/src/crypto/IMac.cs
new file mode 100644
index 0000000..03a86e8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IMac.cs
@@ -0,0 +1,69 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * The base interface for implementations of message authentication codes (MACs).
+     */
+    public interface IMac
+    {
+        /**
+         * Initialise the MAC.
+         *
+         * @param param the key and other data required by the MAC.
+         * @exception ArgumentException if the parameters argument is
+         * inappropriate.
+         */
+        void Init(ICipherParameters parameters);
+
+        /**
+         * Return the name of the algorithm the MAC implements.
+         *
+         * @return the name of the algorithm the MAC implements.
+         */
+        string AlgorithmName { get; }
+
+		/**
+		 * Return the block size for this MAC (in bytes).
+		 *
+		 * @return the block size for this MAC in bytes.
+		 */
+		int GetMacSize();
+
+        /**
+         * add a single byte to the mac for processing.
+         *
+         * @param in the byte to be processed.
+         * @exception InvalidOperationException if the MAC is not initialised.
+         */
+        void Update(byte input);
+
+		/**
+         * @param in the array containing the input.
+         * @param inOff the index in the array the data begins at.
+         * @param len the length of the input starting at inOff.
+         * @exception InvalidOperationException if the MAC is not initialised.
+         * @exception DataLengthException if there isn't enough data in in.
+         */
+        void BlockUpdate(byte[] input, int inOff, int len);
+
+		/**
+         * Compute the final stage of the MAC writing the output to the out
+         * parameter.
+         * <p>
+         * doFinal leaves the MAC in the same state it was after the last init.
+         * </p>
+         * @param out the array the MAC is to be output to.
+         * @param outOff the offset into the out buffer the output is to start at.
+         * @exception DataLengthException if there isn't enough space in out.
+         * @exception InvalidOperationException if the MAC is not initialised.
+         */
+        int DoFinal(byte[] output, int outOff);
+
+		/**
+         * Reset the MAC. At the end of resetting the MAC should be in the
+         * in the same state it was after the last init (if there was one).
+         */
+        void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/ISignatureFactory.cs b/bc-sharp-crypto/src/crypto/ISignatureFactory.cs
new file mode 100644
index 0000000..cbca7d1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/ISignatureFactory.cs
@@ -0,0 +1,23 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Base interface for operators that serve as stream-based signature calculators.
+    /// </summary>
+    public interface ISignatureFactory
+	{
+        /// <summary>The algorithm details object for this calculator.</summary>
+        Object AlgorithmDetails { get ; }
+
+        /// <summary>
+        /// Create a stream calculator for this signature calculator. The stream
+        /// calculator is used for the actual operation of entering the data to be signed
+        /// and producing the signature block.
+        /// </summary>
+        /// <returns>A calculator producing an IBlockResult with a signature in it.</returns>
+        IStreamCalculator CreateCalculator();
+    }
+}
+
+
diff --git a/bc-sharp-crypto/src/crypto/ISigner.cs b/bc-sharp-crypto/src/crypto/ISigner.cs
new file mode 100644
index 0000000..e03bbf4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/ISigner.cs
@@ -0,0 +1,50 @@
+
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Crypto
+{
+    public interface ISigner
+    {
+        /**
+         * Return the name of the algorithm the signer implements.
+         *
+         * @return the name of the algorithm the signer implements.
+         */
+        string AlgorithmName { get; }
+
+		/**
+         * Initialise the signer for signing or verification.
+         *
+         * @param forSigning true if for signing, false otherwise
+         * @param param necessary parameters.
+         */
+         void Init(bool forSigning, ICipherParameters parameters);
+
+        /**
+         * update the internal digest with the byte b
+         */
+        void Update(byte input);
+
+        /**
+         * update the internal digest with the byte array in
+         */
+        void BlockUpdate(byte[] input, int inOff, int length);
+
+        /**
+         * Generate a signature for the message we've been loaded with using
+         * the key we were initialised with.
+         */
+        byte[] GenerateSignature();
+        /**
+         * return true if the internal state represents the signature described
+         * in the passed in array.
+         */
+        bool VerifySignature(byte[] signature);
+
+        /**
+         * reset the internal state
+         */
+        void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/ISignerWithRecovery.cs b/bc-sharp-crypto/src/crypto/ISignerWithRecovery.cs
new file mode 100644
index 0000000..024f5ce
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/ISignerWithRecovery.cs
@@ -0,0 +1,37 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * Signer with message recovery.
+     */
+    public interface ISignerWithRecovery
+        : ISigner
+    {
+        /**
+         * Returns true if the signer has recovered the full message as
+         * part of signature verification.
+         *
+         * @return true if full message recovered.
+         */
+        bool HasFullMessage();
+
+        /**
+         * Returns a reference to what message was recovered (if any).
+         *
+         * @return full/partial message, null if nothing.
+         */
+        byte[] GetRecoveredMessage();
+
+		/**
+		 * Perform an update with the recovered message before adding any other data. This must
+		 * be the first update method called, and calling it will result in the signer assuming
+		 * that further calls to update will include message content past what is recoverable.
+		 *
+		 * @param signature the signature that we are in the process of verifying.
+		 * @throws IllegalStateException
+		 */
+		void UpdateWithRecoveredMessage(byte[] signature);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/IStreamCalculator.cs b/bc-sharp-crypto/src/crypto/IStreamCalculator.cs
new file mode 100644
index 0000000..19a5428
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IStreamCalculator.cs
@@ -0,0 +1,23 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Base interface for cryptographic operations such as Hashes, MACs, and Signatures which reduce a stream of data
+    /// to a single value.
+    /// </summary>
+    public interface IStreamCalculator
+    {
+        /// <summary>Return a "sink" stream which only exists to update the implementing object.</summary>
+        /// <returns>A stream to write to in order to update the implementing object.</returns>
+        Stream Stream { get; }
+
+        /// <summary>
+        /// Return the result of processing the stream. This value is only available once the stream
+        /// has been closed.
+        /// </summary>
+        /// <returns>The result of processing the stream.</returns>
+        Object GetResult();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IStreamCipher.cs b/bc-sharp-crypto/src/crypto/IStreamCipher.cs
new file mode 100644
index 0000000..8e575a7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IStreamCipher.cs
@@ -0,0 +1,45 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <summary>The interface stream ciphers conform to.</summary>
+    public interface IStreamCipher
+    {
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+		string AlgorithmName { get; }
+
+		/// <summary>Initialise the cipher.</summary>
+		/// <param name="forEncryption">If true the cipher is initialised for encryption,
+		/// if false for decryption.</param>
+		/// <param name="parameters">The key and other data required by the cipher.</param>
+		/// <exception cref="ArgumentException">
+		/// If the parameters argument is inappropriate.
+		/// </exception>
+        void Init(bool forEncryption, ICipherParameters parameters);
+
+		/// <summary>encrypt/decrypt a single byte returning the result.</summary>
+		/// <param name="input">the byte to be processed.</param>
+		/// <returns>the result of processing the input byte.</returns>
+        byte ReturnByte(byte input);
+
+		/// <summary>
+		/// Process a block of bytes from <c>input</c> putting the result into <c>output</c>.
+		/// </summary>
+		/// <param name="input">The input byte array.</param>
+		/// <param name="inOff">
+		/// The offset into <c>input</c> where the data to be processed starts.
+		/// </param>
+		/// <param name="length">The number of bytes to be processed.</param>
+		/// <param name="output">The output buffer the processed bytes go into.</param>
+		/// <param name="outOff">
+		/// The offset into <c>output</c> the processed data starts at.
+		/// </param>
+		/// <exception cref="DataLengthException">If the output buffer is too small.</exception>
+        void ProcessBytes(byte[] input, int inOff, int length, byte[] output, int outOff);
+
+		/// <summary>
+		/// Reset the cipher to the same state as it was after the last init (if there was one).
+		/// </summary>
+		void Reset();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IVerifier.cs b/bc-sharp-crypto/src/crypto/IVerifier.cs
new file mode 100644
index 0000000..560cabf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IVerifier.cs
@@ -0,0 +1,25 @@
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Operators that reduce their input to the validation of a signature produce this type.
+    /// </summary>
+    public interface IVerifier
+    {
+        /// <summary>
+        /// Return true if the passed in data matches what is expected by the verification result.
+        /// </summary>
+        /// <param name="data">The bytes representing the signature.</param>
+        /// <returns>true if the signature verifies, false otherwise.</returns>
+        bool IsVerified(byte[] data);
+
+        /// <summary>
+        /// Return true if the length bytes from off in the source array match the signature
+        /// expected by the verification result.
+        /// </summary>
+        /// <param name="source">Byte array containing the signature.</param>
+        /// <param name="off">The offset into the source array where the signature starts.</param>
+        /// <param name="length">The number of bytes in source making up the signature.</param>
+        /// <returns>true if the signature verifies, false otherwise.</returns>
+        bool IsVerified(byte[] source, int off, int length);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IVerifierFactory.cs b/bc-sharp-crypto/src/crypto/IVerifierFactory.cs
new file mode 100644
index 0000000..9502b14
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IVerifierFactory.cs
@@ -0,0 +1,21 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Base interface for operators that serve as stream-based signature verifiers.
+    /// </summary>
+    public interface IVerifierFactory
+	{
+        /// <summary>The algorithm details object for this verifier.</summary>
+        Object AlgorithmDetails { get ; }
+
+        /// <summary>
+        /// Create a stream calculator for this verifier. The stream
+        /// calculator is used for the actual operation of entering the data to be verified
+        /// and producing a result which can be used to verify the original signature.
+        /// </summary>
+        /// <returns>A calculator producing an IVerifier which can verify the signature.</returns>
+        IStreamCalculator CreateCalculator();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IVerifierFactoryProvider.cs b/bc-sharp-crypto/src/crypto/IVerifierFactoryProvider.cs
new file mode 100644
index 0000000..9cfcbb2
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IVerifierFactoryProvider.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <summary>
+    /// Base interface for a provider to support the dynamic creation of signature verifiers.
+    /// </summary>
+    public interface IVerifierFactoryProvider
+	{
+        /// <summary>
+        /// Return a signature verfier for signature algorithm described in the passed in algorithm details object.
+        /// </summary>
+        /// <param name="algorithmDetails">The details of the signature algorithm verification is required for.</param>
+        /// <returns>A new signature verifier.</returns>
+		IVerifierFactory CreateVerifierFactory (Object algorithmDetails);
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/IWrapper.cs b/bc-sharp-crypto/src/crypto/IWrapper.cs
new file mode 100644
index 0000000..58202b3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IWrapper.cs
@@ -0,0 +1,18 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto
+{
+    public interface IWrapper
+    {
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+		string AlgorithmName { get; }
+
+		void Init(bool forWrapping, ICipherParameters parameters);
+
+		byte[] Wrap(byte[] input, int inOff, int length);
+
+        byte[] Unwrap(byte[] input, int inOff, int length);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/IXof.cs b/bc-sharp-crypto/src/crypto/IXof.cs
new file mode 100644
index 0000000..f76304d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/IXof.cs
@@ -0,0 +1,31 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /// <remarks>
+    /// With FIPS PUB 202 a new kind of message digest was announced which supported extendable output, or variable digest sizes.
+    /// This interface provides the extra method required to support variable output on a digest implementation.
+    /// </remarks>
+    public interface IXof
+        : IDigest
+    {
+        /// <summary>
+        /// Output the results of the final calculation for this digest to outLen number of bytes.
+        /// </summary>
+        /// <param name="output">output array to write the output bytes to.</param>
+        /// <param name="outOff">offset to start writing the bytes at.</param>
+        /// <param name="outLen">the number of output bytes requested.</param>
+        /// <returns>the number of bytes written</returns>
+        int DoFinal(byte[] output, int outOff, int outLen);
+
+        /// <summary>
+        /// Start outputting the results of the final calculation for this digest. Unlike DoFinal, this method
+        /// will continue producing output until the Xof is explicitly reset, or signals otherwise.
+        /// </summary>
+        /// <param name="output">output array to write the output bytes to.</param>
+        /// <param name="outOff">offset to start writing the bytes at.</param>
+        /// <param name="outLen">the number of output bytes requested.</param>
+        /// <returns>the number of bytes written</returns>
+        int DoOutput(byte[] output, int outOff, int outLen);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/InvalidCipherTextException.cs b/bc-sharp-crypto/src/crypto/InvalidCipherTextException.cs
new file mode 100644
index 0000000..0fe540d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/InvalidCipherTextException.cs
@@ -0,0 +1,40 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * this exception is thrown whenever we find something we don't expect in a
+     * message.
+     */
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class InvalidCipherTextException
+		: CryptoException
+    {
+		/**
+		* base constructor.
+		*/
+        public InvalidCipherTextException()
+        {
+        }
+
+		/**
+         * create a InvalidCipherTextException with the given message.
+         *
+         * @param message the message to be carried with the exception.
+         */
+        public InvalidCipherTextException(
+            string message)
+			: base(message)
+        {
+        }
+
+		public InvalidCipherTextException(
+            string		message,
+            Exception	exception)
+			: base(message, exception)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/KeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/KeyGenerationParameters.cs
new file mode 100644
index 0000000..0cb6b07
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/KeyGenerationParameters.cs
@@ -0,0 +1,55 @@
+using System;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * The base class for parameters to key generators.
+     */
+    public class KeyGenerationParameters
+    {
+        private SecureRandom	random;
+        private int				strength;
+
+        /**
+         * initialise the generator with a source of randomness
+         * and a strength (in bits).
+         *
+         * @param random the random byte source.
+         * @param strength the size, in bits, of the keys we want to produce.
+         */
+        public KeyGenerationParameters(
+            SecureRandom	random,
+            int				strength)
+        {
+			if (random == null)
+				throw new ArgumentNullException("random");
+			if (strength < 1)
+				throw new ArgumentException("strength must be a positive value", "strength");
+
+			this.random = random;
+            this.strength = strength;
+        }
+
+		/**
+         * return the random source associated with this
+         * generator.
+         *
+         * @return the generators random source.
+         */
+        public SecureRandom Random
+        {
+            get { return random; }
+        }
+
+		/**
+         * return the bit strength for keys produced by this generator,
+         *
+         * @return the strength of the keys this generator produces (in bits).
+         */
+        public int Strength
+        {
+            get { return strength; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/MaxBytesExceededException.cs b/bc-sharp-crypto/src/crypto/MaxBytesExceededException.cs
new file mode 100644
index 0000000..8992c45
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/MaxBytesExceededException.cs
@@ -0,0 +1,32 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/// <summary>
+	/// This exception is thrown whenever a cipher requires a change of key, iv
+	/// or similar after x amount of bytes enciphered
+	/// </summary>
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class MaxBytesExceededException
+		: CryptoException
+	{
+		public MaxBytesExceededException()
+		{
+		}
+
+		public MaxBytesExceededException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public MaxBytesExceededException(
+			string		message,
+			Exception	e)
+			: base(message, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/OutputLengthException.cs b/bc-sharp-crypto/src/crypto/OutputLengthException.cs
new file mode 100644
index 0000000..437589f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/OutputLengthException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class OutputLengthException
+        : DataLengthException
+    {
+        public OutputLengthException()
+        {
+        }
+
+        public OutputLengthException(
+            string message)
+            : base(message)
+        {
+        }
+
+        public OutputLengthException(
+            string message,
+            Exception exception)
+            : base(message, exception)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/PbeParametersGenerator.cs b/bc-sharp-crypto/src/crypto/PbeParametersGenerator.cs
new file mode 100644
index 0000000..97d23df
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/PbeParametersGenerator.cs
@@ -0,0 +1,202 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto
+{
+    /**
+     * super class for all Password Based Encyrption (Pbe) parameter generator classes.
+     */
+    public abstract class PbeParametersGenerator
+    {
+        protected byte[]	mPassword;
+        protected byte[]	mSalt;
+        protected int		mIterationCount;
+
+        /**
+         * base constructor.
+         */
+        protected PbeParametersGenerator()
+        {
+        }
+
+        /**
+         * initialise the Pbe generator.
+         *
+         * @param password the password converted into bytes (see below).
+         * @param salt the salt to be mixed with the password.
+         * @param iterationCount the number of iterations the "mixing" function
+         * is to be applied for.
+         */
+        public virtual void Init(
+            byte[]  password,
+            byte[]  salt,
+            int     iterationCount)
+        {
+            if (password == null)
+                throw new ArgumentNullException("password");
+            if (salt == null)
+                throw new ArgumentNullException("salt");
+
+            this.mPassword = Arrays.Clone(password);
+            this.mSalt = Arrays.Clone(salt);
+            this.mIterationCount = iterationCount;
+        }
+
+        public virtual byte[] Password
+        {
+            get { return Arrays.Clone(mPassword); }
+        }
+
+        /**
+         * return the password byte array.
+         *
+         * @return the password byte array.
+         */
+        [Obsolete("Use 'Password' property")]
+        public byte[] GetPassword()
+        {
+            return Password;
+        }
+
+        public virtual byte[] Salt
+        {
+            get { return Arrays.Clone(mSalt); }
+        }
+
+        /**
+         * return the salt byte array.
+         *
+         * @return the salt byte array.
+         */
+        [Obsolete("Use 'Salt' property")]
+        public byte[] GetSalt()
+        {
+            return Salt;
+        }
+
+        /**
+         * return the iteration count.
+         *
+         * @return the iteration count.
+         */
+        public virtual int IterationCount
+        {
+            get { return mIterationCount; }
+        }
+
+        /**
+         * Generate derived parameters for a key of length keySize.
+         *
+         * @param keySize the length, in bits, of the key required.
+         * @return a parameters object representing a key.
+         */
+        [Obsolete("Use version with 'algorithm' parameter")]
+        public abstract ICipherParameters GenerateDerivedParameters(int keySize);
+        public abstract ICipherParameters GenerateDerivedParameters(string algorithm, int keySize);
+
+        /**
+         * Generate derived parameters for a key of length keySize, and
+         * an initialisation vector (IV) of length ivSize.
+         *
+         * @param keySize the length, in bits, of the key required.
+         * @param ivSize the length, in bits, of the iv required.
+         * @return a parameters object representing a key and an IV.
+         */
+        [Obsolete("Use version with 'algorithm' parameter")]
+        public abstract ICipherParameters GenerateDerivedParameters(int keySize, int ivSize);
+        public abstract ICipherParameters GenerateDerivedParameters(string algorithm, int keySize, int ivSize);
+
+        /**
+         * Generate derived parameters for a key of length keySize, specifically
+         * for use with a MAC.
+         *
+         * @param keySize the length, in bits, of the key required.
+         * @return a parameters object representing a key.
+         */
+        public abstract ICipherParameters GenerateDerivedMacParameters(int keySize);
+
+        /**
+         * converts a password to a byte array according to the scheme in
+         * Pkcs5 (ascii, no padding)
+         *
+         * @param password a character array representing the password.
+         * @return a byte array representing the password.
+         */
+        public static byte[] Pkcs5PasswordToBytes(
+            char[] password)
+        {
+            if (password == null)
+                return new byte[0];
+
+            return Strings.ToByteArray(password);
+        }
+
+        [Obsolete("Use version taking 'char[]' instead")]
+        public static byte[] Pkcs5PasswordToBytes(
+            string password)
+        {
+            if (password == null)
+                return new byte[0];
+
+            return Strings.ToByteArray(password);
+        }
+
+        /**
+         * converts a password to a byte array according to the scheme in
+         * PKCS5 (UTF-8, no padding)
+         *
+         * @param password a character array representing the password.
+         * @return a byte array representing the password.
+         */
+        public static byte[] Pkcs5PasswordToUtf8Bytes(
+            char[] password)
+        {
+            if (password == null)
+                return new byte[0];
+
+            return Encoding.UTF8.GetBytes(password);
+        }
+
+        [Obsolete("Use version taking 'char[]' instead")]
+        public static byte[] Pkcs5PasswordToUtf8Bytes(
+            string password)
+        {
+            if (password == null)
+                return new byte[0];
+
+            return Encoding.UTF8.GetBytes(password);
+        }
+
+        /**
+         * converts a password to a byte array according to the scheme in
+         * Pkcs12 (unicode, big endian, 2 zero pad bytes at the end).
+         *
+         * @param password a character array representing the password.
+         * @return a byte array representing the password.
+         */
+        public static byte[] Pkcs12PasswordToBytes(
+            char[] password)
+        {
+            return Pkcs12PasswordToBytes(password, false);
+        }
+
+        public static byte[] Pkcs12PasswordToBytes(
+            char[]	password,
+            bool	wrongPkcs12Zero)
+        {
+            if (password == null || password.Length < 1)
+            {
+                return new byte[wrongPkcs12Zero ? 2 : 0];
+            }
+
+            // +1 for extra 2 pad bytes.
+            byte[] bytes = new byte[(password.Length + 1) * 2];
+
+            Encoding.BigEndianUnicode.GetBytes(password, 0, password.Length, bytes, 0);
+
+            return bytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/StreamBlockCipher.cs b/bc-sharp-crypto/src/crypto/StreamBlockCipher.cs
new file mode 100644
index 0000000..ef2a8b6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/StreamBlockCipher.cs
@@ -0,0 +1,109 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto
+{
+	/**
+	 * a wrapper for block ciphers with a single byte block size, so that they
+	 * can be treated like stream ciphers.
+	 */
+	public class StreamBlockCipher
+		: IStreamCipher
+	{
+		private readonly IBlockCipher cipher;
+		private readonly byte[] oneByte = new byte[1];
+
+		/**
+		 * basic constructor.
+		 *
+		 * @param cipher the block cipher to be wrapped.
+		 * @exception ArgumentException if the cipher has a block size other than
+		 * one.
+		 */
+		public StreamBlockCipher(
+			IBlockCipher cipher)
+		{
+			if (cipher == null)
+				throw new ArgumentNullException("cipher");
+			if (cipher.GetBlockSize() != 1)
+				throw new ArgumentException("block cipher block size != 1.", "cipher");
+
+			this.cipher = cipher;
+		}
+
+		/**
+		 * initialise the underlying cipher.
+		 *
+		 * @param forEncryption true if we are setting up for encryption, false otherwise.
+		 * @param param the necessary parameters for the underlying cipher to be initialised.
+		 */
+		public void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			cipher.Init(forEncryption, parameters);
+		}
+
+		/**
+		* return the name of the algorithm we are wrapping.
+		*
+		* @return the name of the algorithm we are wrapping.
+		*/
+		public string AlgorithmName
+		{
+			get { return cipher.AlgorithmName; }
+		}
+
+		/**
+		* encrypt/decrypt a single byte returning the result.
+		*
+		* @param in the byte to be processed.
+		* @return the result of processing the input byte.
+		*/
+		public byte ReturnByte(
+			byte input)
+		{
+			oneByte[0] = input;
+
+			cipher.ProcessBlock(oneByte, 0, oneByte, 0);
+
+			return oneByte[0];
+		}
+
+		/**
+		* process a block of bytes from in putting the result into out.
+		*
+		* @param in the input byte array.
+		* @param inOff the offset into the in array where the data to be processed starts.
+		* @param len the number of bytes to be processed.
+		* @param out the output buffer the processed bytes go into.
+		* @param outOff the offset into the output byte array the processed data stars at.
+		* @exception DataLengthException if the output buffer is too small.
+		*/
+		public void ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			if (outOff + length > output.Length)
+				throw new DataLengthException("output buffer too small in ProcessBytes()");
+
+			for (int i = 0; i != length; i++)
+			{
+				cipher.ProcessBlock(input, inOff + i, output, outOff + i);
+			}
+		}
+
+		/**
+		* reset the underlying cipher. This leaves it in the same state
+		* it was at after the last init (if there was one).
+		*/
+		public void Reset()
+		{
+			cipher.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/DHAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/DHAgreement.cs
new file mode 100644
index 0000000..e988c0d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/DHAgreement.cs
@@ -0,0 +1,99 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+	/**
+	 * a Diffie-Hellman key exchange engine.
+	 * <p>
+	 * note: This uses MTI/A0 key agreement in order to make the key agreement
+	 * secure against passive attacks. If you're doing Diffie-Hellman and both
+	 * parties have long term public keys you should look at using this. For
+	 * further information have a look at RFC 2631.</p>
+	 * <p>
+	 * It's possible to extend this to more than two parties as well, for the moment
+	 * that is left as an exercise for the reader.</p>
+	 */
+	public class DHAgreement
+	{
+		private DHPrivateKeyParameters  key;
+		private DHParameters			dhParams;
+		private BigInteger				privateValue;
+		private SecureRandom			random;
+
+		public void Init(
+			ICipherParameters parameters)
+		{
+			AsymmetricKeyParameter kParam;
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+				this.random = rParam.Random;
+				kParam = (AsymmetricKeyParameter)rParam.Parameters;
+			}
+			else
+			{
+				this.random = new SecureRandom();
+				kParam = (AsymmetricKeyParameter)parameters;
+			}
+
+			if (!(kParam is DHPrivateKeyParameters))
+			{
+				throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
+			}
+
+			this.key = (DHPrivateKeyParameters)kParam;
+			this.dhParams = key.Parameters;
+		}
+
+		/**
+		 * calculate our initial message.
+		 */
+		public BigInteger CalculateMessage()
+		{
+			DHKeyPairGenerator dhGen = new DHKeyPairGenerator();
+			dhGen.Init(new DHKeyGenerationParameters(random, dhParams));
+			AsymmetricCipherKeyPair dhPair = dhGen.GenerateKeyPair();
+
+			this.privateValue = ((DHPrivateKeyParameters)dhPair.Private).X;
+
+			return ((DHPublicKeyParameters)dhPair.Public).Y;
+		}
+
+		/**
+		 * given a message from a given party and the corresponding public key
+		 * calculate the next message in the agreement sequence. In this case
+		 * this will represent the shared secret.
+		 */
+		public BigInteger CalculateAgreement(
+			DHPublicKeyParameters	pub,
+			BigInteger				message)
+		{
+			if (pub == null)
+				throw new ArgumentNullException("pub");
+			if (message == null)
+				throw new ArgumentNullException("message");
+
+			if (!pub.Parameters.Equals(dhParams))
+				throw new ArgumentException("Diffie-Hellman public key has wrong parameters.");
+
+            BigInteger p = dhParams.P;
+
+            BigInteger peerY = pub.Y;
+            if (peerY == null || peerY.CompareTo(BigInteger.One) <= 0 || peerY.CompareTo(p.Subtract(BigInteger.One)) >= 0)
+                throw new ArgumentException("Diffie-Hellman public key is weak");
+
+            BigInteger result = peerY.ModPow(privateValue, p);
+            if (result.Equals(BigInteger.One))
+                throw new InvalidOperationException("Shared key can't be 1");
+
+            return message.ModPow(key.X, p).Multiply(result).Mod(p);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/DHBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/DHBasicAgreement.cs
new file mode 100644
index 0000000..6c3fe65
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/DHBasicAgreement.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+    /**
+     * a Diffie-Hellman key agreement class.
+     * <p>
+     * note: This is only the basic algorithm, it doesn't take advantage of
+     * long term public keys if they are available. See the DHAgreement class
+     * for a "better" implementation.</p>
+     */
+    public class DHBasicAgreement
+        : IBasicAgreement
+    {
+        private DHPrivateKeyParameters	key;
+        private DHParameters			dhParams;
+
+        public virtual void Init(
+            ICipherParameters parameters)
+        {
+            if (parameters is ParametersWithRandom)
+            {
+                parameters = ((ParametersWithRandom) parameters).Parameters;
+            }
+
+            if (!(parameters is DHPrivateKeyParameters))
+            {
+                throw new ArgumentException("DHEngine expects DHPrivateKeyParameters");
+            }
+
+            this.key = (DHPrivateKeyParameters) parameters;
+            this.dhParams = key.Parameters;
+        }
+
+        public virtual int GetFieldSize()
+        {
+            return (key.Parameters.P.BitLength + 7) / 8;
+        }
+
+        /**
+         * given a short term public key from a given party calculate the next
+         * message in the agreement sequence.
+         */
+        public virtual BigInteger CalculateAgreement(
+            ICipherParameters pubKey)
+        {
+            if (this.key == null)
+                throw new InvalidOperationException("Agreement algorithm not initialised");
+
+            DHPublicKeyParameters pub = (DHPublicKeyParameters)pubKey;
+
+            if (!pub.Parameters.Equals(dhParams))
+                throw new ArgumentException("Diffie-Hellman public key has wrong parameters.");
+
+            BigInteger p = dhParams.P;
+
+            BigInteger peerY = pub.Y;
+            if (peerY == null || peerY.CompareTo(BigInteger.One) <= 0 || peerY.CompareTo(p.Subtract(BigInteger.One)) >= 0)
+                throw new ArgumentException("Diffie-Hellman public key is weak");
+
+            BigInteger result = peerY.ModPow(key.X, p);
+            if (result.Equals(BigInteger.One))
+                throw new InvalidOperationException("Shared key can't be 1");
+
+            return result;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/DHStandardGroups.cs b/bc-sharp-crypto/src/crypto/agreement/DHStandardGroups.cs
new file mode 100644
index 0000000..0143c63
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/DHStandardGroups.cs
@@ -0,0 +1,307 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+    /// <summary>Standard Diffie-Hellman groups from various IETF specifications.</summary>
+    public class DHStandardGroups
+    {
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        private static DHParameters FromPG(string hexP, string hexG)
+        {
+            return new DHParameters(FromHex(hexP), FromHex(hexG));
+        }
+
+        private static DHParameters FromPGQ(string hexP, string hexG, string hexQ)
+        {
+            return new DHParameters(FromHex(hexP), FromHex(hexG), FromHex(hexQ));
+        }
+
+        private static DHParameters Rfc7919Parameters(string hexP, int l)
+        {
+            // NOTE: All the groups in RFC 7919 use safe primes, i.e. q = (p-1)/2, and generator g = 2
+            BigInteger p = FromHex(hexP);
+            return new DHParameters(p, BigInteger.Two, p.ShiftRight(1), l);
+        }
+
+        /*
+         * RFC 2409
+         */
+        private static readonly string rfc2409_768_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
+        private static readonly string rfc2409_768_g = "02";
+        public static readonly DHParameters rfc2409_768 = FromPG(rfc2409_768_p, rfc2409_768_g);
+
+        private static readonly string rfc2409_1024_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381"
+            + "FFFFFFFFFFFFFFFF";
+        private static readonly string rfc2409_1024_g = "02";
+        public static readonly DHParameters rfc2409_1024 = FromPG(rfc2409_1024_p, rfc2409_1024_g);
+
+        /*
+         * RFC 3526
+         */
+        private static readonly string rfc3526_1536_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+            + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_1536_g = "02";
+        public static readonly DHParameters rfc3526_1536 = FromPG(rfc3526_1536_p, rfc3526_1536_g);
+
+        private static readonly string rfc3526_2048_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+            + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
+            + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_2048_g = "02";
+        public static readonly DHParameters rfc3526_2048 = FromPG(rfc3526_2048_p, rfc3526_2048_g);
+
+        private static readonly string rfc3526_3072_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+            + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
+            + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
+            + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
+            + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
+            + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_3072_g = "02";
+        public static readonly DHParameters rfc3526_3072 = FromPG(rfc3526_3072_p, rfc3526_3072_g);
+
+        private static readonly string rfc3526_4096_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+            + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
+            + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
+            + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
+            + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
+            + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
+            + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
+            + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"
+            + "FFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_4096_g = "02";
+        public static readonly DHParameters rfc3526_4096 = FromPG(rfc3526_4096_p, rfc3526_4096_g);
+
+        private static readonly string rfc3526_6144_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+            + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+            + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+            + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+            + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
+            + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
+            + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
+            + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
+            + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
+            + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
+            + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
+            + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
+            + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
+            + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
+            + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
+            + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
+            + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
+            + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
+            + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
+            + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
+            + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
+            + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
+            + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
+            + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
+            + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
+            + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
+            + "6DCC4024FFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_6144_g = "02";
+        public static readonly DHParameters rfc3526_6144 = FromPG(rfc3526_6144_p, rfc3526_6144_g);
+
+        private static readonly string rfc3526_8192_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
+            + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
+            + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
+            + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
+            + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
+            + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
+            + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
+            + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
+            + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
+            + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
+            + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
+            + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
+            + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
+            + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
+            + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
+            + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
+            + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
+            + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
+            + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
+            + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
+            + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
+        private static readonly string rfc3526_8192_g = "02";
+        public static readonly DHParameters rfc3526_8192 = FromPG(rfc3526_8192_p, rfc3526_8192_g);
+
+        /*
+         * RFC 4306
+         */
+        public static readonly DHParameters rfc4306_768 = rfc2409_768;
+        public static readonly DHParameters rfc4306_1024 = rfc2409_1024;
+
+        /*
+         * RFC 5114
+         */
+        private static readonly string rfc5114_1024_160_p = "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
+            + "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" + "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
+            + "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" + "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708"
+            + "DF1FB2BC2E4A4371";
+        private static readonly string rfc5114_1024_160_g = "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
+            + "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" + "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
+            + "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" + "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24"
+            + "855E6EEB22B3B2E5";
+        private static readonly string rfc5114_1024_160_q = "F518AA8781A8DF278ABA4E7D64B7CB9D49462353";
+
+        /// <remarks>
+        /// Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
+        /// </remarks>
+        [Obsolete("Existence of a 'hidden SNFS' backdoor cannot be ruled out.")]
+        public static readonly DHParameters rfc5114_1024_160 = FromPGQ(rfc5114_1024_160_p, rfc5114_1024_160_g,
+            rfc5114_1024_160_q);
+
+        private static readonly string rfc5114_2048_224_p = "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
+            + "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" + "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
+            + "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" + "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
+            + "B3BF8A317091883681286130BC8985DB1602E714415D9330" + "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
+            + "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" + "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
+            + "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" + "CF9DE5384E71B81C0AC4DFFE0C10E64F";
+        private static readonly string rfc5114_2048_224_g = "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
+            + "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA" + "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
+            + "C17669101999024AF4D027275AC1348BB8A762D0521BC98A" + "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
+            + "F180EB34118E98D119529A45D6F834566E3025E316A330EF" + "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
+            + "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" + "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
+            + "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" + "81BC087F2A7065B384B890D3191F2BFA";
+        private static readonly string rfc5114_2048_224_q = "801C0D34C58D93FE997177101F80535A4738CEBCBF389A99B36371EB";
+
+        /// <remarks>
+        /// Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
+        /// </remarks>
+        [Obsolete("Existence of a 'hidden SNFS' backdoor cannot be ruled out.")]
+        public static readonly DHParameters rfc5114_2048_224 = FromPGQ(rfc5114_2048_224_p, rfc5114_2048_224_g,
+            rfc5114_2048_224_q);
+
+        private static readonly string rfc5114_2048_256_p = "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
+            + "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30" + "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
+            + "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B" + "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
+            + "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E" + "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
+            + "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026" + "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
+            + "75F26375D7014103A4B54330C198AF126116D2276E11715F" + "693877FAD7EF09CADB094AE91E1A1597";
+        private static readonly string rfc5114_2048_256_g = "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
+            + "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555" + "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
+            + "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B" + "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
+            + "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55" + "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
+            + "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915" + "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
+            + "184B523D1DB246C32F63078490F00EF8D647D148D4795451" + "5E2327CFEF98C582664B4C0F6CC41659";
+        private static readonly string rfc5114_2048_256_q = "8CF83642A709A097B447997640129DA299B1A47D1EB3750B"
+            + "A308B0FE64F5FBD3";
+
+        /// <remarks>
+        /// Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
+        /// </remarks>
+        [Obsolete("Existence of a 'hidden SNFS' backdoor cannot be ruled out.")]
+        public static readonly DHParameters rfc5114_2048_256 = FromPGQ(rfc5114_2048_256_p, rfc5114_2048_256_g,
+            rfc5114_2048_256_q);
+
+        /*
+         * RFC 5996
+         */
+        public static readonly DHParameters rfc5996_768 = rfc4306_768;
+        public static readonly DHParameters rfc5996_1024 = rfc4306_1024;
+
+        /*
+         * RFC 7919
+         */
+        private static readonly string rfc7919_ffdhe2048_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B423861285C97FFFFFFFFFFFFFFFF";
+        public static readonly DHParameters rfc7919_ffdhe2048 = Rfc7919Parameters(rfc7919_ffdhe2048_p, 225);
+
+        private static readonly string rfc7919_ffdhe3072_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF";
+        public static readonly DHParameters rfc7919_ffdhe3072 = Rfc7919Parameters(rfc7919_ffdhe3072_p, 275);
+
+        private static readonly string rfc7919_ffdhe4096_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A"
+            + "FFFFFFFFFFFFFFFF";
+        public static readonly DHParameters rfc7919_ffdhe4096 = Rfc7919Parameters(rfc7919_ffdhe4096_p, 325);
+
+        private static readonly string rfc7919_ffdhe6144_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
+            + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
+            + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
+            + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
+            + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
+            + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
+            + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF";
+        public static readonly DHParameters rfc7919_ffdhe6144 = Rfc7919Parameters(rfc7919_ffdhe6144_p, 375);
+
+        private static readonly string rfc7919_ffdhe8192_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
+            + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
+            + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
+            + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
+            + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
+            + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
+            + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E"
+            + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282"
+            + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C"
+            + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457"
+            + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D"
+            + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF";
+        public static readonly DHParameters rfc7919_ffdhe8192 = Rfc7919Parameters(rfc7919_ffdhe8192_p, 400);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/ECDHBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/ECDHBasicAgreement.cs
new file mode 100644
index 0000000..ca7b3fa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/ECDHBasicAgreement.cs
@@ -0,0 +1,60 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+    /**
+     * P1363 7.2.1 ECSVDP-DH
+     *
+     * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
+     * Diffie-Hellman version. It is based on the work of [DH76], [Mil86],
+     * and [Kob87]. This primitive derives a shared secret value from one
+     * party's private key and another party's public key, where both have
+     * the same set of EC domain parameters. If two parties correctly
+     * execute this primitive, they will produce the same output. This
+     * primitive can be invoked by a scheme to derive a shared secret key;
+     * specifically, it may be used with the schemes ECKAS-DH1 and
+     * DL/ECKAS-DH2. It assumes that the input keys are valid (see also
+     * Section 7.2.2).
+     */
+    public class ECDHBasicAgreement
+        : IBasicAgreement
+    {
+        protected internal ECPrivateKeyParameters privKey;
+
+        public virtual void Init(
+            ICipherParameters parameters)
+        {
+            if (parameters is ParametersWithRandom)
+            {
+                parameters = ((ParametersWithRandom)parameters).Parameters;
+            }
+
+            this.privKey = (ECPrivateKeyParameters)parameters;
+        }
+
+        public virtual int GetFieldSize()
+        {
+            return (privKey.Parameters.Curve.FieldSize + 7) / 8;
+        }
+
+        public virtual BigInteger CalculateAgreement(
+            ICipherParameters pubKey)
+        {
+            ECPublicKeyParameters pub = (ECPublicKeyParameters) pubKey;
+            if (!pub.Parameters.Equals(privKey.Parameters))
+                throw new InvalidOperationException("ECDH public key has wrong domain parameters");
+
+            ECPoint P = pub.Q.Multiply(privKey.D).Normalize();
+
+            if (P.IsInfinity)
+                throw new InvalidOperationException("Infinity is not a valid agreement value for ECDH");
+
+            return P.AffineXCoord.ToBigInteger();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/ECDHCBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
new file mode 100644
index 0000000..1c9ae45
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/ECDHCBasicAgreement.cs
@@ -0,0 +1,68 @@
+using System;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+    /**
+     * P1363 7.2.2 ECSVDP-DHC
+     *
+     * ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive,
+     * Diffie-Hellman version with cofactor multiplication. It is based on
+     * the work of [DH76], [Mil86], [Kob87], [LMQ98] and [Kal98a]. This
+     * primitive derives a shared secret value from one party's private key
+     * and another party's public key, where both have the same set of EC
+     * domain parameters. If two parties correctly execute this primitive,
+     * they will produce the same output. This primitive can be invoked by a
+     * scheme to derive a shared secret key; specifically, it may be used
+     * with the schemes ECKAS-DH1 and DL/ECKAS-DH2. It does not assume the
+     * validity of the input public key (see also Section 7.2.1).
+     * <p>
+     * Note: As stated P1363 compatibility mode with ECDH can be preset, and
+     * in this case the implementation doesn't have a ECDH compatibility mode
+     * (if you want that just use ECDHBasicAgreement and note they both implement
+     * BasicAgreement!).</p>
+     */
+    public class ECDHCBasicAgreement
+        : IBasicAgreement
+    {
+        private ECPrivateKeyParameters privKey;
+
+        public virtual void Init(
+            ICipherParameters parameters)
+        {
+            if (parameters is ParametersWithRandom)
+            {
+                parameters = ((ParametersWithRandom) parameters).Parameters;
+            }
+
+            this.privKey = (ECPrivateKeyParameters)parameters;
+        }
+
+        public virtual int GetFieldSize()
+        {
+            return (privKey.Parameters.Curve.FieldSize + 7) / 8;
+        }
+
+        public virtual BigInteger CalculateAgreement(
+            ICipherParameters pubKey)
+        {
+            ECPublicKeyParameters pub = (ECPublicKeyParameters) pubKey;
+            ECDomainParameters parameters = pub.Parameters;
+            if (!parameters.Equals(privKey.Parameters))
+                throw new InvalidOperationException("ECDHC public key has wrong domain parameters");
+
+            BigInteger hd = parameters.H.Multiply(privKey.D).Mod(parameters.N);
+
+            ECPoint P = pub.Q.Multiply(hd).Normalize();
+
+            if (P.IsInfinity)
+                throw new InvalidOperationException("Infinity is not a valid agreement value for ECDHC");
+
+            return P.AffineXCoord.ToBigInteger();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs
new file mode 100644
index 0000000..1de80d1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto.Agreement.Kdf;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+	public class ECDHWithKdfBasicAgreement
+		: ECDHBasicAgreement
+	{
+		private readonly string algorithm;
+		private readonly IDerivationFunction kdf;
+
+		public ECDHWithKdfBasicAgreement(
+			string				algorithm,
+			IDerivationFunction	kdf)
+		{
+			if (algorithm == null)
+				throw new ArgumentNullException("algorithm");
+			if (kdf == null)
+				throw new ArgumentNullException("kdf");
+
+			this.algorithm = algorithm;
+			this.kdf = kdf;
+		}
+
+		public override BigInteger CalculateAgreement(
+			ICipherParameters pubKey)
+		{
+			// Note that the ec.KeyAgreement class in JCE only uses kdf in one
+			// of the engineGenerateSecret methods.
+
+			BigInteger result = base.CalculateAgreement(pubKey);
+
+			int keySize = GeneratorUtilities.GetDefaultKeySize(algorithm);
+
+			DHKdfParameters dhKdfParams = new DHKdfParameters(
+				new DerObjectIdentifier(algorithm),
+				keySize,
+				BigIntToBytes(result));
+
+			kdf.Init(dhKdfParams);
+
+			byte[] keyBytes = new byte[keySize / 8];
+			kdf.GenerateBytes(keyBytes, 0, keyBytes.Length);
+
+			return new BigInteger(1, keyBytes);
+		}
+
+		private byte[] BigIntToBytes(BigInteger r)
+		{
+			int byteLength = X9IntegerConverter.GetByteLength(privKey.Parameters.Curve);
+			return X9IntegerConverter.IntegerToBytes(r, byteLength);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/ECMqvBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/ECMqvBasicAgreement.cs
new file mode 100644
index 0000000..8d5cebb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/ECMqvBasicAgreement.cs
@@ -0,0 +1,93 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+    public class ECMqvBasicAgreement
+        : IBasicAgreement
+    {
+        protected internal MqvPrivateParameters privParams;
+
+        public virtual void Init(
+            ICipherParameters parameters)
+        {
+            if (parameters is ParametersWithRandom)
+            {
+                parameters = ((ParametersWithRandom)parameters).Parameters;
+            }
+
+            this.privParams = (MqvPrivateParameters)parameters;
+        }
+
+        public virtual int GetFieldSize()
+        {
+            return (privParams.StaticPrivateKey.Parameters.Curve.FieldSize + 7) / 8;
+        }
+
+        public virtual BigInteger CalculateAgreement(
+            ICipherParameters pubKey)
+        {
+            MqvPublicParameters pubParams = (MqvPublicParameters)pubKey;
+
+            ECPrivateKeyParameters staticPrivateKey = privParams.StaticPrivateKey;
+            ECDomainParameters parameters = staticPrivateKey.Parameters;
+
+            if (!parameters.Equals(pubParams.StaticPublicKey.Parameters))
+                throw new InvalidOperationException("ECMQV public key components have wrong domain parameters");
+
+            ECPoint agreement = CalculateMqvAgreement(parameters, staticPrivateKey,
+                privParams.EphemeralPrivateKey, privParams.EphemeralPublicKey,
+                pubParams.StaticPublicKey, pubParams.EphemeralPublicKey).Normalize();
+
+            if (agreement.IsInfinity)
+                throw new InvalidOperationException("Infinity is not a valid agreement value for MQV");
+
+            return agreement.AffineXCoord.ToBigInteger();
+        }
+
+        // The ECMQV Primitive as described in SEC-1, 3.4
+        private static ECPoint CalculateMqvAgreement(
+            ECDomainParameters		parameters,
+            ECPrivateKeyParameters	d1U,
+            ECPrivateKeyParameters	d2U,
+            ECPublicKeyParameters	Q2U,
+            ECPublicKeyParameters	Q1V,
+            ECPublicKeyParameters	Q2V)
+        {
+            BigInteger n = parameters.N;
+            int e = (n.BitLength + 1) / 2;
+            BigInteger powE = BigInteger.One.ShiftLeft(e);
+
+            ECCurve curve = parameters.Curve;
+
+            ECPoint[] points = new ECPoint[]{
+                // The Q2U public key is optional - but will be calculated for us if it wasn't present
+                ECAlgorithms.ImportPoint(curve, Q2U.Q),
+                ECAlgorithms.ImportPoint(curve, Q1V.Q),
+                ECAlgorithms.ImportPoint(curve, Q2V.Q)
+            };
+
+            curve.NormalizeAll(points);
+
+            ECPoint q2u = points[0], q1v = points[1], q2v = points[2];
+
+            BigInteger x = q2u.AffineXCoord.ToBigInteger();
+            BigInteger xBar = x.Mod(powE);
+            BigInteger Q2UBar = xBar.SetBit(e);
+            BigInteger s = d1U.D.Multiply(Q2UBar).Add(d2U.D).Mod(n);
+
+            BigInteger xPrime = q2v.AffineXCoord.ToBigInteger();
+            BigInteger xPrimeBar = xPrime.Mod(powE);
+            BigInteger Q2VBar = xPrimeBar.SetBit(e);
+
+            BigInteger hs = parameters.H.Multiply(s).Mod(n);
+
+            return ECAlgorithms.SumOfTwoMultiplies(
+                q1v, Q2VBar.Multiply(hs).Mod(n), q2v, hs);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs b/bc-sharp-crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs
new file mode 100644
index 0000000..7d79fc4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto.Agreement.Kdf;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement
+{
+	public class ECMqvWithKdfBasicAgreement
+		: ECMqvBasicAgreement
+	{
+		private readonly string algorithm;
+		private readonly IDerivationFunction kdf;
+
+		public ECMqvWithKdfBasicAgreement(
+			string				algorithm,
+			IDerivationFunction	kdf)
+		{
+			if (algorithm == null)
+				throw new ArgumentNullException("algorithm");
+			if (kdf == null)
+				throw new ArgumentNullException("kdf");
+
+			this.algorithm = algorithm;
+			this.kdf = kdf;
+		}
+
+		public override BigInteger CalculateAgreement(
+			ICipherParameters pubKey)
+		{
+			// Note that the ec.KeyAgreement class in JCE only uses kdf in one
+			// of the engineGenerateSecret methods.
+
+			BigInteger result = base.CalculateAgreement(pubKey);
+
+			int keySize = GeneratorUtilities.GetDefaultKeySize(algorithm);
+
+			DHKdfParameters dhKdfParams = new DHKdfParameters(
+				new DerObjectIdentifier(algorithm),
+				keySize,
+				BigIntToBytes(result));
+
+			kdf.Init(dhKdfParams);
+
+			byte[] keyBytes = new byte[keySize / 8];
+			kdf.GenerateBytes(keyBytes, 0, keyBytes.Length);
+
+			return new BigInteger(1, keyBytes);
+		}
+
+		private byte[] BigIntToBytes(BigInteger r)
+		{
+			int byteLength = X9IntegerConverter.GetByteLength(privParams.StaticPrivateKey.Parameters.Curve);
+			return X9IntegerConverter.IntegerToBytes(r, byteLength);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeParticipant.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
new file mode 100644
index 0000000..7942848
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeParticipant.cs
@@ -0,0 +1,456 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange.
+    ///
+    /// The J-PAKE exchange is defined by Feng Hao and Peter Ryan in the paper
+    /// <a href="http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf">
+    /// "Password Authenticated Key Exchange by Juggling, 2008."</a>
+    ///
+    /// The J-PAKE protocol is symmetric.
+    /// There is no notion of a <i>client</i> or <i>server</i>, but rather just two <i>participants</i>.
+    /// An instance of JPakeParticipant represents one participant, and
+    /// is the primary interface for executing the exchange.
+    ///
+    /// To execute an exchange, construct a JPakeParticipant on each end,
+    /// and call the following 7 methods
+    /// (once and only once, in the given order, for each participant, sending messages between them as described):
+    ///
+    /// CreateRound1PayloadToSend() - and send the payload to the other participant
+    /// ValidateRound1PayloadReceived(JPakeRound1Payload) - use the payload received from the other participant
+    /// CreateRound2PayloadToSend() - and send the payload to the other participant
+    /// ValidateRound2PayloadReceived(JPakeRound2Payload) - use the payload received from the other participant
+    /// CalculateKeyingMaterial()
+    /// CreateRound3PayloadToSend(BigInteger) - and send the payload to the other participant
+    /// ValidateRound3PayloadReceived(JPakeRound3Payload, BigInteger) - use the payload received from the other participant
+    ///
+    /// Each side should derive a session key from the keying material returned by CalculateKeyingMaterial().
+    /// The caller is responsible for deriving the session key using a secure key derivation function (KDF).
+    ///
+    /// Round 3 is an optional key confirmation process.
+    /// If you do not execute round 3, then there is no assurance that both participants are using the same key.
+    /// (i.e. if the participants used different passwords, then their session keys will differ.)
+    ///
+    /// If the round 3 validation succeeds, then the keys are guaranteed to be the same on both sides.
+    ///
+    /// The symmetric design can easily support the asymmetric cases when one party initiates the communication.
+    /// e.g. Sometimes the round1 payload and round2 payload may be sent in one pass.
+    /// Also, in some cases, the key confirmation payload can be sent together with the round2 payload.
+    /// These are the trivial techniques to optimize the communication.
+    ///
+    /// The key confirmation process is implemented as specified in
+    /// <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
+    /// Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
+    ///
+    /// This class is stateful and NOT threadsafe.
+    /// Each instance should only be used for ONE complete J-PAKE exchange
+    /// (i.e. a new JPakeParticipant should be constructed for each new J-PAKE exchange).
+    /// </summary>
+    public class JPakeParticipant
+    {
+        // Possible internal states.  Used for state checking.
+        public static readonly int STATE_INITIALIZED = 0;
+        public static readonly int STATE_ROUND_1_CREATED = 10;
+        public static readonly int STATE_ROUND_1_VALIDATED = 20;
+        public static readonly int STATE_ROUND_2_CREATED = 30;
+        public static readonly int STATE_ROUND_2_VALIDATED = 40;
+        public static readonly int STATE_KEY_CALCULATED = 50;
+        public static readonly int STATE_ROUND_3_CREATED = 60;
+        public static readonly int STATE_ROUND_3_VALIDATED = 70;
+
+        // Unique identifier of this participant.
+        // The two participants in the exchange must NOT share the same id.
+        private string participantId;
+
+        // Shared secret.  This only contains the secret between construction
+        // and the call to CalculateKeyingMaterial().
+        //
+        // i.e. When CalculateKeyingMaterial() is called, this buffer overwritten with 0's,
+        // and the field is set to null.
+        private char[] password;
+
+        // Digest to use during calculations.
+        private IDigest digest;
+        
+        // Source of secure random data.
+        private readonly SecureRandom random;
+
+        private readonly BigInteger p;
+        private readonly BigInteger q;
+        private readonly BigInteger g;
+
+        // The participantId of the other participant in this exchange.
+        private string partnerParticipantId;
+
+        // Alice's x1 or Bob's x3.
+        private BigInteger x1;
+        // Alice's x2 or Bob's x4.
+        private BigInteger x2;
+        // Alice's g^x1 or Bob's g^x3.
+        private BigInteger gx1;
+        // Alice's g^x2 or Bob's g^x4.
+        private BigInteger gx2;
+        // Alice's g^x3 or Bob's g^x1.
+        private BigInteger gx3;
+        // Alice's g^x4 or Bob's g^x2.
+        private BigInteger gx4;
+        // Alice's B or Bob's A.
+        private BigInteger b;
+
+        // The current state.
+        // See the <tt>STATE_*</tt> constants for possible values.
+        private int state;
+
+        /// <summary>
+        /// Convenience constructor for a new JPakeParticipant that uses
+        /// the JPakePrimeOrderGroups#NIST_3072 prime order group,
+        /// a SHA-256 digest, and a default SecureRandom implementation.
+        ///
+        /// After construction, the State state will be STATE_INITIALIZED.
+        /// 
+        /// Throws NullReferenceException if any argument is null. Throws
+        /// ArgumentException if password is empty.
+        /// </summary>
+        /// <param name="participantId">Unique identifier of this participant.
+        ///      The two participants in the exchange must NOT share the same id.</param>
+        /// <param name="password">Shared secret.
+        ///      A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
+        ///      Caller should clear the input password as soon as possible.</param>
+        public JPakeParticipant(string participantId, char[] password)
+            : this(participantId, password, JPakePrimeOrderGroups.NIST_3072) { }
+
+        /// <summary>
+        /// Convenience constructor for a new JPakeParticipant that uses
+        /// a SHA-256 digest, and a default SecureRandom implementation.
+        ///
+        /// After construction, the State state will be STATE_INITIALIZED.
+        /// 
+        /// Throws NullReferenceException if any argument is null. Throws
+        /// ArgumentException if password is empty.
+        /// </summary>
+        /// <param name="participantId">Unique identifier of this participant.
+        ///      The two participants in the exchange must NOT share the same id.</param>
+        /// <param name="password">Shared secret.
+        ///      A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
+        ///      Caller should clear the input password as soon as possible.</param>
+        /// <param name="group">Prime order group. See JPakePrimeOrderGroups for standard groups.</param>
+        public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group)
+            : this(participantId, password, group, new Sha256Digest(), new SecureRandom()) { }
+
+
+        /// <summary>
+        /// Constructor for a new JPakeParticipant.
+        ///
+        /// After construction, the State state will be STATE_INITIALIZED.
+        /// 
+        /// Throws NullReferenceException if any argument is null. Throws
+        /// ArgumentException if password is empty.
+        /// </summary>
+        /// <param name="participantId">Unique identifier of this participant.
+        ///      The two participants in the exchange must NOT share the same id.</param>
+        /// <param name="password">Shared secret.
+        ///      A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
+        ///      Caller should clear the input password as soon as possible.</param>
+        /// <param name="group">Prime order group. See JPakePrimeOrderGroups for standard groups.</param>
+        /// <param name="digest">Digest to use during zero knowledge proofs and key confirmation
+        ///     (SHA-256 or stronger preferred).</param>
+        /// <param name="random">Source of secure random data for x1 and x2, and for the zero knowledge proofs.</param>
+        public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group, IDigest digest, SecureRandom random)
+        {
+            JPakeUtilities.ValidateNotNull(participantId, "participantId");
+            JPakeUtilities.ValidateNotNull(password, "password");
+            JPakeUtilities.ValidateNotNull(group, "p");
+            JPakeUtilities.ValidateNotNull(digest, "digest");
+            JPakeUtilities.ValidateNotNull(random, "random");
+
+            if (password.Length == 0)
+            {
+                throw new ArgumentException("Password must not be empty.");
+            }
+
+            this.participantId = participantId;
+
+            // Create a defensive copy so as to fully encapsulate the password.
+            // 
+            // This array will contain the password for the lifetime of this
+            // participant BEFORE CalculateKeyingMaterial() is called.
+            // 
+            // i.e. When CalculateKeyingMaterial() is called, the array will be cleared
+            // in order to remove the password from memory.
+            // 
+            // The caller is responsible for clearing the original password array
+            // given as input to this constructor.
+            this.password = new char[password.Length];
+            Array.Copy(password, this.password, password.Length);
+
+            this.p = group.P;
+            this.q = group.Q;
+            this.g = group.G;
+
+            this.digest = digest;
+            this.random = random;
+
+            this.state = STATE_INITIALIZED;
+        }
+
+        /// <summary>
+        /// Gets the current state of this participant.
+        /// See the <tt>STATE_*</tt> constants for possible values.
+        /// </summary>
+        public virtual int State
+        {
+            get { return state; }
+        }
+
+
+        /// <summary>
+        /// Creates and returns the payload to send to the other participant during round 1.
+        ///
+        /// After execution, the State state} will be STATE_ROUND_1_CREATED}.
+        /// </summary>
+        public virtual JPakeRound1Payload CreateRound1PayloadToSend()
+        {
+            if (this.state >= STATE_ROUND_1_CREATED)
+                throw new InvalidOperationException("Round 1 payload already created for " + this.participantId);
+
+            this.x1 = JPakeUtilities.GenerateX1(q, random);
+            this.x2 = JPakeUtilities.GenerateX2(q, random);
+
+            this.gx1 = JPakeUtilities.CalculateGx(p, g, x1);
+            this.gx2 = JPakeUtilities.CalculateGx(p, g, x2);
+            BigInteger[] knowledgeProofForX1 = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx1, x1, participantId, digest, random);
+            BigInteger[] knowledgeProofForX2 = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx2, x2, participantId, digest, random);
+
+            this.state = STATE_ROUND_1_CREATED;
+
+            return new JPakeRound1Payload(participantId, gx1, gx2, knowledgeProofForX1, knowledgeProofForX2);
+        }
+
+        /// <summary>
+        /// Validates the payload received from the other participant during round 1.
+        ///
+        /// Must be called prior to CreateRound2PayloadToSend().
+        ///
+        /// After execution, the State state will be  STATE_ROUND_1_VALIDATED.
+        /// 
+        /// Throws CryptoException if validation fails. Throws InvalidOperationException
+        /// if called multiple times.
+        /// </summary>
+        public virtual void ValidateRound1PayloadReceived(JPakeRound1Payload round1PayloadReceived)
+        {
+            if (this.state >= STATE_ROUND_1_VALIDATED)
+                throw new InvalidOperationException("Validation already attempted for round 1 payload for " + this.participantId);
+
+            this.partnerParticipantId = round1PayloadReceived.ParticipantId;
+            this.gx3 = round1PayloadReceived.Gx1;
+            this.gx4 = round1PayloadReceived.Gx2;
+
+            BigInteger[] knowledgeProofForX3 = round1PayloadReceived.KnowledgeProofForX1;
+            BigInteger[] knowledgeProofForX4 = round1PayloadReceived.KnowledgeProofForX2;
+
+            JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round1PayloadReceived.ParticipantId);
+            JPakeUtilities.ValidateGx4(gx4);
+            JPakeUtilities.ValidateZeroKnowledgeProof(p, q, g, gx3, knowledgeProofForX3, round1PayloadReceived.ParticipantId, digest);
+            JPakeUtilities.ValidateZeroKnowledgeProof(p, q, g, gx4, knowledgeProofForX4, round1PayloadReceived.ParticipantId, digest); 
+            this.state = STATE_ROUND_1_VALIDATED;
+        }
+
+        /// <summary>
+        /// Creates and returns the payload to send to the other participant during round 2.
+        ///
+        /// ValidateRound1PayloadReceived(JPakeRound1Payload) must be called prior to this method.
+        ///
+        /// After execution, the State state will be  STATE_ROUND_2_CREATED.
+        ///
+        /// Throws InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times
+        /// </summary>
+        public virtual JPakeRound2Payload CreateRound2PayloadToSend()
+        {
+            if (this.state >= STATE_ROUND_2_CREATED)
+                throw new InvalidOperationException("Round 2 payload already created for " + this.participantId);
+            if (this.state < STATE_ROUND_1_VALIDATED)
+                throw new InvalidOperationException("Round 1 payload must be validated prior to creating round 2 payload for " + this.participantId);
+
+            BigInteger gA = JPakeUtilities.CalculateGA(p, gx1, gx3, gx4);
+            BigInteger s = JPakeUtilities.CalculateS(password);
+            BigInteger x2s = JPakeUtilities.CalculateX2s(q, x2, s);
+            BigInteger A = JPakeUtilities.CalculateA(p, q, gA, x2s);
+            BigInteger[] knowledgeProofForX2s = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, gA, A, x2s, participantId, digest, random);
+
+            this.state = STATE_ROUND_2_CREATED;
+
+            return new JPakeRound2Payload(participantId, A, knowledgeProofForX2s);
+        }
+
+        /// <summary>
+        /// Validates the payload received from the other participant during round 2.
+        /// Note that this DOES NOT detect a non-common password.
+        /// The only indication of a non-common password is through derivation
+        /// of different keys (which can be detected explicitly by executing round 3 and round 4)
+        ///
+        /// Must be called prior to CalculateKeyingMaterial().
+        ///
+        /// After execution, the State state will be STATE_ROUND_2_VALIDATED.
+        ///
+        /// Throws CryptoException if validation fails. Throws
+        /// InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times
+        /// </summary>
+        public virtual void ValidateRound2PayloadReceived(JPakeRound2Payload round2PayloadReceived)
+        {
+            if (this.state >= STATE_ROUND_2_VALIDATED)
+                throw new InvalidOperationException("Validation already attempted for round 2 payload for " + this.participantId);
+            if (this.state < STATE_ROUND_1_VALIDATED)
+                throw new InvalidOperationException("Round 1 payload must be validated prior to validation round 2 payload for " + this.participantId);
+
+            BigInteger gB = JPakeUtilities.CalculateGA(p, gx3, gx1, gx2);
+            this.b = round2PayloadReceived.A;
+            BigInteger[] knowledgeProofForX4s = round2PayloadReceived.KnowledgeProofForX2s;
+
+            JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round2PayloadReceived.ParticipantId);
+            JPakeUtilities.ValidateParticipantIdsEqual(this.partnerParticipantId, round2PayloadReceived.ParticipantId);
+            JPakeUtilities.ValidateGa(gB);
+            JPakeUtilities.ValidateZeroKnowledgeProof(p, q, gB, b, knowledgeProofForX4s, round2PayloadReceived.ParticipantId, digest);
+
+            this.state = STATE_ROUND_2_VALIDATED;
+        }
+
+        /// <summary>
+        /// Calculates and returns the key material.
+        /// A session key must be derived from this key material using a secure key derivation function (KDF).
+        /// The KDF used to derive the key is handled externally (i.e. not by JPakeParticipant).
+        ///
+        /// The keying material will be identical for each participant if and only if
+        /// each participant's password is the same.  i.e. If the participants do not
+        /// share the same password, then each participant will derive a different key.
+        /// Therefore, if you immediately start using a key derived from
+        /// the keying material, then you must handle detection of incorrect keys.
+        /// If you want to handle this detection explicitly, you can optionally perform
+        /// rounds 3 and 4.  See JPakeParticipant for details on how to execute
+        /// rounds 3 and 4.
+        ///
+        /// The keying material will be in the range <tt>[0, p-1]</tt>.
+        ///
+        /// ValidateRound2PayloadReceived(JPakeRound2Payload) must be called prior to this method.
+        /// 
+        /// As a side effect, the internal password array is cleared, since it is no longer needed.
+        ///
+        /// After execution, the State state will be STATE_KEY_CALCULATED.
+        ///
+        /// Throws InvalidOperationException if called prior to ValidateRound2PayloadReceived(JPakeRound2Payload),
+        /// or if called multiple times.
+        /// </summary>
+        public virtual BigInteger CalculateKeyingMaterial()
+        {
+            if (this.state >= STATE_KEY_CALCULATED)
+                throw new InvalidOperationException("Key already calculated for " + participantId);
+            if (this.state < STATE_ROUND_2_VALIDATED)
+                throw new InvalidOperationException("Round 2 payload must be validated prior to creating key for " + participantId);
+
+            BigInteger s = JPakeUtilities.CalculateS(password);
+
+            // Clear the password array from memory, since we don't need it anymore.
+            // Also set the field to null as a flag to indicate that the key has already been calculated.
+            Array.Clear(password, 0, password.Length);
+            this.password = null;
+
+            BigInteger keyingMaterial = JPakeUtilities.CalculateKeyingMaterial(p, q, gx4, x2, s, b);
+
+            // Clear the ephemeral private key fields as well.
+            // Note that we're relying on the garbage collector to do its job to clean these up.
+            // The old objects will hang around in memory until the garbage collector destroys them.
+            // 
+            // If the ephemeral private keys x1 and x2 are leaked,
+            // the attacker might be able to brute-force the password.
+            this.x1 = null;
+            this.x2 = null;
+            this.b = null;
+
+            // Do not clear gx* yet, since those are needed by round 3.
+
+            this.state = STATE_KEY_CALCULATED;
+
+            return keyingMaterial;
+        }
+
+        /// <summary>
+        /// Creates and returns the payload to send to the other participant during round 3.
+        ///
+        /// See JPakeParticipant for more details on round 3.
+        ///
+        /// After execution, the State state} will be  STATE_ROUND_3_CREATED.
+        /// Throws InvalidOperationException if called prior to CalculateKeyingMaterial, or multiple
+        /// times.
+        /// </summary>
+        /// <param name="keyingMaterial">The keying material as returned from CalculateKeyingMaterial().</param> 
+        public virtual JPakeRound3Payload CreateRound3PayloadToSend(BigInteger keyingMaterial)
+        {
+            if (this.state >= STATE_ROUND_3_CREATED)
+                throw new InvalidOperationException("Round 3 payload already created for " + this.participantId);
+            if (this.state < STATE_KEY_CALCULATED)
+                throw new InvalidOperationException("Keying material must be calculated prior to creating round 3 payload for " + this.participantId);
+
+            BigInteger macTag = JPakeUtilities.CalculateMacTag(
+                this.participantId,
+                this.partnerParticipantId,
+                this.gx1,
+                this.gx2,
+                this.gx3,
+                this.gx4,
+                keyingMaterial,
+                this.digest);
+
+            this.state = STATE_ROUND_3_CREATED;
+
+            return new JPakeRound3Payload(participantId, macTag);
+        }
+
+        /// <summary>
+        /// Validates the payload received from the other participant during round 3.
+        ///
+        /// See JPakeParticipant for more details on round 3.
+        ///
+        /// After execution, the State state will be STATE_ROUND_3_VALIDATED.
+        /// 
+        /// Throws CryptoException if validation fails. Throws InvalidOperationException if called prior to
+        /// CalculateKeyingMaterial or multiple times
+        /// </summary>
+        /// <param name="round3PayloadReceived">The round 3 payload received from the other participant.</param> 
+        /// <param name="keyingMaterial">The keying material as returned from CalculateKeyingMaterial().</param> 
+        public virtual void ValidateRound3PayloadReceived(JPakeRound3Payload round3PayloadReceived, BigInteger keyingMaterial)
+        {
+            if (this.state >= STATE_ROUND_3_VALIDATED)
+                throw new InvalidOperationException("Validation already attempted for round 3 payload for " + this.participantId);
+            if (this.state < STATE_KEY_CALCULATED)
+                throw new InvalidOperationException("Keying material must be calculated prior to validating round 3 payload for " + this.participantId);
+
+            JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round3PayloadReceived.ParticipantId);
+            JPakeUtilities.ValidateParticipantIdsEqual(this.partnerParticipantId, round3PayloadReceived.ParticipantId);
+
+            JPakeUtilities.ValidateMacTag(
+                this.participantId,
+                this.partnerParticipantId,
+                this.gx1,
+                this.gx2,
+                this.gx3,
+                this.gx4,
+                keyingMaterial,
+                this.digest,
+                round3PayloadReceived.MacTag);
+
+            // Clear the rest of the fields.
+            this.gx1 = null;
+            this.gx2 = null;
+            this.gx3 = null;
+            this.gx4 = null;
+
+            this.state = STATE_ROUND_3_VALIDATED;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs
new file mode 100644
index 0000000..08ffe1a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// A pre-computed prime order group for use during a J-PAKE exchange.
+    ///
+    /// Typically a Schnorr group is used.  In general, J-PAKE can use any prime order group
+    /// that is suitable for public key cryptography, including elliptic curve cryptography.
+    ///
+    /// See JPakePrimeOrderGroups for convenient standard groups.
+    ///
+    /// NIST <a href="http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/DSA2_All.pdf">publishes</a>
+    /// many groups that can be used for the desired level of security.
+    /// </summary>
+    public class JPakePrimeOrderGroup
+    {
+        private readonly BigInteger p;
+        private readonly BigInteger q;
+        private readonly BigInteger g;
+
+        /// <summary>
+        /// Constructs a new JPakePrimeOrderGroup.
+        ///
+        /// In general, you should use one of the pre-approved groups from
+        /// JPakePrimeOrderGroups, rather than manually constructing one.
+        ///
+        /// The following basic checks are performed:
+        ///
+        /// p-1 must be evenly divisible by q
+        /// g must be in [2, p-1]
+        /// g^q mod p must equal 1
+        /// p must be prime (within reasonably certainty)
+        /// q must be prime (within reasonably certainty)
+        ///
+        /// The prime checks are performed using BigInteger#isProbablePrime(int),
+        /// and are therefore subject to the same probability guarantees.
+        ///
+        /// These checks prevent trivial mistakes.
+        /// However, due to the small uncertainties if p and q are not prime,
+        /// advanced attacks are not prevented.
+        /// Use it at your own risk.
+        /// 
+        /// Throws NullReferenceException if any argument is null. Throws
+        /// InvalidOperationException is any of the above validations fail.
+        /// </summary>
+        public JPakePrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g)
+            : this(p, q, g, false)
+        {
+             // Don't skip the checks on user-specified groups.
+        }
+
+        /// <summary>
+        /// Constructor used by the pre-approved groups in JPakePrimeOrderGroups.
+        /// These pre-approved groups can avoid the expensive checks.
+        /// User-specified groups should not use this constructor.
+        /// </summary>
+        public JPakePrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g, bool skipChecks)
+        {
+            JPakeUtilities.ValidateNotNull(p, "p");
+            JPakeUtilities.ValidateNotNull(q, "q");
+            JPakeUtilities.ValidateNotNull(g, "g");
+
+            if (!skipChecks)
+            {
+                if (!p.Subtract(JPakeUtilities.One).Mod(q).Equals(JPakeUtilities.Zero))
+                    throw new ArgumentException("p-1 must be evenly divisible by q");
+                if (g.CompareTo(BigInteger.Two) == -1 || g.CompareTo(p.Subtract(JPakeUtilities.One)) == 1)
+                    throw new ArgumentException("g must be in [2, p-1]");
+                if (!g.ModPow(q, p).Equals(JPakeUtilities.One))
+                    throw new ArgumentException("g^q mod p must equal 1");
+
+                // Note these checks do not guarantee that p and q are prime.
+                // We just have reasonable certainty that they are prime.
+                if (!p.IsProbablePrime(20))
+                    throw new ArgumentException("p must be prime");
+                if (!q.IsProbablePrime(20))
+                    throw new ArgumentException("q must be prime");
+            }
+
+            this.p = p;
+            this.q = q;
+            this.g = g;
+        }
+
+        public virtual BigInteger P
+        {
+            get { return p; }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public virtual BigInteger G
+        {
+            get { return g; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs
new file mode 100644
index 0000000..192cd2b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs
@@ -0,0 +1,108 @@
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// Standard pre-computed prime order groups for use by J-PAKE.
+    /// (J-PAKE can use pre-computed prime order groups, same as DSA and Diffie-Hellman.)
+    /// <p/>
+    /// This class contains some convenient constants for use as input for
+    /// constructing {@link JPAKEParticipant}s.
+    /// <p/>
+    /// The prime order groups below are taken from Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB),
+    /// and from the prime order groups
+    /// <a href="http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/DSA2_All.pdf">published by NIST</a>.
+    /// </summary>
+    public class JPakePrimeOrderGroups
+    {
+        /// <summary>
+        /// From Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB)
+        /// 1024-bit p, 160-bit q and 1024-bit g for 80-bit security.
+        /// </summary>
+        public static readonly JPakePrimeOrderGroup SUN_JCE_1024 = new JPakePrimeOrderGroup(
+            // p
+            new BigInteger(
+                "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" +
+                    "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" +
+                    "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" +
+                    "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16),
+            // q
+            new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16),
+            // g
+            new BigInteger(
+                "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" +
+                    "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" +
+                    "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" +
+                    "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16),
+            true
+        );
+
+        /// <summary>
+        /// From NIST.
+        /// 2048-bit p, 224-bit q and 2048-bit g for 112-bit security.
+        /// </summary>
+        public static readonly JPakePrimeOrderGroup NIST_2048 = new JPakePrimeOrderGroup(
+            // p
+            new BigInteger(
+                "C196BA05AC29E1F9C3C72D56DFFC6154A033F1477AC88EC37F09BE6C5BB95F51" +
+                    "C296DD20D1A28A067CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" +
+                    "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE619ECACC7E0B51652" +
+                    "A8776D02A425567DED36EABD90CA33A1E8D988F0BBB92D02D1D20290113BB562" +
+                    "CE1FC856EEB7CDD92D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" +
+                    "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E5320121496DC65B3" +
+                    "930E38047294FF877831A16D5228418DE8AB275D7D75651CEFED65F78AFC3EA7" +
+                    "FE4D79B35F62A0402A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16),
+            // q
+            new BigInteger("90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16),
+            // g
+            new BigInteger(
+                "A59A749A11242C58C894E9E5A91804E8FA0AC64B56288F8D47D51B1EDC4D6544" +
+                    "4FECA0111D78F35FC9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50" +
+                    "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B6E770409494B7FEE" +
+                    "1DBB1E4B2BC2A53D4F893D418B7159592E4FFFDF6969E91D770DAEBD0B5CB14C" +
+                    "00AD68EC7DC1E5745EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF" +
+                    "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E695515B05BD412F5B8" +
+                    "C2F4C77EE10DA48ABD53F5DD498927EE7B692BBBCDA2FB23A516C5B4533D7398" +
+                    "0B2A3B60E384ED200AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16),
+            true
+        );
+
+        /// <summary>
+        /// From NIST.
+        /// 3072-bit p, 256-bit q and 3072-bit g for 128-bit security.
+        /// </summary>
+        public static readonly JPakePrimeOrderGroup NIST_3072 = new JPakePrimeOrderGroup(
+            // p
+            new BigInteger(
+                "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD61037E56258A7795A1C" +
+                    "7AD46076982CE6BB956936C6AB4DCFE05E6784586940CA544B9B2140E1EB523F" +
+                    "009D20A7E7880E4E5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" +
+                    "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D3485261CD068699B" +
+                    "6BA58A1DDBBEF6DB51E8FE34E8A78E542D7BA351C21EA8D8F1D29F5D5D159394" +
+                    "87E27F4416B0CA632C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" +
+                    "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0EE6F29AF7F642773E" +
+                    "BE8CD5402415A01451A840476B2FCEB0E388D30D4B376C37FE401C2A2C2F941D" +
+                    "AD179C540C1C8CE030D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" +
+                    "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C560EA878DE87C11E3D" +
+                    "597F1FEA742D73EEC7F37BE43949EF1A0D15C3F3E3FC0A8335617055AC91328E" +
+                    "C22B50FC15B941D3D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16),
+            // q
+            new BigInteger("CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16),
+            // g
+            new BigInteger(
+                "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE3B7ACCC54D521E37" +
+                    "F84A4BDD5B06B0970CC2D2BBB715F7B82846F9A0C393914C792E6A923E2117AB" +
+                    "805276A975AADB5261D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" +
+                    "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A60126FEB2CF05DB8" +
+                    "A7F0F09B3397F3937F2E90B9E5B9C9B6EFEF642BC48351C46FB171B9BFA9EF17" +
+                    "A961CE96C7E7A7CC3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" +
+                    "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B67299E231F8BD90B3" +
+                    "9AC3AE3BE0C6B6CACEF8289A2E2873D58E51E029CAFBD55E6841489AB66B5B4B" +
+                    "9BA6E2F784660896AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" +
+                    "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B988567A88126B914D7828" +
+                    "E2B63A6D7ED0747EC59E0E0A23CE7D8A74C1D2C2A7AFB6A29799620F00E11C33" +
+                    "787F7DED3B30E1A22D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16),
+            true
+        );
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs
new file mode 100644
index 0000000..9e4ab7a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs
@@ -0,0 +1,101 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// The payload sent/received during the first round of a J-PAKE exchange.
+    /// 
+    /// Each JPAKEParticipant creates and sends an instance of this payload to
+    /// the other. The payload to send should be created via 
+    /// JPAKEParticipant.CreateRound1PayloadToSend().
+    /// 
+    /// Each participant must also validate the payload received from the other.
+    /// The received payload should be validated via 
+    /// JPAKEParticipant.ValidateRound1PayloadReceived(JPakeRound1Payload).
+    /// </summary>
+    public class JPakeRound1Payload
+    {
+        /// <summary>
+        /// The id of the JPAKEParticipant who created/sent this payload.
+        /// </summary>
+        private readonly string participantId;
+
+        /// <summary>
+        /// The value of g^x1
+        /// </summary>
+        private readonly BigInteger gx1;
+
+        /// <summary>
+        /// The value of g^x2
+        /// </summary>
+        private readonly BigInteger gx2;
+
+        /// <summary>
+        /// The zero knowledge proof for x1.
+        /// 
+        /// This is a two element array, containing {g^v, r} for x1.
+        /// </summary>
+        private readonly BigInteger[] knowledgeProofForX1;
+
+        /// <summary>
+        /// The zero knowledge proof for x2.
+        /// 
+        /// This is a two element array, containing {g^v, r} for x2.
+        /// </summary>
+        private readonly BigInteger[] knowledgeProofForX2;
+
+        public JPakeRound1Payload(string participantId, BigInteger gx1, BigInteger gx2, BigInteger[] knowledgeProofForX1, BigInteger[] knowledgeProofForX2)
+        {
+            JPakeUtilities.ValidateNotNull(participantId, "participantId");
+            JPakeUtilities.ValidateNotNull(gx1, "gx1");
+            JPakeUtilities.ValidateNotNull(gx2, "gx2");
+            JPakeUtilities.ValidateNotNull(knowledgeProofForX1, "knowledgeProofForX1");
+            JPakeUtilities.ValidateNotNull(knowledgeProofForX2, "knowledgeProofForX2");
+
+            this.participantId = participantId;
+            this.gx1 = gx1;
+            this.gx2 = gx2;
+            this.knowledgeProofForX1 = new BigInteger[knowledgeProofForX1.Length];
+            Array.Copy(knowledgeProofForX1, this.knowledgeProofForX1, knowledgeProofForX1.Length);
+            this.knowledgeProofForX2 = new BigInteger[knowledgeProofForX2.Length];
+            Array.Copy(knowledgeProofForX2, this.knowledgeProofForX2, knowledgeProofForX2.Length);
+        }
+
+        public virtual string ParticipantId
+        {
+            get { return participantId; }
+        }
+
+        public virtual BigInteger Gx1
+        {
+            get { return gx1; }
+        }
+
+        public virtual BigInteger Gx2
+        {
+            get { return gx2; }
+        }
+
+        public virtual BigInteger[] KnowledgeProofForX1
+        {
+            get
+            {
+                BigInteger[] kp = new BigInteger[knowledgeProofForX1.Length];
+                Array.Copy(knowledgeProofForX1, kp, knowledgeProofForX1.Length);
+                return kp;
+            }
+        }
+
+        public virtual BigInteger[] KnowledgeProofForX2
+        {
+            get
+            {
+                BigInteger[] kp = new BigInteger[knowledgeProofForX2.Length];
+                Array.Copy(knowledgeProofForX2, kp, knowledgeProofForX2.Length);
+                return kp;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs
new file mode 100644
index 0000000..47962cb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// The payload sent/received during the second round of a J-PAKE exchange.
+    /// 
+    /// Each JPAKEParticipant creates and sends an instance
+    /// of this payload to the other JPAKEParticipant.
+    /// The payload to send should be created via
+    /// JPAKEParticipant#createRound2PayloadToSend()
+    /// 
+    /// Each JPAKEParticipant must also validate the payload
+    /// received from the other JPAKEParticipant.
+    /// The received payload should be validated via
+    /// JPAKEParticipant#validateRound2PayloadReceived(JPakeRound2Payload)
+    /// </summary>
+    public class JPakeRound2Payload
+    {
+        /// <summary>
+        /// The id of the JPAKEParticipant who created/sent this payload.
+        /// </summary>
+        private readonly string participantId;
+
+        /// <summary>
+        /// The value of A, as computed during round 2.
+        /// </summary>
+        private readonly BigInteger a;
+
+        /// <summary>
+        /// The zero knowledge proof for x2 * s.
+        /// 
+        /// This is a two element array, containing {g^v, r} for x2 * s.
+        /// </summary>
+        private readonly BigInteger[] knowledgeProofForX2s;
+
+        public JPakeRound2Payload(string participantId, BigInteger a, BigInteger[] knowledgeProofForX2s)
+        {
+            JPakeUtilities.ValidateNotNull(participantId, "participantId");
+            JPakeUtilities.ValidateNotNull(a, "a");
+            JPakeUtilities.ValidateNotNull(knowledgeProofForX2s, "knowledgeProofForX2s");
+
+            this.participantId = participantId;
+            this.a = a;
+            this.knowledgeProofForX2s = new BigInteger[knowledgeProofForX2s.Length];
+            knowledgeProofForX2s.CopyTo(this.knowledgeProofForX2s, 0);
+        }
+
+        public virtual string ParticipantId
+        {
+            get { return participantId; }
+        }
+
+        public virtual BigInteger A
+        {
+            get { return a; }
+        }
+
+        public virtual BigInteger[] KnowledgeProofForX2s
+        {
+            get
+            {
+                BigInteger[] kp = new BigInteger[knowledgeProofForX2s.Length];
+                Array.Copy(knowledgeProofForX2s, kp, knowledgeProofForX2s.Length);
+                return kp;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs
new file mode 100644
index 0000000..767702f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// The payload sent/received during the optional third round of a J-PAKE exchange,
+    /// which is for explicit key confirmation.
+    ///
+    /// Each JPAKEParticipant creates and sends an instance
+    /// of this payload to the other JPAKEParticipant.
+    /// The payload to send should be created via
+    /// JPAKEParticipant#createRound3PayloadToSend(BigInteger)
+    ///
+    /// Eeach JPAKEParticipant must also validate the payload
+    /// received from the other JPAKEParticipant.
+    /// The received payload should be validated via
+    /// JPAKEParticipant#validateRound3PayloadReceived(JPakeRound3Payload, BigInteger)
+    /// </summary>
+    public class JPakeRound3Payload
+    {
+        /// <summary>
+        /// The id of the {@link JPAKEParticipant} who created/sent this payload.
+        /// </summary>
+        private readonly string participantId;
+
+        /// <summary>
+        /// The value of MacTag, as computed by round 3.
+        /// 
+        /// See JPAKEUtil#calculateMacTag(string, string, BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, org.bouncycastle.crypto.Digest)
+        /// </summary>
+        private readonly BigInteger macTag;
+
+        public JPakeRound3Payload(string participantId, BigInteger magTag)
+        {
+            this.participantId = participantId;
+            this.macTag = magTag;
+        }
+
+        public virtual string ParticipantId
+        {
+            get { return participantId; }
+        }
+
+        public virtual BigInteger MacTag
+        {
+            get { return macTag; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeUtilities.cs b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeUtilities.cs
new file mode 100644
index 0000000..b23518a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/jpake/JPakeUtilities.cs
@@ -0,0 +1,390 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Agreement.JPake
+{
+    /// <summary>
+    /// Primitives needed for a J-PAKE exchange.
+    /// 
+    /// The recommended way to perform a J-PAKE exchange is by using
+    /// two JPAKEParticipants.  Internally, those participants
+    /// call these primitive operations in JPakeUtilities.
+    /// 
+    /// The primitives, however, can be used without a JPAKEParticipant if needed.
+    /// </summary>
+    public abstract class JPakeUtilities
+    {
+        public static readonly BigInteger Zero = BigInteger.Zero;
+        public static readonly BigInteger One = BigInteger.One;
+
+        /// <summary>
+        /// Return a value that can be used as x1 or x3 during round 1.
+        /// The returned value is a random value in the range [0, q-1].
+        /// </summary>
+        public static BigInteger GenerateX1(BigInteger q, SecureRandom random)
+        {
+            BigInteger min = Zero;
+            BigInteger max = q.Subtract(One);
+            return BigIntegers.CreateRandomInRange(min, max, random);
+        }
+
+        /// <summary>
+        /// Return a value that can be used as x2 or x4 during round 1.
+        /// The returned value is a random value in the range [1, q-1].
+        /// </summary>
+        public static BigInteger GenerateX2(BigInteger q, SecureRandom random)
+        {
+            BigInteger min = One;
+            BigInteger max = q.Subtract(One);
+            return BigIntegers.CreateRandomInRange(min, max, random);
+        }
+
+        /// <summary>
+        /// Converts the given password to a BigInteger
+        /// for use in arithmetic calculations.
+        /// </summary>
+        public static BigInteger CalculateS(char[] password)
+        {
+            return new BigInteger(Encoding.UTF8.GetBytes(password));
+        }
+
+        /// <summary>
+        /// Calculate g^x mod p as done in round 1.
+        /// </summary>
+        public static BigInteger CalculateGx(BigInteger p, BigInteger g, BigInteger x)
+        {
+            return g.ModPow(x, p);
+        }
+
+        /// <summary>
+        /// Calculate ga as done in round 2.
+        /// </summary>
+        public static BigInteger CalculateGA(BigInteger p, BigInteger gx1, BigInteger gx3, BigInteger gx4)
+        {
+            // ga = g^(x1+x3+x4) = g^x1 * g^x3 * g^x4 
+            return gx1.Multiply(gx3).Multiply(gx4).Mod(p);
+        }
+
+        /// <summary>
+        /// Calculate x2 * s as done in round 2.
+        /// </summary>
+        public static BigInteger CalculateX2s(BigInteger q, BigInteger x2, BigInteger s)
+        {
+            return x2.Multiply(s).Mod(q);
+        }
+
+        /// <summary>
+        /// Calculate A as done in round 2. 
+        /// </summary>
+        public static BigInteger CalculateA(BigInteger p, BigInteger q, BigInteger gA, BigInteger x2s)
+        {
+            // A = ga^(x*s)
+            return gA.ModPow(x2s, p);
+        }
+
+        /// <summary>
+        /// Calculate a zero knowledge proof of x using Schnorr's signature.
+        /// The returned array has two elements {g^v, r = v-x*h} for x.
+        /// </summary>
+        public static BigInteger[] CalculateZeroKnowledgeProof(BigInteger p, BigInteger q, BigInteger g,
+            BigInteger gx, BigInteger x, string participantId, IDigest digest, SecureRandom random)
+        {
+            /* Generate a random v, and compute g^v */
+            BigInteger vMin = Zero;
+            BigInteger vMax = q.Subtract(One);
+            BigInteger v = BigIntegers.CreateRandomInRange(vMin, vMax, random);
+
+            BigInteger gv = g.ModPow(v, p);
+            BigInteger h = CalculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest); // h
+
+            return new BigInteger[]
+            {
+                gv,
+                v.Subtract(x.Multiply(h)).Mod(q) // r = v-x*h
+            };
+        }
+
+        private static BigInteger CalculateHashForZeroKnowledgeProof(BigInteger g, BigInteger gr, BigInteger gx,
+            string participantId, IDigest digest)
+        {
+            digest.Reset();
+
+            UpdateDigestIncludingSize(digest, g);
+
+            UpdateDigestIncludingSize(digest, gr);
+
+            UpdateDigestIncludingSize(digest, gx);
+
+            UpdateDigestIncludingSize(digest, participantId);
+
+            byte[] output = DigestUtilities.DoFinal(digest);
+
+            return new BigInteger(output);
+        }
+
+        /// <summary>
+        /// Validates that g^x4 is not 1.
+        /// throws CryptoException if g^x4 is 1
+        /// </summary>
+        public static void ValidateGx4(BigInteger gx4)
+        {
+            if (gx4.Equals(One))
+                throw new CryptoException("g^x validation failed.  g^x should not be 1.");
+        }
+
+        /// <summary>
+        /// Validates that ga is not 1.
+        /// 
+        /// As described by Feng Hao...
+        /// Alice could simply check ga != 1 to ensure it is a generator.
+        /// In fact, as we will explain in Section 3, (x1 + x3 + x4 ) is random over Zq even in the face of active attacks.
+        /// Hence, the probability for ga = 1 is extremely small - on the order of 2^160 for 160-bit q.
+        /// 
+        /// throws CryptoException if ga is 1
+        /// </summary>
+        public static void ValidateGa(BigInteger ga)
+        {
+            if (ga.Equals(One))
+                throw new CryptoException("ga is equal to 1.  It should not be.  The chances of this happening are on the order of 2^160 for a 160-bit q.  Try again.");
+        }
+
+        /// <summary>
+        /// Validates the zero knowledge proof (generated by
+        /// calculateZeroKnowledgeProof(BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, string, Digest, SecureRandom)
+        /// is correct.
+        /// 
+        /// throws CryptoException if the zero knowledge proof is not correct
+        /// </summary>
+        public static void ValidateZeroKnowledgeProof(BigInteger p, BigInteger q, BigInteger g,
+            BigInteger gx, BigInteger[] zeroKnowledgeProof, string participantId, IDigest digest)
+        {
+            /* sig={g^v,r} */
+            BigInteger gv = zeroKnowledgeProof[0];
+            BigInteger r = zeroKnowledgeProof[1];
+
+            BigInteger h = CalculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest);
+            if (!(gx.CompareTo(Zero) == 1 && // g^x > 0
+                gx.CompareTo(p) == -1 && // g^x < p
+                gx.ModPow(q, p).CompareTo(One) == 0 && // g^x^q mod q = 1
+                /*
+                 * Below, I took a straightforward way to compute g^r * g^x^h,
+                 * which needs 2 exp. Using a simultaneous computation technique
+                 * would only need 1 exp.
+                 */
+                g.ModPow(r, p).Multiply(gx.ModPow(h, p)).Mod(p).CompareTo(gv) == 0)) // g^v=g^r * g^x^h
+            {
+                throw new CryptoException("Zero-knowledge proof validation failed");
+            }
+        }
+
+        /// <summary>
+        /// Calculates the keying material, which can be done after round 2 has completed.
+        /// A session key must be derived from this key material using a secure key derivation function (KDF).
+        /// The KDF used to derive the key is handled externally (i.e. not by JPAKEParticipant).
+        /// 
+        /// KeyingMaterial = (B/g^{x2*x4*s})^x2
+        /// </summary>
+        public static BigInteger CalculateKeyingMaterial(BigInteger p, BigInteger q, 
+            BigInteger gx4, BigInteger x2, BigInteger s, BigInteger B)
+        {
+            return gx4.ModPow(x2.Multiply(s).Negate().Mod(q), p).Multiply(B).ModPow(x2, p);
+        }
+
+        /// <summary>
+        /// Validates that the given participant ids are not equal.
+        /// (For the J-PAKE exchange, each participant must use a unique id.)
+        ///
+        /// Throws CryptoException if the participantId strings are equal.
+        /// </summary>
+        public static void ValidateParticipantIdsDiffer(string participantId1, string participantId2)
+        {
+            if (participantId1.Equals(participantId2))
+            {
+                throw new CryptoException(
+                    "Both participants are using the same participantId ("
+                        + participantId1
+                        + "). This is not allowed. "
+                        + "Each participant must use a unique participantId.");
+            }
+        }
+
+        /// <summary>
+        /// Validates that the given participant ids are equal.
+        /// This is used to ensure that the payloads received from
+        /// each round all come from the same participant.
+        /// </summary>
+        public static void ValidateParticipantIdsEqual(string expectedParticipantId, string actualParticipantId)
+        {
+            if (!expectedParticipantId.Equals(actualParticipantId))
+            {
+                throw new CryptoException(
+                    "Received payload from incorrect partner ("
+                        + actualParticipantId
+                        + "). Expected to receive payload from "
+                        + expectedParticipantId
+                        + ".");
+            }
+        }
+
+        /// <summary>
+        /// Validates that the given object is not null.
+        /// throws NullReferenceException if the object is null.
+        /// </summary>
+        /// <param name="obj">object in question</param>
+        /// <param name="description">name of the object (to be used in exception message)</param>
+        public static void ValidateNotNull(object obj, string description)
+        {
+            if (obj == null)
+                throw new ArgumentNullException(description);
+        }
+
+        /// <summary>
+        /// Calculates the MacTag (to be used for key confirmation), as defined by
+        /// <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
+        /// Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
+        ///
+        /// MacTag = HMAC(MacKey, MacLen, MacData)
+        /// MacKey = H(K || "JPAKE_KC")
+        /// MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4
+        ///
+        /// Note that both participants use "KC_1_U" because the sender of the round 3 message
+        /// is always the initiator for key confirmation.
+        ///
+        /// HMAC = {@link HMac} used with the given {@link Digest}
+        /// H = The given {@link Digest}
+        /// MacLen = length of MacTag
+        /// </summary>
+        public static BigInteger CalculateMacTag(string participantId, string partnerParticipantId,
+            BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4, BigInteger keyingMaterial, IDigest digest)
+        {
+            byte[] macKey = CalculateMacKey(keyingMaterial, digest);
+
+            HMac mac = new HMac(digest);
+            mac.Init(new KeyParameter(macKey));
+            Arrays.Fill(macKey, (byte)0);
+
+            /*
+             * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4.
+             */
+            UpdateMac(mac, "KC_1_U");
+            UpdateMac(mac, participantId);
+            UpdateMac(mac, partnerParticipantId);
+            UpdateMac(mac, gx1);
+            UpdateMac(mac, gx2);
+            UpdateMac(mac, gx3);
+            UpdateMac(mac, gx4);
+
+            byte[] macOutput = MacUtilities.DoFinal(mac);
+
+            return new BigInteger(macOutput);
+        }
+
+        /// <summary>
+        /// Calculates the MacKey (i.e. the key to use when calculating the MagTag for key confirmation).
+        /// 
+        /// MacKey = H(K || "JPAKE_KC")
+        /// </summary>
+        private static byte[] CalculateMacKey(BigInteger keyingMaterial, IDigest digest)
+        {
+            digest.Reset();
+
+            UpdateDigest(digest, keyingMaterial);
+            /*
+             * This constant is used to ensure that the macKey is NOT the same as the derived key.
+             */
+            UpdateDigest(digest, "JPAKE_KC");
+
+            return DigestUtilities.DoFinal(digest);
+        }
+
+        /// <summary>
+        /// Validates the MacTag received from the partner participant.
+        /// 
+        /// throws CryptoException if the participantId strings are equal.
+        /// </summary>
+        public static void ValidateMacTag(string participantId, string partnerParticipantId,
+            BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4,
+            BigInteger keyingMaterial, IDigest digest, BigInteger partnerMacTag)
+        {
+            /*
+             * Calculate the expected MacTag using the parameters as the partner
+             * would have used when the partner called calculateMacTag.
+             * 
+             * i.e. basically all the parameters are reversed.
+             * participantId <-> partnerParticipantId
+             *            x1 <-> x3
+             *            x2 <-> x4
+             */
+            BigInteger expectedMacTag = CalculateMacTag(partnerParticipantId, participantId, gx3, gx4, gx1, gx2, keyingMaterial, digest);
+
+            if (!expectedMacTag.Equals(partnerMacTag))
+            {
+                throw new CryptoException(
+                    "Partner MacTag validation failed. "
+                        + "Therefore, the password, MAC, or digest algorithm of each participant does not match.");
+            }
+        }
+
+        private static void UpdateDigest(IDigest digest, BigInteger bigInteger)
+        {
+            UpdateDigest(digest, BigIntegers.AsUnsignedByteArray(bigInteger));
+        }
+
+        private static void UpdateDigest(IDigest digest, string str)
+        {
+            UpdateDigest(digest, Encoding.UTF8.GetBytes(str));
+        }
+
+        private static void UpdateDigest(IDigest digest, byte[] bytes)
+        {
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            Arrays.Fill(bytes, (byte)0);
+        }
+
+        private static void UpdateDigestIncludingSize(IDigest digest, BigInteger bigInteger)
+        {
+            UpdateDigestIncludingSize(digest, BigIntegers.AsUnsignedByteArray(bigInteger));
+        }
+
+        private static void UpdateDigestIncludingSize(IDigest digest, string str)
+        {
+            UpdateDigestIncludingSize(digest, Encoding.UTF8.GetBytes(str));
+        }
+
+        private static void UpdateDigestIncludingSize(IDigest digest, byte[] bytes)
+        {
+            digest.BlockUpdate(IntToByteArray(bytes.Length), 0, 4);
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+            Arrays.Fill(bytes, (byte)0);
+        }
+
+        private static void UpdateMac(IMac mac, BigInteger bigInteger)
+        {
+            UpdateMac(mac, BigIntegers.AsUnsignedByteArray(bigInteger));
+        }
+
+        private static void UpdateMac(IMac mac, string str)
+        {
+            UpdateMac(mac, Encoding.UTF8.GetBytes(str));
+        }
+
+        private static void UpdateMac(IMac mac, byte[] bytes)
+        {
+            mac.BlockUpdate(bytes, 0, bytes.Length);
+            Arrays.Fill(bytes, (byte)0);
+        }
+
+        private static byte[] IntToByteArray(int value)
+        {
+            return Pack.UInt32_To_BE((uint)value);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/kdf/DHKdfParameters.cs b/bc-sharp-crypto/src/crypto/agreement/kdf/DHKdfParameters.cs
new file mode 100644
index 0000000..f6c9e60
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/kdf/DHKdfParameters.cs
@@ -0,0 +1,57 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Kdf
+{
+	public class DHKdfParameters
+		: IDerivationParameters
+	{
+		private readonly DerObjectIdentifier algorithm;
+		private readonly int keySize;
+		private readonly byte[] z;
+		private readonly byte[] extraInfo;
+
+		public DHKdfParameters(
+			DerObjectIdentifier	algorithm,
+			int					keySize,
+			byte[]				z)
+			: this(algorithm, keySize, z, null)
+		{
+		}
+
+		public DHKdfParameters(
+			DerObjectIdentifier algorithm,
+			int keySize,
+			byte[] z,
+			byte[] extraInfo)
+		{
+			this.algorithm = algorithm;
+			this.keySize = keySize;
+			this.z = z; // TODO Clone?
+			this.extraInfo = extraInfo;
+		}
+
+		public DerObjectIdentifier Algorithm
+		{
+			get { return algorithm; }
+		}
+
+		public int KeySize
+		{
+			get { return keySize; }
+		}
+
+		public byte[] GetZ()
+		{
+			// TODO Clone?
+			return z;
+		}
+
+		public byte[] GetExtraInfo()
+		{
+			// TODO Clone?
+			return extraInfo;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/kdf/DHKekGenerator.cs b/bc-sharp-crypto/src/crypto/agreement/kdf/DHKekGenerator.cs
new file mode 100644
index 0000000..259e21e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/kdf/DHKekGenerator.cs
@@ -0,0 +1,112 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Kdf
+{
+    /**
+    * RFC 2631 Diffie-hellman KEK derivation function.
+    */
+    public class DHKekGenerator
+        : IDerivationFunction
+    {
+        private readonly IDigest digest;
+
+        private DerObjectIdentifier	algorithm;
+        private int					keySize;
+        private byte[]				z;
+        private byte[]				partyAInfo;
+
+        public DHKekGenerator(IDigest digest)
+        {
+            this.digest = digest;
+        }
+
+        public virtual void Init(IDerivationParameters param)
+        {
+            DHKdfParameters parameters = (DHKdfParameters)param;
+
+            this.algorithm = parameters.Algorithm;
+            this.keySize = parameters.KeySize;
+            this.z = parameters.GetZ(); // TODO Clone?
+            this.partyAInfo = parameters.GetExtraInfo(); // TODO Clone?
+        }
+
+        public virtual IDigest Digest
+        {
+            get { return digest; }
+        }
+
+        public virtual int GenerateBytes(byte[]	outBytes, int outOff, int len)
+        {
+            if ((outBytes.Length - len) < outOff)
+            {
+                throw new DataLengthException("output buffer too small");
+            }
+
+            long oBytes = len;
+            int outLen = digest.GetDigestSize();
+
+            //
+            // this is at odds with the standard implementation, the
+            // maximum value should be hBits * (2^32 - 1) where hBits
+            // is the digest output size in bits. We can't have an
+            // array with a long index at the moment...
+            //
+            if (oBytes > ((2L << 32) - 1))
+            {
+                throw new ArgumentException("Output length too large");
+            }
+
+            int cThreshold = (int)((oBytes + outLen - 1) / outLen);
+
+            byte[] dig = new byte[digest.GetDigestSize()];
+
+            uint counter = 1;
+
+            for (int i = 0; i < cThreshold; i++)
+            {
+                digest.BlockUpdate(z, 0, z.Length);
+
+                // KeySpecificInfo
+                DerSequence keyInfo = new DerSequence(
+                    algorithm,
+                    new DerOctetString(Pack.UInt32_To_BE(counter)));
+
+                // OtherInfo
+                Asn1EncodableVector v1 = new Asn1EncodableVector(keyInfo);
+
+                if (partyAInfo != null)
+                {
+                    v1.Add(new DerTaggedObject(true, 0, new DerOctetString(partyAInfo)));
+                }
+
+                v1.Add(new DerTaggedObject(true, 2, new DerOctetString(Pack.UInt32_To_BE((uint)keySize))));
+
+                byte[] other = new DerSequence(v1).GetDerEncoded();
+
+                digest.BlockUpdate(other, 0, other.Length);
+
+                digest.DoFinal(dig, 0);
+
+                if (len > outLen)
+                {
+                    Array.Copy(dig, 0, outBytes, outOff, outLen);
+                    outOff += outLen;
+                    len -= outLen;
+                }
+                else
+                {
+                    Array.Copy(dig, 0, outBytes, outOff, len);
+                }
+
+                counter++;
+            }
+
+            digest.Reset();
+
+            return (int)oBytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs b/bc-sharp-crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs
new file mode 100644
index 0000000..7446457
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs
@@ -0,0 +1,55 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Kdf
+{
+    /**
+    * X9.63 based key derivation function for ECDH CMS.
+    */
+    public class ECDHKekGenerator
+        : IDerivationFunction
+    {
+        private readonly IDerivationFunction kdf;
+
+        private DerObjectIdentifier	algorithm;
+        private int					keySize;
+        private byte[]				z;
+
+        public ECDHKekGenerator(IDigest digest)
+        {
+            this.kdf = new Kdf2BytesGenerator(digest);
+        }
+
+        public virtual void Init(IDerivationParameters param)
+        {
+            DHKdfParameters parameters = (DHKdfParameters)param;
+
+            this.algorithm = parameters.Algorithm;
+            this.keySize = parameters.KeySize;
+            this.z = parameters.GetZ(); // TODO Clone?
+        }
+
+        public virtual IDigest Digest
+        {
+            get { return kdf.Digest; }
+        }
+
+        public virtual int GenerateBytes(byte[]	outBytes, int outOff, int len)
+        {
+            // TODO Create an ASN.1 class for this (RFC3278)
+            // ECC-CMS-SharedInfo
+            DerSequence s = new DerSequence(
+                new AlgorithmIdentifier(algorithm, DerNull.Instance),
+                new DerTaggedObject(true, 2, new DerOctetString(Pack.UInt32_To_BE((uint)keySize))));
+
+            kdf.Init(new KdfParameters(z, s.GetDerEncoded()));
+
+            return kdf.GenerateBytes(outBytes, outOff, len);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Client.cs b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Client.cs
new file mode 100644
index 0000000..f075d7a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Client.cs
@@ -0,0 +1,164 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Srp
+{
+	/**
+	 * Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
+	 * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
+	 * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
+	 */
+	public class Srp6Client
+	{
+	    protected BigInteger N;
+	    protected BigInteger g;
+
+	    protected BigInteger privA;
+	    protected BigInteger pubA;
+
+	    protected BigInteger B;
+
+	    protected BigInteger x;
+	    protected BigInteger u;
+	    protected BigInteger S;
+
+        protected BigInteger M1;
+	    protected BigInteger M2;
+	    protected BigInteger Key;
+
+        protected IDigest digest;
+	    protected SecureRandom random;
+
+	    public Srp6Client()
+	    {
+	    }
+
+	    /**
+	     * Initialises the client to begin new authentication attempt
+	     * @param N The safe prime associated with the client's verifier
+	     * @param g The group parameter associated with the client's verifier
+	     * @param digest The digest algorithm associated with the client's verifier
+	     * @param random For key generation
+	     */
+	    public virtual void Init(BigInteger N, BigInteger g, IDigest digest, SecureRandom random)
+	    {
+	        this.N = N;
+	        this.g = g;
+	        this.digest = digest;
+	        this.random = random;
+	    }
+
+        public virtual void Init(Srp6GroupParameters group, IDigest digest, SecureRandom random)
+        {
+            Init(group.N, group.G, digest, random);
+        }
+
+	    /**
+	     * Generates client's credentials given the client's salt, identity and password
+	     * @param salt The salt used in the client's verifier.
+	     * @param identity The user's identity (eg. username)
+	     * @param password The user's password
+	     * @return Client's public value to send to server
+	     */
+	    public virtual BigInteger GenerateClientCredentials(byte[] salt, byte[] identity, byte[] password)
+	    {
+	        this.x = Srp6Utilities.CalculateX(digest, N, salt, identity, password);
+	        this.privA = SelectPrivateValue();
+	        this.pubA = g.ModPow(privA, N);
+
+	        return pubA;
+	    }
+
+	    /**
+	     * Generates client's verification message given the server's credentials
+	     * @param serverB The server's credentials
+	     * @return Client's verification message for the server
+	     * @throws CryptoException If server's credentials are invalid
+	     */
+	    public virtual BigInteger CalculateSecret(BigInteger serverB)
+	    {
+	        this.B = Srp6Utilities.ValidatePublicValue(N, serverB);
+	        this.u = Srp6Utilities.CalculateU(digest, N, pubA, B);
+	        this.S = CalculateS();
+
+	        return S;
+	    }
+
+	    protected virtual BigInteger SelectPrivateValue()
+	    {
+	    	return Srp6Utilities.GeneratePrivateValue(digest, N, g, random);    	
+	    }
+
+	    private BigInteger CalculateS()
+	    {
+	        BigInteger k = Srp6Utilities.CalculateK(digest, N, g);
+	        BigInteger exp = u.Multiply(x).Add(privA);
+	        BigInteger tmp = g.ModPow(x, N).Multiply(k).Mod(N);
+	        return B.Subtract(tmp).Mod(N).ModPow(exp, N);
+	    }
+    
+        /**
+	     * Computes the client evidence message M1 using the previously received values.
+	     * To be called after calculating the secret S.
+	     * @return M1: the client side generated evidence message
+	     * @throws CryptoException
+	     */
+	    public virtual BigInteger CalculateClientEvidenceMessage()
+	    {
+		    // Verify pre-requirements
+		    if (this.pubA == null || this.B == null || this.S == null)
+		    {
+			    throw new CryptoException("Impossible to compute M1: " +
+					    "some data are missing from the previous operations (A,B,S)");
+		    }
+		    // compute the client evidence message 'M1'
+		    this.M1 = Srp6Utilities.CalculateM1(digest, N, pubA, B, S);  
+		    return M1;
+	    }
+
+        /** Authenticates the server evidence message M2 received and saves it only if correct.
+	     * @param M2: the server side generated evidence message
+	     * @return A boolean indicating if the server message M2 was the expected one.
+	     * @throws CryptoException
+	     */
+	    public virtual bool VerifyServerEvidenceMessage(BigInteger serverM2)
+	    {
+		    // Verify pre-requirements
+		    if (this.pubA == null || this.M1 == null || this.S == null)
+		    {
+			    throw new CryptoException("Impossible to compute and verify M2: " +
+					    "some data are missing from the previous operations (A,M1,S)");
+		    }
+
+		    // Compute the own server evidence message 'M2'
+		    BigInteger computedM2 = Srp6Utilities.CalculateM2(digest, N, pubA, M1, S);
+		    if (computedM2.Equals(serverM2))
+		    {
+			    this.M2 = serverM2;
+			    return true;
+		    }
+		    return false;
+	    }
+
+	    /**
+	     * Computes the final session key as a result of the SRP successful mutual authentication
+	     * To be called after verifying the server evidence message M2.
+	     * @return Key: the mutually authenticated symmetric session key
+	     * @throws CryptoException
+	     */
+	    public virtual BigInteger CalculateSessionKey()
+	    {
+		    // Verify pre-requirements (here we enforce a previous calculation of M1 and M2)
+		    if (this.S == null || this.M1 == null || this.M2 == null)
+		    {
+			    throw new CryptoException("Impossible to compute Key: " +
+					    "some data are missing from the previous operations (S,M1,M2)");
+		    }
+		    this.Key = Srp6Utilities.CalculateKey(digest, N, S);
+		    return Key;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Server.cs b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Server.cs
new file mode 100644
index 0000000..fd0c9f1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Server.cs
@@ -0,0 +1,163 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Srp
+{
+	/**
+	 * Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
+	 * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
+	 * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
+	 */
+	public class Srp6Server
+	{
+	    protected BigInteger N;
+	    protected BigInteger g;
+	    protected BigInteger v;
+
+	    protected SecureRandom random;
+	    protected IDigest digest;
+
+	    protected BigInteger A;
+
+	    protected BigInteger privB;
+	    protected BigInteger pubB;
+
+	    protected BigInteger u;
+	    protected BigInteger S;
+        protected BigInteger M1;
+        protected BigInteger M2;
+        protected BigInteger Key;
+
+	    public Srp6Server()
+	    {
+	    }
+
+	    /**
+	     * Initialises the server to accept a new client authentication attempt
+	     * @param N The safe prime associated with the client's verifier
+	     * @param g The group parameter associated with the client's verifier
+	     * @param v The client's verifier
+	     * @param digest The digest algorithm associated with the client's verifier
+	     * @param random For key generation
+	     */
+	    public virtual void Init(BigInteger N, BigInteger g, BigInteger v, IDigest digest, SecureRandom random)
+	    {
+	        this.N = N;
+	        this.g = g;
+	        this.v = v;
+
+	        this.random = random;
+	        this.digest = digest;
+	    }
+
+        public virtual void Init(Srp6GroupParameters group, BigInteger v, IDigest digest, SecureRandom random)
+        {
+            Init(group.N, group.G, v, digest, random);
+        }
+
+	    /**
+	     * Generates the server's credentials that are to be sent to the client.
+	     * @return The server's public value to the client
+	     */
+	    public virtual BigInteger GenerateServerCredentials()
+	    {
+	        BigInteger k = Srp6Utilities.CalculateK(digest, N, g);
+	        this.privB = SelectPrivateValue();
+	    	this.pubB = k.Multiply(v).Mod(N).Add(g.ModPow(privB, N)).Mod(N);
+
+	        return pubB;
+	    }
+
+	    /**
+	     * Processes the client's credentials. If valid the shared secret is generated and returned.
+	     * @param clientA The client's credentials
+	     * @return A shared secret BigInteger
+	     * @throws CryptoException If client's credentials are invalid
+	     */
+	    public virtual BigInteger CalculateSecret(BigInteger clientA)
+	    {
+	        this.A = Srp6Utilities.ValidatePublicValue(N, clientA);
+	        this.u = Srp6Utilities.CalculateU(digest, N, A, pubB);
+	        this.S = CalculateS();
+
+	        return S;
+	    }
+
+	    protected virtual BigInteger SelectPrivateValue()
+	    {
+	    	return Srp6Utilities.GeneratePrivateValue(digest, N, g, random);    	
+	    }
+
+        private BigInteger CalculateS()
+	    {
+			return v.ModPow(u, N).Multiply(A).Mod(N).ModPow(privB, N);
+	    }
+
+        /** 
+	     * Authenticates the received client evidence message M1 and saves it only if correct.
+	     * To be called after calculating the secret S.
+	     * @param M1: the client side generated evidence message
+	     * @return A boolean indicating if the client message M1 was the expected one.
+	     * @throws CryptoException 
+	     */
+	    public virtual bool VerifyClientEvidenceMessage(BigInteger clientM1)
+	    {
+		    // Verify pre-requirements
+		    if (this.A == null || this.pubB == null || this.S == null)
+		    {
+			    throw new CryptoException("Impossible to compute and verify M1: " +
+					    "some data are missing from the previous operations (A,B,S)");
+		    }
+
+		    // Compute the own client evidence message 'M1'
+		    BigInteger computedM1 = Srp6Utilities.CalculateM1(digest, N, A, pubB, S);
+		    if (computedM1.Equals(clientM1))
+		    {
+			    this.M1 = clientM1;
+			    return true;
+		    }
+		    return false;
+	    }
+
+        /**
+	     * Computes the server evidence message M2 using the previously verified values.
+	     * To be called after successfully verifying the client evidence message M1.
+	     * @return M2: the server side generated evidence message
+	     * @throws CryptoException
+	     */
+	    public virtual BigInteger CalculateServerEvidenceMessage()
+	    {
+		    // Verify pre-requirements
+		    if (this.A == null || this.M1 == null || this.S == null)
+		    {
+			    throw new CryptoException("Impossible to compute M2: " +
+					    "some data are missing from the previous operations (A,M1,S)");
+		    }
+
+            // Compute the server evidence message 'M2'
+		    this.M2 = Srp6Utilities.CalculateM2(digest, N, A, M1, S);  
+		    return M2;
+	    }
+
+        /**
+	     * Computes the final session key as a result of the SRP successful mutual authentication
+	     * To be called after calculating the server evidence message M2.
+	     * @return Key: the mutual authenticated symmetric session key
+	     * @throws CryptoException
+	     */
+	    public virtual BigInteger CalculateSessionKey()
+	    {
+		    // Verify pre-requirements
+		    if (this.S == null || this.M1 == null || this.M2 == null)
+		    {
+			    throw new CryptoException("Impossible to compute Key: " +
+					    "some data are missing from the previous operations (S,M1,M2)");
+		    }
+		    this.Key = Srp6Utilities.CalculateKey(digest, N, S);
+		    return Key;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs
new file mode 100644
index 0000000..36f4aba
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs
@@ -0,0 +1,159 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Srp
+{
+    public class Srp6StandardGroups
+    {
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        private static Srp6GroupParameters FromNG(string hexN, string hexG)
+        {
+            return new Srp6GroupParameters(FromHex(hexN), FromHex(hexG));
+        }
+
+        /*
+         * RFC 5054
+         */
+        private const string rfc5054_1024_N = "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C"
+            + "9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4"
+            + "8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29"
+            + "7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A" + "FD5138FE8376435B9FC61D2FC0EB06E3";
+        private const string rfc5054_1024_g = "02";
+        public static readonly Srp6GroupParameters rfc5054_1024 = FromNG(rfc5054_1024_N, rfc5054_1024_g);
+
+        private const string rfc5054_1536_N = "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA961"
+            + "4B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F843"
+            + "80B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0B"
+            + "E3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF5"
+            + "6EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734A"
+            + "F7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E"
+            + "8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB";
+        private const string rfc5054_1536_g = "02";
+        public static readonly Srp6GroupParameters rfc5054_1536 = FromNG(rfc5054_1536_N, rfc5054_1536_g);
+
+        private const string rfc5054_2048_N = "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC319294"
+            + "3DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310D"
+            + "CD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FB"
+            + "D5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF74"
+            + "7359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A"
+            + "436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D"
+            + "5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E73"
+            + "03CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6"
+            + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F" + "9E4AFF73";
+        private const string rfc5054_2048_g = "02";
+        public static readonly Srp6GroupParameters rfc5054_2048 = FromNG(rfc5054_2048_N, rfc5054_2048_g);
+
+        private const string rfc5054_3072_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+            + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+            + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+            + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+            + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
+            + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
+            + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
+            + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
+            + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
+            + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
+            + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
+            + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + "E0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
+        private const string rfc5054_3072_g = "05";
+        public static readonly Srp6GroupParameters rfc5054_3072 = FromNG(rfc5054_3072_N, rfc5054_3072_g);
+
+        private const string rfc5054_4096_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+            + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+            + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+            + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+            + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
+            + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
+            + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
+            + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
+            + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
+            + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
+            + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
+            + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
+            + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
+            + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
+            + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
+            + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
+            + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + "FFFFFFFFFFFFFFFF";
+        private const string rfc5054_4096_g = "05";
+        public static readonly Srp6GroupParameters rfc5054_4096 = FromNG(rfc5054_4096_N, rfc5054_4096_g);
+
+        private const string rfc5054_6144_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+            + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+            + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+            + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+            + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
+            + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
+            + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
+            + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
+            + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
+            + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
+            + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
+            + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
+            + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
+            + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
+            + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
+            + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
+            + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
+            + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
+            + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
+            + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
+            + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
+            + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
+            + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
+            + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
+            + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
+            + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + "6DCC4024FFFFFFFFFFFFFFFF";
+        private const string rfc5054_6144_g = "05";
+        public static readonly Srp6GroupParameters rfc5054_6144 = FromNG(rfc5054_6144_N, rfc5054_6144_g);
+
+        private const string rfc5054_8192_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+            + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+            + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+            + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+            + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
+            + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
+            + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
+            + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
+            + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
+            + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
+            + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
+            + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
+            + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
+            + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
+            + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
+            + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
+            + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
+            + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
+            + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
+            + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
+            + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
+            + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
+            + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
+            + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
+            + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
+            + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
+            + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
+            + "6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA"
+            + "3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C"
+            + "5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
+            + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC886"
+            + "2F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6"
+            + "6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC5"
+            + "0846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268"
+            + "359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6"
+            + "FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
+        private const string rfc5054_8192_g = "13";
+        public static readonly Srp6GroupParameters rfc5054_8192 = FromNG(rfc5054_8192_N, rfc5054_8192_g);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Utilities.cs b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Utilities.cs
new file mode 100644
index 0000000..ef6d8f2
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6Utilities.cs
@@ -0,0 +1,153 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Srp
+{
+	public class Srp6Utilities
+	{
+		public static BigInteger CalculateK(IDigest digest, BigInteger N, BigInteger g)
+		{
+			return HashPaddedPair(digest, N, N, g);
+		}
+
+	    public static BigInteger CalculateU(IDigest digest, BigInteger N, BigInteger A, BigInteger B)
+	    {
+	    	return HashPaddedPair(digest, N, A, B);
+	    }
+
+		public static BigInteger CalculateX(IDigest digest, BigInteger N, byte[] salt, byte[] identity, byte[] password)
+	    {
+	        byte[] output = new byte[digest.GetDigestSize()];
+
+	        digest.BlockUpdate(identity, 0, identity.Length);
+	        digest.Update((byte)':');
+	        digest.BlockUpdate(password, 0, password.Length);
+	        digest.DoFinal(output, 0);
+
+	        digest.BlockUpdate(salt, 0, salt.Length);
+	        digest.BlockUpdate(output, 0, output.Length);
+	        digest.DoFinal(output, 0);
+
+	        return new BigInteger(1, output);
+	    }
+
+		public static BigInteger GeneratePrivateValue(IDigest digest, BigInteger N, BigInteger g, SecureRandom random)
+	    {
+			int minBits = System.Math.Min(256, N.BitLength / 2);
+	        BigInteger min = BigInteger.One.ShiftLeft(minBits - 1);
+	        BigInteger max = N.Subtract(BigInteger.One);
+
+	        return BigIntegers.CreateRandomInRange(min, max, random);
+	    }
+
+		public static BigInteger ValidatePublicValue(BigInteger N, BigInteger val)
+		{
+		    val = val.Mod(N);
+
+	        // Check that val % N != 0
+	        if (val.Equals(BigInteger.Zero))
+	            throw new CryptoException("Invalid public value: 0");
+
+		    return val;
+		}
+
+        /** 
+         * Computes the client evidence message (M1) according to the standard routine:
+         * M1 = H( A | B | S )
+         * @param digest The Digest used as the hashing function H
+         * @param N Modulus used to get the pad length
+         * @param A The public client value
+         * @param B The public server value
+         * @param S The secret calculated by both sides
+         * @return M1 The calculated client evidence message
+         */
+        public static BigInteger CalculateM1(IDigest digest, BigInteger N, BigInteger A, BigInteger B, BigInteger S)
+        {
+            BigInteger M1 = HashPaddedTriplet(digest, N, A, B, S);
+            return M1;
+        }
+
+        /** 
+         * Computes the server evidence message (M2) according to the standard routine:
+         * M2 = H( A | M1 | S )
+         * @param digest The Digest used as the hashing function H
+         * @param N Modulus used to get the pad length
+         * @param A The public client value
+         * @param M1 The client evidence message
+         * @param S The secret calculated by both sides
+         * @return M2 The calculated server evidence message
+         */
+        public static BigInteger CalculateM2(IDigest digest, BigInteger N, BigInteger A, BigInteger M1, BigInteger S)
+        {
+            BigInteger M2 = HashPaddedTriplet(digest, N, A, M1, S);
+            return M2;
+        }
+
+        /**
+         * Computes the final Key according to the standard routine: Key = H(S)
+         * @param digest The Digest used as the hashing function H
+         * @param N Modulus used to get the pad length
+         * @param S The secret calculated by both sides
+         * @return
+         */
+        public static BigInteger CalculateKey(IDigest digest, BigInteger N, BigInteger S)
+        {
+            int padLength = (N.BitLength + 7) / 8;
+            byte[] _S = GetPadded(S, padLength);
+            digest.BlockUpdate(_S, 0, _S.Length);
+
+            byte[] output = new byte[digest.GetDigestSize()];
+            digest.DoFinal(output, 0);
+            return new BigInteger(1, output);
+        }
+
+        private static BigInteger HashPaddedTriplet(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2, BigInteger n3)
+        {
+            int padLength = (N.BitLength + 7) / 8;
+
+            byte[] n1_bytes = GetPadded(n1, padLength);
+            byte[] n2_bytes = GetPadded(n2, padLength);
+            byte[] n3_bytes = GetPadded(n3, padLength);
+
+            digest.BlockUpdate(n1_bytes, 0, n1_bytes.Length);
+            digest.BlockUpdate(n2_bytes, 0, n2_bytes.Length);
+            digest.BlockUpdate(n3_bytes, 0, n3_bytes.Length);
+
+            byte[] output = new byte[digest.GetDigestSize()];
+            digest.DoFinal(output, 0);
+
+            return new BigInteger(1, output);
+        }
+
+        private static BigInteger HashPaddedPair(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2)
+		{
+	    	int padLength = (N.BitLength + 7) / 8;
+
+	    	byte[] n1_bytes = GetPadded(n1, padLength);
+	    	byte[] n2_bytes = GetPadded(n2, padLength);
+
+	        digest.BlockUpdate(n1_bytes, 0, n1_bytes.Length);
+	        digest.BlockUpdate(n2_bytes, 0, n2_bytes.Length);
+
+	        byte[] output = new byte[digest.GetDigestSize()];
+	        digest.DoFinal(output, 0);
+
+	        return new BigInteger(1, output);
+		}
+
+		private static byte[] GetPadded(BigInteger n, int length)
+		{
+			byte[] bs = BigIntegers.AsUnsignedByteArray(n);
+			if (bs.Length < length)
+			{
+				byte[] tmp = new byte[length];
+				Array.Copy(bs, 0, tmp, length - bs.Length, bs.Length);
+				bs = tmp;
+			}
+			return bs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs
new file mode 100644
index 0000000..9569735
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs
@@ -0,0 +1,55 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Agreement.Srp
+{
+	/**
+	 * Generates new SRP verifier for user
+	 */
+	public class Srp6VerifierGenerator
+	{
+	    protected BigInteger N;
+	    protected BigInteger g;
+	    protected IDigest digest;
+
+	    public Srp6VerifierGenerator()
+	    {
+	    }
+
+	    /**
+	     * Initialises generator to create new verifiers
+	     * @param N The safe prime to use (see DHParametersGenerator)
+	     * @param g The group parameter to use (see DHParametersGenerator)
+	     * @param digest The digest to use. The same digest type will need to be used later for the actual authentication
+	     * attempt. Also note that the final session key size is dependent on the chosen digest.
+	     */
+	    public virtual void Init(BigInteger N, BigInteger g, IDigest digest)
+	    {
+	        this.N = N;
+	        this.g = g;
+	        this.digest = digest;
+	    }
+
+        public virtual void Init(Srp6GroupParameters group, IDigest digest)
+        {
+            Init(group.N, group.G, digest);
+        }
+
+        /**
+	     * Creates a new SRP verifier
+	     * @param salt The salt to use, generally should be large and random
+	     * @param identity The user's identifying information (eg. username)
+	     * @param password The user's password
+	     * @return A new verifier for use in future SRP authentication
+	     */
+	    public virtual BigInteger GenerateVerifier(byte[] salt, byte[] identity, byte[] password)
+	    {
+	    	BigInteger x = Srp6Utilities.CalculateX(digest, N, salt, identity, password);
+
+	        return g.ModPow(x, N);
+	    }
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/digests/DSTU7564Digest.cs b/bc-sharp-crypto/src/crypto/digests/DSTU7564Digest.cs
new file mode 100644
index 0000000..9de41dd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/DSTU7564Digest.cs
@@ -0,0 +1,562 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+//using Org.BouncyCastle.Utilities;
+
+
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+     /**
+	* implementation of Ukrainian DSTU 7564 hash function
+	*/
+     public class Dstu7564Digest : IDigest, IMemoable
+     {
+          private const int ROWS = 8;
+          private const int REDUCTION_POLYNOMIAL = 0x011d;
+          private const int BITS_IN_BYTE = 8;
+
+
+          private const int NB_512 = 8;  //Number of 8-byte words in state for <=256-bit hash code.
+          private const int NB_1024 = 16;  //Number of 8-byte words in state for <=512-bit hash code. 
+
+          private const int NR_512 = 10;  //Number of rounds for 512-bit state.
+          private const int NR_1024 = 14;  //Number of rounds for 1024-bit state.
+
+          private const int STATE_BYTE_SIZE_512 = ROWS * NB_512;
+          private const int STATE_BYTE_SIZE_1024 = ROWS * NB_1024;
+
+          private int hashSize;
+          private int blockSize;
+
+
+
+          private int columns;
+          private int rounds;
+
+
+          private byte[] padded_;
+
+          private byte[][] state_;
+
+        private ulong inputLength;
+        private int bufOff;
+        private byte[] buf;
+
+        public Dstu7564Digest(Dstu7564Digest digest)
+        {
+            copyIn(digest);
+        }
+
+        private void copyIn(Dstu7564Digest digest)
+        {
+            this.hashSize = digest.hashSize;
+            this.blockSize = digest.blockSize;
+
+            this.columns = digest.columns;
+            this.rounds = digest.rounds;
+
+            this.padded_ = Arrays.Clone(digest.padded_);
+            this.state_ = new byte[digest.state_.Length][];
+            for (int i = 0; i != this.state_.Length; i++)
+            {
+                this.state_[i] = Arrays.Clone(digest.state_[i]);
+            }
+
+            this.inputLength = digest.inputLength;
+            this.bufOff = digest.bufOff;
+            this.buf = Arrays.Clone(digest.buf);
+        }
+
+        public Dstu7564Digest(int hashSizeBits)
+          {
+               if (hashSizeBits == 256 || hashSizeBits == 384 || hashSizeBits == 512)
+               {
+                    this.hashSize = hashSizeBits / 8;
+               }
+               else
+               {
+                    throw new ArgumentException("Hash size is not recommended. Use 256 or 384 or 512 size");
+               }
+
+               if (hashSizeBits > 256)
+               {
+                    this.blockSize = 1024 / 8;
+                    this.columns = NB_1024;
+                    this.rounds = NR_1024;
+                    this.state_ = new byte[STATE_BYTE_SIZE_1024][];
+
+               }
+               else
+               {
+                    this.blockSize = 512 / 8;
+                    this.columns = NB_512;
+                    this.rounds = NR_512;
+                    this.state_ = new byte[STATE_BYTE_SIZE_512][];
+
+               }
+
+               //Console.WriteLine("length: " + state_.Length);
+
+               for (int i = 0; i < state_.Length; i++)
+               {
+                    this.state_[i] = new byte[columns];
+               }
+
+               this.state_[0][0] = (byte)state_.Length;
+               
+               this.hashSize = hashSizeBits / 8;
+
+               this.padded_ = null;
+               this.buf = new byte[blockSize];
+        }
+
+          public string AlgorithmName
+          {
+               get { return "DSTU7564"; }
+          }
+
+
+          public virtual void BlockUpdate(byte[] input, int inOff, int length)
+          {
+            while (bufOff != 0 && length > 0)
+            {
+                Update(input[inOff++]);
+                length--;
+            }
+
+            if (length > 0)
+            {
+                while (length > blockSize)
+                {
+                    ProcessBlock(input, inOff);
+                    inOff += blockSize;
+                    inputLength += (ulong)blockSize;
+                    length -= blockSize;
+                }
+
+                while (length > 0)
+                {
+                    Update(input[inOff++]);
+                    length--;
+                }
+            }
+        }
+
+          protected byte[] Pad(byte[] input, int inOff, int length)
+          {
+            //Console.WriteLine(length);
+
+            byte[] padded;
+            if (blockSize - length < 13)         // terminator byte + 96 bits of length
+            {
+                padded = new byte[2 * blockSize];
+            }
+            else
+            {
+                padded = new byte[blockSize];
+            }
+
+
+              Array.Copy(input, inOff, padded, 0, length);
+              padded[length] = 0x80;
+              Pack.UInt64_To_LE(inputLength * 8, padded, padded.Length - 12);
+
+              return padded;
+          }
+
+          protected void ProcessBlock(byte[] input, int inOff)
+          {
+               byte[][] temp1 = new byte[STATE_BYTE_SIZE_1024][];
+               byte[][] temp2 = new byte[STATE_BYTE_SIZE_1024][];
+
+               for (int i = 0; i < state_.Length; i++)
+               {
+                    temp1[i] = new byte[ROWS];
+                    temp2[i] = new byte[ROWS];
+               }
+               
+               for (int i = 0; i < ROWS; ++i)
+               {
+                    for (int j = 0; j < columns; ++j)
+                    {
+                         //Console.WriteLine("row = {0}, column = {1}", i, j);
+
+                         temp1[j][i] = (byte)(state_[j][i] ^ input[j * ROWS + i + inOff]);
+                         temp2[j][i] = input[j * ROWS + i + inOff];
+
+                    }
+                    
+               }
+
+               P(temp1);
+
+               Q(temp2);
+
+               for (int i = 0; i < ROWS; ++i)
+               {
+                    for (int j = 0; j < columns; ++j)
+                    {
+                         state_[j][i] ^= (byte)(temp1[j][i] ^ temp2[j][i]);
+
+                    }
+ 
+               }
+          }
+
+          public int DoFinal(byte[] output, int outOff)
+          {
+            padded_ = Pad(buf, 0, bufOff);
+
+            int paddedLen = padded_.Length;
+            int paddedOff = 0;
+
+            while (paddedLen != 0)
+            {
+                ProcessBlock(padded_, paddedOff);
+                paddedOff += blockSize;
+                paddedLen -= blockSize;
+            }
+
+
+            //Console.WriteLine(stateLine.Length);
+
+            byte[][] temp = new byte[STATE_BYTE_SIZE_1024][];
+               for (int i = 0; i < state_.Length; i++)
+               {
+                    temp[i] = new byte[ROWS];
+                    Array.Copy(state_[i], temp[i], ROWS);
+               }
+
+            P(temp);
+
+            for (int i = 0; i < ROWS; ++i)
+            {
+                 for (int j = 0; j < columns; ++j)
+                 {
+                      state_[j][i] ^= temp[j][i];
+                      //Console.Write("{0:x} ", state_[j][i]);
+                 }
+                 //Console.WriteLine();
+            }
+
+            byte[] stateLine = new byte[ROWS * columns];
+            int stateLineIndex = 0;
+               for (int j = 0; j < columns; ++j)
+               {
+                    for (int i = 0; i < ROWS; ++i)
+                    {
+                    
+                         stateLine[stateLineIndex] = state_[j][i];
+                         stateLineIndex++;
+
+                         //Console.WriteLine("index = {0}, row = {1}, column = {2}", stateLineIndex, i, j);
+
+                    }
+               }
+               
+               //Console.WriteLine("final: " + Hex.ToHexString(stateLine));
+               //Console.WriteLine(stateLine.Length);
+               
+               Array.Copy(stateLine, stateLine.Length - hashSize, output, outOff, hashSize);
+
+                Reset();
+
+               return hashSize;
+          }
+
+          public void Reset()
+          {
+            for (int bufferIndex = 0; bufferIndex < state_.Length; bufferIndex++)
+            {
+                state_[bufferIndex] = new byte[columns];
+            }
+
+            state_[0][0] = (byte)state_.Length;
+
+            inputLength = 0;
+            bufOff = 0;
+
+            Arrays.Fill(buf, (byte)0);
+
+            if (padded_ != null)
+            {
+                Arrays.Fill(padded_, (byte)0);
+            }
+        }
+
+          public int GetDigestSize()
+          {
+               return hashSize;
+          }
+
+          public int GetByteLength()
+          {
+               return blockSize;
+          }
+
+          public void Update(byte input)
+          {
+            buf[bufOff++] = input;
+            if (bufOff == blockSize)
+            {
+                ProcessBlock(buf, 0);
+                bufOff = 0;
+            }
+            inputLength++;
+          }
+
+        void SubBytes(byte[][] state)
+          {
+               int i, j;
+               for (i = 0; i < ROWS; ++i)
+               {
+                    for (j = 0; j < columns; ++j)
+                    {
+                         state[j][i] = sBoxes[i % 4][state[j][i]];
+                    }
+               }
+          }
+
+          void ShiftBytes(byte[][] state)
+          {
+               int i, j;
+               byte[] temp = new byte[NB_1024];
+               int shift = -1;
+               for (i = 0; i < ROWS; ++i)
+               {
+                    if ((i == ROWS - 1) && (columns == NB_1024))
+                    {
+                         shift = 11;
+                    }
+                    else
+                    {
+                         ++shift;
+                    }
+                    for (j = 0; j < columns; ++j)
+                    {
+                         temp[(j + shift) % columns] = state[j][i];
+                    }
+                    for (j = 0; j < columns; ++j)
+                    {
+                         state[j][i] = temp[j];
+                    }
+               }
+          }
+
+          byte MultiplyGF(byte x, byte y)
+          {
+               int i;
+               byte r = 0;
+               byte hbit = 0;
+               for (i = 0; i < BITS_IN_BYTE; ++i)
+               {
+                    if ((y & 0x1) == 1)
+                    {
+                         r ^= x;
+                    }
+
+                    hbit = (byte)(x & 0x80);
+
+                    x <<= 1;
+
+                    if (hbit == 0x80)
+                    {
+                         x = (byte)((int)x ^ REDUCTION_POLYNOMIAL);
+                    }
+
+                    y >>= 1;
+               }
+               return r;
+          }
+
+          private void MixColumns(byte[][] state)
+          {
+               int i, row, col, b;
+               byte product;
+               byte[] result = new byte[ROWS];
+
+               for (col = 0; col < columns; ++col)
+               {
+                    Array.Clear(result, 0, ROWS);
+                    for (row = ROWS - 1; row >= 0; --row)
+                    {
+                         product = 0;
+                         for (b = ROWS - 1; b >= 0; --b)
+                         {
+                              product ^= MultiplyGF(state[col][b], mds_matrix[row][b]);
+                         }
+                         result[row] = product;
+                    }
+                    for (i = 0; i < ROWS; ++i)
+                    {
+                         state[col][i] = result[i];
+                    }
+               }
+          }
+
+          void AddRoundConstantP(byte[][] state, int round)
+          {
+               int i;
+               for (i = 0; i < columns; ++i)
+               {
+                    state[i][0] ^= (byte)((i * 0x10) ^ round);
+               }
+          }
+
+          void AddRoundConstantQ(byte[][] state, int round)
+          {
+               int j;
+               UInt64[] s = new UInt64[columns];
+
+               for (j = 0; j < columns; j++)
+               {
+                    s[j] = Pack.LE_To_UInt64(state[j]);
+
+                    s[j] = s[j] + (0x00F0F0F0F0F0F0F3UL ^ ((((UInt64)(columns - j - 1) * 0x10UL) ^ (UInt64)round) << (7 * 8)));
+
+                    state[j] = Pack.UInt64_To_LE(s[j]);
+               }
+          }
+
+          void P(byte[][] state)
+          {
+               int i;
+               for (i = 0; i < rounds; ++i)
+               {
+                    AddRoundConstantP(state, i);
+                    SubBytes(state);
+                    ShiftBytes(state);
+                    MixColumns(state);
+               }
+          }
+
+          void Q(byte[][] state)
+          {
+               int i;
+               for (i = 0; i < rounds; ++i)
+               {
+                    AddRoundConstantQ(state, i);
+                    SubBytes(state);
+                    ShiftBytes(state);
+                    MixColumns(state);
+               }
+          }
+
+        public IMemoable Copy()
+        {
+            return new Dstu7564Digest(this);
+        }
+
+        public void Reset(IMemoable other)
+        {
+            Dstu7564Digest d = (Dstu7564Digest)other;
+
+            copyIn(d);
+        }
+
+        private readonly byte[][] mds_matrix = new byte[][]
+          { 
+               new byte[] {0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04},
+	          new byte[] {0x04, 0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07},
+	          new byte[] {0x07, 0x04, 0x01, 0x01, 0x05, 0x01, 0x08, 0x06},
+	          new byte[] {0x06, 0x07, 0x04, 0x01, 0x01, 0x05, 0x01, 0x08},
+	          new byte[] {0x08, 0x06, 0x07, 0x04, 0x01, 0x01, 0x05, 0x01},
+	          new byte[] {0x01, 0x08, 0x06, 0x07, 0x04, 0x01, 0x01, 0x05},
+	          new byte[] {0x05, 0x01, 0x08, 0x06, 0x07, 0x04, 0x01, 0x01},
+               new byte[] {0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04, 0x01}
+          };
+
+
+
+
+          private readonly byte[][] sBoxes = new byte[][]
+          {
+               new byte[]
+               {
+                    0xa8, 0x43, 0x5f, 0x06, 0x6b, 0x75, 0x6c, 0x59, 0x71, 0xdf, 0x87, 0x95, 0x17, 0xf0, 0xd8, 0x09, 
+	               0x6d, 0xf3, 0x1d, 0xcb, 0xc9, 0x4d, 0x2c, 0xaf, 0x79, 0xe0, 0x97, 0xfd, 0x6f, 0x4b, 0x45, 0x39, 
+	               0x3e, 0xdd, 0xa3, 0x4f, 0xb4, 0xb6, 0x9a, 0x0e, 0x1f, 0xbf, 0x15, 0xe1, 0x49, 0xd2, 0x93, 0xc6, 
+	               0x92, 0x72, 0x9e, 0x61, 0xd1, 0x63, 0xfa, 0xee, 0xf4, 0x19, 0xd5, 0xad, 0x58, 0xa4, 0xbb, 0xa1, 
+	               0xdc, 0xf2, 0x83, 0x37, 0x42, 0xe4, 0x7a, 0x32, 0x9c, 0xcc, 0xab, 0x4a, 0x8f, 0x6e, 0x04, 0x27, 
+	               0x2e, 0xe7, 0xe2, 0x5a, 0x96, 0x16, 0x23, 0x2b, 0xc2, 0x65, 0x66, 0x0f, 0xbc, 0xa9, 0x47, 0x41, 
+	               0x34, 0x48, 0xfc, 0xb7, 0x6a, 0x88, 0xa5, 0x53, 0x86, 0xf9, 0x5b, 0xdb, 0x38, 0x7b, 0xc3, 0x1e, 
+	               0x22, 0x33, 0x24, 0x28, 0x36, 0xc7, 0xb2, 0x3b, 0x8e, 0x77, 0xba, 0xf5, 0x14, 0x9f, 0x08, 0x55, 
+	               0x9b, 0x4c, 0xfe, 0x60, 0x5c, 0xda, 0x18, 0x46, 0xcd, 0x7d, 0x21, 0xb0, 0x3f, 0x1b, 0x89, 0xff, 
+	               0xeb, 0x84, 0x69, 0x3a, 0x9d, 0xd7, 0xd3, 0x70, 0x67, 0x40, 0xb5, 0xde, 0x5d, 0x30, 0x91, 0xb1, 
+	               0x78, 0x11, 0x01, 0xe5, 0x00, 0x68, 0x98, 0xa0, 0xc5, 0x02, 0xa6, 0x74, 0x2d, 0x0b, 0xa2, 0x76, 
+	               0xb3, 0xbe, 0xce, 0xbd, 0xae, 0xe9, 0x8a, 0x31, 0x1c, 0xec, 0xf1, 0x99, 0x94, 0xaa, 0xf6, 0x26, 
+	               0x2f, 0xef, 0xe8, 0x8c, 0x35, 0x03, 0xd4, 0x7f, 0xfb, 0x05, 0xc1, 0x5e, 0x90, 0x20, 0x3d, 0x82, 
+	               0xf7, 0xea, 0x0a, 0x0d, 0x7e, 0xf8, 0x50, 0x1a, 0xc4, 0x07, 0x57, 0xb8, 0x3c, 0x62, 0xe3, 0xc8, 
+	               0xac, 0x52, 0x64, 0x10, 0xd0, 0xd9, 0x13, 0x0c, 0x12, 0x29, 0x51, 0xb9, 0xcf, 0xd6, 0x73, 0x8d, 
+	               0x81, 0x54, 0xc0, 0xed, 0x4e, 0x44, 0xa7, 0x2a, 0x85, 0x25, 0xe6, 0xca, 0x7c, 0x8b, 0x56, 0x80
+               },
+
+               new byte[]
+               {
+                    0xce, 0xbb, 0xeb, 0x92, 0xea, 0xcb, 0x13, 0xc1, 0xe9, 0x3a, 0xd6, 0xb2, 0xd2, 0x90, 0x17, 0xf8, 
+	               0x42, 0x15, 0x56, 0xb4, 0x65, 0x1c, 0x88, 0x43, 0xc5, 0x5c, 0x36, 0xba, 0xf5, 0x57, 0x67, 0x8d, 
+	               0x31, 0xf6, 0x64, 0x58, 0x9e, 0xf4, 0x22, 0xaa, 0x75, 0x0f, 0x02, 0xb1, 0xdf, 0x6d, 0x73, 0x4d, 
+	               0x7c, 0x26, 0x2e, 0xf7, 0x08, 0x5d, 0x44, 0x3e, 0x9f, 0x14, 0xc8, 0xae, 0x54, 0x10, 0xd8, 0xbc, 
+	               0x1a, 0x6b, 0x69, 0xf3, 0xbd, 0x33, 0xab, 0xfa, 0xd1, 0x9b, 0x68, 0x4e, 0x16, 0x95, 0x91, 0xee, 
+	               0x4c, 0x63, 0x8e, 0x5b, 0xcc, 0x3c, 0x19, 0xa1, 0x81, 0x49, 0x7b, 0xd9, 0x6f, 0x37, 0x60, 0xca, 
+	               0xe7, 0x2b, 0x48, 0xfd, 0x96, 0x45, 0xfc, 0x41, 0x12, 0x0d, 0x79, 0xe5, 0x89, 0x8c, 0xe3, 0x20, 
+	               0x30, 0xdc, 0xb7, 0x6c, 0x4a, 0xb5, 0x3f, 0x97, 0xd4, 0x62, 0x2d, 0x06, 0xa4, 0xa5, 0x83, 0x5f, 
+	               0x2a, 0xda, 0xc9, 0x00, 0x7e, 0xa2, 0x55, 0xbf, 0x11, 0xd5, 0x9c, 0xcf, 0x0e, 0x0a, 0x3d, 0x51, 
+	               0x7d, 0x93, 0x1b, 0xfe, 0xc4, 0x47, 0x09, 0x86, 0x0b, 0x8f, 0x9d, 0x6a, 0x07, 0xb9, 0xb0, 0x98, 
+	               0x18, 0x32, 0x71, 0x4b, 0xef, 0x3b, 0x70, 0xa0, 0xe4, 0x40, 0xff, 0xc3, 0xa9, 0xe6, 0x78, 0xf9, 
+	               0x8b, 0x46, 0x80, 0x1e, 0x38, 0xe1, 0xb8, 0xa8, 0xe0, 0x0c, 0x23, 0x76, 0x1d, 0x25, 0x24, 0x05, 
+	               0xf1, 0x6e, 0x94, 0x28, 0x9a, 0x84, 0xe8, 0xa3, 0x4f, 0x77, 0xd3, 0x85, 0xe2, 0x52, 0xf2, 0x82, 
+	               0x50, 0x7a, 0x2f, 0x74, 0x53, 0xb3, 0x61, 0xaf, 0x39, 0x35, 0xde, 0xcd, 0x1f, 0x99, 0xac, 0xad, 
+	               0x72, 0x2c, 0xdd, 0xd0, 0x87, 0xbe, 0x5e, 0xa6, 0xec, 0x04, 0xc6, 0x03, 0x34, 0xfb, 0xdb, 0x59, 
+	               0xb6, 0xc2, 0x01, 0xf0, 0x5a, 0xed, 0xa7, 0x66, 0x21, 0x7f, 0x8a, 0x27, 0xc7, 0xc0, 0x29, 0xd7
+               },
+
+               new byte[]
+               {
+                    0x93, 0xd9, 0x9a, 0xb5, 0x98, 0x22, 0x45, 0xfc, 0xba, 0x6a, 0xdf, 0x02, 0x9f, 0xdc, 0x51, 0x59, 
+	               0x4a, 0x17, 0x2b, 0xc2, 0x94, 0xf4, 0xbb, 0xa3, 0x62, 0xe4, 0x71, 0xd4, 0xcd, 0x70, 0x16, 0xe1, 
+	               0x49, 0x3c, 0xc0, 0xd8, 0x5c, 0x9b, 0xad, 0x85, 0x53, 0xa1, 0x7a, 0xc8, 0x2d, 0xe0, 0xd1, 0x72, 
+	               0xa6, 0x2c, 0xc4, 0xe3, 0x76, 0x78, 0xb7, 0xb4, 0x09, 0x3b, 0x0e, 0x41, 0x4c, 0xde, 0xb2, 0x90, 
+	               0x25, 0xa5, 0xd7, 0x03, 0x11, 0x00, 0xc3, 0x2e, 0x92, 0xef, 0x4e, 0x12, 0x9d, 0x7d, 0xcb, 0x35, 
+	               0x10, 0xd5, 0x4f, 0x9e, 0x4d, 0xa9, 0x55, 0xc6, 0xd0, 0x7b, 0x18, 0x97, 0xd3, 0x36, 0xe6, 0x48, 
+	               0x56, 0x81, 0x8f, 0x77, 0xcc, 0x9c, 0xb9, 0xe2, 0xac, 0xb8, 0x2f, 0x15, 0xa4, 0x7c, 0xda, 0x38, 
+	               0x1e, 0x0b, 0x05, 0xd6, 0x14, 0x6e, 0x6c, 0x7e, 0x66, 0xfd, 0xb1, 0xe5, 0x60, 0xaf, 0x5e, 0x33, 
+	               0x87, 0xc9, 0xf0, 0x5d, 0x6d, 0x3f, 0x88, 0x8d, 0xc7, 0xf7, 0x1d, 0xe9, 0xec, 0xed, 0x80, 0x29, 
+	               0x27, 0xcf, 0x99, 0xa8, 0x50, 0x0f, 0x37, 0x24, 0x28, 0x30, 0x95, 0xd2, 0x3e, 0x5b, 0x40, 0x83, 
+	               0xb3, 0x69, 0x57, 0x1f, 0x07, 0x1c, 0x8a, 0xbc, 0x20, 0xeb, 0xce, 0x8e, 0xab, 0xee, 0x31, 0xa2, 
+	               0x73, 0xf9, 0xca, 0x3a, 0x1a, 0xfb, 0x0d, 0xc1, 0xfe, 0xfa, 0xf2, 0x6f, 0xbd, 0x96, 0xdd, 0x43, 
+	               0x52, 0xb6, 0x08, 0xf3, 0xae, 0xbe, 0x19, 0x89, 0x32, 0x26, 0xb0, 0xea, 0x4b, 0x64, 0x84, 0x82, 
+	               0x6b, 0xf5, 0x79, 0xbf, 0x01, 0x5f, 0x75, 0x63, 0x1b, 0x23, 0x3d, 0x68, 0x2a, 0x65, 0xe8, 0x91, 
+	               0xf6, 0xff, 0x13, 0x58, 0xf1, 0x47, 0x0a, 0x7f, 0xc5, 0xa7, 0xe7, 0x61, 0x5a, 0x06, 0x46, 0x44, 
+	               0x42, 0x04, 0xa0, 0xdb, 0x39, 0x86, 0x54, 0xaa, 0x8c, 0x34, 0x21, 0x8b, 0xf8, 0x0c, 0x74, 0x67
+               },
+
+               new byte[]
+               {
+                    0x68, 0x8d, 0xca, 0x4d, 0x73, 0x4b, 0x4e, 0x2a, 0xd4, 0x52, 0x26, 0xb3, 0x54, 0x1e, 0x19, 0x1f, 
+	               0x22, 0x03, 0x46, 0x3d, 0x2d, 0x4a, 0x53, 0x83, 0x13, 0x8a, 0xb7, 0xd5, 0x25, 0x79, 0xf5, 0xbd, 
+	               0x58, 0x2f, 0x0d, 0x02, 0xed, 0x51, 0x9e, 0x11, 0xf2, 0x3e, 0x55, 0x5e, 0xd1, 0x16, 0x3c, 0x66, 
+	               0x70, 0x5d, 0xf3, 0x45, 0x40, 0xcc, 0xe8, 0x94, 0x56, 0x08, 0xce, 0x1a, 0x3a, 0xd2, 0xe1, 0xdf, 
+	               0xb5, 0x38, 0x6e, 0x0e, 0xe5, 0xf4, 0xf9, 0x86, 0xe9, 0x4f, 0xd6, 0x85, 0x23, 0xcf, 0x32, 0x99, 
+	               0x31, 0x14, 0xae, 0xee, 0xc8, 0x48, 0xd3, 0x30, 0xa1, 0x92, 0x41, 0xb1, 0x18, 0xc4, 0x2c, 0x71, 
+	               0x72, 0x44, 0x15, 0xfd, 0x37, 0xbe, 0x5f, 0xaa, 0x9b, 0x88, 0xd8, 0xab, 0x89, 0x9c, 0xfa, 0x60, 
+	               0xea, 0xbc, 0x62, 0x0c, 0x24, 0xa6, 0xa8, 0xec, 0x67, 0x20, 0xdb, 0x7c, 0x28, 0xdd, 0xac, 0x5b, 
+	               0x34, 0x7e, 0x10, 0xf1, 0x7b, 0x8f, 0x63, 0xa0, 0x05, 0x9a, 0x43, 0x77, 0x21, 0xbf, 0x27, 0x09, 
+	               0xc3, 0x9f, 0xb6, 0xd7, 0x29, 0xc2, 0xeb, 0xc0, 0xa4, 0x8b, 0x8c, 0x1d, 0xfb, 0xff, 0xc1, 0xb2, 
+	               0x97, 0x2e, 0xf8, 0x65, 0xf6, 0x75, 0x07, 0x04, 0x49, 0x33, 0xe4, 0xd9, 0xb9, 0xd0, 0x42, 0xc7, 
+	               0x6c, 0x90, 0x00, 0x8e, 0x6f, 0x50, 0x01, 0xc5, 0xda, 0x47, 0x3f, 0xcd, 0x69, 0xa2, 0xe2, 0x7a, 
+	               0xa7, 0xc6, 0x93, 0x0f, 0x0a, 0x06, 0xe6, 0x2b, 0x96, 0xa3, 0x1c, 0xaf, 0x6a, 0x12, 0x84, 0x39, 
+	               0xe7, 0xb0, 0x82, 0xf7, 0xfe, 0x9d, 0x87, 0x5c, 0x81, 0x35, 0xde, 0xb4, 0xa5, 0xfc, 0x80, 0xef, 
+	               0xcb, 0xbb, 0x6b, 0x76, 0xba, 0x5a, 0x7d, 0x78, 0x0b, 0x95, 0xe3, 0xad, 0x74, 0x98, 0x3b, 0x36, 
+	               0x64, 0x6d, 0xdc, 0xf0, 0x59, 0xa9, 0x4c, 0x17, 0x7f, 0x91, 0xb8, 0xc9, 0x57, 0x1b, 0xe0, 0x61
+               }
+          };
+
+
+     }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/GOST3411Digest.cs b/bc-sharp-crypto/src/crypto/digests/GOST3411Digest.cs
new file mode 100644
index 0000000..218adf6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/GOST3411Digest.cs
@@ -0,0 +1,356 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+	/**
+	* implementation of GOST R 34.11-94
+	*/
+	public class Gost3411Digest
+		: IDigest, IMemoable
+	{
+		private const int DIGEST_LENGTH = 32;
+
+		private byte[]	H = new byte[32], L = new byte[32],
+						M = new byte[32], Sum = new byte[32];
+		private byte[][] C = MakeC();
+
+		private byte[]	xBuf = new byte[32];
+		private int		xBufOff;
+		private ulong	byteCount;
+
+		private readonly IBlockCipher cipher = new Gost28147Engine();
+		private byte[] sBox;
+
+		private static byte[][] MakeC()
+		{
+			byte[][] c = new byte[4][];
+			for (int i = 0; i < 4; ++i)
+			{
+				c[i] = new byte[32];
+			}
+			return c;
+		}
+
+		/**
+		 * Standard constructor
+		 */
+		public Gost3411Digest()
+		{
+			sBox = Gost28147Engine.GetSBox("D-A");
+			cipher.Init(true, new ParametersWithSBox(null, sBox));
+
+			Reset();
+		}
+
+		/**
+		 * Constructor to allow use of a particular sbox with GOST28147
+		 * @see GOST28147Engine#getSBox(String)
+		 */
+		public Gost3411Digest(byte[] sBoxParam)
+		{
+			sBox = Arrays.Clone(sBoxParam);
+			cipher.Init(true, new ParametersWithSBox(null, sBox));
+
+			Reset();
+		}
+
+		/**
+		 * Copy constructor.  This will copy the state of the provided
+		 * message digest.
+		 */
+		public Gost3411Digest(Gost3411Digest t)
+		{
+			Reset(t);
+		}
+
+		public string AlgorithmName
+		{
+			get { return "Gost3411"; }
+		}
+
+		public int GetDigestSize()
+		{
+			return DIGEST_LENGTH;
+		}
+
+		public void Update(
+			byte input)
+		{
+			xBuf[xBufOff++] = input;
+			if (xBufOff == xBuf.Length)
+			{
+				sumByteArray(xBuf); // calc sum M
+				processBlock(xBuf, 0);
+				xBufOff = 0;
+			}
+			byteCount++;
+		}
+
+		public void BlockUpdate(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			while ((xBufOff != 0) && (length > 0))
+			{
+				Update(input[inOff]);
+				inOff++;
+				length--;
+			}
+
+			while (length > xBuf.Length)
+			{
+				Array.Copy(input, inOff, xBuf, 0, xBuf.Length);
+
+				sumByteArray(xBuf); // calc sum M
+				processBlock(xBuf, 0);
+				inOff += xBuf.Length;
+				length -= xBuf.Length;
+				byteCount += (uint)xBuf.Length;
+			}
+
+			// load in the remainder.
+			while (length > 0)
+			{
+				Update(input[inOff]);
+				inOff++;
+				length--;
+			}
+		}
+
+		// (i + 1 + 4(k - 1)) = 8i + k      i = 0-3, k = 1-8
+		private byte[] K = new byte[32];
+
+		private byte[] P(byte[] input)
+		{
+			int fourK = 0;
+			for(int k = 0; k < 8; k++)
+			{
+				K[fourK++] = input[k];
+				K[fourK++] = input[8 + k];
+				K[fourK++] = input[16 + k];
+				K[fourK++] = input[24 + k];
+			}
+
+			return K;
+		}
+
+		//A (x) = (x0 ^ x1) || x3 || x2 || x1
+		byte[] a = new byte[8];
+		private byte[] A(byte[] input)
+		{
+			for(int j=0; j<8; j++)
+			{
+				a[j]=(byte)(input[j] ^ input[j+8]);
+			}
+
+			Array.Copy(input, 8, input, 0, 24);
+			Array.Copy(a, 0, input, 24, 8);
+
+			return input;
+		}
+
+		//Encrypt function, ECB mode
+		private void E(byte[] key, byte[] s, int sOff, byte[] input, int inOff)
+		{
+			cipher.Init(true, new KeyParameter(key));
+
+			cipher.ProcessBlock(input, inOff, s, sOff);
+		}
+
+		// (in:) n16||..||n1 ==> (out:) n1^n2^n3^n4^n13^n16||n16||..||n2
+		internal short[] wS = new short[16], w_S = new short[16];
+
+		private void fw(byte[] input)
+		{
+			cpyBytesToShort(input, wS);
+			w_S[15] = (short)(wS[0] ^ wS[1] ^ wS[2] ^ wS[3] ^ wS[12] ^ wS[15]);
+			Array.Copy(wS, 1, w_S, 0, 15);
+			cpyShortToBytes(w_S, input);
+		}
+
+		// block processing
+		internal byte[] S = new byte[32], U = new byte[32], V = new byte[32], W = new byte[32];
+
+		private void processBlock(byte[] input, int inOff)
+		{
+			Array.Copy(input, inOff, M, 0, 32);
+
+			//key step 1
+
+			// H = h3 || h2 || h1 || h0
+			// S = s3 || s2 || s1 || s0
+			H.CopyTo(U, 0);
+			M.CopyTo(V, 0);
+			for (int j=0; j<32; j++)
+			{
+				W[j] = (byte)(U[j]^V[j]);
+			}
+			// Encrypt gost28147-ECB
+			E(P(W), S, 0, H, 0); // s0 = EK0 [h0]
+
+			//keys step 2,3,4
+			for (int i=1; i<4; i++)
+			{
+				byte[] tmpA = A(U);
+				for (int j=0; j<32; j++)
+				{
+					U[j] = (byte)(tmpA[j] ^ C[i][j]);
+				}
+				V = A(A(V));
+				for (int j=0; j<32; j++)
+				{
+					W[j] = (byte)(U[j]^V[j]);
+				}
+				// Encrypt gost28147-ECB
+				E(P(W), S, i * 8, H, i * 8); // si = EKi [hi]
+			}
+
+			// x(M, H) = y61(H^y(M^y12(S)))
+			for(int n = 0; n < 12; n++)
+			{
+				fw(S);
+			}
+			for(int n = 0; n < 32; n++)
+			{
+				S[n] = (byte)(S[n] ^ M[n]);
+			}
+
+			fw(S);
+
+			for(int n = 0; n < 32; n++)
+			{
+				S[n] = (byte)(H[n] ^ S[n]);
+			}
+			for(int n = 0; n < 61; n++)
+			{
+				fw(S);
+			}
+			Array.Copy(S, 0, H, 0, H.Length);
+		}
+
+		private void finish()
+		{
+			ulong bitCount = byteCount * 8;
+			Pack.UInt64_To_LE(bitCount, L);
+
+			while (xBufOff != 0)
+			{
+				Update((byte)0);
+			}
+
+			processBlock(L, 0);
+			processBlock(Sum, 0);
+		}
+
+		public int DoFinal(
+			byte[]  output,
+			int     outOff)
+		{
+			finish();
+
+			H.CopyTo(output, outOff);
+
+			Reset();
+
+			return DIGEST_LENGTH;
+		}
+
+		/**
+		* reset the chaining variables to the IV values.
+		*/
+		private static readonly byte[] C2 = {
+			0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,
+			(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,
+			0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF,0x00,0x00,(byte)0xFF,
+			(byte)0xFF,0x00,0x00,0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF
+		};
+
+		public void Reset()
+		{
+			byteCount = 0;
+			xBufOff = 0;
+
+			Array.Clear(H, 0, H.Length);
+			Array.Clear(L, 0, L.Length);
+			Array.Clear(M, 0, M.Length);
+			Array.Clear(C[1], 0, C[1].Length); // real index C = +1 because index array with 0.
+			Array.Clear(C[3], 0, C[3].Length);
+			Array.Clear(Sum, 0, Sum.Length);
+			Array.Clear(xBuf, 0, xBuf.Length);
+
+			C2.CopyTo(C[2], 0);
+		}
+
+		//  256 bitsblock modul -> (Sum + a mod (2^256))
+		private void sumByteArray(
+			byte[] input)
+		{
+			int carry = 0;
+
+			for (int i = 0; i != Sum.Length; i++)
+			{
+				int sum = (Sum[i] & 0xff) + (input[i] & 0xff) + carry;
+
+				Sum[i] = (byte)sum;
+
+				carry = sum >> 8;
+			}
+		}
+
+		private static void cpyBytesToShort(byte[] S, short[] wS)
+		{
+			for(int i = 0; i < S.Length / 2; i++)
+			{
+				wS[i] = (short)(((S[i*2+1]<<8)&0xFF00)|(S[i*2]&0xFF));
+			}
+		}
+
+		private static void cpyShortToBytes(short[] wS, byte[] S)
+		{
+			for(int i=0; i<S.Length/2; i++)
+			{
+				S[i*2 + 1] = (byte)(wS[i] >> 8);
+				S[i*2] = (byte)wS[i];
+			}
+		}
+
+		public int GetByteLength()
+		{
+			return 32;
+		}
+
+		public IMemoable Copy()
+		{
+			return new Gost3411Digest(this);
+		}
+
+		public void Reset(IMemoable other)
+		{
+			Gost3411Digest t = (Gost3411Digest)other;
+
+			this.sBox = t.sBox;
+			cipher.Init(true, new ParametersWithSBox(null, sBox));
+
+			Reset();
+
+			Array.Copy(t.H, 0, this.H, 0, t.H.Length);
+			Array.Copy(t.L, 0, this.L, 0, t.L.Length);
+			Array.Copy(t.M, 0, this.M, 0, t.M.Length);
+			Array.Copy(t.Sum, 0, this.Sum, 0, t.Sum.Length);
+			Array.Copy(t.C[1], 0, this.C[1], 0, t.C[1].Length);
+			Array.Copy(t.C[2], 0, this.C[2], 0, t.C[2].Length);
+			Array.Copy(t.C[3], 0, this.C[3], 0, t.C[3].Length);
+			Array.Copy(t.xBuf, 0, this.xBuf, 0, t.xBuf.Length);
+
+			this.xBufOff = t.xBufOff;
+			this.byteCount = t.byteCount;
+		}
+	}
+
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/GOST3411_2012Digest.cs b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012Digest.cs
new file mode 100644
index 0000000..4395129
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012Digest.cs
@@ -0,0 +1,1036 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    public abstract class GOST3411_2012Digest:IDigest,IMemoable
+    {
+        private readonly byte[] IV = new byte[64];
+        private readonly byte[] N = new byte[64];
+        private readonly byte[] Sigma = new byte[64];
+        private readonly byte[] Ki = new byte[64];
+        private readonly byte[] m = new byte[64];
+        private readonly byte[] h = new byte[64];
+
+        // Temporary buffers
+        private readonly byte[] tmp = new byte[64];
+        private readonly byte[] block = new byte[64];
+
+        private int bOff = 64;
+
+        protected GOST3411_2012Digest(byte[] IV)
+        {
+            System.Array.Copy(IV,this.IV,64);
+            System.Array.Copy(IV, h, 64);
+        }
+
+        public abstract string AlgorithmName { get; }
+
+        public abstract IMemoable Copy();
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            int lenM = 64 - bOff;
+
+            // At this point it is certain that lenM is smaller than 64
+            for (int i = 0; i != 64 - lenM; i++)
+            {
+                m[i] = 0;
+            }
+
+            m[63 - lenM] = 1;
+
+            if (bOff != 64)
+            {
+                System.Array.Copy(block, bOff, m, 64 - lenM, lenM);
+            }
+
+            g_N(h, N, m);
+            addMod512(N, lenM * 8);
+            addMod512(Sigma, m);
+            g_N(h, Zero, N);
+            g_N(h, Zero, Sigma);
+
+            reverse(h, tmp);
+            
+            Array.Copy(tmp, 0, output, outOff, 64);
+
+            Reset();
+            return 64;
+        }
+
+        public int GetByteLength()
+        {
+            return 64;
+        }
+
+        public abstract int GetDigestSize();
+       
+
+        public void Reset()
+        {
+            bOff = 64;
+            Arrays.Fill(N, (byte)0);
+            Arrays.Fill(Sigma, (byte)0);
+            System.Array.Copy(IV, 0, h, 0, 64);
+            Arrays.Fill(block, (byte)0);
+        }
+
+        public void Reset(IMemoable other)
+        {
+            GOST3411_2012Digest o = (GOST3411_2012Digest)other;
+
+            System.Array.Copy(o.IV, 0, this.IV, 0, 64);
+            System.Array.Copy(o.N, 0, this.N, 0, 64);
+            System.Array.Copy(o.Sigma, 0, this.Sigma, 0, 64);
+            System.Array.Copy(o.Ki, 0, this.Ki, 0, 64);
+            System.Array.Copy(o.m, 0, this.m, 0, 64);
+            System.Array.Copy(o.h, 0, this.h, 0, 64);
+
+            System.Array.Copy(o.block, 0, this.block, 0, 64);
+            this.bOff = o.bOff;
+        }
+
+        public void Update(byte input)
+        {
+            block[--bOff] = input;
+            if (bOff == 0)
+            {
+                g_N(h, N, block);
+                addMod512(N, 512);
+                addMod512(Sigma, block);
+                bOff = 64;
+            }
+        }
+
+
+        public void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            while (bOff != 64 && len > 0)
+            {
+                Update(input[inOff++]);
+                len--;
+            }
+            while (len >= 64)
+            {
+                System.Array.Copy(input, inOff, tmp, 0, 64);
+                reverse(tmp, block);
+                g_N(h, N, block);
+                addMod512(N, 512);
+                addMod512(Sigma, block);
+
+                len -= 64;
+                inOff += 64;
+            }
+            while (len > 0)
+            {
+                Update(input[inOff++]);
+                len--;
+            }
+        }
+
+    
+
+
+        private void F(byte[] V)
+        {
+            ulong[] res = new ulong[8];
+            ulong r;
+
+            r = 0;
+            r ^= T[0][(V[56] & 0xFF)];
+            r ^= T[1][(V[48] & 0xFF)];
+            r ^= T[2][(V[40] & 0xFF)];
+            r ^= T[3][(V[32] & 0xFF)];
+            r ^= T[4][(V[24] & 0xFF)];
+            r ^= T[5][(V[16] & 0xFF)];
+            r ^= T[6][(V[8] & 0xFF)];
+            r ^= T[7][(V[0] & 0xFF)];
+            res[0] = r;
+
+            r = 0;
+            r ^= T[0][(V[57] & 0xFF)];
+            r ^= T[1][(V[49] & 0xFF)];
+            r ^= T[2][(V[41] & 0xFF)];
+            r ^= T[3][(V[33] & 0xFF)];
+            r ^= T[4][(V[25] & 0xFF)];
+            r ^= T[5][(V[17] & 0xFF)];
+            r ^= T[6][(V[9] & 0xFF)];
+            r ^= T[7][(V[1] & 0xFF)];
+            res[1] = r;
+
+            r = 0;
+            r ^= T[0][(V[58] & 0xFF)];
+            r ^= T[1][(V[50] & 0xFF)];
+            r ^= T[2][(V[42] & 0xFF)];
+            r ^= T[3][(V[34] & 0xFF)];
+            r ^= T[4][(V[26] & 0xFF)];
+            r ^= T[5][(V[18] & 0xFF)];
+            r ^= T[6][(V[10] & 0xFF)];
+            r ^= T[7][(V[2] & 0xFF)];
+            res[2] = r;
+
+            r = 0;
+            r ^= T[0][(V[59] & 0xFF)];
+            r ^= T[1][(V[51] & 0xFF)];
+            r ^= T[2][(V[43] & 0xFF)];
+            r ^= T[3][(V[35] & 0xFF)];
+            r ^= T[4][(V[27] & 0xFF)];
+            r ^= T[5][(V[19] & 0xFF)];
+            r ^= T[6][(V[11] & 0xFF)];
+            r ^= T[7][(V[3] & 0xFF)];
+            res[3] = r;
+
+            r = 0;
+            r ^= T[0][(V[60] & 0xFF)];
+            r ^= T[1][(V[52] & 0xFF)];
+            r ^= T[2][(V[44] & 0xFF)];
+            r ^= T[3][(V[36] & 0xFF)];
+            r ^= T[4][(V[28] & 0xFF)];
+            r ^= T[5][(V[20] & 0xFF)];
+            r ^= T[6][(V[12] & 0xFF)];
+            r ^= T[7][(V[4] & 0xFF)];
+            res[4] = r;
+
+            r = 0;
+            r ^= T[0][(V[61] & 0xFF)];
+            r ^= T[1][(V[53] & 0xFF)];
+            r ^= T[2][(V[45] & 0xFF)];
+            r ^= T[3][(V[37] & 0xFF)];
+            r ^= T[4][(V[29] & 0xFF)];
+            r ^= T[5][(V[21] & 0xFF)];
+            r ^= T[6][(V[13] & 0xFF)];
+            r ^= T[7][(V[5] & 0xFF)];
+            res[5] = r;
+
+            r = 0;
+            r ^= T[0][(V[62] & 0xFF)];
+            r ^= T[1][(V[54] & 0xFF)];
+            r ^= T[2][(V[46] & 0xFF)];
+            r ^= T[3][(V[38] & 0xFF)];
+            r ^= T[4][(V[30] & 0xFF)];
+            r ^= T[5][(V[22] & 0xFF)];
+            r ^= T[6][(V[14] & 0xFF)];
+            r ^= T[7][(V[6] & 0xFF)];
+            res[6] = r;
+
+            r = 0;
+            r ^= T[0][(V[63] & 0xFF)];
+            r ^= T[1][(V[55] & 0xFF)];
+            r ^= T[2][(V[47] & 0xFF)];
+            r ^= T[3][(V[39] & 0xFF)];
+            r ^= T[4][(V[31] & 0xFF)];
+            r ^= T[5][(V[23] & 0xFF)];
+            r ^= T[6][(V[15] & 0xFF)];
+            r ^= T[7][(V[7] & 0xFF)];
+            res[7] = r;
+
+            r = res[0];
+            V[7] = (byte)(r >> 56);
+            V[6] = (byte)(r >> 48);
+            V[5] = (byte)(r >> 40);
+            V[4] = (byte)(r >> 32);
+            V[3] = (byte)(r >> 24);
+            V[2] = (byte)(r >> 16);
+            V[1] = (byte)(r >> 8);
+            V[0] = (byte)(r);
+
+            r = res[1];
+            V[15] = (byte)(r >> 56);
+            V[14] = (byte)(r >> 48);
+            V[13] = (byte)(r >> 40);
+            V[12] = (byte)(r >> 32);
+            V[11] = (byte)(r >> 24);
+            V[10] = (byte)(r >> 16);
+            V[9] = (byte)(r >> 8);
+            V[8] = (byte)(r);
+
+            r = res[2];
+            V[23] = (byte)(r >> 56);
+            V[22] = (byte)(r >> 48);
+            V[21] = (byte)(r >> 40);
+            V[20] = (byte)(r >> 32);
+            V[19] = (byte)(r >> 24);
+            V[18] = (byte)(r >> 16);
+            V[17] = (byte)(r >> 8);
+            V[16] = (byte)(r);
+
+            r = res[3];
+            V[31] = (byte)(r >> 56);
+            V[30] = (byte)(r >> 48);
+            V[29] = (byte)(r >> 40);
+            V[28] = (byte)(r >> 32);
+            V[27] = (byte)(r >> 24);
+            V[26] = (byte)(r >> 16);
+            V[25] = (byte)(r >> 8);
+            V[24] = (byte)(r);
+
+            r = res[4];
+            V[39] = (byte)(r >> 56);
+            V[38] = (byte)(r >> 48);
+            V[37] = (byte)(r >> 40);
+            V[36] = (byte)(r >> 32);
+            V[35] = (byte)(r >> 24);
+            V[34] = (byte)(r >> 16);
+            V[33] = (byte)(r >> 8);
+            V[32] = (byte)(r);
+
+            r = res[5];
+            V[47] = (byte)(r >> 56);
+            V[46] = (byte)(r >> 48);
+            V[45] = (byte)(r >> 40);
+            V[44] = (byte)(r >> 32);
+            V[43] = (byte)(r >> 24);
+            V[42] = (byte)(r >> 16);
+            V[41] = (byte)(r >> 8);
+            V[40] = (byte)(r);
+
+            r = res[6];
+            V[55] = (byte)(r >> 56);
+            V[54] = (byte)(r >> 48);
+            V[53] = (byte)(r >> 40);
+            V[52] = (byte)(r >> 32);
+            V[51] = (byte)(r >> 24);
+            V[50] = (byte)(r >> 16);
+            V[49] = (byte)(r >> 8);
+            V[48] = (byte)(r);
+
+            r = res[7];
+            V[63] = (byte)(r >> 56);
+            V[62] = (byte)(r >> 48);
+            V[61] = (byte)(r >> 40);
+            V[60] = (byte)(r >> 32);
+            V[59] = (byte)(r >> 24);
+            V[58] = (byte)(r >> 16);
+            V[57] = (byte)(r >> 8);
+            V[56] = (byte)(r);
+        }
+
+        private void xor512(byte[] A, byte[] B)
+        {
+            for (int i = 0; i < 64; ++i)
+            {
+                A[i] ^= B[i];
+            }
+        }
+
+        private void E(byte[] K, byte[] m)
+        {
+            System.Array.Copy(K, 0, Ki, 0, 64);
+            xor512(K, m);
+            F(K);
+            for (int i = 0; i < 11; ++i)
+            {
+                xor512(Ki, C[i]);
+                F(Ki);
+                xor512(K, Ki);
+                F(K);
+            }
+            xor512(Ki, C[11]);
+            F(Ki);
+            xor512(K, Ki);
+        }
+
+        private void g_N(byte[] h, byte[] N, byte[] m)
+        {
+            System.Array.Copy(h, 0, tmp, 0, 64);
+
+            xor512(h, N);
+            F(h);
+
+            E(h, m);
+            xor512(h, tmp);
+            xor512(h, m);
+        }
+
+        private void addMod512(byte[] A, int num)
+        {
+            int c;
+            c = (A[63] & 0xFF) + (num & 0xFF);
+            A[63] = (byte)c;
+
+            c = (A[62] & 0xFF) + ((num >> 8) & 0xFF) + (c >> 8);
+            A[62] = (byte)c;
+
+            for (int i = 61; (i >= 0) && (c > 0); --i)
+            {
+                c = (A[i] & 0xFF) + (c >> 8);
+                A[i] = (byte)c;
+            }
+        }
+
+        private void addMod512(byte[] A, byte[] B)
+        {
+            for (int c = 0, i = 63; i >= 0; --i)
+            {
+                c = (A[i] & 0xFF) + (B[i] & 0xFF) + (c >> 8);
+                A[i] = (byte)c;
+            }
+        }
+
+        private void reverse(byte[] src, byte[] dst)
+        {
+            int len = src.Length;
+            for (int i = 0; i < len; i++)
+            {
+                dst[len - 1 - i] = src[i];
+            }
+        }
+
+        private static readonly byte[][] C = new byte[][]{ new byte[]{
+        (byte)0xb1, (byte)0x08, (byte)0x5b, (byte)0xda, (byte)0x1e, (byte)0xca, (byte)0xda, (byte)0xe9,
+        (byte)0xeb, (byte)0xcb, (byte)0x2f, (byte)0x81, (byte)0xc0, (byte)0x65, (byte)0x7c, (byte)0x1f,
+        (byte)0x2f, (byte)0x6a, (byte)0x76, (byte)0x43, (byte)0x2e, (byte)0x45, (byte)0xd0, (byte)0x16,
+        (byte)0x71, (byte)0x4e, (byte)0xb8, (byte)0x8d, (byte)0x75, (byte)0x85, (byte)0xc4, (byte)0xfc,
+        (byte)0x4b, (byte)0x7c, (byte)0xe0, (byte)0x91, (byte)0x92, (byte)0x67, (byte)0x69, (byte)0x01,
+        (byte)0xa2, (byte)0x42, (byte)0x2a, (byte)0x08, (byte)0xa4, (byte)0x60, (byte)0xd3, (byte)0x15,
+        (byte)0x05, (byte)0x76, (byte)0x74, (byte)0x36, (byte)0xcc, (byte)0x74, (byte)0x4d, (byte)0x23,
+        (byte)0xdd, (byte)0x80, (byte)0x65, (byte)0x59, (byte)0xf2, (byte)0xa6, (byte)0x45, (byte)0x07},
+            
+        new byte[]{
+            (byte)0x6f, (byte)0xa3, (byte)0xb5, (byte)0x8a, (byte)0xa9, (byte)0x9d, (byte)0x2f, (byte)0x1a,
+            (byte)0x4f, (byte)0xe3, (byte)0x9d, (byte)0x46, (byte)0x0f, (byte)0x70, (byte)0xb5, (byte)0xd7,
+            (byte)0xf3, (byte)0xfe, (byte)0xea, (byte)0x72, (byte)0x0a, (byte)0x23, (byte)0x2b, (byte)0x98,
+            (byte)0x61, (byte)0xd5, (byte)0x5e, (byte)0x0f, (byte)0x16, (byte)0xb5, (byte)0x01, (byte)0x31,
+            (byte)0x9a, (byte)0xb5, (byte)0x17, (byte)0x6b, (byte)0x12, (byte)0xd6, (byte)0x99, (byte)0x58,
+            (byte)0x5c, (byte)0xb5, (byte)0x61, (byte)0xc2, (byte)0xdb, (byte)0x0a, (byte)0xa7, (byte)0xca,
+            (byte)0x55, (byte)0xdd, (byte)0xa2, (byte)0x1b, (byte)0xd7, (byte)0xcb, (byte)0xcd, (byte)0x56,
+            (byte)0xe6, (byte)0x79, (byte)0x04, (byte)0x70, (byte)0x21, (byte)0xb1, (byte)0x9b, (byte)0xb7},
+        new byte[]{
+            (byte)0xf5, (byte)0x74, (byte)0xdc, (byte)0xac, (byte)0x2b, (byte)0xce, (byte)0x2f, (byte)0xc7,
+            (byte)0x0a, (byte)0x39, (byte)0xfc, (byte)0x28, (byte)0x6a, (byte)0x3d, (byte)0x84, (byte)0x35,
+            (byte)0x06, (byte)0xf1, (byte)0x5e, (byte)0x5f, (byte)0x52, (byte)0x9c, (byte)0x1f, (byte)0x8b,
+            (byte)0xf2, (byte)0xea, (byte)0x75, (byte)0x14, (byte)0xb1, (byte)0x29, (byte)0x7b, (byte)0x7b,
+            (byte)0xd3, (byte)0xe2, (byte)0x0f, (byte)0xe4, (byte)0x90, (byte)0x35, (byte)0x9e, (byte)0xb1,
+            (byte)0xc1, (byte)0xc9, (byte)0x3a, (byte)0x37, (byte)0x60, (byte)0x62, (byte)0xdb, (byte)0x09,
+            (byte)0xc2, (byte)0xb6, (byte)0xf4, (byte)0x43, (byte)0x86, (byte)0x7a, (byte)0xdb, (byte)0x31,
+            (byte)0x99, (byte)0x1e, (byte)0x96, (byte)0xf5, (byte)0x0a, (byte)0xba, (byte)0x0a, (byte)0xb2},
+         new byte[]{
+            (byte)0xef, (byte)0x1f, (byte)0xdf, (byte)0xb3, (byte)0xe8, (byte)0x15, (byte)0x66, (byte)0xd2,
+            (byte)0xf9, (byte)0x48, (byte)0xe1, (byte)0xa0, (byte)0x5d, (byte)0x71, (byte)0xe4, (byte)0xdd,
+            (byte)0x48, (byte)0x8e, (byte)0x85, (byte)0x7e, (byte)0x33, (byte)0x5c, (byte)0x3c, (byte)0x7d,
+            (byte)0x9d, (byte)0x72, (byte)0x1c, (byte)0xad, (byte)0x68, (byte)0x5e, (byte)0x35, (byte)0x3f,
+            (byte)0xa9, (byte)0xd7, (byte)0x2c, (byte)0x82, (byte)0xed, (byte)0x03, (byte)0xd6, (byte)0x75,
+            (byte)0xd8, (byte)0xb7, (byte)0x13, (byte)0x33, (byte)0x93, (byte)0x52, (byte)0x03, (byte)0xbe,
+            (byte)0x34, (byte)0x53, (byte)0xea, (byte)0xa1, (byte)0x93, (byte)0xe8, (byte)0x37, (byte)0xf1,
+            (byte)0x22, (byte)0x0c, (byte)0xbe, (byte)0xbc, (byte)0x84, (byte)0xe3, (byte)0xd1, (byte)0x2e},
+        new byte[] {
+            (byte)0x4b, (byte)0xea, (byte)0x6b, (byte)0xac, (byte)0xad, (byte)0x47, (byte)0x47, (byte)0x99,
+            (byte)0x9a, (byte)0x3f, (byte)0x41, (byte)0x0c, (byte)0x6c, (byte)0xa9, (byte)0x23, (byte)0x63,
+            (byte)0x7f, (byte)0x15, (byte)0x1c, (byte)0x1f, (byte)0x16, (byte)0x86, (byte)0x10, (byte)0x4a,
+            (byte)0x35, (byte)0x9e, (byte)0x35, (byte)0xd7, (byte)0x80, (byte)0x0f, (byte)0xff, (byte)0xbd,
+            (byte)0xbf, (byte)0xcd, (byte)0x17, (byte)0x47, (byte)0x25, (byte)0x3a, (byte)0xf5, (byte)0xa3,
+            (byte)0xdf, (byte)0xff, (byte)0x00, (byte)0xb7, (byte)0x23, (byte)0x27, (byte)0x1a, (byte)0x16,
+            (byte)0x7a, (byte)0x56, (byte)0xa2, (byte)0x7e, (byte)0xa9, (byte)0xea, (byte)0x63, (byte)0xf5,
+            (byte)0x60, (byte)0x17, (byte)0x58, (byte)0xfd, (byte)0x7c, (byte)0x6c, (byte)0xfe, (byte)0x57},
+         new byte[]{
+            (byte)0xae, (byte)0x4f, (byte)0xae, (byte)0xae, (byte)0x1d, (byte)0x3a, (byte)0xd3, (byte)0xd9,
+            (byte)0x6f, (byte)0xa4, (byte)0xc3, (byte)0x3b, (byte)0x7a, (byte)0x30, (byte)0x39, (byte)0xc0,
+            (byte)0x2d, (byte)0x66, (byte)0xc4, (byte)0xf9, (byte)0x51, (byte)0x42, (byte)0xa4, (byte)0x6c,
+            (byte)0x18, (byte)0x7f, (byte)0x9a, (byte)0xb4, (byte)0x9a, (byte)0xf0, (byte)0x8e, (byte)0xc6,
+            (byte)0xcf, (byte)0xfa, (byte)0xa6, (byte)0xb7, (byte)0x1c, (byte)0x9a, (byte)0xb7, (byte)0xb4,
+            (byte)0x0a, (byte)0xf2, (byte)0x1f, (byte)0x66, (byte)0xc2, (byte)0xbe, (byte)0xc6, (byte)0xb6,
+            (byte)0xbf, (byte)0x71, (byte)0xc5, (byte)0x72, (byte)0x36, (byte)0x90, (byte)0x4f, (byte)0x35,
+            (byte)0xfa, (byte)0x68, (byte)0x40, (byte)0x7a, (byte)0x46, (byte)0x64, (byte)0x7d, (byte)0x6e},
+        new byte[] {
+            (byte)0xf4, (byte)0xc7, (byte)0x0e, (byte)0x16, (byte)0xee, (byte)0xaa, (byte)0xc5, (byte)0xec,
+            (byte)0x51, (byte)0xac, (byte)0x86, (byte)0xfe, (byte)0xbf, (byte)0x24, (byte)0x09, (byte)0x54,
+            (byte)0x39, (byte)0x9e, (byte)0xc6, (byte)0xc7, (byte)0xe6, (byte)0xbf, (byte)0x87, (byte)0xc9,
+            (byte)0xd3, (byte)0x47, (byte)0x3e, (byte)0x33, (byte)0x19, (byte)0x7a, (byte)0x93, (byte)0xc9,
+            (byte)0x09, (byte)0x92, (byte)0xab, (byte)0xc5, (byte)0x2d, (byte)0x82, (byte)0x2c, (byte)0x37,
+            (byte)0x06, (byte)0x47, (byte)0x69, (byte)0x83, (byte)0x28, (byte)0x4a, (byte)0x05, (byte)0x04,
+            (byte)0x35, (byte)0x17, (byte)0x45, (byte)0x4c, (byte)0xa2, (byte)0x3c, (byte)0x4a, (byte)0xf3,
+            (byte)0x88, (byte)0x86, (byte)0x56, (byte)0x4d, (byte)0x3a, (byte)0x14, (byte)0xd4, (byte)0x93},
+        new byte[] {
+            (byte)0x9b, (byte)0x1f, (byte)0x5b, (byte)0x42, (byte)0x4d, (byte)0x93, (byte)0xc9, (byte)0xa7,
+            (byte)0x03, (byte)0xe7, (byte)0xaa, (byte)0x02, (byte)0x0c, (byte)0x6e, (byte)0x41, (byte)0x41,
+            (byte)0x4e, (byte)0xb7, (byte)0xf8, (byte)0x71, (byte)0x9c, (byte)0x36, (byte)0xde, (byte)0x1e,
+            (byte)0x89, (byte)0xb4, (byte)0x44, (byte)0x3b, (byte)0x4d, (byte)0xdb, (byte)0xc4, (byte)0x9a,
+            (byte)0xf4, (byte)0x89, (byte)0x2b, (byte)0xcb, (byte)0x92, (byte)0x9b, (byte)0x06, (byte)0x90,
+            (byte)0x69, (byte)0xd1, (byte)0x8d, (byte)0x2b, (byte)0xd1, (byte)0xa5, (byte)0xc4, (byte)0x2f,
+            (byte)0x36, (byte)0xac, (byte)0xc2, (byte)0x35, (byte)0x59, (byte)0x51, (byte)0xa8, (byte)0xd9,
+            (byte)0xa4, (byte)0x7f, (byte)0x0d, (byte)0xd4, (byte)0xbf, (byte)0x02, (byte)0xe7, (byte)0x1e},
+         new byte[]{
+            (byte)0x37, (byte)0x8f, (byte)0x5a, (byte)0x54, (byte)0x16, (byte)0x31, (byte)0x22, (byte)0x9b,
+            (byte)0x94, (byte)0x4c, (byte)0x9a, (byte)0xd8, (byte)0xec, (byte)0x16, (byte)0x5f, (byte)0xde,
+            (byte)0x3a, (byte)0x7d, (byte)0x3a, (byte)0x1b, (byte)0x25, (byte)0x89, (byte)0x42, (byte)0x24,
+            (byte)0x3c, (byte)0xd9, (byte)0x55, (byte)0xb7, (byte)0xe0, (byte)0x0d, (byte)0x09, (byte)0x84,
+            (byte)0x80, (byte)0x0a, (byte)0x44, (byte)0x0b, (byte)0xdb, (byte)0xb2, (byte)0xce, (byte)0xb1,
+            (byte)0x7b, (byte)0x2b, (byte)0x8a, (byte)0x9a, (byte)0xa6, (byte)0x07, (byte)0x9c, (byte)0x54,
+            (byte)0x0e, (byte)0x38, (byte)0xdc, (byte)0x92, (byte)0xcb, (byte)0x1f, (byte)0x2a, (byte)0x60,
+            (byte)0x72, (byte)0x61, (byte)0x44, (byte)0x51, (byte)0x83, (byte)0x23, (byte)0x5a, (byte)0xdb},
+        new byte[] {
+            (byte)0xab, (byte)0xbe, (byte)0xde, (byte)0xa6, (byte)0x80, (byte)0x05, (byte)0x6f, (byte)0x52,
+            (byte)0x38, (byte)0x2a, (byte)0xe5, (byte)0x48, (byte)0xb2, (byte)0xe4, (byte)0xf3, (byte)0xf3,
+            (byte)0x89, (byte)0x41, (byte)0xe7, (byte)0x1c, (byte)0xff, (byte)0x8a, (byte)0x78, (byte)0xdb,
+            (byte)0x1f, (byte)0xff, (byte)0xe1, (byte)0x8a, (byte)0x1b, (byte)0x33, (byte)0x61, (byte)0x03,
+            (byte)0x9f, (byte)0xe7, (byte)0x67, (byte)0x02, (byte)0xaf, (byte)0x69, (byte)0x33, (byte)0x4b,
+            (byte)0x7a, (byte)0x1e, (byte)0x6c, (byte)0x30, (byte)0x3b, (byte)0x76, (byte)0x52, (byte)0xf4,
+            (byte)0x36, (byte)0x98, (byte)0xfa, (byte)0xd1, (byte)0x15, (byte)0x3b, (byte)0xb6, (byte)0xc3,
+            (byte)0x74, (byte)0xb4, (byte)0xc7, (byte)0xfb, (byte)0x98, (byte)0x45, (byte)0x9c, (byte)0xed},
+        new byte[] {
+            (byte)0x7b, (byte)0xcd, (byte)0x9e, (byte)0xd0, (byte)0xef, (byte)0xc8, (byte)0x89, (byte)0xfb,
+            (byte)0x30, (byte)0x02, (byte)0xc6, (byte)0xcd, (byte)0x63, (byte)0x5a, (byte)0xfe, (byte)0x94,
+            (byte)0xd8, (byte)0xfa, (byte)0x6b, (byte)0xbb, (byte)0xeb, (byte)0xab, (byte)0x07, (byte)0x61,
+            (byte)0x20, (byte)0x01, (byte)0x80, (byte)0x21, (byte)0x14, (byte)0x84, (byte)0x66, (byte)0x79,
+            (byte)0x8a, (byte)0x1d, (byte)0x71, (byte)0xef, (byte)0xea, (byte)0x48, (byte)0xb9, (byte)0xca,
+            (byte)0xef, (byte)0xba, (byte)0xcd, (byte)0x1d, (byte)0x7d, (byte)0x47, (byte)0x6e, (byte)0x98,
+            (byte)0xde, (byte)0xa2, (byte)0x59, (byte)0x4a, (byte)0xc0, (byte)0x6f, (byte)0xd8, (byte)0x5d,
+            (byte)0x6b, (byte)0xca, (byte)0xa4, (byte)0xcd, (byte)0x81, (byte)0xf3, (byte)0x2d, (byte)0x1b},
+        new byte[] {
+            (byte)0x37, (byte)0x8e, (byte)0xe7, (byte)0x67, (byte)0xf1, (byte)0x16, (byte)0x31, (byte)0xba,
+            (byte)0xd2, (byte)0x13, (byte)0x80, (byte)0xb0, (byte)0x04, (byte)0x49, (byte)0xb1, (byte)0x7a,
+            (byte)0xcd, (byte)0xa4, (byte)0x3c, (byte)0x32, (byte)0xbc, (byte)0xdf, (byte)0x1d, (byte)0x77,
+            (byte)0xf8, (byte)0x20, (byte)0x12, (byte)0xd4, (byte)0x30, (byte)0x21, (byte)0x9f, (byte)0x9b,
+            (byte)0x5d, (byte)0x80, (byte)0xef, (byte)0x9d, (byte)0x18, (byte)0x91, (byte)0xcc, (byte)0x86,
+            (byte)0xe7, (byte)0x1d, (byte)0xa4, (byte)0xaa, (byte)0x88, (byte)0xe1, (byte)0x28, (byte)0x52,
+            (byte)0xfa, (byte)0xf4, (byte)0x17, (byte)0xd5, (byte)0xd9, (byte)0xb2, (byte)0x1b, (byte)0x99,
+            (byte)0x48, (byte)0xbc, (byte)0x92, (byte)0x4a, (byte)0xf1, (byte)0x1b, (byte)0xd7, (byte)0x20}
+    };
+
+        private  static readonly byte[] Zero = {
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    };
+
+        private readonly static ulong[][] T = {
+       new ulong[] {
+            0xE6F87E5C5B711FD0L, 0x258377800924FA16L, 0xC849E07E852EA4A8L, 0x5B4686A18F06C16AL,
+            0x0B32E9A2D77B416EL, 0xABDA37A467815C66L, 0xF61796A81A686676L, 0xF5DC0B706391954BL,
+            0x4862F38DB7E64BF1L, 0xFF5C629A68BD85C5L, 0xCB827DA6FCD75795L, 0x66D36DAF69B9F089L,
+            0x356C9F74483D83B0L, 0x7CBCECB1238C99A1L, 0x36A702AC31C4708DL, 0x9EB6A8D02FBCDFD6L,
+            0x8B19FA51E5B3AE37L, 0x9CCFB5408A127D0BL, 0xBC0C78B508208F5AL, 0xE533E3842288ECEDL,
+            0xCEC2C7D377C15FD2L, 0xEC7817B6505D0F5EL, 0xB94CC2C08336871DL, 0x8C205DB4CB0B04ADL,
+            0x763C855B28A0892FL, 0x588D1B79F6FF3257L, 0x3FECF69E4311933EL, 0x0FC0D39F803A18C9L,
+            0xEE010A26F5F3AD83L, 0x10EFE8F4411979A6L, 0x5DCDA10C7DE93A10L, 0x4A1BEE1D1248E92CL,
+            0x53BFF2DB21847339L, 0xB4F50CCFA6A23D09L, 0x5FB4BC9CD84798CDL, 0xE88A2D8B071C56F9L,
+            0x7F7771695A756A9CL, 0xC5F02E71A0BA1EBCL, 0xA663F9AB4215E672L, 0x2EB19E22DE5FBB78L,
+            0x0DB9CE0F2594BA14L, 0x82520E6397664D84L, 0x2F031E6A0208EA98L, 0x5C7F2144A1BE6BF0L,
+            0x7A37CB1CD16362DBL, 0x83E08E2B4B311C64L, 0xCF70479BAB960E32L, 0x856BA986B9DEE71EL,
+            0xB5478C877AF56CE9L, 0xB8FE42885F61D6FDL, 0x1BDD0156966238C8L, 0x622157923EF8A92EL,
+            0xFC97FF42114476F8L, 0x9D7D350856452CEBL, 0x4C90C9B0E0A71256L, 0x2308502DFBCB016CL,
+            0x2D7A03FAA7A64845L, 0xF46E8B38BFC6C4ABL, 0xBDBEF8FDD477DEBAL, 0x3AAC4CEBC8079B79L,
+            0xF09CB105E8879D0CL, 0x27FA6A10AC8A58CBL, 0x8960E7C1401D0CEAL, 0x1A6F811E4A356928L,
+            0x90C4FB0773D196FFL, 0x43501A2F609D0A9FL, 0xF7A516E0C63F3796L, 0x1CE4A6B3B8DA9252L,
+            0x1324752C38E08A9BL, 0xA5A864733BEC154FL, 0x2BF124575549B33FL, 0xD766DB15440DC5C7L,
+            0xA7D179E39E42B792L, 0xDADF151A61997FD3L, 0x86A0345EC0271423L, 0x38D5517B6DA939A4L,
+            0x6518F077104003B4L, 0x02791D90A5AEA2DDL, 0x88D267899C4A5D0AL, 0x930F66DF0A2865C2L,
+            0x4EE9D4204509B08BL, 0x325538916685292AL, 0x412907BFC533A842L, 0xB27E2B62544DC673L,
+            0x6C5304456295E007L, 0x5AF406E95351908AL, 0x1F2F3B6BC123616FL, 0xC37B09DC5255E5C6L,
+            0x3967D133B1FE6844L, 0x298839C7F0E711E2L, 0x409B87F71964F9A2L, 0xE938ADC3DB4B0719L,
+            0x0C0B4E47F9C3EBF4L, 0x5534D576D36B8843L, 0x4610A05AEB8B02D8L, 0x20C3CDF58232F251L,
+            0x6DE1840DBEC2B1E7L, 0xA0E8DE06B0FA1D08L, 0x7B854B540D34333BL, 0x42E29A67BCCA5B7FL,
+            0xD8A6088AC437DD0EL, 0xC63BB3A9D943ED81L, 0x21714DBD5E65A3B1L, 0x6761EDE7B5EEA169L,
+            0x2431F7C8D573ABF6L, 0xD51FC685E1A3671AL, 0x5E063CD40410C92DL, 0x283AB98F2CB04002L,
+            0x8FEBC06CB2F2F790L, 0x17D64F116FA1D33CL, 0xE07359F1A99EE4AAL, 0x784ED68C74CDC006L,
+            0x6E2A19D5C73B42DAL, 0x8712B4161C7045C3L, 0x371582E4ED93216DL, 0xACE390414939F6FCL,
+            0x7EC5F12186223B7CL, 0xC0B094042BAC16FBL, 0xF9D745379A527EBFL, 0x737C3F2EA3B68168L,
+            0x33E7B8D9BAD278CAL, 0xA9A32A34C22FFEBBL, 0xE48163CCFEDFBD0DL, 0x8E5940246EA5A670L,
+            0x51C6EF4B842AD1E4L, 0x22BAD065279C508CL, 0xD91488C218608CEEL, 0x319EA5491F7CDA17L,
+            0xD394E128134C9C60L, 0x094BF43272D5E3B3L, 0x9BF612A5A4AAD791L, 0xCCBBDA43D26FFD0FL,
+            0x34DE1F3C946AD250L, 0x4F5B5468995EE16BL, 0xDF9FAF6FEA8F7794L, 0x2648EA5870DD092BL,
+            0xBFC7E56D71D97C67L, 0xDDE6B2FF4F21D549L, 0x3C276B463AE86003L, 0x91767B4FAF86C71FL,
+            0x68A13E7835D4B9A0L, 0xB68C115F030C9FD4L, 0x141DD2C916582001L, 0x983D8F7DDD5324ACL,
+            0x64AA703FCC175254L, 0xC2C989948E02B426L, 0x3E5E76D69F46C2DEL, 0x50746F03587D8004L,
+            0x45DB3D829272F1E5L, 0x60584A029B560BF3L, 0xFBAE58A73FFCDC62L, 0xA15A5E4E6CAD4CE8L,
+            0x4BA96E55CE1FB8CCL, 0x08F9747AAE82B253L, 0xC102144CF7FB471BL, 0x9F042898F3EB8E36L,
+            0x068B27ADF2EFFB7AL, 0xEDCA97FE8C0A5EBEL, 0x778E0513F4F7D8CFL, 0x302C2501C32B8BF7L,
+            0x8D92DDFC175C554DL, 0xF865C57F46052F5FL, 0xEAF3301BA2B2F424L, 0xAA68B7ECBBD60D86L,
+            0x998F0F350104754CL, 0x0000000000000000L, 0xF12E314D34D0CCECL, 0x710522BE061823B5L,
+            0xAF280D9930C005C1L, 0x97FD5CE25D693C65L, 0x19A41CC633CC9A15L, 0x95844172F8C79EB8L,
+            0xDC5432B7937684A9L, 0x9436C13A2490CF58L, 0x802B13F332C8EF59L, 0xC442AE397CED4F5CL,
+            0xFA1CD8EFE3AB8D82L, 0xF2E5AC954D293FD1L, 0x6AD823E8907A1B7DL, 0x4D2249F83CF043B6L,
+            0x03CB9DD879F9F33DL, 0xDE2D2F2736D82674L, 0x2A43A41F891EE2DFL, 0x6F98999D1B6C133AL,
+            0xD4AD46CD3DF436FAL, 0xBB35DF50269825C0L, 0x964FDCAA813E6D85L, 0xEB41B0537EE5A5C4L,
+            0x0540BA758B160847L, 0xA41AE43BE7BB44AFL, 0xE3B8C429D0671797L, 0x819993BBEE9FBEB9L,
+            0xAE9A8DD1EC975421L, 0xF3572CDD917E6E31L, 0x6393D7DAE2AFF8CEL, 0x47A2201237DC5338L,
+            0xA32343DEC903EE35L, 0x79FC56C4A89A91E6L, 0x01B28048DC5751E0L, 0x1296F564E4B7DB7BL,
+            0x75F7188351597A12L, 0xDB6D9552BDCE2E33L, 0x1E9DBB231D74308FL, 0x520D7293FDD322D9L,
+            0xE20A44610C304677L, 0xFEEEE2D2B4EAD425L, 0xCA30FDEE20800675L, 0x61EACA4A47015A13L,
+            0xE74AFE1487264E30L, 0x2CC883B27BF119A5L, 0x1664CF59B3F682DCL, 0xA811AA7C1E78AF5BL,
+            0x1D5626FB648DC3B2L, 0xB73E9117DF5BCE34L, 0xD05F7CF06AB56F5DL, 0xFD257F0ACD132718L,
+            0x574DC8E676C52A9EL, 0x0739A7E52EB8AA9AL, 0x5486553E0F3CD9A3L, 0x56FF48AEAA927B7EL,
+            0xBE756525AD8E2D87L, 0x7D0E6CF9FFDBC841L, 0x3B1ECCA31450CA99L, 0x6913BE30E983E840L,
+            0xAD511009956EA71CL, 0xB1B5B6BA2DB4354EL, 0x4469BDCA4E25A005L, 0x15AF5281CA0F71E1L,
+            0x744598CB8D0E2BF2L, 0x593F9B312AA863B7L, 0xEFB38A6E29A4FC63L, 0x6B6AA3A04C2D4A9DL,
+            0x3D95EB0EE6BF31E3L, 0xA291C3961554BFD5L, 0x18169C8EEF9BCBF5L, 0x115D68BC9D4E2846L,
+            0xBA875F18FACF7420L, 0xD1EDFCB8B6E23EBDL, 0xB00736F2F1E364AEL, 0x84D929CE6589B6FEL,
+            0x70B7A2F6DA4F7255L, 0x0E7253D75C6D4929L, 0x04F23A3D574159A7L, 0x0A8069EA0B2C108EL,
+            0x49D073C56BB11A11L, 0x8AAB7A1939E4FFD7L, 0xCD095A0B0E38ACEFL, 0xC9FB60365979F548L,
+            0x92BDE697D67F3422L, 0xC78933E10514BC61L, 0xE1C1D9B975C9B54AL, 0xD2266160CF1BCD80L,
+            0x9A4492ED78FD8671L, 0xB3CCAB2A881A9793L, 0x72CEBF667FE1D088L, 0xD6D45B5D985A9427L
+        },
+        new ulong[]{
+            0xC811A8058C3F55DEL, 0x65F5B43196B50619L, 0xF74F96B1D6706E43L, 0x859D1E8BCB43D336L,
+            0x5AAB8A85CCFA3D84L, 0xF9C7BF99C295FCFDL, 0xA21FD5A1DE4B630FL, 0xCDB3EF763B8B456DL,
+            0x803F59F87CF7C385L, 0xB27C73BE5F31913CL, 0x98E3AC6633B04821L, 0xBF61674C26B8F818L,
+            0x0FFBC995C4C130C8L, 0xAAA0862010761A98L, 0x6057F342210116AAL, 0xF63C760C0654CC35L,
+            0x2DDB45CC667D9042L, 0xBCF45A964BD40382L, 0x68E8A0C3EF3C6F3DL, 0xA7BD92D269FF73BCL,
+            0x290AE20201ED2287L, 0xB7DE34CDE885818FL, 0xD901EEA7DD61059BL, 0xD6FA273219A03553L,
+            0xD56F1AE874CCCEC9L, 0xEA31245C2E83F554L, 0x7034555DA07BE499L, 0xCE26D2AC56E7BEF7L,
+            0xFD161857A5054E38L, 0x6A0E7DA4527436D1L, 0x5BD86A381CDE9FF2L, 0xCAF7756231770C32L,
+            0xB09AAED9E279C8D0L, 0x5DEF1091C60674DBL, 0x111046A2515E5045L, 0x23536CE4729802FCL,
+            0xC50CBCF7F5B63CFAL, 0x73A16887CD171F03L, 0x7D2941AFD9F28DBDL, 0x3F5E3EB45A4F3B9DL,
+            0x84EEFE361B677140L, 0x3DB8E3D3E7076271L, 0x1A3A28F9F20FD248L, 0x7EBC7C75B49E7627L,
+            0x74E5F293C7EB565CL, 0x18DCF59E4F478BA4L, 0x0C6EF44FA9ADCB52L, 0xC699812D98DAC760L,
+            0x788B06DC6E469D0EL, 0xFC65F8EA7521EC4EL, 0x30A5F7219E8E0B55L, 0x2BEC3F65BCA57B6BL,
+            0xDDD04969BAF1B75EL, 0x99904CDBE394EA57L, 0x14B201D1E6EA40F6L, 0xBBB0C08241284ADDL,
+            0x50F20463BF8F1DFFL, 0xE8D7F93B93CBACB8L, 0x4D8CB68E477C86E8L, 0xC1DD1B3992268E3FL,
+            0x7C5AA11209D62FCBL, 0x2F3D98ABDB35C9AEL, 0x671369562BFD5FF5L, 0x15C1E16C36CEE280L,
+            0x1D7EB2EDF8F39B17L, 0xDA94D37DB00DFE01L, 0x877BC3EC760B8ADAL, 0xCB8495DFE153AE44L,
+            0x05A24773B7B410B3L, 0x12857B783C32ABDFL, 0x8EB770D06812513BL, 0x536739B9D2E3E665L,
+            0x584D57E271B26468L, 0xD789C78FC9849725L, 0xA935BBFA7D1AE102L, 0x8B1537A3DFA64188L,
+            0xD0CD5D9BC378DE7AL, 0x4AC82C9A4D80CFB7L, 0x42777F1B83BDB620L, 0x72D2883A1D33BD75L,
+            0x5E7A2D4BAB6A8F41L, 0xF4DAAB6BBB1C95D9L, 0x905CFFE7FD8D31B6L, 0x83AA6422119B381FL,
+            0xC0AEFB8442022C49L, 0xA0F908C663033AE3L, 0xA428AF0804938826L, 0xADE41C341A8A53C7L,
+            0xAE7121EE77E6A85DL, 0xC47F5C4A25929E8CL, 0xB538E9AA55CDD863L, 0x06377AA9DAD8EB29L,
+            0xA18AE87BB3279895L, 0x6EDFDA6A35E48414L, 0x6B7D9D19825094A7L, 0xD41CFA55A4E86CBFL,
+            0xE5CAEDC9EA42C59CL, 0xA36C351C0E6FC179L, 0x5181E4DE6FABBF89L, 0xFFF0C530184D17D4L,
+            0x9D41EB1584045892L, 0x1C0D525028D73961L, 0xF178EC180CA8856AL, 0x9A0571018EF811CDL,
+            0x4091A27C3EF5EFCCL, 0x19AF15239F6329D2L, 0x347450EFF91EB990L, 0xE11B4A078DD27759L,
+            0xB9561DE5FC601331L, 0x912F1F5A2DA993C0L, 0x1654DCB65BA2191AL, 0x3E2DDE098A6B99EBL,
+            0x8A66D71E0F82E3FEL, 0x8C51ADB7D55A08D7L, 0x4533E50F8941FF7FL, 0x02E6DD67BD4859ECL,
+            0xE068AABA5DF6D52FL, 0xC24826E3FF4A75A5L, 0x6C39070D88ACDDF8L, 0x6486548C4691A46FL,
+            0xD1BEBD26135C7C0CL, 0xB30F93038F15334AL, 0x82D9849FC1BF9A69L, 0x9C320BA85420FAE4L,
+            0xFA528243AFF90767L, 0x9ED4D6CFE968A308L, 0xB825FD582C44B147L, 0x9B7691BC5EDCB3BBL,
+            0xC7EA619048FE6516L, 0x1063A61F817AF233L, 0x47D538683409A693L, 0x63C2CE984C6DED30L,
+            0x2A9FDFD86C81D91DL, 0x7B1E3B06032A6694L, 0x666089EBFBD9FD83L, 0x0A598EE67375207BL,
+            0x07449A140AFC495FL, 0x2CA8A571B6593234L, 0x1F986F8A45BBC2FBL, 0x381AA4A050B372C2L,
+            0x5423A3ADD81FAF3AL, 0x17273C0B8B86BB6CL, 0xFE83258DC869B5A2L, 0x287902BFD1C980F1L,
+            0xF5A94BD66B3837AFL, 0x88800A79B2CABA12L, 0x55504310083B0D4CL, 0xDF36940E07B9EEB2L,
+            0x04D1A7CE6790B2C5L, 0x612413FFF125B4DCL, 0x26F12B97C52C124FL, 0x86082351A62F28ACL,
+            0xEF93632F9937E5E7L, 0x3507B052293A1BE6L, 0xE72C30AE570A9C70L, 0xD3586041AE1425E0L,
+            0xDE4574B3D79D4CC4L, 0x92BA228040C5685AL, 0xF00B0CA5DC8C271CL, 0xBE1287F1F69C5A6EL,
+            0xF39E317FB1E0DC86L, 0x495D114020EC342DL, 0x699B407E3F18CD4BL, 0xDCA3A9D46AD51528L,
+            0x0D1D14F279896924L, 0x0000000000000000L, 0x593EB75FA196C61EL, 0x2E4E78160B116BD8L,
+            0x6D4AE7B058887F8EL, 0xE65FD013872E3E06L, 0x7A6DDBBBD30EC4E2L, 0xAC97FC89CAAEF1B1L,
+            0x09CCB33C1E19DBE1L, 0x89F3EAC462EE1864L, 0x7770CF49AA87ADC6L, 0x56C57ECA6557F6D6L,
+            0x03953DDA6D6CFB9AL, 0x36928D884456E07CL, 0x1EEB8F37959F608DL, 0x31D6179C4EAAA923L,
+            0x6FAC3AD7E5C02662L, 0x43049FA653991456L, 0xABD3669DC052B8EEL, 0xAF02C153A7C20A2BL,
+            0x3CCB036E3723C007L, 0x93C9C23D90E1CA2CL, 0xC33BC65E2F6ED7D3L, 0x4CFF56339758249EL,
+            0xB1E94E64325D6AA6L, 0x37E16D359472420AL, 0x79F8E661BE623F78L, 0x5214D90402C74413L,
+            0x482EF1FDF0C8965BL, 0x13F69BC5EC1609A9L, 0x0E88292814E592BEL, 0x4E198B542A107D72L,
+            0xCCC00FCBEBAFE71BL, 0x1B49C844222B703EL, 0x2564164DA840E9D5L, 0x20C6513E1FF4F966L,
+            0xBAC3203F910CE8ABL, 0xF2EDD1C261C47EF0L, 0x814CB945ACD361F3L, 0x95FEB8944A392105L,
+            0x5C9CF02C1622D6ADL, 0x971865F3F77178E9L, 0xBD87BA2B9BF0A1F4L, 0x444005B259655D09L,
+            0xED75BE48247FBC0BL, 0x7596122E17CFF42AL, 0xB44B091785E97A15L, 0x966B854E2755DA9FL,
+            0xEEE0839249134791L, 0x32432A4623C652B9L, 0xA8465B47AD3E4374L, 0xF8B45F2412B15E8BL,
+            0x2417F6F078644BA3L, 0xFB2162FE7FDDA511L, 0x4BBBCC279DA46DC1L, 0x0173E0BDD024A276L,
+            0x22208C59A2BCA08AL, 0x8FC4906DB836F34DL, 0xE4B90D743A6667EAL, 0x7147B5E0705F46EFL,
+            0x2782CB2A1508B039L, 0xEC065EF5F45B1E7DL, 0x21B5B183CFD05B10L, 0xDBE733C060295C77L,
+            0x9FA73672394C017EL, 0xCF55321186C31C81L, 0xD8720E1A0D45A7EDL, 0x3B8F997A3DDF8958L,
+            0x3AFC79C7EDFB2B2EL, 0xE9A4198643EF0ECEL, 0x5F09CDF67B4E2D37L, 0x4F6A6BE9FA34DF04L,
+            0xB6ADD47038A123F9L, 0x8D224D0A057EAAA1L, 0xC96248B85C1BF7A8L, 0xE3FD9760309A2EB5L,
+            0x0B2A6E5BA351820DL, 0xEB42C4E1FEA75722L, 0x948D58299A1D8373L, 0x7FCF9CC864BAD451L,
+            0xA55B4FB5D4B72A50L, 0x08BF5381CE3D7997L, 0x46A6D8D5E42D04E5L, 0xD22B80FC7E308796L,
+            0x57B69E77B57354A0L, 0x3969441D8097D0B4L, 0x3330CAFBF3E2F0CFL, 0xE28E77DDE0BE8CC3L,
+            0x62B12E259C494F46L, 0xA6CE726FB9DBD1CAL, 0x41E242C1EED14DBAL, 0x76032FF47AA30FB0L
+        },
+        new ulong[]{
+            0x45B268A93ACDE4CCL, 0xAF7F0BE884549D08L, 0x048354B3C1468263L, 0x925435C2C80EFED2L,
+            0xEE4E37F27FDFFBA7L, 0x167A33920C60F14DL, 0xFB123B52EA03E584L, 0x4A0CAB53FDBB9007L,
+            0x9DEAF6380F788A19L, 0xCB48EC558F0CB32AL, 0xB59DC4B2D6FEF7E0L, 0xDCDBCA22F4F3ECB6L,
+            0x11DF5813549A9C40L, 0xE33FDEDF568ACED3L, 0xA0C1C8124322E9C3L, 0x07A56B8158FA6D0DL,
+            0x77279579B1E1F3DDL, 0xD9B18B74422AC004L, 0xB8EC2D9FFFABC294L, 0xF4ACF8A82D75914FL,
+            0x7BBF69B1EF2B6878L, 0xC4F62FAF487AC7E1L, 0x76CE809CC67E5D0CL, 0x6711D88F92E4C14CL,
+            0x627B99D9243DEDFEL, 0x234AA5C3DFB68B51L, 0x909B1F15262DBF6DL, 0x4F66EA054B62BCB5L,
+            0x1AE2CF5A52AA6AE8L, 0xBEA053FBD0CE0148L, 0xED6808C0E66314C9L, 0x43FE16CD15A82710L,
+            0xCD049231A06970F6L, 0xE7BC8A6C97CC4CB0L, 0x337CE835FCB3B9C0L, 0x65DEF2587CC780F3L,
+            0x52214EDE4132BB50L, 0x95F15E4390F493DFL, 0x870839625DD2E0F1L, 0x41313C1AFB8B66AFL,
+            0x91720AF051B211BCL, 0x477D427ED4EEA573L, 0x2E3B4CEEF6E3BE25L, 0x82627834EB0BCC43L,
+            0x9C03E3DD78E724C8L, 0x2877328AD9867DF9L, 0x14B51945E243B0F2L, 0x574B0F88F7EB97E2L,
+            0x88B6FA989AA4943AL, 0x19C4F068CB168586L, 0x50EE6409AF11FAEFL, 0x7DF317D5C04EABA4L,
+            0x7A567C5498B4C6A9L, 0xB6BBFB804F42188EL, 0x3CC22BCF3BC5CD0BL, 0xD04336EAAA397713L,
+            0xF02FAC1BEC33132CL, 0x2506DBA7F0D3488DL, 0xD7E65D6BF2C31A1EL, 0x5EB9B2161FF820F5L,
+            0x842E0650C46E0F9FL, 0x716BEB1D9E843001L, 0xA933758CAB315ED4L, 0x3FE414FDA2792265L,
+            0x27C9F1701EF00932L, 0x73A4C1CA70A771BEL, 0x94184BA6E76B3D0EL, 0x40D829FF8C14C87EL,
+            0x0FBEC3FAC77674CBL, 0x3616A9634A6A9572L, 0x8F139119C25EF937L, 0xF545ED4D5AEA3F9EL,
+            0xE802499650BA387BL, 0x6437E7BD0B582E22L, 0xE6559F89E053E261L, 0x80AD52E305288DFCL,
+            0x6DC55A23E34B9935L, 0xDE14E0F51AD0AD09L, 0xC6390578A659865EL, 0x96D7617109487CB1L,
+            0xE2D6CB3A21156002L, 0x01E915E5779FAED1L, 0xADB0213F6A77DCB7L, 0x9880B76EB9A1A6ABL,
+            0x5D9F8D248644CF9BL, 0xFD5E4536C5662658L, 0xF1C6B9FE9BACBDFDL, 0xEACD6341BE9979C4L,
+            0xEFA7221708405576L, 0x510771ECD88E543EL, 0xC2BA51CB671F043DL, 0x0AD482AC71AF5879L,
+            0xFE787A045CDAC936L, 0xB238AF338E049AEDL, 0xBD866CC94972EE26L, 0x615DA6EBBD810290L,
+            0x3295FDD08B2C1711L, 0xF834046073BF0AEAL, 0xF3099329758FFC42L, 0x1CAEB13E7DCFA934L,
+            0xBA2307481188832BL, 0x24EFCE42874CE65CL, 0x0E57D61FB0E9DA1AL, 0xB3D1BAD6F99B343CL,
+            0xC0757B1C893C4582L, 0x2B510DB8403A9297L, 0x5C7698C1F1DB614AL, 0x3E0D0118D5E68CB4L,
+            0xD60F488E855CB4CFL, 0xAE961E0DF3CB33D9L, 0x3A8E55AB14A00ED7L, 0x42170328623789C1L,
+            0x838B6DD19C946292L, 0x895FEF7DED3B3AEBL, 0xCFCBB8E64E4A3149L, 0x064C7E642F65C3DCL,
+            0x3D2B3E2A4C5A63DAL, 0x5BD3F340A9210C47L, 0xB474D157A1615931L, 0xAC5934DA1DE87266L,
+            0x6EE365117AF7765BL, 0xC86ED36716B05C44L, 0x9BA6885C201D49C5L, 0xB905387A88346C45L,
+            0x131072C4BAB9DDFFL, 0xBF49461EA751AF99L, 0xD52977BC1CE05BA1L, 0xB0F785E46027DB52L,
+            0x546D30BA6E57788CL, 0x305AD707650F56AEL, 0xC987C682612FF295L, 0xA5AB8944F5FBC571L,
+            0x7ED528E759F244CAL, 0x8DDCBBCE2C7DB888L, 0xAA154ABE328DB1BAL, 0x1E619BE993ECE88BL,
+            0x09F2BD9EE813B717L, 0x7401AA4B285D1CB3L, 0x21858F143195CAEEL, 0x48C381841398D1B8L,
+            0xFCB750D3B2F98889L, 0x39A86A998D1CE1B9L, 0x1F888E0CE473465AL, 0x7899568376978716L,
+            0x02CF2AD7EE2341BFL, 0x85C713B5B3F1A14EL, 0xFF916FE12B4567E7L, 0x7C1A0230B7D10575L,
+            0x0C98FCC85ECA9BA5L, 0xA3E7F720DA9E06ADL, 0x6A6031A2BBB1F438L, 0x973E74947ED7D260L,
+            0x2CF4663918C0FF9AL, 0x5F50A7F368678E24L, 0x34D983B4A449D4CDL, 0x68AF1B755592B587L,
+            0x7F3C3D022E6DEA1BL, 0xABFC5F5B45121F6BL, 0x0D71E92D29553574L, 0xDFFDF5106D4F03D8L,
+            0x081BA87B9F8C19C6L, 0xDB7EA1A3AC0981BBL, 0xBBCA12AD66172DFAL, 0x79704366010829C7L,
+            0x179326777BFF5F9CL, 0x0000000000000000L, 0xEB2476A4C906D715L, 0x724DD42F0738DF6FL,
+            0xB752EE6538DDB65FL, 0x37FFBC863DF53BA3L, 0x8EFA84FCB5C157E6L, 0xE9EB5C73272596AAL,
+            0x1B0BDABF2535C439L, 0x86E12C872A4D4E20L, 0x9969A28BCE3E087AL, 0xFAFB2EB79D9C4B55L,
+            0x056A4156B6D92CB2L, 0x5A3AE6A5DEBEA296L, 0x22A3B026A8292580L, 0x53C85B3B36AD1581L,
+            0xB11E900117B87583L, 0xC51F3A4A3FE56930L, 0xE019E1EDCF3621BDL, 0xEC811D2591FCBA18L,
+            0x445B7D4C4D524A1DL, 0xA8DA6069DCAEF005L, 0x58F5CC72309DE329L, 0xD4C062596B7FF570L,
+            0xCE22AD0339D59F98L, 0x591CD99747024DF8L, 0x8B90C5AA03187B54L, 0xF663D27FC356D0F0L,
+            0xD8589E9135B56ED5L, 0x35309651D3D67A1CL, 0x12F96721CD26732EL, 0xD28C1C3D441A36ACL,
+            0x492A946164077F69L, 0x2D1D73DC6F5F514BL, 0x6F0A70F40D68D88AL, 0x60B4B30ECA1EAC41L,
+            0xD36509D83385987DL, 0x0B3D97490630F6A8L, 0x9ECCC90A96C46577L, 0xA20EE2C5AD01A87CL,
+            0xE49AB55E0E70A3DEL, 0xA4429CA182646BA0L, 0xDA97B446DB962F6AL, 0xCCED87D4D7F6DE27L,
+            0x2AB8185D37A53C46L, 0x9F25DCEFE15BCBA6L, 0xC19C6EF9FEA3EB53L, 0xA764A3931BD884CEL,
+            0x2FD2590B817C10F4L, 0x56A21A6D80743933L, 0xE573A0BB79EF0D0FL, 0x155C0CA095DC1E23L,
+            0x6C2C4FC694D437E4L, 0x10364DF623053291L, 0xDD32DFC7836C4267L, 0x03263F3299BCEF6EL,
+            0x66F8CD6AE57B6F9DL, 0x8C35AE2B5BE21659L, 0x31B3C2E21290F87FL, 0x93BD2027BF915003L,
+            0x69460E90220D1B56L, 0x299E276FAE19D328L, 0x63928C3C53A2432FL, 0x7082FEF8E91B9ED0L,
+            0xBC6F792C3EED40F7L, 0x4C40D537D2DE53DBL, 0x75E8BFAE5FC2B262L, 0x4DA9C0D2A541FD0AL,
+            0x4E8FFFE03CFD1264L, 0x2620E495696FA7E3L, 0xE1F0F408B8A98F6CL, 0xD1AA230FDDA6D9C2L,
+            0xC7D0109DD1C6288FL, 0x8A79D04F7487D585L, 0x4694579BA3710BA2L, 0x38417F7CFA834F68L,
+            0x1D47A4DB0A5007E5L, 0x206C9AF1460A643FL, 0xA128DDF734BD4712L, 0x8144470672B7232DL,
+            0xF2E086CC02105293L, 0x182DE58DBC892B57L, 0xCAA1F9B0F8931DFBL, 0x6B892447CC2E5AE9L,
+            0xF9DD11850420A43BL, 0x4BE5BEB68A243ED6L, 0x5584255F19C8D65DL, 0x3B67404E633FA006L,
+            0xA68DB6766C472A1FL, 0xF78AC79AB4C97E21L, 0xC353442E1080AAECL, 0x9A4F9DB95782E714L
+        },
+       new ulong[] {
+            0x05BA7BC82C9B3220L, 0x31A54665F8B65E4FL, 0xB1B651F77547F4D4L, 0x8BFA0D857BA46682L,
+            0x85A96C5AA16A98BBL, 0x990FAEF908EB79C9L, 0xA15E37A247F4A62DL, 0x76857DCD5D27741EL,
+            0xF8C50B800A1820BCL, 0xBE65DCB201F7A2B4L, 0x666D1B986F9426E7L, 0x4CC921BF53C4E648L,
+            0x95410A0F93D9CA42L, 0x20CDCCAA647BA4EFL, 0x429A4060890A1871L, 0x0C4EA4F69B32B38BL,
+            0xCCDA362DDE354CD3L, 0x96DC23BC7C5B2FA9L, 0xC309BB68AA851AB3L, 0xD26131A73648E013L,
+            0x021DC52941FC4DB2L, 0xCD5ADAB7704BE48AL, 0xA77965D984ED71E6L, 0x32386FD61734BBA4L,
+            0xE82D6DD538AB7245L, 0x5C2147EA6177B4B1L, 0x5DA1AB70CF091CE8L, 0xAC907FCE72B8BDFFL,
+            0x57C85DFD972278A8L, 0xA4E44C6A6B6F940DL, 0x3851995B4F1FDFE4L, 0x62578CCAED71BC9EL,
+            0xD9882BB0C01D2C0AL, 0x917B9D5D113C503BL, 0xA2C31E11A87643C6L, 0xE463C923A399C1CEL,
+            0xF71686C57EA876DCL, 0x87B4A973E096D509L, 0xAF0D567D9D3A5814L, 0xB40C2A3F59DCC6F4L,
+            0x3602F88495D121DDL, 0xD3E1DD3D9836484AL, 0xF945E71AA46688E5L, 0x7518547EB2A591F5L,
+            0x9366587450C01D89L, 0x9EA81018658C065BL, 0x4F54080CBC4603A3L, 0x2D0384C65137BF3DL,
+            0xDC325078EC861E2AL, 0xEA30A8FC79573FF7L, 0x214D2030CA050CB6L, 0x65F0322B8016C30CL,
+            0x69BE96DD1B247087L, 0xDB95EE9981E161B8L, 0xD1FC1814D9CA05F8L, 0x820ED2BBCC0DE729L,
+            0x63D76050430F14C7L, 0x3BCCB0E8A09D3A0FL, 0x8E40764D573F54A2L, 0x39D175C1E16177BDL,
+            0x12F5A37C734F1F4BL, 0xAB37C12F1FDFC26DL, 0x5648B167395CD0F1L, 0x6C04ED1537BF42A7L,
+            0xED97161D14304065L, 0x7D6C67DAAB72B807L, 0xEC17FA87BA4EE83CL, 0xDFAF79CB0304FBC1L,
+            0x733F060571BC463EL, 0x78D61C1287E98A27L, 0xD07CF48E77B4ADA1L, 0xB9C262536C90DD26L,
+            0xE2449B5860801605L, 0x8FC09AD7F941FCFBL, 0xFAD8CEA94BE46D0EL, 0xA343F28B0608EB9FL,
+            0x9B126BD04917347BL, 0x9A92874AE7699C22L, 0x1B017C42C4E69EE0L, 0x3A4C5C720EE39256L,
+            0x4B6E9F5E3EA399DAL, 0x6BA353F45AD83D35L, 0xE7FEE0904C1B2425L, 0x22D009832587E95DL,
+            0x842980C00F1430E2L, 0xC6B3C0A0861E2893L, 0x087433A419D729F2L, 0x341F3DADD42D6C6FL,
+            0xEE0A3FAEFBB2A58EL, 0x4AEE73C490DD3183L, 0xAAB72DB5B1A16A34L, 0xA92A04065E238FDFL,
+            0x7B4B35A1686B6FCCL, 0x6A23BF6EF4A6956CL, 0x191CB96B851AD352L, 0x55D598D4D6DE351AL,
+            0xC9604DE5F2AE7EF3L, 0x1CA6C2A3A981E172L, 0xDE2F9551AD7A5398L, 0x3025AAFF56C8F616L,
+            0x15521D9D1E2860D9L, 0x506FE31CFA45073AL, 0x189C55F12B647B0BL, 0x0180EC9AAE7EA859L,
+            0x7CEC8B40050C105EL, 0x2350E5198BF94104L, 0xEF8AD33455CC0DD7L, 0x07A7BEE16D677F92L,
+            0xE5E325B90DE76997L, 0x5A061591A26E637AL, 0xB611EF1618208B46L, 0x09F4DF3EB7A981ABL,
+            0x1EBB078AE87DACC0L, 0xB791038CB65E231FL, 0x0FD38D4574B05660L, 0x67EDF702C1EA8EBEL,
+            0xBA5F4BE0831238CDL, 0xE3C477C2CEFEBE5CL, 0x0DCE486C354C1BD2L, 0x8C5DB36416C31910L,
+            0x26EA9ED1A7627324L, 0x039D29B3EF82E5EBL, 0x9F28FC82CBF2AE02L, 0xA8AAE89CF05D2786L,
+            0x431AACFA2774B028L, 0xCF471F9E31B7A938L, 0x581BD0B8E3922EC8L, 0xBC78199B400BEF06L,
+            0x90FB71C7BF42F862L, 0x1F3BEB1046030499L, 0x683E7A47B55AD8DEL, 0x988F4263A695D190L,
+            0xD808C72A6E638453L, 0x0627527BC319D7CBL, 0xEBB04466D72997AEL, 0xE67E0C0AE2658C7CL,
+            0x14D2F107B056C880L, 0x7122C32C30400B8CL, 0x8A7AE11FD5DACEDBL, 0xA0DEDB38E98A0E74L,
+            0xAD109354DCC615A6L, 0x0BE91A17F655CC19L, 0x8DDD5FFEB8BDB149L, 0xBFE53028AF890AEDL,
+            0xD65BA6F5B4AD7A6AL, 0x7956F0882997227EL, 0x10E8665532B352F9L, 0x0E5361DFDACEFE39L,
+            0xCEC7F3049FC90161L, 0xFF62B561677F5F2EL, 0x975CCF26D22587F0L, 0x51EF0F86543BAF63L,
+            0x2F1E41EF10CBF28FL, 0x52722635BBB94A88L, 0xAE8DBAE73344F04DL, 0x410769D36688FD9AL,
+            0xB3AB94DE34BBB966L, 0x801317928DF1AA9BL, 0xA564A0F0C5113C54L, 0xF131D4BEBDB1A117L,
+            0x7F71A2F3EA8EF5B5L, 0x40878549C8F655C3L, 0x7EF14E6944F05DECL, 0xD44663DCF55137D8L,
+            0xF2ACFD0D523344FCL, 0x0000000000000000L, 0x5FBC6E598EF5515AL, 0x16CF342EF1AA8532L,
+            0xB036BD6DDB395C8DL, 0x13754FE6DD31B712L, 0xBBDFA77A2D6C9094L, 0x89E7C8AC3A582B30L,
+            0x3C6B0E09CDFA459DL, 0xC4AE0589C7E26521L, 0x49735A777F5FD468L, 0xCAFD64561D2C9B18L,
+            0xDA1502032F9FC9E1L, 0x8867243694268369L, 0x3782141E3BAF8984L, 0x9CB5D53124704BE9L,
+            0xD7DB4A6F1AD3D233L, 0xA6F989432A93D9BFL, 0x9D3539AB8A0EE3B0L, 0x53F2CAAF15C7E2D1L,
+            0x6E19283C76430F15L, 0x3DEBE2936384EDC4L, 0x5E3C82C3208BF903L, 0x33B8834CB94A13FDL,
+            0x6470DEB12E686B55L, 0x359FD1377A53C436L, 0x61CAA57902F35975L, 0x043A975282E59A79L,
+            0xFD7F70482683129CL, 0xC52EE913699CCD78L, 0x28B9FF0E7DAC8D1DL, 0x5455744E78A09D43L,
+            0xCB7D88CCB3523341L, 0x44BD121B4A13CFBAL, 0x4D49CD25FDBA4E11L, 0x3E76CB208C06082FL,
+            0x3FF627BA2278A076L, 0xC28957F204FBB2EAL, 0x453DFE81E46D67E3L, 0x94C1E6953DA7621BL,
+            0x2C83685CFF491764L, 0xF32C1197FC4DECA5L, 0x2B24D6BD922E68F6L, 0xB22B78449AC5113FL,
+            0x48F3B6EDD1217C31L, 0x2E9EAD75BEB55AD6L, 0x174FD8B45FD42D6BL, 0x4ED4E4961238ABFAL,
+            0x92E6B4EEFEBEB5D0L, 0x46A0D7320BEF8208L, 0x47203BA8A5912A51L, 0x24F75BF8E69E3E96L,
+            0xF0B1382413CF094EL, 0xFEE259FBC901F777L, 0x276A724B091CDB7DL, 0xBDF8F501EE75475FL,
+            0x599B3C224DEC8691L, 0x6D84018F99C1EAFEL, 0x7498B8E41CDB39ACL, 0xE0595E71217C5BB7L,
+            0x2AA43A273C50C0AFL, 0xF50B43EC3F543B6EL, 0x838E3E2162734F70L, 0xC09492DB4507FF58L,
+            0x72BFEA9FDFC2EE67L, 0x11688ACF9CCDFAA0L, 0x1A8190D86A9836B9L, 0x7ACBD93BC615C795L,
+            0xC7332C3A286080CAL, 0x863445E94EE87D50L, 0xF6966A5FD0D6DE85L, 0xE9AD814F96D5DA1CL,
+            0x70A22FB69E3EA3D5L, 0x0A69F68D582B6440L, 0xB8428EC9C2EE757FL, 0x604A49E3AC8DF12CL,
+            0x5B86F90B0C10CB23L, 0xE1D9B2EB8F02F3EEL, 0x29391394D3D22544L, 0xC8E0A17F5CD0D6AAL,
+            0xB58CC6A5F7A26EADL, 0x8193FB08238F02C2L, 0xD5C68F465B2F9F81L, 0xFCFF9CD288FDBAC5L,
+            0x77059157F359DC47L, 0x1D262E3907FF492BL, 0xFB582233E59AC557L, 0xDDB2BCE242F8B673L,
+            0x2577B76248E096CFL, 0x6F99C4A6D83DA74CL, 0xC1147E41EB795701L, 0xF48BAF76912A9337L
+        },
+       new ulong[] {
+            0x3EF29D249B2C0A19L, 0xE9E16322B6F8622FL, 0x5536994047757F7AL, 0x9F4D56D5A47B0B33L,
+            0x822567466AA1174CL, 0xB8F5057DEB082FB2L, 0xCC48C10BF4475F53L, 0x373088D4275DEC3AL,
+            0x968F4325180AED10L, 0x173D232CF7016151L, 0xAE4ED09F946FCC13L, 0xFD4B4741C4539873L,
+            0x1B5B3F0DD9933765L, 0x2FFCB0967B644052L, 0xE02376D20A89840CL, 0xA3AE3A70329B18D7L,
+            0x419CBD2335DE8526L, 0xFAFEBF115B7C3199L, 0x0397074F85AA9B0DL, 0xC58AD4FB4836B970L,
+            0xBEC60BE3FC4104A8L, 0x1EFF36DC4B708772L, 0x131FDC33ED8453B6L, 0x0844E33E341764D3L,
+            0x0FF11B6EAB38CD39L, 0x64351F0A7761B85AL, 0x3B5694F509CFBA0EL, 0x30857084B87245D0L,
+            0x47AFB3BD2297AE3CL, 0xF2BA5C2F6F6B554AL, 0x74BDC4761F4F70E1L, 0xCFDFC64471EDC45EL,
+            0xE610784C1DC0AF16L, 0x7ACA29D63C113F28L, 0x2DED411776A859AFL, 0xAC5F211E99A3D5EEL,
+            0xD484F949A87EF33BL, 0x3CE36CA596E013E4L, 0xD120F0983A9D432CL, 0x6BC40464DC597563L,
+            0x69D5F5E5D1956C9EL, 0x9AE95F043698BB24L, 0xC9ECC8DA66A4EF44L, 0xD69508C8A5B2EAC6L,
+            0xC40C2235C0503B80L, 0x38C193BA8C652103L, 0x1CEEC75D46BC9E8FL, 0xD331011937515AD1L,
+            0xD8E2E56886ECA50FL, 0xB137108D5779C991L, 0x709F3B6905CA4206L, 0x4FEB50831680CAEFL,
+            0xEC456AF3241BD238L, 0x58D673AFE181ABBEL, 0x242F54E7CAD9BF8CL, 0x0211F1810DCC19FDL,
+            0x90BC4DBB0F43C60AL, 0x9518446A9DA0761DL, 0xA1BFCBF13F57012AL, 0x2BDE4F8961E172B5L,
+            0x27B853A84F732481L, 0xB0B1E643DF1F4B61L, 0x18CC38425C39AC68L, 0xD2B7F7D7BF37D821L,
+            0x3103864A3014C720L, 0x14AA246372ABFA5CL, 0x6E600DB54EBAC574L, 0x394765740403A3F3L,
+            0x09C215F0BC71E623L, 0x2A58B947E987F045L, 0x7B4CDF18B477BDD8L, 0x9709B5EB906C6FE0L,
+            0x73083C268060D90BL, 0xFEDC400E41F9037EL, 0x284948C6E44BE9B8L, 0x728ECAE808065BFBL,
+            0x06330E9E17492B1AL, 0x5950856169E7294EL, 0xBAE4F4FCE6C4364FL, 0xCA7BCF95E30E7449L,
+            0x7D7FD186A33E96C2L, 0x52836110D85AD690L, 0x4DFAA1021B4CD312L, 0x913ABB75872544FAL,
+            0xDD46ECB9140F1518L, 0x3D659A6B1E869114L, 0xC23F2CABD719109AL, 0xD713FE062DD46836L,
+            0xD0A60656B2FBC1DCL, 0x221C5A79DD909496L, 0xEFD26DBCA1B14935L, 0x0E77EDA0235E4FC9L,
+            0xCBFD395B6B68F6B9L, 0x0DE0EAEFA6F4D4C4L, 0x0422FF1F1A8532E7L, 0xF969B85EDED6AA94L,
+            0x7F6E2007AEF28F3FL, 0x3AD0623B81A938FEL, 0x6624EE8B7AADA1A7L, 0xB682E8DDC856607BL,
+            0xA78CC56F281E2A30L, 0xC79B257A45FAA08DL, 0x5B4174E0642B30B3L, 0x5F638BFF7EAE0254L,
+            0x4BC9AF9C0C05F808L, 0xCE59308AF98B46AEL, 0x8FC58DA9CC55C388L, 0x803496C7676D0EB1L,
+            0xF33CAAE1E70DD7BAL, 0xBB6202326EA2B4BFL, 0xD5020F87201871CBL, 0x9D5CA754A9B712CEL,
+            0x841669D87DE83C56L, 0x8A6184785EB6739FL, 0x420BBA6CB0741E2BL, 0xF12D5B60EAC1CE47L,
+            0x76AC35F71283691CL, 0x2C6BB7D9FECEDB5FL, 0xFCCDB18F4C351A83L, 0x1F79C012C3160582L,
+            0xF0ABADAE62A74CB7L, 0xE1A5801C82EF06FCL, 0x67A21845F2CB2357L, 0x5114665F5DF04D9DL,
+            0xBF40FD2D74278658L, 0xA0393D3FB73183DAL, 0x05A409D192E3B017L, 0xA9FB28CF0B4065F9L,
+            0x25A9A22942BF3D7CL, 0xDB75E22703463E02L, 0xB326E10C5AB5D06CL, 0xE7968E8295A62DE6L,
+            0xB973F3B3636EAD42L, 0xDF571D3819C30CE5L, 0xEE549B7229D7CBC5L, 0x12992AFD65E2D146L,
+            0xF8EF4E9056B02864L, 0xB7041E134030E28BL, 0xC02EDD2ADAD50967L, 0x932B4AF48AE95D07L,
+            0x6FE6FB7BC6DC4784L, 0x239AACB755F61666L, 0x401A4BEDBDB807D6L, 0x485EA8D389AF6305L,
+            0xA41BC220ADB4B13DL, 0x753B32B89729F211L, 0x997E584BB3322029L, 0x1D683193CEDA1C7FL,
+            0xFF5AB6C0C99F818EL, 0x16BBD5E27F67E3A1L, 0xA59D34EE25D233CDL, 0x98F8AE853B54A2D9L,
+            0x6DF70AFACB105E79L, 0x795D2E99B9BBA425L, 0x8E437B6744334178L, 0x0186F6CE886682F0L,
+            0xEBF092A3BB347BD2L, 0xBCD7FA62F18D1D55L, 0xADD9D7D011C5571EL, 0x0BD3E471B1BDFFDEL,
+            0xAA6C2F808EEAFEF4L, 0x5EE57D31F6C880A4L, 0xF50FA47FF044FCA0L, 0x1ADDC9C351F5B595L,
+            0xEA76646D3352F922L, 0x0000000000000000L, 0x85909F16F58EBEA6L, 0x46294573AAF12CCCL,
+            0x0A5512BF39DB7D2EL, 0x78DBD85731DD26D5L, 0x29CFBE086C2D6B48L, 0x218B5D36583A0F9BL,
+            0x152CD2ADFACD78ACL, 0x83A39188E2C795BCL, 0xC3B9DA655F7F926AL, 0x9ECBA01B2C1D89C3L,
+            0x07B5F8509F2FA9EAL, 0x7EE8D6C926940DCFL, 0x36B67E1AAF3B6ECAL, 0x86079859702425ABL,
+            0xFB7849DFD31AB369L, 0x4C7C57CC932A51E2L, 0xD96413A60E8A27FFL, 0x263EA566C715A671L,
+            0x6C71FC344376DC89L, 0x4A4F595284637AF8L, 0xDAF314E98B20BCF2L, 0x572768C14AB96687L,
+            0x1088DB7C682EC8BBL, 0x887075F9537A6A62L, 0x2E7A4658F302C2A2L, 0x619116DBE582084DL,
+            0xA87DDE018326E709L, 0xDCC01A779C6997E8L, 0xEDC39C3DAC7D50C8L, 0xA60A33A1A078A8C0L,
+            0xC1A82BE452B38B97L, 0x3F746BEA134A88E9L, 0xA228CCBEBAFD9A27L, 0xABEAD94E068C7C04L,
+            0xF48952B178227E50L, 0x5CF48CB0FB049959L, 0x6017E0156DE48ABDL, 0x4438B4F2A73D3531L,
+            0x8C528AE649FF5885L, 0xB515EF924DFCFB76L, 0x0C661C212E925634L, 0xB493195CC59A7986L,
+            0x9CDA519A21D1903EL, 0x32948105B5BE5C2DL, 0x194ACE8CD45F2E98L, 0x438D4CA238129CDBL,
+            0x9B6FA9CABEFE39D4L, 0x81B26009EF0B8C41L, 0xDED1EBF691A58E15L, 0x4E6DA64D9EE6481FL,
+            0x54B06F8ECF13FD8AL, 0x49D85E1D01C9E1F5L, 0xAFC826511C094EE3L, 0xF698A33075EE67ADL,
+            0x5AC7822EEC4DB243L, 0x8DD47C28C199DA75L, 0x89F68337DB1CE892L, 0xCDCE37C57C21DDA3L,
+            0x530597DE503C5460L, 0x6A42F2AA543FF793L, 0x5D727A7E73621BA9L, 0xE232875307459DF1L,
+            0x56A19E0FC2DFE477L, 0xC61DD3B4CD9C227DL, 0xE5877F03986A341BL, 0x949EB2A415C6F4EDL,
+            0x6206119460289340L, 0x6380E75AE84E11B0L, 0x8BE772B6D6D0F16FL, 0x50929091D596CF6DL,
+            0xE86795EC3E9EE0DFL, 0x7CF927482B581432L, 0xC86A3E14EEC26DB4L, 0x7119CDA78DACC0F6L,
+            0xE40189CD100CB6EBL, 0x92ADBC3A028FDFF7L, 0xB2A017C2D2D3529CL, 0x200DABF8D05C8D6BL,
+            0x34A78F9BA2F77737L, 0xE3B4719D8F231F01L, 0x45BE423C2F5BB7C1L, 0xF71E55FEFD88E55DL,
+            0x6853032B59F3EE6EL, 0x65B3E9C4FF073AAAL, 0x772AC3399AE5EBECL, 0x87816E97F842A75BL,
+            0x110E2DB2E0484A4BL, 0x331277CB3DD8DEDDL, 0xBD510CAC79EB9FA5L, 0x352179552A91F5C7L
+        },
+      new ulong[]  {
+            0x8AB0A96846E06A6DL, 0x43C7E80B4BF0B33AL, 0x08C9B3546B161EE5L, 0x39F1C235EBA990BEL,
+            0xC1BEF2376606C7B2L, 0x2C209233614569AAL, 0xEB01523B6FC3289AL, 0x946953AB935ACEDDL,
+            0x272838F63E13340EL, 0x8B0455ECA12BA052L, 0x77A1B2C4978FF8A2L, 0xA55122CA13E54086L,
+            0x2276135862D3F1CDL, 0xDB8DDFDE08B76CFEL, 0x5D1E12C89E4A178AL, 0x0E56816B03969867L,
+            0xEE5F79953303ED59L, 0xAFED748BAB78D71DL, 0x6D929F2DF93E53EEL, 0xF5D8A8F8BA798C2AL,
+            0xF619B1698E39CF6BL, 0x95DDAF2F749104E2L, 0xEC2A9C80E0886427L, 0xCE5C8FD8825B95EAL,
+            0xC4E0D9993AC60271L, 0x4699C3A5173076F9L, 0x3D1B151F50A29F42L, 0x9ED505EA2BC75946L,
+            0x34665ACFDC7F4B98L, 0x61B1FB53292342F7L, 0xC721C0080E864130L, 0x8693CD1696FD7B74L,
+            0x872731927136B14BL, 0xD3446C8A63A1721BL, 0x669A35E8A6680E4AL, 0xCAB658F239509A16L,
+            0xA4E5DE4EF42E8AB9L, 0x37A7435EE83F08D9L, 0x134E6239E26C7F96L, 0x82791A3C2DF67488L,
+            0x3F6EF00A8329163CL, 0x8E5A7E42FDEB6591L, 0x5CAAEE4C7981DDB5L, 0x19F234785AF1E80DL,
+            0x255DDDE3ED98BD70L, 0x50898A32A99CCCACL, 0x28CA4519DA4E6656L, 0xAE59880F4CB31D22L,
+            0x0D9798FA37D6DB26L, 0x32F968F0B4FFCD1AL, 0xA00F09644F258545L, 0xFA3AD5175E24DE72L,
+            0xF46C547C5DB24615L, 0x713E80FBFF0F7E20L, 0x7843CF2B73D2AAFAL, 0xBD17EA36AEDF62B4L,
+            0xFD111BACD16F92CFL, 0x4ABAA7DBC72D67E0L, 0xB3416B5DAD49FAD3L, 0xBCA316B24914A88BL,
+            0x15D150068AECF914L, 0xE27C1DEBE31EFC40L, 0x4FE48C759BEDA223L, 0x7EDCFD141B522C78L,
+            0x4E5070F17C26681CL, 0xE696CAC15815F3BCL, 0x35D2A64B3BB481A7L, 0x800CFF29FE7DFDF6L,
+            0x1ED9FAC3D5BAA4B0L, 0x6C2663A91EF599D1L, 0x03C1199134404341L, 0xF7AD4DED69F20554L,
+            0xCD9D9649B61BD6ABL, 0xC8C3BDE7EADB1368L, 0xD131899FB02AFB65L, 0x1D18E352E1FAE7F1L,
+            0xDA39235AEF7CA6C1L, 0xA1BBF5E0A8EE4F7AL, 0x91377805CF9A0B1EL, 0x3138716180BF8E5BL,
+            0xD9F83ACBDB3CE580L, 0x0275E515D38B897EL, 0x472D3F21F0FBBCC6L, 0x2D946EB7868EA395L,
+            0xBA3C248D21942E09L, 0xE7223645BFDE3983L, 0xFF64FEB902E41BB1L, 0xC97741630D10D957L,
+            0xC3CB1722B58D4ECCL, 0xA27AEC719CAE0C3BL, 0x99FECB51A48C15FBL, 0x1465AC826D27332BL,
+            0xE1BD047AD75EBF01L, 0x79F733AF941960C5L, 0x672EC96C41A3C475L, 0xC27FEBA6524684F3L,
+            0x64EFD0FD75E38734L, 0xED9E60040743AE18L, 0xFB8E2993B9EF144DL, 0x38453EB10C625A81L,
+            0x6978480742355C12L, 0x48CF42CE14A6EE9EL, 0x1CAC1FD606312DCEL, 0x7B82D6BA4792E9BBL,
+            0x9D141C7B1F871A07L, 0x5616B80DC11C4A2EL, 0xB849C198F21FA777L, 0x7CA91801C8D9A506L,
+            0xB1348E487EC273ADL, 0x41B20D1E987B3A44L, 0x7460AB55A3CFBBE3L, 0x84E628034576F20AL,
+            0x1B87D16D897A6173L, 0x0FE27DEFE45D5258L, 0x83CDE6B8CA3DBEB7L, 0x0C23647ED01D1119L,
+            0x7A362A3EA0592384L, 0xB61F40F3F1893F10L, 0x75D457D1440471DCL, 0x4558DA34237035B8L,
+            0xDCA6116587FC2043L, 0x8D9B67D3C9AB26D0L, 0x2B0B5C88EE0E2517L, 0x6FE77A382AB5DA90L,
+            0x269CC472D9D8FE31L, 0x63C41E46FAA8CB89L, 0xB7ABBC771642F52FL, 0x7D1DE4852F126F39L,
+            0xA8C6BA3024339BA0L, 0x600507D7CEE888C8L, 0x8FEE82C61A20AFAEL, 0x57A2448926D78011L,
+            0xFCA5E72836A458F0L, 0x072BCEBB8F4B4CBDL, 0x497BBE4AF36D24A1L, 0x3CAFE99BB769557DL,
+            0x12FA9EBD05A7B5A9L, 0xE8C04BAA5B836BDBL, 0x4273148FAC3B7905L, 0x908384812851C121L,
+            0xE557D3506C55B0FDL, 0x72FF996ACB4F3D61L, 0x3EDA0C8E64E2DC03L, 0xF0868356E6B949E9L,
+            0x04EAD72ABB0B0FFCL, 0x17A4B5135967706AL, 0xE3C8E16F04D5367FL, 0xF84F30028DAF570CL,
+            0x1846C8FCBD3A2232L, 0x5B8120F7F6CA9108L, 0xD46FA231ECEA3EA6L, 0x334D947453340725L,
+            0x58403966C28AD249L, 0xBED6F3A79A9F21F5L, 0x68CCB483A5FE962DL, 0xD085751B57E1315AL,
+            0xFED0023DE52FD18EL, 0x4B0E5B5F20E6ADDFL, 0x1A332DE96EB1AB4CL, 0xA3CE10F57B65C604L,
+            0x108F7BA8D62C3CD7L, 0xAB07A3A11073D8E1L, 0x6B0DAD1291BED56CL, 0xF2F366433532C097L,
+            0x2E557726B2CEE0D4L, 0x0000000000000000L, 0xCB02A476DE9B5029L, 0xE4E32FD48B9E7AC2L,
+            0x734B65EE2C84F75EL, 0x6E5386BCCD7E10AFL, 0x01B4FC84E7CBCA3FL, 0xCFE8735C65905FD5L,
+            0x3613BFDA0FF4C2E6L, 0x113B872C31E7F6E8L, 0x2FE18BA255052AEBL, 0xE974B72EBC48A1E4L,
+            0x0ABC5641B89D979BL, 0xB46AA5E62202B66EL, 0x44EC26B0C4BBFF87L, 0xA6903B5B27A503C7L,
+            0x7F680190FC99E647L, 0x97A84A3AA71A8D9CL, 0xDD12EDE16037EA7CL, 0xC554251DDD0DC84EL,
+            0x88C54C7D956BE313L, 0x4D91696048662B5DL, 0xB08072CC9909B992L, 0xB5DE5962C5C97C51L,
+            0x81B803AD19B637C9L, 0xB2F597D94A8230ECL, 0x0B08AAC55F565DA4L, 0xF1327FD2017283D6L,
+            0xAD98919E78F35E63L, 0x6AB9519676751F53L, 0x24E921670A53774FL, 0xB9FD3D1C15D46D48L,
+            0x92F66194FBDA485FL, 0x5A35DC7311015B37L, 0xDED3F4705477A93DL, 0xC00A0EB381CD0D8DL,
+            0xBB88D809C65FE436L, 0x16104997BEACBA55L, 0x21B70AC95693B28CL, 0x59F4C5E225411876L,
+            0xD5DB5EB50B21F499L, 0x55D7A19CF55C096FL, 0xA97246B4C3F8519FL, 0x8552D487A2BD3835L,
+            0x54635D181297C350L, 0x23C2EFDC85183BF2L, 0x9F61F96ECC0C9379L, 0x534893A39DDC8FEDL,
+            0x5EDF0B59AA0A54CBL, 0xAC2C6D1A9F38945CL, 0xD7AEBBA0D8AA7DE7L, 0x2ABFA00C09C5EF28L,
+            0xD84CC64F3CF72FBFL, 0x2003F64DB15878B3L, 0xA724C7DFC06EC9F8L, 0x069F323F68808682L,
+            0xCC296ACD51D01C94L, 0x055E2BAE5CC0C5C3L, 0x6270E2C21D6301B6L, 0x3B842720382219C0L,
+            0xD2F0900E846AB824L, 0x52FC6F277A1745D2L, 0xC6953C8CE94D8B0FL, 0xE009F8FE3095753EL,
+            0x655B2C7992284D0BL, 0x984A37D54347DFC4L, 0xEAB5AEBF8808E2A5L, 0x9A3FD2C090CC56BAL,
+            0x9CA0E0FFF84CD038L, 0x4C2595E4AFADE162L, 0xDF6708F4B3BC6302L, 0xBF620F237D54EBCAL,
+            0x93429D101C118260L, 0x097D4FD08CDDD4DAL, 0x8C2F9B572E60ECEFL, 0x708A7C7F18C4B41FL,
+            0x3A30DBA4DFE9D3FFL, 0x4006F19A7FB0F07BL, 0x5F6BF7DD4DC19EF4L, 0x1F6D064732716E8FL,
+            0xF9FBCC866A649D33L, 0x308C8DE567744464L, 0x8971B0F972A0292CL, 0xD61A47243F61B7D8L,
+            0xEFEB8511D4C82766L, 0x961CB6BE40D147A3L, 0xAAB35F25F7B812DEL, 0x76154E407044329DL,
+            0x513D76B64E570693L, 0xF3479AC7D2F90AA8L, 0x9B8B2E4477079C85L, 0x297EB99D3D85AC69L
+        },
+       new ulong[] {
+            0x7E37E62DFC7D40C3L, 0x776F25A4EE939E5BL, 0xE045C850DD8FB5ADL, 0x86ED5BA711FF1952L,
+            0xE91D0BD9CF616B35L, 0x37E0AB256E408FFBL, 0x9607F6C031025A7AL, 0x0B02F5E116D23C9DL,
+            0xF3D8486BFB50650CL, 0x621CFF27C40875F5L, 0x7D40CB71FA5FD34AL, 0x6DAA6616DAA29062L,
+            0x9F5F354923EC84E2L, 0xEC847C3DC507C3B3L, 0x025A3668043CE205L, 0xA8BF9E6C4DAC0B19L,
+            0xFA808BE2E9BEBB94L, 0xB5B99C5277C74FA3L, 0x78D9BC95F0397BCCL, 0xE332E50CDBAD2624L,
+            0xC74FCE129332797EL, 0x1729ECEB2EA709ABL, 0xC2D6B9F69954D1F8L, 0x5D898CBFBAB8551AL,
+            0x859A76FB17DD8ADBL, 0x1BE85886362F7FB5L, 0xF6413F8FF136CD8AL, 0xD3110FA5BBB7E35CL,
+            0x0A2FEED514CC4D11L, 0xE83010EDCD7F1AB9L, 0xA1E75DE55F42D581L, 0xEEDE4A55C13B21B6L,
+            0xF2F5535FF94E1480L, 0x0CC1B46D1888761EL, 0xBCE15FDB6529913BL, 0x2D25E8975A7181C2L,
+            0x71817F1CE2D7A554L, 0x2E52C5CB5C53124BL, 0xF9F7A6BEEF9C281DL, 0x9E722E7D21F2F56EL,
+            0xCE170D9B81DCA7E6L, 0x0E9B82051CB4941BL, 0x1E712F623C49D733L, 0x21E45CFA42F9F7DCL,
+            0xCB8E7A7F8BBA0F60L, 0x8E98831A010FB646L, 0x474CCF0D8E895B23L, 0xA99285584FB27A95L,
+            0x8CC2B57205335443L, 0x42D5B8E984EFF3A5L, 0x012D1B34021E718CL, 0x57A6626AAE74180BL,
+            0xFF19FC06E3D81312L, 0x35BA9D4D6A7C6DFEL, 0xC9D44C178F86ED65L, 0x506523E6A02E5288L,
+            0x03772D5C06229389L, 0x8B01F4FE0B691EC0L, 0xF8DABD8AED825991L, 0x4C4E3AEC985B67BEL,
+            0xB10DF0827FBF96A9L, 0x6A69279AD4F8DAE1L, 0xE78689DCD3D5FF2EL, 0x812E1A2B1FA553D1L,
+            0xFBAD90D6EBA0CA18L, 0x1AC543B234310E39L, 0x1604F7DF2CB97827L, 0xA6241C6951189F02L,
+            0x753513CCEAAF7C5EL, 0x64F2A59FC84C4EFAL, 0x247D2B1E489F5F5AL, 0xDB64D718AB474C48L,
+            0x79F4A7A1F2270A40L, 0x1573DA832A9BEBAEL, 0x3497867968621C72L, 0x514838D2A2302304L,
+            0xF0AF6537FD72F685L, 0x1D06023E3A6B44BAL, 0x678588C3CE6EDD73L, 0x66A893F7CC70ACFFL,
+            0xD4D24E29B5EDA9DFL, 0x3856321470EA6A6CL, 0x07C3418C0E5A4A83L, 0x2BCBB22F5635BACDL,
+            0x04B46CD00878D90AL, 0x06EE5AB80C443B0FL, 0x3B211F4876C8F9E5L, 0x0958C38912EEDE98L,
+            0xD14B39CDBF8B0159L, 0x397B292072F41BE0L, 0x87C0409313E168DEL, 0xAD26E98847CAA39FL,
+            0x4E140C849C6785BBL, 0xD5FF551DB7F3D853L, 0xA0CA46D15D5CA40DL, 0xCD6020C787FE346FL,
+            0x84B76DCF15C3FB57L, 0xDEFDA0FCA121E4CEL, 0x4B8D7B6096012D3DL, 0x9AC642AD298A2C64L,
+            0x0875D8BD10F0AF14L, 0xB357C6EA7B8374ACL, 0x4D6321D89A451632L, 0xEDA96709C719B23FL,
+            0xF76C24BBF328BC06L, 0xC662D526912C08F2L, 0x3CE25EC47892B366L, 0xB978283F6F4F39BDL,
+            0xC08C8F9E9D6833FDL, 0x4F3917B09E79F437L, 0x593DE06FB2C08C10L, 0xD6887841B1D14BDAL,
+            0x19B26EEE32139DB0L, 0xB494876675D93E2FL, 0x825937771987C058L, 0x90E9AC783D466175L,
+            0xF1827E03FF6C8709L, 0x945DC0A8353EB87FL, 0x4516F9658AB5B926L, 0x3F9573987EB020EFL,
+            0xB855330B6D514831L, 0x2AE6A91B542BCB41L, 0x6331E413C6160479L, 0x408F8E8180D311A0L,
+            0xEFF35161C325503AL, 0xD06622F9BD9570D5L, 0x8876D9A20D4B8D49L, 0xA5533135573A0C8BL,
+            0xE168D364DF91C421L, 0xF41B09E7F50A2F8FL, 0x12B09B0F24C1A12DL, 0xDA49CC2CA9593DC4L,
+            0x1F5C34563E57A6BFL, 0x54D14F36A8568B82L, 0xAF7CDFE043F6419AL, 0xEA6A2685C943F8BCL,
+            0xE5DCBFB4D7E91D2BL, 0xB27ADDDE799D0520L, 0x6B443CAED6E6AB6DL, 0x7BAE91C9F61BE845L,
+            0x3EB868AC7CAE5163L, 0x11C7B65322E332A4L, 0xD23C1491B9A992D0L, 0x8FB5982E0311C7CAL,
+            0x70AC6428E0C9D4D8L, 0x895BC2960F55FCC5L, 0x76423E90EC8DEFD7L, 0x6FF0507EDE9E7267L,
+            0x3DCF45F07A8CC2EAL, 0x4AA06054941F5CB1L, 0x5810FB5BB0DEFD9CL, 0x5EFEA1E3BC9AC693L,
+            0x6EDD4B4ADC8003EBL, 0x741808F8E8B10DD2L, 0x145EC1B728859A22L, 0x28BC9F7350172944L,
+            0x270A06424EBDCCD3L, 0x972AEDF4331C2BF6L, 0x059977E40A66A886L, 0x2550302A4A812ED6L,
+            0xDD8A8DA0A7037747L, 0xC515F87A970E9B7BL, 0x3023EAA9601AC578L, 0xB7E3AA3A73FBADA6L,
+            0x0FB699311EAAE597L, 0x0000000000000000L, 0x310EF19D6204B4F4L, 0x229371A644DB6455L,
+            0x0DECAF591A960792L, 0x5CA4978BB8A62496L, 0x1C2B190A38753536L, 0x41A295B582CD602CL,
+            0x3279DCC16426277DL, 0xC1A194AA9F764271L, 0x139D803B26DFD0A1L, 0xAE51C4D441E83016L,
+            0xD813FA44AD65DFC1L, 0xAC0BF2BC45D4D213L, 0x23BE6A9246C515D9L, 0x49D74D08923DCF38L,
+            0x9D05032127D066E7L, 0x2F7FDEFF5E4D63C7L, 0xA47E2A0155247D07L, 0x99B16FF12FA8BFEDL,
+            0x4661D4398C972AAFL, 0xDFD0BBC8A33F9542L, 0xDCA79694A51D06CBL, 0xB020EBB67DA1E725L,
+            0xBA0F0563696DAA34L, 0xE4F1A480D5F76CA7L, 0xC438E34E9510EAF7L, 0x939E81243B64F2FCL,
+            0x8DEFAE46072D25CFL, 0x2C08F3A3586FF04EL, 0xD7A56375B3CF3A56L, 0x20C947CE40E78650L,
+            0x43F8A3DD86F18229L, 0x568B795EAC6A6987L, 0x8003011F1DBB225DL, 0xF53612D3F7145E03L,
+            0x189F75DA300DEC3CL, 0x9570DB9C3720C9F3L, 0xBB221E576B73DBB8L, 0x72F65240E4F536DDL,
+            0x443BE25188ABC8AAL, 0xE21FFE38D9B357A8L, 0xFD43CA6EE7E4F117L, 0xCAA3614B89A47EECL,
+            0xFE34E732E1C6629EL, 0x83742C431B99B1D4L, 0xCF3A16AF83C2D66AL, 0xAAE5A8044990E91CL,
+            0x26271D764CA3BD5FL, 0x91C4B74C3F5810F9L, 0x7C6DD045F841A2C6L, 0x7F1AFD19FE63314FL,
+            0xC8F957238D989CE9L, 0xA709075D5306EE8EL, 0x55FC5402AA48FA0EL, 0x48FA563C9023BEB4L,
+            0x65DFBEABCA523F76L, 0x6C877D22D8BCE1EEL, 0xCC4D3BF385E045E3L, 0xBEBB69B36115733EL,
+            0x10EAAD6720FD4328L, 0xB6CEB10E71E5DC2AL, 0xBDCC44EF6737E0B7L, 0x523F158EA412B08DL,
+            0x989C74C52DB6CE61L, 0x9BEB59992B945DE8L, 0x8A2CEFCA09776F4CL, 0xA3BD6B8D5B7E3784L,
+            0xEB473DB1CB5D8930L, 0xC3FBA2C29B4AA074L, 0x9C28181525CE176BL, 0x683311F2D0C438E4L,
+            0x5FD3BAD7BE84B71FL, 0xFC6ED15AE5FA809BL, 0x36CDB0116C5EFE77L, 0x29918447520958C8L,
+            0xA29070B959604608L, 0x53120EBAA60CC101L, 0x3A0C047C74D68869L, 0x691E0AC6D2DA4968L,
+            0x73DB4974E6EB4751L, 0x7A838AFDF40599C9L, 0x5A4ACD33B4E21F99L, 0x6046C94FC03497F0L,
+            0xE6AB92E8D1CB8EA2L, 0x3354C7F5663856F1L, 0xD93EE170AF7BAE4DL, 0x616BD27BC22AE67CL,
+            0x92B39A10397A8370L, 0xABC8B3304B8E9890L, 0xBF967287630B02B2L, 0x5B67D607B6FC6E15L
+        },
+       new ulong[] {
+            0xD031C397CE553FE6L, 0x16BA5B01B006B525L, 0xA89BADE6296E70C8L, 0x6A1F525D77D3435BL,
+            0x6E103570573DFA0BL, 0x660EFB2A17FC95ABL, 0x76327A9E97634BF6L, 0x4BAD9D6462458BF5L,
+            0xF1830CAEDBC3F748L, 0xC5C8F542669131FFL, 0x95044A1CDC48B0CBL, 0x892962DF3CF8B866L,
+            0xB0B9E208E930C135L, 0xA14FB3F0611A767CL, 0x8D2605F21C160136L, 0xD6B71922FECC549EL,
+            0x37089438A5907D8BL, 0x0B5DA38E5803D49CL, 0x5A5BCC9CEA6F3CBCL, 0xEDAE246D3B73FFE5L,
+            0xD2B87E0FDE22EDCEL, 0x5E54ABB1CA8185ECL, 0x1DE7F88FE80561B9L, 0xAD5E1A870135A08CL,
+            0x2F2ADBD665CECC76L, 0x5780B5A782F58358L, 0x3EDC8A2EEDE47B3FL, 0xC9D95C3506BEE70FL,
+            0x83BE111D6C4E05EEL, 0xA603B90959367410L, 0x103C81B4809FDE5DL, 0x2C69B6027D0C774AL,
+            0x399080D7D5C87953L, 0x09D41E16487406B4L, 0xCDD63B1826505E5FL, 0xF99DC2F49B0298E8L,
+            0x9CD0540A943CB67FL, 0xBCA84B7F891F17C5L, 0x723D1DB3B78DF2A6L, 0x78AA6E71E73B4F2EL,
+            0x1433E699A071670DL, 0x84F21BE454620782L, 0x98DF3327B4D20F2FL, 0xF049DCE2D3769E5CL,
+            0xDB6C60199656EB7AL, 0x648746B2078B4783L, 0x32CD23598DCBADCFL, 0x1EA4955BF0C7DA85L,
+            0xE9A143401B9D46B5L, 0xFD92A5D9BBEC21B8L, 0xC8138C790E0B8E1BL, 0x2EE00B9A6D7BA562L,
+            0xF85712B893B7F1FCL, 0xEB28FED80BEA949DL, 0x564A65EB8A40EA4CL, 0x6C9988E8474A2823L,
+            0x4535898B121D8F2DL, 0xABD8C03231ACCBF4L, 0xBA2E91CAB9867CBDL, 0x7960BE3DEF8E263AL,
+            0x0C11A977602FD6F0L, 0xCB50E1AD16C93527L, 0xEAE22E94035FFD89L, 0x2866D12F5DE2CE1AL,
+            0xFF1B1841AB9BF390L, 0x9F9339DE8CFE0D43L, 0x964727C8C48A0BF7L, 0x524502C6AAAE531CL,
+            0x9B9C5EF3AC10B413L, 0x4FA2FA4942AB32A5L, 0x3F165A62E551122BL, 0xC74148DA76E6E3D7L,
+            0x924840E5E464B2A7L, 0xD372AE43D69784DAL, 0x233B72A105E11A86L, 0xA48A04914941A638L,
+            0xB4B68525C9DE7865L, 0xDDEABAACA6CF8002L, 0x0A9773C250B6BD88L, 0xC284FFBB5EBD3393L,
+            0x8BA0DF472C8F6A4EL, 0x2AEF6CB74D951C32L, 0x427983722A318D41L, 0x73F7CDFFBF389BB2L,
+            0x074C0AF9382C026CL, 0x8A6A0F0B243A035AL, 0x6FDAE53C5F88931FL, 0xC68B98967E538AC3L,
+            0x44FF59C71AA8E639L, 0xE2FCE0CE439E9229L, 0xA20CDE2479D8CD40L, 0x19E89FA2C8EBD8E9L,
+            0xF446BBCFF398270CL, 0x43B3533E2284E455L, 0xD82F0DCD8E945046L, 0x51066F12B26CE820L,
+            0xE73957AF6BC5426DL, 0x081ECE5A40C16FA0L, 0x3B193D4FC5BFAB7BL, 0x7FE66488DF174D42L,
+            0x0E9814EF705804D8L, 0x8137AC857C39D7C6L, 0xB1733244E185A821L, 0x695C3F896F11F867L,
+            0xF6CF0657E3EFF524L, 0x1AABF276D02963D5L, 0x2DA3664E75B91E5EL, 0x0289BD981077D228L,
+            0x90C1FD7DF413608FL, 0x3C5537B6FD93A917L, 0xAA12107E3919A2E0L, 0x0686DAB530996B78L,
+            0xDAA6B0559EE3826EL, 0xC34E2FF756085A87L, 0x6D5358A44FFF4137L, 0xFC587595B35948ACL,
+            0x7CA5095CC7D5F67EL, 0xFB147F6C8B754AC0L, 0xBFEB26AB91DDACF9L, 0x6896EFC567A49173L,
+            0xCA9A31E11E7C5C33L, 0xBBE44186B13315A9L, 0x0DDB793B689ABFE4L, 0x70B4A02BA7FA208EL,
+            0xE47A3A7B7307F951L, 0x8CECD5BE14A36822L, 0xEEED49B923B144D9L, 0x17708B4DB8B3DC31L,
+            0x6088219F2765FED3L, 0xB3FA8FDCF1F27A09L, 0x910B2D31FCA6099BL, 0x0F52C4A378ED6DCCL,
+            0x50CCBF5EBAD98134L, 0x6BD582117F662A4FL, 0x94CE9A50D4FDD9DFL, 0x2B25BCFB45207526L,
+            0x67C42B661F49FCBFL, 0x492420FC723259DDL, 0x03436DD418C2BB3CL, 0x1F6E4517F872B391L,
+            0xA08563BC69AF1F68L, 0xD43EA4BAEEBB86B6L, 0x01CAD04C08B56914L, 0xAC94CACB0980C998L,
+            0x54C3D8739A373864L, 0x26FEC5C02DBACAC2L, 0xDEA9D778BE0D3B3EL, 0x040F672D20EEB950L,
+            0xE5B0EA377BB29045L, 0xF30AB136CBB42560L, 0x62019C0737122CFBL, 0xE86B930C13282FA1L,
+            0xCC1CEB542EE5374BL, 0x538FD28AA21B3A08L, 0x1B61223AD89C0AC1L, 0x36C24474AD25149FL,
+            0x7A23D3E9F74C9D06L, 0xBE21F6E79968C5EDL, 0xCF5F868036278C77L, 0xF705D61BEB5A9C30L,
+            0x4D2B47D152DCE08DL, 0x5F9E7BFDC234ECF8L, 0x247778583DCD18EAL, 0x867BA67C4415D5AAL,
+            0x4CE1979D5A698999L, 0x0000000000000000L, 0xEC64F42133C696F1L, 0xB57C5569C16B1171L,
+            0xC1C7926F467F88AFL, 0x654D96FE0F3E2E97L, 0x15F936D5A8C40E19L, 0xB8A72C52A9F1AE95L,
+            0xA9517DAA21DB19DCL, 0x58D27104FA18EE94L, 0x5918A148F2AD8780L, 0x5CDD1629DAF657C4L,
+            0x8274C15164FB6CFAL, 0xD1FB13DBC6E056F2L, 0x7D6FD910CF609F6AL, 0xB63F38BDD9A9AA4DL,
+            0x3D9FE7FAF526C003L, 0x74BBC706871499DEL, 0xDF630734B6B8522AL, 0x3AD3ED03CD0AC26FL,
+            0xFADEAF2083C023D4L, 0xC00D42234ECAE1BBL, 0x8538CBA85CD76E96L, 0xC402250E6E2458EBL,
+            0x47BC3413026A5D05L, 0xAFD7A71F114272A4L, 0x978DF784CC3F62E3L, 0xB96DFC1EA144C781L,
+            0x21B2CF391596C8AEL, 0x318E4E8D950916F3L, 0xCE9556CC3E92E563L, 0x385A509BDD7D1047L,
+            0x358129A0B5E7AFA3L, 0xE6F387E363702B79L, 0xE0755D5653E94001L, 0x7BE903A5FFF9F412L,
+            0x12B53C2C90E80C75L, 0x3307F315857EC4DBL, 0x8FAFB86A0C61D31EL, 0xD9E5DD8186213952L,
+            0x77F8AAD29FD622E2L, 0x25BDA814357871FEL, 0x7571174A8FA1F0CAL, 0x137FEC60985D6561L,
+            0x30449EC19DBC7FE7L, 0xA540D4DD41F4CF2CL, 0xDC206AE0AE7AE916L, 0x5B911CD0E2DA55A8L,
+            0xB2305F90F947131DL, 0x344BF9ECBD52C6B7L, 0x5D17C665D2433ED0L, 0x18224FEEC05EB1FDL,
+            0x9E59E992844B6457L, 0x9A568EBFA4A5DD07L, 0xA3C60E68716DA454L, 0x7E2CB4C4D7A22456L,
+            0x87B176304CA0BCBEL, 0x413AEEA632F3367DL, 0x9915E36BBC67663BL, 0x40F03EEA3A465F69L,
+            0x1C2D28C3E0B008ADL, 0x4E682A054A1E5BB1L, 0x05C5B761285BD044L, 0xE1BF8D1A5B5C2915L,
+            0xF2C0617AC3014C74L, 0xB7F5E8F1D11CC359L, 0x63CB4C4B3FA745EFL, 0x9D1A84469C89DF6BL,
+            0xE33630824B2BFB3DL, 0xD5F474F6E60EEFA2L, 0xF58C6B83FB2D4E18L, 0x4676E45F0ADF3411L,
+            0x20781F751D23A1BAL, 0xBD629B3381AA7ED1L, 0xAE1D775319F71BB0L, 0xFED1C80DA32E9A84L,
+            0x5509083F92825170L, 0x29AC01635557A70EL, 0xA7C9694551831D04L, 0x8E65682604D4BA0AL,
+            0x11F651F8882AB749L, 0xD77DC96EF6793D8AL, 0xEF2799F52B042DCDL, 0x48EEF0B07A8730C9L,
+            0x22F1A2ED0D547392L, 0x6142F1D32FD097C7L, 0x4A674D286AF0E2E1L, 0x80FD7CC9748CBED2L,
+            0x717E7067AF4F499AL, 0x938290A9ECD1DBB3L, 0x88E3B293344DD172L, 0x2734158C250FA3D6L
+        }
+    };
+
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_256Digest.cs b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_256Digest.cs
new file mode 100644
index 0000000..8686851
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_256Digest.cs
@@ -0,0 +1,54 @@
+using System;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    public class GOST3411_2012_256Digest : GOST3411_2012Digest
+    {
+        private readonly static byte[] IV = {
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
+            0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01
+        };
+
+        public override string AlgorithmName
+        {
+            get { return "GOST3411-2012-256"; }
+        }
+
+        public GOST3411_2012_256Digest() : base(IV)
+        {
+
+        }
+
+        public GOST3411_2012_256Digest(GOST3411_2012_256Digest other) : base(IV)
+        {
+            Reset(other);
+        }
+
+        public override int GetDigestSize()
+        {
+            return 32;
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+			byte[] result = new byte[64];
+			base.DoFinal(result, 0);
+
+			Array.Copy(result, 32, output, outOff, 32);
+
+			return 32;
+        }
+
+        public override IMemoable Copy()
+        {
+			return new GOST3411_2012_256Digest(this);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_512Digest.cs b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_512Digest.cs
new file mode 100644
index 0000000..eb40aba
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/GOST3411_2012_512Digest.cs
@@ -0,0 +1,43 @@
+using System;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    public class GOST3411_2012_512Digest:GOST3411_2012Digest
+    {
+		private readonly static byte[] IV = {
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+	};
+
+		public override string AlgorithmName
+		{
+			get { return "GOST3411-2012-512"; }
+		}
+
+        public GOST3411_2012_512Digest():base(IV)
+        {
+        }
+
+		public GOST3411_2012_512Digest(GOST3411_2012_512Digest other) : base(IV)
+		{
+            Reset(other);
+        }
+
+        public override int GetDigestSize()
+        {
+            return 64;
+        }
+
+		public override IMemoable Copy()
+		{
+			return new GOST3411_2012_512Digest(this);
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/GeneralDigest.cs b/bc-sharp-crypto/src/crypto/digests/GeneralDigest.cs
new file mode 100644
index 0000000..d40ad28
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/GeneralDigest.cs
@@ -0,0 +1,133 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * base implementation of MD4 family style digest as outlined in
+    * "Handbook of Applied Cryptography", pages 344 - 347.
+    */
+    public abstract class GeneralDigest
+		: IDigest, IMemoable
+    {
+        private const int BYTE_LENGTH = 64;
+
+        private byte[]  xBuf;
+        private int     xBufOff;
+
+        private long    byteCount;
+
+        internal GeneralDigest()
+        {
+            xBuf = new byte[4];
+        }
+
+        internal GeneralDigest(GeneralDigest t)
+		{
+			xBuf = new byte[t.xBuf.Length];
+			CopyIn(t);
+		}
+
+		protected void CopyIn(GeneralDigest t)
+		{
+            Array.Copy(t.xBuf, 0, xBuf, 0, t.xBuf.Length);
+
+            xBufOff = t.xBufOff;
+            byteCount = t.byteCount;
+        }
+
+        public void Update(byte input)
+        {
+            xBuf[xBufOff++] = input;
+
+            if (xBufOff == xBuf.Length)
+            {
+                ProcessWord(xBuf, 0);
+                xBufOff = 0;
+            }
+
+            byteCount++;
+        }
+
+        public void BlockUpdate(
+            byte[]  input,
+            int     inOff,
+            int     length)
+        {
+            length = System.Math.Max(0, length);
+
+            //
+            // fill the current word
+            //
+            int i = 0;
+            if (xBufOff != 0)
+            {
+                while (i < length)
+                {
+                    xBuf[xBufOff++] = input[inOff + i++];
+                    if (xBufOff == 4)
+                    {
+                        ProcessWord(xBuf, 0);
+                        xBufOff = 0;
+                        break;
+                    }
+                }
+            }
+
+            //
+            // process whole words.
+            //
+            int limit = ((length - i) & ~3) + i;
+            for (; i < limit; i += 4)
+            {
+                ProcessWord(input, inOff + i);
+            }
+
+            //
+            // load in the remainder.
+            //
+            while (i < length)
+            {
+                xBuf[xBufOff++] = input[inOff + i++];
+            }
+
+            byteCount += length;
+        }
+
+        public void Finish()
+        {
+            long    bitLength = (byteCount << 3);
+
+            //
+            // add the pad bytes.
+            //
+            Update((byte)128);
+
+            while (xBufOff != 0) Update((byte)0);
+            ProcessLength(bitLength);
+            ProcessBlock();
+        }
+
+        public virtual void Reset()
+        {
+            byteCount = 0;
+            xBufOff = 0;
+			Array.Clear(xBuf, 0, xBuf.Length);
+        }
+
+		public int GetByteLength()
+		{
+			return BYTE_LENGTH;
+		}
+
+		internal abstract void ProcessWord(byte[] input, int inOff);
+        internal abstract void ProcessLength(long bitLength);
+        internal abstract void ProcessBlock();
+        public abstract string AlgorithmName { get; }
+		public abstract int GetDigestSize();
+        public abstract int DoFinal(byte[] output, int outOff);
+		public abstract IMemoable Copy();
+		public abstract void Reset(IMemoable t);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/KeccakDigest.cs b/bc-sharp-crypto/src/crypto/digests/KeccakDigest.cs
new file mode 100644
index 0000000..8b16e5d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/KeccakDigest.cs
@@ -0,0 +1,479 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /// <summary>
+    /// Implementation of Keccak based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
+    /// </summary>
+    /// <remarks>
+    /// Following the naming conventions used in the C source code to enable easy review of the implementation.
+    /// </remarks>
+    public class KeccakDigest
+        : IDigest, IMemoable
+    {
+        private static readonly ulong[] KeccakRoundConstants = KeccakInitializeRoundConstants();
+
+        private static readonly int[] KeccakRhoOffsets = KeccakInitializeRhoOffsets();
+
+        private static ulong[] KeccakInitializeRoundConstants()
+        {
+            ulong[] keccakRoundConstants = new ulong[24];
+            byte LFSRState = 0x01;
+
+            for (int i = 0; i < 24; i++)
+            {
+                keccakRoundConstants[i] = 0;
+                for (int j = 0; j < 7; j++)
+                {
+                    int bitPosition = (1 << j) - 1;
+
+                    // LFSR86540
+
+                    bool loBit = (LFSRState & 0x01) != 0;
+                    if (loBit)
+                    {
+                        keccakRoundConstants[i] ^= 1UL << bitPosition;
+                    }
+
+                    bool hiBit = (LFSRState & 0x80) != 0;
+                    LFSRState <<= 1;
+                    if (hiBit)
+                    {
+                        LFSRState ^= 0x71;
+                    }
+
+                }
+            }
+
+            return keccakRoundConstants;
+        }
+
+        private static int[] KeccakInitializeRhoOffsets()
+        {
+            int[] keccakRhoOffsets = new int[25];
+            int x, y, t, newX, newY;
+
+            int rhoOffset = 0;
+            keccakRhoOffsets[0] = rhoOffset;
+            x = 1;
+            y = 0;
+            for (t = 1; t < 25; t++)
+            {
+                rhoOffset = (rhoOffset + t) & 63;
+                keccakRhoOffsets[(((x) % 5) + 5 * ((y) % 5))] = rhoOffset;
+                newX = (0 * x + 1 * y) % 5;
+                newY = (2 * x + 3 * y) % 5;
+                x = newX;
+                y = newY;
+            }
+
+            return keccakRhoOffsets;
+        }
+
+        private static readonly int STATE_LENGTH = (1600 / 8);
+
+        private ulong[] state = new ulong[STATE_LENGTH / 8];
+        protected byte[] dataQueue = new byte[1536 / 8];
+        protected int rate;
+        protected int bitsInQueue;
+        protected int fixedOutputLength;
+        protected bool squeezing;
+        protected int bitsAvailableForSqueezing;
+
+        public KeccakDigest()
+            : this(288)
+        {
+        }
+
+        public KeccakDigest(int bitLength)
+        {
+            Init(bitLength);
+        }
+
+        public KeccakDigest(KeccakDigest source)
+        {
+            CopyIn(source);
+        }
+
+        private void CopyIn(KeccakDigest source)
+        {
+            Array.Copy(source.state, 0, this.state, 0, source.state.Length);
+            Array.Copy(source.dataQueue, 0, this.dataQueue, 0, source.dataQueue.Length);
+            this.rate = source.rate;
+            this.bitsInQueue = source.bitsInQueue;
+            this.fixedOutputLength = source.fixedOutputLength;
+            this.squeezing = source.squeezing;
+            this.bitsAvailableForSqueezing = source.bitsAvailableForSqueezing;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "Keccak-" + fixedOutputLength; }
+        }
+
+        public virtual int GetDigestSize()
+        {
+            return fixedOutputLength >> 3;
+        }
+
+        public virtual void Update(byte input)
+        {
+            Absorb(new byte[]{ input }, 0, 1);
+        }
+
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            Absorb(input, inOff, len);
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            Squeeze(output, outOff, fixedOutputLength >> 3);
+
+            Reset();
+
+            return GetDigestSize();
+        }
+
+        /*
+         * TODO Possible API change to support partial-byte suffixes.
+         */
+        protected virtual int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits)
+        {
+            if (partialBits > 0)
+            {
+                AbsorbBits(partialByte, partialBits);
+            }
+
+            Squeeze(output, outOff, fixedOutputLength >> 3);
+
+            Reset();
+
+            return GetDigestSize();
+        }
+
+        public virtual void Reset()
+        {
+            Init(fixedOutputLength);
+        }
+
+        /**
+         * Return the size of block that the compression function is applied to in bytes.
+         *
+         * @return internal byte length of a block.
+         */
+        public virtual int GetByteLength()
+        {
+            return rate >> 3;
+        }
+
+        private void Init(int bitLength)
+        {
+            switch (bitLength)
+            {
+                case 128:
+                case 224:
+                case 256:
+                case 288:
+                case 384:
+                case 512:
+                    InitSponge(1600 - (bitLength << 1));
+                    break;
+                default:
+                    throw new ArgumentException("must be one of 128, 224, 256, 288, 384, or 512.", "bitLength");
+            }
+        }
+
+        private void InitSponge(int rate)
+        {
+            if (rate <= 0 || rate >= 1600 || (rate & 63) != 0)
+                throw new InvalidOperationException("invalid rate value");
+
+            this.rate = rate;
+            Array.Clear(state, 0, state.Length);
+            Arrays.Fill(this.dataQueue, (byte)0);
+            this.bitsInQueue = 0;
+            this.squeezing = false;
+            this.bitsAvailableForSqueezing = 0;
+            this.fixedOutputLength = (1600 - rate) >> 1;
+        }
+
+        protected void Absorb(byte[] data, int off, int len)
+        {
+            if ((bitsInQueue & 7) != 0)
+                throw new InvalidOperationException("attempt to absorb with odd length queue");
+            if (squeezing)
+                throw new InvalidOperationException("attempt to absorb while squeezing");
+
+            int bytesInQueue = bitsInQueue >> 3;
+            int rateBytes = rate >> 3;
+
+            int count = 0;
+            while (count < len)
+            {
+                if (bytesInQueue == 0 && count <= (len - rateBytes))
+                {
+                    do
+                    {
+                        KeccakAbsorb(data, off + count);
+                        count += rateBytes;
+                    }
+                    while (count <= (len - rateBytes));
+                }
+                else
+                {
+                    int partialBlock = System.Math.Min(rateBytes - bytesInQueue, len - count);
+                    Array.Copy(data, off + count, dataQueue, bytesInQueue, partialBlock);
+
+                    bytesInQueue += partialBlock;
+                    count += partialBlock;
+
+                    if (bytesInQueue == rateBytes)
+                    {
+                        KeccakAbsorb(dataQueue, 0);
+                        bytesInQueue = 0;
+                    }
+                }
+            }
+
+            bitsInQueue = bytesInQueue << 3;
+        }
+
+        protected void AbsorbBits(int data, int bits)
+        {
+            if (bits < 1 || bits > 7)
+                throw new ArgumentException("must be in the range 1 to 7", "bits");
+            if ((bitsInQueue & 7) != 0)
+                throw new InvalidOperationException("attempt to absorb with odd length queue");
+            if (squeezing)
+                throw new InvalidOperationException("attempt to absorb while squeezing");
+
+            int mask = (1 << bits) - 1;
+            dataQueue[bitsInQueue >> 3] = (byte)(data & mask);
+
+            // NOTE: After this, bitsInQueue is no longer a multiple of 8, so no more absorbs will work
+            bitsInQueue += bits;
+        }
+
+        private void PadAndSwitchToSqueezingPhase()
+        {
+            Debug.Assert(bitsInQueue < rate);
+
+            dataQueue[bitsInQueue >> 3] |= (byte)(1U << (bitsInQueue & 7));
+
+            if (++bitsInQueue == rate)
+            {
+                KeccakAbsorb(dataQueue, 0);
+                bitsInQueue = 0;
+            }
+
+            {
+                int full = bitsInQueue >> 6, partial = bitsInQueue & 63;
+                int off = 0;
+                for (int i = 0; i < full; ++i)
+                {
+                    state[i] ^= Pack.LE_To_UInt64(dataQueue, off);
+                    off += 8;
+                }
+                if (partial > 0)
+                {
+                    ulong mask = (1UL << partial) - 1UL;
+                    state[full] ^= Pack.LE_To_UInt64(dataQueue, off) & mask;
+                }
+                state[(rate - 1) >> 6] ^= (1UL << 63);
+            }
+
+            KeccakPermutation();
+            KeccakExtract();
+            bitsAvailableForSqueezing = rate;
+
+            bitsInQueue = 0;
+            squeezing = true;
+        }
+
+        protected void Squeeze(byte[] output, int off, int len)
+        {
+            if (!squeezing)
+            {
+                PadAndSwitchToSqueezingPhase();
+            }
+
+            long outputLength = (long)len << 3;
+            long i = 0;
+            while (i < outputLength)
+            {
+                if (bitsAvailableForSqueezing == 0)
+                {
+                    KeccakPermutation();
+                    KeccakExtract();
+                    bitsAvailableForSqueezing = rate;
+                }
+
+                int partialBlock = (int)System.Math.Min((long)bitsAvailableForSqueezing, outputLength - i);
+                Array.Copy(dataQueue, (rate - bitsAvailableForSqueezing) >> 3, output, off + (int)(i >> 3), partialBlock >> 3);
+                bitsAvailableForSqueezing -= partialBlock;
+                i += partialBlock;
+            }
+        }
+
+        private void KeccakAbsorb(byte[] data, int off)
+        {
+            int count = rate >> 6;
+            for (int i = 0; i < count; ++i)
+            {
+                state[i] ^= Pack.LE_To_UInt64(data, off);
+                off += 8;
+            }
+
+            KeccakPermutation();
+        }
+
+        private void KeccakExtract()
+        {
+            Pack.UInt64_To_LE(state, 0, rate >> 6, dataQueue, 0);
+        }
+
+        private void KeccakPermutation()
+        {
+            for (int i = 0; i < 24; i++)
+            {
+                Theta(state);
+                Rho(state);
+                Pi(state);
+                Chi(state);
+                Iota(state, i);
+            }
+        }
+
+        private static ulong leftRotate(ulong v, int r)
+        {
+            return (v << r) | (v >> -r);
+        }
+
+        private static void Theta(ulong[] A)
+        {
+            ulong C0 = A[0 + 0] ^ A[0 + 5] ^ A[0 + 10] ^ A[0 + 15] ^ A[0 + 20];
+            ulong C1 = A[1 + 0] ^ A[1 + 5] ^ A[1 + 10] ^ A[1 + 15] ^ A[1 + 20];
+            ulong C2 = A[2 + 0] ^ A[2 + 5] ^ A[2 + 10] ^ A[2 + 15] ^ A[2 + 20];
+            ulong C3 = A[3 + 0] ^ A[3 + 5] ^ A[3 + 10] ^ A[3 + 15] ^ A[3 + 20];
+            ulong C4 = A[4 + 0] ^ A[4 + 5] ^ A[4 + 10] ^ A[4 + 15] ^ A[4 + 20];
+
+            ulong dX = leftRotate(C1, 1) ^ C4;
+
+            A[0] ^= dX;
+            A[5] ^= dX;
+            A[10] ^= dX;
+            A[15] ^= dX;
+            A[20] ^= dX;
+
+            dX = leftRotate(C2, 1) ^ C0;
+
+            A[1] ^= dX;
+            A[6] ^= dX;
+            A[11] ^= dX;
+            A[16] ^= dX;
+            A[21] ^= dX;
+
+            dX = leftRotate(C3, 1) ^ C1;
+
+            A[2] ^= dX;
+            A[7] ^= dX;
+            A[12] ^= dX;
+            A[17] ^= dX;
+            A[22] ^= dX;
+
+            dX = leftRotate(C4, 1) ^ C2;
+
+            A[3] ^= dX;
+            A[8] ^= dX;
+            A[13] ^= dX;
+            A[18] ^= dX;
+            A[23] ^= dX;
+
+            dX = leftRotate(C0, 1) ^ C3;
+
+            A[4] ^= dX;
+            A[9] ^= dX;
+            A[14] ^= dX;
+            A[19] ^= dX;
+            A[24] ^= dX;
+        }
+
+        private static void Rho(ulong[] A)
+        {
+            // KeccakRhoOffsets[0] == 0
+            for (int x = 1; x < 25; x++)
+            {
+                A[x] = leftRotate(A[x], KeccakRhoOffsets[x]);
+            }
+        }
+
+        private static void Pi(ulong[] A)
+        {
+            ulong a1 = A[1];
+            A[1] = A[6];
+            A[6] = A[9];
+            A[9] = A[22];
+            A[22] = A[14];
+            A[14] = A[20];
+            A[20] = A[2];
+            A[2] = A[12];
+            A[12] = A[13];
+            A[13] = A[19];
+            A[19] = A[23];
+            A[23] = A[15];
+            A[15] = A[4];
+            A[4] = A[24];
+            A[24] = A[21];
+            A[21] = A[8];
+            A[8] = A[16];
+            A[16] = A[5];
+            A[5] = A[3];
+            A[3] = A[18];
+            A[18] = A[17];
+            A[17] = A[11];
+            A[11] = A[7];
+            A[7] = A[10];
+            A[10] = a1;
+        }
+
+        private static void Chi(ulong[] A)
+        {
+            ulong chiC0, chiC1, chiC2, chiC3, chiC4;
+
+            for (int yBy5 = 0; yBy5 < 25; yBy5 += 5)
+            {
+                chiC0 = A[0 + yBy5] ^ ((~A[(((0 + 1) % 5) + yBy5)]) & A[(((0 + 2) % 5) + yBy5)]);
+                chiC1 = A[1 + yBy5] ^ ((~A[(((1 + 1) % 5) + yBy5)]) & A[(((1 + 2) % 5) + yBy5)]);
+                chiC2 = A[2 + yBy5] ^ ((~A[(((2 + 1) % 5) + yBy5)]) & A[(((2 + 2) % 5) + yBy5)]);
+                chiC3 = A[3 + yBy5] ^ ((~A[(((3 + 1) % 5) + yBy5)]) & A[(((3 + 2) % 5) + yBy5)]);
+                chiC4 = A[4 + yBy5] ^ ((~A[(((4 + 1) % 5) + yBy5)]) & A[(((4 + 2) % 5) + yBy5)]);
+
+                A[0 + yBy5] = chiC0;
+                A[1 + yBy5] = chiC1;
+                A[2 + yBy5] = chiC2;
+                A[3 + yBy5] = chiC3;
+                A[4 + yBy5] = chiC4;
+            }
+        }
+
+        private static void Iota(ulong[] A, int indexRound)
+        {
+            A[0] ^= KeccakRoundConstants[indexRound];
+        }
+
+        public virtual IMemoable Copy()
+        {
+            return new KeccakDigest(this);
+        }
+
+        public virtual void Reset(IMemoable other)
+        {
+            CopyIn((KeccakDigest)other);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/LongDigest.cs b/bc-sharp-crypto/src/crypto/digests/LongDigest.cs
new file mode 100644
index 0000000..9ee9bcd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/LongDigest.cs
@@ -0,0 +1,355 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * Base class for SHA-384 and SHA-512.
+    */
+    public abstract class LongDigest
+		: IDigest, IMemoable
+    {
+        private int     MyByteLength = 128;
+
+        private byte[]  xBuf;
+        private int     xBufOff;
+
+        private long	byteCount1;
+        private long	byteCount2;
+
+        internal ulong H1, H2, H3, H4, H5, H6, H7, H8;
+
+        private ulong[] W = new ulong[80];
+        private int wOff;
+
+		/**
+        * Constructor for variable length word
+        */
+        internal LongDigest()
+        {
+            xBuf = new byte[8];
+
+			Reset();
+        }
+
+		/**
+        * Copy constructor.  We are using copy constructors in place
+        * of the object.Clone() interface as this interface is not
+        * supported by J2ME.
+        */
+        internal LongDigest(
+			LongDigest t)
+		{
+			xBuf = new byte[t.xBuf.Length];
+
+			CopyIn(t);
+		}
+
+		protected void CopyIn(LongDigest t)
+		{
+            Array.Copy(t.xBuf, 0, xBuf, 0, t.xBuf.Length);
+
+            xBufOff = t.xBufOff;
+            byteCount1 = t.byteCount1;
+            byteCount2 = t.byteCount2;
+
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+            H6 = t.H6;
+            H7 = t.H7;
+            H8 = t.H8;
+
+            Array.Copy(t.W, 0, W, 0, t.W.Length);
+            wOff = t.wOff;
+        }
+
+        public void Update(
+            byte input)
+        {
+            xBuf[xBufOff++] = input;
+
+            if (xBufOff == xBuf.Length)
+            {
+                ProcessWord(xBuf, 0);
+                xBufOff = 0;
+            }
+
+            byteCount1++;
+        }
+
+        public void BlockUpdate(
+            byte[]  input,
+            int     inOff,
+            int     length)
+        {
+            //
+            // fill the current word
+            //
+            while ((xBufOff != 0) && (length > 0))
+            {
+                Update(input[inOff]);
+
+                inOff++;
+                length--;
+            }
+
+            //
+            // process whole words.
+            //
+            while (length > xBuf.Length)
+            {
+                ProcessWord(input, inOff);
+
+                inOff += xBuf.Length;
+                length -= xBuf.Length;
+                byteCount1 += xBuf.Length;
+            }
+
+            //
+            // load in the remainder.
+            //
+            while (length > 0)
+            {
+                Update(input[inOff]);
+
+                inOff++;
+                length--;
+            }
+        }
+
+        public void Finish()
+        {
+            AdjustByteCounts();
+
+            long    lowBitLength = byteCount1 << 3;
+            long    hiBitLength = byteCount2;
+
+            //
+            // add the pad bytes.
+            //
+            Update((byte)128);
+
+            while (xBufOff != 0)
+            {
+                Update((byte)0);
+            }
+
+            ProcessLength(lowBitLength, hiBitLength);
+
+            ProcessBlock();
+        }
+
+        public virtual void Reset()
+        {
+            byteCount1 = 0;
+            byteCount2 = 0;
+
+            xBufOff = 0;
+            for ( int i = 0; i < xBuf.Length; i++ )
+            {
+                xBuf[i] = 0;
+            }
+
+            wOff = 0;
+			Array.Clear(W, 0, W.Length);
+        }
+
+        internal void ProcessWord(
+            byte[]  input,
+            int     inOff)
+        {
+			W[wOff] = Pack.BE_To_UInt64(input, inOff);
+
+            if (++wOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+		/**
+        * adjust the byte counts so that byteCount2 represents the
+        * upper long (less 3 bits) word of the byte count.
+        */
+        private void AdjustByteCounts()
+        {
+            if (byteCount1 > 0x1fffffffffffffffL)
+            {
+                byteCount2 += (long) ((ulong) byteCount1 >> 61);
+                byteCount1 &= 0x1fffffffffffffffL;
+            }
+        }
+
+        internal void ProcessLength(
+            long	lowW,
+            long	hiW)
+        {
+            if (wOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            W[14] = (ulong)hiW;
+            W[15] = (ulong)lowW;
+        }
+
+        internal void ProcessBlock()
+        {
+            AdjustByteCounts();
+
+            //
+            // expand 16 word block into 80 word blocks.
+            //
+            for (int ti = 16; ti <= 79; ++ti)
+            {
+                W[ti] = Sigma1(W[ti - 2]) + W[ti - 7] + Sigma0(W[ti - 15]) + W[ti - 16];
+            }
+
+            //
+            // set up working variables.
+            //
+            ulong a = H1;
+            ulong b = H2;
+            ulong c = H3;
+            ulong d = H4;
+            ulong e = H5;
+            ulong f = H6;
+            ulong g = H7;
+            ulong h = H8;
+
+			int t = 0;
+			for(int i = 0; i < 10; i ++)
+			{
+				// t = 8 * i
+				h += Sum1(e) + Ch(e, f, g) + K[t] + W[t++];
+				d += h;
+				h += Sum0(a) + Maj(a, b, c);
+
+				// t = 8 * i + 1
+				g += Sum1(d) + Ch(d, e, f) + K[t] + W[t++];
+				c += g;
+				g += Sum0(h) + Maj(h, a, b);
+
+				// t = 8 * i + 2
+				f += Sum1(c) + Ch(c, d, e) + K[t] + W[t++];
+				b += f;
+				f += Sum0(g) + Maj(g, h, a);
+
+				// t = 8 * i + 3
+				e += Sum1(b) + Ch(b, c, d) + K[t] + W[t++];
+				a += e;
+				e += Sum0(f) + Maj(f, g, h);
+
+				// t = 8 * i + 4
+				d += Sum1(a) + Ch(a, b, c) + K[t] + W[t++];
+				h += d;
+				d += Sum0(e) + Maj(e, f, g);
+
+				// t = 8 * i + 5
+				c += Sum1(h) + Ch(h, a, b) + K[t] + W[t++];
+				g += c;
+				c += Sum0(d) + Maj(d, e, f);
+
+				// t = 8 * i + 6
+				b += Sum1(g) + Ch(g, h, a) + K[t] + W[t++];
+				f += b;
+				b += Sum0(c) + Maj(c, d, e);
+
+				// t = 8 * i + 7
+				a += Sum1(f) + Ch(f, g, h) + K[t] + W[t++];
+				e += a;
+				a += Sum0(b) + Maj(b, c, d);
+			}
+
+			H1 += a;
+            H2 += b;
+            H3 += c;
+            H4 += d;
+            H5 += e;
+            H6 += f;
+            H7 += g;
+            H8 += h;
+
+			//
+            // reset the offset and clean out the word buffer.
+            //
+            wOff = 0;
+			Array.Clear(W, 0, 16);
+		}
+
+		/* SHA-384 and SHA-512 functions (as for SHA-256 but for longs) */
+        private static ulong Ch(ulong x, ulong y, ulong z)
+        {
+            return (x & y) ^ (~x & z);
+        }
+
+        private static ulong Maj(ulong x, ulong y, ulong z)
+        {
+            return (x & y) ^ (x & z) ^ (y & z);
+        }
+
+        private static ulong Sum0(ulong x)
+        {
+	        return ((x << 36) | (x >> 28)) ^ ((x << 30) | (x >> 34)) ^ ((x << 25) | (x >> 39));
+        }
+
+		private static ulong Sum1(ulong x)
+        {
+	        return ((x << 50) | (x >> 14)) ^ ((x << 46) | (x >> 18)) ^ ((x << 23) | (x >> 41));
+        }
+
+        private static ulong Sigma0(ulong x)
+        {
+	        return ((x << 63) | (x >> 1)) ^ ((x << 56) | (x >> 8)) ^ (x >> 7);
+        }
+
+        private static ulong Sigma1(ulong x)
+        {
+	        return ((x << 45) | (x >> 19)) ^ ((x << 3) | (x >> 61)) ^ (x >> 6);
+        }
+
+        /* SHA-384 and SHA-512 Constants
+         * (represent the first 64 bits of the fractional parts of the
+         * cube roots of the first sixty-four prime numbers)
+         */
+		internal static readonly ulong[] K =
+		{
+			0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc,
+			0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118,
+			0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2,
+			0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694,
+			0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65,
+			0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5,
+			0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4,
+			0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70,
+			0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df,
+			0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b,
+			0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30,
+			0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8,
+			0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8,
+			0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3,
+			0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec,
+			0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b,
+			0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178,
+			0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b,
+			0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c,
+			0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817
+		};
+
+		public int GetByteLength()
+		{
+			return MyByteLength;
+		}
+
+		public abstract string AlgorithmName { get; }
+		public abstract int GetDigestSize();
+        public abstract int DoFinal(byte[] output, int outOff);
+		public abstract IMemoable Copy();
+		public abstract void Reset(IMemoable t);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/MD2Digest.cs b/bc-sharp-crypto/src/crypto/digests/MD2Digest.cs
new file mode 100644
index 0000000..6d90f3f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/MD2Digest.cs
@@ -0,0 +1,269 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+
+    /**
+    * implementation of MD2
+    * as outlined in RFC1319 by B.Kaliski from RSA Laboratories April 1992
+    */
+    public class MD2Digest
+		: IDigest, IMemoable
+    {
+        private const int DigestLength = 16;
+        private const int BYTE_LENGTH = 16;
+
+        /* X buffer */
+        private byte[]   X = new byte[48];
+        private int     xOff;
+
+        /* M buffer */
+
+        private byte[]   M = new byte[16];
+        private int     mOff;
+
+        /* check sum */
+
+        private byte[]   C = new byte[16];
+        private int COff;
+
+        public MD2Digest()
+        {
+            Reset();
+        }
+
+        public MD2Digest(MD2Digest t)
+		{
+			CopyIn(t);
+		}
+
+		private void CopyIn(MD2Digest t)
+		{
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+            Array.Copy(t.M, 0, M, 0, t.M.Length);
+            mOff = t.mOff;
+            Array.Copy(t.C, 0, C, 0, t.C.Length);
+            COff = t.COff;
+        }
+
+        /**
+        * return the algorithm name
+        *
+        * @return the algorithm name
+        */
+        public string AlgorithmName
+		{
+			get { return "MD2"; }
+		}
+
+		public int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		public int GetByteLength()
+		{
+			return BYTE_LENGTH;
+		}
+
+		/**
+        * Close the digest, producing the final digest value. The doFinal
+        * call leaves the digest reset.
+        *
+        * @param out the array the digest is to be copied into.
+        * @param outOff the offset into the out array the digest is to start at.
+        */
+        public int DoFinal(byte[] output, int outOff)
+        {
+            // add padding
+            byte paddingByte = (byte)(M.Length - mOff);
+            for (int i=mOff;i<M.Length;i++)
+            {
+                M[i] = paddingByte;
+            }
+            //do final check sum
+            ProcessChecksum(M);
+            // do final block process
+            ProcessBlock(M);
+
+            ProcessBlock(C);
+
+            Array.Copy(X, xOff, output, outOff, 16);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the digest back to it's initial state.
+        */
+        public void Reset()
+        {
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+            mOff = 0;
+            for (int i = 0; i != M.Length; i++)
+            {
+                M[i] = 0;
+            }
+            COff = 0;
+            for (int i = 0; i != C.Length; i++)
+            {
+                C[i] = 0;
+            }
+        }
+        /**
+        * update the message digest with a single byte.
+        *
+        * @param in the input byte to be entered.
+        */
+        public void Update(byte input)
+        {
+            M[mOff++] = input;
+
+            if (mOff == 16)
+            {
+                ProcessChecksum(M);
+                ProcessBlock(M);
+                mOff = 0;
+            }
+        }
+
+        /**
+        * update the message digest with a block of bytes.
+        *
+        * @param in the byte array containing the data.
+        * @param inOff the offset into the byte array where the data starts.
+        * @param len the length of the data.
+        */
+        public void BlockUpdate(byte[] input, int inOff, int length)
+        {
+            //
+            // fill the current word
+            //
+            while ((mOff != 0) && (length > 0))
+            {
+                Update(input[inOff]);
+                inOff++;
+                length--;
+            }
+
+            //
+            // process whole words.
+            //
+            while (length > 16)
+            {
+                Array.Copy(input,inOff,M,0,16);
+                ProcessChecksum(M);
+                ProcessBlock(M);
+                length -= 16;
+                inOff += 16;
+            }
+
+            //
+            // load in the remainder.
+            //
+            while (length > 0)
+            {
+                Update(input[inOff]);
+                inOff++;
+                length--;
+            }
+        }
+
+        internal void ProcessChecksum(byte[] m)
+        {
+            int L = C[15];
+            for (int i=0;i<16;i++)
+            {
+                C[i] ^= S[(m[i] ^ L) & 0xff];
+                L = C[i];
+            }
+        }
+        internal void ProcessBlock(byte[] m)
+        {
+            for (int i=0;i<16;i++)
+            {
+                X[i+16] = m[i];
+                X[i+32] = (byte)(m[i] ^ X[i]);
+            }
+            // encrypt block
+            int t = 0;
+
+            for (int j=0;j<18;j++)
+            {
+                for (int k=0;k<48;k++)
+                {
+                    t = X[k] ^= S[t];
+                    t = t & 0xff;
+                }
+                t = (t + j)%256;
+            }
+        }
+
+
+
+        // 256-byte random permutation constructed from the digits of PI
+        private static readonly byte[] S = {
+        (byte)41,(byte)46,(byte)67,(byte)201,(byte)162,(byte)216,(byte)124,
+        (byte)1,(byte)61,(byte)54,(byte)84,(byte)161,(byte)236,(byte)240,
+        (byte)6,(byte)19,(byte)98,(byte)167,(byte)5,(byte)243,(byte)192,
+        (byte)199,(byte)115,(byte)140,(byte)152,(byte)147,(byte)43,(byte)217,
+        (byte)188,(byte)76,(byte)130,(byte)202,(byte)30,(byte)155,(byte)87,
+        (byte)60,(byte)253,(byte)212,(byte)224,(byte)22,(byte)103,(byte)66,
+        (byte)111,(byte)24,(byte)138,(byte)23,(byte)229,(byte)18,(byte)190,
+        (byte)78,(byte)196,(byte)214,(byte)218,(byte)158,(byte)222,(byte)73,
+        (byte)160,(byte)251,(byte)245,(byte)142,(byte)187,(byte)47,(byte)238,
+        (byte)122,(byte)169,(byte)104,(byte)121,(byte)145,(byte)21,(byte)178,
+        (byte)7,(byte)63,(byte)148,(byte)194,(byte)16,(byte)137,(byte)11,
+        (byte)34,(byte)95,(byte)33,(byte)128,(byte)127,(byte)93,(byte)154,
+        (byte)90,(byte)144,(byte)50,(byte)39,(byte)53,(byte)62,(byte)204,
+        (byte)231,(byte)191,(byte)247,(byte)151,(byte)3,(byte)255,(byte)25,
+        (byte)48,(byte)179,(byte)72,(byte)165,(byte)181,(byte)209,(byte)215,
+        (byte)94,(byte)146,(byte)42,(byte)172,(byte)86,(byte)170,(byte)198,
+        (byte)79,(byte)184,(byte)56,(byte)210,(byte)150,(byte)164,(byte)125,
+        (byte)182,(byte)118,(byte)252,(byte)107,(byte)226,(byte)156,(byte)116,
+        (byte)4,(byte)241,(byte)69,(byte)157,(byte)112,(byte)89,(byte)100,
+        (byte)113,(byte)135,(byte)32,(byte)134,(byte)91,(byte)207,(byte)101,
+        (byte)230,(byte)45,(byte)168,(byte)2,(byte)27,(byte)96,(byte)37,
+        (byte)173,(byte)174,(byte)176,(byte)185,(byte)246,(byte)28,(byte)70,
+        (byte)97,(byte)105,(byte)52,(byte)64,(byte)126,(byte)15,(byte)85,
+        (byte)71,(byte)163,(byte)35,(byte)221,(byte)81,(byte)175,(byte)58,
+        (byte)195,(byte)92,(byte)249,(byte)206,(byte)186,(byte)197,(byte)234,
+        (byte)38,(byte)44,(byte)83,(byte)13,(byte)110,(byte)133,(byte)40,
+        (byte)132, 9,(byte)211,(byte)223,(byte)205,(byte)244,(byte)65,
+        (byte)129,(byte)77,(byte)82,(byte)106,(byte)220,(byte)55,(byte)200,
+        (byte)108,(byte)193,(byte)171,(byte)250,(byte)36,(byte)225,(byte)123,
+        (byte)8,(byte)12,(byte)189,(byte)177,(byte)74,(byte)120,(byte)136,
+        (byte)149,(byte)139,(byte)227,(byte)99,(byte)232,(byte)109,(byte)233,
+        (byte)203,(byte)213,(byte)254,(byte)59,(byte)0,(byte)29,(byte)57,
+        (byte)242,(byte)239,(byte)183,(byte)14,(byte)102,(byte)88,(byte)208,
+        (byte)228,(byte)166,(byte)119,(byte)114,(byte)248,(byte)235,(byte)117,
+        (byte)75,(byte)10,(byte)49,(byte)68,(byte)80,(byte)180,(byte)143,
+        (byte)237,(byte)31,(byte)26,(byte)219,(byte)153,(byte)141,(byte)51,
+        (byte)159,(byte)17,(byte)131,(byte)20
+        };
+
+		public IMemoable Copy()
+		{
+			return new MD2Digest(this);
+		}
+
+		public void Reset(IMemoable other)
+		{
+			MD2Digest d = (MD2Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/MD4Digest.cs b/bc-sharp-crypto/src/crypto/digests/MD4Digest.cs
new file mode 100644
index 0000000..8743f7d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/MD4Digest.cs
@@ -0,0 +1,292 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * implementation of MD4 as RFC 1320 by R. Rivest, MIT Laboratory for
+    * Computer Science and RSA Data Security, Inc.
+    * <p>
+    * <b>NOTE</b>: This algorithm is only included for backwards compatibility
+    * with legacy applications, it's not secure, don't use it for anything new!</p>
+    */
+    public class MD4Digest
+		: GeneralDigest
+    {
+        private const int    DigestLength = 16;
+
+        private int     H1, H2, H3, H4;         // IV's
+
+        private int[]   X = new int[16];
+        private int     xOff;
+
+        /**
+        * Standard constructor
+        */
+        public MD4Digest()
+        {
+            Reset();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public MD4Digest(MD4Digest t) : base(t)
+		{
+			CopyIn(t);
+		}
+
+		private void CopyIn(MD4Digest t)
+		{
+			base.CopyIn(t);
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+		public override string AlgorithmName
+		{
+			get { return "MD4"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		internal override void ProcessWord(
+            byte[]  input,
+            int     inOff)
+        {
+            X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8)
+                | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24);
+
+            if (xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(
+            long    bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (int)(bitLength & 0xffffffff);
+            X[15] = (int)((ulong) bitLength >> 32);
+        }
+
+        private void UnpackWord(
+            int     word,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            outBytes[outOff]     = (byte)word;
+            outBytes[outOff + 1] = (byte)((uint) word >> 8);
+            outBytes[outOff + 2] = (byte)((uint) word >> 16);
+            outBytes[outOff + 3] = (byte)((uint) word >> 24);
+        }
+
+        public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            UnpackWord(H1, output, outOff);
+            UnpackWord(H2, output, outOff + 4);
+            UnpackWord(H3, output, outOff + 8);
+            UnpackWord(H4, output, outOff + 12);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables to the IV values.
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            H1 = unchecked((int) 0x67452301);
+            H2 = unchecked((int) 0xefcdab89);
+            H3 = unchecked((int) 0x98badcfe);
+            H4 = unchecked((int) 0x10325476);
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        //
+        // round 1 left rotates
+        //
+        private const int S11 = 3;
+        private const int S12 = 7;
+        private const int S13 = 11;
+        private const int S14 = 19;
+
+        //
+        // round 2 left rotates
+        //
+        private const int S21 = 3;
+        private const int S22 = 5;
+        private const int S23 = 9;
+        private const int S24 = 13;
+
+        //
+        // round 3 left rotates
+        //
+        private const int S31 = 3;
+        private const int S32 = 9;
+        private const int S33 = 11;
+        private const int S34 = 15;
+
+        /*
+        * rotate int x left n bits.
+        */
+        private int RotateLeft(
+            int x,
+            int n)
+        {
+            return (x << n) | (int) ((uint) x >> (32 - n));
+        }
+
+        /*
+        * F, G, H and I are the basic MD4 functions.
+        */
+        private int F(
+            int u,
+            int v,
+            int w)
+        {
+            return (u & v) | (~u & w);
+        }
+
+        private int G(
+            int u,
+            int v,
+            int w)
+        {
+            return (u & v) | (u & w) | (v & w);
+        }
+
+        private int H(
+            int u,
+            int v,
+            int w)
+        {
+            return u ^ v ^ w;
+        }
+
+        internal override void ProcessBlock()
+        {
+            int a = H1;
+            int b = H2;
+            int c = H3;
+            int d = H4;
+
+            //
+            // Round 1 - F cycle, 16 times.
+            //
+            a = RotateLeft((a + F(b, c, d) + X[ 0]), S11);
+            d = RotateLeft((d + F(a, b, c) + X[ 1]), S12);
+            c = RotateLeft((c + F(d, a, b) + X[ 2]), S13);
+            b = RotateLeft((b + F(c, d, a) + X[ 3]), S14);
+            a = RotateLeft((a + F(b, c, d) + X[ 4]), S11);
+            d = RotateLeft((d + F(a, b, c) + X[ 5]), S12);
+            c = RotateLeft((c + F(d, a, b) + X[ 6]), S13);
+            b = RotateLeft((b + F(c, d, a) + X[ 7]), S14);
+            a = RotateLeft((a + F(b, c, d) + X[ 8]), S11);
+            d = RotateLeft((d + F(a, b, c) + X[ 9]), S12);
+            c = RotateLeft((c + F(d, a, b) + X[10]), S13);
+            b = RotateLeft((b + F(c, d, a) + X[11]), S14);
+            a = RotateLeft((a + F(b, c, d) + X[12]), S11);
+            d = RotateLeft((d + F(a, b, c) + X[13]), S12);
+            c = RotateLeft((c + F(d, a, b) + X[14]), S13);
+            b = RotateLeft((b + F(c, d, a) + X[15]), S14);
+
+            //
+            // Round 2 - G cycle, 16 times.
+            //
+            a = RotateLeft((a + G(b, c, d) + X[ 0] + 0x5a827999), S21);
+            d = RotateLeft((d + G(a, b, c) + X[ 4] + 0x5a827999), S22);
+            c = RotateLeft((c + G(d, a, b) + X[ 8] + 0x5a827999), S23);
+            b = RotateLeft((b + G(c, d, a) + X[12] + 0x5a827999), S24);
+            a = RotateLeft((a + G(b, c, d) + X[ 1] + 0x5a827999), S21);
+            d = RotateLeft((d + G(a, b, c) + X[ 5] + 0x5a827999), S22);
+            c = RotateLeft((c + G(d, a, b) + X[ 9] + 0x5a827999), S23);
+            b = RotateLeft((b + G(c, d, a) + X[13] + 0x5a827999), S24);
+            a = RotateLeft((a + G(b, c, d) + X[ 2] + 0x5a827999), S21);
+            d = RotateLeft((d + G(a, b, c) + X[ 6] + 0x5a827999), S22);
+            c = RotateLeft((c + G(d, a, b) + X[10] + 0x5a827999), S23);
+            b = RotateLeft((b + G(c, d, a) + X[14] + 0x5a827999), S24);
+            a = RotateLeft((a + G(b, c, d) + X[ 3] + 0x5a827999), S21);
+            d = RotateLeft((d + G(a, b, c) + X[ 7] + 0x5a827999), S22);
+            c = RotateLeft((c + G(d, a, b) + X[11] + 0x5a827999), S23);
+            b = RotateLeft((b + G(c, d, a) + X[15] + 0x5a827999), S24);
+
+            //
+            // Round 3 - H cycle, 16 times.
+            //
+            a = RotateLeft((a + H(b, c, d) + X[ 0] + 0x6ed9eba1), S31);
+            d = RotateLeft((d + H(a, b, c) + X[ 8] + 0x6ed9eba1), S32);
+            c = RotateLeft((c + H(d, a, b) + X[ 4] + 0x6ed9eba1), S33);
+            b = RotateLeft((b + H(c, d, a) + X[12] + 0x6ed9eba1), S34);
+            a = RotateLeft((a + H(b, c, d) + X[ 2] + 0x6ed9eba1), S31);
+            d = RotateLeft((d + H(a, b, c) + X[10] + 0x6ed9eba1), S32);
+            c = RotateLeft((c + H(d, a, b) + X[ 6] + 0x6ed9eba1), S33);
+            b = RotateLeft((b + H(c, d, a) + X[14] + 0x6ed9eba1), S34);
+            a = RotateLeft((a + H(b, c, d) + X[ 1] + 0x6ed9eba1), S31);
+            d = RotateLeft((d + H(a, b, c) + X[ 9] + 0x6ed9eba1), S32);
+            c = RotateLeft((c + H(d, a, b) + X[ 5] + 0x6ed9eba1), S33);
+            b = RotateLeft((b + H(c, d, a) + X[13] + 0x6ed9eba1), S34);
+            a = RotateLeft((a + H(b, c, d) + X[ 3] + 0x6ed9eba1), S31);
+            d = RotateLeft((d + H(a, b, c) + X[11] + 0x6ed9eba1), S32);
+            c = RotateLeft((c + H(d, a, b) + X[ 7] + 0x6ed9eba1), S33);
+            b = RotateLeft((b + H(c, d, a) + X[15] + 0x6ed9eba1), S34);
+
+            H1 += a;
+            H2 += b;
+            H3 += c;
+            H4 += d;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+		public override IMemoable Copy()
+		{
+			return new MD4Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			MD4Digest d = (MD4Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/MD5Digest.cs b/bc-sharp-crypto/src/crypto/digests/MD5Digest.cs
new file mode 100644
index 0000000..c60ac92
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/MD5Digest.cs
@@ -0,0 +1,313 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * implementation of MD5 as outlined in "Handbook of Applied Cryptography", pages 346 - 347.
+    */
+    public class MD5Digest
+        : GeneralDigest
+    {
+        private const int DigestLength = 16;
+
+        private uint H1, H2, H3, H4;         // IV's
+
+        private uint[] X = new uint[16];
+        private int xOff;
+
+        public MD5Digest()
+        {
+            Reset();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public MD5Digest(MD5Digest t)
+            : base(t)
+		{
+			CopyIn(t);
+		}
+
+		private void CopyIn(MD5Digest t)
+		{
+			base.CopyIn(t);
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "MD5"; }
+        }
+
+        public override int GetDigestSize()
+        {
+            return DigestLength;
+        }
+
+        internal override void ProcessWord(
+            byte[] input,
+            int inOff)
+        {
+            X[xOff] = Pack.LE_To_UInt32(input, inOff);
+
+            if (++xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+                if (xOff == 15)
+                    X[15] = 0;
+
+                ProcessBlock();
+            }
+
+            for (int i = xOff; i < 14; ++i)
+            {
+                X[i] = 0;
+            }
+
+            X[14] = (uint)((ulong)bitLength);
+            X[15] = (uint)((ulong)bitLength >> 32);
+        }
+
+        public override int DoFinal(
+            byte[] output,
+            int outOff)
+        {
+            Finish();
+
+            Pack.UInt32_To_LE(H1, output, outOff);
+            Pack.UInt32_To_LE(H2, output, outOff + 4);
+            Pack.UInt32_To_LE(H3, output, outOff + 8);
+            Pack.UInt32_To_LE(H4, output, outOff + 12);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables to the IV values.
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            H1 = 0x67452301;
+            H2 = 0xefcdab89;
+            H3 = 0x98badcfe;
+            H4 = 0x10325476;
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        //
+        // round 1 left rotates
+        //
+        private static readonly int S11 = 7;
+        private static readonly int S12 = 12;
+        private static readonly int S13 = 17;
+        private static readonly int S14 = 22;
+
+        //
+        // round 2 left rotates
+        //
+        private static readonly int S21 = 5;
+        private static readonly int S22 = 9;
+        private static readonly int S23 = 14;
+        private static readonly int S24 = 20;
+
+        //
+        // round 3 left rotates
+        //
+        private static readonly int S31 = 4;
+        private static readonly int S32 = 11;
+        private static readonly int S33 = 16;
+        private static readonly int S34 = 23;
+
+        //
+        // round 4 left rotates
+        //
+        private static readonly int S41 = 6;
+        private static readonly int S42 = 10;
+        private static readonly int S43 = 15;
+        private static readonly int S44 = 21;
+
+        /*
+        * rotate int x left n bits.
+        */
+        private static uint RotateLeft(
+            uint x,
+            int n)
+        {
+            return (x << n) | (x >> (32 - n));
+        }
+
+        /*
+        * F, G, H and I are the basic MD5 functions.
+        */
+        private static uint F(
+            uint u,
+            uint v,
+            uint w)
+        {
+            return (u & v) | (~u & w);
+        }
+
+        private static uint G(
+            uint u,
+            uint v,
+            uint w)
+        {
+            return (u & w) | (v & ~w);
+        }
+
+        private static uint H(
+            uint u,
+            uint v,
+            uint w)
+        {
+            return u ^ v ^ w;
+        }
+
+        private static uint K(
+            uint u,
+            uint v,
+            uint w)
+        {
+            return v ^ (u | ~w);
+        }
+
+        internal override void ProcessBlock()
+        {
+            uint a = H1;
+            uint b = H2;
+            uint c = H3;
+            uint d = H4;
+
+            //
+            // Round 1 - F cycle, 16 times.
+            //
+            a = RotateLeft((a + F(b, c, d) + X[0] + 0xd76aa478), S11) + b;
+            d = RotateLeft((d + F(a, b, c) + X[1] + 0xe8c7b756), S12) + a;
+            c = RotateLeft((c + F(d, a, b) + X[2] + 0x242070db), S13) + d;
+            b = RotateLeft((b + F(c, d, a) + X[3] + 0xc1bdceee), S14) + c;
+            a = RotateLeft((a + F(b, c, d) + X[4] + 0xf57c0faf), S11) + b;
+            d = RotateLeft((d + F(a, b, c) + X[5] + 0x4787c62a), S12) + a;
+            c = RotateLeft((c + F(d, a, b) + X[6] + 0xa8304613), S13) + d;
+            b = RotateLeft((b + F(c, d, a) + X[7] + 0xfd469501), S14) + c;
+            a = RotateLeft((a + F(b, c, d) + X[8] + 0x698098d8), S11) + b;
+            d = RotateLeft((d + F(a, b, c) + X[9] + 0x8b44f7af), S12) + a;
+            c = RotateLeft((c + F(d, a, b) + X[10] + 0xffff5bb1), S13) + d;
+            b = RotateLeft((b + F(c, d, a) + X[11] + 0x895cd7be), S14) + c;
+            a = RotateLeft((a + F(b, c, d) + X[12] + 0x6b901122), S11) + b;
+            d = RotateLeft((d + F(a, b, c) + X[13] + 0xfd987193), S12) + a;
+            c = RotateLeft((c + F(d, a, b) + X[14] + 0xa679438e), S13) + d;
+            b = RotateLeft((b + F(c, d, a) + X[15] + 0x49b40821), S14) + c;
+
+            //
+            // Round 2 - G cycle, 16 times.
+            //
+            a = RotateLeft((a + G(b, c, d) + X[1] + 0xf61e2562), S21) + b;
+            d = RotateLeft((d + G(a, b, c) + X[6] + 0xc040b340), S22) + a;
+            c = RotateLeft((c + G(d, a, b) + X[11] + 0x265e5a51), S23) + d;
+            b = RotateLeft((b + G(c, d, a) + X[0] + 0xe9b6c7aa), S24) + c;
+            a = RotateLeft((a + G(b, c, d) + X[5] + 0xd62f105d), S21) + b;
+            d = RotateLeft((d + G(a, b, c) + X[10] + 0x02441453), S22) + a;
+            c = RotateLeft((c + G(d, a, b) + X[15] + 0xd8a1e681), S23) + d;
+            b = RotateLeft((b + G(c, d, a) + X[4] + 0xe7d3fbc8), S24) + c;
+            a = RotateLeft((a + G(b, c, d) + X[9] + 0x21e1cde6), S21) + b;
+            d = RotateLeft((d + G(a, b, c) + X[14] + 0xc33707d6), S22) + a;
+            c = RotateLeft((c + G(d, a, b) + X[3] + 0xf4d50d87), S23) + d;
+            b = RotateLeft((b + G(c, d, a) + X[8] + 0x455a14ed), S24) + c;
+            a = RotateLeft((a + G(b, c, d) + X[13] + 0xa9e3e905), S21) + b;
+            d = RotateLeft((d + G(a, b, c) + X[2] + 0xfcefa3f8), S22) + a;
+            c = RotateLeft((c + G(d, a, b) + X[7] + 0x676f02d9), S23) + d;
+            b = RotateLeft((b + G(c, d, a) + X[12] + 0x8d2a4c8a), S24) + c;
+
+            //
+            // Round 3 - H cycle, 16 times.
+            //
+            a = RotateLeft((a + H(b, c, d) + X[5] + 0xfffa3942), S31) + b;
+            d = RotateLeft((d + H(a, b, c) + X[8] + 0x8771f681), S32) + a;
+            c = RotateLeft((c + H(d, a, b) + X[11] + 0x6d9d6122), S33) + d;
+            b = RotateLeft((b + H(c, d, a) + X[14] + 0xfde5380c), S34) + c;
+            a = RotateLeft((a + H(b, c, d) + X[1] + 0xa4beea44), S31) + b;
+            d = RotateLeft((d + H(a, b, c) + X[4] + 0x4bdecfa9), S32) + a;
+            c = RotateLeft((c + H(d, a, b) + X[7] + 0xf6bb4b60), S33) + d;
+            b = RotateLeft((b + H(c, d, a) + X[10] + 0xbebfbc70), S34) + c;
+            a = RotateLeft((a + H(b, c, d) + X[13] + 0x289b7ec6), S31) + b;
+            d = RotateLeft((d + H(a, b, c) + X[0] + 0xeaa127fa), S32) + a;
+            c = RotateLeft((c + H(d, a, b) + X[3] + 0xd4ef3085), S33) + d;
+            b = RotateLeft((b + H(c, d, a) + X[6] + 0x04881d05), S34) + c;
+            a = RotateLeft((a + H(b, c, d) + X[9] + 0xd9d4d039), S31) + b;
+            d = RotateLeft((d + H(a, b, c) + X[12] + 0xe6db99e5), S32) + a;
+            c = RotateLeft((c + H(d, a, b) + X[15] + 0x1fa27cf8), S33) + d;
+            b = RotateLeft((b + H(c, d, a) + X[2] + 0xc4ac5665), S34) + c;
+
+            //
+            // Round 4 - K cycle, 16 times.
+            //
+            a = RotateLeft((a + K(b, c, d) + X[0] + 0xf4292244), S41) + b;
+            d = RotateLeft((d + K(a, b, c) + X[7] + 0x432aff97), S42) + a;
+            c = RotateLeft((c + K(d, a, b) + X[14] + 0xab9423a7), S43) + d;
+            b = RotateLeft((b + K(c, d, a) + X[5] + 0xfc93a039), S44) + c;
+            a = RotateLeft((a + K(b, c, d) + X[12] + 0x655b59c3), S41) + b;
+            d = RotateLeft((d + K(a, b, c) + X[3] + 0x8f0ccc92), S42) + a;
+            c = RotateLeft((c + K(d, a, b) + X[10] + 0xffeff47d), S43) + d;
+            b = RotateLeft((b + K(c, d, a) + X[1] + 0x85845dd1), S44) + c;
+            a = RotateLeft((a + K(b, c, d) + X[8] + 0x6fa87e4f), S41) + b;
+            d = RotateLeft((d + K(a, b, c) + X[15] + 0xfe2ce6e0), S42) + a;
+            c = RotateLeft((c + K(d, a, b) + X[6] + 0xa3014314), S43) + d;
+            b = RotateLeft((b + K(c, d, a) + X[13] + 0x4e0811a1), S44) + c;
+            a = RotateLeft((a + K(b, c, d) + X[4] + 0xf7537e82), S41) + b;
+            d = RotateLeft((d + K(a, b, c) + X[11] + 0xbd3af235), S42) + a;
+            c = RotateLeft((c + K(d, a, b) + X[2] + 0x2ad7d2bb), S43) + d;
+            b = RotateLeft((b + K(c, d, a) + X[9] + 0xeb86d391), S44) + c;
+
+            H1 += a;
+            H2 += b;
+            H3 += c;
+            H4 += d;
+
+            xOff = 0;
+        }
+
+		public override IMemoable Copy()
+		{
+			return new MD5Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			MD5Digest d = (MD5Digest)other;
+
+			CopyIn(d);
+		}
+
+	}
+
+}
+
diff --git a/bc-sharp-crypto/src/crypto/digests/NonMemoableDigest.cs b/bc-sharp-crypto/src/crypto/digests/NonMemoableDigest.cs
new file mode 100644
index 0000000..02c49b8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/NonMemoableDigest.cs
@@ -0,0 +1,62 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+     * Wrapper removes exposure to the IMemoable interface on an IDigest implementation.
+     */
+    public class NonMemoableDigest
+        :   IDigest
+    {
+        protected readonly IDigest mBaseDigest;
+
+        /**
+         * Base constructor.
+         *
+         * @param baseDigest underlying digest to use.
+         * @exception IllegalArgumentException if baseDigest is null
+         */
+        public NonMemoableDigest(IDigest baseDigest)
+        {
+            if (baseDigest == null)
+                throw new ArgumentNullException("baseDigest");
+
+            this.mBaseDigest = baseDigest;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return mBaseDigest.AlgorithmName; }
+        }
+
+        public virtual int GetDigestSize()
+        {
+            return mBaseDigest.GetDigestSize();
+        }
+
+        public virtual void Update(byte input)
+        {
+            mBaseDigest.Update(input);
+        }
+
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            mBaseDigest.BlockUpdate(input, inOff, len);
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            return mBaseDigest.DoFinal(output, outOff);
+        }
+
+        public virtual void Reset()
+        {
+            mBaseDigest.Reset();
+        }
+
+        public virtual int GetByteLength()
+        {
+            return mBaseDigest.GetByteLength();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/NullDigest.cs b/bc-sharp-crypto/src/crypto/digests/NullDigest.cs
new file mode 100644
index 0000000..e598cb1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/NullDigest.cs
@@ -0,0 +1,49 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+	public class NullDigest : IDigest
+	{
+		private readonly MemoryStream bOut = new MemoryStream();
+
+		public string AlgorithmName
+		{
+			get { return "NULL"; }
+		}
+
+		public int GetByteLength()
+		{
+			// TODO Is this okay?
+			return 0;
+		}
+
+		public int GetDigestSize()
+		{
+			return (int) bOut.Length;
+		}
+
+		public void Update(byte b)
+		{
+			bOut.WriteByte(b);
+		}
+
+		public void BlockUpdate(byte[] inBytes, int inOff, int len)
+		{
+			bOut.Write(inBytes, inOff, len);
+		}
+
+		public int DoFinal(byte[] outBytes, int outOff)
+		{
+			byte[] res = bOut.ToArray();
+			res.CopyTo(outBytes, outOff);
+			Reset();
+			return res.Length;
+		}
+
+		public void Reset()
+		{
+			bOut.SetLength(0);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/RipeMD128Digest.cs b/bc-sharp-crypto/src/crypto/digests/RipeMD128Digest.cs
new file mode 100644
index 0000000..e8a0331
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/RipeMD128Digest.cs
@@ -0,0 +1,484 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * implementation of RipeMD128
+    */
+    public class RipeMD128Digest
+		: GeneralDigest
+    {
+        private const int DigestLength = 16;
+
+        private int H0, H1, H2, H3; // IV's
+
+        private int[] X = new int[16];
+        private int xOff;
+
+        /**
+        * Standard constructor
+        */
+        public RipeMD128Digest()
+        {
+            Reset();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public RipeMD128Digest(RipeMD128Digest t) : base(t)
+		{
+			CopyIn(t);
+		}
+
+		private void CopyIn(RipeMD128Digest t)
+		{
+			base.CopyIn(t);
+
+			H0 = t.H0;
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+		public override string AlgorithmName
+		{
+			get { return "RIPEMD128"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		internal override void ProcessWord(
+            byte[] input,
+            int inOff)
+        {
+            X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8)
+                | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24);
+
+            if (xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+            ProcessBlock();
+            }
+
+            X[14] = (int)(bitLength & 0xffffffff);
+            X[15] = (int)((ulong) bitLength >> 32);
+        }
+
+        private void UnpackWord(
+            int word,
+            byte[] outBytes,
+            int outOff)
+        {
+            outBytes[outOff]     = (byte)word;
+            outBytes[outOff + 1] = (byte)((uint) word >> 8);
+            outBytes[outOff + 2] = (byte)((uint) word >> 16);
+            outBytes[outOff + 3] = (byte)((uint) word >> 24);
+        }
+
+        public override int DoFinal(
+            byte[] output,
+            int outOff)
+        {
+            Finish();
+
+            UnpackWord(H0, output, outOff);
+            UnpackWord(H1, output, outOff + 4);
+            UnpackWord(H2, output, outOff + 8);
+            UnpackWord(H3, output, outOff + 12);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables to the IV values.
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            H0 = unchecked((int) 0x67452301);
+            H1 = unchecked((int) 0xefcdab89);
+            H2 = unchecked((int) 0x98badcfe);
+            H3 = unchecked((int) 0x10325476);
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        /*
+        * rotate int x left n bits.
+        */
+        private int RL(
+            int x,
+            int n)
+        {
+            return (x << n) | (int) ((uint) x >> (32 - n));
+        }
+
+        /*
+        * f1,f2,f3,f4 are the basic RipeMD128 functions.
+        */
+
+        /*
+        * F
+        */
+        private int F1(
+            int x,
+            int y,
+            int z)
+        {
+            return x ^ y ^ z;
+        }
+
+        /*
+        * G
+        */
+        private int F2(
+            int x,
+            int y,
+            int z)
+        {
+            return (x & y) | (~x & z);
+        }
+
+        /*
+        * H
+        */
+        private int F3(
+            int x,
+            int y,
+            int z)
+        {
+            return (x | ~y) ^ z;
+        }
+
+        /*
+        * I
+        */
+        private int F4(
+            int x,
+            int y,
+            int z)
+        {
+            return (x & z) | (y & ~z);
+        }
+
+        private int F1(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+            return RL(a + F1(b, c, d) + x, s);
+        }
+
+        private int F2(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+            return RL(a + F2(b, c, d) + x + unchecked((int) 0x5a827999), s);
+        }
+
+        private int F3(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+            return RL(a + F3(b, c, d) + x + unchecked((int) 0x6ed9eba1), s);
+        }
+
+        private int F4(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+            return RL(a + F4(b, c, d) + x + unchecked((int) 0x8f1bbcdc), s);
+        }
+
+        private int FF1(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+            return RL(a + F1(b, c, d) + x, s);
+        }
+
+        private int FF2(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+        return RL(a + F2(b, c, d) + x + unchecked((int) 0x6d703ef3), s);
+        }
+
+        private int FF3(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+        return RL(a + F3(b, c, d) + x + unchecked((int) 0x5c4dd124), s);
+        }
+
+        private int FF4(
+            int a,
+            int b,
+            int c,
+            int d,
+            int x,
+            int s)
+        {
+        return RL(a + F4(b, c, d) + x + unchecked((int) 0x50a28be6), s);
+        }
+
+        internal override void ProcessBlock()
+        {
+            int a, aa;
+            int b, bb;
+            int c, cc;
+            int d, dd;
+
+            a = aa = H0;
+            b = bb = H1;
+            c = cc = H2;
+            d = dd = H3;
+
+            //
+            // Round 1
+            //
+            a = F1(a, b, c, d, X[ 0], 11);
+            d = F1(d, a, b, c, X[ 1], 14);
+            c = F1(c, d, a, b, X[ 2], 15);
+            b = F1(b, c, d, a, X[ 3], 12);
+            a = F1(a, b, c, d, X[ 4],  5);
+            d = F1(d, a, b, c, X[ 5],  8);
+            c = F1(c, d, a, b, X[ 6],  7);
+            b = F1(b, c, d, a, X[ 7],  9);
+            a = F1(a, b, c, d, X[ 8], 11);
+            d = F1(d, a, b, c, X[ 9], 13);
+            c = F1(c, d, a, b, X[10], 14);
+            b = F1(b, c, d, a, X[11], 15);
+            a = F1(a, b, c, d, X[12],  6);
+            d = F1(d, a, b, c, X[13],  7);
+            c = F1(c, d, a, b, X[14],  9);
+            b = F1(b, c, d, a, X[15],  8);
+
+            //
+            // Round 2
+            //
+            a = F2(a, b, c, d, X[ 7],  7);
+            d = F2(d, a, b, c, X[ 4],  6);
+            c = F2(c, d, a, b, X[13],  8);
+            b = F2(b, c, d, a, X[ 1], 13);
+            a = F2(a, b, c, d, X[10], 11);
+            d = F2(d, a, b, c, X[ 6],  9);
+            c = F2(c, d, a, b, X[15],  7);
+            b = F2(b, c, d, a, X[ 3], 15);
+            a = F2(a, b, c, d, X[12],  7);
+            d = F2(d, a, b, c, X[ 0], 12);
+            c = F2(c, d, a, b, X[ 9], 15);
+            b = F2(b, c, d, a, X[ 5],  9);
+            a = F2(a, b, c, d, X[ 2], 11);
+            d = F2(d, a, b, c, X[14],  7);
+            c = F2(c, d, a, b, X[11], 13);
+            b = F2(b, c, d, a, X[ 8], 12);
+
+            //
+            // Round 3
+            //
+            a = F3(a, b, c, d, X[ 3], 11);
+            d = F3(d, a, b, c, X[10], 13);
+            c = F3(c, d, a, b, X[14],  6);
+            b = F3(b, c, d, a, X[ 4],  7);
+            a = F3(a, b, c, d, X[ 9], 14);
+            d = F3(d, a, b, c, X[15],  9);
+            c = F3(c, d, a, b, X[ 8], 13);
+            b = F3(b, c, d, a, X[ 1], 15);
+            a = F3(a, b, c, d, X[ 2], 14);
+            d = F3(d, a, b, c, X[ 7],  8);
+            c = F3(c, d, a, b, X[ 0], 13);
+            b = F3(b, c, d, a, X[ 6],  6);
+            a = F3(a, b, c, d, X[13],  5);
+            d = F3(d, a, b, c, X[11], 12);
+            c = F3(c, d, a, b, X[ 5],  7);
+            b = F3(b, c, d, a, X[12],  5);
+
+            //
+            // Round 4
+            //
+            a = F4(a, b, c, d, X[ 1], 11);
+            d = F4(d, a, b, c, X[ 9], 12);
+            c = F4(c, d, a, b, X[11], 14);
+            b = F4(b, c, d, a, X[10], 15);
+            a = F4(a, b, c, d, X[ 0], 14);
+            d = F4(d, a, b, c, X[ 8], 15);
+            c = F4(c, d, a, b, X[12],  9);
+            b = F4(b, c, d, a, X[ 4],  8);
+            a = F4(a, b, c, d, X[13],  9);
+            d = F4(d, a, b, c, X[ 3], 14);
+            c = F4(c, d, a, b, X[ 7],  5);
+            b = F4(b, c, d, a, X[15],  6);
+            a = F4(a, b, c, d, X[14],  8);
+            d = F4(d, a, b, c, X[ 5],  6);
+            c = F4(c, d, a, b, X[ 6],  5);
+            b = F4(b, c, d, a, X[ 2], 12);
+
+            //
+            // Parallel round 1
+            //
+            aa = FF4(aa, bb, cc, dd, X[ 5],  8);
+            dd = FF4(dd, aa, bb, cc, X[14],  9);
+            cc = FF4(cc, dd, aa, bb, X[ 7],  9);
+            bb = FF4(bb, cc, dd, aa, X[ 0], 11);
+            aa = FF4(aa, bb, cc, dd, X[ 9], 13);
+            dd = FF4(dd, aa, bb, cc, X[ 2], 15);
+            cc = FF4(cc, dd, aa, bb, X[11], 15);
+            bb = FF4(bb, cc, dd, aa, X[ 4],  5);
+            aa = FF4(aa, bb, cc, dd, X[13],  7);
+            dd = FF4(dd, aa, bb, cc, X[ 6],  7);
+            cc = FF4(cc, dd, aa, bb, X[15],  8);
+            bb = FF4(bb, cc, dd, aa, X[ 8], 11);
+            aa = FF4(aa, bb, cc, dd, X[ 1], 14);
+            dd = FF4(dd, aa, bb, cc, X[10], 14);
+            cc = FF4(cc, dd, aa, bb, X[ 3], 12);
+            bb = FF4(bb, cc, dd, aa, X[12],  6);
+
+            //
+            // Parallel round 2
+            //
+            aa = FF3(aa, bb, cc, dd, X[ 6],  9);
+            dd = FF3(dd, aa, bb, cc, X[11], 13);
+            cc = FF3(cc, dd, aa, bb, X[ 3], 15);
+            bb = FF3(bb, cc, dd, aa, X[ 7],  7);
+            aa = FF3(aa, bb, cc, dd, X[ 0], 12);
+            dd = FF3(dd, aa, bb, cc, X[13],  8);
+            cc = FF3(cc, dd, aa, bb, X[ 5],  9);
+            bb = FF3(bb, cc, dd, aa, X[10], 11);
+            aa = FF3(aa, bb, cc, dd, X[14],  7);
+            dd = FF3(dd, aa, bb, cc, X[15],  7);
+            cc = FF3(cc, dd, aa, bb, X[ 8], 12);
+            bb = FF3(bb, cc, dd, aa, X[12],  7);
+            aa = FF3(aa, bb, cc, dd, X[ 4],  6);
+            dd = FF3(dd, aa, bb, cc, X[ 9], 15);
+            cc = FF3(cc, dd, aa, bb, X[ 1], 13);
+            bb = FF3(bb, cc, dd, aa, X[ 2], 11);
+
+            //
+            // Parallel round 3
+            //
+            aa = FF2(aa, bb, cc, dd, X[15],  9);
+            dd = FF2(dd, aa, bb, cc, X[ 5],  7);
+            cc = FF2(cc, dd, aa, bb, X[ 1], 15);
+            bb = FF2(bb, cc, dd, aa, X[ 3], 11);
+            aa = FF2(aa, bb, cc, dd, X[ 7],  8);
+            dd = FF2(dd, aa, bb, cc, X[14],  6);
+            cc = FF2(cc, dd, aa, bb, X[ 6],  6);
+            bb = FF2(bb, cc, dd, aa, X[ 9], 14);
+            aa = FF2(aa, bb, cc, dd, X[11], 12);
+            dd = FF2(dd, aa, bb, cc, X[ 8], 13);
+            cc = FF2(cc, dd, aa, bb, X[12],  5);
+            bb = FF2(bb, cc, dd, aa, X[ 2], 14);
+            aa = FF2(aa, bb, cc, dd, X[10], 13);
+            dd = FF2(dd, aa, bb, cc, X[ 0], 13);
+            cc = FF2(cc, dd, aa, bb, X[ 4],  7);
+            bb = FF2(bb, cc, dd, aa, X[13],  5);
+
+            //
+            // Parallel round 4
+            //
+            aa = FF1(aa, bb, cc, dd, X[ 8], 15);
+            dd = FF1(dd, aa, bb, cc, X[ 6],  5);
+            cc = FF1(cc, dd, aa, bb, X[ 4],  8);
+            bb = FF1(bb, cc, dd, aa, X[ 1], 11);
+            aa = FF1(aa, bb, cc, dd, X[ 3], 14);
+            dd = FF1(dd, aa, bb, cc, X[11], 14);
+            cc = FF1(cc, dd, aa, bb, X[15],  6);
+            bb = FF1(bb, cc, dd, aa, X[ 0], 14);
+            aa = FF1(aa, bb, cc, dd, X[ 5],  6);
+            dd = FF1(dd, aa, bb, cc, X[12],  9);
+            cc = FF1(cc, dd, aa, bb, X[ 2], 12);
+            bb = FF1(bb, cc, dd, aa, X[13],  9);
+            aa = FF1(aa, bb, cc, dd, X[ 9], 12);
+            dd = FF1(dd, aa, bb, cc, X[ 7],  5);
+            cc = FF1(cc, dd, aa, bb, X[10], 15);
+            bb = FF1(bb, cc, dd, aa, X[14],  8);
+
+            dd += c + H1;               // final result for H0
+
+            //
+            // combine the results
+            //
+            H1 = H2 + d + aa;
+            H2 = H3 + a + bb;
+            H3 = H0 + b + cc;
+            H0 = dd;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new RipeMD128Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			RipeMD128Digest d = (RipeMD128Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/RipeMD160Digest.cs b/bc-sharp-crypto/src/crypto/digests/RipeMD160Digest.cs
new file mode 100644
index 0000000..af4aa44
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/RipeMD160Digest.cs
@@ -0,0 +1,445 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * implementation of RipeMD see,
+    * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
+    */
+    public class RipeMD160Digest
+		: GeneralDigest
+    {
+        private const int DigestLength = 20;
+
+        private int H0, H1, H2, H3, H4; // IV's
+
+        private int[] X = new int[16];
+        private int xOff;
+
+        /**
+        * Standard constructor
+        */
+        public RipeMD160Digest()
+        {
+            Reset();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public RipeMD160Digest(RipeMD160Digest t) : base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(RipeMD160Digest t)
+		{
+			base.CopyIn(t);
+
+            H0 = t.H0;
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        public override string AlgorithmName
+		{
+			get { return "RIPEMD160"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		internal override void ProcessWord(
+            byte[] input,
+            int inOff)
+        {
+            X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8)
+                | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24);
+
+            if (xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+		internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+            ProcessBlock();
+            }
+
+            X[14] = (int)(bitLength & 0xffffffff);
+            X[15] = (int)((ulong) bitLength >> 32);
+        }
+
+        private void UnpackWord(
+            int word,
+            byte[] outBytes,
+            int outOff)
+        {
+            outBytes[outOff]     = (byte)word;
+            outBytes[outOff + 1] = (byte)((uint) word >> 8);
+            outBytes[outOff + 2] = (byte)((uint) word >> 16);
+            outBytes[outOff + 3] = (byte)((uint) word >> 24);
+        }
+
+        public override int DoFinal(
+            byte[] output,
+            int outOff)
+        {
+            Finish();
+
+            UnpackWord(H0, output, outOff);
+            UnpackWord(H1, output, outOff + 4);
+            UnpackWord(H2, output, outOff + 8);
+            UnpackWord(H3, output, outOff + 12);
+            UnpackWord(H4, output, outOff + 16);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables to the IV values.
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            H0 = unchecked((int) 0x67452301);
+            H1 = unchecked((int) 0xefcdab89);
+            H2 = unchecked((int) 0x98badcfe);
+            H3 = unchecked((int) 0x10325476);
+            H4 = unchecked((int) 0xc3d2e1f0);
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        /*
+        * rotate int x left n bits.
+        */
+        private  int RL(
+            int x,
+            int n)
+        {
+            return (x << n) | (int) ((uint) x >> (32 - n));
+        }
+
+        /*
+        * f1,f2,f3,f4,f5 are the basic RipeMD160 functions.
+        */
+
+        /*
+        * rounds 0-15
+        */
+        private  int F1(
+            int x,
+            int y,
+            int z)
+        {
+            return x ^ y ^ z;
+        }
+
+        /*
+        * rounds 16-31
+        */
+        private  int F2(
+            int x,
+            int y,
+            int z)
+        {
+            return (x & y) | (~x & z);
+        }
+
+        /*
+        * rounds 32-47
+        */
+        private  int F3(
+            int x,
+            int y,
+            int z)
+        {
+            return (x | ~y) ^ z;
+        }
+
+        /*
+        * rounds 48-63
+        */
+        private  int F4(
+            int x,
+            int y,
+            int z)
+        {
+            return (x & z) | (y & ~z);
+        }
+
+        /*
+        * rounds 64-79
+        */
+        private  int F5(
+            int x,
+            int y,
+            int z)
+        {
+            return x ^ (y | ~z);
+        }
+
+        internal override void ProcessBlock()
+        {
+            int a, aa;
+            int b, bb;
+            int c, cc;
+            int d, dd;
+            int e, ee;
+
+            a = aa = H0;
+            b = bb = H1;
+            c = cc = H2;
+            d = dd = H3;
+            e = ee = H4;
+
+            //
+            // Rounds 1 - 16
+            //
+            // left
+            a = RL(a + F1(b,c,d) + X[ 0], 11) + e; c = RL(c, 10);
+            e = RL(e + F1(a,b,c) + X[ 1], 14) + d; b = RL(b, 10);
+            d = RL(d + F1(e,a,b) + X[ 2], 15) + c; a = RL(a, 10);
+            c = RL(c + F1(d,e,a) + X[ 3], 12) + b; e = RL(e, 10);
+            b = RL(b + F1(c,d,e) + X[ 4],  5) + a; d = RL(d, 10);
+            a = RL(a + F1(b,c,d) + X[ 5],  8) + e; c = RL(c, 10);
+            e = RL(e + F1(a,b,c) + X[ 6],  7) + d; b = RL(b, 10);
+            d = RL(d + F1(e,a,b) + X[ 7],  9) + c; a = RL(a, 10);
+            c = RL(c + F1(d,e,a) + X[ 8], 11) + b; e = RL(e, 10);
+            b = RL(b + F1(c,d,e) + X[ 9], 13) + a; d = RL(d, 10);
+            a = RL(a + F1(b,c,d) + X[10], 14) + e; c = RL(c, 10);
+            e = RL(e + F1(a,b,c) + X[11], 15) + d; b = RL(b, 10);
+            d = RL(d + F1(e,a,b) + X[12],  6) + c; a = RL(a, 10);
+            c = RL(c + F1(d,e,a) + X[13],  7) + b; e = RL(e, 10);
+            b = RL(b + F1(c,d,e) + X[14],  9) + a; d = RL(d, 10);
+            a = RL(a + F1(b,c,d) + X[15],  8) + e; c = RL(c, 10);
+
+            // right
+            aa = RL(aa + F5(bb,cc,dd) + X[ 5] + unchecked((int) 0x50a28be6),  8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa,bb,cc) + X[14] + unchecked((int) 0x50a28be6),  9) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee,aa,bb) + X[ 7] + unchecked((int) 0x50a28be6),  9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd,ee,aa) + X[ 0] + unchecked((int) 0x50a28be6), 11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc,dd,ee) + X[ 9] + unchecked((int) 0x50a28be6), 13) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb,cc,dd) + X[ 2] + unchecked((int) 0x50a28be6), 15) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa,bb,cc) + X[11] + unchecked((int) 0x50a28be6), 15) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee,aa,bb) + X[ 4] + unchecked((int) 0x50a28be6),  5) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd,ee,aa) + X[13] + unchecked((int) 0x50a28be6),  7) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc,dd,ee) + X[ 6] + unchecked((int) 0x50a28be6),  7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb,cc,dd) + X[15] + unchecked((int) 0x50a28be6),  8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa,bb,cc) + X[ 8] + unchecked((int) 0x50a28be6), 11) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee,aa,bb) + X[ 1] + unchecked((int) 0x50a28be6), 14) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd,ee,aa) + X[10] + unchecked((int) 0x50a28be6), 14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc,dd,ee) + X[ 3] + unchecked((int) 0x50a28be6), 12) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb,cc,dd) + X[12] + unchecked((int) 0x50a28be6),  6) + ee; cc = RL(cc, 10);
+
+            //
+            // Rounds 16-31
+            //
+            // left
+            e = RL(e + F2(a,b,c) + X[ 7] + unchecked((int) 0x5a827999),   7) + d; b = RL(b, 10);
+            d = RL(d + F2(e,a,b) + X[ 4] + unchecked((int) 0x5a827999),   6) + c; a = RL(a, 10);
+            c = RL(c + F2(d,e,a) + X[13] + unchecked((int) 0x5a827999),   8) + b; e = RL(e, 10);
+            b = RL(b + F2(c,d,e) + X[ 1] + unchecked((int) 0x5a827999),  13) + a; d = RL(d, 10);
+            a = RL(a + F2(b,c,d) + X[10] + unchecked((int) 0x5a827999),  11) + e; c = RL(c, 10);
+            e = RL(e + F2(a,b,c) + X[ 6] + unchecked((int) 0x5a827999),   9) + d; b = RL(b, 10);
+            d = RL(d + F2(e,a,b) + X[15] + unchecked((int) 0x5a827999),   7) + c; a = RL(a, 10);
+            c = RL(c + F2(d,e,a) + X[ 3] + unchecked((int) 0x5a827999),  15) + b; e = RL(e, 10);
+            b = RL(b + F2(c,d,e) + X[12] + unchecked((int) 0x5a827999),   7) + a; d = RL(d, 10);
+            a = RL(a + F2(b,c,d) + X[ 0] + unchecked((int) 0x5a827999),  12) + e; c = RL(c, 10);
+            e = RL(e + F2(a,b,c) + X[ 9] + unchecked((int) 0x5a827999),  15) + d; b = RL(b, 10);
+            d = RL(d + F2(e,a,b) + X[ 5] + unchecked((int) 0x5a827999),   9) + c; a = RL(a, 10);
+            c = RL(c + F2(d,e,a) + X[ 2] + unchecked((int) 0x5a827999),  11) + b; e = RL(e, 10);
+            b = RL(b + F2(c,d,e) + X[14] + unchecked((int) 0x5a827999),   7) + a; d = RL(d, 10);
+            a = RL(a + F2(b,c,d) + X[11] + unchecked((int) 0x5a827999),  13) + e; c = RL(c, 10);
+            e = RL(e + F2(a,b,c) + X[ 8] + unchecked((int) 0x5a827999),  12) + d; b = RL(b, 10);
+
+            // right
+            ee = RL(ee + F4(aa,bb,cc) + X[ 6] + unchecked((int) 0x5c4dd124),   9) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee,aa,bb) + X[11] + unchecked((int) 0x5c4dd124),  13) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd,ee,aa) + X[ 3] + unchecked((int) 0x5c4dd124),  15) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc,dd,ee) + X[ 7] + unchecked((int) 0x5c4dd124),   7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb,cc,dd) + X[ 0] + unchecked((int) 0x5c4dd124),  12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa,bb,cc) + X[13] + unchecked((int) 0x5c4dd124),   8) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee,aa,bb) + X[ 5] + unchecked((int) 0x5c4dd124),   9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd,ee,aa) + X[10] + unchecked((int) 0x5c4dd124),  11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc,dd,ee) + X[14] + unchecked((int) 0x5c4dd124),   7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb,cc,dd) + X[15] + unchecked((int) 0x5c4dd124),   7) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa,bb,cc) + X[ 8] + unchecked((int) 0x5c4dd124),  12) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee,aa,bb) + X[12] + unchecked((int) 0x5c4dd124),   7) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd,ee,aa) + X[ 4] + unchecked((int) 0x5c4dd124),   6) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc,dd,ee) + X[ 9] + unchecked((int) 0x5c4dd124),  15) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb,cc,dd) + X[ 1] + unchecked((int) 0x5c4dd124),  13) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa,bb,cc) + X[ 2] + unchecked((int) 0x5c4dd124),  11) + dd; bb = RL(bb, 10);
+
+            //
+            // Rounds 32-47
+            //
+            // left
+            d = RL(d + F3(e,a,b) + X[ 3] + unchecked((int) 0x6ed9eba1),  11) + c; a = RL(a, 10);
+            c = RL(c + F3(d,e,a) + X[10] + unchecked((int) 0x6ed9eba1),  13) + b; e = RL(e, 10);
+            b = RL(b + F3(c,d,e) + X[14] + unchecked((int) 0x6ed9eba1),   6) + a; d = RL(d, 10);
+            a = RL(a + F3(b,c,d) + X[ 4] + unchecked((int) 0x6ed9eba1),   7) + e; c = RL(c, 10);
+            e = RL(e + F3(a,b,c) + X[ 9] + unchecked((int) 0x6ed9eba1),  14) + d; b = RL(b, 10);
+            d = RL(d + F3(e,a,b) + X[15] + unchecked((int) 0x6ed9eba1),   9) + c; a = RL(a, 10);
+            c = RL(c + F3(d,e,a) + X[ 8] + unchecked((int) 0x6ed9eba1),  13) + b; e = RL(e, 10);
+            b = RL(b + F3(c,d,e) + X[ 1] + unchecked((int) 0x6ed9eba1),  15) + a; d = RL(d, 10);
+            a = RL(a + F3(b,c,d) + X[ 2] + unchecked((int) 0x6ed9eba1),  14) + e; c = RL(c, 10);
+            e = RL(e + F3(a,b,c) + X[ 7] + unchecked((int) 0x6ed9eba1),   8) + d; b = RL(b, 10);
+            d = RL(d + F3(e,a,b) + X[ 0] + unchecked((int) 0x6ed9eba1),  13) + c; a = RL(a, 10);
+            c = RL(c + F3(d,e,a) + X[ 6] + unchecked((int) 0x6ed9eba1),   6) + b; e = RL(e, 10);
+            b = RL(b + F3(c,d,e) + X[13] + unchecked((int) 0x6ed9eba1),   5) + a; d = RL(d, 10);
+            a = RL(a + F3(b,c,d) + X[11] + unchecked((int) 0x6ed9eba1),  12) + e; c = RL(c, 10);
+            e = RL(e + F3(a,b,c) + X[ 5] + unchecked((int) 0x6ed9eba1),   7) + d; b = RL(b, 10);
+            d = RL(d + F3(e,a,b) + X[12] + unchecked((int) 0x6ed9eba1),   5) + c; a = RL(a, 10);
+
+            // right
+            dd = RL(dd + F3(ee,aa,bb) + X[15] + unchecked((int) 0x6d703ef3),   9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd,ee,aa) + X[ 5] + unchecked((int) 0x6d703ef3),   7) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc,dd,ee) + X[ 1] + unchecked((int) 0x6d703ef3),  15) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb,cc,dd) + X[ 3] + unchecked((int) 0x6d703ef3),  11) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa,bb,cc) + X[ 7] + unchecked((int) 0x6d703ef3),   8) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee,aa,bb) + X[14] + unchecked((int) 0x6d703ef3),   6) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd,ee,aa) + X[ 6] + unchecked((int) 0x6d703ef3),   6) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc,dd,ee) + X[ 9] + unchecked((int) 0x6d703ef3),  14) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb,cc,dd) + X[11] + unchecked((int) 0x6d703ef3),  12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa,bb,cc) + X[ 8] + unchecked((int) 0x6d703ef3),  13) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee,aa,bb) + X[12] + unchecked((int) 0x6d703ef3),   5) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd,ee,aa) + X[ 2] + unchecked((int) 0x6d703ef3),  14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc,dd,ee) + X[10] + unchecked((int) 0x6d703ef3),  13) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb,cc,dd) + X[ 0] + unchecked((int) 0x6d703ef3),  13) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa,bb,cc) + X[ 4] + unchecked((int) 0x6d703ef3),   7) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee,aa,bb) + X[13] + unchecked((int) 0x6d703ef3),   5) + cc; aa = RL(aa, 10);
+
+            //
+            // Rounds 48-63
+            //
+            // left
+            c = RL(c + F4(d,e,a) + X[ 1] + unchecked((int) 0x8f1bbcdc),  11) + b; e = RL(e, 10);
+            b = RL(b + F4(c,d,e) + X[ 9] + unchecked((int) 0x8f1bbcdc),  12) + a; d = RL(d, 10);
+            a = RL(a + F4(b,c,d) + X[11] + unchecked((int) 0x8f1bbcdc), 14) + e; c = RL(c, 10);
+            e = RL(e + F4(a,b,c) + X[10] + unchecked((int) 0x8f1bbcdc), 15) + d; b = RL(b, 10);
+            d = RL(d + F4(e,a,b) + X[ 0] + unchecked((int) 0x8f1bbcdc), 14) + c; a = RL(a, 10);
+            c = RL(c + F4(d,e,a) + X[ 8] + unchecked((int) 0x8f1bbcdc), 15) + b; e = RL(e, 10);
+            b = RL(b + F4(c,d,e) + X[12] + unchecked((int) 0x8f1bbcdc),  9) + a; d = RL(d, 10);
+            a = RL(a + F4(b,c,d) + X[ 4] + unchecked((int) 0x8f1bbcdc),  8) + e; c = RL(c, 10);
+            e = RL(e + F4(a,b,c) + X[13] + unchecked((int) 0x8f1bbcdc),  9) + d; b = RL(b, 10);
+            d = RL(d + F4(e,a,b) + X[ 3] + unchecked((int) 0x8f1bbcdc), 14) + c; a = RL(a, 10);
+            c = RL(c + F4(d,e,a) + X[ 7] + unchecked((int) 0x8f1bbcdc),  5) + b; e = RL(e, 10);
+            b = RL(b + F4(c,d,e) + X[15] + unchecked((int) 0x8f1bbcdc),  6) + a; d = RL(d, 10);
+            a = RL(a + F4(b,c,d) + X[14] + unchecked((int) 0x8f1bbcdc),  8) + e; c = RL(c, 10);
+            e = RL(e + F4(a,b,c) + X[ 5] + unchecked((int) 0x8f1bbcdc),  6) + d; b = RL(b, 10);
+            d = RL(d + F4(e,a,b) + X[ 6] + unchecked((int) 0x8f1bbcdc),  5) + c; a = RL(a, 10);
+            c = RL(c + F4(d,e,a) + X[ 2] + unchecked((int) 0x8f1bbcdc), 12) + b; e = RL(e, 10);
+
+            // right
+            cc = RL(cc + F2(dd,ee,aa) + X[ 8] + unchecked((int) 0x7a6d76e9),  15) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc,dd,ee) + X[ 6] + unchecked((int) 0x7a6d76e9),   5) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb,cc,dd) + X[ 4] + unchecked((int) 0x7a6d76e9),   8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa,bb,cc) + X[ 1] + unchecked((int) 0x7a6d76e9),  11) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee,aa,bb) + X[ 3] + unchecked((int) 0x7a6d76e9),  14) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd,ee,aa) + X[11] + unchecked((int) 0x7a6d76e9),  14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc,dd,ee) + X[15] + unchecked((int) 0x7a6d76e9),   6) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb,cc,dd) + X[ 0] + unchecked((int) 0x7a6d76e9),  14) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa,bb,cc) + X[ 5] + unchecked((int) 0x7a6d76e9),   6) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee,aa,bb) + X[12] + unchecked((int) 0x7a6d76e9),   9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd,ee,aa) + X[ 2] + unchecked((int) 0x7a6d76e9),  12) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc,dd,ee) + X[13] + unchecked((int) 0x7a6d76e9),   9) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb,cc,dd) + X[ 9] + unchecked((int) 0x7a6d76e9),  12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa,bb,cc) + X[ 7] + unchecked((int) 0x7a6d76e9),   5) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee,aa,bb) + X[10] + unchecked((int) 0x7a6d76e9),  15) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd,ee,aa) + X[14] + unchecked((int) 0x7a6d76e9),   8) + bb; ee = RL(ee, 10);
+
+            //
+            // Rounds 64-79
+            //
+            // left
+            b = RL(b + F5(c,d,e) + X[ 4] + unchecked((int) 0xa953fd4e),  9) + a; d = RL(d, 10);
+            a = RL(a + F5(b,c,d) + X[ 0] + unchecked((int) 0xa953fd4e), 15) + e; c = RL(c, 10);
+            e = RL(e + F5(a,b,c) + X[ 5] + unchecked((int) 0xa953fd4e),  5) + d; b = RL(b, 10);
+            d = RL(d + F5(e,a,b) + X[ 9] + unchecked((int) 0xa953fd4e), 11) + c; a = RL(a, 10);
+            c = RL(c + F5(d,e,a) + X[ 7] + unchecked((int) 0xa953fd4e),  6) + b; e = RL(e, 10);
+            b = RL(b + F5(c,d,e) + X[12] + unchecked((int) 0xa953fd4e),  8) + a; d = RL(d, 10);
+            a = RL(a + F5(b,c,d) + X[ 2] + unchecked((int) 0xa953fd4e), 13) + e; c = RL(c, 10);
+            e = RL(e + F5(a,b,c) + X[10] + unchecked((int) 0xa953fd4e), 12) + d; b = RL(b, 10);
+            d = RL(d + F5(e,a,b) + X[14] + unchecked((int) 0xa953fd4e),  5) + c; a = RL(a, 10);
+            c = RL(c + F5(d,e,a) + X[ 1] + unchecked((int) 0xa953fd4e), 12) + b; e = RL(e, 10);
+            b = RL(b + F5(c,d,e) + X[ 3] + unchecked((int) 0xa953fd4e), 13) + a; d = RL(d, 10);
+            a = RL(a + F5(b,c,d) + X[ 8] + unchecked((int) 0xa953fd4e), 14) + e; c = RL(c, 10);
+            e = RL(e + F5(a,b,c) + X[11] + unchecked((int) 0xa953fd4e), 11) + d; b = RL(b, 10);
+            d = RL(d + F5(e,a,b) + X[ 6] + unchecked((int) 0xa953fd4e),  8) + c; a = RL(a, 10);
+            c = RL(c + F5(d,e,a) + X[15] + unchecked((int) 0xa953fd4e),  5) + b; e = RL(e, 10);
+            b = RL(b + F5(c,d,e) + X[13] + unchecked((int) 0xa953fd4e),  6) + a; d = RL(d, 10);
+
+            // right
+            bb = RL(bb + F1(cc,dd,ee) + X[12],  8) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb,cc,dd) + X[15],  5) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa,bb,cc) + X[10], 12) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee,aa,bb) + X[ 4],  9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd,ee,aa) + X[ 1], 12) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc,dd,ee) + X[ 5],  5) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb,cc,dd) + X[ 8], 14) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa,bb,cc) + X[ 7],  6) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee,aa,bb) + X[ 6],  8) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd,ee,aa) + X[ 2], 13) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc,dd,ee) + X[13],  6) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb,cc,dd) + X[14],  5) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa,bb,cc) + X[ 0], 15) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee,aa,bb) + X[ 3], 13) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd,ee,aa) + X[ 9], 11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc,dd,ee) + X[11], 11) + aa; dd = RL(dd, 10);
+
+            dd += c + H1;
+            H1 = H2 + d + ee;
+            H2 = H3 + e + aa;
+            H3 = H4 + a + bb;
+            H4 = H0 + b + cc;
+            H0 = dd;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new RipeMD160Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			RipeMD160Digest d = (RipeMD160Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/RipeMD256Digest.cs b/bc-sharp-crypto/src/crypto/digests/RipeMD256Digest.cs
new file mode 100644
index 0000000..3062757
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/RipeMD256Digest.cs
@@ -0,0 +1,430 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /// <remarks>
+    /// <p>Implementation of RipeMD256.</p>
+    /// <p><b>Note:</b> this algorithm offers the same level of security as RipeMD128.</p>
+    /// </remarks>
+    public class RipeMD256Digest
+		: GeneralDigest
+    {
+        public override string AlgorithmName
+		{
+			get { return "RIPEMD256"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		private const int DigestLength = 32;
+
+		private int H0, H1, H2, H3, H4, H5, H6, H7; // IV's
+
+		private int[] X = new int[16];
+        private int xOff;
+
+        /// <summary> Standard constructor</summary>
+        public RipeMD256Digest()
+        {
+            Reset();
+        }
+
+        /// <summary> Copy constructor.  This will copy the state of the provided
+        /// message digest.
+        /// </summary>
+        public RipeMD256Digest(RipeMD256Digest t):base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(RipeMD256Digest t)
+		{
+			base.CopyIn(t);
+
+            H0 = t.H0;
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+            H6 = t.H6;
+            H7 = t.H7;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        internal override void ProcessWord(
+            byte[] input,
+            int inOff)
+        {
+            X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8)
+                | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24);
+
+            if (xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (int)(bitLength & 0xffffffff);
+            X[15] = (int)((ulong)bitLength >> 32);
+        }
+
+        private void UnpackWord(
+            int word,
+            byte[] outBytes,
+            int outOff)
+        {
+            outBytes[outOff] = (byte)(uint)word;
+            outBytes[outOff + 1] = (byte)((uint)word >> 8);
+            outBytes[outOff + 2] = (byte)((uint)word >> 16);
+            outBytes[outOff + 3] = (byte)((uint)word >> 24);
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+            Finish();
+
+            UnpackWord(H0, output, outOff);
+            UnpackWord(H1, output, outOff + 4);
+            UnpackWord(H2, output, outOff + 8);
+            UnpackWord(H3, output, outOff + 12);
+            UnpackWord(H4, output, outOff + 16);
+            UnpackWord(H5, output, outOff + 20);
+            UnpackWord(H6, output, outOff + 24);
+            UnpackWord(H7, output, outOff + 28);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /// <summary> reset the chaining variables to the IV values.</summary>
+        public override void  Reset()
+        {
+            base.Reset();
+
+            H0 = unchecked((int)0x67452301);
+            H1 = unchecked((int)0xefcdab89);
+            H2 = unchecked((int)0x98badcfe);
+            H3 = unchecked((int)0x10325476);
+            H4 = unchecked((int)0x76543210);
+            H5 = unchecked((int)0xFEDCBA98);
+            H6 = unchecked((int)0x89ABCDEF);
+            H7 = unchecked((int)0x01234567);
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        /*
+        * rotate int x left n bits.
+        */
+        private int RL(
+            int x,
+            int n)
+        {
+            return (x << n) | (int)((uint)x >> (32 - n));
+        }
+
+        /*
+        * f1,f2,f3,f4 are the basic RipeMD128 functions.
+        */
+
+        /*
+        * F
+        */
+        private int F1(int x, int y, int z)
+        {
+            return x ^ y ^ z;
+        }
+
+        /*
+        * G
+        */
+        private int F2(int x, int y, int z)
+        {
+            return (x & y) | (~ x & z);
+        }
+
+        /*
+        * H
+        */
+        private int F3(int x, int y, int z)
+        {
+            return (x | ~ y) ^ z;
+        }
+
+        /*
+        * I
+        */
+        private int F4(int x, int y, int z)
+        {
+            return (x & z) | (y & ~ z);
+        }
+
+        private int F1(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F1(b, c, d) + x, s);
+        }
+
+        private int F2(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F2(b, c, d) + x + unchecked((int)0x5a827999), s);
+        }
+
+        private int F3(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F3(b, c, d) + x + unchecked((int)0x6ed9eba1), s);
+        }
+
+        private int F4(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F4(b, c, d) + x + unchecked((int)0x8f1bbcdc), s);
+        }
+
+        private int FF1(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F1(b, c, d) + x, s);
+        }
+
+        private int FF2(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F2(b, c, d) + x + unchecked((int)0x6d703ef3), s);
+        }
+
+        private int FF3(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F3(b, c, d) + x + unchecked((int)0x5c4dd124), s);
+        }
+
+        private int FF4(int a, int b, int c, int d, int x, int s)
+        {
+            return RL(a + F4(b, c, d) + x + unchecked((int)0x50a28be6), s);
+        }
+
+        internal override void ProcessBlock()
+        {
+            int a, aa;
+            int b, bb;
+            int c, cc;
+            int d, dd;
+            int t;
+
+            a = H0;
+            b = H1;
+            c = H2;
+            d = H3;
+            aa = H4;
+            bb = H5;
+            cc = H6;
+            dd = H7;
+
+            //
+            // Round 1
+            //
+
+            a = F1(a, b, c, d, X[0], 11);
+            d = F1(d, a, b, c, X[1], 14);
+            c = F1(c, d, a, b, X[2], 15);
+            b = F1(b, c, d, a, X[3], 12);
+            a = F1(a, b, c, d, X[4], 5);
+            d = F1(d, a, b, c, X[5], 8);
+            c = F1(c, d, a, b, X[6], 7);
+            b = F1(b, c, d, a, X[7], 9);
+            a = F1(a, b, c, d, X[8], 11);
+            d = F1(d, a, b, c, X[9], 13);
+            c = F1(c, d, a, b, X[10], 14);
+            b = F1(b, c, d, a, X[11], 15);
+            a = F1(a, b, c, d, X[12], 6);
+            d = F1(d, a, b, c, X[13], 7);
+            c = F1(c, d, a, b, X[14], 9);
+            b = F1(b, c, d, a, X[15], 8);
+
+            aa = FF4(aa, bb, cc, dd, X[5], 8);
+            dd = FF4(dd, aa, bb, cc, X[14], 9);
+            cc = FF4(cc, dd, aa, bb, X[7], 9);
+            bb = FF4(bb, cc, dd, aa, X[0], 11);
+            aa = FF4(aa, bb, cc, dd, X[9], 13);
+            dd = FF4(dd, aa, bb, cc, X[2], 15);
+            cc = FF4(cc, dd, aa, bb, X[11], 15);
+            bb = FF4(bb, cc, dd, aa, X[4], 5);
+            aa = FF4(aa, bb, cc, dd, X[13], 7);
+            dd = FF4(dd, aa, bb, cc, X[6], 7);
+            cc = FF4(cc, dd, aa, bb, X[15], 8);
+            bb = FF4(bb, cc, dd, aa, X[8], 11);
+            aa = FF4(aa, bb, cc, dd, X[1], 14);
+            dd = FF4(dd, aa, bb, cc, X[10], 14);
+            cc = FF4(cc, dd, aa, bb, X[3], 12);
+            bb = FF4(bb, cc, dd, aa, X[12], 6);
+
+            t = a; a = aa; aa = t;
+
+            //
+            // Round 2
+            //
+            a = F2(a, b, c, d, X[7], 7);
+            d = F2(d, a, b, c, X[4], 6);
+            c = F2(c, d, a, b, X[13], 8);
+            b = F2(b, c, d, a, X[1], 13);
+            a = F2(a, b, c, d, X[10], 11);
+            d = F2(d, a, b, c, X[6], 9);
+            c = F2(c, d, a, b, X[15], 7);
+            b = F2(b, c, d, a, X[3], 15);
+            a = F2(a, b, c, d, X[12], 7);
+            d = F2(d, a, b, c, X[0], 12);
+            c = F2(c, d, a, b, X[9], 15);
+            b = F2(b, c, d, a, X[5], 9);
+            a = F2(a, b, c, d, X[2], 11);
+            d = F2(d, a, b, c, X[14], 7);
+            c = F2(c, d, a, b, X[11], 13);
+            b = F2(b, c, d, a, X[8], 12);
+
+            aa = FF3(aa, bb, cc, dd, X[6], 9);
+            dd = FF3(dd, aa, bb, cc, X[11], 13);
+            cc = FF3(cc, dd, aa, bb, X[3], 15);
+            bb = FF3(bb, cc, dd, aa, X[7], 7);
+            aa = FF3(aa, bb, cc, dd, X[0], 12);
+            dd = FF3(dd, aa, bb, cc, X[13], 8);
+            cc = FF3(cc, dd, aa, bb, X[5], 9);
+            bb = FF3(bb, cc, dd, aa, X[10], 11);
+            aa = FF3(aa, bb, cc, dd, X[14], 7);
+            dd = FF3(dd, aa, bb, cc, X[15], 7);
+            cc = FF3(cc, dd, aa, bb, X[8], 12);
+            bb = FF3(bb, cc, dd, aa, X[12], 7);
+            aa = FF3(aa, bb, cc, dd, X[4], 6);
+            dd = FF3(dd, aa, bb, cc, X[9], 15);
+            cc = FF3(cc, dd, aa, bb, X[1], 13);
+            bb = FF3(bb, cc, dd, aa, X[2], 11);
+
+            t = b; b = bb; bb = t;
+
+            //
+            // Round 3
+            //
+            a = F3(a, b, c, d, X[3], 11);
+            d = F3(d, a, b, c, X[10], 13);
+            c = F3(c, d, a, b, X[14], 6);
+            b = F3(b, c, d, a, X[4], 7);
+            a = F3(a, b, c, d, X[9], 14);
+            d = F3(d, a, b, c, X[15], 9);
+            c = F3(c, d, a, b, X[8], 13);
+            b = F3(b, c, d, a, X[1], 15);
+            a = F3(a, b, c, d, X[2], 14);
+            d = F3(d, a, b, c, X[7], 8);
+            c = F3(c, d, a, b, X[0], 13);
+            b = F3(b, c, d, a, X[6], 6);
+            a = F3(a, b, c, d, X[13], 5);
+            d = F3(d, a, b, c, X[11], 12);
+            c = F3(c, d, a, b, X[5], 7);
+            b = F3(b, c, d, a, X[12], 5);
+
+            aa = FF2(aa, bb, cc, dd, X[15], 9);
+            dd = FF2(dd, aa, bb, cc, X[5], 7);
+            cc = FF2(cc, dd, aa, bb, X[1], 15);
+            bb = FF2(bb, cc, dd, aa, X[3], 11);
+            aa = FF2(aa, bb, cc, dd, X[7], 8);
+            dd = FF2(dd, aa, bb, cc, X[14], 6);
+            cc = FF2(cc, dd, aa, bb, X[6], 6);
+            bb = FF2(bb, cc, dd, aa, X[9], 14);
+            aa = FF2(aa, bb, cc, dd, X[11], 12);
+            dd = FF2(dd, aa, bb, cc, X[8], 13);
+            cc = FF2(cc, dd, aa, bb, X[12], 5);
+            bb = FF2(bb, cc, dd, aa, X[2], 14);
+            aa = FF2(aa, bb, cc, dd, X[10], 13);
+            dd = FF2(dd, aa, bb, cc, X[0], 13);
+            cc = FF2(cc, dd, aa, bb, X[4], 7);
+            bb = FF2(bb, cc, dd, aa, X[13], 5);
+
+            t = c; c = cc; cc = t;
+
+            //
+            // Round 4
+            //
+            a = F4(a, b, c, d, X[1], 11);
+            d = F4(d, a, b, c, X[9], 12);
+            c = F4(c, d, a, b, X[11], 14);
+            b = F4(b, c, d, a, X[10], 15);
+            a = F4(a, b, c, d, X[0], 14);
+            d = F4(d, a, b, c, X[8], 15);
+            c = F4(c, d, a, b, X[12], 9);
+            b = F4(b, c, d, a, X[4], 8);
+            a = F4(a, b, c, d, X[13], 9);
+            d = F4(d, a, b, c, X[3], 14);
+            c = F4(c, d, a, b, X[7], 5);
+            b = F4(b, c, d, a, X[15], 6);
+            a = F4(a, b, c, d, X[14], 8);
+            d = F4(d, a, b, c, X[5], 6);
+            c = F4(c, d, a, b, X[6], 5);
+            b = F4(b, c, d, a, X[2], 12);
+
+            aa = FF1(aa, bb, cc, dd, X[8], 15);
+            dd = FF1(dd, aa, bb, cc, X[6], 5);
+            cc = FF1(cc, dd, aa, bb, X[4], 8);
+            bb = FF1(bb, cc, dd, aa, X[1], 11);
+            aa = FF1(aa, bb, cc, dd, X[3], 14);
+            dd = FF1(dd, aa, bb, cc, X[11], 14);
+            cc = FF1(cc, dd, aa, bb, X[15], 6);
+            bb = FF1(bb, cc, dd, aa, X[0], 14);
+            aa = FF1(aa, bb, cc, dd, X[5], 6);
+            dd = FF1(dd, aa, bb, cc, X[12], 9);
+            cc = FF1(cc, dd, aa, bb, X[2], 12);
+            bb = FF1(bb, cc, dd, aa, X[13], 9);
+            aa = FF1(aa, bb, cc, dd, X[9], 12);
+            dd = FF1(dd, aa, bb, cc, X[7], 5);
+            cc = FF1(cc, dd, aa, bb, X[10], 15);
+            bb = FF1(bb, cc, dd, aa, X[14], 8);
+
+            t = d; d = dd; dd = t;
+
+            H0 += a;
+            H1 += b;
+            H2 += c;
+            H3 += d;
+            H4 += aa;
+            H5 += bb;
+            H6 += cc;
+            H7 += dd;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new RipeMD256Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			RipeMD256Digest d = (RipeMD256Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/RipeMD320Digest.cs b/bc-sharp-crypto/src/crypto/digests/RipeMD320Digest.cs
new file mode 100644
index 0000000..767d74d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/RipeMD320Digest.cs
@@ -0,0 +1,459 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+	/// <remarks>
+	/// <p>Implementation of RipeMD 320.</p>
+	/// <p><b>Note:</b> this algorithm offers the same level of security as RipeMD160.</p>
+	/// </remarks>
+    public class RipeMD320Digest
+		: GeneralDigest
+    {
+        public override string AlgorithmName
+		{
+			get { return "RIPEMD320"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		private const int DigestLength = 40;
+
+		private int H0, H1, H2, H3, H4, H5, H6, H7, H8, H9; // IV's
+
+        private int[] X = new int[16];
+        private int xOff;
+
+        /// <summary> Standard constructor</summary>
+        public RipeMD320Digest()
+        {
+            Reset();
+        }
+
+        /// <summary> Copy constructor.  This will copy the state of the provided
+        /// message digest.
+        /// </summary>
+        public RipeMD320Digest(RipeMD320Digest t)
+			: base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(RipeMD320Digest t)
+		{
+			base.CopyIn(t);
+
+            H0 = t.H0;
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+            H6 = t.H6;
+            H7 = t.H7;
+            H8 = t.H8;
+            H9 = t.H9;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        internal override void ProcessWord(
+            byte[] input,
+            int inOff)
+        {
+            X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8)
+                | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24);
+
+            if (xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (int)(bitLength & 0xffffffff);
+            X[15] = (int)((ulong)bitLength >> 32);
+        }
+
+        private void UnpackWord(
+            int word,
+            byte[] outBytes,
+            int outOff)
+        {
+            outBytes[outOff] = (byte)word;
+            outBytes[outOff + 1] = (byte)((uint)word >> 8);
+            outBytes[outOff + 2] = (byte)((uint)word >> 16);
+            outBytes[outOff + 3] = (byte)((uint)word >> 24);
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+            Finish();
+
+            UnpackWord(H0, output, outOff);
+            UnpackWord(H1, output, outOff + 4);
+            UnpackWord(H2, output, outOff + 8);
+            UnpackWord(H3, output, outOff + 12);
+            UnpackWord(H4, output, outOff + 16);
+            UnpackWord(H5, output, outOff + 20);
+            UnpackWord(H6, output, outOff + 24);
+            UnpackWord(H7, output, outOff + 28);
+            UnpackWord(H8, output, outOff + 32);
+            UnpackWord(H9, output, outOff + 36);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /// <summary> reset the chaining variables to the IV values.</summary>
+        public override void  Reset()
+        {
+            base.Reset();
+
+            H0 = unchecked((int) 0x67452301);
+            H1 = unchecked((int) 0xefcdab89);
+            H2 = unchecked((int) 0x98badcfe);
+            H3 = unchecked((int) 0x10325476);
+            H4 = unchecked((int) 0xc3d2e1f0);
+            H5 = unchecked((int) 0x76543210);
+            H6 = unchecked((int) 0xFEDCBA98);
+            H7 = unchecked((int) 0x89ABCDEF);
+            H8 = unchecked((int) 0x01234567);
+            H9 = unchecked((int) 0x3C2D1E0F);
+
+            xOff = 0;
+
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+
+        /*
+        * rotate int x left n bits.
+        */
+        private int RL(
+            int x,
+            int n)
+        {
+            return (x << n) | (int)(((uint)x) >> (32 - n));
+        }
+
+        /*
+        * f1,f2,f3,f4,f5 are the basic RipeMD160 functions.
+        */
+
+        /*
+        * rounds 0-15
+        */
+        private int F1(int x, int y, int z)
+        {
+            return x ^ y ^ z;
+        }
+
+        /*
+        * rounds 16-31
+        */
+        private int F2(int x, int y, int z)
+        {
+            return (x & y) | (~ x & z);
+        }
+
+        /*
+        * rounds 32-47
+        */
+        private int F3(int x, int y, int z)
+        {
+            return (x | ~ y) ^ z;
+        }
+
+        /*
+        * rounds 48-63
+        */
+        private int F4(int x, int y, int z)
+        {
+            return (x & z) | (y & ~ z);
+        }
+
+        /*
+        * rounds 64-79
+        */
+        private int F5(int x, int y, int z)
+        {
+            return x ^ (y | ~z);
+        }
+
+        internal override void ProcessBlock()
+        {
+            int a, aa;
+            int b, bb;
+            int c, cc;
+            int d, dd;
+            int e, ee;
+            int t;
+
+            a = H0;
+            b = H1;
+            c = H2;
+            d = H3;
+            e = H4;
+            aa = H5;
+            bb = H6;
+            cc = H7;
+            dd = H8;
+            ee = H9;
+
+            //
+            // Rounds 1 - 16
+            //
+            // left
+            a = RL(a + F1(b, c, d) + X[0], 11) + e; c = RL(c, 10);
+            e = RL(e + F1(a, b, c) + X[1], 14) + d; b = RL(b, 10);
+            d = RL(d + F1(e, a, b) + X[2], 15) + c; a = RL(a, 10);
+            c = RL(c + F1(d, e, a) + X[3], 12) + b; e = RL(e, 10);
+            b = RL(b + F1(c, d, e) + X[4], 5) + a; d = RL(d, 10);
+            a = RL(a + F1(b, c, d) + X[5], 8) + e; c = RL(c, 10);
+            e = RL(e + F1(a, b, c) + X[6], 7) + d; b = RL(b, 10);
+            d = RL(d + F1(e, a, b) + X[7], 9) + c; a = RL(a, 10);
+            c = RL(c + F1(d, e, a) + X[8], 11) + b; e = RL(e, 10);
+            b = RL(b + F1(c, d, e) + X[9], 13) + a; d = RL(d, 10);
+            a = RL(a + F1(b, c, d) + X[10], 14) + e; c = RL(c, 10);
+            e = RL(e + F1(a, b, c) + X[11], 15) + d; b = RL(b, 10);
+            d = RL(d + F1(e, a, b) + X[12], 6) + c; a = RL(a, 10);
+            c = RL(c + F1(d, e, a) + X[13], 7) + b; e = RL(e, 10);
+            b = RL(b + F1(c, d, e) + X[14], 9) + a; d = RL(d, 10);
+            a = RL(a + F1(b, c, d) + X[15], 8) + e; c = RL(c, 10);
+
+            // right
+            aa = RL(aa + F5(bb, cc, dd) + X[5] + unchecked((int)0x50a28be6), 8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa, bb, cc) + X[14] + unchecked((int)0x50a28be6), 9) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee, aa, bb) + X[7] + unchecked((int)0x50a28be6), 9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd, ee, aa) + X[0] + unchecked((int)0x50a28be6), 11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc, dd, ee) + X[9] + unchecked((int)0x50a28be6), 13) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb, cc, dd) + X[2] + unchecked((int)0x50a28be6), 15) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa, bb, cc) + X[11] + unchecked((int)0x50a28be6), 15) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee, aa, bb) + X[4] + unchecked((int)0x50a28be6), 5) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd, ee, aa) + X[13] + unchecked((int)0x50a28be6), 7) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc, dd, ee) + X[6] + unchecked((int)0x50a28be6), 7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb, cc, dd) + X[15] + unchecked((int)0x50a28be6), 8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F5(aa, bb, cc) + X[8] + unchecked((int)0x50a28be6), 11) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F5(ee, aa, bb) + X[1] + unchecked((int)0x50a28be6), 14) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F5(dd, ee, aa) + X[10] + unchecked((int)0x50a28be6), 14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F5(cc, dd, ee) + X[3] + unchecked((int)0x50a28be6), 12) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F5(bb, cc, dd) + X[12] + unchecked((int)0x50a28be6), 6) + ee; cc = RL(cc, 10);
+
+            t = a; a = aa; aa = t;
+            //
+            // Rounds 16-31
+            //
+            // left
+            e = RL(e + F2(a, b, c) + X[7] + unchecked((int)0x5a827999), 7) + d; b = RL(b, 10);
+            d = RL(d + F2(e, a, b) + X[4] + unchecked((int)0x5a827999), 6) + c; a = RL(a, 10);
+            c = RL(c + F2(d, e, a) + X[13] + unchecked((int)0x5a827999), 8) + b; e = RL(e, 10);
+            b = RL(b + F2(c, d, e) + X[1] + unchecked((int)0x5a827999), 13) + a; d = RL(d, 10);
+            a = RL(a + F2(b, c, d) + X[10] + unchecked((int)0x5a827999), 11) + e; c = RL(c, 10);
+            e = RL(e + F2(a, b, c) + X[6] + unchecked((int)0x5a827999), 9) + d; b = RL(b, 10);
+            d = RL(d + F2(e, a, b) + X[15] + unchecked((int)0x5a827999), 7) + c; a = RL(a, 10);
+            c = RL(c + F2(d, e, a) + X[3] + unchecked((int)0x5a827999), 15) + b; e = RL(e, 10);
+            b = RL(b + F2(c, d, e) + X[12] + unchecked((int)0x5a827999), 7) + a; d = RL(d, 10);
+            a = RL(a + F2(b, c, d) + X[0] + unchecked((int)0x5a827999), 12) + e; c = RL(c, 10);
+            e = RL(e + F2(a, b, c) + X[9] + unchecked((int)0x5a827999), 15) + d; b = RL(b, 10);
+            d = RL(d + F2(e, a, b) + X[5] + unchecked((int)0x5a827999), 9) + c; a = RL(a, 10);
+            c = RL(c + F2(d, e, a) + X[2] + unchecked((int)0x5a827999), 11) + b; e = RL(e, 10);
+            b = RL(b + F2(c, d, e) + X[14] + unchecked((int)0x5a827999), 7) + a; d = RL(d, 10);
+            a = RL(a + F2(b, c, d) + X[11] + unchecked((int)0x5a827999), 13) + e; c = RL(c, 10);
+            e = RL(e + F2(a, b, c) + X[8] + unchecked((int)0x5a827999), 12) + d; b = RL(b, 10);
+
+            // right
+            ee = RL(ee + F4(aa, bb, cc) + X[6] + unchecked((int)0x5c4dd124), 9) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee, aa, bb) + X[11] + unchecked((int)0x5c4dd124), 13) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd, ee, aa) + X[3] + unchecked((int)0x5c4dd124), 15) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc, dd, ee) + X[7] + unchecked((int)0x5c4dd124), 7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb, cc, dd) + X[0] + unchecked((int)0x5c4dd124), 12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa, bb, cc) + X[13] + unchecked((int)0x5c4dd124), 8) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee, aa, bb) + X[5] + unchecked((int)0x5c4dd124), 9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd, ee, aa) + X[10] + unchecked((int)0x5c4dd124), 11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc, dd, ee) + X[14] + unchecked((int)0x5c4dd124), 7) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb, cc, dd) + X[15] + unchecked((int)0x5c4dd124), 7) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa, bb, cc) + X[8] + unchecked((int)0x5c4dd124), 12) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F4(ee, aa, bb) + X[12] + unchecked((int)0x5c4dd124), 7) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F4(dd, ee, aa) + X[4] + unchecked((int)0x5c4dd124), 6) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F4(cc, dd, ee) + X[9] + unchecked((int)0x5c4dd124), 15) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F4(bb, cc, dd) + X[1] + unchecked((int)0x5c4dd124), 13) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F4(aa, bb, cc) + X[2] + unchecked((int)0x5c4dd124), 11) + dd; bb = RL(bb, 10);
+
+            t = b; b = bb; bb = t;
+
+            //
+            // Rounds 32-47
+            //
+            // left
+            d = RL(d + F3(e, a, b) + X[3] + unchecked((int)0x6ed9eba1), 11) + c; a = RL(a, 10);
+            c = RL(c + F3(d, e, a) + X[10] + unchecked((int)0x6ed9eba1), 13) + b; e = RL(e, 10);
+            b = RL(b + F3(c, d, e) + X[14] + unchecked((int)0x6ed9eba1), 6) + a; d = RL(d, 10);
+            a = RL(a + F3(b, c, d) + X[4] + unchecked((int)0x6ed9eba1), 7) + e; c = RL(c, 10);
+            e = RL(e + F3(a, b, c) + X[9] + unchecked((int)0x6ed9eba1), 14) + d; b = RL(b, 10);
+            d = RL(d + F3(e, a, b) + X[15] + unchecked((int)0x6ed9eba1), 9) + c; a = RL(a, 10);
+            c = RL(c + F3(d, e, a) + X[8] + unchecked((int)0x6ed9eba1), 13) + b; e = RL(e, 10);
+            b = RL(b + F3(c, d, e) + X[1] + unchecked((int)0x6ed9eba1), 15) + a; d = RL(d, 10);
+            a = RL(a + F3(b, c, d) + X[2] + unchecked((int)0x6ed9eba1), 14) + e; c = RL(c, 10);
+            e = RL(e + F3(a, b, c) + X[7] + unchecked((int)0x6ed9eba1), 8) + d; b = RL(b, 10);
+            d = RL(d + F3(e, a, b) + X[0] + unchecked((int)0x6ed9eba1), 13) + c; a = RL(a, 10);
+            c = RL(c + F3(d, e, a) + X[6] + unchecked((int)0x6ed9eba1), 6) + b; e = RL(e, 10);
+            b = RL(b + F3(c, d, e) + X[13] + unchecked((int)0x6ed9eba1), 5) + a; d = RL(d, 10);
+            a = RL(a + F3(b, c, d) + X[11] + unchecked((int)0x6ed9eba1), 12) + e; c = RL(c, 10);
+            e = RL(e + F3(a, b, c) + X[5] + unchecked((int)0x6ed9eba1), 7) + d; b = RL(b, 10);
+            d = RL(d + F3(e, a, b) + X[12] + unchecked((int)0x6ed9eba1), 5) + c; a = RL(a, 10);
+
+            // right
+            dd = RL(dd + F3(ee, aa, bb) + X[15] + unchecked((int)0x6d703ef3), 9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd, ee, aa) + X[5] + unchecked((int)0x6d703ef3), 7) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc, dd, ee) + X[1] + unchecked((int)0x6d703ef3), 15) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb, cc, dd) + X[3] + unchecked((int)0x6d703ef3), 11) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa, bb, cc) + X[7] + unchecked((int)0x6d703ef3), 8) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee, aa, bb) + X[14] + unchecked((int)0x6d703ef3), 6) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd, ee, aa) + X[6] + unchecked((int)0x6d703ef3), 6) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc, dd, ee) + X[9] + unchecked((int)0x6d703ef3), 14) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb, cc, dd) + X[11] + unchecked((int)0x6d703ef3), 12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa, bb, cc) + X[8] + unchecked((int)0x6d703ef3), 13) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee, aa, bb) + X[12] + unchecked((int)0x6d703ef3), 5) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F3(dd, ee, aa) + X[2] + unchecked((int)0x6d703ef3), 14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F3(cc, dd, ee) + X[10] + unchecked((int)0x6d703ef3), 13) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F3(bb, cc, dd) + X[0] + unchecked((int)0x6d703ef3), 13) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F3(aa, bb, cc) + X[4] + unchecked((int)0x6d703ef3), 7) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F3(ee, aa, bb) + X[13] + unchecked((int)0x6d703ef3), 5) + cc; aa = RL(aa, 10);
+
+            t = c; c = cc; cc = t;
+
+            //
+            // Rounds 48-63
+            //
+            // left
+            c = RL(c + F4(d, e, a) + X[1] + unchecked((int)0x8f1bbcdc), 11) + b; e = RL(e, 10);
+            b = RL(b + F4(c, d, e) + X[9] + unchecked((int)0x8f1bbcdc), 12) + a; d = RL(d, 10);
+            a = RL(a + F4(b, c, d) + X[11] + unchecked((int)0x8f1bbcdc), 14) + e; c = RL(c, 10);
+            e = RL(e + F4(a, b, c) + X[10] + unchecked((int)0x8f1bbcdc), 15) + d; b = RL(b, 10);
+            d = RL(d + F4(e, a, b) + X[0] + unchecked((int)0x8f1bbcdc), 14) + c; a = RL(a, 10);
+            c = RL(c + F4(d, e, a) + X[8] + unchecked((int)0x8f1bbcdc), 15) + b; e = RL(e, 10);
+            b = RL(b + F4(c, d, e) + X[12] + unchecked((int)0x8f1bbcdc), 9) + a; d = RL(d, 10);
+            a = RL(a + F4(b, c, d) + X[4] + unchecked((int)0x8f1bbcdc), 8) + e; c = RL(c, 10);
+            e = RL(e + F4(a, b, c) + X[13] + unchecked((int)0x8f1bbcdc), 9) + d; b = RL(b, 10);
+            d = RL(d + F4(e, a, b) + X[3] + unchecked((int)0x8f1bbcdc), 14) + c; a = RL(a, 10);
+            c = RL(c + F4(d, e, a) + X[7] + unchecked((int)0x8f1bbcdc), 5) + b; e = RL(e, 10);
+            b = RL(b + F4(c, d, e) + X[15] + unchecked((int)0x8f1bbcdc), 6) + a; d = RL(d, 10);
+            a = RL(a + F4(b, c, d) + X[14] + unchecked((int)0x8f1bbcdc), 8) + e; c = RL(c, 10);
+            e = RL(e + F4(a, b, c) + X[5] + unchecked((int)0x8f1bbcdc), 6) + d; b = RL(b, 10);
+            d = RL(d + F4(e, a, b) + X[6] + unchecked((int)0x8f1bbcdc), 5) + c; a = RL(a, 10);
+            c = RL(c + F4(d, e, a) + X[2] + unchecked((int)0x8f1bbcdc), 12) + b; e = RL(e, 10);
+
+            // right
+            cc = RL(cc + F2(dd, ee, aa) + X[8] + unchecked((int)0x7a6d76e9), 15) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc, dd, ee) + X[6] + unchecked((int)0x7a6d76e9), 5) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb, cc, dd) + X[4] + unchecked((int)0x7a6d76e9), 8) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa, bb, cc) + X[1] + unchecked((int)0x7a6d76e9), 11) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee, aa, bb) + X[3] + unchecked((int)0x7a6d76e9), 14) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd, ee, aa) + X[11] + unchecked((int)0x7a6d76e9), 14) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc, dd, ee) + X[15] + unchecked((int)0x7a6d76e9), 6) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb, cc, dd) + X[0] + unchecked((int)0x7a6d76e9), 14) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa, bb, cc) + X[5] + unchecked((int)0x7a6d76e9), 6) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee, aa, bb) + X[12] + unchecked((int)0x7a6d76e9), 9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd, ee, aa) + X[2] + unchecked((int)0x7a6d76e9), 12) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F2(cc, dd, ee) + X[13] + unchecked((int)0x7a6d76e9), 9) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F2(bb, cc, dd) + X[9] + unchecked((int)0x7a6d76e9), 12) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F2(aa, bb, cc) + X[7] + unchecked((int)0x7a6d76e9), 5) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F2(ee, aa, bb) + X[10] + unchecked((int)0x7a6d76e9), 15) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F2(dd, ee, aa) + X[14] + unchecked((int)0x7a6d76e9), 8) + bb; ee = RL(ee, 10);
+
+            t = d; d = dd; dd = t;
+
+            //
+            // Rounds 64-79
+            //
+            // left
+            b = RL(b + F5(c, d, e) + X[4] + unchecked((int)0xa953fd4e), 9) + a; d = RL(d, 10);
+            a = RL(a + F5(b, c, d) + X[0] + unchecked((int)0xa953fd4e), 15) + e; c = RL(c, 10);
+            e = RL(e + F5(a, b, c) + X[5] + unchecked((int)0xa953fd4e), 5) + d; b = RL(b, 10);
+            d = RL(d + F5(e, a, b) + X[9] + unchecked((int)0xa953fd4e), 11) + c; a = RL(a, 10);
+            c = RL(c + F5(d, e, a) + X[7] + unchecked((int)0xa953fd4e), 6) + b; e = RL(e, 10);
+            b = RL(b + F5(c, d, e) + X[12] + unchecked((int)0xa953fd4e), 8) + a; d = RL(d, 10);
+            a = RL(a + F5(b, c, d) + X[2] + unchecked((int)0xa953fd4e), 13) + e; c = RL(c, 10);
+            e = RL(e + F5(a, b, c) + X[10] + unchecked((int)0xa953fd4e), 12) + d; b = RL(b, 10);
+            d = RL(d + F5(e, a, b) + X[14] + unchecked((int)0xa953fd4e), 5) + c; a = RL(a, 10);
+            c = RL(c + F5(d, e, a) + X[1] + unchecked((int)0xa953fd4e), 12) + b; e = RL(e, 10);
+            b = RL(b + F5(c, d, e) + X[3] + unchecked((int)0xa953fd4e), 13) + a; d = RL(d, 10);
+            a = RL(a + F5(b, c, d) + X[8] + unchecked((int)0xa953fd4e), 14) + e; c = RL(c, 10);
+            e = RL(e + F5(a, b, c) + X[11] + unchecked((int)0xa953fd4e), 11) + d; b = RL(b, 10);
+            d = RL(d + F5(e, a, b) + X[6] + unchecked((int)0xa953fd4e), 8) + c; a = RL(a, 10);
+            c = RL(c + F5(d, e, a) + X[15] + unchecked((int)0xa953fd4e), 5) + b; e = RL(e, 10);
+            b = RL(b + F5(c, d, e) + X[13] + unchecked((int)0xa953fd4e), 6) + a; d = RL(d, 10);
+
+            // right
+            bb = RL(bb + F1(cc, dd, ee) + X[12], 8) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb, cc, dd) + X[15], 5) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa, bb, cc) + X[10], 12) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee, aa, bb) + X[4], 9) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd, ee, aa) + X[1], 12) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc, dd, ee) + X[5], 5) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb, cc, dd) + X[8], 14) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa, bb, cc) + X[7], 6) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee, aa, bb) + X[6], 8) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd, ee, aa) + X[2], 13) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc, dd, ee) + X[13], 6) + aa; dd = RL(dd, 10);
+            aa = RL(aa + F1(bb, cc, dd) + X[14], 5) + ee; cc = RL(cc, 10);
+            ee = RL(ee + F1(aa, bb, cc) + X[0], 15) + dd; bb = RL(bb, 10);
+            dd = RL(dd + F1(ee, aa, bb) + X[3], 13) + cc; aa = RL(aa, 10);
+            cc = RL(cc + F1(dd, ee, aa) + X[9], 11) + bb; ee = RL(ee, 10);
+            bb = RL(bb + F1(cc, dd, ee) + X[11], 11) + aa; dd = RL(dd, 10);
+
+            //
+            // do (e, ee) swap as part of assignment.
+            //
+
+            H0 += a;
+            H1 += b;
+            H2 += c;
+            H3 += d;
+            H4 += ee;
+            H5 += aa;
+            H6 += bb;
+            H7 += cc;
+            H8 += dd;
+            H9 += e;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+            for (int i = 0; i != X.Length; i++)
+            {
+                X[i] = 0;
+            }
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new RipeMD320Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			RipeMD320Digest d = (RipeMD320Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/SHA3Digest.cs b/bc-sharp-crypto/src/crypto/digests/SHA3Digest.cs
new file mode 100644
index 0000000..4683af5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/SHA3Digest.cs
@@ -0,0 +1,85 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /// <summary>
+    /// Implementation of SHA-3 based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
+    /// </summary>
+    /// <remarks>
+    /// Following the naming conventions used in the C source code to enable easy review of the implementation.
+    /// </remarks>
+    public class Sha3Digest
+        : KeccakDigest
+    {
+        private static int CheckBitLength(int bitLength)
+        {
+            switch (bitLength)
+            {
+            case 224:
+            case 256:
+            case 384:
+            case 512:
+                return bitLength;
+            default:
+                throw new ArgumentException(bitLength + " not supported for SHA-3", "bitLength");
+            }
+        }
+
+        public Sha3Digest()
+            : this(256)
+        {
+        }
+
+        public Sha3Digest(int bitLength)
+            : base(CheckBitLength(bitLength))
+        {
+        }
+
+        public Sha3Digest(Sha3Digest source)
+            : base(source)
+        {
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "SHA3-" + fixedOutputLength; }
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+            AbsorbBits(0x02, 2);
+
+            return base.DoFinal(output,  outOff);
+        }
+
+        /*
+         * TODO Possible API change to support partial-byte suffixes.
+         */
+        protected override int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits)
+        {
+            if (partialBits < 0 || partialBits > 7)
+                throw new ArgumentException("must be in the range [0,7]", "partialBits");
+
+            int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x02 << partialBits);
+            Debug.Assert(finalInput >= 0);
+            int finalBits = partialBits + 2;
+
+            if (finalBits >= 8)
+            {
+                Absorb(new byte[]{ (byte)finalInput }, 0, 1);
+                finalBits -= 8;
+                finalInput >>= 8;
+            }
+
+            return base.DoFinal(output, outOff, (byte)finalInput, finalBits);
+        }
+
+        public override IMemoable Copy()
+		{
+			return new Sha3Digest(this);
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/SM3Digest.cs b/bc-sharp-crypto/src/crypto/digests/SM3Digest.cs
new file mode 100644
index 0000000..d81b2dd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/SM3Digest.cs
@@ -0,0 +1,328 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+
+	/// <summary>
+	/// Implementation of Chinese SM3 digest as described at
+	/// http://tools.ietf.org/html/draft-shen-sm3-hash-00
+	/// and at .... ( Chinese PDF )
+	/// </summary>
+	/// <remarks>
+	/// The specification says "process a bit stream",
+	/// but this is written to process bytes in blocks of 4,
+	/// meaning this will process 32-bit word groups.
+	/// But so do also most other digest specifications,
+	/// including the SHA-256 which was a origin for
+	/// this specification.
+	/// </remarks>
+	public class SM3Digest
+		: GeneralDigest
+	{
+		private const int DIGEST_LENGTH = 32;   // bytes
+		private const int BLOCK_SIZE = 64 / 4; // of 32 bit ints (16 ints)
+
+		private uint[] V = new uint[DIGEST_LENGTH / 4]; // in 32 bit ints (8 ints)
+		private uint[] inwords = new uint[BLOCK_SIZE];
+		private int xOff;
+
+		// Work-bufs used within processBlock()
+		private uint[] W = new uint[68];
+		private uint[] W1 = new uint[64];
+
+		// Round constant T for processBlock() which is 32 bit integer rolled left up to (63 MOD 32) bit positions.
+		private static readonly uint[] T = new uint[64];
+
+		static SM3Digest()
+		{
+			for (int i = 0; i < 16; ++i)
+			{
+				uint t = 0x79CC4519;
+				T[i] = (t << i) | (t >> (32 - i));
+			}
+			for (int i = 16; i < 64; ++i)
+			{
+				int n = i % 32;
+				uint t = 0x7A879D8A;
+				T[i] = (t << n) | (t >> (32 - n));
+			}
+		}
+
+
+		/// <summary>
+		/// Standard constructor
+		/// </summary>
+		public SM3Digest()
+		{
+			Reset();
+		}
+
+		/// <summary>
+		/// Copy constructor.  This will copy the state of the provided
+		/// message digest.
+		/// </summary>
+		public SM3Digest(SM3Digest t)
+			: base(t)
+		{
+			CopyIn(t);
+		}
+
+		private void CopyIn(SM3Digest t)
+		{
+			Array.Copy(t.V, 0, this.V, 0, this.V.Length);
+			Array.Copy(t.inwords, 0, this.inwords, 0, this.inwords.Length);
+			xOff = t.xOff;
+		}
+
+		public override string AlgorithmName
+		{
+			get { return "SM3"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DIGEST_LENGTH;
+		}
+
+		public override IMemoable Copy()
+		{
+			return new SM3Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			SM3Digest d = (SM3Digest)other;
+
+			base.CopyIn(d);
+			CopyIn(d);
+		}
+
+		/// <summary>
+		/// reset the chaining variables
+		/// </summary>
+		public override void Reset()
+		{
+			base.Reset();
+
+			this.V[0] = 0x7380166F;
+			this.V[1] = 0x4914B2B9;
+			this.V[2] = 0x172442D7;
+			this.V[3] = 0xDA8A0600;
+			this.V[4] = 0xA96F30BC;
+			this.V[5] = 0x163138AA;
+			this.V[6] = 0xE38DEE4D;
+			this.V[7] = 0xB0FB0E4E;
+
+			this.xOff = 0;
+		}
+
+
+		public override int DoFinal(byte[] output, int outOff)
+		{
+			Finish();
+
+			Pack.UInt32_To_BE(this.V[0], output, outOff + 0);
+			Pack.UInt32_To_BE(this.V[1], output, outOff + 4);
+			Pack.UInt32_To_BE(this.V[2], output, outOff + 8);
+			Pack.UInt32_To_BE(this.V[3], output, outOff + 12);
+			Pack.UInt32_To_BE(this.V[4], output, outOff + 16);
+			Pack.UInt32_To_BE(this.V[5], output, outOff + 20);
+			Pack.UInt32_To_BE(this.V[6], output, outOff + 24);
+			Pack.UInt32_To_BE(this.V[7], output, outOff + 28);
+
+			Reset();
+
+			return DIGEST_LENGTH;
+		}
+
+
+		internal override void ProcessWord(byte[] input,
+		                                   int inOff)
+		{
+			uint n = Pack.BE_To_UInt32(input, inOff);
+			this.inwords[this.xOff] = n;
+			++this.xOff;
+
+			if (this.xOff >= 16)
+			{
+				ProcessBlock();
+			}
+		}
+
+		internal override void ProcessLength(long bitLength)
+		{
+			if (this.xOff > (BLOCK_SIZE - 2))
+			{
+				// xOff == 15  --> can't fit the 64 bit length field at tail..
+				this.inwords[this.xOff] = 0; // fill with zero
+				++this.xOff;
+
+				ProcessBlock();
+			}
+			// Fill with zero words, until reach 2nd to last slot
+			while (this.xOff < (BLOCK_SIZE - 2))
+			{
+				this.inwords[this.xOff] = 0;
+				++this.xOff;
+			}
+
+			// Store input data length in BITS
+			this.inwords[this.xOff++] = (uint)(bitLength >> 32);
+			this.inwords[this.xOff++] = (uint)(bitLength);
+		}
+
+		/*
+
+	3.4.2.  Constants
+
+
+	   Tj = 79cc4519        when 0  < = j < = 15
+	   Tj = 7a879d8a        when 16 < = j < = 63
+
+	3.4.3.  Boolean function
+
+
+	   FFj(X;Y;Z) = X XOR Y XOR Z                       when 0  < = j < = 15
+	              = (X AND Y) OR (X AND Z) OR (Y AND Z) when 16 < = j < = 63
+
+	   GGj(X;Y;Z) = X XOR Y XOR Z                       when 0  < = j < = 15
+	              = (X AND Y) OR (NOT X AND Z)          when 16 < = j < = 63
+
+	   The X, Y, Z in the fomular are words!GBP
+
+	3.4.4.  Permutation function
+
+
+	   P0(X) = X XOR (X <<<  9) XOR (X <<< 17)   ## ROLL, not SHIFT
+	   P1(X) = X XOR (X <<< 15) XOR (X <<< 23)   ## ROLL, not SHIFT
+
+	   The X in the fomular are a word.
+
+	----------
+
+	Each ROLL converted to Java expression:
+
+	ROLL 9  :  ((x <<  9) | (x >> (32-9))))
+	ROLL 17 :  ((x << 17) | (x >> (32-17)))
+	ROLL 15 :  ((x << 15) | (x >> (32-15)))
+	ROLL 23 :  ((x << 23) | (x >> (32-23)))
+
+	 */
+
+		private uint P0(uint x)
+		{
+			uint r9 = ((x << 9) | (x >> (32 - 9)));
+			uint r17 = ((x << 17) | (x >> (32 - 17)));
+			return (x ^ r9 ^ r17);
+		}
+
+		private uint P1(uint x)
+		{
+			uint r15 = ((x << 15) | (x >> (32 - 15)));
+			uint r23 = ((x << 23) | (x >> (32 - 23)));
+			return (x ^ r15 ^ r23);
+		}
+
+		private uint FF0(uint x, uint y, uint z)
+		{
+			return (x ^ y ^ z);
+		}
+
+		private uint FF1(uint x, uint y, uint z)
+		{
+			return ((x & y) | (x & z) | (y & z));
+		}
+
+		private uint GG0(uint x, uint y, uint z)
+		{
+			return (x ^ y ^ z);
+		}
+
+		private uint GG1(uint x, uint y, uint z)
+		{
+			return ((x & y) | ((~x) & z));
+		}
+
+
+		internal override void ProcessBlock()
+		{
+			for (int j = 0; j < 16; ++j)
+			{
+				this.W[j] = this.inwords[j];
+			}
+			for (int j = 16; j < 68; ++j)
+			{
+				uint wj3 = this.W[j - 3];
+				uint r15 = ((wj3 << 15) | (wj3 >> (32 - 15)));
+				uint wj13 = this.W[j - 13];
+				uint r7 = ((wj13 << 7) | (wj13 >> (32 - 7)));
+				this.W[j] = P1(this.W[j - 16] ^ this.W[j - 9] ^ r15) ^ r7 ^ this.W[j - 6];
+			}
+			for (int j = 0; j < 64; ++j)
+			{
+				this.W1[j] = this.W[j] ^ this.W[j + 4];
+			}
+
+			uint A = this.V[0];
+			uint B = this.V[1];
+			uint C = this.V[2];
+			uint D = this.V[3];
+			uint E = this.V[4];
+			uint F = this.V[5];
+			uint G = this.V[6];
+			uint H = this.V[7];
+
+
+			for (int j = 0; j < 16; ++j)
+			{
+				uint a12 = ((A << 12) | (A >> (32 - 12)));
+				uint s1_ = a12 + E + T[j];
+				uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7)));
+				uint SS2 = SS1 ^ a12;
+				uint TT1 = FF0(A, B, C) + D + SS2 + this.W1[j];
+				uint TT2 = GG0(E, F, G) + H + SS1 + this.W[j];
+				D = C;
+				C = ((B << 9) | (B >> (32 - 9)));
+				B = A;
+				A = TT1;
+				H = G;
+				G = ((F << 19) | (F >> (32 - 19)));
+				F = E;
+				E = P0(TT2);
+			}
+
+			// Different FF,GG functions on rounds 16..63
+			for (int j = 16; j < 64; ++j)
+			{
+				uint a12 = ((A << 12) | (A >> (32 - 12)));
+				uint s1_ = a12 + E + T[j];
+				uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7)));
+				uint SS2 = SS1 ^ a12;
+				uint TT1 = FF1(A, B, C) + D + SS2 + this.W1[j];
+				uint TT2 = GG1(E, F, G) + H + SS1 + this.W[j];
+				D = C;
+				C = ((B << 9) | (B >> (32 - 9)));
+				B = A;
+				A = TT1;
+				H = G;
+				G = ((F << 19) | (F >> (32 - 19)));
+				F = E;
+				E = P0(TT2);
+			}
+
+			this.V[0] ^= A;
+			this.V[1] ^= B;
+			this.V[2] ^= C;
+			this.V[3] ^= D;
+			this.V[4] ^= E;
+			this.V[5] ^= F;
+			this.V[6] ^= G;
+			this.V[7] ^= H;
+
+			this.xOff = 0;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha1Digest.cs b/bc-sharp-crypto/src/crypto/digests/Sha1Digest.cs
new file mode 100644
index 0000000..60ec651
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha1Digest.cs
@@ -0,0 +1,284 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+
+    /**
+     * implementation of SHA-1 as outlined in "Handbook of Applied Cryptography", pages 346 - 349.
+     *
+     * It is interesting to ponder why the, apart from the extra IV, the other difference here from MD5
+     * is the "endianness" of the word processing!
+     */
+    public class Sha1Digest
+        : GeneralDigest
+    {
+        private const int DigestLength = 20;
+
+        private uint H1, H2, H3, H4, H5;
+
+        private uint[] X = new uint[80];
+        private int xOff;
+
+        public Sha1Digest()
+        {
+            Reset();
+        }
+
+        /**
+         * Copy constructor.  This will copy the state of the provided
+         * message digest.
+         */
+        public Sha1Digest(Sha1Digest t)
+            : base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(Sha1Digest t)
+		{
+			base.CopyIn(t);
+
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "SHA-1"; }
+        }
+
+        public override int GetDigestSize()
+        {
+            return DigestLength;
+        }
+
+        internal override void ProcessWord(
+            byte[]  input,
+            int     inOff)
+        {
+            X[xOff] = Pack.BE_To_UInt32(input, inOff);
+
+            if (++xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+        internal override void ProcessLength(long    bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (uint)((ulong)bitLength >> 32);
+            X[15] = (uint)((ulong)bitLength);
+        }
+
+        public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            Pack.UInt32_To_BE(H1, output, outOff);
+            Pack.UInt32_To_BE(H2, output, outOff + 4);
+            Pack.UInt32_To_BE(H3, output, outOff + 8);
+            Pack.UInt32_To_BE(H4, output, outOff + 12);
+            Pack.UInt32_To_BE(H5, output, outOff + 16);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+         * reset the chaining variables
+         */
+        public override void Reset()
+        {
+            base.Reset();
+
+            H1 = 0x67452301;
+            H2 = 0xefcdab89;
+            H3 = 0x98badcfe;
+            H4 = 0x10325476;
+            H5 = 0xc3d2e1f0;
+
+            xOff = 0;
+            Array.Clear(X, 0, X.Length);
+        }
+
+        //
+        // Additive constants
+        //
+        private const uint Y1 = 0x5a827999;
+        private const uint Y2 = 0x6ed9eba1;
+        private const uint Y3 = 0x8f1bbcdc;
+        private const uint Y4 = 0xca62c1d6;
+
+        private static uint F(uint u, uint v, uint w)
+        {
+            return (u & v) | (~u & w);
+        }
+
+        private static uint H(uint u, uint v, uint w)
+        {
+            return u ^ v ^ w;
+        }
+
+        private static uint G(uint u, uint v, uint w)
+        {
+            return (u & v) | (u & w) | (v & w);
+        }
+
+        internal override void ProcessBlock()
+        {
+            //
+            // expand 16 word block into 80 word block.
+            //
+            for (int i = 16; i < 80; i++)
+            {
+                uint t = X[i - 3] ^ X[i - 8] ^ X[i - 14] ^ X[i - 16];
+                X[i] = t << 1 | t >> 31;
+            }
+
+            //
+            // set up working variables.
+            //
+            uint A = H1;
+            uint B = H2;
+            uint C = H3;
+            uint D = H4;
+            uint E = H5;
+
+            //
+            // round 1
+            //
+            int idx = 0;
+
+            for (int j = 0; j < 4; j++)
+            {
+                // E = rotateLeft(A, 5) + F(B, C, D) + E + X[idx++] + Y1
+                // B = rotateLeft(B, 30)
+                E += (A << 5 | (A >> 27)) + F(B, C, D) + X[idx++] + Y1;
+                B = B << 30 | (B >> 2);
+
+                D += (E << 5 | (E >> 27)) + F(A, B, C) + X[idx++] + Y1;
+                A = A << 30 | (A >> 2);
+
+                C += (D << 5 | (D >> 27)) + F(E, A, B) + X[idx++] + Y1;
+                E = E << 30 | (E >> 2);
+
+                B += (C << 5 | (C >> 27)) + F(D, E, A) + X[idx++] + Y1;
+                D = D << 30 | (D >> 2);
+
+                A += (B << 5 | (B >> 27)) + F(C, D, E) + X[idx++] + Y1;
+                C = C << 30 | (C >> 2);
+            }
+
+            //
+            // round 2
+            //
+            for (int j = 0; j < 4; j++)
+            {
+                // E = rotateLeft(A, 5) + H(B, C, D) + E + X[idx++] + Y2
+                // B = rotateLeft(B, 30)
+                E += (A << 5 | (A >> 27)) + H(B, C, D) + X[idx++] + Y2;
+                B = B << 30 | (B >> 2);
+
+                D += (E << 5 | (E >> 27)) + H(A, B, C) + X[idx++] + Y2;
+                A = A << 30 | (A >> 2);
+
+                C += (D << 5 | (D >> 27)) + H(E, A, B) + X[idx++] + Y2;
+                E = E << 30 | (E >> 2);
+
+                B += (C << 5 | (C >> 27)) + H(D, E, A) + X[idx++] + Y2;
+                D = D << 30 | (D >> 2);
+
+                A += (B << 5 | (B >> 27)) + H(C, D, E) + X[idx++] + Y2;
+                C = C << 30 | (C >> 2);
+            }
+
+            //
+            // round 3
+            //
+            for (int j = 0; j < 4; j++)
+            {
+                // E = rotateLeft(A, 5) + G(B, C, D) + E + X[idx++] + Y3
+                // B = rotateLeft(B, 30)
+                E += (A << 5 | (A >> 27)) + G(B, C, D) + X[idx++] + Y3;
+                B = B << 30 | (B >> 2);
+
+                D += (E << 5 | (E >> 27)) + G(A, B, C) + X[idx++] + Y3;
+                A = A << 30 | (A >> 2);
+
+                C += (D << 5 | (D >> 27)) + G(E, A, B) + X[idx++] + Y3;
+                E = E << 30 | (E >> 2);
+
+                B += (C << 5 | (C >> 27)) + G(D, E, A) + X[idx++] + Y3;
+                D = D << 30 | (D >> 2);
+
+                A += (B << 5 | (B >> 27)) + G(C, D, E) + X[idx++] + Y3;
+                C = C << 30 | (C >> 2);
+            }
+
+            //
+            // round 4
+            //
+            for (int j = 0; j < 4; j++)
+            {
+                // E = rotateLeft(A, 5) + H(B, C, D) + E + X[idx++] + Y4
+                // B = rotateLeft(B, 30)
+                E += (A << 5 | (A >> 27)) + H(B, C, D) + X[idx++] + Y4;
+                B = B << 30 | (B >> 2);
+
+                D += (E << 5 | (E >> 27)) + H(A, B, C) + X[idx++] + Y4;
+                A = A << 30 | (A >> 2);
+
+                C += (D << 5 | (D >> 27)) + H(E, A, B) + X[idx++] + Y4;
+                E = E << 30 | (E >> 2);
+
+                B += (C << 5 | (C >> 27)) + H(D, E, A) + X[idx++] + Y4;
+                D = D << 30 | (D >> 2);
+
+                A += (B << 5 | (B >> 27)) + H(C, D, E) + X[idx++] + Y4;
+                C = C << 30 | (C >> 2);
+            }
+
+            H1 += A;
+            H2 += B;
+            H3 += C;
+            H4 += D;
+            H5 += E;
+
+            //
+            // reset start of the buffer.
+            //
+            xOff = 0;
+            Array.Clear(X, 0, 16);
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new Sha1Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha1Digest d = (Sha1Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha224Digest.cs b/bc-sharp-crypto/src/crypto/digests/Sha224Digest.cs
new file mode 100644
index 0000000..b4e8537
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha224Digest.cs
@@ -0,0 +1,289 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+     * SHA-224 as described in RFC 3874
+     * <pre>
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-224 512    32    224
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     * </pre>
+     */
+    public class Sha224Digest
+        : GeneralDigest
+    {
+        private const int DigestLength = 28;
+
+		private uint H1, H2, H3, H4, H5, H6, H7, H8;
+
+		private uint[] X = new uint[64];
+        private int     xOff;
+
+		/**
+         * Standard constructor
+         */
+        public Sha224Digest()
+        {
+            Reset();
+        }
+
+		/**
+         * Copy constructor.  This will copy the state of the provided
+         * message digest.
+         */
+         public Sha224Digest(
+			 Sha224Digest t)
+			 : base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(Sha224Digest t)
+		{
+			base.CopyIn(t);
+
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+            H6 = t.H6;
+            H7 = t.H7;
+            H8 = t.H8;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+		public override string AlgorithmName
+		{
+			get { return "SHA-224"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		internal override void ProcessWord(
+            byte[]  input,
+            int     inOff)
+        {
+			X[xOff] = Pack.BE_To_UInt32(input, inOff);
+
+			if (++xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+		internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (uint)((ulong)bitLength >> 32);
+            X[15] = (uint)((ulong)bitLength);
+        }
+
+        public override int DoFinal(
+            byte[]	output,
+            int		outOff)
+        {
+            Finish();
+
+			Pack.UInt32_To_BE(H1, output, outOff);
+            Pack.UInt32_To_BE(H2, output, outOff + 4);
+            Pack.UInt32_To_BE(H3, output, outOff + 8);
+            Pack.UInt32_To_BE(H4, output, outOff + 12);
+            Pack.UInt32_To_BE(H5, output, outOff + 16);
+            Pack.UInt32_To_BE(H6, output, outOff + 20);
+            Pack.UInt32_To_BE(H7, output, outOff + 24);
+
+			Reset();
+
+			return DigestLength;
+        }
+
+		/**
+         * reset the chaining variables
+         */
+        public override void Reset()
+        {
+            base.Reset();
+
+            /* SHA-224 initial hash value
+             */
+            H1 = 0xc1059ed8;
+            H2 = 0x367cd507;
+            H3 = 0x3070dd17;
+            H4 = 0xf70e5939;
+            H5 = 0xffc00b31;
+            H6 = 0x68581511;
+            H7 = 0x64f98fa7;
+            H8 = 0xbefa4fa4;
+
+			xOff = 0;
+			Array.Clear(X, 0, X.Length);
+        }
+
+        internal override void ProcessBlock()
+        {
+            //
+            // expand 16 word block into 64 word blocks.
+            //
+            for (int ti = 16; ti <= 63; ti++)
+            {
+                X[ti] = Theta1(X[ti - 2]) + X[ti - 7] + Theta0(X[ti - 15]) + X[ti - 16];
+            }
+
+			//
+            // set up working variables.
+            //
+            uint a = H1;
+            uint b = H2;
+            uint c = H3;
+            uint d = H4;
+            uint e = H5;
+            uint f = H6;
+            uint g = H7;
+            uint h = H8;
+
+			int t = 0;
+			for(int i = 0; i < 8; i ++)
+			{
+				// t = 8 * i
+				h += Sum1(e) + Ch(e, f, g) + K[t] + X[t];
+				d += h;
+				h += Sum0(a) + Maj(a, b, c);
+				++t;
+
+				// t = 8 * i + 1
+				g += Sum1(d) + Ch(d, e, f) + K[t] + X[t];
+				c += g;
+				g += Sum0(h) + Maj(h, a, b);
+				++t;
+
+				// t = 8 * i + 2
+				f += Sum1(c) + Ch(c, d, e) + K[t] + X[t];
+				b += f;
+				f += Sum0(g) + Maj(g, h, a);
+				++t;
+
+				// t = 8 * i + 3
+				e += Sum1(b) + Ch(b, c, d) + K[t] + X[t];
+				a += e;
+				e += Sum0(f) + Maj(f, g, h);
+				++t;
+
+				// t = 8 * i + 4
+				d += Sum1(a) + Ch(a, b, c) + K[t] + X[t];
+				h += d;
+				d += Sum0(e) + Maj(e, f, g);
+				++t;
+
+				// t = 8 * i + 5
+				c += Sum1(h) + Ch(h, a, b) + K[t] + X[t];
+				g += c;
+				c += Sum0(d) + Maj(d, e, f);
+				++t;
+
+				// t = 8 * i + 6
+				b += Sum1(g) + Ch(g, h, a) + K[t] + X[t];
+				f += b;
+				b += Sum0(c) + Maj(c, d, e);
+				++t;
+
+				// t = 8 * i + 7
+				a += Sum1(f) + Ch(f, g, h) + K[t] + X[t];
+				e += a;
+				a += Sum0(b) + Maj(b, c, d);
+				++t;
+			}
+
+			H1 += a;
+            H2 += b;
+            H3 += c;
+            H4 += d;
+            H5 += e;
+            H6 += f;
+            H7 += g;
+            H8 += h;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+			Array.Clear(X, 0, 16);
+		}
+
+		/* SHA-224 functions */
+        private static uint Ch(uint x, uint y, uint z)
+        {
+            return (x & y) ^ (~x & z);
+        }
+
+        private static uint Maj(uint x, uint y, uint z)
+        {
+            return (x & y) ^ (x & z) ^ (y & z);
+        }
+
+        private static uint Sum0(uint x)
+        {
+	        return ((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10));
+        }
+
+        private static uint Sum1(uint x)
+        {
+			return ((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7));
+        }
+
+		private static uint Theta0(uint x)
+        {
+	        return ((x >> 7) | (x << 25)) ^ ((x >> 18) | (x << 14)) ^ (x >> 3);
+        }
+
+        private static uint Theta1(uint x)
+        {
+	        return ((x >> 17) | (x << 15)) ^ ((x >> 19) | (x << 13)) ^ (x >> 10);
+        }
+
+		/* SHA-224 Constants
+         * (represent the first 32 bits of the fractional parts of the
+         * cube roots of the first sixty-four prime numbers)
+         */
+        internal static readonly uint[] K = {
+            0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+            0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+            0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+            0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+            0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+            0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+			0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+            0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+        };
+		
+		public override IMemoable Copy()
+		{
+			return new Sha224Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha224Digest d = (Sha224Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha256Digest.cs b/bc-sharp-crypto/src/crypto/digests/Sha256Digest.cs
new file mode 100644
index 0000000..98e10a3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha256Digest.cs
@@ -0,0 +1,330 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * Draft FIPS 180-2 implementation of SHA-256. <b>Note:</b> As this is
+    * based on a draft this implementation is subject to change.
+    *
+    * <pre>
+    *         block  word  digest
+    * SHA-1   512    32    160
+    * SHA-256 512    32    256
+    * SHA-384 1024   64    384
+    * SHA-512 1024   64    512
+    * </pre>
+    */
+    public class Sha256Digest
+		: GeneralDigest
+    {
+        private const int DigestLength = 32;
+
+        private uint H1, H2, H3, H4, H5, H6, H7, H8;
+        private uint[] X = new uint[64];
+        private int xOff;
+
+        public Sha256Digest()
+        {
+			initHs();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public Sha256Digest(Sha256Digest t) : base(t)
+        {
+			CopyIn(t);
+		}
+
+		private void CopyIn(Sha256Digest t)
+		{
+			base.CopyIn(t);
+
+            H1 = t.H1;
+            H2 = t.H2;
+            H3 = t.H3;
+            H4 = t.H4;
+            H5 = t.H5;
+            H6 = t.H6;
+            H7 = t.H7;
+            H8 = t.H8;
+
+            Array.Copy(t.X, 0, X, 0, t.X.Length);
+            xOff = t.xOff;
+        }
+
+        public override string AlgorithmName
+		{
+			get { return "SHA-256"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		internal override void ProcessWord(
+            byte[]  input,
+            int     inOff)
+		{
+			X[xOff] = Pack.BE_To_UInt32(input, inOff);
+
+			if (++xOff == 16)
+            {
+                ProcessBlock();
+            }
+        }
+
+		internal override void ProcessLength(
+            long bitLength)
+        {
+            if (xOff > 14)
+            {
+                ProcessBlock();
+            }
+
+            X[14] = (uint)((ulong)bitLength >> 32);
+            X[15] = (uint)((ulong)bitLength);
+        }
+
+        public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            Pack.UInt32_To_BE((uint)H1, output, outOff);
+            Pack.UInt32_To_BE((uint)H2, output, outOff + 4);
+            Pack.UInt32_To_BE((uint)H3, output, outOff + 8);
+            Pack.UInt32_To_BE((uint)H4, output, outOff + 12);
+            Pack.UInt32_To_BE((uint)H5, output, outOff + 16);
+            Pack.UInt32_To_BE((uint)H6, output, outOff + 20);
+            Pack.UInt32_To_BE((uint)H7, output, outOff + 24);
+            Pack.UInt32_To_BE((uint)H8, output, outOff + 28);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+			initHs();
+
+            xOff = 0;
+			Array.Clear(X, 0, X.Length);
+        }
+
+		private void initHs()
+		{
+            /* SHA-256 initial hash value
+            * The first 32 bits of the fractional parts of the square roots
+            * of the first eight prime numbers
+            */
+            H1 = 0x6a09e667;
+            H2 = 0xbb67ae85;
+            H3 = 0x3c6ef372;
+            H4 = 0xa54ff53a;
+            H5 = 0x510e527f;
+            H6 = 0x9b05688c;
+            H7 = 0x1f83d9ab;
+            H8 = 0x5be0cd19;
+		}
+
+        internal override void ProcessBlock()
+        {
+            //
+            // expand 16 word block into 64 word blocks.
+            //
+            for (int ti = 16; ti <= 63; ti++)
+            {
+                X[ti] = Theta1(X[ti - 2]) + X[ti - 7] + Theta0(X[ti - 15]) + X[ti - 16];
+            }
+
+            //
+            // set up working variables.
+            //
+            uint a = H1;
+            uint b = H2;
+            uint c = H3;
+            uint d = H4;
+            uint e = H5;
+            uint f = H6;
+            uint g = H7;
+            uint h = H8;
+
+			int t = 0;
+			for(int i = 0; i < 8; ++i)
+			{
+				// t = 8 * i
+				h += Sum1Ch(e, f, g) + K[t] + X[t];
+				d += h;
+				h += Sum0Maj(a, b, c);
+				++t;
+
+				// t = 8 * i + 1
+				g += Sum1Ch(d, e, f) + K[t] + X[t];
+				c += g;
+				g += Sum0Maj(h, a, b);
+				++t;
+
+				// t = 8 * i + 2
+				f += Sum1Ch(c, d, e) + K[t] + X[t];
+				b += f;
+				f += Sum0Maj(g, h, a);
+				++t;
+
+				// t = 8 * i + 3
+				e += Sum1Ch(b, c, d) + K[t] + X[t];
+				a += e;
+				e += Sum0Maj(f, g, h);
+				++t;
+
+				// t = 8 * i + 4
+				d += Sum1Ch(a, b, c) + K[t] + X[t];
+				h += d;
+				d += Sum0Maj(e, f, g);
+				++t;
+
+				// t = 8 * i + 5
+				c += Sum1Ch(h, a, b) + K[t] + X[t];
+				g += c;
+				c += Sum0Maj(d, e, f);
+				++t;
+
+				// t = 8 * i + 6
+				b += Sum1Ch(g, h, a) + K[t] + X[t];
+				f += b;
+				b += Sum0Maj(c, d, e);
+				++t;
+
+				// t = 8 * i + 7
+				a += Sum1Ch(f, g, h) + K[t] + X[t];
+				e += a;
+				a += Sum0Maj(b, c, d);
+				++t;
+			}
+
+			H1 += a;
+            H2 += b;
+            H3 += c;
+            H4 += d;
+            H5 += e;
+            H6 += f;
+            H7 += g;
+            H8 += h;
+
+            //
+            // reset the offset and clean out the word buffer.
+            //
+            xOff = 0;
+			Array.Clear(X, 0, 16);
+        }
+
+		private static uint Sum1Ch(
+            uint    x,
+            uint    y,
+            uint    z)
+		{
+//			return Sum1(x) + Ch(x, y, z);
+	        return (((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7)))
+				+ ((x & y) ^ ((~x) & z));
+		}
+
+		private static uint Sum0Maj(
+            uint	x,
+            uint    y,
+            uint    z)
+		{
+//			return Sum0(x) + Maj(x, y, z);
+	        return (((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10)))
+				+ ((x & y) ^ (x & z) ^ (y & z));
+		}
+
+//		/* SHA-256 functions */
+//        private static uint Ch(
+//            uint    x,
+//            uint    y,
+//            uint    z)
+//        {
+//            return ((x & y) ^ ((~x) & z));
+//        }
+//
+//        private static uint Maj(
+//            uint	x,
+//            uint    y,
+//            uint    z)
+//        {
+//            return ((x & y) ^ (x & z) ^ (y & z));
+//        }
+//
+//        private static uint Sum0(
+//            uint x)
+//        {
+//	        return ((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10));
+//        }
+//
+//        private static uint Sum1(
+//            uint x)
+//        {
+//	        return ((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7));
+//        }
+
+        private static uint Theta0(
+            uint x)
+        {
+	        return ((x >> 7) | (x << 25)) ^ ((x >> 18) | (x << 14)) ^ (x >> 3);
+        }
+
+        private static uint Theta1(
+            uint x)
+        {
+	        return ((x >> 17) | (x << 15)) ^ ((x >> 19) | (x << 13)) ^ (x >> 10);
+        }
+
+        /* SHA-256 Constants
+        * (represent the first 32 bits of the fractional parts of the
+        * cube roots of the first sixty-four prime numbers)
+        */
+        private static readonly uint[] K = {
+            0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+			0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+            0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+            0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+            0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+            0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+            0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+            0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+            0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+            0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+            0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+            0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+            0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+            0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+            0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+            0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+        };
+		
+		public override IMemoable Copy()
+		{
+			return new Sha256Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha256Digest d = (Sha256Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha384Digest.cs b/bc-sharp-crypto/src/crypto/digests/Sha384Digest.cs
new file mode 100644
index 0000000..e6c9a9a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha384Digest.cs
@@ -0,0 +1,101 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+     * Draft FIPS 180-2 implementation of SHA-384. <b>Note:</b> As this is
+     * based on a draft this implementation is subject to change.
+     *
+     * <pre>
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     * </pre>
+     */
+    public class Sha384Digest
+		: LongDigest
+    {
+        private const int DigestLength = 48;
+
+		public Sha384Digest()
+        {
+        }
+
+        /**
+         * Copy constructor.  This will copy the state of the provided
+         * message digest.
+         */
+        public Sha384Digest(
+			Sha384Digest t)
+			: base(t)
+		{
+		}
+
+		public override string AlgorithmName
+		{
+			get { return "SHA-384"; }
+		}
+
+		public override int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            Pack.UInt64_To_BE(H1, output, outOff);
+            Pack.UInt64_To_BE(H2, output, outOff + 8);
+            Pack.UInt64_To_BE(H3, output, outOff + 16);
+            Pack.UInt64_To_BE(H4, output, outOff + 24);
+            Pack.UInt64_To_BE(H5, output, outOff + 32);
+            Pack.UInt64_To_BE(H6, output, outOff + 40);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            /* SHA-384 initial hash value
+                * The first 64 bits of the fractional parts of the square roots
+                * of the 9th through 16th prime numbers
+                */
+            H1 = 0xcbbb9d5dc1059ed8;
+            H2 = 0x629a292a367cd507;
+            H3 = 0x9159015a3070dd17;
+            H4 = 0x152fecd8f70e5939;
+            H5 = 0x67332667ffc00b31;
+            H6 = 0x8eb44a8768581511;
+            H7 = 0xdb0c2e0d64f98fa7;
+            H8 = 0x47b5481dbefa4fa4;
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new Sha384Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha384Digest d = (Sha384Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha512Digest.cs b/bc-sharp-crypto/src/crypto/digests/Sha512Digest.cs
new file mode 100644
index 0000000..2a0964f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha512Digest.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+     * Draft FIPS 180-2 implementation of SHA-512. <b>Note:</b> As this is
+     * based on a draft this implementation is subject to change.
+     *
+     * <pre>
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     * </pre>
+     */
+    public class Sha512Digest
+        : LongDigest
+    {
+        private const int DigestLength = 64;
+
+        public Sha512Digest()
+        {
+        }
+
+        /**
+         * Copy constructor.  This will copy the state of the provided
+         * message digest.
+         */
+        public Sha512Digest(
+            Sha512Digest t)
+            : base(t)
+        {
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "SHA-512"; }
+        }
+
+        public override int GetDigestSize()
+        {
+            return DigestLength;
+        }
+
+        public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            Pack.UInt64_To_BE(H1, output, outOff);
+            Pack.UInt64_To_BE(H2, output, outOff + 8);
+            Pack.UInt64_To_BE(H3, output, outOff + 16);
+            Pack.UInt64_To_BE(H4, output, outOff + 24);
+            Pack.UInt64_To_BE(H5, output, outOff + 32);
+            Pack.UInt64_To_BE(H6, output, outOff + 40);
+            Pack.UInt64_To_BE(H7, output, outOff + 48);
+            Pack.UInt64_To_BE(H8, output, outOff + 56);
+
+            Reset();
+
+            return DigestLength;
+
+        }
+
+        /**
+        * reset the chaining variables
+        */
+        public override void Reset()
+        {
+            base.Reset();
+
+            /* SHA-512 initial hash value
+             * The first 64 bits of the fractional parts of the square roots
+             * of the first eight prime numbers
+             */
+            H1 = 0x6a09e667f3bcc908;
+            H2 = 0xbb67ae8584caa73b;
+            H3 = 0x3c6ef372fe94f82b;
+            H4 = 0xa54ff53a5f1d36f1;
+            H5 = 0x510e527fade682d1;
+            H6 = 0x9b05688c2b3e6c1f;
+            H7 = 0x1f83d9abfb41bd6b;
+            H8 = 0x5be0cd19137e2179;
+        }
+		
+		public override IMemoable Copy()
+		{
+			return new Sha512Digest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha512Digest d = (Sha512Digest)other;
+
+			CopyIn(d);
+		}
+
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/Sha512tDigest.cs b/bc-sharp-crypto/src/crypto/digests/Sha512tDigest.cs
new file mode 100644
index 0000000..2caefa7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/Sha512tDigest.cs
@@ -0,0 +1,200 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+     * FIPS 180-4 implementation of SHA-512/t
+     */
+    public class Sha512tDigest
+        : LongDigest
+    {
+        private const ulong A5 = 0xa5a5a5a5a5a5a5a5UL;
+
+        private readonly int digestLength;
+
+        private ulong H1t, H2t, H3t, H4t, H5t, H6t, H7t, H8t;
+
+        /**
+         * Standard constructor
+         */
+        public Sha512tDigest(int bitLength)
+        {
+            if (bitLength >= 512)
+                throw new ArgumentException("cannot be >= 512", "bitLength");
+            if (bitLength % 8 != 0)
+                throw new ArgumentException("needs to be a multiple of 8", "bitLength");
+            if (bitLength == 384)
+                throw new ArgumentException("cannot be 384 use SHA384 instead", "bitLength");
+
+            this.digestLength = bitLength / 8;
+
+            tIvGenerate(digestLength * 8);
+
+            Reset();
+        }
+
+        /**
+         * Copy constructor.  This will copy the state of the provided
+         * message digest.
+         */
+        public Sha512tDigest(Sha512tDigest t)
+            : base(t)
+        {
+            this.digestLength = t.digestLength;
+
+			Reset(t);
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "SHA-512/" + (digestLength * 8); }
+        }
+
+        public override int GetDigestSize()
+        {
+            return digestLength;
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+            Finish();
+
+            UInt64_To_BE(H1, output, outOff, digestLength);
+            UInt64_To_BE(H2, output, outOff + 8, digestLength - 8);
+            UInt64_To_BE(H3, output, outOff + 16, digestLength - 16);
+            UInt64_To_BE(H4, output, outOff + 24, digestLength - 24);
+            UInt64_To_BE(H5, output, outOff + 32, digestLength - 32);
+            UInt64_To_BE(H6, output, outOff + 40, digestLength - 40);
+            UInt64_To_BE(H7, output, outOff + 48, digestLength - 48);
+            UInt64_To_BE(H8, output, outOff + 56, digestLength - 56);
+
+            Reset();
+
+            return digestLength;
+        }
+
+        /**
+         * reset the chaining variables
+         */
+        public override void Reset()
+        {
+            base.Reset();
+
+            /*
+             * initial hash values use the iv generation algorithm for t.
+             */
+            H1 = H1t;
+            H2 = H2t;
+            H3 = H3t;
+            H4 = H4t;
+            H5 = H5t;
+            H6 = H6t;
+            H7 = H7t;
+            H8 = H8t;
+        }
+
+        private void tIvGenerate(int bitLength)
+        {
+            H1 = 0x6a09e667f3bcc908UL ^ A5;
+            H2 = 0xbb67ae8584caa73bUL ^ A5;
+            H3 = 0x3c6ef372fe94f82bUL ^ A5;
+            H4 = 0xa54ff53a5f1d36f1UL ^ A5;
+            H5 = 0x510e527fade682d1UL ^ A5;
+            H6 = 0x9b05688c2b3e6c1fUL ^ A5;
+            H7 = 0x1f83d9abfb41bd6bUL ^ A5;
+            H8 = 0x5be0cd19137e2179UL ^ A5;
+
+            Update(0x53);
+            Update(0x48);
+            Update(0x41);
+            Update(0x2D);
+            Update(0x35);
+            Update(0x31);
+            Update(0x32);
+            Update(0x2F);
+
+            if (bitLength > 100)
+            {
+                Update((byte)(bitLength / 100 + 0x30));
+                bitLength = bitLength % 100;
+                Update((byte)(bitLength / 10 + 0x30));
+                bitLength = bitLength % 10;
+                Update((byte)(bitLength + 0x30));
+            }
+            else if (bitLength > 10)
+            {
+                Update((byte)(bitLength / 10 + 0x30));
+                bitLength = bitLength % 10;
+                Update((byte)(bitLength + 0x30));
+            }
+            else
+            {
+                Update((byte)(bitLength + 0x30));
+            }
+
+            Finish();
+
+            H1t = H1;
+            H2t = H2;
+            H3t = H3;
+            H4t = H4;
+            H5t = H5;
+            H6t = H6;
+            H7t = H7;
+            H8t = H8;
+        }
+
+        private static void UInt64_To_BE(ulong n, byte[] bs, int off, int max)
+        {
+            if (max > 0)
+            {
+                UInt32_To_BE((uint)(n >> 32), bs, off, max);
+
+                if (max > 4)
+                {
+                    UInt32_To_BE((uint)n, bs, off + 4, max - 4);
+                }
+            }
+        }
+
+        private static void UInt32_To_BE(uint n, byte[] bs, int off, int max)
+        {
+            int num = System.Math.Min(4, max);
+            while (--num >= 0)
+            {
+                int shift = 8 * (3 - num);
+                bs[off + num] = (byte)(n >> shift);
+            }
+        }
+
+		public override IMemoable Copy()
+		{
+			return new Sha512tDigest(this);
+		}
+
+		public override void Reset(IMemoable other)
+		{
+			Sha512tDigest t = (Sha512tDigest)other;
+
+			if (this.digestLength != t.digestLength)
+			{
+				throw new MemoableResetException("digestLength inappropriate in other");
+			}
+
+			base.CopyIn(t);
+
+			this.H1t = t.H1t;
+			this.H2t = t.H2t;
+			this.H3t = t.H3t;
+			this.H4t = t.H4t;
+			this.H5t = t.H5t;
+			this.H6t = t.H6t;
+			this.H7t = t.H7t;
+			this.H8t = t.H8t;
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/ShakeDigest.cs b/bc-sharp-crypto/src/crypto/digests/ShakeDigest.cs
new file mode 100644
index 0000000..13e8838
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/ShakeDigest.cs
@@ -0,0 +1,119 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /// <summary>
+    /// Implementation of SHAKE based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
+    /// </summary>
+    /// <remarks>
+    /// Following the naming conventions used in the C source code to enable easy review of the implementation.
+    /// </remarks>
+    public class ShakeDigest
+        : KeccakDigest, IXof
+    {
+        private static int CheckBitLength(int bitLength)
+        {
+            switch (bitLength)
+            {
+            case 128:
+            case 256:
+                return bitLength;
+            default:
+                throw new ArgumentException(bitLength + " not supported for SHAKE", "bitLength");
+            }
+        }
+
+        public ShakeDigest()
+            : this(128)
+        {
+        }
+
+        public ShakeDigest(int bitLength)
+            : base(CheckBitLength(bitLength))
+        {
+        }
+
+        public ShakeDigest(ShakeDigest source)
+            : base(source)
+        {
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "SHAKE" + fixedOutputLength; }
+        }
+
+        public override int DoFinal(byte[] output, int outOff)
+        {
+            return DoFinal(output, outOff, GetDigestSize());
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff, int outLen)
+        {
+            DoOutput(output, outOff, outLen);
+
+            Reset();
+
+            return outLen;
+        }
+
+        public virtual int DoOutput(byte[] output, int outOff, int outLen)
+        {
+            if (!squeezing)
+            {
+                AbsorbBits(0x0F, 4);
+            }
+
+            Squeeze(output, outOff, outLen);
+
+            return outLen;
+        }
+
+        /*
+         * TODO Possible API change to support partial-byte suffixes.
+         */
+        protected override int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits)
+        {
+            return DoFinal(output, outOff, GetDigestSize(), partialByte, partialBits);
+        }
+
+        /*
+         * TODO Possible API change to support partial-byte suffixes.
+         */
+        protected virtual int DoFinal(byte[] output, int outOff, int outLen, byte partialByte, int partialBits)
+        {
+            if (partialBits < 0 || partialBits > 7)
+                throw new ArgumentException("must be in the range [0,7]", "partialBits");
+
+            int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x0F << partialBits);
+            Debug.Assert(finalInput >= 0);
+            int finalBits = partialBits + 4;
+
+            if (finalBits >= 8)
+            {
+                Absorb(new byte[]{ (byte)finalInput }, 0, 1);
+                finalBits -= 8;
+                finalInput >>= 8;
+            }
+
+            if (finalBits > 0)
+            {
+                AbsorbBits(finalInput, finalBits);
+            }
+
+            Squeeze(output, outOff, outLen);
+
+            Reset();
+
+            return outLen;
+        }
+
+        public override IMemoable Copy()
+        {
+            return new ShakeDigest(this);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/ShortenedDigest.cs b/bc-sharp-crypto/src/crypto/digests/ShortenedDigest.cs
new file mode 100644
index 0000000..9e4d99e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/ShortenedDigest.cs
@@ -0,0 +1,82 @@
+using System;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+	/**
+	* Wrapper class that reduces the output length of a particular digest to
+	* only the first n bytes of the digest function.
+	*/
+	public class ShortenedDigest
+		: IDigest
+	{
+		private IDigest	baseDigest;
+		private int		length;
+
+		/**
+		* Base constructor.
+		*
+		* @param baseDigest underlying digest to use.
+		* @param length length in bytes of the output of doFinal.
+		* @exception ArgumentException if baseDigest is null, or length is greater than baseDigest.GetDigestSize().
+		*/
+		public ShortenedDigest(
+			IDigest	baseDigest,
+			int		length)
+		{
+			if (baseDigest == null)
+			{
+				throw new ArgumentNullException("baseDigest");
+			}
+
+			if (length > baseDigest.GetDigestSize())
+			{
+				throw new ArgumentException("baseDigest output not large enough to support length");
+			}
+
+			this.baseDigest = baseDigest;
+			this.length = length;
+		}
+
+		public string AlgorithmName
+		{
+			get { return baseDigest.AlgorithmName + "(" + length * 8 + ")"; }
+		}
+
+		public int GetDigestSize()
+		{
+			return length;
+		}
+
+		public void Update(byte input)
+		{
+			baseDigest.Update(input);
+		}
+
+		public void BlockUpdate(byte[] input, int inOff, int length)
+		{
+			baseDigest.BlockUpdate(input, inOff, length);
+		}
+
+		public int DoFinal(byte[] output, int outOff)
+		{
+			byte[] tmp = new byte[baseDigest.GetDigestSize()];
+
+			baseDigest.DoFinal(tmp, 0);
+
+	        Array.Copy(tmp, 0, output, outOff, length);
+
+			return length;
+		}
+
+		public void Reset()
+		{
+			baseDigest.Reset();
+		}
+
+		public int GetByteLength()
+		{
+			return baseDigest.GetByteLength();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/SkeinDigest.cs b/bc-sharp-crypto/src/crypto/digests/SkeinDigest.cs
new file mode 100644
index 0000000..f826ce5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/SkeinDigest.cs
@@ -0,0 +1,117 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+
+	/// <summary>
+	/// Implementation of the Skein parameterised hash function in 256, 512 and 1024 bit block sizes,
+	/// based on the <see cref="Org.BouncyCastle.Crypto.Engines.ThreefishEngine">Threefish</see> tweakable block cipher.
+	/// </summary>
+	/// <remarks>
+	/// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
+	/// competition in October 2010.
+	/// <p/>
+	/// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
+	/// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
+	/// </remarks>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Digests.SkeinEngine"/>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"/>
+	public class SkeinDigest
+		: IDigest, IMemoable
+	{
+		/// <summary>
+		/// 256 bit block size - Skein-256
+		/// </summary>
+		public const int SKEIN_256 = SkeinEngine.SKEIN_256;
+		/// <summary>
+		/// 512 bit block size - Skein-512
+		/// </summary>
+		public const int SKEIN_512 = SkeinEngine.SKEIN_512;
+		/// <summary>
+		/// 1024 bit block size - Skein-1024
+		/// </summary>
+		public const int SKEIN_1024 = SkeinEngine.SKEIN_1024;
+
+		private readonly SkeinEngine engine;
+
+		/// <summary>
+		/// Constructs a Skein digest with an internal state size and output size.
+		/// </summary>
+		/// <param name="stateSizeBits">the internal state size in bits - one of <see cref="SKEIN_256"/> <see cref="SKEIN_512"/> or
+		///                       <see cref="SKEIN_1024"/>.</param>
+		/// <param name="digestSizeBits">the output/digest size to produce in bits, which must be an integral number of
+		///                      bytes.</param>
+		public SkeinDigest(int stateSizeBits, int digestSizeBits)
+		{
+			this.engine = new SkeinEngine(stateSizeBits, digestSizeBits);
+			Init(null);
+		}
+
+		public SkeinDigest(SkeinDigest digest)
+		{
+			this.engine = new SkeinEngine(digest.engine);
+		}
+
+		public void Reset(IMemoable other)
+		{
+			SkeinDigest d = (SkeinDigest)other;
+			engine.Reset(d.engine);
+		}
+
+		public IMemoable Copy()
+		{
+			return new SkeinDigest(this);
+		}
+
+		public String AlgorithmName
+		{
+			get { return "Skein-" + (engine.BlockSize * 8) + "-" + (engine.OutputSize * 8); }
+		}
+
+		public int GetDigestSize()
+		{
+			return engine.OutputSize;
+		}
+
+		public int GetByteLength()
+		{
+			return engine.BlockSize;
+		}
+
+		/// <summary>
+		/// Optionally initialises the Skein digest with the provided parameters.
+		/// </summary>
+		/// See <see cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"></see> for details on the parameterisation of the Skein hash function.
+		/// <param name="parameters">the parameters to apply to this engine, or <code>null</code> to use no parameters.</param>
+		public void Init(SkeinParameters parameters)
+		{
+			engine.Init(parameters);
+		}
+
+		public void Reset()
+		{
+			engine.Reset();
+		}
+
+		public void Update(byte inByte)
+		{
+			engine.Update(inByte);
+		}
+
+		public void BlockUpdate(byte[] inBytes, int inOff, int len)
+		{
+			engine.Update(inBytes, inOff, len);
+		}
+
+		public int DoFinal(byte[] outBytes, int outOff)
+		{
+			return engine.DoFinal(outBytes, outOff);
+		}
+
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/digests/SkeinEngine.cs b/bc-sharp-crypto/src/crypto/digests/SkeinEngine.cs
new file mode 100644
index 0000000..cfedfad
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/SkeinEngine.cs
@@ -0,0 +1,804 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+
+    /// <summary>
+    /// Implementation of the Skein family of parameterised hash functions in 256, 512 and 1024 bit block
+    /// sizes, based on the <see cref="Org.BouncyCastle.Crypto.Engines.ThreefishEngine">Threefish</see> tweakable block cipher.
+    /// </summary>
+    /// <remarks>
+    /// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
+    /// competition in October 2010.
+    /// <p/>
+    /// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
+    /// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
+    /// <p/>
+    /// This implementation is the basis for <see cref="Org.BouncyCastle.Crypto.Digests.SkeinDigest"/> and <see cref="Org.BouncyCastle.Crypto.Macs.SkeinMac"/>, implementing the
+    /// parameter based configuration system that allows Skein to be adapted to multiple applications. <br/>
+    /// Initialising the engine with <see cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"/> allows standard and arbitrary parameters to
+    /// be applied during the Skein hash function.
+    /// <p/>
+    /// Implemented:
+    /// <ul>
+    /// <li>256, 512 and 1024 bit internal states.</li>
+    /// <li>Full 96 bit input length.</li>
+    /// <li>Parameters defined in the Skein specification, and arbitrary other pre and post message
+    /// parameters.</li>
+    /// <li>Arbitrary output size in 1 byte intervals.</li>
+    /// </ul>
+    /// <p/>
+    /// Not implemented:
+    /// <ul>
+    /// <li>Sub-byte length input (bit padding).</li>
+    /// <li>Tree hashing.</li>
+    /// </ul>
+    /// </remarks>
+    /// <seealso cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"/>
+    public class SkeinEngine
+        : IMemoable
+    {
+        /// <summary>
+        /// 256 bit block size - Skein-256
+        /// </summary>
+        public const int SKEIN_256 = ThreefishEngine.BLOCKSIZE_256;
+        /// <summary>
+        /// 512 bit block size - Skein-512
+        /// </summary>
+        public const int SKEIN_512 = ThreefishEngine.BLOCKSIZE_512;
+        /// <summary>
+        /// 1024 bit block size - Skein-1024
+        /// </summary>
+        public const int SKEIN_1024 = ThreefishEngine.BLOCKSIZE_1024;
+
+        // Minimal at present, but more complex when tree hashing is implemented
+        private class Configuration
+        {
+            private byte[] bytes = new byte[32];
+
+            public Configuration(long outputSizeBits)
+            {
+                // 0..3 = ASCII SHA3
+                bytes[0] = (byte)'S';
+                bytes[1] = (byte)'H';
+                bytes[2] = (byte)'A';
+                bytes[3] = (byte)'3';
+
+                // 4..5 = version number in LSB order
+                bytes[4] = 1;
+                bytes[5] = 0;
+
+                // 8..15 = output length
+                ThreefishEngine.WordToBytes((ulong)outputSizeBits, bytes, 8);
+            }
+
+            public byte[] Bytes
+            {
+                get { return bytes; }
+            }
+
+        }
+
+        public class Parameter
+        {
+            private int type;
+            private byte[] value;
+
+            public Parameter(int type, byte[] value)
+            {
+                this.type = type;
+                this.value = value;
+            }
+
+            public int Type
+            {
+                get { return type; }
+            }
+
+            public byte[] Value
+            {
+                get { return value; }
+            }
+
+        }
+
+        /**
+         * The parameter type for the Skein key.
+         */
+        private const int PARAM_TYPE_KEY = 0;
+
+        /**
+         * The parameter type for the Skein configuration block.
+         */
+        private const int PARAM_TYPE_CONFIG = 4;
+
+        /**
+         * The parameter type for the message.
+         */
+        private const int PARAM_TYPE_MESSAGE = 48;
+
+        /**
+         * The parameter type for the output transformation.
+         */
+        private const int PARAM_TYPE_OUTPUT = 63;
+
+        /**
+         * Precalculated UBI(CFG) states for common state/output combinations without key or other
+         * pre-message params.
+         */
+        private static readonly IDictionary INITIAL_STATES = Platform.CreateHashtable();
+
+        static SkeinEngine()
+        {
+            // From Appendix C of the Skein 1.3 NIST submission
+            InitialState(SKEIN_256, 128, new ulong[]{
+                0xe1111906964d7260UL,
+                0x883daaa77c8d811cUL,
+                0x10080df491960f7aUL,
+                0xccf7dde5b45bc1c2UL});
+
+            InitialState(SKEIN_256, 160, new ulong[]{
+                0x1420231472825e98UL,
+                0x2ac4e9a25a77e590UL,
+                0xd47a58568838d63eUL,
+                0x2dd2e4968586ab7dUL});
+
+            InitialState(SKEIN_256, 224, new ulong[]{
+                0xc6098a8c9ae5ea0bUL,
+                0x876d568608c5191cUL,
+                0x99cb88d7d7f53884UL,
+                0x384bddb1aeddb5deUL});
+
+            InitialState(SKEIN_256, 256, new ulong[]{
+                0xfc9da860d048b449UL,
+                0x2fca66479fa7d833UL,
+                0xb33bc3896656840fUL,
+                0x6a54e920fde8da69UL});
+
+            InitialState(SKEIN_512, 128, new ulong[]{
+                0xa8bc7bf36fbf9f52UL,
+                0x1e9872cebd1af0aaUL,
+                0x309b1790b32190d3UL,
+                0xbcfbb8543f94805cUL,
+                0x0da61bcd6e31b11bUL,
+                0x1a18ebead46a32e3UL,
+                0xa2cc5b18ce84aa82UL,
+                0x6982ab289d46982dUL});
+
+            InitialState(SKEIN_512, 160, new ulong[]{
+                0x28b81a2ae013bd91UL,
+                0xc2f11668b5bdf78fUL,
+                0x1760d8f3f6a56f12UL,
+                0x4fb747588239904fUL,
+                0x21ede07f7eaf5056UL,
+                0xd908922e63ed70b8UL,
+                0xb8ec76ffeccb52faUL,
+                0x01a47bb8a3f27a6eUL});
+
+            InitialState(SKEIN_512, 224, new ulong[]{
+                0xccd0616248677224UL,
+                0xcba65cf3a92339efUL,
+                0x8ccd69d652ff4b64UL,
+                0x398aed7b3ab890b4UL,
+                0x0f59d1b1457d2bd0UL,
+                0x6776fe6575d4eb3dUL,
+                0x99fbc70e997413e9UL,
+                0x9e2cfccfe1c41ef7UL});
+
+            InitialState(SKEIN_512, 384, new ulong[]{
+                0xa3f6c6bf3a75ef5fUL,
+                0xb0fef9ccfd84faa4UL,
+                0x9d77dd663d770cfeUL,
+                0xd798cbf3b468fddaUL,
+                0x1bc4a6668a0e4465UL,
+                0x7ed7d434e5807407UL,
+                0x548fc1acd4ec44d6UL,
+                0x266e17546aa18ff8UL});
+
+            InitialState(SKEIN_512, 512, new ulong[]{
+                0x4903adff749c51ceUL,
+                0x0d95de399746df03UL,
+                0x8fd1934127c79bceUL,
+                0x9a255629ff352cb1UL,
+                0x5db62599df6ca7b0UL,
+                0xeabe394ca9d5c3f4UL,
+                0x991112c71a75b523UL,
+                0xae18a40b660fcc33UL});
+        }
+
+        private static void InitialState(int blockSize, int outputSize, ulong[] state)
+        {
+            INITIAL_STATES.Add(VariantIdentifier(blockSize / 8, outputSize / 8), state);
+        }
+
+        private static int VariantIdentifier(int blockSizeBytes, int outputSizeBytes)
+        {
+            return (outputSizeBytes << 16) | blockSizeBytes;
+        }
+
+        private class UbiTweak
+        {
+            /**
+             * Point at which position might overflow long, so switch to add with carry logic
+             */
+            private const ulong LOW_RANGE = UInt64.MaxValue - UInt32.MaxValue;
+
+            /**
+             * Bit 127 = final
+             */
+            private const ulong T1_FINAL = 1UL << 63;
+
+            /**
+             * Bit 126 = first
+             */
+            private const ulong T1_FIRST = 1UL << 62;
+
+            /**
+             * UBI uses a 128 bit tweak
+             */
+            private ulong[] tweak = new ulong[2];
+
+            /**
+             * Whether 64 bit position exceeded
+             */
+            private bool extendedPosition;
+
+            public UbiTweak()
+            {
+                Reset();
+            }
+
+            public void Reset(UbiTweak tweak)
+            {
+                this.tweak = Arrays.Clone(tweak.tweak, this.tweak);
+                this.extendedPosition = tweak.extendedPosition;
+            }
+
+            public void Reset()
+            {
+                tweak[0] = 0;
+                tweak[1] = 0;
+                extendedPosition = false;
+                First = true;
+            }
+
+            public uint Type 
+            {
+                get 
+                {
+                    return (uint)((tweak[1] >> 56) & 0x3FUL);
+                }
+
+                set 
+                {
+                    // Bits 120..125 = type
+                    tweak[1] = (tweak[1] & 0xFFFFFFC000000000UL) | ((value & 0x3FUL) << 56);
+                }
+            }
+
+            public bool First
+            {
+                get
+                {
+                    return ((tweak[1] & T1_FIRST) != 0);
+                }
+                set
+                {
+                    if (value)
+                    {
+                        tweak[1] |= T1_FIRST;
+                    }
+                    else
+                    {
+                        tweak[1] &= ~T1_FIRST;
+                    }
+                }
+            }
+
+            public bool Final
+            {
+                get
+                {
+                    return ((tweak[1] & T1_FINAL) != 0);
+                }
+                set
+                {
+                    if (value)
+                    {
+                        tweak[1] |= T1_FINAL;
+                    }
+                    else
+                    {
+                        tweak[1] &= ~T1_FINAL;
+                    }
+                }
+            }
+
+            /**
+             * Advances the position in the tweak by the specified value.
+             */
+            public void AdvancePosition(int advance)
+            {
+                // Bits 0..95 = position
+                if (extendedPosition)
+                {
+                    ulong[] parts = new ulong[3];
+                    parts[0] = tweak[0] & 0xFFFFFFFFUL;
+                    parts[1] = (tweak[0] >> 32) & 0xFFFFFFFFUL;
+                    parts[2] = tweak[1] & 0xFFFFFFFFUL;
+
+                    ulong carry = (ulong)advance;
+                    for (int i = 0; i < parts.Length; i++)
+                    {
+                        carry += parts[i];
+                        parts[i] = carry;
+                        carry >>= 32;
+                    }
+                    tweak[0] = ((parts[1] & 0xFFFFFFFFUL) << 32) | (parts[0] & 0xFFFFFFFFUL);
+                    tweak[1] = (tweak[1] & 0xFFFFFFFF00000000UL) | (parts[2] & 0xFFFFFFFFUL);
+                }
+                else
+                {
+                    ulong position = tweak[0];
+                    position += (uint)advance;
+                    tweak[0] = position;
+                    if (position > LOW_RANGE)
+                    {
+                        extendedPosition = true;
+                    }
+                }
+            }
+
+            public ulong[] GetWords()
+            {
+                return tweak;
+            }
+
+            public override string ToString()
+            {
+                return Type + " first: " + First + ", final: " + Final;
+            }
+
+        }
+
+        /**
+         * The Unique Block Iteration chaining mode.
+         */
+        // TODO: This might be better as methods...
+        private class UBI
+        {
+            private readonly UbiTweak tweak = new UbiTweak();
+
+            private readonly SkeinEngine engine;
+
+            /**
+             * Buffer for the current block of message data
+             */
+            private byte[] currentBlock;
+
+            /**
+             * Offset into the current message block
+             */
+            private int currentOffset;
+
+            /**
+             * Buffer for message words for feedback into encrypted block
+             */
+            private ulong[] message;
+
+            public UBI(SkeinEngine engine, int blockSize)
+            {
+                this.engine = engine;
+                currentBlock = new byte[blockSize];
+                message = new ulong[currentBlock.Length / 8];
+            }
+
+            public void Reset(UBI ubi)
+            {
+                currentBlock = Arrays.Clone(ubi.currentBlock, currentBlock);
+                currentOffset = ubi.currentOffset;
+                message = Arrays.Clone(ubi.message, this.message);
+                tweak.Reset(ubi.tweak);
+            }
+
+            public void Reset(int type)
+            {
+                tweak.Reset();
+                tweak.Type = (uint)type;
+                currentOffset = 0;
+            }
+
+            public void Update(byte[] value, int offset, int len, ulong[] output)
+            {
+                /*
+                 * Buffer complete blocks for the underlying Threefish cipher, only flushing when there
+                 * are subsequent bytes (last block must be processed in doFinal() with final=true set).
+                 */
+                int copied = 0;
+                while (len > copied)
+                {
+                    if (currentOffset == currentBlock.Length)
+                    {
+                        ProcessBlock(output);
+                        tweak.First = false;
+                        currentOffset = 0;
+                    }
+
+                    int toCopy = System.Math.Min((len - copied), currentBlock.Length - currentOffset);
+                    Array.Copy(value, offset + copied, currentBlock, currentOffset, toCopy);
+                    copied += toCopy;
+                    currentOffset += toCopy;
+                    tweak.AdvancePosition(toCopy);
+                }
+            }
+
+            private void ProcessBlock(ulong[] output)
+            {
+                engine.threefish.Init(true, engine.chain, tweak.GetWords());
+                for (int i = 0; i < message.Length; i++)
+                {
+                    message[i] = ThreefishEngine.BytesToWord(currentBlock, i * 8);
+                }
+
+                engine.threefish.ProcessBlock(message, output);
+
+                for (int i = 0; i < output.Length; i++)
+                {
+                    output[i] ^= message[i];
+                }
+            }
+
+            public void DoFinal(ulong[] output)
+            {
+                // Pad remainder of current block with zeroes
+                for (int i = currentOffset; i < currentBlock.Length; i++)
+                {
+                    currentBlock[i] = 0;
+                }
+
+                tweak.Final = true;
+                ProcessBlock(output);
+            }
+
+        }
+
+        /**
+         * Underlying Threefish tweakable block cipher
+         */
+        private readonly ThreefishEngine threefish;
+
+        /**
+         * Size of the digest output, in bytes
+         */
+        private readonly int outputSizeBytes;
+
+        /**
+         * The current chaining/state value
+         */
+        private ulong[] chain;
+
+        /**
+         * The initial state value
+         */
+        private ulong[] initialState;
+
+        /**
+         * The (optional) key parameter
+         */
+        private byte[] key;
+
+        /**
+         * Parameters to apply prior to the message
+         */
+        private Parameter[] preMessageParameters;
+
+        /**
+         * Parameters to apply after the message, but prior to output
+         */
+        private Parameter[] postMessageParameters;
+
+        /**
+         * The current UBI operation
+         */
+        private readonly UBI ubi;
+
+        /**
+         * Buffer for single byte update method
+         */
+        private readonly byte[] singleByte = new byte[1];
+
+        /// <summary>
+        /// Constructs a Skein digest with an internal state size and output size.
+        /// </summary>
+        /// <param name="blockSizeBits">the internal state size in bits - one of <see cref="SKEIN_256"/> <see cref="SKEIN_512"/> or
+        ///                       <see cref="SKEIN_1024"/>.</param>
+        /// <param name="outputSizeBits">the output/digest size to produce in bits, which must be an integral number of
+        ///                      bytes.</param>
+        public SkeinEngine(int blockSizeBits, int outputSizeBits)
+        {
+            if (outputSizeBits % 8 != 0)
+            {
+                throw new ArgumentException("Output size must be a multiple of 8 bits. :" + outputSizeBits);
+            }
+            // TODO: Prevent digest sizes > block size?
+            this.outputSizeBytes = outputSizeBits / 8;
+
+            this.threefish = new ThreefishEngine(blockSizeBits);
+            this.ubi = new UBI(this,threefish.GetBlockSize());
+        }
+
+        /// <summary>
+        /// Creates a SkeinEngine as an exact copy of an existing instance.
+        /// </summary>
+        public SkeinEngine(SkeinEngine engine)
+            : this(engine.BlockSize * 8, engine.OutputSize * 8)
+        {
+            CopyIn(engine);
+        }
+
+        private void CopyIn(SkeinEngine engine)
+        {
+            this.ubi.Reset(engine.ubi);
+            this.chain = Arrays.Clone(engine.chain, this.chain);
+            this.initialState = Arrays.Clone(engine.initialState, this.initialState);
+            this.key = Arrays.Clone(engine.key, this.key);
+            this.preMessageParameters = Clone(engine.preMessageParameters, this.preMessageParameters);
+            this.postMessageParameters = Clone(engine.postMessageParameters, this.postMessageParameters);
+        }
+
+        private static Parameter[] Clone(Parameter[] data, Parameter[] existing)
+        {
+            if (data == null)
+            {
+                return null;
+            }
+            if ((existing == null) || (existing.Length != data.Length))
+            {
+                existing = new Parameter[data.Length];
+            }
+            Array.Copy(data, 0, existing, 0, existing.Length);
+            return existing;
+        }
+
+        public IMemoable Copy()
+        {
+            return new SkeinEngine(this);
+        }
+
+        public void Reset(IMemoable other)
+        {
+            SkeinEngine s = (SkeinEngine)other;
+            if ((BlockSize != s.BlockSize) || (outputSizeBytes != s.outputSizeBytes))
+            {
+                throw new MemoableResetException("Incompatible parameters in provided SkeinEngine.");
+            }
+            CopyIn(s);
+        }
+
+        public int OutputSize
+        {
+            get { return outputSizeBytes; }
+        }
+
+        public int BlockSize
+        {
+            get { return threefish.GetBlockSize (); }
+        }
+
+        /// <summary>
+        /// Initialises the Skein engine with the provided parameters. See <see cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"/> for
+        /// details on the parameterisation of the Skein hash function.
+        /// </summary>
+        /// <param name="parameters">the parameters to apply to this engine, or <code>null</code> to use no parameters.</param>
+        public void Init(SkeinParameters parameters)
+        {
+            this.chain = null;
+            this.key = null;
+            this.preMessageParameters = null;
+            this.postMessageParameters = null;
+
+            if (parameters != null)
+            {
+                byte[] key = parameters.GetKey();
+                if (key.Length < 16)
+                {
+                    throw new ArgumentException("Skein key must be at least 128 bits.");
+                }
+                InitParams(parameters.GetParameters());
+            }
+            CreateInitialState();
+
+            // Initialise message block
+            UbiInit(PARAM_TYPE_MESSAGE);
+        }
+
+        private void InitParams(IDictionary parameters)
+        {
+            IEnumerator keys = parameters.Keys.GetEnumerator();
+            IList pre = Platform.CreateArrayList();
+            IList post = Platform.CreateArrayList();
+
+            while (keys.MoveNext())
+            {
+                int type = (int)keys.Current;
+                byte[] value = (byte[])parameters[type];
+
+                if (type == PARAM_TYPE_KEY)
+                {
+                    this.key = value;
+                }
+                else if (type < PARAM_TYPE_MESSAGE)
+                {
+                    pre.Add(new Parameter(type, value));
+                }
+                else
+                {
+                    post.Add(new Parameter(type, value));
+                }
+            }
+            preMessageParameters = new Parameter[pre.Count];
+            pre.CopyTo(preMessageParameters, 0);
+            Array.Sort(preMessageParameters);
+
+            postMessageParameters = new Parameter[post.Count];
+            post.CopyTo(postMessageParameters, 0);
+            Array.Sort(postMessageParameters);
+        }
+
+        /**
+         * Calculate the initial (pre message block) chaining state.
+         */
+        private void CreateInitialState()
+        {
+            ulong[] precalc = (ulong[])INITIAL_STATES[VariantIdentifier(BlockSize, OutputSize)];
+            if ((key == null) && (precalc != null))
+            {
+                // Precalculated UBI(CFG)
+                chain = Arrays.Clone(precalc);
+            }
+            else
+            {
+                // Blank initial state
+                chain = new ulong[BlockSize / 8];
+
+                // Process key block
+                if (key != null)
+                {
+                    UbiComplete(SkeinParameters.PARAM_TYPE_KEY, key);
+                }
+
+                // Process configuration block
+                UbiComplete(PARAM_TYPE_CONFIG, new Configuration(outputSizeBytes * 8).Bytes);
+            }
+
+            // Process additional pre-message parameters
+            if (preMessageParameters != null)
+            {
+                for (int i = 0; i < preMessageParameters.Length; i++)
+                {
+                    Parameter param = preMessageParameters[i];
+                    UbiComplete(param.Type, param.Value);
+                }
+            }
+            initialState = Arrays.Clone(chain);
+        }
+
+        /// <summary>
+        /// Reset the engine to the initial state (with the key and any pre-message parameters , ready to
+        /// accept message input.
+        /// </summary>
+        public void Reset()
+        {
+            Array.Copy(initialState, 0, chain, 0, chain.Length);
+
+            UbiInit(PARAM_TYPE_MESSAGE);
+        }
+
+        private void UbiComplete(int type, byte[] value)
+        {
+            UbiInit(type);
+            this.ubi.Update(value, 0, value.Length, chain);
+            UbiFinal();
+        }
+
+        private void UbiInit(int type)
+        {
+            this.ubi.Reset(type);
+        }
+
+        private void UbiFinal()
+        {
+            ubi.DoFinal(chain);
+        }
+
+        private void CheckInitialised()
+        {
+            if (this.ubi == null)
+            {
+                throw new ArgumentException("Skein engine is not initialised.");
+            }
+        }
+
+        public void Update(byte inByte)
+        {
+            singleByte[0] = inByte;
+            Update(singleByte, 0, 1);
+        }
+
+        public void Update(byte[] inBytes, int inOff, int len)
+        {
+            CheckInitialised();
+            ubi.Update(inBytes, inOff, len, chain);
+        }
+
+        public int DoFinal(byte[] outBytes, int outOff)
+        {
+            CheckInitialised();
+            if (outBytes.Length < (outOff + outputSizeBytes))
+            {
+                throw new DataLengthException("Output buffer is too short to hold output");
+            }
+
+            // Finalise message block
+            UbiFinal();
+
+            // Process additional post-message parameters
+            if (postMessageParameters != null)
+            {
+                for (int i = 0; i < postMessageParameters.Length; i++)
+                {
+                    Parameter param = postMessageParameters[i];
+                    UbiComplete(param.Type, param.Value);
+                }
+            }
+
+            // Perform the output transform
+            int blockSize = BlockSize;
+            int blocksRequired = ((outputSizeBytes + blockSize - 1) / blockSize);
+            for (int i = 0; i < blocksRequired; i++)
+            {
+                int toWrite = System.Math.Min(blockSize, outputSizeBytes - (i * blockSize));
+                Output((ulong)i, outBytes, outOff + (i * blockSize), toWrite);
+            }
+
+            Reset();
+
+            return outputSizeBytes;
+        }
+
+        private void Output(ulong outputSequence, byte[] outBytes, int outOff, int outputBytes)
+        {
+            byte[] currentBytes = new byte[8];
+            ThreefishEngine.WordToBytes(outputSequence, currentBytes, 0);
+
+            // Output is a sequence of UBI invocations all of which use and preserve the pre-output
+            // state
+            ulong[] outputWords = new ulong[chain.Length];
+            UbiInit(PARAM_TYPE_OUTPUT);
+            this.ubi.Update(currentBytes, 0, currentBytes.Length, outputWords);
+            ubi.DoFinal(outputWords);
+
+            int wordsRequired = ((outputBytes + 8 - 1) / 8);
+            for (int i = 0; i < wordsRequired; i++)
+            {
+                int toWrite = System.Math.Min(8, outputBytes - (i * 8));
+                if (toWrite == 8)
+                {
+                    ThreefishEngine.WordToBytes(outputWords[i], outBytes, outOff + (i * 8));
+                }
+                else
+                {
+                    ThreefishEngine.WordToBytes(outputWords[i], currentBytes, 0);
+                    Array.Copy(currentBytes, 0, outBytes, outOff + (i * 8), toWrite);
+                }
+            }
+        }
+
+    }
+}
+
diff --git a/bc-sharp-crypto/src/crypto/digests/TigerDigest.cs b/bc-sharp-crypto/src/crypto/digests/TigerDigest.cs
new file mode 100644
index 0000000..059232d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/TigerDigest.cs
@@ -0,0 +1,883 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+    /**
+    * implementation of Tiger based on:
+    * <a href="http://www.cs.technion.ac.il/~biham/Reports/Tiger">
+    *  http://www.cs.technion.ac.il/~biham/Reports/Tiger</a>
+    */
+    public class TigerDigest
+		: IDigest, IMemoable
+    {
+        private const int MyByteLength = 64;
+
+        /*
+        * S-Boxes.
+        */
+        private static readonly long[] t1 = {
+            unchecked((long) 0x02AAB17CF7E90C5EL)   /*    0 */,    unchecked((long) 0xAC424B03E243A8ECL)   /*    1 */,
+            unchecked((long) 0x72CD5BE30DD5FCD3L)   /*    2 */,    unchecked((long) 0x6D019B93F6F97F3AL)   /*    3 */,
+            unchecked((long) 0xCD9978FFD21F9193L)   /*    4 */,    unchecked((long) 0x7573A1C9708029E2L)   /*    5 */,
+            unchecked((long) 0xB164326B922A83C3L)   /*    6 */,    unchecked((long) 0x46883EEE04915870L)   /*    7 */,
+            unchecked((long) 0xEAACE3057103ECE6L)   /*    8 */,    unchecked((long) 0xC54169B808A3535CL)   /*    9 */,
+            unchecked((long) 0x4CE754918DDEC47CL)   /*   10 */,    unchecked((long) 0x0AA2F4DFDC0DF40CL)   /*   11 */,
+            unchecked((long) 0x10B76F18A74DBEFAL)   /*   12 */,    unchecked((long) 0xC6CCB6235AD1AB6AL)   /*   13 */,
+            unchecked((long) 0x13726121572FE2FFL)   /*   14 */,    unchecked((long) 0x1A488C6F199D921EL)   /*   15 */,
+            unchecked((long) 0x4BC9F9F4DA0007CAL)   /*   16 */,    unchecked((long) 0x26F5E6F6E85241C7L)   /*   17 */,
+            unchecked((long) 0x859079DBEA5947B6L)   /*   18 */,    unchecked((long) 0x4F1885C5C99E8C92L)   /*   19 */,
+            unchecked((long) 0xD78E761EA96F864BL)   /*   20 */,    unchecked((long) 0x8E36428C52B5C17DL)   /*   21 */,
+            unchecked((long) 0x69CF6827373063C1L)   /*   22 */,    unchecked((long) 0xB607C93D9BB4C56EL)   /*   23 */,
+            unchecked((long) 0x7D820E760E76B5EAL)   /*   24 */,    unchecked((long) 0x645C9CC6F07FDC42L)   /*   25 */,
+            unchecked((long) 0xBF38A078243342E0L)   /*   26 */,    unchecked((long) 0x5F6B343C9D2E7D04L)   /*   27 */,
+            unchecked((long) 0xF2C28AEB600B0EC6L)   /*   28 */,    unchecked((long) 0x6C0ED85F7254BCACL)   /*   29 */,
+            unchecked((long) 0x71592281A4DB4FE5L)   /*   30 */,    unchecked((long) 0x1967FA69CE0FED9FL)   /*   31 */,
+            unchecked((long) 0xFD5293F8B96545DBL)   /*   32 */,    unchecked((long) 0xC879E9D7F2A7600BL)   /*   33 */,
+            unchecked((long) 0x860248920193194EL)   /*   34 */,    unchecked((long) 0xA4F9533B2D9CC0B3L)   /*   35 */,
+            unchecked((long) 0x9053836C15957613L)   /*   36 */,    unchecked((long) 0xDB6DCF8AFC357BF1L)   /*   37 */,
+            unchecked((long) 0x18BEEA7A7A370F57L)   /*   38 */,    unchecked((long) 0x037117CA50B99066L)   /*   39 */,
+            unchecked((long) 0x6AB30A9774424A35L)   /*   40 */,    unchecked((long) 0xF4E92F02E325249BL)   /*   41 */,
+            unchecked((long) 0x7739DB07061CCAE1L)   /*   42 */,    unchecked((long) 0xD8F3B49CECA42A05L)   /*   43 */,
+            unchecked((long) 0xBD56BE3F51382F73L)   /*   44 */,    unchecked((long) 0x45FAED5843B0BB28L)   /*   45 */,
+            unchecked((long) 0x1C813D5C11BF1F83L)   /*   46 */,    unchecked((long) 0x8AF0E4B6D75FA169L)   /*   47 */,
+            unchecked((long) 0x33EE18A487AD9999L)   /*   48 */,    unchecked((long) 0x3C26E8EAB1C94410L)   /*   49 */,
+            unchecked((long) 0xB510102BC0A822F9L)   /*   50 */,    unchecked((long) 0x141EEF310CE6123BL)   /*   51 */,
+            unchecked((long) 0xFC65B90059DDB154L)   /*   52 */,    unchecked((long) 0xE0158640C5E0E607L)   /*   53 */,
+            unchecked((long) 0x884E079826C3A3CFL)   /*   54 */,    unchecked((long) 0x930D0D9523C535FDL)   /*   55 */,
+            unchecked((long) 0x35638D754E9A2B00L)   /*   56 */,    unchecked((long) 0x4085FCCF40469DD5L)   /*   57 */,
+            unchecked((long) 0xC4B17AD28BE23A4CL)   /*   58 */,    unchecked((long) 0xCAB2F0FC6A3E6A2EL)   /*   59 */,
+            unchecked((long) 0x2860971A6B943FCDL)   /*   60 */,    unchecked((long) 0x3DDE6EE212E30446L)   /*   61 */,
+            unchecked((long) 0x6222F32AE01765AEL)   /*   62 */,    unchecked((long) 0x5D550BB5478308FEL)   /*   63 */,
+            unchecked((long) 0xA9EFA98DA0EDA22AL)   /*   64 */,    unchecked((long) 0xC351A71686C40DA7L)   /*   65 */,
+            unchecked((long) 0x1105586D9C867C84L)   /*   66 */,    unchecked((long) 0xDCFFEE85FDA22853L)   /*   67 */,
+            unchecked((long) 0xCCFBD0262C5EEF76L)   /*   68 */,    unchecked((long) 0xBAF294CB8990D201L)   /*   69 */,
+            unchecked((long) 0xE69464F52AFAD975L)   /*   70 */,    unchecked((long) 0x94B013AFDF133E14L)   /*   71 */,
+            unchecked((long) 0x06A7D1A32823C958L)   /*   72 */,    unchecked((long) 0x6F95FE5130F61119L)   /*   73 */,
+            unchecked((long) 0xD92AB34E462C06C0L)   /*   74 */,    unchecked((long) 0xED7BDE33887C71D2L)   /*   75 */,
+            unchecked((long) 0x79746D6E6518393EL)   /*   76 */,    unchecked((long) 0x5BA419385D713329L)   /*   77 */,
+            unchecked((long) 0x7C1BA6B948A97564L)   /*   78 */,    unchecked((long) 0x31987C197BFDAC67L)   /*   79 */,
+            unchecked((long) 0xDE6C23C44B053D02L)   /*   80 */,    unchecked((long) 0x581C49FED002D64DL)   /*   81 */,
+            unchecked((long) 0xDD474D6338261571L)   /*   82 */,    unchecked((long) 0xAA4546C3E473D062L)   /*   83 */,
+            unchecked((long) 0x928FCE349455F860L)   /*   84 */,    unchecked((long) 0x48161BBACAAB94D9L)   /*   85 */,
+            unchecked((long) 0x63912430770E6F68L)   /*   86 */,    unchecked((long) 0x6EC8A5E602C6641CL)   /*   87 */,
+            unchecked((long) 0x87282515337DDD2BL)   /*   88 */,    unchecked((long) 0x2CDA6B42034B701BL)   /*   89 */,
+            unchecked((long) 0xB03D37C181CB096DL)   /*   90 */,    unchecked((long) 0xE108438266C71C6FL)   /*   91 */,
+            unchecked((long) 0x2B3180C7EB51B255L)   /*   92 */,    unchecked((long) 0xDF92B82F96C08BBCL)   /*   93 */,
+            unchecked((long) 0x5C68C8C0A632F3BAL)   /*   94 */,    unchecked((long) 0x5504CC861C3D0556L)   /*   95 */,
+            unchecked((long) 0xABBFA4E55FB26B8FL)   /*   96 */,    unchecked((long) 0x41848B0AB3BACEB4L)   /*   97 */,
+            unchecked((long) 0xB334A273AA445D32L)   /*   98 */,    unchecked((long) 0xBCA696F0A85AD881L)   /*   99 */,
+            unchecked((long) 0x24F6EC65B528D56CL)   /*  100 */,    unchecked((long) 0x0CE1512E90F4524AL)   /*  101 */,
+            unchecked((long) 0x4E9DD79D5506D35AL)   /*  102 */,    unchecked((long) 0x258905FAC6CE9779L)   /*  103 */,
+            unchecked((long) 0x2019295B3E109B33L)   /*  104 */,    unchecked((long) 0xF8A9478B73A054CCL)   /*  105 */,
+            unchecked((long) 0x2924F2F934417EB0L)   /*  106 */,    unchecked((long) 0x3993357D536D1BC4L)   /*  107 */,
+            unchecked((long) 0x38A81AC21DB6FF8BL)   /*  108 */,    unchecked((long) 0x47C4FBF17D6016BFL)   /*  109 */,
+            unchecked((long) 0x1E0FAADD7667E3F5L)   /*  110 */,    unchecked((long) 0x7ABCFF62938BEB96L)   /*  111 */,
+            unchecked((long) 0xA78DAD948FC179C9L)   /*  112 */,    unchecked((long) 0x8F1F98B72911E50DL)   /*  113 */,
+            unchecked((long) 0x61E48EAE27121A91L)   /*  114 */,    unchecked((long) 0x4D62F7AD31859808L)   /*  115 */,
+            unchecked((long) 0xECEBA345EF5CEAEBL)   /*  116 */,    unchecked((long) 0xF5CEB25EBC9684CEL)   /*  117 */,
+            unchecked((long) 0xF633E20CB7F76221L)   /*  118 */,    unchecked((long) 0xA32CDF06AB8293E4L)   /*  119 */,
+            unchecked((long) 0x985A202CA5EE2CA4L)   /*  120 */,    unchecked((long) 0xCF0B8447CC8A8FB1L)   /*  121 */,
+            unchecked((long) 0x9F765244979859A3L)   /*  122 */,    unchecked((long) 0xA8D516B1A1240017L)   /*  123 */,
+            unchecked((long) 0x0BD7BA3EBB5DC726L)   /*  124 */,    unchecked((long) 0xE54BCA55B86ADB39L)   /*  125 */,
+            unchecked((long) 0x1D7A3AFD6C478063L)   /*  126 */,    unchecked((long) 0x519EC608E7669EDDL)   /*  127 */,
+            unchecked((long) 0x0E5715A2D149AA23L)   /*  128 */,    unchecked((long) 0x177D4571848FF194L)   /*  129 */,
+            unchecked((long) 0xEEB55F3241014C22L)   /*  130 */,    unchecked((long) 0x0F5E5CA13A6E2EC2L)   /*  131 */,
+            unchecked((long) 0x8029927B75F5C361L)   /*  132 */,    unchecked((long) 0xAD139FABC3D6E436L)   /*  133 */,
+            unchecked((long) 0x0D5DF1A94CCF402FL)   /*  134 */,    unchecked((long) 0x3E8BD948BEA5DFC8L)   /*  135 */,
+            unchecked((long) 0xA5A0D357BD3FF77EL)   /*  136 */,    unchecked((long) 0xA2D12E251F74F645L)   /*  137 */,
+            unchecked((long) 0x66FD9E525E81A082L)   /*  138 */,    unchecked((long) 0x2E0C90CE7F687A49L)   /*  139 */,
+            unchecked((long) 0xC2E8BCBEBA973BC5L)   /*  140 */,    unchecked((long) 0x000001BCE509745FL)   /*  141 */,
+            unchecked((long) 0x423777BBE6DAB3D6L)   /*  142 */,    unchecked((long) 0xD1661C7EAEF06EB5L)   /*  143 */,
+            unchecked((long) 0xA1781F354DAACFD8L)   /*  144 */,    unchecked((long) 0x2D11284A2B16AFFCL)   /*  145 */,
+            unchecked((long) 0xF1FC4F67FA891D1FL)   /*  146 */,    unchecked((long) 0x73ECC25DCB920ADAL)   /*  147 */,
+            unchecked((long) 0xAE610C22C2A12651L)   /*  148 */,    unchecked((long) 0x96E0A810D356B78AL)   /*  149 */,
+            unchecked((long) 0x5A9A381F2FE7870FL)   /*  150 */,    unchecked((long) 0xD5AD62EDE94E5530L)   /*  151 */,
+            unchecked((long) 0xD225E5E8368D1427L)   /*  152 */,    unchecked((long) 0x65977B70C7AF4631L)   /*  153 */,
+            unchecked((long) 0x99F889B2DE39D74FL)   /*  154 */,    unchecked((long) 0x233F30BF54E1D143L)   /*  155 */,
+            unchecked((long) 0x9A9675D3D9A63C97L)   /*  156 */,    unchecked((long) 0x5470554FF334F9A8L)   /*  157 */,
+            unchecked((long) 0x166ACB744A4F5688L)   /*  158 */,    unchecked((long) 0x70C74CAAB2E4AEADL)   /*  159 */,
+            unchecked((long) 0xF0D091646F294D12L)   /*  160 */,    unchecked((long) 0x57B82A89684031D1L)   /*  161 */,
+            unchecked((long) 0xEFD95A5A61BE0B6BL)   /*  162 */,    unchecked((long) 0x2FBD12E969F2F29AL)   /*  163 */,
+            unchecked((long) 0x9BD37013FEFF9FE8L)   /*  164 */,    unchecked((long) 0x3F9B0404D6085A06L)   /*  165 */,
+            unchecked((long) 0x4940C1F3166CFE15L)   /*  166 */,    unchecked((long) 0x09542C4DCDF3DEFBL)   /*  167 */,
+            unchecked((long) 0xB4C5218385CD5CE3L)   /*  168 */,    unchecked((long) 0xC935B7DC4462A641L)   /*  169 */,
+            unchecked((long) 0x3417F8A68ED3B63FL)   /*  170 */,    unchecked((long) 0xB80959295B215B40L)   /*  171 */,
+            unchecked((long) 0xF99CDAEF3B8C8572L)   /*  172 */,    unchecked((long) 0x018C0614F8FCB95DL)   /*  173 */,
+            unchecked((long) 0x1B14ACCD1A3ACDF3L)   /*  174 */,    unchecked((long) 0x84D471F200BB732DL)   /*  175 */,
+            unchecked((long) 0xC1A3110E95E8DA16L)   /*  176 */,    unchecked((long) 0x430A7220BF1A82B8L)   /*  177 */,
+            unchecked((long) 0xB77E090D39DF210EL)   /*  178 */,    unchecked((long) 0x5EF4BD9F3CD05E9DL)   /*  179 */,
+            unchecked((long) 0x9D4FF6DA7E57A444L)   /*  180 */,    unchecked((long) 0xDA1D60E183D4A5F8L)   /*  181 */,
+            unchecked((long) 0xB287C38417998E47L)   /*  182 */,    unchecked((long) 0xFE3EDC121BB31886L)   /*  183 */,
+            unchecked((long) 0xC7FE3CCC980CCBEFL)   /*  184 */,    unchecked((long) 0xE46FB590189BFD03L)   /*  185 */,
+            unchecked((long) 0x3732FD469A4C57DCL)   /*  186 */,    unchecked((long) 0x7EF700A07CF1AD65L)   /*  187 */,
+            unchecked((long) 0x59C64468A31D8859L)   /*  188 */,    unchecked((long) 0x762FB0B4D45B61F6L)   /*  189 */,
+            unchecked((long) 0x155BAED099047718L)   /*  190 */,    unchecked((long) 0x68755E4C3D50BAA6L)   /*  191 */,
+            unchecked((long) 0xE9214E7F22D8B4DFL)   /*  192 */,    unchecked((long) 0x2ADDBF532EAC95F4L)   /*  193 */,
+            unchecked((long) 0x32AE3909B4BD0109L)   /*  194 */,    unchecked((long) 0x834DF537B08E3450L)   /*  195 */,
+            unchecked((long) 0xFA209DA84220728DL)   /*  196 */,    unchecked((long) 0x9E691D9B9EFE23F7L)   /*  197 */,
+            unchecked((long) 0x0446D288C4AE8D7FL)   /*  198 */,    unchecked((long) 0x7B4CC524E169785BL)   /*  199 */,
+            unchecked((long) 0x21D87F0135CA1385L)   /*  200 */,    unchecked((long) 0xCEBB400F137B8AA5L)   /*  201 */,
+            unchecked((long) 0x272E2B66580796BEL)   /*  202 */,    unchecked((long) 0x3612264125C2B0DEL)   /*  203 */,
+            unchecked((long) 0x057702BDAD1EFBB2L)   /*  204 */,    unchecked((long) 0xD4BABB8EACF84BE9L)   /*  205 */,
+            unchecked((long) 0x91583139641BC67BL)   /*  206 */,    unchecked((long) 0x8BDC2DE08036E024L)   /*  207 */,
+            unchecked((long) 0x603C8156F49F68EDL)   /*  208 */,    unchecked((long) 0xF7D236F7DBEF5111L)   /*  209 */,
+            unchecked((long) 0x9727C4598AD21E80L)   /*  210 */,    unchecked((long) 0xA08A0896670A5FD7L)   /*  211 */,
+            unchecked((long) 0xCB4A8F4309EBA9CBL)   /*  212 */,    unchecked((long) 0x81AF564B0F7036A1L)   /*  213 */,
+            unchecked((long) 0xC0B99AA778199ABDL)   /*  214 */,    unchecked((long) 0x959F1EC83FC8E952L)   /*  215 */,
+            unchecked((long) 0x8C505077794A81B9L)   /*  216 */,    unchecked((long) 0x3ACAAF8F056338F0L)   /*  217 */,
+            unchecked((long) 0x07B43F50627A6778L)   /*  218 */,    unchecked((long) 0x4A44AB49F5ECCC77L)   /*  219 */,
+            unchecked((long) 0x3BC3D6E4B679EE98L)   /*  220 */,    unchecked((long) 0x9CC0D4D1CF14108CL)   /*  221 */,
+            unchecked((long) 0x4406C00B206BC8A0L)   /*  222 */,    unchecked((long) 0x82A18854C8D72D89L)   /*  223 */,
+            unchecked((long) 0x67E366B35C3C432CL)   /*  224 */,    unchecked((long) 0xB923DD61102B37F2L)   /*  225 */,
+            unchecked((long) 0x56AB2779D884271DL)   /*  226 */,    unchecked((long) 0xBE83E1B0FF1525AFL)   /*  227 */,
+            unchecked((long) 0xFB7C65D4217E49A9L)   /*  228 */,    unchecked((long) 0x6BDBE0E76D48E7D4L)   /*  229 */,
+            unchecked((long) 0x08DF828745D9179EL)   /*  230 */,    unchecked((long) 0x22EA6A9ADD53BD34L)   /*  231 */,
+            unchecked((long) 0xE36E141C5622200AL)   /*  232 */,    unchecked((long) 0x7F805D1B8CB750EEL)   /*  233 */,
+            unchecked((long) 0xAFE5C7A59F58E837L)   /*  234 */,    unchecked((long) 0xE27F996A4FB1C23CL)   /*  235 */,
+            unchecked((long) 0xD3867DFB0775F0D0L)   /*  236 */,    unchecked((long) 0xD0E673DE6E88891AL)   /*  237 */,
+            unchecked((long) 0x123AEB9EAFB86C25L)   /*  238 */,    unchecked((long) 0x30F1D5D5C145B895L)   /*  239 */,
+            unchecked((long) 0xBB434A2DEE7269E7L)   /*  240 */,    unchecked((long) 0x78CB67ECF931FA38L)   /*  241 */,
+            unchecked((long) 0xF33B0372323BBF9CL)   /*  242 */,    unchecked((long) 0x52D66336FB279C74L)   /*  243 */,
+            unchecked((long) 0x505F33AC0AFB4EAAL)   /*  244 */,    unchecked((long) 0xE8A5CD99A2CCE187L)   /*  245 */,
+            unchecked((long) 0x534974801E2D30BBL)   /*  246 */,    unchecked((long) 0x8D2D5711D5876D90L)   /*  247 */,
+            unchecked((long) 0x1F1A412891BC038EL)   /*  248 */,    unchecked((long) 0xD6E2E71D82E56648L)   /*  249 */,
+            unchecked((long) 0x74036C3A497732B7L)   /*  250 */,    unchecked((long) 0x89B67ED96361F5ABL)   /*  251 */,
+            unchecked((long) 0xFFED95D8F1EA02A2L)   /*  252 */,    unchecked((long) 0xE72B3BD61464D43DL)   /*  253 */,
+            unchecked((long) 0xA6300F170BDC4820L)   /*  254 */,    unchecked((long) 0xEBC18760ED78A77AL)   /*  255 */,
+        };
+
+        private static readonly long[] t2 = {
+            unchecked((long) 0xE6A6BE5A05A12138L)   /*  256 */,    unchecked((long) 0xB5A122A5B4F87C98L)   /*  257 */,
+            unchecked((long) 0x563C6089140B6990L)   /*  258 */,    unchecked((long) 0x4C46CB2E391F5DD5L)   /*  259 */,
+            unchecked((long) 0xD932ADDBC9B79434L)   /*  260 */,    unchecked((long) 0x08EA70E42015AFF5L)   /*  261 */,
+            unchecked((long) 0xD765A6673E478CF1L)   /*  262 */,    unchecked((long) 0xC4FB757EAB278D99L)   /*  263 */,
+            unchecked((long) 0xDF11C6862D6E0692L)   /*  264 */,    unchecked((long) 0xDDEB84F10D7F3B16L)   /*  265 */,
+            unchecked((long) 0x6F2EF604A665EA04L)   /*  266 */,    unchecked((long) 0x4A8E0F0FF0E0DFB3L)   /*  267 */,
+            unchecked((long) 0xA5EDEEF83DBCBA51L)   /*  268 */,    unchecked((long) 0xFC4F0A2A0EA4371EL)   /*  269 */,
+            unchecked((long) 0xE83E1DA85CB38429L)   /*  270 */,    unchecked((long) 0xDC8FF882BA1B1CE2L)   /*  271 */,
+            unchecked((long) 0xCD45505E8353E80DL)   /*  272 */,    unchecked((long) 0x18D19A00D4DB0717L)   /*  273 */,
+            unchecked((long) 0x34A0CFEDA5F38101L)   /*  274 */,    unchecked((long) 0x0BE77E518887CAF2L)   /*  275 */,
+            unchecked((long) 0x1E341438B3C45136L)   /*  276 */,    unchecked((long) 0xE05797F49089CCF9L)   /*  277 */,
+            unchecked((long) 0xFFD23F9DF2591D14L)   /*  278 */,    unchecked((long) 0x543DDA228595C5CDL)   /*  279 */,
+            unchecked((long) 0x661F81FD99052A33L)   /*  280 */,    unchecked((long) 0x8736E641DB0F7B76L)   /*  281 */,
+            unchecked((long) 0x15227725418E5307L)   /*  282 */,    unchecked((long) 0xE25F7F46162EB2FAL)   /*  283 */,
+            unchecked((long) 0x48A8B2126C13D9FEL)   /*  284 */,    unchecked((long) 0xAFDC541792E76EEAL)   /*  285 */,
+            unchecked((long) 0x03D912BFC6D1898FL)   /*  286 */,    unchecked((long) 0x31B1AAFA1B83F51BL)   /*  287 */,
+            unchecked((long) 0xF1AC2796E42AB7D9L)   /*  288 */,    unchecked((long) 0x40A3A7D7FCD2EBACL)   /*  289 */,
+            unchecked((long) 0x1056136D0AFBBCC5L)   /*  290 */,    unchecked((long) 0x7889E1DD9A6D0C85L)   /*  291 */,
+            unchecked((long) 0xD33525782A7974AAL)   /*  292 */,    unchecked((long) 0xA7E25D09078AC09BL)   /*  293 */,
+            unchecked((long) 0xBD4138B3EAC6EDD0L)   /*  294 */,    unchecked((long) 0x920ABFBE71EB9E70L)   /*  295 */,
+            unchecked((long) 0xA2A5D0F54FC2625CL)   /*  296 */,    unchecked((long) 0xC054E36B0B1290A3L)   /*  297 */,
+            unchecked((long) 0xF6DD59FF62FE932BL)   /*  298 */,    unchecked((long) 0x3537354511A8AC7DL)   /*  299 */,
+            unchecked((long) 0xCA845E9172FADCD4L)   /*  300 */,    unchecked((long) 0x84F82B60329D20DCL)   /*  301 */,
+            unchecked((long) 0x79C62CE1CD672F18L)   /*  302 */,    unchecked((long) 0x8B09A2ADD124642CL)   /*  303 */,
+            unchecked((long) 0xD0C1E96A19D9E726L)   /*  304 */,    unchecked((long) 0x5A786A9B4BA9500CL)   /*  305 */,
+            unchecked((long) 0x0E020336634C43F3L)   /*  306 */,    unchecked((long) 0xC17B474AEB66D822L)   /*  307 */,
+            unchecked((long) 0x6A731AE3EC9BAAC2L)   /*  308 */,    unchecked((long) 0x8226667AE0840258L)   /*  309 */,
+            unchecked((long) 0x67D4567691CAECA5L)   /*  310 */,    unchecked((long) 0x1D94155C4875ADB5L)   /*  311 */,
+            unchecked((long) 0x6D00FD985B813FDFL)   /*  312 */,    unchecked((long) 0x51286EFCB774CD06L)   /*  313 */,
+            unchecked((long) 0x5E8834471FA744AFL)   /*  314 */,    unchecked((long) 0xF72CA0AEE761AE2EL)   /*  315 */,
+            unchecked((long) 0xBE40E4CDAEE8E09AL)   /*  316 */,    unchecked((long) 0xE9970BBB5118F665L)   /*  317 */,
+            unchecked((long) 0x726E4BEB33DF1964L)   /*  318 */,    unchecked((long) 0x703B000729199762L)   /*  319 */,
+            unchecked((long) 0x4631D816F5EF30A7L)   /*  320 */,    unchecked((long) 0xB880B5B51504A6BEL)   /*  321 */,
+            unchecked((long) 0x641793C37ED84B6CL)   /*  322 */,    unchecked((long) 0x7B21ED77F6E97D96L)   /*  323 */,
+            unchecked((long) 0x776306312EF96B73L)   /*  324 */,    unchecked((long) 0xAE528948E86FF3F4L)   /*  325 */,
+            unchecked((long) 0x53DBD7F286A3F8F8L)   /*  326 */,    unchecked((long) 0x16CADCE74CFC1063L)   /*  327 */,
+            unchecked((long) 0x005C19BDFA52C6DDL)   /*  328 */,    unchecked((long) 0x68868F5D64D46AD3L)   /*  329 */,
+            unchecked((long) 0x3A9D512CCF1E186AL)   /*  330 */,    unchecked((long) 0x367E62C2385660AEL)   /*  331 */,
+            unchecked((long) 0xE359E7EA77DCB1D7L)   /*  332 */,    unchecked((long) 0x526C0773749ABE6EL)   /*  333 */,
+            unchecked((long) 0x735AE5F9D09F734BL)   /*  334 */,    unchecked((long) 0x493FC7CC8A558BA8L)   /*  335 */,
+            unchecked((long) 0xB0B9C1533041AB45L)   /*  336 */,    unchecked((long) 0x321958BA470A59BDL)   /*  337 */,
+            unchecked((long) 0x852DB00B5F46C393L)   /*  338 */,    unchecked((long) 0x91209B2BD336B0E5L)   /*  339 */,
+            unchecked((long) 0x6E604F7D659EF19FL)   /*  340 */,    unchecked((long) 0xB99A8AE2782CCB24L)   /*  341 */,
+            unchecked((long) 0xCCF52AB6C814C4C7L)   /*  342 */,    unchecked((long) 0x4727D9AFBE11727BL)   /*  343 */,
+            unchecked((long) 0x7E950D0C0121B34DL)   /*  344 */,    unchecked((long) 0x756F435670AD471FL)   /*  345 */,
+            unchecked((long) 0xF5ADD442615A6849L)   /*  346 */,    unchecked((long) 0x4E87E09980B9957AL)   /*  347 */,
+            unchecked((long) 0x2ACFA1DF50AEE355L)   /*  348 */,    unchecked((long) 0xD898263AFD2FD556L)   /*  349 */,
+            unchecked((long) 0xC8F4924DD80C8FD6L)   /*  350 */,    unchecked((long) 0xCF99CA3D754A173AL)   /*  351 */,
+            unchecked((long) 0xFE477BACAF91BF3CL)   /*  352 */,    unchecked((long) 0xED5371F6D690C12DL)   /*  353 */,
+            unchecked((long) 0x831A5C285E687094L)   /*  354 */,    unchecked((long) 0xC5D3C90A3708A0A4L)   /*  355 */,
+            unchecked((long) 0x0F7F903717D06580L)   /*  356 */,    unchecked((long) 0x19F9BB13B8FDF27FL)   /*  357 */,
+            unchecked((long) 0xB1BD6F1B4D502843L)   /*  358 */,    unchecked((long) 0x1C761BA38FFF4012L)   /*  359 */,
+            unchecked((long) 0x0D1530C4E2E21F3BL)   /*  360 */,    unchecked((long) 0x8943CE69A7372C8AL)   /*  361 */,
+            unchecked((long) 0xE5184E11FEB5CE66L)   /*  362 */,    unchecked((long) 0x618BDB80BD736621L)   /*  363 */,
+            unchecked((long) 0x7D29BAD68B574D0BL)   /*  364 */,    unchecked((long) 0x81BB613E25E6FE5BL)   /*  365 */,
+            unchecked((long) 0x071C9C10BC07913FL)   /*  366 */,    unchecked((long) 0xC7BEEB7909AC2D97L)   /*  367 */,
+            unchecked((long) 0xC3E58D353BC5D757L)   /*  368 */,    unchecked((long) 0xEB017892F38F61E8L)   /*  369 */,
+            unchecked((long) 0xD4EFFB9C9B1CC21AL)   /*  370 */,    unchecked((long) 0x99727D26F494F7ABL)   /*  371 */,
+            unchecked((long) 0xA3E063A2956B3E03L)   /*  372 */,    unchecked((long) 0x9D4A8B9A4AA09C30L)   /*  373 */,
+            unchecked((long) 0x3F6AB7D500090FB4L)   /*  374 */,    unchecked((long) 0x9CC0F2A057268AC0L)   /*  375 */,
+            unchecked((long) 0x3DEE9D2DEDBF42D1L)   /*  376 */,    unchecked((long) 0x330F49C87960A972L)   /*  377 */,
+            unchecked((long) 0xC6B2720287421B41L)   /*  378 */,    unchecked((long) 0x0AC59EC07C00369CL)   /*  379 */,
+            unchecked((long) 0xEF4EAC49CB353425L)   /*  380 */,    unchecked((long) 0xF450244EEF0129D8L)   /*  381 */,
+            unchecked((long) 0x8ACC46E5CAF4DEB6L)   /*  382 */,    unchecked((long) 0x2FFEAB63989263F7L)   /*  383 */,
+            unchecked((long) 0x8F7CB9FE5D7A4578L)   /*  384 */,    unchecked((long) 0x5BD8F7644E634635L)   /*  385 */,
+            unchecked((long) 0x427A7315BF2DC900L)   /*  386 */,    unchecked((long) 0x17D0C4AA2125261CL)   /*  387 */,
+            unchecked((long) 0x3992486C93518E50L)   /*  388 */,    unchecked((long) 0xB4CBFEE0A2D7D4C3L)   /*  389 */,
+            unchecked((long) 0x7C75D6202C5DDD8DL)   /*  390 */,    unchecked((long) 0xDBC295D8E35B6C61L)   /*  391 */,
+            unchecked((long) 0x60B369D302032B19L)   /*  392 */,    unchecked((long) 0xCE42685FDCE44132L)   /*  393 */,
+            unchecked((long) 0x06F3DDB9DDF65610L)   /*  394 */,    unchecked((long) 0x8EA4D21DB5E148F0L)   /*  395 */,
+            unchecked((long) 0x20B0FCE62FCD496FL)   /*  396 */,    unchecked((long) 0x2C1B912358B0EE31L)   /*  397 */,
+            unchecked((long) 0xB28317B818F5A308L)   /*  398 */,    unchecked((long) 0xA89C1E189CA6D2CFL)   /*  399 */,
+            unchecked((long) 0x0C6B18576AAADBC8L)   /*  400 */,    unchecked((long) 0xB65DEAA91299FAE3L)   /*  401 */,
+            unchecked((long) 0xFB2B794B7F1027E7L)   /*  402 */,    unchecked((long) 0x04E4317F443B5BEBL)   /*  403 */,
+            unchecked((long) 0x4B852D325939D0A6L)   /*  404 */,    unchecked((long) 0xD5AE6BEEFB207FFCL)   /*  405 */,
+            unchecked((long) 0x309682B281C7D374L)   /*  406 */,    unchecked((long) 0xBAE309A194C3B475L)   /*  407 */,
+            unchecked((long) 0x8CC3F97B13B49F05L)   /*  408 */,    unchecked((long) 0x98A9422FF8293967L)   /*  409 */,
+            unchecked((long) 0x244B16B01076FF7CL)   /*  410 */,    unchecked((long) 0xF8BF571C663D67EEL)   /*  411 */,
+            unchecked((long) 0x1F0D6758EEE30DA1L)   /*  412 */,    unchecked((long) 0xC9B611D97ADEB9B7L)   /*  413 */,
+            unchecked((long) 0xB7AFD5887B6C57A2L)   /*  414 */,    unchecked((long) 0x6290AE846B984FE1L)   /*  415 */,
+            unchecked((long) 0x94DF4CDEACC1A5FDL)   /*  416 */,    unchecked((long) 0x058A5BD1C5483AFFL)   /*  417 */,
+            unchecked((long) 0x63166CC142BA3C37L)   /*  418 */,    unchecked((long) 0x8DB8526EB2F76F40L)   /*  419 */,
+            unchecked((long) 0xE10880036F0D6D4EL)   /*  420 */,    unchecked((long) 0x9E0523C9971D311DL)   /*  421 */,
+            unchecked((long) 0x45EC2824CC7CD691L)   /*  422 */,    unchecked((long) 0x575B8359E62382C9L)   /*  423 */,
+            unchecked((long) 0xFA9E400DC4889995L)   /*  424 */,    unchecked((long) 0xD1823ECB45721568L)   /*  425 */,
+            unchecked((long) 0xDAFD983B8206082FL)   /*  426 */,    unchecked((long) 0xAA7D29082386A8CBL)   /*  427 */,
+            unchecked((long) 0x269FCD4403B87588L)   /*  428 */,    unchecked((long) 0x1B91F5F728BDD1E0L)   /*  429 */,
+            unchecked((long) 0xE4669F39040201F6L)   /*  430 */,    unchecked((long) 0x7A1D7C218CF04ADEL)   /*  431 */,
+            unchecked((long) 0x65623C29D79CE5CEL)   /*  432 */,    unchecked((long) 0x2368449096C00BB1L)   /*  433 */,
+            unchecked((long) 0xAB9BF1879DA503BAL)   /*  434 */,    unchecked((long) 0xBC23ECB1A458058EL)   /*  435 */,
+            unchecked((long) 0x9A58DF01BB401ECCL)   /*  436 */,    unchecked((long) 0xA070E868A85F143DL)   /*  437 */,
+            unchecked((long) 0x4FF188307DF2239EL)   /*  438 */,    unchecked((long) 0x14D565B41A641183L)   /*  439 */,
+            unchecked((long) 0xEE13337452701602L)   /*  440 */,    unchecked((long) 0x950E3DCF3F285E09L)   /*  441 */,
+            unchecked((long) 0x59930254B9C80953L)   /*  442 */,    unchecked((long) 0x3BF299408930DA6DL)   /*  443 */,
+            unchecked((long) 0xA955943F53691387L)   /*  444 */,    unchecked((long) 0xA15EDECAA9CB8784L)   /*  445 */,
+            unchecked((long) 0x29142127352BE9A0L)   /*  446 */,    unchecked((long) 0x76F0371FFF4E7AFBL)   /*  447 */,
+            unchecked((long) 0x0239F450274F2228L)   /*  448 */,    unchecked((long) 0xBB073AF01D5E868BL)   /*  449 */,
+            unchecked((long) 0xBFC80571C10E96C1L)   /*  450 */,    unchecked((long) 0xD267088568222E23L)   /*  451 */,
+            unchecked((long) 0x9671A3D48E80B5B0L)   /*  452 */,    unchecked((long) 0x55B5D38AE193BB81L)   /*  453 */,
+            unchecked((long) 0x693AE2D0A18B04B8L)   /*  454 */,    unchecked((long) 0x5C48B4ECADD5335FL)   /*  455 */,
+            unchecked((long) 0xFD743B194916A1CAL)   /*  456 */,    unchecked((long) 0x2577018134BE98C4L)   /*  457 */,
+            unchecked((long) 0xE77987E83C54A4ADL)   /*  458 */,    unchecked((long) 0x28E11014DA33E1B9L)   /*  459 */,
+            unchecked((long) 0x270CC59E226AA213L)   /*  460 */,    unchecked((long) 0x71495F756D1A5F60L)   /*  461 */,
+            unchecked((long) 0x9BE853FB60AFEF77L)   /*  462 */,    unchecked((long) 0xADC786A7F7443DBFL)   /*  463 */,
+            unchecked((long) 0x0904456173B29A82L)   /*  464 */,    unchecked((long) 0x58BC7A66C232BD5EL)   /*  465 */,
+            unchecked((long) 0xF306558C673AC8B2L)   /*  466 */,    unchecked((long) 0x41F639C6B6C9772AL)   /*  467 */,
+            unchecked((long) 0x216DEFE99FDA35DAL)   /*  468 */,    unchecked((long) 0x11640CC71C7BE615L)   /*  469 */,
+            unchecked((long) 0x93C43694565C5527L)   /*  470 */,    unchecked((long) 0xEA038E6246777839L)   /*  471 */,
+            unchecked((long) 0xF9ABF3CE5A3E2469L)   /*  472 */,    unchecked((long) 0x741E768D0FD312D2L)   /*  473 */,
+            unchecked((long) 0x0144B883CED652C6L)   /*  474 */,    unchecked((long) 0xC20B5A5BA33F8552L)   /*  475 */,
+            unchecked((long) 0x1AE69633C3435A9DL)   /*  476 */,    unchecked((long) 0x97A28CA4088CFDECL)   /*  477 */,
+            unchecked((long) 0x8824A43C1E96F420L)   /*  478 */,    unchecked((long) 0x37612FA66EEEA746L)   /*  479 */,
+            unchecked((long) 0x6B4CB165F9CF0E5AL)   /*  480 */,    unchecked((long) 0x43AA1C06A0ABFB4AL)   /*  481 */,
+            unchecked((long) 0x7F4DC26FF162796BL)   /*  482 */,    unchecked((long) 0x6CBACC8E54ED9B0FL)   /*  483 */,
+            unchecked((long) 0xA6B7FFEFD2BB253EL)   /*  484 */,    unchecked((long) 0x2E25BC95B0A29D4FL)   /*  485 */,
+            unchecked((long) 0x86D6A58BDEF1388CL)   /*  486 */,    unchecked((long) 0xDED74AC576B6F054L)   /*  487 */,
+            unchecked((long) 0x8030BDBC2B45805DL)   /*  488 */,    unchecked((long) 0x3C81AF70E94D9289L)   /*  489 */,
+            unchecked((long) 0x3EFF6DDA9E3100DBL)   /*  490 */,    unchecked((long) 0xB38DC39FDFCC8847L)   /*  491 */,
+            unchecked((long) 0x123885528D17B87EL)   /*  492 */,    unchecked((long) 0xF2DA0ED240B1B642L)   /*  493 */,
+            unchecked((long) 0x44CEFADCD54BF9A9L)   /*  494 */,    unchecked((long) 0x1312200E433C7EE6L)   /*  495 */,
+            unchecked((long) 0x9FFCC84F3A78C748L)   /*  496 */,    unchecked((long) 0xF0CD1F72248576BBL)   /*  497 */,
+            unchecked((long) 0xEC6974053638CFE4L)   /*  498 */,    unchecked((long) 0x2BA7B67C0CEC4E4CL)   /*  499 */,
+            unchecked((long) 0xAC2F4DF3E5CE32EDL)   /*  500 */,    unchecked((long) 0xCB33D14326EA4C11L)   /*  501 */,
+            unchecked((long) 0xA4E9044CC77E58BCL)   /*  502 */,    unchecked((long) 0x5F513293D934FCEFL)   /*  503 */,
+            unchecked((long) 0x5DC9645506E55444L)   /*  504 */,    unchecked((long) 0x50DE418F317DE40AL)   /*  505 */,
+            unchecked((long) 0x388CB31A69DDE259L)   /*  506 */,    unchecked((long) 0x2DB4A83455820A86L)   /*  507 */,
+            unchecked((long) 0x9010A91E84711AE9L)   /*  508 */,    unchecked((long) 0x4DF7F0B7B1498371L)   /*  509 */,
+            unchecked((long) 0xD62A2EABC0977179L)   /*  510 */,    unchecked((long) 0x22FAC097AA8D5C0EL)   /*  511 */,
+        };
+
+        private static readonly long[] t3 = {
+            unchecked((long) 0xF49FCC2FF1DAF39BL)   /*  512 */,    unchecked((long) 0x487FD5C66FF29281L)   /*  513 */,
+            unchecked((long) 0xE8A30667FCDCA83FL)   /*  514 */,    unchecked((long) 0x2C9B4BE3D2FCCE63L)   /*  515 */,
+            unchecked((long) 0xDA3FF74B93FBBBC2L)   /*  516 */,    unchecked((long) 0x2FA165D2FE70BA66L)   /*  517 */,
+            unchecked((long) 0xA103E279970E93D4L)   /*  518 */,    unchecked((long) 0xBECDEC77B0E45E71L)   /*  519 */,
+            unchecked((long) 0xCFB41E723985E497L)   /*  520 */,    unchecked((long) 0xB70AAA025EF75017L)   /*  521 */,
+            unchecked((long) 0xD42309F03840B8E0L)   /*  522 */,    unchecked((long) 0x8EFC1AD035898579L)   /*  523 */,
+            unchecked((long) 0x96C6920BE2B2ABC5L)   /*  524 */,    unchecked((long) 0x66AF4163375A9172L)   /*  525 */,
+            unchecked((long) 0x2174ABDCCA7127FBL)   /*  526 */,    unchecked((long) 0xB33CCEA64A72FF41L)   /*  527 */,
+            unchecked((long) 0xF04A4933083066A5L)   /*  528 */,    unchecked((long) 0x8D970ACDD7289AF5L)   /*  529 */,
+            unchecked((long) 0x8F96E8E031C8C25EL)   /*  530 */,    unchecked((long) 0xF3FEC02276875D47L)   /*  531 */,
+            unchecked((long) 0xEC7BF310056190DDL)   /*  532 */,    unchecked((long) 0xF5ADB0AEBB0F1491L)   /*  533 */,
+            unchecked((long) 0x9B50F8850FD58892L)   /*  534 */,    unchecked((long) 0x4975488358B74DE8L)   /*  535 */,
+            unchecked((long) 0xA3354FF691531C61L)   /*  536 */,    unchecked((long) 0x0702BBE481D2C6EEL)   /*  537 */,
+            unchecked((long) 0x89FB24057DEDED98L)   /*  538 */,    unchecked((long) 0xAC3075138596E902L)   /*  539 */,
+            unchecked((long) 0x1D2D3580172772EDL)   /*  540 */,    unchecked((long) 0xEB738FC28E6BC30DL)   /*  541 */,
+            unchecked((long) 0x5854EF8F63044326L)   /*  542 */,    unchecked((long) 0x9E5C52325ADD3BBEL)   /*  543 */,
+            unchecked((long) 0x90AA53CF325C4623L)   /*  544 */,    unchecked((long) 0xC1D24D51349DD067L)   /*  545 */,
+            unchecked((long) 0x2051CFEEA69EA624L)   /*  546 */,    unchecked((long) 0x13220F0A862E7E4FL)   /*  547 */,
+            unchecked((long) 0xCE39399404E04864L)   /*  548 */,    unchecked((long) 0xD9C42CA47086FCB7L)   /*  549 */,
+            unchecked((long) 0x685AD2238A03E7CCL)   /*  550 */,    unchecked((long) 0x066484B2AB2FF1DBL)   /*  551 */,
+            unchecked((long) 0xFE9D5D70EFBF79ECL)   /*  552 */,    unchecked((long) 0x5B13B9DD9C481854L)   /*  553 */,
+            unchecked((long) 0x15F0D475ED1509ADL)   /*  554 */,    unchecked((long) 0x0BEBCD060EC79851L)   /*  555 */,
+            unchecked((long) 0xD58C6791183AB7F8L)   /*  556 */,    unchecked((long) 0xD1187C5052F3EEE4L)   /*  557 */,
+            unchecked((long) 0xC95D1192E54E82FFL)   /*  558 */,    unchecked((long) 0x86EEA14CB9AC6CA2L)   /*  559 */,
+            unchecked((long) 0x3485BEB153677D5DL)   /*  560 */,    unchecked((long) 0xDD191D781F8C492AL)   /*  561 */,
+            unchecked((long) 0xF60866BAA784EBF9L)   /*  562 */,    unchecked((long) 0x518F643BA2D08C74L)   /*  563 */,
+            unchecked((long) 0x8852E956E1087C22L)   /*  564 */,    unchecked((long) 0xA768CB8DC410AE8DL)   /*  565 */,
+            unchecked((long) 0x38047726BFEC8E1AL)   /*  566 */,    unchecked((long) 0xA67738B4CD3B45AAL)   /*  567 */,
+            unchecked((long) 0xAD16691CEC0DDE19L)   /*  568 */,    unchecked((long) 0xC6D4319380462E07L)   /*  569 */,
+            unchecked((long) 0xC5A5876D0BA61938L)   /*  570 */,    unchecked((long) 0x16B9FA1FA58FD840L)   /*  571 */,
+            unchecked((long) 0x188AB1173CA74F18L)   /*  572 */,    unchecked((long) 0xABDA2F98C99C021FL)   /*  573 */,
+            unchecked((long) 0x3E0580AB134AE816L)   /*  574 */,    unchecked((long) 0x5F3B05B773645ABBL)   /*  575 */,
+            unchecked((long) 0x2501A2BE5575F2F6L)   /*  576 */,    unchecked((long) 0x1B2F74004E7E8BA9L)   /*  577 */,
+            unchecked((long) 0x1CD7580371E8D953L)   /*  578 */,    unchecked((long) 0x7F6ED89562764E30L)   /*  579 */,
+            unchecked((long) 0xB15926FF596F003DL)   /*  580 */,    unchecked((long) 0x9F65293DA8C5D6B9L)   /*  581 */,
+            unchecked((long) 0x6ECEF04DD690F84CL)   /*  582 */,    unchecked((long) 0x4782275FFF33AF88L)   /*  583 */,
+            unchecked((long) 0xE41433083F820801L)   /*  584 */,    unchecked((long) 0xFD0DFE409A1AF9B5L)   /*  585 */,
+            unchecked((long) 0x4325A3342CDB396BL)   /*  586 */,    unchecked((long) 0x8AE77E62B301B252L)   /*  587 */,
+            unchecked((long) 0xC36F9E9F6655615AL)   /*  588 */,    unchecked((long) 0x85455A2D92D32C09L)   /*  589 */,
+            unchecked((long) 0xF2C7DEA949477485L)   /*  590 */,    unchecked((long) 0x63CFB4C133A39EBAL)   /*  591 */,
+            unchecked((long) 0x83B040CC6EBC5462L)   /*  592 */,    unchecked((long) 0x3B9454C8FDB326B0L)   /*  593 */,
+            unchecked((long) 0x56F56A9E87FFD78CL)   /*  594 */,    unchecked((long) 0x2DC2940D99F42BC6L)   /*  595 */,
+            unchecked((long) 0x98F7DF096B096E2DL)   /*  596 */,    unchecked((long) 0x19A6E01E3AD852BFL)   /*  597 */,
+            unchecked((long) 0x42A99CCBDBD4B40BL)   /*  598 */,    unchecked((long) 0xA59998AF45E9C559L)   /*  599 */,
+            unchecked((long) 0x366295E807D93186L)   /*  600 */,    unchecked((long) 0x6B48181BFAA1F773L)   /*  601 */,
+            unchecked((long) 0x1FEC57E2157A0A1DL)   /*  602 */,    unchecked((long) 0x4667446AF6201AD5L)   /*  603 */,
+            unchecked((long) 0xE615EBCACFB0F075L)   /*  604 */,    unchecked((long) 0xB8F31F4F68290778L)   /*  605 */,
+            unchecked((long) 0x22713ED6CE22D11EL)   /*  606 */,    unchecked((long) 0x3057C1A72EC3C93BL)   /*  607 */,
+            unchecked((long) 0xCB46ACC37C3F1F2FL)   /*  608 */,    unchecked((long) 0xDBB893FD02AAF50EL)   /*  609 */,
+            unchecked((long) 0x331FD92E600B9FCFL)   /*  610 */,    unchecked((long) 0xA498F96148EA3AD6L)   /*  611 */,
+            unchecked((long) 0xA8D8426E8B6A83EAL)   /*  612 */,    unchecked((long) 0xA089B274B7735CDCL)   /*  613 */,
+            unchecked((long) 0x87F6B3731E524A11L)   /*  614 */,    unchecked((long) 0x118808E5CBC96749L)   /*  615 */,
+            unchecked((long) 0x9906E4C7B19BD394L)   /*  616 */,    unchecked((long) 0xAFED7F7E9B24A20CL)   /*  617 */,
+            unchecked((long) 0x6509EADEEB3644A7L)   /*  618 */,    unchecked((long) 0x6C1EF1D3E8EF0EDEL)   /*  619 */,
+            unchecked((long) 0xB9C97D43E9798FB4L)   /*  620 */,    unchecked((long) 0xA2F2D784740C28A3L)   /*  621 */,
+            unchecked((long) 0x7B8496476197566FL)   /*  622 */,    unchecked((long) 0x7A5BE3E6B65F069DL)   /*  623 */,
+            unchecked((long) 0xF96330ED78BE6F10L)   /*  624 */,    unchecked((long) 0xEEE60DE77A076A15L)   /*  625 */,
+            unchecked((long) 0x2B4BEE4AA08B9BD0L)   /*  626 */,    unchecked((long) 0x6A56A63EC7B8894EL)   /*  627 */,
+            unchecked((long) 0x02121359BA34FEF4L)   /*  628 */,    unchecked((long) 0x4CBF99F8283703FCL)   /*  629 */,
+            unchecked((long) 0x398071350CAF30C8L)   /*  630 */,    unchecked((long) 0xD0A77A89F017687AL)   /*  631 */,
+            unchecked((long) 0xF1C1A9EB9E423569L)   /*  632 */,    unchecked((long) 0x8C7976282DEE8199L)   /*  633 */,
+            unchecked((long) 0x5D1737A5DD1F7ABDL)   /*  634 */,    unchecked((long) 0x4F53433C09A9FA80L)   /*  635 */,
+            unchecked((long) 0xFA8B0C53DF7CA1D9L)   /*  636 */,    unchecked((long) 0x3FD9DCBC886CCB77L)   /*  637 */,
+            unchecked((long) 0xC040917CA91B4720L)   /*  638 */,    unchecked((long) 0x7DD00142F9D1DCDFL)   /*  639 */,
+            unchecked((long) 0x8476FC1D4F387B58L)   /*  640 */,    unchecked((long) 0x23F8E7C5F3316503L)   /*  641 */,
+            unchecked((long) 0x032A2244E7E37339L)   /*  642 */,    unchecked((long) 0x5C87A5D750F5A74BL)   /*  643 */,
+            unchecked((long) 0x082B4CC43698992EL)   /*  644 */,    unchecked((long) 0xDF917BECB858F63CL)   /*  645 */,
+            unchecked((long) 0x3270B8FC5BF86DDAL)   /*  646 */,    unchecked((long) 0x10AE72BB29B5DD76L)   /*  647 */,
+            unchecked((long) 0x576AC94E7700362BL)   /*  648 */,    unchecked((long) 0x1AD112DAC61EFB8FL)   /*  649 */,
+            unchecked((long) 0x691BC30EC5FAA427L)   /*  650 */,    unchecked((long) 0xFF246311CC327143L)   /*  651 */,
+            unchecked((long) 0x3142368E30E53206L)   /*  652 */,    unchecked((long) 0x71380E31E02CA396L)   /*  653 */,
+            unchecked((long) 0x958D5C960AAD76F1L)   /*  654 */,    unchecked((long) 0xF8D6F430C16DA536L)   /*  655 */,
+            unchecked((long) 0xC8FFD13F1BE7E1D2L)   /*  656 */,    unchecked((long) 0x7578AE66004DDBE1L)   /*  657 */,
+            unchecked((long) 0x05833F01067BE646L)   /*  658 */,    unchecked((long) 0xBB34B5AD3BFE586DL)   /*  659 */,
+            unchecked((long) 0x095F34C9A12B97F0L)   /*  660 */,    unchecked((long) 0x247AB64525D60CA8L)   /*  661 */,
+            unchecked((long) 0xDCDBC6F3017477D1L)   /*  662 */,    unchecked((long) 0x4A2E14D4DECAD24DL)   /*  663 */,
+            unchecked((long) 0xBDB5E6D9BE0A1EEBL)   /*  664 */,    unchecked((long) 0x2A7E70F7794301ABL)   /*  665 */,
+            unchecked((long) 0xDEF42D8A270540FDL)   /*  666 */,    unchecked((long) 0x01078EC0A34C22C1L)   /*  667 */,
+            unchecked((long) 0xE5DE511AF4C16387L)   /*  668 */,    unchecked((long) 0x7EBB3A52BD9A330AL)   /*  669 */,
+            unchecked((long) 0x77697857AA7D6435L)   /*  670 */,    unchecked((long) 0x004E831603AE4C32L)   /*  671 */,
+            unchecked((long) 0xE7A21020AD78E312L)   /*  672 */,    unchecked((long) 0x9D41A70C6AB420F2L)   /*  673 */,
+            unchecked((long) 0x28E06C18EA1141E6L)   /*  674 */,    unchecked((long) 0xD2B28CBD984F6B28L)   /*  675 */,
+            unchecked((long) 0x26B75F6C446E9D83L)   /*  676 */,    unchecked((long) 0xBA47568C4D418D7FL)   /*  677 */,
+            unchecked((long) 0xD80BADBFE6183D8EL)   /*  678 */,    unchecked((long) 0x0E206D7F5F166044L)   /*  679 */,
+            unchecked((long) 0xE258A43911CBCA3EL)   /*  680 */,    unchecked((long) 0x723A1746B21DC0BCL)   /*  681 */,
+            unchecked((long) 0xC7CAA854F5D7CDD3L)   /*  682 */,    unchecked((long) 0x7CAC32883D261D9CL)   /*  683 */,
+            unchecked((long) 0x7690C26423BA942CL)   /*  684 */,    unchecked((long) 0x17E55524478042B8L)   /*  685 */,
+            unchecked((long) 0xE0BE477656A2389FL)   /*  686 */,    unchecked((long) 0x4D289B5E67AB2DA0L)   /*  687 */,
+            unchecked((long) 0x44862B9C8FBBFD31L)   /*  688 */,    unchecked((long) 0xB47CC8049D141365L)   /*  689 */,
+            unchecked((long) 0x822C1B362B91C793L)   /*  690 */,    unchecked((long) 0x4EB14655FB13DFD8L)   /*  691 */,
+            unchecked((long) 0x1ECBBA0714E2A97BL)   /*  692 */,    unchecked((long) 0x6143459D5CDE5F14L)   /*  693 */,
+            unchecked((long) 0x53A8FBF1D5F0AC89L)   /*  694 */,    unchecked((long) 0x97EA04D81C5E5B00L)   /*  695 */,
+            unchecked((long) 0x622181A8D4FDB3F3L)   /*  696 */,    unchecked((long) 0xE9BCD341572A1208L)   /*  697 */,
+            unchecked((long) 0x1411258643CCE58AL)   /*  698 */,    unchecked((long) 0x9144C5FEA4C6E0A4L)   /*  699 */,
+            unchecked((long) 0x0D33D06565CF620FL)   /*  700 */,    unchecked((long) 0x54A48D489F219CA1L)   /*  701 */,
+            unchecked((long) 0xC43E5EAC6D63C821L)   /*  702 */,    unchecked((long) 0xA9728B3A72770DAFL)   /*  703 */,
+            unchecked((long) 0xD7934E7B20DF87EFL)   /*  704 */,    unchecked((long) 0xE35503B61A3E86E5L)   /*  705 */,
+            unchecked((long) 0xCAE321FBC819D504L)   /*  706 */,    unchecked((long) 0x129A50B3AC60BFA6L)   /*  707 */,
+            unchecked((long) 0xCD5E68EA7E9FB6C3L)   /*  708 */,    unchecked((long) 0xB01C90199483B1C7L)   /*  709 */,
+            unchecked((long) 0x3DE93CD5C295376CL)   /*  710 */,    unchecked((long) 0xAED52EDF2AB9AD13L)   /*  711 */,
+            unchecked((long) 0x2E60F512C0A07884L)   /*  712 */,    unchecked((long) 0xBC3D86A3E36210C9L)   /*  713 */,
+            unchecked((long) 0x35269D9B163951CEL)   /*  714 */,    unchecked((long) 0x0C7D6E2AD0CDB5FAL)   /*  715 */,
+            unchecked((long) 0x59E86297D87F5733L)   /*  716 */,    unchecked((long) 0x298EF221898DB0E7L)   /*  717 */,
+            unchecked((long) 0x55000029D1A5AA7EL)   /*  718 */,    unchecked((long) 0x8BC08AE1B5061B45L)   /*  719 */,
+            unchecked((long) 0xC2C31C2B6C92703AL)   /*  720 */,    unchecked((long) 0x94CC596BAF25EF42L)   /*  721 */,
+            unchecked((long) 0x0A1D73DB22540456L)   /*  722 */,    unchecked((long) 0x04B6A0F9D9C4179AL)   /*  723 */,
+            unchecked((long) 0xEFFDAFA2AE3D3C60L)   /*  724 */,    unchecked((long) 0xF7C8075BB49496C4L)   /*  725 */,
+            unchecked((long) 0x9CC5C7141D1CD4E3L)   /*  726 */,    unchecked((long) 0x78BD1638218E5534L)   /*  727 */,
+            unchecked((long) 0xB2F11568F850246AL)   /*  728 */,    unchecked((long) 0xEDFABCFA9502BC29L)   /*  729 */,
+            unchecked((long) 0x796CE5F2DA23051BL)   /*  730 */,    unchecked((long) 0xAAE128B0DC93537CL)   /*  731 */,
+            unchecked((long) 0x3A493DA0EE4B29AEL)   /*  732 */,    unchecked((long) 0xB5DF6B2C416895D7L)   /*  733 */,
+            unchecked((long) 0xFCABBD25122D7F37L)   /*  734 */,    unchecked((long) 0x70810B58105DC4B1L)   /*  735 */,
+            unchecked((long) 0xE10FDD37F7882A90L)   /*  736 */,    unchecked((long) 0x524DCAB5518A3F5CL)   /*  737 */,
+            unchecked((long) 0x3C9E85878451255BL)   /*  738 */,    unchecked((long) 0x4029828119BD34E2L)   /*  739 */,
+            unchecked((long) 0x74A05B6F5D3CECCBL)   /*  740 */,    unchecked((long) 0xB610021542E13ECAL)   /*  741 */,
+            unchecked((long) 0x0FF979D12F59E2ACL)   /*  742 */,    unchecked((long) 0x6037DA27E4F9CC50L)   /*  743 */,
+            unchecked((long) 0x5E92975A0DF1847DL)   /*  744 */,    unchecked((long) 0xD66DE190D3E623FEL)   /*  745 */,
+            unchecked((long) 0x5032D6B87B568048L)   /*  746 */,    unchecked((long) 0x9A36B7CE8235216EL)   /*  747 */,
+            unchecked((long) 0x80272A7A24F64B4AL)   /*  748 */,    unchecked((long) 0x93EFED8B8C6916F7L)   /*  749 */,
+            unchecked((long) 0x37DDBFF44CCE1555L)   /*  750 */,    unchecked((long) 0x4B95DB5D4B99BD25L)   /*  751 */,
+            unchecked((long) 0x92D3FDA169812FC0L)   /*  752 */,    unchecked((long) 0xFB1A4A9A90660BB6L)   /*  753 */,
+            unchecked((long) 0x730C196946A4B9B2L)   /*  754 */,    unchecked((long) 0x81E289AA7F49DA68L)   /*  755 */,
+            unchecked((long) 0x64669A0F83B1A05FL)   /*  756 */,    unchecked((long) 0x27B3FF7D9644F48BL)   /*  757 */,
+            unchecked((long) 0xCC6B615C8DB675B3L)   /*  758 */,    unchecked((long) 0x674F20B9BCEBBE95L)   /*  759 */,
+            unchecked((long) 0x6F31238275655982L)   /*  760 */,    unchecked((long) 0x5AE488713E45CF05L)   /*  761 */,
+            unchecked((long) 0xBF619F9954C21157L)   /*  762 */,    unchecked((long) 0xEABAC46040A8EAE9L)   /*  763 */,
+            unchecked((long) 0x454C6FE9F2C0C1CDL)   /*  764 */,    unchecked((long) 0x419CF6496412691CL)   /*  765 */,
+            unchecked((long) 0xD3DC3BEF265B0F70L)   /*  766 */,    unchecked((long) 0x6D0E60F5C3578A9EL)   /*  767 */,
+        };
+
+        private static readonly long[] t4 = {
+            unchecked((long) 0x5B0E608526323C55L)   /*  768 */,    unchecked((long) 0x1A46C1A9FA1B59F5L)   /*  769 */,
+            unchecked((long) 0xA9E245A17C4C8FFAL)   /*  770 */,    unchecked((long) 0x65CA5159DB2955D7L)   /*  771 */,
+            unchecked((long) 0x05DB0A76CE35AFC2L)   /*  772 */,    unchecked((long) 0x81EAC77EA9113D45L)   /*  773 */,
+            unchecked((long) 0x528EF88AB6AC0A0DL)   /*  774 */,    unchecked((long) 0xA09EA253597BE3FFL)   /*  775 */,
+            unchecked((long) 0x430DDFB3AC48CD56L)   /*  776 */,    unchecked((long) 0xC4B3A67AF45CE46FL)   /*  777 */,
+            unchecked((long) 0x4ECECFD8FBE2D05EL)   /*  778 */,    unchecked((long) 0x3EF56F10B39935F0L)   /*  779 */,
+            unchecked((long) 0x0B22D6829CD619C6L)   /*  780 */,    unchecked((long) 0x17FD460A74DF2069L)   /*  781 */,
+            unchecked((long) 0x6CF8CC8E8510ED40L)   /*  782 */,    unchecked((long) 0xD6C824BF3A6ECAA7L)   /*  783 */,
+            unchecked((long) 0x61243D581A817049L)   /*  784 */,    unchecked((long) 0x048BACB6BBC163A2L)   /*  785 */,
+            unchecked((long) 0xD9A38AC27D44CC32L)   /*  786 */,    unchecked((long) 0x7FDDFF5BAAF410ABL)   /*  787 */,
+            unchecked((long) 0xAD6D495AA804824BL)   /*  788 */,    unchecked((long) 0xE1A6A74F2D8C9F94L)   /*  789 */,
+            unchecked((long) 0xD4F7851235DEE8E3L)   /*  790 */,    unchecked((long) 0xFD4B7F886540D893L)   /*  791 */,
+            unchecked((long) 0x247C20042AA4BFDAL)   /*  792 */,    unchecked((long) 0x096EA1C517D1327CL)   /*  793 */,
+            unchecked((long) 0xD56966B4361A6685L)   /*  794 */,    unchecked((long) 0x277DA5C31221057DL)   /*  795 */,
+            unchecked((long) 0x94D59893A43ACFF7L)   /*  796 */,    unchecked((long) 0x64F0C51CCDC02281L)   /*  797 */,
+            unchecked((long) 0x3D33BCC4FF6189DBL)   /*  798 */,    unchecked((long) 0xE005CB184CE66AF1L)   /*  799 */,
+            unchecked((long) 0xFF5CCD1D1DB99BEAL)   /*  800 */,    unchecked((long) 0xB0B854A7FE42980FL)   /*  801 */,
+            unchecked((long) 0x7BD46A6A718D4B9FL)   /*  802 */,    unchecked((long) 0xD10FA8CC22A5FD8CL)   /*  803 */,
+            unchecked((long) 0xD31484952BE4BD31L)   /*  804 */,    unchecked((long) 0xC7FA975FCB243847L)   /*  805 */,
+            unchecked((long) 0x4886ED1E5846C407L)   /*  806 */,    unchecked((long) 0x28CDDB791EB70B04L)   /*  807 */,
+            unchecked((long) 0xC2B00BE2F573417FL)   /*  808 */,    unchecked((long) 0x5C9590452180F877L)   /*  809 */,
+            unchecked((long) 0x7A6BDDFFF370EB00L)   /*  810 */,    unchecked((long) 0xCE509E38D6D9D6A4L)   /*  811 */,
+            unchecked((long) 0xEBEB0F00647FA702L)   /*  812 */,    unchecked((long) 0x1DCC06CF76606F06L)   /*  813 */,
+            unchecked((long) 0xE4D9F28BA286FF0AL)   /*  814 */,    unchecked((long) 0xD85A305DC918C262L)   /*  815 */,
+            unchecked((long) 0x475B1D8732225F54L)   /*  816 */,    unchecked((long) 0x2D4FB51668CCB5FEL)   /*  817 */,
+            unchecked((long) 0xA679B9D9D72BBA20L)   /*  818 */,    unchecked((long) 0x53841C0D912D43A5L)   /*  819 */,
+            unchecked((long) 0x3B7EAA48BF12A4E8L)   /*  820 */,    unchecked((long) 0x781E0E47F22F1DDFL)   /*  821 */,
+            unchecked((long) 0xEFF20CE60AB50973L)   /*  822 */,    unchecked((long) 0x20D261D19DFFB742L)   /*  823 */,
+            unchecked((long) 0x16A12B03062A2E39L)   /*  824 */,    unchecked((long) 0x1960EB2239650495L)   /*  825 */,
+            unchecked((long) 0x251C16FED50EB8B8L)   /*  826 */,    unchecked((long) 0x9AC0C330F826016EL)   /*  827 */,
+            unchecked((long) 0xED152665953E7671L)   /*  828 */,    unchecked((long) 0x02D63194A6369570L)   /*  829 */,
+            unchecked((long) 0x5074F08394B1C987L)   /*  830 */,    unchecked((long) 0x70BA598C90B25CE1L)   /*  831 */,
+            unchecked((long) 0x794A15810B9742F6L)   /*  832 */,    unchecked((long) 0x0D5925E9FCAF8C6CL)   /*  833 */,
+            unchecked((long) 0x3067716CD868744EL)   /*  834 */,    unchecked((long) 0x910AB077E8D7731BL)   /*  835 */,
+            unchecked((long) 0x6A61BBDB5AC42F61L)   /*  836 */,    unchecked((long) 0x93513EFBF0851567L)   /*  837 */,
+            unchecked((long) 0xF494724B9E83E9D5L)   /*  838 */,    unchecked((long) 0xE887E1985C09648DL)   /*  839 */,
+            unchecked((long) 0x34B1D3C675370CFDL)   /*  840 */,    unchecked((long) 0xDC35E433BC0D255DL)   /*  841 */,
+            unchecked((long) 0xD0AAB84234131BE0L)   /*  842 */,    unchecked((long) 0x08042A50B48B7EAFL)   /*  843 */,
+            unchecked((long) 0x9997C4EE44A3AB35L)   /*  844 */,    unchecked((long) 0x829A7B49201799D0L)   /*  845 */,
+            unchecked((long) 0x263B8307B7C54441L)   /*  846 */,    unchecked((long) 0x752F95F4FD6A6CA6L)   /*  847 */,
+            unchecked((long) 0x927217402C08C6E5L)   /*  848 */,    unchecked((long) 0x2A8AB754A795D9EEL)   /*  849 */,
+            unchecked((long) 0xA442F7552F72943DL)   /*  850 */,    unchecked((long) 0x2C31334E19781208L)   /*  851 */,
+            unchecked((long) 0x4FA98D7CEAEE6291L)   /*  852 */,    unchecked((long) 0x55C3862F665DB309L)   /*  853 */,
+            unchecked((long) 0xBD0610175D53B1F3L)   /*  854 */,    unchecked((long) 0x46FE6CB840413F27L)   /*  855 */,
+            unchecked((long) 0x3FE03792DF0CFA59L)   /*  856 */,    unchecked((long) 0xCFE700372EB85E8FL)   /*  857 */,
+            unchecked((long) 0xA7BE29E7ADBCE118L)   /*  858 */,    unchecked((long) 0xE544EE5CDE8431DDL)   /*  859 */,
+            unchecked((long) 0x8A781B1B41F1873EL)   /*  860 */,    unchecked((long) 0xA5C94C78A0D2F0E7L)   /*  861 */,
+            unchecked((long) 0x39412E2877B60728L)   /*  862 */,    unchecked((long) 0xA1265EF3AFC9A62CL)   /*  863 */,
+            unchecked((long) 0xBCC2770C6A2506C5L)   /*  864 */,    unchecked((long) 0x3AB66DD5DCE1CE12L)   /*  865 */,
+            unchecked((long) 0xE65499D04A675B37L)   /*  866 */,    unchecked((long) 0x7D8F523481BFD216L)   /*  867 */,
+            unchecked((long) 0x0F6F64FCEC15F389L)   /*  868 */,    unchecked((long) 0x74EFBE618B5B13C8L)   /*  869 */,
+            unchecked((long) 0xACDC82B714273E1DL)   /*  870 */,    unchecked((long) 0xDD40BFE003199D17L)   /*  871 */,
+            unchecked((long) 0x37E99257E7E061F8L)   /*  872 */,    unchecked((long) 0xFA52626904775AAAL)   /*  873 */,
+            unchecked((long) 0x8BBBF63A463D56F9L)   /*  874 */,    unchecked((long) 0xF0013F1543A26E64L)   /*  875 */,
+            unchecked((long) 0xA8307E9F879EC898L)   /*  876 */,    unchecked((long) 0xCC4C27A4150177CCL)   /*  877 */,
+            unchecked((long) 0x1B432F2CCA1D3348L)   /*  878 */,    unchecked((long) 0xDE1D1F8F9F6FA013L)   /*  879 */,
+            unchecked((long) 0x606602A047A7DDD6L)   /*  880 */,    unchecked((long) 0xD237AB64CC1CB2C7L)   /*  881 */,
+            unchecked((long) 0x9B938E7225FCD1D3L)   /*  882 */,    unchecked((long) 0xEC4E03708E0FF476L)   /*  883 */,
+            unchecked((long) 0xFEB2FBDA3D03C12DL)   /*  884 */,    unchecked((long) 0xAE0BCED2EE43889AL)   /*  885 */,
+            unchecked((long) 0x22CB8923EBFB4F43L)   /*  886 */,    unchecked((long) 0x69360D013CF7396DL)   /*  887 */,
+            unchecked((long) 0x855E3602D2D4E022L)   /*  888 */,    unchecked((long) 0x073805BAD01F784CL)   /*  889 */,
+            unchecked((long) 0x33E17A133852F546L)   /*  890 */,    unchecked((long) 0xDF4874058AC7B638L)   /*  891 */,
+            unchecked((long) 0xBA92B29C678AA14AL)   /*  892 */,    unchecked((long) 0x0CE89FC76CFAADCDL)   /*  893 */,
+            unchecked((long) 0x5F9D4E0908339E34L)   /*  894 */,    unchecked((long) 0xF1AFE9291F5923B9L)   /*  895 */,
+            unchecked((long) 0x6E3480F60F4A265FL)   /*  896 */,    unchecked((long) 0xEEBF3A2AB29B841CL)   /*  897 */,
+            unchecked((long) 0xE21938A88F91B4ADL)   /*  898 */,    unchecked((long) 0x57DFEFF845C6D3C3L)   /*  899 */,
+            unchecked((long) 0x2F006B0BF62CAAF2L)   /*  900 */,    unchecked((long) 0x62F479EF6F75EE78L)   /*  901 */,
+            unchecked((long) 0x11A55AD41C8916A9L)   /*  902 */,    unchecked((long) 0xF229D29084FED453L)   /*  903 */,
+            unchecked((long) 0x42F1C27B16B000E6L)   /*  904 */,    unchecked((long) 0x2B1F76749823C074L)   /*  905 */,
+            unchecked((long) 0x4B76ECA3C2745360L)   /*  906 */,    unchecked((long) 0x8C98F463B91691BDL)   /*  907 */,
+            unchecked((long) 0x14BCC93CF1ADE66AL)   /*  908 */,    unchecked((long) 0x8885213E6D458397L)   /*  909 */,
+            unchecked((long) 0x8E177DF0274D4711L)   /*  910 */,    unchecked((long) 0xB49B73B5503F2951L)   /*  911 */,
+            unchecked((long) 0x10168168C3F96B6BL)   /*  912 */,    unchecked((long) 0x0E3D963B63CAB0AEL)   /*  913 */,
+            unchecked((long) 0x8DFC4B5655A1DB14L)   /*  914 */,    unchecked((long) 0xF789F1356E14DE5CL)   /*  915 */,
+            unchecked((long) 0x683E68AF4E51DAC1L)   /*  916 */,    unchecked((long) 0xC9A84F9D8D4B0FD9L)   /*  917 */,
+            unchecked((long) 0x3691E03F52A0F9D1L)   /*  918 */,    unchecked((long) 0x5ED86E46E1878E80L)   /*  919 */,
+            unchecked((long) 0x3C711A0E99D07150L)   /*  920 */,    unchecked((long) 0x5A0865B20C4E9310L)   /*  921 */,
+            unchecked((long) 0x56FBFC1FE4F0682EL)   /*  922 */,    unchecked((long) 0xEA8D5DE3105EDF9BL)   /*  923 */,
+            unchecked((long) 0x71ABFDB12379187AL)   /*  924 */,    unchecked((long) 0x2EB99DE1BEE77B9CL)   /*  925 */,
+            unchecked((long) 0x21ECC0EA33CF4523L)   /*  926 */,    unchecked((long) 0x59A4D7521805C7A1L)   /*  927 */,
+            unchecked((long) 0x3896F5EB56AE7C72L)   /*  928 */,    unchecked((long) 0xAA638F3DB18F75DCL)   /*  929 */,
+            unchecked((long) 0x9F39358DABE9808EL)   /*  930 */,    unchecked((long) 0xB7DEFA91C00B72ACL)   /*  931 */,
+            unchecked((long) 0x6B5541FD62492D92L)   /*  932 */,    unchecked((long) 0x6DC6DEE8F92E4D5BL)   /*  933 */,
+            unchecked((long) 0x353F57ABC4BEEA7EL)   /*  934 */,    unchecked((long) 0x735769D6DA5690CEL)   /*  935 */,
+            unchecked((long) 0x0A234AA642391484L)   /*  936 */,    unchecked((long) 0xF6F9508028F80D9DL)   /*  937 */,
+            unchecked((long) 0xB8E319A27AB3F215L)   /*  938 */,    unchecked((long) 0x31AD9C1151341A4DL)   /*  939 */,
+            unchecked((long) 0x773C22A57BEF5805L)   /*  940 */,    unchecked((long) 0x45C7561A07968633L)   /*  941 */,
+            unchecked((long) 0xF913DA9E249DBE36L)   /*  942 */,    unchecked((long) 0xDA652D9B78A64C68L)   /*  943 */,
+            unchecked((long) 0x4C27A97F3BC334EFL)   /*  944 */,    unchecked((long) 0x76621220E66B17F4L)   /*  945 */,
+            unchecked((long) 0x967743899ACD7D0BL)   /*  946 */,    unchecked((long) 0xF3EE5BCAE0ED6782L)   /*  947 */,
+            unchecked((long) 0x409F753600C879FCL)   /*  948 */,    unchecked((long) 0x06D09A39B5926DB6L)   /*  949 */,
+            unchecked((long) 0x6F83AEB0317AC588L)   /*  950 */,    unchecked((long) 0x01E6CA4A86381F21L)   /*  951 */,
+            unchecked((long) 0x66FF3462D19F3025L)   /*  952 */,    unchecked((long) 0x72207C24DDFD3BFBL)   /*  953 */,
+            unchecked((long) 0x4AF6B6D3E2ECE2EBL)   /*  954 */,    unchecked((long) 0x9C994DBEC7EA08DEL)   /*  955 */,
+            unchecked((long) 0x49ACE597B09A8BC4L)   /*  956 */,    unchecked((long) 0xB38C4766CF0797BAL)   /*  957 */,
+            unchecked((long) 0x131B9373C57C2A75L)   /*  958 */,    unchecked((long) 0xB1822CCE61931E58L)   /*  959 */,
+            unchecked((long) 0x9D7555B909BA1C0CL)   /*  960 */,    unchecked((long) 0x127FAFDD937D11D2L)   /*  961 */,
+            unchecked((long) 0x29DA3BADC66D92E4L)   /*  962 */,    unchecked((long) 0xA2C1D57154C2ECBCL)   /*  963 */,
+            unchecked((long) 0x58C5134D82F6FE24L)   /*  964 */,    unchecked((long) 0x1C3AE3515B62274FL)   /*  965 */,
+            unchecked((long) 0xE907C82E01CB8126L)   /*  966 */,    unchecked((long) 0xF8ED091913E37FCBL)   /*  967 */,
+            unchecked((long) 0x3249D8F9C80046C9L)   /*  968 */,    unchecked((long) 0x80CF9BEDE388FB63L)   /*  969 */,
+            unchecked((long) 0x1881539A116CF19EL)   /*  970 */,    unchecked((long) 0x5103F3F76BD52457L)   /*  971 */,
+            unchecked((long) 0x15B7E6F5AE47F7A8L)   /*  972 */,    unchecked((long) 0xDBD7C6DED47E9CCFL)   /*  973 */,
+            unchecked((long) 0x44E55C410228BB1AL)   /*  974 */,    unchecked((long) 0xB647D4255EDB4E99L)   /*  975 */,
+            unchecked((long) 0x5D11882BB8AAFC30L)   /*  976 */,    unchecked((long) 0xF5098BBB29D3212AL)   /*  977 */,
+            unchecked((long) 0x8FB5EA14E90296B3L)   /*  978 */,    unchecked((long) 0x677B942157DD025AL)   /*  979 */,
+            unchecked((long) 0xFB58E7C0A390ACB5L)   /*  980 */,    unchecked((long) 0x89D3674C83BD4A01L)   /*  981 */,
+            unchecked((long) 0x9E2DA4DF4BF3B93BL)   /*  982 */,    unchecked((long) 0xFCC41E328CAB4829L)   /*  983 */,
+            unchecked((long) 0x03F38C96BA582C52L)   /*  984 */,    unchecked((long) 0xCAD1BDBD7FD85DB2L)   /*  985 */,
+            unchecked((long) 0xBBB442C16082AE83L)   /*  986 */,    unchecked((long) 0xB95FE86BA5DA9AB0L)   /*  987 */,
+            unchecked((long) 0xB22E04673771A93FL)   /*  988 */,    unchecked((long) 0x845358C9493152D8L)   /*  989 */,
+            unchecked((long) 0xBE2A488697B4541EL)   /*  990 */,    unchecked((long) 0x95A2DC2DD38E6966L)   /*  991 */,
+            unchecked((long) 0xC02C11AC923C852BL)   /*  992 */,    unchecked((long) 0x2388B1990DF2A87BL)   /*  993 */,
+            unchecked((long) 0x7C8008FA1B4F37BEL)   /*  994 */,    unchecked((long) 0x1F70D0C84D54E503L)   /*  995 */,
+            unchecked((long) 0x5490ADEC7ECE57D4L)   /*  996 */,    unchecked((long) 0x002B3C27D9063A3AL)   /*  997 */,
+            unchecked((long) 0x7EAEA3848030A2BFL)   /*  998 */,    unchecked((long) 0xC602326DED2003C0L)   /*  999 */,
+            unchecked((long) 0x83A7287D69A94086L)   /* 1000 */,    unchecked((long) 0xC57A5FCB30F57A8AL)   /* 1001 */,
+            unchecked((long) 0xB56844E479EBE779L)   /* 1002 */,    unchecked((long) 0xA373B40F05DCBCE9L)   /* 1003 */,
+            unchecked((long) 0xD71A786E88570EE2L)   /* 1004 */,    unchecked((long) 0x879CBACDBDE8F6A0L)   /* 1005 */,
+            unchecked((long) 0x976AD1BCC164A32FL)   /* 1006 */,    unchecked((long) 0xAB21E25E9666D78BL)   /* 1007 */,
+            unchecked((long) 0x901063AAE5E5C33CL)   /* 1008 */,    unchecked((long) 0x9818B34448698D90L)   /* 1009 */,
+            unchecked((long) 0xE36487AE3E1E8ABBL)   /* 1010 */,    unchecked((long) 0xAFBDF931893BDCB4L)   /* 1011 */,
+            unchecked((long) 0x6345A0DC5FBBD519L)   /* 1012 */,    unchecked((long) 0x8628FE269B9465CAL)   /* 1013 */,
+            unchecked((long) 0x1E5D01603F9C51ECL)   /* 1014 */,    unchecked((long) 0x4DE44006A15049B7L)   /* 1015 */,
+            unchecked((long) 0xBF6C70E5F776CBB1L)   /* 1016 */,    unchecked((long) 0x411218F2EF552BEDL)   /* 1017 */,
+            unchecked((long) 0xCB0C0708705A36A3L)   /* 1018 */,    unchecked((long) 0xE74D14754F986044L)   /* 1019 */,
+            unchecked((long) 0xCD56D9430EA8280EL)   /* 1020 */,    unchecked((long) 0xC12591D7535F5065L)   /* 1021 */,
+            unchecked((long) 0xC83223F1720AEF96L)   /* 1022 */,    unchecked((long) 0xC3A0396F7363A51FL)   /* 1023 */
+        };
+
+        private const int    DigestLength = 24;
+
+        //
+        // registers
+        //
+        private long    a, b, c;
+        private long    byteCount;
+
+        //
+        // buffers
+        //
+        private byte[]  Buffer = new byte[8];
+        private int     bOff;
+
+        private long[]  x = new long[8];
+        private int     xOff;
+
+        /**
+        * Standard constructor
+        */
+        public TigerDigest()
+        {
+            Reset();
+        }
+
+        /**
+        * Copy constructor.  This will copy the state of the provided
+        * message digest.
+        */
+        public TigerDigest(TigerDigest t)
+        {
+			Reset(t);
+        }
+
+		public string AlgorithmName
+		{
+			get { return "Tiger"; }
+		}
+
+		public int GetDigestSize()
+		{
+			return DigestLength;
+		}
+
+		public int GetByteLength()
+		{
+			return MyByteLength;
+		}
+
+		private void ProcessWord(
+            byte[]  b,
+            int     off)
+        {
+            x[xOff++] =   ((long)(b[off + 7] & 0xff) << 56)
+                        | ((long)(b[off + 6] & 0xff) << 48)
+                        | ((long)(b[off + 5] & 0xff) << 40)
+                        | ((long)(b[off + 4] & 0xff) << 32)
+                        | ((long)(b[off + 3] & 0xff) << 24)
+                        | ((long)(b[off + 2] & 0xff) << 16)
+                        | ((long)(b[off + 1] & 0xff) << 8)
+                        | ((uint)(b[off + 0] & 0xff));
+
+            if (xOff == x.Length)
+            {
+                ProcessBlock();
+            }
+
+            bOff = 0;
+        }
+
+        public void Update(
+            byte input)
+        {
+            Buffer[bOff++] = input;
+
+            if (bOff == Buffer.Length)
+            {
+                ProcessWord(Buffer, 0);
+            }
+
+            byteCount++;
+        }
+
+        public void BlockUpdate(
+            byte[]  input,
+            int     inOff,
+            int     length)
+        {
+            //
+            // fill the current word
+            //
+            while ((bOff != 0) && (length > 0))
+            {
+                Update(input[inOff]);
+
+                inOff++;
+                length--;
+            }
+
+            //
+            // process whole words.
+            //
+            while (length > 8)
+            {
+                ProcessWord(input, inOff);
+
+                inOff += 8;
+                length -= 8;
+                byteCount += 8;
+            }
+
+            //
+            // load in the remainder.
+            //
+            while (length > 0)
+            {
+                Update(input[inOff]);
+
+                inOff++;
+                length--;
+            }
+        }
+
+        private void RoundABC(
+            long    x,
+            long    mul)
+        {
+            c ^= x ;
+            a -= t1[(int)c & 0xff] ^ t2[(int)(c >> 16) & 0xff]
+                    ^ t3[(int)(c >> 32) & 0xff] ^ t4[(int)(c >> 48) & 0xff];
+            b += t4[(int)(c >> 8) & 0xff] ^ t3[(int)(c >> 24) & 0xff]
+                    ^ t2[(int)(c >> 40) & 0xff] ^ t1[(int)(c >> 56) & 0xff];
+            b *= mul;
+        }
+
+        private void RoundBCA(
+            long    x,
+            long    mul)
+        {
+            a ^= x ;
+            b -= t1[(int)a & 0xff] ^ t2[(int)(a >> 16) & 0xff]
+                    ^ t3[(int)(a >> 32) & 0xff] ^ t4[(int)(a >> 48) & 0xff];
+            c += t4[(int)(a >> 8) & 0xff] ^ t3[(int)(a >> 24) & 0xff]
+                    ^ t2[(int)(a >> 40) & 0xff] ^ t1[(int)(a >> 56) & 0xff];
+            c *= mul;
+        }
+
+        private void RoundCAB(
+            long    x,
+            long    mul)
+        {
+            b ^= x ;
+            c -= t1[(int)b & 0xff] ^ t2[(int)(b >> 16) & 0xff]
+                    ^ t3[(int)(b >> 32) & 0xff] ^ t4[(int)(b >> 48) & 0xff];
+            a += t4[(int)(b >> 8) & 0xff] ^ t3[(int)(b >> 24) & 0xff]
+                    ^ t2[(int)(b >> 40) & 0xff] ^ t1[(int)(b >> 56) & 0xff];
+            a *= mul;
+        }
+
+        private void KeySchedule()
+        {
+            x[0] -= x[7] ^ unchecked ((long) 0xA5A5A5A5A5A5A5A5L);
+            x[1] ^= x[0];
+            x[2] += x[1];
+            x[3] -= x[2] ^ ((~x[1]) << 19);
+            x[4] ^= x[3];
+            x[5] += x[4];
+            x[6] -= x[5] ^ (long) ((ulong) (~x[4]) >> 23);
+            x[7] ^= x[6];
+            x[0] += x[7];
+            x[1] -= x[0] ^ ((~x[7]) << 19);
+            x[2] ^= x[1];
+            x[3] += x[2];
+            x[4] -= x[3] ^ (long) ((ulong) (~x[2]) >> 23);
+            x[5] ^= x[4];
+            x[6] += x[5];
+            x[7] -= x[6] ^ 0x0123456789ABCDEFL;
+        }
+
+        private void ProcessBlock()
+        {
+            //
+            // save abc
+            //
+            long aa = a;
+            long bb = b;
+            long cc = c;
+
+            //
+            // rounds and schedule
+            //
+            RoundABC(x[0], 5);
+            RoundBCA(x[1], 5);
+            RoundCAB(x[2], 5);
+            RoundABC(x[3], 5);
+            RoundBCA(x[4], 5);
+            RoundCAB(x[5], 5);
+            RoundABC(x[6], 5);
+            RoundBCA(x[7], 5);
+
+            KeySchedule();
+
+            RoundCAB(x[0], 7);
+            RoundABC(x[1], 7);
+            RoundBCA(x[2], 7);
+            RoundCAB(x[3], 7);
+            RoundABC(x[4], 7);
+            RoundBCA(x[5], 7);
+            RoundCAB(x[6], 7);
+            RoundABC(x[7], 7);
+
+            KeySchedule();
+
+            RoundBCA(x[0], 9);
+            RoundCAB(x[1], 9);
+            RoundABC(x[2], 9);
+            RoundBCA(x[3], 9);
+            RoundCAB(x[4], 9);
+            RoundABC(x[5], 9);
+            RoundBCA(x[6], 9);
+            RoundCAB(x[7], 9);
+
+            //
+            // feed forward
+            //
+            a ^= aa;
+            b -= bb;
+            c += cc;
+
+            //
+            // clear the x buffer
+            //
+            xOff = 0;
+            for (int i = 0; i != x.Length; i++)
+            {
+                x[i] = 0;
+            }
+        }
+
+        private void UnpackWord(
+            long    r,
+            byte[]  output,
+            int     outOff)
+        {
+            output[outOff + 7]     = (byte)(r >> 56);
+            output[outOff + 6] = (byte)(r >> 48);
+            output[outOff + 5] = (byte)(r >> 40);
+            output[outOff + 4] = (byte)(r >> 32);
+            output[outOff + 3] = (byte)(r >> 24);
+            output[outOff + 2] = (byte)(r >> 16);
+            output[outOff + 1] = (byte)(r >> 8);
+            output[outOff] = (byte)r;
+        }
+
+        private void ProcessLength(
+            long    bitLength)
+        {
+            x[7] = bitLength;
+        }
+
+        private void Finish()
+        {
+            long    bitLength = (byteCount << 3);
+
+            Update((byte)0x01);
+
+            while (bOff != 0)
+            {
+                Update((byte)0);
+            }
+
+            ProcessLength(bitLength);
+
+            ProcessBlock();
+        }
+
+        public int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            Finish();
+
+            UnpackWord(a, output, outOff);
+            UnpackWord(b, output, outOff + 8);
+            UnpackWord(c, output, outOff + 16);
+
+            Reset();
+
+            return DigestLength;
+        }
+
+        /**
+        * reset the chaining variables
+        */
+        public void Reset()
+        {
+            a = unchecked((long) 0x0123456789ABCDEFL);
+            b = unchecked((long) 0xFEDCBA9876543210L);
+            c = unchecked((long) 0xF096A5B4C3B2E187L);
+
+            xOff = 0;
+            for (int i = 0; i != x.Length; i++)
+            {
+                x[i] = 0;
+            }
+
+            bOff = 0;
+            for (int i = 0; i != Buffer.Length; i++)
+            {
+                Buffer[i] = 0;
+            }
+
+            byteCount = 0;
+        }
+
+		public IMemoable Copy()
+		{
+			return new TigerDigest(this);
+		}
+
+		public void Reset(IMemoable other)
+		{
+			TigerDigest t = (TigerDigest)other;
+
+			a = t.a;
+			b = t.b;
+			c = t.c;
+
+			Array.Copy(t.x, 0, x, 0, t.x.Length);
+			xOff = t.xOff;
+
+			Array.Copy(t.Buffer, 0, Buffer, 0, t.Buffer.Length);
+			bOff = t.bOff;
+
+			byteCount = t.byteCount;
+		}    
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/digests/WhirlpoolDigest.cs b/bc-sharp-crypto/src/crypto/digests/WhirlpoolDigest.cs
new file mode 100644
index 0000000..55b7120
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/digests/WhirlpoolDigest.cs
@@ -0,0 +1,413 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Digests
+{
+	/**
+	* Implementation of WhirlpoolDigest, based on Java source published by Barreto
+	* and Rijmen.
+	*
+	*/
+	public sealed class WhirlpoolDigest
+		: IDigest, IMemoable
+	{
+		private const int BYTE_LENGTH = 64;
+
+		private const int DIGEST_LENGTH_BYTES = 512 / 8;
+		private const int ROUNDS = 10;
+		private const int REDUCTION_POLYNOMIAL = 0x011d; // 2^8 + 2^4 + 2^3 + 2 + 1;
+
+		private static readonly int[] SBOX =
+		{
+			0x18, 0x23, 0xc6, 0xe8, 0x87, 0xb8, 0x01, 0x4f, 0x36, 0xa6, 0xd2, 0xf5, 0x79, 0x6f, 0x91, 0x52,
+			0x60, 0xbc, 0x9b, 0x8e, 0xa3, 0x0c, 0x7b, 0x35, 0x1d, 0xe0, 0xd7, 0xc2, 0x2e, 0x4b, 0xfe, 0x57,
+			0x15, 0x77, 0x37, 0xe5, 0x9f, 0xf0, 0x4a, 0xda, 0x58, 0xc9, 0x29, 0x0a, 0xb1, 0xa0, 0x6b, 0x85,
+			0xbd, 0x5d, 0x10, 0xf4, 0xcb, 0x3e, 0x05, 0x67, 0xe4, 0x27, 0x41, 0x8b, 0xa7, 0x7d, 0x95, 0xd8,
+			0xfb, 0xee, 0x7c, 0x66, 0xdd, 0x17, 0x47, 0x9e, 0xca, 0x2d, 0xbf, 0x07, 0xad, 0x5a, 0x83, 0x33,
+			0x63, 0x02, 0xaa, 0x71, 0xc8, 0x19, 0x49, 0xd9, 0xf2, 0xe3, 0x5b, 0x88, 0x9a, 0x26, 0x32, 0xb0,
+			0xe9, 0x0f, 0xd5, 0x80, 0xbe, 0xcd, 0x34, 0x48, 0xff, 0x7a, 0x90, 0x5f, 0x20, 0x68, 0x1a, 0xae,
+			0xb4, 0x54, 0x93, 0x22, 0x64, 0xf1, 0x73, 0x12, 0x40, 0x08, 0xc3, 0xec, 0xdb, 0xa1, 0x8d, 0x3d,
+			0x97, 0x00, 0xcf, 0x2b, 0x76, 0x82, 0xd6, 0x1b, 0xb5, 0xaf, 0x6a, 0x50, 0x45, 0xf3, 0x30, 0xef,
+			0x3f, 0x55, 0xa2, 0xea, 0x65, 0xba, 0x2f, 0xc0, 0xde, 0x1c, 0xfd, 0x4d, 0x92, 0x75, 0x06, 0x8a,
+			0xb2, 0xe6, 0x0e, 0x1f, 0x62, 0xd4, 0xa8, 0x96, 0xf9, 0xc5, 0x25, 0x59, 0x84, 0x72, 0x39, 0x4c,
+			0x5e, 0x78, 0x38, 0x8c, 0xd1, 0xa5, 0xe2, 0x61, 0xb3, 0x21, 0x9c, 0x1e, 0x43, 0xc7, 0xfc, 0x04,
+			0x51, 0x99, 0x6d, 0x0d, 0xfa, 0xdf, 0x7e, 0x24, 0x3b, 0xab, 0xce, 0x11, 0x8f, 0x4e, 0xb7, 0xeb,
+			0x3c, 0x81, 0x94, 0xf7, 0xb9, 0x13, 0x2c, 0xd3, 0xe7, 0x6e, 0xc4, 0x03, 0x56, 0x44, 0x7f, 0xa9,
+			0x2a, 0xbb, 0xc1, 0x53, 0xdc, 0x0b, 0x9d, 0x6c, 0x31, 0x74, 0xf6, 0x46, 0xac, 0x89, 0x14, 0xe1,
+			0x16, 0x3a, 0x69, 0x09, 0x70, 0xb6, 0xd0, 0xed, 0xcc, 0x42, 0x98, 0xa4, 0x28, 0x5c, 0xf8, 0x86
+		};
+
+		private static readonly long[] C0 = new long[256];
+		private static readonly long[] C1 = new long[256];
+		private static readonly long[] C2 = new long[256];
+		private static readonly long[] C3 = new long[256];
+		private static readonly long[] C4 = new long[256];
+		private static readonly long[] C5 = new long[256];
+		private static readonly long[] C6 = new long[256];
+		private static readonly long[] C7 = new long[256];
+
+		private readonly long[] _rc = new long[ROUNDS + 1];
+
+		/*
+			* increment() can be implemented in this way using 2 arrays or
+			* by having some temporary variables that are used to set the
+			* value provided by EIGHT[i] and carry within the loop.
+			*
+			* not having done any timing, this seems likely to be faster
+			* at the slight expense of 32*(sizeof short) bytes
+			*/
+		private static readonly short[] EIGHT = new short[BITCOUNT_ARRAY_SIZE];
+
+		static WhirlpoolDigest()
+		{
+			EIGHT[BITCOUNT_ARRAY_SIZE - 1] = 8;
+
+			for (int i = 0; i < 256; i++)
+			{
+				int v1 = SBOX[i];
+				int v2 = maskWithReductionPolynomial(v1 << 1);
+				int v4 = maskWithReductionPolynomial(v2 << 1);
+				int v5 = v4 ^ v1;
+				int v8 = maskWithReductionPolynomial(v4 << 1);
+				int v9 = v8 ^ v1;
+
+				C0[i] = packIntoLong(v1, v1, v4, v1, v8, v5, v2, v9);
+				C1[i] = packIntoLong(v9, v1, v1, v4, v1, v8, v5, v2);
+				C2[i] = packIntoLong(v2, v9, v1, v1, v4, v1, v8, v5);
+				C3[i] = packIntoLong(v5, v2, v9, v1, v1, v4, v1, v8);
+				C4[i] = packIntoLong(v8, v5, v2, v9, v1, v1, v4, v1);
+				C5[i] = packIntoLong(v1, v8, v5, v2, v9, v1, v1, v4);
+				C6[i] = packIntoLong(v4, v1, v8, v5, v2, v9, v1, v1);
+				C7[i] = packIntoLong(v1, v4, v1, v8, v5, v2, v9, v1);
+			}
+		}
+
+		public WhirlpoolDigest()
+		{
+			_rc[0] = 0L;
+			for (int r = 1; r <= ROUNDS; r++)
+			{
+				int i = 8 * (r - 1);
+				_rc[r] = (long)((ulong)C0[i] & 0xff00000000000000L) ^
+					(C1[i + 1] & (long) 0x00ff000000000000L) ^
+					(C2[i + 2] & (long) 0x0000ff0000000000L) ^
+					(C3[i + 3] & (long) 0x000000ff00000000L) ^
+					(C4[i + 4] & (long) 0x00000000ff000000L) ^
+					(C5[i + 5] & (long) 0x0000000000ff0000L) ^
+					(C6[i + 6] & (long) 0x000000000000ff00L) ^
+					(C7[i + 7] & (long) 0x00000000000000ffL);
+			}
+		}
+
+		private static long packIntoLong(int b7, int b6, int b5, int b4, int b3, int b2, int b1, int b0)
+		{
+			return
+				((long)b7 << 56) ^
+				((long)b6 << 48) ^
+				((long)b5 << 40) ^
+				((long)b4 << 32) ^
+				((long)b3 << 24) ^
+				((long)b2 << 16) ^
+				((long)b1 <<  8) ^
+				b0;
+		}
+
+		/*
+			* int's are used to prevent sign extension.  The values that are really being used are
+			* actually just 0..255
+			*/
+		private static int maskWithReductionPolynomial(int input)
+		{
+			int rv = input;
+			if (rv >= 0x100L) // high bit set
+			{
+				rv ^= REDUCTION_POLYNOMIAL; // reduced by the polynomial
+			}
+			return rv;
+		}
+
+		// --------------------------------------------------------------------------------------//
+
+		// -- buffer information --
+		private const int BITCOUNT_ARRAY_SIZE = 32;
+		private byte[]  _buffer    = new byte[64];
+		private int     _bufferPos;
+		private short[] _bitCount  = new short[BITCOUNT_ARRAY_SIZE];
+
+		// -- internal hash state --
+		private long[] _hash  = new long[8];
+		private long[] _K = new long[8]; // the round key
+		private long[] _L = new long[8];
+		private long[] _block = new long[8]; // mu (buffer)
+		private long[] _state = new long[8]; // the current "cipher" state
+
+
+
+		/**
+			* Copy constructor. This will copy the state of the provided message
+			* digest.
+			*/
+		public WhirlpoolDigest(WhirlpoolDigest originalDigest)
+		{
+			Reset(originalDigest);
+		}
+
+		public string AlgorithmName
+		{
+			get { return "Whirlpool"; }
+		}
+
+		public int GetDigestSize()
+		{
+			return DIGEST_LENGTH_BYTES;
+		}
+
+		public int DoFinal(byte[] output, int outOff)
+		{
+			// sets output[outOff] .. output[outOff+DIGEST_LENGTH_BYTES]
+			finish();
+
+			for (int i = 0; i < 8; i++)
+			{
+				convertLongToByteArray(_hash[i], output, outOff + (i * 8));
+			}
+
+			Reset();
+
+			return GetDigestSize();
+		}
+
+		/**
+			* Reset the chaining variables
+			*/
+		public void Reset()
+		{
+			// set variables to null, blank, whatever
+			_bufferPos = 0;
+			Array.Clear(_bitCount, 0, _bitCount.Length);
+			Array.Clear(_buffer, 0, _buffer.Length);
+			Array.Clear(_hash, 0, _hash.Length);
+			Array.Clear(_K, 0, _K.Length);
+			Array.Clear(_L, 0, _L.Length);
+			Array.Clear(_block, 0, _block.Length);
+			Array.Clear(_state, 0, _state.Length);
+		}
+
+		// this takes a buffer of information and fills the block
+		private void processFilledBuffer()
+		{
+			// copies into the block...
+			for (int i = 0; i < _state.Length; i++)
+			{
+				_block[i] = bytesToLongFromBuffer(_buffer, i * 8);
+			}
+			processBlock();
+			_bufferPos = 0;
+			Array.Clear(_buffer, 0, _buffer.Length);
+		}
+
+		private static long bytesToLongFromBuffer(byte[] buffer, int startPos)
+		{
+			long rv = (((buffer[startPos + 0] & 0xffL) << 56) |
+				((buffer[startPos + 1] & 0xffL) << 48) |
+				((buffer[startPos + 2] & 0xffL) << 40) |
+				((buffer[startPos + 3] & 0xffL) << 32) |
+				((buffer[startPos + 4] & 0xffL) << 24) |
+				((buffer[startPos + 5] & 0xffL) << 16) |
+				((buffer[startPos + 6] & 0xffL) <<  8) |
+				((buffer[startPos + 7]) & 0xffL));
+
+			return rv;
+		}
+
+		private static void convertLongToByteArray(long inputLong, byte[] outputArray, int offSet)
+		{
+			for (int i = 0; i < 8; i++)
+			{
+				outputArray[offSet + i] = (byte)((inputLong >> (56 - (i * 8))) & 0xff);
+			}
+		}
+
+		private void processBlock()
+		{
+			// buffer contents have been transferred to the _block[] array via
+			// processFilledBuffer
+
+			// compute and apply K^0
+			for (int i = 0; i < 8; i++)
+			{
+				_state[i] = _block[i] ^ (_K[i] = _hash[i]);
+			}
+
+			// iterate over the rounds
+			for (int round = 1; round <= ROUNDS; round++)
+			{
+				for (int i = 0; i < 8; i++)
+				{
+					_L[i] = 0;
+					_L[i] ^= C0[(int)(_K[(i - 0) & 7] >> 56) & 0xff];
+					_L[i] ^= C1[(int)(_K[(i - 1) & 7] >> 48) & 0xff];
+					_L[i] ^= C2[(int)(_K[(i - 2) & 7] >> 40) & 0xff];
+					_L[i] ^= C3[(int)(_K[(i - 3) & 7] >> 32) & 0xff];
+					_L[i] ^= C4[(int)(_K[(i - 4) & 7] >> 24) & 0xff];
+					_L[i] ^= C5[(int)(_K[(i - 5) & 7] >> 16) & 0xff];
+					_L[i] ^= C6[(int)(_K[(i - 6) & 7] >>  8) & 0xff];
+					_L[i] ^= C7[(int)(_K[(i - 7) & 7]) & 0xff];
+				}
+
+				Array.Copy(_L, 0, _K, 0, _K.Length);
+
+				_K[0] ^= _rc[round];
+
+				// apply the round transformation
+				for (int i = 0; i < 8; i++)
+				{
+					_L[i] = _K[i];
+
+					_L[i] ^= C0[(int)(_state[(i - 0) & 7] >> 56) & 0xff];
+					_L[i] ^= C1[(int)(_state[(i - 1) & 7] >> 48) & 0xff];
+					_L[i] ^= C2[(int)(_state[(i - 2) & 7] >> 40) & 0xff];
+					_L[i] ^= C3[(int)(_state[(i - 3) & 7] >> 32) & 0xff];
+					_L[i] ^= C4[(int)(_state[(i - 4) & 7] >> 24) & 0xff];
+					_L[i] ^= C5[(int)(_state[(i - 5) & 7] >> 16) & 0xff];
+					_L[i] ^= C6[(int)(_state[(i - 6) & 7] >> 8) & 0xff];
+					_L[i] ^= C7[(int)(_state[(i - 7) & 7]) & 0xff];
+				}
+
+				// save the current state
+				Array.Copy(_L, 0, _state, 0, _state.Length);
+			}
+
+			// apply Miuaguchi-Preneel compression
+			for (int i = 0; i < 8; i++)
+			{
+				_hash[i] ^= _state[i] ^ _block[i];
+			}
+
+		}
+
+		public void Update(byte input)
+		{
+			_buffer[_bufferPos] = input;
+
+			//Console.WriteLine("adding to buffer = "+_buffer[_bufferPos]);
+
+			++_bufferPos;
+
+			if (_bufferPos == _buffer.Length)
+			{
+				processFilledBuffer();
+			}
+
+			increment();
+		}
+
+		private void increment()
+		{
+			int carry = 0;
+			for (int i = _bitCount.Length - 1; i >= 0; i--)
+			{
+				int sum = (_bitCount[i] & 0xff) + EIGHT[i] + carry;
+
+				carry = sum >> 8;
+				_bitCount[i] = (short)(sum & 0xff);
+			}
+		}
+
+		public void BlockUpdate(byte[] input, int inOff, int length)
+		{
+			while (length > 0)
+			{
+				Update(input[inOff]);
+				++inOff;
+				--length;
+			}
+
+		}
+
+		private void finish()
+		{
+			/*
+				* this makes a copy of the current bit length. at the expense of an
+				* object creation of 32 bytes rather than providing a _stopCounting
+				* boolean which was the alternative I could think of.
+				*/
+			byte[] bitLength = copyBitLength();
+
+			_buffer[_bufferPos++] |= 0x80;
+
+			if (_bufferPos == _buffer.Length)
+			{
+				processFilledBuffer();
+			}
+
+			/*
+				* Final block contains
+				* [ ... data .... ][0][0][0][ length ]
+				*
+				* if [ length ] cannot fit.  Need to create a new block.
+				*/
+			if (_bufferPos > 32)
+			{
+				while (_bufferPos != 0)
+				{
+					Update((byte)0);
+				}
+			}
+
+			while (_bufferPos <= 32)
+			{
+				Update((byte)0);
+			}
+
+			// copy the length information to the final 32 bytes of the
+			// 64 byte block....
+			Array.Copy(bitLength, 0, _buffer, 32, bitLength.Length);
+
+			processFilledBuffer();
+		}
+
+		private byte[] copyBitLength()
+		{
+			byte[] rv = new byte[BITCOUNT_ARRAY_SIZE];
+			for (int i = 0; i < rv.Length; i++)
+			{
+				rv[i] = (byte)(_bitCount[i] & 0xff);
+			}
+			return rv;
+		}
+
+		public int GetByteLength()
+		{
+			return BYTE_LENGTH;
+		}
+
+		public IMemoable Copy()
+		{
+			return new WhirlpoolDigest(this);
+		}
+
+		public void Reset(IMemoable other)
+		{
+			WhirlpoolDigest originalDigest = (WhirlpoolDigest)other;
+
+			Array.Copy(originalDigest._rc, 0, _rc, 0, _rc.Length);
+
+			Array.Copy(originalDigest._buffer, 0, _buffer, 0, _buffer.Length);
+
+			this._bufferPos = originalDigest._bufferPos;
+			Array.Copy(originalDigest._bitCount, 0, _bitCount, 0, _bitCount.Length);
+
+			// -- internal hash state --
+			Array.Copy(originalDigest._hash, 0, _hash, 0, _hash.Length);
+			Array.Copy(originalDigest._K, 0, _K, 0, _K.Length);
+			Array.Copy(originalDigest._L, 0, _L, 0, _L.Length);
+			Array.Copy(originalDigest._block, 0, _block, 0, _block.Length);
+			Array.Copy(originalDigest._state, 0, _state, 0, _state.Length);
+		}
+
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/ec/CustomNamedCurves.cs b/bc-sharp-crypto/src/crypto/ec/CustomNamedCurves.cs
new file mode 100644
index 0000000..4b7600e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/ec/CustomNamedCurves.cs
@@ -0,0 +1,913 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.GM;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Custom.Djb;
+using Org.BouncyCastle.Math.EC.Custom.GM;
+using Org.BouncyCastle.Math.EC.Custom.Sec;
+using Org.BouncyCastle.Math.EC.Endo;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.EC
+{
+    public sealed class CustomNamedCurves
+    {
+        private CustomNamedCurves()
+        {
+        }
+
+        private static BigInteger FromHex(string hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        private static ECCurve ConfigureCurve(ECCurve curve)
+        {
+            return curve;
+        }
+
+        private static ECCurve ConfigureCurveGlv(ECCurve c, GlvTypeBParameters p)
+        {
+            return c.Configure().SetEndomorphism(new GlvTypeBEndomorphism(c, p)).Create();
+        }
+
+        /*
+         * curve25519
+         */
+        internal class Curve25519Holder
+            : X9ECParametersHolder
+        {
+            private Curve25519Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new Curve25519Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new Curve25519());
+
+                /*
+                 * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
+                 * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
+                 * 
+                 * The Curve25519 paper doesn't say which of the two possible y values the base
+                 * point has. The choice here is guided by language in the Ed25519 paper.
+                 * 
+                 * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 
+                 */
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
+                    + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
+
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp128r1
+         */
+        internal class SecP128R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP128R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP128R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("000E0D4D696E6768756151750CC03A4473D03679");
+                ECCurve curve = ConfigureCurve(new SecP128R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "161FF7528B899B2D0C28607CA52C5B86"
+                    + "CF5AC8395BAFEB13C02DA292DDED7A83"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * secp160k1
+         */
+        internal class SecP160K1Holder
+            : X9ECParametersHolder
+        {
+            private SecP160K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP160K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
+                    new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
+                    new BigInteger[]{
+                        new BigInteger("9162fbe73984472a0a9e", 16),
+                        new BigInteger("-96341f1138933bc2f505", 16) },
+                    new BigInteger[]{
+                        new BigInteger("127971af8721782ecffa3", 16),
+                        new BigInteger("9162fbe73984472a0a9e", 16) },
+                    new BigInteger("9162fbe73984472a0a9d0590", 16),
+                    new BigInteger("96341f1138933bc2f503fd44", 16),
+                    176);
+                ECCurve curve = ConfigureCurveGlv(new SecP160K1Curve(), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+                    + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * secp160r1
+         */
+        internal class SecP160R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP160R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP160R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("1053CDE42C14D696E67687561517533BF3F83345");
+                ECCurve curve = ConfigureCurve(new SecP160R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "4A96B5688EF573284664698968C38BB913CBFC82"
+                    + "23A628553168947D59DCC912042351377AC5FB32"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * secp160r2
+         */
+        internal class SecP160R2Holder
+            : X9ECParametersHolder
+        {
+            private SecP160R2Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP160R2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("B99B99B099B323E02709A4D696E6768756151751");
+                ECCurve curve = ConfigureCurve(new SecP160R2Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
+                    + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * secp192k1
+         */
+        internal class SecP192K1Holder
+            : X9ECParametersHolder
+        {
+            private SecP192K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP192K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16),
+                    new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
+                    new BigInteger[]{
+                        new BigInteger("71169be7330b3038edb025f1", 16),
+                        new BigInteger("-b3fb3400dec5c4adceb8655c", 16) },
+                    new BigInteger[]{
+                        new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
+                        new BigInteger("71169be7330b3038edb025f1", 16) },
+                    new BigInteger("71169be7330b3038edb025f1d0f9", 16),
+                    new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16),
+                    208);
+                ECCurve curve = ConfigureCurveGlv(new SecP192K1Curve(), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+                    + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp192r1
+         */
+        internal class SecP192R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP192R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP192R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("3045AE6FC8422F64ED579528D38120EAE12196D5");
+                ECCurve curve = ConfigureCurve(new SecP192R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"
+                    + "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp224k1
+         */
+        internal class SecP224K1Holder
+            : X9ECParametersHolder
+        {
+            private SecP224K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP224K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16),
+                    new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
+                    new BigInteger[]{
+                        new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
+                        new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) },
+                    new BigInteger[]{
+                        new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
+                        new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) },
+                    new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16),
+                    new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16),
+                    240);
+                ECCurve curve = ConfigureCurveGlv(new SecP224K1Curve(), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"
+                    + "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp224r1
+         */
+        internal class SecP224R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP224R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP224R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5");
+                ECCurve curve = ConfigureCurve(new SecP224R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"
+                    + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp256k1
+         */
+        internal class SecP256K1Holder
+            : X9ECParametersHolder
+        {
+            private SecP256K1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new SecP256K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                GlvTypeBParameters glv = new GlvTypeBParameters(
+                    new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16),
+                    new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
+                    new BigInteger[]{
+                        new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
+                        new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) },
+                    new BigInteger[]{
+                        new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
+                        new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) },
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16),
+                    new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16),
+                    272);
+                ECCurve curve = ConfigureCurveGlv(new SecP256K1Curve(), glv);
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
+                    + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp256r1
+         */
+        internal class SecP256R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP256R1Holder() {}
+
+            internal static readonly X9ECParametersHolder Instance = new SecP256R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("C49D360886E704936A6678E1139D26B7819F7E90");
+                ECCurve curve = ConfigureCurve(new SecP256R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+                    + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp384r1
+         */
+        internal class SecP384R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP384R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP384R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("A335926AA319A27A1D00896A6773A4827ACDAC73");
+                ECCurve curve = ConfigureCurve(new SecP384R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"
+                    + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * secp521r1
+         */
+        internal class SecP521R1Holder
+            : X9ECParametersHolder
+        {
+            private SecP521R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecP521R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("D09E8800291CB85396CC6717393284AAA0DA64BA");
+                ECCurve curve = ConfigureCurve(new SecP521R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"
+                    + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+        /*
+         * sect113r1
+         */
+        internal class SecT113R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT113R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT113R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
+                ECCurve curve = ConfigureCurve(new SecT113R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "009D73616F35F4AB1407D73562C10F"
+                    + "00A52830277958EE84D1315ED31886"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect113r2
+         */
+        internal class SecT113R2Holder
+            : X9ECParametersHolder
+        {
+            private SecT113R2Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT113R2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("10C0FB15760860DEF1EEF4D696E676875615175D");
+                ECCurve curve = ConfigureCurve(new SecT113R2Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "01A57A6A7B26CA5EF52FCDB8164797"
+                    + "00B3ADC94ED1FE674C06E695BABA1D"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect131r1
+         */
+        internal class SecT131R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT131R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT131R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("4D696E676875615175985BD3ADBADA21B43A97E2");
+                ECCurve curve = ConfigureCurve(new SecT131R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0081BAF91FDF9833C40F9C181343638399"
+                    + "078C6E7EA38C001F73C8134B1B4EF9E150"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect131r2
+         */
+        internal class SecT131R2Holder
+            : X9ECParametersHolder
+        {
+            private SecT131R2Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT131R2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
+                ECCurve curve = ConfigureCurve(new SecT131R2Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0356DCD8F2F95031AD652D23951BB366A8"
+                    + "0648F06D867940A5366D9E265DE9EB240F"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect163k1
+         */
+        internal class SecT163K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT163K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT163K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT163K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
+                    + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect163r1
+         */
+        internal class SecT163R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT163R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT163R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
+                ECCurve curve = ConfigureCurve(new SecT163R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0369979697AB43897789566789567F787A7876A654"
+                    + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect163r2
+         */
+        internal class SecT163R2Holder
+            : X9ECParametersHolder
+        {
+            private SecT163R2Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT163R2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
+                ECCurve curve = ConfigureCurve(new SecT163R2Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
+                    + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect193r1
+         */
+        internal class SecT193R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT193R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT193R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("103FAEC74D696E676875615175777FC5B191EF30");
+                ECCurve curve = ConfigureCurve(new SecT193R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
+                    + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect193r2
+         */
+        internal class SecT193R2Holder
+            : X9ECParametersHolder
+        {
+            private SecT193R2Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT193R2Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("10B7B4D696E676875615175137C8A16FD0DA2211");
+                ECCurve curve = ConfigureCurve(new SecT193R2Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
+                    + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect233k1
+         */
+        internal class SecT233K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT233K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT233K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT233K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
+                    + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect233r1
+         */
+        internal class SecT233R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT233R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT233R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
+                ECCurve curve = ConfigureCurve(new SecT233R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
+                    + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect239k1
+         */
+        internal class SecT239K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT239K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT239K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT239K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
+                    + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect283k1
+         */
+        internal class SecT283K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT283K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT283K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT283K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+                    + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect283r1
+         */
+        internal class SecT283R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT283R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT283R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
+                ECCurve curve = ConfigureCurve(new SecT283R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+                    + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect409k1
+         */
+        internal class SecT409K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT409K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT409K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT409K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+                    + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect409r1
+         */
+        internal class SecT409R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT409R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT409R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
+                ECCurve curve = ConfigureCurve(new SecT409R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+                    + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect571k1
+         */
+        internal class SecT571K1Holder
+            : X9ECParametersHolder
+        {
+            private SecT571K1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT571K1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SecT571K1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+                    + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sect571r1
+         */
+        internal class SecT571R1Holder
+            : X9ECParametersHolder
+        {
+            private SecT571R1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SecT571R1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = Hex.Decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
+                ECCurve curve = ConfigureCurve(new SecT571R1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+                    + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        };
+
+        /*
+         * sm2p256v1
+         */
+        internal class SM2P256V1Holder
+            : X9ECParametersHolder
+        {
+            private SM2P256V1Holder() { }
+
+            internal static readonly X9ECParametersHolder Instance = new SM2P256V1Holder();
+
+            protected override X9ECParameters CreateParameters()
+            {
+                byte[] S = null;
+                ECCurve curve = ConfigureCurve(new SM2P256V1Curve());
+                X9ECPoint G = new X9ECPoint(curve, Hex.Decode("04"
+                    + "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
+                    + "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"));
+                return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S);
+            }
+        }
+
+
+        private static readonly IDictionary nameToCurve = Platform.CreateHashtable();
+        private static readonly IDictionary nameToOid = Platform.CreateHashtable();
+        private static readonly IDictionary oidToCurve = Platform.CreateHashtable();
+        private static readonly IDictionary oidToName = Platform.CreateHashtable();
+        private static readonly IList names = Platform.CreateArrayList();
+
+        private static void DefineCurve(string name, X9ECParametersHolder holder)
+        {
+            names.Add(name);
+            name = Platform.ToUpperInvariant(name);
+            nameToCurve.Add(name, holder);
+        }
+
+        private static void DefineCurveWithOid(string name, DerObjectIdentifier oid, X9ECParametersHolder holder)
+        {
+            names.Add(name);
+            oidToName.Add(oid, name);
+            oidToCurve.Add(oid, holder);
+            name = Platform.ToUpperInvariant(name);
+            nameToOid.Add(name, oid);
+            nameToCurve.Add(name, holder);
+        }
+
+        private static void DefineCurveAlias(string name, DerObjectIdentifier oid)
+        {
+            object curve = oidToCurve[oid];
+            if (curve == null)
+                throw new InvalidOperationException();
+
+            name = Platform.ToUpperInvariant(name);
+            nameToOid.Add(name, oid);
+            nameToCurve.Add(name, curve);
+        }
+
+        static CustomNamedCurves()
+        {
+            DefineCurve("curve25519", Curve25519Holder.Instance);
+
+            //DefineCurveWithOid("secp112r1", SecObjectIdentifiers.SecP112r1, SecP112R1Holder.Instance);
+            //DefineCurveWithOid("secp112r2", SecObjectIdentifiers.SecP112r2, SecP112R2Holder.Instance);
+            DefineCurveWithOid("secp128r1", SecObjectIdentifiers.SecP128r1, SecP128R1Holder.Instance);
+            //DefineCurveWithOid("secp128r2", SecObjectIdentifiers.SecP128r2, SecP128R2Holder.Instance);
+            DefineCurveWithOid("secp160k1", SecObjectIdentifiers.SecP160k1, SecP160K1Holder.Instance);
+            DefineCurveWithOid("secp160r1", SecObjectIdentifiers.SecP160r1, SecP160R1Holder.Instance);
+            DefineCurveWithOid("secp160r2", SecObjectIdentifiers.SecP160r2, SecP160R2Holder.Instance);
+            DefineCurveWithOid("secp192k1", SecObjectIdentifiers.SecP192k1, SecP192K1Holder.Instance);
+            DefineCurveWithOid("secp192r1", SecObjectIdentifiers.SecP192r1, SecP192R1Holder.Instance);
+            DefineCurveWithOid("secp224k1", SecObjectIdentifiers.SecP224k1, SecP224K1Holder.Instance);
+            DefineCurveWithOid("secp224r1", SecObjectIdentifiers.SecP224r1, SecP224R1Holder.Instance);
+            DefineCurveWithOid("secp256k1", SecObjectIdentifiers.SecP256k1, SecP256K1Holder.Instance);
+            DefineCurveWithOid("secp256r1", SecObjectIdentifiers.SecP256r1, SecP256R1Holder.Instance);
+            DefineCurveWithOid("secp384r1", SecObjectIdentifiers.SecP384r1, SecP384R1Holder.Instance);
+            DefineCurveWithOid("secp521r1", SecObjectIdentifiers.SecP521r1, SecP521R1Holder.Instance);
+
+            DefineCurveWithOid("sect113r1", SecObjectIdentifiers.SecT113r1, SecT113R1Holder.Instance);
+            DefineCurveWithOid("sect113r2", SecObjectIdentifiers.SecT113r2, SecT113R2Holder.Instance);
+            DefineCurveWithOid("sect131r1", SecObjectIdentifiers.SecT131r1, SecT131R1Holder.Instance);
+            DefineCurveWithOid("sect131r2", SecObjectIdentifiers.SecT131r2, SecT131R2Holder.Instance);
+            DefineCurveWithOid("sect163k1", SecObjectIdentifiers.SecT163k1, SecT163K1Holder.Instance);
+            DefineCurveWithOid("sect163r1", SecObjectIdentifiers.SecT163r1, SecT163R1Holder.Instance);
+            DefineCurveWithOid("sect163r2", SecObjectIdentifiers.SecT163r2, SecT163R2Holder.Instance);
+            DefineCurveWithOid("sect193r1", SecObjectIdentifiers.SecT193r1, SecT193R1Holder.Instance);
+            DefineCurveWithOid("sect193r2", SecObjectIdentifiers.SecT193r2, SecT193R2Holder.Instance);
+            DefineCurveWithOid("sect233k1", SecObjectIdentifiers.SecT233k1, SecT233K1Holder.Instance);
+            DefineCurveWithOid("sect233r1", SecObjectIdentifiers.SecT233r1, SecT233R1Holder.Instance);
+            DefineCurveWithOid("sect239k1", SecObjectIdentifiers.SecT239k1, SecT239K1Holder.Instance);
+            DefineCurveWithOid("sect283k1", SecObjectIdentifiers.SecT283k1, SecT283K1Holder.Instance);
+            DefineCurveWithOid("sect283r1", SecObjectIdentifiers.SecT283r1, SecT283R1Holder.Instance);
+            DefineCurveWithOid("sect409k1", SecObjectIdentifiers.SecT409k1, SecT409K1Holder.Instance);
+            DefineCurveWithOid("sect409r1", SecObjectIdentifiers.SecT409r1, SecT409R1Holder.Instance);
+            DefineCurveWithOid("sect571k1", SecObjectIdentifiers.SecT571k1, SecT571K1Holder.Instance);
+            DefineCurveWithOid("sect571r1", SecObjectIdentifiers.SecT571r1, SecT571R1Holder.Instance);
+
+            DefineCurveWithOid("sm2p256v1", GMObjectIdentifiers.sm2p256v1, SM2P256V1Holder.Instance);
+
+            DefineCurveAlias("B-163", SecObjectIdentifiers.SecT163r2);
+            DefineCurveAlias("B-233", SecObjectIdentifiers.SecT233r1);
+            DefineCurveAlias("B-283", SecObjectIdentifiers.SecT283r1);
+            DefineCurveAlias("B-409", SecObjectIdentifiers.SecT409r1);
+            DefineCurveAlias("B-571", SecObjectIdentifiers.SecT571r1);
+
+            DefineCurveAlias("K-163", SecObjectIdentifiers.SecT163k1);
+            DefineCurveAlias("K-233", SecObjectIdentifiers.SecT233k1);
+            DefineCurveAlias("K-283", SecObjectIdentifiers.SecT283k1);
+            DefineCurveAlias("K-409", SecObjectIdentifiers.SecT409k1);
+            DefineCurveAlias("K-571", SecObjectIdentifiers.SecT571k1);
+
+            DefineCurveAlias("P-192", SecObjectIdentifiers.SecP192r1);
+            DefineCurveAlias("P-224", SecObjectIdentifiers.SecP224r1);
+            DefineCurveAlias("P-256", SecObjectIdentifiers.SecP256r1);
+            DefineCurveAlias("P-384", SecObjectIdentifiers.SecP384r1);
+            DefineCurveAlias("P-521", SecObjectIdentifiers.SecP521r1);
+        }
+
+        public static X9ECParameters GetByName(string name)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)nameToCurve[Platform.ToUpperInvariant(name)];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the X9ECParameters object for the named curve represented by
+         * the passed in object identifier. Null if the curve isn't present.
+         *
+         * @param oid an object identifier representing a named curve, if present.
+         */
+        public static X9ECParameters GetByOid(DerObjectIdentifier oid)
+        {
+            X9ECParametersHolder holder = (X9ECParametersHolder)oidToCurve[oid];
+            return holder == null ? null : holder.Parameters;
+        }
+
+        /**
+         * return the object identifier signified by the passed in name. Null
+         * if there is no object identifier associated with name.
+         *
+         * @return the object identifier associated with name, if present.
+         */
+        public static DerObjectIdentifier GetOid(string name)
+        {
+            return (DerObjectIdentifier)nameToOid[Platform.ToUpperInvariant(name)];
+        }
+
+        /**
+         * return the named curve name represented by the given object identifier.
+         */
+        public static string GetName(DerObjectIdentifier oid)
+        {
+            return (string)oidToName[oid];
+        }
+
+        /**
+         * returns an enumeration containing the name strings for curves
+         * contained in this structure.
+         */
+        public static IEnumerable Names
+        {
+            get { return new EnumerableProxy(names); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/encodings/ISO9796d1Encoding.cs b/bc-sharp-crypto/src/crypto/encodings/ISO9796d1Encoding.cs
new file mode 100644
index 0000000..30e9883
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/encodings/ISO9796d1Encoding.cs
@@ -0,0 +1,273 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Encodings
+{
+	/**
+	* ISO 9796-1 padding. Note in the light of recent results you should
+	* only use this with RSA (rather than the "simpler" Rabin keys) and you
+	* should never use it with anything other than a hash (ie. even if the
+	* message is small don't sign the message, sign it's hash) or some "random"
+	* value. See your favorite search engine for details.
+	*/
+	public class ISO9796d1Encoding
+		: IAsymmetricBlockCipher
+	{
+		private static readonly BigInteger Sixteen = BigInteger.ValueOf(16);
+		private static readonly BigInteger Six = BigInteger.ValueOf(6);
+
+		private static readonly byte[] shadows = { 0xe, 0x3, 0x5, 0x8, 0x9, 0x4, 0x2, 0xf,
+			0x0, 0xd, 0xb, 0x6, 0x7, 0xa, 0xc, 0x1 };
+		private static readonly byte[] inverse = { 0x8, 0xf, 0x6, 0x1, 0x5, 0x2, 0xb, 0xc,
+			0x3, 0x4, 0xd, 0xa, 0xe, 0x9, 0x0, 0x7 };
+
+		private readonly IAsymmetricBlockCipher engine;
+		private bool forEncryption;
+		private int bitSize;
+		private int padBits = 0;
+		private BigInteger modulus;
+
+		public ISO9796d1Encoding(
+			IAsymmetricBlockCipher   cipher)
+		{
+			this.engine = cipher;
+		}
+
+		public string AlgorithmName
+		{
+			get { return engine.AlgorithmName + "/ISO9796-1Padding"; }
+		}
+
+		public IAsymmetricBlockCipher GetUnderlyingCipher()
+		{
+			return engine;
+		}
+
+		public void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			RsaKeyParameters kParam;
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+				kParam = (RsaKeyParameters)rParam.Parameters;
+			}
+			else
+			{
+				kParam = (RsaKeyParameters)parameters;
+			}
+
+			engine.Init(forEncryption, parameters);
+
+			modulus = kParam.Modulus;
+			bitSize = modulus.BitLength;
+
+			this.forEncryption = forEncryption;
+		}
+
+		/**
+		* return the input block size. The largest message we can process
+		* is (key_size_in_bits + 3)/16, which in our world comes to
+		* key_size_in_bytes / 2.
+		*/
+		public int GetInputBlockSize()
+		{
+			int baseBlockSize = engine.GetInputBlockSize();
+
+			if (forEncryption)
+			{
+				return (baseBlockSize + 1) / 2;
+			}
+			else
+			{
+				return baseBlockSize;
+			}
+		}
+
+		/**
+		* return the maximum possible size for the output.
+		*/
+		public int GetOutputBlockSize()
+		{
+			int baseBlockSize = engine.GetOutputBlockSize();
+
+			if (forEncryption)
+			{
+				return baseBlockSize;
+			}
+			else
+			{
+				return (baseBlockSize + 1) / 2;
+			}
+		}
+
+		/**
+		* set the number of bits in the next message to be treated as
+		* pad bits.
+		*/
+		public void SetPadBits(
+			int     padBits)
+		{
+			if (padBits > 7)
+			{
+				throw new ArgumentException("padBits > 7");
+			}
+
+			this.padBits = padBits;
+		}
+
+		/**
+		* retrieve the number of pad bits in the last decoded message.
+		*/
+		public int GetPadBits()
+		{
+			return padBits;
+		}
+
+		public byte[] ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (forEncryption)
+			{
+				return EncodeBlock(input, inOff, length);
+			}
+			else
+			{
+				return DecodeBlock(input, inOff, length);
+			}
+		}
+
+		private byte[] EncodeBlock(
+			byte[]	input,
+			int		inOff,
+			int		inLen)
+		{
+			byte[]  block = new byte[(bitSize + 7) / 8];
+			int     r = padBits + 1;
+			int     z = inLen;
+			int     t = (bitSize + 13) / 16;
+
+			for (int i = 0; i < t; i += z)
+			{
+				if (i > t - z)
+				{
+					Array.Copy(input, inOff + inLen - (t - i),
+						block, block.Length - t, t - i);
+				}
+				else
+				{
+					Array.Copy(input, inOff, block, block.Length - (i + z), z);
+				}
+			}
+
+			for (int i = block.Length - 2 * t; i != block.Length; i += 2)
+			{
+				byte val = block[block.Length - t + i / 2];
+
+				block[i] = (byte)((shadows[(uint) (val & 0xff) >> 4] << 4)
+					| shadows[val & 0x0f]);
+				block[i + 1] = val;
+			}
+
+			block[block.Length - 2 * z] ^= (byte) r;
+			block[block.Length - 1] = (byte)((block[block.Length - 1] << 4) | 0x06);
+
+			int maxBit = (8 - (bitSize - 1) % 8);
+			int offSet = 0;
+
+			if (maxBit != 8)
+			{
+				block[0] &= (byte) ((ushort) 0xff >> maxBit);
+				block[0] |= (byte) ((ushort) 0x80 >> maxBit);
+			}
+			else
+			{
+				block[0] = 0x00;
+				block[1] |= 0x80;
+				offSet = 1;
+			}
+
+			return engine.ProcessBlock(block, offSet, block.Length - offSet);
+		}
+
+		/**
+		* @exception InvalidCipherTextException if the decrypted block is not a valid ISO 9796 bit string
+		*/
+		private byte[] DecodeBlock(
+			byte[]	input,
+			int		inOff,
+			int		inLen)
+		{
+			byte[]  block = engine.ProcessBlock(input, inOff, inLen);
+			int     r = 1;
+			int     t = (bitSize + 13) / 16;
+
+			BigInteger iS = new BigInteger(1, block);
+			BigInteger iR;
+			if (iS.Mod(Sixteen).Equals(Six))
+			{
+				iR = iS;
+			}
+			else
+			{
+				iR = modulus.Subtract(iS);
+
+				if (!iR.Mod(Sixteen).Equals(Six))
+					throw new InvalidCipherTextException("resulting integer iS or (modulus - iS) is not congruent to 6 mod 16");
+			}
+
+			block = iR.ToByteArrayUnsigned();
+
+			if ((block[block.Length - 1] & 0x0f) != 0x6)
+				throw new InvalidCipherTextException("invalid forcing byte in block");
+
+			block[block.Length - 1] =
+				(byte)(((ushort)(block[block.Length - 1] & 0xff) >> 4)
+				| ((inverse[(block[block.Length - 2] & 0xff) >> 4]) << 4));
+
+			block[0] = (byte)((shadows[(uint) (block[1] & 0xff) >> 4] << 4)
+				| shadows[block[1] & 0x0f]);
+
+			bool boundaryFound = false;
+			int boundary = 0;
+
+			for (int i = block.Length - 1; i >= block.Length - 2 * t; i -= 2)
+			{
+				int val = ((shadows[(uint) (block[i] & 0xff) >> 4] << 4)
+					| shadows[block[i] & 0x0f]);
+
+				if (((block[i - 1] ^ val) & 0xff) != 0)
+				{
+					if (!boundaryFound)
+					{
+						boundaryFound = true;
+						r = (block[i - 1] ^ val) & 0xff;
+						boundary = i - 1;
+					}
+					else
+					{
+						throw new InvalidCipherTextException("invalid tsums in block");
+					}
+				}
+			}
+
+			block[boundary] = 0;
+
+			byte[] nblock = new byte[(block.Length - boundary) / 2];
+
+			for (int i = 0; i < nblock.Length; i++)
+			{
+				nblock[i] = block[2 * i + boundary + 1];
+			}
+
+			padBits = r - 1;
+
+			return nblock;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/encodings/OaepEncoding.cs b/bc-sharp-crypto/src/crypto/encodings/OaepEncoding.cs
new file mode 100644
index 0000000..287876f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/encodings/OaepEncoding.cs
@@ -0,0 +1,345 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Encodings
+{
+    /**
+    * Optimal Asymmetric Encryption Padding (OAEP) - see PKCS 1 V 2.
+    */
+    public class OaepEncoding
+        : IAsymmetricBlockCipher
+    {
+        private byte[] defHash;
+        private IDigest mgf1Hash;
+
+        private IAsymmetricBlockCipher engine;
+        private SecureRandom random;
+        private bool forEncryption;
+
+        public OaepEncoding(
+            IAsymmetricBlockCipher cipher)
+            : this(cipher, new Sha1Digest(), null)
+        {
+        }
+
+        public OaepEncoding(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					hash)
+            : this(cipher, hash, null)
+        {
+        }
+
+        public OaepEncoding(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					hash,
+            byte[]					encodingParams)
+            : this(cipher, hash, hash, encodingParams)
+        {
+        }
+
+        public OaepEncoding(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					hash,
+            IDigest					mgf1Hash,
+            byte[]					encodingParams)
+        {
+            this.engine = cipher;
+            this.mgf1Hash = mgf1Hash;
+            this.defHash = new byte[hash.GetDigestSize()];
+
+            hash.Reset();
+
+            if (encodingParams != null)
+            {
+                hash.BlockUpdate(encodingParams, 0, encodingParams.Length);
+            }
+
+            hash.DoFinal(defHash, 0);
+        }
+
+        public IAsymmetricBlockCipher GetUnderlyingCipher()
+        {
+            return engine;
+        }
+
+        public string AlgorithmName
+        {
+            get { return engine.AlgorithmName + "/OAEPPadding"; }
+        }
+
+        public void Init(
+            bool				forEncryption,
+            ICipherParameters	param)
+        {
+            if (param is ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)param;
+                this.random = rParam.Random;
+            }
+            else
+            {
+                this.random = new SecureRandom();
+            }
+
+            engine.Init(forEncryption, param);
+
+            this.forEncryption = forEncryption;
+        }
+
+        public int GetInputBlockSize()
+        {
+            int baseBlockSize = engine.GetInputBlockSize();
+
+            if (forEncryption)
+            {
+                return baseBlockSize - 1 - 2 * defHash.Length;
+            }
+            else
+            {
+                return baseBlockSize;
+            }
+        }
+
+        public int GetOutputBlockSize()
+        {
+            int baseBlockSize = engine.GetOutputBlockSize();
+
+            if (forEncryption)
+            {
+                return baseBlockSize;
+            }
+            else
+            {
+                return baseBlockSize - 1 - 2 * defHash.Length;
+            }
+        }
+
+        public byte[] ProcessBlock(
+            byte[]	inBytes,
+            int		inOff,
+            int		inLen)
+        {
+            if (forEncryption)
+            {
+                return EncodeBlock(inBytes, inOff, inLen);
+            }
+            else
+            {
+                return DecodeBlock(inBytes, inOff, inLen);
+            }
+        }
+
+        private byte[] EncodeBlock(
+            byte[]	inBytes,
+            int		inOff,
+            int		inLen)
+        {
+            Check.DataLength(inLen > GetInputBlockSize(), "input data too long");
+
+            byte[] block = new byte[GetInputBlockSize() + 1 + 2 * defHash.Length];
+
+            //
+            // copy in the message
+            //
+            Array.Copy(inBytes, inOff, block, block.Length - inLen, inLen);
+
+            //
+            // add sentinel
+            //
+            block[block.Length - inLen - 1] = 0x01;
+
+            //
+            // as the block is already zeroed - there's no need to add PS (the >= 0 pad of 0)
+            //
+
+            //
+            // add the hash of the encoding params.
+            //
+            Array.Copy(defHash, 0, block, defHash.Length, defHash.Length);
+
+            //
+            // generate the seed.
+            //
+            byte[] seed = SecureRandom.GetNextBytes(random, defHash.Length);
+
+            //
+            // mask the message block.
+            //
+            byte[] mask = maskGeneratorFunction1(seed, 0, seed.Length, block.Length - defHash.Length);
+
+            for (int i = defHash.Length; i != block.Length; i++)
+            {
+                block[i] ^= mask[i - defHash.Length];
+            }
+
+            //
+            // add in the seed
+            //
+            Array.Copy(seed, 0, block, 0, defHash.Length);
+
+            //
+            // mask the seed.
+            //
+            mask = maskGeneratorFunction1(
+                block, defHash.Length, block.Length - defHash.Length, defHash.Length);
+
+            for (int i = 0; i != defHash.Length; i++)
+            {
+                block[i] ^= mask[i];
+            }
+
+            return engine.ProcessBlock(block, 0, block.Length);
+        }
+
+        /**
+        * @exception InvalidCipherTextException if the decrypted block turns out to
+        * be badly formatted.
+        */
+        private byte[] DecodeBlock(
+            byte[]	inBytes,
+            int		inOff,
+            int		inLen)
+        {
+            byte[] data = engine.ProcessBlock(inBytes, inOff, inLen);
+            byte[] block = new byte[engine.GetOutputBlockSize()];
+
+            //
+            // as we may have zeros in our leading bytes for the block we produced
+            // on encryption, we need to make sure our decrypted block comes back
+            // the same size.
+            //
+
+            Array.Copy(data, 0, block, block.Length - data.Length, data.Length);
+
+            bool shortData = (block.Length < (2 * defHash.Length) + 1);
+
+            //
+            // unmask the seed.
+            //
+            byte[] mask = maskGeneratorFunction1(
+                block, defHash.Length, block.Length - defHash.Length, defHash.Length);
+
+            for (int i = 0; i != defHash.Length; i++)
+            {
+                block[i] ^= mask[i];
+            }
+
+            //
+            // unmask the message block.
+            //
+            mask = maskGeneratorFunction1(block, 0, defHash.Length, block.Length - defHash.Length);
+
+            for (int i = defHash.Length; i != block.Length; i++)
+            {
+                block[i] ^= mask[i - defHash.Length];
+            }
+
+            //
+            // check the hash of the encoding params.
+            // long check to try to avoid this been a source of a timing attack.
+            //
+            bool defHashWrong = false;
+
+            for (int i = 0; i != defHash.Length; i++)
+            {
+                if (defHash[i] != block[defHash.Length + i])
+                {
+                    defHashWrong = true;
+                }
+            }
+
+            //
+            // find the data block
+            //
+            int start = block.Length;
+
+            for (int index = 2 * defHash.Length; index != block.Length; index++)
+            {
+                if (block[index] != 0 & start == block.Length)
+                {
+                    start = index;
+                }
+            }
+
+            bool dataStartWrong = (start > (block.Length - 1) | block[start] != 1);
+
+            start++;
+
+            if (defHashWrong | shortData | dataStartWrong)
+            {
+                Arrays.Fill(block, 0);
+                throw new InvalidCipherTextException("data wrong");
+            }
+
+            //
+            // extract the data block
+            //
+            byte[] output = new byte[block.Length - start];
+
+            Array.Copy(block, start, output, 0, output.Length);
+
+            return output;
+        }
+
+        /**
+        * int to octet string.
+        */
+        private void ItoOSP(
+            int		i,
+            byte[]	sp)
+        {
+            sp[0] = (byte)((uint)i >> 24);
+            sp[1] = (byte)((uint)i >> 16);
+            sp[2] = (byte)((uint)i >> 8);
+            sp[3] = (byte)((uint)i >> 0);
+        }
+
+        /**
+        * mask generator function, as described in PKCS1v2.
+        */
+        private byte[] maskGeneratorFunction1(
+            byte[]	Z,
+            int		zOff,
+            int		zLen,
+            int		length)
+        {
+            byte[] mask = new byte[length];
+            byte[] hashBuf = new byte[mgf1Hash.GetDigestSize()];
+            byte[] C = new byte[4];
+            int counter = 0;
+
+            mgf1Hash.Reset();
+
+            while (counter < (length / hashBuf.Length))
+            {
+                ItoOSP(counter, C);
+
+                mgf1Hash.BlockUpdate(Z, zOff, zLen);
+                mgf1Hash.BlockUpdate(C, 0, C.Length);
+                mgf1Hash.DoFinal(hashBuf, 0);
+
+                Array.Copy(hashBuf, 0, mask, counter * hashBuf.Length, hashBuf.Length);
+
+                counter++;
+            }
+
+            if ((counter * hashBuf.Length) < length)
+            {
+                ItoOSP(counter, C);
+
+                mgf1Hash.BlockUpdate(Z, zOff, zLen);
+                mgf1Hash.BlockUpdate(C, 0, C.Length);
+                mgf1Hash.DoFinal(hashBuf, 0);
+
+                Array.Copy(hashBuf, 0, mask, counter * hashBuf.Length, mask.Length - (counter * hashBuf.Length));
+            }
+
+            return mask;
+        }
+    }
+}
+
diff --git a/bc-sharp-crypto/src/crypto/encodings/Pkcs1Encoding.cs b/bc-sharp-crypto/src/crypto/encodings/Pkcs1Encoding.cs
new file mode 100644
index 0000000..b2d60fe
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/encodings/Pkcs1Encoding.cs
@@ -0,0 +1,384 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Encodings
+{
+    /**
+    * this does your basic Pkcs 1 v1.5 padding - whether or not you should be using this
+    * depends on your application - see Pkcs1 Version 2 for details.
+    */
+    public class Pkcs1Encoding
+        : IAsymmetricBlockCipher
+    {
+        /**
+         * some providers fail to include the leading zero in PKCS1 encoded blocks. If you need to
+         * work with one of these set the system property Org.BouncyCastle.Pkcs1.Strict to false.
+         */
+        public const string StrictLengthEnabledProperty = "Org.BouncyCastle.Pkcs1.Strict";
+
+        private const int HeaderLength = 10;
+
+        /**
+         * The same effect can be achieved by setting the static property directly
+         * <p>
+         * The static property is checked during construction of the encoding object, it is set to
+         * true by default.
+         * </p>
+         */
+        public static bool StrictLengthEnabled
+        {
+            get { return strictLengthEnabled[0]; }
+            set { strictLengthEnabled[0] = value; }
+        }
+
+        private static readonly bool[] strictLengthEnabled;
+
+        static Pkcs1Encoding()
+        {
+            string strictProperty = Platform.GetEnvironmentVariable(StrictLengthEnabledProperty);
+
+            strictLengthEnabled = new bool[]{ strictProperty == null || strictProperty.Equals("true")};
+        }
+
+
+        private SecureRandom random;
+        private IAsymmetricBlockCipher engine;
+        private bool forEncryption;
+        private bool forPrivateKey;
+        private bool useStrictLength;
+        private int pLen = -1;
+        private byte[] fallback = null;
+        private byte[] blockBuffer = null;
+
+        /**
+         * Basic constructor.
+         *
+         * @param cipher
+         */
+        public Pkcs1Encoding(
+            IAsymmetricBlockCipher cipher)
+        {
+            this.engine = cipher;
+            this.useStrictLength = StrictLengthEnabled;
+        }
+
+        /**
+         * Constructor for decryption with a fixed plaintext length.
+         * 
+         * @param cipher The cipher to use for cryptographic operation.
+         * @param pLen Length of the expected plaintext.
+         */
+        public Pkcs1Encoding(IAsymmetricBlockCipher cipher, int pLen)
+        {
+            this.engine = cipher;
+            this.useStrictLength = StrictLengthEnabled;
+            this.pLen = pLen;
+        }
+
+        /**
+         * Constructor for decryption with a fixed plaintext length and a fallback
+         * value that is returned, if the padding is incorrect.
+         * 
+         * @param cipher
+         *            The cipher to use for cryptographic operation.
+         * @param fallback
+         *            The fallback value, we don't to a arraycopy here.
+         */
+        public Pkcs1Encoding(IAsymmetricBlockCipher cipher, byte[] fallback)
+        {
+            this.engine = cipher;
+            this.useStrictLength = StrictLengthEnabled;
+            this.fallback = fallback;
+            this.pLen = fallback.Length;
+        }
+
+        public IAsymmetricBlockCipher GetUnderlyingCipher()
+        {
+            return engine;
+        }
+
+        public string AlgorithmName
+        {
+            get { return engine.AlgorithmName + "/PKCS1Padding"; }
+        }
+
+        public void Init(bool forEncryption, ICipherParameters parameters)
+        {
+            AsymmetricKeyParameter kParam;
+            if (parameters is ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+                this.random = rParam.Random;
+                kParam = (AsymmetricKeyParameter)rParam.Parameters;
+            }
+            else
+            {
+                this.random = new SecureRandom();
+                kParam = (AsymmetricKeyParameter)parameters;
+            }
+
+            engine.Init(forEncryption, parameters);
+
+            this.forPrivateKey = kParam.IsPrivate;
+            this.forEncryption = forEncryption;
+            this.blockBuffer = new byte[engine.GetOutputBlockSize()];
+
+            if (pLen > 0 && fallback == null && random == null)
+                throw new ArgumentException("encoder requires random");
+        }
+
+        public int GetInputBlockSize()
+        {
+            int baseBlockSize = engine.GetInputBlockSize();
+
+            return forEncryption
+                ?	baseBlockSize - HeaderLength
+                :	baseBlockSize;
+        }
+
+        public int GetOutputBlockSize()
+        {
+            int baseBlockSize = engine.GetOutputBlockSize();
+
+            return forEncryption
+                ?	baseBlockSize
+                :	baseBlockSize - HeaderLength;
+        }
+
+        public byte[] ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            int		length)
+        {
+            return forEncryption
+                ?	EncodeBlock(input, inOff, length)
+                :	DecodeBlock(input, inOff, length);
+        }
+
+        private byte[] EncodeBlock(
+            byte[]	input,
+            int		inOff,
+            int		inLen)
+        {
+            if (inLen > GetInputBlockSize())
+                throw new ArgumentException("input data too large", "inLen");
+
+            byte[] block = new byte[engine.GetInputBlockSize()];
+
+            if (forPrivateKey)
+            {
+                block[0] = 0x01;                        // type code 1
+
+                for (int i = 1; i != block.Length - inLen - 1; i++)
+                {
+                    block[i] = (byte)0xFF;
+                }
+            }
+            else
+            {
+                random.NextBytes(block);                // random fill
+
+                block[0] = 0x02;                        // type code 2
+
+                //
+                // a zero byte marks the end of the padding, so all
+                // the pad bytes must be non-zero.
+                //
+                for (int i = 1; i != block.Length - inLen - 1; i++)
+                {
+                    while (block[i] == 0)
+                    {
+                        block[i] = (byte)random.NextInt();
+                    }
+                }
+            }
+
+            block[block.Length - inLen - 1] = 0x00;       // mark the end of the padding
+            Array.Copy(input, inOff, block, block.Length - inLen, inLen);
+
+            return engine.ProcessBlock(block, 0, block.Length);
+        }
+
+        /**
+         * Checks if the argument is a correctly PKCS#1.5 encoded Plaintext
+         * for encryption.
+         * 
+         * @param encoded The Plaintext.
+         * @param pLen Expected length of the plaintext.
+         * @return Either 0, if the encoding is correct, or -1, if it is incorrect.
+         */
+        private static int CheckPkcs1Encoding(byte[] encoded, int pLen)
+        {
+            int correct = 0;
+            /*
+             * Check if the first two bytes are 0 2
+             */
+            correct |= (encoded[0] ^ 2);
+
+            /*
+             * Now the padding check, check for no 0 byte in the padding
+             */
+            int plen = encoded.Length - (
+                      pLen /* Lenght of the PMS */
+                    +  1 /* Final 0-byte before PMS */
+            );
+
+            for (int i = 1; i < plen; i++)
+            {
+                int tmp = encoded[i];
+                tmp |= tmp >> 1;
+                tmp |= tmp >> 2;
+                tmp |= tmp >> 4;
+                correct |= (tmp & 1) - 1;
+            }
+
+            /*
+             * Make sure the padding ends with a 0 byte.
+             */
+            correct |= encoded[encoded.Length - (pLen + 1)];
+
+            /*
+             * Return 0 or 1, depending on the result.
+             */
+            correct |= correct >> 1;
+            correct |= correct >> 2;
+            correct |= correct >> 4;
+            return ~((correct & 1) - 1);
+        }
+
+        /**
+         * Decode PKCS#1.5 encoding, and return a random value if the padding is not correct.
+         * 
+         * @param in The encrypted block.
+         * @param inOff Offset in the encrypted block.
+         * @param inLen Length of the encrypted block.
+         * @param pLen Length of the desired output.
+         * @return The plaintext without padding, or a random value if the padding was incorrect.
+         * @throws InvalidCipherTextException
+         */
+        private byte[] DecodeBlockOrRandom(byte[] input, int inOff, int inLen)
+        {
+            if (!forPrivateKey)
+                throw new InvalidCipherTextException("sorry, this method is only for decryption, not for signing");
+
+            byte[] block = engine.ProcessBlock(input, inOff, inLen);
+            byte[] random;
+            if (this.fallback == null)
+            {
+                random = new byte[this.pLen];
+                this.random.NextBytes(random);
+            }
+            else
+            {
+                random = fallback;
+            }
+
+            byte[] data = (useStrictLength & (block.Length != engine.GetOutputBlockSize())) ? blockBuffer : block;
+
+		    /*
+		     * Check the padding.
+		     */
+            int correct = CheckPkcs1Encoding(data, this.pLen);
+
+		    /*
+		     * Now, to a constant time constant memory copy of the decrypted value
+		     * or the random value, depending on the validity of the padding.
+		     */
+            byte[] result = new byte[this.pLen];
+            for (int i = 0; i < this.pLen; i++)
+            {
+                result[i] = (byte)((data[i + (data.Length - pLen)] & (~correct)) | (random[i] & correct));
+            }
+
+            Arrays.Fill(data, 0);
+
+            return result;
+        }
+
+        /**
+        * @exception InvalidCipherTextException if the decrypted block is not in Pkcs1 format.
+        */
+        private byte[] DecodeBlock(
+            byte[]	input,
+            int		inOff,
+            int		inLen)
+        {
+            /*
+             * If the length of the expected plaintext is known, we use a constant-time decryption.
+             * If the decryption fails, we return a random value.
+             */
+            if (this.pLen != -1)
+            {
+                return this.DecodeBlockOrRandom(input, inOff, inLen);
+            }
+
+            byte[] block = engine.ProcessBlock(input, inOff, inLen);
+            bool incorrectLength = (useStrictLength & (block.Length != engine.GetOutputBlockSize()));
+
+            byte[] data;
+            if (block.Length < GetOutputBlockSize())
+            {
+                data = blockBuffer;
+            }
+            else
+            {
+                data = block;
+            }
+
+            byte expectedType = (byte)(forPrivateKey ? 2 : 1);
+            byte type = data[0];
+
+            bool badType = (type != expectedType);
+
+            //
+            // find and extract the message block.
+            //
+            int start = FindStart(type, data);
+
+            start++;           // data should start at the next byte
+
+            if (badType | (start < HeaderLength))
+            {
+                Arrays.Fill(data, 0);
+                throw new InvalidCipherTextException("block incorrect");
+            }
+
+            // if we get this far, it's likely to be a genuine encoding error
+            if (incorrectLength)
+            {
+                Arrays.Fill(data, 0);
+                throw new InvalidCipherTextException("block incorrect size");
+            }
+
+            byte[] result = new byte[data.Length - start];
+
+            Array.Copy(data, start, result, 0, result.Length);
+
+            return result;
+        }
+
+        private int FindStart(byte type, byte[] block)
+        {
+            int start = -1;
+            bool padErr = false;
+
+            for (int i = 1; i != block.Length; i++)
+            {
+                byte pad = block[i];
+
+                if (pad == 0 & start < 0)
+                {
+                    start = i;
+                }
+                padErr |= ((type == 1) & (start < 0) & (pad != (byte)0xff));
+            }
+
+            return padErr ? -1 : start;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/AesEngine.cs b/bc-sharp-crypto/src/crypto/engines/AesEngine.cs
new file mode 100644
index 0000000..91bdf69
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/AesEngine.cs
@@ -0,0 +1,610 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * an implementation of the AES (Rijndael), from FIPS-197.
+    * <p>
+    * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
+    *
+    * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
+    * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+    *
+    * There are three levels of tradeoff of speed vs memory
+    * Because java has no preprocessor, they are written as three separate classes from which to choose
+    *
+    * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
+    * and 4 for decryption.
+    *
+    * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
+    * adding 12 rotate operations per round to compute the values contained in the other tables from
+    * the contents of the first.
+    *
+    * The slowest version uses no static tables at all and computes the values in each round.
+    * </p>
+    * <p>
+    * This file contains the middle performance version with 2Kbytes of static tables for round precomputation.
+    * </p>
+    */
+    public class AesEngine
+        : IBlockCipher
+    {
+        // The S box
+        private static readonly byte[] S =
+        {
+            99,	124, 119, 123, 242, 107, 111, 197,
+            48, 1, 103, 43, 254, 215, 171, 118,
+            202, 130, 201, 125, 250, 89, 71, 240,
+            173, 212, 162, 175, 156, 164, 114, 192,
+            183, 253, 147, 38, 54, 63, 247, 204,
+            52, 165, 229, 241, 113, 216, 49, 21,
+            4, 199, 35, 195, 24, 150, 5, 154,
+            7, 18, 128, 226, 235, 39, 178, 117,
+            9, 131, 44, 26, 27, 110, 90, 160,
+            82, 59, 214, 179, 41, 227, 47, 132,
+            83, 209, 0, 237, 32, 252, 177, 91,
+            106, 203, 190, 57, 74, 76, 88, 207,
+            208, 239, 170, 251, 67, 77, 51, 133,
+            69, 249, 2, 127, 80, 60, 159, 168,
+            81, 163, 64, 143, 146, 157, 56, 245,
+            188, 182, 218, 33, 16, 255, 243, 210,
+            205, 12, 19, 236, 95, 151, 68, 23,
+            196, 167, 126, 61, 100, 93, 25, 115,
+            96, 129, 79, 220, 34, 42, 144, 136,
+            70, 238, 184, 20, 222, 94, 11, 219,
+            224, 50, 58, 10, 73, 6, 36, 92,
+            194, 211, 172, 98, 145, 149, 228, 121,
+            231, 200, 55, 109, 141, 213, 78, 169,
+            108, 86, 244, 234, 101, 122, 174, 8,
+            186, 120, 37, 46, 28, 166, 180, 198,
+            232, 221, 116, 31, 75, 189, 139, 138,
+            112, 62, 181, 102, 72, 3, 246, 14,
+            97, 53, 87, 185, 134, 193, 29, 158,
+            225, 248, 152, 17, 105, 217, 142, 148,
+            155, 30, 135, 233, 206, 85, 40, 223,
+            140, 161, 137, 13, 191, 230, 66, 104,
+            65, 153, 45, 15, 176, 84, 187, 22,
+        };
+
+        // The inverse S-box
+        private static readonly byte[] Si =
+        {
+            82, 9, 106, 213, 48, 54, 165, 56,
+            191, 64, 163, 158, 129, 243, 215, 251,
+            124, 227, 57, 130, 155, 47, 255, 135,
+            52, 142, 67, 68, 196, 222, 233, 203,
+            84, 123, 148, 50, 166, 194, 35, 61,
+            238, 76, 149, 11, 66, 250, 195, 78,
+            8, 46, 161, 102, 40, 217, 36, 178,
+            118, 91, 162, 73, 109, 139, 209, 37,
+            114, 248, 246, 100, 134, 104, 152, 22,
+            212, 164, 92, 204, 93, 101, 182, 146,
+            108, 112, 72, 80, 253, 237, 185, 218,
+            94, 21, 70, 87, 167, 141, 157, 132,
+            144, 216, 171, 0, 140, 188, 211, 10,
+            247, 228, 88, 5, 184, 179, 69, 6,
+            208, 44, 30, 143, 202, 63, 15, 2,
+            193, 175, 189, 3, 1, 19, 138, 107,
+            58, 145, 17, 65, 79, 103, 220, 234,
+            151, 242, 207, 206, 240, 180, 230, 115,
+            150, 172, 116, 34, 231, 173, 53, 133,
+            226, 249, 55, 232, 28, 117, 223, 110,
+            71, 241, 26, 113, 29, 41, 197, 137,
+            111, 183, 98, 14, 170, 24, 190, 27,
+            252, 86, 62, 75, 198, 210, 121, 32,
+            154, 219, 192, 254, 120, 205, 90, 244,
+            31, 221, 168, 51, 136, 7, 199, 49,
+            177, 18, 16, 89, 39, 128, 236, 95,
+            96, 81, 127, 169, 25, 181, 74, 13,
+            45, 229, 122, 159, 147, 201, 156, 239,
+            160, 224, 59, 77, 174, 42, 245, 176,
+            200, 235, 187, 60, 131, 83, 153, 97,
+            23, 43, 4, 126, 186, 119, 214, 38,
+            225, 105, 20, 99, 85, 33, 12, 125,
+        };
+
+        // vector used in calculating key schedule (powers of x in GF(256))
+        private static readonly byte[] rcon =
+        {
+            0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+            0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
+        };
+
+        // precomputation tables of calculations for rounds
+        private static readonly uint[] T0 =
+        {
+            0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff,
+            0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102,
+            0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d,
+            0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
+            0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41,
+            0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
+            0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d,
+            0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83,
+            0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2,
+            0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795,
+            0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a,
+            0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
+            0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912,
+            0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc,
+            0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7,
+            0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
+            0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040,
+            0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
+            0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0,
+            0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
+            0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a,
+            0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78,
+            0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080,
+            0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
+            0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020,
+            0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18,
+            0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488,
+            0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
+            0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0,
+            0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
+            0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b,
+            0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
+            0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992,
+            0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd,
+            0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3,
+            0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
+            0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8,
+            0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4,
+            0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a,
+            0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
+            0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96,
+            0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
+            0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7,
+            0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
+            0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9,
+            0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9,
+            0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715,
+            0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
+            0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65,
+            0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929,
+            0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d,
+            0x3a16162c
+        };
+
+        private static readonly uint[] Tinv0 =
+        {
+            0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b,
+            0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad,
+            0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526,
+            0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d,
+            0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03,
+            0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
+            0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899,
+            0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d,
+            0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1,
+            0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f,
+            0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3,
+            0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
+            0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a,
+            0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506,
+            0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05,
+            0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd,
+            0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491,
+            0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
+            0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7,
+            0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000,
+            0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd,
+            0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68,
+            0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4,
+            0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
+            0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e,
+            0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af,
+            0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644,
+            0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8,
+            0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85,
+            0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
+            0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411,
+            0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322,
+            0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6,
+            0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850,
+            0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e,
+            0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
+            0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd,
+            0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa,
+            0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea,
+            0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235,
+            0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1,
+            0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
+            0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1,
+            0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb,
+            0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a,
+            0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7,
+            0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418,
+            0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
+            0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16,
+            0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08,
+            0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48,
+            0x4257b8d0
+        };
+
+        private static uint Shift(uint r, int shift)
+        {
+            return (r >> shift) | (r << (32 - shift));
+        }
+
+        /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+        private const uint m1 = 0x80808080;
+        private const uint m2 = 0x7f7f7f7f;
+        private const uint m3 = 0x0000001b;
+        private const uint m4 = 0xC0C0C0C0;
+        private const uint m5 = 0x3f3f3f3f;
+
+        private static uint FFmulX(uint x)
+        {
+            return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3);
+        }
+
+        private static uint FFmulX2(uint x)
+        {
+            uint t0  = (x & m5) << 2;
+            uint t1  = (x & m4);
+                 t1 ^= (t1 >> 1);
+            return t0 ^ (t1 >> 2) ^ (t1 >> 5);
+        }
+
+        /*
+        The following defines provide alternative definitions of FFmulX that might
+        give improved performance if a fast 32-bit multiply is not available.
+
+        private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); }
+        private static final int  m4 = 0x1b1b1b1b;
+        private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); }
+
+        */
+
+        private static uint Inv_Mcol(uint x)
+        {
+            uint t0, t1;
+            t0  = x;
+            t1  = t0 ^ Shift(t0, 8);
+            t0 ^= FFmulX(t1);
+            t1 ^= FFmulX2(t0);
+            t0 ^= t1 ^ Shift(t1, 16);
+            return t0;
+        }
+
+        private static uint SubWord(uint x)
+        {
+            return (uint)S[x&255]
+                | (((uint)S[(x>>8)&255]) << 8)
+                | (((uint)S[(x>>16)&255]) << 16)
+                | (((uint)S[(x>>24)&255]) << 24);
+        }
+
+        /**
+        * Calculate the necessary round keys
+        * The number of calculations depends on key size and block size
+        * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
+        * This code is written assuming those are the only possible values
+        */
+        private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption)
+        {
+            int keyLen = key.Length;
+            if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
+                throw new ArgumentException("Key length not 128/192/256 bits.");
+
+            int KC = keyLen >> 2;
+            this.ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
+
+            uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block
+            for (int i = 0; i <= ROUNDS; ++i)
+            {
+                W[i] = new uint[4];
+            }
+
+            switch (KC)
+            {
+                case 4:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+
+                    for (int i = 1; i <= 10; ++i)
+                    {
+                        uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1];
+                        t0 ^= u;  W[i][0] = t0;
+                        t1 ^= t0; W[i][1] = t1;
+                        t2 ^= t1; W[i][2] = t2;
+                        t3 ^= t2; W[i][3] = t3;
+                    }
+
+                    break;
+                }
+                case 6:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                    uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                    uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+
+                    uint rcon = 1;
+                    uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                    t0 ^= u;  W[1][2] = t0;
+                    t1 ^= t0; W[1][3] = t1;
+                    t2 ^= t1; W[2][0] = t2;
+                    t3 ^= t2; W[2][1] = t3;
+                    t4 ^= t3; W[2][2] = t4;
+                    t5 ^= t4; W[2][3] = t5;
+
+                    for (int i = 3; i < 12; i += 3)
+                    {
+                        u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i    ][0] = t0;
+                        t1 ^= t0; W[i    ][1] = t1;
+                        t2 ^= t1; W[i    ][2] = t2;
+                        t3 ^= t2; W[i    ][3] = t3;
+                        t4 ^= t3; W[i + 1][0] = t4;
+                        t5 ^= t4; W[i + 1][1] = t5;
+                        u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i + 1][2] = t0;
+                        t1 ^= t0; W[i + 1][3] = t1;
+                        t2 ^= t1; W[i + 2][0] = t2;
+                        t3 ^= t2; W[i + 2][1] = t3;
+                        t4 ^= t3; W[i + 2][2] = t4;
+                        t5 ^= t4; W[i + 2][3] = t5;
+                    }
+
+                    u = SubWord(Shift(t5, 8)) ^ rcon;
+                    t0 ^= u;  W[12][0] = t0;
+                    t1 ^= t0; W[12][1] = t1;
+                    t2 ^= t1; W[12][2] = t2;
+                    t3 ^= t2; W[12][3] = t3;
+
+                    break;
+                }
+                case 8:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                    uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                    uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+                    uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6;
+                    uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7;
+
+                    uint u, rcon = 1;
+
+                    for (int i = 2; i < 14; i += 2)
+                    {
+                        u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i    ][0] = t0;
+                        t1 ^= t0; W[i    ][1] = t1;
+                        t2 ^= t1; W[i    ][2] = t2;
+                        t3 ^= t2; W[i    ][3] = t3;
+                        u = SubWord(t3);
+                        t4 ^= u;  W[i + 1][0] = t4;
+                        t5 ^= t4; W[i + 1][1] = t5;
+                        t6 ^= t5; W[i + 1][2] = t6;
+                        t7 ^= t6; W[i + 1][3] = t7;
+                    }
+
+                    u = SubWord(Shift(t7, 8)) ^ rcon;
+                    t0 ^= u;  W[14][0] = t0;
+                    t1 ^= t0; W[14][1] = t1;
+                    t2 ^= t1; W[14][2] = t2;
+                    t3 ^= t2; W[14][3] = t3;
+
+                    break;
+                }
+                default:
+                {
+                    throw new InvalidOperationException("Should never get here");
+                }
+            }
+
+            if (!forEncryption)
+            {
+                for (int j = 1; j < ROUNDS; j++)
+                {
+                    uint[] w = W[j];
+                    for (int i = 0; i < 4; i++)
+                    {
+                        w[i] = Inv_Mcol(w[i]);
+                    }
+                }
+            }
+
+            return W;
+        }
+
+        private int ROUNDS;
+        private uint[][] WorkingKey;
+        private uint C0, C1, C2, C3;
+        private bool forEncryption;
+
+        private byte[] s;
+
+        private const int BLOCK_SIZE = 16;
+
+        /**
+        * default constructor - 128 bit block size.
+        */
+        public AesEngine()
+        {
+        }
+
+        /**
+        * initialise an AES cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            KeyParameter keyParameter = parameters as KeyParameter;
+
+            if (keyParameter == null)
+                throw new ArgumentException("invalid parameter passed to AES init - "
+                    + Platform.GetTypeName(parameters));
+
+            WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption);
+
+            this.forEncryption = forEncryption;
+            this.s = Arrays.Clone(forEncryption ? S : Si);
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "AES"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (WorkingKey == null)
+                throw new InvalidOperationException("AES engine not initialised");
+
+            Check.DataLength(input, inOff, 16, "input buffer too short");
+            Check.OutputLength(output, outOff, 16, "output buffer too short");
+
+            UnPackBlock(input, inOff);
+
+            if (forEncryption)
+            {
+                EncryptBlock(WorkingKey);
+            }
+            else
+            {
+                DecryptBlock(WorkingKey);
+            }
+
+            PackBlock(output, outOff);
+
+            return BLOCK_SIZE;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        private void UnPackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            C0 = Pack.LE_To_UInt32(bytes, off);
+            C1 = Pack.LE_To_UInt32(bytes, off + 4);
+            C2 = Pack.LE_To_UInt32(bytes, off + 8);
+            C3 = Pack.LE_To_UInt32(bytes, off + 12);
+        }
+
+        private void PackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            Pack.UInt32_To_LE(C0, bytes, off);
+            Pack.UInt32_To_LE(C1, bytes, off + 4);
+            Pack.UInt32_To_LE(C2, bytes, off + 8);
+            Pack.UInt32_To_LE(C3, bytes, off + 12);
+        }
+
+        private void EncryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[0];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = 1;
+            while (r < ROUNDS - 1)
+            {
+                kw = KW[r++];
+                r0 = T0[t0 & 255] ^ Shift(T0[(t1 >> 8) & 255], 24) ^ Shift(T0[(t2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0];
+                r1 = T0[t1 & 255] ^ Shift(T0[(t2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(t0 >> 24) & 255], 8) ^ kw[1];
+                r2 = T0[t2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(t0 >> 16) & 255], 16) ^ Shift(T0[(t1 >> 24) & 255], 8) ^ kw[2];
+                r3 = T0[r3 & 255] ^ Shift(T0[(t0 >> 8) & 255], 24) ^ Shift(T0[(t1 >> 16) & 255], 16) ^ Shift(T0[(t2 >> 24) & 255], 8) ^ kw[3];
+                kw = KW[r++];
+                t0 = T0[r0 & 255] ^ Shift(T0[(r1 >> 8) & 255], 24) ^ Shift(T0[(r2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0];
+                t1 = T0[r1 & 255] ^ Shift(T0[(r2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(r0 >> 24) & 255], 8) ^ kw[1];
+                t2 = T0[r2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(r0 >> 16) & 255], 16) ^ Shift(T0[(r1 >> 24) & 255], 8) ^ kw[2];
+                r3 = T0[r3 & 255] ^ Shift(T0[(r0 >> 8) & 255], 24) ^ Shift(T0[(r1 >> 16) & 255], 16) ^ Shift(T0[(r2 >> 24) & 255], 8) ^ kw[3];
+            }
+
+            kw = KW[r++];
+            r0 = T0[t0 & 255] ^ Shift(T0[(t1 >> 8) & 255], 24) ^ Shift(T0[(t2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0];
+            r1 = T0[t1 & 255] ^ Shift(T0[(t2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(t0 >> 24) & 255], 8) ^ kw[1];
+            r2 = T0[t2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(t0 >> 16) & 255], 16) ^ Shift(T0[(t1 >> 24) & 255], 8) ^ kw[2];
+            r3 = T0[r3 & 255] ^ Shift(T0[(t0 >> 8) & 255], 24) ^ Shift(T0[(t1 >> 16) & 255], 16) ^ Shift(T0[(t2 >> 24) & 255], 8) ^ kw[3];
+
+            // the final round's table is a simple function of S so we don't use a whole other four tables for it
+
+            kw = KW[r];
+            this.C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)s[(r2 >> 16) & 255]) << 16) ^ (((uint)s[(r3 >> 24) & 255]) << 24) ^ kw[0];
+            this.C1 = (uint)s[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)s[(r0 >> 24) & 255]) << 24) ^ kw[1];
+            this.C2 = (uint)s[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24) ^ kw[2];
+            this.C3 = (uint)s[r3 & 255] ^ (((uint)s[(r0 >> 8) & 255]) << 8) ^ (((uint)s[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24) ^ kw[3];
+        }
+
+        private void DecryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[ROUNDS];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = ROUNDS - 1;
+            while (r > 1)
+            {
+                kw = KW[r--];
+                r0 = Tinv0[t0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(t2 >> 16) & 255], 16) ^ Shift(Tinv0[(t1 >> 24) & 255], 8) ^ kw[0];
+                r1 = Tinv0[t1 & 255] ^ Shift(Tinv0[(t0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(t2 >> 24) & 255], 8) ^ kw[1];
+                r2 = Tinv0[t2 & 255] ^ Shift(Tinv0[(t1 >> 8) & 255], 24) ^ Shift(Tinv0[(t0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2];
+                r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(t2 >> 8) & 255], 24) ^ Shift(Tinv0[(t1 >> 16) & 255], 16) ^ Shift(Tinv0[(t0 >> 24) & 255], 8) ^ kw[3];
+                kw = KW[r--];
+                t0 = Tinv0[r0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(r2 >> 16) & 255], 16) ^ Shift(Tinv0[(r1 >> 24) & 255], 8) ^ kw[0];
+                t1 = Tinv0[r1 & 255] ^ Shift(Tinv0[(r0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(r2 >> 24) & 255], 8) ^ kw[1];
+                t2 = Tinv0[r2 & 255] ^ Shift(Tinv0[(r1 >> 8) & 255], 24) ^ Shift(Tinv0[(r0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2];
+                r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(r2 >> 8) & 255], 24) ^ Shift(Tinv0[(r1 >> 16) & 255], 16) ^ Shift(Tinv0[(r0 >> 24) & 255], 8) ^ kw[3];
+            }
+
+            kw = KW[1];
+            r0 = Tinv0[t0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(t2 >> 16) & 255], 16) ^ Shift(Tinv0[(t1 >> 24) & 255], 8) ^ kw[0];
+            r1 = Tinv0[t1 & 255] ^ Shift(Tinv0[(t0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(t2 >> 24) & 255], 8) ^ kw[1];
+            r2 = Tinv0[t2 & 255] ^ Shift(Tinv0[(t1 >> 8) & 255], 24) ^ Shift(Tinv0[(t0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2];
+            r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(t2 >> 8) & 255], 24) ^ Shift(Tinv0[(t1 >> 16) & 255], 16) ^ Shift(Tinv0[(t0 >> 24) & 255], 8) ^ kw[3];
+
+            // the final round's table is a simple function of Si so we don't use a whole other four tables for it
+
+            kw = KW[0];
+            this.C0 = (uint)Si[r0 & 255] ^ (((uint)s[(r3 >> 8) & 255]) << 8) ^ (((uint)s[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[(r1 >> 24) & 255]) << 24) ^ kw[0];
+            this.C1 = (uint)s[r1 & 255] ^ (((uint)s[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)s[(r2 >> 24) & 255]) << 24) ^ kw[1];
+            this.C2 = (uint)s[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)s[(r3 >> 24) & 255]) << 24) ^ kw[2];
+            this.C3 = (uint)Si[r3 & 255] ^ (((uint)s[(r2 >> 8) & 255]) << 8) ^ (((uint)s[(r1 >> 16) & 255]) << 16) ^ (((uint)s[(r0 >> 24) & 255]) << 24) ^ kw[3];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/AesFastEngine.cs b/bc-sharp-crypto/src/crypto/engines/AesFastEngine.cs
new file mode 100644
index 0000000..9d3a86f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/AesFastEngine.cs
@@ -0,0 +1,948 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * an implementation of the AES (Rijndael)), from FIPS-197.
+    * <p>
+    * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
+    *
+    * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
+    * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+    *
+    * There are three levels of tradeoff of speed vs memory
+    * Because java has no preprocessor), they are written as three separate classes from which to choose
+    *
+    * The fastest uses 8Kbytes of static tables to precompute round calculations), 4 256 word tables for encryption
+    * and 4 for decryption.
+    *
+    * The middle performance version uses only one 256 word table for each), for a total of 2Kbytes),
+    * adding 12 rotate operations per round to compute the values contained in the other tables from
+    * the contents of the first
+    *
+    * The slowest version uses no static tables at all and computes the values in each round
+    * </p>
+    * <p>
+    * This file contains the fast version with 8Kbytes of static tables for round precomputation
+    * </p>
+    */
+    /// <remarks>
+    /// Unfortunately this class has a few side channel issues.
+    /// In an environment where encryption/decryption may be closely observed it should not be used.
+    /// </remarks>
+    [Obsolete("Use AesEngine instead")]
+    public class AesFastEngine
+        : IBlockCipher
+    {
+        // The S box
+        private static readonly byte[] S =
+        {
+            99, 124, 119, 123, 242, 107, 111, 197,
+            48,   1, 103,  43, 254, 215, 171, 118,
+            202, 130, 201, 125, 250,  89,  71, 240,
+            173, 212, 162, 175, 156, 164, 114, 192,
+            183, 253, 147,  38,  54,  63, 247, 204,
+            52, 165, 229, 241, 113, 216,  49,  21,
+            4, 199,  35, 195,  24, 150,   5, 154,
+            7,  18, 128, 226, 235,  39, 178, 117,
+            9, 131,  44,  26,  27, 110,  90, 160,
+            82,  59, 214, 179,  41, 227,  47, 132,
+            83, 209,   0, 237,  32, 252, 177,  91,
+            106, 203, 190,  57,  74,  76,  88, 207,
+            208, 239, 170, 251,  67,  77,  51, 133,
+            69, 249,   2, 127,  80,  60, 159, 168,
+            81, 163,  64, 143, 146, 157,  56, 245,
+            188, 182, 218,  33,  16, 255, 243, 210,
+            205,  12,  19, 236,  95, 151,  68,  23,
+            196, 167, 126,  61, 100,  93,  25, 115,
+            96, 129,  79, 220,  34,  42, 144, 136,
+            70, 238, 184,  20, 222,  94,  11, 219,
+            224,  50,  58,  10,  73,   6,  36,  92,
+            194, 211, 172,  98, 145, 149, 228, 121,
+            231, 200,  55, 109, 141, 213,  78, 169,
+            108,  86, 244, 234, 101, 122, 174,   8,
+            186, 120,  37,  46,  28, 166, 180, 198,
+            232, 221, 116,  31,  75, 189, 139, 138,
+            112,  62, 181, 102,  72,   3, 246,  14,
+            97,  53,  87, 185, 134, 193,  29, 158,
+            225, 248, 152,  17, 105, 217, 142, 148,
+            155,  30, 135, 233, 206,  85,  40, 223,
+            140, 161, 137,  13, 191, 230,  66, 104,
+            65, 153,  45,  15, 176,  84, 187,  22,
+        };
+
+        // The inverse S-box
+        private static readonly byte[] Si =
+        {
+            82,   9, 106, 213,  48,  54, 165,  56,
+            191,  64, 163, 158, 129, 243, 215, 251,
+            124, 227,  57, 130, 155,  47, 255, 135,
+            52, 142,  67,  68, 196, 222, 233, 203,
+            84, 123, 148,  50, 166, 194,  35,  61,
+            238,  76, 149,  11,  66, 250, 195,  78,
+            8,  46, 161, 102,  40, 217,  36, 178,
+            118,  91, 162,  73, 109, 139, 209,  37,
+            114, 248, 246, 100, 134, 104, 152,  22,
+            212, 164,  92, 204,  93, 101, 182, 146,
+            108, 112,  72,  80, 253, 237, 185, 218,
+            94,  21,  70,  87, 167, 141, 157, 132,
+            144, 216, 171,   0, 140, 188, 211,  10,
+            247, 228,  88,   5, 184, 179,  69,   6,
+            208,  44,  30, 143, 202,  63,  15,   2,
+            193, 175, 189,   3,   1,  19, 138, 107,
+            58, 145,  17,  65,  79, 103, 220, 234,
+            151, 242, 207, 206, 240, 180, 230, 115,
+            150, 172, 116,  34, 231, 173,  53, 133,
+            226, 249,  55, 232,  28, 117, 223, 110,
+            71, 241,  26, 113,  29,  41, 197, 137,
+            111, 183,  98,  14, 170,  24, 190,  27,
+            252,  86,  62,  75, 198, 210, 121,  32,
+            154, 219, 192, 254, 120, 205,  90, 244,
+            31, 221, 168,  51, 136,   7, 199,  49,
+            177,  18,  16,  89,  39, 128, 236,  95,
+            96,  81, 127, 169,  25, 181,  74,  13,
+            45, 229, 122, 159, 147, 201, 156, 239,
+            160, 224,  59,  77, 174,  42, 245, 176,
+            200, 235, 187,  60, 131,  83, 153,  97,
+            23,  43,   4, 126, 186, 119, 214,  38,
+            225, 105,  20,  99,  85,  33,  12, 125,
+        };
+
+        // vector used in calculating key schedule (powers of x in GF(256))
+        private static readonly byte[] rcon =
+        {
+            0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+            0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
+        };
+
+        // precomputation tables of calculations for rounds
+        private static readonly uint[] T0 =
+        {
+            0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff,
+            0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102,
+            0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d,
+            0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa,
+            0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41,
+            0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453,
+            0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d,
+            0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83,
+            0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2,
+            0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795,
+            0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a,
+            0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df,
+            0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912,
+            0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc,
+            0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7,
+            0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413,
+            0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040,
+            0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d,
+            0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0,
+            0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed,
+            0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a,
+            0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78,
+            0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080,
+            0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1,
+            0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020,
+            0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18,
+            0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488,
+            0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a,
+            0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0,
+            0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54,
+            0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b,
+            0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad,
+            0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992,
+            0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd,
+            0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3,
+            0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda,
+            0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8,
+            0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4,
+            0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a,
+            0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697,
+            0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96,
+            0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c,
+            0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7,
+            0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969,
+            0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9,
+            0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9,
+            0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715,
+            0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5,
+            0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65,
+            0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929,
+            0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d,
+            0x3a16162c
+        };
+
+        private static readonly uint[] T1 =
+        {
+            0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d,
+            0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203,
+            0x6767cea9, 0x2b2b567d, 0xfefee719, 0xd7d7b562, 0xabab4de6,
+            0x7676ec9a, 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87,
+            0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b, 0xadad41ec,
+            0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7,
+            0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae,
+            0x26264c6a, 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f,
+            0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908, 0x7171e293,
+            0xd8d8ab73, 0x31316253, 0x15152a3f, 0x0404080c, 0xc7c79552,
+            0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1, 0x05050a0f,
+            0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d,
+            0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b,
+            0x83831d9e, 0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2,
+            0x5a5ab4ee, 0xa0a05bfb, 0x5252a4f6, 0x3b3b764d, 0xd6d6b761,
+            0xb3b37dce, 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397,
+            0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c, 0x20204060,
+            0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46,
+            0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8,
+            0xcfcf854a, 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16,
+            0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194, 0x45458acf,
+            0xf9f9e910, 0x02020406, 0x7f7ffe81, 0x5050a0f0, 0x3c3c7844,
+            0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe, 0x404080c0,
+            0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104,
+            0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030,
+            0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814,
+            0x13132635, 0xececc32f, 0x5f5fbee1, 0x979735a2, 0x444488cc,
+            0x17172e39, 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47,
+            0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695, 0x6060c0a0,
+            0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e,
+            0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3,
+            0x1414283c, 0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76,
+            0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e, 0x494992db,
+            0x06060c0a, 0x2424486c, 0x5c5cb8e4, 0xc2c29f5d, 0xd3d3bd6e,
+            0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4, 0xe4e4d337,
+            0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7,
+            0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4,
+            0x5656acfa, 0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e,
+            0xaeae47e9, 0x08081018, 0xbaba6fd5, 0x7878f088, 0x25254a6f,
+            0x2e2e5c72, 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751,
+            0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21, 0x4b4b96dd,
+            0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42,
+            0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701,
+            0x0e0e1c12, 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0,
+            0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938,
+            0xf8f8eb13, 0x98982bb3, 0x11112233, 0x6969d2bb, 0xd9d9a970,
+            0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22, 0x87871592,
+            0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a,
+            0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da,
+            0xe6e6d731, 0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0,
+            0x2d2d5a77, 0x0f0f1e11, 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6,
+            0x16162c3a
+        };
+
+        private static readonly uint[] T2 =
+        {
+            0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2,
+            0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301,
+            0x67cea967, 0x2b567d2b, 0xfee719fe, 0xd7b562d7, 0xab4de6ab,
+            0x76ec9a76, 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d,
+            0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0, 0xad41ecad,
+            0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4,
+            0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93,
+            0x264c6a26, 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc,
+            0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1, 0x71e29371,
+            0xd8ab73d8, 0x31625331, 0x152a3f15, 0x04080c04, 0xc79552c7,
+            0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196, 0x050a0f05,
+            0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2,
+            0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09,
+            0x831d9e83, 0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e,
+            0x5ab4ee5a, 0xa05bfba0, 0x52a4f652, 0x3b764d3b, 0xd6b761d6,
+            0xb37dceb3, 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784,
+            0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced, 0x20406020,
+            0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb,
+            0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858,
+            0xcf854acf, 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb,
+            0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485, 0x458acf45,
+            0xf9e910f9, 0x02040602, 0x7ffe817f, 0x50a0f050, 0x3c78443c,
+            0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3, 0x4080c040,
+            0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5,
+            0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010,
+            0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c,
+            0x13263513, 0xecc32fec, 0x5fbee15f, 0x9735a297, 0x4488cc44,
+            0x172e3917, 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d,
+            0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573, 0x60c0a060,
+            0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a,
+            0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8,
+            0x14283c14, 0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db,
+            0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a, 0x4992db49,
+            0x060c0a06, 0x24486c24, 0x5cb8e45c, 0xc29f5dc2, 0xd3bd6ed3,
+            0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495, 0xe4d337e4,
+            0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d,
+            0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c,
+            0x56acfa56, 0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a,
+            0xae47e9ae, 0x08101808, 0xba6fd5ba, 0x78f08878, 0x254a6f25,
+            0x2e5c722e, 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6,
+            0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f, 0x4b96dd4b,
+            0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e,
+            0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6,
+            0x0e1c120e, 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9,
+            0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e, 0xe1d938e1,
+            0xf8eb13f8, 0x982bb398, 0x11223311, 0x69d2bb69, 0xd9a970d9,
+            0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e, 0x87159287,
+            0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf,
+            0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf,
+            0xe6d731e6, 0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099,
+            0x2d5a772d, 0x0f1e110f, 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb,
+            0x162c3a16
+        };
+
+        private static readonly uint[] T3 =
+        {
+            0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2,
+            0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101,
+            0xcea96767, 0x567d2b2b, 0xe719fefe, 0xb562d7d7, 0x4de6abab,
+            0xec9a7676, 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d,
+            0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0, 0x41ecadad,
+            0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4,
+            0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393,
+            0x4c6a2626, 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc,
+            0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1, 0xe2937171,
+            0xab73d8d8, 0x62533131, 0x2a3f1515, 0x080c0404, 0x9552c7c7,
+            0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696, 0x0a0f0505,
+            0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2,
+            0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909,
+            0x1d9e8383, 0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e,
+            0xb4ee5a5a, 0x5bfba0a0, 0xa4f65252, 0x764d3b3b, 0xb761d6d6,
+            0x7dceb3b3, 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484,
+            0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded, 0x40602020,
+            0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb,
+            0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858,
+            0x854acfcf, 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb,
+            0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585, 0x8acf4545,
+            0xe910f9f9, 0x04060202, 0xfe817f7f, 0xa0f05050, 0x78443c3c,
+            0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3, 0x80c04040,
+            0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5,
+            0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010,
+            0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c,
+            0x26351313, 0xc32fecec, 0xbee15f5f, 0x35a29797, 0x88cc4444,
+            0x2e391717, 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d,
+            0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373, 0xc0a06060,
+            0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a,
+            0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8,
+            0x283c1414, 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb,
+            0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a, 0x92db4949,
+            0x0c0a0606, 0x486c2424, 0xb8e45c5c, 0x9f5dc2c2, 0xbd6ed3d3,
+            0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595, 0xd337e4e4,
+            0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d,
+            0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c,
+            0xacfa5656, 0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a,
+            0x47e9aeae, 0x10180808, 0x6fd5baba, 0xf0887878, 0x4a6f2525,
+            0x5c722e2e, 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6,
+            0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f, 0x96dd4b4b,
+            0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e,
+            0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6,
+            0x1c120e0e, 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9,
+            0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e, 0xd938e1e1,
+            0xeb13f8f8, 0x2bb39898, 0x22331111, 0xd2bb6969, 0xa970d9d9,
+            0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e, 0x15928787,
+            0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf,
+            0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf,
+            0xd731e6e6, 0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999,
+            0x5a772d2d, 0x1e110f0f, 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb,
+            0x2c3a1616
+        };
+
+        private static readonly uint[] Tinv0 =
+        {
+            0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b,
+            0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad,
+            0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526,
+            0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d,
+            0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03,
+            0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458,
+            0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899,
+            0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d,
+            0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1,
+            0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f,
+            0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3,
+            0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3,
+            0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a,
+            0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506,
+            0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05,
+            0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd,
+            0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491,
+            0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6,
+            0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7,
+            0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000,
+            0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd,
+            0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68,
+            0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4,
+            0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c,
+            0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e,
+            0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af,
+            0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644,
+            0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8,
+            0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85,
+            0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc,
+            0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411,
+            0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322,
+            0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6,
+            0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850,
+            0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e,
+            0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf,
+            0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd,
+            0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa,
+            0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea,
+            0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235,
+            0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1,
+            0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43,
+            0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1,
+            0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb,
+            0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a,
+            0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7,
+            0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418,
+            0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478,
+            0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16,
+            0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08,
+            0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48,
+            0x4257b8d0
+        };
+
+        private static readonly uint[] Tinv1 =
+        {
+            0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb,
+            0x459d1ff1, 0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6,
+            0x76cc8891, 0x4c02f525, 0xd7e54ffc, 0xcb2ac5d7, 0x44352680,
+            0xa362b58f, 0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1,
+            0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6, 0x5f8f03e7,
+            0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3,
+            0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b,
+            0x71b927dd, 0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4,
+            0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245, 0x7764b1e0,
+            0xae6bbb84, 0xa081fe1c, 0x2b08f994, 0x68487058, 0xfd458f19,
+            0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2, 0x8f1fe357,
+            0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5,
+            0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b,
+            0xb479a792, 0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5,
+            0x6234d11f, 0xfea6c48a, 0x532e349d, 0x55f3a2a0, 0xe18a0532,
+            0xebf6a475, 0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51,
+            0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46, 0x8d5491b5,
+            0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697,
+            0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738,
+            0xeec879db, 0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000,
+            0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e, 0xff0efdfb,
+            0x38850f56, 0xd5ae3d1e, 0x392d3627, 0xd90f0a64, 0xa65c6821,
+            0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f, 0x96eeb4d2,
+            0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16,
+            0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b,
+            0xc78bf2ad, 0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c,
+            0xdd99eebb, 0x607fa3fd, 0x2601f79f, 0xf5725cbc, 0x3b6644c5,
+            0x7efb5b34, 0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863,
+            0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420, 0x244a857d,
+            0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3,
+            0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa,
+            0x64e94722, 0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef,
+            0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf,
+            0xde7aa528, 0x8eb7da26, 0xbfad3fa4, 0x9d3a2ce4, 0x9278500d,
+            0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8, 0xf7392e5e,
+            0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3,
+            0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09,
+            0x18596ef4, 0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e,
+            0xcfbc2108, 0xe815efe6, 0x9be7bad9, 0x366f4ace, 0x099fead4,
+            0x7cb029d6, 0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0,
+            0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315, 0x9804f14a,
+            0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d,
+            0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8,
+            0x5165467f, 0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e,
+            0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13, 0x61d79a8c,
+            0x0ca1377a, 0x14f8598e, 0x3c13eb89, 0x27a9ceee, 0xc961b735,
+            0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f, 0xce141879,
+            0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886,
+            0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672,
+            0x25e2bc0c, 0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de,
+            0xe4b4d89c, 0xc1566490, 0x84cb7b61, 0xb632d570, 0x5c6c4874,
+            0x57b8d042
+        };
+
+        private static readonly uint[] Tinv2 =
+        {
+            0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b,
+            0x9d1ff145, 0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d,
+            0xcc889176, 0x02f5254c, 0xe54ffcd7, 0x2ac5d7cb, 0x35268044,
+            0x62b58fa3, 0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0,
+            0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9, 0x8f03e75f,
+            0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321,
+            0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e,
+            0xb927dd71, 0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a,
+            0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f, 0x64b1e077,
+            0x6bbb84ae, 0x81fe1ca0, 0x08f9942b, 0x48705868, 0x458f19fd,
+            0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202, 0x1fe3578f,
+            0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508,
+            0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c,
+            0x79a792b4, 0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be,
+            0x34d11f62, 0xa6c48afe, 0x2e349d53, 0xf3a2a055, 0x8a0532e1,
+            0xf6a475eb, 0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110,
+            0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd, 0x5491b58d,
+            0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9,
+            0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b,
+            0xc879dbee, 0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000,
+            0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72, 0x0efdfbff,
+            0x850f5638, 0xae3d1ed5, 0x2d362739, 0x0f0a64d9, 0x5c6821a6,
+            0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7, 0xeeb4d296,
+            0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a,
+            0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d,
+            0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07,
+            0x99eebbdd, 0x7fa3fd60, 0x01f79f26, 0x725cbcf5, 0x6644c53b,
+            0xfb5b347e, 0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1,
+            0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011, 0x4a857d24,
+            0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330,
+            0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48,
+            0xe9472264, 0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90,
+            0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b, 0xf5a6cf81,
+            0x7aa528de, 0xb7da268e, 0xad3fa4bf, 0x3a2ce49d, 0x78500d92,
+            0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8, 0x392e5ef7,
+            0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312,
+            0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978,
+            0x596ef418, 0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6,
+            0xbc2108cf, 0x15efe6e8, 0xe7bad99b, 0x6f4ace36, 0x9fead409,
+            0xb029d67c, 0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066,
+            0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8, 0x04f14a98,
+            0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0,
+            0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f,
+            0x65467f51, 0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41,
+            0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347, 0xd79a8c61,
+            0xa1377a0c, 0xf8598e14, 0x13eb893c, 0xa9ceee27, 0x61b735c9,
+            0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73, 0x141879ce,
+            0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db,
+            0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3,
+            0xe2bc0c25, 0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3,
+            0xb4d89ce4, 0x566490c1, 0xcb7b6184, 0x32d570b6, 0x6c48745c,
+            0xb8d04257
+        };
+
+        private static readonly uint[] Tinv3 =
+        {
+            0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab,
+            0x1ff1459d, 0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76,
+            0x889176cc, 0xf5254c02, 0x4ffcd7e5, 0xc5d7cb2a, 0x26804435,
+            0xb58fa362, 0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe,
+            0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3, 0x03e75f8f,
+            0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174,
+            0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58,
+            0x27dd71b9, 0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace,
+            0x63184adf, 0xe582311a, 0x97603351, 0x62457f53, 0xb1e07764,
+            0xbb84ae6b, 0xfe1ca081, 0xf9942b08, 0x70586848, 0x8f19fd45,
+            0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b, 0xe3578f1f,
+            0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837,
+            0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf,
+            0xa792b479, 0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05,
+            0xd11f6234, 0xc48afea6, 0x349d532e, 0xa2a055f3, 0x0532e18a,
+            0xa475ebf6, 0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e,
+            0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6, 0x91b58d54,
+            0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd,
+            0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19,
+            0x79dbeec8, 0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000,
+            0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a, 0xfdfbff0e,
+            0x0f563885, 0x3d1ed5ae, 0x3627392d, 0x0a64d90f, 0x6821a65c,
+            0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757, 0xb4d296ee,
+            0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12,
+            0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09,
+            0xf2adc78b, 0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775,
+            0xeebbdd99, 0xa3fd607f, 0xf79f2601, 0x5cbcf572, 0x44c53b66,
+            0x5b347efb, 0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4,
+            0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6, 0x857d244a,
+            0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2,
+            0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894,
+            0x472264e9, 0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033,
+            0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4, 0xa6cf81f5,
+            0xa528de7a, 0xda268eb7, 0x3fa4bfad, 0x2ce49d3a, 0x500d9278,
+            0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8, 0x2e5ef739,
+            0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225,
+            0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826,
+            0x6ef41859, 0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff,
+            0x2108cfbc, 0xefe6e815, 0xbad99be7, 0x4ace366f, 0xead4099f,
+            0x29d67cb0, 0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2,
+            0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7, 0xf14a9804,
+            0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef,
+            0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c,
+            0x467f5165, 0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b,
+            0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6, 0x9a8c61d7,
+            0x377a0ca1, 0x598e14f8, 0xeb893c13, 0xceee27a9, 0xb735c961,
+            0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2, 0x1879ce14,
+            0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44,
+            0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d,
+            0xbc0c25e2, 0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c,
+            0xd89ce4b4, 0x6490c156, 0x7b6184cb, 0xd570b632, 0x48745c6c,
+            0xd04257b8
+        };
+
+        private static uint Shift(uint r, int shift)
+        {
+            return (r >> shift) | (r << (32 - shift));
+        }
+
+        /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+        private const uint m1 = 0x80808080;
+        private const uint m2 = 0x7f7f7f7f;
+        private const uint m3 = 0x0000001b;
+        private const uint m4 = 0xC0C0C0C0;
+        private const uint m5 = 0x3f3f3f3f;
+
+        private static uint FFmulX(uint x)
+        {
+            return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3);
+        }
+
+        private static uint FFmulX2(uint x)
+        {
+            uint t0  = (x & m5) << 2;
+            uint t1  = (x & m4);
+                 t1 ^= (t1 >> 1);
+            return t0 ^ (t1 >> 2) ^ (t1 >> 5);
+        }
+
+        /*
+        The following defines provide alternative definitions of FFmulX that might
+        give improved performance if a fast 32-bit multiply is not available.
+
+        private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); }
+        private static final int  m4 = 0x1b1b1b1b;
+        private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); }
+
+        */
+
+        private static uint Inv_Mcol(uint x)
+        {
+            uint t0, t1;
+            t0  = x;
+            t1  = t0 ^ Shift(t0, 8);
+            t0 ^= FFmulX(t1);
+            t1 ^= FFmulX2(t0);
+            t0 ^= t1 ^ Shift(t1, 16);
+            return t0;
+        }
+
+        private static uint SubWord(uint x)
+        {
+            return (uint)S[x&255]
+                | (((uint)S[(x>>8)&255]) << 8)
+                | (((uint)S[(x>>16)&255]) << 16)
+                | (((uint)S[(x>>24)&255]) << 24);
+        }
+
+        /**
+        * Calculate the necessary round keys
+        * The number of calculations depends on key size and block size
+        * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
+        * This code is written assuming those are the only possible values
+        */
+        private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption)
+        {
+            int keyLen = key.Length;
+            if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
+                throw new ArgumentException("Key length not 128/192/256 bits.");
+
+            int KC = keyLen >> 2;
+            this.ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
+
+            uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block
+            for (int i = 0; i <= ROUNDS; ++i)
+            {
+                W[i] = new uint[4];
+            }
+
+            switch (KC)
+            {
+            case 4:
+            {
+                uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+
+                for (int i = 1; i <= 10; ++i)
+                {
+                    uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1];
+                    t0 ^= u;  W[i][0] = t0;
+                    t1 ^= t0; W[i][1] = t1;
+                    t2 ^= t1; W[i][2] = t2;
+                    t3 ^= t2; W[i][3] = t3;
+                }
+
+                break;
+            }
+            case 6:
+            {
+                uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+
+                uint rcon = 1;
+                uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[1][2] = t0;
+                t1 ^= t0; W[1][3] = t1;
+                t2 ^= t1; W[2][0] = t2;
+                t3 ^= t2; W[2][1] = t3;
+                t4 ^= t3; W[2][2] = t4;
+                t5 ^= t4; W[2][3] = t5;
+
+                for (int i = 3; i < 12; i += 3)
+                {
+                    u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                    t0 ^= u;  W[i    ][0] = t0;
+                    t1 ^= t0; W[i    ][1] = t1;
+                    t2 ^= t1; W[i    ][2] = t2;
+                    t3 ^= t2; W[i    ][3] = t3;
+                    t4 ^= t3; W[i + 1][0] = t4;
+                    t5 ^= t4; W[i + 1][1] = t5;
+                    u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                    t0 ^= u;  W[i + 1][2] = t0;
+                    t1 ^= t0; W[i + 1][3] = t1;
+                    t2 ^= t1; W[i + 2][0] = t2;
+                    t3 ^= t2; W[i + 2][1] = t3;
+                    t4 ^= t3; W[i + 2][2] = t4;
+                    t5 ^= t4; W[i + 2][3] = t5;
+                }
+
+                u = SubWord(Shift(t5, 8)) ^ rcon;
+                t0 ^= u;  W[12][0] = t0;
+                t1 ^= t0; W[12][1] = t1;
+                t2 ^= t1; W[12][2] = t2;
+                t3 ^= t2; W[12][3] = t3;
+
+                break;
+            }
+            case 8:
+            {
+                uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+                uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6;
+                uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7;
+
+                uint u, rcon = 1;
+
+                for (int i = 2; i < 14; i += 2)
+                {
+                    u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1;
+                    t0 ^= u;  W[i    ][0] = t0;
+                    t1 ^= t0; W[i    ][1] = t1;
+                    t2 ^= t1; W[i    ][2] = t2;
+                    t3 ^= t2; W[i    ][3] = t3;
+                    u = SubWord(t3);
+                    t4 ^= u;  W[i + 1][0] = t4;
+                    t5 ^= t4; W[i + 1][1] = t5;
+                    t6 ^= t5; W[i + 1][2] = t6;
+                    t7 ^= t6; W[i + 1][3] = t7;
+                }
+
+                u = SubWord(Shift(t7, 8)) ^ rcon;
+                t0 ^= u;  W[14][0] = t0;
+                t1 ^= t0; W[14][1] = t1;
+                t2 ^= t1; W[14][2] = t2;
+                t3 ^= t2; W[14][3] = t3;
+
+                break;
+            }
+            default:
+            {
+                throw new InvalidOperationException("Should never get here");
+            }
+            }
+
+            if (!forEncryption)
+            {
+                for (int j = 1; j < ROUNDS; j++)
+                {
+                    uint[] w = W[j];
+                    for (int i = 0; i < 4; i++)
+                    {
+                        w[i] = Inv_Mcol(w[i]);
+                    }
+                }
+            }
+
+            return W;
+        }
+
+        private int ROUNDS;
+        private uint[][] WorkingKey;
+        private uint C0, C1, C2, C3;
+        private bool forEncryption;
+
+        private const int BLOCK_SIZE = 16;
+
+        /**
+        * default constructor - 128 bit block size.
+        */
+        public AesFastEngine()
+        {
+        }
+
+        /**
+        * initialise an AES cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            KeyParameter keyParameter = parameters as KeyParameter;
+
+            if (keyParameter == null)
+                throw new ArgumentException("invalid parameter passed to AES init - "
+                    + Platform.GetTypeName(parameters));
+
+            WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption);
+
+            this.forEncryption = forEncryption;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "AES"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[] input,
+            int inOff,
+            byte[] output,
+            int outOff)
+        {
+            if (WorkingKey == null)
+                throw new InvalidOperationException("AES engine not initialised");
+
+            Check.DataLength(input, inOff, 16, "input buffer too short");
+            Check.OutputLength(output, outOff, 16, "output buffer too short");
+
+            UnPackBlock(input, inOff);
+
+            if (forEncryption)
+            {
+                EncryptBlock(WorkingKey);
+            }
+            else
+            {
+                DecryptBlock(WorkingKey);
+            }
+
+            PackBlock(output, outOff);
+
+            return BLOCK_SIZE;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        private void UnPackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            C0 = Pack.LE_To_UInt32(bytes, off);
+            C1 = Pack.LE_To_UInt32(bytes, off + 4);
+            C2 = Pack.LE_To_UInt32(bytes, off + 8);
+            C3 = Pack.LE_To_UInt32(bytes, off + 12);
+        }
+
+        private void PackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            Pack.UInt32_To_LE(C0, bytes, off);
+            Pack.UInt32_To_LE(C1, bytes, off + 4);
+            Pack.UInt32_To_LE(C2, bytes, off + 8);
+            Pack.UInt32_To_LE(C3, bytes, off + 12);
+        }
+
+        private void EncryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[0];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = 1;
+            while (r < ROUNDS - 1)
+            {
+                kw = KW[r++];
+                r0 = T0[t0 & 255] ^ T1[(t1 >> 8) & 255] ^ T2[(t2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0];
+                r1 = T0[t1 & 255] ^ T1[(t2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[t0 >> 24] ^ kw[1];
+                r2 = T0[t2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(t0 >> 16) & 255] ^ T3[t1 >> 24] ^ kw[2];
+                r3 = T0[r3 & 255] ^ T1[(t0 >> 8) & 255] ^ T2[(t1 >> 16) & 255] ^ T3[t2 >> 24] ^ kw[3];
+                kw = KW[r++];
+                t0 = T0[r0 & 255] ^ T1[(r1 >> 8) & 255] ^ T2[(r2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0];
+                t1 = T0[r1 & 255] ^ T1[(r2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[r0 >> 24] ^ kw[1];
+                t2 = T0[r2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(r0 >> 16) & 255] ^ T3[r1 >> 24] ^ kw[2];
+                r3 = T0[r3 & 255] ^ T1[(r0 >> 8) & 255] ^ T2[(r1 >> 16) & 255] ^ T3[r2 >> 24] ^ kw[3];
+            }
+
+            kw = KW[r++];
+            r0 = T0[t0 & 255] ^ T1[(t1 >> 8) & 255] ^ T2[(t2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0];
+            r1 = T0[t1 & 255] ^ T1[(t2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[t0 >> 24] ^ kw[1];
+            r2 = T0[t2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(t0 >> 16) & 255] ^ T3[t1 >> 24] ^ kw[2];
+            r3 = T0[r3 & 255] ^ T1[(t0 >> 8) & 255] ^ T2[(t1 >> 16) & 255] ^ T3[t2 >> 24] ^ kw[3];
+
+            // the final round's table is a simple function of S so we don't use a whole other four tables for it
+
+            kw = KW[r];
+            this.C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[r3 >> 24]) << 24) ^ kw[0];
+            this.C1 = (uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[r0 >> 24]) << 24) ^ kw[1];
+            this.C2 = (uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[r1 >> 24]) << 24) ^ kw[2];
+            this.C3 = (uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[r2 >> 24]) << 24) ^ kw[3];
+        }
+
+        private void DecryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[ROUNDS];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = ROUNDS - 1;
+            while (r > 1)
+            {
+                kw = KW[r--];
+                r0 = Tinv0[t0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(t2 >> 16) & 255] ^ Tinv3[t1 >> 24] ^ kw[0];
+                r1 = Tinv0[t1 & 255] ^ Tinv1[(t0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[t2 >> 24] ^ kw[1];
+                r2 = Tinv0[t2 & 255] ^ Tinv1[(t1 >> 8) & 255] ^ Tinv2[(t0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2];
+                r3 = Tinv0[r3 & 255] ^ Tinv1[(t2 >> 8) & 255] ^ Tinv2[(t1 >> 16) & 255] ^ Tinv3[t0 >> 24] ^ kw[3];
+                kw = KW[r--];
+                t0 = Tinv0[r0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(r2 >> 16) & 255] ^ Tinv3[r1 >> 24] ^ kw[0];
+                t1 = Tinv0[r1 & 255] ^ Tinv1[(r0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[r2 >> 24] ^ kw[1];
+                t2 = Tinv0[r2 & 255] ^ Tinv1[(r1 >> 8) & 255] ^ Tinv2[(r0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2];
+                r3 = Tinv0[r3 & 255] ^ Tinv1[(r2 >> 8) & 255] ^ Tinv2[(r1 >> 16) & 255] ^ Tinv3[r0 >> 24] ^ kw[3];
+            }
+
+            kw = KW[1];
+            r0 = Tinv0[t0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(t2 >> 16) & 255] ^ Tinv3[t1 >> 24] ^ kw[0];
+            r1 = Tinv0[t1 & 255] ^ Tinv1[(t0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[t2 >> 24] ^ kw[1];
+            r2 = Tinv0[t2 & 255] ^ Tinv1[(t1 >> 8) & 255] ^ Tinv2[(t0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2];
+            r3 = Tinv0[r3 & 255] ^ Tinv1[(t2 >> 8) & 255] ^ Tinv2[(t1 >> 16) & 255] ^ Tinv3[t0 >> 24] ^ kw[3];
+
+            // the final round's table is a simple function of Si so we don't use a whole other four tables for it
+
+            kw = KW[0];
+            this.C0 = (uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[r1 >> 24]) << 24) ^ kw[0];
+            this.C1 = (uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)Si[r2 >> 24]) << 24) ^ kw[1];
+            this.C2 = (uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)Si[r3 >> 24]) << 24) ^ kw[2];
+            this.C3 = (uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ (((uint)Si[r0 >> 24]) << 24) ^ kw[3];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/AesLightEngine.cs b/bc-sharp-crypto/src/crypto/engines/AesLightEngine.cs
new file mode 100644
index 0000000..9cc9c34
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/AesLightEngine.cs
@@ -0,0 +1,504 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * an implementation of the AES (Rijndael), from FIPS-197.
+    * <p>
+    * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
+    *
+    * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
+    * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+    *
+    * There are three levels of tradeoff of speed vs memory
+    * Because java has no preprocessor, they are written as three separate classes from which to choose
+    *
+    * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
+    * and 4 for decryption.
+    *
+    * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
+    * adding 12 rotate operations per round to compute the values contained in the other tables from
+    * the contents of the first
+    *
+    * The slowest version uses no static tables at all and computes the values
+    * in each round.
+    * </p>
+    * <p>
+    * This file contains the slowest performance version with no static tables
+    * for round precomputation, but it has the smallest foot print.
+    * </p>
+    */
+    public class AesLightEngine
+        : IBlockCipher
+    {
+        // The S box
+        private static readonly byte[] S =
+        {
+            99, 124, 119, 123, 242, 107, 111, 197,
+            48,   1, 103,  43, 254, 215, 171, 118,
+            202, 130, 201, 125, 250,  89,  71, 240,
+            173, 212, 162, 175, 156, 164, 114, 192,
+            183, 253, 147,  38,  54,  63, 247, 204,
+            52, 165, 229, 241, 113, 216,  49,  21,
+            4, 199,  35, 195,  24, 150,   5, 154,
+            7,  18, 128, 226, 235,  39, 178, 117,
+            9, 131,  44,  26,  27, 110,  90, 160,
+            82,  59, 214, 179,  41, 227,  47, 132,
+            83, 209,   0, 237,  32, 252, 177,  91,
+            106, 203, 190,  57,  74,  76,  88, 207,
+            208, 239, 170, 251,  67,  77,  51, 133,
+            69, 249,   2, 127,  80,  60, 159, 168,
+            81, 163,  64, 143, 146, 157,  56, 245,
+            188, 182, 218,  33,  16, 255, 243, 210,
+            205,  12,  19, 236,  95, 151,  68,  23,
+            196, 167, 126,  61, 100,  93,  25, 115,
+            96, 129,  79, 220,  34,  42, 144, 136,
+            70, 238, 184,  20, 222,  94,  11, 219,
+            224,  50,  58,  10,  73,   6,  36,  92,
+            194, 211, 172,  98, 145, 149, 228, 121,
+            231, 200,  55, 109, 141, 213,  78, 169,
+            108,  86, 244, 234, 101, 122, 174,   8,
+            186, 120,  37,  46,  28, 166, 180, 198,
+            232, 221, 116,  31,  75, 189, 139, 138,
+            112,  62, 181, 102,  72,   3, 246,  14,
+            97,  53,  87, 185, 134, 193,  29, 158,
+            225, 248, 152,  17, 105, 217, 142, 148,
+            155,  30, 135, 233, 206,  85,  40, 223,
+            140, 161, 137,  13, 191, 230,  66, 104,
+            65, 153,  45,  15, 176,  84, 187,  22,
+        };
+
+        // The inverse S-box
+        private static readonly byte[] Si =
+        {
+            82,   9, 106, 213,  48,  54, 165,  56,
+            191,  64, 163, 158, 129, 243, 215, 251,
+            124, 227,  57, 130, 155,  47, 255, 135,
+            52, 142,  67,  68, 196, 222, 233, 203,
+            84, 123, 148,  50, 166, 194,  35,  61,
+            238,  76, 149,  11,  66, 250, 195,  78,
+            8,  46, 161, 102,  40, 217,  36, 178,
+            118,  91, 162,  73, 109, 139, 209,  37,
+            114, 248, 246, 100, 134, 104, 152,  22,
+            212, 164,  92, 204,  93, 101, 182, 146,
+            108, 112,  72,  80, 253, 237, 185, 218,
+            94,  21,  70,  87, 167, 141, 157, 132,
+            144, 216, 171,   0, 140, 188, 211,  10,
+            247, 228,  88,   5, 184, 179,  69,   6,
+            208,  44,  30, 143, 202,  63,  15,   2,
+            193, 175, 189,   3,   1,  19, 138, 107,
+            58, 145,  17,  65,  79, 103, 220, 234,
+            151, 242, 207, 206, 240, 180, 230, 115,
+            150, 172, 116,  34, 231, 173,  53, 133,
+            226, 249,  55, 232,  28, 117, 223, 110,
+            71, 241,  26, 113,  29,  41, 197, 137,
+            111, 183,  98,  14, 170,  24, 190,  27,
+            252,  86,  62,  75, 198, 210, 121,  32,
+            154, 219, 192, 254, 120, 205,  90, 244,
+            31, 221, 168,  51, 136,   7, 199,  49,
+            177,  18,  16,  89,  39, 128, 236,  95,
+            96,  81, 127, 169,  25, 181,  74,  13,
+            45, 229, 122, 159, 147, 201, 156, 239,
+            160, 224,  59,  77, 174,  42, 245, 176,
+            200, 235, 187,  60, 131,  83, 153,  97,
+            23,  43,   4, 126, 186, 119, 214,  38,
+            225, 105,  20,  99,  85,  33,  12, 125,
+        };
+
+        // vector used in calculating key schedule (powers of x in GF(256))
+        private static readonly byte[] rcon =
+        {
+            0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+            0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
+        };
+
+        private static uint Shift(uint r, int shift)
+        {
+            return (r >> shift) | (r << (32 - shift));
+        }
+
+        /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+        private const uint m1 = 0x80808080;
+        private const uint m2 = 0x7f7f7f7f;
+        private const uint m3 = 0x0000001b;
+        private const uint m4 = 0xC0C0C0C0;
+        private const uint m5 = 0x3f3f3f3f;
+
+        private static uint FFmulX(uint x)
+        {
+            return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3);
+        }
+
+        private static uint FFmulX2(uint x)
+        {
+            uint t0  = (x & m5) << 2;
+            uint t1  = (x & m4);
+                 t1 ^= (t1 >> 1);
+            return t0 ^ (t1 >> 2) ^ (t1 >> 5);
+        }
+
+        /*
+        The following defines provide alternative definitions of FFmulX that might
+        give improved performance if a fast 32-bit multiply is not available.
+
+        private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); }
+        private static final int  m4 = 0x1b1b1b1b;
+        private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); }
+
+        */
+
+        private static uint Mcol(uint x)
+        {
+            uint t0, t1;
+            t0 = Shift(x, 8);
+            t1 = x ^ t0;
+            return Shift(t1, 16) ^ t0 ^ FFmulX(t1);
+        }
+
+        private static uint Inv_Mcol(uint x)
+        {
+            uint t0, t1;
+            t0  = x;
+            t1  = t0 ^ Shift(t0, 8);
+            t0 ^= FFmulX(t1);
+            t1 ^= FFmulX2(t0);
+            t0 ^= t1 ^ Shift(t1, 16);
+            return t0;
+        }
+
+        private static uint SubWord(uint x)
+        {
+            return (uint)S[x&255]
+                | (((uint)S[(x>>8)&255]) << 8)
+                | (((uint)S[(x>>16)&255]) << 16)
+                | (((uint)S[(x>>24)&255]) << 24);
+        }
+
+        /**
+        * Calculate the necessary round keys
+        * The number of calculations depends on key size and block size
+        * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
+        * This code is written assuming those are the only possible values
+        */
+        private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption)
+        {
+            int keyLen = key.Length;
+            if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
+                throw new ArgumentException("Key length not 128/192/256 bits.");
+
+            int KC = keyLen >> 2;
+            this.ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
+
+            uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block
+            for (int i = 0; i <= ROUNDS; ++i)
+            {
+                W[i] = new uint[4];
+            }
+
+            switch (KC)
+            {
+                case 4:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+
+                    for (int i = 1; i <= 10; ++i)
+                    {
+                        uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1];
+                        t0 ^= u;  W[i][0] = t0;
+                        t1 ^= t0; W[i][1] = t1;
+                        t2 ^= t1; W[i][2] = t2;
+                        t3 ^= t2; W[i][3] = t3;
+                    }
+
+                    break;
+                }
+                case 6:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                    uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                    uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+
+                    uint rcon = 1;
+                    uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                    t0 ^= u;  W[1][2] = t0;
+                    t1 ^= t0; W[1][3] = t1;
+                    t2 ^= t1; W[2][0] = t2;
+                    t3 ^= t2; W[2][1] = t3;
+                    t4 ^= t3; W[2][2] = t4;
+                    t5 ^= t4; W[2][3] = t5;
+
+                    for (int i = 3; i < 12; i += 3)
+                    {
+                        u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i    ][0] = t0;
+                        t1 ^= t0; W[i    ][1] = t1;
+                        t2 ^= t1; W[i    ][2] = t2;
+                        t3 ^= t2; W[i    ][3] = t3;
+                        t4 ^= t3; W[i + 1][0] = t4;
+                        t5 ^= t4; W[i + 1][1] = t5;
+                        u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i + 1][2] = t0;
+                        t1 ^= t0; W[i + 1][3] = t1;
+                        t2 ^= t1; W[i + 2][0] = t2;
+                        t3 ^= t2; W[i + 2][1] = t3;
+                        t4 ^= t3; W[i + 2][2] = t4;
+                        t5 ^= t4; W[i + 2][3] = t5;
+                    }
+
+                    u = SubWord(Shift(t5, 8)) ^ rcon;
+                    t0 ^= u;  W[12][0] = t0;
+                    t1 ^= t0; W[12][1] = t1;
+                    t2 ^= t1; W[12][2] = t2;
+                    t3 ^= t2; W[12][3] = t3;
+
+                    break;
+                }
+                case 8:
+                {
+                    uint t0 = Pack.LE_To_UInt32(key,  0); W[0][0] = t0;
+                    uint t1 = Pack.LE_To_UInt32(key,  4); W[0][1] = t1;
+                    uint t2 = Pack.LE_To_UInt32(key,  8); W[0][2] = t2;
+                    uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3;
+                    uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4;
+                    uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5;
+                    uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6;
+                    uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7;
+
+                    uint u, rcon = 1;
+
+                    for (int i = 2; i < 14; i += 2)
+                    {
+                        u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1;
+                        t0 ^= u;  W[i    ][0] = t0;
+                        t1 ^= t0; W[i    ][1] = t1;
+                        t2 ^= t1; W[i    ][2] = t2;
+                        t3 ^= t2; W[i    ][3] = t3;
+                        u = SubWord(t3);
+                        t4 ^= u;  W[i + 1][0] = t4;
+                        t5 ^= t4; W[i + 1][1] = t5;
+                        t6 ^= t5; W[i + 1][2] = t6;
+                        t7 ^= t6; W[i + 1][3] = t7;
+                    }
+
+                    u = SubWord(Shift(t7, 8)) ^ rcon;
+                    t0 ^= u;  W[14][0] = t0;
+                    t1 ^= t0; W[14][1] = t1;
+                    t2 ^= t1; W[14][2] = t2;
+                    t3 ^= t2; W[14][3] = t3;
+
+                    break;
+                }
+                default:
+                {
+                    throw new InvalidOperationException("Should never get here");
+                }
+            }
+
+            if (!forEncryption)
+            {
+                for (int j = 1; j < ROUNDS; j++)
+                {
+                    uint[] w = W[j];
+                    for (int i = 0; i < 4; i++)
+                    {
+                        w[i] = Inv_Mcol(w[i]);
+                    }
+                }
+            }
+
+            return W;
+        }
+
+        private int ROUNDS;
+        private uint[][] WorkingKey;
+        private uint C0, C1, C2, C3;
+        private bool forEncryption;
+
+        private const int BLOCK_SIZE = 16;
+
+        /**
+        * default constructor - 128 bit block size.
+        */
+        public AesLightEngine()
+        {
+        }
+
+        /**
+        * initialise an AES cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            KeyParameter keyParameter = parameters as KeyParameter;
+
+            if (keyParameter == null)
+                throw new ArgumentException("invalid parameter passed to AES init - "
+                    + Platform.GetTypeName(parameters));
+
+            WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption);
+
+            this.forEncryption = forEncryption;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "AES"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (WorkingKey == null)
+                throw new InvalidOperationException("AES engine not initialised");
+
+            Check.DataLength(input, inOff, 16, "input buffer too short");
+            Check.OutputLength(output, outOff, 16, "output buffer too short");
+
+            UnPackBlock(input, inOff);
+
+            if (forEncryption)
+            {
+                EncryptBlock(WorkingKey);
+            }
+            else
+            {
+                DecryptBlock(WorkingKey);
+            }
+
+            PackBlock(output, outOff);
+
+            return BLOCK_SIZE;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        private void UnPackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            C0 = Pack.LE_To_UInt32(bytes, off);
+            C1 = Pack.LE_To_UInt32(bytes, off + 4);
+            C2 = Pack.LE_To_UInt32(bytes, off + 8);
+            C3 = Pack.LE_To_UInt32(bytes, off + 12);
+        }
+
+        private void PackBlock(
+            byte[]	bytes,
+            int		off)
+        {
+            Pack.UInt32_To_LE(C0, bytes, off);
+            Pack.UInt32_To_LE(C1, bytes, off + 4);
+            Pack.UInt32_To_LE(C2, bytes, off + 8);
+            Pack.UInt32_To_LE(C3, bytes, off + 12);
+        }
+
+        private void EncryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[0];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = 1;
+            while (r < ROUNDS - 1)
+            {
+                kw = KW[r++];
+                r0 = Mcol((uint)S[t0 & 255] ^ (((uint)S[(t1 >> 8) & 255]) << 8) ^ (((uint)S[(t2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0];
+                r1 = Mcol((uint)S[t1 & 255] ^ (((uint)S[(t2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(t0 >> 24) & 255]) << 24)) ^ kw[1];
+                r2 = Mcol((uint)S[t2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(t0 >> 16) & 255]) << 16) ^ (((uint)S[(t1 >> 24) & 255]) << 24)) ^ kw[2];
+                r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(t0 >> 8) & 255]) << 8) ^ (((uint)S[(t1 >> 16) & 255]) << 16) ^ (((uint)S[(t2 >> 24) & 255]) << 24)) ^ kw[3];
+                kw = KW[r++];
+                t0 = Mcol((uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0];
+                t1 = Mcol((uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(r0 >> 24) & 255]) << 24)) ^ kw[1];
+                t2 = Mcol((uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24)) ^ kw[2];
+                r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24)) ^ kw[3];
+            }
+
+            kw = KW[r++];
+            r0 = Mcol((uint)S[t0 & 255] ^ (((uint)S[(t1 >> 8) & 255]) << 8) ^ (((uint)S[(t2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0];
+            r1 = Mcol((uint)S[t1 & 255] ^ (((uint)S[(t2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(t0 >> 24) & 255]) << 24)) ^ kw[1];
+            r2 = Mcol((uint)S[t2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(t0 >> 16) & 255]) << 16) ^ (((uint)S[(t1 >> 24) & 255]) << 24)) ^ kw[2];
+            r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(t0 >> 8) & 255]) << 8) ^ (((uint)S[(t1 >> 16) & 255]) << 16) ^ (((uint)S[(t2 >> 24) & 255]) << 24)) ^ kw[3];
+
+            // the final round is a simple function of S
+
+            kw = KW[r];
+            this.C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24) ^ kw[0];
+            this.C1 = (uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(r0 >> 24) & 255]) << 24) ^ kw[1];
+            this.C2 = (uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24) ^ kw[2];
+            this.C3 = (uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24) ^ kw[3];
+        }
+
+        private void DecryptBlock(uint[][] KW)
+        {
+            uint[] kw = KW[ROUNDS];
+            uint t0 = this.C0 ^ kw[0];
+            uint t1 = this.C1 ^ kw[1];
+            uint t2 = this.C2 ^ kw[2];
+
+            uint r0, r1, r2, r3 = this.C3 ^ kw[3];
+            int r = ROUNDS - 1;
+            while (r > 1)
+            {
+                kw = KW[r--];
+                r0 = Inv_Mcol((uint)Si[t0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(t2 >> 16) & 255]) << 16) ^ ((uint)Si[(t1 >> 24) & 255] << 24)) ^ kw[0];
+                r1 = Inv_Mcol((uint)Si[t1 & 255] ^ (((uint)Si[(t0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(t2 >> 24) & 255] << 24)) ^ kw[1];
+                r2 = Inv_Mcol((uint)Si[t2 & 255] ^ (((uint)Si[(t1 >> 8) & 255]) << 8) ^ (((uint)Si[(t0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2];
+                r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(t2 >> 8) & 255]) << 8) ^ (((uint)Si[(t1 >> 16) & 255]) << 16) ^ ((uint)Si[(t0 >> 24) & 255] << 24)) ^ kw[3];
+                kw = KW[r--];
+                t0 = Inv_Mcol((uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ ((uint)Si[(r1 >> 24) & 255] << 24)) ^ kw[0];
+                t1 = Inv_Mcol((uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(r2 >> 24) & 255] << 24)) ^ kw[1];
+                t2 = Inv_Mcol((uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2];
+                r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ ((uint)Si[(r0 >> 24) & 255] << 24)) ^ kw[3];
+            }
+
+            kw = KW[1];
+            r0 = Inv_Mcol((uint)Si[t0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(t2 >> 16) & 255]) << 16) ^ ((uint)Si[(t1 >> 24) & 255] << 24)) ^ kw[0];
+            r1 = Inv_Mcol((uint)Si[t1 & 255] ^ (((uint)Si[(t0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(t2 >> 24) & 255] << 24)) ^ kw[1];
+            r2 = Inv_Mcol((uint)Si[t2 & 255] ^ (((uint)Si[(t1 >> 8) & 255]) << 8) ^ (((uint)Si[(t0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2];
+            r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(t2 >> 8) & 255]) << 8) ^ (((uint)Si[(t1 >> 16) & 255]) << 16) ^ ((uint)Si[(t0 >> 24) & 255] << 24)) ^ kw[3];
+
+            // the final round's table is a simple function of Si
+
+            kw = KW[0];
+            this.C0 = (uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[(r1 >> 24) & 255]) << 24) ^ kw[0];
+            this.C1 = (uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)Si[(r2 >> 24) & 255]) << 24) ^ kw[1];
+            this.C2 = (uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)Si[(r3 >> 24) & 255]) << 24) ^ kw[2];
+            this.C3 = (uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ (((uint)Si[(r0 >> 24) & 255]) << 24) ^ kw[3];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/AesWrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/AesWrapEngine.cs
new file mode 100644
index 0000000..1ce0154
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/AesWrapEngine.cs
@@ -0,0 +1,16 @@
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <remarks>
+	/// An implementation of the AES Key Wrapper from the NIST Key Wrap Specification.
+	/// <p/>
+	/// For further details see: <a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf">http://csrc.nist.gov/encryption/kms/key-wrap.pdf</a>.
+	/// </remarks>
+	public class AesWrapEngine
+		: Rfc3394WrapEngine
+	{
+		public AesWrapEngine()
+			: base(new AesEngine())
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/BlowfishEngine.cs b/bc-sharp-crypto/src/crypto/engines/BlowfishEngine.cs
new file mode 100644
index 0000000..e38f4e8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/BlowfishEngine.cs
@@ -0,0 +1,553 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * A class that provides Blowfish key encryption operations,
+    * such as encoding data and generating keys.
+    * All the algorithms herein are from Applied Cryptography
+    * and implement a simplified cryptography interface.
+    */
+    public sealed class BlowfishEngine
+		: IBlockCipher
+    {
+        private readonly static uint[] KP =
+		{
+			0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
+			0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
+			0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+			0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917,
+			0x9216D5D9, 0x8979FB1B
+		},
+		KS0 =
+		{
+			0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7,
+			0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99,
+			0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
+			0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E,
+			0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE,
+			0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
+			0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF,
+			0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E,
+			0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
+			0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440,
+			0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE,
+			0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
+			0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E,
+			0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677,
+			0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
+			0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032,
+			0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88,
+			0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
+			0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E,
+			0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0,
+			0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
+			0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98,
+			0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88,
+			0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
+			0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6,
+			0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D,
+			0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
+			0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7,
+			0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA,
+			0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
+			0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F,
+			0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09,
+			0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
+			0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB,
+			0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279,
+			0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
+			0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB,
+			0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82,
+			0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
+			0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573,
+			0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0,
+			0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
+			0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790,
+			0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8,
+			0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
+			0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0,
+			0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7,
+			0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
+			0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD,
+			0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1,
+			0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
+			0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9,
+			0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477,
+			0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
+			0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49,
+			0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF,
+			0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
+			0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5,
+			0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41,
+			0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
+			0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400,
+			0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915,
+			0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
+			0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A
+		},
+		KS1 =
+		{
+			0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623,
+			0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266,
+			0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
+			0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E,
+			0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6,
+			0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
+			0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E,
+			0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1,
+			0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
+			0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8,
+			0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF,
+			0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
+			0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701,
+			0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7,
+			0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
+			0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331,
+			0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF,
+			0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
+			0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E,
+			0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87,
+			0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
+			0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2,
+			0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16,
+			0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
+			0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B,
+			0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509,
+			0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
+			0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3,
+			0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F,
+			0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
+			0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4,
+			0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960,
+			0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
+			0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28,
+			0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802,
+			0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
+			0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510,
+			0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF,
+			0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
+			0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E,
+			0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50,
+			0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
+			0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8,
+			0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281,
+			0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
+			0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696,
+			0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128,
+			0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
+			0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0,
+			0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0,
+			0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
+			0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250,
+			0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3,
+			0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
+			0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00,
+			0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061,
+			0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
+			0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E,
+			0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735,
+			0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
+			0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9,
+			0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340,
+			0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
+			0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7
+		},
+		KS2 =
+		{
+			0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934,
+			0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068,
+			0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
+			0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840,
+			0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45,
+			0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
+			0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A,
+			0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB,
+			0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
+			0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6,
+			0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42,
+			0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
+			0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2,
+			0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB,
+			0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
+			0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B,
+			0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33,
+			0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
+			0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3,
+			0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC,
+			0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
+			0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564,
+			0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B,
+			0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
+			0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922,
+			0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728,
+			0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
+			0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E,
+			0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37,
+			0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
+			0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804,
+			0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B,
+			0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
+			0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB,
+			0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D,
+			0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
+			0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350,
+			0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9,
+			0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
+			0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE,
+			0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D,
+			0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
+			0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F,
+			0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61,
+			0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
+			0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9,
+			0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2,
+			0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
+			0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E,
+			0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633,
+			0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
+			0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169,
+			0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52,
+			0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
+			0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5,
+			0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62,
+			0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
+			0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76,
+			0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24,
+			0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
+			0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4,
+			0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C,
+			0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
+			0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0
+		},
+		KS3 =
+		{
+			0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B,
+			0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE,
+			0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
+			0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4,
+			0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8,
+			0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
+			0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304,
+			0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22,
+			0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
+			0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6,
+			0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9,
+			0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
+			0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593,
+			0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51,
+			0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
+			0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C,
+			0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B,
+			0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
+			0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C,
+			0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD,
+			0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
+			0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319,
+			0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB,
+			0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
+			0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991,
+			0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32,
+			0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
+			0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166,
+			0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE,
+			0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
+			0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5,
+			0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47,
+			0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
+			0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D,
+			0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84,
+			0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
+			0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8,
+			0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD,
+			0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
+			0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7,
+			0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38,
+			0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
+			0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C,
+			0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525,
+			0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
+			0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442,
+			0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964,
+			0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
+			0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8,
+			0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D,
+			0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
+			0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299,
+			0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02,
+			0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
+			0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614,
+			0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A,
+			0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
+			0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B,
+			0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0,
+			0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
+			0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E,
+			0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9,
+			0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
+			0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6
+		};
+
+        //====================================
+        // Useful constants
+        //====================================
+
+        private static readonly int    ROUNDS = 16;
+        private const int              BLOCK_SIZE = 8;  // bytes = 64 bits
+        private static readonly int    SBOX_SK = 256;
+        private static readonly int    P_SZ = ROUNDS+2;
+
+        private readonly uint[] S0, S1, S2, S3;     // the s-boxes
+        private readonly uint[] P;                  // the p-array
+
+        private bool encrypting;
+
+        private byte[] workingKey;
+
+        public BlowfishEngine()
+        {
+            S0 = new uint[SBOX_SK];
+            S1 = new uint[SBOX_SK];
+            S2 = new uint[SBOX_SK];
+            S3 = new uint[SBOX_SK];
+            P = new uint[P_SZ];
+        }
+
+        /**
+        * initialise a Blowfish cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool               forEncryption,
+            ICipherParameters  parameters)
+        {
+            if (!(parameters is KeyParameter))
+				throw new ArgumentException("invalid parameter passed to Blowfish init - " + Platform.GetTypeName(parameters));
+
+			this.encrypting = forEncryption;
+			this.workingKey = ((KeyParameter)parameters).GetKey();
+			SetKey(this.workingKey);
+        }
+
+		public string AlgorithmName
+        {
+            get { return "Blowfish"; }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+		public  int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("Blowfish not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (encrypting)
+            {
+                EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                DecryptBlock(input, inOff, output, outOff);
+            }
+
+            return BLOCK_SIZE;
+        }
+
+        public void Reset()
+        {
+        }
+
+        public int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        //==================================
+        // Private Implementation
+        //==================================
+
+        private uint F(uint x)
+        {
+            return (((S0[x >> 24] + S1[(x >> 16) & 0xff]) ^ S2[(x >> 8) & 0xff]) + S3[x & 0xff]);
+        }
+
+        /**
+        * apply the encryption cycle to each value pair in the table.
+        */
+        private void ProcessTable(
+            uint	xl,
+            uint	xr,
+            uint[]	table)
+        {
+            int size = table.Length;
+
+            for (int s = 0; s < size; s += 2)
+            {
+                xl ^= P[0];
+
+                for (int i = 1; i < ROUNDS; i += 2)
+                {
+                    xr ^= F(xl) ^ P[i];
+                    xl ^= F(xr) ^ P[i + 1];
+                }
+
+                xr ^= P[ROUNDS + 1];
+
+                table[s] = xr;
+                table[s + 1] = xl;
+
+                xr = xl;            // end of cycle swap
+                xl = table[s];
+            }
+        }
+
+        private void SetKey(byte[] key)
+        {
+            /*
+            * - comments are from _Applied Crypto_, Schneier, p338
+            * please be careful comparing the two, AC numbers the
+            * arrays from 1, the enclosed code from 0.
+            *
+            * (1)
+            * Initialise the S-boxes and the P-array, with a fixed string
+            * This string contains the hexadecimal digits of pi (3.141...)
+            */
+            Array.Copy(KS0, 0, S0, 0, SBOX_SK);
+            Array.Copy(KS1, 0, S1, 0, SBOX_SK);
+            Array.Copy(KS2, 0, S2, 0, SBOX_SK);
+            Array.Copy(KS3, 0, S3, 0, SBOX_SK);
+
+            Array.Copy(KP, 0, P, 0, P_SZ);
+
+            /*
+            * (2)
+            * Now, XOR P[0] with the first 32 bits of the key, XOR P[1] with the
+            * second 32-bits of the key, and so on for all bits of the key
+            * (up to P[17]).  Repeatedly cycle through the key bits until the
+            * entire P-array has been XOR-ed with the key bits
+            */
+            int keyLength = key.Length;
+            int keyIndex = 0;
+
+            for (int i=0; i < P_SZ; i++)
+            {
+                // Get the 32 bits of the key, in 4 * 8 bit chunks
+                uint data = 0x0000000;
+                for (int j=0; j < 4; j++)
+                {
+                    // create a 32 bit block
+                    data = (data << 8) | (uint)key[keyIndex++];
+
+                    // wrap when we get to the end of the key
+                    if (keyIndex >= keyLength)
+                    {
+                        keyIndex = 0;
+                    }
+                }
+                // XOR the newly created 32 bit chunk onto the P-array
+                P[i] ^= data;
+            }
+
+            /*
+            * (3)
+            * Encrypt the all-zero string with the Blowfish algorithm, using
+            * the subkeys described in (1) and (2)
+            *
+            * (4)
+            * Replace P1 and P2 with the output of step (3)
+            *
+            * (5)
+            * Encrypt the output of step(3) using the Blowfish algorithm,
+            * with the modified subkeys.
+            *
+            * (6)
+            * Replace P3 and P4 with the output of step (5)
+            *
+            * (7)
+            * Continue the process, replacing all elements of the P-array
+            * and then all four S-boxes in order, with the output of the
+            * continuously changing Blowfish algorithm
+            */
+
+            ProcessTable(0, 0, P);
+            ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S0);
+            ProcessTable(S0[SBOX_SK - 2], S0[SBOX_SK - 1], S1);
+            ProcessTable(S1[SBOX_SK - 2], S1[SBOX_SK - 1], S2);
+            ProcessTable(S2[SBOX_SK - 2], S2[SBOX_SK - 1], S3);
+        }
+
+        /**
+        * Encrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        * The input will be an exact multiple of our blocksize.
+        */
+        private void EncryptBlock(
+            byte[]  src,
+            int     srcIndex,
+            byte[]  dst,
+            int     dstIndex)
+        {
+            uint xl = Pack.BE_To_UInt32(src, srcIndex);
+            uint xr = Pack.BE_To_UInt32(src, srcIndex+4);
+
+            xl ^= P[0];
+
+            for (int i = 1; i < ROUNDS; i += 2)
+            {
+                xr ^= F(xl) ^ P[i];
+                xl ^= F(xr) ^ P[i + 1];
+            }
+
+            xr ^= P[ROUNDS + 1];
+
+            Pack.UInt32_To_BE(xr, dst, dstIndex);
+            Pack.UInt32_To_BE(xl, dst, dstIndex + 4);
+        }
+
+        /**
+        * Decrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        * The input will be an exact multiple of our blocksize.
+        */
+        private void DecryptBlock(
+            byte[] src,
+            int srcIndex,
+            byte[] dst,
+            int dstIndex)
+        {
+            uint xl = Pack.BE_To_UInt32(src, srcIndex);
+            uint xr = Pack.BE_To_UInt32(src, srcIndex + 4);
+
+            xl ^= P[ROUNDS + 1];
+
+            for (int i = ROUNDS; i > 0 ; i -= 2)
+            {
+                xr ^= F(xl) ^ P[i];
+                xl ^= F(xr) ^ P[i - 1];
+            }
+
+            xr ^= P[0];
+
+            Pack.UInt32_To_BE(xr, dst, dstIndex);
+            Pack.UInt32_To_BE(xl, dst, dstIndex + 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/CamelliaEngine.cs b/bc-sharp-crypto/src/crypto/engines/CamelliaEngine.cs
new file mode 100644
index 0000000..71bd1b0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/CamelliaEngine.cs
@@ -0,0 +1,668 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* Camellia - based on RFC 3713.
+	*/
+	public class CamelliaEngine
+		: IBlockCipher
+	{
+		private bool initialised = false;
+		private bool _keyIs128;
+
+		private const int BLOCK_SIZE = 16;
+
+		private uint[] subkey = new uint[24 * 4];
+		private uint[] kw = new uint[4 * 2]; // for whitening
+		private uint[] ke = new uint[6 * 2]; // for FL and FL^(-1)
+		private uint[] state = new uint[4]; // for encryption and decryption
+
+		private static readonly uint[] SIGMA = new uint[]{
+			0xa09e667f, 0x3bcc908b,
+			0xb67ae858, 0x4caa73b2,
+			0xc6ef372f, 0xe94f82be,
+			0x54ff53a5, 0xf1d36f1c,
+			0x10e527fa, 0xde682d1d,
+			0xb05688c2, 0xb3e6c1fd
+		};
+
+		/*
+		*
+		* S-box data
+		*
+		*/
+		private static readonly uint[] SBOX1_1110 = new uint[]{
+			0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
+			0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
+			0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
+			0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
+			0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
+			0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
+			0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
+			0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
+			0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
+			0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
+			0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
+			0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
+			0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
+			0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
+			0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
+			0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
+			0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
+			0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
+			0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
+			0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
+			0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
+			0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
+			0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
+			0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
+			0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
+			0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
+			0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
+			0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
+			0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
+			0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
+			0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
+			0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
+			0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
+			0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
+			0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
+			0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
+			0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
+			0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
+			0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
+			0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
+			0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
+			0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
+			0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00
+		};
+
+		private static readonly uint[] SBOX4_4404 = new uint[]{
+			0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
+			0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
+			0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
+			0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
+			0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
+			0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
+			0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
+			0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
+			0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
+			0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
+			0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
+			0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
+			0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
+			0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
+			0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
+			0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
+			0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
+			0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
+			0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
+			0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
+			0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
+			0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
+			0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
+			0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
+			0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
+			0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
+			0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
+			0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
+			0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
+			0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
+			0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
+			0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
+			0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
+			0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
+			0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
+			0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
+			0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
+			0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
+			0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
+			0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
+			0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
+			0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
+			0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e
+		};
+
+		private static readonly uint[] SBOX2_0222 = new uint[]{
+			0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
+			0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
+			0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
+			0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
+			0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
+			0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
+			0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
+			0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
+			0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
+			0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
+			0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
+			0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
+			0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
+			0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
+			0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
+			0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
+			0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
+			0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
+			0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
+			0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
+			0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
+			0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
+			0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
+			0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
+			0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
+			0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
+			0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
+			0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
+			0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
+			0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
+			0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
+			0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
+			0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
+			0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
+			0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
+			0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
+			0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
+			0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
+			0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
+			0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
+			0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
+			0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
+			0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d
+		};
+
+		private static readonly uint[] SBOX3_3033 = new uint[]{
+			0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
+			0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
+			0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
+			0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
+			0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
+			0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
+			0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
+			0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
+			0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
+			0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
+			0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
+			0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
+			0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
+			0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
+			0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
+			0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
+			0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
+			0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
+			0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
+			0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
+			0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
+			0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
+			0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
+			0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
+			0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
+			0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
+			0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
+			0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
+			0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
+			0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
+			0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
+			0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
+			0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
+			0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
+			0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
+			0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
+			0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
+			0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
+			0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
+			0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
+			0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
+			0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
+			0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f
+		};
+
+		private static uint rightRotate(uint x, int s)
+		{
+			return ((x >> s) + (x << (32 - s)));
+		}
+
+		private static uint leftRotate(uint x, int s)
+		{
+			return (x << s) + (x >> (32 - s));
+		}
+
+		private static void roldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot));
+			ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot));
+			ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot));
+			ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot));
+			ki[0 + ioff] = ko[0 + ooff];
+			ki[1 + ioff] = ko[1 + ooff];
+			ki[2 + ioff] = ko[2 + ooff];
+			ki[3 + ioff] = ko[3 + ooff];
+		}
+
+		private static void decroldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot));
+			ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot));
+			ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot));
+			ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot));
+			ki[0 + ioff] = ko[2 + ooff];
+			ki[1 + ioff] = ko[3 + ooff];
+			ki[2 + ioff] = ko[0 + ooff];
+			ki[3 + ioff] = ko[1 + ooff];
+		}
+
+		private static void roldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot));
+			ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot));
+			ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot));
+			ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot));
+			ki[0 + ioff] = ko[0 + ooff];
+			ki[1 + ioff] = ko[1 + ooff];
+			ki[2 + ioff] = ko[2 + ooff];
+			ki[3 + ioff] = ko[3 + ooff];
+		}
+
+		private static void decroldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot));
+			ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot));
+			ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot));
+			ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot));
+			ki[0 + ioff] = ko[2 + ooff];
+			ki[1 + ioff] = ko[3 + ooff];
+			ki[2 + ioff] = ko[0 + ooff];
+			ki[3 + ioff] = ko[1 + ooff];
+		}
+
+		private static uint bytes2uint(byte[] src, int offset)
+		{
+			uint word = 0;
+			for (int i = 0; i < 4; i++)
+			{
+				word = (word << 8) + (uint)src[i + offset];
+			}
+			return word;
+		}
+
+		private static void uint2bytes(uint word, byte[] dst, int offset)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				dst[(3 - i) + offset] = (byte)word;
+				word >>= 8;
+			}
+		}
+
+		private static void camelliaF2(uint[] s, uint[] skey, int keyoff)
+		{
+			uint t1, t2, u, v;
+
+			t1 = s[0] ^ skey[0 + keyoff];
+			u = SBOX4_4404[(byte)t1];
+			u ^= SBOX3_3033[(byte)(t1 >> 8)];
+			u ^= SBOX2_0222[(byte)(t1 >> 16)];
+			u ^= SBOX1_1110[(byte)(t1 >> 24)];
+			t2 = s[1] ^ skey[1 + keyoff];
+			v = SBOX1_1110[(byte)t2];
+			v ^= SBOX4_4404[(byte)(t2 >> 8)];
+			v ^= SBOX3_3033[(byte)(t2 >> 16)];
+			v ^= SBOX2_0222[(byte)(t2 >> 24)];
+
+			s[2] ^= u ^ v;
+			s[3] ^= u ^ v ^ rightRotate(u, 8);
+
+			t1 = s[2] ^ skey[2 + keyoff];
+			u = SBOX4_4404[(byte)t1];
+			u ^= SBOX3_3033[(byte)(t1 >> 8)];
+			u ^= SBOX2_0222[(byte)(t1 >> 16)];
+			u ^= SBOX1_1110[(byte)(t1 >> 24)];
+			t2 = s[3] ^ skey[3 + keyoff];
+			v = SBOX1_1110[(byte)t2];
+			v ^= SBOX4_4404[(byte)(t2 >> 8)];
+			v ^= SBOX3_3033[(byte)(t2 >> 16)];
+			v ^= SBOX2_0222[(byte)(t2 >> 24)];
+
+			s[0] ^= u ^ v;
+			s[1] ^= u ^ v ^ rightRotate(u, 8);
+		}
+
+		private static void camelliaFLs(uint[] s, uint[] fkey, int keyoff)
+		{
+
+			s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
+			s[0] ^= fkey[1 + keyoff] | s[1];
+
+			s[2] ^= fkey[3 + keyoff] | s[3];
+			s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
+		}
+
+		private void setKey(bool forEncryption, byte[] key)
+		{
+			uint[] k = new uint[8];
+			uint[] ka = new uint[4];
+			uint[] kb = new uint[4];
+			uint[] t = new uint[4];
+
+			switch (key.Length)
+			{
+				case 16:
+					_keyIs128 = true;
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = k[5] = k[6] = k[7] = 0;
+					break;
+				case 24:
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = bytes2uint(key, 16);
+					k[5] = bytes2uint(key, 20);
+					k[6] = ~k[4];
+					k[7] = ~k[5];
+					_keyIs128 = false;
+					break;
+				case 32:
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = bytes2uint(key, 16);
+					k[5] = bytes2uint(key, 20);
+					k[6] = bytes2uint(key, 24);
+					k[7] = bytes2uint(key, 28);
+					_keyIs128 = false;
+					break;
+				default:
+					throw new ArgumentException("key sizes are only 16/24/32 bytes.");
+			}
+
+			for (int i = 0; i < 4; i++)
+			{
+				ka[i] = k[i] ^ k[i + 4];
+			}
+			/* compute KA */
+			camelliaF2(ka, SIGMA, 0);
+			for (int i = 0; i < 4; i++)
+			{
+				ka[i] ^= k[i];
+			}
+			camelliaF2(ka, SIGMA, 4);
+
+			if (_keyIs128)
+			{
+				if (forEncryption)
+				{
+					/* KL dependant keys */
+					kw[0] = k[0];
+					kw[1] = k[1];
+					kw[2] = k[2];
+					kw[3] = k[3];
+					roldq(15, k, 0, subkey, 4);
+					roldq(30, k, 0, subkey, 12);
+					roldq(15, k, 0, t, 0);
+					subkey[18] = t[2];
+					subkey[19] = t[3];
+					roldq(17, k, 0, ke, 4);
+					roldq(17, k, 0, subkey, 24);
+					roldq(17, k, 0, subkey, 32);
+					/* KA dependant keys */
+					subkey[0] = ka[0];
+					subkey[1] = ka[1];
+					subkey[2] = ka[2];
+					subkey[3] = ka[3];
+					roldq(15, ka, 0, subkey, 8);
+					roldq(15, ka, 0, ke, 0);
+					roldq(15, ka, 0, t, 0);
+					subkey[16] = t[0];
+					subkey[17] = t[1];
+					roldq(15, ka, 0, subkey, 20);
+					roldqo32(34, ka, 0, subkey, 28);
+					roldq(17, ka, 0, kw, 4);
+
+				}
+				else
+				{ // decryption
+					/* KL dependant keys */
+					kw[4] = k[0];
+					kw[5] = k[1];
+					kw[6] = k[2];
+					kw[7] = k[3];
+					decroldq(15, k, 0, subkey, 28);
+					decroldq(30, k, 0, subkey, 20);
+					decroldq(15, k, 0, t, 0);
+					subkey[16] = t[0];
+					subkey[17] = t[1];
+					decroldq(17, k, 0, ke, 0);
+					decroldq(17, k, 0, subkey, 8);
+					decroldq(17, k, 0, subkey, 0);
+					/* KA dependant keys */
+					subkey[34] = ka[0];
+					subkey[35] = ka[1];
+					subkey[32] = ka[2];
+					subkey[33] = ka[3];
+					decroldq(15, ka, 0, subkey, 24);
+					decroldq(15, ka, 0, ke, 4);
+					decroldq(15, ka, 0, t, 0);
+					subkey[18] = t[2];
+					subkey[19] = t[3];
+					decroldq(15, ka, 0, subkey, 12);
+					decroldqo32(34, ka, 0, subkey, 4);
+					roldq(17, ka, 0, kw, 0);
+				}
+			}
+			else
+			{ // 192bit or 256bit
+				/* compute KB */
+				for (int i = 0; i < 4; i++)
+				{
+					kb[i] = ka[i] ^ k[i + 4];
+				}
+				camelliaF2(kb, SIGMA, 8);
+
+				if (forEncryption)
+				{
+					/* KL dependant keys */
+					kw[0] = k[0];
+					kw[1] = k[1];
+					kw[2] = k[2];
+					kw[3] = k[3];
+					roldqo32(45, k, 0, subkey, 16);
+					roldq(15, k, 0, ke, 4);
+					roldq(17, k, 0, subkey, 32);
+					roldqo32(34, k, 0, subkey, 44);
+					/* KR dependant keys */
+					roldq(15, k, 4, subkey, 4);
+					roldq(15, k, 4, ke, 0);
+					roldq(30, k, 4, subkey, 24);
+					roldqo32(34, k, 4, subkey, 36);
+					/* KA dependant keys */
+					roldq(15, ka, 0, subkey, 8);
+					roldq(30, ka, 0, subkey, 20);
+					/* 32bit rotation */
+					ke[8] = ka[1];
+					ke[9] = ka[2];
+					ke[10] = ka[3];
+					ke[11] = ka[0];
+					roldqo32(49, ka, 0, subkey, 40);
+
+					/* KB dependant keys */
+					subkey[0] = kb[0];
+					subkey[1] = kb[1];
+					subkey[2] = kb[2];
+					subkey[3] = kb[3];
+					roldq(30, kb, 0, subkey, 12);
+					roldq(30, kb, 0, subkey, 28);
+					roldqo32(51, kb, 0, kw, 4);
+
+				}
+				else
+				{ // decryption
+					/* KL dependant keys */
+					kw[4] = k[0];
+					kw[5] = k[1];
+					kw[6] = k[2];
+					kw[7] = k[3];
+					decroldqo32(45, k, 0, subkey, 28);
+					decroldq(15, k, 0, ke, 4);
+					decroldq(17, k, 0, subkey, 12);
+					decroldqo32(34, k, 0, subkey, 0);
+					/* KR dependant keys */
+					decroldq(15, k, 4, subkey, 40);
+					decroldq(15, k, 4, ke, 8);
+					decroldq(30, k, 4, subkey, 20);
+					decroldqo32(34, k, 4, subkey, 8);
+					/* KA dependant keys */
+					decroldq(15, ka, 0, subkey, 36);
+					decroldq(30, ka, 0, subkey, 24);
+					/* 32bit rotation */
+					ke[2] = ka[1];
+					ke[3] = ka[2];
+					ke[0] = ka[3];
+					ke[1] = ka[0];
+					decroldqo32(49, ka, 0, subkey, 4);
+
+					/* KB dependant keys */
+					subkey[46] = kb[0];
+					subkey[47] = kb[1];
+					subkey[44] = kb[2];
+					subkey[45] = kb[3];
+					decroldq(30, kb, 0, subkey, 32);
+					decroldq(30, kb, 0, subkey, 16);
+					roldqo32(51, kb, 0, kw, 0);
+				}
+			}
+		}
+
+		private int processBlock128(byte[] input, int inOff, byte[] output, int outOff)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				state[i] = bytes2uint(input, inOff + (i * 4));
+				state[i] ^= kw[i];
+			}
+
+			camelliaF2(state, subkey, 0);
+			camelliaF2(state, subkey, 4);
+			camelliaF2(state, subkey, 8);
+			camelliaFLs(state, ke, 0);
+			camelliaF2(state, subkey, 12);
+			camelliaF2(state, subkey, 16);
+			camelliaF2(state, subkey, 20);
+			camelliaFLs(state, ke, 4);
+			camelliaF2(state, subkey, 24);
+			camelliaF2(state, subkey, 28);
+			camelliaF2(state, subkey, 32);
+
+			state[2] ^= kw[4];
+			state[3] ^= kw[5];
+			state[0] ^= kw[6];
+			state[1] ^= kw[7];
+
+			uint2bytes(state[2], output, outOff);
+			uint2bytes(state[3], output, outOff + 4);
+			uint2bytes(state[0], output, outOff + 8);
+			uint2bytes(state[1], output, outOff + 12);
+
+			return BLOCK_SIZE;
+		}
+
+		private int processBlock192or256(byte[] input, int inOff, byte[] output, int outOff)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				state[i] = bytes2uint(input, inOff + (i * 4));
+				state[i] ^= kw[i];
+			}
+
+			camelliaF2(state, subkey, 0);
+			camelliaF2(state, subkey, 4);
+			camelliaF2(state, subkey, 8);
+			camelliaFLs(state, ke, 0);
+			camelliaF2(state, subkey, 12);
+			camelliaF2(state, subkey, 16);
+			camelliaF2(state, subkey, 20);
+			camelliaFLs(state, ke, 4);
+			camelliaF2(state, subkey, 24);
+			camelliaF2(state, subkey, 28);
+			camelliaF2(state, subkey, 32);
+			camelliaFLs(state, ke, 8);
+			camelliaF2(state, subkey, 36);
+			camelliaF2(state, subkey, 40);
+			camelliaF2(state, subkey, 44);
+
+			state[2] ^= kw[4];
+			state[3] ^= kw[5];
+			state[0] ^= kw[6];
+			state[1] ^= kw[7];
+
+			uint2bytes(state[2], output, outOff);
+			uint2bytes(state[3], output, outOff + 4);
+			uint2bytes(state[0], output, outOff + 8);
+			uint2bytes(state[1], output, outOff + 12);
+			return BLOCK_SIZE;
+		}
+
+		public CamelliaEngine()
+		{
+		}
+
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (!(parameters is KeyParameter))
+				throw new ArgumentException("only simple KeyParameter expected.");
+
+			setKey(forEncryption, ((KeyParameter)parameters).GetKey());
+
+			initialised = true;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Camellia"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BLOCK_SIZE;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException("Camellia engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (_keyIs128)
+			{
+				return processBlock128(input, inOff, output, outOff);
+			}
+			else
+			{
+				return processBlock192or256(input, inOff, output, outOff);
+			}
+		}
+
+        public virtual void Reset()
+		{
+			// nothing
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/CamelliaLightEngine.cs b/bc-sharp-crypto/src/crypto/engines/CamelliaLightEngine.cs
new file mode 100644
index 0000000..a132227
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/CamelliaLightEngine.cs
@@ -0,0 +1,580 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* Camellia - based on RFC 3713, smaller implementation, about half the size of CamelliaEngine.
+	*/
+	public class CamelliaLightEngine
+		: IBlockCipher
+	{
+		private const int BLOCK_SIZE = 16;
+//		private const int MASK8 = 0xff;
+		private bool initialised;
+		private bool _keyis128;
+
+		private uint[] subkey = new uint[24 * 4];
+		private uint[] kw = new uint[4 * 2]; // for whitening
+		private uint[] ke = new uint[6 * 2]; // for FL and FL^(-1)
+		private uint[] state = new uint[4]; // for encryption and decryption
+
+		private static readonly uint[] SIGMA = {
+			0xa09e667f, 0x3bcc908b,
+			0xb67ae858, 0x4caa73b2,
+			0xc6ef372f, 0xe94f82be,
+			0x54ff53a5, 0xf1d36f1c,
+			0x10e527fa, 0xde682d1d,
+			0xb05688c2, 0xb3e6c1fd
+		};
+
+		/*
+		*
+		* S-box data
+		*
+		*/
+		private static readonly byte[] SBOX1 = {
+			(byte)112, (byte)130, (byte)44, (byte)236,
+			(byte)179, (byte)39, (byte)192, (byte)229,
+			(byte)228, (byte)133, (byte)87, (byte)53,
+			(byte)234, (byte)12, (byte)174, (byte)65,
+			(byte)35, (byte)239, (byte)107, (byte)147,
+			(byte)69, (byte)25, (byte)165, (byte)33,
+			(byte)237, (byte)14, (byte)79, (byte)78,
+			(byte)29, (byte)101, (byte)146, (byte)189,
+			(byte)134, (byte)184, (byte)175, (byte)143,
+			(byte)124, (byte)235, (byte)31, (byte)206,
+			(byte)62, (byte)48, (byte)220, (byte)95,
+			(byte)94, (byte)197, (byte)11, (byte)26,
+			(byte)166, (byte)225, (byte)57, (byte)202,
+			(byte)213, (byte)71, (byte)93, (byte)61,
+			(byte)217, (byte)1, (byte)90, (byte)214,
+			(byte)81, (byte)86, (byte)108, (byte)77,
+			(byte)139, (byte)13, (byte)154, (byte)102,
+			(byte)251, (byte)204, (byte)176, (byte)45,
+			(byte)116, (byte)18, (byte)43, (byte)32,
+			(byte)240, (byte)177, (byte)132, (byte)153,
+			(byte)223, (byte)76, (byte)203, (byte)194,
+			(byte)52, (byte)126, (byte)118, (byte)5,
+			(byte)109, (byte)183, (byte)169, (byte)49,
+			(byte)209, (byte)23, (byte)4, (byte)215,
+			(byte)20, (byte)88, (byte)58, (byte)97,
+			(byte)222, (byte)27, (byte)17, (byte)28,
+			(byte)50, (byte)15, (byte)156, (byte)22,
+			(byte)83, (byte)24, (byte)242, (byte)34,
+			(byte)254, (byte)68, (byte)207, (byte)178,
+			(byte)195, (byte)181, (byte)122, (byte)145,
+			(byte)36, (byte)8, (byte)232, (byte)168,
+			(byte)96, (byte)252, (byte)105, (byte)80,
+			(byte)170, (byte)208, (byte)160, (byte)125,
+			(byte)161, (byte)137, (byte)98, (byte)151,
+			(byte)84, (byte)91, (byte)30, (byte)149,
+			(byte)224, (byte)255, (byte)100, (byte)210,
+			(byte)16, (byte)196, (byte)0, (byte)72,
+			(byte)163, (byte)247, (byte)117, (byte)219,
+			(byte)138, (byte)3, (byte)230, (byte)218,
+			(byte)9, (byte)63, (byte)221, (byte)148,
+			(byte)135, (byte)92, (byte)131, (byte)2,
+			(byte)205, (byte)74, (byte)144, (byte)51,
+			(byte)115, (byte)103, (byte)246, (byte)243,
+			(byte)157, (byte)127, (byte)191, (byte)226,
+			(byte)82, (byte)155, (byte)216, (byte)38,
+			(byte)200, (byte)55, (byte)198, (byte)59,
+			(byte)129, (byte)150, (byte)111, (byte)75,
+			(byte)19, (byte)190, (byte)99, (byte)46,
+			(byte)233, (byte)121, (byte)167, (byte)140,
+			(byte)159, (byte)110, (byte)188, (byte)142,
+			(byte)41, (byte)245, (byte)249, (byte)182,
+			(byte)47, (byte)253, (byte)180, (byte)89,
+			(byte)120, (byte)152, (byte)6, (byte)106,
+			(byte)231, (byte)70, (byte)113, (byte)186,
+			(byte)212, (byte)37, (byte)171, (byte)66,
+			(byte)136, (byte)162, (byte)141, (byte)250,
+			(byte)114, (byte)7, (byte)185, (byte)85,
+			(byte)248, (byte)238, (byte)172, (byte)10,
+			(byte)54, (byte)73, (byte)42, (byte)104,
+			(byte)60, (byte)56, (byte)241, (byte)164,
+			(byte)64, (byte)40, (byte)211, (byte)123,
+			(byte)187, (byte)201, (byte)67, (byte)193,
+			(byte)21, (byte)227, (byte)173, (byte)244,
+			(byte)119, (byte)199, (byte)128, (byte)158
+		};
+
+		private static uint rightRotate(uint x, int s)
+		{
+			return ((x >> s) + (x << (32 - s)));
+		}
+
+		private static uint leftRotate(uint x, int s)
+		{
+			return (x << s) + (x >> (32 - s));
+		}
+
+		private static void roldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot));
+			ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot));
+			ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot));
+			ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot));
+			ki[0 + ioff] = ko[0 + ooff];
+			ki[1 + ioff] = ko[1 + ooff];
+			ki[2 + ioff] = ko[2 + ooff];
+			ki[3 + ioff] = ko[3 + ooff];
+		}
+
+		private static void decroldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot));
+			ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot));
+			ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot));
+			ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot));
+			ki[0 + ioff] = ko[2 + ooff];
+			ki[1 + ioff] = ko[3 + ooff];
+			ki[2 + ioff] = ko[0 + ooff];
+			ki[3 + ioff] = ko[1 + ooff];
+		}
+
+		private static void roldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot));
+			ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot));
+			ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot));
+			ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot));
+			ki[0 + ioff] = ko[0 + ooff];
+			ki[1 + ioff] = ko[1 + ooff];
+			ki[2 + ioff] = ko[2 + ooff];
+			ki[3 + ioff] = ko[3 + ooff];
+		}
+
+		private static void decroldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff)
+		{
+			ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot));
+			ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot));
+			ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot));
+			ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot));
+			ki[0 + ioff] = ko[2 + ooff];
+			ki[1 + ioff] = ko[3 + ooff];
+			ki[2 + ioff] = ko[0 + ooff];
+			ki[3 + ioff] = ko[1 + ooff];
+		}
+
+		private static uint bytes2uint(byte[] src, int offset)
+		{
+			uint word = 0;
+			for (int i = 0; i < 4; i++)
+			{
+				word = (word << 8) + (uint)src[i + offset];
+			}
+			return word;
+		}
+
+		private static void uint2bytes(uint word, byte[] dst, int offset)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				dst[(3 - i) + offset] = (byte)word;
+				word >>= 8;
+			}
+		}
+
+		private byte lRot8(byte v, int rot)
+		{
+			return (byte)(((uint)v << rot) | ((uint)v >> (8 - rot)));
+		}
+
+		private uint sbox2(int x)
+		{
+			return (uint)lRot8(SBOX1[x], 1);
+		}
+
+		private uint sbox3(int x)
+		{
+			return (uint)lRot8(SBOX1[x], 7);
+		}
+
+		private uint sbox4(int x)
+		{
+			return (uint)SBOX1[lRot8((byte)x, 1)];
+		}
+
+		private void camelliaF2(uint[] s, uint[] skey, int keyoff)
+		{
+			uint t1, t2, u, v;
+
+			t1 = s[0] ^ skey[0 + keyoff];
+			u = sbox4((byte)t1);
+			u |= (sbox3((byte)(t1 >> 8)) << 8);
+			u |= (sbox2((byte)(t1 >> 16)) << 16);
+			u |= ((uint)(SBOX1[(byte)(t1 >> 24)]) << 24);
+
+			t2 = s[1] ^ skey[1 + keyoff];
+			v = (uint)SBOX1[(byte)t2];
+			v |= (sbox4((byte)(t2 >> 8)) << 8);
+			v |= (sbox3((byte)(t2 >> 16)) << 16);
+			v |= (sbox2((byte)(t2 >> 24)) << 24);
+
+			v = leftRotate(v, 8);
+			u ^= v;
+			v = leftRotate(v, 8) ^ u;
+			u = rightRotate(u, 8) ^ v;
+			s[2] ^= leftRotate(v, 16) ^ u;
+			s[3] ^= leftRotate(u, 8);
+
+			t1 = s[2] ^ skey[2 + keyoff];
+			u = sbox4((byte)t1);
+			u |= sbox3((byte)(t1 >> 8)) << 8;
+			u |= sbox2((byte)(t1 >> 16)) << 16;
+			u |= ((uint)SBOX1[(byte)(t1 >> 24)]) << 24;
+
+			t2 = s[3] ^ skey[3 + keyoff];
+			v = (uint)SBOX1[(byte)t2];
+			v |= sbox4((byte)(t2 >> 8)) << 8;
+			v |= sbox3((byte)(t2 >> 16)) << 16;
+			v |= sbox2((byte)(t2 >> 24)) << 24;
+
+			v = leftRotate(v, 8);
+			u ^= v;
+			v = leftRotate(v, 8) ^ u;
+			u = rightRotate(u, 8) ^ v;
+			s[0] ^= leftRotate(v, 16) ^ u;
+			s[1] ^= leftRotate(u, 8);
+		}
+
+		private void camelliaFLs(uint[] s, uint[] fkey, int keyoff)
+		{
+			s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
+			s[0] ^= fkey[1 + keyoff] | s[1];
+
+			s[2] ^= fkey[3 + keyoff] | s[3];
+			s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
+		}
+
+		private void setKey(bool forEncryption, byte[] key)
+		{
+			uint[] k = new uint[8];
+			uint[] ka = new uint[4];
+			uint[] kb = new uint[4];
+			uint[] t = new uint[4];
+
+			switch (key.Length)
+			{
+				case 16:
+					_keyis128 = true;
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = k[5] = k[6] = k[7] = 0;
+					break;
+				case 24:
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = bytes2uint(key, 16);
+					k[5] = bytes2uint(key, 20);
+					k[6] = ~k[4];
+					k[7] = ~k[5];
+					_keyis128 = false;
+					break;
+				case 32:
+					k[0] = bytes2uint(key, 0);
+					k[1] = bytes2uint(key, 4);
+					k[2] = bytes2uint(key, 8);
+					k[3] = bytes2uint(key, 12);
+					k[4] = bytes2uint(key, 16);
+					k[5] = bytes2uint(key, 20);
+					k[6] = bytes2uint(key, 24);
+					k[7] = bytes2uint(key, 28);
+					_keyis128 = false;
+					break;
+				default:
+					throw new ArgumentException("key sizes are only 16/24/32 bytes.");
+			}
+
+			for (int i = 0; i < 4; i++)
+			{
+				ka[i] = k[i] ^ k[i + 4];
+			}
+			/* compute KA */
+			camelliaF2(ka, SIGMA, 0);
+			for (int i = 0; i < 4; i++)
+			{
+				ka[i] ^= k[i];
+			}
+			camelliaF2(ka, SIGMA, 4);
+
+			if (_keyis128)
+			{
+				if (forEncryption)
+				{
+					/* KL dependant keys */
+					kw[0] = k[0];
+					kw[1] = k[1];
+					kw[2] = k[2];
+					kw[3] = k[3];
+					roldq(15, k, 0, subkey, 4);
+					roldq(30, k, 0, subkey, 12);
+					roldq(15, k, 0, t, 0);
+					subkey[18] = t[2];
+					subkey[19] = t[3];
+					roldq(17, k, 0, ke, 4);
+					roldq(17, k, 0, subkey, 24);
+					roldq(17, k, 0, subkey, 32);
+					/* KA dependant keys */
+					subkey[0] = ka[0];
+					subkey[1] = ka[1];
+					subkey[2] = ka[2];
+					subkey[3] = ka[3];
+					roldq(15, ka, 0, subkey, 8);
+					roldq(15, ka, 0, ke, 0);
+					roldq(15, ka, 0, t, 0);
+					subkey[16] = t[0];
+					subkey[17] = t[1];
+					roldq(15, ka, 0, subkey, 20);
+					roldqo32(34, ka, 0, subkey, 28);
+					roldq(17, ka, 0, kw, 4);
+
+				}
+				else
+				{ // decryption
+					/* KL dependant keys */
+					kw[4] = k[0];
+					kw[5] = k[1];
+					kw[6] = k[2];
+					kw[7] = k[3];
+					decroldq(15, k, 0, subkey, 28);
+					decroldq(30, k, 0, subkey, 20);
+					decroldq(15, k, 0, t, 0);
+					subkey[16] = t[0];
+					subkey[17] = t[1];
+					decroldq(17, k, 0, ke, 0);
+					decroldq(17, k, 0, subkey, 8);
+					decroldq(17, k, 0, subkey, 0);
+					/* KA dependant keys */
+					subkey[34] = ka[0];
+					subkey[35] = ka[1];
+					subkey[32] = ka[2];
+					subkey[33] = ka[3];
+					decroldq(15, ka, 0, subkey, 24);
+					decroldq(15, ka, 0, ke, 4);
+					decroldq(15, ka, 0, t, 0);
+					subkey[18] = t[2];
+					subkey[19] = t[3];
+					decroldq(15, ka, 0, subkey, 12);
+					decroldqo32(34, ka, 0, subkey, 4);
+					roldq(17, ka, 0, kw, 0);
+				}
+			}
+			else
+			{ // 192bit or 256bit
+				/* compute KB */
+				for (int i = 0; i < 4; i++)
+				{
+					kb[i] = ka[i] ^ k[i + 4];
+				}
+				camelliaF2(kb, SIGMA, 8);
+
+				if (forEncryption)
+				{
+					/* KL dependant keys */
+					kw[0] = k[0];
+					kw[1] = k[1];
+					kw[2] = k[2];
+					kw[3] = k[3];
+					roldqo32(45, k, 0, subkey, 16);
+					roldq(15, k, 0, ke, 4);
+					roldq(17, k, 0, subkey, 32);
+					roldqo32(34, k, 0, subkey, 44);
+					/* KR dependant keys */
+					roldq(15, k, 4, subkey, 4);
+					roldq(15, k, 4, ke, 0);
+					roldq(30, k, 4, subkey, 24);
+					roldqo32(34, k, 4, subkey, 36);
+					/* KA dependant keys */
+					roldq(15, ka, 0, subkey, 8);
+					roldq(30, ka, 0, subkey, 20);
+					/* 32bit rotation */
+					ke[8] = ka[1];
+					ke[9] = ka[2];
+					ke[10] = ka[3];
+					ke[11] = ka[0];
+					roldqo32(49, ka, 0, subkey, 40);
+
+					/* KB dependant keys */
+					subkey[0] = kb[0];
+					subkey[1] = kb[1];
+					subkey[2] = kb[2];
+					subkey[3] = kb[3];
+					roldq(30, kb, 0, subkey, 12);
+					roldq(30, kb, 0, subkey, 28);
+					roldqo32(51, kb, 0, kw, 4);
+
+				}
+				else
+				{ // decryption
+					/* KL dependant keys */
+					kw[4] = k[0];
+					kw[5] = k[1];
+					kw[6] = k[2];
+					kw[7] = k[3];
+					decroldqo32(45, k, 0, subkey, 28);
+					decroldq(15, k, 0, ke, 4);
+					decroldq(17, k, 0, subkey, 12);
+					decroldqo32(34, k, 0, subkey, 0);
+					/* KR dependant keys */
+					decroldq(15, k, 4, subkey, 40);
+					decroldq(15, k, 4, ke, 8);
+					decroldq(30, k, 4, subkey, 20);
+					decroldqo32(34, k, 4, subkey, 8);
+					/* KA dependant keys */
+					decroldq(15, ka, 0, subkey, 36);
+					decroldq(30, ka, 0, subkey, 24);
+					/* 32bit rotation */
+					ke[2] = ka[1];
+					ke[3] = ka[2];
+					ke[0] = ka[3];
+					ke[1] = ka[0];
+					decroldqo32(49, ka, 0, subkey, 4);
+
+					/* KB dependant keys */
+					subkey[46] = kb[0];
+					subkey[47] = kb[1];
+					subkey[44] = kb[2];
+					subkey[45] = kb[3];
+					decroldq(30, kb, 0, subkey, 32);
+					decroldq(30, kb, 0, subkey, 16);
+					roldqo32(51, kb, 0, kw, 0);
+				}
+			}
+		}
+
+		private int processBlock128(byte[] input, int inOff, byte[] output, int outOff)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				state[i] = bytes2uint(input, inOff + (i * 4));
+				state[i] ^= kw[i];
+			}
+
+			camelliaF2(state, subkey, 0);
+			camelliaF2(state, subkey, 4);
+			camelliaF2(state, subkey, 8);
+			camelliaFLs(state, ke, 0);
+			camelliaF2(state, subkey, 12);
+			camelliaF2(state, subkey, 16);
+			camelliaF2(state, subkey, 20);
+			camelliaFLs(state, ke, 4);
+			camelliaF2(state, subkey, 24);
+			camelliaF2(state, subkey, 28);
+			camelliaF2(state, subkey, 32);
+
+			state[2] ^= kw[4];
+			state[3] ^= kw[5];
+			state[0] ^= kw[6];
+			state[1] ^= kw[7];
+
+			uint2bytes(state[2], output, outOff);
+			uint2bytes(state[3], output, outOff + 4);
+			uint2bytes(state[0], output, outOff + 8);
+			uint2bytes(state[1], output, outOff + 12);
+
+			return BLOCK_SIZE;
+		}
+
+		private int processBlock192or256(byte[] input, int inOff, byte[] output, int outOff)
+		{
+			for (int i = 0; i < 4; i++)
+			{
+				state[i] = bytes2uint(input, inOff + (i * 4));
+				state[i] ^= kw[i];
+			}
+
+			camelliaF2(state, subkey, 0);
+			camelliaF2(state, subkey, 4);
+			camelliaF2(state, subkey, 8);
+			camelliaFLs(state, ke, 0);
+			camelliaF2(state, subkey, 12);
+			camelliaF2(state, subkey, 16);
+			camelliaF2(state, subkey, 20);
+			camelliaFLs(state, ke, 4);
+			camelliaF2(state, subkey, 24);
+			camelliaF2(state, subkey, 28);
+			camelliaF2(state, subkey, 32);
+			camelliaFLs(state, ke, 8);
+			camelliaF2(state, subkey, 36);
+			camelliaF2(state, subkey, 40);
+			camelliaF2(state, subkey, 44);
+
+			state[2] ^= kw[4];
+			state[3] ^= kw[5];
+			state[0] ^= kw[6];
+			state[1] ^= kw[7];
+
+			uint2bytes(state[2], output, outOff);
+			uint2bytes(state[3], output, outOff + 4);
+			uint2bytes(state[0], output, outOff + 8);
+			uint2bytes(state[1], output, outOff + 12);
+			return BLOCK_SIZE;
+		}
+
+		public CamelliaLightEngine()
+		{
+			initialised = false;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Camellia"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BLOCK_SIZE;
+		}
+
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (!(parameters is KeyParameter))
+				throw new ArgumentException("only simple KeyParameter expected.");
+
+			setKey(forEncryption, ((KeyParameter)parameters).GetKey());
+
+			initialised = true;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+            byte[]	output,
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException("Camellia engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (_keyis128)
+			{
+				return processBlock128(input, inOff, output, outOff);
+			}
+			else
+			{
+				return processBlock192or256(input, inOff, output, outOff);
+			}
+		}
+
+        public virtual void Reset()
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/CamelliaWrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/CamelliaWrapEngine.cs
new file mode 100644
index 0000000..49dc833
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/CamelliaWrapEngine.cs
@@ -0,0 +1,16 @@
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <remarks>
+	/// An implementation of the Camellia key wrapper based on RFC 3657/RFC 3394.
+	/// <p/>
+	/// For further details see: <a href="http://www.ietf.org/rfc/rfc3657.txt">http://www.ietf.org/rfc/rfc3657.txt</a>.
+	/// </remarks>
+	public class CamelliaWrapEngine
+		: Rfc3394WrapEngine
+	{
+		public CamelliaWrapEngine()
+			: base(new CamelliaEngine())
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/Cast5Engine.cs b/bc-sharp-crypto/src/crypto/engines/Cast5Engine.cs
new file mode 100644
index 0000000..53836db
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/Cast5Engine.cs
@@ -0,0 +1,802 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * A class that provides CAST key encryption operations,
+    * such as encoding data and generating keys.
+    *
+    * All the algorithms herein are from the Internet RFC's
+    *
+    * RFC2144 - Cast5 (64bit block, 40-128bit key)
+    * RFC2612 - CAST6 (128bit block, 128-256bit key)
+    *
+    * and implement a simplified cryptography interface.
+    */
+    public class Cast5Engine
+		: IBlockCipher
+    {
+		internal static readonly uint[] S1 =
+		{
+			0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
+			0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
+			0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
+			0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
+			0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
+			0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
+			0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
+			0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
+			0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
+			0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
+			0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
+			0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
+			0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
+			0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
+			0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
+			0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
+			0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
+			0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
+			0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
+			0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
+			0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
+			0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
+			0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
+			0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
+			0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
+			0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
+			0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
+			0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
+			0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
+			0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
+			0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
+			0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf
+		},
+		S2 =
+		{
+			0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
+			0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
+			0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
+			0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
+			0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
+			0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
+			0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
+			0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
+			0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
+			0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
+			0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
+			0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
+			0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
+			0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
+			0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
+			0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
+			0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
+			0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
+			0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
+			0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
+			0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
+			0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
+			0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
+			0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
+			0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
+			0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
+			0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
+			0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
+			0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
+			0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
+			0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
+			0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1
+		},
+		S3 =
+		{
+			0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
+			0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
+			0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
+			0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
+			0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
+			0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
+			0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
+			0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
+			0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
+			0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
+			0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
+			0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
+			0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
+			0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
+			0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
+			0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
+			0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
+			0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
+			0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
+			0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
+			0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
+			0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
+			0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
+			0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
+			0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
+			0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
+			0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
+			0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
+			0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
+			0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
+			0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
+			0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783
+		},
+		S4 =
+		{
+			0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
+			0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
+			0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
+			0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
+			0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
+			0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
+			0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
+			0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
+			0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
+			0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
+			0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
+			0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
+			0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
+			0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
+			0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
+			0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
+			0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
+			0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
+			0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
+			0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
+			0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
+			0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
+			0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
+			0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
+			0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
+			0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
+			0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
+			0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
+			0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
+			0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
+			0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
+			0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2
+		},
+		S5 =
+		{
+			0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
+			0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
+			0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
+			0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
+			0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
+			0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
+			0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
+			0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
+			0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
+			0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
+			0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
+			0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
+			0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
+			0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
+			0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
+			0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
+			0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
+			0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
+			0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
+			0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
+			0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
+			0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
+			0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
+			0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
+			0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
+			0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
+			0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
+			0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
+			0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
+			0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
+			0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
+			0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4
+		},
+		S6 =
+		{
+			0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
+			0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
+			0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
+			0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
+			0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
+			0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
+			0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
+			0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
+			0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
+			0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
+			0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
+			0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
+			0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
+			0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
+			0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
+			0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
+			0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
+			0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
+			0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
+			0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
+			0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
+			0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
+			0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
+			0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
+			0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
+			0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
+			0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
+			0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
+			0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
+			0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
+			0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
+			0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f
+		},
+		S7 =
+		{
+			0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
+			0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
+			0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
+			0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
+			0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
+			0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
+			0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
+			0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
+			0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
+			0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
+			0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
+			0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
+			0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
+			0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
+			0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
+			0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
+			0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
+			0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
+			0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
+			0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
+			0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
+			0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
+			0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
+			0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
+			0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
+			0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
+			0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
+			0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
+			0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
+			0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
+			0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
+			0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3
+		},
+		S8 =
+		{
+			0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
+			0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
+			0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
+			0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
+			0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
+			0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
+			0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
+			0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
+			0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
+			0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
+			0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
+			0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
+			0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
+			0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
+			0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
+			0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
+			0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
+			0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
+			0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
+			0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
+			0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
+			0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
+			0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
+			0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
+			0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
+			0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
+			0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
+			0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
+			0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
+			0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
+			0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
+			0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e
+		};
+
+        //====================================
+        // Useful constants
+        //====================================
+
+        internal static readonly int MAX_ROUNDS = 16;
+        internal static readonly int RED_ROUNDS = 12;
+
+        private const int BLOCK_SIZE = 8;  // bytes = 64 bits
+
+        private int[] _Kr = new int[17];        // the rotating round key
+        private uint[] _Km = new uint[17];        // the masking round key
+
+        private bool _encrypting;
+
+        private byte[] _workingKey;
+        private int _rounds = MAX_ROUNDS;
+
+        public Cast5Engine()
+        {
+        }
+
+        /**
+        * initialise a CAST cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+				throw new ArgumentException("Invalid parameter passed to "+ AlgorithmName +" init - " + Platform.GetTypeName(parameters));
+
+			_encrypting = forEncryption;
+			_workingKey = ((KeyParameter)parameters).GetKey();
+			SetKey(_workingKey);
+        }
+
+		public virtual string AlgorithmName
+        {
+            get { return "CAST5"; }
+        }
+
+		public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+		public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+			int blockSize = GetBlockSize();
+            if (_workingKey == null)
+                throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, blockSize, "input buffer too short");
+            Check.OutputLength(output, outOff, blockSize, "output buffer too short");
+
+            if (_encrypting)
+            {
+                return EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                return DecryptBlock(input, inOff, output, outOff);
+            }
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        //==================================
+        // Private Implementation
+        //==================================
+
+        /*
+        * Creates the subkeys using the same nomenclature
+        * as described in RFC2144.
+        *
+        * See section 2.4
+        */
+        internal virtual void SetKey(byte[] key)
+        {
+            /*
+            * Determine the key size here, if required
+            *
+            * if keysize <= 80bits, use 12 rounds instead of 16
+            * if keysize < 128bits, pad with 0
+            *
+            * Typical key sizes => 40, 64, 80, 128
+            */
+
+            if (key.Length < 11)
+            {
+                _rounds = RED_ROUNDS;
+            }
+
+            int [] z = new int[16];
+            int [] x = new int[16];
+
+            uint z03, z47, z8B, zCF;
+            uint x03, x47, x8B, xCF;
+
+            /* copy the key into x */
+            for (int i=0; i< key.Length; i++)
+            {
+                x[i] = (int)(key[i] & 0xff);
+            }
+
+            /*
+            * This will look different because the selection of
+            * bytes from the input key I've already chosen the
+            * correct int.
+            */
+            x03 = IntsTo32bits(x, 0x0);
+            x47 = IntsTo32bits(x, 0x4);
+            x8B = IntsTo32bits(x, 0x8);
+            xCF = IntsTo32bits(x, 0xC);
+
+            z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
+
+            Bits32ToInts(z03, z, 0x0);
+            z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
+            Bits32ToInts(z47, z, 0x4);
+            z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
+            Bits32ToInts(z8B, z, 0x8);
+            zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
+            Bits32ToInts(zCF, z, 0xC);
+            _Km[ 1]= S5[z[0x8]] ^ S6[z[0x9]] ^ S7[z[0x7]] ^ S8[z[0x6]] ^ S5[z[0x2]];
+            _Km[ 2]= S5[z[0xA]] ^ S6[z[0xB]] ^ S7[z[0x5]] ^ S8[z[0x4]] ^ S6[z[0x6]];
+            _Km[ 3]= S5[z[0xC]] ^ S6[z[0xD]] ^ S7[z[0x3]] ^ S8[z[0x2]] ^ S7[z[0x9]];
+            _Km[ 4]= S5[z[0xE]] ^ S6[z[0xF]] ^ S7[z[0x1]] ^ S8[z[0x0]] ^ S8[z[0xC]];
+
+            z03 = IntsTo32bits(z, 0x0);
+            z47 = IntsTo32bits(z, 0x4);
+            z8B = IntsTo32bits(z, 0x8);
+            zCF = IntsTo32bits(z, 0xC);
+            x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
+            Bits32ToInts(x03, x, 0x0);
+            x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
+            Bits32ToInts(x47, x, 0x4);
+            x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
+            Bits32ToInts(x8B, x, 0x8);
+            xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
+            Bits32ToInts(xCF, x, 0xC);
+            _Km[ 5]= S5[x[0x3]] ^ S6[x[0x2]] ^ S7[x[0xC]] ^ S8[x[0xD]] ^ S5[x[0x8]];
+            _Km[ 6]= S5[x[0x1]] ^ S6[x[0x0]] ^ S7[x[0xE]] ^ S8[x[0xF]] ^ S6[x[0xD]];
+            _Km[ 7]= S5[x[0x7]] ^ S6[x[0x6]] ^ S7[x[0x8]] ^ S8[x[0x9]] ^ S7[x[0x3]];
+            _Km[ 8]= S5[x[0x5]] ^ S6[x[0x4]] ^ S7[x[0xA]] ^ S8[x[0xB]] ^ S8[x[0x7]];
+
+            x03 = IntsTo32bits(x, 0x0);
+            x47 = IntsTo32bits(x, 0x4);
+            x8B = IntsTo32bits(x, 0x8);
+            xCF = IntsTo32bits(x, 0xC);
+            z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
+            Bits32ToInts(z03, z, 0x0);
+            z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
+            Bits32ToInts(z47, z, 0x4);
+            z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
+            Bits32ToInts(z8B, z, 0x8);
+            zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
+            Bits32ToInts(zCF, z, 0xC);
+            _Km[ 9]= S5[z[0x3]] ^ S6[z[0x2]] ^ S7[z[0xC]] ^ S8[z[0xD]] ^ S5[z[0x9]];
+            _Km[10]= S5[z[0x1]] ^ S6[z[0x0]] ^ S7[z[0xE]] ^ S8[z[0xF]] ^ S6[z[0xc]];
+            _Km[11]= S5[z[0x7]] ^ S6[z[0x6]] ^ S7[z[0x8]] ^ S8[z[0x9]] ^ S7[z[0x2]];
+            _Km[12]= S5[z[0x5]] ^ S6[z[0x4]] ^ S7[z[0xA]] ^ S8[z[0xB]] ^ S8[z[0x6]];
+
+            z03 = IntsTo32bits(z, 0x0);
+            z47 = IntsTo32bits(z, 0x4);
+            z8B = IntsTo32bits(z, 0x8);
+            zCF = IntsTo32bits(z, 0xC);
+            x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
+            Bits32ToInts(x03, x, 0x0);
+            x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
+            Bits32ToInts(x47, x, 0x4);
+            x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
+            Bits32ToInts(x8B, x, 0x8);
+            xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
+            Bits32ToInts(xCF, x, 0xC);
+            _Km[13]= S5[x[0x8]] ^ S6[x[0x9]] ^ S7[x[0x7]] ^ S8[x[0x6]] ^ S5[x[0x3]];
+            _Km[14]= S5[x[0xA]] ^ S6[x[0xB]] ^ S7[x[0x5]] ^ S8[x[0x4]] ^ S6[x[0x7]];
+            _Km[15]= S5[x[0xC]] ^ S6[x[0xD]] ^ S7[x[0x3]] ^ S8[x[0x2]] ^ S7[x[0x8]];
+            _Km[16]= S5[x[0xE]] ^ S6[x[0xF]] ^ S7[x[0x1]] ^ S8[x[0x0]] ^ S8[x[0xD]];
+
+            x03 = IntsTo32bits(x, 0x0);
+            x47 = IntsTo32bits(x, 0x4);
+            x8B = IntsTo32bits(x, 0x8);
+            xCF = IntsTo32bits(x, 0xC);
+            z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
+            Bits32ToInts(z03, z, 0x0);
+            z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
+            Bits32ToInts(z47, z, 0x4);
+            z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
+            Bits32ToInts(z8B, z, 0x8);
+            zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
+            Bits32ToInts(zCF, z, 0xC);
+            _Kr[ 1]=(int)((S5[z[0x8]]^S6[z[0x9]]^S7[z[0x7]]^S8[z[0x6]] ^ S5[z[0x2]])&0x1f);
+            _Kr[ 2]=(int)((S5[z[0xA]]^S6[z[0xB]]^S7[z[0x5]]^S8[z[0x4]] ^ S6[z[0x6]])&0x1f);
+            _Kr[ 3]=(int)((S5[z[0xC]]^S6[z[0xD]]^S7[z[0x3]]^S8[z[0x2]] ^ S7[z[0x9]])&0x1f);
+            _Kr[ 4]=(int)((S5[z[0xE]]^S6[z[0xF]]^S7[z[0x1]]^S8[z[0x0]] ^ S8[z[0xC]])&0x1f);
+
+            z03 = IntsTo32bits(z, 0x0);
+            z47 = IntsTo32bits(z, 0x4);
+            z8B = IntsTo32bits(z, 0x8);
+            zCF = IntsTo32bits(z, 0xC);
+            x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
+            Bits32ToInts(x03, x, 0x0);
+            x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
+            Bits32ToInts(x47, x, 0x4);
+            x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
+            Bits32ToInts(x8B, x, 0x8);
+            xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
+            Bits32ToInts(xCF, x, 0xC);
+            _Kr[ 5]=(int)((S5[x[0x3]]^S6[x[0x2]]^S7[x[0xC]]^S8[x[0xD]]^S5[x[0x8]])&0x1f);
+            _Kr[ 6]=(int)((S5[x[0x1]]^S6[x[0x0]]^S7[x[0xE]]^S8[x[0xF]]^S6[x[0xD]])&0x1f);
+            _Kr[ 7]=(int)((S5[x[0x7]]^S6[x[0x6]]^S7[x[0x8]]^S8[x[0x9]]^S7[x[0x3]])&0x1f);
+            _Kr[ 8]=(int)((S5[x[0x5]]^S6[x[0x4]]^S7[x[0xA]]^S8[x[0xB]]^S8[x[0x7]])&0x1f);
+
+            x03 = IntsTo32bits(x, 0x0);
+            x47 = IntsTo32bits(x, 0x4);
+            x8B = IntsTo32bits(x, 0x8);
+            xCF = IntsTo32bits(x, 0xC);
+            z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
+            Bits32ToInts(z03, z, 0x0);
+            z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
+            Bits32ToInts(z47, z, 0x4);
+            z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
+            Bits32ToInts(z8B, z, 0x8);
+            zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
+            Bits32ToInts(zCF, z, 0xC);
+            _Kr[ 9]=(int)((S5[z[0x3]]^S6[z[0x2]]^S7[z[0xC]]^S8[z[0xD]]^S5[z[0x9]])&0x1f);
+            _Kr[10]=(int)((S5[z[0x1]]^S6[z[0x0]]^S7[z[0xE]]^S8[z[0xF]]^S6[z[0xc]])&0x1f);
+            _Kr[11]=(int)((S5[z[0x7]]^S6[z[0x6]]^S7[z[0x8]]^S8[z[0x9]]^S7[z[0x2]])&0x1f);
+            _Kr[12]=(int)((S5[z[0x5]]^S6[z[0x4]]^S7[z[0xA]]^S8[z[0xB]]^S8[z[0x6]])&0x1f);
+
+            z03 = IntsTo32bits(z, 0x0);
+            z47 = IntsTo32bits(z, 0x4);
+            z8B = IntsTo32bits(z, 0x8);
+            zCF = IntsTo32bits(z, 0xC);
+            x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
+            Bits32ToInts(x03, x, 0x0);
+            x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
+            Bits32ToInts(x47, x, 0x4);
+            x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
+            Bits32ToInts(x8B, x, 0x8);
+            xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
+            Bits32ToInts(xCF, x, 0xC);
+            _Kr[13]=(int)((S5[x[0x8]]^S6[x[0x9]]^S7[x[0x7]]^S8[x[0x6]]^S5[x[0x3]])&0x1f);
+            _Kr[14]=(int)((S5[x[0xA]]^S6[x[0xB]]^S7[x[0x5]]^S8[x[0x4]]^S6[x[0x7]])&0x1f);
+            _Kr[15]=(int)((S5[x[0xC]]^S6[x[0xD]]^S7[x[0x3]]^S8[x[0x2]]^S7[x[0x8]])&0x1f);
+            _Kr[16]=(int)((S5[x[0xE]]^S6[x[0xF]]^S7[x[0x1]]^S8[x[0x0]]^S8[x[0xD]])&0x1f);
+        }
+
+        /**
+        * Encrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param src        The plaintext buffer
+        * @param srcIndex    An offset into src
+        * @param dst        The ciphertext buffer
+        * @param dstIndex    An offset into dst
+        */
+        internal virtual int EncryptBlock(
+            byte[] src,
+            int srcIndex,
+            byte[] dst,
+            int dstIndex)
+        {
+            // process the input block
+            // batch the units up into a 32 bit chunk and go for it
+            // the array is in bytes, the increment is 8x8 bits = 64
+
+            uint L0 = Pack.BE_To_UInt32(src, srcIndex);
+            uint R0 = Pack.BE_To_UInt32(src, srcIndex + 4);
+
+            uint[] result = new uint[2];
+            CAST_Encipher(L0, R0, result);
+
+            // now stuff them into the destination block
+            Pack.UInt32_To_BE(result[0], dst, dstIndex);
+            Pack.UInt32_To_BE(result[1], dst, dstIndex + 4);
+
+            return BLOCK_SIZE;
+        }
+
+        /**
+        * Decrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param src        The plaintext buffer
+        * @param srcIndex    An offset into src
+        * @param dst        The ciphertext buffer
+        * @param dstIndex    An offset into dst
+        */
+        internal virtual int DecryptBlock(
+            byte[] src,
+            int srcIndex,
+            byte[] dst,
+            int dstIndex)
+        {
+            // process the input block
+            // batch the units up into a 32 bit chunk and go for it
+            // the array is in bytes, the increment is 8x8 bits = 64
+            uint L16 = Pack.BE_To_UInt32(src, srcIndex);
+            uint R16 = Pack.BE_To_UInt32(src, srcIndex + 4);
+
+            uint[] result = new uint[2];
+            CAST_Decipher(L16, R16, result);
+
+            // now stuff them into the destination block
+            Pack.UInt32_To_BE(result[0], dst, dstIndex);
+            Pack.UInt32_To_BE(result[1], dst, dstIndex + 4);
+
+            return BLOCK_SIZE;
+        }
+
+        /**
+        * The first of the three processing functions for the
+        * encryption and decryption.
+        *
+        * @param D            the input to be processed
+        * @param Kmi        the mask to be used from Km[n]
+        * @param Kri        the rotation value to be used
+        *
+        */
+        internal static uint F1(uint D, uint Kmi, int Kri)
+        {
+            uint I = Kmi + D;
+            I = I << Kri | (I >> (32-Kri));
+            return ((S1[(I>>24)&0xff]^S2[(I>>16)&0xff])-S3[(I>>8)&0xff])+S4[I&0xff];
+        }
+
+        /**
+        * The second of the three processing functions for the
+        * encryption and decryption.
+        *
+        * @param D            the input to be processed
+        * @param Kmi        the mask to be used from Km[n]
+        * @param Kri        the rotation value to be used
+        *
+        */
+        internal static uint F2(uint D, uint Kmi, int Kri)
+        {
+            uint I = Kmi ^ D;
+            I = I << Kri | (I >> (32-Kri));
+            return ((S1[(I>>24)&0xff]-S2[(I>>16)&0xff])+S3[(I>>8)&0xff])^S4[I&0xff];
+        }
+
+        /**
+        * The third of the three processing functions for the
+        * encryption and decryption.
+        *
+        * @param D            the input to be processed
+        * @param Kmi        the mask to be used from Km[n]
+        * @param Kri        the rotation value to be used
+        *
+        */
+        internal static uint F3(uint D, uint Kmi, int Kri)
+        {
+            uint I = Kmi - D;
+            I = I << Kri | (I >> (32-Kri));
+            return ((S1[(I>>24)&0xff]+S2[(I>>16)&0xff])^S3[(I>>8)&0xff])-S4[I&0xff];
+        }
+
+        /**
+        * Does the 16 rounds to encrypt the block.
+        *
+        * @param L0    the LH-32bits of the plaintext block
+        * @param R0    the RH-32bits of the plaintext block
+        */
+        internal void CAST_Encipher(uint L0, uint R0, uint[] result)
+        {
+            uint Lp = L0;        // the previous value, equiv to L[i-1]
+            uint Rp = R0;        // equivalent to R[i-1]
+
+            /*
+            * numbering consistent with paper to make
+            * checking and validating easier
+            */
+            uint Li = L0, Ri = R0;
+
+            for (int i = 1; i<=_rounds ; i++)
+            {
+                Lp = Li;
+                Rp = Ri;
+
+                Li = Rp;
+                switch (i)
+                {
+                    case  1:
+                    case  4:
+                    case  7:
+                    case 10:
+                    case 13:
+                    case 16:
+                        Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]);
+                        break;
+                    case  2:
+                    case  5:
+                    case  8:
+                    case 11:
+                    case 14:
+                        Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]);
+                        break;
+                    case  3:
+                    case  6:
+                    case  9:
+                    case 12:
+                    case 15:
+                        Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]);
+                        break;
+                }
+            }
+
+            result[0] = Ri;
+            result[1] = Li;
+
+            return;
+        }
+
+        internal void CAST_Decipher(uint L16, uint R16, uint[] result)
+        {
+            uint Lp = L16;        // the previous value, equiv to L[i-1]
+            uint Rp = R16;        // equivalent to R[i-1]
+
+            /*
+            * numbering consistent with paper to make
+            * checking and validating easier
+            */
+            uint Li = L16, Ri = R16;
+
+            for (int i = _rounds; i > 0; i--)
+            {
+                Lp = Li;
+                Rp = Ri;
+
+                Li = Rp;
+                switch (i)
+                {
+                    case  1:
+                    case  4:
+                    case  7:
+                    case 10:
+                    case 13:
+                    case 16:
+                        Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]);
+                        break;
+                    case  2:
+                    case  5:
+                    case  8:
+                    case 11:
+                    case 14:
+                        Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]);
+                        break;
+                    case  3:
+                    case  6:
+                    case  9:
+                    case 12:
+                    case 15:
+                        Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]);
+                        break;
+                }
+            }
+
+            result[0] = Ri;
+            result[1] = Li;
+
+            return;
+        }
+
+        internal static void Bits32ToInts(uint inData, int[] b, int offset)
+        {
+            b[offset + 3] = (int) (inData & 0xff);
+            b[offset + 2] = (int) ((inData >> 8) & 0xff);
+            b[offset + 1] = (int) ((inData >> 16) & 0xff);
+            b[offset]     = (int) ((inData >> 24) & 0xff);
+        }
+
+        internal static uint IntsTo32bits(int[] b, int i)
+        {
+            return (uint)(((b[i]   & 0xff) << 24) |
+                ((b[i+1] & 0xff) << 16) |
+                ((b[i+2] & 0xff) << 8) |
+                ((b[i+3] & 0xff)));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/Cast6Engine.cs b/bc-sharp-crypto/src/crypto/engines/Cast6Engine.cs
new file mode 100644
index 0000000..c5c419b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/Cast6Engine.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+     * A class that provides CAST6 key encryption operations,
+     * such as encoding data and generating keys.
+     *
+     * All the algorithms herein are from the Internet RFC
+     *
+     * RFC2612 - CAST6 (128bit block, 128-256bit key)
+     *
+     * and implement a simplified cryptography interface.
+     */
+    public sealed class Cast6Engine
+		: Cast5Engine
+    {
+        //====================================
+        // Useful constants
+        //====================================
+        private const int ROUNDS = 12;
+        private const int BLOCK_SIZE = 16;  // bytes = 128 bits
+
+		/*
+        * Put the round and mask keys into an array.
+        * Kr0[i] => _Kr[i*4 + 0]
+        */
+        private int []_Kr = new int[ROUNDS*4]; // the rotating round key(s)
+        private uint []_Km = new uint[ROUNDS*4]; // the masking round key(s)
+
+		/*
+        * Key setup
+        */
+        private int []_Tr = new int[24 * 8];
+        private uint []_Tm = new uint[24 * 8];
+        private uint[] _workingKey = new uint[8];
+
+		public Cast6Engine()
+        {
+        }
+
+		public override string AlgorithmName
+        {
+            get { return "CAST6"; }
+        }
+
+		public override void Reset()
+        {
+        }
+
+		public override int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+		//==================================
+        // Private Implementation
+        //==================================
+        /*
+        * Creates the subkeys using the same nomenclature
+        * as described in RFC2612.
+        *
+        * See section 2.4
+        */
+        internal override void SetKey(
+			byte[] key)
+        {
+            uint Cm = 0x5a827999;
+            uint Mm = 0x6ed9eba1;
+            int Cr = 19;
+            int Mr = 17;
+            /*
+            * Determine the key size here, if required
+            *
+            * if keysize < 256 bytes, pad with 0
+            *
+            * Typical key sizes => 128, 160, 192, 224, 256
+            */
+            for (int i=0; i< 24; i++)
+            {
+                for (int j=0; j< 8; j++)
+                {
+                    _Tm[i*8 + j] = Cm;
+                    Cm += Mm; //mod 2^32;
+                    _Tr[i*8 + j] = Cr;
+                    Cr = (Cr + Mr) & 0x1f;            // mod 32
+                }
+            }
+
+			byte[] tmpKey = new byte[64];
+			key.CopyTo(tmpKey, 0);
+
+			// now create ABCDEFGH
+            for (int i = 0; i < 8; i++)
+            {
+                _workingKey[i] = Pack.BE_To_UInt32(tmpKey, i*4);
+            }
+
+			// Generate the key schedule
+            for (int i = 0; i < 12; i++)
+            {
+                // KAPPA <- W2i(KAPPA)
+                int i2 = i*2 *8;
+                _workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]);
+                _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]);
+                _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]);
+                _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]);
+                _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]);
+                _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]);
+                _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]);
+                _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]);
+                // KAPPA <- W2i+1(KAPPA)
+                i2 = (i*2 + 1)*8;
+                _workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]);
+                _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]);
+                _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]);
+                _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]);
+                _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]);
+                _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]);
+                _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]);
+                _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]);
+                // Kr_(i) <- KAPPA
+                _Kr[i*4] = (int)(_workingKey[0] & 0x1f);
+                _Kr[i*4 + 1] = (int)(_workingKey[2] & 0x1f);
+                _Kr[i*4 + 2] = (int)(_workingKey[4] & 0x1f);
+                _Kr[i*4 + 3] = (int)(_workingKey[6] & 0x1f);
+                // Km_(i) <- KAPPA
+                _Km[i*4] = _workingKey[7];
+                _Km[i*4 + 1] = _workingKey[5];
+                _Km[i*4 + 2] = _workingKey[3];
+                _Km[i*4 + 3] = _workingKey[1];
+            }
+        }
+
+		/**
+        * Encrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param src        The plaintext buffer
+        * @param srcIndex    An offset into src
+        * @param dst        The ciphertext buffer
+        * @param dstIndex    An offset into dst
+        */
+        internal override int EncryptBlock(
+            byte[]	src,
+            int		srcIndex,
+            byte[]	dst,
+            int		dstIndex)
+        {
+            // process the input block
+            // batch the units up into 4x32 bit chunks and go for it
+            uint A = Pack.BE_To_UInt32(src, srcIndex);
+            uint B = Pack.BE_To_UInt32(src, srcIndex + 4);
+            uint C = Pack.BE_To_UInt32(src, srcIndex + 8);
+            uint D = Pack.BE_To_UInt32(src, srcIndex + 12);
+            uint[] result = new uint[4];
+            CAST_Encipher(A, B, C, D, result);
+            // now stuff them into the destination block
+            Pack.UInt32_To_BE(result[0], dst, dstIndex);
+            Pack.UInt32_To_BE(result[1], dst, dstIndex + 4);
+            Pack.UInt32_To_BE(result[2], dst, dstIndex + 8);
+            Pack.UInt32_To_BE(result[3], dst, dstIndex + 12);
+            return BLOCK_SIZE;
+        }
+
+		/**
+        * Decrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param src        The plaintext buffer
+        * @param srcIndex    An offset into src
+        * @param dst        The ciphertext buffer
+        * @param dstIndex    An offset into dst
+        */
+        internal override int DecryptBlock(
+            byte[]	src,
+            int		srcIndex,
+            byte[]	dst,
+            int		dstIndex)
+        {
+            // process the input block
+            // batch the units up into 4x32 bit chunks and go for it
+            uint A = Pack.BE_To_UInt32(src, srcIndex);
+            uint B = Pack.BE_To_UInt32(src, srcIndex + 4);
+            uint C = Pack.BE_To_UInt32(src, srcIndex + 8);
+            uint D = Pack.BE_To_UInt32(src, srcIndex + 12);
+            uint[] result = new uint[4];
+            CAST_Decipher(A, B, C, D, result);
+            // now stuff them into the destination block
+            Pack.UInt32_To_BE(result[0], dst, dstIndex);
+            Pack.UInt32_To_BE(result[1], dst, dstIndex + 4);
+            Pack.UInt32_To_BE(result[2], dst, dstIndex + 8);
+            Pack.UInt32_To_BE(result[3], dst, dstIndex + 12);
+            return BLOCK_SIZE;
+        }
+
+		/**
+        * Does the 12 quad rounds rounds to encrypt the block.
+        *
+        * @param A    the 00-31  bits of the plaintext block
+        * @param B    the 32-63  bits of the plaintext block
+        * @param C    the 64-95  bits of the plaintext block
+        * @param D    the 96-127 bits of the plaintext block
+        * @param result the resulting ciphertext
+        */
+        private void CAST_Encipher(
+			uint	A,
+			uint	B,
+			uint	C,
+			uint	D,
+			uint[]	result)
+        {
+            for (int i = 0; i < 6; i++)
+            {
+                int x = i*4;
+                // BETA <- Qi(BETA)
+                C ^= F1(D, _Km[x], _Kr[x]);
+                B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
+                A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
+                D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
+            }
+            for (int i = 6; i < 12; i++)
+            {
+                int x = i*4;
+                // BETA <- QBARi(BETA)
+                D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
+                A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
+                B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
+                C ^= F1(D, _Km[x], _Kr[x]);
+            }
+            result[0] = A;
+            result[1] = B;
+            result[2] = C;
+            result[3] = D;
+        }
+
+		/**
+        * Does the 12 quad rounds rounds to decrypt the block.
+        *
+        * @param A    the 00-31  bits of the ciphertext block
+        * @param B    the 32-63  bits of the ciphertext block
+        * @param C    the 64-95  bits of the ciphertext block
+        * @param D    the 96-127 bits of the ciphertext block
+        * @param result the resulting plaintext
+        */
+        private void CAST_Decipher(
+			uint	A,
+			uint	B,
+			uint	C,
+			uint	D,
+			uint[]	result)
+        {
+            for (int i = 0; i < 6; i++)
+            {
+                int x = (11-i)*4;
+                // BETA <- Qi(BETA)
+                C ^= F1(D, _Km[x], _Kr[x]);
+                B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
+                A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
+                D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
+            }
+            for (int i=6; i<12; i++)
+            {
+                int x = (11-i)*4;
+                // BETA <- QBARi(BETA)
+                D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
+                A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
+                B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
+                C ^= F1(D, _Km[x], _Kr[x]);
+            }
+            result[0] = A;
+            result[1] = B;
+            result[2] = C;
+            result[3] = D;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/ChaCha7539Engine.cs b/bc-sharp-crypto/src/crypto/engines/ChaCha7539Engine.cs
new file mode 100644
index 0000000..af4163a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/ChaCha7539Engine.cs
@@ -0,0 +1,65 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /// <summary>
+    /// Implementation of Daniel J. Bernstein's ChaCha stream cipher.
+    /// </summary>
+    public class ChaCha7539Engine
+        : Salsa20Engine
+    {
+        /// <summary>
+        /// Creates a 20 rounds ChaCha engine.
+        /// </summary>
+        public ChaCha7539Engine()
+        {
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "ChaCha7539" + rounds; }
+        }
+
+        protected override int NonceSize
+        {
+            get { return 12; }
+        }
+
+        protected override void AdvanceCounter()
+        {
+            if (++engineState[12] == 0)
+                throw new InvalidOperationException("attempt to increase counter past 2^32.");
+        }
+
+        protected override void ResetCounter()
+        {
+            engineState[12] = 0;
+        }
+
+        protected override void SetKey(byte[] keyBytes, byte[] ivBytes)
+        {
+            if (keyBytes != null)
+            {
+                if (keyBytes.Length != 32)
+                    throw new ArgumentException(AlgorithmName + " requires 256 bit key");
+
+                PackTauOrSigma(keyBytes.Length, engineState, 0);
+
+                // Key
+                Pack.LE_To_UInt32(keyBytes, 0, engineState, 4, 8);
+            }
+
+            // IV
+            Pack.LE_To_UInt32(ivBytes, 0, engineState, 13, 3);
+        }
+
+        protected override void GenerateKeyStream(byte[] output)
+        {
+            ChaChaEngine.ChachaCore(rounds, engineState, x);
+            Pack.UInt32_To_LE(x, output, 0);
+        }
+    }
+}
+
diff --git a/bc-sharp-crypto/src/crypto/engines/ChaChaEngine.cs b/bc-sharp-crypto/src/crypto/engines/ChaChaEngine.cs
new file mode 100644
index 0000000..8720504
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/ChaChaEngine.cs
@@ -0,0 +1,157 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <summary>
+	/// Implementation of Daniel J. Bernstein's ChaCha stream cipher.
+	/// </summary>
+	public class ChaChaEngine
+		: Salsa20Engine
+	{
+		/// <summary>
+		/// Creates a 20 rounds ChaCha engine.
+		/// </summary>
+		public ChaChaEngine()
+		{
+		}
+
+		/// <summary>
+		/// Creates a ChaCha engine with a specific number of rounds.
+		/// </summary>
+		/// <param name="rounds">the number of rounds (must be an even number).</param>
+		public ChaChaEngine(int rounds)
+			: base(rounds)
+		{
+		}
+
+		public override string AlgorithmName
+		{
+			get { return "ChaCha" + rounds; }
+		}
+
+		protected override void AdvanceCounter()
+		{
+			if (++engineState[12] == 0)
+			{
+				++engineState[13];
+			}
+		}
+
+		protected override void ResetCounter()
+		{
+			engineState[12] = engineState[13] = 0;
+		}
+
+		protected override void SetKey(byte[] keyBytes, byte[] ivBytes)
+		{
+            if (keyBytes != null)
+            {
+                if ((keyBytes.Length != 16) && (keyBytes.Length != 32))
+                    throw new ArgumentException(AlgorithmName + " requires 128 bit or 256 bit key");
+
+                PackTauOrSigma(keyBytes.Length, engineState, 0);
+
+                // Key
+                Pack.LE_To_UInt32(keyBytes, 0, engineState, 4, 4);
+                Pack.LE_To_UInt32(keyBytes, keyBytes.Length - 16, engineState, 8, 4);
+            }
+
+            // IV
+            Pack.LE_To_UInt32(ivBytes, 0, engineState, 14, 2);
+		}
+
+		protected override void GenerateKeyStream(byte[] output)
+		{
+			ChachaCore(rounds, engineState, x);
+			Pack.UInt32_To_LE(x, output, 0);
+		}
+
+		/// <summary>
+		/// ChaCha function.
+		/// </summary>
+		/// <param name="rounds">The number of ChaCha rounds to execute</param>
+		/// <param name="input">The input words.</param>
+		/// <param name="x">The ChaCha state to modify.</param>
+		internal static void ChachaCore(int rounds, uint[] input, uint[] x)
+		{
+			if (input.Length != 16)
+				throw new ArgumentException();
+			if (x.Length != 16)
+				throw new ArgumentException();
+			if (rounds % 2 != 0)
+				throw new ArgumentException("Number of rounds must be even");
+
+            uint x00 = input[ 0];
+			uint x01 = input[ 1];
+			uint x02 = input[ 2];
+			uint x03 = input[ 3];
+			uint x04 = input[ 4];
+			uint x05 = input[ 5];
+			uint x06 = input[ 6];
+			uint x07 = input[ 7];
+			uint x08 = input[ 8];
+			uint x09 = input[ 9];
+			uint x10 = input[10];
+			uint x11 = input[11];
+			uint x12 = input[12];
+			uint x13 = input[13];
+			uint x14 = input[14];
+			uint x15 = input[15];
+
+			for (int i = rounds; i > 0; i -= 2)
+			{
+				x00 += x04; x12 = R(x12 ^ x00, 16);
+				x08 += x12; x04 = R(x04 ^ x08, 12);
+				x00 += x04; x12 = R(x12 ^ x00, 8);
+				x08 += x12; x04 = R(x04 ^ x08, 7);
+				x01 += x05; x13 = R(x13 ^ x01, 16);
+				x09 += x13; x05 = R(x05 ^ x09, 12);
+				x01 += x05; x13 = R(x13 ^ x01, 8);
+				x09 += x13; x05 = R(x05 ^ x09, 7);
+				x02 += x06; x14 = R(x14 ^ x02, 16);
+				x10 += x14; x06 = R(x06 ^ x10, 12);
+				x02 += x06; x14 = R(x14 ^ x02, 8);
+				x10 += x14; x06 = R(x06 ^ x10, 7);
+				x03 += x07; x15 = R(x15 ^ x03, 16);
+				x11 += x15; x07 = R(x07 ^ x11, 12);
+				x03 += x07; x15 = R(x15 ^ x03, 8);
+				x11 += x15; x07 = R(x07 ^ x11, 7);
+				x00 += x05; x15 = R(x15 ^ x00, 16);
+				x10 += x15; x05 = R(x05 ^ x10, 12);
+				x00 += x05; x15 = R(x15 ^ x00, 8);
+				x10 += x15; x05 = R(x05 ^ x10, 7);
+				x01 += x06; x12 = R(x12 ^ x01, 16);
+				x11 += x12; x06 = R(x06 ^ x11, 12);
+				x01 += x06; x12 = R(x12 ^ x01, 8);
+				x11 += x12; x06 = R(x06 ^ x11, 7);
+				x02 += x07; x13 = R(x13 ^ x02, 16);
+				x08 += x13; x07 = R(x07 ^ x08, 12);
+				x02 += x07; x13 = R(x13 ^ x02, 8);
+				x08 += x13; x07 = R(x07 ^ x08, 7);
+				x03 += x04; x14 = R(x14 ^ x03, 16);
+				x09 += x14; x04 = R(x04 ^ x09, 12);
+				x03 += x04; x14 = R(x14 ^ x03, 8);
+				x09 += x14; x04 = R(x04 ^ x09, 7);
+			}
+
+			x[ 0] = x00 + input[ 0];
+			x[ 1] = x01 + input[ 1];
+			x[ 2] = x02 + input[ 2];
+			x[ 3] = x03 + input[ 3];
+			x[ 4] = x04 + input[ 4];
+			x[ 5] = x05 + input[ 5];
+			x[ 6] = x06 + input[ 6];
+			x[ 7] = x07 + input[ 7];
+			x[ 8] = x08 + input[ 8];
+			x[ 9] = x09 + input[ 9];
+			x[10] = x10 + input[10];
+			x[11] = x11 + input[11];
+			x[12] = x12 + input[12];
+			x[13] = x13 + input[13];
+			x[14] = x14 + input[14];
+			x[15] = x15 + input[15];
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/DesEdeEngine.cs b/bc-sharp-crypto/src/crypto/engines/DesEdeEngine.cs
new file mode 100644
index 0000000..2fac24a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/DesEdeEngine.cs
@@ -0,0 +1,100 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /// <remarks>A class that provides a basic DESede (or Triple DES) engine.</remarks>
+    public class DesEdeEngine
+        : DesEngine
+    {
+        private int[] workingKey1, workingKey2, workingKey3;
+        private bool forEncryption;
+
+        /**
+        * initialise a DESede cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public override void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+                throw new ArgumentException("invalid parameter passed to DESede init - " + Platform.GetTypeName(parameters));
+
+            byte[] keyMaster = ((KeyParameter)parameters).GetKey();
+            if (keyMaster.Length != 24 && keyMaster.Length != 16)
+                throw new ArgumentException("key size must be 16 or 24 bytes.");
+
+            this.forEncryption = forEncryption;
+
+            byte[] key1 = new byte[8];
+            Array.Copy(keyMaster, 0, key1, 0, key1.Length);
+            workingKey1 = GenerateWorkingKey(forEncryption, key1);
+
+            byte[] key2 = new byte[8];
+            Array.Copy(keyMaster, 8, key2, 0, key2.Length);
+            workingKey2 = GenerateWorkingKey(!forEncryption, key2);
+
+            if (keyMaster.Length == 24)
+            {
+                byte[] key3 = new byte[8];
+                Array.Copy(keyMaster, 16, key3, 0, key3.Length);
+                workingKey3 = GenerateWorkingKey(forEncryption, key3);
+            }
+            else        // 16 byte key
+            {
+                workingKey3 = workingKey1;
+            }
+        }
+
+        public override string AlgorithmName
+        {
+            get { return "DESede"; }
+        }
+
+        public override int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public override int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (workingKey1 == null)
+                throw new InvalidOperationException("DESede engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            byte[] temp = new byte[BLOCK_SIZE];
+
+            if (forEncryption)
+            {
+                DesFunc(workingKey1, input, inOff, temp, 0);
+                DesFunc(workingKey2, temp, 0, temp, 0);
+                DesFunc(workingKey3, temp, 0, output, outOff);
+            }
+            else
+            {
+                DesFunc(workingKey3, input, inOff, temp, 0);
+                DesFunc(workingKey2, temp, 0, temp, 0);
+                DesFunc(workingKey1, temp, 0, output, outOff);
+            }
+
+            return BLOCK_SIZE;
+        }
+
+        public override void Reset()
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/DesEdeWrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/DesEdeWrapEngine.cs
new file mode 100644
index 0000000..43100a9
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/DesEdeWrapEngine.cs
@@ -0,0 +1,322 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * Wrap keys according to
+    * <a href="http://www.ietf.org/internet-drafts/draft-ietf-smime-key-wrap-01.txt">
+    * draft-ietf-smime-key-wrap-01.txt</a>.
+    * <p>
+    * Note:
+    * <ul>
+    * <li>this is based on a draft, and as such is subject to change - don't use this class for anything requiring long term storage.</li>
+    * <li>if you are using this to wrap triple-des keys you need to set the
+    * parity bits on the key and, if it's a two-key triple-des key, pad it
+    * yourself.</li>
+    * </ul>
+	* </p>
+    */
+    public class DesEdeWrapEngine
+		: IWrapper
+    {
+        /** Field engine */
+        private CbcBlockCipher engine;
+        /** Field param */
+        private KeyParameter param;
+        /** Field paramPlusIV */
+        private ParametersWithIV paramPlusIV;
+        /** Field iv */
+        private byte[] iv;
+        /** Field forWrapping */
+        private bool forWrapping;
+        /** Field IV2           */
+        private static readonly byte[] IV2 = { (byte) 0x4a, (byte) 0xdd, (byte) 0xa2,
+                                            (byte) 0x2c, (byte) 0x79, (byte) 0xe8,
+                                            (byte) 0x21, (byte) 0x05 };
+
+		//
+        // checksum digest
+        //
+        private readonly IDigest sha1 = new Sha1Digest();
+        private readonly byte[] digest = new byte[20];
+
+		/**
+        * Method init
+        *
+        * @param forWrapping
+        * @param param
+        */
+        public virtual void Init(
+			bool				forWrapping,
+			ICipherParameters	parameters)
+        {
+            this.forWrapping = forWrapping;
+            this.engine = new CbcBlockCipher(new DesEdeEngine());
+
+			SecureRandom sr;
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom pr = (ParametersWithRandom) parameters;
+				parameters = pr.Parameters;
+				sr = pr.Random;
+			}
+			else
+			{
+				sr = new SecureRandom();
+			}
+
+			if (parameters is KeyParameter)
+            {
+                this.param = (KeyParameter) parameters;
+                if (this.forWrapping)
+				{
+                    // Hm, we have no IV but we want to wrap ?!?
+                    // well, then we have to create our own IV.
+                    this.iv = new byte[8];
+					sr.NextBytes(iv);
+
+					this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
+                }
+            }
+            else if (parameters is ParametersWithIV)
+            {
+				if (!forWrapping)
+					throw new ArgumentException("You should not supply an IV for unwrapping");
+
+				this.paramPlusIV = (ParametersWithIV) parameters;
+                this.iv = this.paramPlusIV.GetIV();
+                this.param = (KeyParameter) this.paramPlusIV.Parameters;
+
+				if (this.iv.Length != 8)
+					throw new ArgumentException("IV is not 8 octets", "parameters");
+            }
+        }
+
+		/**
+        * Method GetAlgorithmName
+        *
+        * @return
+        */
+        public virtual string AlgorithmName
+        {
+            get { return "DESede"; }
+        }
+
+		/**
+        * Method wrap
+        *
+        * @param in
+        * @param inOff
+        * @param inLen
+        * @return
+        */
+        public virtual byte[] Wrap(
+			byte[]	input,
+			int		inOff,
+			int		length)
+        {
+            if (!forWrapping)
+            {
+                throw new InvalidOperationException("Not initialized for wrapping");
+            }
+
+			byte[] keyToBeWrapped = new byte[length];
+            Array.Copy(input, inOff, keyToBeWrapped, 0, length);
+
+            // Compute the CMS Key Checksum, (section 5.6.1), call this CKS.
+            byte[] CKS = CalculateCmsKeyChecksum(keyToBeWrapped);
+
+            // Let WKCKS = WK || CKS where || is concatenation.
+            byte[] WKCKS = new byte[keyToBeWrapped.Length + CKS.Length];
+            Array.Copy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.Length);
+            Array.Copy(CKS, 0, WKCKS, keyToBeWrapped.Length, CKS.Length);
+
+            // Encrypt WKCKS in CBC mode using KEK as the key and IV as the
+            // initialization vector. Call the results TEMP1.
+
+			int blockSize = engine.GetBlockSize();
+
+			if (WKCKS.Length % blockSize != 0)
+                throw new InvalidOperationException("Not multiple of block length");
+
+			engine.Init(true, paramPlusIV);
+
+            byte [] TEMP1 = new byte[WKCKS.Length];
+
+			for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize)
+			{
+                engine.ProcessBlock(WKCKS, currentBytePos, TEMP1, currentBytePos);
+            }
+
+            // Let TEMP2 = IV || TEMP1.
+            byte[] TEMP2 = new byte[this.iv.Length + TEMP1.Length];
+            Array.Copy(this.iv, 0, TEMP2, 0, this.iv.Length);
+            Array.Copy(TEMP1, 0, TEMP2, this.iv.Length, TEMP1.Length);
+
+            // Reverse the order of the octets in TEMP2 and call the result TEMP3.
+            byte[] TEMP3 = reverse(TEMP2);
+
+			// Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
+            // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired
+            // result. It is 40 octets long if a 168 bit key is being wrapped.
+            ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
+            this.engine.Init(true, param2);
+
+            for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize)
+			{
+                engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
+            }
+
+            return TEMP3;
+        }
+
+		/**
+        * Method unwrap
+        *
+        * @param in
+        * @param inOff
+        * @param inLen
+        * @return
+        * @throws InvalidCipherTextException
+        */
+        public virtual byte[] Unwrap(
+			byte[]	input,
+			int		inOff,
+			int		length)
+        {
+            if (forWrapping)
+            {
+                throw new InvalidOperationException("Not set for unwrapping");
+            }
+            if (input == null)
+            {
+                throw new InvalidCipherTextException("Null pointer as ciphertext");
+            }
+
+			int blockSize = engine.GetBlockSize();
+			
+            if (length % blockSize != 0)
+            {
+                throw new InvalidCipherTextException("Ciphertext not multiple of " + blockSize);
+            }
+
+			/*
+            // Check if the length of the cipher text is reasonable given the key
+            // type. It must be 40 bytes for a 168 bit key and either 32, 40, or
+            // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported
+            // or inconsistent with the algorithm for which the key is intended,
+            // return error.
+            //
+            // we do not accept 168 bit keys. it has to be 192 bit.
+            int lengthA = (estimatedKeyLengthInBit / 8) + 16;
+            int lengthB = estimatedKeyLengthInBit % 8;
+            if ((lengthA != keyToBeUnwrapped.Length) || (lengthB != 0)) {
+                throw new XMLSecurityException("empty");
+            }
+            */
+
+            // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK
+            // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
+            ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
+            this.engine.Init(false, param2);
+
+            byte [] TEMP3 = new byte[length];
+
+			for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize)
+			{
+				engine.ProcessBlock(input, inOff + currentBytePos, TEMP3, currentBytePos);
+            }
+
+            // Reverse the order of the octets in TEMP3 and call the result TEMP2.
+            byte[] TEMP2 = reverse(TEMP3);
+
+			// Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets.
+            this.iv = new byte[8];
+            byte[] TEMP1 = new byte[TEMP2.Length - 8];
+            Array.Copy(TEMP2, 0, this.iv, 0, 8);
+            Array.Copy(TEMP2, 8, TEMP1, 0, TEMP2.Length - 8);
+
+            // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV
+            // found in the previous step. Call the result WKCKS.
+            this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
+            this.engine.Init(false, this.paramPlusIV);
+
+            byte[] WKCKS = new byte[TEMP1.Length];
+
+            for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize)
+			{
+                engine.ProcessBlock(TEMP1, currentBytePos, WKCKS, currentBytePos);
+            }
+
+            // Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are
+            // those octets before the CKS.
+            byte[] result = new byte[WKCKS.Length - 8];
+            byte[] CKStoBeVerified = new byte[8];
+            Array.Copy(WKCKS, 0, result, 0, WKCKS.Length - 8);
+            Array.Copy(WKCKS, WKCKS.Length - 8, CKStoBeVerified, 0, 8);
+
+            // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare
+            // with the CKS extracted in the above step. If they are not equal, return error.
+            if (!CheckCmsKeyChecksum(result, CKStoBeVerified)) {
+                throw new InvalidCipherTextException(
+                    "Checksum inside ciphertext is corrupted");
+            }
+
+            // WK is the wrapped key, now extracted for use in data decryption.
+            return result;
+        }
+
+		/**
+        * Some key wrap algorithms make use of the Key Checksum defined
+        * in CMS [CMS-Algorithms]. This is used to provide an integrity
+        * check value for the key being wrapped. The algorithm is
+        *
+        * - Compute the 20 octet SHA-1 hash on the key being wrapped.
+        * - Use the first 8 octets of this hash as the checksum value.
+        *
+        * @param key
+        * @return
+        * @throws Exception
+        * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
+        */
+        private byte[] CalculateCmsKeyChecksum(
+            byte[] key)
+        {
+			sha1.BlockUpdate(key, 0, key.Length);
+            sha1.DoFinal(digest, 0);
+
+            byte[] result = new byte[8];
+			Array.Copy(digest, 0, result, 0, 8);
+			return result;
+        }
+
+		/**
+        * @param key
+        * @param checksum
+        * @return
+        * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
+        */
+        private bool CheckCmsKeyChecksum(
+            byte[]	key,
+            byte[]	checksum)
+        {
+			return Arrays.ConstantTimeAreEqual(CalculateCmsKeyChecksum(key), checksum);
+        }
+
+		private static byte[] reverse(byte[] bs)
+		{
+			byte[] result = new byte[bs.Length];
+			for (int i = 0; i < bs.Length; i++) 
+			{
+				result[i] = bs[bs.Length - (i + 1)];
+			}
+			return result;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/DesEngine.cs b/bc-sharp-crypto/src/crypto/engines/DesEngine.cs
new file mode 100644
index 0000000..cfd5068
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/DesEngine.cs
@@ -0,0 +1,475 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <remarks>A class that provides a basic DES engine.</remarks>
+    public class DesEngine
+		: IBlockCipher
+    {
+        internal const int BLOCK_SIZE = 8;
+
+		private int[] workingKey;
+
+        public virtual int[] GetWorkingKey()
+		{
+			return workingKey;
+		}
+
+		/**
+        * initialise a DES cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+				throw new ArgumentException("invalid parameter passed to DES init - " + Platform.GetTypeName(parameters));
+
+			workingKey = GenerateWorkingKey(forEncryption, ((KeyParameter)parameters).GetKey());
+        }
+
+		public virtual string AlgorithmName
+        {
+            get { return "DES"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+		public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("DES engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            DesFunc(workingKey, input, inOff, output, outOff);
+
+			return BLOCK_SIZE;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        /**
+        * what follows is mainly taken from "Applied Cryptography", by
+        * Bruce Schneier, however it also bears great resemblance to Richard
+        * Outerbridge's D3DES...
+        */
+
+//        private static readonly short[] Df_Key =
+//        {
+//            0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+//            0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+//            0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+//        };
+
+		private static readonly short[] bytebit =
+        {
+            128, 64, 32, 16, 8, 4, 2, 1
+        };
+
+		private static readonly int[] bigbyte =
+        {
+            0x800000,	0x400000,	0x200000,	0x100000,
+            0x80000,	0x40000,	0x20000,	0x10000,
+            0x8000,		0x4000,		0x2000,		0x1000,
+            0x800,		0x400,		0x200,		0x100,
+            0x80,		0x40,		0x20,		0x10,
+            0x8,		0x4,		0x2,		0x1
+        };
+
+		/*
+        * Use the key schedule specified in the Standard (ANSI X3.92-1981).
+        */
+        private static readonly byte[] pc1 =
+        {
+            56, 48, 40, 32, 24, 16,  8,   0, 57, 49, 41, 33, 25, 17,
+            9,  1, 58, 50, 42, 34, 26,  18, 10,  2, 59, 51, 43, 35,
+            62, 54, 46, 38, 30, 22, 14,   6, 61, 53, 45, 37, 29, 21,
+            13,  5, 60, 52, 44, 36, 28,  20, 12,  4, 27, 19, 11,  3
+        };
+
+        private static readonly byte[] totrot =
+        {
+            1, 2, 4, 6, 8, 10, 12, 14,
+            15, 17, 19, 21, 23, 25, 27, 28
+        };
+
+		private static readonly byte[] pc2 =
+        {
+            13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+            22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+            40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+            43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31
+        };
+
+		private static readonly uint[] SP1 =
+		{
+            0x01010400, 0x00000000, 0x00010000, 0x01010404,
+            0x01010004, 0x00010404, 0x00000004, 0x00010000,
+            0x00000400, 0x01010400, 0x01010404, 0x00000400,
+            0x01000404, 0x01010004, 0x01000000, 0x00000004,
+            0x00000404, 0x01000400, 0x01000400, 0x00010400,
+            0x00010400, 0x01010000, 0x01010000, 0x01000404,
+            0x00010004, 0x01000004, 0x01000004, 0x00010004,
+            0x00000000, 0x00000404, 0x00010404, 0x01000000,
+            0x00010000, 0x01010404, 0x00000004, 0x01010000,
+            0x01010400, 0x01000000, 0x01000000, 0x00000400,
+            0x01010004, 0x00010000, 0x00010400, 0x01000004,
+            0x00000400, 0x00000004, 0x01000404, 0x00010404,
+            0x01010404, 0x00010004, 0x01010000, 0x01000404,
+            0x01000004, 0x00000404, 0x00010404, 0x01010400,
+            0x00000404, 0x01000400, 0x01000400, 0x00000000,
+            0x00010004, 0x00010400, 0x00000000, 0x01010004
+        };
+
+		private static readonly uint[] SP2 =
+		{
+            0x80108020, 0x80008000, 0x00008000, 0x00108020,
+            0x00100000, 0x00000020, 0x80100020, 0x80008020,
+            0x80000020, 0x80108020, 0x80108000, 0x80000000,
+            0x80008000, 0x00100000, 0x00000020, 0x80100020,
+            0x00108000, 0x00100020, 0x80008020, 0x00000000,
+            0x80000000, 0x00008000, 0x00108020, 0x80100000,
+            0x00100020, 0x80000020, 0x00000000, 0x00108000,
+            0x00008020, 0x80108000, 0x80100000, 0x00008020,
+            0x00000000, 0x00108020, 0x80100020, 0x00100000,
+            0x80008020, 0x80100000, 0x80108000, 0x00008000,
+            0x80100000, 0x80008000, 0x00000020, 0x80108020,
+            0x00108020, 0x00000020, 0x00008000, 0x80000000,
+            0x00008020, 0x80108000, 0x00100000, 0x80000020,
+            0x00100020, 0x80008020, 0x80000020, 0x00100020,
+            0x00108000, 0x00000000, 0x80008000, 0x00008020,
+            0x80000000, 0x80100020, 0x80108020, 0x00108000
+        };
+
+		private static readonly uint[] SP3 =
+		{
+            0x00000208, 0x08020200, 0x00000000, 0x08020008,
+            0x08000200, 0x00000000, 0x00020208, 0x08000200,
+            0x00020008, 0x08000008, 0x08000008, 0x00020000,
+            0x08020208, 0x00020008, 0x08020000, 0x00000208,
+            0x08000000, 0x00000008, 0x08020200, 0x00000200,
+            0x00020200, 0x08020000, 0x08020008, 0x00020208,
+            0x08000208, 0x00020200, 0x00020000, 0x08000208,
+            0x00000008, 0x08020208, 0x00000200, 0x08000000,
+            0x08020200, 0x08000000, 0x00020008, 0x00000208,
+            0x00020000, 0x08020200, 0x08000200, 0x00000000,
+            0x00000200, 0x00020008, 0x08020208, 0x08000200,
+            0x08000008, 0x00000200, 0x00000000, 0x08020008,
+            0x08000208, 0x00020000, 0x08000000, 0x08020208,
+            0x00000008, 0x00020208, 0x00020200, 0x08000008,
+            0x08020000, 0x08000208, 0x00000208, 0x08020000,
+            0x00020208, 0x00000008, 0x08020008, 0x00020200
+        };
+
+		private static readonly uint[] SP4 =
+		{
+            0x00802001, 0x00002081, 0x00002081, 0x00000080,
+            0x00802080, 0x00800081, 0x00800001, 0x00002001,
+            0x00000000, 0x00802000, 0x00802000, 0x00802081,
+            0x00000081, 0x00000000, 0x00800080, 0x00800001,
+            0x00000001, 0x00002000, 0x00800000, 0x00802001,
+            0x00000080, 0x00800000, 0x00002001, 0x00002080,
+            0x00800081, 0x00000001, 0x00002080, 0x00800080,
+            0x00002000, 0x00802080, 0x00802081, 0x00000081,
+            0x00800080, 0x00800001, 0x00802000, 0x00802081,
+            0x00000081, 0x00000000, 0x00000000, 0x00802000,
+            0x00002080, 0x00800080, 0x00800081, 0x00000001,
+            0x00802001, 0x00002081, 0x00002081, 0x00000080,
+            0x00802081, 0x00000081, 0x00000001, 0x00002000,
+            0x00800001, 0x00002001, 0x00802080, 0x00800081,
+            0x00002001, 0x00002080, 0x00800000, 0x00802001,
+            0x00000080, 0x00800000, 0x00002000, 0x00802080
+        };
+
+		private static readonly uint[] SP5 =
+		{
+            0x00000100, 0x02080100, 0x02080000, 0x42000100,
+            0x00080000, 0x00000100, 0x40000000, 0x02080000,
+            0x40080100, 0x00080000, 0x02000100, 0x40080100,
+            0x42000100, 0x42080000, 0x00080100, 0x40000000,
+            0x02000000, 0x40080000, 0x40080000, 0x00000000,
+            0x40000100, 0x42080100, 0x42080100, 0x02000100,
+            0x42080000, 0x40000100, 0x00000000, 0x42000000,
+            0x02080100, 0x02000000, 0x42000000, 0x00080100,
+            0x00080000, 0x42000100, 0x00000100, 0x02000000,
+            0x40000000, 0x02080000, 0x42000100, 0x40080100,
+            0x02000100, 0x40000000, 0x42080000, 0x02080100,
+            0x40080100, 0x00000100, 0x02000000, 0x42080000,
+            0x42080100, 0x00080100, 0x42000000, 0x42080100,
+            0x02080000, 0x00000000, 0x40080000, 0x42000000,
+            0x00080100, 0x02000100, 0x40000100, 0x00080000,
+            0x00000000, 0x40080000, 0x02080100, 0x40000100
+        };
+
+		private static readonly uint[] SP6 =
+		{
+            0x20000010, 0x20400000, 0x00004000, 0x20404010,
+            0x20400000, 0x00000010, 0x20404010, 0x00400000,
+            0x20004000, 0x00404010, 0x00400000, 0x20000010,
+            0x00400010, 0x20004000, 0x20000000, 0x00004010,
+            0x00000000, 0x00400010, 0x20004010, 0x00004000,
+            0x00404000, 0x20004010, 0x00000010, 0x20400010,
+            0x20400010, 0x00000000, 0x00404010, 0x20404000,
+            0x00004010, 0x00404000, 0x20404000, 0x20000000,
+            0x20004000, 0x00000010, 0x20400010, 0x00404000,
+            0x20404010, 0x00400000, 0x00004010, 0x20000010,
+            0x00400000, 0x20004000, 0x20000000, 0x00004010,
+            0x20000010, 0x20404010, 0x00404000, 0x20400000,
+            0x00404010, 0x20404000, 0x00000000, 0x20400010,
+            0x00000010, 0x00004000, 0x20400000, 0x00404010,
+            0x00004000, 0x00400010, 0x20004010, 0x00000000,
+            0x20404000, 0x20000000, 0x00400010, 0x20004010
+        };
+
+		private static readonly uint[] SP7 =
+		{
+            0x00200000, 0x04200002, 0x04000802, 0x00000000,
+            0x00000800, 0x04000802, 0x00200802, 0x04200800,
+            0x04200802, 0x00200000, 0x00000000, 0x04000002,
+            0x00000002, 0x04000000, 0x04200002, 0x00000802,
+            0x04000800, 0x00200802, 0x00200002, 0x04000800,
+            0x04000002, 0x04200000, 0x04200800, 0x00200002,
+            0x04200000, 0x00000800, 0x00000802, 0x04200802,
+            0x00200800, 0x00000002, 0x04000000, 0x00200800,
+            0x04000000, 0x00200800, 0x00200000, 0x04000802,
+            0x04000802, 0x04200002, 0x04200002, 0x00000002,
+            0x00200002, 0x04000000, 0x04000800, 0x00200000,
+            0x04200800, 0x00000802, 0x00200802, 0x04200800,
+            0x00000802, 0x04000002, 0x04200802, 0x04200000,
+            0x00200800, 0x00000000, 0x00000002, 0x04200802,
+            0x00000000, 0x00200802, 0x04200000, 0x00000800,
+            0x04000002, 0x04000800, 0x00000800, 0x00200002
+        };
+
+		private static readonly uint[] SP8 =
+		{
+            0x10001040, 0x00001000, 0x00040000, 0x10041040,
+            0x10000000, 0x10001040, 0x00000040, 0x10000000,
+            0x00040040, 0x10040000, 0x10041040, 0x00041000,
+            0x10041000, 0x00041040, 0x00001000, 0x00000040,
+            0x10040000, 0x10000040, 0x10001000, 0x00001040,
+            0x00041000, 0x00040040, 0x10040040, 0x10041000,
+            0x00001040, 0x00000000, 0x00000000, 0x10040040,
+            0x10000040, 0x10001000, 0x00041040, 0x00040000,
+            0x00041040, 0x00040000, 0x10041000, 0x00001000,
+            0x00000040, 0x10040040, 0x00001000, 0x00041040,
+            0x10001000, 0x00000040, 0x10000040, 0x10040000,
+            0x10040040, 0x10000000, 0x00040000, 0x10001040,
+            0x00000000, 0x10041040, 0x00040040, 0x10000040,
+            0x10040000, 0x10001000, 0x10001040, 0x00000000,
+            0x10041040, 0x00041000, 0x00041000, 0x00001040,
+            0x00001040, 0x00040040, 0x10000000, 0x10041000
+        };
+
+		/**
+        * Generate an integer based working key based on our secret key
+        * and what we processing we are planning to do.
+        *
+        * Acknowledgements for this routine go to James Gillogly and Phil Karn.
+        *         (whoever, and wherever they are!).
+        */
+        protected static int[] GenerateWorkingKey(
+            bool	encrypting,
+            byte[]	key)
+        {
+            int[] newKey = new int[32];
+            bool[] pc1m = new bool[56];
+			bool[] pcr = new bool[56];
+
+			for (int j = 0; j < 56; j++ )
+            {
+                int l = pc1[j];
+
+				pc1m[j] = ((key[(uint) l >> 3] & bytebit[l & 07]) != 0);
+            }
+
+            for (int i = 0; i < 16; i++)
+            {
+                int l, m, n;
+
+                if (encrypting)
+                {
+                    m = i << 1;
+                }
+                else
+                {
+                    m = (15 - i) << 1;
+                }
+
+                n = m + 1;
+                newKey[m] = newKey[n] = 0;
+
+                for (int j = 0; j < 28; j++)
+                {
+                    l = j + totrot[i];
+                    if ( l < 28 )
+                    {
+                        pcr[j] = pc1m[l];
+                    }
+                    else
+                    {
+                        pcr[j] = pc1m[l - 28];
+                    }
+                }
+
+                for (int j = 28; j < 56; j++)
+                {
+                    l = j + totrot[i];
+                    if (l < 56 )
+                    {
+                        pcr[j] = pc1m[l];
+                    }
+                    else
+                    {
+                        pcr[j] = pc1m[l - 28];
+                    }
+                }
+
+                for (int j = 0; j < 24; j++)
+                {
+                    if (pcr[pc2[j]])
+                    {
+                        newKey[m] |= bigbyte[j];
+                    }
+
+                    if (pcr[pc2[j + 24]])
+                    {
+                        newKey[n] |= bigbyte[j];
+                    }
+                }
+            }
+
+            //
+            // store the processed key
+            //
+            for (int i = 0; i != 32; i += 2)
+            {
+                int i1, i2;
+
+                i1 = newKey[i];
+                i2 = newKey[i + 1];
+
+                newKey[i] = (int) ( (uint) ((i1 & 0x00fc0000) << 6)  |
+                                    (uint) ((i1 & 0x00000fc0) << 10) |
+                                    ((uint) (i2 & 0x00fc0000) >> 10) |
+                                    ((uint) (i2 & 0x00000fc0) >> 6));
+
+                newKey[i + 1] = (int) ( (uint) ((i1 & 0x0003f000) << 12) |
+                                        (uint) ((i1 & 0x0000003f) << 16) |
+                                        ((uint) (i2 & 0x0003f000) >> 4) |
+                                        (uint) (i2 & 0x0000003f));
+            }
+
+            return newKey;
+        }
+
+        /**
+        * the DES engine.
+        */
+        internal static void DesFunc(
+            int[]	wKey,
+            byte[]	input,
+            int		inOff,
+            byte[]	outBytes,
+            int		outOff)
+        {
+			uint left = Pack.BE_To_UInt32(input, inOff);
+			uint right = Pack.BE_To_UInt32(input, inOff + 4);
+			uint work;
+
+            work = ((left >> 4) ^ right) & 0x0f0f0f0f;
+            right ^= work;
+            left ^= (work << 4);
+            work = ((left >> 16) ^ right) & 0x0000ffff;
+            right ^= work;
+            left ^= (work << 16);
+            work = ((right >> 2) ^ left) & 0x33333333;
+            left ^= work;
+            right ^= (work << 2);
+            work = ((right >> 8) ^ left) & 0x00ff00ff;
+            left ^= work;
+            right ^= (work << 8);
+            right = (right << 1) | (right >> 31);
+            work = (left ^ right) & 0xaaaaaaaa;
+            left ^= work;
+            right ^= work;
+            left = (left << 1) | (left >> 31);
+
+            for (int round = 0; round < 8; round++)
+            {
+                uint fval;
+
+                work  = (right << 28) | (right >> 4);
+                work ^= (uint)wKey[round * 4 + 0];
+                fval  = SP7[work         & 0x3f];
+                fval |= SP5[(work >>  8) & 0x3f];
+                fval |= SP3[(work >> 16) & 0x3f];
+                fval |= SP1[(work >> 24) & 0x3f];
+                work  = right ^ (uint)wKey[round * 4 + 1];
+                fval |= SP8[ work        & 0x3f];
+                fval |= SP6[(work >>  8) & 0x3f];
+                fval |= SP4[(work >> 16) & 0x3f];
+                fval |= SP2[(work >> 24) & 0x3f];
+                left ^= fval;
+                work  = (left << 28) | (left >> 4);
+                work ^= (uint)wKey[round * 4 + 2];
+                fval  = SP7[ work        & 0x3f];
+                fval |= SP5[(work >>  8) & 0x3f];
+                fval |= SP3[(work >> 16) & 0x3f];
+                fval |= SP1[(work >> 24) & 0x3f];
+                work  = left ^ (uint)wKey[round * 4 + 3];
+                fval |= SP8[ work        & 0x3f];
+                fval |= SP6[(work >>  8) & 0x3f];
+                fval |= SP4[(work >> 16) & 0x3f];
+                fval |= SP2[(work >> 24) & 0x3f];
+                right ^= fval;
+            }
+
+            right = (right << 31) | (right >> 1);
+            work = (left ^ right) & 0xaaaaaaaa;
+            left ^= work;
+            right ^= work;
+            left = (left << 31) | (left >> 1);
+            work = ((left >> 8) ^ right) & 0x00ff00ff;
+            right ^= work;
+            left ^= (work << 8);
+            work = ((left >> 2) ^ right) & 0x33333333;
+            right ^= work;
+            left ^= (work << 2);
+            work = ((right >> 16) ^ left) & 0x0000ffff;
+            left ^= work;
+            right ^= (work << 16);
+            work = ((right >> 4) ^ left) & 0x0f0f0f0f;
+            left ^= work;
+            right ^= (work << 4);
+
+			Pack.UInt32_To_BE(right, outBytes, outOff);
+			Pack.UInt32_To_BE(left, outBytes, outOff + 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/Dstu7624Engine.cs b/bc-sharp-crypto/src/crypto/engines/Dstu7624Engine.cs
new file mode 100644
index 0000000..cdb0f50
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/Dstu7624Engine.cs
@@ -0,0 +1,766 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * implementation of DSTU 7624 (Kalyna)
+    */
+    public class Dstu7624Engine
+         : IBlockCipher
+    {
+        private static readonly int BITS_IN_WORD = 64;
+        private static readonly int BITS_IN_BYTE = 8;
+
+        private static readonly int REDUCTION_POLYNOMIAL = 0x011d; /* x^8 + x^4 + x^3 + x^2 + 1 */
+
+        private ulong[] internalState;
+        private ulong[] workingKey;
+        private ulong[][] roundKeys;
+
+        /* Number of 64-bit words in block */
+        private int wordsInBlock;
+
+        /* Number of 64-bit words in key */
+        private int wordsInKey;
+
+        /* Number of encryption rounds depending on key length */
+        private static int ROUNDS_128 = 10;
+        private static int ROUNDS_256 = 14;
+        private static int ROUNDS_512 = 18;
+
+        private int blockSizeBits;
+        private int roundsAmount;
+
+        private bool forEncryption;
+
+        private byte[] internalStateBytes;
+        private byte[] tempInternalStateBytes;
+
+        public Dstu7624Engine(int blockSizeBits)
+        {
+            /* DSTU7624 supports 128 | 256 | 512 key/block sizes */
+            if (blockSizeBits != 128 && blockSizeBits != 256 && blockSizeBits != 512)
+            {
+                throw new ArgumentException("Unsupported block length: only 128/256/512 are allowed");
+            }
+            this.blockSizeBits = blockSizeBits;
+
+            wordsInBlock = blockSizeBits / BITS_IN_WORD;
+            internalState = new ulong[wordsInBlock];
+
+            internalStateBytes = new byte[internalState.Length * 64 / BITS_IN_BYTE];
+            tempInternalStateBytes = new byte[internalState.Length * 64 / BITS_IN_BYTE];
+        }
+
+        #region INITIALIZATION
+        public virtual void Init(bool forEncryption, ICipherParameters parameters)
+        {
+            if (parameters is KeyParameter)
+            {
+                this.forEncryption = forEncryption;
+
+                byte[] keyBytes = ((KeyParameter)parameters).GetKey();
+                int keyBitLength = keyBytes.Length * BITS_IN_BYTE;
+                int blockBitLength = wordsInBlock * BITS_IN_WORD;
+
+                if (keyBitLength != 128 && keyBitLength != 256 && keyBitLength != 512)
+                {
+                    throw new ArgumentException("unsupported key length: only 128/256/512 are allowed");
+                }
+
+                /* Limitations on key lengths depending on block lengths. See table 6.1 in standard */
+                if (blockBitLength == 128)
+                {
+                    if (keyBitLength == 512)
+                    {
+                        throw new ArgumentException("Unsupported key length");
+                    }
+                }
+
+                if (blockBitLength == 256)
+                {
+                    if (keyBitLength == 128)
+                    {
+                        throw new ArgumentException("Unsupported key length");
+                    }
+                }
+
+                if (blockBitLength == 512)
+                {
+                    if (keyBitLength != 512)
+                    {
+                        throw new ArgumentException("Unsupported key length");
+                    }
+                }
+
+                switch (keyBitLength)
+                {
+                    case 128:
+                        roundsAmount = ROUNDS_128;
+                        break;
+                    case 256:
+                        roundsAmount = ROUNDS_256;
+                        break;
+                    case 512:
+                        roundsAmount = ROUNDS_512;
+                        break;
+                }
+
+                wordsInKey = keyBitLength / BITS_IN_WORD;
+
+                /* +1 round key as defined in standard */
+                roundKeys = new ulong[roundsAmount + 1][];
+                for (int roundKeyIndex = 0; roundKeyIndex < roundKeys.Length; roundKeyIndex++)
+                {
+                    roundKeys[roundKeyIndex] = new ulong[wordsInBlock];
+                }
+
+                workingKey = new ulong[wordsInKey];
+
+                if (keyBytes.Length != wordsInKey * BITS_IN_WORD / BITS_IN_BYTE)
+                {
+                    throw new ArgumentException("Invalid key parameter passed to DSTU7624Engine init");
+                }
+
+                /* Unpack encryption key bytes to words */
+                Pack.LE_To_UInt64(keyBytes, 0, workingKey);
+
+                ulong[] kt = new ulong[wordsInBlock];
+
+                KeyExpandKT(workingKey, kt);
+
+                KeyExpandEven(workingKey, kt);
+
+                KeyExpandOdd();
+
+            }
+            else if (parameters != null)
+            {
+                throw new ArgumentException("invalid parameter passed to Dstu7624 init - "
+                + Platform.GetTypeName(parameters));
+            }
+
+            this.forEncryption = forEncryption;
+        }
+
+        private void KeyExpandKT(ulong[] key, ulong[] kt)
+        {
+            ulong[] k0 = new ulong[wordsInBlock];
+            ulong[] k1 = new ulong[wordsInBlock];
+
+            internalState = new ulong[wordsInBlock];
+            internalState[0] += (ulong)(wordsInBlock + wordsInKey + 1);
+
+            if (wordsInBlock == wordsInKey)
+            {
+                Array.Copy(key, k0, k0.Length);
+                Array.Copy(key, k1, k1.Length);
+            }
+            else
+            {
+                Array.Copy(key, 0, k0, 0, wordsInBlock);
+                Array.Copy(key, wordsInBlock, k1, 0, wordsInBlock);
+            }
+
+            AddRoundKeyExpand(k0);
+
+            EncryptionRound();
+
+            XorRoundKeyExpand(k1);
+
+            EncryptionRound();
+
+            AddRoundKeyExpand(k0);
+
+            EncryptionRound();
+
+            Array.Copy(internalState, kt, wordsInBlock);
+        }
+
+        private void KeyExpandEven(ulong[] key, ulong[] kt)
+        {
+            ulong[] initial_data = new ulong[wordsInKey];
+
+            ulong[] kt_round = new ulong[wordsInBlock];
+
+            ulong[] tmv = new ulong[wordsInBlock];
+
+            int round = 0;
+
+            Array.Copy(key, initial_data, wordsInKey);
+
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                tmv[i] = 0x0001000100010001;
+            }
+
+            while (true)
+            {
+                Array.Copy(kt, internalState, wordsInBlock);
+
+                AddRoundKeyExpand(tmv);
+
+                Array.Copy(internalState, kt_round, wordsInBlock);
+                Array.Copy(initial_data, internalState, wordsInBlock);
+
+                AddRoundKeyExpand(kt_round);
+
+                EncryptionRound();
+
+                XorRoundKeyExpand(kt_round);
+
+                EncryptionRound();
+
+                AddRoundKeyExpand(kt_round);
+
+                Array.Copy(internalState, roundKeys[round], wordsInBlock);
+
+                if (roundsAmount == round)
+                {
+                    break;
+                }
+                if (wordsInKey != wordsInBlock)
+                {
+                    round += 2;
+
+                    ShiftLeft(tmv);
+
+                    Array.Copy(kt, internalState, wordsInBlock);
+
+                    AddRoundKeyExpand(tmv);
+
+                    Array.Copy(internalState, kt_round, wordsInBlock);
+                    Array.Copy(initial_data, wordsInBlock, internalState, 0, wordsInBlock);
+
+                    AddRoundKeyExpand(kt_round);
+
+                    EncryptionRound();
+
+                    XorRoundKeyExpand(kt_round);
+
+                    EncryptionRound();
+
+                    AddRoundKeyExpand(kt_round);
+
+                    Array.Copy(internalState, roundKeys[round], wordsInBlock);
+
+                    if (roundsAmount == round)
+                    {
+                        break;
+                    }
+                }
+
+                round += 2;
+                ShiftLeft(tmv);
+
+                //Rotate initial data array on 1 element left
+                ulong temp = initial_data[0];
+                Array.Copy(initial_data, 1, initial_data, 0, initial_data.Length - 1);
+                initial_data[initial_data.Length - 1] = temp;
+            }
+        }
+        private void KeyExpandOdd()
+        {
+            for (int i = 1; i < roundsAmount; i += 2)
+            {
+                Array.Copy(roundKeys[i - 1], roundKeys[i], wordsInBlock);
+                RotateLeft(roundKeys[i]);
+            }
+        }
+        #endregion
+
+
+        public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("Dstu7624 engine not initialised");
+
+            Check.DataLength(input, inOff, GetBlockSize(), "input buffer too short");
+            Check.OutputLength(output, outOff, GetBlockSize(), "output buffer too short");
+
+            if (forEncryption)
+            {
+                Encrypt(input, inOff, output, outOff);
+            }
+            else
+            {
+                Decrypt(input, inOff, output, outOff);
+            }
+
+            return GetBlockSize();
+        }
+
+        private void Encrypt(byte[] plain, int inOff, byte[] cipherText, int outOff)
+        {
+            Pack.LE_To_UInt64(plain, inOff, internalState);
+
+            int round = 0;
+            AddRoundKey(round);
+
+            while (++round < roundsAmount)
+            {
+                EncryptionRound();
+                XorRoundKey(round);
+            }
+
+            EncryptionRound();
+            AddRoundKey(round);
+
+            Pack.UInt64_To_LE(internalState, cipherText, outOff);
+        }
+
+        private void Decrypt(byte[] cipherText, int inOff, byte[] decryptedText, int outOff)
+        {
+            Pack.LE_To_UInt64(cipherText, inOff, internalState);
+
+            int round = roundsAmount;
+            SubRoundKey(round);
+
+            while (--round > 0)
+            {
+                DecryptionRound();
+                XorRoundKey(round);
+            }
+
+            DecryptionRound();
+            SubRoundKey(round);
+
+            Pack.UInt64_To_LE(internalState, decryptedText, outOff);
+        }
+
+        private void AddRoundKeyExpand(ulong[] value)
+        {
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                internalState[i] += value[i];
+            }
+        }
+
+        private void EncryptionRound()
+        {
+            SubBytes();
+            ShiftRows();
+            MixColumns();
+        }
+
+        private void DecryptionRound()
+        {
+            InvMixColumns();
+            InvShiftRows();
+            InvSubBytes();
+        }
+
+        private void RotateLeft(ulong[] state_value)
+        {
+            int rotateBytesLength = 2 * state_value.Length + 3;
+            int bytesLength = state_value.Length * (BITS_IN_WORD / BITS_IN_BYTE);
+
+            byte[] bytes = Pack.UInt64_To_LE(state_value);
+            byte[] buffer = new byte[rotateBytesLength];
+
+            Array.Copy(bytes, buffer, rotateBytesLength);
+
+            Buffer.BlockCopy(bytes, rotateBytesLength, bytes, 0, bytesLength - rotateBytesLength);
+
+            Array.Copy(buffer, 0, bytes, bytesLength - rotateBytesLength, rotateBytesLength);
+
+            Pack.LE_To_UInt64(bytes, 0, state_value);
+        }
+
+        private void ShiftLeft(ulong[] state_value)
+        {
+            for (int i = 0; i < state_value.Length; i++)
+            {
+                state_value[i] <<= 1;
+            }
+            Array.Reverse(state_value);
+        }
+
+        private void XorRoundKeyExpand(ulong[] value)
+        {
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                internalState[i] ^= value[i];
+            }
+        }
+
+        private void XorRoundKey(int round)
+        {
+            ulong[] roundKey = roundKeys[round];
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                internalState[i] ^= roundKey[i];
+            }
+        }
+
+        private void ShiftRows()
+        {
+            int row, col;
+            int shift = -1;
+
+            byte[] stateBytes = Pack.UInt64_To_LE(internalState);
+            byte[] nstate = new byte[wordsInBlock * 8];
+
+            for (row = 0; row < 8; row++)
+            {
+                if (row % (8 / wordsInBlock) == 0)
+                {
+                    shift += 1;
+                }
+
+                for (col = 0; col < wordsInBlock; col++)
+                {
+                    nstate[row + ((col + shift) % wordsInBlock) * 8] = stateBytes[row + col * 8];
+                }
+            }
+
+            Pack.LE_To_UInt64(nstate, 0, internalState);
+        }
+
+        private void InvShiftRows()
+        {
+            int row, col;
+            int shift = -1;
+
+            byte[] stateBytes = Pack.UInt64_To_LE(internalState);
+            byte[] nstate = new byte[wordsInBlock * 8];
+
+            for (row = 0; row < 8; row++)
+            {
+                if (row % (8 / wordsInBlock) == 0)
+                {
+                    shift += 1;
+                }
+
+                for (col = 0; col < wordsInBlock; col++)
+                {
+                    nstate[row + col * 8] = stateBytes[row + ((col + shift) % wordsInBlock) * 8];
+                }
+            }
+
+            Pack.LE_To_UInt64(nstate, 0, internalState);
+        }
+
+        private void AddRoundKey(int round)
+        {
+            for (int i = 0; i < wordsInBlock; ++i)
+            {
+                internalState[i] += roundKeys[round][i];
+            }
+        }
+
+        private void SubRoundKey(int round)
+        {
+            for (int i = 0; i < wordsInBlock; ++i)
+            {
+                internalState[i] -= roundKeys[round][i];
+            }
+        }
+
+        private void MixColumns()
+        {
+            MatrixMultiply(mdsMatrix);
+        }
+
+        private void InvMixColumns()
+        {
+            MatrixMultiply(mdsInvMatrix);
+        }
+
+        private void MatrixMultiply(byte[][] matrix)
+        {
+            int col, row, b;
+            byte product;
+            ulong result;
+            byte[] stateBytes = Pack.UInt64_To_LE(internalState);
+
+            for (col = 0; col < wordsInBlock; ++col)
+            {
+                result = 0;
+                for (row = 8 - 1; row >= 0; --row)
+                {
+                    product = 0;
+                    for (b = 8 - 1; b >= 0; --b)
+                    {
+                        product ^= MultiplyGF(stateBytes[b + col * 8], matrix[row][b]);
+                    }
+                    result |= (ulong)product << (row * 8);
+                }
+                internalState[col] = result;
+            }
+        }
+
+        private byte MultiplyGF(byte x, byte y)
+        {
+            byte r = 0;
+            byte hbit = 0;
+
+            for (int i = 0; i < BITS_IN_BYTE; i++)
+            {
+                if ((y & 0x01) == 1)
+                {
+                    r ^= x;
+                }
+
+                hbit = (byte)(x & 0x80);
+
+                x <<= 1;
+
+                if (hbit == 0x80)
+                {
+                    x = (byte)((int)x ^ REDUCTION_POLYNOMIAL);
+                }
+                y >>= 1;
+            }
+            return r;
+        }
+
+        private void SubBytes()
+        {
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                internalState[i] = sboxesForEncryption[0][internalState[i] & 0x00000000000000FF] |
+                           ((ulong)sboxesForEncryption[1][(internalState[i] & 0x000000000000FF00) >> 8] << 8) |
+                           ((ulong)sboxesForEncryption[2][(internalState[i] & 0x0000000000FF0000) >> 16] << 16) |
+                           ((ulong)sboxesForEncryption[3][(internalState[i] & 0x00000000FF000000) >> 24] << 24) |
+                           ((ulong)sboxesForEncryption[0][(internalState[i] & 0x000000FF00000000) >> 32] << 32) |
+                           ((ulong)sboxesForEncryption[1][(internalState[i] & 0x0000FF0000000000) >> 40] << 40) |
+                           ((ulong)sboxesForEncryption[2][(internalState[i] & 0x00FF000000000000) >> 48] << 48) |
+                           ((ulong)sboxesForEncryption[3][(internalState[i] & 0xFF00000000000000) >> 56] << 56);
+            }
+        }
+
+        private void InvSubBytes()
+        {
+            for (int i = 0; i < wordsInBlock; i++)
+            {
+                internalState[i] = sboxesForDecryption[0][internalState[i] & 0x00000000000000FF] |
+                           ((ulong)sboxesForDecryption[1][(internalState[i] & 0x000000000000FF00) >> 8] << 8) |
+                           ((ulong)sboxesForDecryption[2][(internalState[i] & 0x0000000000FF0000) >> 16] << 16) |
+                           ((ulong)sboxesForDecryption[3][(internalState[i] & 0x00000000FF000000) >> 24] << 24) |
+                           ((ulong)sboxesForDecryption[0][(internalState[i] & 0x000000FF00000000) >> 32] << 32) |
+                           ((ulong)sboxesForDecryption[1][(internalState[i] & 0x0000FF0000000000) >> 40] << 40) |
+                           ((ulong)sboxesForDecryption[2][(internalState[i] & 0x00FF000000000000) >> 48] << 48) |
+                           ((ulong)sboxesForDecryption[3][(internalState[i] & 0xFF00000000000000) >> 56] << 56);
+            }
+        }
+
+        #region TABLES AND S-BOXES
+
+        private byte[][] mdsMatrix = 
+        {
+            new byte[] { 0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04 },
+            new byte[] { 0x04, 0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07 },
+            new byte[] { 0x07, 0x04, 0x01, 0x01, 0x05, 0x01, 0x08, 0x06 },
+            new byte[] { 0x06, 0x07, 0x04, 0x01, 0x01, 0x05, 0x01, 0x08 },
+            new byte[] { 0x08, 0x06, 0x07, 0x04, 0x01, 0x01, 0x05, 0x01 },
+            new byte[] { 0x01, 0x08, 0x06, 0x07, 0x04, 0x01, 0x01, 0x05 },
+            new byte[] { 0x05, 0x01, 0x08, 0x06, 0x07, 0x04, 0x01, 0x01 },
+            new byte[] { 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04, 0x01 },
+        };
+
+        private byte[][] mdsInvMatrix = 
+        {
+            new byte[] { 0xAD, 0x95, 0x76, 0xA8, 0x2F, 0x49, 0xD7, 0xCA },
+            new byte[] { 0xCA, 0xAD, 0x95, 0x76, 0xA8, 0x2F, 0x49, 0xD7 },
+            new byte[] { 0xD7, 0xCA, 0xAD, 0x95, 0x76, 0xA8, 0x2F, 0x49 },
+            new byte[] { 0x49, 0xD7, 0xCA, 0xAD, 0x95, 0x76, 0xA8, 0x2F },
+            new byte[] { 0x2F, 0x49, 0xD7, 0xCA, 0xAD, 0x95, 0x76, 0xA8 },
+            new byte[] { 0xA8, 0x2F, 0x49, 0xD7, 0xCA, 0xAD, 0x95, 0x76 },
+            new byte[] { 0x76, 0xA8, 0x2F, 0x49, 0xD7, 0xCA, 0xAD, 0x95 },
+            new byte[] { 0x95, 0x76, 0xA8, 0x2F, 0x49, 0xD7, 0xCA, 0xAD },
+        };
+
+        private byte[][] sboxesForEncryption = 
+        {
+            new byte[]
+            {
+                0xa8, 0x43, 0x5f, 0x06, 0x6b, 0x75, 0x6c, 0x59, 0x71, 0xdf, 0x87, 0x95, 0x17, 0xf0, 0xd8, 0x09, 
+                0x6d, 0xf3, 0x1d, 0xcb, 0xc9, 0x4d, 0x2c, 0xaf, 0x79, 0xe0, 0x97, 0xfd, 0x6f, 0x4b, 0x45, 0x39, 
+                0x3e, 0xdd, 0xa3, 0x4f, 0xb4, 0xb6, 0x9a, 0x0e, 0x1f, 0xbf, 0x15, 0xe1, 0x49, 0xd2, 0x93, 0xc6, 
+                0x92, 0x72, 0x9e, 0x61, 0xd1, 0x63, 0xfa, 0xee, 0xf4, 0x19, 0xd5, 0xad, 0x58, 0xa4, 0xbb, 0xa1, 
+                0xdc, 0xf2, 0x83, 0x37, 0x42, 0xe4, 0x7a, 0x32, 0x9c, 0xcc, 0xab, 0x4a, 0x8f, 0x6e, 0x04, 0x27, 
+                0x2e, 0xe7, 0xe2, 0x5a, 0x96, 0x16, 0x23, 0x2b, 0xc2, 0x65, 0x66, 0x0f, 0xbc, 0xa9, 0x47, 0x41, 
+                0x34, 0x48, 0xfc, 0xb7, 0x6a, 0x88, 0xa5, 0x53, 0x86, 0xf9, 0x5b, 0xdb, 0x38, 0x7b, 0xc3, 0x1e, 
+                0x22, 0x33, 0x24, 0x28, 0x36, 0xc7, 0xb2, 0x3b, 0x8e, 0x77, 0xba, 0xf5, 0x14, 0x9f, 0x08, 0x55, 
+                0x9b, 0x4c, 0xfe, 0x60, 0x5c, 0xda, 0x18, 0x46, 0xcd, 0x7d, 0x21, 0xb0, 0x3f, 0x1b, 0x89, 0xff, 
+                0xeb, 0x84, 0x69, 0x3a, 0x9d, 0xd7, 0xd3, 0x70, 0x67, 0x40, 0xb5, 0xde, 0x5d, 0x30, 0x91, 0xb1, 
+                0x78, 0x11, 0x01, 0xe5, 0x00, 0x68, 0x98, 0xa0, 0xc5, 0x02, 0xa6, 0x74, 0x2d, 0x0b, 0xa2, 0x76, 
+                0xb3, 0xbe, 0xce, 0xbd, 0xae, 0xe9, 0x8a, 0x31, 0x1c, 0xec, 0xf1, 0x99, 0x94, 0xaa, 0xf6, 0x26, 
+                0x2f, 0xef, 0xe8, 0x8c, 0x35, 0x03, 0xd4, 0x7f, 0xfb, 0x05, 0xc1, 0x5e, 0x90, 0x20, 0x3d, 0x82, 
+                0xf7, 0xea, 0x0a, 0x0d, 0x7e, 0xf8, 0x50, 0x1a, 0xc4, 0x07, 0x57, 0xb8, 0x3c, 0x62, 0xe3, 0xc8, 
+                0xac, 0x52, 0x64, 0x10, 0xd0, 0xd9, 0x13, 0x0c, 0x12, 0x29, 0x51, 0xb9, 0xcf, 0xd6, 0x73, 0x8d, 
+                0x81, 0x54, 0xc0, 0xed, 0x4e, 0x44, 0xa7, 0x2a, 0x85, 0x25, 0xe6, 0xca, 0x7c, 0x8b, 0x56, 0x80 
+            },
+
+            new byte[]
+            {
+                0xce, 0xbb, 0xeb, 0x92, 0xea, 0xcb, 0x13, 0xc1, 0xe9, 0x3a, 0xd6, 0xb2, 0xd2, 0x90, 0x17, 0xf8, 
+                0x42, 0x15, 0x56, 0xb4, 0x65, 0x1c, 0x88, 0x43, 0xc5, 0x5c, 0x36, 0xba, 0xf5, 0x57, 0x67, 0x8d, 
+                0x31, 0xf6, 0x64, 0x58, 0x9e, 0xf4, 0x22, 0xaa, 0x75, 0x0f, 0x02, 0xb1, 0xdf, 0x6d, 0x73, 0x4d, 
+                0x7c, 0x26, 0x2e, 0xf7, 0x08, 0x5d, 0x44, 0x3e, 0x9f, 0x14, 0xc8, 0xae, 0x54, 0x10, 0xd8, 0xbc, 
+                0x1a, 0x6b, 0x69, 0xf3, 0xbd, 0x33, 0xab, 0xfa, 0xd1, 0x9b, 0x68, 0x4e, 0x16, 0x95, 0x91, 0xee, 
+                0x4c, 0x63, 0x8e, 0x5b, 0xcc, 0x3c, 0x19, 0xa1, 0x81, 0x49, 0x7b, 0xd9, 0x6f, 0x37, 0x60, 0xca, 
+                0xe7, 0x2b, 0x48, 0xfd, 0x96, 0x45, 0xfc, 0x41, 0x12, 0x0d, 0x79, 0xe5, 0x89, 0x8c, 0xe3, 0x20, 
+                0x30, 0xdc, 0xb7, 0x6c, 0x4a, 0xb5, 0x3f, 0x97, 0xd4, 0x62, 0x2d, 0x06, 0xa4, 0xa5, 0x83, 0x5f, 
+                0x2a, 0xda, 0xc9, 0x00, 0x7e, 0xa2, 0x55, 0xbf, 0x11, 0xd5, 0x9c, 0xcf, 0x0e, 0x0a, 0x3d, 0x51, 
+                0x7d, 0x93, 0x1b, 0xfe, 0xc4, 0x47, 0x09, 0x86, 0x0b, 0x8f, 0x9d, 0x6a, 0x07, 0xb9, 0xb0, 0x98, 
+                0x18, 0x32, 0x71, 0x4b, 0xef, 0x3b, 0x70, 0xa0, 0xe4, 0x40, 0xff, 0xc3, 0xa9, 0xe6, 0x78, 0xf9, 
+                0x8b, 0x46, 0x80, 0x1e, 0x38, 0xe1, 0xb8, 0xa8, 0xe0, 0x0c, 0x23, 0x76, 0x1d, 0x25, 0x24, 0x05, 
+                0xf1, 0x6e, 0x94, 0x28, 0x9a, 0x84, 0xe8, 0xa3, 0x4f, 0x77, 0xd3, 0x85, 0xe2, 0x52, 0xf2, 0x82, 
+                0x50, 0x7a, 0x2f, 0x74, 0x53, 0xb3, 0x61, 0xaf, 0x39, 0x35, 0xde, 0xcd, 0x1f, 0x99, 0xac, 0xad, 
+                0x72, 0x2c, 0xdd, 0xd0, 0x87, 0xbe, 0x5e, 0xa6, 0xec, 0x04, 0xc6, 0x03, 0x34, 0xfb, 0xdb, 0x59, 
+                0xb6, 0xc2, 0x01, 0xf0, 0x5a, 0xed, 0xa7, 0x66, 0x21, 0x7f, 0x8a, 0x27, 0xc7, 0xc0, 0x29, 0xd7 
+            },
+
+            new byte[]
+            {
+                0x93, 0xd9, 0x9a, 0xb5, 0x98, 0x22, 0x45, 0xfc, 0xba, 0x6a, 0xdf, 0x02, 0x9f, 0xdc, 0x51, 0x59, 
+                0x4a, 0x17, 0x2b, 0xc2, 0x94, 0xf4, 0xbb, 0xa3, 0x62, 0xe4, 0x71, 0xd4, 0xcd, 0x70, 0x16, 0xe1, 
+                0x49, 0x3c, 0xc0, 0xd8, 0x5c, 0x9b, 0xad, 0x85, 0x53, 0xa1, 0x7a, 0xc8, 0x2d, 0xe0, 0xd1, 0x72, 
+                0xa6, 0x2c, 0xc4, 0xe3, 0x76, 0x78, 0xb7, 0xb4, 0x09, 0x3b, 0x0e, 0x41, 0x4c, 0xde, 0xb2, 0x90, 
+                0x25, 0xa5, 0xd7, 0x03, 0x11, 0x00, 0xc3, 0x2e, 0x92, 0xef, 0x4e, 0x12, 0x9d, 0x7d, 0xcb, 0x35, 
+                0x10, 0xd5, 0x4f, 0x9e, 0x4d, 0xa9, 0x55, 0xc6, 0xd0, 0x7b, 0x18, 0x97, 0xd3, 0x36, 0xe6, 0x48, 
+                0x56, 0x81, 0x8f, 0x77, 0xcc, 0x9c, 0xb9, 0xe2, 0xac, 0xb8, 0x2f, 0x15, 0xa4, 0x7c, 0xda, 0x38, 
+                0x1e, 0x0b, 0x05, 0xd6, 0x14, 0x6e, 0x6c, 0x7e, 0x66, 0xfd, 0xb1, 0xe5, 0x60, 0xaf, 0x5e, 0x33, 
+                0x87, 0xc9, 0xf0, 0x5d, 0x6d, 0x3f, 0x88, 0x8d, 0xc7, 0xf7, 0x1d, 0xe9, 0xec, 0xed, 0x80, 0x29, 
+                0x27, 0xcf, 0x99, 0xa8, 0x50, 0x0f, 0x37, 0x24, 0x28, 0x30, 0x95, 0xd2, 0x3e, 0x5b, 0x40, 0x83, 
+                0xb3, 0x69, 0x57, 0x1f, 0x07, 0x1c, 0x8a, 0xbc, 0x20, 0xeb, 0xce, 0x8e, 0xab, 0xee, 0x31, 0xa2, 
+                0x73, 0xf9, 0xca, 0x3a, 0x1a, 0xfb, 0x0d, 0xc1, 0xfe, 0xfa, 0xf2, 0x6f, 0xbd, 0x96, 0xdd, 0x43, 
+                0x52, 0xb6, 0x08, 0xf3, 0xae, 0xbe, 0x19, 0x89, 0x32, 0x26, 0xb0, 0xea, 0x4b, 0x64, 0x84, 0x82, 
+                0x6b, 0xf5, 0x79, 0xbf, 0x01, 0x5f, 0x75, 0x63, 0x1b, 0x23, 0x3d, 0x68, 0x2a, 0x65, 0xe8, 0x91, 
+                0xf6, 0xff, 0x13, 0x58, 0xf1, 0x47, 0x0a, 0x7f, 0xc5, 0xa7, 0xe7, 0x61, 0x5a, 0x06, 0x46, 0x44, 
+                0x42, 0x04, 0xa0, 0xdb, 0x39, 0x86, 0x54, 0xaa, 0x8c, 0x34, 0x21, 0x8b, 0xf8, 0x0c, 0x74, 0x67 
+            },
+
+            new byte[]
+            {
+                0x68, 0x8d, 0xca, 0x4d, 0x73, 0x4b, 0x4e, 0x2a, 0xd4, 0x52, 0x26, 0xb3, 0x54, 0x1e, 0x19, 0x1f, 
+                0x22, 0x03, 0x46, 0x3d, 0x2d, 0x4a, 0x53, 0x83, 0x13, 0x8a, 0xb7, 0xd5, 0x25, 0x79, 0xf5, 0xbd, 
+                0x58, 0x2f, 0x0d, 0x02, 0xed, 0x51, 0x9e, 0x11, 0xf2, 0x3e, 0x55, 0x5e, 0xd1, 0x16, 0x3c, 0x66, 
+                0x70, 0x5d, 0xf3, 0x45, 0x40, 0xcc, 0xe8, 0x94, 0x56, 0x08, 0xce, 0x1a, 0x3a, 0xd2, 0xe1, 0xdf, 
+                0xb5, 0x38, 0x6e, 0x0e, 0xe5, 0xf4, 0xf9, 0x86, 0xe9, 0x4f, 0xd6, 0x85, 0x23, 0xcf, 0x32, 0x99, 
+                0x31, 0x14, 0xae, 0xee, 0xc8, 0x48, 0xd3, 0x30, 0xa1, 0x92, 0x41, 0xb1, 0x18, 0xc4, 0x2c, 0x71, 
+                0x72, 0x44, 0x15, 0xfd, 0x37, 0xbe, 0x5f, 0xaa, 0x9b, 0x88, 0xd8, 0xab, 0x89, 0x9c, 0xfa, 0x60, 
+                0xea, 0xbc, 0x62, 0x0c, 0x24, 0xa6, 0xa8, 0xec, 0x67, 0x20, 0xdb, 0x7c, 0x28, 0xdd, 0xac, 0x5b, 
+                0x34, 0x7e, 0x10, 0xf1, 0x7b, 0x8f, 0x63, 0xa0, 0x05, 0x9a, 0x43, 0x77, 0x21, 0xbf, 0x27, 0x09, 
+                0xc3, 0x9f, 0xb6, 0xd7, 0x29, 0xc2, 0xeb, 0xc0, 0xa4, 0x8b, 0x8c, 0x1d, 0xfb, 0xff, 0xc1, 0xb2, 
+                0x97, 0x2e, 0xf8, 0x65, 0xf6, 0x75, 0x07, 0x04, 0x49, 0x33, 0xe4, 0xd9, 0xb9, 0xd0, 0x42, 0xc7, 
+                0x6c, 0x90, 0x00, 0x8e, 0x6f, 0x50, 0x01, 0xc5, 0xda, 0x47, 0x3f, 0xcd, 0x69, 0xa2, 0xe2, 0x7a, 
+                0xa7, 0xc6, 0x93, 0x0f, 0x0a, 0x06, 0xe6, 0x2b, 0x96, 0xa3, 0x1c, 0xaf, 0x6a, 0x12, 0x84, 0x39, 
+                0xe7, 0xb0, 0x82, 0xf7, 0xfe, 0x9d, 0x87, 0x5c, 0x81, 0x35, 0xde, 0xb4, 0xa5, 0xfc, 0x80, 0xef, 
+                0xcb, 0xbb, 0x6b, 0x76, 0xba, 0x5a, 0x7d, 0x78, 0x0b, 0x95, 0xe3, 0xad, 0x74, 0x98, 0x3b, 0x36, 
+                0x64, 0x6d, 0xdc, 0xf0, 0x59, 0xa9, 0x4c, 0x17, 0x7f, 0x91, 0xb8, 0xc9, 0x57, 0x1b, 0xe0, 0x61 
+            }
+        };
+
+        private byte[][] sboxesForDecryption = 
+        {
+            new byte[]
+            {
+	            0xa4, 0xa2, 0xa9, 0xc5, 0x4e, 0xc9, 0x03, 0xd9, 0x7e, 0x0f, 0xd2, 0xad, 0xe7, 0xd3, 0x27, 0x5b, 
+	            0xe3, 0xa1, 0xe8, 0xe6, 0x7c, 0x2a, 0x55, 0x0c, 0x86, 0x39, 0xd7, 0x8d, 0xb8, 0x12, 0x6f, 0x28, 
+	            0xcd, 0x8a, 0x70, 0x56, 0x72, 0xf9, 0xbf, 0x4f, 0x73, 0xe9, 0xf7, 0x57, 0x16, 0xac, 0x50, 0xc0, 
+	            0x9d, 0xb7, 0x47, 0x71, 0x60, 0xc4, 0x74, 0x43, 0x6c, 0x1f, 0x93, 0x77, 0xdc, 0xce, 0x20, 0x8c, 
+	            0x99, 0x5f, 0x44, 0x01, 0xf5, 0x1e, 0x87, 0x5e, 0x61, 0x2c, 0x4b, 0x1d, 0x81, 0x15, 0xf4, 0x23, 
+	            0xd6, 0xea, 0xe1, 0x67, 0xf1, 0x7f, 0xfe, 0xda, 0x3c, 0x07, 0x53, 0x6a, 0x84, 0x9c, 0xcb, 0x02, 
+	            0x83, 0x33, 0xdd, 0x35, 0xe2, 0x59, 0x5a, 0x98, 0xa5, 0x92, 0x64, 0x04, 0x06, 0x10, 0x4d, 0x1c, 
+	            0x97, 0x08, 0x31, 0xee, 0xab, 0x05, 0xaf, 0x79, 0xa0, 0x18, 0x46, 0x6d, 0xfc, 0x89, 0xd4, 0xc7, 
+	            0xff, 0xf0, 0xcf, 0x42, 0x91, 0xf8, 0x68, 0x0a, 0x65, 0x8e, 0xb6, 0xfd, 0xc3, 0xef, 0x78, 0x4c, 
+	            0xcc, 0x9e, 0x30, 0x2e, 0xbc, 0x0b, 0x54, 0x1a, 0xa6, 0xbb, 0x26, 0x80, 0x48, 0x94, 0x32, 0x7d, 
+	            0xa7, 0x3f, 0xae, 0x22, 0x3d, 0x66, 0xaa, 0xf6, 0x00, 0x5d, 0xbd, 0x4a, 0xe0, 0x3b, 0xb4, 0x17, 
+	            0x8b, 0x9f, 0x76, 0xb0, 0x24, 0x9a, 0x25, 0x63, 0xdb, 0xeb, 0x7a, 0x3e, 0x5c, 0xb3, 0xb1, 0x29, 
+	            0xf2, 0xca, 0x58, 0x6e, 0xd8, 0xa8, 0x2f, 0x75, 0xdf, 0x14, 0xfb, 0x13, 0x49, 0x88, 0xb2, 0xec, 
+	            0xe4, 0x34, 0x2d, 0x96, 0xc6, 0x3a, 0xed, 0x95, 0x0e, 0xe5, 0x85, 0x6b, 0x40, 0x21, 0x9b, 0x09, 
+	            0x19, 0x2b, 0x52, 0xde, 0x45, 0xa3, 0xfa, 0x51, 0xc2, 0xb5, 0xd1, 0x90, 0xb9, 0xf3, 0x37, 0xc1, 
+	            0x0d, 0xba, 0x41, 0x11, 0x38, 0x7b, 0xbe, 0xd0, 0xd5, 0x69, 0x36, 0xc8, 0x62, 0x1b, 0x82, 0x8f
+            },
+
+            new byte[]
+            {
+                0x83, 0xf2, 0x2a, 0xeb, 0xe9, 0xbf, 0x7b, 0x9c, 0x34, 0x96, 0x8d, 0x98, 0xb9, 0x69, 0x8c, 0x29, 
+                0x3d, 0x88, 0x68, 0x06, 0x39, 0x11, 0x4c, 0x0e, 0xa0, 0x56, 0x40, 0x92, 0x15, 0xbc, 0xb3, 0xdc, 
+                0x6f, 0xf8, 0x26, 0xba, 0xbe, 0xbd, 0x31, 0xfb, 0xc3, 0xfe, 0x80, 0x61, 0xe1, 0x7a, 0x32, 0xd2, 
+                0x70, 0x20, 0xa1, 0x45, 0xec, 0xd9, 0x1a, 0x5d, 0xb4, 0xd8, 0x09, 0xa5, 0x55, 0x8e, 0x37, 0x76, 
+                0xa9, 0x67, 0x10, 0x17, 0x36, 0x65, 0xb1, 0x95, 0x62, 0x59, 0x74, 0xa3, 0x50, 0x2f, 0x4b, 0xc8, 
+                0xd0, 0x8f, 0xcd, 0xd4, 0x3c, 0x86, 0x12, 0x1d, 0x23, 0xef, 0xf4, 0x53, 0x19, 0x35, 0xe6, 0x7f, 
+                0x5e, 0xd6, 0x79, 0x51, 0x22, 0x14, 0xf7, 0x1e, 0x4a, 0x42, 0x9b, 0x41, 0x73, 0x2d, 0xc1, 0x5c, 
+                0xa6, 0xa2, 0xe0, 0x2e, 0xd3, 0x28, 0xbb, 0xc9, 0xae, 0x6a, 0xd1, 0x5a, 0x30, 0x90, 0x84, 0xf9, 
+                0xb2, 0x58, 0xcf, 0x7e, 0xc5, 0xcb, 0x97, 0xe4, 0x16, 0x6c, 0xfa, 0xb0, 0x6d, 0x1f, 0x52, 0x99, 
+                0x0d, 0x4e, 0x03, 0x91, 0xc2, 0x4d, 0x64, 0x77, 0x9f, 0xdd, 0xc4, 0x49, 0x8a, 0x9a, 0x24, 0x38, 
+                0xa7, 0x57, 0x85, 0xc7, 0x7c, 0x7d, 0xe7, 0xf6, 0xb7, 0xac, 0x27, 0x46, 0xde, 0xdf, 0x3b, 0xd7, 
+                0x9e, 0x2b, 0x0b, 0xd5, 0x13, 0x75, 0xf0, 0x72, 0xb6, 0x9d, 0x1b, 0x01, 0x3f, 0x44, 0xe5, 0x87, 
+                0xfd, 0x07, 0xf1, 0xab, 0x94, 0x18, 0xea, 0xfc, 0x3a, 0x82, 0x5f, 0x05, 0x54, 0xdb, 0x00, 0x8b, 
+                0xe3, 0x48, 0x0c, 0xca, 0x78, 0x89, 0x0a, 0xff, 0x3e, 0x5b, 0x81, 0xee, 0x71, 0xe2, 0xda, 0x2c, 
+                0xb8, 0xb5, 0xcc, 0x6e, 0xa8, 0x6b, 0xad, 0x60, 0xc6, 0x08, 0x04, 0x02, 0xe8, 0xf5, 0x4f, 0xa4, 
+                0xf3, 0xc0, 0xce, 0x43, 0x25, 0x1c, 0x21, 0x33, 0x0f, 0xaf, 0x47, 0xed, 0x66, 0x63, 0x93, 0xaa
+            },
+
+            new byte[]
+            {
+                0x45, 0xd4, 0x0b, 0x43, 0xf1, 0x72, 0xed, 0xa4, 0xc2, 0x38, 0xe6, 0x71, 0xfd, 0xb6, 0x3a, 0x95, 
+                0x50, 0x44, 0x4b, 0xe2, 0x74, 0x6b, 0x1e, 0x11, 0x5a, 0xc6, 0xb4, 0xd8, 0xa5, 0x8a, 0x70, 0xa3, 
+                0xa8, 0xfa, 0x05, 0xd9, 0x97, 0x40, 0xc9, 0x90, 0x98, 0x8f, 0xdc, 0x12, 0x31, 0x2c, 0x47, 0x6a, 
+                0x99, 0xae, 0xc8, 0x7f, 0xf9, 0x4f, 0x5d, 0x96, 0x6f, 0xf4, 0xb3, 0x39, 0x21, 0xda, 0x9c, 0x85, 
+                0x9e, 0x3b, 0xf0, 0xbf, 0xef, 0x06, 0xee, 0xe5, 0x5f, 0x20, 0x10, 0xcc, 0x3c, 0x54, 0x4a, 0x52, 
+                0x94, 0x0e, 0xc0, 0x28, 0xf6, 0x56, 0x60, 0xa2, 0xe3, 0x0f, 0xec, 0x9d, 0x24, 0x83, 0x7e, 0xd5, 
+                0x7c, 0xeb, 0x18, 0xd7, 0xcd, 0xdd, 0x78, 0xff, 0xdb, 0xa1, 0x09, 0xd0, 0x76, 0x84, 0x75, 0xbb, 
+                0x1d, 0x1a, 0x2f, 0xb0, 0xfe, 0xd6, 0x34, 0x63, 0x35, 0xd2, 0x2a, 0x59, 0x6d, 0x4d, 0x77, 0xe7, 
+                0x8e, 0x61, 0xcf, 0x9f, 0xce, 0x27, 0xf5, 0x80, 0x86, 0xc7, 0xa6, 0xfb, 0xf8, 0x87, 0xab, 0x62, 
+                0x3f, 0xdf, 0x48, 0x00, 0x14, 0x9a, 0xbd, 0x5b, 0x04, 0x92, 0x02, 0x25, 0x65, 0x4c, 0x53, 0x0c, 
+                0xf2, 0x29, 0xaf, 0x17, 0x6c, 0x41, 0x30, 0xe9, 0x93, 0x55, 0xf7, 0xac, 0x68, 0x26, 0xc4, 0x7d, 
+                0xca, 0x7a, 0x3e, 0xa0, 0x37, 0x03, 0xc1, 0x36, 0x69, 0x66, 0x08, 0x16, 0xa7, 0xbc, 0xc5, 0xd3, 
+                0x22, 0xb7, 0x13, 0x46, 0x32, 0xe8, 0x57, 0x88, 0x2b, 0x81, 0xb2, 0x4e, 0x64, 0x1c, 0xaa, 0x91, 
+                0x58, 0x2e, 0x9b, 0x5c, 0x1b, 0x51, 0x73, 0x42, 0x23, 0x01, 0x6e, 0xf3, 0x0d, 0xbe, 0x3d, 0x0a, 
+                0x2d, 0x1f, 0x67, 0x33, 0x19, 0x7b, 0x5e, 0xea, 0xde, 0x8b, 0xcb, 0xa9, 0x8c, 0x8d, 0xad, 0x49, 
+                0x82, 0xe4, 0xba, 0xc3, 0x15, 0xd1, 0xe0, 0x89, 0xfc, 0xb1, 0xb9, 0xb5, 0x07, 0x79, 0xb8, 0xe1
+            },
+
+            new byte[]
+            {
+                0xb2, 0xb6, 0x23, 0x11, 0xa7, 0x88, 0xc5, 0xa6, 0x39, 0x8f, 0xc4, 0xe8, 0x73, 0x22, 0x43, 0xc3, 
+                0x82, 0x27, 0xcd, 0x18, 0x51, 0x62, 0x2d, 0xf7, 0x5c, 0x0e, 0x3b, 0xfd, 0xca, 0x9b, 0x0d, 0x0f, 
+                0x79, 0x8c, 0x10, 0x4c, 0x74, 0x1c, 0x0a, 0x8e, 0x7c, 0x94, 0x07, 0xc7, 0x5e, 0x14, 0xa1, 0x21, 
+                0x57, 0x50, 0x4e, 0xa9, 0x80, 0xd9, 0xef, 0x64, 0x41, 0xcf, 0x3c, 0xee, 0x2e, 0x13, 0x29, 0xba, 
+                0x34, 0x5a, 0xae, 0x8a, 0x61, 0x33, 0x12, 0xb9, 0x55, 0xa8, 0x15, 0x05, 0xf6, 0x03, 0x06, 0x49, 
+                0xb5, 0x25, 0x09, 0x16, 0x0c, 0x2a, 0x38, 0xfc, 0x20, 0xf4, 0xe5, 0x7f, 0xd7, 0x31, 0x2b, 0x66, 
+                0x6f, 0xff, 0x72, 0x86, 0xf0, 0xa3, 0x2f, 0x78, 0x00, 0xbc, 0xcc, 0xe2, 0xb0, 0xf1, 0x42, 0xb4, 
+                0x30, 0x5f, 0x60, 0x04, 0xec, 0xa5, 0xe3, 0x8b, 0xe7, 0x1d, 0xbf, 0x84, 0x7b, 0xe6, 0x81, 0xf8, 
+                0xde, 0xd8, 0xd2, 0x17, 0xce, 0x4b, 0x47, 0xd6, 0x69, 0x6c, 0x19, 0x99, 0x9a, 0x01, 0xb3, 0x85, 
+                0xb1, 0xf9, 0x59, 0xc2, 0x37, 0xe9, 0xc8, 0xa0, 0xed, 0x4f, 0x89, 0x68, 0x6d, 0xd5, 0x26, 0x91, 
+                0x87, 0x58, 0xbd, 0xc9, 0x98, 0xdc, 0x75, 0xc0, 0x76, 0xf5, 0x67, 0x6b, 0x7e, 0xeb, 0x52, 0xcb, 
+                0xd1, 0x5b, 0x9f, 0x0b, 0xdb, 0x40, 0x92, 0x1a, 0xfa, 0xac, 0xe4, 0xe1, 0x71, 0x1f, 0x65, 0x8d, 
+                0x97, 0x9e, 0x95, 0x90, 0x5d, 0xb7, 0xc1, 0xaf, 0x54, 0xfb, 0x02, 0xe0, 0x35, 0xbb, 0x3a, 0x4d, 
+                0xad, 0x2c, 0x3d, 0x56, 0x08, 0x1b, 0x4a, 0x93, 0x6a, 0xab, 0xb8, 0x7a, 0xf2, 0x7d, 0xda, 0x3f, 
+                0xfe, 0x3e, 0xbe, 0xea, 0xaa, 0x44, 0xc6, 0xd0, 0x36, 0x48, 0x70, 0x96, 0x77, 0x24, 0x53, 0xdf, 
+                0xf3, 0x83, 0x28, 0x32, 0x45, 0x1e, 0xa4, 0xd3, 0xa2, 0x46, 0x6e, 0x9c, 0xdd, 0x63, 0xd4, 0x9d
+            }
+        };
+
+        #endregion
+
+        public virtual string AlgorithmName
+        {
+            get { return "Dstu7624"; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return blockSizeBits / BITS_IN_BYTE;
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual void Reset()
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/Dstu7624WrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/Dstu7624WrapEngine.cs
new file mode 100644
index 0000000..9cb9824
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/Dstu7624WrapEngine.cs
@@ -0,0 +1,216 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    public class Dstu7624WrapEngine
+        : IWrapper
+    {
+        private KeyParameter param;
+        private Dstu7624Engine engine;
+        private bool forWrapping;
+        private int blockSize;
+
+        public Dstu7624WrapEngine(int blockSizeBits)
+        {
+            engine = new Dstu7624Engine(blockSizeBits);
+            param = null;
+
+            blockSize = blockSizeBits / 8;
+        }
+
+        public string AlgorithmName
+        {
+            get { return "Dstu7624WrapEngine"; }
+        }
+
+        public void Init(bool forWrapping, ICipherParameters parameters)
+        {
+            this.forWrapping = forWrapping;
+
+            if (parameters is KeyParameter)
+            {
+                this.param = (KeyParameter)parameters;
+
+                engine.Init(forWrapping, param);
+            }
+            else
+            {
+                throw new ArgumentException("Bad parameters passed to Dstu7624WrapEngine");
+            }
+        }
+
+        public byte[] Wrap(byte[] input, int inOff, int length)
+        {
+            if (!forWrapping)
+                throw new InvalidOperationException("Not set for wrapping");
+
+            if (length % blockSize != 0)
+                throw new ArgumentException("Padding not supported");
+
+            int n = 2 * (1 + length / blockSize);
+            int V = (n - 1) * 6;
+
+            byte[] buffer = new byte[length + blockSize];
+            Array.Copy(input, inOff, buffer, 0, length);
+            //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+
+            byte[] B = new byte[blockSize / 2];
+            Array.Copy(buffer, 0, B, 0, blockSize / 2);
+            //Console.WriteLine("B0: "+ Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B));
+
+            IList bTemp = Platform.CreateArrayList();
+            int bHalfBlocksLen = buffer.Length - blockSize / 2;
+            int bufOff = blockSize / 2;
+            while (bHalfBlocksLen != 0)
+            {
+                byte[] temp = new byte[blockSize / 2];
+                Array.Copy(buffer, bufOff, temp, 0, blockSize / 2);
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+                //Console.WriteLine(buffer.Length);
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(temp));
+
+                bTemp.Add(temp);
+
+                bHalfBlocksLen -= blockSize / 2;
+                bufOff += blockSize / 2;
+            }
+
+            for (int j = 0; j < V; j++)
+            {
+                Array.Copy(B, 0, buffer, 0, blockSize / 2);
+                Array.Copy((byte[])bTemp[0], 0, buffer, blockSize / 2, blockSize / 2);
+
+                engine.ProcessBlock(buffer, 0, buffer, 0);
+
+                byte[] intArray = Pack.UInt32_To_LE((uint)(j + 1));
+                for (int byteNum = 0; byteNum < intArray.Length; byteNum++)
+                {
+                    buffer[byteNum + blockSize / 2] ^= intArray[byteNum];
+                }
+
+                Array.Copy(buffer, blockSize / 2, B, 0, blockSize / 2);
+
+                for (int i = 2; i < n; i++)
+                {
+                    Array.Copy((byte[])bTemp[i - 1], 0, (byte[])bTemp[i - 2], 0, blockSize / 2);
+                }
+
+                Array.Copy(buffer, 0, (byte[])bTemp[n - 2], 0, blockSize / 2);
+
+                //Console.WriteLine("B" + j.ToString() + ": " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[0]));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[1]));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[2]));
+
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+            }
+
+            Array.Copy(B, 0, buffer, 0, blockSize / 2);
+            bufOff = blockSize / 2;
+
+            for (int i = 0; i < n - 1; i++)
+            {
+                Array.Copy((byte[])bTemp[i], 0, buffer, bufOff, blockSize / 2);
+                bufOff += blockSize / 2;
+            }
+
+            return buffer;
+        }
+
+        public byte[] Unwrap(byte[] input, int inOff, int length)
+        {
+            if (forWrapping)
+                throw new InvalidOperationException("not set for unwrapping");
+
+            if (length % blockSize != 0)
+                throw new ArgumentException("Padding not supported");
+
+            int n = 2 * length / blockSize;
+            int V = (n - 1) * 6;
+
+            byte[] buffer = new byte[length];
+            Array.Copy(input, inOff, buffer, 0, length);
+
+            byte[] B = new byte[blockSize / 2];
+            Array.Copy(buffer, 0, B, 0, blockSize / 2);
+            //Console.WriteLine("B18: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B));
+
+            IList bTemp = Platform.CreateArrayList();
+
+            int bHalfBlocksLen = buffer.Length - blockSize / 2;
+            int bufOff = blockSize / 2;
+            while (bHalfBlocksLen != 0)
+            {
+                byte[] temp = new byte[blockSize / 2];
+                Array.Copy(buffer, bufOff, temp, 0, blockSize / 2);
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+                //Console.WriteLine(buffer.Length);
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(temp));
+
+                bTemp.Add(temp);
+
+                bHalfBlocksLen -= blockSize / 2;
+                bufOff += blockSize / 2;
+            }
+
+            for (int j = 0; j < V; j++)
+            {
+                Array.Copy((byte[])bTemp[n - 2], 0, buffer, 0, blockSize / 2);
+                Array.Copy(B, 0, buffer, blockSize / 2, blockSize / 2);
+
+                byte[] intArray = Pack.UInt32_To_LE((uint)(V - j));
+                for (int byteNum = 0; byteNum < intArray.Length; byteNum++)
+                {
+                    buffer[byteNum + blockSize / 2] ^= intArray[byteNum];
+                }
+
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+
+                engine.ProcessBlock(buffer, 0, buffer, 0);
+
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+
+                Array.Copy(buffer, 0, B, 0, blockSize / 2);
+
+                for (int i = 2; i < n; i++)
+                {
+                    Array.Copy((byte[])bTemp[n - i - 1], 0, (byte[])bTemp[n - i], 0, blockSize / 2);
+                }
+
+                Array.Copy(buffer, blockSize / 2, (byte[])bTemp[0], 0, blockSize / 2);
+
+                //Console.WriteLine("B" + (V - j - 1).ToString() + ": " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[0]));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[1]));
+                //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[2]));
+
+                //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer));
+            }
+
+            Array.Copy(B, 0, buffer, 0, blockSize / 2);
+            bufOff = blockSize / 2;
+
+            for (int i = 0; i < n - 1; i++)
+            {
+                Array.Copy((byte[])bTemp[i], 0, buffer, bufOff, blockSize / 2);
+                bufOff += blockSize / 2;
+            }
+
+            byte diff = 0;
+            for (int i = buffer.Length - blockSize; i < buffer.Length; ++i)
+            {
+                diff |= buffer[i];
+            }
+
+            if (diff != 0)
+                throw new InvalidCipherTextException("checksum failed");
+
+            return Arrays.CopyOfRange(buffer, 0, buffer.Length - blockSize);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/ElGamalEngine.cs b/bc-sharp-crypto/src/crypto/engines/ElGamalEngine.cs
new file mode 100644
index 0000000..197d7bc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/ElGamalEngine.cs
@@ -0,0 +1,178 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* this does your basic ElGamal algorithm.
+	*/
+	public class ElGamalEngine
+		: IAsymmetricBlockCipher
+	{
+		private ElGamalKeyParameters key;
+		private SecureRandom random;
+		private bool forEncryption;
+		private int bitSize;
+
+        public virtual string AlgorithmName
+		{
+			get { return "ElGamal"; }
+		}
+
+		/**
+		* initialise the ElGamal engine.
+		*
+		* @param forEncryption true if we are encrypting, false otherwise.
+		* @param param the necessary ElGamal key parameters.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom p = (ParametersWithRandom) parameters;
+
+				this.key = (ElGamalKeyParameters) p.Parameters;
+				this.random = p.Random;
+			}
+			else
+			{
+				this.key = (ElGamalKeyParameters) parameters;
+				this.random = new SecureRandom();
+			}
+
+			this.forEncryption = forEncryption;
+			this.bitSize = key.Parameters.P.BitLength;
+
+			if (forEncryption)
+			{
+				if (!(key is ElGamalPublicKeyParameters))
+				{
+					throw new ArgumentException("ElGamalPublicKeyParameters are required for encryption.");
+				}
+			}
+			else
+			{
+				if (!(key is ElGamalPrivateKeyParameters))
+				{
+					throw new ArgumentException("ElGamalPrivateKeyParameters are required for decryption.");
+				}
+			}
+		}
+
+		/**
+		* Return the maximum size for an input block to this engine.
+		* For ElGamal this is always one byte less than the size of P on
+		* encryption, and twice the length as the size of P on decryption.
+		*
+		* @return maximum size for an input block.
+		*/
+        public virtual int GetInputBlockSize()
+		{
+			if (forEncryption)
+			{
+				return (bitSize - 1) / 8;
+			}
+
+			return 2 * ((bitSize + 7) / 8);
+		}
+
+		/**
+		* Return the maximum size for an output block to this engine.
+		* For ElGamal this is always one byte less than the size of P on
+		* decryption, and twice the length as the size of P on encryption.
+		*
+		* @return maximum size for an output block.
+		*/
+        public virtual int GetOutputBlockSize()
+		{
+			if (forEncryption)
+			{
+				return 2 * ((bitSize + 7) / 8);
+			}
+
+			return (bitSize - 1) / 8;
+		}
+
+		/**
+		* Process a single block using the basic ElGamal algorithm.
+		*
+		* @param in the input array.
+		* @param inOff the offset into the input buffer where the data starts.
+		* @param length the length of the data to be processed.
+		* @return the result of the ElGamal process.
+		* @exception DataLengthException the input block is too large.
+		*/
+        public virtual byte[] ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (key == null)
+				throw new InvalidOperationException("ElGamal engine not initialised");
+
+			int maxLength = forEncryption
+				?	(bitSize - 1 + 7) / 8
+				:	GetInputBlockSize();
+
+			if (length > maxLength)
+				throw new DataLengthException("input too large for ElGamal cipher.\n");
+
+			BigInteger p = key.Parameters.P;
+
+			byte[] output;
+			if (key is ElGamalPrivateKeyParameters) // decryption
+			{
+				int halfLength = length / 2;
+				BigInteger gamma = new BigInteger(1, input, inOff, halfLength);
+				BigInteger phi = new BigInteger(1, input, inOff + halfLength, halfLength);
+
+				ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters) key;
+
+				// a shortcut, which generally relies on p being prime amongst other things.
+				// if a problem with this shows up, check the p and g values!
+				BigInteger m = gamma.ModPow(p.Subtract(BigInteger.One).Subtract(priv.X), p).Multiply(phi).Mod(p);
+
+				output = m.ToByteArrayUnsigned();
+			}
+			else // encryption
+			{
+				BigInteger tmp = new BigInteger(1, input, inOff, length);
+
+				if (tmp.BitLength >= p.BitLength)
+					throw new DataLengthException("input too large for ElGamal cipher.\n");
+
+
+				ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters) key;
+
+				BigInteger pSub2 = p.Subtract(BigInteger.Two);
+
+				// TODO In theory, a series of 'k', 'g.ModPow(k, p)' and 'y.ModPow(k, p)' can be pre-calculated
+				BigInteger k;
+				do
+				{
+					k = new BigInteger(p.BitLength, random);
+				}
+				while (k.SignValue == 0 || k.CompareTo(pSub2) > 0);
+
+				BigInteger g = key.Parameters.G;
+				BigInteger gamma = g.ModPow(k, p);
+				BigInteger phi = tmp.Multiply(pub.Y.ModPow(k, p)).Mod(p);
+
+				output = new byte[this.GetOutputBlockSize()];
+
+				// TODO Add methods to allow writing BigInteger to existing byte array?
+				byte[] out1 = gamma.ToByteArrayUnsigned();
+				byte[] out2 = phi.ToByteArrayUnsigned();
+				out1.CopyTo(output, output.Length / 2 - out1.Length);
+				out2.CopyTo(output, output.Length - out2.Length);
+			}
+
+			return output;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/GOST28147Engine.cs b/bc-sharp-crypto/src/crypto/engines/GOST28147Engine.cs
new file mode 100644
index 0000000..71e6d9e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/GOST28147Engine.cs
@@ -0,0 +1,368 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* implementation of GOST 28147-89
+	*/
+	public class Gost28147Engine
+		: IBlockCipher
+	{
+		private const int  BlockSize = 8;
+		private int[] workingKey = null;
+		private bool forEncryption;
+
+		private byte[] S = Sbox_Default;
+
+		// these are the S-boxes given in Applied Cryptography 2nd Ed., p. 333
+		// This is default S-box!
+		private static readonly byte[] Sbox_Default = {
+			0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3,
+			0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9,
+			0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB,
+			0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3,
+			0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2,
+			0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE,
+			0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC,
+			0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC
+		};
+
+		/*
+		 * class content S-box parameters for encrypting
+		 * getting from, see: http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-01.txt
+		 *                    http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-02.txt
+		 */
+		private static readonly byte[] ESbox_Test = {
+			0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6,
+			0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5,
+			0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB,
+			0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8,
+			0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4,
+			0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4,
+			0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD,
+			0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8
+		};
+
+		private static readonly byte[] ESbox_A = {
+			0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5,
+			0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1,
+			0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9,
+			0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6,
+			0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6,
+			0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6,
+			0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE,
+			0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4
+		};
+
+		private static readonly byte[] ESbox_B = {
+			0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF,
+			0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE,
+			0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4,
+			0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8,
+			0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3,
+			0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5,
+			0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE,
+			0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC
+		};
+
+		private static readonly byte[] ESbox_C = {
+			0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3,
+			0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3,
+			0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB,
+			0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4,
+			0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7,
+			0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD,
+			0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7,
+			0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8
+		};
+
+		private static readonly byte[] ESbox_D = {
+			0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3,
+			0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1,
+			0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2,
+			0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8,
+			0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1,
+			0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6,
+			0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7,
+			0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE
+		};
+
+		//S-box for digest
+		private static readonly byte[] DSbox_Test = {
+			0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3,
+			0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9,
+			0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB,
+			0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3,
+			0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2,
+			0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE,
+			0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC,
+			0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC
+		};
+
+		private static readonly byte[] DSbox_A = {
+			0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF,
+			0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8,
+			0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD,
+			0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3,
+			0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5,
+			0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3,
+			0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB,
+			0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC
+		};
+
+		//
+		// pre-defined sbox table
+		//
+		private static readonly IDictionary sBoxes = Platform.CreateHashtable();
+
+		static Gost28147Engine()
+		{
+			AddSBox("Default", Sbox_Default);
+			AddSBox("E-TEST", ESbox_Test);
+			AddSBox("E-A", ESbox_A);
+			AddSBox("E-B", ESbox_B);
+			AddSBox("E-C", ESbox_C);
+			AddSBox("E-D", ESbox_D);
+			AddSBox("D-TEST", DSbox_Test);
+			AddSBox("D-A", DSbox_A);
+		}
+
+		private static void AddSBox(string sBoxName, byte[] sBox)
+		{
+			sBoxes.Add(Platform.ToUpperInvariant(sBoxName), sBox);        
+		}
+
+		/**
+		* standard constructor.
+		*/
+		public Gost28147Engine()
+		{
+		}
+
+		/**
+		* initialise an Gost28147 cipher.
+		*
+		* @param forEncryption whether or not we are for encryption.
+		* @param parameters the parameters required to set up the cipher.
+		* @exception ArgumentException if the parameters argument is inappropriate.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithSBox)
+			{
+				ParametersWithSBox   param = (ParametersWithSBox)parameters;
+
+				//
+				// Set the S-Box
+				//
+				byte[] sBox = param.GetSBox();
+				if (sBox.Length != Sbox_Default.Length)
+					throw new ArgumentException("invalid S-box passed to GOST28147 init");
+
+				this.S = Arrays.Clone(sBox);
+
+				//
+				// set key if there is one
+				//
+				if (param.Parameters != null)
+				{
+					workingKey = generateWorkingKey(forEncryption,
+							((KeyParameter)param.Parameters).GetKey());
+				}
+			}
+			else if (parameters is KeyParameter)
+			{
+				workingKey = generateWorkingKey(forEncryption,
+									((KeyParameter)parameters).GetKey());
+			}
+			else if (parameters != null)
+			{
+				throw new ArgumentException("invalid parameter passed to Gost28147 init - "
+                    + Platform.GetTypeName(parameters));
+			}
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Gost28147"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BlockSize;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if (workingKey == null)
+				throw new InvalidOperationException("Gost28147 engine not initialised");
+
+            Check.DataLength(input, inOff, BlockSize, "input buffer too short");
+            Check.OutputLength(output, outOff, BlockSize, "output buffer too short");
+
+            Gost28147Func(workingKey, input, inOff, output, outOff);
+
+			return BlockSize;
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+		private int[] generateWorkingKey(
+			bool forEncryption,
+			byte[]  userKey)
+		{
+			this.forEncryption = forEncryption;
+
+			if (userKey.Length != 32)
+			{
+				throw new ArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!");
+			}
+
+			int[] key = new int[8];
+			for(int i=0; i!=8; i++)
+			{
+				key[i] = bytesToint(userKey,i*4);
+			}
+
+			return key;
+		}
+
+		private int Gost28147_mainStep(int n1, int key)
+		{
+			int cm = (key + n1); // CM1
+
+			// S-box replacing
+
+			int om = S[  0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4);
+			om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4);
+			om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4);
+			om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4);
+			om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4);
+			om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4);
+			om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4);
+			om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4);
+
+//			return om << 11 | om >>> (32-11); // 11-leftshift
+			int omLeft = om << 11;
+			int omRight = (int)(((uint) om) >> (32 - 11)); // Note: Casts required to get unsigned bit rotation
+
+			return omLeft | omRight;
+		}
+
+		private void Gost28147Func(
+			int[]   workingKey,
+			byte[]  inBytes,
+			int     inOff,
+			byte[]  outBytes,
+			int     outOff)
+		{
+			int N1, N2, tmp;  //tmp -> for saving N1
+			N1 = bytesToint(inBytes, inOff);
+			N2 = bytesToint(inBytes, inOff + 4);
+
+			if (this.forEncryption)
+			{
+			for(int k = 0; k < 3; k++)  // 1-24 steps
+			{
+				for(int j = 0; j < 8; j++)
+				{
+					tmp = N1;
+					int step = Gost28147_mainStep(N1, workingKey[j]);
+					N1 = N2 ^ step; // CM2
+					N2 = tmp;
+				}
+			}
+			for(int j = 7; j > 0; j--)  // 25-31 steps
+			{
+				tmp = N1;
+				N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2
+				N2 = tmp;
+			}
+			}
+			else //decrypt
+			{
+			for(int j = 0; j < 8; j++)  // 1-8 steps
+			{
+				tmp = N1;
+				N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2
+				N2 = tmp;
+			}
+			for(int k = 0; k < 3; k++)  //9-31 steps
+			{
+				for(int j = 7; j >= 0; j--)
+				{
+					if ((k == 2) && (j==0))
+					{
+						break; // break 32 step
+					}
+					tmp = N1;
+					N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2
+					N2 = tmp;
+				}
+			}
+			}
+
+			N2 = N2 ^ Gost28147_mainStep(N1, workingKey[0]);  // 32 step (N1=N1)
+
+			intTobytes(N1, outBytes, outOff);
+			intTobytes(N2, outBytes, outOff + 4);
+		}
+
+		//array of bytes to type int
+		private static int bytesToint(
+			byte[]  inBytes,
+			int     inOff)
+		{
+			return  (int)((inBytes[inOff + 3] << 24) & 0xff000000) + ((inBytes[inOff + 2] << 16) & 0xff0000) +
+					((inBytes[inOff + 1] << 8) & 0xff00) + (inBytes[inOff] & 0xff);
+		}
+
+		//int to array of bytes
+		private static void intTobytes(
+				int     num,
+				byte[]  outBytes,
+				int     outOff)
+		{
+				outBytes[outOff + 3] = (byte)(num >> 24);
+				outBytes[outOff + 2] = (byte)(num >> 16);
+				outBytes[outOff + 1] = (byte)(num >> 8);
+				outBytes[outOff] =     (byte)num;
+		}
+
+		/**
+		* Return the S-Box associated with SBoxName
+		* @param sBoxName name of the S-Box
+		* @return byte array representing the S-Box
+		*/
+		public static byte[] GetSBox(
+			string sBoxName)
+		{
+			byte[] sBox = (byte[])sBoxes[Platform.ToUpperInvariant(sBoxName)];
+
+            if (sBox == null)
+			{
+				throw new ArgumentException("Unknown S-Box - possible types: "
+					+ "\"Default\", \"E-Test\", \"E-A\", \"E-B\", \"E-C\", \"E-D\", \"D-Test\", \"D-A\".");
+			}
+
+			return Arrays.Clone(sBox);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/HC128Engine.cs b/bc-sharp-crypto/src/crypto/engines/HC128Engine.cs
new file mode 100644
index 0000000..b83eb70
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/HC128Engine.cs
@@ -0,0 +1,235 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* HC-128 is a software-efficient stream cipher created by Hongjun Wu. It
+	* generates keystream from a 128-bit secret key and a 128-bit initialization
+	* vector.
+	* <p>
+	* http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
+	* </p><p>
+	* It is a third phase candidate in the eStream contest, and is patent-free.
+	* No attacks are known as of today (April 2007). See
+	*
+	* http://www.ecrypt.eu.org/stream/hcp3.html
+	* </p>
+	*/
+	public class HC128Engine
+		: IStreamCipher
+	{
+		private uint[] p = new uint[512];
+		private uint[] q = new uint[512];
+		private uint cnt = 0;
+
+		private static uint F1(uint x)
+		{
+			return RotateRight(x, 7) ^ RotateRight(x, 18) ^ (x >> 3);
+		}
+
+		private static uint F2(uint x)
+		{
+			return RotateRight(x, 17) ^ RotateRight(x, 19) ^ (x >> 10);
+		}
+
+		private uint G1(uint x, uint y, uint z)
+		{
+			return (RotateRight(x, 10) ^ RotateRight(z, 23)) + RotateRight(y, 8);
+		}
+
+		private uint G2(uint x, uint y, uint z)
+		{
+			return (RotateLeft(x, 10) ^ RotateLeft(z, 23)) + RotateLeft(y, 8);
+		}
+
+		private static uint RotateLeft(uint	x, int bits)
+		{
+			return (x << bits) | (x >> -bits);
+		}
+
+		private static uint RotateRight(uint x, int bits)
+		{
+			return (x >> bits) | (x << -bits);
+		}
+
+		private uint H1(uint x)
+		{
+			return q[x & 0xFF] + q[((x >> 16) & 0xFF) + 256];
+		}
+
+		private uint H2(uint x)
+		{
+			return p[x & 0xFF] + p[((x >> 16) & 0xFF) + 256];
+		}
+
+		private static uint Mod1024(uint x)
+		{
+			return x & 0x3FF;
+		}
+
+		private static uint Mod512(uint x)
+		{
+			return x & 0x1FF;
+		}
+
+		private static uint Dim(uint x, uint y)
+		{
+			return Mod512(x - y);
+		}
+
+		private uint Step()
+		{
+			uint j = Mod512(cnt);
+			uint ret;
+			if (cnt < 512)
+			{
+				p[j] += G1(p[Dim(j, 3)], p[Dim(j, 10)], p[Dim(j, 511)]);
+				ret = H1(p[Dim(j, 12)]) ^ p[j];
+			}
+			else
+			{
+				q[j] += G2(q[Dim(j, 3)], q[Dim(j, 10)], q[Dim(j, 511)]);
+				ret = H2(q[Dim(j, 12)]) ^ q[j];
+			}
+			cnt = Mod1024(cnt + 1);
+			return ret;
+		}
+
+		private byte[] key, iv;
+		private bool initialised;
+
+		private void Init()
+		{
+			if (key.Length != 16)
+				throw new ArgumentException("The key must be 128 bits long");
+
+            idx = 0;
+            cnt = 0;
+
+			uint[] w = new uint[1280];
+
+			for (int i = 0; i < 16; i++)
+			{
+				w[i >> 2] |= ((uint)key[i] << (8 * (i & 0x3)));
+			}
+			Array.Copy(w, 0, w, 4, 4);
+
+			for (int i = 0; i < iv.Length && i < 16; i++)
+			{
+				w[(i >> 2) + 8] |= ((uint)iv[i] << (8 * (i & 0x3)));
+			}
+			Array.Copy(w, 8, w, 12, 4);
+
+			for (uint i = 16; i < 1280; i++)
+			{
+				w[i] = F2(w[i - 2]) + w[i - 7] + F1(w[i - 15]) + w[i - 16] + i;
+			}
+
+			Array.Copy(w, 256, p, 0, 512);
+			Array.Copy(w, 768, q, 0, 512);
+
+			for (int i = 0; i < 512; i++)
+			{
+				p[i] = Step();
+			}
+			for (int i = 0; i < 512; i++)
+			{
+				q[i] = Step();
+			}
+
+			cnt = 0;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "HC-128"; }
+		}
+
+		/**
+		* Initialise a HC-128 cipher.
+		*
+		* @param forEncryption whether or not we are for encryption. Irrelevant, as
+		*                      encryption and decryption are the same.
+		* @param params        the parameters required to set up the cipher.
+		* @throws ArgumentException if the params argument is
+		*                                  inappropriate (ie. the key is not 128 bit long).
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			ICipherParameters keyParam = parameters;
+
+			if (parameters is ParametersWithIV)
+			{
+				iv = ((ParametersWithIV)parameters).GetIV();
+				keyParam = ((ParametersWithIV)parameters).Parameters;
+			}
+			else
+			{
+				iv = new byte[0];
+			}
+
+			if (keyParam is KeyParameter)
+			{
+				key = ((KeyParameter)keyParam).GetKey();
+				Init();
+			}
+			else
+			{
+				throw new ArgumentException(
+					"Invalid parameter passed to HC128 init - " + Platform.GetTypeName(parameters),
+					"parameters");
+			}
+
+			initialised = true;
+		}
+
+		private byte[] buf = new byte[4];
+		private int idx = 0;
+
+		private byte GetByte()
+		{
+			if (idx == 0)
+			{
+				Pack.UInt32_To_LE(Step(), buf);				
+			}
+			byte ret = buf[idx];
+			idx = idx + 1 & 0x3;
+			return ret;
+		}
+
+        public virtual void ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		len,
+			byte[]	output,
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, len, "input buffer too short");
+            Check.OutputLength(output, outOff, len, "output buffer too short");
+
+            for (int i = 0; i < len; i++)
+			{
+				output[outOff + i] = (byte)(input[inOff + i] ^ GetByte());
+			}
+		}
+
+        public virtual void Reset()
+		{
+			Init();
+		}
+
+        public virtual byte ReturnByte(byte input)
+		{
+			return (byte)(input ^ GetByte());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/HC256Engine.cs b/bc-sharp-crypto/src/crypto/engines/HC256Engine.cs
new file mode 100644
index 0000000..d8d83a6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/HC256Engine.cs
@@ -0,0 +1,224 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* HC-256 is a software-efficient stream cipher created by Hongjun Wu. It 
+	* generates keystream from a 256-bit secret key and a 256-bit initialization 
+	* vector.
+	* <p>
+	* http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
+	* </p><p>
+	* Its brother, HC-128, is a third phase candidate in the eStream contest.
+	* The algorithm is patent-free. No attacks are known as of today (April 2007). 
+	* See
+	* 
+	* http://www.ecrypt.eu.org/stream/hcp3.html
+	* </p>
+	*/
+	public class HC256Engine
+		: IStreamCipher
+	{
+		private uint[] p = new uint[1024];
+		private uint[] q = new uint[1024];
+		private uint cnt = 0;
+
+		private uint Step()
+		{
+			uint j = cnt & 0x3FF;
+			uint ret;
+			if (cnt < 1024)
+			{
+				uint x = p[(j - 3 & 0x3FF)];
+				uint y = p[(j - 1023 & 0x3FF)];
+				p[j] += p[(j - 10 & 0x3FF)]
+					+ (RotateRight(x, 10) ^ RotateRight(y, 23))
+					+ q[((x ^ y) & 0x3FF)];
+
+				x = p[(j - 12 & 0x3FF)];
+				ret = (q[x & 0xFF] + q[((x >> 8) & 0xFF) + 256]
+					+ q[((x >> 16) & 0xFF) + 512] + q[((x >> 24) & 0xFF) + 768])
+					^ p[j];
+			}
+			else
+			{
+				uint x = q[(j - 3 & 0x3FF)];
+				uint y = q[(j - 1023 & 0x3FF)];
+				q[j] += q[(j - 10 & 0x3FF)]
+					+ (RotateRight(x, 10) ^ RotateRight(y, 23))
+					+ p[((x ^ y) & 0x3FF)];
+
+				x = q[(j - 12 & 0x3FF)];
+				ret = (p[x & 0xFF] + p[((x >> 8) & 0xFF) + 256]
+					+ p[((x >> 16) & 0xFF) + 512] + p[((x >> 24) & 0xFF) + 768])
+					^ q[j];
+			}
+			cnt = cnt + 1 & 0x7FF;
+			return ret;
+		}
+
+		private byte[] key, iv;
+		private bool initialised;
+
+		private void Init()
+		{
+			if (key.Length != 32 && key.Length != 16)
+				throw new ArgumentException("The key must be 128/256 bits long");
+
+			if (iv.Length < 16)
+				throw new ArgumentException("The IV must be at least 128 bits long");
+
+			if (key.Length != 32)
+	        {
+				byte[] k = new byte[32];
+
+				Array.Copy(key, 0, k, 0, key.Length);
+				Array.Copy(key, 0, k, 16, key.Length);
+
+				key = k;
+			}
+
+			if (iv.Length < 32)
+			{
+				byte[] newIV = new byte[32];
+
+				Array.Copy(iv, 0, newIV, 0, iv.Length);
+				Array.Copy(iv, 0, newIV, iv.Length, newIV.Length - iv.Length);
+
+				iv = newIV;
+			}
+
+            idx = 0;
+			cnt = 0;
+
+			uint[] w = new uint[2560];
+
+			for (int i = 0; i < 32; i++)
+			{
+				w[i >> 2] |= ((uint)key[i] << (8 * (i & 0x3)));
+			}
+
+			for (int i = 0; i < 32; i++)
+			{
+				w[(i >> 2) + 8] |= ((uint)iv[i] << (8 * (i & 0x3)));
+			}
+
+			for (uint i = 16; i < 2560; i++)
+			{
+				uint x = w[i - 2];
+				uint y = w[i - 15];
+				w[i] = (RotateRight(x, 17) ^ RotateRight(x, 19) ^ (x >> 10))
+					+ w[i - 7]
+					+ (RotateRight(y, 7) ^ RotateRight(y, 18) ^ (y >> 3))
+					+ w[i - 16] + i;
+			}
+
+			Array.Copy(w, 512, p, 0, 1024);
+			Array.Copy(w, 1536, q, 0, 1024);
+
+			for (int i = 0; i < 4096; i++)
+			{
+				Step();
+			}
+
+			cnt = 0;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "HC-256"; }
+		}
+
+		/**
+		* Initialise a HC-256 cipher.
+		*
+		* @param forEncryption whether or not we are for encryption. Irrelevant, as
+		*                      encryption and decryption are the same.
+		* @param params        the parameters required to set up the cipher.
+		* @throws ArgumentException if the params argument is
+		*                                  inappropriate (ie. the key is not 256 bit long).
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			ICipherParameters keyParam = parameters;
+
+			if (parameters is ParametersWithIV)
+			{
+				iv = ((ParametersWithIV)parameters).GetIV();
+				keyParam = ((ParametersWithIV)parameters).Parameters;
+			}
+			else
+			{
+				iv = new byte[0];
+			}
+
+			if (keyParam is KeyParameter)
+			{
+				key = ((KeyParameter)keyParam).GetKey();
+				Init();
+			}
+			else
+			{
+				throw new ArgumentException(
+					"Invalid parameter passed to HC256 init - " + Platform.GetTypeName(parameters),
+					"parameters");
+			}
+
+			initialised = true;
+		}
+
+		private byte[] buf = new byte[4];
+		private int idx = 0;
+
+		private byte GetByte()
+		{
+			if (idx == 0)
+			{
+				Pack.UInt32_To_LE(Step(), buf);
+			}
+			byte ret = buf[idx];
+			idx = idx + 1 & 0x3;
+			return ret;
+		}
+
+        public virtual void ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		len,
+			byte[]	output,
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, len, "input buffer too short");
+            Check.OutputLength(output, outOff, len, "output buffer too short");
+
+            for (int i = 0; i < len; i++)
+			{
+				output[outOff + i] = (byte)(input[inOff + i] ^ GetByte());
+			}
+		}
+
+        public virtual void Reset()
+		{
+			Init();
+		}
+
+        public virtual byte ReturnByte(byte input)
+		{
+			return (byte)(input ^ GetByte());
+		}
+
+		private static uint RotateRight(uint x, int bits)
+		{
+			return (x >> bits) | (x << -bits);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/ISAACEngine.cs b/bc-sharp-crypto/src/crypto/engines/ISAACEngine.cs
new file mode 100644
index 0000000..b94ee6e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/ISAACEngine.cs
@@ -0,0 +1,212 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * Implementation of Bob Jenkin's ISAAC (Indirection Shift Accumulate Add and Count).
+    * see: http://www.burtleburtle.net/bob/rand/isaacafa.html
+    */
+    public class IsaacEngine
+        : IStreamCipher
+    {
+        // Constants
+        private static readonly int sizeL          = 8,
+                                    stateArraySize = sizeL<<5; // 256
+
+        // Cipher's internal state
+        private uint[]   engineState   = null, // mm                
+                        results       = null; // randrsl
+        private uint     a = 0, b = 0, c = 0;
+
+        // Engine state
+        private int     index         = 0;
+        private byte[]  keyStream     = new byte[stateArraySize<<2], // results expanded into bytes
+                        workingKey    = null;
+        private bool	initialised   = false;
+
+        /**
+        * initialise an ISAAC cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param params the parameters required to set up the cipher.
+        * @exception ArgumentException if the params argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption, 
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+                throw new ArgumentException(
+                    "invalid parameter passed to ISAAC Init - " + Platform.GetTypeName(parameters),
+                    "parameters");
+
+            /* 
+            * ISAAC encryption and decryption is completely
+            * symmetrical, so the 'forEncryption' is 
+            * irrelevant.
+            */
+            KeyParameter p = (KeyParameter) parameters;
+            setKey(p.GetKey());
+        }
+
+        public virtual byte ReturnByte(
+            byte input)
+        {
+            if (index == 0) 
+            {
+                isaac();
+                keyStream = Pack.UInt32_To_BE(results);
+            }
+
+            byte output = (byte)(keyStream[index]^input);
+            index = (index + 1) & 1023;
+
+            return output;
+        }
+
+        public virtual void ProcessBytes(
+            byte[]	input, 
+            int		inOff, 
+            int		len, 
+            byte[]	output, 
+            int		outOff)
+        {
+            if (!initialised)
+                throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, len, "input buffer too short");
+            Check.OutputLength(output, outOff, len, "output buffer too short");
+
+            for (int i = 0; i < len; i++)
+            {
+                if (index == 0) 
+                {
+                    isaac();
+                    keyStream = Pack.UInt32_To_BE(results);
+                }
+                output[i+outOff] = (byte)(keyStream[index]^input[i+inOff]);
+                index = (index + 1) & 1023;
+            }
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "ISAAC"; }
+        }
+
+        public virtual void Reset()
+        {
+            setKey(workingKey);
+        }
+
+        // Private implementation
+        private void setKey(
+            byte[] keyBytes)
+        {
+            workingKey = keyBytes;
+
+            if (engineState == null)
+            {
+                engineState = new uint[stateArraySize];
+            }
+
+            if (results == null)
+            {
+                results = new uint[stateArraySize];
+            }
+
+            int i, j, k;
+
+            // Reset state
+            for (i = 0; i < stateArraySize; i++)
+            {
+                engineState[i] = results[i] = 0;
+            }
+            a = b = c = 0;
+
+            // Reset index counter for output
+            index = 0;
+
+            // Convert the key bytes to ints and put them into results[] for initialization
+            byte[] t = new byte[keyBytes.Length + (keyBytes.Length & 3)];
+            Array.Copy(keyBytes, 0, t, 0, keyBytes.Length);
+            for (i = 0; i < t.Length; i+=4)
+            {
+                results[i >> 2] = Pack.LE_To_UInt32(t, i);
+            }
+
+            // It has begun?
+            uint[] abcdefgh = new uint[sizeL];
+
+            for (i = 0; i < sizeL; i++)
+            {
+                abcdefgh[i] = 0x9e3779b9; // Phi (golden ratio)
+            }
+
+            for (i = 0; i < 4; i++)
+            {
+                mix(abcdefgh);
+            }
+
+            for (i = 0; i < 2; i++)
+            {
+                for (j = 0; j < stateArraySize; j+=sizeL)
+                {
+                    for (k = 0; k < sizeL; k++)
+                    {
+                        abcdefgh[k] += (i<1) ? results[j+k] : engineState[j+k];
+                    }
+
+                    mix(abcdefgh);
+
+                    for (k = 0; k < sizeL; k++)
+                    {
+                        engineState[j+k] = abcdefgh[k];
+                    }
+                }
+            }
+
+            isaac();
+
+            initialised = true;
+        }    
+
+        private void isaac()
+        {
+            uint x, y;
+
+            b += ++c;
+            for (int i = 0; i < stateArraySize; i++)
+            {
+                x = engineState[i];
+                switch (i & 3)
+                {
+                    case 0: a ^= (a << 13); break;
+                    case 1: a ^= (a >>  6); break;
+                    case 2: a ^= (a <<  2); break;
+                    case 3: a ^= (a >> 16); break;
+                }
+                a += engineState[(i+128) & 0xFF];
+                engineState[i] = y = engineState[(int)((uint)x >> 2) & 0xFF] + a + b;
+                results[i] = b = engineState[(int)((uint)y >> 10) & 0xFF] + x;
+            }
+        }
+
+        private void mix(uint[] x)
+        {
+            x[0]^=x[1]<< 11; x[3]+=x[0]; x[1]+=x[2];
+            x[1]^=x[2]>>  2; x[4]+=x[1]; x[2]+=x[3];
+            x[2]^=x[3]<<  8; x[5]+=x[2]; x[3]+=x[4];
+            x[3]^=x[4]>> 16; x[6]+=x[3]; x[4]+=x[5];
+            x[4]^=x[5]<< 10; x[7]+=x[4]; x[5]+=x[6];
+            x[5]^=x[6]>>  4; x[0]+=x[5]; x[6]+=x[7];
+            x[6]^=x[7]<<  8; x[1]+=x[6]; x[7]+=x[0];
+            x[7]^=x[0]>>  9; x[2]+=x[7]; x[0]+=x[1];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/IdeaEngine.cs b/bc-sharp-crypto/src/crypto/engines/IdeaEngine.cs
new file mode 100644
index 0000000..18a151c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/IdeaEngine.cs
@@ -0,0 +1,332 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * A class that provides a basic International Data Encryption Algorithm (IDEA) engine.
+    * <p>
+    * This implementation is based on the "HOWTO: INTERNATIONAL DATA ENCRYPTION ALGORITHM"
+    * implementation summary by Fauzan Mirza (F.U.Mirza@sheffield.ac.uk). (baring 1 typo at the
+    * end of the mulinv function!).
+    * </p>
+    * <p>
+    * It can be found at ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/idea/
+    * </p>
+    * <p>
+    * Note 1: This algorithm is patented in the USA, Japan, and Europe including
+    * at least Austria, France, Germany, Italy, Netherlands, Spain, Sweden, Switzerland
+    * and the United Kingdom. Non-commercial use is free, however any commercial
+    * products are liable for royalties. Please see
+    * <a href="http://www.mediacrypt.com">www.mediacrypt.com</a> for
+    * further details. This announcement has been included at the request of
+    * the patent holders.
+    * </p>
+    * <p>
+    * Note 2: Due to the requests concerning the above, this algorithm is now only
+    * included in the extended assembly. It is not included in the default distributions.
+    * </p>
+    */
+    public class IdeaEngine
+        : IBlockCipher
+    {
+        private const int  BLOCK_SIZE = 8;
+        private int[] workingKey;
+        /**
+        * standard constructor.
+        */
+        public IdeaEngine()
+        {
+        }
+        /**
+        * initialise an IDEA cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+                throw new ArgumentException("invalid parameter passed to IDEA init - " + Platform.GetTypeName(parameters));
+
+            workingKey = GenerateWorkingKey(forEncryption,
+                ((KeyParameter)parameters).GetKey());
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "IDEA"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[] input,
+            int inOff,
+            byte[] output,
+            int outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("IDEA engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            IdeaFunc(workingKey, input, inOff, output, outOff);
+            return BLOCK_SIZE;
+        }
+        public virtual void Reset()
+        {
+        }
+        private static readonly int    MASK = 0xffff;
+        private static readonly int    BASE = 0x10001;
+        private int BytesToWord(
+            byte[]  input,
+            int     inOff)
+        {
+            return ((input[inOff] << 8) & 0xff00) + (input[inOff + 1] & 0xff);
+        }
+        private void WordToBytes(
+            int     word,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            outBytes[outOff] = (byte)((uint) word >> 8);
+            outBytes[outOff + 1] = (byte)word;
+        }
+        /**
+        * return x = x * y where the multiplication is done modulo
+        * 65537 (0x10001) (as defined in the IDEA specification) and
+        * a zero input is taken to be 65536 (0x10000).
+        *
+        * @param x the x value
+        * @param y the y value
+        * @return x = x * y
+        */
+        private int Mul(
+            int x,
+            int y)
+        {
+            if (x == 0)
+            {
+                x = (BASE - y);
+            }
+            else if (y == 0)
+            {
+                x = (BASE - x);
+            }
+            else
+            {
+                int     p = x * y;
+                y = p & MASK;
+                x = (int) ((uint) p >> 16);
+                x = y - x + ((y < x) ? 1 : 0);
+            }
+            return x & MASK;
+        }
+        private void IdeaFunc(
+            int[]   workingKey,
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int     x0, x1, x2, x3, t0, t1;
+            int     keyOff = 0;
+            x0 = BytesToWord(input, inOff);
+            x1 = BytesToWord(input, inOff + 2);
+            x2 = BytesToWord(input, inOff + 4);
+            x3 = BytesToWord(input, inOff + 6);
+            for (int round = 0; round < 8; round++)
+            {
+                x0 = Mul(x0, workingKey[keyOff++]);
+                x1 += workingKey[keyOff++];
+                x1 &= MASK;
+                x2 += workingKey[keyOff++];
+                x2 &= MASK;
+                x3 = Mul(x3, workingKey[keyOff++]);
+                t0 = x1;
+                t1 = x2;
+                x2 ^= x0;
+                x1 ^= x3;
+                x2 = Mul(x2, workingKey[keyOff++]);
+                x1 += x2;
+                x1 &= MASK;
+                x1 = Mul(x1, workingKey[keyOff++]);
+                x2 += x1;
+                x2 &= MASK;
+                x0 ^= x1;
+                x3 ^= x2;
+                x1 ^= t1;
+                x2 ^= t0;
+            }
+            WordToBytes(Mul(x0, workingKey[keyOff++]), outBytes, outOff);
+            WordToBytes(x2 + workingKey[keyOff++], outBytes, outOff + 2);  /* NB: Order */
+            WordToBytes(x1 + workingKey[keyOff++], outBytes, outOff + 4);
+            WordToBytes(Mul(x3, workingKey[keyOff]), outBytes, outOff + 6);
+        }
+        /**
+        * The following function is used to expand the user key to the encryption
+        * subkey. The first 16 bytes are the user key, and the rest of the subkey
+        * is calculated by rotating the previous 16 bytes by 25 bits to the left,
+        * and so on until the subkey is completed.
+        */
+        private int[] ExpandKey(
+            byte[]  uKey)
+        {
+            int[]   key = new int[52];
+            if (uKey.Length < 16)
+            {
+                byte[]  tmp = new byte[16];
+                Array.Copy(uKey, 0, tmp, tmp.Length - uKey.Length, uKey.Length);
+                uKey = tmp;
+            }
+            for (int i = 0; i < 8; i++)
+            {
+                key[i] = BytesToWord(uKey, i * 2);
+            }
+            for (int i = 8; i < 52; i++)
+            {
+                if ((i & 7) < 6)
+                {
+                    key[i] = ((key[i - 7] & 127) << 9 | key[i - 6] >> 7) & MASK;
+                }
+                else if ((i & 7) == 6)
+                {
+                    key[i] = ((key[i - 7] & 127) << 9 | key[i - 14] >> 7) & MASK;
+                }
+                else
+                {
+                    key[i] = ((key[i - 15] & 127) << 9 | key[i - 14] >> 7) & MASK;
+                }
+            }
+            return key;
+        }
+        /**
+        * This function computes multiplicative inverse using Euclid's Greatest
+        * Common Divisor algorithm. Zero and one are self inverse.
+        * <p>
+        * i.e. x * MulInv(x) == 1 (modulo BASE)
+        * </p>
+        */
+        private int MulInv(
+            int x)
+        {
+            int t0, t1, q, y;
+
+            if (x < 2)
+            {
+                return x;
+            }
+            t0 = 1;
+            t1 = BASE / x;
+            y  = BASE % x;
+            while (y != 1)
+            {
+                q = x / y;
+                x = x % y;
+                t0 = (t0 + (t1 * q)) & MASK;
+                if (x == 1)
+                {
+                    return t0;
+                }
+                q = y / x;
+                y = y % x;
+                t1 = (t1 + (t0 * q)) & MASK;
+            }
+            return (1 - t1) & MASK;
+        }
+        /**
+        * Return the additive inverse of x.
+        * <p>
+        * i.e. x + AddInv(x) == 0
+        * </p>
+        */
+        int AddInv(
+            int x)
+        {
+            return (0 - x) & MASK;
+        }
+
+        /**
+        * The function to invert the encryption subkey to the decryption subkey.
+        * It also involves the multiplicative inverse and the additive inverse functions.
+        */
+        private int[] InvertKey(
+            int[] inKey)
+        {
+            int     t1, t2, t3, t4;
+            int     p = 52;                 /* We work backwards */
+            int[]   key = new int[52];
+            int     inOff = 0;
+
+            t1 = MulInv(inKey[inOff++]);
+            t2 = AddInv(inKey[inOff++]);
+            t3 = AddInv(inKey[inOff++]);
+            t4 = MulInv(inKey[inOff++]);
+            key[--p] = t4;
+            key[--p] = t3;
+            key[--p] = t2;
+            key[--p] = t1;
+
+            for (int round = 1; round < 8; round++)
+            {
+                t1 = inKey[inOff++];
+                t2 = inKey[inOff++];
+                key[--p] = t2;
+                key[--p] = t1;
+
+                t1 = MulInv(inKey[inOff++]);
+                t2 = AddInv(inKey[inOff++]);
+                t3 = AddInv(inKey[inOff++]);
+                t4 = MulInv(inKey[inOff++]);
+                key[--p] = t4;
+                key[--p] = t2; /* NB: Order */
+                key[--p] = t3;
+                key[--p] = t1;
+            }
+            t1 = inKey[inOff++];
+            t2 = inKey[inOff++];
+            key[--p] = t2;
+            key[--p] = t1;
+
+            t1 = MulInv(inKey[inOff++]);
+            t2 = AddInv(inKey[inOff++]);
+            t3 = AddInv(inKey[inOff++]);
+            t4 = MulInv(inKey[inOff]);
+            key[--p] = t4;
+            key[--p] = t3;
+            key[--p] = t2;
+            key[--p] = t1;
+            return key;
+        }
+
+        private int[] GenerateWorkingKey(
+            bool forEncryption,
+            byte[]  userKey)
+        {
+            if (forEncryption)
+            {
+                return ExpandKey(userKey);
+            }
+            else
+            {
+                return InvertKey(ExpandKey(userKey));
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/IesEngine.cs b/bc-sharp-crypto/src/crypto/engines/IesEngine.cs
new file mode 100644
index 0000000..307cc7a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/IesEngine.cs
@@ -0,0 +1,243 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * support class for constructing intergrated encryption ciphers
+    * for doing basic message exchanges on top of key agreement ciphers
+    */
+    public class IesEngine
+    {
+        private readonly IBasicAgreement     agree;
+        private readonly IDerivationFunction kdf;
+        private readonly IMac                mac;
+        private readonly BufferedBlockCipher cipher;
+        private readonly byte[]              macBuf;
+
+        private bool				forEncryption;
+        private ICipherParameters	privParam, pubParam;
+        private IesParameters		param;
+
+        /**
+        * set up for use with stream mode, where the key derivation function
+        * is used to provide a stream of bytes to xor with the message.
+        *
+        * @param agree the key agreement used as the basis for the encryption
+        * @param kdf the key derivation function used for byte generation
+        * @param mac the message authentication code generator for the message
+        */
+        public IesEngine(
+            IBasicAgreement     agree,
+            IDerivationFunction kdf,
+            IMac                mac)
+        {
+            this.agree = agree;
+            this.kdf = kdf;
+            this.mac = mac;
+            this.macBuf = new byte[mac.GetMacSize()];
+//            this.cipher = null;
+        }
+
+        /**
+        * set up for use in conjunction with a block cipher to handle the
+        * message.
+        *
+        * @param agree the key agreement used as the basis for the encryption
+        * @param kdf the key derivation function used for byte generation
+        * @param mac the message authentication code generator for the message
+        * @param cipher the cipher to used for encrypting the message
+        */
+        public IesEngine(
+            IBasicAgreement     agree,
+            IDerivationFunction kdf,
+            IMac                mac,
+            BufferedBlockCipher cipher)
+        {
+            this.agree = agree;
+            this.kdf = kdf;
+            this.mac = mac;
+            this.macBuf = new byte[mac.GetMacSize()];
+            this.cipher = cipher;
+        }
+
+        /**
+        * Initialise the encryptor.
+        *
+        * @param forEncryption whether or not this is encryption/decryption.
+        * @param privParam our private key parameters
+        * @param pubParam the recipient's/sender's public key parameters
+        * @param param encoding and derivation parameters.
+        */
+        public virtual void Init(
+            bool                     forEncryption,
+            ICipherParameters            privParameters,
+            ICipherParameters            pubParameters,
+            ICipherParameters            iesParameters)
+        {
+            this.forEncryption = forEncryption;
+            this.privParam = privParameters;
+            this.pubParam = pubParameters;
+            this.param = (IesParameters)iesParameters;
+        }
+
+        private byte[] DecryptBlock(
+            byte[]  in_enc,
+            int     inOff,
+            int     inLen,
+            byte[]  z)
+        {
+            byte[]          M = null;
+            KeyParameter    macKey = null;
+            KdfParameters   kParam = new KdfParameters(z, param.GetDerivationV());
+            int             macKeySize = param.MacKeySize;
+
+            kdf.Init(kParam);
+
+            // Ensure that the length of the input is greater than the MAC in bytes
+            if (inLen < mac.GetMacSize())
+                throw new InvalidCipherTextException("Length of input must be greater than the MAC");
+
+            inLen -= mac.GetMacSize();
+
+            if (cipher == null)     // stream mode
+            {
+                byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8));
+
+                M = new byte[inLen];
+
+                for (int i = 0; i != inLen; i++)
+                {
+                    M[i] = (byte)(in_enc[inOff + i] ^ Buffer[i]);
+                }
+
+                macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8));
+            }
+            else
+            {
+                int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize;
+                byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8));
+
+                cipher.Init(false, new KeyParameter(Buffer, 0, (cipherKeySize / 8)));
+
+                M = cipher.DoFinal(in_enc, inOff, inLen);
+
+                macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8));
+            }
+
+            byte[] macIV = param.GetEncodingV();
+
+            mac.Init(macKey);
+            mac.BlockUpdate(in_enc, inOff, inLen);
+            mac.BlockUpdate(macIV, 0, macIV.Length);
+            mac.DoFinal(macBuf, 0);
+
+            inOff += inLen;
+
+            byte[] T1 = Arrays.CopyOfRange(in_enc, inOff, inOff + macBuf.Length);
+
+            if (!Arrays.ConstantTimeAreEqual(T1, macBuf))
+                throw (new InvalidCipherTextException("Invalid MAC."));
+
+            return M;
+        }
+
+        private byte[] EncryptBlock(
+            byte[]  input,
+            int     inOff,
+            int     inLen,
+            byte[]  z)
+        {
+            byte[]          C = null;
+            KeyParameter    macKey = null;
+            KdfParameters   kParam = new KdfParameters(z, param.GetDerivationV());
+            int             c_text_length = 0;
+            int             macKeySize = param.MacKeySize;
+
+            if (cipher == null)     // stream mode
+            {
+                byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8));
+
+                C = new byte[inLen + mac.GetMacSize()];
+                c_text_length = inLen;
+
+                for (int i = 0; i != inLen; i++)
+                {
+                    C[i] = (byte)(input[inOff + i] ^ Buffer[i]);
+                }
+
+                macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8));
+            }
+            else
+            {
+                int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize;
+                byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8));
+
+                cipher.Init(true, new KeyParameter(Buffer, 0, (cipherKeySize / 8)));
+
+                c_text_length = cipher.GetOutputSize(inLen);
+                byte[] tmp = new byte[c_text_length];
+
+                int len = cipher.ProcessBytes(input, inOff, inLen, tmp, 0);
+                len += cipher.DoFinal(tmp, len);
+
+                C = new byte[len + mac.GetMacSize()];
+                c_text_length = len;
+
+                Array.Copy(tmp, 0, C, 0, len);
+
+                macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8));
+            }
+
+            byte[] macIV = param.GetEncodingV();
+
+            mac.Init(macKey);
+            mac.BlockUpdate(C, 0, c_text_length);
+            mac.BlockUpdate(macIV, 0, macIV.Length);
+            //
+            // return the message and it's MAC
+            //
+            mac.DoFinal(C, c_text_length);
+            return C;
+        }
+
+        private byte[] GenerateKdfBytes(
+            KdfParameters	kParam,
+            int				length)
+        {
+            byte[] buf = new byte[length];
+
+            kdf.Init(kParam);
+
+            kdf.GenerateBytes(buf, 0, buf.Length);
+
+            return buf;
+        }
+
+        public virtual byte[] ProcessBlock(
+            byte[]  input,
+            int     inOff,
+            int     inLen)
+        {
+            agree.Init(privParam);
+
+            BigInteger z = agree.CalculateAgreement(pubParam);
+
+            byte[] zBytes = BigIntegers.AsUnsignedByteArray(agree.GetFieldSize(), z);
+
+            try
+            {
+                return forEncryption
+                    ?	EncryptBlock(input, inOff, inLen, zBytes)
+                    :	DecryptBlock(input, inOff, inLen, zBytes);
+            }
+            finally
+            {
+                Array.Clear(zBytes, 0, zBytes.Length);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/NaccacheSternEngine.cs b/bc-sharp-crypto/src/crypto/engines/NaccacheSternEngine.cs
new file mode 100644
index 0000000..64665c1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/NaccacheSternEngine.cs
@@ -0,0 +1,358 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* NaccacheStern Engine. For details on this cipher, please see
+	* http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	*/
+	public class NaccacheSternEngine
+		: IAsymmetricBlockCipher
+	{
+		private bool forEncryption;
+
+		private NaccacheSternKeyParameters key;
+
+		private IList[] lookup = null;
+
+        public string AlgorithmName
+		{
+			get { return "NaccacheStern"; }
+		}
+
+		/**
+		* Initializes this algorithm. Must be called before all other Functions.
+		*
+		* @see org.bouncycastle.crypto.AsymmetricBlockCipher#init(bool,
+		*      org.bouncycastle.crypto.CipherParameters)
+		*/
+		public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+
+			if (parameters is ParametersWithRandom)
+			{
+				parameters = ((ParametersWithRandom) parameters).Parameters;
+			}
+
+			key = (NaccacheSternKeyParameters)parameters;
+
+			// construct lookup table for faster decryption if necessary
+			if (!this.forEncryption)
+			{
+				NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key;
+				IList primes = priv.SmallPrimesList;
+				lookup = new IList[primes.Count];
+				for (int i = 0; i < primes.Count; i++)
+				{
+					BigInteger actualPrime = (BigInteger) primes[i];
+					int actualPrimeValue = actualPrime.IntValue;
+
+					lookup[i] = Platform.CreateArrayList(actualPrimeValue);
+					lookup[i].Add(BigInteger.One);
+
+					BigInteger accJ = BigInteger.Zero;
+
+					for (int j = 1; j < actualPrimeValue; j++)
+					{
+//						BigInteger bigJ = BigInteger.ValueOf(j);
+//						accJ = priv.PhiN.Multiply(bigJ);
+						accJ = accJ.Add(priv.PhiN);
+						BigInteger comp = accJ.Divide(actualPrime);
+						lookup[i].Add(priv.G.ModPow(comp, priv.Modulus));
+					}
+				}
+			}
+		}
+
+        [Obsolete("Remove: no longer used")]
+        public virtual bool Debug
+		{
+			set {}
+		}
+
+        /**
+		* Returns the input block size of this algorithm.
+		*
+		* @see org.bouncycastle.crypto.AsymmetricBlockCipher#GetInputBlockSize()
+		*/
+        public virtual int GetInputBlockSize()
+		{
+			if (forEncryption)
+			{
+				// We can only encrypt values up to lowerSigmaBound
+				return (key.LowerSigmaBound + 7) / 8 - 1;
+			}
+			else
+			{
+				// We pad to modulus-size bytes for easier decryption.
+//				return key.Modulus.ToByteArray().Length;
+				return key.Modulus.BitLength / 8 + 1;
+			}
+		}
+
+		/**
+		* Returns the output block size of this algorithm.
+		*
+		* @see org.bouncycastle.crypto.AsymmetricBlockCipher#GetOutputBlockSize()
+		*/
+        public virtual int GetOutputBlockSize()
+		{
+			if (forEncryption)
+			{
+				// encrypted Data is always padded up to modulus size
+//				return key.Modulus.ToByteArray().Length;
+				return key.Modulus.BitLength / 8 + 1;
+			}
+			else
+			{
+				// decrypted Data has upper limit lowerSigmaBound
+				return (key.LowerSigmaBound + 7) / 8 - 1;
+			}
+		}
+
+		/**
+		* Process a single Block using the Naccache-Stern algorithm.
+		*
+		* @see org.bouncycastle.crypto.AsymmetricBlockCipher#ProcessBlock(byte[],
+		*      int, int)
+		*/
+        public virtual byte[] ProcessBlock(
+			byte[]	inBytes,
+			int		inOff,
+			int		length)
+		{
+			if (key == null)
+				throw new InvalidOperationException("NaccacheStern engine not initialised");
+			if (length > (GetInputBlockSize() + 1))
+				throw new DataLengthException("input too large for Naccache-Stern cipher.\n");
+
+			if (!forEncryption)
+			{
+				// At decryption make sure that we receive padded data blocks
+				if (length < GetInputBlockSize())
+				{
+					throw new InvalidCipherTextException("BlockLength does not match modulus for Naccache-Stern cipher.\n");
+				}
+			}
+
+			// transform input into BigInteger
+			BigInteger input = new BigInteger(1, inBytes, inOff, length);
+
+			byte[] output;
+			if (forEncryption)
+			{
+				output = Encrypt(input);
+			}
+			else
+			{
+				IList plain = Platform.CreateArrayList();
+				NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key;
+				IList primes = priv.SmallPrimesList;
+				// Get Chinese Remainders of CipherText
+				for (int i = 0; i < primes.Count; i++)
+				{
+					BigInteger exp = input.ModPow(priv.PhiN.Divide((BigInteger)primes[i]), priv.Modulus);
+					IList al = lookup[i];
+					if (lookup[i].Count != ((BigInteger)primes[i]).IntValue)
+					{
+						throw new InvalidCipherTextException("Error in lookup Array for "
+										+ ((BigInteger)primes[i]).IntValue
+										+ ": Size mismatch. Expected ArrayList with length "
+										+ ((BigInteger)primes[i]).IntValue + " but found ArrayList of length "
+										+ lookup[i].Count);
+					}
+					int lookedup = al.IndexOf(exp);
+
+					if (lookedup == -1)
+					{
+						throw new InvalidCipherTextException("Lookup failed");
+					}
+					plain.Add(BigInteger.ValueOf(lookedup));
+				}
+				BigInteger test = chineseRemainder(plain, primes);
+
+				// Should not be used as an oracle, so reencrypt output to see
+				// if it corresponds to input
+
+				// this breaks probabilisic encryption, so disable it. Anyway, we do
+				// use the first n primes for key generation, so it is pretty easy
+				// to guess them. But as stated in the paper, this is not a security
+				// breach. So we can just work with the correct sigma.
+
+				// if ((key.G.ModPow(test, key.Modulus)).Equals(input)) {
+				//      output = test.ToByteArray();
+				// } else {
+				//      output = null;
+				// }
+
+				output = test.ToByteArray();
+			}
+
+			return output;
+		}
+
+		/**
+		* Encrypts a BigInteger aka Plaintext with the public key.
+		*
+		* @param plain
+		*            The BigInteger to encrypt
+		* @return The byte[] representation of the encrypted BigInteger (i.e.
+		*         crypted.toByteArray())
+		*/
+        public virtual byte[] Encrypt(
+			BigInteger plain)
+		{
+			// Always return modulus size values 0-padded at the beginning
+			// 0-padding at the beginning is correctly parsed by BigInteger :)
+//			byte[] output = key.Modulus.ToByteArray();
+//			Array.Clear(output, 0, output.Length);
+			byte[] output = new byte[key.Modulus.BitLength / 8 + 1];
+
+			byte[] tmp = key.G.ModPow(plain, key.Modulus).ToByteArray();
+			Array.Copy(tmp, 0, output, output.Length - tmp.Length, tmp.Length);
+			return output;
+		}
+
+		/**
+		* Adds the contents of two encrypted blocks mod sigma
+		*
+		* @param block1
+		*            the first encrypted block
+		* @param block2
+		*            the second encrypted block
+		* @return encrypt((block1 + block2) mod sigma)
+		* @throws InvalidCipherTextException
+		*/
+        public virtual byte[] AddCryptedBlocks(
+			byte[] block1,
+			byte[] block2)
+		{
+			// check for correct blocksize
+			if (forEncryption)
+			{
+				if ((block1.Length > GetOutputBlockSize())
+						|| (block2.Length > GetOutputBlockSize()))
+				{
+					throw new InvalidCipherTextException(
+							"BlockLength too large for simple addition.\n");
+				}
+			}
+			else
+			{
+				if ((block1.Length > GetInputBlockSize())
+						|| (block2.Length > GetInputBlockSize()))
+				{
+					throw new InvalidCipherTextException(
+							"BlockLength too large for simple addition.\n");
+				}
+			}
+
+			// calculate resulting block
+			BigInteger m1Crypt = new BigInteger(1, block1);
+			BigInteger m2Crypt = new BigInteger(1, block2);
+			BigInteger m1m2Crypt = m1Crypt.Multiply(m2Crypt);
+			m1m2Crypt = m1m2Crypt.Mod(key.Modulus);
+
+            //byte[] output = key.Modulus.ToByteArray();
+			//Array.Clear(output, 0, output.Length);
+			byte[] output = new byte[key.Modulus.BitLength / 8 + 1];
+
+			byte[] m1m2CryptBytes = m1m2Crypt.ToByteArray();
+			Array.Copy(m1m2CryptBytes, 0, output,
+				output.Length - m1m2CryptBytes.Length, m1m2CryptBytes.Length);
+
+			return output;
+		}
+
+		/**
+		* Convenience Method for data exchange with the cipher.
+		*
+		* Determines blocksize and splits data to blocksize.
+		*
+		* @param data the data to be processed
+		* @return the data after it went through the NaccacheSternEngine.
+		* @throws InvalidCipherTextException
+		*/
+        public virtual byte[] ProcessData(
+			byte[] data)
+		{
+			if (data.Length > GetInputBlockSize())
+			{
+				int inBlocksize = GetInputBlockSize();
+				int outBlocksize = GetOutputBlockSize();
+				int datapos = 0;
+				int retpos = 0;
+				byte[] retval = new byte[(data.Length / inBlocksize + 1) * outBlocksize];
+				while (datapos < data.Length)
+				{
+					byte[] tmp;
+					if (datapos + inBlocksize < data.Length)
+					{
+						tmp = ProcessBlock(data, datapos, inBlocksize);
+						datapos += inBlocksize;
+					}
+					else
+					{
+						tmp = ProcessBlock(data, datapos, data.Length - datapos);
+						datapos += data.Length - datapos;
+					}
+					if (tmp != null)
+					{
+						tmp.CopyTo(retval, retpos);
+						retpos += tmp.Length;
+					}
+					else
+					{
+						throw new InvalidCipherTextException("cipher returned null");
+					}
+				}
+				byte[] ret = new byte[retpos];
+				Array.Copy(retval, 0, ret, 0, retpos);
+				return ret;
+			}
+			else
+			{
+				return ProcessBlock(data, 0, data.Length);
+			}
+		}
+
+		/**
+		* Computes the integer x that is expressed through the given primes and the
+		* congruences with the chinese remainder theorem (CRT).
+		*
+		* @param congruences
+		*            the congruences c_i
+		* @param primes
+		*            the primes p_i
+		* @return an integer x for that x % p_i == c_i
+		*/
+		private static BigInteger chineseRemainder(IList congruences, IList primes)
+		{
+			BigInteger retval = BigInteger.Zero;
+			BigInteger all = BigInteger.One;
+			for (int i = 0; i < primes.Count; i++)
+			{
+				all = all.Multiply((BigInteger)primes[i]);
+			}
+			for (int i = 0; i < primes.Count; i++)
+			{
+				BigInteger a = (BigInteger)primes[i];
+				BigInteger b = all.Divide(a);
+				BigInteger b2 = b.ModInverse(a);
+				BigInteger tmp = b.Multiply(b2);
+				tmp = tmp.Multiply((BigInteger)congruences[i]);
+				retval = retval.Add(tmp);
+			}
+
+			return retval.Mod(all);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/NoekeonEngine.cs b/bc-sharp-crypto/src/crypto/engines/NoekeonEngine.cs
new file mode 100644
index 0000000..f64be50
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/NoekeonEngine.cs
@@ -0,0 +1,241 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* A Noekeon engine, using direct-key mode.
+	*/
+	public class NoekeonEngine
+		: IBlockCipher
+	{
+		private const int GenericSize = 16; // Block and key size, as well as the amount of rounds.
+
+		private static readonly uint[] nullVector = 
+		{
+			0x00, 0x00, 0x00, 0x00 // Used in decryption
+		};
+
+		private static readonly uint[] roundConstants = 
+		{
+			0x80, 0x1b, 0x36, 0x6c,
+			0xd8, 0xab, 0x4d, 0x9a,
+			0x2f, 0x5e, 0xbc, 0x63,
+			0xc6, 0x97, 0x35, 0x6a,
+			0xd4
+		};
+
+		private uint[]	state = new uint[4], // a
+						subKeys = new uint[4], // k
+						decryptKeys = new uint[4];
+
+		private bool _initialised, _forEncryption;
+
+		/**
+		* Create an instance of the Noekeon encryption algorithm
+		* and set some defaults
+		*/
+		public NoekeonEngine()
+		{
+			_initialised = false;
+		}
+
+		public virtual string AlgorithmName
+		{
+			get { return "Noekeon"; }
+		}
+
+		public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return GenericSize;
+		}
+
+		/**
+		* initialise
+		*
+		* @param forEncryption whether or not we are for encryption.
+		* @param params the parameters required to set up the cipher.
+		* @exception ArgumentException if the params argument is
+		* inappropriate.
+		*/
+		public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (!(parameters is KeyParameter))
+				throw new ArgumentException("Invalid parameters passed to Noekeon init - "
+                    + Platform.GetTypeName(parameters), "parameters");
+
+			_forEncryption = forEncryption;
+			_initialised = true;
+
+			KeyParameter p = (KeyParameter) parameters;
+
+			setKey(p.GetKey());
+		}
+
+		public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if (!_initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, GenericSize, "input buffer too short");
+            Check.OutputLength(output, outOff, GenericSize, "output buffer too short");
+
+            return _forEncryption
+				?	encryptBlock(input, inOff, output, outOff)
+				:	decryptBlock(input, inOff, output, outOff);
+		}
+
+		public virtual void Reset()
+		{
+			// TODO This should do something in case the encryption is aborted
+		}
+
+		/**
+		* Re-key the cipher.
+		*
+		* @param  key  the key to be used
+		*/
+		private void setKey(byte[] key)
+		{
+			subKeys[0] = Pack.BE_To_UInt32(key, 0);
+			subKeys[1] = Pack.BE_To_UInt32(key, 4);
+			subKeys[2] = Pack.BE_To_UInt32(key, 8);
+			subKeys[3] = Pack.BE_To_UInt32(key, 12);
+		}
+
+		private int encryptBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			state[0] = Pack.BE_To_UInt32(input, inOff);
+			state[1] = Pack.BE_To_UInt32(input, inOff+4);
+			state[2] = Pack.BE_To_UInt32(input, inOff+8);
+			state[3] = Pack.BE_To_UInt32(input, inOff+12);
+
+			int i;
+			for (i = 0; i < GenericSize; i++)
+			{
+				state[0] ^= roundConstants[i];
+				theta(state, subKeys);
+				pi1(state);
+				gamma(state);
+				pi2(state);            
+			}
+
+			state[0] ^= roundConstants[i];
+			theta(state, subKeys);
+
+			Pack.UInt32_To_BE(state[0], output, outOff);
+			Pack.UInt32_To_BE(state[1], output, outOff+4);
+			Pack.UInt32_To_BE(state[2], output, outOff+8);
+			Pack.UInt32_To_BE(state[3], output, outOff+12);
+
+			return GenericSize;
+		}
+
+		private int decryptBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			state[0] = Pack.BE_To_UInt32(input, inOff);
+			state[1] = Pack.BE_To_UInt32(input, inOff+4);
+			state[2] = Pack.BE_To_UInt32(input, inOff+8);
+			state[3] = Pack.BE_To_UInt32(input, inOff+12);
+
+			Array.Copy(subKeys, 0, decryptKeys, 0, subKeys.Length);
+			theta(decryptKeys, nullVector);
+
+			int i;
+			for (i = GenericSize; i > 0; i--)
+			{
+				theta(state, decryptKeys);
+				state[0] ^= roundConstants[i];
+				pi1(state);
+				gamma(state);
+				pi2(state);
+			}
+
+			theta(state, decryptKeys);
+			state[0] ^= roundConstants[i];
+
+			Pack.UInt32_To_BE(state[0], output, outOff);
+			Pack.UInt32_To_BE(state[1], output, outOff+4);
+			Pack.UInt32_To_BE(state[2], output, outOff+8);
+			Pack.UInt32_To_BE(state[3], output, outOff+12);
+
+			return GenericSize;
+		}
+
+		private void gamma(uint[] a)
+		{
+			a[1] ^= ~a[3] & ~a[2];
+			a[0] ^= a[2] & a[1];
+
+			uint tmp = a[3];
+			a[3]  = a[0];
+			a[0]  = tmp;
+			a[2] ^= a[0]^a[1]^a[3];
+
+			a[1] ^= ~a[3] & ~a[2];
+			a[0] ^= a[2] & a[1];
+		}
+
+		private void theta(uint[] a, uint[] k)
+		{
+			uint tmp;
+			tmp   = a[0]^a[2]; 
+			tmp  ^= rotl(tmp,8)^rotl(tmp,24); 
+			a[1] ^= tmp; 
+			a[3] ^= tmp; 
+
+			for (int i = 0; i < 4; i++)
+			{
+				a[i] ^= k[i];
+			}
+
+			tmp   = a[1]^a[3]; 
+			tmp  ^= rotl(tmp,8)^rotl(tmp,24); 
+			a[0] ^= tmp; 
+			a[2] ^= tmp;
+		}
+
+		private void pi1(uint[] a)
+		{
+			a[1] = rotl(a[1], 1);
+			a[2] = rotl(a[2], 5);
+			a[3] = rotl(a[3], 2);
+		}
+
+		private void pi2(uint[] a)
+		{
+			a[1] = rotl(a[1], 31);
+			a[2] = rotl(a[2], 27);
+			a[3] = rotl(a[3], 30);
+		}
+
+		// Helpers
+
+		private uint rotl(uint x, int y)
+		{
+			return (x << y) | (x >> (32-y));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/NullEngine.cs b/bc-sharp-crypto/src/crypto/engines/NullEngine.cs
new file mode 100644
index 0000000..f883b7c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/NullEngine.cs
@@ -0,0 +1,69 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* The no-op engine that just copies bytes through, irrespective of whether encrypting and decrypting.
+	* Provided for the sake of completeness.
+	*/
+	public class NullEngine
+		: IBlockCipher
+	{
+		private bool initialised;
+		private const int BlockSize = 1;
+
+		public NullEngine()
+		{
+		}
+
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			// we don't mind any parameters that may come in
+			initialised = true;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Null"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BlockSize;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException("Null engine not initialised");
+
+            Check.DataLength(input, inOff, BlockSize, "input buffer too short");
+            Check.OutputLength(output, outOff, BlockSize, "output buffer too short");
+
+            for (int i = 0; i < BlockSize; ++i)
+			{
+				output[outOff + i] = input[inOff + i];
+			}
+
+			return BlockSize;
+		}
+
+        public virtual void Reset()
+		{
+			// nothing needs to be done
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC2Engine.cs b/bc-sharp-crypto/src/crypto/engines/RC2Engine.cs
new file mode 100644
index 0000000..4aca189
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC2Engine.cs
@@ -0,0 +1,311 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * an implementation of RC2 as described in RFC 2268
+    *      "A Description of the RC2(r) Encryption Algorithm" R. Rivest.
+    */
+    public class RC2Engine
+		: IBlockCipher
+    {
+        //
+        // the values we use for key expansion (based on the digits of PI)
+        //
+        private static readonly byte[] piTable =
+        {
+            (byte)0xd9, (byte)0x78, (byte)0xf9, (byte)0xc4, (byte)0x19, (byte)0xdd, (byte)0xb5, (byte)0xed,
+            (byte)0x28, (byte)0xe9, (byte)0xfd, (byte)0x79, (byte)0x4a, (byte)0xa0, (byte)0xd8, (byte)0x9d,
+            (byte)0xc6, (byte)0x7e, (byte)0x37, (byte)0x83, (byte)0x2b, (byte)0x76, (byte)0x53, (byte)0x8e,
+            (byte)0x62, (byte)0x4c, (byte)0x64, (byte)0x88, (byte)0x44, (byte)0x8b, (byte)0xfb, (byte)0xa2,
+            (byte)0x17, (byte)0x9a, (byte)0x59, (byte)0xf5, (byte)0x87, (byte)0xb3, (byte)0x4f, (byte)0x13,
+            (byte)0x61, (byte)0x45, (byte)0x6d, (byte)0x8d, (byte)0x9, (byte)0x81, (byte)0x7d, (byte)0x32,
+            (byte)0xbd, (byte)0x8f, (byte)0x40, (byte)0xeb, (byte)0x86, (byte)0xb7, (byte)0x7b, (byte)0xb,
+            (byte)0xf0, (byte)0x95, (byte)0x21, (byte)0x22, (byte)0x5c, (byte)0x6b, (byte)0x4e, (byte)0x82,
+            (byte)0x54, (byte)0xd6, (byte)0x65, (byte)0x93, (byte)0xce, (byte)0x60, (byte)0xb2, (byte)0x1c,
+            (byte)0x73, (byte)0x56, (byte)0xc0, (byte)0x14, (byte)0xa7, (byte)0x8c, (byte)0xf1, (byte)0xdc,
+            (byte)0x12, (byte)0x75, (byte)0xca, (byte)0x1f, (byte)0x3b, (byte)0xbe, (byte)0xe4, (byte)0xd1,
+            (byte)0x42, (byte)0x3d, (byte)0xd4, (byte)0x30, (byte)0xa3, (byte)0x3c, (byte)0xb6, (byte)0x26,
+            (byte)0x6f, (byte)0xbf, (byte)0xe, (byte)0xda, (byte)0x46, (byte)0x69, (byte)0x7, (byte)0x57,
+            (byte)0x27, (byte)0xf2, (byte)0x1d, (byte)0x9b, (byte)0xbc, (byte)0x94, (byte)0x43, (byte)0x3,
+            (byte)0xf8, (byte)0x11, (byte)0xc7, (byte)0xf6, (byte)0x90, (byte)0xef, (byte)0x3e, (byte)0xe7,
+            (byte)0x6, (byte)0xc3, (byte)0xd5, (byte)0x2f, (byte)0xc8, (byte)0x66, (byte)0x1e, (byte)0xd7,
+            (byte)0x8, (byte)0xe8, (byte)0xea, (byte)0xde, (byte)0x80, (byte)0x52, (byte)0xee, (byte)0xf7,
+            (byte)0x84, (byte)0xaa, (byte)0x72, (byte)0xac, (byte)0x35, (byte)0x4d, (byte)0x6a, (byte)0x2a,
+            (byte)0x96, (byte)0x1a, (byte)0xd2, (byte)0x71, (byte)0x5a, (byte)0x15, (byte)0x49, (byte)0x74,
+            (byte)0x4b, (byte)0x9f, (byte)0xd0, (byte)0x5e, (byte)0x4, (byte)0x18, (byte)0xa4, (byte)0xec,
+            (byte)0xc2, (byte)0xe0, (byte)0x41, (byte)0x6e, (byte)0xf, (byte)0x51, (byte)0xcb, (byte)0xcc,
+            (byte)0x24, (byte)0x91, (byte)0xaf, (byte)0x50, (byte)0xa1, (byte)0xf4, (byte)0x70, (byte)0x39,
+            (byte)0x99, (byte)0x7c, (byte)0x3a, (byte)0x85, (byte)0x23, (byte)0xb8, (byte)0xb4, (byte)0x7a,
+            (byte)0xfc, (byte)0x2, (byte)0x36, (byte)0x5b, (byte)0x25, (byte)0x55, (byte)0x97, (byte)0x31,
+            (byte)0x2d, (byte)0x5d, (byte)0xfa, (byte)0x98, (byte)0xe3, (byte)0x8a, (byte)0x92, (byte)0xae,
+            (byte)0x5, (byte)0xdf, (byte)0x29, (byte)0x10, (byte)0x67, (byte)0x6c, (byte)0xba, (byte)0xc9,
+            (byte)0xd3, (byte)0x0, (byte)0xe6, (byte)0xcf, (byte)0xe1, (byte)0x9e, (byte)0xa8, (byte)0x2c,
+            (byte)0x63, (byte)0x16, (byte)0x1, (byte)0x3f, (byte)0x58, (byte)0xe2, (byte)0x89, (byte)0xa9,
+            (byte)0xd, (byte)0x38, (byte)0x34, (byte)0x1b, (byte)0xab, (byte)0x33, (byte)0xff, (byte)0xb0,
+            (byte)0xbb, (byte)0x48, (byte)0xc, (byte)0x5f, (byte)0xb9, (byte)0xb1, (byte)0xcd, (byte)0x2e,
+            (byte)0xc5, (byte)0xf3, (byte)0xdb, (byte)0x47, (byte)0xe5, (byte)0xa5, (byte)0x9c, (byte)0x77,
+            (byte)0xa, (byte)0xa6, (byte)0x20, (byte)0x68, (byte)0xfe, (byte)0x7f, (byte)0xc1, (byte)0xad
+        };
+
+        private const int BLOCK_SIZE = 8;
+
+        private int[]   workingKey;
+        private bool encrypting;
+
+        private int[] GenerateWorkingKey(
+            byte[]      key,
+            int         bits)
+        {
+            int     x;
+            int[]   xKey = new int[128];
+
+            for (int i = 0; i != key.Length; i++)
+            {
+                xKey[i] = key[i] & 0xff;
+            }
+
+            // Phase 1: Expand input key to 128 bytes
+            int len = key.Length;
+
+            if (len < 128)
+            {
+                int     index = 0;
+
+                x = xKey[len - 1];
+
+                do
+                {
+                    x = piTable[(x + xKey[index++]) & 255] & 0xff;
+                    xKey[len++] = x;
+                }
+                while (len < 128);
+            }
+
+            // Phase 2 - reduce effective key size to "bits"
+            len = (bits + 7) >> 3;
+            x = piTable[xKey[128 - len] & (255 >> (7 & -bits))] & 0xff;
+            xKey[128 - len] = x;
+
+            for (int i = 128 - len - 1; i >= 0; i--)
+            {
+                    x = piTable[x ^ xKey[i + len]] & 0xff;
+                    xKey[i] = x;
+            }
+
+            // Phase 3 - copy to newKey in little-endian order
+            int[] newKey = new int[64];
+
+            for (int i = 0; i != newKey.Length; i++)
+            {
+                newKey[i] = (xKey[2 * i] + (xKey[2 * i + 1] << 8));
+            }
+
+            return newKey;
+        }
+
+        /**
+        * initialise a RC2 cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            this.encrypting = forEncryption;
+
+			if (parameters is RC2Parameters)
+            {
+                RC2Parameters param = (RC2Parameters) parameters;
+
+				workingKey = GenerateWorkingKey(param.GetKey(), param.EffectiveKeyBits);
+            }
+            else if (parameters is KeyParameter)
+            {
+				KeyParameter param = (KeyParameter) parameters;
+				byte[] key = param.GetKey();
+
+				workingKey = GenerateWorkingKey(key, key.Length * 8);
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameter passed to RC2 init - " + Platform.GetTypeName(parameters));
+            }
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "RC2"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("RC2 engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (encrypting)
+            {
+                EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                DecryptBlock(input, inOff, output, outOff);
+            }
+
+            return BLOCK_SIZE;
+        }
+
+        /**
+        * return the result rotating the 16 bit number in x left by y
+        */
+        private int RotateWordLeft(
+            int x,
+            int y)
+        {
+            x &= 0xffff;
+            return (x << y) | (x >> (16 - y));
+        }
+
+        private void EncryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int x76, x54, x32, x10;
+
+            x76 = ((input[inOff + 7] & 0xff) << 8) + (input[inOff + 6] & 0xff);
+            x54 = ((input[inOff + 5] & 0xff) << 8) + (input[inOff + 4] & 0xff);
+            x32 = ((input[inOff + 3] & 0xff) << 8) + (input[inOff + 2] & 0xff);
+            x10 = ((input[inOff + 1] & 0xff) << 8) + (input[inOff + 0] & 0xff);
+
+            for (int i = 0; i <= 16; i += 4)
+            {
+                    x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                    x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                    x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                    x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+            }
+
+            x10 += workingKey[x76 & 63];
+            x32 += workingKey[x10 & 63];
+            x54 += workingKey[x32 & 63];
+            x76 += workingKey[x54 & 63];
+
+            for (int i = 20; i <= 40; i += 4)
+            {
+                    x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                    x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                    x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                    x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+            }
+
+            x10 += workingKey[x76 & 63];
+            x32 += workingKey[x10 & 63];
+            x54 += workingKey[x32 & 63];
+            x76 += workingKey[x54 & 63];
+
+            for (int i = 44; i < 64; i += 4)
+            {
+                    x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                    x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                    x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                    x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+            }
+
+            outBytes[outOff + 0] = (byte)x10;
+            outBytes[outOff + 1] = (byte)(x10 >> 8);
+            outBytes[outOff + 2] = (byte)x32;
+            outBytes[outOff + 3] = (byte)(x32 >> 8);
+            outBytes[outOff + 4] = (byte)x54;
+            outBytes[outOff + 5] = (byte)(x54 >> 8);
+            outBytes[outOff + 6] = (byte)x76;
+            outBytes[outOff + 7] = (byte)(x76 >> 8);
+        }
+
+        private void DecryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int x76, x54, x32, x10;
+
+            x76 = ((input[inOff + 7] & 0xff) << 8) + (input[inOff + 6] & 0xff);
+            x54 = ((input[inOff + 5] & 0xff) << 8) + (input[inOff + 4] & 0xff);
+            x32 = ((input[inOff + 3] & 0xff) << 8) + (input[inOff + 2] & 0xff);
+            x10 = ((input[inOff + 1] & 0xff) << 8) + (input[inOff + 0] & 0xff);
+
+            for (int i = 60; i >= 44; i -= 4)
+            {
+                x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+                x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+                x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+                x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+            }
+
+            x76 -= workingKey[x54 & 63];
+            x54 -= workingKey[x32 & 63];
+            x32 -= workingKey[x10 & 63];
+            x10 -= workingKey[x76 & 63];
+
+            for (int i = 40; i >= 20; i -= 4)
+            {
+                x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+                x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+                x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+                x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+            }
+
+            x76 -= workingKey[x54 & 63];
+            x54 -= workingKey[x32 & 63];
+            x32 -= workingKey[x10 & 63];
+            x10 -= workingKey[x76 & 63];
+
+            for (int i = 16; i >= 0; i -= 4)
+            {
+                x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+                x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+                x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+                x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+            }
+
+            outBytes[outOff + 0] = (byte)x10;
+            outBytes[outOff + 1] = (byte)(x10 >> 8);
+            outBytes[outOff + 2] = (byte)x32;
+            outBytes[outOff + 3] = (byte)(x32 >> 8);
+            outBytes[outOff + 4] = (byte)x54;
+            outBytes[outOff + 5] = (byte)(x54 >> 8);
+            outBytes[outOff + 6] = (byte)x76;
+            outBytes[outOff + 7] = (byte)(x76 >> 8);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC2WrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/RC2WrapEngine.cs
new file mode 100644
index 0000000..5742aa8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC2WrapEngine.cs
@@ -0,0 +1,370 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	 * Wrap keys according to RFC 3217 - RC2 mechanism
+	 */
+	public class RC2WrapEngine
+		: IWrapper
+	{
+		/** Field engine */
+		private CbcBlockCipher engine;
+
+		/** Field param */
+		private ICipherParameters parameters;
+
+		/** Field paramPlusIV */
+		private ParametersWithIV paramPlusIV;
+
+		/** Field iv */
+		private byte[] iv;
+
+		/** Field forWrapping */
+		private bool forWrapping;
+
+		private SecureRandom sr;
+
+		/** Field IV2           */
+		private static readonly byte[] IV2 =
+		{
+			(byte) 0x4a, (byte) 0xdd, (byte) 0xa2,
+			(byte) 0x2c, (byte) 0x79, (byte) 0xe8,
+			(byte) 0x21, (byte) 0x05
+		};
+
+		//
+		// checksum digest
+		//
+		IDigest sha1 = new Sha1Digest();
+		byte[] digest = new byte[20];
+
+		/**
+			* Method init
+			*
+			* @param forWrapping
+			* @param param
+			*/
+        public virtual void Init(
+			bool				forWrapping,
+			ICipherParameters	parameters)
+		{
+			this.forWrapping = forWrapping;
+			this.engine = new CbcBlockCipher(new RC2Engine());
+
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom pWithR = (ParametersWithRandom)parameters;
+				sr = pWithR.Random;
+				parameters = pWithR.Parameters;
+			}
+			else
+			{
+				sr = new SecureRandom();
+			}
+
+			if (parameters is ParametersWithIV)
+			{
+				if (!forWrapping)
+					throw new ArgumentException("You should not supply an IV for unwrapping");
+
+				this.paramPlusIV = (ParametersWithIV)parameters;
+				this.iv = this.paramPlusIV.GetIV();
+				this.parameters = this.paramPlusIV.Parameters;
+
+				if (this.iv.Length != 8)
+					throw new ArgumentException("IV is not 8 octets");
+			}
+			else
+			{
+				this.parameters = parameters;
+
+				if (this.forWrapping)
+				{
+					// Hm, we have no IV but we want to wrap ?!?
+					// well, then we have to create our own IV.
+					this.iv = new byte[8];
+					sr.NextBytes(iv);
+					this.paramPlusIV = new ParametersWithIV(this.parameters, this.iv);
+				}
+			}
+		}
+
+		/**
+		* Method GetAlgorithmName
+		*
+		* @return
+		*/
+        public virtual string AlgorithmName
+		{
+			get { return "RC2"; }
+		}
+
+		/**
+		* Method wrap
+		*
+		* @param in
+		* @param inOff
+		* @param inLen
+		* @return
+		*/
+        public virtual byte[] Wrap(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (!forWrapping)
+			{
+				throw new InvalidOperationException("Not initialized for wrapping");
+			}
+
+			int len = length + 1;
+			if ((len % 8) != 0)
+			{
+				len += 8 - (len % 8);
+			}
+
+			byte [] keyToBeWrapped = new byte[len];
+
+			keyToBeWrapped[0] = (byte)length;
+			Array.Copy(input, inOff, keyToBeWrapped, 1, length);
+
+			byte[] pad = new byte[keyToBeWrapped.Length - length - 1];
+
+			if (pad.Length > 0)
+			{
+				sr.NextBytes(pad);
+				Array.Copy(pad, 0, keyToBeWrapped, length + 1, pad.Length);
+			}
+
+			// Compute the CMS Key Checksum, (section 5.6.1), call this CKS.
+			byte[] CKS = CalculateCmsKeyChecksum(keyToBeWrapped);
+
+			// Let WKCKS = WK || CKS where || is concatenation.
+			byte[] WKCKS = new byte[keyToBeWrapped.Length + CKS.Length];
+
+			Array.Copy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.Length);
+			Array.Copy(CKS, 0, WKCKS, keyToBeWrapped.Length, CKS.Length);
+
+			// Encrypt WKCKS in CBC mode using KEK as the key and IV as the
+			// initialization vector. Call the results TEMP1.
+			byte [] TEMP1 = new byte[WKCKS.Length];
+
+			Array.Copy(WKCKS, 0, TEMP1, 0, WKCKS.Length);
+
+			int noOfBlocks = WKCKS.Length / engine.GetBlockSize();
+			int extraBytes = WKCKS.Length % engine.GetBlockSize();
+
+			if (extraBytes != 0)
+			{
+				throw new InvalidOperationException("Not multiple of block length");
+			}
+
+			engine.Init(true, paramPlusIV);
+
+			for (int i = 0; i < noOfBlocks; i++)
+			{
+				int currentBytePos = i * engine.GetBlockSize();
+
+				engine.ProcessBlock(TEMP1, currentBytePos, TEMP1, currentBytePos);
+			}
+
+			// Left TEMP2 = IV || TEMP1.
+			byte[] TEMP2 = new byte[this.iv.Length + TEMP1.Length];
+
+			Array.Copy(this.iv, 0, TEMP2, 0, this.iv.Length);
+			Array.Copy(TEMP1, 0, TEMP2, this.iv.Length, TEMP1.Length);
+
+			// Reverse the order of the octets in TEMP2 and call the result TEMP3.
+			byte[] TEMP3 = new byte[TEMP2.Length];
+
+			for (int i = 0; i < TEMP2.Length; i++)
+			{
+				TEMP3[i] = TEMP2[TEMP2.Length - (i + 1)];
+			}
+
+			// Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
+			// of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired
+			// result. It is 40 octets long if a 168 bit key is being wrapped.
+			ParametersWithIV param2 = new ParametersWithIV(this.parameters, IV2);
+
+			this.engine.Init(true, param2);
+
+			for (int i = 0; i < noOfBlocks + 1; i++)
+			{
+				int currentBytePos = i * engine.GetBlockSize();
+
+				engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
+			}
+
+			return TEMP3;
+		}
+
+		/**
+		* Method unwrap
+		*
+		* @param in
+		* @param inOff
+		* @param inLen
+		* @return
+		* @throws InvalidCipherTextException
+		*/
+        public virtual byte[] Unwrap(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			if (forWrapping)
+			{
+				throw new InvalidOperationException("Not set for unwrapping");
+			}
+
+			if (input == null)
+			{
+				throw new InvalidCipherTextException("Null pointer as ciphertext");
+			}
+
+			if (length % engine.GetBlockSize() != 0)
+			{
+				throw new InvalidCipherTextException("Ciphertext not multiple of "
+					+ engine.GetBlockSize());
+			}
+
+			/*
+			// Check if the length of the cipher text is reasonable given the key
+			// type. It must be 40 bytes for a 168 bit key and either 32, 40, or
+			// 48 bytes for a 128, 192, or 256 bit key. If the length is not supported
+			// or inconsistent with the algorithm for which the key is intended,
+			// return error.
+			//
+			// we do not accept 168 bit keys. it has to be 192 bit.
+			int lengthA = (estimatedKeyLengthInBit / 8) + 16;
+			int lengthB = estimatedKeyLengthInBit % 8;
+
+			if ((lengthA != keyToBeUnwrapped.Length) || (lengthB != 0)) {
+				throw new XMLSecurityException("empty");
+			}
+			*/
+
+			// Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK
+			// and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
+			ParametersWithIV param2 = new ParametersWithIV(this.parameters, IV2);
+
+			this.engine.Init(false, param2);
+
+			byte [] TEMP3 = new byte[length];
+
+			Array.Copy(input, inOff, TEMP3, 0, length);
+
+			for (int i = 0; i < (TEMP3.Length / engine.GetBlockSize()); i++)
+			{
+				int currentBytePos = i * engine.GetBlockSize();
+
+				engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
+			}
+
+			// Reverse the order of the octets in TEMP3 and call the result TEMP2.
+			byte[] TEMP2 = new byte[TEMP3.Length];
+
+			for (int i = 0; i < TEMP3.Length; i++)
+			{
+				TEMP2[i] = TEMP3[TEMP3.Length - (i + 1)];
+			}
+
+			// Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets.
+			this.iv = new byte[8];
+
+			byte[] TEMP1 = new byte[TEMP2.Length - 8];
+
+			Array.Copy(TEMP2, 0, this.iv, 0, 8);
+			Array.Copy(TEMP2, 8, TEMP1, 0, TEMP2.Length - 8);
+
+			// Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV
+			// found in the previous step. Call the result WKCKS.
+			this.paramPlusIV = new ParametersWithIV(this.parameters, this.iv);
+
+			this.engine.Init(false, this.paramPlusIV);
+
+			byte[] LCEKPADICV = new byte[TEMP1.Length];
+
+			Array.Copy(TEMP1, 0, LCEKPADICV, 0, TEMP1.Length);
+
+			for (int i = 0; i < (LCEKPADICV.Length / engine.GetBlockSize()); i++)
+			{
+				int currentBytePos = i * engine.GetBlockSize();
+
+				engine.ProcessBlock(LCEKPADICV, currentBytePos, LCEKPADICV, currentBytePos);
+			}
+
+			// Decompose LCEKPADICV. CKS is the last 8 octets and WK, the wrapped key, are
+			// those octets before the CKS.
+			byte[] result = new byte[LCEKPADICV.Length - 8];
+			byte[] CKStoBeVerified = new byte[8];
+
+			Array.Copy(LCEKPADICV, 0, result, 0, LCEKPADICV.Length - 8);
+			Array.Copy(LCEKPADICV, LCEKPADICV.Length - 8, CKStoBeVerified, 0, 8);
+
+			// Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare
+			// with the CKS extracted in the above step. If they are not equal, return error.
+			if (!CheckCmsKeyChecksum(result, CKStoBeVerified))
+			{
+				throw new InvalidCipherTextException(
+					"Checksum inside ciphertext is corrupted");
+			}
+
+			if ((result.Length - ((result[0] & 0xff) + 1)) > 7)
+			{
+				throw new InvalidCipherTextException(
+					"too many pad bytes (" + (result.Length - ((result[0] & 0xff) + 1)) + ")");
+			}
+
+			// CEK is the wrapped key, now extracted for use in data decryption.
+			byte[] CEK = new byte[result[0]];
+			Array.Copy(result, 1, CEK, 0, CEK.Length);
+			return CEK;
+		}
+
+		/**
+		* Some key wrap algorithms make use of the Key Checksum defined
+		* in CMS [CMS-Algorithms]. This is used to provide an integrity
+		* check value for the key being wrapped. The algorithm is
+		*
+		* - Compute the 20 octet SHA-1 hash on the key being wrapped.
+		* - Use the first 8 octets of this hash as the checksum value.
+		*
+		* @param key
+		* @return
+		* @throws Exception
+		* @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
+		*/
+		private byte[] CalculateCmsKeyChecksum(
+			byte[] key)
+		{
+			sha1.BlockUpdate(key, 0, key.Length);
+			sha1.DoFinal(digest, 0);
+
+			byte[] result = new byte[8];
+			Array.Copy(digest, 0, result, 0, 8);
+			return result;
+		}
+
+		/**
+		* @param key
+		* @param checksum
+		* @return
+		* @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
+		*/
+		private bool CheckCmsKeyChecksum(
+			byte[]	key,
+			byte[]	checksum)
+		{
+			return Arrays.ConstantTimeAreEqual(CalculateCmsKeyChecksum(key), checksum);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC4Engine.cs b/bc-sharp-crypto/src/crypto/engines/RC4Engine.cs
new file mode 100644
index 0000000..a515bb0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC4Engine.cs
@@ -0,0 +1,139 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    public class RC4Engine
+		: IStreamCipher
+    {
+        private readonly static int STATE_LENGTH = 256;
+
+        /*
+        * variables to hold the state of the RC4 engine
+        * during encryption and decryption
+        */
+
+        private byte[]	engineState;
+        private int		x;
+        private int		y;
+        private byte[]	workingKey;
+
+        /**
+        * initialise a RC4 cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (parameters is KeyParameter)
+            {
+                /*
+                * RC4 encryption and decryption is completely
+                * symmetrical, so the 'forEncryption' is
+                * irrelevant.
+                */
+                workingKey = ((KeyParameter)parameters).GetKey();
+                SetKey(workingKey);
+
+                return;
+            }
+
+            throw new ArgumentException("invalid parameter passed to RC4 init - " + Platform.GetTypeName(parameters));
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "RC4"; }
+        }
+
+        public virtual byte ReturnByte(
+			byte input)
+        {
+            x = (x + 1) & 0xff;
+            y = (engineState[x] + y) & 0xff;
+
+            // swap
+            byte tmp = engineState[x];
+            engineState[x] = engineState[y];
+            engineState[y] = tmp;
+
+            // xor
+            return (byte)(input ^ engineState[(engineState[x] + engineState[y]) & 0xff]);
+        }
+
+        public virtual void ProcessBytes(
+            byte[]	input,
+            int		inOff,
+            int		length,
+            byte[]	output,
+            int		outOff)
+        {
+            Check.DataLength(input, inOff, length, "input buffer too short");
+            Check.OutputLength(output, outOff, length, "output buffer too short");
+
+            for (int i = 0; i < length ; i++)
+            {
+                x = (x + 1) & 0xff;
+                y = (engineState[x] + y) & 0xff;
+
+                // swap
+                byte tmp = engineState[x];
+                engineState[x] = engineState[y];
+                engineState[y] = tmp;
+
+                // xor
+                output[i+outOff] = (byte)(input[i + inOff]
+                        ^ engineState[(engineState[x] + engineState[y]) & 0xff]);
+            }
+        }
+
+        public virtual void Reset()
+        {
+            SetKey(workingKey);
+        }
+
+        // Private implementation
+
+        private void SetKey(
+			byte[] keyBytes)
+        {
+            workingKey = keyBytes;
+
+            // System.out.println("the key length is ; "+ workingKey.Length);
+
+            x = 0;
+            y = 0;
+
+            if (engineState == null)
+            {
+                engineState = new byte[STATE_LENGTH];
+            }
+
+            // reset the state of the engine
+            for (int i=0; i < STATE_LENGTH; i++)
+            {
+                engineState[i] = (byte)i;
+            }
+
+            int i1 = 0;
+            int i2 = 0;
+
+            for (int i=0; i < STATE_LENGTH; i++)
+            {
+                i2 = ((keyBytes[i1] & 0xff) + engineState[i] + i2) & 0xff;
+                // do the byte-swap inline
+                byte tmp = engineState[i];
+                engineState[i] = engineState[i2];
+                engineState[i2] = tmp;
+                i1 = (i1+1) % keyBytes.Length;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC532Engine.cs b/bc-sharp-crypto/src/crypto/engines/RC532Engine.cs
new file mode 100644
index 0000000..d1c29e6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC532Engine.cs
@@ -0,0 +1,294 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * The specification for RC5 came from the <code>RC5 Encryption Algorithm</code>
+    * publication in RSA CryptoBytes, Spring of 1995.
+    * <em>http://www.rsasecurity.com/rsalabs/cryptobytes</em>.
+    * <p>
+    * This implementation has a word size of 32 bits.</p>
+    */
+    public class RC532Engine
+		: IBlockCipher
+    {
+        /*
+        * the number of rounds to perform
+        */
+        private int _noRounds;
+
+        /*
+        * the expanded key array of size 2*(rounds + 1)
+        */
+        private int [] _S;
+
+        /*
+        * our "magic constants" for 32 32
+        *
+        * Pw = Odd((e-2) * 2^wordsize)
+        * Qw = Odd((o-2) * 2^wordsize)
+        *
+        * where e is the base of natural logarithms (2.718281828...)
+        * and o is the golden ratio (1.61803398...)
+        */
+        private static readonly int P32 = unchecked((int) 0xb7e15163);
+        private static readonly int Q32 = unchecked((int) 0x9e3779b9);
+
+        private bool forEncryption;
+
+        /**
+        * Create an instance of the RC5 encryption algorithm
+        * and set some defaults
+        */
+        public RC532Engine()
+        {
+            _noRounds     = 12;         // the default
+//            _S            = null;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "RC5-32"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+        {
+            return 2 * 4;
+        }
+
+		/**
+        * initialise a RC5-32 cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (typeof(RC5Parameters).IsInstanceOfType(parameters))
+            {
+                RC5Parameters p = (RC5Parameters)parameters;
+
+                _noRounds = p.Rounds;
+
+                SetKey(p.GetKey());
+            }
+            else if (typeof(KeyParameter).IsInstanceOfType(parameters))
+            {
+                KeyParameter p = (KeyParameter)parameters;
+
+                SetKey(p.GetKey());
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameter passed to RC532 init - " + Platform.GetTypeName(parameters));
+            }
+
+            this.forEncryption = forEncryption;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            return (forEncryption)
+				?	EncryptBlock(input, inOff, output, outOff)
+				:	DecryptBlock(input, inOff, output, outOff);
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        /**
+        * Re-key the cipher.
+        *
+        * @param  key  the key to be used
+        */
+        private void SetKey(
+            byte[] key)
+        {
+            //
+            // KEY EXPANSION:
+            //
+            // There are 3 phases to the key expansion.
+            //
+            // Phase 1:
+            //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
+            //   c = ceil(b/u), where u = 32/8 in little-endian order.
+            //   In other words, we fill up L using u consecutive key bytes
+            //   of K. Any unfilled byte positions in L are zeroed. In the
+            //   case that b = c = 0, set c = 1 and L[0] = 0.
+            //
+            int[]   L = new int[(key.Length + (4 - 1)) / 4];
+
+            for (int i = 0; i != key.Length; i++)
+            {
+                L[i / 4] += (key[i] & 0xff) << (8 * (i % 4));
+            }
+
+            //
+            // Phase 2:
+            //   Initialize S to a particular fixed pseudo-random bit pattern
+            //   using an arithmetic progression modulo 2^wordsize determined
+            //   by the magic numbers, Pw & Qw.
+            //
+            _S            = new int[2*(_noRounds + 1)];
+
+            _S[0] = P32;
+            for (int i=1; i < _S.Length; i++)
+            {
+                _S[i] = (_S[i-1] + Q32);
+            }
+
+            //
+            // Phase 3:
+            //   Mix in the user's secret key in 3 passes over the arrays S & L.
+            //   The max of the arrays sizes is used as the loop control
+            //
+            int iter;
+
+            if (L.Length > _S.Length)
+            {
+                iter = 3 * L.Length;
+            }
+            else
+            {
+                iter = 3 * _S.Length;
+            }
+
+            int A = 0, B = 0;
+            int ii = 0, jj = 0;
+
+            for (int k = 0; k < iter; k++)
+            {
+                A = _S[ii] = RotateLeft(_S[ii] + A + B, 3);
+                B =  L[jj] = RotateLeft( L[jj] + A + B, A+B);
+                ii = (ii+1) % _S.Length;
+                jj = (jj+1) %  L.Length;
+            }
+        }
+
+        /**
+        * Encrypt the given block starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param  in     in byte buffer containing data to encrypt
+        * @param  inOff  offset into src buffer
+        * @param  out     out buffer where encrypted data is written
+        * @param  outOff  offset into out buffer
+        */
+        private int EncryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int A = BytesToWord(input, inOff) + _S[0];
+            int B = BytesToWord(input, inOff + 4) + _S[1];
+
+            for (int i = 1; i <= _noRounds; i++)
+            {
+                A = RotateLeft(A ^ B, B) + _S[2*i];
+                B = RotateLeft(B ^ A, A) + _S[2*i+1];
+            }
+
+            WordToBytes(A, outBytes, outOff);
+            WordToBytes(B, outBytes, outOff + 4);
+
+            return 2 * 4;
+        }
+
+        private int DecryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int A = BytesToWord(input, inOff);
+            int B = BytesToWord(input, inOff + 4);
+
+            for (int i = _noRounds; i >= 1; i--)
+            {
+                B = RotateRight(B - _S[2*i+1], A) ^ A;
+                A = RotateRight(A - _S[2*i],   B) ^ B;
+            }
+
+            WordToBytes(A - _S[0], outBytes, outOff);
+            WordToBytes(B - _S[1], outBytes, outOff + 4);
+
+            return 2 * 4;
+        }
+
+
+        //////////////////////////////////////////////////////////////
+        //
+        // PRIVATE Helper Methods
+        //
+        //////////////////////////////////////////////////////////////
+
+        /**
+        * Perform a left "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(32)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param  x  word to rotate
+        * @param  y    number of bits to rotate % 32
+        */
+        private int RotateLeft(int x, int y) {
+            return ((int)  (  (uint) (x << (y & (32-1))) |
+                              ((uint) x >> (32 - (y & (32-1)))) )
+                   );
+        }
+
+        /**
+        * Perform a right "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(32)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param  x  word to rotate
+        * @param  y    number of bits to rotate % 32
+        */
+        private int RotateRight(int x, int y) {
+            return ((int) (     ((uint) x >> (y & (32-1))) |
+                                (uint) (x << (32 - (y & (32-1))))   )
+                   );
+        }
+
+        private int BytesToWord(
+            byte[]  src,
+            int     srcOff)
+        {
+            return (src[srcOff] & 0xff) | ((src[srcOff + 1] & 0xff) << 8)
+                | ((src[srcOff + 2] & 0xff) << 16) | ((src[srcOff + 3] & 0xff) << 24);
+        }
+
+        private void WordToBytes(
+            int    word,
+            byte[]  dst,
+            int     dstOff)
+        {
+            dst[dstOff] = (byte)word;
+            dst[dstOff + 1] = (byte)(word >> 8);
+            dst[dstOff + 2] = (byte)(word >> 16);
+            dst[dstOff + 3] = (byte)(word >> 24);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC564Engine.cs b/bc-sharp-crypto/src/crypto/engines/RC564Engine.cs
new file mode 100644
index 0000000..097fd60
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC564Engine.cs
@@ -0,0 +1,295 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * The specification for RC5 came from the <code>RC5 Encryption Algorithm</code>
+    * publication in RSA CryptoBytes, Spring of 1995.
+    * <em>http://www.rsasecurity.com/rsalabs/cryptobytes</em>.
+    * <p>
+    * This implementation is set to work with a 64 bit word size.</p>
+    */
+    public class RC564Engine
+		: IBlockCipher
+    {
+        private static readonly int wordSize = 64;
+        private static readonly int bytesPerWord = wordSize / 8;
+
+        /*
+        * the number of rounds to perform
+        */
+        private int _noRounds;
+
+        /*
+        * the expanded key array of size 2*(rounds + 1)
+        */
+        private long [] _S;
+
+        /*
+        * our "magic constants" for wordSize 62
+        *
+        * Pw = Odd((e-2) * 2^wordsize)
+        * Qw = Odd((o-2) * 2^wordsize)
+        *
+        * where e is the base of natural logarithms (2.718281828...)
+        * and o is the golden ratio (1.61803398...)
+        */
+        private static readonly long P64 = unchecked( (long) 0xb7e151628aed2a6bL);
+        private static readonly long Q64 = unchecked( (long) 0x9e3779b97f4a7c15L);
+
+        private bool forEncryption;
+
+        /**
+        * Create an instance of the RC5 encryption algorithm
+        * and set some defaults
+        */
+        public RC564Engine()
+        {
+            _noRounds     = 12;
+//            _S            = null;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "RC5-64"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+        {
+            return 2 * bytesPerWord;
+        }
+
+        /**
+        * initialise a RC5-64 cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool             forEncryption,
+            ICipherParameters    parameters)
+        {
+            if (!(typeof(RC5Parameters).IsInstanceOfType(parameters)))
+            {
+                throw new ArgumentException("invalid parameter passed to RC564 init - " + Platform.GetTypeName(parameters));
+            }
+
+            RC5Parameters       p = (RC5Parameters)parameters;
+
+            this.forEncryption = forEncryption;
+
+            _noRounds     = p.Rounds;
+
+            SetKey(p.GetKey());
+        }
+
+        public virtual int ProcessBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  output,
+            int     outOff)
+        {
+            return (forEncryption) ? EncryptBlock(input, inOff, output, outOff)
+                                        : DecryptBlock(input, inOff, output, outOff);
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        /**
+        * Re-key the cipher.
+        *
+        * @param  key  the key to be used
+        */
+        private void SetKey(
+            byte[]      key)
+        {
+            //
+            // KEY EXPANSION:
+            //
+            // There are 3 phases to the key expansion.
+            //
+            // Phase 1:
+            //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
+            //   c = ceil(b/u), where u = wordSize/8 in little-endian order.
+            //   In other words, we fill up L using u consecutive key bytes
+            //   of K. Any unfilled byte positions in L are zeroed. In the
+            //   case that b = c = 0, set c = 1 and L[0] = 0.
+            //
+            long[]   L = new long[(key.Length + (bytesPerWord - 1)) / bytesPerWord];
+
+            for (int i = 0; i != key.Length; i++)
+            {
+                L[i / bytesPerWord] += (long)(key[i] & 0xff) << (8 * (i % bytesPerWord));
+            }
+
+            //
+            // Phase 2:
+            //   Initialize S to a particular fixed pseudo-random bit pattern
+            //   using an arithmetic progression modulo 2^wordsize determined
+            //   by the magic numbers, Pw & Qw.
+            //
+            _S            = new long[2*(_noRounds + 1)];
+
+            _S[0] = P64;
+            for (int i=1; i < _S.Length; i++)
+            {
+                _S[i] = (_S[i-1] + Q64);
+            }
+
+            //
+            // Phase 3:
+            //   Mix in the user's secret key in 3 passes over the arrays S & L.
+            //   The max of the arrays sizes is used as the loop control
+            //
+            int iter;
+
+            if (L.Length > _S.Length)
+            {
+                iter = 3 * L.Length;
+            }
+            else
+            {
+                iter = 3 * _S.Length;
+            }
+
+            long A = 0, B = 0;
+            int ii = 0, jj = 0;
+
+            for (int k = 0; k < iter; k++)
+            {
+                A = _S[ii] = RotateLeft(_S[ii] + A + B, 3);
+                B =  L[jj] = RotateLeft( L[jj] + A + B, A+B);
+                ii = (ii+1) % _S.Length;
+                jj = (jj+1) %  L.Length;
+            }
+        }
+
+        /**
+        * Encrypt the given block starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        *
+        * @param  in      in byte buffer containing data to encrypt
+        * @param  inOff   offset into src buffer
+        * @param  out     out buffer where encrypted data is written
+        * @param  outOff  offset into out buffer
+        */
+        private int EncryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            long A = BytesToWord(input, inOff) + _S[0];
+            long B = BytesToWord(input, inOff + bytesPerWord) + _S[1];
+
+            for (int i = 1; i <= _noRounds; i++)
+            {
+                A = RotateLeft(A ^ B, B) + _S[2*i];
+                B = RotateLeft(B ^ A, A) + _S[2*i+1];
+            }
+
+            WordToBytes(A, outBytes, outOff);
+            WordToBytes(B, outBytes, outOff + bytesPerWord);
+
+            return 2 * bytesPerWord;
+        }
+
+        private int DecryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            long A = BytesToWord(input, inOff);
+            long B = BytesToWord(input, inOff + bytesPerWord);
+
+            for (int i = _noRounds; i >= 1; i--)
+            {
+                B = RotateRight(B - _S[2*i+1], A) ^ A;
+                A = RotateRight(A - _S[2*i],   B) ^ B;
+            }
+
+            WordToBytes(A - _S[0], outBytes, outOff);
+            WordToBytes(B - _S[1], outBytes, outOff + bytesPerWord);
+
+            return 2 * bytesPerWord;
+        }
+
+
+        //////////////////////////////////////////////////////////////
+        //
+        // PRIVATE Helper Methods
+        //
+        //////////////////////////////////////////////////////////////
+
+        /**
+        * Perform a left "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param  x  word to rotate
+        * @param  y    number of bits to rotate % wordSize
+        */
+        private long RotateLeft(long x, long y) {
+            return ((long) (    (ulong) (x << (int) (y & (wordSize-1))) |
+                                ((ulong) x >> (int) (wordSize - (y & (wordSize-1)))))
+                   );
+        }
+
+        /**
+        * Perform a right "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param x word to rotate
+        * @param y number of bits to rotate % wordSize
+        */
+        private long RotateRight(long x, long y) {
+            return ((long) (    ((ulong) x >> (int) (y & (wordSize-1))) |
+                                (ulong) (x << (int) (wordSize - (y & (wordSize-1)))))
+                   );
+        }
+
+        private long BytesToWord(
+            byte[]  src,
+            int     srcOff)
+        {
+            long    word = 0;
+
+            for (int i = bytesPerWord - 1; i >= 0; i--)
+            {
+                word = (word << 8) + (src[i + srcOff] & 0xff);
+            }
+
+            return word;
+        }
+
+        private void WordToBytes(
+            long    word,
+            byte[]  dst,
+            int     dstOff)
+        {
+            for (int i = 0; i < bytesPerWord; i++)
+            {
+                dst[i + dstOff] = (byte)word;
+                word = (long) ((ulong) word >> 8);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RC6Engine.cs b/bc-sharp-crypto/src/crypto/engines/RC6Engine.cs
new file mode 100644
index 0000000..9aeb1e7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RC6Engine.cs
@@ -0,0 +1,361 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * An RC6 engine.
+    */
+    public class RC6Engine
+		: IBlockCipher
+    {
+        private static readonly int wordSize = 32;
+        private static readonly int bytesPerWord = wordSize / 8;
+
+        /*
+        * the number of rounds to perform
+        */
+        private static readonly int _noRounds = 20;
+
+        /*
+        * the expanded key array of size 2*(rounds + 1)
+        */
+        private int [] _S;
+
+        /*
+        * our "magic constants" for wordSize 32
+        *
+        * Pw = Odd((e-2) * 2^wordsize)
+        * Qw = Odd((o-2) * 2^wordsize)
+        *
+        * where e is the base of natural logarithms (2.718281828...)
+        * and o is the golden ratio (1.61803398...)
+        */
+        private static readonly int    P32 = unchecked((int) 0xb7e15163);
+        private static readonly int    Q32 = unchecked((int) 0x9e3779b9);
+
+        private static readonly int    LGW = 5;        // log2(32)
+
+        private bool forEncryption;
+
+        /**
+        * Create an instance of the RC6 encryption algorithm
+        * and set some defaults
+        */
+        public RC6Engine()
+        {
+//            _S            = null;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "RC6"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+        {
+            return 4 * bytesPerWord;
+        }
+
+        /**
+        * initialise a RC5-32 cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+                throw new ArgumentException("invalid parameter passed to RC6 init - " + Platform.GetTypeName(parameters));
+
+            this.forEncryption = forEncryption;
+
+			KeyParameter p = (KeyParameter)parameters;
+			SetKey(p.GetKey());
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+			int blockSize = GetBlockSize();
+			if (_S == null)
+				throw new InvalidOperationException("RC6 engine not initialised");
+
+            Check.DataLength(input, inOff, blockSize, "input buffer too short");
+            Check.OutputLength(output, outOff, blockSize, "output buffer too short");
+
+            return (forEncryption)
+				?	EncryptBlock(input, inOff, output, outOff)
+				:	DecryptBlock(input, inOff, output, outOff);
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        /**
+        * Re-key the cipher.
+        *
+        * @param inKey the key to be used
+        */
+        private void SetKey(
+            byte[] key)
+        {
+            //
+            // KEY EXPANSION:
+            //
+            // There are 3 phases to the key expansion.
+            //
+            // Phase 1:
+            //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
+            //   c = ceil(b/u), where u = wordSize/8 in little-endian order.
+            //   In other words, we fill up L using u consecutive key bytes
+            //   of K. Any unfilled byte positions in L are zeroed. In the
+            //   case that b = c = 0, set c = 1 and L[0] = 0.
+            //
+            // compute number of dwords
+            int c = (key.Length + (bytesPerWord - 1)) / bytesPerWord;
+            if (c == 0)
+            {
+                c = 1;
+            }
+            int[]   L = new int[(key.Length + bytesPerWord - 1) / bytesPerWord];
+
+            // load all key bytes into array of key dwords
+            for (int i = key.Length - 1; i >= 0; i--)
+            {
+                L[i / bytesPerWord] = (L[i / bytesPerWord] << 8) + (key[i] & 0xff);
+            }
+
+            //
+            // Phase 2:
+            //   Key schedule is placed in a array of 2+2*ROUNDS+2 = 44 dwords.
+            //   Initialize S to a particular fixed pseudo-random bit pattern
+            //   using an arithmetic progression modulo 2^wordsize determined
+            //   by the magic numbers, Pw & Qw.
+            //
+            _S            = new int[2+2*_noRounds+2];
+
+            _S[0] = P32;
+            for (int i=1; i < _S.Length; i++)
+            {
+                _S[i] = (_S[i-1] + Q32);
+            }
+
+            //
+            // Phase 3:
+            //   Mix in the user's secret key in 3 passes over the arrays S & L.
+            //   The max of the arrays sizes is used as the loop control
+            //
+            int iter;
+
+            if (L.Length > _S.Length)
+            {
+                iter = 3 * L.Length;
+            }
+            else
+            {
+                iter = 3 * _S.Length;
+            }
+
+            int A = 0;
+            int B = 0;
+            int ii = 0, jj = 0;
+
+            for (int k = 0; k < iter; k++)
+            {
+                A = _S[ii] = RotateLeft(_S[ii] + A + B, 3);
+                B =  L[jj] = RotateLeft( L[jj] + A + B, A+B);
+                ii = (ii+1) % _S.Length;
+                jj = (jj+1) %  L.Length;
+            }
+        }
+
+        private int EncryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            // load A,B,C and D registers from in.
+            int A = BytesToWord(input, inOff);
+            int B = BytesToWord(input, inOff + bytesPerWord);
+            int C = BytesToWord(input, inOff + bytesPerWord*2);
+            int D = BytesToWord(input, inOff + bytesPerWord*3);
+
+            // Do pseudo-round #0: pre-whitening of B and D
+            B += _S[0];
+            D += _S[1];
+
+            // perform round #1,#2 ... #ROUNDS of encryption
+            for (int i = 1; i <= _noRounds; i++)
+            {
+                int t = 0,u = 0;
+
+                t = B*(2*B+1);
+                t = RotateLeft(t,5);
+
+                u = D*(2*D+1);
+                u = RotateLeft(u,5);
+
+                A ^= t;
+                A = RotateLeft(A,u);
+                A += _S[2*i];
+
+                C ^= u;
+                C = RotateLeft(C,t);
+                C += _S[2*i+1];
+
+                int temp = A;
+                A = B;
+                B = C;
+                C = D;
+                D = temp;
+            }
+            // do pseudo-round #(ROUNDS+1) : post-whitening of A and C
+            A += _S[2*_noRounds+2];
+            C += _S[2*_noRounds+3];
+
+            // store A, B, C and D registers to out
+            WordToBytes(A, outBytes, outOff);
+            WordToBytes(B, outBytes, outOff + bytesPerWord);
+            WordToBytes(C, outBytes, outOff + bytesPerWord*2);
+            WordToBytes(D, outBytes, outOff + bytesPerWord*3);
+
+            return 4 * bytesPerWord;
+        }
+
+        private int DecryptBlock(
+            byte[]  input,
+            int     inOff,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            // load A,B,C and D registers from out.
+            int A = BytesToWord(input, inOff);
+            int B = BytesToWord(input, inOff + bytesPerWord);
+            int C = BytesToWord(input, inOff + bytesPerWord*2);
+            int D = BytesToWord(input, inOff + bytesPerWord*3);
+
+            // Undo pseudo-round #(ROUNDS+1) : post whitening of A and C
+            C -= _S[2*_noRounds+3];
+            A -= _S[2*_noRounds+2];
+
+            // Undo round #ROUNDS, .., #2,#1 of encryption
+            for (int i = _noRounds; i >= 1; i--)
+            {
+                int t=0,u = 0;
+
+                int temp = D;
+                D = C;
+                C = B;
+                B = A;
+                A = temp;
+
+                t = B*(2*B+1);
+                t = RotateLeft(t, LGW);
+
+                u = D*(2*D+1);
+                u = RotateLeft(u, LGW);
+
+                C -= _S[2*i+1];
+                C = RotateRight(C,t);
+                C ^= u;
+
+                A -= _S[2*i];
+                A = RotateRight(A,u);
+                A ^= t;
+
+            }
+            // Undo pseudo-round #0: pre-whitening of B and D
+            D -= _S[1];
+            B -= _S[0];
+
+            WordToBytes(A, outBytes, outOff);
+            WordToBytes(B, outBytes, outOff + bytesPerWord);
+            WordToBytes(C, outBytes, outOff + bytesPerWord*2);
+            WordToBytes(D, outBytes, outOff + bytesPerWord*3);
+
+            return 4 * bytesPerWord;
+        }
+
+
+        //////////////////////////////////////////////////////////////
+        //
+        // PRIVATE Helper Methods
+        //
+        //////////////////////////////////////////////////////////////
+
+        /**
+        * Perform a left "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param x word to rotate
+        * @param y number of bits to rotate % wordSize
+        */
+        private int RotateLeft(int x, int y)
+        {
+            return ((int)((uint)(x << (y & (wordSize-1)))
+				| ((uint) x >> (wordSize - (y & (wordSize-1))))));
+        }
+
+        /**
+        * Perform a right "spin" of the word. The rotation of the given
+        * word <em>x</em> is rotated left by <em>y</em> bits.
+        * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
+        * are used to determine the rotation amount. Here it is
+        * assumed that the wordsize used is a power of 2.
+        *
+        * @param x word to rotate
+        * @param y number of bits to rotate % wordSize
+        */
+        private int RotateRight(int x, int y) 
+		{
+            return ((int)(((uint) x >> (y & (wordSize-1)))
+				| (uint)(x << (wordSize - (y & (wordSize-1))))));
+        }
+
+        private int BytesToWord(
+            byte[]	src,
+            int		srcOff)
+        {
+            int word = 0;
+
+            for (int i = bytesPerWord - 1; i >= 0; i--)
+            {
+                word = (word << 8) + (src[i + srcOff] & 0xff);
+            }
+
+            return word;
+        }
+
+        private void WordToBytes(
+            int		word,
+            byte[]	dst,
+            int		dstOff)
+        {
+            for (int i = 0; i < bytesPerWord; i++)
+            {
+                dst[i + dstOff] = (byte)word;
+                word = (int) ((uint) word >> 8);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RFC3211WrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/RFC3211WrapEngine.cs
new file mode 100644
index 0000000..4e3af52
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RFC3211WrapEngine.cs
@@ -0,0 +1,168 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	 * an implementation of the RFC 3211 Key Wrap
+	 * Specification.
+	 */
+	public class Rfc3211WrapEngine
+		: IWrapper
+	{
+		private CbcBlockCipher		engine;
+		private ParametersWithIV	param;
+		private bool				forWrapping;
+		private SecureRandom		rand;
+
+		public Rfc3211WrapEngine(
+			IBlockCipher engine)
+		{
+			this.engine = new CbcBlockCipher(engine);
+		}
+
+        public virtual void Init(
+			bool				forWrapping,
+			ICipherParameters	param)
+		{
+			this.forWrapping = forWrapping;
+
+			if (param is ParametersWithRandom)
+			{
+				ParametersWithRandom p = (ParametersWithRandom) param;
+
+				this.rand = p.Random;
+				this.param = (ParametersWithIV) p.Parameters;
+			}
+			else
+			{
+				if (forWrapping)
+				{
+					rand = new SecureRandom();
+				}
+
+				this.param = (ParametersWithIV) param;
+			}
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return engine.GetUnderlyingCipher().AlgorithmName + "/RFC3211Wrap"; }
+		}
+
+        public virtual byte[] Wrap(
+			byte[]	inBytes,
+			int		inOff,
+			int		inLen)
+		{
+			if (!forWrapping)
+			{
+				throw new InvalidOperationException("not set for wrapping");
+			}
+
+			engine.Init(true, param);
+
+			int blockSize = engine.GetBlockSize();
+			byte[] cekBlock;
+
+			if (inLen + 4 < blockSize * 2)
+			{
+				cekBlock = new byte[blockSize * 2];
+			}
+			else
+			{
+				cekBlock = new byte[(inLen + 4) % blockSize == 0 ? inLen + 4 : ((inLen + 4) / blockSize + 1) * blockSize];
+			}
+
+			cekBlock[0] = (byte)inLen;
+			cekBlock[1] = (byte)~inBytes[inOff];
+			cekBlock[2] = (byte)~inBytes[inOff + 1];
+			cekBlock[3] = (byte)~inBytes[inOff + 2];
+
+			Array.Copy(inBytes, inOff, cekBlock, 4, inLen);
+
+			rand.NextBytes(cekBlock, inLen + 4, cekBlock.Length - inLen - 4);
+
+			for (int i = 0; i < cekBlock.Length; i += blockSize)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);
+			}
+
+			for (int i = 0; i < cekBlock.Length; i += blockSize)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);
+			}
+
+			return cekBlock;
+		}
+
+        public virtual byte[] Unwrap(
+			byte[]	inBytes,
+			int		inOff,
+			int		inLen)
+		{
+			if (forWrapping)
+			{
+				throw new InvalidOperationException("not set for unwrapping");
+			}
+
+			int blockSize = engine.GetBlockSize();
+
+			if (inLen < 2 * blockSize)
+			{
+				throw new InvalidCipherTextException("input too short");
+			}
+
+			byte[] cekBlock = new byte[inLen];
+			byte[] iv = new byte[blockSize];
+
+			Array.Copy(inBytes, inOff, cekBlock, 0, inLen);
+			Array.Copy(inBytes, inOff, iv, 0, iv.Length);
+
+			engine.Init(false, new ParametersWithIV(param.Parameters, iv));
+
+			for (int i = blockSize; i < cekBlock.Length; i += blockSize)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);    
+			}
+
+			Array.Copy(cekBlock, cekBlock.Length - iv.Length, iv, 0, iv.Length);
+
+			engine.Init(false, new ParametersWithIV(param.Parameters, iv));
+
+			engine.ProcessBlock(cekBlock, 0, cekBlock, 0);
+
+			engine.Init(false, param);
+
+			for (int i = 0; i < cekBlock.Length; i += blockSize)
+			{
+				engine.ProcessBlock(cekBlock, i, cekBlock, i);
+			}
+
+			if ((cekBlock[0] & 0xff) > cekBlock.Length - 4)
+			{
+				throw new InvalidCipherTextException("wrapped key corrupted");
+			}
+
+			byte[] key = new byte[cekBlock[0] & 0xff];
+
+			Array.Copy(cekBlock, 4, key, 0, cekBlock[0]);
+
+			// Note: Using constant time comparison
+			int nonEqual = 0;
+			for (int i = 0; i != 3; i++)
+			{
+				byte check = (byte)~cekBlock[1 + i];
+				nonEqual |= (check ^ key[i]);
+			}
+
+			if (nonEqual != 0)
+				throw new InvalidCipherTextException("wrapped key fails checksum");
+
+			return key;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RFC3394WrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/RFC3394WrapEngine.cs
new file mode 100644
index 0000000..4bb0e21
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RFC3394WrapEngine.cs
@@ -0,0 +1,178 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <remarks>
+	/// An implementation of the AES Key Wrapper from the NIST Key Wrap
+	/// Specification as described in RFC 3394.
+	/// <p/>
+	/// For further details see: <a href="http://www.ietf.org/rfc/rfc3394.txt">http://www.ietf.org/rfc/rfc3394.txt</a>
+	/// and  <a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf">http://csrc.nist.gov/encryption/kms/key-wrap.pdf</a>.
+	/// </remarks>
+	public class Rfc3394WrapEngine
+		: IWrapper
+	{
+		private readonly IBlockCipher engine;
+
+		private KeyParameter	param;
+		private bool			forWrapping;
+
+		private byte[] iv =
+		{
+			0xa6, 0xa6, 0xa6, 0xa6,
+			0xa6, 0xa6, 0xa6, 0xa6
+		};
+
+		public Rfc3394WrapEngine(
+			IBlockCipher engine)
+		{
+			this.engine = engine;
+		}
+
+        public virtual void Init(
+			bool				forWrapping,
+			ICipherParameters	parameters)
+		{
+			this.forWrapping = forWrapping;
+
+			if (parameters is ParametersWithRandom)
+			{
+				parameters = ((ParametersWithRandom) parameters).Parameters;
+			}
+
+			if (parameters is KeyParameter)
+			{
+				this.param = (KeyParameter) parameters;
+			}
+			else if (parameters is ParametersWithIV)
+			{
+				ParametersWithIV pIV = (ParametersWithIV) parameters;
+				byte[] iv = pIV.GetIV();
+
+				if (iv.Length != 8)
+					throw new ArgumentException("IV length not equal to 8", "parameters");
+
+				this.iv = iv;
+				this.param = (KeyParameter) pIV.Parameters;
+			}
+			else
+			{
+				// TODO Throw an exception for bad parameters?
+			}
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return engine.AlgorithmName; }
+		}
+
+        public virtual byte[] Wrap(
+			byte[]	input,
+			int		inOff,
+			int		inLen)
+		{
+			if (!forWrapping)
+			{
+				throw new InvalidOperationException("not set for wrapping");
+			}
+
+			int n = inLen / 8;
+
+			if ((n * 8) != inLen)
+			{
+				throw new DataLengthException("wrap data must be a multiple of 8 bytes");
+			}
+
+			byte[] block = new byte[inLen + iv.Length];
+			byte[] buf = new byte[8 + iv.Length];
+
+			Array.Copy(iv, 0, block, 0, iv.Length);
+			Array.Copy(input, inOff, block, iv.Length, inLen);
+
+			engine.Init(true, param);
+
+			for (int j = 0; j != 6; j++)
+			{
+				for (int i = 1; i <= n; i++)
+				{
+					Array.Copy(block, 0, buf, 0, iv.Length);
+					Array.Copy(block, 8 * i, buf, iv.Length, 8);
+					engine.ProcessBlock(buf, 0, buf, 0);
+
+					int t = n * j + i;
+					for (int k = 1; t != 0; k++)
+					{
+						byte v = (byte)t;
+
+						buf[iv.Length - k] ^= v;
+						t = (int) ((uint)t >> 8);
+					}
+
+					Array.Copy(buf, 0, block, 0, 8);
+					Array.Copy(buf, 8, block, 8 * i, 8);
+				}
+			}
+
+			return block;
+		}
+
+        public virtual byte[] Unwrap(
+			byte[]  input,
+			int     inOff,
+			int     inLen)
+		{
+			if (forWrapping)
+			{
+				throw new InvalidOperationException("not set for unwrapping");
+			}
+
+			int n = inLen / 8;
+
+			if ((n * 8) != inLen)
+			{
+				throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes");
+			}
+
+			byte[]  block = new byte[inLen - iv.Length];
+			byte[]  a = new byte[iv.Length];
+			byte[]  buf = new byte[8 + iv.Length];
+
+			Array.Copy(input, inOff, a, 0, iv.Length);
+            Array.Copy(input, inOff + iv.Length, block, 0, inLen - iv.Length);
+
+			engine.Init(false, param);
+
+			n = n - 1;
+
+			for (int j = 5; j >= 0; j--)
+			{
+				for (int i = n; i >= 1; i--)
+				{
+					Array.Copy(a, 0, buf, 0, iv.Length);
+					Array.Copy(block, 8 * (i - 1), buf, iv.Length, 8);
+
+					int t = n * j + i;
+					for (int k = 1; t != 0; k++)
+					{
+						byte v = (byte)t;
+
+						buf[iv.Length - k] ^= v;
+						t = (int) ((uint)t >> 8);
+					}
+
+					engine.ProcessBlock(buf, 0, buf, 0);
+					Array.Copy(buf, 0, a, 0, 8);
+					Array.Copy(buf, 8, block, 8 * (i - 1), 8);
+				}
+			}
+
+			if (!Arrays.ConstantTimeAreEqual(a, iv))
+				throw new InvalidCipherTextException("checksum failed");
+
+			return block;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RSABlindedEngine.cs b/bc-sharp-crypto/src/crypto/engines/RSABlindedEngine.cs
new file mode 100644
index 0000000..f95f145
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RSABlindedEngine.cs
@@ -0,0 +1,128 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+     * this does your basic RSA algorithm with blinding
+     */
+    public class RsaBlindedEngine
+        : IAsymmetricBlockCipher
+    {
+        private readonly RsaCoreEngine core = new RsaCoreEngine();
+        private RsaKeyParameters key;
+        private SecureRandom random;
+
+        public virtual string AlgorithmName
+        {
+            get { return "RSA"; }
+        }
+
+        /**
+         * initialise the RSA engine.
+         *
+         * @param forEncryption true if we are encrypting, false otherwise.
+         * @param param the necessary RSA key parameters.
+         */
+        public virtual void Init(
+            bool forEncryption,
+            ICipherParameters param)
+        {
+            core.Init(forEncryption, param);
+
+            if (param is ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+                key = (RsaKeyParameters)rParam.Parameters;
+                random = rParam.Random;
+            }
+            else
+            {
+                key = (RsaKeyParameters)param;
+                random = new SecureRandom();
+            }
+        }
+
+        /**
+         * Return the maximum size for an input block to this engine.
+         * For RSA this is always one byte less than the key size on
+         * encryption, and the same length as the key size on decryption.
+         *
+         * @return maximum size for an input block.
+         */
+        public virtual int GetInputBlockSize()
+        {
+            return core.GetInputBlockSize();
+        }
+
+        /**
+         * Return the maximum size for an output block to this engine.
+         * For RSA this is always one byte less than the key size on
+         * decryption, and the same length as the key size on encryption.
+         *
+         * @return maximum size for an output block.
+         */
+        public virtual int GetOutputBlockSize()
+        {
+            return core.GetOutputBlockSize();
+        }
+
+        /**
+         * Process a single block using the basic RSA algorithm.
+         *
+         * @param inBuf the input array.
+         * @param inOff the offset into the input buffer where the data starts.
+         * @param inLen the length of the data to be processed.
+         * @return the result of the RSA process.
+         * @exception DataLengthException the input block is too large.
+         */
+        public virtual byte[] ProcessBlock(
+            byte[] inBuf,
+            int inOff,
+            int inLen)
+        {
+            if (key == null)
+                throw new InvalidOperationException("RSA engine not initialised");
+
+            BigInteger input = core.ConvertInput(inBuf, inOff, inLen);
+
+            BigInteger result;
+            if (key is RsaPrivateCrtKeyParameters)
+            {
+                RsaPrivateCrtKeyParameters k = (RsaPrivateCrtKeyParameters)key;
+                BigInteger e = k.PublicExponent;
+                if (e != null)   // can't do blinding without a public exponent
+                {
+                    BigInteger m = k.Modulus;
+                    BigInteger r = BigIntegers.CreateRandomInRange(
+                        BigInteger.One, m.Subtract(BigInteger.One), random);
+
+                    BigInteger blindedInput = r.ModPow(e, m).Multiply(input).Mod(m);
+                    BigInteger blindedResult = core.ProcessBlock(blindedInput);
+
+                    BigInteger rInv = r.ModInverse(m);
+                    result = blindedResult.Multiply(rInv).Mod(m);
+
+                    // defence against Arjen Lenstra�s CRT attack
+                    if (!input.Equals(result.ModPow(e, m)))
+                        throw new InvalidOperationException("RSA engine faulty decryption/signing detected");
+                }
+                else
+                {
+                    result = core.ProcessBlock(input);
+                }
+            }
+            else
+            {
+                result = core.ProcessBlock(input);
+            }
+
+            return core.ConvertOutput(result);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RSABlindingEngine.cs b/bc-sharp-crypto/src/crypto/engines/RSABlindingEngine.cs
new file mode 100644
index 0000000..c636627
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RSABlindingEngine.cs
@@ -0,0 +1,139 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* This does your basic RSA Chaum's blinding and unblinding as outlined in
+	* "Handbook of Applied Cryptography", page 475. You need to use this if you are
+	* trying to get another party to generate signatures without them being aware
+	* of the message they are signing.
+	*/
+	public class RsaBlindingEngine
+		: IAsymmetricBlockCipher
+	{
+		private readonly RsaCoreEngine core = new RsaCoreEngine();
+
+		private RsaKeyParameters key;
+		private BigInteger blindingFactor;
+
+		private bool forEncryption;
+
+        public virtual string AlgorithmName
+		{
+			get { return "RSA"; }
+		}
+
+		/**
+		* Initialise the blinding engine.
+		*
+		* @param forEncryption true if we are encrypting (blinding), false otherwise.
+		* @param param         the necessary RSA key parameters.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	param)
+		{
+			RsaBlindingParameters p;
+
+			if (param is ParametersWithRandom)
+			{
+				ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+				p = (RsaBlindingParameters)rParam.Parameters;
+			}
+			else
+			{
+				p = (RsaBlindingParameters)param;
+			}
+
+			core.Init(forEncryption, p.PublicKey);
+
+			this.forEncryption = forEncryption;
+			this.key = p.PublicKey;
+			this.blindingFactor = p.BlindingFactor;
+		}
+
+		/**
+		* Return the maximum size for an input block to this engine.
+		* For RSA this is always one byte less than the key size on
+		* encryption, and the same length as the key size on decryption.
+		*
+		* @return maximum size for an input block.
+		*/
+        public virtual int GetInputBlockSize()
+		{
+			return core.GetInputBlockSize();
+		}
+
+		/**
+		* Return the maximum size for an output block to this engine.
+		* For RSA this is always one byte less than the key size on
+		* decryption, and the same length as the key size on encryption.
+		*
+		* @return maximum size for an output block.
+		*/
+        public virtual int GetOutputBlockSize()
+		{
+			return core.GetOutputBlockSize();
+		}
+
+		/**
+		* Process a single block using the RSA blinding algorithm.
+		*
+		* @param in    the input array.
+		* @param inOff the offset into the input buffer where the data starts.
+		* @param inLen the length of the data to be processed.
+		* @return the result of the RSA process.
+		* @throws DataLengthException the input block is too large.
+		*/
+        public virtual byte[] ProcessBlock(
+			byte[]	inBuf,
+			int		inOff,
+			int		inLen)
+		{
+			BigInteger msg = core.ConvertInput(inBuf, inOff, inLen);
+
+			if (forEncryption)
+			{
+				msg = BlindMessage(msg);
+			}
+			else
+			{
+				msg = UnblindMessage(msg);
+			}
+
+			return core.ConvertOutput(msg);
+		}
+
+		/*
+		* Blind message with the blind factor.
+		*/
+		private BigInteger BlindMessage(
+			BigInteger msg)
+		{
+			BigInteger blindMsg = blindingFactor;
+			blindMsg = msg.Multiply(blindMsg.ModPow(key.Exponent, key.Modulus));
+			blindMsg = blindMsg.Mod(key.Modulus);
+
+			return blindMsg;
+		}
+
+		/*
+		* Unblind the message blinded with the blind factor.
+		*/
+		private BigInteger UnblindMessage(
+			BigInteger blindedMsg)
+		{
+			BigInteger m = key.Modulus;
+			BigInteger msg = blindedMsg;
+			BigInteger blindFactorInverse = blindingFactor.ModInverse(m);
+			msg = msg.Multiply(blindFactorInverse);
+			msg = msg.Mod(m);
+
+			return msg;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RSACoreEngine.cs b/bc-sharp-crypto/src/crypto/engines/RSACoreEngine.cs
new file mode 100644
index 0000000..fd44e3c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RSACoreEngine.cs
@@ -0,0 +1,156 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* this does your basic RSA algorithm.
+	*/
+	class RsaCoreEngine
+	{
+		private RsaKeyParameters	key;
+		private bool				forEncryption;
+		private int					bitSize;
+
+		/**
+		* initialise the RSA engine.
+		*
+		* @param forEncryption true if we are encrypting, false otherwise.
+		* @param param the necessary RSA key parameters.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithRandom)
+			{
+				parameters = ((ParametersWithRandom) parameters).Parameters;
+			}
+
+			if (!(parameters is RsaKeyParameters))
+				throw new InvalidKeyException("Not an RSA key");
+
+			this.key = (RsaKeyParameters) parameters;
+			this.forEncryption = forEncryption;
+			this.bitSize = key.Modulus.BitLength;
+		}
+
+		/**
+		* Return the maximum size for an input block to this engine.
+		* For RSA this is always one byte less than the key size on
+		* encryption, and the same length as the key size on decryption.
+		*
+		* @return maximum size for an input block.
+		*/
+        public virtual int GetInputBlockSize()
+		{
+			if (forEncryption)
+			{
+				return (bitSize - 1) / 8;
+			}
+
+			return (bitSize + 7) / 8;
+		}
+
+		/**
+		* Return the maximum size for an output block to this engine.
+		* For RSA this is always one byte less than the key size on
+		* decryption, and the same length as the key size on encryption.
+		*
+		* @return maximum size for an output block.
+		*/
+        public virtual int GetOutputBlockSize()
+		{
+			if (forEncryption)
+			{
+				return (bitSize + 7) / 8;
+			}
+
+			return (bitSize - 1) / 8;
+		}
+
+        public virtual BigInteger ConvertInput(
+			byte[]	inBuf,
+			int		inOff,
+			int		inLen)
+		{
+			int maxLength = (bitSize + 7) / 8;
+
+			if (inLen > maxLength)
+				throw new DataLengthException("input too large for RSA cipher.");
+
+			BigInteger input = new BigInteger(1, inBuf, inOff, inLen);
+
+			if (input.CompareTo(key.Modulus) >= 0)
+				throw new DataLengthException("input too large for RSA cipher.");
+
+			return input;
+		}
+
+        public virtual byte[] ConvertOutput(
+			BigInteger result)
+		{
+			byte[] output = result.ToByteArrayUnsigned();
+
+			if (forEncryption)
+			{
+				int outSize = GetOutputBlockSize();
+
+				// TODO To avoid this, create version of BigInteger.ToByteArray that
+				// writes to an existing array
+				if (output.Length < outSize) // have ended up with less bytes than normal, lengthen
+				{
+					byte[] tmp = new byte[outSize];
+					output.CopyTo(tmp, tmp.Length - output.Length);
+					output = tmp;
+				}
+			}
+
+			return output;
+		}
+
+        public virtual BigInteger ProcessBlock(
+			BigInteger input)
+		{
+			if (key is RsaPrivateCrtKeyParameters)
+			{
+				//
+				// we have the extra factors, use the Chinese Remainder Theorem - the author
+				// wishes to express his thanks to Dirk Bonekaemper at rtsffm.com for
+				// advice regarding the expression of this.
+				//
+				RsaPrivateCrtKeyParameters crtKey = (RsaPrivateCrtKeyParameters)key;
+
+				BigInteger p = crtKey.P;
+				BigInteger q = crtKey.Q;
+				BigInteger dP = crtKey.DP;
+				BigInteger dQ = crtKey.DQ;
+				BigInteger qInv = crtKey.QInv;
+
+				BigInteger mP, mQ, h, m;
+
+				// mP = ((input Mod p) ^ dP)) Mod p
+				mP = (input.Remainder(p)).ModPow(dP, p);
+
+				// mQ = ((input Mod q) ^ dQ)) Mod q
+				mQ = (input.Remainder(q)).ModPow(dQ, q);
+
+				// h = qInv * (mP - mQ) Mod p
+				h = mP.Subtract(mQ);
+				h = h.Multiply(qInv);
+				h = h.Mod(p);               // Mod (in Java) returns the positive residual
+
+				// m = h * q + mQ
+				m = h.Multiply(q);
+				m = m.Add(mQ);
+
+				return m;
+			}
+
+			return input.ModPow(key.Exponent, key.Modulus);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RijndaelEngine.cs b/bc-sharp-crypto/src/crypto/engines/RijndaelEngine.cs
new file mode 100644
index 0000000..7025cb5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RijndaelEngine.cs
@@ -0,0 +1,738 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* an implementation of Rijndael, based on the documentation and reference implementation
+	* by Paulo Barreto, Vincent Rijmen, for v2.0 August '99.
+	* <p>
+	* Note: this implementation is based on information prior to readonly NIST publication.
+	* </p>
+	*/
+	public class RijndaelEngine
+		: IBlockCipher
+	{
+		private static readonly int MAXROUNDS = 14;
+
+		private static readonly int MAXKC = (256/4);
+
+		private static readonly byte[] Logtable =
+		{
+			0,    0,    25,   1,    50,   2,    26,   198,
+			75,   199,  27,   104,  51,   238,  223,  3,
+			100,  4,    224,  14,   52,   141,  129,  239,
+			76,   113,  8,    200,  248,  105,  28,   193,
+			125,  194,  29,   181,  249,  185,  39,   106,
+			77,   228,  166,  114,  154,  201,  9,    120,
+			101,  47,   138,  5,    33,   15,   225,  36,
+			18,   240,  130,  69,   53,   147,  218,  142,
+			150,  143,  219,  189,  54,   208,  206,  148,
+			19,   92,   210,  241,  64,   70,   131,  56,
+			102,  221,  253,  48,   191,  6,    139,  98,
+			179,  37,   226,  152,  34,   136,  145,  16,
+			126,  110,  72,   195,  163,  182,  30,   66,
+			58,   107,  40,   84,   250,  133,  61,   186,
+			43,   121,  10,   21,   155,  159,  94,   202,
+			78,   212,  172,  229,  243,  115,  167,  87,
+			175,  88,   168,  80,   244,  234,  214,  116,
+			79,   174,  233,  213,  231,  230,  173,  232,
+			44,   215,  117,  122,  235,  22,   11,   245,
+			89,   203,  95,   176,  156,  169,  81,   160,
+			127,  12,   246,  111,  23,   196,  73,   236,
+			216,  67,   31,   45,   164,  118,  123,  183,
+			204,  187,  62,   90,   251,  96,   177,  134,
+			59,   82,   161,  108,  170,  85,   41,   157,
+			151,  178,  135,  144,  97,   190,  220,  252,
+			188,  149,  207,  205,  55,   63,   91,   209,
+			83,   57,   132,  60,   65,   162,  109,  71,
+			20,   42,   158,  93,   86,   242,  211,  171,
+			68,   17,   146,  217,  35,   32,   46,   137,
+			180,  124,  184,  38,   119,  153,  227,  165,
+			103,  74,   237,  222,  197,  49,   254,  24,
+			13,   99,   140,  128,  192,  247,  112,  7
+		};
+
+		private static readonly byte[] Alogtable =
+		{
+			0,   3,   5,  15,  17,  51,  85, 255,  26,  46, 114, 150, 161, 248,  19,  53,
+			95, 225,  56,  72, 216, 115, 149, 164, 247,   2,   6,  10,  30,  34, 102, 170,
+			229,  52,  92, 228,  55,  89, 235,  38, 106, 190, 217, 112, 144, 171, 230,  49,
+			83, 245,   4,  12,  20,  60,  68, 204,  79, 209, 104, 184, 211, 110, 178, 205,
+			76, 212, 103, 169, 224,  59,  77, 215,  98, 166, 241,   8,  24,  40, 120, 136,
+			131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206,  73, 219, 118, 154,
+			181, 196,  87, 249,  16,  48,  80, 240,  11,  29,  39, 105, 187, 214,  97, 163,
+			254,  25,  43, 125, 135, 146, 173, 236,  47, 113, 147, 174, 233,  32,  96, 160,
+			251,  22,  58,  78, 210, 109, 183, 194,  93, 231,  50,  86, 250,  21,  63,  65,
+			195,  94, 226,  61,  71, 201,  64, 192,  91, 237,  44, 116, 156, 191, 218, 117,
+			159, 186, 213, 100, 172, 239,  42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
+			155, 182, 193,  88, 232,  35, 101, 175, 234,  37, 111, 177, 200,  67, 197,  84,
+			252,  31,  33,  99, 165, 244,   7,   9,  27,  45, 119, 153, 176, 203,  70, 202,
+			69, 207,  74, 222, 121, 139, 134, 145, 168, 227,  62,  66, 198,  81, 243,  14,
+			18,  54,  90, 238,  41, 123, 141, 140, 143, 138, 133, 148, 167, 242,  13,  23,
+			57,  75, 221, 124, 132, 151, 162, 253,  28,  36, 108, 180, 199,  82, 246,   1,
+			3,   5,  15,  17,  51,  85, 255,  26,  46, 114, 150, 161, 248,  19,  53,
+			95, 225,  56,  72, 216, 115, 149, 164, 247,   2,   6,  10,  30,  34, 102, 170,
+			229,  52,  92, 228,  55,  89, 235,  38, 106, 190, 217, 112, 144, 171, 230,  49,
+			83, 245,   4,  12,  20,  60,  68, 204,  79, 209, 104, 184, 211, 110, 178, 205,
+			76, 212, 103, 169, 224,  59,  77, 215,  98, 166, 241,   8,  24,  40, 120, 136,
+			131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206,  73, 219, 118, 154,
+			181, 196,  87, 249,  16,  48,  80, 240,  11,  29,  39, 105, 187, 214,  97, 163,
+			254,  25,  43, 125, 135, 146, 173, 236,  47, 113, 147, 174, 233,  32,  96, 160,
+			251,  22,  58,  78, 210, 109, 183, 194,  93, 231,  50,  86, 250,  21,  63,  65,
+			195,  94, 226,  61,  71, 201,  64, 192,  91, 237,  44, 116, 156, 191, 218, 117,
+			159, 186, 213, 100, 172, 239,  42, 126, 130, 157, 188, 223, 122, 142, 137, 128,
+			155, 182, 193,  88, 232,  35, 101, 175, 234,  37, 111, 177, 200,  67, 197,  84,
+			252,  31,  33,  99, 165, 244,   7,   9,  27,  45, 119, 153, 176, 203,  70, 202,
+			69, 207,  74, 222, 121, 139, 134, 145, 168, 227,  62,  66, 198,  81, 243,  14,
+			18,  54,  90, 238,  41, 123, 141, 140, 143, 138, 133, 148, 167, 242,  13,  23,
+			57,  75, 221, 124, 132, 151, 162, 253,  28,  36, 108, 180, 199,  82, 246,   1,
+		};
+
+		private static readonly byte[] S =
+		{
+			99, 124, 119, 123, 242, 107, 111, 197,  48,   1, 103,  43, 254, 215, 171, 118,
+			202, 130, 201, 125, 250,  89,  71, 240, 173, 212, 162, 175, 156, 164, 114, 192,
+			183, 253, 147,  38,  54,  63, 247, 204,  52, 165, 229, 241, 113, 216,  49,  21,
+			4, 199,  35, 195,  24, 150,   5, 154,   7,  18, 128, 226, 235,  39, 178, 117,
+			9, 131,  44,  26,  27, 110,  90, 160,  82,  59, 214, 179,  41, 227,  47, 132,
+			83, 209,   0, 237,  32, 252, 177,  91, 106, 203, 190,  57,  74,  76,  88, 207,
+			208, 239, 170, 251,  67,  77,  51, 133,  69, 249,   2, 127,  80,  60, 159, 168,
+			81, 163,  64, 143, 146, 157,  56, 245, 188, 182, 218,  33,  16, 255, 243, 210,
+			205,  12,  19, 236,  95, 151,  68,  23, 196, 167, 126,  61, 100,  93,  25, 115,
+			96, 129,  79, 220,  34,  42, 144, 136,  70, 238, 184,  20, 222,  94,  11, 219,
+			224,  50,  58,  10,  73,   6,  36,  92, 194, 211, 172,  98, 145, 149, 228, 121,
+			231, 200,  55, 109, 141, 213,  78, 169, 108,  86, 244, 234, 101, 122, 174,   8,
+			186, 120,  37,  46,  28, 166, 180, 198, 232, 221, 116,  31,  75, 189, 139, 138,
+			112,  62, 181, 102,  72,   3, 246,  14,  97,  53,  87, 185, 134, 193,  29, 158,
+			225, 248, 152,  17, 105, 217, 142, 148, 155,  30, 135, 233, 206,  85,  40, 223,
+			140, 161, 137,  13, 191, 230,  66, 104,  65, 153,  45,  15, 176,  84, 187,  22,
+		};
+
+		private static readonly byte[] Si =
+		{
+			82,   9, 106, 213,  48,  54, 165,  56, 191,  64, 163, 158, 129, 243, 215, 251,
+			124, 227,  57, 130, 155,  47, 255, 135,  52, 142,  67,  68, 196, 222, 233, 203,
+			84, 123, 148,  50, 166, 194,  35,  61, 238,  76, 149,  11,  66, 250, 195,  78,
+			8,  46, 161, 102,  40, 217,  36, 178, 118,  91, 162,  73, 109, 139, 209,  37,
+			114, 248, 246, 100, 134, 104, 152,  22, 212, 164,  92, 204,  93, 101, 182, 146,
+			108, 112,  72,  80, 253, 237, 185, 218,  94,  21,  70,  87, 167, 141, 157, 132,
+			144, 216, 171,   0, 140, 188, 211,  10, 247, 228,  88,   5, 184, 179,  69,   6,
+			208,  44,  30, 143, 202,  63,  15,   2, 193, 175, 189,   3,   1,  19, 138, 107,
+			58, 145,  17,  65,  79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115,
+			150, 172, 116,  34, 231, 173,  53, 133, 226, 249,  55, 232,  28, 117, 223, 110,
+			71, 241,  26, 113,  29,  41, 197, 137, 111, 183,  98,  14, 170,  24, 190,  27,
+			252,  86,  62,  75, 198, 210, 121,  32, 154, 219, 192, 254, 120, 205,  90, 244,
+			31, 221, 168,  51, 136,   7, 199,  49, 177,  18,  16,  89,  39, 128, 236,  95,
+			96,  81, 127, 169,  25, 181,  74,  13,  45, 229, 122, 159, 147, 201, 156, 239,
+			160, 224,  59,  77, 174,  42, 245, 176, 200, 235, 187,  60, 131,  83, 153,  97,
+			23,  43,   4, 126, 186, 119, 214,  38, 225, 105,  20,  99,  85,  33,  12, 125,
+		};
+
+		private static readonly byte[] rcon =
+		{
+			0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+			0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91
+		};
+
+		static readonly byte[][] shifts0 = new byte [][]
+		{
+			new byte[]{ 0, 8, 16, 24 },
+			new byte[]{ 0, 8, 16, 24 },
+			new byte[]{ 0, 8, 16, 24 },
+			new byte[]{ 0, 8, 16, 32 },
+			new byte[]{ 0, 8, 24, 32 }
+		};
+
+		static readonly byte[][] shifts1 =
+		{
+			new byte[]{ 0, 24, 16, 8 },
+			new byte[]{ 0, 32, 24, 16 },
+			new byte[]{ 0, 40, 32, 24 },
+			new byte[]{ 0, 48, 40, 24 },
+			new byte[]{ 0, 56, 40, 32 }
+		};
+
+		/**
+		* multiply two elements of GF(2^m)
+		* needed for MixColumn and InvMixColumn
+		*/
+		private byte Mul0x2(
+			int b)
+		{
+			if (b != 0)
+			{
+				return Alogtable[25 + (Logtable[b] & 0xff)];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		private byte Mul0x3(
+			int b)
+		{
+			if (b != 0)
+			{
+				return Alogtable[1 + (Logtable[b] & 0xff)];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		private byte Mul0x9(
+			int b)
+		{
+			if (b >= 0)
+			{
+				return Alogtable[199 + b];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		private byte Mul0xb(
+			int b)
+		{
+			if (b >= 0)
+			{
+				return Alogtable[104 + b];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		private byte Mul0xd(
+			int b)
+		{
+			if (b >= 0)
+			{
+				return Alogtable[238 + b];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		private byte Mul0xe(
+			int b)
+		{
+			if (b >= 0)
+			{
+				return Alogtable[223 + b];
+			}
+			else
+			{
+				return 0;
+			}
+		}
+
+		/**
+		* xor corresponding text input and round key input bytes
+		*/
+		private void KeyAddition(
+			long[] rk)
+		{
+			A0 ^= rk[0];
+			A1 ^= rk[1];
+			A2 ^= rk[2];
+			A3 ^= rk[3];
+		}
+
+		private long Shift(
+			long	r,
+			int	shift)
+		{
+			//return (((long)((ulong) r >> shift) | (r << (BC - shift)))) & BC_MASK;
+
+			ulong temp = (ulong) r >> shift;
+
+			// NB: This corrects for Mono Bug #79087 (fixed in 1.1.17)
+			if (shift > 31)
+			{
+				temp &= 0xFFFFFFFFUL;
+			}
+
+			return ((long) temp | (r << (BC - shift))) & BC_MASK;
+		}
+
+		/**
+		* Row 0 remains unchanged
+		* The other three rows are shifted a variable amount
+		*/
+		private void ShiftRow(
+			byte[]      shiftsSC)
+		{
+			A1 = Shift(A1, shiftsSC[1]);
+			A2 = Shift(A2, shiftsSC[2]);
+			A3 = Shift(A3, shiftsSC[3]);
+		}
+
+		private long ApplyS(
+			long    r,
+			byte[]  box)
+		{
+			long    res = 0;
+
+			for (int j = 0; j < BC; j += 8)
+			{
+				res |= (long)(box[(int)((r >> j) & 0xff)] & 0xff) << j;
+			}
+
+			return res;
+		}
+
+		/**
+		* Replace every byte of the input by the byte at that place
+		* in the nonlinear S-box
+		*/
+		private void Substitution(
+			byte[]      box)
+		{
+			A0 = ApplyS(A0, box);
+			A1 = ApplyS(A1, box);
+			A2 = ApplyS(A2, box);
+			A3 = ApplyS(A3, box);
+		}
+
+		/**
+		* Mix the bytes of every column in a linear way
+		*/
+		private void MixColumn()
+		{
+			long r0, r1, r2, r3;
+
+			r0 = r1 = r2 = r3 = 0;
+
+			for (int j = 0; j < BC; j += 8)
+			{
+				int a0 = (int)((A0 >> j) & 0xff);
+				int a1 = (int)((A1 >> j) & 0xff);
+				int a2 = (int)((A2 >> j) & 0xff);
+				int a3 = (int)((A3 >> j) & 0xff);
+
+				r0 |= (long)((Mul0x2(a0) ^ Mul0x3(a1) ^ a2 ^ a3) & 0xff) << j;
+
+				r1 |= (long)((Mul0x2(a1) ^ Mul0x3(a2) ^ a3 ^ a0) & 0xff) << j;
+
+				r2 |= (long)((Mul0x2(a2) ^ Mul0x3(a3) ^ a0 ^ a1) & 0xff) << j;
+
+				r3 |= (long)((Mul0x2(a3) ^ Mul0x3(a0) ^ a1 ^ a2) & 0xff) << j;
+			}
+
+			A0 = r0;
+			A1 = r1;
+			A2 = r2;
+			A3 = r3;
+		}
+
+		/**
+		* Mix the bytes of every column in a linear way
+		* This is the opposite operation of Mixcolumn
+		*/
+		private void InvMixColumn()
+		{
+			long r0, r1, r2, r3;
+
+			r0 = r1 = r2 = r3 = 0;
+			for (int j = 0; j < BC; j += 8)
+			{
+				int a0 = (int)((A0 >> j) & 0xff);
+				int a1 = (int)((A1 >> j) & 0xff);
+				int a2 = (int)((A2 >> j) & 0xff);
+				int a3 = (int)((A3 >> j) & 0xff);
+
+				//
+				// pre-lookup the log table
+				//
+				a0 = (a0 != 0) ? (Logtable[a0 & 0xff] & 0xff) : -1;
+				a1 = (a1 != 0) ? (Logtable[a1 & 0xff] & 0xff) : -1;
+				a2 = (a2 != 0) ? (Logtable[a2 & 0xff] & 0xff) : -1;
+				a3 = (a3 != 0) ? (Logtable[a3 & 0xff] & 0xff) : -1;
+
+				r0 |= (long)((Mul0xe(a0) ^ Mul0xb(a1) ^ Mul0xd(a2) ^ Mul0x9(a3)) & 0xff) << j;
+
+				r1 |= (long)((Mul0xe(a1) ^ Mul0xb(a2) ^ Mul0xd(a3) ^ Mul0x9(a0)) & 0xff) << j;
+
+				r2 |= (long)((Mul0xe(a2) ^ Mul0xb(a3) ^ Mul0xd(a0) ^ Mul0x9(a1)) & 0xff) << j;
+
+				r3 |= (long)((Mul0xe(a3) ^ Mul0xb(a0) ^ Mul0xd(a1) ^ Mul0x9(a2)) & 0xff) << j;
+			}
+
+			A0 = r0;
+			A1 = r1;
+			A2 = r2;
+			A3 = r3;
+		}
+
+		/**
+		* Calculate the necessary round keys
+		* The number of calculations depends on keyBits and blockBits
+		*/
+		private long[][] GenerateWorkingKey(
+			byte[]      key)
+		{
+			int         KC;
+			int         t, rconpointer = 0;
+			int         keyBits = key.Length * 8;
+			byte[,]    tk = new byte[4,MAXKC];
+			//long[,]    W = new long[MAXROUNDS+1,4];
+			long[][]    W = new long[MAXROUNDS+1][];
+
+			for (int i = 0; i < MAXROUNDS+1; i++) W[i] = new long[4];
+
+			switch (keyBits)
+			{
+				case 128:
+					KC = 4;
+					break;
+				case 160:
+					KC = 5;
+					break;
+				case 192:
+					KC = 6;
+					break;
+				case 224:
+					KC = 7;
+					break;
+				case 256:
+					KC = 8;
+					break;
+				default :
+					throw new ArgumentException("Key length not 128/160/192/224/256 bits.");
+			}
+
+			if (keyBits >= blockBits)
+			{
+				ROUNDS = KC + 6;
+			}
+			else
+			{
+				ROUNDS = (BC / 8) + 6;
+			}
+
+			//
+			// copy the key into the processing area
+			//
+			int index = 0;
+
+			for (int i = 0; i < key.Length; i++)
+			{
+				tk[i % 4,i / 4] = key[index++];
+			}
+
+			t = 0;
+
+			//
+			// copy values into round key array
+			//
+			for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC / 8)); j++, t++)
+			{
+				for (int i = 0; i < 4; i++)
+				{
+					W[t / (BC / 8)][i] |= (long)(tk[i,j] & 0xff) << ((t * 8) % BC);
+				}
+			}
+
+			//
+			// while not enough round key material calculated
+			// calculate new values
+			//
+			while (t < (ROUNDS+1)*(BC/8))
+			{
+				for (int i = 0; i < 4; i++)
+				{
+					tk[i,0] ^= S[tk[(i+1)%4,KC-1] & 0xff];
+				}
+				tk[0,0] ^= (byte) rcon[rconpointer++];
+
+				if (KC <= 6)
+				{
+					for (int j = 1; j < KC; j++)
+					{
+						for (int i = 0; i < 4; i++)
+						{
+							tk[i,j] ^= tk[i,j-1];
+						}
+					}
+				}
+				else
+				{
+					for (int j = 1; j < 4; j++)
+					{
+						for (int i = 0; i < 4; i++)
+						{
+							tk[i,j] ^= tk[i,j-1];
+						}
+					}
+					for (int i = 0; i < 4; i++)
+					{
+						tk[i,4] ^= S[tk[i,3] & 0xff];
+					}
+					for (int j = 5; j < KC; j++)
+					{
+						for (int i = 0; i < 4; i++)
+						{
+							tk[i,j] ^= tk[i,j-1];
+						}
+					}
+				}
+
+				//
+				// copy values into round key array
+				//
+				for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC/8)); j++, t++)
+				{
+					for (int i = 0; i < 4; i++)
+					{
+						W[t / (BC/8)][i] |= (long)(tk[i,j] & 0xff) << ((t * 8) % (BC));
+					}
+				}
+			}
+			return W;
+		}
+
+		private int         BC;
+		private long        BC_MASK;
+		private int         ROUNDS;
+		private int         blockBits;
+		private long[][]    workingKey;
+		private long        A0, A1, A2, A3;
+		private bool     forEncryption;
+		private byte[]      shifts0SC;
+		private byte[]      shifts1SC;
+
+		/**
+		* default constructor - 128 bit block size.
+		*/
+		public RijndaelEngine() : this(128) {}
+
+		/**
+		* basic constructor - set the cipher up for a given blocksize
+		*
+		* @param blocksize the blocksize in bits, must be 128, 192, or 256.
+		*/
+		public RijndaelEngine(
+			int blockBits)
+		{
+			switch (blockBits)
+			{
+				case 128:
+					BC = 32;
+					BC_MASK = 0xffffffffL;
+					shifts0SC = shifts0[0];
+					shifts1SC = shifts1[0];
+					break;
+				case 160:
+					BC = 40;
+					BC_MASK = 0xffffffffffL;
+					shifts0SC = shifts0[1];
+					shifts1SC = shifts1[1];
+					break;
+				case 192:
+					BC = 48;
+					BC_MASK = 0xffffffffffffL;
+					shifts0SC = shifts0[2];
+					shifts1SC = shifts1[2];
+					break;
+				case 224:
+					BC = 56;
+					BC_MASK = 0xffffffffffffffL;
+					shifts0SC = shifts0[3];
+					shifts1SC = shifts1[3];
+					break;
+				case 256:
+					BC = 64;
+					BC_MASK = unchecked( (long)0xffffffffffffffffL);
+					shifts0SC = shifts0[4];
+					shifts1SC = shifts1[4];
+					break;
+				default:
+					throw new ArgumentException("unknown blocksize to Rijndael");
+			}
+
+			this.blockBits = blockBits;
+		}
+
+		/**
+		* initialise a Rijndael cipher.
+		*
+		* @param forEncryption whether or not we are for encryption.
+		* @param parameters the parameters required to set up the cipher.
+		* @exception ArgumentException if the parameters argument is
+		* inappropriate.
+		*/
+        public virtual void Init(
+			bool           forEncryption,
+			ICipherParameters  parameters)
+		{
+			if (typeof(KeyParameter).IsInstanceOfType(parameters))
+			{
+				workingKey = GenerateWorkingKey(((KeyParameter)parameters).GetKey());
+				this.forEncryption = forEncryption;
+				return;
+			}
+
+			throw new ArgumentException("invalid parameter passed to Rijndael init - " + Platform.GetTypeName(parameters));
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Rijndael"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BC / 2;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if (workingKey == null)
+				throw new InvalidOperationException("Rijndael engine not initialised");
+
+            Check.DataLength(input, inOff, (BC / 2), "input buffer too short");
+            Check.OutputLength(output, outOff, (BC / 2), "output buffer too short");
+
+            UnPackBlock(input, inOff);
+
+			if (forEncryption)
+			{
+				EncryptBlock(workingKey);
+			}
+			else
+			{
+				DecryptBlock(workingKey);
+			}
+
+			PackBlock(output, outOff);
+
+			return BC / 2;
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+		private void UnPackBlock(
+			byte[]      bytes,
+			int         off)
+		{
+			int     index = off;
+
+			A0 = (long)(bytes[index++] & 0xff);
+			A1 = (long)(bytes[index++] & 0xff);
+			A2 = (long)(bytes[index++] & 0xff);
+			A3 = (long)(bytes[index++] & 0xff);
+
+			for (int j = 8; j != BC; j += 8)
+			{
+				A0 |= (long)(bytes[index++] & 0xff) << j;
+				A1 |= (long)(bytes[index++] & 0xff) << j;
+				A2 |= (long)(bytes[index++] & 0xff) << j;
+				A3 |= (long)(bytes[index++] & 0xff) << j;
+			}
+		}
+
+		private  void PackBlock(
+			byte[]      bytes,
+			int         off)
+		{
+			int     index = off;
+
+			for (int j = 0; j != BC; j += 8)
+			{
+				bytes[index++] = (byte)(A0 >> j);
+				bytes[index++] = (byte)(A1 >> j);
+				bytes[index++] = (byte)(A2 >> j);
+				bytes[index++] = (byte)(A3 >> j);
+			}
+		}
+
+		private  void EncryptBlock(
+			long[][] rk)
+		{
+			int r;
+
+			//
+			// begin with a key addition
+			//
+			KeyAddition(rk[0]);
+
+			//
+			// ROUNDS-1 ordinary rounds
+			//
+			for (r = 1; r < ROUNDS; r++)
+			{
+				Substitution(S);
+				ShiftRow(shifts0SC);
+				MixColumn();
+				KeyAddition(rk[r]);
+			}
+
+			//
+			// Last round is special: there is no MixColumn
+			//
+			Substitution(S);
+			ShiftRow(shifts0SC);
+			KeyAddition(rk[ROUNDS]);
+		}
+
+		private void DecryptBlock(
+			long[][] rk)
+		{
+			int r;
+
+			// To decrypt: apply the inverse operations of the encrypt routine,
+			//             in opposite order
+			//
+			// (KeyAddition is an involution: it 's equal to its inverse)
+			// (the inverse of Substitution with table S is Substitution with the inverse table of S)
+			// (the inverse of Shiftrow is Shiftrow over a suitable distance)
+			//
+
+			// First the special round:
+			//   without InvMixColumn
+			//   with extra KeyAddition
+			//
+			KeyAddition(rk[ROUNDS]);
+			Substitution(Si);
+			ShiftRow(shifts1SC);
+
+			//
+			// ROUNDS-1 ordinary rounds
+			//
+			for (r = ROUNDS-1; r > 0; r--)
+			{
+				KeyAddition(rk[r]);
+				InvMixColumn();
+				Substitution(Si);
+				ShiftRow(shifts1SC);
+			}
+
+			//
+			// End with the extra key addition
+			//
+			KeyAddition(rk[0]);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/RsaEngine.cs b/bc-sharp-crypto/src/crypto/engines/RsaEngine.cs
new file mode 100644
index 0000000..4399b44
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/RsaEngine.cs
@@ -0,0 +1,78 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * this does your basic RSA algorithm.
+    */
+    public class RsaEngine
+		: IAsymmetricBlockCipher
+    {
+		private RsaCoreEngine core;
+
+        public virtual string AlgorithmName
+        {
+            get { return "RSA"; }
+        }
+
+		/**
+        * initialise the RSA engine.
+        *
+        * @param forEncryption true if we are encrypting, false otherwise.
+        * @param param the necessary RSA key parameters.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+			if (core == null)
+				core = new RsaCoreEngine();
+
+			core.Init(forEncryption, parameters);
+		}
+
+		/**
+        * Return the maximum size for an input block to this engine.
+        * For RSA this is always one byte less than the key size on
+        * encryption, and the same length as the key size on decryption.
+        *
+        * @return maximum size for an input block.
+        */
+        public virtual int GetInputBlockSize()
+        {
+			return core.GetInputBlockSize();
+        }
+
+		/**
+        * Return the maximum size for an output block to this engine.
+        * For RSA this is always one byte less than the key size on
+        * decryption, and the same length as the key size on encryption.
+        *
+        * @return maximum size for an output block.
+        */
+        public virtual int GetOutputBlockSize()
+        {
+			return core.GetOutputBlockSize();
+        }
+
+		/**
+        * Process a single block using the basic RSA algorithm.
+        *
+        * @param inBuf the input array.
+        * @param inOff the offset into the input buffer where the data starts.
+        * @param inLen the length of the data to be processed.
+        * @return the result of the RSA process.
+        * @exception DataLengthException the input block is too large.
+        */
+        public virtual byte[] ProcessBlock(
+            byte[]	inBuf,
+            int		inOff,
+            int		inLen)
+        {
+			if (core == null)
+				throw new InvalidOperationException("RSA engine not initialised");
+
+			return core.ConvertOutput(core.ProcessBlock(core.ConvertInput(inBuf, inOff, inLen)));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/SEEDEngine.cs b/bc-sharp-crypto/src/crypto/engines/SEEDEngine.cs
new file mode 100644
index 0000000..f615b84
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/SEEDEngine.cs
@@ -0,0 +1,360 @@
+using System;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* Implementation of the SEED algorithm as described in RFC 4009
+	*/
+	public class SeedEngine
+		: IBlockCipher
+	{
+		private const int BlockSize = 16;
+
+		private static readonly uint[] SS0 =
+		{
+			0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
+			0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
+			0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
+			0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
+			0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
+			0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
+			0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
+			0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
+			0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
+			0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
+			0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
+			0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
+			0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
+			0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
+			0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
+			0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
+			0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
+			0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
+			0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038,
+			0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
+			0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
+			0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
+			0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
+			0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
+			0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
+			0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
+			0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
+			0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
+			0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
+			0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
+			0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330,
+			0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
+		};
+
+		private static readonly uint[] SS1 =
+		{
+			0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
+			0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
+			0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
+			0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
+			0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
+			0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
+			0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
+			0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
+			0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
+			0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
+			0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
+			0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
+			0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
+			0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171,
+			0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
+			0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
+			0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
+			0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
+			0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
+			0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
+			0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
+			0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
+			0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
+			0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
+			0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
+			0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
+			0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
+			0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
+			0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
+			0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
+			0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
+			0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
+		};
+
+		private static readonly uint[] SS2 =
+		{
+
+			0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
+			0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
+			0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
+			0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
+			0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
+			0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
+			0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
+			0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
+			0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
+			0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
+			0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
+			0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
+			0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
+			0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
+			0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
+			0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
+			0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
+			0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
+			0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808,
+			0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
+			0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
+			0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
+			0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
+			0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
+			0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
+			0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
+			0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
+			0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
+			0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
+			0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
+			0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303,
+			0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
+		};
+
+		private static readonly uint[] SS3 =
+		{
+
+			0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
+			0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
+			0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
+			0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
+			0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
+			0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
+			0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
+			0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
+			0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
+			0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
+			0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
+			0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
+			0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
+			0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031,
+			0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
+			0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
+			0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
+			0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
+			0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
+			0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
+			0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
+			0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
+			0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
+			0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
+			0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
+			0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
+			0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
+			0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
+			0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
+			0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
+			0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
+			0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
+		};
+
+		private static readonly uint[] KC =
+		{
+			0x9e3779b9, 0x3c6ef373, 0x78dde6e6, 0xf1bbcdcc,
+			0xe3779b99, 0xc6ef3733, 0x8dde6e67, 0x1bbcdccf,
+			0x3779b99e, 0x6ef3733c, 0xdde6e678, 0xbbcdccf1,
+			0x779b99e3, 0xef3733c6, 0xde6e678d, 0xbcdccf1b
+		};
+
+		private int[] wKey;
+		private bool forEncryption;
+
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+			wKey = createWorkingKey(((KeyParameter)parameters).GetKey());
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "SEED"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return BlockSize;
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	inBuf,
+			int		inOff,
+			byte[]	outBuf,
+			int		outOff)
+		{
+			if (wKey == null)
+				throw new InvalidOperationException("SEED engine not initialised");
+
+            Check.DataLength(inBuf, inOff, BlockSize, "input buffer too short");
+            Check.OutputLength(outBuf, outOff, BlockSize, "output buffer too short");
+
+            long l = bytesToLong(inBuf, inOff + 0);
+			long r = bytesToLong(inBuf, inOff + 8);
+
+			if (forEncryption)
+			{
+				for (int i = 0; i < 16; i++)
+				{
+					long nl = r;
+
+					r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r);
+					l = nl;
+				}
+			}
+			else
+			{
+				for (int i = 15; i >= 0; i--)
+				{
+					long nl = r;
+
+					r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r);
+					l = nl;
+				}
+			}
+
+			longToBytes(outBuf, outOff + 0, r);
+			longToBytes(outBuf, outOff + 8, l);
+
+			return BlockSize;
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+		private int[] createWorkingKey(
+			byte[] inKey)
+		{
+			int[] key = new int[32];
+			long lower = bytesToLong(inKey, 0);
+			long upper = bytesToLong(inKey, 8);
+
+			int key0 = extractW0(lower);
+			int key1 = extractW1(lower);
+			int key2 = extractW0(upper);
+			int key3 = extractW1(upper);
+
+			for (int i = 0; i < 16; i++)
+			{
+				key[2 * i] = G(key0 + key2 - (int)KC[i]);
+				key[2 * i + 1] = G(key1 - key3 + (int)KC[i]);
+
+				if (i % 2 == 0)
+				{
+					lower = rotateRight8(lower);
+					key0 = extractW0(lower);
+					key1 = extractW1(lower);
+				}
+				else
+				{
+					upper = rotateLeft8(upper);
+					key2 = extractW0(upper);
+					key3 = extractW1(upper);
+				}
+			}
+
+			return key;
+		}
+
+		private int extractW1(
+			long lVal)
+		{
+			return (int)lVal;
+		}
+
+		private int extractW0(
+			long lVal)
+		{
+			return (int)(lVal >> 32);
+		}
+
+		private long rotateLeft8(
+			long x)
+		{
+			return (x << 8) | ((long)((ulong) x >> 56));
+		}
+
+		private long rotateRight8(
+			long x)
+		{
+			return ((long)((ulong) x >> 8)) | (x << 56);
+		}
+
+		private long bytesToLong(
+			byte[]	src,
+			int		srcOff)
+		{
+			long word = 0;
+
+			for (int i = 0; i <= 7; i++)
+			{
+				word = (word << 8) + (src[i + srcOff] & 0xff);
+			}
+
+			return word;
+		}
+
+		private void longToBytes(
+			byte[]	dest,
+			int		destOff,
+			long	value)
+		{
+			for (int i = 0; i < 8; i++)
+			{
+				dest[i + destOff] = (byte)(value >> ((7 - i) * 8));
+			}
+		}
+
+		private int G(
+			int x)
+		{
+			return (int)(SS0[x & 0xff] ^ SS1[(x >> 8) & 0xff] ^ SS2[(x >> 16) & 0xff] ^ SS3[(x >> 24) & 0xff]);
+		}
+
+		private long F(
+			int		ki0,
+			int		ki1,
+			long	r)
+		{
+			int r0 = (int)(r >> 32);
+			int r1 = (int)r;
+			int rd1 = phaseCalc2(r0, ki0, r1, ki1);
+			int rd0 = rd1 + phaseCalc1(r0, ki0, r1, ki1);
+
+			return ((long)rd0 << 32) | (rd1 & 0xffffffffL);
+		}
+
+		private int phaseCalc1(
+			int	r0,
+			int	ki0,
+			int	r1,
+			int	ki1)
+		{
+			return G(G((r0 ^ ki0) ^ (r1 ^ ki1)) + (r0 ^ ki0));
+		}
+
+		private int phaseCalc2(
+			int	r0,
+			int	ki0,
+			int	r1,
+			int	ki1)
+		{
+			return G(phaseCalc1(r0, ki0, r1, ki1) + G((r0 ^ ki0) ^ (r1 ^ ki1)));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/SEEDWrapEngine.cs b/bc-sharp-crypto/src/crypto/engines/SEEDWrapEngine.cs
new file mode 100644
index 0000000..6b71f94
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/SEEDWrapEngine.cs
@@ -0,0 +1,16 @@
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <remarks>
+	/// An implementation of the SEED key wrapper based on RFC 4010/RFC 3394.
+	/// <p/>
+	/// For further details see: <a href="http://www.ietf.org/rfc/rfc4010.txt">http://www.ietf.org/rfc/rfc4010.txt</a>.
+	/// </remarks>
+	public class SeedWrapEngine
+		: Rfc3394WrapEngine
+	{
+		public SeedWrapEngine()
+			: base(new SeedEngine())
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/Salsa20Engine.cs b/bc-sharp-crypto/src/crypto/engines/Salsa20Engine.cs
new file mode 100644
index 0000000..182eacd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/Salsa20Engine.cs
@@ -0,0 +1,362 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <summary>
+	/// Implementation of Daniel J. Bernstein's Salsa20 stream cipher, Snuffle 2005
+	/// </summary>
+	public class Salsa20Engine
+		: IStreamCipher
+	{
+		public static readonly int DEFAULT_ROUNDS = 20;
+
+		/** Constants */
+		private const int StateSize = 16; // 16, 32 bit ints = 64 bytes
+
+        private readonly static uint[] TAU_SIGMA = Pack.LE_To_UInt32(Strings.ToAsciiByteArray("expand 16-byte k" + "expand 32-byte k"), 0, 8);
+
+        internal void PackTauOrSigma(int keyLength, uint[] state, int stateOffset)
+        {
+            int tsOff = (keyLength - 16) / 4;
+            state[stateOffset] = TAU_SIGMA[tsOff];
+            state[stateOffset + 1] = TAU_SIGMA[tsOff + 1];
+            state[stateOffset + 2] = TAU_SIGMA[tsOff + 2];
+            state[stateOffset + 3] = TAU_SIGMA[tsOff + 3];
+        }
+
+        [Obsolete]
+        protected readonly static byte[]
+			sigma = Strings.ToAsciiByteArray("expand 32-byte k"),
+			tau = Strings.ToAsciiByteArray("expand 16-byte k");
+
+		protected int rounds;
+
+		/*
+		 * variables to hold the state of the engine
+		 * during encryption and decryption
+		 */
+		private int		 index = 0;
+		internal uint[] engineState = new uint[StateSize]; // state
+		internal uint[] x = new uint[StateSize]; // internal buffer
+		private byte[]	 keyStream = new byte[StateSize * 4]; // expanded state, 64 bytes
+		private bool	 initialised = false;
+
+		/*
+		 * internal counter
+		 */
+		private uint cW0, cW1, cW2;
+
+		/// <summary>
+		/// Creates a 20 round Salsa20 engine.
+		/// </summary>
+		public Salsa20Engine()
+			: this(DEFAULT_ROUNDS)
+		{
+		}
+
+		/// <summary>
+		/// Creates a Salsa20 engine with a specific number of rounds.
+		/// </summary>
+		/// <param name="rounds">the number of rounds (must be an even number).</param>
+		public Salsa20Engine(int rounds)
+		{
+			if (rounds <= 0 || (rounds & 1) != 0)
+			{
+				throw new ArgumentException("'rounds' must be a positive, even number");
+			}
+
+			this.rounds = rounds;
+		}
+
+        public virtual void Init(
+			bool				forEncryption, 
+			ICipherParameters	parameters)
+		{
+			/* 
+			 * Salsa20 encryption and decryption is completely
+			 * symmetrical, so the 'forEncryption' is 
+			 * irrelevant. (Like 90% of stream ciphers)
+			 */
+
+			ParametersWithIV ivParams = parameters as ParametersWithIV;
+			if (ivParams == null)
+				throw new ArgumentException(AlgorithmName + " Init requires an IV", "parameters");
+
+			byte[] iv = ivParams.GetIV();
+			if (iv == null || iv.Length != NonceSize)
+				throw new ArgumentException(AlgorithmName + " requires exactly " + NonceSize + " bytes of IV");
+
+            ICipherParameters keyParam = ivParams.Parameters;
+            if (keyParam == null)
+            {
+                if (!initialised)
+                    throw new InvalidOperationException(AlgorithmName + " KeyParameter can not be null for first initialisation");
+
+                SetKey(null, iv);
+            }
+            else if (keyParam is KeyParameter)
+            {
+                SetKey(((KeyParameter)keyParam).GetKey(), iv);
+            }
+            else
+            {
+                throw new ArgumentException(AlgorithmName + " Init parameters must contain a KeyParameter (or null for re-init)");
+            }
+
+            Reset();
+			initialised = true;
+		}
+
+		protected virtual int NonceSize
+		{
+			get { return 8; }
+		}
+
+		public virtual string AlgorithmName
+		{
+			get
+            { 
+				string name = "Salsa20";
+				if (rounds != DEFAULT_ROUNDS)
+				{
+					name += "/" + rounds;
+				}
+				return name;
+			}
+		}
+
+        public virtual byte ReturnByte(
+			byte input)
+		{
+			if (LimitExceeded())
+			{
+				throw new MaxBytesExceededException("2^70 byte limit per IV; Change IV");
+			}
+
+			if (index == 0)
+			{
+				GenerateKeyStream(keyStream);
+				AdvanceCounter();
+			}
+
+			byte output = (byte)(keyStream[index] ^ input);
+			index = (index + 1) & 63;
+
+			return output;
+		}
+
+		protected virtual void AdvanceCounter()
+		{
+			if (++engineState[8] == 0)
+			{
+				++engineState[9];
+			}
+		}
+
+        public virtual void ProcessBytes(
+			byte[]	inBytes, 
+			int		inOff, 
+			int		len, 
+			byte[]	outBytes, 
+			int		outOff)
+		{
+			if (!initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(inBytes, inOff, len, "input buffer too short");
+            Check.OutputLength(outBytes, outOff, len, "output buffer too short");
+
+            if (LimitExceeded((uint)len))
+				throw new MaxBytesExceededException("2^70 byte limit per IV would be exceeded; Change IV");
+
+            for (int i = 0; i < len; i++)
+			{
+				if (index == 0)
+				{
+					GenerateKeyStream(keyStream);
+					AdvanceCounter();
+				}
+				outBytes[i+outOff] = (byte)(keyStream[index]^inBytes[i+inOff]);
+				index = (index + 1) & 63;
+			}
+		}
+
+        public virtual void Reset()
+		{
+			index = 0;
+			ResetLimitCounter();
+			ResetCounter();
+		}
+
+		protected virtual void ResetCounter()
+		{
+			engineState[8] = engineState[9] = 0;
+		}
+
+		protected virtual void SetKey(byte[] keyBytes, byte[] ivBytes)
+		{
+            if (keyBytes != null)
+            {
+                if ((keyBytes.Length != 16) && (keyBytes.Length != 32))
+                    throw new ArgumentException(AlgorithmName + " requires 128 bit or 256 bit key");
+
+                int tsOff = (keyBytes.Length - 16) / 4;
+                engineState[0] = TAU_SIGMA[tsOff];
+                engineState[5] = TAU_SIGMA[tsOff + 1];
+                engineState[10] = TAU_SIGMA[tsOff + 2];
+                engineState[15] = TAU_SIGMA[tsOff + 3];
+
+                // Key
+                Pack.LE_To_UInt32(keyBytes, 0, engineState, 1, 4);
+                Pack.LE_To_UInt32(keyBytes, keyBytes.Length - 16, engineState, 11, 4);
+            }
+
+            // IV
+            Pack.LE_To_UInt32(ivBytes, 0, engineState, 6, 2);
+        }
+
+        protected virtual void GenerateKeyStream(byte[] output)
+		{
+			SalsaCore(rounds, engineState, x);
+			Pack.UInt32_To_LE(x, output, 0);
+		}
+
+		internal static void SalsaCore(int rounds, uint[] input, uint[] x)
+		{
+			if (input.Length != 16)
+				throw new ArgumentException();
+			if (x.Length != 16)
+				throw new ArgumentException();
+			if (rounds % 2 != 0)
+				throw new ArgumentException("Number of rounds must be even");
+
+            uint x00 = input[ 0];
+			uint x01 = input[ 1];
+			uint x02 = input[ 2];
+			uint x03 = input[ 3];
+			uint x04 = input[ 4];
+			uint x05 = input[ 5];
+			uint x06 = input[ 6];
+			uint x07 = input[ 7];
+			uint x08 = input[ 8];
+			uint x09 = input[ 9];
+			uint x10 = input[10];
+			uint x11 = input[11];
+			uint x12 = input[12];
+			uint x13 = input[13];
+			uint x14 = input[14];
+			uint x15 = input[15];
+
+			for (int i = rounds; i > 0; i -= 2)
+			{
+				x04 ^= R((x00+x12), 7);
+				x08 ^= R((x04+x00), 9);
+				x12 ^= R((x08+x04),13);
+				x00 ^= R((x12+x08),18);
+				x09 ^= R((x05+x01), 7);
+				x13 ^= R((x09+x05), 9);
+				x01 ^= R((x13+x09),13);
+				x05 ^= R((x01+x13),18);
+				x14 ^= R((x10+x06), 7);
+				x02 ^= R((x14+x10), 9);
+				x06 ^= R((x02+x14),13);
+				x10 ^= R((x06+x02),18);
+				x03 ^= R((x15+x11), 7);
+				x07 ^= R((x03+x15), 9);
+				x11 ^= R((x07+x03),13);
+				x15 ^= R((x11+x07),18);
+
+				x01 ^= R((x00+x03), 7);
+				x02 ^= R((x01+x00), 9);
+				x03 ^= R((x02+x01),13);
+				x00 ^= R((x03+x02),18);
+				x06 ^= R((x05+x04), 7);
+				x07 ^= R((x06+x05), 9);
+				x04 ^= R((x07+x06),13);
+				x05 ^= R((x04+x07),18);
+				x11 ^= R((x10+x09), 7);
+				x08 ^= R((x11+x10), 9);
+				x09 ^= R((x08+x11),13);
+				x10 ^= R((x09+x08),18);
+				x12 ^= R((x15+x14), 7);
+				x13 ^= R((x12+x15), 9);
+				x14 ^= R((x13+x12),13);
+				x15 ^= R((x14+x13),18);
+			}
+
+			x[ 0] = x00 + input[ 0];
+			x[ 1] = x01 + input[ 1];
+			x[ 2] = x02 + input[ 2];
+			x[ 3] = x03 + input[ 3];
+			x[ 4] = x04 + input[ 4];
+			x[ 5] = x05 + input[ 5];
+			x[ 6] = x06 + input[ 6];
+			x[ 7] = x07 + input[ 7];
+			x[ 8] = x08 + input[ 8];
+			x[ 9] = x09 + input[ 9];
+			x[10] = x10 + input[10];
+			x[11] = x11 + input[11];
+			x[12] = x12 + input[12];
+			x[13] = x13 + input[13];
+			x[14] = x14 + input[14];
+			x[15] = x15 + input[15];
+		}
+
+		/**
+		 * Rotate left
+		 *
+		 * @param   x   value to rotate
+		 * @param   y   amount to rotate x
+		 *
+		 * @return  rotated x
+		 */
+		internal static uint R(uint x, int y)
+		{
+			return (x << y) | (x >> (32 - y));
+		}
+
+		private void ResetLimitCounter()
+		{
+			cW0 = 0;
+			cW1 = 0;
+			cW2 = 0;
+		}
+
+		private bool LimitExceeded()
+		{
+			if (++cW0 == 0)
+			{
+				if (++cW1 == 0)
+				{
+					return (++cW2 & 0x20) != 0;          // 2^(32 + 32 + 6)
+				}
+			}
+
+			return false;
+		}
+
+		/*
+		 * this relies on the fact len will always be positive.
+		 */
+		private bool LimitExceeded(
+			uint len)
+		{
+			uint old = cW0;
+			cW0 += len;
+			if (cW0 < old)
+			{
+				if (++cW1 == 0)
+				{
+					return (++cW2 & 0x20) != 0;          // 2^(32 + 32 + 6)
+				}
+			}
+
+			return false;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/SerpentEngine.cs b/bc-sharp-crypto/src/crypto/engines/SerpentEngine.cs
new file mode 100644
index 0000000..76799f0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/SerpentEngine.cs
@@ -0,0 +1,292 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+     * Serpent is a 128-bit 32-round block cipher with variable key lengths,
+     * including 128, 192 and 256 bit keys conjectured to be at least as
+     * secure as three-key triple-DES.
+     * <p>
+     * Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
+     * candidate algorithm for the NIST AES Quest.
+	 * </p>
+     * <p>
+     * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
+	 * </p>
+    */
+    public sealed class SerpentEngine
+		:   SerpentEngineBase
+    {
+        /**
+        * Expand a user-supplied key material into a session key.
+        *
+        * @param key  The user-key bytes (multiples of 4) to use.
+        * @exception ArgumentException
+        */
+        protected override int[] MakeWorkingKey(byte[] key)
+        {
+            //
+            // pad key to 256 bits
+            //
+            int[]   kPad = new int[16];
+            int     off = 0;
+            int     length = 0;
+
+            for (off = 0; (off + 4) < key.Length; off += 4)
+            {
+                kPad[length++] = (int)Pack.LE_To_UInt32(key, off);
+            }
+
+            if (off % 4 == 0)
+            {
+                kPad[length++] = (int)Pack.LE_To_UInt32(key, off);
+                if (length < 8)
+                {
+                    kPad[length] = 1;
+                }
+            }
+            else
+            {
+                throw new ArgumentException("key must be a multiple of 4 bytes");
+            }
+
+            //
+            // expand the padded key up to 33 x 128 bits of key material
+            //
+            int amount = (ROUNDS + 1) * 4;
+            int[] w = new int[amount];
+
+            //
+            // compute w0 to w7 from w-8 to w-1
+            //
+            for (int i = 8; i < 16; i++)
+            {
+                kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
+            }
+
+            Array.Copy(kPad, 8, w, 0, 8);
+
+            //
+            // compute w8 to w136
+            //
+            for (int i = 8; i < amount; i++)
+            {
+                w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
+            }
+
+            //
+            // create the working keys by processing w with the Sbox and IP
+            //
+            Sb3(w[0], w[1], w[2], w[3]);
+            w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3;
+            Sb2(w[4], w[5], w[6], w[7]);
+            w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3;
+            Sb1(w[8], w[9], w[10], w[11]);
+            w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3;
+            Sb0(w[12], w[13], w[14], w[15]);
+            w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3;
+            Sb7(w[16], w[17], w[18], w[19]);
+            w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3;
+            Sb6(w[20], w[21], w[22], w[23]);
+            w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3;
+            Sb5(w[24], w[25], w[26], w[27]);
+            w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3;
+            Sb4(w[28], w[29], w[30], w[31]);
+            w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3;
+            Sb3(w[32], w[33], w[34], w[35]);
+            w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3;
+            Sb2(w[36], w[37], w[38], w[39]);
+            w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3;
+            Sb1(w[40], w[41], w[42], w[43]);
+            w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3;
+            Sb0(w[44], w[45], w[46], w[47]);
+            w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3;
+            Sb7(w[48], w[49], w[50], w[51]);
+            w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3;
+            Sb6(w[52], w[53], w[54], w[55]);
+            w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3;
+            Sb5(w[56], w[57], w[58], w[59]);
+            w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3;
+            Sb4(w[60], w[61], w[62], w[63]);
+            w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3;
+            Sb3(w[64], w[65], w[66], w[67]);
+            w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3;
+            Sb2(w[68], w[69], w[70], w[71]);
+            w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3;
+            Sb1(w[72], w[73], w[74], w[75]);
+            w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3;
+            Sb0(w[76], w[77], w[78], w[79]);
+            w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3;
+            Sb7(w[80], w[81], w[82], w[83]);
+            w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3;
+            Sb6(w[84], w[85], w[86], w[87]);
+            w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3;
+            Sb5(w[88], w[89], w[90], w[91]);
+            w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3;
+            Sb4(w[92], w[93], w[94], w[95]);
+            w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3;
+            Sb3(w[96], w[97], w[98], w[99]);
+            w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3;
+            Sb2(w[100], w[101], w[102], w[103]);
+            w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3;
+            Sb1(w[104], w[105], w[106], w[107]);
+            w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3;
+            Sb0(w[108], w[109], w[110], w[111]);
+            w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3;
+            Sb7(w[112], w[113], w[114], w[115]);
+            w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3;
+            Sb6(w[116], w[117], w[118], w[119]);
+            w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3;
+            Sb5(w[120], w[121], w[122], w[123]);
+            w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3;
+            Sb4(w[124], w[125], w[126], w[127]);
+            w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3;
+            Sb3(w[128], w[129], w[130], w[131]);
+            w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3;
+
+            return w;
+        }
+
+        /**
+        * Encrypt one block of plaintext.
+        *
+        * @param input the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param output the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        */
+        protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            X0 = (int)Pack.LE_To_UInt32(input, inOff);
+            X1 = (int)Pack.LE_To_UInt32(input, inOff + 4);
+            X2 = (int)Pack.LE_To_UInt32(input, inOff + 8);
+            X3 = (int)Pack.LE_To_UInt32(input, inOff + 12);
+
+            Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
+            Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
+            Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT();
+            Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT();
+            Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT();
+            Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT();
+            Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT();
+            Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT();
+            Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT();
+            Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT();
+            Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT();
+            Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT();
+            Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT();
+            Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT();
+            Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT();
+            Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT();
+            Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT();
+            Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT();
+            Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT();
+            Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT();
+            Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT();
+            Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT();
+            Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT();
+            Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT();
+            Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT();
+            Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT();
+            Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT();
+            Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT();
+            Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT();
+            Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT();
+            Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
+            Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
+
+            Pack.UInt32_To_LE((uint)(wKey[128] ^ X0), output, outOff);
+            Pack.UInt32_To_LE((uint)(wKey[129] ^ X1), output, outOff + 4);
+            Pack.UInt32_To_LE((uint)(wKey[130] ^ X2), output, outOff + 8);
+            Pack.UInt32_To_LE((uint)(wKey[131] ^ X3), output, outOff + 12);
+        }
+
+        /**
+        * Decrypt one block of ciphertext.
+        *
+        * @param input the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param output the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        */
+        protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            X0 = wKey[128] ^ (int)Pack.LE_To_UInt32(input, inOff);
+            X1 = wKey[129] ^ (int)Pack.LE_To_UInt32(input, inOff + 4);
+            X2 = wKey[130] ^ (int)Pack.LE_To_UInt32(input, inOff + 8);
+            X3 = wKey[131] ^ (int)Pack.LE_To_UInt32(input, inOff + 12);
+
+            Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+
+            Pack.UInt32_To_LE((uint)(X0 ^ wKey[0]), output, outOff);
+            Pack.UInt32_To_LE((uint)(X1 ^ wKey[1]), output, outOff + 4);
+            Pack.UInt32_To_LE((uint)(X2 ^ wKey[2]), output, outOff + 8);
+            Pack.UInt32_To_LE((uint)(X3 ^ wKey[3]), output, outOff + 12);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/SerpentEngineBase.cs b/bc-sharp-crypto/src/crypto/engines/SerpentEngineBase.cs
new file mode 100644
index 0000000..9de5522
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/SerpentEngineBase.cs
@@ -0,0 +1,469 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    public abstract class SerpentEngineBase
+        :   IBlockCipher
+    {
+        protected static readonly int BlockSize = 16;
+
+        internal const int ROUNDS = 32;
+        internal const int PHI = unchecked((int)0x9E3779B9);       // (sqrt(5) - 1) * 2**31
+
+        protected bool encrypting;
+        protected int[] wKey;
+
+        protected int X0, X1, X2, X3;    // registers
+
+        protected SerpentEngineBase()
+        {
+        }
+
+        /**
+         * initialise a Serpent cipher.
+         *
+         * @param encrypting whether or not we are for encryption.
+         * @param params     the parameters required to set up the cipher.
+         * @throws IllegalArgumentException if the params argument is
+         * inappropriate.
+         */
+        public virtual void Init(bool encrypting, ICipherParameters parameters)
+        {
+            if (!(parameters is KeyParameter))
+				throw new ArgumentException("invalid parameter passed to " + AlgorithmName + " init - " + Platform.GetTypeName(parameters));
+
+            this.encrypting = encrypting;
+            this.wKey = MakeWorkingKey(((KeyParameter)parameters).GetKey());
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "Serpent"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return false; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BlockSize;
+        }
+
+        /**
+         * Process one block of input from the array in and write it to
+         * the out array.
+         *
+         * @param in     the array containing the input data.
+         * @param inOff  offset into the in array the data starts at.
+         * @param out    the array the output data will be copied into.
+         * @param outOff the offset into the out array the output will start at.
+         * @return the number of bytes processed and produced.
+         * @throws DataLengthException if there isn't enough data in in, or
+         * space in out.
+         * @throws IllegalStateException if the cipher isn't initialised.
+         */
+        public int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            if (wKey == null)
+                throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(input, inOff, BlockSize, "input buffer too short");
+            Check.OutputLength(output, outOff, BlockSize, "output buffer too short");
+
+            if (encrypting)
+            {
+                EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                DecryptBlock(input, inOff, output, outOff);
+            }
+
+            return BlockSize;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        protected static int RotateLeft(int x, int bits)
+        {
+            return ((x << bits) | (int) ((uint)x >> (32 - bits)));
+        }
+
+        private static int RotateRight(int x, int bits)
+        {
+            return ( (int)((uint)x >> bits) | (x << (32 - bits)));
+        }
+
+        /*
+         * The sboxes below are based on the work of Brian Gladman and
+         * Sam Simpson, whose original notice appears below.
+         * <p>
+         * For further details see:
+         *      http://fp.gladman.plus.com/cryptography_technology/serpent/
+         * </p>
+         */
+
+        /* Partially optimised Serpent S Box boolean functions derived  */
+        /* using a recursive descent analyser but without a full search */
+        /* of all subtrees. This set of S boxes is the result of work    */
+        /* by Sam Simpson and Brian Gladman using the spare time on a    */
+        /* cluster of high capacity servers to search for S boxes with    */
+        /* this customised search engine. There are now an average of    */
+        /* 15.375 terms    per S box.                                        */
+        /*                                                              */
+        /* Copyright:   Dr B. R Gladman (gladman@seven77.demon.co.uk)   */
+        /*                and Sam Simpson (s.simpson@mia.co.uk)            */
+        /*              17th December 1998                                */
+        /*                                                              */
+        /* We hereby give permission for information in this file to be */
+        /* used freely subject only to acknowledgement of its origin.    */
+
+        /*
+         * S0 - { 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12 } - 15 terms.
+         */
+        protected void Sb0(int a, int b, int c, int d)
+        {
+            int t1 = a ^ d;
+            int t3 = c ^ t1;
+            int t4 = b ^ t3;
+            X3 = (a & d) ^ t4;
+            int t7 = a ^ (b & t1);
+            X2 = t4 ^ (c | t7);
+            int t12 = X3 & (t3 ^ t7);
+            X1 = (~t3) ^ t12;
+            X0 = t12 ^ (~t7);
+        }
+
+        /**
+        * InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms.
+        */
+        protected void Ib0(int a, int b, int c, int d)
+        {
+            int t1 = ~a;
+            int t2 = a ^ b;
+            int t4 = d ^ (t1 | t2);
+            int t5 = c ^ t4;
+            X2 = t2 ^ t5;
+            int t8 = t1 ^ (d & t2);
+            X1 = t4 ^ (X2 & t8);
+            X3 = (a & t4) ^ (t5 | X1);
+            X0 = X3 ^ (t5 ^ t8);
+        }
+
+        /**
+        * S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms.
+        */
+        protected void Sb1(int a, int b, int c, int d)
+        {
+            int t2 = b ^ (~a);
+            int t5 = c ^ (a | t2);
+            X2 = d ^ t5;
+            int t7 = b ^ (d | t2);
+            int t8 = t2 ^ X2;
+            X3 = t8 ^ (t5 & t7);
+            int t11 = t5 ^ t7;
+            X1 = X3 ^ t11;
+            X0 = t5 ^ (t8 & t11);
+        }
+
+        /**
+        * InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps.
+        */
+        protected void Ib1(int a, int b, int c, int d)
+        {
+            int t1 = b ^ d;
+            int t3 = a ^ (b & t1);
+            int t4 = t1 ^ t3;
+            X3 = c ^ t4;
+            int t7 = b ^ (t1 & t3);
+            int t8 = X3 | t7;
+            X1 = t3 ^ t8;
+            int t10 = ~X1;
+            int t11 = X3 ^ t7;
+            X0 = t10 ^ t11;
+            X2 = t4 ^ (t10 | t11);
+        }
+
+        /**
+        * S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms.
+        */
+        protected void Sb2(int a, int b, int c, int d)
+        {
+            int t1 = ~a;
+            int t2 = b ^ d;
+            int t3 = c & t1;
+            X0 = t2 ^ t3;
+            int t5 = c ^ t1;
+            int t6 = c ^ X0;
+            int t7 = b & t6;
+            X3 = t5 ^ t7;
+            X2 = a ^ ((d | t7) & (X0 | t5));
+            X1 = (t2 ^ X3) ^ (X2 ^ (d | t1));
+        }
+
+        /**
+        * InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps.
+        */
+        protected void Ib2(int a, int b, int c, int d)
+        {
+            int t1 = b ^ d;
+            int t2 = ~t1;
+            int t3 = a ^ c;
+            int t4 = c ^ t1;
+            int t5 = b & t4;
+            X0 = t3 ^ t5;
+            int t7 = a | t2;
+            int t8 = d ^ t7;
+            int t9 = t3 | t8;
+            X3 = t1 ^ t9;
+            int t11 = ~t4;
+            int t12 = X0 | X3;
+            X1 = t11 ^ t12;
+            X2 = (d & t11) ^ (t3 ^ t12);
+        }
+
+        /**
+        * S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms.
+        */
+        protected void Sb3(int a, int b, int c, int d)
+        {
+            int t1 = a ^ b;
+            int t2 = a & c;
+            int t3 = a | d;
+            int t4 = c ^ d;
+            int t5 = t1 & t3;
+            int t6 = t2 | t5;
+            X2 = t4 ^ t6;
+            int t8 = b ^ t3;
+            int t9 = t6 ^ t8;
+            int t10 = t4 & t9;
+            X0 = t1 ^ t10;
+            int t12 = X2 & X0;
+            X1 = t9 ^ t12;
+            X3 = (b | d) ^ (t4 ^ t12);
+        }
+
+        /**
+        * InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms
+        */
+        protected void Ib3(int a, int b, int c, int d)
+        {
+            int t1 = a | b;
+            int t2 = b ^ c;
+            int t3 = b & t2;
+            int t4 = a ^ t3;
+            int t5 = c ^ t4;
+            int t6 = d | t4;
+            X0 = t2 ^ t6;
+            int t8 = t2 | t6;
+            int t9 = d ^ t8;
+            X2 = t5 ^ t9;
+            int t11 = t1 ^ t9;
+            int t12 = X0 & t11;
+            X3 = t4 ^ t12;
+            X1 = X3 ^ (X0 ^ t11);
+        }
+
+        /**
+        * S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms.
+        */
+        protected void Sb4(int a, int b, int c, int d)
+        {
+            int t1 = a ^ d;
+            int t2 = d & t1;
+            int t3 = c ^ t2;
+            int t4 = b | t3;
+            X3 = t1 ^ t4;
+            int t6 = ~b;
+            int t7 = t1 | t6;
+            X0 = t3 ^ t7;
+            int t9 = a & X0;
+            int t10 = t1 ^ t6;
+            int t11 = t4 & t10;
+            X2 = t9 ^ t11;
+            X1 = (a ^ t3) ^ (t10 & X2);
+        }
+
+        /**
+        * InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms.
+        */
+        protected void Ib4(int a, int b, int c, int d)
+        {
+            int t1 = c | d;
+            int t2 = a & t1;
+            int t3 = b ^ t2;
+            int t4 = a & t3;
+            int t5 = c ^ t4;
+            X1 = d ^ t5;
+            int t7 = ~a;
+            int t8 = t5 & X1;
+            X3 = t3 ^ t8;
+            int t10 = X1 | t7;
+            int t11 = d ^ t10;
+            X0 = X3 ^ t11;
+            X2 = (t3 & t11) ^ (X1 ^ t7);
+        }
+
+        /**
+        * S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms.
+        */
+        protected void Sb5(int a, int b, int c, int d)
+        {
+            int t1 = ~a;
+            int t2 = a ^ b;
+            int t3 = a ^ d;
+            int t4 = c ^ t1;
+            int t5 = t2 | t3;
+            X0 = t4 ^ t5;
+            int t7 = d & X0;
+            int t8 = t2 ^ X0;
+            X1 = t7 ^ t8;
+            int t10 = t1 | X0;
+            int t11 = t2 | t7;
+            int t12 = t3 ^ t10;
+            X2 = t11 ^ t12;
+            X3 = (b ^ t7) ^ (X1 & t12);
+        }
+
+        /**
+        * InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms.
+        */
+        protected void Ib5(int a, int b, int c, int d)
+        {
+            int t1 = ~c;
+            int t2 = b & t1;
+            int t3 = d ^ t2;
+            int t4 = a & t3;
+            int t5 = b ^ t1;
+            X3 = t4 ^ t5;
+            int t7 = b | X3;
+            int t8 = a & t7;
+            X1 = t3 ^ t8;
+            int t10 = a | d;
+            int t11 = t1 ^ t7;
+            X0 = t10 ^ t11;
+            X2 = (b & t10) ^ (t4 | (a ^ c));
+        }
+
+        /**
+        * S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms.
+        */
+        protected void Sb6(int a, int b, int c, int d)
+        {
+            int t1 = ~a;
+            int t2 = a ^ d;
+            int t3 = b ^ t2;
+            int t4 = t1 | t2;
+            int t5 = c ^ t4;
+            X1 = b ^ t5;
+            int t7 = t2 | X1;
+            int t8 = d ^ t7;
+            int t9 = t5 & t8;
+            X2 = t3 ^ t9;
+            int t11 = t5 ^ t8;
+            X0 = X2 ^ t11;
+            X3 = (~t5) ^ (t3 & t11);
+        }
+
+        /**
+        * InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms.
+        */
+        protected void Ib6(int a, int b, int c, int d)
+        {
+            int t1 = ~a;
+            int t2 = a ^ b;
+            int t3 = c ^ t2;
+            int t4 = c | t1;
+            int t5 = d ^ t4;
+            X1 = t3 ^ t5;
+            int t7 = t3 & t5;
+            int t8 = t2 ^ t7;
+            int t9 = b | t8;
+            X3 = t5 ^ t9;
+            int t11 = b | X3;
+            X0 = t8 ^ t11;
+            X2 = (d & t1) ^ (t3 ^ t11);
+        }
+
+        /**
+        * S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms.
+        */
+        protected void Sb7(int a, int b, int c, int d)
+        {
+            int t1 = b ^ c;
+            int t2 = c & t1;
+            int t3 = d ^ t2;
+            int t4 = a ^ t3;
+            int t5 = d | t1;
+            int t6 = t4 & t5;
+            X1 = b ^ t6;
+            int t8 = t3 | X1;
+            int t9 = a & t4;
+            X3 = t1 ^ t9;
+            int t11 = t4 ^ t8;
+            int t12 = X3 & t11;
+            X2 = t3 ^ t12;
+            X0 = (~t11) ^ (X3 & X2);
+        }
+
+        /**
+        * InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms.
+        */
+        protected void Ib7(int a, int b, int c, int d)
+        {
+            int t3 = c | (a & b);
+            int t4 = d & (a | b);
+            X3 = t3 ^ t4;
+            int t6 = ~d;
+            int t7 = b ^ t4;
+            int t9 = t7 | (X3 ^ t6);
+            X1 = a ^ t9;
+            X0 = (c ^ t7) ^ (d | X1);
+            X2 = (t3 ^ X1) ^ (X0 ^ (a & X3));
+        }
+
+        /**
+        * Apply the linear transformation to the register set.
+        */
+        protected void LT()
+        {
+            int x0 = RotateLeft(X0, 13);
+            int x2 = RotateLeft(X2, 3);
+            int x1 = X1 ^ x0 ^ x2;
+            int x3 = X3 ^ x2 ^ x0 << 3;
+
+            X1 = RotateLeft(x1, 1);
+            X3 = RotateLeft(x3, 7);
+            X0 = RotateLeft(x0 ^ X1 ^ X3, 5);
+            X2 = RotateLeft(x2 ^ X3 ^ (X1 << 7), 22);
+        }
+
+        /**
+        * Apply the inverse of the linear transformation to the register set.
+        */
+        protected void InverseLT()
+        {
+            int x2 = RotateRight(X2, 22) ^ X3 ^ (X1 << 7);
+            int x0 = RotateRight(X0, 5) ^ X1 ^ X3;
+            int x3 = RotateRight(X3, 7);
+            int x1 = RotateRight(X1, 1);
+            X3 = x3 ^ x2 ^ x0 << 3;
+            X1 = x1 ^ x0 ^ x2;
+            X2 = RotateRight(x2, 3);
+            X0 = RotateRight(x0, 13);
+        }
+
+        protected abstract int[] MakeWorkingKey(byte[] key);
+
+        protected abstract void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff);
+
+        protected abstract void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/SkipjackEngine.cs b/bc-sharp-crypto/src/crypto/engines/SkipjackEngine.cs
new file mode 100644
index 0000000..c90646c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/SkipjackEngine.cs
@@ -0,0 +1,254 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * a class that provides a basic SKIPJACK engine.
+    */
+    public class SkipjackEngine
+		: IBlockCipher
+    {
+        const int BLOCK_SIZE = 8;
+
+        static readonly short [] ftable =
+        {
+            0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4, 0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9,
+            0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e, 0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28,
+            0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68, 0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53,
+            0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19, 0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2,
+            0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b, 0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8,
+            0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0, 0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90,
+            0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69, 0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76,
+            0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20, 0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d,
+            0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43, 0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18,
+            0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa, 0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4,
+            0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87, 0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40,
+            0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b, 0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5,
+            0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0, 0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2,
+            0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1, 0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8,
+            0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5, 0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac,
+            0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3, 0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46
+        };
+
+        private int[] key0, key1, key2, key3;
+        private bool encrypting;
+
+        /**
+        * initialise a SKIPJACK cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is KeyParameter))
+	            throw new ArgumentException("invalid parameter passed to SKIPJACK init - " + Platform.GetTypeName(parameters));
+
+			byte[] keyBytes = ((KeyParameter)parameters).GetKey();
+
+            this.encrypting = forEncryption;
+            this.key0 = new int[32];
+            this.key1 = new int[32];
+            this.key2 = new int[32];
+            this.key3 = new int[32];
+
+            //
+            // expand the key to 128 bytes in 4 parts (saving us a modulo, multiply
+            // and an addition).
+            //
+            for (int i = 0; i < 32; i ++)
+            {
+                key0[i] = keyBytes[(i * 4) % 10] & 0xff;
+                key1[i] = keyBytes[(i * 4 + 1) % 10] & 0xff;
+                key2[i] = keyBytes[(i * 4 + 2) % 10] & 0xff;
+                key3[i] = keyBytes[(i * 4 + 3) % 10] & 0xff;
+            }
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "SKIPJACK"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (key1 == null)
+                throw new InvalidOperationException("SKIPJACK engine not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (encrypting)
+            {
+                EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                DecryptBlock(input, inOff, output, outOff);
+            }
+
+			return BLOCK_SIZE;
+        }
+
+        public virtual void Reset()
+        {
+        }
+
+        /**
+        * The G permutation
+        */
+        private int G(
+            int     k,
+            int     w)
+        {
+            int g1, g2, g3, g4, g5, g6;
+
+            g1 = (w >> 8) & 0xff;
+            g2 = w & 0xff;
+
+            g3 = ftable[g2 ^ key0[k]] ^ g1;
+            g4 = ftable[g3 ^ key1[k]] ^ g2;
+            g5 = ftable[g4 ^ key2[k]] ^ g3;
+            g6 = ftable[g5 ^ key3[k]] ^ g4;
+
+            return ((g5 << 8) + g6);
+        }
+
+        public virtual int EncryptBlock(
+            byte[]      input,
+            int         inOff,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            int w1 = (input[inOff + 0] << 8) + (input[inOff + 1] & 0xff);
+            int w2 = (input[inOff + 2] << 8) + (input[inOff + 3] & 0xff);
+            int w3 = (input[inOff + 4] << 8) + (input[inOff + 5] & 0xff);
+            int w4 = (input[inOff + 6] << 8) + (input[inOff + 7] & 0xff);
+
+            int k = 0;
+
+            for (int t = 0; t < 2; t++)
+            {
+                for(int i = 0; i < 8; i++)
+                {
+                    int tmp = w4;
+                    w4 = w3;
+                    w3 = w2;
+                    w2 = G(k, w1);
+                    w1 = w2 ^ tmp ^ (k + 1);
+                    k++;
+                }
+
+                for(int i = 0; i < 8; i++)
+                {
+                    int tmp = w4;
+                    w4 = w3;
+                    w3 = w1 ^ w2 ^ (k + 1);
+                    w2 = G(k, w1);
+                    w1 = tmp;
+                    k++;
+                }
+            }
+
+            outBytes[outOff + 0] = (byte)((w1 >> 8));
+            outBytes[outOff + 1] = (byte)(w1);
+            outBytes[outOff + 2] = (byte)((w2 >> 8));
+            outBytes[outOff + 3] = (byte)(w2);
+            outBytes[outOff + 4] = (byte)((w3 >> 8));
+            outBytes[outOff + 5] = (byte)(w3);
+            outBytes[outOff + 6] = (byte)((w4 >> 8));
+            outBytes[outOff + 7] = (byte)(w4);
+
+            return BLOCK_SIZE;
+        }
+
+        /**
+        * the inverse of the G permutation.
+        */
+        private int H(
+            int     k,
+            int     w)
+        {
+            int h1, h2, h3, h4, h5, h6;
+
+            h1 = w & 0xff;
+            h2 = (w >> 8) & 0xff;
+
+            h3 = ftable[h2 ^ key3[k]] ^ h1;
+            h4 = ftable[h3 ^ key2[k]] ^ h2;
+            h5 = ftable[h4 ^ key1[k]] ^ h3;
+            h6 = ftable[h5 ^ key0[k]] ^ h4;
+
+            return ((h6 << 8) + h5);
+        }
+
+        public virtual int DecryptBlock(
+            byte[]      input,
+            int         inOff,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            int w2 = (input[inOff + 0] << 8) + (input[inOff + 1] & 0xff);
+            int w1 = (input[inOff + 2] << 8) + (input[inOff + 3] & 0xff);
+            int w4 = (input[inOff + 4] << 8) + (input[inOff + 5] & 0xff);
+            int w3 = (input[inOff + 6] << 8) + (input[inOff + 7] & 0xff);
+
+            int k = 31;
+
+            for (int t = 0; t < 2; t++)
+            {
+                for(int i = 0; i < 8; i++)
+                {
+                    int tmp = w4;
+                    w4 = w3;
+                    w3 = w2;
+                    w2 = H(k, w1);
+                    w1 = w2 ^ tmp ^ (k + 1);
+                    k--;
+                }
+
+                for(int i = 0; i < 8; i++)
+                {
+                    int tmp = w4;
+                    w4 = w3;
+                    w3 = w1 ^ w2 ^ (k + 1);
+                    w2 = H(k, w1);
+                    w1 = tmp;
+                    k--;
+                }
+            }
+
+            outBytes[outOff + 0] = (byte)((w2 >> 8));
+            outBytes[outOff + 1] = (byte)(w2);
+            outBytes[outOff + 2] = (byte)((w1 >> 8));
+            outBytes[outOff + 3] = (byte)(w1);
+            outBytes[outOff + 4] = (byte)((w4 >> 8));
+            outBytes[outOff + 5] = (byte)(w4);
+            outBytes[outOff + 6] = (byte)((w3 >> 8));
+            outBytes[outOff + 7] = (byte)(w3);
+
+            return BLOCK_SIZE;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/TEAEngine.cs b/bc-sharp-crypto/src/crypto/engines/TEAEngine.cs
new file mode 100644
index 0000000..7b70014
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/TEAEngine.cs
@@ -0,0 +1,166 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* An TEA engine.
+	*/
+	public class TeaEngine
+		: IBlockCipher
+	{
+		private const int
+			rounds		= 32,
+			block_size	= 8;
+//			key_size	= 16,
+
+		private const uint 
+			delta		= 0x9E3779B9,
+			d_sum		= 0xC6EF3720; // sum on decrypt
+
+		/*
+		* the expanded key array of 4 subkeys
+		*/
+		private uint _a, _b, _c, _d;
+		private bool _initialised;
+		private bool _forEncryption;
+
+		/**
+		* Create an instance of the TEA encryption algorithm
+		* and set some defaults
+		*/
+		public TeaEngine()
+		{
+			_initialised = false;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "TEA"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return block_size;
+		}
+
+		/**
+		* initialise
+		*
+		* @param forEncryption whether or not we are for encryption.
+		* @param params the parameters required to set up the cipher.
+		* @exception ArgumentException if the params argument is
+		* inappropriate.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (!(parameters is KeyParameter))
+			{
+				throw new ArgumentException("invalid parameter passed to TEA init - "
+					+ Platform.GetTypeName(parameters));
+			}
+
+			_forEncryption = forEncryption;
+			_initialised = true;
+
+			KeyParameter p = (KeyParameter) parameters;
+
+			setKey(p.GetKey());
+		}
+
+        public virtual int ProcessBlock(
+			byte[]  inBytes,
+			int     inOff,
+			byte[]  outBytes,
+			int     outOff)
+		{
+			if (!_initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(inBytes, inOff, block_size, "input buffer too short");
+            Check.OutputLength(outBytes, outOff, block_size, "output buffer too short");
+
+            return _forEncryption
+				?	encryptBlock(inBytes, inOff, outBytes, outOff)
+				:	decryptBlock(inBytes, inOff, outBytes, outOff);
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+		/**
+		* Re-key the cipher.
+		*
+		* @param  key  the key to be used
+		*/
+		private void setKey(
+			byte[] key)
+		{
+			_a = Pack.BE_To_UInt32(key, 0);
+			_b = Pack.BE_To_UInt32(key, 4);
+			_c = Pack.BE_To_UInt32(key, 8);
+			_d = Pack.BE_To_UInt32(key, 12);
+		}
+
+		private int encryptBlock(
+			byte[]	inBytes,
+			int		inOff,
+			byte[]	outBytes,
+			int		outOff)
+		{
+			// Pack bytes into integers
+			uint v0 = Pack.BE_To_UInt32(inBytes, inOff);
+			uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4);
+	        
+			uint sum = 0;
+	        
+			for (int i = 0; i != rounds; i++)
+			{
+				sum += delta;
+				v0  += ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >> 5) + _b);
+				v1  += ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >> 5) + _d);
+			}
+
+			Pack.UInt32_To_BE(v0, outBytes, outOff);
+			Pack.UInt32_To_BE(v1, outBytes, outOff + 4);
+
+			return block_size;
+		}
+
+		private int decryptBlock(
+			byte[]	inBytes,
+			int		inOff,
+			byte[]	outBytes,
+			int		outOff)
+		{
+			// Pack bytes into integers
+			uint v0 = Pack.BE_To_UInt32(inBytes, inOff);
+			uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4);
+
+			uint sum = d_sum;
+
+			for (int i = 0; i != rounds; i++)
+			{
+				v1  -= ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >> 5) + _d);
+				v0  -= ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >> 5) + _b);
+				sum -= delta;
+			}
+
+			Pack.UInt32_To_BE(v0, outBytes, outOff);
+			Pack.UInt32_To_BE(v1, outBytes, outOff + 4);
+
+			return block_size;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/ThreefishEngine.cs b/bc-sharp-crypto/src/crypto/engines/ThreefishEngine.cs
new file mode 100644
index 0000000..eade3cc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/ThreefishEngine.cs
@@ -0,0 +1,1491 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <summary>
+	/// Implementation of the Threefish tweakable large block cipher in 256, 512 and 1024 bit block
+	/// sizes.
+	/// </summary>
+	/// <remarks>
+	/// This is the 1.3 version of Threefish defined in the Skein hash function submission to the NIST
+	/// SHA-3 competition in October 2010.
+	/// <p/>
+	/// Threefish was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
+	/// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
+	/// <p/>
+	/// This implementation inlines all round functions, unrolls 8 rounds, and uses 1.2k of static tables
+	/// to speed up key schedule injection. <br/>
+	/// 2 x block size state is retained by each cipher instance.
+	/// </remarks>
+	public class ThreefishEngine
+		: IBlockCipher
+	{
+		/// <summary>
+		/// 256 bit block size - Threefish-256
+		/// </summary>
+		public const int BLOCKSIZE_256 = 256;
+		/// <summary>
+		/// 512 bit block size - Threefish-512
+		/// </summary>
+		public const int BLOCKSIZE_512 = 512;
+		/// <summary>
+		/// 1024 bit block size - Threefish-1024
+		/// </summary>
+		public const int BLOCKSIZE_1024 = 1024;
+
+		/**
+	     * Size of the tweak in bytes (always 128 bit/16 bytes)
+	     */
+		private const int TWEAK_SIZE_BYTES = 16;
+		private const int TWEAK_SIZE_WORDS = TWEAK_SIZE_BYTES / 8;
+
+		/**
+	     * Rounds in Threefish-256
+	     */
+		private const int ROUNDS_256 = 72;
+		/**
+	     * Rounds in Threefish-512
+	     */
+		private const int ROUNDS_512 = 72;
+		/**
+	     * Rounds in Threefish-1024
+	     */
+		private const int ROUNDS_1024 = 80;
+
+		/**
+	     * Max rounds of any of the variants
+	     */
+		private const int MAX_ROUNDS = ROUNDS_1024;
+
+		/**
+	     * Key schedule parity constant
+	     */
+		private const ulong C_240 = 0x1BD11BDAA9FC1A22L;
+
+		/* Pre-calculated modulo arithmetic tables for key schedule lookups */
+		private static readonly int[] MOD9 = new int[MAX_ROUNDS];
+		private static readonly int[] MOD17 = new int[MOD9.Length];
+		private static readonly int[] MOD5 = new int[MOD9.Length];
+		private static readonly int[] MOD3 = new int[MOD9.Length];
+
+		static ThreefishEngine()
+		{
+			for (int i = 0; i < MOD9.Length; i++)
+			{
+				MOD17[i] = i % 17;
+				MOD9[i] = i % 9;
+				MOD5[i] = i % 5;
+				MOD3[i] = i % 3;
+			}
+		}
+
+		/**
+	     * Block size in bytes
+	     */
+		private readonly int blocksizeBytes;
+
+		/**
+	     * Block size in 64 bit words
+	     */
+		private readonly int blocksizeWords;
+
+		/**
+	     * Buffer for byte oriented processBytes to call internal word API
+	     */
+		private readonly ulong[] currentBlock;
+
+		/**
+	     * Tweak bytes (2 byte t1,t2, calculated t3 and repeat of t1,t2 for modulo free lookup
+	     */
+		private readonly ulong[] t = new ulong[5];
+
+		/**
+	     * Key schedule words
+	     */
+		private readonly ulong[] kw;
+
+		/**
+	     * The internal cipher implementation (varies by blocksize)
+	     */
+		private readonly ThreefishCipher cipher;
+
+		private bool forEncryption;
+
+		/// <summary>
+		/// Constructs a new Threefish cipher, with a specified block size.
+		/// </summary>
+		/// <param name="blocksizeBits">the block size in bits, one of <see cref="BLOCKSIZE_256"/>, <see cref="BLOCKSIZE_512"/>,
+		///                      <see cref="BLOCKSIZE_1024"/> .</param>
+		public ThreefishEngine(int blocksizeBits)
+		{
+			this.blocksizeBytes = (blocksizeBits / 8);
+			this.blocksizeWords = (this.blocksizeBytes / 8);
+			this.currentBlock = new ulong[blocksizeWords];
+
+			/*
+	         * Provide room for original key words, extended key word and repeat of key words for modulo
+	         * free lookup of key schedule words.
+	         */
+			this.kw = new ulong[2 * blocksizeWords + 1];
+
+			switch (blocksizeBits)
+			{
+				case BLOCKSIZE_256:
+				cipher = new Threefish256Cipher(kw, t);
+				break;
+				case BLOCKSIZE_512:
+				cipher = new Threefish512Cipher(kw, t);
+				break;
+				case BLOCKSIZE_1024:
+				cipher = new Threefish1024Cipher(kw, t);
+				break;
+				default:
+				throw new ArgumentException(
+					"Invalid blocksize - Threefish is defined with block size of 256, 512, or 1024 bits");
+			}
+		}
+
+		/// <summary>
+		/// Initialise the engine.
+		/// </summary>
+		/// <param name="forEncryption">Initialise for encryption if true, for decryption if false.</param>
+		/// <param name="parameters">an instance of <see cref="TweakableBlockCipherParameters"/> or <see cref="KeyParameter"/> (to
+		///               use a 0 tweak)</param>
+        public virtual void Init(bool forEncryption, ICipherParameters parameters)
+		{
+			byte[] keyBytes;
+			byte[] tweakBytes;
+
+			if (parameters is TweakableBlockCipherParameters)
+			{
+				TweakableBlockCipherParameters tParams = (TweakableBlockCipherParameters)parameters;
+				keyBytes = tParams.Key.GetKey();
+				tweakBytes = tParams.Tweak;
+			}
+			else if (parameters is KeyParameter)
+			{
+				keyBytes = ((KeyParameter)parameters).GetKey();
+				tweakBytes = null;
+			}
+			else
+			{
+				throw new ArgumentException("Invalid parameter passed to Threefish init - "
+                    + Platform.GetTypeName(parameters));
+			}
+
+			ulong[] keyWords = null;
+			ulong[] tweakWords = null;
+
+			if (keyBytes != null)
+			{
+				if (keyBytes.Length != this.blocksizeBytes)
+				{
+					throw new ArgumentException("Threefish key must be same size as block (" + blocksizeBytes
+					                            + " bytes)");
+				}
+				keyWords = new ulong[blocksizeWords];
+				for (int i = 0; i < keyWords.Length; i++)
+				{
+					keyWords[i] = BytesToWord(keyBytes, i * 8);
+				}
+			}
+			if (tweakBytes != null)
+			{
+				if (tweakBytes.Length != TWEAK_SIZE_BYTES)
+				{
+					throw new ArgumentException("Threefish tweak must be " + TWEAK_SIZE_BYTES + " bytes");
+				}
+				tweakWords = new ulong[]{BytesToWord(tweakBytes, 0), BytesToWord(tweakBytes, 8)};
+			}
+			Init(forEncryption, keyWords, tweakWords);
+		}
+
+		/// <summary>
+		/// Initialise the engine, specifying the key and tweak directly.
+		/// </summary>
+		/// <param name="forEncryption">the cipher mode.</param>
+		/// <param name="key">the words of the key, or <code>null</code> to use the current key.</param>
+		/// <param name="tweak">the 2 word (128 bit) tweak, or <code>null</code> to use the current tweak.</param>
+		internal void Init(bool forEncryption, ulong[] key, ulong[] tweak)
+		{
+			this.forEncryption = forEncryption;
+			if (key != null)
+			{
+				SetKey(key);
+			}
+			if (tweak != null)
+			{
+				SetTweak(tweak);
+			}
+		}
+
+		private void SetKey(ulong[] key)
+		{
+			if (key.Length != this.blocksizeWords)
+			{
+				throw new ArgumentException("Threefish key must be same size as block (" + blocksizeWords
+				                            + " words)");
+			}
+
+			/*
+	         * Full subkey schedule is deferred to execution to avoid per cipher overhead (10k for 512,
+	         * 20k for 1024).
+	         * 
+	         * Key and tweak word sequences are repeated, and static MOD17/MOD9/MOD5/MOD3 calculations
+	         * used, to avoid expensive mod computations during cipher operation.
+	         */
+
+			ulong knw = C_240;
+			for (int i = 0; i < blocksizeWords; i++)
+			{
+				kw[i] = key[i];
+				knw = knw ^ kw[i];
+			}
+			kw[blocksizeWords] = knw;
+			Array.Copy(kw, 0, kw, blocksizeWords + 1, blocksizeWords);
+		}
+
+		private void SetTweak(ulong[] tweak)
+		{
+			if (tweak.Length != TWEAK_SIZE_WORDS)
+			{
+				throw new ArgumentException("Tweak must be " + TWEAK_SIZE_WORDS + " words.");
+			}
+
+			/*
+	         * Tweak schedule partially repeated to avoid mod computations during cipher operation
+	         */
+			t[0] = tweak[0];
+			t[1] = tweak[1];
+			t[2] = t[0] ^ t[1];
+			t[3] = t[0];
+			t[4] = t[1];
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return "Threefish-" + (blocksizeBytes * 8); }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return blocksizeBytes;
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+        public virtual int ProcessBlock(byte[] inBytes, int inOff, byte[] outBytes, int outOff)
+		{
+			if ((outOff + blocksizeBytes) > outBytes.Length)
+			{
+				throw new DataLengthException("Output buffer too short");
+			}
+
+			if ((inOff + blocksizeBytes) > inBytes.Length)
+			{
+				throw new DataLengthException("Input buffer too short");
+			}
+
+			for (int i = 0; i < blocksizeBytes; i += 8)
+			{
+				currentBlock[i >> 3] = BytesToWord(inBytes, inOff + i);
+			}
+			ProcessBlock(this.currentBlock, this.currentBlock);
+			for (int i = 0; i < blocksizeBytes; i += 8)
+			{
+				WordToBytes(this.currentBlock[i >> 3], outBytes, outOff + i);
+			}
+
+			return blocksizeBytes;
+		}
+
+		/// <summary>
+		/// Process a block of data represented as 64 bit words.
+		/// </summary>
+		/// <returns>the number of 8 byte words processed (which will be the same as the block size).</returns>
+		/// <param name="inWords">a block sized buffer of words to process.</param>
+		/// <param name="outWords">a block sized buffer of words to receive the output of the operation.</param>
+		/// <exception cref="DataLengthException">if either the input or output is not block sized</exception>
+		/// <exception cref="InvalidOperationException">if this engine is not initialised</exception>
+		internal int ProcessBlock(ulong[] inWords, ulong[] outWords)
+		{
+			if (kw[blocksizeWords] == 0)
+			{
+				throw new InvalidOperationException("Threefish engine not initialised");
+			}
+
+			if (inWords.Length != blocksizeWords)
+			{
+				throw new DataLengthException("Input buffer too short");
+			}
+			if (outWords.Length != blocksizeWords)
+			{
+				throw new DataLengthException("Output buffer too short");
+			}
+
+			if (forEncryption)
+			{
+				cipher.EncryptBlock(inWords, outWords);
+			}
+			else
+			{
+				cipher.DecryptBlock(inWords, outWords);
+			}
+
+			return blocksizeWords;
+		}
+
+		/// <summary>
+		/// Read a single 64 bit word from input in LSB first order.
+		/// </summary>
+		internal static ulong BytesToWord(byte[] bytes, int off)
+		{
+			if ((off + 8) > bytes.Length)
+			{
+				// Help the JIT avoid index checks
+				throw new ArgumentException();
+			}
+
+			ulong word = 0;
+			int index = off;
+
+			word = (bytes[index++] & 0xffUL);
+			word |= (bytes[index++] & 0xffUL) << 8;
+			word |= (bytes[index++] & 0xffUL) << 16;
+			word |= (bytes[index++] & 0xffUL) << 24;
+			word |= (bytes[index++] & 0xffUL) << 32;
+			word |= (bytes[index++] & 0xffUL) << 40;
+			word |= (bytes[index++] & 0xffUL) << 48;
+			word |= (bytes[index++] & 0xffUL) << 56;
+
+			return word;
+		}
+
+		/// <summary>
+		/// Write a 64 bit word to output in LSB first order.
+		/// </summary>
+		internal static void WordToBytes(ulong word, byte[] bytes, int off)
+		{
+			if ((off + 8) > bytes.Length)
+			{
+				// Help the JIT avoid index checks
+				throw new ArgumentException();
+			}
+			int index = off;
+
+			bytes[index++] = (byte)word;
+			bytes[index++] = (byte)(word >> 8);
+			bytes[index++] = (byte)(word >> 16);
+			bytes[index++] = (byte)(word >> 24);
+			bytes[index++] = (byte)(word >> 32);
+			bytes[index++] = (byte)(word >> 40);
+			bytes[index++] = (byte)(word >> 48);
+			bytes[index++] = (byte)(word >> 56);
+		}
+
+		/**
+	     * Rotate left + xor part of the mix operation.
+	     */
+		private static ulong RotlXor(ulong x, int n, ulong xor)
+		{
+			return ((x << n) | (x >> (64 - n))) ^ xor;
+		}
+
+		/**
+	     * Rotate xor + rotate right part of the unmix operation.
+	     */
+		private static ulong XorRotr(ulong x, int n, ulong xor)
+		{
+			ulong xored = x ^ xor;
+			return (xored >> n) | (xored << (64 - n));
+		}
+
+		private abstract class ThreefishCipher
+		{
+			/**
+	         * The extended + repeated tweak words
+	         */
+			protected readonly ulong[] t;
+			/**
+	         * The extended + repeated key words
+	         */
+			protected readonly ulong[] kw;
+
+			protected ThreefishCipher(ulong[] kw, ulong[] t)
+			{
+				this.kw = kw;
+				this.t = t;
+			}
+
+			internal abstract void EncryptBlock(ulong[] block, ulong[] outWords);
+
+			internal abstract void DecryptBlock(ulong[] block, ulong[] outWords);
+
+		}
+
+		private sealed class Threefish256Cipher
+			: ThreefishCipher
+		{
+			/**
+	         * Mix rotation constants defined in Skein 1.3 specification
+	         */
+			private const int ROTATION_0_0 = 14, ROTATION_0_1 = 16;
+			private const int ROTATION_1_0 = 52, ROTATION_1_1 = 57;
+			private const int ROTATION_2_0 = 23, ROTATION_2_1 = 40;
+			private const int ROTATION_3_0 = 5, ROTATION_3_1 = 37;
+
+			private const int ROTATION_4_0 = 25, ROTATION_4_1 = 33;
+			private const int ROTATION_5_0 = 46, ROTATION_5_1 = 12;
+			private const int ROTATION_6_0 = 58, ROTATION_6_1 = 22;
+			private const int ROTATION_7_0 = 32, ROTATION_7_1 = 32;
+
+			public Threefish256Cipher(ulong[] kw, ulong[] t)
+				: base(kw, t)
+			{
+			}
+
+			internal override void EncryptBlock(ulong[] block, ulong[] outWords)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod5 = MOD5;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 9)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				/*
+	             * Read 4 words of plaintext data, not using arrays for cipher state
+	             */
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+
+				/*
+	             * First subkey injection.
+	             */
+				b0 += kw[0];
+				b1 += kw[1] + t[0];
+				b2 += kw[2] + t[1];
+				b3 += kw[3];
+
+				/*
+	             * Rounds loop, unrolled to 8 rounds per iteration.
+	             * 
+	             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
+	             * inlining of the permutations, which cycle every of 2 rounds (avoiding array
+	             * index/lookup).
+	             * 
+	             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
+	             * inlining constant rotation values (avoiding array index/lookup).
+	             */
+
+				for (int d = 1; d < (ROUNDS_256 / 4); d += 2)
+				{
+					int dm5 = mod5[d];
+					int dm3 = mod3[d];
+
+					/*
+	                 * 4 rounds of mix and permute.
+	                 * 
+	                 * Permute schedule has a 2 round cycle, so permutes are inlined in the mix
+	                 * operations in each 4 round block.
+	                 */
+					b1 = RotlXor(b1, ROTATION_0_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_0_1, b2 += b3);
+
+					b3 = RotlXor(b3, ROTATION_1_0, b0 += b3);
+					b1 = RotlXor(b1, ROTATION_1_1, b2 += b1);
+
+					b1 = RotlXor(b1, ROTATION_2_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_2_1, b2 += b3);
+
+					b3 = RotlXor(b3, ROTATION_3_0, b0 += b3);
+					b1 = RotlXor(b1, ROTATION_3_1, b2 += b1);
+
+					/*
+	                 * Subkey injection for first 4 rounds.
+	                 */
+					b0 += kw[dm5];
+					b1 += kw[dm5 + 1] + t[dm3];
+					b2 += kw[dm5 + 2] + t[dm3 + 1];
+					b3 += kw[dm5 + 3] + (uint)d;
+
+					/*
+	                 * 4 more rounds of mix/permute
+	                 */
+					b1 = RotlXor(b1, ROTATION_4_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_4_1, b2 += b3);
+
+					b3 = RotlXor(b3, ROTATION_5_0, b0 += b3);
+					b1 = RotlXor(b1, ROTATION_5_1, b2 += b1);
+
+					b1 = RotlXor(b1, ROTATION_6_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_6_1, b2 += b3);
+
+					b3 = RotlXor(b3, ROTATION_7_0, b0 += b3);
+					b1 = RotlXor(b1, ROTATION_7_1, b2 += b1);
+
+					/*
+	                 * Subkey injection for next 4 rounds.
+	                 */
+					b0 += kw[dm5 + 1];
+					b1 += kw[dm5 + 2] + t[dm3 + 1];
+					b2 += kw[dm5 + 3] + t[dm3 + 2];
+					b3 += kw[dm5 + 4] + (uint)d + 1;
+				}
+
+				/*
+	             * Output cipher state.
+	             */
+				outWords[0] = b0;
+				outWords[1] = b1;
+				outWords[2] = b2;
+				outWords[3] = b3;
+			}
+
+			internal override void DecryptBlock(ulong[] block, ulong[] state)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod5 = MOD5;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 9)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+
+				for (int d = (ROUNDS_256 / 4) - 1; d >= 1; d -= 2)
+				{
+					int dm5 = mod5[d];
+					int dm3 = mod3[d];
+
+					/* Reverse key injection for second 4 rounds */
+					b0 -= kw[dm5 + 1];
+					b1 -= kw[dm5 + 2] + t[dm3 + 1];
+					b2 -= kw[dm5 + 3] + t[dm3 + 2];
+					b3 -= kw[dm5 + 4] + (uint)d + 1;
+
+					/* Reverse second 4 mix/permute rounds */
+
+					b3 = XorRotr(b3, ROTATION_7_0, b0);
+					b0 -= b3;
+					b1 = XorRotr(b1, ROTATION_7_1, b2);
+					b2 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_6_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_6_1, b2);
+					b2 -= b3;
+
+					b3 = XorRotr(b3, ROTATION_5_0, b0);
+					b0 -= b3;
+					b1 = XorRotr(b1, ROTATION_5_1, b2);
+					b2 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_4_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_4_1, b2);
+					b2 -= b3;
+
+					/* Reverse key injection for first 4 rounds */
+					b0 -= kw[dm5];
+					b1 -= kw[dm5 + 1] + t[dm3];
+					b2 -= kw[dm5 + 2] + t[dm3 + 1];
+					b3 -= kw[dm5 + 3] + (uint)d;
+
+					/* Reverse first 4 mix/permute rounds */
+					b3 = XorRotr(b3, ROTATION_3_0, b0);
+					b0 -= b3;
+					b1 = XorRotr(b1, ROTATION_3_1, b2);
+					b2 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_2_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_2_1, b2);
+					b2 -= b3;
+
+					b3 = XorRotr(b3, ROTATION_1_0, b0);
+					b0 -= b3;
+					b1 = XorRotr(b1, ROTATION_1_1, b2);
+					b2 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_0_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_0_1, b2);
+					b2 -= b3;
+				}
+
+				/*
+	             * First subkey uninjection.
+	             */
+				b0 -= kw[0];
+				b1 -= kw[1] + t[0];
+				b2 -= kw[2] + t[1];
+				b3 -= kw[3];
+
+				/*
+	             * Output cipher state.
+	             */
+				state[0] = b0;
+				state[1] = b1;
+				state[2] = b2;
+				state[3] = b3;
+			}
+
+		}
+
+		private sealed class Threefish512Cipher
+			: ThreefishCipher
+		{
+			/**
+	         * Mix rotation constants defined in Skein 1.3 specification
+	         */
+			private const int ROTATION_0_0 = 46, ROTATION_0_1 = 36, ROTATION_0_2 = 19, ROTATION_0_3 = 37;
+			private const int ROTATION_1_0 = 33, ROTATION_1_1 = 27, ROTATION_1_2 = 14, ROTATION_1_3 = 42;
+			private const int ROTATION_2_0 = 17, ROTATION_2_1 = 49, ROTATION_2_2 = 36, ROTATION_2_3 = 39;
+			private const int ROTATION_3_0 = 44, ROTATION_3_1 = 9, ROTATION_3_2 = 54, ROTATION_3_3 = 56;
+
+			private const int ROTATION_4_0 = 39, ROTATION_4_1 = 30, ROTATION_4_2 = 34, ROTATION_4_3 = 24;
+			private const int ROTATION_5_0 = 13, ROTATION_5_1 = 50, ROTATION_5_2 = 10, ROTATION_5_3 = 17;
+			private const int ROTATION_6_0 = 25, ROTATION_6_1 = 29, ROTATION_6_2 = 39, ROTATION_6_3 = 43;
+			private const int ROTATION_7_0 = 8, ROTATION_7_1 = 35, ROTATION_7_2 = 56, ROTATION_7_3 = 22;
+
+			internal Threefish512Cipher(ulong[] kw, ulong[] t)
+				: base(kw, t)
+			{
+			}
+
+			internal override void EncryptBlock(ulong[] block, ulong[] outWords)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod9 = MOD9;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 17)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				/*
+	             * Read 8 words of plaintext data, not using arrays for cipher state
+	             */
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+				ulong b4 = block[4];
+				ulong b5 = block[5];
+				ulong b6 = block[6];
+				ulong b7 = block[7];
+
+				/*
+	             * First subkey injection.
+	             */
+				b0 += kw[0];
+				b1 += kw[1];
+				b2 += kw[2];
+				b3 += kw[3];
+				b4 += kw[4];
+				b5 += kw[5] + t[0];
+				b6 += kw[6] + t[1];
+				b7 += kw[7];
+
+				/*
+	             * Rounds loop, unrolled to 8 rounds per iteration.
+	             * 
+	             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
+	             * inlining of the permutations, which cycle every of 4 rounds (avoiding array
+	             * index/lookup).
+	             * 
+	             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
+	             * inlining constant rotation values (avoiding array index/lookup).
+	             */
+
+				for (int d = 1; d < (ROUNDS_512 / 4); d += 2)
+				{
+					int dm9 = mod9[d];
+					int dm3 = mod3[d];
+
+					/*
+	                 * 4 rounds of mix and permute.
+	                 * 
+	                 * Permute schedule has a 4 round cycle, so permutes are inlined in the mix
+	                 * operations in each 4 round block.
+	                 */
+					b1 = RotlXor(b1, ROTATION_0_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_0_1, b2 += b3);
+					b5 = RotlXor(b5, ROTATION_0_2, b4 += b5);
+					b7 = RotlXor(b7, ROTATION_0_3, b6 += b7);
+
+					b1 = RotlXor(b1, ROTATION_1_0, b2 += b1);
+					b7 = RotlXor(b7, ROTATION_1_1, b4 += b7);
+					b5 = RotlXor(b5, ROTATION_1_2, b6 += b5);
+					b3 = RotlXor(b3, ROTATION_1_3, b0 += b3);
+
+					b1 = RotlXor(b1, ROTATION_2_0, b4 += b1);
+					b3 = RotlXor(b3, ROTATION_2_1, b6 += b3);
+					b5 = RotlXor(b5, ROTATION_2_2, b0 += b5);
+					b7 = RotlXor(b7, ROTATION_2_3, b2 += b7);
+
+					b1 = RotlXor(b1, ROTATION_3_0, b6 += b1);
+					b7 = RotlXor(b7, ROTATION_3_1, b0 += b7);
+					b5 = RotlXor(b5, ROTATION_3_2, b2 += b5);
+					b3 = RotlXor(b3, ROTATION_3_3, b4 += b3);
+
+					/*
+	                 * Subkey injection for first 4 rounds.
+	                 */
+					b0 += kw[dm9];
+					b1 += kw[dm9 + 1];
+					b2 += kw[dm9 + 2];
+					b3 += kw[dm9 + 3];
+					b4 += kw[dm9 + 4];
+					b5 += kw[dm9 + 5] + t[dm3];
+					b6 += kw[dm9 + 6] + t[dm3 + 1];
+					b7 += kw[dm9 + 7] + (uint)d;
+
+					/*
+	                 * 4 more rounds of mix/permute
+	                 */
+					b1 = RotlXor(b1, ROTATION_4_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_4_1, b2 += b3);
+					b5 = RotlXor(b5, ROTATION_4_2, b4 += b5);
+					b7 = RotlXor(b7, ROTATION_4_3, b6 += b7);
+
+					b1 = RotlXor(b1, ROTATION_5_0, b2 += b1);
+					b7 = RotlXor(b7, ROTATION_5_1, b4 += b7);
+					b5 = RotlXor(b5, ROTATION_5_2, b6 += b5);
+					b3 = RotlXor(b3, ROTATION_5_3, b0 += b3);
+
+					b1 = RotlXor(b1, ROTATION_6_0, b4 += b1);
+					b3 = RotlXor(b3, ROTATION_6_1, b6 += b3);
+					b5 = RotlXor(b5, ROTATION_6_2, b0 += b5);
+					b7 = RotlXor(b7, ROTATION_6_3, b2 += b7);
+
+					b1 = RotlXor(b1, ROTATION_7_0, b6 += b1);
+					b7 = RotlXor(b7, ROTATION_7_1, b0 += b7);
+					b5 = RotlXor(b5, ROTATION_7_2, b2 += b5);
+					b3 = RotlXor(b3, ROTATION_7_3, b4 += b3);
+
+					/*
+	                 * Subkey injection for next 4 rounds.
+	                 */
+					b0 += kw[dm9 + 1];
+					b1 += kw[dm9 + 2];
+					b2 += kw[dm9 + 3];
+					b3 += kw[dm9 + 4];
+					b4 += kw[dm9 + 5];
+					b5 += kw[dm9 + 6] + t[dm3 + 1];
+					b6 += kw[dm9 + 7] + t[dm3 + 2];
+					b7 += kw[dm9 + 8] + (uint)d + 1;
+				}
+
+				/*
+	             * Output cipher state.
+	             */
+				outWords[0] = b0;
+				outWords[1] = b1;
+				outWords[2] = b2;
+				outWords[3] = b3;
+				outWords[4] = b4;
+				outWords[5] = b5;
+				outWords[6] = b6;
+				outWords[7] = b7;
+			}
+
+			internal override void DecryptBlock(ulong[] block, ulong[] state)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod9 = MOD9;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 17)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+				ulong b4 = block[4];
+				ulong b5 = block[5];
+				ulong b6 = block[6];
+				ulong b7 = block[7];
+
+				for (int d = (ROUNDS_512 / 4) - 1; d >= 1; d -= 2)
+				{
+					int dm9 = mod9[d];
+					int dm3 = mod3[d];
+
+					/* Reverse key injection for second 4 rounds */
+					b0 -= kw[dm9 + 1];
+					b1 -= kw[dm9 + 2];
+					b2 -= kw[dm9 + 3];
+					b3 -= kw[dm9 + 4];
+					b4 -= kw[dm9 + 5];
+					b5 -= kw[dm9 + 6] + t[dm3 + 1];
+					b6 -= kw[dm9 + 7] + t[dm3 + 2];
+					b7 -= kw[dm9 + 8] + (uint)d + 1;
+
+					/* Reverse second 4 mix/permute rounds */
+
+					b1 = XorRotr(b1, ROTATION_7_0, b6);
+					b6 -= b1;
+					b7 = XorRotr(b7, ROTATION_7_1, b0);
+					b0 -= b7;
+					b5 = XorRotr(b5, ROTATION_7_2, b2);
+					b2 -= b5;
+					b3 = XorRotr(b3, ROTATION_7_3, b4);
+					b4 -= b3;
+
+					b1 = XorRotr(b1, ROTATION_6_0, b4);
+					b4 -= b1;
+					b3 = XorRotr(b3, ROTATION_6_1, b6);
+					b6 -= b3;
+					b5 = XorRotr(b5, ROTATION_6_2, b0);
+					b0 -= b5;
+					b7 = XorRotr(b7, ROTATION_6_3, b2);
+					b2 -= b7;
+
+					b1 = XorRotr(b1, ROTATION_5_0, b2);
+					b2 -= b1;
+					b7 = XorRotr(b7, ROTATION_5_1, b4);
+					b4 -= b7;
+					b5 = XorRotr(b5, ROTATION_5_2, b6);
+					b6 -= b5;
+					b3 = XorRotr(b3, ROTATION_5_3, b0);
+					b0 -= b3;
+
+					b1 = XorRotr(b1, ROTATION_4_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_4_1, b2);
+					b2 -= b3;
+					b5 = XorRotr(b5, ROTATION_4_2, b4);
+					b4 -= b5;
+					b7 = XorRotr(b7, ROTATION_4_3, b6);
+					b6 -= b7;
+
+					/* Reverse key injection for first 4 rounds */
+					b0 -= kw[dm9];
+					b1 -= kw[dm9 + 1];
+					b2 -= kw[dm9 + 2];
+					b3 -= kw[dm9 + 3];
+					b4 -= kw[dm9 + 4];
+					b5 -= kw[dm9 + 5] + t[dm3];
+					b6 -= kw[dm9 + 6] + t[dm3 + 1];
+					b7 -= kw[dm9 + 7] + (uint)d;
+
+					/* Reverse first 4 mix/permute rounds */
+					b1 = XorRotr(b1, ROTATION_3_0, b6);
+					b6 -= b1;
+					b7 = XorRotr(b7, ROTATION_3_1, b0);
+					b0 -= b7;
+					b5 = XorRotr(b5, ROTATION_3_2, b2);
+					b2 -= b5;
+					b3 = XorRotr(b3, ROTATION_3_3, b4);
+					b4 -= b3;
+
+					b1 = XorRotr(b1, ROTATION_2_0, b4);
+					b4 -= b1;
+					b3 = XorRotr(b3, ROTATION_2_1, b6);
+					b6 -= b3;
+					b5 = XorRotr(b5, ROTATION_2_2, b0);
+					b0 -= b5;
+					b7 = XorRotr(b7, ROTATION_2_3, b2);
+					b2 -= b7;
+
+					b1 = XorRotr(b1, ROTATION_1_0, b2);
+					b2 -= b1;
+					b7 = XorRotr(b7, ROTATION_1_1, b4);
+					b4 -= b7;
+					b5 = XorRotr(b5, ROTATION_1_2, b6);
+					b6 -= b5;
+					b3 = XorRotr(b3, ROTATION_1_3, b0);
+					b0 -= b3;
+
+					b1 = XorRotr(b1, ROTATION_0_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_0_1, b2);
+					b2 -= b3;
+					b5 = XorRotr(b5, ROTATION_0_2, b4);
+					b4 -= b5;
+					b7 = XorRotr(b7, ROTATION_0_3, b6);
+					b6 -= b7;
+				}
+
+				/*
+	             * First subkey uninjection.
+	             */
+				b0 -= kw[0];
+				b1 -= kw[1];
+				b2 -= kw[2];
+				b3 -= kw[3];
+				b4 -= kw[4];
+				b5 -= kw[5] + t[0];
+				b6 -= kw[6] + t[1];
+				b7 -= kw[7];
+
+				/*
+	             * Output cipher state.
+	             */
+				state[0] = b0;
+				state[1] = b1;
+				state[2] = b2;
+				state[3] = b3;
+				state[4] = b4;
+				state[5] = b5;
+				state[6] = b6;
+				state[7] = b7;
+			}
+		}
+
+		private sealed class Threefish1024Cipher
+			: ThreefishCipher
+		{
+			/**
+	         * Mix rotation constants defined in Skein 1.3 specification
+	         */
+			private const int ROTATION_0_0 = 24, ROTATION_0_1 = 13, ROTATION_0_2 = 8, ROTATION_0_3 = 47;
+			private const int ROTATION_0_4 = 8, ROTATION_0_5 = 17, ROTATION_0_6 = 22, ROTATION_0_7 = 37;
+			private const int ROTATION_1_0 = 38, ROTATION_1_1 = 19, ROTATION_1_2 = 10, ROTATION_1_3 = 55;
+			private const int ROTATION_1_4 = 49, ROTATION_1_5 = 18, ROTATION_1_6 = 23, ROTATION_1_7 = 52;
+			private const int ROTATION_2_0 = 33, ROTATION_2_1 = 4, ROTATION_2_2 = 51, ROTATION_2_3 = 13;
+			private const int ROTATION_2_4 = 34, ROTATION_2_5 = 41, ROTATION_2_6 = 59, ROTATION_2_7 = 17;
+			private const int ROTATION_3_0 = 5, ROTATION_3_1 = 20, ROTATION_3_2 = 48, ROTATION_3_3 = 41;
+			private const int ROTATION_3_4 = 47, ROTATION_3_5 = 28, ROTATION_3_6 = 16, ROTATION_3_7 = 25;
+
+			private const int ROTATION_4_0 = 41, ROTATION_4_1 = 9, ROTATION_4_2 = 37, ROTATION_4_3 = 31;
+			private const int ROTATION_4_4 = 12, ROTATION_4_5 = 47, ROTATION_4_6 = 44, ROTATION_4_7 = 30;
+			private const int ROTATION_5_0 = 16, ROTATION_5_1 = 34, ROTATION_5_2 = 56, ROTATION_5_3 = 51;
+			private const int ROTATION_5_4 = 4, ROTATION_5_5 = 53, ROTATION_5_6 = 42, ROTATION_5_7 = 41;
+			private const int ROTATION_6_0 = 31, ROTATION_6_1 = 44, ROTATION_6_2 = 47, ROTATION_6_3 = 46;
+			private const int ROTATION_6_4 = 19, ROTATION_6_5 = 42, ROTATION_6_6 = 44, ROTATION_6_7 = 25;
+			private const int ROTATION_7_0 = 9, ROTATION_7_1 = 48, ROTATION_7_2 = 35, ROTATION_7_3 = 52;
+			private const int ROTATION_7_4 = 23, ROTATION_7_5 = 31, ROTATION_7_6 = 37, ROTATION_7_7 = 20;
+
+			public Threefish1024Cipher(ulong[] kw, ulong[] t)
+				: base(kw, t)
+			{
+			}
+
+			internal override void EncryptBlock(ulong[] block, ulong[] outWords)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod17 = MOD17;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 33)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				/*
+	             * Read 16 words of plaintext data, not using arrays for cipher state
+	             */
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+				ulong b4 = block[4];
+				ulong b5 = block[5];
+				ulong b6 = block[6];
+				ulong b7 = block[7];
+				ulong b8 = block[8];
+				ulong b9 = block[9];
+				ulong b10 = block[10];
+				ulong b11 = block[11];
+				ulong b12 = block[12];
+				ulong b13 = block[13];
+				ulong b14 = block[14];
+				ulong b15 = block[15];
+
+				/*
+	             * First subkey injection.
+	             */
+				b0 += kw[0];
+				b1 += kw[1];
+				b2 += kw[2];
+				b3 += kw[3];
+				b4 += kw[4];
+				b5 += kw[5];
+				b6 += kw[6];
+				b7 += kw[7];
+				b8 += kw[8];
+				b9 += kw[9];
+				b10 += kw[10];
+				b11 += kw[11];
+				b12 += kw[12];
+				b13 += kw[13] + t[0];
+				b14 += kw[14] + t[1];
+				b15 += kw[15];
+
+				/*
+	             * Rounds loop, unrolled to 8 rounds per iteration.
+	             * 
+	             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
+	             * inlining of the permutations, which cycle every of 4 rounds (avoiding array
+	             * index/lookup).
+	             * 
+	             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
+	             * inlining constant rotation values (avoiding array index/lookup).
+	             */
+
+				for (int d = 1; d < (ROUNDS_1024 / 4); d += 2)
+				{
+					int dm17 = mod17[d];
+					int dm3 = mod3[d];
+
+					/*
+	                 * 4 rounds of mix and permute.
+	                 * 
+	                 * Permute schedule has a 4 round cycle, so permutes are inlined in the mix
+	                 * operations in each 4 round block.
+	                 */
+					b1 = RotlXor(b1, ROTATION_0_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_0_1, b2 += b3);
+					b5 = RotlXor(b5, ROTATION_0_2, b4 += b5);
+					b7 = RotlXor(b7, ROTATION_0_3, b6 += b7);
+					b9 = RotlXor(b9, ROTATION_0_4, b8 += b9);
+					b11 = RotlXor(b11, ROTATION_0_5, b10 += b11);
+					b13 = RotlXor(b13, ROTATION_0_6, b12 += b13);
+					b15 = RotlXor(b15, ROTATION_0_7, b14 += b15);
+
+					b9 = RotlXor(b9, ROTATION_1_0, b0 += b9);
+					b13 = RotlXor(b13, ROTATION_1_1, b2 += b13);
+					b11 = RotlXor(b11, ROTATION_1_2, b6 += b11);
+					b15 = RotlXor(b15, ROTATION_1_3, b4 += b15);
+					b7 = RotlXor(b7, ROTATION_1_4, b10 += b7);
+					b3 = RotlXor(b3, ROTATION_1_5, b12 += b3);
+					b5 = RotlXor(b5, ROTATION_1_6, b14 += b5);
+					b1 = RotlXor(b1, ROTATION_1_7, b8 += b1);
+
+					b7 = RotlXor(b7, ROTATION_2_0, b0 += b7);
+					b5 = RotlXor(b5, ROTATION_2_1, b2 += b5);
+					b3 = RotlXor(b3, ROTATION_2_2, b4 += b3);
+					b1 = RotlXor(b1, ROTATION_2_3, b6 += b1);
+					b15 = RotlXor(b15, ROTATION_2_4, b12 += b15);
+					b13 = RotlXor(b13, ROTATION_2_5, b14 += b13);
+					b11 = RotlXor(b11, ROTATION_2_6, b8 += b11);
+					b9 = RotlXor(b9, ROTATION_2_7, b10 += b9);
+
+					b15 = RotlXor(b15, ROTATION_3_0, b0 += b15);
+					b11 = RotlXor(b11, ROTATION_3_1, b2 += b11);
+					b13 = RotlXor(b13, ROTATION_3_2, b6 += b13);
+					b9 = RotlXor(b9, ROTATION_3_3, b4 += b9);
+					b1 = RotlXor(b1, ROTATION_3_4, b14 += b1);
+					b5 = RotlXor(b5, ROTATION_3_5, b8 += b5);
+					b3 = RotlXor(b3, ROTATION_3_6, b10 += b3);
+					b7 = RotlXor(b7, ROTATION_3_7, b12 += b7);
+
+					/*
+	                 * Subkey injection for first 4 rounds.
+	                 */
+					b0 += kw[dm17];
+					b1 += kw[dm17 + 1];
+					b2 += kw[dm17 + 2];
+					b3 += kw[dm17 + 3];
+					b4 += kw[dm17 + 4];
+					b5 += kw[dm17 + 5];
+					b6 += kw[dm17 + 6];
+					b7 += kw[dm17 + 7];
+					b8 += kw[dm17 + 8];
+					b9 += kw[dm17 + 9];
+					b10 += kw[dm17 + 10];
+					b11 += kw[dm17 + 11];
+					b12 += kw[dm17 + 12];
+					b13 += kw[dm17 + 13] + t[dm3];
+					b14 += kw[dm17 + 14] + t[dm3 + 1];
+					b15 += kw[dm17 + 15] + (uint)d;
+
+					/*
+	                 * 4 more rounds of mix/permute
+	                 */
+					b1 = RotlXor(b1, ROTATION_4_0, b0 += b1);
+					b3 = RotlXor(b3, ROTATION_4_1, b2 += b3);
+					b5 = RotlXor(b5, ROTATION_4_2, b4 += b5);
+					b7 = RotlXor(b7, ROTATION_4_3, b6 += b7);
+					b9 = RotlXor(b9, ROTATION_4_4, b8 += b9);
+					b11 = RotlXor(b11, ROTATION_4_5, b10 += b11);
+					b13 = RotlXor(b13, ROTATION_4_6, b12 += b13);
+					b15 = RotlXor(b15, ROTATION_4_7, b14 += b15);
+
+					b9 = RotlXor(b9, ROTATION_5_0, b0 += b9);
+					b13 = RotlXor(b13, ROTATION_5_1, b2 += b13);
+					b11 = RotlXor(b11, ROTATION_5_2, b6 += b11);
+					b15 = RotlXor(b15, ROTATION_5_3, b4 += b15);
+					b7 = RotlXor(b7, ROTATION_5_4, b10 += b7);
+					b3 = RotlXor(b3, ROTATION_5_5, b12 += b3);
+					b5 = RotlXor(b5, ROTATION_5_6, b14 += b5);
+					b1 = RotlXor(b1, ROTATION_5_7, b8 += b1);
+
+					b7 = RotlXor(b7, ROTATION_6_0, b0 += b7);
+					b5 = RotlXor(b5, ROTATION_6_1, b2 += b5);
+					b3 = RotlXor(b3, ROTATION_6_2, b4 += b3);
+					b1 = RotlXor(b1, ROTATION_6_3, b6 += b1);
+					b15 = RotlXor(b15, ROTATION_6_4, b12 += b15);
+					b13 = RotlXor(b13, ROTATION_6_5, b14 += b13);
+					b11 = RotlXor(b11, ROTATION_6_6, b8 += b11);
+					b9 = RotlXor(b9, ROTATION_6_7, b10 += b9);
+
+					b15 = RotlXor(b15, ROTATION_7_0, b0 += b15);
+					b11 = RotlXor(b11, ROTATION_7_1, b2 += b11);
+					b13 = RotlXor(b13, ROTATION_7_2, b6 += b13);
+					b9 = RotlXor(b9, ROTATION_7_3, b4 += b9);
+					b1 = RotlXor(b1, ROTATION_7_4, b14 += b1);
+					b5 = RotlXor(b5, ROTATION_7_5, b8 += b5);
+					b3 = RotlXor(b3, ROTATION_7_6, b10 += b3);
+					b7 = RotlXor(b7, ROTATION_7_7, b12 += b7);
+
+					/*
+	                 * Subkey injection for next 4 rounds.
+	                 */
+					b0 += kw[dm17 + 1];
+					b1 += kw[dm17 + 2];
+					b2 += kw[dm17 + 3];
+					b3 += kw[dm17 + 4];
+					b4 += kw[dm17 + 5];
+					b5 += kw[dm17 + 6];
+					b6 += kw[dm17 + 7];
+					b7 += kw[dm17 + 8];
+					b8 += kw[dm17 + 9];
+					b9 += kw[dm17 + 10];
+					b10 += kw[dm17 + 11];
+					b11 += kw[dm17 + 12];
+					b12 += kw[dm17 + 13];
+					b13 += kw[dm17 + 14] + t[dm3 + 1];
+					b14 += kw[dm17 + 15] + t[dm3 + 2];
+					b15 += kw[dm17 + 16] + (uint)d + 1;
+
+				}
+
+				/*
+	             * Output cipher state.
+	             */
+				outWords[0] = b0;
+				outWords[1] = b1;
+				outWords[2] = b2;
+				outWords[3] = b3;
+				outWords[4] = b4;
+				outWords[5] = b5;
+				outWords[6] = b6;
+				outWords[7] = b7;
+				outWords[8] = b8;
+				outWords[9] = b9;
+				outWords[10] = b10;
+				outWords[11] = b11;
+				outWords[12] = b12;
+				outWords[13] = b13;
+				outWords[14] = b14;
+				outWords[15] = b15;
+			}
+
+			internal override void DecryptBlock(ulong[] block, ulong[] state)
+			{
+				ulong[] kw = this.kw;
+				ulong[] t = this.t;
+				int[] mod17 = MOD17;
+				int[] mod3 = MOD3;
+
+				/* Help the JIT avoid index bounds checks */
+				if (kw.Length != 33)
+				{
+					throw new ArgumentException();
+				}
+				if (t.Length != 5)
+				{
+					throw new ArgumentException();
+				}
+
+				ulong b0 = block[0];
+				ulong b1 = block[1];
+				ulong b2 = block[2];
+				ulong b3 = block[3];
+				ulong b4 = block[4];
+				ulong b5 = block[5];
+				ulong b6 = block[6];
+				ulong b7 = block[7];
+				ulong b8 = block[8];
+				ulong b9 = block[9];
+				ulong b10 = block[10];
+				ulong b11 = block[11];
+				ulong b12 = block[12];
+				ulong b13 = block[13];
+				ulong b14 = block[14];
+				ulong b15 = block[15];
+
+				for (int d = (ROUNDS_1024 / 4) - 1; d >= 1; d -= 2)
+				{
+					int dm17 = mod17[d];
+					int dm3 = mod3[d];
+
+					/* Reverse key injection for second 4 rounds */
+					b0 -= kw[dm17 + 1];
+					b1 -= kw[dm17 + 2];
+					b2 -= kw[dm17 + 3];
+					b3 -= kw[dm17 + 4];
+					b4 -= kw[dm17 + 5];
+					b5 -= kw[dm17 + 6];
+					b6 -= kw[dm17 + 7];
+					b7 -= kw[dm17 + 8];
+					b8 -= kw[dm17 + 9];
+					b9 -= kw[dm17 + 10];
+					b10 -= kw[dm17 + 11];
+					b11 -= kw[dm17 + 12];
+					b12 -= kw[dm17 + 13];
+					b13 -= kw[dm17 + 14] + t[dm3 + 1];
+					b14 -= kw[dm17 + 15] + t[dm3 + 2];
+					b15 -= kw[dm17 + 16] + (uint)d + 1;
+
+					/* Reverse second 4 mix/permute rounds */
+					b15 = XorRotr(b15, ROTATION_7_0, b0);
+					b0 -= b15;
+					b11 = XorRotr(b11, ROTATION_7_1, b2);
+					b2 -= b11;
+					b13 = XorRotr(b13, ROTATION_7_2, b6);
+					b6 -= b13;
+					b9 = XorRotr(b9, ROTATION_7_3, b4);
+					b4 -= b9;
+					b1 = XorRotr(b1, ROTATION_7_4, b14);
+					b14 -= b1;
+					b5 = XorRotr(b5, ROTATION_7_5, b8);
+					b8 -= b5;
+					b3 = XorRotr(b3, ROTATION_7_6, b10);
+					b10 -= b3;
+					b7 = XorRotr(b7, ROTATION_7_7, b12);
+					b12 -= b7;
+
+					b7 = XorRotr(b7, ROTATION_6_0, b0);
+					b0 -= b7;
+					b5 = XorRotr(b5, ROTATION_6_1, b2);
+					b2 -= b5;
+					b3 = XorRotr(b3, ROTATION_6_2, b4);
+					b4 -= b3;
+					b1 = XorRotr(b1, ROTATION_6_3, b6);
+					b6 -= b1;
+					b15 = XorRotr(b15, ROTATION_6_4, b12);
+					b12 -= b15;
+					b13 = XorRotr(b13, ROTATION_6_5, b14);
+					b14 -= b13;
+					b11 = XorRotr(b11, ROTATION_6_6, b8);
+					b8 -= b11;
+					b9 = XorRotr(b9, ROTATION_6_7, b10);
+					b10 -= b9;
+
+					b9 = XorRotr(b9, ROTATION_5_0, b0);
+					b0 -= b9;
+					b13 = XorRotr(b13, ROTATION_5_1, b2);
+					b2 -= b13;
+					b11 = XorRotr(b11, ROTATION_5_2, b6);
+					b6 -= b11;
+					b15 = XorRotr(b15, ROTATION_5_3, b4);
+					b4 -= b15;
+					b7 = XorRotr(b7, ROTATION_5_4, b10);
+					b10 -= b7;
+					b3 = XorRotr(b3, ROTATION_5_5, b12);
+					b12 -= b3;
+					b5 = XorRotr(b5, ROTATION_5_6, b14);
+					b14 -= b5;
+					b1 = XorRotr(b1, ROTATION_5_7, b8);
+					b8 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_4_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_4_1, b2);
+					b2 -= b3;
+					b5 = XorRotr(b5, ROTATION_4_2, b4);
+					b4 -= b5;
+					b7 = XorRotr(b7, ROTATION_4_3, b6);
+					b6 -= b7;
+					b9 = XorRotr(b9, ROTATION_4_4, b8);
+					b8 -= b9;
+					b11 = XorRotr(b11, ROTATION_4_5, b10);
+					b10 -= b11;
+					b13 = XorRotr(b13, ROTATION_4_6, b12);
+					b12 -= b13;
+					b15 = XorRotr(b15, ROTATION_4_7, b14);
+					b14 -= b15;
+
+					/* Reverse key injection for first 4 rounds */
+					b0 -= kw[dm17];
+					b1 -= kw[dm17 + 1];
+					b2 -= kw[dm17 + 2];
+					b3 -= kw[dm17 + 3];
+					b4 -= kw[dm17 + 4];
+					b5 -= kw[dm17 + 5];
+					b6 -= kw[dm17 + 6];
+					b7 -= kw[dm17 + 7];
+					b8 -= kw[dm17 + 8];
+					b9 -= kw[dm17 + 9];
+					b10 -= kw[dm17 + 10];
+					b11 -= kw[dm17 + 11];
+					b12 -= kw[dm17 + 12];
+					b13 -= kw[dm17 + 13] + t[dm3];
+					b14 -= kw[dm17 + 14] + t[dm3 + 1];
+					b15 -= kw[dm17 + 15] + (uint)d;
+
+					/* Reverse first 4 mix/permute rounds */
+					b15 = XorRotr(b15, ROTATION_3_0, b0);
+					b0 -= b15;
+					b11 = XorRotr(b11, ROTATION_3_1, b2);
+					b2 -= b11;
+					b13 = XorRotr(b13, ROTATION_3_2, b6);
+					b6 -= b13;
+					b9 = XorRotr(b9, ROTATION_3_3, b4);
+					b4 -= b9;
+					b1 = XorRotr(b1, ROTATION_3_4, b14);
+					b14 -= b1;
+					b5 = XorRotr(b5, ROTATION_3_5, b8);
+					b8 -= b5;
+					b3 = XorRotr(b3, ROTATION_3_6, b10);
+					b10 -= b3;
+					b7 = XorRotr(b7, ROTATION_3_7, b12);
+					b12 -= b7;
+
+					b7 = XorRotr(b7, ROTATION_2_0, b0);
+					b0 -= b7;
+					b5 = XorRotr(b5, ROTATION_2_1, b2);
+					b2 -= b5;
+					b3 = XorRotr(b3, ROTATION_2_2, b4);
+					b4 -= b3;
+					b1 = XorRotr(b1, ROTATION_2_3, b6);
+					b6 -= b1;
+					b15 = XorRotr(b15, ROTATION_2_4, b12);
+					b12 -= b15;
+					b13 = XorRotr(b13, ROTATION_2_5, b14);
+					b14 -= b13;
+					b11 = XorRotr(b11, ROTATION_2_6, b8);
+					b8 -= b11;
+					b9 = XorRotr(b9, ROTATION_2_7, b10);
+					b10 -= b9;
+
+					b9 = XorRotr(b9, ROTATION_1_0, b0);
+					b0 -= b9;
+					b13 = XorRotr(b13, ROTATION_1_1, b2);
+					b2 -= b13;
+					b11 = XorRotr(b11, ROTATION_1_2, b6);
+					b6 -= b11;
+					b15 = XorRotr(b15, ROTATION_1_3, b4);
+					b4 -= b15;
+					b7 = XorRotr(b7, ROTATION_1_4, b10);
+					b10 -= b7;
+					b3 = XorRotr(b3, ROTATION_1_5, b12);
+					b12 -= b3;
+					b5 = XorRotr(b5, ROTATION_1_6, b14);
+					b14 -= b5;
+					b1 = XorRotr(b1, ROTATION_1_7, b8);
+					b8 -= b1;
+
+					b1 = XorRotr(b1, ROTATION_0_0, b0);
+					b0 -= b1;
+					b3 = XorRotr(b3, ROTATION_0_1, b2);
+					b2 -= b3;
+					b5 = XorRotr(b5, ROTATION_0_2, b4);
+					b4 -= b5;
+					b7 = XorRotr(b7, ROTATION_0_3, b6);
+					b6 -= b7;
+					b9 = XorRotr(b9, ROTATION_0_4, b8);
+					b8 -= b9;
+					b11 = XorRotr(b11, ROTATION_0_5, b10);
+					b10 -= b11;
+					b13 = XorRotr(b13, ROTATION_0_6, b12);
+					b12 -= b13;
+					b15 = XorRotr(b15, ROTATION_0_7, b14);
+					b14 -= b15;
+				}
+
+				/*
+	             * First subkey uninjection.
+	             */
+				b0 -= kw[0];
+				b1 -= kw[1];
+				b2 -= kw[2];
+				b3 -= kw[3];
+				b4 -= kw[4];
+				b5 -= kw[5];
+				b6 -= kw[6];
+				b7 -= kw[7];
+				b8 -= kw[8];
+				b9 -= kw[9];
+				b10 -= kw[10];
+				b11 -= kw[11];
+				b12 -= kw[12];
+				b13 -= kw[13] + t[0];
+				b14 -= kw[14] + t[1];
+				b15 -= kw[15];
+
+				/*
+	             * Output cipher state.
+	             */
+				state[0] = b0;
+				state[1] = b1;
+				state[2] = b2;
+				state[3] = b3;
+				state[4] = b4;
+				state[5] = b5;
+				state[6] = b6;
+				state[7] = b7;
+				state[8] = b8;
+				state[9] = b9;
+				state[10] = b10;
+				state[11] = b11;
+				state[12] = b12;
+				state[13] = b13;
+				state[14] = b14;
+				state[15] = b15;
+			}
+
+		}
+
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/engines/TnepresEngine.cs b/bc-sharp-crypto/src/crypto/engines/TnepresEngine.cs
new file mode 100644
index 0000000..ce687d1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/TnepresEngine.cs
@@ -0,0 +1,299 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+     * Tnepres is a 128-bit 32-round block cipher with variable key lengths,
+     * including 128, 192 and 256 bit keys conjectured to be at least as
+     * secure as three-key triple-DES.
+     * <p>
+     * Tnepres is based on Serpent which was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
+     * candidate algorithm for the NIST AES Quest. Unfortunately there was an endianness issue
+     * with test vectors in the AES submission and the resulting confusion lead to the Tnepres cipher
+     * as well, which is a byte swapped version of Serpent.
+     * </p>
+     * <p>
+     * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
+     * </p>
+     */
+    public sealed class TnepresEngine
+        : SerpentEngineBase
+    {
+        public override string AlgorithmName
+        {
+            get { return "Tnepres"; }
+        }
+
+        /**
+        * Expand a user-supplied key material into a session key.
+        *
+        * @param key  The user-key bytes (multiples of 4) to use.
+        * @exception ArgumentException
+        */
+        protected override int[] MakeWorkingKey(byte[] key)
+        {
+            //
+            // pad key to 256 bits
+            //
+            int[] kPad = new int[16];
+            int off = 0;
+            int length = 0;
+
+            for (off = key.Length - 4; off > 0; off -= 4)
+            {
+                kPad[length++] = (int)Pack.BE_To_UInt32(key, off);
+            }
+
+            if (off == 0)
+            {
+                kPad[length++] = (int)Pack.BE_To_UInt32(key, 0);
+                if (length < 8)
+                {
+                    kPad[length] = 1;
+                }
+            }
+            else
+            {
+                throw new ArgumentException("key must be a multiple of 4 bytes");
+            }
+
+            //
+            // expand the padded key up to 33 x 128 bits of key material
+            //
+            int amount = (ROUNDS + 1) * 4;
+            int[] w = new int[amount];
+
+            //
+            // compute w0 to w7 from w-8 to w-1
+            //
+            for (int i = 8; i < 16; i++)
+            {
+                kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
+            }
+
+            Array.Copy(kPad, 8, w, 0, 8);
+
+            //
+            // compute w8 to w136
+            //
+            for (int i = 8; i < amount; i++)
+            {
+                w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
+            }
+
+            //
+            // create the working keys by processing w with the Sbox and IP
+            //
+            Sb3(w[0], w[1], w[2], w[3]);
+            w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3;
+            Sb2(w[4], w[5], w[6], w[7]);
+            w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3;
+            Sb1(w[8], w[9], w[10], w[11]);
+            w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3;
+            Sb0(w[12], w[13], w[14], w[15]);
+            w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3;
+            Sb7(w[16], w[17], w[18], w[19]);
+            w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3;
+            Sb6(w[20], w[21], w[22], w[23]);
+            w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3;
+            Sb5(w[24], w[25], w[26], w[27]);
+            w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3;
+            Sb4(w[28], w[29], w[30], w[31]);
+            w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3;
+            Sb3(w[32], w[33], w[34], w[35]);
+            w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3;
+            Sb2(w[36], w[37], w[38], w[39]);
+            w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3;
+            Sb1(w[40], w[41], w[42], w[43]);
+            w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3;
+            Sb0(w[44], w[45], w[46], w[47]);
+            w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3;
+            Sb7(w[48], w[49], w[50], w[51]);
+            w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3;
+            Sb6(w[52], w[53], w[54], w[55]);
+            w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3;
+            Sb5(w[56], w[57], w[58], w[59]);
+            w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3;
+            Sb4(w[60], w[61], w[62], w[63]);
+            w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3;
+            Sb3(w[64], w[65], w[66], w[67]);
+            w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3;
+            Sb2(w[68], w[69], w[70], w[71]);
+            w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3;
+            Sb1(w[72], w[73], w[74], w[75]);
+            w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3;
+            Sb0(w[76], w[77], w[78], w[79]);
+            w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3;
+            Sb7(w[80], w[81], w[82], w[83]);
+            w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3;
+            Sb6(w[84], w[85], w[86], w[87]);
+            w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3;
+            Sb5(w[88], w[89], w[90], w[91]);
+            w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3;
+            Sb4(w[92], w[93], w[94], w[95]);
+            w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3;
+            Sb3(w[96], w[97], w[98], w[99]);
+            w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3;
+            Sb2(w[100], w[101], w[102], w[103]);
+            w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3;
+            Sb1(w[104], w[105], w[106], w[107]);
+            w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3;
+            Sb0(w[108], w[109], w[110], w[111]);
+            w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3;
+            Sb7(w[112], w[113], w[114], w[115]);
+            w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3;
+            Sb6(w[116], w[117], w[118], w[119]);
+            w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3;
+            Sb5(w[120], w[121], w[122], w[123]);
+            w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3;
+            Sb4(w[124], w[125], w[126], w[127]);
+            w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3;
+            Sb3(w[128], w[129], w[130], w[131]);
+            w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3;
+
+            return w;
+        }
+
+        /**
+        * Encrypt one block of plaintext.
+        *
+        * @param input the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param output the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        */
+        protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            X3 = (int)Pack.BE_To_UInt32(input, inOff);
+            X2 = (int)Pack.BE_To_UInt32(input, inOff + 4);
+            X1 = (int)Pack.BE_To_UInt32(input, inOff + 8);
+            X0 = (int)Pack.BE_To_UInt32(input, inOff + 12);
+
+            Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
+            Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
+            Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT();
+            Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT();
+            Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT();
+            Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT();
+            Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT();
+            Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT();
+            Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT();
+            Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT();
+            Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT();
+            Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT();
+            Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT();
+            Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT();
+            Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT();
+            Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT();
+            Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT();
+            Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT();
+            Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT();
+            Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT();
+            Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT();
+            Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT();
+            Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT();
+            Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT();
+            Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT();
+            Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT();
+            Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT();
+            Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT();
+            Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT();
+            Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT();
+            Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
+            Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
+
+            Pack.UInt32_To_BE((uint)(wKey[131] ^ X3), output, outOff);
+            Pack.UInt32_To_BE((uint)(wKey[130] ^ X2), output, outOff + 4);
+            Pack.UInt32_To_BE((uint)(wKey[129] ^ X1), output, outOff + 8);
+            Pack.UInt32_To_BE((uint)(wKey[128] ^ X0), output, outOff + 12);
+        }
+
+        /**
+        * Decrypt one block of ciphertext.
+        *
+        * @param input the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param output the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        */
+        protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            X3 = wKey[131] ^ (int)Pack.BE_To_UInt32(input, inOff);
+            X2 = wKey[130] ^ (int)Pack.BE_To_UInt32(input, inOff + 4);
+            X1 = wKey[129] ^ (int)Pack.BE_To_UInt32(input, inOff + 8);
+            X0 = wKey[128] ^ (int)Pack.BE_To_UInt32(input, inOff + 12);
+
+            Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+            X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
+            InverseLT(); Ib7(X0, X1, X2, X3);
+            X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
+            InverseLT(); Ib6(X0, X1, X2, X3);
+            X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
+            InverseLT(); Ib5(X0, X1, X2, X3);
+            X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
+            InverseLT(); Ib4(X0, X1, X2, X3);
+            X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
+            InverseLT(); Ib3(X0, X1, X2, X3);
+            X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
+            InverseLT(); Ib2(X0, X1, X2, X3);
+            X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
+            InverseLT(); Ib1(X0, X1, X2, X3);
+            X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
+            InverseLT(); Ib0(X0, X1, X2, X3);
+
+            Pack.UInt32_To_BE((uint)(X3 ^ wKey[3]), output, outOff);
+            Pack.UInt32_To_BE((uint)(X2 ^ wKey[2]), output, outOff + 4);
+            Pack.UInt32_To_BE((uint)(X1 ^ wKey[1]), output, outOff + 8);
+            Pack.UInt32_To_BE((uint)(X0 ^ wKey[0]), output, outOff + 12);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/TwofishEngine.cs b/bc-sharp-crypto/src/crypto/engines/TwofishEngine.cs
new file mode 100644
index 0000000..71c2465
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/TwofishEngine.cs
@@ -0,0 +1,675 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    /**
+    * A class that provides Twofish encryption operations.
+    *
+    * This Java implementation is based on the Java reference
+    * implementation provided by Bruce Schneier and developed
+    * by Raif S. Naffah.
+    */
+    public sealed class TwofishEngine
+		: IBlockCipher
+    {
+        private static readonly byte[,] P =  {
+        {  // p0
+            (byte) 0xA9, (byte) 0x67, (byte) 0xB3, (byte) 0xE8,
+            (byte) 0x04, (byte) 0xFD, (byte) 0xA3, (byte) 0x76,
+            (byte) 0x9A, (byte) 0x92, (byte) 0x80, (byte) 0x78,
+            (byte) 0xE4, (byte) 0xDD, (byte) 0xD1, (byte) 0x38,
+            (byte) 0x0D, (byte) 0xC6, (byte) 0x35, (byte) 0x98,
+            (byte) 0x18, (byte) 0xF7, (byte) 0xEC, (byte) 0x6C,
+            (byte) 0x43, (byte) 0x75, (byte) 0x37, (byte) 0x26,
+            (byte) 0xFA, (byte) 0x13, (byte) 0x94, (byte) 0x48,
+            (byte) 0xF2, (byte) 0xD0, (byte) 0x8B, (byte) 0x30,
+            (byte) 0x84, (byte) 0x54, (byte) 0xDF, (byte) 0x23,
+            (byte) 0x19, (byte) 0x5B, (byte) 0x3D, (byte) 0x59,
+            (byte) 0xF3, (byte) 0xAE, (byte) 0xA2, (byte) 0x82,
+            (byte) 0x63, (byte) 0x01, (byte) 0x83, (byte) 0x2E,
+            (byte) 0xD9, (byte) 0x51, (byte) 0x9B, (byte) 0x7C,
+            (byte) 0xA6, (byte) 0xEB, (byte) 0xA5, (byte) 0xBE,
+            (byte) 0x16, (byte) 0x0C, (byte) 0xE3, (byte) 0x61,
+            (byte) 0xC0, (byte) 0x8C, (byte) 0x3A, (byte) 0xF5,
+            (byte) 0x73, (byte) 0x2C, (byte) 0x25, (byte) 0x0B,
+            (byte) 0xBB, (byte) 0x4E, (byte) 0x89, (byte) 0x6B,
+            (byte) 0x53, (byte) 0x6A, (byte) 0xB4, (byte) 0xF1,
+            (byte) 0xE1, (byte) 0xE6, (byte) 0xBD, (byte) 0x45,
+            (byte) 0xE2, (byte) 0xF4, (byte) 0xB6, (byte) 0x66,
+            (byte) 0xCC, (byte) 0x95, (byte) 0x03, (byte) 0x56,
+            (byte) 0xD4, (byte) 0x1C, (byte) 0x1E, (byte) 0xD7,
+            (byte) 0xFB, (byte) 0xC3, (byte) 0x8E, (byte) 0xB5,
+            (byte) 0xE9, (byte) 0xCF, (byte) 0xBF, (byte) 0xBA,
+            (byte) 0xEA, (byte) 0x77, (byte) 0x39, (byte) 0xAF,
+            (byte) 0x33, (byte) 0xC9, (byte) 0x62, (byte) 0x71,
+            (byte) 0x81, (byte) 0x79, (byte) 0x09, (byte) 0xAD,
+            (byte) 0x24, (byte) 0xCD, (byte) 0xF9, (byte) 0xD8,
+            (byte) 0xE5, (byte) 0xC5, (byte) 0xB9, (byte) 0x4D,
+            (byte) 0x44, (byte) 0x08, (byte) 0x86, (byte) 0xE7,
+            (byte) 0xA1, (byte) 0x1D, (byte) 0xAA, (byte) 0xED,
+            (byte) 0x06, (byte) 0x70, (byte) 0xB2, (byte) 0xD2,
+            (byte) 0x41, (byte) 0x7B, (byte) 0xA0, (byte) 0x11,
+            (byte) 0x31, (byte) 0xC2, (byte) 0x27, (byte) 0x90,
+            (byte) 0x20, (byte) 0xF6, (byte) 0x60, (byte) 0xFF,
+            (byte) 0x96, (byte) 0x5C, (byte) 0xB1, (byte) 0xAB,
+            (byte) 0x9E, (byte) 0x9C, (byte) 0x52, (byte) 0x1B,
+            (byte) 0x5F, (byte) 0x93, (byte) 0x0A, (byte) 0xEF,
+            (byte) 0x91, (byte) 0x85, (byte) 0x49, (byte) 0xEE,
+            (byte) 0x2D, (byte) 0x4F, (byte) 0x8F, (byte) 0x3B,
+            (byte) 0x47, (byte) 0x87, (byte) 0x6D, (byte) 0x46,
+            (byte) 0xD6, (byte) 0x3E, (byte) 0x69, (byte) 0x64,
+            (byte) 0x2A, (byte) 0xCE, (byte) 0xCB, (byte) 0x2F,
+            (byte) 0xFC, (byte) 0x97, (byte) 0x05, (byte) 0x7A,
+            (byte) 0xAC, (byte) 0x7F, (byte) 0xD5, (byte) 0x1A,
+            (byte) 0x4B, (byte) 0x0E, (byte) 0xA7, (byte) 0x5A,
+            (byte) 0x28, (byte) 0x14, (byte) 0x3F, (byte) 0x29,
+            (byte) 0x88, (byte) 0x3C, (byte) 0x4C, (byte) 0x02,
+            (byte) 0xB8, (byte) 0xDA, (byte) 0xB0, (byte) 0x17,
+            (byte) 0x55, (byte) 0x1F, (byte) 0x8A, (byte) 0x7D,
+            (byte) 0x57, (byte) 0xC7, (byte) 0x8D, (byte) 0x74,
+            (byte) 0xB7, (byte) 0xC4, (byte) 0x9F, (byte) 0x72,
+            (byte) 0x7E, (byte) 0x15, (byte) 0x22, (byte) 0x12,
+            (byte) 0x58, (byte) 0x07, (byte) 0x99, (byte) 0x34,
+            (byte) 0x6E, (byte) 0x50, (byte) 0xDE, (byte) 0x68,
+            (byte) 0x65, (byte) 0xBC, (byte) 0xDB, (byte) 0xF8,
+            (byte) 0xC8, (byte) 0xA8, (byte) 0x2B, (byte) 0x40,
+            (byte) 0xDC, (byte) 0xFE, (byte) 0x32, (byte) 0xA4,
+            (byte) 0xCA, (byte) 0x10, (byte) 0x21, (byte) 0xF0,
+            (byte) 0xD3, (byte) 0x5D, (byte) 0x0F, (byte) 0x00,
+            (byte) 0x6F, (byte) 0x9D, (byte) 0x36, (byte) 0x42,
+            (byte) 0x4A, (byte) 0x5E, (byte) 0xC1, (byte) 0xE0 },
+        {  // p1
+            (byte) 0x75, (byte) 0xF3, (byte) 0xC6, (byte) 0xF4,
+            (byte) 0xDB, (byte) 0x7B, (byte) 0xFB, (byte) 0xC8,
+            (byte) 0x4A, (byte) 0xD3, (byte) 0xE6, (byte) 0x6B,
+            (byte) 0x45, (byte) 0x7D, (byte) 0xE8, (byte) 0x4B,
+            (byte) 0xD6, (byte) 0x32, (byte) 0xD8, (byte) 0xFD,
+            (byte) 0x37, (byte) 0x71, (byte) 0xF1, (byte) 0xE1,
+            (byte) 0x30, (byte) 0x0F, (byte) 0xF8, (byte) 0x1B,
+            (byte) 0x87, (byte) 0xFA, (byte) 0x06, (byte) 0x3F,
+            (byte) 0x5E, (byte) 0xBA, (byte) 0xAE, (byte) 0x5B,
+            (byte) 0x8A, (byte) 0x00, (byte) 0xBC, (byte) 0x9D,
+            (byte) 0x6D, (byte) 0xC1, (byte) 0xB1, (byte) 0x0E,
+            (byte) 0x80, (byte) 0x5D, (byte) 0xD2, (byte) 0xD5,
+            (byte) 0xA0, (byte) 0x84, (byte) 0x07, (byte) 0x14,
+            (byte) 0xB5, (byte) 0x90, (byte) 0x2C, (byte) 0xA3,
+            (byte) 0xB2, (byte) 0x73, (byte) 0x4C, (byte) 0x54,
+            (byte) 0x92, (byte) 0x74, (byte) 0x36, (byte) 0x51,
+            (byte) 0x38, (byte) 0xB0, (byte) 0xBD, (byte) 0x5A,
+            (byte) 0xFC, (byte) 0x60, (byte) 0x62, (byte) 0x96,
+            (byte) 0x6C, (byte) 0x42, (byte) 0xF7, (byte) 0x10,
+            (byte) 0x7C, (byte) 0x28, (byte) 0x27, (byte) 0x8C,
+            (byte) 0x13, (byte) 0x95, (byte) 0x9C, (byte) 0xC7,
+            (byte) 0x24, (byte) 0x46, (byte) 0x3B, (byte) 0x70,
+            (byte) 0xCA, (byte) 0xE3, (byte) 0x85, (byte) 0xCB,
+            (byte) 0x11, (byte) 0xD0, (byte) 0x93, (byte) 0xB8,
+            (byte) 0xA6, (byte) 0x83, (byte) 0x20, (byte) 0xFF,
+            (byte) 0x9F, (byte) 0x77, (byte) 0xC3, (byte) 0xCC,
+            (byte) 0x03, (byte) 0x6F, (byte) 0x08, (byte) 0xBF,
+            (byte) 0x40, (byte) 0xE7, (byte) 0x2B, (byte) 0xE2,
+            (byte) 0x79, (byte) 0x0C, (byte) 0xAA, (byte) 0x82,
+            (byte) 0x41, (byte) 0x3A, (byte) 0xEA, (byte) 0xB9,
+            (byte) 0xE4, (byte) 0x9A, (byte) 0xA4, (byte) 0x97,
+            (byte) 0x7E, (byte) 0xDA, (byte) 0x7A, (byte) 0x17,
+            (byte) 0x66, (byte) 0x94, (byte) 0xA1, (byte) 0x1D,
+            (byte) 0x3D, (byte) 0xF0, (byte) 0xDE, (byte) 0xB3,
+            (byte) 0x0B, (byte) 0x72, (byte) 0xA7, (byte) 0x1C,
+            (byte) 0xEF, (byte) 0xD1, (byte) 0x53, (byte) 0x3E,
+            (byte) 0x8F, (byte) 0x33, (byte) 0x26, (byte) 0x5F,
+            (byte) 0xEC, (byte) 0x76, (byte) 0x2A, (byte) 0x49,
+            (byte) 0x81, (byte) 0x88, (byte) 0xEE, (byte) 0x21,
+            (byte) 0xC4, (byte) 0x1A, (byte) 0xEB, (byte) 0xD9,
+            (byte) 0xC5, (byte) 0x39, (byte) 0x99, (byte) 0xCD,
+            (byte) 0xAD, (byte) 0x31, (byte) 0x8B, (byte) 0x01,
+            (byte) 0x18, (byte) 0x23, (byte) 0xDD, (byte) 0x1F,
+            (byte) 0x4E, (byte) 0x2D, (byte) 0xF9, (byte) 0x48,
+            (byte) 0x4F, (byte) 0xF2, (byte) 0x65, (byte) 0x8E,
+            (byte) 0x78, (byte) 0x5C, (byte) 0x58, (byte) 0x19,
+            (byte) 0x8D, (byte) 0xE5, (byte) 0x98, (byte) 0x57,
+            (byte) 0x67, (byte) 0x7F, (byte) 0x05, (byte) 0x64,
+            (byte) 0xAF, (byte) 0x63, (byte) 0xB6, (byte) 0xFE,
+            (byte) 0xF5, (byte) 0xB7, (byte) 0x3C, (byte) 0xA5,
+            (byte) 0xCE, (byte) 0xE9, (byte) 0x68, (byte) 0x44,
+            (byte) 0xE0, (byte) 0x4D, (byte) 0x43, (byte) 0x69,
+            (byte) 0x29, (byte) 0x2E, (byte) 0xAC, (byte) 0x15,
+            (byte) 0x59, (byte) 0xA8, (byte) 0x0A, (byte) 0x9E,
+            (byte) 0x6E, (byte) 0x47, (byte) 0xDF, (byte) 0x34,
+            (byte) 0x35, (byte) 0x6A, (byte) 0xCF, (byte) 0xDC,
+            (byte) 0x22, (byte) 0xC9, (byte) 0xC0, (byte) 0x9B,
+            (byte) 0x89, (byte) 0xD4, (byte) 0xED, (byte) 0xAB,
+            (byte) 0x12, (byte) 0xA2, (byte) 0x0D, (byte) 0x52,
+            (byte) 0xBB, (byte) 0x02, (byte) 0x2F, (byte) 0xA9,
+            (byte) 0xD7, (byte) 0x61, (byte) 0x1E, (byte) 0xB4,
+            (byte) 0x50, (byte) 0x04, (byte) 0xF6, (byte) 0xC2,
+            (byte) 0x16, (byte) 0x25, (byte) 0x86, (byte) 0x56,
+            (byte) 0x55, (byte) 0x09, (byte) 0xBE, (byte) 0x91  }
+        };
+
+        /**
+        * Define the fixed p0/p1 permutations used in keyed S-box lookup.
+        * By changing the following constant definitions, the S-boxes will
+        * automatically Get changed in the Twofish engine.
+        */
+        private const int P_00 = 1;
+        private const int P_01 = 0;
+        private const int P_02 = 0;
+        private const int P_03 = P_01 ^ 1;
+        private const int P_04 = 1;
+
+        private const int P_10 = 0;
+        private const int P_11 = 0;
+        private const int P_12 = 1;
+        private const int P_13 = P_11 ^ 1;
+        private const int P_14 = 0;
+
+        private const int P_20 = 1;
+        private const int P_21 = 1;
+        private const int P_22 = 0;
+        private const int P_23 = P_21 ^ 1;
+        private const int P_24 = 0;
+
+        private const int P_30 = 0;
+        private const int P_31 = 1;
+        private const int P_32 = 1;
+        private const int P_33 = P_31 ^ 1;
+        private const int P_34 = 1;
+
+        /* Primitive polynomial for GF(256) */
+        private const int GF256_FDBK = 0x169;
+        private const int GF256_FDBK_2 = GF256_FDBK / 2;
+        private const int GF256_FDBK_4 = GF256_FDBK / 4;
+
+        private const int RS_GF_FDBK = 0x14D; // field generator
+
+        //====================================
+        // Useful constants
+        //====================================
+
+        private const int    ROUNDS = 16;
+        private const int    MAX_ROUNDS = 16;  // bytes = 128 bits
+        private const int    BLOCK_SIZE = 16;  // bytes = 128 bits
+        private const int    MAX_KEY_BITS = 256;
+
+        private const int    INPUT_WHITEN=0;
+        private const int    OUTPUT_WHITEN=INPUT_WHITEN+BLOCK_SIZE/4; // 4
+        private const int    ROUND_SUBKEYS=OUTPUT_WHITEN+BLOCK_SIZE/4;// 8
+
+        private const int    TOTAL_SUBKEYS=ROUND_SUBKEYS+2*MAX_ROUNDS;// 40
+
+        private const int    SK_STEP = 0x02020202;
+        private const int    SK_BUMP = 0x01010101;
+        private const int    SK_ROTL = 9;
+
+        private bool encrypting;
+
+        private int[] gMDS0 = new int[MAX_KEY_BITS];
+        private int[] gMDS1 = new int[MAX_KEY_BITS];
+        private int[] gMDS2 = new int[MAX_KEY_BITS];
+        private int[] gMDS3 = new int[MAX_KEY_BITS];
+
+        /**
+        * gSubKeys[] and gSBox[] are eventually used in the
+        * encryption and decryption methods.
+        */
+        private int[] gSubKeys;
+        private int[] gSBox;
+
+        private int k64Cnt;
+
+        private byte[] workingKey;
+
+        public TwofishEngine()
+        {
+            // calculate the MDS matrix
+            int[] m1 = new int[2];
+            int[] mX = new int[2];
+            int[] mY = new int[2];
+            int j;
+
+            for (int i=0; i< MAX_KEY_BITS ; i++)
+            {
+                j = P[0,i] & 0xff;
+                m1[0] = j;
+                mX[0] = Mx_X(j) & 0xff;
+                mY[0] = Mx_Y(j) & 0xff;
+
+                j = P[1,i] & 0xff;
+                m1[1] = j;
+                mX[1] = Mx_X(j) & 0xff;
+                mY[1] = Mx_Y(j) & 0xff;
+
+                gMDS0[i] = m1[P_00]       | mX[P_00] <<  8 |
+                            mY[P_00] << 16 | mY[P_00] << 24;
+
+                gMDS1[i] = mY[P_10]       | mY[P_10] <<  8 |
+                            mX[P_10] << 16 | m1[P_10] << 24;
+
+                gMDS2[i] = mX[P_20]       | mY[P_20] <<  8 |
+                            m1[P_20] << 16 | mY[P_20] << 24;
+
+                gMDS3[i] = mX[P_30]       | m1[P_30] <<  8 |
+                            mY[P_30] << 16 | mX[P_30] << 24;
+            }
+        }
+
+        /**
+        * initialise a Twofish cipher.
+        *
+        * @param forEncryption whether or not we are for encryption.
+        * @param parameters the parameters required to set up the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool              forEncryption,
+            ICipherParameters parameters)
+        {
+            if (!(parameters is KeyParameter))
+				throw new ArgumentException("invalid parameter passed to Twofish init - " + Platform.GetTypeName(parameters));
+
+			this.encrypting = forEncryption;
+			this.workingKey = ((KeyParameter)parameters).GetKey();
+			this.k64Cnt = (this.workingKey.Length / 8); // pre-padded ?
+			SetKey(this.workingKey);
+        }
+
+		public string AlgorithmName
+        {
+            get { return "Twofish"; }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+		public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if (workingKey == null)
+                throw new InvalidOperationException("Twofish not initialised");
+
+            Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short");
+            Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short");
+
+            if (encrypting)
+            {
+                EncryptBlock(input, inOff, output, outOff);
+            }
+            else
+            {
+                DecryptBlock(input, inOff, output, outOff);
+            }
+
+            return BLOCK_SIZE;
+        }
+
+        public void Reset()
+        {
+            if (this.workingKey != null)
+            {
+                SetKey(this.workingKey);
+            }
+        }
+
+        public int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        //==================================
+        // Private Implementation
+        //==================================
+
+        private void SetKey(byte[] key)
+        {
+            int[] k32e = new int[MAX_KEY_BITS/64]; // 4
+            int[] k32o = new int[MAX_KEY_BITS/64]; // 4
+
+            int[] sBoxKeys = new int[MAX_KEY_BITS/64]; // 4
+            gSubKeys = new int[TOTAL_SUBKEYS];
+
+            if (k64Cnt < 1)
+            {
+                throw new ArgumentException("Key size less than 64 bits");
+            }
+
+            if (k64Cnt > 4)
+            {
+                throw new ArgumentException("Key size larger than 256 bits");
+            }
+
+            /*
+            * k64Cnt is the number of 8 byte blocks (64 chunks)
+            * that are in the input key.  The input key is a
+            * maximum of 32 bytes ( 256 bits ), so the range
+            * for k64Cnt is 1..4
+            */
+            for (int i=0,p=0; i<k64Cnt ; i++)
+            {
+                p = i* 8;
+
+                k32e[i] = BytesTo32Bits(key, p);
+                k32o[i] = BytesTo32Bits(key, p+4);
+
+                sBoxKeys[k64Cnt-1-i] = RS_MDS_Encode(k32e[i], k32o[i]);
+            }
+
+            int q,A,B;
+            for (int i=0; i < TOTAL_SUBKEYS / 2 ; i++)
+            {
+                q = i*SK_STEP;
+                A = F32(q,         k32e);
+                B = F32(q+SK_BUMP, k32o);
+                B = B << 8 | (int)((uint)B >> 24);
+                A += B;
+                gSubKeys[i*2] = A;
+                A += B;
+                gSubKeys[i*2 + 1] = A << SK_ROTL | (int)((uint)A >> (32-SK_ROTL));
+            }
+
+            /*
+            * fully expand the table for speed
+            */
+            int k0 = sBoxKeys[0];
+            int k1 = sBoxKeys[1];
+            int k2 = sBoxKeys[2];
+            int k3 = sBoxKeys[3];
+            int b0, b1, b2, b3;
+            gSBox = new int[4*MAX_KEY_BITS];
+            for (int i=0; i<MAX_KEY_BITS; i++)
+            {
+                b0 = b1 = b2 = b3 = i;
+                switch (k64Cnt & 3)
+                {
+                    case 1:
+                        gSBox[i*2]       = gMDS0[(P[P_01,b0] & 0xff) ^ M_b0(k0)];
+                        gSBox[i*2+1]     = gMDS1[(P[P_11,b1] & 0xff) ^ M_b1(k0)];
+                        gSBox[i*2+0x200] = gMDS2[(P[P_21,b2] & 0xff) ^ M_b2(k0)];
+                        gSBox[i*2+0x201] = gMDS3[(P[P_31,b3] & 0xff) ^ M_b3(k0)];
+                    break;
+                    case 0: // 256 bits of key
+                        b0 = (P[P_04,b0] & 0xff) ^ M_b0(k3);
+                        b1 = (P[P_14,b1] & 0xff) ^ M_b1(k3);
+                        b2 = (P[P_24,b2] & 0xff) ^ M_b2(k3);
+                        b3 = (P[P_34,b3] & 0xff) ^ M_b3(k3);
+                        // fall through, having pre-processed b[0]..b[3] with k32[3]
+                        goto case 3;
+                    case 3: // 192 bits of key
+                        b0 = (P[P_03,b0] & 0xff) ^ M_b0(k2);
+                        b1 = (P[P_13,b1] & 0xff) ^ M_b1(k2);
+                        b2 = (P[P_23,b2] & 0xff) ^ M_b2(k2);
+                        b3 = (P[P_33,b3] & 0xff) ^ M_b3(k2);
+                        // fall through, having pre-processed b[0]..b[3] with k32[2]
+                        goto case 2;
+                    case 2: // 128 bits of key
+                        gSBox[i * 2] = gMDS0[(P[P_01, (P[P_02, b0] & 0xff) ^ M_b0(k1)] & 0xff) ^ M_b0(k0)];
+                        gSBox[i*2+1] = gMDS1[(P[P_11,(P[P_12,b1] & 0xff) ^ M_b1(k1)] & 0xff) ^ M_b1(k0)];
+                        gSBox[i*2+0x200] = gMDS2[(P[P_21,(P[P_22,b2] & 0xff) ^ M_b2(k1)] & 0xff) ^ M_b2(k0)];
+                        gSBox[i * 2 + 0x201] = gMDS3[(P[P_31, (P[P_32, b3] & 0xff) ^ M_b3(k1)] & 0xff) ^ M_b3(k0)];
+                        break;
+                }
+            }
+
+            /*
+            * the function exits having setup the gSBox with the
+            * input key material.
+            */
+        }
+
+        /**
+        * Encrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        * The input will be an exact multiple of our blocksize.
+        *
+        * encryptBlock uses the pre-calculated gSBox[] and subKey[]
+        * arrays.
+        */
+        private void EncryptBlock(
+            byte[] src,
+            int srcIndex,
+            byte[] dst,
+            int dstIndex)
+        {
+            int x0 = BytesTo32Bits(src, srcIndex) ^ gSubKeys[INPUT_WHITEN];
+            int x1 = BytesTo32Bits(src, srcIndex + 4) ^ gSubKeys[INPUT_WHITEN + 1];
+            int x2 = BytesTo32Bits(src, srcIndex + 8) ^ gSubKeys[INPUT_WHITEN + 2];
+            int x3 = BytesTo32Bits(src, srcIndex + 12) ^ gSubKeys[INPUT_WHITEN + 3];
+
+            int k = ROUND_SUBKEYS;
+            int t0, t1;
+            for (int r = 0; r < ROUNDS; r +=2)
+            {
+                t0 = Fe32_0(x0);
+                t1 = Fe32_3(x1);
+                x2 ^= t0 + t1 + gSubKeys[k++];
+                x2 = (int)((uint)x2 >>1) | x2 << 31;
+                x3 = (x3 << 1 | (int) ((uint)x3 >> 31)) ^ (t0 + 2*t1 + gSubKeys[k++]);
+
+                t0 = Fe32_0(x2);
+                t1 = Fe32_3(x3);
+                x0 ^= t0 + t1 + gSubKeys[k++];
+                x0 = (int) ((uint)x0 >>1) | x0 << 31;
+                x1 = (x1 << 1 | (int)((uint)x1 >> 31)) ^ (t0 + 2*t1 + gSubKeys[k++]);
+            }
+
+            Bits32ToBytes(x2 ^ gSubKeys[OUTPUT_WHITEN], dst, dstIndex);
+            Bits32ToBytes(x3 ^ gSubKeys[OUTPUT_WHITEN + 1], dst, dstIndex + 4);
+            Bits32ToBytes(x0 ^ gSubKeys[OUTPUT_WHITEN + 2], dst, dstIndex + 8);
+            Bits32ToBytes(x1 ^ gSubKeys[OUTPUT_WHITEN + 3], dst, dstIndex + 12);
+        }
+
+        /**
+        * Decrypt the given input starting at the given offset and place
+        * the result in the provided buffer starting at the given offset.
+        * The input will be an exact multiple of our blocksize.
+        */
+        private void DecryptBlock(
+            byte[] src,
+            int srcIndex,
+            byte[] dst,
+            int dstIndex)
+        {
+            int x2 = BytesTo32Bits(src, srcIndex) ^ gSubKeys[OUTPUT_WHITEN];
+            int x3 = BytesTo32Bits(src, srcIndex+4) ^ gSubKeys[OUTPUT_WHITEN + 1];
+            int x0 = BytesTo32Bits(src, srcIndex+8) ^ gSubKeys[OUTPUT_WHITEN + 2];
+            int x1 = BytesTo32Bits(src, srcIndex+12) ^ gSubKeys[OUTPUT_WHITEN + 3];
+
+            int k = ROUND_SUBKEYS + 2 * ROUNDS -1 ;
+            int t0, t1;
+            for (int r = 0; r< ROUNDS ; r +=2)
+            {
+                t0 = Fe32_0(x2);
+                t1 = Fe32_3(x3);
+                x1 ^= t0 + 2*t1 + gSubKeys[k--];
+                x0 = (x0 << 1 | (int)((uint) x0 >> 31)) ^ (t0 + t1 + gSubKeys[k--]);
+                x1 = (int) ((uint)x1 >>1) | x1 << 31;
+
+                t0 = Fe32_0(x0);
+                t1 = Fe32_3(x1);
+                x3 ^= t0 + 2*t1 + gSubKeys[k--];
+                x2 = (x2 << 1 | (int)((uint)x2 >> 31)) ^ (t0 + t1 + gSubKeys[k--]);
+                x3 = (int)((uint)x3 >>1) | x3 << 31;
+            }
+
+            Bits32ToBytes(x0 ^ gSubKeys[INPUT_WHITEN], dst, dstIndex);
+            Bits32ToBytes(x1 ^ gSubKeys[INPUT_WHITEN + 1], dst, dstIndex + 4);
+            Bits32ToBytes(x2 ^ gSubKeys[INPUT_WHITEN + 2], dst, dstIndex + 8);
+            Bits32ToBytes(x3 ^ gSubKeys[INPUT_WHITEN + 3], dst, dstIndex + 12);
+        }
+
+        /*
+        * TODO:  This can be optimised and made cleaner by combining
+        * the functionality in this function and applying it appropriately
+        * to the creation of the subkeys during key setup.
+        */
+        private  int F32(int x, int[] k32)
+        {
+            int b0 = M_b0(x);
+            int b1 = M_b1(x);
+            int b2 = M_b2(x);
+            int b3 = M_b3(x);
+            int k0 = k32[0];
+            int k1 = k32[1];
+            int k2 = k32[2];
+            int k3 = k32[3];
+
+            int result = 0;
+            switch (k64Cnt & 3)
+            {
+                case 1:
+                    result = gMDS0[(P[P_01,b0] & 0xff) ^ M_b0(k0)] ^
+                            gMDS1[(P[P_11,b1] & 0xff) ^ M_b1(k0)] ^
+                            gMDS2[(P[P_21,b2] & 0xff) ^ M_b2(k0)] ^
+                            gMDS3[(P[P_31,b3] & 0xff) ^ M_b3(k0)];
+                    break;
+                case 0: /* 256 bits of key */
+                    b0 = (P[P_04,b0] & 0xff) ^ M_b0(k3);
+                    b1 = (P[P_14,b1] & 0xff) ^ M_b1(k3);
+                    b2 = (P[P_24,b2] & 0xff) ^ M_b2(k3);
+                    b3 = (P[P_34,b3] & 0xff) ^ M_b3(k3);
+                    goto case 3;
+                case 3:
+                    b0 = (P[P_03,b0] & 0xff) ^ M_b0(k2);
+                    b1 = (P[P_13,b1] & 0xff) ^ M_b1(k2);
+                    b2 = (P[P_23,b2] & 0xff) ^ M_b2(k2);
+                    b3 = (P[P_33,b3] & 0xff) ^ M_b3(k2);
+                    goto case 2;
+                case 2:
+                    result =
+                    gMDS0[(P[P_01,(P[P_02,b0]&0xff)^M_b0(k1)]&0xff)^M_b0(k0)] ^
+                    gMDS1[(P[P_11,(P[P_12,b1]&0xff)^M_b1(k1)]&0xff)^M_b1(k0)] ^
+                    gMDS2[(P[P_21,(P[P_22,b2]&0xff)^M_b2(k1)]&0xff)^M_b2(k0)] ^
+                    gMDS3[(P[P_31,(P[P_32,b3]&0xff)^M_b3(k1)]&0xff)^M_b3(k0)];
+                break;
+            }
+            return result;
+        }
+
+        /**
+        * Use (12, 8) Reed-Solomon code over GF(256) to produce
+        * a key S-box 32-bit entity from 2 key material 32-bit
+        * entities.
+        *
+        * @param    k0 first 32-bit entity
+        * @param    k1 second 32-bit entity
+        * @return     Remainder polynomial Generated using RS code
+        */
+        private  int RS_MDS_Encode(int k0, int k1)
+        {
+            int r = k1;
+            for (int i = 0 ; i < 4 ; i++) // shift 1 byte at a time
+            {
+                r = RS_rem(r);
+            }
+            r ^= k0;
+            for (int i=0 ; i < 4 ; i++)
+            {
+                r = RS_rem(r);
+            }
+
+            return r;
+        }
+
+        /**
+        * Reed-Solomon code parameters: (12,8) reversible code:
+		* <p>
+        * <pre>
+        * G(x) = x^4 + (a+1/a)x^3 + ax^2 + (a+1/a)x + 1
+        * </pre>
+        * where a = primitive root of field generator 0x14D
+		* </p>
+        */
+        private  int RS_rem(int x)
+        {
+            int b = (int) (((uint)x >> 24) & 0xff);
+            int g2 = ((b << 1) ^
+                    ((b & 0x80) != 0 ? RS_GF_FDBK : 0)) & 0xff;
+            int g3 = ( (int)((uint)b >> 1) ^
+                    ((b & 0x01) != 0 ? (int)((uint)RS_GF_FDBK >> 1) : 0)) ^ g2 ;
+            return ((x << 8) ^ (g3 << 24) ^ (g2 << 16) ^ (g3 << 8) ^ b);
+        }
+
+        private  int LFSR1(int x)
+        {
+            return (x >> 1) ^
+                    (((x & 0x01) != 0) ? GF256_FDBK_2 : 0);
+        }
+
+        private  int LFSR2(int x)
+        {
+            return (x >> 2) ^
+                    (((x & 0x02) != 0) ? GF256_FDBK_2 : 0) ^
+                    (((x & 0x01) != 0) ? GF256_FDBK_4 : 0);
+        }
+
+        private  int Mx_X(int x)
+        {
+            return x ^ LFSR2(x);
+        } // 5B
+
+        private  int Mx_Y(int x)
+        {
+            return x ^ LFSR1(x) ^ LFSR2(x);
+        } // EF
+
+        private  int M_b0(int x)
+        {
+            return x & 0xff;
+        }
+
+        private  int M_b1(int x)
+        {
+            return (int)((uint)x >> 8) & 0xff;
+        }
+
+        private  int M_b2(int x)
+        {
+            return (int)((uint)x >> 16) & 0xff;
+        }
+
+        private  int M_b3(int x)
+        {
+            return (int)((uint)x >> 24) & 0xff;
+        }
+
+        private  int Fe32_0(int x)
+        {
+            return gSBox[ 0x000 + 2*(x & 0xff) ] ^
+                gSBox[ 0x001 + 2*((int)((uint)x >> 8) & 0xff) ] ^
+                gSBox[ 0x200 + 2*((int)((uint)x >> 16) & 0xff) ] ^
+                gSBox[ 0x201 + 2*((int)((uint)x >> 24) & 0xff) ];
+        }
+
+        private  int Fe32_3(int x)
+        {
+            return gSBox[ 0x000 + 2*((int)((uint)x >> 24) & 0xff) ] ^
+                gSBox[ 0x001 + 2*(x & 0xff) ] ^
+                gSBox[ 0x200 + 2*((int)((uint)x >> 8) & 0xff) ] ^
+                gSBox[ 0x201 + 2*((int)((uint)x >> 16) & 0xff) ];
+        }
+
+        private  int BytesTo32Bits(byte[] b, int p)
+        {
+            return ((b[p] & 0xff) ) |
+                ((b[p+1] & 0xff) << 8) |
+                ((b[p+2] & 0xff) << 16) |
+                ((b[p+3] & 0xff) << 24);
+        }
+
+        private  void Bits32ToBytes(int inData,  byte[] b, int offset)
+        {
+            b[offset] = (byte)inData;
+            b[offset + 1] = (byte)(inData >> 8);
+            b[offset + 2] = (byte)(inData >> 16);
+            b[offset + 3] = (byte)(inData >> 24);
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/VMPCEngine.cs b/bc-sharp-crypto/src/crypto/engines/VMPCEngine.cs
new file mode 100644
index 0000000..852901e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/VMPCEngine.cs
@@ -0,0 +1,133 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+    public class VmpcEngine
+        : IStreamCipher
+    {
+        /*
+        * variables to hold the state of the VMPC engine during encryption and
+        * decryption
+        */
+        protected byte n = 0;
+        protected byte[] P = null;
+        protected byte s = 0;
+
+        protected byte[] workingIV;
+        protected byte[] workingKey;
+
+        public virtual string AlgorithmName
+        {
+            get { return "VMPC"; }
+        }
+
+        /**
+        * initialise a VMPC cipher.
+        * 
+        * @param forEncryption
+        *    whether or not we are for encryption.
+        * @param params
+        *    the parameters required to set up the cipher.
+        * @exception ArgumentException
+        *    if the params argument is inappropriate.
+        */
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            if (!(parameters is ParametersWithIV))
+                throw new ArgumentException("VMPC Init parameters must include an IV");
+
+            ParametersWithIV ivParams = (ParametersWithIV) parameters;
+
+            if (!(ivParams.Parameters is KeyParameter))
+                throw new ArgumentException("VMPC Init parameters must include a key");
+
+            KeyParameter key = (KeyParameter)ivParams.Parameters;
+
+            this.workingIV = ivParams.GetIV();
+
+            if (workingIV == null || workingIV.Length < 1 || workingIV.Length > 768)
+                throw new ArgumentException("VMPC requires 1 to 768 bytes of IV");
+
+            this.workingKey = key.GetKey();
+
+            InitKey(this.workingKey, this.workingIV);
+        }
+
+        protected virtual void InitKey(
+            byte[]	keyBytes,
+            byte[]	ivBytes)
+        {
+            s = 0;
+            P = new byte[256];
+            for (int i = 0; i < 256; i++)
+            {
+                P[i] = (byte) i;
+            }
+
+            for (int m = 0; m < 768; m++)
+            {
+                s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff];
+                byte temp = P[m & 0xff];
+                P[m & 0xff] = P[s & 0xff];
+                P[s & 0xff] = temp;
+            }
+            for (int m = 0; m < 768; m++)
+            {
+                s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff];
+                byte temp = P[m & 0xff];
+                P[m & 0xff] = P[s & 0xff];
+                P[s & 0xff] = temp;
+            }
+            n = 0;
+        }
+
+        public virtual void ProcessBytes(
+            byte[]	input,
+            int		inOff,
+            int		len,
+            byte[]	output,
+            int		outOff)
+        {
+            Check.DataLength(input, inOff, len, "input buffer too short");
+            Check.OutputLength(output, outOff, len, "output buffer too short");
+
+            for (int i = 0; i < len; i++)
+            {
+                s = P[(s + P[n & 0xff]) & 0xff];
+                byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
+                // encryption
+                byte temp = P[n & 0xff];
+                P[n & 0xff] = P[s & 0xff];
+                P[s & 0xff] = temp;
+                n = (byte) ((n + 1) & 0xff);
+
+                // xor
+                output[i + outOff] = (byte) (input[i + inOff] ^ z);
+            }
+        }
+
+        public virtual void Reset()
+        {
+            InitKey(this.workingKey, this.workingIV);
+        }
+
+        public virtual byte ReturnByte(
+            byte input)
+        {
+            s = P[(s + P[n & 0xff]) & 0xff];
+            byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
+            // encryption
+            byte temp = P[n & 0xff];
+            P[n & 0xff] = P[s & 0xff];
+            P[s & 0xff] = temp;
+            n = (byte) ((n + 1) & 0xff);
+
+            // xor
+            return (byte) (input ^ z);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/VMPCKSA3Engine.cs b/bc-sharp-crypto/src/crypto/engines/VMPCKSA3Engine.cs
new file mode 100644
index 0000000..95b6813
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/VMPCKSA3Engine.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	public class VmpcKsa3Engine
+		: VmpcEngine
+	{
+		public override string AlgorithmName
+		{
+			get { return "VMPC-KSA3"; }
+		}
+
+		protected override void InitKey(
+			byte[]	keyBytes,
+			byte[]	ivBytes)
+		{
+			s = 0;
+			P = new byte[256];
+			for (int i = 0; i < 256; i++)
+			{
+				P[i] = (byte) i;
+			}
+
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+
+			n = 0;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/XSalsa20Engine.cs b/bc-sharp-crypto/src/crypto/engines/XSalsa20Engine.cs
new file mode 100644
index 0000000..50c51a8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/XSalsa20Engine.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/// <summary>
+	/// Implementation of Daniel J. Bernstein's XSalsa20 stream cipher - Salsa20 with an extended nonce.
+	/// </summary>
+	/// <remarks>
+	/// XSalsa20 requires a 256 bit key, and a 192 bit nonce.
+	/// </remarks>
+	public class XSalsa20Engine 
+		: Salsa20Engine
+	{
+		public override string AlgorithmName
+		{
+			get { return "XSalsa20"; }
+		}
+
+		protected override int NonceSize
+		{
+			get { return 24; }
+		}
+
+		/// <summary>
+		/// XSalsa20 key generation: process 256 bit input key and 128 bits of the input nonce
+		/// using a core Salsa20 function without input addition to produce 256 bit working key
+		/// and use that with the remaining 64 bits of nonce to initialize a standard Salsa20 engine state.
+		/// </summary>
+		protected override void SetKey(byte[] keyBytes, byte[] ivBytes)
+		{
+            if (keyBytes == null)
+                throw new ArgumentException(AlgorithmName + " doesn't support re-init with null key");
+
+            if (keyBytes.Length != 32)
+				throw new ArgumentException(AlgorithmName + " requires a 256 bit key");
+
+            // Set key for HSalsa20
+			base.SetKey(keyBytes, ivBytes);
+
+			// Pack next 64 bits of IV into engine state instead of counter
+            Pack.LE_To_UInt32(ivBytes, 8, engineState, 8, 2);
+
+			// Process engine state to generate Salsa20 key
+			uint[] hsalsa20Out = new uint[engineState.Length];
+			SalsaCore(20, engineState, hsalsa20Out);
+
+			// Set new key, removing addition in last round of salsaCore
+			engineState[1] = hsalsa20Out[0] - engineState[0];
+			engineState[2] = hsalsa20Out[5] - engineState[5];
+			engineState[3] = hsalsa20Out[10] - engineState[10];
+			engineState[4] = hsalsa20Out[15] - engineState[15];
+
+			engineState[11] = hsalsa20Out[6] - engineState[6];
+			engineState[12] = hsalsa20Out[7] - engineState[7];
+			engineState[13] = hsalsa20Out[8] - engineState[8];
+			engineState[14] = hsalsa20Out[9] - engineState[9];
+
+			// Last 64 bits of input IV
+            Pack.LE_To_UInt32(ivBytes, 16, engineState, 6, 2);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/engines/XTEAEngine.cs b/bc-sharp-crypto/src/crypto/engines/XTEAEngine.cs
new file mode 100644
index 0000000..5fcfa4a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/engines/XTEAEngine.cs
@@ -0,0 +1,166 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Engines
+{
+	/**
+	* An XTEA engine.
+	*/
+	public class XteaEngine
+		: IBlockCipher
+	{
+		private const int
+			rounds		= 32,
+			block_size	= 8,
+//			key_size	= 16,
+			delta		= unchecked((int) 0x9E3779B9);
+
+		/*
+		* the expanded key array of 4 subkeys
+		*/
+		private uint[] _S = new uint[4],
+			_sum0 = new uint[32],
+			_sum1 = new uint[32];
+		private bool _initialised, _forEncryption;
+
+		/**
+		* Create an instance of the TEA encryption algorithm
+		* and set some defaults
+		*/
+		public XteaEngine()
+		{
+			_initialised = false;
+		}
+
+		public virtual string AlgorithmName
+		{
+			get { return "XTEA"; }
+		}
+
+        public virtual bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+        public virtual int GetBlockSize()
+		{
+			return block_size;
+		}
+
+		/**
+		* initialise
+		*
+		* @param forEncryption whether or not we are for encryption.
+		* @param params the parameters required to set up the cipher.
+		* @exception ArgumentException if the params argument is
+		* inappropriate.
+		*/
+        public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			if (!(parameters is KeyParameter))
+			{
+				throw new ArgumentException("invalid parameter passed to TEA init - "
+					+ Platform.GetTypeName(parameters));
+			}
+
+			_forEncryption = forEncryption;
+			_initialised = true;
+
+			KeyParameter p = (KeyParameter) parameters;
+
+			setKey(p.GetKey());
+		}
+
+        public virtual int ProcessBlock(
+			byte[]	inBytes,
+			int		inOff,
+			byte[]	outBytes,
+			int		outOff)
+		{
+			if (!_initialised)
+				throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Check.DataLength(inBytes, inOff, block_size, "input buffer too short");
+            Check.OutputLength(outBytes, outOff, block_size, "output buffer too short");
+
+            return _forEncryption
+				?	encryptBlock(inBytes, inOff, outBytes, outOff)
+				:	decryptBlock(inBytes, inOff, outBytes, outOff);
+		}
+
+        public virtual void Reset()
+		{
+		}
+
+		/**
+		* Re-key the cipher.
+		*
+		* @param  key  the key to be used
+		*/
+		private void setKey(
+			byte[] key)
+		{
+			int i, j;
+			for (i = j = 0; i < 4; i++,j+=4)
+			{
+				_S[i] = Pack.BE_To_UInt32(key, j);
+			}
+
+			for (i = j = 0; i < rounds; i++)
+			{
+				_sum0[i] = ((uint)j + _S[j & 3]);
+				j += delta;
+				_sum1[i] = ((uint)j + _S[j >> 11 & 3]);
+			}
+		}
+
+		private int encryptBlock(
+			byte[]  inBytes,
+			int     inOff,
+			byte[]  outBytes,
+			int     outOff)
+		{
+			// Pack bytes into integers
+			uint v0 = Pack.BE_To_UInt32(inBytes, inOff);
+			uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4);
+
+			for (int i = 0; i < rounds; i++)
+			{
+				v0 += ((v1 << 4 ^ v1 >> 5) + v1) ^ _sum0[i];
+				v1 += ((v0 << 4 ^ v0 >> 5) + v0) ^ _sum1[i];
+			}
+
+			Pack.UInt32_To_BE(v0, outBytes, outOff);
+			Pack.UInt32_To_BE(v1, outBytes, outOff + 4);
+
+			return block_size;
+		}
+
+		private int decryptBlock(
+			byte[]	inBytes,
+			int		inOff,
+			byte[]	outBytes,
+			int		outOff)
+		{
+			// Pack bytes into integers
+			uint v0 = Pack.BE_To_UInt32(inBytes, inOff);
+			uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4);
+
+			for (int i = rounds-1; i >= 0; i--)
+			{
+				v1  -= ((v0 << 4 ^ v0 >> 5) + v0) ^ _sum1[i];
+				v0  -= ((v1 << 4 ^ v1 >> 5) + v1) ^ _sum0[i];
+			}
+
+			Pack.UInt32_To_BE(v0, outBytes, outOff);
+			Pack.UInt32_To_BE(v1, outBytes, outOff + 4);
+
+			return block_size;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/BCrypt.cs b/bc-sharp-crypto/src/crypto/generators/BCrypt.cs
new file mode 100644
index 0000000..af8029a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/BCrypt.cs
@@ -0,0 +1,617 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * Core of password hashing scheme Bcrypt,
+     * designed by Niels Provos and David Mazières,
+     * corresponds to the C reference implementation.
+     * <p>
+     * This implementation does not correspondent to the 1999 published paper
+     * "A Future-Adaptable Password Scheme" of Niels Provos and David Mazières,
+     * see: https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html.
+     * In contrast to the paper, the order of key setup and salt setup is reversed:
+     * state &lt;- ExpandKey(state, 0, key)
+     * state %lt;- ExpandKey(state, 0, salt)
+     * This corresponds to the OpenBSD reference implementation of Bcrypt. 
+     * </p><p>
+     * Note: 
+     * There is no successful cryptanalysis (status 2015), but
+     * the amount of memory and the band width of Bcrypt
+     * may be insufficient to effectively prevent attacks 
+     * with custom hardware like FPGAs, ASICs
+     * </p><p>
+     * This implementation uses some parts of Bouncy Castle's BlowfishEngine.
+     * </p>
+     */
+    public sealed class BCrypt
+    {
+        // magic String "OrpheanBeholderScryDoubt" is used as clear text for encryption
+        private static readonly uint[] MAGIC_STRING =
+        {
+            0x4F727068, 0x65616E42, 0x65686F6C,
+            0x64657253, 0x63727944, 0x6F756274
+        };
+
+        internal const int MAGIC_STRING_LENGTH = 6;
+
+        private static readonly uint[]
+            KP = {
+                0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
+                0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
+                0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+                0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917,
+                0x9216D5D9, 0x8979FB1B
+            },
+
+            KS0 = {
+                0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7,
+                0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99,
+                0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
+                0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E,
+                0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE,
+                0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
+                0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF,
+                0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E,
+                0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
+                0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440,
+                0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE,
+                0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
+                0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E,
+                0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677,
+                0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
+                0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032,
+                0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88,
+                0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
+                0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E,
+                0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0,
+                0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
+                0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98,
+                0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88,
+                0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
+                0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6,
+                0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D,
+                0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
+                0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7,
+                0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA,
+                0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
+                0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F,
+                0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09,
+                0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
+                0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB,
+                0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279,
+                0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
+                0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB,
+                0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82,
+                0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
+                0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573,
+                0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0,
+                0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
+                0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790,
+                0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8,
+                0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
+                0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0,
+                0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7,
+                0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
+                0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD,
+                0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1,
+                0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
+                0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9,
+                0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477,
+                0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
+                0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49,
+                0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF,
+                0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
+                0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5,
+                0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41,
+                0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
+                0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400,
+                0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915,
+                0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
+                0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A
+            },
+
+            KS1 = {
+                0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623,
+                0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266,
+                0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
+                0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E,
+                0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6,
+                0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
+                0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E,
+                0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1,
+                0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
+                0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8,
+                0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF,
+                0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
+                0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701,
+                0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7,
+                0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
+                0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331,
+                0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF,
+                0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
+                0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E,
+                0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87,
+                0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
+                0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2,
+                0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16,
+                0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
+                0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B,
+                0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509,
+                0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
+                0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3,
+                0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F,
+                0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
+                0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4,
+                0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960,
+                0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
+                0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28,
+                0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802,
+                0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
+                0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510,
+                0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF,
+                0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
+                0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E,
+                0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50,
+                0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
+                0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8,
+                0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281,
+                0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
+                0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696,
+                0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128,
+                0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
+                0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0,
+                0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0,
+                0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
+                0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250,
+                0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3,
+                0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
+                0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00,
+                0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061,
+                0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
+                0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E,
+                0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735,
+                0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
+                0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9,
+                0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340,
+                0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
+                0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7
+            },
+
+            KS2 = {
+                0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934,
+                0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068,
+                0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
+                0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840,
+                0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45,
+                0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
+                0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A,
+                0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB,
+                0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
+                0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6,
+                0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42,
+                0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
+                0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2,
+                0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB,
+                0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
+                0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B,
+                0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33,
+                0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
+                0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3,
+                0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC,
+                0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
+                0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564,
+                0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B,
+                0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
+                0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922,
+                0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728,
+                0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
+                0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E,
+                0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37,
+                0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
+                0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804,
+                0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B,
+                0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
+                0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB,
+                0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D,
+                0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
+                0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350,
+                0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9,
+                0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
+                0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE,
+                0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D,
+                0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
+                0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F,
+                0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61,
+                0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
+                0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9,
+                0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2,
+                0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
+                0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E,
+                0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633,
+                0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
+                0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169,
+                0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52,
+                0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
+                0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5,
+                0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62,
+                0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
+                0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76,
+                0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24,
+                0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
+                0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4,
+                0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C,
+                0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
+                0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0
+            },
+
+            KS3 = {
+                0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B,
+                0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE,
+                0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
+                0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4,
+                0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8,
+                0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
+                0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304,
+                0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22,
+                0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
+                0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6,
+                0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9,
+                0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
+                0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593,
+                0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51,
+                0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
+                0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C,
+                0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B,
+                0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
+                0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C,
+                0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD,
+                0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
+                0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319,
+                0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB,
+                0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
+                0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991,
+                0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32,
+                0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
+                0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166,
+                0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE,
+                0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
+                0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5,
+                0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47,
+                0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
+                0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D,
+                0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84,
+                0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
+                0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8,
+                0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD,
+                0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
+                0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7,
+                0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38,
+                0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
+                0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C,
+                0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525,
+                0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
+                0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442,
+                0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964,
+                0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
+                0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8,
+                0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D,
+                0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
+                0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299,
+                0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02,
+                0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
+                0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614,
+                0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A,
+                0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
+                0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B,
+                0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0,
+                0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
+                0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E,
+                0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9,
+                0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
+                0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6
+            };
+
+        //====================================
+        // Useful constants
+        //====================================
+
+        private const int ROUNDS = 16;
+        private const int SBOX_SK = 256;
+        private const int SBOX_SK2 = SBOX_SK * 2;
+        private const int SBOX_SK3 = SBOX_SK * 3;
+        private const int P_SZ = ROUNDS + 2;
+
+        private readonly uint[] S;    // the s-boxes
+        private readonly uint[] P;    // the p-array
+
+        private BCrypt()
+        {
+            S = new uint[SBOX_SK * 4];
+            P = new uint[P_SZ];
+        }
+
+        //==================================
+        // Private Implementation
+        //==================================
+
+        private uint F(uint x)
+        {
+            return (((S[(x >> 24)] + S[SBOX_SK + ((x >> 16) & 0xff)])
+                ^ S[SBOX_SK2 + ((x >> 8) & 0xff)]) + S[SBOX_SK3 + (x & 0xff)]);
+        }
+
+        /*
+         * apply the encryption cycle to each value pair in the table.
+         */
+        private void ProcessTable(uint xl, uint xr, uint[] table)
+        {
+            int size = table.Length;
+
+            for (int s = 0; s < size; s += 2)
+            {
+                xl ^= P[0];
+
+                for (int i = 1; i < ROUNDS; i += 2)
+                {
+                    xr ^= F(xl) ^ P[i];
+                    xl ^= F(xr) ^ P[i + 1];
+                }
+
+                xr ^= P[ROUNDS + 1];
+
+                table[s] = xr;
+                table[s + 1] = xl;
+
+                xr = xl;            // end of cycle swap
+                xl = table[s];
+            }
+        }
+
+        /*
+         * Initialize the S-boxes and the P-array, with a fixed string
+         * This string contains the hexadecimal digits of pi (3.141...)
+         */
+        private void InitState()
+        {
+            Array.Copy(KS0, 0, S, 0, SBOX_SK);
+            Array.Copy(KS1, 0, S, SBOX_SK, SBOX_SK);
+            Array.Copy(KS2, 0, S, SBOX_SK2, SBOX_SK);
+            Array.Copy(KS3, 0, S, SBOX_SK3, SBOX_SK);
+
+            Array.Copy(KP, 0, P, 0, P_SZ);
+        }
+
+        /*
+         * XOR P with key cyclic.
+         * This is the first part of ExpandKey function
+         */
+        private void CyclicXorKey(byte[] key)
+        {
+            int keyLength = key.Length;
+            int keyIndex = 0;
+
+            for (int i = 0; i < P_SZ; i++)
+            {
+                // get the 32 bits of the key, in 4 * 8 bit chunks
+                uint data = 0x0000000;
+                for (int j = 0; j < 4; j++)
+                {
+                    // create a 32 bit block
+                    data = (data << 8) | key[keyIndex];
+
+                    // wrap when we get to the end of the key
+                    if (++keyIndex >= keyLength)
+                    {
+                        keyIndex = 0;
+                    }
+                }
+                // XOR the newly created 32 bit chunk onto the P-array
+                P[i] ^= data;
+            }
+        }
+
+
+        /*
+         *  encrypt magic String 64 times in ECB
+         */
+        private byte[] EncryptMagicString()
+        {
+            uint[] text = {
+                MAGIC_STRING[0], MAGIC_STRING[1],
+                MAGIC_STRING[2], MAGIC_STRING[3],
+                MAGIC_STRING[4], MAGIC_STRING[5]
+            };
+            for (int i = 0; i < 64; i++)
+            {
+                for (int j = 0; j < MAGIC_STRING_LENGTH; j += 2)
+                {
+                    uint left = text[j];
+                    uint right = text[j + 1];
+
+                    left ^= P[0];
+                    for (int k = 1; k < ROUNDS; k += 2)
+                    {
+                        right ^= F(left) ^ P[k];
+                        left ^= F(right) ^ P[k + 1];
+                    }
+                    right ^= P[ROUNDS + 1];
+                    // swap values:
+                    text[j] = right;
+                    text[j + 1] = left;
+                }
+            }
+            byte[] result = new byte[24]; // holds 192 bit key
+            Pack.UInt32_To_BE(text, result, 0);
+            Array.Clear(text, 0, text.Length);
+            Array.Clear(P, 0, P.Length);
+            Array.Clear(S, 0, S.Length);
+
+            return result;
+        }
+
+        /*
+         * This is a part of Eksblowfish function
+         *
+         * @param 	table: sub-keys or working key
+         * @param 	salt32Bit: a 16 byte salt as two 32 bit words
+         * @param 	iv1: value from last proceeded table
+         * @param 	iv2: value from last proceeded table
+         */
+        private void ProcessTableWithSalt(uint[] table, uint[] salt32Bit, uint iv1, uint iv2)
+        {
+            uint xl = iv1 ^ salt32Bit[0];
+            uint xr = iv2 ^ salt32Bit[1];
+
+            uint yl;
+            uint yr;
+            int size = table.Length;
+
+            for (int s = 0; s < size; s += 4)
+            {
+                xl ^= P[0];
+                for (int i = 1; i < ROUNDS; i += 2)
+                {
+                    xr ^= F(xl) ^ P[i];
+                    xl ^= F(xr) ^ P[i + 1];
+                }
+                xr ^= P[ROUNDS + 1];
+
+                table[s] = xr;
+                table[s + 1] = xl;
+
+                yl = salt32Bit[2] ^ xr;
+                yr = salt32Bit[3] ^ xl;
+
+                if (s + 2 >= size) // P holds 18 values
+                {
+                    break;
+                }
+
+                yl ^= P[0];
+                for (int i = 1; i < ROUNDS; i += 2)
+                {
+                    yr ^= F(yl) ^ P[i];
+                    yl ^= F(yr) ^ P[i + 1];
+                }
+                yr ^= P[ROUNDS + 1];
+
+                table[s + 2] = yr;
+                table[s + 3] = yl;
+
+                xl = salt32Bit[0] ^ yr;
+                xr = salt32Bit[1] ^ yl;
+            }
+        }
+
+        /**
+         * Derives a raw 192 bit Bcrypt key
+         *
+         * @param cost the cost factor, treated as an exponent of 2
+         * @param salt a 16 byte salt
+         * @param psw  the password
+         * @return a 192 bit key
+         */
+        private byte[] DeriveRawKey(int cost, byte[] salt, byte[] psw)
+        {
+            if (salt.Length != 16)
+                throw new DataLengthException("Invalid salt size: 16 bytes expected.");
+            if (cost < 4 || cost > 31)
+                throw new ArgumentException("Illegal cost factor: 4 - 31 expected.", "cost");
+
+            if (psw.Length == 0)
+            {
+                psw = new byte[4];
+            }
+
+            // state <- InitState()
+            InitState();
+
+            uint[] salt32Bit = new uint[4]; // holds 16 byte salt
+            Pack.BE_To_UInt32(salt, 0, salt32Bit);
+
+            uint[] salt32Bit2 = new uint[salt.Length]; // swapped values
+            salt32Bit2[0] = salt32Bit[2];
+            salt32Bit2[1] = salt32Bit[3];
+            salt32Bit2[2] = salt32Bit[0];
+            salt32Bit2[3] = salt32Bit[1];
+
+            // ExpandKey( state, salt, key):
+            CyclicXorKey(psw);
+            ProcessTableWithSalt(P, salt32Bit, 0, 0);
+            Array.Clear(salt32Bit, 0, salt32Bit.Length);
+            ProcessTableWithSalt(S, salt32Bit2, P[P.Length - 2], P[P.Length - 1]);
+            Array.Clear(salt32Bit2, 0, salt32Bit2.Length);
+
+            int rounds = 1 << cost;
+            for (int i = 0; i != rounds; i++)        // rounds may be negative if cost is 31
+            {
+                // state <- ExpandKey(state, 0, key);
+                CyclicXorKey(psw);
+                ProcessTable(0, 0, P);
+                ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S);
+
+                // state <- ExpandKey(state, 0, salt);
+                CyclicXorKey(salt);
+                ProcessTable(0, 0, P);
+                ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S);
+            }
+
+            // encrypt magicString 64 times
+            return EncryptMagicString();
+        }
+
+        /**
+         * Size of the salt parameter in bytes
+         */
+        internal const int SALT_SIZE_BYTES = 16;
+
+        /**
+         * Minimum value of cost parameter, equal to log2(bytes of salt)
+         */
+        internal const int MIN_COST = 4;
+
+        /**
+         * Maximum value of cost parameter (31 == 2,147,483,648)
+         */
+        internal const int MAX_COST = 31;
+
+        /**
+         * Maximum size of password == max (unrestricted) size of Blowfish key
+         */
+        // Blowfish spec limits keys to 448bit/56 bytes to ensure all bits of key affect all ciphertext
+        // bits, but technically algorithm handles 72 byte keys and most implementations support this.
+        internal const int MAX_PASSWORD_BYTES = 72;
+
+        /**
+         * Calculates the <b>bcrypt</b> hash of a password.
+         * <p>
+         * This implements the raw <b>bcrypt</b> function as defined in the bcrypt specification, not
+         * the crypt encoded version implemented in OpenBSD.
+         * </p>
+         * @param password the password bytes (up to 72 bytes) to use for this invocation.
+         * @param salt     the 128 bit salt to use for this invocation.
+         * @param cost     the bcrypt cost parameter. The cost of the bcrypt function grows as
+         *                 <code>2^cost</code>. Legal values are 4..31 inclusive.
+         * @return the output of the raw bcrypt operation: a 192 bit (24 byte) hash.
+         */
+        public static byte[] Generate(byte[] password, byte[] salt, int cost)
+        {
+            if (password == null)
+                throw new ArgumentNullException("password");
+            if (password.Length > MAX_PASSWORD_BYTES)
+                throw new ArgumentException("BCrypt password must be <= 72 bytes", "password");
+            if (salt == null)
+                throw new ArgumentNullException("salt");
+            if (salt.Length != SALT_SIZE_BYTES)
+                throw new ArgumentException("BCrypt salt must be 128 bits", "salt");
+            if (cost < MIN_COST || cost > MAX_COST)
+                throw new ArgumentException("BCrypt cost must be from 4..31", "cost");
+
+            return new BCrypt().DeriveRawKey(cost, salt, password);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/BaseKdfBytesGenerator.cs b/bc-sharp-crypto/src/crypto/generators/BaseKdfBytesGenerator.cs
new file mode 100644
index 0000000..bca4207
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/BaseKdfBytesGenerator.cs
@@ -0,0 +1,132 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+    * Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
+    * <br/>
+    * This implementation is based on ISO 18033/P1363a.
+    */
+    public class BaseKdfBytesGenerator
+        : IDerivationFunction
+    {
+        private int     counterStart;
+        private IDigest  digest;
+        private byte[]  shared;
+        private byte[]  iv;
+
+        /**
+        * Construct a KDF Parameters generator.
+        *
+        * @param counterStart value of counter.
+        * @param digest the digest to be used as the source of derived keys.
+        */
+        public BaseKdfBytesGenerator(int counterStart, IDigest digest)
+        {
+            this.counterStart = counterStart;
+            this.digest = digest;
+        }
+
+        public virtual void Init(IDerivationParameters parameters)
+        {
+            if (parameters is KdfParameters)
+            {
+                KdfParameters   p = (KdfParameters)parameters;
+
+                shared = p.GetSharedSecret();
+                iv = p.GetIV();
+            }
+            else if (parameters is Iso18033KdfParameters)
+            {
+                Iso18033KdfParameters p = (Iso18033KdfParameters)parameters;
+
+                shared = p.GetSeed();
+                iv = null;
+            }
+            else
+            {
+                throw new ArgumentException("KDF parameters required for KDF Generator");
+            }
+        }
+
+        /**
+        * return the underlying digest.
+        */
+        public virtual IDigest Digest
+        {
+            get { return digest; }
+        }
+
+        /**
+        * fill len bytes of the output buffer with bytes generated from
+        * the derivation function.
+        *
+        * @throws ArgumentException if the size of the request will cause an overflow.
+        * @throws DataLengthException if the out buffer is too small.
+        */
+        public virtual int GenerateBytes(byte[] output, int outOff, int length)
+        {
+            if ((output.Length - length) < outOff)
+                throw new DataLengthException("output buffer too small");
+
+            long oBytes = length;
+            int outLen = digest.GetDigestSize();
+
+            //
+            // this is at odds with the standard implementation, the
+            // maximum value should be hBits * (2^32 - 1) where hBits
+            // is the digest output size in bits. We can't have an
+            // array with a long index at the moment...
+            //
+            if (oBytes > ((2L << 32) - 1))
+                throw new ArgumentException("Output length too large");
+
+            int cThreshold = (int)((oBytes + outLen - 1) / outLen);
+
+            byte[] dig = new byte[digest.GetDigestSize()];
+
+            byte[] C = new byte[4];
+            Pack.UInt32_To_BE((uint)counterStart, C, 0);
+
+            uint counterBase = (uint)(counterStart & ~0xFF);
+
+            for (int i = 0; i < cThreshold; i++)
+            {
+                digest.BlockUpdate(shared, 0, shared.Length);
+                digest.BlockUpdate(C, 0, 4);
+
+                if (iv != null)
+                {
+                    digest.BlockUpdate(iv, 0, iv.Length);
+                }
+
+                digest.DoFinal(dig, 0);
+
+                if (length > outLen)
+                {
+                    Array.Copy(dig, 0, output, outOff, outLen);
+                    outOff += outLen;
+                    length -= outLen;
+                }
+                else
+                {
+                    Array.Copy(dig, 0, output, outOff, length);
+                }
+
+                if (++C[3] == 0)
+                {
+                    counterBase += 0x100;
+                    Pack.UInt32_To_BE(counterBase, C, 0);
+                }
+            }
+
+            digest.Reset();
+
+            return (int)oBytes;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs
new file mode 100644
index 0000000..51b3af6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs
@@ -0,0 +1,38 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * a basic Diffie-Hellman key pair generator.
+     *
+     * This generates keys consistent for use with the basic algorithm for
+     * Diffie-Hellman.
+     */
+    public class DHBasicKeyPairGenerator
+		: IAsymmetricCipherKeyPairGenerator
+    {
+        private DHKeyGenerationParameters param;
+
+        public virtual void Init(
+			KeyGenerationParameters parameters)
+        {
+            this.param = (DHKeyGenerationParameters)parameters;
+        }
+
+        public virtual AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+			DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance;
+			DHParameters dhp = param.Parameters;
+
+			BigInteger x = helper.CalculatePrivate(dhp, param.Random);
+			BigInteger y = helper.CalculatePublic(dhp, x);
+
+			return new AsymmetricCipherKeyPair(
+                new DHPublicKeyParameters(y, dhp),
+                new DHPrivateKeyParameters(x, dhp));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DHKeyGeneratorHelper.cs b/bc-sharp-crypto/src/crypto/generators/DHKeyGeneratorHelper.cs
new file mode 100644
index 0000000..68aba64
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DHKeyGeneratorHelper.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    class DHKeyGeneratorHelper
+    {
+        internal static readonly DHKeyGeneratorHelper Instance = new DHKeyGeneratorHelper();
+
+        private DHKeyGeneratorHelper()
+        {
+        }
+
+        internal BigInteger CalculatePrivate(
+            DHParameters	dhParams,
+            SecureRandom	random)
+        {
+            int limit = dhParams.L;
+
+            if (limit != 0)
+            {
+                int minWeight = limit >> 2;
+                for (;;)
+                {
+                    BigInteger x = new BigInteger(limit, random).SetBit(limit - 1);
+                    if (WNafUtilities.GetNafWeight(x) >= minWeight)
+                    {
+                        return x;
+                    }
+                }
+            }
+
+            BigInteger min = BigInteger.Two;
+            int m = dhParams.M;
+            if (m != 0)
+            {
+                min = BigInteger.One.ShiftLeft(m - 1);
+            }
+
+            BigInteger q = dhParams.Q;
+            if (q == null)
+            {
+                q = dhParams.P;
+            }
+            BigInteger max = q.Subtract(BigInteger.Two);
+
+            {
+                int minWeight = max.BitLength >> 2;
+                for (;;)
+                {
+                    BigInteger x = BigIntegers.CreateRandomInRange(min, max, random);
+                    if (WNafUtilities.GetNafWeight(x) >= minWeight)
+                    {
+                        return x;
+                    }
+                }
+            }
+        }
+
+        internal BigInteger CalculatePublic(
+            DHParameters	dhParams,
+            BigInteger		x)
+        {
+            return dhParams.G.ModPow(x, dhParams.P);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DHKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DHKeyPairGenerator.cs
new file mode 100644
index 0000000..3bf58ba
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DHKeyPairGenerator.cs
@@ -0,0 +1,38 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * a Diffie-Hellman key pair generator.
+     *
+     * This generates keys consistent for use in the MTI/A0 key agreement protocol
+     * as described in "Handbook of Applied Cryptography", Pages 516-519.
+     */
+    public class DHKeyPairGenerator
+		: IAsymmetricCipherKeyPairGenerator
+    {
+		private DHKeyGenerationParameters param;
+
+		public virtual void Init(
+			KeyGenerationParameters parameters)
+        {
+            this.param = (DHKeyGenerationParameters)parameters;
+        }
+
+		public virtual AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+			DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance;
+			DHParameters dhp = param.Parameters;
+
+			BigInteger x = helper.CalculatePrivate(dhp, param.Random);
+			BigInteger y = helper.CalculatePublic(dhp, x);
+
+			return new AsymmetricCipherKeyPair(
+                new DHPublicKeyParameters(y, dhp),
+                new DHPrivateKeyParameters(x, dhp));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DHParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DHParametersGenerator.cs
new file mode 100644
index 0000000..e752c84
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DHParametersGenerator.cs
@@ -0,0 +1,45 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    public class DHParametersGenerator
+    {
+        private int				size;
+        private int				certainty;
+        private SecureRandom	random;
+
+        public virtual void Init(
+            int				size,
+            int				certainty,
+            SecureRandom	random)
+        {
+            this.size = size;
+            this.certainty = certainty;
+            this.random = random;
+        }
+
+        /**
+         * which Generates the p and g values from the given parameters,
+         * returning the DHParameters object.
+         * <p>
+         * Note: can take a while...</p>
+         */
+        public virtual DHParameters GenerateParameters()
+        {
+			//
+			// find a safe prime p where p = 2*q + 1, where p and q are prime.
+			//
+			BigInteger[] safePrimes = DHParametersHelper.GenerateSafePrimes(size, certainty, random);
+
+			BigInteger p = safePrimes[0];
+			BigInteger q = safePrimes[1];
+			BigInteger g = DHParametersHelper.SelectGenerator(p, q, random);
+
+			return new DHParameters(p, g, q, BigInteger.Two, null);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DHParametersHelper.cs b/bc-sharp-crypto/src/crypto/generators/DHParametersHelper.cs
new file mode 100644
index 0000000..3856904
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DHParametersHelper.cs
@@ -0,0 +1,156 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    internal class DHParametersHelper
+    {
+        private static readonly BigInteger Six = BigInteger.ValueOf(6);
+
+        private static readonly int[][] primeLists = BigInteger.primeLists;
+        private static readonly int[] primeProducts = BigInteger.primeProducts;
+        private static readonly BigInteger[] BigPrimeProducts = ConstructBigPrimeProducts(primeProducts);
+
+        private static BigInteger[] ConstructBigPrimeProducts(int[] primeProducts)
+        {
+            BigInteger[] bpp = new BigInteger[primeProducts.Length];
+            for (int i = 0; i < bpp.Length; ++i)
+            {
+                bpp[i] = BigInteger.ValueOf(primeProducts[i]);
+            }
+            return bpp;
+        }
+
+        /*
+         * Finds a pair of prime BigInteger's {p, q: p = 2q + 1}
+         * 
+         * (see: Handbook of Applied Cryptography 4.86)
+         */
+        internal static BigInteger[] GenerateSafePrimes(int size, int certainty, SecureRandom random)
+        {
+            BigInteger p, q;
+            int qLength = size - 1;
+            int minWeight = size >> 2;
+
+            if (size <= 32)
+            {
+                for (;;)
+                {
+                    q = new BigInteger(qLength, 2, random);
+
+                    p = q.ShiftLeft(1).Add(BigInteger.One);
+
+                    if (!p.IsProbablePrime(certainty, true))
+                        continue;
+
+                    if (certainty > 2 && !q.IsProbablePrime(certainty, true))
+                        continue;
+
+                    break;
+                }
+            }
+            else
+            {
+                // Note: Modified from Java version for speed
+                for (;;)
+                {
+                    q = new BigInteger(qLength, 0, random);
+
+                retry:
+                    for (int i = 0; i < primeLists.Length; ++i)
+                    {
+                        int test = q.Remainder(BigPrimeProducts[i]).IntValue;
+
+                        if (i == 0)
+                        {
+                            int rem3 = test % 3;
+                            if (rem3 != 2)
+                            {
+                                int diff = 2 * rem3 + 2;
+                                q = q.Add(BigInteger.ValueOf(diff));
+                                test = (test + diff) % primeProducts[i];
+                            }
+                        }
+
+                        int[] primeList = primeLists[i];
+                        for (int j = 0; j < primeList.Length; ++j)
+                        {
+                            int prime = primeList[j];
+                            int qRem = test % prime;
+                            if (qRem == 0 || qRem == (prime >> 1))
+                            {
+                                q = q.Add(Six);
+                                goto retry;
+                            }
+                        }
+                    }
+
+                    if (q.BitLength != qLength)
+                        continue;
+
+                    if (!q.RabinMillerTest(2, random, true))
+                        continue;
+
+                    p = q.ShiftLeft(1).Add(BigInteger.One);
+
+                    if (!p.RabinMillerTest(certainty, random, true))
+                        continue;
+
+                    if (certainty > 2 && !q.RabinMillerTest(certainty - 2, random, true))
+                        continue;
+
+                    /*
+                     * Require a minimum weight of the NAF representation, since low-weight primes may be
+                     * weak against a version of the number-field-sieve for the discrete-logarithm-problem.
+                     * 
+                     * See "The number field sieve for integers of low weight", Oliver Schirokauer.
+                     */
+                    if (WNafUtilities.GetNafWeight(p) < minWeight)
+                        continue;
+
+                    break;
+                }
+            }
+
+            return new BigInteger[] { p, q };
+        }
+
+        /*
+         * Select a high order element of the multiplicative group Zp*
+         * 
+         * p and q must be s.t. p = 2*q + 1, where p and q are prime (see generateSafePrimes)
+         */
+        internal static BigInteger SelectGenerator(BigInteger p, BigInteger q, SecureRandom random)
+        {
+            BigInteger pMinusTwo = p.Subtract(BigInteger.Two);
+            BigInteger g;
+
+            /*
+             * (see: Handbook of Applied Cryptography 4.80)
+             */
+//			do
+//			{
+//				g = BigIntegers.CreateRandomInRange(BigInteger.Two, pMinusTwo, random);
+//			}
+//			while (g.ModPow(BigInteger.Two, p).Equals(BigInteger.One)
+//				|| g.ModPow(q, p).Equals(BigInteger.One));
+
+            /*
+             * RFC 2631 2.2.1.2 (and see: Handbook of Applied Cryptography 4.81)
+             */
+            do
+            {
+                BigInteger h = BigIntegers.CreateRandomInRange(BigInteger.Two, pMinusTwo, random);
+
+                g = h.ModPow(BigInteger.Two, p);
+            }
+            while (g.Equals(BigInteger.One));
+
+            return g;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DesEdeKeyGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DesEdeKeyGenerator.cs
new file mode 100644
index 0000000..904cc71
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DesEdeKeyGenerator.cs
@@ -0,0 +1,67 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    public class DesEdeKeyGenerator
+		: DesKeyGenerator
+    {
+		public DesEdeKeyGenerator()
+		{
+		}
+
+		internal DesEdeKeyGenerator(
+			int defaultStrength)
+			: base(defaultStrength)
+		{
+		}
+
+		/**
+        * initialise the key generator - if strength is set to zero
+        * the key Generated will be 192 bits in size, otherwise
+        * strength can be 128 or 192 (or 112 or 168 if you don't count
+        * parity bits), depending on whether you wish to do 2-key or 3-key
+        * triple DES.
+        *
+        * @param param the parameters to be used for key generation
+        */
+        protected override void engineInit(
+			KeyGenerationParameters parameters)
+        {
+			this.random = parameters.Random;
+			this.strength = (parameters.Strength + 7) / 8;
+
+			if (strength == 0 || strength == (168 / 8))
+            {
+                strength = DesEdeParameters.DesEdeKeyLength;
+            }
+            else if (strength == (112 / 8))
+            {
+                strength = 2 * DesEdeParameters.DesKeyLength;
+            }
+            else if (strength != DesEdeParameters.DesEdeKeyLength
+                && strength != (2 * DesEdeParameters.DesKeyLength))
+            {
+                throw new ArgumentException("DESede key must be "
+                    + (DesEdeParameters.DesEdeKeyLength * 8) + " or "
+                    + (2 * 8 * DesEdeParameters.DesKeyLength)
+                    + " bits long.");
+            }
+        }
+
+        protected override byte[] engineGenerateKey()
+        {
+            byte[] newKey = new byte[strength];
+
+            do
+            {
+                random.NextBytes(newKey);
+                DesEdeParameters.SetOddParity(newKey);
+            }
+            while (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length) || !DesEdeParameters.IsRealEdeKey(newKey, 0));
+
+            return newKey;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DesKeyGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DesKeyGenerator.cs
new file mode 100644
index 0000000..4c2051d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DesKeyGenerator.cs
@@ -0,0 +1,57 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    public class DesKeyGenerator
+		: CipherKeyGenerator
+    {
+		public DesKeyGenerator()
+		{
+		}
+
+		internal DesKeyGenerator(
+			int defaultStrength)
+			: base(defaultStrength)
+		{
+		}
+
+		/**
+		* initialise the key generator - if strength is set to zero
+		* the key generated will be 64 bits in size, otherwise
+		* strength can be 64 or 56 bits (if you don't count the parity bits).
+		*
+		* @param param the parameters to be used for key generation
+		*/
+		protected override void engineInit(
+			KeyGenerationParameters parameters)
+		{
+			base.engineInit(parameters);
+
+			if (strength == 0 || strength == (56 / 8))
+			{
+				strength = DesParameters.DesKeyLength;
+			}
+			else if (strength != DesParameters.DesKeyLength)
+			{
+				throw new ArgumentException(
+					"DES key must be " + (DesParameters.DesKeyLength * 8) + " bits long.");
+			}
+		}
+
+		protected override byte[] engineGenerateKey()
+        {
+            byte[] newKey = new byte[DesParameters.DesKeyLength];
+
+            do
+            {
+                random.NextBytes(newKey);
+                DesParameters.SetOddParity(newKey);
+            }
+            while (DesParameters.IsWeakKey(newKey, 0));
+
+			return newKey;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DsaKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DsaKeyPairGenerator.cs
new file mode 100644
index 0000000..1c9ce5a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DsaKeyPairGenerator.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * a DSA key pair generator.
+     *
+     * This Generates DSA keys in line with the method described
+     * in <i>FIPS 186-3 B.1 FFC Key Pair Generation</i>.
+     */
+    public class DsaKeyPairGenerator
+        : IAsymmetricCipherKeyPairGenerator
+    {
+        private static readonly BigInteger One = BigInteger.One;
+
+        private DsaKeyGenerationParameters param;
+
+        public void Init(
+            KeyGenerationParameters parameters)
+        {
+            if (parameters == null)
+                throw new ArgumentNullException("parameters");
+
+            // Note: If we start accepting instances of KeyGenerationParameters,
+            // must apply constraint checking on strength (see DsaParametersGenerator.Init)
+
+            this.param = (DsaKeyGenerationParameters) parameters;
+        }
+
+        public AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+            DsaParameters dsaParams = param.Parameters;
+
+            BigInteger x = GeneratePrivateKey(dsaParams.Q, param.Random);
+            BigInteger y = CalculatePublicKey(dsaParams.P, dsaParams.G, x);
+
+            return new AsymmetricCipherKeyPair(
+                new DsaPublicKeyParameters(y, dsaParams),
+                new DsaPrivateKeyParameters(x, dsaParams));
+        }
+
+        private static BigInteger GeneratePrivateKey(BigInteger q, SecureRandom random)
+        {
+            // B.1.2 Key Pair Generation by Testing Candidates
+            int minWeight = q.BitLength >> 2;
+            for (;;)
+            {
+                // TODO Prefer this method? (change test cases that used fixed random)
+                // B.1.1 Key Pair Generation Using Extra Random Bits
+                //BigInteger x = new BigInteger(q.BitLength + 64, random).Mod(q.Subtract(One)).Add(One);
+
+                BigInteger x = BigIntegers.CreateRandomInRange(One, q.Subtract(One), random);
+                if (WNafUtilities.GetNafWeight(x) >= minWeight)
+                {
+                    return x;
+                }
+            }
+        }
+
+        private static BigInteger CalculatePublicKey(BigInteger p, BigInteger g, BigInteger x)
+        {
+            return g.ModPow(x, p);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/DsaParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/DsaParametersGenerator.cs
new file mode 100644
index 0000000..d7ae3ec
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/DsaParametersGenerator.cs
@@ -0,0 +1,355 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * Generate suitable parameters for DSA, in line with FIPS 186-2, or FIPS 186-3.
+     */
+    public class DsaParametersGenerator
+    {
+        private IDigest         digest;
+        private int				L, N;
+        private int				certainty;
+        private SecureRandom	random;
+        private bool            use186_3;
+        private int             usageIndex;
+
+        public DsaParametersGenerator()
+            : this(new Sha1Digest())
+        {
+        }
+
+        public DsaParametersGenerator(IDigest digest)
+        {
+            this.digest = digest;
+        }
+
+        /// <summary>Initialise the generator</summary>
+        /// <remarks>This form can only be used for older DSA (pre-DSA2) parameters</remarks>
+        /// <param name="size">the size of keys in bits (from 512 up to 1024, and a multiple of 64)</param>
+        /// <param name="certainty">measure of robustness of primes (at least 80 for FIPS 186-2 compliance)</param>
+        /// <param name="random">the source of randomness to use</param>
+        public virtual void Init(
+            int             size,
+            int             certainty,
+            SecureRandom    random)
+        {
+            if (!IsValidDsaStrength(size))
+                throw new ArgumentException("size must be from 512 - 1024 and a multiple of 64", "size");
+
+            this.use186_3 = false;
+            this.L = size;
+            this.N = GetDefaultN(size);
+            this.certainty = certainty;
+            this.random = random;
+        }
+
+        /// <summary>Initialise the generator for DSA 2</summary>
+        /// <remarks>You must use this Init method if you need to generate parameters for DSA 2 keys</remarks>
+        /// <param name="parameters">An instance of <c>DsaParameterGenerationParameters</c> used to configure this generator</param>
+        public virtual void Init(DsaParameterGenerationParameters parameters)
+        {
+            // TODO Should we enforce the minimum 'certainty' values as per C.3 Table C.1?
+            this.use186_3 = true;
+            this.L = parameters.L;
+            this.N = parameters.N;
+            this.certainty = parameters.Certainty;
+            this.random = parameters.Random;
+            this.usageIndex = parameters.UsageIndex;
+
+            if ((L < 1024 || L > 3072) || L % 1024 != 0)
+                throw new ArgumentException("Values must be between 1024 and 3072 and a multiple of 1024", "L");
+            if (L == 1024 && N != 160)
+                throw new ArgumentException("N must be 160 for L = 1024");
+            if (L == 2048 && (N != 224 && N != 256))
+                throw new ArgumentException("N must be 224 or 256 for L = 2048");
+            if (L == 3072 && N != 256)
+                throw new ArgumentException("N must be 256 for L = 3072");
+
+            if (digest.GetDigestSize() * 8 < N)
+                throw new InvalidOperationException("Digest output size too small for value of N");
+        }
+
+        /// <summary>Generates a set of <c>DsaParameters</c></summary>
+        /// <remarks>Can take a while...</remarks>
+        public virtual DsaParameters GenerateParameters()
+        {
+            return use186_3
+                ?	GenerateParameters_FIPS186_3()
+                :	GenerateParameters_FIPS186_2();
+        }
+
+        protected virtual DsaParameters GenerateParameters_FIPS186_2()
+        {
+            byte[] seed = new byte[20];
+            byte[] part1 = new byte[20];
+            byte[] part2 = new byte[20];
+            byte[] u = new byte[20];
+            int n = (L - 1) / 160;
+            byte[] w = new byte[L / 8];
+
+            if (!(digest is Sha1Digest))
+                throw new InvalidOperationException("can only use SHA-1 for generating FIPS 186-2 parameters");
+
+            for (;;)
+            {
+                random.NextBytes(seed);
+
+                Hash(digest, seed, part1);
+                Array.Copy(seed, 0, part2, 0, seed.Length);
+                Inc(part2);
+                Hash(digest, part2, part2);
+
+                for (int i = 0; i != u.Length; i++)
+                {
+                    u[i] = (byte)(part1[i] ^ part2[i]);
+                }
+
+                u[0] |= (byte)0x80;
+                u[19] |= (byte)0x01;
+
+                BigInteger q = new BigInteger(1, u);
+
+                if (!q.IsProbablePrime(certainty))
+                    continue;
+
+                byte[] offset = Arrays.Clone(seed);
+                Inc(offset);
+
+                for (int counter = 0; counter < 4096; ++counter)
+                {
+                    for (int k = 0; k < n; k++)
+                    {
+                        Inc(offset);
+                        Hash(digest, offset, part1);
+                        Array.Copy(part1, 0, w, w.Length - (k + 1) * part1.Length, part1.Length);
+                    }
+
+                    Inc(offset);
+                    Hash(digest, offset, part1);
+                    Array.Copy(part1, part1.Length - ((w.Length - (n) * part1.Length)), w, 0, w.Length - n * part1.Length);
+
+                    w[0] |= (byte)0x80;
+
+                    BigInteger x = new BigInteger(1, w);
+
+                    BigInteger c = x.Mod(q.ShiftLeft(1));
+
+                    BigInteger p = x.Subtract(c.Subtract(BigInteger.One));
+
+                    if (p.BitLength != L)
+                        continue;
+
+                    if (p.IsProbablePrime(certainty))
+                    {
+                        BigInteger g = CalculateGenerator_FIPS186_2(p, q, random);
+
+                        return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter));
+                    }
+                }
+            }
+        }
+
+        protected virtual BigInteger CalculateGenerator_FIPS186_2(BigInteger p, BigInteger q, SecureRandom r)
+        {
+            BigInteger e = p.Subtract(BigInteger.One).Divide(q);
+            BigInteger pSub2 = p.Subtract(BigInteger.Two);
+
+            for (;;)
+            {
+                BigInteger h = BigIntegers.CreateRandomInRange(BigInteger.Two, pSub2, r);
+                BigInteger g = h.ModPow(e, p);
+
+                if (g.BitLength > 1)
+                    return g;
+            }
+        }
+
+        /**
+         * generate suitable parameters for DSA, in line with
+         * <i>FIPS 186-3 A.1 Generation of the FFC Primes p and q</i>.
+         */
+        protected virtual DsaParameters GenerateParameters_FIPS186_3()
+        {
+// A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
+            IDigest d = digest;
+            int outlen = d.GetDigestSize() * 8;
+
+// 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If
+//    the pair is not in the list, then return INVALID.
+            // Note: checked at initialisation
+            
+// 2. If (seedlen < N), then return INVALID.
+            // FIXME This should be configurable (must be >= N)
+            int seedlen = N;
+            byte[] seed = new byte[seedlen / 8];
+
+// 3. n = ceiling(L ⁄ outlen) – 1.
+            int n = (L - 1) / outlen;
+
+// 4. b = L – 1 – (n ∗ outlen).
+            int b = (L - 1) % outlen;
+
+            byte[] output = new byte[d.GetDigestSize()];
+            for (;;)
+            {
+// 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed.
+                random.NextBytes(seed);
+
+// 6. U = Hash (domain_parameter_seed) mod 2^(N–1).
+                Hash(d, seed, output);
+                BigInteger U = new BigInteger(1, output).Mod(BigInteger.One.ShiftLeft(N - 1));
+
+// 7. q = 2^(N–1) + U + 1 – ( U mod 2).
+                BigInteger q = U.SetBit(0).SetBit(N - 1);
+
+// 8. Test whether or not q is prime as specified in Appendix C.3.
+                // TODO Review C.3 for primality checking
+                if (!q.IsProbablePrime(certainty))
+                {
+// 9. If q is not a prime, then go to step 5.
+                    continue;
+                }
+
+// 10. offset = 1.
+                // Note: 'offset' value managed incrementally
+                byte[] offset = Arrays.Clone(seed);
+
+// 11. For counter = 0 to (4L – 1) do
+                int counterLimit = 4 * L;
+                for (int counter = 0; counter < counterLimit; ++counter)
+                {
+// 11.1 For j = 0 to n do
+//      Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen).
+// 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)).
+                    // TODO Assemble w as a byte array
+                    BigInteger W = BigInteger.Zero;
+                    for (int j = 0, exp = 0; j <= n; ++j, exp += outlen)
+                    {
+                        Inc(offset);
+                        Hash(d, offset, output);
+
+                        BigInteger Vj = new BigInteger(1, output);
+                        if (j == n)
+                        {
+                            Vj = Vj.Mod(BigInteger.One.ShiftLeft(b));
+                        }
+
+                        W = W.Add(Vj.ShiftLeft(exp));
+                    }
+
+// 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2L–1; hence, 2L–1 ≤ X < 2L.
+                    BigInteger X = W.Add(BigInteger.One.ShiftLeft(L - 1));
+
+// 11.4 c = X mod 2q.
+                    BigInteger c = X.Mod(q.ShiftLeft(1));
+
+// 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q).
+                    BigInteger p = X.Subtract(c.Subtract(BigInteger.One));
+
+                    // 11.6 If (p < 2^(L - 1)), then go to step 11.9
+                    if (p.BitLength != L)
+                        continue;
+
+// 11.7 Test whether or not p is prime as specified in Appendix C.3.
+                    // TODO Review C.3 for primality checking
+                    if (p.IsProbablePrime(certainty))
+                    {
+// 11.8 If p is determined to be prime, then return VALID and the values of p, q and
+//      (optionally) the values of domain_parameter_seed and counter.
+                        // TODO Make configurable (8-bit unsigned)?
+
+                        if (usageIndex >= 0)
+                        {
+                            BigInteger g = CalculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, usageIndex);
+                            if (g != null)
+                                return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter, usageIndex));
+                        }
+
+                        {
+                            BigInteger g = CalculateGenerator_FIPS186_3_Unverifiable(p, q, random);
+
+                            return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter));
+                        }
+                    }
+
+// 11.9 offset = offset + n + 1.      Comment: Increment offset; then, as part of
+//                                    the loop in step 11, increment counter; if
+//                                    counter < 4L, repeat steps 11.1 through 11.8.
+                    // Note: 'offset' value already incremented in inner loop
+                }
+// 12. Go to step 5.
+            }
+        }
+
+        protected virtual BigInteger CalculateGenerator_FIPS186_3_Unverifiable(BigInteger p, BigInteger q,
+            SecureRandom r)
+        {
+            return CalculateGenerator_FIPS186_2(p, q, r);
+        }
+
+        protected virtual BigInteger CalculateGenerator_FIPS186_3_Verifiable(IDigest d, BigInteger p, BigInteger q,
+            byte[] seed, int index)
+        {
+            // A.2.3 Verifiable Canonical Generation of the Generator g
+            BigInteger e = p.Subtract(BigInteger.One).Divide(q);
+            byte[] ggen = Hex.Decode("6767656E");
+
+            // 7. U = domain_parameter_seed || "ggen" || index || count.
+            byte[] U = new byte[seed.Length + ggen.Length + 1 + 2];
+            Array.Copy(seed, 0, U, 0, seed.Length);
+            Array.Copy(ggen, 0, U, seed.Length, ggen.Length);
+            U[U.Length - 3] = (byte)index; 
+
+            byte[] w = new byte[d.GetDigestSize()];
+            for (int count = 1; count < (1 << 16); ++count)
+            {
+                Inc(U);
+                Hash(d, U, w);
+                BigInteger W = new BigInteger(1, w);
+                BigInteger g = W.ModPow(e, p);
+
+                if (g.CompareTo(BigInteger.Two) >= 0)
+                    return g;
+            }
+
+            return null;
+        }
+        
+        private static bool IsValidDsaStrength(
+            int strength)
+        {
+            return strength >= 512 && strength <= 1024 && strength % 64 == 0;
+        }
+
+        protected static void Hash(IDigest d, byte[] input, byte[] output)
+        {
+            d.BlockUpdate(input, 0, input.Length);
+            d.DoFinal(output, 0);
+        }
+
+        private static int GetDefaultN(int L)
+        {
+            return L > 1024 ? 256 : 160;
+        }
+
+        protected static void Inc(byte[] buf)
+        {
+            for (int i = buf.Length - 1; i >= 0; --i)
+            {
+                byte b = (byte)(buf[i] + 1);
+                buf[i] = b;
+
+                if (b != 0)
+                    break;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/ECKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/ECKeyPairGenerator.cs
new file mode 100644
index 0000000..26bc06e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/ECKeyPairGenerator.cs
@@ -0,0 +1,162 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.EC;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    public class ECKeyPairGenerator
+        : IAsymmetricCipherKeyPairGenerator
+    {
+        private readonly string algorithm;
+
+        private ECDomainParameters parameters;
+        private DerObjectIdentifier publicKeyParamSet;
+        private SecureRandom random;
+
+        public ECKeyPairGenerator()
+            : this("EC")
+        {
+        }
+
+        public ECKeyPairGenerator(
+            string algorithm)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            this.algorithm = ECKeyParameters.VerifyAlgorithmName(algorithm);
+        }
+
+        public void Init(
+            KeyGenerationParameters parameters)
+        {
+            if (parameters is ECKeyGenerationParameters)
+            {
+                ECKeyGenerationParameters ecP = (ECKeyGenerationParameters) parameters;
+
+                this.publicKeyParamSet = ecP.PublicKeyParamSet;
+                this.parameters = ecP.DomainParameters;
+            }
+            else
+            {
+                DerObjectIdentifier oid;
+                switch (parameters.Strength)
+                {
+                    case 192:
+                        oid = X9ObjectIdentifiers.Prime192v1;
+                        break;
+                    case 224:
+                        oid = SecObjectIdentifiers.SecP224r1;
+                        break;
+                    case 239:
+                        oid = X9ObjectIdentifiers.Prime239v1;
+                        break;
+                    case 256:
+                        oid = X9ObjectIdentifiers.Prime256v1;
+                        break;
+                    case 384:
+                        oid = SecObjectIdentifiers.SecP384r1;
+                        break;
+                    case 521:
+                        oid = SecObjectIdentifiers.SecP521r1;
+                        break;
+                    default:
+                        throw new InvalidParameterException("unknown key size.");
+                }
+
+                X9ECParameters ecps = FindECCurveByOid(oid);
+
+                this.publicKeyParamSet = oid;
+                this.parameters = new ECDomainParameters(
+                    ecps.Curve, ecps.G, ecps.N, ecps.H, ecps.GetSeed());
+            }
+
+            this.random = parameters.Random;
+
+            if (this.random == null)
+            {
+                this.random = new SecureRandom();
+            }
+        }
+
+        /**
+         * Given the domain parameters this routine generates an EC key
+         * pair in accordance with X9.62 section 5.2.1 pages 26, 27.
+         */
+        public AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+            BigInteger n = parameters.N;
+            BigInteger d;
+            int minWeight = n.BitLength >> 2;
+
+            for (;;)
+            {
+                d = new BigInteger(n.BitLength, random);
+
+                if (d.CompareTo(BigInteger.Two) < 0 || d.CompareTo(n) >= 0)
+                    continue;
+
+                if (WNafUtilities.GetNafWeight(d) < minWeight)
+                    continue;
+
+                break;
+            }
+
+            ECPoint q = CreateBasePointMultiplier().Multiply(parameters.G, d);
+
+            if (publicKeyParamSet != null)
+            {
+                return new AsymmetricCipherKeyPair(
+                    new ECPublicKeyParameters(algorithm, q, publicKeyParamSet),
+                    new ECPrivateKeyParameters(algorithm, d, publicKeyParamSet));
+            }
+
+            return new AsymmetricCipherKeyPair(
+                new ECPublicKeyParameters(algorithm, q, parameters),
+                new ECPrivateKeyParameters(algorithm, d, parameters));
+        }
+
+        protected virtual ECMultiplier CreateBasePointMultiplier()
+        {
+            return new FixedPointCombMultiplier();
+        }
+
+        internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid)
+        {
+            // TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
+
+            X9ECParameters ecP = CustomNamedCurves.GetByOid(oid);
+            if (ecP == null)
+            {
+                ecP = ECNamedCurveTable.GetByOid(oid);
+            }
+            return ecP;
+        }
+
+        internal static ECPublicKeyParameters GetCorrespondingPublicKey(
+            ECPrivateKeyParameters privKey)
+        {
+            ECDomainParameters ec = privKey.Parameters;
+            ECPoint q = new FixedPointCombMultiplier().Multiply(ec.G, privKey.D);
+
+            if (privKey.PublicKeyParamSet != null)
+            {
+                return new ECPublicKeyParameters(privKey.AlgorithmName, q, privKey.PublicKeyParamSet);
+            }
+
+            return new ECPublicKeyParameters(privKey.AlgorithmName, q, ec);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs
new file mode 100644
index 0000000..227e7fe
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs
@@ -0,0 +1,40 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * a ElGamal key pair generator.
+     * <p>
+     * This Generates keys consistent for use with ElGamal as described in
+     * page 164 of "Handbook of Applied Cryptography".</p>
+     */
+    public class ElGamalKeyPairGenerator
+		: IAsymmetricCipherKeyPairGenerator
+    {
+        private ElGamalKeyGenerationParameters param;
+
+        public void Init(
+			KeyGenerationParameters parameters)
+        {
+            this.param = (ElGamalKeyGenerationParameters) parameters;
+        }
+
+        public AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+			DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance;
+			ElGamalParameters egp = param.Parameters;
+			DHParameters dhp = new DHParameters(egp.P, egp.G, null, 0, egp.L);
+
+			BigInteger x = helper.CalculatePrivate(dhp, param.Random);
+			BigInteger y = helper.CalculatePublic(dhp, x);
+
+			return new AsymmetricCipherKeyPair(
+                new ElGamalPublicKeyParameters(y, egp),
+                new ElGamalPrivateKeyParameters(x, egp));
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/ElGamalParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/ElGamalParametersGenerator.cs
new file mode 100644
index 0000000..8443bb0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/ElGamalParametersGenerator.cs
@@ -0,0 +1,46 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    public class ElGamalParametersGenerator
+    {
+		private int				size;
+        private int				certainty;
+        private SecureRandom	random;
+
+		public void Init(
+            int				size,
+            int				certainty,
+            SecureRandom	random)
+        {
+            this.size = size;
+            this.certainty = certainty;
+            this.random = random;
+        }
+
+		/**
+         * which Generates the p and g values from the given parameters,
+         * returning the ElGamalParameters object.
+         * <p>
+         * Note: can take a while...
+		 * </p>
+         */
+        public ElGamalParameters GenerateParameters()
+        {
+			//
+			// find a safe prime p where p = 2*q + 1, where p and q are prime.
+			//
+			BigInteger[] safePrimes = DHParametersHelper.GenerateSafePrimes(size, certainty, random);
+
+			BigInteger p = safePrimes[0];
+			BigInteger q = safePrimes[1];
+			BigInteger g = DHParametersHelper.SelectGenerator(p, q, random);
+
+			return new ElGamalParameters(p, g);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs
new file mode 100644
index 0000000..520820b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * a GOST3410 key pair generator.
+     * This generates GOST3410 keys in line with the method described
+     * in GOST R 34.10-94.
+     */
+    public class Gost3410KeyPairGenerator
+        : IAsymmetricCipherKeyPairGenerator
+    {
+        private Gost3410KeyGenerationParameters param;
+
+        public void Init(
+            KeyGenerationParameters parameters)
+        {
+            if (parameters is Gost3410KeyGenerationParameters)
+            {
+                this.param = (Gost3410KeyGenerationParameters) parameters;
+            }
+            else
+            {
+                Gost3410KeyGenerationParameters kgp = new Gost3410KeyGenerationParameters(
+                    parameters.Random,
+                    CryptoProObjectIdentifiers.GostR3410x94CryptoProA);
+
+                if (parameters.Strength != kgp.Parameters.P.BitLength - 1)
+                {
+                    // TODO Should we complain?
+                }
+
+                this.param = kgp;
+            }
+        }
+
+        public AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+            SecureRandom random = param.Random;
+            Gost3410Parameters gost3410Params = param.Parameters;
+
+            BigInteger q = gost3410Params.Q, x;
+
+            int minWeight = 64;
+            for (;;)
+            {
+                x = new BigInteger(256, random);
+
+                if (x.SignValue < 1 || x.CompareTo(q) >= 0)
+                    continue;
+
+                if (WNafUtilities.GetNafWeight(x) < minWeight)
+                    continue;
+
+                break;
+            }
+
+            BigInteger p = gost3410Params.P;
+            BigInteger a = gost3410Params.A;
+
+            // calculate the public key.
+            BigInteger y = a.ModPow(x, p);
+
+            if (param.PublicKeyParamSet != null)
+            {
+                return new AsymmetricCipherKeyPair(
+                    new Gost3410PublicKeyParameters(y, param.PublicKeyParamSet),
+                    new Gost3410PrivateKeyParameters(x, param.PublicKeyParamSet));
+            }
+
+            return new AsymmetricCipherKeyPair(
+                new Gost3410PublicKeyParameters(y, gost3410Params),
+                new Gost3410PrivateKeyParameters(x, gost3410Params));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/GOST3410ParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/GOST3410ParametersGenerator.cs
new file mode 100644
index 0000000..52a9f5a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/GOST3410ParametersGenerator.cs
@@ -0,0 +1,530 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	 * generate suitable parameters for GOST3410.
+	 */
+	public class Gost3410ParametersGenerator
+	{
+		private int             size;
+		private int             typeproc;
+		private SecureRandom    init_random;
+
+		/**
+		 * initialise the key generator.
+		 *
+		 * @param size size of the key
+		 * @param typeProcedure type procedure A,B = 1;  A',B' - else
+		 * @param random random byte source.
+		 */
+		public void Init(
+			int             size,
+			int             typeProcedure,
+			SecureRandom    random)
+		{
+			this.size = size;
+			this.typeproc = typeProcedure;
+			this.init_random = random;
+		}
+
+		//Procedure A
+		private int procedure_A(int x0, int c,  BigInteger[] pq, int size)
+		{
+			//Verify and perform condition: 0<x<2^16; 0<c<2^16; c - odd.
+			while(x0<0 || x0>65536)
+			{
+				x0 = init_random.NextInt()/32768;
+			}
+
+			while((c<0 || c>65536) || (c/2==0))
+			{
+				c = init_random.NextInt()/32768 + 1;
+			}
+
+			BigInteger C = BigInteger.ValueOf(c);
+			BigInteger constA16 = BigInteger.ValueOf(19381);
+
+			//step1
+			BigInteger[] y = new BigInteger[1]; // begin length = 1
+			y[0] = BigInteger.ValueOf(x0);
+
+			//step 2
+			int[] t = new int[1]; // t - orders; begin length = 1
+			t[0] = size;
+			int s = 0;
+			for (int i=0; t[i]>=17; i++)
+			{
+				// extension array t
+				int[] tmp_t = new int[t.Length + 1];             ///////////////
+					Array.Copy(t,0,tmp_t,0,t.Length);          //  extension
+				t = new int[tmp_t.Length];                       //  array t
+				Array.Copy(tmp_t, 0, t, 0, tmp_t.Length);  ///////////////
+
+				t[i+1] = t[i]/2;
+				s = i+1;
+			}
+
+			//step3
+			BigInteger[] p = new BigInteger[s+1];
+			p[s] = new BigInteger("8003",16); //set min prime number length 16 bit
+
+			int m = s-1;  //step4
+
+			for (int i=0; i<s; i++)
+			{
+				int rm = t[m]/16;  //step5
+
+			step6: for(;;)
+				   {
+					   //step 6
+					   BigInteger[] tmp_y = new BigInteger[y.Length];  ////////////////
+					   Array.Copy(y,0,tmp_y,0,y.Length);         //  extension
+					   y = new BigInteger[rm+1];                       //  array y
+					   Array.Copy(tmp_y,0,y,0,tmp_y.Length);     ////////////////
+
+					   for (int j=0; j<rm; j++)
+					   {
+						   y[j+1] = (y[j].Multiply(constA16).Add(C)).Mod(BigInteger.Two.Pow(16));
+					   }
+
+					   //step 7
+					   BigInteger Ym = BigInteger.Zero;
+					   for (int j=0; j<rm; j++)
+					   {
+						   Ym = Ym.Add(y[j].ShiftLeft(16*j));
+					   }
+
+					   y[0] = y[rm]; //step 8
+
+					   //step 9
+					   BigInteger N = BigInteger.One.ShiftLeft(t[m]-1).Divide(p[m+1]).Add(
+						   Ym.ShiftLeft(t[m]-1).Divide(p[m+1].ShiftLeft(16*rm)));
+
+					   if (N.TestBit(0))
+					   {
+						   N = N.Add(BigInteger.One);
+					   }
+
+					   //step 10
+
+						for(;;)
+						{
+							//step 11
+							BigInteger NByLastP = N.Multiply(p[m+1]);
+
+							if (NByLastP.BitLength > t[m])
+							{
+								goto step6; //step 12
+							}
+
+							p[m] = NByLastP.Add(BigInteger.One);
+
+							//step13
+							if (BigInteger.Two.ModPow(NByLastP, p[m]).CompareTo(BigInteger.One) == 0
+								&& BigInteger.Two.ModPow(N, p[m]).CompareTo(BigInteger.One) != 0)
+							{
+								break;
+							}
+
+							N = N.Add(BigInteger.Two);
+						}
+
+					   if (--m < 0)
+					   {
+						   pq[0] = p[0];
+						   pq[1] = p[1];
+						   return y[0].IntValue; //return for procedure B step 2
+					   }
+
+					   break; //step 14
+				   }
+			}
+			return y[0].IntValue;
+		}
+
+		//Procedure A'
+		private long procedure_Aa(long x0, long c, BigInteger[] pq, int size)
+		{
+			//Verify and perform condition: 0<x<2^32; 0<c<2^32; c - odd.
+			while(x0<0 || x0>4294967296L)
+			{
+				x0 = init_random.NextInt()*2;
+			}
+
+			while((c<0 || c>4294967296L) || (c/2==0))
+			{
+				c = init_random.NextInt()*2+1;
+			}
+
+			BigInteger C = BigInteger.ValueOf(c);
+			BigInteger constA32 = BigInteger.ValueOf(97781173);
+
+			//step1
+			BigInteger[] y = new BigInteger[1]; // begin length = 1
+			y[0] = BigInteger.ValueOf(x0);
+
+			//step 2
+			int[] t = new int[1]; // t - orders; begin length = 1
+			t[0] = size;
+			int s = 0;
+			for (int i=0; t[i]>=33; i++)
+			{
+				// extension array t
+				int[] tmp_t = new int[t.Length + 1];             ///////////////
+					Array.Copy(t,0,tmp_t,0,t.Length);          //  extension
+				t = new int[tmp_t.Length];                       //  array t
+				Array.Copy(tmp_t, 0, t, 0, tmp_t.Length);  ///////////////
+
+				t[i+1] = t[i]/2;
+				s = i+1;
+			}
+
+			//step3
+			BigInteger[] p = new BigInteger[s+1];
+			p[s] = new BigInteger("8000000B",16); //set min prime number length 32 bit
+
+			int m = s-1;  //step4
+
+			for (int i=0; i<s; i++)
+			{
+				int rm = t[m]/32;  //step5
+
+			step6: for(;;)
+				   {
+					   //step 6
+					   BigInteger[] tmp_y = new BigInteger[y.Length];  ////////////////
+						   Array.Copy(y,0,tmp_y,0,y.Length);         //  extension
+					   y = new BigInteger[rm+1];                       //  array y
+					   Array.Copy(tmp_y,0,y,0,tmp_y.Length);     ////////////////
+
+					   for (int j=0; j<rm; j++)
+					   {
+						   y[j+1] = (y[j].Multiply(constA32).Add(C)).Mod(BigInteger.Two.Pow(32));
+					   }
+
+					   //step 7
+					   BigInteger Ym = BigInteger.Zero;
+					   for (int j=0; j<rm; j++)
+					   {
+						   Ym = Ym.Add(y[j].ShiftLeft(32*j));
+					   }
+
+					   y[0] = y[rm]; //step 8
+
+					   //step 9
+					   BigInteger N = BigInteger.One.ShiftLeft(t[m]-1).Divide(p[m+1]).Add(
+						   Ym.ShiftLeft(t[m]-1).Divide(p[m+1].ShiftLeft(32*rm)));
+
+					   if (N.TestBit(0))
+					   {
+						   N = N.Add(BigInteger.One);
+					   }
+
+					   //step 10
+
+						for(;;)
+						{
+							//step 11
+							BigInteger NByLastP = N.Multiply(p[m+1]);
+
+							if (NByLastP.BitLength > t[m])
+							{
+								goto step6; //step 12
+							}
+
+							p[m] = NByLastP.Add(BigInteger.One);
+
+							//step13
+							if (BigInteger.Two.ModPow(NByLastP, p[m]).CompareTo(BigInteger.One) == 0
+								&& BigInteger.Two.ModPow(N, p[m]).CompareTo(BigInteger.One) != 0)
+							{
+								break;
+							}
+
+							N = N.Add(BigInteger.Two);
+						}
+
+					   if (--m < 0)
+					   {
+						   pq[0] = p[0];
+						   pq[1] = p[1];
+						   return y[0].LongValue; //return for procedure B' step 2
+					   }
+
+					   break; //step 14
+				   }
+			}
+			return y[0].LongValue;
+		}
+
+		//Procedure B
+		private void procedure_B(int x0, int c, BigInteger[] pq)
+		{
+			//Verify and perform condition: 0<x<2^16; 0<c<2^16; c - odd.
+			while(x0<0 || x0>65536)
+			{
+				x0 = init_random.NextInt()/32768;
+			}
+
+			while((c<0 || c>65536) || (c/2==0))
+			{
+				c = init_random.NextInt()/32768 + 1;
+			}
+
+			BigInteger [] qp = new BigInteger[2];
+			BigInteger q = null, Q = null, p = null;
+			BigInteger C = BigInteger.ValueOf(c);
+			BigInteger constA16 = BigInteger.ValueOf(19381);
+
+			//step1
+			x0 = procedure_A(x0, c, qp, 256);
+			q = qp[0];
+
+			//step2
+			x0 = procedure_A(x0, c, qp, 512);
+			Q = qp[0];
+
+			BigInteger[] y = new BigInteger[65];
+			y[0] = BigInteger.ValueOf(x0);
+
+			const int tp = 1024;
+
+			BigInteger qQ = q.Multiply(Q);
+
+step3:
+			for(;;)
+			{
+				//step 3
+				for (int j=0; j<64; j++)
+				{
+					y[j+1] = (y[j].Multiply(constA16).Add(C)).Mod(BigInteger.Two.Pow(16));
+				}
+
+				//step 4
+				BigInteger Y = BigInteger.Zero;
+
+				for (int j=0; j<64; j++)
+				{
+					Y = Y.Add(y[j].ShiftLeft(16*j));
+				}
+
+				y[0] = y[64]; //step 5
+
+				//step 6
+				BigInteger N = BigInteger.One.ShiftLeft(tp-1).Divide(qQ).Add(
+					Y.ShiftLeft(tp-1).Divide(qQ.ShiftLeft(1024)));
+
+				if (N.TestBit(0))
+				{
+					N = N.Add(BigInteger.One);
+				}
+
+				//step 7
+
+				for(;;)
+				{
+					//step 11
+					BigInteger qQN = qQ.Multiply(N);
+
+					if (qQN.BitLength > tp)
+					{
+						goto step3; //step 9
+					}
+
+					p = qQN.Add(BigInteger.One);
+
+					//step10
+					if (BigInteger.Two.ModPow(qQN, p).CompareTo(BigInteger.One) == 0
+						&& BigInteger.Two.ModPow(q.Multiply(N), p).CompareTo(BigInteger.One) != 0)
+					{
+						pq[0] = p;
+						pq[1] = q;
+						return;
+					}
+
+					N = N.Add(BigInteger.Two);
+				}
+			}
+		}
+
+		//Procedure B'
+		private void procedure_Bb(long x0, long c, BigInteger[] pq)
+		{
+			//Verify and perform condition: 0<x<2^32; 0<c<2^32; c - odd.
+			while(x0<0 || x0>4294967296L)
+			{
+				x0 = init_random.NextInt()*2;
+			}
+
+			while((c<0 || c>4294967296L) || (c/2==0))
+			{
+				c = init_random.NextInt()*2+1;
+			}
+
+			BigInteger [] qp = new BigInteger[2];
+			BigInteger q = null, Q = null, p = null;
+			BigInteger C = BigInteger.ValueOf(c);
+			BigInteger constA32 = BigInteger.ValueOf(97781173);
+
+			//step1
+			x0 = procedure_Aa(x0, c, qp, 256);
+			q = qp[0];
+
+			//step2
+			x0 = procedure_Aa(x0, c, qp, 512);
+			Q = qp[0];
+
+			BigInteger[] y = new BigInteger[33];
+			y[0] = BigInteger.ValueOf(x0);
+
+			const int tp = 1024;
+
+			BigInteger qQ = q.Multiply(Q);
+
+step3:
+			for(;;)
+			{
+				//step 3
+				for (int j=0; j<32; j++)
+				{
+					y[j+1] = (y[j].Multiply(constA32).Add(C)).Mod(BigInteger.Two.Pow(32));
+				}
+
+				//step 4
+				BigInteger Y = BigInteger.Zero;
+				for (int j=0; j<32; j++)
+				{
+					Y = Y.Add(y[j].ShiftLeft(32*j));
+				}
+
+				y[0] = y[32]; //step 5
+
+				//step 6
+				BigInteger N = BigInteger.One.ShiftLeft(tp-1).Divide(qQ).Add(
+					Y.ShiftLeft(tp-1).Divide(qQ.ShiftLeft(1024)));
+
+				if (N.TestBit(0))
+				{
+					N = N.Add(BigInteger.One);
+				}
+
+				//step 7
+
+				for(;;)
+				{
+					//step 11
+					BigInteger qQN = qQ.Multiply(N);
+
+					if (qQN.BitLength > tp)
+					{
+						goto step3; //step 9
+					}
+
+					p = qQN.Add(BigInteger.One);
+
+					//step10
+					if (BigInteger.Two.ModPow(qQN, p).CompareTo(BigInteger.One) == 0
+						&& BigInteger.Two.ModPow(q.Multiply(N), p).CompareTo(BigInteger.One) != 0)
+					{
+						pq[0] = p;
+						pq[1] = q;
+						return;
+					}
+
+					N = N.Add(BigInteger.Two);
+				}
+			}
+		}
+
+
+		/**
+		 * Procedure C
+		 * procedure generates the a value from the given p,q,
+		 * returning the a value.
+		 */
+		private BigInteger procedure_C(BigInteger p, BigInteger q)
+		{
+			BigInteger pSub1 = p.Subtract(BigInteger.One);
+			BigInteger pSub1Divq = pSub1.Divide(q);
+
+			for(;;)
+			{
+				BigInteger d = new BigInteger(p.BitLength, init_random);
+
+				// 1 < d < p-1
+				if (d.CompareTo(BigInteger.One) > 0 && d.CompareTo(pSub1) < 0)
+				{
+					BigInteger a = d.ModPow(pSub1Divq, p);
+
+					if (a.CompareTo(BigInteger.One) != 0)
+					{
+						return a;
+					}
+				}
+			}
+		}
+
+		/**
+		 * which generates the p , q and a values from the given parameters,
+		 * returning the Gost3410Parameters object.
+		 */
+		public Gost3410Parameters GenerateParameters()
+		{
+			BigInteger [] pq = new BigInteger[2];
+			BigInteger    q = null, p = null, a = null;
+
+			int  x0, c;
+			long  x0L, cL;
+
+			if (typeproc==1)
+			{
+				x0 = init_random.NextInt();
+				c  = init_random.NextInt();
+
+				switch(size)
+				{
+					case 512:
+						procedure_A(x0, c, pq, 512);
+						break;
+					case 1024:
+						procedure_B(x0, c, pq);
+						break;
+					default:
+						throw new ArgumentException("Ooops! key size 512 or 1024 bit.");
+				}
+				p = pq[0];  q = pq[1];
+				a = procedure_C(p, q);
+				//System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16));
+				//System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a);
+				return new Gost3410Parameters(p, q, a, new Gost3410ValidationParameters(x0, c));
+			}
+			else
+			{
+				x0L = init_random.NextLong();
+				cL  = init_random.NextLong();
+
+				switch(size)
+				{
+					case 512:
+						procedure_Aa(x0L, cL, pq, 512);
+						break;
+					case 1024:
+						procedure_Bb(x0L, cL, pq);
+						break;
+					default:
+						throw new InvalidOperationException("Ooops! key size 512 or 1024 bit.");
+				}
+				p = pq[0];  q = pq[1];
+				a = procedure_C(p, q);
+				//System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16));
+				//System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a);
+				return new Gost3410Parameters(p, q, a, new Gost3410ValidationParameters(x0L, cL));
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/HKDFBytesGenerator.cs b/bc-sharp-crypto/src/crypto/generators/HKDFBytesGenerator.cs
new file mode 100644
index 0000000..c2e667c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/HKDFBytesGenerator.cs
@@ -0,0 +1,153 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * HMAC-based Extract-and-Expand Key Derivation Function (HKDF) implemented
+     * according to IETF RFC 5869, May 2010 as specified by H. Krawczyk, IBM
+     * Research &amp; P. Eronen, Nokia. It uses a HMac internally to compute de OKM
+     * (output keying material) and is likely to have better security properties
+     * than KDF's based on just a hash function.
+     */
+    public class HkdfBytesGenerator
+        : IDerivationFunction
+    {
+        private HMac hMacHash;
+        private int hashLen;
+
+        private byte[] info;
+        private byte[] currentT;
+
+        private int generatedBytes;
+
+        /**
+         * Creates a HKDFBytesGenerator based on the given hash function.
+         *
+         * @param hash the digest to be used as the source of generatedBytes bytes
+         */
+        public HkdfBytesGenerator(IDigest hash)
+        {
+            this.hMacHash = new HMac(hash);
+            this.hashLen = hash.GetDigestSize();
+        }
+
+        public virtual void Init(IDerivationParameters parameters)
+        {
+            if (!(parameters is HkdfParameters))
+                throw new ArgumentException("HKDF parameters required for HkdfBytesGenerator", "parameters");
+
+            HkdfParameters hkdfParameters = (HkdfParameters)parameters;
+            if (hkdfParameters.SkipExtract)
+            {
+                // use IKM directly as PRK
+                hMacHash.Init(new KeyParameter(hkdfParameters.GetIkm()));
+            }
+            else
+            {
+                hMacHash.Init(Extract(hkdfParameters.GetSalt(), hkdfParameters.GetIkm()));
+            }
+
+            info = hkdfParameters.GetInfo();
+
+            generatedBytes = 0;
+            currentT = new byte[hashLen];
+        }
+
+        /**
+         * Performs the extract part of the key derivation function.
+         *
+         * @param salt the salt to use
+         * @param ikm  the input keying material
+         * @return the PRK as KeyParameter
+         */
+        private KeyParameter Extract(byte[] salt, byte[] ikm)
+        {
+            hMacHash.Init(new KeyParameter(ikm));
+            if (salt == null)
+            {
+                // TODO check if hashLen is indeed same as HMAC size
+                hMacHash.Init(new KeyParameter(new byte[hashLen]));
+            }
+            else
+            {
+                hMacHash.Init(new KeyParameter(salt));
+            }
+
+            hMacHash.BlockUpdate(ikm, 0, ikm.Length);
+
+            byte[] prk = new byte[hashLen];
+            hMacHash.DoFinal(prk, 0);
+            return new KeyParameter(prk);
+        }
+
+        /**
+         * Performs the expand part of the key derivation function, using currentT
+         * as input and output buffer.
+         *
+         * @throws DataLengthException if the total number of bytes generated is larger than the one
+         * specified by RFC 5869 (255 * HashLen)
+         */
+        private void ExpandNext()
+        {
+            int n = generatedBytes / hashLen + 1;
+            if (n >= 256)
+            {
+                throw new DataLengthException(
+                    "HKDF cannot generate more than 255 blocks of HashLen size");
+            }
+            // special case for T(0): T(0) is empty, so no update
+            if (generatedBytes != 0)
+            {
+                hMacHash.BlockUpdate(currentT, 0, hashLen);
+            }
+            hMacHash.BlockUpdate(info, 0, info.Length);
+            hMacHash.Update((byte)n);
+            hMacHash.DoFinal(currentT, 0);
+        }
+
+        public virtual IDigest Digest
+        {
+            get { return hMacHash.GetUnderlyingDigest(); }
+        }
+
+        public virtual int GenerateBytes(byte[] output, int outOff, int len)
+        {
+            if (generatedBytes + len > 255 * hashLen)
+            {
+                throw new DataLengthException(
+                    "HKDF may only be used for 255 * HashLen bytes of output");
+            }
+
+            if (generatedBytes % hashLen == 0)
+            {
+                ExpandNext();
+            }
+
+            // copy what is left in the currentT (1..hash
+            int toGenerate = len;
+            int posInT = generatedBytes % hashLen;
+            int leftInT = hashLen - generatedBytes % hashLen;
+            int toCopy = System.Math.Min(leftInT, toGenerate);
+            Array.Copy(currentT, posInT, output, outOff, toCopy);
+            generatedBytes += toCopy;
+            toGenerate -= toCopy;
+            outOff += toCopy;
+
+            while (toGenerate > 0)
+            {
+                ExpandNext();
+                toCopy = System.Math.Min(hashLen, toGenerate);
+                Array.Copy(currentT, 0, output, outOff, toCopy);
+                generatedBytes += toCopy;
+                toGenerate -= toCopy;
+                outOff += toCopy;
+            }
+
+            return len;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Kdf1BytesGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Kdf1BytesGenerator.cs
new file mode 100644
index 0000000..0ddf6c1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Kdf1BytesGenerator.cs
@@ -0,0 +1,26 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	 * KFD2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
+	 * <br/>
+	 * This implementation is based on IEEE P1363/ISO 18033.
+	 */
+	public class Kdf1BytesGenerator
+		: BaseKdfBytesGenerator
+	{
+		/**
+		 * Construct a KDF1 byte generator.
+		 *
+		 * @param digest the digest to be used as the source of derived keys.
+		 */
+		public Kdf1BytesGenerator(IDigest digest)
+			: base(0, digest)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Kdf2BytesGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Kdf2BytesGenerator.cs
new file mode 100644
index 0000000..8a68219
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Kdf2BytesGenerator.cs
@@ -0,0 +1,27 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	 * KDF2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
+	 * <br/>
+	 * This implementation is based on IEEE P1363/ISO 18033.
+	 */
+	public class Kdf2BytesGenerator
+		: BaseKdfBytesGenerator
+	{
+		/**
+		* Construct a KDF2 bytes generator. Generates key material
+		* according to IEEE P1363 or ISO 18033 depending on the initialisation.
+		*
+		* @param digest the digest to be used as the source of derived keys.
+		*/
+		public Kdf2BytesGenerator(IDigest digest)
+			: base(1, digest)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Mgf1BytesGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Mgf1BytesGenerator.cs
new file mode 100644
index 0000000..23a3aca
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Mgf1BytesGenerator.cs
@@ -0,0 +1,117 @@
+using System;
+//using Org.BouncyCastle.Math;
+//using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+    * Generator for MGF1 as defined in Pkcs 1v2
+    */
+    public class Mgf1BytesGenerator : IDerivationFunction
+    {
+        private IDigest digest;
+        private byte[]  seed;
+        private int     hLen;
+
+        /**
+        * @param digest the digest to be used as the source of Generated bytes
+        */
+        public Mgf1BytesGenerator(
+            IDigest  digest)
+        {
+            this.digest = digest;
+            this.hLen = digest.GetDigestSize();
+        }
+
+        public void Init(
+            IDerivationParameters    parameters)
+        {
+            if (!(typeof(MgfParameters).IsInstanceOfType(parameters)))
+            {
+                throw new ArgumentException("MGF parameters required for MGF1Generator");
+            }
+
+            MgfParameters   p = (MgfParameters)parameters;
+
+            seed = p.GetSeed();
+        }
+
+        /**
+        * return the underlying digest.
+        */
+        public IDigest Digest
+        {
+            get
+            {
+                return digest;
+            }
+        }
+
+        /**
+        * int to octet string.
+        */
+        private void ItoOSP(
+            int     i,
+            byte[]  sp)
+        {
+            sp[0] = (byte)((uint) i >> 24);
+            sp[1] = (byte)((uint) i >> 16);
+            sp[2] = (byte)((uint) i >> 8);
+            sp[3] = (byte)((uint) i >> 0);
+        }
+
+        /**
+        * fill len bytes of the output buffer with bytes Generated from
+        * the derivation function.
+        *
+        * @throws DataLengthException if the out buffer is too small.
+        */
+        public int GenerateBytes(
+            byte[]  output,
+            int     outOff,
+            int     length)
+        {
+			if ((output.Length - length) < outOff)
+			{
+				throw new DataLengthException("output buffer too small");
+			}
+
+			byte[]  hashBuf = new byte[hLen];
+            byte[]  C = new byte[4];
+            int     counter = 0;
+
+            digest.Reset();
+
+			if (length > hLen)
+			{
+				do
+				{
+					ItoOSP(counter, C);
+
+					digest.BlockUpdate(seed, 0, seed.Length);
+					digest.BlockUpdate(C, 0, C.Length);
+					digest.DoFinal(hashBuf, 0);
+
+					Array.Copy(hashBuf, 0, output, outOff + counter * hLen, hLen);
+				}
+				while (++counter < (length / hLen));
+			}
+
+            if ((counter * hLen) < length)
+            {
+                ItoOSP(counter, C);
+
+                digest.BlockUpdate(seed, 0, seed.Length);
+                digest.BlockUpdate(C, 0, C.Length);
+                digest.DoFinal(hashBuf, 0);
+
+                Array.Copy(hashBuf, 0, output, outOff + counter * hLen, length - (counter * hLen));
+            }
+
+            return length;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs
new file mode 100644
index 0000000..618ca9a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs
@@ -0,0 +1,268 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	 * Key generation parameters for NaccacheStern cipher. For details on this cipher, please see
+	 *
+	 * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	 */
+	public class NaccacheSternKeyPairGenerator
+		: IAsymmetricCipherKeyPairGenerator
+	{
+		private static readonly int[] smallPrimes =
+		{
+			3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67,
+			71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149,
+			151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
+			239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331,
+			337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431,
+			433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523,
+			541, 547, 557
+		};
+
+		private NaccacheSternKeyGenerationParameters param;
+
+		/*
+		 * (non-Javadoc)
+		 *
+		 * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#init(org.bouncycastle.crypto.KeyGenerationParameters)
+		 */
+		public void Init(KeyGenerationParameters parameters)
+		{
+			this.param = (NaccacheSternKeyGenerationParameters)parameters;
+		}
+
+		/*
+		 * (non-Javadoc)
+		 *
+		 * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#generateKeyPair()
+		 */
+		public AsymmetricCipherKeyPair GenerateKeyPair()
+		{
+			int strength = param.Strength;
+			SecureRandom rand = param.Random;
+			int certainty = param.Certainty;
+
+            IList smallPrimes = findFirstPrimes(param.CountSmallPrimes);
+
+			smallPrimes = permuteList(smallPrimes, rand);
+
+			BigInteger u = BigInteger.One;
+			BigInteger v = BigInteger.One;
+
+			for (int i = 0; i < smallPrimes.Count / 2; i++)
+			{
+				u = u.Multiply((BigInteger)smallPrimes[i]);
+			}
+			for (int i = smallPrimes.Count / 2; i < smallPrimes.Count; i++)
+			{
+				v = v.Multiply((BigInteger)smallPrimes[i]);
+			}
+
+			BigInteger sigma = u.Multiply(v);
+
+			// n = (2 a u _p + 1 ) ( 2 b v _q + 1)
+			// -> |n| = strength
+			// |2| = 1 in bits
+			// -> |a| * |b| = |n| - |u| - |v| - |_p| - |_q| - |2| -|2|
+			// remainingStrength = strength - sigma.bitLength() - _p.bitLength() -
+			// _q.bitLength() - 1 -1
+			int remainingStrength = strength - sigma.BitLength - 48;
+			BigInteger a = generatePrime(remainingStrength / 2 + 1, certainty, rand);
+			BigInteger b = generatePrime(remainingStrength / 2 + 1, certainty, rand);
+
+			BigInteger _p;
+			BigInteger _q;
+			BigInteger p;
+			BigInteger q;
+
+			long tries = 0;
+
+            BigInteger _2au = a.Multiply(u).ShiftLeft(1);
+			BigInteger _2bv = b.Multiply(v).ShiftLeft(1);
+
+			for (;;)
+			{
+				tries++;
+
+				_p = generatePrime(24, certainty, rand);
+
+				p = _p.Multiply(_2au).Add(BigInteger.One);
+
+				if (!p.IsProbablePrime(certainty, true))
+					continue;
+
+				for (;;)
+				{
+					_q = generatePrime(24, certainty, rand);
+
+					if (_p.Equals(_q))
+						continue;
+
+					q = _q.Multiply(_2bv).Add(BigInteger.One);
+
+					if (q.IsProbablePrime(certainty, true))
+						break;
+				}
+
+				if (!sigma.Gcd(_p.Multiply(_q)).Equals(BigInteger.One))
+				{
+                    //Console.WriteLine("sigma.gcd(_p.mult(_q)) != 1!\n _p: " + _p +"\n _q: "+ _q );
+					continue;
+				}
+
+				if (p.Multiply(q).BitLength < strength)
+				{
+					continue;
+				}
+				break;
+			}
+
+			BigInteger n = p.Multiply(q);
+			BigInteger phi_n = p.Subtract(BigInteger.One).Multiply(q.Subtract(BigInteger.One));
+			BigInteger g;
+			tries = 0;
+
+            for (;;)
+			{
+				// TODO After the first loop, just regenerate one randomly-selected gPart each time?
+				IList gParts = Platform.CreateArrayList();
+				for (int ind = 0; ind != smallPrimes.Count; ind++)
+				{
+					BigInteger i = (BigInteger)smallPrimes[ind];
+					BigInteger e = phi_n.Divide(i);
+
+					for (;;)
+					{
+						tries++;
+
+						g = generatePrime(strength, certainty, rand);
+
+						if (!g.ModPow(e, n).Equals(BigInteger.One))
+						{
+							gParts.Add(g);
+							break;
+						}
+					}
+				}
+				g = BigInteger.One;
+				for (int i = 0; i < smallPrimes.Count; i++)
+				{
+					BigInteger gPart = (BigInteger) gParts[i];
+					BigInteger smallPrime = (BigInteger) smallPrimes[i];
+					g = g.Multiply(gPart.ModPow(sigma.Divide(smallPrime), n)).Mod(n);
+				}
+
+				// make sure that g is not divisible by p_i or q_i
+				bool divisible = false;
+				for (int i = 0; i < smallPrimes.Count; i++)
+				{
+					if (g.ModPow(phi_n.Divide((BigInteger)smallPrimes[i]), n).Equals(BigInteger.One))
+					{
+						divisible = true;
+						break;
+					}
+				}
+
+				if (divisible)
+				{
+					continue;
+				}
+
+				// make sure that g has order > phi_n/4
+
+				//if (g.ModPow(phi_n.Divide(BigInteger.ValueOf(4)), n).Equals(BigInteger.One))
+				if (g.ModPow(phi_n.ShiftRight(2), n).Equals(BigInteger.One))
+				{
+					continue;
+				}
+
+				if (g.ModPow(phi_n.Divide(_p), n).Equals(BigInteger.One))
+				{
+					continue;
+				}
+				if (g.ModPow(phi_n.Divide(_q), n).Equals(BigInteger.One))
+				{
+					continue;
+				}
+				if (g.ModPow(phi_n.Divide(a), n).Equals(BigInteger.One))
+				{
+					continue;
+				}
+				if (g.ModPow(phi_n.Divide(b), n).Equals(BigInteger.One))
+				{
+					continue;
+				}
+				break;
+			}
+
+            return new AsymmetricCipherKeyPair(new NaccacheSternKeyParameters(false, g, n, sigma.BitLength),
+				new NaccacheSternPrivateKeyParameters(g, n, sigma.BitLength, smallPrimes, phi_n));
+		}
+
+		private static BigInteger generatePrime(
+			int bitLength,
+			int certainty,
+			SecureRandom rand)
+		{
+			return new BigInteger(bitLength, certainty, rand);
+		}
+
+		/**
+		 * Generates a permuted ArrayList from the original one. The original List
+		 * is not modified
+		 *
+		 * @param arr
+		 *            the ArrayList to be permuted
+		 * @param rand
+		 *            the source of Randomness for permutation
+		 * @return a new IList with the permuted elements.
+		 */
+		private static IList permuteList(
+			IList           arr,
+			SecureRandom    rand)
+		{
+            // TODO Create a utility method for generating permutation of first 'n' integers
+
+            IList retval = Platform.CreateArrayList(arr.Count);
+
+			foreach (object element in arr)
+			{
+				int index = rand.Next(retval.Count + 1);
+				retval.Insert(index, element);
+			}
+
+			return retval;
+		}
+
+		/**
+		 * Finds the first 'count' primes starting with 3
+		 *
+		 * @param count
+		 *            the number of primes to find
+		 * @return a vector containing the found primes as Integer
+		 */
+		private static IList findFirstPrimes(
+			int count)
+		{
+			IList primes = Platform.CreateArrayList(count);
+
+			for (int i = 0; i != count; i++)
+			{
+				primes.Add(BigInteger.ValueOf(smallPrimes[i]));
+			}
+
+			return primes;
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/OpenBsdBCrypt.cs b/bc-sharp-crypto/src/crypto/generators/OpenBsdBCrypt.cs
new file mode 100644
index 0000000..85c34d7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/OpenBsdBCrypt.cs
@@ -0,0 +1,270 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * Password hashing scheme BCrypt,
+     * designed by Niels Provos and David Mazières, using the
+     * String format and the Base64 encoding
+     * of the reference implementation on OpenBSD
+     */
+    public class OpenBsdBCrypt
+    {
+        private static readonly byte[] EncodingTable = // the Bcrypts encoding table for OpenBSD
+        {
+            (byte)'.', (byte)'/', (byte)'A', (byte)'B', (byte)'C', (byte)'D',
+            (byte)'E', (byte)'F', (byte)'G', (byte)'H', (byte)'I', (byte)'J',
+            (byte)'K', (byte)'L', (byte)'M', (byte)'N', (byte)'O', (byte)'P',
+            (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', (byte)'V',
+            (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', (byte)'a', (byte)'b',
+            (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', (byte)'h',
+            (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n',
+            (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t',
+            (byte)'u', (byte)'v', (byte)'w', (byte)'x', (byte)'y', (byte)'z',
+            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5',
+            (byte)'6', (byte)'7', (byte)'8', (byte)'9'
+        };
+
+        /*
+         * set up the decoding table.
+         */
+        private static readonly byte[] DecodingTable = new byte[128];
+        private static readonly string Version = "2a"; // previous version was not UTF-8
+
+        static OpenBsdBCrypt()
+        {
+            for (int i = 0; i < DecodingTable.Length; i++)
+            {
+                DecodingTable[i] = (byte)0xff;
+            }
+
+            for (int i = 0; i < EncodingTable.Length; i++)
+            {
+                DecodingTable[EncodingTable[i]] = (byte)i;
+            }
+        }
+
+        public OpenBsdBCrypt()
+        {
+        }
+
+        /**
+         * Creates a 60 character Bcrypt String, including
+         * version, cost factor, salt and hash, separated by '$'
+         *
+         * @param cost     the cost factor, treated as an exponent of 2
+         * @param salt     a 16 byte salt
+         * @param password the password
+         * @return a 60 character Bcrypt String
+         */
+        private static string CreateBcryptString(byte[] password, byte[] salt, int cost)
+        {
+            StringBuilder sb = new StringBuilder(60);
+            sb.Append('$');
+            sb.Append(Version);
+            sb.Append('$');
+            sb.Append(cost < 10 ? ("0" + cost) : cost.ToString());
+            sb.Append('$');
+            sb.Append(EncodeData(salt));
+
+            byte[] key = BCrypt.Generate(password, salt, cost);
+
+            sb.Append(EncodeData(key));
+
+            return sb.ToString();
+        }
+
+        /**
+         * Creates a 60 character Bcrypt String, including
+         * version, cost factor, salt and hash, separated by '$'
+         *
+         * @param cost     the cost factor, treated as an exponent of 2
+         * @param salt     a 16 byte salt
+         * @param password the password
+         * @return a 60 character Bcrypt String
+         */
+        public static string Generate(char[] password, byte[] salt, int cost)
+        {
+            if (password == null)
+                throw new ArgumentNullException("password");
+            if (salt == null)
+                throw new ArgumentNullException("salt");
+            if (salt.Length != 16)
+                throw new DataLengthException("16 byte salt required: " + salt.Length);
+
+            if (cost < 4 || cost > 31) // Minimum rounds: 16, maximum 2^31
+                throw new ArgumentException("Invalid cost factor.", "cost");
+
+            byte[] psw = Strings.ToUtf8ByteArray(password);
+
+            // 0 termination:
+
+            byte[] tmp = new byte[psw.Length >= 72 ? 72 : psw.Length + 1];
+            int copyLen = System.Math.Min(psw.Length, tmp.Length);
+            Array.Copy(psw, 0, tmp, 0, copyLen);
+
+            Array.Clear(psw, 0, psw.Length);
+
+            string rv = CreateBcryptString(tmp, salt, cost);
+
+            Array.Clear(tmp, 0, tmp.Length);
+
+            return rv;
+        }
+
+        /**
+         * Checks if a password corresponds to a 60 character Bcrypt String
+         *
+         * @param bcryptString a 60 character Bcrypt String, including
+         *                     version, cost factor, salt and hash,
+         *                     separated by '$'
+         * @param password     the password as an array of chars
+         * @return true if the password corresponds to the
+         * Bcrypt String, otherwise false
+         */
+        public static bool CheckPassword(string bcryptString, char[] password)
+        {
+            // validate bcryptString:
+            if (bcryptString.Length != 60)
+                throw new DataLengthException("Bcrypt String length: " + bcryptString.Length + ", 60 required.");
+            if (bcryptString[0] != '$' || bcryptString[3] != '$' || bcryptString[6] != '$')
+                throw new ArgumentException("Invalid Bcrypt String format.", "bcryptString");
+            if (!bcryptString.Substring(1, 2).Equals(Version))
+                throw new ArgumentException("Wrong Bcrypt version, 2a expected.", "bcryptString");
+
+            int cost = 0;
+            try
+            {
+                cost = Int32.Parse(bcryptString.Substring(4, 2));
+            }
+            catch (Exception nfe)
+            {
+                throw new ArgumentException("Invalid cost factor: " + bcryptString.Substring(4, 2), "bcryptString");
+            }
+            if (cost < 4 || cost > 31)
+                throw new ArgumentException("Invalid cost factor: " + cost + ", 4 < cost < 31 expected.");
+
+            // check password:
+            if (password == null)
+                throw new ArgumentNullException("Missing password.");
+
+            int start = bcryptString.LastIndexOf('$') + 1, end = bcryptString.Length - 31;
+            byte[] salt = DecodeSaltString(bcryptString.Substring(start, end - start));
+
+            string newBcryptString = Generate(password, salt, cost);
+
+            return bcryptString.Equals(newBcryptString);
+        }
+
+        /*
+         * encode the input data producing a Bcrypt base 64 string.
+         *
+         * @param 	a byte representation of the salt or the password
+         * @return 	the Bcrypt base64 string
+         */
+        private static string EncodeData(byte[] data)
+        {
+            if (data.Length != 24 && data.Length != 16) // 192 bit key or 128 bit salt expected
+                throw new DataLengthException("Invalid length: " + data.Length + ", 24 for key or 16 for salt expected");
+
+            bool salt = false;
+            if (data.Length == 16)//salt
+            {
+                salt = true;
+                byte[] tmp = new byte[18];// zero padding
+                Array.Copy(data, 0, tmp, 0, data.Length);
+                data = tmp;
+            }
+            else // key
+            {
+                data[data.Length - 1] = (byte)0;
+            }
+
+            MemoryStream mOut = new MemoryStream();
+            int len = data.Length;
+
+            uint a1, a2, a3;
+            int i;
+            for (i = 0; i < len; i += 3)
+            {
+                a1 = data[i];
+                a2 = data[i + 1];
+                a3 = data[i + 2];
+
+                mOut.WriteByte(EncodingTable[(a1 >> 2) & 0x3f]);
+                mOut.WriteByte(EncodingTable[((a1 << 4) | (a2 >> 4)) & 0x3f]);
+                mOut.WriteByte(EncodingTable[((a2 << 2) | (a3 >> 6)) & 0x3f]);
+                mOut.WriteByte(EncodingTable[a3 & 0x3f]);
+            }
+
+            string result = Strings.FromByteArray(mOut.ToArray());
+            int resultLen = salt
+                ? 22  // truncate padding
+                : result.Length - 1;
+
+            return result.Substring(0, resultLen);
+        }
+
+
+        /*
+         * decodes the bcrypt base 64 encoded SaltString
+         *
+         * @param 		a 22 character Bcrypt base 64 encoded String 
+         * @return 		the 16 byte salt
+         * @exception 	DataLengthException if the length 
+         * 				of parameter is not 22
+         * @exception 	InvalidArgumentException if the parameter
+         * 				contains a value other than from Bcrypts base 64 encoding table
+         */
+        private static byte[] DecodeSaltString(string saltString)
+        {
+            char[] saltChars = saltString.ToCharArray();
+
+            MemoryStream mOut = new MemoryStream(16);
+            byte b1, b2, b3, b4;
+
+            if (saltChars.Length != 22)// bcrypt salt must be 22 (16 bytes)
+                throw new DataLengthException("Invalid base64 salt length: " + saltChars.Length + " , 22 required.");
+
+            // check string for invalid characters:
+            for (int i = 0; i < saltChars.Length; i++)
+            {
+                int value = saltChars[i];
+                if (value > 122 || value < 46 || (value > 57 && value < 65))
+                    throw new ArgumentException("Salt string contains invalid character: " + value, "saltString");
+            }
+
+            // Padding: add two '\u0000'
+            char[] tmp = new char[22 + 2];
+            Array.Copy(saltChars, 0, tmp, 0, saltChars.Length);
+            saltChars = tmp;
+
+            int len = saltChars.Length;
+
+            for (int i = 0; i < len; i += 4)
+            {
+                b1 = DecodingTable[saltChars[i]];
+                b2 = DecodingTable[saltChars[i + 1]];
+                b3 = DecodingTable[saltChars[i + 2]];
+                b4 = DecodingTable[saltChars[i + 3]];
+
+                mOut.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+                mOut.WriteByte((byte)((b2 << 4) | (b3 >> 2)));
+                mOut.WriteByte((byte)((b3 << 6) | b4));
+            }
+
+            byte[] saltBytes = mOut.ToArray();
+
+            // truncate:
+            byte[] tmpSalt = new byte[16];
+            Array.Copy(saltBytes, 0, tmpSalt, 0, tmpSalt.Length);
+            saltBytes = tmpSalt;
+
+            return saltBytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
new file mode 100644
index 0000000..8da5d3a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs
@@ -0,0 +1,167 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	 * Generator for PBE derived keys and ivs as usd by OpenSSL.
+	 * <p>
+	 * The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
+	 * iteration count of 1.
+	 * </p>
+	 */
+	public class OpenSslPbeParametersGenerator
+		: PbeParametersGenerator
+	{
+		private readonly IDigest digest = new MD5Digest();
+
+		/**
+		 * Construct a OpenSSL Parameters generator. 
+		 */
+		public OpenSslPbeParametersGenerator()
+		{
+		}
+
+		public override void Init(
+			byte[]	password,
+			byte[]	salt,
+			int		iterationCount)
+		{
+			// Ignore the provided iterationCount
+			base.Init(password, salt, 1);
+		}
+
+		/**
+		 * Initialise - note the iteration count for this algorithm is fixed at 1.
+		 * 
+		 * @param password password to use.
+		 * @param salt salt to use.
+		 */
+		public virtual void Init(
+			byte[] password,
+			byte[] salt)
+		{
+			base.Init(password, salt, 1);
+		}
+
+		/**
+		 * the derived key function, the ith hash of the password and the salt.
+		 */
+		private byte[] GenerateDerivedKey(
+			int bytesNeeded)
+		{
+			byte[] buf = new byte[digest.GetDigestSize()];
+			byte[] key = new byte[bytesNeeded];
+			int offset = 0;
+        
+			for (;;)
+			{
+				digest.BlockUpdate(mPassword, 0, mPassword.Length);
+				digest.BlockUpdate(mSalt, 0, mSalt.Length);
+
+				digest.DoFinal(buf, 0);
+
+				int len = (bytesNeeded > buf.Length) ? buf.Length : bytesNeeded;
+				Array.Copy(buf, 0, key, offset, len);
+				offset += len;
+
+				// check if we need any more
+				bytesNeeded -= len;
+				if (bytesNeeded == 0)
+				{
+					break;
+				}
+
+				// do another round
+				digest.Reset();
+				digest.BlockUpdate(buf, 0, buf.Length);
+			}
+
+			return key;
+		}
+
+		/**
+		 * Generate a key parameter derived from the password, salt, and iteration
+		 * count we are currently initialised with.
+		 *
+		 * @param keySize the size of the key we want (in bits)
+		 * @return a KeyParameter object.
+		 * @exception ArgumentException if the key length larger than the base hash size.
+		 */
+		[Obsolete("Use version with 'algorithm' parameter")]
+		public override ICipherParameters GenerateDerivedParameters(
+			int keySize)
+		{
+			return GenerateDerivedMacParameters(keySize);
+		}
+
+		public override ICipherParameters GenerateDerivedParameters(
+			string	algorithm,
+			int		keySize)
+		{
+			keySize /= 8;
+
+			byte[] dKey = GenerateDerivedKey(keySize);
+
+			return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+		}
+
+		/**
+		 * Generate a key with initialisation vector parameter derived from
+		 * the password, salt, and iteration count we are currently initialised
+		 * with.
+		 *
+		 * @param keySize the size of the key we want (in bits)
+		 * @param ivSize the size of the iv we want (in bits)
+		 * @return a ParametersWithIV object.
+		 * @exception ArgumentException if keySize + ivSize is larger than the base hash size.
+		 */
+		[Obsolete("Use version with 'algorithm' parameter")]
+		public override ICipherParameters GenerateDerivedParameters(
+			int     keySize,
+			int     ivSize)
+		{
+			keySize = keySize / 8;
+			ivSize = ivSize / 8;
+
+			byte[] dKey = GenerateDerivedKey(keySize + ivSize);
+
+			return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+		}
+
+		public override ICipherParameters GenerateDerivedParameters(
+			string	algorithm,
+			int		keySize,
+			int     ivSize)
+		{
+			keySize /= 8;
+			ivSize /= 8;
+
+			byte[] dKey = GenerateDerivedKey(keySize + ivSize);
+			KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+
+			return new ParametersWithIV(key, dKey, keySize, ivSize);
+		}
+
+		/**
+		 * Generate a key parameter for use with a MAC derived from the password,
+		 * salt, and iteration count we are currently initialised with.
+		 *
+		 * @param keySize the size of the key we want (in bits)
+		 * @return a KeyParameter object.
+		 * @exception ArgumentException if the key length larger than the base hash size.
+		 */
+		public override ICipherParameters GenerateDerivedMacParameters(
+			int keySize)
+		{
+			keySize = keySize / 8;
+
+			byte[] dKey = GenerateDerivedKey(keySize);
+
+			return new KeyParameter(dKey, 0, keySize);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs
new file mode 100644
index 0000000..85543a0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs
@@ -0,0 +1,243 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * Generator for Pbe derived keys and ivs as defined by Pkcs 12 V1.0.
+     * <p>
+     * The document this implementation is based on can be found at
+     * <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-12/index.html">
+     * RSA's Pkcs12 Page</a>
+     * </p>
+     */
+    public class Pkcs12ParametersGenerator
+        : PbeParametersGenerator
+    {
+        public const int KeyMaterial = 1;
+        public const int IVMaterial  = 2;
+        public const int MacMaterial = 3;
+
+        private readonly IDigest digest;
+
+        private readonly int u;
+        private readonly int v;
+
+        /**
+         * Construct a Pkcs 12 Parameters generator.
+         *
+         * @param digest the digest to be used as the source of derived keys.
+         * @exception ArgumentException if an unknown digest is passed in.
+         */
+        public Pkcs12ParametersGenerator(
+            IDigest digest)
+        {
+            this.digest = digest;
+
+            u = digest.GetDigestSize();
+            v = digest.GetByteLength();
+        }
+
+        /**
+         * add a + b + 1, returning the result in a. The a value is treated
+         * as a BigInteger of length (b.Length * 8) bits. The result is
+         * modulo 2^b.Length in case of overflow.
+         */
+        private void Adjust(
+            byte[]  a,
+            int     aOff,
+            byte[]  b)
+        {
+            int  x = (b[b.Length - 1] & 0xff) + (a[aOff + b.Length - 1] & 0xff) + 1;
+
+            a[aOff + b.Length - 1] = (byte)x;
+            x = (int) ((uint) x >> 8);
+
+            for (int i = b.Length - 2; i >= 0; i--)
+            {
+                x += (b[i] & 0xff) + (a[aOff + i] & 0xff);
+                a[aOff + i] = (byte)x;
+                x = (int) ((uint) x >> 8);
+            }
+        }
+
+        /**
+         * generation of a derived key ala Pkcs12 V1.0.
+         */
+        private byte[] GenerateDerivedKey(
+            int idByte,
+            int n)
+        {
+            byte[] D = new byte[v];
+            byte[] dKey = new byte[n];
+
+            for (int i = 0; i != D.Length; i++)
+            {
+                D[i] = (byte)idByte;
+            }
+
+            byte[] S;
+
+            if ((mSalt != null) && (mSalt.Length != 0))
+            {
+                S = new byte[v * ((mSalt.Length + v - 1) / v)];
+
+                for (int i = 0; i != S.Length; i++)
+                {
+                    S[i] = mSalt[i % mSalt.Length];
+                }
+            }
+            else
+            {
+                S = new byte[0];
+            }
+
+            byte[] P;
+
+            if ((mPassword != null) && (mPassword.Length != 0))
+            {
+                P = new byte[v * ((mPassword.Length + v - 1) / v)];
+
+                for (int i = 0; i != P.Length; i++)
+                {
+                    P[i] = mPassword[i % mPassword.Length];
+                }
+            }
+            else
+            {
+                P = new byte[0];
+            }
+
+            byte[]  I = new byte[S.Length + P.Length];
+
+            Array.Copy(S, 0, I, 0, S.Length);
+            Array.Copy(P, 0, I, S.Length, P.Length);
+
+            byte[]  B = new byte[v];
+            int     c = (n + u - 1) / u;
+            byte[]  A = new byte[u];
+
+            for (int i = 1; i <= c; i++)
+            {
+                digest.BlockUpdate(D, 0, D.Length);
+                digest.BlockUpdate(I, 0, I.Length);
+                digest.DoFinal(A, 0);
+
+                for (int j = 1; j != mIterationCount; j++)
+                {
+                    digest.BlockUpdate(A, 0, A.Length);
+                    digest.DoFinal(A, 0);
+                }
+
+                for (int j = 0; j != B.Length; j++)
+                {
+                    B[j] = A[j % A.Length];
+                }
+
+                for (int j = 0; j != I.Length / v; j++)
+                {
+                    Adjust(I, j * v, B);
+                }
+
+                if (i == c)
+                {
+                    Array.Copy(A, 0, dKey, (i - 1) * u, dKey.Length - ((i - 1) * u));
+                }
+                else
+                {
+                    Array.Copy(A, 0, dKey, (i - 1) * u, A.Length);
+                }
+            }
+
+            return dKey;
+        }
+
+        /**
+         * Generate a key parameter derived from the password, salt, and iteration
+         * count we are currently initialised with.
+         *
+         * @param keySize the size of the key we want (in bits)
+         * @return a KeyParameter object.
+         */
+        public override ICipherParameters GenerateDerivedParameters(
+            int keySize)
+        {
+            keySize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize);
+
+            return new KeyParameter(dKey, 0, keySize);
+        }
+
+        public override ICipherParameters GenerateDerivedParameters(
+            string	algorithm,
+            int		keySize)
+        {
+            keySize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize);
+
+            return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+        }
+
+        /**
+         * Generate a key with initialisation vector parameter derived from
+         * the password, salt, and iteration count we are currently initialised
+         * with.
+         *
+         * @param keySize the size of the key we want (in bits)
+         * @param ivSize the size of the iv we want (in bits)
+         * @return a ParametersWithIV object.
+         */
+        public override ICipherParameters GenerateDerivedParameters(
+            int	keySize,
+            int	ivSize)
+        {
+            keySize /= 8;
+            ivSize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize);
+
+            byte[] iv = GenerateDerivedKey(IVMaterial, ivSize);
+
+            return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), iv, 0, ivSize);
+        }
+
+        public override ICipherParameters GenerateDerivedParameters(
+            string	algorithm,
+            int		keySize,
+            int		ivSize)
+        {
+            keySize /= 8;
+            ivSize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize);
+            KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+
+            byte[] iv = GenerateDerivedKey(IVMaterial, ivSize);
+
+            return new ParametersWithIV(key, iv, 0, ivSize);
+        }
+
+        /**
+         * Generate a key parameter for use with a MAC derived from the password,
+         * salt, and iteration count we are currently initialised with.
+         *
+         * @param keySize the size of the key we want (in bits)
+         * @return a KeyParameter object.
+         */
+        public override ICipherParameters GenerateDerivedMacParameters(
+            int keySize)
+        {
+            keySize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(MacMaterial, keySize);
+
+            return new KeyParameter(dKey, 0, keySize);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs
new file mode 100644
index 0000000..9b39a5f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs
@@ -0,0 +1,160 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	* Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 1.
+	* Note this generator is limited to the size of the hash produced by the
+	* digest used to drive it.
+	* <p>
+	* The document this implementation is based on can be found at
+	* <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html">
+	* RSA's Pkcs5 Page</a>
+	* </p>
+	*/
+	public class Pkcs5S1ParametersGenerator
+		: PbeParametersGenerator
+	{
+		private readonly IDigest digest;
+
+		/**
+		* Construct a Pkcs 5 Scheme 1 Parameters generator.
+		*
+		* @param digest the digest to be used as the source of derived keys.
+		*/
+		public Pkcs5S1ParametersGenerator(
+			IDigest digest)
+		{
+			this.digest = digest;
+		}
+
+		/**
+		* the derived key function, the ith hash of the mPassword and the mSalt.
+		*/
+		private byte[] GenerateDerivedKey()
+		{
+			byte[] digestBytes = new byte[digest.GetDigestSize()];
+
+			digest.BlockUpdate(mPassword, 0, mPassword.Length);
+			digest.BlockUpdate(mSalt, 0, mSalt.Length);
+
+			digest.DoFinal(digestBytes, 0);
+			for (int i = 1; i < mIterationCount; i++)
+			{
+				digest.BlockUpdate(digestBytes, 0, digestBytes.Length);
+				digest.DoFinal(digestBytes, 0);
+			}
+
+			return digestBytes;
+		}
+
+		/**
+		* Generate a key parameter derived from the mPassword, mSalt, and iteration
+		* count we are currently initialised with.
+		*
+		* @param keySize the size of the key we want (in bits)
+		* @return a KeyParameter object.
+		* @exception ArgumentException if the key length larger than the base hash size.
+		*/
+		public override ICipherParameters GenerateDerivedParameters(
+			int keySize)
+		{
+			return GenerateDerivedMacParameters(keySize);
+		}
+
+		public override ICipherParameters GenerateDerivedParameters(
+			string	algorithm,
+			int		keySize)
+		{
+			keySize /= 8;
+
+			if (keySize > digest.GetDigestSize())
+			{
+				throw new ArgumentException(
+					"Can't Generate a derived key " + keySize + " bytes long.");
+			}
+
+			byte[] dKey = GenerateDerivedKey();
+
+			return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+		}
+
+		/**
+		* Generate a key with initialisation vector parameter derived from
+		* the mPassword, mSalt, and iteration count we are currently initialised
+		* with.
+		*
+		* @param keySize the size of the key we want (in bits)
+		* @param ivSize the size of the iv we want (in bits)
+		* @return a ParametersWithIV object.
+		* @exception ArgumentException if keySize + ivSize is larger than the base hash size.
+		*/
+		public override ICipherParameters GenerateDerivedParameters(
+			int	keySize,
+			int	ivSize)
+		{
+			keySize /= 8;
+			ivSize /= 8;
+
+			if ((keySize + ivSize) > digest.GetDigestSize())
+			{
+				throw new ArgumentException(
+					"Can't Generate a derived key " + (keySize + ivSize) + " bytes long.");
+			}
+
+			byte[] dKey = GenerateDerivedKey();
+
+			return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+		}
+
+		public override ICipherParameters GenerateDerivedParameters(
+			string	algorithm,
+			int		keySize,
+			int		ivSize)
+		{
+			keySize /= 8;
+			ivSize /= 8;
+
+			if ((keySize + ivSize) > digest.GetDigestSize())
+			{
+				throw new ArgumentException(
+					"Can't Generate a derived key " + (keySize + ivSize) + " bytes long.");
+			}
+
+			byte[] dKey = GenerateDerivedKey();
+			KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+
+			return new ParametersWithIV(key, dKey, keySize, ivSize);
+		}
+
+		/**
+		* Generate a key parameter for use with a MAC derived from the mPassword,
+		* mSalt, and iteration count we are currently initialised with.
+		*
+		* @param keySize the size of the key we want (in bits)
+		* @return a KeyParameter object.
+		* @exception ArgumentException if the key length larger than the base hash size.
+		*/
+		public override ICipherParameters GenerateDerivedMacParameters(
+			int keySize)
+		{
+			keySize /= 8;
+
+			if (keySize > digest.GetDigestSize())
+			{
+				throw new ArgumentException(
+					"Can't Generate a derived key " + keySize + " bytes long.");
+			}
+
+			byte[] dKey = GenerateDerivedKey();
+
+			return new KeyParameter(dKey, 0, keySize);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs
new file mode 100644
index 0000000..0b0caa0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs
@@ -0,0 +1,178 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+    * Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 2.
+    * This generator uses a SHA-1 HMac as the calculation function.
+    * <p>
+    * The document this implementation is based on can be found at
+    * <a href="http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html">
+    * RSA's Pkcs5 Page</a></p>
+    */
+    public class Pkcs5S2ParametersGenerator
+        : PbeParametersGenerator
+    {
+        private readonly IMac hMac;
+        private readonly byte[] state;
+
+        /**
+        * construct a Pkcs5 Scheme 2 Parameters generator.
+        */
+        public Pkcs5S2ParametersGenerator()
+            : this(new Sha1Digest())
+        {
+        }
+
+        public Pkcs5S2ParametersGenerator(IDigest digest)
+        {
+            this.hMac = new HMac(digest);
+            this.state = new byte[hMac.GetMacSize()];
+        }
+
+        private void F(
+            byte[]  S,
+            int     c,
+            byte[]  iBuf,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            if (c == 0)
+                throw new ArgumentException("iteration count must be at least 1.");
+
+            if (S != null)
+            {
+                hMac.BlockUpdate(S, 0, S.Length);
+            }
+
+            hMac.BlockUpdate(iBuf, 0, iBuf.Length);
+            hMac.DoFinal(state, 0);
+
+            Array.Copy(state, 0, outBytes, outOff, state.Length);
+
+            for (int count = 1; count < c; ++count)
+            {
+                hMac.BlockUpdate(state, 0, state.Length);
+                hMac.DoFinal(state, 0);
+
+                for (int j = 0; j < state.Length; ++j)
+                {
+                    outBytes[outOff + j] ^= state[j];
+                }
+            }
+        }
+
+        private byte[] GenerateDerivedKey(
+            int dkLen)
+        {
+            int     hLen = hMac.GetMacSize();
+            int     l = (dkLen + hLen - 1) / hLen;
+            byte[]  iBuf = new byte[4];
+            byte[]  outBytes = new byte[l * hLen];
+            int     outPos = 0;
+
+            ICipherParameters param = new KeyParameter(mPassword);
+
+            hMac.Init(param);
+
+            for (int i = 1; i <= l; i++)
+            {
+                // Increment the value in 'iBuf'
+                int pos = 3;
+                while (++iBuf[pos] == 0)
+                {
+                    --pos;
+                }
+
+                F(mSalt, mIterationCount, iBuf, outBytes, outPos);
+                outPos += hLen;
+            }
+
+            return outBytes;
+        }
+
+        /**
+        * Generate a key parameter derived from the password, salt, and iteration
+        * count we are currently initialised with.
+        *
+        * @param keySize the size of the key we want (in bits)
+        * @return a KeyParameter object.
+        */
+        public override ICipherParameters GenerateDerivedParameters(
+            int keySize)
+        {
+            return GenerateDerivedMacParameters(keySize);
+        }
+
+        public override ICipherParameters GenerateDerivedParameters(
+            string	algorithm,
+            int		keySize)
+        {
+            keySize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(keySize);
+
+            return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+        }
+
+        /**
+        * Generate a key with initialisation vector parameter derived from
+        * the password, salt, and iteration count we are currently initialised
+        * with.
+        *
+        * @param keySize the size of the key we want (in bits)
+        * @param ivSize the size of the iv we want (in bits)
+        * @return a ParametersWithIV object.
+        */
+        public override ICipherParameters GenerateDerivedParameters(
+            int	keySize,
+            int	ivSize)
+        {
+            keySize /= 8;
+            ivSize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(keySize + ivSize);
+
+            return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+        }
+
+        public override ICipherParameters GenerateDerivedParameters(
+            string	algorithm,
+            int		keySize,
+            int		ivSize)
+        {
+            keySize /= 8;
+            ivSize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(keySize + ivSize);
+            KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize);
+
+            return new ParametersWithIV(key, dKey, keySize, ivSize);
+        }
+
+        /**
+        * Generate a key parameter for use with a MAC derived from the password,
+        * salt, and iteration count we are currently initialised with.
+        *
+        * @param keySize the size of the key we want (in bits)
+        * @return a KeyParameter object.
+        */
+        public override ICipherParameters GenerateDerivedMacParameters(
+            int keySize)
+        {
+            keySize /= 8;
+
+            byte[] dKey = GenerateDerivedKey(keySize);
+
+            return new KeyParameter(dKey, 0, keySize);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/Poly1305KeyGenerator.cs b/bc-sharp-crypto/src/crypto/generators/Poly1305KeyGenerator.cs
new file mode 100644
index 0000000..cdb24bf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/Poly1305KeyGenerator.cs
@@ -0,0 +1,116 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/// <summary>
+	/// Generates keys for the Poly1305 MAC.
+	/// </summary>
+	/// <remarks>
+	/// Poly1305 keys are 256 bit keys consisting of a 128 bit secret key used for the underlying block
+	/// cipher followed by a 128 bit {@code r} value used for the polynomial portion of the Mac. <br/>
+	/// The {@code r} value has a specific format with some bits required to be cleared, resulting in an
+	/// effective 106 bit key. <br/>
+	/// A separately generated 256 bit key can be modified to fit the Poly1305 key format by using the
+	/// {@link #clamp(byte[])} method to clear the required bits.
+	/// </remarks>
+	/// <seealso cref="Poly1305"/>
+	public class Poly1305KeyGenerator
+		: CipherKeyGenerator
+	{
+		private const byte R_MASK_LOW_2 = (byte)0xFC;
+		private const byte R_MASK_HIGH_4 = (byte)0x0F;
+
+		/// <summary>
+		/// Initialises the key generator.
+		/// </summary>
+		/// <remarks>
+		/// Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored.
+		/// </remarks>
+		protected override void engineInit(KeyGenerationParameters param)
+		{
+			// Poly1305 keys are always 256 bits
+			this.random = param.Random;
+			this.strength = 32;
+		}
+
+		/// <summary>
+		/// Generates a 256 bit key in the format required for Poly1305 - e.g.
+		/// <code>k[0] ... k[15], r[0] ... r[15]</code> with the required bits in <code>r</code> cleared
+		/// as per <see cref="Clamp(byte[])"/>.
+		/// </summary>
+		protected override byte[] engineGenerateKey()
+		{
+			byte[] key = base.engineGenerateKey();
+			Clamp(key);
+			return key;
+		}
+
+		/// <summary>
+		/// Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by
+		/// clearing required bits in the <code>r</code> (second 16 bytes) portion of the key.<br/>
+		/// Specifically:
+		/// <ul>
+		/// <li>r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})</li>
+		/// <li>r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})</li>
+		/// </ul>
+		/// </summary>
+		/// <param name="key">a 32 byte key value <code>k[0] ... k[15], r[0] ... r[15]</code></param>
+		public static void Clamp(byte[] key)
+		{
+			/*
+	         * Key is k[0] ... k[15], r[0] ... r[15] as per poly1305_aes_clamp in ref impl.
+	         */
+			if (key.Length != 32)
+				throw new ArgumentException("Poly1305 key must be 256 bits.");
+
+            /*
+	         * r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
+	         */
+			key[3] &= R_MASK_HIGH_4;
+			key[7] &= R_MASK_HIGH_4;
+			key[11] &= R_MASK_HIGH_4;
+			key[15] &= R_MASK_HIGH_4;
+
+			/*
+	         * r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252}).
+	         */
+			key[4] &= R_MASK_LOW_2;
+			key[8] &= R_MASK_LOW_2;
+			key[12] &= R_MASK_LOW_2;
+		}
+
+        /// <summary>
+		/// Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g.
+		/// <code>k[0] ... k[15], r[0] ... r[15]</code> with the required bits in <code>r</code> cleared
+		/// as per <see cref="Clamp(byte[])"/>.
+		/// </summary>
+		/// <param name="key">Key.</param>
+		/// <exception cref="System.ArgumentException">if the key is of the wrong length, or has invalid bits set
+		///           in the <code>r</code> portion of the key.</exception>
+		public static void CheckKey(byte[] key)
+		{
+			if (key.Length != 32)
+				throw new ArgumentException("Poly1305 key must be 256 bits.");
+
+            CheckMask(key[3], R_MASK_HIGH_4);
+			CheckMask(key[7], R_MASK_HIGH_4);
+			CheckMask(key[11], R_MASK_HIGH_4);
+			CheckMask(key[15], R_MASK_HIGH_4);
+
+			CheckMask(key[4], R_MASK_LOW_2);
+			CheckMask(key[8], R_MASK_LOW_2);
+			CheckMask(key[12], R_MASK_LOW_2);
+		}
+
+        private static void CheckMask(byte b, byte mask)
+		{
+			if ((b & (~mask)) != 0)
+				throw new ArgumentException("Invalid format for r portion of Poly1305 key.");
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/generators/RSABlindingFactorGenerator.cs b/bc-sharp-crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
new file mode 100644
index 0000000..e2f63fa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/RSABlindingFactorGenerator.cs
@@ -0,0 +1,69 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	/**
+	* Generate a random factor suitable for use with RSA blind signatures
+	* as outlined in Chaum's blinding and unblinding as outlined in
+	* "Handbook of Applied Cryptography", page 475.
+	*/
+	public class RsaBlindingFactorGenerator
+	{
+		private RsaKeyParameters key;
+		private SecureRandom random;
+
+		/**
+		* Initialise the factor generator
+		*
+		* @param param the necessary RSA key parameters.
+		*/
+		public void Init(
+			ICipherParameters param)
+		{
+			if (param is ParametersWithRandom)
+			{
+				ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+				key = (RsaKeyParameters)rParam.Parameters;
+				random = rParam.Random;
+			}
+			else
+			{
+				key = (RsaKeyParameters)param;
+				random = new SecureRandom();
+			}
+
+			if (key.IsPrivate)
+				throw new ArgumentException("generator requires RSA public key");
+		}
+
+		/**
+		* Generate a suitable blind factor for the public key the generator was initialised with.
+		*
+		* @return a random blind factor
+		*/
+		public BigInteger GenerateBlindingFactor()
+		{
+			if (key == null)
+				throw new InvalidOperationException("generator not initialised");
+
+			BigInteger m = key.Modulus;
+			int length = m.BitLength - 1; // must be less than m.BitLength
+			BigInteger factor;
+			BigInteger gcd;
+
+			do
+			{
+				factor = new BigInteger(length, random);
+				gcd = factor.Gcd(m);
+			}
+			while (factor.SignValue == 0 || factor.Equals(BigInteger.One) || !gcd.Equals(BigInteger.One));
+
+			return factor;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/RsaKeyPairGenerator.cs b/bc-sharp-crypto/src/crypto/generators/RsaKeyPairGenerator.cs
new file mode 100644
index 0000000..4499765
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/RsaKeyPairGenerator.cs
@@ -0,0 +1,163 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+    /**
+     * an RSA key pair generator.
+     */
+    public class RsaKeyPairGenerator
+        :   IAsymmetricCipherKeyPairGenerator
+    {
+        private static readonly int[] SPECIAL_E_VALUES = new int[]{ 3, 5, 17, 257, 65537 };
+        private static readonly int SPECIAL_E_HIGHEST = SPECIAL_E_VALUES[SPECIAL_E_VALUES.Length - 1];
+        private static readonly int SPECIAL_E_BITS = BigInteger.ValueOf(SPECIAL_E_HIGHEST).BitLength;
+
+        protected static readonly BigInteger One = BigInteger.One;
+        protected static readonly BigInteger DefaultPublicExponent = BigInteger.ValueOf(0x10001);
+        protected const int DefaultTests = 100;
+
+        protected RsaKeyGenerationParameters parameters;
+
+        public virtual void Init(
+            KeyGenerationParameters parameters)
+        {
+            if (parameters is RsaKeyGenerationParameters)
+            {
+                this.parameters = (RsaKeyGenerationParameters)parameters;
+            }
+            else
+            {
+                this.parameters = new RsaKeyGenerationParameters(
+                    DefaultPublicExponent, parameters.Random, parameters.Strength, DefaultTests);
+            }
+        }
+
+        public virtual AsymmetricCipherKeyPair GenerateKeyPair()
+        {
+            for (;;)
+            {
+                //
+                // p and q values should have a length of half the strength in bits
+                //
+                int strength = parameters.Strength;
+                int pBitlength = (strength + 1) / 2;
+                int qBitlength = strength - pBitlength;
+                int mindiffbits = strength / 3;
+                int minWeight = strength >> 2;
+
+                BigInteger e = parameters.PublicExponent;
+
+                // TODO Consider generating safe primes for p, q (see DHParametersHelper.generateSafePrimes)
+                // (then p-1 and q-1 will not consist of only small factors - see "Pollard's algorithm")
+
+                BigInteger p = ChooseRandomPrime(pBitlength, e);
+                BigInteger q, n;
+
+                //
+                // generate a modulus of the required length
+                //
+                for (;;)
+                {
+                    q = ChooseRandomPrime(qBitlength, e);
+
+                    // p and q should not be too close together (or equal!)
+                    BigInteger diff = q.Subtract(p).Abs();
+                    if (diff.BitLength < mindiffbits)
+                        continue;
+
+                    //
+                    // calculate the modulus
+                    //
+                    n = p.Multiply(q);
+
+                    if (n.BitLength != strength)
+                    {
+                        //
+                        // if we get here our primes aren't big enough, make the largest
+                        // of the two p and try again
+                        //
+                        p = p.Max(q);
+                        continue;
+                    }
+
+                    /*
+	                 * Require a minimum weight of the NAF representation, since low-weight composites may
+	                 * be weak against a version of the number-field-sieve for factoring.
+	                 *
+	                 * See "The number field sieve for integers of low weight", Oliver Schirokauer.
+	                 */
+                    if (WNafUtilities.GetNafWeight(n) < minWeight)
+                    {
+                        p = ChooseRandomPrime(pBitlength, e);
+                        continue;
+                    }
+
+                    break;
+                }
+
+                if (p.CompareTo(q) < 0)
+                {
+                    BigInteger tmp = p;
+                    p = q;
+                    q = tmp;
+                }
+
+                BigInteger pSub1 = p.Subtract(One);
+                BigInteger qSub1 = q.Subtract(One);
+                //BigInteger phi = pSub1.Multiply(qSub1);
+                BigInteger gcd = pSub1.Gcd(qSub1);
+                BigInteger lcm = pSub1.Divide(gcd).Multiply(qSub1);
+
+                //
+                // calculate the private exponent
+                //
+                BigInteger d = e.ModInverse(lcm);
+
+                if (d.BitLength <= qBitlength)
+                    continue;
+
+                //
+                // calculate the CRT factors
+                //
+                BigInteger dP = d.Remainder(pSub1);
+                BigInteger dQ = d.Remainder(qSub1);
+                BigInteger qInv = q.ModInverse(p);
+
+                return new AsymmetricCipherKeyPair(
+                    new RsaKeyParameters(false, n, e),
+                    new RsaPrivateCrtKeyParameters(n, e, d, p, q, dP, dQ, qInv));
+            }
+        }
+
+        /// <summary>Choose a random prime value for use with RSA</summary>
+        /// <param name="bitlength">the bit-length of the returned prime</param>
+        /// <param name="e">the RSA public exponent</param>
+        /// <returns>a prime p, with (p-1) relatively prime to e</returns>
+        protected virtual BigInteger ChooseRandomPrime(int bitlength, BigInteger e)
+        {
+            bool eIsKnownOddPrime = (e.BitLength <= SPECIAL_E_BITS) && Arrays.Contains(SPECIAL_E_VALUES, e.IntValue);
+
+            for (;;)
+            {
+                BigInteger p = new BigInteger(bitlength, 1, parameters.Random);
+
+                if (p.Mod(e).Equals(One))
+                    continue;
+
+                if (!p.IsProbablePrime(parameters.Certainty, true))
+                    continue;
+
+                if (!eIsKnownOddPrime && !e.Gcd(p.Subtract(One)).Equals(One))
+                    continue;
+
+                return p;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/generators/SCrypt.cs b/bc-sharp-crypto/src/crypto/generators/SCrypt.cs
new file mode 100644
index 0000000..efa74d7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/generators/SCrypt.cs
@@ -0,0 +1,140 @@
+using System;
+using System.Threading;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Generators
+{
+	public class SCrypt
+	{
+		// TODO Validate arguments
+		public static byte[] Generate(byte[] P, byte[] S, int N, int r, int p, int dkLen)
+		{
+			return MFcrypt(P, S, N, r, p, dkLen);
+		}
+
+		private static byte[] MFcrypt(byte[] P, byte[] S, int N, int r, int p, int dkLen)
+		{
+			int MFLenBytes = r * 128;
+			byte[] bytes = SingleIterationPBKDF2(P, S, p * MFLenBytes);
+
+			uint[] B = null;
+
+			try
+			{
+				int BLen = bytes.Length >> 2;
+				B = new uint[BLen];
+
+				Pack.LE_To_UInt32(bytes, 0, B);
+
+				int MFLenWords = MFLenBytes >> 2;
+				for (int BOff = 0; BOff < BLen; BOff += MFLenWords)
+				{
+					// TODO These can be done in parallel threads
+					SMix(B, BOff, N, r);
+				}
+
+				Pack.UInt32_To_LE(B, bytes, 0);
+
+				return SingleIterationPBKDF2(P, bytes, dkLen);
+			}
+			finally
+			{
+				ClearAll(bytes, B);
+			}
+		}
+
+		private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen)
+		{
+			PbeParametersGenerator pGen = new Pkcs5S2ParametersGenerator(new Sha256Digest());
+			pGen.Init(P, S, 1);
+			KeyParameter key = (KeyParameter)pGen.GenerateDerivedMacParameters(dkLen * 8);
+			return key.GetKey();
+		}
+
+		private static void SMix(uint[] B, int BOff, int N, int r)
+		{
+			int BCount = r * 32;
+
+			uint[] blockX1 = new uint[16];
+			uint[] blockX2 = new uint[16];
+			uint[] blockY = new uint[BCount];
+
+			uint[] X = new uint[BCount];
+			uint[][] V = new uint[N][];
+
+			try
+			{
+				Array.Copy(B, BOff, X, 0, BCount);
+
+				for (int i = 0; i < N; ++i)
+				{
+					V[i] = (uint[])X.Clone();
+					BlockMix(X, blockX1, blockX2, blockY, r);
+				}
+
+				uint mask = (uint)N - 1;
+				for (int i = 0; i < N; ++i)
+				{
+					uint j = X[BCount - 16] & mask;
+					Xor(X, V[j], 0, X);
+					BlockMix(X, blockX1, blockX2, blockY, r);
+				}
+
+				Array.Copy(X, 0, B, BOff, BCount);
+			}
+			finally
+			{
+				ClearAll(V);
+				ClearAll(X, blockX1, blockX2, blockY);
+			}
+		}
+
+		private static void BlockMix(uint[] B, uint[] X1, uint[] X2, uint[] Y, int r)
+		{
+			Array.Copy(B, B.Length - 16, X1, 0, 16);
+
+			int BOff = 0, YOff = 0, halfLen = B.Length >> 1;
+
+			for (int i = 2 * r; i > 0; --i)
+			{
+				Xor(X1, B, BOff, X2);
+
+				Salsa20Engine.SalsaCore(8, X2, X1);
+				Array.Copy(X1, 0, Y, YOff, 16);
+
+				YOff = halfLen + BOff - YOff;
+				BOff += 16;
+			}
+
+			Array.Copy(Y, 0, B, 0, Y.Length);
+		}
+
+		private static void Xor(uint[] a, uint[] b, int bOff, uint[] output)
+		{
+			for (int i = output.Length - 1; i >= 0; --i)
+			{
+				output[i] = a[i] ^ b[bOff + i];
+			}
+		}
+
+		private static void Clear(Array array)
+		{
+			if (array != null)
+			{
+				Array.Clear(array, 0, array.Length);
+			}
+		}
+
+		private static void ClearAll(params Array[] arrays)
+		{
+			foreach (Array array in arrays)
+			{
+				Clear(array);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/io/CipherStream.cs b/bc-sharp-crypto/src/crypto/io/CipherStream.cs
new file mode 100644
index 0000000..b5e6830
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/io/CipherStream.cs
@@ -0,0 +1,252 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.IO
+{
+    public class CipherStream
+		: Stream
+    {
+        internal Stream stream;
+        internal IBufferedCipher inCipher, outCipher;
+        private byte[] mInBuf;
+		private int mInPos;
+		private bool inStreamEnded;
+
+		public CipherStream(
+            Stream			stream,
+            IBufferedCipher	readCipher,
+            IBufferedCipher	writeCipher)
+        {
+            this.stream = stream;
+
+			if (readCipher != null)
+			{
+				this.inCipher = readCipher;
+				mInBuf = null;
+			}
+
+			if (writeCipher != null)
+			{
+				this.outCipher = writeCipher;
+			}
+		}
+
+		public IBufferedCipher ReadCipher
+		{
+			get { return inCipher; }
+		}
+
+		public IBufferedCipher WriteCipher
+		{
+			get { return outCipher; }
+		}
+
+		public override int ReadByte()
+        {
+            if (inCipher == null)
+                return stream.ReadByte();
+
+			if (mInBuf == null || mInPos >= mInBuf.Length)
+			{
+				if (!FillInBuf())
+					return -1;
+            }
+
+			return mInBuf[mInPos++];
+        }
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+        {
+            if (inCipher == null)
+                return stream.Read(buffer, offset, count);
+
+			int num = 0;
+			while (num < count)
+			{
+				if (mInBuf == null || mInPos >= mInBuf.Length)
+				{
+					if (!FillInBuf())
+						break;
+				}
+
+				int numToCopy = System.Math.Min(count - num, mInBuf.Length - mInPos);
+				Array.Copy(mInBuf, mInPos, buffer, offset + num, numToCopy);
+				mInPos += numToCopy;
+				num += numToCopy;
+			}
+
+			return num;
+		}
+
+		private bool FillInBuf()
+        {
+			if (inStreamEnded)
+				return false;
+
+			mInPos = 0;
+
+			do
+			{
+				mInBuf = ReadAndProcessBlock();
+			}
+			while (!inStreamEnded && mInBuf == null);
+
+			return mInBuf != null;
+		}
+
+		private byte[] ReadAndProcessBlock()
+		{
+			int blockSize = inCipher.GetBlockSize();
+			int readSize = (blockSize == 0) ? 256 : blockSize;
+
+			byte[] block = new byte[readSize];
+			int numRead = 0;
+			do
+			{
+				int count = stream.Read(block, numRead, block.Length - numRead);
+				if (count < 1)
+				{
+					inStreamEnded = true;
+					break;
+				}
+				numRead += count;
+			}
+			while (numRead < block.Length);
+
+			Debug.Assert(inStreamEnded || numRead == block.Length);
+
+			byte[] bytes = inStreamEnded
+				?	inCipher.DoFinal(block, 0, numRead)
+				:	inCipher.ProcessBytes(block);
+
+			if (bytes != null && bytes.Length == 0)
+			{
+				bytes = null;
+			}
+
+			return bytes;
+		}
+
+		public override void Write(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+        {
+			Debug.Assert(buffer != null);
+			Debug.Assert(0 <= offset && offset <= buffer.Length);
+			Debug.Assert(count >= 0);
+
+			int end = offset + count;
+
+			Debug.Assert(0 <= end && end <= buffer.Length);
+
+			if (outCipher == null)
+            {
+                stream.Write(buffer, offset, count);
+                return;
+            }
+
+			byte[] data = outCipher.ProcessBytes(buffer, offset, count);
+			if (data != null)
+			{
+				stream.Write(data, 0, data.Length);
+			}
+		}
+
+		public override void WriteByte(
+			byte b)
+        {
+            if (outCipher == null)
+            {
+                stream.WriteByte(b);
+                return;
+            }
+
+			byte[] data = outCipher.ProcessByte(b);
+			if (data != null)
+			{
+				stream.Write(data, 0, data.Length);
+			}
+		}
+
+		public override bool CanRead
+        {
+            get { return stream.CanRead && (inCipher != null); }
+        }
+
+		public override bool CanWrite
+        {
+            get { return stream.CanWrite && (outCipher != null); }
+        }
+
+		public override bool CanSeek
+        {
+            get { return false; }
+        }
+
+		public sealed override long Length
+		{
+			get { throw new NotSupportedException(); }
+		}
+
+		public sealed override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+			    if (outCipher != null)
+			    {
+				    byte[] data = outCipher.DoFinal();
+				    stream.Write(data, 0, data.Length);
+				    stream.Flush();
+			    }
+                Platform.Dispose(stream);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+			if (outCipher != null)
+			{
+				byte[] data = outCipher.DoFinal();
+				stream.Write(data, 0, data.Length);
+				stream.Flush();
+			}
+            Platform.Dispose(stream);
+            base.Close();
+        }
+#endif
+
+        public override void Flush()
+        {
+			// Note: outCipher.DoFinal is only called during Close()
+			stream.Flush();
+        }
+
+		public sealed override long Seek(
+			long		offset,
+			SeekOrigin	origin)
+		{
+			throw new NotSupportedException();
+		}
+
+		public sealed override void SetLength(
+			long length)
+		{
+			throw new NotSupportedException();
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/io/DigestStream.cs b/bc-sharp-crypto/src/crypto/io/DigestStream.cs
new file mode 100644
index 0000000..dce8757
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/io/DigestStream.cs
@@ -0,0 +1,151 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.IO
+{
+	public class DigestStream
+		: Stream
+	{
+		protected readonly Stream stream;
+		protected readonly IDigest inDigest;
+		protected readonly IDigest outDigest;
+
+		public DigestStream(
+			Stream	stream,
+			IDigest	readDigest,
+			IDigest	writeDigest)
+		{
+			this.stream = stream;
+			this.inDigest = readDigest;
+			this.outDigest = writeDigest;
+		}
+
+		public virtual IDigest ReadDigest()
+		{
+			return inDigest;
+		}
+
+		public virtual IDigest WriteDigest()
+		{
+			return outDigest;
+		}
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			int n = stream.Read(buffer, offset, count);
+			if (inDigest != null)
+			{
+				if (n > 0)
+				{
+					inDigest.BlockUpdate(buffer, offset, n);
+				}
+			}
+			return n;
+		}
+
+		public override int ReadByte()
+		{
+			int b = stream.ReadByte();
+			if (inDigest != null)
+			{
+				if (b >= 0)
+				{
+					inDigest.Update((byte)b);
+				}
+			}
+			return b;
+		}
+
+		public override void Write(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			if (outDigest != null)
+			{
+				if (count > 0)
+				{
+					outDigest.BlockUpdate(buffer, offset, count);
+				}
+			}
+			stream.Write(buffer, offset, count);
+		}
+
+		public override void WriteByte(
+			byte b)
+		{
+			if (outDigest != null)
+			{
+				outDigest.Update(b);
+			}
+			stream.WriteByte(b);
+		}
+
+		public override bool CanRead
+		{
+			get { return stream.CanRead; }
+		}
+
+		public override bool CanWrite
+		{
+			get { return stream.CanWrite; }
+		}
+
+		public override bool CanSeek
+		{
+			get { return stream.CanSeek; }
+		}
+
+		public override long Length
+		{
+			get { return stream.Length; }
+		}
+
+		public override long Position
+		{
+			get { return stream.Position; }
+			set { stream.Position = value; }
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(stream);
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+		{
+            Platform.Dispose(stream);
+            base.Close();
+		}
+#endif
+
+        public override void Flush()
+		{
+			stream.Flush();
+		}
+
+		public override long Seek(
+			long		offset,
+			SeekOrigin	origin)
+		{
+			return stream.Seek(offset, origin);
+		}
+
+		public override void SetLength(
+			long length)
+		{
+			stream.SetLength(length);
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/io/MacStream.cs b/bc-sharp-crypto/src/crypto/io/MacStream.cs
new file mode 100644
index 0000000..d9b8323
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/io/MacStream.cs
@@ -0,0 +1,150 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.IO
+{
+	public class MacStream
+		: Stream
+	{
+		protected readonly Stream stream;
+		protected readonly IMac inMac;
+		protected readonly IMac outMac;
+
+		public MacStream(
+			Stream	stream,
+			IMac	readMac,
+			IMac	writeMac)
+		{
+			this.stream = stream;
+			this.inMac = readMac;
+			this.outMac = writeMac;
+		}
+
+		public virtual IMac ReadMac()
+		{
+			return inMac;
+		}
+
+		public virtual IMac WriteMac()
+		{
+			return outMac;
+		}
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			int n = stream.Read(buffer, offset, count);
+			if (inMac != null)
+			{
+				if (n > 0)
+				{
+					inMac.BlockUpdate(buffer, offset, n);
+				}
+			}
+			return n;
+		}
+
+		public override int ReadByte()
+		{
+			int b = stream.ReadByte();
+			if (inMac != null)
+			{
+				if (b >= 0)
+				{
+					inMac.Update((byte)b);
+				}
+			}
+			return b;
+		}
+
+		public override void Write(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			if (outMac != null)
+			{
+				if (count > 0)
+				{
+					outMac.BlockUpdate(buffer, offset, count);
+				}
+			}
+			stream.Write(buffer, offset, count);
+		}
+
+		public override void WriteByte(byte b)
+		{
+			if (outMac != null)
+			{
+				outMac.Update(b);
+			}
+			stream.WriteByte(b);
+		}
+
+		public override bool CanRead
+		{
+			get { return stream.CanRead; }
+		}
+
+		public override bool CanWrite
+		{
+			get { return stream.CanWrite; }
+		}
+
+		public override bool CanSeek
+		{
+			get { return stream.CanSeek; }
+		}
+
+		public override long Length
+		{
+			get { return stream.Length; }
+		}
+
+		public override long Position
+		{
+			get { return stream.Position; }
+			set { stream.Position = value; }
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(stream);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            Platform.Dispose(stream);
+            base.Close();
+        }
+#endif
+
+        public override void Flush()
+		{
+			stream.Flush();
+		}
+
+		public override long Seek(
+			long		offset,
+			SeekOrigin	origin)
+		{
+			return stream.Seek(offset,origin);
+		}
+
+		public override void SetLength(
+			long length)
+		{
+			stream.SetLength(length);
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/io/SignerStream.cs b/bc-sharp-crypto/src/crypto/io/SignerStream.cs
new file mode 100644
index 0000000..1e37c8d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/io/SignerStream.cs
@@ -0,0 +1,151 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.IO
+{
+	public class SignerStream
+		: Stream
+	{
+		protected readonly Stream stream;
+		protected readonly ISigner inSigner;
+		protected readonly ISigner outSigner;
+
+		public SignerStream(
+			Stream	stream,
+			ISigner	readSigner,
+			ISigner	writeSigner)
+		{
+			this.stream = stream;
+			this.inSigner = readSigner;
+			this.outSigner = writeSigner;
+		}
+
+		public virtual ISigner ReadSigner()
+		{
+			return inSigner;
+		}
+
+		public virtual ISigner WriteSigner()
+		{
+			return outSigner;
+		}
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			int n = stream.Read(buffer, offset, count);
+			if (inSigner != null)
+			{
+				if (n > 0)
+				{
+					inSigner.BlockUpdate(buffer, offset, n);
+				}
+			}
+			return n;
+		}
+
+		public override int ReadByte()
+		{
+			int b = stream.ReadByte();
+			if (inSigner != null)
+			{
+				if (b >= 0)
+				{
+					inSigner.Update((byte)b);
+				}
+			}
+			return b;
+		}
+
+		public override void Write(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			if (outSigner != null)
+			{
+				if (count > 0)
+				{
+					outSigner.BlockUpdate(buffer, offset, count);
+				}
+			}
+			stream.Write(buffer, offset, count);
+		}
+
+		public override void WriteByte(
+			byte b)
+		{
+			if (outSigner != null)
+			{
+				outSigner.Update(b);
+			}
+			stream.WriteByte(b);
+		}
+
+		public override bool CanRead
+		{
+			get { return stream.CanRead; }
+		}
+
+		public override bool CanWrite
+		{
+			get { return stream.CanWrite; }
+		}
+
+		public override bool CanSeek
+		{
+			get { return stream.CanSeek; }
+		}
+
+		public override long Length
+		{
+			get { return stream.Length; }
+		}
+
+		public override long Position
+		{
+			get { return stream.Position; }
+			set { stream.Position = value; }
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(stream);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            Platform.Dispose(stream);
+            base.Close();
+        }
+#endif
+
+        public override void Flush()
+		{
+			stream.Flush();
+		}
+
+		public override long Seek(
+			long		offset,
+			SeekOrigin	origin)
+		{
+			return stream.Seek(offset, origin);
+		}
+
+		public override void SetLength(
+			long length)
+		{
+			stream.SetLength(length);
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/macs/CMac.cs b/bc-sharp-crypto/src/crypto/macs/CMac.cs
new file mode 100644
index 0000000..682c12b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/CMac.cs
@@ -0,0 +1,257 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /**
+    * CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html
+    * <p>
+    * CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC
+    * </p><p>
+    * CMAC is a NIST recomendation - see 
+    * csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
+    * </p><p>
+    * CMAC/OMAC1 is a blockcipher-based message authentication code designed and
+    * analyzed by Tetsu Iwata and Kaoru Kurosawa.
+    * </p><p>
+    * CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message 
+    * Authentication Code). OMAC stands for One-Key CBC MAC.
+    * </p><p>
+    * It supports 128- or 64-bits block ciphers, with any key size, and returns
+    * a MAC with dimension less or equal to the block size of the underlying 
+    * cipher.
+    * </p>
+    */
+    public class CMac
+        : IMac
+    {
+        private const byte CONSTANT_128 = (byte)0x87;
+        private const byte CONSTANT_64 = (byte)0x1b;
+
+        private byte[] ZEROES;
+
+        private byte[] mac;
+
+        private byte[] buf;
+        private int bufOff;
+        private IBlockCipher cipher;
+
+        private int macSize;
+
+        private byte[] L, Lu, Lu2;
+
+        /**
+        * create a standard MAC based on a CBC block cipher (64 or 128 bit block).
+        * This will produce an authentication code the length of the block size
+        * of the cipher.
+        *
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        */
+        public CMac(
+            IBlockCipher cipher)
+            : this(cipher, cipher.GetBlockSize() * 8)
+        {
+        }
+
+        /**
+        * create a standard MAC based on a block cipher with the size of the
+        * MAC been given in bits.
+        * <p/>
+        * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+        * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+        * and in general should be less than the size of the block cipher as it reduces
+        * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+        *
+        * @param cipher        the cipher to be used as the basis of the MAC generation.
+        * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8 and @lt;= 128.
+        */
+        public CMac(
+            IBlockCipher	cipher,
+            int				macSizeInBits)
+        {
+            if ((macSizeInBits % 8) != 0)
+                throw new ArgumentException("MAC size must be multiple of 8");
+
+            if (macSizeInBits > (cipher.GetBlockSize() * 8))
+            {
+                throw new ArgumentException(
+                    "MAC size must be less or equal to "
+                        + (cipher.GetBlockSize() * 8));
+            }
+
+            if (cipher.GetBlockSize() != 8 && cipher.GetBlockSize() != 16)
+            {
+                throw new ArgumentException(
+                    "Block size must be either 64 or 128 bits");
+            }
+
+            this.cipher = new CbcBlockCipher(cipher);
+            this.macSize = macSizeInBits / 8;
+
+            mac = new byte[cipher.GetBlockSize()];
+
+            buf = new byte[cipher.GetBlockSize()];
+
+            ZEROES = new byte[cipher.GetBlockSize()];
+
+            bufOff = 0;
+        }
+
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName; }
+        }
+
+        private static int ShiftLeft(byte[] block, byte[] output)
+        {
+            int i = block.Length;
+            uint bit = 0;
+            while (--i >= 0)
+            {
+                uint b = block[i];
+                output[i] = (byte)((b << 1) | bit);
+                bit = (b >> 7) & 1;
+            }
+            return (int)bit;
+        }
+
+        private static byte[] DoubleLu(byte[] input)
+        {
+            byte[] ret = new byte[input.Length];
+            int carry = ShiftLeft(input, ret);
+            int xor = input.Length == 16 ? CONSTANT_128 : CONSTANT_64;
+
+            /*
+             * NOTE: This construction is an attempt at a constant-time implementation.
+             */
+            ret[input.Length - 1] ^= (byte)(xor >> ((1 - carry) << 3));
+
+            return ret;
+        }
+
+        public void Init(
+            ICipherParameters parameters)
+        {
+            if (parameters is KeyParameter)
+            {
+                cipher.Init(true, parameters);
+
+                //initializes the L, Lu, Lu2 numbers
+                L = new byte[ZEROES.Length];
+                cipher.ProcessBlock(ZEROES, 0, L, 0);
+                Lu = DoubleLu(L);
+                Lu2 = DoubleLu(Lu);
+            }
+            else if (parameters != null)
+            {
+                // CMAC mode does not permit IV to underlying CBC mode
+                throw new ArgumentException("CMac mode only permits key to be set.", "parameters");
+            }
+
+            Reset();
+        }
+
+        public int GetMacSize()
+        {
+            return macSize;
+        }
+
+        public void Update(
+            byte input)
+        {
+            if (bufOff == buf.Length)
+            {
+                cipher.ProcessBlock(buf, 0, mac, 0);
+                bufOff = 0;
+            }
+
+            buf[bufOff++] = input;
+        }
+
+        public void BlockUpdate(
+            byte[]	inBytes,
+            int		inOff,
+            int		len)
+        {
+            if (len < 0)
+                throw new ArgumentException("Can't have a negative input length!");
+
+            int blockSize = cipher.GetBlockSize();
+            int gapLen = blockSize - bufOff;
+
+            if (len > gapLen)
+            {
+                Array.Copy(inBytes, inOff, buf, bufOff, gapLen);
+
+                cipher.ProcessBlock(buf, 0, mac, 0);
+
+                bufOff = 0;
+                len -= gapLen;
+                inOff += gapLen;
+
+                while (len > blockSize)
+                {
+                    cipher.ProcessBlock(inBytes, inOff, mac, 0);
+
+                    len -= blockSize;
+                    inOff += blockSize;
+                }
+            }
+
+            Array.Copy(inBytes, inOff, buf, bufOff, len);
+
+            bufOff += len;
+        }
+
+        public int DoFinal(
+            byte[]	outBytes,
+            int		outOff)
+        {
+            int blockSize = cipher.GetBlockSize();
+
+            byte[] lu;
+            if (bufOff == blockSize)
+            {
+                lu = Lu;
+            }
+            else
+            {
+                new ISO7816d4Padding().AddPadding(buf, bufOff);
+                lu = Lu2;
+            }
+
+            for (int i = 0; i < mac.Length; i++)
+            {
+                buf[i] ^= lu[i];
+            }
+
+            cipher.ProcessBlock(buf, 0, mac, 0);
+
+            Array.Copy(mac, 0, outBytes, outOff, macSize);
+
+            Reset();
+
+            return macSize;
+        }
+
+        /**
+        * Reset the mac generator.
+        */
+        public void Reset()
+        {
+            /*
+            * clean the buffer.
+            */
+            Array.Clear(buf, 0, buf.Length);
+            bufOff = 0;
+
+            /*
+            * Reset the underlying cipher.
+            */
+            cipher.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/CbcBlockCipherMac.cs b/bc-sharp-crypto/src/crypto/macs/CbcBlockCipherMac.cs
new file mode 100644
index 0000000..146e16a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/CbcBlockCipherMac.cs
@@ -0,0 +1,209 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /**
+    * standard CBC Block Cipher MAC - if no padding is specified the default of
+    * pad of zeroes is used.
+    */
+    public class CbcBlockCipherMac
+		: IMac
+    {
+        private byte[] buf;
+        private int bufOff;
+        private IBlockCipher cipher;
+        private IBlockCipherPadding padding;
+		private int macSize;
+
+		/**
+        * create a standard MAC based on a CBC block cipher. This will produce an
+        * authentication code half the length of the block size of the cipher.
+        *
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        */
+        public CbcBlockCipherMac(
+			IBlockCipher cipher)
+			: this(cipher, (cipher.GetBlockSize() * 8) / 2, null)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a CBC block cipher. This will produce an
+        * authentication code half the length of the block size of the cipher.
+        *
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param padding the padding to be used to complete the last block.
+        */
+        public CbcBlockCipherMac(
+            IBlockCipher		cipher,
+            IBlockCipherPadding	padding)
+        : this(cipher, (cipher.GetBlockSize() * 8) / 2, padding)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a block cipher with the size of the
+        * MAC been given in bits. This class uses CBC mode as the basis for the
+        * MAC generation.
+        * <p>
+        * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+        * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+        * and in general should be less than the size of the block cipher as it reduces
+        * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+        * </p>
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+        */
+        public CbcBlockCipherMac(
+            IBlockCipher	cipher,
+            int				macSizeInBits)
+			: this(cipher, macSizeInBits, null)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a block cipher with the size of the
+        * MAC been given in bits. This class uses CBC mode as the basis for the
+        * MAC generation.
+        * <p>
+        * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+        * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+        * and in general should be less than the size of the block cipher as it reduces
+        * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+        * </p>
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+        * @param padding the padding to be used to complete the last block.
+        */
+        public CbcBlockCipherMac(
+            IBlockCipher		cipher,
+            int					macSizeInBits,
+            IBlockCipherPadding	padding)
+        {
+            if ((macSizeInBits % 8) != 0)
+                throw new ArgumentException("MAC size must be multiple of 8");
+
+			this.cipher = new CbcBlockCipher(cipher);
+            this.padding = padding;
+            this.macSize = macSizeInBits / 8;
+
+			buf = new byte[cipher.GetBlockSize()];
+            bufOff = 0;
+        }
+
+		public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName; }
+        }
+
+		public void Init(
+            ICipherParameters parameters)
+        {
+            Reset();
+
+			cipher.Init(true, parameters);
+        }
+
+		public int GetMacSize()
+        {
+            return macSize;
+        }
+
+		public void Update(
+            byte input)
+        {
+			if (bufOff == buf.Length)
+            {
+				cipher.ProcessBlock(buf, 0, buf, 0);
+                bufOff = 0;
+            }
+
+			buf[bufOff++] = input;
+        }
+
+        public void BlockUpdate(
+            byte[]	input,
+            int		inOff,
+            int		len)
+        {
+            if (len < 0)
+                throw new ArgumentException("Can't have a negative input length!");
+
+			int blockSize = cipher.GetBlockSize();
+            int gapLen = blockSize - bufOff;
+
+            if (len > gapLen)
+            {
+                Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+                cipher.ProcessBlock(buf, 0, buf, 0);
+
+                bufOff = 0;
+                len -= gapLen;
+                inOff += gapLen;
+
+                while (len > blockSize)
+                {
+                    cipher.ProcessBlock(input, inOff, buf, 0);
+
+                    len -= blockSize;
+                    inOff += blockSize;
+                }
+            }
+
+            Array.Copy(input, inOff, buf, bufOff, len);
+
+            bufOff += len;
+        }
+
+        public int DoFinal(
+            byte[]	output,
+            int		outOff)
+        {
+            int blockSize = cipher.GetBlockSize();
+
+            if (padding == null)
+            {
+                // pad with zeroes
+                while (bufOff < blockSize)
+                {
+                    buf[bufOff++] = 0;
+                }
+            }
+            else
+            {
+                if (bufOff == blockSize)
+                {
+                    cipher.ProcessBlock(buf, 0, buf, 0);
+                    bufOff = 0;
+                }
+
+				padding.AddPadding(buf, bufOff);
+            }
+
+			cipher.ProcessBlock(buf, 0, buf, 0);
+
+			Array.Copy(buf, 0, output, outOff, macSize);
+
+			Reset();
+
+			return macSize;
+        }
+
+		/**
+        * Reset the mac generator.
+        */
+        public void Reset()
+        {
+            // Clear the buffer.
+			Array.Clear(buf, 0, buf.Length);
+			bufOff = 0;
+
+			// Reset the underlying cipher.
+            cipher.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/CfbBlockCipherMac.cs b/bc-sharp-crypto/src/crypto/macs/CfbBlockCipherMac.cs
new file mode 100644
index 0000000..364cf84
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/CfbBlockCipherMac.cs
@@ -0,0 +1,368 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /**
+    * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
+    */
+    class MacCFBBlockCipher
+		: IBlockCipher
+    {
+        private byte[] IV;
+        private byte[] cfbV;
+        private byte[] cfbOutV;
+
+		private readonly int blockSize;
+        private readonly IBlockCipher cipher;
+
+		/**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used as the basis of the
+        * feedback mode.
+        * @param blockSize the block size in bits (note: a multiple of 8)
+        */
+        public MacCFBBlockCipher(
+            IBlockCipher	cipher,
+            int				bitBlockSize)
+        {
+            this.cipher = cipher;
+            this.blockSize = bitBlockSize / 8;
+
+            this.IV = new byte[cipher.GetBlockSize()];
+            this.cfbV = new byte[cipher.GetBlockSize()];
+            this.cfbOutV = new byte[cipher.GetBlockSize()];
+        }
+
+		/**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        * An IV which is too short is handled in FIPS compliant fashion.
+        *
+        * @param param the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+		public void Init(
+			bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+			if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV)parameters;
+                byte[] iv = ivParam.GetIV();
+
+                if (iv.Length < IV.Length)
+                {
+                    Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length);
+                }
+                else
+                {
+                    Array.Copy(iv, 0, IV, 0, IV.Length);
+                }
+
+				parameters = ivParam.Parameters;
+            }
+
+			Reset();
+
+			cipher.Init(true, parameters);
+        }
+
+        /**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/CFB"
+        * and the block size in bits.
+        */
+        public string AlgorithmName
+        {
+			get { return cipher.AlgorithmName + "/CFB" + (blockSize * 8); }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+		/**
+        * return the block size we are operating at.
+        *
+        * @return the block size we are operating at (in bytes).
+        */
+        public int GetBlockSize()
+        {
+            return blockSize;
+        }
+
+		/**
+        * Process one block of input from the array in and write it to
+        * the out array.
+        *
+        * @param in the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+                throw new DataLengthException("input buffer too short");
+
+			if ((outOff + blockSize) > outBytes.Length)
+                throw new DataLengthException("output buffer too short");
+
+			cipher.ProcessBlock(cfbV, 0, cfbOutV, 0);
+
+            //
+            // XOR the cfbV with the plaintext producing the cipher text
+            //
+            for (int i = 0; i < blockSize; i++)
+            {
+                outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]);
+            }
+
+			//
+            // change over the input block.
+            //
+            Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize);
+            Array.Copy(outBytes, outOff, cfbV, cfbV.Length - blockSize, blockSize);
+
+			return blockSize;
+        }
+
+		/**
+        * reset the chaining vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+			IV.CopyTo(cfbV, 0);
+
+			cipher.Reset();
+        }
+
+		public void GetMacBlock(
+            byte[] mac)
+        {
+            cipher.ProcessBlock(cfbV, 0, mac, 0);
+        }
+    }
+
+	public class CfbBlockCipherMac
+		: IMac
+    {
+        private byte[] mac;
+        private byte[] Buffer;
+        private int bufOff;
+        private MacCFBBlockCipher cipher;
+        private IBlockCipherPadding padding;
+        private int macSize;
+
+		/**
+        * create a standard MAC based on a CFB block cipher. This will produce an
+        * authentication code half the length of the block size of the cipher, with
+        * the CFB mode set to 8 bits.
+        *
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        */
+        public CfbBlockCipherMac(
+            IBlockCipher cipher)
+			: this(cipher, 8, (cipher.GetBlockSize() * 8) / 2, null)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a CFB block cipher. This will produce an
+        * authentication code half the length of the block size of the cipher, with
+        * the CFB mode set to 8 bits.
+        *
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param padding the padding to be used.
+        */
+        public CfbBlockCipherMac(
+            IBlockCipher		cipher,
+            IBlockCipherPadding	padding)
+			: this(cipher, 8, (cipher.GetBlockSize() * 8) / 2, padding)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a block cipher with the size of the
+        * MAC been given in bits. This class uses CFB mode as the basis for the
+        * MAC generation.
+        * <p>
+        * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+        * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+        * and in general should be less than the size of the block cipher as it reduces
+        * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+        * </p>
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param cfbBitSize the size of an output block produced by the CFB mode.
+        * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+        */
+        public CfbBlockCipherMac(
+            IBlockCipher	cipher,
+            int				cfbBitSize,
+            int				macSizeInBits)
+			: this(cipher, cfbBitSize, macSizeInBits, null)
+		{
+		}
+
+		/**
+        * create a standard MAC based on a block cipher with the size of the
+        * MAC been given in bits. This class uses CFB mode as the basis for the
+        * MAC generation.
+        * <p>
+        * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+        * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+        * and in general should be less than the size of the block cipher as it reduces
+        * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+        * </p>
+        * @param cipher the cipher to be used as the basis of the MAC generation.
+        * @param cfbBitSize the size of an output block produced by the CFB mode.
+        * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+        * @param padding a padding to be used.
+        */
+        public CfbBlockCipherMac(
+            IBlockCipher		cipher,
+            int					cfbBitSize,
+            int					macSizeInBits,
+            IBlockCipherPadding	padding)
+        {
+            if ((macSizeInBits % 8) != 0)
+                throw new ArgumentException("MAC size must be multiple of 8");
+
+			mac = new byte[cipher.GetBlockSize()];
+
+			this.cipher = new MacCFBBlockCipher(cipher, cfbBitSize);
+            this.padding = padding;
+            this.macSize = macSizeInBits / 8;
+
+			Buffer = new byte[this.cipher.GetBlockSize()];
+            bufOff = 0;
+        }
+
+		public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName; }
+        }
+
+		public void Init(
+            ICipherParameters parameters)
+        {
+            Reset();
+
+			cipher.Init(true, parameters);
+        }
+
+		public int GetMacSize()
+        {
+            return macSize;
+        }
+
+		public void Update(
+            byte input)
+        {
+            if (bufOff == Buffer.Length)
+            {
+				cipher.ProcessBlock(Buffer, 0, mac, 0);
+                bufOff = 0;
+            }
+
+			Buffer[bufOff++] = input;
+        }
+
+		public void BlockUpdate(
+            byte[]	input,
+            int		inOff,
+            int		len)
+        {
+            if (len < 0)
+                throw new ArgumentException("Can't have a negative input length!");
+
+			int blockSize = cipher.GetBlockSize();
+            int resultLen = 0;
+            int gapLen = blockSize - bufOff;
+
+			if (len > gapLen)
+            {
+                Array.Copy(input, inOff, Buffer, bufOff, gapLen);
+
+				resultLen += cipher.ProcessBlock(Buffer, 0, mac, 0);
+
+				bufOff = 0;
+                len -= gapLen;
+                inOff += gapLen;
+
+				while (len > blockSize)
+                {
+                    resultLen += cipher.ProcessBlock(input, inOff, mac, 0);
+
+					len -= blockSize;
+                    inOff += blockSize;
+                }
+            }
+
+			Array.Copy(input, inOff, Buffer, bufOff, len);
+
+			bufOff += len;
+        }
+
+		public int DoFinal(
+            byte[]	output,
+            int		outOff)
+        {
+            int blockSize = cipher.GetBlockSize();
+
+            // pad with zeroes
+            if (this.padding == null)
+            {
+                while (bufOff < blockSize)
+                {
+                    Buffer[bufOff++] = 0;
+                }
+            }
+            else
+            {
+                padding.AddPadding(Buffer, bufOff);
+            }
+
+			cipher.ProcessBlock(Buffer, 0, mac, 0);
+
+			cipher.GetMacBlock(mac);
+
+			Array.Copy(mac, 0, output, outOff, macSize);
+
+			Reset();
+
+			return macSize;
+        }
+
+        /**
+        * Reset the mac generator.
+        */
+        public void Reset()
+        {
+            // Clear the buffer.
+			Array.Clear(Buffer, 0, Buffer.Length);
+            bufOff = 0;
+
+			// Reset the underlying cipher.
+            cipher.Reset();
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/DSTU7564Mac.cs b/bc-sharp-crypto/src/crypto/macs/DSTU7564Mac.cs
new file mode 100644
index 0000000..36e8641
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/DSTU7564Mac.cs
@@ -0,0 +1,143 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /// <summary>
+    /// Implementation of DSTU7564 mac mode
+    /// </summary>
+    public class Dstu7564Mac
+        : IMac
+    {
+        private Dstu7564Digest engine;
+        private int macSize;
+
+        private ulong inputLength;
+
+        byte[] paddedKey;
+        byte[] invertedKey;
+
+        public string AlgorithmName
+        {
+            get { return "DSTU7564Mac"; }
+        }
+
+        public Dstu7564Mac(int macSizeBits)
+        {
+            engine = new Dstu7564Digest(macSizeBits);
+            macSize = macSizeBits / 8;
+        }
+
+        public void Init(ICipherParameters parameters)
+        {
+            if (parameters is KeyParameter)
+            {
+                byte[] key = ((KeyParameter)parameters).GetKey();
+
+                invertedKey = new byte[key.Length];
+
+                paddedKey = PadKey(key);
+
+                for (int byteIndex = 0; byteIndex < invertedKey.Length; byteIndex++)
+                {
+                    invertedKey[byteIndex] = (byte)(key[byteIndex] ^ (byte)0xFF);
+                }
+            }
+            else
+            {
+                throw new ArgumentException("Bad parameter passed");
+            }
+
+            engine.BlockUpdate(paddedKey, 0, paddedKey.Length);
+        }
+
+        public int GetMacSize()
+        {
+            return macSize;
+        }
+
+        public void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            Check.DataLength(input, inOff, len, "Input buffer too short");
+
+            if (paddedKey == null)
+                throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            engine.BlockUpdate(input, inOff, len);
+            inputLength += (ulong)len;
+        }
+
+        public void Update(byte input)
+        {
+            engine.Update(input);
+            inputLength++;
+        }
+
+        public int DoFinal(byte[] output, int outOff)
+        {
+            Check.OutputLength(output, outOff, macSize, "Output buffer too short");
+
+            if (paddedKey == null)
+                throw new InvalidOperationException(AlgorithmName + " not initialised");
+
+            Pad();
+
+            engine.BlockUpdate(invertedKey, 0, invertedKey.Length);
+
+            inputLength = 0;
+
+            return engine.DoFinal(output, outOff);
+        }
+
+        public void Reset()
+        {
+            inputLength = 0;
+            engine.Reset();
+            if (paddedKey != null)
+            {
+                engine.BlockUpdate(paddedKey, 0, paddedKey.Length);
+            }
+        }
+
+        private void Pad()
+        {
+            int extra = engine.GetByteLength() - (int)(inputLength % (ulong)engine.GetByteLength());
+            if (extra < 13)  // terminator byte + 96 bits of length
+            {
+                extra += engine.GetByteLength();
+            }
+
+            byte[] padded = new byte[extra];
+
+            padded[0] = (byte)0x80; // Defined in standard;
+
+            // Defined in standard;
+            Pack.UInt64_To_LE(inputLength * 8, padded, padded.Length - 12);
+
+            engine.BlockUpdate(padded, 0, padded.Length);
+        }
+
+        private byte[] PadKey(byte[] input)
+        {
+            int paddedLen = ((input.Length + engine.GetByteLength() - 1) / engine.GetByteLength()) * engine.GetByteLength();
+
+            int extra = engine.GetByteLength() - (int)(input.Length % engine.GetByteLength());
+            if (extra < 13)  // terminator byte + 96 bits of length
+            {
+                paddedLen += engine.GetByteLength();
+            }
+
+            byte[] padded = new byte[paddedLen];
+
+            Array.Copy(input, 0, padded, 0, input.Length);
+
+            padded[input.Length] = (byte)0x80; // Defined in standard;
+            Pack.UInt32_To_LE((uint)(input.Length * 8), padded, padded.Length - 12); // Defined in standard;
+
+            return padded;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/DSTU7624Mac.cs b/bc-sharp-crypto/src/crypto/macs/DSTU7624Mac.cs
new file mode 100644
index 0000000..953d816
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/DSTU7624Mac.cs
@@ -0,0 +1,160 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+     /**
+     * implementation of DSTU 7624 MAC
+     */
+     public class Dstu7624Mac : IMac
+     {
+          private int macSize;
+                    
+          private Dstu7624Engine engine;
+          private int blockSize;
+
+          private byte[] c, cTemp, kDelta;
+          private byte[] buf;
+          private int bufOff;
+
+          public Dstu7624Mac(int blockSizeBits, int q)
+          {
+               engine = new Dstu7624Engine(blockSizeBits);
+
+               blockSize = blockSizeBits / 8;
+
+               macSize = q / 8;
+
+               c = new byte[blockSize];
+              
+               cTemp = new byte[blockSize];
+
+               kDelta = new byte[blockSize];
+               buf = new byte[blockSize];
+        }
+
+          public void Init(ICipherParameters parameters)
+          {
+               if (parameters is KeyParameter)
+               {
+                    engine.Init(true, (KeyParameter)parameters);
+
+                    engine.ProcessBlock(kDelta, 0, kDelta, 0);
+               }
+               else
+               {
+                    throw new ArgumentException("invalid parameter passed to Dstu7624Mac init - "
+                    + Platform.GetTypeName(parameters));
+               }             
+          }
+
+          public string AlgorithmName
+          {
+               get { return "Dstu7624Mac"; }
+          }
+
+          public int GetMacSize()
+          {
+               return macSize;
+          }
+
+          public void Update(byte input)
+          {
+            if (bufOff == buf.Length)
+            {
+                processBlock(buf, 0);
+                bufOff = 0;
+            }
+
+            buf[bufOff++] = input;
+        }
+
+          public void BlockUpdate(byte[] input, int inOff, int len)
+          {
+            if (len < 0)
+            {
+                throw new ArgumentException(
+                    "Can't have a negative input length!");
+            }
+
+            int blockSize = engine.GetBlockSize();
+            int gapLen = blockSize - bufOff;
+
+            if (len > gapLen)
+            {
+                Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+                processBlock(buf, 0);
+
+                bufOff = 0;
+                len -= gapLen;
+                inOff += gapLen;
+
+                while (len > blockSize)
+                {
+                    processBlock(input, inOff);
+
+                    len -= blockSize;
+                    inOff += blockSize;
+                }
+            }
+
+            Array.Copy(input, inOff, buf, bufOff, len);
+
+            bufOff += len;
+        }
+
+        private void processBlock(byte[] input, int inOff)
+        {
+            Xor(c, 0, input, inOff, cTemp);
+
+            engine.ProcessBlock(cTemp, 0, c, 0);
+        }
+
+        private void Xor(byte[] c, int cOff, byte[] input, int inOff, byte[] xorResult)
+          {
+               for (int byteIndex = 0; byteIndex < blockSize; byteIndex++)
+               {
+                    xorResult[byteIndex] = (byte)(c[byteIndex + cOff] ^ input[byteIndex + inOff]);
+               }
+          }
+
+          public int DoFinal(byte[] output, int outOff)
+          {
+            if (bufOff % buf.Length != 0)
+            {
+                throw new DataLengthException("Input must be a multiple of blocksize");
+            }
+
+            //Last block
+            Xor(c, 0, buf, 0, cTemp);
+            Xor(cTemp, 0, kDelta, 0, c);
+            engine.ProcessBlock(c, 0, c, 0);
+
+            if (macSize + outOff > output.Length)
+            {
+                throw new DataLengthException("Output buffer too short");
+            }
+
+            Array.Copy(c, 0, output, outOff, macSize);
+
+            return macSize;
+        }
+
+          public void Reset()
+          {
+            Arrays.Fill(c, (byte)0x00);
+            Arrays.Fill(cTemp, (byte)0x00);
+            Arrays.Fill(kDelta, (byte)0x00);
+            Arrays.Fill(buf, (byte)0x00);
+            engine.Reset();
+            engine.ProcessBlock(kDelta, 0, kDelta, 0);
+            bufOff = 0;
+        }
+     }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/GMac.cs b/bc-sharp-crypto/src/crypto/macs/GMac.cs
new file mode 100644
index 0000000..f2c3990
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/GMac.cs
@@ -0,0 +1,112 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /// <summary>
+    /// The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
+    /// 800-38D.
+    /// </summary>
+    /// <remarks>
+    /// GMac is an invocation of the GCM mode where no data is encrypted (i.e. all input data to the Mac
+    /// is processed as additional authenticated data with the underlying GCM block cipher).
+    /// </remarks>
+    public class GMac 
+        : IMac
+    {
+        private readonly GcmBlockCipher cipher;
+        private readonly int macSizeBits;
+
+        /// <summary>
+        /// Creates a GMAC based on the operation of a block cipher in GCM mode.
+        /// </summary>
+        /// <remarks>
+        /// This will produce an authentication code the length of the block size of the cipher.
+        /// </remarks>
+        /// <param name="cipher">the cipher to be used in GCM mode to generate the MAC.</param>
+        public GMac(GcmBlockCipher cipher)
+            : this(cipher, 128)
+        {
+        }
+
+        /// <summary>
+        /// Creates a GMAC based on the operation of a 128 bit block cipher in GCM mode.
+        /// </summary>
+        /// <remarks>
+        /// This will produce an authentication code the length of the block size of the cipher.
+        /// </remarks>
+        /// <param name="cipher">the cipher to be used in GCM mode to generate the MAC.</param>
+        /// <param name="macSizeBits">the mac size to generate, in bits. Must be a multiple of 8, between 32 and 128 (inclusive).
+        /// Sizes less than 96 are not recommended, but are supported for specialized applications.</param>
+        public GMac(GcmBlockCipher cipher, int macSizeBits)
+        {
+            this.cipher = cipher;
+            this.macSizeBits = macSizeBits;
+        }
+
+        /// <summary>
+        /// Initialises the GMAC - requires a <see cref="Org.BouncyCastle.Crypto.Parameters.ParametersWithIV"/> 
+        /// providing a <see cref="Org.BouncyCastle.Crypto.Parameters.KeyParameter"/> and a nonce.
+        /// </summary>
+        public void Init(ICipherParameters parameters)
+        {
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV param = (ParametersWithIV)parameters;
+
+                byte[] iv = param.GetIV();
+                KeyParameter keyParam = (KeyParameter)param.Parameters;
+
+                // GCM is always operated in encrypt mode to calculate MAC
+                cipher.Init(true, new AeadParameters(keyParam, macSizeBits, iv));
+            }
+            else
+            {
+                throw new ArgumentException("GMAC requires ParametersWithIV");
+            }
+        }
+
+        public string AlgorithmName
+        {
+            get { return cipher.GetUnderlyingCipher().AlgorithmName + "-GMAC"; }
+        }
+
+        public int GetMacSize()
+        {
+            return macSizeBits / 8;
+        }
+
+        public void Update(byte input) 
+        {
+            cipher.ProcessAadByte(input);
+        }
+
+        public void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            cipher.ProcessAadBytes(input, inOff, len);
+        }
+
+        public int DoFinal(byte[] output, int outOff)
+        {
+            try
+            {
+                return cipher.DoFinal(output, outOff);
+            }
+            catch (InvalidCipherTextException e)
+            {
+                // Impossible in encrypt mode
+                throw new InvalidOperationException(e.ToString());
+            }
+        }
+
+        public void Reset()
+        {
+            cipher.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/GOST28147Mac.cs b/bc-sharp-crypto/src/crypto/macs/GOST28147Mac.cs
new file mode 100644
index 0000000..cc6b723
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/GOST28147Mac.cs
@@ -0,0 +1,297 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+	/**
+	* implementation of GOST 28147-89 MAC
+	*/
+	public class Gost28147Mac : IMac
+	{
+		private const int			blockSize = 8;
+		private const int			macSize = 4;
+		private int					bufOff;
+		private byte[]				buf;
+		private byte[]				mac;
+		private bool				firstStep = true;
+		private int[]				workingKey;
+
+		//
+		// This is default S-box - E_A.
+		private byte[] S =
+		{
+			0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5,
+			0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1,
+			0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9,
+			0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6,
+			0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6,
+			0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6,
+			0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE,
+			0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4
+		};
+
+		public Gost28147Mac()
+		{
+			mac = new byte[blockSize];
+			buf = new byte[blockSize];
+			bufOff = 0;
+		}
+
+		private static int[] generateWorkingKey(
+			byte[] userKey)
+		{
+			if (userKey.Length != 32)
+				throw new ArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!");
+
+			int[] key = new int[8];
+			for(int i=0; i!=8; i++)
+			{
+				key[i] = bytesToint(userKey,i*4);
+			}
+
+			return key;
+		}
+
+		public void Init(
+			ICipherParameters parameters)
+		{
+			Reset();
+			buf = new byte[blockSize];
+			if (parameters is ParametersWithSBox)
+			{
+				ParametersWithSBox param = (ParametersWithSBox)parameters;
+
+				//
+				// Set the S-Box
+				//
+				param.GetSBox().CopyTo(this.S, 0);
+
+				//
+				// set key if there is one
+				//
+				if (param.Parameters != null)
+				{
+					workingKey = generateWorkingKey(((KeyParameter)param.Parameters).GetKey());
+				}
+			}
+			else if (parameters is KeyParameter)
+			{
+				workingKey = generateWorkingKey(((KeyParameter)parameters).GetKey());
+			}
+			else
+			{
+				throw new ArgumentException("invalid parameter passed to Gost28147 init - "
+                    + Platform.GetTypeName(parameters));
+			}
+		}
+
+		public string AlgorithmName
+		{
+			get { return "Gost28147Mac"; }
+		}
+
+		public int GetMacSize()
+		{
+			return macSize;
+		}
+
+		private int gost28147_mainStep(int n1, int key)
+		{
+			int cm = (key + n1); // CM1
+
+			// S-box replacing
+
+			int om = S[  0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4);
+			om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4);
+			om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4);
+			om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4);
+			om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4);
+			om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4);
+			om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4);
+			om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4);
+
+//			return om << 11 | om >>> (32-11); // 11-leftshift
+			int omLeft = om << 11;
+			int omRight = (int)(((uint) om) >> (32 - 11)); // Note: Casts required to get unsigned bit rotation
+
+			return omLeft | omRight;
+		}
+
+		private void gost28147MacFunc(
+			int[]	workingKey,
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			int N1, N2, tmp;  //tmp -> for saving N1
+			N1 = bytesToint(input, inOff);
+			N2 = bytesToint(input, inOff + 4);
+
+			for (int k = 0; k < 2; k++)  // 1-16 steps
+			{
+				for (int j = 0; j < 8; j++)
+				{
+					tmp = N1;
+					N1 = N2 ^ gost28147_mainStep(N1, workingKey[j]); // CM2
+					N2 = tmp;
+				}
+			}
+
+			intTobytes(N1, output, outOff);
+			intTobytes(N2, output, outOff + 4);
+		}
+
+		//array of bytes to type int
+		private static int bytesToint(
+			byte[]	input,
+			int		inOff)
+		{
+			return (int)((input[inOff + 3] << 24) & 0xff000000) + ((input[inOff + 2] << 16) & 0xff0000)
+				+ ((input[inOff + 1] << 8) & 0xff00) + (input[inOff] & 0xff);
+		}
+
+		//int to array of bytes
+		private static void intTobytes(
+			int		num,
+			byte[]	output,
+			int		outOff)
+		{
+			output[outOff + 3] = (byte)(num >> 24);
+			output[outOff + 2] = (byte)(num >> 16);
+			output[outOff + 1] = (byte)(num >> 8);
+			output[outOff] =     (byte)num;
+		}
+
+		private static byte[] CM5func(
+			byte[]	buf,
+			int		bufOff,
+			byte[]	mac)
+		{
+			byte[] sum = new byte[buf.Length - bufOff];
+
+			Array.Copy(buf, bufOff, sum, 0, mac.Length);
+
+			for (int i = 0; i != mac.Length; i++)
+			{
+				sum[i] = (byte)(sum[i] ^ mac[i]);
+			}
+
+			return sum;
+		}
+
+		public void Update(
+			byte input)
+		{
+			if (bufOff == buf.Length)
+			{
+				byte[] sumbuf = new byte[buf.Length];
+				Array.Copy(buf, 0, sumbuf, 0, mac.Length);
+
+				if (firstStep)
+				{
+					firstStep = false;
+				}
+				else
+				{
+					sumbuf = CM5func(buf, 0, mac);
+				}
+
+				gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
+				bufOff = 0;
+			}
+
+			buf[bufOff++] = input;
+		}
+
+		public void BlockUpdate(
+			byte[]	input,
+			int		inOff,
+			int		len)
+		{
+			if (len < 0)
+				throw new ArgumentException("Can't have a negative input length!");
+
+			int gapLen = blockSize - bufOff;
+
+			if (len > gapLen)
+			{
+				Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+				byte[] sumbuf = new byte[buf.Length];
+				Array.Copy(buf, 0, sumbuf, 0, mac.Length);
+
+				if (firstStep)
+				{
+					firstStep = false;
+				}
+				else
+				{
+					sumbuf = CM5func(buf, 0, mac);
+				}
+
+				gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
+
+				bufOff = 0;
+				len -= gapLen;
+				inOff += gapLen;
+
+				while (len > blockSize)
+				{
+					sumbuf = CM5func(input, inOff, mac);
+					gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
+
+					len -= blockSize;
+					inOff += blockSize;
+				}
+			}
+
+			Array.Copy(input, inOff, buf, bufOff, len);
+
+			bufOff += len;
+		}
+
+		public int DoFinal(
+			byte[]	output,
+			int		outOff)
+		{
+			//padding with zero
+			while (bufOff < blockSize)
+			{
+				buf[bufOff++] = 0;
+			}
+
+			byte[] sumbuf = new byte[buf.Length];
+			Array.Copy(buf, 0, sumbuf, 0, mac.Length);
+
+			if (firstStep)
+			{
+				firstStep = false;
+			}
+			else
+			{
+				sumbuf = CM5func(buf, 0, mac);
+			}
+
+			gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
+
+			Array.Copy(mac, (mac.Length/2)-macSize, output, outOff, macSize);
+
+			Reset();
+
+			return macSize;
+		}
+
+		public void Reset()
+		{
+			// Clear the buffer.
+			Array.Clear(buf, 0, buf.Length);
+			bufOff = 0;
+
+			firstStep = true;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/HMac.cs b/bc-sharp-crypto/src/crypto/macs/HMac.cs
new file mode 100644
index 0000000..460f3c5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/HMac.cs
@@ -0,0 +1,154 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /**
+    * HMAC implementation based on RFC2104
+    *
+    * H(K XOR opad, H(K XOR ipad, text))
+    */
+    public class HMac
+		: IMac
+    {
+        private const byte IPAD = (byte)0x36;
+        private const byte OPAD = (byte)0x5C;
+
+        private readonly IDigest digest;
+        private readonly int digestSize;
+        private readonly int blockLength;
+		private IMemoable ipadState;
+		private IMemoable opadState;
+
+		private readonly byte[] inputPad;
+        private readonly byte[] outputBuf;
+
+        public HMac(IDigest digest)
+        {
+            this.digest = digest;
+            this.digestSize = digest.GetDigestSize();
+            this.blockLength = digest.GetByteLength();
+            this.inputPad = new byte[blockLength];
+            this.outputBuf = new byte[blockLength + digestSize];
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "/HMAC"; }
+        }
+
+		public virtual IDigest GetUnderlyingDigest()
+        {
+            return digest;
+        }
+
+        public virtual void Init(ICipherParameters parameters)
+        {
+            digest.Reset();
+
+            byte[] key = ((KeyParameter)parameters).GetKey();
+			int keyLength = key.Length;
+
+            if (keyLength > blockLength)
+            {
+                digest.BlockUpdate(key, 0, keyLength);
+                digest.DoFinal(inputPad, 0);
+
+				keyLength = digestSize;
+            }
+            else
+            {
+				Array.Copy(key, 0, inputPad, 0, keyLength);
+            }
+
+			Array.Clear(inputPad, keyLength, blockLength - keyLength);
+            Array.Copy(inputPad, 0, outputBuf, 0, blockLength);
+
+			XorPad(inputPad, blockLength, IPAD);
+            XorPad(outputBuf, blockLength, OPAD);
+
+			if (digest is IMemoable)
+			{
+				opadState = ((IMemoable)digest).Copy();
+
+				((IDigest)opadState).BlockUpdate(outputBuf, 0, blockLength);
+			}
+
+			digest.BlockUpdate(inputPad, 0, inputPad.Length);
+
+			if (digest is IMemoable)
+			{
+				ipadState = ((IMemoable)digest).Copy();
+			}
+        }
+
+        public virtual int GetMacSize()
+        {
+            return digestSize;
+        }
+
+        public virtual void Update(byte input)
+        {
+            digest.Update(input);
+        }
+
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            digest.BlockUpdate(input, inOff, len);
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            digest.DoFinal(outputBuf, blockLength);
+
+			if (opadState != null)
+			{
+				((IMemoable)digest).Reset(opadState);
+				digest.BlockUpdate(outputBuf, blockLength, digest.GetDigestSize());
+			}
+			else
+			{
+				digest.BlockUpdate(outputBuf, 0, outputBuf.Length);
+			}
+
+			int len = digest.DoFinal(output, outOff);
+
+			Array.Clear(outputBuf, blockLength, digestSize);
+
+			if (ipadState != null)
+			{
+				((IMemoable)digest).Reset(ipadState);
+			}
+			else
+			{
+				digest.BlockUpdate(inputPad, 0, inputPad.Length);
+			}
+
+            return len;
+        }
+
+        /**
+        * Reset the mac generator.
+        */
+        public virtual void Reset()
+        {
+			// Reset underlying digest
+            digest.Reset();
+
+			// Initialise the digest
+            digest.BlockUpdate(inputPad, 0, inputPad.Length);
+        }
+
+        private static void XorPad(byte[] pad, int len, byte n)
+		{
+			for (int i = 0; i < len; ++i)
+            {
+                pad[i] ^= n;
+            }
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/ISO9797Alg3Mac.cs b/bc-sharp-crypto/src/crypto/macs/ISO9797Alg3Mac.cs
new file mode 100644
index 0000000..6fee619
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/ISO9797Alg3Mac.cs
@@ -0,0 +1,275 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+	/**
+	* DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC)
+	*
+	* This could as well be derived from CBCBlockCipherMac, but then the property mac in the base
+	* class must be changed to protected
+	*/
+	public class ISO9797Alg3Mac : IMac
+	{
+		private byte[] mac;
+		private byte[] buf;
+		private int bufOff;
+		private IBlockCipher cipher;
+		private IBlockCipherPadding padding;
+		private int macSize;
+		private KeyParameter lastKey2;
+		private KeyParameter lastKey3;
+
+		/**
+		* create a Retail-MAC based on a CBC block cipher. This will produce an
+		* authentication code of the length of the block size of the cipher.
+		*
+		* @param cipher the cipher to be used as the basis of the MAC generation. This must
+		* be DESEngine.
+		*/
+		public ISO9797Alg3Mac(
+			IBlockCipher cipher)
+			: this(cipher, cipher.GetBlockSize() * 8, null)
+		{
+		}
+
+		/**
+		* create a Retail-MAC based on a CBC block cipher. This will produce an
+		* authentication code of the length of the block size of the cipher.
+		*
+		* @param cipher the cipher to be used as the basis of the MAC generation.
+		* @param padding the padding to be used to complete the last block.
+		*/
+		public ISO9797Alg3Mac(
+			IBlockCipher		cipher,
+			IBlockCipherPadding	padding)
+			: this(cipher, cipher.GetBlockSize() * 8, padding)
+		{
+		}
+
+		/**
+		* create a Retail-MAC based on a block cipher with the size of the
+		* MAC been given in bits. This class uses single DES CBC mode as the basis for the
+		* MAC generation.
+		* <p>
+		* Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+		* or 16 bits if being used as a data authenticator (FIPS Publication 113),
+		* and in general should be less than the size of the block cipher as it reduces
+		* the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+		* </p>
+		* @param cipher the cipher to be used as the basis of the MAC generation.
+		* @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+		*/
+		public ISO9797Alg3Mac(
+			IBlockCipher	cipher,
+			int				macSizeInBits)
+			: this(cipher, macSizeInBits, null)
+		{
+		}
+
+		/**
+		* create a standard MAC based on a block cipher with the size of the
+		* MAC been given in bits. This class uses single DES CBC mode as the basis for the
+		* MAC generation. The final block is decrypted and then encrypted using the
+		* middle and right part of the key.
+		* <p>
+		* Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+		* or 16 bits if being used as a data authenticator (FIPS Publication 113),
+		* and in general should be less than the size of the block cipher as it reduces
+		* the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+		* </p>
+		* @param cipher the cipher to be used as the basis of the MAC generation.
+		* @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+		* @param padding the padding to be used to complete the last block.
+		*/
+		public ISO9797Alg3Mac(
+			IBlockCipher		cipher,
+			int					macSizeInBits,
+			IBlockCipherPadding	padding)
+		{
+			if ((macSizeInBits % 8) != 0)
+				throw new ArgumentException("MAC size must be multiple of 8");
+
+			if (!(cipher is DesEngine))
+				throw new ArgumentException("cipher must be instance of DesEngine");
+
+			this.cipher = new CbcBlockCipher(cipher);
+			this.padding = padding;
+			this.macSize = macSizeInBits / 8;
+
+			mac = new byte[cipher.GetBlockSize()];
+			buf = new byte[cipher.GetBlockSize()];
+			bufOff = 0;
+		}
+
+		public string AlgorithmName
+		{
+			get { return "ISO9797Alg3"; }
+		}
+
+		public void Init(
+			ICipherParameters parameters)
+		{
+			Reset();
+
+			if (!(parameters is KeyParameter || parameters is ParametersWithIV))
+				throw new ArgumentException("parameters must be an instance of KeyParameter or ParametersWithIV");
+
+			// KeyParameter must contain a double or triple length DES key,
+			// however the underlying cipher is a single DES. The middle and
+			// right key are used only in the final step.
+
+			KeyParameter kp;
+			if (parameters is KeyParameter)
+			{
+				kp = (KeyParameter)parameters;
+			}
+			else
+			{
+				kp = (KeyParameter)((ParametersWithIV)parameters).Parameters;
+			}
+
+			KeyParameter key1;
+			byte[] keyvalue = kp.GetKey();
+
+			if (keyvalue.Length == 16)
+			{ // Double length DES key
+				key1 = new KeyParameter(keyvalue, 0, 8);
+				this.lastKey2 = new KeyParameter(keyvalue, 8, 8);
+				this.lastKey3 = key1;
+			}
+			else if (keyvalue.Length == 24)
+			{ // Triple length DES key
+				key1 = new KeyParameter(keyvalue, 0, 8);
+				this.lastKey2 = new KeyParameter(keyvalue, 8, 8);
+				this.lastKey3 = new KeyParameter(keyvalue, 16, 8);
+			}
+			else
+			{
+				throw new ArgumentException("Key must be either 112 or 168 bit long");
+			}
+
+			if (parameters is ParametersWithIV)
+			{
+				cipher.Init(true, new ParametersWithIV(key1, ((ParametersWithIV)parameters).GetIV()));
+			}
+			else
+			{
+				cipher.Init(true, key1);
+			}
+		}
+
+		public int GetMacSize()
+		{
+			return macSize;
+		}
+
+		public void Update(
+			byte input)
+		{
+			if (bufOff == buf.Length)
+			{
+				cipher.ProcessBlock(buf, 0, mac, 0);
+				bufOff = 0;
+			}
+
+			buf[bufOff++] = input;
+		}
+
+		public void BlockUpdate(
+			byte[]	input,
+			int		inOff,
+			int		len)
+		{
+			if (len < 0)
+				throw new ArgumentException("Can't have a negative input length!");
+
+			int blockSize = cipher.GetBlockSize();
+			int resultLen = 0;
+			int gapLen = blockSize - bufOff;
+
+			if (len > gapLen)
+			{
+				Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+				resultLen += cipher.ProcessBlock(buf, 0, mac, 0);
+
+				bufOff = 0;
+				len -= gapLen;
+				inOff += gapLen;
+
+				while (len > blockSize)
+				{
+					resultLen += cipher.ProcessBlock(input, inOff, mac, 0);
+
+					len -= blockSize;
+					inOff += blockSize;
+				}
+			}
+
+			Array.Copy(input, inOff, buf, bufOff, len);
+
+			bufOff += len;
+		}
+
+		public int DoFinal(
+			byte[]	output,
+			int		outOff)
+		{
+			int blockSize = cipher.GetBlockSize();
+
+			if (padding == null)
+			{
+				// pad with zeroes
+				while (bufOff < blockSize)
+				{
+					buf[bufOff++] = 0;
+				}
+			}
+			else
+			{
+				if (bufOff == blockSize)
+				{
+					cipher.ProcessBlock(buf, 0, mac, 0);
+					bufOff = 0;
+				}
+
+				padding.AddPadding(buf, bufOff);
+			}
+
+			cipher.ProcessBlock(buf, 0, mac, 0);
+
+			// Added to code from base class
+			DesEngine deseng = new DesEngine();
+
+			deseng.Init(false, this.lastKey2);
+			deseng.ProcessBlock(mac, 0, mac, 0);
+
+			deseng.Init(true, this.lastKey3);
+			deseng.ProcessBlock(mac, 0, mac, 0);
+			// ****
+
+			Array.Copy(mac, 0, output, outOff, macSize);
+
+			Reset();
+
+			return macSize;
+		}
+
+		/**
+		* Reset the mac generator.
+		*/
+		public void Reset()
+		{
+			Array.Clear(buf, 0, buf.Length);
+			bufOff = 0;
+
+			// reset the underlying cipher.
+			cipher.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/Poly1305.cs b/bc-sharp-crypto/src/crypto/macs/Poly1305.cs
new file mode 100644
index 0000000..c0a660f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/Poly1305.cs
@@ -0,0 +1,293 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+
+    /// <summary>
+    /// Poly1305 message authentication code, designed by D. J. Bernstein.
+    /// </summary>
+    /// <remarks>
+    /// Poly1305 computes a 128-bit (16 bytes) authenticator, using a 128 bit nonce and a 256 bit key
+    /// consisting of a 128 bit key applied to an underlying cipher, and a 128 bit key (with 106
+    /// effective key bits) used in the authenticator.
+    /// 
+    /// The polynomial calculation in this implementation is adapted from the public domain <a
+    /// href="https://github.com/floodyberry/poly1305-donna">poly1305-donna-unrolled</a> C implementation
+    /// by Andrew M (@floodyberry).
+    /// </remarks>
+    /// <seealso cref="Org.BouncyCastle.Crypto.Generators.Poly1305KeyGenerator"/>
+    public class Poly1305
+        : IMac
+    {
+        private const int BlockSize = 16;
+
+        private readonly IBlockCipher cipher;
+
+        private readonly byte[] singleByte = new byte[1];
+
+        // Initialised state
+
+        /** Polynomial key */
+        private uint r0, r1, r2, r3, r4;
+
+        /** Precomputed 5 * r[1..4] */
+        private uint s1, s2, s3, s4;
+
+        /** Encrypted nonce */
+        private uint k0, k1, k2, k3;
+
+        // Accumulating state
+
+        /** Current block of buffered input */
+        private byte[] currentBlock = new byte[BlockSize];
+
+        /** Current offset in input buffer */
+        private int currentBlockOffset = 0;
+
+        /** Polynomial accumulator */
+        private uint h0, h1, h2, h3, h4;
+
+        /**
+         * Constructs a Poly1305 MAC, where the key passed to init() will be used directly.
+         */
+        public Poly1305()
+        {
+            this.cipher = null;
+        }
+
+        /**
+         * Constructs a Poly1305 MAC, using a 128 bit block cipher.
+         */
+        public Poly1305(IBlockCipher cipher)
+        {
+            if (cipher.GetBlockSize() != BlockSize)
+            {
+                throw new ArgumentException("Poly1305 requires a 128 bit block cipher.");
+            }
+            this.cipher = cipher;
+        }
+
+        /// <summary>
+        /// Initialises the Poly1305 MAC.
+        /// </summary>
+        /// <param name="parameters">a {@link ParametersWithIV} containing a 128 bit nonce and a {@link KeyParameter} with
+        ///          a 256 bit key complying to the {@link Poly1305KeyGenerator Poly1305 key format}.</param>
+        public void Init(ICipherParameters parameters)
+        {
+            byte[] nonce = null;
+
+            if (cipher != null)
+            {
+                if (!(parameters is ParametersWithIV))
+                    throw new ArgumentException("Poly1305 requires an IV when used with a block cipher.", "parameters");
+
+                ParametersWithIV ivParams = (ParametersWithIV)parameters;
+                nonce = ivParams.GetIV();
+                parameters = ivParams.Parameters;
+            }
+
+            if (!(parameters is KeyParameter))
+                throw new ArgumentException("Poly1305 requires a key.");
+
+            KeyParameter keyParams = (KeyParameter)parameters;
+
+            SetKey(keyParams.GetKey(), nonce);
+
+            Reset();
+        }
+
+        private void SetKey(byte[] key, byte[] nonce)
+        {
+            if (key.Length != 32)
+                throw new ArgumentException("Poly1305 key must be 256 bits.");
+
+            if (cipher != null && (nonce == null || nonce.Length != BlockSize))
+                throw new ArgumentException("Poly1305 requires a 128 bit IV.");
+
+            // Extract r portion of key (and "clamp" the values)
+            uint t0 = Pack.LE_To_UInt32(key, 0);
+            uint t1 = Pack.LE_To_UInt32(key, 4);
+            uint t2 = Pack.LE_To_UInt32(key, 8);
+            uint t3 = Pack.LE_To_UInt32(key, 12);
+
+            // NOTE: The masks perform the key "clamping" implicitly
+            r0 =   t0                      & 0x03FFFFFFU;
+            r1 = ((t0 >> 26) | (t1 <<  6)) & 0x03FFFF03U;
+            r2 = ((t1 >> 20) | (t2 << 12)) & 0x03FFC0FFU;
+            r3 = ((t2 >> 14) | (t3 << 18)) & 0x03F03FFFU;
+            r4 =  (t3 >>  8)               & 0x000FFFFFU;
+
+            // Precompute multipliers
+            s1 = r1 * 5;
+            s2 = r2 * 5;
+            s3 = r3 * 5;
+            s4 = r4 * 5;
+
+            byte[] kBytes;
+            int kOff;
+
+            if (cipher == null)
+            {
+                kBytes = key;
+                kOff = BlockSize;
+            }
+            else
+            {
+                // Compute encrypted nonce
+                kBytes = new byte[BlockSize];
+                kOff = 0;
+
+                cipher.Init(true, new KeyParameter(key, BlockSize, BlockSize));
+                cipher.ProcessBlock(nonce, 0, kBytes, 0);
+            }
+
+            k0 = Pack.LE_To_UInt32(kBytes, kOff + 0);
+            k1 = Pack.LE_To_UInt32(kBytes, kOff + 4);
+            k2 = Pack.LE_To_UInt32(kBytes, kOff + 8);
+            k3 = Pack.LE_To_UInt32(kBytes, kOff + 12);
+        }
+
+        public string AlgorithmName
+        {
+            get { return cipher == null ? "Poly1305" : "Poly1305-" + cipher.AlgorithmName; }
+        }
+
+        public int GetMacSize()
+        {
+            return BlockSize;
+        }
+
+        public void Update(byte input)
+        {
+            singleByte[0] = input;
+            BlockUpdate(singleByte, 0, 1);
+        }
+
+        public void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            int copied = 0;
+            while (len > copied)
+            {
+                if (currentBlockOffset == BlockSize)
+                {
+                    ProcessBlock();
+                    currentBlockOffset = 0;
+                }
+
+                int toCopy = System.Math.Min((len - copied), BlockSize - currentBlockOffset);
+                Array.Copy(input, copied + inOff, currentBlock, currentBlockOffset, toCopy);
+                copied += toCopy;
+                currentBlockOffset += toCopy;
+            }
+
+        }
+
+        private void ProcessBlock()
+        {
+            if (currentBlockOffset < BlockSize)
+            {
+                currentBlock[currentBlockOffset] = 1;
+                for (int i = currentBlockOffset + 1; i < BlockSize; i++)
+                {
+                    currentBlock[i] = 0;
+                }
+            }
+
+            ulong t0 = Pack.LE_To_UInt32(currentBlock, 0);
+            ulong t1 = Pack.LE_To_UInt32(currentBlock, 4);
+            ulong t2 = Pack.LE_To_UInt32(currentBlock, 8);
+            ulong t3 = Pack.LE_To_UInt32(currentBlock, 12);
+
+            h0 += (uint)(t0 & 0x3ffffffU);
+            h1 += (uint)((((t1 << 32) | t0) >> 26) & 0x3ffffff);
+            h2 += (uint)((((t2 << 32) | t1) >> 20) & 0x3ffffff);
+            h3 += (uint)((((t3 << 32) | t2) >> 14) & 0x3ffffff);
+            h4 += (uint)(t3 >> 8);
+
+            if (currentBlockOffset == BlockSize)
+            {
+                h4 += (1 << 24);
+            }
+
+            ulong tp0 = mul32x32_64(h0,r0) + mul32x32_64(h1,s4) + mul32x32_64(h2,s3) + mul32x32_64(h3,s2) + mul32x32_64(h4,s1);
+            ulong tp1 = mul32x32_64(h0,r1) + mul32x32_64(h1,r0) + mul32x32_64(h2,s4) + mul32x32_64(h3,s3) + mul32x32_64(h4,s2);
+            ulong tp2 = mul32x32_64(h0,r2) + mul32x32_64(h1,r1) + mul32x32_64(h2,r0) + mul32x32_64(h3,s4) + mul32x32_64(h4,s3);
+            ulong tp3 = mul32x32_64(h0,r3) + mul32x32_64(h1,r2) + mul32x32_64(h2,r1) + mul32x32_64(h3,r0) + mul32x32_64(h4,s4);
+            ulong tp4 = mul32x32_64(h0,r4) + mul32x32_64(h1,r3) + mul32x32_64(h2,r2) + mul32x32_64(h3,r1) + mul32x32_64(h4,r0);
+
+            h0 = (uint)tp0 & 0x3ffffff; tp1 += (tp0 >> 26);
+            h1 = (uint)tp1 & 0x3ffffff; tp2 += (tp1 >> 26);
+            h2 = (uint)tp2 & 0x3ffffff; tp3 += (tp2 >> 26);
+            h3 = (uint)tp3 & 0x3ffffff; tp4 += (tp3 >> 26);
+            h4 = (uint)tp4 & 0x3ffffff;
+            h0 += (uint)(tp4 >> 26) * 5;
+            h1 += (h0 >> 26); h0 &= 0x3ffffff;
+        }
+
+        public int DoFinal(byte[] output, int outOff)
+        {
+            Check.DataLength(output, outOff, BlockSize, "Output buffer is too short.");
+
+            if (currentBlockOffset > 0)
+            {
+                // Process padded block
+                ProcessBlock();
+            }
+
+            h1 += (h0 >> 26); h0 &= 0x3ffffff;
+            h2 += (h1 >> 26); h1 &= 0x3ffffff;
+            h3 += (h2 >> 26); h2 &= 0x3ffffff;
+            h4 += (h3 >> 26); h3 &= 0x3ffffff;
+            h0 += (h4 >> 26) * 5; h4 &= 0x3ffffff;
+            h1 += (h0 >> 26); h0 &= 0x3ffffff;
+
+            uint g0, g1, g2, g3, g4, b;
+            g0 = h0 + 5; b = g0 >> 26; g0 &= 0x3ffffff;
+            g1 = h1 + b; b = g1 >> 26; g1 &= 0x3ffffff;
+            g2 = h2 + b; b = g2 >> 26; g2 &= 0x3ffffff;
+            g3 = h3 + b; b = g3 >> 26; g3 &= 0x3ffffff;
+            g4 = h4 + b - (1 << 26);
+
+            b = (g4 >> 31) - 1;
+            uint nb = ~b;
+            h0 = (h0 & nb) | (g0 & b);
+            h1 = (h1 & nb) | (g1 & b);
+            h2 = (h2 & nb) | (g2 & b);
+            h3 = (h3 & nb) | (g3 & b);
+            h4 = (h4 & nb) | (g4 & b);
+
+            ulong f0, f1, f2, f3;
+            f0 = ((h0      ) | (h1 << 26)) + (ulong)k0;
+            f1 = ((h1 >> 6 ) | (h2 << 20)) + (ulong)k1;
+            f2 = ((h2 >> 12) | (h3 << 14)) + (ulong)k2;
+            f3 = ((h3 >> 18) | (h4 << 8 )) + (ulong)k3;
+
+            Pack.UInt32_To_LE((uint)f0, output, outOff);
+            f1 += (f0 >> 32);
+            Pack.UInt32_To_LE((uint)f1, output, outOff + 4);
+            f2 += (f1 >> 32);
+            Pack.UInt32_To_LE((uint)f2, output, outOff + 8);
+            f3 += (f2 >> 32);
+            Pack.UInt32_To_LE((uint)f3, output, outOff + 12);
+
+            Reset();
+            return BlockSize;
+        }
+
+        public void Reset()
+        {
+            currentBlockOffset = 0;
+
+            h0 = h1 = h2 = h3 = h4 = 0;
+        }
+
+        private static ulong mul32x32_64(uint i1, uint i2)
+        {
+            return ((ulong)i1) * i2;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/SipHash.cs b/bc-sharp-crypto/src/crypto/macs/SipHash.cs
new file mode 100644
index 0000000..e1a19fa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/SipHash.cs
@@ -0,0 +1,199 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+    /// <summary>
+    /// Implementation of SipHash as specified in "SipHash: a fast short-input PRF", by Jean-Philippe
+    /// Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf).
+    /// </summary>
+    /// <remarks>
+    /// "SipHash is a family of PRFs SipHash-c-d where the integer parameters c and d are the number of
+    /// compression rounds and the number of finalization rounds. A compression round is identical to a
+    /// finalization round and this round function is called SipRound. Given a 128-bit key k and a
+    /// (possibly empty) byte string m, SipHash-c-d returns a 64-bit value..."
+    /// </remarks>
+    public class SipHash
+        : IMac
+    {
+        protected readonly int c, d;
+
+        protected long k0, k1;
+        protected long v0, v1, v2, v3;
+
+        protected long m = 0;
+        protected int wordPos = 0;
+        protected int wordCount = 0;
+
+        /// <summary>SipHash-2-4</summary>
+        public SipHash()
+            : this(2, 4)
+        {
+        }
+
+        /// <summary>SipHash-c-d</summary>
+        /// <param name="c">the number of compression rounds</param>
+        /// <param name="d">the number of finalization rounds</param>
+        public SipHash(int c, int d)
+        {
+            this.c = c;
+            this.d = d;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "SipHash-" + c + "-" + d; }
+        }
+
+        public virtual int GetMacSize()
+        {
+            return 8;
+        }
+
+        public virtual void Init(ICipherParameters parameters)
+        {
+            KeyParameter keyParameter = parameters as KeyParameter;
+            if (keyParameter == null)
+                throw new ArgumentException("must be an instance of KeyParameter", "parameters");
+            byte[] key = keyParameter.GetKey();
+            if (key.Length != 16)
+                throw new ArgumentException("must be a 128-bit key", "parameters");
+
+            this.k0 = (long)Pack.LE_To_UInt64(key, 0);
+            this.k1 = (long)Pack.LE_To_UInt64(key, 8);
+
+            Reset();
+        }
+
+        public virtual void Update(byte input)
+        {
+            m = (long)(((ulong)m >> 8) | ((ulong)input << 56));
+
+            if (++wordPos == 8)
+            {
+                ProcessMessageWord();
+                wordPos = 0;
+            }
+        }
+
+        public virtual void BlockUpdate(byte[] input, int offset, int length)
+        {
+            int i = 0, fullWords = length & ~7;
+            if (wordPos == 0)
+            {
+                for (; i < fullWords; i += 8)
+                {
+                    m = (long)Pack.LE_To_UInt64(input, offset + i);
+                    ProcessMessageWord();
+                }
+                for (; i < length; ++i)
+                {
+                    m = (long)(((ulong)m >> 8) | ((ulong)input[offset + i] << 56));
+                }
+                wordPos = length - fullWords;
+            }
+            else
+            {
+                int bits = wordPos << 3;
+                for (; i < fullWords; i += 8)
+                {
+                    ulong n = Pack.LE_To_UInt64(input, offset + i);
+                    m = (long)((n << bits) | ((ulong)m >> -bits));
+                    ProcessMessageWord();
+                    m = (long)n;
+                }
+                for (; i < length; ++i)
+                {
+                    m = (long)(((ulong)m >> 8) | ((ulong)input[offset + i] << 56));
+
+                    if (++wordPos == 8)
+                    {
+                        ProcessMessageWord();
+                        wordPos = 0;
+                    }
+                }
+            }
+        }
+
+        public virtual long DoFinal()
+        {
+            // NOTE: 2 distinct shifts to avoid "64-bit shift" when wordPos == 0
+            m = (long)((ulong)m >> ((7 - wordPos) << 3));
+            m = (long)((ulong)m >> 8);
+            m = (long)((ulong)m | ((ulong)((wordCount << 3) + wordPos) << 56));
+
+            ProcessMessageWord();
+
+            v2 ^= 0xffL;
+
+            ApplySipRounds(d);
+
+            long result = v0 ^ v1 ^ v2 ^ v3;
+
+            Reset();
+
+            return result;
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            long result = DoFinal();
+            Pack.UInt64_To_LE((ulong)result, output, outOff);
+            return 8;
+        }
+
+        public virtual void Reset()
+        {
+            v0 = k0 ^ 0x736f6d6570736575L;
+            v1 = k1 ^ 0x646f72616e646f6dL;
+            v2 = k0 ^ 0x6c7967656e657261L;
+            v3 = k1 ^ 0x7465646279746573L;
+
+            m = 0;
+            wordPos = 0;
+            wordCount = 0;
+        }
+
+        protected virtual void ProcessMessageWord()
+        {
+            ++wordCount;
+            v3 ^= m;
+            ApplySipRounds(c);
+            v0 ^= m;
+        }
+
+        protected virtual void ApplySipRounds(int n)
+        {
+            long r0 = v0, r1 = v1, r2 = v2, r3 = v3;
+
+            for (int r = 0; r < n; ++r)
+            {
+                r0 += r1;
+                r2 += r3;
+                r1 = RotateLeft(r1, 13);
+                r3 = RotateLeft(r3, 16);
+                r1 ^= r0;
+                r3 ^= r2;
+                r0 = RotateLeft(r0, 32);
+                r2 += r1;
+                r0 += r3;
+                r1 = RotateLeft(r1, 17);
+                r3 = RotateLeft(r3, 21);
+                r1 ^= r2;
+                r3 ^= r0;
+                r2 = RotateLeft(r2, 32);
+            }
+
+            v0 = r0; v1 = r1; v2 = r2; v3 = r3;
+        }
+
+        protected static long RotateLeft(long x, int n)
+        {
+            ulong ux = (ulong)x;
+            ux = (ux << n) | (ux >> -n);
+            return (long)ux;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/SkeinMac.cs b/bc-sharp-crypto/src/crypto/macs/SkeinMac.cs
new file mode 100644
index 0000000..07eff24
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/SkeinMac.cs
@@ -0,0 +1,118 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+
+	/// <summary>
+	/// Implementation of the Skein parameterised MAC function in 256, 512 and 1024 bit block sizes,
+	/// based on the <see cref="Org.BouncyCastle.Crypto.Engines.ThreefishEngine">Threefish</see> tweakable block cipher.
+	/// </summary>
+	/// <remarks>
+	/// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
+	/// competition in October 2010.
+	/// <p/>
+	/// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
+	/// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
+	/// </remarks>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Digests.SkeinEngine"/>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"/>
+	public class SkeinMac
+		: IMac
+	{
+		/// <summary>
+		/// 256 bit block size - Skein-256
+		/// </summary>
+		public const int SKEIN_256 = SkeinEngine.SKEIN_256;
+		/// <summary>
+		/// 512 bit block size - Skein-512
+		/// </summary>
+		public const int SKEIN_512 = SkeinEngine.SKEIN_512;
+		/// <summary>
+		/// 1024 bit block size - Skein-1024
+		/// </summary>
+		public const int SKEIN_1024 = SkeinEngine.SKEIN_1024;
+
+		private readonly SkeinEngine engine;
+
+		/// <summary>
+		/// Constructs a Skein MAC with an internal state size and output size.
+		/// </summary>
+		/// <param name="stateSizeBits">the internal state size in bits - one of <see cref="SKEIN_256"/> <see cref="SKEIN_512"/> or
+		///                       <see cref="SKEIN_1024"/>.</param>
+		/// <param name="digestSizeBits">the output/MAC size to produce in bits, which must be an integral number of
+		///                      bytes.</param>
+		public SkeinMac(int stateSizeBits, int digestSizeBits)
+		{
+			this.engine = new SkeinEngine(stateSizeBits, digestSizeBits);
+		}
+
+		public SkeinMac(SkeinMac mac)
+		{
+			this.engine = new SkeinEngine(mac.engine);
+		}
+
+		public string AlgorithmName
+		{
+			get { return "Skein-MAC-" + (engine.BlockSize * 8) + "-" + (engine.OutputSize * 8); }
+		}
+
+		/// <summary>
+		/// Optionally initialises the Skein digest with the provided parameters.
+		/// </summary>
+		/// See <see cref="Org.BouncyCastle.Crypto.Parameters.SkeinParameters"></see> for details on the parameterisation of the Skein hash function.
+		/// <param name="parameters">the parameters to apply to this engine, or <code>null</code> to use no parameters.</param>
+		public void Init(ICipherParameters parameters)
+		{
+			SkeinParameters skeinParameters;
+			if (parameters is SkeinParameters)
+			{
+				skeinParameters = (SkeinParameters)parameters;
+			}
+			else if (parameters is KeyParameter)
+			{
+				skeinParameters = new SkeinParameters.Builder().SetKey(((KeyParameter)parameters).GetKey()).Build();
+			}
+			else
+			{
+				throw new ArgumentException("Invalid parameter passed to Skein MAC init - "
+                    + Platform.GetTypeName(parameters));
+			}
+			if (skeinParameters.GetKey() == null)
+			{
+				throw new ArgumentException("Skein MAC requires a key parameter.");
+			}
+			engine.Init(skeinParameters);
+		}
+
+		public int GetMacSize()
+		{
+			return engine.OutputSize;
+		}
+
+		public void Reset()
+		{
+			engine.Reset();
+		}
+
+		public void Update(byte inByte)
+		{
+			engine.Update(inByte);
+		}
+
+		public void BlockUpdate(byte[] input, int inOff, int len)
+		{
+			engine.Update(input, inOff, len);
+		}
+
+		public int DoFinal(byte[] output, int outOff)
+		{
+			return engine.DoFinal(output, outOff);
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/macs/VMPCMac.cs b/bc-sharp-crypto/src/crypto/macs/VMPCMac.cs
new file mode 100644
index 0000000..6f2da07
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/macs/VMPCMac.cs
@@ -0,0 +1,173 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Macs
+{
+	public class VmpcMac
+		: IMac
+	{
+		private byte g;
+
+		private byte n = 0;
+		private byte[] P = null;
+		private byte s = 0;
+
+		private byte[] T;
+		private byte[] workingIV;
+
+		private byte[] workingKey;
+
+		private byte x1, x2, x3, x4;
+
+		public virtual int DoFinal(byte[] output, int outOff)
+		{
+			// Execute the Post-Processing Phase
+			for (int r = 1; r < 25; r++)
+			{
+				s = P[(s + P[n & 0xff]) & 0xff];
+
+				x4 = P[(x4 + x3 + r) & 0xff];
+				x3 = P[(x3 + x2 + r) & 0xff];
+				x2 = P[(x2 + x1 + r) & 0xff];
+				x1 = P[(x1 + s + r) & 0xff];
+				T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1);
+				T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2);
+				T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3);
+				T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4);
+				g = (byte) ((g + 4) & 0x1f);
+
+				byte temp = P[n & 0xff];
+				P[n & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+				n = (byte) ((n + 1) & 0xff);
+			}
+
+			// Input T to the IV-phase of the VMPC KSA
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + T[m & 0x1f]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+
+			// Store 20 new outputs of the VMPC Stream Cipher input table M
+			byte[] M = new byte[20];
+			for (int i = 0; i < 20; i++)
+			{
+				s = P[(s + P[i & 0xff]) & 0xff];
+				M[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
+
+				byte temp = P[i & 0xff];
+				P[i & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+
+			Array.Copy(M, 0, output, outOff, M.Length);
+			Reset();
+
+			return M.Length;
+		}
+
+		public virtual string AlgorithmName
+		{
+			get { return "VMPC-MAC"; }
+		}
+
+		public virtual int GetMacSize()
+		{
+			return 20;
+		}
+
+		public virtual void Init(ICipherParameters parameters)
+		{
+			if (!(parameters is ParametersWithIV))
+				throw new ArgumentException("VMPC-MAC Init parameters must include an IV", "parameters");
+
+			ParametersWithIV ivParams = (ParametersWithIV) parameters;
+			KeyParameter key = (KeyParameter) ivParams.Parameters;
+
+			if (!(ivParams.Parameters is KeyParameter))
+				throw new ArgumentException("VMPC-MAC Init parameters must include a key", "parameters");
+
+			this.workingIV = ivParams.GetIV();
+
+			if (workingIV == null || workingIV.Length < 1 || workingIV.Length > 768)
+				throw new ArgumentException("VMPC-MAC requires 1 to 768 bytes of IV", "parameters");
+
+			this.workingKey = key.GetKey();
+
+			Reset();
+
+		}
+
+		private void initKey(byte[] keyBytes, byte[] ivBytes)
+		{
+			s = 0;
+			P = new byte[256];
+			for (int i = 0; i < 256; i++)
+			{
+				P[i] = (byte) i;
+			}
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+			for (int m = 0; m < 768; m++)
+			{
+				s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff];
+				byte temp = P[m & 0xff];
+				P[m & 0xff] = P[s & 0xff];
+				P[s & 0xff] = temp;
+			}
+			n = 0;
+		}
+
+		public virtual void Reset()
+		{
+			initKey(this.workingKey, this.workingIV);
+			g = x1 = x2 = x3 = x4 = n = 0;
+			T = new byte[32];
+			for (int i = 0; i < 32; i++)
+			{
+				T[i] = 0;
+			}
+		}
+
+		public virtual void Update(byte input)
+		{
+			s = P[(s + P[n & 0xff]) & 0xff];
+			byte c = (byte) (input ^ P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]);
+
+			x4 = P[(x4 + x3) & 0xff];
+			x3 = P[(x3 + x2) & 0xff];
+			x2 = P[(x2 + x1) & 0xff];
+			x1 = P[(x1 + s + c) & 0xff];
+			T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1);
+			T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2);
+			T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3);
+			T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4);
+			g = (byte) ((g + 4) & 0x1f);
+
+			byte temp = P[n & 0xff];
+			P[n & 0xff] = P[s & 0xff];
+			P[s & 0xff] = temp;
+			n = (byte) ((n + 1) & 0xff);
+		}
+
+		public virtual void BlockUpdate(byte[] input, int inOff, int len)
+		{
+			if ((inOff + len) > input.Length)
+				throw new DataLengthException("input buffer too short");
+
+			for (int i = 0; i < len; i++)
+			{
+				Update(input[inOff + i]);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/CbcBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/CbcBlockCipher.cs
new file mode 100644
index 0000000..9345fd8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/CbcBlockCipher.cs
@@ -0,0 +1,241 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * implements Cipher-Block-Chaining (CBC) mode on top of a simple cipher.
+    */
+    public class CbcBlockCipher
+		: IBlockCipher
+    {
+        private byte[]			IV, cbcV, cbcNextV;
+		private int				blockSize;
+        private IBlockCipher	cipher;
+        private bool			encrypting;
+
+        /**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used as the basis of chaining.
+        */
+        public CbcBlockCipher(
+            IBlockCipher cipher)
+        {
+            this.cipher = cipher;
+            this.blockSize = cipher.GetBlockSize();
+
+            this.IV = new byte[blockSize];
+            this.cbcV = new byte[blockSize];
+            this.cbcNextV = new byte[blockSize];
+        }
+
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+        /**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param param the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool forEncryption,
+            ICipherParameters parameters)
+        {
+            bool oldEncrypting = this.encrypting;
+
+            this.encrypting = forEncryption;
+
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV)parameters;
+                byte[]      iv = ivParam.GetIV();
+
+                if (iv.Length != blockSize)
+                {
+                    throw new ArgumentException("initialisation vector must be the same length as block size");
+                }
+
+                Array.Copy(iv, 0, IV, 0, iv.Length);
+
+				parameters = ivParam.Parameters;
+            }
+
+			Reset();
+
+            // if null it's an IV changed only.
+            if (parameters != null)
+            {
+                cipher.Init(encrypting, parameters);
+            }
+            else if (oldEncrypting != encrypting)
+            {
+                throw new ArgumentException("cannot change encrypting state without providing key.");
+            }
+        }
+
+		/**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/CBC".
+        */
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/CBC"; }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return false; }
+		}
+
+		/**
+        * return the block size of the underlying cipher.
+        *
+        * @return the block size of the underlying cipher.
+        */
+        public int GetBlockSize()
+        {
+            return cipher.GetBlockSize();
+        }
+
+        /**
+        * Process one block of input from the array in and write it to
+        * the out array.
+        *
+        * @param in the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            return (encrypting)
+				?	EncryptBlock(input, inOff, output, outOff)
+				:	DecryptBlock(input, inOff, output, outOff);
+        }
+
+        /**
+        * reset the chaining vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+            Array.Copy(IV, 0, cbcV, 0, IV.Length);
+			Array.Clear(cbcNextV, 0, cbcNextV.Length);
+
+            cipher.Reset();
+        }
+
+        /**
+        * Do the appropriate chaining step for CBC mode encryption.
+        *
+        * @param in the array containing the data to be encrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the encrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        private int EncryptBlock(
+            byte[]      input,
+            int         inOff,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+
+            /*
+            * XOR the cbcV and the input,
+            * then encrypt the cbcV
+            */
+            for (int i = 0; i < blockSize; i++)
+            {
+                cbcV[i] ^= input[inOff + i];
+            }
+
+            int length = cipher.ProcessBlock(cbcV, 0, outBytes, outOff);
+
+            /*
+            * copy ciphertext to cbcV
+            */
+            Array.Copy(outBytes, outOff, cbcV, 0, cbcV.Length);
+
+            return length;
+        }
+
+        /**
+        * Do the appropriate chaining step for CBC mode decryption.
+        *
+        * @param in the array containing the data to be decrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the decrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        private int DecryptBlock(
+            byte[]      input,
+            int         inOff,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+
+            Array.Copy(input, inOff, cbcNextV, 0, blockSize);
+
+            int length = cipher.ProcessBlock(input, inOff, outBytes, outOff);
+
+            /*
+            * XOR the cbcV and the output
+            */
+            for (int i = 0; i < blockSize; i++)
+            {
+                outBytes[outOff + i] ^= cbcV[i];
+            }
+
+            /*
+            * swap the back up buffer into next position
+            */
+            byte[]  tmp;
+
+            tmp = cbcV;
+            cbcV = cbcNextV;
+            cbcNextV = tmp;
+
+            return length;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/CcmBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/CcmBlockCipher.cs
new file mode 100644
index 0000000..4de40d5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/CcmBlockCipher.cs
@@ -0,0 +1,449 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * Implements the Counter with Cipher Block Chaining mode (CCM) detailed in
+    * NIST Special Publication 800-38C.
+    * <p>
+    * <b>Note</b>: this mode is a packet mode - it needs all the data up front.
+    * </p>
+    */
+    public class CcmBlockCipher
+        : IAeadBlockCipher
+    {
+        private static readonly int BlockSize = 16;
+
+        private readonly IBlockCipher	cipher;
+        private readonly byte[]			macBlock;
+        private bool					forEncryption;
+        private byte[]					nonce;
+        private byte[]					initialAssociatedText;
+        private int						macSize;
+        private ICipherParameters		keyParam;
+        private readonly MemoryStream   associatedText = new MemoryStream();
+        private readonly MemoryStream   data = new MemoryStream();
+
+        /**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used.
+        */
+        public CcmBlockCipher(
+            IBlockCipher cipher)
+        {
+            this.cipher = cipher;
+            this.macBlock = new byte[BlockSize];
+
+            if (cipher.GetBlockSize() != BlockSize)
+                throw new ArgumentException("cipher required with a block size of " + BlockSize + ".");
+        }
+
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public virtual IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            this.forEncryption = forEncryption;
+
+            ICipherParameters cipherParameters;
+            if (parameters is AeadParameters)
+            {
+                AeadParameters param = (AeadParameters) parameters;
+
+                nonce = param.GetNonce();
+                initialAssociatedText = param.GetAssociatedText();
+                macSize = param.MacSize / 8;
+                cipherParameters = param.Key;
+            }
+            else if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV param = (ParametersWithIV) parameters;
+
+                nonce = param.GetIV();
+                initialAssociatedText = null;
+                macSize = macBlock.Length / 2;
+                cipherParameters = param.Parameters;
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameters passed to CCM");
+            }
+
+            // NOTE: Very basic support for key re-use, but no performance gain from it
+            if (cipherParameters != null)
+            {
+                keyParam = cipherParameters;
+            }
+
+            if (nonce == null || nonce.Length < 7 || nonce.Length > 13)
+            {
+                throw new ArgumentException("nonce must have length from 7 to 13 octets");
+            }
+
+            Reset();
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/CCM"; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return cipher.GetBlockSize();
+        }
+
+        public virtual void ProcessAadByte(byte input)
+        {
+            associatedText.WriteByte(input);
+        }
+
+        public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len)
+        {
+            // TODO: Process AAD online
+            associatedText.Write(inBytes, inOff, len);
+        }
+
+        public virtual int ProcessByte(
+            byte	input,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            data.WriteByte(input);
+
+            return 0;
+        }
+
+        public virtual int ProcessBytes(
+            byte[]	inBytes,
+            int		inOff,
+            int		inLen,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            Check.DataLength(inBytes, inOff, inLen, "Input buffer too short");
+
+            data.Write(inBytes, inOff, inLen);
+
+            return 0;
+        }
+
+        public virtual int DoFinal(
+            byte[]	outBytes,
+            int		outOff)
+        {
+#if PORTABLE
+            byte[] input = data.ToArray();
+            int inLen = input.Length;
+#else
+            byte[] input = data.GetBuffer();
+            int inLen = (int)data.Position;
+#endif
+
+            int len = ProcessPacket(input, 0, inLen, outBytes, outOff);
+
+            Reset();
+
+            return len;
+        }
+
+        public virtual void Reset()
+        {
+            cipher.Reset();
+            associatedText.SetLength(0);
+            data.SetLength(0);
+        }
+
+        /**
+        * Returns a byte array containing the mac calculated as part of the
+        * last encrypt or decrypt operation.
+        *
+        * @return the last mac calculated.
+        */
+        public virtual byte[] GetMac()
+        {
+            return Arrays.CopyOfRange(macBlock, 0, macSize);
+        }
+
+        public virtual int GetUpdateOutputSize(
+            int len)
+        {
+            return 0;
+        }
+
+        public virtual int GetOutputSize(
+            int len)
+        {
+            int totalData = (int)data.Length + len;
+
+            if (forEncryption)
+            {
+                return totalData + macSize;
+            }
+
+            return totalData < macSize ? 0 : totalData - macSize;
+        }
+
+        /**
+         * Process a packet of data for either CCM decryption or encryption.
+         *
+         * @param in data for processing.
+         * @param inOff offset at which data starts in the input array.
+         * @param inLen length of the data in the input array.
+         * @return a byte array containing the processed input..
+         * @throws IllegalStateException if the cipher is not appropriately set up.
+         * @throws InvalidCipherTextException if the input data is truncated or the mac check fails.
+         */
+        public virtual byte[] ProcessPacket(byte[] input, int inOff, int inLen)
+        {
+            byte[] output;
+
+            if (forEncryption)
+            {
+                output = new byte[inLen + macSize];
+            }
+            else
+            {
+                if (inLen < macSize)
+                    throw new InvalidCipherTextException("data too short");
+
+                output = new byte[inLen - macSize];
+            }
+
+            ProcessPacket(input, inOff, inLen, output, 0);
+
+            return output;
+        }
+
+        /**
+         * Process a packet of data for either CCM decryption or encryption.
+         *
+         * @param in data for processing.
+         * @param inOff offset at which data starts in the input array.
+         * @param inLen length of the data in the input array.
+         * @param output output array.
+         * @param outOff offset into output array to start putting processed bytes.
+         * @return the number of bytes added to output.
+         * @throws IllegalStateException if the cipher is not appropriately set up.
+         * @throws InvalidCipherTextException if the input data is truncated or the mac check fails.
+         * @throws DataLengthException if output buffer too short.
+         */
+        public virtual int ProcessPacket(byte[] input, int inOff, int inLen, byte[] output, int outOff)
+        {
+            // TODO: handle null keyParam (e.g. via RepeatedKeySpec)
+            // Need to keep the CTR and CBC Mac parts around and reset
+            if (keyParam == null)
+                throw new InvalidOperationException("CCM cipher unitialized.");
+
+            int n = nonce.Length;
+            int q = 15 - n;
+            if (q < 4)
+            {
+                int limitLen = 1 << (8 * q);
+                if (inLen >= limitLen)
+                    throw new InvalidOperationException("CCM packet too large for choice of q.");
+            }
+
+            byte[] iv = new byte[BlockSize];
+            iv[0] = (byte)((q - 1) & 0x7);
+            nonce.CopyTo(iv, 1);
+
+            IBlockCipher ctrCipher = new SicBlockCipher(cipher);
+            ctrCipher.Init(forEncryption, new ParametersWithIV(keyParam, iv));
+
+            int outputLen;
+            int inIndex = inOff;
+            int outIndex = outOff;
+
+            if (forEncryption)
+            {
+                outputLen = inLen + macSize;
+                Check.OutputLength(output, outOff, outputLen, "Output buffer too short.");
+
+                CalculateMac(input, inOff, inLen, macBlock);
+
+                byte[] encMac = new byte[BlockSize];
+                ctrCipher.ProcessBlock(macBlock, 0, encMac, 0);   // S0
+
+                while (inIndex < (inOff + inLen - BlockSize))                 // S1...
+                {
+                    ctrCipher.ProcessBlock(input, inIndex, output, outIndex);
+                    outIndex += BlockSize;
+                    inIndex += BlockSize;
+                }
+
+                byte[] block = new byte[BlockSize];
+
+                Array.Copy(input, inIndex, block, 0, inLen + inOff - inIndex);
+
+                ctrCipher.ProcessBlock(block, 0, block, 0);
+
+                Array.Copy(block, 0, output, outIndex, inLen + inOff - inIndex);
+
+                Array.Copy(encMac, 0, output, outOff + inLen, macSize);
+            }
+            else
+            {
+                if (inLen < macSize)
+                    throw new InvalidCipherTextException("data too short");
+
+                outputLen = inLen - macSize;
+                Check.OutputLength(output, outOff, outputLen, "Output buffer too short.");
+
+                Array.Copy(input, inOff + outputLen, macBlock, 0, macSize);
+
+                ctrCipher.ProcessBlock(macBlock, 0, macBlock, 0);
+
+                for (int i = macSize; i != macBlock.Length; i++)
+                {
+                    macBlock[i] = 0;
+                }
+
+                while (inIndex < (inOff + outputLen - BlockSize))
+                {
+                    ctrCipher.ProcessBlock(input, inIndex, output, outIndex);
+                    outIndex += BlockSize;
+                    inIndex += BlockSize;
+                }
+
+                byte[] block = new byte[BlockSize];
+
+                Array.Copy(input, inIndex, block, 0, outputLen - (inIndex - inOff));
+
+                ctrCipher.ProcessBlock(block, 0, block, 0);
+
+                Array.Copy(block, 0, output, outIndex, outputLen - (inIndex - inOff));
+
+                byte[] calculatedMacBlock = new byte[BlockSize];
+
+                CalculateMac(output, outOff, outputLen, calculatedMacBlock);
+
+                if (!Arrays.ConstantTimeAreEqual(macBlock, calculatedMacBlock))
+                    throw new InvalidCipherTextException("mac check in CCM failed");
+            }
+
+            return outputLen;
+        }
+
+        private int CalculateMac(byte[] data, int dataOff, int dataLen, byte[] macBlock)
+        {
+            IMac cMac = new CbcBlockCipherMac(cipher, macSize * 8);
+
+            cMac.Init(keyParam);
+
+            //
+            // build b0
+            //
+            byte[] b0 = new byte[16];
+
+            if (HasAssociatedText())
+            {
+                b0[0] |= 0x40;
+            }
+
+            b0[0] |= (byte)((((cMac.GetMacSize() - 2) / 2) & 0x7) << 3);
+
+            b0[0] |= (byte)(((15 - nonce.Length) - 1) & 0x7);
+
+            Array.Copy(nonce, 0, b0, 1, nonce.Length);
+
+            int q = dataLen;
+            int count = 1;
+            while (q > 0)
+            {
+                b0[b0.Length - count] = (byte)(q & 0xff);
+                q >>= 8;
+                count++;
+            }
+
+            cMac.BlockUpdate(b0, 0, b0.Length);
+
+            //
+            // process associated text
+            //
+            if (HasAssociatedText())
+            {
+                int extra;
+
+                int textLength = GetAssociatedTextLength();
+                if (textLength < ((1 << 16) - (1 << 8)))
+                {
+                    cMac.Update((byte)(textLength >> 8));
+                    cMac.Update((byte)textLength);
+
+                    extra = 2;
+                }
+                else // can't go any higher than 2^32
+                {
+                    cMac.Update((byte)0xff);
+                    cMac.Update((byte)0xfe);
+                    cMac.Update((byte)(textLength >> 24));
+                    cMac.Update((byte)(textLength >> 16));
+                    cMac.Update((byte)(textLength >> 8));
+                    cMac.Update((byte)textLength);
+
+                    extra = 6;
+                }
+
+                if (initialAssociatedText != null)
+                {
+                    cMac.BlockUpdate(initialAssociatedText, 0, initialAssociatedText.Length);
+                }
+                if (associatedText.Position > 0)
+                {
+#if PORTABLE
+                    byte[] input = associatedText.ToArray();
+                    int len = input.Length;
+#else
+                    byte[] input = associatedText.GetBuffer();
+                    int len = (int)associatedText.Position;
+#endif
+
+                    cMac.BlockUpdate(input, 0, len);
+                }
+
+                extra = (extra + textLength) % 16;
+                if (extra != 0)
+                {
+                    for (int i = extra; i < 16; ++i)
+                    {
+                        cMac.Update((byte)0x00);
+                    }
+                }
+            }
+
+            //
+            // add the text
+            //
+            cMac.BlockUpdate(data, dataOff, dataLen);
+
+            return cMac.DoFinal(macBlock, 0);
+        }
+
+        private int GetAssociatedTextLength()
+        {
+            return (int)associatedText.Length + ((initialAssociatedText == null) ? 0 : initialAssociatedText.Length);
+        }
+
+        private bool HasAssociatedText()
+        {
+            return GetAssociatedTextLength() > 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/CfbBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/CfbBlockCipher.cs
new file mode 100644
index 0000000..4337165
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/CfbBlockCipher.cs
@@ -0,0 +1,224 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
+    */
+    public class CfbBlockCipher
+		: IBlockCipher
+    {
+        private byte[]	IV;
+        private byte[]	cfbV;
+        private byte[]	cfbOutV;
+		private bool	encrypting;
+
+		private readonly int			blockSize;
+        private readonly IBlockCipher	cipher;
+
+		/**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used as the basis of the
+        * feedback mode.
+        * @param blockSize the block size in bits (note: a multiple of 8)
+        */
+        public CfbBlockCipher(
+            IBlockCipher cipher,
+            int          bitBlockSize)
+        {
+            this.cipher = cipher;
+            this.blockSize = bitBlockSize / 8;
+            this.IV = new byte[cipher.GetBlockSize()];
+            this.cfbV = new byte[cipher.GetBlockSize()];
+            this.cfbOutV = new byte[cipher.GetBlockSize()];
+        }
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+        /**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        * An IV which is too short is handled in FIPS compliant fashion.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param param the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool forEncryption,
+            ICipherParameters parameters)
+        {
+            this.encrypting = forEncryption;
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV) parameters;
+                byte[] iv = ivParam.GetIV();
+                int diff = IV.Length - iv.Length;
+                Array.Copy(iv, 0, IV, diff, iv.Length);
+                Array.Clear(IV, 0, diff);
+
+                parameters = ivParam.Parameters;
+            }
+            Reset();
+
+            // if it's null, key is to be reused.
+            if (parameters != null)
+            {
+                cipher.Init(true, parameters);
+            }
+        }
+
+        /**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/CFB"
+        * and the block size in bits.
+        */
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/CFB" + (blockSize * 8); }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+		/**
+        * return the block size we are operating at.
+        *
+        * @return the block size we are operating at (in bytes).
+        */
+        public int GetBlockSize()
+        {
+            return blockSize;
+        }
+
+		/**
+        * Process one block of input from the array in and write it to
+        * the out array.
+        *
+        * @param in the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            return (encrypting)
+				?	EncryptBlock(input, inOff, output, outOff)
+				:	DecryptBlock(input, inOff, output, outOff);
+        }
+
+		/**
+        * Do the appropriate processing for CFB mode encryption.
+        *
+        * @param in the array containing the data to be encrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the encrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int EncryptBlock(
+            byte[]      input,
+            int         inOff,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+            if ((outOff + blockSize) > outBytes.Length)
+            {
+                throw new DataLengthException("output buffer too short");
+            }
+            cipher.ProcessBlock(cfbV, 0, cfbOutV, 0);
+            //
+            // XOR the cfbV with the plaintext producing the ciphertext
+            //
+            for (int i = 0; i < blockSize; i++)
+            {
+                outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]);
+            }
+            //
+            // change over the input block.
+            //
+            Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize);
+            Array.Copy(outBytes, outOff, cfbV, cfbV.Length - blockSize, blockSize);
+            return blockSize;
+        }
+        /**
+        * Do the appropriate processing for CFB mode decryption.
+        *
+        * @param in the array containing the data to be decrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the encrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int DecryptBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+            if ((outOff + blockSize) > outBytes.Length)
+            {
+                throw new DataLengthException("output buffer too short");
+            }
+            cipher.ProcessBlock(cfbV, 0, cfbOutV, 0);
+            //
+            // change over the input block.
+            //
+            Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize);
+            Array.Copy(input, inOff, cfbV, cfbV.Length - blockSize, blockSize);
+            //
+            // XOR the cfbV with the ciphertext producing the plaintext
+            //
+            for (int i = 0; i < blockSize; i++)
+            {
+                outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]);
+            }
+            return blockSize;
+        }
+        /**
+        * reset the chaining vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+            Array.Copy(IV, 0, cfbV, 0, IV.Length);
+            cipher.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/CtsBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/CtsBlockCipher.cs
new file mode 100644
index 0000000..ff37844
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/CtsBlockCipher.cs
@@ -0,0 +1,253 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
+    * be used to produce cipher text which is the same outLength as the plain text.
+    */
+    public class CtsBlockCipher
+		: BufferedBlockCipher
+    {
+        private readonly int blockSize;
+
+        /**
+        * Create a buffered block cipher that uses Cipher Text Stealing
+        *
+        * @param cipher the underlying block cipher this buffering object wraps.
+        */
+        public CtsBlockCipher(
+            IBlockCipher cipher)
+        {
+			// TODO Should this test for acceptable ones instead?
+			if (cipher is OfbBlockCipher || cipher is CfbBlockCipher)
+                throw new ArgumentException("CtsBlockCipher can only accept ECB, or CBC ciphers");
+
+			this.cipher = cipher;
+
+            blockSize = cipher.GetBlockSize();
+
+            buf = new byte[blockSize * 2];
+            bufOff = 0;
+        }
+
+        /**
+        * return the size of the output buffer required for an update of 'length' bytes.
+        *
+        * @param length the outLength of the input.
+        * @return the space required to accommodate a call to update
+        * with length bytes of input.
+        */
+        public override int GetUpdateOutputSize(
+            int length)
+        {
+            int total = length + bufOff;
+            int leftOver = total % buf.Length;
+
+			if (leftOver == 0)
+            {
+                return total - buf.Length;
+            }
+
+			return total - leftOver;
+        }
+
+        /**
+        * return the size of the output buffer required for an update plus a
+        * doFinal with an input of length bytes.
+        *
+        * @param length the outLength of the input.
+        * @return the space required to accommodate a call to update and doFinal
+        * with length bytes of input.
+        */
+        public override int GetOutputSize(
+            int length)
+        {
+            return length + bufOff;
+        }
+
+        /**
+        * process a single byte, producing an output block if necessary.
+        *
+        * @param in the input byte.
+        * @param out the space for any output that might be produced.
+        * @param outOff the offset from which the output will be copied.
+        * @return the number of output bytes copied to out.
+        * @exception DataLengthException if there isn't enough space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        */
+        public override int ProcessByte(
+            byte	input,
+            byte[]	output,
+            int		outOff)
+        {
+            int resultLen = 0;
+
+            if (bufOff == buf.Length)
+            {
+                resultLen = cipher.ProcessBlock(buf, 0, output, outOff);
+				Debug.Assert(resultLen == blockSize);
+
+				Array.Copy(buf, blockSize, buf, 0, blockSize);
+                bufOff = blockSize;
+            }
+
+            buf[bufOff++] = input;
+
+            return resultLen;
+        }
+
+		/**
+        * process an array of bytes, producing output if necessary.
+        *
+        * @param in the input byte array.
+        * @param inOff the offset at which the input data starts.
+        * @param length the number of bytes to be copied out of the input array.
+        * @param out the space for any output that might be produced.
+        * @param outOff the offset from which the output will be copied.
+        * @return the number of output bytes copied to out.
+        * @exception DataLengthException if there isn't enough space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        */
+        public override int ProcessBytes(
+            byte[]	input,
+            int		inOff,
+            int		length,
+            byte[]	output,
+            int		outOff)
+        {
+            if (length < 0)
+            {
+                throw new ArgumentException("Can't have a negative input outLength!");
+            }
+
+            int blockSize = GetBlockSize();
+            int outLength = GetUpdateOutputSize(length);
+
+            if (outLength > 0)
+            {
+                if ((outOff + outLength) > output.Length)
+                {
+                    throw new DataLengthException("output buffer too short");
+                }
+            }
+
+            int resultLen = 0;
+            int gapLen = buf.Length - bufOff;
+
+            if (length > gapLen)
+            {
+                Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+                resultLen += cipher.ProcessBlock(buf, 0, output, outOff);
+                Array.Copy(buf, blockSize, buf, 0, blockSize);
+
+                bufOff = blockSize;
+
+                length -= gapLen;
+                inOff += gapLen;
+
+                while (length > blockSize)
+                {
+                    Array.Copy(input, inOff, buf, bufOff, blockSize);
+                    resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen);
+                    Array.Copy(buf, blockSize, buf, 0, blockSize);
+
+                    length -= blockSize;
+                    inOff += blockSize;
+                }
+            }
+
+            Array.Copy(input, inOff, buf, bufOff, length);
+
+            bufOff += length;
+
+            return resultLen;
+        }
+
+        /**
+        * Process the last block in the buffer.
+        *
+        * @param out the array the block currently being held is copied into.
+        * @param outOff the offset at which the copying starts.
+        * @return the number of output bytes copied to out.
+        * @exception DataLengthException if there is insufficient space in out for
+        * the output.
+        * @exception InvalidOperationException if the underlying cipher is not
+        * initialised.
+        * @exception InvalidCipherTextException if cipher text decrypts wrongly (in
+        * case the exception will never Get thrown).
+        */
+        public override int DoFinal(
+            byte[]  output,
+            int     outOff)
+        {
+            if (bufOff + outOff > output.Length)
+            {
+                throw new DataLengthException("output buffer too small in doFinal");
+            }
+
+            int blockSize = cipher.GetBlockSize();
+            int length = bufOff - blockSize;
+            byte[] block = new byte[blockSize];
+
+            if (forEncryption)
+            {
+                cipher.ProcessBlock(buf, 0, block, 0);
+
+				if (bufOff < blockSize)
+				{
+					throw new DataLengthException("need at least one block of input for CTS");
+				}
+
+                for (int i = bufOff; i != buf.Length; i++)
+                {
+                    buf[i] = block[i - blockSize];
+                }
+
+                for (int i = blockSize; i != bufOff; i++)
+                {
+                    buf[i] ^= block[i - blockSize];
+                }
+
+				IBlockCipher c = (cipher is CbcBlockCipher)
+					?	((CbcBlockCipher)cipher).GetUnderlyingCipher()
+					:	cipher;
+
+				c.ProcessBlock(buf, blockSize, output, outOff);
+
+				Array.Copy(block, 0, output, outOff + blockSize, length);
+            }
+            else
+            {
+                byte[] lastBlock = new byte[blockSize];
+
+				IBlockCipher c = (cipher is CbcBlockCipher)
+					?	((CbcBlockCipher)cipher).GetUnderlyingCipher()
+					:	cipher;
+
+				c.ProcessBlock(buf, 0, block, 0);
+
+				for (int i = blockSize; i != bufOff; i++)
+                {
+                    lastBlock[i - blockSize] = (byte)(block[i - blockSize] ^ buf[i]);
+                }
+
+                Array.Copy(buf, blockSize, block, 0, length);
+
+                cipher.ProcessBlock(block, 0, output, outOff);
+                Array.Copy(lastBlock, 0, output, outOff + blockSize, length);
+            }
+
+            int offset = bufOff;
+
+            Reset();
+
+            return offset;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/EAXBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/EAXBlockCipher.cs
new file mode 100644
index 0000000..624f385
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/EAXBlockCipher.cs
@@ -0,0 +1,379 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+	/**
+	* A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and 
+	* Efficiency - by M. Bellare, P. Rogaway, D. Wagner.
+	* 
+	* http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf
+	* 
+	* EAX is an AEAD scheme based on CTR and OMAC1/CMAC, that uses a single block 
+	* cipher to encrypt and authenticate data. It's on-line (the length of a 
+	* message isn't needed to begin processing it), has good performances, it's
+	* simple and provably secure (provided the underlying block cipher is secure).
+	* 
+	* Of course, this implementations is NOT thread-safe.
+	*/
+	public class EaxBlockCipher
+		: IAeadBlockCipher
+	{
+		private enum Tag : byte { N, H, C };
+
+		private SicBlockCipher cipher;
+
+		private bool forEncryption;
+
+		private int blockSize;
+
+		private IMac mac;
+
+		private byte[] nonceMac;
+		private byte[] associatedTextMac;
+		private byte[] macBlock;
+
+		private int macSize;
+		private byte[] bufBlock;
+		private int bufOff;
+
+        private bool cipherInitialized;
+        private byte[] initialAssociatedText;
+
+		/**
+		* Constructor that accepts an instance of a block cipher engine.
+		*
+		* @param cipher the engine to use
+		*/
+		public EaxBlockCipher(
+			IBlockCipher cipher)
+		{
+			blockSize = cipher.GetBlockSize();
+			mac = new CMac(cipher);
+			macBlock = new byte[blockSize];
+			associatedTextMac = new byte[mac.GetMacSize()];
+			nonceMac = new byte[mac.GetMacSize()];
+			this.cipher = new SicBlockCipher(cipher);
+		}
+
+		public virtual string AlgorithmName
+		{
+			get { return cipher.GetUnderlyingCipher().AlgorithmName + "/EAX"; }
+		}
+
+		public virtual IBlockCipher GetUnderlyingCipher()
+		{
+			return cipher;
+		}
+
+		public virtual int GetBlockSize()
+		{
+			return cipher.GetBlockSize();
+		}
+
+		public virtual void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+
+			byte[] nonce;
+			ICipherParameters keyParam;
+
+			if (parameters is AeadParameters)
+			{
+				AeadParameters param = (AeadParameters) parameters;
+
+				nonce = param.GetNonce();
+                initialAssociatedText = param.GetAssociatedText();
+				macSize = param.MacSize / 8;
+				keyParam = param.Key;
+			}
+			else if (parameters is ParametersWithIV)
+			{
+				ParametersWithIV param = (ParametersWithIV) parameters;
+
+				nonce = param.GetIV();
+                initialAssociatedText = null;
+				macSize = mac.GetMacSize() / 2;
+				keyParam = param.Parameters;
+			}
+			else
+			{
+				throw new ArgumentException("invalid parameters passed to EAX");
+			}
+
+            bufBlock = new byte[forEncryption ? blockSize : (blockSize + macSize)];
+
+            byte[] tag = new byte[blockSize];
+
+            // Key reuse implemented in CBC mode of underlying CMac
+            mac.Init(keyParam);
+
+            tag[blockSize - 1] = (byte)Tag.N;
+            mac.BlockUpdate(tag, 0, blockSize);
+            mac.BlockUpdate(nonce, 0, nonce.Length);
+            mac.DoFinal(nonceMac, 0);
+
+            // Same BlockCipher underlies this and the mac, so reuse last key on cipher
+            cipher.Init(true, new ParametersWithIV(null, nonceMac));
+
+            Reset();
+		}
+
+        private void InitCipher()
+        {
+            if (cipherInitialized)
+            {
+                return;
+            }
+
+            cipherInitialized = true;
+
+            mac.DoFinal(associatedTextMac, 0);
+
+            byte[] tag = new byte[blockSize];
+            tag[blockSize - 1] = (byte)Tag.C;
+            mac.BlockUpdate(tag, 0, blockSize);
+        }
+
+        private void CalculateMac()
+		{
+			byte[] outC = new byte[blockSize];
+			mac.DoFinal(outC, 0);
+
+			for (int i = 0; i < macBlock.Length; i++)
+			{
+				macBlock[i] = (byte)(nonceMac[i] ^ associatedTextMac[i] ^ outC[i]);
+			}
+		}
+
+		public virtual void Reset()
+		{
+			Reset(true);
+		}
+
+		private void Reset(
+			bool clearMac)
+		{
+            cipher.Reset(); // TODO Redundant since the mac will reset it?
+			mac.Reset();
+
+			bufOff = 0;
+			Array.Clear(bufBlock, 0, bufBlock.Length);
+
+			if (clearMac)
+			{
+				Array.Clear(macBlock, 0, macBlock.Length);
+			}
+
+            byte[] tag = new byte[blockSize];
+            tag[blockSize - 1] = (byte)Tag.H;
+            mac.BlockUpdate(tag, 0, blockSize);
+
+            cipherInitialized = false;
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+        
+        public virtual void ProcessAadByte(byte input)
+        {
+            if (cipherInitialized)
+            {
+                throw new InvalidOperationException("AAD data cannot be added after encryption/decryption processing has begun.");
+            }
+            mac.Update(input);
+        }
+
+        public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len)
+        {
+            if (cipherInitialized)
+            {
+                throw new InvalidOperationException("AAD data cannot be added after encryption/decryption processing has begun.");
+            }
+            mac.BlockUpdate(inBytes, inOff, len);
+        }
+
+        public virtual int ProcessByte(
+			byte	input,
+			byte[]	outBytes,
+			int		outOff)
+		{
+            InitCipher();
+
+            return Process(input, outBytes, outOff);
+		}
+
+        public virtual int ProcessBytes(
+			byte[]	inBytes,
+			int		inOff,
+			int		len,
+			byte[]	outBytes,
+			int		outOff)
+		{
+            InitCipher();
+
+            int resultLen = 0;
+
+			for (int i = 0; i != len; i++)
+			{
+				resultLen += Process(inBytes[inOff + i], outBytes, outOff + resultLen);
+			}
+
+            return resultLen;
+		}
+
+		public virtual int DoFinal(
+			byte[]	outBytes,
+			int		outOff)
+		{
+            InitCipher();
+
+            int extra = bufOff;
+			byte[] tmp = new byte[bufBlock.Length];
+
+            bufOff = 0;
+
+			if (forEncryption)
+			{
+                Check.OutputLength(outBytes, outOff, extra + macSize, "Output buffer too short");
+
+                cipher.ProcessBlock(bufBlock, 0, tmp, 0);
+
+                Array.Copy(tmp, 0, outBytes, outOff, extra);
+
+				mac.BlockUpdate(tmp, 0, extra);
+
+				CalculateMac();
+
+				Array.Copy(macBlock, 0, outBytes, outOff + extra, macSize);
+
+				Reset(false);
+
+				return extra + macSize;
+			}
+			else
+			{
+                if (extra < macSize)
+                    throw new InvalidCipherTextException("data too short");
+
+                Check.OutputLength(outBytes, outOff, extra - macSize, "Output buffer too short");
+
+                if (extra > macSize)
+				{
+					mac.BlockUpdate(bufBlock, 0, extra - macSize);
+
+					cipher.ProcessBlock(bufBlock, 0, tmp, 0);
+
+                    Array.Copy(tmp, 0, outBytes, outOff, extra - macSize);
+				}
+
+				CalculateMac();
+
+				if (!VerifyMac(bufBlock, extra - macSize))
+					throw new InvalidCipherTextException("mac check in EAX failed");
+
+				Reset(false);
+
+				return extra - macSize;
+			}
+		}
+
+		public virtual byte[] GetMac()
+		{
+			byte[] mac = new byte[macSize];
+
+			Array.Copy(macBlock, 0, mac, 0, macSize);
+
+			return mac;
+		}
+
+        public virtual int GetUpdateOutputSize(
+			int len)
+		{
+            int totalData = len + bufOff;
+            if (!forEncryption)
+            {
+                if (totalData < macSize)
+                {
+                    return 0;
+                }
+                totalData -= macSize;
+            }
+            return totalData - totalData % blockSize;
+        }
+
+		public virtual int GetOutputSize(
+			int len)
+		{
+            int totalData = len + bufOff;
+
+            if (forEncryption)
+            {
+                return totalData + macSize;
+            }
+
+            return totalData < macSize ? 0 : totalData - macSize;
+        }
+
+		private int Process(
+			byte	b,
+			byte[]	outBytes,
+			int		outOff)
+		{
+			bufBlock[bufOff++] = b;
+
+			if (bufOff == bufBlock.Length)
+			{
+                Check.OutputLength(outBytes, outOff, blockSize, "Output buffer is too short");
+
+                // TODO Could move the ProcessByte(s) calls to here
+//                InitCipher();
+
+				int size;
+
+				if (forEncryption)
+				{
+					size = cipher.ProcessBlock(bufBlock, 0, outBytes, outOff);
+
+					mac.BlockUpdate(outBytes, outOff, blockSize);
+				}
+				else
+				{
+					mac.BlockUpdate(bufBlock, 0, blockSize);
+
+					size = cipher.ProcessBlock(bufBlock, 0, outBytes, outOff);
+				}
+
+                bufOff = 0;
+                if (!forEncryption)
+                {
+                    Array.Copy(bufBlock, blockSize, bufBlock, 0, macSize);
+                    bufOff = macSize;
+                }
+
+                return size;
+			}
+
+			return 0;
+		}
+
+		private bool VerifyMac(byte[] mac, int off)
+		{
+            int nonEqual = 0;
+
+            for (int i = 0; i < macSize; i++)
+            {
+                nonEqual |= (macBlock[i] ^ mac[off + i]);
+            }
+
+            return nonEqual == 0;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/GCMBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/GCMBlockCipher.cs
new file mode 100644
index 0000000..a6cd004
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/GCMBlockCipher.cs
@@ -0,0 +1,594 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Modes.Gcm;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /// <summary>
+    /// Implements the Galois/Counter mode (GCM) detailed in
+    /// NIST Special Publication 800-38D.
+    /// </summary>
+    public class GcmBlockCipher
+        : IAeadBlockCipher
+    {
+        private const int BlockSize = 16;
+
+        private readonly IBlockCipher	cipher;
+        private readonly IGcmMultiplier	multiplier;
+        private IGcmExponentiator exp;
+
+        // These fields are set by Init and not modified by processing
+        private bool        forEncryption;
+        private bool        initialised;
+        private int         macSize;
+        private byte[]      lastKey;
+        private byte[]      nonce;
+        private byte[]      initialAssociatedText;
+        private byte[]      H;
+        private byte[]      J0;
+
+        // These fields are modified during processing
+        private byte[]		bufBlock;
+        private byte[]		macBlock;
+        private byte[]      S, S_at, S_atPre;
+        private byte[]      counter;
+        private uint        blocksRemaining;
+        private int         bufOff;
+        private ulong		totalLength;
+        private byte[]      atBlock;
+        private int         atBlockPos;
+        private ulong       atLength;
+        private ulong       atLengthPre;
+
+        public GcmBlockCipher(
+            IBlockCipher c)
+            : this(c, null)
+        {
+        }
+
+        public GcmBlockCipher(
+            IBlockCipher	c,
+            IGcmMultiplier	m)
+        {
+            if (c.GetBlockSize() != BlockSize)
+                throw new ArgumentException("cipher required with a block size of " + BlockSize + ".");
+
+            if (m == null)
+            {
+                // TODO Consider a static property specifying default multiplier
+                m = new Tables8kGcmMultiplier();
+            }
+
+            this.cipher = c;
+            this.multiplier = m;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/GCM"; }
+        }
+
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BlockSize;
+        }
+
+        /// <remarks>
+        /// MAC sizes from 32 bits to 128 bits (must be a multiple of 8) are supported. The default is 128 bits.
+        /// Sizes less than 96 are not recommended, but are supported for specialized applications.
+        /// </remarks>
+        public virtual void Init(
+            bool				forEncryption,
+            ICipherParameters	parameters)
+        {
+            this.forEncryption = forEncryption;
+            this.macBlock = null;
+            this.initialised = true;
+
+            KeyParameter keyParam;
+            byte[] newNonce = null;
+
+            if (parameters is AeadParameters)
+            {
+                AeadParameters param = (AeadParameters)parameters;
+
+                newNonce = param.GetNonce();
+                initialAssociatedText = param.GetAssociatedText();
+
+                int macSizeBits = param.MacSize;
+                if (macSizeBits < 32 || macSizeBits > 128 || macSizeBits % 8 != 0)
+                {
+                    throw new ArgumentException("Invalid value for MAC size: " + macSizeBits);
+                }
+
+                macSize = macSizeBits / 8; 
+                keyParam = param.Key;
+            }
+            else if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV param = (ParametersWithIV)parameters;
+
+                newNonce = param.GetIV();
+                initialAssociatedText = null;
+                macSize = 16; 
+                keyParam = (KeyParameter)param.Parameters;
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameters passed to GCM");
+            }
+
+            int bufLength = forEncryption ? BlockSize : (BlockSize + macSize);
+            this.bufBlock = new byte[bufLength];
+
+            if (newNonce == null || newNonce.Length < 1)
+            {
+                throw new ArgumentException("IV must be at least 1 byte");
+            }
+
+            if (forEncryption)
+            {
+                if (nonce != null && Arrays.AreEqual(nonce, newNonce))
+                {
+                    if (keyParam == null)
+                    {
+                        throw new ArgumentException("cannot reuse nonce for GCM encryption");
+                    }
+                    if (lastKey != null && Arrays.AreEqual(lastKey, keyParam.GetKey()))
+                    {
+                        throw new ArgumentException("cannot reuse nonce for GCM encryption");
+                    }
+                }
+            }
+
+            nonce = newNonce;
+            if (keyParam != null)
+            {
+                lastKey = keyParam.GetKey();
+            }
+
+            // TODO Restrict macSize to 16 if nonce length not 12?
+
+            // Cipher always used in forward mode
+            // if keyParam is null we're reusing the last key.
+            if (keyParam != null)
+            {
+                cipher.Init(true, keyParam);
+
+                this.H = new byte[BlockSize];
+                cipher.ProcessBlock(H, 0, H, 0);
+
+                // if keyParam is null we're reusing the last key and the multiplier doesn't need re-init
+                multiplier.Init(H);
+                exp = null;
+            }
+            else if (this.H == null)
+            {
+                throw new ArgumentException("Key must be specified in initial init");
+            }
+
+            this.J0 = new byte[BlockSize];
+
+            if (nonce.Length == 12)
+            {
+                Array.Copy(nonce, 0, J0, 0, nonce.Length);
+                this.J0[BlockSize - 1] = 0x01;
+            }
+            else
+            {
+                gHASH(J0, nonce, nonce.Length);
+                byte[] X = new byte[BlockSize];
+                Pack.UInt64_To_BE((ulong)nonce.Length * 8UL, X, 8);
+                gHASHBlock(J0, X);
+            }
+
+            this.S = new byte[BlockSize];
+            this.S_at = new byte[BlockSize];
+            this.S_atPre = new byte[BlockSize];
+            this.atBlock = new byte[BlockSize];
+            this.atBlockPos = 0;
+            this.atLength = 0;
+            this.atLengthPre = 0;
+            this.counter = Arrays.Clone(J0);
+            this.blocksRemaining = uint.MaxValue - 1; // page 8, len(P) <= 2^39 - 256, 1 block used by tag
+            this.bufOff = 0;
+            this.totalLength = 0;
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+
+        public virtual byte[] GetMac()
+        {
+            return macBlock == null
+                ?   new byte[macSize]
+                :   Arrays.Clone(macBlock);
+        }
+
+        public virtual int GetOutputSize(
+            int len)
+        {
+            int totalData = len + bufOff;
+
+            if (forEncryption)
+            {
+                return totalData + macSize;
+            }
+
+            return totalData < macSize ? 0 : totalData - macSize;
+        }
+
+        public virtual int GetUpdateOutputSize(
+            int len)
+        {
+            int totalData = len + bufOff;
+            if (!forEncryption)
+            {
+                if (totalData < macSize)
+                {
+                    return 0;
+                }
+                totalData -= macSize;
+            }
+            return totalData - totalData % BlockSize;
+        }
+
+        public virtual void ProcessAadByte(byte input)
+        {
+            CheckStatus();
+
+            atBlock[atBlockPos] = input;
+            if (++atBlockPos == BlockSize)
+            {
+                // Hash each block as it fills
+                gHASHBlock(S_at, atBlock);
+                atBlockPos = 0;
+                atLength += BlockSize;
+            }
+        }
+
+        public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len)
+        {
+            CheckStatus();
+
+            for (int i = 0; i < len; ++i)
+            {
+                atBlock[atBlockPos] = inBytes[inOff + i];
+                if (++atBlockPos == BlockSize)
+                {
+                    // Hash each block as it fills
+                    gHASHBlock(S_at, atBlock);
+                    atBlockPos = 0;
+                    atLength += BlockSize;
+                }
+            }
+        }
+
+        private void InitCipher()
+        {
+            if (atLength > 0)
+            {
+                Array.Copy(S_at, 0, S_atPre, 0, BlockSize);
+                atLengthPre = atLength;
+            }
+
+            // Finish hash for partial AAD block
+            if (atBlockPos > 0)
+            {
+                gHASHPartial(S_atPre, atBlock, 0, atBlockPos);
+                atLengthPre += (uint)atBlockPos;
+            }
+
+            if (atLengthPre > 0)
+            {
+                Array.Copy(S_atPre, 0, S, 0, BlockSize);
+            }
+        }
+
+        public virtual int ProcessByte(
+            byte	input,
+            byte[]	output,
+            int		outOff)
+        {
+            CheckStatus();
+
+            bufBlock[bufOff] = input;
+            if (++bufOff == bufBlock.Length)
+            {
+                OutputBlock(output, outOff);
+                return BlockSize;
+            }
+            return 0;
+        }
+
+        public virtual int ProcessBytes(
+            byte[]	input,
+            int		inOff,
+            int		len,
+            byte[]	output,
+            int		outOff)
+        {
+            CheckStatus();
+
+            if (input.Length < (inOff + len))
+                throw new DataLengthException("Input buffer too short");
+
+            int resultLen = 0;
+
+            for (int i = 0; i < len; ++i)
+            {
+                bufBlock[bufOff] = input[inOff + i];
+                if (++bufOff == bufBlock.Length)
+                {
+                    OutputBlock(output, outOff + resultLen);
+                    resultLen += BlockSize;
+                }
+            }
+
+            return resultLen;
+        }
+
+        private void OutputBlock(byte[] output, int offset)
+        {
+            Check.OutputLength(output, offset, BlockSize, "Output buffer too short");
+            if (totalLength == 0)
+            {
+                InitCipher();
+            }
+            gCTRBlock(bufBlock, output, offset);
+            if (forEncryption)
+            {
+                bufOff = 0;
+            }
+            else
+            {
+                Array.Copy(bufBlock, BlockSize, bufBlock, 0, macSize);
+                bufOff = macSize;
+            }
+        }
+
+        public int DoFinal(byte[] output, int outOff)
+        {
+            CheckStatus();
+
+            if (totalLength == 0)
+            {
+                InitCipher();
+            }
+
+            int extra = bufOff;
+
+            if (forEncryption)
+            {
+                Check.OutputLength(output, outOff, extra + macSize, "Output buffer too short");
+            }
+            else
+            {
+                if (extra < macSize)
+                    throw new InvalidCipherTextException("data too short");
+
+                extra -= macSize;
+
+                Check.OutputLength(output, outOff, extra, "Output buffer too short");
+            }
+
+            if (extra > 0)
+            {
+                gCTRPartial(bufBlock, 0, extra, output, outOff);
+            }
+
+            atLength += (uint)atBlockPos;
+
+            if (atLength > atLengthPre)
+            {
+                /*
+                 *  Some AAD was sent after the cipher started. We determine the difference b/w the hash value
+                 *  we actually used when the cipher started (S_atPre) and the final hash value calculated (S_at).
+                 *  Then we carry this difference forward by multiplying by H^c, where c is the number of (full or
+                 *  partial) cipher-text blocks produced, and adjust the current hash.
+                 */
+
+                // Finish hash for partial AAD block
+                if (atBlockPos > 0)
+                {
+                    gHASHPartial(S_at, atBlock, 0, atBlockPos);
+                }
+
+                // Find the difference between the AAD hashes
+                if (atLengthPre > 0)
+                {
+                    GcmUtilities.Xor(S_at, S_atPre);
+                }
+
+                // Number of cipher-text blocks produced
+                long c = (long)(((totalLength * 8) + 127) >> 7);
+
+                // Calculate the adjustment factor
+                byte[] H_c = new byte[16];
+                if (exp == null)
+                {
+                    exp = new Tables1kGcmExponentiator();
+                    exp.Init(H);
+                }
+                exp.ExponentiateX(c, H_c);
+
+                // Carry the difference forward
+                GcmUtilities.Multiply(S_at, H_c);
+
+                // Adjust the current hash
+                GcmUtilities.Xor(S, S_at);
+            }
+
+            // Final gHASH
+            byte[] X = new byte[BlockSize];
+            Pack.UInt64_To_BE(atLength * 8UL, X, 0);
+            Pack.UInt64_To_BE(totalLength * 8UL, X, 8);
+
+            gHASHBlock(S, X);
+
+            // T = MSBt(GCTRk(J0,S))
+            byte[] tag = new byte[BlockSize];
+            cipher.ProcessBlock(J0, 0, tag, 0);
+            GcmUtilities.Xor(tag, S);
+
+            int resultLen = extra;
+
+            // We place into macBlock our calculated value for T
+            this.macBlock = new byte[macSize];
+            Array.Copy(tag, 0, macBlock, 0, macSize);
+
+            if (forEncryption)
+            {
+                // Append T to the message
+                Array.Copy(macBlock, 0, output, outOff + bufOff, macSize);
+                resultLen += macSize;
+            }
+            else
+            {
+                // Retrieve the T value from the message and compare to calculated one
+                byte[] msgMac = new byte[macSize];
+                Array.Copy(bufBlock, extra, msgMac, 0, macSize);
+                if (!Arrays.ConstantTimeAreEqual(this.macBlock, msgMac))
+                    throw new InvalidCipherTextException("mac check in GCM failed");
+            }
+
+            Reset(false);
+
+            return resultLen;
+        }
+
+        public virtual void Reset()
+        {
+            Reset(true);
+        }
+
+        private void Reset(
+            bool clearMac)
+        {
+            cipher.Reset();
+
+            // note: we do not reset the nonce.
+
+            S = new byte[BlockSize];
+            S_at = new byte[BlockSize];
+            S_atPre = new byte[BlockSize];
+            atBlock = new byte[BlockSize];
+            atBlockPos = 0;
+            atLength = 0;
+            atLengthPre = 0;
+            counter = Arrays.Clone(J0);
+            blocksRemaining = uint.MaxValue - 1;
+            bufOff = 0;
+            totalLength = 0;
+
+            if (bufBlock != null)
+            {
+                Arrays.Fill(bufBlock, 0);
+            }
+
+            if (clearMac)
+            {
+                macBlock = null;
+            }
+
+            if (forEncryption)
+            {
+                initialised = false;
+            }
+            else
+            {
+                if (initialAssociatedText != null)
+                {
+                    ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+                }
+            }
+        }
+
+        private void gCTRBlock(byte[] block, byte[] output, int outOff)
+        {
+            byte[] tmp = GetNextCounterBlock();
+
+            GcmUtilities.Xor(tmp, block);
+            Array.Copy(tmp, 0, output, outOff, BlockSize);
+
+            gHASHBlock(S, forEncryption ? tmp : block);
+
+            totalLength += BlockSize;
+        }
+
+        private void gCTRPartial(byte[] buf, int off, int len, byte[] output, int outOff)
+        {
+            byte[] tmp = GetNextCounterBlock();
+
+            GcmUtilities.Xor(tmp, buf, off, len);
+            Array.Copy(tmp, 0, output, outOff, len);
+
+            gHASHPartial(S, forEncryption ? tmp : buf, 0, len);
+
+            totalLength += (uint)len;
+        }
+
+        private void gHASH(byte[] Y, byte[] b, int len)
+        {
+            for (int pos = 0; pos < len; pos += BlockSize)
+            {
+                int num = System.Math.Min(len - pos, BlockSize);
+                gHASHPartial(Y, b, pos, num);
+            }
+        }
+
+        private void gHASHBlock(byte[] Y, byte[] b)
+        {
+            GcmUtilities.Xor(Y, b);
+            multiplier.MultiplyH(Y);
+        }
+
+        private void gHASHPartial(byte[] Y, byte[] b, int off, int len)
+        {
+            GcmUtilities.Xor(Y, b, off, len);
+            multiplier.MultiplyH(Y);
+        }
+
+        private byte[] GetNextCounterBlock()
+        {
+            if (blocksRemaining == 0)
+                throw new InvalidOperationException("Attempt to process too many blocks");
+
+            blocksRemaining--;
+
+            uint c = 1;
+            c += counter[15]; counter[15] = (byte)c; c >>= 8;
+            c += counter[14]; counter[14] = (byte)c; c >>= 8;
+            c += counter[13]; counter[13] = (byte)c; c >>= 8;
+            c += counter[12]; counter[12] = (byte)c;
+
+            byte[] tmp = new byte[BlockSize];
+            // TODO Sure would be nice if ciphers could operate on int[]
+            cipher.ProcessBlock(counter, 0, tmp, 0);
+            return tmp;
+        }
+
+        private void CheckStatus()
+        {
+            if (!initialised)
+            {
+                if (forEncryption)
+                {
+                    throw new InvalidOperationException("GCM cipher cannot be reused for encryption");
+                }
+                throw new InvalidOperationException("GCM cipher needs to be initialised");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/GOFBBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/GOFBBlockCipher.cs
new file mode 100644
index 0000000..436b58a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/GOFBBlockCipher.cs
@@ -0,0 +1,234 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+	/**
+	* implements the GOST 28147 OFB counter mode (GCTR).
+	*/
+	public class GOfbBlockCipher
+		: IBlockCipher
+	{
+		private byte[]	IV;
+		private byte[]	ofbV;
+		private byte[]	ofbOutV;
+
+		private readonly int			blockSize;
+		private readonly IBlockCipher	cipher;
+
+		bool firstStep = true;
+		int N3;
+		int N4;
+		const int C1 = 16843012; //00000001000000010000000100000100
+		const int C2 = 16843009; //00000001000000010000000100000001
+
+		/**
+		* Basic constructor.
+		*
+		* @param cipher the block cipher to be used as the basis of the
+		* counter mode (must have a 64 bit block size).
+		*/
+		public GOfbBlockCipher(
+			IBlockCipher cipher)
+		{
+			this.cipher = cipher;
+			this.blockSize = cipher.GetBlockSize();
+
+			if (blockSize != 8)
+			{
+				throw new ArgumentException("GCTR only for 64 bit block ciphers");
+			}
+
+			this.IV = new byte[cipher.GetBlockSize()];
+			this.ofbV = new byte[cipher.GetBlockSize()];
+			this.ofbOutV = new byte[cipher.GetBlockSize()];
+		}
+
+		/**
+		* return the underlying block cipher that we are wrapping.
+		*
+		* @return the underlying block cipher that we are wrapping.
+		*/
+		public IBlockCipher GetUnderlyingCipher()
+		{
+			return cipher;
+		}
+
+		/**
+		* Initialise the cipher and, possibly, the initialisation vector (IV).
+		* If an IV isn't passed as part of the parameter, the IV will be all zeros.
+		* An IV which is too short is handled in FIPS compliant fashion.
+		*
+		* @param encrypting if true the cipher is initialised for
+		*  encryption, if false for decryption.
+		* @param parameters the key and other data required by the cipher.
+		* @exception ArgumentException if the parameters argument is inappropriate.
+		*/
+		public void Init(
+			bool				forEncryption, //ignored by this CTR mode
+			ICipherParameters	parameters)
+		{
+			firstStep = true;
+			N3 = 0;
+			N4 = 0;
+
+			if (parameters is ParametersWithIV)
+			{
+				ParametersWithIV ivParam = (ParametersWithIV)parameters;
+				byte[]      iv = ivParam.GetIV();
+
+				if (iv.Length < IV.Length)
+				{
+					// prepend the supplied IV with zeros (per FIPS PUB 81)
+					Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length);
+					for (int i = 0; i < IV.Length - iv.Length; i++)
+					{
+						IV[i] = 0;
+					}
+				}
+				else
+				{
+					Array.Copy(iv, 0, IV, 0, IV.Length);
+				}
+
+				parameters = ivParam.Parameters;
+			}
+
+			Reset();
+
+            // if it's null, key is to be reused.
+            if (parameters != null)
+            {
+                cipher.Init(true, parameters);
+            }
+		}
+
+		/**
+		* return the algorithm name and mode.
+		*
+		* @return the name of the underlying algorithm followed by "/GCTR"
+		* and the block size in bits
+		*/
+		public string AlgorithmName
+		{
+			get { return cipher.AlgorithmName + "/GCTR"; }
+		}
+
+		public bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+		/**
+		* return the block size we are operating at (in bytes).
+		*
+		* @return the block size we are operating at (in bytes).
+		*/
+		public int GetBlockSize()
+		{
+			return blockSize;
+		}
+
+		/**
+		* Process one block of input from the array in and write it to
+		* the out array.
+		*
+		* @param in the array containing the input data.
+		* @param inOff offset into the in array the data starts at.
+		* @param out the array the output data will be copied into.
+		* @param outOff the offset into the out array the output will start at.
+		* @exception DataLengthException if there isn't enough data in in, or
+		* space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		* @return the number of bytes processed and produced.
+		*/
+		public int ProcessBlock(
+			byte[]	input,
+			int		inOff,
+			byte[]	output,
+			int		outOff)
+		{
+			if ((inOff + blockSize) > input.Length)
+			{
+				throw new DataLengthException("input buffer too short");
+			}
+
+			if ((outOff + blockSize) > output.Length)
+			{
+				throw new DataLengthException("output buffer too short");
+			}
+
+			if (firstStep)
+			{
+				firstStep = false;
+				cipher.ProcessBlock(ofbV, 0, ofbOutV, 0);
+				N3 = bytesToint(ofbOutV, 0);
+				N4 = bytesToint(ofbOutV, 4);
+			}
+			N3 += C2;
+			N4 += C1;
+            if (N4 < C1)  // addition is mod (2**32 - 1)
+            {
+                if (N4 > 0)
+                {
+                    N4++;
+                }
+            }
+            intTobytes(N3, ofbV, 0);
+			intTobytes(N4, ofbV, 4);
+
+			cipher.ProcessBlock(ofbV, 0, ofbOutV, 0);
+
+			//
+			// XOR the ofbV with the plaintext producing the cipher text (and
+			// the next input block).
+			//
+			for (int i = 0; i < blockSize; i++)
+			{
+				output[outOff + i] = (byte)(ofbOutV[i] ^ input[inOff + i]);
+			}
+
+			//
+			// change over the input block.
+			//
+			Array.Copy(ofbV, blockSize, ofbV, 0, ofbV.Length - blockSize);
+			Array.Copy(ofbOutV, 0, ofbV, ofbV.Length - blockSize, blockSize);
+
+			return blockSize;
+		}
+
+		/**
+		* reset the feedback vector back to the IV and reset the underlying
+		* cipher.
+		*/
+		public void Reset()
+		{
+			Array.Copy(IV, 0, ofbV, 0, IV.Length);
+
+			cipher.Reset();
+		}
+
+		//array of bytes to type int
+		private int bytesToint(
+			byte[]  inBytes,
+			int     inOff)
+		{
+			return  (int)((inBytes[inOff + 3] << 24) & 0xff000000) + ((inBytes[inOff + 2] << 16) & 0xff0000) +
+					((inBytes[inOff + 1] << 8) & 0xff00) + (inBytes[inOff] & 0xff);
+		}
+
+		//int to array of bytes
+		private void intTobytes(
+				int     num,
+				byte[]  outBytes,
+				int     outOff)
+		{
+				outBytes[outOff + 3] = (byte)(num >> 24);
+				outBytes[outOff + 2] = (byte)(num >> 16);
+				outBytes[outOff + 1] = (byte)(num >> 8);
+				outBytes[outOff] =     (byte)num;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/IAeadBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/IAeadBlockCipher.cs
new file mode 100644
index 0000000..52c4ff4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/IAeadBlockCipher.cs
@@ -0,0 +1,105 @@
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+	/// <summary>
+	/// A block cipher mode that includes authenticated encryption with a streaming mode
+	/// and optional associated data.</summary>
+	/// <see cref="AeadParameters"/>
+	public interface IAeadBlockCipher
+	{
+		/// <summary>The name of the algorithm this cipher implements.</summary>
+		string AlgorithmName { get; }
+
+		/// <summary>The block cipher underlying this algorithm.</summary>
+		IBlockCipher GetUnderlyingCipher();
+
+		/// <summary>Initialise the cipher.</summary>
+		/// <remarks>Parameter can either be an AeadParameters or a ParametersWithIV object.</remarks>
+		/// <param name="forEncryption">Initialise for encryption if true, for decryption if false.</param>
+		/// <param name="parameters">The key or other data required by the cipher.</param>
+		void Init(bool forEncryption, ICipherParameters parameters);
+
+		/// <returns>The block size for this cipher, in bytes.</returns>
+		int GetBlockSize();
+
+        /// <summary>Add a single byte to the associated data check.</summary>
+		/// <remarks>If the implementation supports it, this will be an online operation and will not retain the associated data.</remarks>
+        /// <param name="input">The byte to be processed.</param>
+        void ProcessAadByte(byte input);
+
+        /// <summary>Add a sequence of bytes to the associated data check.</summary>
+		/// <remarks>If the implementation supports it, this will be an online operation and will not retain the associated data.</remarks>
+        /// <param name="inBytes">The input byte array.</param>
+        /// <param name="inOff">The offset into the input array where the data to be processed starts.</param>
+        /// <param name="len">The number of bytes to be processed.</param>
+        void ProcessAadBytes(byte[] inBytes, int inOff, int len);
+
+        /**
+		* Encrypt/decrypt a single byte.
+		*
+		* @param input the byte to be processed.
+		* @param outBytes the output buffer the processed byte goes into.
+		* @param outOff the offset into the output byte array the processed data starts at.
+		* @return the number of bytes written to out.
+		* @exception DataLengthException if the output buffer is too small.
+		*/
+		int ProcessByte(byte input, byte[] outBytes, int outOff);
+
+		/**
+		* Process a block of bytes from in putting the result into out.
+		*
+		* @param inBytes the input byte array.
+		* @param inOff the offset into the in array where the data to be processed starts.
+		* @param len the number of bytes to be processed.
+		* @param outBytes the output buffer the processed bytes go into.
+		* @param outOff the offset into the output byte array the processed data starts at.
+		* @return the number of bytes written to out.
+		* @exception DataLengthException if the output buffer is too small.
+		*/
+		int ProcessBytes(byte[] inBytes, int inOff, int len, byte[] outBytes, int outOff);
+
+		/**
+		* Finish the operation either appending or verifying the MAC at the end of the data.
+		*
+		* @param outBytes space for any resulting output data.
+		* @param outOff offset into out to start copying the data at.
+		* @return number of bytes written into out.
+		* @throws InvalidOperationException if the cipher is in an inappropriate state.
+		* @throws InvalidCipherTextException if the MAC fails to match.
+		*/
+		int DoFinal(byte[] outBytes, int outOff);
+
+		/**
+		* Return the value of the MAC associated with the last stream processed.
+		*
+		* @return MAC for plaintext data.
+		*/
+		byte[] GetMac();
+
+		/**
+		* Return the size of the output buffer required for a ProcessBytes
+		* an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to ProcessBytes
+		* with len bytes of input.
+		*/
+		int GetUpdateOutputSize(int len);
+
+		/**
+		* Return the size of the output buffer required for a ProcessBytes plus a
+		* DoFinal with an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to ProcessBytes and DoFinal
+		* with len bytes of input.
+		*/
+		int GetOutputSize(int len);
+
+		/// <summary>
+		/// Reset the cipher to the same state as it was after the last init (if there was one).
+		/// </summary>
+		void Reset();
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/KCcmBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/KCcmBlockCipher.cs
new file mode 100644
index 0000000..4f78214
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/KCcmBlockCipher.cs
@@ -0,0 +1,490 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    public class KCcmBlockCipher: IAeadBlockCipher
+    {
+        private static readonly int BYTES_IN_INT = 4;
+        private static readonly int BITS_IN_BYTE = 8;
+
+        private static readonly int MAX_MAC_BIT_LENGTH = 512;
+        private static readonly int MIN_MAC_BIT_LENGTH = 64;
+
+        private IBlockCipher engine;
+
+        private int macSize;
+        private bool forEncryption;
+
+        private byte[] initialAssociatedText;
+        private byte[] mac;
+        private byte[] macBlock;
+
+        private byte[] nonce;
+
+        private byte[] G1;
+        private byte[] buffer;
+
+        private byte[] s;
+        private byte[] counter;
+
+        private readonly MemoryStream associatedText = new MemoryStream();
+        private readonly MemoryStream data = new MemoryStream();
+
+        /*
+        *  
+        *
+        */
+        private int Nb_ = 4;
+
+        private void setNb(int Nb)
+        {
+            if (Nb == 4 || Nb == 6 || Nb == 8)
+            {
+                Nb_ = Nb;
+            }
+            else
+            {
+                throw new ArgumentException("Nb = 4 is recommended by DSTU7624 but can be changed to only 6 or 8 in this implementation");
+            }
+        }
+
+        /// <summary>
+        /// Base constructor. Nb value is set to 4.
+        /// </summary>
+        /// <param name="engine">base cipher to use under CCM.</param>
+        public KCcmBlockCipher(IBlockCipher engine): this(engine, 4)
+        {
+        }
+
+        /// <summary>
+        /// Constructor allowing Nb configuration.
+        /// 
+        /// Nb is a parameter specified in CCM mode of DSTU7624 standard.
+        /// This parameter specifies maximum possible length of input.It should
+        /// be calculated as follows: Nb = 1 / 8 * (-3 + log[2]Nmax) + 1,
+        /// where Nmax - length of input message in bits.For practical reasons
+        /// Nmax usually less than 4Gb, e.g. for Nmax = 2^32 - 1, Nb = 4.
+        /// </summary>
+        /// <param name="engine">base cipher to use under CCM.</param>
+        /// <param name="Nb">Nb value to use.</param>
+        public KCcmBlockCipher(IBlockCipher engine, int Nb)
+        {
+            this.engine = engine;
+            this.macSize = engine.GetBlockSize();
+            this.nonce = new byte[engine.GetBlockSize()];
+            this.initialAssociatedText = new byte[engine.GetBlockSize()];
+            this.mac = new byte[engine.GetBlockSize()];
+            this.macBlock = new byte[engine.GetBlockSize()];
+            this.G1 = new byte[engine.GetBlockSize()];
+            this.buffer = new byte[engine.GetBlockSize()];
+            this.s = new byte[engine.GetBlockSize()];
+            this.counter = new byte[engine.GetBlockSize()];
+            setNb(Nb);
+        }
+
+        public virtual void Init(bool forEncryption, ICipherParameters parameters)
+        {
+
+                ICipherParameters cipherParameters;
+            if (parameters is AeadParameters)
+            {
+
+                    AeadParameters param = (AeadParameters)parameters;
+
+                    if (param.MacSize > MAX_MAC_BIT_LENGTH || param.MacSize < MIN_MAC_BIT_LENGTH || param.MacSize % 8 != 0)
+                    {
+                        throw new ArgumentException("Invalid mac size specified");
+                    }
+
+                    nonce = param.GetNonce();
+                    macSize = param.MacSize / BITS_IN_BYTE;
+                    initialAssociatedText = param.GetAssociatedText();
+                    cipherParameters = param.Key;
+            }
+            else if (parameters is ParametersWithIV)
+            {
+                    nonce = ((ParametersWithIV)parameters).GetIV();
+                    macSize = engine.GetBlockSize(); // use default blockSize for MAC if it is not specified
+                    initialAssociatedText = null;
+                    cipherParameters = ((ParametersWithIV)parameters).Parameters;
+            }
+            else
+            {
+                    throw new ArgumentException("Invalid parameters specified");
+            }
+
+            this.mac = new byte[macSize];
+            this.forEncryption = forEncryption;
+            engine.Init(true, cipherParameters);
+
+            counter[0] = 0x01; // defined in standard
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+
+        public virtual String AlgorithmName
+        {
+            get
+            {
+                return engine.AlgorithmName + "/KCCM";
+            }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return engine.GetBlockSize();
+        }
+
+        public virtual IBlockCipher GetUnderlyingCipher()
+        {
+            return engine;
+        }
+
+        public virtual void ProcessAadByte(byte input)
+        {
+            associatedText.WriteByte(input);
+        }
+
+        public virtual void ProcessAadBytes(byte[] input, int inOff, int len)
+        {
+            associatedText.Write(input, inOff, len);
+        }
+
+        private void ProcessAAD(byte[] assocText, int assocOff, int assocLen, int dataLen)
+        {
+            if (assocLen - assocOff < engine.GetBlockSize())
+            {
+                throw new ArgumentException("authText buffer too short");
+            }
+            if (assocLen % engine.GetBlockSize() != 0)
+            {
+                throw new ArgumentException("padding not supported");
+            }
+
+            Array.Copy(nonce, 0, G1, 0, nonce.Length - Nb_ - 1);
+
+            intToBytes(dataLen, buffer, 0); // for G1
+
+            Array.Copy(buffer, 0, G1, nonce.Length - Nb_ - 1, BYTES_IN_INT);
+
+            G1[G1.Length - 1] = getFlag(true, macSize);
+
+            engine.ProcessBlock(G1, 0, macBlock, 0);
+
+            intToBytes(assocLen, buffer, 0); // for G2
+
+            if (assocLen <= engine.GetBlockSize() - Nb_)
+            {
+                for (int byteIndex = 0; byteIndex < assocLen; byteIndex++)
+                {
+                    buffer[byteIndex + Nb_] ^= assocText[assocOff + byteIndex];
+                }
+
+                for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++)
+                {
+                    macBlock[byteIndex] ^= buffer[byteIndex];
+                }
+
+                engine.ProcessBlock(macBlock, 0, macBlock, 0);
+
+                return;
+            }
+
+            for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++)
+            {
+                macBlock[byteIndex] ^= buffer[byteIndex];
+            }
+
+            engine.ProcessBlock(macBlock, 0, macBlock, 0);
+
+            int authLen = assocLen;
+            while (authLen != 0)
+            {
+                for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++)
+                {
+                    macBlock[byteIndex] ^= assocText[byteIndex + assocOff];
+                }
+
+                engine.ProcessBlock(macBlock, 0, macBlock, 0);
+
+                assocOff += engine.GetBlockSize();
+                authLen -= engine.GetBlockSize();
+            }
+        }
+
+        public virtual int ProcessByte(byte input, byte[] output, int outOff)
+        {
+            data.WriteByte(input);
+
+            return 0;
+        }
+
+        public virtual int ProcessBytes(byte[] input, int inOff, int inLen, byte[] output, int outOff)
+        {
+            Check.DataLength(input, inOff, inLen, "input buffer too short");
+
+            data.Write(input, inOff, inLen);
+
+            return 0;
+        }
+
+        public int ProcessPacket(byte[] input, int inOff, int len, byte[] output, int outOff)
+        {
+            Check.DataLength(input, inOff, len, "input buffer too short");
+            Check.OutputLength(output, outOff, len, "output buffer too short");
+
+            if (associatedText.Length > 0)
+            {
+#if PORTABLE
+                byte[] aad = associatedText.ToArray();
+                int aadLen = aad.Length;
+#else
+                byte[] aad = associatedText.GetBuffer();
+                int aadLen = (int)associatedText.Length;
+#endif
+
+                int dataLen = forEncryption ? (int)data.Length : ((int)data.Length - macSize);
+
+                ProcessAAD(aad, 0, aadLen, dataLen);
+            }
+
+            if (forEncryption)
+            {
+                Check.DataLength(len % engine.GetBlockSize() != 0, "partial blocks not supported");
+
+                CalculateMac(input, inOff, len);
+                engine.ProcessBlock(nonce, 0, s, 0);
+
+                int totalLength = len;
+                while (totalLength > 0)
+                {
+                    ProcessBlock(input, inOff, len, output, outOff);
+                    totalLength -= engine.GetBlockSize();
+                    inOff += engine.GetBlockSize();
+                    outOff += engine.GetBlockSize();
+                }
+
+                for (int byteIndex = 0; byteIndex<counter.Length; byteIndex++)
+                {
+                    s[byteIndex] += counter[byteIndex];
+                }
+
+                engine.ProcessBlock(s, 0, buffer, 0);
+
+                for (int byteIndex = 0; byteIndex<macSize; byteIndex++)
+                {
+                    output[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ macBlock[byteIndex]);
+                }
+
+                Array.Copy(macBlock, 0, mac, 0, macSize);
+
+                Reset();
+
+                return len + macSize;
+            }
+            else
+            {
+                Check.DataLength((len - macSize) % engine.GetBlockSize() != 0, "partial blocks not supported");
+
+                engine.ProcessBlock(nonce, 0, s, 0);
+
+                int blocks = len / engine.GetBlockSize();
+
+                for (int blockNum = 0; blockNum<blocks; blockNum++)
+                {
+                    ProcessBlock(input, inOff, len, output, outOff);
+
+                    inOff += engine.GetBlockSize();
+                    outOff += engine.GetBlockSize();
+                }
+
+                if (len > inOff)
+                {
+                    for (int byteIndex = 0; byteIndex<counter.Length; byteIndex++)
+                    {
+                        s[byteIndex] += counter[byteIndex];
+                    }
+
+                    engine.ProcessBlock(s, 0, buffer, 0);
+
+                    for (int byteIndex = 0; byteIndex<macSize; byteIndex++)
+                    {
+                        output[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ input[inOff + byteIndex]);
+                    }
+                    outOff += macSize;
+                }
+
+                for (int byteIndex = 0; byteIndex<counter.Length; byteIndex++)
+                {
+                    s[byteIndex] += counter[byteIndex];
+                }
+
+                engine.ProcessBlock(s, 0, buffer, 0);
+
+                Array.Copy(output, outOff - macSize, buffer, 0, macSize);
+
+                CalculateMac(output, 0, outOff - macSize);
+
+                Array.Copy(macBlock, 0, mac, 0, macSize);
+
+                byte[] calculatedMac = new byte[macSize];
+
+                Array.Copy(buffer, 0, calculatedMac, 0, macSize);
+
+                if (!Arrays.ConstantTimeAreEqual(mac, calculatedMac))
+                {
+                    throw new InvalidCipherTextException("mac check failed");
+                }
+
+                Reset();
+
+                return len - macSize;
+            }
+        }
+
+        private void ProcessBlock(byte[] input, int inOff, int len, byte[] output, int outOff)
+        {
+
+            for (int byteIndex = 0; byteIndex < counter.Length; byteIndex++)
+            {
+                s[byteIndex] += counter[byteIndex];
+            }
+
+            engine.ProcessBlock(s, 0, buffer, 0);
+
+            for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++)
+            {
+                output[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ input[inOff + byteIndex]);
+            }
+        }
+
+        private void CalculateMac(byte[] authText, int authOff, int len)
+        {
+            int totalLen = len;
+            while (totalLen > 0)
+            {
+                for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++)
+                {
+                    macBlock[byteIndex] ^= authText[authOff + byteIndex];
+                }
+
+                engine.ProcessBlock(macBlock, 0, macBlock, 0);
+
+                totalLen -= engine.GetBlockSize();
+                authOff += engine.GetBlockSize();
+            }
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+#if PORTABLE
+            byte[] buf = data.ToArray();
+            int bufLen = buf.Length;
+#else
+            byte[] buf = data.GetBuffer();
+            int bufLen = (int)data.Length;
+#endif
+
+            int len = ProcessPacket(buf, 0, bufLen, output, outOff);
+
+            Reset();
+
+            return len;
+        }
+
+        public virtual byte[] GetMac()
+        {
+            return Arrays.Clone(mac);
+        }
+
+        public virtual int GetUpdateOutputSize(int len)
+        {
+            return len;
+        }
+
+        public virtual int GetOutputSize(int len)
+        {
+            return len + macSize;
+        }
+
+        public virtual void Reset()
+        {
+            Arrays.Fill(G1, (byte)0);
+            Arrays.Fill(buffer, (byte)0);
+            Arrays.Fill(counter, (byte)0);
+            Arrays.Fill(macBlock, (byte)0);
+
+            counter[0] = 0x01;
+            data.SetLength(0);
+            associatedText.SetLength(0);
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+
+        private void intToBytes(
+            int num,
+            byte[] outBytes,
+            int outOff)
+        {
+            outBytes[outOff + 3] = (byte)(num >> 24);
+            outBytes[outOff + 2] = (byte)(num >> 16);
+            outBytes[outOff + 1] = (byte)(num >> 8);
+            outBytes[outOff] = (byte)num;
+        }
+
+        private byte getFlag(bool authTextPresents, int macSize)
+        {
+            StringBuilder flagByte = new StringBuilder();
+
+            if (authTextPresents)
+            {
+                flagByte.Append("1");
+            }
+            else
+            {
+                flagByte.Append("0");
+            }
+
+
+            switch (macSize)
+            {
+                case 8:
+                    flagByte.Append("010"); // binary 2
+                    break;
+                case 16:
+                    flagByte.Append("011"); // binary 3
+                    break;
+                case 32:
+                    flagByte.Append("100"); // binary 4
+                    break;
+                case 48:
+                    flagByte.Append("101"); // binary 5
+                    break;
+                case 64:
+                    flagByte.Append("110"); // binary 6
+                    break;
+            }
+
+            String binaryNb = Convert.ToString(Nb_ - 1, 2);
+            while (binaryNb.Length < 4)
+            {
+                binaryNb = new StringBuilder(binaryNb).Insert(0, "0").ToString();
+            }
+
+            flagByte.Append(binaryNb);
+
+            return (byte)Convert.ToInt32(flagByte.ToString(), 2);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/KCtrBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/KCtrBlockCipher.cs
new file mode 100644
index 0000000..ff0249a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/KCtrBlockCipher.cs
@@ -0,0 +1,235 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * Implements a Gamming or Counter (CTR) mode on top of a DSTU 7624 block cipher.
+    */
+    public class KCtrBlockCipher : IStreamCipher, IBlockCipher
+    {
+        private byte[] IV;
+        private byte[] ofbV;
+        private byte[] ofbOutV;
+        private bool initialised;
+
+        private int byteCount;
+
+        private readonly int blockSize;
+        private readonly IBlockCipher cipher;
+
+        /**
+      * Basic constructor.
+      *
+      * @param cipher the block cipher to be used as the basis of the
+      * feedback mode.
+      */
+        public KCtrBlockCipher(IBlockCipher cipher)
+        {
+            this.cipher = cipher;
+            this.IV = new byte[cipher.GetBlockSize()];
+            this.blockSize = cipher.GetBlockSize();
+
+            this.ofbV = new byte[cipher.GetBlockSize()];
+            this.ofbOutV = new byte[cipher.GetBlockSize()];
+        }
+
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+        /**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        * An IV which is too short is handled in FIPS compliant fashion.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param param the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool forEncryption,
+            ICipherParameters parameters)
+        {
+            this.initialised = true;
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV)parameters;
+                byte[] iv = ivParam.GetIV();
+                int diff = IV.Length - iv.Length;
+
+                Array.Clear(IV, 0, IV.Length);
+                Array.Copy(iv, 0, IV, diff, iv.Length);
+         
+                parameters = ivParam.Parameters;
+            }
+            else
+            {
+                throw new ArgumentException("Invalid parameter passed");
+            }
+
+            // if it's null, key is to be reused.
+            if (parameters != null)
+            {
+                cipher.Init(true, parameters);
+            }
+
+            Reset();
+        }
+
+        /**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/KCTR"
+        * and the block size in bits.
+        */
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/KCTR"; }
+        }
+
+        public bool IsPartialBlockOkay
+        {
+            get { return true; }
+        }
+
+        /**
+      * return the block size we are operating at.
+      *
+      * @return the block size we are operating at (in bytes).
+      */
+        public int GetBlockSize()
+        {
+            return cipher.GetBlockSize();
+        }
+
+        public byte ReturnByte(byte input)
+        {
+            return CalculateByte(input);
+        }
+
+        public void ProcessBytes(byte[] input, int inOff, int len, byte[] output, int outOff)
+        {
+            if (outOff + len > output.Length)
+            {
+               throw new DataLengthException("Output buffer too short");
+            }
+
+            if (inOff + len > input.Length)
+            {
+                    throw new DataLengthException("Input buffer too small");
+            }
+
+            int inStart = inOff;
+            int inEnd = inOff + len;
+            int outStart = outOff;
+
+            while (inStart<inEnd)
+            {
+                 output[outStart++] = CalculateByte(input[inStart++]);
+            }
+        }
+
+        protected byte CalculateByte(byte b)
+        {
+            if (byteCount == 0)
+            {
+                incrementCounterAt(0);
+
+                checkCounter();
+
+                cipher.ProcessBlock(ofbV, 0, ofbOutV, 0);
+
+                return (byte)(ofbOutV[byteCount++] ^ b);
+            }
+
+            byte rv = (byte)(ofbOutV[byteCount++] ^ b);
+
+            if (byteCount == ofbV.Length)
+            {
+                byteCount = 0;
+            }
+
+            return rv;
+        }
+
+        /**
+         * Process one block of input from the array in and write it to
+         * the out array.
+         *
+         * @param input the array containing the input data.
+         * @param inOff offset into the in array the data starts at.
+         * @param output the array the output data will be copied into.
+         * @param outOff the offset into the out array the output will start at.
+         * @exception DataLengthException if there isn't enough data in in, or
+         * space in out.
+         * @exception InvalidOperationException if the cipher isn't initialised.
+         * @return the number of bytes processed and produced.
+         */
+        public int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff)
+        {
+            if (input.Length - inOff< GetBlockSize())
+            {
+                throw new DataLengthException("Input buffer too short");
+            }
+            if (output.Length - outOff< GetBlockSize())
+            {
+                throw new DataLengthException("Output buffer too short");
+            }
+
+            ProcessBytes(input, inOff, GetBlockSize(), output, outOff);
+
+            return GetBlockSize();
+        }
+
+        /**
+        * reset the chaining vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+            if (initialised)
+            {
+                cipher.ProcessBlock(IV, 0, ofbV, 0);
+            }
+            cipher.Reset();
+            byteCount = 0;
+        }
+
+        private void incrementCounterAt(int pos)
+        {
+            int i = pos;
+            while (i < ofbV.Length)
+            {
+                if (++ofbV[i++] != 0)
+                {
+                    break;
+                }
+            }
+        }
+
+        private void checkCounter()
+        {
+            // TODO:
+            // if the IV is the same as the blocksize we assume the user knows what they are doing
+            //        if (IV.length < ofbV.length)
+            //        {
+            //            for (int i = 0; i != IV.length; i++)
+            //            {
+            //                if (ofbV[i] != IV[i])
+            //                {
+            //                    throw new IllegalStateException("Counter in KCTR mode out of range.");
+            //                }
+            //            }
+            //        }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/OCBBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/OCBBlockCipher.cs
new file mode 100644
index 0000000..91fdfff
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/OCBBlockCipher.cs
@@ -0,0 +1,565 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+     * An implementation of <a href="http://tools.ietf.org/html/rfc7253">RFC 7253 on The OCB
+     * Authenticated-Encryption Algorithm</a>, licensed per:
+     * 
+     * <blockquote><p><a href="http://www.cs.ucdavis.edu/~rogaway/ocb/license1.pdf">License for
+     * Open-Source Software Implementations of OCB</a> (Jan 9, 2013) - 'License 1'<br/>
+     * Under this license, you are authorized to make, use, and distribute open-source software
+     * implementations of OCB. This license terminates for you if you sue someone over their open-source
+     * software implementation of OCB claiming that you have a patent covering their implementation.
+     * </p><p>
+     * This is a non-binding summary of a legal document (the link above). The parameters of the license
+     * are specified in the license document and that document is controlling.</p></blockquote>
+     */
+    public class OcbBlockCipher
+        : IAeadBlockCipher
+    {
+        private const int BLOCK_SIZE = 16;
+
+        private readonly IBlockCipher hashCipher;
+        private readonly IBlockCipher mainCipher;
+
+        /*
+         * CONFIGURATION
+         */
+        private bool forEncryption;
+        private int macSize;
+        private byte[] initialAssociatedText;
+
+        /*
+         * KEY-DEPENDENT
+         */
+        // NOTE: elements are lazily calculated
+        private IList L;
+        private byte[] L_Asterisk, L_Dollar;
+
+        /*
+         * NONCE-DEPENDENT
+         */
+        private byte[] KtopInput = null;
+        private byte[] Stretch = new byte[24];
+        private byte[] OffsetMAIN_0 = new byte[16];
+
+        /*
+         * PER-ENCRYPTION/DECRYPTION
+         */
+        private byte[] hashBlock, mainBlock;
+        private int hashBlockPos, mainBlockPos;
+        private long hashBlockCount, mainBlockCount;
+        private byte[] OffsetHASH;
+        private byte[] Sum;
+        private byte[] OffsetMAIN = new byte[16];
+        private byte[] Checksum;
+
+        // NOTE: The MAC value is preserved after doFinal
+        private byte[] macBlock;
+
+        public OcbBlockCipher(IBlockCipher hashCipher, IBlockCipher mainCipher)
+        {
+            if (hashCipher == null)
+                throw new ArgumentNullException("hashCipher");
+            if (hashCipher.GetBlockSize() != BLOCK_SIZE)
+                throw new ArgumentException("must have a block size of " + BLOCK_SIZE, "hashCipher");
+            if (mainCipher == null)
+                throw new ArgumentNullException("mainCipher");
+            if (mainCipher.GetBlockSize() != BLOCK_SIZE)
+                throw new ArgumentException("must have a block size of " + BLOCK_SIZE, "mainCipher");
+
+            if (!hashCipher.AlgorithmName.Equals(mainCipher.AlgorithmName))
+                throw new ArgumentException("'hashCipher' and 'mainCipher' must be the same algorithm");
+
+            this.hashCipher = hashCipher;
+            this.mainCipher = mainCipher;
+        }
+
+        public virtual IBlockCipher GetUnderlyingCipher()
+        {
+            return mainCipher;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return mainCipher.AlgorithmName + "/OCB"; }
+        }
+
+        public virtual void Init(bool forEncryption, ICipherParameters parameters)
+        {
+            bool oldForEncryption = this.forEncryption;
+            this.forEncryption = forEncryption;
+            this.macBlock = null;
+
+            KeyParameter keyParameter;
+
+            byte[] N;
+            if (parameters is AeadParameters)
+            {
+                AeadParameters aeadParameters = (AeadParameters) parameters;
+
+                N = aeadParameters.GetNonce();
+                initialAssociatedText = aeadParameters.GetAssociatedText();
+
+                int macSizeBits = aeadParameters.MacSize;
+                if (macSizeBits < 64 || macSizeBits > 128 || macSizeBits % 8 != 0)
+                    throw new ArgumentException("Invalid value for MAC size: " + macSizeBits);
+
+                macSize = macSizeBits / 8;
+                keyParameter = aeadParameters.Key;
+            }
+            else if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV parametersWithIV = (ParametersWithIV) parameters;
+
+                N = parametersWithIV.GetIV();
+                initialAssociatedText = null;
+                macSize = 16;
+                keyParameter = (KeyParameter) parametersWithIV.Parameters;
+            }
+            else
+            {
+                throw new ArgumentException("invalid parameters passed to OCB");
+            }
+
+            this.hashBlock = new byte[16];
+            this.mainBlock = new byte[forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize)];
+
+            if (N == null)
+            {
+                N = new byte[0];
+            }
+
+            if (N.Length > 15)
+            {
+                throw new ArgumentException("IV must be no more than 15 bytes");
+            }
+
+            /*
+             * KEY-DEPENDENT INITIALISATION
+             */
+
+            if (keyParameter != null)
+            {
+                // hashCipher always used in forward mode
+                hashCipher.Init(true, keyParameter);
+                mainCipher.Init(forEncryption, keyParameter);
+                KtopInput = null;
+            }
+            else if (oldForEncryption != forEncryption)
+            {
+                throw new ArgumentException("cannot change encrypting state without providing key.");
+            }
+
+            this.L_Asterisk = new byte[16];
+            hashCipher.ProcessBlock(L_Asterisk, 0, L_Asterisk, 0);
+
+            this.L_Dollar = OCB_double(L_Asterisk);
+
+            this.L = Platform.CreateArrayList();
+            this.L.Add(OCB_double(L_Dollar));
+
+            /*
+             * NONCE-DEPENDENT AND PER-ENCRYPTION/DECRYPTION INITIALISATION
+             */
+
+            int bottom = ProcessNonce(N);
+
+            int bits = bottom % 8, bytes = bottom / 8;
+            if (bits == 0)
+            {
+                Array.Copy(Stretch, bytes, OffsetMAIN_0, 0, 16);
+            }
+            else
+            {
+                for (int i = 0; i < 16; ++i)
+                {
+                    uint b1 = Stretch[bytes];
+                    uint b2 = Stretch[++bytes];
+                    this.OffsetMAIN_0[i] = (byte) ((b1 << bits) | (b2 >> (8 - bits)));
+                }
+            }
+
+            this.hashBlockPos = 0;
+            this.mainBlockPos = 0;
+
+            this.hashBlockCount = 0;
+            this.mainBlockCount = 0;
+
+            this.OffsetHASH = new byte[16];
+            this.Sum = new byte[16];
+            Array.Copy(OffsetMAIN_0, 0, OffsetMAIN, 0, 16);
+            this.Checksum = new byte[16];
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+
+        protected virtual int ProcessNonce(byte[] N)
+        {
+            byte[] nonce = new byte[16];
+            Array.Copy(N, 0, nonce, nonce.Length - N.Length, N.Length);
+            nonce[0] = (byte)(macSize << 4);
+            nonce[15 - N.Length] |= 1;
+
+            int bottom = nonce[15] & 0x3F;
+            nonce[15] &= 0xC0;
+
+            /*
+             * When used with incrementing nonces, the cipher is only applied once every 64 inits.
+             */
+            if (KtopInput == null || !Arrays.AreEqual(nonce, KtopInput))
+            {
+                byte[] Ktop = new byte[16];
+                KtopInput = nonce;
+                hashCipher.ProcessBlock(KtopInput, 0, Ktop, 0);
+                Array.Copy(Ktop, 0, Stretch, 0, 16);
+                for (int i = 0; i < 8; ++i)
+                {
+                    Stretch[16 + i] = (byte)(Ktop[i] ^ Ktop[i + 1]);
+                }
+            }
+
+            return bottom;
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return BLOCK_SIZE;
+        }
+
+        public virtual byte[] GetMac()
+        {
+            return macBlock == null
+                ? new byte[macSize]
+                : Arrays.Clone(macBlock);
+        }
+
+        public virtual int GetOutputSize(int len)
+        {
+            int totalData = len + mainBlockPos;
+            if (forEncryption)
+            {
+                return totalData + macSize;
+            }
+            return totalData < macSize ? 0 : totalData - macSize;
+        }
+
+        public virtual int GetUpdateOutputSize(int len)
+        {
+            int totalData = len + mainBlockPos;
+            if (!forEncryption)
+            {
+                if (totalData < macSize)
+                {
+                    return 0;
+                }
+                totalData -= macSize;
+            }
+            return totalData - totalData % BLOCK_SIZE;
+        }
+
+        public virtual void ProcessAadByte(byte input)
+        {
+            hashBlock[hashBlockPos] = input;
+            if (++hashBlockPos == hashBlock.Length)
+            {
+                ProcessHashBlock();
+            }
+        }
+
+        public virtual void ProcessAadBytes(byte[] input, int off, int len)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                hashBlock[hashBlockPos] = input[off + i];
+                if (++hashBlockPos == hashBlock.Length)
+                {
+                    ProcessHashBlock();
+                }
+            }
+        }
+
+        public virtual int ProcessByte(byte input, byte[] output, int outOff)
+        {
+            mainBlock[mainBlockPos] = input;
+            if (++mainBlockPos == mainBlock.Length)
+            {
+                ProcessMainBlock(output, outOff);
+                return BLOCK_SIZE;
+            }
+            return 0;
+        }
+
+        public virtual int ProcessBytes(byte[] input, int inOff, int len, byte[] output, int outOff)
+        {
+            int resultLen = 0;
+
+            for (int i = 0; i < len; ++i)
+            {
+                mainBlock[mainBlockPos] = input[inOff + i];
+                if (++mainBlockPos == mainBlock.Length)
+                {
+                    ProcessMainBlock(output, outOff + resultLen);
+                    resultLen += BLOCK_SIZE;
+                }
+            }
+
+            return resultLen;
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            /*
+             * For decryption, get the tag from the end of the message
+             */
+            byte[] tag = null;
+            if (!forEncryption) {
+                if (mainBlockPos < macSize)
+                    throw new InvalidCipherTextException("data too short");
+
+                mainBlockPos -= macSize;
+                tag = new byte[macSize];
+                Array.Copy(mainBlock, mainBlockPos, tag, 0, macSize);
+            }
+
+            /*
+             * HASH: Process any final partial block; compute final hash value
+             */
+            if (hashBlockPos > 0)
+            {
+                OCB_extend(hashBlock, hashBlockPos);
+                UpdateHASH(L_Asterisk);
+            }
+
+            /*
+             * OCB-ENCRYPT/OCB-DECRYPT: Process any final partial block
+             */
+            if (mainBlockPos > 0)
+            {
+                if (forEncryption)
+                {
+                    OCB_extend(mainBlock, mainBlockPos);
+                    Xor(Checksum, mainBlock);
+                }
+
+                Xor(OffsetMAIN, L_Asterisk);
+
+                byte[] Pad = new byte[16];
+                hashCipher.ProcessBlock(OffsetMAIN, 0, Pad, 0);
+
+                Xor(mainBlock, Pad);
+
+                Check.OutputLength(output, outOff, mainBlockPos, "Output buffer too short");
+                Array.Copy(mainBlock, 0, output, outOff, mainBlockPos);
+
+                if (!forEncryption)
+                {
+                    OCB_extend(mainBlock, mainBlockPos);
+                    Xor(Checksum, mainBlock);
+                }
+            }
+
+            /*
+             * OCB-ENCRYPT/OCB-DECRYPT: Compute raw tag
+             */
+            Xor(Checksum, OffsetMAIN);
+            Xor(Checksum, L_Dollar);
+            hashCipher.ProcessBlock(Checksum, 0, Checksum, 0);
+            Xor(Checksum, Sum);
+
+            this.macBlock = new byte[macSize];
+            Array.Copy(Checksum, 0, macBlock, 0, macSize);
+
+            /*
+             * Validate or append tag and reset this cipher for the next run
+             */
+            int resultLen = mainBlockPos;
+
+            if (forEncryption)
+            {
+                Check.OutputLength(output, outOff, resultLen + macSize, "Output buffer too short");
+
+                // Append tag to the message
+                Array.Copy(macBlock, 0, output, outOff + resultLen, macSize);
+                resultLen += macSize;
+            }
+            else
+            {
+                // Compare the tag from the message with the calculated one
+                if (!Arrays.ConstantTimeAreEqual(macBlock, tag))
+                    throw new InvalidCipherTextException("mac check in OCB failed");
+            }
+
+            Reset(false);
+
+            return resultLen;
+        }
+
+        public virtual void Reset()
+        {
+            Reset(true);
+        }
+
+        protected virtual void Clear(byte[] bs)
+        {
+            if (bs != null)
+            {
+                Array.Clear(bs, 0, bs.Length);
+            }
+        }
+
+        protected virtual byte[] GetLSub(int n)
+        {
+            while (n >= L.Count)
+            {
+                L.Add(OCB_double((byte[]) L[L.Count - 1]));
+            }
+            return (byte[])L[n];
+        }
+
+        protected virtual void ProcessHashBlock()
+        {
+            /*
+             * HASH: Process any whole blocks
+             */
+            UpdateHASH(GetLSub(OCB_ntz(++hashBlockCount)));
+            hashBlockPos = 0;
+        }
+
+        protected virtual void ProcessMainBlock(byte[] output, int outOff)
+        {
+            Check.DataLength(output, outOff, BLOCK_SIZE, "Output buffer too short");
+
+            /*
+             * OCB-ENCRYPT/OCB-DECRYPT: Process any whole blocks
+             */
+
+            if (forEncryption)
+            {
+                Xor(Checksum, mainBlock);
+                mainBlockPos = 0;
+            }
+
+            Xor(OffsetMAIN, GetLSub(OCB_ntz(++mainBlockCount)));
+
+            Xor(mainBlock, OffsetMAIN);
+            mainCipher.ProcessBlock(mainBlock, 0, mainBlock, 0);
+            Xor(mainBlock, OffsetMAIN);
+
+            Array.Copy(mainBlock, 0, output, outOff, 16);
+
+            if (!forEncryption)
+            {
+                Xor(Checksum, mainBlock);
+                Array.Copy(mainBlock, BLOCK_SIZE, mainBlock, 0, macSize);
+                mainBlockPos = macSize;
+            }
+        }
+
+        protected virtual void Reset(bool clearMac)
+        {
+            hashCipher.Reset();
+            mainCipher.Reset();
+
+            Clear(hashBlock);
+            Clear(mainBlock);
+
+            hashBlockPos = 0;
+            mainBlockPos = 0;
+
+            hashBlockCount = 0;
+            mainBlockCount = 0;
+
+            Clear(OffsetHASH);
+            Clear(Sum);
+            Array.Copy(OffsetMAIN_0, 0, OffsetMAIN, 0, 16);
+            Clear(Checksum);
+
+            if (clearMac)
+            {
+                macBlock = null;
+            }
+
+            if (initialAssociatedText != null)
+            {
+                ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length);
+            }
+        }
+
+        protected virtual void UpdateHASH(byte[] LSub)
+        {
+            Xor(OffsetHASH, LSub);
+            Xor(hashBlock, OffsetHASH);
+            hashCipher.ProcessBlock(hashBlock, 0, hashBlock, 0);
+            Xor(Sum, hashBlock);
+        }
+
+        protected static byte[] OCB_double(byte[] block)
+        {
+            byte[] result = new byte[16];
+            int carry = ShiftLeft(block, result);
+
+            /*
+             * NOTE: This construction is an attempt at a constant-time implementation.
+             */
+            result[15] ^= (byte)(0x87 >> ((1 - carry) << 3));
+
+            return result;
+        }
+
+        protected static void OCB_extend(byte[] block, int pos)
+        {
+            block[pos] = (byte) 0x80;
+            while (++pos < 16)
+            {
+                block[pos] = 0;
+            }
+        }
+
+        protected static int OCB_ntz(long x)
+        {
+            if (x == 0)
+            {
+                return 64;
+            }
+
+            int n = 0;
+            ulong ux = (ulong)x;
+            while ((ux & 1UL) == 0UL)
+            {
+                ++n;
+                ux >>= 1;
+            }
+            return n;
+        }
+
+        protected static int ShiftLeft(byte[] block, byte[] output)
+        {
+            int i = 16;
+            uint bit = 0;
+            while (--i >= 0)
+            {
+                uint b = block[i];
+                output[i] = (byte) ((b << 1) | bit);
+                bit = (b >> 7) & 1;
+            }
+            return (int)bit;
+        }
+
+        protected static void Xor(byte[] block, byte[] val)
+        {
+            for (int i = 15; i >= 0; --i)
+            {
+                block[i] ^= val[i];
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/OfbBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/OfbBlockCipher.cs
new file mode 100644
index 0000000..a99f8c5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/OfbBlockCipher.cs
@@ -0,0 +1,182 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * implements a Output-FeedBack (OFB) mode on top of a simple cipher.
+    */
+    public class OfbBlockCipher
+		: IBlockCipher
+    {
+        private byte[]	IV;
+        private byte[]	ofbV;
+        private byte[]	ofbOutV;
+
+        private readonly int			blockSize;
+        private readonly IBlockCipher	cipher;
+
+        /**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used as the basis of the
+        * feedback mode.
+        * @param blockSize the block size in bits (note: a multiple of 8)
+        */
+        public OfbBlockCipher(
+            IBlockCipher cipher,
+            int         blockSize)
+        {
+            this.cipher = cipher;
+            this.blockSize = blockSize / 8;
+
+            this.IV = new byte[cipher.GetBlockSize()];
+            this.ofbV = new byte[cipher.GetBlockSize()];
+            this.ofbOutV = new byte[cipher.GetBlockSize()];
+        }
+
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+        /**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        * An IV which is too short is handled in FIPS compliant fashion.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param param the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool				forEncryption, //ignored by this OFB mode
+            ICipherParameters	parameters)
+        {
+			if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV)parameters;
+                byte[] iv = ivParam.GetIV();
+
+                if (iv.Length < IV.Length)
+                {
+                    // prepend the supplied IV with zeros (per FIPS PUB 81)
+                    Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length);
+                    for (int i = 0; i < IV.Length - iv.Length; i++)
+                    {
+                        IV[i] = 0;
+                    }
+                }
+                else
+                {
+                    Array.Copy(iv, 0, IV, 0, IV.Length);
+                }
+
+				parameters = ivParam.Parameters;
+            }
+
+			Reset();
+
+            // if it's null, key is to be reused.
+            if (parameters != null)
+            {
+                cipher.Init(true, parameters);
+            }
+        }
+
+        /**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/OFB"
+        * and the block size in bits
+        */
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/OFB" + (blockSize * 8); }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+		/**
+        * return the block size we are operating at (in bytes).
+        *
+        * @return the block size we are operating at (in bytes).
+        */
+        public int GetBlockSize()
+        {
+            return blockSize;
+        }
+
+        /**
+        * Process one block of input from the array in and write it to
+        * the out array.
+        *
+        * @param in the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+
+            if ((outOff + blockSize) > output.Length)
+            {
+                throw new DataLengthException("output buffer too short");
+            }
+
+            cipher.ProcessBlock(ofbV, 0, ofbOutV, 0);
+
+            //
+            // XOR the ofbV with the plaintext producing the cipher text (and
+            // the next input block).
+            //
+            for (int i = 0; i < blockSize; i++)
+            {
+                output[outOff + i] = (byte)(ofbOutV[i] ^ input[inOff + i]);
+            }
+
+            //
+            // change over the input block.
+            //
+            Array.Copy(ofbV, blockSize, ofbV, 0, ofbV.Length - blockSize);
+            Array.Copy(ofbOutV, 0, ofbV, ofbV.Length - blockSize, blockSize);
+
+            return blockSize;
+        }
+
+        /**
+        * reset the feedback vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+            Array.Copy(IV, 0, ofbV, 0, IV.Length);
+
+            cipher.Reset();
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs
new file mode 100644
index 0000000..038ca78
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs
@@ -0,0 +1,337 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode
+    * on top of a simple cipher. This class assumes the IV has been prepended
+    * to the data stream already, and just accomodates the reset after
+    * (blockSize + 2) bytes have been read.
+    * <p>
+    * For further info see <a href="http://www.ietf.org/rfc/rfc2440.html">RFC 2440</a>.
+	* </p>
+    */
+    public class OpenPgpCfbBlockCipher
+        : IBlockCipher
+    {
+        private byte[] IV;
+        private byte[] FR;
+        private byte[] FRE;
+
+		private readonly IBlockCipher cipher;
+		private readonly int blockSize;
+
+		private int count;
+        private bool forEncryption;
+
+		/**
+        * Basic constructor.
+        *
+        * @param cipher the block cipher to be used as the basis of the
+        * feedback mode.
+        */
+        public OpenPgpCfbBlockCipher(
+            IBlockCipher cipher)
+        {
+            this.cipher = cipher;
+
+            this.blockSize = cipher.GetBlockSize();
+            this.IV = new byte[blockSize];
+            this.FR = new byte[blockSize];
+            this.FRE = new byte[blockSize];
+        }
+
+		/**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+		/**
+        * return the algorithm name and mode.
+        *
+        * @return the name of the underlying algorithm followed by "/PGPCFB"
+        * and the block size in bits.
+        */
+        public string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/OpenPGPCFB"; }
+        }
+
+		public bool IsPartialBlockOkay
+		{
+			get { return true; }
+		}
+
+		/**
+        * return the block size we are operating at.
+        *
+        * @return the block size we are operating at (in bytes).
+        */
+        public int GetBlockSize()
+        {
+            return cipher.GetBlockSize();
+        }
+
+		/**
+        * Process one block of input from the array in and write it to
+        * the out array.
+        *
+        * @param in the array containing the input data.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the output data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        public int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            return (forEncryption) ? EncryptBlock(input, inOff, output, outOff) : DecryptBlock(input, inOff, output, outOff);
+        }
+
+		/**
+        * reset the chaining vector back to the IV and reset the underlying
+        * cipher.
+        */
+        public void Reset()
+        {
+            count = 0;
+
+			Array.Copy(IV, 0, FR, 0, FR.Length);
+
+			cipher.Reset();
+        }
+
+        /**
+        * Initialise the cipher and, possibly, the initialisation vector (IV).
+        * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+        * An IV which is too short is handled in FIPS compliant fashion.
+        *
+        * @param forEncryption if true the cipher is initialised for
+        *  encryption, if false for decryption.
+        * @param parameters the key and other data required by the cipher.
+        * @exception ArgumentException if the parameters argument is
+        * inappropriate.
+        */
+        public void Init(
+            bool forEncryption,
+            ICipherParameters parameters)
+        {
+            this.forEncryption = forEncryption;
+
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParam = (ParametersWithIV)parameters;
+                byte[] iv = ivParam.GetIV();
+
+                if (iv.Length < IV.Length)
+                {
+                    // prepend the supplied IV with zeros (per FIPS PUB 81)
+                    Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length);
+                    for (int i = 0; i < IV.Length - iv.Length; i++)
+                    {
+                        IV[i] = 0;
+                    }
+                }
+                else
+                {
+                    Array.Copy(iv, 0, IV, 0, IV.Length);
+                }
+
+                parameters = ivParam.Parameters;
+            }
+
+            Reset();
+
+            cipher.Init(true, parameters);
+        }
+
+		/**
+        * Encrypt one byte of data according to CFB mode.
+        * @param data the byte to encrypt
+        * @param blockOff offset in the current block
+        * @returns the encrypted byte
+        */
+        private byte EncryptByte(byte data, int blockOff)
+        {
+            return (byte)(FRE[blockOff] ^ data);
+        }
+
+		/**
+        * Do the appropriate processing for CFB IV mode encryption.
+        *
+        * @param in the array containing the data to be encrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the encrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        private int EncryptBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+
+            if ((outOff + blockSize) > outBytes.Length)
+            {
+                throw new DataLengthException("output buffer too short");
+            }
+
+            if (count > blockSize)
+            {
+                FR[blockSize - 2] = outBytes[outOff] = EncryptByte(input[inOff], blockSize - 2);
+                FR[blockSize - 1] = outBytes[outOff + 1] = EncryptByte(input[inOff + 1], blockSize - 1);
+
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                for (int n = 2; n < blockSize; n++)
+                {
+					FR[n - 2] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n - 2);
+                }
+            }
+            else if (count == 0)
+            {
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+				for (int n = 0; n < blockSize; n++)
+                {
+					FR[n] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n);
+                }
+
+				count += blockSize;
+            }
+            else if (count == blockSize)
+            {
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                outBytes[outOff] = EncryptByte(input[inOff], 0);
+                outBytes[outOff + 1] = EncryptByte(input[inOff + 1], 1);
+
+                //
+                // do reset
+                //
+                Array.Copy(FR, 2, FR, 0, blockSize - 2);
+                Array.Copy(outBytes, outOff, FR, blockSize - 2, 2);
+
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                for (int n = 2; n < blockSize; n++)
+                {
+					FR[n - 2] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n - 2);
+                }
+
+				count += blockSize;
+            }
+
+            return blockSize;
+        }
+
+        /**
+        * Do the appropriate processing for CFB IV mode decryption.
+        *
+        * @param in the array containing the data to be decrypted.
+        * @param inOff offset into the in array the data starts at.
+        * @param out the array the encrypted data will be copied into.
+        * @param outOff the offset into the out array the output will start at.
+        * @exception DataLengthException if there isn't enough data in in, or
+        * space in out.
+        * @exception InvalidOperationException if the cipher isn't initialised.
+        * @return the number of bytes processed and produced.
+        */
+        private int DecryptBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	outBytes,
+            int		outOff)
+        {
+            if ((inOff + blockSize) > input.Length)
+            {
+                throw new DataLengthException("input buffer too short");
+            }
+
+            if ((outOff + blockSize) > outBytes.Length)
+            {
+                throw new DataLengthException("output buffer too short");
+            }
+
+            if (count > blockSize)
+            {
+				byte inVal = input[inOff];
+				FR[blockSize - 2] = inVal;
+				outBytes[outOff] = EncryptByte(inVal, blockSize - 2);
+
+				inVal = input[inOff + 1];
+				FR[blockSize - 1] = inVal;
+				outBytes[outOff + 1] = EncryptByte(inVal, blockSize - 1);
+
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                for (int n = 2; n < blockSize; n++)
+                {
+					inVal = input[inOff + n];
+					FR[n - 2] = inVal;
+					outBytes[outOff + n] = EncryptByte(inVal, n - 2);
+				}
+            }
+            else if (count == 0)
+            {
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                for (int n = 0; n < blockSize; n++)
+                {
+                    FR[n] = input[inOff + n];
+                    outBytes[n] = EncryptByte(input[inOff + n], n);
+                }
+
+                count += blockSize;
+            }
+            else if (count == blockSize)
+            {
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+				byte inVal1 = input[inOff];
+				byte inVal2 = input[inOff + 1];
+				outBytes[outOff    ] = EncryptByte(inVal1, 0);
+				outBytes[outOff + 1] = EncryptByte(inVal2, 1);
+
+                Array.Copy(FR, 2, FR, 0, blockSize - 2);
+
+				FR[blockSize - 2] = inVal1;
+				FR[blockSize - 1] = inVal2;
+
+                cipher.ProcessBlock(FR, 0, FRE, 0);
+
+                for (int n = 2; n < blockSize; n++)
+                {
+					byte inVal = input[inOff + n];
+					FR[n - 2] = inVal;
+					outBytes[outOff + n] = EncryptByte(inVal, n - 2);
+                }
+
+                count += blockSize;
+            }
+
+            return blockSize;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/SicBlockCipher.cs b/bc-sharp-crypto/src/crypto/modes/SicBlockCipher.cs
new file mode 100644
index 0000000..0bea4a4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/SicBlockCipher.cs
@@ -0,0 +1,120 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes
+{
+    /**
+    * Implements the Segmented Integer Counter (SIC) mode on top of a simple
+    * block cipher.
+    */
+    public class SicBlockCipher
+        : IBlockCipher
+    {
+        private readonly IBlockCipher cipher;
+        private readonly int blockSize;
+        private readonly byte[] counter;
+        private readonly byte[] counterOut;
+        private byte[] IV;
+
+        /**
+        * Basic constructor.
+        *
+        * @param c the block cipher to be used.
+        */
+        public SicBlockCipher(IBlockCipher cipher)
+        {
+            this.cipher = cipher;
+            this.blockSize = cipher.GetBlockSize();
+            this.counter = new byte[blockSize];
+            this.counterOut = new byte[blockSize];
+            this.IV = new byte[blockSize];
+        }
+
+        /**
+        * return the underlying block cipher that we are wrapping.
+        *
+        * @return the underlying block cipher that we are wrapping.
+        */
+        public virtual IBlockCipher GetUnderlyingCipher()
+        {
+            return cipher;
+        }
+
+        public virtual void Init(
+            bool				forEncryption, //ignored by this CTR mode
+            ICipherParameters	parameters)
+        {
+            ParametersWithIV ivParam = parameters as ParametersWithIV;
+            if (ivParam == null)
+                throw new ArgumentException("CTR/SIC mode requires ParametersWithIV", "parameters");
+
+            this.IV = Arrays.Clone(ivParam.GetIV());
+
+            if (blockSize < IV.Length)
+                throw new ArgumentException("CTR/SIC mode requires IV no greater than: " + blockSize + " bytes.");
+
+            int maxCounterSize = System.Math.Min(8, blockSize / 2);
+            if (blockSize - IV.Length > maxCounterSize)
+                throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes.");
+
+            // if null it's an IV changed only.
+            if (ivParam.Parameters != null)
+            {
+                cipher.Init(true, ivParam.Parameters);
+            }
+
+            Reset();
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return cipher.AlgorithmName + "/SIC"; }
+        }
+
+        public virtual bool IsPartialBlockOkay
+        {
+            get { return true; }
+        }
+
+        public virtual int GetBlockSize()
+        {
+            return cipher.GetBlockSize();
+        }
+
+        public virtual int ProcessBlock(
+            byte[]	input,
+            int		inOff,
+            byte[]	output,
+            int		outOff)
+        {
+            cipher.ProcessBlock(counter, 0, counterOut, 0);
+
+            //
+            // XOR the counterOut with the plaintext producing the cipher text
+            //
+            for (int i = 0; i < counterOut.Length; i++)
+            {
+                output[outOff + i] = (byte)(counterOut[i] ^ input[inOff + i]);
+            }
+
+            // Increment the counter
+            int j = counter.Length;
+            while (--j >= 0 && ++counter[j] == 0)
+            {
+            }
+
+            return counter.Length;
+        }
+
+        public virtual void Reset()
+        {
+            Arrays.Fill(counter, (byte)0);
+            Array.Copy(IV, 0, counter, 0, IV.Length);
+            cipher.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs b/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs
new file mode 100644
index 0000000..5660a1f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs
@@ -0,0 +1,40 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    public class BasicGcmExponentiator
+        : IGcmExponentiator
+    {
+        private uint[] x;
+
+        public void Init(byte[] x)
+        {
+            this.x = GcmUtilities.AsUints(x);
+        }
+
+        public void ExponentiateX(long pow, byte[] output)
+        {
+            // Initial value is little-endian 1
+            uint[] y = GcmUtilities.OneAsUints();
+
+            if (pow > 0)
+            {
+                uint[] powX = Arrays.Clone(x);
+                do
+                {
+                    if ((pow & 1L) != 0)
+                    {
+                        GcmUtilities.Multiply(y, powX);
+                    }
+                    GcmUtilities.Multiply(powX, powX);
+                    pow >>= 1;
+                }
+                while (pow > 0);
+            }
+
+            GcmUtilities.AsBytes(y, output);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs b/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
new file mode 100644
index 0000000..eb89383
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs
@@ -0,0 +1,22 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    public class BasicGcmMultiplier
+        : IGcmMultiplier
+    {
+        private uint[] H;
+
+        public void Init(byte[] H)
+        {
+            this.H = GcmUtilities.AsUints(H);
+        }
+
+        public void MultiplyH(byte[] x)
+        {
+            uint[] t = GcmUtilities.AsUints(x);
+            GcmUtilities.Multiply(t, H);
+            GcmUtilities.AsBytes(t, x);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/GcmUtilities.cs b/bc-sharp-crypto/src/crypto/modes/gcm/GcmUtilities.cs
new file mode 100644
index 0000000..d8ab2ca
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/GcmUtilities.cs
@@ -0,0 +1,319 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    internal abstract class GcmUtilities
+    {
+        private const uint E1 = 0xe1000000;
+        private const ulong E1L = (ulong)E1 << 32;
+
+        private static uint[] GenerateLookup()
+        {
+            uint[] lookup = new uint[256];
+
+            for (int c = 0; c < 256; ++c)
+            {
+                uint v = 0;
+                for (int i = 7; i >= 0; --i)
+                {
+                    if ((c & (1 << i)) != 0)
+                    {
+                        v ^= (E1 >> (7 - i));
+                    }
+                }
+                lookup[c] = v;
+            }
+
+            return lookup;
+        }
+
+        private static readonly uint[] LOOKUP = GenerateLookup();
+
+        internal static byte[] OneAsBytes()
+        {
+            byte[] tmp = new byte[16];
+            tmp[0] = 0x80;
+            return tmp;
+        }
+
+        internal static uint[] OneAsUints()
+        {
+            uint[] tmp = new uint[4];
+            tmp[0] = 0x80000000;
+            return tmp;
+        }
+
+        internal static ulong[] OneAsUlongs()
+        {
+            ulong[] tmp = new ulong[2];
+            tmp[0] = 1UL << 63;
+            return tmp;
+        }
+
+        internal static byte[] AsBytes(uint[] x)
+        {
+            return Pack.UInt32_To_BE(x);
+        }
+
+        internal static void AsBytes(uint[] x, byte[] z)
+        {
+            Pack.UInt32_To_BE(x, z, 0);
+        }
+
+        internal static byte[] AsBytes(ulong[] x)
+        {
+            byte[] z = new byte[16];
+            Pack.UInt64_To_BE(x, z, 0);
+            return z;
+        }
+
+        internal static void AsBytes(ulong[] x, byte[] z)
+        {
+            Pack.UInt64_To_BE(x, z, 0);
+        }
+
+        internal static uint[] AsUints(byte[] bs)
+        {
+            uint[] output = new uint[4];
+            Pack.BE_To_UInt32(bs, 0, output);
+            return output;
+        }
+
+        internal static void AsUints(byte[] bs, uint[] output)
+        {
+            Pack.BE_To_UInt32(bs, 0, output);
+        }
+
+        internal static ulong[] AsUlongs(byte[] x)
+        {
+            ulong[] z = new ulong[2];
+            Pack.BE_To_UInt64(x, 0, z);
+            return z;
+        }
+
+        public static void AsUlongs(byte[] x, ulong[] z)
+        {
+            Pack.BE_To_UInt64(x, 0, z);
+        }
+
+        internal static void Multiply(byte[] x, byte[] y)
+        {
+            uint[] t1 = GcmUtilities.AsUints(x);
+            uint[] t2 = GcmUtilities.AsUints(y);
+            GcmUtilities.Multiply(t1, t2);
+            GcmUtilities.AsBytes(t1, x);
+        }
+
+        internal static void Multiply(uint[] x, uint[] y)
+        {
+            uint r00 = x[0], r01 = x[1], r02 = x[2], r03 = x[3];
+            uint r10 = 0, r11 = 0, r12 = 0, r13 = 0;
+
+            for (int i = 0; i < 4; ++i)
+            {
+                int bits = (int)y[i];
+                for (int j = 0; j < 32; ++j)
+                {
+                    uint m1 = (uint)(bits >> 31); bits <<= 1;
+                    r10 ^= (r00 & m1);
+                    r11 ^= (r01 & m1);
+                    r12 ^= (r02 & m1);
+                    r13 ^= (r03 & m1);
+
+                    uint m2 = (uint)((int)(r03 << 31) >> 8);
+                    r03 = (r03 >> 1) | (r02 << 31);
+                    r02 = (r02 >> 1) | (r01 << 31);
+                    r01 = (r01 >> 1) | (r00 << 31);
+                    r00 = (r00 >> 1) ^ (m2 & E1);
+                }
+            }
+
+            x[0] = r10;
+            x[1] = r11;
+            x[2] = r12;
+            x[3] = r13;
+        }
+
+        internal static void Multiply(ulong[] x, ulong[] y)
+        {
+            ulong r00 = x[0], r01 = x[1], r10 = 0, r11 = 0;
+
+            for (int i = 0; i < 2; ++i)
+            {
+                long bits = (long)y[i];
+                for (int j = 0; j < 64; ++j)
+                {
+                    ulong m1 = (ulong)(bits >> 63); bits <<= 1;
+                    r10 ^= (r00 & m1);
+                    r11 ^= (r01 & m1);
+
+                    ulong m2 = (ulong)((long)(r01 << 63) >> 8);
+                    r01 = (r01 >> 1) | (r00 << 63);
+                    r00 = (r00 >> 1) ^ (m2 & E1L);
+                }
+            }
+
+            x[0] = r10;
+            x[1] = r11;
+        }
+
+        // P is the value with only bit i=1 set
+        internal static void MultiplyP(uint[] x)
+        {
+            uint m = (uint)((int)ShiftRight(x) >> 8);
+            x[0] ^= (m & E1);
+        }
+
+        internal static void MultiplyP(uint[] x, uint[] z)
+        {
+            uint m = (uint)((int)ShiftRight(x, z) >> 8);
+            z[0] ^= (m & E1);
+        }
+
+        internal static void MultiplyP8(uint[] x)
+        {
+//			for (int i = 8; i != 0; --i)
+//			{
+//				MultiplyP(x);
+//			}
+
+            uint c = ShiftRightN(x, 8);
+            x[0] ^= LOOKUP[c >> 24];
+        }
+
+        internal static void MultiplyP8(uint[] x, uint[] y)
+        {
+            uint c = ShiftRightN(x, 8, y);
+            y[0] ^= LOOKUP[c >> 24];
+        }
+
+        internal static uint ShiftRight(uint[] x)
+        {
+            uint b = x[0];
+            x[0] = b >> 1;
+            uint c = b << 31;
+            b = x[1];
+            x[1] = (b >> 1) | c;
+            c = b << 31;
+            b = x[2];
+            x[2] = (b >> 1) | c;
+            c = b << 31;
+            b = x[3];
+            x[3] = (b >> 1) | c;
+            return b << 31;
+        }
+
+        internal static uint ShiftRight(uint[] x, uint[] z)
+        {
+            uint b = x[0];
+            z[0] = b >> 1;
+            uint c = b << 31;
+            b = x[1];
+            z[1] = (b >> 1) | c;
+            c = b << 31;
+            b = x[2];
+            z[2] = (b >> 1) | c;
+            c = b << 31;
+            b = x[3];
+            z[3] = (b >> 1) | c;
+            return b << 31;
+        }
+
+        internal static uint ShiftRightN(uint[] x, int n)
+        {
+            uint b = x[0]; int nInv = 32 - n;
+            x[0] = b >> n;
+            uint c = b << nInv;
+            b = x[1];
+            x[1] = (b >> n) | c;
+            c = b << nInv;
+            b = x[2];
+            x[2] = (b >> n) | c;
+            c = b << nInv;
+            b = x[3];
+            x[3] = (b >> n) | c;
+            return b << nInv;
+        }
+
+        internal static uint ShiftRightN(uint[] x, int n, uint[] z)
+        {
+            uint b = x[0]; int nInv = 32 - n;
+            z[0] = b >> n;
+            uint c = b << nInv;
+            b = x[1];
+            z[1] = (b >> n) | c;
+            c = b << nInv;
+            b = x[2];
+            z[2] = (b >> n) | c;
+            c = b << nInv;
+            b = x[3];
+            z[3] = (b >> n) | c;
+            return b << nInv;
+        }
+
+        internal static void Xor(byte[] x, byte[] y)
+        {
+            int i = 0;
+            do
+            {
+                x[i] ^= y[i]; ++i;
+                x[i] ^= y[i]; ++i;
+                x[i] ^= y[i]; ++i;
+                x[i] ^= y[i]; ++i;
+            }
+            while (i < 16);
+        }
+
+        internal static void Xor(byte[] x, byte[] y, int yOff, int yLen)
+        {
+            while (--yLen >= 0)
+            {
+                x[yLen] ^= y[yOff + yLen];
+            }
+        }
+
+        internal static void Xor(byte[] x, byte[] y, byte[] z)
+        {
+            int i = 0;
+            do
+            {
+                z[i] = (byte)(x[i] ^ y[i]); ++i;
+                z[i] = (byte)(x[i] ^ y[i]); ++i;
+                z[i] = (byte)(x[i] ^ y[i]); ++i;
+                z[i] = (byte)(x[i] ^ y[i]); ++i;
+            }
+            while (i < 16);
+        }
+
+        internal static void Xor(uint[] x, uint[] y)
+        {
+            x[0] ^= y[0];
+            x[1] ^= y[1];
+            x[2] ^= y[2];
+            x[3] ^= y[3];
+        }
+
+        internal static void Xor(uint[] x, uint[] y, uint[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+        }
+
+        internal static void Xor(ulong[] x, ulong[] y)
+        {
+            x[0] ^= y[0];
+            x[1] ^= y[1];
+        }
+
+        internal static void Xor(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/IGcmExponentiator.cs b/bc-sharp-crypto/src/crypto/modes/gcm/IGcmExponentiator.cs
new file mode 100644
index 0000000..5b4ce9d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/IGcmExponentiator.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+	public interface IGcmExponentiator
+	{
+		void Init(byte[] x);
+		void ExponentiateX(long pow, byte[] output);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/IGcmMultiplier.cs b/bc-sharp-crypto/src/crypto/modes/gcm/IGcmMultiplier.cs
new file mode 100644
index 0000000..ec7b906
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/IGcmMultiplier.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+	public interface IGcmMultiplier
+	{
+		void Init(byte[] H);
+		void MultiplyH(byte[] x);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs b/bc-sharp-crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs
new file mode 100644
index 0000000..e649d67
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    public class Tables1kGcmExponentiator
+        : IGcmExponentiator
+    {
+        // A lookup table of the power-of-two powers of 'x'
+        // - lookupPowX2[i] = x^(2^i)
+        private IList lookupPowX2;
+
+        public void Init(byte[] x)
+        {
+            uint[] y = GcmUtilities.AsUints(x);
+            if (lookupPowX2 != null && Arrays.AreEqual(y, (uint[])lookupPowX2[0]))
+                return;
+
+            lookupPowX2 = Platform.CreateArrayList(8);
+            lookupPowX2.Add(y);
+        }
+
+        public void ExponentiateX(long pow, byte[] output)
+        {
+            uint[] y = GcmUtilities.OneAsUints();
+            int bit = 0;
+            while (pow > 0)
+            {
+                if ((pow & 1L) != 0)
+                {
+                    EnsureAvailable(bit);
+                    GcmUtilities.Multiply(y, (uint[])lookupPowX2[bit]);
+                }
+                ++bit;
+                pow >>= 1;
+            }
+
+            GcmUtilities.AsBytes(y, output);
+        }
+
+        private void EnsureAvailable(int bit)
+        {
+            int count = lookupPowX2.Count;
+            if (count <= bit)
+            {
+                uint[] tmp = (uint[])lookupPowX2[count - 1];
+                do
+                {
+                    tmp = Arrays.Clone(tmp);
+                    GcmUtilities.Multiply(tmp, tmp);
+                    lookupPowX2.Add(tmp);
+                }
+                while (++count <= bit);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs b/bc-sharp-crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs
new file mode 100644
index 0000000..707b0be
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    public class Tables64kGcmMultiplier
+        : IGcmMultiplier
+    {
+        private byte[] H;
+        private uint[][][] M;
+
+        public void Init(byte[] H)
+        {
+            if (M == null)
+            {
+                M = new uint[16][][];
+            }
+            else if (Arrays.AreEqual(this.H, H))
+            {
+                return;
+            }
+
+            this.H = Arrays.Clone(H);
+
+            M[0] = new uint[256][];
+            M[0][0] = new uint[4];
+            M[0][128] = GcmUtilities.AsUints(H);
+            for (int j = 64; j >= 1; j >>= 1)
+            {
+                uint[] tmp = (uint[])M[0][j + j].Clone();
+                GcmUtilities.MultiplyP(tmp);
+                M[0][j] = tmp;
+            }
+            for (int i = 0; ; )
+            {
+                for (int j = 2; j < 256; j += j)
+                {
+                    for (int k = 1; k < j; ++k)
+                    {
+                        uint[] tmp = (uint[])M[i][j].Clone();
+                        GcmUtilities.Xor(tmp, M[i][k]);
+                        M[i][j + k] = tmp;
+                    }
+                }
+
+                if (++i == 16) return;
+
+                M[i] = new uint[256][];
+                M[i][0] = new uint[4];
+                for (int j = 128; j > 0; j >>= 1)
+                {
+                    uint[] tmp = (uint[])M[i - 1][j].Clone();
+                    GcmUtilities.MultiplyP8(tmp);
+                    M[i][j] = tmp;
+                }
+            }
+        }
+
+        public void MultiplyH(byte[] x)
+        {
+            uint[] z = new uint[4];
+            for (int i = 0; i != 16; ++i)
+            {
+                //GcmUtilities.Xor(z, M[i][x[i]]);
+                uint[] m = M[i][x[i]];
+                z[0] ^= m[0];
+                z[1] ^= m[1];
+                z[2] ^= m[2];
+                z[3] ^= m[3];
+            }
+
+            Pack.UInt32_To_BE(z, x, 0);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs b/bc-sharp-crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs
new file mode 100644
index 0000000..5f3d6c8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Modes.Gcm
+{
+    public class Tables8kGcmMultiplier
+        : IGcmMultiplier
+    {
+        private byte[] H;
+        private uint[][][] M;
+
+        public void Init(byte[] H)
+        {
+            if (M == null)
+            {
+                M = new uint[32][][];
+            }
+            else if (Arrays.AreEqual(this.H, H))
+            {
+                return;
+            }
+
+            this.H = Arrays.Clone(H);
+
+            M[0] = new uint[16][];
+            M[1] = new uint[16][];
+            M[0][0] = new uint[4];
+            M[1][0] = new uint[4];
+            M[1][8] = GcmUtilities.AsUints(H);
+
+            for (int j = 4; j >= 1; j >>= 1)
+            {
+                uint[] tmp = (uint[])M[1][j + j].Clone();
+                GcmUtilities.MultiplyP(tmp);
+                M[1][j] = tmp;
+            }
+
+            {
+                uint[] tmp = (uint[])M[1][1].Clone();
+                GcmUtilities.MultiplyP(tmp);
+                M[0][8] = tmp;
+            }
+
+            for (int j = 4; j >= 1; j >>= 1)
+            {
+                uint[] tmp = (uint[])M[0][j + j].Clone();
+                GcmUtilities.MultiplyP(tmp);
+                M[0][j] = tmp;
+            }
+
+            for (int i = 0; ; )
+            {
+                for (int j = 2; j < 16; j += j)
+                {
+                    for (int k = 1; k < j; ++k)
+                    {
+                        uint[] tmp = (uint[])M[i][j].Clone();
+                        GcmUtilities.Xor(tmp, M[i][k]);
+                        M[i][j + k] = tmp;
+                    }
+                }
+
+                if (++i == 32) return;
+
+                if (i > 1)
+                {
+                    M[i] = new uint[16][];
+                    M[i][0] = new uint[4];
+                    for (int j = 8; j > 0; j >>= 1)
+                    {
+                        uint[] tmp = (uint[])M[i - 2][j].Clone();
+                        GcmUtilities.MultiplyP8(tmp);
+                        M[i][j] = tmp;
+                    }
+                }
+            }
+        }
+
+        public void MultiplyH(byte[] x)
+        {
+            uint[] z = new uint[4];
+            for (int i = 15; i >= 0; --i)
+            {
+                //GcmUtilities.Xor(z, M[i + i][x[i] & 0x0f]);
+                uint[] m = M[i + i][x[i] & 0x0f];
+                z[0] ^= m[0];
+                z[1] ^= m[1];
+                z[2] ^= m[2];
+                z[3] ^= m[3];
+                //GcmUtilities.Xor(z, M[i + i + 1][(x[i] & 0xf0) >> 4]);
+                m = M[i + i + 1][(x[i] & 0xf0) >> 4];
+                z[0] ^= m[0];
+                z[1] ^= m[1];
+                z[2] ^= m[2];
+                z[3] ^= m[3];
+            }
+
+            Pack.UInt32_To_BE(z, x, 0);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/operators/Asn1Signature.cs b/bc-sharp-crypto/src/crypto/operators/Asn1Signature.cs
new file mode 100644
index 0000000..e023c1d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/operators/Asn1Signature.cs
@@ -0,0 +1,555 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Crypto.Operators
+{
+	internal class X509Utilities
+	{
+        private static readonly Asn1Null derNull = DerNull.Instance;
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+		private static readonly IDictionary exParams = Platform.CreateHashtable();
+		private static readonly ISet        noParams = new HashSet();
+
+		static X509Utilities()
+		{
+			algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+			algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+			algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
+			algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
+			algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+			algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+			// The parameters field SHALL be NULL for RSA based signature algorithms.
+			//
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+			noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha384);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha512);
+
+			//
+			// RFC 4491
+			//
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// explicit params
+			//
+			AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+			exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
+
+			AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
+			exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
+
+			AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
+			exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
+
+			AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
+			exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
+
+			AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
+			exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
+		}
+
+        /**
+		 * Return the digest algorithm using one of the standard JCA string
+		 * representations rather than the algorithm identifier (if possible).
+		 */
+        private static string GetDigestAlgName(
+            DerObjectIdentifier digestAlgOID)
+        {
+            if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID))
+            {
+                return "MD5";
+            }
+            else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID))
+            {
+                return "SHA1";
+            }
+            else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID))
+            {
+                return "SHA224";
+            }
+            else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID))
+            {
+                return "SHA256";
+            }
+            else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID))
+            {
+                return "SHA384";
+            }
+            else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID))
+            {
+                return "SHA512";
+            }
+            else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID))
+            {
+                return "RIPEMD128";
+            }
+            else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID))
+            {
+                return "RIPEMD160";
+            }
+            else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID))
+            {
+                return "RIPEMD256";
+            }
+            else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID))
+            {
+                return "GOST3411";
+            }
+            else
+            {
+                return digestAlgOID.Id;
+            }
+        }
+
+        internal static string GetSignatureName(AlgorithmIdentifier sigAlgId)
+        {
+            Asn1Encodable parameters = sigAlgId.Parameters;
+
+            if (parameters != null && !derNull.Equals(parameters))
+            {
+                if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+                {
+                    RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters);
+
+                    return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
+                }
+                if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
+                {
+                    Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters);
+
+                    return GetDigestAlgName((DerObjectIdentifier)ecDsaParams[0]) + "withECDSA";
+                }
+            }
+
+            return sigAlgId.Algorithm.Id;
+        }
+
+        private static RsassaPssParameters CreatePssParams(
+			AlgorithmIdentifier	hashAlgId,
+			int					saltSize)
+		{
+			return new RsassaPssParameters(
+				hashAlgId,
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId),
+				new DerInteger(saltSize),
+				new DerInteger(1));
+		}
+
+		internal static DerObjectIdentifier GetAlgorithmOid(
+			string algorithmName)
+		{
+			algorithmName = Platform.ToUpperInvariant(algorithmName);
+
+			if (algorithms.Contains(algorithmName))
+			{
+				return (DerObjectIdentifier) algorithms[algorithmName];
+			}
+
+			return new DerObjectIdentifier(algorithmName);
+		}
+
+		internal static AlgorithmIdentifier GetSigAlgID(
+			DerObjectIdentifier sigOid,
+			string				algorithmName)
+		{
+			if (noParams.Contains(sigOid))
+			{
+				return new AlgorithmIdentifier(sigOid);
+			}
+
+			algorithmName = Platform.ToUpperInvariant(algorithmName);
+
+			if (exParams.Contains(algorithmName))
+			{
+				return new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]);
+			}
+
+			return new AlgorithmIdentifier(sigOid, DerNull.Instance);
+		}
+
+		internal static IEnumerable GetAlgNames()
+		{
+			return new EnumerableProxy(algorithms.Keys);
+		}
+	}
+
+	internal class SignerBucket
+		: Stream
+	{
+		protected readonly ISigner signer;
+
+		public SignerBucket(
+			ISigner	signer)
+		{
+			this.signer = signer;
+		}
+
+		public override int Read(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			throw new NotImplementedException ();
+		}
+
+		public override int ReadByte()
+		{
+			throw new NotImplementedException ();
+		}
+
+		public override void Write(
+			byte[]	buffer,
+			int		offset,
+			int		count)
+		{
+			if (count > 0)
+			{
+				signer.BlockUpdate(buffer, offset, count);
+			}
+		}
+
+		public override void WriteByte(
+			byte b)
+		{
+			signer.Update(b);
+		}
+
+		public override bool CanRead
+		{
+			get { return false; }
+		}
+
+		public override bool CanWrite
+		{
+			get { return true; }
+		}
+
+		public override bool CanSeek
+		{
+			get { return false; }
+		}
+
+		public override long Length
+		{
+			get { return 0; }
+		}
+
+		public override long Position
+		{
+			get { throw new NotImplementedException (); }
+			set { throw new NotImplementedException (); }
+		}
+
+        public override void Flush()
+		{
+		}
+
+		public override long Seek(
+			long		offset,
+			SeekOrigin	origin)
+		{
+			throw new NotImplementedException ();
+		}
+
+		public override void SetLength(
+			long length)
+		{
+			throw new NotImplementedException ();
+		}
+	}
+
+    /// <summary>
+    /// Calculator factory class for signature generation in ASN.1 based profiles that use an AlgorithmIdentifier to preserve
+    /// signature algorithm details.
+    /// </summary>
+	public class Asn1SignatureFactory: ISignatureFactory
+	{
+		private readonly AlgorithmIdentifier algID;
+        private readonly string algorithm;
+        private readonly AsymmetricKeyParameter privateKey;
+        private readonly SecureRandom random;
+
+        /// <summary>
+        /// Base constructor.
+        /// </summary>
+        /// <param name="algorithm">The name of the signature algorithm to use.</param>
+        /// <param name="privateKey">The private key to be used in the signing operation.</param>
+		public Asn1SignatureFactory (string algorithm, AsymmetricKeyParameter privateKey): this(algorithm, privateKey, null)
+		{
+		}
+
+        /// <summary>
+        /// Constructor which also specifies a source of randomness to be used if one is required.
+        /// </summary>
+        /// <param name="algorithm">The name of the signature algorithm to use.</param>
+        /// <param name="privateKey">The private key to be used in the signing operation.</param>
+        /// <param name="random">The source of randomness to be used in signature calculation.</param>
+		public Asn1SignatureFactory (string algorithm, AsymmetricKeyParameter privateKey, SecureRandom random)
+		{
+			DerObjectIdentifier sigOid = X509Utilities.GetAlgorithmOid (algorithm);
+
+            this.algorithm = algorithm;
+            this.privateKey = privateKey;
+            this.random = random;
+			this.algID = X509Utilities.GetSigAlgID (sigOid, algorithm);
+		}
+
+		public Object AlgorithmDetails
+		{
+			get { return this.algID; }
+		}
+
+        public IStreamCalculator CreateCalculator()
+        {
+            ISigner sig = SignerUtilities.GetSigner(algorithm);
+
+            if (random != null)
+            {
+                sig.Init(true, new ParametersWithRandom(privateKey, random));
+            }
+            else
+            {
+                sig.Init(true, privateKey);
+            }
+
+            return new SigCalculator(sig);
+        }
+
+        /// <summary>
+        /// Allows enumeration of the signature names supported by the verifier provider.
+        /// </summary>
+        public static IEnumerable SignatureAlgNames
+        {
+            get { return X509Utilities.GetAlgNames(); }
+        }
+    }
+
+    internal class SigCalculator : IStreamCalculator
+    {
+        private readonly ISigner sig;
+        private readonly Stream stream;
+
+        internal SigCalculator(ISigner sig)
+        {
+            this.sig = sig;
+            this.stream = new SignerBucket(sig);
+        }
+
+        public Stream Stream
+        {
+            get { return stream; }
+        }
+
+        public object GetResult()
+        {
+            return new SigResult(sig);
+        }
+    }
+
+    internal class SigResult : IBlockResult
+    {
+        private readonly ISigner sig;
+
+        internal SigResult(ISigner sig)
+        {
+            this.sig = sig;
+        }
+
+        public byte[] Collect()
+        {
+            return sig.GenerateSignature();
+        }
+
+        public int Collect(byte[] destination, int offset)
+        {
+            byte[] signature = Collect();
+
+            Array.Copy(signature, 0, destination, offset, signature.Length);
+
+            return signature.Length;
+        }
+    }
+
+    /// <summary>
+    /// Verifier class for signature verification in ASN.1 based profiles that use an AlgorithmIdentifier to preserve
+    /// signature algorithm details.
+    /// </summary>
+    public class Asn1VerifierFactory: IVerifierFactory
+	{
+		private readonly AlgorithmIdentifier algID;
+        private readonly AsymmetricKeyParameter publicKey;
+
+        /// <summary>
+        /// Base constructor.
+        /// </summary>
+        /// <param name="algorithm">The name of the signature algorithm to use.</param>
+        /// <param name="publicKey">The public key to be used in the verification operation.</param>
+        public Asn1VerifierFactory (String algorithm, AsymmetricKeyParameter publicKey)
+		{
+			DerObjectIdentifier sigOid = X509Utilities.GetAlgorithmOid (algorithm);
+
+            this.publicKey = publicKey;
+			this.algID = X509Utilities.GetSigAlgID (sigOid, algorithm);
+		}
+
+		public Asn1VerifierFactory (AlgorithmIdentifier algorithm, AsymmetricKeyParameter publicKey)
+		{
+            this.publicKey = publicKey;
+			this.algID = algorithm;
+		}
+
+		public Object AlgorithmDetails
+		{
+			get { return this.algID; }
+		}
+
+        public IStreamCalculator CreateCalculator()
+        {
+            ISigner sig = SignerUtilities.GetSigner(X509Utilities.GetSignatureName(algID));
+
+            sig.Init(false, publicKey);
+          
+            return new VerifierCalculator(sig);
+        }
+    }
+
+    internal class VerifierCalculator : IStreamCalculator
+    {
+        private readonly ISigner sig;
+        private readonly Stream stream;
+
+        internal VerifierCalculator(ISigner sig)
+        {
+            this.sig = sig;
+            this.stream = new SignerBucket(sig);
+        }
+
+        public Stream Stream
+        {
+            get { return stream; }
+        }
+
+        public object GetResult()
+        {
+            return new VerifierResult(sig);
+        }
+    }
+
+    internal class VerifierResult : IVerifier
+    {
+        private readonly ISigner sig;
+
+        internal VerifierResult(ISigner sig)
+        {
+            this.sig = sig;
+        }
+
+        public bool IsVerified(byte[] signature)
+        {
+            return sig.VerifySignature(signature);
+        }
+
+        public bool IsVerified(byte[] signature, int off, int length)
+        {
+            byte[] sigBytes = new byte[length];
+
+            Array.Copy(signature, 0, sigBytes, off, sigBytes.Length);
+
+            return sig.VerifySignature(signature);
+        }
+    }
+
+    /// <summary>
+    /// Provider class which supports dynamic creation of signature verifiers.
+    /// </summary>
+	public class Asn1VerifierFactoryProvider: IVerifierFactoryProvider
+	{
+		private readonly AsymmetricKeyParameter publicKey;
+
+        /// <summary>
+        /// Base constructor - specify the public key to be used in verification.
+        /// </summary>
+        /// <param name="publicKey">The public key to be used in creating verifiers provided by this object.</param>
+		public Asn1VerifierFactoryProvider(AsymmetricKeyParameter publicKey)
+		{
+			this.publicKey = publicKey;
+		}
+
+		public IVerifierFactory CreateVerifierFactory(Object algorithmDetails)
+		{
+            return new Asn1VerifierFactory ((AlgorithmIdentifier)algorithmDetails, publicKey);
+		}
+
+		/// <summary>
+		/// Allows enumeration of the signature names supported by the verifier provider.
+		/// </summary>
+		public IEnumerable SignatureAlgNames
+		{
+			get { return X509Utilities.GetAlgNames(); }
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/crypto/paddings/BlockCipherPadding.cs b/bc-sharp-crypto/src/crypto/paddings/BlockCipherPadding.cs
new file mode 100644
index 0000000..33a5f9f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/BlockCipherPadding.cs
@@ -0,0 +1,43 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+    /**
+     * Block cipher padders are expected to conform to this interface
+     */
+    public interface IBlockCipherPadding
+    {
+        /**
+         * Initialise the padder.
+         *
+         * @param param parameters, if any required.
+         */
+        void Init(SecureRandom random);
+            //throws ArgumentException;
+
+        /**
+         * Return the name of the algorithm the cipher implements.
+         *
+         * @return the name of the algorithm the cipher implements.
+         */
+        string PaddingName { get; }
+
+		/**
+         * add the pad bytes to the passed in block, returning the
+         * number of bytes added.
+         */
+        int AddPadding(byte[] input, int inOff);
+
+        /**
+         * return the number of pad bytes present in the block.
+         * @exception InvalidCipherTextException if the padding is badly formed
+         * or invalid.
+         */
+        int PadCount(byte[] input);
+        //throws InvalidCipherTextException;
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/ISO10126d2Padding.cs b/bc-sharp-crypto/src/crypto/paddings/ISO10126d2Padding.cs
new file mode 100644
index 0000000..e132a62
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/ISO10126d2Padding.cs
@@ -0,0 +1,76 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+
+    /**
+    * A padder that adds ISO10126-2 padding to a block.
+    */
+    public class ISO10126d2Padding: IBlockCipherPadding
+    {
+        private SecureRandom random;
+
+        /**
+        * Initialise the padder.
+        *
+        * @param random a SecureRandom if available.
+        */
+        public void Init(
+			SecureRandom random)
+            //throws ArgumentException
+        {
+			this.random = (random != null) ? random : new SecureRandom();
+        }
+
+		/**
+        * Return the name of the algorithm the cipher implements.
+        *
+        * @return the name of the algorithm the cipher implements.
+        */
+        public string PaddingName
+        {
+            get { return "ISO10126-2"; }
+        }
+
+		/**
+        * add the pad bytes to the passed in block, returning the
+        * number of bytes added.
+        */
+        public int AddPadding(
+            byte[]	input,
+            int		inOff)
+        {
+            byte code = (byte)(input.Length - inOff);
+
+            while (inOff < (input.Length - 1))
+            {
+                input[inOff] = (byte)random.NextInt();
+                inOff++;
+            }
+
+            input[inOff] = code;
+
+            return code;
+        }
+
+        /**
+        * return the number of pad bytes present in the block.
+        */
+        public int PadCount(byte[] input)
+            //throws InvalidCipherTextException
+        {
+            int count = input[input.Length - 1] & 0xff;
+
+            if (count > input.Length)
+            {
+                throw new InvalidCipherTextException("pad block corrupted");
+            }
+
+            return count;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/ISO7816d4Padding.cs b/bc-sharp-crypto/src/crypto/paddings/ISO7816d4Padding.cs
new file mode 100644
index 0000000..016b25a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/ISO7816d4Padding.cs
@@ -0,0 +1,79 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+	/**
+	 * A padder that adds the padding according to the scheme referenced in
+	 * ISO 7814-4 - scheme 2 from ISO 9797-1. The first byte is 0x80, rest is 0x00
+	 */
+	public class ISO7816d4Padding
+		: IBlockCipherPadding
+	{
+		/**
+		 * Initialise the padder.
+		 *
+		 * @param random - a SecureRandom if available.
+		 */
+		public void Init(
+			SecureRandom random)
+		{
+			// nothing to do.
+		}
+
+		/**
+		 * Return the name of the algorithm the padder implements.
+		 *
+		 * @return the name of the algorithm the padder implements.
+		 */
+		public string PaddingName
+		{
+			get { return "ISO7816-4"; }
+		}
+
+		/**
+		 * add the pad bytes to the passed in block, returning the
+		 * number of bytes added.
+		 */
+		public int AddPadding(
+			byte[]	input,
+			int		inOff)
+		{
+			int added = (input.Length - inOff);
+
+			input[inOff]= (byte) 0x80;
+			inOff ++;
+
+			while (inOff < input.Length)
+			{
+				input[inOff] = (byte) 0;
+				inOff++;
+			}
+
+			return added;
+		}
+
+		/**
+		 * return the number of pad bytes present in the block.
+		 */
+		public int PadCount(
+			byte[] input)
+		{
+			int count = input.Length - 1;
+
+			while (count > 0 && input[count] == 0)
+			{
+				count--;
+			}
+
+			if (input[count] != (byte)0x80)
+			{
+				throw new InvalidCipherTextException("pad block corrupted");
+			}
+
+			return input.Length - count;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs b/bc-sharp-crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs
new file mode 100644
index 0000000..5d2f8cf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs
@@ -0,0 +1,285 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+	/**
+	* A wrapper class that allows block ciphers to be used to process data in
+	* a piecemeal fashion with padding. The PaddedBufferedBlockCipher
+	* outputs a block only when the buffer is full and more data is being added,
+	* or on a doFinal (unless the current block in the buffer is a pad block).
+	* The default padding mechanism used is the one outlined in Pkcs5/Pkcs7.
+	*/
+	public class PaddedBufferedBlockCipher
+		: BufferedBlockCipher
+	{
+		private readonly IBlockCipherPadding padding;
+
+		/**
+		* Create a buffered block cipher with the desired padding.
+		*
+		* @param cipher the underlying block cipher this buffering object wraps.
+		* @param padding the padding type.
+		*/
+		public PaddedBufferedBlockCipher(
+			IBlockCipher		cipher,
+			IBlockCipherPadding	padding)
+		{
+			this.cipher = cipher;
+			this.padding = padding;
+
+			buf = new byte[cipher.GetBlockSize()];
+			bufOff = 0;
+		}
+
+		/**
+		* Create a buffered block cipher Pkcs7 padding
+		*
+		* @param cipher the underlying block cipher this buffering object wraps.
+		*/
+		public PaddedBufferedBlockCipher(
+			IBlockCipher cipher)
+			: this(cipher, new Pkcs7Padding())    { }
+
+		/**
+		* initialise the cipher.
+		*
+		* @param forEncryption if true the cipher is initialised for
+		*  encryption, if false for decryption.
+		* @param param the key and other data required by the cipher.
+		* @exception ArgumentException if the parameters argument is
+		* inappropriate.
+		*/
+		public override void Init(
+			bool				forEncryption,
+			ICipherParameters	parameters)
+		{
+			this.forEncryption = forEncryption;
+
+			SecureRandom initRandom = null;
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom p = (ParametersWithRandom)parameters;
+				initRandom = p.Random;
+				parameters = p.Parameters;
+			}
+
+			Reset();
+			padding.Init(initRandom);
+			cipher.Init(forEncryption, parameters);
+		}
+
+		/**
+		* return the minimum size of the output buffer required for an update
+		* plus a doFinal with an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update and doFinal
+		* with len bytes of input.
+		*/
+		public override int GetOutputSize(
+			int length)
+		{
+			int total = length + bufOff;
+			int leftOver = total % buf.Length;
+
+			if (leftOver == 0)
+			{
+				if (forEncryption)
+				{
+					return total + buf.Length;
+				}
+
+				return total;
+			}
+
+			return total - leftOver + buf.Length;
+		}
+
+		/**
+		* return the size of the output buffer required for an update
+		* an input of len bytes.
+		*
+		* @param len the length of the input.
+		* @return the space required to accommodate a call to update
+		* with len bytes of input.
+		*/
+		public override int GetUpdateOutputSize(
+			int length)
+		{
+			int total       = length + bufOff;
+			int leftOver    = total % buf.Length;
+
+			if (leftOver == 0)
+			{
+				return total - buf.Length;
+			}
+
+			return total - leftOver;
+		}
+
+		/**
+		* process a single byte, producing an output block if necessary.
+		*
+		* @param in the input byte.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessByte(
+			byte	input,
+			byte[]	output,
+			int		outOff)
+		{
+			int resultLen = 0;
+
+			if (bufOff == buf.Length)
+			{
+				resultLen = cipher.ProcessBlock(buf, 0, output, outOff);
+				bufOff = 0;
+			}
+
+			buf[bufOff++] = input;
+
+			return resultLen;
+		}
+
+		/**
+		* process an array of bytes, producing output if necessary.
+		*
+		* @param in the input byte array.
+		* @param inOff the offset at which the input data starts.
+		* @param len the number of bytes to be copied out of the input array.
+		* @param out the space for any output that might be produced.
+		* @param outOff the offset from which the output will be copied.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there isn't enough space in out.
+		* @exception InvalidOperationException if the cipher isn't initialised.
+		*/
+		public override int ProcessBytes(
+			byte[]	input,
+			int		inOff,
+			int		length,
+			byte[]	output,
+			int		outOff)
+		{
+			if (length < 0)
+			{
+				throw new ArgumentException("Can't have a negative input length!");
+			}
+
+			int blockSize = GetBlockSize();
+			int outLength = GetUpdateOutputSize(length);
+
+			if (outLength > 0)
+			{
+                Check.OutputLength(output, outOff, outLength, "output buffer too short");
+			}
+
+			int resultLen = 0;
+			int gapLen = buf.Length - bufOff;
+
+			if (length > gapLen)
+			{
+				Array.Copy(input, inOff, buf, bufOff, gapLen);
+
+				resultLen += cipher.ProcessBlock(buf, 0, output, outOff);
+
+				bufOff = 0;
+				length -= gapLen;
+				inOff += gapLen;
+
+				while (length > buf.Length)
+				{
+					resultLen += cipher.ProcessBlock(input, inOff, output, outOff + resultLen);
+
+					length -= blockSize;
+					inOff += blockSize;
+				}
+			}
+
+			Array.Copy(input, inOff, buf, bufOff, length);
+
+			bufOff += length;
+
+			return resultLen;
+		}
+
+		/**
+		* Process the last block in the buffer. If the buffer is currently
+		* full and padding needs to be added a call to doFinal will produce
+		* 2 * GetBlockSize() bytes.
+		*
+		* @param out the array the block currently being held is copied into.
+		* @param outOff the offset at which the copying starts.
+		* @return the number of output bytes copied to out.
+		* @exception DataLengthException if there is insufficient space in out for
+		* the output or we are decrypting and the input is not block size aligned.
+		* @exception InvalidOperationException if the underlying cipher is not
+		* initialised.
+		* @exception InvalidCipherTextException if padding is expected and not found.
+		*/
+		public override int DoFinal(
+			byte[]  output,
+			int     outOff)
+		{
+			int blockSize = cipher.GetBlockSize();
+			int resultLen = 0;
+
+			if (forEncryption)
+			{
+				if (bufOff == blockSize)
+				{
+					if ((outOff + 2 * blockSize) > output.Length)
+					{
+						Reset();
+
+						throw new OutputLengthException("output buffer too short");
+					}
+
+					resultLen = cipher.ProcessBlock(buf, 0, output, outOff);
+					bufOff = 0;
+				}
+
+				padding.AddPadding(buf, bufOff);
+
+				resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen);
+
+				Reset();
+			}
+			else
+			{
+				if (bufOff == blockSize)
+				{
+					resultLen = cipher.ProcessBlock(buf, 0, buf, 0);
+					bufOff = 0;
+				}
+				else
+				{
+					Reset();
+
+					throw new DataLengthException("last block incomplete in decryption");
+				}
+
+				try
+				{
+					resultLen -= padding.PadCount(buf);
+
+					Array.Copy(buf, 0, output, outOff, resultLen);
+				}
+				finally
+				{
+					Reset();
+				}
+			}
+
+			return resultLen;
+		}
+	}
+
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/Pkcs7Padding.cs b/bc-sharp-crypto/src/crypto/paddings/Pkcs7Padding.cs
new file mode 100644
index 0000000..1158564
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/Pkcs7Padding.cs
@@ -0,0 +1,76 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+    /**
+    * A padder that adds Pkcs7/Pkcs5 padding to a block.
+    */
+    public class Pkcs7Padding
+        : IBlockCipherPadding
+    {
+        /**
+        * Initialise the padder.
+        *
+        * @param random - a SecureRandom if available.
+        */
+        public void Init(
+            SecureRandom random)
+        {
+            // nothing to do.
+        }
+
+        /**
+        * Return the name of the algorithm the cipher implements.
+        *
+        * @return the name of the algorithm the cipher implements.
+        */
+        public string PaddingName
+        {
+            get { return "PKCS7"; }
+        }
+
+        /**
+        * add the pad bytes to the passed in block, returning the
+        * number of bytes added.
+        */
+        public int AddPadding(
+            byte[]  input,
+            int     inOff)
+        {
+            byte code = (byte)(input.Length - inOff);
+
+            while (inOff < input.Length)
+            {
+                input[inOff] = code;
+                inOff++;
+            }
+
+            return code;
+        }
+
+        /**
+        * return the number of pad bytes present in the block.
+        */
+        public int PadCount(
+            byte[] input)
+        {
+            byte countAsByte = input[input.Length - 1];
+            int count = countAsByte;
+
+            if (count < 1 || count > input.Length)
+                throw new InvalidCipherTextException("pad block corrupted");
+
+            for (int i = 2; i <= count; i++)
+            {
+                if (input[input.Length - i] != countAsByte)
+                    throw new InvalidCipherTextException("pad block corrupted");
+            }
+
+            return count;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/TbcPadding.cs b/bc-sharp-crypto/src/crypto/paddings/TbcPadding.cs
new file mode 100644
index 0000000..74b64e8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/TbcPadding.cs
@@ -0,0 +1,79 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+
+    /// <summary> A padder that adds Trailing-Bit-Compliment padding to a block.
+    /// <p>
+    /// This padding pads the block out compliment of the last bit
+    /// of the plain text.
+    /// </p>
+    /// </summary>
+    public class TbcPadding
+		: IBlockCipherPadding
+    {
+        /// <summary> Return the name of the algorithm the cipher implements.</summary>
+        /// <returns> the name of the algorithm the cipher implements.
+        /// </returns>
+        public string PaddingName
+        {
+            get { return "TBC"; }
+        }
+
+		/// <summary> Initialise the padder.</summary>
+        /// <param name="random">- a SecureRandom if available.
+        /// </param>
+        public virtual void Init(SecureRandom random)
+        {
+            // nothing to do.
+        }
+
+        /// <summary> add the pad bytes to the passed in block, returning the
+        /// number of bytes added.
+        /// <p>
+        /// Note: this assumes that the last block of plain text is always
+        /// passed to it inside in. i.e. if inOff is zero, indicating the
+        /// entire block is to be overwritten with padding the value of in
+        /// should be the same as the last block of plain text.
+        /// </p>
+        /// </summary>
+        public virtual int AddPadding(byte[] input, int inOff)
+        {
+            int count = input.Length - inOff;
+            byte code;
+
+            if (inOff > 0)
+            {
+                code = (byte)((input[inOff - 1] & 0x01) == 0?0xff:0x00);
+            }
+            else
+            {
+                code = (byte)((input[input.Length - 1] & 0x01) == 0?0xff:0x00);
+            }
+
+            while (inOff < input.Length)
+            {
+                input[inOff] = code;
+                inOff++;
+            }
+
+            return count;
+        }
+
+        /// <summary> return the number of pad bytes present in the block.</summary>
+        public virtual int PadCount(byte[] input)
+        {
+            byte code = input[input.Length - 1];
+
+            int index = input.Length - 1;
+            while (index > 0 && input[index - 1] == code)
+            {
+                index--;
+            }
+
+            return input.Length - index;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/X923Padding.cs b/bc-sharp-crypto/src/crypto/paddings/X923Padding.cs
new file mode 100644
index 0000000..cc1b52b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/X923Padding.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+    /**
+    * A padder that adds X9.23 padding to a block - if a SecureRandom is
+    * passed in random padding is assumed, otherwise padding with zeros is used.
+    */
+    public class X923Padding
+		: IBlockCipherPadding
+    {
+        private SecureRandom random;
+
+		/**
+        * Initialise the padder.
+        *
+        * @param random a SecureRandom if one is available.
+        */
+        public void Init(
+			SecureRandom random)
+        {
+            this.random = random;
+        }
+
+		/**
+        * Return the name of the algorithm the cipher implements.
+        *
+        * @return the name of the algorithm the cipher implements.
+        */
+        public string PaddingName
+        {
+            get { return "X9.23"; }
+        }
+
+		/**
+        * add the pad bytes to the passed in block, returning the
+        * number of bytes added.
+        */
+        public int AddPadding(
+            byte[]  input,
+            int     inOff)
+        {
+            byte code = (byte)(input.Length - inOff);
+
+            while (inOff < input.Length - 1)
+            {
+                if (random == null)
+                {
+                    input[inOff] = 0;
+                }
+                else
+                {
+                    input[inOff] = (byte)random.NextInt();
+                }
+                inOff++;
+            }
+
+            input[inOff] = code;
+
+            return code;
+        }
+
+        /**
+        * return the number of pad bytes present in the block.
+        */
+        public int PadCount(
+			byte[] input)
+        {
+            int count = input[input.Length - 1] & 0xff;
+
+            if (count > input.Length)
+            {
+                throw new InvalidCipherTextException("pad block corrupted");
+            }
+
+            return count;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/paddings/ZeroBytePadding.cs b/bc-sharp-crypto/src/crypto/paddings/ZeroBytePadding.cs
new file mode 100644
index 0000000..0d55ca4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/paddings/ZeroBytePadding.cs
@@ -0,0 +1,68 @@
+using System;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Paddings
+{
+
+    /// <summary> A padder that adds Null byte padding to a block.</summary>
+    public class ZeroBytePadding : IBlockCipherPadding
+    {
+        /// <summary> Return the name of the algorithm the cipher implements.
+        ///
+        /// </summary>
+        /// <returns> the name of the algorithm the cipher implements.
+        /// </returns>
+        public string PaddingName
+        {
+            get { return "ZeroBytePadding"; }
+        }
+
+		/// <summary> Initialise the padder.
+        ///
+        /// </summary>
+        /// <param name="random">- a SecureRandom if available.
+        /// </param>
+        public void Init(SecureRandom random)
+        {
+            // nothing to do.
+        }
+
+        /// <summary> add the pad bytes to the passed in block, returning the
+        /// number of bytes added.
+        /// </summary>
+        public int AddPadding(
+			byte[]	input,
+			int		inOff)
+        {
+            int added = (input.Length - inOff);
+
+            while (inOff < input.Length)
+            {
+                input[inOff] = (byte) 0;
+                inOff++;
+            }
+
+            return added;
+        }
+
+		/// <summary> return the number of pad bytes present in the block.</summary>
+        public int PadCount(
+			byte[] input)
+        {
+            int count = input.Length;
+
+            while (count > 0)
+            {
+                if (input[count - 1] != 0)
+                {
+                    break;
+                }
+
+                count--;
+            }
+
+            return input.Length - count;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/AEADParameters.cs b/bc-sharp-crypto/src/crypto/parameters/AEADParameters.cs
new file mode 100644
index 0000000..825d6b7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/AEADParameters.cs
@@ -0,0 +1,65 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class AeadParameters
+		: ICipherParameters
+	{
+		private readonly byte[] associatedText;
+		private readonly byte[] nonce;
+		private readonly KeyParameter key;
+		private readonly int macSize;
+
+        /**
+         * Base constructor.
+         *
+         * @param key key to be used by underlying cipher
+         * @param macSize macSize in bits
+         * @param nonce nonce to be used
+         */
+        public AeadParameters(KeyParameter key, int macSize, byte[] nonce)
+           : this(key, macSize, nonce, null)
+        {
+        }
+
+        /**
+		 * Base constructor.
+		 *
+		 * @param key key to be used by underlying cipher
+		 * @param macSize macSize in bits
+		 * @param nonce nonce to be used
+		 * @param associatedText associated text, if any
+		 */
+		public AeadParameters(
+			KeyParameter	key,
+			int				macSize,
+			byte[]			nonce,
+			byte[]			associatedText)
+		{
+			this.key = key;
+			this.nonce = nonce;
+			this.macSize = macSize;
+			this.associatedText = associatedText;
+		}
+
+		public virtual KeyParameter Key
+		{
+			get { return key; }
+		}
+
+		public virtual int MacSize
+		{
+			get { return macSize; }
+		}
+
+		public virtual byte[] GetAssociatedText()
+		{
+			return associatedText;
+		}
+
+		public virtual byte[] GetNonce()
+		{
+			return nonce;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/CcmParameters.cs b/bc-sharp-crypto/src/crypto/parameters/CcmParameters.cs
new file mode 100644
index 0000000..d445908
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/CcmParameters.cs
@@ -0,0 +1,26 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    [Obsolete("Use AeadParameters")]
+    public class CcmParameters
+        : AeadParameters 
+    {
+		/**
+		 * Base constructor.
+		 * 
+		 * @param key key to be used by underlying cipher
+		 * @param macSize macSize in bits
+		 * @param nonce nonce to be used
+		 * @param associatedText associated text, if any
+		 */
+		public CcmParameters(
+			KeyParameter	key,
+			int				macSize,
+			byte[]			nonce,
+			byte[]			associatedText)
+			: base(key, macSize, nonce, associatedText)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHKeyGenerationParameters.cs
new file mode 100644
index 0000000..ab3e18f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHKeyGenerationParameters.cs
@@ -0,0 +1,31 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHKeyGenerationParameters
+		: KeyGenerationParameters
+    {
+        private readonly DHParameters parameters;
+
+		public DHKeyGenerationParameters(
+            SecureRandom	random,
+            DHParameters	parameters)
+			: base(random, GetStrength(parameters))
+        {
+            this.parameters = parameters;
+        }
+
+		public DHParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+		internal static int GetStrength(
+			DHParameters parameters)
+		{
+			return parameters.L != 0 ? parameters.L : parameters.P.BitLength;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHKeyParameters.cs
new file mode 100644
index 0000000..1a5c138
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHKeyParameters.cs
@@ -0,0 +1,76 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHKeyParameters
+		: AsymmetricKeyParameter
+    {
+        private readonly DHParameters parameters;
+		private readonly DerObjectIdentifier algorithmOid;
+
+		protected DHKeyParameters(
+            bool			isPrivate,
+            DHParameters	parameters)
+			: this(isPrivate, parameters, PkcsObjectIdentifiers.DhKeyAgreement)
+        {
+        }
+
+		protected DHKeyParameters(
+            bool				isPrivate,
+            DHParameters		parameters,
+			DerObjectIdentifier	algorithmOid)
+			: base(isPrivate)
+        {
+			// TODO Should we allow parameters to be null?
+            this.parameters = parameters;
+			this.algorithmOid = algorithmOid;
+        }
+
+		public DHParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+		public DerObjectIdentifier AlgorithmOid
+		{
+			get { return algorithmOid; }
+		}
+
+		public override bool Equals(
+			object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DHKeyParameters other = obj as DHKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DHKeyParameters other)
+		{
+			return Platform.Equals(parameters, other.parameters)
+				&& base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+			int hc = base.GetHashCode();
+
+			if (parameters != null)
+			{
+				hc ^= parameters.GetHashCode();
+			}
+
+			return hc;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHParameters.cs
new file mode 100644
index 0000000..bdea124
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHParameters.cs
@@ -0,0 +1,185 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHParameters
+		: ICipherParameters
+    {
+		private const int DefaultMinimumLength = 160;
+
+		private readonly BigInteger p, g, q, j;
+		private readonly int m, l;
+		private readonly DHValidationParameters validation;
+
+		private static int GetDefaultMParam(
+			int lParam)
+		{
+			if (lParam == 0)
+				return DefaultMinimumLength;
+
+			return System.Math.Min(lParam, DefaultMinimumLength);
+		}
+
+		public DHParameters(
+			BigInteger	p,
+			BigInteger	g)
+			: this(p, g, null, 0)
+		{
+		}
+
+		public DHParameters(
+			BigInteger	p,
+			BigInteger	g,
+			BigInteger	q)
+			: this(p, g, q, 0)
+		{
+		}
+
+		public DHParameters(
+			BigInteger	p,
+			BigInteger	g,
+			BigInteger	q,
+			int			l)
+			: this(p, g, q, GetDefaultMParam(l), l, null, null)
+		{
+		}
+
+		public DHParameters(
+			BigInteger  p,
+			BigInteger  g,
+			BigInteger  q,
+			int         m,
+			int         l)
+			: this(p, g, q, m, l, null, null)
+		{
+		}
+
+		public DHParameters(
+			BigInteger				p,
+			BigInteger				g,
+			BigInteger				q,
+			BigInteger				j,
+			DHValidationParameters	validation)
+			: this(p, g, q,  DefaultMinimumLength, 0, j, validation)
+		{
+		}
+
+		public DHParameters(
+			BigInteger				p,
+			BigInteger				g,
+			BigInteger				q,
+			int						m,
+			int						l,
+			BigInteger				j,
+			DHValidationParameters	validation)
+		{
+			if (p == null)
+				throw new ArgumentNullException("p");
+			if (g == null)
+				throw new ArgumentNullException("g");
+			if (!p.TestBit(0))
+				throw new ArgumentException("field must be an odd prime", "p");
+			if (g.CompareTo(BigInteger.Two) < 0
+				|| g.CompareTo(p.Subtract(BigInteger.Two)) > 0)
+				throw new ArgumentException("generator must in the range [2, p - 2]", "g");
+			if (q != null && q.BitLength >= p.BitLength)
+				throw new ArgumentException("q too big to be a factor of (p-1)", "q");
+			if (m >= p.BitLength)
+				throw new ArgumentException("m value must be < bitlength of p", "m");
+			if (l != 0)
+			{ 
+                // TODO Check this against the Java version, which has 'l > p.BitLength' here
+	            if (l >= p.BitLength)
+                	throw new ArgumentException("when l value specified, it must be less than bitlength(p)", "l");
+				if (l < m)
+					throw new ArgumentException("when l value specified, it may not be less than m value", "l");
+			}
+			if (j != null && j.CompareTo(BigInteger.Two) < 0)
+				throw new ArgumentException("subgroup factor must be >= 2", "j");
+
+			// TODO If q, j both provided, validate p = jq + 1 ?
+
+			this.p = p;
+			this.g = g;
+			this.q = q;
+			this.m = m;
+			this.l = l;
+			this.j = j;
+			this.validation = validation;
+        }
+
+		public BigInteger P
+        {
+            get { return p; }
+        }
+
+		public BigInteger G
+        {
+            get { return g; }
+        }
+
+		public BigInteger Q
+        {
+            get { return q; }
+        }
+
+		public BigInteger J
+        {
+            get { return j; }
+        }
+
+		/// <summary>The minimum bitlength of the private value.</summary>
+		public int M
+		{
+			get { return m; }
+		}
+
+		/// <summary>The bitlength of the private value.</summary>
+		public int L
+		{
+			get { return l; }
+		}
+
+		public DHValidationParameters ValidationParameters
+        {
+			get { return validation; }
+        }
+
+		public override bool Equals(
+			object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DHParameters other = obj as DHParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+		}
+
+		protected virtual bool Equals(
+			DHParameters other)
+		{
+			return p.Equals(other.p)
+				&& g.Equals(other.g)
+				&& Platform.Equals(q, other.q);
+		}
+
+		public override int GetHashCode()
+        {
+			int hc = p.GetHashCode() ^ g.GetHashCode();
+
+			if (q != null)
+			{
+				hc ^= q.GetHashCode();
+			}
+
+			return hc;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHPrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHPrivateKeyParameters.cs
new file mode 100644
index 0000000..fc724df
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHPrivateKeyParameters.cs
@@ -0,0 +1,60 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHPrivateKeyParameters
+		: DHKeyParameters
+    {
+        private readonly BigInteger x;
+
+		public DHPrivateKeyParameters(
+            BigInteger		x,
+            DHParameters	parameters)
+			: base(true, parameters)
+        {
+            this.x = x;
+        }
+
+		public DHPrivateKeyParameters(
+            BigInteger			x,
+            DHParameters		parameters,
+		    DerObjectIdentifier	algorithmOid)
+			: base(true, parameters, algorithmOid)
+        {
+            this.x = x;
+        }
+
+		public BigInteger X
+        {
+            get { return x; }
+        }
+
+		public override bool Equals(
+			object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DHPrivateKeyParameters other = obj as DHPrivateKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DHPrivateKeyParameters other)
+		{
+			return x.Equals(other.x) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+            return x.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHPublicKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHPublicKeyParameters.cs
new file mode 100644
index 0000000..e7aeeff
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHPublicKeyParameters.cs
@@ -0,0 +1,79 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHPublicKeyParameters
+		: DHKeyParameters
+    {
+        private static BigInteger Validate(BigInteger y, DHParameters dhParams)
+        {
+            if (y == null)
+                throw new ArgumentNullException("y");
+
+            // TLS check
+            if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(dhParams.P.Subtract(BigInteger.Two)) > 0)
+                throw new ArgumentException("invalid DH public key", "y");
+
+            // we can't validate without Q.
+            if (dhParams.Q != null
+                && !y.ModPow(dhParams.Q, dhParams.P).Equals(BigInteger.One))
+            {
+                throw new ArgumentException("y value does not appear to be in correct group", "y");
+            }
+
+            return y;
+        }
+
+        private readonly BigInteger y;
+
+		public DHPublicKeyParameters(
+            BigInteger		y,
+            DHParameters	parameters)
+			: base(false, parameters)
+        {
+			this.y = Validate(y, parameters);
+        }
+
+		public DHPublicKeyParameters(
+            BigInteger			y,
+            DHParameters		parameters,
+		    DerObjectIdentifier	algorithmOid)
+			: base(false, parameters, algorithmOid)
+        {
+            this.y = Validate(y, parameters);
+        }
+
+        public virtual BigInteger Y
+        {
+            get { return y; }
+        }
+
+		public override bool Equals(
+			object  obj)
+        {
+			if (obj == this)
+				return true;
+
+			DHPublicKeyParameters other = obj as DHPublicKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DHPublicKeyParameters other)
+		{
+			return y.Equals(other.y) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+            return y.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DHValidationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DHValidationParameters.cs
new file mode 100644
index 0000000..50c0739
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DHValidationParameters.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DHValidationParameters
+    {
+        private readonly byte[] seed;
+        private readonly int counter;
+
+		public DHValidationParameters(
+            byte[]	seed,
+            int		counter)
+        {
+			if (seed == null)
+				throw new ArgumentNullException("seed");
+
+			this.seed = (byte[]) seed.Clone();
+            this.counter = counter;
+        }
+
+		public byte[] GetSeed()
+        {
+            return (byte[]) seed.Clone();
+        }
+
+		public int Counter
+        {
+            get { return counter; }
+        }
+
+		public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DHValidationParameters other = obj as DHValidationParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+		}
+
+		protected bool Equals(
+			DHValidationParameters other)
+		{
+			return counter == other.counter
+				&& Arrays.AreEqual(this.seed, other.seed);
+		}
+
+		public override int GetHashCode()
+        {
+			return counter.GetHashCode() ^ Arrays.GetHashCode(seed);
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs
new file mode 100644
index 0000000..7427574
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs
@@ -0,0 +1,74 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaParameterGenerationParameters
+    {
+        public const int DigitalSignatureUsage = 1;
+        public const int KeyEstablishmentUsage = 2;
+
+        private readonly int l;
+        private readonly int n;
+        private readonly int certainty;
+        private readonly SecureRandom random;
+        private readonly int usageIndex;
+
+        /**
+         * Construct without a usage index, this will do a random construction of G.
+         *
+         * @param L desired length of prime P in bits (the effective key size).
+         * @param N desired length of prime Q in bits.
+         * @param certainty certainty level for prime number generation.
+         * @param random the source of randomness to use.
+         */
+        public DsaParameterGenerationParameters(int L, int N, int certainty, SecureRandom random)
+            : this(L, N, certainty, random, -1)
+        {
+        }
+
+        /**
+         * Construct for a specific usage index - this has the effect of using verifiable canonical generation of G.
+         *
+         * @param L desired length of prime P in bits (the effective key size).
+         * @param N desired length of prime Q in bits.
+         * @param certainty certainty level for prime number generation.
+         * @param random the source of randomness to use.
+         * @param usageIndex a valid usage index.
+         */
+        public DsaParameterGenerationParameters(int L, int N, int certainty, SecureRandom random, int usageIndex)
+        {
+            this.l = L;
+            this.n = N;
+            this.certainty = certainty;
+            this.random = random;
+            this.usageIndex = usageIndex;
+        }
+
+        public virtual int L
+        {
+            get { return l; }
+        }
+
+        public virtual int N
+        {
+            get { return n; }
+        }
+
+        public virtual int UsageIndex
+        {
+            get { return usageIndex; }
+        }
+
+        public virtual int Certainty
+        {
+            get { return certainty; }
+        }
+
+        public virtual SecureRandom Random
+        {
+            get { return random; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DesEdeParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DesEdeParameters.cs
new file mode 100644
index 0000000..6be56fb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DesEdeParameters.cs
@@ -0,0 +1,140 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DesEdeParameters
+		: DesParameters
+    {
+        /*
+        * DES-EDE Key length in bytes.
+        */
+		public const int DesEdeKeyLength = 24;
+
+		private static byte[] FixKey(
+			byte[]	key,
+			int		keyOff,
+			int		keyLen)
+		{
+			byte[] tmp = new byte[24];
+
+			switch (keyLen)
+			{
+				case 16:
+					Array.Copy(key, keyOff, tmp, 0, 16);
+					Array.Copy(key, keyOff, tmp, 16, 8);
+					break;
+				case 24:
+					Array.Copy(key, keyOff, tmp, 0, 24);
+					break;
+				default:
+					throw new ArgumentException("Bad length for DESede key: " + keyLen, "keyLen");
+			}
+
+			if (IsWeakKey(tmp))
+				throw new ArgumentException("attempt to create weak DESede key");
+
+			return tmp;
+		}
+
+		public DesEdeParameters(
+            byte[] key)
+			: base(FixKey(key, 0, key.Length))
+        {
+        }
+
+		public DesEdeParameters(
+			byte[]	key,
+			int		keyOff,
+			int		keyLen)
+			: base(FixKey(key, keyOff, keyLen))
+		{
+		}
+
+		/**
+         * return true if the passed in key is a DES-EDE weak key.
+         *
+         * @param key bytes making up the key
+         * @param offset offset into the byte array the key starts at
+         * @param length number of bytes making up the key
+         */
+        public static bool IsWeakKey(
+            byte[]  key,
+            int     offset,
+            int     length)
+        {
+            for (int i = offset; i < length; i += DesKeyLength)
+            {
+                if (DesParameters.IsWeakKey(key, i))
+                {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+
+        /**
+         * return true if the passed in key is a DES-EDE weak key.
+         *
+         * @param key bytes making up the key
+         * @param offset offset into the byte array the key starts at
+         */
+        public static new bool IsWeakKey(
+            byte[]	key,
+            int		offset)
+        {
+            return IsWeakKey(key, offset, key.Length - offset);
+        }
+
+		public static new bool IsWeakKey(
+			byte[] key)
+		{
+			return IsWeakKey(key, 0, key.Length);
+		}
+
+        /**
+         * return true if the passed in key is a real 2/3 part DES-EDE key.
+         *
+         * @param key bytes making up the key
+         * @param offset offset into the byte array the key starts at
+         */
+        public static bool IsRealEdeKey(byte[] key, int offset)
+        {
+            return key.Length == 16 ? IsReal2Key(key, offset) : IsReal3Key(key, offset);
+        }
+
+        /**
+         * return true if the passed in key is a real 2 part DES-EDE key.
+         *
+         * @param key bytes making up the key
+         * @param offset offset into the byte array the key starts at
+         */
+        public static bool IsReal2Key(byte[] key, int offset)
+        {
+            bool isValid = false;
+            for (int i = offset; i != offset + 8; i++)
+            {
+                isValid |= (key[i] != key[i + 8]);
+            }
+            return isValid;
+        }
+
+        /**
+         * return true if the passed in key is a real 3 part DES-EDE key.
+         *
+         * @param key bytes making up the key
+         * @param offset offset into the byte array the key starts at
+         */
+        public static bool IsReal3Key(byte[] key, int offset)
+        {
+            bool diff12 = false, diff13 = false, diff23 = false;
+            for (int i = offset; i != offset + 8; i++)
+            {
+                diff12 |= (key[i] != key[i + 8]);
+                diff13 |= (key[i] != key[i + 16]);
+                diff23 |= (key[i + 8] != key[i + 16]);
+            }
+            return diff12 && diff13 && diff23;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DesParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DesParameters.cs
new file mode 100644
index 0000000..a1f67e2
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DesParameters.cs
@@ -0,0 +1,139 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DesParameters
+		: KeyParameter
+    {
+        public DesParameters(
+            byte[] key)
+			: base(key)
+        {
+            if (IsWeakKey(key))
+				throw new ArgumentException("attempt to create weak DES key");
+        }
+
+		public DesParameters(
+			byte[]	key,
+			int		keyOff,
+			int		keyLen)
+			: base(key, keyOff, keyLen)
+		{
+			if (IsWeakKey(key, keyOff))
+				throw new ArgumentException("attempt to create weak DES key");
+		}
+
+		/*
+        * DES Key Length in bytes.
+        */
+        public const int DesKeyLength = 8;
+
+        /*
+        * Table of weak and semi-weak keys taken from Schneier pp281
+        */
+        private const int N_DES_WEAK_KEYS = 16;
+
+        private static readonly byte[] DES_weak_keys =
+        {
+            /* weak keys */
+            (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
+            (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
+            (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
+            (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe,
+
+            /* semi-weak keys */
+            (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe,
+            (byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1,
+            (byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1,
+            (byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe,
+            (byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e,
+            (byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe,
+            (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01,
+            (byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e,
+            (byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01,
+            (byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e,
+            (byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01,
+            (byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1
+        };
+
+        /**
+        * DES has 16 weak keys.  This method will check
+        * if the given DES key material is weak or semi-weak.
+        * Key material that is too short is regarded as weak.
+        * <p>
+        * See <a href="http://www.counterpane.com/applied.html">"Applied
+        * Cryptography"</a> by Bruce Schneier for more information.
+        * </p>
+        * @return true if the given DES key material is weak or semi-weak,
+        *     false otherwise.
+        */
+        public static bool IsWeakKey(
+            byte[]	key,
+            int		offset)
+        {
+            if (key.Length - offset < DesKeyLength)
+                throw new ArgumentException("key material too short.");
+
+			//nextkey:
+            for (int i = 0; i < N_DES_WEAK_KEYS; i++)
+            {
+                bool unmatch = false;
+                for (int j = 0; j < DesKeyLength; j++)
+                {
+                    if (key[j + offset] != DES_weak_keys[i * DesKeyLength + j])
+                    {
+                        //continue nextkey;
+                        unmatch = true;
+						break;
+                    }
+                }
+
+				if (!unmatch)
+				{
+					return true;
+				}
+            }
+
+			return false;
+        }
+
+		public static bool IsWeakKey(
+			byte[] key)
+		{
+			return IsWeakKey(key, 0);
+		}
+
+        public static byte SetOddParity(byte b)
+        {
+            uint parity = b ^ 1U;
+            parity ^= (parity >> 4);
+            parity ^= (parity >> 2);
+            parity ^= (parity >> 1);
+            parity &= 1U;
+
+            return (byte)(b ^ parity);
+        }
+
+        /**
+        * DES Keys use the LSB as the odd parity bit.  This can
+        * be used to check for corrupt keys.
+        *
+        * @param bytes the byte array to set the parity on.
+        */
+        public static void SetOddParity(byte[] bytes)
+        {
+            for (int i = 0; i < bytes.Length; i++)
+            {
+                bytes[i] = SetOddParity(bytes[i]);
+            }
+        }
+
+        public static void SetOddParity(byte[] bytes, int off, int len)
+        {
+            for (int i = 0; i < len; i++)
+            {
+                bytes[off + i] = SetOddParity(bytes[off + i]);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs
new file mode 100644
index 0000000..86d6f5b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs
@@ -0,0 +1,26 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaKeyGenerationParameters
+		: KeyGenerationParameters
+    {
+        private readonly DsaParameters parameters;
+
+        public DsaKeyGenerationParameters(
+            SecureRandom	random,
+            DsaParameters	parameters)
+			: base(random, parameters.P.BitLength - 1)
+        {
+            this.parameters = parameters;
+        }
+
+		public DsaParameters Parameters
+        {
+            get { return parameters; }
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaKeyParameters.cs
new file mode 100644
index 0000000..5fe6d7a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaKeyParameters.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public abstract class DsaKeyParameters
+		: AsymmetricKeyParameter
+    {
+		private readonly DsaParameters parameters;
+
+		protected DsaKeyParameters(
+            bool			isPrivate,
+            DsaParameters	parameters)
+			: base(isPrivate)
+        {
+			// Note: parameters may be null
+            this.parameters = parameters;
+        }
+
+		public DsaParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			DsaKeyParameters other = obj as DsaKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+		}
+
+		protected bool Equals(
+			DsaKeyParameters other)
+		{
+			return Platform.Equals(parameters, other.parameters)
+				&& base.Equals(other);
+		}
+
+		public override int GetHashCode()
+		{
+			int hc = base.GetHashCode();
+
+			if (parameters != null)
+			{
+				hc ^= parameters.GetHashCode();
+			}
+
+			return hc;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaParameters.cs
new file mode 100644
index 0000000..50d080e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaParameters.cs
@@ -0,0 +1,85 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaParameters
+		: ICipherParameters
+    {
+        private readonly BigInteger p, q , g;
+        private readonly DsaValidationParameters validation;
+
+		public DsaParameters(
+            BigInteger	p,
+            BigInteger	q,
+            BigInteger	g)
+			: this(p, q, g, null)
+        {
+        }
+
+		public DsaParameters(
+            BigInteger				p,
+            BigInteger				q,
+            BigInteger				g,
+            DsaValidationParameters	parameters)
+        {
+			if (p == null)
+				throw new ArgumentNullException("p");
+			if (q == null)
+				throw new ArgumentNullException("q");
+			if (g == null)
+				throw new ArgumentNullException("g");
+
+			this.p = p;
+            this.q = q;
+			this.g = g;
+			this.validation = parameters;
+        }
+
+        public BigInteger P
+        {
+            get { return p; }
+        }
+
+		public BigInteger Q
+        {
+            get { return q; }
+        }
+
+		public BigInteger G
+        {
+            get { return g; }
+        }
+
+		public DsaValidationParameters ValidationParameters
+        {
+			get { return validation; }
+        }
+
+		public override bool Equals(
+			object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DsaParameters other = obj as DsaParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DsaParameters other)
+		{
+			return p.Equals(other.p) && q.Equals(other.q) && g.Equals(other.g);
+		}
+
+		public override int GetHashCode()
+        {
+			return p.GetHashCode() ^ q.GetHashCode() ^ g.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs
new file mode 100644
index 0000000..2abdd0e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs
@@ -0,0 +1,53 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaPrivateKeyParameters
+		: DsaKeyParameters
+    {
+        private readonly BigInteger x;
+
+		public DsaPrivateKeyParameters(
+            BigInteger		x,
+            DsaParameters	parameters)
+			: base(true, parameters)
+        {
+			if (x == null)
+				throw new ArgumentNullException("x");
+
+			this.x = x;
+        }
+
+		public BigInteger X
+        {
+            get { return x; }
+        }
+
+		public override bool Equals(
+			object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DsaPrivateKeyParameters other = obj as DsaPrivateKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DsaPrivateKeyParameters other)
+		{
+			return x.Equals(other.x) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+            return x.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaPublicKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaPublicKeyParameters.cs
new file mode 100644
index 0000000..3a81bfd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaPublicKeyParameters.cs
@@ -0,0 +1,68 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaPublicKeyParameters
+		: DsaKeyParameters
+    {
+        private static BigInteger Validate(BigInteger y, DsaParameters parameters)
+        {
+            // we can't validate without params, fortunately we can't use the key either...
+            if (parameters != null)
+            {
+                if (y.CompareTo(BigInteger.Two) < 0
+                    || y.CompareTo(parameters.P.Subtract(BigInteger.Two)) > 0
+                    || !y.ModPow(parameters.Q, parameters.P).Equals(BigInteger.One))
+                {
+                    throw new ArgumentException("y value does not appear to be in correct group");
+                }
+            }
+
+            return y;
+        }
+
+        private readonly BigInteger y;
+
+		public DsaPublicKeyParameters(
+            BigInteger		y,
+            DsaParameters	parameters)
+			: base(false, parameters)
+        {
+			if (y == null)
+				throw new ArgumentNullException("y");
+
+			this.y = Validate(y, parameters);
+        }
+
+		public BigInteger Y
+        {
+            get { return y; }
+        }
+
+		public override bool Equals(object obj)
+        {
+			if (obj == this)
+				return true;
+
+			DsaPublicKeyParameters other = obj as DsaPublicKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			DsaPublicKeyParameters other)
+		{
+			return y.Equals(other.y) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+			return y.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/DsaValidationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/DsaValidationParameters.cs
new file mode 100644
index 0000000..c2f84c7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/DsaValidationParameters.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class DsaValidationParameters
+    {
+        private readonly byte[] seed;
+        private readonly int counter;
+        private readonly int usageIndex;
+
+        public DsaValidationParameters(byte[] seed, int counter)
+            : this(seed, counter, -1)
+        {
+        }
+
+        public DsaValidationParameters(
+            byte[]	seed,
+            int		counter,
+            int     usageIndex)
+        {
+            if (seed == null)
+                throw new ArgumentNullException("seed");
+
+            this.seed = (byte[]) seed.Clone();
+            this.counter = counter;
+            this.usageIndex = usageIndex;
+        }
+
+        public virtual byte[] GetSeed()
+        {
+            return (byte[]) seed.Clone();
+        }
+
+        public virtual int Counter
+        {
+            get { return counter; }
+        }
+
+        public virtual int UsageIndex
+        {
+            get { return usageIndex; }
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            DsaValidationParameters other = obj as DsaValidationParameters;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        protected virtual bool Equals(
+            DsaValidationParameters other)
+        {
+            return counter == other.counter
+                && Arrays.AreEqual(seed, other.seed);
+        }
+
+        public override int GetHashCode()
+        {
+            return counter.GetHashCode() ^ Arrays.GetHashCode(seed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ECDomainParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ECDomainParameters.cs
new file mode 100644
index 0000000..732fbdf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ECDomainParameters.cs
@@ -0,0 +1,117 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ECDomainParameters
+    {
+        internal ECCurve     curve;
+        internal byte[]      seed;
+        internal ECPoint     g;
+        internal BigInteger  n;
+        internal BigInteger  h;
+
+        public ECDomainParameters(
+            ECCurve     curve,
+            ECPoint     g,
+            BigInteger  n)
+            : this(curve, g, n, BigInteger.One)
+        {
+        }
+
+        public ECDomainParameters(
+            ECCurve     curve,
+            ECPoint     g,
+            BigInteger  n,
+            BigInteger  h)
+            : this(curve, g, n, h, null)
+        {
+        }
+
+        public ECDomainParameters(
+            ECCurve     curve,
+            ECPoint     g,
+            BigInteger  n,
+            BigInteger  h,
+            byte[]      seed)
+        {
+            if (curve == null)
+                throw new ArgumentNullException("curve");
+            if (g == null)
+                throw new ArgumentNullException("g");
+            if (n == null)
+                throw new ArgumentNullException("n");
+            if (h == null)
+                throw new ArgumentNullException("h");
+
+            this.curve = curve;
+            this.g = g.Normalize();
+            this.n = n;
+            this.h = h;
+            this.seed = Arrays.Clone(seed);
+        }
+
+        public ECCurve Curve
+        {
+            get { return curve; }
+        }
+
+        public ECPoint G
+        {
+            get { return g; }
+        }
+
+        public BigInteger N
+        {
+            get { return n; }
+        }
+
+        public BigInteger H
+        {
+            get { return h; }
+        }
+
+        public byte[] GetSeed()
+        {
+            return Arrays.Clone(seed);
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            ECDomainParameters other = obj as ECDomainParameters;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        protected virtual bool Equals(
+            ECDomainParameters other)
+        {
+            return curve.Equals(other.curve)
+                &&	g.Equals(other.g)
+                &&	n.Equals(other.n)
+                &&	h.Equals(other.h);
+        }
+
+        public override int GetHashCode()
+        {
+            int hc = curve.GetHashCode();
+            hc *= 37;
+            hc ^= g.GetHashCode();
+            hc *= 37;
+            hc ^= n.GetHashCode();
+            hc *= 37;
+            hc ^= h.GetHashCode();
+            return hc;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ECKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ECKeyGenerationParameters.cs
new file mode 100644
index 0000000..9b2b988
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ECKeyGenerationParameters.cs
@@ -0,0 +1,41 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ECKeyGenerationParameters
+		: KeyGenerationParameters
+    {
+        private readonly ECDomainParameters domainParams;
+		private readonly DerObjectIdentifier publicKeyParamSet;
+
+		public ECKeyGenerationParameters(
+			ECDomainParameters	domainParameters,
+			SecureRandom		random)
+			: base(random, domainParameters.N.BitLength)
+        {
+            this.domainParams = domainParameters;
+        }
+
+		public ECKeyGenerationParameters(
+			DerObjectIdentifier	publicKeyParamSet,
+			SecureRandom		random)
+			: this(ECKeyParameters.LookupParameters(publicKeyParamSet), random)
+		{
+			this.publicKeyParamSet = publicKeyParamSet;
+		}
+
+		public ECDomainParameters DomainParameters
+        {
+			get { return domainParams; }
+        }
+
+		public DerObjectIdentifier PublicKeyParamSet
+		{
+			get { return publicKeyParamSet; }
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ECKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ECKeyParameters.cs
new file mode 100644
index 0000000..70b3543
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ECKeyParameters.cs
@@ -0,0 +1,136 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public abstract class ECKeyParameters
+        : AsymmetricKeyParameter
+    {
+        private static readonly string[] algorithms = { "EC", "ECDSA", "ECDH", "ECDHC", "ECGOST3410", "ECMQV" };
+
+        private readonly string algorithm;
+        private readonly ECDomainParameters parameters;
+        private readonly DerObjectIdentifier publicKeyParamSet;
+
+        protected ECKeyParameters(
+            string				algorithm,
+            bool				isPrivate,
+            ECDomainParameters	parameters)
+            : base(isPrivate)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+            if (parameters == null)
+                throw new ArgumentNullException("parameters");
+
+            this.algorithm = VerifyAlgorithmName(algorithm);
+            this.parameters = parameters;
+        }
+
+        protected ECKeyParameters(
+            string				algorithm,
+            bool				isPrivate,
+            DerObjectIdentifier	publicKeyParamSet)
+            : base(isPrivate)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+            if (publicKeyParamSet == null)
+                throw new ArgumentNullException("publicKeyParamSet");
+
+            this.algorithm = VerifyAlgorithmName(algorithm);
+            this.parameters = LookupParameters(publicKeyParamSet);
+            this.publicKeyParamSet = publicKeyParamSet;
+        }
+
+        public string AlgorithmName
+        {
+            get { return algorithm; }
+        }
+
+        public ECDomainParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+        public DerObjectIdentifier PublicKeyParamSet
+        {
+            get { return publicKeyParamSet; }
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            ECDomainParameters other = obj as ECDomainParameters;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        protected bool Equals(
+            ECKeyParameters other)
+        {
+            return parameters.Equals(other.parameters) && base.Equals(other);
+        }
+
+        public override int GetHashCode()
+        {
+            return parameters.GetHashCode() ^ base.GetHashCode();
+        }
+
+        internal ECKeyGenerationParameters CreateKeyGenerationParameters(
+            SecureRandom random)
+        {
+            if (publicKeyParamSet != null)
+            {
+                return new ECKeyGenerationParameters(publicKeyParamSet, random);
+            }
+
+            return new ECKeyGenerationParameters(parameters, random);
+        }
+
+        internal static string VerifyAlgorithmName(string algorithm)
+        {
+            string upper = Platform.ToUpperInvariant(algorithm);
+            if (Array.IndexOf(algorithms, algorithm, 0, algorithms.Length) < 0)
+                throw new ArgumentException("unrecognised algorithm: " + algorithm, "algorithm");
+            return upper;
+        }
+
+        internal static ECDomainParameters LookupParameters(
+            DerObjectIdentifier publicKeyParamSet)
+        {
+            if (publicKeyParamSet == null)
+                throw new ArgumentNullException("publicKeyParamSet");
+
+            ECDomainParameters p = ECGost3410NamedCurves.GetByOid(publicKeyParamSet);
+
+            if (p == null)
+            {
+                X9ECParameters x9 = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet);
+
+                if (x9 == null)
+                {
+                    throw new ArgumentException("OID is not a valid public key parameter set", "publicKeyParamSet");
+                }
+
+                p = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
+            }
+
+            return p;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ECPrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ECPrivateKeyParameters.cs
new file mode 100644
index 0000000..4d0fa1f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ECPrivateKeyParameters.cs
@@ -0,0 +1,87 @@
+using System;
+using System.Globalization;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ECPrivateKeyParameters
+        : ECKeyParameters
+    {
+        private readonly BigInteger d;
+
+        public ECPrivateKeyParameters(
+            BigInteger			d,
+            ECDomainParameters	parameters)
+            : this("EC", d, parameters)
+        {
+        }
+
+        [Obsolete("Use version with explicit 'algorithm' parameter")]
+        public ECPrivateKeyParameters(
+            BigInteger			d,
+            DerObjectIdentifier publicKeyParamSet)
+            : base("ECGOST3410", true, publicKeyParamSet)
+        {
+            if (d == null)
+                throw new ArgumentNullException("d");
+
+            this.d = d;
+        }
+
+        public ECPrivateKeyParameters(
+            string				algorithm,
+            BigInteger			d,
+            ECDomainParameters	parameters)
+            : base(algorithm, true, parameters)
+        {
+            if (d == null)
+                throw new ArgumentNullException("d");
+
+            this.d = d;
+        }
+
+        public ECPrivateKeyParameters(
+            string				algorithm,
+            BigInteger			d,
+            DerObjectIdentifier publicKeyParamSet)
+            : base(algorithm, true, publicKeyParamSet)
+        {
+            if (d == null)
+                throw new ArgumentNullException("d");
+
+            this.d = d;
+        }
+
+        public BigInteger D
+        {
+            get { return d; }
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            ECPrivateKeyParameters other = obj as ECPrivateKeyParameters;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        protected bool Equals(
+            ECPrivateKeyParameters other)
+        {
+            return d.Equals(other.d) && base.Equals(other);
+        }
+
+        public override int GetHashCode()
+        {
+            return d.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ECPublicKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ECPublicKeyParameters.cs
new file mode 100644
index 0000000..474e5d8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ECPublicKeyParameters.cs
@@ -0,0 +1,101 @@
+using System;
+using System.Globalization;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ECPublicKeyParameters
+        : ECKeyParameters
+    {
+        private static ECPoint Validate(ECPoint q)
+        {
+            if (q == null)
+                throw new ArgumentNullException("q");
+            if (q.IsInfinity)
+                throw new ArgumentException("point at infinity", "q");
+
+            q = q.Normalize();
+
+            if (!q.IsValid())
+                throw new ArgumentException("point not on curve", "q");
+
+            return q;
+        }
+
+        private readonly ECPoint q;
+
+        public ECPublicKeyParameters(
+            ECPoint				q,
+            ECDomainParameters	parameters)
+            : this("EC", q, parameters)
+        {
+        }
+
+        [Obsolete("Use version with explicit 'algorithm' parameter")]
+        public ECPublicKeyParameters(
+            ECPoint				q,
+            DerObjectIdentifier publicKeyParamSet)
+            : base("ECGOST3410", false, publicKeyParamSet)
+        {
+            if (q == null)
+                throw new ArgumentNullException("q");
+
+            this.q = Validate(q);
+        }
+
+        public ECPublicKeyParameters(
+            string				algorithm,
+            ECPoint				q,
+            ECDomainParameters	parameters)
+            : base(algorithm, false, parameters)
+        {
+            if (q == null)
+                throw new ArgumentNullException("q");
+
+            this.q = Validate(q);
+        }
+
+        public ECPublicKeyParameters(
+            string				algorithm,
+            ECPoint				q,
+            DerObjectIdentifier publicKeyParamSet)
+            : base(algorithm, false, publicKeyParamSet)
+        {
+            if (q == null)
+                throw new ArgumentNullException("q");
+
+            this.q = Validate(q);
+        }
+
+        public ECPoint Q
+        {
+            get { return q; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            if (obj == this)
+                return true;
+
+            ECPublicKeyParameters other = obj as ECPublicKeyParameters;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        protected bool Equals(
+            ECPublicKeyParameters other)
+        {
+            return q.Equals(other.q) && base.Equals(other);
+        }
+
+        public override int GetHashCode()
+        {
+            return q.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs
new file mode 100644
index 0000000..40ca70d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs
@@ -0,0 +1,31 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ElGamalKeyGenerationParameters
+		: KeyGenerationParameters
+    {
+        private readonly ElGamalParameters parameters;
+
+		public ElGamalKeyGenerationParameters(
+            SecureRandom		random,
+            ElGamalParameters	parameters)
+			: base(random, GetStrength(parameters))
+        {
+            this.parameters = parameters;
+        }
+
+		public ElGamalParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+		internal static int GetStrength(
+			ElGamalParameters parameters)
+		{
+			return parameters.L != 0 ? parameters.L : parameters.P.BitLength;
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyParameters.cs
new file mode 100644
index 0000000..8b6e279
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ElGamalKeyParameters.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ElGamalKeyParameters
+		: AsymmetricKeyParameter
+    {
+        private readonly ElGamalParameters parameters;
+
+		protected ElGamalKeyParameters(
+            bool				isPrivate,
+            ElGamalParameters	parameters)
+			: base(isPrivate)
+        {
+			// TODO Should we allow 'parameters' to be null?
+            this.parameters = parameters;
+        }
+
+		public ElGamalParameters Parameters
+        {
+            get { return parameters; }
+        }
+
+		public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return true;
+
+			ElGamalKeyParameters other = obj as ElGamalKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			ElGamalKeyParameters other)
+		{
+			return Platform.Equals(parameters, other.parameters)
+				&& base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+			int hc = base.GetHashCode();
+
+			if (parameters != null)
+			{
+				hc ^= parameters.GetHashCode();
+			}
+
+			return hc;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ElGamalParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ElGamalParameters.cs
new file mode 100644
index 0000000..ab6d3e7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ElGamalParameters.cs
@@ -0,0 +1,81 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ElGamalParameters
+		: ICipherParameters
+    {
+        private readonly BigInteger p, g;
+		private readonly int l;
+
+		public ElGamalParameters(
+            BigInteger	p,
+            BigInteger	g)
+			: this(p, g, 0)
+        {
+        }
+
+		public ElGamalParameters(
+			BigInteger	p,
+			BigInteger	g,
+			int			l)
+		{
+			if (p == null)
+				throw new ArgumentNullException("p");
+			if (g == null)
+				throw new ArgumentNullException("g");
+
+			this.p = p;
+			this.g = g;
+			this.l = l;
+		}
+
+		public BigInteger P
+        {
+            get { return p; }
+        }
+
+		/**
+        * return the generator - g
+        */
+        public BigInteger G
+        {
+            get { return g; }
+        }
+
+		/**
+		 * return private value limit - l
+		 */
+		public int L
+		{
+			get { return l; }
+		}
+
+		public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return true;
+
+			ElGamalParameters other = obj as ElGamalParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			ElGamalParameters other)
+		{
+			return p.Equals(other.p) && g.Equals(other.g) && l == other.l;
+		}
+
+		public override int GetHashCode()
+        {
+            return p.GetHashCode() ^ g.GetHashCode() ^ l;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs
new file mode 100644
index 0000000..6363f2b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs
@@ -0,0 +1,53 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ElGamalPrivateKeyParameters
+		: ElGamalKeyParameters
+    {
+        private readonly BigInteger x;
+
+		public ElGamalPrivateKeyParameters(
+            BigInteger			x,
+            ElGamalParameters	parameters)
+			: base(true, parameters)
+        {
+			if (x == null)
+				throw new ArgumentNullException("x");
+
+			this.x = x;
+        }
+
+		public BigInteger X
+        {
+            get { return x; }
+        }
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			ElGamalPrivateKeyParameters other = obj as ElGamalPrivateKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+		}
+
+		protected bool Equals(
+			ElGamalPrivateKeyParameters other)
+		{
+			return other.x.Equals(x) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+		{
+			return x.GetHashCode() ^ base.GetHashCode();
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs
new file mode 100644
index 0000000..25ac625
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs
@@ -0,0 +1,53 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ElGamalPublicKeyParameters
+		: ElGamalKeyParameters
+    {
+        private readonly BigInteger y;
+
+		public ElGamalPublicKeyParameters(
+            BigInteger			y,
+            ElGamalParameters	parameters)
+			: base(false, parameters)
+        {
+			if (y == null)
+				throw new ArgumentNullException("y");
+
+			this.y = y;
+        }
+
+		public BigInteger Y
+        {
+            get { return y; }
+        }
+
+		public override bool Equals(
+            object obj)
+        {
+			if (obj == this)
+				return true;
+
+			ElGamalPublicKeyParameters other = obj as ElGamalPublicKeyParameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+        }
+
+		protected bool Equals(
+			ElGamalPublicKeyParameters other)
+		{
+			return y.Equals(other.y) && base.Equals(other);
+		}
+
+		public override int GetHashCode()
+        {
+			return y.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs
new file mode 100644
index 0000000..b06a5d8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs
@@ -0,0 +1,55 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class Gost3410KeyGenerationParameters
+		: KeyGenerationParameters
+	{
+		private readonly Gost3410Parameters parameters;
+		private readonly DerObjectIdentifier publicKeyParamSet;
+
+		public Gost3410KeyGenerationParameters(
+			SecureRandom random,
+			Gost3410Parameters parameters)
+			: base(random, parameters.P.BitLength - 1)
+		{
+			this.parameters = parameters;
+		}
+
+		public Gost3410KeyGenerationParameters(
+			SecureRandom		random,
+			DerObjectIdentifier	publicKeyParamSet)
+			: this(random, LookupParameters(publicKeyParamSet))
+		{
+			this.publicKeyParamSet = publicKeyParamSet;
+		}
+
+		public Gost3410Parameters Parameters
+		{
+			get { return parameters; }
+		}
+
+		public DerObjectIdentifier PublicKeyParamSet
+		{
+			get { return publicKeyParamSet; }
+		}
+
+		private static Gost3410Parameters LookupParameters(
+			DerObjectIdentifier publicKeyParamSet)
+		{
+			if (publicKeyParamSet == null)
+				throw new ArgumentNullException("publicKeyParamSet");
+
+			Gost3410ParamSetParameters p = Gost3410NamedParameters.GetByOid(publicKeyParamSet);
+
+			if (p == null)
+				throw new ArgumentException("OID is not a valid CryptoPro public key parameter set", "publicKeyParamSet");
+
+			return new Gost3410Parameters(p.P, p.Q, p.A);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyParameters.cs
new file mode 100644
index 0000000..f771c4d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410KeyParameters.cs
@@ -0,0 +1,58 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public abstract class Gost3410KeyParameters
+		: AsymmetricKeyParameter
+	{
+		private readonly Gost3410Parameters parameters;
+		private readonly DerObjectIdentifier publicKeyParamSet;
+
+		protected Gost3410KeyParameters(
+			bool				isPrivate,
+			Gost3410Parameters	parameters)
+			: base(isPrivate)
+		{
+			this.parameters = parameters;
+		}
+
+		protected Gost3410KeyParameters(
+			bool				isPrivate,
+			DerObjectIdentifier	publicKeyParamSet)
+			: base(isPrivate)
+		{
+			this.parameters = LookupParameters(publicKeyParamSet);
+			this.publicKeyParamSet = publicKeyParamSet;
+		}
+
+		public Gost3410Parameters Parameters
+		{
+			get { return parameters; }
+		}
+
+		public DerObjectIdentifier PublicKeyParamSet
+		{
+			get { return publicKeyParamSet; }
+		}
+
+		// TODO Implement Equals/GetHashCode
+
+		private static Gost3410Parameters LookupParameters(
+			DerObjectIdentifier publicKeyParamSet)
+		{
+			if (publicKeyParamSet == null)
+				throw new ArgumentNullException("publicKeyParamSet");
+
+			Gost3410ParamSetParameters p = Gost3410NamedParameters.GetByOid(publicKeyParamSet);
+
+			if (p == null)
+				throw new ArgumentException("OID is not a valid CryptoPro public key parameter set", "publicKeyParamSet");
+
+			return new Gost3410Parameters(p.P, p.Q, p.A);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410Parameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410Parameters.cs
new file mode 100644
index 0000000..2ec167e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410Parameters.cs
@@ -0,0 +1,86 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class Gost3410Parameters
+		: ICipherParameters
+	{
+		private readonly BigInteger p, q, a;
+		private readonly Gost3410ValidationParameters validation;
+
+		public Gost3410Parameters(
+			BigInteger	p,
+			BigInteger	q,
+			BigInteger	a)
+			: this(p, q, a, null)
+		{
+		}
+
+		public Gost3410Parameters(
+			BigInteger						p,
+			BigInteger						q,
+			BigInteger						a,
+			Gost3410ValidationParameters	validation)
+		{
+			if (p == null)
+				throw new ArgumentNullException("p");
+			if (q == null)
+				throw new ArgumentNullException("q");
+			if (a == null)
+				throw new ArgumentNullException("a");
+
+			this.p = p;
+			this.q = q;
+			this.a = a;
+			this.validation = validation;
+		}
+
+		public BigInteger P
+		{
+			get { return p; }
+		}
+
+		public BigInteger Q
+		{
+			get { return q; }
+		}
+
+		public BigInteger A
+		{
+			get { return a; }
+		}
+
+		public Gost3410ValidationParameters ValidationParameters
+		{
+			get { return validation; }
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			Gost3410Parameters other = obj as Gost3410Parameters;
+
+			if (other == null)
+				return false;
+
+			return Equals(other);
+		}
+
+		protected bool Equals(
+			Gost3410Parameters other)
+		{
+			return p.Equals(other.p) && q.Equals(other.q) && a.Equals(other.a);
+		}
+
+		public override int GetHashCode()
+		{
+			return p.GetHashCode() ^ q.GetHashCode() ^ a.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs
new file mode 100644
index 0000000..e3a613d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs
@@ -0,0 +1,41 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class Gost3410PrivateKeyParameters
+		: Gost3410KeyParameters
+	{
+		private readonly BigInteger x;
+
+		public Gost3410PrivateKeyParameters(
+			BigInteger			x,
+			Gost3410Parameters	parameters)
+			: base(true, parameters)
+		{
+			if (x.SignValue < 1 || x.BitLength > 256 || x.CompareTo(Parameters.Q) >= 0)
+				throw new ArgumentException("Invalid x for GOST3410 private key", "x");
+
+			this.x = x;
+		}
+
+		public Gost3410PrivateKeyParameters(
+			BigInteger			x,
+			DerObjectIdentifier	publicKeyParamSet)
+			: base(true, publicKeyParamSet)
+		{
+			if (x.SignValue < 1 || x.BitLength > 256 || x.CompareTo(Parameters.Q) >= 0)
+				throw new ArgumentException("Invalid x for GOST3410 private key", "x");
+
+			this.x = x;
+		}
+
+		public BigInteger X
+		{
+			get { return x; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs
new file mode 100644
index 0000000..96b7e91
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs
@@ -0,0 +1,40 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class Gost3410PublicKeyParameters
+		: Gost3410KeyParameters
+	{
+		private readonly BigInteger y;
+
+		public Gost3410PublicKeyParameters(
+			BigInteger y,
+			Gost3410Parameters parameters)
+			: base(false, parameters)
+		{
+			if (y.SignValue < 1 || y.CompareTo(Parameters.P) >= 0)
+				throw new ArgumentException("Invalid y for GOST3410 public key", "y");
+
+			this.y = y;
+		}
+
+		public Gost3410PublicKeyParameters(
+			BigInteger			y,
+			DerObjectIdentifier publicKeyParamSet)
+			: base(false, publicKeyParamSet)
+		{
+			if (y.SignValue < 1 || y.CompareTo(Parameters.P) >= 0)
+				throw new ArgumentException("Invalid y for GOST3410 public key", "y");
+
+			this.y = y;
+		}
+
+		public BigInteger Y
+		{
+			get { return y; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/GOST3410ValidationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/GOST3410ValidationParameters.cs
new file mode 100644
index 0000000..21e5af8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/GOST3410ValidationParameters.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class Gost3410ValidationParameters
+	{
+		private int x0;
+		private int c;
+		private long x0L;
+		private long cL;
+
+		public Gost3410ValidationParameters(
+			int x0,
+			int c)
+		{
+			this.x0 = x0;
+			this.c = c;
+		}
+
+		public Gost3410ValidationParameters(
+			long x0L,
+			long cL)
+		{
+			this.x0L = x0L;
+			this.cL = cL;
+		}
+
+		public int C { get { return c; } }
+		public int X0 { get { return x0; } }
+		public long CL { get { return cL; } }
+		public long X0L { get { return x0L; } }
+
+		public override bool Equals(
+			object obj)
+		{
+			Gost3410ValidationParameters other = obj as Gost3410ValidationParameters;
+
+			return other != null
+				&& other.c == this.c
+				&& other.x0 == this.x0
+				&& other.cL == this.cL
+				&& other.x0L == this.x0L;
+		}
+
+		public override int GetHashCode()
+		{
+			return c.GetHashCode() ^ x0.GetHashCode() ^ cL.GetHashCode() ^ x0L.GetHashCode();
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/HKDFParameters.cs b/bc-sharp-crypto/src/crypto/parameters/HKDFParameters.cs
new file mode 100644
index 0000000..6d1465e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/HKDFParameters.cs
@@ -0,0 +1,119 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    /**
+     * Parameter class for the HkdfBytesGenerator class.
+     */
+    public class HkdfParameters
+        : IDerivationParameters
+    {
+        private readonly byte[] ikm;
+        private readonly bool skipExpand;
+        private readonly byte[] salt;
+        private readonly byte[] info;
+
+        private HkdfParameters(byte[] ikm, bool skip, byte[] salt, byte[] info)
+        {
+            if (ikm == null)
+                throw new ArgumentNullException("ikm");
+
+            this.ikm = Arrays.Clone(ikm);
+            this.skipExpand = skip;
+
+            if (salt == null || salt.Length == 0)
+            {
+                this.salt = null;
+            }
+            else
+            {
+                this.salt = Arrays.Clone(salt);
+            }
+
+            if (info == null)
+            {
+                this.info = new byte[0];
+            }
+            else
+            {
+                this.info = Arrays.Clone(info);
+            }
+        }
+
+        /**
+         * Generates parameters for HKDF, specifying both the optional salt and
+         * optional info. Step 1: Extract won't be skipped.
+         *
+         * @param ikm  the input keying material or seed
+         * @param salt the salt to use, may be null for a salt for hashLen zeros
+         * @param info the info to use, may be null for an info field of zero bytes
+         */
+        public HkdfParameters(byte[] ikm, byte[] salt, byte[] info)
+            : this(ikm, false, salt, info)
+        {
+        }
+
+        /**
+         * Factory method that makes the HKDF skip the extract part of the key
+         * derivation function.
+         *
+         * @param ikm  the input keying material or seed, directly used for step 2:
+         *             Expand
+         * @param info the info to use, may be null for an info field of zero bytes
+         * @return HKDFParameters that makes the implementation skip step 1
+         */
+        public static HkdfParameters SkipExtractParameters(byte[] ikm, byte[] info)
+        {
+            return new HkdfParameters(ikm, true, null, info);
+        }
+
+        public static HkdfParameters DefaultParameters(byte[] ikm)
+        {
+            return new HkdfParameters(ikm, false, null, null);
+        }
+
+        /**
+         * Returns the input keying material or seed.
+         *
+         * @return the keying material
+         */
+        public virtual byte[] GetIkm()
+        {
+            return Arrays.Clone(ikm);
+        }
+
+        /**
+         * Returns if step 1: extract has to be skipped or not
+         *
+         * @return true for skipping, false for no skipping of step 1
+         */
+        public virtual bool SkipExtract
+        {
+            get { return skipExpand; }
+        }
+
+        /**
+         * Returns the salt, or null if the salt should be generated as a byte array
+         * of HashLen zeros.
+         *
+         * @return the salt, or null
+         */
+        public virtual byte[] GetSalt()
+        {
+            return Arrays.Clone(salt);
+        }
+
+        /**
+         * Returns the info field, which may be empty (null is converted to empty).
+         *
+         * @return the info field, never null
+         */
+        public virtual byte[] GetInfo()
+        {
+            return Arrays.Clone(info);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ISO18033KDFParameters.cs b/bc-sharp-crypto/src/crypto/parameters/ISO18033KDFParameters.cs
new file mode 100644
index 0000000..2d8fff8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ISO18033KDFParameters.cs
@@ -0,0 +1,25 @@
+using System;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	/**
+	* parameters for Key derivation functions for ISO-18033
+	*/
+	public class Iso18033KdfParameters
+		: IDerivationParameters
+	{
+		byte[]  seed;
+
+		public Iso18033KdfParameters(
+			byte[]  seed)
+		{
+			this.seed = seed;
+		}
+
+		public byte[] GetSeed()
+		{
+			return seed;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/IesParameters.cs b/bc-sharp-crypto/src/crypto/parameters/IesParameters.cs
new file mode 100644
index 0000000..d306b2c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/IesParameters.cs
@@ -0,0 +1,49 @@
+using System;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    /**
+     * parameters for using an integrated cipher in stream mode.
+     */
+    public class IesParameters : ICipherParameters
+    {
+        private byte[]  derivation;
+        private byte[]  encoding;
+        private int     macKeySize;
+
+        /**
+         * @param derivation the derivation parameter for the KDF function.
+         * @param encoding the encoding parameter for the KDF function.
+         * @param macKeySize the size of the MAC key (in bits).
+         */
+        public IesParameters(
+            byte[]  derivation,
+            byte[]  encoding,
+            int     macKeySize)
+        {
+            this.derivation = derivation;
+            this.encoding = encoding;
+            this.macKeySize = macKeySize;
+        }
+
+        public byte[] GetDerivationV()
+        {
+            return derivation;
+        }
+
+        public byte[] GetEncodingV()
+        {
+            return encoding;
+        }
+
+        public int MacKeySize
+        {
+			get
+			{
+				return macKeySize;
+			}
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/IesWithCipherParameters.cs b/bc-sharp-crypto/src/crypto/parameters/IesWithCipherParameters.cs
new file mode 100644
index 0000000..70ef55d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/IesWithCipherParameters.cs
@@ -0,0 +1,33 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class IesWithCipherParameters : IesParameters
+    {
+        private int cipherKeySize;
+
+        /**
+         * @param derivation the derivation parameter for the KDF function.
+         * @param encoding the encoding parameter for the KDF function.
+         * @param macKeySize the size of the MAC key (in bits).
+         * @param cipherKeySize the size of the associated Cipher key (in bits).
+         */
+        public IesWithCipherParameters(
+            byte[]  derivation,
+            byte[]  encoding,
+            int     macKeySize,
+            int     cipherKeySize) : base(derivation, encoding, macKeySize)
+        {
+            this.cipherKeySize = cipherKeySize;
+        }
+
+        public int CipherKeySize
+        {
+            get
+            {
+                return cipherKeySize;
+            }
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/KdfParameters.cs b/bc-sharp-crypto/src/crypto/parameters/KdfParameters.cs
new file mode 100644
index 0000000..bc5c905
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/KdfParameters.cs
@@ -0,0 +1,33 @@
+using System;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    /**
+     * parameters for Key derivation functions for IEEE P1363a
+     */
+    public class KdfParameters : IDerivationParameters
+    {
+        byte[]  iv;
+        byte[]  shared;
+
+        public KdfParameters(
+            byte[]  shared,
+            byte[]  iv)
+        {
+            this.shared = shared;
+            this.iv = iv;
+        }
+
+        public byte[] GetSharedSecret()
+        {
+            return shared;
+        }
+
+        public byte[] GetIV()
+        {
+            return iv;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/KeyParameter.cs b/bc-sharp-crypto/src/crypto/parameters/KeyParameter.cs
new file mode 100644
index 0000000..33dff96
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/KeyParameter.cs
@@ -0,0 +1,43 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class KeyParameter
+		: ICipherParameters
+    {
+        private readonly byte[] key;
+
+		public KeyParameter(
+			byte[] key)
+		{
+			if (key == null)
+				throw new ArgumentNullException("key");
+
+			this.key = (byte[]) key.Clone();
+		}
+
+		public KeyParameter(
+            byte[]	key,
+            int		keyOff,
+            int		keyLen)
+        {
+			if (key == null)
+				throw new ArgumentNullException("key");
+			if (keyOff < 0 || keyOff > key.Length)
+				throw new ArgumentOutOfRangeException("keyOff");
+			if (keyLen < 0 || (keyOff + keyLen) > key.Length)
+				throw new ArgumentOutOfRangeException("keyLen");
+
+			this.key = new byte[keyLen];
+            Array.Copy(key, keyOff, this.key, 0, keyLen);
+        }
+
+		public byte[] GetKey()
+        {
+			return (byte[]) key.Clone();
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/MgfParameters.cs b/bc-sharp-crypto/src/crypto/parameters/MgfParameters.cs
new file mode 100644
index 0000000..11983b8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/MgfParameters.cs
@@ -0,0 +1,31 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	/// <remarks>Parameters for mask derivation functions.</remarks>
+    public class MgfParameters
+		: IDerivationParameters
+    {
+        private readonly byte[] seed;
+
+		public MgfParameters(
+            byte[] seed)
+			: this(seed, 0, seed.Length)
+        {
+        }
+
+		public MgfParameters(
+            byte[]  seed,
+            int     off,
+            int     len)
+        {
+            this.seed = new byte[len];
+            Array.Copy(seed, off, this.seed, 0, len);
+        }
+
+		public byte[] GetSeed()
+        {
+            return (byte[]) seed.Clone();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/MqvPrivateParameters.cs b/bc-sharp-crypto/src/crypto/parameters/MqvPrivateParameters.cs
new file mode 100644
index 0000000..9159cac
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/MqvPrivateParameters.cs
@@ -0,0 +1,64 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class MqvPrivateParameters
+		: ICipherParameters
+	{
+		private readonly ECPrivateKeyParameters staticPrivateKey;
+		private readonly ECPrivateKeyParameters ephemeralPrivateKey;
+		private readonly ECPublicKeyParameters ephemeralPublicKey;
+		
+		public MqvPrivateParameters(
+			ECPrivateKeyParameters	staticPrivateKey,
+			ECPrivateKeyParameters	ephemeralPrivateKey)
+			: this(staticPrivateKey, ephemeralPrivateKey, null)
+		{
+		}
+
+		public MqvPrivateParameters(
+			ECPrivateKeyParameters	staticPrivateKey,
+			ECPrivateKeyParameters	ephemeralPrivateKey,
+			ECPublicKeyParameters	ephemeralPublicKey)
+		{
+            if (staticPrivateKey == null)
+                throw new ArgumentNullException("staticPrivateKey");
+            if (ephemeralPrivateKey == null)
+                throw new ArgumentNullException("ephemeralPrivateKey");
+
+            ECDomainParameters parameters = staticPrivateKey.Parameters;
+            if (!parameters.Equals(ephemeralPrivateKey.Parameters))
+                throw new ArgumentException("Static and ephemeral private keys have different domain parameters");
+
+            if (ephemeralPublicKey == null)
+            {
+                ephemeralPublicKey = new ECPublicKeyParameters(
+                    parameters.G.Multiply(ephemeralPrivateKey.D),
+                    parameters);
+            }
+            else if (!parameters.Equals(ephemeralPublicKey.Parameters))
+            {
+                throw new ArgumentException("Ephemeral public key has different domain parameters");
+            }
+
+            this.staticPrivateKey = staticPrivateKey;
+            this.ephemeralPrivateKey = ephemeralPrivateKey;
+            this.ephemeralPublicKey = ephemeralPublicKey;
+		}
+
+        public virtual ECPrivateKeyParameters StaticPrivateKey
+		{
+			get { return staticPrivateKey; }
+		}
+
+        public virtual ECPrivateKeyParameters EphemeralPrivateKey
+		{
+			get { return ephemeralPrivateKey; }
+		}
+
+        public virtual ECPublicKeyParameters EphemeralPublicKey
+		{
+			get { return ephemeralPublicKey; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/MqvPublicParameters.cs b/bc-sharp-crypto/src/crypto/parameters/MqvPublicParameters.cs
new file mode 100644
index 0000000..239afa3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/MqvPublicParameters.cs
@@ -0,0 +1,36 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class MqvPublicParameters
+		: ICipherParameters
+	{
+		private readonly ECPublicKeyParameters staticPublicKey;
+		private readonly ECPublicKeyParameters ephemeralPublicKey;
+
+        public MqvPublicParameters(
+			ECPublicKeyParameters	staticPublicKey,
+			ECPublicKeyParameters	ephemeralPublicKey)
+		{
+            if (staticPublicKey == null)
+                throw new ArgumentNullException("staticPublicKey");
+            if (ephemeralPublicKey == null)
+                throw new ArgumentNullException("ephemeralPublicKey");
+            if (!staticPublicKey.Parameters.Equals(ephemeralPublicKey.Parameters))
+                throw new ArgumentException("Static and ephemeral public keys have different domain parameters");
+
+            this.staticPublicKey = staticPublicKey;
+			this.ephemeralPublicKey = ephemeralPublicKey;
+        }
+
+        public virtual ECPublicKeyParameters StaticPublicKey
+		{
+			get { return staticPublicKey; }
+		}
+
+		public virtual ECPublicKeyParameters EphemeralPublicKey
+		{
+			get { return ephemeralPublicKey; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs
new file mode 100644
index 0000000..44fc906
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	/**
+	 * Parameters for NaccacheStern public private key generation. For details on
+	 * this cipher, please see
+	 *
+	 * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	 */
+	public class NaccacheSternKeyGenerationParameters : KeyGenerationParameters
+	{
+		// private BigInteger publicExponent;
+		private readonly int certainty;
+		private readonly int countSmallPrimes;
+
+        /**
+		 * Parameters for generating a NaccacheStern KeyPair.
+		 *
+		 * @param random
+		 *            The source of randomness
+		 * @param strength
+		 *            The desired strength of the Key in Bits
+		 * @param certainty
+		 *            the probability that the generated primes are not really prime
+		 *            as integer: 2^(-certainty) is then the probability
+		 * @param countSmallPrimes
+		 *            How many small key factors are desired
+		 */
+		public NaccacheSternKeyGenerationParameters(
+			SecureRandom	random,
+			int				strength,
+			int				certainty,
+			int				countSmallPrimes)
+            : base(random, strength)
+        {
+            if (countSmallPrimes % 2 == 1)
+                throw new ArgumentException("countSmallPrimes must be a multiple of 2");
+            if (countSmallPrimes < 30)
+                throw new ArgumentException("countSmallPrimes must be >= 30 for security reasons");
+
+            this.certainty = certainty;
+            this.countSmallPrimes = countSmallPrimes;
+        }
+
+		/**
+		 * Parameters for a NaccacheStern KeyPair.
+		 *
+		 * @param random
+		 *            The source of randomness
+		 * @param strength
+		 *            The desired strength of the Key in Bits
+		 * @param certainty
+		 *            the probability that the generated primes are not really prime
+		 *            as integer: 2^(-certainty) is then the probability
+		 * @param cntSmallPrimes
+		 *            How many small key factors are desired
+		 * @param debug
+         *            Ignored
+		 */
+        [Obsolete("Use version without 'debug' parameter")]
+		public NaccacheSternKeyGenerationParameters(
+            SecureRandom    random,
+			int             strength,
+			int             certainty,
+			int             countSmallPrimes,
+			bool            debug)
+			: this(random, strength, certainty, countSmallPrimes)
+		{
+		}
+
+		/**
+		 * @return Returns the certainty.
+		 */
+		public int Certainty
+		{
+			get { return certainty; }
+		}
+
+		/**
+		 * @return Returns the countSmallPrimes.
+		 */
+		public int CountSmallPrimes
+		{
+			get { return countSmallPrimes; }
+		}
+
+        [Obsolete("Remove: always false")]
+        public bool IsDebug
+		{
+			get { return false; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs
new file mode 100644
index 0000000..8be7ad8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs
@@ -0,0 +1,44 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	/**
+	 * Public key parameters for NaccacheStern cipher. For details on this cipher,
+	 * please see
+	 *
+	 * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	 */
+	public class NaccacheSternKeyParameters : AsymmetricKeyParameter
+	{
+		private readonly BigInteger g, n;
+		private readonly int lowerSigmaBound;
+
+		/**
+		 * @param privateKey
+		 */
+		public NaccacheSternKeyParameters(bool privateKey, BigInteger g, BigInteger n, int lowerSigmaBound)
+			: base(privateKey)
+		{
+			this.g = g;
+			this.n = n;
+			this.lowerSigmaBound = lowerSigmaBound;
+		}
+
+		/**
+		 * @return Returns the g.
+		 */
+		public BigInteger G { get  { return g; } }
+
+		/**
+		 * @return Returns the lowerSigmaBound.
+		 */
+		public int LowerSigmaBound { get { return lowerSigmaBound; } }
+
+		/**
+		 * @return Returns the n.
+		 */
+		public BigInteger Modulus { get { return n; } }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs
new file mode 100644
index 0000000..42a0454
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs
@@ -0,0 +1,79 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	/**
+	 * Private key parameters for NaccacheStern cipher. For details on this cipher,
+	 * please see
+	 *
+	 * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
+	 */
+	public class NaccacheSternPrivateKeyParameters : NaccacheSternKeyParameters
+	{
+		private readonly BigInteger phiN;
+		private readonly IList smallPrimes;
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public NaccacheSternPrivateKeyParameters(
+            BigInteger g,
+            BigInteger n,
+            int lowerSigmaBound,
+            ArrayList smallPrimes,
+            BigInteger phiN)
+            : base(true, g, n, lowerSigmaBound)
+        {
+            this.smallPrimes = smallPrimes;
+            this.phiN = phiN;
+        }
+#endif
+
+		/**
+		 * Constructs a NaccacheSternPrivateKey
+		 *
+		 * @param g
+		 *            the public enryption parameter g
+		 * @param n
+		 *            the public modulus n = p*q
+		 * @param lowerSigmaBound
+		 *            the public lower sigma bound up to which data can be encrypted
+		 * @param smallPrimes
+		 *            the small primes, of which sigma is constructed in the right
+		 *            order
+		 * @param phi_n
+		 *            the private modulus phi(n) = (p-1)(q-1)
+		 */
+		public NaccacheSternPrivateKeyParameters(
+			BigInteger	g,
+			BigInteger	n,
+			int			lowerSigmaBound,
+			IList       smallPrimes,
+			BigInteger	phiN)
+			: base(true, g, n, lowerSigmaBound)
+		{
+			this.smallPrimes = smallPrimes;
+			this.phiN = phiN;
+		}
+
+		public BigInteger PhiN
+		{
+			get { return phiN; }
+		}
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete("Use 'SmallPrimesList' instead")]
+        public ArrayList SmallPrimes
+		{
+			get { return new ArrayList(smallPrimes); }
+		}
+#endif
+
+        public IList SmallPrimesList
+        {
+            get { return smallPrimes; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ParametersWithIV.cs b/bc-sharp-crypto/src/crypto/parameters/ParametersWithIV.cs
new file mode 100644
index 0000000..11a8b77
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ParametersWithIV.cs
@@ -0,0 +1,43 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ParametersWithIV
+		: ICipherParameters
+    {
+		private readonly ICipherParameters	parameters;
+		private readonly byte[]				iv;
+
+		public ParametersWithIV(
+            ICipherParameters	parameters,
+            byte[]				iv)
+			: this(parameters, iv, 0, iv.Length)
+		{
+		}
+
+		public ParametersWithIV(
+            ICipherParameters	parameters,
+            byte[]				iv,
+            int					ivOff,
+            int					ivLen)
+        {
+            // NOTE: 'parameters' may be null to imply key re-use
+			if (iv == null)
+				throw new ArgumentNullException("iv");
+
+			this.parameters = parameters;
+			this.iv = new byte[ivLen];
+            Array.Copy(iv, ivOff, this.iv, 0, ivLen);
+        }
+
+		public byte[] GetIV()
+        {
+			return (byte[]) iv.Clone();
+        }
+
+		public ICipherParameters Parameters
+        {
+            get { return parameters; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ParametersWithRandom.cs b/bc-sharp-crypto/src/crypto/parameters/ParametersWithRandom.cs
new file mode 100644
index 0000000..276dc26
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ParametersWithRandom.cs
@@ -0,0 +1,48 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class ParametersWithRandom
+		: ICipherParameters
+    {
+        private readonly ICipherParameters	parameters;
+		private readonly SecureRandom		random;
+
+		public ParametersWithRandom(
+            ICipherParameters	parameters,
+            SecureRandom		random)
+        {
+			if (parameters == null)
+				throw new ArgumentNullException("parameters");
+			if (random == null)
+				throw new ArgumentNullException("random");
+
+			this.parameters = parameters;
+			this.random = random;
+		}
+
+		public ParametersWithRandom(
+            ICipherParameters parameters)
+			: this(parameters, new SecureRandom())
+        {
+		}
+
+		[Obsolete("Use Random property instead")]
+		public SecureRandom GetRandom()
+		{
+			return Random;
+		}
+
+		public SecureRandom Random
+        {
+			get { return random; }
+        }
+
+		public ICipherParameters Parameters
+        {
+            get { return parameters; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ParametersWithSBox.cs b/bc-sharp-crypto/src/crypto/parameters/ParametersWithSBox.cs
new file mode 100644
index 0000000..6473796
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ParametersWithSBox.cs
@@ -0,0 +1,24 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class ParametersWithSBox : ICipherParameters
+	{
+		private ICipherParameters  parameters;
+		private byte[] sBox;
+
+		public ParametersWithSBox(
+			ICipherParameters parameters,
+			byte[] sBox)
+		{
+			this.parameters = parameters;
+			this.sBox = sBox;
+		}
+
+		public byte[] GetSBox() { return sBox; }
+
+		public ICipherParameters Parameters { get { return parameters; } }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/ParametersWithSalt.cs b/bc-sharp-crypto/src/crypto/parameters/ParametersWithSalt.cs
new file mode 100644
index 0000000..7f4cd6c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/ParametersWithSalt.cs
@@ -0,0 +1,39 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+
+    /// <summary> Cipher parameters with a fixed salt value associated with them.</summary>
+    public class ParametersWithSalt : ICipherParameters
+    {
+        private byte[] salt;
+        private ICipherParameters parameters;
+
+        public ParametersWithSalt(ICipherParameters parameters, byte[] salt):this(parameters, salt, 0, salt.Length)
+        {
+        }
+
+        public ParametersWithSalt(ICipherParameters parameters, byte[] salt, int saltOff, int saltLen)
+        {
+            this.salt = new byte[saltLen];
+            this.parameters = parameters;
+
+            Array.Copy(salt, saltOff, this.salt, 0, saltLen);
+        }
+
+        public byte[] GetSalt()
+        {
+            return salt;
+        }
+
+        public ICipherParameters Parameters
+        {
+            get
+            {
+                return parameters;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RC2Parameters.cs b/bc-sharp-crypto/src/crypto/parameters/RC2Parameters.cs
new file mode 100644
index 0000000..7a6d5bb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RC2Parameters.cs
@@ -0,0 +1,47 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class RC2Parameters
+		: KeyParameter
+	{
+		private readonly int bits;
+
+		public RC2Parameters(
+			byte[] key)
+			: this(key, (key.Length > 128) ? 1024 : (key.Length * 8))
+		{
+		}
+
+		public RC2Parameters(
+			byte[]	key,
+			int		keyOff,
+			int		keyLen)
+			: this(key, keyOff, keyLen, (keyLen > 128) ? 1024 : (keyLen * 8))
+		{
+		}
+
+		public RC2Parameters(
+			byte[]	key,
+			int		bits)
+			: base(key)
+		{
+			this.bits = bits;
+		}
+
+		public RC2Parameters(
+			byte[]	key,
+			int		keyOff,
+			int		keyLen,
+			int		bits)
+			: base(key, keyOff, keyLen)
+		{
+			this.bits = bits;
+		}
+
+		public int EffectiveKeyBits
+		{
+			get { return bits; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RC5Parameters.cs b/bc-sharp-crypto/src/crypto/parameters/RC5Parameters.cs
new file mode 100644
index 0000000..88a59e1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RC5Parameters.cs
@@ -0,0 +1,27 @@
+using System;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class RC5Parameters
+		: KeyParameter
+    {
+        private readonly int rounds;
+
+		public RC5Parameters(
+            byte[]	key,
+            int		rounds)
+			: base(key)
+        {
+            if (key.Length > 255)
+                throw new ArgumentException("RC5 key length can be no greater than 255");
+
+			this.rounds = rounds;
+        }
+
+		public int Rounds
+        {
+			get { return rounds; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RSABlindingParameters.cs b/bc-sharp-crypto/src/crypto/parameters/RSABlindingParameters.cs
new file mode 100644
index 0000000..49c7bcc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RSABlindingParameters.cs
@@ -0,0 +1,34 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class RsaBlindingParameters
+		: ICipherParameters
+	{
+		private readonly RsaKeyParameters	publicKey;
+		private readonly BigInteger			blindingFactor;
+
+		public RsaBlindingParameters(
+			RsaKeyParameters	publicKey,
+			BigInteger			blindingFactor)
+		{
+			if (publicKey.IsPrivate)
+				throw new ArgumentException("RSA parameters should be for a public key");
+
+			this.publicKey = publicKey;
+			this.blindingFactor = blindingFactor;
+		}
+
+		public RsaKeyParameters PublicKey
+		{
+			get { return publicKey; }
+		}
+
+		public BigInteger BlindingFactor
+		{
+			get { return blindingFactor; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs b/bc-sharp-crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs
new file mode 100644
index 0000000..619ab65
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs
@@ -0,0 +1,55 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class RsaKeyGenerationParameters
+		: KeyGenerationParameters
+    {
+        private readonly BigInteger publicExponent;
+        private readonly int certainty;
+
+		public RsaKeyGenerationParameters(
+            BigInteger		publicExponent,
+            SecureRandom	random,
+            int				strength,
+            int				certainty)
+			: base(random, strength)
+        {
+            this.publicExponent = publicExponent;
+            this.certainty = certainty;
+        }
+
+		public BigInteger PublicExponent
+        {
+			get { return publicExponent; }
+        }
+
+		public int Certainty
+        {
+			get { return certainty; }
+        }
+
+		public override bool Equals(
+			object obj)
+		{
+			RsaKeyGenerationParameters other = obj as RsaKeyGenerationParameters;
+
+			if (other == null)
+			{
+				return false;
+			}
+
+			return certainty == other.certainty
+				&& publicExponent.Equals(other.publicExponent);
+		}
+
+		public override int GetHashCode()
+		{
+			return certainty.GetHashCode() ^ publicExponent.GetHashCode();
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RsaKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/RsaKeyParameters.cs
new file mode 100644
index 0000000..5480f05
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RsaKeyParameters.cs
@@ -0,0 +1,85 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+	public class RsaKeyParameters
+		: AsymmetricKeyParameter
+    {
+        // the value is the product of the 132 smallest primes from 3 to 751
+        private static BigInteger SmallPrimesProduct = new BigInteger( 
+            "8138E8A0FCF3A4E84A771D40FD305D7F4AA59306D7251DE54D98AF8FE95729A1" +
+            "F73D893FA424CD2EDC8636A6C3285E022B0E3866A565AE8108EED8591CD4FE8D" +
+            "2CE86165A978D719EBF647F362D33FCA29CD179FB42401CBAF3DF0C614056F9C" +
+            "8F3CFD51E474AFB6BC6974F78DB8ABA8E9E517FDED658591AB7502BD41849462F",
+            16);
+
+        private static BigInteger Validate(BigInteger modulus)
+        {
+            if ((modulus.IntValue & 1) == 0)
+                throw new ArgumentException("RSA modulus is even", "modulus");
+            if (!modulus.Gcd(SmallPrimesProduct).Equals(BigInteger.One))
+                throw new ArgumentException("RSA modulus has a small prime factor");
+
+            // TODO: add additional primePower/Composite test - expensive!!
+
+            return modulus;
+        }
+
+        private readonly BigInteger modulus;
+        private readonly BigInteger exponent;
+
+		public RsaKeyParameters(
+            bool		isPrivate,
+            BigInteger	modulus,
+            BigInteger	exponent)
+			: base(isPrivate)
+        {
+			if (modulus == null)
+				throw new ArgumentNullException("modulus");
+			if (exponent == null)
+				throw new ArgumentNullException("exponent");
+			if (modulus.SignValue <= 0)
+				throw new ArgumentException("Not a valid RSA modulus", "modulus");
+			if (exponent.SignValue <= 0)
+				throw new ArgumentException("Not a valid RSA exponent", "exponent");
+            if (!isPrivate && (exponent.IntValue & 1) == 0)
+                throw new ArgumentException("RSA publicExponent is even", "exponent");
+
+            this.modulus = Validate(modulus);
+			this.exponent = exponent;
+        }
+
+		public BigInteger Modulus
+        {
+            get { return modulus; }
+        }
+
+		public BigInteger Exponent
+        {
+            get { return exponent; }
+        }
+
+		public override bool Equals(
+			object obj)
+        {
+            RsaKeyParameters kp = obj as RsaKeyParameters;
+
+			if (kp == null)
+			{
+				return false;
+			}
+
+			return kp.IsPrivate == this.IsPrivate
+				&& kp.Modulus.Equals(this.modulus)
+				&& kp.Exponent.Equals(this.exponent);
+        }
+
+		public override int GetHashCode()
+        {
+            return modulus.GetHashCode() ^ exponent.GetHashCode() ^ IsPrivate.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs b/bc-sharp-crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs
new file mode 100644
index 0000000..7bd8abd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public class RsaPrivateCrtKeyParameters
+		: RsaKeyParameters
+    {
+        private readonly BigInteger e, p, q, dP, dQ, qInv;
+
+		public RsaPrivateCrtKeyParameters(
+            BigInteger	modulus,
+            BigInteger	publicExponent,
+            BigInteger	privateExponent,
+            BigInteger	p,
+            BigInteger	q,
+            BigInteger	dP,
+            BigInteger	dQ,
+            BigInteger	qInv)
+			: base(true, modulus, privateExponent)
+        {
+			ValidateValue(publicExponent, "publicExponent", "exponent");
+			ValidateValue(p, "p", "P value");
+			ValidateValue(q, "q", "Q value");
+			ValidateValue(dP, "dP", "DP value");
+			ValidateValue(dQ, "dQ", "DQ value");
+			ValidateValue(qInv, "qInv", "InverseQ value");
+
+			this.e = publicExponent;
+            this.p = p;
+            this.q = q;
+            this.dP = dP;
+            this.dQ = dQ;
+            this.qInv = qInv;
+        }
+
+		public BigInteger PublicExponent
+        {
+            get { return e; }
+		}
+
+		public BigInteger P
+		{
+			get { return p; }
+		}
+
+		public BigInteger Q
+		{
+			get { return q; }
+		}
+
+		public BigInteger DP
+		{
+			get { return dP; }
+		}
+
+		public BigInteger DQ
+		{
+			get { return dQ; }
+		}
+
+		public BigInteger QInv
+		{
+			get { return qInv; }
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			RsaPrivateCrtKeyParameters kp = obj as RsaPrivateCrtKeyParameters;
+
+			if (kp == null)
+				return false;
+
+			return kp.DP.Equals(dP)
+				&& kp.DQ.Equals(dQ)
+				&& kp.Exponent.Equals(this.Exponent)
+				&& kp.Modulus.Equals(this.Modulus)
+				&& kp.P.Equals(p)
+				&& kp.Q.Equals(q)
+				&& kp.PublicExponent.Equals(e)
+				&& kp.QInv.Equals(qInv);
+		}
+
+		public override int GetHashCode()
+		{
+			return DP.GetHashCode() ^ DQ.GetHashCode() ^ Exponent.GetHashCode() ^ Modulus.GetHashCode()
+				^ P.GetHashCode() ^ Q.GetHashCode() ^ PublicExponent.GetHashCode() ^ QInv.GetHashCode();
+		}
+
+		private static void ValidateValue(BigInteger x, string name, string desc)
+		{
+			if (x == null)
+				throw new ArgumentNullException(name);
+			if (x.SignValue <= 0)
+				throw new ArgumentException("Not a valid RSA " + desc, name);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/SkeinParameters.cs b/bc-sharp-crypto/src/crypto/parameters/SkeinParameters.cs
new file mode 100644
index 0000000..cc57ef5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/SkeinParameters.cs
@@ -0,0 +1,286 @@
+using System;
+using System.Collections;
+using System.Globalization;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+
+	/// <summary>
+	/// Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
+	/// </summary>
+	/// <remarks>
+	/// Parameterised Skein can be used for:
+	/// <ul> 
+	/// <li>MAC generation, by providing a <see cref="SkeinParameters.Builder.SetKey(byte[])">key</see>.</li>
+	/// <li>Randomised hashing, by providing a <see cref="SkeinParameters.Builder.SetNonce(byte[])">nonce</see>.</li>
+	/// <li>A hash function for digital signatures, associating a
+	/// <see cref="SkeinParameters.Builder.SetPublicKey(byte[])">public key</see> with the message digest.</li>
+	/// <li>A key derivation function, by providing a
+	/// <see cref="SkeinParameters.Builder.SetKeyIdentifier(byte[])">key identifier</see>.</li>
+	/// <li>Personalised hashing, by providing a
+	/// <see cref="SkeinParameters.Builder.SetPersonalisation(DateTime,string,string)">recommended format</see> or
+	/// <see cref="SkeinParameters.Builder.SetPersonalisation(byte[])">arbitrary</see> personalisation string.</li>
+	/// </ul>
+	/// </remarks>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Digests.SkeinEngine"/>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Digests.SkeinDigest"/>
+	/// <seealso cref="Org.BouncyCastle.Crypto.Macs.SkeinMac"/>
+	public class SkeinParameters
+		: ICipherParameters
+	{
+		/// <summary>
+		/// The parameter type for a secret key, supporting MAC or KDF functions: 0
+		/// </summary>
+		public const int PARAM_TYPE_KEY = 0;
+
+		/// <summary>
+		/// The parameter type for the Skein configuration block: 4
+		/// </summary>
+		public const int PARAM_TYPE_CONFIG = 4;
+
+		/// <summary>
+		/// The parameter type for a personalisation string: 8
+		/// </summary>
+		public const int PARAM_TYPE_PERSONALISATION = 8;
+
+		/// <summary>
+		/// The parameter type for a public key: 12
+		/// </summary>
+		public const int PARAM_TYPE_PUBLIC_KEY = 12;
+
+		/// <summary>
+		/// The parameter type for a key identifier string: 16
+		/// </summary>
+		public const int PARAM_TYPE_KEY_IDENTIFIER = 16;
+
+		/// <summary>
+		/// The parameter type for a nonce: 20
+		/// </summary>
+		public const int PARAM_TYPE_NONCE = 20;
+
+		/// <summary>
+		/// The parameter type for the message: 48
+		/// </summary>
+		public const int PARAM_TYPE_MESSAGE = 48;
+
+		/// <summary>
+		/// The parameter type for the output transformation: 63
+		/// </summary>
+		public const int PARAM_TYPE_OUTPUT = 63;
+
+		private IDictionary parameters;
+
+		public SkeinParameters()
+			: this(Platform.CreateHashtable())
+
+		{
+		}
+
+		private SkeinParameters(IDictionary parameters)
+		{
+			this.parameters = parameters;
+		}
+
+		/// <summary>
+		/// Obtains a map of type (int) to value (byte[]) for the parameters tracked in this object.
+		/// </summary>
+		public IDictionary GetParameters()
+		{
+			return parameters;
+		}
+
+		/// <summary>
+		/// Obtains the value of the <see cref="PARAM_TYPE_KEY">key parameter</see>, or <code>null</code> if not
+		/// set.
+		/// </summary>
+		/// <returns>The key.</returns>
+		public byte[] GetKey()
+		{
+			return (byte[])parameters[PARAM_TYPE_KEY];
+		}
+
+		/// <summary>
+		/// Obtains the value of the <see cref="PARAM_TYPE_PERSONALISATION">personalisation parameter</see>, or
+		/// <code>null</code> if not set.
+		/// </summary>
+		public byte[] GetPersonalisation()
+		{
+			return (byte[])parameters[PARAM_TYPE_PERSONALISATION];
+		}
+
+		/// <summary>
+		/// Obtains the value of the <see cref="PARAM_TYPE_PUBLIC_KEY">public key parameter</see>, or
+		/// <code>null</code> if not set.
+		/// </summary>
+		public byte[] GetPublicKey()
+		{
+			return (byte[])parameters[PARAM_TYPE_PUBLIC_KEY];
+		}
+
+		/// <summary>
+		/// Obtains the value of the <see cref="PARAM_TYPE_KEY_IDENTIFIER">key identifier parameter</see>, or
+		/// <code>null</code> if not set.
+		/// </summary>
+		public byte[] GetKeyIdentifier()
+		{
+			return (byte[])parameters[PARAM_TYPE_KEY_IDENTIFIER];
+		}
+
+		/// <summary>
+		/// Obtains the value of the <see cref="PARAM_TYPE_NONCE">nonce parameter</see>, or <code>null</code> if
+		/// not set.
+		/// </summary>
+		public byte[] GetNonce()
+		{
+			return (byte[])parameters[PARAM_TYPE_NONCE];
+		}
+
+		/// <summary>
+		/// A builder for <see cref="SkeinParameters"/>.
+		/// </summary>
+		public class Builder
+		{
+			private IDictionary parameters = Platform.CreateHashtable();
+
+			public Builder()
+			{
+			}
+
+			public Builder(IDictionary paramsMap)
+			{
+				IEnumerator keys = paramsMap.Keys.GetEnumerator();
+				while (keys.MoveNext())
+				{
+					int key = (int)keys.Current;
+					parameters.Add(key, paramsMap[key]);
+				}
+			}
+
+			public Builder(SkeinParameters parameters)
+			{
+				IEnumerator keys = parameters.parameters.Keys.GetEnumerator();
+				while (keys.MoveNext())
+				{
+					int key = (int)keys.Current;
+					this.parameters.Add(key, parameters.parameters[key]);
+				}
+			}
+
+			/// <summary>
+			/// Sets a parameters to apply to the Skein hash function.
+			/// </summary>
+			/// <remarks>
+			/// Parameter types must be in the range 0,5..62, and cannot use the value 48
+			/// (reserved for message body).
+			/// <p/>
+			/// Parameters with type &lt; 48 are processed before
+			/// the message content, parameters with type &gt; 48
+			/// are processed after the message and prior to output.
+			/// </remarks>
+			/// <param name="type">the type of the parameter, in the range 5..62.</param>
+			/// <param name="value">the byte sequence of the parameter.</param>
+			public Builder Set(int type, byte[] value)
+			{
+				if (value == null)
+				{
+					throw new ArgumentException("Parameter value must not be null.");
+				}
+				if ((type != PARAM_TYPE_KEY)
+				    && (type <= PARAM_TYPE_CONFIG || type >= PARAM_TYPE_OUTPUT || type == PARAM_TYPE_MESSAGE))
+				{
+					throw new ArgumentException("Parameter types must be in the range 0,5..47,49..62.");
+				}
+				if (type == PARAM_TYPE_CONFIG)
+				{
+					throw new ArgumentException("Parameter type " + PARAM_TYPE_CONFIG
+					                            + " is reserved for internal use.");
+				}
+				this.parameters.Add(type, value);
+				return this;
+			}
+
+			/// <summary>
+			/// Sets the <see cref="SkeinParameters.PARAM_TYPE_KEY"/> parameter.
+			/// </summary>
+			public Builder SetKey(byte[] key)
+			{
+				return Set(PARAM_TYPE_KEY, key);
+			}
+
+			/// <summary>
+			/// Sets the <see cref="SkeinParameters.PARAM_TYPE_PERSONALISATION"/> parameter.
+			/// </summary>
+			public Builder SetPersonalisation(byte[] personalisation)
+			{
+				return Set(PARAM_TYPE_PERSONALISATION, personalisation);
+			}
+
+			/// <summary>
+			/// Implements the recommended personalisation format for Skein defined in Section 4.11 of
+			/// the Skein 1.3 specification.
+			/// </summary>
+			/// <remarks>
+			/// The format is <code>YYYYMMDD email@address distinguisher</code>, encoded to a byte
+			/// sequence using UTF-8 encoding.
+			/// </remarks>
+			/// <param name="date">the date the personalised application of the Skein was defined.</param>
+			/// <param name="emailAddress">the email address of the creation of the personalised application.</param>
+			/// <param name="distinguisher">an arbitrary personalisation string distinguishing the application.</param>
+			public Builder SetPersonalisation(DateTime date, string emailAddress, string distinguisher)
+			{
+				try
+				{
+					MemoryStream bout = new MemoryStream();
+					StreamWriter outBytes = new StreamWriter(bout, System.Text.Encoding.UTF8);
+					outBytes.Write(date.ToString("YYYYMMDD", CultureInfo.InvariantCulture));
+					outBytes.Write(" ");
+					outBytes.Write(emailAddress);
+					outBytes.Write(" ");
+					outBytes.Write(distinguisher);
+                    Platform.Dispose(outBytes);
+					return Set(PARAM_TYPE_PERSONALISATION, bout.ToArray());
+				}
+				catch (IOException e)
+				{
+					throw new InvalidOperationException("Byte I/O failed.", e);
+				}
+			}
+
+			/// <summary>
+			/// Sets the <see cref="SkeinParameters.PARAM_TYPE_KEY_IDENTIFIER"/> parameter.
+			/// </summary>
+			public Builder SetPublicKey(byte[] publicKey)
+			{
+				return Set(PARAM_TYPE_PUBLIC_KEY, publicKey);
+			}
+
+			/// <summary>
+			/// Sets the <see cref="SkeinParameters.PARAM_TYPE_KEY_IDENTIFIER"/> parameter.
+			/// </summary>
+			public Builder SetKeyIdentifier(byte[] keyIdentifier)
+			{
+				return Set(PARAM_TYPE_KEY_IDENTIFIER, keyIdentifier);
+			}
+
+			/// <summary>
+			/// Sets the <see cref="SkeinParameters.PARAM_TYPE_NONCE"/> parameter.
+			/// </summary>
+			public Builder SetNonce(byte[] nonce)
+			{
+				return Set(PARAM_TYPE_NONCE, nonce);
+			}
+
+			/// <summary>
+			/// Constructs a new <see cref="SkeinParameters"/> instance with the parameters provided to this
+			/// builder.
+			/// </summary>
+			public SkeinParameters Build()
+			{
+				return new SkeinParameters(parameters);
+			}
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/parameters/Srp6GroupParameters.cs b/bc-sharp-crypto/src/crypto/parameters/Srp6GroupParameters.cs
new file mode 100644
index 0000000..6762dd3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/Srp6GroupParameters.cs
@@ -0,0 +1,27 @@
+using System;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+    public sealed class Srp6GroupParameters
+    {
+        private readonly BigInteger n, g;
+
+        public Srp6GroupParameters(BigInteger N, BigInteger g)
+        {
+            this.n = N;
+            this.g = g;
+        }
+
+        public BigInteger G
+        {
+            get { return g; }
+        }
+
+        public BigInteger N
+        {
+            get { return n; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs b/bc-sharp-crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs
new file mode 100644
index 0000000..f757266
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs
@@ -0,0 +1,40 @@
+using System;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Parameters
+{
+
+	/// <summary>
+	/// Parameters for tweakable block ciphers.
+	/// </summary>
+	public class TweakableBlockCipherParameters
+		: ICipherParameters
+	{
+		private readonly byte[] tweak;
+		private readonly KeyParameter key;
+
+		public TweakableBlockCipherParameters(KeyParameter key, byte[] tweak)
+		{
+			this.key = key;
+			this.tweak = Arrays.Clone(tweak);
+		}
+
+		/// <summary>
+		/// Gets the key.
+		/// </summary>
+		/// <value>the key to use, or <code>null</code> to use the current key.</value>
+		public KeyParameter Key
+		{
+			get { return key; }
+		}
+
+		/// <summary>
+		/// Gets the tweak value.
+		/// </summary>
+		/// <value>The tweak to use, or <code>null</code> to use the current tweak.</value>
+		public byte[] Tweak
+		{
+			get { return tweak; }
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/crypto/prng/BasicEntropySourceProvider.cs b/bc-sharp-crypto/src/crypto/prng/BasicEntropySourceProvider.cs
new file mode 100644
index 0000000..31a8461
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/BasicEntropySourceProvider.cs
@@ -0,0 +1,71 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    /**
+     * An EntropySourceProvider where entropy generation is based on a SecureRandom output using SecureRandom.generateSeed().
+     */
+    public class BasicEntropySourceProvider
+        :   IEntropySourceProvider
+    {
+        private readonly SecureRandom   mSecureRandom;
+        private readonly bool           mPredictionResistant;
+
+        /**
+         * Create a entropy source provider based on the passed in SecureRandom.
+         *
+         * @param secureRandom the SecureRandom to base EntropySource construction on.
+         * @param isPredictionResistant boolean indicating if the SecureRandom is based on prediction resistant entropy or not (true if it is).
+         */
+        public BasicEntropySourceProvider(SecureRandom secureRandom, bool isPredictionResistant)
+        {
+            mSecureRandom = secureRandom;
+            mPredictionResistant = isPredictionResistant;
+        }
+
+        /**
+         * Return an entropy source that will create bitsRequired bits of entropy on
+         * each invocation of getEntropy().
+         *
+         * @param bitsRequired size (in bits) of entropy to be created by the provided source.
+         * @return an EntropySource that generates bitsRequired bits of entropy on each call to its getEntropy() method.
+         */
+        public IEntropySource Get(int bitsRequired)
+        {
+            return new BasicEntropySource(mSecureRandom, mPredictionResistant, bitsRequired);
+        }
+
+        private class BasicEntropySource
+            :   IEntropySource
+        {
+            private readonly SecureRandom   mSecureRandom;
+            private readonly bool           mPredictionResistant;
+            private readonly int            mEntropySize;
+
+            internal BasicEntropySource(SecureRandom secureRandom, bool predictionResistant, int entropySize)
+            {
+                this.mSecureRandom = secureRandom;
+                this.mPredictionResistant = predictionResistant;
+                this.mEntropySize = entropySize;
+            }
+
+            bool IEntropySource.IsPredictionResistant
+            {
+                get { return mPredictionResistant; }
+            }
+
+            byte[] IEntropySource.GetEntropy()
+            {
+                // TODO[FIPS] Not all SecureRandom implementations are considered valid entropy sources
+                return SecureRandom.GetNextBytes(mSecureRandom, (mEntropySize + 7) / 8);
+            }
+
+            int IEntropySource.EntropySize
+            {
+                get { return mEntropySize; }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs b/bc-sharp-crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs
new file mode 100644
index 0000000..68579aa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs
@@ -0,0 +1,70 @@
+#if !(NETCF_1_0 || PORTABLE)
+using System;
+using System.Security.Cryptography;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public class CryptoApiEntropySourceProvider
+        :   IEntropySourceProvider
+    {
+        private readonly RandomNumberGenerator mRng;
+        private readonly bool mPredictionResistant;
+
+        public CryptoApiEntropySourceProvider()
+            : this(new RNGCryptoServiceProvider(), true)
+        {
+        }
+
+        public CryptoApiEntropySourceProvider(RandomNumberGenerator rng, bool isPredictionResistant)
+        {
+            if (rng == null)
+                throw new ArgumentNullException("rng");
+
+            mRng = rng;
+            mPredictionResistant = isPredictionResistant;
+        }
+
+        public IEntropySource Get(int bitsRequired)
+        {
+            return new CryptoApiEntropySource(mRng, mPredictionResistant, bitsRequired);
+        }
+
+        private class CryptoApiEntropySource
+            :   IEntropySource
+        {
+            private readonly RandomNumberGenerator mRng;
+            private readonly bool mPredictionResistant;
+            private readonly int mEntropySize;
+
+            internal CryptoApiEntropySource(RandomNumberGenerator rng, bool predictionResistant, int entropySize)
+            {
+                this.mRng = rng;
+                this.mPredictionResistant = predictionResistant;
+                this.mEntropySize = entropySize;
+            }
+
+            #region IEntropySource Members
+
+            bool IEntropySource.IsPredictionResistant
+            {
+                get { return mPredictionResistant; }
+            }
+
+            byte[] IEntropySource.GetEntropy()
+            {
+                byte[] result = new byte[(mEntropySize + 7) / 8];
+                mRng.GetBytes(result);
+                return result;
+            }
+
+            int IEntropySource.EntropySize
+            {
+                get { return mEntropySize; }
+            }
+
+            #endregion
+        }
+    }
+}
+
+#endif
diff --git a/bc-sharp-crypto/src/crypto/prng/CryptoApiRandomGenerator.cs b/bc-sharp-crypto/src/crypto/prng/CryptoApiRandomGenerator.cs
new file mode 100644
index 0000000..fa5f523
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/CryptoApiRandomGenerator.cs
@@ -0,0 +1,66 @@
+#if !(NETCF_1_0 || PORTABLE)
+
+using System;
+using System.Security.Cryptography;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    /// <summary>
+    /// Uses Microsoft's RNGCryptoServiceProvider
+    /// </summary>
+    public class CryptoApiRandomGenerator
+        : IRandomGenerator
+    {
+        private readonly RandomNumberGenerator rndProv;
+
+        public CryptoApiRandomGenerator()
+            : this(new RNGCryptoServiceProvider())
+        {
+        }
+
+        public CryptoApiRandomGenerator(RandomNumberGenerator rng)
+        {
+            this.rndProv = rng;
+        }
+
+        #region IRandomGenerator Members
+
+        public virtual void AddSeedMaterial(byte[] seed)
+        {
+            // We don't care about the seed
+        }
+
+        public virtual void AddSeedMaterial(long seed)
+        {
+            // We don't care about the seed
+        }
+
+        public virtual void NextBytes(byte[] bytes)
+        {
+            rndProv.GetBytes(bytes);
+        }
+
+        public virtual void NextBytes(byte[] bytes, int start, int len)
+        {
+            if (start < 0)
+                throw new ArgumentException("Start offset cannot be negative", "start");
+            if (bytes.Length < (start + len))
+                throw new ArgumentException("Byte array too small for requested offset and length");
+
+            if (bytes.Length == len && start == 0) 
+            {
+                NextBytes(bytes);
+            }
+            else 
+            {
+                byte[] tmpBuf = new byte[len];
+                NextBytes(tmpBuf);
+                Array.Copy(tmpBuf, 0, bytes, start, len);
+            }
+        }
+
+        #endregion
+    }
+}
+
+#endif
diff --git a/bc-sharp-crypto/src/crypto/prng/DigestRandomGenerator.cs b/bc-sharp-crypto/src/crypto/prng/DigestRandomGenerator.cs
new file mode 100644
index 0000000..f5a2995
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/DigestRandomGenerator.cs
@@ -0,0 +1,127 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+	/**
+	 * Random generation based on the digest with counter. Calling AddSeedMaterial will
+	 * always increase the entropy of the hash.
+	 * <p>
+	 * Internal access to the digest is synchronized so a single one of these can be shared.
+	 * </p>
+	 */
+	public class DigestRandomGenerator
+		: IRandomGenerator
+	{
+		private const long CYCLE_COUNT = 10;
+
+		private long	stateCounter;
+		private long	seedCounter;
+		private IDigest	digest;
+		private byte[]	state;
+		private byte[]	seed;
+
+		public DigestRandomGenerator(
+			IDigest digest)
+		{
+			this.digest = digest;
+
+			this.seed = new byte[digest.GetDigestSize()];
+			this.seedCounter = 1;
+
+			this.state = new byte[digest.GetDigestSize()];
+			this.stateCounter = 1;
+		}
+
+		public void AddSeedMaterial(
+			byte[] inSeed)
+		{
+			lock (this)
+			{
+				DigestUpdate(inSeed);
+				DigestUpdate(seed);
+				DigestDoFinal(seed);
+			}
+		}
+
+		public void AddSeedMaterial(
+			long rSeed)
+		{
+			lock (this)
+			{
+				DigestAddCounter(rSeed);
+				DigestUpdate(seed);
+				DigestDoFinal(seed);
+			}
+		}
+
+		public void NextBytes(
+			byte[] bytes)
+		{
+			NextBytes(bytes, 0, bytes.Length);
+		}
+
+		public void NextBytes(
+			byte[]	bytes,
+			int		start,
+			int		len)
+		{
+			lock (this)
+			{
+				int stateOff = 0;
+
+				GenerateState();
+
+				int end = start + len;
+				for (int i = start; i < end; ++i)
+				{
+					if (stateOff == state.Length)
+					{
+						GenerateState();
+						stateOff = 0;
+					}
+					bytes[i] = state[stateOff++];
+				}
+			}
+		}
+
+		private void CycleSeed()
+		{
+			DigestUpdate(seed);
+			DigestAddCounter(seedCounter++);
+			DigestDoFinal(seed);
+		}
+
+		private void GenerateState()
+		{
+			DigestAddCounter(stateCounter++);
+			DigestUpdate(state);
+			DigestUpdate(seed);
+			DigestDoFinal(state);
+
+			if ((stateCounter % CYCLE_COUNT) == 0)
+			{
+				CycleSeed();
+			}
+		}
+
+		private void DigestAddCounter(long seedVal)
+		{
+            byte[] bytes = new byte[8];
+            Pack.UInt64_To_LE((ulong)seedVal, bytes);
+            digest.BlockUpdate(bytes, 0, bytes.Length);
+		}
+
+        private void DigestUpdate(byte[] inSeed)
+		{
+			digest.BlockUpdate(inSeed, 0, inSeed.Length);
+		}
+
+		private void DigestDoFinal(byte[] result)
+		{
+			digest.DoFinal(result, 0);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/EntropyUtilities.cs b/bc-sharp-crypto/src/crypto/prng/EntropyUtilities.cs
new file mode 100644
index 0000000..58c8703
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/EntropyUtilities.cs
@@ -0,0 +1,30 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public abstract class EntropyUtilities
+    {
+        /**
+         * Generate numBytes worth of entropy from the passed in entropy source.
+         *
+         * @param entropySource the entropy source to request the data from.
+         * @param numBytes the number of bytes of entropy requested.
+         * @return a byte array populated with the random data.
+         */
+        public static byte[] GenerateSeed(IEntropySource entropySource, int numBytes)
+        {
+            byte[] bytes = new byte[numBytes];
+            int count = 0;
+            while (count < numBytes)
+            {
+                byte[] entropy = entropySource.GetEntropy();
+                int toCopy = System.Math.Min(bytes.Length, numBytes - count);
+                Array.Copy(entropy, 0, bytes, count, toCopy);
+                count += toCopy;
+            }
+            return bytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/IDrbgProvider.cs b/bc-sharp-crypto/src/crypto/prng/IDrbgProvider.cs
new file mode 100644
index 0000000..5ebf5fd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/IDrbgProvider.cs
@@ -0,0 +1,11 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Prng.Drbg;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    internal interface IDrbgProvider
+    {
+        ISP80090Drbg Get(IEntropySource entropySource);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/IRandomGenerator.cs b/bc-sharp-crypto/src/crypto/prng/IRandomGenerator.cs
new file mode 100644
index 0000000..8dbe406
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/IRandomGenerator.cs
@@ -0,0 +1,26 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+	/// <remarks>Generic interface for objects generating random bytes.</remarks>
+	public interface IRandomGenerator
+	{
+		/// <summary>Add more seed material to the generator.</summary>
+		/// <param name="seed">A byte array to be mixed into the generator's state.</param>
+		void AddSeedMaterial(byte[] seed);
+
+		/// <summary>Add more seed material to the generator.</summary>
+		/// <param name="seed">A long value to be mixed into the generator's state.</param>
+		void AddSeedMaterial(long seed);
+
+		/// <summary>Fill byte array with random values.</summary>
+		/// <param name="bytes">Array to be filled.</param>
+		void NextBytes(byte[] bytes);
+
+		/// <summary>Fill byte array with random values.</summary>
+		/// <param name="bytes">Array to receive bytes.</param>
+		/// <param name="start">Index to start filling at.</param>
+		/// <param name="len">Length of segment to fill.</param>
+		void NextBytes(byte[] bytes, int start, int len);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/ReversedWindowGenerator.cs b/bc-sharp-crypto/src/crypto/prng/ReversedWindowGenerator.cs
new file mode 100644
index 0000000..dd28c52
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/ReversedWindowGenerator.cs
@@ -0,0 +1,98 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+	/// <remarks>
+	/// Takes bytes generated by an underling RandomGenerator and reverses the order in
+	/// each small window (of configurable size).
+	/// <p>
+	/// Access to internals is synchronized so a single one of these can be shared.
+	/// </p>
+	/// </remarks>
+	public class ReversedWindowGenerator
+		: IRandomGenerator
+	{
+		private readonly IRandomGenerator generator;
+
+		private byte[] window;
+		private int windowCount;
+
+		public ReversedWindowGenerator(
+			IRandomGenerator	generator,
+			int					windowSize)
+		{
+			if (generator == null)
+				throw new ArgumentNullException("generator");
+			if (windowSize < 2)
+				throw new ArgumentException("Window size must be at least 2", "windowSize");
+
+			this.generator = generator;
+			this.window = new byte[windowSize];
+		}
+
+		/// <summary>Add more seed material to the generator.</summary>
+		/// <param name="seed">A byte array to be mixed into the generator's state.</param>
+		public virtual void AddSeedMaterial(
+			byte[] seed)
+		{
+			lock (this)
+			{
+				windowCount = 0;
+				generator.AddSeedMaterial(seed);
+			}
+		}
+
+		/// <summary>Add more seed material to the generator.</summary>
+		/// <param name="seed">A long value to be mixed into the generator's state.</param>
+		public virtual void AddSeedMaterial(
+			long seed)
+		{
+			lock (this)
+			{
+				windowCount = 0;
+				generator.AddSeedMaterial(seed);
+			}
+		}
+
+		/// <summary>Fill byte array with random values.</summary>
+		/// <param name="bytes">Array to be filled.</param>
+		public virtual void NextBytes(
+			byte[] bytes)
+		{
+			doNextBytes(bytes, 0, bytes.Length);
+		}
+
+		/// <summary>Fill byte array with random values.</summary>
+		/// <param name="bytes">Array to receive bytes.</param>
+		/// <param name="start">Index to start filling at.</param>
+		/// <param name="len">Length of segment to fill.</param>
+		public virtual void NextBytes(
+			byte[]	bytes,
+			int		start,
+			int		len)
+		{
+			doNextBytes(bytes, start, len);
+		}
+
+		private void doNextBytes(
+			byte[]	bytes,
+			int		start,
+			int		len)
+		{
+			lock (this)
+			{
+				int done = 0;
+				while (done < len)
+				{
+					if (windowCount < 1)
+					{
+						generator.NextBytes(window, 0, window.Length);
+						windowCount = window.Length;
+					}
+
+					bytes[start + done++] = window[--windowCount];
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/SP800SecureRandom.cs b/bc-sharp-crypto/src/crypto/prng/SP800SecureRandom.cs
new file mode 100644
index 0000000..30c838c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/SP800SecureRandom.cs
@@ -0,0 +1,95 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Prng.Drbg;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public class SP800SecureRandom
+        :   SecureRandom
+    {
+        private readonly IDrbgProvider  mDrbgProvider;
+        private readonly bool           mPredictionResistant;
+        private readonly SecureRandom   mRandomSource;
+        private readonly IEntropySource mEntropySource;
+
+        private ISP80090Drbg mDrbg;
+
+        internal SP800SecureRandom(SecureRandom randomSource, IEntropySource entropySource, IDrbgProvider drbgProvider, bool predictionResistant)
+            : base((IRandomGenerator)null)
+        {
+            this.mRandomSource = randomSource;
+            this.mEntropySource = entropySource;
+            this.mDrbgProvider = drbgProvider;
+            this.mPredictionResistant = predictionResistant;
+        }
+
+        public override void SetSeed(byte[] seed)
+        {
+            lock (this)
+            {
+                if (mRandomSource != null)
+                {
+                    this.mRandomSource.SetSeed(seed);
+                }
+            }
+        }
+
+        public override void SetSeed(long seed)
+        {
+            lock (this)
+            {
+                // this will happen when SecureRandom() is created
+                if (mRandomSource != null)
+                {
+                    this.mRandomSource.SetSeed(seed);
+                }
+            }
+        }
+
+        public override void NextBytes(byte[] bytes)
+        {
+            lock (this)
+            {
+                if (mDrbg == null)
+                {
+                    mDrbg = mDrbgProvider.Get(mEntropySource);
+                }
+
+                // check if a reseed is required...
+                if (mDrbg.Generate(bytes, null, mPredictionResistant) < 0)
+                {
+                    mDrbg.Reseed(null);
+                    mDrbg.Generate(bytes, null, mPredictionResistant);
+                }
+            }
+        }
+
+        public override void NextBytes(byte[] buf, int off, int len)
+        {
+            byte[] bytes = new byte[len];
+            NextBytes(bytes);
+            Array.Copy(bytes, 0, buf, off, len);
+        }
+
+        public override byte[] GenerateSeed(int numBytes)
+        {
+            return EntropyUtilities.GenerateSeed(mEntropySource, numBytes);
+        }
+
+        /// <summary>Force a reseed of the DRBG.</summary>
+        /// <param name="additionalInput">optional additional input</param>
+        public virtual void Reseed(byte[] additionalInput)
+        {
+            lock (this)
+            {
+                if (mDrbg == null)
+                {
+                    mDrbg = mDrbgProvider.Get(mEntropySource);
+                }
+
+                mDrbg.Reseed(additionalInput);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/SP800SecureRandomBuilder.cs b/bc-sharp-crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
new file mode 100644
index 0000000..7199f1a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/SP800SecureRandomBuilder.cs
@@ -0,0 +1,208 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Prng.Drbg;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    /**
+     * Builder class for making SecureRandom objects based on SP 800-90A Deterministic Random Bit Generators (DRBG).
+     */
+    public class SP800SecureRandomBuilder
+    {
+        private readonly SecureRandom mRandom;
+        private readonly IEntropySourceProvider mEntropySourceProvider;
+
+        private byte[] mPersonalizationString = null;
+        private int mSecurityStrength = 256;
+        private int mEntropyBitsRequired = 256;
+
+        /**
+         * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
+         * predictionResistant set to false.
+         * <p>
+         * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
+         * the default SecureRandom does for its generateSeed() call.
+         * </p>
+         */
+        public SP800SecureRandomBuilder()
+            : this(new SecureRandom(), false)
+        {
+        }
+
+        /**
+         * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
+         * for prediction resistance.
+         * <p>
+         * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
+         * the passed in SecureRandom does for its generateSeed() call.
+         * </p>
+         * @param entropySource
+         * @param predictionResistant
+         */
+        public SP800SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant)
+        {
+            this.mRandom = entropySource;
+            this.mEntropySourceProvider = new BasicEntropySourceProvider(entropySource, predictionResistant);
+        }
+
+        /**
+         * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
+         * <p>
+         * <b>Note:</b> If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
+         * </p>
+         * @param entropySourceProvider a provider of EntropySource objects.
+         */
+        public SP800SecureRandomBuilder(IEntropySourceProvider entropySourceProvider)
+        {
+            this.mRandom = null;
+            this.mEntropySourceProvider = entropySourceProvider;
+        }
+
+        /**
+         * Set the personalization string for DRBG SecureRandoms created by this builder
+         * @param personalizationString  the personalisation string for the underlying DRBG.
+         * @return the current builder.
+         */
+        public SP800SecureRandomBuilder SetPersonalizationString(byte[] personalizationString)
+        {
+            this.mPersonalizationString = personalizationString;
+            return this;
+        }
+
+        /**
+         * Set the security strength required for DRBGs used in building SecureRandom objects.
+         *
+         * @param securityStrength the security strength (in bits)
+         * @return the current builder.
+         */
+        public SP800SecureRandomBuilder SetSecurityStrength(int securityStrength)
+        {
+            this.mSecurityStrength = securityStrength;
+            return this;
+        }
+
+        /**
+         * Set the amount of entropy bits required for seeding and reseeding DRBGs used in building SecureRandom objects.
+         *
+         * @param entropyBitsRequired the number of bits of entropy to be requested from the entropy source on each seed/reseed.
+         * @return the current builder.
+         */
+        public SP800SecureRandomBuilder SetEntropyBitsRequired(int entropyBitsRequired)
+        {
+            this.mEntropyBitsRequired = entropyBitsRequired;
+            return this;
+        }
+
+        /**
+         * Build a SecureRandom based on a SP 800-90A Hash DRBG.
+         *
+         * @param digest digest algorithm to use in the DRBG underneath the SecureRandom.
+         * @param nonce  nonce value to use in DRBG construction.
+         * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
+         * @return a SecureRandom supported by a Hash DRBG.
+         */
+        public SP800SecureRandom BuildHash(IDigest digest, byte[] nonce, bool predictionResistant)
+        {
+            return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired),
+                new HashDrbgProvider(digest, nonce, mPersonalizationString, mSecurityStrength), predictionResistant);
+        }
+
+        /**
+         * Build a SecureRandom based on a SP 800-90A CTR DRBG.
+         *
+         * @param cipher the block cipher to base the DRBG on.
+         * @param keySizeInBits key size in bits to be used with the block cipher.
+         * @param nonce nonce value to use in DRBG construction.
+         * @param predictionResistant  specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
+         * @return  a SecureRandom supported by a CTR DRBG.
+         */
+        public SP800SecureRandom BuildCtr(IBlockCipher cipher, int keySizeInBits, byte[] nonce, bool predictionResistant)
+        {
+            return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired),
+                new CtrDrbgProvider(cipher, keySizeInBits, nonce, mPersonalizationString, mSecurityStrength), predictionResistant);
+        }
+
+        /**
+         * Build a SecureRandom based on a SP 800-90A HMAC DRBG.
+         *
+         * @param hMac HMAC algorithm to use in the DRBG underneath the SecureRandom.
+         * @param nonce  nonce value to use in DRBG construction.
+         * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
+         * @return a SecureRandom supported by a HMAC DRBG.
+         */
+        public SP800SecureRandom BuildHMac(IMac hMac, byte[] nonce, bool predictionResistant)
+        {
+            return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired),
+                new HMacDrbgProvider(hMac, nonce, mPersonalizationString, mSecurityStrength), predictionResistant);
+        }
+
+        private class HashDrbgProvider
+            :   IDrbgProvider
+        {
+            private readonly IDigest mDigest;
+            private readonly byte[] mNonce;
+            private readonly byte[] mPersonalizationString;
+            private readonly int mSecurityStrength;
+
+            public HashDrbgProvider(IDigest digest, byte[] nonce, byte[] personalizationString, int securityStrength)
+            {
+                this.mDigest = digest;
+                this.mNonce = nonce;
+                this.mPersonalizationString = personalizationString;
+                this.mSecurityStrength = securityStrength;
+            }
+
+            public ISP80090Drbg Get(IEntropySource entropySource)
+            {
+                return new HashSP800Drbg(mDigest, mSecurityStrength, entropySource, mPersonalizationString, mNonce);
+            }
+        }
+
+        private class HMacDrbgProvider
+            :   IDrbgProvider
+        {
+            private readonly IMac mHMac;
+            private readonly byte[] mNonce;
+            private readonly byte[] mPersonalizationString;
+            private readonly int mSecurityStrength;
+
+            public HMacDrbgProvider(IMac hMac, byte[] nonce, byte[] personalizationString, int securityStrength)
+            {
+                this.mHMac = hMac;
+                this.mNonce = nonce;
+                this.mPersonalizationString = personalizationString;
+                this.mSecurityStrength = securityStrength;
+            }
+
+            public ISP80090Drbg Get(IEntropySource entropySource)
+            {
+                return new HMacSP800Drbg(mHMac, mSecurityStrength, entropySource, mPersonalizationString, mNonce);
+            }
+        }
+
+        private class CtrDrbgProvider
+            :   IDrbgProvider
+        {
+            private readonly IBlockCipher mBlockCipher;
+            private readonly int mKeySizeInBits;
+            private readonly byte[] mNonce;
+            private readonly byte[] mPersonalizationString;
+            private readonly int mSecurityStrength;
+
+            public CtrDrbgProvider(IBlockCipher blockCipher, int keySizeInBits, byte[] nonce, byte[] personalizationString, int securityStrength)
+            {
+                this.mBlockCipher = blockCipher;
+                this.mKeySizeInBits = keySizeInBits;
+                this.mNonce = nonce;
+                this.mPersonalizationString = personalizationString;
+                this.mSecurityStrength = securityStrength;
+            }
+
+            public ISP80090Drbg Get(IEntropySource entropySource)
+            {
+                return new CtrSP800Drbg(mBlockCipher, mKeySizeInBits, mSecurityStrength, entropySource, mPersonalizationString, mNonce);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/ThreadedSeedGenerator.cs b/bc-sharp-crypto/src/crypto/prng/ThreadedSeedGenerator.cs
new file mode 100644
index 0000000..0a38e5f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/ThreadedSeedGenerator.cs
@@ -0,0 +1,129 @@
+using System;
+using System.Threading;
+
+#if NO_THREADS
+using System.Threading.Tasks;
+#endif
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    /**
+     * A thread based seed generator - one source of randomness.
+     * <p>
+     * Based on an idea from Marcus Lippert.
+     * </p>
+     */
+    public class ThreadedSeedGenerator
+    {
+        private class SeedGenerator
+        {
+#if NETCF_1_0
+			// No volatile keyword, but all fields implicitly volatile anyway
+			private int		counter = 0;
+			private bool	stop = false;
+#else
+            private volatile int counter = 0;
+            private volatile bool stop = false;
+#endif
+
+            private void Run(object ignored)
+            {
+                while (!this.stop)
+                {
+                    this.counter++;
+                }
+            }
+
+            public byte[] GenerateSeed(
+                int numBytes,
+                bool fast)
+            {
+#if SILVERLIGHT || PORTABLE
+                return DoGenerateSeed(numBytes, fast);
+#else
+                ThreadPriority originalPriority = Thread.CurrentThread.Priority;
+                try
+                {
+                    Thread.CurrentThread.Priority = ThreadPriority.Normal;
+                    return DoGenerateSeed(numBytes, fast);
+                }
+                finally
+                {
+                    Thread.CurrentThread.Priority = originalPriority;
+                }
+#endif
+            }
+
+            private byte[] DoGenerateSeed(
+                int numBytes,
+                bool fast)
+            {
+                this.counter = 0;
+                this.stop = false;
+
+                byte[] result = new byte[numBytes];
+                int last = 0;
+                int end = fast ? numBytes : numBytes * 8;
+
+#if NO_THREADS
+                Task.Factory.StartNew(() => Run(null), TaskCreationOptions.None);
+#else
+                ThreadPool.QueueUserWorkItem(new WaitCallback(Run));
+#endif
+
+                for (int i = 0; i < end; i++)
+                {
+                    while (this.counter == last)
+                    {
+                        try
+                        {
+#if PORTABLE
+                            new AutoResetEvent(false).WaitOne(1);
+#else
+                            Thread.Sleep(1);
+#endif
+                        }
+                        catch (Exception)
+                        {
+                            // ignore
+                        }
+                    }
+
+                    last = this.counter;
+
+                    if (fast)
+                    {
+                        result[i] = (byte)last;
+                    }
+                    else
+                    {
+                        int bytepos = i / 8;
+                        result[bytepos] = (byte)((result[bytepos] << 1) | (last & 1));
+                    }
+                }
+
+                this.stop = true;
+
+                return result;
+            }
+        }
+
+        /**
+         * Generate seed bytes. Set fast to false for best quality.
+         * <p>
+         * If fast is set to true, the code should be round about 8 times faster when
+         * generating a long sequence of random bytes. 20 bytes of random values using
+         * the fast mode take less than half a second on a Nokia e70. If fast is set to false,
+         * it takes round about 2500 ms.
+         * </p>
+         * @param numBytes the number of bytes to generate
+         * @param fast true if fast mode should be used
+         */
+        public byte[] GenerateSeed(
+            int numBytes,
+            bool fast)
+        {
+            return new SeedGenerator().GenerateSeed(numBytes, fast);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/VMPCRandomGenerator.cs b/bc-sharp-crypto/src/crypto/prng/VMPCRandomGenerator.cs
new file mode 100644
index 0000000..64f287d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/VMPCRandomGenerator.cs
@@ -0,0 +1,114 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public class VmpcRandomGenerator
+        : IRandomGenerator 
+    {
+        private byte n = 0;
+
+        /// <remarks>
+        /// Permutation generated by code:
+        /// <code>
+        /// // First 1850 fractional digit of Pi number. 
+        /// byte[] key = new BigInteger("14159265358979323846...5068006422512520511").ToByteArray();
+        /// s = 0;
+        /// P = new byte[256];
+        /// for (int i = 0; i &lt; 256; i++) 
+        /// {
+        ///     P[i] = (byte) i;
+        /// }
+        /// for (int m = 0; m &lt; 768; m++) 
+        /// {
+        ///     s = P[(s + P[m &amp; 0xff] + key[m % key.length]) &amp; 0xff];
+        ///     byte temp = P[m &amp; 0xff];
+        ///     P[m &amp; 0xff] = P[s &amp; 0xff];
+        ///     P[s &amp; 0xff] = temp;
+        /// } </code>
+        /// </remarks>
+        private byte[] P =
+        {
+            (byte) 0xbb, (byte) 0x2c, (byte) 0x62, (byte) 0x7f, (byte) 0xb5, (byte) 0xaa, (byte) 0xd4,
+            (byte) 0x0d, (byte) 0x81, (byte) 0xfe, (byte) 0xb2, (byte) 0x82, (byte) 0xcb, (byte) 0xa0, (byte) 0xa1,
+            (byte) 0x08, (byte) 0x18, (byte) 0x71, (byte) 0x56, (byte) 0xe8, (byte) 0x49, (byte) 0x02, (byte) 0x10,
+            (byte) 0xc4, (byte) 0xde, (byte) 0x35, (byte) 0xa5, (byte) 0xec, (byte) 0x80, (byte) 0x12, (byte) 0xb8,
+            (byte) 0x69, (byte) 0xda, (byte) 0x2f, (byte) 0x75, (byte) 0xcc, (byte) 0xa2, (byte) 0x09, (byte) 0x36,
+            (byte) 0x03, (byte) 0x61, (byte) 0x2d, (byte) 0xfd, (byte) 0xe0, (byte) 0xdd, (byte) 0x05, (byte) 0x43,
+            (byte) 0x90, (byte) 0xad, (byte) 0xc8, (byte) 0xe1, (byte) 0xaf, (byte) 0x57, (byte) 0x9b, (byte) 0x4c,
+            (byte) 0xd8, (byte) 0x51, (byte) 0xae, (byte) 0x50, (byte) 0x85, (byte) 0x3c, (byte) 0x0a, (byte) 0xe4,
+            (byte) 0xf3, (byte) 0x9c, (byte) 0x26, (byte) 0x23, (byte) 0x53, (byte) 0xc9, (byte) 0x83, (byte) 0x97,
+            (byte) 0x46, (byte) 0xb1, (byte) 0x99, (byte) 0x64, (byte) 0x31, (byte) 0x77, (byte) 0xd5, (byte) 0x1d,
+            (byte) 0xd6, (byte) 0x78, (byte) 0xbd, (byte) 0x5e, (byte) 0xb0, (byte) 0x8a, (byte) 0x22, (byte) 0x38,
+            (byte) 0xf8, (byte) 0x68, (byte) 0x2b, (byte) 0x2a, (byte) 0xc5, (byte) 0xd3, (byte) 0xf7, (byte) 0xbc,
+            (byte) 0x6f, (byte) 0xdf, (byte) 0x04, (byte) 0xe5, (byte) 0x95, (byte) 0x3e, (byte) 0x25, (byte) 0x86,
+            (byte) 0xa6, (byte) 0x0b, (byte) 0x8f, (byte) 0xf1, (byte) 0x24, (byte) 0x0e, (byte) 0xd7, (byte) 0x40,
+            (byte) 0xb3, (byte) 0xcf, (byte) 0x7e, (byte) 0x06, (byte) 0x15, (byte) 0x9a, (byte) 0x4d, (byte) 0x1c,
+            (byte) 0xa3, (byte) 0xdb, (byte) 0x32, (byte) 0x92, (byte) 0x58, (byte) 0x11, (byte) 0x27, (byte) 0xf4,
+            (byte) 0x59, (byte) 0xd0, (byte) 0x4e, (byte) 0x6a, (byte) 0x17, (byte) 0x5b, (byte) 0xac, (byte) 0xff,
+            (byte) 0x07, (byte) 0xc0, (byte) 0x65, (byte) 0x79, (byte) 0xfc, (byte) 0xc7, (byte) 0xcd, (byte) 0x76,
+            (byte) 0x42, (byte) 0x5d, (byte) 0xe7, (byte) 0x3a, (byte) 0x34, (byte) 0x7a, (byte) 0x30, (byte) 0x28,
+            (byte) 0x0f, (byte) 0x73, (byte) 0x01, (byte) 0xf9, (byte) 0xd1, (byte) 0xd2, (byte) 0x19, (byte) 0xe9,
+            (byte) 0x91, (byte) 0xb9, (byte) 0x5a, (byte) 0xed, (byte) 0x41, (byte) 0x6d, (byte) 0xb4, (byte) 0xc3,
+            (byte) 0x9e, (byte) 0xbf, (byte) 0x63, (byte) 0xfa, (byte) 0x1f, (byte) 0x33, (byte) 0x60, (byte) 0x47,
+            (byte) 0x89, (byte) 0xf0, (byte) 0x96, (byte) 0x1a, (byte) 0x5f, (byte) 0x93, (byte) 0x3d, (byte) 0x37,
+            (byte) 0x4b, (byte) 0xd9, (byte) 0xa8, (byte) 0xc1, (byte) 0x1b, (byte) 0xf6, (byte) 0x39, (byte) 0x8b,
+            (byte) 0xb7, (byte) 0x0c, (byte) 0x20, (byte) 0xce, (byte) 0x88, (byte) 0x6e, (byte) 0xb6, (byte) 0x74,
+            (byte) 0x8e, (byte) 0x8d, (byte) 0x16, (byte) 0x29, (byte) 0xf2, (byte) 0x87, (byte) 0xf5, (byte) 0xeb,
+            (byte) 0x70, (byte) 0xe3, (byte) 0xfb, (byte) 0x55, (byte) 0x9f, (byte) 0xc6, (byte) 0x44, (byte) 0x4a,
+            (byte) 0x45, (byte) 0x7d, (byte) 0xe2, (byte) 0x6b, (byte) 0x5c, (byte) 0x6c, (byte) 0x66, (byte) 0xa9,
+            (byte) 0x8c, (byte) 0xee, (byte) 0x84, (byte) 0x13, (byte) 0xa7, (byte) 0x1e, (byte) 0x9d, (byte) 0xdc,
+            (byte) 0x67, (byte) 0x48, (byte) 0xba, (byte) 0x2e, (byte) 0xe6, (byte) 0xa4, (byte) 0xab, (byte) 0x7c,
+            (byte) 0x94, (byte) 0x00, (byte) 0x21, (byte) 0xef, (byte) 0xea, (byte) 0xbe, (byte) 0xca, (byte) 0x72,
+            (byte) 0x4f, (byte) 0x52, (byte) 0x98, (byte) 0x3f, (byte) 0xc2, (byte) 0x14, (byte) 0x7b, (byte) 0x3b,
+            (byte) 0x54
+        };
+
+        /// <remarks>Value generated in the same way as <c>P</c>.</remarks>
+        private byte s = (byte) 0xbe;
+
+        public VmpcRandomGenerator()
+        {
+        }
+
+        public virtual void AddSeedMaterial(byte[] seed) 
+        {
+            for (int m = 0; m < seed.Length; m++) 
+            {
+                s = P[(s + P[n & 0xff] + seed[m]) & 0xff];
+                byte temp = P[n & 0xff];
+                P[n & 0xff] = P[s & 0xff];
+                P[s & 0xff] = temp;
+                n = (byte) ((n + 1) & 0xff);
+            }
+        }
+
+        public virtual void AddSeedMaterial(long seed) 
+        {
+            AddSeedMaterial(Pack.UInt64_To_BE((ulong)seed));
+        }
+
+        public virtual void NextBytes(byte[] bytes) 
+        {
+            NextBytes(bytes, 0, bytes.Length);
+        }
+
+        public virtual void NextBytes(byte[] bytes, int start, int len) 
+        {
+            lock (P) 
+            {
+                int end = start + len;
+                for (int i = start; i != end; i++) 
+                {
+                    s = P[(s + P[n & 0xff]) & 0xff];
+                    bytes[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
+                    byte temp = P[n & 0xff];
+                    P[n & 0xff] = P[s & 0xff];
+                    P[s & 0xff] = temp;
+                    n = (byte) ((n + 1) & 0xff);
+                }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/X931Rng.cs b/bc-sharp-crypto/src/crypto/prng/X931Rng.cs
new file mode 100644
index 0000000..2bd8e0c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/X931Rng.cs
@@ -0,0 +1,146 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    internal class X931Rng
+    {
+        private const long  BLOCK64_RESEED_MAX = 1L << (16 - 1);
+        private const long  BLOCK128_RESEED_MAX = 1L << (24 - 1);
+        private const int   BLOCK64_MAX_BITS_REQUEST = 1 << (13 - 1);
+        private const int   BLOCK128_MAX_BITS_REQUEST = 1 << (19 - 1);
+
+        private readonly IBlockCipher mEngine;
+        private readonly IEntropySource mEntropySource;
+
+        private readonly byte[] mDT;
+        private readonly byte[] mI;
+        private readonly byte[] mR;
+
+        private byte[] mV;
+
+        private long mReseedCounter = 1;
+
+        /**
+         *
+         * @param engine
+         * @param entropySource
+         */
+        internal X931Rng(IBlockCipher engine, byte[] dateTimeVector, IEntropySource entropySource)
+        {
+            this.mEngine = engine;
+            this.mEntropySource = entropySource;
+
+            this.mDT = new byte[engine.GetBlockSize()];
+
+            Array.Copy(dateTimeVector, 0, mDT, 0, mDT.Length);
+
+            this.mI = new byte[engine.GetBlockSize()];
+            this.mR = new byte[engine.GetBlockSize()];
+        }
+
+        /**
+         * Populate a passed in array with random data.
+         *
+         * @param output output array for generated bits.
+         * @param predictionResistant true if a reseed should be forced, false otherwise.
+         *
+         * @return number of bits generated, -1 if a reseed required.
+         */
+        internal int Generate(byte[] output, bool predictionResistant)
+        {
+            if (mR.Length == 8) // 64 bit block size
+            {
+                if (mReseedCounter > BLOCK64_RESEED_MAX)
+                    return -1;
+
+                if (IsTooLarge(output, BLOCK64_MAX_BITS_REQUEST / 8))
+                    throw new ArgumentException("Number of bits per request limited to " + BLOCK64_MAX_BITS_REQUEST, "output");
+            }
+            else
+            {
+                if (mReseedCounter > BLOCK128_RESEED_MAX)
+                    return -1;
+
+                if (IsTooLarge(output, BLOCK128_MAX_BITS_REQUEST / 8))
+                    throw new ArgumentException("Number of bits per request limited to " + BLOCK128_MAX_BITS_REQUEST, "output");
+            }
+
+            if (predictionResistant || mV == null)
+            {
+                mV = mEntropySource.GetEntropy();
+                if (mV.Length != mEngine.GetBlockSize())
+                    throw new InvalidOperationException("Insufficient entropy returned");
+            }
+
+            int m = output.Length / mR.Length;
+
+            for (int i = 0; i < m; i++)
+            {
+                mEngine.ProcessBlock(mDT, 0, mI, 0);
+                Process(mR, mI, mV);
+                Process(mV, mR, mI);
+
+                Array.Copy(mR, 0, output, i * mR.Length, mR.Length);
+
+                Increment(mDT);
+            }
+
+            int bytesToCopy = (output.Length - m * mR.Length);
+
+            if (bytesToCopy > 0)
+            {
+                mEngine.ProcessBlock(mDT, 0, mI, 0);
+                Process(mR, mI, mV);
+                Process(mV, mR, mI);
+
+                Array.Copy(mR, 0, output, m * mR.Length, bytesToCopy);
+
+                Increment(mDT);
+            }
+
+            mReseedCounter++;
+
+            return output.Length;
+        }
+
+        /**
+         * Reseed the RNG.
+         */
+        internal void Reseed()
+        {
+            mV = mEntropySource.GetEntropy();
+            if (mV.Length != mEngine.GetBlockSize())
+                throw new InvalidOperationException("Insufficient entropy returned");
+            mReseedCounter = 1;
+        }
+
+        internal IEntropySource EntropySource
+        {
+            get { return mEntropySource; }
+        }
+
+        private void Process(byte[] res, byte[] a, byte[] b)
+        {
+            for (int i = 0; i != res.Length; i++)
+            {
+                res[i] = (byte)(a[i] ^ b[i]);
+            }
+
+            mEngine.ProcessBlock(res, 0, res, 0);
+        }
+
+        private void Increment(byte[] val)
+        {
+            for (int i = val.Length - 1; i >= 0; i--)
+            {
+                if (++val[i] != 0)
+                    break;
+            }
+        }
+
+        private static bool IsTooLarge(byte[] bytes, int maxBytes)
+        {
+            return bytes != null && bytes.Length > maxBytes;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/X931SecureRandom.cs b/bc-sharp-crypto/src/crypto/prng/X931SecureRandom.cs
new file mode 100644
index 0000000..d2e4849
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/X931SecureRandom.cs
@@ -0,0 +1,70 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public class X931SecureRandom
+        :   SecureRandom
+    {
+        private readonly bool           mPredictionResistant;
+        private readonly SecureRandom   mRandomSource;
+        private readonly X931Rng        mDrbg;
+
+        internal X931SecureRandom(SecureRandom randomSource, X931Rng drbg, bool predictionResistant)
+            : base((IRandomGenerator)null)
+        {
+            this.mRandomSource = randomSource;
+            this.mDrbg = drbg;
+            this.mPredictionResistant = predictionResistant;
+        }
+
+        public override void SetSeed(byte[] seed)
+        {
+            lock (this)
+            {
+                if (mRandomSource != null)
+                {
+                    this.mRandomSource.SetSeed(seed);
+                }
+            }
+        }
+
+        public override void SetSeed(long seed)
+        {
+            lock (this)
+            {
+                // this will happen when SecureRandom() is created
+                if (mRandomSource != null)
+                {
+                    this.mRandomSource.SetSeed(seed);
+                }
+            }
+        }
+
+        public override void NextBytes(byte[] bytes)
+        {
+            lock (this)
+            {
+                // check if a reseed is required...
+                if (mDrbg.Generate(bytes, mPredictionResistant) < 0)
+                {
+                    mDrbg.Reseed();
+                    mDrbg.Generate(bytes, mPredictionResistant);
+                }
+            }
+        }
+
+        public override void NextBytes(byte[] buf, int off, int len)
+        {
+            byte[] bytes = new byte[len];
+            NextBytes(bytes);
+            Array.Copy(bytes, 0, buf, off, len);
+        }
+
+        public override byte[] GenerateSeed(int numBytes)
+        {
+            return EntropyUtilities.GenerateSeed(mDrbg.EntropySource, numBytes);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/X931SecureRandomBuilder.cs b/bc-sharp-crypto/src/crypto/prng/X931SecureRandomBuilder.cs
new file mode 100644
index 0000000..31e9431
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/X931SecureRandomBuilder.cs
@@ -0,0 +1,87 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Crypto.Prng
+{
+    public class X931SecureRandomBuilder
+    {
+        private readonly SecureRandom mRandom;          // JDK 1.1 complains on final.
+
+        private IEntropySourceProvider mEntropySourceProvider;
+        private byte[] mDateTimeVector;
+
+        /**
+         * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
+         * predictionResistant set to false.
+         * <p>
+         * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
+         * the default SecureRandom does for its generateSeed() call.
+         * </p>
+         */
+        public X931SecureRandomBuilder()
+            : this(new SecureRandom(), false)
+        {
+        }
+
+        /**
+         * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
+         * for prediction resistance.
+         * <p>
+         * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
+         * the passed in SecureRandom does for its generateSeed() call.
+         * </p>
+         * @param entropySource
+         * @param predictionResistant
+         */
+        public X931SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant)
+        {
+            this.mRandom = entropySource;
+            this.mEntropySourceProvider = new BasicEntropySourceProvider(mRandom, predictionResistant);
+        }
+
+        /**
+         * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
+         * <p>
+         * <b>Note:</b> If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
+         * </p>
+         * @param entropySourceProvider a provider of EntropySource objects.
+         */
+        public X931SecureRandomBuilder(IEntropySourceProvider entropySourceProvider)
+        {
+            this.mRandom = null;
+            this.mEntropySourceProvider = entropySourceProvider;
+        }
+
+        public X931SecureRandomBuilder SetDateTimeVector(byte[] dateTimeVector)
+        {
+            this.mDateTimeVector = dateTimeVector;
+            return this;
+        }
+
+        /**
+         * Construct a X9.31 secure random generator using the passed in engine and key. If predictionResistant is true the
+         * generator will be reseeded on each request.
+         *
+         * @param engine a block cipher to use as the operator.
+         * @param key the block cipher key to initialise engine with.
+         * @param predictionResistant true if engine to be reseeded on each use, false otherwise.
+         * @return a SecureRandom.
+         */
+        public X931SecureRandom Build(IBlockCipher engine, KeyParameter key, bool predictionResistant)
+        {
+            if (mDateTimeVector == null)
+            {
+                mDateTimeVector = new byte[engine.GetBlockSize()];
+                Pack.UInt64_To_BE((ulong)DateTimeUtilities.CurrentUnixMs(), mDateTimeVector, 0);
+            }
+
+            engine.Init(true, key);
+
+            return new X931SecureRandom(mRandom, new X931Rng(engine, mDateTimeVector, mEntropySourceProvider.Get(engine.GetBlockSize() * 8)), predictionResistant);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs b/bc-sharp-crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
new file mode 100644
index 0000000..eca1821
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs
@@ -0,0 +1,466 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Prng.Drbg
+{
+	/**
+	 * A SP800-90A CTR DRBG.
+	 */
+	public class CtrSP800Drbg
+        :   ISP80090Drbg
+	{
+	    private static readonly long TDEA_RESEED_MAX = 1L << (32 - 1);
+		private static readonly long AES_RESEED_MAX = 1L << (48 - 1);
+		private static readonly int TDEA_MAX_BITS_REQUEST = 1 << (13 - 1);
+		private static readonly int AES_MAX_BITS_REQUEST = 1 << (19 - 1);
+
+        private readonly IEntropySource  mEntropySource;
+	    private readonly IBlockCipher    mEngine;
+	    private readonly int             mKeySizeInBits;
+	    private readonly int             mSeedLength;
+	    private readonly int             mSecurityStrength;
+
+        // internal state
+	    private byte[]                mKey;
+	    private byte[]                mV;
+	    private long                  mReseedCounter = 0;
+	    private bool                  mIsTdea = false;
+
+	    /**
+	     * Construct a SP800-90A CTR DRBG.
+	     * <p>
+	     * Minimum entropy requirement is the security strength requested.
+	     * </p>
+	     * @param engine underlying block cipher to use to support DRBG
+	     * @param keySizeInBits size of the key to use with the block cipher.
+	     * @param securityStrength security strength required (in bits)
+	     * @param entropySource source of entropy to use for seeding/reseeding.
+	     * @param personalizationString personalization string to distinguish this DRBG (may be null).
+	     * @param nonce nonce to further distinguish this DRBG (may be null).
+	     */
+	    public CtrSP800Drbg(IBlockCipher engine, int keySizeInBits, int securityStrength, IEntropySource entropySource,
+            byte[] personalizationString, byte[] nonce)
+	    {
+	        if (securityStrength > 256)
+	            throw new ArgumentException("Requested security strength is not supported by the derivation function");
+	        if (GetMaxSecurityStrength(engine, keySizeInBits) < securityStrength)
+	            throw new ArgumentException("Requested security strength is not supported by block cipher and key size");
+	        if (entropySource.EntropySize < securityStrength)
+	            throw new ArgumentException("Not enough entropy for security strength required");
+
+            mEntropySource = entropySource;
+	        mEngine = engine;     
+
+            mKeySizeInBits = keySizeInBits;
+	        mSecurityStrength = securityStrength;
+	        mSeedLength = keySizeInBits + engine.GetBlockSize() * 8;
+	        mIsTdea = IsTdea(engine);
+
+	        byte[] entropy = GetEntropy();  // Get_entropy_input
+
+            CTR_DRBG_Instantiate_algorithm(entropy, nonce, personalizationString);
+	    }
+
+        private void CTR_DRBG_Instantiate_algorithm(byte[] entropy, byte[] nonce, byte[] personalisationString)
+	    {
+	        byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalisationString);
+	        byte[] seed = Block_Cipher_df(seedMaterial, mSeedLength);
+
+            int outlen = mEngine.GetBlockSize();
+
+            mKey = new byte[(mKeySizeInBits + 7) / 8];
+	        mV = new byte[outlen];
+
+	        // mKey & mV are modified by this call
+	        CTR_DRBG_Update(seed, mKey, mV); 
+
+            mReseedCounter = 1;
+	    }
+
+        private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v)
+	    {
+	        byte[] temp = new byte[seed.Length];
+	        byte[] outputBlock = new byte[mEngine.GetBlockSize()];
+
+            int i = 0;
+	        int outLen = mEngine.GetBlockSize();
+
+            mEngine.Init(true, new KeyParameter(ExpandKey(key)));
+	        while (i*outLen < seed.Length)
+	        {
+	            AddOneTo(v);
+	            mEngine.ProcessBlock(v, 0, outputBlock, 0);
+
+	            int bytesToCopy = ((temp.Length - i * outLen) > outLen)
+	                    ? outLen : (temp.Length - i * outLen);
+	            
+	            Array.Copy(outputBlock, 0, temp, i * outLen, bytesToCopy);
+	            ++i;
+	        }
+
+	        XOR(temp, seed, temp, 0);
+
+	        Array.Copy(temp, 0, key, 0, key.Length);
+	        Array.Copy(temp, key.Length, v, 0, v.Length);
+	    }
+	    
+	    private void CTR_DRBG_Reseed_algorithm(byte[] additionalInput)
+	    {
+	        byte[] seedMaterial = Arrays.Concatenate(GetEntropy(), additionalInput);
+
+	        seedMaterial = Block_Cipher_df(seedMaterial, mSeedLength);
+
+            CTR_DRBG_Update(seedMaterial, mKey, mV);
+
+            mReseedCounter = 1;
+	    }
+
+        private void XOR(byte[] output, byte[] a, byte[] b, int bOff)
+	    {
+            for (int i = 0; i < output.Length; i++) 
+	        {
+                output[i] = (byte)(a[i] ^ b[bOff + i]);
+	        }
+	    }
+
+        private void AddOneTo(byte[] longer)
+	    {
+	        uint carry = 1;
+            int i = longer.Length;
+            while (--i >= 0)
+            {
+                carry += longer[i];
+                longer[i] = (byte)carry;
+                carry >>= 8;
+            }
+	    } 
+
+        private byte[] GetEntropy()
+	    {
+	        byte[] entropy = mEntropySource.GetEntropy();
+	        if (entropy.Length < (mSecurityStrength + 7) / 8)
+	            throw new InvalidOperationException("Insufficient entropy provided by entropy source");
+	        return entropy;
+	    }
+
+	    // -- Internal state migration ---
+
+        private static readonly byte[] K_BITS = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
+
+        // 1. If (number_of_bits_to_return > max_number_of_bits), then return an
+	    // ERROR_FLAG.
+	    // 2. L = len (input_string)/8.
+	    // 3. N = number_of_bits_to_return/8.
+	    // Comment: L is the bitstring represention of
+	    // the integer resulting from len (input_string)/8.
+	    // L shall be represented as a 32-bit integer.
+	    //
+	    // Comment : N is the bitstring represention of
+	    // the integer resulting from
+	    // number_of_bits_to_return/8. N shall be
+	    // represented as a 32-bit integer.
+	    //
+	    // 4. S = L || N || input_string || 0x80.
+	    // 5. While (len (S) mod outlen)
+	    // Comment : Pad S with zeros, if necessary.
+	    // 0, S = S || 0x00.
+	    //
+	    // Comment : Compute the starting value.
+	    // 6. temp = the Null string.
+	    // 7. i = 0.
+	    // 8. K = Leftmost keylen bits of 0x00010203...1D1E1F.
+	    // 9. While len (temp) < keylen + outlen, do
+	    //
+	    // IV = i || 0outlen - len (i).
+	    //
+	    // 9.1
+	    //
+	    // temp = temp || BCC (K, (IV || S)).
+	    //
+	    // 9.2
+	    //
+	    // i = i + 1.
+	    //
+	    // 9.3
+	    //
+	    // Comment : i shall be represented as a 32-bit
+	    // integer, i.e., len (i) = 32.
+	    //
+	    // Comment: The 32-bit integer represenation of
+	    // i is padded with zeros to outlen bits.
+	    //
+	    // Comment: Compute the requested number of
+	    // bits.
+	    //
+	    // 10. K = Leftmost keylen bits of temp.
+	    //
+	    // 11. X = Next outlen bits of temp.
+	    //
+	    // 12. temp = the Null string.
+	    //
+	    // 13. While len (temp) < number_of_bits_to_return, do
+	    //
+	    // 13.1 X = Block_Encrypt (K, X).
+	    //
+	    // 13.2 temp = temp || X.
+	    //
+	    // 14. requested_bits = Leftmost number_of_bits_to_return of temp.
+	    //
+	    // 15. Return SUCCESS and requested_bits.
+	    private byte[] Block_Cipher_df(byte[] inputString, int bitLength)
+	    {
+	        int outLen = mEngine.GetBlockSize();
+	        int L = inputString.Length; // already in bytes
+	        int N = bitLength / 8;
+	        // 4 S = L || N || inputstring || 0x80
+	        int sLen = 4 + 4 + L + 1;
+	        int blockLen = ((sLen + outLen - 1) / outLen) * outLen;
+	        byte[] S = new byte[blockLen];
+	        copyIntToByteArray(S, L, 0);
+	        copyIntToByteArray(S, N, 4);
+	        Array.Copy(inputString, 0, S, 8, L);
+	        S[8 + L] = (byte)0x80;
+	        // S already padded with zeros
+
+	        byte[] temp = new byte[mKeySizeInBits / 8 + outLen];
+	        byte[] bccOut = new byte[outLen];
+
+	        byte[] IV = new byte[outLen]; 
+	        
+	        int i = 0;
+	        byte[] K = new byte[mKeySizeInBits / 8];
+	        Array.Copy(K_BITS, 0, K, 0, K.Length);
+
+	        while (i*outLen*8 < mKeySizeInBits + outLen *8)
+	        {
+	            copyIntToByteArray(IV, i, 0);
+	            BCC(bccOut, K, IV, S);
+
+	            int bytesToCopy = ((temp.Length - i * outLen) > outLen)
+	                    ? outLen
+	                    : (temp.Length - i * outLen);
+	            
+	            Array.Copy(bccOut, 0, temp, i * outLen, bytesToCopy);
+	            ++i;
+	        }
+
+	        byte[] X = new byte[outLen];
+	        Array.Copy(temp, 0, K, 0, K.Length);
+	        Array.Copy(temp, K.Length, X, 0, X.Length);
+
+	        temp = new byte[bitLength / 2];
+
+	        i = 0;
+	        mEngine.Init(true, new KeyParameter(ExpandKey(K)));
+
+	        while (i * outLen < temp.Length)
+	        {
+	            mEngine.ProcessBlock(X, 0, X, 0);
+
+	            int bytesToCopy = ((temp.Length - i * outLen) > outLen)
+	                    ? outLen
+	                    : (temp.Length - i * outLen);
+
+	            Array.Copy(X, 0, temp, i * outLen, bytesToCopy);
+	            i++;
+	        }
+
+	        return temp;
+	    }
+
+	    /*
+	    * 1. chaining_value = 0^outlen    
+	    *    . Comment: Set the first chaining value to outlen zeros.
+	    * 2. n = len (data)/outlen.
+	    * 3. Starting with the leftmost bits of data, split the data into n blocks of outlen bits 
+	    *    each, forming block(1) to block(n). 
+	    * 4. For i = 1 to n do
+	    * 4.1 input_block = chaining_value ^ block(i) .
+	    * 4.2 chaining_value = Block_Encrypt (Key, input_block).
+	    * 5. output_block = chaining_value.
+	    * 6. Return output_block. 
+	     */
+	    private void BCC(byte[] bccOut, byte[] k, byte[] iV, byte[] data)
+	    {
+	        int outlen = mEngine.GetBlockSize();
+	        byte[] chainingValue = new byte[outlen]; // initial values = 0
+	        int n = data.Length / outlen;
+
+	        byte[] inputBlock = new byte[outlen];
+
+	        mEngine.Init(true, new KeyParameter(ExpandKey(k)));
+
+            mEngine.ProcessBlock(iV, 0, chainingValue, 0);
+
+            for (int i = 0; i < n; i++)
+	        {
+	            XOR(inputBlock, chainingValue, data, i*outlen);
+	            mEngine.ProcessBlock(inputBlock, 0, chainingValue, 0);
+	        }
+
+            Array.Copy(chainingValue, 0, bccOut, 0, bccOut.Length);
+	    }
+
+	    private void copyIntToByteArray(byte[] buf, int value, int offSet)
+	    {
+	        buf[offSet + 0] = ((byte)(value >> 24));
+	        buf[offSet + 1] = ((byte)(value >> 16));
+	        buf[offSet + 2] = ((byte)(value >> 8));
+	        buf[offSet + 3] = ((byte)(value));
+	    }
+
+	    /**
+	     * Return the block size (in bits) of the DRBG.
+	     *
+	     * @return the number of bits produced on each internal round of the DRBG.
+	     */
+	    public int BlockSize
+	    {
+			get { return mV.Length * 8; }
+	    }
+
+	    /**
+	     * Populate a passed in array with random data.
+	     *
+	     * @param output output array for generated bits.
+	     * @param additionalInput additional input to be added to the DRBG in this step.
+	     * @param predictionResistant true if a reseed should be forced, false otherwise.
+	     *
+	     * @return number of bits generated, -1 if a reseed required.
+	     */
+	    public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant)
+	    {
+	        if (mIsTdea)
+	        {
+	            if (mReseedCounter > TDEA_RESEED_MAX)
+	                return -1;
+
+                if (DrbgUtilities.IsTooLarge(output, TDEA_MAX_BITS_REQUEST / 8))
+	                throw new ArgumentException("Number of bits per request limited to " + TDEA_MAX_BITS_REQUEST, "output");
+	        }
+	        else
+	        {
+	            if (mReseedCounter > AES_RESEED_MAX)
+	                return -1;
+
+                if (DrbgUtilities.IsTooLarge(output, AES_MAX_BITS_REQUEST / 8))
+	                throw new ArgumentException("Number of bits per request limited to " + AES_MAX_BITS_REQUEST, "output");
+	        }
+
+            if (predictionResistant)
+	        {
+	            CTR_DRBG_Reseed_algorithm(additionalInput);
+	            additionalInput = null;
+	        }
+
+	        if (additionalInput != null)
+	        {
+	            additionalInput = Block_Cipher_df(additionalInput, mSeedLength);
+	            CTR_DRBG_Update(additionalInput, mKey, mV);
+	        }
+	        else
+	        {
+	            additionalInput = new byte[mSeedLength];
+	        }
+
+            byte[] tmp = new byte[mV.Length];
+
+            mEngine.Init(true, new KeyParameter(ExpandKey(mKey)));
+
+            for (int i = 0; i <= output.Length / tmp.Length; i++)
+	        {
+				int bytesToCopy = ((output.Length - i * tmp.Length) > tmp.Length)
+					? tmp.Length
+	                : (output.Length - i * mV.Length);
+
+                if (bytesToCopy != 0)
+	            {
+	                AddOneTo(mV);
+
+                    mEngine.ProcessBlock(mV, 0, tmp, 0);
+
+                    Array.Copy(tmp, 0, output, i * tmp.Length, bytesToCopy);
+	            }
+	        }
+
+            CTR_DRBG_Update(additionalInput, mKey, mV);
+
+            mReseedCounter++;
+
+            return output.Length * 8;
+	    }
+
+	    /**
+	      * Reseed the DRBG.
+	      *
+	      * @param additionalInput additional input to be added to the DRBG in this step.
+	      */
+	    public void Reseed(byte[] additionalInput)
+	    {
+	        CTR_DRBG_Reseed_algorithm(additionalInput);
+	    }
+
+        private bool IsTdea(IBlockCipher cipher)
+	    {
+	        return cipher.AlgorithmName.Equals("DESede") || cipher.AlgorithmName.Equals("TDEA");
+	    }
+
+	    private int GetMaxSecurityStrength(IBlockCipher cipher, int keySizeInBits)
+	    {
+	        if (IsTdea(cipher) && keySizeInBits == 168)
+	        {
+	            return 112;
+	        }
+	        if (cipher.AlgorithmName.Equals("AES"))
+	        {
+	            return keySizeInBits;
+	        }
+
+            return -1;
+	    }
+
+        private byte[] ExpandKey(byte[] key)
+	    {
+	        if (mIsTdea)
+	        {
+	            // expand key to 192 bits.
+	            byte[] tmp = new byte[24];
+
+                PadKey(key, 0, tmp, 0);
+                PadKey(key, 7, tmp, 8);
+                PadKey(key, 14, tmp, 16);
+
+	            return tmp;
+	        }
+	        else
+	        {
+	            return key;
+	        }
+	    }
+
+	    /**
+	     * Pad out a key for TDEA, setting odd parity for each byte.
+	     *
+	     * @param keyMaster
+	     * @param keyOff
+	     * @param tmp
+	     * @param tmpOff
+	     */
+        private void PadKey(byte[] keyMaster, int keyOff, byte[] tmp, int tmpOff)
+	    {
+	        tmp[tmpOff + 0] = (byte)(keyMaster[keyOff + 0] & 0xfe);
+	        tmp[tmpOff + 1] = (byte)((keyMaster[keyOff + 0] << 7) | ((keyMaster[keyOff + 1] & 0xfc) >> 1));
+	        tmp[tmpOff + 2] = (byte)((keyMaster[keyOff + 1] << 6) | ((keyMaster[keyOff + 2] & 0xf8) >> 2));
+	        tmp[tmpOff + 3] = (byte)((keyMaster[keyOff + 2] << 5) | ((keyMaster[keyOff + 3] & 0xf0) >> 3));
+	        tmp[tmpOff + 4] = (byte)((keyMaster[keyOff + 3] << 4) | ((keyMaster[keyOff + 4] & 0xe0) >> 4));
+	        tmp[tmpOff + 5] = (byte)((keyMaster[keyOff + 4] << 3) | ((keyMaster[keyOff + 5] & 0xc0) >> 5));
+	        tmp[tmpOff + 6] = (byte)((keyMaster[keyOff + 5] << 2) | ((keyMaster[keyOff + 6] & 0x80) >> 6));
+	        tmp[tmpOff + 7] = (byte)(keyMaster[keyOff + 6] << 1);
+
+            DesParameters.SetOddParity(tmp, tmpOff, 8);
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/drbg/DrbgUtilities.cs b/bc-sharp-crypto/src/crypto/prng/drbg/DrbgUtilities.cs
new file mode 100644
index 0000000..d9a1c43
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/drbg/DrbgUtilities.cs
@@ -0,0 +1,103 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Prng.Drbg
+{
+	internal class DrbgUtilities
+	{
+		private static readonly IDictionary maxSecurityStrengths = Platform.CreateHashtable();
+
+        static DrbgUtilities()
+	    {
+	        maxSecurityStrengths.Add("SHA-1", 128);
+
+	        maxSecurityStrengths.Add("SHA-224", 192);
+	        maxSecurityStrengths.Add("SHA-256", 256);
+	        maxSecurityStrengths.Add("SHA-384", 256);
+	        maxSecurityStrengths.Add("SHA-512", 256);
+
+	        maxSecurityStrengths.Add("SHA-512/224", 192);
+	        maxSecurityStrengths.Add("SHA-512/256", 256);
+	    }
+
+        internal static int GetMaxSecurityStrength(IDigest d)
+	    {
+	        return (int)maxSecurityStrengths[d.AlgorithmName];
+	    }
+
+        internal static int GetMaxSecurityStrength(IMac m)
+	    {
+	        string name = m.AlgorithmName;
+
+            return (int)maxSecurityStrengths[name.Substring(0, name.IndexOf("/"))];
+	    }
+
+	    /**
+	     * Used by both Dual EC and Hash.
+	     */
+	    internal static byte[] HashDF(IDigest digest, byte[] seedMaterial, int seedLength)
+	    {
+	         // 1. temp = the Null string.
+	        // 2. .
+	        // 3. counter = an 8-bit binary value representing the integer "1".
+	        // 4. For i = 1 to len do
+	        // Comment : In step 4.1, no_of_bits_to_return
+	        // is used as a 32-bit string.
+	        // 4.1 temp = temp || Hash (counter || no_of_bits_to_return ||
+	        // input_string).
+	        // 4.2 counter = counter + 1.
+	        // 5. requested_bits = Leftmost (no_of_bits_to_return) of temp.
+	        // 6. Return SUCCESS and requested_bits.
+	        byte[] temp = new byte[(seedLength + 7) / 8];
+
+	        int len = temp.Length / digest.GetDigestSize();
+	        int counter = 1;
+
+	        byte[] dig = new byte[digest.GetDigestSize()];
+
+	        for (int i = 0; i <= len; i++)
+	        {
+	            digest.Update((byte)counter);
+
+	            digest.Update((byte)(seedLength >> 24));
+	            digest.Update((byte)(seedLength >> 16));
+	            digest.Update((byte)(seedLength >> 8));
+	            digest.Update((byte)seedLength);
+
+	            digest.BlockUpdate(seedMaterial, 0, seedMaterial.Length);
+
+	            digest.DoFinal(dig, 0);
+
+	            int bytesToCopy = ((temp.Length - i * dig.Length) > dig.Length)
+	                    ? dig.Length
+	                    : (temp.Length - i * dig.Length);
+	            Array.Copy(dig, 0, temp, i * dig.Length, bytesToCopy);
+
+	            counter++;
+	        }
+
+	        // do a left shift to get rid of excess bits.
+	        if (seedLength % 8 != 0)
+	        {
+	            int shift = 8 - (seedLength % 8);
+	            uint carry = 0;
+
+                for (int i = 0; i != temp.Length; i++)
+	            {
+	                uint b = temp[i];
+	                temp[i] = (byte)((b >> shift) | (carry << (8 - shift)));
+	                carry = b;
+	            }
+	        }
+
+            return temp;
+	    }
+
+        internal static bool IsTooLarge(byte[] bytes, int maxBytes)
+	    {
+	        return bytes != null && bytes.Length > maxBytes;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs b/bc-sharp-crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs
new file mode 100644
index 0000000..7833170
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs
@@ -0,0 +1,186 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Prng.Drbg
+{
+	/**
+	 * A SP800-90A HMAC DRBG.
+	 */
+	public class HMacSP800Drbg
+        :   ISP80090Drbg
+	{
+	    private readonly static long RESEED_MAX = 1L << (48 - 1);
+		private readonly static int MAX_BITS_REQUEST = 1 << (19 - 1);
+
+        private readonly byte[]         mK;
+        private readonly byte[]         mV;
+        private readonly IEntropySource mEntropySource;
+        private readonly IMac           mHMac;
+        private readonly int            mSecurityStrength;
+
+        private long mReseedCounter;
+
+        /**
+	     * Construct a SP800-90A Hash DRBG.
+	     * <p>
+	     * Minimum entropy requirement is the security strength requested.
+	     * </p>
+	     * @param hMac Hash MAC to base the DRBG on.
+	     * @param securityStrength security strength required (in bits)
+	     * @param entropySource source of entropy to use for seeding/reseeding.
+	     * @param personalizationString personalization string to distinguish this DRBG (may be null).
+	     * @param nonce nonce to further distinguish this DRBG (may be null).
+	     */
+	    public HMacSP800Drbg(IMac hMac, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce)
+	    {
+	        if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(hMac))
+	            throw new ArgumentException("Requested security strength is not supported by the derivation function");
+	        if (entropySource.EntropySize < securityStrength)
+	            throw new ArgumentException("Not enough entropy for security strength required");
+
+            mHMac = hMac;
+            mSecurityStrength = securityStrength;
+	        mEntropySource = entropySource;
+
+            byte[] entropy = GetEntropy();
+	        byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString);
+
+            mK = new byte[hMac.GetMacSize()];
+	        mV = new byte[mK.Length];
+	        Arrays.Fill(mV, (byte)1);
+
+            hmac_DRBG_Update(seedMaterial);
+
+            mReseedCounter = 1;
+	    }
+
+        private void hmac_DRBG_Update(byte[] seedMaterial)
+	    {
+	        hmac_DRBG_Update_Func(seedMaterial, (byte)0x00);
+	        if (seedMaterial != null)
+	        {
+	            hmac_DRBG_Update_Func(seedMaterial, (byte)0x01);
+	        }
+	    }
+
+	    private void hmac_DRBG_Update_Func(byte[] seedMaterial, byte vValue)
+	    {
+	        mHMac.Init(new KeyParameter(mK));
+
+            mHMac.BlockUpdate(mV, 0, mV.Length);
+            mHMac.Update(vValue);
+
+	        if (seedMaterial != null)
+	        {
+                mHMac.BlockUpdate(seedMaterial, 0, seedMaterial.Length);
+	        }
+
+            mHMac.DoFinal(mK, 0);
+
+            mHMac.Init(new KeyParameter(mK));
+            mHMac.BlockUpdate(mV, 0, mV.Length);
+
+            mHMac.DoFinal(mV, 0);
+	    }
+
+	    /**
+	     * Return the block size (in bits) of the DRBG.
+	     *
+	     * @return the number of bits produced on each round of the DRBG.
+	     */
+	    public int BlockSize
+	    {
+			get { return mV.Length * 8; }
+	    }
+
+	    /**
+	     * Populate a passed in array with random data.
+	     *
+	     * @param output output array for generated bits.
+	     * @param additionalInput additional input to be added to the DRBG in this step.
+	     * @param predictionResistant true if a reseed should be forced, false otherwise.
+	     *
+	     * @return number of bits generated, -1 if a reseed required.
+	     */
+	    public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant)
+	    {
+	        int numberOfBits = output.Length * 8;
+
+            if (numberOfBits > MAX_BITS_REQUEST)
+	            throw new ArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST, "output");
+
+            if (mReseedCounter > RESEED_MAX)
+	        {
+	            return -1;
+	        }
+
+            if (predictionResistant)
+	        {
+	            Reseed(additionalInput);
+	            additionalInput = null;
+	        }
+
+	        // 2.
+	        if (additionalInput != null)
+	        {
+	            hmac_DRBG_Update(additionalInput);
+	        }
+
+            // 3.
+	        byte[] rv = new byte[output.Length];
+
+            int m = output.Length / mV.Length;
+
+            mHMac.Init(new KeyParameter(mK));
+
+	        for (int i = 0; i < m; i++)
+	        {
+	            mHMac.BlockUpdate(mV, 0, mV.Length);
+                mHMac.DoFinal(mV, 0);
+
+                Array.Copy(mV, 0, rv, i * mV.Length, mV.Length);
+	        }
+
+            if (m * mV.Length < rv.Length)
+	        {
+                mHMac.BlockUpdate(mV, 0, mV.Length);
+                mHMac.DoFinal(mV, 0);
+
+	            Array.Copy(mV, 0, rv, m * mV.Length, rv.Length - (m * mV.Length));
+	        }
+
+            hmac_DRBG_Update(additionalInput);
+
+	        mReseedCounter++;
+
+	        Array.Copy(rv, 0, output, 0, output.Length);
+
+            return numberOfBits;
+	    }
+
+	    /**
+	      * Reseed the DRBG.
+	      *
+	      * @param additionalInput additional input to be added to the DRBG in this step.
+	      */
+	    public void Reseed(byte[] additionalInput)
+	    {
+	        byte[] entropy = GetEntropy();
+	        byte[] seedMaterial = Arrays.Concatenate(entropy, additionalInput);
+
+	        hmac_DRBG_Update(seedMaterial);
+
+	        mReseedCounter = 1;
+	    }
+
+        private byte[] GetEntropy()
+	    {
+	        byte[] entropy = mEntropySource.GetEntropy();
+	        if (entropy.Length < (mSecurityStrength + 7) / 8)
+	            throw new InvalidOperationException("Insufficient entropy provided by entropy source");
+	        return entropy;
+	    }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/drbg/HashSP800Drbg.cs b/bc-sharp-crypto/src/crypto/prng/drbg/HashSP800Drbg.cs
new file mode 100644
index 0000000..493da5a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/drbg/HashSP800Drbg.cs
@@ -0,0 +1,287 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Prng.Drbg
+{
+	/**
+	 * A SP800-90A Hash DRBG.
+	 */
+	public class HashSP800Drbg
+        :   ISP80090Drbg
+	{
+	    private readonly static byte[] ONE = { 0x01 };
+
+		private readonly static long RESEED_MAX = 1L << (48 - 1);
+		private readonly static int MAX_BITS_REQUEST = 1 << (19 - 1);
+
+		private static readonly IDictionary seedlens = Platform.CreateHashtable();
+
+		static HashSP800Drbg()
+	    {
+            seedlens.Add("SHA-1", 440);
+            seedlens.Add("SHA-224", 440);
+            seedlens.Add("SHA-256", 440);
+            seedlens.Add("SHA-512/256", 440);
+            seedlens.Add("SHA-512/224", 440);
+            seedlens.Add("SHA-384", 888);
+            seedlens.Add("SHA-512", 888);
+	    }
+
+        private readonly IDigest        mDigest;
+        private readonly IEntropySource mEntropySource;
+        private readonly int            mSecurityStrength;
+        private readonly int            mSeedLength;
+
+        private byte[] mV;
+        private byte[] mC;
+        private long mReseedCounter;
+
+        /**
+	     * Construct a SP800-90A Hash DRBG.
+	     * <p>
+	     * Minimum entropy requirement is the security strength requested.
+	     * </p>
+	     * @param digest  source digest to use for DRB stream.
+	     * @param securityStrength security strength required (in bits)
+	     * @param entropySource source of entropy to use for seeding/reseeding.
+	     * @param personalizationString personalization string to distinguish this DRBG (may be null).
+	     * @param nonce nonce to further distinguish this DRBG (may be null).
+	     */
+	    public HashSP800Drbg(IDigest digest, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce)
+	    {
+	        if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(digest))
+	            throw new ArgumentException("Requested security strength is not supported by the derivation function");
+	        if (entropySource.EntropySize < securityStrength)
+	            throw new ArgumentException("Not enough entropy for security strength required");
+
+            mDigest = digest;
+	        mEntropySource = entropySource;
+	        mSecurityStrength = securityStrength;
+            mSeedLength = (int)seedlens[digest.AlgorithmName];
+
+            // 1. seed_material = entropy_input || nonce || personalization_string.
+	        // 2. seed = Hash_df (seed_material, seedlen).
+	        // 3. V = seed.
+	        // 4. C = Hash_df ((0x00 || V), seedlen). Comment: Preceed V with a byte
+	        // of zeros.
+	        // 5. reseed_counter = 1.
+	        // 6. Return V, C, and reseed_counter as the initial_working_state
+
+	        byte[] entropy = GetEntropy();
+	        byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString);
+	        byte[] seed = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength);
+
+            mV = seed;
+	        byte[] subV = new byte[mV.Length + 1];
+	        Array.Copy(mV, 0, subV, 1, mV.Length);
+	        mC = DrbgUtilities.HashDF(mDigest, subV, mSeedLength);
+
+            mReseedCounter = 1;
+	    }
+
+	    /**
+	     * Return the block size (in bits) of the DRBG.
+	     *
+	     * @return the number of bits produced on each internal round of the DRBG.
+	     */
+	    public int BlockSize
+	    {
+			get { return mDigest.GetDigestSize () * 8; }
+	    }
+
+	    /**
+	     * Populate a passed in array with random data.
+	     *
+	     * @param output output array for generated bits.
+	     * @param additionalInput additional input to be added to the DRBG in this step.
+	     * @param predictionResistant true if a reseed should be forced, false otherwise.
+	     *
+	     * @return number of bits generated, -1 if a reseed required.
+	     */
+	    public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant)
+	    {
+	        // 1. If reseed_counter > reseed_interval, then return an indication that a
+	        // reseed is required.
+	        // 2. If (additional_input != Null), then do
+	        // 2.1 w = Hash (0x02 || V || additional_input).
+	        // 2.2 V = (V + w) mod 2^seedlen
+	        // .
+	        // 3. (returned_bits) = Hashgen (requested_number_of_bits, V).
+	        // 4. H = Hash (0x03 || V).
+	        // 5. V = (V + H + C + reseed_counter) mod 2^seedlen
+	        // .
+	        // 6. reseed_counter = reseed_counter + 1.
+	        // 7. Return SUCCESS, returned_bits, and the new values of V, C, and
+	        // reseed_counter for the new_working_state.
+	        int numberOfBits = output.Length * 8;
+
+	        if (numberOfBits > MAX_BITS_REQUEST)
+	            throw new ArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST, "output");
+
+            if (mReseedCounter > RESEED_MAX)
+	            return -1;
+
+            if (predictionResistant)
+	        {   
+	            Reseed(additionalInput);
+	            additionalInput = null;
+	        }
+
+	        // 2.
+	        if (additionalInput != null)
+	        {
+	            byte[] newInput = new byte[1 + mV.Length + additionalInput.Length];
+	            newInput[0] = 0x02;
+	            Array.Copy(mV, 0, newInput, 1, mV.Length);
+	            // TODO: inOff / inLength
+	            Array.Copy(additionalInput, 0, newInput, 1 + mV.Length, additionalInput.Length);
+	            byte[] w = Hash(newInput);
+
+                AddTo(mV, w);
+	        }
+
+            // 3.
+	        byte[] rv = hashgen(mV, numberOfBits);
+
+            // 4.
+	        byte[] subH = new byte[mV.Length + 1];
+	        Array.Copy(mV, 0, subH, 1, mV.Length);
+	        subH[0] = 0x03;
+
+            byte[] H = Hash(subH);
+
+            // 5.
+	        AddTo(mV, H);
+	        AddTo(mV, mC);
+	        byte[] c = new byte[4];
+	        c[0] = (byte)(mReseedCounter >> 24);
+	        c[1] = (byte)(mReseedCounter >> 16);
+	        c[2] = (byte)(mReseedCounter >> 8);
+	        c[3] = (byte)mReseedCounter;
+
+	        AddTo(mV, c);
+
+	        mReseedCounter++;
+
+	        Array.Copy(rv, 0, output, 0, output.Length);
+
+	        return numberOfBits;
+	    }
+
+	    private byte[] GetEntropy()
+	    {
+	        byte[] entropy = mEntropySource.GetEntropy();
+	        if (entropy.Length < (mSecurityStrength + 7) / 8)
+	            throw new InvalidOperationException("Insufficient entropy provided by entropy source");
+	        return entropy;
+	    }
+
+	    // this will always add the shorter length byte array mathematically to the
+	    // longer length byte array.
+	    // be careful....
+	    private void AddTo(byte[] longer, byte[] shorter)
+	    {
+            int off = longer.Length - shorter.Length;
+
+            uint carry = 0;
+            int i = shorter.Length;
+            while (--i >= 0)
+            {
+                carry += (uint)longer[off + i] + (uint)shorter[i];
+                longer[off + i] = (byte)carry;
+                carry >>= 8;
+            }
+
+            i = off;
+            while (--i >= 0)
+            {
+                carry += longer[i];
+                longer[i] = (byte)carry;
+                carry >>= 8;
+            }
+	    }
+
+        /**
+	      * Reseed the DRBG.
+	      *
+	      * @param additionalInput additional input to be added to the DRBG in this step.
+	      */
+	    public void Reseed(byte[] additionalInput)
+	    {
+	        // 1. seed_material = 0x01 || V || entropy_input || additional_input.
+	        //
+	        // 2. seed = Hash_df (seed_material, seedlen).
+	        //
+	        // 3. V = seed.
+	        //
+	        // 4. C = Hash_df ((0x00 || V), seedlen).
+	        //
+	        // 5. reseed_counter = 1.
+	        //
+	        // 6. Return V, C, and reseed_counter for the new_working_state.
+	        //
+	        // Comment: Precede with a byte of all zeros.
+	        byte[] entropy = GetEntropy();
+	        byte[] seedMaterial = Arrays.ConcatenateAll(ONE, mV, entropy, additionalInput);
+	        byte[] seed = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength);
+
+            mV = seed;
+	        byte[] subV = new byte[mV.Length + 1];
+	        subV[0] = 0x00;
+	        Array.Copy(mV, 0, subV, 1, mV.Length);
+	        mC = DrbgUtilities.HashDF(mDigest, subV, mSeedLength);
+
+            mReseedCounter = 1;
+	    }
+
+        private byte[] Hash(byte[] input)
+        {
+            byte[] hash = new byte[mDigest.GetDigestSize()];
+            DoHash(input, hash);
+            return hash;
+        }
+
+        private void DoHash(byte[] input, byte[] output)
+        {
+            mDigest.BlockUpdate(input, 0, input.Length);
+            mDigest.DoFinal(output, 0);
+        }
+
+        // 1. m = [requested_number_of_bits / outlen]
+	    // 2. data = V.
+	    // 3. W = the Null string.
+	    // 4. For i = 1 to m
+	    // 4.1 wi = Hash (data).
+	    // 4.2 W = W || wi.
+	    // 4.3 data = (data + 1) mod 2^seedlen
+	    // .
+	    // 5. returned_bits = Leftmost (requested_no_of_bits) bits of W.
+	    private byte[] hashgen(byte[] input, int lengthInBits)
+	    {
+	        int digestSize = mDigest.GetDigestSize();
+	        int m = (lengthInBits / 8) / digestSize;
+
+            byte[] data = new byte[input.Length];
+	        Array.Copy(input, 0, data, 0, input.Length);
+
+	        byte[] W = new byte[lengthInBits / 8];
+
+            byte[] dig = new byte[mDigest.GetDigestSize()];
+	        for (int i = 0; i <= m; i++)
+	        {
+	            DoHash(data, dig);
+
+	            int bytesToCopy = ((W.Length - i * dig.Length) > dig.Length)
+	                    ? dig.Length
+	                    : (W.Length - i * dig.Length);
+	            Array.Copy(dig, 0, W, i * dig.Length, bytesToCopy);
+
+                AddTo(data, ONE);
+	        }
+
+	        return W;
+	    }    
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/prng/drbg/ISP80090Drbg.cs b/bc-sharp-crypto/src/crypto/prng/drbg/ISP80090Drbg.cs
new file mode 100644
index 0000000..0e39820
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/prng/drbg/ISP80090Drbg.cs
@@ -0,0 +1,35 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Prng.Drbg
+{
+	/**
+	 * Interface to SP800-90A deterministic random bit generators.
+	 */
+	public interface ISP80090Drbg
+	{
+	    /**
+	     * Return the block size of the DRBG.
+	     *
+	     * @return the block size (in bits) produced by each round of the DRBG.
+	     */
+		int BlockSize { get; }
+
+	    /**
+	     * Populate a passed in array with random data.
+	     *
+	     * @param output output array for generated bits.
+	     * @param additionalInput additional input to be added to the DRBG in this step.
+	     * @param predictionResistant true if a reseed should be forced, false otherwise.
+	     *
+	     * @return number of bits generated, -1 if a reseed required.
+	     */
+	    int Generate(byte[] output, byte[] additionalInput, bool predictionResistant);
+
+	    /**
+	     * Reseed the DRBG.
+	     *
+	     * @param additionalInput additional input to be added to the DRBG in this step.
+	     */
+	    void Reseed(byte[] additionalInput);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/DsaDigestSigner.cs b/bc-sharp-crypto/src/crypto/signers/DsaDigestSigner.cs
new file mode 100644
index 0000000..0866014
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/DsaDigestSigner.cs
@@ -0,0 +1,145 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+	public class DsaDigestSigner
+		: ISigner
+	{
+		private readonly IDigest digest;
+		private readonly IDsa dsaSigner;
+		private bool forSigning;
+
+		public DsaDigestSigner(
+			IDsa	signer,
+			IDigest	digest)
+		{
+			this.digest = digest;
+			this.dsaSigner = signer;
+		}
+
+		public virtual string AlgorithmName
+		{
+			get { return digest.AlgorithmName + "with" + dsaSigner.AlgorithmName; }
+		}
+
+        public virtual void Init(
+			bool							forSigning,
+			ICipherParameters	parameters)
+		{
+			this.forSigning = forSigning;
+
+			AsymmetricKeyParameter k;
+
+			if (parameters is ParametersWithRandom)
+			{
+				k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters;
+			}
+			else
+			{
+				k = (AsymmetricKeyParameter)parameters;
+			}
+
+			if (forSigning && !k.IsPrivate)
+				throw new InvalidKeyException("Signing Requires Private Key.");
+
+			if (!forSigning && k.IsPrivate)
+				throw new InvalidKeyException("Verification Requires Public Key.");
+
+			Reset();
+
+			dsaSigner.Init(forSigning, parameters);
+		}
+
+		/**
+		 * update the internal digest with the byte b
+		 */
+        public virtual void Update(
+			byte input)
+		{
+			digest.Update(input);
+		}
+
+		/**
+		 * update the internal digest with the byte array in
+		 */
+        public virtual void BlockUpdate(
+			byte[]	input,
+			int			inOff,
+			int			length)
+		{
+			digest.BlockUpdate(input, inOff, length);
+		}
+
+		/**
+		 * Generate a signature for the message we've been loaded with using
+		 * the key we were initialised with.
+     */
+        public virtual byte[] GenerateSignature()
+		{
+			if (!forSigning)
+				throw new InvalidOperationException("DSADigestSigner not initialised for signature generation.");
+
+			byte[] hash = new byte[digest.GetDigestSize()];
+			digest.DoFinal(hash, 0);
+
+			BigInteger[] sig = dsaSigner.GenerateSignature(hash);
+
+			return DerEncode(sig[0], sig[1]);
+		}
+
+		/// <returns>true if the internal state represents the signature described in the passed in array.</returns>
+        public virtual bool VerifySignature(
+			byte[] signature)
+		{
+			if (forSigning)
+				throw new InvalidOperationException("DSADigestSigner not initialised for verification");
+
+			byte[] hash = new byte[digest.GetDigestSize()];
+			digest.DoFinal(hash, 0);
+
+			try
+			{
+				BigInteger[] sig = DerDecode(signature);
+				return dsaSigner.VerifySignature(hash, sig[0], sig[1]);
+			}
+			catch (IOException)
+			{
+				return false;
+			}
+		}
+
+		/// <summary>Reset the internal state</summary>
+        public virtual void Reset()
+		{
+			digest.Reset();
+		}
+
+		private byte[] DerEncode(
+			BigInteger	r,
+			BigInteger	s)
+		{
+			return new DerSequence(new DerInteger(r), new DerInteger(s)).GetDerEncoded();
+		}
+
+		private BigInteger[] DerDecode(
+			byte[] encoding)
+		{
+			Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding);
+
+			return new BigInteger[]
+			{
+				((DerInteger) s[0]).Value,
+				((DerInteger) s[1]).Value
+			};
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/DsaSigner.cs b/bc-sharp-crypto/src/crypto/signers/DsaSigner.cs
new file mode 100644
index 0000000..bb28add
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/DsaSigner.cs
@@ -0,0 +1,156 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * The Digital Signature Algorithm - as described in "Handbook of Applied
+     * Cryptography", pages 452 - 453.
+     */
+    public class DsaSigner
+        : IDsa
+    {
+        protected readonly IDsaKCalculator kCalculator;
+
+        protected DsaKeyParameters key = null;
+        protected SecureRandom random = null;
+
+        /**
+         * Default configuration, random K values.
+         */
+        public DsaSigner()
+        {
+            this.kCalculator = new RandomDsaKCalculator();
+        }
+
+        /**
+         * Configuration with an alternate, possibly deterministic calculator of K.
+         *
+         * @param kCalculator a K value calculator.
+         */
+        public DsaSigner(IDsaKCalculator kCalculator)
+        {
+            this.kCalculator = kCalculator;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "DSA"; }
+        }
+
+        public virtual void Init(bool forSigning, ICipherParameters	parameters)
+        {
+            SecureRandom providedRandom = null;
+
+            if (forSigning)
+            {
+                if (parameters is ParametersWithRandom)
+                {
+                    ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+                    providedRandom = rParam.Random;
+                    parameters = rParam.Parameters;
+                }
+
+                if (!(parameters is DsaPrivateKeyParameters))
+                    throw new InvalidKeyException("DSA private key required for signing");
+
+                this.key = (DsaPrivateKeyParameters)parameters;
+            }
+            else
+            {
+                if (!(parameters is DsaPublicKeyParameters))
+                    throw new InvalidKeyException("DSA public key required for verification");
+
+                this.key = (DsaPublicKeyParameters)parameters;
+            }
+
+            this.random = InitSecureRandom(forSigning && !kCalculator.IsDeterministic, providedRandom);
+        }
+
+        /**
+         * Generate a signature for the given message using the key we were
+         * initialised with. For conventional DSA the message should be a SHA-1
+         * hash of the message of interest.
+         *
+         * @param message the message that will be verified later.
+         */
+        public virtual BigInteger[] GenerateSignature(byte[] message)
+        {
+            DsaParameters parameters = key.Parameters;
+            BigInteger q = parameters.Q;
+            BigInteger m = CalculateE(q, message);
+            BigInteger x = ((DsaPrivateKeyParameters)key).X;
+
+            if (kCalculator.IsDeterministic)
+            {
+                kCalculator.Init(q, x, message);
+            }
+            else
+            {
+                kCalculator.Init(q, random);
+            }
+
+            BigInteger k = kCalculator.NextK();
+
+            BigInteger r = parameters.G.ModPow(k, parameters.P).Mod(q);
+
+            k = k.ModInverse(q).Multiply(m.Add(x.Multiply(r)));
+
+            BigInteger s = k.Mod(q);
+
+            return new BigInteger[]{ r, s };
+        }
+
+        /**
+         * return true if the value r and s represent a DSA signature for
+         * the passed in message for standard DSA the message should be a
+         * SHA-1 hash of the real message to be verified.
+         */
+        public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s)
+        {
+            DsaParameters parameters = key.Parameters;
+            BigInteger q = parameters.Q;
+            BigInteger m = CalculateE(q, message);
+
+            if (r.SignValue <= 0 || q.CompareTo(r) <= 0)
+            {
+                return false;
+            }
+
+            if (s.SignValue <= 0 || q.CompareTo(s) <= 0)
+            {
+                return false;
+            }
+
+            BigInteger w = s.ModInverse(q);
+
+            BigInteger u1 = m.Multiply(w).Mod(q);
+            BigInteger u2 = r.Multiply(w).Mod(q);
+
+            BigInteger p = parameters.P;
+            u1 = parameters.G.ModPow(u1, p);
+            u2 = ((DsaPublicKeyParameters)key).Y.ModPow(u2, p);
+
+            BigInteger v = u1.Multiply(u2).Mod(p).Mod(q);
+
+            return v.Equals(r);
+        }
+
+        protected virtual BigInteger CalculateE(BigInteger n, byte[] message)
+        {
+            int length = System.Math.Min(message.Length, n.BitLength / 8);
+
+            return new BigInteger(1, message, 0, length);
+        }
+
+        protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided)
+        {
+            return !needed ? null : (provided != null) ? provided : new SecureRandom();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/ECDsaSigner.cs b/bc-sharp-crypto/src/crypto/signers/ECDsaSigner.cs
new file mode 100644
index 0000000..520507b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/ECDsaSigner.cs
@@ -0,0 +1,240 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * EC-DSA as described in X9.62
+     */
+    public class ECDsaSigner
+        : IDsa
+    {
+        private static readonly BigInteger Eight = BigInteger.ValueOf(8);
+
+        protected readonly IDsaKCalculator kCalculator;
+
+        protected ECKeyParameters key = null;
+        protected SecureRandom random = null;
+
+        /**
+         * Default configuration, random K values.
+         */
+        public ECDsaSigner()
+        {
+            this.kCalculator = new RandomDsaKCalculator();
+        }
+
+        /**
+         * Configuration with an alternate, possibly deterministic calculator of K.
+         *
+         * @param kCalculator a K value calculator.
+         */
+        public ECDsaSigner(IDsaKCalculator kCalculator)
+        {
+            this.kCalculator = kCalculator;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "ECDSA"; }
+        }
+
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
+        {
+            SecureRandom providedRandom = null;
+
+            if (forSigning)
+            {
+                if (parameters is ParametersWithRandom)
+                {
+                    ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+                    providedRandom = rParam.Random;
+                    parameters = rParam.Parameters;
+                }
+
+                if (!(parameters is ECPrivateKeyParameters))
+                    throw new InvalidKeyException("EC private key required for signing");
+
+                this.key = (ECPrivateKeyParameters)parameters;
+            }
+            else
+            {
+                if (!(parameters is ECPublicKeyParameters))
+                    throw new InvalidKeyException("EC public key required for verification");
+
+                this.key = (ECPublicKeyParameters)parameters;
+            }
+
+            this.random = InitSecureRandom(forSigning && !kCalculator.IsDeterministic, providedRandom);
+        }
+
+        // 5.3 pg 28
+        /**
+         * Generate a signature for the given message using the key we were
+         * initialised with. For conventional DSA the message should be a SHA-1
+         * hash of the message of interest.
+         *
+         * @param message the message that will be verified later.
+         */
+        public virtual BigInteger[] GenerateSignature(byte[] message)
+        {
+            ECDomainParameters ec = key.Parameters;
+            BigInteger n = ec.N;
+            BigInteger e = CalculateE(n, message);
+            BigInteger d = ((ECPrivateKeyParameters)key).D;
+
+            if (kCalculator.IsDeterministic)
+            {
+                kCalculator.Init(n, d, message);
+            }
+            else
+            {
+                kCalculator.Init(n, random);
+            }
+
+            BigInteger r, s;
+
+            ECMultiplier basePointMultiplier = CreateBasePointMultiplier();
+
+            // 5.3.2
+            do // Generate s
+            {
+                BigInteger k;
+                do // Generate r
+                {
+                    k = kCalculator.NextK();
+
+                    ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize();
+
+                    // 5.3.3
+                    r = p.AffineXCoord.ToBigInteger().Mod(n);
+                }
+                while (r.SignValue == 0);
+
+                s = k.ModInverse(n).Multiply(e.Add(d.Multiply(r))).Mod(n);
+            }
+            while (s.SignValue == 0);
+
+            return new BigInteger[]{ r, s };
+        }
+
+        // 5.4 pg 29
+        /**
+         * return true if the value r and s represent a DSA signature for
+         * the passed in message (for standard DSA the message should be
+         * a SHA-1 hash of the real message to be verified).
+         */
+        public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s)
+        {
+            BigInteger n = key.Parameters.N;
+
+            // r and s should both in the range [1,n-1]
+            if (r.SignValue < 1 || s.SignValue < 1
+                || r.CompareTo(n) >= 0 || s.CompareTo(n) >= 0)
+            {
+                return false;
+            }
+
+            BigInteger e = CalculateE(n, message);
+            BigInteger c = s.ModInverse(n);
+
+            BigInteger u1 = e.Multiply(c).Mod(n);
+            BigInteger u2 = r.Multiply(c).Mod(n);
+
+            ECPoint G = key.Parameters.G;
+            ECPoint Q = ((ECPublicKeyParameters) key).Q;
+
+            ECPoint point = ECAlgorithms.SumOfTwoMultiplies(G, u1, Q, u2);
+
+            if (point.IsInfinity)
+                return false;
+
+            /*
+             * If possible, avoid normalizing the point (to save a modular inversion in the curve field).
+             * 
+             * There are ~cofactor elements of the curve field that reduce (modulo the group order) to 'r'.
+             * If the cofactor is known and small, we generate those possible field values and project each
+             * of them to the same "denominator" (depending on the particular projective coordinates in use)
+             * as the calculated point.X. If any of the projected values matches point.X, then we have:
+             *     (point.X / Denominator mod p) mod n == r
+             * as required, and verification succeeds.
+             * 
+             * Based on an original idea by Gregory Maxwell (https://github.com/gmaxwell), as implemented in
+             * the libsecp256k1 project (https://github.com/bitcoin/secp256k1).
+             */
+            ECCurve curve = point.Curve;
+            if (curve != null)
+            {
+                BigInteger cofactor = curve.Cofactor;
+                if (cofactor != null && cofactor.CompareTo(Eight) <= 0)
+                {
+                    ECFieldElement D = GetDenominator(curve.CoordinateSystem, point);
+                    if (D != null && !D.IsZero)
+                    {
+                        ECFieldElement X = point.XCoord;
+                        while (curve.IsValidFieldElement(r))
+                        {
+                            ECFieldElement R = curve.FromBigInteger(r).Multiply(D);
+                            if (R.Equals(X))
+                            {
+                                return true;
+                            }
+                            r = r.Add(n);
+                        }
+                        return false;
+                    }
+                }
+            }
+
+            BigInteger v = point.Normalize().AffineXCoord.ToBigInteger().Mod(n);
+            return v.Equals(r);
+        }
+
+        protected virtual BigInteger CalculateE(BigInteger n, byte[] message)
+        {
+            int messageBitLength = message.Length * 8;
+            BigInteger trunc = new BigInteger(1, message);
+
+            if (n.BitLength < messageBitLength)
+            {
+                trunc = trunc.ShiftRight(messageBitLength - n.BitLength);
+            }
+
+            return trunc;
+        }
+
+        protected virtual ECMultiplier CreateBasePointMultiplier()
+        {
+            return new FixedPointCombMultiplier();
+        }
+
+        protected virtual ECFieldElement GetDenominator(int coordinateSystem, ECPoint p)
+        {
+            switch (coordinateSystem)
+            {
+                case ECCurve.COORD_HOMOGENEOUS:
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                case ECCurve.COORD_SKEWED:
+                    return p.GetZCoord(0);
+                case ECCurve.COORD_JACOBIAN:
+                case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                    return p.GetZCoord(0).Square();
+                default:
+                    return null;
+            }
+        }
+
+        protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided)
+        {
+            return !needed ? null : (provided != null) ? provided : new SecureRandom();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/ECGOST3410Signer.cs b/bc-sharp-crypto/src/crypto/signers/ECGOST3410Signer.cs
new file mode 100644
index 0000000..28ab79c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/ECGOST3410Signer.cs
@@ -0,0 +1,162 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * GOST R 34.10-2001 Signature Algorithm
+     */
+    public class ECGost3410Signer
+        : IDsa
+    {
+        private ECKeyParameters key;
+        private SecureRandom random;
+
+        public virtual string AlgorithmName
+        {
+            get { return "ECGOST3410"; }
+        }
+
+        public virtual void Init(
+            bool				forSigning,
+            ICipherParameters	parameters)
+        {
+            if (forSigning)
+            {
+                if (parameters is ParametersWithRandom)
+                {
+                    ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+                    this.random = rParam.Random;
+                    parameters = rParam.Parameters;
+                }
+                else
+                {
+                    this.random = new SecureRandom();
+                }
+
+                if (!(parameters is ECPrivateKeyParameters))
+                    throw new InvalidKeyException("EC private key required for signing");
+
+                this.key = (ECPrivateKeyParameters) parameters;
+            }
+            else
+            {
+                if (!(parameters is ECPublicKeyParameters))
+                    throw new InvalidKeyException("EC public key required for verification");
+
+                this.key = (ECPublicKeyParameters)parameters;
+            }
+        }
+
+        /**
+         * generate a signature for the given message using the key we were
+         * initialised with. For conventional GOST3410 the message should be a GOST3411
+         * hash of the message of interest.
+         *
+         * @param message the message that will be verified later.
+         */
+        public virtual BigInteger[] GenerateSignature(
+            byte[] message)
+        {
+            byte[] mRev = new byte[message.Length]; // conversion is little-endian
+            for (int i = 0; i != mRev.Length; i++)
+            {
+                mRev[i] = message[mRev.Length - 1 - i];
+            }
+
+            BigInteger e = new BigInteger(1, mRev);
+
+            ECDomainParameters ec = key.Parameters;
+            BigInteger n = ec.N;
+            BigInteger d = ((ECPrivateKeyParameters)key).D;
+
+            BigInteger r, s = null;
+
+            ECMultiplier basePointMultiplier = CreateBasePointMultiplier();
+
+            do // generate s
+            {
+                BigInteger k;
+                do // generate r
+                {
+                    do
+                    {
+                        k = new BigInteger(n.BitLength, random);
+                    }
+                    while (k.SignValue == 0);
+
+                    ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize();
+
+                    r = p.AffineXCoord.ToBigInteger().Mod(n);
+                }
+                while (r.SignValue == 0);
+
+                s = (k.Multiply(e)).Add(d.Multiply(r)).Mod(n);
+            }
+            while (s.SignValue == 0);
+
+            return new BigInteger[]{ r, s };
+        }
+
+        /**
+         * return true if the value r and s represent a GOST3410 signature for
+         * the passed in message (for standard GOST3410 the message should be
+         * a GOST3411 hash of the real message to be verified).
+         */
+        public virtual bool VerifySignature(
+            byte[]		message,
+            BigInteger	r,
+            BigInteger	s)
+        {
+            byte[] mRev = new byte[message.Length]; // conversion is little-endian
+            for (int i = 0; i != mRev.Length; i++)
+            {
+                mRev[i] = message[mRev.Length - 1 - i];
+            }
+
+            BigInteger e = new BigInteger(1, mRev);
+            BigInteger n = key.Parameters.N;
+
+            // r in the range [1,n-1]
+            if (r.CompareTo(BigInteger.One) < 0 || r.CompareTo(n) >= 0)
+            {
+                return false;
+            }
+
+            // s in the range [1,n-1]
+            if (s.CompareTo(BigInteger.One) < 0 || s.CompareTo(n) >= 0)
+            {
+                return false;
+            }
+
+            BigInteger v = e.ModInverse(n);
+
+            BigInteger z1 = s.Multiply(v).Mod(n);
+            BigInteger z2 = (n.Subtract(r)).Multiply(v).Mod(n);
+
+            ECPoint G = key.Parameters.G; // P
+            ECPoint Q = ((ECPublicKeyParameters)key).Q;
+
+            ECPoint point = ECAlgorithms.SumOfTwoMultiplies(G, z1, Q, z2).Normalize();
+
+            if (point.IsInfinity)
+                return false;
+
+            BigInteger R = point.AffineXCoord.ToBigInteger().Mod(n);
+
+            return R.Equals(r);
+        }
+
+        protected virtual ECMultiplier CreateBasePointMultiplier()
+        {
+            return new FixedPointCombMultiplier();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/ECNRSigner.cs b/bc-sharp-crypto/src/crypto/signers/ECNRSigner.cs
new file mode 100644
index 0000000..bb21a49
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/ECNRSigner.cs
@@ -0,0 +1,188 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * EC-NR as described in IEEE 1363-2000
+     */
+    public class ECNRSigner
+        : IDsa
+    {
+        private bool			forSigning;
+        private ECKeyParameters	key;
+        private SecureRandom	random;
+
+        public virtual string AlgorithmName
+        {
+            get { return "ECNR"; }
+        }
+
+        public virtual void Init(
+            bool				forSigning,
+            ICipherParameters	parameters)
+        {
+            this.forSigning = forSigning;
+
+            if (forSigning)
+            {
+                if (parameters is ParametersWithRandom)
+                {
+                    ParametersWithRandom rParam = (ParametersWithRandom) parameters;
+
+                    this.random = rParam.Random;
+                    parameters = rParam.Parameters;
+                }
+                else
+                {
+                    this.random = new SecureRandom();
+                }
+
+                if (!(parameters is ECPrivateKeyParameters))
+                    throw new InvalidKeyException("EC private key required for signing");
+
+                this.key = (ECPrivateKeyParameters) parameters;
+            }
+            else
+            {
+                if (!(parameters is ECPublicKeyParameters))
+                    throw new InvalidKeyException("EC public key required for verification");
+
+                this.key = (ECPublicKeyParameters) parameters;
+            }
+        }
+
+        // Section 7.2.5 ECSP-NR, pg 34
+        /**
+         * generate a signature for the given message using the key we were
+         * initialised with.  Generally, the order of the curve should be at
+         * least as long as the hash of the message of interest, and with
+         * ECNR it *must* be at least as long.
+         *
+         * @param digest  the digest to be signed.
+         * @exception DataLengthException if the digest is longer than the key allows
+         */
+        public virtual BigInteger[] GenerateSignature(
+            byte[] message)
+        {
+            if (!this.forSigning)
+            {
+                // not properly initilaized... deal with it
+                throw new InvalidOperationException("not initialised for signing");
+            }
+
+            BigInteger n = ((ECPrivateKeyParameters) this.key).Parameters.N;
+            int nBitLength = n.BitLength;
+
+            BigInteger e = new BigInteger(1, message);
+            int eBitLength = e.BitLength;
+
+            ECPrivateKeyParameters  privKey = (ECPrivateKeyParameters)key;
+
+            if (eBitLength > nBitLength)
+            {
+                throw new DataLengthException("input too large for ECNR key.");
+            }
+
+            BigInteger r = null;
+            BigInteger s = null;
+
+            AsymmetricCipherKeyPair tempPair;
+            do // generate r
+            {
+                // generate another, but very temporary, key pair using
+                // the same EC parameters
+                ECKeyPairGenerator keyGen = new ECKeyPairGenerator();
+
+                keyGen.Init(new ECKeyGenerationParameters(privKey.Parameters, this.random));
+
+                tempPair = keyGen.GenerateKeyPair();
+
+                //    BigInteger Vx = tempPair.getPublic().getW().getAffineX();
+                ECPublicKeyParameters V = (ECPublicKeyParameters) tempPair.Public; // get temp's public key
+                BigInteger Vx = V.Q.AffineXCoord.ToBigInteger(); // get the point's x coordinate
+
+                r = Vx.Add(e).Mod(n);
+            }
+            while (r.SignValue == 0);
+
+            // generate s
+            BigInteger x = privKey.D;                // private key value
+            BigInteger u = ((ECPrivateKeyParameters) tempPair.Private).D; // temp's private key value
+            s = u.Subtract(r.Multiply(x)).Mod(n);
+
+            return new BigInteger[]{ r, s };
+        }
+
+        // Section 7.2.6 ECVP-NR, pg 35
+        /**
+         * return true if the value r and s represent a signature for the
+         * message passed in. Generally, the order of the curve should be at
+         * least as long as the hash of the message of interest, and with
+         * ECNR, it *must* be at least as long.  But just in case the signer
+         * applied mod(n) to the longer digest, this implementation will
+         * apply mod(n) during verification.
+         *
+         * @param digest  the digest to be verified.
+         * @param r       the r value of the signature.
+         * @param s       the s value of the signature.
+         * @exception DataLengthException if the digest is longer than the key allows
+         */
+        public virtual bool VerifySignature(
+            byte[]		message,
+            BigInteger	r,
+            BigInteger	s)
+        {
+            if (this.forSigning)
+            {
+                // not properly initilaized... deal with it
+                throw new InvalidOperationException("not initialised for verifying");
+            }
+
+            ECPublicKeyParameters pubKey = (ECPublicKeyParameters)key;
+            BigInteger n = pubKey.Parameters.N;
+            int nBitLength = n.BitLength;
+
+            BigInteger e = new BigInteger(1, message);
+            int eBitLength = e.BitLength;
+
+            if (eBitLength > nBitLength)
+            {
+                throw new DataLengthException("input too large for ECNR key.");
+            }
+
+            // r in the range [1,n-1]
+            if (r.CompareTo(BigInteger.One) < 0 || r.CompareTo(n) >= 0)
+            {
+                return false;
+            }
+
+            // s in the range [0,n-1]           NB: ECNR spec says 0
+            if (s.CompareTo(BigInteger.Zero) < 0 || s.CompareTo(n) >= 0)
+            {
+                return false;
+            }
+
+            // compute P = sG + rW
+
+            ECPoint G = pubKey.Parameters.G;
+            ECPoint W = pubKey.Q;
+            // calculate P using Bouncy math
+            ECPoint P = ECAlgorithms.SumOfTwoMultiplies(G, s, W, r).Normalize();
+
+            if (P.IsInfinity)
+                return false;
+
+            BigInteger x = P.AffineXCoord.ToBigInteger();
+            BigInteger t = r.Subtract(x).Mod(n);
+
+            return t.Equals(e);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/GOST3410DigestSigner.cs b/bc-sharp-crypto/src/crypto/signers/GOST3410DigestSigner.cs
new file mode 100644
index 0000000..bc32808
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/GOST3410DigestSigner.cs
@@ -0,0 +1,145 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+	public class Gost3410DigestSigner
+		: ISigner
+	{
+		private readonly IDigest digest;
+		private readonly IDsa dsaSigner;
+		private bool forSigning;
+
+		public Gost3410DigestSigner(
+			IDsa	signer,
+			IDigest	digest)
+		{
+			this.dsaSigner = signer;
+			this.digest = digest;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return digest.AlgorithmName + "with" + dsaSigner.AlgorithmName; }
+		}
+
+        public virtual void Init(
+			bool				forSigning,
+			ICipherParameters	parameters)
+		{
+			this.forSigning = forSigning;
+
+			AsymmetricKeyParameter k;
+			if (parameters is ParametersWithRandom)
+			{
+				k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters;
+			}
+			else
+			{
+				k = (AsymmetricKeyParameter)parameters;
+			}
+
+			if (forSigning && !k.IsPrivate)
+			{
+				throw new InvalidKeyException("Signing Requires Private Key.");
+			}
+
+			if (!forSigning && k.IsPrivate)
+			{
+				throw new InvalidKeyException("Verification Requires Public Key.");
+			}
+
+			Reset();
+
+			dsaSigner.Init(forSigning, parameters);
+		}
+
+		/**
+		 * update the internal digest with the byte b
+		 */
+        public virtual void Update(
+			byte input)
+		{
+			digest.Update(input);
+		}
+
+		/**
+		 * update the internal digest with the byte array in
+		 */
+        public virtual void BlockUpdate(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			digest.BlockUpdate(input, inOff, length);
+		}
+
+		/**
+		 * Generate a signature for the message we've been loaded with using
+		 * the key we were initialised with.
+		 */
+        public virtual byte[] GenerateSignature()
+		{
+			if (!forSigning)
+				throw new InvalidOperationException("GOST3410DigestSigner not initialised for signature generation.");
+
+			byte[] hash = new byte[digest.GetDigestSize()];
+			digest.DoFinal(hash, 0);
+
+			try
+			{
+				BigInteger[] sig = dsaSigner.GenerateSignature(hash);
+				byte[] sigBytes = new byte[64];
+
+				// TODO Add methods to allow writing BigInteger to existing byte array?
+				byte[] r = sig[0].ToByteArrayUnsigned();
+				byte[] s = sig[1].ToByteArrayUnsigned();
+				s.CopyTo(sigBytes, 32 - s.Length);
+				r.CopyTo(sigBytes, 64 - r.Length);
+				return sigBytes;
+			}
+			catch (Exception e)
+			{
+				throw new SignatureException(e.Message, e);
+			}
+		}
+
+		/// <returns>true if the internal state represents the signature described in the passed in array.</returns>
+        public virtual bool VerifySignature(
+			byte[] signature)
+		{
+			if (forSigning)
+				throw new InvalidOperationException("DSADigestSigner not initialised for verification");
+
+			byte[] hash = new byte[digest.GetDigestSize()];
+			digest.DoFinal(hash, 0);
+
+			BigInteger R, S;
+			try
+			{
+				R = new BigInteger(1, signature, 32, 32);
+				S = new BigInteger(1, signature, 0, 32);
+			}
+			catch (Exception e)
+			{
+				throw new SignatureException("error decoding signature bytes.", e);
+			}
+
+			return dsaSigner.VerifySignature(hash, R, S);
+		}
+
+		/// <summary>Reset the internal state</summary>
+        public virtual void Reset()
+		{
+			digest.Reset();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/GOST3410Signer.cs b/bc-sharp-crypto/src/crypto/signers/GOST3410Signer.cs
new file mode 100644
index 0000000..f1832ae
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/GOST3410Signer.cs
@@ -0,0 +1,132 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+	/**
+	 * Gost R 34.10-94 Signature Algorithm
+	 */
+	public class Gost3410Signer
+		: IDsa
+	{
+		private Gost3410KeyParameters key;
+		private SecureRandom random;
+
+        public virtual string AlgorithmName
+		{
+			get { return "GOST3410"; }
+		}
+
+        public virtual void Init(
+			bool				forSigning,
+			ICipherParameters	parameters)
+		{
+			if (forSigning)
+			{
+				if (parameters is ParametersWithRandom)
+				{
+					ParametersWithRandom rParam = (ParametersWithRandom)parameters;
+
+					this.random = rParam.Random;
+					parameters = rParam.Parameters;
+				}
+				else
+				{
+					this.random = new SecureRandom();
+				}
+
+				if (!(parameters is Gost3410PrivateKeyParameters))
+					throw new InvalidKeyException("GOST3410 private key required for signing");
+
+				this.key = (Gost3410PrivateKeyParameters) parameters;
+			}
+			else
+			{
+				if (!(parameters is Gost3410PublicKeyParameters))
+					throw new InvalidKeyException("GOST3410 public key required for signing");
+
+				this.key = (Gost3410PublicKeyParameters) parameters;
+			}
+		}
+
+		/**
+		 * generate a signature for the given message using the key we were
+		 * initialised with. For conventional Gost3410 the message should be a Gost3411
+		 * hash of the message of interest.
+		 *
+		 * @param message the message that will be verified later.
+		 */
+        public virtual BigInteger[] GenerateSignature(
+			byte[] message)
+		{
+			byte[] mRev = new byte[message.Length]; // conversion is little-endian
+			for (int i = 0; i != mRev.Length; i++)
+			{
+				mRev[i] = message[mRev.Length - 1 - i];
+			}
+
+			BigInteger m = new BigInteger(1, mRev);
+			Gost3410Parameters parameters = key.Parameters;
+			BigInteger k;
+
+			do
+			{
+				k = new BigInteger(parameters.Q.BitLength, random);
+			}
+			while (k.CompareTo(parameters.Q) >= 0);
+
+			BigInteger r = parameters.A.ModPow(k, parameters.P).Mod(parameters.Q);
+
+			BigInteger s = k.Multiply(m).
+				Add(((Gost3410PrivateKeyParameters)key).X.Multiply(r)).
+				Mod(parameters.Q);
+
+			return new BigInteger[]{ r, s };
+		}
+
+		/**
+		 * return true if the value r and s represent a Gost3410 signature for
+		 * the passed in message for standard Gost3410 the message should be a
+		 * Gost3411 hash of the real message to be verified.
+		 */
+        public virtual bool VerifySignature(
+			byte[]		message,
+			BigInteger	r,
+			BigInteger	s)
+		{
+			byte[] mRev = new byte[message.Length]; // conversion is little-endian
+			for (int i = 0; i != mRev.Length; i++)
+			{
+				mRev[i] = message[mRev.Length - 1 - i];
+			}
+
+			BigInteger m = new BigInteger(1, mRev);
+			Gost3410Parameters parameters = key.Parameters;
+
+			if (r.SignValue < 0 || parameters.Q.CompareTo(r) <= 0)
+			{
+				return false;
+			}
+
+			if (s.SignValue < 0 || parameters.Q.CompareTo(s) <= 0)
+			{
+				return false;
+			}
+
+			BigInteger v = m.ModPow(parameters.Q.Subtract(BigInteger.Two), parameters.Q);
+
+			BigInteger z1 = s.Multiply(v).Mod(parameters.Q);
+			BigInteger z2 = (parameters.Q.Subtract(r)).Multiply(v).Mod(parameters.Q);
+
+			z1 = parameters.A.ModPow(z1, parameters.P);
+			z2 = ((Gost3410PublicKeyParameters)key).Y.ModPow(z2, parameters.P);
+
+			BigInteger u = z1.Multiply(z2).Mod(parameters.P).Mod(parameters.Q);
+
+			return u.Equals(r);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/GenericSigner.cs b/bc-sharp-crypto/src/crypto/signers/GenericSigner.cs
new file mode 100644
index 0000000..a551217
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/GenericSigner.cs
@@ -0,0 +1,130 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    public class GenericSigner
+        : ISigner
+    {
+        private readonly IAsymmetricBlockCipher engine;
+        private readonly IDigest digest;
+        private bool forSigning;
+
+        public GenericSigner(
+            IAsymmetricBlockCipher	engine,
+            IDigest					digest)
+        {
+            this.engine = engine;
+            this.digest = digest;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return "Generic(" + engine.AlgorithmName + "/" + digest.AlgorithmName + ")"; }
+        }
+
+        /**
+        * initialise the signer for signing or verification.
+        *
+        * @param forSigning
+        *            true if for signing, false otherwise
+        * @param parameters
+        *            necessary parameters.
+        */
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
+        {
+            this.forSigning = forSigning;
+
+            AsymmetricKeyParameter k;
+            if (parameters is ParametersWithRandom)
+            {
+                k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters;
+            }
+            else
+            {
+                k = (AsymmetricKeyParameter)parameters;
+            }
+
+            if (forSigning && !k.IsPrivate)
+                throw new InvalidKeyException("Signing requires private key.");
+
+            if (!forSigning && k.IsPrivate)
+                throw new InvalidKeyException("Verification requires public key.");
+
+            Reset();
+
+            engine.Init(forSigning, parameters);
+        }
+
+        /**
+        * update the internal digest with the byte b
+        */
+        public virtual void Update(byte input)
+        {
+            digest.Update(input);
+        }
+
+        /**
+        * update the internal digest with the byte array in
+        */
+        public virtual void BlockUpdate(byte[] input, int inOff, int length)
+        {
+            digest.BlockUpdate(input, inOff, length);
+        }
+
+        /**
+        * Generate a signature for the message we've been loaded with using the key
+        * we were initialised with.
+        */
+        public virtual byte[] GenerateSignature()
+        {
+            if (!forSigning)
+                throw new InvalidOperationException("GenericSigner not initialised for signature generation.");
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            return engine.ProcessBlock(hash, 0, hash.Length);
+        }
+
+        /**
+        * return true if the internal state represents the signature described in
+        * the passed in array.
+        */
+        public virtual bool VerifySignature(byte[] signature)
+        {
+            if (forSigning)
+                throw new InvalidOperationException("GenericSigner not initialised for verification");
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            try
+            {
+                byte[] sig = engine.ProcessBlock(signature, 0, signature.Length);
+
+                // Extend with leading zeroes to match the digest size, if necessary.
+                if (sig.Length < hash.Length)
+                {
+                    byte[] tmp = new byte[hash.Length];
+                    Array.Copy(sig, 0, tmp, tmp.Length - sig.Length, sig.Length);
+                    sig = tmp;
+                }
+
+                return Arrays.ConstantTimeAreEqual(sig, hash);
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+        }
+
+        public virtual void Reset()
+        {
+            digest.Reset();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/HMacDsaKCalculator.cs b/bc-sharp-crypto/src/crypto/signers/HMacDsaKCalculator.cs
new file mode 100644
index 0000000..8231197
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/HMacDsaKCalculator.cs
@@ -0,0 +1,150 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979.
+     */
+    public class HMacDsaKCalculator
+        :   IDsaKCalculator
+    {
+        private readonly HMac hMac;
+        private readonly byte[] K;
+        private readonly byte[] V;
+
+        private BigInteger n;
+
+        /**
+         * Base constructor.
+         *
+         * @param digest digest to build the HMAC on.
+         */
+        public HMacDsaKCalculator(IDigest digest)
+        {
+            this.hMac = new HMac(digest);
+            this.V = new byte[hMac.GetMacSize()];
+            this.K = new byte[hMac.GetMacSize()];
+        }
+
+        public virtual bool IsDeterministic
+        {
+            get { return true; }
+        }
+
+        public virtual void Init(BigInteger n, SecureRandom random)
+        {
+            throw new InvalidOperationException("Operation not supported");
+        }
+
+        public void Init(BigInteger n, BigInteger d, byte[] message)
+        {
+            this.n = n;
+
+            Arrays.Fill(V, (byte)0x01);
+            Arrays.Fill(K, (byte)0);
+
+            byte[] x = new byte[(n.BitLength + 7) / 8];
+            byte[] dVal = BigIntegers.AsUnsignedByteArray(d);
+
+            Array.Copy(dVal, 0, x, x.Length - dVal.Length, dVal.Length);
+
+            byte[] m = new byte[(n.BitLength + 7) / 8];
+
+            BigInteger mInt = BitsToInt(message);
+
+            if (mInt.CompareTo(n) >= 0)
+            {
+                mInt = mInt.Subtract(n);
+            }
+
+            byte[] mVal = BigIntegers.AsUnsignedByteArray(mInt);
+
+            Array.Copy(mVal, 0, m, m.Length - mVal.Length, mVal.Length);
+
+            hMac.Init(new KeyParameter(K));
+
+            hMac.BlockUpdate(V, 0, V.Length);
+            hMac.Update((byte)0x00);
+            hMac.BlockUpdate(x, 0, x.Length);
+            hMac.BlockUpdate(m, 0, m.Length);
+
+            hMac.DoFinal(K, 0);
+
+            hMac.Init(new KeyParameter(K));
+
+            hMac.BlockUpdate(V, 0, V.Length);
+
+            hMac.DoFinal(V, 0);
+
+            hMac.BlockUpdate(V, 0, V.Length);
+            hMac.Update((byte)0x01);
+            hMac.BlockUpdate(x, 0, x.Length);
+            hMac.BlockUpdate(m, 0, m.Length);
+
+            hMac.DoFinal(K, 0);
+
+            hMac.Init(new KeyParameter(K));
+
+            hMac.BlockUpdate(V, 0, V.Length);
+
+            hMac.DoFinal(V, 0);
+        }
+
+        public virtual BigInteger NextK()
+        {
+            byte[] t = new byte[((n.BitLength + 7) / 8)];
+
+            for (;;)
+            {
+                int tOff = 0;
+
+                while (tOff < t.Length)
+                {
+                    hMac.BlockUpdate(V, 0, V.Length);
+
+                    hMac.DoFinal(V, 0);
+
+                    int len = System.Math.Min(t.Length - tOff, V.Length);
+                    Array.Copy(V, 0, t, tOff, len);
+                    tOff += len;
+                }
+
+                BigInteger k = BitsToInt(t);
+
+                if (k.SignValue > 0 && k.CompareTo(n) < 0)
+                {
+                    return k;
+                }
+
+                hMac.BlockUpdate(V, 0, V.Length);
+                hMac.Update((byte)0x00);
+
+                hMac.DoFinal(K, 0);
+
+                hMac.Init(new KeyParameter(K));
+
+                hMac.BlockUpdate(V, 0, V.Length);
+
+                hMac.DoFinal(V, 0);
+            }
+        }
+
+        private BigInteger BitsToInt(byte[] t)
+        {
+            BigInteger v = new BigInteger(1, t);
+
+            if (t.Length * 8 > n.BitLength)
+            {
+                v = v.ShiftRight(t.Length * 8 - n.BitLength);
+            }
+
+            return v;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/IDsaKCalculator.cs b/bc-sharp-crypto/src/crypto/signers/IDsaKCalculator.cs
new file mode 100644
index 0000000..645186d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/IDsaKCalculator.cs
@@ -0,0 +1,44 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * Interface define calculators of K values for DSA/ECDSA.
+     */
+    public interface IDsaKCalculator
+    {
+        /**
+         * Return true if this calculator is deterministic, false otherwise.
+         *
+         * @return true if deterministic, otherwise false.
+         */
+        bool IsDeterministic { get; }
+
+        /**
+         * Non-deterministic initialiser.
+         *
+         * @param n the order of the DSA group.
+         * @param random a source of randomness.
+         */
+        void Init(BigInteger n, SecureRandom random);
+
+        /**
+         * Deterministic initialiser.
+         *
+         * @param n the order of the DSA group.
+         * @param d the DSA private value.
+         * @param message the message being signed.
+         */
+        void Init(BigInteger n, BigInteger d, byte[] message);
+
+        /**
+         * Return the next valid value of K.
+         *
+         * @return a K value.
+         */
+        BigInteger NextK();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/Iso9796d2PssSigner.cs b/bc-sharp-crypto/src/crypto/signers/Iso9796d2PssSigner.cs
new file mode 100644
index 0000000..6b80370
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/Iso9796d2PssSigner.cs
@@ -0,0 +1,619 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /// <summary> ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3).
+    /// <p>
+    /// Note: the usual length for the salt is the length of the hash
+    /// function used in bytes.</p>
+    /// </summary>
+    public class Iso9796d2PssSigner
+        : ISignerWithRecovery
+    {
+        /// <summary>
+        /// Return a reference to the recoveredMessage message.
+        /// </summary>
+        /// <returns>The full/partial recoveredMessage message.</returns>
+        /// <seealso cref="ISignerWithRecovery.GetRecoveredMessage"/>
+        public byte[] GetRecoveredMessage()
+        {
+            return recoveredMessage;
+        }
+
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerImplicit = 0xBC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerRipeMD160 = 0x31CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerRipeMD128 = 0x32CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha1 = 0x33CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha256 = 0x34CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha512 = 0x35CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha384 = 0x36CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerWhirlpool = 0x37CC;
+
+        private IDigest digest;
+        private IAsymmetricBlockCipher cipher;
+
+        private SecureRandom random;
+        private byte[] standardSalt;
+
+        private int hLen;
+        private int trailer;
+        private int keyBits;
+        private byte[] block;
+        private byte[] mBuf;
+        private int messageLength;
+        private readonly int saltLength;
+        private bool fullMessage;
+        private byte[] recoveredMessage;
+
+        private byte[] preSig;
+        private byte[] preBlock;
+        private int preMStart;
+        private int preTLength;
+
+        /// <summary>
+        /// Generate a signer with either implicit or explicit trailers for ISO9796-2, scheme 2 or 3.
+        /// </summary>
+        /// <param name="cipher">base cipher to use for signature creation/verification</param>
+        /// <param name="digest">digest to use.</param>
+        /// <param name="saltLength">length of salt in bytes.</param>
+        /// <param name="isImplicit">whether or not the trailer is implicit or gives the hash.</param>
+        public Iso9796d2PssSigner(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					digest,
+            int						saltLength,
+            bool					isImplicit)
+        {
+            this.cipher = cipher;
+            this.digest = digest;
+            this.hLen = digest.GetDigestSize();
+            this.saltLength = saltLength;
+
+            if (isImplicit)
+            {
+                trailer = IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else if (IsoTrailers.NoTrailerAvailable(digest))
+            {
+                throw new ArgumentException("no valid trailer", "digest");
+            }
+            else
+            {
+                trailer = IsoTrailers.GetTrailer(digest);
+            }
+        }
+
+        /// <summary> Constructor for a signer with an explicit digest trailer.
+        ///
+        /// </summary>
+        /// <param name="cipher">cipher to use.
+        /// </param>
+        /// <param name="digest">digest to sign with.
+        /// </param>
+        /// <param name="saltLength">length of salt in bytes.
+        /// </param>
+        public Iso9796d2PssSigner(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					digest,
+            int						saltLength)
+            : this(cipher, digest, saltLength, false)
+        {
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "with" + "ISO9796-2S2"; }
+        }
+
+        /// <summary>Initialise the signer.</summary>
+        /// <param name="forSigning">true if for signing, false if for verification.</param>
+        /// <param name="parameters">parameters for signature generation/verification. If the
+        /// parameters are for generation they should be a ParametersWithRandom,
+        /// a ParametersWithSalt, or just an RsaKeyParameters object. If RsaKeyParameters
+        /// are passed in a SecureRandom will be created.
+        /// </param>
+        /// <exception cref="ArgumentException">if wrong parameter type or a fixed
+        /// salt is passed in which is the wrong length.
+        /// </exception>
+        public virtual void Init(
+            bool				forSigning,
+            ICipherParameters	parameters)
+        {
+            RsaKeyParameters kParam;
+            if (parameters is ParametersWithRandom)
+            {
+                ParametersWithRandom p = (ParametersWithRandom) parameters;
+
+                kParam = (RsaKeyParameters) p.Parameters;
+
+                if (forSigning)
+                {
+                    random = p.Random;
+                }
+            }
+            else if (parameters is ParametersWithSalt)
+            {
+                if (!forSigning)
+                    throw new ArgumentException("ParametersWithSalt only valid for signing", "parameters");
+
+                ParametersWithSalt p = (ParametersWithSalt) parameters;
+
+                kParam = (RsaKeyParameters) p.Parameters;
+                standardSalt = p.GetSalt();
+
+                if (standardSalt.Length != saltLength)
+                    throw new ArgumentException("Fixed salt is of wrong length");
+            }
+            else
+            {
+                kParam = (RsaKeyParameters) parameters;
+
+                if (forSigning)
+                {
+                    random = new SecureRandom();
+                }
+            }
+
+            cipher.Init(forSigning, kParam);
+
+            keyBits = kParam.Modulus.BitLength;
+
+            block = new byte[(keyBits + 7) / 8];
+
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 1];
+            }
+            else
+            {
+                mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 2];
+            }
+
+            Reset();
+        }
+
+        /// <summary> compare two byte arrays - constant time.</summary>
+        private bool IsSameAs(byte[] a, byte[] b)
+        {
+            if (messageLength != b.Length)
+            {
+                return false;
+            }
+
+            bool isOkay = true;
+
+            for (int i = 0; i != b.Length; i++)
+            {
+                if (a[i] != b[i])
+                {
+                    isOkay = false;
+                }
+            }
+
+            return isOkay;
+        }
+
+        /// <summary> clear possible sensitive data</summary>
+        private void  ClearBlock(
+            byte[] block)
+        {
+            Array.Clear(block, 0, block.Length);
+        }
+
+        public virtual void UpdateWithRecoveredMessage(
+            byte[] signature)
+        {
+            byte[] block = cipher.ProcessBlock(signature, 0, signature.Length);
+
+            //
+            // adjust block size for leading zeroes if necessary
+            //
+            if (block.Length < (keyBits + 7) / 8)
+            {
+                byte[] tmp = new byte[(keyBits + 7) / 8];
+
+                Array.Copy(block, 0, tmp, tmp.Length - block.Length, block.Length);
+                ClearBlock(block);
+                block = tmp;
+            }
+
+            int tLength;
+
+            if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0)
+            {
+                tLength = 1;
+            }
+            else
+            {
+                int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF);
+
+                if (IsoTrailers.NoTrailerAvailable(digest))
+                    throw new ArgumentException("unrecognised hash in signature");
+
+                if (sigTrail != IsoTrailers.GetTrailer(digest))
+                    throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail);
+
+                tLength = 2;
+            }
+
+            //
+            // calculate H(m2)
+            //
+            byte[] m2Hash = new byte[hLen];
+            digest.DoFinal(m2Hash, 0);
+
+            //
+            // remove the mask
+            //
+            byte[] dbMask = MaskGeneratorFunction1(block, block.Length - hLen - tLength, hLen, block.Length - hLen - tLength);
+            for (int i = 0; i != dbMask.Length; i++)
+            {
+                block[i] ^= dbMask[i];
+            }
+
+            block[0] &= 0x7f;
+
+            //
+            // find out how much padding we've got
+            //
+            int mStart = 0;
+
+            while (mStart < block.Length)
+            {
+                if (block[mStart++] == 0x01)
+                    break;
+            }
+
+            if (mStart >= block.Length)
+            {
+                ClearBlock(block);
+            }
+
+            fullMessage = (mStart > 1);
+
+            recoveredMessage = new byte[dbMask.Length - mStart - saltLength];
+
+            Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length);
+            recoveredMessage.CopyTo(mBuf, 0);
+
+            preSig = signature;
+            preBlock = block;
+            preMStart = mStart;
+            preTLength = tLength;
+        }
+
+        /// <summary> update the internal digest with the byte b</summary>
+        public virtual void Update(
+            byte input)
+        {
+            if (preSig == null && messageLength < mBuf.Length)
+            {
+                mBuf[messageLength++] = input;
+            }
+            else
+            {
+                digest.Update(input);
+            }
+        }
+
+        /// <summary> update the internal digest with the byte array in</summary>
+        public virtual void BlockUpdate(
+            byte[]	input,
+            int		inOff,
+            int		length)
+        {
+            if (preSig == null)
+            {
+                while (length > 0 && messageLength < mBuf.Length)
+                {
+                    this.Update(input[inOff]);
+                    inOff++;
+                    length--;
+                }
+            }
+
+            if (length > 0)
+            {
+                digest.BlockUpdate(input, inOff, length);
+            }
+        }
+
+        /// <summary> reset the internal state</summary>
+        public virtual void Reset()
+        {
+            digest.Reset();
+            messageLength = 0;
+            if (mBuf != null)
+            {
+                ClearBlock(mBuf);
+            }
+            if (recoveredMessage != null)
+            {
+                ClearBlock(recoveredMessage);
+                recoveredMessage = null;
+            }
+            fullMessage = false;
+            if (preSig != null)
+            {
+                preSig = null;
+                ClearBlock(preBlock);
+                preBlock = null;
+            }
+        }
+
+        /// <summary> Generate a signature for the loaded message using the key we were
+        /// initialised with.
+        /// </summary>
+        public virtual byte[] GenerateSignature()
+        {
+            int digSize = digest.GetDigestSize();
+            byte[] m2Hash = new byte[digSize];
+            digest.DoFinal(m2Hash, 0);
+
+            byte[] C = new byte[8];
+            LtoOSP(messageLength * 8, C);
+
+            digest.BlockUpdate(C, 0, C.Length);
+            digest.BlockUpdate(mBuf, 0, messageLength);
+            digest.BlockUpdate(m2Hash, 0, m2Hash.Length);
+
+            byte[] salt;
+            if (standardSalt != null)
+            {
+                salt = standardSalt;
+            }
+            else
+            {
+                salt = new byte[saltLength];
+                random.NextBytes(salt);
+            }
+
+            digest.BlockUpdate(salt, 0, salt.Length);
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            int tLength = 2;
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                tLength = 1;
+            }
+
+            int off = block.Length - messageLength - salt.Length - hLen - tLength - 1;
+
+            block[off] = (byte) (0x01);
+
+            Array.Copy(mBuf, 0, block, off + 1, messageLength);
+            Array.Copy(salt, 0, block, off + 1 + messageLength, salt.Length);
+
+            byte[] dbMask = MaskGeneratorFunction1(hash, 0, hash.Length, block.Length - hLen - tLength);
+            for (int i = 0; i != dbMask.Length; i++)
+            {
+                block[i] ^= dbMask[i];
+            }
+
+            Array.Copy(hash, 0, block, block.Length - hLen - tLength, hLen);
+
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else
+            {
+                block[block.Length - 2] = (byte) ((uint)trailer >> 8);
+                block[block.Length - 1] = (byte) trailer;
+            }
+
+            block[0] &= (byte) (0x7f);
+
+            byte[] b = cipher.ProcessBlock(block, 0, block.Length);
+
+            ClearBlock(mBuf);
+            ClearBlock(block);
+            messageLength = 0;
+
+            return b;
+        }
+
+        /// <summary> return true if the signature represents a ISO9796-2 signature
+        /// for the passed in message.
+        /// </summary>
+        public virtual bool VerifySignature(
+            byte[] signature)
+        {
+            //
+            // calculate H(m2)
+            //
+            byte[] m2Hash = new byte[hLen];
+            digest.DoFinal(m2Hash, 0);
+
+            byte[] block;
+            int tLength;
+            int mStart = 0;
+
+            if (preSig == null)
+            {
+                try
+                {
+                    UpdateWithRecoveredMessage(signature);
+                }
+                catch (Exception)
+                {
+                    return false;
+                }
+            }
+            else
+            {
+                if (!Arrays.AreEqual(preSig, signature))
+                {
+                    throw new InvalidOperationException("UpdateWithRecoveredMessage called on different signature");
+                }
+            }
+
+            block = preBlock;
+            mStart = preMStart;
+            tLength = preTLength;
+
+            preSig = null;
+            preBlock = null;
+
+            //
+            // check the hashes
+            //
+            byte[] C = new byte[8];
+            LtoOSP(recoveredMessage.Length * 8, C);
+
+            digest.BlockUpdate(C, 0, C.Length);
+
+            if (recoveredMessage.Length != 0)
+            {
+                digest.BlockUpdate(recoveredMessage, 0, recoveredMessage.Length);
+            }
+
+            digest.BlockUpdate(m2Hash, 0, m2Hash.Length);
+
+            // Update for the salt
+            if (standardSalt != null)
+            {
+                digest.BlockUpdate(standardSalt, 0, standardSalt.Length);
+            }
+            else
+            {
+                digest.BlockUpdate(block, mStart + recoveredMessage.Length, saltLength);
+            }
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            int off = block.Length - tLength - hash.Length;
+
+            bool isOkay = true;
+
+            for (int i = 0; i != hash.Length; i++)
+            {
+                if (hash[i] != block[off + i])
+                {
+                    isOkay = false;
+                }
+            }
+
+            ClearBlock(block);
+            ClearBlock(hash);
+
+            if (!isOkay)
+            {
+                fullMessage = false;
+                messageLength = 0;
+                ClearBlock(recoveredMessage);
+                return false;
+            }
+
+            //
+            // if they've input a message check what we've recovered against
+            // what was input.
+            //
+            if (messageLength != 0)
+            {
+                if (!IsSameAs(mBuf, recoveredMessage))
+                {
+                    messageLength = 0;
+                    ClearBlock(mBuf);
+                    return false;
+                }
+            }
+
+            messageLength = 0;
+
+            ClearBlock(mBuf);
+            return true;
+        }
+
+        /// <summary>
+        /// Return true if the full message was recoveredMessage.
+        /// </summary>
+        /// <returns>true on full message recovery, false otherwise, or if not sure.</returns>
+        /// <seealso cref="ISignerWithRecovery.HasFullMessage"/>
+        public virtual bool HasFullMessage()
+        {
+            return fullMessage;
+        }
+
+        /// <summary> int to octet string.</summary>
+        /// <summary> int to octet string.</summary>
+        private void ItoOSP(
+            int		i,
+            byte[]	sp)
+        {
+            sp[0] = (byte)((uint)i >> 24);
+            sp[1] = (byte)((uint)i >> 16);
+            sp[2] = (byte)((uint)i >> 8);
+            sp[3] = (byte)((uint)i >> 0);
+        }
+
+        /// <summary> long to octet string.</summary>
+        private void  LtoOSP(long l, byte[] sp)
+        {
+            sp[0] = (byte)((ulong)l >> 56);
+            sp[1] = (byte)((ulong)l >> 48);
+            sp[2] = (byte)((ulong)l >> 40);
+            sp[3] = (byte)((ulong)l >> 32);
+            sp[4] = (byte)((ulong)l >> 24);
+            sp[5] = (byte)((ulong)l >> 16);
+            sp[6] = (byte)((ulong)l >> 8);
+            sp[7] = (byte)((ulong)l >> 0);
+        }
+
+        /// <summary> mask generator function, as described in Pkcs1v2.</summary>
+        private byte[] MaskGeneratorFunction1(
+            byte[]	Z,
+            int		zOff,
+            int		zLen,
+            int		length)
+        {
+            byte[] mask = new byte[length];
+            byte[] hashBuf = new byte[hLen];
+            byte[] C = new byte[4];
+            int counter = 0;
+
+            digest.Reset();
+
+            do
+            {
+                ItoOSP(counter, C);
+
+                digest.BlockUpdate(Z, zOff, zLen);
+                digest.BlockUpdate(C, 0, C.Length);
+                digest.DoFinal(hashBuf, 0);
+
+                Array.Copy(hashBuf, 0, mask, counter * hLen, hLen);
+            }
+            while (++counter < (length / hLen));
+
+            if ((counter * hLen) < length)
+            {
+                ItoOSP(counter, C);
+
+                digest.BlockUpdate(Z, zOff, zLen);
+                digest.BlockUpdate(C, 0, C.Length);
+                digest.DoFinal(hashBuf, 0);
+
+                Array.Copy(hashBuf, 0, mask, counter * hLen, mask.Length - (counter * hLen));
+            }
+
+            return mask;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/Iso9796d2Signer.cs b/bc-sharp-crypto/src/crypto/signers/Iso9796d2Signer.cs
new file mode 100644
index 0000000..3039130
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/Iso9796d2Signer.cs
@@ -0,0 +1,556 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /// <summary> ISO9796-2 - mechanism using a hash function with recovery (scheme 1)</summary>
+    public class Iso9796d2Signer : ISignerWithRecovery
+    {
+        /// <summary>
+        /// Return a reference to the recoveredMessage message.
+        /// </summary>
+        /// <returns>The full/partial recoveredMessage message.</returns>
+        /// <seealso cref="ISignerWithRecovery.GetRecoveredMessage"/>
+        public byte[] GetRecoveredMessage()
+        {
+            return recoveredMessage;
+        }
+
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerImplicit = 0xBC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerRipeMD160 = 0x31CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerRipeMD128 = 0x32CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha1 = 0x33CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha256 = 0x34CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha512 = 0x35CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerSha384 = 0x36CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TrailerWhirlpool = 0x37CC;
+
+        private IDigest digest;
+        private IAsymmetricBlockCipher cipher;
+
+        private int trailer;
+        private int keyBits;
+        private byte[] block;
+        private byte[] mBuf;
+        private int messageLength;
+        private bool fullMessage;
+        private byte[] recoveredMessage;
+
+        private byte[] preSig;
+        private byte[] preBlock;
+
+        /// <summary>
+        /// Generate a signer with either implicit or explicit trailers for ISO9796-2.
+        /// </summary>
+        /// <param name="cipher">base cipher to use for signature creation/verification</param>
+        /// <param name="digest">digest to use.</param>
+        /// <param name="isImplicit">whether or not the trailer is implicit or gives the hash.</param>
+        public Iso9796d2Signer(
+            IAsymmetricBlockCipher	cipher,
+            IDigest					digest,
+            bool					isImplicit)
+        {
+            this.cipher = cipher;
+            this.digest = digest;
+
+            if (isImplicit)
+            {
+                trailer = IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else if (IsoTrailers.NoTrailerAvailable(digest))
+            {
+                throw new ArgumentException("no valid trailer", "digest");
+            }
+            else
+            {
+                trailer = IsoTrailers.GetTrailer(digest);
+            }
+        }
+
+        /// <summary> Constructor for a signer with an explicit digest trailer.
+        ///
+        /// </summary>
+        /// <param name="cipher">cipher to use.
+        /// </param>
+        /// <param name="digest">digest to sign with.
+        /// </param>
+        public Iso9796d2Signer(IAsymmetricBlockCipher cipher, IDigest digest)
+            : this(cipher, digest, false)
+        {
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "with" + "ISO9796-2S1"; }
+        }
+
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
+        {
+            RsaKeyParameters kParam = (RsaKeyParameters) parameters;
+
+            cipher.Init(forSigning, kParam);
+
+            keyBits = kParam.Modulus.BitLength;
+
+            block = new byte[(keyBits + 7) / 8];
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                mBuf = new byte[block.Length - digest.GetDigestSize() - 2];
+            }
+            else
+            {
+                mBuf = new byte[block.Length - digest.GetDigestSize() - 3];
+            }
+
+            Reset();
+        }
+
+        /// <summary> compare two byte arrays - constant time.</summary>
+        private bool IsSameAs(byte[] a, byte[] b)
+        {
+            int checkLen;
+            if (messageLength > mBuf.Length)
+            {
+                if (mBuf.Length > b.Length)
+                {
+                    return false;
+                }
+
+                checkLen = mBuf.Length;
+            }
+            else
+            {
+                if (messageLength != b.Length)
+                {
+                    return false;
+                }
+
+                checkLen = b.Length;
+            }
+
+            bool isOkay = true;
+
+            for (int i = 0; i != checkLen; i++)
+            {
+                if (a[i] != b[i])
+                {
+                    isOkay = false;
+                }
+            }
+
+            return isOkay;
+        }
+
+        /// <summary> clear possible sensitive data</summary>
+        private void  ClearBlock(
+            byte[] block)
+        {
+            Array.Clear(block, 0, block.Length);
+        }
+
+        public virtual void UpdateWithRecoveredMessage(
+            byte[] signature)
+        {
+            byte[] block = cipher.ProcessBlock(signature, 0, signature.Length);
+
+            if (((block[0] & 0xC0) ^ 0x40) != 0)
+                throw new InvalidCipherTextException("malformed signature");
+
+            if (((block[block.Length - 1] & 0xF) ^ 0xC) != 0)
+                throw new InvalidCipherTextException("malformed signature");
+
+            int delta = 0;
+
+            if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0)
+            {
+                delta = 1;
+            }
+            else
+            {
+                int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF);
+
+                if (IsoTrailers.NoTrailerAvailable(digest))
+                    throw new ArgumentException("unrecognised hash in signature");
+
+                if (sigTrail != IsoTrailers.GetTrailer(digest))
+                    throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail);
+
+                delta = 2;
+            }
+
+            //
+            // find out how much padding we've got
+            //
+            int mStart = 0;
+
+            for (mStart = 0; mStart != block.Length; mStart++)
+            {
+                if (((block[mStart] & 0x0f) ^ 0x0a) == 0)
+                    break;
+            }
+
+            mStart++;
+
+            int off = block.Length - delta - digest.GetDigestSize();
+
+            //
+            // there must be at least one byte of message string
+            //
+            if ((off - mStart) <= 0)
+                throw new InvalidCipherTextException("malformed block");
+
+            //
+            // if we contain the whole message as well, check the hash of that.
+            //
+            if ((block[0] & 0x20) == 0)
+            {
+                fullMessage = true;
+
+                recoveredMessage = new byte[off - mStart];
+                Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length);
+            }
+            else
+            {
+                fullMessage = false;
+
+                recoveredMessage = new byte[off - mStart];
+                Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length);
+            }
+
+            preSig = signature;
+            preBlock = block;
+
+            digest.BlockUpdate(recoveredMessage, 0, recoveredMessage.Length);
+            messageLength = recoveredMessage.Length;
+            recoveredMessage.CopyTo(mBuf, 0);
+        }
+
+        /// <summary> update the internal digest with the byte b</summary>
+        public virtual void Update(
+            byte input)
+        {
+            digest.Update(input);
+
+            if (messageLength < mBuf.Length)
+            {
+                mBuf[messageLength] = input;
+            }
+
+            messageLength++;
+        }
+
+        /// <summary> update the internal digest with the byte array in</summary>
+        public virtual void BlockUpdate(
+            byte[]	input,
+            int		inOff,
+            int		length)
+        {
+            while (length > 0 && messageLength < mBuf.Length)
+            {
+                //for (int i = 0; i < length && (i + messageLength) < mBuf.Length; i++)
+                //{
+                //    mBuf[messageLength + i] = input[inOff + i];
+                //}
+                this.Update(input[inOff]);
+                inOff++;
+                length--;
+            }
+
+            digest.BlockUpdate(input, inOff, length);
+            messageLength += length;
+        }
+
+        /// <summary> reset the internal state</summary>
+        public virtual void Reset()
+        {
+            digest.Reset();
+            messageLength = 0;
+            ClearBlock(mBuf);
+
+            if (recoveredMessage != null)
+            {
+                ClearBlock(recoveredMessage);
+            }
+
+            recoveredMessage = null;
+            fullMessage = false;
+
+            if (preSig != null)
+            {
+                preSig = null;
+                ClearBlock(preBlock);
+                preBlock = null;
+            }
+        }
+
+        /// <summary> Generate a signature for the loaded message using the key we were
+        /// initialised with.
+        /// </summary>
+        public virtual byte[] GenerateSignature()
+        {
+            int digSize = digest.GetDigestSize();
+
+            int t = 0;
+            int delta = 0;
+
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                t = 8;
+                delta = block.Length - digSize - 1;
+                digest.DoFinal(block, delta);
+                block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else
+            {
+                t = 16;
+                delta = block.Length - digSize - 2;
+                digest.DoFinal(block, delta);
+                block[block.Length - 2] = (byte) ((uint)trailer >> 8);
+                block[block.Length - 1] = (byte) trailer;
+            }
+
+            byte header = 0;
+            int x = (digSize + messageLength) * 8 + t + 4 - keyBits;
+
+            if (x > 0)
+            {
+                int mR = messageLength - ((x + 7) / 8);
+                header = (byte) (0x60);
+
+                delta -= mR;
+
+                Array.Copy(mBuf, 0, block, delta, mR);
+            }
+            else
+            {
+                header = (byte) (0x40);
+                delta -= messageLength;
+
+                Array.Copy(mBuf, 0, block, delta, messageLength);
+            }
+
+            if ((delta - 1) > 0)
+            {
+                for (int i = delta - 1; i != 0; i--)
+                {
+                    block[i] = (byte) 0xbb;
+                }
+                block[delta - 1] ^= (byte) 0x01;
+                block[0] = (byte) 0x0b;
+                block[0] |= header;
+            }
+            else
+            {
+                block[0] = (byte) 0x0a;
+                block[0] |= header;
+            }
+
+            byte[] b = cipher.ProcessBlock(block, 0, block.Length);
+
+            messageLength = 0;
+
+            ClearBlock(mBuf);
+            ClearBlock(block);
+
+            return b;
+        }
+
+        /// <summary> return true if the signature represents a ISO9796-2 signature
+        /// for the passed in message.
+        /// </summary>
+        public virtual bool VerifySignature(byte[] signature)
+        {
+            byte[] block;
+
+            if (preSig == null)
+            {
+                try
+                {
+                    block = cipher.ProcessBlock(signature, 0, signature.Length);
+                }
+                catch (Exception)
+                {
+                    return false;
+                }
+            }
+            else
+            {
+                if (!Arrays.AreEqual(preSig, signature))
+                    throw new InvalidOperationException("updateWithRecoveredMessage called on different signature");
+
+                block = preBlock;
+
+                preSig = null;
+                preBlock = null;
+            }
+
+            if (((block[0] & 0xC0) ^ 0x40) != 0)
+                return ReturnFalse(block);
+
+            if (((block[block.Length - 1] & 0xF) ^ 0xC) != 0)
+                return ReturnFalse(block);
+
+            int delta = 0;
+
+            if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0)
+            {
+                delta = 1;
+            }
+            else
+            {
+                int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF);
+
+                if (IsoTrailers.NoTrailerAvailable(digest))
+                    throw new ArgumentException("unrecognised hash in signature");
+
+                if (sigTrail != IsoTrailers.GetTrailer(digest))
+                    throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail);
+
+                delta = 2;
+            }
+
+            //
+            // find out how much padding we've got
+            //
+            int mStart = 0;
+            for (; mStart != block.Length; mStart++)
+            {
+                if (((block[mStart] & 0x0f) ^ 0x0a) == 0)
+                {
+                    break;
+                }
+            }
+
+            mStart++;
+
+            //
+            // check the hashes
+            //
+            byte[] hash = new byte[digest.GetDigestSize()];
+
+            int off = block.Length - delta - hash.Length;
+
+            //
+            // there must be at least one byte of message string
+            //
+            if ((off - mStart) <= 0)
+            {
+                return ReturnFalse(block);
+            }
+
+            //
+            // if we contain the whole message as well, check the hash of that.
+            //
+            if ((block[0] & 0x20) == 0)
+            {
+                fullMessage = true;
+
+                // check right number of bytes passed in.
+                if (messageLength > off - mStart)
+                {
+                    return ReturnFalse(block);
+                }
+
+                digest.Reset();
+                digest.BlockUpdate(block, mStart, off - mStart);
+                digest.DoFinal(hash, 0);
+
+                bool isOkay = true;
+                
+                for (int i = 0; i != hash.Length; i++)
+                {
+                    block[off + i] ^= hash[i];
+                    if (block[off + i] != 0)
+                    {
+                        isOkay = false;
+                    }
+                }
+
+                if (!isOkay)
+                {
+                    return ReturnFalse(block);
+                }
+
+                recoveredMessage = new byte[off - mStart];
+                Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length);
+            }
+            else
+            {
+                fullMessage = false;
+
+                digest.DoFinal(hash, 0);
+
+                bool isOkay = true;
+
+                for (int i = 0; i != hash.Length; i++)
+                {
+                    block[off + i] ^= hash[i];
+                    if (block[off + i] != 0)
+                    {
+                        isOkay = false;
+                    }
+                }
+
+                if (!isOkay)
+                {
+                    return ReturnFalse(block);
+                }
+
+                recoveredMessage = new byte[off - mStart];
+                Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length);
+            }
+
+            //
+            // if they've input a message check what we've recovered against
+            // what was input.
+            //
+            if (messageLength != 0)
+            {
+                if (!IsSameAs(mBuf, recoveredMessage))
+                {
+                    return ReturnFalse(block);
+                }
+            }
+
+            ClearBlock(mBuf);
+            ClearBlock(block);
+
+            messageLength = 0;
+
+            return true;
+        }
+
+        private bool ReturnFalse(byte[] block)
+        {
+            messageLength = 0;
+
+            ClearBlock(mBuf);
+            ClearBlock(block);
+
+            return false;
+        }
+
+        /// <summary>
+        /// Return true if the full message was recoveredMessage.
+        /// </summary>
+        /// <returns> true on full message recovery, false otherwise.</returns>
+        /// <seealso cref="ISignerWithRecovery.HasFullMessage"/>
+        public virtual bool HasFullMessage()
+        {
+            return fullMessage;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/IsoTrailers.cs b/bc-sharp-crypto/src/crypto/signers/IsoTrailers.cs
new file mode 100644
index 0000000..497ffaf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/IsoTrailers.cs
@@ -0,0 +1,57 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    public class IsoTrailers
+    {
+        public const int TRAILER_IMPLICIT    = 0xBC;
+        public const int TRAILER_RIPEMD160   = 0x31CC;
+        public const int TRAILER_RIPEMD128   = 0x32CC;
+        public const int TRAILER_SHA1        = 0x33CC;
+        public const int TRAILER_SHA256      = 0x34CC;
+        public const int TRAILER_SHA512      = 0x35CC;
+        public const int TRAILER_SHA384      = 0x36CC;
+        public const int TRAILER_WHIRLPOOL   = 0x37CC;
+        public const int TRAILER_SHA224      = 0x38CC;
+        public const int TRAILER_SHA512_224  = 0x39CC;
+        public const int TRAILER_SHA512_256  = 0x40CC;
+
+        private static IDictionary CreateTrailerMap()
+        {
+            IDictionary trailers = Platform.CreateHashtable();
+
+            trailers.Add("RIPEMD128", TRAILER_RIPEMD128);
+            trailers.Add("RIPEMD160", TRAILER_RIPEMD160);
+
+            trailers.Add("SHA-1", TRAILER_SHA1);
+            trailers.Add("SHA-224", TRAILER_SHA224);
+            trailers.Add("SHA-256", TRAILER_SHA256);
+            trailers.Add("SHA-384", TRAILER_SHA384);
+            trailers.Add("SHA-512", TRAILER_SHA512);
+            trailers.Add("SHA-512/224", TRAILER_SHA512_224);
+            trailers.Add("SHA-512/256", TRAILER_SHA512_256);
+
+            trailers.Add("Whirlpool", TRAILER_WHIRLPOOL);
+
+            return CollectionUtilities.ReadOnly(trailers);
+        }
+
+        // IDictionary is (string -> Int32)
+        private static readonly IDictionary trailerMap = CreateTrailerMap();
+
+        public static int GetTrailer(IDigest digest)
+        {
+            return (int)trailerMap[digest.AlgorithmName];
+        }
+
+        public static bool NoTrailerAvailable(IDigest digest)
+        {
+            return !trailerMap.Contains(digest.AlgorithmName);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/PssSigner.cs b/bc-sharp-crypto/src/crypto/signers/PssSigner.cs
new file mode 100644
index 0000000..23b7c0f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/PssSigner.cs
@@ -0,0 +1,386 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+	/// <summary> RSA-PSS as described in Pkcs# 1 v 2.1.
+	/// <p>
+	/// Note: the usual value for the salt length is the number of
+	/// bytes in the hash function.</p>
+	/// </summary>
+	public class PssSigner
+		: ISigner
+	{
+		public const byte TrailerImplicit = (byte)0xBC;
+
+		private readonly IDigest contentDigest1, contentDigest2;
+		private readonly IDigest mgfDigest;
+		private readonly IAsymmetricBlockCipher cipher;
+
+		private SecureRandom random;
+
+		private int hLen;
+		private int mgfhLen;
+		private int sLen;
+        private bool sSet;
+		private int emBits;
+		private byte[] salt;
+		private byte[] mDash;
+		private byte[] block;
+		private byte trailer;
+
+		public static PssSigner CreateRawSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					digest)
+		{
+			return new PssSigner(cipher, new NullDigest(), digest, digest, digest.GetDigestSize(), null, TrailerImplicit);
+		}
+
+		public static PssSigner CreateRawSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					contentDigest,
+			IDigest					mgfDigest,
+			int						saltLen,
+			byte					trailer)
+		{
+			return new PssSigner(cipher, new NullDigest(), contentDigest, mgfDigest, saltLen, null, trailer);
+		}
+
+		public PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					digest)
+			: this(cipher, digest, digest.GetDigestSize())
+		{
+		}
+
+		/// <summary>Basic constructor</summary>
+		/// <param name="cipher">the asymmetric cipher to use.</param>
+		/// <param name="digest">the digest to use.</param>
+		/// <param name="saltLen">the length of the salt to use (in bytes).</param>
+		public PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					digest,
+			int						saltLen)
+			: this(cipher, digest, saltLen, TrailerImplicit)
+		{
+		}
+
+        /// <summary>Basic constructor</summary>
+        /// <param name="cipher">the asymmetric cipher to use.</param>
+        /// <param name="digest">the digest to use.</param>
+        /// <param name="salt">the fixed salt to be used.</param>
+        public PssSigner(
+            IAsymmetricBlockCipher cipher,
+            IDigest digest,
+            byte[] salt)
+            : this(cipher, digest, digest, digest, salt.Length, salt, TrailerImplicit)
+        {
+        }
+
+        public PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					contentDigest,
+			IDigest					mgfDigest,
+			int						saltLen)
+			: this(cipher, contentDigest, mgfDigest, saltLen, TrailerImplicit)
+		{
+		}
+
+        public PssSigner(
+            IAsymmetricBlockCipher cipher,
+            IDigest contentDigest,
+            IDigest mgfDigest,
+            byte[] salt)
+            : this(cipher, contentDigest, contentDigest, mgfDigest, salt.Length, salt, TrailerImplicit)
+        {
+        }
+
+        public PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					digest,
+			int						saltLen,
+			byte					trailer)
+			: this(cipher, digest, digest, saltLen, TrailerImplicit)
+		{
+		}
+
+		public PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					contentDigest,
+			IDigest					mgfDigest,
+			int						saltLen,
+			byte					trailer)
+			: this(cipher, contentDigest, contentDigest, mgfDigest, saltLen, null, trailer)
+		{
+		}
+
+		private PssSigner(
+			IAsymmetricBlockCipher	cipher,
+			IDigest					contentDigest1,
+			IDigest					contentDigest2,
+			IDigest					mgfDigest,
+			int						saltLen,
+            byte[]                  salt,
+			byte					trailer)
+		{
+			this.cipher = cipher;
+			this.contentDigest1 = contentDigest1;
+			this.contentDigest2 = contentDigest2;
+			this.mgfDigest = mgfDigest;
+			this.hLen = contentDigest2.GetDigestSize();
+			this.mgfhLen = mgfDigest.GetDigestSize();
+			this.sLen = saltLen;
+            this.sSet = salt != null;
+            if (sSet)
+            {
+                this.salt = salt;
+            }
+            else
+            {
+                this.salt = new byte[saltLen];
+            }
+			this.mDash = new byte[8 + saltLen + hLen];
+			this.trailer = trailer;
+		}
+
+        public virtual string AlgorithmName
+		{
+			get { return mgfDigest.AlgorithmName + "withRSAandMGF1"; }
+		}
+
+		public virtual void Init(
+			bool				forSigning,
+			ICipherParameters	parameters)
+		{
+			if (parameters is ParametersWithRandom)
+			{
+				ParametersWithRandom p = (ParametersWithRandom) parameters;
+
+				parameters = p.Parameters;
+				random = p.Random;
+			}
+			else
+			{
+				if (forSigning)
+				{
+					random = new SecureRandom();
+				}
+			}
+
+			cipher.Init(forSigning, parameters);
+
+			RsaKeyParameters kParam;
+			if (parameters is RsaBlindingParameters)
+			{
+				kParam = ((RsaBlindingParameters) parameters).PublicKey;
+			}
+			else
+			{
+				kParam = (RsaKeyParameters) parameters;
+			}
+
+			emBits = kParam.Modulus.BitLength - 1;
+
+			if (emBits < (8 * hLen + 8 * sLen + 9))
+				throw new ArgumentException("key too small for specified hash and salt lengths");
+
+			block = new byte[(emBits + 7) / 8];
+		}
+
+		/// <summary> clear possible sensitive data</summary>
+		private void ClearBlock(
+			byte[] block)
+		{
+			Array.Clear(block, 0, block.Length);
+		}
+
+		/// <summary> update the internal digest with the byte b</summary>
+		public virtual void Update(
+			byte input)
+		{
+			contentDigest1.Update(input);
+		}
+
+		/// <summary> update the internal digest with the byte array in</summary>
+		public virtual void BlockUpdate(
+			byte[]	input,
+			int		inOff,
+			int		length)
+		{
+			contentDigest1.BlockUpdate(input, inOff, length);
+		}
+
+		/// <summary> reset the internal state</summary>
+		public virtual void Reset()
+		{
+			contentDigest1.Reset();
+		}
+
+		/// <summary> Generate a signature for the message we've been loaded with using
+		/// the key we were initialised with.
+		/// </summary>
+		public virtual byte[] GenerateSignature()
+		{
+			contentDigest1.DoFinal(mDash, mDash.Length - hLen - sLen);
+
+			if (sLen != 0)
+			{
+                if (!sSet)
+                {
+                    random.NextBytes(salt);
+                }
+				salt.CopyTo(mDash, mDash.Length - sLen);
+			}
+
+			byte[] h = new byte[hLen];
+
+			contentDigest2.BlockUpdate(mDash, 0, mDash.Length);
+
+			contentDigest2.DoFinal(h, 0);
+
+			block[block.Length - sLen - 1 - hLen - 1] = (byte) (0x01);
+			salt.CopyTo(block, block.Length - sLen - hLen - 1);
+
+			byte[] dbMask = MaskGeneratorFunction1(h, 0, h.Length, block.Length - hLen - 1);
+			for (int i = 0; i != dbMask.Length; i++)
+			{
+				block[i] ^= dbMask[i];
+			}
+
+			block[0] &= (byte) ((0xff >> ((block.Length * 8) - emBits)));
+
+			h.CopyTo(block, block.Length - hLen - 1);
+
+			block[block.Length - 1] = trailer;
+
+			byte[] b = cipher.ProcessBlock(block, 0, block.Length);
+
+			ClearBlock(block);
+
+			return b;
+		}
+
+		/// <summary> return true if the internal state represents the signature described
+		/// in the passed in array.
+		/// </summary>
+		public virtual bool VerifySignature(
+			byte[] signature)
+		{
+			contentDigest1.DoFinal(mDash, mDash.Length - hLen - sLen);
+
+			byte[] b = cipher.ProcessBlock(signature, 0, signature.Length);
+			b.CopyTo(block, block.Length - b.Length);
+
+			if (block[block.Length - 1] != trailer)
+			{
+				ClearBlock(block);
+				return false;
+			}
+
+			byte[] dbMask = MaskGeneratorFunction1(block, block.Length - hLen - 1, hLen, block.Length - hLen - 1);
+
+			for (int i = 0; i != dbMask.Length; i++)
+			{
+				block[i] ^= dbMask[i];
+			}
+
+			block[0] &= (byte) ((0xff >> ((block.Length * 8) - emBits)));
+
+			for (int i = 0; i != block.Length - hLen - sLen - 2; i++)
+			{
+				if (block[i] != 0)
+				{
+					ClearBlock(block);
+					return false;
+				}
+			}
+
+			if (block[block.Length - hLen - sLen - 2] != 0x01)
+			{
+				ClearBlock(block);
+				return false;
+			}
+
+            if (sSet)
+            {
+                Array.Copy(salt, 0, mDash, mDash.Length - sLen, sLen);
+            }
+            else
+            {
+                Array.Copy(block, block.Length - sLen - hLen - 1, mDash, mDash.Length - sLen, sLen);
+            }
+
+			contentDigest2.BlockUpdate(mDash, 0, mDash.Length);
+			contentDigest2.DoFinal(mDash, mDash.Length - hLen);
+
+			for (int i = block.Length - hLen - 1, j = mDash.Length - hLen; j != mDash.Length; i++, j++)
+			{
+				if ((block[i] ^ mDash[j]) != 0)
+				{
+					ClearBlock(mDash);
+					ClearBlock(block);
+					return false;
+				}
+			}
+
+			ClearBlock(mDash);
+			ClearBlock(block);
+
+			return true;
+		}
+
+		/// <summary> int to octet string.</summary>
+		private void ItoOSP(
+			int		i,
+			byte[]	sp)
+		{
+			sp[0] = (byte)((uint) i >> 24);
+			sp[1] = (byte)((uint) i >> 16);
+			sp[2] = (byte)((uint) i >> 8);
+			sp[3] = (byte)((uint) i >> 0);
+		}
+
+		/// <summary> mask generator function, as described in Pkcs1v2.</summary>
+		private byte[] MaskGeneratorFunction1(
+			byte[]	Z,
+			int		zOff,
+			int		zLen,
+			int		length)
+		{
+			byte[] mask = new byte[length];
+			byte[] hashBuf = new byte[mgfhLen];
+			byte[] C = new byte[4];
+			int counter = 0;
+
+			mgfDigest.Reset();
+
+			while (counter < (length / mgfhLen))
+			{
+				ItoOSP(counter, C);
+
+				mgfDigest.BlockUpdate(Z, zOff, zLen);
+				mgfDigest.BlockUpdate(C, 0, C.Length);
+				mgfDigest.DoFinal(hashBuf, 0);
+
+				hashBuf.CopyTo(mask, counter * mgfhLen);
+				++counter;
+			}
+
+			if ((counter * mgfhLen) < length)
+			{
+				ItoOSP(counter, C);
+
+				mgfDigest.BlockUpdate(Z, zOff, zLen);
+				mgfDigest.BlockUpdate(C, 0, C.Length);
+				mgfDigest.DoFinal(hashBuf, 0);
+
+				Array.Copy(hashBuf, 0, mask, counter * mgfhLen, mask.Length - (counter * mgfhLen));
+			}
+
+			return mask;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/RandomDsaKCalculator.cs b/bc-sharp-crypto/src/crypto/signers/RandomDsaKCalculator.cs
new file mode 100644
index 0000000..022cc26
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/RandomDsaKCalculator.cs
@@ -0,0 +1,44 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    public class RandomDsaKCalculator
+        :   IDsaKCalculator
+    {
+        private BigInteger q;
+        private SecureRandom random;
+
+        public virtual bool IsDeterministic
+        {
+            get { return false; }
+        }
+
+        public virtual void Init(BigInteger n, SecureRandom random)
+        {
+            this.q = n;
+            this.random = random;
+        }
+
+        public virtual void Init(BigInteger n, BigInteger d, byte[] message)
+        {
+            throw new InvalidOperationException("Operation not supported");
+        }
+
+        public virtual BigInteger NextK()
+        {
+            int qBitLength = q.BitLength;
+
+            BigInteger k;
+            do
+            {
+                k = new BigInteger(qBitLength, random);
+            }
+            while (k.SignValue < 1 || k.CompareTo(q) >= 0);
+
+            return k;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/RsaDigestSigner.cs b/bc-sharp-crypto/src/crypto/signers/RsaDigestSigner.cs
new file mode 100644
index 0000000..d9b19cf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/RsaDigestSigner.cs
@@ -0,0 +1,217 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    public class RsaDigestSigner
+        : ISigner
+    {
+        private readonly IAsymmetricBlockCipher rsaEngine = new Pkcs1Encoding(new RsaBlindedEngine());
+        private readonly AlgorithmIdentifier algId;
+        private readonly IDigest digest;
+        private bool forSigning;
+
+        private static readonly IDictionary oidMap = Platform.CreateHashtable();
+
+        /// <summary>
+        /// Load oid table.
+        /// </summary>
+        static RsaDigestSigner()
+        {
+            oidMap["RIPEMD128"] = TeleTrusTObjectIdentifiers.RipeMD128;
+            oidMap["RIPEMD160"] = TeleTrusTObjectIdentifiers.RipeMD160;
+            oidMap["RIPEMD256"] = TeleTrusTObjectIdentifiers.RipeMD256;
+
+            oidMap["SHA-1"] = X509ObjectIdentifiers.IdSha1;
+            oidMap["SHA-224"] = NistObjectIdentifiers.IdSha224;
+            oidMap["SHA-256"] = NistObjectIdentifiers.IdSha256;
+            oidMap["SHA-384"] = NistObjectIdentifiers.IdSha384;
+            oidMap["SHA-512"] = NistObjectIdentifiers.IdSha512;
+
+            oidMap["MD2"] = PkcsObjectIdentifiers.MD2;
+            oidMap["MD4"] = PkcsObjectIdentifiers.MD4;
+            oidMap["MD5"] = PkcsObjectIdentifiers.MD5;
+        }
+
+        public RsaDigestSigner(IDigest digest)
+            :   this(digest, (DerObjectIdentifier)oidMap[digest.AlgorithmName])
+        {
+        }
+
+        public RsaDigestSigner(IDigest digest, DerObjectIdentifier digestOid)
+            :   this(digest, new AlgorithmIdentifier(digestOid, DerNull.Instance))
+        {
+        }
+
+        public RsaDigestSigner(IDigest digest, AlgorithmIdentifier algId)
+        {
+            this.digest = digest;
+            this.algId = algId;
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "withRSA"; }
+        }
+
+        /**
+         * Initialise the signer for signing or verification.
+         *
+         * @param forSigning true if for signing, false otherwise
+         * @param param necessary parameters.
+         */
+        public virtual void Init(
+            bool				forSigning,
+            ICipherParameters	parameters)
+        {
+            this.forSigning = forSigning;
+            AsymmetricKeyParameter k;
+
+            if (parameters is ParametersWithRandom)
+            {
+                k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters;
+            }
+            else
+            {
+                k = (AsymmetricKeyParameter)parameters;
+            }
+
+            if (forSigning && !k.IsPrivate)
+                throw new InvalidKeyException("Signing requires private key.");
+
+            if (!forSigning && k.IsPrivate)
+                throw new InvalidKeyException("Verification requires public key.");
+
+            Reset();
+
+            rsaEngine.Init(forSigning, parameters);
+        }
+
+        /**
+         * update the internal digest with the byte b
+         */
+        public virtual void Update(
+            byte input)
+        {
+            digest.Update(input);
+        }
+
+        /**
+         * update the internal digest with the byte array in
+         */
+        public virtual void BlockUpdate(
+            byte[]	input,
+            int		inOff,
+            int		length)
+        {
+            digest.BlockUpdate(input, inOff, length);
+        }
+
+        /**
+         * Generate a signature for the message we've been loaded with using
+         * the key we were initialised with.
+         */
+        public virtual byte[] GenerateSignature()
+        {
+            if (!forSigning)
+                throw new InvalidOperationException("RsaDigestSigner not initialised for signature generation.");
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            byte[] data = DerEncode(hash);
+            return rsaEngine.ProcessBlock(data, 0, data.Length);
+        }
+
+        /**
+         * return true if the internal state represents the signature described
+         * in the passed in array.
+         */
+        public virtual bool VerifySignature(
+            byte[] signature)
+        {
+            if (forSigning)
+                throw new InvalidOperationException("RsaDigestSigner not initialised for verification");
+
+            byte[] hash = new byte[digest.GetDigestSize()];
+            digest.DoFinal(hash, 0);
+
+            byte[] sig;
+            byte[] expected;
+
+            try
+            {
+                sig = rsaEngine.ProcessBlock(signature, 0, signature.Length);
+                expected = DerEncode(hash);
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+
+            if (sig.Length == expected.Length)
+            {
+                return Arrays.ConstantTimeAreEqual(sig, expected);
+            }
+            else if (sig.Length == expected.Length - 2)  // NULL left out
+            {
+                int sigOffset = sig.Length - hash.Length - 2;
+                int expectedOffset = expected.Length - hash.Length - 2;
+
+                expected[1] -= 2;      // adjust lengths
+                expected[3] -= 2;
+
+                int nonEqual = 0;
+
+                for (int i = 0; i < hash.Length; i++)
+                {
+                    nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]);
+                }
+
+                for (int i = 0; i < sigOffset; i++)
+                {
+                    nonEqual |= (sig[i] ^ expected[i]);  // check header less NULL
+                }
+
+                return nonEqual == 0;
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+        public virtual void Reset()
+        {
+            digest.Reset();
+        }
+
+        private byte[] DerEncode(byte[] hash)
+        {
+            if (algId == null)
+            {
+                // For raw RSA, the DigestInfo must be prepared externally
+                return hash;
+            }
+
+            DigestInfo dInfo = new DigestInfo(algId, hash);
+
+            return dInfo.GetDerEncoded();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/signers/X931Signer.cs b/bc-sharp-crypto/src/crypto/signers/X931Signer.cs
new file mode 100644
index 0000000..c6e44ba
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/signers/X931Signer.cs
@@ -0,0 +1,225 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Signers
+{
+    /**
+     * X9.31-1998 - signing using a hash.
+     * <p>
+     * The message digest hash, H, is encapsulated to form a byte string as follows
+     * </p>
+     * <pre>
+     * EB = 06 || PS || 0xBA || H || TRAILER
+     * </pre>
+     * where PS is a string of bytes all of value 0xBB of length such that |EB|=|n|, and TRAILER is the ISO/IEC 10118 part number† for the digest. The byte string, EB, is converted to an integer value, the message representative, f.
+     */
+    public class X931Signer
+        :   ISigner
+    {
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_IMPLICIT = 0xBC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_RIPEMD160 = 0x31CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_RIPEMD128 = 0x32CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_SHA1 = 0x33CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_SHA256 = 0x34CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_SHA512 = 0x35CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_SHA384 = 0x36CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_WHIRLPOOL = 0x37CC;
+        [Obsolete("Use 'IsoTrailers' instead")]
+        public const int TRAILER_SHA224 = 0x38CC;
+
+        private IDigest                     digest;
+        private IAsymmetricBlockCipher      cipher;
+        private RsaKeyParameters            kParam;
+
+        private int         trailer;
+        private int         keyBits;
+        private byte[]      block;
+
+        /**
+         * Generate a signer with either implicit or explicit trailers for X9.31.
+         *
+         * @param cipher base cipher to use for signature creation/verification
+         * @param digest digest to use.
+         * @param implicit whether or not the trailer is implicit or gives the hash.
+         */
+        public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest, bool isImplicit)
+        {
+            this.cipher = cipher;
+            this.digest = digest;
+
+            if (isImplicit)
+            {
+                trailer = IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else if (IsoTrailers.NoTrailerAvailable(digest))
+            {
+                throw new ArgumentException("no valid trailer", "digest");
+            }
+            else
+            {
+                trailer = IsoTrailers.GetTrailer(digest);
+            }
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "with" + cipher.AlgorithmName + "/X9.31"; }
+        }
+
+        /**
+         * Constructor for a signer with an explicit digest trailer.
+         *
+         * @param cipher cipher to use.
+         * @param digest digest to sign with.
+         */
+        public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest)
+            :   this(cipher, digest, false)
+        {
+        }
+
+        public virtual void Init(bool forSigning, ICipherParameters parameters)
+        {
+            kParam = (RsaKeyParameters)parameters;
+
+            cipher.Init(forSigning, kParam);
+
+            keyBits = kParam.Modulus.BitLength;
+
+            block = new byte[(keyBits + 7) / 8];
+
+            Reset();
+        }
+
+        /// <summary> clear possible sensitive data</summary>
+        private void ClearBlock(byte[] block)
+        {
+            Array.Clear(block, 0, block.Length);
+        }
+
+        /**
+         * update the internal digest with the byte b
+         */
+        public virtual void Update(byte b)
+        {
+            digest.Update(b);
+        }
+
+        /**
+         * update the internal digest with the byte array in
+         */
+        public virtual void BlockUpdate(byte[] input, int off, int len)
+        {
+            digest.BlockUpdate(input, off, len);
+        }
+
+        /**
+         * reset the internal state
+         */
+        public virtual void Reset()
+        {
+            digest.Reset();
+        }
+
+        /**
+         * generate a signature for the loaded message using the key we were
+         * initialised with.
+         */
+        public virtual byte[] GenerateSignature()
+        {
+            CreateSignatureBlock();
+
+            BigInteger t = new BigInteger(1, cipher.ProcessBlock(block, 0, block.Length));
+            ClearBlock(block);
+
+            t = t.Min(kParam.Modulus.Subtract(t));
+
+            return BigIntegers.AsUnsignedByteArray((kParam.Modulus.BitLength + 7) / 8, t);
+        }
+
+        private void CreateSignatureBlock()
+        {
+            int digSize = digest.GetDigestSize();
+
+            int delta;
+            if (trailer == IsoTrailers.TRAILER_IMPLICIT)
+            {
+                delta = block.Length - digSize - 1;
+                digest.DoFinal(block, delta);
+                block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT;
+            }
+            else
+            {
+                delta = block.Length - digSize - 2;
+                digest.DoFinal(block, delta);
+                block[block.Length - 2] = (byte)(trailer >> 8);
+                block[block.Length - 1] = (byte)trailer;
+            }
+
+            block[0] = 0x6b;
+            for (int i = delta - 2; i != 0; i--)
+            {
+                block[i] = (byte)0xbb;
+            }
+            block[delta - 1] = (byte)0xba;
+        }
+
+        /**
+         * return true if the signature represents a ISO9796-2 signature
+         * for the passed in message.
+         */
+        public virtual bool VerifySignature(byte[] signature)
+        {
+            try
+            {
+                block = cipher.ProcessBlock(signature, 0, signature.Length);
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+
+            BigInteger t = new BigInteger(1, block);
+            BigInteger f;
+
+            if ((t.IntValue & 15) == 12)
+            {
+                 f = t;
+            }
+            else
+            {
+                t = kParam.Modulus.Subtract(t);
+                if ((t.IntValue & 15) == 12)
+                {
+                     f = t;
+                }
+                else
+                {
+                    return false;
+                }
+            }
+
+            CreateSignatureBlock();
+
+            byte[] fBlock = BigIntegers.AsUnsignedByteArray(block.Length, f);
+
+            bool rv = Arrays.ConstantTimeAreEqual(block, fBlock);
+
+            ClearBlock(block);
+            ClearBlock(fBlock);
+
+            return rv;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs
new file mode 100644
index 0000000..2d7af80
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs
@@ -0,0 +1,12 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsAgreementCredentials
+        :   AbstractTlsCredentials, TlsAgreementCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        public abstract byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsCipherFactory.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsCipherFactory.cs
new file mode 100644
index 0000000..141ee65
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsCipherFactory.cs
@@ -0,0 +1,15 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class AbstractTlsCipherFactory
+        :   TlsCipherFactory
+    {
+        /// <exception cref="IOException"></exception>
+        public virtual TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsClient.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsClient.cs
new file mode 100644
index 0000000..be4702e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsClient.cs
@@ -0,0 +1,256 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsClient
+        :   AbstractTlsPeer, TlsClient
+    {
+        protected TlsCipherFactory mCipherFactory;
+
+        protected TlsClientContext mContext;
+
+        protected IList mSupportedSignatureAlgorithms;
+        protected int[] mNamedCurves;
+        protected byte[] mClientECPointFormats, mServerECPointFormats;
+
+        protected int mSelectedCipherSuite;
+        protected short mSelectedCompressionMethod;
+
+        public AbstractTlsClient()
+            :   this(new DefaultTlsCipherFactory())
+        {
+        }
+
+        public AbstractTlsClient(TlsCipherFactory cipherFactory)
+        {
+            this.mCipherFactory = cipherFactory;
+        }
+
+        protected virtual bool AllowUnexpectedServerExtension(int extensionType, byte[] extensionData)
+        {
+            switch (extensionType)
+            {
+            case ExtensionType.elliptic_curves:
+                /*
+                 * Exception added based on field reports that some servers do send this, although the
+                 * Supported Elliptic Curves Extension is clearly intended to be client-only. If
+                 * present, we still require that it is a valid EllipticCurveList.
+                 */
+                TlsEccUtilities.ReadSupportedEllipticCurvesExtension(extensionData);
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected virtual void CheckForUnexpectedServerExtension(IDictionary serverExtensions, int extensionType)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(serverExtensions, extensionType);
+            if (extensionData != null && !AllowUnexpectedServerExtension(extensionType, extensionData))
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+        }
+
+        public virtual void Init(TlsClientContext context)
+        {
+            this.mContext = context;
+        }
+
+        public virtual TlsSession GetSessionToResume()
+        {
+            return null;
+        }
+
+        public virtual ProtocolVersion ClientHelloRecordLayerVersion
+        {
+            get
+            {
+                // "{03,00}"
+                //return ProtocolVersion.SSLv3;
+
+                // "the lowest version number supported by the client"
+                //return MinimumVersion;
+
+                // "the value of ClientHello.client_version"
+                return ClientVersion;
+            }
+        }
+
+        public virtual ProtocolVersion ClientVersion
+        {
+            get { return ProtocolVersion.TLSv12; }
+        }
+
+        public virtual bool IsFallback
+        {
+            /*
+             * RFC 7507 4. The TLS_FALLBACK_SCSV cipher suite value is meant for use by clients that
+             * repeat a connection attempt with a downgraded protocol (perform a "fallback retry") in
+             * order to work around interoperability problems with legacy servers.
+             */
+            get { return false; }
+        }
+
+        public virtual IDictionary GetClientExtensions()
+        {
+            IDictionary clientExtensions = null;
+
+            ProtocolVersion clientVersion = mContext.ClientVersion;
+
+            /*
+             * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2.
+             * Clients MUST NOT offer it if they are offering prior versions.
+             */
+            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
+            {
+                // TODO Provide a way for the user to specify the acceptable hash/signature algorithms.
+
+                this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultSupportedSignatureAlgorithms();
+
+                clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions);
+
+                TlsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, mSupportedSignatureAlgorithms);
+            }
+
+            if (TlsEccUtilities.ContainsEccCipherSuites(GetCipherSuites()))
+            {
+                /*
+                 * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message
+                 * appends these extensions (along with any others), enumerating the curves it supports
+                 * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic
+                 * Curves Extension and the Supported Point Formats Extension.
+                 */
+                /*
+                 * TODO Could just add all the curves since we support them all, but users may not want
+                 * to use unnecessarily large fields. Need configuration options.
+                 */
+                this.mNamedCurves = new int[]{ NamedCurve.secp256r1, NamedCurve.secp384r1 };
+                this.mClientECPointFormats = new byte[]{ ECPointFormat.uncompressed,
+                    ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
+
+                clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions);
+
+                TlsEccUtilities.AddSupportedEllipticCurvesExtension(clientExtensions, mNamedCurves);
+                TlsEccUtilities.AddSupportedPointFormatsExtension(clientExtensions, mClientECPointFormats);
+            }
+
+            return clientExtensions;
+        }
+
+        public virtual ProtocolVersion MinimumVersion
+        {
+            get { return ProtocolVersion.TLSv10; }
+        }
+
+        public virtual void NotifyServerVersion(ProtocolVersion serverVersion)
+        {
+            if (!MinimumVersion.IsEqualOrEarlierVersionOf(serverVersion))
+                throw new TlsFatalAlert(AlertDescription.protocol_version);
+        }
+
+        public abstract int[] GetCipherSuites();
+
+        public virtual byte[] GetCompressionMethods()
+        {
+            return new byte[]{ CompressionMethod.cls_null };
+        }
+
+        public virtual void NotifySessionID(byte[] sessionID)
+        {
+            // Currently ignored
+        }
+
+        public virtual void NotifySelectedCipherSuite(int selectedCipherSuite)
+        {
+            this.mSelectedCipherSuite = selectedCipherSuite;
+        }
+
+        public virtual void NotifySelectedCompressionMethod(byte selectedCompressionMethod)
+        {
+            this.mSelectedCompressionMethod = selectedCompressionMethod;
+        }
+
+        public virtual void ProcessServerExtensions(IDictionary serverExtensions)
+        {
+            /*
+             * TlsProtocol implementation validates that any server extensions received correspond to
+             * client extensions sent. By default, we don't send any, and this method is not called.
+             */
+            if (serverExtensions != null)
+            {
+                /*
+                 * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension.
+                 */
+                CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms);
+
+                CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.elliptic_curves);
+
+                if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite))
+                {
+                    this.mServerECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(serverExtensions);
+                }
+                else
+                {
+                    CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats);
+                }
+
+                /*
+                 * RFC 7685 3. The server MUST NOT echo the extension.
+                 */
+                CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.padding);
+            }
+        }
+
+        public virtual void ProcessServerSupplementalData(IList serverSupplementalData)
+        {
+            if (serverSupplementalData != null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public abstract TlsKeyExchange GetKeyExchange();
+
+        public abstract TlsAuthentication GetAuthentication();
+
+        public virtual IList GetClientSupplementalData()
+        {
+            return null;
+        }
+
+        public override TlsCompression GetCompression()
+        {
+            switch (mSelectedCompressionMethod)
+            {
+            case CompressionMethod.cls_null:
+                return new TlsNullCompression();
+
+            case CompressionMethod.DEFLATE:
+                return new TlsDeflateCompression();
+
+            default:
+                /*
+                 * Note: internal error here; the TlsProtocol implementation verifies that the
+                 * server-selected compression method was in the list of client-offered compression
+                 * methods, so if we now can't produce an implementation, we shouldn't have offered it!
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsCipher GetCipher()
+        {
+            int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite);
+            int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite);
+
+            return mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm);
+        }
+
+        public virtual void NotifyNewSessionTicket(NewSessionTicket newSessionTicket)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsContext.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsContext.cs
new file mode 100644
index 0000000..ae7efc6
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsContext.cs
@@ -0,0 +1,152 @@
+using System;
+using System.Threading;
+
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal abstract class AbstractTlsContext
+        : TlsContext
+    {
+        private static long counter = Times.NanoTime();
+
+#if NETCF_1_0
+        private static object counterLock = new object();
+        private static long NextCounterValue()
+        {
+            lock (counterLock)
+            {
+                return ++counter;
+            }
+        }
+#else
+        private static long NextCounterValue()
+        {
+            return Interlocked.Increment(ref counter);
+        }
+#endif
+
+        private readonly IRandomGenerator mNonceRandom;
+        private readonly SecureRandom mSecureRandom;
+        private readonly SecurityParameters mSecurityParameters;
+
+        private ProtocolVersion mClientVersion = null;
+        private ProtocolVersion mServerVersion = null;
+        private TlsSession mSession = null;
+        private object mUserObject = null;
+
+        internal AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
+        {
+            IDigest d = TlsUtilities.CreateHash(HashAlgorithm.sha256);
+            byte[] seed = new byte[d.GetDigestSize()];
+            secureRandom.NextBytes(seed);
+
+            this.mNonceRandom = new DigestRandomGenerator(d);
+            mNonceRandom.AddSeedMaterial(NextCounterValue());
+            mNonceRandom.AddSeedMaterial(Times.NanoTime());
+            mNonceRandom.AddSeedMaterial(seed);
+
+            this.mSecureRandom = secureRandom;
+            this.mSecurityParameters = securityParameters;
+        }
+
+        public virtual IRandomGenerator NonceRandomGenerator
+        {
+            get { return mNonceRandom; }
+        }
+
+        public virtual SecureRandom SecureRandom
+        {
+            get { return mSecureRandom; }
+        }
+
+        public virtual SecurityParameters SecurityParameters
+        {
+            get { return mSecurityParameters; }
+        }
+
+        public abstract bool IsServer { get; }
+
+        public virtual ProtocolVersion ClientVersion
+        {
+            get { return mClientVersion; }
+        }
+
+        internal virtual void SetClientVersion(ProtocolVersion clientVersion)
+        {
+            this.mClientVersion = clientVersion;
+        }
+
+        public virtual ProtocolVersion ServerVersion
+        {
+            get { return mServerVersion; }
+        }
+
+        internal virtual void SetServerVersion(ProtocolVersion serverVersion)
+        {
+            this.mServerVersion = serverVersion;
+        }
+
+        public virtual TlsSession ResumableSession
+        {
+            get { return mSession; }
+        }
+
+        internal virtual void SetResumableSession(TlsSession session)
+        {
+            this.mSession = session;
+        }
+
+        public virtual object UserObject
+        {
+            get { return mUserObject; }
+            set { this.mUserObject = value; }
+        }
+
+        public virtual byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length)
+        {
+            /*
+             * TODO[session-hash]
+             * 
+             * draft-ietf-tls-session-hash-04 5.4. If a client or server chooses to continue with a full
+             * handshake without the extended master secret extension, [..] the client or server MUST
+             * NOT export any key material based on the new master secret for any subsequent
+             * application-level authentication. In particular, it MUST disable [RFC5705] [..].
+             */
+
+            if (context_value != null && !TlsUtilities.IsValidUint16(context_value.Length))
+                throw new ArgumentException("must have length less than 2^16 (or be null)", "context_value");
+
+            SecurityParameters sp = SecurityParameters;
+            byte[] cr = sp.ClientRandom, sr = sp.ServerRandom;
+
+            int seedLength = cr.Length + sr.Length;
+            if (context_value != null)
+            {
+                seedLength += (2 + context_value.Length);
+            }
+
+            byte[] seed = new byte[seedLength];
+            int seedPos = 0;
+
+            Array.Copy(cr, 0, seed, seedPos, cr.Length);
+            seedPos += cr.Length;
+            Array.Copy(sr, 0, seed, seedPos, sr.Length);
+            seedPos += sr.Length;
+            if (context_value != null)
+            {
+                TlsUtilities.WriteUint16(context_value.Length, seed, seedPos);
+                seedPos += 2;
+                Array.Copy(context_value, 0, seed, seedPos, context_value.Length);
+                seedPos += context_value.Length;
+            }
+
+            if (seedPos != seedLength)
+                throw new InvalidOperationException("error in calculation of seed for export");
+
+            return TlsUtilities.PRF(this, sp.MasterSecret, asciiLabel, seed, length);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsCredentials.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsCredentials.cs
new file mode 100644
index 0000000..6411b81
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsCredentials.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsCredentials
+        :   TlsCredentials
+    {
+        public abstract Certificate Certificate { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs
new file mode 100644
index 0000000..05b129c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs
@@ -0,0 +1,12 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsEncryptionCredentials
+        : AbstractTlsCredentials, TlsEncryptionCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        public abstract byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsKeyExchange.cs
new file mode 100644
index 0000000..294b249
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsKeyExchange.cs
@@ -0,0 +1,177 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsKeyExchange
+        :   TlsKeyExchange
+    {
+        protected readonly int mKeyExchange;
+        protected IList mSupportedSignatureAlgorithms;
+
+        protected TlsContext mContext;
+
+        protected AbstractTlsKeyExchange(int keyExchange, IList supportedSignatureAlgorithms)
+        {
+            this.mKeyExchange = keyExchange;
+            this.mSupportedSignatureAlgorithms = supportedSignatureAlgorithms;
+        }
+
+        protected virtual DigitallySigned ParseSignature(Stream input)
+        {
+            DigitallySigned signature = DigitallySigned.Parse(mContext, input);
+            SignatureAndHashAlgorithm signatureAlgorithm = signature.Algorithm;
+            if (signatureAlgorithm != null)
+            {
+                TlsUtilities.VerifySupportedSignatureAlgorithm(mSupportedSignatureAlgorithms, signatureAlgorithm);
+            }
+            return signature;
+        }
+
+        public virtual void Init(TlsContext context)
+        {
+            this.mContext = context;
+
+            ProtocolVersion clientVersion = context.ClientVersion;
+
+            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
+            {
+                /*
+                 * RFC 5246 7.4.1.4.1. If the client does not send the signature_algorithms extension,
+                 * the server MUST do the following:
+                 * 
+                 * - If the negotiated key exchange algorithm is one of (RSA, DHE_RSA, DH_RSA, RSA_PSK,
+                 * ECDH_RSA, ECDHE_RSA), behave as if client had sent the value {sha1,rsa}.
+                 * 
+                 * - If the negotiated key exchange algorithm is one of (DHE_DSS, DH_DSS), behave as if
+                 * the client had sent the value {sha1,dsa}.
+                 * 
+                 * - If the negotiated key exchange algorithm is one of (ECDH_ECDSA, ECDHE_ECDSA),
+                 * behave as if the client had sent value {sha1,ecdsa}.
+                 */
+                if (this.mSupportedSignatureAlgorithms == null)
+                {
+                    switch (mKeyExchange)
+                    {
+                    case KeyExchangeAlgorithm.DH_DSS:
+                    case KeyExchangeAlgorithm.DHE_DSS:
+                    case KeyExchangeAlgorithm.SRP_DSS:
+                    {
+                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultDssSignatureAlgorithms();
+                        break;
+                    }
+
+                    case KeyExchangeAlgorithm.ECDH_ECDSA:
+                    case KeyExchangeAlgorithm.ECDHE_ECDSA:
+                    {
+                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultECDsaSignatureAlgorithms();
+                        break;
+                    }
+
+                    case KeyExchangeAlgorithm.DH_RSA:
+                    case KeyExchangeAlgorithm.DHE_RSA:
+                    case KeyExchangeAlgorithm.ECDH_RSA:
+                    case KeyExchangeAlgorithm.ECDHE_RSA:
+                    case KeyExchangeAlgorithm.RSA:
+                    case KeyExchangeAlgorithm.RSA_PSK:
+                    case KeyExchangeAlgorithm.SRP_RSA:
+                    {
+                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultRsaSignatureAlgorithms();
+                        break;
+                    }
+
+                    case KeyExchangeAlgorithm.DHE_PSK:
+                    case KeyExchangeAlgorithm.ECDHE_PSK:
+                    case KeyExchangeAlgorithm.PSK:
+                    case KeyExchangeAlgorithm.SRP:
+                        break;
+
+                    default:
+                        throw new InvalidOperationException("unsupported key exchange algorithm");
+                    }
+                }
+
+            }
+            else if (this.mSupportedSignatureAlgorithms != null)
+            {
+                throw new InvalidOperationException("supported_signature_algorithms not allowed for " + clientVersion);
+            }
+        }
+
+        public abstract void SkipServerCredentials();
+
+        public virtual void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (mSupportedSignatureAlgorithms == null)
+            {
+                /*
+                 * TODO RFC 2246 7.4.2. Unless otherwise specified, the signing algorithm for the
+                 * certificate must be the same as the algorithm for the certificate key.
+                 */
+            }
+            else
+            {
+                /*
+                 * TODO RFC 5246 7.4.2. If the client provided a "signature_algorithms" extension, then
+                 * all certificates provided by the server MUST be signed by a hash/signature algorithm
+                 * pair that appears in that extension.
+                 */
+            }
+        }
+
+        public virtual void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            ProcessServerCertificate(serverCredentials.Certificate);
+        }
+
+        public virtual bool RequiresServerKeyExchange
+        {
+            get { return false; }
+        }
+
+        public virtual byte[] GenerateServerKeyExchange()
+        {
+            if (RequiresServerKeyExchange)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return null;
+        }
+
+        public virtual void SkipServerKeyExchange()
+        {
+            if (RequiresServerKeyExchange)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public virtual void ProcessServerKeyExchange(Stream input)
+        {
+            if (!RequiresServerKeyExchange)
+            {
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+        }
+
+        public abstract void ValidateCertificateRequest(CertificateRequest certificateRequest);
+
+        public virtual void SkipClientCredentials()
+        {
+        }
+
+        public abstract void ProcessClientCredentials(TlsCredentials clientCredentials);
+
+        public virtual void ProcessClientCertificate(Certificate clientCertificate)
+        {
+        }
+
+        public abstract void GenerateClientKeyExchange(Stream output);
+
+        public virtual void ProcessClientKeyExchange(Stream input)
+        {
+            // Key exchange implementation MUST support client key exchange
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public abstract byte[] GeneratePremasterSecret();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsPeer.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsPeer.cs
new file mode 100644
index 0000000..81a5338
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsPeer.cs
@@ -0,0 +1,48 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsPeer
+        :   TlsPeer
+    {
+        public virtual bool ShouldUseGmtUnixTime()
+        {
+            /*
+             * draft-mathewson-no-gmtunixtime-00 2. For the reasons we discuss above, we recommend that
+             * TLS implementors MUST by default set the entire value the ClientHello.Random and
+             * ServerHello.Random fields, including gmt_unix_time, to a cryptographically random
+             * sequence.
+             */
+            return false;
+        }
+
+        public virtual void NotifySecureRenegotiation(bool secureRenegotiation)
+        {
+            if (!secureRenegotiation)
+            {
+                /*
+                 * RFC 5746 3.4/3.6. In this case, some clients/servers may want to terminate the handshake instead
+                 * of continuing; see Section 4.1/4.3 for discussion.
+                 */
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+            }
+        }
+
+        public abstract TlsCompression GetCompression();
+
+        public abstract TlsCipher GetCipher();
+
+        public virtual void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause)
+        {
+        }
+
+        public virtual void NotifyAlertReceived(byte alertLevel, byte alertDescription)
+        {
+        }
+
+        public virtual void NotifyHandshakeComplete()
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsServer.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsServer.cs
new file mode 100644
index 0000000..52a79c9
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsServer.cs
@@ -0,0 +1,351 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsServer
+        :   AbstractTlsPeer, TlsServer
+    {
+        protected TlsCipherFactory mCipherFactory;
+
+        protected TlsServerContext mContext;
+
+        protected ProtocolVersion mClientVersion;
+        protected int[] mOfferedCipherSuites;
+        protected byte[] mOfferedCompressionMethods;
+        protected IDictionary mClientExtensions;
+
+        protected bool mEncryptThenMacOffered;
+        protected short mMaxFragmentLengthOffered;
+        protected bool mTruncatedHMacOffered;
+        protected IList mSupportedSignatureAlgorithms;
+        protected bool mEccCipherSuitesOffered;
+        protected int[] mNamedCurves;
+        protected byte[] mClientECPointFormats, mServerECPointFormats;
+
+        protected ProtocolVersion mServerVersion;
+        protected int mSelectedCipherSuite;
+        protected byte mSelectedCompressionMethod;
+        protected IDictionary mServerExtensions;
+
+        public AbstractTlsServer()
+            :   this(new DefaultTlsCipherFactory())
+        {
+        }
+
+        public AbstractTlsServer(TlsCipherFactory cipherFactory)
+        {
+            this.mCipherFactory = cipherFactory;
+        }
+
+        protected virtual bool AllowEncryptThenMac
+        {
+            get { return true; }
+        }
+
+        protected virtual bool AllowTruncatedHMac
+        {
+            get { return false; }
+        }
+
+        protected virtual IDictionary CheckServerExtensions()
+        {
+            return this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions);
+        }
+
+        protected abstract int[] GetCipherSuites();
+
+        protected byte[] GetCompressionMethods()
+        {
+            return new byte[] { CompressionMethod.cls_null };
+        }
+
+        protected virtual ProtocolVersion MaximumVersion
+        {
+            get { return ProtocolVersion.TLSv11; }
+        }
+
+        protected virtual ProtocolVersion MinimumVersion
+        {
+            get { return ProtocolVersion.TLSv10; }
+        }
+
+        protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
+        {
+            // NOTE: BC supports all the current set of point formats so we don't check them here
+
+            if (namedCurves == null)
+            {
+                /*
+                 * RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these
+                 * extensions. In this case, the server is free to choose any one of the elliptic curves
+                 * or point formats [...].
+                 */
+                return TlsEccUtilities.HasAnySupportedNamedCurves();
+            }
+
+            for (int i = 0; i < namedCurves.Length; ++i)
+            {
+                int namedCurve = namedCurves[i];
+                if (NamedCurve.IsValid(namedCurve)
+                    && (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
+                {
+                    return true;
+                }
+            }
+
+            return false;
+        }
+
+        public virtual void Init(TlsServerContext context)
+        {
+            this.mContext = context;
+        }
+
+        public virtual void NotifyClientVersion(ProtocolVersion clientVersion)
+        {
+            this.mClientVersion = clientVersion;
+        }
+
+        public virtual void NotifyFallback(bool isFallback)
+        {
+            /*
+             * RFC 7507 3. If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest
+             * protocol version supported by the server is higher than the version indicated in
+             * ClientHello.client_version, the server MUST respond with a fatal inappropriate_fallback
+             * alert [..].
+             */
+            if (isFallback && MaximumVersion.IsLaterVersionOf(mClientVersion))
+                throw new TlsFatalAlert(AlertDescription.inappropriate_fallback);
+        }
+
+        public virtual void NotifyOfferedCipherSuites(int[] offeredCipherSuites)
+        {
+            this.mOfferedCipherSuites = offeredCipherSuites;
+            this.mEccCipherSuitesOffered = TlsEccUtilities.ContainsEccCipherSuites(this.mOfferedCipherSuites);
+        }
+
+        public virtual void NotifyOfferedCompressionMethods(byte[] offeredCompressionMethods)
+        {
+            this.mOfferedCompressionMethods = offeredCompressionMethods;
+        }
+
+        public virtual void ProcessClientExtensions(IDictionary clientExtensions)
+        {
+            this.mClientExtensions = clientExtensions;
+
+            if (clientExtensions != null)
+            {
+                this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
+
+                this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
+                if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
+
+                this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
+                if (this.mSupportedSignatureAlgorithms != null)
+                {
+                    /*
+                     * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
+                     * to 1.2. Clients MUST NOT offer it if they are offering prior versions.
+                     */
+                    if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
+                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+
+                this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
+                this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
+            }
+
+            /*
+             * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
+             * does not propose any ECC cipher suites.
+             * 
+             * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize.
+             * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves'
+             * extension to explicitly allow FFDHE (i.e. non-ECC) groups.
+             */
+            //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null))
+            //    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+        }
+
+        public virtual ProtocolVersion GetServerVersion()
+        {
+            if (MinimumVersion.IsEqualOrEarlierVersionOf(mClientVersion))
+            {
+                ProtocolVersion maximumVersion = MaximumVersion;
+                if (mClientVersion.IsEqualOrEarlierVersionOf(maximumVersion))
+                {
+                    return mServerVersion = mClientVersion;
+                }
+                if (mClientVersion.IsLaterVersionOf(maximumVersion))
+                {
+                    return mServerVersion = maximumVersion;
+                }
+            }
+            throw new TlsFatalAlert(AlertDescription.protocol_version);
+        }
+
+        public virtual int GetSelectedCipherSuite()
+        {
+            /*
+             * RFC 5246 7.4.3. In order to negotiate correctly, the server MUST check any candidate
+             * cipher suites against the "signature_algorithms" extension before selecting them. This is
+             * somewhat inelegant but is a compromise designed to minimize changes to the original
+             * cipher suite design.
+             */
+            IList sigAlgs = TlsUtilities.GetUsableSignatureAlgorithms(this.mSupportedSignatureAlgorithms);
+
+            /*
+             * RFC 4429 5.1. A server that receives a ClientHello containing one or both of these
+             * extensions MUST use the client's enumerated capabilities to guide its selection of an
+             * appropriate cipher suite. One of the proposed ECC cipher suites must be negotiated only
+             * if the server can successfully complete the handshake while using the curves and point
+             * formats supported by the client [...].
+             */
+            bool eccCipherSuitesEnabled = SupportsClientEccCapabilities(this.mNamedCurves, this.mClientECPointFormats);
+
+            int[] cipherSuites = GetCipherSuites();
+            for (int i = 0; i < cipherSuites.Length; ++i)
+            {
+                int cipherSuite = cipherSuites[i];
+
+                if (Arrays.Contains(this.mOfferedCipherSuites, cipherSuite)
+                    && (eccCipherSuitesEnabled || !TlsEccUtilities.IsEccCipherSuite(cipherSuite))
+                    && TlsUtilities.IsValidCipherSuiteForVersion(cipherSuite, mServerVersion)
+                    && TlsUtilities.IsValidCipherSuiteForSignatureAlgorithms(cipherSuite, sigAlgs))
+                {
+                    return this.mSelectedCipherSuite = cipherSuite;
+                }
+            }
+            throw new TlsFatalAlert(AlertDescription.handshake_failure);
+        }
+
+        public virtual byte GetSelectedCompressionMethod()
+        {
+            byte[] compressionMethods = GetCompressionMethods();
+            for (int i = 0; i < compressionMethods.Length; ++i)
+            {
+                if (Arrays.Contains(mOfferedCompressionMethods, compressionMethods[i]))
+                {
+                    return this.mSelectedCompressionMethod = compressionMethods[i];
+                }
+            }
+            throw new TlsFatalAlert(AlertDescription.handshake_failure);
+        }
+
+        // IDictionary is (Int32 -> byte[])
+        public virtual IDictionary GetServerExtensions()
+        {
+            if (this.mEncryptThenMacOffered && AllowEncryptThenMac)
+            {
+                /*
+                 * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
+                 * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
+                 * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
+                 * client.
+                 */
+                if (TlsUtilities.IsBlockCipherSuite(this.mSelectedCipherSuite))
+                {
+                    TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions());
+                }
+            }
+
+            if (this.mMaxFragmentLengthOffered >= 0
+                && TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered)
+                && MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
+            {
+                TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered);
+            }
+
+            if (this.mTruncatedHMacOffered && AllowTruncatedHMac)
+            {
+                TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions());
+            }
+
+            if (this.mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite))
+            {
+                /*
+                 * RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello
+                 * message including a Supported Point Formats Extension appends this extension (along
+                 * with others) to its ServerHello message, enumerating the point formats it can parse.
+                 */
+                this.mServerECPointFormats = new byte[]{ ECPointFormat.uncompressed,
+                    ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
+
+                TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats);
+            }
+
+            return mServerExtensions;
+        }
+
+        public virtual IList GetServerSupplementalData()
+        {
+            return null;
+        }
+
+        public abstract TlsCredentials GetCredentials();
+
+        public virtual CertificateStatus GetCertificateStatus()
+        {
+            return null;
+        }
+
+        public abstract TlsKeyExchange GetKeyExchange();
+
+        public virtual CertificateRequest GetCertificateRequest()
+        {
+            return null;
+        }
+
+        public virtual void ProcessClientSupplementalData(IList clientSupplementalData)
+        {
+            if (clientSupplementalData != null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public virtual void NotifyClientCertificate(Certificate clientCertificate)
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public override TlsCompression GetCompression()
+        {
+            switch (mSelectedCompressionMethod)
+            {
+            case CompressionMethod.cls_null:
+                return new TlsNullCompression();
+
+            default:
+                /*
+                 * Note: internal error here; we selected the compression method, so if we now can't
+                 * produce an implementation, we shouldn't have chosen it!
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsCipher GetCipher()
+        {
+            int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite);
+            int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite);
+
+            return mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm);
+        }
+
+        public virtual NewSessionTicket GetNewSessionTicket()
+        {
+            /*
+             * RFC 5077 3.3. If the server determines that it does not want to include a ticket after it
+             * has included the SessionTicket extension in the ServerHello, then it sends a zero-length
+             * ticket in the NewSessionTicket handshake message.
+             */
+            return new NewSessionTicket(0L, TlsUtilities.EmptyBytes);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsSigner.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsSigner.cs
new file mode 100644
index 0000000..1f4aabf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsSigner.cs
@@ -0,0 +1,50 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsSigner
+        :   TlsSigner
+    {
+        protected TlsContext mContext;
+
+        public virtual void Init(TlsContext context)
+        {
+            this.mContext = context;
+        }
+
+        public virtual byte[] GenerateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1)
+        {
+            return GenerateRawSignature(null, privateKey, md5AndSha1);
+        }
+
+        public abstract byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm,
+            AsymmetricKeyParameter privateKey, byte[] hash);
+
+        public virtual bool VerifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1)
+        {
+            return VerifyRawSignature(null, sigBytes, publicKey, md5AndSha1);
+        }
+
+        public abstract bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
+            AsymmetricKeyParameter publicKey, byte[] hash);
+
+        public virtual ISigner CreateSigner(AsymmetricKeyParameter privateKey)
+        {
+            return CreateSigner(null, privateKey);
+        }
+
+        public abstract ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey);
+
+        public virtual ISigner CreateVerifyer(AsymmetricKeyParameter publicKey)
+        {
+            return CreateVerifyer(null, publicKey);
+        }
+
+        public abstract ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey);
+
+        public abstract bool IsValidPublicKey(AsymmetricKeyParameter publicKey);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs b/bc-sharp-crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs
new file mode 100644
index 0000000..886c46c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs
@@ -0,0 +1,20 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class AbstractTlsSignerCredentials
+        : AbstractTlsCredentials, TlsSignerCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        public abstract byte[] GenerateCertificateSignature(byte[] hash);
+
+        public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm
+        {
+            get
+            {
+                throw new InvalidOperationException("TlsSignerCredentials implementation does not support (D)TLS 1.2+");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AlertDescription.cs b/bc-sharp-crypto/src/crypto/tls/AlertDescription.cs
new file mode 100644
index 0000000..4e2464b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AlertDescription.cs
@@ -0,0 +1,304 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 5246 7.2
+    /// </summary>
+    public abstract class AlertDescription
+    {
+        /**
+         * This message notifies the recipient that the sender will not send any more messages on this
+         * connection. Note that as of TLS 1.1, failure to properly close a connection no longer
+         * requires that a session not be resumed. This is a change from TLS 1.0 ("The session becomes
+         * unresumable if any connection is terminated without proper close_notify messages with level
+         * equal to warning.") to conform with widespread implementation practice.
+         */
+        public const byte close_notify = 0;
+
+        /**
+         * An inappropriate message was received. This alert is always fatal and should never be
+         * observed in communication between proper implementations.
+         */
+        public const byte unexpected_message = 10;
+
+        /**
+         * This alert is returned if a record is received with an incorrect MAC. This alert also MUST be
+         * returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: either it
+         * wasn't an even multiple of the block length, or its padding values, when checked, weren't
+         * correct. This message is always fatal and should never be observed in communication between
+         * proper implementations (except when messages were corrupted in the network).
+         */
+        public const byte bad_record_mac = 20;
+
+        /**
+         * This alert was used in some earlier versions of TLS, and may have permitted certain attacks
+         * against the CBC mode [CBCATT]. It MUST NOT be sent by compliant implementations.
+         */
+        public const byte decryption_failed = 21;
+
+        /**
+         * A TLSCiphertext record was received that had a length more than 2^14+2048 bytes, or a record
+         * decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always
+         * fatal and should never be observed in communication between proper implementations (except
+         * when messages were corrupted in the network).
+         */
+        public const byte record_overflow = 22;
+
+        /**
+         * The decompression function received improper input (e.g., data that would expand to excessive
+         * length). This message is always fatal and should never be observed in communication between
+         * proper implementations.
+         */
+        public const byte decompression_failure = 30;
+
+        /**
+         * Reception of a handshake_failure alert message indicates that the sender was unable to
+         * negotiate an acceptable set of security parameters given the options available. This is a
+         * fatal error.
+         */
+        public const byte handshake_failure = 40;
+
+        /**
+         * This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant
+         * implementations.
+         */
+        public const byte no_certificate = 41;
+
+        /**
+         * A certificate was corrupt, contained signatures that did not verify correctly, etc.
+         */
+        public const byte bad_certificate = 42;
+
+        /**
+         * A certificate was of an unsupported type.
+         */
+        public const byte unsupported_certificate = 43;
+
+        /**
+         * A certificate was revoked by its signer.
+         */
+        public const byte certificate_revoked = 44;
+
+        /**
+         * A certificate has expired or is not currently valid.
+         */
+        public const byte certificate_expired = 45;
+
+        /**
+         * Some other (unspecified) issue arose in processing the certificate, rendering it
+         * unacceptable.
+         */
+        public const byte certificate_unknown = 46;
+
+        /**
+         * A field in the handshake was out of range or inconsistent with other fields. This message is
+         * always fatal.
+         */
+        public const byte illegal_parameter = 47;
+
+        /**
+         * A valid certificate chain or partial chain was received, but the certificate was not accepted
+         * because the CA certificate could not be located or couldn't be matched with a known, trusted
+         * CA. This message is always fatal.
+         */
+        public const byte unknown_ca = 48;
+
+        /**
+         * A valid certificate was received, but when access control was applied, the sender decided not
+         * to proceed with negotiation. This message is always fatal.
+         */
+        public const byte access_denied = 49;
+
+        /**
+         * A message could not be decoded because some field was out of the specified range or the
+         * length of the message was incorrect. This message is always fatal and should never be
+         * observed in communication between proper implementations (except when messages were corrupted
+         * in the network).
+         */
+        public const byte decode_error = 50;
+
+        /**
+         * A handshake cryptographic operation failed, including being unable to correctly verify a
+         * signature or validate a Finished message. This message is always fatal.
+         */
+        public const byte decrypt_error = 51;
+
+        /**
+         * This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant
+         * implementations.
+         */
+        public const byte export_restriction = 60;
+
+        /**
+         * The protocol version the client has attempted to negotiate is recognized but not supported.
+         * (For example, old protocol versions might be avoided for security reasons.) This message is
+         * always fatal.
+         */
+        public const byte protocol_version = 70;
+
+        /**
+         * Returned instead of handshake_failure when a negotiation has failed specifically because the
+         * server requires ciphers more secure than those supported by the client. This message is
+         * always fatal.
+         */
+        public const byte insufficient_security = 71;
+
+        /**
+         * An internal error unrelated to the peer or the correctness of the protocol (such as a memory
+         * allocation failure) makes it impossible to continue. This message is always fatal.
+         */
+        public const byte internal_error = 80;
+
+        /**
+         * This handshake is being canceled for some reason unrelated to a protocol failure. If the user
+         * cancels an operation after the handshake is complete, just closing the connection by sending
+         * a close_notify is more appropriate. This alert should be followed by a close_notify. This
+         * message is generally a warning.
+         */
+        public const byte user_canceled = 90;
+
+        /**
+         * Sent by the client in response to a hello request or by the server in response to a client
+         * hello after initial handshaking. Either of these would normally lead to renegotiation; when
+         * that is not appropriate, the recipient should respond with this alert. At that point, the
+         * original requester can decide whether to proceed with the connection. One case where this
+         * would be appropriate is where a server has spawned a process to satisfy a request; the
+         * process might receive security parameters (key length, authentication, etc.) at startup, and
+         * it might be difficult to communicate changes to these parameters after that point. This
+         * message is always a warning.
+         */
+        public const byte no_renegotiation = 100;
+
+        /**
+         * Sent by clients that receive an extended server hello containing an extension that they did
+         * not put in the corresponding client hello. This message is always fatal.
+         */
+        public const byte unsupported_extension = 110;
+
+        /*
+         * RFC 3546
+         */
+
+        /**
+         * This alert is sent by servers who are unable to retrieve a certificate chain from the URL
+         * supplied by the client (see Section 3.3). This message MAY be fatal - for example if client
+         * authentication is required by the server for the handshake to continue and the server is
+         * unable to retrieve the certificate chain, it may send a fatal alert.
+         */
+        public const byte certificate_unobtainable = 111;
+
+        /**
+         * This alert is sent by servers that receive a server_name extension request, but do not
+         * recognize the server name. This message MAY be fatal.
+         */
+        public const byte unrecognized_name = 112;
+
+        /**
+         * This alert is sent by clients that receive an invalid certificate status response (see
+         * Section 3.6). This message is always fatal.
+         */
+        public const byte bad_certificate_status_response = 113;
+
+        /**
+         * This alert is sent by servers when a certificate hash does not match a client provided
+         * certificate_hash. This message is always fatal.
+         */
+        public const byte bad_certificate_hash_value = 114;
+
+        /*
+         * RFC 4279
+         */
+
+        /**
+         * If the server does not recognize the PSK identity, it MAY respond with an
+         * "unknown_psk_identity" alert message.
+         */
+        public const byte unknown_psk_identity = 115;
+
+        /*
+         * RFC 7507
+         */
+
+        /**
+         * If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest protocol version
+         * supported by the server is higher than the version indicated in ClientHello.client_version,
+         * the server MUST respond with a fatal inappropriate_fallback alert [..].
+         */
+        public const byte inappropriate_fallback = 86;
+
+        public static string GetName(byte alertDescription)
+        {
+            switch (alertDescription)
+            {
+            case close_notify:
+                return "close_notify";
+            case unexpected_message:
+                return "unexpected_message";
+            case bad_record_mac:
+                return "bad_record_mac";
+            case decryption_failed:
+                return "decryption_failed";
+            case record_overflow:
+                return "record_overflow";
+            case decompression_failure:
+                return "decompression_failure";
+            case handshake_failure:
+                return "handshake_failure";
+            case no_certificate:
+                return "no_certificate";
+            case bad_certificate:
+                return "bad_certificate";
+            case unsupported_certificate:
+                return "unsupported_certificate";
+            case certificate_revoked:
+                return "certificate_revoked";
+            case certificate_expired:
+                return "certificate_expired";
+            case certificate_unknown:
+                return "certificate_unknown";
+            case illegal_parameter:
+                return "illegal_parameter";
+            case unknown_ca:
+                return "unknown_ca";
+            case access_denied:
+                return "access_denied";
+            case decode_error:
+                return "decode_error";
+            case decrypt_error:
+                return "decrypt_error";
+            case export_restriction:
+                return "export_restriction";
+            case protocol_version:
+                return "protocol_version";
+            case insufficient_security:
+                return "insufficient_security";
+            case internal_error:
+                return "internal_error";
+            case user_canceled:
+                return "user_canceled";
+            case no_renegotiation:
+                return "no_renegotiation";
+            case unsupported_extension:
+                return "unsupported_extension";
+            case certificate_unobtainable:
+                return "certificate_unobtainable";
+            case unrecognized_name:
+                return "unrecognized_name";
+            case bad_certificate_status_response:
+                return "bad_certificate_status_response";
+            case bad_certificate_hash_value:
+                return "bad_certificate_hash_value";
+            case unknown_psk_identity:
+                return "unknown_psk_identity";
+            case inappropriate_fallback:
+                return "inappropriate_fallback";
+            default:
+                return "UNKNOWN";
+            }
+        }
+
+        public static string GetText(byte alertDescription)
+        {
+            return GetName(alertDescription) + "(" + alertDescription + ")";
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/AlertLevel.cs b/bc-sharp-crypto/src/crypto/tls/AlertLevel.cs
new file mode 100644
index 0000000..9461a0b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/AlertLevel.cs
@@ -0,0 +1,29 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 5246 7.2
+    /// </summary>
+    public abstract class AlertLevel
+    {
+        public const byte warning = 1;
+        public const byte fatal = 2;
+
+        public static string GetName(byte alertDescription)
+        {
+            switch (alertDescription)
+            {
+            case warning:
+                return "warning";
+            case fatal:
+                return "fatal";
+            default:
+                return "UNKNOWN";
+            }
+        }
+
+        public static string GetText(byte alertDescription)
+        {
+            return GetName(alertDescription) + "(" + alertDescription + ")";
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/BasicTlsPskIdentity.cs b/bc-sharp-crypto/src/crypto/tls/BasicTlsPskIdentity.cs
new file mode 100644
index 0000000..db59544
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/BasicTlsPskIdentity.cs
@@ -0,0 +1,43 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class BasicTlsPskIdentity
+        : TlsPskIdentity
+    {
+        protected byte[] mIdentity;
+        protected byte[] mPsk;
+
+        public BasicTlsPskIdentity(byte[] identity, byte[] psk)
+        {
+            this.mIdentity = Arrays.Clone(identity);
+            this.mPsk = Arrays.Clone(psk);
+        }
+
+        public BasicTlsPskIdentity(string identity, byte[] psk)
+        {
+            this.mIdentity = Strings.ToUtf8ByteArray(identity);
+            this.mPsk = Arrays.Clone(psk);
+        }
+
+        public virtual void SkipIdentityHint()
+        {
+        }
+
+        public virtual void NotifyIdentityHint(byte[] psk_identity_hint)
+        {
+        }
+
+        public virtual byte[] GetPskIdentity()
+        {
+            return mIdentity;
+        }
+
+        public virtual byte[] GetPsk()
+        {
+            return mPsk;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/BulkCipherAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/BulkCipherAlgorithm.cs
new file mode 100644
index 0000000..07ff8dc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/BulkCipherAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class BulkCipherAlgorithm
+    {
+        public const int cls_null = 0;
+        public const int rc4 = 1;
+        public const int rc2 = 2;
+        public const int des = 3;
+        public const int cls_3des = 4;
+        public const int des40 = 5;
+
+        /*
+         * RFC 4346
+         */
+        public const int aes = 6;
+        public const int idea = 7;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ByteQueue.cs b/bc-sharp-crypto/src/crypto/tls/ByteQueue.cs
new file mode 100644
index 0000000..b4df685
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ByteQueue.cs
@@ -0,0 +1,211 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <remarks>
+    /// A queue for bytes.
+    /// <p>
+    /// This file could be more optimized.
+    /// </p>
+    /// </remarks>
+    public class ByteQueue
+    {
+        /// <returns>The smallest number which can be written as 2^x which is bigger than i.</returns>
+        public static int NextTwoPow(
+            int i)
+        {
+            /*
+            * This code is based of a lot of code I found on the Internet
+            * which mostly referenced a book called "Hacking delight".
+            *
+            */
+            i |= (i >> 1);
+            i |= (i >> 2);
+            i |= (i >> 4);
+            i |= (i >> 8);
+            i |= (i >> 16);
+            return i + 1;
+        }
+
+        /**
+         * The initial size for our buffer.
+         */
+        private const int DefaultCapacity = 1024;
+
+        /**
+         * The buffer where we store our data.
+         */
+        private byte[] databuf;
+
+        /**
+         * How many bytes at the beginning of the buffer are skipped.
+         */
+        private int skipped = 0;
+
+        /**
+         * How many bytes in the buffer are valid data.
+         */
+        private int available = 0;
+
+        private bool readOnlyBuf = false;
+
+        public ByteQueue()
+            : this(DefaultCapacity)
+        {
+        }
+
+        public ByteQueue(int capacity)
+        {
+            this.databuf = capacity == 0 ? TlsUtilities.EmptyBytes : new byte[capacity];
+        }
+
+        public ByteQueue(byte[] buf, int off, int len)
+        {
+            this.databuf = buf;
+            this.skipped = off;
+            this.available = len;
+            this.readOnlyBuf = true;
+        }
+
+        /// <summary>Add some data to our buffer.</summary>
+        /// <param name="data">A byte-array to read data from.</param>
+        /// <param name="offset">How many bytes to skip at the beginning of the array.</param>
+        /// <param name="len">How many bytes to read from the array.</param>
+        public void AddData(
+            byte[] data,
+            int offset,
+            int len)
+        {
+            if (readOnlyBuf)
+                throw new InvalidOperationException("Cannot add data to read-only buffer");
+
+            if ((skipped + available + len) > databuf.Length)
+            {
+                int desiredSize = ByteQueue.NextTwoPow(available + len);
+                if (desiredSize > databuf.Length)
+                {
+                    byte[] tmp = new byte[desiredSize];
+                    Array.Copy(databuf, skipped, tmp, 0, available);
+                    databuf = tmp;
+                }
+                else
+                {
+                    Array.Copy(databuf, skipped, databuf, 0, available);
+                }
+                skipped = 0;
+            }
+
+            Array.Copy(data, offset, databuf, skipped + available, len);
+            available += len;
+        }
+
+        /// <summary>The number of bytes which are available in this buffer.</summary>
+        public int Available
+        {
+            get { return available; }
+        }
+
+        /// <summary>Copy some bytes from the beginning of the data to the provided <c cref="Stream">Stream</c>.</summary>
+        /// <param name="output">The <c cref="Stream">Stream</c> to copy the bytes to.</param>
+        /// <param name="length">How many bytes to copy.</param>
+		/// <exception cref="InvalidOperationException">If insufficient data is available.</exception>
+		/// <exception cref="IOException">If there is a problem copying the data.</exception>
+        public void CopyTo(Stream output, int length)
+        {
+            if (length > available)
+                throw new InvalidOperationException("Cannot copy " + length + " bytes, only got " + available);
+
+            output.Write(databuf, skipped, length);
+        }
+
+        /// <summary>Read data from the buffer.</summary>
+        /// <param name="buf">The buffer where the read data will be copied to.</param>
+        /// <param name="offset">How many bytes to skip at the beginning of buf.</param>
+        /// <param name="len">How many bytes to read at all.</param>
+        /// <param name="skip">How many bytes from our data to skip.</param>
+        public void Read(
+            byte[]	buf,
+            int		offset,
+            int		len,
+            int		skip)
+        {
+            if ((buf.Length - offset) < len)
+            {
+                throw new ArgumentException("Buffer size of " + buf.Length + " is too small for a read of " + len + " bytes");
+            }
+            if ((available - skip) < len)
+            {
+                throw new InvalidOperationException("Not enough data to read");
+            }
+            Array.Copy(databuf, skipped + skip, buf, offset, len);
+        }
+
+        /// <summary>Return a <c cref="MemoryStream">MemoryStream</c> over some bytes at the beginning of the data.</summary>
+        /// <param name="length">How many bytes will be readable.</param>
+        /// <returns>A <c cref="MemoryStream">MemoryStream</c> over the data.</returns>
+		/// <exception cref="InvalidOperationException">If insufficient data is available.</exception>
+        public MemoryStream ReadFrom(int length)
+        {
+            if (length > available)
+                throw new InvalidOperationException("Cannot read " + length + " bytes, only got " + available);
+
+            int position = skipped;
+
+            available -= length;
+            skipped += length;
+
+            return new MemoryStream(databuf, position, length, false);
+        }
+
+        /// <summary>Remove some bytes from our data from the beginning.</summary>
+        /// <param name="i">How many bytes to remove.</param>
+        public void RemoveData(
+            int i)
+        {
+            if (i > available)
+            {
+                throw new InvalidOperationException("Cannot remove " + i + " bytes, only got " + available);
+            }
+
+            /*
+            * Skip the data.
+            */
+            available -= i;
+            skipped += i;
+        }
+
+        public void RemoveData(byte[] buf, int off, int len, int skip)
+        {
+            Read(buf, off, len, skip);
+            RemoveData(skip + len);
+        }
+
+        public byte[] RemoveData(int len, int skip)
+        {
+            byte[] buf = new byte[len];
+            RemoveData(buf, 0, len, skip);
+            return buf;
+        }
+
+        public void Shrink()
+        {
+            if (available == 0)
+            {
+                databuf = TlsUtilities.EmptyBytes;
+                skipped = 0;
+            }
+            else
+            {
+                int desiredSize = ByteQueue.NextTwoPow(available);
+                if (desiredSize < databuf.Length)
+                {
+                    byte[] tmp = new byte[desiredSize];
+                    Array.Copy(databuf, skipped, tmp, 0, available);
+                    databuf = tmp;
+                    skipped = 0;
+                }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ByteQueueStream.cs b/bc-sharp-crypto/src/crypto/tls/ByteQueueStream.cs
new file mode 100644
index 0000000..249e609
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ByteQueueStream.cs
@@ -0,0 +1,110 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class ByteQueueStream
+        : Stream
+    {
+        private readonly ByteQueue buffer;
+
+        public ByteQueueStream()
+        {
+            this.buffer = new ByteQueue();
+        }
+
+        public virtual int Available
+        {
+            get { return buffer.Available; }
+        }
+
+        public override bool CanRead
+        {
+            get { return true; }
+        }
+
+        public override bool CanSeek
+        {
+            get { return false; }
+        }
+
+        public override bool CanWrite
+        {
+            get { return true; }
+        }
+
+        public override void Flush()
+        {
+        }
+
+        public override long Length
+        {
+            get { throw new NotSupportedException(); }
+        }
+
+        public virtual int Peek(byte[] buf)
+        {
+            int bytesToRead = System.Math.Min(buffer.Available, buf.Length);
+            buffer.Read(buf, 0, bytesToRead, 0);
+            return bytesToRead;
+        }
+
+        public override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+
+        public virtual int Read(byte[] buf)
+        {
+            return Read(buf, 0, buf.Length);
+        }
+
+        public override int Read(byte[] buf, int off, int len)
+        {
+            int bytesToRead = System.Math.Min(buffer.Available, len);
+            buffer.RemoveData(buf, off, bytesToRead, 0);
+            return bytesToRead;
+        }
+
+        public override int ReadByte()
+        {
+            if (buffer.Available == 0)
+                return -1;
+
+            return buffer.RemoveData(1, 0)[0] & 0xFF;
+        }
+
+        public override long Seek(long offset, SeekOrigin origin)
+        {
+            throw new NotSupportedException();
+        }
+
+        public override void SetLength(long value)
+        {
+            throw new NotSupportedException();
+        }
+
+        public virtual int Skip(int n)
+        {
+            int bytesToSkip = System.Math.Min(buffer.Available, n);
+            buffer.RemoveData(bytesToSkip);
+            return bytesToSkip;
+        }
+
+        public virtual void Write(byte[] buf)
+        {
+            buffer.AddData(buf, 0, buf.Length);
+        }
+
+        public override void Write(byte[] buf, int off, int len)
+        {
+            buffer.AddData(buf, off, len);
+        }
+
+        public override void WriteByte(byte b)
+        {
+            buffer.AddData(new byte[]{ b }, 0, 1);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertChainType.cs b/bc-sharp-crypto/src/crypto/tls/CertChainType.cs
new file mode 100644
index 0000000..cbb1834
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertChainType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 3546 3.3.
+     */
+    public abstract class CertChainType
+    {
+        public const byte individual_certs = 0;
+        public const byte pkipath = 1;
+
+        public static bool IsValid(byte certChainType)
+        {
+            return certChainType >= individual_certs && certChainType <= pkipath;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/Certificate.cs b/bc-sharp-crypto/src/crypto/tls/Certificate.cs
new file mode 100644
index 0000000..e047999
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/Certificate.cs
@@ -0,0 +1,136 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * Parsing and encoding of a <i>Certificate</i> struct from RFC 4346.
+     * <p/>
+     * <pre>
+     * opaque ASN.1Cert&lt;2^24-1&gt;;
+     *
+     * struct {
+     *     ASN.1Cert certificate_list&lt;0..2^24-1&gt;;
+     * } Certificate;
+     * </pre>
+     *
+     * @see Org.BouncyCastle.Asn1.X509.X509CertificateStructure
+     */
+    public class Certificate
+    {
+        public static readonly Certificate EmptyChain = new Certificate(new X509CertificateStructure[0]);
+
+        /**
+        * The certificates.
+        */
+        protected readonly X509CertificateStructure[] mCertificateList;
+
+        public Certificate(X509CertificateStructure[] certificateList)
+        {
+            if (certificateList == null)
+                throw new ArgumentNullException("certificateList");
+
+            this.mCertificateList = certificateList;
+        }
+
+        /**
+         * @return an array of {@link org.bouncycastle.asn1.x509.Certificate} representing a certificate
+         *         chain.
+         */
+        public virtual X509CertificateStructure[] GetCertificateList()
+        {
+            return CloneCertificateList();
+        }
+
+        public virtual X509CertificateStructure GetCertificateAt(int index)
+        {
+            return mCertificateList[index];
+        }
+
+        public virtual int Length
+        {
+            get { return mCertificateList.Length; }
+        }
+
+        /**
+         * @return <code>true</code> if this certificate chain contains no certificates, or
+         *         <code>false</code> otherwise.
+         */
+        public virtual bool IsEmpty
+        {
+            get { return mCertificateList.Length == 0; }
+        }
+
+        /**
+         * Encode this {@link Certificate} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            IList derEncodings = Platform.CreateArrayList(mCertificateList.Length);
+
+            int totalLength = 0;
+            foreach (Asn1Encodable asn1Cert in mCertificateList)
+            {
+                byte[] derEncoding = asn1Cert.GetEncoded(Asn1Encodable.Der);
+                derEncodings.Add(derEncoding);
+                totalLength += derEncoding.Length + 3;
+            }
+
+            TlsUtilities.CheckUint24(totalLength);
+            TlsUtilities.WriteUint24(totalLength, output);
+
+            foreach (byte[] derEncoding in derEncodings)
+            {
+                TlsUtilities.WriteOpaque24(derEncoding, output);
+            }
+        }
+
+        /**
+         * Parse a {@link Certificate} from a {@link Stream}.
+         *
+         * @param input the {@link Stream} to parse from.
+         * @return a {@link Certificate} object.
+         * @throws IOException
+         */
+        public static Certificate Parse(Stream input)
+        {
+            int totalLength = TlsUtilities.ReadUint24(input);
+            if (totalLength == 0)
+            {
+                return EmptyChain;
+            }
+
+            byte[] certListData = TlsUtilities.ReadFully(totalLength, input);
+
+            MemoryStream buf = new MemoryStream(certListData, false);
+
+            IList certificate_list = Platform.CreateArrayList();
+            while (buf.Position < buf.Length)
+            {
+                byte[] berEncoding = TlsUtilities.ReadOpaque24(buf);
+                Asn1Object asn1Cert = TlsUtilities.ReadAsn1Object(berEncoding);
+                certificate_list.Add(X509CertificateStructure.GetInstance(asn1Cert));
+            }
+
+            X509CertificateStructure[] certificateList = new X509CertificateStructure[certificate_list.Count];
+            for (int i = 0; i < certificate_list.Count; ++i)
+            {
+                certificateList[i] = (X509CertificateStructure)certificate_list[i];
+            }
+            return new Certificate(certificateList);
+        }
+
+        protected virtual X509CertificateStructure[] CloneCertificateList()
+        {
+            return (X509CertificateStructure[])mCertificateList.Clone();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateRequest.cs b/bc-sharp-crypto/src/crypto/tls/CertificateRequest.cs
new file mode 100644
index 0000000..f3dcb3b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateRequest.cs
@@ -0,0 +1,156 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * Parsing and encoding of a <i>CertificateRequest</i> struct from RFC 4346.
+     * <p/>
+     * <pre>
+     * struct {
+     *     ClientCertificateType certificate_types&lt;1..2^8-1&gt;;
+     *     DistinguishedName certificate_authorities&lt;3..2^16-1&gt;
+     * } CertificateRequest;
+     * </pre>
+     *
+     * @see ClientCertificateType
+     * @see X509Name
+     */
+    public class CertificateRequest
+    {
+        protected readonly byte[] mCertificateTypes;
+        protected readonly IList mSupportedSignatureAlgorithms;
+        protected readonly IList mCertificateAuthorities;
+
+        /**
+         * @param certificateTypes       see {@link ClientCertificateType} for valid constants.
+         * @param certificateAuthorities an {@link IList} of {@link X509Name}.
+         */
+        public CertificateRequest(byte[] certificateTypes, IList supportedSignatureAlgorithms,
+            IList certificateAuthorities)
+        {
+            this.mCertificateTypes = certificateTypes;
+            this.mSupportedSignatureAlgorithms = supportedSignatureAlgorithms;
+            this.mCertificateAuthorities = certificateAuthorities;
+        }
+
+        /**
+         * @return an array of certificate types
+         * @see {@link ClientCertificateType}
+         */
+        public virtual byte[] CertificateTypes
+        {
+            get { return mCertificateTypes; }
+        }
+
+        /**
+         * @return an {@link IList} of {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
+         */
+        public virtual IList SupportedSignatureAlgorithms
+        {
+            get { return mSupportedSignatureAlgorithms; }
+        }
+
+        /**
+         * @return an {@link IList} of {@link X509Name}
+         */
+        public virtual IList CertificateAuthorities
+        {
+            get { return mCertificateAuthorities; }
+        }
+
+        /**
+         * Encode this {@link CertificateRequest} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            if (mCertificateTypes == null || mCertificateTypes.Length == 0)
+            {
+                TlsUtilities.WriteUint8(0, output);
+            }
+            else
+            {
+                TlsUtilities.WriteUint8ArrayWithUint8Length(mCertificateTypes, output);
+            }
+
+            if (mSupportedSignatureAlgorithms != null)
+            {
+                // TODO Check whether SignatureAlgorithm.anonymous is allowed here
+                TlsUtilities.EncodeSupportedSignatureAlgorithms(mSupportedSignatureAlgorithms, false, output);
+            }
+
+            if (mCertificateAuthorities == null || mCertificateAuthorities.Count < 1)
+            {
+                TlsUtilities.WriteUint16(0, output);
+            }
+            else
+            {
+                IList derEncodings = Platform.CreateArrayList(mCertificateAuthorities.Count);
+
+                int totalLength = 0;
+                foreach (Asn1Encodable certificateAuthority in mCertificateAuthorities)
+                {
+                    byte[] derEncoding = certificateAuthority.GetEncoded(Asn1Encodable.Der);
+                    derEncodings.Add(derEncoding);
+                    totalLength += derEncoding.Length + 2;
+                }
+
+                TlsUtilities.CheckUint16(totalLength);
+                TlsUtilities.WriteUint16(totalLength, output);
+
+                foreach (byte[] derEncoding in derEncodings)
+                {
+                    TlsUtilities.WriteOpaque16(derEncoding, output);
+                }
+            }
+        }
+
+        /**
+         * Parse a {@link CertificateRequest} from a {@link Stream}.
+         * 
+         * @param context
+         *            the {@link TlsContext} of the current connection.
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link CertificateRequest} object.
+         * @throws IOException
+         */
+        public static CertificateRequest Parse(TlsContext context, Stream input)
+        {
+            int numTypes = TlsUtilities.ReadUint8(input);
+            byte[] certificateTypes = new byte[numTypes];
+            for (int i = 0; i < numTypes; ++i)
+            {
+                certificateTypes[i] = TlsUtilities.ReadUint8(input);
+            }
+
+            IList supportedSignatureAlgorithms = null;
+            if (TlsUtilities.IsTlsV12(context))
+            {
+                // TODO Check whether SignatureAlgorithm.anonymous is allowed here
+                supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(false, input);
+            }
+
+            IList certificateAuthorities = Platform.CreateArrayList();
+            byte[] certAuthData = TlsUtilities.ReadOpaque16(input);
+            MemoryStream bis = new MemoryStream(certAuthData, false);
+            while (bis.Position < bis.Length)
+            {
+                byte[] derEncoding = TlsUtilities.ReadOpaque16(bis);
+                Asn1Object asn1 = TlsUtilities.ReadDerObject(derEncoding);
+                // TODO Switch to X500Name when available
+                certificateAuthorities.Add(X509Name.GetInstance(asn1));
+            }
+
+            return new CertificateRequest(certificateTypes, supportedSignatureAlgorithms, certificateAuthorities);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateStatus.cs b/bc-sharp-crypto/src/crypto/tls/CertificateStatus.cs
new file mode 100644
index 0000000..0f95475
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateStatus.cs
@@ -0,0 +1,102 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class CertificateStatus
+    {
+        protected readonly byte mStatusType;
+        protected readonly object mResponse;
+
+        public CertificateStatus(byte statusType, object response)
+        {
+            if (!IsCorrectType(statusType, response))
+                throw new ArgumentException("not an instance of the correct type", "response");
+
+            this.mStatusType = statusType;
+            this.mResponse = response;
+        }
+
+        public virtual byte StatusType
+        {
+            get { return mStatusType; }
+        }
+
+        public virtual object Response
+        {
+            get { return mResponse; }
+        }
+
+        public virtual OcspResponse GetOcspResponse()
+        {
+            if (!IsCorrectType(CertificateStatusType.ocsp, mResponse))
+                throw new InvalidOperationException("'response' is not an OcspResponse");
+
+            return (OcspResponse)mResponse;
+        }
+
+        /**
+         * Encode this {@link CertificateStatus} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(mStatusType, output);
+
+            switch (mStatusType)
+            {
+            case CertificateStatusType.ocsp:
+                byte[] derEncoding = ((OcspResponse)mResponse).GetEncoded(Asn1Encodable.Der);
+                TlsUtilities.WriteOpaque24(derEncoding, output);
+                break;
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        /**
+         * Parse a {@link CertificateStatus} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link CertificateStatus} object.
+         * @throws IOException
+         */
+        public static CertificateStatus Parse(Stream input)
+        {
+            byte status_type = TlsUtilities.ReadUint8(input);
+            object response;
+
+            switch (status_type)
+            {
+            case CertificateStatusType.ocsp:
+            {
+                byte[] derEncoding = TlsUtilities.ReadOpaque24(input);
+                response = OcspResponse.GetInstance(TlsUtilities.ReadDerObject(derEncoding));
+                break;
+            }
+            default:
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            }
+
+            return new CertificateStatus(status_type, response);
+        }
+
+        protected static bool IsCorrectType(byte statusType, object response)
+        {
+            switch (statusType)
+            {
+            case CertificateStatusType.ocsp:
+                return response is OcspResponse;
+            default:
+                throw new ArgumentException("unsupported value", "statusType");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateStatusRequest.cs b/bc-sharp-crypto/src/crypto/tls/CertificateStatusRequest.cs
new file mode 100644
index 0000000..9587d7d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateStatusRequest.cs
@@ -0,0 +1,95 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class CertificateStatusRequest
+    {
+        protected readonly byte mStatusType;
+        protected readonly object mRequest;
+
+        public CertificateStatusRequest(byte statusType, Object request)
+        {
+            if (!IsCorrectType(statusType, request))
+                throw new ArgumentException("not an instance of the correct type", "request");
+
+            this.mStatusType = statusType;
+            this.mRequest = request;
+        }
+
+        public virtual byte StatusType
+        {
+            get { return mStatusType; }
+        }
+
+        public virtual object Request
+        {
+            get { return mRequest; }
+        }
+
+        public virtual OcspStatusRequest GetOcspStatusRequest()
+        {
+            if (!IsCorrectType(CertificateStatusType.ocsp, mRequest))
+                throw new InvalidOperationException("'request' is not an OCSPStatusRequest");
+
+            return (OcspStatusRequest)mRequest;
+        }
+
+        /**
+         * Encode this {@link CertificateStatusRequest} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(mStatusType, output);
+
+            switch (mStatusType)
+            {
+            case CertificateStatusType.ocsp:
+                ((OcspStatusRequest)mRequest).Encode(output);
+                break;
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        /**
+         * Parse a {@link CertificateStatusRequest} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link CertificateStatusRequest} object.
+         * @throws IOException
+         */
+        public static CertificateStatusRequest Parse(Stream input)
+        {
+            byte status_type = TlsUtilities.ReadUint8(input);
+            object result;
+
+            switch (status_type)
+            {
+            case CertificateStatusType.ocsp:
+                result = OcspStatusRequest.Parse(input);
+                break;
+            default:
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            }
+
+            return new CertificateStatusRequest(status_type, result);
+        }
+
+        protected static bool IsCorrectType(byte statusType, object request)
+        {
+            switch (statusType)
+            {
+            case CertificateStatusType.ocsp:
+                return request is OcspStatusRequest;
+            default:
+                throw new ArgumentException("unsupported value", "statusType");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateStatusType.cs b/bc-sharp-crypto/src/crypto/tls/CertificateStatusType.cs
new file mode 100644
index 0000000..54b741b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateStatusType.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class CertificateStatusType
+    {
+        /*
+         *  RFC 3546 3.6
+         */
+        public const byte ocsp = 1;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateType.cs b/bc-sharp-crypto/src/crypto/tls/CertificateType.cs
new file mode 100644
index 0000000..47ec05c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 6091 
+     */
+    public class CertificateType
+    {
+        public const byte X509 = 0;
+        public const byte OpenPGP = 1;
+    
+        /*
+         * RFC 7250
+         */
+        public const byte RawPublicKey = 2;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CertificateUrl.cs b/bc-sharp-crypto/src/crypto/tls/CertificateUrl.cs
new file mode 100644
index 0000000..aff9995
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CertificateUrl.cs
@@ -0,0 +1,125 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 3546 3.3
+     */
+    public class CertificateUrl
+    {
+        protected readonly byte mType;
+        protected readonly IList mUrlAndHashList;
+
+        /**
+         * @param type
+         *            see {@link CertChainType} for valid constants.
+         * @param urlAndHashList
+         *            a {@link IList} of {@link UrlAndHash}.
+         */
+        public CertificateUrl(byte type, IList urlAndHashList)
+        {
+            if (!CertChainType.IsValid(type))
+                throw new ArgumentException("not a valid CertChainType value", "type");
+            if (urlAndHashList == null || urlAndHashList.Count < 1)
+                throw new ArgumentException("must have length > 0", "urlAndHashList");
+
+            this.mType = type;
+            this.mUrlAndHashList = urlAndHashList;
+        }
+
+        /**
+         * @return {@link CertChainType}
+         */
+        public virtual byte Type
+        {
+            get { return mType; }
+        }
+
+        /**
+         * @return an {@link IList} of {@link UrlAndHash} 
+         */
+        public virtual IList UrlAndHashList
+        {
+            get { return mUrlAndHashList; }
+        }
+
+        /**
+         * Encode this {@link CertificateUrl} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(this.mType, output);
+
+            ListBuffer16 buf = new ListBuffer16();
+            foreach (UrlAndHash urlAndHash in this.mUrlAndHashList)
+            {
+                urlAndHash.Encode(buf);
+            }
+            buf.EncodeTo(output);
+        }
+
+        /**
+         * Parse a {@link CertificateUrl} from a {@link Stream}.
+         * 
+         * @param context
+         *            the {@link TlsContext} of the current connection.
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link CertificateUrl} object.
+         * @throws IOException
+         */
+        public static CertificateUrl parse(TlsContext context, Stream input)
+        {
+            byte type = TlsUtilities.ReadUint8(input);
+            if (!CertChainType.IsValid(type))
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            int totalLength = TlsUtilities.ReadUint16(input);
+            if (totalLength < 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            byte[] urlAndHashListData = TlsUtilities.ReadFully(totalLength, input);
+
+            MemoryStream buf = new MemoryStream(urlAndHashListData, false);
+
+            IList url_and_hash_list = Platform.CreateArrayList();
+            while (buf.Position < buf.Length)
+            {
+                UrlAndHash url_and_hash = UrlAndHash.Parse(context, buf);
+                url_and_hash_list.Add(url_and_hash);
+            }
+
+            return new CertificateUrl(type, url_and_hash_list);
+        }
+
+        // TODO Could be more generally useful
+        internal class ListBuffer16
+            : MemoryStream
+        {
+            internal ListBuffer16()
+            {
+                // Reserve space for length
+                TlsUtilities.WriteUint16(0,  this);
+            }
+
+            internal void EncodeTo(Stream output)
+            {
+                // Patch actual length back in
+                long length = Length - 2;
+                TlsUtilities.CheckUint16(length);
+                this.Position = 0;
+                TlsUtilities.WriteUint16((int)length, this);
+                Streams.WriteBufTo(this, output);
+                Platform.Dispose(this);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/Chacha20Poly1305.cs b/bc-sharp-crypto/src/crypto/tls/Chacha20Poly1305.cs
new file mode 100644
index 0000000..8687803
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/Chacha20Poly1305.cs
@@ -0,0 +1,199 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * draft-ietf-tls-chacha20-poly1305-04
+     */
+    public class Chacha20Poly1305
+        :   TlsCipher
+    {
+        private static readonly byte[] Zeroes = new byte[15];
+
+        protected readonly TlsContext context;
+
+        protected readonly ChaCha7539Engine encryptCipher, decryptCipher;
+        protected readonly byte[] encryptIV, decryptIV;
+
+        /// <exception cref="IOException"></exception>
+        public Chacha20Poly1305(TlsContext context)
+        {
+            if (!TlsUtilities.IsTlsV12(context))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.context = context;
+
+            int cipherKeySize = 32;
+            // TODO SecurityParameters.fixed_iv_length
+            int fixed_iv_length = 12;
+            // TODO SecurityParameters.record_iv_length = 0
+
+            int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length);
+
+            byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
+
+            int offset = 0;
+
+            KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            byte[] client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
+            offset += fixed_iv_length;
+            byte[] server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
+            offset += fixed_iv_length;
+
+            if (offset != key_block_size)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.encryptCipher = new ChaCha7539Engine();
+            this.decryptCipher = new ChaCha7539Engine();
+
+            KeyParameter encryptKey, decryptKey;
+            if (context.IsServer)
+            {
+                encryptKey = server_write_key;
+                decryptKey = client_write_key;
+                this.encryptIV = server_write_IV;
+                this.decryptIV = client_write_IV;
+            }
+            else
+            {
+                encryptKey = client_write_key;
+                decryptKey = server_write_key;
+                this.encryptIV = client_write_IV;
+                this.decryptIV = server_write_IV;
+            }
+
+            this.encryptCipher.Init(true, new ParametersWithIV(encryptKey, encryptIV));
+            this.decryptCipher.Init(false, new ParametersWithIV(decryptKey, decryptIV));
+        }
+
+        public virtual int GetPlaintextLimit(int ciphertextLimit)
+        {
+            return ciphertextLimit - 16;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
+        {
+            KeyParameter macKey = InitRecord(encryptCipher, true, seqNo, encryptIV);
+
+            byte[] output = new byte[len + 16];
+            encryptCipher.ProcessBytes(plaintext, offset, len, output, 0);
+
+            byte[] additionalData = GetAdditionalData(seqNo, type, len);
+            byte[] mac = CalculateRecordMac(macKey, additionalData, output, 0, len);
+            Array.Copy(mac, 0, output, len, mac.Length);
+
+            return output;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
+        {
+            if (GetPlaintextLimit(len) < 0)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            KeyParameter macKey = InitRecord(decryptCipher, false, seqNo, decryptIV);
+
+            int plaintextLength = len - 16;
+
+            byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength);
+            byte[] calculatedMac = CalculateRecordMac(macKey, additionalData, ciphertext, offset, plaintextLength);
+            byte[] receivedMac = Arrays.CopyOfRange(ciphertext, offset + plaintextLength, offset + len);
+
+            if (!Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac))
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+
+            byte[] output = new byte[plaintextLength];
+            decryptCipher.ProcessBytes(ciphertext, offset, plaintextLength, output, 0);
+            return output;
+        }
+
+        protected virtual KeyParameter InitRecord(IStreamCipher cipher, bool forEncryption, long seqNo, byte[] iv)
+        {
+            byte[] nonce = CalculateNonce(seqNo, iv);
+            cipher.Init(forEncryption, new ParametersWithIV(null, nonce));
+            return GenerateRecordMacKey(cipher);
+        }
+
+        protected virtual byte[] CalculateNonce(long seqNo, byte[] iv)
+        {
+            byte[] nonce = new byte[12];
+            TlsUtilities.WriteUint64(seqNo, nonce, 4);
+
+            for (int i = 0; i < 12; ++i)
+            {
+                nonce[i] ^= iv[i];
+            }
+
+            return nonce;
+        }
+
+        protected virtual KeyParameter GenerateRecordMacKey(IStreamCipher cipher)
+        {
+            byte[] firstBlock = new byte[64];
+            cipher.ProcessBytes(firstBlock, 0, firstBlock.Length, firstBlock, 0);
+
+            KeyParameter macKey = new KeyParameter(firstBlock, 0, 32);
+            Arrays.Fill(firstBlock, (byte)0);
+            return macKey;
+        }
+
+        protected virtual byte[] CalculateRecordMac(KeyParameter macKey, byte[] additionalData, byte[] buf, int off, int len)
+        {
+            IMac mac = new Poly1305();
+            mac.Init(macKey);
+
+            UpdateRecordMacText(mac, additionalData, 0, additionalData.Length);
+            UpdateRecordMacText(mac, buf, off, len);
+            UpdateRecordMacLength(mac, additionalData.Length);
+            UpdateRecordMacLength(mac, len);
+
+            return MacUtilities.DoFinal(mac);
+        }
+
+        protected virtual void UpdateRecordMacLength(IMac mac, int len)
+        {
+            byte[] longLen = Pack.UInt64_To_LE((ulong)len);
+            mac.BlockUpdate(longLen, 0, longLen.Length);
+        }
+
+        protected virtual void UpdateRecordMacText(IMac mac, byte[] buf, int off, int len)
+        {
+            mac.BlockUpdate(buf, off, len);
+
+            int partial = len % 16;
+            if (partial != 0)
+            {
+                mac.BlockUpdate(Zeroes, 0, 16 - partial);
+            }
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual byte[] GetAdditionalData(long seqNo, byte type, int len)
+        {
+            /*
+             * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version +
+             * TLSCompressed.length
+             */
+            byte[] additional_data = new byte[13];
+            TlsUtilities.WriteUint64(seqNo, additional_data, 0);
+            TlsUtilities.WriteUint8(type, additional_data, 8);
+            TlsUtilities.WriteVersion(context.ServerVersion, additional_data, 9);
+            TlsUtilities.WriteUint16(len, additional_data, 11);
+
+            return additional_data;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ChangeCipherSpec.cs b/bc-sharp-crypto/src/crypto/tls/ChangeCipherSpec.cs
new file mode 100644
index 0000000..323de91
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ChangeCipherSpec.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ChangeCipherSpec
+    {
+        public const byte change_cipher_spec = 1;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CipherSuite.cs b/bc-sharp-crypto/src/crypto/tls/CipherSuite.cs
new file mode 100644
index 0000000..679a8be
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CipherSuite.cs
@@ -0,0 +1,377 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 2246 A.5
+    /// </summary>
+    public abstract class CipherSuite
+    {
+        public const int TLS_NULL_WITH_NULL_NULL = 0x0000;
+        public const int TLS_RSA_WITH_NULL_MD5 = 0x0001;
+        public const int TLS_RSA_WITH_NULL_SHA = 0x0002;
+        public const int TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003;
+        public const int TLS_RSA_WITH_RC4_128_MD5 = 0x0004;
+        public const int TLS_RSA_WITH_RC4_128_SHA = 0x0005;
+        public const int TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006;
+        public const int TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007;
+        public const int TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008;
+        public const int TLS_RSA_WITH_DES_CBC_SHA = 0x0009;
+        public const int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A;
+        public const int TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B;
+        public const int TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C;
+        public const int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D;
+        public const int TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E;
+        public const int TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F;
+        public const int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010;
+        public const int TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011;
+        public const int TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012;
+        public const int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013;
+        public const int TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014;
+        public const int TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015;
+        public const int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
+        public const int TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017;
+        public const int TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018;
+        public const int TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019;
+        public const int TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A;
+        public const int TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B;
+
+        /*
+         * Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid
+         * collision with Fortezza-based cipher suites in SSL 3.
+         */
+
+        /*
+         * RFC 3268
+         */
+        public const int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F;
+        public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030;
+        public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031;
+        public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032;
+        public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
+        public const int TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034;
+        public const int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035;
+        public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036;
+        public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037;
+        public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
+        public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
+        public const int TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A;
+
+        /*
+         * RFC 5932
+         */
+        public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045;
+        public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046;
+
+        public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088;
+        public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089;
+
+        public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE;
+        public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF;
+
+        public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4;
+        public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5;
+
+        /*
+         * RFC 4162
+         */
+        public const int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096;
+        public const int TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097;
+        public const int TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098;
+        public const int TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099;
+        public const int TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A;
+        public const int TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B;
+
+        /*
+         * RFC 4279
+         */
+        public const int TLS_PSK_WITH_RC4_128_SHA = 0x008A;
+        public const int TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B;
+        public const int TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C;
+        public const int TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D;
+        public const int TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E;
+        public const int TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F;
+        public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090;
+        public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091;
+        public const int TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092;
+        public const int TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093;
+        public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094;
+        public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095;
+
+        /*
+         * RFC 4492
+         */
+        public const int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001;
+        public const int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002;
+        public const int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003;
+        public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004;
+        public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005;
+        public const int TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006;
+        public const int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007;
+        public const int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A;
+        public const int TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B;
+        public const int TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C;
+        public const int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D;
+        public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E;
+        public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F;
+        public const int TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010;
+        public const int TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011;
+        public const int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012;
+        public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013;
+        public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014;
+        public const int TLS_ECDH_anon_WITH_NULL_SHA = 0xC015;
+        public const int TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016;
+        public const int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017;
+        public const int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018;
+        public const int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019;
+
+        /*
+         * RFC 4785
+         */
+        public const int TLS_PSK_WITH_NULL_SHA = 0x002C;
+        public const int TLS_DHE_PSK_WITH_NULL_SHA = 0x002D;
+        public const int TLS_RSA_PSK_WITH_NULL_SHA = 0x002E;
+
+        /*
+         * RFC 5054
+         */
+        public const int TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A;
+        public const int TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B;
+        public const int TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C;
+        public const int TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D;
+        public const int TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E;
+        public const int TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F;
+        public const int TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020;
+        public const int TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021;
+        public const int TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022;
+
+        /*
+         * RFC 5246
+         */
+        public const int TLS_RSA_WITH_NULL_SHA256 = 0x003B;
+        public const int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
+        public const int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
+        public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E;
+        public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F;
+        public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040;
+        public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
+        public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068;
+        public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069;
+        public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A;
+        public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
+        public const int TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C;
+        public const int TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D;
+
+        /*
+         * RFC 5288
+         */
+        public const int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C;
+        public const int TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D;
+        public const int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
+        public const int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F;
+        public const int TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0;
+        public const int TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1;
+        public const int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2;
+        public const int TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3;
+        public const int TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4;
+        public const int TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5;
+        public const int TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6;
+        public const int TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7;
+
+        /*
+         * RFC 5289
+         */
+        public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024;
+        public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025;
+        public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026;
+        public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027;
+        public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028;
+        public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029;
+        public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C;
+        public const int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D;
+        public const int TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E;
+        public const int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F;
+        public const int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030;
+        public const int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031;
+        public const int TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032;
+
+        /*
+         * RFC 5487
+         */
+        public const int TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8;
+        public const int TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9;
+        public const int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA;
+        public const int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB;
+        public const int TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC;
+        public const int TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD;
+        public const int TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE;
+        public const int TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF;
+        public const int TLS_PSK_WITH_NULL_SHA256 = 0x00B0;
+        public const int TLS_PSK_WITH_NULL_SHA384 = 0x00B1;
+        public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2;
+        public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3;
+        public const int TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4;
+        public const int TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5;
+        public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6;
+        public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7;
+        public const int TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8;
+        public const int TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9;
+
+        /*
+         * RFC 5489
+         */
+        public const int TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033;
+        public const int TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034;
+        public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035;
+        public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036;
+        public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037;
+        public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038;
+        public const int TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039;
+        public const int TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A;
+        public const int TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B;
+
+        /*
+         * RFC 5746
+         */
+        public const int TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF;
+
+        /*
+         * RFC 6367
+         */
+        public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072;
+        public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073;
+        public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074;
+        public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075;
+        public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076;
+        public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077;
+        public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078;
+        public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079;
+
+        public const int TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A;
+        public const int TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C;
+        public const int TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E;
+        public const int TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080;
+        public const int TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082;
+        public const int TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083;
+        public const int TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084;
+        public const int TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085;
+        public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086;
+        public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087;
+        public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088;
+        public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089;
+        public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A;
+        public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B;
+        public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C;
+        public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D;
+
+        public const int TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E;
+        public const int TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F;
+        public const int TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090;
+        public const int TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091;
+        public const int TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092;
+        public const int TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093;
+        public const int TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094;
+        public const int TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095;
+        public const int TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096;
+        public const int TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097;
+        public const int TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098;
+        public const int TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099;
+        public const int TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A;
+        public const int TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B;
+
+        /*
+         * RFC 6655
+         */
+        public const int TLS_RSA_WITH_AES_128_CCM = 0xC09C;
+        public const int TLS_RSA_WITH_AES_256_CCM = 0xC09D;
+        public const int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E;
+        public const int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F;
+        public const int TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0;
+        public const int TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1;
+        public const int TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2;
+        public const int TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3;
+        public const int TLS_PSK_WITH_AES_128_CCM = 0xC0A4;
+        public const int TLS_PSK_WITH_AES_256_CCM = 0xC0A5;
+        public const int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6;
+        public const int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7;
+        public const int TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8;
+        public const int TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9;
+        public const int TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA;
+        public const int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB;
+
+        /*
+         * RFC 7251
+         */
+        public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE;
+        public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF;
+
+        /*
+         * RFC 7507
+         */
+        public const int TLS_FALLBACK_SCSV = 0x5600;
+
+        /*
+         * draft-ietf-tls-chacha20-poly1305-04
+         */
+        public const int DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
+        public const int DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
+        public const int DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
+        public const int DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB;
+        public const int DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
+        public const int DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
+        public const int DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE;
+
+        /*
+         * draft-zauner-tls-aes-ocb-04 (code points TBD)
+         */
+        public const int DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB = 0xFF00;
+        public const int DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB = 0xFF01;
+        public const int DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB = 0xFF02;
+        public const int DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB = 0xFF03;
+        public const int DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB = 0xFF04;
+        public const int DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB = 0xFF05;
+        public const int DRAFT_TLS_PSK_WITH_AES_128_OCB = 0xFF10;
+        public const int DRAFT_TLS_PSK_WITH_AES_256_OCB = 0xFF11;
+        public const int DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB = 0xFF12;
+        public const int DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB = 0xFF13;
+        public const int DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB = 0xFF14;
+        public const int DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB = 0xFF15;
+
+        public static bool IsScsv(int cipherSuite)
+        {
+            switch (cipherSuite)
+            {
+            case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
+            case TLS_FALLBACK_SCSV:
+                return true;
+            default:
+                return false;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CipherType.cs b/bc-sharp-crypto/src/crypto/tls/CipherType.cs
new file mode 100644
index 0000000..b2ad7d8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CipherType.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class CipherType
+    {
+        public const int stream = 0;
+        public const int block = 1;
+
+        /*
+         * RFC 5246
+         */
+        public const int aead = 2;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ClientAuthenticationType.cs b/bc-sharp-crypto/src/crypto/tls/ClientAuthenticationType.cs
new file mode 100644
index 0000000..dd248f3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ClientAuthenticationType.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ClientAuthenticationType
+    {
+        /*
+         * RFC 5077 4
+         */
+        public const byte anonymous = 0;
+        public const byte certificate_based = 1;
+        public const byte psk = 2;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ClientCertificateType.cs b/bc-sharp-crypto/src/crypto/tls/ClientCertificateType.cs
new file mode 100644
index 0000000..a291a46
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ClientCertificateType.cs
@@ -0,0 +1,23 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ClientCertificateType
+    {
+        /*
+         *  RFC 4346 7.4.4
+         */
+        public const byte rsa_sign = 1;
+        public const byte dss_sign = 2;
+        public const byte rsa_fixed_dh = 3;
+        public const byte dss_fixed_dh = 4;
+        public const byte rsa_ephemeral_dh_RESERVED = 5;
+        public const byte dss_ephemeral_dh_RESERVED = 6;
+        public const byte fortezza_dms_RESERVED = 20;
+
+        /*
+        * RFC 4492 5.5
+        */
+        public const byte ecdsa_sign = 64;
+        public const byte rsa_fixed_ecdh = 65;
+        public const byte ecdsa_fixed_ecdh = 66;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CombinedHash.cs b/bc-sharp-crypto/src/crypto/tls/CombinedHash.cs
new file mode 100644
index 0000000..74a52d5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CombinedHash.cs
@@ -0,0 +1,133 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * A combined hash, which implements md5(m) || sha1(m).
+     */
+    internal class CombinedHash
+        :   TlsHandshakeHash
+    {
+        protected TlsContext mContext;
+        protected IDigest mMd5;
+        protected IDigest mSha1;
+
+        internal CombinedHash()
+        {
+            this.mMd5 = TlsUtilities.CreateHash(HashAlgorithm.md5);
+            this.mSha1 = TlsUtilities.CreateHash(HashAlgorithm.sha1);
+        }
+
+        internal CombinedHash(CombinedHash t)
+        {
+            this.mContext = t.mContext;
+            this.mMd5 = TlsUtilities.CloneHash(HashAlgorithm.md5, t.mMd5);
+            this.mSha1 = TlsUtilities.CloneHash(HashAlgorithm.sha1, t.mSha1);
+        }
+
+        public virtual void Init(TlsContext context)
+        {
+            this.mContext = context;
+        }
+
+        public virtual TlsHandshakeHash NotifyPrfDetermined()
+        {
+            return this;
+        }
+
+        public virtual void TrackHashAlgorithm(byte hashAlgorithm)
+        {
+            throw new InvalidOperationException("CombinedHash only supports calculating the legacy PRF for handshake hash");
+        }
+
+        public virtual void SealHashAlgorithms()
+        {
+        }
+
+        public virtual TlsHandshakeHash StopTracking()
+        {
+            return new CombinedHash(this);
+        }
+
+        public virtual IDigest ForkPrfHash()
+        {
+            return new CombinedHash(this);
+        }
+
+        public virtual byte[] GetFinalHash(byte hashAlgorithm)
+        {
+            throw new InvalidOperationException("CombinedHash doesn't support multiple hashes");
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return mMd5.AlgorithmName + " and " + mSha1.AlgorithmName; }
+        }
+
+        public virtual int GetByteLength()
+        {
+            return System.Math.Max(mMd5.GetByteLength(), mSha1.GetByteLength());
+        }
+
+        public virtual int GetDigestSize()
+        {
+            return mMd5.GetDigestSize() + mSha1.GetDigestSize();
+        }
+
+        public virtual void Update(byte input)
+        {
+            mMd5.Update(input);
+            mSha1.Update(input);
+        }
+
+        /**
+         * @see org.bouncycastle.crypto.Digest#update(byte[], int, int)
+         */
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            mMd5.BlockUpdate(input, inOff, len);
+            mSha1.BlockUpdate(input, inOff, len);
+        }
+
+        /**
+         * @see org.bouncycastle.crypto.Digest#doFinal(byte[], int)
+         */
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            if (mContext != null && TlsUtilities.IsSsl(mContext))
+            {
+                Ssl3Complete(mMd5, Ssl3Mac.IPAD, Ssl3Mac.OPAD, 48);
+                Ssl3Complete(mSha1, Ssl3Mac.IPAD, Ssl3Mac.OPAD, 40);
+            }
+
+            int i1 = mMd5.DoFinal(output, outOff);
+            int i2 = mSha1.DoFinal(output, outOff + i1);
+            return i1 + i2;
+        }
+
+        /**
+         * @see org.bouncycastle.crypto.Digest#reset()
+         */
+        public virtual void Reset()
+        {
+            mMd5.Reset();
+            mSha1.Reset();
+        }
+
+        protected virtual void Ssl3Complete(IDigest d, byte[] ipad, byte[] opad, int padLength)
+        {
+            byte[] master_secret = mContext.SecurityParameters.masterSecret;
+
+            d.BlockUpdate(master_secret, 0, master_secret.Length);
+            d.BlockUpdate(ipad, 0, padLength);
+
+            byte[] tmp = DigestUtilities.DoFinal(d);
+
+            d.BlockUpdate(master_secret, 0, master_secret.Length);
+            d.BlockUpdate(opad, 0, padLength);
+            d.BlockUpdate(tmp, 0, tmp.Length);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/CompressionMethod.cs b/bc-sharp-crypto/src/crypto/tls/CompressionMethod.cs
new file mode 100644
index 0000000..89c1f5f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/CompressionMethod.cs
@@ -0,0 +1,22 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 2246 6.1
+    /// </summary>
+    public abstract class CompressionMethod
+    {
+        public const byte cls_null = 0;
+
+        /*
+         * RFC 3749 2
+         */
+        public const byte DEFLATE = 1;
+
+        /*
+         * Values from 224 decimal (0xE0) through 255 decimal (0xFF)
+         * inclusive are reserved for private use.
+         */
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ConnectionEnd.cs b/bc-sharp-crypto/src/crypto/tls/ConnectionEnd.cs
new file mode 100644
index 0000000..afc9460
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ConnectionEnd.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class ConnectionEnd
+    {
+        public const int server = 0;
+        public const int client = 1;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ContentType.cs b/bc-sharp-crypto/src/crypto/tls/ContentType.cs
new file mode 100644
index 0000000..d6ab438
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ContentType.cs
@@ -0,0 +1,14 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 2246 6.2.1
+     */
+    public abstract class ContentType
+    {
+        public const byte change_cipher_spec = 20;
+        public const byte alert = 21;
+        public const byte handshake = 22;
+        public const byte application_data = 23;
+        public const byte heartbeat = 24;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DatagramTransport.cs b/bc-sharp-crypto/src/crypto/tls/DatagramTransport.cs
new file mode 100644
index 0000000..524a8b1
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DatagramTransport.cs
@@ -0,0 +1,23 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface DatagramTransport
+    {
+        /// <exception cref="IOException"/>
+        int GetReceiveLimit();
+
+        /// <exception cref="IOException"/>
+        int GetSendLimit();
+
+        /// <exception cref="IOException"/>
+        int Receive(byte[] buf, int off, int len, int waitMillis);
+
+        /// <exception cref="IOException"/>
+        void Send(byte[] buf, int off, int len);
+
+        /// <exception cref="IOException"/>
+        void Close();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs
new file mode 100644
index 0000000..fab9788
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs
@@ -0,0 +1,69 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DefaultTlsAgreementCredentials
+        : AbstractTlsAgreementCredentials
+    {
+        protected readonly Certificate mCertificate;
+        protected readonly AsymmetricKeyParameter mPrivateKey;
+
+        protected readonly IBasicAgreement mBasicAgreement;
+        protected readonly bool mTruncateAgreement;
+
+        public DefaultTlsAgreementCredentials(Certificate certificate, AsymmetricKeyParameter privateKey)
+        {
+            if (certificate == null)
+                throw new ArgumentNullException("certificate");
+            if (certificate.IsEmpty)
+                throw new ArgumentException("cannot be empty", "certificate");
+            if (privateKey == null)
+                throw new ArgumentNullException("privateKey");
+            if (!privateKey.IsPrivate)
+                throw new ArgumentException("must be private", "privateKey");
+
+            if (privateKey is DHPrivateKeyParameters)
+            {
+                mBasicAgreement = new DHBasicAgreement();
+                mTruncateAgreement = true;
+            }
+            else if (privateKey is ECPrivateKeyParameters)
+            {
+                mBasicAgreement = new ECDHBasicAgreement();
+                mTruncateAgreement = false;
+            }
+            else
+            {
+                throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey");
+            }
+
+            this.mCertificate = certificate;
+            this.mPrivateKey = privateKey;
+        }
+
+        public override Certificate Certificate
+        {
+            get { return mCertificate; }
+        }
+
+        /// <exception cref="IOException"></exception>
+        public override byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey)
+        {
+            mBasicAgreement.Init(mPrivateKey);
+            BigInteger agreementValue = mBasicAgreement.CalculateAgreement(peerPublicKey);
+
+            if (mTruncateAgreement)
+            {
+                return BigIntegers.AsUnsignedByteArray(agreementValue);
+            }
+
+            return BigIntegers.AsUnsignedByteArray(mBasicAgreement.GetFieldSize(), agreementValue);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsCipherFactory.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
new file mode 100644
index 0000000..af0ec12
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsCipherFactory.cs
@@ -0,0 +1,227 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DefaultTlsCipherFactory
+        :   AbstractTlsCipherFactory
+    {
+        /// <exception cref="IOException"></exception>
+        public override TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
+        {
+            switch (encryptionAlgorithm)
+            {
+            case EncryptionAlgorithm.cls_3DES_EDE_CBC:
+                return CreateDesEdeCipher(context, macAlgorithm);
+            case EncryptionAlgorithm.AES_128_CBC:
+                return CreateAESCipher(context, 16, macAlgorithm);
+            case EncryptionAlgorithm.AES_128_CCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ccm(context, 16, 16);
+            case EncryptionAlgorithm.AES_128_CCM_8:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ccm(context, 16, 8);
+            case EncryptionAlgorithm.AES_128_GCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Gcm(context, 16, 16);
+            case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ocb(context, 16, 12);
+            case EncryptionAlgorithm.AES_256_CBC:
+                return CreateAESCipher(context, 32, macAlgorithm);
+            case EncryptionAlgorithm.AES_256_CCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ccm(context, 32, 16);
+            case EncryptionAlgorithm.AES_256_CCM_8:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ccm(context, 32, 8);
+            case EncryptionAlgorithm.AES_256_GCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Gcm(context, 32, 16);
+            case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Aes_Ocb(context, 32, 12);
+            case EncryptionAlgorithm.CAMELLIA_128_CBC:
+                return CreateCamelliaCipher(context, 16, macAlgorithm);
+            case EncryptionAlgorithm.CAMELLIA_128_GCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Camellia_Gcm(context, 16, 16);
+            case EncryptionAlgorithm.CAMELLIA_256_CBC:
+                return CreateCamelliaCipher(context, 32, macAlgorithm);
+            case EncryptionAlgorithm.CAMELLIA_256_GCM:
+                // NOTE: Ignores macAlgorithm
+                return CreateCipher_Camellia_Gcm(context, 32, 16);
+            case EncryptionAlgorithm.CHACHA20_POLY1305:
+                // NOTE: Ignores macAlgorithm
+                return CreateChaCha20Poly1305(context);
+            case EncryptionAlgorithm.NULL:
+                return CreateNullCipher(context, macAlgorithm);
+            case EncryptionAlgorithm.RC4_128:
+                return CreateRC4Cipher(context, 16, macAlgorithm);
+            case EncryptionAlgorithm.SEED_CBC:
+                return CreateSeedCipher(context, macAlgorithm);
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsBlockCipher CreateAESCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
+        {
+            return new TlsBlockCipher(context, CreateAesBlockCipher(), CreateAesBlockCipher(),
+                CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsBlockCipher CreateCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
+        {
+            return new TlsBlockCipher(context, CreateCamelliaBlockCipher(),
+                CreateCamelliaBlockCipher(), CreateHMacDigest(macAlgorithm),
+                CreateHMacDigest(macAlgorithm), cipherKeySize);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsCipher CreateChaCha20Poly1305(TlsContext context)
+        {
+            return new Chacha20Poly1305(context);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsAeadCipher CreateCipher_Aes_Ccm(TlsContext context, int cipherKeySize, int macSize)
+        {
+            return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ccm(),
+                CreateAeadBlockCipher_Aes_Ccm(), cipherKeySize, macSize);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsAeadCipher CreateCipher_Aes_Gcm(TlsContext context, int cipherKeySize, int macSize)
+        {
+            return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Gcm(),
+                CreateAeadBlockCipher_Aes_Gcm(), cipherKeySize, macSize);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsAeadCipher CreateCipher_Aes_Ocb(TlsContext context, int cipherKeySize, int macSize)
+        {
+            return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ocb(),
+                CreateAeadBlockCipher_Aes_Ocb(), cipherKeySize, macSize, TlsAeadCipher.NONCE_DRAFT_CHACHA20_POLY1305);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsAeadCipher CreateCipher_Camellia_Gcm(TlsContext context, int cipherKeySize, int macSize)
+        {
+            return new TlsAeadCipher(context, CreateAeadBlockCipher_Camellia_Gcm(),
+                CreateAeadBlockCipher_Camellia_Gcm(), cipherKeySize, macSize);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsBlockCipher CreateDesEdeCipher(TlsContext context, int macAlgorithm)
+        {
+            return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(),
+                CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 24);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsNullCipher CreateNullCipher(TlsContext context, int macAlgorithm)
+        {
+            return new TlsNullCipher(context, CreateHMacDigest(macAlgorithm),
+                CreateHMacDigest(macAlgorithm));
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsStreamCipher CreateRC4Cipher(TlsContext context, int cipherKeySize, int macAlgorithm)
+        {
+            return new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(),
+                CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize, false);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual TlsBlockCipher CreateSeedCipher(TlsContext context, int macAlgorithm)
+        {
+            return new TlsBlockCipher(context, CreateSeedBlockCipher(), CreateSeedBlockCipher(),
+                CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 16);
+        }
+
+        protected virtual IBlockCipher CreateAesEngine()
+        {
+            return new AesEngine();
+        }
+
+        protected virtual IBlockCipher CreateCamelliaEngine()
+        {
+            return new CamelliaEngine();
+        }
+
+        protected virtual IBlockCipher CreateAesBlockCipher()
+        {
+            return new CbcBlockCipher(CreateAesEngine());
+        }
+
+        protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ccm()
+        {
+            return new CcmBlockCipher(CreateAesEngine());
+        }
+
+        protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Gcm()
+        {
+            // TODO Consider allowing custom configuration of multiplier
+            return new GcmBlockCipher(CreateAesEngine());
+        }
+
+        protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ocb()
+        {
+            return new OcbBlockCipher(CreateAesEngine(), CreateAesEngine());
+        }
+
+        protected virtual IAeadBlockCipher CreateAeadBlockCipher_Camellia_Gcm()
+        {
+            // TODO Consider allowing custom configuration of multiplier
+            return new GcmBlockCipher(CreateCamelliaEngine());
+        }
+
+        protected virtual IBlockCipher CreateCamelliaBlockCipher()
+        {
+            return new CbcBlockCipher(CreateCamelliaEngine());
+        }
+
+        protected virtual IBlockCipher CreateDesEdeBlockCipher()
+        {
+            return new CbcBlockCipher(new DesEdeEngine());
+        }
+
+        protected virtual IStreamCipher CreateRC4StreamCipher()
+        {
+            return new RC4Engine();
+        }
+
+        protected virtual IBlockCipher CreateSeedBlockCipher()
+        {
+            return new CbcBlockCipher(new SeedEngine());
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual IDigest CreateHMacDigest(int macAlgorithm)
+        {
+            switch (macAlgorithm)
+            {
+            case MacAlgorithm.cls_null:
+                return null;
+            case MacAlgorithm.hmac_md5:
+                return TlsUtilities.CreateHash(HashAlgorithm.md5);
+            case MacAlgorithm.hmac_sha1:
+                return TlsUtilities.CreateHash(HashAlgorithm.sha1);
+            case MacAlgorithm.hmac_sha256:
+                return TlsUtilities.CreateHash(HashAlgorithm.sha256);
+            case MacAlgorithm.hmac_sha384:
+                return TlsUtilities.CreateHash(HashAlgorithm.sha384);
+            case MacAlgorithm.hmac_sha512:
+                return TlsUtilities.CreateHash(HashAlgorithm.sha512);
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsClient.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsClient.cs
new file mode 100644
index 0000000..32a86e5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsClient.cs
@@ -0,0 +1,113 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class DefaultTlsClient
+        :   AbstractTlsClient
+    {
+        public DefaultTlsClient()
+            :   base()
+        {
+        }
+
+        public DefaultTlsClient(TlsCipherFactory cipherFactory)
+            :   base(cipherFactory)
+        {
+        }
+
+        public override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
+            };
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.DH_anon:
+            case KeyExchangeAlgorithm.DH_DSS:
+            case KeyExchangeAlgorithm.DH_RSA:
+                return CreateDHKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.DHE_DSS:
+            case KeyExchangeAlgorithm.DHE_RSA:
+                return CreateDheKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.ECDH_anon:
+            case KeyExchangeAlgorithm.ECDH_ECDSA:
+            case KeyExchangeAlgorithm.ECDH_RSA:
+                return CreateECDHKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.ECDHE_ECDSA:
+            case KeyExchangeAlgorithm.ECDHE_RSA:
+                return CreateECDheKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.RSA:
+                return CreateRsaKeyExchange();
+
+            default:
+                /*
+                    * Note: internal error here; the TlsProtocol implementation verifies that the
+                    * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                    * we now can't produce an implementation, we shouldn't have offered it!
+                    */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        protected virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange)
+        {
+            return new TlsDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null);
+        }
+
+        protected virtual TlsKeyExchange CreateDheKeyExchange(int keyExchange)
+        {
+            return new TlsDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null);
+        }
+
+        protected virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange)
+        {
+            return new TlsECDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats,
+                mServerECPointFormats);
+        }
+
+        protected virtual TlsKeyExchange CreateECDheKeyExchange(int keyExchange)
+        {
+            return new TlsECDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats,
+                mServerECPointFormats);
+        }
+
+        protected virtual TlsKeyExchange CreateRsaKeyExchange()
+        {
+            return new TlsRsaKeyExchange(mSupportedSignatureAlgorithms);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs
new file mode 100644
index 0000000..5348ee8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs
@@ -0,0 +1,52 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DefaultTlsEncryptionCredentials
+        :   AbstractTlsEncryptionCredentials
+    {
+        protected readonly TlsContext mContext;
+        protected readonly Certificate mCertificate;
+        protected readonly AsymmetricKeyParameter mPrivateKey;
+
+        public DefaultTlsEncryptionCredentials(TlsContext context, Certificate certificate,
+            AsymmetricKeyParameter privateKey)
+        {
+            if (certificate == null)
+                throw new ArgumentNullException("certificate");
+            if (certificate.IsEmpty)
+                throw new ArgumentException("cannot be empty", "certificate");
+            if (privateKey == null)
+                throw new ArgumentNullException("'privateKey' cannot be null");
+            if (!privateKey.IsPrivate)
+                throw new ArgumentException("must be private", "privateKey");
+
+            if (privateKey is RsaKeyParameters)
+            {
+            }
+            else
+            {
+                throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey");
+            }
+
+            this.mContext = context;
+            this.mCertificate = certificate;
+            this.mPrivateKey = privateKey;
+        }
+
+        public override Certificate Certificate
+        {
+            get { return mCertificate; }
+        }
+
+        /// <exception cref="IOException"></exception>
+        public override byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret)
+        {
+            return TlsRsaUtilities.SafeDecryptPreMasterSecret(mContext, (RsaKeyParameters)mPrivateKey, encryptedPreMasterSecret);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsServer.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsServer.cs
new file mode 100644
index 0000000..97eaa07
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsServer.cs
@@ -0,0 +1,166 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class DefaultTlsServer
+        :   AbstractTlsServer
+    {
+        public DefaultTlsServer()
+            :   base()
+        {
+        }
+
+        public DefaultTlsServer(TlsCipherFactory cipherFactory)
+            :   base(cipherFactory)
+        {
+        }
+
+        protected virtual TlsSignerCredentials GetDsaSignerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsSignerCredentials GetECDsaSignerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsEncryptionCredentials GetRsaEncryptionCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsSignerCredentials GetRsaSignerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual DHParameters GetDHParameters()
+        {
+            return DHStandardGroups.rfc7919_ffdhe2048;
+        }
+
+        protected override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384,
+                CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
+                CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
+                CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
+            };
+        }
+
+        public override TlsCredentials GetCredentials()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+                case KeyExchangeAlgorithm.DHE_DSS:
+                    return GetDsaSignerCredentials();
+
+                case KeyExchangeAlgorithm.DH_anon:
+                case KeyExchangeAlgorithm.ECDH_anon:
+                    return null;
+
+                case KeyExchangeAlgorithm.ECDHE_ECDSA:
+                    return GetECDsaSignerCredentials();
+
+                case KeyExchangeAlgorithm.DHE_RSA:
+                case KeyExchangeAlgorithm.ECDHE_RSA:
+                    return GetRsaSignerCredentials();
+
+                case KeyExchangeAlgorithm.RSA:
+                    return GetRsaEncryptionCredentials();
+
+                default:
+                    /* Note: internal error here; selected a key exchange we don't implement! */
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.DH_anon:
+            case KeyExchangeAlgorithm.DH_DSS:
+            case KeyExchangeAlgorithm.DH_RSA:
+                return CreateDHKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.DHE_DSS:
+            case KeyExchangeAlgorithm.DHE_RSA:
+                return CreateDheKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.ECDH_anon:
+            case KeyExchangeAlgorithm.ECDH_ECDSA:
+            case KeyExchangeAlgorithm.ECDH_RSA:
+                return CreateECDHKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.ECDHE_ECDSA:
+            case KeyExchangeAlgorithm.ECDHE_RSA:
+                return CreateECDheKeyExchange(keyExchangeAlgorithm);
+
+            case KeyExchangeAlgorithm.RSA:
+                return CreateRsaKeyExchange();
+
+            default:
+                /*
+                    * Note: internal error here; the TlsProtocol implementation verifies that the
+                    * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                    * we now can't produce an implementation, we shouldn't have offered it!
+                    */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        protected virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange)
+        {
+            return new TlsDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, GetDHParameters());
+        }
+
+        protected virtual TlsKeyExchange CreateDheKeyExchange(int keyExchange)
+        {
+            return new TlsDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, GetDHParameters());
+        }
+
+        protected virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange)
+        {
+            return new TlsECDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats,
+                mServerECPointFormats);
+        }
+
+        protected virtual TlsKeyExchange CreateECDheKeyExchange(int keyExchange)
+        {
+            return new TlsECDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats,
+                mServerECPointFormats);
+        }
+
+        protected virtual TlsKeyExchange CreateRsaKeyExchange()
+        {
+            return new TlsRsaKeyExchange(mSupportedSignatureAlgorithms);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
new file mode 100644
index 0000000..0ff732a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
@@ -0,0 +1,93 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DefaultTlsSignerCredentials
+        :   AbstractTlsSignerCredentials
+    {
+        protected readonly TlsContext mContext;
+        protected readonly Certificate mCertificate;
+        protected readonly AsymmetricKeyParameter mPrivateKey;
+        protected readonly SignatureAndHashAlgorithm mSignatureAndHashAlgorithm;
+
+        protected readonly TlsSigner mSigner;
+
+        public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey)
+            :   this(context, certificate, privateKey, null)
+        {
+        }
+
+        public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey,
+            SignatureAndHashAlgorithm signatureAndHashAlgorithm)
+        {
+            if (certificate == null)
+                throw new ArgumentNullException("certificate");
+            if (certificate.IsEmpty)
+                throw new ArgumentException("cannot be empty", "clientCertificate");
+            if (privateKey == null)
+                throw new ArgumentNullException("privateKey");
+            if (!privateKey.IsPrivate)
+                throw new ArgumentException("must be private", "privateKey");
+            if (TlsUtilities.IsTlsV12(context) && signatureAndHashAlgorithm == null)
+                throw new ArgumentException("cannot be null for (D)TLS 1.2+", "signatureAndHashAlgorithm");
+
+            if (privateKey is RsaKeyParameters)
+            {
+                mSigner = new TlsRsaSigner();
+            }
+            else if (privateKey is DsaPrivateKeyParameters)
+            {
+                mSigner = new TlsDssSigner();
+            }
+            else if (privateKey is ECPrivateKeyParameters)
+            {
+                mSigner = new TlsECDsaSigner();
+            }
+            else
+            {
+                throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey");
+            }
+
+            this.mSigner.Init(context);
+
+            this.mContext = context;
+            this.mCertificate = certificate;
+            this.mPrivateKey = privateKey;
+            this.mSignatureAndHashAlgorithm = signatureAndHashAlgorithm;
+        }
+
+        public override Certificate Certificate
+        {
+            get { return mCertificate; }
+        }
+
+        /// <exception cref="IOException"></exception>
+        public override byte[] GenerateCertificateSignature(byte[] hash)
+        {
+            try
+            {
+                if (TlsUtilities.IsTlsV12(mContext))
+                {
+                    return mSigner.GenerateRawSignature(mSignatureAndHashAlgorithm, mPrivateKey, hash);
+                }
+                else
+                {
+                    return mSigner.GenerateRawSignature(mPrivateKey, hash);
+                }
+            }
+            catch (CryptoException e)
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+        }
+
+        public override SignatureAndHashAlgorithm SignatureAndHashAlgorithm
+        {
+            get { return mSignatureAndHashAlgorithm; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs b/bc-sharp-crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs
new file mode 100644
index 0000000..cc933bf
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs
@@ -0,0 +1,70 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto.Agreement.Srp;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DefaultTlsSrpGroupVerifier
+        :   TlsSrpGroupVerifier
+    {
+        protected static readonly IList DefaultGroups = Platform.CreateArrayList();
+
+        static DefaultTlsSrpGroupVerifier()
+        {
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_1024);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_1536);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_2048);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_3072);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_4096);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_6144);
+            DefaultGroups.Add(Srp6StandardGroups.rfc5054_8192);
+        }
+
+        // Vector is (SRP6GroupParameters)
+        protected readonly IList mGroups;
+
+        /**
+         * Accept only the group parameters specified in RFC 5054 Appendix A.
+         */
+        public DefaultTlsSrpGroupVerifier()
+            :   this(DefaultGroups)
+        {
+        }
+
+        /**
+         * Specify a custom set of acceptable group parameters.
+         * 
+         * @param groups a {@link Vector} of acceptable {@link SRP6GroupParameters}
+         */
+        public DefaultTlsSrpGroupVerifier(IList groups)
+        {
+            this.mGroups = groups;
+        }
+
+        public virtual bool Accept(Srp6GroupParameters group)
+        {
+            foreach (Srp6GroupParameters entry in mGroups)
+            {
+                if (AreGroupsEqual(group, entry))
+                {
+                    return true;
+                }
+            }
+            return false;
+        }
+
+        protected virtual bool AreGroupsEqual(Srp6GroupParameters a, Srp6GroupParameters b)
+        {
+            return a == b || (AreParametersEqual(a.N, b.N) && AreParametersEqual(a.G, b.G));
+        }
+
+        protected virtual bool AreParametersEqual(BigInteger a, BigInteger b)
+        {
+            return a == b || a.Equals(b);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DeferredHash.cs b/bc-sharp-crypto/src/crypto/tls/DeferredHash.cs
new file mode 100644
index 0000000..f402f26
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DeferredHash.cs
@@ -0,0 +1,201 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * Buffers input until the hash algorithm is determined.
+     */
+    internal class DeferredHash
+        :   TlsHandshakeHash
+    {
+        protected const int BUFFERING_HASH_LIMIT = 4;
+
+        protected TlsContext mContext;
+
+        private DigestInputBuffer mBuf;
+        private IDictionary mHashes;
+        private int mPrfHashAlgorithm;
+
+        internal DeferredHash()
+        {
+            this.mBuf = new DigestInputBuffer();
+            this.mHashes = Platform.CreateHashtable();
+            this.mPrfHashAlgorithm = -1;
+        }
+
+        private DeferredHash(byte prfHashAlgorithm, IDigest prfHash)
+        {
+            this.mBuf = null;
+            this.mHashes = Platform.CreateHashtable();
+            this.mPrfHashAlgorithm = prfHashAlgorithm;
+            mHashes[prfHashAlgorithm] = prfHash;
+        }
+
+        public virtual void Init(TlsContext context)
+        {
+            this.mContext = context;
+        }
+
+        public virtual TlsHandshakeHash NotifyPrfDetermined()
+        {
+            int prfAlgorithm = mContext.SecurityParameters.PrfAlgorithm;
+            if (prfAlgorithm == PrfAlgorithm.tls_prf_legacy)
+            {
+                CombinedHash legacyHash = new CombinedHash();
+                legacyHash.Init(mContext);
+                mBuf.UpdateDigest(legacyHash);
+                return legacyHash.NotifyPrfDetermined();
+            }
+
+            this.mPrfHashAlgorithm = TlsUtilities.GetHashAlgorithmForPrfAlgorithm(prfAlgorithm);
+
+            CheckTrackingHash((byte)mPrfHashAlgorithm);
+
+            return this;
+        }
+
+        public virtual void TrackHashAlgorithm(byte hashAlgorithm)
+        {
+            if (mBuf == null)
+                throw new InvalidOperationException("Too late to track more hash algorithms");
+
+            CheckTrackingHash(hashAlgorithm);
+        }
+
+        public virtual void SealHashAlgorithms()
+        {
+            CheckStopBuffering();
+        }
+
+        public virtual TlsHandshakeHash StopTracking()
+        {
+            byte prfHashAlgorithm = (byte)mPrfHashAlgorithm;
+            IDigest prfHash = TlsUtilities.CloneHash(prfHashAlgorithm, (IDigest)mHashes[prfHashAlgorithm]);
+            if (mBuf != null)
+            {
+                mBuf.UpdateDigest(prfHash);
+            }
+            DeferredHash result = new DeferredHash(prfHashAlgorithm, prfHash);
+            result.Init(mContext);
+            return result;
+        }
+
+        public virtual IDigest ForkPrfHash()
+        {
+            CheckStopBuffering();
+
+            byte prfHashAlgorithm = (byte)mPrfHashAlgorithm;
+            if (mBuf != null)
+            {
+                IDigest prfHash = TlsUtilities.CreateHash(prfHashAlgorithm);
+                mBuf.UpdateDigest(prfHash);
+                return prfHash;
+            }
+
+            return TlsUtilities.CloneHash(prfHashAlgorithm, (IDigest)mHashes[prfHashAlgorithm]);
+        }
+
+        public virtual byte[] GetFinalHash(byte hashAlgorithm)
+        {
+            IDigest d = (IDigest)mHashes[hashAlgorithm];
+            if (d == null)
+                throw new InvalidOperationException("HashAlgorithm." + HashAlgorithm.GetText(hashAlgorithm) + " is not being tracked");
+
+            d = TlsUtilities.CloneHash(hashAlgorithm, d);
+            if (mBuf != null)
+            {
+                mBuf.UpdateDigest(d);
+            }
+
+            return DigestUtilities.DoFinal(d);
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { throw new InvalidOperationException("Use Fork() to get a definite IDigest"); }
+        }
+
+        public virtual int GetByteLength()
+        {
+            throw new InvalidOperationException("Use Fork() to get a definite IDigest");
+        }
+
+        public virtual int GetDigestSize()
+        {
+            throw new InvalidOperationException("Use Fork() to get a definite IDigest");
+        }
+
+        public virtual void Update(byte input)
+        {
+            if (mBuf != null)
+            {
+                mBuf.WriteByte(input);
+                return;
+            }
+
+            foreach (IDigest hash in mHashes.Values)
+            {
+                hash.Update(input);
+            }
+        }
+
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            if (mBuf != null)
+            {
+                mBuf.Write(input, inOff, len);
+                return;
+            }
+
+            foreach (IDigest hash in mHashes.Values)
+            {
+                hash.BlockUpdate(input, inOff, len);
+            }
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            throw new InvalidOperationException("Use Fork() to get a definite IDigest");
+        }
+
+        public virtual void Reset()
+        {
+            if (mBuf != null)
+            {
+                mBuf.SetLength(0);
+                return;
+            }
+
+            foreach (IDigest hash in mHashes.Values)
+            {
+                hash.Reset();
+            }
+        }
+
+        protected virtual void CheckStopBuffering()
+        {
+            if (mBuf != null && mHashes.Count <= BUFFERING_HASH_LIMIT)
+            {
+                foreach (IDigest hash in mHashes.Values)
+                {
+                    mBuf.UpdateDigest(hash);
+                }
+
+                this.mBuf = null;
+            }
+        }
+
+        protected virtual void CheckTrackingHash(byte hashAlgorithm)
+        {
+            if (!mHashes.Contains(hashAlgorithm))
+            {
+                IDigest hash = TlsUtilities.CreateHash(hashAlgorithm);
+                mHashes[hashAlgorithm] = hash;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DigestInputBuffer.cs b/bc-sharp-crypto/src/crypto/tls/DigestInputBuffer.cs
new file mode 100644
index 0000000..4435b40
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DigestInputBuffer.cs
@@ -0,0 +1,37 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class DigestInputBuffer
+        :   MemoryStream
+    {
+        internal void UpdateDigest(IDigest d)
+        {
+            Streams.WriteBufTo(this, new DigStream(d));
+        }
+
+        private class DigStream
+            :   BaseOutputStream
+        {
+            private readonly IDigest d;
+
+            internal DigStream(IDigest d)
+            {
+                this.d = d;
+            }
+
+            public override void WriteByte(byte b)
+            {
+                d.Update(b);
+            }
+
+            public override void Write(byte[] buf, int off, int len)
+            {
+                d.BlockUpdate(buf, off, len);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DigitallySigned.cs b/bc-sharp-crypto/src/crypto/tls/DigitallySigned.cs
new file mode 100644
index 0000000..8b7344f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DigitallySigned.cs
@@ -0,0 +1,70 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DigitallySigned
+    {
+        protected readonly SignatureAndHashAlgorithm mAlgorithm;
+        protected readonly byte[] mSignature;
+
+        public DigitallySigned(SignatureAndHashAlgorithm algorithm, byte[] signature)
+        {
+            if (signature == null)
+                throw new ArgumentNullException("signature");
+
+            this.mAlgorithm = algorithm;
+            this.mSignature = signature;
+        }
+
+        /**
+         * @return a {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
+         */
+        public virtual SignatureAndHashAlgorithm Algorithm
+        {
+            get { return mAlgorithm; }
+        }
+
+        public virtual byte[] Signature
+        {
+            get { return mSignature; }
+        }
+
+        /**
+         * Encode this {@link DigitallySigned} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            if (mAlgorithm != null)
+            {
+                mAlgorithm.Encode(output);
+            }
+            TlsUtilities.WriteOpaque16(mSignature, output);
+        }
+
+        /**
+         * Parse a {@link DigitallySigned} from a {@link Stream}.
+         * 
+         * @param context
+         *            the {@link TlsContext} of the current connection.
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link DigitallySigned} object.
+         * @throws IOException
+         */
+        public static DigitallySigned Parse(TlsContext context, Stream input)
+        {
+            SignatureAndHashAlgorithm algorithm = null;
+            if (TlsUtilities.IsTlsV12(context))
+            {
+                algorithm = SignatureAndHashAlgorithm.Parse(input);
+            }
+            byte[] signature = TlsUtilities.ReadOpaque16(input);
+            return new DigitallySigned(algorithm, signature);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsClientProtocol.cs b/bc-sharp-crypto/src/crypto/tls/DtlsClientProtocol.cs
new file mode 100644
index 0000000..ae6e6a5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsClientProtocol.cs
@@ -0,0 +1,857 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DtlsClientProtocol
+        :   DtlsProtocol
+    {
+        public DtlsClientProtocol(SecureRandom secureRandom)
+            :   base(secureRandom)
+        {
+        }
+
+        public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport)
+        {
+            if (client == null)
+                throw new ArgumentNullException("client");
+            if (transport == null)
+                throw new ArgumentNullException("transport");
+
+            SecurityParameters securityParameters = new SecurityParameters();
+            securityParameters.entity = ConnectionEnd.client;
+
+            ClientHandshakeState state = new ClientHandshakeState();
+            state.client = client;
+            state.clientContext = new TlsClientContextImpl(mSecureRandom, securityParameters);
+
+            securityParameters.clientRandom = TlsProtocol.CreateRandomBlock(client.ShouldUseGmtUnixTime(),
+                state.clientContext.NonceRandomGenerator);
+
+            client.Init(state.clientContext);
+
+            DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.clientContext, client, ContentType.handshake);
+
+            TlsSession sessionToResume = state.client.GetSessionToResume();
+            if (sessionToResume != null && sessionToResume.IsResumable)
+            {
+                SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
+                if (sessionParameters != null)
+                {
+                    state.tlsSession = sessionToResume;
+                    state.sessionParameters = sessionParameters;
+                }
+            }
+
+            try
+            {
+                return ClientHandshake(state, recordLayer);
+            }
+            catch (TlsFatalAlert fatalAlert)
+            {
+                AbortClientHandshake(state, recordLayer, fatalAlert.AlertDescription);
+                throw fatalAlert;
+            }
+            catch (IOException e)
+            {
+                AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+            finally
+            {
+                securityParameters.Clear();
+            }
+        }
+
+        internal virtual void AbortClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription)
+        {
+            recordLayer.Fail(alertDescription);
+            InvalidateSession(state);
+        }
+
+        internal virtual DtlsTransport ClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer)
+        {
+            SecurityParameters securityParameters = state.clientContext.SecurityParameters;
+            DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.clientContext, recordLayer);
+
+            byte[] clientHelloBody = GenerateClientHello(state, state.client);
+
+            recordLayer.SetWriteVersion(ProtocolVersion.DTLSv10);
+
+            handshake.SendMessage(HandshakeType.client_hello, clientHelloBody);
+
+            DtlsReliableHandshake.Message serverMessage = handshake.ReceiveMessage();
+
+            while (serverMessage.Type == HandshakeType.hello_verify_request)
+            {
+                ProtocolVersion recordLayerVersion = recordLayer.ReadVersion;
+                ProtocolVersion client_version = state.clientContext.ClientVersion;
+
+                /*
+                 * RFC 6347 4.2.1 DTLS 1.2 server implementations SHOULD use DTLS version 1.0 regardless of
+                 * the version of TLS that is expected to be negotiated. DTLS 1.2 and 1.0 clients MUST use
+                 * the version solely to indicate packet formatting (which is the same in both DTLS 1.2 and
+                 * 1.0) and not as part of version negotiation.
+                 */
+                if (!recordLayerVersion.IsEqualOrEarlierVersionOf(client_version))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                recordLayer.ReadVersion = null;
+
+                byte[] cookie = ProcessHelloVerifyRequest(state, serverMessage.Body);
+                byte[] patched = PatchClientHelloWithCookie(clientHelloBody, cookie);
+
+                handshake.ResetHandshakeMessagesDigest();
+                handshake.SendMessage(HandshakeType.client_hello, patched);
+
+                serverMessage = handshake.ReceiveMessage();
+            }
+
+            if (serverMessage.Type == HandshakeType.server_hello)
+            {
+                ProtocolVersion recordLayerVersion = recordLayer.ReadVersion;
+                ReportServerVersion(state, recordLayerVersion);
+                recordLayer.SetWriteVersion(recordLayerVersion);
+
+                ProcessServerHello(state, serverMessage.Body);
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+
+            handshake.NotifyHelloComplete();
+
+            ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength);
+
+            if (state.resumedSession)
+            {
+                securityParameters.masterSecret = Arrays.Clone(state.sessionParameters.MasterSecret);
+                recordLayer.InitPendingEpoch(state.client.GetCipher());
+
+                // NOTE: Calculated exclusive of the actual Finished message from the server
+                byte[] resExpectedServerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.server_finished,
+                    TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null));
+                ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), resExpectedServerVerifyData);
+
+                // NOTE: Calculated exclusive of the Finished message itself
+                byte[] resClientVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.client_finished,
+                    TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null));
+                handshake.SendMessage(HandshakeType.finished, resClientVerifyData);
+
+                handshake.Finish();
+
+                state.clientContext.SetResumableSession(state.tlsSession);
+
+                state.client.NotifyHandshakeComplete();
+
+                return new DtlsTransport(recordLayer);
+            }
+
+            InvalidateSession(state);
+
+            if (state.selectedSessionID.Length > 0)
+            {
+                state.tlsSession = new TlsSessionImpl(state.selectedSessionID, null);
+            }
+
+            serverMessage = handshake.ReceiveMessage();
+
+            if (serverMessage.Type == HandshakeType.supplemental_data)
+            {
+                ProcessServerSupplementalData(state, serverMessage.Body);
+                serverMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                state.client.ProcessServerSupplementalData(null);
+            }
+
+            state.keyExchange = state.client.GetKeyExchange();
+            state.keyExchange.Init(state.clientContext);
+
+            Certificate serverCertificate = null;
+
+            if (serverMessage.Type == HandshakeType.certificate)
+            {
+                serverCertificate = ProcessServerCertificate(state, serverMessage.Body);
+                serverMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                // Okay, Certificate is optional
+                state.keyExchange.SkipServerCredentials();
+            }
+
+            // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
+            if (serverCertificate == null || serverCertificate.IsEmpty)
+            {
+                state.allowCertificateStatus = false;
+            }
+
+            if (serverMessage.Type == HandshakeType.certificate_status)
+            {
+                ProcessCertificateStatus(state, serverMessage.Body);
+                serverMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                // Okay, CertificateStatus is optional
+            }
+
+            if (serverMessage.Type == HandshakeType.server_key_exchange)
+            {
+                ProcessServerKeyExchange(state, serverMessage.Body);
+                serverMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                // Okay, ServerKeyExchange is optional
+                state.keyExchange.SkipServerKeyExchange();
+            }
+
+            if (serverMessage.Type == HandshakeType.certificate_request)
+            {
+                ProcessCertificateRequest(state, serverMessage.Body);
+
+                /*
+                 * TODO Give the client a chance to immediately select the CertificateVerify hash
+                 * algorithm here to avoid tracking the other hash algorithms unnecessarily?
+                 */
+                TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash,
+                    state.certificateRequest.SupportedSignatureAlgorithms);
+
+                serverMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                // Okay, CertificateRequest is optional
+            }
+
+            if (serverMessage.Type == HandshakeType.server_hello_done)
+            {
+                if (serverMessage.Body.Length != 0)
+                {
+                    throw new TlsFatalAlert(AlertDescription.decode_error);
+                }
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+
+            handshake.HandshakeHash.SealHashAlgorithms();
+
+            IList clientSupplementalData = state.client.GetClientSupplementalData();
+            if (clientSupplementalData != null)
+            {
+                byte[] supplementalDataBody = GenerateSupplementalData(clientSupplementalData);
+                handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody);
+            }
+
+            if (state.certificateRequest != null)
+            {
+                state.clientCredentials = state.authentication.GetClientCredentials(state.certificateRequest);
+
+                /*
+                 * RFC 5246 If no suitable certificate is available, the client MUST send a certificate
+                 * message containing no certificates.
+                 * 
+                 * NOTE: In previous RFCs, this was SHOULD instead of MUST.
+                 */
+                Certificate clientCertificate = null;
+                if (state.clientCredentials != null)
+                {
+                    clientCertificate = state.clientCredentials.Certificate;
+                }
+                if (clientCertificate == null)
+                {
+                    clientCertificate = Certificate.EmptyChain;
+                }
+
+                byte[] certificateBody = GenerateCertificate(clientCertificate);
+                handshake.SendMessage(HandshakeType.certificate, certificateBody);
+            }
+
+            if (state.clientCredentials != null)
+            {
+                state.keyExchange.ProcessClientCredentials(state.clientCredentials);
+            }
+            else
+            {
+                state.keyExchange.SkipClientCredentials();
+            }
+
+            byte[] clientKeyExchangeBody = GenerateClientKeyExchange(state);
+            handshake.SendMessage(HandshakeType.client_key_exchange, clientKeyExchangeBody);
+
+            TlsHandshakeHash prepareFinishHash = handshake.PrepareToFinish();
+            securityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(state.clientContext, prepareFinishHash, null);
+
+            TlsProtocol.EstablishMasterSecret(state.clientContext, state.keyExchange);
+            recordLayer.InitPendingEpoch(state.client.GetCipher());
+
+            if (state.clientCredentials != null && state.clientCredentials is TlsSignerCredentials)
+            {
+                TlsSignerCredentials signerCredentials = (TlsSignerCredentials)state.clientCredentials;
+
+                /*
+                 * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
+                 */
+                SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
+                    state.clientContext, signerCredentials);
+
+                byte[] hash;
+                if (signatureAndHashAlgorithm == null)
+                {
+                    hash = securityParameters.SessionHash;
+                }
+                else
+                {
+                    hash = prepareFinishHash.GetFinalHash(signatureAndHashAlgorithm.Hash);
+                }
+
+                byte[] signature = signerCredentials.GenerateCertificateSignature(hash);
+                DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
+                byte[] certificateVerifyBody = GenerateCertificateVerify(state, certificateVerify);
+                handshake.SendMessage(HandshakeType.certificate_verify, certificateVerifyBody);
+            }
+
+            // NOTE: Calculated exclusive of the Finished message itself
+            byte[] clientVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.client_finished,
+                TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null));
+            handshake.SendMessage(HandshakeType.finished, clientVerifyData);
+
+            if (state.expectSessionTicket)
+            {
+                serverMessage = handshake.ReceiveMessage();
+                if (serverMessage.Type == HandshakeType.session_ticket)
+                {
+                    ProcessNewSessionTicket(state, serverMessage.Body);
+                }
+                else
+                {
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+            }
+
+            // NOTE: Calculated exclusive of the actual Finished message from the server
+            byte[] expectedServerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.server_finished,
+                TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null));
+            ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), expectedServerVerifyData);
+
+            handshake.Finish();
+
+            if (state.tlsSession != null)
+            {
+                state.sessionParameters = new SessionParameters.Builder()
+                    .SetCipherSuite(securityParameters.CipherSuite)
+                    .SetCompressionAlgorithm(securityParameters.CompressionAlgorithm)
+                    .SetMasterSecret(securityParameters.MasterSecret)
+                    .SetPeerCertificate(serverCertificate)
+                    .SetPskIdentity(securityParameters.PskIdentity)
+                    .SetSrpIdentity(securityParameters.SrpIdentity)
+                    // TODO Consider filtering extensions that aren't relevant to resumed sessions
+                    .SetServerExtensions(state.serverExtensions)
+                    .Build();
+
+                state.tlsSession = TlsUtilities.ImportSession(state.tlsSession.SessionID, state.sessionParameters);
+
+                state.clientContext.SetResumableSession(state.tlsSession);
+            }
+
+            state.client.NotifyHandshakeComplete();
+
+            return new DtlsTransport(recordLayer);
+        }
+
+        protected virtual byte[] GenerateCertificateVerify(ClientHandshakeState state, DigitallySigned certificateVerify)
+        {
+            MemoryStream buf = new MemoryStream();
+            certificateVerify.Encode(buf);
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateClientHello(ClientHandshakeState state, TlsClient client)
+        {
+            MemoryStream buf = new MemoryStream();
+
+            ProtocolVersion client_version = client.ClientVersion;
+            if (!client_version.IsDtls)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            TlsClientContextImpl context = state.clientContext;
+
+            context.SetClientVersion(client_version);
+            TlsUtilities.WriteVersion(client_version, buf);
+
+            SecurityParameters securityParameters = context.SecurityParameters;
+            buf.Write(securityParameters.ClientRandom, 0, securityParameters.ClientRandom.Length);
+
+            // Session ID
+            byte[] session_id = TlsUtilities.EmptyBytes;
+            if (state.tlsSession != null)
+            {
+                session_id = state.tlsSession.SessionID;
+                if (session_id == null || session_id.Length > 32)
+                {
+                    session_id = TlsUtilities.EmptyBytes;
+                }
+            }
+            TlsUtilities.WriteOpaque8(session_id, buf);
+
+            // Cookie
+            TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, buf);
+
+            bool fallback = client.IsFallback;
+
+            /*
+             * Cipher suites
+             */
+            state.offeredCipherSuites = client.GetCipherSuites();
+
+            // Integer -> byte[]
+            state.clientExtensions = client.GetClientExtensions();
+
+            // Cipher Suites (and SCSV)
+            {
+                /*
+                 * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
+                 * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
+                 * ClientHello. Including both is NOT RECOMMENDED.
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(state.clientExtensions, ExtensionType.renegotiation_info);
+                bool noRenegExt = (null == renegExtData);
+
+                bool noRenegSCSV = !Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+
+                if (noRenegExt && noRenegSCSV)
+                {
+                    // TODO Consider whether to default to a client extension instead
+                    state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+                }
+
+                /*
+                 * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value
+                 * than the latest (highest-valued) version supported by the client, it SHOULD include
+                 * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The
+                 * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends
+                 * to negotiate.)
+                 */
+                if (fallback && !Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV))
+                {
+                    state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV);
+                }
+
+                TlsUtilities.WriteUint16ArrayWithUint16Length(state.offeredCipherSuites, buf);
+            }
+
+            // TODO Add support for compression
+            // Compression methods
+            // state.offeredCompressionMethods = client.getCompressionMethods();
+            state.offeredCompressionMethods = new byte[]{ CompressionMethod.cls_null };
+
+            TlsUtilities.WriteUint8ArrayWithUint8Length(state.offeredCompressionMethods, buf);
+
+            // Extensions
+            if (state.clientExtensions != null)
+            {
+                TlsProtocol.WriteExtensions(buf, state.clientExtensions);
+            }
+
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateClientKeyExchange(ClientHandshakeState state)
+        {
+            MemoryStream buf = new MemoryStream();
+            state.keyExchange.GenerateClientKeyExchange(buf);
+            return buf.ToArray();
+        }
+
+        protected virtual void InvalidateSession(ClientHandshakeState state)
+        {
+            if (state.sessionParameters != null)
+            {
+                state.sessionParameters.Clear();
+                state.sessionParameters = null;
+            }
+
+            if (state.tlsSession != null)
+            {
+                state.tlsSession.Invalidate();
+                state.tlsSession = null;
+            }
+        }
+
+        protected virtual void ProcessCertificateRequest(ClientHandshakeState state, byte[] body)
+        {
+            if (state.authentication == null)
+            {
+                /*
+                 * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to
+                 * request client identification.
+                 */
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+            }
+
+            MemoryStream buf = new MemoryStream(body, false);
+
+            state.certificateRequest = CertificateRequest.Parse(state.clientContext, buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            state.keyExchange.ValidateCertificateRequest(state.certificateRequest);
+        }
+
+        protected virtual void ProcessCertificateStatus(ClientHandshakeState state, byte[] body)
+        {
+            if (!state.allowCertificateStatus)
+            {
+                /*
+                 * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the
+                 * server MUST have included an extension of type "status_request" with empty
+                 * "extension_data" in the extended server hello..
+                 */
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+
+            MemoryStream buf = new MemoryStream(body, false);
+
+            state.certificateStatus = CertificateStatus.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            // TODO[RFC 3546] Figure out how to provide this to the client/authentication.
+        }
+
+        protected virtual byte[] ProcessHelloVerifyRequest(ClientHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            ProtocolVersion server_version = TlsUtilities.ReadVersion(buf);
+            byte[] cookie = TlsUtilities.ReadOpaque8(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            // TODO Seems this behaviour is not yet in line with OpenSSL for DTLS 1.2
+    //        reportServerVersion(state, server_version);
+            if (!server_version.IsEqualOrEarlierVersionOf(state.clientContext.ClientVersion))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            /*
+             * RFC 6347 This specification increases the cookie size limit to 255 bytes for greater
+             * future flexibility. The limit remains 32 for previous versions of DTLS.
+             */
+            if (!ProtocolVersion.DTLSv12.IsEqualOrEarlierVersionOf(server_version) && cookie.Length > 32)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return cookie;
+        }
+
+        protected virtual void ProcessNewSessionTicket(ClientHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            state.client.NotifyNewSessionTicket(newSessionTicket);
+        }
+
+        protected virtual Certificate ProcessServerCertificate(ClientHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            Certificate serverCertificate = Certificate.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            state.keyExchange.ProcessServerCertificate(serverCertificate);
+            state.authentication = state.client.GetAuthentication();
+            state.authentication.NotifyServerCertificate(serverCertificate);
+
+            return serverCertificate;
+        }
+
+        protected virtual void ProcessServerHello(ClientHandshakeState state, byte[] body)
+        {
+            SecurityParameters securityParameters = state.clientContext.SecurityParameters;
+
+            MemoryStream buf = new MemoryStream(body, false);
+
+            {
+                ProtocolVersion server_version = TlsUtilities.ReadVersion(buf);
+                ReportServerVersion(state, server_version);
+            }
+
+            securityParameters.serverRandom = TlsUtilities.ReadFully(32, buf);
+
+            state.selectedSessionID = TlsUtilities.ReadOpaque8(buf);
+            if (state.selectedSessionID.Length > 32)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            state.client.NotifySessionID(state.selectedSessionID);
+            state.resumedSession = state.selectedSessionID.Length > 0 && state.tlsSession != null
+                && Arrays.AreEqual(state.selectedSessionID, state.tlsSession.SessionID);
+
+            int selectedCipherSuite = TlsUtilities.ReadUint16(buf);
+            if (!Arrays.Contains(state.offeredCipherSuites, selectedCipherSuite)
+                || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
+                || CipherSuite.IsScsv(selectedCipherSuite)
+                || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, state.clientContext.ServerVersion))
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            ValidateSelectedCipherSuite(selectedCipherSuite, AlertDescription.illegal_parameter);
+            state.client.NotifySelectedCipherSuite(selectedCipherSuite);
+
+            byte selectedCompressionMethod = TlsUtilities.ReadUint8(buf);
+            if (!Arrays.Contains(state.offeredCompressionMethods, selectedCompressionMethod))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            state.client.NotifySelectedCompressionMethod(selectedCompressionMethod);
+
+            /*
+             * RFC3546 2.2 The extended server hello message format MAY be sent in place of the server
+             * hello message when the client has requested extended functionality via the extended
+             * client hello message specified in Section 2.1. ... Note that the extended server hello
+             * message is only sent in response to an extended client hello message. This prevents the
+             * possibility that the extended server hello message could "break" existing TLS 1.0
+             * clients.
+             */
+
+            /*
+             * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
+             * extensions appearing in the client hello, and send a server hello containing no
+             * extensions.
+             */
+
+            // Integer -> byte[]
+            state.serverExtensions = TlsProtocol.ReadExtensions(buf);
+
+            /*
+             * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an
+             * extended client hello message. However, see RFC 5746 exception below. We always include
+             * the SCSV, so an Extended Server Hello is always allowed.
+             */
+            if (state.serverExtensions != null)
+            {
+                foreach (int extType in state.serverExtensions.Keys)
+                {
+                    /*
+                     * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a
+                     * ClientHello containing only the SCSV is an explicit exception to the prohibition
+                     * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is
+                     * only allowed because the client is signaling its willingness to receive the
+                     * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
+                     */
+                    if (extType == ExtensionType.renegotiation_info)
+                        continue;
+
+                    /*
+                     * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the
+                     * same extension type appeared in the corresponding ClientHello. If a client
+                     * receives an extension type in ServerHello that it did not request in the
+                     * associated ClientHello, it MUST abort the handshake with an unsupported_extension
+                     * fatal alert.
+                     */
+                    if (null == TlsUtilities.GetExtensionData(state.clientExtensions, extType))
+                        throw new TlsFatalAlert(AlertDescription.unsupported_extension);
+
+                    /*
+                     * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore
+                     * extensions appearing in the client hello, and send a server hello containing no
+                     * extensions[.]
+                     */
+                    if (state.resumedSession)
+                    {
+                        // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats
+                        // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats
+                        // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats
+                        //throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                    }
+                }
+            }
+
+            /*
+             * RFC 5746 3.4. Client Behavior: Initial Handshake
+             */
+            {
+                /*
+                 * When a ServerHello is received, the client MUST check if it includes the
+                 * "renegotiation_info" extension:
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, ExtensionType.renegotiation_info);
+                if (renegExtData != null)
+                {
+                    /*
+                        * If the extension is present, set the secure_renegotiation flag to TRUE. The
+                        * client MUST then verify that the length of the "renegotiated_connection"
+                        * field is zero, and if it is not, MUST abort the handshake (by sending a fatal
+                        * handshake_failure alert).
+                        */
+                    state.secure_renegotiation = true;
+
+                    if (!Arrays.ConstantTimeAreEqual(renegExtData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                }
+            }
+
+            // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming
+            state.client.NotifySecureRenegotiation(state.secure_renegotiation);
+
+            IDictionary sessionClientExtensions = state.clientExtensions, sessionServerExtensions = state.serverExtensions;
+            if (state.resumedSession)
+            {
+                if (selectedCipherSuite != state.sessionParameters.CipherSuite
+                    || selectedCompressionMethod != state.sessionParameters.CompressionAlgorithm)
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+
+                sessionClientExtensions = null;
+                sessionServerExtensions = state.sessionParameters.ReadServerExtensions();
+            }
+
+            securityParameters.cipherSuite = selectedCipherSuite;
+            securityParameters.compressionAlgorithm = selectedCompressionMethod;
+
+            if (sessionServerExtensions != null)
+            {
+                {
+                    /*
+                     * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
+                     * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
+                     * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
+                     * client.
+                     */
+                    bool serverSentEncryptThenMAC = TlsExtensionsUtilities.HasEncryptThenMacExtension(sessionServerExtensions);
+                    if (serverSentEncryptThenMAC && !TlsUtilities.IsBlockCipherSuite(securityParameters.CipherSuite))
+                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                    securityParameters.encryptThenMac = serverSentEncryptThenMAC;
+                }
+
+                securityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(sessionServerExtensions);
+
+                securityParameters.maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession,
+                    sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter);
+
+                securityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(sessionServerExtensions);
+
+                /*
+                 * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be
+                 * sent in a session resumption handshake.
+                 */
+                state.allowCertificateStatus = !state.resumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.status_request,
+                        AlertDescription.illegal_parameter);
+
+                state.expectSessionTicket = !state.resumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.session_ticket,
+                        AlertDescription.illegal_parameter);
+            }
+
+            /*
+             * TODO[session-hash]
+             * 
+             * draft-ietf-tls-session-hash-04 4. Clients and servers SHOULD NOT accept handshakes
+             * that do not use the extended master secret [..]. (and see 5.2, 5.3)
+             */
+
+            if (sessionClientExtensions != null)
+            {
+                state.client.ProcessServerExtensions(sessionServerExtensions);
+            }
+
+            securityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(state.clientContext,
+                securityParameters.CipherSuite);
+
+            /*
+             * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has
+             * a verify_data_length equal to 12. This includes all existing cipher suites.
+             */
+            securityParameters.verifyDataLength = 12;
+        }
+
+        protected virtual void ProcessServerKeyExchange(ClientHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            state.keyExchange.ProcessServerKeyExchange(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+        }
+
+        protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+            IList serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
+            state.client.ProcessServerSupplementalData(serverSupplementalData);
+        }
+
+        protected virtual void ReportServerVersion(ClientHandshakeState state, ProtocolVersion server_version)
+        {
+            TlsClientContextImpl clientContext = state.clientContext;
+            ProtocolVersion currentServerVersion = clientContext.ServerVersion;
+            if (null == currentServerVersion)
+            {
+                clientContext.SetServerVersion(server_version);
+                state.client.NotifyServerVersion(server_version);
+            }
+            else if (!currentServerVersion.Equals(server_version))
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+        }
+
+        protected static byte[] PatchClientHelloWithCookie(byte[] clientHelloBody, byte[] cookie)
+        {
+            int sessionIDPos = 34;
+            int sessionIDLength = TlsUtilities.ReadUint8(clientHelloBody, sessionIDPos);
+
+            int cookieLengthPos = sessionIDPos + 1 + sessionIDLength;
+            int cookiePos = cookieLengthPos + 1;
+
+            byte[] patched = new byte[clientHelloBody.Length + cookie.Length];
+            Array.Copy(clientHelloBody, 0, patched, 0, cookieLengthPos);
+            TlsUtilities.CheckUint8(cookie.Length);
+            TlsUtilities.WriteUint8((byte)cookie.Length, patched, cookieLengthPos);
+            Array.Copy(cookie, 0, patched, cookiePos, cookie.Length);
+            Array.Copy(clientHelloBody, cookiePos, patched, cookiePos + cookie.Length, clientHelloBody.Length - cookiePos);
+
+            return patched;
+        }
+
+        protected internal class ClientHandshakeState
+        {
+            internal TlsClient client = null;
+            internal TlsClientContextImpl clientContext = null;
+            internal TlsSession tlsSession = null;
+            internal SessionParameters sessionParameters = null;
+            internal SessionParameters.Builder sessionParametersBuilder = null;
+            internal int[] offeredCipherSuites = null;
+            internal byte[] offeredCompressionMethods = null;
+            internal IDictionary clientExtensions = null;
+            internal IDictionary serverExtensions = null;
+            internal byte[] selectedSessionID = null;
+            internal bool resumedSession = false;
+            internal bool secure_renegotiation = false;
+            internal bool allowCertificateStatus = false;
+            internal bool expectSessionTicket = false;
+            internal TlsKeyExchange keyExchange = null;
+            internal TlsAuthentication authentication = null;
+            internal CertificateStatus certificateStatus = null;
+            internal CertificateRequest certificateRequest = null;
+            internal TlsCredentials clientCredentials = null;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsEpoch.cs b/bc-sharp-crypto/src/crypto/tls/DtlsEpoch.cs
new file mode 100644
index 0000000..91fffa5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsEpoch.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class DtlsEpoch
+    {
+        private readonly DtlsReplayWindow mReplayWindow = new DtlsReplayWindow();
+
+        private readonly int mEpoch;
+        private readonly TlsCipher mCipher;
+
+        private long mSequenceNumber = 0;
+
+        internal DtlsEpoch(int epoch, TlsCipher cipher)
+        {
+            if (epoch < 0)
+                throw new ArgumentException("must be >= 0", "epoch");
+            if (cipher == null)
+                throw new ArgumentNullException("cipher");
+
+            this.mEpoch = epoch;
+            this.mCipher = cipher;
+        }
+
+        internal long AllocateSequenceNumber()
+        {
+            // TODO Check for overflow
+            return mSequenceNumber++;
+        }
+
+        internal TlsCipher Cipher
+        {
+            get { return mCipher; }
+        }
+
+        internal int Epoch
+        {
+            get { return mEpoch; }
+        }
+
+        internal DtlsReplayWindow ReplayWindow
+        {
+            get { return mReplayWindow; }
+        }
+
+        internal long SequenceNumber
+        {
+            get { return mSequenceNumber; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs b/bc-sharp-crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs
new file mode 100644
index 0000000..8bfae78
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs
@@ -0,0 +1,11 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    interface DtlsHandshakeRetransmit
+    {
+        /// <exception cref="IOException"/>
+        void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsProtocol.cs b/bc-sharp-crypto/src/crypto/tls/DtlsProtocol.cs
new file mode 100644
index 0000000..e4ebd43
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsProtocol.cs
@@ -0,0 +1,92 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class DtlsProtocol
+    {
+        protected readonly SecureRandom mSecureRandom;
+
+        protected DtlsProtocol(SecureRandom secureRandom)
+        {
+            if (secureRandom == null)
+                throw new ArgumentNullException("secureRandom");
+
+            this.mSecureRandom = secureRandom;
+        }
+
+        /// <exception cref="IOException"/>
+        protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            byte[] verify_data = TlsUtilities.ReadFully(expected_verify_data.Length, buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data))
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+        }
+
+        /// <exception cref="IOException"/>
+        internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength)
+        {
+            if (maxFragmentLength >= 0)
+            {
+                if (!MaxFragmentLength.IsValid((byte)maxFragmentLength))
+                    throw new TlsFatalAlert(AlertDescription.internal_error); 
+
+                int plainTextLimit = 1 << (8 + maxFragmentLength);
+                recordLayer.SetPlaintextLimit(plainTextLimit);
+            }
+        }
+
+        /// <exception cref="IOException"/>
+        protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions,
+            IDictionary serverExtensions, byte alertDescription)
+        {
+            short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
+            if (maxFragmentLength >= 0)
+            {
+                if (!MaxFragmentLength.IsValid((byte)maxFragmentLength)
+                    || (!resumedSession && maxFragmentLength != TlsExtensionsUtilities
+                        .GetMaxFragmentLengthExtension(clientExtensions)))
+                {
+                    throw new TlsFatalAlert(alertDescription);
+                }
+            }
+            return maxFragmentLength;
+        }
+
+        /// <exception cref="IOException"/>
+        protected static byte[] GenerateCertificate(Certificate certificate)
+        {
+            MemoryStream buf = new MemoryStream();
+            certificate.Encode(buf);
+            return buf.ToArray();
+        }
+
+        /// <exception cref="IOException"/>
+        protected static byte[] GenerateSupplementalData(IList supplementalData)
+        {
+            MemoryStream buf = new MemoryStream();
+            TlsProtocol.WriteSupplementalData(buf, supplementalData);
+            return buf.ToArray();
+        }
+
+        /// <exception cref="IOException"/>
+        protected static void ValidateSelectedCipherSuite(int selectedCipherSuite, byte alertDescription)
+        {
+            switch (TlsUtilities.GetEncryptionAlgorithm(selectedCipherSuite))
+            {
+            case EncryptionAlgorithm.RC4_40:
+            case EncryptionAlgorithm.RC4_128:
+                throw new TlsFatalAlert(alertDescription);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsReassembler.cs b/bc-sharp-crypto/src/crypto/tls/DtlsReassembler.cs
new file mode 100644
index 0000000..11fe609
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsReassembler.cs
@@ -0,0 +1,125 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    class DtlsReassembler
+    {
+        private readonly byte mMsgType;
+        private readonly byte[] mBody;
+
+        private readonly IList mMissing = Platform.CreateArrayList();
+
+        internal DtlsReassembler(byte msg_type, int length)
+        {
+            this.mMsgType = msg_type;
+            this.mBody = new byte[length];
+            this.mMissing.Add(new Range(0, length));
+        }
+
+        internal byte MsgType
+        {
+            get { return mMsgType; }
+        }
+
+        internal byte[] GetBodyIfComplete()
+        {
+            return mMissing.Count == 0 ? mBody : null;
+        }
+
+        internal void ContributeFragment(byte msg_type, int length, byte[] buf, int off, int fragment_offset,
+            int fragment_length)
+        {
+            int fragment_end = fragment_offset + fragment_length;
+
+            if (this.mMsgType != msg_type || this.mBody.Length != length || fragment_end > length)
+            {
+                return;
+            }
+
+            if (fragment_length == 0)
+            {
+                // NOTE: Empty messages still require an empty fragment to complete it
+                if (fragment_offset == 0 && mMissing.Count > 0)
+                {
+                    Range firstRange = (Range)mMissing[0];
+                    if (firstRange.End == 0)
+                    {
+                        mMissing.RemoveAt(0);
+                    }
+                }
+                return;
+            }
+
+            for (int i = 0; i < mMissing.Count; ++i)
+            {
+                Range range = (Range)mMissing[i];
+                if (range.Start >= fragment_end)
+                {
+                    break;
+                }
+                if (range.End > fragment_offset)
+                {
+
+                    int copyStart = System.Math.Max(range.Start, fragment_offset);
+                    int copyEnd = System.Math.Min(range.End, fragment_end);
+                    int copyLength = copyEnd - copyStart;
+
+                    Array.Copy(buf, off + copyStart - fragment_offset, mBody, copyStart,
+                        copyLength);
+
+                    if (copyStart == range.Start)
+                    {
+                        if (copyEnd == range.End)
+                        {
+                            mMissing.RemoveAt(i--);
+                        }
+                        else
+                        {
+                            range.Start = copyEnd;
+                        }
+                    }
+                    else
+                    {
+                        if (copyEnd != range.End)
+                        {
+                            mMissing.Insert(++i, new Range(copyEnd, range.End));
+                        }
+                        range.End = copyStart;
+                    }
+                }
+            }
+        }
+
+        internal void Reset()
+        {
+            this.mMissing.Clear();
+            this.mMissing.Add(new Range(0, mBody.Length));
+        }
+
+        private class Range
+        {
+            private int mStart, mEnd;
+
+            internal Range(int start, int end)
+            {
+                this.mStart = start;
+                this.mEnd = end;
+            }
+
+            public int Start
+            {
+                get { return mStart; }
+                set { this.mStart = value; }
+            }
+
+            public int End
+            {
+                get { return mEnd; }
+                set { this.mEnd = value; }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsRecordLayer.cs b/bc-sharp-crypto/src/crypto/tls/DtlsRecordLayer.cs
new file mode 100644
index 0000000..39e0188
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsRecordLayer.cs
@@ -0,0 +1,530 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class DtlsRecordLayer
+        :   DatagramTransport
+    {
+        private const int RECORD_HEADER_LENGTH = 13;
+        private const int MAX_FRAGMENT_LENGTH = 1 << 14;
+        private const long TCP_MSL = 1000L * 60 * 2;
+        private const long RETRANSMIT_TIMEOUT = TCP_MSL * 2;
+
+        private readonly DatagramTransport mTransport;
+        private readonly TlsContext mContext;
+        private readonly TlsPeer mPeer;
+
+        private readonly ByteQueue mRecordQueue = new ByteQueue();
+
+        private volatile bool mClosed = false;
+        private volatile bool mFailed = false;
+        private volatile ProtocolVersion mReadVersion = null, mWriteVersion = null;
+        private volatile bool mInHandshake;
+        private volatile int mPlaintextLimit;
+        private DtlsEpoch mCurrentEpoch, mPendingEpoch;
+        private DtlsEpoch mReadEpoch, mWriteEpoch;
+
+        private DtlsHandshakeRetransmit mRetransmit = null;
+        private DtlsEpoch mRetransmitEpoch = null;
+        private long mRetransmitExpiry = 0;
+
+        internal DtlsRecordLayer(DatagramTransport transport, TlsContext context, TlsPeer peer, byte contentType)
+        {
+            this.mTransport = transport;
+            this.mContext = context;
+            this.mPeer = peer;
+
+            this.mInHandshake = true;
+
+            this.mCurrentEpoch = new DtlsEpoch(0, new TlsNullCipher(context));
+            this.mPendingEpoch = null;
+            this.mReadEpoch = mCurrentEpoch;
+            this.mWriteEpoch = mCurrentEpoch;
+
+            SetPlaintextLimit(MAX_FRAGMENT_LENGTH);
+        }
+
+        internal virtual void SetPlaintextLimit(int plaintextLimit)
+        {
+            this.mPlaintextLimit = plaintextLimit;
+        }
+
+        internal virtual int ReadEpoch
+        {
+            get { return mReadEpoch.Epoch; }
+        }
+
+        internal virtual ProtocolVersion ReadVersion
+        {
+            get { return mReadVersion; }
+            set { this.mReadVersion = value; }
+        }
+
+        internal virtual void SetWriteVersion(ProtocolVersion writeVersion)
+        {
+            this.mWriteVersion = writeVersion;
+        }
+
+        internal virtual void InitPendingEpoch(TlsCipher pendingCipher)
+        {
+            if (mPendingEpoch != null)
+                throw new InvalidOperationException();
+
+            /*
+             * TODO "In order to ensure that any given sequence/epoch pair is unique, implementations
+             * MUST NOT allow the same epoch value to be reused within two times the TCP maximum segment
+             * lifetime."
+             */
+
+            // TODO Check for overflow
+            this.mPendingEpoch = new DtlsEpoch(mWriteEpoch.Epoch + 1, pendingCipher);
+        }
+
+        internal virtual void HandshakeSuccessful(DtlsHandshakeRetransmit retransmit)
+        {
+            if (mReadEpoch == mCurrentEpoch || mWriteEpoch == mCurrentEpoch)
+            {
+                // TODO
+                throw new InvalidOperationException();
+            }
+
+            if (retransmit != null)
+            {
+                this.mRetransmit = retransmit;
+                this.mRetransmitEpoch = mCurrentEpoch;
+                this.mRetransmitExpiry = DateTimeUtilities.CurrentUnixMs() + RETRANSMIT_TIMEOUT;
+            }
+
+            this.mInHandshake = false;
+            this.mCurrentEpoch = mPendingEpoch;
+            this.mPendingEpoch = null;
+        }
+
+        internal virtual void ResetWriteEpoch()
+        {
+            if (mRetransmitEpoch != null)
+            {
+                this.mWriteEpoch = mRetransmitEpoch;
+            }
+            else
+            {
+                this.mWriteEpoch = mCurrentEpoch;
+            }
+        }
+
+        public virtual int GetReceiveLimit()
+        {
+            return System.Math.Min(this.mPlaintextLimit,
+                mReadEpoch.Cipher.GetPlaintextLimit(mTransport.GetReceiveLimit() - RECORD_HEADER_LENGTH));
+        }
+
+        public virtual int GetSendLimit()
+        {
+            return System.Math.Min(this.mPlaintextLimit,
+                mWriteEpoch.Cipher.GetPlaintextLimit(mTransport.GetSendLimit() - RECORD_HEADER_LENGTH));
+        }
+
+        public virtual int Receive(byte[] buf, int off, int len, int waitMillis)
+        {
+            byte[] record = null;
+
+            for (;;)
+            {
+                int receiveLimit = System.Math.Min(len, GetReceiveLimit()) + RECORD_HEADER_LENGTH;
+                if (record == null || record.Length < receiveLimit)
+                {
+                    record = new byte[receiveLimit];
+                }
+
+                try
+                {
+                    if (mRetransmit != null && DateTimeUtilities.CurrentUnixMs() > mRetransmitExpiry)
+                    {
+                        mRetransmit = null;
+                        mRetransmitEpoch = null;
+                    }
+
+                    int received = ReceiveRecord(record, 0, receiveLimit, waitMillis);
+                    if (received < 0)
+                    {
+                        return received;
+                    }
+                    if (received < RECORD_HEADER_LENGTH)
+                    {
+                        continue;
+                    }
+                    int length = TlsUtilities.ReadUint16(record, 11);
+                    if (received != (length + RECORD_HEADER_LENGTH))
+                    {
+                        continue;
+                    }
+
+                    byte type = TlsUtilities.ReadUint8(record, 0);
+
+                    // TODO Support user-specified custom protocols?
+                    switch (type)
+                    {
+                    case ContentType.alert:
+                    case ContentType.application_data:
+                    case ContentType.change_cipher_spec:
+                    case ContentType.handshake:
+                    case ContentType.heartbeat:
+                        break;
+                    default:
+                        // TODO Exception?
+                        continue;
+                    }
+
+                    int epoch = TlsUtilities.ReadUint16(record, 3);
+
+                    DtlsEpoch recordEpoch = null;
+                    if (epoch == mReadEpoch.Epoch)
+                    {
+                        recordEpoch = mReadEpoch;
+                    }
+                    else if (type == ContentType.handshake && mRetransmitEpoch != null
+                        && epoch == mRetransmitEpoch.Epoch)
+                    {
+                        recordEpoch = mRetransmitEpoch;
+                    }
+
+                    if (recordEpoch == null)
+                    {
+                        continue;
+                    }
+
+                    long seq = TlsUtilities.ReadUint48(record, 5);
+                    if (recordEpoch.ReplayWindow.ShouldDiscard(seq))
+                    {
+                        continue;
+                    }
+
+                    ProtocolVersion version = TlsUtilities.ReadVersion(record, 1);
+                    if (!version.IsDtls)
+                    {
+                        continue;
+                    }
+
+                    if (mReadVersion != null && !mReadVersion.Equals(version))
+                    {
+                        continue;
+                    }
+
+                    byte[] plaintext = recordEpoch.Cipher.DecodeCiphertext(
+                        GetMacSequenceNumber(recordEpoch.Epoch, seq), type, record, RECORD_HEADER_LENGTH,
+                        received - RECORD_HEADER_LENGTH);
+
+                    recordEpoch.ReplayWindow.ReportAuthenticated(seq);
+
+                    if (plaintext.Length > this.mPlaintextLimit)
+                    {
+                        continue;
+                    }
+
+                    if (mReadVersion == null)
+                    {
+                        mReadVersion = version;
+                    }
+
+                    switch (type)
+                    {
+                    case ContentType.alert:
+                    {
+                        if (plaintext.Length == 2)
+                        {
+                            byte alertLevel = plaintext[0];
+                            byte alertDescription = plaintext[1];
+
+                            mPeer.NotifyAlertReceived(alertLevel, alertDescription);
+
+                            if (alertLevel == AlertLevel.fatal)
+                            {
+                                Failed();
+                                throw new TlsFatalAlert(alertDescription);
+                            }
+
+                            // TODO Can close_notify be a fatal alert?
+                            if (alertDescription == AlertDescription.close_notify)
+                            {
+                                CloseTransport();
+                            }
+                        }
+
+                        continue;
+                    }
+                    case ContentType.application_data:
+                    {
+                        if (mInHandshake)
+                        {
+                            // TODO Consider buffering application data for new epoch that arrives
+                            // out-of-order with the Finished message
+                            continue;
+                        }
+                        break;
+                    }
+                    case ContentType.change_cipher_spec:
+                    {
+                        // Implicitly receive change_cipher_spec and change to pending cipher state
+
+                        for (int i = 0; i < plaintext.Length; ++i)
+                        {
+                            byte message = TlsUtilities.ReadUint8(plaintext, i);
+                            if (message != ChangeCipherSpec.change_cipher_spec)
+                            {
+                                continue;
+                            }
+
+                            if (mPendingEpoch != null)
+                            {
+                                mReadEpoch = mPendingEpoch;
+                            }
+                        }
+
+                        continue;
+                    }
+                    case ContentType.handshake:
+                    {
+                        if (!mInHandshake)
+                        {
+                            if (mRetransmit != null)
+                            {
+                                mRetransmit.ReceivedHandshakeRecord(epoch, plaintext, 0, plaintext.Length);
+                            }
+
+                            // TODO Consider support for HelloRequest
+                            continue;
+                        }
+                        break;
+                    }
+                    case ContentType.heartbeat:
+                    {
+                        // TODO[RFC 6520]
+                        continue;
+                    }
+                    }
+
+                    /*
+                     * NOTE: If we receive any non-handshake data in the new epoch implies the peer has
+                     * received our final flight.
+                     */
+                    if (!mInHandshake && mRetransmit != null)
+                    {
+                        this.mRetransmit = null;
+                        this.mRetransmitEpoch = null;
+                    }
+
+                    Array.Copy(plaintext, 0, buf, off, plaintext.Length);
+                    return plaintext.Length;
+                }
+                catch (IOException e)
+                {
+                    // NOTE: Assume this is a timeout for the moment
+                    throw e;
+                }
+            }
+        }
+
+        /// <exception cref="IOException"/>
+        public virtual void Send(byte[] buf, int off, int len)
+        {
+            byte contentType = ContentType.application_data;
+
+            if (this.mInHandshake || this.mWriteEpoch == this.mRetransmitEpoch)
+            {
+                contentType = ContentType.handshake;
+
+                byte handshakeType = TlsUtilities.ReadUint8(buf, off);
+                if (handshakeType == HandshakeType.finished)
+                {
+                    DtlsEpoch nextEpoch = null;
+                    if (this.mInHandshake)
+                    {
+                        nextEpoch = mPendingEpoch;
+                    }
+                    else if (this.mWriteEpoch == this.mRetransmitEpoch)
+                    {
+                        nextEpoch = mCurrentEpoch;
+                    }
+
+                    if (nextEpoch == null)
+                    {
+                        // TODO
+                        throw new InvalidOperationException();
+                    }
+
+                    // Implicitly send change_cipher_spec and change to pending cipher state
+
+                    // TODO Send change_cipher_spec and finished records in single datagram?
+                    byte[] data = new byte[]{ 1 };
+                    SendRecord(ContentType.change_cipher_spec, data, 0, data.Length);
+
+                    mWriteEpoch = nextEpoch;
+                }
+            }
+
+            SendRecord(contentType, buf, off, len);
+        }
+
+        public virtual void Close()
+        {
+            if (!mClosed)
+            {
+                if (mInHandshake)
+                {
+                    Warn(AlertDescription.user_canceled, "User canceled handshake");
+                }
+                CloseTransport();
+            }
+        }
+
+        internal virtual void Failed()
+        {
+            if (!mClosed)
+            {
+                mFailed = true;
+
+                CloseTransport();
+            }
+        }
+
+        internal virtual void Fail(byte alertDescription)
+        {
+            if (!mClosed)
+            {
+                try
+                {
+                    RaiseAlert(AlertLevel.fatal, alertDescription, null, null);
+                }
+                catch (Exception)
+                {
+                    // Ignore
+                }
+
+                mFailed = true;
+
+                CloseTransport();
+            }
+        }
+
+        internal virtual void Warn(byte alertDescription, string message)
+        {
+            RaiseAlert(AlertLevel.warning, alertDescription, message, null);
+        }
+
+        private void CloseTransport()
+        {
+            if (!mClosed)
+            {
+                /*
+                 * RFC 5246 7.2.1. Unless some other fatal alert has been transmitted, each party is
+                 * required to send a close_notify alert before closing the write side of the
+                 * connection. The other party MUST respond with a close_notify alert of its own and
+                 * close down the connection immediately, discarding any pending writes.
+                 */
+
+                try
+                {
+                    if (!mFailed)
+                    {
+                        Warn(AlertDescription.close_notify, null);
+                    }
+                    mTransport.Close();
+                }
+                catch (Exception)
+                {
+                    // Ignore
+                }
+
+                mClosed = true;
+            }
+        }
+
+        private void RaiseAlert(byte alertLevel, byte alertDescription, string message, Exception cause)
+        {
+            mPeer.NotifyAlertRaised(alertLevel, alertDescription, message, cause);
+
+            byte[] error = new byte[2];
+            error[0] = (byte)alertLevel;
+            error[1] = (byte)alertDescription;
+
+            SendRecord(ContentType.alert, error, 0, 2);
+        }
+
+        private int ReceiveRecord(byte[] buf, int off, int len, int waitMillis)
+        {
+            if (mRecordQueue.Available > 0)
+            {
+                int length = 0;
+                if (mRecordQueue.Available >= RECORD_HEADER_LENGTH)
+                {
+                    byte[] lengthBytes = new byte[2];
+                    mRecordQueue.Read(lengthBytes, 0, 2, 11);
+                    length = TlsUtilities.ReadUint16(lengthBytes, 0);
+                }
+
+                int received = System.Math.Min(mRecordQueue.Available, RECORD_HEADER_LENGTH + length);
+                mRecordQueue.RemoveData(buf, off, received, 0);
+                return received;
+            }
+
+            {
+                int received = mTransport.Receive(buf, off, len, waitMillis);
+                if (received >= RECORD_HEADER_LENGTH)
+                {
+                    int fragmentLength = TlsUtilities.ReadUint16(buf, off + 11);
+                    int recordLength = RECORD_HEADER_LENGTH + fragmentLength;
+                    if (received > recordLength)
+                    {
+                        mRecordQueue.AddData(buf, off + recordLength, received - recordLength);
+                        received = recordLength;
+                    }
+                }
+                return received;
+            }
+        }
+
+        private void SendRecord(byte contentType, byte[] buf, int off, int len)
+        {
+            // Never send anything until a valid ClientHello has been received
+            if (mWriteVersion == null)
+                return;
+
+            if (len > this.mPlaintextLimit)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            /*
+             * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
+             * or ChangeCipherSpec content types.
+             */
+            if (len < 1 && contentType != ContentType.application_data)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            int recordEpoch = mWriteEpoch.Epoch;
+            long recordSequenceNumber = mWriteEpoch.AllocateSequenceNumber();
+
+            byte[] ciphertext = mWriteEpoch.Cipher.EncodePlaintext(
+                GetMacSequenceNumber(recordEpoch, recordSequenceNumber), contentType, buf, off, len);
+
+            // TODO Check the ciphertext length?
+
+            byte[] record = new byte[ciphertext.Length + RECORD_HEADER_LENGTH];
+            TlsUtilities.WriteUint8(contentType, record, 0);
+            ProtocolVersion version = mWriteVersion;
+            TlsUtilities.WriteVersion(version, record, 1);
+            TlsUtilities.WriteUint16(recordEpoch, record, 3);
+            TlsUtilities.WriteUint48(recordSequenceNumber, record, 5);
+            TlsUtilities.WriteUint16(ciphertext.Length, record, 11);
+            Array.Copy(ciphertext, 0, record, RECORD_HEADER_LENGTH, ciphertext.Length);
+
+            mTransport.Send(record, 0, record.Length);
+        }
+
+        private static long GetMacSequenceNumber(int epoch, long sequence_number)
+        {
+            return ((epoch & 0xFFFFFFFFL) << 48) | sequence_number;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsReliableHandshake.cs b/bc-sharp-crypto/src/crypto/tls/DtlsReliableHandshake.cs
new file mode 100644
index 0000000..396ea74
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsReliableHandshake.cs
@@ -0,0 +1,434 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class DtlsReliableHandshake
+    {
+        private const int MaxReceiveAhead = 16;
+        private const int MessageHeaderLength = 12;
+
+        private readonly DtlsRecordLayer mRecordLayer;
+
+        private TlsHandshakeHash mHandshakeHash;
+
+        private IDictionary mCurrentInboundFlight = Platform.CreateHashtable();
+        private IDictionary mPreviousInboundFlight = null;
+        private IList mOutboundFlight = Platform.CreateArrayList();
+        private bool mSending = true;
+
+        private int mMessageSeq = 0, mNextReceiveSeq = 0;
+
+        internal DtlsReliableHandshake(TlsContext context, DtlsRecordLayer transport)
+        {
+            this.mRecordLayer = transport;
+            this.mHandshakeHash = new DeferredHash();
+            this.mHandshakeHash.Init(context);
+        }
+
+        internal void NotifyHelloComplete()
+        {
+            this.mHandshakeHash = mHandshakeHash.NotifyPrfDetermined();
+        }
+
+        internal TlsHandshakeHash HandshakeHash
+        {
+            get { return mHandshakeHash; }
+        }
+
+        internal TlsHandshakeHash PrepareToFinish()
+        {
+            TlsHandshakeHash result = mHandshakeHash;
+            this.mHandshakeHash = mHandshakeHash.StopTracking();
+            return result;
+        }
+
+        internal void SendMessage(byte msg_type, byte[] body)
+        {
+            TlsUtilities.CheckUint24(body.Length);
+
+            if (!mSending)
+            {
+                CheckInboundFlight();
+                mSending = true;
+                mOutboundFlight.Clear();
+            }
+
+            Message message = new Message(mMessageSeq++, msg_type, body);
+
+            mOutboundFlight.Add(message);
+
+            WriteMessage(message);
+            UpdateHandshakeMessagesDigest(message);
+        }
+
+        internal byte[] ReceiveMessageBody(byte msg_type)
+        {
+            Message message = ReceiveMessage();
+            if (message.Type != msg_type)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            return message.Body;
+        }
+
+        internal Message ReceiveMessage()
+        {
+            if (mSending)
+            {
+                mSending = false;
+                PrepareInboundFlight(Platform.CreateHashtable());
+            }
+
+            byte[] buf = null;
+
+            // TODO Check the conditions under which we should reset this
+            int readTimeoutMillis = 1000;
+
+            for (;;)
+            {
+                try
+                {
+                    for (;;)
+                    {
+                        Message pending = GetPendingMessage();
+                        if (pending != null)
+                            return pending;
+
+                        int receiveLimit = mRecordLayer.GetReceiveLimit();
+                        if (buf == null || buf.Length < receiveLimit)
+                        {
+                            buf = new byte[receiveLimit];
+                        }
+
+                        int received = mRecordLayer.Receive(buf, 0, receiveLimit, readTimeoutMillis);
+                        if (received < 0)
+                            break;
+
+                        bool resentOutbound = ProcessRecord(MaxReceiveAhead, mRecordLayer.ReadEpoch, buf, 0, received);
+                        if (resentOutbound)
+                        {
+                            readTimeoutMillis = BackOff(readTimeoutMillis);
+                        }
+                    }
+                }
+                catch (IOException e)
+                {
+                    // NOTE: Assume this is a timeout for the moment
+                }
+
+                ResendOutboundFlight();
+                readTimeoutMillis = BackOff(readTimeoutMillis);
+            }
+        }
+
+        internal void Finish()
+        {
+            DtlsHandshakeRetransmit retransmit = null;
+            if (!mSending)
+            {
+                CheckInboundFlight();
+            }
+            else
+            {
+                PrepareInboundFlight(null);
+
+                if (mPreviousInboundFlight != null)
+                {
+                    /*
+                     * RFC 6347 4.2.4. In addition, for at least twice the default MSL defined for [TCP],
+                     * when in the FINISHED state, the node that transmits the last flight (the server in an
+                     * ordinary handshake or the client in a resumed handshake) MUST respond to a retransmit
+                     * of the peer's last flight with a retransmit of the last flight.
+                     */
+                    retransmit = new Retransmit(this);
+                }
+            }
+
+            mRecordLayer.HandshakeSuccessful(retransmit);
+        }
+
+        internal void ResetHandshakeMessagesDigest()
+        {
+            mHandshakeHash.Reset();
+        }
+
+        private int BackOff(int timeoutMillis)
+        {
+            /*
+             * TODO[DTLS] implementations SHOULD back off handshake packet size during the
+             * retransmit backoff.
+             */
+            return System.Math.Min(timeoutMillis * 2, 60000);
+        }
+
+        /**
+         * Check that there are no "extra" messages left in the current inbound flight
+         */
+        private void CheckInboundFlight()
+        {
+            foreach (int key in mCurrentInboundFlight.Keys)
+            {
+                if (key >= mNextReceiveSeq)
+                {
+                    // TODO Should this be considered an error?
+                }
+            }
+        }
+
+        private Message GetPendingMessage()
+        {
+            DtlsReassembler next = (DtlsReassembler)mCurrentInboundFlight[mNextReceiveSeq];
+            if (next != null)
+            {
+                byte[] body = next.GetBodyIfComplete();
+                if (body != null)
+                {
+                    mPreviousInboundFlight = null;
+                    return UpdateHandshakeMessagesDigest(new Message(mNextReceiveSeq++, next.MsgType, body));
+                }
+            }
+            return null;
+        }
+
+        private void PrepareInboundFlight(IDictionary nextFlight)
+        {
+            ResetAll(mCurrentInboundFlight);
+            mPreviousInboundFlight = mCurrentInboundFlight;
+            mCurrentInboundFlight = nextFlight;
+        }
+
+        private bool ProcessRecord(int windowSize, int epoch, byte[] buf, int off, int len)
+        {
+            bool checkPreviousFlight = false;
+
+            while (len >= MessageHeaderLength)
+            {
+                int fragment_length = TlsUtilities.ReadUint24(buf, off + 9);
+                int message_length = fragment_length + MessageHeaderLength;
+                if (len < message_length)
+                {
+                    // NOTE: Truncated message - ignore it
+                    break;
+                }
+
+                int length = TlsUtilities.ReadUint24(buf, off + 1);
+                int fragment_offset = TlsUtilities.ReadUint24(buf, off + 6);
+                if (fragment_offset + fragment_length > length)
+                {
+                    // NOTE: Malformed fragment - ignore it and the rest of the record
+                    break;
+                }
+
+                /*
+                 * NOTE: This very simple epoch check will only work until we want to support
+                 * renegotiation (and we're not likely to do that anyway).
+                 */
+                byte msg_type = TlsUtilities.ReadUint8(buf, off + 0);
+                int expectedEpoch = msg_type == HandshakeType.finished ? 1 : 0;
+                if (epoch != expectedEpoch)
+                {
+                    break;
+                }
+
+                int message_seq = TlsUtilities.ReadUint16(buf, off + 4);
+                if (message_seq >= (mNextReceiveSeq + windowSize))
+                {
+                    // NOTE: Too far ahead - ignore
+                }
+                else if (message_seq >= mNextReceiveSeq)
+                {
+                    DtlsReassembler reassembler = (DtlsReassembler)mCurrentInboundFlight[message_seq];
+                    if (reassembler == null)
+                    {
+                        reassembler = new DtlsReassembler(msg_type, length);
+                        mCurrentInboundFlight[message_seq] = reassembler;
+                    }
+
+                    reassembler.ContributeFragment(msg_type, length, buf, off + MessageHeaderLength, fragment_offset,
+                        fragment_length);
+                }
+                else if (mPreviousInboundFlight != null)
+                {
+                    /*
+                     * NOTE: If we receive the previous flight of incoming messages in full again,
+                     * retransmit our last flight
+                     */
+
+                    DtlsReassembler reassembler = (DtlsReassembler)mPreviousInboundFlight[message_seq];
+                    if (reassembler != null)
+                    {
+                        reassembler.ContributeFragment(msg_type, length, buf, off + MessageHeaderLength, fragment_offset,
+                            fragment_length);
+                        checkPreviousFlight = true;
+                    }
+                }
+
+                off += message_length;
+                len -= message_length;
+            }
+
+            bool result = checkPreviousFlight && CheckAll(mPreviousInboundFlight);
+            if (result)
+            {
+                ResendOutboundFlight();
+                ResetAll(mPreviousInboundFlight);
+            }
+            return result;
+        }
+
+        private void ResendOutboundFlight()
+        {
+            mRecordLayer.ResetWriteEpoch();
+            for (int i = 0; i < mOutboundFlight.Count; ++i)
+            {
+                WriteMessage((Message)mOutboundFlight[i]);
+            }
+        }
+
+        private Message UpdateHandshakeMessagesDigest(Message message)
+        {
+            if (message.Type != HandshakeType.hello_request)
+            {
+                byte[] body = message.Body;
+                byte[] buf = new byte[MessageHeaderLength];
+                TlsUtilities.WriteUint8(message.Type, buf, 0);
+                TlsUtilities.WriteUint24(body.Length, buf, 1);
+                TlsUtilities.WriteUint16(message.Seq, buf, 4);
+                TlsUtilities.WriteUint24(0, buf, 6);
+                TlsUtilities.WriteUint24(body.Length, buf, 9);
+                mHandshakeHash.BlockUpdate(buf, 0, buf.Length);
+                mHandshakeHash.BlockUpdate(body, 0, body.Length);
+            }
+            return message;
+        }
+
+        private void WriteMessage(Message message)
+        {
+            int sendLimit = mRecordLayer.GetSendLimit();
+            int fragmentLimit = sendLimit - MessageHeaderLength;
+
+            // TODO Support a higher minimum fragment size?
+            if (fragmentLimit < 1)
+            {
+                // TODO Should we be throwing an exception here?
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            int length = message.Body.Length;
+
+            // NOTE: Must still send a fragment if body is empty
+            int fragment_offset = 0;
+            do
+            {
+                int fragment_length = System.Math.Min(length - fragment_offset, fragmentLimit);
+                WriteHandshakeFragment(message, fragment_offset, fragment_length);
+                fragment_offset += fragment_length;
+            }
+            while (fragment_offset < length);
+        }
+
+        private void WriteHandshakeFragment(Message message, int fragment_offset, int fragment_length)
+        {
+            RecordLayerBuffer fragment = new RecordLayerBuffer(MessageHeaderLength + fragment_length);
+            TlsUtilities.WriteUint8(message.Type, fragment);
+            TlsUtilities.WriteUint24(message.Body.Length, fragment);
+            TlsUtilities.WriteUint16(message.Seq, fragment);
+            TlsUtilities.WriteUint24(fragment_offset, fragment);
+            TlsUtilities.WriteUint24(fragment_length, fragment);
+            fragment.Write(message.Body, fragment_offset, fragment_length);
+
+            fragment.SendToRecordLayer(mRecordLayer);
+        }
+
+        private static bool CheckAll(IDictionary inboundFlight)
+        {
+            foreach (DtlsReassembler r in inboundFlight.Values)
+            {
+                if (r.GetBodyIfComplete() == null)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        private static void ResetAll(IDictionary inboundFlight)
+        {
+            foreach (DtlsReassembler r in inboundFlight.Values)
+            {
+                r.Reset();
+            }
+        }
+
+        internal class Message
+        {
+            private readonly int mMessageSeq;
+            private readonly byte mMsgType;
+            private readonly byte[] mBody;
+
+            internal Message(int message_seq, byte msg_type, byte[] body)
+            {
+                this.mMessageSeq = message_seq;
+                this.mMsgType = msg_type;
+                this.mBody = body;
+            }
+
+            public int Seq
+            {
+                get { return mMessageSeq; }
+            }
+
+            public byte Type
+            {
+                get { return mMsgType; }
+            }
+
+            public byte[] Body
+            {
+                get { return mBody; }
+            }
+        }
+
+        internal class RecordLayerBuffer
+            :   MemoryStream
+        {
+            internal RecordLayerBuffer(int size)
+                :   base(size)
+            {
+            }
+
+            internal void SendToRecordLayer(DtlsRecordLayer recordLayer)
+            {
+#if PORTABLE
+                byte[] buf = ToArray();
+                int bufLen = buf.Length;
+#else
+                byte[] buf = GetBuffer();
+                int bufLen = (int)Length;
+#endif
+
+                recordLayer.Send(buf, 0, bufLen);
+                Platform.Dispose(this);
+            }
+        }
+
+        internal class Retransmit
+            :   DtlsHandshakeRetransmit
+        {
+            private readonly DtlsReliableHandshake mOuter;
+
+            internal Retransmit(DtlsReliableHandshake outer)
+            {
+                this.mOuter = outer;
+            }
+
+            public void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len)
+            {
+                mOuter.ProcessRecord(0, epoch, buf, off, len);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsReplayWindow.cs b/bc-sharp-crypto/src/crypto/tls/DtlsReplayWindow.cs
new file mode 100644
index 0000000..ea18e80
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsReplayWindow.cs
@@ -0,0 +1,85 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 4347 4.1.2.5 Anti-replay
+     * <p/>
+     * Support fast rejection of duplicate records by maintaining a sliding receive window
+     */
+    internal class DtlsReplayWindow
+    {
+        private const long VALID_SEQ_MASK = 0x0000FFFFFFFFFFFFL;
+
+        private const long WINDOW_SIZE = 64L;
+
+        private long mLatestConfirmedSeq = -1;
+        private long mBitmap = 0;
+
+        /**
+         * Check whether a received record with the given sequence number should be rejected as a duplicate.
+         *
+         * @param seq the 48-bit DTLSPlainText.sequence_number field of a received record.
+         * @return true if the record should be discarded without further processing.
+         */
+        internal bool ShouldDiscard(long seq)
+        {
+            if ((seq & VALID_SEQ_MASK) != seq)
+                return true;
+
+            if (seq <= mLatestConfirmedSeq)
+            {
+                long diff = mLatestConfirmedSeq - seq;
+                if (diff >= WINDOW_SIZE)
+                    return true;
+                if ((mBitmap & (1L << (int)diff)) != 0)
+                    return true;
+            }
+
+            return false;
+        }
+
+        /**
+         * Report that a received record with the given sequence number passed authentication checks.
+         *
+         * @param seq the 48-bit DTLSPlainText.sequence_number field of an authenticated record.
+         */
+        internal void ReportAuthenticated(long seq)
+        {
+            if ((seq & VALID_SEQ_MASK) != seq)
+                throw new ArgumentException("out of range", "seq");
+
+            if (seq <= mLatestConfirmedSeq)
+            {
+                long diff = mLatestConfirmedSeq - seq;
+                if (diff < WINDOW_SIZE)
+                {
+                    mBitmap |= (1L << (int)diff);
+                }
+            }
+            else
+            {
+                long diff = seq - mLatestConfirmedSeq;
+                if (diff >= WINDOW_SIZE)
+                {
+                    mBitmap = 1;
+                }
+                else
+                {
+                    mBitmap <<= (int)diff;
+                    mBitmap |= 1;
+                }
+                mLatestConfirmedSeq = seq;
+            }
+        }
+
+        /**
+         * When a new epoch begins, sequence numbers begin again at 0
+         */
+        internal void Reset()
+        {
+            mLatestConfirmedSeq = -1;
+            mBitmap = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsServerProtocol.cs b/bc-sharp-crypto/src/crypto/tls/DtlsServerProtocol.cs
new file mode 100644
index 0000000..3032269
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsServerProtocol.cs
@@ -0,0 +1,696 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DtlsServerProtocol
+        :   DtlsProtocol
+    {
+        protected bool mVerifyRequests = true;
+
+        public DtlsServerProtocol(SecureRandom secureRandom)
+            :   base(secureRandom)
+        {
+        }
+
+        public virtual bool VerifyRequests
+        {
+            get { return mVerifyRequests; }
+            set { this.mVerifyRequests = value; }
+        }
+
+        public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport)
+        {
+            if (server == null)
+                throw new ArgumentNullException("server");
+            if (transport == null)
+                throw new ArgumentNullException("transport");
+
+            SecurityParameters securityParameters = new SecurityParameters();
+            securityParameters.entity = ConnectionEnd.server;
+
+            ServerHandshakeState state = new ServerHandshakeState();
+            state.server = server;
+            state.serverContext = new TlsServerContextImpl(mSecureRandom, securityParameters);
+
+            securityParameters.serverRandom = TlsProtocol.CreateRandomBlock(server.ShouldUseGmtUnixTime(),
+                state.serverContext.NonceRandomGenerator);
+
+            server.Init(state.serverContext);
+
+            DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.serverContext, server, ContentType.handshake);
+
+            // TODO Need to handle sending of HelloVerifyRequest without entering a full connection
+
+            try
+            {
+                return ServerHandshake(state, recordLayer);
+            }
+            catch (TlsFatalAlert fatalAlert)
+            {
+                AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription);
+                throw fatalAlert;
+            }
+            catch (IOException e)
+            {
+                AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+            finally
+            {
+                securityParameters.Clear();
+            }
+        }
+
+        internal virtual void AbortServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription)
+        {
+            recordLayer.Fail(alertDescription);
+            InvalidateSession(state);
+        }
+
+        internal virtual DtlsTransport ServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer)
+        {
+            SecurityParameters securityParameters = state.serverContext.SecurityParameters;
+            DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.serverContext, recordLayer);
+
+            DtlsReliableHandshake.Message clientMessage = handshake.ReceiveMessage();
+
+            // NOTE: DTLSRecordLayer requires any DTLS version, we don't otherwise constrain this
+            //ProtocolVersion recordLayerVersion = recordLayer.ReadVersion;
+
+            if (clientMessage.Type == HandshakeType.client_hello)
+            {
+                ProcessClientHello(state, clientMessage.Body);
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+
+            {
+                byte[] serverHelloBody = GenerateServerHello(state);
+
+                ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength);
+
+                ProtocolVersion recordLayerVersion = state.serverContext.ServerVersion;
+                recordLayer.ReadVersion = recordLayerVersion;
+                recordLayer.SetWriteVersion(recordLayerVersion);
+
+                handshake.SendMessage(HandshakeType.server_hello, serverHelloBody);
+            }
+
+            handshake.NotifyHelloComplete();
+
+            IList serverSupplementalData = state.server.GetServerSupplementalData();
+            if (serverSupplementalData != null)
+            {
+                byte[] supplementalDataBody = GenerateSupplementalData(serverSupplementalData);
+                handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody);
+            }
+
+            state.keyExchange = state.server.GetKeyExchange();
+            state.keyExchange.Init(state.serverContext);
+
+            state.serverCredentials = state.server.GetCredentials();
+
+            Certificate serverCertificate = null;
+
+            if (state.serverCredentials == null)
+            {
+                state.keyExchange.SkipServerCredentials();
+            }
+            else
+            {
+                state.keyExchange.ProcessServerCredentials(state.serverCredentials);
+
+                serverCertificate = state.serverCredentials.Certificate;
+                byte[] certificateBody = GenerateCertificate(serverCertificate);
+                handshake.SendMessage(HandshakeType.certificate, certificateBody);
+            }
+
+            // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
+            if (serverCertificate == null || serverCertificate.IsEmpty)
+            {
+                state.allowCertificateStatus = false;
+            }
+
+            if (state.allowCertificateStatus)
+            {
+                CertificateStatus certificateStatus = state.server.GetCertificateStatus();
+                if (certificateStatus != null)
+                {
+                    byte[] certificateStatusBody = GenerateCertificateStatus(state, certificateStatus);
+                    handshake.SendMessage(HandshakeType.certificate_status, certificateStatusBody);
+                }
+            }
+
+            byte[] serverKeyExchange = state.keyExchange.GenerateServerKeyExchange();
+            if (serverKeyExchange != null)
+            {
+                handshake.SendMessage(HandshakeType.server_key_exchange, serverKeyExchange);
+            }
+
+            if (state.serverCredentials != null)
+            {
+                state.certificateRequest = state.server.GetCertificateRequest();
+                if (state.certificateRequest != null)
+                {
+                    if (TlsUtilities.IsTlsV12(state.serverContext) != (state.certificateRequest.SupportedSignatureAlgorithms != null))
+                        throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                    state.keyExchange.ValidateCertificateRequest(state.certificateRequest);
+
+                    byte[] certificateRequestBody = GenerateCertificateRequest(state, state.certificateRequest);
+                    handshake.SendMessage(HandshakeType.certificate_request, certificateRequestBody);
+
+                    TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash,
+                        state.certificateRequest.SupportedSignatureAlgorithms);
+                }
+            }
+
+            handshake.SendMessage(HandshakeType.server_hello_done, TlsUtilities.EmptyBytes);
+
+            handshake.HandshakeHash.SealHashAlgorithms();
+
+            clientMessage = handshake.ReceiveMessage();
+
+            if (clientMessage.Type == HandshakeType.supplemental_data)
+            {
+                ProcessClientSupplementalData(state, clientMessage.Body);
+                clientMessage = handshake.ReceiveMessage();
+            }
+            else
+            {
+                state.server.ProcessClientSupplementalData(null);
+            }
+
+            if (state.certificateRequest == null)
+            {
+                state.keyExchange.SkipClientCredentials();
+            }
+            else
+            {
+                if (clientMessage.Type == HandshakeType.certificate)
+                {
+                    ProcessClientCertificate(state, clientMessage.Body);
+                    clientMessage = handshake.ReceiveMessage();
+                }
+                else
+                {
+                    if (TlsUtilities.IsTlsV12(state.serverContext))
+                    {
+                        /*
+                         * RFC 5246 If no suitable certificate is available, the client MUST send a
+                         * certificate message containing no certificates.
+                         * 
+                         * NOTE: In previous RFCs, this was SHOULD instead of MUST.
+                         */
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                    }
+
+                    NotifyClientCertificate(state, Certificate.EmptyChain);
+                }
+            }
+
+            if (clientMessage.Type == HandshakeType.client_key_exchange)
+            {
+                ProcessClientKeyExchange(state, clientMessage.Body);
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+
+            TlsHandshakeHash prepareFinishHash = handshake.PrepareToFinish();
+            securityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(state.serverContext, prepareFinishHash, null);
+
+            TlsProtocol.EstablishMasterSecret(state.serverContext, state.keyExchange);
+            recordLayer.InitPendingEpoch(state.server.GetCipher());
+
+            /*
+             * RFC 5246 7.4.8 This message is only sent following a client certificate that has signing
+             * capability (i.e., all certificates except those containing fixed Diffie-Hellman
+             * parameters).
+             */
+            if (ExpectCertificateVerifyMessage(state))
+            {
+                byte[] certificateVerifyBody = handshake.ReceiveMessageBody(HandshakeType.certificate_verify);
+                ProcessCertificateVerify(state, certificateVerifyBody, prepareFinishHash);
+            }
+
+            // NOTE: Calculated exclusive of the actual Finished message from the client
+            byte[] expectedClientVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, ExporterLabel.client_finished,
+                TlsProtocol.GetCurrentPrfHash(state.serverContext, handshake.HandshakeHash, null));
+            ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), expectedClientVerifyData);
+
+            if (state.expectSessionTicket)
+            {
+                NewSessionTicket newSessionTicket = state.server.GetNewSessionTicket();
+                byte[] newSessionTicketBody = GenerateNewSessionTicket(state, newSessionTicket);
+                handshake.SendMessage(HandshakeType.session_ticket, newSessionTicketBody);
+            }
+
+            // NOTE: Calculated exclusive of the Finished message itself
+            byte[] serverVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, ExporterLabel.server_finished,
+                TlsProtocol.GetCurrentPrfHash(state.serverContext, handshake.HandshakeHash, null));
+            handshake.SendMessage(HandshakeType.finished, serverVerifyData);
+
+            handshake.Finish();
+
+            state.server.NotifyHandshakeComplete();
+
+            return new DtlsTransport(recordLayer);
+        }
+
+        protected virtual void InvalidateSession(ServerHandshakeState state)
+        {
+            if (state.sessionParameters != null)
+            {
+                state.sessionParameters.Clear();
+                state.sessionParameters = null;
+            }
+
+            if (state.tlsSession != null)
+            {
+                state.tlsSession.Invalidate();
+                state.tlsSession = null;
+            }
+        }
+
+        protected virtual byte[] GenerateCertificateRequest(ServerHandshakeState state, CertificateRequest certificateRequest)
+        {
+            MemoryStream buf = new MemoryStream();
+            certificateRequest.Encode(buf);
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateCertificateStatus(ServerHandshakeState state, CertificateStatus certificateStatus)
+        {
+            MemoryStream buf = new MemoryStream();
+            certificateStatus.Encode(buf);
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateNewSessionTicket(ServerHandshakeState state, NewSessionTicket newSessionTicket)
+        {
+            MemoryStream buf = new MemoryStream();
+            newSessionTicket.Encode(buf);
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateServerHello(ServerHandshakeState state)
+        {
+            SecurityParameters securityParameters = state.serverContext.SecurityParameters;
+
+            MemoryStream buf = new MemoryStream();
+
+            {
+                ProtocolVersion server_version = state.server.GetServerVersion();
+                if (!server_version.IsEqualOrEarlierVersionOf(state.serverContext.ClientVersion))
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                // TODO Read RFCs for guidance on the expected record layer version number
+                // recordStream.setReadVersion(server_version);
+                // recordStream.setWriteVersion(server_version);
+                // recordStream.setRestrictReadVersion(true);
+                state.serverContext.SetServerVersion(server_version);
+
+                TlsUtilities.WriteVersion(state.serverContext.ServerVersion, buf);
+            }
+
+            buf.Write(securityParameters.ServerRandom, 0, securityParameters.ServerRandom.Length);
+
+            /*
+             * The server may return an empty session_id to indicate that the session will not be cached
+             * and therefore cannot be resumed.
+             */
+            TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, buf);
+
+            int selectedCipherSuite = state.server.GetSelectedCipherSuite();
+            if (!Arrays.Contains(state.offeredCipherSuites, selectedCipherSuite)
+                || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
+                || CipherSuite.IsScsv(selectedCipherSuite)
+                || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, state.serverContext.ServerVersion))
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+            ValidateSelectedCipherSuite(selectedCipherSuite, AlertDescription.internal_error);
+            securityParameters.cipherSuite = selectedCipherSuite;
+
+            byte selectedCompressionMethod = state.server.GetSelectedCompressionMethod();
+            if (!Arrays.Contains(state.offeredCompressionMethods, selectedCompressionMethod))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            securityParameters.compressionAlgorithm = selectedCompressionMethod;
+
+            TlsUtilities.WriteUint16(selectedCipherSuite, buf);
+            TlsUtilities.WriteUint8(selectedCompressionMethod, buf);
+
+            state.serverExtensions = state.server.GetServerExtensions();
+
+            /*
+             * RFC 5746 3.6. Server Behavior: Initial Handshake
+             */
+            if (state.secure_renegotiation)
+            {
+                byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, ExtensionType.renegotiation_info);
+                bool noRenegExt = (null == renegExtData);
+
+                if (noRenegExt)
+                {
+                    /*
+                     * Note that sending a "renegotiation_info" extension in response to a ClientHello
+                     * containing only the SCSV is an explicit exception to the prohibition in RFC 5246,
+                     * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed
+                     * because the client is signaling its willingness to receive the extension via the
+                     * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
+                     */
+
+                    /*
+                     * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty
+                     * "renegotiation_info" extension in the ServerHello message.
+                     */
+                    state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(state.serverExtensions);
+                    state.serverExtensions[ExtensionType.renegotiation_info] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
+                }
+            }
+
+            if (securityParameters.extendedMasterSecret)
+            {
+                state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(state.serverExtensions);
+                TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.serverExtensions);
+            }
+
+            /*
+             * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
+             * extensions appearing in the client hello, and send a server hello containing no
+             * extensions.
+             */
+
+            if (state.serverExtensions != null)
+            {
+                securityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(state.serverExtensions);
+
+                securityParameters.maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession,
+                    state.clientExtensions, state.serverExtensions, AlertDescription.internal_error);
+
+                securityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(state.serverExtensions);
+
+                /*
+                 * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
+                 * a session resumption handshake.
+                 */
+                state.allowCertificateStatus = !state.resumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, ExtensionType.status_request,
+                        AlertDescription.internal_error);
+
+                state.expectSessionTicket = !state.resumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, ExtensionType.session_ticket,
+                        AlertDescription.internal_error);
+
+                TlsProtocol.WriteExtensions(buf, state.serverExtensions);
+            }
+
+            securityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(state.serverContext,
+                securityParameters.CipherSuite);
+
+            /*
+             * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length
+             * has a verify_data_length equal to 12. This includes all existing cipher suites.
+             */
+            securityParameters.verifyDataLength = 12;
+
+            return buf.ToArray();
+        }
+
+        protected virtual void NotifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate)
+        {
+            if (state.certificateRequest == null)
+                throw new InvalidOperationException();
+
+            if (state.clientCertificate != null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            state.clientCertificate = clientCertificate;
+
+            if (clientCertificate.IsEmpty)
+            {
+                state.keyExchange.SkipClientCredentials();
+            }
+            else
+            {
+
+                /*
+                 * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request
+                 * message was non-empty, one of the certificates in the certificate chain SHOULD be
+                 * issued by one of the listed CAs.
+                 */
+
+                state.clientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate,
+                    state.serverCredentials.Certificate);
+
+                state.keyExchange.ProcessClientCertificate(clientCertificate);
+            }
+
+            /*
+             * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its
+             * discretion either continue the handshake without client authentication, or respond with a
+             * fatal handshake_failure alert. Also, if some aspect of the certificate chain was
+             * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its
+             * discretion either continue the handshake (considering the client unauthenticated) or send
+             * a fatal alert.
+             */
+            state.server.NotifyClientCertificate(clientCertificate);
+        }
+
+        protected virtual void ProcessClientCertificate(ServerHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            Certificate clientCertificate = Certificate.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            NotifyClientCertificate(state, clientCertificate);
+        }
+
+        protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
+        {
+            if (state.certificateRequest == null)
+                throw new InvalidOperationException();
+
+            MemoryStream buf = new MemoryStream(body, false);
+
+            TlsServerContextImpl context = state.serverContext;
+            DigitallySigned clientCertificateVerify = DigitallySigned.Parse(context, buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            // Verify the CertificateVerify message contains a correct signature.
+            try
+            {
+                SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm;
+
+                byte[] hash;
+                if (TlsUtilities.IsTlsV12(context))
+                {
+                    TlsUtilities.VerifySupportedSignatureAlgorithm(state.certificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm);
+                    hash = prepareFinishHash.GetFinalHash(signatureAlgorithm.Hash);
+                }
+                else
+                {
+                    hash = context.SecurityParameters.SessionHash;
+                }
+
+                X509CertificateStructure x509Cert = state.clientCertificate.GetCertificateAt(0);
+                SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+                AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo);
+
+                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType);
+                tlsSigner.Init(context);
+                if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash))
+                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
+            }
+            catch (TlsFatalAlert e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
+            }
+        }
+
+        protected virtual void ProcessClientHello(ServerHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            // TODO Read RFCs for guidance on the expected record layer version number
+            ProtocolVersion client_version = TlsUtilities.ReadVersion(buf);
+            if (!client_version.IsDtls)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            /*
+             * Read the client random
+             */
+            byte[] client_random = TlsUtilities.ReadFully(32, buf);
+
+            byte[] sessionID = TlsUtilities.ReadOpaque8(buf);
+            if (sessionID.Length > 32)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            // TODO RFC 4347 has the cookie length restricted to 32, but not in RFC 6347
+            byte[] cookie = TlsUtilities.ReadOpaque8(buf);
+
+            int cipher_suites_length = TlsUtilities.ReadUint16(buf);
+            if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0)
+            {
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            }
+
+            /*
+             * NOTE: "If the session_id field is not empty (implying a session resumption request) this
+             * vector must include at least the cipher_suite from that session."
+             */
+            state.offeredCipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, buf);
+
+            int compression_methods_length = TlsUtilities.ReadUint8(buf);
+            if (compression_methods_length < 1)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            state.offeredCompressionMethods = TlsUtilities.ReadUint8Array(compression_methods_length, buf);
+
+            /*
+             * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
+             * extensions appearing in the client hello, and send a server hello containing no
+             * extensions.
+             */
+            state.clientExtensions = TlsProtocol.ReadExtensions(buf);
+
+            TlsServerContextImpl context = state.serverContext;
+            SecurityParameters securityParameters = context.SecurityParameters;
+
+            /*
+             * TODO[session-hash]
+             * 
+             * draft-ietf-tls-session-hash-04 4. Clients and servers SHOULD NOT accept handshakes
+             * that do not use the extended master secret [..]. (and see 5.2, 5.3)
+             */
+            securityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(state.clientExtensions);
+
+            context.SetClientVersion(client_version);
+
+            state.server.NotifyClientVersion(client_version);
+            state.server.NotifyFallback(Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV));
+
+            securityParameters.clientRandom = client_random;
+
+            state.server.NotifyOfferedCipherSuites(state.offeredCipherSuites);
+            state.server.NotifyOfferedCompressionMethods(state.offeredCompressionMethods);
+
+            /*
+             * RFC 5746 3.6. Server Behavior: Initial Handshake
+             */
+            {
+                /*
+                 * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
+                 * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
+                 * ClientHello. Including both is NOT RECOMMENDED.
+                 */
+
+                /*
+                 * When a ClientHello is received, the server MUST check if it includes the
+                 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
+                 * to TRUE.
+                 */
+                if (Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV))
+                {
+                    state.secure_renegotiation = true;
+                }
+
+                /*
+                 * The server MUST check if the "renegotiation_info" extension is included in the
+                 * ClientHello.
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(state.clientExtensions, ExtensionType.renegotiation_info);
+                if (renegExtData != null)
+                {
+                    /*
+                     * If the extension is present, set secure_renegotiation flag to TRUE. The
+                     * server MUST then verify that the length of the "renegotiated_connection"
+                     * field is zero, and if it is not, MUST abort the handshake.
+                     */
+                    state.secure_renegotiation = true;
+
+                    if (!Arrays.ConstantTimeAreEqual(renegExtData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                }
+            }
+
+            state.server.NotifySecureRenegotiation(state.secure_renegotiation);
+
+            if (state.clientExtensions != null)
+            {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(state.clientExtensions);
+
+                state.server.ProcessClientExtensions(state.clientExtensions);
+            }
+        }
+
+        protected virtual void ProcessClientKeyExchange(ServerHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+
+            state.keyExchange.ProcessClientKeyExchange(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+        }
+
+        protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body)
+        {
+            MemoryStream buf = new MemoryStream(body, false);
+            IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
+            state.server.ProcessClientSupplementalData(clientSupplementalData);
+        }
+
+        protected virtual bool ExpectCertificateVerifyMessage(ServerHandshakeState state)
+        {
+            return state.clientCertificateType >= 0 && TlsUtilities.HasSigningCapability((byte)state.clientCertificateType);
+        }
+
+        protected internal class ServerHandshakeState
+        {
+            internal TlsServer server = null;
+            internal TlsServerContextImpl serverContext = null;
+            internal TlsSession tlsSession = null;
+            internal SessionParameters sessionParameters = null;
+            internal SessionParameters.Builder sessionParametersBuilder = null;
+            internal int[] offeredCipherSuites = null;
+            internal byte[] offeredCompressionMethods = null;
+            internal IDictionary clientExtensions = null;
+            internal IDictionary serverExtensions = null;
+            internal bool resumedSession = false;
+            internal bool secure_renegotiation = false;
+            internal bool allowCertificateStatus = false;
+            internal bool expectSessionTicket = false;
+            internal TlsKeyExchange keyExchange = null;
+            internal TlsCredentials serverCredentials = null;
+            internal CertificateRequest certificateRequest = null;
+            internal short clientCertificateType = -1;
+            internal Certificate clientCertificate = null;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/DtlsTransport.cs b/bc-sharp-crypto/src/crypto/tls/DtlsTransport.cs
new file mode 100644
index 0000000..5c60733
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/DtlsTransport.cs
@@ -0,0 +1,77 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class DtlsTransport
+        :   DatagramTransport
+    {
+        private readonly DtlsRecordLayer mRecordLayer;
+
+        internal DtlsTransport(DtlsRecordLayer recordLayer)
+        {
+            this.mRecordLayer = recordLayer;
+        }
+
+        public virtual int GetReceiveLimit()
+        {
+            return mRecordLayer.GetReceiveLimit();
+        }
+
+        public virtual int GetSendLimit()
+        {
+            return mRecordLayer.GetSendLimit();
+        }
+
+        public virtual int Receive(byte[] buf, int off, int len, int waitMillis)
+        {
+            try
+            {
+                return mRecordLayer.Receive(buf, off, len, waitMillis);
+            }
+            catch (TlsFatalAlert fatalAlert)
+            {
+                mRecordLayer.Fail(fatalAlert.AlertDescription);
+                throw fatalAlert;
+            }
+            catch (IOException e)
+            {
+                mRecordLayer.Fail(AlertDescription.internal_error);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                mRecordLayer.Fail(AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+        }
+
+        public virtual void Send(byte[] buf, int off, int len)
+        {
+            try
+            {
+                mRecordLayer.Send(buf, off, len);
+            }
+            catch (TlsFatalAlert fatalAlert)
+            {
+                mRecordLayer.Fail(fatalAlert.AlertDescription);
+                throw fatalAlert;
+            }
+            catch (IOException e)
+            {
+                mRecordLayer.Fail(AlertDescription.internal_error);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                mRecordLayer.Fail(AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+        }
+
+        public virtual void Close()
+        {
+            mRecordLayer.Close();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ECBasisType.cs b/bc-sharp-crypto/src/crypto/tls/ECBasisType.cs
new file mode 100644
index 0000000..5416e17
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ECBasisType.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 4492 5.4. (Errata ID: 2389)</summary>
+    public abstract class ECBasisType
+    {
+        public const byte ec_basis_trinomial = 1;
+        public const byte ec_basis_pentanomial = 2;
+
+        public static bool IsValid(byte ecBasisType)
+        {
+            return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ECCurveType.cs b/bc-sharp-crypto/src/crypto/tls/ECCurveType.cs
new file mode 100644
index 0000000..1b352e9
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ECCurveType.cs
@@ -0,0 +1,29 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 4492 5.4
+    /// </summary>
+    public abstract class ECCurveType
+    {
+        /**
+         * Indicates the elliptic curve domain parameters are conveyed verbosely, and the
+         * underlying finite field is a prime field.
+         */
+        public const byte explicit_prime = 1;
+
+        /**
+         * Indicates the elliptic curve domain parameters are conveyed verbosely, and the
+         * underlying finite field is a characteristic-2 field.
+         */
+        public const byte explicit_char2 = 2;
+
+        /**
+         * Indicates that a named curve is used. This option SHOULD be used when applicable.
+         */
+        public const byte named_curve = 3;
+
+        /*
+         * Values 248 through 255 are reserved for private use.
+         */
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ECPointFormat.cs b/bc-sharp-crypto/src/crypto/tls/ECPointFormat.cs
new file mode 100644
index 0000000..21b0fdd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ECPointFormat.cs
@@ -0,0 +1,16 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 4492 5.1.2
+    /// </summary>
+    public abstract class ECPointFormat
+    {
+        public const byte uncompressed = 0;
+        public const byte ansiX962_compressed_prime = 1;
+        public const byte ansiX962_compressed_char2 = 2;
+
+        /*
+         * reserved (248..255)
+         */
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/EncryptionAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/EncryptionAlgorithm.cs
new file mode 100644
index 0000000..45eef18
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/EncryptionAlgorithm.cs
@@ -0,0 +1,69 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class EncryptionAlgorithm
+    {
+        public const int NULL = 0;
+        public const int RC4_40 = 1;
+        public const int RC4_128 = 2;
+        public const int RC2_CBC_40 = 3;
+        public const int IDEA_CBC = 4;
+        public const int DES40_CBC = 5;
+        public const int DES_CBC = 6;
+        public const int cls_3DES_EDE_CBC = 7;
+
+        /*
+         * RFC 3268
+         */
+        public const int AES_128_CBC = 8;
+        public const int AES_256_CBC = 9;
+
+        /*
+         * RFC 5289
+         */
+        public const int AES_128_GCM = 10;
+        public const int AES_256_GCM = 11;
+
+        /*
+         * RFC 4132
+         */
+        public const int CAMELLIA_128_CBC = 12;
+        public const int CAMELLIA_256_CBC = 13;
+
+        /*
+         * RFC 4162
+         */
+        public const int SEED_CBC = 14;
+
+        /*
+         * RFC 6655
+         */
+        public const int AES_128_CCM = 15;
+        public const int AES_128_CCM_8 = 16;
+        public const int AES_256_CCM = 17;
+        public const int AES_256_CCM_8 = 18;
+
+        /*
+         * RFC 6367
+         */
+        public const int CAMELLIA_128_GCM = 19;
+        public const int CAMELLIA_256_GCM = 20;
+
+        /*
+         * RFC 7905
+         */
+        public const int CHACHA20_POLY1305 = 21;
+
+        /*
+         * draft-zauner-tls-aes-ocb-04
+         */
+        public const int AES_128_OCB_TAGLEN96 = 103;
+        public const int AES_256_OCB_TAGLEN96 = 104;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ExporterLabel.cs b/bc-sharp-crypto/src/crypto/tls/ExporterLabel.cs
new file mode 100644
index 0000000..5970769
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ExporterLabel.cs
@@ -0,0 +1,37 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 5705</summary>
+    public abstract class ExporterLabel
+    {
+        /*
+         * RFC 5246
+         */
+        public const string client_finished = "client finished";
+        public const string server_finished = "server finished";
+        public const string master_secret = "master secret";
+        public const string key_expansion = "key expansion";
+
+        /*
+         * RFC 5216
+         */
+        public const string client_EAP_encryption = "client EAP encryption";
+
+        /*
+         * RFC 5281
+         */
+        public const string ttls_keying_material = "ttls keying material";
+        public const string ttls_challenge = "ttls challenge";
+
+        /*
+         * RFC 5764
+         */
+        public const string dtls_srtp = "EXTRACTOR-dtls_srtp";
+
+        /*
+         * draft-ietf-tls-session-hash-04
+         */
+        public static readonly string extended_master_secret = "extended master secret";
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ExtensionType.cs b/bc-sharp-crypto/src/crypto/tls/ExtensionType.cs
new file mode 100644
index 0000000..f17210b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ExtensionType.cs
@@ -0,0 +1,128 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ExtensionType
+    {
+        /*
+         * RFC 2546 2.3.
+         */
+        public const int server_name = 0;
+        public const int max_fragment_length = 1;
+        public const int client_certificate_url = 2;
+        public const int trusted_ca_keys = 3;
+        public const int truncated_hmac = 4;
+        public const int status_request = 5;
+
+        /*
+         * RFC 4681
+         */
+        public const int user_mapping = 6;
+
+        /*
+         * RFC 5878
+         */
+        public const int client_authz = 7;
+        public const int server_authz = 8;
+
+        /*
+         * RFC RFC6091
+         */
+        public const int cert_type = 9;
+
+        /*
+         * draft-ietf-tls-negotiated-ff-dhe-10
+         */
+        public const int supported_groups = 10;
+
+        /*
+         * RFC 4492 5.1.
+         */
+        [Obsolete("Use 'supported_groups' instead")]
+        public const int elliptic_curves = supported_groups;
+        public const int ec_point_formats = 11;
+
+        /*
+         * RFC 5054 2.8.1.
+         */
+        public const int srp = 12;
+
+        /*
+         * RFC 5246 7.4.1.4.
+         */
+        public const int signature_algorithms = 13;
+
+        /*
+         * RFC 5764 9.
+         */
+        public const int use_srtp = 14;
+
+        /*
+         * RFC 6520 6.
+         */
+        public const int heartbeat = 15;
+
+        /*
+         * RFC 7301
+         */
+        public const int application_layer_protocol_negotiation = 16;
+
+        /*
+         * RFC 6961
+         */
+        public const int status_request_v2 = 17;
+
+        /*
+         * RFC 6962
+         */
+        public const int signed_certificate_timestamp = 18;
+
+        /*
+         * RFC 7250
+         */
+        public const int client_certificate_type = 19;
+        public const int server_certificate_type = 20;
+
+        /*
+         * RFC 7685
+         */
+        public const int padding = 21;
+
+        /*
+         * RFC 7366
+         */
+        public const int encrypt_then_mac = 22;
+
+        /*
+         * RFC 7627
+         */
+        public const int extended_master_secret = 23;
+
+        /*
+         * draft-ietf-tokbind-negotiation-08
+         */
+        public static readonly int DRAFT_token_binding = 24;
+
+        /*
+         * RFC 7924
+         */
+        public const int cached_info = 25;
+
+        /*
+         * RFC 5077 7.
+         */
+        public const int session_ticket = 35;
+
+        /*
+         * draft-ietf-tls-negotiated-ff-dhe-01
+         * 
+         * WARNING: Placeholder value; the real value is TBA
+         */
+        public static readonly int negotiated_ff_dhe_groups = 101;
+
+        /*
+         * RFC 5746 3.2.
+         */
+        public const int renegotiation_info = 0xff01;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/FiniteFieldDheGroup.cs b/bc-sharp-crypto/src/crypto/tls/FiniteFieldDheGroup.cs
new file mode 100644
index 0000000..4375049
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/FiniteFieldDheGroup.cs
@@ -0,0 +1,21 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * draft-ietf-tls-negotiated-ff-dhe-01
+     */
+    public abstract class FiniteFieldDheGroup
+    {
+        public const byte ffdhe2432 = 0;
+        public const byte ffdhe3072 = 1;
+        public const byte ffdhe4096 = 2;
+        public const byte ffdhe6144 = 3;
+        public const byte ffdhe8192 = 4;
+
+        public static bool IsValid(byte group)
+        {
+            return group >= ffdhe2432 && group <= ffdhe8192;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HandshakeType.cs b/bc-sharp-crypto/src/crypto/tls/HandshakeType.cs
new file mode 100644
index 0000000..e63042a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HandshakeType.cs
@@ -0,0 +1,40 @@
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class HandshakeType
+    {
+        /*
+         * RFC 2246 7.4
+         */
+        public const byte hello_request = 0;
+        public const byte client_hello = 1;
+        public const byte server_hello = 2;
+        public const byte certificate = 11;
+        public const byte server_key_exchange = 12;
+        public const byte certificate_request = 13;
+        public const byte server_hello_done = 14;
+        public const byte certificate_verify = 15;
+        public const byte client_key_exchange = 16;
+        public const byte finished = 20;
+
+        /*
+         * RFC 3546 2.4
+         */
+        public const byte certificate_url = 21;
+        public const byte certificate_status = 22;
+
+        /*
+         *  (DTLS) RFC 4347 4.3.2
+         */
+        public const byte hello_verify_request = 3;
+
+        /*
+         * RFC 4680 
+         */
+        public const byte supplemental_data = 23;
+
+        /*
+         * RFC 5077 
+         */
+        public const byte session_ticket = 4;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HashAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/HashAlgorithm.cs
new file mode 100644
index 0000000..0f38e2d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HashAlgorithm.cs
@@ -0,0 +1,49 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 5246 7.4.1.4.1</summary>
+    public abstract class HashAlgorithm
+    {
+        public const byte none = 0;
+        public const byte md5 = 1;
+        public const byte sha1 = 2;
+        public const byte sha224 = 3;
+        public const byte sha256 = 4;
+        public const byte sha384 = 5;
+        public const byte sha512 = 6;
+
+        public static string GetName(byte hashAlgorithm)
+        {
+            switch (hashAlgorithm)
+            {
+            case none:
+                return "none";
+            case md5:
+                return "md5";
+            case sha1:
+                return "sha1";
+            case sha224:
+                return "sha224";
+            case sha256:
+                return "sha256";
+            case sha384:
+                return "sha384";
+            case sha512:
+                return "sha512";
+            default:
+                return "UNKNOWN";
+            }
+        }
+
+        public static string GetText(byte hashAlgorithm)
+        {
+            return GetName(hashAlgorithm) + "(" + hashAlgorithm + ")";
+        }
+
+        public static bool IsPrivate(byte hashAlgorithm)
+        {
+            return 224 <= hashAlgorithm && hashAlgorithm <= 255;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HeartbeatExtension.cs b/bc-sharp-crypto/src/crypto/tls/HeartbeatExtension.cs
new file mode 100644
index 0000000..0498372
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HeartbeatExtension.cs
@@ -0,0 +1,52 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class HeartbeatExtension
+    {
+        protected readonly byte mMode;
+
+        public HeartbeatExtension(byte mode)
+        {
+            if (!HeartbeatMode.IsValid(mode))
+                throw new ArgumentException("not a valid HeartbeatMode value", "mode");
+
+            this.mMode = mode;
+        }
+
+        public virtual byte Mode
+        {
+            get { return mMode; }
+        }
+
+        /**
+         * Encode this {@link HeartbeatExtension} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(mMode, output);
+        }
+
+        /**
+         * Parse a {@link HeartbeatExtension} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link HeartbeatExtension} object.
+         * @throws IOException
+         */
+        public static HeartbeatExtension Parse(Stream input)
+        {
+            byte mode = TlsUtilities.ReadUint8(input);
+            if (!HeartbeatMode.IsValid(mode))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return new HeartbeatExtension(mode);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HeartbeatMessage.cs b/bc-sharp-crypto/src/crypto/tls/HeartbeatMessage.cs
new file mode 100644
index 0000000..3f22f7e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HeartbeatMessage.cs
@@ -0,0 +1,109 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class HeartbeatMessage
+    {
+        protected readonly byte mType;
+        protected readonly byte[] mPayload;
+        protected readonly int mPaddingLength;
+
+        public HeartbeatMessage(byte type, byte[] payload, int paddingLength)
+        {
+            if (!HeartbeatMessageType.IsValid(type))
+                throw new ArgumentException("not a valid HeartbeatMessageType value", "type");
+            if (payload == null || payload.Length >= (1 << 16))
+                throw new ArgumentException("must have length < 2^16", "payload");
+            if (paddingLength < 16)
+                throw new ArgumentException("must be at least 16", "paddingLength");
+
+            this.mType = type;
+            this.mPayload = payload;
+            this.mPaddingLength = paddingLength;
+        }
+
+        /**
+         * Encode this {@link HeartbeatMessage} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(TlsContext context, Stream output)
+        {
+            TlsUtilities.WriteUint8(mType, output);
+
+            TlsUtilities.CheckUint16(mPayload.Length);
+            TlsUtilities.WriteUint16(mPayload.Length, output);
+            output.Write(mPayload, 0, mPayload.Length);
+
+            byte[] padding = new byte[mPaddingLength];
+            context.NonceRandomGenerator.NextBytes(padding);
+            output.Write(padding, 0, padding.Length);
+        }
+
+        /**
+         * Parse a {@link HeartbeatMessage} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link HeartbeatMessage} object.
+         * @throws IOException
+         */
+        public static HeartbeatMessage Parse(Stream input)
+        {
+            byte type = TlsUtilities.ReadUint8(input);
+            if (!HeartbeatMessageType.IsValid(type))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            int payload_length = TlsUtilities.ReadUint16(input);
+
+            PayloadBuffer buf = new PayloadBuffer();
+            Streams.PipeAll(input, buf);
+
+            byte[] payload = buf.ToTruncatedByteArray(payload_length);
+            if (payload == null)
+            {
+                /*
+                 * RFC 6520 4. If the payload_length of a received HeartbeatMessage is too large, the
+                 * received HeartbeatMessage MUST be discarded silently.
+                 */
+                return null;
+            }
+
+            TlsUtilities.CheckUint16(buf.Length);
+            int padding_length = (int)buf.Length - payload.Length;
+
+            /*
+             * RFC 6520 4. The padding of a received HeartbeatMessage message MUST be ignored
+             */
+            return new HeartbeatMessage(type, payload, padding_length);
+        }
+
+        internal class PayloadBuffer
+            :   MemoryStream
+        {
+            internal byte[] ToTruncatedByteArray(int payloadLength)
+            {
+                /*
+                 * RFC 6520 4. The padding_length MUST be at least 16.
+                 */
+                int minimumCount = payloadLength + 16;
+                if (Length < minimumCount)
+                    return null;
+
+#if PORTABLE
+                byte[] buf = ToArray();
+#else
+                byte[] buf = GetBuffer();
+#endif
+
+                return Arrays.CopyOf(buf, payloadLength);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HeartbeatMessageType.cs b/bc-sharp-crypto/src/crypto/tls/HeartbeatMessageType.cs
new file mode 100644
index 0000000..57a4b86
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HeartbeatMessageType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 6520 3.
+     */
+    public abstract class HeartbeatMessageType
+    {
+        public const byte heartbeat_request = 1;
+        public const byte heartbeat_response = 2;
+
+        public static bool IsValid(byte heartbeatMessageType)
+        {
+            return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/HeartbeatMode.cs b/bc-sharp-crypto/src/crypto/tls/HeartbeatMode.cs
new file mode 100644
index 0000000..f1570a8
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/HeartbeatMode.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 6520
+     */
+    public abstract class HeartbeatMode
+    {
+        public const byte peer_allowed_to_send = 1;
+        public const byte peer_not_allowed_to_send = 2;
+
+        public static bool IsValid(byte heartbeatMode)
+        {
+            return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
new file mode 100644
index 0000000..9b1b3ba
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
@@ -0,0 +1,54 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class KeyExchangeAlgorithm
+    {
+        public const int NULL = 0;
+        public const int RSA = 1;
+        public const int RSA_EXPORT = 2;
+        public const int DHE_DSS = 3;
+        public const int DHE_DSS_EXPORT = 4;
+        public const int DHE_RSA = 5;
+        public const int DHE_RSA_EXPORT = 6;
+        public const int DH_DSS = 7;
+        public const int DH_DSS_EXPORT = 8;
+        public const int DH_RSA = 9;
+        public const int DH_RSA_EXPORT = 10;
+        public const int DH_anon = 11;
+        public const int DH_anon_EXPORT = 12;
+
+        /*
+         * RFC 4279
+         */
+        public const int PSK = 13;
+        public const int DHE_PSK = 14;
+        public const int RSA_PSK = 15;
+
+        /*
+         * RFC 4429
+         */
+        public const int ECDH_ECDSA = 16;
+        public const int ECDHE_ECDSA = 17;
+        public const int ECDH_RSA = 18;
+        public const int ECDHE_RSA = 19;
+        public const int ECDH_anon = 20;
+
+        /*
+         * RFC 5054
+         */
+        public const int SRP = 21;
+        public const int SRP_DSS = 22;
+        public const int SRP_RSA = 23;
+    
+        /*
+         * RFC 5489
+         */
+        public const int ECDHE_PSK = 24;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/MacAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/MacAlgorithm.cs
new file mode 100644
index 0000000..e4aa88d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/MacAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class MacAlgorithm
+    {
+        public const int cls_null = 0;
+        public const int md5 = 1;
+        public const int sha = 2;
+
+        /*
+         * RFC 5246
+         */
+        public const int hmac_md5 = md5;
+        public const int hmac_sha1 = sha;
+        public const int hmac_sha256 = 3;
+        public const int hmac_sha384 = 4;
+        public const int hmac_sha512 = 5;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/MaxFragmentLength.cs b/bc-sharp-crypto/src/crypto/tls/MaxFragmentLength.cs
new file mode 100644
index 0000000..5b10b35
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/MaxFragmentLength.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class MaxFragmentLength
+    {
+        /*
+         * RFC 3546 3.2.
+         */
+        public const byte pow2_9 = 1;
+        public const byte pow2_10 = 2;
+        public const byte pow2_11 = 3;
+        public const byte pow2_12 = 4;
+
+        public static bool IsValid(byte maxFragmentLength)
+        {
+            return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/NameType.cs b/bc-sharp-crypto/src/crypto/tls/NameType.cs
new file mode 100644
index 0000000..7821642
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/NameType.cs
@@ -0,0 +1,17 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class NameType
+    {
+        /*
+         * RFC 3546 3.1.
+         */
+        public const byte host_name = 0;
+
+        public static bool IsValid(byte nameType)
+        {
+            return nameType == host_name;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/NamedCurve.cs b/bc-sharp-crypto/src/crypto/tls/NamedCurve.cs
new file mode 100644
index 0000000..b8aa0ec
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/NamedCurve.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// RFC 4492 5.1.1
+    /// The named curves defined here are those specified in SEC 2 [13]. Note that many of
+    /// these curves are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00
+    /// through 0xFEFF are reserved for private use. Values 0xFF01 and 0xFF02 indicate that the
+    /// client supports arbitrary prime and characteristic-2 curves, respectively (the curve
+    /// parameters must be encoded explicitly in ECParameters).
+    /// </summary>
+    public abstract class NamedCurve
+    {
+        public const int sect163k1 = 1;
+        public const int sect163r1 = 2;
+        public const int sect163r2 = 3;
+        public const int sect193r1 = 4;
+        public const int sect193r2 = 5;
+        public const int sect233k1 = 6;
+        public const int sect233r1 = 7;
+        public const int sect239k1 = 8;
+        public const int sect283k1 = 9;
+        public const int sect283r1 = 10;
+        public const int sect409k1 = 11;
+        public const int sect409r1 = 12;
+        public const int sect571k1 = 13;
+        public const int sect571r1 = 14;
+        public const int secp160k1 = 15;
+        public const int secp160r1 = 16;
+        public const int secp160r2 = 17;
+        public const int secp192k1 = 18;
+        public const int secp192r1 = 19;
+        public const int secp224k1 = 20;
+        public const int secp224r1 = 21;
+        public const int secp256k1 = 22;
+        public const int secp256r1 = 23;
+        public const int secp384r1 = 24;
+        public const int secp521r1 = 25;
+    
+        /*
+         * RFC 7027
+         */
+        public const int brainpoolP256r1 = 26;
+        public const int brainpoolP384r1 = 27;
+        public const int brainpoolP512r1 = 28;
+
+        /*
+         * reserved (0xFE00..0xFEFF)
+         */
+
+        public const int arbitrary_explicit_prime_curves = 0xFF01;
+        public const int arbitrary_explicit_char2_curves = 0xFF02;
+
+        public static bool IsValid(int namedCurve)
+        {
+            return (namedCurve >= sect163k1 && namedCurve <= brainpoolP512r1)
+                || (namedCurve >= arbitrary_explicit_prime_curves && namedCurve <= arbitrary_explicit_char2_curves);
+        }
+
+        public static bool RefersToASpecificNamedCurve(int namedCurve)
+        {
+            switch (namedCurve)
+            {
+            case arbitrary_explicit_prime_curves:
+            case arbitrary_explicit_char2_curves:
+                return false;
+            default:
+                return true;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/NewSessionTicket.cs b/bc-sharp-crypto/src/crypto/tls/NewSessionTicket.cs
new file mode 100644
index 0000000..a84026b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/NewSessionTicket.cs
@@ -0,0 +1,53 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class NewSessionTicket
+    {
+        protected readonly long mTicketLifetimeHint;
+        protected readonly byte[] mTicket;
+
+        public NewSessionTicket(long ticketLifetimeHint, byte[] ticket)
+        {
+            this.mTicketLifetimeHint = ticketLifetimeHint;
+            this.mTicket = ticket;
+        }
+
+        public virtual long TicketLifetimeHint
+        {
+            get { return mTicketLifetimeHint; }
+        }
+
+        public virtual byte[] Ticket
+        {
+            get { return mTicket; }
+        }
+
+        /**
+         * Encode this {@link NewSessionTicket} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint32(mTicketLifetimeHint, output);
+            TlsUtilities.WriteOpaque16(mTicket, output);
+        }
+
+        /**
+         * Parse a {@link NewSessionTicket} from a {@link Stream}.
+         *
+         * @param input the {@link Stream} to parse from.
+         * @return a {@link NewSessionTicket} object.
+         * @throws IOException
+         */
+        public static NewSessionTicket Parse(Stream input)
+        {
+            long ticketLifetimeHint = TlsUtilities.ReadUint32(input);
+            byte[] ticket = TlsUtilities.ReadOpaque16(input);
+            return new NewSessionTicket(ticketLifetimeHint, ticket);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/OcspStatusRequest.cs b/bc-sharp-crypto/src/crypto/tls/OcspStatusRequest.cs
new file mode 100644
index 0000000..d9203a3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/OcspStatusRequest.cs
@@ -0,0 +1,131 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 3546 3.6
+     */
+    public class OcspStatusRequest
+    {
+        protected readonly IList mResponderIDList;
+        protected readonly X509Extensions mRequestExtensions;
+
+        /**
+         * @param responderIDList
+         *            an {@link IList} of {@link ResponderID}, specifying the list of trusted OCSP
+         *            responders. An empty list has the special meaning that the responders are
+         *            implicitly known to the server - e.g., by prior arrangement.
+         * @param requestExtensions
+         *            OCSP request extensions. A null value means that there are no extensions.
+         */
+        public OcspStatusRequest(IList responderIDList, X509Extensions requestExtensions)
+        {
+            this.mResponderIDList = responderIDList;
+            this.mRequestExtensions = requestExtensions;
+        }
+
+        /**
+         * @return an {@link IList} of {@link ResponderID}
+         */
+        public virtual IList ResponderIDList
+        {
+            get { return mResponderIDList; }
+        }
+
+        /**
+         * @return OCSP request extensions
+         */
+        public virtual X509Extensions RequestExtensions
+        {
+            get { return mRequestExtensions; }
+        }
+
+        /**
+         * Encode this {@link OcspStatusRequest} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            if (mResponderIDList == null || mResponderIDList.Count < 1)
+            {
+                TlsUtilities.WriteUint16(0, output);
+            }
+            else
+            {
+                MemoryStream buf = new MemoryStream();
+                for (int i = 0; i < mResponderIDList.Count; ++i)
+                {
+                    ResponderID responderID = (ResponderID)mResponderIDList[i];
+                    byte[] derEncoding = responderID.GetEncoded(Asn1Encodable.Der);
+                    TlsUtilities.WriteOpaque16(derEncoding, buf);
+                }
+                TlsUtilities.CheckUint16(buf.Length);
+                TlsUtilities.WriteUint16((int)buf.Length, output);
+                Streams.WriteBufTo(buf, output);
+            }
+
+            if (mRequestExtensions == null)
+            {
+                TlsUtilities.WriteUint16(0, output);
+            }
+            else
+            {
+                byte[] derEncoding = mRequestExtensions.GetEncoded(Asn1Encodable.Der);
+                TlsUtilities.CheckUint16(derEncoding.Length);
+                TlsUtilities.WriteUint16(derEncoding.Length, output);
+                output.Write(derEncoding, 0, derEncoding.Length);
+            }
+        }
+
+        /**
+         * Parse a {@link OcspStatusRequest} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return an {@link OcspStatusRequest} object.
+         * @throws IOException
+         */
+        public static OcspStatusRequest Parse(Stream input)
+        {
+            IList responderIDList = Platform.CreateArrayList();
+            {
+                int length = TlsUtilities.ReadUint16(input);
+                if (length > 0)
+                {
+                    byte[] data = TlsUtilities.ReadFully(length, input);
+                    MemoryStream buf = new MemoryStream(data, false);
+                    do
+                    {
+                        byte[] derEncoding = TlsUtilities.ReadOpaque16(buf);
+                        ResponderID responderID = ResponderID.GetInstance(TlsUtilities.ReadDerObject(derEncoding));
+                        responderIDList.Add(responderID);
+                    }
+                    while (buf.Position < buf.Length);
+                }
+            }
+
+            X509Extensions requestExtensions = null;
+            {
+                int length = TlsUtilities.ReadUint16(input);
+                if (length > 0)
+                {
+                    byte[] derEncoding = TlsUtilities.ReadFully(length, input);
+                    requestExtensions = X509Extensions.GetInstance(TlsUtilities.ReadDerObject(derEncoding));
+                }
+            }
+
+            return new OcspStatusRequest(responderIDList, requestExtensions);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/PrfAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/PrfAlgorithm.cs
new file mode 100644
index 0000000..871241b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/PrfAlgorithm.cs
@@ -0,0 +1,24 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 5246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class PrfAlgorithm
+    {
+        /*
+         * Placeholder to refer to the legacy TLS algorithm
+         */
+        public const int tls_prf_legacy = 0;
+
+        public const int tls_prf_sha256 = 1;
+
+        /*
+         * Implied by RFC 5288
+         */
+        public const int tls_prf_sha384 = 2;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ProtocolVersion.cs b/bc-sharp-crypto/src/crypto/tls/ProtocolVersion.cs
new file mode 100644
index 0000000..b0d5518
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ProtocolVersion.cs
@@ -0,0 +1,159 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public sealed class ProtocolVersion
+    {
+        public static readonly ProtocolVersion SSLv3 = new ProtocolVersion(0x0300, "SSL 3.0");
+        public static readonly ProtocolVersion TLSv10 = new ProtocolVersion(0x0301, "TLS 1.0");
+        public static readonly ProtocolVersion TLSv11 = new ProtocolVersion(0x0302, "TLS 1.1");
+        public static readonly ProtocolVersion TLSv12 = new ProtocolVersion(0x0303, "TLS 1.2");
+        public static readonly ProtocolVersion DTLSv10 = new ProtocolVersion(0xFEFF, "DTLS 1.0");
+        public static readonly ProtocolVersion DTLSv12 = new ProtocolVersion(0xFEFD, "DTLS 1.2");
+
+        private readonly int version;
+        private readonly String name;
+
+        private ProtocolVersion(int v, String name)
+        {
+            this.version = v & 0xffff;
+            this.name = name;
+        }
+
+        public int FullVersion
+        {
+            get { return version; }
+        }
+
+        public int MajorVersion
+        {
+            get { return version >> 8; }
+        }
+
+        public int MinorVersion
+        {
+            get { return version & 0xff; }
+        }
+
+        public bool IsDtls
+        {
+            get { return MajorVersion == 0xFE; }
+        }
+
+        public bool IsSsl
+        {
+            get { return this == SSLv3; }
+        }
+
+        public bool IsTls
+        {
+            get { return MajorVersion == 0x03; }
+        }
+
+        public ProtocolVersion GetEquivalentTLSVersion()
+        {
+            if (!IsDtls)
+            {
+                return this;
+            }
+            if (this == DTLSv10)
+            {
+                return TLSv11;
+            }
+            return TLSv12;
+        }
+
+        public bool IsEqualOrEarlierVersionOf(ProtocolVersion version)
+        {
+            if (MajorVersion != version.MajorVersion)
+            {
+                return false;
+            }
+            int diffMinorVersion = version.MinorVersion - MinorVersion;
+            return IsDtls ? diffMinorVersion <= 0 : diffMinorVersion >= 0;
+        }
+
+        public bool IsLaterVersionOf(ProtocolVersion version)
+        {
+            if (MajorVersion != version.MajorVersion)
+            {
+                return false;
+            }
+            int diffMinorVersion = version.MinorVersion - MinorVersion;
+            return IsDtls ? diffMinorVersion > 0 : diffMinorVersion < 0;
+        }
+
+        public override bool Equals(object other)
+        {
+            return this == other || (other is ProtocolVersion && Equals((ProtocolVersion)other));
+        }
+
+        public bool Equals(ProtocolVersion other)
+        {
+            return other != null && this.version == other.version;
+        }
+
+        public override int GetHashCode()
+        {
+            return version;
+        }
+
+        /// <exception cref="IOException"/>
+        public static ProtocolVersion Get(int major, int minor)
+        {
+            switch (major)
+            {
+                case 0x03:
+                {
+                    switch (minor)
+                    {
+                        case 0x00:
+                            return SSLv3;
+                        case 0x01:
+                            return TLSv10;
+                        case 0x02:
+                            return TLSv11;
+                        case 0x03:
+                            return TLSv12;
+                    }
+                    return GetUnknownVersion(major, minor, "TLS");
+                }
+                case 0xFE:
+                {
+                    switch (minor)
+                    {
+                        case 0xFF:
+                            return DTLSv10;
+                        case 0xFE:
+                            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                        case 0xFD:
+                            return DTLSv12;
+                    }
+                    return GetUnknownVersion(major, minor, "DTLS");
+                }
+                default:
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+        }
+
+        public override string ToString()
+        {
+            return name;
+        }
+
+        private static ProtocolVersion GetUnknownVersion(int major, int minor, string prefix)
+        {
+            TlsUtilities.CheckUint8(major);
+            TlsUtilities.CheckUint8(minor);
+
+            int v = (major << 8) | minor;
+            String hex = Platform.ToUpperInvariant(Convert.ToString(0x10000 | v, 16).Substring(1));
+            return new ProtocolVersion(v, prefix + " 0x" + hex);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/PskTlsClient.cs b/bc-sharp-crypto/src/crypto/tls/PskTlsClient.cs
new file mode 100644
index 0000000..2ef80dc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/PskTlsClient.cs
@@ -0,0 +1,70 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class PskTlsClient
+        :   AbstractTlsClient
+    {
+        protected TlsPskIdentity mPskIdentity;
+
+        public PskTlsClient(TlsPskIdentity pskIdentity)
+            :   this(new DefaultTlsCipherFactory(), pskIdentity)
+        {
+        }
+
+        public PskTlsClient(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity)
+            :   base(cipherFactory)
+        {
+            this.mPskIdentity = pskIdentity;
+        }
+
+        public override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+            };
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.DHE_PSK:
+            case KeyExchangeAlgorithm.ECDHE_PSK:
+            case KeyExchangeAlgorithm.PSK:
+            case KeyExchangeAlgorithm.RSA_PSK:
+                return CreatePskKeyExchange(keyExchangeAlgorithm);
+
+            default:
+                /*
+                    * Note: internal error here; the TlsProtocol implementation verifies that the
+                    * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                    * we now can't produce an implementation, we shouldn't have offered it!
+                    */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsAuthentication GetAuthentication()
+        {
+            /*
+             * Note: This method is not called unless a server certificate is sent, which may be the
+             * case e.g. for RSA_PSK key exchange.
+             */
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsKeyExchange CreatePskKeyExchange(int keyExchange)
+        {
+            return new TlsPskKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mPskIdentity, null, null, mNamedCurves,
+                mClientECPointFormats, mServerECPointFormats);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/PskTlsServer.cs b/bc-sharp-crypto/src/crypto/tls/PskTlsServer.cs
new file mode 100644
index 0000000..b0fb67c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/PskTlsServer.cs
@@ -0,0 +1,93 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class PskTlsServer
+        :   AbstractTlsServer
+    {
+        protected TlsPskIdentityManager mPskIdentityManager;
+
+        public PskTlsServer(TlsPskIdentityManager pskIdentityManager)
+            :   this(new DefaultTlsCipherFactory(), pskIdentityManager)
+        {
+        }
+
+        public PskTlsServer(TlsCipherFactory cipherFactory, TlsPskIdentityManager pskIdentityManager)
+            :   base(cipherFactory)
+        {
+            this.mPskIdentityManager = pskIdentityManager;
+        }
+
+        protected virtual TlsEncryptionCredentials GetRsaEncryptionCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual DHParameters GetDHParameters()
+        {
+            return DHStandardGroups.rfc7919_ffdhe2048;
+        }
+
+        protected override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
+                CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+            };
+        }
+
+        public override TlsCredentials GetCredentials()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+                case KeyExchangeAlgorithm.DHE_PSK:
+                case KeyExchangeAlgorithm.ECDHE_PSK:
+                case KeyExchangeAlgorithm.PSK:
+                    return null;
+
+                case KeyExchangeAlgorithm.RSA_PSK:
+                    return GetRsaEncryptionCredentials();
+
+                default:
+                    /* Note: internal error here; selected a key exchange we don't implement! */
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+                case KeyExchangeAlgorithm.DHE_PSK:
+                case KeyExchangeAlgorithm.ECDHE_PSK:
+                case KeyExchangeAlgorithm.PSK:
+                case KeyExchangeAlgorithm.RSA_PSK:
+                    return CreatePskKeyExchange(keyExchangeAlgorithm);
+
+                default:
+                    /*
+                     * Note: internal error here; the TlsProtocol implementation verifies that the
+                     * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                     * we now can't produce an implementation, we shouldn't have offered it!
+                     */
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        protected virtual TlsKeyExchange CreatePskKeyExchange(int keyExchange)
+        {
+            return new TlsPskKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null, mPskIdentityManager,
+                GetDHParameters(), mNamedCurves, mClientECPointFormats, mServerECPointFormats);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/RecordStream.cs b/bc-sharp-crypto/src/crypto/tls/RecordStream.cs
new file mode 100644
index 0000000..5d556ad
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/RecordStream.cs
@@ -0,0 +1,412 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>An implementation of the TLS 1.0/1.1/1.2 record layer, allowing downgrade to SSLv3.</summary>
+    internal class RecordStream
+    {
+        private const int DEFAULT_PLAINTEXT_LIMIT = (1 << 14);
+
+        internal const int TLS_HEADER_SIZE = 5;
+        internal const int TLS_HEADER_TYPE_OFFSET = 0;
+        internal const int TLS_HEADER_VERSION_OFFSET = 1;
+        internal const int TLS_HEADER_LENGTH_OFFSET = 3;
+
+        private TlsProtocol mHandler;
+        private Stream mInput;
+        private Stream mOutput;
+        private TlsCompression mPendingCompression = null, mReadCompression = null, mWriteCompression = null;
+        private TlsCipher mPendingCipher = null, mReadCipher = null, mWriteCipher = null;
+        private SequenceNumber mReadSeqNo = new SequenceNumber(), mWriteSeqNo = new SequenceNumber();
+        private MemoryStream mBuffer = new MemoryStream();
+
+        private TlsHandshakeHash mHandshakeHash = null;
+        private readonly BaseOutputStream mHandshakeHashUpdater;
+
+        private ProtocolVersion mReadVersion = null, mWriteVersion = null;
+        private bool mRestrictReadVersion = true;
+
+        private int mPlaintextLimit, mCompressedLimit, mCiphertextLimit;
+
+        internal RecordStream(TlsProtocol handler, Stream input, Stream output)
+        {
+            this.mHandler = handler;
+            this.mInput = input;
+            this.mOutput = output;
+            this.mReadCompression = new TlsNullCompression();
+            this.mWriteCompression = this.mReadCompression;
+            this.mHandshakeHashUpdater = new HandshakeHashUpdateStream(this);
+        }
+
+        internal virtual void Init(TlsContext context)
+        {
+            this.mReadCipher = new TlsNullCipher(context);
+            this.mWriteCipher = this.mReadCipher;
+            this.mHandshakeHash = new DeferredHash();
+            this.mHandshakeHash.Init(context);
+
+            SetPlaintextLimit(DEFAULT_PLAINTEXT_LIMIT);
+        }
+
+        internal virtual int GetPlaintextLimit()
+        {
+            return mPlaintextLimit;
+        }
+
+        internal virtual void SetPlaintextLimit(int plaintextLimit)
+        {
+            this.mPlaintextLimit = plaintextLimit;
+            this.mCompressedLimit = this.mPlaintextLimit + 1024;
+            this.mCiphertextLimit = this.mCompressedLimit + 1024;
+        }
+
+        internal virtual ProtocolVersion ReadVersion
+        {
+            get { return mReadVersion; }
+            set { this.mReadVersion = value; }
+        }
+
+        internal virtual void SetWriteVersion(ProtocolVersion writeVersion)
+        {
+            this.mWriteVersion = writeVersion;
+        }
+
+        /**
+         * RFC 5246 E.1. "Earlier versions of the TLS specification were not fully clear on what the
+         * record layer version number (TLSPlaintext.version) should contain when sending ClientHello
+         * (i.e., before it is known which version of the protocol will be employed). Thus, TLS servers
+         * compliant with this specification MUST accept any value {03,XX} as the record layer version
+         * number for ClientHello."
+         */
+        internal virtual void SetRestrictReadVersion(bool enabled)
+        {
+            this.mRestrictReadVersion = enabled;
+        }
+
+        internal virtual void SetPendingConnectionState(TlsCompression tlsCompression, TlsCipher tlsCipher)
+        {
+            this.mPendingCompression = tlsCompression;
+            this.mPendingCipher = tlsCipher;
+        }
+
+        internal virtual void SentWriteCipherSpec()
+        {
+            if (mPendingCompression == null || mPendingCipher == null)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            this.mWriteCompression = this.mPendingCompression;
+            this.mWriteCipher = this.mPendingCipher;
+            this.mWriteSeqNo = new SequenceNumber();
+        }
+
+        internal virtual void ReceivedReadCipherSpec()
+        {
+            if (mPendingCompression == null || mPendingCipher == null)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            this.mReadCompression = this.mPendingCompression;
+            this.mReadCipher = this.mPendingCipher;
+            this.mReadSeqNo = new SequenceNumber();
+        }
+
+        internal virtual void FinaliseHandshake()
+        {
+            if (mReadCompression != mPendingCompression || mWriteCompression != mPendingCompression
+                || mReadCipher != mPendingCipher || mWriteCipher != mPendingCipher)
+            {
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+            }
+            this.mPendingCompression = null;
+            this.mPendingCipher = null;
+        }
+
+        internal virtual void CheckRecordHeader(byte[] recordHeader)
+        {
+            byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
+
+            /*
+             * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
+             * unexpected_message alert.
+             */
+            CheckType(type, AlertDescription.unexpected_message);
+
+            if (!mRestrictReadVersion)
+            {
+                int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
+                if ((version & 0xffffff00) != 0x0300)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            else
+            {
+                ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
+                if (mReadVersion == null)
+                {
+                    // Will be set later in 'readRecord'
+                }
+                else if (!version.Equals(mReadVersion))
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+
+            int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
+
+            CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow);
+        }
+
+        internal virtual bool ReadRecord()
+        {
+            byte[] recordHeader = TlsUtilities.ReadAllOrNothing(TLS_HEADER_SIZE, mInput);
+            if (recordHeader == null)
+                return false;
+
+            byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
+
+            /*
+             * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
+             * unexpected_message alert.
+             */
+            CheckType(type, AlertDescription.unexpected_message);
+
+            if (!mRestrictReadVersion)
+            {
+                int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
+                if ((version & 0xffffff00) != 0x0300)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            else
+            {
+                ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
+                if (mReadVersion == null)
+                {
+                    mReadVersion = version;
+                }
+                else if (!version.Equals(mReadVersion))
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+
+            int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
+
+            CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow);
+
+            byte[] plaintext = DecodeAndVerify(type, mInput, length);
+            mHandler.ProcessRecord(type, plaintext, 0, plaintext.Length);
+            return true;
+        }
+
+        internal virtual byte[] DecodeAndVerify(byte type, Stream input, int len)
+        {
+            byte[] buf = TlsUtilities.ReadFully(len, input);
+
+            long seqNo = mReadSeqNo.NextValue(AlertDescription.unexpected_message);
+            byte[] decoded = mReadCipher.DecodeCiphertext(seqNo, type, buf, 0, buf.Length);
+
+            CheckLength(decoded.Length, mCompressedLimit, AlertDescription.record_overflow);
+
+            /*
+             * TODO 5246 6.2.2. Implementation note: Decompression functions are responsible for
+             * ensuring that messages cannot cause internal buffer overflows.
+             */
+            Stream cOut = mReadCompression.Decompress(mBuffer);
+            if (cOut != mBuffer)
+            {
+                cOut.Write(decoded, 0, decoded.Length);
+                cOut.Flush();
+                decoded = GetBufferContents();
+            }
+
+            /*
+             * RFC 5246 6.2.2. If the decompression function encounters a TLSCompressed.fragment that
+             * would decompress to a length in excess of 2^14 bytes, it should report a fatal
+             * decompression failure error.
+             */
+            CheckLength(decoded.Length, mPlaintextLimit, AlertDescription.decompression_failure);
+
+            /*
+             * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
+             * or ChangeCipherSpec content types.
+             */
+            if (decoded.Length < 1 && type != ContentType.application_data)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return decoded;
+        }
+
+        internal virtual void WriteRecord(byte type, byte[] plaintext, int plaintextOffset, int plaintextLength)
+        {
+            // Never send anything until a valid ClientHello has been received
+            if (mWriteVersion == null)
+                return;
+
+            /*
+             * RFC 5246 6. Implementations MUST NOT send record types not defined in this document
+             * unless negotiated by some extension.
+             */
+            CheckType(type, AlertDescription.internal_error);
+
+            /*
+             * RFC 5246 6.2.1 The length should not exceed 2^14.
+             */
+            CheckLength(plaintextLength, mPlaintextLimit, AlertDescription.internal_error);
+
+            /*
+             * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
+             * or ChangeCipherSpec content types.
+             */
+            if (plaintextLength < 1 && type != ContentType.application_data)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            Stream cOut = mWriteCompression.Compress(mBuffer);
+
+            long seqNo = mWriteSeqNo.NextValue(AlertDescription.internal_error);
+
+            byte[] ciphertext;
+            if (cOut == mBuffer)
+            {
+                ciphertext = mWriteCipher.EncodePlaintext(seqNo, type, plaintext, plaintextOffset, plaintextLength);
+            }
+            else
+            {
+                cOut.Write(plaintext, plaintextOffset, plaintextLength);
+                cOut.Flush();
+                byte[] compressed = GetBufferContents();
+
+                /*
+                 * RFC 5246 6.2.2. Compression must be lossless and may not increase the content length
+                 * by more than 1024 bytes.
+                 */
+                CheckLength(compressed.Length, plaintextLength + 1024, AlertDescription.internal_error);
+
+                ciphertext = mWriteCipher.EncodePlaintext(seqNo, type, compressed, 0, compressed.Length);
+            }
+
+            /*
+             * RFC 5246 6.2.3. The length may not exceed 2^14 + 2048.
+             */
+            CheckLength(ciphertext.Length, mCiphertextLimit, AlertDescription.internal_error);
+
+            byte[] record = new byte[ciphertext.Length + TLS_HEADER_SIZE];
+            TlsUtilities.WriteUint8(type, record, TLS_HEADER_TYPE_OFFSET);
+            TlsUtilities.WriteVersion(mWriteVersion, record, TLS_HEADER_VERSION_OFFSET);
+            TlsUtilities.WriteUint16(ciphertext.Length, record, TLS_HEADER_LENGTH_OFFSET);
+            Array.Copy(ciphertext, 0, record, TLS_HEADER_SIZE, ciphertext.Length);
+            mOutput.Write(record, 0, record.Length);
+            mOutput.Flush();
+        }
+
+        internal virtual void NotifyHelloComplete()
+        {
+            this.mHandshakeHash = mHandshakeHash.NotifyPrfDetermined();
+        }
+
+        internal virtual TlsHandshakeHash HandshakeHash
+        {
+            get { return mHandshakeHash; }
+        }
+
+        internal virtual Stream HandshakeHashUpdater
+        {
+            get { return mHandshakeHashUpdater; }
+        }
+
+        internal virtual TlsHandshakeHash PrepareToFinish()
+        {
+            TlsHandshakeHash result = mHandshakeHash;
+            this.mHandshakeHash = mHandshakeHash.StopTracking();
+            return result;
+        }
+
+        internal virtual void SafeClose()
+        {
+            try
+            {
+                Platform.Dispose(mInput);
+            }
+            catch (IOException)
+            {
+            }
+
+            try
+            {
+                Platform.Dispose(mOutput);
+            }
+            catch (IOException)
+            {
+            }
+        }
+
+        internal virtual void Flush()
+        {
+            mOutput.Flush();
+        }
+
+        private byte[] GetBufferContents()
+        {
+            byte[] contents = mBuffer.ToArray();
+            mBuffer.SetLength(0);
+            return contents;
+        }
+
+        private static void CheckType(byte type, byte alertDescription)
+        {
+            switch (type)
+            {
+            case ContentType.application_data:
+            case ContentType.alert:
+            case ContentType.change_cipher_spec:
+            case ContentType.handshake:
+            //case ContentType.heartbeat:
+                break;
+            default:
+                throw new TlsFatalAlert(alertDescription);
+            }
+        }
+
+        private static void CheckLength(int length, int limit, byte alertDescription)
+        {
+            if (length > limit)
+                throw new TlsFatalAlert(alertDescription);
+        }
+
+        private class HandshakeHashUpdateStream
+            : BaseOutputStream
+        {
+            private readonly RecordStream mOuter;
+            public HandshakeHashUpdateStream(RecordStream mOuter)
+            {
+                this.mOuter = mOuter;
+            }
+
+            public override void Write(byte[] buf, int off, int len)
+            {
+                mOuter.mHandshakeHash.BlockUpdate(buf, off, len);
+            }
+        }
+
+        private class SequenceNumber
+        {
+            private long value = 0L;
+            private bool exhausted = false;
+
+            internal long NextValue(byte alertDescription)
+            {
+                if (exhausted)
+                {
+                    throw new TlsFatalAlert(alertDescription);
+                }
+                long result = value;
+                if (++value == 0)
+                {
+                    exhausted = true;
+                }
+                return result;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SecurityParameters.cs b/bc-sharp-crypto/src/crypto/tls/SecurityParameters.cs
new file mode 100644
index 0000000..3b85158
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SecurityParameters.cs
@@ -0,0 +1,103 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class SecurityParameters
+    {
+        internal int entity = -1;
+        internal int cipherSuite = -1;
+        internal byte compressionAlgorithm = CompressionMethod.cls_null;
+        internal int prfAlgorithm = -1;
+        internal int verifyDataLength = -1;
+        internal byte[] masterSecret = null;
+        internal byte[] clientRandom = null;
+        internal byte[] serverRandom = null;
+        internal byte[] sessionHash = null;
+        internal byte[] pskIdentity = null;
+        internal byte[] srpIdentity = null;
+
+        // TODO Keep these internal, since it's maybe not the ideal place for them
+        internal short maxFragmentLength = -1;
+        internal bool truncatedHMac = false;
+        internal bool encryptThenMac = false;
+        internal bool extendedMasterSecret = false;
+
+        internal virtual void Clear()
+        {
+            if (this.masterSecret != null)
+            {
+                Arrays.Fill(this.masterSecret, (byte)0);
+                this.masterSecret = null;
+            }
+        }
+
+        /**
+         * @return {@link ConnectionEnd}
+         */
+        public virtual int Entity
+        {
+            get { return entity; }
+        }
+
+        /**
+         * @return {@link CipherSuite}
+         */
+        public virtual int CipherSuite
+        {
+            get { return cipherSuite; }
+        }
+
+        /**
+         * @return {@link CompressionMethod}
+         */
+        public byte CompressionAlgorithm
+        {
+            get { return compressionAlgorithm; }
+        }
+
+        /**
+         * @return {@link PRFAlgorithm}
+         */
+        public virtual int PrfAlgorithm
+        {
+            get { return prfAlgorithm; }
+        }
+
+        public virtual int VerifyDataLength
+        {
+            get { return verifyDataLength; }
+        }
+
+        public virtual byte[] MasterSecret
+        {
+            get { return masterSecret; }
+        }
+
+        public virtual byte[] ClientRandom
+        {
+            get { return clientRandom; }
+        }
+
+        public virtual byte[] ServerRandom
+        {
+            get { return serverRandom; }
+        }
+
+        public virtual byte[] SessionHash
+        {
+            get { return sessionHash; }
+        }
+
+        public virtual byte[] PskIdentity
+        {
+            get { return pskIdentity; }
+        }
+
+        public virtual byte[] SrpIdentity
+        {
+            get { return srpIdentity; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ServerDHParams.cs b/bc-sharp-crypto/src/crypto/tls/ServerDHParams.cs
new file mode 100644
index 0000000..b092627
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ServerDHParams.cs
@@ -0,0 +1,61 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class ServerDHParams
+    {
+        protected readonly DHPublicKeyParameters mPublicKey;
+
+        public ServerDHParams(DHPublicKeyParameters publicKey)
+        {
+            if (publicKey == null)
+                throw new ArgumentNullException("publicKey");
+
+            this.mPublicKey = publicKey;
+        }
+
+        public virtual DHPublicKeyParameters PublicKey
+        {
+            get { return mPublicKey; }
+        }
+
+        /**
+         * Encode this {@link ServerDHParams} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            DHParameters dhParameters = mPublicKey.Parameters;
+            BigInteger Ys = mPublicKey.Y;
+
+            TlsDHUtilities.WriteDHParameter(dhParameters.P, output);
+            TlsDHUtilities.WriteDHParameter(dhParameters.G, output);
+            TlsDHUtilities.WriteDHParameter(Ys, output);
+        }
+
+        /**
+         * Parse a {@link ServerDHParams} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link ServerDHParams} object.
+         * @throws IOException
+         */
+        public static ServerDHParams Parse(Stream input)
+        {
+            BigInteger p = TlsDHUtilities.ReadDHParameter(input);
+            BigInteger g = TlsDHUtilities.ReadDHParameter(input);
+            BigInteger Ys = TlsDHUtilities.ReadDHParameter(input);
+
+            return new ServerDHParams(
+                TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Ys, new DHParameters(p, g))));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ServerName.cs b/bc-sharp-crypto/src/crypto/tls/ServerName.cs
new file mode 100644
index 0000000..508c2dd
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ServerName.cs
@@ -0,0 +1,105 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class ServerName
+    {
+        protected readonly byte mNameType;
+        protected readonly object mName;
+
+        public ServerName(byte nameType, object name)
+        {
+            if (!IsCorrectType(nameType, name))
+                throw new ArgumentException("not an instance of the correct type", "name");
+
+            this.mNameType = nameType;
+            this.mName = name;
+        }
+
+        public virtual byte NameType
+        {
+            get { return mNameType; }
+        }
+
+        public virtual object Name
+        {
+            get { return mName; }
+        }
+
+        public virtual string GetHostName()
+        {
+            if (!IsCorrectType(Tls.NameType.host_name, mName))
+                throw new InvalidOperationException("'name' is not a HostName string");
+
+            return (string)mName;
+        }
+
+        /**
+         * Encode this {@link ServerName} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(mNameType, output);
+
+            switch (mNameType)
+            {
+            case Tls.NameType.host_name:
+                byte[] asciiEncoding = Strings.ToAsciiByteArray((string)mName);
+                if (asciiEncoding.Length < 1)
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+                TlsUtilities.WriteOpaque16(asciiEncoding, output);
+                break;
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        /**
+         * Parse a {@link ServerName} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link ServerName} object.
+         * @throws IOException
+         */
+        public static ServerName Parse(Stream input)
+        {
+            byte name_type = TlsUtilities.ReadUint8(input);
+            object name;
+
+            switch (name_type)
+            {
+            case Tls.NameType.host_name:
+            {
+                byte[] asciiEncoding = TlsUtilities.ReadOpaque16(input);
+                if (asciiEncoding.Length < 1)
+                    throw new TlsFatalAlert(AlertDescription.decode_error);
+                name = Strings.FromAsciiByteArray(asciiEncoding);
+                break;
+            }
+            default:
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            }
+
+            return new ServerName(name_type, name);
+        }
+
+        protected static bool IsCorrectType(byte nameType, object name)
+        {
+            switch (nameType)
+            {
+            case Tls.NameType.host_name:
+                return name is string;
+            default:
+                throw new ArgumentException("unsupported value", "name");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ServerNameList.cs b/bc-sharp-crypto/src/crypto/tls/ServerNameList.cs
new file mode 100644
index 0000000..ed4e593
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ServerNameList.cs
@@ -0,0 +1,105 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class ServerNameList
+    {
+        protected readonly IList mServerNameList;
+
+        /**
+         * @param serverNameList an {@link IList} of {@link ServerName}.
+         */
+        public ServerNameList(IList serverNameList)
+        {
+            if (serverNameList == null)
+                throw new ArgumentNullException("serverNameList");
+
+            this.mServerNameList = serverNameList;
+        }
+
+        /**
+         * @return an {@link IList} of {@link ServerName}.
+         */
+        public virtual IList ServerNames
+        {
+            get { return mServerNameList; }
+        }
+
+        /**
+         * Encode this {@link ServerNameList} to a {@link Stream}.
+         * 
+         * @param output
+         *            the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            MemoryStream buf = new MemoryStream();
+
+            byte[] nameTypesSeen = TlsUtilities.EmptyBytes;
+            foreach (ServerName entry in ServerNames)
+            {
+                nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType);
+                if (nameTypesSeen == null)
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                entry.Encode(buf);
+            }
+
+            TlsUtilities.CheckUint16(buf.Length);
+            TlsUtilities.WriteUint16((int)buf.Length, output);
+            Streams.WriteBufTo(buf, output);
+        }
+
+        /**
+         * Parse a {@link ServerNameList} from a {@link Stream}.
+         * 
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link ServerNameList} object.
+         * @throws IOException
+         */
+        public static ServerNameList Parse(Stream input)
+        {
+            int length = TlsUtilities.ReadUint16(input);
+            if (length < 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            byte[] data = TlsUtilities.ReadFully(length, input);
+
+            MemoryStream buf = new MemoryStream(data, false);
+
+            byte[] nameTypesSeen = TlsUtilities.EmptyBytes;
+            IList server_name_list = Platform.CreateArrayList();
+            while (buf.Position < buf.Length)
+            {
+                ServerName entry = ServerName.Parse(buf);
+
+                nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType);
+                if (nameTypesSeen == null)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                server_name_list.Add(entry);
+            }
+
+            return new ServerNameList(server_name_list);
+        }
+
+        private static byte[] CheckNameType(byte[] nameTypesSeen, byte nameType)
+        {
+            /*
+             * RFC 6066 3. The ServerNameList MUST NOT contain more than one name of the same
+             * name_type.
+             */
+            if (!NameType.IsValid(nameType) || Arrays.Contains(nameTypesSeen, nameType))
+                return null;
+
+            return Arrays.Append(nameTypesSeen, nameType);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs b/bc-sharp-crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs
new file mode 100644
index 0000000..4858897
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ServerOnlyTlsAuthentication
+        :   TlsAuthentication
+    {
+        public abstract void NotifyServerCertificate(Certificate serverCertificate);
+
+        public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest)
+        {
+            return null;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/ServerSrpParams.cs b/bc-sharp-crypto/src/crypto/tls/ServerSrpParams.cs
new file mode 100644
index 0000000..556ac53
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/ServerSrpParams.cs
@@ -0,0 +1,75 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class ServerSrpParams
+    {
+        protected BigInteger m_N, m_g, m_B;
+        protected byte[] m_s;
+
+        public ServerSrpParams(BigInteger N, BigInteger g, byte[] s, BigInteger B)
+        {
+            this.m_N = N;
+            this.m_g = g;
+            this.m_s = Arrays.Clone(s);
+            this.m_B = B;
+        }
+
+        public virtual BigInteger B
+        {
+            get { return m_B; }
+        }
+
+        public virtual BigInteger G
+        {
+            get { return m_g; }
+        }
+
+        public virtual BigInteger N
+        {
+            get { return m_N; }
+        }
+
+        public virtual byte[] S
+        {
+            get { return m_s; }
+        }
+
+        /**
+         * Encode this {@link ServerSRPParams} to an {@link OutputStream}.
+         * 
+         * @param output
+         *            the {@link OutputStream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsSrpUtilities.WriteSrpParameter(m_N, output);
+            TlsSrpUtilities.WriteSrpParameter(m_g, output);
+            TlsUtilities.WriteOpaque8(m_s, output);
+            TlsSrpUtilities.WriteSrpParameter(m_B, output);
+        }
+
+        /**
+         * Parse a {@link ServerSRPParams} from an {@link InputStream}.
+         * 
+         * @param input
+         *            the {@link InputStream} to parse from.
+         * @return a {@link ServerSRPParams} object.
+         * @throws IOException
+         */
+        public static ServerSrpParams Parse(Stream input)
+        {
+            BigInteger N = TlsSrpUtilities.ReadSrpParameter(input);
+            BigInteger g = TlsSrpUtilities.ReadSrpParameter(input);
+            byte[] s = TlsUtilities.ReadOpaque8(input);
+            BigInteger B = TlsSrpUtilities.ReadSrpParameter(input);
+
+            return new ServerSrpParams(N, g, s, B);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SessionParameters.cs b/bc-sharp-crypto/src/crypto/tls/SessionParameters.cs
new file mode 100644
index 0000000..a1eb5f2
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SessionParameters.cs
@@ -0,0 +1,165 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public sealed class SessionParameters
+    {
+        public sealed class Builder
+        {
+            private int mCipherSuite = -1;
+            private short mCompressionAlgorithm = -1;
+            private byte[] mMasterSecret = null;
+            private Certificate mPeerCertificate = null;
+            private byte[] mPskIdentity = null;
+            private byte[] mSrpIdentity = null;
+            private byte[] mEncodedServerExtensions = null;
+
+            public Builder()
+            {
+            }
+
+            public SessionParameters Build()
+            {
+                Validate(this.mCipherSuite >= 0, "cipherSuite");
+                Validate(this.mCompressionAlgorithm >= 0, "compressionAlgorithm");
+                Validate(this.mMasterSecret != null, "masterSecret");
+                return new SessionParameters(mCipherSuite, (byte)mCompressionAlgorithm, mMasterSecret, mPeerCertificate,
+                    mPskIdentity, mSrpIdentity, mEncodedServerExtensions);
+            }
+
+            public Builder SetCipherSuite(int cipherSuite)
+            {
+                this.mCipherSuite = cipherSuite;
+                return this;
+            }
+
+            public Builder SetCompressionAlgorithm(byte compressionAlgorithm)
+            {
+                this.mCompressionAlgorithm = compressionAlgorithm;
+                return this;
+            }
+
+            public Builder SetMasterSecret(byte[] masterSecret)
+            {
+                this.mMasterSecret = masterSecret;
+                return this;
+            }
+
+            public Builder SetPeerCertificate(Certificate peerCertificate)
+            {
+                this.mPeerCertificate = peerCertificate;
+                return this;
+            }
+
+            public Builder SetPskIdentity(byte[] pskIdentity)
+            {
+                this.mPskIdentity = pskIdentity;
+                return this;
+            }
+
+            public Builder SetSrpIdentity(byte[] srpIdentity)
+            {
+                this.mSrpIdentity = srpIdentity;
+                return this;
+            }
+
+            public Builder SetServerExtensions(IDictionary serverExtensions)
+            {
+                if (serverExtensions == null)
+                {
+                    mEncodedServerExtensions = null;
+                }
+                else
+                {
+                    MemoryStream buf = new MemoryStream();
+                    TlsProtocol.WriteExtensions(buf, serverExtensions);
+                    mEncodedServerExtensions = buf.ToArray();
+                }
+                return this;
+            }
+
+            private void Validate(bool condition, string parameter)
+            {
+                if (!condition)
+                    throw new InvalidOperationException("Required session parameter '" + parameter + "' not configured");
+            }
+        }
+
+        private int mCipherSuite;
+        private byte mCompressionAlgorithm;
+        private byte[] mMasterSecret;
+        private Certificate mPeerCertificate;
+        private byte[] mPskIdentity;
+        private byte[] mSrpIdentity;
+        private byte[] mEncodedServerExtensions;
+
+        private SessionParameters(int cipherSuite, byte compressionAlgorithm, byte[] masterSecret,
+            Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, byte[] encodedServerExtensions)
+        {
+            this.mCipherSuite = cipherSuite;
+            this.mCompressionAlgorithm = compressionAlgorithm;
+            this.mMasterSecret = Arrays.Clone(masterSecret);
+            this.mPeerCertificate = peerCertificate;
+            this.mPskIdentity = Arrays.Clone(pskIdentity);
+            this.mSrpIdentity = Arrays.Clone(srpIdentity);
+            this.mEncodedServerExtensions = encodedServerExtensions;
+        }
+
+        public void Clear()
+        {
+            if (this.mMasterSecret != null)
+            {
+                Arrays.Fill(this.mMasterSecret, (byte)0);
+            }
+        }
+
+        public SessionParameters Copy()
+        {
+            return new SessionParameters(mCipherSuite, mCompressionAlgorithm, mMasterSecret, mPeerCertificate,
+                mPskIdentity, mSrpIdentity, mEncodedServerExtensions);
+        }
+
+        public int CipherSuite
+        {
+            get { return mCipherSuite; }
+        }
+
+        public byte CompressionAlgorithm
+        {
+            get { return mCompressionAlgorithm; }
+        }
+
+        public byte[] MasterSecret
+        {
+            get { return mMasterSecret; }
+        }
+
+        public Certificate PeerCertificate
+        {
+            get { return mPeerCertificate; }
+        }
+
+        public byte[] PskIdentity
+        {
+            get { return mPskIdentity; }
+        }
+
+        public byte[] SrpIdentity
+        {
+            get { return mSrpIdentity; }
+        }
+
+        public IDictionary ReadServerExtensions()
+        {
+            if (mEncodedServerExtensions == null)
+                return null;
+
+            MemoryStream buf = new MemoryStream(mEncodedServerExtensions, false);
+            return TlsProtocol.ReadExtensions(buf);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SignatureAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/SignatureAlgorithm.cs
new file mode 100644
index 0000000..35b9617
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SignatureAlgorithm.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned)
+     */
+    public abstract class SignatureAlgorithm
+    {
+        public const byte anonymous = 0;
+        public const byte rsa = 1;
+        public const byte dsa = 2;
+        public const byte ecdsa = 3;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs b/bc-sharp-crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs
new file mode 100644
index 0000000..f74205b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs
@@ -0,0 +1,94 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 5246 7.4.1.4.1
+     */
+    public class SignatureAndHashAlgorithm
+    {
+        protected readonly byte mHash;
+        protected readonly byte mSignature;
+
+        /**
+         * @param hash      {@link HashAlgorithm}
+         * @param signature {@link SignatureAlgorithm}
+         */
+        public SignatureAndHashAlgorithm(byte hash, byte signature)
+        {
+            if (!TlsUtilities.IsValidUint8(hash))
+            {
+                throw new ArgumentException("should be a uint8", "hash");
+            }
+            if (!TlsUtilities.IsValidUint8(signature))
+            {
+                throw new ArgumentException("should be a uint8", "signature");
+            }
+            if (signature == SignatureAlgorithm.anonymous)
+            {
+                throw new ArgumentException("MUST NOT be \"anonymous\"", "signature");
+            }
+
+            this.mHash = hash;
+            this.mSignature = signature;
+        }
+
+        /**
+         * @return {@link HashAlgorithm}
+         */
+        public virtual byte Hash
+        {
+            get { return mHash; }
+        }
+
+        /**
+         * @return {@link SignatureAlgorithm}
+         */
+        public virtual byte Signature
+        {
+            get { return mSignature; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            if (!(obj is SignatureAndHashAlgorithm))
+            {
+                return false;
+            }
+            SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj;
+            return other.Hash == Hash && other.Signature == Signature;
+        }
+
+        public override int GetHashCode()
+        {
+            return ((int)Hash << 16) | (int)Signature;
+        }
+
+        /**
+         * Encode this {@link SignatureAndHashAlgorithm} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            TlsUtilities.WriteUint8(Hash, output);
+            TlsUtilities.WriteUint8(Signature, output);
+        }
+
+        /**
+         * Parse a {@link SignatureAndHashAlgorithm} from a {@link Stream}.
+         *
+         * @param input the {@link Stream} to parse from.
+         * @return a {@link SignatureAndHashAlgorithm} object.
+         * @throws IOException
+         */
+        public static SignatureAndHashAlgorithm Parse(Stream input)
+        {
+            byte hash = TlsUtilities.ReadUint8(input);
+            byte signature = TlsUtilities.ReadUint8(input);
+            return new SignatureAndHashAlgorithm(hash, signature);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SignerInputBuffer.cs b/bc-sharp-crypto/src/crypto/tls/SignerInputBuffer.cs
new file mode 100644
index 0000000..7bc6962
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SignerInputBuffer.cs
@@ -0,0 +1,37 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class SignerInputBuffer
+        : MemoryStream
+    {
+        internal void UpdateSigner(ISigner s)
+        {
+            Streams.WriteBufTo(this, new SigStream(s));
+        }
+
+        private class SigStream
+            : BaseOutputStream
+        {
+            private readonly ISigner s;
+
+            internal SigStream(ISigner s)
+            {
+                this.s = s;
+            }
+
+            public override void WriteByte(byte b)
+            {
+                s.Update(b);
+            }
+
+            public override void Write(byte[] buf, int off, int len)
+            {
+                s.BlockUpdate(buf, off, len);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs b/bc-sharp-crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs
new file mode 100644
index 0000000..3e9737c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs
@@ -0,0 +1,69 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Agreement.Srp;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * An implementation of {@link TlsSRPIdentityManager} that simulates the existence of "unknown" identities
+     * to obscure the fact that there is no verifier for them. 
+     */
+    public class SimulatedTlsSrpIdentityManager
+        :   TlsSrpIdentityManager
+    {
+        private static readonly byte[] PREFIX_PASSWORD = Strings.ToByteArray("password");
+        private static readonly byte[] PREFIX_SALT = Strings.ToByteArray("salt");
+
+        /**
+         * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3
+         *
+         * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in
+         * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3
+         * @return an instance of {@link SimulatedTlsSRPIdentityManager}
+         */
+        public static SimulatedTlsSrpIdentityManager GetRfc5054Default(Srp6GroupParameters group, byte[] seedKey)
+        {
+            Srp6VerifierGenerator verifierGenerator = new Srp6VerifierGenerator();
+            verifierGenerator.Init(group, TlsUtilities.CreateHash(HashAlgorithm.sha1));
+
+            HMac mac = new HMac(TlsUtilities.CreateHash(HashAlgorithm.sha1));
+            mac.Init(new KeyParameter(seedKey));
+
+            return new SimulatedTlsSrpIdentityManager(group, verifierGenerator, mac);
+        }
+
+        protected readonly Srp6GroupParameters mGroup;
+        protected readonly Srp6VerifierGenerator mVerifierGenerator;
+        protected readonly IMac mMac;
+
+        public SimulatedTlsSrpIdentityManager(Srp6GroupParameters group, Srp6VerifierGenerator verifierGenerator, IMac mac)
+        {
+            this.mGroup = group;
+            this.mVerifierGenerator = verifierGenerator;
+            this.mMac = mac;
+        }
+
+        public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity)
+        {
+            mMac.BlockUpdate(PREFIX_SALT, 0, PREFIX_SALT.Length);
+            mMac.BlockUpdate(identity, 0, identity.Length);
+
+            byte[] salt = new byte[mMac.GetMacSize()];
+            mMac.DoFinal(salt, 0);
+
+            mMac.BlockUpdate(PREFIX_PASSWORD, 0, PREFIX_PASSWORD.Length);
+            mMac.BlockUpdate(identity, 0, identity.Length);
+
+            byte[] password = new byte[mMac.GetMacSize()];
+            mMac.DoFinal(password, 0);
+
+            BigInteger verifier = mVerifierGenerator.GenerateVerifier(salt, identity, password);
+
+            return new TlsSrpLoginParameters(mGroup, verifier, salt);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SrpTlsClient.cs b/bc-sharp-crypto/src/crypto/tls/SrpTlsClient.cs
new file mode 100644
index 0000000..df16077
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SrpTlsClient.cs
@@ -0,0 +1,104 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class SrpTlsClient
+        :   AbstractTlsClient
+    {
+        protected TlsSrpGroupVerifier mGroupVerifier;
+
+        protected byte[] mIdentity;
+        protected byte[] mPassword;
+
+        public SrpTlsClient(byte[] identity, byte[] password)
+            :   this(new DefaultTlsCipherFactory(), new DefaultTlsSrpGroupVerifier(), identity, password)
+        {
+        }
+
+        public SrpTlsClient(TlsCipherFactory cipherFactory, byte[] identity, byte[] password)
+            :   this(cipherFactory, new DefaultTlsSrpGroupVerifier(), identity, password)
+        {
+        }
+
+        public SrpTlsClient(TlsCipherFactory cipherFactory, TlsSrpGroupVerifier groupVerifier,
+            byte[] identity, byte[] password)
+            :   base(cipherFactory)
+        {
+            this.mGroupVerifier = groupVerifier;
+            this.mIdentity = Arrays.Clone(identity);
+            this.mPassword = Arrays.Clone(password);
+        }
+
+        protected virtual bool RequireSrpServerExtension
+        {
+            // No explicit guidance in RFC 5054; by default an (empty) extension from server is optional
+            get { return false; }
+        }
+
+        public override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
+            };
+        }
+
+        public override IDictionary GetClientExtensions()
+        {
+            IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions());
+            TlsSrpUtilities.AddSrpExtension(clientExtensions, this.mIdentity);
+            return clientExtensions;
+        }
+
+        public override void ProcessServerExtensions(IDictionary serverExtensions)
+        {
+            if (!TlsUtilities.HasExpectedEmptyExtensionData(serverExtensions, ExtensionType.srp,
+                AlertDescription.illegal_parameter))
+            {
+                if (RequireSrpServerExtension)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            base.ProcessServerExtensions(serverExtensions);
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.SRP:
+            case KeyExchangeAlgorithm.SRP_DSS:
+            case KeyExchangeAlgorithm.SRP_RSA:
+                return CreateSrpKeyExchange(keyExchangeAlgorithm);
+
+            default:
+                /*
+                 * Note: internal error here; the TlsProtocol implementation verifies that the
+                 * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                 * we now can't produce an implementation, we shouldn't have offered it!
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsAuthentication GetAuthentication()
+        {
+            /*
+             * Note: This method is not called unless a server certificate is sent, which may be the
+             * case e.g. for SRP_DSS or SRP_RSA key exchange.
+             */
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsKeyExchange CreateSrpKeyExchange(int keyExchange)
+        {
+            return new TlsSrpKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mGroupVerifier, mIdentity, mPassword);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SrpTlsServer.cs b/bc-sharp-crypto/src/crypto/tls/SrpTlsServer.cs
new file mode 100644
index 0000000..f978783
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SrpTlsServer.cs
@@ -0,0 +1,121 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class SrpTlsServer
+        :   AbstractTlsServer
+    {
+        protected TlsSrpIdentityManager mSrpIdentityManager;
+
+        protected byte[] mSrpIdentity = null;
+        protected TlsSrpLoginParameters mLoginParameters = null;
+
+        public SrpTlsServer(TlsSrpIdentityManager srpIdentityManager)
+            :   this(new DefaultTlsCipherFactory(), srpIdentityManager)
+        {
+        }
+
+        public SrpTlsServer(TlsCipherFactory cipherFactory, TlsSrpIdentityManager srpIdentityManager)
+            :   base(cipherFactory)
+        {
+            this.mSrpIdentityManager = srpIdentityManager;
+        }
+
+        protected virtual TlsSignerCredentials GetDsaSignerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual TlsSignerCredentials GetRsaSignerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected override int[] GetCipherSuites()
+        {
+            return new int[]
+            {
+                CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+                CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA,
+                CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA
+            };
+        }
+
+        public override void ProcessClientExtensions(IDictionary clientExtensions)
+        {
+            base.ProcessClientExtensions(clientExtensions);
+
+            this.mSrpIdentity = TlsSrpUtilities.GetSrpExtension(clientExtensions);
+        }
+
+        public override int GetSelectedCipherSuite()
+        {
+            int cipherSuite = base.GetSelectedCipherSuite();
+
+            if (TlsSrpUtilities.IsSrpCipherSuite(cipherSuite))
+            {
+                if (mSrpIdentity != null)
+                {
+                    this.mLoginParameters = mSrpIdentityManager.GetLoginParameters(mSrpIdentity);
+                }
+
+                if (mLoginParameters == null)
+                    throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);
+            }
+
+            return cipherSuite;
+        }
+
+        public override TlsCredentials GetCredentials()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+                case KeyExchangeAlgorithm.SRP:
+                    return null;
+
+                case KeyExchangeAlgorithm.SRP_DSS:
+                    return GetDsaSignerCredentials();
+
+                case KeyExchangeAlgorithm.SRP_RSA:
+                    return GetRsaSignerCredentials();
+
+                default:
+                    /* Note: internal error here; selected a key exchange we don't implement! */
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override TlsKeyExchange GetKeyExchange()
+        {
+            int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.SRP:
+            case KeyExchangeAlgorithm.SRP_DSS:
+            case KeyExchangeAlgorithm.SRP_RSA:
+                return CreateSrpKeyExchange(keyExchangeAlgorithm);
+
+            default:
+                /*
+                 * Note: internal error here; the TlsProtocol implementation verifies that the
+                 * server-selected cipher suite was in the list of client-offered cipher suites, so if
+                 * we now can't produce an implementation, we shouldn't have offered it!
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        protected virtual TlsKeyExchange CreateSrpKeyExchange(int keyExchange)
+        {
+            return new TlsSrpKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mSrpIdentity, mLoginParameters);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SrtpProtectionProfile.cs b/bc-sharp-crypto/src/crypto/tls/SrtpProtectionProfile.cs
new file mode 100644
index 0000000..6e9091b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SrtpProtectionProfile.cs
@@ -0,0 +1,21 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class SrtpProtectionProfile
+    {
+        /*
+         * RFC 5764 4.1.2.
+         */
+        public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001;
+        public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002;
+        public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005;
+        public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006;
+
+        /*
+         * RFC 7714 14.2.
+         */
+        public const int SRTP_AEAD_AES_128_GCM = 0x0007;
+        public const int SRTP_AEAD_AES_256_GCM = 0x0008;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/Ssl3Mac.cs b/bc-sharp-crypto/src/crypto/tls/Ssl3Mac.cs
new file mode 100644
index 0000000..8bdb342
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/Ssl3Mac.cs
@@ -0,0 +1,110 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * HMAC implementation based on original internet draft for HMAC (RFC 2104)
+     * 
+     * The difference is that padding is concatentated versus XORed with the key
+     * 
+     * H(K + opad, H(K + ipad, text))
+     */
+    public class Ssl3Mac
+        : IMac
+    {
+        private const byte IPAD_BYTE = 0x36;
+        private const byte OPAD_BYTE = 0x5C;
+
+        internal static readonly byte[] IPAD = GenPad(IPAD_BYTE, 48);
+        internal static readonly byte[] OPAD = GenPad(OPAD_BYTE, 48);
+
+        private readonly IDigest digest;
+        private readonly int padLength;
+
+        private byte[] secret;
+
+        /**
+         * Base constructor for one of the standard digest algorithms that the byteLength of
+         * the algorithm is know for. Behaviour is undefined for digests other than MD5 or SHA1.
+         * 
+         * @param digest the digest.
+         */
+        public Ssl3Mac(IDigest digest)
+        {
+            this.digest = digest;
+
+            if (digest.GetDigestSize() == 20)
+            {
+                this.padLength = 40;
+            }
+            else
+            {
+                this.padLength = 48;
+            }
+        }
+
+        public virtual string AlgorithmName
+        {
+            get { return digest.AlgorithmName + "/SSL3MAC"; }
+        }
+
+        public virtual void Init(ICipherParameters parameters)
+        {
+            secret = Arrays.Clone(((KeyParameter)parameters).GetKey());
+
+            Reset();
+        }
+
+        public virtual int GetMacSize()
+        {
+            return digest.GetDigestSize();
+        }
+
+        public virtual void Update(byte input)
+        {
+            digest.Update(input);
+        }
+
+        public virtual void BlockUpdate(byte[] input, int inOff, int len)
+        {
+            digest.BlockUpdate(input, inOff, len);
+        }
+
+        public virtual int DoFinal(byte[] output, int outOff)
+        {
+            byte[] tmp = new byte[digest.GetDigestSize()];
+            digest.DoFinal(tmp, 0);
+
+            digest.BlockUpdate(secret, 0, secret.Length);
+            digest.BlockUpdate(OPAD, 0, padLength);
+            digest.BlockUpdate(tmp, 0, tmp.Length);
+
+            int len = digest.DoFinal(output, outOff);
+
+            Reset();
+
+            return len;
+        }
+
+        /**
+         * Reset the mac generator.
+         */
+        public virtual void Reset()
+        {
+            digest.Reset();
+            digest.BlockUpdate(secret, 0, secret.Length);
+            digest.BlockUpdate(IPAD, 0, padLength);
+        }
+
+        private static byte[] GenPad(byte b, int count)
+        {
+            byte[] padding = new byte[count];
+            Arrays.Fill(padding, b);
+            return padding;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SupplementalDataEntry.cs b/bc-sharp-crypto/src/crypto/tls/SupplementalDataEntry.cs
new file mode 100644
index 0000000..5adc4fa
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SupplementalDataEntry.cs
@@ -0,0 +1,26 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class SupplementalDataEntry
+    {
+        protected readonly int mDataType;
+        protected readonly byte[] mData;
+
+        public SupplementalDataEntry(int dataType, byte[] data)
+        {
+            this.mDataType = dataType;
+            this.mData = data;
+        }
+
+        public virtual int DataType
+        {
+            get { return mDataType; }
+        }
+
+        public virtual byte[] Data
+        {
+            get { return mData; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/SupplementalDataType.cs b/bc-sharp-crypto/src/crypto/tls/SupplementalDataType.cs
new file mode 100644
index 0000000..79511c5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/SupplementalDataType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 4680</summary>
+    public abstract class SupplementalDataType
+    {
+        /*
+         * RFC 4681
+         */
+        public const int user_mapping_data = 0;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsAeadCipher.cs b/bc-sharp-crypto/src/crypto/tls/TlsAeadCipher.cs
new file mode 100644
index 0000000..cc0575c
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsAeadCipher.cs
@@ -0,0 +1,249 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsAeadCipher
+        :   TlsCipher
+    {
+        // TODO[draft-zauner-tls-aes-ocb-04] Apply data volume limit described in section 8.4
+
+        public const int NONCE_RFC5288 = 1;
+    
+        /*
+         * draft-zauner-tls-aes-ocb-04 specifies the nonce construction from draft-ietf-tls-chacha20-poly1305-04
+         */
+        internal const int NONCE_DRAFT_CHACHA20_POLY1305 = 2;
+
+        protected readonly TlsContext context;
+        protected readonly int macSize;
+        // TODO SecurityParameters.record_iv_length
+        protected readonly int record_iv_length;
+
+        protected readonly IAeadBlockCipher encryptCipher;
+        protected readonly IAeadBlockCipher decryptCipher;
+
+        protected readonly byte[] encryptImplicitNonce, decryptImplicitNonce;
+
+        protected readonly int nonceMode;
+
+        /// <exception cref="IOException"></exception>
+        public TlsAeadCipher(TlsContext context, IAeadBlockCipher clientWriteCipher, IAeadBlockCipher serverWriteCipher,
+            int cipherKeySize, int macSize)
+            : this(context, clientWriteCipher, serverWriteCipher, cipherKeySize, macSize, NONCE_RFC5288)
+        {
+        }
+
+        /// <exception cref="IOException"></exception>
+        internal TlsAeadCipher(TlsContext context, IAeadBlockCipher clientWriteCipher, IAeadBlockCipher serverWriteCipher,
+            int cipherKeySize, int macSize, int nonceMode)
+        {
+            if (!TlsUtilities.IsTlsV12(context))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.nonceMode = nonceMode;
+
+            // TODO SecurityParameters.fixed_iv_length
+            int fixed_iv_length;
+
+            switch (nonceMode)
+            {
+                case NONCE_RFC5288:
+                    fixed_iv_length = 4;
+                    this.record_iv_length = 8;
+                    break;
+                case NONCE_DRAFT_CHACHA20_POLY1305:
+                    fixed_iv_length = 12;
+                    this.record_iv_length = 0;
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            this.context = context;
+            this.macSize = macSize;
+
+            int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length);
+
+            byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
+
+            int offset = 0;
+
+            KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            byte[] client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
+            offset += fixed_iv_length;
+            byte[] server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
+            offset += fixed_iv_length;
+
+            if (offset != key_block_size)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            KeyParameter encryptKey, decryptKey;
+            if (context.IsServer)
+            {
+                this.encryptCipher = serverWriteCipher;
+                this.decryptCipher = clientWriteCipher;
+                this.encryptImplicitNonce = server_write_IV;
+                this.decryptImplicitNonce = client_write_IV;
+                encryptKey = server_write_key;
+                decryptKey = client_write_key;
+            }
+            else
+            {
+                this.encryptCipher = clientWriteCipher;
+                this.decryptCipher = serverWriteCipher;
+                this.encryptImplicitNonce = client_write_IV;
+                this.decryptImplicitNonce = server_write_IV;
+                encryptKey = client_write_key;
+                decryptKey = server_write_key;
+            }
+
+            byte[] dummyNonce = new byte[fixed_iv_length + record_iv_length];
+
+            this.encryptCipher.Init(true, new AeadParameters(encryptKey, 8 * macSize, dummyNonce));
+            this.decryptCipher.Init(false, new AeadParameters(decryptKey, 8 * macSize, dummyNonce));
+        }
+
+        public virtual int GetPlaintextLimit(int ciphertextLimit)
+        {
+            // TODO We ought to be able to ask the decryptCipher (independently of it's current state!)
+            return ciphertextLimit - macSize - record_iv_length;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
+        {
+            byte[] nonce = new byte[encryptImplicitNonce.Length + record_iv_length];
+
+            switch (nonceMode)
+            {
+                case NONCE_RFC5288:
+                    Array.Copy(encryptImplicitNonce, 0, nonce, 0, encryptImplicitNonce.Length);
+                    // RFC 5288/6655: The nonce_explicit MAY be the 64-bit sequence number.
+                    TlsUtilities.WriteUint64(seqNo, nonce, encryptImplicitNonce.Length);
+                    break;
+                case NONCE_DRAFT_CHACHA20_POLY1305:
+                    TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8);
+                    for (int i = 0; i < encryptImplicitNonce.Length; ++i)
+                    {
+                        nonce[i] ^= encryptImplicitNonce[i];
+                    }
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            int plaintextOffset = offset;
+            int plaintextLength = len;
+            int ciphertextLength = encryptCipher.GetOutputSize(plaintextLength);
+
+            byte[] output = new byte[record_iv_length + ciphertextLength];
+            if (record_iv_length != 0)
+            {
+                Array.Copy(nonce, nonce.Length - record_iv_length, output, 0, record_iv_length);
+            }
+            int outputPos = record_iv_length;
+
+            byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength);
+            AeadParameters parameters = new AeadParameters(null, 8 * macSize, nonce, additionalData);
+
+            try
+            {
+                encryptCipher.Init(true, parameters);
+                outputPos += encryptCipher.ProcessBytes(plaintext, plaintextOffset, plaintextLength, output, outputPos);
+                outputPos += encryptCipher.DoFinal(output, outputPos);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+
+            if (outputPos != output.Length)
+            {
+                // NOTE: Existing AEAD cipher implementations all give exact output lengths
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            return output;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
+        {
+            if (GetPlaintextLimit(len) < 0)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            byte[] nonce = new byte[decryptImplicitNonce.Length + record_iv_length];
+
+            switch (nonceMode)
+            {
+                case NONCE_RFC5288:
+                    Array.Copy(decryptImplicitNonce, 0, nonce, 0, decryptImplicitNonce.Length);
+                    Array.Copy(ciphertext, offset, nonce, nonce.Length - record_iv_length, record_iv_length);
+                    break;
+                case NONCE_DRAFT_CHACHA20_POLY1305:
+                    TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8);
+                    for (int i = 0; i < decryptImplicitNonce.Length; ++i)
+                    {
+                        nonce[i] ^= decryptImplicitNonce[i];
+                    }
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            int ciphertextOffset = offset + record_iv_length;
+            int ciphertextLength = len - record_iv_length;
+            int plaintextLength = decryptCipher.GetOutputSize(ciphertextLength);
+
+            byte[] output = new byte[plaintextLength];
+            int outputPos = 0;
+
+            byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength);
+            AeadParameters parameters = new AeadParameters(null, 8 * macSize, nonce, additionalData);
+
+            try
+            {
+                decryptCipher.Init(false, parameters);
+                outputPos += decryptCipher.ProcessBytes(ciphertext, ciphertextOffset, ciphertextLength, output, outputPos);
+                outputPos += decryptCipher.DoFinal(output, outputPos);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac, e);
+            }
+
+            if (outputPos != output.Length)
+            {
+                // NOTE: Existing AEAD cipher implementations all give exact output lengths
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            return output;
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual byte[] GetAdditionalData(long seqNo, byte type, int len)
+        {
+            /*
+             * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version +
+             * TLSCompressed.length
+             */
+
+            byte[] additional_data = new byte[13];
+            TlsUtilities.WriteUint64(seqNo, additional_data, 0);
+            TlsUtilities.WriteUint8(type, additional_data, 8);
+            TlsUtilities.WriteVersion(context.ServerVersion, additional_data, 9);
+            TlsUtilities.WriteUint16(len, additional_data, 11);
+
+            return additional_data;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsAgreementCredentials.cs b/bc-sharp-crypto/src/crypto/tls/TlsAgreementCredentials.cs
new file mode 100644
index 0000000..7c64072
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsAgreementCredentials.cs
@@ -0,0 +1,12 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsAgreementCredentials
+        :   TlsCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsAuthentication.cs b/bc-sharp-crypto/src/crypto/tls/TlsAuthentication.cs
new file mode 100644
index 0000000..9aea5e4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsAuthentication.cs
@@ -0,0 +1,31 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+	public interface TlsAuthentication
+	{
+		/// <summary>
+		/// Called by the protocol handler to report the server certificate.
+		/// </summary>
+		/// <remarks>
+		/// This method is responsible for certificate verification and validation
+		/// </remarks>
+		/// <param name="serverCertificate">The server <see cref="Certificate"/> received</param>
+		/// <exception cref="IOException"></exception>
+		void NotifyServerCertificate(Certificate serverCertificate);
+
+		/// <summary>
+		/// Return client credentials in response to server's certificate request
+		/// </summary>
+		/// <param name="certificateRequest">
+		/// A <see cref="CertificateRequest"/> containing server certificate request details
+		/// </param>
+		/// <returns>
+		/// A <see cref="TlsCredentials"/> to be used for client authentication
+		/// (or <c>null</c> for no client authentication)
+		/// </returns>
+		/// <exception cref="IOException"></exception>
+		TlsCredentials GetClientCredentials(CertificateRequest certificateRequest);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsBlockCipher.cs b/bc-sharp-crypto/src/crypto/tls/TlsBlockCipher.cs
new file mode 100644
index 0000000..76b476a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsBlockCipher.cs
@@ -0,0 +1,395 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// A generic TLS 1.0-1.2 / SSLv3 block cipher. This can be used for AES or 3DES for example.
+    /// </summary>
+    public class TlsBlockCipher
+        :   TlsCipher
+    {
+        protected readonly TlsContext context;
+        protected readonly byte[] randomData;
+        protected readonly bool useExplicitIV;
+        protected readonly bool encryptThenMac;
+
+        protected readonly IBlockCipher encryptCipher;
+        protected readonly IBlockCipher decryptCipher;
+
+        protected readonly TlsMac mWriteMac;
+        protected readonly TlsMac mReadMac;
+
+        public virtual TlsMac WriteMac
+        {
+            get { return mWriteMac; }
+        }
+
+        public virtual TlsMac ReadMac
+        {
+            get { return mReadMac; }
+        }
+
+        /// <exception cref="IOException"></exception>
+        public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher,
+            IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize)
+        {
+            this.context = context;
+
+            this.randomData = new byte[256];
+            context.NonceRandomGenerator.NextBytes(randomData);
+
+            this.useExplicitIV = TlsUtilities.IsTlsV11(context);
+            this.encryptThenMac = context.SecurityParameters.encryptThenMac;
+
+            int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+                + serverWriteDigest.GetDigestSize();
+
+            // From TLS 1.1 onwards, block ciphers don't need client_write_IV
+            if (!useExplicitIV)
+            {
+                key_block_size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize();
+            }
+
+            byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
+
+            int offset = 0;
+
+            TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
+                clientWriteDigest.GetDigestSize());
+            offset += clientWriteDigest.GetDigestSize();
+            TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
+                serverWriteDigest.GetDigestSize());
+            offset += serverWriteDigest.GetDigestSize();
+
+            KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+
+            byte[] client_write_IV, server_write_IV;
+            if (useExplicitIV)
+            {
+                client_write_IV = new byte[clientWriteCipher.GetBlockSize()];
+                server_write_IV = new byte[serverWriteCipher.GetBlockSize()];
+            }
+            else
+            {
+                client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + clientWriteCipher.GetBlockSize());
+                offset += clientWriteCipher.GetBlockSize();
+                server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + serverWriteCipher.GetBlockSize());
+                offset += serverWriteCipher.GetBlockSize();
+            }
+
+            if (offset != key_block_size)
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            ICipherParameters encryptParams, decryptParams;
+            if (context.IsServer)
+            {
+                this.mWriteMac = serverWriteMac;
+                this.mReadMac = clientWriteMac;
+                this.encryptCipher = serverWriteCipher;
+                this.decryptCipher = clientWriteCipher;
+                encryptParams = new ParametersWithIV(server_write_key, server_write_IV);
+                decryptParams = new ParametersWithIV(client_write_key, client_write_IV);
+            }
+            else
+            {
+                this.mWriteMac = clientWriteMac;
+                this.mReadMac = serverWriteMac;
+                this.encryptCipher = clientWriteCipher;
+                this.decryptCipher = serverWriteCipher;
+                encryptParams = new ParametersWithIV(client_write_key, client_write_IV);
+                decryptParams = new ParametersWithIV(server_write_key, server_write_IV);
+            }
+
+            this.encryptCipher.Init(true, encryptParams);
+            this.decryptCipher.Init(false, decryptParams);
+        }
+
+        public virtual int GetPlaintextLimit(int ciphertextLimit)
+        {
+            int blockSize = encryptCipher.GetBlockSize();
+            int macSize = mWriteMac.Size;
+
+            int plaintextLimit = ciphertextLimit;
+
+            // An explicit IV consumes 1 block
+            if (useExplicitIV)
+            {
+                plaintextLimit -= blockSize;
+            }
+
+            // Leave room for the MAC, and require block-alignment
+            if (encryptThenMac)
+            {
+                plaintextLimit -= macSize;
+                plaintextLimit -= plaintextLimit % blockSize;
+            }
+            else
+            {
+                plaintextLimit -= plaintextLimit % blockSize;
+                plaintextLimit -= macSize;
+            }
+
+            // Minimum 1 byte of padding
+            --plaintextLimit;
+
+            return plaintextLimit;
+        }
+
+        public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
+        {
+            int blockSize = encryptCipher.GetBlockSize();
+            int macSize = mWriteMac.Size;
+
+            ProtocolVersion version = context.ServerVersion;
+
+            int enc_input_length = len;
+            if (!encryptThenMac)
+            {
+                enc_input_length += macSize;
+            }
+
+            int padding_length = blockSize - 1 - (enc_input_length % blockSize);
+
+            /*
+             * Don't use variable-length padding with truncated MACs.
+             * 
+             * See "Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol", Paterson,
+             * Ristenpart, Shrimpton.
+             */
+            if (encryptThenMac || !context.SecurityParameters.truncatedHMac)
+            {
+                // TODO[DTLS] Consider supporting in DTLS (without exceeding send limit though)
+                if (!version.IsDtls && !version.IsSsl)
+                {
+                    // Add a random number of extra blocks worth of padding
+                    int maxExtraPadBlocks = (255 - padding_length) / blockSize;
+                    int actualExtraPadBlocks = ChooseExtraPadBlocks(context.SecureRandom, maxExtraPadBlocks);
+                    padding_length += actualExtraPadBlocks * blockSize;
+                }
+            }
+
+            int totalSize = len + macSize + padding_length + 1;
+            if (useExplicitIV)
+            {
+                totalSize += blockSize;
+            }
+
+            byte[] outBuf = new byte[totalSize];
+            int outOff = 0;
+
+            if (useExplicitIV)
+            {
+                byte[] explicitIV = new byte[blockSize];
+                context.NonceRandomGenerator.NextBytes(explicitIV);
+
+                encryptCipher.Init(true, new ParametersWithIV(null, explicitIV));
+
+                Array.Copy(explicitIV, 0, outBuf, outOff, blockSize);
+                outOff += blockSize;
+            }
+
+            int blocks_start = outOff;
+
+            Array.Copy(plaintext, offset, outBuf, outOff, len);
+            outOff += len;
+
+            if (!encryptThenMac)
+            {
+                byte[] mac = mWriteMac.CalculateMac(seqNo, type, plaintext, offset, len);
+                Array.Copy(mac, 0, outBuf, outOff, mac.Length);
+                outOff += mac.Length;
+            }
+
+            for (int i = 0; i <= padding_length; i++)
+            {
+                outBuf[outOff++] = (byte)padding_length;
+            }
+
+            for (int i = blocks_start; i < outOff; i += blockSize)
+            {
+                encryptCipher.ProcessBlock(outBuf, i, outBuf, i);
+            }
+
+            if (encryptThenMac)
+            {
+                byte[] mac = mWriteMac.CalculateMac(seqNo, type, outBuf, 0, outOff);
+                Array.Copy(mac, 0, outBuf, outOff, mac.Length);
+                outOff += mac.Length;
+            }
+
+    //        assert outBuf.length == outOff;
+
+            return outBuf;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
+        {
+            int blockSize = decryptCipher.GetBlockSize();
+            int macSize = mReadMac.Size;
+
+            int minLen = blockSize;
+            if (encryptThenMac)
+            {
+                minLen += macSize;
+            }
+            else
+            {
+                minLen = System.Math.Max(minLen, macSize + 1);
+            }
+
+            if (useExplicitIV)
+            {
+                minLen += blockSize;
+            }
+
+            if (len < minLen)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            int blocks_length = len;
+            if (encryptThenMac)
+            {
+                blocks_length -= macSize;
+            }
+
+            if (blocks_length % blockSize != 0)
+                throw new TlsFatalAlert(AlertDescription.decryption_failed);
+
+            if (encryptThenMac)
+            {
+                int end = offset + len;
+                byte[] receivedMac = Arrays.CopyOfRange(ciphertext, end - macSize, end);
+                byte[] calculatedMac = mReadMac.CalculateMac(seqNo, type, ciphertext, offset, len - macSize);
+
+                bool badMacEtm = !Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac);
+                if (badMacEtm)
+                {
+                    /*
+                     * RFC 7366 3. The MAC SHALL be evaluated before any further processing such as
+                     * decryption is performed, and if the MAC verification fails, then processing SHALL
+                     * terminate immediately. For TLS, a fatal bad_record_mac MUST be generated [2]. For
+                     * DTLS, the record MUST be discarded, and a fatal bad_record_mac MAY be generated
+                     * [4]. This immediate response to a bad MAC eliminates any timing channels that may
+                     * be available through the use of manipulated packet data.
+                     */
+                    throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+                }
+            }
+
+            if (useExplicitIV)
+            {
+                decryptCipher.Init(false, new ParametersWithIV(null, ciphertext, offset, blockSize));
+
+                offset += blockSize;
+                blocks_length -= blockSize;
+            }
+
+            for (int i = 0; i < blocks_length; i += blockSize)
+            {
+                decryptCipher.ProcessBlock(ciphertext, offset + i, ciphertext, offset + i);
+            }
+
+            // If there's anything wrong with the padding, this will return zero
+            int totalPad = CheckPaddingConstantTime(ciphertext, offset, blocks_length, blockSize, encryptThenMac ? 0 : macSize);
+            bool badMac = (totalPad == 0);
+
+            int dec_output_length = blocks_length - totalPad;
+
+            if (!encryptThenMac)
+            {
+                dec_output_length -= macSize;
+                int macInputLen = dec_output_length;
+                int macOff = offset + macInputLen;
+                byte[] receivedMac = Arrays.CopyOfRange(ciphertext, macOff, macOff + macSize);
+                byte[] calculatedMac = mReadMac.CalculateMacConstantTime(seqNo, type, ciphertext, offset, macInputLen,
+                    blocks_length - macSize, randomData);
+
+                badMac |= !Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac);
+            }
+
+            if (badMac)
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+
+            return Arrays.CopyOfRange(ciphertext, offset, offset + dec_output_length);
+        }
+
+        protected virtual int CheckPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize)
+        {
+            int end = off + len;
+            byte lastByte = buf[end - 1];
+            int padlen = lastByte & 0xff;
+            int totalPad = padlen + 1;
+
+            int dummyIndex = 0;
+            byte padDiff = 0;
+
+            if ((TlsUtilities.IsSsl(context) && totalPad > blockSize) || (macSize + totalPad > len))
+            {
+                totalPad = 0;
+            }
+            else
+            {
+                int padPos = end - totalPad;
+                do
+                {
+                    padDiff |= (byte)(buf[padPos++] ^ lastByte);
+                }
+                while (padPos < end);
+
+                dummyIndex = totalPad;
+
+                if (padDiff != 0)
+                {
+                    totalPad = 0;
+                }
+            }
+
+            // Run some extra dummy checks so the number of checks is always constant
+            {
+                byte[] dummyPad = randomData;
+                while (dummyIndex < 256)
+                {
+                    padDiff |= (byte)(dummyPad[dummyIndex++] ^ lastByte);
+                }
+                // Ensure the above loop is not eliminated
+                dummyPad[0] ^= padDiff;
+            }
+
+            return totalPad;
+        }
+
+        protected virtual int ChooseExtraPadBlocks(SecureRandom r, int max)
+        {
+            // return r.NextInt(max + 1);
+
+            int x = r.NextInt();
+            int n = LowestBitSet(x);
+            return System.Math.Min(n, max);
+        }
+
+        protected virtual int LowestBitSet(int x)
+        {
+            if (x == 0)
+                return 32;
+
+            uint ux = (uint)x;
+            int n = 0;
+            while ((ux & 1U) == 0)
+            {
+                ++n;
+                ux >>= 1;
+            }
+            return n;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsCipher.cs b/bc-sharp-crypto/src/crypto/tls/TlsCipher.cs
new file mode 100644
index 0000000..7bd8573
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsCipher.cs
@@ -0,0 +1,16 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsCipher
+    {
+        int GetPlaintextLimit(int ciphertextLimit);
+
+        /// <exception cref="IOException"></exception>
+        byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len);
+
+        /// <exception cref="IOException"></exception>
+        byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsCipherFactory.cs b/bc-sharp-crypto/src/crypto/tls/TlsCipherFactory.cs
new file mode 100644
index 0000000..4e1fe0e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsCipherFactory.cs
@@ -0,0 +1,11 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsCipherFactory
+    {
+        /// <exception cref="IOException"></exception>
+        TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsClient.cs b/bc-sharp-crypto/src/crypto/tls/TlsClient.cs
new file mode 100644
index 0000000..73f1690
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsClient.cs
@@ -0,0 +1,148 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsClient
+        :   TlsPeer
+    {
+        /// <summary>
+        /// Called at the start of a new TLS session, before any other methods.
+        /// </summary>
+        /// <param name="context">
+        /// A <see cref="TlsProtocolHandler"/>
+        /// </param>
+        void Init(TlsClientContext context);
+
+        /// <summary>Return the session this client wants to resume, if any.</summary>
+        /// <remarks>Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.</remarks>
+        /// <returns>
+        /// A <see cref="TlsSession"/> representing the resumable session to be used for this connection,
+        /// or null to use a new session.
+        /// </returns>
+        TlsSession GetSessionToResume();
+
+        /// <summary>
+        /// Return the <see cref="ProtocolVersion"/> to use for the <c>TLSPlaintext.version</c> field prior to
+        /// receiving the server version. NOTE: This method is <b>not</b> called for DTLS.
+        /// </summary>
+        /// <remarks>
+        /// See RFC 5246 E.1.: "TLS clients that wish to negotiate with older servers MAY send any value
+        /// {03,XX} as the record layer version number. Typical values would be {03,00}, the lowest
+        /// version number supported by the client, and the value of ClientHello.client_version. No
+        /// single value will guarantee interoperability with all old servers, but this is a complex
+        /// topic beyond the scope of this document."
+        /// </remarks>
+        /// <returns>The <see cref="ProtocolVersion"/> to use.</returns>
+        ProtocolVersion ClientHelloRecordLayerVersion { get; }
+
+        ProtocolVersion ClientVersion { get; }
+
+        bool IsFallback { get; }
+
+        /// <summary>
+        /// Get the list of cipher suites that this client supports.
+        /// </summary>
+        /// <returns>
+        /// An array of <see cref="CipherSuite"/> values, each specifying a supported cipher suite.
+        /// </returns>
+        int[] GetCipherSuites();
+
+        /// <summary>
+        /// Get the list of compression methods that this client supports.
+        /// </summary>
+        /// <returns>
+        /// An array of <see cref="CompressionMethod"/> values, each specifying a supported compression method.
+        /// </returns>
+        byte[] GetCompressionMethods();
+
+        /// <summary>
+        /// Get the (optional) table of client extensions to be included in (extended) client hello.
+        /// </summary>
+        /// <returns>
+        /// A <see cref="IDictionary"/> (Int32 -> byte[]). May be null.
+        /// </returns>
+        /// <exception cref="IOException"></exception>
+        IDictionary GetClientExtensions();
+
+        /// <exception cref="IOException"></exception>
+        void NotifyServerVersion(ProtocolVersion selectedVersion);
+
+        /// <summary>
+        /// Notifies the client of the session_id sent in the ServerHello.
+        /// </summary>
+        /// <param name="sessionID">An array of <see cref="System.Byte"/></param>
+        void NotifySessionID(byte[] sessionID);
+
+        /// <summary>
+        /// Report the cipher suite that was selected by the server.
+        /// </summary>
+        /// <remarks>
+        /// The protocol handler validates this value against the offered cipher suites
+        /// <seealso cref="GetCipherSuites"/>
+        /// </remarks>
+        /// <param name="selectedCipherSuite">
+        /// A <see cref="CipherSuite"/>
+        /// </param>
+        void NotifySelectedCipherSuite(int selectedCipherSuite);
+
+        /// <summary>
+        /// Report the compression method that was selected by the server.
+        /// </summary>
+        /// <remarks>
+        /// The protocol handler validates this value against the offered compression methods
+        /// <seealso cref="GetCompressionMethods"/>
+        /// </remarks>
+        /// <param name="selectedCompressionMethod">
+        /// A <see cref="CompressionMethod"/>
+        /// </param>
+        void NotifySelectedCompressionMethod(byte selectedCompressionMethod);
+
+        /// <summary>
+        /// Report the extensions from an extended server hello.
+        /// </summary>
+        /// <remarks>
+        /// Will only be called if we returned a non-null result from <see cref="GetClientExtensions"/>.
+        /// </remarks>
+        /// <param name="serverExtensions">
+        /// A <see cref="IDictionary"/>  (Int32 -> byte[])
+        /// </param>
+        void ProcessServerExtensions(IDictionary serverExtensions);
+
+        /// <param name="serverSupplementalData">A <see cref="IList">list</see> of <see cref="SupplementalDataEntry"/></param>
+        /// <exception cref="IOException"/>
+        void ProcessServerSupplementalData(IList serverSupplementalData);
+
+        /// <summary>
+        /// Return an implementation of <see cref="TlsKeyExchange"/> to negotiate the key exchange
+        /// part of the protocol.
+        /// </summary>
+        /// <returns>
+        /// A <see cref="TlsKeyExchange"/>
+        /// </returns>
+        /// <exception cref="IOException"/>
+        TlsKeyExchange GetKeyExchange();
+
+        /// <summary>
+        /// Return an implementation of <see cref="TlsAuthentication"/> to handle authentication
+        /// part of the protocol.
+        /// </summary>
+        /// <exception cref="IOException"/>
+        TlsAuthentication GetAuthentication();
+
+        /// <returns>A <see cref="IList">list</see> of <see cref="SupplementalDataEntry"/></returns>
+        /// <exception cref="IOException"/>
+        IList GetClientSupplementalData();
+
+        /// <summary>RFC 5077 3.3. NewSessionTicket Handshake Message</summary>
+        /// <remarks>
+        /// This method will be called (only) when a NewSessionTicket handshake message is received. The
+        /// ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption
+        /// that it complies with e.g. <i>RFC 5077 4. Recommended Ticket Construction</i>.
+        /// </remarks>
+        /// <param name="newSessionTicket">The <see cref="NewSessionTicket">ticket</see></param>
+        /// <exception cref="IOException"/>
+        void NotifyNewSessionTicket(NewSessionTicket newSessionTicket);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsClientContext.cs b/bc-sharp-crypto/src/crypto/tls/TlsClientContext.cs
new file mode 100644
index 0000000..b077d0a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsClientContext.cs
@@ -0,0 +1,11 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsClientContext
+        :   TlsContext
+    {
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsClientContextImpl.cs b/bc-sharp-crypto/src/crypto/tls/TlsClientContextImpl.cs
new file mode 100644
index 0000000..674d689
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsClientContextImpl.cs
@@ -0,0 +1,20 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class TlsClientContextImpl
+        :   AbstractTlsContext, TlsClientContext
+    {
+        internal TlsClientContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters)
+            :   base(secureRandom, securityParameters)
+        {
+        }
+
+        public override bool IsServer
+        {
+            get { return false; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsClientProtocol.cs b/bc-sharp-crypto/src/crypto/tls/TlsClientProtocol.cs
new file mode 100644
index 0000000..0ea84c0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsClientProtocol.cs
@@ -0,0 +1,912 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsClientProtocol
+        :   TlsProtocol
+    {
+        protected TlsClient mTlsClient = null;
+        internal TlsClientContextImpl mTlsClientContext = null;
+
+        protected byte[] mSelectedSessionID = null;
+
+        protected TlsKeyExchange mKeyExchange = null;
+        protected TlsAuthentication mAuthentication = null;
+
+        protected CertificateStatus mCertificateStatus = null;
+        protected CertificateRequest mCertificateRequest = null;
+
+        /**
+         * Constructor for blocking mode.
+         * @param stream The bi-directional stream of data to/from the server
+         * @param secureRandom Random number generator for various cryptographic functions
+         */
+        public TlsClientProtocol(Stream stream, SecureRandom secureRandom)
+            : base(stream, secureRandom)
+        {
+        }
+
+        /**
+         * Constructor for blocking mode.
+         * @param input The stream of data from the server
+         * @param output The stream of data to the server
+         * @param secureRandom Random number generator for various cryptographic functions
+         */
+        public TlsClientProtocol(Stream input, Stream output, SecureRandom secureRandom)
+            : base(input, output, secureRandom)
+        {
+        }
+
+        /**
+         * Constructor for non-blocking mode.<br/>
+         * <br/>
+         * When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to
+         * provide the received ciphertext, then use
+         * {@link #readInput(byte[], int, int)} to read the corresponding cleartext.<br/>
+         * <br/>
+         * Similarly, when data needs to be sent, use
+         * {@link #offerOutput(byte[], int, int)} to provide the cleartext, then use
+         * {@link #readOutput(byte[], int, int)} to get the corresponding
+         * ciphertext.
+         * 
+         * @param secureRandom
+         *            Random number generator for various cryptographic functions
+         */
+        public TlsClientProtocol(SecureRandom secureRandom)
+            : base(secureRandom)
+        {
+        }
+
+        /**
+         * Initiates a TLS handshake in the role of client.<br/>
+         * <br/>
+         * In blocking mode, this will not return until the handshake is complete.
+         * In non-blocking mode, use {@link TlsPeer#NotifyHandshakeComplete()} to
+         * receive a callback when the handshake is complete.
+         *
+         * @param tlsClient The {@link TlsClient} to use for the handshake.
+         * @throws IOException If in blocking mode and handshake was not successful.
+         */
+        public virtual void Connect(TlsClient tlsClient)
+        {
+            if (tlsClient == null)
+                throw new ArgumentNullException("tlsClient");
+            if (this.mTlsClient != null)
+                throw new InvalidOperationException("'Connect' can only be called once");
+
+            this.mTlsClient = tlsClient;
+
+            this.mSecurityParameters = new SecurityParameters();
+            this.mSecurityParameters.entity = ConnectionEnd.client;
+
+            this.mTlsClientContext = new TlsClientContextImpl(mSecureRandom, mSecurityParameters);
+
+            this.mSecurityParameters.clientRandom = CreateRandomBlock(tlsClient.ShouldUseGmtUnixTime(),
+                mTlsClientContext.NonceRandomGenerator);
+
+            this.mTlsClient.Init(mTlsClientContext);
+            this.mRecordStream.Init(mTlsClientContext);
+
+            TlsSession sessionToResume = tlsClient.GetSessionToResume();
+            if (sessionToResume != null && sessionToResume.IsResumable)
+            {
+                SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
+                if (sessionParameters != null)
+                {
+                    this.mTlsSession = sessionToResume;
+                    this.mSessionParameters = sessionParameters;
+                }
+            }
+
+            SendClientHelloMessage();
+            this.mConnectionState = CS_CLIENT_HELLO;
+
+            BlockForHandshake();
+        }
+
+        protected override void CleanupHandshake()
+        {
+            base.CleanupHandshake();
+
+            this.mSelectedSessionID = null;
+            this.mKeyExchange = null;
+            this.mAuthentication = null;
+            this.mCertificateStatus = null;
+            this.mCertificateRequest = null;
+        }
+
+        protected override TlsContext Context
+        {
+            get { return mTlsClientContext; }
+        }
+
+        internal override AbstractTlsContext ContextAdmin
+        {
+            get { return mTlsClientContext; }
+        }
+
+        protected override TlsPeer Peer
+        {
+            get { return mTlsClient; }
+        }
+
+        protected override void HandleHandshakeMessage(byte type, MemoryStream buf)
+        {
+            if (this.mResumedSession)
+            {
+                if (type != HandshakeType.finished || this.mConnectionState != CS_SERVER_HELLO)
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+                ProcessFinishedMessage(buf);
+                this.mConnectionState = CS_SERVER_FINISHED;
+
+                SendFinishedMessage();
+                this.mConnectionState = CS_CLIENT_FINISHED;
+
+                CompleteHandshake();
+                return;
+            }
+
+            switch (type)
+            {
+            case HandshakeType.certificate:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO:
+                case CS_SERVER_SUPPLEMENTAL_DATA:
+                {
+                    if (this.mConnectionState == CS_SERVER_HELLO)
+                    {
+                        HandleSupplementalData(null);
+                    }
+
+                    // Parse the Certificate message and Send to cipher suite
+
+                    this.mPeerCertificate = Certificate.Parse(buf);
+
+                    AssertEmpty(buf);
+
+                    // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
+                    if (this.mPeerCertificate == null || this.mPeerCertificate.IsEmpty)
+                    {
+                        this.mAllowCertificateStatus = false;
+                    }
+
+                    this.mKeyExchange.ProcessServerCertificate(this.mPeerCertificate);
+
+                    this.mAuthentication = mTlsClient.GetAuthentication();
+                    this.mAuthentication.NotifyServerCertificate(this.mPeerCertificate);
+
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                this.mConnectionState = CS_SERVER_CERTIFICATE;
+                break;
+            }
+            case HandshakeType.certificate_status:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_CERTIFICATE:
+                {
+                    if (!this.mAllowCertificateStatus)
+                    {
+                        /*
+                         * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the
+                         * server MUST have included an extension of type "status_request" with empty
+                         * "extension_data" in the extended server hello..
+                         */
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                    }
+
+                    this.mCertificateStatus = CertificateStatus.Parse(buf);
+
+                    AssertEmpty(buf);
+
+                    // TODO[RFC 3546] Figure out how to provide this to the client/authentication.
+
+                    this.mConnectionState = CS_CERTIFICATE_STATUS;
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.finished:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_CLIENT_FINISHED:
+                case CS_SERVER_SESSION_TICKET:
+                {
+                    if (this.mConnectionState == CS_CLIENT_FINISHED && this.mExpectSessionTicket)
+                    {
+                        /*
+                         * RFC 5077 3.3. This message MUST be sent if the server included a
+                         * SessionTicket extension in the ServerHello.
+                         */
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                    }
+
+                    ProcessFinishedMessage(buf);
+                    this.mConnectionState = CS_SERVER_FINISHED;
+
+                    CompleteHandshake();
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.server_hello:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_CLIENT_HELLO:
+                {
+                    ReceiveServerHelloMessage(buf);
+                    this.mConnectionState = CS_SERVER_HELLO;
+
+                    this.mRecordStream.NotifyHelloComplete();
+
+                    ApplyMaxFragmentLengthExtension();
+
+                    if (this.mResumedSession)
+                    {
+                        this.mSecurityParameters.masterSecret = Arrays.Clone(this.mSessionParameters.MasterSecret);
+                        this.mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
+
+                        SendChangeCipherSpecMessage();
+                    }
+                    else
+                    {
+                        InvalidateSession();
+
+                        if (this.mSelectedSessionID.Length > 0)
+                        {
+                            this.mTlsSession = new TlsSessionImpl(this.mSelectedSessionID, null);
+                        }
+                    }
+
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.supplemental_data:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO:
+                {
+                    HandleSupplementalData(ReadSupplementalDataMessage(buf));
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.server_hello_done:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO:
+                case CS_SERVER_SUPPLEMENTAL_DATA:
+                case CS_SERVER_CERTIFICATE:
+                case CS_CERTIFICATE_STATUS:
+                case CS_SERVER_KEY_EXCHANGE:
+                case CS_CERTIFICATE_REQUEST:
+                {
+                    if (mConnectionState < CS_SERVER_SUPPLEMENTAL_DATA)
+                    {
+                        HandleSupplementalData(null);
+                    }
+
+                    if (mConnectionState < CS_SERVER_CERTIFICATE)
+                    {
+                        // There was no server certificate message; check it's OK
+                        this.mKeyExchange.SkipServerCredentials();
+                        this.mAuthentication = null;
+                    }
+
+                    if (mConnectionState < CS_SERVER_KEY_EXCHANGE)
+                    {
+                        // There was no server key exchange message; check it's OK
+                        this.mKeyExchange.SkipServerKeyExchange();
+                    }
+
+                    AssertEmpty(buf);
+
+                    this.mConnectionState = CS_SERVER_HELLO_DONE;
+
+                    this.mRecordStream.HandshakeHash.SealHashAlgorithms();
+
+                    IList clientSupplementalData = mTlsClient.GetClientSupplementalData();
+                    if (clientSupplementalData != null)
+                    {
+                        SendSupplementalDataMessage(clientSupplementalData);
+                    }
+                    this.mConnectionState = CS_CLIENT_SUPPLEMENTAL_DATA;
+
+                    TlsCredentials clientCreds = null;
+                    if (mCertificateRequest == null)
+                    {
+                        this.mKeyExchange.SkipClientCredentials();
+                    }
+                    else
+                    {
+                        clientCreds = this.mAuthentication.GetClientCredentials(mCertificateRequest);
+
+                        if (clientCreds == null)
+                        {
+                            this.mKeyExchange.SkipClientCredentials();
+
+                            /*
+                             * RFC 5246 If no suitable certificate is available, the client MUST Send a
+                             * certificate message containing no certificates.
+                             * 
+                             * NOTE: In previous RFCs, this was SHOULD instead of MUST.
+                             */
+                            SendCertificateMessage(Certificate.EmptyChain);
+                        }
+                        else
+                        {
+                            this.mKeyExchange.ProcessClientCredentials(clientCreds);
+
+                            SendCertificateMessage(clientCreds.Certificate);
+                        }
+                    }
+
+                    this.mConnectionState = CS_CLIENT_CERTIFICATE;
+
+                    /*
+                     * Send the client key exchange message, depending on the key exchange we are using
+                     * in our CipherSuite.
+                     */
+                    SendClientKeyExchangeMessage();
+                    this.mConnectionState = CS_CLIENT_KEY_EXCHANGE;
+
+                    if (TlsUtilities.IsSsl(Context))
+                    {
+                        EstablishMasterSecret(Context, mKeyExchange);
+                    }
+
+                    TlsHandshakeHash prepareFinishHash = mRecordStream.PrepareToFinish();
+                    this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, prepareFinishHash, null);
+
+                    if (!TlsUtilities.IsSsl(Context))
+                    {
+                        EstablishMasterSecret(Context, mKeyExchange);
+                    }
+
+                    mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
+
+                    if (clientCreds != null && clientCreds is TlsSignerCredentials)
+                    {
+                        TlsSignerCredentials signerCredentials = (TlsSignerCredentials)clientCreds;
+
+                        /*
+                         * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
+                         */
+                        SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
+                            Context, signerCredentials);
+
+                        byte[] hash;
+                        if (signatureAndHashAlgorithm == null)
+                        {
+                            hash = mSecurityParameters.SessionHash;
+                        }
+                        else
+                        {
+                            hash = prepareFinishHash.GetFinalHash(signatureAndHashAlgorithm.Hash);
+                        }
+
+                        byte[] signature = signerCredentials.GenerateCertificateSignature(hash);
+                        DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
+                        SendCertificateVerifyMessage(certificateVerify);
+
+                        this.mConnectionState = CS_CERTIFICATE_VERIFY;
+                    }
+
+                    SendChangeCipherSpecMessage();
+                    SendFinishedMessage();
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                this.mConnectionState = CS_CLIENT_FINISHED;
+                break;
+            }
+            case HandshakeType.server_key_exchange:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO:
+                case CS_SERVER_SUPPLEMENTAL_DATA:
+                case CS_SERVER_CERTIFICATE:
+                case CS_CERTIFICATE_STATUS:
+                {
+                    if (mConnectionState < CS_SERVER_SUPPLEMENTAL_DATA)
+                    {
+                        HandleSupplementalData(null);
+                    }
+
+                    if (mConnectionState < CS_SERVER_CERTIFICATE)
+                    {
+                        // There was no server certificate message; check it's OK
+                        this.mKeyExchange.SkipServerCredentials();
+                        this.mAuthentication = null;
+                    }
+
+                    this.mKeyExchange.ProcessServerKeyExchange(buf);
+
+                    AssertEmpty(buf);
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                this.mConnectionState = CS_SERVER_KEY_EXCHANGE;
+                break;
+            }
+            case HandshakeType.certificate_request:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_CERTIFICATE:
+                case CS_CERTIFICATE_STATUS:
+                case CS_SERVER_KEY_EXCHANGE:
+                {
+                    if (this.mConnectionState != CS_SERVER_KEY_EXCHANGE)
+                    {
+                        // There was no server key exchange message; check it's OK
+                        this.mKeyExchange.SkipServerKeyExchange();
+                    }
+
+                    if (this.mAuthentication == null)
+                    {
+                        /*
+                         * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server
+                         * to request client identification.
+                         */
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                    }
+
+                    this.mCertificateRequest = CertificateRequest.Parse(Context, buf);
+
+                    AssertEmpty(buf);
+
+                    this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest);
+
+                    /*
+                     * TODO Give the client a chance to immediately select the CertificateVerify hash
+                     * algorithm here to avoid tracking the other hash algorithms unnecessarily?
+                     */
+                    TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash,
+                        this.mCertificateRequest.SupportedSignatureAlgorithms);
+
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                this.mConnectionState = CS_CERTIFICATE_REQUEST;
+                break;
+            }
+            case HandshakeType.session_ticket:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_CLIENT_FINISHED:
+                {
+                    if (!this.mExpectSessionTicket)
+                    {
+                        /*
+                         * RFC 5077 3.3. This message MUST NOT be sent if the server did not include a
+                         * SessionTicket extension in the ServerHello.
+                         */
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                    }
+
+                    /*
+                     * RFC 5077 3.4. If the client receives a session ticket from the server, then it
+                     * discards any Session ID that was sent in the ServerHello.
+                     */
+                    InvalidateSession();
+
+                    ReceiveNewSessionTicketMessage(buf);
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                this.mConnectionState = CS_SERVER_SESSION_TICKET;
+                break;
+            }
+            case HandshakeType.hello_request:
+            {
+                AssertEmpty(buf);
+
+                /*
+                 * RFC 2246 7.4.1.1 Hello request This message will be ignored by the client if the
+                 * client is currently negotiating a session. This message may be ignored by the client
+                 * if it does not wish to renegotiate a session, or the client may, if it wishes,
+                 * respond with a no_renegotiation alert.
+                 */
+                if (this.mConnectionState == CS_END)
+                {
+                    RefuseRenegotiation();
+                }
+                break;
+            }
+            case HandshakeType.client_hello:
+            case HandshakeType.client_key_exchange:
+            case HandshakeType.certificate_verify:
+            case HandshakeType.hello_verify_request:
+            default:
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+        }
+
+        protected virtual void HandleSupplementalData(IList serverSupplementalData)
+        {
+            this.mTlsClient.ProcessServerSupplementalData(serverSupplementalData);
+            this.mConnectionState = CS_SERVER_SUPPLEMENTAL_DATA;
+
+            this.mKeyExchange = mTlsClient.GetKeyExchange();
+            this.mKeyExchange.Init(Context);
+        }
+
+        protected virtual void ReceiveNewSessionTicketMessage(MemoryStream buf)
+        {
+            NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf);
+
+            AssertEmpty(buf);
+
+            mTlsClient.NotifyNewSessionTicket(newSessionTicket);
+        }
+
+        protected virtual void ReceiveServerHelloMessage(MemoryStream buf)
+        {
+            {
+                ProtocolVersion server_version = TlsUtilities.ReadVersion(buf);
+                if (server_version.IsDtls)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                // Check that this matches what the server is Sending in the record layer
+                if (!server_version.Equals(this.mRecordStream.ReadVersion))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                ProtocolVersion client_version = Context.ClientVersion;
+                if (!server_version.IsEqualOrEarlierVersionOf(client_version))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                this.mRecordStream.SetWriteVersion(server_version);
+                ContextAdmin.SetServerVersion(server_version);
+                this.mTlsClient.NotifyServerVersion(server_version);
+            }
+
+            /*
+             * Read the server random
+             */
+            this.mSecurityParameters.serverRandom = TlsUtilities.ReadFully(32, buf);
+
+            this.mSelectedSessionID = TlsUtilities.ReadOpaque8(buf);
+            if (this.mSelectedSessionID.Length > 32)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            this.mTlsClient.NotifySessionID(this.mSelectedSessionID);
+            this.mResumedSession = this.mSelectedSessionID.Length > 0 && this.mTlsSession != null
+                && Arrays.AreEqual(this.mSelectedSessionID, this.mTlsSession.SessionID);
+
+            /*
+             * Find out which CipherSuite the server has chosen and check that it was one of the offered
+             * ones, and is a valid selection for the negotiated version.
+             */
+            int selectedCipherSuite = TlsUtilities.ReadUint16(buf);
+            if (!Arrays.Contains(this.mOfferedCipherSuites, selectedCipherSuite)
+                || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
+                || CipherSuite.IsScsv(selectedCipherSuite)
+                || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, Context.ServerVersion))
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            this.mTlsClient.NotifySelectedCipherSuite(selectedCipherSuite);
+
+            /*
+             * Find out which CompressionMethod the server has chosen and check that it was one of the
+             * offered ones.
+             */
+            byte selectedCompressionMethod = TlsUtilities.ReadUint8(buf);
+            if (!Arrays.Contains(this.mOfferedCompressionMethods, selectedCompressionMethod))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            this.mTlsClient.NotifySelectedCompressionMethod(selectedCompressionMethod);
+
+            /*
+             * RFC3546 2.2 The extended server hello message format MAY be sent in place of the server
+             * hello message when the client has requested extended functionality via the extended
+             * client hello message specified in Section 2.1. ... Note that the extended server hello
+             * message is only sent in response to an extended client hello message. This prevents the
+             * possibility that the extended server hello message could "break" existing TLS 1.0
+             * clients.
+             */
+            this.mServerExtensions = ReadExtensions(buf);
+
+            /*
+             * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an
+             * extended client hello message.
+             * 
+             * However, see RFC 5746 exception below. We always include the SCSV, so an Extended Server
+             * Hello is always allowed.
+             */
+            if (this.mServerExtensions != null)
+            {
+                foreach (int extType in this.mServerExtensions.Keys)
+                {
+                    /*
+                     * RFC 5746 3.6. Note that Sending a "renegotiation_info" extension in response to a
+                     * ClientHello containing only the SCSV is an explicit exception to the prohibition
+                     * in RFC 5246, Section 7.4.1.4, on the server Sending unsolicited extensions and is
+                     * only allowed because the client is signaling its willingness to receive the
+                     * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
+                     */
+                    if (extType == ExtensionType.renegotiation_info)
+                        continue;
+
+                    /*
+                     * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the
+                     * same extension type appeared in the corresponding ClientHello. If a client
+                     * receives an extension type in ServerHello that it did not request in the
+                     * associated ClientHello, it MUST abort the handshake with an unsupported_extension
+                     * fatal alert.
+                     */
+                    if (null == TlsUtilities.GetExtensionData(this.mClientExtensions, extType))
+                        throw new TlsFatalAlert(AlertDescription.unsupported_extension);
+
+                    /*
+                     * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore
+                     * extensions appearing in the client hello, and Send a server hello containing no
+                     * extensions[.]
+                     */
+                    if (this.mResumedSession)
+                    {
+                        // TODO[compat-gnutls] GnuTLS test server Sends server extensions e.g. ec_point_formats
+                        // TODO[compat-openssl] OpenSSL test server Sends server extensions e.g. ec_point_formats
+                        // TODO[compat-polarssl] PolarSSL test server Sends server extensions e.g. ec_point_formats
+    //                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                    }
+                }
+            }
+
+            /*
+             * RFC 5746 3.4. Client Behavior: Initial Handshake
+             */
+            {
+                /*
+                 * When a ServerHello is received, the client MUST check if it includes the
+                 * "renegotiation_info" extension:
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(this.mServerExtensions, ExtensionType.renegotiation_info);
+                if (renegExtData != null)
+                {
+                    /*
+                     * If the extension is present, set the secure_renegotiation flag to TRUE. The
+                     * client MUST then verify that the length of the "renegotiated_connection"
+                     * field is zero, and if it is not, MUST abort the handshake (by Sending a fatal
+                     * handshake_failure alert).
+                     */
+                    this.mSecureRenegotiation = true;
+
+                    if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                }
+            }
+
+            // TODO[compat-gnutls] GnuTLS test server fails to Send renegotiation_info extension when resuming
+            this.mTlsClient.NotifySecureRenegotiation(this.mSecureRenegotiation);
+
+            IDictionary sessionClientExtensions = mClientExtensions, sessionServerExtensions = mServerExtensions;
+            if (this.mResumedSession)
+            {
+                if (selectedCipherSuite != this.mSessionParameters.CipherSuite
+                    || selectedCompressionMethod != this.mSessionParameters.CompressionAlgorithm)
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+
+                sessionClientExtensions = null;
+                sessionServerExtensions = this.mSessionParameters.ReadServerExtensions();
+            }
+
+            this.mSecurityParameters.cipherSuite = selectedCipherSuite;
+            this.mSecurityParameters.compressionAlgorithm = selectedCompressionMethod;
+
+            if (sessionServerExtensions != null)
+            {
+                {
+                    /*
+                     * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
+                     * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
+                     * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
+                     * client.
+                     */
+                    bool serverSentEncryptThenMAC = TlsExtensionsUtilities.HasEncryptThenMacExtension(sessionServerExtensions);
+                    if (serverSentEncryptThenMAC && !TlsUtilities.IsBlockCipherSuite(selectedCipherSuite))
+                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                    this.mSecurityParameters.encryptThenMac = serverSentEncryptThenMAC;
+                }
+
+                this.mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(sessionServerExtensions);
+
+                this.mSecurityParameters.maxFragmentLength = ProcessMaxFragmentLengthExtension(sessionClientExtensions,
+                    sessionServerExtensions, AlertDescription.illegal_parameter);
+
+                this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(sessionServerExtensions);
+
+                /*
+                 * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
+                 * a session resumption handshake.
+                 */
+                this.mAllowCertificateStatus = !this.mResumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.status_request,
+                        AlertDescription.illegal_parameter);
+
+                this.mExpectSessionTicket = !this.mResumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.session_ticket,
+                        AlertDescription.illegal_parameter);
+            }
+
+            /*
+             * TODO[session-hash]
+             * 
+             * draft-ietf-tls-session-hash-04 4. Clients and servers SHOULD NOT accept handshakes
+             * that do not use the extended master secret [..]. (and see 5.2, 5.3)
+             */
+
+            if (sessionClientExtensions != null)
+            {
+                this.mTlsClient.ProcessServerExtensions(sessionServerExtensions);
+            }
+
+            this.mSecurityParameters.prfAlgorithm = GetPrfAlgorithm(Context, this.mSecurityParameters.CipherSuite);
+
+            /*
+             * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify
+             * verify_data_length has a verify_data_length equal to 12. This includes all
+             * existing cipher suites.
+             */
+            this.mSecurityParameters.verifyDataLength = 12;
+        }
+
+        protected virtual void SendCertificateVerifyMessage(DigitallySigned certificateVerify)
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_verify);
+
+            certificateVerify.Encode(message);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendClientHelloMessage()
+        {
+            this.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion);
+
+            ProtocolVersion client_version = this.mTlsClient.ClientVersion;
+            if (client_version.IsDtls)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ContextAdmin.SetClientVersion(client_version);
+
+            /*
+             * TODO RFC 5077 3.4. When presenting a ticket, the client MAY generate and include a
+             * Session ID in the TLS ClientHello.
+             */
+            byte[] session_id = TlsUtilities.EmptyBytes;
+            if (this.mTlsSession != null)
+            {
+                session_id = this.mTlsSession.SessionID;
+                if (session_id == null || session_id.Length > 32)
+                {
+                    session_id = TlsUtilities.EmptyBytes;
+                }
+            }
+
+            bool fallback = this.mTlsClient.IsFallback;
+
+            this.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites();
+
+            this.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods();
+
+            if (session_id.Length > 0 && this.mSessionParameters != null)
+            {
+                if (!Arrays.Contains(this.mOfferedCipherSuites, mSessionParameters.CipherSuite)
+                    || !Arrays.Contains(this.mOfferedCompressionMethods, mSessionParameters.CompressionAlgorithm))
+                {
+                    session_id = TlsUtilities.EmptyBytes;
+                }
+            }
+
+            this.mClientExtensions = this.mTlsClient.GetClientExtensions();
+
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.client_hello);
+
+            TlsUtilities.WriteVersion(client_version, message);
+
+            message.Write(this.mSecurityParameters.ClientRandom);
+
+            TlsUtilities.WriteOpaque8(session_id, message);
+
+            // Cipher Suites (and SCSV)
+            {
+                /*
+                 * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
+                 * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
+                 * ClientHello. Including both is NOT RECOMMENDED.
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(mClientExtensions, ExtensionType.renegotiation_info);
+                bool noRenegExt = (null == renegExtData);
+
+                bool noRenegScsv = !Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+
+                if (noRenegExt && noRenegScsv)
+                {
+                    // TODO Consider whether to default to a client extension instead
+    //                this.mClientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mClientExtensions);
+    //                this.mClientExtensions[ExtensionType.renegotiation_info] = CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
+                    this.mOfferedCipherSuites = Arrays.Append(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
+                }
+
+                /*
+                 * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value
+                 * than the latest (highest-valued) version supported by the client, it SHOULD include
+                 * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The
+                 * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends
+                 * to negotiate.)
+                 */
+                if (fallback && !Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV))
+                {
+                    this.mOfferedCipherSuites = Arrays.Append(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV);
+                }
+
+                TlsUtilities.WriteUint16ArrayWithUint16Length(mOfferedCipherSuites, message);
+            }
+
+            TlsUtilities.WriteUint8ArrayWithUint8Length(mOfferedCompressionMethods, message);
+
+            if (mClientExtensions != null)
+            {
+                WriteExtensions(message, mClientExtensions);
+            }
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendClientKeyExchangeMessage()
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.client_key_exchange);
+
+            this.mKeyExchange.GenerateClientKeyExchange(message);
+
+            message.WriteToRecordStream(this);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsCompression.cs b/bc-sharp-crypto/src/crypto/tls/TlsCompression.cs
new file mode 100644
index 0000000..177d64b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsCompression.cs
@@ -0,0 +1,12 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+	public interface TlsCompression
+	{
+		Stream Compress(Stream output);
+
+		Stream Decompress(Stream output);
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsContext.cs b/bc-sharp-crypto/src/crypto/tls/TlsContext.cs
new file mode 100644
index 0000000..d066723
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsContext.cs
@@ -0,0 +1,45 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsContext
+    {
+        IRandomGenerator NonceRandomGenerator { get; }
+
+        SecureRandom SecureRandom { get; }
+
+        SecurityParameters SecurityParameters { get; }
+
+        bool IsServer { get; }
+
+        ProtocolVersion ClientVersion { get; }
+
+        ProtocolVersion ServerVersion { get; }
+
+        /**
+         * Used to get the resumable session, if any, used by this connection. Only available after the
+         * handshake has successfully completed.
+         * 
+         * @return A {@link TlsSession} representing the resumable session used by this connection, or
+         *         null if no resumable session available.
+         * @see TlsPeer#NotifyHandshakeComplete()
+         */
+        TlsSession ResumableSession { get; }
+
+        object UserObject { get; set; }
+
+        /**
+         * Export keying material according to RFC 5705: "Keying Material Exporters for TLS".
+         *
+         * @param asciiLabel    indicates which application will use the exported keys.
+         * @param context_value allows the application using the exporter to mix its own data with the TLS PRF for
+         *                      the exporter output.
+         * @param length        the number of bytes to generate
+         * @return a pseudorandom bit string of 'length' bytes generated from the master_secret.
+         */
+        byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsCredentials.cs b/bc-sharp-crypto/src/crypto/tls/TlsCredentials.cs
new file mode 100644
index 0000000..5c5f1c0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsCredentials.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+	public interface TlsCredentials
+	{
+		Certificate Certificate { get; }
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDHKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsDHKeyExchange.cs
new file mode 100644
index 0000000..d179068
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDHKeyExchange.cs
@@ -0,0 +1,259 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS DH key exchange.</summary>
+    public class TlsDHKeyExchange
+        :   AbstractTlsKeyExchange
+    {
+        protected TlsSigner mTlsSigner;
+        protected DHParameters mDHParameters;
+
+        protected AsymmetricKeyParameter mServerPublicKey;
+        protected TlsAgreementCredentials mAgreementCredentials;
+
+        protected DHPrivateKeyParameters mDHAgreePrivateKey;
+        protected DHPublicKeyParameters mDHAgreePublicKey;
+
+        public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters)
+            :   base(keyExchange, supportedSignatureAlgorithms)
+        {
+            switch (keyExchange)
+            {
+            case KeyExchangeAlgorithm.DH_anon:
+            case KeyExchangeAlgorithm.DH_RSA:
+            case KeyExchangeAlgorithm.DH_DSS:
+                this.mTlsSigner = null;
+                break;
+            case KeyExchangeAlgorithm.DHE_RSA:
+                this.mTlsSigner = new TlsRsaSigner();
+                break;
+            case KeyExchangeAlgorithm.DHE_DSS:
+                this.mTlsSigner = new TlsDssSigner();
+                break;
+            default:
+                throw new InvalidOperationException("unsupported key exchange algorithm");
+            }
+
+            this.mDHParameters = dhParameters;
+        }
+
+        public override void Init(TlsContext context)
+        {
+            base.Init(context);
+
+            if (this.mTlsSigner != null)
+            {
+                this.mTlsSigner.Init(context);
+            }
+        }
+
+        public override void SkipServerCredentials()
+        {
+            if (mKeyExchange != KeyExchangeAlgorithm.DH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            if (serverCertificate.IsEmpty)
+                throw new TlsFatalAlert(AlertDescription.bad_certificate);
+
+            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);
+
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+
+            if (mTlsSigner == null)
+            {
+                try
+                {
+                    this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey);
+                    this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters);
+                }
+                catch (InvalidCastException e)
+                {
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
+                }
+
+                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
+            }
+            else
+            {
+                if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
+                {
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+                }
+
+                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+            }
+
+            base.ProcessServerCertificate(serverCertificate);
+        }
+
+        public override bool RequiresServerKeyExchange
+        {
+            get
+            {
+                switch (mKeyExchange)
+                {
+                case KeyExchangeAlgorithm.DH_anon:
+                case KeyExchangeAlgorithm.DHE_DSS:
+                case KeyExchangeAlgorithm.DHE_RSA:
+                    return true;
+                default:
+                    return false;
+                }
+            }
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            if (!RequiresServerKeyExchange)
+                return null;
+
+            // DH_anon is handled here, DHE_* in a subclass
+
+            MemoryStream buf = new MemoryStream();
+            this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
+                this.mDHParameters, buf);
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            if (!RequiresServerKeyExchange)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            // DH_anon is handled here, DHE_* in a subclass
+
+            ServerDHParams dhParams = ServerDHParams.Parse(input);
+
+            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey);
+            this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters);
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            byte[] types = certificateRequest.CertificateTypes;
+            for (int i = 0; i < types.Length; ++i)
+            {
+                switch (types[i])
+                {
+                case ClientCertificateType.rsa_sign:
+                case ClientCertificateType.dss_sign:
+                case ClientCertificateType.rsa_fixed_dh:
+                case ClientCertificateType.dss_fixed_dh:
+                case ClientCertificateType.ecdsa_sign:
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            if (clientCredentials is TlsAgreementCredentials)
+            {
+                // TODO Validate client cert has matching parameters (see 'areCompatibleParameters')?
+
+                this.mAgreementCredentials = (TlsAgreementCredentials)clientCredentials;
+            }
+            else if (clientCredentials is TlsSignerCredentials)
+            {
+                // OK
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override void GenerateClientKeyExchange(Stream output)
+        {
+            /*
+             * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
+             * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
+             * Exchange message will be sent, but will be empty.
+             */
+            if (mAgreementCredentials == null)
+            {
+                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
+                    mDHParameters, output);
+            }
+        }
+
+        public override void ProcessClientCertificate(Certificate clientCertificate)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            // TODO Extract the public key
+            // TODO If the certificate is 'fixed', take the public key as dhAgreePublicKey
+        }
+
+        public override void ProcessClientKeyExchange(Stream input)
+        {
+            if (mDHAgreePublicKey != null)
+            {
+                // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate
+                return;
+            }
+
+            BigInteger Yc = TlsDHUtilities.ReadDHParameter(input);
+
+            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters));
+        }
+
+        public override byte[] GeneratePremasterSecret()
+        {
+            if (mAgreementCredentials != null)
+            {
+                return mAgreementCredentials.GenerateAgreement(mDHAgreePublicKey);
+            }
+
+            if (mDHAgreePrivateKey != null)
+            {
+                return TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey);
+            }
+
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        protected virtual int MinimumPrimeBits
+        {
+            get { return 1024; }
+        }
+
+        protected virtual DHParameters ValidateDHParameters(DHParameters parameters)
+        {
+            if (parameters.P.BitLength < MinimumPrimeBits)
+                throw new TlsFatalAlert(AlertDescription.insufficient_security);
+
+            return TlsDHUtilities.ValidateDHParameters(parameters);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDHUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsDHUtilities.cs
new file mode 100644
index 0000000..6df61cb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDHUtilities.cs
@@ -0,0 +1,462 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsDHUtilities
+    {
+        internal static readonly BigInteger Two = BigInteger.Two;
+
+        /*
+         * TODO[draft-ietf-tls-negotiated-ff-dhe-01] Move these groups to DHStandardGroups once reaches RFC
+         */
+        private static BigInteger FromHex(String hex)
+        {
+            return new BigInteger(1, Hex.Decode(hex));
+        }
+
+        private static DHParameters FromSafeP(String hexP)
+        {
+            BigInteger p = FromHex(hexP), q = p.ShiftRight(1);
+            return new DHParameters(p, Two, q);
+        }
+
+        private static readonly string draft_ffdhe2432_p =
+              "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
+            + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
+            + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
+            + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
+            + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
+            + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
+            + "AEFE13098533C8B3FFFFFFFFFFFFFFFF";
+        internal static readonly DHParameters draft_ffdhe2432 = FromSafeP(draft_ffdhe2432_p);
+
+        private static readonly string draft_ffdhe3072_p =
+              "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
+            + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
+            + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
+            + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
+            + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
+            + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
+            + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
+            + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF";
+        internal static readonly DHParameters draft_ffdhe3072 = FromSafeP(draft_ffdhe3072_p);
+
+        private static readonly string draft_ffdhe4096_p =
+              "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
+            + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
+            + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
+            + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
+            + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
+            + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
+            + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
+            + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
+            + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
+            + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
+            + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A"
+            + "FFFFFFFFFFFFFFFF";
+        internal static readonly DHParameters draft_ffdhe4096 = FromSafeP(draft_ffdhe4096_p);
+
+        private static readonly string draft_ffdhe6144_p =
+              "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
+            + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
+            + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
+            + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
+            + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
+            + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
+            + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
+            + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
+            + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
+            + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
+            + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
+            + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6"
+            + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
+            + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477"
+            + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
+            + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4"
+            + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
+            + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C"
+            + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
+            + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04"
+            + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
+            + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF";
+        internal static readonly DHParameters draft_ffdhe6144 = FromSafeP(draft_ffdhe6144_p);
+
+        private static readonly string draft_ffdhe8192_p =
+              "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
+            + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
+            + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
+            + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
+            + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
+            + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
+            + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
+            + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
+            + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
+            + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
+            + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
+            + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
+            + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
+            + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
+            + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
+            + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
+            + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
+            + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
+            + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
+            + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
+            + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
+            + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6"
+            + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
+            + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477"
+            + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
+            + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4"
+            + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
+            + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C"
+            + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
+            + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04"
+            + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
+            + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838"
+            + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E"
+            + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665"
+            + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282"
+            + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022"
+            + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C"
+            + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9"
+            + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457"
+            + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30"
+            + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D"
+            + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C"
+            + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF";
+        internal static readonly DHParameters draft_ffdhe8192 = FromSafeP(draft_ffdhe8192_p);
+
+    
+        public static void AddNegotiatedDheGroupsClientExtension(IDictionary extensions, byte[] dheGroups)
+        {
+            extensions[ExtensionType.negotiated_ff_dhe_groups] = CreateNegotiatedDheGroupsClientExtension(dheGroups);
+        }
+
+        public static void AddNegotiatedDheGroupsServerExtension(IDictionary extensions, byte dheGroup)
+        {
+            extensions[ExtensionType.negotiated_ff_dhe_groups] = CreateNegotiatedDheGroupsServerExtension(dheGroup);
+        }
+
+        public static byte[] GetNegotiatedDheGroupsClientExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups);
+            return extensionData == null ? null : ReadNegotiatedDheGroupsClientExtension(extensionData);
+        }
+
+        public static short GetNegotiatedDheGroupsServerExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups);
+            return extensionData == null ? (short)-1 : (short)ReadNegotiatedDheGroupsServerExtension(extensionData);
+        }
+
+        public static byte[] CreateNegotiatedDheGroupsClientExtension(byte[] dheGroups)
+        {
+            if (dheGroups == null || dheGroups.Length < 1 || dheGroups.Length > 255)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return TlsUtilities.EncodeUint8ArrayWithUint8Length(dheGroups);
+        }
+
+        public static byte[] CreateNegotiatedDheGroupsServerExtension(byte dheGroup)
+        {
+            return TlsUtilities.EncodeUint8(dheGroup);
+        }
+
+        public static byte[] ReadNegotiatedDheGroupsClientExtension(byte[] extensionData)
+        {
+            byte[] dheGroups = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData);
+            if (dheGroups.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return dheGroups;
+        }
+
+        public static byte ReadNegotiatedDheGroupsServerExtension(byte[] extensionData)
+        {
+            return TlsUtilities.DecodeUint8(extensionData);
+        }
+
+        public static DHParameters GetParametersForDHEGroup(short dheGroup)
+        {
+            switch (dheGroup)
+            {
+            case FiniteFieldDheGroup.ffdhe2432:
+                return draft_ffdhe2432;
+            case FiniteFieldDheGroup.ffdhe3072:
+                return draft_ffdhe3072;
+            case FiniteFieldDheGroup.ffdhe4096:
+                return draft_ffdhe4096;
+            case FiniteFieldDheGroup.ffdhe6144:
+                return draft_ffdhe6144;
+            case FiniteFieldDheGroup.ffdhe8192:
+                return draft_ffdhe8192;
+            default:
+                return null;
+            }
+        }
+
+        public static bool ContainsDheCipherSuites(int[] cipherSuites)
+        {
+            for (int i = 0; i < cipherSuites.Length; ++i)
+            {
+                if (IsDheCipherSuite(cipherSuites[i]))
+                    return true;
+            }
+            return false;
+        }
+
+        public static bool IsDheCipherSuite(int cipherSuite)
+        {
+            switch (cipherSuite)
+            {
+            /*
+             * RFC 2246
+             */
+            case CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_DES_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+
+            /*
+             * RFC 3268
+             */
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+
+            /*
+             * RFC 5932
+             */
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+
+            /*
+             * RFC 4162
+             */
+            case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
+
+            /*
+             * RFC 4279
+             */
+            case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
+
+            /*
+             * RFC 4785
+             */
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
+
+            /*
+             * RFC 5246
+             */
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+
+            /*
+             * RFC 5288
+             */
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+
+            /*
+             * RFC 5487
+             */
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
+
+            /*
+             * RFC 6367
+             */
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+
+            /*
+             * RFC 6655
+             */
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+
+            /*
+             * draft-ietf-tls-chacha20-poly1305-04
+             */
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+
+            /*
+             * draft-zauner-tls-aes-ocb-04
+             */
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+
+                return true;
+
+            default:
+                return false;
+            }
+        }
+
+        public static bool AreCompatibleParameters(DHParameters a, DHParameters b)
+        {
+            return a.P.Equals(b.P) && a.G.Equals(b.G)
+                && (a.Q == null || b.Q == null || a.Q.Equals(b.Q));
+        }
+
+        public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey,
+            DHPrivateKeyParameters privateKey)
+        {
+            DHBasicAgreement basicAgreement = new DHBasicAgreement();
+            basicAgreement.Init(privateKey);
+            BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);
+
+            /*
+             * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
+             * used as the pre_master_secret.
+             */
+            return BigIntegers.AsUnsignedByteArray(agreementValue);
+        }
+
+        public static AsymmetricCipherKeyPair GenerateDHKeyPair(SecureRandom random, DHParameters dhParams)
+        {
+            DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
+            dhGen.Init(new DHKeyGenerationParameters(random, dhParams));
+            return dhGen.GenerateKeyPair();
+        }
+
+        public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random,
+            DHParameters dhParams, Stream output)
+        {
+            AsymmetricCipherKeyPair kp = GenerateDHKeyPair(random, dhParams);
+
+            DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.Public;
+            WriteDHParameter(dhPublic.Y, output);
+
+            return (DHPrivateKeyParameters)kp.Private;
+        }
+
+        public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random,
+            DHParameters dhParams, Stream output)
+        {
+            AsymmetricCipherKeyPair kp = GenerateDHKeyPair(random, dhParams);
+
+            DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.Public;
+            new ServerDHParams(dhPublic).Encode(output);
+
+            return (DHPrivateKeyParameters)kp.Private;
+        }
+
+        public static DHParameters ValidateDHParameters(DHParameters parameters)
+        {
+            BigInteger p = parameters.P;
+            BigInteger g = parameters.G;
+
+            if (!p.IsProbablePrime(2))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            if (g.CompareTo(Two) < 0 || g.CompareTo(p.Subtract(Two)) > 0)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+
+            return parameters;
+        }
+
+        public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key)
+        {
+            DHParameters parameters = ValidateDHParameters(key.Parameters);
+
+            BigInteger Y = key.Y;
+            if (Y.CompareTo(Two) < 0 || Y.CompareTo(parameters.P.Subtract(Two)) > 0)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            // TODO See RFC 2631 for more discussion of Diffie-Hellman validation
+
+            return key;
+        }
+
+        public static BigInteger ReadDHParameter(Stream input)
+        {
+            return new BigInteger(1, TlsUtilities.ReadOpaque16(input));
+        }
+
+        public static void WriteDHParameter(BigInteger x, Stream output)
+        {
+            TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDeflateCompression.cs b/bc-sharp-crypto/src/crypto/tls/TlsDeflateCompression.cs
new file mode 100644
index 0000000..9e11529
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDeflateCompression.cs
@@ -0,0 +1,68 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsDeflateCompression : TlsCompression
+    {
+        public const int LEVEL_NONE = JZlib.Z_NO_COMPRESSION;
+        public const int LEVEL_FASTEST = JZlib.Z_BEST_SPEED;
+        public const int LEVEL_SMALLEST = JZlib.Z_BEST_COMPRESSION;
+        public const int LEVEL_DEFAULT = JZlib.Z_DEFAULT_COMPRESSION;
+
+        protected readonly ZStream zIn, zOut;
+
+        public TlsDeflateCompression()
+            : this(LEVEL_DEFAULT)
+        {
+        }
+
+        public TlsDeflateCompression(int level)
+        {
+            this.zIn = new ZStream();
+            this.zIn.inflateInit();
+
+            this.zOut = new ZStream();
+            this.zOut.deflateInit(level);
+        }
+
+        public virtual Stream Compress(Stream output)
+        {
+            return new DeflateOutputStream(output, zOut, true);
+        }
+
+        public virtual Stream Decompress(Stream output)
+        {
+            return new DeflateOutputStream(output, zIn, false);
+        }
+
+        protected class DeflateOutputStream : ZOutputStream
+        {
+            public DeflateOutputStream(Stream output, ZStream z, bool compress)
+                : base(output, z)
+            {
+                this.compress = compress;
+
+                /*
+                 * See discussion at http://www.bolet.org/~pornin/deflate-flush.html .
+                 */
+                this.FlushMode = JZlib.Z_SYNC_FLUSH;
+            }
+
+            public override void Flush()
+            {
+                /*
+                 * TODO The inflateSyncPoint doesn't appear to work the way I hoped at the moment.
+                 * In any case, we may like to accept PARTIAL_FLUSH input, not just SYNC_FLUSH.
+                 * It's not clear how to check this in the Inflater.
+                 */
+                //if (!this.compress && (z == null || z.istate == null || z.istate.inflateSyncPoint(z) <= 0))
+                //{
+                //    throw new TlsFatalAlert(AlertDescription.decompression_failure);
+                //}
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDheKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsDheKeyExchange.cs
new file mode 100644
index 0000000..cdd6292
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDheKeyExchange.cs
@@ -0,0 +1,94 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsDheKeyExchange
+        :   TlsDHKeyExchange
+    {
+        protected TlsSignerCredentials mServerCredentials = null;
+
+        public TlsDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters)
+            :   base(keyExchange, supportedSignatureAlgorithms, dhParameters)
+        {
+        }
+
+        public override void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            if (!(serverCredentials is TlsSignerCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ProcessServerCertificate(serverCredentials.Certificate);
+
+            this.mServerCredentials = (TlsSignerCredentials)serverCredentials;
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            if (this.mDHParameters == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            DigestInputBuffer buf = new DigestInputBuffer();
+
+            this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
+                this.mDHParameters, buf);
+
+            /*
+             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
+             */
+            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
+                mContext, mServerCredentials);
+
+            IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
+
+            SecurityParameters securityParameters = mContext.SecurityParameters;
+            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+            buf.UpdateDigest(d);
+
+            byte[] hash = DigestUtilities.DoFinal(d);
+
+            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
+
+            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
+            signed_params.Encode(buf);
+
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            SecurityParameters securityParameters = mContext.SecurityParameters;
+
+            SignerInputBuffer buf = new SignerInputBuffer();
+            Stream teeIn = new TeeInputStream(input, buf);
+
+            ServerDHParams dhParams = ServerDHParams.Parse(teeIn);
+
+            DigitallySigned signed_params = ParseSignature(input);
+
+            ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
+            buf.UpdateSigner(signer);
+            if (!signer.VerifySignature(signed_params.Signature))
+                throw new TlsFatalAlert(AlertDescription.decrypt_error);
+
+            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey);
+            this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters);
+        }
+
+        protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm,
+            SecurityParameters securityParameters)
+        {
+            ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey);
+            signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+            signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+            return signer;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDsaSigner.cs b/bc-sharp-crypto/src/crypto/tls/TlsDsaSigner.cs
new file mode 100644
index 0000000..f0c1e94
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDsaSigner.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsDsaSigner
+        :	AbstractTlsSigner
+    {
+        public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm,
+            AsymmetricKeyParameter privateKey, byte[] hash)
+        {
+            ISigner signer = MakeSigner(algorithm, true, true,
+                new ParametersWithRandom(privateKey, this.mContext.SecureRandom));
+            if (algorithm == null)
+            {
+                // Note: Only use the SHA1 part of the (MD5/SHA1) hash
+                signer.BlockUpdate(hash, 16, 20);
+            }
+            else
+            {
+                signer.BlockUpdate(hash, 0, hash.Length);
+            }
+            return signer.GenerateSignature();
+        }
+
+        public override bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
+            AsymmetricKeyParameter publicKey, byte[] hash)
+        {
+            ISigner signer = MakeSigner(algorithm, true, false, publicKey);
+            if (algorithm == null)
+            {
+                // Note: Only use the SHA1 part of the (MD5/SHA1) hash
+                signer.BlockUpdate(hash, 16, 20);
+            }
+            else
+            {
+                signer.BlockUpdate(hash, 0, hash.Length);
+            }
+            return signer.VerifySignature(sigBytes);
+        }
+
+        public override ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey)
+        {
+            return MakeSigner(algorithm, false, true, privateKey);
+        }
+
+        public override ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey)
+        {
+            return MakeSigner(algorithm, false, false, publicKey);
+        }
+
+        protected virtual ICipherParameters MakeInitParameters(bool forSigning, ICipherParameters cp)
+        {
+            return cp;
+        }
+
+        protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning,
+            ICipherParameters cp)
+        {
+            if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext))
+                throw new InvalidOperationException();
+
+            if (algorithm != null && algorithm.Signature != SignatureAlgorithm)
+                throw new InvalidOperationException();
+
+            byte hashAlgorithm = algorithm == null ? HashAlgorithm.sha1 : algorithm.Hash;
+            IDigest d = raw ? new NullDigest() : TlsUtilities.CreateHash(hashAlgorithm);
+
+            ISigner s = new DsaDigestSigner(CreateDsaImpl(hashAlgorithm), d);
+            s.Init(forSigning, MakeInitParameters(forSigning, cp));
+            return s;
+        }
+
+        protected abstract byte SignatureAlgorithm { get; }
+
+        protected abstract IDsa CreateDsaImpl(byte hashAlgorithm);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsDssSigner.cs b/bc-sharp-crypto/src/crypto/tls/TlsDssSigner.cs
new file mode 100644
index 0000000..707ef38
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsDssSigner.cs
@@ -0,0 +1,26 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsDssSigner
+        :   TlsDsaSigner
+    {
+        public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey)
+        {
+            return publicKey is DsaPublicKeyParameters;
+        }
+
+        protected override IDsa CreateDsaImpl(byte hashAlgorithm)
+        {
+            return new DsaSigner(new HMacDsaKCalculator(TlsUtilities.CreateHash(hashAlgorithm)));
+        }
+
+        protected override byte SignatureAlgorithm
+        {
+            get { return Tls.SignatureAlgorithm.dsa; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsECDHKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsECDHKeyExchange.cs
new file mode 100644
index 0000000..c508fb9
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsECDHKeyExchange.cs
@@ -0,0 +1,252 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS ECDH key exchange (see RFC 4492).</summary>
+    public class TlsECDHKeyExchange
+        :   AbstractTlsKeyExchange
+    {
+        protected TlsSigner mTlsSigner;
+        protected int[] mNamedCurves;
+        protected byte[] mClientECPointFormats, mServerECPointFormats;
+
+        protected AsymmetricKeyParameter mServerPublicKey;
+        protected TlsAgreementCredentials mAgreementCredentials;
+
+        protected ECPrivateKeyParameters mECAgreePrivateKey;
+        protected ECPublicKeyParameters mECAgreePublicKey;
+
+        public TlsECDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves,
+            byte[] clientECPointFormats, byte[] serverECPointFormats)
+            :   base(keyExchange, supportedSignatureAlgorithms)
+        {
+            switch (keyExchange)
+            {
+            case KeyExchangeAlgorithm.ECDHE_RSA:
+                this.mTlsSigner = new TlsRsaSigner();
+                break;
+            case KeyExchangeAlgorithm.ECDHE_ECDSA:
+                this.mTlsSigner = new TlsECDsaSigner();
+                break;
+            case KeyExchangeAlgorithm.ECDH_anon:
+            case KeyExchangeAlgorithm.ECDH_RSA:
+            case KeyExchangeAlgorithm.ECDH_ECDSA:
+                this.mTlsSigner = null;
+                break;
+            default:
+                throw new InvalidOperationException("unsupported key exchange algorithm");
+            }
+
+            this.mNamedCurves = namedCurves;
+            this.mClientECPointFormats = clientECPointFormats;
+            this.mServerECPointFormats = serverECPointFormats;
+        }
+
+        public override void Init(TlsContext context)
+        {
+            base.Init(context);
+
+            if (this.mTlsSigner != null)
+            {
+                this.mTlsSigner.Init(context);
+            }
+        }
+
+        public override void SkipServerCredentials()
+        {
+            if (mKeyExchange != KeyExchangeAlgorithm.ECDH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            if (serverCertificate.IsEmpty)
+                throw new TlsFatalAlert(AlertDescription.bad_certificate);
+
+            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);
+
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+
+            if (mTlsSigner == null)
+            {
+                try
+                {
+                    this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey((ECPublicKeyParameters) this.mServerPublicKey);
+                }
+                catch (InvalidCastException e)
+                {
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
+                }
+
+                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
+            }
+            else
+            {
+                if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+
+                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+            }
+
+            base.ProcessServerCertificate(serverCertificate);
+        }
+
+        public override bool RequiresServerKeyExchange
+        {
+            get
+            {
+                switch (mKeyExchange)
+                {
+                case KeyExchangeAlgorithm.ECDH_anon:
+                case KeyExchangeAlgorithm.ECDHE_ECDSA:
+                case KeyExchangeAlgorithm.ECDHE_RSA:
+                    return true;
+                default:
+                    return false;
+                }
+            }
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            if (!RequiresServerKeyExchange)
+                return null;
+
+            // ECDH_anon is handled here, ECDHE_* in a subclass
+
+            MemoryStream buf = new MemoryStream();
+            this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
+                mClientECPointFormats, buf);
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            if (!RequiresServerKeyExchange)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            // ECDH_anon is handled here, ECDHE_* in a subclass
+
+            ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input);
+
+            byte[] point = TlsUtilities.ReadOpaque8(input);
+
+            this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
+                mClientECPointFormats, curve_params, point));
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            /*
+             * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with
+             * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because
+             * the use of a long-term ECDH client key would jeopardize the forward secrecy property of
+             * these algorithms.
+             */
+            byte[] types = certificateRequest.CertificateTypes;
+            for (int i = 0; i < types.Length; ++i)
+            {
+                switch (types[i])
+                {
+                case ClientCertificateType.rsa_sign:
+                case ClientCertificateType.dss_sign:
+                case ClientCertificateType.ecdsa_sign:
+                case ClientCertificateType.rsa_fixed_ecdh:
+                case ClientCertificateType.ecdsa_fixed_ecdh:
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            if (clientCredentials is TlsAgreementCredentials)
+            {
+                // TODO Validate client cert has matching parameters (see 'TlsEccUtilities.AreOnSameCurve')?
+
+                this.mAgreementCredentials = (TlsAgreementCredentials)clientCredentials;
+            }
+            else if (clientCredentials is TlsSignerCredentials)
+            {
+                // OK
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public override void GenerateClientKeyExchange(Stream output)
+        {
+            if (mAgreementCredentials == null)
+            {
+                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
+                    mServerECPointFormats, mECAgreePublicKey.Parameters, output);
+            }
+        }
+
+        public override void ProcessClientCertificate(Certificate clientCertificate)
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            // TODO Extract the public key
+            // TODO If the certificate is 'fixed', take the public key as mECAgreeClientPublicKey
+        }
+
+        public override void ProcessClientKeyExchange(Stream input)
+        {
+            if (mECAgreePublicKey != null)
+            {
+                // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate
+                return;
+            }
+
+            byte[] point = TlsUtilities.ReadOpaque8(input);
+
+            ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters;
+
+            this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
+                mServerECPointFormats, curve_params, point));
+        }
+
+        public override byte[] GeneratePremasterSecret()
+        {
+            if (mAgreementCredentials != null)
+            {
+                return mAgreementCredentials.GenerateAgreement(mECAgreePublicKey);
+            }
+
+            if (mECAgreePrivateKey != null)
+            {
+                return TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey);
+            }
+
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsECDheKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsECDheKeyExchange.cs
new file mode 100644
index 0000000..e0553b3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsECDheKeyExchange.cs
@@ -0,0 +1,131 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS ECDHE key exchange (see RFC 4492).</summary>
+    public class TlsECDheKeyExchange
+        :   TlsECDHKeyExchange
+    {
+        protected TlsSignerCredentials mServerCredentials = null;
+
+        public TlsECDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves,
+            byte[] clientECPointFormats, byte[] serverECPointFormats)
+            :   base(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats, serverECPointFormats)
+        {
+        }
+
+        public override void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            if (!(serverCredentials is TlsSignerCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ProcessServerCertificate(serverCredentials.Certificate);
+
+            this.mServerCredentials = (TlsSignerCredentials)serverCredentials;
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            DigestInputBuffer buf = new DigestInputBuffer();
+
+            this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
+                mClientECPointFormats, buf);
+
+            /*
+             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
+             */
+            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
+                mContext, mServerCredentials);
+
+            IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
+
+            SecurityParameters securityParameters = mContext.SecurityParameters;
+            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+            buf.UpdateDigest(d);
+
+            byte[] hash = DigestUtilities.DoFinal(d);
+
+            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
+
+            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
+            signed_params.Encode(buf);
+
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            SecurityParameters securityParameters = mContext.SecurityParameters;
+
+            SignerInputBuffer buf = new SignerInputBuffer();
+            Stream teeIn = new TeeInputStream(input, buf);
+
+            ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, teeIn);
+
+            byte[] point = TlsUtilities.ReadOpaque8(teeIn);
+
+            DigitallySigned signed_params = ParseSignature(input);
+
+            ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
+            buf.UpdateSigner(signer);
+            if (!signer.VerifySignature(signed_params.Signature))
+                throw new TlsFatalAlert(AlertDescription.decrypt_error);
+
+            this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
+                mClientECPointFormats, curve_params, point));
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            /*
+             * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with
+             * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because
+             * the use of a long-term ECDH client key would jeopardize the forward secrecy property of
+             * these algorithms.
+             */
+            byte[] types = certificateRequest.CertificateTypes;
+            for (int i = 0; i < types.Length; ++i)
+            {
+                switch (types[i])
+                {
+                case ClientCertificateType.rsa_sign:
+                case ClientCertificateType.dss_sign:
+                case ClientCertificateType.ecdsa_sign:
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            if (clientCredentials is TlsSignerCredentials)
+            {
+                // OK
+            }
+            else
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm,
+            SecurityParameters securityParameters)
+        {
+            ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey);
+            signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+            signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+            return signer;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsECDsaSigner.cs b/bc-sharp-crypto/src/crypto/tls/TlsECDsaSigner.cs
new file mode 100644
index 0000000..fa9d0b7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsECDsaSigner.cs
@@ -0,0 +1,26 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsECDsaSigner
+        :   TlsDsaSigner
+    {
+        public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey)
+        {
+            return publicKey is ECPublicKeyParameters;
+        }
+
+        protected override IDsa CreateDsaImpl(byte hashAlgorithm)
+        {
+            return new ECDsaSigner(new HMacDsaKCalculator(TlsUtilities.CreateHash(hashAlgorithm)));
+        }
+
+        protected override byte SignatureAlgorithm
+        {
+            get { return Tls.SignatureAlgorithm.ecdsa; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsEccUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsEccUtilities.cs
new file mode 100644
index 0000000..fb31e1b
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsEccUtilities.cs
@@ -0,0 +1,705 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.EC;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Math.Field;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsEccUtilities
+    {
+        private static readonly string[] CurveNames = new string[] { "sect163k1", "sect163r1", "sect163r2", "sect193r1",
+            "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1",
+            "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1",
+            "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1",
+            "brainpoolP256r1", "brainpoolP384r1", "brainpoolP512r1"};
+
+        public static void AddSupportedEllipticCurvesExtension(IDictionary extensions, int[] namedCurves)
+        {
+            extensions[ExtensionType.elliptic_curves] = CreateSupportedEllipticCurvesExtension(namedCurves);
+        }
+
+        public static void AddSupportedPointFormatsExtension(IDictionary extensions, byte[] ecPointFormats)
+        {
+            extensions[ExtensionType.ec_point_formats] = CreateSupportedPointFormatsExtension(ecPointFormats);
+        }
+
+        public static int[] GetSupportedEllipticCurvesExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.elliptic_curves);
+            return extensionData == null ? null : ReadSupportedEllipticCurvesExtension(extensionData);
+        }
+
+        public static byte[] GetSupportedPointFormatsExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.ec_point_formats);
+            return extensionData == null ? null : ReadSupportedPointFormatsExtension(extensionData);
+        }
+
+        public static byte[] CreateSupportedEllipticCurvesExtension(int[] namedCurves)
+        {
+            if (namedCurves == null || namedCurves.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return TlsUtilities.EncodeUint16ArrayWithUint16Length(namedCurves);
+        }
+
+        public static byte[] CreateSupportedPointFormatsExtension(byte[] ecPointFormats)
+        {
+            if (ecPointFormats == null || !Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed))
+            {
+                /*
+                 * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST
+                 * contain the value 0 (uncompressed) as one of the items in the list of point formats.
+                 */
+
+                // NOTE: We add it at the end (lowest preference)
+                ecPointFormats = Arrays.Append(ecPointFormats, ECPointFormat.uncompressed);
+            }
+
+            return TlsUtilities.EncodeUint8ArrayWithUint8Length(ecPointFormats);
+        }
+
+        public static int[] ReadSupportedEllipticCurvesExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+
+            int length = TlsUtilities.ReadUint16(buf);
+            if (length < 2 || (length & 1) != 0)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            int[] namedCurves = TlsUtilities.ReadUint16Array(length / 2, buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return namedCurves;
+        }
+
+        public static byte[] ReadSupportedPointFormatsExtension(byte[] extensionData)
+        {
+            byte[] ecPointFormats = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData);
+            if (!Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed))
+            {
+                /*
+                 * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST
+                 * contain the value 0 (uncompressed) as one of the items in the list of point formats.
+                 */
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            return ecPointFormats;
+        }
+
+        public static string GetNameOfNamedCurve(int namedCurve)
+        {
+            return IsSupportedNamedCurve(namedCurve) ? CurveNames[namedCurve - 1] : null;
+        }
+
+        public static ECDomainParameters GetParametersForNamedCurve(int namedCurve)
+        {
+            string curveName = GetNameOfNamedCurve(namedCurve);
+            if (curveName == null)
+                return null;
+
+            // Parameters are lazily created the first time a particular curve is accessed
+
+            X9ECParameters ecP = CustomNamedCurves.GetByName(curveName);
+            if (ecP == null)
+            {
+                ecP = ECNamedCurveTable.GetByName(curveName);
+                if (ecP == null)
+                    return null;
+            }
+
+            // It's a bit inefficient to do this conversion every time
+            return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
+        }
+
+        public static bool HasAnySupportedNamedCurves()
+        {
+            return CurveNames.Length > 0;
+        }
+
+        public static bool ContainsEccCipherSuites(int[] cipherSuites)
+        {
+            for (int i = 0; i < cipherSuites.Length; ++i)
+            {
+                if (IsEccCipherSuite(cipherSuites[i]))
+                    return true;
+            }
+            return false;
+        }
+
+        public static bool IsEccCipherSuite(int cipherSuite)
+        {
+            switch (cipherSuite)
+            {
+            /*
+             * RFC 4492
+             */
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
+
+            /*
+             * RFC 5289
+             */
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+
+            /*
+             * RFC 5489
+             */
+            case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
+
+            /*
+             * RFC 6367
+             */
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+
+            /*
+             * RFC 7251
+             */
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+
+            /*
+             * draft-ietf-tls-chacha20-poly1305-04
+             */
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+
+            /*
+             * draft-zauner-tls-aes-ocb-04
+             */
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+
+                return true;
+
+            default:
+                return false;
+            }
+        }
+
+        public static bool AreOnSameCurve(ECDomainParameters a, ECDomainParameters b)
+        {
+            return a != null && a.Equals(b);
+        }
+
+        public static bool IsSupportedNamedCurve(int namedCurve)
+        {
+            return (namedCurve > 0 && namedCurve <= CurveNames.Length);
+        }
+
+        public static bool IsCompressionPreferred(byte[] ecPointFormats, byte compressionFormat)
+        {
+            if (ecPointFormats == null)
+                return false;
+
+            for (int i = 0; i < ecPointFormats.Length; ++i)
+            {
+                byte ecPointFormat = ecPointFormats[i];
+                if (ecPointFormat == ECPointFormat.uncompressed)
+                    return false;
+                if (ecPointFormat == compressionFormat)
+                    return true;
+            }
+            return false;
+        }
+
+        public static byte[] SerializeECFieldElement(int fieldSize, BigInteger x)
+        {
+            return BigIntegers.AsUnsignedByteArray((fieldSize + 7) / 8, x);
+        }
+
+        public static byte[] SerializeECPoint(byte[] ecPointFormats, ECPoint point)
+        {
+            ECCurve curve = point.Curve;
+
+            /*
+             * RFC 4492 5.7. ...an elliptic curve point in uncompressed or compressed format. Here, the
+             * format MUST conform to what the server has requested through a Supported Point Formats
+             * Extension if this extension was used, and MUST be uncompressed if this extension was not
+             * used.
+             */
+            bool compressed = false;
+            if (ECAlgorithms.IsFpCurve(curve))
+            {
+                compressed = IsCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_prime);
+            }
+            else if (ECAlgorithms.IsF2mCurve(curve))
+            {
+                compressed = IsCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_char2);
+            }
+            return point.GetEncoded(compressed);
+        }
+
+        public static byte[] SerializeECPublicKey(byte[] ecPointFormats, ECPublicKeyParameters keyParameters)
+        {
+            return SerializeECPoint(ecPointFormats, keyParameters.Q);
+        }
+
+        public static BigInteger DeserializeECFieldElement(int fieldSize, byte[] encoding)
+        {
+            int requiredLength = (fieldSize + 7) / 8;
+            if (encoding.Length != requiredLength)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return new BigInteger(1, encoding);
+        }
+
+        public static ECPoint DeserializeECPoint(byte[] ecPointFormats, ECCurve curve, byte[] encoding)
+        {
+            if (encoding == null || encoding.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            byte actualFormat;
+            switch (encoding[0])
+            {
+            case 0x02: // compressed
+            case 0x03: // compressed
+            {
+                if (ECAlgorithms.IsF2mCurve(curve))
+                {
+                    actualFormat = ECPointFormat.ansiX962_compressed_char2;
+                }
+                else if (ECAlgorithms.IsFpCurve(curve))
+                {
+                    actualFormat = ECPointFormat.ansiX962_compressed_prime;
+                }
+                else
+                {
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+                break;
+            }
+            case 0x04: // uncompressed
+            {
+                actualFormat = ECPointFormat.uncompressed;
+                break;
+            }
+            case 0x00: // infinity
+            case 0x06: // hybrid
+            case 0x07: // hybrid
+            default:
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            if (actualFormat != ECPointFormat.uncompressed
+                && (ecPointFormats == null || !Arrays.Contains(ecPointFormats, actualFormat)))
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            return curve.DecodePoint(encoding);
+        }
+
+        public static ECPublicKeyParameters DeserializeECPublicKey(byte[] ecPointFormats, ECDomainParameters curve_params,
+            byte[] encoding)
+        {
+            try
+            {
+                ECPoint Y = DeserializeECPoint(ecPointFormats, curve_params.Curve, encoding);
+                return new ECPublicKeyParameters(Y, curve_params);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
+            }
+        }
+
+        public static byte[] CalculateECDHBasicAgreement(ECPublicKeyParameters publicKey, ECPrivateKeyParameters privateKey)
+        {
+            ECDHBasicAgreement basicAgreement = new ECDHBasicAgreement();
+            basicAgreement.Init(privateKey);
+            BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey);
+
+            /*
+             * RFC 4492 5.10. Note that this octet string (Z in IEEE 1363 terminology) as output by
+             * FE2OSP, the Field Element to Octet String Conversion Primitive, has constant length for
+             * any given field; leading zeros found in this octet string MUST NOT be truncated.
+             */
+            return BigIntegers.AsUnsignedByteArray(basicAgreement.GetFieldSize(), agreementValue);
+        }
+
+        public static AsymmetricCipherKeyPair GenerateECKeyPair(SecureRandom random, ECDomainParameters ecParams)
+        {
+            ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
+            keyPairGenerator.Init(new ECKeyGenerationParameters(ecParams, random));
+            return keyPairGenerator.GenerateKeyPair();
+        }
+
+        public static ECPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, byte[] ecPointFormats,
+            ECDomainParameters ecParams, Stream output)
+        {
+            AsymmetricCipherKeyPair kp = GenerateECKeyPair(random, ecParams);
+
+            ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;
+            WriteECPoint(ecPointFormats, ecPublicKey.Q, output);
+
+            return (ECPrivateKeyParameters)kp.Private;
+        }
+
+        // TODO Refactor around ServerECDHParams before making this public
+        internal static ECPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, int[] namedCurves,
+            byte[] ecPointFormats, Stream output)
+        {
+            /* First we try to find a supported named curve from the client's list. */
+            int namedCurve = -1;
+            if (namedCurves == null)
+            {
+                // TODO Let the peer choose the default named curve
+                namedCurve = NamedCurve.secp256r1;
+            }
+            else
+            {
+                for (int i = 0; i < namedCurves.Length; ++i)
+                {
+                    int entry = namedCurves[i];
+                    if (NamedCurve.IsValid(entry) && IsSupportedNamedCurve(entry))
+                    {
+                        namedCurve = entry;
+                        break;
+                    }
+                }
+            }
+
+            ECDomainParameters ecParams = null;
+            if (namedCurve >= 0)
+            {
+                ecParams = GetParametersForNamedCurve(namedCurve);
+            }
+            else
+            {
+                /* If no named curves are suitable, check if the client supports explicit curves. */
+                if (Arrays.Contains(namedCurves, NamedCurve.arbitrary_explicit_prime_curves))
+                {
+                    ecParams = GetParametersForNamedCurve(NamedCurve.secp256r1);
+                }
+                else if (Arrays.Contains(namedCurves, NamedCurve.arbitrary_explicit_char2_curves))
+                {
+                    ecParams = GetParametersForNamedCurve(NamedCurve.sect283r1);
+                }
+            }
+
+            if (ecParams == null)
+            {
+                /*
+                 * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
+                 * a suitable curve.
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            if (namedCurve < 0)
+            {
+                WriteExplicitECParameters(ecPointFormats, ecParams, output);
+            }
+            else
+            {
+                WriteNamedECParameters(namedCurve, output);
+            }
+
+            return GenerateEphemeralClientKeyExchange(random, ecPointFormats, ecParams, output);
+        }
+
+        public static ECPublicKeyParameters ValidateECPublicKey(ECPublicKeyParameters key)
+        {
+            // TODO Check RFC 4492 for validation
+            return key;
+        }
+
+        public static int ReadECExponent(int fieldSize, Stream input)
+        {
+            BigInteger K = ReadECParameter(input);
+            if (K.BitLength < 32)
+            {
+                int k = K.IntValue;
+                if (k > 0 && k < fieldSize)
+                {
+                    return k;
+                }
+            }
+            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+        }
+
+        public static BigInteger ReadECFieldElement(int fieldSize, Stream input)
+        {
+            return DeserializeECFieldElement(fieldSize, TlsUtilities.ReadOpaque8(input));
+        }
+
+        public static BigInteger ReadECParameter(Stream input)
+        {
+            // TODO Are leading zeroes okay here?
+            return new BigInteger(1, TlsUtilities.ReadOpaque8(input));
+        }
+
+        public static ECDomainParameters ReadECParameters(int[] namedCurves, byte[] ecPointFormats, Stream input)
+        {
+            try
+            {
+                byte curveType = TlsUtilities.ReadUint8(input);
+
+                switch (curveType)
+                {
+                case ECCurveType.explicit_prime:
+                {
+                    CheckNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_prime_curves);
+
+                    BigInteger prime_p = ReadECParameter(input);
+                    BigInteger a = ReadECFieldElement(prime_p.BitLength, input);
+                    BigInteger b = ReadECFieldElement(prime_p.BitLength, input);
+                    byte[] baseEncoding = TlsUtilities.ReadOpaque8(input);
+                    BigInteger order = ReadECParameter(input);
+                    BigInteger cofactor = ReadECParameter(input);
+                    ECCurve curve = new FpCurve(prime_p, a, b, order, cofactor);
+                    ECPoint basePoint = DeserializeECPoint(ecPointFormats, curve, baseEncoding);
+                    return new ECDomainParameters(curve, basePoint, order, cofactor);
+                }
+                case ECCurveType.explicit_char2:
+                {
+                    CheckNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_char2_curves);
+
+                    int m = TlsUtilities.ReadUint16(input);
+                    byte basis = TlsUtilities.ReadUint8(input);
+                    if (!ECBasisType.IsValid(basis))
+                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                    int k1 = ReadECExponent(m, input), k2 = -1, k3 = -1;
+                    if (basis == ECBasisType.ec_basis_pentanomial)
+                    {
+                        k2 = ReadECExponent(m, input);
+                        k3 = ReadECExponent(m, input);
+                    }
+
+                    BigInteger a = ReadECFieldElement(m, input);
+                    BigInteger b = ReadECFieldElement(m, input);
+                    byte[] baseEncoding = TlsUtilities.ReadOpaque8(input);
+                    BigInteger order = ReadECParameter(input);
+                    BigInteger cofactor = ReadECParameter(input);
+
+                    ECCurve curve = (basis == ECBasisType.ec_basis_pentanomial)
+                        ? new F2mCurve(m, k1, k2, k3, a, b, order, cofactor)
+                        : new F2mCurve(m, k1, a, b, order, cofactor);
+
+                    ECPoint basePoint = DeserializeECPoint(ecPointFormats, curve, baseEncoding);
+
+                    return new ECDomainParameters(curve, basePoint, order, cofactor);
+                }
+                case ECCurveType.named_curve:
+                {
+                    int namedCurve = TlsUtilities.ReadUint16(input);
+                    if (!NamedCurve.RefersToASpecificNamedCurve(namedCurve))
+                    {
+                        /*
+                         * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a
+                         * specific curve. Values of NamedCurve that indicate support for a class of
+                         * explicitly defined curves are not allowed here [...].
+                         */
+                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                    }
+
+                    CheckNamedCurve(namedCurves, namedCurve);
+
+                    return GetParametersForNamedCurve(namedCurve);
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
+            }
+        }
+
+        private static void CheckNamedCurve(int[] namedCurves, int namedCurve)
+        {
+            if (namedCurves != null && !Arrays.Contains(namedCurves, namedCurve))
+            {
+                /*
+                 * RFC 4492 4. [...] servers MUST NOT negotiate the use of an ECC cipher suite
+                 * unless they can complete the handshake while respecting the choice of curves
+                 * and compression techniques specified by the client.
+                 */
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+        }
+
+        public static void WriteECExponent(int k, Stream output)
+        {
+            BigInteger K = BigInteger.ValueOf(k);
+            WriteECParameter(K, output);
+        }
+
+        public static void WriteECFieldElement(ECFieldElement x, Stream output)
+        {
+            TlsUtilities.WriteOpaque8(x.GetEncoded(), output);
+        }
+
+        public static void WriteECFieldElement(int fieldSize, BigInteger x, Stream output)
+        {
+            TlsUtilities.WriteOpaque8(SerializeECFieldElement(fieldSize, x), output);
+        }
+
+        public static void WriteECParameter(BigInteger x, Stream output)
+        {
+            TlsUtilities.WriteOpaque8(BigIntegers.AsUnsignedByteArray(x), output);
+        }
+
+        public static void WriteExplicitECParameters(byte[] ecPointFormats, ECDomainParameters ecParameters,
+            Stream output)
+        {
+            ECCurve curve = ecParameters.Curve;
+
+            if (ECAlgorithms.IsFpCurve(curve))
+            {
+                TlsUtilities.WriteUint8(ECCurveType.explicit_prime, output);
+
+                WriteECParameter(curve.Field.Characteristic, output);
+            }
+            else if (ECAlgorithms.IsF2mCurve(curve))
+            {
+                IPolynomialExtensionField field = (IPolynomialExtensionField)curve.Field;
+                int[] exponents = field.MinimalPolynomial.GetExponentsPresent();
+
+                TlsUtilities.WriteUint8(ECCurveType.explicit_char2, output);
+
+                int m = exponents[exponents.Length - 1];
+                TlsUtilities.CheckUint16(m);
+                TlsUtilities.WriteUint16(m, output);
+
+                if (exponents.Length == 3)
+                {
+                    TlsUtilities.WriteUint8(ECBasisType.ec_basis_trinomial, output);
+                    WriteECExponent(exponents[1], output);
+                }
+                else if (exponents.Length == 5)
+                {
+                    TlsUtilities.WriteUint8(ECBasisType.ec_basis_pentanomial, output);
+                    WriteECExponent(exponents[1], output);
+                    WriteECExponent(exponents[2], output);
+                    WriteECExponent(exponents[3], output);
+                }
+                else
+                {
+                    throw new ArgumentException("Only trinomial and pentomial curves are supported");
+                }
+            }
+            else
+            {
+                throw new ArgumentException("'ecParameters' not a known curve type");
+            }
+
+            WriteECFieldElement(curve.A, output);
+            WriteECFieldElement(curve.B, output);
+            TlsUtilities.WriteOpaque8(SerializeECPoint(ecPointFormats, ecParameters.G), output);
+            WriteECParameter(ecParameters.N, output);
+            WriteECParameter(ecParameters.H, output);
+        }
+
+        public static void WriteECPoint(byte[] ecPointFormats, ECPoint point, Stream output)
+        {
+            TlsUtilities.WriteOpaque8(SerializeECPoint(ecPointFormats, point), output);
+        }
+
+        public static void WriteNamedECParameters(int namedCurve, Stream output)
+        {
+            if (!NamedCurve.RefersToASpecificNamedCurve(namedCurve))
+            {
+                /*
+                 * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a specific
+                 * curve. Values of NamedCurve that indicate support for a class of explicitly defined
+                 * curves are not allowed here [...].
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            TlsUtilities.WriteUint8(ECCurveType.named_curve, output);
+            TlsUtilities.CheckUint16(namedCurve);
+            TlsUtilities.WriteUint16(namedCurve, output);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsEncryptionCredentials.cs b/bc-sharp-crypto/src/crypto/tls/TlsEncryptionCredentials.cs
new file mode 100644
index 0000000..52f0070
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsEncryptionCredentials.cs
@@ -0,0 +1,12 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsEncryptionCredentials
+        :   TlsCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsException.cs b/bc-sharp-crypto/src/crypto/tls/TlsException.cs
new file mode 100644
index 0000000..cea9e3e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsException.cs
@@ -0,0 +1,14 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsException
+        : IOException
+    {
+        public TlsException(string message, Exception cause)
+            : base(message, cause)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsExtensionsUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsExtensionsUtilities.cs
new file mode 100644
index 0000000..4b3d9e0
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsExtensionsUtilities.cs
@@ -0,0 +1,368 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsExtensionsUtilities
+    {
+        public static IDictionary EnsureExtensionsInitialised(IDictionary extensions)
+        {
+            return extensions == null ? Platform.CreateHashtable() : extensions;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddClientCertificateTypeExtensionClient(IDictionary extensions, byte[] certificateTypes)
+        {
+            extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddClientCertificateTypeExtensionServer(IDictionary extensions, byte certificateType)
+        {
+            extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionServer(certificateType);
+        }
+
+        public static void AddEncryptThenMacExtension(IDictionary extensions)
+        {
+            extensions[ExtensionType.encrypt_then_mac] = CreateEncryptThenMacExtension();
+        }
+
+        public static void AddExtendedMasterSecretExtension(IDictionary extensions)
+        {
+            extensions[ExtensionType.extended_master_secret] = CreateExtendedMasterSecretExtension();
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddHeartbeatExtension(IDictionary extensions, HeartbeatExtension heartbeatExtension)
+        {
+            extensions[ExtensionType.heartbeat] = CreateHeartbeatExtension(heartbeatExtension);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddMaxFragmentLengthExtension(IDictionary extensions, byte maxFragmentLength)
+        {
+            extensions[ExtensionType.max_fragment_length] = CreateMaxFragmentLengthExtension(maxFragmentLength);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddPaddingExtension(IDictionary extensions, int dataLength)
+        {
+            extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddServerCertificateTypeExtensionClient(IDictionary extensions, byte[] certificateTypes)
+        {
+            extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddServerCertificateTypeExtensionServer(IDictionary extensions, byte certificateType)
+        {
+            extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionServer(certificateType);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddServerNameExtension(IDictionary extensions, ServerNameList serverNameList)
+        {
+            extensions[ExtensionType.server_name] = CreateServerNameExtension(serverNameList);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static void AddStatusRequestExtension(IDictionary extensions, CertificateStatusRequest statusRequest)
+        {
+            extensions[ExtensionType.status_request] = CreateStatusRequestExtension(statusRequest);
+        }
+
+        public static void AddTruncatedHMacExtension(IDictionary extensions)
+        {
+            extensions[ExtensionType.truncated_hmac] = CreateTruncatedHMacExtension();
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] GetClientCertificateTypeExtensionClient(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type);
+            return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static short GetClientCertificateTypeExtensionServer(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type);
+            return extensionData == null ? (short)-1 : (short)ReadCertificateTypeExtensionServer(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static HeartbeatExtension GetHeartbeatExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.heartbeat);
+            return extensionData == null ? null : ReadHeartbeatExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static short GetMaxFragmentLengthExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.max_fragment_length);
+            return extensionData == null ? (short)-1 : (short)ReadMaxFragmentLengthExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static int GetPaddingExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding);
+            return extensionData == null ? -1 : ReadPaddingExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] GetServerCertificateTypeExtensionClient(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type);
+            return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static short GetServerCertificateTypeExtensionServer(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type);
+            return extensionData == null ? (short)-1 : (short)ReadCertificateTypeExtensionServer(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static ServerNameList GetServerNameExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name);
+            return extensionData == null ? null : ReadServerNameExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static CertificateStatusRequest GetStatusRequestExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request);
+            return extensionData == null ? null : ReadStatusRequestExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool HasEncryptThenMacExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.encrypt_then_mac);
+            return extensionData == null ? false : ReadEncryptThenMacExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool HasExtendedMasterSecretExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.extended_master_secret);
+            return extensionData == null ? false : ReadExtendedMasterSecretExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool HasTruncatedHMacExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.truncated_hmac);
+            return extensionData == null ? false : ReadTruncatedHMacExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateCertificateTypeExtensionClient(byte[] certificateTypes)
+        {
+            if (certificateTypes == null || certificateTypes.Length < 1 || certificateTypes.Length > 255)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return TlsUtilities.EncodeUint8ArrayWithUint8Length(certificateTypes);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateCertificateTypeExtensionServer(byte certificateType)
+        {
+            return TlsUtilities.EncodeUint8(certificateType);
+        }
+
+        public static byte[] CreateEmptyExtensionData()
+        {
+            return TlsUtilities.EmptyBytes;
+        }
+
+        public static byte[] CreateEncryptThenMacExtension()
+        {
+            return CreateEmptyExtensionData();
+        }
+
+        public static byte[] CreateExtendedMasterSecretExtension()
+        {
+            return CreateEmptyExtensionData();
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateHeartbeatExtension(HeartbeatExtension heartbeatExtension)
+        {
+            if (heartbeatExtension == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            MemoryStream buf = new MemoryStream();
+
+            heartbeatExtension.Encode(buf);
+
+            return buf.ToArray();
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateMaxFragmentLengthExtension(byte maxFragmentLength)
+        {
+            return TlsUtilities.EncodeUint8(maxFragmentLength);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreatePaddingExtension(int dataLength)
+        {
+            TlsUtilities.CheckUint16(dataLength);
+            return new byte[dataLength];
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateServerNameExtension(ServerNameList serverNameList)
+        {
+            if (serverNameList == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            MemoryStream buf = new MemoryStream();
+        
+            serverNameList.Encode(buf);
+
+            return buf.ToArray();
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] CreateStatusRequestExtension(CertificateStatusRequest statusRequest)
+        {
+            if (statusRequest == null)
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            MemoryStream buf = new MemoryStream();
+
+            statusRequest.Encode(buf);
+
+            return buf.ToArray();
+        }
+
+        public static byte[] CreateTruncatedHMacExtension()
+        {
+            return CreateEmptyExtensionData();
+        }
+
+        /// <exception cref="IOException"></exception>
+        private static bool ReadEmptyExtensionData(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            if (extensionData.Length != 0)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return true;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte[] ReadCertificateTypeExtensionClient(byte[] extensionData)
+        {
+            byte[] certificateTypes = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData);
+            if (certificateTypes.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return certificateTypes;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte ReadCertificateTypeExtensionServer(byte[] extensionData)
+        {
+            return TlsUtilities.DecodeUint8(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool ReadEncryptThenMacExtension(byte[] extensionData)
+        {
+            return ReadEmptyExtensionData(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool ReadExtendedMasterSecretExtension(byte[] extensionData)
+        {
+            return ReadEmptyExtensionData(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+
+            HeartbeatExtension heartbeatExtension = HeartbeatExtension.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return heartbeatExtension;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static byte ReadMaxFragmentLengthExtension(byte[] extensionData)
+        {
+            return TlsUtilities.DecodeUint8(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static int ReadPaddingExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            for (int i = 0; i < extensionData.Length; ++i)
+            {
+                if (extensionData[i] != 0)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            return extensionData.Length;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static ServerNameList ReadServerNameExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+
+            ServerNameList serverNameList = ServerNameList.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return serverNameList;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+
+            CertificateStatusRequest statusRequest = CertificateStatusRequest.Parse(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return statusRequest;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public static bool ReadTruncatedHMacExtension(byte[] extensionData)
+        {
+            return ReadEmptyExtensionData(extensionData);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsFatalAlert.cs b/bc-sharp-crypto/src/crypto/tls/TlsFatalAlert.cs
new file mode 100644
index 0000000..6f18981
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsFatalAlert.cs
@@ -0,0 +1,26 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsFatalAlert
+        : TlsException
+    {
+        private readonly byte alertDescription;
+
+        public TlsFatalAlert(byte alertDescription)
+            : this(alertDescription, null)
+        {
+        }
+
+        public TlsFatalAlert(byte alertDescription, Exception alertCause)
+            : base(Tls.AlertDescription.GetText(alertDescription), alertCause)
+        {
+            this.alertDescription = alertDescription;
+        }
+
+        public virtual byte AlertDescription
+        {
+            get { return alertDescription; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsFatalAlertReceived.cs b/bc-sharp-crypto/src/crypto/tls/TlsFatalAlertReceived.cs
new file mode 100644
index 0000000..044fc80
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsFatalAlertReceived.cs
@@ -0,0 +1,21 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsFatalAlertReceived
+        : TlsException
+    {
+        private readonly byte alertDescription;
+
+        public TlsFatalAlertReceived(byte alertDescription)
+            : base(Tls.AlertDescription.GetText(alertDescription), null)
+        {
+            this.alertDescription = alertDescription;
+        }
+
+        public virtual byte AlertDescription
+        {
+            get { return alertDescription; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsHandshakeHash.cs b/bc-sharp-crypto/src/crypto/tls/TlsHandshakeHash.cs
new file mode 100644
index 0000000..7118d97
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsHandshakeHash.cs
@@ -0,0 +1,22 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsHandshakeHash
+        :   IDigest
+    {
+        void Init(TlsContext context);
+
+        TlsHandshakeHash NotifyPrfDetermined();
+
+        void TrackHashAlgorithm(byte hashAlgorithm);
+
+        void SealHashAlgorithms();
+
+        TlsHandshakeHash StopTracking();
+
+        IDigest ForkPrfHash();
+
+        byte[] GetFinalHash(byte hashAlgorithm);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsKeyExchange.cs
new file mode 100644
index 0000000..6731f6f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsKeyExchange.cs
@@ -0,0 +1,54 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// A generic interface for key exchange implementations in (D)TLS.
+    /// </summary>
+    public interface TlsKeyExchange
+    {
+        void Init(TlsContext context);
+
+        /// <exception cref="IOException"/>
+        void SkipServerCredentials();
+
+        /// <exception cref="IOException"/>
+        void ProcessServerCredentials(TlsCredentials serverCredentials);
+
+        /// <exception cref="IOException"/>
+        void ProcessServerCertificate(Certificate serverCertificate);
+
+        bool RequiresServerKeyExchange { get; }
+
+        /// <exception cref="IOException"/>
+        byte[] GenerateServerKeyExchange();
+
+        /// <exception cref="IOException"/>
+        void SkipServerKeyExchange();
+
+        /// <exception cref="IOException"/>
+        void ProcessServerKeyExchange(Stream input);
+
+        /// <exception cref="IOException"/>
+        void ValidateCertificateRequest(CertificateRequest certificateRequest);
+
+        /// <exception cref="IOException"/>
+        void SkipClientCredentials();
+
+        /// <exception cref="IOException"/>
+        void ProcessClientCredentials(TlsCredentials clientCredentials);
+
+        /// <exception cref="IOException"/>
+        void ProcessClientCertificate(Certificate clientCertificate);
+
+        /// <exception cref="IOException"/>
+        void GenerateClientKeyExchange(Stream output);
+
+        /// <exception cref="IOException"/>
+        void ProcessClientKeyExchange(Stream input);
+
+        /// <exception cref="IOException"/>
+        byte[] GeneratePremasterSecret();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsMac.cs b/bc-sharp-crypto/src/crypto/tls/TlsMac.cs
new file mode 100644
index 0000000..a80319a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsMac.cs
@@ -0,0 +1,173 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest.
+    /// </summary>
+    public class TlsMac
+    {
+        protected readonly TlsContext context;
+        protected readonly byte[] secret;
+        protected readonly IMac mac;
+        protected readonly int digestBlockSize;
+        protected readonly int digestOverhead;
+        protected readonly int macLength;
+
+        /**
+         * Generate a new instance of an TlsMac.
+         *
+         * @param context the TLS client context
+         * @param digest  The digest to use.
+         * @param key     A byte-array where the key for this MAC is located.
+         * @param keyOff  The number of bytes to skip, before the key starts in the buffer.
+         * @param keyLen  The length of the key.
+         */
+        public TlsMac(TlsContext context, IDigest digest, byte[] key, int keyOff, int keyLen)
+        {
+            this.context = context;
+
+            KeyParameter keyParameter = new KeyParameter(key, keyOff, keyLen);
+
+            this.secret = Arrays.Clone(keyParameter.GetKey());
+
+            // TODO This should check the actual algorithm, not rely on the engine type
+            if (digest is LongDigest)
+            {
+                this.digestBlockSize = 128;
+                this.digestOverhead = 16;
+            }
+            else
+            {
+                this.digestBlockSize = 64;
+                this.digestOverhead = 8;
+            }
+
+            if (TlsUtilities.IsSsl(context))
+            {
+                this.mac = new Ssl3Mac(digest);
+
+                // TODO This should check the actual algorithm, not assume based on the digest size
+                if (digest.GetDigestSize() == 20)
+                {
+                    /*
+                     * NOTE: When SHA-1 is used with the SSL 3.0 MAC, the secret + input pad is not
+                     * digest block-aligned.
+                     */
+                    this.digestOverhead = 4;
+                }
+            }
+            else
+            {
+                this.mac = new HMac(digest);
+
+                // NOTE: The input pad for HMAC is always a full digest block
+            }
+
+            this.mac.Init(keyParameter);
+
+            this.macLength = mac.GetMacSize();
+            if (context.SecurityParameters.truncatedHMac)
+            {
+                this.macLength = System.Math.Min(this.macLength, 10);
+            }
+        }
+
+        /**
+         * @return the MAC write secret
+         */
+        public virtual byte[] MacSecret
+        {
+            get { return this.secret; }
+        }
+
+        /**
+         * @return The output length of this MAC.
+         */
+        public virtual int Size
+        {
+            get { return macLength; }
+        }
+
+        /**
+         * Calculate the MAC for some given data.
+         *
+         * @param type    The message type of the message.
+         * @param message A byte-buffer containing the message.
+         * @param offset  The number of bytes to skip, before the message starts.
+         * @param length  The length of the message.
+         * @return A new byte-buffer containing the MAC value.
+         */
+        public virtual byte[] CalculateMac(long seqNo, byte type, byte[] message, int offset, int length)
+        {
+            ProtocolVersion serverVersion = context.ServerVersion;
+            bool isSsl = serverVersion.IsSsl;
+
+            byte[] macHeader = new byte[isSsl ? 11 : 13];
+            TlsUtilities.WriteUint64(seqNo, macHeader, 0);
+            TlsUtilities.WriteUint8(type, macHeader, 8);
+            if (!isSsl)
+            {
+                TlsUtilities.WriteVersion(serverVersion, macHeader, 9);
+            }
+            TlsUtilities.WriteUint16(length, macHeader, macHeader.Length - 2);
+
+            mac.BlockUpdate(macHeader, 0, macHeader.Length);
+            mac.BlockUpdate(message, offset, length);
+
+            return Truncate(MacUtilities.DoFinal(mac));
+        }
+
+        public virtual byte[] CalculateMacConstantTime(long seqNo, byte type, byte[] message, int offset, int length,
+            int fullLength, byte[] dummyData)
+        {
+            /*
+             * Actual MAC only calculated on 'length' bytes...
+             */
+            byte[] result = CalculateMac(seqNo, type, message, offset, length);
+
+            /*
+             * ...but ensure a constant number of complete digest blocks are processed (as many as would
+             * be needed for 'fullLength' bytes of input).
+             */
+            int headerLength = TlsUtilities.IsSsl(context) ? 11 : 13;
+
+            // How many extra full blocks do we need to calculate?
+            int extra = GetDigestBlockCount(headerLength + fullLength) - GetDigestBlockCount(headerLength + length);
+
+            while (--extra >= 0)
+            {
+                mac.BlockUpdate(dummyData, 0, digestBlockSize);
+            }
+
+            // One more byte in case the implementation is "lazy" about processing blocks
+            mac.Update(dummyData[0]);
+            mac.Reset();
+
+            return result;
+        }
+
+        protected virtual int GetDigestBlockCount(int inputLength)
+        {
+            // NOTE: This calculation assumes a minimum of 1 pad byte
+            return (inputLength + digestOverhead) / digestBlockSize;
+        }
+
+        protected virtual byte[] Truncate(byte[] bs)
+        {
+            if (bs.Length <= macLength)
+            {
+                return bs;
+            }
+
+            return Arrays.CopyOf(bs, macLength);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsNoCloseNotifyException.cs b/bc-sharp-crypto/src/crypto/tls/TlsNoCloseNotifyException.cs
new file mode 100644
index 0000000..0bafd82
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsNoCloseNotifyException.cs
@@ -0,0 +1,23 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// This exception will be thrown(only) when the connection is closed by the peer without sending a
+    /// <code cref="AlertDescription.close_notify">close_notify</code> warning alert.
+    /// </summary>
+    /// <remarks>
+    /// If this happens, the TLS protocol cannot rule out truncation of the connection data (potentially
+    /// malicious). It may be possible to check for truncation via some property of a higher level protocol
+    /// built upon TLS, e.g.the Content-Length header for HTTPS.
+    /// </remarks>
+    public class TlsNoCloseNotifyException
+        :   EndOfStreamException
+    {
+        public TlsNoCloseNotifyException()
+            : base("No close_notify alert received before connection closed")
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsNullCipher.cs b/bc-sharp-crypto/src/crypto/tls/TlsNullCipher.cs
new file mode 100644
index 0000000..f30ace2
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsNullCipher.cs
@@ -0,0 +1,118 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>
+    /// A NULL CipherSuite, with optional MAC.
+    /// </summary>
+    public class TlsNullCipher
+        :   TlsCipher
+    {
+        protected readonly TlsContext context;
+
+        protected readonly TlsMac writeMac;
+        protected readonly TlsMac readMac;
+
+        public TlsNullCipher(TlsContext context)
+        {
+            this.context = context;
+            this.writeMac = null;
+            this.readMac = null;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest)
+        {
+            if ((clientWriteDigest == null) != (serverWriteDigest == null))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.context = context;
+
+            TlsMac clientWriteMac = null, serverWriteMac = null;
+
+            if (clientWriteDigest != null)
+            {
+                int key_block_size = clientWriteDigest.GetDigestSize()
+                    + serverWriteDigest.GetDigestSize();
+                byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
+
+                int offset = 0;
+
+                clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
+                    clientWriteDigest.GetDigestSize());
+                offset += clientWriteDigest.GetDigestSize();
+
+                serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
+                    serverWriteDigest.GetDigestSize());
+                offset += serverWriteDigest.GetDigestSize();
+
+                if (offset != key_block_size)
+                {
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+                }
+            }
+
+            if (context.IsServer)
+            {
+                writeMac = serverWriteMac;
+                readMac = clientWriteMac;
+            }
+            else
+            {
+                writeMac = clientWriteMac;
+                readMac = serverWriteMac;
+            }
+        }
+
+        public virtual int GetPlaintextLimit(int ciphertextLimit)
+        {
+            int result = ciphertextLimit;
+            if (writeMac != null)
+            {
+                result -= writeMac.Size;
+            }
+            return result;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
+        {
+            if (writeMac == null)
+            {
+                return Arrays.CopyOfRange(plaintext, offset, offset + len);
+            }
+
+            byte[] mac = writeMac.CalculateMac(seqNo, type, plaintext, offset, len);
+            byte[] ciphertext = new byte[len + mac.Length];
+            Array.Copy(plaintext, offset, ciphertext, 0, len);
+            Array.Copy(mac, 0, ciphertext, len, mac.Length);
+            return ciphertext;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
+        {
+            if (readMac == null)
+            {
+                return Arrays.CopyOfRange(ciphertext, offset, offset + len);
+            }
+
+            int macSize = readMac.Size;
+            if (len < macSize)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            int macInputLen = len - macSize;
+
+            byte[] receivedMac = Arrays.CopyOfRange(ciphertext, offset + macInputLen, offset + len);
+            byte[] computedMac = readMac.CalculateMac(seqNo, type, ciphertext, offset, macInputLen);
+
+            if (!Arrays.ConstantTimeAreEqual(receivedMac, computedMac))
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+
+            return Arrays.CopyOfRange(ciphertext, offset, offset + macInputLen);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsNullCompression.cs b/bc-sharp-crypto/src/crypto/tls/TlsNullCompression.cs
new file mode 100644
index 0000000..45f8fc7
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsNullCompression.cs
@@ -0,0 +1,19 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+	public class TlsNullCompression
+		: TlsCompression
+	{
+		public virtual Stream Compress(Stream output)
+		{
+			return output;
+		}
+
+		public virtual Stream Decompress(Stream output)
+		{
+			return output;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsPeer.cs b/bc-sharp-crypto/src/crypto/tls/TlsPeer.cs
new file mode 100644
index 0000000..1ae41a4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsPeer.cs
@@ -0,0 +1,62 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsPeer
+    {
+        /// <summary>
+        /// draft-mathewson-no-gmtunixtime-00 2. "If existing users of a TLS implementation may rely on
+        /// gmt_unix_time containing the current time, we recommend that implementors MAY provide the
+        /// ability to set gmt_unix_time as an option only, off by default."
+        /// </summary>
+        /// <returns>
+        /// <code>true</code> if the current time should be used in the gmt_unix_time field of
+        /// Random, or <code>false</code> if gmt_unix_time should contain a cryptographically
+        /// random value.
+        /// </returns>
+        bool ShouldUseGmtUnixTime();
+
+        /// <summary>
+        /// Report whether the server supports secure renegotiation
+        /// </summary>
+        /// <remarks>
+        /// The protocol handler automatically processes the relevant extensions
+        /// </remarks>
+        /// <param name="secureRenegotiation">
+        /// A <see cref="System.Boolean"/>, true if the server supports secure renegotiation
+        /// </param>
+        /// <exception cref="IOException"></exception>
+        void NotifySecureRenegotiation(bool secureRenegotiation);
+
+        /// <summary>
+        /// Return an implementation of <see cref="TlsCompression"/> to handle record compression.
+        /// </summary>
+        /// <returns>A <see cref="TlsCompression"/></returns>
+        /// <exception cref="IOException"/>
+        TlsCompression GetCompression();
+
+        /// <summary>
+        /// Return an implementation of <see cref="TlsCipher"/> to use for encryption/decryption.
+        /// </summary>
+        /// <returns>A <see cref="TlsCipher"/></returns>
+        /// <exception cref="IOException"/>
+        TlsCipher GetCipher();
+
+        /// <summary>This method will be called when an alert is raised by the protocol.</summary>
+        /// <param name="alertLevel"><see cref="AlertLevel"/></param>
+        /// <param name="alertDescription"><see cref="AlertDescription"/></param>
+        /// <param name="message">A human-readable message explaining what caused this alert. May be null.</param>
+        /// <param name="cause">The <c>Exception</c> that caused this alert to be raised. May be null.</param>
+        void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause);
+
+        /// <summary>This method will be called when an alert is received from the remote peer.</summary>
+        /// <param name="alertLevel"><see cref="AlertLevel"/></param>
+        /// <param name="alertDescription"><see cref="AlertDescription"/></param>
+        void NotifyAlertReceived(byte alertLevel, byte alertDescription);
+
+        /// <summary>Notifies the peer that the handshake has been successfully completed.</summary>
+        /// <exception cref="IOException"></exception>
+        void NotifyHandshakeComplete();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsProtocol.cs b/bc-sharp-crypto/src/crypto/tls/TlsProtocol.cs
new file mode 100644
index 0000000..72151d4
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsProtocol.cs
@@ -0,0 +1,1450 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsProtocol
+    {
+        /*
+         * Our Connection states
+         */
+        protected const short CS_START = 0;
+        protected const short CS_CLIENT_HELLO = 1;
+        protected const short CS_SERVER_HELLO = 2;
+        protected const short CS_SERVER_SUPPLEMENTAL_DATA = 3;
+        protected const short CS_SERVER_CERTIFICATE = 4;
+        protected const short CS_CERTIFICATE_STATUS = 5;
+        protected const short CS_SERVER_KEY_EXCHANGE = 6;
+        protected const short CS_CERTIFICATE_REQUEST = 7;
+        protected const short CS_SERVER_HELLO_DONE = 8;
+        protected const short CS_CLIENT_SUPPLEMENTAL_DATA = 9;
+        protected const short CS_CLIENT_CERTIFICATE = 10;
+        protected const short CS_CLIENT_KEY_EXCHANGE = 11;
+        protected const short CS_CERTIFICATE_VERIFY = 12;
+        protected const short CS_CLIENT_FINISHED = 13;
+        protected const short CS_SERVER_SESSION_TICKET = 14;
+        protected const short CS_SERVER_FINISHED = 15;
+        protected const short CS_END = 16;
+
+        /*
+         * Different modes to handle the known IV weakness
+         */
+        protected const short ADS_MODE_1_Nsub1 = 0; // 1/n-1 record splitting
+        protected const short ADS_MODE_0_N = 1; // 0/n record splitting
+        protected const short ADS_MODE_0_N_FIRSTONLY = 2; // 0/n record splitting on first data fragment only
+
+        /*
+         * Queues for data from some protocols.
+         */
+        private ByteQueue mApplicationDataQueue = new ByteQueue(0);
+        private ByteQueue mAlertQueue = new ByteQueue(2);
+        private ByteQueue mHandshakeQueue = new ByteQueue(0);
+    //    private ByteQueue mHeartbeatQueue = new ByteQueue();
+
+        /*
+         * The Record Stream we use
+         */
+        internal RecordStream mRecordStream;
+        protected SecureRandom mSecureRandom;
+
+        private TlsStream mTlsStream = null;
+
+        private volatile bool mClosed = false;
+        private volatile bool mFailedWithError = false;
+        private volatile bool mAppDataReady = false;
+        private volatile bool mAppDataSplitEnabled = true;
+        private volatile int mAppDataSplitMode = ADS_MODE_1_Nsub1;
+        private byte[] mExpectedVerifyData = null;
+
+        protected TlsSession mTlsSession = null;
+        protected SessionParameters mSessionParameters = null;
+        protected SecurityParameters mSecurityParameters = null;
+        protected Certificate mPeerCertificate = null;
+
+        protected int[] mOfferedCipherSuites = null;
+        protected byte[] mOfferedCompressionMethods = null;
+        protected IDictionary mClientExtensions = null;
+        protected IDictionary mServerExtensions = null;
+
+        protected short mConnectionState = CS_START;
+        protected bool mResumedSession = false;
+        protected bool mReceivedChangeCipherSpec = false;
+        protected bool mSecureRenegotiation = false;
+        protected bool mAllowCertificateStatus = false;
+        protected bool mExpectSessionTicket = false;
+
+        protected bool mBlocking = true;
+        protected ByteQueueStream mInputBuffers = null;
+        protected ByteQueueStream mOutputBuffer = null;
+
+        public TlsProtocol(Stream stream, SecureRandom secureRandom)
+            :   this(stream, stream, secureRandom)
+        {
+        }
+
+        public TlsProtocol(Stream input, Stream output, SecureRandom secureRandom)
+        {
+            this.mRecordStream = new RecordStream(this, input, output);
+            this.mSecureRandom = secureRandom;
+        }
+
+        public TlsProtocol(SecureRandom secureRandom)
+        {
+            this.mBlocking = false;
+            this.mInputBuffers = new ByteQueueStream();
+            this.mOutputBuffer = new ByteQueueStream();
+            this.mRecordStream = new RecordStream(this, mInputBuffers, mOutputBuffer);
+            this.mSecureRandom = secureRandom;
+        }
+
+        protected abstract TlsContext Context { get; }
+
+        internal abstract AbstractTlsContext ContextAdmin { get; }
+
+        protected abstract TlsPeer Peer { get; }
+
+        protected virtual void HandleAlertMessage(byte alertLevel, byte alertDescription)
+        {
+            Peer.NotifyAlertReceived(alertLevel, alertDescription);
+
+            if (alertLevel == AlertLevel.warning)
+            {
+                HandleAlertWarningMessage(alertDescription);
+            }
+            else
+            {
+                HandleFailure();
+
+                throw new TlsFatalAlertReceived(alertDescription);
+            }
+        }
+
+        protected virtual void HandleAlertWarningMessage(byte alertDescription)
+        {
+            /*
+             * RFC 5246 7.2.1. The other party MUST respond with a close_notify alert of its own
+             * and close down the connection immediately, discarding any pending writes.
+             */
+            if (alertDescription == AlertDescription.close_notify)
+            {
+                if (!mAppDataReady)
+                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+                HandleClose(false);
+            }
+        }
+
+        protected virtual void HandleChangeCipherSpecMessage()
+        {
+        }
+
+        protected virtual void HandleClose(bool user_canceled)
+        {
+            if (!mClosed)
+            {
+                this.mClosed = true;
+
+                if (user_canceled && !mAppDataReady)
+                {
+                    RaiseAlertWarning(AlertDescription.user_canceled, "User canceled handshake");
+                }
+
+                RaiseAlertWarning(AlertDescription.close_notify, "Connection closed");
+
+                mRecordStream.SafeClose();
+
+                if (!mAppDataReady)
+                {
+                    CleanupHandshake();
+                }
+            }
+        }
+
+        protected virtual void HandleException(byte alertDescription, string message, Exception cause)
+        {
+            if (!mClosed)
+            {
+                RaiseAlertFatal(alertDescription, message, cause);
+
+                HandleFailure();
+            }
+        }
+
+        protected virtual void HandleFailure()
+        {
+            this.mClosed = true;
+            this.mFailedWithError = true;
+
+            /*
+             * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated
+             * without proper close_notify messages with level equal to warning.
+             */
+            // TODO This isn't quite in the right place. Also, as of TLS 1.1 the above is obsolete.
+            InvalidateSession();
+
+            mRecordStream.SafeClose();
+
+            if (!mAppDataReady)
+            {
+                CleanupHandshake();
+            }
+        }
+
+        protected abstract void HandleHandshakeMessage(byte type, MemoryStream buf);
+
+        protected virtual void ApplyMaxFragmentLengthExtension()
+        {
+            if (mSecurityParameters.maxFragmentLength >= 0)
+            {
+                if (!MaxFragmentLength.IsValid((byte)mSecurityParameters.maxFragmentLength))
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                int plainTextLimit = 1 << (8 + mSecurityParameters.maxFragmentLength);
+                mRecordStream.SetPlaintextLimit(plainTextLimit);
+            }
+        }
+
+        protected virtual void CheckReceivedChangeCipherSpec(bool expected)
+        {
+            if (expected != mReceivedChangeCipherSpec)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        protected virtual void CleanupHandshake()
+        {
+            if (this.mExpectedVerifyData != null)
+            {
+                Arrays.Fill(this.mExpectedVerifyData, (byte)0);
+                this.mExpectedVerifyData = null;
+            }
+
+            this.mSecurityParameters.Clear();
+            this.mPeerCertificate = null;
+
+            this.mOfferedCipherSuites = null;
+            this.mOfferedCompressionMethods = null;
+            this.mClientExtensions = null;
+            this.mServerExtensions = null;
+
+            this.mResumedSession = false;
+            this.mReceivedChangeCipherSpec = false;
+            this.mSecureRenegotiation = false;
+            this.mAllowCertificateStatus = false;
+            this.mExpectSessionTicket = false;
+        }
+
+        protected virtual void BlockForHandshake()
+        {
+            if (mBlocking)
+            {
+                while (this.mConnectionState != CS_END)
+                {
+                    if (this.mClosed)
+                    {
+                        // NOTE: Any close during the handshake should have raised an exception.
+                        throw new TlsFatalAlert(AlertDescription.internal_error);
+                    }
+
+                    SafeReadRecord();
+                }
+            }
+        }
+
+        protected virtual void CompleteHandshake()
+        {
+            try
+            {
+                this.mConnectionState = CS_END;
+
+                this.mAlertQueue.Shrink();
+                this.mHandshakeQueue.Shrink();
+
+                this.mRecordStream.FinaliseHandshake();
+
+                this.mAppDataSplitEnabled = !TlsUtilities.IsTlsV11(Context);
+
+                /*
+                 * If this was an initial handshake, we are now ready to send and receive application data.
+                 */
+                if (!mAppDataReady)
+                {
+                    this.mAppDataReady = true;
+
+                    if (mBlocking)
+                    {
+                        this.mTlsStream = new TlsStream(this);
+                    }
+                }
+
+                if (this.mTlsSession != null)
+                {
+                    if (this.mSessionParameters == null)
+                    {
+                        this.mSessionParameters = new SessionParameters.Builder()
+                            .SetCipherSuite(this.mSecurityParameters.CipherSuite)
+                            .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm)
+                            .SetMasterSecret(this.mSecurityParameters.MasterSecret)
+                            .SetPeerCertificate(this.mPeerCertificate)
+                            .SetPskIdentity(this.mSecurityParameters.PskIdentity)
+                            .SetSrpIdentity(this.mSecurityParameters.SrpIdentity)
+                            // TODO Consider filtering extensions that aren't relevant to resumed sessions
+                            .SetServerExtensions(this.mServerExtensions)
+                            .Build();
+
+                        this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters);
+                    }
+
+                    ContextAdmin.SetResumableSession(this.mTlsSession);
+                }
+
+                Peer.NotifyHandshakeComplete();
+            }
+            finally
+            {
+                CleanupHandshake();
+            }
+        }
+
+        protected internal void ProcessRecord(byte protocol, byte[] buf, int off, int len)
+        {
+            /*
+             * Have a look at the protocol type, and add it to the correct queue.
+             */
+            switch (protocol)
+            {
+            case ContentType.alert:
+            {
+                mAlertQueue.AddData(buf, off, len);
+                ProcessAlertQueue();
+                break;
+            }
+            case ContentType.application_data:
+            {
+                if (!mAppDataReady)
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+                mApplicationDataQueue.AddData(buf, off, len);
+                ProcessApplicationDataQueue();
+                break;
+            }
+            case ContentType.change_cipher_spec:
+            {
+                ProcessChangeCipherSpec(buf, off, len);
+                break;
+            }
+            case ContentType.handshake:
+            {
+                if (mHandshakeQueue.Available > 0)
+                {
+                    mHandshakeQueue.AddData(buf, off, len);
+                    ProcessHandshakeQueue(mHandshakeQueue);
+                }
+                else
+                {
+                    ByteQueue tmpQueue = new ByteQueue(buf, off, len);
+                    ProcessHandshakeQueue(tmpQueue);
+                    int remaining = tmpQueue.Available;
+                    if (remaining > 0)
+                    {
+                        mHandshakeQueue.AddData(buf, off + len - remaining, remaining);
+                    }
+                }
+                break;
+            }
+            //case ContentType.heartbeat:
+            //{
+            //    if (!mAppDataReady)
+            //        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            //    // TODO[RFC 6520]
+            //    //mHeartbeatQueue.AddData(buf, offset, len);
+            //    //ProcessHeartbeat();
+            //    break;
+            //}
+            default:
+                // Record type should already have been checked
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        private void ProcessHandshakeQueue(ByteQueue queue)
+        {
+            while (queue.Available >= 4)
+            {
+                /*
+                 * We need the first 4 bytes, they contain type and length of the message.
+                 */
+                byte[] beginning = new byte[4];
+                queue.Read(beginning, 0, 4, 0);
+                byte type = TlsUtilities.ReadUint8(beginning, 0);
+                int length = TlsUtilities.ReadUint24(beginning, 1);
+                int totalLength = 4 + length;
+
+                /*
+                 * Check if we have enough bytes in the buffer to read the full message.
+                 */
+                if (queue.Available < totalLength)
+                    break;
+
+                CheckReceivedChangeCipherSpec(mConnectionState == CS_END || type == HandshakeType.finished);
+
+                /*
+                 * RFC 2246 7.4.9. The value handshake_messages includes all handshake messages
+                 * starting at client hello up to, but not including, this finished message.
+                 * [..] Note: [Also,] Hello Request messages are omitted from handshake hashes.
+                 */
+                switch (type)
+                {
+                case HandshakeType.hello_request:
+                    break;
+                case HandshakeType.finished:
+                default:
+                {
+                    TlsContext ctx = Context;
+                    if (type == HandshakeType.finished
+                        && this.mExpectedVerifyData == null
+                        && ctx.SecurityParameters.MasterSecret != null)
+                    {
+                        this.mExpectedVerifyData = CreateVerifyData(!ctx.IsServer);
+                    }
+
+                    queue.CopyTo(mRecordStream.HandshakeHashUpdater, totalLength);
+                    break;
+                }
+                }
+
+                queue.RemoveData(4);
+
+                MemoryStream buf = queue.ReadFrom(length);
+
+                /*
+                 * Now, parse the message.
+                 */
+                HandleHandshakeMessage(type, buf);
+            }
+        }
+
+        private void ProcessApplicationDataQueue()
+        {
+            /*
+             * There is nothing we need to do here.
+             * 
+             * This function could be used for callbacks when application data arrives in the future.
+             */
+        }
+
+        private void ProcessAlertQueue()
+        {
+            while (mAlertQueue.Available >= 2)
+            {
+                /*
+                 * An alert is always 2 bytes. Read the alert.
+                 */
+                byte[] alert = mAlertQueue.RemoveData(2, 0);
+                byte alertLevel = alert[0];
+                byte alertDescription = alert[1];
+
+                HandleAlertMessage(alertLevel, alertDescription);
+            }
+        }
+
+        /**
+         * This method is called, when a change cipher spec message is received.
+         *
+         * @throws IOException If the message has an invalid content or the handshake is not in the correct
+         * state.
+         */
+        private void ProcessChangeCipherSpec(byte[] buf, int off, int len)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                byte message = TlsUtilities.ReadUint8(buf, off + i);
+
+                if (message != ChangeCipherSpec.change_cipher_spec)
+                    throw new TlsFatalAlert(AlertDescription.decode_error);
+
+                if (this.mReceivedChangeCipherSpec
+                    || mAlertQueue.Available > 0
+                    || mHandshakeQueue.Available > 0)
+                {
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+
+                mRecordStream.ReceivedReadCipherSpec();
+
+                this.mReceivedChangeCipherSpec = true;
+
+                HandleChangeCipherSpecMessage();
+            }
+        }
+
+        protected internal virtual int ApplicationDataAvailable()
+        {
+            return mApplicationDataQueue.Available;
+        }
+
+        /**
+         * Read data from the network. The method will return immediately, if there is still some data
+         * left in the buffer, or block until some application data has been read from the network.
+         *
+         * @param buf    The buffer where the data will be copied to.
+         * @param offset The position where the data will be placed in the buffer.
+         * @param len    The maximum number of bytes to read.
+         * @return The number of bytes read.
+         * @throws IOException If something goes wrong during reading data.
+         */
+        protected internal virtual int ReadApplicationData(byte[] buf, int offset, int len)
+        {
+            if (len < 1)
+                return 0;
+
+            while (mApplicationDataQueue.Available == 0)
+            {
+                if (this.mClosed)
+                {
+                    if (this.mFailedWithError)
+                        throw new IOException("Cannot read application data on failed TLS connection");
+
+                    if (!mAppDataReady)
+                        throw new InvalidOperationException("Cannot read application data until initial handshake completed.");
+
+                    return 0;
+                }
+
+                SafeReadRecord();
+            }
+
+            len = System.Math.Min(len, mApplicationDataQueue.Available);
+            mApplicationDataQueue.RemoveData(buf, offset, len, 0);
+            return len;
+        }
+
+        protected virtual void SafeCheckRecordHeader(byte[] recordHeader)
+        {
+            try
+            {
+                mRecordStream.CheckRecordHeader(recordHeader);
+            }
+            catch (TlsFatalAlert e)
+            {
+                HandleException(e.AlertDescription, "Failed to read record", e);
+                throw e;
+            }
+            catch (IOException e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to read record", e);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to read record", e);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+        }
+
+        protected virtual void SafeReadRecord()
+        {
+            try
+            {
+                if (mRecordStream.ReadRecord())
+                    return;
+
+                if (!mAppDataReady)
+                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
+            }
+            catch (TlsFatalAlertReceived e)
+            {
+                // Connection failure already handled at source
+                throw e;
+            }
+            catch (TlsFatalAlert e)
+            {
+                HandleException(e.AlertDescription, "Failed to read record", e);
+                throw e;
+            }
+            catch (IOException e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to read record", e);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to read record", e);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+
+            HandleFailure();
+
+            throw new TlsNoCloseNotifyException();
+        }
+
+        protected virtual void SafeWriteRecord(byte type, byte[] buf, int offset, int len)
+        {
+            try
+            {
+                mRecordStream.WriteRecord(type, buf, offset, len);
+            }
+            catch (TlsFatalAlert e)
+            {
+                HandleException(e.AlertDescription, "Failed to write record", e);
+                throw e;
+            }
+            catch (IOException e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to write record", e);
+                throw e;
+            }
+            catch (Exception e)
+            {
+                HandleException(AlertDescription.internal_error, "Failed to write record", e);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+        }
+
+        /**
+         * Send some application data to the remote system.
+         * <p/>
+         * The method will handle fragmentation internally.
+         *
+         * @param buf    The buffer with the data.
+         * @param offset The position in the buffer where the data is placed.
+         * @param len    The length of the data.
+         * @throws IOException If something goes wrong during sending.
+         */
+        protected internal virtual void WriteData(byte[] buf, int offset, int len)
+        {
+            if (this.mClosed)
+                throw new IOException("Cannot write application data on closed/failed TLS connection");
+
+            while (len > 0)
+            {
+                /*
+                 * RFC 5246 6.2.1. Zero-length fragments of Application data MAY be sent as they are
+                 * potentially useful as a traffic analysis countermeasure.
+                 * 
+                 * NOTE: Actually, implementations appear to have settled on 1/n-1 record splitting.
+                 */
+
+                if (this.mAppDataSplitEnabled)
+                {
+                    /*
+                     * Protect against known IV attack!
+                     * 
+                     * DO NOT REMOVE THIS CODE, EXCEPT YOU KNOW EXACTLY WHAT YOU ARE DOING HERE.
+                     */
+                    switch (mAppDataSplitMode)
+                    {
+                    case ADS_MODE_0_N:
+                        SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0);
+                        break;
+                    case ADS_MODE_0_N_FIRSTONLY:
+                        this.mAppDataSplitEnabled = false;
+                        SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0);
+                        break;
+                    case ADS_MODE_1_Nsub1:
+                    default:
+                        SafeWriteRecord(ContentType.application_data, buf, offset, 1);
+                        ++offset;
+                        --len;
+                        break;
+                    }
+                }
+
+                if (len > 0)
+                {
+                    // Fragment data according to the current fragment limit.
+                    int toWrite = System.Math.Min(len, mRecordStream.GetPlaintextLimit());
+                    SafeWriteRecord(ContentType.application_data, buf, offset, toWrite);
+                    offset += toWrite;
+                    len -= toWrite;
+                }
+            }
+        }
+
+        protected virtual void SetAppDataSplitMode(int appDataSplitMode)
+        {
+            if (appDataSplitMode < ADS_MODE_1_Nsub1 || appDataSplitMode > ADS_MODE_0_N_FIRSTONLY)
+                throw new ArgumentException("Illegal appDataSplitMode mode: " + appDataSplitMode, "appDataSplitMode");
+
+            this.mAppDataSplitMode = appDataSplitMode;
+        }
+
+        protected virtual void WriteHandshakeMessage(byte[] buf, int off, int len)
+        {
+            if (len < 4)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            byte type = TlsUtilities.ReadUint8(buf, off);
+            if (type != HandshakeType.hello_request)
+            {
+                mRecordStream.HandshakeHashUpdater.Write(buf, off, len);
+            }
+
+            int total = 0;
+            do
+            {
+                // Fragment data according to the current fragment limit.
+                int toWrite = System.Math.Min(len - total, mRecordStream.GetPlaintextLimit());
+                SafeWriteRecord(ContentType.handshake, buf, off + total, toWrite);
+                total += toWrite;
+            }
+            while (total < len);
+        }
+
+        /// <summary>The secure bidirectional stream for this connection</summary>
+        /// <remarks>Only allowed in blocking mode.</remarks>
+        public virtual Stream Stream
+        {
+            get
+            {
+                if (!mBlocking)
+                    throw new InvalidOperationException("Cannot use Stream in non-blocking mode! Use OfferInput()/OfferOutput() instead.");
+                return this.mTlsStream;
+            }
+        }
+
+        /**
+         * Should be called in non-blocking mode when the input data reaches EOF.
+         */
+        public virtual void CloseInput()
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use CloseInput() in blocking mode!");
+
+            if (mClosed)
+                return;
+
+            if (mInputBuffers.Available > 0)
+                throw new EndOfStreamException();
+
+            if (!mAppDataReady)
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            throw new TlsNoCloseNotifyException();
+        }
+
+        /**
+         * Offer input from an arbitrary source. Only allowed in non-blocking mode.<br/>
+         * <br/>
+         * After this method returns, the input buffer is "owned" by this object. Other code
+         * must not attempt to do anything with it.<br/>
+         * <br/>
+         * This method will decrypt and process all records that are fully available.
+         * If only part of a record is available, the buffer will be retained until the
+         * remainder of the record is offered.<br/>
+         * <br/>
+         * If any records containing application data were processed, the decrypted data
+         * can be obtained using {@link #readInput(byte[], int, int)}. If any records
+         * containing protocol data were processed, a response may have been generated.
+         * You should always check to see if there is any available output after calling
+         * this method by calling {@link #getAvailableOutputBytes()}.
+         * @param input The input buffer to offer
+         * @throws IOException If an error occurs while decrypting or processing a record
+         */
+        public virtual void OfferInput(byte[] input)
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use OfferInput() in blocking mode! Use Stream instead.");
+            if (mClosed)
+                throw new IOException("Connection is closed, cannot accept any more input");
+
+            mInputBuffers.Write(input);
+
+            // loop while there are enough bytes to read the length of the next record
+            while (mInputBuffers.Available >= RecordStream.TLS_HEADER_SIZE)
+            {
+                byte[] recordHeader = new byte[RecordStream.TLS_HEADER_SIZE];
+                mInputBuffers.Peek(recordHeader);
+
+                int totalLength = TlsUtilities.ReadUint16(recordHeader, RecordStream.TLS_HEADER_LENGTH_OFFSET) + RecordStream.TLS_HEADER_SIZE;
+                if (mInputBuffers.Available < totalLength)
+                {
+                    // not enough bytes to read a whole record
+                    SafeCheckRecordHeader(recordHeader);
+                    break;
+                }
+
+                SafeReadRecord();
+
+                if (mClosed)
+                {
+                    if (mConnectionState != CS_END)
+                    {
+                        // NOTE: Any close during the handshake should have raised an exception.
+                        throw new TlsFatalAlert(AlertDescription.internal_error);
+                    }
+                    break;
+                }
+            }
+        }
+
+        /**
+         * Gets the amount of received application data. A call to {@link #readInput(byte[], int, int)}
+         * is guaranteed to be able to return at least this much data.<br/>
+         * <br/>
+         * Only allowed in non-blocking mode.
+         * @return The number of bytes of available application data
+         */
+        public virtual int GetAvailableInputBytes()
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use GetAvailableInputBytes() in blocking mode! Use ApplicationDataAvailable() instead.");
+
+            return ApplicationDataAvailable();
+        }
+
+        /**
+         * Retrieves received application data. Use {@link #getAvailableInputBytes()} to check
+         * how much application data is currently available. This method functions similarly to
+         * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
+         * is available, nothing will be copied and zero will be returned.<br/>
+         * <br/>
+         * Only allowed in non-blocking mode.
+         * @param buffer The buffer to hold the application data
+         * @param offset The start offset in the buffer at which the data is written
+         * @param length The maximum number of bytes to read
+         * @return The total number of bytes copied to the buffer. May be less than the
+         *          length specified if the length was greater than the amount of available data.
+         */
+        public virtual int ReadInput(byte[] buffer, int offset, int length)
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use ReadInput() in blocking mode! Use Stream instead.");
+
+            return ReadApplicationData(buffer, offset, System.Math.Min(length, ApplicationDataAvailable()));
+        }
+
+        /**
+         * Offer output from an arbitrary source. Only allowed in non-blocking mode.<br/>
+         * <br/>
+         * After this method returns, the specified section of the buffer will have been
+         * processed. Use {@link #readOutput(byte[], int, int)} to get the bytes to
+         * transmit to the other peer.<br/>
+         * <br/>
+         * This method must not be called until after the handshake is complete! Attempting
+         * to call it before the handshake is complete will result in an exception.
+         * @param buffer The buffer containing application data to encrypt
+         * @param offset The offset at which to begin reading data
+         * @param length The number of bytes of data to read
+         * @throws IOException If an error occurs encrypting the data, or the handshake is not complete
+         */
+        public virtual void OfferOutput(byte[] buffer, int offset, int length)
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use OfferOutput() in blocking mode! Use Stream instead.");
+            if (!mAppDataReady)
+                throw new IOException("Application data cannot be sent until the handshake is complete!");
+
+            WriteData(buffer, offset, length);
+        }
+
+        /**
+         * Gets the amount of encrypted data available to be sent. A call to
+         * {@link #readOutput(byte[], int, int)} is guaranteed to be able to return at
+         * least this much data.<br/>
+         * <br/>
+         * Only allowed in non-blocking mode.
+         * @return The number of bytes of available encrypted data
+         */
+        public virtual int GetAvailableOutputBytes()
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use GetAvailableOutputBytes() in blocking mode! Use Stream instead.");
+
+            return mOutputBuffer.Available;
+        }
+
+        /**
+         * Retrieves encrypted data to be sent. Use {@link #getAvailableOutputBytes()} to check
+         * how much encrypted data is currently available. This method functions similarly to
+         * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
+         * is available, nothing will be copied and zero will be returned.<br/>
+         * <br/>
+         * Only allowed in non-blocking mode.
+         * @param buffer The buffer to hold the encrypted data
+         * @param offset The start offset in the buffer at which the data is written
+         * @param length The maximum number of bytes to read
+         * @return The total number of bytes copied to the buffer. May be less than the
+         *          length specified if the length was greater than the amount of available data.
+         */
+        public virtual int ReadOutput(byte[] buffer, int offset, int length)
+        {
+            if (mBlocking)
+                throw new InvalidOperationException("Cannot use ReadOutput() in blocking mode! Use Stream instead.");
+
+            return mOutputBuffer.Read(buffer, offset, length);
+        }
+
+        protected virtual void InvalidateSession()
+        {
+            if (this.mSessionParameters != null)
+            {
+                this.mSessionParameters.Clear();
+                this.mSessionParameters = null;
+            }
+
+            if (this.mTlsSession != null)
+            {
+                this.mTlsSession.Invalidate();
+                this.mTlsSession = null;
+            }
+        }
+
+        protected virtual void ProcessFinishedMessage(MemoryStream buf)
+        {
+            if (mExpectedVerifyData == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            byte[] verify_data = TlsUtilities.ReadFully(mExpectedVerifyData.Length, buf);
+
+            AssertEmpty(buf);
+
+            /*
+             * Compare both checksums.
+             */
+            if (!Arrays.ConstantTimeAreEqual(mExpectedVerifyData, verify_data))
+            {
+                /*
+                 * Wrong checksum in the finished message.
+                 */
+                throw new TlsFatalAlert(AlertDescription.decrypt_error);
+            }
+        }
+
+        protected virtual void RaiseAlertFatal(byte alertDescription, string message, Exception cause)
+        {
+            Peer.NotifyAlertRaised(AlertLevel.fatal, alertDescription, message, cause);
+
+            byte[] alert = new byte[]{ AlertLevel.fatal, alertDescription };
+
+            try
+            {
+                mRecordStream.WriteRecord(ContentType.alert, alert, 0, 2);
+            }
+            catch (Exception)
+            {
+                // We are already processing an exception, so just ignore this
+            }
+        }
+
+        protected virtual void RaiseAlertWarning(byte alertDescription, string message)
+        {
+            Peer.NotifyAlertRaised(AlertLevel.warning, alertDescription, message, null);
+
+            byte[] alert = new byte[]{ AlertLevel.warning, alertDescription };
+
+            SafeWriteRecord(ContentType.alert, alert, 0, 2);
+        }
+
+        protected virtual void SendCertificateMessage(Certificate certificate)
+        {
+            if (certificate == null)
+            {
+                certificate = Certificate.EmptyChain;
+            }
+
+            if (certificate.IsEmpty)
+            {
+                TlsContext context = Context;
+                if (!context.IsServer)
+                {
+                    ProtocolVersion serverVersion = Context.ServerVersion;
+                    if (serverVersion.IsSsl)
+                    {
+                        string errorMessage = serverVersion.ToString() + " client didn't provide credentials";
+                        RaiseAlertWarning(AlertDescription.no_certificate, errorMessage);
+                        return;
+                    }
+                }
+            }
+
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate);
+
+            certificate.Encode(message);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendChangeCipherSpecMessage()
+        {
+            byte[] message = new byte[]{ 1 };
+            SafeWriteRecord(ContentType.change_cipher_spec, message, 0, message.Length);
+            mRecordStream.SentWriteCipherSpec();
+        }
+
+        protected virtual void SendFinishedMessage()
+        {
+            byte[] verify_data = CreateVerifyData(Context.IsServer);
+
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.finished, verify_data.Length);
+
+            message.Write(verify_data, 0, verify_data.Length);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendSupplementalDataMessage(IList supplementalData)
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.supplemental_data);
+
+            WriteSupplementalData(message, supplementalData);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual byte[] CreateVerifyData(bool isServer)
+        {
+            TlsContext context = Context;
+            string asciiLabel = isServer ? ExporterLabel.server_finished : ExporterLabel.client_finished;
+            byte[] sslSender = isServer ? TlsUtilities.SSL_SERVER : TlsUtilities.SSL_CLIENT;
+            byte[] hash = GetCurrentPrfHash(context, mRecordStream.HandshakeHash, sslSender);
+            return TlsUtilities.CalculateVerifyData(context, asciiLabel, hash);
+        }
+
+        /**
+         * Closes this connection.
+         *
+         * @throws IOException If something goes wrong during closing.
+         */
+        public virtual void Close()
+        {
+            HandleClose(true);
+        }
+
+        protected internal virtual void Flush()
+        {
+            mRecordStream.Flush();
+        }
+
+        public virtual bool IsClosed
+        {
+            get { return mClosed; }
+        }
+
+        protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions, IDictionary serverExtensions,
+            byte alertDescription)
+        {
+            short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
+            if (maxFragmentLength >= 0)
+            {
+                if (!MaxFragmentLength.IsValid((byte)maxFragmentLength)
+                    || (!this.mResumedSession && maxFragmentLength != TlsExtensionsUtilities
+                        .GetMaxFragmentLengthExtension(clientExtensions)))
+                {
+                    throw new TlsFatalAlert(alertDescription);
+                }
+            }
+            return maxFragmentLength;
+        }
+
+        protected virtual void RefuseRenegotiation()
+        {
+            /*
+             * RFC 5746 4.5 SSLv3 clients that refuse renegotiation SHOULD use a fatal
+             * handshake_failure alert.
+             */
+            if (TlsUtilities.IsSsl(Context))
+                throw new TlsFatalAlert(AlertDescription.handshake_failure);
+
+            RaiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported");
+        }
+
+        /**
+         * Make sure the InputStream 'buf' now empty. Fail otherwise.
+         *
+         * @param buf The InputStream to check.
+         * @throws IOException If 'buf' is not empty.
+         */
+        protected internal static void AssertEmpty(MemoryStream buf)
+        {
+            if (buf.Position < buf.Length)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+        }
+
+        protected internal static byte[] CreateRandomBlock(bool useGmtUnixTime, IRandomGenerator randomGenerator)
+        {
+            byte[] result = new byte[32];
+            randomGenerator.NextBytes(result);
+
+            if (useGmtUnixTime)
+            {
+                TlsUtilities.WriteGmtUnixTime(result, 0);
+            }
+
+            return result;
+        }
+
+        protected internal static byte[] CreateRenegotiationInfo(byte[] renegotiated_connection)
+        {
+            return TlsUtilities.EncodeOpaque8(renegotiated_connection);
+        }
+
+        protected internal static void EstablishMasterSecret(TlsContext context, TlsKeyExchange keyExchange)
+        {
+            byte[] pre_master_secret = keyExchange.GeneratePremasterSecret();
+
+            try
+            {
+                context.SecurityParameters.masterSecret = TlsUtilities.CalculateMasterSecret(context, pre_master_secret);
+            }
+            finally
+            {
+                // TODO Is there a way to ensure the data is really overwritten?
+                /*
+                 * RFC 2246 8.1. The pre_master_secret should be deleted from memory once the
+                 * master_secret has been computed.
+                 */
+                if (pre_master_secret != null)
+                {
+                    Arrays.Fill(pre_master_secret, (byte)0);
+                }
+            }
+        }
+
+        /**
+         * 'sender' only relevant to SSLv3
+         */
+        protected internal static byte[] GetCurrentPrfHash(TlsContext context, TlsHandshakeHash handshakeHash, byte[] sslSender)
+        {
+            IDigest d = handshakeHash.ForkPrfHash();
+
+            if (sslSender != null && TlsUtilities.IsSsl(context))
+            {
+                d.BlockUpdate(sslSender, 0, sslSender.Length);
+            }
+
+            return DigestUtilities.DoFinal(d);
+        }
+
+        protected internal static IDictionary ReadExtensions(MemoryStream input)
+        {
+            if (input.Position >= input.Length)
+                return null;
+
+            byte[] extBytes = TlsUtilities.ReadOpaque16(input);
+
+            AssertEmpty(input);
+
+            MemoryStream buf = new MemoryStream(extBytes, false);
+
+            // Integer -> byte[]
+            IDictionary extensions = Platform.CreateHashtable();
+
+            while (buf.Position < buf.Length)
+            {
+                int extension_type = TlsUtilities.ReadUint16(buf);
+                byte[] extension_data = TlsUtilities.ReadOpaque16(buf);
+
+                /*
+                 * RFC 3546 2.3 There MUST NOT be more than one extension of the same type.
+                 */
+                if (extensions.Contains(extension_type))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+                extensions.Add(extension_type, extension_data);
+            }
+
+            return extensions;
+        }
+
+        protected internal static IList ReadSupplementalDataMessage(MemoryStream input)
+        {
+            byte[] supp_data = TlsUtilities.ReadOpaque24(input);
+
+            AssertEmpty(input);
+
+            MemoryStream buf = new MemoryStream(supp_data, false);
+
+            IList supplementalData = Platform.CreateArrayList();
+
+            while (buf.Position < buf.Length)
+            {
+                int supp_data_type = TlsUtilities.ReadUint16(buf);
+                byte[] data = TlsUtilities.ReadOpaque16(buf);
+
+                supplementalData.Add(new SupplementalDataEntry(supp_data_type, data));
+            }
+
+            return supplementalData;
+        }
+
+        protected internal static void WriteExtensions(Stream output, IDictionary extensions)
+        {
+            MemoryStream buf = new MemoryStream();
+
+            /*
+             * NOTE: There are reports of servers that don't accept a zero-length extension as the last
+             * one, so we write out any zero-length ones first as a best-effort workaround.
+             */
+            WriteSelectedExtensions(buf, extensions, true);
+            WriteSelectedExtensions(buf, extensions, false);
+
+            byte[] extBytes = buf.ToArray();
+
+            TlsUtilities.WriteOpaque16(extBytes, output);
+        }
+
+        protected internal static void WriteSelectedExtensions(Stream output, IDictionary extensions, bool selectEmpty)
+        {
+            foreach (int extension_type in extensions.Keys)
+            {
+                byte[] extension_data = (byte[])extensions[extension_type];
+                if (selectEmpty == (extension_data.Length == 0))
+                {
+                    TlsUtilities.CheckUint16(extension_type);
+                    TlsUtilities.WriteUint16(extension_type, output);
+                    TlsUtilities.WriteOpaque16(extension_data, output);
+                }
+            }
+        }
+
+        protected internal static void WriteSupplementalData(Stream output, IList supplementalData)
+        {
+            MemoryStream buf = new MemoryStream();
+
+            foreach (SupplementalDataEntry entry in supplementalData)
+            {
+                int supp_data_type = entry.DataType;
+                TlsUtilities.CheckUint16(supp_data_type);
+                TlsUtilities.WriteUint16(supp_data_type, buf);
+                TlsUtilities.WriteOpaque16(entry.Data, buf);
+            }
+
+            byte[] supp_data = buf.ToArray();
+
+            TlsUtilities.WriteOpaque24(supp_data, output);
+        }
+
+        protected internal static int GetPrfAlgorithm(TlsContext context, int ciphersuite)
+        {
+            bool isTLSv12 = TlsUtilities.IsTlsV12(context);
+
+            switch (ciphersuite)
+            {
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
+            {
+                if (isTLSv12)
+                {
+                    return PrfAlgorithm.tls_prf_sha256;
+                }
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            {
+                if (isTLSv12)
+                {
+                    return PrfAlgorithm.tls_prf_sha384;
+                }
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
+            {
+                if (isTLSv12)
+                {
+                    return PrfAlgorithm.tls_prf_sha384;
+                }
+                return PrfAlgorithm.tls_prf_legacy;
+            }
+
+            default:
+            {
+                if (isTLSv12)
+                {
+                    return PrfAlgorithm.tls_prf_sha256;
+                }
+                return PrfAlgorithm.tls_prf_legacy;
+            }
+            }
+        }
+
+        internal class HandshakeMessage
+            :   MemoryStream
+        {
+            internal HandshakeMessage(byte handshakeType)
+                :   this(handshakeType, 60)
+            {
+            }
+
+            internal HandshakeMessage(byte handshakeType, int length)
+                :   base(length + 4)
+            {
+                TlsUtilities.WriteUint8(handshakeType, this);
+                // Reserve space for length
+                TlsUtilities.WriteUint24(0, this);
+            }
+
+            internal void Write(byte[] data)
+            {
+                Write(data, 0, data.Length);
+            }
+
+            internal void WriteToRecordStream(TlsProtocol protocol)
+            {
+                // Patch actual length back in
+                long length = Length - 4;
+                TlsUtilities.CheckUint24(length);
+                this.Position = 1;
+                TlsUtilities.WriteUint24((int)length, this);
+
+#if PORTABLE
+                byte[] buf = ToArray();
+                int bufLen = buf.Length;
+#else
+                byte[] buf = GetBuffer();
+                int bufLen = (int)Length;
+#endif
+
+                protocol.WriteHandshakeMessage(buf, 0, bufLen);
+                Platform.Dispose(this);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsProtocolHandler.cs b/bc-sharp-crypto/src/crypto/tls/TlsProtocolHandler.cs
new file mode 100644
index 0000000..6f22346
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsProtocolHandler.cs
@@ -0,0 +1,39 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Agreement.Srp;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    [Obsolete("Use 'TlsClientProtocol' instead")]
+    public class TlsProtocolHandler
+        :   TlsClientProtocol
+    {
+        public TlsProtocolHandler(Stream stream, SecureRandom secureRandom)
+            :   base(stream, stream, secureRandom)
+        {
+        }
+
+        /// <remarks>Both streams can be the same object</remarks>
+        public TlsProtocolHandler(Stream input, Stream output, SecureRandom	secureRandom)
+            :   base(input, output, secureRandom)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsPskIdentity.cs b/bc-sharp-crypto/src/crypto/tls/TlsPskIdentity.cs
new file mode 100644
index 0000000..119064e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsPskIdentity.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+	public interface TlsPskIdentity
+	{
+		void SkipIdentityHint();
+
+		void NotifyIdentityHint(byte[] psk_identity_hint);
+
+		byte[] GetPskIdentity();
+
+		byte[] GetPsk();
+	}
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsPskIdentityManager.cs b/bc-sharp-crypto/src/crypto/tls/TlsPskIdentityManager.cs
new file mode 100644
index 0000000..a72c229
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsPskIdentityManager.cs
@@ -0,0 +1,11 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsPskIdentityManager
+    {
+        byte[] GetHint();
+
+        byte[] GetPsk(byte[] identity);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsPskKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsPskKeyExchange.cs
new file mode 100644
index 0000000..0af7f7a
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsPskKeyExchange.cs
@@ -0,0 +1,328 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS PSK key exchange (RFC 4279).</summary>
+    public class TlsPskKeyExchange
+        :   AbstractTlsKeyExchange
+    {
+        protected TlsPskIdentity mPskIdentity;
+        protected TlsPskIdentityManager mPskIdentityManager;
+
+        protected DHParameters mDHParameters;
+        protected int[] mNamedCurves;
+        protected byte[] mClientECPointFormats, mServerECPointFormats;
+
+        protected byte[] mPskIdentityHint = null;
+        protected byte[] mPsk = null;
+
+        protected DHPrivateKeyParameters mDHAgreePrivateKey = null;
+        protected DHPublicKeyParameters mDHAgreePublicKey = null;
+
+        protected ECPrivateKeyParameters mECAgreePrivateKey = null;
+        protected ECPublicKeyParameters mECAgreePublicKey = null;
+
+        protected AsymmetricKeyParameter mServerPublicKey = null;
+        protected RsaKeyParameters mRsaServerPublicKey = null;
+        protected TlsEncryptionCredentials mServerCredentials = null;
+        protected byte[] mPremasterSecret;
+
+        public TlsPskKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsPskIdentity pskIdentity,
+            TlsPskIdentityManager pskIdentityManager, DHParameters dhParameters, int[] namedCurves,
+            byte[] clientECPointFormats, byte[] serverECPointFormats)
+            :   base(keyExchange, supportedSignatureAlgorithms)
+        {
+            switch (keyExchange)
+            {
+            case KeyExchangeAlgorithm.DHE_PSK:
+            case KeyExchangeAlgorithm.ECDHE_PSK:
+            case KeyExchangeAlgorithm.PSK:
+            case KeyExchangeAlgorithm.RSA_PSK:
+                break;
+            default:
+                throw new InvalidOperationException("unsupported key exchange algorithm");
+            }
+
+            this.mPskIdentity = pskIdentity;
+            this.mPskIdentityManager = pskIdentityManager;
+            this.mDHParameters = dhParameters;
+            this.mNamedCurves = namedCurves;
+            this.mClientECPointFormats = clientECPointFormats;
+            this.mServerECPointFormats = serverECPointFormats;
+        }
+
+        public override void SkipServerCredentials()
+        {
+            if (mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            if (!(serverCredentials is TlsEncryptionCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ProcessServerCertificate(serverCredentials.Certificate);
+
+            this.mServerCredentials = (TlsEncryptionCredentials)serverCredentials;
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            this.mPskIdentityHint = mPskIdentityManager.GetHint();
+
+            if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
+                return null;
+
+            MemoryStream buf = new MemoryStream();
+
+            if (this.mPskIdentityHint == null)
+            {
+                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
+            }
+            else
+            {
+                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
+            }
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
+            {
+                if (this.mDHParameters == null)
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
+                    this.mDHParameters, buf);
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
+            {
+                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
+                    mNamedCurves, mClientECPointFormats, buf);
+            }
+
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (mKeyExchange != KeyExchangeAlgorithm.RSA_PSK)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            if (serverCertificate.IsEmpty)
+                throw new TlsFatalAlert(AlertDescription.bad_certificate);
+
+            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);
+
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+
+            // Sanity check the PublicKeyFactory
+            if (this.mServerPublicKey.IsPrivate)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)this.mServerPublicKey);
+
+            TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyEncipherment);
+
+            base.ProcessServerCertificate(serverCertificate);
+        }
+
+        public override bool RequiresServerKeyExchange
+        {
+            get
+            {
+                switch (mKeyExchange)
+                {
+                case KeyExchangeAlgorithm.DHE_PSK:
+                case KeyExchangeAlgorithm.ECDHE_PSK:
+                    return true;
+                default:
+                    return false;
+                }
+            }
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input);
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
+            {
+                ServerDHParams serverDHParams = ServerDHParams.Parse(input);
+
+                this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
+                this.mDHParameters = mDHAgreePublicKey.Parameters;
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
+            {
+                ECDomainParameters ecParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input);
+
+                byte[] point = TlsUtilities.ReadOpaque8(input);
+
+                this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
+                    mClientECPointFormats, ecParams, point));
+            }
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public override void GenerateClientKeyExchange(Stream output)
+        {
+            if (mPskIdentityHint == null)
+            {
+                mPskIdentity.SkipIdentityHint();
+            }
+            else
+            {
+                mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
+            }
+
+            byte[] psk_identity = mPskIdentity.GetPskIdentity();
+            if (psk_identity == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.mPsk = mPskIdentity.GetPsk();
+            if (mPsk == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            TlsUtilities.WriteOpaque16(psk_identity, output);
+
+            mContext.SecurityParameters.pskIdentity = psk_identity;
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
+            {
+                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
+                    mDHParameters, output);
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
+            {
+                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
+                    mServerECPointFormats, mECAgreePublicKey.Parameters, output);
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
+            {
+                this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext,
+                    this.mRsaServerPublicKey, output);
+            }
+        }
+
+        public override void ProcessClientKeyExchange(Stream input)
+        {
+            byte[] psk_identity = TlsUtilities.ReadOpaque16(input);
+
+            this.mPsk = mPskIdentityManager.GetPsk(psk_identity);
+            if (mPsk == null)
+                throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);
+
+            mContext.SecurityParameters.pskIdentity = psk_identity;
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
+            {
+                BigInteger Yc = TlsDHUtilities.ReadDHParameter(input);
+
+                this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(Yc, mDHParameters));
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
+            {
+                byte[] point = TlsUtilities.ReadOpaque8(input);
+
+                ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters;
+
+                this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
+                    mServerECPointFormats, curve_params, point));
+            }
+            else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
+            {
+                byte[] encryptedPreMasterSecret;
+                if (TlsUtilities.IsSsl(mContext))
+                {
+                    // TODO Do any SSLv3 clients actually include the length?
+                    encryptedPreMasterSecret = Streams.ReadAll(input);
+                }
+                else
+                {
+                    encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input);
+                }
+
+                this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret);
+            }
+        }
+
+        public override byte[] GeneratePremasterSecret()
+        {
+            byte[] other_secret = GenerateOtherSecret(mPsk.Length);
+
+            MemoryStream buf = new MemoryStream(4 + other_secret.Length + mPsk.Length);
+            TlsUtilities.WriteOpaque16(other_secret, buf);
+            TlsUtilities.WriteOpaque16(mPsk, buf);
+
+            Arrays.Fill(mPsk, (byte)0);
+            this.mPsk = null;
+
+            return buf.ToArray();
+        }
+
+        protected virtual byte[] GenerateOtherSecret(int pskLength)
+        {
+            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
+            {
+                if (mDHAgreePrivateKey != null)
+                {
+                    return TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey);
+                }
+
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
+            {
+                if (mECAgreePrivateKey != null)
+                {
+                    return TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey);
+                }
+
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
+            {
+                return this.mPremasterSecret;
+            }
+
+            return new byte[pskLength];
+        }
+
+        protected virtual RsaKeyParameters ValidateRsaPublicKey(RsaKeyParameters key)
+        {
+            // TODO What is the minimum bit length required?
+            // key.Modulus.BitLength;
+
+            if (!key.Exponent.IsProbablePrime(2))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return key;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsRsaKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsRsaKeyExchange.cs
new file mode 100644
index 0000000..b02d564
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsRsaKeyExchange.cs
@@ -0,0 +1,140 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS and SSLv3 RSA key exchange.</summary>
+    public class TlsRsaKeyExchange
+        :   AbstractTlsKeyExchange
+    {
+        protected AsymmetricKeyParameter mServerPublicKey = null;
+
+        protected RsaKeyParameters mRsaServerPublicKey = null;
+
+        protected TlsEncryptionCredentials mServerCredentials = null;
+
+        protected byte[] mPremasterSecret;
+
+        public TlsRsaKeyExchange(IList supportedSignatureAlgorithms)
+            :   base(KeyExchangeAlgorithm.RSA, supportedSignatureAlgorithms)
+        {
+        }
+
+        public override void SkipServerCredentials()
+        {
+            throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            if (!(serverCredentials is TlsEncryptionCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ProcessServerCertificate(serverCredentials.Certificate);
+
+            this.mServerCredentials = (TlsEncryptionCredentials)serverCredentials;
+        }
+
+        public override void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (serverCertificate.IsEmpty)
+                throw new TlsFatalAlert(AlertDescription.bad_certificate);
+
+            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);
+
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+
+            // Sanity check the PublicKeyFactory
+            if (this.mServerPublicKey.IsPrivate)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            this.mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)this.mServerPublicKey);
+
+            TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyEncipherment);
+
+            base.ProcessServerCertificate(serverCertificate);
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            byte[] types = certificateRequest.CertificateTypes;
+            for (int i = 0; i < types.Length; ++i)
+            {
+                switch (types[i])
+                {
+                case ClientCertificateType.rsa_sign:
+                case ClientCertificateType.dss_sign:
+                case ClientCertificateType.ecdsa_sign:
+                    break;
+                default:
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+            }
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            if (!(clientCredentials is TlsSignerCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public override void GenerateClientKeyExchange(Stream output)
+        {
+            this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, mRsaServerPublicKey, output);
+        }
+
+        public override void ProcessClientKeyExchange(Stream input)
+        {
+            byte[] encryptedPreMasterSecret;
+            if (TlsUtilities.IsSsl(mContext))
+            {
+                // TODO Do any SSLv3 clients actually include the length?
+                encryptedPreMasterSecret = Streams.ReadAll(input);
+            }
+            else
+            {
+                encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input);
+            }
+
+            this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret);
+        }
+
+        public override byte[] GeneratePremasterSecret()
+        {
+            if (this.mPremasterSecret == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            byte[] tmp = this.mPremasterSecret;
+            this.mPremasterSecret = null;
+            return tmp;
+        }
+
+        protected virtual RsaKeyParameters ValidateRsaPublicKey(RsaKeyParameters key)
+        {
+            // TODO What is the minimum bit length required?
+            // key.Modulus.BitLength;
+
+            if (!key.Exponent.IsProbablePrime(2))
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            return key;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsRsaSigner.cs b/bc-sharp-crypto/src/crypto/tls/TlsRsaSigner.cs
new file mode 100644
index 0000000..1614f50
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsRsaSigner.cs
@@ -0,0 +1,102 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsRsaSigner
+        :   AbstractTlsSigner
+    {
+        public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm,
+            AsymmetricKeyParameter privateKey, byte[] hash)
+        {
+            ISigner signer = MakeSigner(algorithm, true, true,
+                new ParametersWithRandom(privateKey, this.mContext.SecureRandom));
+            signer.BlockUpdate(hash, 0, hash.Length);
+            return signer.GenerateSignature();
+        }
+
+        public override bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
+            AsymmetricKeyParameter publicKey, byte[] hash)
+        {
+            ISigner signer = MakeSigner(algorithm, true, false, publicKey);
+            signer.BlockUpdate(hash, 0, hash.Length);
+            return signer.VerifySignature(sigBytes);
+        }
+
+        public override ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey)
+        {
+            return MakeSigner(algorithm, false, true, new ParametersWithRandom(privateKey, this.mContext.SecureRandom));
+        }
+
+        public override ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey)
+        {
+            return MakeSigner(algorithm, false, false, publicKey);
+        }
+
+        public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey)
+        {
+            return publicKey is RsaKeyParameters && !publicKey.IsPrivate;
+        }
+
+        protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning,
+            ICipherParameters cp)
+        {
+            if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext))
+                throw new InvalidOperationException();
+            if (algorithm != null && algorithm.Signature != SignatureAlgorithm.rsa)
+                throw new InvalidOperationException();
+
+            IDigest d;
+            if (raw)
+            {
+                d = new NullDigest();
+            }
+            else if (algorithm == null)
+            {
+                d = new CombinedHash();
+            }
+            else
+            {
+                d = TlsUtilities.CreateHash(algorithm.Hash);
+            }
+
+            ISigner s;
+            if (algorithm != null)
+            {
+                /*
+                 * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
+                 * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
+                 */
+                s = new RsaDigestSigner(d, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash));
+            }
+            else
+            {
+                /*
+                 * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
+                 * that did not include a DigestInfo encoding.
+                 */
+                s = new GenericSigner(CreateRsaImpl(), d);
+            }
+            s.Init(forSigning, cp);
+            return s;
+        }
+
+        protected virtual IAsymmetricBlockCipher CreateRsaImpl()
+        {
+            /*
+             * RFC 5246 7.4.7.1. Implementation note: It is now known that remote timing-based attacks
+             * on TLS are possible, at least when the client and server are on the same LAN.
+             * Accordingly, implementations that use static RSA keys MUST use RSA blinding or some other
+             * anti-timing technique, as described in [TIMING].
+             */
+            return new Pkcs1Encoding(new RsaBlindedEngine());
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsRsaUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsRsaUtilities.cs
new file mode 100644
index 0000000..0e42c17
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsRsaUtilities.cs
@@ -0,0 +1,132 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsRsaUtilities
+    {
+        /// <exception cref="IOException"></exception>
+        public static byte[] GenerateEncryptedPreMasterSecret(TlsContext context, RsaKeyParameters rsaServerPublicKey,
+            Stream output)
+        {
+            /*
+             * Choose a PremasterSecret and send it encrypted to the server
+             */
+            byte[] premasterSecret = new byte[48];
+            context.SecureRandom.NextBytes(premasterSecret);
+            TlsUtilities.WriteVersion(context.ClientVersion, premasterSecret, 0);
+
+            Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine());
+            encoding.Init(true, new ParametersWithRandom(rsaServerPublicKey, context.SecureRandom));
+
+            try
+            {
+                byte[] encryptedPreMasterSecret = encoding.ProcessBlock(premasterSecret, 0, premasterSecret.Length);
+
+                if (TlsUtilities.IsSsl(context))
+                {
+                    // TODO Do any SSLv3 servers actually expect the length?
+                    output.Write(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.Length);
+                }
+                else
+                {
+                    TlsUtilities.WriteOpaque16(encryptedPreMasterSecret, output);
+                }
+            }
+            catch (InvalidCipherTextException e)
+            {
+                /*
+                 * This should never happen, only during decryption.
+                 */
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
+            }
+
+            return premasterSecret;
+        }
+
+        public static byte[] SafeDecryptPreMasterSecret(TlsContext context, RsaKeyParameters rsaServerPrivateKey,
+            byte[] encryptedPreMasterSecret)
+        {
+            /*
+             * RFC 5246 7.4.7.1.
+             */
+            ProtocolVersion clientVersion = context.ClientVersion;
+
+            // TODO Provide as configuration option?
+            bool versionNumberCheckDisabled = false;
+
+            /*
+             * Generate 48 random bytes we can use as a Pre-Master-Secret, if the
+             * PKCS1 padding check should fail.
+             */
+            byte[] fallback = new byte[48];
+            context.SecureRandom.NextBytes(fallback);
+
+            byte[] M = Arrays.Clone(fallback);
+            try
+            {
+                Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine(), fallback);
+                encoding.Init(false,
+                    new ParametersWithRandom(rsaServerPrivateKey, context.SecureRandom));
+
+                M = encoding.ProcessBlock(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.Length);
+            }
+            catch (Exception)
+            {
+                /*
+                 * This should never happen since the decryption should never throw an exception
+                 * and return a random value instead.
+                 *
+                 * In any case, a TLS server MUST NOT generate an alert if processing an
+                 * RSA-encrypted premaster secret message fails, or the version number is not as
+                 * expected. Instead, it MUST continue the handshake with a randomly generated
+                 * premaster secret.
+                 */
+            }
+
+            /*
+             * If ClientHello.client_version is TLS 1.1 or higher, server implementations MUST
+             * check the version number [..].
+             */
+            if (versionNumberCheckDisabled && clientVersion.IsEqualOrEarlierVersionOf(ProtocolVersion.TLSv10))
+            {
+                /*
+                 * If the version number is TLS 1.0 or earlier, server
+                 * implementations SHOULD check the version number, but MAY have a
+                 * configuration option to disable the check.
+                 *
+                 * So there is nothing to do here.
+                 */
+            }
+            else
+            {
+                /*
+                 * OK, we need to compare the version number in the decrypted Pre-Master-Secret with the
+                 * clientVersion received during the handshake. If they don't match, we replace the
+                 * decrypted Pre-Master-Secret with a random one.
+                 */
+                int correct = (clientVersion.MajorVersion ^ (M[0] & 0xff))
+                    | (clientVersion.MinorVersion ^ (M[1] & 0xff));
+                correct |= correct >> 1;
+                correct |= correct >> 2;
+                correct |= correct >> 4;
+                int mask = ~((correct & 1) - 1);
+
+                /*
+                 * mask will be all bits set to 0xff if the version number differed.
+                 */
+                for (int i = 0; i < 48; i++)
+                {
+                    M[i] = (byte)((M[i] & (~mask)) | (fallback[i] & mask));
+                }
+            }
+            return M;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsServer.cs b/bc-sharp-crypto/src/crypto/tls/TlsServer.cs
new file mode 100644
index 0000000..e791f93
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsServer.cs
@@ -0,0 +1,93 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsServer
+        :   TlsPeer
+    {
+        void Init(TlsServerContext context);
+
+        /// <exception cref="IOException"></exception>
+        void NotifyClientVersion(ProtocolVersion clientVersion);
+
+        /// <exception cref="IOException"></exception>
+        void NotifyFallback(bool isFallback);
+
+        /// <exception cref="IOException"></exception>
+        void NotifyOfferedCipherSuites(int[] offeredCipherSuites);
+
+        /// <exception cref="IOException"></exception>
+        void NotifyOfferedCompressionMethods(byte[] offeredCompressionMethods);
+
+        /// <param name="clientExtensions">A <see cref="IDictionary"/> (Int32 -> byte[]). Will never be null.</param>
+        /// <exception cref="IOException"></exception>
+        void ProcessClientExtensions(IDictionary clientExtensions);
+
+        /// <exception cref="IOException"></exception>
+        ProtocolVersion GetServerVersion();
+
+        /// <exception cref="IOException"></exception>
+        int GetSelectedCipherSuite();
+
+        /// <exception cref="IOException"></exception>
+        byte GetSelectedCompressionMethod();
+
+        /// <summary>
+        /// Get the (optional) table of server extensions to be included in (extended) server hello.
+        /// </summary>
+        /// <returns>
+        /// A <see cref="IDictionary"/> (Int32 -> byte[]). May be null.
+        /// </returns>
+        /// <exception cref="IOException"></exception>
+        IDictionary GetServerExtensions();
+
+        /// <returns>
+        /// A <see cref="IList"/> (<see cref="SupplementalDataEntry"/>). May be null.
+        /// </returns>
+        /// <exception cref="IOException"></exception>
+        IList GetServerSupplementalData();
+
+        /// <exception cref="IOException"></exception>
+        TlsCredentials GetCredentials();
+
+        /// <remarks>
+        /// This method will be called (only) if the server included an extension of type
+        /// "status_request" with empty "extension_data" in the extended server hello. See <i>RFC 3546
+        /// 3.6. Certificate Status Request</i>. If a non-null <see cref="CertificateStatus"/> is returned, it
+        /// is sent to the client as a handshake message of type "certificate_status".
+        /// </remarks>
+        /// <returns>A <see cref="CertificateStatus"/> to be sent to the client (or null for none).</returns>
+        /// <exception cref="IOException"></exception>
+        CertificateStatus GetCertificateStatus();
+
+        /// <exception cref="IOException"></exception>
+        TlsKeyExchange GetKeyExchange();
+
+        /// <exception cref="IOException"></exception>
+        CertificateRequest GetCertificateRequest();
+
+        /// <param name="clientSupplementalData"><see cref="IList"/> (<see cref="SupplementalDataEntry"/>)</param>
+        /// <exception cref="IOException"></exception>
+        void ProcessClientSupplementalData(IList clientSupplementalData);
+
+        /// <summary>
+        /// Called by the protocol handler to report the client certificate, only if <c>GetCertificateRequest</c>
+        /// returned non-null.
+        /// </summary>
+        /// <remarks>Note: this method is responsible for certificate verification and validation.</remarks>
+        /// <param name="clientCertificate">the effective client certificate (may be an empty chain).</param>
+        /// <exception cref="IOException"></exception>
+        void NotifyClientCertificate(Certificate clientCertificate);
+
+        /// <summary>RFC 5077 3.3. NewSessionTicket Handshake Message.</summary>
+        /// <remarks>
+        /// This method will be called (only) if a NewSessionTicket extension was sent by the server. See
+        /// <i>RFC 5077 4. Recommended Ticket Construction</i> for recommended format and protection.
+        /// </remarks>
+        /// <returns>The <see cref="NewSessionTicket">ticket</see>)</returns>
+        /// <exception cref="IOException"></exception>
+        NewSessionTicket GetNewSessionTicket();
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsServerContext.cs b/bc-sharp-crypto/src/crypto/tls/TlsServerContext.cs
new file mode 100644
index 0000000..4021571
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsServerContext.cs
@@ -0,0 +1,11 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsServerContext
+        : TlsContext
+    {
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsServerContextImpl.cs b/bc-sharp-crypto/src/crypto/tls/TlsServerContextImpl.cs
new file mode 100644
index 0000000..d56566f
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsServerContextImpl.cs
@@ -0,0 +1,20 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class TlsServerContextImpl
+        : AbstractTlsContext, TlsServerContext
+    {
+        internal TlsServerContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters)
+            : base(secureRandom, securityParameters)
+        {
+        }
+
+        public override bool IsServer
+        {
+            get { return true; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsServerProtocol.cs b/bc-sharp-crypto/src/crypto/tls/TlsServerProtocol.cs
new file mode 100644
index 0000000..c2bfbcb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsServerProtocol.cs
@@ -0,0 +1,833 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsServerProtocol
+        :   TlsProtocol
+    {
+        protected TlsServer mTlsServer = null;
+        internal TlsServerContextImpl mTlsServerContext = null;
+
+        protected TlsKeyExchange mKeyExchange = null;
+        protected TlsCredentials mServerCredentials = null;
+        protected CertificateRequest mCertificateRequest = null;
+
+        protected short mClientCertificateType = -1;
+        protected TlsHandshakeHash mPrepareFinishHash = null;
+
+        /**
+         * Constructor for blocking mode.
+         * @param stream The bi-directional stream of data to/from the client
+         * @param output The stream of data to the client
+         * @param secureRandom Random number generator for various cryptographic functions
+         */
+        public TlsServerProtocol(Stream stream, SecureRandom secureRandom)
+            : base(stream, secureRandom)
+        {
+        }
+
+        /**
+         * Constructor for blocking mode.
+         * @param input The stream of data from the client
+         * @param output The stream of data to the client
+         * @param secureRandom Random number generator for various cryptographic functions
+         */
+        public TlsServerProtocol(Stream input, Stream output, SecureRandom secureRandom)
+            : base(input, output, secureRandom)
+        {
+        }
+
+        /**
+         * Constructor for non-blocking mode.<br/>
+         * <br/>
+         * When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to
+         * provide the received ciphertext, then use
+         * {@link #readInput(byte[], int, int)} to read the corresponding cleartext.<br/>
+         * <br/>
+         * Similarly, when data needs to be sent, use
+         * {@link #offerOutput(byte[], int, int)} to provide the cleartext, then use
+         * {@link #readOutput(byte[], int, int)} to get the corresponding
+         * ciphertext.
+         * 
+         * @param secureRandom
+         *            Random number generator for various cryptographic functions
+         */
+        public TlsServerProtocol(SecureRandom secureRandom)
+            : base(secureRandom)
+        {
+        }
+
+        /**
+         * Receives a TLS handshake in the role of server.<br/>
+         * <br/>
+         * In blocking mode, this will not return until the handshake is complete.
+         * In non-blocking mode, use {@link TlsPeer#notifyHandshakeComplete()} to
+         * receive a callback when the handshake is complete.
+         *
+         * @param tlsServer
+         * @throws IOException If in blocking mode and handshake was not successful.
+         */
+        public virtual void Accept(TlsServer tlsServer)
+        {
+            if (tlsServer == null)
+                throw new ArgumentNullException("tlsServer");
+            if (this.mTlsServer != null)
+                throw new InvalidOperationException("'Accept' can only be called once");
+
+            this.mTlsServer = tlsServer;
+
+            this.mSecurityParameters = new SecurityParameters();
+            this.mSecurityParameters.entity = ConnectionEnd.server;
+
+            this.mTlsServerContext = new TlsServerContextImpl(mSecureRandom, mSecurityParameters);
+
+            this.mSecurityParameters.serverRandom = CreateRandomBlock(tlsServer.ShouldUseGmtUnixTime(),
+                mTlsServerContext.NonceRandomGenerator);
+
+            this.mTlsServer.Init(mTlsServerContext);
+            this.mRecordStream.Init(mTlsServerContext);
+
+            this.mRecordStream.SetRestrictReadVersion(false);
+
+            BlockForHandshake();
+        }
+
+        protected override void CleanupHandshake()
+        {
+            base.CleanupHandshake();
+        
+            this.mKeyExchange = null;
+            this.mServerCredentials = null;
+            this.mCertificateRequest = null;
+            this.mPrepareFinishHash = null;
+        }
+
+        protected override TlsContext Context
+        {
+            get { return mTlsServerContext; }
+        }
+
+        internal override AbstractTlsContext ContextAdmin
+        {
+            get { return mTlsServerContext; }
+        }
+
+        protected override TlsPeer Peer
+        {
+            get { return mTlsServer; }
+        }
+
+        protected override void HandleHandshakeMessage(byte type, MemoryStream buf)
+        {
+            switch (type)
+            {
+            case HandshakeType.client_hello:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_START:
+                {
+                    ReceiveClientHelloMessage(buf);
+                    this.mConnectionState = CS_CLIENT_HELLO;
+
+                    SendServerHelloMessage();
+                    this.mConnectionState = CS_SERVER_HELLO;
+
+                    mRecordStream.NotifyHelloComplete();
+
+                    IList serverSupplementalData = mTlsServer.GetServerSupplementalData();
+                    if (serverSupplementalData != null)
+                    {
+                        SendSupplementalDataMessage(serverSupplementalData);
+                    }
+                    this.mConnectionState = CS_SERVER_SUPPLEMENTAL_DATA;
+
+                    this.mKeyExchange = mTlsServer.GetKeyExchange();
+                    this.mKeyExchange.Init(Context);
+
+                    this.mServerCredentials = mTlsServer.GetCredentials();
+
+                    Certificate serverCertificate = null;
+
+                    if (this.mServerCredentials == null)
+                    {
+                        this.mKeyExchange.SkipServerCredentials();
+                    }
+                    else
+                    {
+                        this.mKeyExchange.ProcessServerCredentials(this.mServerCredentials);
+
+                        serverCertificate = this.mServerCredentials.Certificate;
+                        SendCertificateMessage(serverCertificate);
+                    }
+                    this.mConnectionState = CS_SERVER_CERTIFICATE;
+
+                    // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
+                    if (serverCertificate == null || serverCertificate.IsEmpty)
+                    {
+                        this.mAllowCertificateStatus = false;
+                    }
+
+                    if (this.mAllowCertificateStatus)
+                    {
+                        CertificateStatus certificateStatus = mTlsServer.GetCertificateStatus();
+                        if (certificateStatus != null)
+                        {
+                            SendCertificateStatusMessage(certificateStatus);
+                        }
+                    }
+
+                    this.mConnectionState = CS_CERTIFICATE_STATUS;
+
+                    byte[] serverKeyExchange = this.mKeyExchange.GenerateServerKeyExchange();
+                    if (serverKeyExchange != null)
+                    {
+                        SendServerKeyExchangeMessage(serverKeyExchange);
+                    }
+                    this.mConnectionState = CS_SERVER_KEY_EXCHANGE;
+
+                    if (this.mServerCredentials != null)
+                    {
+                        this.mCertificateRequest = mTlsServer.GetCertificateRequest();
+                        if (this.mCertificateRequest != null)
+                        {
+                            if (TlsUtilities.IsTlsV12(Context) != (mCertificateRequest.SupportedSignatureAlgorithms != null))
+                                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                            this.mKeyExchange.ValidateCertificateRequest(mCertificateRequest);
+
+                            SendCertificateRequestMessage(mCertificateRequest);
+
+                            TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash,
+                                this.mCertificateRequest.SupportedSignatureAlgorithms);
+                        }
+                    }
+                    this.mConnectionState = CS_CERTIFICATE_REQUEST;
+
+                    SendServerHelloDoneMessage();
+                    this.mConnectionState = CS_SERVER_HELLO_DONE;
+
+                    this.mRecordStream.HandshakeHash.SealHashAlgorithms();
+
+                    break;
+                }
+                case CS_END:
+                {
+                    RefuseRenegotiation();
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.supplemental_data:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO_DONE:
+                {
+                    mTlsServer.ProcessClientSupplementalData(ReadSupplementalDataMessage(buf));
+                    this.mConnectionState = CS_CLIENT_SUPPLEMENTAL_DATA;
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.certificate:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO_DONE:
+                case CS_CLIENT_SUPPLEMENTAL_DATA:
+                {
+                    if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA)
+                    {
+                        mTlsServer.ProcessClientSupplementalData(null);
+                    }
+
+                    if (this.mCertificateRequest == null)
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+                    ReceiveCertificateMessage(buf);
+                    this.mConnectionState = CS_CLIENT_CERTIFICATE;
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.client_key_exchange:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_SERVER_HELLO_DONE:
+                case CS_CLIENT_SUPPLEMENTAL_DATA:
+                case CS_CLIENT_CERTIFICATE:
+                {
+                    if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA)
+                    {
+                        mTlsServer.ProcessClientSupplementalData(null);
+                    }
+
+                    if (mConnectionState < CS_CLIENT_CERTIFICATE)
+                    {
+                        if (this.mCertificateRequest == null)
+                        {
+                            this.mKeyExchange.SkipClientCredentials();
+                        }
+                        else
+                        {
+                            if (TlsUtilities.IsTlsV12(Context))
+                            {
+                                /*
+                                 * RFC 5246 If no suitable certificate is available, the client MUST Send a
+                                 * certificate message containing no certificates.
+                                 * 
+                                 * NOTE: In previous RFCs, this was SHOULD instead of MUST.
+                                 */
+                                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                            }
+                            else if (TlsUtilities.IsSsl(Context))
+                            {
+                                if (this.mPeerCertificate == null)
+                                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                            }
+                            else
+                            {
+                                NotifyClientCertificate(Certificate.EmptyChain);
+                            }
+                        }
+                    }
+
+                    ReceiveClientKeyExchangeMessage(buf);
+                    this.mConnectionState = CS_CLIENT_KEY_EXCHANGE;
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.certificate_verify:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_CLIENT_KEY_EXCHANGE:
+                {
+                    /*
+                     * RFC 5246 7.4.8 This message is only sent following a client certificate that has
+                     * signing capability (i.e., all certificates except those containing fixed
+                     * Diffie-Hellman parameters).
+                     */
+                    if (!ExpectCertificateVerifyMessage())
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+                    ReceiveCertificateVerifyMessage(buf);
+                    this.mConnectionState = CS_CERTIFICATE_VERIFY;
+
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.finished:
+            {
+                switch (this.mConnectionState)
+                {
+                case CS_CLIENT_KEY_EXCHANGE:
+                case CS_CERTIFICATE_VERIFY:
+                {
+                    if (mConnectionState < CS_CERTIFICATE_VERIFY && ExpectCertificateVerifyMessage())
+                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+                    ProcessFinishedMessage(buf);
+                    this.mConnectionState = CS_CLIENT_FINISHED;
+
+                    if (this.mExpectSessionTicket)
+                    {
+                        SendNewSessionTicketMessage(mTlsServer.GetNewSessionTicket());
+                        SendChangeCipherSpecMessage();
+                    }
+                    this.mConnectionState = CS_SERVER_SESSION_TICKET;
+
+                    SendFinishedMessage();
+                    this.mConnectionState = CS_SERVER_FINISHED;
+
+                    CompleteHandshake();
+                    break;
+                }
+                default:
+                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
+                }
+                break;
+            }
+            case HandshakeType.hello_request:
+            case HandshakeType.hello_verify_request:
+            case HandshakeType.server_hello:
+            case HandshakeType.server_key_exchange:
+            case HandshakeType.certificate_request:
+            case HandshakeType.server_hello_done:
+            case HandshakeType.session_ticket:
+            default:
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+        }
+
+        protected override void HandleAlertWarningMessage(byte alertDescription)
+        {
+            base.HandleAlertWarningMessage(alertDescription);
+
+            switch (alertDescription)
+            {
+            case AlertDescription.no_certificate:
+            {
+                /*
+                 * SSL 3.0 If the server has sent a certificate request Message, the client must send
+                 * either the certificate message or a no_certificate alert.
+                 */
+                if (TlsUtilities.IsSsl(Context) && this.mCertificateRequest != null)
+                {
+                    switch (this.mConnectionState)
+                    {
+                    case CS_SERVER_HELLO_DONE:
+                    case CS_CLIENT_SUPPLEMENTAL_DATA:
+                    {
+                        if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA)
+                        {
+                            mTlsServer.ProcessClientSupplementalData(null);
+                        }
+
+                        NotifyClientCertificate(Certificate.EmptyChain);
+                        this.mConnectionState = CS_CLIENT_CERTIFICATE;
+                        return;
+                    }
+                    }
+                }
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            }
+            } 
+        }
+
+        protected virtual void NotifyClientCertificate(Certificate clientCertificate)
+        {
+            if (mCertificateRequest == null)
+                throw new InvalidOperationException();
+            if (mPeerCertificate != null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+
+            this.mPeerCertificate = clientCertificate;
+
+            if (clientCertificate.IsEmpty)
+            {
+                this.mKeyExchange.SkipClientCredentials();
+            }
+            else
+            {
+
+                /*
+                 * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request
+                 * message was non-empty, one of the certificates in the certificate chain SHOULD be
+                 * issued by one of the listed CAs.
+                 */
+
+                this.mClientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate,
+                    this.mServerCredentials.Certificate);
+
+                this.mKeyExchange.ProcessClientCertificate(clientCertificate);
+            }
+
+            /*
+             * RFC 5246 7.4.6. If the client does not Send any certificates, the server MAY at its
+             * discretion either continue the handshake without client authentication, or respond with a
+             * fatal handshake_failure alert. Also, if some aspect of the certificate chain was
+             * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its
+             * discretion either continue the handshake (considering the client unauthenticated) or Send
+             * a fatal alert.
+             */
+            this.mTlsServer.NotifyClientCertificate(clientCertificate);
+        }
+
+        protected virtual void ReceiveCertificateMessage(MemoryStream buf)
+        {
+            Certificate clientCertificate = Certificate.Parse(buf);
+
+            AssertEmpty(buf);
+
+            NotifyClientCertificate(clientCertificate);
+        }
+
+        protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
+        {
+            if (mCertificateRequest == null)
+                throw new InvalidOperationException();
+
+            DigitallySigned clientCertificateVerify = DigitallySigned.Parse(Context, buf);
+
+            AssertEmpty(buf);
+
+            // Verify the CertificateVerify message contains a correct signature.
+            try
+            {
+                SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm;
+
+                byte[] hash;
+                if (TlsUtilities.IsTlsV12(Context))
+                {
+                    TlsUtilities.VerifySupportedSignatureAlgorithm(mCertificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm);
+                    hash = mPrepareFinishHash.GetFinalHash(signatureAlgorithm.Hash);
+                }
+                else
+                {
+                    hash = mSecurityParameters.SessionHash;
+                }
+
+                X509CertificateStructure x509Cert = mPeerCertificate.GetCertificateAt(0);
+                SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+                AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo);
+
+                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType);
+                tlsSigner.Init(Context);
+                if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash))
+                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
+            }
+            catch (TlsFatalAlert e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
+            }
+        }
+
+        protected virtual void ReceiveClientHelloMessage(MemoryStream buf)
+        {
+            ProtocolVersion client_version = TlsUtilities.ReadVersion(buf);
+            mRecordStream.SetWriteVersion(client_version);
+
+            if (client_version.IsDtls)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            byte[] client_random = TlsUtilities.ReadFully(32, buf);
+
+            /*
+             * TODO RFC 5077 3.4. If a ticket is presented by the client, the server MUST NOT attempt to
+             * use the Session ID in the ClientHello for stateful session resumption.
+             */
+            byte[] sessionID = TlsUtilities.ReadOpaque8(buf);
+            if (sessionID.Length > 32)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            /*
+             * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session
+             * resumption request), this vector MUST include at least the cipher_suite from that
+             * session.
+             */
+            int cipher_suites_length = TlsUtilities.ReadUint16(buf);
+            if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            this.mOfferedCipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, buf);
+
+            /*
+             * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session
+             * resumption request), it MUST include the compression_method from that session.
+             */
+            int compression_methods_length = TlsUtilities.ReadUint8(buf);
+            if (compression_methods_length < 1)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+
+            this.mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(compression_methods_length, buf);
+
+            /*
+             * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
+             * extensions appearing in the client hello, and Send a server hello containing no
+             * extensions.
+             */
+            this.mClientExtensions = ReadExtensions(buf);
+
+            /*
+             * TODO[session-hash]
+             * 
+             * draft-ietf-tls-session-hash-04 4. Clients and servers SHOULD NOT accept handshakes
+             * that do not use the extended master secret [..]. (and see 5.2, 5.3)
+             */
+            this.mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mClientExtensions);
+
+            ContextAdmin.SetClientVersion(client_version);
+
+            mTlsServer.NotifyClientVersion(client_version);
+            mTlsServer.NotifyFallback(Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV));
+
+            mSecurityParameters.clientRandom = client_random;
+
+            mTlsServer.NotifyOfferedCipherSuites(mOfferedCipherSuites);
+            mTlsServer.NotifyOfferedCompressionMethods(mOfferedCompressionMethods);
+
+            /*
+             * RFC 5746 3.6. Server Behavior: Initial Handshake
+             */
+            {
+                /*
+                 * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
+                 * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
+                 * ClientHello. Including both is NOT RECOMMENDED.
+                 */
+
+                /*
+                 * When a ClientHello is received, the server MUST check if it includes the
+                 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
+                 * to TRUE.
+                 */
+                if (Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV))
+                {
+                    this.mSecureRenegotiation = true;
+                }
+
+                /*
+                 * The server MUST check if the "renegotiation_info" extension is included in the
+                 * ClientHello.
+                 */
+                byte[] renegExtData = TlsUtilities.GetExtensionData(mClientExtensions, ExtensionType.renegotiation_info);
+                if (renegExtData != null)
+                {
+                    /*
+                     * If the extension is present, set secure_renegotiation flag to TRUE. The
+                     * server MUST then verify that the length of the "renegotiated_connection"
+                     * field is zero, and if it is not, MUST abort the handshake.
+                     */
+                    this.mSecureRenegotiation = true;
+
+                    if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
+                        throw new TlsFatalAlert(AlertDescription.handshake_failure);
+                }
+            }
+
+            mTlsServer.NotifySecureRenegotiation(this.mSecureRenegotiation);
+
+            if (mClientExtensions != null)
+            {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(mClientExtensions);
+
+                mTlsServer.ProcessClientExtensions(mClientExtensions);
+            }
+        }
+
+        protected virtual void ReceiveClientKeyExchangeMessage(MemoryStream buf)
+        {
+            mKeyExchange.ProcessClientKeyExchange(buf);
+
+            AssertEmpty(buf);
+
+            if (TlsUtilities.IsSsl(Context))
+            {
+                EstablishMasterSecret(Context, mKeyExchange);
+            }
+
+            this.mPrepareFinishHash = mRecordStream.PrepareToFinish();
+            this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, mPrepareFinishHash, null);
+
+            if (!TlsUtilities.IsSsl(Context))
+            {
+                EstablishMasterSecret(Context, mKeyExchange);
+            }
+
+            mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
+
+            if (!mExpectSessionTicket)
+            {
+                SendChangeCipherSpecMessage();
+            }
+        }
+
+        protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest)
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_request);
+
+            certificateRequest.Encode(message);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendCertificateStatusMessage(CertificateStatus certificateStatus)
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_status);
+
+            certificateStatus.Encode(message);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
+        {
+            if (newSessionTicket == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.session_ticket);
+
+            newSessionTicket.Encode(message);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendServerHelloMessage()
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.server_hello);
+
+            {
+                ProtocolVersion server_version = mTlsServer.GetServerVersion();
+                if (!server_version.IsEqualOrEarlierVersionOf(Context.ClientVersion))
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                mRecordStream.ReadVersion = server_version;
+                mRecordStream.SetWriteVersion(server_version);
+                mRecordStream.SetRestrictReadVersion(true);
+                ContextAdmin.SetServerVersion(server_version);
+
+                TlsUtilities.WriteVersion(server_version, message);
+            }
+
+            message.Write(this.mSecurityParameters.serverRandom);
+
+            /*
+             * The server may return an empty session_id to indicate that the session will not be cached
+             * and therefore cannot be resumed.
+             */
+            TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, message);
+
+            int selectedCipherSuite = mTlsServer.GetSelectedCipherSuite();
+            if (!Arrays.Contains(mOfferedCipherSuites, selectedCipherSuite)
+                || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
+                || CipherSuite.IsScsv(selectedCipherSuite)
+                || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, Context.ServerVersion))
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+            mSecurityParameters.cipherSuite = selectedCipherSuite;
+
+            byte selectedCompressionMethod = mTlsServer.GetSelectedCompressionMethod();
+            if (!Arrays.Contains(mOfferedCompressionMethods, selectedCompressionMethod))
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+            mSecurityParameters.compressionAlgorithm = selectedCompressionMethod;
+
+            TlsUtilities.WriteUint16(selectedCipherSuite, message);
+            TlsUtilities.WriteUint8(selectedCompressionMethod, message);
+
+            this.mServerExtensions = mTlsServer.GetServerExtensions();
+
+            /*
+             * RFC 5746 3.6. Server Behavior: Initial Handshake
+             */
+            if (this.mSecureRenegotiation)
+            {
+                byte[] renegExtData = TlsUtilities.GetExtensionData(this.mServerExtensions, ExtensionType.renegotiation_info);
+                bool noRenegExt = (null == renegExtData);
+
+                if (noRenegExt)
+                {
+                    /*
+                     * Note that Sending a "renegotiation_info" extension in response to a ClientHello
+                     * containing only the SCSV is an explicit exception to the prohibition in RFC 5246,
+                     * Section 7.4.1.4, on the server Sending unsolicited extensions and is only allowed
+                     * because the client is signaling its willingness to receive the extension via the
+                     * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
+                     */
+
+                    /*
+                     * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty
+                     * "renegotiation_info" extension in the ServerHello message.
+                     */
+                    this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mServerExtensions);
+                    this.mServerExtensions[ExtensionType.renegotiation_info] = CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
+                }
+            }
+
+            if (mSecurityParameters.extendedMasterSecret)
+            {
+                this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mServerExtensions);
+                TlsExtensionsUtilities.AddExtendedMasterSecretExtension(mServerExtensions);
+            }
+
+            /*
+             * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
+             * extensions appearing in the client hello, and Send a server hello containing no
+             * extensions.
+             */
+
+            if (this.mServerExtensions != null)
+            {
+                this.mSecurityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(mServerExtensions);
+
+                this.mSecurityParameters.maxFragmentLength = ProcessMaxFragmentLengthExtension(mClientExtensions,
+                    mServerExtensions, AlertDescription.internal_error);
+
+                this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(mServerExtensions);
+
+                /*
+                 * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
+                 * a session resumption handshake.
+                 */
+                this.mAllowCertificateStatus = !mResumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, ExtensionType.status_request,
+                        AlertDescription.internal_error);
+
+                this.mExpectSessionTicket = !mResumedSession
+                    && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, ExtensionType.session_ticket,
+                        AlertDescription.internal_error);
+
+                WriteExtensions(message, this.mServerExtensions);
+            }
+
+            mSecurityParameters.prfAlgorithm = GetPrfAlgorithm(Context, mSecurityParameters.CipherSuite);
+
+            /*
+             * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has
+             * a verify_data_length equal to 12. This includes all existing cipher suites.
+             */
+            mSecurityParameters.verifyDataLength = 12;
+
+            ApplyMaxFragmentLengthExtension();
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual void SendServerHelloDoneMessage()
+        {
+            byte[] message = new byte[4];
+            TlsUtilities.WriteUint8(HandshakeType.server_hello_done, message, 0);
+            TlsUtilities.WriteUint24(0, message, 1);
+
+            WriteHandshakeMessage(message, 0, message.Length);
+        }
+
+        protected virtual void SendServerKeyExchangeMessage(byte[] serverKeyExchange)
+        {
+            HandshakeMessage message = new HandshakeMessage(HandshakeType.server_key_exchange, serverKeyExchange.Length);
+
+            message.Write(serverKeyExchange);
+
+            message.WriteToRecordStream(this);
+        }
+
+        protected virtual bool ExpectCertificateVerifyMessage()
+        {
+            return mClientCertificateType >= 0 && TlsUtilities.HasSigningCapability((byte)mClientCertificateType);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSession.cs b/bc-sharp-crypto/src/crypto/tls/TlsSession.cs
new file mode 100644
index 0000000..6c22991
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSession.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsSession
+    {
+        SessionParameters ExportSessionParameters();
+
+        byte[] SessionID { get; }
+
+        void Invalidate();
+
+        bool IsResumable { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSessionImpl.cs b/bc-sharp-crypto/src/crypto/tls/TlsSessionImpl.cs
new file mode 100644
index 0000000..8663926
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSessionImpl.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class TlsSessionImpl
+        :   TlsSession
+    {
+        internal readonly byte[] mSessionID;
+        internal SessionParameters mSessionParameters;
+
+        internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
+        {
+            if (sessionID == null)
+                throw new ArgumentNullException("sessionID");
+            if (sessionID.Length < 1 || sessionID.Length > 32)
+                throw new ArgumentException("must have length between 1 and 32 bytes, inclusive", "sessionID");
+
+            this.mSessionID = Arrays.Clone(sessionID);
+            this.mSessionParameters = sessionParameters;
+        }
+
+        public virtual SessionParameters ExportSessionParameters()
+        {
+            lock (this)
+            {
+                return this.mSessionParameters == null ? null : this.mSessionParameters.Copy();
+            }
+        }
+
+        public virtual byte[] SessionID
+        {
+            get { lock (this) return mSessionID; }
+        }
+
+        public virtual void Invalidate()
+        {
+            lock (this)
+            {
+                if (this.mSessionParameters != null)
+                {
+                    this.mSessionParameters.Clear();
+                    this.mSessionParameters = null;
+                }
+            }
+        }
+
+        public virtual bool IsResumable
+        {
+            get { lock (this) return this.mSessionParameters != null; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSigner.cs b/bc-sharp-crypto/src/crypto/tls/TlsSigner.cs
new file mode 100644
index 0000000..ffdd4c9
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSigner.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsSigner
+    {
+        void Init(TlsContext context);
+
+        byte[] GenerateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1);
+
+        byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm,
+            AsymmetricKeyParameter privateKey, byte[] hash);
+
+        bool VerifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1);
+
+        bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
+            AsymmetricKeyParameter publicKey, byte[] hash);
+
+        ISigner CreateSigner(AsymmetricKeyParameter privateKey);
+
+        ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey);
+
+        ISigner CreateVerifyer(AsymmetricKeyParameter publicKey);
+
+        ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey);
+
+        bool IsValidPublicKey(AsymmetricKeyParameter publicKey);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSignerCredentials.cs b/bc-sharp-crypto/src/crypto/tls/TlsSignerCredentials.cs
new file mode 100644
index 0000000..92ed7cc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSignerCredentials.cs
@@ -0,0 +1,14 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsSignerCredentials
+        :   TlsCredentials
+    {
+        /// <exception cref="IOException"></exception>
+        byte[] GenerateCertificateSignature(byte[] hash);
+
+        SignatureAndHashAlgorithm SignatureAndHashAlgorithm { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrpGroupVerifier.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrpGroupVerifier.cs
new file mode 100644
index 0000000..185f2f5
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrpGroupVerifier.cs
@@ -0,0 +1,17 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsSrpGroupVerifier
+    {
+        /**
+         * Check whether the given SRP group parameters are acceptable for use.
+         * 
+         * @param group the {@link SRP6GroupParameters} to check
+         * @return true if (and only if) the specified group parameters are acceptable
+         */
+        bool Accept(Srp6GroupParameters group);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrpIdentityManager.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrpIdentityManager.cs
new file mode 100644
index 0000000..080a0dc
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrpIdentityManager.cs
@@ -0,0 +1,21 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public interface TlsSrpIdentityManager
+    {
+        /**
+         * Lookup the {@link TlsSRPLoginParameters} corresponding to the specified identity.
+         * 
+         * NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC
+         * 5054 2.5.1.3. {@link SimulatedTlsSRPIdentityManager} is provided for this purpose.
+         * 
+         * @param identity
+         *            the SRP identity sent by the connecting client
+         * @return the {@link TlsSRPLoginParameters} for the specified identity, or else 'simulated'
+         *         parameters if the identity is not recognized. A null value is also allowed, but not
+         *         recommended.
+         */
+        TlsSrpLoginParameters GetLoginParameters(byte[] identity);
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrpKeyExchange.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrpKeyExchange.cs
new file mode 100644
index 0000000..09fa723
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrpKeyExchange.cs
@@ -0,0 +1,285 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Agreement.Srp;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>(D)TLS SRP key exchange (RFC 5054).</summary>
+    public class TlsSrpKeyExchange
+        :   AbstractTlsKeyExchange
+    {
+        protected static TlsSigner CreateSigner(int keyExchange)
+        {
+            switch (keyExchange)
+            {
+                case KeyExchangeAlgorithm.SRP:
+                    return null;
+                case KeyExchangeAlgorithm.SRP_RSA:
+                    return new TlsRsaSigner();
+                case KeyExchangeAlgorithm.SRP_DSS:
+                    return new TlsDssSigner();
+                default:
+                    throw new ArgumentException("unsupported key exchange algorithm");
+            }
+        }
+
+        protected TlsSigner mTlsSigner;
+        protected TlsSrpGroupVerifier mGroupVerifier;
+        protected byte[] mIdentity;
+        protected byte[] mPassword;
+
+        protected AsymmetricKeyParameter mServerPublicKey = null;
+
+        protected Srp6GroupParameters mSrpGroup = null;
+        protected Srp6Client mSrpClient = null;
+        protected Srp6Server mSrpServer = null;
+        protected BigInteger mSrpPeerCredentials = null;
+        protected BigInteger mSrpVerifier = null;
+        protected byte[] mSrpSalt = null;
+
+        protected TlsSignerCredentials mServerCredentials = null;
+
+        [Obsolete("Use constructor taking an explicit 'groupVerifier' argument")]
+        public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, byte[] password)
+            :   this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsSrpGroupVerifier(), identity, password)
+        {
+        }
+
+        public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsSrpGroupVerifier groupVerifier,
+            byte[] identity, byte[] password)
+            :   base(keyExchange, supportedSignatureAlgorithms)
+        {
+            this.mTlsSigner = CreateSigner(keyExchange);
+            this.mGroupVerifier = groupVerifier;
+            this.mIdentity = identity;
+            this.mPassword = password;
+            this.mSrpClient = new Srp6Client();
+        }
+
+        public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity,
+            TlsSrpLoginParameters loginParameters)
+            :   base(keyExchange, supportedSignatureAlgorithms)
+        {
+            this.mTlsSigner = CreateSigner(keyExchange);
+            this.mIdentity = identity;
+            this.mSrpServer = new Srp6Server();
+            this.mSrpGroup = loginParameters.Group;
+            this.mSrpVerifier = loginParameters.Verifier;
+            this.mSrpSalt = loginParameters.Salt;
+        }
+
+        public override void Init(TlsContext context)
+        {
+            base.Init(context);
+
+            if (this.mTlsSigner != null)
+            {
+                this.mTlsSigner.Init(context);
+            }
+        }
+
+        public override void SkipServerCredentials()
+        {
+            if (mTlsSigner != null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessServerCertificate(Certificate serverCertificate)
+        {
+            if (mTlsSigner == null)
+                throw new TlsFatalAlert(AlertDescription.unexpected_message);
+            if (serverCertificate.IsEmpty)
+                throw new TlsFatalAlert(AlertDescription.bad_certificate);
+
+            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);
+
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+
+            if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
+                throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+
+            TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+
+            base.ProcessServerCertificate(serverCertificate);
+        }
+
+        public override void ProcessServerCredentials(TlsCredentials serverCredentials)
+        {
+            if ((mKeyExchange == KeyExchangeAlgorithm.SRP) || !(serverCredentials is TlsSignerCredentials))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            ProcessServerCertificate(serverCredentials.Certificate);
+
+            this.mServerCredentials = (TlsSignerCredentials)serverCredentials;
+        }
+
+        public override bool RequiresServerKeyExchange
+        {
+            get { return true; }
+        }
+
+        public override byte[] GenerateServerKeyExchange()
+        {
+            mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
+            BigInteger B = mSrpServer.GenerateServerCredentials();
+
+            ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);
+
+            DigestInputBuffer buf = new DigestInputBuffer();
+
+            srpParams.Encode(buf);
+
+            if (mServerCredentials != null)
+            {
+                /*
+                 * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
+                 */
+                SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
+                    mContext, mServerCredentials);
+
+                IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
+
+                SecurityParameters securityParameters = mContext.SecurityParameters;
+                d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+                d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+                buf.UpdateDigest(d);
+
+                byte[] hash = new byte[d.GetDigestSize()];
+                d.DoFinal(hash, 0);
+
+                byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
+
+                DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
+                signed_params.Encode(buf);
+            }
+
+            return buf.ToArray();
+        }
+
+        public override void ProcessServerKeyExchange(Stream input)
+        {
+            SecurityParameters securityParameters = mContext.SecurityParameters;
+
+            SignerInputBuffer buf = null;
+            Stream teeIn = input;
+
+            if (mTlsSigner != null)
+            {
+                buf = new SignerInputBuffer();
+                teeIn = new TeeInputStream(input, buf);
+            }
+
+            ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn);
+
+            if (buf != null)
+            {
+                DigitallySigned signed_params = ParseSignature(input);
+
+                ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
+                buf.UpdateSigner(signer);
+                if (!signer.VerifySignature(signed_params.Signature))
+                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
+            }
+
+            this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G);
+
+            if (!mGroupVerifier.Accept(mSrpGroup))
+                throw new TlsFatalAlert(AlertDescription.insufficient_security);
+
+            this.mSrpSalt = srpParams.S;
+
+            /*
+             * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
+             * B % N = 0.
+             */
+            try
+            {
+                this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B);
+            }
+            catch (CryptoException e)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
+            }
+
+            this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
+        }
+
+        public override void ValidateCertificateRequest(CertificateRequest certificateRequest)
+        {
+            throw new TlsFatalAlert(AlertDescription.unexpected_message);
+        }
+
+        public override void ProcessClientCredentials(TlsCredentials clientCredentials)
+        {
+            throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public override void GenerateClientKeyExchange(Stream output)
+        {
+            BigInteger A = mSrpClient.GenerateClientCredentials(mSrpSalt, mIdentity, mPassword);
+            TlsSrpUtilities.WriteSrpParameter(A, output);
+
+            mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity);
+        }
+
+        public override void ProcessClientKeyExchange(Stream input)
+        {
+            /*
+             * RFC 5054 2.5.4: The server MUST abort the handshake with an "illegal_parameter" alert if
+             * A % N = 0.
+             */
+            try
+            {
+                this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, TlsSrpUtilities.ReadSrpParameter(input));
+            }
+            catch (CryptoException e)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
+            }
+
+            mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity);
+        }
+
+        public override byte[] GeneratePremasterSecret()
+        {
+            try
+            {
+                BigInteger S = mSrpServer != null
+                    ?   mSrpServer.CalculateSecret(mSrpPeerCredentials)
+                    :   mSrpClient.CalculateSecret(mSrpPeerCredentials);
+
+                // TODO Check if this needs to be a fixed size
+                return BigIntegers.AsUnsignedByteArray(S);
+            }
+            catch (CryptoException e)
+            {
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
+            }
+        }
+
+        protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm,
+            SecurityParameters securityParameters)
+        {
+            ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey);
+            signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
+            signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
+            return signer;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrpLoginParameters.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrpLoginParameters.cs
new file mode 100644
index 0000000..5ae4641
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrpLoginParameters.cs
@@ -0,0 +1,36 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsSrpLoginParameters
+    {
+        protected readonly Srp6GroupParameters mGroup;
+        protected readonly BigInteger mVerifier;
+        protected readonly byte[] mSalt;
+
+        public TlsSrpLoginParameters(Srp6GroupParameters group, BigInteger verifier, byte[] salt)
+        {
+            this.mGroup = group;
+            this.mVerifier = verifier;
+            this.mSalt = salt;
+        }
+
+        public virtual Srp6GroupParameters Group
+        {
+            get { return mGroup; }
+        }
+
+        public virtual byte[] Salt
+        {
+            get { return mSalt; }
+        }
+
+        public virtual BigInteger Verifier
+        {
+            get { return mVerifier; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrpUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrpUtilities.cs
new file mode 100644
index 0000000..873189d
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrpUtilities.cs
@@ -0,0 +1,74 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class TlsSrpUtilities
+    {
+        public static void AddSrpExtension(IDictionary extensions, byte[] identity)
+        {
+            extensions[ExtensionType.srp] = CreateSrpExtension(identity);
+        }
+
+        public static byte[] GetSrpExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.srp);
+            return extensionData == null ? null : ReadSrpExtension(extensionData);
+        }
+
+        public static byte[] CreateSrpExtension(byte[] identity)
+        {
+            if (identity == null)
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+
+            return TlsUtilities.EncodeOpaque8(identity);
+        }
+
+        public static byte[] ReadSrpExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+            byte[] identity = TlsUtilities.ReadOpaque8(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return identity;
+        }
+
+        public static BigInteger ReadSrpParameter(Stream input)
+        {
+            return new BigInteger(1, TlsUtilities.ReadOpaque16(input));
+        }
+
+        public static void WriteSrpParameter(BigInteger x, Stream output)
+        {
+            TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output);
+        }
+
+        public static bool IsSrpCipherSuite(int cipherSuite)
+        {
+            switch (cipherSuite)
+            {
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
+                return true;
+
+            default:
+                return false;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsSrtpUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsSrtpUtilities.cs
new file mode 100644
index 0000000..626c0e3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsSrtpUtilities.cs
@@ -0,0 +1,62 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 5764 DTLS Extension to Establish Keys for SRTP.
+     */
+    public abstract class TlsSRTPUtils
+    {
+        public static void AddUseSrtpExtension(IDictionary extensions, UseSrtpData useSRTPData)
+        {
+            extensions[ExtensionType.use_srtp] = CreateUseSrtpExtension(useSRTPData);
+        }
+
+        public static UseSrtpData GetUseSrtpExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.use_srtp);
+            return extensionData == null ? null : ReadUseSrtpExtension(extensionData);
+        }
+
+        public static byte[] CreateUseSrtpExtension(UseSrtpData useSrtpData)
+        {
+            if (useSrtpData == null)
+                throw new ArgumentNullException("useSrtpData");
+
+            MemoryStream buf = new MemoryStream();
+
+            // SRTPProtectionProfiles
+            TlsUtilities.WriteUint16ArrayWithUint16Length(useSrtpData.ProtectionProfiles, buf);
+
+            // srtp_mki
+            TlsUtilities.WriteOpaque8(useSrtpData.Mki, buf);
+
+            return buf.ToArray();
+        }
+
+        public static UseSrtpData ReadUseSrtpExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, true);
+
+            // SRTPProtectionProfiles
+            int length = TlsUtilities.ReadUint16(buf);
+            if (length < 2 || (length & 1) != 0)
+            {
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            }
+            int[] protectionProfiles = TlsUtilities.ReadUint16Array(length / 2, buf);
+
+            // srtp_mki
+            byte[] mki = TlsUtilities.ReadOpaque8(buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return new UseSrtpData(protectionProfiles, mki);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsStream.cs b/bc-sharp-crypto/src/crypto/tls/TlsStream.cs
new file mode 100644
index 0000000..bfd80ed
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsStream.cs
@@ -0,0 +1,97 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class TlsStream
+        : Stream
+    {
+        private readonly TlsProtocol handler;
+
+        internal TlsStream(TlsProtocol handler)
+        {
+            this.handler = handler;
+        }
+
+        public override bool CanRead
+        {
+            get { return !handler.IsClosed; }
+        }
+
+        public override bool CanSeek
+        {
+            get { return false; }
+        }
+
+        public override bool CanWrite
+        {
+            get { return !handler.IsClosed; }
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                handler.Close();
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            handler.Close();
+            base.Close();
+        }
+#endif
+
+        public override void Flush()
+        {
+            handler.Flush();
+        }
+
+        public override long Length
+        {
+            get { throw new NotSupportedException(); }
+        }
+
+        public override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+
+        public override int Read(byte[]	buf, int off, int len)
+        {
+            return this.handler.ReadApplicationData(buf, off, len);
+        }
+
+        public override int ReadByte()
+        {
+            byte[] buf = new byte[1];
+            if (this.Read(buf, 0, 1) <= 0)
+                return -1;
+            return buf[0];
+        }
+
+        public override long Seek(long offset, SeekOrigin origin)
+        {
+            throw new NotSupportedException();
+        }
+
+        public override void SetLength(long value)
+        {
+            throw new NotSupportedException();
+        }
+
+        public override void Write(byte[] buf, int off, int len)
+        {
+            this.handler.WriteData(buf, off, len);
+        }
+
+        public override void WriteByte(byte b)
+        {
+            this.handler.WriteData(new byte[] { b }, 0, 1);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsStreamCipher.cs b/bc-sharp-crypto/src/crypto/tls/TlsStreamCipher.cs
new file mode 100644
index 0000000..555442e
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsStreamCipher.cs
@@ -0,0 +1,152 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Tls;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public class TlsStreamCipher
+        :   TlsCipher
+    {
+        protected readonly TlsContext context;
+
+        protected readonly IStreamCipher encryptCipher;
+        protected readonly IStreamCipher decryptCipher;
+
+        protected readonly TlsMac writeMac;
+        protected readonly TlsMac readMac;
+
+        protected readonly bool usesNonce;
+
+        /// <exception cref="IOException"></exception>
+        public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher,
+            IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest,
+            int cipherKeySize, bool usesNonce)
+        {
+            bool isServer = context.IsServer;
+
+            this.context = context;
+            this.usesNonce = usesNonce;
+
+            this.encryptCipher = clientWriteCipher;
+            this.decryptCipher = serverWriteCipher;
+
+            int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+                + serverWriteDigest.GetDigestSize();
+
+            byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
+
+            int offset = 0;
+
+            // Init MACs
+            TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
+                clientWriteDigest.GetDigestSize());
+            offset += clientWriteDigest.GetDigestSize();
+            TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
+                serverWriteDigest.GetDigestSize());
+            offset += serverWriteDigest.GetDigestSize();
+
+            // Build keys
+            KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+            KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
+            offset += cipherKeySize;
+
+            if (offset != key_block_size)
+            {
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+
+            ICipherParameters encryptParams, decryptParams;
+            if (isServer)
+            {
+                this.writeMac = serverWriteMac;
+                this.readMac = clientWriteMac;
+                this.encryptCipher = serverWriteCipher;
+                this.decryptCipher = clientWriteCipher;
+                encryptParams = serverWriteKey;
+                decryptParams = clientWriteKey;
+            }
+            else
+            {
+                this.writeMac = clientWriteMac;
+                this.readMac = serverWriteMac;
+                this.encryptCipher = clientWriteCipher;
+                this.decryptCipher = serverWriteCipher;
+                encryptParams = clientWriteKey;
+                decryptParams = serverWriteKey;
+            }
+
+            if (usesNonce)
+            {
+                byte[] dummyNonce = new byte[8];
+                encryptParams = new ParametersWithIV(encryptParams, dummyNonce);
+                decryptParams = new ParametersWithIV(decryptParams, dummyNonce);
+            }
+
+            this.encryptCipher.Init(true, encryptParams);
+            this.decryptCipher.Init(false, decryptParams);
+        }
+
+        public virtual int GetPlaintextLimit(int ciphertextLimit)
+        {
+            return ciphertextLimit - writeMac.Size;
+        }
+
+        public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len)
+        {
+            if (usesNonce)
+            {
+                UpdateIV(encryptCipher, true, seqNo);
+            }
+
+            byte[] outBuf = new byte[len + writeMac.Size];
+
+            encryptCipher.ProcessBytes(plaintext, offset, len, outBuf, 0);
+
+            byte[] mac = writeMac.CalculateMac(seqNo, type, plaintext, offset, len);
+            encryptCipher.ProcessBytes(mac, 0, mac.Length, outBuf, len);
+
+            return outBuf;
+        }
+
+        /// <exception cref="IOException"></exception>
+        public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len)
+        {
+            if (usesNonce)
+            {
+                UpdateIV(decryptCipher, false, seqNo);
+            }
+
+            int macSize = readMac.Size;
+            if (len < macSize)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            int plaintextLength = len - macSize;
+
+            byte[] deciphered = new byte[len];
+            decryptCipher.ProcessBytes(ciphertext, offset, len, deciphered, 0);
+            CheckMac(seqNo, type, deciphered, plaintextLength, len, deciphered, 0, plaintextLength);
+            return Arrays.CopyOfRange(deciphered, 0, plaintextLength);
+        }
+
+        /// <exception cref="IOException"></exception>
+        protected virtual void CheckMac(long seqNo, byte type, byte[] recBuf, int recStart, int recEnd, byte[] calcBuf, int calcOff, int calcLen)
+        {
+            byte[] receivedMac = Arrays.CopyOfRange(recBuf, recStart, recEnd);
+            byte[] computedMac = readMac.CalculateMac(seqNo, type, calcBuf, calcOff, calcLen);
+
+            if (!Arrays.ConstantTimeAreEqual(receivedMac, computedMac))
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+        }
+
+        protected virtual void UpdateIV(IStreamCipher cipher, bool forEncryption, long seqNo)
+        {
+            byte[] nonce = new byte[8];
+            TlsUtilities.WriteUint64(seqNo, nonce, 0);
+            cipher.Init(forEncryption, new ParametersWithIV(null, nonce));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/TlsUtilities.cs b/bc-sharp-crypto/src/crypto/tls/TlsUtilities.cs
new file mode 100644
index 0000000..48eb9d3
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/TlsUtilities.cs
@@ -0,0 +1,2398 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <remarks>Some helper functions for MicroTLS.</remarks>
+    public abstract class TlsUtilities
+    {
+        public static readonly byte[] EmptyBytes = new byte[0];
+        public static readonly short[] EmptyShorts = new short[0];
+        public static readonly int[] EmptyInts = new int[0];
+        public static readonly long[] EmptyLongs = new long[0];
+
+        public static void CheckUint8(int i)
+        {
+            if (!IsValidUint8(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint8(long i)
+        {
+            if (!IsValidUint8(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint16(int i)
+        {
+            if (!IsValidUint16(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint16(long i)
+        {
+            if (!IsValidUint16(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint24(int i)
+        {
+            if (!IsValidUint24(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint24(long i)
+        {
+            if (!IsValidUint24(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint32(long i)
+        {
+            if (!IsValidUint32(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint48(long i)
+        {
+            if (!IsValidUint48(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static void CheckUint64(long i)
+        {
+            if (!IsValidUint64(i))
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+        }
+
+        public static bool IsValidUint8(int i)
+        {
+            return (i & 0xFF) == i;
+        }
+
+        public static bool IsValidUint8(long i)
+        {
+            return (i & 0xFFL) == i;
+        }
+
+        public static bool IsValidUint16(int i)
+        {
+            return (i & 0xFFFF) == i;
+        }
+
+        public static bool IsValidUint16(long i)
+        {
+            return (i & 0xFFFFL) == i;
+        }
+
+        public static bool IsValidUint24(int i)
+        {
+            return (i & 0xFFFFFF) == i;
+        }
+
+        public static bool IsValidUint24(long i)
+        {
+            return (i & 0xFFFFFFL) == i;
+        }
+
+        public static bool IsValidUint32(long i)
+        {
+            return (i & 0xFFFFFFFFL) == i;
+        }
+
+        public static bool IsValidUint48(long i)
+        {
+            return (i & 0xFFFFFFFFFFFFL) == i;
+        }
+
+        public static bool IsValidUint64(long i)
+        {
+            return true;
+        }
+
+        public static bool IsSsl(TlsContext context)
+        {
+            return context.ServerVersion.IsSsl;
+        }
+
+        public static bool IsTlsV11(ProtocolVersion version)
+        {
+            return ProtocolVersion.TLSv11.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion());
+        }
+
+        public static bool IsTlsV11(TlsContext context)
+        {
+            return IsTlsV11(context.ServerVersion);
+        }
+
+        public static bool IsTlsV12(ProtocolVersion version)
+        {
+            return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion());
+        }
+
+        public static bool IsTlsV12(TlsContext context)
+        {
+            return IsTlsV12(context.ServerVersion);
+        }
+
+        public static void WriteUint8(byte i, Stream output)
+        {
+            output.WriteByte(i);
+        }
+
+        public static void WriteUint8(byte i, byte[] buf, int offset)
+        {
+            buf[offset] = i;
+        }
+
+        public static void WriteUint16(int i, Stream output)
+        {
+            output.WriteByte((byte)(i >> 8));
+            output.WriteByte((byte)i);
+        }
+
+        public static void WriteUint16(int i, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)(i >> 8);
+            buf[offset + 1] = (byte)i;
+        }
+
+        public static void WriteUint24(int i, Stream output)
+        {
+            output.WriteByte((byte)(i >> 16));
+            output.WriteByte((byte)(i >> 8));
+            output.WriteByte((byte)i);
+        }
+
+        public static void WriteUint24(int i, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)(i >> 16);
+            buf[offset + 1] = (byte)(i >> 8);
+            buf[offset + 2] = (byte)i;
+        }
+
+        public static void WriteUint32(long i, Stream output)
+        {
+            output.WriteByte((byte)(i >> 24));
+            output.WriteByte((byte)(i >> 16));
+            output.WriteByte((byte)(i >> 8));
+            output.WriteByte((byte)i);
+        }
+
+        public static void WriteUint32(long i, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)(i >> 24);
+            buf[offset + 1] = (byte)(i >> 16);
+            buf[offset + 2] = (byte)(i >> 8);
+            buf[offset + 3] = (byte)i;
+        }
+
+        public static void WriteUint48(long i, Stream output)
+        {
+            output.WriteByte((byte)(i >> 40));
+            output.WriteByte((byte)(i >> 32));
+            output.WriteByte((byte)(i >> 24));
+            output.WriteByte((byte)(i >> 16));
+            output.WriteByte((byte)(i >> 8));
+            output.WriteByte((byte)i);
+        }
+
+        public static void WriteUint48(long i, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)(i >> 40);
+            buf[offset + 1] = (byte)(i >> 32);
+            buf[offset + 2] = (byte)(i >> 24);
+            buf[offset + 3] = (byte)(i >> 16);
+            buf[offset + 4] = (byte)(i >> 8);
+            buf[offset + 5] = (byte)i;
+        }
+
+        public static void WriteUint64(long i, Stream output)
+        {
+            output.WriteByte((byte)(i >> 56));
+            output.WriteByte((byte)(i >> 48));
+            output.WriteByte((byte)(i >> 40));
+            output.WriteByte((byte)(i >> 32));
+            output.WriteByte((byte)(i >> 24));
+            output.WriteByte((byte)(i >> 16));
+            output.WriteByte((byte)(i >> 8));
+            output.WriteByte((byte)i);
+        }
+
+        public static void WriteUint64(long i, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)(i >> 56);
+            buf[offset + 1] = (byte)(i >> 48);
+            buf[offset + 2] = (byte)(i >> 40);
+            buf[offset + 3] = (byte)(i >> 32);
+            buf[offset + 4] = (byte)(i >> 24);
+            buf[offset + 5] = (byte)(i >> 16);
+            buf[offset + 6] = (byte)(i >> 8);
+            buf[offset + 7] = (byte)i;
+        }
+
+        public static void WriteOpaque8(byte[] buf, Stream output)
+        {
+            WriteUint8((byte)buf.Length, output);
+            output.Write(buf, 0, buf.Length);
+        }
+
+        public static void WriteOpaque16(byte[] buf, Stream output)
+        {
+            WriteUint16(buf.Length, output);
+            output.Write(buf, 0, buf.Length);
+        }
+
+        public static void WriteOpaque24(byte[] buf, Stream output)
+        {
+            WriteUint24(buf.Length, output);
+            output.Write(buf, 0, buf.Length);
+        }
+
+        public static void WriteUint8Array(byte[] uints, Stream output)
+        {
+            output.Write(uints, 0, uints.Length);
+        }
+
+        public static void WriteUint8Array(byte[] uints, byte[] buf, int offset)
+        {
+            for (int i = 0; i < uints.Length; ++i)
+            {
+                WriteUint8(uints[i], buf, offset);
+                ++offset;
+            }
+        }
+
+        public static void WriteUint8ArrayWithUint8Length(byte[] uints, Stream output)
+        {
+            CheckUint8(uints.Length);
+            WriteUint8((byte)uints.Length, output);
+            WriteUint8Array(uints, output);
+        }
+
+        public static void WriteUint8ArrayWithUint8Length(byte[] uints, byte[] buf, int offset)
+        {
+            CheckUint8(uints.Length);
+            WriteUint8((byte)uints.Length, buf, offset);
+            WriteUint8Array(uints, buf, offset + 1);
+        }
+
+        public static void WriteUint16Array(int[] uints, Stream output)
+        {
+            for (int i = 0; i < uints.Length; ++i)
+            {
+                WriteUint16(uints[i], output);
+            }
+        }
+
+        public static void WriteUint16Array(int[] uints, byte[] buf, int offset)
+        {
+            for (int i = 0; i < uints.Length; ++i)
+            {
+                WriteUint16(uints[i], buf, offset);
+                offset += 2;
+            }
+        }
+
+        public static void WriteUint16ArrayWithUint16Length(int[] uints, Stream output)
+        {
+            int length = 2 * uints.Length;
+            CheckUint16(length);
+            WriteUint16(length, output);
+            WriteUint16Array(uints, output);
+        }
+
+        public static void WriteUint16ArrayWithUint16Length(int[] uints, byte[] buf, int offset)
+        {
+            int length = 2 * uints.Length;
+            CheckUint16(length);
+            WriteUint16(length, buf, offset);
+            WriteUint16Array(uints, buf, offset + 2);
+        }
+
+        public static byte DecodeUint8(byte[] buf)
+        {
+            if (buf == null)
+                throw new ArgumentNullException("buf");
+            if (buf.Length != 1)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return ReadUint8(buf, 0);
+        }
+
+        public static byte[] DecodeUint8ArrayWithUint8Length(byte[] buf)
+        {
+            if (buf == null)
+                throw new ArgumentNullException("buf");
+
+            int count = ReadUint8(buf, 0);
+            if (buf.Length != (count + 1))
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+
+            byte[] uints = new byte[count];
+            for (int i = 0; i < count; ++i)
+            {
+                uints[i] = ReadUint8(buf, i + 1);
+            }
+            return uints;
+        }
+
+        public static byte[] EncodeOpaque8(byte[] buf)
+        {
+            CheckUint8(buf.Length);
+            return Arrays.Prepend(buf, (byte)buf.Length);
+        }
+
+        public static byte[] EncodeUint8(byte val)
+        {
+            CheckUint8(val);
+
+            byte[] extensionData = new byte[1];
+            WriteUint8(val, extensionData, 0);
+            return extensionData;
+        }
+
+        public static byte[] EncodeUint8ArrayWithUint8Length(byte[] uints)
+        {
+            byte[] result = new byte[1 + uints.Length];
+            WriteUint8ArrayWithUint8Length(uints, result, 0);
+            return result;
+        }
+
+        public static byte[] EncodeUint16ArrayWithUint16Length(int[] uints)
+        {
+            int length = 2 * uints.Length;
+            byte[] result = new byte[2 + length];
+            WriteUint16ArrayWithUint16Length(uints, result, 0);
+            return result;
+        }
+
+        public static byte ReadUint8(Stream input)
+        {
+            int i = input.ReadByte();
+            if (i < 0)
+                throw new EndOfStreamException();
+            return (byte)i;
+        }
+
+        public static byte ReadUint8(byte[] buf, int offset)
+        {
+            return buf[offset];
+        }
+
+        public static int ReadUint16(Stream input)
+        {
+            int i1 = input.ReadByte();
+            int i2 = input.ReadByte();
+            if (i2 < 0)
+                throw new EndOfStreamException();
+            return (i1 << 8) | i2;
+        }
+
+        public static int ReadUint16(byte[] buf, int offset)
+        {
+            uint n = (uint)buf[offset] << 8;
+            n |= (uint)buf[++offset];
+            return (int)n;
+        }
+
+        public static int ReadUint24(Stream input)
+        {
+            int i1 = input.ReadByte();
+            int i2 = input.ReadByte();
+            int i3 = input.ReadByte();
+            if (i3 < 0)
+                throw new EndOfStreamException();
+            return (i1 << 16) | (i2 << 8) | i3;
+        }
+
+        public static int ReadUint24(byte[] buf, int offset)
+        {
+            uint n = (uint)buf[offset] << 16;
+            n |= (uint)buf[++offset] << 8;
+            n |= (uint)buf[++offset];
+            return (int)n;
+        }
+
+        public static long ReadUint32(Stream input)
+        {
+            int i1 = input.ReadByte();
+            int i2 = input.ReadByte();
+            int i3 = input.ReadByte();
+            int i4 = input.ReadByte();
+            if (i4 < 0)
+                throw new EndOfStreamException();
+            return (long)(uint)((i1 << 24) | (i2 << 16) | (i3 << 8) | i4);
+        }
+
+        public static long ReadUint32(byte[] buf, int offset)
+        {
+            uint n = (uint)buf[offset] << 24;
+            n |= (uint)buf[++offset] << 16;
+            n |= (uint)buf[++offset] << 8;
+            n |= (uint)buf[++offset];
+            return (long)n;
+        }
+
+        public static long ReadUint48(Stream input)
+        {
+            int hi = ReadUint24(input);
+            int lo = ReadUint24(input);
+            return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
+        }
+
+        public static long ReadUint48(byte[] buf, int offset)
+        {
+            int hi = ReadUint24(buf, offset);
+            int lo = ReadUint24(buf, offset + 3);
+            return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
+        }
+
+        public static byte[] ReadAllOrNothing(int length, Stream input)
+        {
+            if (length < 1)
+                return EmptyBytes;
+            byte[] buf = new byte[length];
+            int read = Streams.ReadFully(input, buf);
+            if (read == 0)
+                return null;
+            if (read != length)
+                throw new EndOfStreamException();
+            return buf;
+        }
+
+        public static byte[] ReadFully(int length, Stream input)
+        {
+            if (length < 1)
+                return EmptyBytes;
+            byte[] buf = new byte[length];
+            if (length != Streams.ReadFully(input, buf))
+                throw new EndOfStreamException();
+            return buf;
+        }
+
+        public static void ReadFully(byte[] buf, Stream input)
+        {
+            if (Streams.ReadFully(input, buf, 0, buf.Length) < buf.Length)
+                throw new EndOfStreamException();
+        }
+
+        public static byte[] ReadOpaque8(Stream input)
+        {
+            byte length = ReadUint8(input);
+            byte[] bytes = new byte[length];
+            ReadFully(bytes, input);
+            return bytes;
+        }
+
+        public static byte[] ReadOpaque16(Stream input)
+        {
+            int length = ReadUint16(input);
+            byte[] bytes = new byte[length];
+            ReadFully(bytes, input);
+            return bytes;
+        }
+
+        public static byte[] ReadOpaque24(Stream input)
+        {
+            int length = ReadUint24(input);
+            return ReadFully(length, input);
+        }
+
+        public static byte[] ReadUint8Array(int count, Stream input)
+        {
+            byte[] uints = new byte[count];
+            for (int i = 0; i < count; ++i)
+            {
+                uints[i] = ReadUint8(input);
+            }
+            return uints;
+        }
+
+        public static int[] ReadUint16Array(int count, Stream input)
+        {
+            int[] uints = new int[count];
+            for (int i = 0; i < count; ++i)
+            {
+                uints[i] = ReadUint16(input);
+            }
+            return uints;
+        }
+
+        public static ProtocolVersion ReadVersion(byte[] buf, int offset)
+        {
+            return ProtocolVersion.Get(buf[offset], buf[offset + 1]);
+        }
+
+        public static ProtocolVersion ReadVersion(Stream input)
+        {
+            int i1 = input.ReadByte();
+            int i2 = input.ReadByte();
+            if (i2 < 0)
+                throw new EndOfStreamException();
+            return ProtocolVersion.Get(i1, i2);
+        }
+
+        public static int ReadVersionRaw(byte[] buf, int offset)
+        {
+            return (buf[offset] << 8) | buf[offset + 1];
+        }
+
+        public static int ReadVersionRaw(Stream input)
+        {
+            int i1 = input.ReadByte();
+            int i2 = input.ReadByte();
+            if (i2 < 0)
+                throw new EndOfStreamException();
+            return (i1 << 8) | i2;
+        }
+
+        public static Asn1Object ReadAsn1Object(byte[] encoding)
+        {
+            MemoryStream input = new MemoryStream(encoding, false);
+            Asn1InputStream asn1 = new Asn1InputStream(input, encoding.Length);
+            Asn1Object result = asn1.ReadObject();
+            if (null == result)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            if (input.Position != input.Length)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return result;
+        }
+
+        public static Asn1Object ReadDerObject(byte[] encoding)
+        {
+            /*
+             * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is
+             * canonical, we can check it by re-encoding the result and comparing to the original.
+             */
+            Asn1Object result = ReadAsn1Object(encoding);
+            byte[] check = result.GetEncoded(Asn1Encodable.Der);
+            if (!Arrays.AreEqual(check, encoding))
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            return result;
+        }
+
+        public static void WriteGmtUnixTime(byte[] buf, int offset)
+        {
+            int t = (int)(DateTimeUtilities.CurrentUnixMs() / 1000L);
+            buf[offset] = (byte)(t >> 24);
+            buf[offset + 1] = (byte)(t >> 16);
+            buf[offset + 2] = (byte)(t >> 8);
+            buf[offset + 3] = (byte)t;
+        }
+
+        public static void WriteVersion(ProtocolVersion version, Stream output)
+        {
+            output.WriteByte((byte)version.MajorVersion);
+            output.WriteByte((byte)version.MinorVersion);
+        }
+
+        public static void WriteVersion(ProtocolVersion version, byte[] buf, int offset)
+        {
+            buf[offset] = (byte)version.MajorVersion;
+            buf[offset + 1] = (byte)version.MinorVersion;
+        }
+
+        public static IList GetAllSignatureAlgorithms()
+        {
+            IList v = Platform.CreateArrayList(4);
+            v.Add(SignatureAlgorithm.anonymous);
+            v.Add(SignatureAlgorithm.rsa);
+            v.Add(SignatureAlgorithm.dsa);
+            v.Add(SignatureAlgorithm.ecdsa);
+            return v;
+        }
+
+        public static IList GetDefaultDssSignatureAlgorithms()
+        {
+            return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.dsa));
+        }
+
+        public static IList GetDefaultECDsaSignatureAlgorithms()
+        {
+            return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa));
+        }
+
+        public static IList GetDefaultRsaSignatureAlgorithms()
+        {
+            return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa));
+        }
+
+        public static byte[] GetExtensionData(IDictionary extensions, int extensionType)
+        {
+            return extensions == null ? null : (byte[])extensions[extensionType];
+        }
+
+        public static IList GetDefaultSupportedSignatureAlgorithms()
+        {
+            byte[] hashAlgorithms = new byte[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256,
+                HashAlgorithm.sha384, HashAlgorithm.sha512 };
+            byte[] signatureAlgorithms = new byte[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa,
+                SignatureAlgorithm.ecdsa };
+
+            IList result = Platform.CreateArrayList();
+            for (int i = 0; i < signatureAlgorithms.Length; ++i)
+            {
+                for (int j = 0; j < hashAlgorithms.Length; ++j)
+                {
+                    result.Add(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i]));
+                }
+            }
+            return result;
+        }
+
+        public static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(TlsContext context,
+            TlsSignerCredentials signerCredentials)
+        {
+            SignatureAndHashAlgorithm signatureAndHashAlgorithm = null;
+            if (IsTlsV12(context))
+            {
+                signatureAndHashAlgorithm = signerCredentials.SignatureAndHashAlgorithm;
+                if (signatureAndHashAlgorithm == null)
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+            return signatureAndHashAlgorithm;
+        }
+
+        public static bool HasExpectedEmptyExtensionData(IDictionary extensions, int extensionType,
+            byte alertDescription)
+        {
+            byte[] extension_data = GetExtensionData(extensions, extensionType);
+            if (extension_data == null)
+                return false;
+            if (extension_data.Length != 0)
+                throw new TlsFatalAlert(alertDescription);
+            return true;
+        }
+
+        public static TlsSession ImportSession(byte[] sessionID, SessionParameters sessionParameters)
+        {
+            return new TlsSessionImpl(sessionID, sessionParameters);
+        }
+
+        public static bool IsSignatureAlgorithmsExtensionAllowed(ProtocolVersion clientVersion)
+        {
+            return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(clientVersion.GetEquivalentTLSVersion());
+        }
+
+        /**
+         * Add a 'signature_algorithms' extension to existing extensions.
+         *
+         * @param extensions                   A {@link Hashtable} to add the extension to.
+         * @param supportedSignatureAlgorithms {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
+         * @throws IOException
+         */
+        public static void AddSignatureAlgorithmsExtension(IDictionary extensions, IList supportedSignatureAlgorithms)
+        {
+            extensions[ExtensionType.signature_algorithms] = CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms);
+        }
+
+        /**
+         * Get a 'signature_algorithms' extension from extensions.
+         *
+         * @param extensions A {@link Hashtable} to get the extension from, if it is present.
+         * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}, or null.
+         * @throws IOException
+         */
+        public static IList GetSignatureAlgorithmsExtension(IDictionary extensions)
+        {
+            byte[] extensionData = GetExtensionData(extensions, ExtensionType.signature_algorithms);
+            return extensionData == null ? null : ReadSignatureAlgorithmsExtension(extensionData);
+        }
+
+        /**
+         * Create a 'signature_algorithms' extension value.
+         *
+         * @param supportedSignatureAlgorithms A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
+         * @return A byte array suitable for use as an extension value.
+         * @throws IOException
+         */
+        public static byte[] CreateSignatureAlgorithmsExtension(IList supportedSignatureAlgorithms)
+        {
+            MemoryStream buf = new MemoryStream();
+
+            // supported_signature_algorithms
+            EncodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, false, buf);
+
+            return buf.ToArray();
+        }
+
+        /**
+         * Read 'signature_algorithms' extension data.
+         *
+         * @param extensionData The extension data.
+         * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
+         * @throws IOException
+         */
+        public static IList ReadSignatureAlgorithmsExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            MemoryStream buf = new MemoryStream(extensionData, false);
+
+            // supported_signature_algorithms
+            IList supported_signature_algorithms = ParseSupportedSignatureAlgorithms(false, buf);
+
+            TlsProtocol.AssertEmpty(buf);
+
+            return supported_signature_algorithms;
+        }
+
+        public static void EncodeSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, bool allowAnonymous,
+            Stream output)
+        {
+            if (supportedSignatureAlgorithms == null)
+                throw new ArgumentNullException("supportedSignatureAlgorithms");
+            if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15))
+                throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms");
+
+            // supported_signature_algorithms
+            int length = 2 * supportedSignatureAlgorithms.Count;
+            CheckUint16(length);
+            WriteUint16(length, output);
+
+            foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
+            {
+                if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous)
+                {
+                    /*
+                     * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
+                     * in Section 7.4.3. It MUST NOT appear in this extension.
+                     */
+                    throw new ArgumentException(
+                        "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension");
+                }
+                entry.Encode(output);
+            }
+        }
+
+        public static IList ParseSupportedSignatureAlgorithms(bool allowAnonymous, Stream input)
+        {
+            // supported_signature_algorithms
+            int length = ReadUint16(input);
+            if (length < 2 || (length & 1) != 0)
+                throw new TlsFatalAlert(AlertDescription.decode_error);
+            int count = length / 2;
+            IList supportedSignatureAlgorithms = Platform.CreateArrayList(count);
+            for (int i = 0; i < count; ++i)
+            {
+                SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.Parse(input);
+                if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous)
+                {
+                    /*
+                     * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
+                     * in Section 7.4.3. It MUST NOT appear in this extension.
+                     */
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                }
+                supportedSignatureAlgorithms.Add(entry);
+            }
+            return supportedSignatureAlgorithms;
+        }
+
+        public static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm)
+        {
+            if (supportedSignatureAlgorithms == null)
+                throw new ArgumentNullException("supportedSignatureAlgorithms");
+            if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15))
+                throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms");
+            if (signatureAlgorithm == null)
+                throw new ArgumentNullException("signatureAlgorithm");
+
+            if (signatureAlgorithm.Signature != SignatureAlgorithm.anonymous)
+            {
+                foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
+                {
+                    if (entry.Hash == signatureAlgorithm.Hash && entry.Signature == signatureAlgorithm.Signature)
+                        return;
+                }
+            }
+
+            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+        }
+
+        public static byte[] PRF(TlsContext context, byte[] secret, string asciiLabel, byte[] seed, int size)
+        {
+            ProtocolVersion version = context.ServerVersion;
+
+            if (version.IsSsl)
+                throw new InvalidOperationException("No PRF available for SSLv3 session");
+
+            byte[] label = Strings.ToByteArray(asciiLabel);
+            byte[] labelSeed = Concat(label, seed);
+
+            int prfAlgorithm = context.SecurityParameters.PrfAlgorithm;
+
+            if (prfAlgorithm == PrfAlgorithm.tls_prf_legacy)
+                return PRF_legacy(secret, label, labelSeed, size);
+
+            IDigest prfDigest = CreatePrfHash(prfAlgorithm);
+            byte[] buf = new byte[size];
+            HMacHash(prfDigest, secret, labelSeed, buf);
+            return buf;
+        }
+
+        public static byte[] PRF_legacy(byte[] secret, string asciiLabel, byte[] seed, int size)
+        {
+            byte[] label = Strings.ToByteArray(asciiLabel);
+            byte[] labelSeed = Concat(label, seed);
+
+            return PRF_legacy(secret, label, labelSeed, size);
+        }
+
+        internal static byte[] PRF_legacy(byte[] secret, byte[] label, byte[] labelSeed, int size)
+        {
+            int s_half = (secret.Length + 1) / 2;
+            byte[] s1 = new byte[s_half];
+            byte[] s2 = new byte[s_half];
+            Array.Copy(secret, 0, s1, 0, s_half);
+            Array.Copy(secret, secret.Length - s_half, s2, 0, s_half);
+
+            byte[] b1 = new byte[size];
+            byte[] b2 = new byte[size];
+            HMacHash(CreateHash(HashAlgorithm.md5), s1, labelSeed, b1);
+            HMacHash(CreateHash(HashAlgorithm.sha1), s2, labelSeed, b2);
+            for (int i = 0; i < size; i++)
+            {
+                b1[i] ^= b2[i];
+            }
+            return b1;
+        }
+
+        internal static byte[] Concat(byte[] a, byte[] b)
+        {
+            byte[] c = new byte[a.Length + b.Length];
+            Array.Copy(a, 0, c, 0, a.Length);
+            Array.Copy(b, 0, c, a.Length, b.Length);
+            return c;
+        }
+
+        internal static void HMacHash(IDigest digest, byte[] secret, byte[] seed, byte[] output)
+        {
+            HMac mac = new HMac(digest);
+            mac.Init(new KeyParameter(secret));
+            byte[] a = seed;
+            int size = digest.GetDigestSize();
+            int iterations = (output.Length + size - 1) / size;
+            byte[] buf = new byte[mac.GetMacSize()];
+            byte[] buf2 = new byte[mac.GetMacSize()];
+            for (int i = 0; i < iterations; i++)
+            {
+                mac.BlockUpdate(a, 0, a.Length);
+                mac.DoFinal(buf, 0);
+                a = buf;
+                mac.BlockUpdate(a, 0, a.Length);
+                mac.BlockUpdate(seed, 0, seed.Length);
+                mac.DoFinal(buf2, 0);
+                Array.Copy(buf2, 0, output, (size * i), System.Math.Min(size, output.Length - (size * i)));
+            }
+        }
+
+        internal static void ValidateKeyUsage(X509CertificateStructure c, int keyUsageBits)
+        {
+            X509Extensions exts = c.TbsCertificate.Extensions;
+            if (exts != null)
+            {
+                X509Extension ext = exts.GetExtension(X509Extensions.KeyUsage);
+                if (ext != null)
+                {
+                    DerBitString ku = KeyUsage.GetInstance(ext);
+                    int bits = ku.GetBytes()[0];
+                    if ((bits & keyUsageBits) != keyUsageBits)
+                        throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+                }
+            }
+        }
+
+        internal static byte[] CalculateKeyBlock(TlsContext context, int size)
+        {
+            SecurityParameters securityParameters = context.SecurityParameters;
+            byte[] master_secret = securityParameters.MasterSecret;
+            byte[] seed = Concat(securityParameters.ServerRandom, securityParameters.ClientRandom);
+
+            if (IsSsl(context))
+                return CalculateKeyBlock_Ssl(master_secret, seed, size);
+
+            return PRF(context, master_secret, ExporterLabel.key_expansion, seed, size);
+        }
+
+        internal static byte[] CalculateKeyBlock_Ssl(byte[] master_secret, byte[] random, int size)
+        {
+            IDigest md5 = CreateHash(HashAlgorithm.md5);
+            IDigest sha1 = CreateHash(HashAlgorithm.sha1);
+            int md5Size = md5.GetDigestSize();
+            byte[] shatmp = new byte[sha1.GetDigestSize()];
+            byte[] tmp = new byte[size + md5Size];
+
+            int i = 0, pos = 0;
+            while (pos < size)
+            {
+                byte[] ssl3Const = SSL3_CONST[i];
+
+                sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length);
+                sha1.BlockUpdate(master_secret, 0, master_secret.Length);
+                sha1.BlockUpdate(random, 0, random.Length);
+                sha1.DoFinal(shatmp, 0);
+
+                md5.BlockUpdate(master_secret, 0, master_secret.Length);
+                md5.BlockUpdate(shatmp, 0, shatmp.Length);
+                md5.DoFinal(tmp, pos);
+
+                pos += md5Size;
+                ++i;
+            }
+
+            return Arrays.CopyOfRange(tmp, 0, size);
+        }
+
+        internal static byte[] CalculateMasterSecret(TlsContext context, byte[] pre_master_secret)
+        {
+            SecurityParameters securityParameters = context.SecurityParameters;
+
+            byte[] seed = securityParameters.extendedMasterSecret
+                ?   securityParameters.SessionHash
+                :   Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
+
+            if (IsSsl(context))
+                return CalculateMasterSecret_Ssl(pre_master_secret, seed);
+
+            string asciiLabel = securityParameters.extendedMasterSecret
+                ?   ExporterLabel.extended_master_secret
+                :   ExporterLabel.master_secret;
+
+            return PRF(context, pre_master_secret, asciiLabel, seed, 48);
+        }
+
+        internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random)
+        {
+            IDigest md5 = CreateHash(HashAlgorithm.md5);
+            IDigest sha1 = CreateHash(HashAlgorithm.sha1);
+            int md5Size = md5.GetDigestSize();
+            byte[] shatmp = new byte[sha1.GetDigestSize()];
+
+            byte[] rval = new byte[md5Size * 3];
+            int pos = 0;
+
+            for (int i = 0; i < 3; ++i)
+            {
+                byte[] ssl3Const = SSL3_CONST[i];
+
+                sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length);
+                sha1.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length);
+                sha1.BlockUpdate(random, 0, random.Length);
+                sha1.DoFinal(shatmp, 0);
+
+                md5.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length);
+                md5.BlockUpdate(shatmp, 0, shatmp.Length);
+                md5.DoFinal(rval, pos);
+
+                pos += md5Size;
+            }
+
+            return rval;
+        }
+
+        internal static byte[] CalculateVerifyData(TlsContext context, string asciiLabel, byte[] handshakeHash)
+        {
+            if (IsSsl(context))
+                return handshakeHash;
+
+            SecurityParameters securityParameters = context.SecurityParameters;
+            byte[] master_secret = securityParameters.MasterSecret;
+            int verify_data_length = securityParameters.VerifyDataLength;
+
+            return PRF(context, master_secret, asciiLabel, handshakeHash, verify_data_length);
+        }
+
+        public static IDigest CreateHash(byte hashAlgorithm)
+        {
+            switch (hashAlgorithm)
+            {
+            case HashAlgorithm.md5:
+                return new MD5Digest();
+            case HashAlgorithm.sha1:
+                return new Sha1Digest();
+            case HashAlgorithm.sha224:
+                return new Sha224Digest();
+            case HashAlgorithm.sha256:
+                return new Sha256Digest();
+            case HashAlgorithm.sha384:
+                return new Sha384Digest();
+            case HashAlgorithm.sha512:
+                return new Sha512Digest();
+            default:
+                throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
+            }
+        }
+
+        public static IDigest CreateHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm)
+        {
+            return signatureAndHashAlgorithm == null
+                ?   new CombinedHash()
+                :   CreateHash(signatureAndHashAlgorithm.Hash);
+        }
+
+        public static IDigest CloneHash(byte hashAlgorithm, IDigest hash)
+        {
+            switch (hashAlgorithm)
+            {
+            case HashAlgorithm.md5:
+                return new MD5Digest((MD5Digest)hash);
+            case HashAlgorithm.sha1:
+                return new Sha1Digest((Sha1Digest)hash);
+            case HashAlgorithm.sha224:
+                return new Sha224Digest((Sha224Digest)hash);
+            case HashAlgorithm.sha256:
+                return new Sha256Digest((Sha256Digest)hash);
+            case HashAlgorithm.sha384:
+                return new Sha384Digest((Sha384Digest)hash);
+            case HashAlgorithm.sha512:
+                return new Sha512Digest((Sha512Digest)hash);
+            default:
+                throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
+            }
+        }
+
+        public static IDigest CreatePrfHash(int prfAlgorithm)
+        {
+            switch (prfAlgorithm)
+            {
+                case PrfAlgorithm.tls_prf_legacy:
+                    return new CombinedHash();
+                default:
+                    return CreateHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm));
+            }
+        }
+
+        public static IDigest ClonePrfHash(int prfAlgorithm, IDigest hash)
+        {
+            switch (prfAlgorithm)
+            {
+                case PrfAlgorithm.tls_prf_legacy:
+                    return new CombinedHash((CombinedHash)hash);
+                default:
+                    return CloneHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm), hash);
+            }
+        }
+
+        public static byte GetHashAlgorithmForPrfAlgorithm(int prfAlgorithm)
+        {
+            switch (prfAlgorithm)
+            {
+                case PrfAlgorithm.tls_prf_legacy:
+                    throw new ArgumentException("legacy PRF not a valid algorithm", "prfAlgorithm");
+                case PrfAlgorithm.tls_prf_sha256:
+                    return HashAlgorithm.sha256;
+                case PrfAlgorithm.tls_prf_sha384:
+                    return HashAlgorithm.sha384;
+                default:
+                    throw new ArgumentException("unknown PrfAlgorithm", "prfAlgorithm");
+            }
+        }
+
+        public static DerObjectIdentifier GetOidForHashAlgorithm(byte hashAlgorithm)
+        {
+            switch (hashAlgorithm)
+            {
+                case HashAlgorithm.md5:
+                    return PkcsObjectIdentifiers.MD5;
+                case HashAlgorithm.sha1:
+                    return X509ObjectIdentifiers.IdSha1;
+                case HashAlgorithm.sha224:
+                    return NistObjectIdentifiers.IdSha224;
+                case HashAlgorithm.sha256:
+                    return NistObjectIdentifiers.IdSha256;
+                case HashAlgorithm.sha384:
+                    return NistObjectIdentifiers.IdSha384;
+                case HashAlgorithm.sha512:
+                    return NistObjectIdentifiers.IdSha512;
+                default:
+                    throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
+            }
+        }
+
+        internal static short GetClientCertificateType(Certificate clientCertificate, Certificate serverCertificate)
+        {
+            if (clientCertificate.IsEmpty)
+                return -1;
+
+            X509CertificateStructure x509Cert = clientCertificate.GetCertificateAt(0);
+            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
+            try
+            {
+                AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo);
+                if (publicKey.IsPrivate)
+                    throw new TlsFatalAlert(AlertDescription.internal_error);
+
+                /*
+                 * TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/
+                 * signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the
+                 * constraints on certificate-signing algorithms found in prior versions of TLS.
+                 */
+
+                /*
+                 * RFC 5246 7.4.6. Client Certificate
+                 */
+
+                /*
+                 * RSA public key; the certificate MUST allow the key to be used for signing with the
+                 * signature scheme and hash algorithm that will be employed in the certificate verify
+                 * message.
+                 */
+                if (publicKey is RsaKeyParameters)
+                {
+                    ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+                    return ClientCertificateType.rsa_sign;
+                }
+
+                /*
+                 * DSA public key; the certificate MUST allow the key to be used for signing with the
+                 * hash algorithm that will be employed in the certificate verify message.
+                 */
+                if (publicKey is DsaPublicKeyParameters)
+                {
+                    ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+                    return ClientCertificateType.dss_sign;
+                }
+
+                /*
+                 * ECDSA-capable public key; the certificate MUST allow the key to be used for signing
+                 * with the hash algorithm that will be employed in the certificate verify message; the
+                 * public key MUST use a curve and point format supported by the server.
+                 */
+                if (publicKey is ECPublicKeyParameters)
+                {
+                    ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
+                    // TODO Check the curve and point format
+                    return ClientCertificateType.ecdsa_sign;
+                }
+
+                // TODO Add support for ClientCertificateType.*_fixed_*
+
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+            }
+            catch (Exception e)
+            {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
+            }
+        }
+
+        internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms)
+        {
+            if (supportedSignatureAlgorithms != null)
+            {
+                foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms)
+                {
+                    byte hashAlgorithm = signatureAndHashAlgorithm.Hash;
+
+                    // TODO Support values in the "Reserved for Private Use" range
+                    if (!HashAlgorithm.IsPrivate(hashAlgorithm))
+                    {
+                        handshakeHash.TrackHashAlgorithm(hashAlgorithm);
+                    }
+                }
+            }
+        }
+
+        public static bool HasSigningCapability(byte clientCertificateType)
+        {
+            switch (clientCertificateType)
+            {
+            case ClientCertificateType.dss_sign:
+            case ClientCertificateType.ecdsa_sign:
+            case ClientCertificateType.rsa_sign:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public static TlsSigner CreateTlsSigner(byte clientCertificateType)
+        {
+            switch (clientCertificateType)
+            {
+            case ClientCertificateType.dss_sign:
+                return new TlsDssSigner();
+            case ClientCertificateType.ecdsa_sign:
+                return new TlsECDsaSigner();
+            case ClientCertificateType.rsa_sign:
+                return new TlsRsaSigner();
+            default:
+                throw new ArgumentException("not a type with signing capability", "clientCertificateType");
+            }
+        }
+
+        internal static readonly byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54};
+        internal static readonly byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52};
+
+        // SSL3 magic mix constants ("A", "BB", "CCC", ...)
+        internal static readonly byte[][] SSL3_CONST = GenSsl3Const();
+
+        private static byte[][] GenSsl3Const()
+        {
+            int n = 10;
+            byte[][] arr = new byte[n][];
+            for (int i = 0; i < n; i++)
+            {
+                byte[] b = new byte[i + 1];
+                Arrays.Fill(b, (byte)('A' + i));
+                arr[i] = b;
+            }
+            return arr;
+        }
+
+        private static IList VectorOfOne(object obj)
+        {
+            IList v = Platform.CreateArrayList(1);
+            v.Add(obj);
+            return v;
+        }
+
+        public static int GetCipherType(int ciphersuite)
+        {
+            switch (GetEncryptionAlgorithm(ciphersuite))
+            {
+            case EncryptionAlgorithm.AES_128_CCM:
+            case EncryptionAlgorithm.AES_128_CCM_8:
+            case EncryptionAlgorithm.AES_128_GCM:
+            case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
+            case EncryptionAlgorithm.AES_256_CCM:
+            case EncryptionAlgorithm.AES_256_CCM_8:
+            case EncryptionAlgorithm.AES_256_GCM:
+            case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
+            case EncryptionAlgorithm.CAMELLIA_128_GCM:
+            case EncryptionAlgorithm.CAMELLIA_256_GCM:
+            case EncryptionAlgorithm.CHACHA20_POLY1305:
+                return CipherType.aead;
+
+            case EncryptionAlgorithm.RC2_CBC_40:
+            case EncryptionAlgorithm.IDEA_CBC:
+            case EncryptionAlgorithm.DES40_CBC:
+            case EncryptionAlgorithm.DES_CBC:
+            case EncryptionAlgorithm.cls_3DES_EDE_CBC:
+            case EncryptionAlgorithm.AES_128_CBC:
+            case EncryptionAlgorithm.AES_256_CBC:
+            case EncryptionAlgorithm.CAMELLIA_128_CBC:
+            case EncryptionAlgorithm.CAMELLIA_256_CBC:
+            case EncryptionAlgorithm.SEED_CBC:
+                return CipherType.block;
+
+            case EncryptionAlgorithm.NULL:
+            case EncryptionAlgorithm.RC4_40:
+            case EncryptionAlgorithm.RC4_128:
+                return CipherType.stream;
+
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public static int GetEncryptionAlgorithm(int ciphersuite)
+        {
+            switch (ciphersuite)
+            {
+            case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
+                return EncryptionAlgorithm.cls_3DES_EDE_CBC;
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
+                return EncryptionAlgorithm.AES_128_CBC;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
+                return EncryptionAlgorithm.AES_128_CCM;
+
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
+                return EncryptionAlgorithm.AES_128_CCM_8;
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
+                return EncryptionAlgorithm.AES_128_GCM;
+
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
+                return EncryptionAlgorithm.AES_128_OCB_TAGLEN96;
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
+                return EncryptionAlgorithm.AES_256_CBC;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
+                return EncryptionAlgorithm.AES_256_CCM;
+
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
+                return EncryptionAlgorithm.AES_256_CCM_8;
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
+                return EncryptionAlgorithm.AES_256_GCM;
+
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
+                return EncryptionAlgorithm.AES_256_OCB_TAGLEN96;
+
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+                return EncryptionAlgorithm.CAMELLIA_128_CBC;
+
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+                return EncryptionAlgorithm.CAMELLIA_128_GCM;
+
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+                return EncryptionAlgorithm.CAMELLIA_256_CBC;
+
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+                return EncryptionAlgorithm.CAMELLIA_256_GCM;
+
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
+                return EncryptionAlgorithm.CHACHA20_POLY1305;
+
+            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
+                return EncryptionAlgorithm.NULL;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA:
+                return EncryptionAlgorithm.NULL;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
+                return EncryptionAlgorithm.NULL;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
+                return EncryptionAlgorithm.NULL;
+
+            case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
+                return EncryptionAlgorithm.RC4_128;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
+                return EncryptionAlgorithm.RC4_128;
+
+            case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
+                return EncryptionAlgorithm.SEED_CBC;
+
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public static int GetKeyExchangeAlgorithm(int ciphersuite)
+        {
+            switch (ciphersuite)
+            {
+            case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
+            case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.DH_anon;
+
+            case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.DH_DSS;
+
+            case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.DH_RSA;
+
+            case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.DHE_DSS;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+                return KeyExchangeAlgorithm.DHE_PSK;
+
+            case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.DHE_RSA;
+
+            case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDH_anon;
+
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDH_ECDSA;
+
+            case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDH_RSA;
+
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDHE_ECDSA;
+
+            case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDHE_PSK;
+
+            case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.ECDHE_RSA;
+
+            case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.PSK;
+
+            case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
+                return KeyExchangeAlgorithm.RSA;
+
+            case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
+                return KeyExchangeAlgorithm.RSA_PSK;
+
+            case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
+                return KeyExchangeAlgorithm.SRP;
+
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
+                return KeyExchangeAlgorithm.SRP_DSS;
+
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
+                return KeyExchangeAlgorithm.SRP_RSA;
+
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public static int GetMacAlgorithm(int ciphersuite)
+        {
+            switch (ciphersuite)
+            {
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+                return MacAlgorithm.cls_null;
+
+            case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
+            case CipherSuite.TLS_RSA_WITH_NULL_MD5:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
+                return MacAlgorithm.hmac_md5;
+
+            case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA:
+            case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
+            case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
+            case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
+                return MacAlgorithm.hmac_sha1;
+
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
+                return MacAlgorithm.hmac_sha256;
+
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
+                return MacAlgorithm.hmac_sha384;
+
+            default:
+                throw new TlsFatalAlert(AlertDescription.internal_error);
+            }
+        }
+
+        public static ProtocolVersion GetMinimumVersion(int ciphersuite)
+        {
+            switch (ciphersuite)
+            {
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
+            case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
+            case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
+            case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
+            case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
+            case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
+            case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
+            case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
+                return ProtocolVersion.TLSv12;
+
+            default:
+                return ProtocolVersion.SSLv3;
+            }
+        }
+
+        public static bool IsAeadCipherSuite(int ciphersuite)
+        {
+            return CipherType.aead == GetCipherType(ciphersuite);
+        }
+
+        public static bool IsBlockCipherSuite(int ciphersuite)
+        {
+            return CipherType.block == GetCipherType(ciphersuite);
+        }
+
+        public static bool IsStreamCipherSuite(int ciphersuite)
+        {
+            return CipherType.stream == GetCipherType(ciphersuite);
+        }
+
+        public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList sigAlgs)
+        {
+            int keyExchangeAlgorithm;
+            try
+            {
+                keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite);
+            }
+            catch (IOException e)
+            {
+                return true;
+            }
+
+            switch (keyExchangeAlgorithm)
+            {
+            case KeyExchangeAlgorithm.DH_anon:
+            case KeyExchangeAlgorithm.DH_anon_EXPORT:
+            case KeyExchangeAlgorithm.ECDH_anon:
+                return sigAlgs.Contains(SignatureAlgorithm.anonymous);
+
+            case KeyExchangeAlgorithm.DHE_RSA:
+            case KeyExchangeAlgorithm.DHE_RSA_EXPORT:
+            case KeyExchangeAlgorithm.ECDHE_RSA:
+            case KeyExchangeAlgorithm.SRP_RSA:
+                return sigAlgs.Contains(SignatureAlgorithm.rsa);
+
+            case KeyExchangeAlgorithm.DHE_DSS:
+            case KeyExchangeAlgorithm.DHE_DSS_EXPORT:
+            case KeyExchangeAlgorithm.SRP_DSS:
+                return sigAlgs.Contains(SignatureAlgorithm.dsa);
+
+            case KeyExchangeAlgorithm.ECDHE_ECDSA:
+                return sigAlgs.Contains(SignatureAlgorithm.ecdsa);
+
+            default:
+                return true;
+            }
+        }
+
+        public static bool IsValidCipherSuiteForVersion(int cipherSuite, ProtocolVersion serverVersion)
+        {
+            return GetMinimumVersion(cipherSuite).IsEqualOrEarlierVersionOf(serverVersion.GetEquivalentTLSVersion());
+        }
+
+        public static IList GetUsableSignatureAlgorithms(IList sigHashAlgs)
+        {
+            if (sigHashAlgs == null)
+                return GetAllSignatureAlgorithms();
+
+            IList v = Platform.CreateArrayList(4);
+            v.Add(SignatureAlgorithm.anonymous);
+            foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs)
+            {
+                //if (sigHashAlg.Hash >= MINIMUM_HASH_STRICT)
+                {
+                    byte sigAlg = sigHashAlg.Signature;
+                    if (!v.Contains(sigAlg))
+                    {
+                        v.Add(sigAlg);
+                    }
+                }
+            }
+            return v;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/UrlAndHash.cs b/bc-sharp-crypto/src/crypto/tls/UrlAndHash.cs
new file mode 100644
index 0000000..9ffd2cb
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/UrlAndHash.cs
@@ -0,0 +1,94 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 6066 5.
+     */
+    public class UrlAndHash
+    {
+        protected readonly string mUrl;
+        protected readonly byte[] mSha1Hash;
+
+        public UrlAndHash(string url, byte[] sha1Hash)
+        {
+            if (url == null || url.Length < 1 || url.Length >= (1 << 16))
+                throw new ArgumentException("must have length from 1 to (2^16 - 1)", "url");
+            if (sha1Hash != null && sha1Hash.Length != 20)
+                throw new ArgumentException("must have length == 20, if present", "sha1Hash");
+
+            this.mUrl = url;
+            this.mSha1Hash = sha1Hash;
+        }
+
+        public virtual string Url
+        {
+            get { return mUrl; }
+        }
+
+        public virtual byte[] Sha1Hash
+        {
+            get { return mSha1Hash; }
+        }
+
+        /**
+         * Encode this {@link UrlAndHash} to a {@link Stream}.
+         *
+         * @param output the {@link Stream} to encode to.
+         * @throws IOException
+         */
+        public virtual void Encode(Stream output)
+        {
+            byte[] urlEncoding = Strings.ToByteArray(this.mUrl);
+            TlsUtilities.WriteOpaque16(urlEncoding, output);
+
+            if (this.mSha1Hash == null)
+            {
+                TlsUtilities.WriteUint8(0, output);
+            }
+            else
+            {
+                TlsUtilities.WriteUint8(1, output);
+                output.Write(this.mSha1Hash, 0, this.mSha1Hash.Length);
+            }
+        }
+
+        /**
+         * Parse a {@link UrlAndHash} from a {@link Stream}.
+         * 
+         * @param context
+         *            the {@link TlsContext} of the current connection.
+         * @param input
+         *            the {@link Stream} to parse from.
+         * @return a {@link UrlAndHash} object.
+         * @throws IOException
+         */
+        public static UrlAndHash Parse(TlsContext context, Stream input)
+        {
+            byte[] urlEncoding = TlsUtilities.ReadOpaque16(input);
+            if (urlEncoding.Length < 1)
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            string url = Strings.FromByteArray(urlEncoding);
+
+            byte[] sha1Hash = null;
+            byte padding = TlsUtilities.ReadUint8(input);
+            switch (padding)
+            {
+            case 0:
+                if (TlsUtilities.IsTlsV12(context))
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                break;
+            case 1:
+                sha1Hash = TlsUtilities.ReadFully(20, input);
+                break;
+            default:
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+
+            return new UrlAndHash(url, sha1Hash);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/UseSrtpData.cs b/bc-sharp-crypto/src/crypto/tls/UseSrtpData.cs
new file mode 100644
index 0000000..fe8f8ac
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/UseSrtpData.cs
@@ -0,0 +1,56 @@
+using System;
+using System.Collections;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /**
+     * RFC 5764 4.1.1
+     */
+    public class UseSrtpData
+    {
+        protected readonly int[] mProtectionProfiles;
+        protected readonly byte[] mMki;
+
+        /**
+         * @param protectionProfiles see {@link SrtpProtectionProfile} for valid constants.
+         * @param mki                valid lengths from 0 to 255.
+         */
+        public UseSrtpData(int[] protectionProfiles, byte[] mki)
+        {
+            if (protectionProfiles == null || protectionProfiles.Length < 1
+                || protectionProfiles.Length >= (1 << 15))
+            {
+                throw new ArgumentException("must have length from 1 to (2^15 - 1)", "protectionProfiles");
+            }
+
+            if (mki == null)
+            {
+                mki = TlsUtilities.EmptyBytes;
+            }
+            else if (mki.Length > 255)
+            {
+                throw new ArgumentException("cannot be longer than 255 bytes", "mki");
+            }
+
+            this.mProtectionProfiles = protectionProfiles;
+            this.mMki = mki;
+        }
+
+        /**
+         * @return see {@link SrtpProtectionProfile} for valid constants.
+         */
+        public virtual int[] ProtectionProfiles
+        {
+            get { return mProtectionProfiles; }
+        }
+
+        /**
+         * @return valid lengths from 0 to 255.
+         */
+        public virtual byte[] Mki
+        {
+            get { return mMki; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/tls/UserMappingType.cs b/bc-sharp-crypto/src/crypto/tls/UserMappingType.cs
new file mode 100644
index 0000000..6cff517
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/tls/UserMappingType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <remarks>RFC 4681</remarks>
+    public abstract class UserMappingType
+    {
+        /*
+         * RFC 4681
+         */
+        public const byte upn_domain_hint = 64;
+    }
+}
diff --git a/bc-sharp-crypto/src/crypto/util/Pack.cs b/bc-sharp-crypto/src/crypto/util/Pack.cs
new file mode 100644
index 0000000..1b94fee
--- /dev/null
+++ b/bc-sharp-crypto/src/crypto/util/Pack.cs
@@ -0,0 +1,345 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Utilities
+{
+    internal sealed class Pack
+    {
+        private Pack()
+        {
+        }
+
+        internal static void UInt16_To_BE(ushort n, byte[] bs)
+        {
+            bs[0] = (byte)(n >> 8);
+            bs[1] = (byte)(n);
+        }
+
+        internal static void UInt16_To_BE(ushort n, byte[] bs, int off)
+        {
+            bs[off] = (byte)(n >> 8);
+            bs[off + 1] = (byte)(n);
+        }
+
+        internal static ushort BE_To_UInt16(byte[] bs)
+        {
+            uint n = (uint)bs[0] << 8
+                | (uint)bs[1];
+            return (ushort)n;
+        }
+
+        internal static ushort BE_To_UInt16(byte[] bs, int off)
+        {
+            uint n = (uint)bs[off] << 8
+                | (uint)bs[off + 1];
+            return (ushort)n;
+        }
+
+        internal static byte[] UInt32_To_BE(uint n)
+        {
+            byte[] bs = new byte[4];
+            UInt32_To_BE(n, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt32_To_BE(uint n, byte[] bs)
+        {
+            bs[0] = (byte)(n >> 24);
+            bs[1] = (byte)(n >> 16);
+            bs[2] = (byte)(n >> 8);
+            bs[3] = (byte)(n);
+        }
+
+        internal static void UInt32_To_BE(uint n, byte[] bs, int off)
+        {
+            bs[off] = (byte)(n >> 24);
+            bs[off + 1] = (byte)(n >> 16);
+            bs[off + 2] = (byte)(n >> 8);
+            bs[off + 3] = (byte)(n);
+        }
+
+        internal static byte[] UInt32_To_BE(uint[] ns)
+        {
+            byte[] bs = new byte[4 * ns.Length];
+            UInt32_To_BE(ns, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt32_To_BE(uint[] ns, byte[] bs, int off)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                UInt32_To_BE(ns[i], bs, off);
+                off += 4;
+            }
+        }
+
+        internal static uint BE_To_UInt32(byte[] bs)
+        {
+            return (uint)bs[0] << 24
+                | (uint)bs[1] << 16
+                | (uint)bs[2] << 8
+                | (uint)bs[3];
+        }
+
+        internal static uint BE_To_UInt32(byte[] bs, int off)
+        {
+            return (uint)bs[off] << 24
+                | (uint)bs[off + 1] << 16
+                | (uint)bs[off + 2] << 8
+                | (uint)bs[off + 3];
+        }
+
+        internal static void BE_To_UInt32(byte[] bs, int off, uint[] ns)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                ns[i] = BE_To_UInt32(bs, off);
+                off += 4;
+            }
+        }
+
+        internal static byte[] UInt64_To_BE(ulong n)
+        {
+            byte[] bs = new byte[8];
+            UInt64_To_BE(n, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt64_To_BE(ulong n, byte[] bs)
+        {
+            UInt32_To_BE((uint)(n >> 32), bs);
+            UInt32_To_BE((uint)(n), bs, 4);
+        }
+
+        internal static void UInt64_To_BE(ulong n, byte[] bs, int off)
+        {
+            UInt32_To_BE((uint)(n >> 32), bs, off);
+            UInt32_To_BE((uint)(n), bs, off + 4);
+        }
+
+        internal static byte[] UInt64_To_BE(ulong[] ns)
+        {
+            byte[] bs = new byte[8 * ns.Length];
+            UInt64_To_BE(ns, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt64_To_BE(ulong[] ns, byte[] bs, int off)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                UInt64_To_BE(ns[i], bs, off);
+                off += 8;
+            }
+        }
+
+        internal static ulong BE_To_UInt64(byte[] bs)
+        {
+            uint hi = BE_To_UInt32(bs);
+            uint lo = BE_To_UInt32(bs, 4);
+            return ((ulong)hi << 32) | (ulong)lo;
+        }
+
+        internal static ulong BE_To_UInt64(byte[] bs, int off)
+        {
+            uint hi = BE_To_UInt32(bs, off);
+            uint lo = BE_To_UInt32(bs, off + 4);
+            return ((ulong)hi << 32) | (ulong)lo;
+        }
+
+        internal static void BE_To_UInt64(byte[] bs, int off, ulong[] ns)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                ns[i] = BE_To_UInt64(bs, off);
+                off += 8;
+            }
+        }
+
+        internal static void UInt16_To_LE(ushort n, byte[] bs)
+        {
+            bs[0] = (byte)(n);
+            bs[1] = (byte)(n >> 8);
+        }
+
+        internal static void UInt16_To_LE(ushort n, byte[] bs, int off)
+        {
+            bs[off] = (byte)(n);
+            bs[off + 1] = (byte)(n >> 8);
+        }
+
+        internal static ushort LE_To_UInt16(byte[] bs)
+        {
+            uint n = (uint)bs[0]
+                | (uint)bs[1] << 8;
+            return (ushort)n;
+        }
+
+        internal static ushort LE_To_UInt16(byte[] bs, int off)
+        {
+            uint n = (uint)bs[off]
+                | (uint)bs[off + 1] << 8;
+            return (ushort)n;
+        }
+
+        internal static byte[] UInt32_To_LE(uint n)
+        {
+            byte[] bs = new byte[4];
+            UInt32_To_LE(n, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt32_To_LE(uint n, byte[] bs)
+        {
+            bs[0] = (byte)(n);
+            bs[1] = (byte)(n >> 8);
+            bs[2] = (byte)(n >> 16);
+            bs[3] = (byte)(n >> 24);
+        }
+
+        internal static void UInt32_To_LE(uint n, byte[] bs, int off)
+        {
+            bs[off] = (byte)(n);
+            bs[off + 1] = (byte)(n >> 8);
+            bs[off + 2] = (byte)(n >> 16);
+            bs[off + 3] = (byte)(n >> 24);
+        }
+
+        internal static byte[] UInt32_To_LE(uint[] ns)
+        {
+            byte[] bs = new byte[4 * ns.Length];
+            UInt32_To_LE(ns, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt32_To_LE(uint[] ns, byte[] bs, int off)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                UInt32_To_LE(ns[i], bs, off);
+                off += 4;
+            }
+        }
+
+        internal static uint LE_To_UInt32(byte[] bs)
+        {
+            return (uint)bs[0]
+                | (uint)bs[1] << 8
+                | (uint)bs[2] << 16
+                | (uint)bs[3] << 24;
+        }
+
+        internal static uint LE_To_UInt32(byte[] bs, int off)
+        {
+            return (uint)bs[off]
+                | (uint)bs[off + 1] << 8
+                | (uint)bs[off + 2] << 16
+                | (uint)bs[off + 3] << 24;
+        }
+
+        internal static void LE_To_UInt32(byte[] bs, int off, uint[] ns)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                ns[i] = LE_To_UInt32(bs, off);
+                off += 4;
+            }
+        }
+
+        internal static void LE_To_UInt32(byte[] bs, int bOff, uint[] ns, int nOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                ns[nOff + i] = LE_To_UInt32(bs, bOff);
+                bOff += 4;
+            }
+        }
+
+        internal static uint[] LE_To_UInt32(byte[] bs, int off, int count)
+        {
+            uint[] ns = new uint[count];
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                ns[i] = LE_To_UInt32(bs, off);
+                off += 4;
+            }
+            return ns;
+        }
+
+        internal static byte[] UInt64_To_LE(ulong n)
+        {
+            byte[] bs = new byte[8];
+            UInt64_To_LE(n, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt64_To_LE(ulong n, byte[] bs)
+        {
+            UInt32_To_LE((uint)(n), bs);
+            UInt32_To_LE((uint)(n >> 32), bs, 4);
+        }
+
+        internal static void UInt64_To_LE(ulong n, byte[] bs, int off)
+        {
+            UInt32_To_LE((uint)(n), bs, off);
+            UInt32_To_LE((uint)(n >> 32), bs, off + 4);
+        }
+
+        internal static byte[] UInt64_To_LE(ulong[] ns)
+        {
+            byte[] bs = new byte[8 * ns.Length];
+            UInt64_To_LE(ns, bs, 0);
+            return bs;
+        }
+
+        internal static void UInt64_To_LE(ulong[] ns, byte[] bs, int off)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                UInt64_To_LE(ns[i], bs, off);
+                off += 8;
+            }
+        }
+
+        internal static void UInt64_To_LE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
+        {
+            for (int i = 0; i < nsLen; ++i)
+            {
+                UInt64_To_LE(ns[nsOff + i], bs, bsOff);
+                bsOff += 8;
+            }
+        }
+
+        internal static ulong LE_To_UInt64(byte[] bs)
+        {
+            uint lo = LE_To_UInt32(bs);
+            uint hi = LE_To_UInt32(bs, 4);
+            return ((ulong)hi << 32) | (ulong)lo;
+        }
+
+        internal static ulong LE_To_UInt64(byte[] bs, int off)
+        {
+            uint lo = LE_To_UInt32(bs, off);
+            uint hi = LE_To_UInt32(bs, off + 4);
+            return ((ulong)hi << 32) | (ulong)lo;
+        }
+
+        internal static void LE_To_UInt64(byte[] bs, int off, ulong[] ns)
+        {
+            for (int i = 0; i < ns.Length; ++i)
+            {
+                ns[i] = LE_To_UInt64(bs, off);
+                off += 8;
+            }
+        }
+
+        internal static void LE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen)
+        {
+            for (int i = 0; i < nsLen; ++i)
+            {
+                ns[nsOff + i] = LE_To_UInt64(bs, bsOff);
+                bsOff += 8;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/BigInteger.cs b/bc-sharp-crypto/src/math/BigInteger.cs
new file mode 100644
index 0000000..b35701f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/BigInteger.cs
@@ -0,0 +1,3592 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.Globalization;
+using System.Text;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class BigInteger
+    {
+        // The first few odd primes
+        /*
+                3   5   7   11  13  17  19  23  29
+            31  37  41  43  47  53  59  61  67  71
+            73  79  83  89  97  101 103 107 109 113
+            127 131 137 139 149 151 157 163 167 173
+            179 181 191 193 197 199 211 223 227 229
+            233 239 241 251 257 263 269 271 277 281
+            283 293 307 311 313 317 331 337 347 349
+            353 359 367 373 379 383 389 397 401 409
+            419 421 431 433 439 443 449 457 461 463
+            467 479 487 491 499 503 509 521 523 541
+            547 557 563 569 571 577 587 593 599 601
+            607 613 617 619 631 641 643 647 653 659
+            661 673 677 683 691 701 709 719 727 733
+            739 743 751 757 761 769 773 787 797 809
+            811 821 823 827 829 839 853 857 859 863
+            877 881 883 887 907 911 919 929 937 941
+            947 953 967 971 977 983 991 997 1009
+            1013 1019 1021 1031 1033 1039 1049 1051
+            1061 1063 1069 1087 1091 1093 1097 1103
+            1109 1117 1123 1129 1151 1153 1163 1171
+            1181 1187 1193 1201 1213 1217 1223 1229
+            1231 1237 1249 1259 1277 1279 1283 1289
+        */
+
+        // Each list has a product < 2^31
+        internal static readonly int[][] primeLists = new int[][]
+        {
+            new int[]{ 3, 5, 7, 11, 13, 17, 19, 23 },
+            new int[]{ 29, 31, 37, 41, 43 },
+            new int[]{ 47, 53, 59, 61, 67 },
+            new int[]{ 71, 73, 79, 83 },
+            new int[]{ 89, 97, 101, 103 },
+
+            new int[]{ 107, 109, 113, 127 },
+            new int[]{ 131, 137, 139, 149 },
+            new int[]{ 151, 157, 163, 167 },
+            new int[]{ 173, 179, 181, 191 },
+            new int[]{ 193, 197, 199, 211 },
+
+            new int[]{ 223, 227, 229 },
+            new int[]{ 233, 239, 241 },
+            new int[]{ 251, 257, 263 },
+            new int[]{ 269, 271, 277 },
+            new int[]{ 281, 283, 293 },
+
+            new int[]{ 307, 311, 313 },
+            new int[]{ 317, 331, 337 },
+            new int[]{ 347, 349, 353 },
+            new int[]{ 359, 367, 373 },
+            new int[]{ 379, 383, 389 },
+
+            new int[]{ 397, 401, 409 },
+            new int[]{ 419, 421, 431 },
+            new int[]{ 433, 439, 443 },
+            new int[]{ 449, 457, 461 },
+            new int[]{ 463, 467, 479 },
+
+            new int[]{ 487, 491, 499 },
+            new int[]{ 503, 509, 521 },
+            new int[]{ 523, 541, 547 },
+            new int[]{ 557, 563, 569 },
+            new int[]{ 571, 577, 587 },
+
+            new int[]{ 593, 599, 601 },
+            new int[]{ 607, 613, 617 },
+            new int[]{ 619, 631, 641 },
+            new int[]{ 643, 647, 653 },
+            new int[]{ 659, 661, 673 },
+
+            new int[]{ 677, 683, 691 },
+            new int[]{ 701, 709, 719 },
+            new int[]{ 727, 733, 739 },
+            new int[]{ 743, 751, 757 },
+            new int[]{ 761, 769, 773 },
+
+            new int[]{ 787, 797, 809 },
+            new int[]{ 811, 821, 823 },
+            new int[]{ 827, 829, 839 },
+            new int[]{ 853, 857, 859 },
+            new int[]{ 863, 877, 881 },
+
+            new int[]{ 883, 887, 907 },
+            new int[]{ 911, 919, 929 },
+            new int[]{ 937, 941, 947 },
+            new int[]{ 953, 967, 971 },
+            new int[]{ 977, 983, 991 },
+
+            new int[]{ 997, 1009, 1013 },
+            new int[]{ 1019, 1021, 1031 },
+            new int[]{ 1033, 1039, 1049 },
+            new int[]{ 1051, 1061, 1063 },
+            new int[]{ 1069, 1087, 1091 },
+
+            new int[]{ 1093, 1097, 1103 },
+            new int[]{ 1109, 1117, 1123 },
+            new int[]{ 1129, 1151, 1153 },
+            new int[]{ 1163, 1171, 1181 },
+            new int[]{ 1187, 1193, 1201 },
+
+            new int[]{ 1213, 1217, 1223 },
+            new int[]{ 1229, 1231, 1237 },
+            new int[]{ 1249, 1259, 1277 },
+            new int[]{ 1279, 1283, 1289 },
+        };
+
+        internal static readonly int[] primeProducts;
+
+        private const long IMASK = 0xFFFFFFFFL;
+        private const ulong UIMASK = 0xFFFFFFFFUL;
+
+        private static readonly int[] ZeroMagnitude = new int[0];
+        private static readonly byte[] ZeroEncoding = new byte[0];
+
+        private static readonly BigInteger[] SMALL_CONSTANTS = new BigInteger[17];
+        public static readonly BigInteger Zero;
+        public static readonly BigInteger One;
+        public static readonly BigInteger Two;
+        public static readonly BigInteger Three;
+        public static readonly BigInteger Ten;
+
+        //private readonly static byte[] BitCountTable =
+        //{
+        //    0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4,
+        //    1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+        //    1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+        //    1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+        //    2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
+        //    3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+        //    3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
+        //    4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
+        //};
+
+        private readonly static byte[] BitLengthTable =
+        {
+            0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
+            5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
+            6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+            6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8
+        };
+
+        // TODO Parse radix-2 64 bits at a time and radix-8 63 bits at a time
+        private const int chunk2 = 1, chunk8 = 1, chunk10 = 19, chunk16 = 16;
+        private static readonly BigInteger radix2, radix2E, radix8, radix8E, radix10, radix10E, radix16, radix16E;
+
+        private static readonly SecureRandom RandomSource = new SecureRandom();
+
+        /*
+         * These are the threshold bit-lengths (of an exponent) where we increase the window size.
+         * They are calculated according to the expected savings in multiplications.
+         * Some squares will also be saved on average, but we offset these against the extra storage costs.
+         */
+        private static readonly int[] ExpWindowThresholds = { 7, 25, 81, 241, 673, 1793, 4609, Int32.MaxValue };
+
+        private const int BitsPerByte = 8;
+        private const int BitsPerInt = 32;
+        private const int BytesPerInt = 4;
+
+        static BigInteger()
+        {
+            Zero = new BigInteger(0, ZeroMagnitude, false);
+            Zero.nBits = 0; Zero.nBitLength = 0;
+
+            SMALL_CONSTANTS[0] = Zero;
+            for (uint i = 1; i < SMALL_CONSTANTS.Length; ++i)
+            {
+                SMALL_CONSTANTS[i] = CreateUValueOf(i);
+            }
+
+            One = SMALL_CONSTANTS[1];
+            Two = SMALL_CONSTANTS[2];
+            Three = SMALL_CONSTANTS[3];
+            Ten = SMALL_CONSTANTS[10];
+
+            radix2 = ValueOf(2);
+            radix2E = radix2.Pow(chunk2);
+
+            radix8 = ValueOf(8);
+            radix8E = radix8.Pow(chunk8);
+
+            radix10 = ValueOf(10);
+            radix10E = radix10.Pow(chunk10);
+
+            radix16 = ValueOf(16);
+            radix16E = radix16.Pow(chunk16);
+
+            primeProducts = new int[primeLists.Length];
+
+            for (int i = 0; i < primeLists.Length; ++i)
+            {
+                int[] primeList = primeLists[i];
+                int product = primeList[0];
+                for (int j = 1; j < primeList.Length; ++j)
+                {
+                    product *= primeList[j];
+                }
+                primeProducts[i] = product;
+            }
+        }
+
+        private int[] magnitude; // array of ints with [0] being the most significant
+        private int sign; // -1 means -ve; +1 means +ve; 0 means 0;
+        private int nBits = -1; // cache BitCount() value
+        private int nBitLength = -1; // cache BitLength() value
+        private int mQuote = 0; // -m^(-1) mod b, b = 2^32 (see Montgomery mult.), 0 when uninitialised
+
+        private static int GetByteLength(
+            int nBits)
+        {
+            return (nBits + BitsPerByte - 1) / BitsPerByte;
+        }
+
+        internal static BigInteger Arbitrary(int sizeInBits)
+        {
+            return new BigInteger(sizeInBits, RandomSource);
+        }
+
+        private BigInteger(
+            int		signum,
+            int[]	mag,
+            bool	checkMag)
+        {
+            if (checkMag)
+            {
+                int i = 0;
+                while (i < mag.Length && mag[i] == 0)
+                {
+                    ++i;
+                }
+
+                if (i == mag.Length)
+                {
+                    this.sign = 0;
+                    this.magnitude = ZeroMagnitude;
+                }
+                else
+                {
+                    this.sign = signum;
+
+                    if (i == 0)
+                    {
+                        this.magnitude = mag;
+                    }
+                    else
+                    {
+                        // strip leading 0 words
+                        this.magnitude = new int[mag.Length - i];
+                        Array.Copy(mag, i, this.magnitude, 0, this.magnitude.Length);
+                    }
+                }
+            }
+            else
+            {
+                this.sign = signum;
+                this.magnitude = mag;
+            }
+        }
+
+        public BigInteger(
+            string value)
+            : this(value, 10)
+        {
+        }
+
+        public BigInteger(
+            string	str,
+            int		radix)
+        {
+            if (str.Length == 0)
+                throw new FormatException("Zero length BigInteger");
+
+            NumberStyles style;
+            int chunk;
+            BigInteger r;
+            BigInteger rE;
+
+            switch (radix)
+            {
+                case 2:
+                    // Is there anyway to restrict to binary digits?
+                    style = NumberStyles.Integer;
+                    chunk = chunk2;
+                    r = radix2;
+                    rE = radix2E;
+                    break;
+                case 8:
+                    // Is there anyway to restrict to octal digits?
+                    style = NumberStyles.Integer;
+                    chunk = chunk8;
+                    r = radix8;
+                    rE = radix8E;
+                    break;
+                case 10:
+                    // This style seems to handle spaces and minus sign already (our processing redundant?)
+                    style = NumberStyles.Integer;
+                    chunk = chunk10;
+                    r = radix10;
+                    rE = radix10E;
+                    break;
+                case 16:
+                    // TODO Should this be HexNumber?
+                    style = NumberStyles.AllowHexSpecifier;
+                    chunk = chunk16;
+                    r = radix16;
+                    rE = radix16E;
+                    break;
+                default:
+                    throw new FormatException("Only bases 2, 8, 10, or 16 allowed");
+            }
+
+
+            int index = 0;
+            sign = 1;
+
+            if (str[0] == '-')
+            {
+                if (str.Length == 1)
+                    throw new FormatException("Zero length BigInteger");
+
+                sign = -1;
+                index = 1;
+            }
+
+            // strip leading zeros from the string str
+            while (index < str.Length && Int32.Parse(str[index].ToString(), style) == 0)
+            {
+                index++;
+            }
+
+            if (index >= str.Length)
+            {
+                // zero value - we're done
+                sign = 0;
+                magnitude = ZeroMagnitude;
+                return;
+            }
+
+            //////
+            // could we work out the max number of ints required to store
+            // str.Length digits in the given base, then allocate that
+            // storage in one hit?, then Generate the magnitude in one hit too?
+            //////
+
+            BigInteger b = Zero;
+
+
+            int next = index + chunk;
+
+            if (next <= str.Length)
+            {
+                do
+                {
+                    string s = str.Substring(index, chunk);
+                    ulong i = ulong.Parse(s, style);
+                    BigInteger bi = CreateUValueOf(i);
+
+                    switch (radix)
+                    {
+                        case 2:
+                            // TODO Need this because we are parsing in radix 10 above
+                            if (i >= 2)
+                                throw new FormatException("Bad character in radix 2 string: " + s);
+
+                            // TODO Parse 64 bits at a time
+                            b = b.ShiftLeft(1);
+                            break;
+                        case 8:
+                            // TODO Need this because we are parsing in radix 10 above
+                            if (i >= 8)
+                                throw new FormatException("Bad character in radix 8 string: " + s);
+
+                            // TODO Parse 63 bits at a time
+                            b = b.ShiftLeft(3);
+                            break;
+                        case 16:
+                            b = b.ShiftLeft(64);
+                            break;
+                        default:
+                            b = b.Multiply(rE);
+                            break;
+                    }
+
+                    b = b.Add(bi);
+
+                    index = next;
+                    next += chunk;
+                }
+                while (next <= str.Length);
+            }
+
+            if (index < str.Length)
+            {
+                string s = str.Substring(index);
+                ulong i = ulong.Parse(s, style);
+                BigInteger bi = CreateUValueOf(i);
+
+                if (b.sign > 0)
+                {
+                    if (radix == 2)
+                    {
+                        // NB: Can't reach here since we are parsing one char at a time
+                        Debug.Assert(false);
+
+                        // TODO Parse all bits at once
+//						b = b.ShiftLeft(s.Length);
+                    }
+                    else if (radix == 8)
+                    {
+                        // NB: Can't reach here since we are parsing one char at a time
+                        Debug.Assert(false);
+
+                        // TODO Parse all bits at once
+//						b = b.ShiftLeft(s.Length * 3);
+                    }
+                    else if (radix == 16)
+                    {
+                        b = b.ShiftLeft(s.Length << 2);
+                    }
+                    else
+                    {
+                        b = b.Multiply(r.Pow(s.Length));
+                    }
+
+                    b = b.Add(bi);
+                }
+                else
+                {
+                    b = bi;
+                }
+            }
+
+            // Note: This is the previous (slower) algorithm
+//			while (index < value.Length)
+//            {
+//				char c = value[index];
+//				string s = c.ToString();
+//				int i = Int32.Parse(s, style);
+//
+//                b = b.Multiply(r).Add(ValueOf(i));
+//                index++;
+//            }
+
+            magnitude = b.magnitude;
+        }
+
+        public BigInteger(
+            byte[] bytes)
+            : this(bytes, 0, bytes.Length)
+        {
+        }
+
+        public BigInteger(
+            byte[]	bytes,
+            int		offset,
+            int		length)
+        {
+            if (length == 0)
+                throw new FormatException("Zero length BigInteger");
+
+            // TODO Move this processing into MakeMagnitude (provide sign argument)
+            if ((sbyte)bytes[offset] < 0)
+            {
+                this.sign = -1;
+
+                int end = offset + length;
+
+                int iBval;
+                // strip leading sign bytes
+                for (iBval = offset; iBval < end && ((sbyte)bytes[iBval] == -1); iBval++)
+                {
+                }
+
+                if (iBval >= end)
+                {
+                    this.magnitude = One.magnitude;
+                }
+                else
+                {
+                    int numBytes = end - iBval;
+                    byte[] inverse = new byte[numBytes];
+
+                    int index = 0;
+                    while (index < numBytes)
+                    {
+                        inverse[index++] = (byte)~bytes[iBval++];
+                    }
+
+                    Debug.Assert(iBval == end);
+
+                    while (inverse[--index] == byte.MaxValue)
+                    {
+                        inverse[index] = byte.MinValue;
+                    }
+
+                    inverse[index]++;
+
+                    this.magnitude = MakeMagnitude(inverse, 0, inverse.Length);
+                }
+            }
+            else
+            {
+                // strip leading zero bytes and return magnitude bytes
+                this.magnitude = MakeMagnitude(bytes, offset, length);
+                this.sign = this.magnitude.Length > 0 ? 1 : 0;
+            }
+        }
+
+        private static int[] MakeMagnitude(
+            byte[]	bytes,
+            int		offset,
+            int		length)
+        {
+            int end = offset + length;
+
+            // strip leading zeros
+            int firstSignificant;
+            for (firstSignificant = offset; firstSignificant < end
+                && bytes[firstSignificant] == 0; firstSignificant++)
+            {
+            }
+
+            if (firstSignificant >= end)
+            {
+                return ZeroMagnitude;
+            }
+
+            int nInts = (end - firstSignificant + 3) / BytesPerInt;
+            int bCount = (end - firstSignificant) % BytesPerInt;
+            if (bCount == 0)
+            {
+                bCount = BytesPerInt;
+            }
+
+            if (nInts < 1)
+            {
+                return ZeroMagnitude;
+            }
+
+            int[] mag = new int[nInts];
+
+            int v = 0;
+            int magnitudeIndex = 0;
+            for (int i = firstSignificant; i < end; ++i)
+            {
+                v <<= 8;
+                v |= bytes[i] & 0xff;
+                bCount--;
+                if (bCount <= 0)
+                {
+                    mag[magnitudeIndex] = v;
+                    magnitudeIndex++;
+                    bCount = BytesPerInt;
+                    v = 0;
+                }
+            }
+
+            if (magnitudeIndex < mag.Length)
+            {
+                mag[magnitudeIndex] = v;
+            }
+
+            return mag;
+        }
+
+        public BigInteger(
+            int		sign,
+            byte[]	bytes)
+            : this(sign, bytes, 0, bytes.Length)
+        {
+        }
+
+        public BigInteger(
+            int		sign,
+            byte[]	bytes,
+            int		offset,
+            int		length)
+        {
+            if (sign < -1 || sign > 1)
+                throw new FormatException("Invalid sign value");
+
+            if (sign == 0)
+            {
+                this.sign = 0;
+                this.magnitude = ZeroMagnitude;
+            }
+            else
+            {
+                // copy bytes
+                this.magnitude = MakeMagnitude(bytes, offset, length);
+                this.sign = this.magnitude.Length < 1 ? 0 : sign;
+            }
+        }
+
+        public BigInteger(
+            int		sizeInBits,
+            Random	random)
+        {
+            if (sizeInBits < 0)
+                throw new ArgumentException("sizeInBits must be non-negative");
+
+            this.nBits = -1;
+            this.nBitLength = -1;
+
+            if (sizeInBits == 0)
+            {
+                this.sign = 0;
+                this.magnitude = ZeroMagnitude;
+                return;
+            }
+
+            int nBytes = GetByteLength(sizeInBits);
+            byte[] b = new byte[nBytes];
+            random.NextBytes(b);
+
+            // strip off any excess bits in the MSB
+            int xBits = BitsPerByte * nBytes - sizeInBits;
+            b[0] &= (byte)(255U >> xBits);
+
+            this.magnitude = MakeMagnitude(b, 0, b.Length);
+            this.sign = this.magnitude.Length < 1 ? 0 : 1;
+        }
+
+        public BigInteger(
+            int		bitLength,
+            int		certainty,
+            Random	random)
+        {
+            if (bitLength < 2)
+                throw new ArithmeticException("bitLength < 2");
+
+            this.sign = 1;
+            this.nBitLength = bitLength;
+
+            if (bitLength == 2)
+            {
+                this.magnitude = random.Next(2) == 0
+                    ?	Two.magnitude
+                    :	Three.magnitude;
+                return;
+            }
+             
+            int nBytes = GetByteLength(bitLength);
+            byte[] b = new byte[nBytes];
+
+            int xBits = BitsPerByte * nBytes - bitLength;
+            byte mask = (byte)(255U >> xBits);
+            byte lead = (byte)(1 << (7 - xBits));
+
+            for (;;)
+            {
+                random.NextBytes(b);
+
+                // strip off any excess bits in the MSB
+                b[0] &= mask;
+
+                // ensure the leading bit is 1 (to meet the strength requirement)
+                b[0] |= lead;
+
+                // ensure the trailing bit is 1 (i.e. must be odd)
+                b[nBytes - 1] |= 1;
+
+                this.magnitude = MakeMagnitude(b, 0, b.Length);
+                this.nBits = -1;
+                this.mQuote = 0;
+
+                if (certainty < 1)
+                    break;
+
+                if (CheckProbablePrime(certainty, random, true))
+                    break;
+
+                for (int j = 1; j < (magnitude.Length - 1); ++j)
+                {
+                    this.magnitude[j] ^= random.Next();
+
+                    if (CheckProbablePrime(certainty, random, true))
+                        return;
+                }
+            }
+        }
+
+        public BigInteger Abs()
+        {
+            return sign >= 0 ? this : Negate();
+        }
+
+        /**
+         * return a = a + b - b preserved.
+         */
+        private static int[] AddMagnitudes(
+            int[] a,
+            int[] b)
+        {
+            int tI = a.Length - 1;
+            int vI = b.Length - 1;
+            long m = 0;
+
+            while (vI >= 0)
+            {
+                m += ((long)(uint)a[tI] + (long)(uint)b[vI--]);
+                a[tI--] = (int)m;
+                m = (long)((ulong)m >> 32);
+            }
+
+            if (m != 0)
+            {
+                while (tI >= 0 && ++a[tI--] == 0)
+                {
+                }
+            }
+
+            return a;
+        }
+
+        public BigInteger Add(
+            BigInteger value)
+        {
+            if (this.sign == 0)
+                return value;
+
+            if (this.sign != value.sign)
+            {
+                if (value.sign == 0)
+                    return this;
+
+                if (value.sign < 0)
+                    return Subtract(value.Negate());
+
+                return value.Subtract(Negate());
+            }
+
+            return AddToMagnitude(value.magnitude);
+        }
+
+        private BigInteger AddToMagnitude(
+            int[] magToAdd)
+        {
+            int[] big, small;
+            if (this.magnitude.Length < magToAdd.Length)
+            {
+                big = magToAdd;
+                small = this.magnitude;
+            }
+            else
+            {
+                big = this.magnitude;
+                small = magToAdd;
+            }
+
+            // Conservatively avoid over-allocation when no overflow possible
+            uint limit = uint.MaxValue;
+            if (big.Length == small.Length)
+                limit -= (uint) small[0];
+
+            bool possibleOverflow = (uint) big[0] >= limit;
+
+            int[] bigCopy;
+            if (possibleOverflow)
+            {
+                bigCopy = new int[big.Length + 1];
+                big.CopyTo(bigCopy, 1);
+            }
+            else
+            {
+                bigCopy = (int[]) big.Clone();
+            }
+
+            bigCopy = AddMagnitudes(bigCopy, small);
+
+            return new BigInteger(this.sign, bigCopy, possibleOverflow);
+        }
+
+        public BigInteger And(
+            BigInteger value)
+        {
+            if (this.sign == 0 || value.sign == 0)
+            {
+                return Zero;
+            }
+
+            int[] aMag = this.sign > 0
+                ? this.magnitude
+                : Add(One).magnitude;
+
+            int[] bMag = value.sign > 0
+                ? value.magnitude
+                : value.Add(One).magnitude;
+
+            bool resultNeg = sign < 0 && value.sign < 0;
+            int resultLength = System.Math.Max(aMag.Length, bMag.Length);
+            int[] resultMag = new int[resultLength];
+
+            int aStart = resultMag.Length - aMag.Length;
+            int bStart = resultMag.Length - bMag.Length;
+
+            for (int i = 0; i < resultMag.Length; ++i)
+            {
+                int aWord = i >= aStart ? aMag[i - aStart] : 0;
+                int bWord = i >= bStart ? bMag[i - bStart] : 0;
+
+                if (this.sign < 0)
+                {
+                    aWord = ~aWord;
+                }
+
+                if (value.sign < 0)
+                {
+                    bWord = ~bWord;
+                }
+
+                resultMag[i] = aWord & bWord;
+
+                if (resultNeg)
+                {
+                    resultMag[i] = ~resultMag[i];
+                }
+            }
+
+            BigInteger result = new BigInteger(1, resultMag, true);
+
+            // TODO Optimise this case
+            if (resultNeg)
+            {
+                result = result.Not();
+            }
+
+            return result;
+        }
+
+        public BigInteger AndNot(
+            BigInteger val)
+        {
+            return And(val.Not());
+        }
+
+        public int BitCount
+        {
+            get
+            {
+                if (nBits == -1)
+                {
+                    if (sign < 0)
+                    {
+                        // TODO Optimise this case
+                        nBits = Not().BitCount;
+                    }
+                    else
+                    {
+                        int sum = 0;
+                        for (int i = 0; i < magnitude.Length; ++i)
+                        {
+                            sum += BitCnt(magnitude[i]);
+                        }
+                        nBits = sum;
+                    }
+                }
+
+                return nBits;
+            }
+        }
+
+        public static int BitCnt(int i)
+        {
+            uint u = (uint)i;
+            u = u - ((u >> 1) & 0x55555555);
+            u = (u & 0x33333333) + ((u >> 2) & 0x33333333);
+            u = (u + (u >> 4)) & 0x0f0f0f0f;
+            u += (u >> 8);
+            u += (u >> 16);
+            u &= 0x3f;
+            return (int)u;
+        }
+
+        private static int CalcBitLength(int sign, int indx, int[]	mag)
+        {
+            for (;;)
+            {
+                if (indx >= mag.Length)
+                    return 0;
+
+                if (mag[indx] != 0)
+                    break;
+
+                ++indx;
+            }
+
+            // bit length for everything after the first int
+            int bitLength = 32 * ((mag.Length - indx) - 1);
+
+            // and determine bitlength of first int
+            int firstMag = mag[indx];
+            bitLength += BitLen(firstMag);
+
+            // Check for negative powers of two
+            if (sign < 0 && ((firstMag & -firstMag) == firstMag))
+            {
+                do
+                {
+                    if (++indx >= mag.Length)
+                    {
+                        --bitLength;
+                        break;
+                    }
+                }
+                while (mag[indx] == 0);
+            }
+
+            return bitLength;
+        }
+
+        public int BitLength
+        {
+            get
+            {
+                if (nBitLength == -1)
+                {
+                    nBitLength = sign == 0
+                        ? 0
+                        : CalcBitLength(sign, 0, magnitude);
+                }
+
+                return nBitLength;
+            }
+        }
+
+        //
+        // BitLen(value) is the number of bits in value.
+        //
+        internal static int BitLen(int w)
+        {
+            uint v = (uint)w;
+            uint t = v >> 24;
+            if (t != 0)
+                return 24 + BitLengthTable[t];
+            t = v >> 16;
+            if (t != 0)
+                return 16 + BitLengthTable[t];
+            t = v >> 8;
+            if (t != 0)
+                return 8 + BitLengthTable[t];
+            return BitLengthTable[v];
+        }
+
+        private bool QuickPow2Check()
+        {
+            return sign > 0 && nBits == 1;
+        }
+
+        public int CompareTo(
+            object obj)
+        {
+            return CompareTo((BigInteger)obj);
+        }
+
+        /**
+         * unsigned comparison on two arrays - note the arrays may
+         * start with leading zeros.
+         */
+        private static int CompareTo(
+            int		xIndx,
+            int[]	x,
+            int		yIndx,
+            int[]	y)
+        {
+            while (xIndx != x.Length && x[xIndx] == 0)
+            {
+                xIndx++;
+            }
+
+            while (yIndx != y.Length && y[yIndx] == 0)
+            {
+                yIndx++;
+            }
+
+            return CompareNoLeadingZeroes(xIndx, x, yIndx, y);
+        }
+
+        private static int CompareNoLeadingZeroes(
+            int		xIndx,
+            int[]	x,
+            int		yIndx,
+            int[]	y)
+        {
+            int diff = (x.Length - y.Length) - (xIndx - yIndx);
+
+            if (diff != 0)
+            {
+                return diff < 0 ? -1 : 1;
+            }
+
+            // lengths of magnitudes the same, test the magnitude values
+
+            while (xIndx < x.Length)
+            {
+                uint v1 = (uint)x[xIndx++];
+                uint v2 = (uint)y[yIndx++];
+
+                if (v1 != v2)
+                    return v1 < v2 ? -1 : 1;
+            }
+
+            return 0;
+        }
+
+        public int CompareTo(
+            BigInteger value)
+        {
+            return sign < value.sign ? -1
+                : sign > value.sign ? 1
+                : sign == 0 ? 0
+                : sign * CompareNoLeadingZeroes(0, magnitude, 0, value.magnitude);
+        }
+
+        /**
+         * return z = x / y - done in place (z value preserved, x contains the
+         * remainder)
+         */
+        private int[] Divide(
+            int[]	x,
+            int[]	y)
+        {
+            int xStart = 0;
+            while (xStart < x.Length && x[xStart] == 0)
+            {
+                ++xStart;
+            }
+
+            int yStart = 0;
+            while (yStart < y.Length && y[yStart] == 0)
+            {
+                ++yStart;
+            }
+
+            Debug.Assert(yStart < y.Length);
+
+            int xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y);
+            int[] count;
+
+            if (xyCmp > 0)
+            {
+                int yBitLength = CalcBitLength(1, yStart, y);
+                int xBitLength = CalcBitLength(1, xStart, x);
+                int shift = xBitLength - yBitLength;
+
+                int[] iCount;
+                int iCountStart = 0;
+
+                int[] c;
+                int cStart = 0;
+                int cBitLength = yBitLength;
+                if (shift > 0)
+                {
+//					iCount = ShiftLeft(One.magnitude, shift);
+                    iCount = new int[(shift >> 5) + 1];
+                    iCount[0] = 1 << (shift % 32);
+
+                    c = ShiftLeft(y, shift);
+                    cBitLength += shift;
+                }
+                else
+                {
+                    iCount = new int[] { 1 };
+
+                    int len = y.Length - yStart;
+                    c = new int[len];
+                    Array.Copy(y, yStart, c, 0, len);
+                }
+
+                count = new int[iCount.Length];
+
+                for (;;)
+                {
+                    if (cBitLength < xBitLength
+                        || CompareNoLeadingZeroes(xStart, x, cStart, c) >= 0)
+                    {
+                        Subtract(xStart, x, cStart, c);
+                        AddMagnitudes(count, iCount);
+
+                        while (x[xStart] == 0)
+                        {
+                            if (++xStart == x.Length)
+                                return count;
+                        }
+
+                        //xBitLength = CalcBitLength(xStart, x);
+                        xBitLength = 32 * (x.Length - xStart - 1) + BitLen(x[xStart]);
+
+                        if (xBitLength <= yBitLength)
+                        {
+                            if (xBitLength < yBitLength)
+                                return count;
+
+                            xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y);
+
+                            if (xyCmp <= 0)
+                                break;
+                        }
+                    }
+
+                    shift = cBitLength - xBitLength;
+
+                    // NB: The case where c[cStart] is 1-bit is harmless
+                    if (shift == 1)
+                    {
+                        uint firstC = (uint) c[cStart] >> 1;
+                        uint firstX = (uint) x[xStart];
+                        if (firstC > firstX)
+                            ++shift;
+                    }
+
+                    if (shift < 2)
+                    {
+                        ShiftRightOneInPlace(cStart, c);
+                        --cBitLength;
+                        ShiftRightOneInPlace(iCountStart, iCount);
+                    }
+                    else
+                    {
+                        ShiftRightInPlace(cStart, c, shift);
+                        cBitLength -= shift;
+                        ShiftRightInPlace(iCountStart, iCount, shift);
+                    }
+
+                    //cStart = c.Length - ((cBitLength + 31) / 32);
+                    while (c[cStart] == 0)
+                    {
+                        ++cStart;
+                    }
+
+                    while (iCount[iCountStart] == 0)
+                    {
+                        ++iCountStart;
+                    }
+                }
+            }
+            else
+            {
+                count = new int[1];
+            }
+
+            if (xyCmp == 0)
+            {
+                AddMagnitudes(count, One.magnitude);
+                Array.Clear(x, xStart, x.Length - xStart);
+            }
+
+            return count;
+        }
+
+        public BigInteger Divide(
+            BigInteger val)
+        {
+            if (val.sign == 0)
+                throw new ArithmeticException("Division by zero error");
+
+            if (sign == 0)
+                return Zero;
+
+            if (val.QuickPow2Check()) // val is power of two
+            {
+                BigInteger result = this.Abs().ShiftRight(val.Abs().BitLength - 1);
+                return val.sign == this.sign ? result : result.Negate();
+            }
+
+            int[] mag = (int[]) this.magnitude.Clone();
+
+            return new BigInteger(this.sign * val.sign, Divide(mag, val.magnitude), true);
+        }
+
+        public BigInteger[] DivideAndRemainder(
+            BigInteger val)
+        {
+            if (val.sign == 0)
+                throw new ArithmeticException("Division by zero error");
+
+            BigInteger[] biggies = new BigInteger[2];
+
+            if (sign == 0)
+            {
+                biggies[0] = Zero;
+                biggies[1] = Zero;
+            }
+            else if (val.QuickPow2Check()) // val is power of two
+            {
+                int e = val.Abs().BitLength - 1;
+                BigInteger quotient = this.Abs().ShiftRight(e);
+                int[] remainder = this.LastNBits(e);
+
+                biggies[0] = val.sign == this.sign ? quotient : quotient.Negate();
+                biggies[1] = new BigInteger(this.sign, remainder, true);
+            }
+            else
+            {
+                int[] remainder = (int[]) this.magnitude.Clone();
+                int[] quotient = Divide(remainder, val.magnitude);
+
+                biggies[0] = new BigInteger(this.sign * val.sign, quotient, true);
+                biggies[1] = new BigInteger(this.sign, remainder, true);
+            }
+
+            return biggies;
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            BigInteger biggie = obj as BigInteger;
+            if (biggie == null)
+                return false;
+
+            return sign == biggie.sign && IsEqualMagnitude(biggie);
+        }
+
+        private bool IsEqualMagnitude(BigInteger x)
+        {
+            int[] xMag = x.magnitude;
+            if (magnitude.Length != x.magnitude.Length)
+                return false;
+            for (int i = 0; i < magnitude.Length; i++)
+            {
+                if (magnitude[i] != x.magnitude[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public BigInteger Gcd(
+            BigInteger value)
+        {
+            if (value.sign == 0)
+                return Abs();
+
+            if (sign == 0)
+                return value.Abs();
+
+            BigInteger r;
+            BigInteger u = this;
+            BigInteger v = value;
+
+            while (v.sign != 0)
+            {
+                r = u.Mod(v);
+                u = v;
+                v = r;
+            }
+
+            return u;
+        }
+
+        public override int GetHashCode()
+        {
+            int hc = magnitude.Length;
+            if (magnitude.Length > 0)
+            {
+                hc ^= magnitude[0];
+
+                if (magnitude.Length > 1)
+                {
+                    hc ^= magnitude[magnitude.Length - 1];
+                }
+            }
+
+            return sign < 0 ? ~hc : hc;
+        }
+
+        // TODO Make public?
+        private BigInteger Inc()
+        {
+            if (this.sign == 0)
+                return One;
+
+            if (this.sign < 0)
+                return new BigInteger(-1, doSubBigLil(this.magnitude, One.magnitude), true);
+
+            return AddToMagnitude(One.magnitude);
+        }
+
+        public int IntValue
+        {
+            get
+            {
+                if (sign == 0)
+                    return 0;
+
+                int n = magnitude.Length;
+
+                int v = magnitude[n - 1];
+
+                return sign < 0 ? -v : v;
+            }
+        }
+
+        /**
+         * return whether or not a BigInteger is probably prime with a
+         * probability of 1 - (1/2)**certainty.
+         * <p>From Knuth Vol 2, pg 395.</p>
+         */
+        public bool IsProbablePrime(int certainty)
+        {
+            return IsProbablePrime(certainty, false);
+        }
+
+        internal bool IsProbablePrime(int certainty, bool randomlySelected)
+        {
+            if (certainty <= 0)
+                return true;
+
+            BigInteger n = Abs();
+
+            if (!n.TestBit(0))
+                return n.Equals(Two);
+
+            if (n.Equals(One))
+                return false;
+
+            return n.CheckProbablePrime(certainty, RandomSource, randomlySelected);
+        }
+
+        private bool CheckProbablePrime(int certainty, Random random, bool randomlySelected)
+        {
+            Debug.Assert(certainty > 0);
+            Debug.Assert(CompareTo(Two) > 0);
+            Debug.Assert(TestBit(0));
+
+
+            // Try to reduce the penalty for really small numbers
+            int numLists = System.Math.Min(BitLength - 1, primeLists.Length);
+
+            for (int i = 0; i < numLists; ++i)
+            {
+                int test = Remainder(primeProducts[i]);
+
+                int[] primeList = primeLists[i];
+                for (int j = 0; j < primeList.Length; ++j)
+                {
+                    int prime = primeList[j];
+                    int qRem = test % prime;
+                    if (qRem == 0)
+                    {
+                        // We may find small numbers in the list
+                        return BitLength < 16 && IntValue == prime;
+                    }
+                }
+            }
+
+
+            // TODO Special case for < 10^16 (RabinMiller fixed list)
+//			if (BitLength < 30)
+//			{
+//				RabinMiller against 2, 3, 5, 7, 11, 13, 23 is sufficient
+//			}
+
+
+            // TODO Is it worth trying to create a hybrid of these two?
+            return RabinMillerTest(certainty, random, randomlySelected);
+//			return SolovayStrassenTest(certainty, random);
+
+//			bool rbTest = RabinMillerTest(certainty, random);
+//			bool ssTest = SolovayStrassenTest(certainty, random);
+//
+//			Debug.Assert(rbTest == ssTest);
+//
+//			return rbTest;
+        }
+
+        public bool RabinMillerTest(int certainty, Random random)
+        {
+            return RabinMillerTest(certainty, random, false);
+        }
+
+        internal bool RabinMillerTest(int certainty, Random random, bool randomlySelected)
+        {
+            int bits = BitLength;
+
+            Debug.Assert(certainty > 0);
+            Debug.Assert(bits > 2);
+            Debug.Assert(TestBit(0));
+
+            int iterations = ((certainty - 1) / 2) + 1;
+            if (randomlySelected)
+            {
+                int itersFor100Cert = bits >= 1024 ?  4
+                                    : bits >= 512  ?  8
+                                    : bits >= 256  ? 16
+                                    : 50;
+
+                if (certainty < 100)
+                {
+                    iterations = System.Math.Min(itersFor100Cert, iterations);
+                }
+                else
+                {
+                    iterations -= 50;
+                    iterations += itersFor100Cert;
+                }
+            }
+
+            // let n = 1 + d . 2^s
+            BigInteger n = this;
+            int s = n.GetLowestSetBitMaskFirst(-1 << 1);
+            Debug.Assert(s >= 1);
+            BigInteger r = n.ShiftRight(s);
+
+            // NOTE: Avoid conversion to/from Montgomery form and check for R/-R as result instead
+
+            BigInteger montRadix = One.ShiftLeft(32 * n.magnitude.Length).Remainder(n);
+            BigInteger minusMontRadix = n.Subtract(montRadix);
+
+            do
+            {
+                BigInteger a;
+                do
+                {
+                    a = new BigInteger(n.BitLength, random);
+                }
+                while (a.sign == 0 || a.CompareTo(n) >= 0
+                    || a.IsEqualMagnitude(montRadix) || a.IsEqualMagnitude(minusMontRadix));
+
+                BigInteger y = ModPowMonty(a, r, n, false);
+
+                if (!y.Equals(montRadix))
+                {
+                    int j = 0;
+                    while (!y.Equals(minusMontRadix))
+                    {
+                        if (++j == s)
+                            return false;
+
+                        y = ModPowMonty(y, Two, n, false);
+
+                        if (y.Equals(montRadix))
+                            return false;
+                    }
+                }
+            }
+            while (--iterations > 0);
+
+            return true;
+        }
+
+//		private bool SolovayStrassenTest(
+//			int		certainty,
+//			Random	random)
+//		{
+//			Debug.Assert(certainty > 0);
+//			Debug.Assert(CompareTo(Two) > 0);
+//			Debug.Assert(TestBit(0));
+//
+//			BigInteger n = this;
+//			BigInteger nMinusOne = n.Subtract(One);
+//			BigInteger e = nMinusOne.ShiftRight(1);
+//
+//			do
+//			{
+//				BigInteger a;
+//				do
+//				{
+//					a = new BigInteger(nBitLength, random);
+//				}
+//				// NB: Spec says 0 < x < n, but 1 is trivial
+//				while (a.CompareTo(One) <= 0 || a.CompareTo(n) >= 0);
+//
+//
+//				// TODO Check this is redundant given the way Jacobi() works?
+////				if (!a.Gcd(n).Equals(One))
+////					return false;
+//
+//				int x = Jacobi(a, n);
+//
+//				if (x == 0)
+//					return false;
+//
+//				BigInteger check = a.ModPow(e, n);
+//
+//				if (x == 1 && !check.Equals(One))
+//					return false;
+//
+//				if (x == -1 && !check.Equals(nMinusOne))
+//					return false;
+//
+//				--certainty;
+//			}
+//			while (certainty > 0);
+//
+//			return true;
+//		}
+//
+//		private static int Jacobi(
+//			BigInteger	a,
+//			BigInteger	b)
+//		{
+//			Debug.Assert(a.sign >= 0);
+//			Debug.Assert(b.sign > 0);
+//			Debug.Assert(b.TestBit(0));
+//			Debug.Assert(a.CompareTo(b) < 0);
+//
+//			int totalS = 1;
+//			for (;;)
+//			{
+//				if (a.sign == 0)
+//					return 0;
+//
+//				if (a.Equals(One))
+//					break;
+//
+//				int e = a.GetLowestSetBit();
+//
+//				int bLsw = b.magnitude[b.magnitude.Length - 1];
+//				if ((e & 1) != 0 && ((bLsw & 7) == 3 || (bLsw & 7) == 5))
+//					totalS = -totalS;
+//
+//				// TODO Confirm this is faster than later a1.Equals(One) test
+//				if (a.BitLength == e + 1)
+//					break;
+//				BigInteger a1 = a.ShiftRight(e);
+////				if (a1.Equals(One))
+////					break;
+//
+//				int a1Lsw = a1.magnitude[a1.magnitude.Length - 1];
+//				if ((bLsw & 3) == 3 && (a1Lsw & 3) == 3)
+//					totalS = -totalS;
+//
+////				a = b.Mod(a1);
+//				a = b.Remainder(a1);
+//				b = a1;
+//			}
+//			return totalS;
+//		}
+
+        public long LongValue
+        {
+            get
+            {
+                if (sign == 0)
+                    return 0;
+
+                int n = magnitude.Length;
+
+                long v = magnitude[n - 1] & IMASK;
+                if (n > 1)
+                {
+                    v |= (magnitude[n - 2] & IMASK) << 32;
+                }
+
+                return sign < 0 ? -v : v;
+            }
+        }
+
+        public BigInteger Max(
+            BigInteger value)
+        {
+            return CompareTo(value) > 0 ? this : value;
+        }
+
+        public BigInteger Min(
+            BigInteger value)
+        {
+            return CompareTo(value) < 0 ? this : value;
+        }
+
+        public BigInteger Mod(
+            BigInteger m)
+        {
+            if (m.sign < 1)
+                throw new ArithmeticException("Modulus must be positive");
+
+            BigInteger biggie = Remainder(m);
+
+            return (biggie.sign >= 0 ? biggie : biggie.Add(m));
+        }
+
+        public BigInteger ModInverse(
+            BigInteger m)
+        {
+            if (m.sign < 1)
+                throw new ArithmeticException("Modulus must be positive");
+
+            // TODO Too slow at the moment
+//			// "Fast Key Exchange with Elliptic Curve Systems" R.Schoeppel
+//			if (m.TestBit(0))
+//			{
+//				//The Almost Inverse Algorithm
+//				int k = 0;
+//				BigInteger B = One, C = Zero, F = this, G = m, tmp;
+//
+//				for (;;)
+//				{
+//					// While F is even, do F=F/u, C=C*u, k=k+1.
+//					int zeroes = F.GetLowestSetBit();
+//					if (zeroes > 0)
+//					{
+//						F = F.ShiftRight(zeroes);
+//						C = C.ShiftLeft(zeroes);
+//						k += zeroes;
+//					}
+//
+//					// If F = 1, then return B,k.
+//					if (F.Equals(One))
+//					{
+//						BigInteger half = m.Add(One).ShiftRight(1);
+//						BigInteger halfK = half.ModPow(BigInteger.ValueOf(k), m);
+//						return B.Multiply(halfK).Mod(m);
+//					}
+//
+//					if (F.CompareTo(G) < 0)
+//					{
+//						tmp = G; G = F; F = tmp;
+//						tmp = B; B = C; C = tmp;
+//					}
+//
+//					F = F.Add(G);
+//					B = B.Add(C);
+//				}
+//			}
+
+            if (m.QuickPow2Check())
+            {
+                return ModInversePow2(m);
+            }
+
+            BigInteger d = this.Remainder(m);
+            BigInteger x;
+            BigInteger gcd = ExtEuclid(d, m, out x);
+
+            if (!gcd.Equals(One))
+                throw new ArithmeticException("Numbers not relatively prime.");
+
+            if (x.sign < 0)
+            {
+                x = x.Add(m);
+            }
+
+            return x;
+        }
+
+        private BigInteger ModInversePow2(BigInteger m)
+        {
+            Debug.Assert(m.SignValue > 0);
+            Debug.Assert(m.BitCount == 1);
+
+            if (!TestBit(0))
+            {
+                throw new ArithmeticException("Numbers not relatively prime.");
+            }
+
+            int pow = m.BitLength - 1;
+
+            long inv64 = ModInverse64(LongValue);
+            if (pow < 64)
+            {
+                inv64 &= ((1L << pow) - 1);
+            }
+
+            BigInteger x = BigInteger.ValueOf(inv64);
+
+            if (pow > 64)
+            {
+                BigInteger d = this.Remainder(m);
+                int bitsCorrect = 64;
+
+                do
+                {
+                    BigInteger t = x.Multiply(d).Remainder(m);
+                    x = x.Multiply(Two.Subtract(t)).Remainder(m);
+                    bitsCorrect <<= 1;
+                }
+                while (bitsCorrect < pow);
+            }
+
+            if (x.sign < 0)
+            {
+                x = x.Add(m);
+            }
+
+            return x;
+        }
+
+        private static int ModInverse32(int d)
+        {
+            // Newton's method with initial estimate "correct to 4 bits"
+            Debug.Assert((d & 1) != 0);
+            int x = d + (((d + 1) & 4) << 1);   // d.x == 1 mod 2**4
+            Debug.Assert(((d * x) & 15) == 1);
+            x *= 2 - d * x;                     // d.x == 1 mod 2**8
+            x *= 2 - d * x;                     // d.x == 1 mod 2**16
+            x *= 2 - d * x;                     // d.x == 1 mod 2**32
+            Debug.Assert(d * x == 1);
+            return x;
+        }
+
+        private static long ModInverse64(long d)
+        {
+            // Newton's method with initial estimate "correct to 4 bits"
+            Debug.Assert((d & 1L) != 0);
+            long x = d + (((d + 1L) & 4L) << 1);    // d.x == 1 mod 2**4
+            Debug.Assert(((d * x) & 15L) == 1L);
+            x *= 2 - d * x;                         // d.x == 1 mod 2**8
+            x *= 2 - d * x;                         // d.x == 1 mod 2**16
+            x *= 2 - d * x;                         // d.x == 1 mod 2**32
+            x *= 2 - d * x;                         // d.x == 1 mod 2**64
+            Debug.Assert(d * x == 1L);
+            return x;
+        }
+
+        /**
+         * Calculate the numbers u1, u2, and u3 such that:
+         *
+         * u1 * a + u2 * b = u3
+         *
+         * where u3 is the greatest common divider of a and b.
+         * a and b using the extended Euclid algorithm (refer p. 323
+         * of The Art of Computer Programming vol 2, 2nd ed).
+         * This also seems to have the side effect of calculating
+         * some form of multiplicative inverse.
+         *
+         * @param a    First number to calculate gcd for
+         * @param b    Second number to calculate gcd for
+         * @param u1Out      the return object for the u1 value
+         * @return     The greatest common divisor of a and b
+         */
+        private static BigInteger ExtEuclid(BigInteger a, BigInteger b, out BigInteger u1Out)
+        {
+            BigInteger u1 = One, v1 = Zero;
+            BigInteger u3 = a, v3 = b;
+
+            if (v3.sign > 0)
+            {
+                for (;;)
+                {
+                    BigInteger[] q = u3.DivideAndRemainder(v3);
+                    u3 = v3;
+                    v3 = q[1];
+
+                    BigInteger oldU1 = u1;
+                    u1 = v1;
+
+                    if (v3.sign <= 0)
+                        break;
+
+                    v1 = oldU1.Subtract(v1.Multiply(q[0]));
+                }
+            }
+
+            u1Out = u1;
+
+            return u3;
+        }
+
+        private static void ZeroOut(
+            int[] x)
+        {
+            Array.Clear(x, 0, x.Length);
+        }
+
+        public BigInteger ModPow(BigInteger e, BigInteger m)
+        {
+            if (m.sign < 1)
+                throw new ArithmeticException("Modulus must be positive");
+
+            if (m.Equals(One))
+                return Zero;
+
+            if (e.sign == 0)
+                return One;
+
+            if (sign == 0)
+                return Zero;
+
+            bool negExp = e.sign < 0;
+            if (negExp)
+                e = e.Negate();
+
+            BigInteger result = this.Mod(m);
+            if (!e.Equals(One))
+            {
+                if ((m.magnitude[m.magnitude.Length - 1] & 1) == 0)
+                {
+                    result = ModPowBarrett(result, e, m);
+                }
+                else
+                {
+                    result = ModPowMonty(result, e, m, true);
+                }
+            }
+
+            if (negExp)
+                result = result.ModInverse(m);
+
+            return result;
+        }
+
+        private static BigInteger ModPowBarrett(BigInteger b, BigInteger e, BigInteger m)
+        {
+            int k = m.magnitude.Length;
+            BigInteger mr = One.ShiftLeft((k + 1) << 5);
+            BigInteger yu = One.ShiftLeft(k << 6).Divide(m);
+
+            // Sliding window from MSW to LSW
+            int extraBits = 0, expLength = e.BitLength;
+            while (expLength > ExpWindowThresholds[extraBits])
+            {
+                ++extraBits;
+            }
+
+            int numPowers = 1 << extraBits;
+            BigInteger[] oddPowers = new BigInteger[numPowers];
+            oddPowers[0] = b;
+
+            BigInteger b2 = ReduceBarrett(b.Square(), m, mr, yu);
+
+            for (int i = 1; i < numPowers; ++i)
+            {
+                oddPowers[i] = ReduceBarrett(oddPowers[i - 1].Multiply(b2), m, mr, yu);
+            }
+
+            int[] windowList = GetWindowList(e.magnitude, extraBits);
+            Debug.Assert(windowList.Length > 0);
+
+            int window = windowList[0];
+            int mult = window & 0xFF, lastZeroes = window >> 8;
+
+            BigInteger y;
+            if (mult == 1)
+            {
+                y = b2;
+                --lastZeroes;
+            }
+            else
+            {
+                y = oddPowers[mult >> 1];
+            }
+
+            int windowPos = 1;
+            while ((window = windowList[windowPos++]) != -1)
+            {
+                mult = window & 0xFF;
+
+                int bits = lastZeroes + BitLengthTable[mult];
+                for (int j = 0; j < bits; ++j)
+                {
+                    y = ReduceBarrett(y.Square(), m, mr, yu);
+                }
+
+                y = ReduceBarrett(y.Multiply(oddPowers[mult >> 1]), m, mr, yu);
+
+                lastZeroes = window >> 8;
+            }
+
+            for (int i = 0; i < lastZeroes; ++i)
+            {
+                y = ReduceBarrett(y.Square(), m, mr, yu);
+            }
+
+            return y;
+        }
+
+        private static BigInteger ReduceBarrett(BigInteger x, BigInteger m, BigInteger mr, BigInteger yu)
+        {
+            int xLen = x.BitLength, mLen = m.BitLength;
+            if (xLen < mLen)
+                return x;
+
+            if (xLen - mLen > 1)
+            {
+                int k = m.magnitude.Length;
+
+                BigInteger q1 = x.DivideWords(k - 1);
+                BigInteger q2 = q1.Multiply(yu); // TODO Only need partial multiplication here
+                BigInteger q3 = q2.DivideWords(k + 1);
+
+                BigInteger r1 = x.RemainderWords(k + 1);
+                BigInteger r2 = q3.Multiply(m); // TODO Only need partial multiplication here
+                BigInteger r3 = r2.RemainderWords(k + 1);
+
+                x = r1.Subtract(r3);
+                if (x.sign < 0)
+                {
+                    x = x.Add(mr);
+                }
+            }
+
+            while (x.CompareTo(m) >= 0)
+            {
+                x = x.Subtract(m);
+            }
+
+            return x;
+        }
+
+        private static BigInteger ModPowMonty(BigInteger b, BigInteger e, BigInteger m, bool convert)
+        {
+            int n = m.magnitude.Length;
+            int powR = 32 * n;
+            bool smallMontyModulus = m.BitLength + 2 <= powR;
+            uint mDash = (uint)m.GetMQuote();
+
+            // tmp = this * R mod m
+            if (convert)
+            {
+                b = b.ShiftLeft(powR).Remainder(m);
+            }
+
+            int[] yAccum = new int[n + 1];
+
+            int[] zVal = b.magnitude;
+            Debug.Assert(zVal.Length <= n);
+            if (zVal.Length < n)
+            {
+                int[] tmp = new int[n];
+                zVal.CopyTo(tmp, n - zVal.Length);
+                zVal = tmp;
+            }
+
+            // Sliding window from MSW to LSW
+
+            int extraBits = 0;
+
+            // Filter the common case of small RSA exponents with few bits set
+            if (e.magnitude.Length > 1 || e.BitCount > 2)
+            {
+                int expLength = e.BitLength;
+                while (expLength > ExpWindowThresholds[extraBits])
+                {
+                    ++extraBits;
+                }
+            }
+
+            int numPowers = 1 << extraBits;
+            int[][] oddPowers = new int[numPowers][];
+            oddPowers[0] = zVal;
+
+            int[] zSquared = Arrays.Clone(zVal);
+            SquareMonty(yAccum, zSquared, m.magnitude, mDash, smallMontyModulus);
+
+            for (int i = 1; i < numPowers; ++i)
+            {
+                oddPowers[i] = Arrays.Clone(oddPowers[i - 1]);
+                MultiplyMonty(yAccum, oddPowers[i], zSquared, m.magnitude, mDash, smallMontyModulus);
+            }
+
+            int[] windowList = GetWindowList(e.magnitude, extraBits);
+            Debug.Assert(windowList.Length > 1);
+
+            int window = windowList[0];
+            int mult = window & 0xFF, lastZeroes = window >> 8;
+
+            int[] yVal;
+            if (mult == 1)
+            {
+                yVal = zSquared;
+                --lastZeroes;
+            }
+            else
+            {
+                yVal = Arrays.Clone(oddPowers[mult >> 1]);
+            }
+
+            int windowPos = 1;
+            while ((window = windowList[windowPos++]) != -1)
+            {
+                mult = window & 0xFF;
+
+                int bits = lastZeroes + BitLengthTable[mult];
+                for (int j = 0; j < bits; ++j)
+                {
+                    SquareMonty(yAccum, yVal, m.magnitude, mDash, smallMontyModulus);
+                }
+
+                MultiplyMonty(yAccum, yVal, oddPowers[mult >> 1], m.magnitude, mDash, smallMontyModulus);
+
+                lastZeroes = window >> 8;
+            }
+
+            for (int i = 0; i < lastZeroes; ++i)
+            {
+                SquareMonty(yAccum, yVal, m.magnitude, mDash, smallMontyModulus);
+            }
+
+            if (convert)
+            {
+                // Return y * R^(-1) mod m
+                MontgomeryReduce(yVal, m.magnitude, mDash);
+            }
+            else if (smallMontyModulus && CompareTo(0, yVal, 0, m.magnitude) >= 0)
+            {
+                Subtract(0, yVal, 0, m.magnitude);
+            }
+
+            return new BigInteger(1, yVal, true);
+        }
+
+        private static int[] GetWindowList(int[] mag, int extraBits)
+        {
+            int v = mag[0];
+            Debug.Assert(v != 0);
+
+            int leadingBits = BitLen(v);
+
+            int resultSize = (((mag.Length - 1) << 5) + leadingBits) / (1 + extraBits) + 2;
+            int[] result = new int[resultSize];
+            int resultPos = 0;
+
+            int bitPos = 33 - leadingBits;
+            v <<= bitPos;
+
+            int mult = 1, multLimit = 1 << extraBits;
+            int zeroes = 0;
+
+            int i = 0;
+            for (; ; )
+            {
+                for (; bitPos < 32; ++bitPos)
+                {
+                    if (mult < multLimit)
+                    {
+                        mult = (mult << 1) | (int)((uint)v >> 31);
+                    }
+                    else if (v < 0)
+                    {
+                        result[resultPos++] = CreateWindowEntry(mult, zeroes);
+                        mult = 1;
+                        zeroes = 0;
+                    }
+                    else
+                    {
+                        ++zeroes;
+                    }
+
+                    v <<= 1;
+                }
+
+                if (++i == mag.Length)
+                {
+                    result[resultPos++] = CreateWindowEntry(mult, zeroes);
+                    break;
+                }
+
+                v = mag[i];
+                bitPos = 0;
+            }
+
+            result[resultPos] = -1;
+            return result;
+        }
+
+        private static int CreateWindowEntry(int mult, int zeroes)
+        {
+            while ((mult & 1) == 0)
+            {
+                mult >>= 1;
+                ++zeroes;
+            }
+
+            return mult | (zeroes << 8);
+        }
+
+        /**
+         * return w with w = x * x - w is assumed to have enough space.
+         */
+        private static int[] Square(
+            int[]	w,
+            int[]	x)
+        {
+            // Note: this method allows w to be only (2 * x.Length - 1) words if result will fit
+//			if (w.Length != 2 * x.Length)
+//				throw new ArgumentException("no I don't think so...");
+
+            ulong c;
+
+            int wBase = w.Length - 1;
+
+            for (int i = x.Length - 1; i > 0; --i)
+            {
+                ulong v = (uint)x[i];
+
+                c = v * v + (uint)w[wBase];
+                w[wBase] = (int)c;
+                c >>= 32;
+
+                for (int j = i - 1; j >= 0; --j)
+                {
+                    ulong prod = v * (uint)x[j];
+
+                    c += ((uint)w[--wBase] & UIMASK) + ((uint)prod << 1);
+                    w[wBase] = (int)c;
+                    c = (c >> 32) + (prod >> 31);
+                }
+
+                c += (uint)w[--wBase];
+                w[wBase] = (int)c;
+
+                if (--wBase >= 0)
+                {
+                    w[wBase] = (int)(c >> 32);
+                }
+                else
+                {
+                    Debug.Assert((c >> 32) == 0);
+                }
+
+                wBase += i;
+            }
+
+            c = (uint)x[0];
+
+            c = c * c + (uint)w[wBase];
+            w[wBase] = (int)c;
+
+            if (--wBase >= 0)
+            {
+                w[wBase] += (int)(c >> 32);
+            }
+            else
+            {
+                Debug.Assert((c >> 32) == 0);
+            }
+
+            return w;
+        }
+
+        /**
+         * return x with x = y * z - x is assumed to have enough space.
+         */
+        private static int[] Multiply(int[]	x, int[] y, int[] z)
+        {
+            int i = z.Length;
+
+            if (i < 1)
+                return x;
+
+            int xBase = x.Length - y.Length;
+
+            do
+            {
+                long a = z[--i] & IMASK;
+                long val = 0;
+
+                if (a != 0)
+                {
+                    for (int j = y.Length - 1; j >= 0; j--)
+                    {
+                        val += a * (y[j] & IMASK) + (x[xBase + j] & IMASK);
+    
+                        x[xBase + j] = (int)val;
+    
+                        val = (long)((ulong)val >> 32);
+                    }
+                }
+
+                --xBase;
+
+                if (xBase >= 0)
+                {
+                    x[xBase] = (int)val;
+                }
+                else
+                {
+                    Debug.Assert(val == 0);
+                }
+            }
+            while (i > 0);
+
+            return x;
+        }
+
+        /**
+         * Calculate mQuote = -m^(-1) mod b with b = 2^32 (32 = word size)
+         */
+        private int GetMQuote()
+        {
+            if (mQuote != 0)
+            {
+                return mQuote; // already calculated
+            }
+
+            Debug.Assert(this.sign > 0);
+
+            int d = -magnitude[magnitude.Length - 1];
+
+            Debug.Assert((d & 1) != 0);
+
+            return mQuote = ModInverse32(d);
+        }
+
+        private static void MontgomeryReduce(int[] x, int[] m, uint mDash) // mDash = -m^(-1) mod b
+        {
+            // NOTE: Not a general purpose reduction (which would allow x up to twice the bitlength of m)
+            Debug.Assert(x.Length == m.Length);
+
+            int n = m.Length;
+
+            for (int i = n - 1; i >= 0; --i)
+            {
+                uint x0 = (uint)x[n - 1];
+                ulong t = x0 * mDash;
+
+                ulong carry = t * (uint)m[n - 1] + x0;
+                Debug.Assert((uint)carry == 0);
+                carry >>= 32;
+
+                for (int j = n - 2; j >= 0; --j)
+                {
+                    carry += t * (uint)m[j] + (uint)x[j];
+                    x[j + 1] = (int)carry;
+                    carry >>= 32;
+                }
+
+                x[0] = (int)carry;
+                Debug.Assert(carry >> 32 == 0);
+            }
+
+            if (CompareTo(0, x, 0, m) >= 0)
+            {
+                Subtract(0, x, 0, m);
+            }
+        }
+
+        /**
+         * Montgomery multiplication: a = x * y * R^(-1) mod m
+         * <br/>
+         * Based algorithm 14.36 of Handbook of Applied Cryptography.
+         * <br/>
+         * <li> m, x, y should have length n </li>
+         * <li> a should have length (n + 1) </li>
+         * <li> b = 2^32, R = b^n </li>
+         * <br/>
+         * The result is put in x
+         * <br/>
+         * NOTE: the indices of x, y, m, a different in HAC and in Java
+         */
+        private static void MultiplyMonty(int[]	a, int[] x, int[] y, int[] m, uint mDash, bool smallMontyModulus)
+            // mDash = -m^(-1) mod b
+        {
+            int n = m.Length;
+
+            if (n == 1)
+            {
+                x[0] = (int)MultiplyMontyNIsOne((uint)x[0], (uint)y[0], (uint)m[0], mDash);
+                return;
+            }
+
+            uint y0 = (uint)y[n - 1];
+            int aMax;
+
+            {
+                ulong xi = (uint)x[n - 1];
+
+                ulong carry = xi * y0;
+                ulong t = (uint)carry * mDash;
+
+                ulong prod2 = t * (uint)m[n - 1];
+                carry += (uint)prod2;
+                Debug.Assert((uint)carry == 0);
+                carry = (carry >> 32) + (prod2 >> 32);
+
+                for (int j = n - 2; j >= 0; --j)
+                {
+                    ulong prod1 = xi * (uint)y[j];
+                    prod2 = t * (uint)m[j];
+
+                    carry += (prod1 & UIMASK) + (uint)prod2;
+                    a[j + 2] = (int)carry;
+                    carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32);
+                }
+
+                a[1] = (int)carry;
+                aMax = (int)(carry >> 32);
+            }
+
+            for (int i = n - 2; i >= 0; --i)
+            {
+                uint a0 = (uint)a[n];
+                ulong xi = (uint)x[i];
+
+                ulong prod1 = xi * y0;
+                ulong carry = (prod1 & UIMASK) + a0;
+                ulong t = (uint)carry * mDash;
+
+                ulong prod2 = t * (uint)m[n - 1];
+                carry += (uint)prod2;
+                Debug.Assert((uint)carry == 0);
+                carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32);
+
+                for (int j = n - 2; j >= 0; --j)
+                {
+                    prod1 = xi * (uint)y[j];
+                    prod2 = t * (uint)m[j];
+
+                    carry += (prod1 & UIMASK) + (uint)prod2 + (uint)a[j + 1];
+                    a[j + 2] = (int)carry;
+                    carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32);
+                }
+
+                carry += (uint)aMax;
+                a[1] = (int)carry;
+                aMax = (int)(carry >> 32);
+            }
+
+            a[0] = aMax;
+
+            if (!smallMontyModulus && CompareTo(0, a, 0, m) >= 0)
+            {
+                Subtract(0, a, 0, m);
+            }
+
+            Array.Copy(a, 1, x, 0, n);
+        }
+
+        private static void SquareMonty(int[] a, int[] x, int[] m, uint mDash, bool smallMontyModulus)
+            // mDash = -m^(-1) mod b
+        {
+            int n = m.Length;
+
+            if (n == 1)
+            {
+                uint xVal = (uint)x[0];
+                x[0] = (int)MultiplyMontyNIsOne(xVal, xVal, (uint)m[0], mDash);
+                return;
+            }
+
+            ulong x0 = (uint)x[n - 1];
+            int aMax;
+
+            {
+                ulong carry = x0 * x0;
+                ulong t = (uint)carry * mDash;
+
+                ulong prod2 = t * (uint)m[n - 1];
+                carry += (uint)prod2;
+                Debug.Assert((uint)carry == 0);
+                carry = (carry >> 32) + (prod2 >> 32);
+
+                for (int j = n - 2; j >= 0; --j)
+                {
+                    ulong prod1 = x0 * (uint)x[j];
+                    prod2 = t * (uint)m[j];
+
+                    carry += (prod2 & UIMASK) + ((uint)prod1 << 1);
+                    a[j + 2] = (int)carry;
+                    carry = (carry >> 32) + (prod1 >> 31) + (prod2 >> 32);
+                }
+
+                a[1] = (int)carry;
+                aMax = (int)(carry >> 32);
+            }
+
+            for (int i = n - 2; i >= 0; --i)
+            {
+                uint a0 = (uint)a[n];
+                ulong t = a0 * mDash;
+
+                ulong carry = t * (uint)m[n - 1] + a0;
+                Debug.Assert((uint)carry == 0);
+                carry >>= 32;
+
+                for (int j = n - 2; j > i; --j)
+                {
+                    carry += t * (uint)m[j] + (uint)a[j + 1];
+                    a[j + 2] = (int)carry;
+                    carry >>= 32;
+                }
+
+                ulong xi = (uint)x[i];
+
+                {
+                    ulong prod1 = xi * xi;
+                    ulong prod2 = t * (uint)m[i];
+
+                    carry += (prod1 & UIMASK) + (uint)prod2 + (uint)a[i + 1];
+                    a[i + 2] = (int)carry;
+                    carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32);
+                }
+
+                for (int j = i - 1; j >= 0; --j)
+                {
+                    ulong prod1 = xi * (uint)x[j];
+                    ulong prod2 = t * (uint)m[j];
+
+                    carry += (prod2 & UIMASK) + ((uint)prod1 << 1) + (uint)a[j + 1];
+                    a[j + 2] = (int)carry;
+                    carry = (carry >> 32) + (prod1 >> 31) + (prod2 >> 32);
+                }
+
+                carry += (uint)aMax;
+                a[1] = (int)carry;
+                aMax = (int)(carry >> 32);
+            }
+
+            a[0] = aMax;
+
+            if (!smallMontyModulus && CompareTo(0, a, 0, m) >= 0)
+            {
+                Subtract(0, a, 0, m);
+            }
+
+            Array.Copy(a, 1, x, 0, n);
+        }
+
+        private static uint MultiplyMontyNIsOne(uint x, uint y, uint m, uint mDash)
+        {
+            ulong carry = (ulong)x * y;
+            uint t = (uint)carry * mDash;
+            ulong um = m;
+            ulong prod2 = um * t;
+            carry += (uint)prod2;
+            Debug.Assert((uint)carry == 0);
+            carry = (carry >> 32) + (prod2 >> 32);
+            if (carry > um)
+            {
+                carry -= um;
+            }
+            Debug.Assert(carry < um);
+            return (uint)carry;
+        }
+
+        public BigInteger Multiply(
+            BigInteger val)
+        {
+            if (val == this)
+                return Square();
+
+            if ((sign & val.sign) == 0)
+                return Zero;
+
+            if (val.QuickPow2Check()) // val is power of two
+            {
+                BigInteger result = this.ShiftLeft(val.Abs().BitLength - 1);
+                return val.sign > 0 ? result : result.Negate();
+            }
+
+            if (this.QuickPow2Check()) // this is power of two
+            {
+                BigInteger result = val.ShiftLeft(this.Abs().BitLength - 1);
+                return this.sign > 0 ? result : result.Negate();
+            }
+
+            int resLength = magnitude.Length + val.magnitude.Length;
+            int[] res = new int[resLength];
+
+            Multiply(res, this.magnitude, val.magnitude);
+
+            int resSign = sign ^ val.sign ^ 1;
+            return new BigInteger(resSign, res, true);
+        }
+
+        public BigInteger Square()
+        {
+            if (sign == 0)
+                return Zero;
+            if (this.QuickPow2Check())
+                return ShiftLeft(Abs().BitLength - 1);
+            int resLength = magnitude.Length << 1;
+            if ((uint)magnitude[0] >> 16 == 0)
+                --resLength;
+            int[] res = new int[resLength];
+            Square(res, magnitude);
+            return new BigInteger(1, res, false);
+        }
+
+        public BigInteger Negate()
+        {
+            if (sign == 0)
+                return this;
+
+            return new BigInteger(-sign, magnitude, false);
+        }
+
+        public BigInteger NextProbablePrime()
+        {
+            if (sign < 0)
+                throw new ArithmeticException("Cannot be called on value < 0");
+
+            if (CompareTo(Two) < 0)
+                return Two;
+
+            BigInteger n = Inc().SetBit(0);
+
+            while (!n.CheckProbablePrime(100, RandomSource, false))
+            {
+                n = n.Add(Two);
+            }
+
+            return n;
+        }
+
+        public BigInteger Not()
+        {
+            return Inc().Negate();
+        }
+
+        public BigInteger Pow(int exp)
+        {
+            if (exp <= 0)
+            {
+                if (exp < 0)
+                    throw new ArithmeticException("Negative exponent");
+
+                return One;
+            }
+
+            if (sign == 0)
+            {
+                return this;
+            }
+
+            if (QuickPow2Check())
+            {
+                long powOf2 = (long)exp * (BitLength - 1);
+                if (powOf2 > Int32.MaxValue)
+                {
+                    throw new ArithmeticException("Result too large");
+                }
+                return One.ShiftLeft((int)powOf2); 
+            }
+
+            BigInteger y = One;
+            BigInteger z = this;
+
+            for (;;)
+            {
+                if ((exp & 0x1) == 1)
+                {
+                    y = y.Multiply(z);
+                }
+                exp >>= 1;
+                if (exp == 0) break;
+                z = z.Multiply(z);
+            }
+
+            return y;
+        }
+
+        public static BigInteger ProbablePrime(
+            int bitLength,
+            Random random)
+        {
+            return new BigInteger(bitLength, 100, random);
+        }
+
+        private int Remainder(
+            int m)
+        {
+            Debug.Assert(m > 0);
+
+            long acc = 0;
+            for (int pos = 0; pos < magnitude.Length; ++pos)
+            {
+                long posVal = (uint) magnitude[pos];
+                acc = (acc << 32 | posVal) % m;
+            }
+
+            return (int) acc;
+        }
+
+        /**
+         * return x = x % y - done in place (y value preserved)
+         */
+        private static int[] Remainder(
+            int[] x,
+            int[] y)
+        {
+            int xStart = 0;
+            while (xStart < x.Length && x[xStart] == 0)
+            {
+                ++xStart;
+            }
+
+            int yStart = 0;
+            while (yStart < y.Length && y[yStart] == 0)
+            {
+                ++yStart;
+            }
+
+            Debug.Assert(yStart < y.Length);
+
+            int xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y);
+
+            if (xyCmp > 0)
+            {
+                int yBitLength = CalcBitLength(1, yStart, y);
+                int xBitLength = CalcBitLength(1, xStart, x);
+                int shift = xBitLength - yBitLength;
+
+                int[] c;
+                int cStart = 0;
+                int cBitLength = yBitLength;
+                if (shift > 0)
+                {
+                    c = ShiftLeft(y, shift);
+                    cBitLength += shift;
+                    Debug.Assert(c[0] != 0);
+                }
+                else
+                {
+                    int len = y.Length - yStart;
+                    c = new int[len];
+                    Array.Copy(y, yStart, c, 0, len);
+                }
+
+                for (;;)
+                {
+                    if (cBitLength < xBitLength
+                        || CompareNoLeadingZeroes(xStart, x, cStart, c) >= 0)
+                    {
+                        Subtract(xStart, x, cStart, c);
+
+                        while (x[xStart] == 0)
+                        {
+                            if (++xStart == x.Length)
+                                return x;
+                        }
+
+                        //xBitLength = CalcBitLength(xStart, x);
+                        xBitLength = 32 * (x.Length - xStart - 1) + BitLen(x[xStart]);
+
+                        if (xBitLength <= yBitLength)
+                        {
+                            if (xBitLength < yBitLength)
+                                return x;
+
+                            xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y);
+
+                            if (xyCmp <= 0)
+                                break;
+                        }
+                    }
+
+                    shift = cBitLength - xBitLength;
+
+                    // NB: The case where c[cStart] is 1-bit is harmless
+                    if (shift == 1)
+                    {
+                        uint firstC = (uint) c[cStart] >> 1;
+                        uint firstX = (uint) x[xStart];
+                        if (firstC > firstX)
+                            ++shift;
+                    }
+
+                    if (shift < 2)
+                    {
+                        ShiftRightOneInPlace(cStart, c);
+                        --cBitLength;
+                    }
+                    else
+                    {
+                        ShiftRightInPlace(cStart, c, shift);
+                        cBitLength -= shift;
+                    }
+
+                    //cStart = c.Length - ((cBitLength + 31) / 32);
+                    while (c[cStart] == 0)
+                    {
+                        ++cStart;
+                    }
+                }
+            }
+
+            if (xyCmp == 0)
+            {
+                Array.Clear(x, xStart, x.Length - xStart);
+            }
+
+            return x;
+        }
+
+        public BigInteger Remainder(
+            BigInteger n)
+        {
+            if (n.sign == 0)
+                throw new ArithmeticException("Division by zero error");
+
+            if (this.sign == 0)
+                return Zero;
+
+            // For small values, use fast remainder method
+            if (n.magnitude.Length == 1)
+            {
+                int val = n.magnitude[0];
+
+                if (val > 0)
+                {
+                    if (val == 1)
+                        return Zero;
+
+                    // TODO Make this func work on uint, and handle val == 1?
+                    int rem = Remainder(val);
+
+                    return rem == 0
+                        ?	Zero
+                        :	new BigInteger(sign, new int[]{ rem }, false);
+                }
+            }
+
+            if (CompareNoLeadingZeroes(0, magnitude, 0, n.magnitude) < 0)
+                return this;
+
+            int[] result;
+            if (n.QuickPow2Check())  // n is power of two
+            {
+                // TODO Move before small values branch above?
+                result = LastNBits(n.Abs().BitLength - 1);
+            }
+            else
+            {
+                result = (int[]) this.magnitude.Clone();
+                result = Remainder(result, n.magnitude);
+            }
+
+            return new BigInteger(sign, result, true);
+        }
+
+        private int[] LastNBits(
+            int n)
+        {
+            if (n < 1)
+                return ZeroMagnitude;
+
+            int numWords = (n + BitsPerInt - 1) / BitsPerInt;
+            numWords = System.Math.Min(numWords, this.magnitude.Length);
+            int[] result = new int[numWords];
+
+            Array.Copy(this.magnitude, this.magnitude.Length - numWords, result, 0, numWords);
+
+            int excessBits = (numWords << 5) - n;
+            if (excessBits > 0)
+            {
+                result[0] &= (int)(UInt32.MaxValue >> excessBits);
+            }
+
+            return result;
+        }
+
+        private BigInteger DivideWords(int w)
+        {
+            Debug.Assert(w >= 0);
+            int n = magnitude.Length;
+            if (w >= n)
+                return Zero;
+            int[] mag = new int[n - w];
+            Array.Copy(magnitude, 0, mag, 0, n - w);
+            return new BigInteger(sign, mag, false);
+        }
+
+        private BigInteger RemainderWords(int w)
+        {
+            Debug.Assert(w >= 0);
+            int n = magnitude.Length;
+            if (w >= n)
+                return this;
+            int[] mag = new int[w];
+            Array.Copy(magnitude, n - w, mag, 0, w);
+            return new BigInteger(sign, mag, false);
+        }
+
+        /**
+         * do a left shift - this returns a new array.
+         */
+        private static int[] ShiftLeft(
+            int[]	mag,
+            int		n)
+        {
+            int nInts = (int)((uint)n >> 5);
+            int nBits = n & 0x1f;
+            int magLen = mag.Length;
+            int[] newMag;
+
+            if (nBits == 0)
+            {
+                newMag = new int[magLen + nInts];
+                mag.CopyTo(newMag, 0);
+            }
+            else
+            {
+                int i = 0;
+                int nBits2 = 32 - nBits;
+                int highBits = (int)((uint)mag[0] >> nBits2);
+
+                if (highBits != 0)
+                {
+                    newMag = new int[magLen + nInts + 1];
+                    newMag[i++] = highBits;
+                }
+                else
+                {
+                    newMag = new int[magLen + nInts];
+                }
+
+                int m = mag[0];
+                for (int j = 0; j < magLen - 1; j++)
+                {
+                    int next = mag[j + 1];
+
+                    newMag[i++] = (m << nBits) | (int)((uint)next >> nBits2);
+                    m = next;
+                }
+
+                newMag[i] = mag[magLen - 1] << nBits;
+            }
+
+            return newMag;
+        }
+
+        private static int ShiftLeftOneInPlace(int[] x, int carry)
+        {
+            Debug.Assert(carry == 0 || carry == 1);
+            int pos = x.Length;
+            while (--pos >= 0)
+            {
+                uint val = (uint)x[pos];
+                x[pos] = (int)(val << 1) | carry;
+                carry = (int)(val >> 31);
+            }
+            return carry;
+        }
+
+        public BigInteger ShiftLeft(
+            int n)
+        {
+            if (sign == 0 || magnitude.Length == 0)
+                return Zero;
+
+            if (n == 0)
+                return this;
+
+            if (n < 0)
+                return ShiftRight(-n);
+
+            BigInteger result = new BigInteger(sign, ShiftLeft(magnitude, n), true);
+
+            if (this.nBits != -1)
+            {
+                result.nBits = sign > 0
+                    ?	this.nBits
+                    :	this.nBits + n;
+            }
+
+            if (this.nBitLength != -1)
+            {
+                result.nBitLength = this.nBitLength + n;
+            }
+
+            return result;
+        }
+
+        /**
+         * do a right shift - this does it in place.
+         */
+        private static void ShiftRightInPlace(
+            int		start,
+            int[]	mag,
+            int		n)
+        {
+            int nInts = (int)((uint)n >> 5) + start;
+            int nBits = n & 0x1f;
+            int magEnd = mag.Length - 1;
+
+            if (nInts != start)
+            {
+                int delta = (nInts - start);
+
+                for (int i = magEnd; i >= nInts; i--)
+                {
+                    mag[i] = mag[i - delta];
+                }
+                for (int i = nInts - 1; i >= start; i--)
+                {
+                    mag[i] = 0;
+                }
+            }
+
+            if (nBits != 0)
+            {
+                int nBits2 = 32 - nBits;
+                int m = mag[magEnd];
+
+                for (int i = magEnd; i > nInts; --i)
+                {
+                    int next = mag[i - 1];
+
+                    mag[i] = (int)((uint)m >> nBits) | (next << nBits2);
+                    m = next;
+                }
+
+                mag[nInts] = (int)((uint)mag[nInts] >> nBits);
+            }
+        }
+
+        /**
+         * do a right shift by one - this does it in place.
+         */
+        private static void ShiftRightOneInPlace(
+            int		start,
+            int[]	mag)
+        {
+            int i = mag.Length;
+            int m = mag[i - 1];
+
+            while (--i > start)
+            {
+                int next = mag[i - 1];
+                mag[i] = ((int)((uint)m >> 1)) | (next << 31);
+                m = next;
+            }
+
+            mag[start] = (int)((uint)mag[start] >> 1);
+        }
+
+        public BigInteger ShiftRight(
+            int n)
+        {
+            if (n == 0)
+                return this;
+
+            if (n < 0)
+                return ShiftLeft(-n);
+
+            if (n >= BitLength)
+                return (this.sign < 0 ? One.Negate() : Zero);
+
+//			int[] res = (int[]) this.magnitude.Clone();
+//
+//			ShiftRightInPlace(0, res, n);
+//
+//			return new BigInteger(this.sign, res, true);
+
+            int resultLength = (BitLength - n + 31) >> 5;
+            int[] res = new int[resultLength];
+
+            int numInts = n >> 5;
+            int numBits = n & 31;
+
+            if (numBits == 0)
+            {
+                Array.Copy(this.magnitude, 0, res, 0, res.Length);
+            }
+            else
+            {
+                int numBits2 = 32 - numBits;
+
+                int magPos = this.magnitude.Length - 1 - numInts;
+                for (int i = resultLength - 1; i >= 0; --i)
+                {
+                    res[i] = (int)((uint) this.magnitude[magPos--] >> numBits);
+
+                    if (magPos >= 0)
+                    {
+                        res[i] |= this.magnitude[magPos] << numBits2;
+                    }
+                }
+            }
+
+            Debug.Assert(res[0] != 0);
+
+            return new BigInteger(this.sign, res, false);
+        }
+
+        public int SignValue
+        {
+            get { return sign; }
+        }
+
+        /**
+         * returns x = x - y - we assume x is >= y
+         */
+        private static int[] Subtract(
+            int		xStart,
+            int[]	x,
+            int		yStart,
+            int[]	y)
+        {
+            Debug.Assert(yStart < y.Length);
+            Debug.Assert(x.Length - xStart >= y.Length - yStart);
+
+            int iT = x.Length;
+            int iV = y.Length;
+            long m;
+            int borrow = 0;
+
+            do
+            {
+                m = (x[--iT] & IMASK) - (y[--iV] & IMASK) + borrow;
+                x[iT] = (int) m;
+
+//				borrow = (m < 0) ? -1 : 0;
+                borrow = (int)(m >> 63);
+            }
+            while (iV > yStart);
+
+            if (borrow != 0)
+            {
+                while (--x[--iT] == -1)
+                {
+                }
+            }
+
+            return x;
+        }
+
+        public BigInteger Subtract(
+            BigInteger n)
+        {
+            if (n.sign == 0)
+                return this;
+
+            if (this.sign == 0)
+                return n.Negate();
+
+            if (this.sign != n.sign)
+                return Add(n.Negate());
+
+            int compare = CompareNoLeadingZeroes(0, magnitude, 0, n.magnitude);
+            if (compare == 0)
+                return Zero;
+
+            BigInteger bigun, lilun;
+            if (compare < 0)
+            {
+                bigun = n;
+                lilun = this;
+            }
+            else
+            {
+                bigun = this;
+                lilun = n;
+            }
+
+            return new BigInteger(this.sign * compare, doSubBigLil(bigun.magnitude, lilun.magnitude), true);
+        }
+
+        private static int[] doSubBigLil(
+            int[]	bigMag,
+            int[]	lilMag)
+        {
+            int[] res = (int[]) bigMag.Clone();
+
+            return Subtract(0, res, 0, lilMag);
+        }
+
+        public byte[] ToByteArray()
+        {
+            return ToByteArray(false);
+        }
+
+        public byte[] ToByteArrayUnsigned()
+        {
+            return ToByteArray(true);
+        }
+
+        private byte[] ToByteArray(
+            bool unsigned)
+        {
+            if (sign == 0)
+                return unsigned ? ZeroEncoding : new byte[1];
+
+            int nBits = (unsigned && sign > 0)
+                ?	BitLength
+                :	BitLength + 1;
+
+            int nBytes = GetByteLength(nBits);
+            byte[] bytes = new byte[nBytes];
+
+            int magIndex = magnitude.Length;
+            int bytesIndex = bytes.Length;
+
+            if (sign > 0)
+            {
+                while (magIndex > 1)
+                {
+                    uint mag = (uint) magnitude[--magIndex];
+                    bytes[--bytesIndex] = (byte) mag;
+                    bytes[--bytesIndex] = (byte)(mag >> 8);
+                    bytes[--bytesIndex] = (byte)(mag >> 16);
+                    bytes[--bytesIndex] = (byte)(mag >> 24);
+                }
+
+                uint lastMag = (uint) magnitude[0];
+                while (lastMag > byte.MaxValue)
+                {
+                    bytes[--bytesIndex] = (byte) lastMag;
+                    lastMag >>= 8;
+                }
+
+                bytes[--bytesIndex] = (byte) lastMag;
+            }
+            else // sign < 0
+            {
+                bool carry = true;
+
+                while (magIndex > 1)
+                {
+                    uint mag = ~((uint) magnitude[--magIndex]);
+
+                    if (carry)
+                    {
+                        carry = (++mag == uint.MinValue);
+                    }
+
+                    bytes[--bytesIndex] = (byte) mag;
+                    bytes[--bytesIndex] = (byte)(mag >> 8);
+                    bytes[--bytesIndex] = (byte)(mag >> 16);
+                    bytes[--bytesIndex] = (byte)(mag >> 24);
+                }
+
+                uint lastMag = (uint) magnitude[0];
+
+                if (carry)
+                {
+                    // Never wraps because magnitude[0] != 0
+                    --lastMag;
+                }
+
+                while (lastMag > byte.MaxValue)
+                {
+                    bytes[--bytesIndex] = (byte) ~lastMag;
+                    lastMag >>= 8;
+                }
+
+                bytes[--bytesIndex] = (byte) ~lastMag;
+
+                if (bytesIndex > 0)
+                {
+                    bytes[--bytesIndex] = byte.MaxValue;
+                }
+            }
+
+            return bytes;
+        }
+
+        public override string ToString()
+        {
+            return ToString(10);
+        }
+
+        public string ToString(int radix)
+        {
+            // TODO Make this method work for other radices (ideally 2 <= radix <= 36 as in Java)
+
+            switch (radix)
+            {
+                case 2:
+                case 8:
+                case 10:
+                case 16:
+                    break;
+                default:
+                    throw new FormatException("Only bases 2, 8, 10, 16 are allowed");
+            }
+
+            // NB: Can only happen to internally managed instances
+            if (magnitude == null)
+                return "null";
+
+            if (sign == 0)
+                return "0";
+
+
+            // NOTE: This *should* be unnecessary, since the magnitude *should* never have leading zero digits
+            int firstNonZero = 0;
+            while (firstNonZero < magnitude.Length)
+            {
+                if (magnitude[firstNonZero] != 0)
+                {
+                    break;
+                }
+                ++firstNonZero;
+            }
+
+            if (firstNonZero == magnitude.Length)
+            {
+                return "0";
+            }
+
+
+            StringBuilder sb = new StringBuilder();
+            if (sign == -1)
+            {
+                sb.Append('-');
+            }
+
+            switch (radix)
+            {
+            case 2:
+            {
+                int pos = firstNonZero;
+                sb.Append(Convert.ToString(magnitude[pos], 2));
+                while (++pos < magnitude.Length)
+                {
+                    AppendZeroExtendedString(sb, Convert.ToString(magnitude[pos], 2), 32);
+                }
+                break;
+            }
+            case 8:
+            {
+                int mask = (1 << 30) - 1;
+                BigInteger u = this.Abs();
+                int bits = u.BitLength;
+                IList S = Platform.CreateArrayList();
+                while (bits > 30)
+                {
+                    S.Add(Convert.ToString(u.IntValue & mask, 8));
+                    u = u.ShiftRight(30);
+                    bits -= 30;
+                }
+                sb.Append(Convert.ToString(u.IntValue, 8));
+                for (int i = S.Count - 1; i >= 0; --i)
+                {
+                    AppendZeroExtendedString(sb, (string)S[i], 10);
+                }
+                break;
+            }
+            case 16:
+            {
+                int pos = firstNonZero;
+                sb.Append(Convert.ToString(magnitude[pos], 16));
+                while (++pos < magnitude.Length)
+                {
+                    AppendZeroExtendedString(sb, Convert.ToString(magnitude[pos], 16), 8);
+                }
+                break;
+            }
+            // TODO This could work for other radices if there is an alternative to Convert.ToString method
+            //default:
+            case 10:
+            {
+                BigInteger q = this.Abs();
+                if (q.BitLength < 64)
+                {
+                    sb.Append(Convert.ToString(q.LongValue, radix));
+                    break;
+                }
+
+                // Based on algorithm 1a from chapter 4.4 in Seminumerical Algorithms (Knuth)
+
+                // Work out the largest power of 'rdx' that is a positive 64-bit integer
+                // TODO possibly cache power/exponent against radix?
+                long limit = Int64.MaxValue / radix;
+                long power = radix;
+                int exponent = 1;
+                while (power <= limit)
+                {
+                    power *= radix;
+                    ++exponent;
+                }
+
+                BigInteger bigPower = BigInteger.ValueOf(power);
+
+                IList S = Platform.CreateArrayList();
+                while (q.CompareTo(bigPower) >= 0)
+                {
+                    BigInteger[] qr = q.DivideAndRemainder(bigPower);
+                    S.Add(Convert.ToString(qr[1].LongValue, radix));
+                    q = qr[0];
+                }
+
+                sb.Append(Convert.ToString(q.LongValue, radix));
+                for (int i = S.Count - 1; i >= 0; --i)
+                {
+                    AppendZeroExtendedString(sb, (string)S[i], exponent);
+                }
+                break;
+            }
+            }
+
+            return sb.ToString();
+        }
+
+        private static void AppendZeroExtendedString(StringBuilder sb, string s, int minLength)
+        {
+            for (int len = s.Length; len < minLength; ++len)
+            {
+                sb.Append('0');
+            }
+            sb.Append(s);
+        }
+
+        private static BigInteger CreateUValueOf(
+            ulong value)
+        {
+            int msw = (int)(value >> 32);
+            int lsw = (int)value;
+
+            if (msw != 0)
+                return new BigInteger(1, new int[] { msw, lsw }, false);
+
+            if (lsw != 0)
+            {
+                BigInteger n = new BigInteger(1, new int[] { lsw }, false);
+                // Check for a power of two
+                if ((lsw & -lsw) == lsw)
+                {
+                    n.nBits = 1;
+                }
+                return n;
+            }
+
+            return Zero;
+        }
+
+        private static BigInteger CreateValueOf(
+            long value)
+        {
+            if (value < 0)
+            {
+                if (value == long.MinValue)
+                    return CreateValueOf(~value).Not();
+
+                return CreateValueOf(-value).Negate();
+            }
+
+            return CreateUValueOf((ulong)value);
+        }
+
+        public static BigInteger ValueOf(
+            long value)
+        {
+            if (value >= 0 && value < SMALL_CONSTANTS.Length)
+            {
+                return SMALL_CONSTANTS[value];
+            }
+
+            return CreateValueOf(value);
+        }
+
+        public int GetLowestSetBit()
+        {
+            if (this.sign == 0)
+                return -1;
+
+            return GetLowestSetBitMaskFirst(-1);
+        }
+
+        private int GetLowestSetBitMaskFirst(int firstWordMask)
+        {
+            int w = magnitude.Length, offset = 0;
+
+            uint word = (uint)(magnitude[--w] & firstWordMask);
+            Debug.Assert(magnitude[0] != 0);
+
+            while (word == 0)
+            {
+                word = (uint)magnitude[--w];
+                offset += 32;
+            }
+
+            while ((word & 0xFF) == 0)
+            {
+                word >>= 8;
+                offset += 8;
+            }
+
+            while ((word & 1) == 0)
+            {
+                word >>= 1;
+                ++offset;
+            }
+
+            return offset;
+        }
+
+        public bool TestBit(
+            int n)
+        {
+            if (n < 0)
+                throw new ArithmeticException("Bit position must not be negative");
+
+            if (sign < 0)
+                return !Not().TestBit(n);
+
+            int wordNum = n / 32;
+            if (wordNum >= magnitude.Length)
+                return false;
+
+            int word = magnitude[magnitude.Length - 1 - wordNum];
+            return ((word >> (n % 32)) & 1) > 0;
+        }
+
+        public BigInteger Or(
+            BigInteger value)
+        {
+            if (this.sign == 0)
+                return value;
+
+            if (value.sign == 0)
+                return this;
+
+            int[] aMag = this.sign > 0
+                ? this.magnitude
+                : Add(One).magnitude;
+
+            int[] bMag = value.sign > 0
+                ? value.magnitude
+                : value.Add(One).magnitude;
+
+            bool resultNeg = sign < 0 || value.sign < 0;
+            int resultLength = System.Math.Max(aMag.Length, bMag.Length);
+            int[] resultMag = new int[resultLength];
+
+            int aStart = resultMag.Length - aMag.Length;
+            int bStart = resultMag.Length - bMag.Length;
+
+            for (int i = 0; i < resultMag.Length; ++i)
+            {
+                int aWord = i >= aStart ? aMag[i - aStart] : 0;
+                int bWord = i >= bStart ? bMag[i - bStart] : 0;
+
+                if (this.sign < 0)
+                {
+                    aWord = ~aWord;
+                }
+
+                if (value.sign < 0)
+                {
+                    bWord = ~bWord;
+                }
+
+                resultMag[i] = aWord | bWord;
+
+                if (resultNeg)
+                {
+                    resultMag[i] = ~resultMag[i];
+                }
+            }
+
+            BigInteger result = new BigInteger(1, resultMag, true);
+
+            // TODO Optimise this case
+            if (resultNeg)
+            {
+                result = result.Not();
+            }
+
+            return result;
+        }
+
+        public BigInteger Xor(
+            BigInteger value)
+        {
+            if (this.sign == 0)
+                return value;
+
+            if (value.sign == 0)
+                return this;
+
+            int[] aMag = this.sign > 0
+                ? this.magnitude
+                : Add(One).magnitude;
+
+            int[] bMag = value.sign > 0
+                ? value.magnitude
+                : value.Add(One).magnitude;
+
+            // TODO Can just replace with sign != value.sign?
+            bool resultNeg = (sign < 0 && value.sign >= 0) || (sign >= 0 && value.sign < 0);
+            int resultLength = System.Math.Max(aMag.Length, bMag.Length);
+            int[] resultMag = new int[resultLength];
+
+            int aStart = resultMag.Length - aMag.Length;
+            int bStart = resultMag.Length - bMag.Length;
+
+            for (int i = 0; i < resultMag.Length; ++i)
+            {
+                int aWord = i >= aStart ? aMag[i - aStart] : 0;
+                int bWord = i >= bStart ? bMag[i - bStart] : 0;
+
+                if (this.sign < 0)
+                {
+                    aWord = ~aWord;
+                }
+
+                if (value.sign < 0)
+                {
+                    bWord = ~bWord;
+                }
+
+                resultMag[i] = aWord ^ bWord;
+
+                if (resultNeg)
+                {
+                    resultMag[i] = ~resultMag[i];
+                }
+            }
+
+            BigInteger result = new BigInteger(1, resultMag, true);
+
+            // TODO Optimise this case
+            if (resultNeg)
+            {
+                result = result.Not();
+            }
+
+            return result;
+        }
+
+        public BigInteger SetBit(
+            int n)
+        {
+            if (n < 0)
+                throw new ArithmeticException("Bit address less than zero");
+
+            if (TestBit(n))
+                return this;
+
+            // TODO Handle negative values and zero
+            if (sign > 0 && n < (BitLength - 1))
+                return FlipExistingBit(n);
+
+            return Or(One.ShiftLeft(n));
+        }
+
+        public BigInteger ClearBit(
+            int n)
+        {
+            if (n < 0)
+                throw new ArithmeticException("Bit address less than zero");
+
+            if (!TestBit(n))
+                return this;
+
+            // TODO Handle negative values
+            if (sign > 0 && n < (BitLength - 1))
+                return FlipExistingBit(n);
+
+            return AndNot(One.ShiftLeft(n));
+        }
+
+        public BigInteger FlipBit(
+            int n)
+        {
+            if (n < 0)
+                throw new ArithmeticException("Bit address less than zero");
+
+            // TODO Handle negative values and zero
+            if (sign > 0 && n < (BitLength - 1))
+                return FlipExistingBit(n);
+
+            return Xor(One.ShiftLeft(n));
+        }
+
+        private BigInteger FlipExistingBit(
+            int n)
+        {
+            Debug.Assert(sign > 0);
+            Debug.Assert(n >= 0);
+            Debug.Assert(n < BitLength - 1);
+
+            int[] mag = (int[]) this.magnitude.Clone();
+            mag[mag.Length - 1 - (n >> 5)] ^= (1 << (n & 31)); // Flip bit
+            //mag[mag.Length - 1 - (n / 32)] ^= (1 << (n % 32));
+            return new BigInteger(this.sign, mag, false);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/Primes.cs b/bc-sharp-crypto/src/math/Primes.cs
new file mode 100644
index 0000000..fb279f1
--- /dev/null
+++ b/bc-sharp-crypto/src/math/Primes.cs
@@ -0,0 +1,629 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math
+{
+    /**
+     * Utility methods for generating primes and testing for primality.
+     */
+    public abstract class Primes
+    {
+        public static readonly int SmallFactorLimit = 211;
+
+        private static readonly BigInteger One = BigInteger.One;
+        private static readonly BigInteger Two = BigInteger.Two;
+        private static readonly BigInteger Three = BigInteger.Three;
+
+        /**
+         * Used to return the output from the
+         * {@linkplain Primes#enhancedMRProbablePrimeTest(BigInteger, SecureRandom, int) Enhanced
+         * Miller-Rabin Probabilistic Primality Test}
+         */
+        public class MROutput
+        {
+            internal static MROutput ProbablyPrime()
+            {
+                return new MROutput(false, null);
+            }
+
+            internal static MROutput ProvablyCompositeWithFactor(BigInteger factor)
+            {
+                return new MROutput(true, factor);
+            }
+
+            internal static MROutput ProvablyCompositeNotPrimePower()
+            {
+                return new MROutput(true, null);
+            }
+
+            private readonly bool mProvablyComposite;
+            private readonly BigInteger mFactor;
+
+            private MROutput(bool provablyComposite, BigInteger factor)
+            {
+                this.mProvablyComposite = provablyComposite;
+                this.mFactor = factor;
+            }
+
+            public BigInteger Factor
+            {
+                get { return mFactor; }
+            }
+
+            public bool IsProvablyComposite
+            {
+                get { return mProvablyComposite; }
+            }
+
+            public bool IsNotPrimePower
+            {
+                get { return mProvablyComposite && mFactor == null; }
+            }
+        }
+
+        /**
+         * Used to return the output from the {@linkplain Primes#generateSTRandomPrime(Digest, int, byte[]) Shawe-Taylor Random_Prime Routine} 
+         */
+        public class STOutput
+        {
+            private readonly BigInteger mPrime;
+            private readonly byte[] mPrimeSeed;
+            private readonly int mPrimeGenCounter;
+
+            internal STOutput(BigInteger prime, byte[] primeSeed, int primeGenCounter)
+            {
+                this.mPrime = prime;
+                this.mPrimeSeed = primeSeed;
+                this.mPrimeGenCounter = primeGenCounter;
+            }
+
+            public BigInteger Prime
+            {
+                get { return mPrime; }
+            }
+
+            public byte[] PrimeSeed
+            {
+                get { return mPrimeSeed; }
+            }
+
+            public int PrimeGenCounter
+            {
+                get { return mPrimeGenCounter; }
+            }
+        }
+
+        /**
+         * FIPS 186-4 C.6 Shawe-Taylor Random_Prime Routine
+         * 
+         * Construct a provable prime number using a hash function.
+         * 
+         * @param hash
+         *            the {@link Digest} instance to use (as "Hash()"). Cannot be null.
+         * @param length
+         *            the length (in bits) of the prime to be generated. Must be at least 2.
+         * @param inputSeed
+         *            the seed to be used for the generation of the requested prime. Cannot be null or
+         *            empty.
+         * @return an {@link STOutput} instance containing the requested prime.
+         */
+        public static STOutput GenerateSTRandomPrime(IDigest hash, int length, byte[] inputSeed)
+        {
+            if (hash == null)
+                throw new ArgumentNullException("hash");
+            if (length < 2)
+                throw new ArgumentException("must be >= 2", "length");
+            if (inputSeed == null)
+                throw new ArgumentNullException("inputSeed");
+            if (inputSeed.Length == 0)
+                throw new ArgumentException("cannot be empty", "inputSeed");
+
+            return ImplSTRandomPrime(hash, length, Arrays.Clone(inputSeed));
+        }
+
+        /**
+         * FIPS 186-4 C.3.2 Enhanced Miller-Rabin Probabilistic Primality Test
+         * 
+         * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases. This is an
+         * alternative to {@link #isMRProbablePrime(BigInteger, SecureRandom, int)} that provides more
+         * information about a composite candidate, which may be useful when generating or validating
+         * RSA moduli.
+         * 
+         * @param candidate
+         *            the {@link BigInteger} instance to test for primality.
+         * @param random
+         *            the source of randomness to use to choose bases.
+         * @param iterations
+         *            the number of randomly-chosen bases to perform the test for.
+         * @return an {@link MROutput} instance that can be further queried for details.
+         */
+        public static MROutput EnhancedMRProbablePrimeTest(BigInteger candidate, SecureRandom random, int iterations)
+        {
+            CheckCandidate(candidate, "candidate");
+
+            if (random == null)
+                throw new ArgumentNullException("random");
+            if (iterations < 1)
+                throw new ArgumentException("must be > 0", "iterations");
+
+            if (candidate.BitLength == 2)
+                return MROutput.ProbablyPrime();
+
+            if (!candidate.TestBit(0))
+                return MROutput.ProvablyCompositeWithFactor(Two);
+
+            BigInteger w = candidate;
+            BigInteger wSubOne = candidate.Subtract(One);
+            BigInteger wSubTwo = candidate.Subtract(Two);
+
+            int a = wSubOne.GetLowestSetBit();
+            BigInteger m = wSubOne.ShiftRight(a);
+
+            for (int i = 0; i < iterations; ++i)
+            {
+                BigInteger b = BigIntegers.CreateRandomInRange(Two, wSubTwo, random);
+                BigInteger g = b.Gcd(w);
+
+                if (g.CompareTo(One) > 0)
+                    return MROutput.ProvablyCompositeWithFactor(g);
+
+                BigInteger z = b.ModPow(m, w);
+
+                if (z.Equals(One) || z.Equals(wSubOne))
+                    continue;
+
+                bool primeToBase = false;
+
+                BigInteger x = z;
+                for (int j = 1; j < a; ++j)
+                {
+                    z = z.ModPow(Two, w);
+
+                    if (z.Equals(wSubOne))
+                    {
+                        primeToBase = true;
+                        break;
+                    }
+
+                    if (z.Equals(One))
+                        break;
+
+                    x = z;
+                }
+
+                if (!primeToBase)
+                {
+                    if (!z.Equals(One))
+                    {
+                        x = z;
+                        z = z.ModPow(Two, w);
+
+                        if (!z.Equals(One))
+                        {
+                            x = z;
+                        }
+                    }
+
+                    g = x.Subtract(One).Gcd(w);
+
+                    if (g.CompareTo(One) > 0)
+                        return MROutput.ProvablyCompositeWithFactor(g);
+
+                    return MROutput.ProvablyCompositeNotPrimePower();
+                }
+            }
+
+            return MROutput.ProbablyPrime();
+        }
+
+        /**
+         * A fast check for small divisors, up to some implementation-specific limit.
+         * 
+         * @param candidate
+         *            the {@link BigInteger} instance to test for division by small factors.
+         * 
+         * @return <code>true</code> if the candidate is found to have any small factors,
+         *         <code>false</code> otherwise.
+         */
+        public static bool HasAnySmallFactors(BigInteger candidate)
+        {
+            CheckCandidate(candidate, "candidate");
+
+            return ImplHasAnySmallFactors(candidate);
+        }
+
+        /**
+         * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test
+         * 
+         * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases.
+         * 
+         * @param candidate
+         *            the {@link BigInteger} instance to test for primality.
+         * @param random
+         *            the source of randomness to use to choose bases.
+         * @param iterations
+         *            the number of randomly-chosen bases to perform the test for.
+         * @return <code>false</code> if any witness to compositeness is found amongst the chosen bases
+         *         (so <code>candidate</code> is definitely NOT prime), or else <code>true</code>
+         *         (indicating primality with some probability dependent on the number of iterations
+         *         that were performed).
+         */
+        public static bool IsMRProbablePrime(BigInteger candidate, SecureRandom random, int iterations)
+        {
+            CheckCandidate(candidate, "candidate");
+
+            if (random == null)
+                throw new ArgumentException("cannot be null", "random");
+            if (iterations < 1)
+                throw new ArgumentException("must be > 0", "iterations");
+
+            if (candidate.BitLength == 2)
+                return true;
+            if (!candidate.TestBit(0))
+                return false;
+
+            BigInteger w = candidate;
+            BigInteger wSubOne = candidate.Subtract(One);
+            BigInteger wSubTwo = candidate.Subtract(Two);
+
+            int a = wSubOne.GetLowestSetBit();
+            BigInteger m = wSubOne.ShiftRight(a);
+
+            for (int i = 0; i < iterations; ++i)
+            {
+                BigInteger b = BigIntegers.CreateRandomInRange(Two, wSubTwo, random);
+
+                if (!ImplMRProbablePrimeToBase(w, wSubOne, m, a, b))
+                    return false;
+            }
+
+            return true;
+        }
+
+        /**
+         * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test (to a fixed base).
+         * 
+         * Run a single iteration of the Miller-Rabin algorithm against the specified base.
+         * 
+         * @param candidate
+         *            the {@link BigInteger} instance to test for primality.
+         * @param baseValue
+         *            the base value to use for this iteration.
+         * @return <code>false</code> if the specified base is a witness to compositeness (so
+         *         <code>candidate</code> is definitely NOT prime), or else <code>true</code>.
+         */
+        public static bool IsMRProbablePrimeToBase(BigInteger candidate, BigInteger baseValue)
+        {
+            CheckCandidate(candidate, "candidate");
+            CheckCandidate(baseValue, "baseValue");
+
+            if (baseValue.CompareTo(candidate.Subtract(One)) >= 0)
+                throw new ArgumentException("must be < ('candidate' - 1)", "baseValue");
+
+            if (candidate.BitLength == 2)
+                return true;
+
+            BigInteger w = candidate;
+            BigInteger wSubOne = candidate.Subtract(One);
+
+            int a = wSubOne.GetLowestSetBit();
+            BigInteger m = wSubOne.ShiftRight(a);
+
+            return ImplMRProbablePrimeToBase(w, wSubOne, m, a, baseValue);
+        }
+
+        private static void CheckCandidate(BigInteger n, string name)
+        {
+            if (n == null || n.SignValue < 1 || n.BitLength < 2)
+                throw new ArgumentException("must be non-null and >= 2", name);
+        }
+
+        private static bool ImplHasAnySmallFactors(BigInteger x)
+        {
+            /*
+             * Bundle trial divisors into ~32-bit moduli then use fast tests on the ~32-bit remainders.
+             */
+            int m = 2 * 3 * 5 * 7 * 11 * 13 * 17 * 19 * 23;
+            int r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 2) == 0 || (r % 3) == 0 || (r % 5) == 0 || (r % 7) == 0 || (r % 11) == 0 || (r % 13) == 0
+                || (r % 17) == 0 || (r % 19) == 0 || (r % 23) == 0)
+            {
+                return true;
+            }
+
+            m = 29 * 31 * 37 * 41 * 43;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 29) == 0 || (r % 31) == 0 || (r % 37) == 0 || (r % 41) == 0 || (r % 43) == 0)
+            {
+                return true;
+            }
+
+            m = 47 * 53 * 59 * 61 * 67;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 47) == 0 || (r % 53) == 0 || (r % 59) == 0 || (r % 61) == 0 || (r % 67) == 0)
+            {
+                return true;
+            }
+
+            m = 71 * 73 * 79 * 83;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 71) == 0 || (r % 73) == 0 || (r % 79) == 0 || (r % 83) == 0)
+            {
+                return true;
+            }
+
+            m = 89 * 97 * 101 * 103;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 89) == 0 || (r % 97) == 0 || (r % 101) == 0 || (r % 103) == 0)
+            {
+                return true;
+            }
+
+            m = 107 * 109 * 113 * 127;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 107) == 0 || (r % 109) == 0 || (r % 113) == 0 || (r % 127) == 0)
+            {
+                return true;
+            }
+
+            m = 131 * 137 * 139 * 149;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 131) == 0 || (r % 137) == 0 || (r % 139) == 0 || (r % 149) == 0)
+            {
+                return true;
+            }
+
+            m = 151 * 157 * 163 * 167;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 151) == 0 || (r % 157) == 0 || (r % 163) == 0 || (r % 167) == 0)
+            {
+                return true;
+            }
+
+            m = 173 * 179 * 181 * 191;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 173) == 0 || (r % 179) == 0 || (r % 181) == 0 || (r % 191) == 0)
+            {
+                return true;
+            }
+
+            m = 193 * 197 * 199 * 211;
+            r = x.Mod(BigInteger.ValueOf(m)).IntValue;
+            if ((r % 193) == 0 || (r % 197) == 0 || (r % 199) == 0 || (r % 211) == 0)
+            {
+                return true;
+            }
+
+            /*
+             * NOTE: Unit tests depend on SMALL_FACTOR_LIMIT matching the
+             * highest small factor tested here.
+             */
+            return false;
+        }
+
+        private static bool ImplMRProbablePrimeToBase(BigInteger w, BigInteger wSubOne, BigInteger m, int a, BigInteger b)
+        {
+            BigInteger z = b.ModPow(m, w);
+
+            if (z.Equals(One) || z.Equals(wSubOne))
+                return true;
+
+            bool result = false;
+
+            for (int j = 1; j < a; ++j)
+            {
+                z = z.ModPow(Two, w);
+
+                if (z.Equals(wSubOne))
+                {
+                    result = true;
+                    break;
+                }
+
+                if (z.Equals(One))
+                    return false;
+            }
+
+            return result;
+        }
+
+        private static STOutput ImplSTRandomPrime(IDigest d, int length, byte[] primeSeed)
+        {
+            int dLen = d.GetDigestSize();
+
+            if (length < 33)
+            {
+                int primeGenCounter = 0;
+
+                byte[] c0 = new byte[dLen];
+                byte[] c1 = new byte[dLen];
+
+                for (;;)
+                {
+                    Hash(d, primeSeed, c0, 0);
+                    Inc(primeSeed, 1);
+
+                    Hash(d, primeSeed, c1, 0);
+                    Inc(primeSeed, 1);
+
+                    uint c = Extract32(c0) ^ Extract32(c1);
+                    c &= (uint.MaxValue >> (32 - length));
+                    c |= (1U << (length - 1)) | 1U;
+
+                    ++primeGenCounter;
+
+                    if (IsPrime32(c))
+                    {
+                        return new STOutput(BigInteger.ValueOf((long)c), primeSeed, primeGenCounter);
+                    }
+
+                    if (primeGenCounter > (4 * length))
+                    {
+                        throw new InvalidOperationException("Too many iterations in Shawe-Taylor Random_Prime Routine");
+                    }
+                }
+            }
+
+            STOutput rec = ImplSTRandomPrime(d, (length + 3)/2, primeSeed);
+
+            {
+                BigInteger c0 = rec.Prime;
+                primeSeed = rec.PrimeSeed;
+                int primeGenCounter = rec.PrimeGenCounter;
+
+                int outlen = 8 * dLen;
+                int iterations = (length - 1)/outlen;
+
+                int oldCounter = primeGenCounter;
+
+                BigInteger x = HashGen(d, primeSeed, iterations + 1);
+                x = x.Mod(One.ShiftLeft(length - 1)).SetBit(length - 1);
+
+                BigInteger c0x2 = c0.ShiftLeft(1);
+                BigInteger tx2 = x.Subtract(One).Divide(c0x2).Add(One).ShiftLeft(1);
+                int dt = 0;
+
+                BigInteger c = tx2.Multiply(c0).Add(One);
+
+                /*
+                 * TODO Since the candidate primes are generated by constant steps ('c0x2'),
+                 * sieving could be used here in place of the 'HasAnySmallFactors' approach.
+                 */
+                for (;;)
+                {
+                    if (c.BitLength > length)
+                    {
+                        tx2 = One.ShiftLeft(length - 1).Subtract(One).Divide(c0x2).Add(One).ShiftLeft(1);
+                        c = tx2.Multiply(c0).Add(One);
+                    }
+
+                    ++primeGenCounter;
+
+                    /*
+                     * This is an optimization of the original algorithm, using trial division to screen out
+                     * many non-primes quickly.
+                     * 
+                     * NOTE: 'primeSeed' is still incremented as if we performed the full check!
+                     */
+                    if (!ImplHasAnySmallFactors(c))
+                    {
+                        BigInteger a = HashGen(d, primeSeed, iterations + 1);
+                        a = a.Mod(c.Subtract(Three)).Add(Two);
+
+                        tx2 = tx2.Add(BigInteger.ValueOf(dt));
+                        dt = 0;
+
+                        BigInteger z = a.ModPow(tx2, c);
+
+                        if (c.Gcd(z.Subtract(One)).Equals(One) && z.ModPow(c0, c).Equals(One))
+                        {
+                            return new STOutput(c, primeSeed, primeGenCounter);
+                        }
+                    }
+                    else
+                    {
+                        Inc(primeSeed, iterations + 1);
+                    }
+
+                    if (primeGenCounter >= ((4 * length) + oldCounter))
+                    {
+                        throw new InvalidOperationException("Too many iterations in Shawe-Taylor Random_Prime Routine");
+                    }
+
+                    dt += 2;
+                    c = c.Add(c0x2);
+                }
+            }
+        }
+
+        private static uint Extract32(byte[] bs)
+        {
+            uint result = 0;
+
+            int count = System.Math.Min(4, bs.Length);
+            for (int i = 0; i < count; ++i)
+            {
+                uint b = bs[bs.Length - (i + 1)];
+                result |= (b << (8 * i));
+            }
+
+            return result;
+        }
+
+        private static void Hash(IDigest d, byte[] input, byte[] output, int outPos)
+        {
+            d.BlockUpdate(input, 0, input.Length);
+            d.DoFinal(output, outPos);
+        }
+
+        private static BigInteger HashGen(IDigest d, byte[] seed, int count)
+        {
+            int dLen = d.GetDigestSize();
+            int pos = count * dLen;
+            byte[] buf = new byte[pos];
+            for (int i = 0; i < count; ++i)
+            {
+                pos -= dLen;
+                Hash(d, seed, buf, pos);
+                Inc(seed, 1);
+            }
+            return new BigInteger(1, buf);
+        }
+
+        private static void Inc(byte[] seed, int c)
+        {
+            int pos = seed.Length;
+            while (c > 0 && --pos >= 0)
+            {
+                c += seed[pos];
+                seed[pos] = (byte)c;
+                c >>= 8;
+            }
+        }
+
+        private static bool IsPrime32(uint x)
+        {
+            /*
+             * Use wheel factorization with 2, 3, 5 to select trial divisors.
+             */
+
+            if (x <= 5)
+            {
+                return x == 2 || x == 3 || x == 5;
+            }
+
+            if ((x & 1) == 0 || (x % 3) == 0 || (x % 5) == 0)
+            {
+                return false;
+            }
+
+            uint[] ds = new uint[]{ 1, 7, 11, 13, 17, 19, 23, 29 };
+            uint b = 0;
+            for (int pos = 1; ; pos = 0)
+            {
+                /*
+                 * Trial division by wheel-selected divisors
+                 */
+                while (pos < ds.Length)
+                {
+                    uint d = b + ds[pos];
+                    if (x % d == 0)
+                    {
+                        return x < 30;
+                    }
+                    ++pos;
+                }
+
+                b += 30;
+
+                if ((b >> 16 != 0) || (b * b >= x))
+                {
+                    return true;
+                }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ECAlgorithms.cs b/bc-sharp-crypto/src/math/ec/ECAlgorithms.cs
new file mode 100644
index 0000000..5d60de4
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ECAlgorithms.cs
@@ -0,0 +1,479 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Endo;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Math.Field;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    public class ECAlgorithms
+    {
+        public static bool IsF2mCurve(ECCurve c)
+        {
+            return IsF2mField(c.Field);
+        }
+
+        public static bool IsF2mField(IFiniteField field)
+        {
+            return field.Dimension > 1 && field.Characteristic.Equals(BigInteger.Two)
+                && field is IPolynomialExtensionField;
+        }
+
+        public static bool IsFpCurve(ECCurve c)
+        {
+            return IsFpField(c.Field);
+        }
+
+        public static bool IsFpField(IFiniteField field)
+        {
+            return field.Dimension == 1;
+        }
+
+        public static ECPoint SumOfMultiplies(ECPoint[] ps, BigInteger[] ks)
+        {
+            if (ps == null || ks == null || ps.Length != ks.Length || ps.Length < 1)
+                throw new ArgumentException("point and scalar arrays should be non-null, and of equal, non-zero, length");
+
+            int count = ps.Length;
+            switch (count)
+            {
+                case 1:
+                    return ps[0].Multiply(ks[0]);
+                case 2:
+                    return SumOfTwoMultiplies(ps[0], ks[0], ps[1], ks[1]);
+                default:
+                    break;
+            }
+
+            ECPoint p = ps[0];
+            ECCurve c = p.Curve;
+
+            ECPoint[] imported = new ECPoint[count];
+            imported[0] = p;
+            for (int i = 1; i < count; ++i)
+            {
+                imported[i] = ImportPoint(c, ps[i]);
+            }
+
+            GlvEndomorphism glvEndomorphism = c.GetEndomorphism() as GlvEndomorphism;
+            if (glvEndomorphism != null)
+            {
+                return ValidatePoint(ImplSumOfMultipliesGlv(imported, ks, glvEndomorphism));
+            }
+
+            return ValidatePoint(ImplSumOfMultiplies(imported, ks));
+        }
+
+        public static ECPoint SumOfTwoMultiplies(ECPoint P, BigInteger a, ECPoint Q, BigInteger b)
+        {
+            ECCurve cp = P.Curve;
+            Q = ImportPoint(cp, Q);
+
+            // Point multiplication for Koblitz curves (using WTNAF) beats Shamir's trick
+            {
+                AbstractF2mCurve f2mCurve = cp as AbstractF2mCurve;
+                if (f2mCurve != null && f2mCurve.IsKoblitz)
+                {
+                    return ValidatePoint(P.Multiply(a).Add(Q.Multiply(b)));
+                }
+            }
+
+            GlvEndomorphism glvEndomorphism = cp.GetEndomorphism() as GlvEndomorphism;
+            if (glvEndomorphism != null)
+            {
+                return ValidatePoint(
+                    ImplSumOfMultipliesGlv(new ECPoint[] { P, Q }, new BigInteger[] { a, b }, glvEndomorphism));
+            }
+
+            return ValidatePoint(ImplShamirsTrickWNaf(P, a, Q, b));
+        }
+
+        /*
+        * "Shamir's Trick", originally due to E. G. Straus
+        * (Addition chains of vectors. American Mathematical Monthly,
+        * 71(7):806-808, Aug./Sept. 1964)
+        *  
+        * Input: The points P, Q, scalar k = (km?, ... , k1, k0)
+        * and scalar l = (lm?, ... , l1, l0).
+        * Output: R = k * P + l * Q.
+        * 1: Z <- P + Q
+        * 2: R <- O
+        * 3: for i from m-1 down to 0 do
+        * 4:        R <- R + R        {point doubling}
+        * 5:        if (ki = 1) and (li = 0) then R <- R + P end if
+        * 6:        if (ki = 0) and (li = 1) then R <- R + Q end if
+        * 7:        if (ki = 1) and (li = 1) then R <- R + Z end if
+        * 8: end for
+        * 9: return R
+        */
+        public static ECPoint ShamirsTrick(ECPoint P, BigInteger k, ECPoint Q, BigInteger l)
+        {
+            ECCurve cp = P.Curve;
+            Q = ImportPoint(cp, Q);
+
+            return ValidatePoint(ImplShamirsTrickJsf(P, k, Q, l));
+        }
+
+        public static ECPoint ImportPoint(ECCurve c, ECPoint p)
+        {
+            ECCurve cp = p.Curve;
+            if (!c.Equals(cp))
+                throw new ArgumentException("Point must be on the same curve");
+
+            return c.ImportPoint(p);
+        }
+
+        public static void MontgomeryTrick(ECFieldElement[] zs, int off, int len)
+        {
+            MontgomeryTrick(zs, off, len, null);
+        }
+
+        public static void MontgomeryTrick(ECFieldElement[] zs, int off, int len, ECFieldElement scale)
+        {
+            /*
+             * Uses the "Montgomery Trick" to invert many field elements, with only a single actual
+             * field inversion. See e.g. the paper:
+             * "Fast Multi-scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy Using Montgomery Trick"
+             * by Katsuyuki Okeya, Kouichi Sakurai.
+             */
+
+            ECFieldElement[] c = new ECFieldElement[len];
+            c[0] = zs[off];
+
+            int i = 0;
+            while (++i < len)
+            {
+                c[i] = c[i - 1].Multiply(zs[off + i]);
+            }
+
+            --i;
+
+            if (scale != null)
+            {
+                c[i] = c[i].Multiply(scale);
+            }
+
+            ECFieldElement u = c[i].Invert();
+
+            while (i > 0)
+            {
+                int j = off + i--;
+                ECFieldElement tmp = zs[j];
+                zs[j] = c[i].Multiply(u);
+                u = u.Multiply(tmp);
+            }
+
+            zs[off] = u;
+        }
+
+        /**
+         * Simple shift-and-add multiplication. Serves as reference implementation
+         * to verify (possibly faster) implementations, and for very small scalars.
+         * 
+         * @param p
+         *            The point to multiply.
+         * @param k
+         *            The multiplier.
+         * @return The result of the point multiplication <code>kP</code>.
+         */
+        public static ECPoint ReferenceMultiply(ECPoint p, BigInteger k)
+        {
+            BigInteger x = k.Abs();
+            ECPoint q = p.Curve.Infinity;
+            int t = x.BitLength;
+            if (t > 0)
+            {
+                if (x.TestBit(0))
+                {
+                    q = p;
+                }
+                for (int i = 1; i < t; i++)
+                {
+                    p = p.Twice();
+                    if (x.TestBit(i))
+                    {
+                        q = q.Add(p);
+                    }
+                }
+            }
+            return k.SignValue < 0 ? q.Negate() : q;
+        }
+
+        public static ECPoint ValidatePoint(ECPoint p)
+        {
+            if (!p.IsValid())
+                throw new ArgumentException("Invalid point", "p");
+
+            return p;
+        }
+
+        internal static ECPoint ImplShamirsTrickJsf(ECPoint P, BigInteger k, ECPoint Q, BigInteger l)
+        {
+            ECCurve curve = P.Curve;
+            ECPoint infinity = curve.Infinity;
+
+            // TODO conjugate co-Z addition (ZADDC) can return both of these
+            ECPoint PaddQ = P.Add(Q);
+            ECPoint PsubQ = P.Subtract(Q);
+
+            ECPoint[] points = new ECPoint[] { Q, PsubQ, P, PaddQ };
+            curve.NormalizeAll(points);
+
+            ECPoint[] table = new ECPoint[] {
+            points[3].Negate(), points[2].Negate(), points[1].Negate(),
+            points[0].Negate(), infinity, points[0],
+            points[1], points[2], points[3] };
+
+            byte[] jsf = WNafUtilities.GenerateJsf(k, l);
+
+            ECPoint R = infinity;
+
+            int i = jsf.Length;
+            while (--i >= 0)
+            {
+                int jsfi = jsf[i];
+
+                // NOTE: The shifting ensures the sign is extended correctly
+                int kDigit = ((jsfi << 24) >> 28), lDigit = ((jsfi << 28) >> 28);
+
+                int index = 4 + (kDigit * 3) + lDigit;
+                R = R.TwicePlus(table[index]);
+            }
+
+            return R;
+        }
+
+        internal static ECPoint ImplShamirsTrickWNaf(ECPoint P, BigInteger k,
+            ECPoint Q, BigInteger l)
+        {
+            bool negK = k.SignValue < 0, negL = l.SignValue < 0;
+
+            k = k.Abs();
+            l = l.Abs();
+
+            int widthP = System.Math.Max(2, System.Math.Min(16, WNafUtilities.GetWindowSize(k.BitLength)));
+            int widthQ = System.Math.Max(2, System.Math.Min(16, WNafUtilities.GetWindowSize(l.BitLength)));
+
+            WNafPreCompInfo infoP = WNafUtilities.Precompute(P, widthP, true);
+            WNafPreCompInfo infoQ = WNafUtilities.Precompute(Q, widthQ, true);
+
+            ECPoint[] preCompP = negK ? infoP.PreCompNeg : infoP.PreComp;
+            ECPoint[] preCompQ = negL ? infoQ.PreCompNeg : infoQ.PreComp;
+            ECPoint[] preCompNegP = negK ? infoP.PreComp : infoP.PreCompNeg;
+            ECPoint[] preCompNegQ = negL ? infoQ.PreComp : infoQ.PreCompNeg;
+
+            byte[] wnafP = WNafUtilities.GenerateWindowNaf(widthP, k);
+            byte[] wnafQ = WNafUtilities.GenerateWindowNaf(widthQ, l);
+
+            return ImplShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ);
+        }
+
+        internal static ECPoint ImplShamirsTrickWNaf(ECPoint P, BigInteger k, ECPointMap pointMapQ, BigInteger l)
+        {
+            bool negK = k.SignValue < 0, negL = l.SignValue < 0;
+
+            k = k.Abs();
+            l = l.Abs();
+
+            int width = System.Math.Max(2, System.Math.Min(16, WNafUtilities.GetWindowSize(System.Math.Max(k.BitLength, l.BitLength))));
+
+            ECPoint Q = WNafUtilities.MapPointWithPrecomp(P, width, true, pointMapQ);
+            WNafPreCompInfo infoP = WNafUtilities.GetWNafPreCompInfo(P);
+            WNafPreCompInfo infoQ = WNafUtilities.GetWNafPreCompInfo(Q);
+
+            ECPoint[] preCompP = negK ? infoP.PreCompNeg : infoP.PreComp;
+            ECPoint[] preCompQ = negL ? infoQ.PreCompNeg : infoQ.PreComp;
+            ECPoint[] preCompNegP = negK ? infoP.PreComp : infoP.PreCompNeg;
+            ECPoint[] preCompNegQ = negL ? infoQ.PreComp : infoQ.PreCompNeg;
+
+            byte[] wnafP = WNafUtilities.GenerateWindowNaf(width, k);
+            byte[] wnafQ = WNafUtilities.GenerateWindowNaf(width, l);
+
+            return ImplShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ);
+        }
+
+        private static ECPoint ImplShamirsTrickWNaf(ECPoint[] preCompP, ECPoint[] preCompNegP, byte[] wnafP,
+            ECPoint[] preCompQ, ECPoint[] preCompNegQ, byte[] wnafQ)
+        {
+            int len = System.Math.Max(wnafP.Length, wnafQ.Length);
+
+            ECCurve curve = preCompP[0].Curve;
+            ECPoint infinity = curve.Infinity;
+
+            ECPoint R = infinity;
+            int zeroes = 0;
+
+            for (int i = len - 1; i >= 0; --i)
+            {
+                int wiP = i < wnafP.Length ? (int)(sbyte)wnafP[i] : 0;
+                int wiQ = i < wnafQ.Length ? (int)(sbyte)wnafQ[i] : 0;
+
+                if ((wiP | wiQ) == 0)
+                {
+                    ++zeroes;
+                    continue;
+                }
+
+                ECPoint r = infinity;
+                if (wiP != 0)
+                {
+                    int nP = System.Math.Abs(wiP);
+                    ECPoint[] tableP = wiP < 0 ? preCompNegP : preCompP;
+                    r = r.Add(tableP[nP >> 1]);
+                }
+                if (wiQ != 0)
+                {
+                    int nQ = System.Math.Abs(wiQ);
+                    ECPoint[] tableQ = wiQ < 0 ? preCompNegQ : preCompQ;
+                    r = r.Add(tableQ[nQ >> 1]);
+                }
+
+                if (zeroes > 0)
+                {
+                    R = R.TimesPow2(zeroes);
+                    zeroes = 0;
+                }
+
+                R = R.TwicePlus(r);
+            }
+
+            if (zeroes > 0)
+            {
+                R = R.TimesPow2(zeroes);
+            }
+
+            return R;
+        }
+
+        internal static ECPoint ImplSumOfMultiplies(ECPoint[] ps, BigInteger[] ks)
+        {
+            int count = ps.Length;
+            bool[] negs = new bool[count];
+            WNafPreCompInfo[] infos = new WNafPreCompInfo[count];
+            byte[][] wnafs = new byte[count][];
+
+            for (int i = 0; i < count; ++i)
+            {
+                BigInteger ki = ks[i]; negs[i] = ki.SignValue < 0; ki = ki.Abs();
+
+                int width = System.Math.Max(2, System.Math.Min(16, WNafUtilities.GetWindowSize(ki.BitLength)));
+                infos[i] = WNafUtilities.Precompute(ps[i], width, true);
+                wnafs[i] = WNafUtilities.GenerateWindowNaf(width, ki);
+            }
+
+            return ImplSumOfMultiplies(negs, infos, wnafs);
+        }
+
+        internal static ECPoint ImplSumOfMultipliesGlv(ECPoint[] ps, BigInteger[] ks, GlvEndomorphism glvEndomorphism)
+        {
+            BigInteger n = ps[0].Curve.Order;
+
+            int len = ps.Length;
+
+            BigInteger[] abs = new BigInteger[len << 1];
+            for (int i = 0, j = 0; i < len; ++i)
+            {
+                BigInteger[] ab = glvEndomorphism.DecomposeScalar(ks[i].Mod(n));
+                abs[j++] = ab[0];
+                abs[j++] = ab[1];
+            }
+
+            ECPointMap pointMap = glvEndomorphism.PointMap;
+            if (glvEndomorphism.HasEfficientPointMap)
+            {
+                return ECAlgorithms.ImplSumOfMultiplies(ps, pointMap, abs);
+            }
+
+            ECPoint[] pqs = new ECPoint[len << 1];
+            for (int i = 0, j = 0; i < len; ++i)
+            {
+                ECPoint p = ps[i], q = pointMap.Map(p);
+                pqs[j++] = p;
+                pqs[j++] = q;
+            }
+
+            return ECAlgorithms.ImplSumOfMultiplies(pqs, abs);
+        }
+
+        internal static ECPoint ImplSumOfMultiplies(ECPoint[] ps, ECPointMap pointMap, BigInteger[] ks)
+        {
+            int halfCount = ps.Length, fullCount = halfCount << 1;
+
+            bool[] negs = new bool[fullCount];
+            WNafPreCompInfo[] infos = new WNafPreCompInfo[fullCount];
+            byte[][] wnafs = new byte[fullCount][];
+
+            for (int i = 0; i < halfCount; ++i)
+            {
+                int j0 = i << 1, j1 = j0 + 1;
+
+                BigInteger kj0 = ks[j0]; negs[j0] = kj0.SignValue < 0; kj0 = kj0.Abs();
+                BigInteger kj1 = ks[j1]; negs[j1] = kj1.SignValue < 0; kj1 = kj1.Abs();
+
+                int width = System.Math.Max(2, System.Math.Min(16, WNafUtilities.GetWindowSize(System.Math.Max(kj0.BitLength, kj1.BitLength))));
+
+                ECPoint P = ps[i], Q = WNafUtilities.MapPointWithPrecomp(P, width, true, pointMap);
+                infos[j0] = WNafUtilities.GetWNafPreCompInfo(P);
+                infos[j1] = WNafUtilities.GetWNafPreCompInfo(Q);
+                wnafs[j0] = WNafUtilities.GenerateWindowNaf(width, kj0);
+                wnafs[j1] = WNafUtilities.GenerateWindowNaf(width, kj1);
+            }
+
+            return ImplSumOfMultiplies(negs, infos, wnafs);
+        }
+
+        private static ECPoint ImplSumOfMultiplies(bool[] negs, WNafPreCompInfo[] infos, byte[][] wnafs)
+        {
+            int len = 0, count = wnafs.Length;
+            for (int i = 0; i < count; ++i)
+            {
+                len = System.Math.Max(len, wnafs[i].Length);
+            }
+
+            ECCurve curve = infos[0].PreComp[0].Curve;
+            ECPoint infinity = curve.Infinity;
+
+            ECPoint R = infinity;
+            int zeroes = 0;
+
+            for (int i = len - 1; i >= 0; --i)
+            {
+                ECPoint r = infinity;
+
+                for (int j = 0; j < count; ++j)
+                {
+                    byte[] wnaf = wnafs[j];
+                    int wi = i < wnaf.Length ? (int)(sbyte)wnaf[i] : 0;
+                    if (wi != 0)
+                    {
+                        int n = System.Math.Abs(wi);
+                        WNafPreCompInfo info = infos[j];
+                        ECPoint[] table = (wi < 0 == negs[j]) ? info.PreComp : info.PreCompNeg;
+                        r = r.Add(table[n >> 1]);
+                    }
+                }
+
+                if (r == infinity)
+                {
+                    ++zeroes;
+                    continue;
+                }
+
+                if (zeroes > 0)
+                {
+                    R = R.TimesPow2(zeroes);
+                    zeroes = 0;
+                }
+
+                R = R.TwicePlus(r);
+            }
+
+            if (zeroes > 0)
+            {
+                R = R.TimesPow2(zeroes);
+            }
+
+            return R;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ECCurve.cs b/bc-sharp-crypto/src/math/ec/ECCurve.cs
new file mode 100644
index 0000000..6ccd97e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ECCurve.cs
@@ -0,0 +1,1131 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Math.EC.Abc;
+using Org.BouncyCastle.Math.EC.Endo;
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Math.Field;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    /// <remarks>Base class for an elliptic curve.</remarks>
+    public abstract class ECCurve
+    {
+        public const int COORD_AFFINE = 0;
+        public const int COORD_HOMOGENEOUS = 1;
+        public const int COORD_JACOBIAN = 2;
+        public const int COORD_JACOBIAN_CHUDNOVSKY = 3;
+        public const int COORD_JACOBIAN_MODIFIED = 4;
+        public const int COORD_LAMBDA_AFFINE = 5;
+        public const int COORD_LAMBDA_PROJECTIVE = 6;
+        public const int COORD_SKEWED = 7;
+
+        public static int[] GetAllCoordinateSystems()
+        {
+            return new int[]{ COORD_AFFINE, COORD_HOMOGENEOUS, COORD_JACOBIAN, COORD_JACOBIAN_CHUDNOVSKY,
+                COORD_JACOBIAN_MODIFIED, COORD_LAMBDA_AFFINE, COORD_LAMBDA_PROJECTIVE, COORD_SKEWED };
+        }
+
+        public class Config
+        {
+            protected ECCurve outer;
+            protected int coord;
+            protected ECEndomorphism endomorphism;
+            protected ECMultiplier multiplier;
+
+            internal Config(ECCurve outer, int coord, ECEndomorphism endomorphism, ECMultiplier multiplier)
+            {
+                this.outer = outer;
+                this.coord = coord;
+                this.endomorphism = endomorphism;
+                this.multiplier = multiplier;
+            }
+
+            public Config SetCoordinateSystem(int coord)
+            {
+                this.coord = coord;
+                return this;
+            }
+
+            public Config SetEndomorphism(ECEndomorphism endomorphism)
+            {
+                this.endomorphism = endomorphism;
+                return this;
+            }
+
+            public Config SetMultiplier(ECMultiplier multiplier)
+            {
+                this.multiplier = multiplier;
+                return this;
+            }
+
+            public ECCurve Create()
+            {
+                if (!outer.SupportsCoordinateSystem(coord))
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+
+                ECCurve c = outer.CloneCurve();
+                if (c == outer)
+                {
+                    throw new InvalidOperationException("implementation returned current curve");
+                }
+
+                c.m_coord = coord;
+                c.m_endomorphism = endomorphism;
+                c.m_multiplier = multiplier;
+
+                return c;
+            }
+        }
+
+        protected readonly IFiniteField m_field;
+        protected ECFieldElement m_a, m_b;
+        protected BigInteger m_order, m_cofactor;
+
+        protected int m_coord = COORD_AFFINE;
+        protected ECEndomorphism m_endomorphism = null;
+        protected ECMultiplier m_multiplier = null;
+
+        protected ECCurve(IFiniteField field)
+        {
+            this.m_field = field;
+        }
+
+        public abstract int FieldSize { get; }
+        public abstract ECFieldElement FromBigInteger(BigInteger x);
+        public abstract bool IsValidFieldElement(BigInteger x);
+
+        public virtual Config Configure()
+        {
+            return new Config(this, this.m_coord, this.m_endomorphism, this.m_multiplier);
+        }
+
+        public virtual ECPoint ValidatePoint(BigInteger x, BigInteger y)
+        {
+            ECPoint p = CreatePoint(x, y);
+            if (!p.IsValid())
+            {
+                throw new ArgumentException("Invalid point coordinates");
+            }
+            return p;
+        }
+
+        [Obsolete("Per-point compression property will be removed")]
+        public virtual ECPoint ValidatePoint(BigInteger x, BigInteger y, bool withCompression)
+        {
+            ECPoint p = CreatePoint(x, y, withCompression);
+            if (!p.IsValid())
+            {
+                throw new ArgumentException("Invalid point coordinates");
+            }
+            return p;
+        }
+
+        public virtual ECPoint CreatePoint(BigInteger x, BigInteger y)
+        {
+            return CreatePoint(x, y, false);
+        }
+
+        [Obsolete("Per-point compression property will be removed")]
+        public virtual ECPoint CreatePoint(BigInteger x, BigInteger y, bool withCompression)
+        {
+            return CreateRawPoint(FromBigInteger(x), FromBigInteger(y), withCompression);
+        }
+
+        protected abstract ECCurve CloneCurve();
+
+        protected internal abstract ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression);
+
+        protected internal abstract ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression);
+
+        protected virtual ECMultiplier CreateDefaultMultiplier()
+        {
+            GlvEndomorphism glvEndomorphism = m_endomorphism as GlvEndomorphism;
+            if (glvEndomorphism != null)
+            {
+                return new GlvMultiplier(this, glvEndomorphism);
+            }
+
+            return new WNafL2RMultiplier();
+        }
+
+        public virtual bool SupportsCoordinateSystem(int coord)
+        {
+            return coord == COORD_AFFINE;
+        }
+
+        public virtual PreCompInfo GetPreCompInfo(ECPoint point, string name)
+        {
+            CheckPoint(point);
+            lock (point)
+            {
+                IDictionary table = point.m_preCompTable;
+                return table == null ? null : (PreCompInfo)table[name];
+            }
+        }
+
+        /**
+         * Adds <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
+         * <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
+         * by subsequent multiplication.
+         * 
+         * @param point
+         *            The <code>ECPoint</code> to store precomputations for.
+         * @param name
+         *            A <code>String</code> used to index precomputations of different types.
+         * @param preCompInfo
+         *            The values precomputed by the <code>ECMultiplier</code>.
+         */
+        public virtual void SetPreCompInfo(ECPoint point, string name, PreCompInfo preCompInfo)
+        {
+            CheckPoint(point);
+            lock (point)
+            {
+                IDictionary table = point.m_preCompTable;
+                if (null == table)
+                {
+                    point.m_preCompTable = table = Platform.CreateHashtable(4);
+                }
+                table[name] = preCompInfo;
+            }
+        }
+
+        public virtual ECPoint ImportPoint(ECPoint p)
+        {
+            if (this == p.Curve)
+            {
+                return p;
+            }
+            if (p.IsInfinity)
+            {
+                return Infinity;
+            }
+
+            // TODO Default behaviour could be improved if the two curves have the same coordinate system by copying any Z coordinates.
+            p = p.Normalize();
+
+            return ValidatePoint(p.XCoord.ToBigInteger(), p.YCoord.ToBigInteger(), p.IsCompressed);
+        }
+
+        /**
+         * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+         * coordinates reflect those of the equivalent point in an affine coordinate system. Where more
+         * than one point is to be normalized, this method will generally be more efficient than
+         * normalizing each point separately.
+         * 
+         * @param points
+         *            An array of points that will be updated in place with their normalized versions,
+         *            where necessary
+         */
+        public virtual void NormalizeAll(ECPoint[] points)
+        {
+            NormalizeAll(points, 0, points.Length, null);
+        }
+
+        /**
+         * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+         * coordinates reflect those of the equivalent point in an affine coordinate system. Where more
+         * than one point is to be normalized, this method will generally be more efficient than
+         * normalizing each point separately. An (optional) z-scaling factor can be applied; effectively
+         * each z coordinate is scaled by this value prior to normalization (but only one
+         * actual multiplication is needed).
+         * 
+         * @param points
+         *            An array of points that will be updated in place with their normalized versions,
+         *            where necessary
+         * @param off
+         *            The start of the range of points to normalize
+         * @param len
+         *            The length of the range of points to normalize
+         * @param iso
+         *            The (optional) z-scaling factor - can be null
+         */
+        public virtual void NormalizeAll(ECPoint[] points, int off, int len, ECFieldElement iso)
+        {
+            CheckPoints(points, off, len);
+
+            switch (this.CoordinateSystem)
+            {
+                case ECCurve.COORD_AFFINE:
+                case ECCurve.COORD_LAMBDA_AFFINE:
+                {
+                    if (iso != null)
+                        throw new ArgumentException("not valid for affine coordinates", "iso");
+
+                    return;
+                }
+            }
+
+            /*
+             * Figure out which of the points actually need to be normalized
+             */
+            ECFieldElement[] zs = new ECFieldElement[len];
+            int[] indices = new int[len];
+            int count = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                if (null != p && (iso != null || !p.IsNormalized()))
+                {
+                    zs[count] = p.GetZCoord(0);
+                    indices[count++] = off + i;
+                }
+            }
+
+            if (count == 0)
+            {
+                return;
+            }
+
+            ECAlgorithms.MontgomeryTrick(zs, 0, count, iso);
+
+            for (int j = 0; j < count; ++j)
+            {
+                int index = indices[j];
+                points[index] = points[index].Normalize(zs[j]);
+            }
+        }
+
+        public abstract ECPoint Infinity { get; }
+
+        public virtual IFiniteField Field
+        {
+            get { return m_field; }
+        }
+
+        public virtual ECFieldElement A
+        {
+            get { return m_a; }
+        }
+
+        public virtual ECFieldElement B
+        {
+            get { return m_b; }
+        }
+
+        public virtual BigInteger Order
+        {
+            get { return m_order; }
+        }
+
+        public virtual BigInteger Cofactor
+        {
+            get { return m_cofactor; }
+        }
+
+        public virtual int CoordinateSystem
+        {
+            get { return m_coord; }
+        }
+
+        protected virtual void CheckPoint(ECPoint point)
+        {
+            if (null == point || (this != point.Curve))
+                throw new ArgumentException("must be non-null and on this curve", "point");
+        }
+
+        protected virtual void CheckPoints(ECPoint[] points)
+        {
+            CheckPoints(points, 0, points.Length);
+        }
+
+        protected virtual void CheckPoints(ECPoint[] points, int off, int len)
+        {
+            if (points == null)
+                throw new ArgumentNullException("points");
+            if (off < 0 || len < 0 || (off > (points.Length - len)))
+                throw new ArgumentException("invalid range specified", "points");
+
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint point = points[off + i];
+                if (null != point && this != point.Curve)
+                    throw new ArgumentException("entries must be null or on this curve", "points");
+            }
+        }
+
+        public virtual bool Equals(ECCurve other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Field.Equals(other.Field)
+                && A.ToBigInteger().Equals(other.A.ToBigInteger())
+                && B.ToBigInteger().Equals(other.B.ToBigInteger());
+        }
+
+        public override bool Equals(object obj) 
+        {
+            return Equals(obj as ECCurve);
+        }
+
+        public override int GetHashCode()
+        {
+            return Field.GetHashCode()
+                ^ Integers.RotateLeft(A.ToBigInteger().GetHashCode(), 8)
+                ^ Integers.RotateLeft(B.ToBigInteger().GetHashCode(), 16);
+        }
+
+        protected abstract ECPoint DecompressPoint(int yTilde, BigInteger X1);
+
+        public virtual ECEndomorphism GetEndomorphism()
+        {
+            return m_endomorphism;
+        }
+
+        /**
+         * Sets the default <code>ECMultiplier</code>, unless already set. 
+         */
+        public virtual ECMultiplier GetMultiplier()
+        {
+            lock (this)
+            {
+                if (this.m_multiplier == null)
+                {
+                    this.m_multiplier = CreateDefaultMultiplier();
+                }
+                return this.m_multiplier;
+            }
+        }
+
+        /**
+         * Decode a point on this curve from its ASN.1 encoding. The different
+         * encodings are taken account of, including point compression for
+         * <code>F<sub>p</sub></code> (X9.62 s 4.2.1 pg 17).
+         * @return The decoded point.
+         */
+        public virtual ECPoint DecodePoint(byte[] encoded)
+        {
+            ECPoint p = null;
+            int expectedLength = (FieldSize + 7) / 8;
+
+            byte type = encoded[0];
+            switch (type)
+            {
+                case 0x00: // infinity
+                {
+                    if (encoded.Length != 1)
+                        throw new ArgumentException("Incorrect length for infinity encoding", "encoded");
+
+                    p = Infinity;
+                    break;
+                }
+
+                case 0x02: // compressed
+                case 0x03: // compressed
+                {
+                    if (encoded.Length != (expectedLength + 1))
+                        throw new ArgumentException("Incorrect length for compressed encoding", "encoded");
+
+                    int yTilde = type & 1;
+                    BigInteger X = new BigInteger(1, encoded, 1, expectedLength);
+
+                    p = DecompressPoint(yTilde, X);
+                    if (!p.SatisfiesCofactor())
+                        throw new ArgumentException("Invalid point");
+
+                    break;
+                }
+
+                case 0x04: // uncompressed
+                {
+                    if (encoded.Length != (2 * expectedLength + 1))
+                        throw new ArgumentException("Incorrect length for uncompressed encoding", "encoded");
+
+                    BigInteger X = new BigInteger(1, encoded, 1, expectedLength);
+                    BigInteger Y = new BigInteger(1, encoded, 1 + expectedLength, expectedLength);
+
+                    p = ValidatePoint(X, Y);
+                    break;
+                }
+
+                case 0x06: // hybrid
+                case 0x07: // hybrid
+                {
+                    if (encoded.Length != (2 * expectedLength + 1))
+                        throw new ArgumentException("Incorrect length for hybrid encoding", "encoded");
+
+                    BigInteger X = new BigInteger(1, encoded, 1, expectedLength);
+                    BigInteger Y = new BigInteger(1, encoded, 1 + expectedLength, expectedLength);
+
+                    if (Y.TestBit(0) != (type == 0x07))
+                        throw new ArgumentException("Inconsistent Y coordinate in hybrid encoding", "encoded");
+
+                    p = ValidatePoint(X, Y);
+                    break;
+                }
+
+                default:
+                    throw new FormatException("Invalid point encoding " + type);
+            }
+
+            if (type != 0x00 && p.IsInfinity)
+                throw new ArgumentException("Invalid infinity encoding", "encoded");
+
+            return p;
+        }
+    }
+
+    public abstract class AbstractFpCurve
+        : ECCurve
+    {
+        protected AbstractFpCurve(BigInteger q)
+            : base(FiniteFields.GetPrimeField(q))
+        {
+        }
+
+        public override bool IsValidFieldElement(BigInteger x)
+        {
+            return x != null && x.SignValue >= 0 && x.CompareTo(Field.Characteristic) < 0;
+        }
+
+        protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
+        {
+            ECFieldElement x = FromBigInteger(X1);
+            ECFieldElement rhs = x.Square().Add(A).Multiply(x).Add(B);
+            ECFieldElement y = rhs.Sqrt();
+
+            /*
+             * If y is not a square, then we haven't got a point on the curve
+             */
+            if (y == null)
+                throw new ArgumentException("Invalid point compression");
+
+            if (y.TestBitZero() != (yTilde == 1))
+            {
+                // Use the other root
+                y = y.Negate();
+            }
+
+            return CreateRawPoint(x, y, true);
+        }
+    }
+
+    /**
+     * Elliptic curve over Fp
+     */
+    public class FpCurve
+        : AbstractFpCurve
+    {
+        private const int FP_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED;
+
+        protected readonly BigInteger m_q, m_r;
+        protected readonly FpPoint m_infinity;
+
+        public FpCurve(BigInteger q, BigInteger a, BigInteger b)
+            : this(q, a, b, null, null)
+        {
+        }
+
+        public FpCurve(BigInteger q, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor)
+            : base(q)
+        {
+            this.m_q = q;
+            this.m_r = FpFieldElement.CalculateResidue(q);
+            this.m_infinity = new FpPoint(this, null, null);
+
+            this.m_a = FromBigInteger(a);
+            this.m_b = FromBigInteger(b);
+            this.m_order = order;
+            this.m_cofactor = cofactor;
+            this.m_coord = FP_DEFAULT_COORDS;
+        }
+
+        protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b)
+            : this(q, r, a, b, null, null)
+        {
+        }
+
+        protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+            : base(q)
+        {
+            this.m_q = q;
+            this.m_r = r;
+            this.m_infinity = new FpPoint(this, null, null);
+
+            this.m_a = a;
+            this.m_b = b;
+            this.m_order = order;
+            this.m_cofactor = cofactor;
+            this.m_coord = FP_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new FpCurve(m_q, m_r, m_a, m_b, m_order, m_cofactor);
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_AFFINE:
+                case COORD_HOMOGENEOUS:
+                case COORD_JACOBIAN:
+                case COORD_JACOBIAN_MODIFIED:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return m_q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return m_q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new FpFieldElement(this.m_q, this.m_r, x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new FpPoint(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new FpPoint(this, x, y, zs, withCompression);
+        }
+
+        public override ECPoint ImportPoint(ECPoint p)
+        {
+            if (this != p.Curve && this.CoordinateSystem == COORD_JACOBIAN && !p.IsInfinity)
+            {
+                switch (p.Curve.CoordinateSystem)
+                {
+                    case COORD_JACOBIAN:
+                    case COORD_JACOBIAN_CHUDNOVSKY:
+                    case COORD_JACOBIAN_MODIFIED:
+                        return new FpPoint(this,
+                            FromBigInteger(p.RawXCoord.ToBigInteger()),
+                            FromBigInteger(p.RawYCoord.ToBigInteger()),
+                            new ECFieldElement[] { FromBigInteger(p.GetZCoord(0).ToBigInteger()) },
+                            p.IsCompressed);
+                    default:
+                        break;
+                }
+            }
+
+            return base.ImportPoint(p);
+        }
+    }
+
+    public abstract class AbstractF2mCurve
+        : ECCurve
+    {
+        public static BigInteger Inverse(int m, int[] ks, BigInteger x)
+        {
+            return new LongArray(x).ModInverse(m, ks).ToBigInteger();
+        }
+
+        /**
+         * The auxiliary values <code>s<sub>0</sub></code> and
+         * <code>s<sub>1</sub></code> used for partial modular reduction for
+         * Koblitz curves.
+         */
+        private BigInteger[] si = null;
+
+        private static IFiniteField BuildField(int m, int k1, int k2, int k3)
+        {
+            if (k1 == 0)
+            {
+                throw new ArgumentException("k1 must be > 0");
+            }
+
+            if (k2 == 0)
+            {
+                if (k3 != 0)
+                {
+                    throw new ArgumentException("k3 must be 0 if k2 == 0");
+                }
+
+                return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, m });
+            }
+
+            if (k2 <= k1)
+            {
+                throw new ArgumentException("k2 must be > k1");
+            }
+
+            if (k3 <= k2)
+            {
+                throw new ArgumentException("k3 must be > k2");
+            }
+
+            return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, k2, k3, m });
+        }
+
+        protected AbstractF2mCurve(int m, int k1, int k2, int k3)
+            : base(BuildField(m, k1, k2, k3))
+        {
+        }
+
+        public override bool IsValidFieldElement(BigInteger x)
+        {
+            return x != null && x.SignValue >= 0 && x.BitLength <= FieldSize;
+        }
+
+        [Obsolete("Per-point compression property will be removed")]
+        public override ECPoint CreatePoint(BigInteger x, BigInteger y, bool withCompression)
+        {
+            ECFieldElement X = FromBigInteger(x), Y = FromBigInteger(y);
+
+            switch (this.CoordinateSystem)
+            {
+                case COORD_LAMBDA_AFFINE:
+                case COORD_LAMBDA_PROJECTIVE:
+                {
+                    if (X.IsZero)
+                    {
+                        if (!Y.Square().Equals(B))
+                            throw new ArgumentException();
+                    }
+                    else
+                    {
+                        // Y becomes Lambda (X + Y/X) here
+                        Y = Y.Divide(X).Add(X);
+                    }
+                    break;
+                }
+                default:
+                {
+                    break;
+                }
+            }
+
+            return CreateRawPoint(X, Y, withCompression);
+        }
+
+        protected override ECPoint DecompressPoint(int yTilde, BigInteger X1)
+        {
+            ECFieldElement xp = FromBigInteger(X1), yp = null;
+            if (xp.IsZero)
+            {
+                yp = B.Sqrt();
+            }
+            else
+            {
+                ECFieldElement beta = xp.Square().Invert().Multiply(B).Add(A).Add(xp);
+                ECFieldElement z = SolveQuadradicEquation(beta);
+
+                if (z != null)
+                {
+                    if (z.TestBitZero() != (yTilde == 1))
+                    {
+                        z = z.AddOne();
+                    }
+
+                    switch (this.CoordinateSystem)
+                    {
+                        case COORD_LAMBDA_AFFINE:
+                        case COORD_LAMBDA_PROJECTIVE:
+                        {
+                            yp = z.Add(xp);
+                            break;
+                        }
+                        default:
+                        {
+                            yp = z.Multiply(xp);
+                            break;
+                        }
+                    }
+                }
+            }
+
+            if (yp == null)
+                throw new ArgumentException("Invalid point compression");
+
+            return CreateRawPoint(xp, yp, true);
+        }
+
+        /**
+         * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62
+         * D.1.6) The other solution is <code>z + 1</code>.
+         *
+         * @param beta
+         *            The value to solve the qradratic equation for.
+         * @return the solution for <code>z<sup>2</sup> + z = beta</code> or
+         *         <code>null</code> if no solution exists.
+         */
+        private ECFieldElement SolveQuadradicEquation(ECFieldElement beta)
+        {
+            if (beta.IsZero)
+                return beta;
+
+            ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero);
+
+            int m = FieldSize;
+            do
+            {
+                ECFieldElement t = FromBigInteger(BigInteger.Arbitrary(m));
+                z = zeroElement;
+                ECFieldElement w = beta;
+                for (int i = 1; i < m; i++)
+                {
+                    ECFieldElement w2 = w.Square();
+                    z = z.Square().Add(w2.Multiply(t));
+                    w = w2.Add(beta);
+                }
+                if (!w.IsZero)
+                {
+                    return null;
+                }
+                gamma = z.Square().Add(z);
+            }
+            while (gamma.IsZero);
+
+            return z;
+        }
+
+        /**
+         * @return the auxiliary values <code>s<sub>0</sub></code> and
+         * <code>s<sub>1</sub></code> used for partial modular reduction for
+         * Koblitz curves.
+         */
+        internal virtual BigInteger[] GetSi()
+        {
+            if (si == null)
+            {
+                lock (this)
+                {
+                    if (si == null)
+                    {
+                        si = Tnaf.GetSi(this);
+                    }
+                }
+            }
+            return si;
+        }
+
+        /**
+         * Returns true if this is a Koblitz curve (ABC curve).
+         * @return true if this is a Koblitz curve (ABC curve), false otherwise
+         */
+        public virtual bool IsKoblitz
+        {
+            get
+            {
+                return m_order != null && m_cofactor != null && m_b.IsOne && (m_a.IsZero || m_a.IsOne);
+            }
+        }
+    }
+
+    /**
+     * Elliptic curves over F2m. The Weierstrass equation is given by
+     * <code>y<sup>2</sup> + xy = x<sup>3</sup> + ax<sup>2</sup> + b</code>.
+     */
+    public class F2mCurve
+        : AbstractF2mCurve
+    {
+        private const int F2M_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        /**
+         * The exponent <code>m</code> of <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        private readonly int m;
+
+        /**
+         * TPB: The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction polynomial
+         * <code>f(z)</code>.<br/>
+         * PPB: The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br/>
+         */
+        private readonly int k1;
+
+        /**
+         * TPB: Always set to <code>0</code><br/>
+         * PPB: The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br/>
+         */
+        private readonly int k2;
+
+        /**
+         * TPB: Always set to <code>0</code><br/>
+         * PPB: The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br/>
+         */
+        private readonly int k3;
+
+        /**
+         * The point at infinity on this curve.
+         */
+        protected readonly F2mPoint m_infinity;
+
+        /**
+         * Constructor for Trinomial Polynomial Basis (TPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction
+         * polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        public F2mCurve(
+            int			m,
+            int			k,
+            BigInteger	a,
+            BigInteger	b)
+            : this(m, k, 0, 0, a, b, null, null)
+        {
+        }
+
+        /**
+         * Constructor for Trinomial Polynomial Basis (TPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction
+         * polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param order The order of the main subgroup of the elliptic curve.
+         * @param cofactor The cofactor of the elliptic curve, i.e.
+         * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>.
+         */
+        public F2mCurve(
+            int			m, 
+            int			k, 
+            BigInteger	a, 
+            BigInteger	b,
+            BigInteger	order,
+            BigInteger	cofactor)
+            : this(m, k, 0, 0, a, b, order, cofactor)
+        {
+        }
+
+        /**
+         * Constructor for Pentanomial Polynomial Basis (PPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        public F2mCurve(
+            int			m,
+            int			k1,
+            int			k2,
+            int			k3,
+            BigInteger	a,
+            BigInteger	b)
+            : this(m, k1, k2, k3, a, b, null, null)
+        {
+        }
+
+        /**
+         * Constructor for Pentanomial Polynomial Basis (PPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param order The order of the main subgroup of the elliptic curve.
+         * @param cofactor The cofactor of the elliptic curve, i.e.
+         * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>.
+         */
+        public F2mCurve(
+            int			m, 
+            int			k1, 
+            int			k2, 
+            int			k3,
+            BigInteger	a, 
+            BigInteger	b,
+            BigInteger	order,
+            BigInteger	cofactor)
+            : base(m, k1, k2, k3)
+        {
+            this.m = m;
+            this.k1 = k1;
+            this.k2 = k2;
+            this.k3 = k3;
+            this.m_order = order;
+            this.m_cofactor = cofactor;
+            this.m_infinity = new F2mPoint(this, null, null);
+
+            if (k1 == 0)
+                throw new ArgumentException("k1 must be > 0");
+
+            if (k2 == 0)
+            {
+                if (k3 != 0)
+                    throw new ArgumentException("k3 must be 0 if k2 == 0");
+            }
+            else
+            {
+                if (k2 <= k1)
+                    throw new ArgumentException("k2 must be > k1");
+
+                if (k3 <= k2)
+                    throw new ArgumentException("k3 must be > k2");
+            }
+
+            this.m_a = FromBigInteger(a);
+            this.m_b = FromBigInteger(b);
+            this.m_coord = F2M_DEFAULT_COORDS;
+        }
+
+        protected F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+            : base(m, k1, k2, k3)
+        {
+            this.m = m;
+            this.k1 = k1;
+            this.k2 = k2;
+            this.k3 = k3;
+            this.m_order = order;
+            this.m_cofactor = cofactor;
+
+            this.m_infinity = new F2mPoint(this, null, null);
+            this.m_a = a;
+            this.m_b = b;
+            this.m_coord = F2M_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new F2mCurve(m, k1, k2, k3, m_a, m_b, m_order, m_cofactor);
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_AFFINE:
+                case COORD_HOMOGENEOUS:
+                case COORD_LAMBDA_PROJECTIVE:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            if (IsKoblitz)
+            {
+                return new WTauNafMultiplier();
+            }
+
+            return base.CreateDefaultMultiplier();
+        }
+
+        public override int FieldSize
+        {
+            get { return m; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new F2mFieldElement(this.m, this.k1, this.k2, this.k3, x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new F2mPoint(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new F2mPoint(this, x, y, zs, withCompression);
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public int M
+        {
+            get { return m; }
+        }
+
+        /**
+         * Return true if curve uses a Trinomial basis.
+         *
+         * @return true if curve Trinomial, false otherwise.
+         */
+        public bool IsTrinomial()
+        {
+            return k2 == 0 && k3 == 0;
+        }
+
+        public int K1
+        {
+            get { return k1; }
+        }
+
+        public int K2
+        {
+            get { return k2; }
+        }
+
+        public int K3
+        {
+            get { return k3; }
+        }
+
+        [Obsolete("Use 'Order' property instead")]
+        public BigInteger N
+        {
+            get { return m_order; }
+        }
+
+        [Obsolete("Use 'Cofactor' property instead")]
+        public BigInteger H
+        {
+            get { return m_cofactor; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ECFieldElement.cs b/bc-sharp-crypto/src/math/ec/ECFieldElement.cs
new file mode 100644
index 0000000..d0e008a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ECFieldElement.cs
@@ -0,0 +1,928 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    public abstract class ECFieldElement
+    {
+        public abstract BigInteger ToBigInteger();
+        public abstract string FieldName { get; }
+        public abstract int FieldSize { get; }
+        public abstract ECFieldElement Add(ECFieldElement b);
+        public abstract ECFieldElement AddOne();
+        public abstract ECFieldElement Subtract(ECFieldElement b);
+        public abstract ECFieldElement Multiply(ECFieldElement b);
+        public abstract ECFieldElement Divide(ECFieldElement b);
+        public abstract ECFieldElement Negate();
+        public abstract ECFieldElement Square();
+        public abstract ECFieldElement Invert();
+        public abstract ECFieldElement Sqrt();
+
+        public virtual int BitLength
+        {
+            get { return ToBigInteger().BitLength; }
+        }
+
+        public virtual bool IsOne
+        {
+            get { return BitLength == 1; }
+        }
+
+        public virtual bool IsZero
+        {
+            get { return 0 == ToBigInteger().SignValue; }
+        }
+
+        public virtual ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return Multiply(b).Subtract(x.Multiply(y));
+        }
+
+        public virtual ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return Multiply(b).Add(x.Multiply(y));
+        }
+
+        public virtual ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return Square().Subtract(x.Multiply(y));
+        }
+
+        public virtual ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return Square().Add(x.Multiply(y));
+        }
+
+        public virtual ECFieldElement SquarePow(int pow)
+        {
+            ECFieldElement r = this;
+            for (int i = 0; i < pow; ++i)
+            {
+                r = r.Square();
+            }
+            return r;
+        }
+
+        public virtual bool TestBitZero()
+        {
+            return ToBigInteger().TestBit(0);
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as ECFieldElement);
+        }
+
+        public virtual bool Equals(ECFieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return ToBigInteger().Equals(other.ToBigInteger());
+        }
+
+        public override int GetHashCode()
+        {
+            return ToBigInteger().GetHashCode();
+        }
+
+        public override string ToString()
+        {
+            return this.ToBigInteger().ToString(16);
+        }
+
+        public virtual byte[] GetEncoded()
+        {
+            return BigIntegers.AsUnsignedByteArray((FieldSize + 7) / 8, ToBigInteger());
+        }
+    }
+
+    public class FpFieldElement
+        : ECFieldElement
+    {
+        private readonly BigInteger q, r, x;
+
+        internal static BigInteger CalculateResidue(BigInteger p)
+        {
+            int bitLength = p.BitLength;
+            if (bitLength >= 96)
+            {
+                BigInteger firstWord = p.ShiftRight(bitLength - 64);
+                if (firstWord.LongValue == -1L)
+                {
+                    return BigInteger.One.ShiftLeft(bitLength).Subtract(p);
+                }
+                if ((bitLength & 7) == 0)
+                {
+                    return BigInteger.One.ShiftLeft(bitLength << 1).Divide(p).Negate();
+                }
+            }
+            return null;
+        }
+
+        [Obsolete("Use ECCurve.FromBigInteger to construct field elements")]
+        public FpFieldElement(BigInteger q, BigInteger x)
+            : this(q, CalculateResidue(q), x)
+        {
+        }
+
+        internal FpFieldElement(BigInteger q, BigInteger r, BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(q) >= 0)
+                throw new ArgumentException("value invalid in Fp field element", "x");
+
+            this.q = q;
+            this.r = r;
+            this.x = x;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return x;
+        }
+
+        /**
+         * return the field name for this field.
+         *
+         * @return the string "Fp".
+         */
+        public override string FieldName
+        {
+            get { return "Fp"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECFieldElement Add(
+            ECFieldElement b)
+        {
+            return new FpFieldElement(q, r, ModAdd(x, b.ToBigInteger()));
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            BigInteger x2 = x.Add(BigInteger.One);
+            if (x2.CompareTo(q) == 0)
+            {
+                x2 = BigInteger.Zero;
+            }
+            return new FpFieldElement(q, r, x2);
+        }
+
+        public override ECFieldElement Subtract(
+            ECFieldElement b)
+        {
+            return new FpFieldElement(q, r, ModSubtract(x, b.ToBigInteger()));
+        }
+
+        public override ECFieldElement Multiply(
+            ECFieldElement b)
+        {
+            return new FpFieldElement(q, r, ModMult(x, b.ToBigInteger()));
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, bx = b.ToBigInteger(), xx = x.ToBigInteger(), yx = y.ToBigInteger();
+            BigInteger ab = ax.Multiply(bx);
+            BigInteger xy = xx.Multiply(yx);
+            return new FpFieldElement(q, r, ModReduce(ab.Subtract(xy)));
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, bx = b.ToBigInteger(), xx = x.ToBigInteger(), yx = y.ToBigInteger();
+            BigInteger ab = ax.Multiply(bx);
+            BigInteger xy = xx.Multiply(yx);
+            BigInteger sum = ab.Add(xy);
+            if (r != null && r.SignValue < 0 && sum.BitLength > (q.BitLength << 1))
+            {
+                sum = sum.Subtract(q.ShiftLeft(q.BitLength));
+            }
+            return new FpFieldElement(q, r, ModReduce(sum));
+        }
+
+        public override ECFieldElement Divide(
+            ECFieldElement b)
+        {
+            return new FpFieldElement(q, r, ModMult(x, ModInverse(b.ToBigInteger())));
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return x.SignValue == 0 ? this : new FpFieldElement(q, r, q.Subtract(x));
+        }
+
+        public override ECFieldElement Square()
+        {
+            return new FpFieldElement(q, r, ModMult(x, x));
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, xx = x.ToBigInteger(), yx = y.ToBigInteger();
+            BigInteger aa = ax.Multiply(ax);
+            BigInteger xy = xx.Multiply(yx);
+            return new FpFieldElement(q, r, ModReduce(aa.Subtract(xy)));
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, xx = x.ToBigInteger(), yx = y.ToBigInteger();
+            BigInteger aa = ax.Multiply(ax);
+            BigInteger xy = xx.Multiply(yx);
+            BigInteger sum = aa.Add(xy);
+            if (r != null && r.SignValue < 0 && sum.BitLength > (q.BitLength << 1))
+            {
+                sum = sum.Subtract(q.ShiftLeft(q.BitLength));
+            }
+            return new FpFieldElement(q, r, ModReduce(sum));
+        }
+
+        public override ECFieldElement Invert()
+        {
+            // TODO Modular inversion can be faster for a (Generalized) Mersenne Prime.
+            return new FpFieldElement(q, r, ModInverse(x));
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation
+         * returns the right value - if none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            if (IsZero || IsOne)
+                return this;
+
+            if (!q.TestBit(0))
+                throw Platform.CreateNotImplementedException("even value of q");
+
+            if (q.TestBit(1)) // q == 4m + 3
+            {
+                BigInteger e = q.ShiftRight(2).Add(BigInteger.One);
+                return CheckSqrt(new FpFieldElement(q, r, x.ModPow(e, q)));
+            }
+
+            if (q.TestBit(2)) // q == 8m + 5
+            {
+                BigInteger t1 = x.ModPow(q.ShiftRight(3), q);
+                BigInteger t2 = ModMult(t1, x);
+                BigInteger t3 = ModMult(t2, t1);
+
+                if (t3.Equals(BigInteger.One))
+                {
+                    return CheckSqrt(new FpFieldElement(q, r, t2));
+                }
+
+                // TODO This is constant and could be precomputed
+                BigInteger t4 = BigInteger.Two.ModPow(q.ShiftRight(2), q);
+
+                BigInteger y = ModMult(t2, t4);
+
+                return CheckSqrt(new FpFieldElement(q, r, y));
+            }
+
+            // q == 8m + 1
+
+            BigInteger legendreExponent = q.ShiftRight(1);
+            if (!(x.ModPow(legendreExponent, q).Equals(BigInteger.One)))
+                return null;
+
+            BigInteger X = this.x;
+            BigInteger fourX = ModDouble(ModDouble(X)); ;
+
+            BigInteger k = legendreExponent.Add(BigInteger.One), qMinusOne = q.Subtract(BigInteger.One);
+
+            BigInteger U, V;
+            do
+            {
+                BigInteger P;
+                do
+                {
+                    P = BigInteger.Arbitrary(q.BitLength);
+                }
+                while (P.CompareTo(q) >= 0
+                    || !ModReduce(P.Multiply(P).Subtract(fourX)).ModPow(legendreExponent, q).Equals(qMinusOne));
+
+                BigInteger[] result = LucasSequence(P, X, k);
+                U = result[0];
+                V = result[1];
+
+                if (ModMult(V, V).Equals(fourX))
+                {
+                    return new FpFieldElement(q, r, ModHalfAbs(V));
+                }
+            }
+            while (U.Equals(BigInteger.One) || U.Equals(qMinusOne));
+
+            return null;
+        }
+
+        private ECFieldElement CheckSqrt(ECFieldElement z)
+        {
+            return z.Square().Equals(this) ? z : null;
+        }
+
+        private BigInteger[] LucasSequence(
+            BigInteger	P,
+            BigInteger	Q,
+            BigInteger	k)
+        {
+            // TODO Research and apply "common-multiplicand multiplication here"
+
+            int n = k.BitLength;
+            int s = k.GetLowestSetBit();
+
+            Debug.Assert(k.TestBit(s));
+
+            BigInteger Uh = BigInteger.One;
+            BigInteger Vl = BigInteger.Two;
+            BigInteger Vh = P;
+            BigInteger Ql = BigInteger.One;
+            BigInteger Qh = BigInteger.One;
+
+            for (int j = n - 1; j >= s + 1; --j)
+            {
+                Ql = ModMult(Ql, Qh);
+
+                if (k.TestBit(j))
+                {
+                    Qh = ModMult(Ql, Q);
+                    Uh = ModMult(Uh, Vh);
+                    Vl = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql)));
+                    Vh = ModReduce(Vh.Multiply(Vh).Subtract(Qh.ShiftLeft(1)));
+                }
+                else
+                {
+                    Qh = Ql;
+                    Uh = ModReduce(Uh.Multiply(Vl).Subtract(Ql));
+                    Vh = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql)));
+                    Vl = ModReduce(Vl.Multiply(Vl).Subtract(Ql.ShiftLeft(1)));
+                }
+            }
+
+            Ql = ModMult(Ql, Qh);
+            Qh = ModMult(Ql, Q);
+            Uh = ModReduce(Uh.Multiply(Vl).Subtract(Ql));
+            Vl = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql)));
+            Ql = ModMult(Ql, Qh);
+
+            for (int j = 1; j <= s; ++j)
+            {
+                Uh = ModMult(Uh, Vl);
+                Vl = ModReduce(Vl.Multiply(Vl).Subtract(Ql.ShiftLeft(1)));
+                Ql = ModMult(Ql, Ql);
+            }
+
+            return new BigInteger[] { Uh, Vl };
+        }
+
+        protected virtual BigInteger ModAdd(BigInteger x1, BigInteger x2)
+        {
+            BigInteger x3 = x1.Add(x2);
+            if (x3.CompareTo(q) >= 0)
+            {
+                x3 = x3.Subtract(q);
+            }
+            return x3;
+        }
+
+        protected virtual BigInteger ModDouble(BigInteger x)
+        {
+            BigInteger _2x = x.ShiftLeft(1);
+            if (_2x.CompareTo(q) >= 0)
+            {
+                _2x = _2x.Subtract(q);
+            }
+            return _2x;
+        }
+
+        protected virtual BigInteger ModHalf(BigInteger x)
+        {
+            if (x.TestBit(0))
+            {
+                x = q.Add(x);
+            }
+            return x.ShiftRight(1);
+        }
+
+        protected virtual BigInteger ModHalfAbs(BigInteger x)
+        {
+            if (x.TestBit(0))
+            {
+                x = q.Subtract(x);
+            }
+            return x.ShiftRight(1);
+        }
+
+        protected virtual BigInteger ModInverse(BigInteger x)
+        {
+            int bits = FieldSize;
+            int len = (bits + 31) >> 5;
+            uint[] p = Nat.FromBigInteger(bits, q);
+            uint[] n = Nat.FromBigInteger(bits, x);
+            uint[] z = Nat.Create(len);
+            Mod.Invert(p, n, z);
+            return Nat.ToBigInteger(len, z);
+        }
+
+        protected virtual BigInteger ModMult(BigInteger x1, BigInteger x2)
+        {
+            return ModReduce(x1.Multiply(x2));
+        }
+
+        protected virtual BigInteger ModReduce(BigInteger x)
+        {
+            if (r == null)
+            {
+                x = x.Mod(q);
+            }
+            else
+            {
+                bool negative = x.SignValue < 0;
+                if (negative)
+                {
+                    x = x.Abs();
+                }
+                int qLen = q.BitLength;
+                if (r.SignValue > 0)
+                {
+                    BigInteger qMod = BigInteger.One.ShiftLeft(qLen);
+                    bool rIsOne = r.Equals(BigInteger.One);
+                    while (x.BitLength > (qLen + 1))
+                    {
+                        BigInteger u = x.ShiftRight(qLen);
+                        BigInteger v = x.Remainder(qMod);
+                        if (!rIsOne)
+                        {
+                            u = u.Multiply(r);
+                        }
+                        x = u.Add(v);
+                    }
+                }
+                else
+                {
+                    int d = ((qLen - 1) & 31) + 1;
+                    BigInteger mu = r.Negate();
+                    BigInteger u = mu.Multiply(x.ShiftRight(qLen - d));
+                    BigInteger quot = u.ShiftRight(qLen + d);
+                    BigInteger v = quot.Multiply(q);
+                    BigInteger bk1 = BigInteger.One.ShiftLeft(qLen + d);
+                    v = v.Remainder(bk1);
+                    x = x.Remainder(bk1);
+                    x = x.Subtract(v);
+                    if (x.SignValue < 0)
+                    {
+                        x = x.Add(bk1);
+                    }
+                }
+                while (x.CompareTo(q) >= 0)
+                {
+                    x = x.Subtract(q);
+                }
+                if (negative && x.SignValue != 0)
+                {
+                    x = q.Subtract(x);
+                }
+            }
+            return x;
+        }
+
+        protected virtual BigInteger ModSubtract(BigInteger x1, BigInteger x2)
+        {
+            BigInteger x3 = x1.Subtract(x2);
+            if (x3.SignValue < 0)
+            {
+                x3 = x3.Add(q);
+            }
+            return x3;
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            FpFieldElement other = obj as FpFieldElement;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        public virtual bool Equals(
+            FpFieldElement other)
+        {
+            return q.Equals(other.q) && base.Equals(other);
+        }
+
+        public override int GetHashCode()
+        {
+            return q.GetHashCode() ^ base.GetHashCode();
+        }
+    }
+
+    /**
+     * Class representing the Elements of the finite field
+     * <code>F<sub>2<sup>m</sup></sub></code> in polynomial basis (PB)
+     * representation. Both trinomial (Tpb) and pentanomial (Ppb) polynomial
+     * basis representations are supported. Gaussian normal basis (GNB)
+     * representation is not supported.
+     */
+    public class F2mFieldElement
+        : ECFieldElement
+    {
+        /**
+         * Indicates gaussian normal basis representation (GNB). Number chosen
+         * according to X9.62. GNB is not implemented at present.
+         */
+        public const int Gnb = 1;
+
+        /**
+         * Indicates trinomial basis representation (Tpb). Number chosen
+         * according to X9.62.
+         */
+        public const int Tpb = 2;
+
+        /**
+         * Indicates pentanomial basis representation (Ppb). Number chosen
+         * according to X9.62.
+         */
+        public const int Ppb = 3;
+
+        /**
+         * Tpb or Ppb.
+         */
+        private int representation;
+
+        /**
+         * The exponent <code>m</code> of <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        private int m;
+
+        private int[] ks;
+
+        /**
+         * The <code>LongArray</code> holding the bits.
+         */
+        private LongArray x;
+
+        /**
+            * Constructor for Ppb.
+            * @param m  The exponent <code>m</code> of
+            * <code>F<sub>2<sup>m</sup></sub></code>.
+            * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.
+            * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.
+            * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.
+            * @param x The BigInteger representing the value of the field element.
+            */
+        public F2mFieldElement(
+            int			m,
+            int			k1,
+            int			k2,
+            int			k3,
+            BigInteger	x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > m)
+                throw new ArgumentException("value invalid in F2m field element", "x");
+
+            if ((k2 == 0) && (k3 == 0))
+            {
+                this.representation = Tpb;
+                this.ks = new int[] { k1 };
+            }
+            else
+            {
+                if (k2 >= k3)
+                    throw new ArgumentException("k2 must be smaller than k3");
+                if (k2 <= 0)
+                    throw new ArgumentException("k2 must be larger than 0");
+
+                this.representation = Ppb;
+                this.ks = new int[] { k1, k2, k3 };
+            }
+
+            this.m = m;
+            this.x = new LongArray(x);
+        }
+
+        /**
+            * Constructor for Tpb.
+            * @param m  The exponent <code>m</code> of
+            * <code>F<sub>2<sup>m</sup></sub></code>.
+            * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
+            * x<sup>k</sup> + 1</code> represents the reduction
+            * polynomial <code>f(z)</code>.
+            * @param x The BigInteger representing the value of the field element.
+            */
+        public F2mFieldElement(
+            int			m,
+            int			k,
+            BigInteger	x)
+            : this(m, k, 0, 0, x)
+        {
+            // Set k1 to k, and set k2 and k3 to 0
+        }
+
+        private F2mFieldElement(int m, int[] ks, LongArray x)
+        {
+            this.m = m;
+            this.representation = (ks.Length == 1) ? Tpb : Ppb;
+            this.ks = ks;
+            this.x = x;
+        }
+
+        public override int BitLength
+        {
+            get { return x.Degree(); }
+        }
+
+        public override bool IsOne
+        {
+            get { return x.IsOne(); }
+        }
+
+        public override bool IsZero
+        {
+            get { return x.IsZero(); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return x.TestBitZero();
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return x.ToBigInteger();
+        }
+
+        public override string FieldName
+        {
+            get { return "F2m"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return m; }
+        }
+
+        /**
+        * Checks, if the ECFieldElements <code>a</code> and <code>b</code>
+        * are elements of the same field <code>F<sub>2<sup>m</sup></sub></code>
+        * (having the same representation).
+        * @param a field element.
+        * @param b field element to be compared.
+        * @throws ArgumentException if <code>a</code> and <code>b</code>
+        * are not elements of the same field
+        * <code>F<sub>2<sup>m</sup></sub></code> (having the same
+        * representation).
+        */
+        public static void CheckFieldElements(
+            ECFieldElement	a,
+            ECFieldElement	b)
+        {
+            if (!(a is F2mFieldElement) || !(b is F2mFieldElement))
+            {
+                throw new ArgumentException("Field elements are not "
+                    + "both instances of F2mFieldElement");
+            }
+
+            F2mFieldElement aF2m = (F2mFieldElement)a;
+            F2mFieldElement bF2m = (F2mFieldElement)b;
+
+            if (aF2m.representation != bF2m.representation)
+            {
+                // Should never occur
+                throw new ArgumentException("One of the F2m field elements has incorrect representation");
+            }
+
+            if ((aF2m.m != bF2m.m) || !Arrays.AreEqual(aF2m.ks, bF2m.ks))
+            {
+                throw new ArgumentException("Field elements are not elements of the same field F2m");
+            }
+        }
+
+        public override ECFieldElement Add(
+            ECFieldElement b)
+        {
+            // No check performed here for performance reasons. Instead the
+            // elements involved are checked in ECPoint.F2m
+            // checkFieldElements(this, b);
+            LongArray iarrClone = this.x.Copy();
+            F2mFieldElement bF2m = (F2mFieldElement)b;
+            iarrClone.AddShiftedByWords(bF2m.x, 0);
+            return new F2mFieldElement(m, ks, iarrClone);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            return new F2mFieldElement(m, ks, x.AddOne());
+        }
+
+        public override ECFieldElement Subtract(
+            ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(
+            ECFieldElement b)
+        {
+            // Right-to-left comb multiplication in the LongArray
+            // Input: Binary polynomials a(z) and b(z) of degree at most m-1
+            // Output: c(z) = a(z) * b(z) mod f(z)
+
+            // No check performed here for performance reasons. Instead the
+            // elements involved are checked in ECPoint.F2m
+            // checkFieldElements(this, b);
+            return new F2mFieldElement(m, ks, x.ModMultiply(((F2mFieldElement)b).x, m, ks));
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            LongArray ax = this.x, bx = ((F2mFieldElement)b).x, xx = ((F2mFieldElement)x).x, yx = ((F2mFieldElement)y).x;
+
+            LongArray ab = ax.Multiply(bx, m, ks);
+            LongArray xy = xx.Multiply(yx, m, ks);
+
+            if (ab == ax || ab == bx)
+            {
+                ab = (LongArray)ab.Copy();
+            }
+
+            ab.AddShiftedByWords(xy, 0);
+            ab.Reduce(m, ks);
+
+            return new F2mFieldElement(m, ks, ab);
+        }
+
+        public override ECFieldElement Divide(
+            ECFieldElement b)
+        {
+            // There may be more efficient implementations
+            ECFieldElement bInv = b.Invert();
+            return Multiply(bInv);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            // -x == x holds for all x in F2m
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            return new F2mFieldElement(m, ks, x.ModSquare(m, ks));
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            LongArray ax = this.x, xx = ((F2mFieldElement)x).x, yx = ((F2mFieldElement)y).x;
+
+            LongArray aa = ax.Square(m, ks);
+            LongArray xy = xx.Multiply(yx, m, ks);
+
+            if (aa == ax)
+            {
+                aa = (LongArray)aa.Copy();
+            }
+
+            aa.AddShiftedByWords(xy, 0);
+            aa.Reduce(m, ks);
+
+            return new F2mFieldElement(m, ks, aa);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            return pow < 1 ? this : new F2mFieldElement(m, ks, x.ModSquareN(pow, m, ks));
+        }
+
+        public override ECFieldElement Invert()
+        {
+            return new F2mFieldElement(this.m, this.ks, this.x.ModInverse(m, ks));
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            return (x.IsZero() || x.IsOne()) ? this : SquarePow(m - 1);
+        }
+
+        /**
+            * @return the representation of the field
+            * <code>F<sub>2<sup>m</sup></sub></code>, either of
+            * {@link F2mFieldElement.Tpb} (trinomial
+            * basis representation) or
+            * {@link F2mFieldElement.Ppb} (pentanomial
+            * basis representation).
+            */
+        public int Representation
+        {
+            get { return this.representation; }
+        }
+
+        /**
+            * @return the degree <code>m</code> of the reduction polynomial
+            * <code>f(z)</code>.
+            */
+        public int M
+        {
+            get { return this.m; }
+        }
+
+        /**
+            * @return Tpb: The integer <code>k</code> where <code>x<sup>m</sup> +
+            * x<sup>k</sup> + 1</code> represents the reduction polynomial
+            * <code>f(z)</code>.<br/>
+            * Ppb: The integer <code>k1</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.<br/>
+            */
+        public int K1
+        {
+            get { return this.ks[0]; }
+        }
+
+        /**
+            * @return Tpb: Always returns <code>0</code><br/>
+            * Ppb: The integer <code>k2</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.<br/>
+            */
+        public int K2
+        {
+            get { return this.ks.Length >= 2 ? this.ks[1] : 0; }
+        }
+
+        /**
+            * @return Tpb: Always set to <code>0</code><br/>
+            * Ppb: The integer <code>k3</code> where <code>x<sup>m</sup> +
+            * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+            * represents the reduction polynomial <code>f(z)</code>.<br/>
+            */
+        public int K3
+        {
+            get { return this.ks.Length >= 3 ? this.ks[2] : 0; }
+        }
+
+        public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+            F2mFieldElement other = obj as F2mFieldElement;
+
+            if (other == null)
+                return false;
+
+            return Equals(other);
+        }
+
+        public virtual bool Equals(
+            F2mFieldElement other)
+        {
+            return ((this.m == other.m)
+                && (this.representation == other.representation)
+                && Arrays.AreEqual(this.ks, other.ks)
+                && (this.x.Equals(other.x)));
+        }
+
+        public override int GetHashCode()
+        {
+            return x.GetHashCode() ^ m ^ Arrays.GetHashCode(ks);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ECPoint.cs b/bc-sharp-crypto/src/math/ec/ECPoint.cs
new file mode 100644
index 0000000..a5ba515
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ECPoint.cs
@@ -0,0 +1,2064 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.Text;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    /**
+     * base class for points on elliptic curves.
+     */
+    public abstract class ECPoint
+    {
+        protected static ECFieldElement[] EMPTY_ZS = new ECFieldElement[0];
+
+        protected static ECFieldElement[] GetInitialZCoords(ECCurve curve)
+        {
+            // Cope with null curve, most commonly used by implicitlyCa
+            int coord = null == curve ? ECCurve.COORD_AFFINE : curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                case ECCurve.COORD_LAMBDA_AFFINE:
+                    return EMPTY_ZS;
+                default:
+                    break;
+            }
+
+            ECFieldElement one = curve.FromBigInteger(BigInteger.One);
+
+            switch (coord)
+            {
+                case ECCurve.COORD_HOMOGENEOUS:
+                case ECCurve.COORD_JACOBIAN:
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                    return new ECFieldElement[] { one };
+                case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                    return new ECFieldElement[] { one, one, one };
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                    return new ECFieldElement[] { one, curve.A };
+                default:
+                    throw new ArgumentException("unknown coordinate system");
+            }
+        }
+
+        protected internal readonly ECCurve m_curve;
+        protected internal readonly ECFieldElement m_x, m_y;
+        protected internal readonly ECFieldElement[] m_zs;
+        protected internal readonly bool m_withCompression;
+
+        // Dictionary is (string -> PreCompInfo)
+        protected internal IDictionary m_preCompTable = null;
+
+        protected ECPoint(ECCurve curve, ECFieldElement	x, ECFieldElement y, bool withCompression)
+            : this(curve, x, y, GetInitialZCoords(curve), withCompression)
+        {
+        }
+
+        internal ECPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            this.m_curve = curve;
+            this.m_x = x;
+            this.m_y = y;
+            this.m_zs = zs;
+            this.m_withCompression = withCompression;
+        }
+
+        protected internal bool SatisfiesCofactor()
+        {
+            BigInteger h = Curve.Cofactor;
+            return h == null || h.Equals(BigInteger.One) || !ECAlgorithms.ReferenceMultiply(this, h).IsInfinity;
+        }
+
+        protected abstract bool SatisfiesCurveEquation();
+
+        public ECPoint GetDetachedPoint()
+        {
+            return Normalize().Detach();
+        }
+
+        public virtual ECCurve Curve
+        {
+            get { return m_curve; }
+        }
+
+        protected abstract ECPoint Detach();
+
+        protected virtual int CurveCoordinateSystem
+        {
+            get
+            {
+                // Cope with null curve, most commonly used by implicitlyCa
+                return null == m_curve ? ECCurve.COORD_AFFINE : m_curve.CoordinateSystem;
+            }
+        }
+
+        /**
+         * Normalizes this point, and then returns the affine x-coordinate.
+         * 
+         * Note: normalization can be expensive, this method is deprecated in favour
+         * of caller-controlled normalization.
+         */
+        [Obsolete("Use AffineXCoord, or Normalize() and XCoord, instead")]
+        public virtual ECFieldElement X
+        {
+            get { return Normalize().XCoord; }
+        }
+
+        /**
+         * Normalizes this point, and then returns the affine y-coordinate.
+         * 
+         * Note: normalization can be expensive, this method is deprecated in favour
+         * of caller-controlled normalization.
+         */
+        [Obsolete("Use AffineYCoord, or Normalize() and YCoord, instead")]
+        public virtual ECFieldElement Y
+        {
+            get { return Normalize().YCoord; }
+        }
+
+        /**
+         * Returns the affine x-coordinate after checking that this point is normalized.
+         * 
+         * @return The affine x-coordinate of this point
+         * @throws IllegalStateException if the point is not normalized
+         */
+        public virtual ECFieldElement AffineXCoord
+        {
+            get
+            {
+                CheckNormalized();
+                return XCoord;
+            }
+        }
+
+        /**
+         * Returns the affine y-coordinate after checking that this point is normalized
+         * 
+         * @return The affine y-coordinate of this point
+         * @throws IllegalStateException if the point is not normalized
+         */
+        public virtual ECFieldElement AffineYCoord
+        {
+            get
+            {
+                CheckNormalized();
+                return YCoord;
+            }
+        }
+
+        /**
+         * Returns the x-coordinate.
+         * 
+         * Caution: depending on the curve's coordinate system, this may not be the same value as in an
+         * affine coordinate system; use Normalize() to get a point where the coordinates have their
+         * affine values, or use AffineXCoord if you expect the point to already have been normalized.
+         * 
+         * @return the x-coordinate of this point
+         */
+        public virtual ECFieldElement XCoord
+        {
+            get { return m_x; }
+        }
+
+        /**
+         * Returns the y-coordinate.
+         * 
+         * Caution: depending on the curve's coordinate system, this may not be the same value as in an
+         * affine coordinate system; use Normalize() to get a point where the coordinates have their
+         * affine values, or use AffineYCoord if you expect the point to already have been normalized.
+         * 
+         * @return the y-coordinate of this point
+         */
+        public virtual ECFieldElement YCoord
+        {
+            get { return m_y; }
+        }
+
+        public virtual ECFieldElement GetZCoord(int index)
+        {
+            return (index < 0 || index >= m_zs.Length) ? null : m_zs[index];
+        }
+
+        public virtual ECFieldElement[] GetZCoords()
+        {
+            int zsLen = m_zs.Length;
+            if (zsLen == 0)
+            {
+                return m_zs;
+            }
+            ECFieldElement[] copy = new ECFieldElement[zsLen];
+            Array.Copy(m_zs, 0, copy, 0, zsLen);
+            return copy;
+        }
+
+        protected internal ECFieldElement RawXCoord
+        {
+            get { return m_x; }
+        }
+
+        protected internal ECFieldElement RawYCoord
+        {
+            get { return m_y; }
+        }
+
+        protected internal ECFieldElement[] RawZCoords
+        {
+            get { return m_zs; }
+        }
+
+        protected virtual void CheckNormalized()
+        {
+            if (!IsNormalized())
+                throw new InvalidOperationException("point not in normal form");
+        }
+
+        public virtual bool IsNormalized()
+        {
+            int coord = this.CurveCoordinateSystem;
+
+            return coord == ECCurve.COORD_AFFINE
+                || coord == ECCurve.COORD_LAMBDA_AFFINE
+                || IsInfinity
+                || RawZCoords[0].IsOne;
+        }
+
+        /**
+         * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+         * coordinates reflect those of the equivalent point in an affine coordinate system.
+         * 
+         * @return a new ECPoint instance representing the same point, but with normalized coordinates
+         */
+        public virtual ECPoint Normalize()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            switch (this.CurveCoordinateSystem)
+            {
+                case ECCurve.COORD_AFFINE:
+                case ECCurve.COORD_LAMBDA_AFFINE:
+                {
+                    return this;
+                }
+                default:
+                {
+                    ECFieldElement Z1 = RawZCoords[0];
+                    if (Z1.IsOne)
+                    {
+                        return this;
+                    }
+
+                    return Normalize(Z1.Invert());
+                }
+            }
+        }
+
+        internal virtual ECPoint Normalize(ECFieldElement zInv)
+        {
+            switch (this.CurveCoordinateSystem)
+            {
+                case ECCurve.COORD_HOMOGENEOUS:
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                {
+                    return CreateScaledPoint(zInv, zInv);
+                }
+                case ECCurve.COORD_JACOBIAN:
+                case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                {
+                    ECFieldElement zInv2 = zInv.Square(), zInv3 = zInv2.Multiply(zInv);
+                    return CreateScaledPoint(zInv2, zInv3);
+                }
+                default:
+                {
+                    throw new InvalidOperationException("not a projective coordinate system");
+                }
+            }
+        }
+
+        protected virtual ECPoint CreateScaledPoint(ECFieldElement sx, ECFieldElement sy)
+        {
+            return Curve.CreateRawPoint(RawXCoord.Multiply(sx), RawYCoord.Multiply(sy), IsCompressed);
+        }
+
+        public bool IsInfinity
+        {
+            get { return m_x == null && m_y == null; }
+        }
+
+        public bool IsCompressed
+        {
+            get { return m_withCompression; }
+        }
+
+        public bool IsValid()
+        {
+            if (IsInfinity)
+                return true;
+
+            // TODO Sanity-check the field elements
+
+            ECCurve curve = Curve;
+            if (curve != null)
+            {
+                if (!SatisfiesCurveEquation())
+                    return false;
+
+                if (!SatisfiesCofactor())
+                    return false;
+            }
+
+            return true;
+        }
+
+        public virtual ECPoint ScaleX(ECFieldElement scale)
+        {
+            return IsInfinity
+                ? this
+                : Curve.CreateRawPoint(RawXCoord.Multiply(scale), RawYCoord, RawZCoords, IsCompressed);
+        }
+
+        public virtual ECPoint ScaleY(ECFieldElement scale)
+        {
+            return IsInfinity
+                ? this
+                : Curve.CreateRawPoint(RawXCoord, RawYCoord.Multiply(scale), RawZCoords, IsCompressed);
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as ECPoint);
+        }
+
+        public virtual bool Equals(ECPoint other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+
+            ECCurve c1 = this.Curve, c2 = other.Curve;
+            bool n1 = (null == c1), n2 = (null == c2);
+            bool i1 = IsInfinity, i2 = other.IsInfinity;
+
+            if (i1 || i2)
+            {
+                return (i1 && i2) && (n1 || n2 || c1.Equals(c2));
+            }
+
+            ECPoint p1 = this, p2 = other;
+            if (n1 && n2)
+            {
+                // Points with null curve are in affine form, so already normalized
+            }
+            else if (n1)
+            {
+                p2 = p2.Normalize();
+            }
+            else if (n2)
+            {
+                p1 = p1.Normalize();
+            }
+            else if (!c1.Equals(c2))
+            {
+                return false;
+            }
+            else
+            {
+                // TODO Consider just requiring already normalized, to avoid silent performance degradation
+
+                ECPoint[] points = new ECPoint[] { this, c1.ImportPoint(p2) };
+
+                // TODO This is a little strong, really only requires coZNormalizeAll to get Zs equal
+                c1.NormalizeAll(points);
+
+                p1 = points[0];
+                p2 = points[1];
+            }
+
+            return p1.XCoord.Equals(p2.XCoord) && p1.YCoord.Equals(p2.YCoord);
+        }
+
+        public override int GetHashCode()
+        {
+            ECCurve c = this.Curve;
+            int hc = (null == c) ? 0 : ~c.GetHashCode();
+
+            if (!this.IsInfinity)
+            {
+                // TODO Consider just requiring already normalized, to avoid silent performance degradation
+
+                ECPoint p = Normalize();
+
+                hc ^= p.XCoord.GetHashCode() * 17;
+                hc ^= p.YCoord.GetHashCode() * 257;
+            }
+
+            return hc;
+        }
+
+        public override string ToString()
+        {
+            if (this.IsInfinity)
+            {
+                return "INF";
+            }
+
+            StringBuilder sb = new StringBuilder();
+            sb.Append('(');
+            sb.Append(RawXCoord);
+            sb.Append(',');
+            sb.Append(RawYCoord);
+            for (int i = 0; i < m_zs.Length; ++i)
+            {
+                sb.Append(',');
+                sb.Append(m_zs[i]);
+            }
+            sb.Append(')');
+            return sb.ToString();
+        }
+
+        public virtual byte[] GetEncoded()
+        {
+            return GetEncoded(m_withCompression);
+        }
+
+        public abstract byte[] GetEncoded(bool compressed);
+
+        protected internal abstract bool CompressionYTilde { get; }
+
+        public abstract ECPoint Add(ECPoint b);
+        public abstract ECPoint Subtract(ECPoint b);
+        public abstract ECPoint Negate();
+
+        public virtual ECPoint TimesPow2(int e)
+        {
+            if (e < 0)
+                throw new ArgumentException("cannot be negative", "e");
+
+            ECPoint p = this;
+            while (--e >= 0)
+            {
+                p = p.Twice();
+            }
+            return p;
+        }
+
+        public abstract ECPoint Twice();
+        public abstract ECPoint Multiply(BigInteger b);
+
+        public virtual ECPoint TwicePlus(ECPoint b)
+        {
+            return Twice().Add(b);
+        }
+
+        public virtual ECPoint ThreeTimes()
+        {
+            return TwicePlus(this);
+        }
+    }
+
+    public abstract class ECPointBase
+        : ECPoint
+    {
+        protected internal ECPointBase(
+            ECCurve			curve,
+            ECFieldElement	x,
+            ECFieldElement	y,
+            bool			withCompression)
+            : base(curve, x, y, withCompression)
+        {
+        }
+
+        protected internal ECPointBase(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        /**
+         * return the field element encoded with point compression. (S 4.3.6)
+         */
+        public override byte[] GetEncoded(bool compressed)
+        {
+            if (this.IsInfinity)
+            {
+                return new byte[1];
+            }
+
+            ECPoint normed = Normalize();
+
+            byte[] X = normed.XCoord.GetEncoded();
+
+            if (compressed)
+            {
+                byte[] PO = new byte[X.Length + 1];
+                PO[0] = (byte)(normed.CompressionYTilde ? 0x03 : 0x02);
+                Array.Copy(X, 0, PO, 1, X.Length);
+                return PO;
+            }
+
+            byte[] Y = normed.YCoord.GetEncoded();
+
+            {
+                byte[] PO = new byte[X.Length + Y.Length + 1];
+                PO[0] = 0x04;
+                Array.Copy(X, 0, PO, 1, X.Length);
+                Array.Copy(Y, 0, PO, X.Length + 1, Y.Length);
+                return PO;
+            }
+        }
+
+        /**
+         * Multiplies this <code>ECPoint</code> by the given number.
+         * @param k The multiplicator.
+         * @return <code>k * this</code>.
+         */
+        public override ECPoint Multiply(BigInteger k)
+        {
+            return this.Curve.GetMultiplier().Multiply(this, k);
+        }
+    }
+
+    public abstract class AbstractFpPoint
+        : ECPointBase
+    {
+        protected AbstractFpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+        }
+
+        protected AbstractFpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get { return this.AffineYCoord.TestBitZero(); }
+        }
+
+        protected override bool SatisfiesCurveEquation()
+        {
+            ECFieldElement X = this.RawXCoord, Y = this.RawYCoord, A = Curve.A, B = Curve.B;
+            ECFieldElement lhs = Y.Square();
+
+            switch (CurveCoordinateSystem)
+            {
+            case ECCurve.COORD_AFFINE:
+                break;
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Z = this.RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    ECFieldElement Z2 = Z.Square(), Z3 = Z.Multiply(Z2);
+                    lhs = lhs.Multiply(Z);
+                    A = A.Multiply(Z2);
+                    B = B.Multiply(Z3);
+                }
+                break;
+            }
+            case ECCurve.COORD_JACOBIAN:
+            case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                ECFieldElement Z = this.RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    ECFieldElement Z2 = Z.Square(), Z4 = Z2.Square(), Z6 = Z2.Multiply(Z4);
+                    A = A.Multiply(Z4);
+                    B = B.Multiply(Z6);
+                }
+                break;
+            }
+            default:
+                throw new InvalidOperationException("unsupported coordinate system");
+            }
+
+            ECFieldElement rhs = X.Square().Add(A).Multiply(X).Add(B);
+            return lhs.Equals(rhs);
+        }
+
+        public override ECPoint Subtract(ECPoint b)
+        {
+            if (b.IsInfinity)
+                return this;
+
+            // Add -b
+            return Add(b.Negate());
+        }
+    }
+
+    /**
+     * Elliptic curve points over Fp
+     */
+    public class FpPoint
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes without point compression.
+         *
+         * @param curve the curve to use
+         * @param x affine x co-ordinate
+         * @param y affine y co-ordinate
+         */
+        public FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compression.
+         *
+         * @param curve the curve to use
+         * @param x affine x co-ordinate
+         * @param y affine y co-ordinate
+         * @param withCompression if true encode with point compression
+         */
+        public FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new FpPoint(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement GetZCoord(int index)
+        {
+            if (index == 1 && ECCurve.COORD_JACOBIAN_MODIFIED == this.CurveCoordinateSystem)
+            {
+                return GetJacobianModifiedW();
+            }
+
+            return base.GetZCoord(index);
+        }
+
+        // B.3 pg 62
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement X1 = this.RawXCoord, Y1 = this.RawYCoord;
+            ECFieldElement X2 = b.RawXCoord, Y2 = b.RawYCoord;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement dx = X2.Subtract(X1), dy = Y2.Subtract(Y1);
+
+                    if (dx.IsZero)
+                    {
+                        if (dy.IsZero)
+                        {
+                            // this == b, i.e. this must be doubled
+                            return Twice();
+                        }
+
+                        // this == -b, i.e. the result is the point at infinity
+                        return Curve.Infinity;
+                    }
+
+                    ECFieldElement gamma = dy.Divide(dx);
+                    ECFieldElement X3 = gamma.Square().Subtract(X1).Subtract(X2);
+                    ECFieldElement Y3 = gamma.Multiply(X1.Subtract(X3)).Subtract(Y1);
+
+                    return new FpPoint(Curve, X3, Y3, IsCompressed);
+                }
+
+                case ECCurve.COORD_HOMOGENEOUS:
+                {
+                    ECFieldElement Z1 = this.RawZCoords[0];
+                    ECFieldElement Z2 = b.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+                    bool Z2IsOne = Z2.IsOne;
+
+                    ECFieldElement u1 = Z1IsOne ? Y2 : Y2.Multiply(Z1);
+                    ECFieldElement u2 = Z2IsOne ? Y1 : Y1.Multiply(Z2);
+                    ECFieldElement u = u1.Subtract(u2);
+                    ECFieldElement v1 = Z1IsOne ? X2 : X2.Multiply(Z1);
+                    ECFieldElement v2 = Z2IsOne ? X1 : X1.Multiply(Z2);
+                    ECFieldElement v = v1.Subtract(v2);
+
+                    // Check if b == this or b == -this
+                    if (v.IsZero)
+                    {
+                        if (u.IsZero)
+                        {
+                            // this == b, i.e. this must be doubled
+                            return this.Twice();
+                        }
+
+                        // this == -b, i.e. the result is the point at infinity
+                        return curve.Infinity;
+                    }
+
+                    // TODO Optimize for when w == 1
+                    ECFieldElement w = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.Multiply(Z2);
+                    ECFieldElement vSquared = v.Square();
+                    ECFieldElement vCubed = vSquared.Multiply(v);
+                    ECFieldElement vSquaredV2 = vSquared.Multiply(v2);
+                    ECFieldElement A = u.Square().Multiply(w).Subtract(vCubed).Subtract(Two(vSquaredV2));
+
+                    ECFieldElement X3 = v.Multiply(A);
+                    ECFieldElement Y3 = vSquaredV2.Subtract(A).MultiplyMinusProduct(u, u2, vCubed);
+                    ECFieldElement Z3 = vCubed.Multiply(w);
+
+                    return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+
+                case ECCurve.COORD_JACOBIAN:
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                {
+                    ECFieldElement Z1 = this.RawZCoords[0];
+                    ECFieldElement Z2 = b.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+
+                    ECFieldElement X3, Y3, Z3, Z3Squared = null;
+
+                    if (!Z1IsOne && Z1.Equals(Z2))
+                    {
+                        // TODO Make this available as public method coZAdd?
+
+                        ECFieldElement dx = X1.Subtract(X2), dy = Y1.Subtract(Y2);
+                        if (dx.IsZero)
+                        {
+                            if (dy.IsZero)
+                            {
+                                return Twice();
+                            }
+                            return curve.Infinity;
+                        }
+
+                        ECFieldElement C = dx.Square();
+                        ECFieldElement W1 = X1.Multiply(C), W2 = X2.Multiply(C);
+                        ECFieldElement A1 = W1.Subtract(W2).Multiply(Y1);
+
+                        X3 = dy.Square().Subtract(W1).Subtract(W2);
+                        Y3 = W1.Subtract(X3).Multiply(dy).Subtract(A1);
+                        Z3 = dx;
+
+                        if (Z1IsOne)
+                        {
+                            Z3Squared = C;
+                        }
+                        else
+                        {
+                            Z3 = Z3.Multiply(Z1);
+                        }
+                    }
+                    else
+                    {
+                        ECFieldElement Z1Squared, U2, S2;
+                        if (Z1IsOne)
+                        {
+                            Z1Squared = Z1; U2 = X2; S2 = Y2;
+                        }
+                        else
+                        {
+                            Z1Squared = Z1.Square();
+                            U2 = Z1Squared.Multiply(X2);
+                            ECFieldElement Z1Cubed = Z1Squared.Multiply(Z1);
+                            S2 = Z1Cubed.Multiply(Y2);
+                        }
+
+                        bool Z2IsOne = Z2.IsOne;
+                        ECFieldElement Z2Squared, U1, S1;
+                        if (Z2IsOne)
+                        {
+                            Z2Squared = Z2; U1 = X1; S1 = Y1;
+                        }
+                        else
+                        {
+                            Z2Squared = Z2.Square();
+                            U1 = Z2Squared.Multiply(X1);
+                            ECFieldElement Z2Cubed = Z2Squared.Multiply(Z2);
+                            S1 = Z2Cubed.Multiply(Y1);
+                        }
+
+                        ECFieldElement H = U1.Subtract(U2);
+                        ECFieldElement R = S1.Subtract(S2);
+
+                        // Check if b == this or b == -this
+                        if (H.IsZero)
+                        {
+                            if (R.IsZero)
+                            {
+                                // this == b, i.e. this must be doubled
+                                return this.Twice();
+                            }
+
+                            // this == -b, i.e. the result is the point at infinity
+                            return curve.Infinity;
+                        }
+
+                        ECFieldElement HSquared = H.Square();
+                        ECFieldElement G = HSquared.Multiply(H);
+                        ECFieldElement V = HSquared.Multiply(U1);
+
+                        X3 = R.Square().Add(G).Subtract(Two(V));
+                        Y3 = V.Subtract(X3).MultiplyMinusProduct(R, G, S1);
+
+                        Z3 = H;
+                        if (!Z1IsOne)
+                        {
+                            Z3 = Z3.Multiply(Z1);
+                        }
+                        if (!Z2IsOne)
+                        {
+                            Z3 = Z3.Multiply(Z2);
+                        }
+
+                        // Alternative calculation of Z3 using fast square
+                        //X3 = four(X3);
+                        //Y3 = eight(Y3);
+                        //Z3 = doubleProductFromSquares(Z1, Z2, Z1Squared, Z2Squared).Multiply(H);
+
+                        if (Z3 == H)
+                        {
+                            Z3Squared = HSquared;
+                        }
+                    }
+
+                    ECFieldElement[] zs;
+                    if (coord == ECCurve.COORD_JACOBIAN_MODIFIED)
+                    {
+                        // TODO If the result will only be used in a subsequent addition, we don't need W3
+                        ECFieldElement W3 = CalculateJacobianModifiedW(Z3, Z3Squared);
+
+                        zs = new ECFieldElement[] { Z3, W3 };
+                    }
+                    else
+                    {
+                        zs = new ECFieldElement[] { Z3 };
+                    }
+
+                    return new FpPoint(curve, X3, Y3, zs, IsCompressed);
+                }
+
+                default:
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+            }
+        }
+
+        // B.3 pg 62
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero) 
+                return curve.Infinity;
+
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement X1 = this.RawXCoord;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement X1Squared = X1.Square();
+                    ECFieldElement gamma = Three(X1Squared).Add(this.Curve.A).Divide(Two(Y1));
+                    ECFieldElement X3 = gamma.Square().Subtract(Two(X1));
+                    ECFieldElement Y3 = gamma.Multiply(X1.Subtract(X3)).Subtract(Y1);
+
+                    return new FpPoint(Curve, X3, Y3, IsCompressed);
+                }
+
+                case ECCurve.COORD_HOMOGENEOUS:
+                {
+                    ECFieldElement Z1 = this.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+
+                    // TODO Optimize for small negative a4 and -3
+                    ECFieldElement w = curve.A;
+                    if (!w.IsZero && !Z1IsOne)
+                    {
+                        w = w.Multiply(Z1.Square());
+                    }
+                    w = w.Add(Three(X1.Square()));
+
+                    ECFieldElement s = Z1IsOne ? Y1 : Y1.Multiply(Z1);
+                    ECFieldElement t = Z1IsOne ? Y1.Square() : s.Multiply(Y1);
+                    ECFieldElement B = X1.Multiply(t);
+                    ECFieldElement _4B = Four(B);
+                    ECFieldElement h = w.Square().Subtract(Two(_4B));
+
+                    ECFieldElement _2s = Two(s);
+                    ECFieldElement X3 = h.Multiply(_2s);
+                    ECFieldElement _2t = Two(t);
+                    ECFieldElement Y3 = _4B.Subtract(h).Multiply(w).Subtract(Two(_2t.Square()));
+                    ECFieldElement _4sSquared = Z1IsOne ? Two(_2t) : _2s.Square();
+                    ECFieldElement Z3 = Two(_4sSquared).Multiply(s);
+
+                    return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+
+                case ECCurve.COORD_JACOBIAN:
+                {
+                    ECFieldElement Z1 = this.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+
+                    ECFieldElement Y1Squared = Y1.Square();
+                    ECFieldElement T = Y1Squared.Square();
+
+                    ECFieldElement a4 = curve.A;
+                    ECFieldElement a4Neg = a4.Negate();
+
+                    ECFieldElement M, S;
+                    if (a4Neg.ToBigInteger().Equals(BigInteger.ValueOf(3)))
+                    {
+                        ECFieldElement Z1Squared = Z1IsOne ? Z1 : Z1.Square();
+                        M = Three(X1.Add(Z1Squared).Multiply(X1.Subtract(Z1Squared)));
+                        S = Four(Y1Squared.Multiply(X1));
+                    }
+                    else
+                    {
+                        ECFieldElement X1Squared = X1.Square();
+                        M = Three(X1Squared);
+                        if (Z1IsOne)
+                        {
+                            M = M.Add(a4);
+                        }
+                        else if (!a4.IsZero)
+                        {
+                            ECFieldElement Z1Squared = Z1IsOne ? Z1 : Z1.Square();
+                            ECFieldElement Z1Pow4 = Z1Squared.Square();
+                            if (a4Neg.BitLength < a4.BitLength)
+                            {
+                                M = M.Subtract(Z1Pow4.Multiply(a4Neg));
+                            }
+                            else
+                            {
+                                M = M.Add(Z1Pow4.Multiply(a4));
+                            }
+                        }
+                        //S = two(doubleProductFromSquares(X1, Y1Squared, X1Squared, T));
+                        S = Four(X1.Multiply(Y1Squared));
+                    }
+
+                    ECFieldElement X3 = M.Square().Subtract(Two(S));
+                    ECFieldElement Y3 = S.Subtract(X3).Multiply(M).Subtract(Eight(T));
+
+                    ECFieldElement Z3 = Two(Y1);
+                    if (!Z1IsOne)
+                    {
+                        Z3 = Z3.Multiply(Z1);
+                    }
+
+                    // Alternative calculation of Z3 using fast square
+                    //ECFieldElement Z3 = doubleProductFromSquares(Y1, Z1, Y1Squared, Z1Squared);
+
+                    return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                {
+                    return TwiceJacobianModified(true);
+                }
+
+                default:
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+            }
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement X1 = this.RawXCoord;
+                    ECFieldElement X2 = b.RawXCoord, Y2 = b.RawYCoord;
+
+                    ECFieldElement dx = X2.Subtract(X1), dy = Y2.Subtract(Y1);
+
+                    if (dx.IsZero)
+                    {
+                        if (dy.IsZero)
+                        {
+                            // this == b i.e. the result is 3P
+                            return ThreeTimes();
+                        }
+
+                        // this == -b, i.e. the result is P
+                        return this;
+                    }
+
+                    /*
+                     * Optimized calculation of 2P + Q, as described in "Trading Inversions for
+                     * Multiplications in Elliptic Curve Cryptography", by Ciet, Joye, Lauter, Montgomery.
+                     */
+
+                    ECFieldElement X = dx.Square(), Y = dy.Square();
+                    ECFieldElement d = X.Multiply(Two(X1).Add(X2)).Subtract(Y);
+                    if (d.IsZero)
+                    {
+                        return Curve.Infinity;
+                    }
+
+                    ECFieldElement D = d.Multiply(dx);
+                    ECFieldElement I = D.Invert();
+                    ECFieldElement L1 = d.Multiply(I).Multiply(dy);
+                    ECFieldElement L2 = Two(Y1).Multiply(X).Multiply(dx).Multiply(I).Subtract(L1);
+                    ECFieldElement X4 = (L2.Subtract(L1)).Multiply(L1.Add(L2)).Add(X2);
+                    ECFieldElement Y4 = (X1.Subtract(X4)).Multiply(L2).Subtract(Y1);
+
+                    return new FpPoint(Curve, X4, Y4, IsCompressed);
+                }
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                {
+                    return TwiceJacobianModified(false).Add(b);
+                }
+                default:
+                {
+                    return Twice().Add(b);
+                }
+            }
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return this;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement X1 = this.RawXCoord;
+
+                    ECFieldElement _2Y1 = Two(Y1);
+                    ECFieldElement X = _2Y1.Square();
+                    ECFieldElement Z = Three(X1.Square()).Add(Curve.A);
+                    ECFieldElement Y = Z.Square();
+
+                    ECFieldElement d = Three(X1).Multiply(X).Subtract(Y);
+                    if (d.IsZero)
+                    {
+                        return Curve.Infinity;
+                    }
+
+                    ECFieldElement D = d.Multiply(_2Y1);
+                    ECFieldElement I = D.Invert();
+                    ECFieldElement L1 = d.Multiply(I).Multiply(Z);
+                    ECFieldElement L2 = X.Square().Multiply(I).Subtract(L1);
+
+                    ECFieldElement X4 = (L2.Subtract(L1)).Multiply(L1.Add(L2)).Add(X1);
+                    ECFieldElement Y4 = (X1.Subtract(X4)).Multiply(L2).Subtract(Y1);
+                    return new FpPoint(Curve, X4, Y4, IsCompressed);
+                }
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                {
+                    return TwiceJacobianModified(false).Add(this);
+                }
+                default:
+                {
+                    // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+                    return Twice().Add(this);
+                }
+            }
+        }
+
+        public override ECPoint TimesPow2(int e)
+        {
+            if (e < 0)
+                throw new ArgumentException("cannot be negative", "e");
+            if (e == 0 || this.IsInfinity)
+                return this;
+            if (e == 1)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero) 
+                return curve.Infinity;
+
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement W1 = curve.A;
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement Z1 = this.RawZCoords.Length < 1 ? curve.FromBigInteger(BigInteger.One) : this.RawZCoords[0];
+
+            if (!Z1.IsOne)
+            {
+                switch (coord)
+                {
+                case ECCurve.COORD_HOMOGENEOUS:
+                    ECFieldElement Z1Sq = Z1.Square();
+                    X1 = X1.Multiply(Z1);
+                    Y1 = Y1.Multiply(Z1Sq);
+                    W1 = CalculateJacobianModifiedW(Z1, Z1Sq);
+                    break;
+                case ECCurve.COORD_JACOBIAN:
+                    W1 = CalculateJacobianModifiedW(Z1, null);
+                    break;
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                    W1 = GetJacobianModifiedW();
+                    break;
+                }
+            }
+
+            for (int i = 0; i < e; ++i)
+            {
+                if (Y1.IsZero) 
+                    return curve.Infinity;
+
+                ECFieldElement X1Squared = X1.Square();
+                ECFieldElement M = Three(X1Squared);
+                ECFieldElement _2Y1 = Two(Y1);
+                ECFieldElement _2Y1Squared = _2Y1.Multiply(Y1);
+                ECFieldElement S = Two(X1.Multiply(_2Y1Squared));
+                ECFieldElement _4T = _2Y1Squared.Square();
+                ECFieldElement _8T = Two(_4T);
+
+                if (!W1.IsZero)
+                {
+                    M = M.Add(W1);
+                    W1 = Two(_8T.Multiply(W1));
+                }
+
+                X1 = M.Square().Subtract(Two(S));
+                Y1 = M.Multiply(S.Subtract(X1)).Subtract(_8T);
+                Z1 = Z1.IsOne ? _2Y1 : _2Y1.Multiply(Z1);
+            }
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+                ECFieldElement zInv = Z1.Invert(), zInv2 = zInv.Square(), zInv3 = zInv2.Multiply(zInv);
+                return new FpPoint(curve, X1.Multiply(zInv2), Y1.Multiply(zInv3), IsCompressed);
+            case ECCurve.COORD_HOMOGENEOUS:
+                X1 = X1.Multiply(Z1);
+                Z1 = Z1.Multiply(Z1.Square());
+                return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1 }, IsCompressed);
+            case ECCurve.COORD_JACOBIAN:
+                return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1 }, IsCompressed);
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+                return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1, W1 }, IsCompressed);
+            default:
+                throw new InvalidOperationException("unsupported coordinate system");
+            }
+        }
+
+        protected virtual ECFieldElement Two(ECFieldElement x)
+        {
+            return x.Add(x);
+        }
+
+        protected virtual ECFieldElement Three(ECFieldElement x)
+        {
+            return Two(x).Add(x);
+        }
+
+        protected virtual ECFieldElement Four(ECFieldElement x)
+        {
+            return Two(Two(x));
+        }
+
+        protected virtual ECFieldElement Eight(ECFieldElement x)
+        {
+            return Four(Two(x));
+        }
+
+        protected virtual ECFieldElement DoubleProductFromSquares(ECFieldElement a, ECFieldElement b,
+            ECFieldElement aSquared, ECFieldElement bSquared)
+        {
+            /*
+             * NOTE: If squaring in the field is faster than multiplication, then this is a quicker
+             * way to calculate 2.A.B, if A^2 and B^2 are already known.
+             */
+            return a.Add(b).Square().Subtract(aSquared).Subtract(bSquared);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            ECCurve curve = Curve;
+            int coord = curve.CoordinateSystem;
+
+            if (ECCurve.COORD_AFFINE != coord)
+            {
+                return new FpPoint(curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+            }
+
+            return new FpPoint(curve, RawXCoord, RawYCoord.Negate(), IsCompressed);
+        }
+
+        protected virtual ECFieldElement CalculateJacobianModifiedW(ECFieldElement Z, ECFieldElement ZSquared)
+        {
+            ECFieldElement a4 = this.Curve.A;
+            if (a4.IsZero || Z.IsOne)
+                return a4;
+
+            if (ZSquared == null)
+            {
+                ZSquared = Z.Square();
+            }
+
+            ECFieldElement W = ZSquared.Square();
+            ECFieldElement a4Neg = a4.Negate();
+            if (a4Neg.BitLength < a4.BitLength)
+            {
+                W = W.Multiply(a4Neg).Negate();
+            }
+            else
+            {
+                W = W.Multiply(a4);
+            }
+            return W;
+        }
+
+        protected virtual ECFieldElement GetJacobianModifiedW()
+        {
+            ECFieldElement[] ZZ = this.RawZCoords;
+            ECFieldElement W = ZZ[1];
+            if (W == null)
+            {
+                // NOTE: Rarely, TwicePlus will result in the need for a lazy W1 calculation here
+                ZZ[1] = W = CalculateJacobianModifiedW(ZZ[0], null);
+            }
+            return W;
+        }
+
+        protected virtual FpPoint TwiceJacobianModified(bool calculateW)
+        {
+            ECFieldElement X1 = this.RawXCoord, Y1 = this.RawYCoord, Z1 = this.RawZCoords[0], W1 = GetJacobianModifiedW();
+
+            ECFieldElement X1Squared = X1.Square();
+            ECFieldElement M = Three(X1Squared).Add(W1);
+            ECFieldElement _2Y1 = Two(Y1);
+            ECFieldElement _2Y1Squared = _2Y1.Multiply(Y1);
+            ECFieldElement S = Two(X1.Multiply(_2Y1Squared));
+            ECFieldElement X3 = M.Square().Subtract(Two(S));
+            ECFieldElement _4T = _2Y1Squared.Square();
+            ECFieldElement _8T = Two(_4T);
+            ECFieldElement Y3 = M.Multiply(S.Subtract(X3)).Subtract(_8T);
+            ECFieldElement W3 = calculateW ? Two(_8T.Multiply(W1)) : null;
+            ECFieldElement Z3 = Z1.IsOne ? _2Y1 : _2Y1.Multiply(Z1);
+
+            return new FpPoint(this.Curve, X3, Y3, new ECFieldElement[] { Z3, W3 }, IsCompressed);
+        }
+    }
+
+    public abstract class AbstractF2mPoint 
+        : ECPointBase
+    {
+        protected AbstractF2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+        }
+
+        protected AbstractF2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override bool SatisfiesCurveEquation()
+        {
+            ECCurve curve = Curve;
+            ECFieldElement X = this.RawXCoord, Y = this.RawYCoord, A = curve.A, B = curve.B;
+            ECFieldElement lhs, rhs;
+
+            int coord = curve.CoordinateSystem;
+            if (coord == ECCurve.COORD_LAMBDA_PROJECTIVE)
+            {
+                ECFieldElement Z = this.RawZCoords[0];
+                bool ZIsOne = Z.IsOne;
+
+                if (X.IsZero)
+                {
+                    // NOTE: For x == 0, we expect the affine-y instead of the lambda-y 
+                    lhs = Y.Square();
+                    rhs = B;
+                    if (!ZIsOne)
+                    {
+                        ECFieldElement Z2 = Z.Square();
+                        rhs = rhs.Multiply(Z2);
+                    }
+                }
+                else
+                {
+                    ECFieldElement L = Y, X2 = X.Square();
+                    if (ZIsOne)
+                    {
+                        lhs = L.Square().Add(L).Add(A);
+                        rhs = X2.Square().Add(B);
+                    }
+                    else
+                    {
+                        ECFieldElement Z2 = Z.Square(), Z4 = Z2.Square();
+                        lhs = L.Add(Z).MultiplyPlusProduct(L, A, Z2);
+                        // TODO If sqrt(b) is precomputed this can be simplified to a single square
+                        rhs = X2.SquarePlusProduct(B, Z4);
+                    }
+                    lhs = lhs.Multiply(X2);
+                }
+            }
+            else
+            {
+                lhs = Y.Add(X).Multiply(Y);
+
+                switch (coord)
+                {
+                    case ECCurve.COORD_AFFINE:
+                        break;
+                    case ECCurve.COORD_HOMOGENEOUS:
+                        {
+                            ECFieldElement Z = this.RawZCoords[0];
+                            if (!Z.IsOne)
+                            {
+                                ECFieldElement Z2 = Z.Square(), Z3 = Z.Multiply(Z2);
+                                lhs = lhs.Multiply(Z);
+                                A = A.Multiply(Z);
+                                B = B.Multiply(Z3);
+                            }
+                            break;
+                        }
+                    default:
+                        throw new InvalidOperationException("unsupported coordinate system");
+                }
+
+                rhs = X.Add(A).Multiply(X.Square()).Add(B);
+            }
+
+            return lhs.Equals(rhs);
+        }
+
+        public override ECPoint ScaleX(ECFieldElement scale)
+        {
+            if (this.IsInfinity)
+                return this;
+
+            switch (CurveCoordinateSystem)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                ECFieldElement X2 = X.Multiply(scale);
+                ECFieldElement L2 = L.Add(X).Divide(scale).Add(X2);
+
+                return Curve.CreateRawPoint(X, L2, RawZCoords, IsCompressed);
+            }
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement X = RawXCoord, L = RawYCoord, Z = RawZCoords[0];
+
+                // We scale the Z coordinate also, to avoid an inversion
+                ECFieldElement X2 = X.Multiply(scale.Square());
+                ECFieldElement L2 = L.Add(X).Add(X2);
+                ECFieldElement Z2 = Z.Multiply(scale);
+
+                return Curve.CreateRawPoint(X, L2, new ECFieldElement[] { Z2 }, IsCompressed);
+            }
+            default:
+            {
+                return base.ScaleX(scale);
+            }
+            }
+        }
+
+        public override ECPoint ScaleY(ECFieldElement scale)
+        {
+            if (this.IsInfinity)
+                return this;
+
+            switch (CurveCoordinateSystem)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement L2 = L.Add(X).Multiply(scale).Add(X);
+
+                return Curve.CreateRawPoint(X, L2, RawZCoords, IsCompressed);
+            }
+            default:
+            {
+                return base.ScaleY(scale);
+            }
+            }
+        }
+
+        public override ECPoint Subtract(ECPoint b)
+        {
+            if (b.IsInfinity)
+                return this;
+
+            // Add -b
+            return Add(b.Negate());
+        }
+
+        public virtual AbstractF2mPoint Tau()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement X1 = this.RawXCoord;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                ECFieldElement Y1 = this.RawYCoord;
+                return (AbstractF2mPoint)curve.CreateRawPoint(X1.Square(), Y1.Square(), IsCompressed);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+                return (AbstractF2mPoint)curve.CreateRawPoint(X1.Square(), Y1.Square(),
+                    new ECFieldElement[] { Z1.Square() }, IsCompressed);
+            }
+            default:
+            {
+                throw new InvalidOperationException("unsupported coordinate system");
+            }
+            }
+        }
+
+        public virtual AbstractF2mPoint TauPow(int pow)
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement X1 = this.RawXCoord;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                ECFieldElement Y1 = this.RawYCoord;
+                return (AbstractF2mPoint)curve.CreateRawPoint(X1.SquarePow(pow), Y1.SquarePow(pow), IsCompressed);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+                return (AbstractF2mPoint)curve.CreateRawPoint(X1.SquarePow(pow), Y1.SquarePow(pow),
+                    new ECFieldElement[] { Z1.SquarePow(pow) }, IsCompressed);
+            }
+            default:
+            {
+                throw new InvalidOperationException("unsupported coordinate system");
+            }
+            }
+        }
+    }
+
+    /**
+     * Elliptic curve points over F2m
+     */
+    public class F2mPoint
+        : AbstractF2mPoint
+    {
+        /**
+         * @param curve base curve
+         * @param x x point
+         * @param y y point
+         */
+        public F2mPoint(
+            ECCurve			curve,
+            ECFieldElement	x,
+            ECFieldElement	y)
+            :  this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @param curve base curve
+         * @param x x point
+         * @param y y point
+         * @param withCompression true if encode with point compression.
+         */
+        public F2mPoint(
+            ECCurve			curve,
+            ECFieldElement	x,
+            ECFieldElement	y,
+            bool			withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+            {
+                throw new ArgumentException("Exactly one of the field elements is null");
+            }
+
+            if (x != null)
+            {
+                // Check if x and y are elements of the same field
+                F2mFieldElement.CheckFieldElements(x, y);
+
+                // Check if x and a are elements of the same field
+                if (curve != null)
+                {
+                    F2mFieldElement.CheckFieldElements(x, curve.A);
+                }
+            }
+        }
+
+        internal F2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        /**
+         * Constructor for point at infinity
+         */
+        [Obsolete("Use ECCurve.Infinity property")]
+        public F2mPoint(
+            ECCurve curve)
+            : this(curve, null, null)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new F2mPoint(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                int coord = this.CurveCoordinateSystem;
+
+                switch (coord)
+                {
+                    case ECCurve.COORD_LAMBDA_AFFINE:
+                    case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                    {
+                        ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                        if (this.IsInfinity || X.IsZero)
+                            return L;
+
+                        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                        ECFieldElement Y = L.Add(X).Multiply(X);
+                        if (ECCurve.COORD_LAMBDA_PROJECTIVE == coord)
+                        {
+                            ECFieldElement Z = RawZCoords[0];
+                            if (!Z.IsOne)
+                            {
+                                Y = Y.Divide(Z);
+                            }
+                        }
+                        return Y;
+                    }
+                    default:
+                    {
+                        return RawYCoord;
+                    }
+                }
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                {
+                    return false;
+                }
+
+                ECFieldElement Y = this.RawYCoord;
+
+                switch (this.CurveCoordinateSystem)
+                {
+                    case ECCurve.COORD_LAMBDA_AFFINE:
+                    case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                    {
+                        // Y is actually Lambda (X + Y/X) here
+                        return Y.TestBitZero() != X.TestBitZero();
+                    }
+                    default:
+                    {
+                        return Y.Divide(X).TestBitZero();
+                    }
+                }
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement Y1 = this.RawYCoord;
+                    ECFieldElement Y2 = b.RawYCoord;
+
+                    ECFieldElement dx = X1.Add(X2), dy = Y1.Add(Y2);
+                    if (dx.IsZero)
+                    {
+                        if (dy.IsZero)
+                        {
+                            return Twice();
+                        }
+
+                        return curve.Infinity;
+                    }
+
+                    ECFieldElement L = dy.Divide(dx);
+
+                    ECFieldElement X3 = L.Square().Add(L).Add(dx).Add(curve.A);
+                    ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+
+                    return new F2mPoint(curve, X3, Y3, IsCompressed);
+                }
+                case ECCurve.COORD_HOMOGENEOUS:
+                {
+                    ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+                    ECFieldElement Y2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+                    ECFieldElement U1 = Y2, V1 = X2;
+                    if (!Z1IsOne)
+                    {
+                        U1 = U1.Multiply(Z1);
+                        V1 = V1.Multiply(Z1);
+                    }
+
+                    bool Z2IsOne = Z2.IsOne;
+                    ECFieldElement U2 = Y1, V2 = X1;
+                    if (!Z2IsOne)
+                    {
+                        U2 = U2.Multiply(Z2);
+                        V2 = V2.Multiply(Z2);
+                    }
+
+                    ECFieldElement U = U1.Add(U2);
+                    ECFieldElement V = V1.Add(V2);
+
+                    if (V.IsZero)
+                    {
+                        if (U.IsZero)
+                        {
+                            return Twice();
+                        }
+
+                        return curve.Infinity;
+                    }
+
+                    ECFieldElement VSq = V.Square();
+                    ECFieldElement VCu = VSq.Multiply(V);
+                    ECFieldElement W = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.Multiply(Z2);
+                    ECFieldElement uv = U.Add(V);
+                    ECFieldElement A = uv.MultiplyPlusProduct(U, VSq, curve.A).Multiply(W).Add(VCu);
+
+                    ECFieldElement X3 = V.Multiply(A);
+                    ECFieldElement VSqZ2 = Z2IsOne ? VSq : VSq.Multiply(Z2);
+                    ECFieldElement Y3 = U.MultiplyPlusProduct(X1, V, Y1).MultiplyPlusProduct(VSqZ2, uv, A);
+                    ECFieldElement Z3 = VCu.Multiply(W);
+
+                    return new F2mPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                {
+                    if (X1.IsZero)
+                    {
+                        if (X2.IsZero)
+                            return curve.Infinity;
+
+                        return b.Add(this);
+                    }
+
+                    ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+                    ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+                    ECFieldElement U2 = X2, S2 = L2;
+                    if (!Z1IsOne)
+                    {
+                        U2 = U2.Multiply(Z1);
+                        S2 = S2.Multiply(Z1);
+                    }
+
+                    bool Z2IsOne = Z2.IsOne;
+                    ECFieldElement U1 = X1, S1 = L1;
+                    if (!Z2IsOne)
+                    {
+                        U1 = U1.Multiply(Z2);
+                        S1 = S1.Multiply(Z2);
+                    }
+
+                    ECFieldElement A = S1.Add(S2);
+                    ECFieldElement B = U1.Add(U2);
+
+                    if (B.IsZero)
+                    {
+                        if (A.IsZero)
+                        {
+                            return Twice();
+                        }
+
+                        return curve.Infinity;
+                    }
+
+                    ECFieldElement X3, L3, Z3;
+                    if (X2.IsZero)
+                    {
+                        // TODO This can probably be optimized quite a bit
+                        ECPoint p = this.Normalize();
+                        X1 = p.RawXCoord;
+                        ECFieldElement Y1 = p.YCoord;
+
+                        ECFieldElement Y2 = L2;
+                        ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                        X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                        if (X3.IsZero)
+                        {
+                            return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed);
+                        }
+
+                        ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                        L3 = Y3.Divide(X3).Add(X3);
+                        Z3 = curve.FromBigInteger(BigInteger.One);
+                    }
+                    else
+                    {
+                        B = B.Square();
+
+                        ECFieldElement AU1 = A.Multiply(U1);
+                        ECFieldElement AU2 = A.Multiply(U2);
+
+                        X3 = AU1.Multiply(AU2);
+                        if (X3.IsZero)
+                        {
+                            return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed);
+                        }
+
+                        ECFieldElement ABZ2 = A.Multiply(B);
+                        if (!Z2IsOne)
+                        {
+                            ABZ2 = ABZ2.Multiply(Z2);
+                        }
+
+                        L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                        Z3 = ABZ2;
+                        if (!Z1IsOne)
+                        {
+                            Z3 = Z3.Multiply(Z1);
+                        }
+                    }
+
+                    return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+                default:
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+            }
+        }
+
+        /* (non-Javadoc)
+         * @see Org.BouncyCastle.Math.EC.ECPoint#twice()
+         */
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own additive inverse
+                return curve.Infinity;
+            }
+
+            int coord = curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement Y1 = this.RawYCoord;
+
+                    ECFieldElement L1 = Y1.Divide(X1).Add(X1);
+
+                    ECFieldElement X3 = L1.Square().Add(L1).Add(curve.A);
+                    ECFieldElement Y3 = X1.SquarePlusProduct(X3, L1.AddOne());
+
+                    return new F2mPoint(curve, X3, Y3, IsCompressed);
+                }
+                case ECCurve.COORD_HOMOGENEOUS:
+                {
+                    ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+                    ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+                    ECFieldElement Y1Z1 = Z1IsOne ? Y1 : Y1.Multiply(Z1);
+
+                    ECFieldElement X1Sq = X1.Square();
+                    ECFieldElement S = X1Sq.Add(Y1Z1);
+                    ECFieldElement V = X1Z1;
+                    ECFieldElement vSquared = V.Square();
+                    ECFieldElement sv = S.Add(V);
+                    ECFieldElement h = sv.MultiplyPlusProduct(S, vSquared, curve.A);
+
+                    ECFieldElement X3 = V.Multiply(h);
+                    ECFieldElement Y3 = X1Sq.Square().MultiplyPlusProduct(V, h, sv);
+                    ECFieldElement Z3 = V.Multiply(vSquared);
+
+                    return new F2mPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                {
+                    ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+                    bool Z1IsOne = Z1.IsOne;
+                    ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+                    ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+                    ECFieldElement a = curve.A;
+                    ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+                    ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+                    if (T.IsZero)
+                    {
+                        return new F2mPoint(curve, T, curve.B.Sqrt(), IsCompressed);
+                    }
+
+                    ECFieldElement X3 = T.Square();
+                    ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+                    ECFieldElement b = curve.B;
+                    ECFieldElement L3;
+                    if (b.BitLength < (curve.FieldSize >> 1))
+                    {
+                        ECFieldElement t1 = L1.Add(X1).Square();
+                        ECFieldElement t2;
+                        if (b.IsOne)
+                        {
+                            t2 = aZ1Sq.Add(Z1Sq).Square();
+                        }
+                        else
+                        {
+                            // TODO Can be calculated with one square if we pre-compute sqrt(b)
+                            t2 = aZ1Sq.SquarePlusProduct(b, Z1Sq.Square());
+                        }
+                        L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3);
+                        if (a.IsZero)
+                        {
+                            L3 = L3.Add(Z3);
+                        }
+                        else if (!a.IsOne)
+                        {
+                            L3 = L3.Add(a.AddOne().Multiply(Z3));
+                        }
+                    }
+                    else
+                    {
+                        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+                        L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+                    }
+
+                    return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+                default:
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+            }
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own additive inverse
+                return b;
+            }
+
+            int coord = curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                {
+                    // NOTE: twicePlus() only optimized for lambda-affine argument
+                    ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+                    if (X2.IsZero || !Z2.IsOne)
+                    {
+                        return Twice().Add(b);
+                    }
+
+                    ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+                    ECFieldElement L2 = b.RawYCoord;
+
+                    ECFieldElement X1Sq = X1.Square();
+                    ECFieldElement L1Sq = L1.Square();
+                    ECFieldElement Z1Sq = Z1.Square();
+                    ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+                    ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+                    ECFieldElement L2plus1 = L2.AddOne();
+                    ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+                    ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+                    ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+                    if (B.IsZero)
+                    {
+                        if (A.IsZero)
+                        {
+                            return b.Twice();
+                        }
+
+                        return curve.Infinity;
+                    }
+
+                    if (A.IsZero)
+                    {
+                        return new F2mPoint(curve, A, curve.B.Sqrt(), IsCompressed);
+                    }
+
+                    ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+                    ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+                    ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+                    return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+                }
+                default:
+                {
+                    return Twice().Add(b);
+                }
+            }
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            ECCurve curve = this.Curve;
+            int coord = curve.CoordinateSystem;
+
+            switch (coord)
+            {
+                case ECCurve.COORD_AFFINE:
+                {
+                    ECFieldElement Y = this.RawYCoord;
+                    return new F2mPoint(curve, X, Y.Add(X), IsCompressed);
+                }
+                case ECCurve.COORD_HOMOGENEOUS:
+                {
+                    ECFieldElement Y = this.RawYCoord, Z = this.RawZCoords[0];
+                    return new F2mPoint(curve, X, Y.Add(X), new ECFieldElement[] { Z }, IsCompressed);
+                }
+                case ECCurve.COORD_LAMBDA_AFFINE:
+                {
+                    ECFieldElement L = this.RawYCoord;
+                    return new F2mPoint(curve, X, L.AddOne(), IsCompressed);
+                }
+                case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                {
+                    // L is actually Lambda (X + Y/X) here
+                    ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+                    return new F2mPoint(curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+                }
+                default:
+                {
+                    throw new InvalidOperationException("unsupported coordinate system");
+                }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ECPointMap.cs b/bc-sharp-crypto/src/math/ec/ECPointMap.cs
new file mode 100644
index 0000000..e78c800
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ECPointMap.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    public interface ECPointMap
+    {
+        ECPoint Map(ECPoint p);
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/LongArray.cs b/bc-sharp-crypto/src/math/ec/LongArray.cs
new file mode 100644
index 0000000..84462e0
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/LongArray.cs
@@ -0,0 +1,2201 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    internal class LongArray
+    {
+        //private static long DEInterleave_MASK = 0x5555555555555555L;
+
+        /*
+         * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits.
+         * In a binary field, this operation is the same as squaring an 8 bit number.
+         */
+        private static readonly ushort[] INTERLEAVE2_TABLE = new ushort[]
+        {
+            0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015,
+            0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055,
+            0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115,
+            0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155,
+            0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415,
+            0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455,
+            0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515,
+            0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555,
+            0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015,
+            0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055,
+            0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115,
+            0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155,
+            0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415,
+            0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455,
+            0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515,
+            0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555,
+            0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015,
+            0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055,
+            0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115,
+            0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155,
+            0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415,
+            0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455,
+            0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515,
+            0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555,
+            0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015,
+            0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055,
+            0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115,
+            0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155,
+            0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415,
+            0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455,
+            0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515,
+            0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555
+        };
+
+        /*
+         * This expands 7 bit indices into 21 bit contents (high bit 18), by inserting 0s between bits.
+         */
+        private static readonly int[] INTERLEAVE3_TABLE = new  int[]
+        {
+            0x00000, 0x00001, 0x00008, 0x00009, 0x00040, 0x00041, 0x00048, 0x00049,
+            0x00200, 0x00201, 0x00208, 0x00209, 0x00240, 0x00241, 0x00248, 0x00249,
+            0x01000, 0x01001, 0x01008, 0x01009, 0x01040, 0x01041, 0x01048, 0x01049,
+            0x01200, 0x01201, 0x01208, 0x01209, 0x01240, 0x01241, 0x01248, 0x01249,
+            0x08000, 0x08001, 0x08008, 0x08009, 0x08040, 0x08041, 0x08048, 0x08049,
+            0x08200, 0x08201, 0x08208, 0x08209, 0x08240, 0x08241, 0x08248, 0x08249,
+            0x09000, 0x09001, 0x09008, 0x09009, 0x09040, 0x09041, 0x09048, 0x09049,
+            0x09200, 0x09201, 0x09208, 0x09209, 0x09240, 0x09241, 0x09248, 0x09249,
+            0x40000, 0x40001, 0x40008, 0x40009, 0x40040, 0x40041, 0x40048, 0x40049,
+            0x40200, 0x40201, 0x40208, 0x40209, 0x40240, 0x40241, 0x40248, 0x40249,
+            0x41000, 0x41001, 0x41008, 0x41009, 0x41040, 0x41041, 0x41048, 0x41049,
+            0x41200, 0x41201, 0x41208, 0x41209, 0x41240, 0x41241, 0x41248, 0x41249,
+            0x48000, 0x48001, 0x48008, 0x48009, 0x48040, 0x48041, 0x48048, 0x48049,
+            0x48200, 0x48201, 0x48208, 0x48209, 0x48240, 0x48241, 0x48248, 0x48249,
+            0x49000, 0x49001, 0x49008, 0x49009, 0x49040, 0x49041, 0x49048, 0x49049,
+            0x49200, 0x49201, 0x49208, 0x49209, 0x49240, 0x49241, 0x49248, 0x49249
+        };
+
+        /*
+         * This expands 8 bit indices into 32 bit contents (high bit 28), by inserting 0s between bits.
+         */
+        private static readonly int[] INTERLEAVE4_TABLE = new int[]
+        {
+            0x00000000, 0x00000001, 0x00000010, 0x00000011, 0x00000100, 0x00000101, 0x00000110, 0x00000111,
+            0x00001000, 0x00001001, 0x00001010, 0x00001011, 0x00001100, 0x00001101, 0x00001110, 0x00001111,
+            0x00010000, 0x00010001, 0x00010010, 0x00010011, 0x00010100, 0x00010101, 0x00010110, 0x00010111,
+            0x00011000, 0x00011001, 0x00011010, 0x00011011, 0x00011100, 0x00011101, 0x00011110, 0x00011111,
+            0x00100000, 0x00100001, 0x00100010, 0x00100011, 0x00100100, 0x00100101, 0x00100110, 0x00100111,
+            0x00101000, 0x00101001, 0x00101010, 0x00101011, 0x00101100, 0x00101101, 0x00101110, 0x00101111,
+            0x00110000, 0x00110001, 0x00110010, 0x00110011, 0x00110100, 0x00110101, 0x00110110, 0x00110111,
+            0x00111000, 0x00111001, 0x00111010, 0x00111011, 0x00111100, 0x00111101, 0x00111110, 0x00111111,
+            0x01000000, 0x01000001, 0x01000010, 0x01000011, 0x01000100, 0x01000101, 0x01000110, 0x01000111,
+            0x01001000, 0x01001001, 0x01001010, 0x01001011, 0x01001100, 0x01001101, 0x01001110, 0x01001111,
+            0x01010000, 0x01010001, 0x01010010, 0x01010011, 0x01010100, 0x01010101, 0x01010110, 0x01010111,
+            0x01011000, 0x01011001, 0x01011010, 0x01011011, 0x01011100, 0x01011101, 0x01011110, 0x01011111,
+            0x01100000, 0x01100001, 0x01100010, 0x01100011, 0x01100100, 0x01100101, 0x01100110, 0x01100111,
+            0x01101000, 0x01101001, 0x01101010, 0x01101011, 0x01101100, 0x01101101, 0x01101110, 0x01101111,
+            0x01110000, 0x01110001, 0x01110010, 0x01110011, 0x01110100, 0x01110101, 0x01110110, 0x01110111,
+            0x01111000, 0x01111001, 0x01111010, 0x01111011, 0x01111100, 0x01111101, 0x01111110, 0x01111111,
+            0x10000000, 0x10000001, 0x10000010, 0x10000011, 0x10000100, 0x10000101, 0x10000110, 0x10000111,
+            0x10001000, 0x10001001, 0x10001010, 0x10001011, 0x10001100, 0x10001101, 0x10001110, 0x10001111,
+            0x10010000, 0x10010001, 0x10010010, 0x10010011, 0x10010100, 0x10010101, 0x10010110, 0x10010111,
+            0x10011000, 0x10011001, 0x10011010, 0x10011011, 0x10011100, 0x10011101, 0x10011110, 0x10011111,
+            0x10100000, 0x10100001, 0x10100010, 0x10100011, 0x10100100, 0x10100101, 0x10100110, 0x10100111,
+            0x10101000, 0x10101001, 0x10101010, 0x10101011, 0x10101100, 0x10101101, 0x10101110, 0x10101111,
+            0x10110000, 0x10110001, 0x10110010, 0x10110011, 0x10110100, 0x10110101, 0x10110110, 0x10110111,
+            0x10111000, 0x10111001, 0x10111010, 0x10111011, 0x10111100, 0x10111101, 0x10111110, 0x10111111,
+            0x11000000, 0x11000001, 0x11000010, 0x11000011, 0x11000100, 0x11000101, 0x11000110, 0x11000111,
+            0x11001000, 0x11001001, 0x11001010, 0x11001011, 0x11001100, 0x11001101, 0x11001110, 0x11001111,
+            0x11010000, 0x11010001, 0x11010010, 0x11010011, 0x11010100, 0x11010101, 0x11010110, 0x11010111,
+            0x11011000, 0x11011001, 0x11011010, 0x11011011, 0x11011100, 0x11011101, 0x11011110, 0x11011111,
+            0x11100000, 0x11100001, 0x11100010, 0x11100011, 0x11100100, 0x11100101, 0x11100110, 0x11100111,
+            0x11101000, 0x11101001, 0x11101010, 0x11101011, 0x11101100, 0x11101101, 0x11101110, 0x11101111,
+            0x11110000, 0x11110001, 0x11110010, 0x11110011, 0x11110100, 0x11110101, 0x11110110, 0x11110111,
+            0x11111000, 0x11111001, 0x11111010, 0x11111011, 0x11111100, 0x11111101, 0x11111110, 0x11111111
+        };
+
+        /*
+         * This expands 7 bit indices into 35 bit contents (high bit 30), by inserting 0s between bits.
+         */
+        private static readonly int[] INTERLEAVE5_TABLE = new int[] {
+            0x00000000, 0x00000001, 0x00000020, 0x00000021, 0x00000400, 0x00000401, 0x00000420, 0x00000421,
+            0x00008000, 0x00008001, 0x00008020, 0x00008021, 0x00008400, 0x00008401, 0x00008420, 0x00008421,
+            0x00100000, 0x00100001, 0x00100020, 0x00100021, 0x00100400, 0x00100401, 0x00100420, 0x00100421,
+            0x00108000, 0x00108001, 0x00108020, 0x00108021, 0x00108400, 0x00108401, 0x00108420, 0x00108421,
+            0x02000000, 0x02000001, 0x02000020, 0x02000021, 0x02000400, 0x02000401, 0x02000420, 0x02000421,
+            0x02008000, 0x02008001, 0x02008020, 0x02008021, 0x02008400, 0x02008401, 0x02008420, 0x02008421,
+            0x02100000, 0x02100001, 0x02100020, 0x02100021, 0x02100400, 0x02100401, 0x02100420, 0x02100421,
+            0x02108000, 0x02108001, 0x02108020, 0x02108021, 0x02108400, 0x02108401, 0x02108420, 0x02108421,
+            0x40000000, 0x40000001, 0x40000020, 0x40000021, 0x40000400, 0x40000401, 0x40000420, 0x40000421,
+            0x40008000, 0x40008001, 0x40008020, 0x40008021, 0x40008400, 0x40008401, 0x40008420, 0x40008421,
+            0x40100000, 0x40100001, 0x40100020, 0x40100021, 0x40100400, 0x40100401, 0x40100420, 0x40100421,
+            0x40108000, 0x40108001, 0x40108020, 0x40108021, 0x40108400, 0x40108401, 0x40108420, 0x40108421,
+            0x42000000, 0x42000001, 0x42000020, 0x42000021, 0x42000400, 0x42000401, 0x42000420, 0x42000421,
+            0x42008000, 0x42008001, 0x42008020, 0x42008021, 0x42008400, 0x42008401, 0x42008420, 0x42008421,
+            0x42100000, 0x42100001, 0x42100020, 0x42100021, 0x42100400, 0x42100401, 0x42100420, 0x42100421,
+            0x42108000, 0x42108001, 0x42108020, 0x42108021, 0x42108400, 0x42108401, 0x42108420, 0x42108421
+        };
+
+        /*
+         * This expands 9 bit indices into 63 bit (long) contents (high bit 56), by inserting 0s between bits.
+         */
+        private static readonly long[] INTERLEAVE7_TABLE = new long[]
+        {
+            0x0000000000000000L, 0x0000000000000001L, 0x0000000000000080L, 0x0000000000000081L,
+            0x0000000000004000L, 0x0000000000004001L, 0x0000000000004080L, 0x0000000000004081L,
+            0x0000000000200000L, 0x0000000000200001L, 0x0000000000200080L, 0x0000000000200081L,
+            0x0000000000204000L, 0x0000000000204001L, 0x0000000000204080L, 0x0000000000204081L,
+            0x0000000010000000L, 0x0000000010000001L, 0x0000000010000080L, 0x0000000010000081L,
+            0x0000000010004000L, 0x0000000010004001L, 0x0000000010004080L, 0x0000000010004081L,
+            0x0000000010200000L, 0x0000000010200001L, 0x0000000010200080L, 0x0000000010200081L,
+            0x0000000010204000L, 0x0000000010204001L, 0x0000000010204080L, 0x0000000010204081L,
+            0x0000000800000000L, 0x0000000800000001L, 0x0000000800000080L, 0x0000000800000081L,
+            0x0000000800004000L, 0x0000000800004001L, 0x0000000800004080L, 0x0000000800004081L,
+            0x0000000800200000L, 0x0000000800200001L, 0x0000000800200080L, 0x0000000800200081L,
+            0x0000000800204000L, 0x0000000800204001L, 0x0000000800204080L, 0x0000000800204081L,
+            0x0000000810000000L, 0x0000000810000001L, 0x0000000810000080L, 0x0000000810000081L,
+            0x0000000810004000L, 0x0000000810004001L, 0x0000000810004080L, 0x0000000810004081L,
+            0x0000000810200000L, 0x0000000810200001L, 0x0000000810200080L, 0x0000000810200081L,
+            0x0000000810204000L, 0x0000000810204001L, 0x0000000810204080L, 0x0000000810204081L,
+            0x0000040000000000L, 0x0000040000000001L, 0x0000040000000080L, 0x0000040000000081L,
+            0x0000040000004000L, 0x0000040000004001L, 0x0000040000004080L, 0x0000040000004081L,
+            0x0000040000200000L, 0x0000040000200001L, 0x0000040000200080L, 0x0000040000200081L,
+            0x0000040000204000L, 0x0000040000204001L, 0x0000040000204080L, 0x0000040000204081L,
+            0x0000040010000000L, 0x0000040010000001L, 0x0000040010000080L, 0x0000040010000081L,
+            0x0000040010004000L, 0x0000040010004001L, 0x0000040010004080L, 0x0000040010004081L,
+            0x0000040010200000L, 0x0000040010200001L, 0x0000040010200080L, 0x0000040010200081L,
+            0x0000040010204000L, 0x0000040010204001L, 0x0000040010204080L, 0x0000040010204081L,
+            0x0000040800000000L, 0x0000040800000001L, 0x0000040800000080L, 0x0000040800000081L,
+            0x0000040800004000L, 0x0000040800004001L, 0x0000040800004080L, 0x0000040800004081L,
+            0x0000040800200000L, 0x0000040800200001L, 0x0000040800200080L, 0x0000040800200081L,
+            0x0000040800204000L, 0x0000040800204001L, 0x0000040800204080L, 0x0000040800204081L,
+            0x0000040810000000L, 0x0000040810000001L, 0x0000040810000080L, 0x0000040810000081L,
+            0x0000040810004000L, 0x0000040810004001L, 0x0000040810004080L, 0x0000040810004081L,
+            0x0000040810200000L, 0x0000040810200001L, 0x0000040810200080L, 0x0000040810200081L,
+            0x0000040810204000L, 0x0000040810204001L, 0x0000040810204080L, 0x0000040810204081L,
+            0x0002000000000000L, 0x0002000000000001L, 0x0002000000000080L, 0x0002000000000081L,
+            0x0002000000004000L, 0x0002000000004001L, 0x0002000000004080L, 0x0002000000004081L,
+            0x0002000000200000L, 0x0002000000200001L, 0x0002000000200080L, 0x0002000000200081L,
+            0x0002000000204000L, 0x0002000000204001L, 0x0002000000204080L, 0x0002000000204081L,
+            0x0002000010000000L, 0x0002000010000001L, 0x0002000010000080L, 0x0002000010000081L,
+            0x0002000010004000L, 0x0002000010004001L, 0x0002000010004080L, 0x0002000010004081L,
+            0x0002000010200000L, 0x0002000010200001L, 0x0002000010200080L, 0x0002000010200081L,
+            0x0002000010204000L, 0x0002000010204001L, 0x0002000010204080L, 0x0002000010204081L,
+            0x0002000800000000L, 0x0002000800000001L, 0x0002000800000080L, 0x0002000800000081L,
+            0x0002000800004000L, 0x0002000800004001L, 0x0002000800004080L, 0x0002000800004081L,
+            0x0002000800200000L, 0x0002000800200001L, 0x0002000800200080L, 0x0002000800200081L,
+            0x0002000800204000L, 0x0002000800204001L, 0x0002000800204080L, 0x0002000800204081L,
+            0x0002000810000000L, 0x0002000810000001L, 0x0002000810000080L, 0x0002000810000081L,
+            0x0002000810004000L, 0x0002000810004001L, 0x0002000810004080L, 0x0002000810004081L,
+            0x0002000810200000L, 0x0002000810200001L, 0x0002000810200080L, 0x0002000810200081L,
+            0x0002000810204000L, 0x0002000810204001L, 0x0002000810204080L, 0x0002000810204081L,
+            0x0002040000000000L, 0x0002040000000001L, 0x0002040000000080L, 0x0002040000000081L,
+            0x0002040000004000L, 0x0002040000004001L, 0x0002040000004080L, 0x0002040000004081L,
+            0x0002040000200000L, 0x0002040000200001L, 0x0002040000200080L, 0x0002040000200081L,
+            0x0002040000204000L, 0x0002040000204001L, 0x0002040000204080L, 0x0002040000204081L,
+            0x0002040010000000L, 0x0002040010000001L, 0x0002040010000080L, 0x0002040010000081L,
+            0x0002040010004000L, 0x0002040010004001L, 0x0002040010004080L, 0x0002040010004081L,
+            0x0002040010200000L, 0x0002040010200001L, 0x0002040010200080L, 0x0002040010200081L,
+            0x0002040010204000L, 0x0002040010204001L, 0x0002040010204080L, 0x0002040010204081L,
+            0x0002040800000000L, 0x0002040800000001L, 0x0002040800000080L, 0x0002040800000081L,
+            0x0002040800004000L, 0x0002040800004001L, 0x0002040800004080L, 0x0002040800004081L,
+            0x0002040800200000L, 0x0002040800200001L, 0x0002040800200080L, 0x0002040800200081L,
+            0x0002040800204000L, 0x0002040800204001L, 0x0002040800204080L, 0x0002040800204081L,
+            0x0002040810000000L, 0x0002040810000001L, 0x0002040810000080L, 0x0002040810000081L,
+            0x0002040810004000L, 0x0002040810004001L, 0x0002040810004080L, 0x0002040810004081L,
+            0x0002040810200000L, 0x0002040810200001L, 0x0002040810200080L, 0x0002040810200081L,
+            0x0002040810204000L, 0x0002040810204001L, 0x0002040810204080L, 0x0002040810204081L,
+            0x0100000000000000L, 0x0100000000000001L, 0x0100000000000080L, 0x0100000000000081L,
+            0x0100000000004000L, 0x0100000000004001L, 0x0100000000004080L, 0x0100000000004081L,
+            0x0100000000200000L, 0x0100000000200001L, 0x0100000000200080L, 0x0100000000200081L,
+            0x0100000000204000L, 0x0100000000204001L, 0x0100000000204080L, 0x0100000000204081L,
+            0x0100000010000000L, 0x0100000010000001L, 0x0100000010000080L, 0x0100000010000081L,
+            0x0100000010004000L, 0x0100000010004001L, 0x0100000010004080L, 0x0100000010004081L,
+            0x0100000010200000L, 0x0100000010200001L, 0x0100000010200080L, 0x0100000010200081L,
+            0x0100000010204000L, 0x0100000010204001L, 0x0100000010204080L, 0x0100000010204081L,
+            0x0100000800000000L, 0x0100000800000001L, 0x0100000800000080L, 0x0100000800000081L,
+            0x0100000800004000L, 0x0100000800004001L, 0x0100000800004080L, 0x0100000800004081L,
+            0x0100000800200000L, 0x0100000800200001L, 0x0100000800200080L, 0x0100000800200081L,
+            0x0100000800204000L, 0x0100000800204001L, 0x0100000800204080L, 0x0100000800204081L,
+            0x0100000810000000L, 0x0100000810000001L, 0x0100000810000080L, 0x0100000810000081L,
+            0x0100000810004000L, 0x0100000810004001L, 0x0100000810004080L, 0x0100000810004081L,
+            0x0100000810200000L, 0x0100000810200001L, 0x0100000810200080L, 0x0100000810200081L,
+            0x0100000810204000L, 0x0100000810204001L, 0x0100000810204080L, 0x0100000810204081L,
+            0x0100040000000000L, 0x0100040000000001L, 0x0100040000000080L, 0x0100040000000081L,
+            0x0100040000004000L, 0x0100040000004001L, 0x0100040000004080L, 0x0100040000004081L,
+            0x0100040000200000L, 0x0100040000200001L, 0x0100040000200080L, 0x0100040000200081L,
+            0x0100040000204000L, 0x0100040000204001L, 0x0100040000204080L, 0x0100040000204081L,
+            0x0100040010000000L, 0x0100040010000001L, 0x0100040010000080L, 0x0100040010000081L,
+            0x0100040010004000L, 0x0100040010004001L, 0x0100040010004080L, 0x0100040010004081L,
+            0x0100040010200000L, 0x0100040010200001L, 0x0100040010200080L, 0x0100040010200081L,
+            0x0100040010204000L, 0x0100040010204001L, 0x0100040010204080L, 0x0100040010204081L,
+            0x0100040800000000L, 0x0100040800000001L, 0x0100040800000080L, 0x0100040800000081L,
+            0x0100040800004000L, 0x0100040800004001L, 0x0100040800004080L, 0x0100040800004081L,
+            0x0100040800200000L, 0x0100040800200001L, 0x0100040800200080L, 0x0100040800200081L,
+            0x0100040800204000L, 0x0100040800204001L, 0x0100040800204080L, 0x0100040800204081L,
+            0x0100040810000000L, 0x0100040810000001L, 0x0100040810000080L, 0x0100040810000081L,
+            0x0100040810004000L, 0x0100040810004001L, 0x0100040810004080L, 0x0100040810004081L,
+            0x0100040810200000L, 0x0100040810200001L, 0x0100040810200080L, 0x0100040810200081L,
+            0x0100040810204000L, 0x0100040810204001L, 0x0100040810204080L, 0x0100040810204081L,
+            0x0102000000000000L, 0x0102000000000001L, 0x0102000000000080L, 0x0102000000000081L,
+            0x0102000000004000L, 0x0102000000004001L, 0x0102000000004080L, 0x0102000000004081L,
+            0x0102000000200000L, 0x0102000000200001L, 0x0102000000200080L, 0x0102000000200081L,
+            0x0102000000204000L, 0x0102000000204001L, 0x0102000000204080L, 0x0102000000204081L,
+            0x0102000010000000L, 0x0102000010000001L, 0x0102000010000080L, 0x0102000010000081L,
+            0x0102000010004000L, 0x0102000010004001L, 0x0102000010004080L, 0x0102000010004081L,
+            0x0102000010200000L, 0x0102000010200001L, 0x0102000010200080L, 0x0102000010200081L,
+            0x0102000010204000L, 0x0102000010204001L, 0x0102000010204080L, 0x0102000010204081L,
+            0x0102000800000000L, 0x0102000800000001L, 0x0102000800000080L, 0x0102000800000081L,
+            0x0102000800004000L, 0x0102000800004001L, 0x0102000800004080L, 0x0102000800004081L,
+            0x0102000800200000L, 0x0102000800200001L, 0x0102000800200080L, 0x0102000800200081L,
+            0x0102000800204000L, 0x0102000800204001L, 0x0102000800204080L, 0x0102000800204081L,
+            0x0102000810000000L, 0x0102000810000001L, 0x0102000810000080L, 0x0102000810000081L,
+            0x0102000810004000L, 0x0102000810004001L, 0x0102000810004080L, 0x0102000810004081L,
+            0x0102000810200000L, 0x0102000810200001L, 0x0102000810200080L, 0x0102000810200081L,
+            0x0102000810204000L, 0x0102000810204001L, 0x0102000810204080L, 0x0102000810204081L,
+            0x0102040000000000L, 0x0102040000000001L, 0x0102040000000080L, 0x0102040000000081L,
+            0x0102040000004000L, 0x0102040000004001L, 0x0102040000004080L, 0x0102040000004081L,
+            0x0102040000200000L, 0x0102040000200001L, 0x0102040000200080L, 0x0102040000200081L,
+            0x0102040000204000L, 0x0102040000204001L, 0x0102040000204080L, 0x0102040000204081L,
+            0x0102040010000000L, 0x0102040010000001L, 0x0102040010000080L, 0x0102040010000081L,
+            0x0102040010004000L, 0x0102040010004001L, 0x0102040010004080L, 0x0102040010004081L,
+            0x0102040010200000L, 0x0102040010200001L, 0x0102040010200080L, 0x0102040010200081L,
+            0x0102040010204000L, 0x0102040010204001L, 0x0102040010204080L, 0x0102040010204081L,
+            0x0102040800000000L, 0x0102040800000001L, 0x0102040800000080L, 0x0102040800000081L,
+            0x0102040800004000L, 0x0102040800004001L, 0x0102040800004080L, 0x0102040800004081L,
+            0x0102040800200000L, 0x0102040800200001L, 0x0102040800200080L, 0x0102040800200081L,
+            0x0102040800204000L, 0x0102040800204001L, 0x0102040800204080L, 0x0102040800204081L,
+            0x0102040810000000L, 0x0102040810000001L, 0x0102040810000080L, 0x0102040810000081L,
+            0x0102040810004000L, 0x0102040810004001L, 0x0102040810004080L, 0x0102040810004081L,
+            0x0102040810200000L, 0x0102040810200001L, 0x0102040810200080L, 0x0102040810200081L,
+            0x0102040810204000L, 0x0102040810204001L, 0x0102040810204080L, 0x0102040810204081L
+        };
+
+        // For toString(); must have length 64
+        private const string ZEROES = "0000000000000000000000000000000000000000000000000000000000000000";
+
+        internal static readonly byte[] BitLengths =
+        {
+            0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
+            5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
+            6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+            6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+            8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8
+        };
+
+        // TODO make m fixed for the LongArray, and hence compute T once and for all
+
+        private long[] m_ints;
+
+        public LongArray(int intLen)
+        {
+            m_ints = new long[intLen];
+        }
+
+        public LongArray(long[] ints)
+        {
+            m_ints = ints;
+        }
+
+        public LongArray(long[] ints, int off, int len)
+        {
+            if (off == 0 && len == ints.Length)
+            {
+                m_ints = ints;
+            }
+            else
+            {
+                m_ints = new long[len];
+                Array.Copy(ints, off, m_ints, 0, len);
+            }
+        }
+
+        public LongArray(BigInteger bigInt)
+        {
+            if (bigInt == null || bigInt.SignValue < 0)
+            {
+                throw new ArgumentException("invalid F2m field value", "bigInt");
+            }
+
+            if (bigInt.SignValue == 0)
+            {
+                m_ints = new long[] { 0L };
+                return;
+            }
+
+            byte[] barr = bigInt.ToByteArray();
+            int barrLen = barr.Length;
+            int barrStart = 0;
+            if (barr[0] == 0)
+            {
+                // First byte is 0 to enforce highest (=sign) bit is zero.
+                // In this case ignore barr[0].
+                barrLen--;
+                barrStart = 1;
+            }
+            int intLen = (barrLen + 7) / 8;
+            m_ints = new long[intLen];
+
+            int iarrJ = intLen - 1;
+            int rem = barrLen % 8 + barrStart;
+            long temp = 0;
+            int barrI = barrStart;
+            if (barrStart < rem)
+            {
+                for (; barrI < rem; barrI++)
+                {
+                    temp <<= 8;
+                    uint barrBarrI = barr[barrI];
+                    temp |= barrBarrI;
+                }
+                m_ints[iarrJ--] = temp;
+            }
+
+            for (; iarrJ >= 0; iarrJ--)
+            {
+                temp = 0;
+                for (int i = 0; i < 8; i++)
+                {
+                    temp <<= 8;
+                    uint barrBarrI = barr[barrI++];
+                    temp |= barrBarrI;
+                }
+                m_ints[iarrJ] = temp;
+            }
+        }
+
+        public bool IsOne()
+        {
+            long[] a = m_ints;
+            if (a[0] != 1L)
+            {
+                return false;
+            }
+            for (int i = 1; i < a.Length; ++i)
+            {
+                if (a[i] != 0L)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public bool IsZero()
+        {
+            long[] a = m_ints;
+            for (int i = 0; i < a.Length; ++i)
+            {
+                if (a[i] != 0L)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public int GetUsedLength()
+        {
+            return GetUsedLengthFrom(m_ints.Length);
+        }
+
+        public int GetUsedLengthFrom(int from)
+        {
+            long[] a = m_ints;
+            from = System.Math.Min(from, a.Length);
+
+            if (from < 1)
+            {
+                return 0;
+            }
+
+            // Check if first element will act as sentinel
+            if (a[0] != 0)
+            {
+                while (a[--from] == 0)
+                {
+                }
+                return from + 1;
+            }
+
+            do
+            {
+                if (a[--from] != 0)
+                {
+                    return from + 1;
+                }
+            }
+            while (from > 0);
+
+            return 0;
+        }
+
+        public int Degree()
+        {
+            int i = m_ints.Length;
+            long w;
+            do
+            {
+                if (i == 0)
+                {
+                    return 0;
+                }
+                w = m_ints[--i];
+            }
+            while (w == 0);
+
+            return (i << 6) + BitLength(w);
+        }
+
+        private int DegreeFrom(int limit)
+        {
+            int i = (int)(((uint)limit + 62) >> 6);
+            long w;
+            do
+            {
+                if (i == 0)
+                {
+                    return 0;
+                }
+                w = m_ints[--i];
+            }
+            while (w == 0);
+
+            return (i << 6) + BitLength(w);
+        }
+
+    //    private int lowestCoefficient()
+    //    {
+    //        for (int i = 0; i < m_ints.Length; ++i)
+    //        {
+    //            long mi = m_ints[i];
+    //            if (mi != 0)
+    //            {
+    //                int j = 0;
+    //                while ((mi & 0xFFL) == 0)
+    //                {
+    //                    j += 8;
+    //                    mi >>>= 8;
+    //                }
+    //                while ((mi & 1L) == 0)
+    //                {
+    //                    ++j;
+    //                    mi >>>= 1;
+    //                }
+    //                return (i << 6) + j;
+    //            }
+    //        }
+    //        return -1;
+    //    }
+
+        private static int BitLength(long w)
+        {
+            int u = (int)((ulong)w >> 32), b;
+            if (u == 0)
+            {
+                u = (int)w;
+                b = 0;
+            }
+            else
+            {
+                b = 32;
+            }
+
+            int t = (int)((uint)u >> 16), k;
+            if (t == 0)
+            {
+                t = (int)((uint)u >> 8);
+                k = (t == 0) ? BitLengths[u] : 8 + BitLengths[t];
+            }
+            else
+            {
+                int v = (int)((uint)t >> 8);
+                k = (v == 0) ? 16 + BitLengths[t] : 24 + BitLengths[v];
+            }
+
+            return b + k;
+        }
+
+        private long[] ResizedInts(int newLen)
+        {
+            long[] newInts = new long[newLen];
+            Array.Copy(m_ints, 0, newInts, 0, System.Math.Min(m_ints.Length, newLen));
+            return newInts;
+        }
+
+        public BigInteger ToBigInteger()
+        {
+            int usedLen = GetUsedLength();
+            if (usedLen == 0)
+            {
+                return BigInteger.Zero;
+            }
+
+            long highestInt = m_ints[usedLen - 1];
+            byte[] temp = new byte[8];
+            int barrI = 0;
+            bool trailingZeroBytesDone = false;
+            for (int j = 7; j >= 0; j--)
+            {
+                byte thisByte = (byte)((ulong)highestInt >> (8 * j));
+                if (trailingZeroBytesDone || (thisByte != 0))
+                {
+                    trailingZeroBytesDone = true;
+                    temp[barrI++] = thisByte;
+                }
+            }
+
+            int barrLen = 8 * (usedLen - 1) + barrI;
+            byte[] barr = new byte[barrLen];
+            for (int j = 0; j < barrI; j++)
+            {
+                barr[j] = temp[j];
+            }
+            // Highest value int is done now
+
+            for (int iarrJ = usedLen - 2; iarrJ >= 0; iarrJ--)
+            {
+                long mi = m_ints[iarrJ];
+                for (int j = 7; j >= 0; j--)
+                {
+                    barr[barrI++] = (byte)((ulong)mi >> (8 * j));
+                }
+            }
+            return new BigInteger(1, barr);
+        }
+
+    //    private static long shiftUp(long[] x, int xOff, int count)
+    //    {
+    //        long prev = 0;
+    //        for (int i = 0; i < count; ++i)
+    //        {
+    //            long next = x[xOff + i];
+    //            x[xOff + i] = (next << 1) | prev;
+    //            prev = next >>> 63;
+    //        }
+    //        return prev;
+    //    }
+
+        private static long ShiftUp(long[] x, int xOff, int count, int shift)
+        {
+            int shiftInv = 64 - shift;
+            long prev = 0;
+            for (int i = 0; i < count; ++i)
+            {
+                long next = x[xOff + i];
+                x[xOff + i] = (next << shift) | prev;
+                prev = (long)((ulong)next >> shiftInv);
+            }
+            return prev;
+        }
+
+        private static long ShiftUp(long[] x, int xOff, long[] z, int zOff, int count, int shift)
+        {
+            int shiftInv = 64 - shift;
+            long prev = 0;
+            for (int i = 0; i < count; ++i)
+            {
+                long next = x[xOff + i];
+                z[zOff + i] = (next << shift) | prev;
+                prev = (long)((ulong)next >> shiftInv);
+            }
+            return prev;
+        }
+
+        public LongArray AddOne()
+        {
+            if (m_ints.Length == 0)
+            {
+                return new LongArray(new long[]{ 1L });
+            }
+
+            int resultLen = System.Math.Max(1, GetUsedLength());
+            long[] ints = ResizedInts(resultLen);
+            ints[0] ^= 1L;
+            return new LongArray(ints);
+        }
+
+    //    private void addShiftedByBits(LongArray other, int bits)
+    //    {
+    //        int words = bits >>> 6;
+    //        int shift = bits & 0x3F;
+    //
+    //        if (shift == 0)
+    //        {
+    //            addShiftedByWords(other, words);
+    //            return;
+    //        }
+    //
+    //        int otherUsedLen = other.GetUsedLength();
+    //        if (otherUsedLen == 0)
+    //        {
+    //            return;
+    //        }
+    //
+    //        int minLen = otherUsedLen + words + 1;
+    //        if (minLen > m_ints.Length)
+    //        {
+    //            m_ints = resizedInts(minLen);
+    //        }
+    //
+    //        long carry = addShiftedByBits(m_ints, words, other.m_ints, 0, otherUsedLen, shift);
+    //        m_ints[otherUsedLen + words] ^= carry;
+    //    }
+
+        private void AddShiftedByBitsSafe(LongArray other, int otherDegree, int bits)
+        {
+            int otherLen = (int)((uint)(otherDegree + 63) >> 6);
+
+            int words = (int)((uint)bits >> 6);
+            int shift = bits & 0x3F;
+
+            if (shift == 0)
+            {
+                Add(m_ints, words, other.m_ints, 0, otherLen);
+                return;
+            }
+
+            long carry = AddShiftedUp(m_ints, words, other.m_ints, 0, otherLen, shift);
+            if (carry != 0L)
+            {
+                m_ints[otherLen + words] ^= carry;
+            }
+        }
+
+        private static long AddShiftedUp(long[] x, int xOff, long[] y, int yOff, int count, int shift)
+        {
+            int shiftInv = 64 - shift;
+            long prev = 0;
+            for (int i = 0; i < count; ++i)
+            {
+                long next = y[yOff + i];
+                x[xOff + i] ^= (next << shift) | prev;
+                prev = (long)((ulong)next >> shiftInv);
+            }
+            return prev;
+        }
+
+        private static long AddShiftedDown(long[] x, int xOff, long[] y, int yOff, int count, int shift)
+        {
+            int shiftInv = 64 - shift;
+            long prev = 0;
+            int i = count;
+            while (--i >= 0)
+            {
+                long next = y[yOff + i];
+                x[xOff + i] ^= (long)((ulong)next >> shift) | prev;
+                prev = next << shiftInv;
+            }
+            return prev;
+        }
+
+        public void AddShiftedByWords(LongArray other, int words)
+        {
+            int otherUsedLen = other.GetUsedLength();
+            if (otherUsedLen == 0)
+            {
+                return;
+            }
+
+            int minLen = otherUsedLen + words;
+            if (minLen > m_ints.Length)
+            {
+                m_ints = ResizedInts(minLen);
+            }
+
+            Add(m_ints, words, other.m_ints, 0, otherUsedLen);
+        }
+
+        private static void Add(long[] x, int xOff, long[] y, int yOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                x[xOff + i] ^= y[yOff + i];
+            }
+        }
+
+        private static void Add(long[] x, int xOff, long[] y, int yOff, long[] z, int zOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                z[zOff + i] = x[xOff + i] ^ y[yOff + i];
+            }
+        }
+
+        private static void AddBoth(long[] x, int xOff, long[] y1, int y1Off, long[] y2, int y2Off, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                x[xOff + i] ^= y1[y1Off + i] ^ y2[y2Off + i];
+            }
+        }
+
+        private static void Distribute(long[] x, int src, int dst1, int dst2, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                long v = x[src + i];
+                x[dst1 + i] ^= v;
+                x[dst2 + i] ^= v;
+            }
+        }
+
+        public int Length
+        {
+            get { return m_ints.Length; }
+        }
+
+        private static void FlipWord(long[] buf, int off, int bit, long word)
+        {
+            int n = off + (int)((uint)bit >> 6);
+            int shift = bit & 0x3F;
+            if (shift == 0)
+            {
+                buf[n] ^= word;
+            }
+            else
+            {
+                buf[n] ^= word << shift;
+                word = (long)((ulong)word >> (64 - shift));
+                if (word != 0)
+                {
+                    buf[++n] ^= word;
+                }
+            }
+        }
+
+    //    private static long getWord(long[] buf, int off, int len, int bit)
+    //    {
+    //        int n = off + (bit >>> 6);
+    //        int shift = bit & 0x3F;
+    //        if (shift == 0)
+    //        {
+    //            return buf[n];
+    //        }
+    //        long result = buf[n] >>> shift;
+    //        if (++n < len)
+    //        {
+    //            result |= buf[n] << (64 - shift);
+    //        }
+    //        return result;
+    //    }
+
+        public bool TestBitZero()
+        {
+            return m_ints.Length > 0 && (m_ints[0] & 1L) != 0;
+        }
+
+        private static bool TestBit(long[] buf, int off, int n)
+        {
+            // theInt = n / 64
+            int theInt = (int)((uint)n >> 6);
+            // theBit = n % 64
+            int theBit = n & 0x3F;
+            long tester = 1L << theBit;
+            return (buf[off + theInt] & tester) != 0;
+        }
+
+        private static void FlipBit(long[] buf, int off, int n)
+        {
+            // theInt = n / 64
+            int theInt = (int)((uint)n >> 6);
+            // theBit = n % 64
+            int theBit = n & 0x3F;
+            long flipper = 1L << theBit;
+            buf[off + theInt] ^= flipper;
+        }
+
+    //    private static void SetBit(long[] buf, int off, int n)
+    //    {
+    //        // theInt = n / 64
+    //        int theInt = n >>> 6;
+    //        // theBit = n % 64
+    //        int theBit = n & 0x3F;
+    //        long setter = 1L << theBit;
+    //        buf[off + theInt] |= setter;
+    //    }
+    //
+    //    private static void ClearBit(long[] buf, int off, int n)
+    //    {
+    //        // theInt = n / 64
+    //        int theInt = n >>> 6;
+    //        // theBit = n % 64
+    //        int theBit = n & 0x3F;
+    //        long setter = 1L << theBit;
+    //        buf[off + theInt] &= ~setter;
+    //    }
+
+        private static void MultiplyWord(long a, long[] b, int bLen, long[] c, int cOff)
+        {
+            if ((a & 1L) != 0L)
+            {
+                Add(c, cOff, b, 0, bLen);
+            }
+            int k = 1;
+            while ((a = (long)((ulong)a >> 1)) != 0L)
+            {
+                if ((a & 1L) != 0L)
+                {
+                    long carry = AddShiftedUp(c, cOff, b, 0, bLen, k);
+                    if (carry != 0L)
+                    {
+                        c[cOff + bLen] ^= carry;
+                    }
+                }
+                ++k;
+            }
+        }
+
+        public LongArray ModMultiplyLD(LongArray other, int m, int[] ks)
+        {
+            /*
+             * Find out the degree of each argument and handle the zero cases
+             */
+            int aDeg = Degree();
+            if (aDeg == 0)
+            {
+                return this;
+            }
+            int bDeg = other.Degree();
+            if (bDeg == 0)
+            {
+                return other;
+            }
+
+            /*
+             * Swap if necessary so that A is the smaller argument
+             */
+            LongArray A = this, B = other;
+            if (aDeg > bDeg)
+            {
+                A = other; B = this;
+                int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+            }
+
+            /*
+             * Establish the word lengths of the arguments and result
+             */
+            int aLen = (int)((uint)(aDeg + 63) >> 6);
+            int bLen = (int)((uint)(bDeg + 63) >> 6);
+            int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6);
+
+            if (aLen == 1)
+            {
+                long a0 = A.m_ints[0];
+                if (a0 == 1L)
+                {
+                    return B;
+                }
+
+                /*
+                 * Fast path for small A, with performance dependent only on the number of set bits
+                 */
+                long[] c0 = new long[cLen];
+                MultiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+                /*
+                 * Reduce the raw answer against the reduction coefficients
+                 */
+                return ReduceResult(c0, 0, cLen, m, ks);
+            }
+
+            /*
+             * Determine if B will get bigger during shifting
+             */
+            int bMax = (int)((uint)(bDeg + 7 + 63) >> 6);
+
+            /*
+             * Lookup table for the offset of each B in the tables
+             */
+            int[] ti = new int[16];
+
+            /*
+             * Precompute table of all 4-bit products of B
+             */
+            long[] T0 = new long[bMax << 4];
+            int tOff = bMax;
+            ti[1] = tOff;
+            Array.Copy(B.m_ints, 0, T0, tOff, bLen);
+            for (int i = 2; i < 16; ++i)
+            {
+                ti[i] = (tOff += bMax);
+                if ((i & 1) == 0)
+                {
+                    ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1);
+                }
+                else
+                {
+                    Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+                }
+            }
+
+            /*
+             * Second table with all 4-bit products of B shifted 4 bits
+             */
+            long[] T1 = new long[T0.Length];
+            ShiftUp(T0, 0, T1, 0, T0.Length, 4);
+    //        shiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+            long[] a = A.m_ints;
+            long[] c = new long[cLen];
+
+            int MASK = 0xF;
+
+            /*
+             * Lopez-Dahab algorithm
+             */
+
+            for (int k = 56; k >= 0; k -= 8)
+            {
+                for (int j = 1; j < aLen; j += 2)
+                {
+                    int aVal = (int)((ulong)a[j] >> k);
+                    int u = aVal & MASK;
+                    int v = (int)((uint)aVal >> 4) & MASK;
+                    AddBoth(c, j - 1, T0, ti[u], T1, ti[v], bMax);
+                }
+                ShiftUp(c, 0, cLen, 8);
+            }
+
+            for (int k = 56; k >= 0; k -= 8)
+            {
+                for (int j = 0; j < aLen; j += 2)
+                {
+                    int aVal = (int)((ulong)a[j] >> k);
+                    int u = aVal & MASK;
+                    int v = (int)((uint)aVal >> 4) & MASK;
+                    AddBoth(c, j, T0, ti[u], T1, ti[v], bMax);
+                }
+                if (k > 0)
+                {
+                    ShiftUp(c, 0, cLen, 8);
+                }
+            }
+
+            /*
+             * Finally the raw answer is collected, reduce it against the reduction coefficients
+             */
+            return ReduceResult(c, 0, cLen, m, ks);
+        }
+
+        public LongArray ModMultiply(LongArray other, int m, int[] ks)
+        {
+            /*
+             * Find out the degree of each argument and handle the zero cases
+             */
+            int aDeg = Degree();
+            if (aDeg == 0)
+            {
+                return this;
+            }
+            int bDeg = other.Degree();
+            if (bDeg == 0)
+            {
+                return other;
+            }
+
+            /*
+             * Swap if necessary so that A is the smaller argument
+             */
+            LongArray A = this, B = other;
+            if (aDeg > bDeg)
+            {
+                A = other; B = this;
+                int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+            }
+
+            /*
+             * Establish the word lengths of the arguments and result
+             */
+            int aLen = (int)((uint)(aDeg + 63) >> 6);
+            int bLen = (int)((uint)(bDeg + 63) >> 6);
+            int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6);
+
+            if (aLen == 1)
+            {
+                long a0 = A.m_ints[0];
+                if (a0 == 1L)
+                {
+                    return B;
+                }
+
+                /*
+                 * Fast path for small A, with performance dependent only on the number of set bits
+                 */
+                long[] c0 = new long[cLen];
+                MultiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+                /*
+                 * Reduce the raw answer against the reduction coefficients
+                 */
+                return ReduceResult(c0, 0, cLen, m, ks);
+            }
+
+            /*
+             * Determine if B will get bigger during shifting
+             */
+            int bMax = (int)((uint)(bDeg + 7 + 63) >> 6);
+
+            /*
+             * Lookup table for the offset of each B in the tables
+             */
+            int[] ti = new int[16];
+
+            /*
+             * Precompute table of all 4-bit products of B
+             */
+            long[] T0 = new long[bMax << 4];
+            int tOff = bMax;
+            ti[1] = tOff;
+            Array.Copy(B.m_ints, 0, T0, tOff, bLen);
+            for (int i = 2; i < 16; ++i)
+            {
+                ti[i] = (tOff += bMax);
+                if ((i & 1) == 0)
+                {
+                    ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1);
+                }
+                else
+                {
+                    Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+                }
+            }
+
+            /*
+             * Second table with all 4-bit products of B shifted 4 bits
+             */
+            long[] T1 = new long[T0.Length];
+            ShiftUp(T0, 0, T1, 0, T0.Length, 4);
+    //        ShiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+            long[] a = A.m_ints;
+            long[] c = new long[cLen << 3];
+
+            int MASK = 0xF;
+
+            /*
+             * Lopez-Dahab (Modified) algorithm
+             */
+
+            for (int aPos = 0; aPos < aLen; ++aPos)
+            {
+                long aVal = a[aPos];
+                int cOff = aPos;
+                for (;;)
+                {
+                    int u = (int)aVal & MASK;
+                    aVal = (long)((ulong)aVal >> 4);
+                    int v = (int)aVal & MASK;
+                    AddBoth(c, cOff, T0, ti[u], T1, ti[v], bMax);
+                    aVal = (long)((ulong)aVal >> 4);
+                    if (aVal == 0L)
+                    {
+                        break;
+                    }
+                    cOff += cLen;
+                }
+            }
+
+            {
+                int cOff = c.Length;
+                while ((cOff -= cLen) != 0)
+                {
+                    AddShiftedUp(c, cOff - cLen, c, cOff, cLen, 8);
+                }
+            }
+
+            /*
+             * Finally the raw answer is collected, reduce it against the reduction coefficients
+             */
+            return ReduceResult(c, 0, cLen, m, ks);
+        }
+
+        public LongArray ModMultiplyAlt(LongArray other, int m, int[] ks)
+        {
+            /*
+             * Find out the degree of each argument and handle the zero cases
+             */
+            int aDeg = Degree();
+            if (aDeg == 0)
+            {
+                return this;
+            }
+            int bDeg = other.Degree();
+            if (bDeg == 0)
+            {
+                return other;
+            }
+
+            /*
+             * Swap if necessary so that A is the smaller argument
+             */
+            LongArray A = this, B = other;
+            if (aDeg > bDeg)
+            {
+                A = other; B = this;
+                int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+            }
+
+            /*
+             * Establish the word lengths of the arguments and result
+             */
+            int aLen = (int)((uint)(aDeg + 63) >> 6);
+            int bLen = (int)((uint)(bDeg + 63) >> 6);
+            int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6);
+
+            if (aLen == 1)
+            {
+                long a0 = A.m_ints[0];
+                if (a0 == 1L)
+                {
+                    return B;
+                }
+
+                /*
+                 * Fast path for small A, with performance dependent only on the number of set bits
+                 */
+                long[] c0 = new long[cLen];
+                MultiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+                /*
+                 * Reduce the raw answer against the reduction coefficients
+                 */
+                return ReduceResult(c0, 0, cLen, m, ks);
+            }
+
+            // NOTE: This works, but is slower than width 4 processing
+    //        if (aLen == 2)
+    //        {
+    //            /*
+    //             * Use common-multiplicand optimization to save ~1/4 of the adds
+    //             */
+    //            long a1 = A.m_ints[0], a2 = A.m_ints[1];
+    //            long aa = a1 & a2; a1 ^= aa; a2 ^= aa;
+    //
+    //            long[] b = B.m_ints;
+    //            long[] c = new long[cLen];
+    //            multiplyWord(aa, b, bLen, c, 1);
+    //            add(c, 0, c, 1, cLen - 1);
+    //            multiplyWord(a1, b, bLen, c, 0);
+    //            multiplyWord(a2, b, bLen, c, 1);
+    //
+    //            /*
+    //             * Reduce the raw answer against the reduction coefficients
+    //             */
+    //            return ReduceResult(c, 0, cLen, m, ks);
+    //        }
+
+            /*
+             * Determine the parameters of the Interleaved window algorithm: the 'width' in bits to
+             * process together, the number of evaluation 'positions' implied by that width, and the
+             * 'top' position at which the regular window algorithm stops.
+             */
+            int width, positions, top, banks;
+
+            // NOTE: width 4 is the fastest over the entire range of sizes used in current crypto 
+    //        width = 1; positions = 64; top = 64; banks = 4;
+    //        width = 2; positions = 32; top = 64; banks = 4;
+    //        width = 3; positions = 21; top = 63; banks = 3;
+            width = 4; positions = 16; top = 64; banks = 8;
+    //        width = 5; positions = 13; top = 65; banks = 7;
+    //        width = 7; positions = 9; top = 63; banks = 9;
+    //        width = 8; positions = 8; top = 64; banks = 8;
+
+            /*
+             * Determine if B will get bigger during shifting
+             */
+            int shifts = top < 64 ? positions : positions - 1;
+            int bMax = (int)((uint)(bDeg + shifts + 63) >> 6);
+
+            int bTotal = bMax * banks, stride = width * banks;
+
+            /*
+             * Create a single temporary buffer, with an offset table to find the positions of things in it 
+             */
+            int[] ci = new int[1 << width];
+            int cTotal = aLen;
+            {
+                ci[0] = cTotal;
+                cTotal += bTotal;
+                ci[1] = cTotal;
+                for (int i = 2; i < ci.Length; ++i)
+                {
+                    cTotal += cLen;
+                    ci[i] = cTotal;
+                }
+                cTotal += cLen;
+            }
+            // NOTE: Provide a safe dump for "high zeroes" since we are adding 'bMax' and not 'bLen'
+            ++cTotal;
+
+            long[] c = new long[cTotal];
+
+            // Prepare A in Interleaved form, according to the chosen width
+            Interleave(A.m_ints, 0, c, 0, aLen, width);
+
+            // Make a working copy of B, since we will be shifting it
+            {
+                int bOff = aLen;
+                Array.Copy(B.m_ints, 0, c, bOff, bLen);
+                for (int bank = 1; bank < banks; ++bank)
+                {
+                    ShiftUp(c, aLen, c, bOff += bMax, bMax, bank);
+                }
+            }
+
+            /*
+             * The main loop analyzes the Interleaved windows in A, and for each non-zero window
+             * a single word-array XOR is performed to a carefully selected slice of 'c'. The loop is
+             * breadth-first, checking the lowest window in each word, then looping again for the
+             * next higher window position.
+             */
+            int MASK = (1 << width) - 1;
+
+            int k = 0;
+            for (;;)
+            {
+                int aPos = 0;
+                do
+                {
+                    long aVal = (long)((ulong)c[aPos] >> k);
+                    int bank = 0, bOff = aLen;
+                    for (;;)
+                    {
+                        int index = (int)(aVal) & MASK;
+                        if (index != 0)
+                        {
+                            /*
+                             * Add to a 'c' buffer based on the bit-pattern of 'index'. Since A is in
+                             * Interleaved form, the bits represent the current B shifted by 0, 'positions',
+                             * 'positions' * 2, ..., 'positions' * ('width' - 1)
+                             */
+                            Add(c, aPos + ci[index], c, bOff, bMax);
+                        }
+                        if (++bank == banks)
+                        {
+                            break;
+                        }
+                        bOff += bMax;
+                        aVal = (long)((ulong)aVal >> width);
+                    }
+                }
+                while (++aPos < aLen);
+
+                if ((k += stride) >= top)
+                {
+                    if (k >= 64)
+                    {
+                        break;
+                    }
+
+                    /*
+                     * Adjustment for window setups with top == 63, the final bit (if any) is processed
+                     * as the top-bit of a window
+                     */
+                    k = 64 - width;
+                    MASK &= MASK << (top - k);
+                }
+
+                /*
+                 * After each position has been checked for all words of A, B is shifted up 1 place
+                 */
+                ShiftUp(c, aLen, bTotal, banks);
+            }
+
+            int ciPos = ci.Length;
+            while (--ciPos > 1)
+            {
+                if ((ciPos & 1L) == 0L)
+                {
+                    /*
+                     * For even numbers, shift contents and add to the half-position
+                     */
+                    AddShiftedUp(c, ci[(uint)ciPos >> 1], c, ci[ciPos], cLen, positions);
+                }
+                else
+                {
+                    /*
+                     * For odd numbers, 'distribute' contents to the result and the next-lowest position
+                     */
+                    Distribute(c, ci[ciPos], ci[ciPos - 1], ci[1], cLen);
+                }
+            }
+
+            /*
+             * Finally the raw answer is collected, reduce it against the reduction coefficients
+             */
+            return ReduceResult(c, ci[1], cLen, m, ks);
+        }
+
+        public LongArray ModReduce(int m, int[] ks)
+        {
+            long[] buf = Arrays.Clone(m_ints);
+            int rLen = ReduceInPlace(buf, 0, buf.Length, m, ks);
+            return new LongArray(buf, 0, rLen);
+        }
+
+        public LongArray Multiply(LongArray other, int m, int[] ks)
+        {
+            /*
+             * Find out the degree of each argument and handle the zero cases
+             */
+            int aDeg = Degree();
+            if (aDeg == 0)
+            {
+                return this;
+            }
+            int bDeg = other.Degree();
+            if (bDeg == 0)
+            {
+                return other;
+            }
+
+            /*
+             * Swap if necessary so that A is the smaller argument
+             */
+            LongArray A = this, B = other;
+            if (aDeg > bDeg)
+            {
+                A = other; B = this;
+                int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+            }
+
+            /*
+             * Establish the word lengths of the arguments and result
+             */
+            int aLen = (int)((uint)(aDeg + 63) >> 6);
+            int bLen = (int)((uint)(bDeg + 63) >> 6);
+            int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6);
+
+            if (aLen == 1)
+            {
+                long a0 = A.m_ints[0];
+                if (a0 == 1L)
+                {
+                    return B;
+                }
+
+                /*
+                 * Fast path for small A, with performance dependent only on the number of set bits
+                 */
+                long[] c0 = new long[cLen];
+                MultiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+                /*
+                 * Reduce the raw answer against the reduction coefficients
+                 */
+                //return ReduceResult(c0, 0, cLen, m, ks);
+                return new LongArray(c0, 0, cLen);
+            }
+
+            /*
+             * Determine if B will get bigger during shifting
+             */
+            int bMax = (int)((uint)(bDeg + 7 + 63) >> 6);
+
+            /*
+             * Lookup table for the offset of each B in the tables
+             */
+            int[] ti = new int[16];
+
+            /*
+             * Precompute table of all 4-bit products of B
+             */
+            long[] T0 = new long[bMax << 4];
+            int tOff = bMax;
+            ti[1] = tOff;
+            Array.Copy(B.m_ints, 0, T0, tOff, bLen);
+            for (int i = 2; i < 16; ++i)
+            {
+                ti[i] = (tOff += bMax);
+                if ((i & 1) == 0)
+                {
+                    ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1);
+                }
+                else
+                {
+                    Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+                }
+            }
+
+            /*
+             * Second table with all 4-bit products of B shifted 4 bits
+             */
+            long[] T1 = new long[T0.Length];
+            ShiftUp(T0, 0, T1, 0, T0.Length, 4);
+            //        ShiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+            long[] a = A.m_ints;
+            long[] c = new long[cLen << 3];
+
+            int MASK = 0xF;
+
+            /*
+             * Lopez-Dahab (Modified) algorithm
+             */
+
+            for (int aPos = 0; aPos < aLen; ++aPos)
+            {
+                long aVal = a[aPos];
+                int cOff = aPos;
+                for (; ; )
+                {
+                    int u = (int)aVal & MASK;
+                    aVal = (long)((ulong)aVal >> 4);
+                    int v = (int)aVal & MASK;
+                    AddBoth(c, cOff, T0, ti[u], T1, ti[v], bMax);
+                    aVal = (long)((ulong)aVal >> 4);
+                    if (aVal == 0L)
+                    {
+                        break;
+                    }
+                    cOff += cLen;
+                }
+            }
+
+            {
+                int cOff = c.Length;
+                while ((cOff -= cLen) != 0)
+                {
+                    AddShiftedUp(c, cOff - cLen, c, cOff, cLen, 8);
+                }
+            }
+
+            /*
+             * Finally the raw answer is collected, reduce it against the reduction coefficients
+             */
+            //return ReduceResult(c, 0, cLen, m, ks);
+            return new LongArray(c, 0, cLen);
+        }
+
+        public void Reduce(int m, int[] ks)
+        {
+            long[] buf = m_ints;
+            int rLen = ReduceInPlace(buf, 0, buf.Length, m, ks);
+            if (rLen < buf.Length)
+            {
+                m_ints = new long[rLen];
+                Array.Copy(buf, 0, m_ints, 0, rLen);
+            }
+        }
+
+        private static LongArray ReduceResult(long[] buf, int off, int len, int m, int[] ks)
+        {
+            int rLen = ReduceInPlace(buf, off, len, m, ks);
+            return new LongArray(buf, off, rLen);
+        }
+
+    //    private static void deInterleave(long[] x, int xOff, long[] z, int zOff, int count, int rounds)
+    //    {
+    //        for (int i = 0; i < count; ++i)
+    //        {
+    //            z[zOff + i] = deInterleave(x[zOff + i], rounds);
+    //        }
+    //    }
+    //
+    //    private static long deInterleave(long x, int rounds)
+    //    {
+    //        while (--rounds >= 0)
+    //        {
+    //            x = deInterleave32(x & DEInterleave_MASK) | (deInterleave32((x >>> 1) & DEInterleave_MASK) << 32);
+    //        }
+    //        return x;
+    //    }
+    //
+    //    private static long deInterleave32(long x)
+    //    {
+    //        x = (x | (x >>> 1)) & 0x3333333333333333L;
+    //        x = (x | (x >>> 2)) & 0x0F0F0F0F0F0F0F0FL;
+    //        x = (x | (x >>> 4)) & 0x00FF00FF00FF00FFL;
+    //        x = (x | (x >>> 8)) & 0x0000FFFF0000FFFFL;
+    //        x = (x | (x >>> 16)) & 0x00000000FFFFFFFFL;
+    //        return x;
+    //    }
+
+        private static int ReduceInPlace(long[] buf, int off, int len, int m, int[] ks)
+        {
+            int mLen = (m + 63) >> 6;
+            if (len < mLen)
+            {
+                return len;
+            }
+
+            int numBits = System.Math.Min(len << 6, (m << 1) - 1); // TODO use actual degree?
+            int excessBits = (len << 6) - numBits;
+            while (excessBits >= 64)
+            {
+                --len;
+                excessBits -= 64;
+            }
+
+            int kLen = ks.Length, kMax = ks[kLen - 1], kNext = kLen > 1 ? ks[kLen - 2] : 0;
+            int wordWiseLimit = System.Math.Max(m, kMax + 64);
+            int vectorableWords = (excessBits + System.Math.Min(numBits - wordWiseLimit, m - kNext)) >> 6;
+            if (vectorableWords > 1)
+            {
+                int vectorWiseWords = len - vectorableWords;
+                ReduceVectorWise(buf, off, len, vectorWiseWords, m, ks);
+                while (len > vectorWiseWords)
+                {
+                    buf[off + --len] = 0L;
+                }
+                numBits = vectorWiseWords << 6;
+            }
+
+            if (numBits > wordWiseLimit)
+            {
+                ReduceWordWise(buf, off, len, wordWiseLimit, m, ks);
+                numBits = wordWiseLimit;
+            }
+
+            if (numBits > m)
+            {
+                ReduceBitWise(buf, off, numBits, m, ks);
+            }
+
+            return mLen;
+        }
+
+        private static void ReduceBitWise(long[] buf, int off, int BitLength, int m, int[] ks)
+        {
+            while (--BitLength >= m)
+            {
+                if (TestBit(buf, off, BitLength))
+                {
+                    ReduceBit(buf, off, BitLength, m, ks);
+                }
+            }
+        }
+
+        private static void ReduceBit(long[] buf, int off, int bit, int m, int[] ks)
+        {
+            FlipBit(buf, off, bit);
+            int n = bit - m;
+            int j = ks.Length;
+            while (--j >= 0)
+            {
+                FlipBit(buf, off, ks[j] + n);
+            }
+            FlipBit(buf, off, n);
+        }
+
+        private static void ReduceWordWise(long[] buf, int off, int len, int toBit, int m, int[] ks)
+        {
+            int toPos = (int)((uint)toBit >> 6);
+
+            while (--len > toPos)
+            {
+                long word = buf[off + len];
+                if (word != 0)
+                {
+                    buf[off + len] = 0;
+                    ReduceWord(buf, off, (len << 6), word, m, ks);
+                }
+            }
+
+            {
+                int partial = toBit & 0x3F;
+                long word = (long)((ulong)buf[off + toPos] >> partial);
+                if (word != 0)
+                {
+                    buf[off + toPos] ^= word << partial;
+                    ReduceWord(buf, off, toBit, word, m, ks);
+                }
+            }
+        }
+
+        private static void ReduceWord(long[] buf, int off, int bit, long word, int m, int[] ks)
+        {
+            int offset = bit - m;
+            int j = ks.Length;
+            while (--j >= 0)
+            {
+                FlipWord(buf, off, offset + ks[j], word);
+            }
+            FlipWord(buf, off, offset, word);
+        }
+
+        private static void ReduceVectorWise(long[] buf, int off, int len, int words, int m, int[] ks)
+        {
+            /*
+             * NOTE: It's important we go from highest coefficient to lowest, because for the highest
+             * one (only) we allow the ranges to partially overlap, and therefore any changes must take
+             * effect for the subsequent lower coefficients.
+             */
+            int baseBit = (words << 6) - m;
+            int j = ks.Length;
+            while (--j >= 0)
+            {
+                FlipVector(buf, off, buf, off + words, len - words, baseBit + ks[j]);
+            }
+            FlipVector(buf, off, buf, off + words, len - words, baseBit);
+        }
+
+        private static void FlipVector(long[] x, int xOff, long[] y, int yOff, int yLen, int bits)
+        {
+            xOff += (int)((uint)bits >> 6);
+            bits &= 0x3F;
+
+            if (bits == 0)
+            {
+                Add(x, xOff, y, yOff, yLen);
+            }
+            else
+            {
+                long carry = AddShiftedDown(x, xOff + 1, y, yOff, yLen, 64 - bits);
+                x[xOff] ^= carry;
+            }
+        }
+
+        public LongArray ModSquare(int m, int[] ks)
+        {
+            int len = GetUsedLength();
+            if (len == 0)
+            {
+                return this;
+            }
+
+            int _2len = len << 1;
+            long[] r = new long[_2len];
+
+            int pos = 0;
+            while (pos < _2len)
+            {
+                long mi = m_ints[(uint)pos >> 1];
+                r[pos++] = Interleave2_32to64((int)mi);
+                r[pos++] = Interleave2_32to64((int)((ulong)mi >> 32));
+            }
+
+            return new LongArray(r, 0, ReduceInPlace(r, 0, r.Length, m, ks));
+        }
+
+        public LongArray ModSquareN(int n, int m, int[] ks)
+        {
+            int len = GetUsedLength();
+            if (len == 0)
+            {
+                return this;
+            }
+    
+            int mLen = (m + 63) >> 6;
+            long[] r = new long[mLen << 1];
+            Array.Copy(m_ints, 0, r, 0, len);
+    
+            while (--n >= 0)
+            {
+                SquareInPlace(r, len, m, ks);
+                len = ReduceInPlace(r, 0, r.Length, m, ks);
+            }
+    
+            return new LongArray(r, 0, len);
+        }
+
+        public LongArray Square(int m, int[] ks)
+        {
+            int len = GetUsedLength();
+            if (len == 0)
+            {
+                return this;
+            }
+
+            int _2len = len << 1;
+            long[] r = new long[_2len];
+
+            int pos = 0;
+            while (pos < _2len)
+            {
+                long mi = m_ints[(uint)pos >> 1];
+                r[pos++] = Interleave2_32to64((int)mi);
+                r[pos++] = Interleave2_32to64((int)((ulong)mi >> 32));
+            }
+
+            return new LongArray(r, 0, r.Length);
+        }
+
+        private static void SquareInPlace(long[] x, int xLen, int m, int[] ks)
+        {
+            int pos = xLen << 1;
+            while (--xLen >= 0)
+            {
+                long xVal = x[xLen];
+                x[--pos] = Interleave2_32to64((int)((ulong)xVal >> 32));
+                x[--pos] = Interleave2_32to64((int)xVal);
+            }
+        }
+
+        private static void Interleave(long[] x, int xOff, long[] z, int zOff, int count, int width)
+        {
+            switch (width)
+            {
+            case 3:
+                Interleave3(x, xOff, z, zOff, count);
+                break;
+            case 5:
+                Interleave5(x, xOff, z, zOff, count);
+                break;
+            case 7:
+                Interleave7(x, xOff, z, zOff, count);
+                break;
+            default:
+                Interleave2_n(x, xOff, z, zOff, count, BitLengths[width] - 1);
+                break;
+            }
+        }
+
+        private static void Interleave3(long[] x, int xOff, long[] z, int zOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                z[zOff + i] = Interleave3(x[xOff + i]);
+            }
+        }
+
+        private static long Interleave3(long x)
+        {
+            long z = x & (1L << 63);
+            return z
+                | Interleave3_21to63((int)x & 0x1FFFFF)
+                | Interleave3_21to63((int)((ulong)x >> 21) & 0x1FFFFF) << 1
+                | Interleave3_21to63((int)((ulong)x >> 42) & 0x1FFFFF) << 2;
+
+    //        int zPos = 0, wPos = 0, xPos = 0;
+    //        for (;;)
+    //        {
+    //            z |= ((x >>> xPos) & 1L) << zPos;
+    //            if (++zPos == 63)
+    //            {
+    //                String sz2 = Long.toBinaryString(z);
+    //                return z;
+    //            }
+    //            if ((xPos += 21) >= 63)
+    //            {
+    //                xPos = ++wPos;
+    //            }
+    //        }
+        }
+
+        private static long Interleave3_21to63(int x)
+        {
+            int r00 = INTERLEAVE3_TABLE[x & 0x7F];
+            int r21 = INTERLEAVE3_TABLE[((uint)x >> 7) & 0x7F];
+            int r42 = INTERLEAVE3_TABLE[(uint)x >> 14];
+            return (r42 & 0xFFFFFFFFL) << 42 | (r21 & 0xFFFFFFFFL) << 21 | (r00 & 0xFFFFFFFFL);
+        }
+
+        private static void Interleave5(long[] x, int xOff, long[] z, int zOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                z[zOff + i] = Interleave5(x[xOff + i]);
+            }
+        }
+
+        private static long Interleave5(long x)
+        {
+            return Interleave3_13to65((int)x & 0x1FFF)
+                | Interleave3_13to65((int)((ulong)x >> 13) & 0x1FFF) << 1
+                | Interleave3_13to65((int)((ulong)x >> 26) & 0x1FFF) << 2
+                | Interleave3_13to65((int)((ulong)x >> 39) & 0x1FFF) << 3
+                | Interleave3_13to65((int)((ulong)x >> 52) & 0x1FFF) << 4;
+
+    //        long z = 0;
+    //        int zPos = 0, wPos = 0, xPos = 0;
+    //        for (;;)
+    //        {
+    //            z |= ((x >>> xPos) & 1L) << zPos;
+    //            if (++zPos == 64)
+    //            {
+    //                return z;
+    //            }
+    //            if ((xPos += 13) >= 64)
+    //            {
+    //                xPos = ++wPos;
+    //            }
+    //        }
+        }
+
+        private static long Interleave3_13to65(int x)
+        {
+            int r00 = INTERLEAVE5_TABLE[x & 0x7F];
+            int r35 = INTERLEAVE5_TABLE[(uint)x >> 7];
+            return (r35 & 0xFFFFFFFFL) << 35 | (r00 & 0xFFFFFFFFL);
+        }
+
+        private static void Interleave7(long[] x, int xOff, long[] z, int zOff, int count)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                z[zOff + i] = Interleave7(x[xOff + i]);
+            }
+        }
+
+        private static long Interleave7(long x)
+        {
+            long z = x & (1L << 63);
+            return z
+                | INTERLEAVE7_TABLE[(int)x & 0x1FF]
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 9) & 0x1FF] << 1
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 18) & 0x1FF] << 2
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 27) & 0x1FF] << 3
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 36) & 0x1FF] << 4
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 45) & 0x1FF] << 5
+                | INTERLEAVE7_TABLE[(int)((ulong)x >> 54) & 0x1FF] << 6;
+
+    //        int zPos = 0, wPos = 0, xPos = 0;
+    //        for (;;)
+    //        {
+    //            z |= ((x >>> xPos) & 1L) << zPos;
+    //            if (++zPos == 63)
+    //            {
+    //                return z;
+    //            }
+    //            if ((xPos += 9) >= 63)
+    //            {
+    //                xPos = ++wPos;
+    //            }
+    //        }
+        }
+
+        private static void Interleave2_n(long[] x, int xOff, long[] z, int zOff, int count, int rounds)
+        {
+            for (int i = 0; i < count; ++i)
+            {
+                z[zOff + i] = Interleave2_n(x[xOff + i], rounds);
+            }
+        }
+
+        private static long Interleave2_n(long x, int rounds)
+        {
+            while (rounds > 1)
+            {
+                rounds -= 2;
+                x = Interleave4_16to64((int)x & 0xFFFF)
+                    | Interleave4_16to64((int)((ulong)x >> 16) & 0xFFFF) << 1
+                    | Interleave4_16to64((int)((ulong)x >> 32) & 0xFFFF) << 2
+                    | Interleave4_16to64((int)((ulong)x >> 48) & 0xFFFF) << 3;
+            }
+            if (rounds > 0)
+            {
+                x = Interleave2_32to64((int)x) | Interleave2_32to64((int)((ulong)x >> 32)) << 1;
+            }
+            return x;
+        }
+
+        private static long Interleave4_16to64(int x)
+        {
+            int r00 = INTERLEAVE4_TABLE[x & 0xFF];
+            int r32 = INTERLEAVE4_TABLE[(uint)x >> 8];
+            return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL);
+        }
+
+        private static long Interleave2_32to64(int x)
+        {
+            int r00 = INTERLEAVE2_TABLE[x & 0xFF] | INTERLEAVE2_TABLE[((uint)x >> 8) & 0xFF] << 16;
+            int r32 = INTERLEAVE2_TABLE[((uint)x >> 16) & 0xFF] | INTERLEAVE2_TABLE[(uint)x >> 24] << 16;
+            return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL);
+        }
+
+    //    private static LongArray ExpItohTsujii2(LongArray B, int n, int m, int[] ks)
+    //    {
+    //        LongArray t1 = B, t3 = new LongArray(new long[]{ 1L });
+    //        int scale = 1;
+    //
+    //        int numTerms = n;
+    //        while (numTerms > 1)
+    //        {
+    //            if ((numTerms & 1) != 0)
+    //            {
+    //                t3 = t3.ModMultiply(t1, m, ks);
+    //                t1 = t1.modSquareN(scale, m, ks);
+    //            }
+    //
+    //            LongArray t2 = t1.modSquareN(scale, m, ks);
+    //            t1 = t1.ModMultiply(t2, m, ks);
+    //            numTerms >>>= 1; scale <<= 1;
+    //        }
+    //
+    //        return t3.ModMultiply(t1, m, ks);
+    //    }
+    //
+    //    private static LongArray ExpItohTsujii23(LongArray B, int n, int m, int[] ks)
+    //    {
+    //        LongArray t1 = B, t3 = new LongArray(new long[]{ 1L });
+    //        int scale = 1;
+    //
+    //        int numTerms = n;
+    //        while (numTerms > 1)
+    //        {
+    //            bool m03 = numTerms % 3 == 0;
+    //            bool m14 = !m03 && (numTerms & 1) != 0;
+    //
+    //            if (m14)
+    //            {
+    //                t3 = t3.ModMultiply(t1, m, ks);
+    //                t1 = t1.modSquareN(scale, m, ks);
+    //            }
+    //
+    //            LongArray t2 = t1.modSquareN(scale, m, ks);
+    //            t1 = t1.ModMultiply(t2, m, ks);
+    //
+    //            if (m03)
+    //            {
+    //                t2 = t2.modSquareN(scale, m, ks);
+    //                t1 = t1.ModMultiply(t2, m, ks);
+    //                numTerms /= 3; scale *= 3;
+    //            }
+    //            else
+    //            {
+    //                numTerms >>>= 1; scale <<= 1;
+    //            }
+    //        }
+    //
+    //        return t3.ModMultiply(t1, m, ks);
+    //    }
+    //
+    //    private static LongArray ExpItohTsujii235(LongArray B, int n, int m, int[] ks)
+    //    {
+    //        LongArray t1 = B, t4 = new LongArray(new long[]{ 1L });
+    //        int scale = 1;
+    //
+    //        int numTerms = n;
+    //        while (numTerms > 1)
+    //        {
+    //            if (numTerms % 5 == 0)
+    //            {
+    ////                t1 = ExpItohTsujii23(t1, 5, m, ks);
+    //
+    //                LongArray t3 = t1;
+    //                t1 = t1.modSquareN(scale, m, ks);
+    //
+    //                LongArray t2 = t1.modSquareN(scale, m, ks);
+    //                t1 = t1.ModMultiply(t2, m, ks);
+    //                t2 = t1.modSquareN(scale << 1, m, ks);
+    //                t1 = t1.ModMultiply(t2, m, ks);
+    //
+    //                t1 = t1.ModMultiply(t3, m, ks);
+    //
+    //                numTerms /= 5; scale *= 5;
+    //                continue;
+    //            }
+    //
+    //            bool m03 = numTerms % 3 == 0;
+    //            bool m14 = !m03 && (numTerms & 1) != 0;
+    //
+    //            if (m14)
+    //            {
+    //                t4 = t4.ModMultiply(t1, m, ks);
+    //                t1 = t1.modSquareN(scale, m, ks);
+    //            }
+    //
+    //            LongArray t2 = t1.modSquareN(scale, m, ks);
+    //            t1 = t1.ModMultiply(t2, m, ks);
+    //
+    //            if (m03)
+    //            {
+    //                t2 = t2.modSquareN(scale, m, ks);
+    //                t1 = t1.ModMultiply(t2, m, ks);
+    //                numTerms /= 3; scale *= 3;
+    //            }
+    //            else
+    //            {
+    //                numTerms >>>= 1; scale <<= 1;
+    //            }
+    //        }
+    //
+    //        return t4.ModMultiply(t1, m, ks);
+    //    }
+
+        public LongArray ModInverse(int m, int[] ks)
+        {
+            /*
+             * Fermat's Little Theorem
+             */
+    //        LongArray A = this;
+    //        LongArray B = A.modSquare(m, ks);
+    //        LongArray R0 = B, R1 = B;
+    //        for (int i = 2; i < m; ++i)
+    //        {
+    //            R1 = R1.modSquare(m, ks);
+    //            R0 = R0.ModMultiply(R1, m, ks);
+    //        }
+    //
+    //        return R0;
+
+            /*
+             * Itoh-Tsujii
+             */
+    //        LongArray B = modSquare(m, ks);
+    //        switch (m)
+    //        {
+    //        case 409:
+    //            return ExpItohTsujii23(B, m - 1, m, ks);
+    //        case 571:
+    //            return ExpItohTsujii235(B, m - 1, m, ks);
+    //        case 163:
+    //        case 233:
+    //        case 283:
+    //        default:
+    //            return ExpItohTsujii2(B, m - 1, m, ks);
+    //        }
+
+            /*
+             * Inversion in F2m using the extended Euclidean algorithm
+             * 
+             * Input: A nonzero polynomial a(z) of degree at most m-1
+             * Output: a(z)^(-1) mod f(z)
+             */
+            int uzDegree = Degree();
+            if (uzDegree == 0)
+            {
+                throw new InvalidOperationException();
+            }
+            if (uzDegree == 1)
+            {
+                return this;
+            }
+
+            // u(z) := a(z)
+            LongArray uz = (LongArray)Copy();
+
+            int t = (m + 63) >> 6;
+
+            // v(z) := f(z)
+            LongArray vz = new LongArray(t);
+            ReduceBit(vz.m_ints, 0, m, m, ks);
+
+            // g1(z) := 1, g2(z) := 0
+            LongArray g1z = new LongArray(t);
+            g1z.m_ints[0] = 1L;
+            LongArray g2z = new LongArray(t);
+
+            int[] uvDeg = new int[]{ uzDegree, m + 1 };
+            LongArray[] uv = new LongArray[]{ uz, vz };
+
+            int[] ggDeg = new int[]{ 1, 0 };
+            LongArray[] gg = new LongArray[]{ g1z, g2z };
+
+            int b = 1;
+            int duv1 = uvDeg[b];
+            int dgg1 = ggDeg[b];
+            int j = duv1 - uvDeg[1 - b];
+
+            for (;;)
+            {
+                if (j < 0)
+                {
+                    j = -j;
+                    uvDeg[b] = duv1;
+                    ggDeg[b] = dgg1;
+                    b = 1 - b;
+                    duv1 = uvDeg[b];
+                    dgg1 = ggDeg[b];
+                }
+
+                uv[b].AddShiftedByBitsSafe(uv[1 - b], uvDeg[1 - b], j);
+
+                int duv2 = uv[b].DegreeFrom(duv1);
+                if (duv2 == 0)
+                {
+                    return gg[1 - b];
+                }
+
+                {
+                    int dgg2 = ggDeg[1 - b];
+                    gg[b].AddShiftedByBitsSafe(gg[1 - b], dgg2, j);
+                    dgg2 += j;
+
+                    if (dgg2 > dgg1)
+                    {
+                        dgg1 = dgg2;
+                    }
+                    else if (dgg2 == dgg1)
+                    {
+                        dgg1 = gg[b].DegreeFrom(dgg1);
+                    }
+                }
+
+                j += (duv2 - duv1);
+                duv1 = duv2;
+            }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as LongArray);
+        }
+
+        public virtual bool Equals(LongArray other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            int usedLen = GetUsedLength();
+            if (other.GetUsedLength() != usedLen)
+            {
+                return false;
+            }
+            for (int i = 0; i < usedLen; i++)
+            {
+                if (m_ints[i] != other.m_ints[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public override int GetHashCode()
+        {
+            int usedLen = GetUsedLength();
+            int hash = 1;
+            for (int i = 0; i < usedLen; i++)
+            {
+                long mi = m_ints[i];
+                hash *= 31;
+                hash ^= (int)mi;
+                hash *= 31;
+                hash ^= (int)((ulong)mi >> 32);
+            }
+            return hash;
+        }
+
+        public LongArray Copy()
+        {
+            return new LongArray(Arrays.Clone(m_ints));
+        }
+
+        public override string ToString()
+        {
+            int i = GetUsedLength();
+            if (i == 0)
+            {
+                return "0";
+            }
+
+            StringBuilder sb = new StringBuilder(Convert.ToString(m_ints[--i], 2));
+            while (--i >= 0)
+            {
+                string s = Convert.ToString(m_ints[i], 2);
+
+                // Add leading zeroes, except for highest significant word
+                int len = s.Length;
+                if (len < 64)
+                {
+                    sb.Append(ZEROES.Substring(len));
+                }
+
+                sb.Append(s);
+            }
+            return sb.ToString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ScaleXPointMap.cs b/bc-sharp-crypto/src/math/ec/ScaleXPointMap.cs
new file mode 100644
index 0000000..f8a363b
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ScaleXPointMap.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    public class ScaleXPointMap
+        : ECPointMap
+    {
+        protected readonly ECFieldElement scale;
+
+        public ScaleXPointMap(ECFieldElement scale)
+        {
+            this.scale = scale;
+        }
+
+        public virtual ECPoint Map(ECPoint p)
+        {
+            return p.ScaleX(scale);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/ScaleYPointMap.cs b/bc-sharp-crypto/src/math/ec/ScaleYPointMap.cs
new file mode 100644
index 0000000..1c4795b
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/ScaleYPointMap.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC
+{
+    public class ScaleYPointMap
+        : ECPointMap
+    {
+        protected readonly ECFieldElement scale;
+
+        public ScaleYPointMap(ECFieldElement scale)
+        {
+            this.scale = scale;
+        }
+
+        public virtual ECPoint Map(ECPoint p)
+        {
+            return p.ScaleY(scale);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/abc/SimpleBigDecimal.cs b/bc-sharp-crypto/src/math/ec/abc/SimpleBigDecimal.cs
new file mode 100644
index 0000000..d5664db
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/abc/SimpleBigDecimal.cs
@@ -0,0 +1,241 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Math.EC.Abc
+{
+	/**
+	* Class representing a simple version of a big decimal. A
+	* <code>SimpleBigDecimal</code> is basically a
+	* {@link java.math.BigInteger BigInteger} with a few digits on the right of
+	* the decimal point. The number of (binary) digits on the right of the decimal
+	* point is called the <code>scale</code> of the <code>SimpleBigDecimal</code>.
+	* Unlike in {@link java.math.BigDecimal BigDecimal}, the scale is not adjusted
+	* automatically, but must be set manually. All <code>SimpleBigDecimal</code>s
+	* taking part in the same arithmetic operation must have equal scale. The
+	* result of a multiplication of two <code>SimpleBigDecimal</code>s returns a
+	* <code>SimpleBigDecimal</code> with double scale.
+	*/
+	internal class SimpleBigDecimal
+		//	: Number
+	{
+		//	private static final long serialVersionUID = 1L;
+
+		private readonly BigInteger	bigInt;
+		private readonly int		scale;
+
+		/**
+		* Returns a <code>SimpleBigDecimal</code> representing the same numerical
+		* value as <code>value</code>.
+		* @param value The value of the <code>SimpleBigDecimal</code> to be
+		* created. 
+		* @param scale The scale of the <code>SimpleBigDecimal</code> to be
+		* created. 
+		* @return The such created <code>SimpleBigDecimal</code>.
+		*/
+		public static SimpleBigDecimal GetInstance(BigInteger val, int scale)
+		{
+			return new SimpleBigDecimal(val.ShiftLeft(scale), scale);
+		}
+
+		/**
+		* Constructor for <code>SimpleBigDecimal</code>. The value of the
+		* constructed <code>SimpleBigDecimal</code> Equals <code>bigInt / 
+		* 2<sup>scale</sup></code>.
+		* @param bigInt The <code>bigInt</code> value parameter.
+		* @param scale The scale of the constructed <code>SimpleBigDecimal</code>.
+		*/
+		public SimpleBigDecimal(BigInteger bigInt, int scale)
+		{
+			if (scale < 0)
+				throw new ArgumentException("scale may not be negative");
+
+			this.bigInt = bigInt;
+			this.scale = scale;
+		}
+
+		private SimpleBigDecimal(SimpleBigDecimal limBigDec)
+		{
+			bigInt = limBigDec.bigInt;
+			scale = limBigDec.scale;
+		}
+
+		private void CheckScale(SimpleBigDecimal b)
+		{
+			if (scale != b.scale)
+				throw new ArgumentException("Only SimpleBigDecimal of same scale allowed in arithmetic operations");
+		}
+
+		public SimpleBigDecimal AdjustScale(int newScale)
+		{
+			if (newScale < 0)
+				throw new ArgumentException("scale may not be negative");
+
+			if (newScale == scale)
+				return this;
+
+			return new SimpleBigDecimal(bigInt.ShiftLeft(newScale - scale), newScale);
+		}
+
+		public SimpleBigDecimal Add(SimpleBigDecimal b)
+		{
+			CheckScale(b);
+			return new SimpleBigDecimal(bigInt.Add(b.bigInt), scale);
+		}
+
+		public SimpleBigDecimal Add(BigInteger b)
+		{
+			return new SimpleBigDecimal(bigInt.Add(b.ShiftLeft(scale)), scale);
+		}
+
+		public SimpleBigDecimal Negate()
+		{
+			return new SimpleBigDecimal(bigInt.Negate(), scale);
+		}
+
+		public SimpleBigDecimal Subtract(SimpleBigDecimal b)
+		{
+			return Add(b.Negate());
+		}
+
+		public SimpleBigDecimal Subtract(BigInteger b)
+		{
+			return new SimpleBigDecimal(bigInt.Subtract(b.ShiftLeft(scale)), scale);
+		}
+
+		public SimpleBigDecimal Multiply(SimpleBigDecimal b)
+		{
+			CheckScale(b);
+			return new SimpleBigDecimal(bigInt.Multiply(b.bigInt), scale + scale);
+		}
+
+		public SimpleBigDecimal Multiply(BigInteger b)
+		{
+			return new SimpleBigDecimal(bigInt.Multiply(b), scale);
+		}
+
+		public SimpleBigDecimal Divide(SimpleBigDecimal b)
+		{
+			CheckScale(b);
+			BigInteger dividend = bigInt.ShiftLeft(scale);
+			return new SimpleBigDecimal(dividend.Divide(b.bigInt), scale);
+		}
+
+		public SimpleBigDecimal Divide(BigInteger b)
+		{
+			return new SimpleBigDecimal(bigInt.Divide(b), scale);
+		}
+
+		public SimpleBigDecimal ShiftLeft(int n)
+		{
+			return new SimpleBigDecimal(bigInt.ShiftLeft(n), scale);
+		}
+
+		public int CompareTo(SimpleBigDecimal val)
+		{
+			CheckScale(val);
+			return bigInt.CompareTo(val.bigInt);
+		}
+
+		public int CompareTo(BigInteger val)
+		{
+			return bigInt.CompareTo(val.ShiftLeft(scale));
+		}
+
+		public BigInteger Floor()
+		{
+			return bigInt.ShiftRight(scale);
+		}
+
+		public BigInteger Round()
+		{
+			SimpleBigDecimal oneHalf = new SimpleBigDecimal(BigInteger.One, 1);
+			return Add(oneHalf.AdjustScale(scale)).Floor();
+		}
+
+		public int IntValue
+		{
+			get { return Floor().IntValue; }
+		}
+
+		public long LongValue
+		{
+			get { return Floor().LongValue; }
+		}
+
+//		public double doubleValue()
+//		{
+//			return new Double(ToString()).doubleValue();
+//		}
+//
+//		public float floatValue()
+//		{
+//			return new Float(ToString()).floatValue();
+//		}
+
+		public int Scale
+		{
+			get { return scale; }
+		}
+
+		public override string ToString()
+		{
+			if (scale == 0)
+				return bigInt.ToString();
+
+			BigInteger floorBigInt = Floor();
+	        
+			BigInteger fract = bigInt.Subtract(floorBigInt.ShiftLeft(scale));
+			if (bigInt.SignValue < 0)
+			{
+				fract = BigInteger.One.ShiftLeft(scale).Subtract(fract);
+			}
+
+			if ((floorBigInt.SignValue == -1) && (!(fract.Equals(BigInteger.Zero))))
+			{
+				floorBigInt = floorBigInt.Add(BigInteger.One);
+			}
+			string leftOfPoint = floorBigInt.ToString();
+
+			char[] fractCharArr = new char[scale];
+				string fractStr = fract.ToString(2);
+			int fractLen = fractStr.Length;
+			int zeroes = scale - fractLen;
+			for (int i = 0; i < zeroes; i++)
+			{
+				fractCharArr[i] = '0';
+			}
+			for (int j = 0; j < fractLen; j++)
+			{
+				fractCharArr[zeroes + j] = fractStr[j];
+			}
+			string rightOfPoint = new string(fractCharArr);
+
+			StringBuilder sb = new StringBuilder(leftOfPoint);
+			sb.Append(".");
+			sb.Append(rightOfPoint);
+
+			return sb.ToString();
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (this == obj)
+				return true;
+
+			SimpleBigDecimal other = obj as SimpleBigDecimal;
+
+			if (other == null)
+				return false;
+
+			return bigInt.Equals(other.bigInt)
+				&& scale == other.scale;
+		}
+
+		public override int GetHashCode()
+		{
+			return bigInt.GetHashCode() ^ scale;
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/math/ec/abc/Tnaf.cs b/bc-sharp-crypto/src/math/ec/abc/Tnaf.cs
new file mode 100644
index 0000000..b6e792a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/abc/Tnaf.cs
@@ -0,0 +1,845 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Abc
+{
+    /**
+    * Class holding methods for point multiplication based on the window
+    * &#964;-adic nonadjacent form (WTNAF). The algorithms are based on the
+    * paper "Improved Algorithms for Arithmetic on Anomalous Binary Curves"
+    * by Jerome A. Solinas. The paper first appeared in the Proceedings of
+    * Crypto 1997.
+    */
+    internal class Tnaf
+    {
+        private static readonly BigInteger MinusOne = BigInteger.One.Negate();
+        private static readonly BigInteger MinusTwo = BigInteger.Two.Negate();
+        private static readonly BigInteger MinusThree = BigInteger.Three.Negate();
+        private static readonly BigInteger Four = BigInteger.ValueOf(4);
+
+        /**
+        * The window width of WTNAF. The standard value of 4 is slightly less
+        * than optimal for running time, but keeps space requirements for
+        * precomputation low. For typical curves, a value of 5 or 6 results in
+        * a better running time. When changing this value, the
+        * <code>&#945;<sub>u</sub></code>'s must be computed differently, see
+        * e.g. "Guide to Elliptic Curve Cryptography", Darrel Hankerson,
+        * Alfred Menezes, Scott Vanstone, Springer-Verlag New York Inc., 2004,
+        * p. 121-122
+        */
+        public const sbyte Width = 4;
+
+        /**
+        * 2<sup>4</sup>
+        */
+        public const sbyte Pow2Width = 16;
+
+        /**
+        * The <code>&#945;<sub>u</sub></code>'s for <code>a=0</code> as an array
+        * of <code>ZTauElement</code>s.
+        */
+        public static readonly ZTauElement[] Alpha0 =
+        {
+            null,
+            new ZTauElement(BigInteger.One, BigInteger.Zero), null,
+            new ZTauElement(MinusThree, MinusOne), null,
+            new ZTauElement(MinusOne, MinusOne), null,
+            new ZTauElement(BigInteger.One, MinusOne), null
+        };
+
+        /**
+        * The <code>&#945;<sub>u</sub></code>'s for <code>a=0</code> as an array
+        * of TNAFs.
+        */
+        public static readonly sbyte[][] Alpha0Tnaf =
+        {
+            null, new sbyte[]{1}, null, new sbyte[]{-1, 0, 1}, null, new sbyte[]{1, 0, 1}, null, new sbyte[]{-1, 0, 0, 1}
+        };
+
+        /**
+        * The <code>&#945;<sub>u</sub></code>'s for <code>a=1</code> as an array
+        * of <code>ZTauElement</code>s.
+        */
+        public static readonly ZTauElement[] Alpha1 =
+        {
+            null,
+            new ZTauElement(BigInteger.One, BigInteger.Zero), null,
+            new ZTauElement(MinusThree, BigInteger.One), null,
+            new ZTauElement(MinusOne, BigInteger.One), null,
+            new ZTauElement(BigInteger.One, BigInteger.One), null
+        };
+
+        /**
+        * The <code>&#945;<sub>u</sub></code>'s for <code>a=1</code> as an array
+        * of TNAFs.
+        */
+        public static readonly sbyte[][] Alpha1Tnaf =
+        {
+            null, new sbyte[]{1}, null, new sbyte[]{-1, 0, 1}, null, new sbyte[]{1, 0, 1}, null, new sbyte[]{-1, 0, 0, -1}
+        };
+
+        /**
+        * Computes the norm of an element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code>.
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve.
+        * @param lambda The element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code>.
+        * @return The norm of <code>&#955;</code>.
+        */
+        public static BigInteger Norm(sbyte mu, ZTauElement lambda)
+        {
+            BigInteger norm;
+
+            // s1 = u^2
+            BigInteger s1 = lambda.u.Multiply(lambda.u);
+
+            // s2 = u * v
+            BigInteger s2 = lambda.u.Multiply(lambda.v);
+
+            // s3 = 2 * v^2
+            BigInteger s3 = lambda.v.Multiply(lambda.v).ShiftLeft(1);
+
+            if (mu == 1)
+            {
+                norm = s1.Add(s2).Add(s3);
+            }
+            else if (mu == -1)
+            {
+                norm = s1.Subtract(s2).Add(s3);
+            }
+            else
+            {
+                throw new ArgumentException("mu must be 1 or -1");
+            }
+
+            return norm;
+        }
+
+        /**
+        * Computes the norm of an element <code>&#955;</code> of
+        * <code><b>R</b>[&#964;]</code>, where <code>&#955; = u + v&#964;</code>
+        * and <code>u</code> and <code>u</code> are real numbers (elements of
+        * <code><b>R</b></code>). 
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve.
+        * @param u The real part of the element <code>&#955;</code> of
+        * <code><b>R</b>[&#964;]</code>.
+        * @param v The <code>&#964;</code>-adic part of the element
+        * <code>&#955;</code> of <code><b>R</b>[&#964;]</code>.
+        * @return The norm of <code>&#955;</code>.
+        */
+        public static SimpleBigDecimal Norm(sbyte mu, SimpleBigDecimal u, SimpleBigDecimal v)
+        {
+            SimpleBigDecimal norm;
+
+            // s1 = u^2
+            SimpleBigDecimal s1 = u.Multiply(u);
+
+            // s2 = u * v
+            SimpleBigDecimal s2 = u.Multiply(v);
+
+            // s3 = 2 * v^2
+            SimpleBigDecimal s3 = v.Multiply(v).ShiftLeft(1);
+
+            if (mu == 1)
+            {
+                norm = s1.Add(s2).Add(s3);
+            }
+            else if (mu == -1)
+            {
+                norm = s1.Subtract(s2).Add(s3);
+            }
+            else
+            {
+                throw new ArgumentException("mu must be 1 or -1");
+            }
+
+            return norm;
+        }
+
+        /**
+        * Rounds an element <code>&#955;</code> of <code><b>R</b>[&#964;]</code>
+        * to an element of <code><b>Z</b>[&#964;]</code>, such that their difference
+        * has minimal norm. <code>&#955;</code> is given as
+        * <code>&#955; = &#955;<sub>0</sub> + &#955;<sub>1</sub>&#964;</code>.
+        * @param lambda0 The component <code>&#955;<sub>0</sub></code>.
+        * @param lambda1 The component <code>&#955;<sub>1</sub></code>.
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve. Must
+        * equal 1 or -1.
+        * @return The rounded element of <code><b>Z</b>[&#964;]</code>.
+        * @throws ArgumentException if <code>lambda0</code> and
+        * <code>lambda1</code> do not have same scale.
+        */
+        public static ZTauElement Round(SimpleBigDecimal lambda0,
+            SimpleBigDecimal lambda1, sbyte mu)
+        {
+            int scale = lambda0.Scale;
+            if (lambda1.Scale != scale)
+                throw new ArgumentException("lambda0 and lambda1 do not have same scale");
+
+            if (!((mu == 1) || (mu == -1)))
+                throw new ArgumentException("mu must be 1 or -1");
+
+            BigInteger f0 = lambda0.Round();
+            BigInteger f1 = lambda1.Round();
+
+            SimpleBigDecimal eta0 = lambda0.Subtract(f0);
+            SimpleBigDecimal eta1 = lambda1.Subtract(f1);
+
+            // eta = 2*eta0 + mu*eta1
+            SimpleBigDecimal eta = eta0.Add(eta0);
+            if (mu == 1)
+            {
+                eta = eta.Add(eta1);
+            }
+            else
+            {
+                // mu == -1
+                eta = eta.Subtract(eta1);
+            }
+
+            // check1 = eta0 - 3*mu*eta1
+            // check2 = eta0 + 4*mu*eta1
+            SimpleBigDecimal threeEta1 = eta1.Add(eta1).Add(eta1);
+            SimpleBigDecimal fourEta1 = threeEta1.Add(eta1);
+            SimpleBigDecimal check1;
+            SimpleBigDecimal check2;
+            if (mu == 1)
+            {
+                check1 = eta0.Subtract(threeEta1);
+                check2 = eta0.Add(fourEta1);
+            }
+            else
+            {
+                // mu == -1
+                check1 = eta0.Add(threeEta1);
+                check2 = eta0.Subtract(fourEta1);
+            }
+
+            sbyte h0 = 0;
+            sbyte h1 = 0;
+
+            // if eta >= 1
+            if (eta.CompareTo(BigInteger.One) >= 0)
+            {
+                if (check1.CompareTo(MinusOne) < 0)
+                {
+                    h1 = mu;
+                }
+                else
+                {
+                    h0 = 1;
+                }
+            }
+            else
+            {
+                // eta < 1
+                if (check2.CompareTo(BigInteger.Two) >= 0)
+                {
+                    h1 = mu;
+                }
+            }
+
+            // if eta < -1
+            if (eta.CompareTo(MinusOne) < 0)
+            {
+                if (check1.CompareTo(BigInteger.One) >= 0)
+                {
+                    h1 = (sbyte)-mu;
+                }
+                else
+                {
+                    h0 = -1;
+                }
+            }
+            else
+            {
+                // eta >= -1
+                if (check2.CompareTo(MinusTwo) < 0)
+                {
+                    h1 = (sbyte)-mu;
+                }
+            }
+
+            BigInteger q0 = f0.Add(BigInteger.ValueOf(h0));
+            BigInteger q1 = f1.Add(BigInteger.ValueOf(h1));
+            return new ZTauElement(q0, q1);
+        }
+
+        /**
+        * Approximate division by <code>n</code>. For an integer
+        * <code>k</code>, the value <code>&#955; = s k / n</code> is
+        * computed to <code>c</code> bits of accuracy.
+        * @param k The parameter <code>k</code>.
+        * @param s The curve parameter <code>s<sub>0</sub></code> or
+        * <code>s<sub>1</sub></code>.
+        * @param vm The Lucas Sequence element <code>V<sub>m</sub></code>.
+        * @param a The parameter <code>a</code> of the elliptic curve.
+        * @param m The bit length of the finite field
+        * <code><b>F</b><sub>m</sub></code>.
+        * @param c The number of bits of accuracy, i.e. the scale of the returned
+        * <code>SimpleBigDecimal</code>.
+        * @return The value <code>&#955; = s k / n</code> computed to
+        * <code>c</code> bits of accuracy.
+        */
+        public static SimpleBigDecimal ApproximateDivisionByN(BigInteger k,
+            BigInteger s, BigInteger vm, sbyte a, int m, int c)
+        {
+            int _k = (m + 5)/2 + c;
+            BigInteger ns = k.ShiftRight(m - _k - 2 + a);
+
+            BigInteger gs = s.Multiply(ns);
+
+            BigInteger hs = gs.ShiftRight(m);
+
+            BigInteger js = vm.Multiply(hs);
+
+            BigInteger gsPlusJs = gs.Add(js);
+            BigInteger ls = gsPlusJs.ShiftRight(_k-c);
+            if (gsPlusJs.TestBit(_k-c-1))
+            {
+                // round up
+                ls = ls.Add(BigInteger.One);
+            }
+
+            return new SimpleBigDecimal(ls, c);
+        }
+
+        /**
+        * Computes the <code>&#964;</code>-adic NAF (non-adjacent form) of an
+        * element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>.
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve.
+        * @param lambda The element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code>.
+        * @return The <code>&#964;</code>-adic NAF of <code>&#955;</code>.
+        */
+        public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda)
+        {
+            if (!((mu == 1) || (mu == -1))) 
+                throw new ArgumentException("mu must be 1 or -1");
+
+            BigInteger norm = Norm(mu, lambda);
+
+            // Ceiling of log2 of the norm 
+            int log2Norm = norm.BitLength;
+
+            // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
+            int maxLength = log2Norm > 30 ? log2Norm + 4 : 34;
+
+            // The array holding the TNAF
+            sbyte[] u = new sbyte[maxLength];
+            int i = 0;
+
+            // The actual length of the TNAF
+            int length = 0;
+
+            BigInteger r0 = lambda.u;
+            BigInteger r1 = lambda.v;
+
+            while(!((r0.Equals(BigInteger.Zero)) && (r1.Equals(BigInteger.Zero))))
+            {
+                // If r0 is odd
+                if (r0.TestBit(0)) 
+                {
+                    u[i] = (sbyte) BigInteger.Two.Subtract((r0.Subtract(r1.ShiftLeft(1))).Mod(Four)).IntValue;
+
+                    // r0 = r0 - u[i]
+                    if (u[i] == 1)
+                    {
+                        r0 = r0.ClearBit(0);
+                    }
+                    else
+                    {
+                        // u[i] == -1
+                        r0 = r0.Add(BigInteger.One);
+                    }
+                    length = i;
+                }
+                else
+                {
+                    u[i] = 0;
+                }
+
+                BigInteger t = r0;
+                BigInteger s = r0.ShiftRight(1);
+                if (mu == 1) 
+                {
+                    r0 = r1.Add(s);
+                }
+                else
+                {
+                    // mu == -1
+                    r0 = r1.Subtract(s);
+                }
+
+                r1 = t.ShiftRight(1).Negate();
+                i++;
+            }
+
+            length++;
+
+            // Reduce the TNAF array to its actual length
+            sbyte[] tnaf = new sbyte[length];
+            Array.Copy(u, 0, tnaf, 0, length);
+            return tnaf;
+        }
+
+        /**
+        * Applies the operation <code>&#964;()</code> to an
+        * <code>AbstractF2mPoint</code>. 
+        * @param p The AbstractF2mPoint to which <code>&#964;()</code> is applied.
+        * @return <code>&#964;(p)</code>
+        */
+        public static AbstractF2mPoint Tau(AbstractF2mPoint p)
+        {
+            return p.Tau();
+        }
+
+        /**
+        * Returns the parameter <code>&#956;</code> of the elliptic curve.
+        * @param curve The elliptic curve from which to obtain <code>&#956;</code>.
+        * The curve must be a Koblitz curve, i.e. <code>a</code> Equals
+        * <code>0</code> or <code>1</code> and <code>b</code> Equals
+        * <code>1</code>. 
+        * @return <code>&#956;</code> of the elliptic curve.
+        * @throws ArgumentException if the given ECCurve is not a Koblitz
+        * curve.
+        */
+        public static sbyte GetMu(AbstractF2mCurve curve)
+        {
+            BigInteger a = curve.A.ToBigInteger();
+
+            sbyte mu;
+            if (a.SignValue == 0)
+            {
+                mu = -1;
+            }
+            else if (a.Equals(BigInteger.One))
+            {
+                mu = 1;
+            }
+            else
+            {
+                throw new ArgumentException("No Koblitz curve (ABC), TNAF multiplication not possible");
+            }
+            return mu;
+        }
+
+        public static sbyte GetMu(ECFieldElement curveA)
+        {
+            return (sbyte)(curveA.IsZero ? -1 : 1);
+        }
+
+        public static sbyte GetMu(int curveA)
+        {
+            return (sbyte)(curveA == 0 ? -1 : 1);
+        }
+
+        /**
+        * Calculates the Lucas Sequence elements <code>U<sub>k-1</sub></code> and
+        * <code>U<sub>k</sub></code> or <code>V<sub>k-1</sub></code> and
+        * <code>V<sub>k</sub></code>.
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve.
+        * @param k The index of the second element of the Lucas Sequence to be
+        * returned.
+        * @param doV If set to true, computes <code>V<sub>k-1</sub></code> and
+        * <code>V<sub>k</sub></code>, otherwise <code>U<sub>k-1</sub></code> and
+        * <code>U<sub>k</sub></code>.
+        * @return An array with 2 elements, containing <code>U<sub>k-1</sub></code>
+        * and <code>U<sub>k</sub></code> or <code>V<sub>k-1</sub></code>
+        * and <code>V<sub>k</sub></code>.
+        */
+        public static BigInteger[] GetLucas(sbyte mu, int k, bool doV)
+        {
+            if (!(mu == 1 || mu == -1)) 
+                throw new ArgumentException("mu must be 1 or -1");
+
+            BigInteger u0;
+            BigInteger u1;
+            BigInteger u2;
+
+            if (doV)
+            {
+                u0 = BigInteger.Two;
+                u1 = BigInteger.ValueOf(mu);
+            }
+            else
+            {
+                u0 = BigInteger.Zero;
+                u1 = BigInteger.One;
+            }
+
+            for (int i = 1; i < k; i++)
+            {
+                // u2 = mu*u1 - 2*u0;
+                BigInteger s = null;
+                if (mu == 1)
+                {
+                    s = u1;
+                }
+                else
+                {
+                    // mu == -1
+                    s = u1.Negate();
+                }
+                
+                u2 = s.Subtract(u0.ShiftLeft(1));
+                u0 = u1;
+                u1 = u2;
+                //            System.out.println(i + ": " + u2);
+                //            System.out.println();
+            }
+
+            BigInteger[] retVal = {u0, u1};
+            return retVal;
+        }
+
+        /**
+        * Computes the auxiliary value <code>t<sub>w</sub></code>. If the width is
+        * 4, then for <code>mu = 1</code>, <code>t<sub>w</sub> = 6</code> and for
+        * <code>mu = -1</code>, <code>t<sub>w</sub> = 10</code> 
+        * @param mu The parameter <code>&#956;</code> of the elliptic curve.
+        * @param w The window width of the WTNAF.
+        * @return the auxiliary value <code>t<sub>w</sub></code>
+        */
+        public static BigInteger GetTw(sbyte mu, int w) 
+        {
+            if (w == 4)
+            {
+                if (mu == 1)
+                {
+                    return BigInteger.ValueOf(6);
+                }
+                else
+                {
+                    // mu == -1
+                    return BigInteger.ValueOf(10);
+                }
+            }
+            else
+            {
+                // For w <> 4, the values must be computed
+                BigInteger[] us = GetLucas(mu, w, false);
+                BigInteger twoToW = BigInteger.Zero.SetBit(w);
+                BigInteger u1invert = us[1].ModInverse(twoToW);
+                BigInteger tw;
+                tw = BigInteger.Two.Multiply(us[0]).Multiply(u1invert).Mod(twoToW);
+                //System.out.println("mu = " + mu);
+                //System.out.println("tw = " + tw);
+                return tw;
+            }
+        }
+
+        /**
+        * Computes the auxiliary values <code>s<sub>0</sub></code> and
+        * <code>s<sub>1</sub></code> used for partial modular reduction. 
+        * @param curve The elliptic curve for which to compute
+        * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
+        * @throws ArgumentException if <code>curve</code> is not a
+        * Koblitz curve (Anomalous Binary Curve, ABC).
+        */
+        public static BigInteger[] GetSi(AbstractF2mCurve curve)
+        {
+            if (!curve.IsKoblitz)
+                throw new ArgumentException("si is defined for Koblitz curves only");
+
+            int m = curve.FieldSize;
+            int a = curve.A.ToBigInteger().IntValue;
+            sbyte mu = GetMu(a);
+            int shifts = GetShiftsForCofactor(curve.Cofactor);
+            int index = m + 3 - a;
+            BigInteger[] ui = GetLucas(mu, index, false);
+
+            if (mu == 1)
+            {
+                ui[0] = ui[0].Negate();
+                ui[1] = ui[1].Negate();
+            }
+
+            BigInteger dividend0 = BigInteger.One.Add(ui[1]).ShiftRight(shifts);
+            BigInteger dividend1 = BigInteger.One.Add(ui[0]).ShiftRight(shifts).Negate();
+
+            return new BigInteger[] { dividend0, dividend1 };
+        }
+
+        public static BigInteger[] GetSi(int fieldSize, int curveA, BigInteger cofactor)
+        {
+            sbyte mu = GetMu(curveA);
+            int shifts = GetShiftsForCofactor(cofactor);
+            int index = fieldSize + 3 - curveA;
+            BigInteger[] ui = GetLucas(mu, index, false);
+            if (mu == 1)
+            {
+                ui[0] = ui[0].Negate();
+                ui[1] = ui[1].Negate();
+            }
+
+            BigInteger dividend0 = BigInteger.One.Add(ui[1]).ShiftRight(shifts);
+            BigInteger dividend1 = BigInteger.One.Add(ui[0]).ShiftRight(shifts).Negate();
+
+            return new BigInteger[] { dividend0, dividend1 };
+        }
+
+        protected static int GetShiftsForCofactor(BigInteger h)
+        {
+            if (h != null && h.BitLength < 4)
+            {
+                int hi = h.IntValue;
+                if (hi == 2)
+                    return 1;
+                if (hi == 4)
+                    return 2;
+            }
+
+            throw new ArgumentException("h (Cofactor) must be 2 or 4");
+        }
+
+        /**
+        * Partial modular reduction modulo
+        * <code>(&#964;<sup>m</sup> - 1)/(&#964; - 1)</code>.
+        * @param k The integer to be reduced.
+        * @param m The bitlength of the underlying finite field.
+        * @param a The parameter <code>a</code> of the elliptic curve.
+        * @param s The auxiliary values <code>s<sub>0</sub></code> and
+        * <code>s<sub>1</sub></code>.
+        * @param mu The parameter &#956; of the elliptic curve.
+        * @param c The precision (number of bits of accuracy) of the partial
+        * modular reduction.
+        * @return <code>&#961; := k partmod (&#964;<sup>m</sup> - 1)/(&#964; - 1)</code>
+        */
+        public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a,
+            BigInteger[] s, sbyte mu, sbyte c)
+        {
+            // d0 = s[0] + mu*s[1]; mu is either 1 or -1
+            BigInteger d0;
+            if (mu == 1)
+            {
+                d0 = s[0].Add(s[1]);
+            }
+            else
+            {
+                d0 = s[0].Subtract(s[1]);
+            }
+
+            BigInteger[] v = GetLucas(mu, m, true);
+            BigInteger vm = v[1];
+
+            SimpleBigDecimal lambda0 = ApproximateDivisionByN(
+                k, s[0], vm, a, m, c);
+            
+            SimpleBigDecimal lambda1 = ApproximateDivisionByN(
+                k, s[1], vm, a, m, c);
+
+            ZTauElement q = Round(lambda0, lambda1, mu);
+
+            // r0 = n - d0*q0 - 2*s1*q1
+            BigInteger r0 = k.Subtract(d0.Multiply(q.u)).Subtract(
+                BigInteger.ValueOf(2).Multiply(s[1]).Multiply(q.v));
+
+            // r1 = s1*q0 - s0*q1
+            BigInteger r1 = s[1].Multiply(q.u).Subtract(s[0].Multiply(q.v));
+            
+            return new ZTauElement(r0, r1);
+        }
+
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by a <code>BigInteger</code> using the reduced <code>&#964;</code>-adic
+        * NAF (RTNAF) method.
+        * @param p The AbstractF2mPoint to Multiply.
+        * @param k The <code>BigInteger</code> by which to Multiply <code>p</code>.
+        * @return <code>k * p</code>
+        */
+        public static AbstractF2mPoint MultiplyRTnaf(AbstractF2mPoint p, BigInteger k)
+        {
+            AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
+            int m = curve.FieldSize;
+            int a = curve.A.ToBigInteger().IntValue;
+            sbyte mu = GetMu(a);
+            BigInteger[] s = curve.GetSi();
+            ZTauElement rho = PartModReduction(k, m, (sbyte)a, s, mu, (sbyte)10);
+
+            return MultiplyTnaf(p, rho);
+        }
+
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by an element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>
+        * using the <code>&#964;</code>-adic NAF (TNAF) method.
+        * @param p The AbstractF2mPoint to Multiply.
+        * @param lambda The element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code>.
+        * @return <code>&#955; * p</code>
+        */
+        public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda)
+        {
+            AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
+            sbyte mu = GetMu(curve.A);
+            sbyte[] u = TauAdicNaf(mu, lambda);
+
+            AbstractF2mPoint q = MultiplyFromTnaf(p, u);
+
+            return q;
+        }
+
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by an element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>
+        * using the <code>&#964;</code>-adic NAF (TNAF) method, given the TNAF
+        * of <code>&#955;</code>.
+        * @param p The AbstractF2mPoint to Multiply.
+        * @param u The the TNAF of <code>&#955;</code>..
+        * @return <code>&#955; * p</code>
+        */
+        public static AbstractF2mPoint MultiplyFromTnaf(AbstractF2mPoint p, sbyte[] u)
+        {
+            ECCurve curve = p.Curve;
+            AbstractF2mPoint q = (AbstractF2mPoint)curve.Infinity;
+            AbstractF2mPoint pNeg = (AbstractF2mPoint)p.Negate();
+            int tauCount = 0;
+            for (int i = u.Length - 1; i >= 0; i--)
+            {
+                ++tauCount;
+                sbyte ui = u[i];
+                if (ui != 0)
+                {
+                    q = q.TauPow(tauCount);
+                    tauCount = 0;
+
+                    ECPoint x = ui > 0 ? p : pNeg;
+                    q = (AbstractF2mPoint)q.Add(x);
+                }
+            }
+            if (tauCount > 0)
+            {
+                q = q.TauPow(tauCount);
+            }
+            return q;
+        }
+
+        /**
+        * Computes the <code>[&#964;]</code>-adic window NAF of an element
+        * <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>.
+        * @param mu The parameter &#956; of the elliptic curve.
+        * @param lambda The element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code> of which to compute the
+        * <code>[&#964;]</code>-adic NAF.
+        * @param width The window width of the resulting WNAF.
+        * @param pow2w 2<sup>width</sup>.
+        * @param tw The auxiliary value <code>t<sub>w</sub></code>.
+        * @param alpha The <code>&#945;<sub>u</sub></code>'s for the window width.
+        * @return The <code>[&#964;]</code>-adic window NAF of
+        * <code>&#955;</code>.
+        */
+        public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda,
+            sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
+        {
+            if (!((mu == 1) || (mu == -1))) 
+                throw new ArgumentException("mu must be 1 or -1");
+
+            BigInteger norm = Norm(mu, lambda);
+
+            // Ceiling of log2 of the norm 
+            int log2Norm = norm.BitLength;
+
+            // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
+            int maxLength = log2Norm > 30 ? log2Norm + 4 + width : 34 + width;
+
+            // The array holding the TNAF
+            sbyte[] u = new sbyte[maxLength];
+
+            // 2^(width - 1)
+            BigInteger pow2wMin1 = pow2w.ShiftRight(1);
+
+            // Split lambda into two BigIntegers to simplify calculations
+            BigInteger r0 = lambda.u;
+            BigInteger r1 = lambda.v;
+            int i = 0;
+
+            // while lambda <> (0, 0)
+            while (!((r0.Equals(BigInteger.Zero))&&(r1.Equals(BigInteger.Zero))))
+            {
+                // if r0 is odd
+                if (r0.TestBit(0)) 
+                {
+                    // uUnMod = r0 + r1*tw Mod 2^width
+                    BigInteger uUnMod
+                        = r0.Add(r1.Multiply(tw)).Mod(pow2w);
+                    
+                    sbyte uLocal;
+                    // if uUnMod >= 2^(width - 1)
+                    if (uUnMod.CompareTo(pow2wMin1) >= 0)
+                    {
+                        uLocal = (sbyte) uUnMod.Subtract(pow2w).IntValue;
+                    }
+                    else
+                    {
+                        uLocal = (sbyte) uUnMod.IntValue;
+                    }
+                    // uLocal is now in [-2^(width-1), 2^(width-1)-1]
+
+                    u[i] = uLocal;
+                    bool s = true;
+                    if (uLocal < 0) 
+                    {
+                        s = false;
+                        uLocal = (sbyte)-uLocal;
+                    }
+                    // uLocal is now >= 0
+
+                    if (s) 
+                    {
+                        r0 = r0.Subtract(alpha[uLocal].u);
+                        r1 = r1.Subtract(alpha[uLocal].v);
+                    }
+                    else
+                    {
+                        r0 = r0.Add(alpha[uLocal].u);
+                        r1 = r1.Add(alpha[uLocal].v);
+                    }
+                }
+                else
+                {
+                    u[i] = 0;
+                }
+
+                BigInteger t = r0;
+
+                if (mu == 1)
+                {
+                    r0 = r1.Add(r0.ShiftRight(1));
+                }
+                else
+                {
+                    // mu == -1
+                    r0 = r1.Subtract(r0.ShiftRight(1));
+                }
+                r1 = t.ShiftRight(1).Negate();
+                i++;
+            }
+            return u;
+        }
+
+        /**
+        * Does the precomputation for WTNAF multiplication.
+        * @param p The <code>ECPoint</code> for which to do the precomputation.
+        * @param a The parameter <code>a</code> of the elliptic curve.
+        * @return The precomputation array for <code>p</code>. 
+        */
+        public static AbstractF2mPoint[] GetPreComp(AbstractF2mPoint p, sbyte a)
+        {
+            sbyte[][] alphaTnaf = (a == 0) ? Tnaf.Alpha0Tnaf : Tnaf.Alpha1Tnaf;
+
+            AbstractF2mPoint[] pu = new AbstractF2mPoint[(uint)(alphaTnaf.Length + 1) >> 1];
+            pu[0] = p;
+
+            uint precompLen = (uint)alphaTnaf.Length;
+            for (uint i = 3; i < precompLen; i += 2)
+            {
+                pu[i >> 1] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]);
+            }
+
+            p.Curve.NormalizeAll(pu);
+
+            return pu;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/abc/ZTauElement.cs b/bc-sharp-crypto/src/math/ec/abc/ZTauElement.cs
new file mode 100644
index 0000000..4fcbf1b
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/abc/ZTauElement.cs
@@ -0,0 +1,36 @@
+namespace Org.BouncyCastle.Math.EC.Abc
+{
+	/**
+	* Class representing an element of <code><b>Z</b>[&#964;]</code>. Let
+	* <code>&#955;</code> be an element of <code><b>Z</b>[&#964;]</code>. Then
+	* <code>&#955;</code> is given as <code>&#955; = u + v&#964;</code>. The
+	* components <code>u</code> and <code>v</code> may be used directly, there
+	* are no accessor methods.
+	* Immutable class.
+	*/
+	internal class ZTauElement 
+	{
+		/**
+		* The &quot;real&quot; part of <code>&#955;</code>.
+		*/
+		public readonly BigInteger u;
+
+		/**
+		* The &quot;<code>&#964;</code>-adic&quot; part of <code>&#955;</code>.
+		*/
+		public readonly BigInteger v;
+
+		/**
+		* Constructor for an element <code>&#955;</code> of
+		* <code><b>Z</b>[&#964;]</code>.
+		* @param u The &quot;real&quot; part of <code>&#955;</code>.
+		* @param v The &quot;<code>&#964;</code>-adic&quot; part of
+		* <code>&#955;</code>.
+		*/
+		public ZTauElement(BigInteger u, BigInteger v)
+		{
+			this.u = u;
+			this.v = v;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519.cs b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519.cs
new file mode 100644
index 0000000..6ed7c06
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Djb
+{
+    internal class Curve25519
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = Nat256.ToBigInteger(Curve25519Field.P);
+
+        private const int Curve25519_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED;
+
+        protected readonly Curve25519Point m_infinity;
+
+        public Curve25519()
+            : base(q)
+        {
+            this.m_infinity = new Curve25519Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA984914A144")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("7B425ED097B425ED097B425ED097B425ED097B425ED097B4260B5E9C7710C864")));
+            this.m_order = new BigInteger(1, Hex.Decode("1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED"));
+            this.m_cofactor = BigInteger.ValueOf(8);
+            this.m_coord = Curve25519_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new Curve25519();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN_MODIFIED:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new Curve25519FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new Curve25519Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new Curve25519Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Field.cs b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Field.cs
new file mode 100644
index 0000000..837821e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Field.cs
@@ -0,0 +1,253 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Djb
+{
+    internal class Curve25519Field
+    {
+        // 2^255 - 2^4 - 2^1 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0x7FFFFFFF };
+        private const uint P7 = 0x7FFFFFFF;
+        private static readonly uint[] PExt = new uint[]{ 0x00000169, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+            0x00000000, 0x00000000, 0x00000000, 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0x3FFFFFFF };
+        private const uint PInv = 0x13;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            Nat256.Add(x, y, z);
+            if (Nat256.Gte(z, P))
+            {
+                SubPFrom(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            Nat.Add(16, xx, yy, zz);
+            if (Nat.Gte(16, zz, PExt))
+            {
+                SubPExtFrom(zz);
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            Nat.Inc(8, x, z);
+            if (Nat256.Gte(z, P))
+            {
+                SubPFrom(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat256.FromBigInteger(x);
+            while (Nat256.Gte(z, P))
+            {
+                Nat256.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(8, x, 0, z);
+            }
+            else
+            {
+                Nat256.Add(x, P, z);
+                Nat.ShiftDownBit(8, z, 0);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            Nat256.MulAddTo(x, y, zz);
+            if (Nat.Gte(16, zz, PExt))
+            {
+                SubPExtFrom(zz);
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat256.IsZero(x))
+            {
+                Nat256.Zero(z);
+            }
+            else
+            {
+                Nat256.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            Debug.Assert(xx[15] >> 30 == 0);
+
+            uint xx07 = xx[7];
+            Nat.ShiftUpBit(8, xx, 8, xx07, z, 0);
+            uint c = Nat256.MulByWordAddTo(PInv, xx, z) << 1;
+            uint z7 = z[7];
+            c += (z7 >> 31) - (xx07 >> 31);
+            z7 &= P7;
+            z7 += Nat.AddWordTo(7, c * PInv, z);
+            z[7] = z7;
+            if (z7 >= P7 && Nat256.Gte(z, P))
+            {
+                SubPFrom(z);
+            }
+        }
+
+        public static void Reduce27(uint x, uint[] z)
+        {
+            Debug.Assert(x >> 26 == 0);
+
+            uint z7 = z[7];
+            uint c = (x << 1 | z7 >> 31);
+            z7 &= P7;
+            z7 += Nat.AddWordTo(7, c * PInv, z);
+            z[7] = z7;
+            if (z7 >= P7 && Nat256.Gte(z, P))
+            {
+                SubPFrom(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat256.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat256.Sub(x, y, z);
+            if (c != 0)
+            {
+                AddPTo(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(16, xx, yy, zz);
+            if (c != 0)
+            {
+                AddPExtTo(zz);
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            Nat.ShiftUpBit(8, x, 0, z);
+            if (Nat256.Gte(z, P))
+            {
+                SubPFrom(z);
+            }
+        }
+
+        private static uint AddPTo(uint[] z)
+        {
+            long c = (long)z[0] - PInv;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.DecAt(7, z, 1);
+            }
+            c += (long)z[7] + (P7 + 1);
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        private static uint AddPExtTo(uint[] zz)
+        {
+            long c = (long)zz[0] + PExt[0];
+            zz[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.IncAt(8, zz, 1);
+            }
+            c += (long)zz[8] - PInv;
+            zz[8] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.DecAt(15, zz, 9);
+            }
+            c += (long)zz[15] + (PExt[15] + 1);
+            zz[15] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        private static int SubPFrom(uint[] z)
+        {
+            long c = (long)z[0] + PInv;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.IncAt(7, z, 1);
+            }
+            c += (long)z[7] - (P7 + 1);
+            z[7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        private static int SubPExtFrom(uint[] zz)
+        {
+            long c = (long)zz[0] - PExt[0];
+            zz[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.DecAt(8, zz, 1);
+            }
+            c += (long)zz[8] + PInv;
+            zz[8] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c = Nat.IncAt(15, zz, 9);
+            }
+            c += (long)zz[15] - (PExt[15] + 1);
+            zz[15] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs
new file mode 100644
index 0000000..732e9e4
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs
@@ -0,0 +1,233 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Djb
+{
+    internal class Curve25519FieldElement
+        :   ECFieldElement
+    {
+        public static readonly BigInteger Q = Curve25519.q;
+
+        // Calculated as ECConstants.TWO.modPow(Q.shiftRight(2), Q)
+        private static readonly uint[] PRECOMP_POW2 = new uint[]{ 0x4a0ea0b0, 0xc4ee1b27, 0xad2fe478, 0x2f431806,
+            0x3dfbd7a7, 0x2b4d0099, 0x4fc1df0b, 0x2b832480 };
+
+        protected internal readonly uint[] x;
+
+        public Curve25519FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for Curve25519FieldElement", "x");
+
+            this.x = Curve25519Field.FromBigInteger(x);
+        }
+
+        public Curve25519FieldElement()
+        {
+            this.x = Nat256.Create();
+        }
+
+        protected internal Curve25519FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat256.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "Curve25519Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.Add(x, ((Curve25519FieldElement)b).x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.AddOne(x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.Subtract(x, ((Curve25519FieldElement)b).x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.Multiply(x, ((Curve25519FieldElement)b).x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat256.Create();
+            Mod.Invert(Curve25519Field.P, ((Curve25519FieldElement)b).x, z);
+            Curve25519Field.Multiply(z, x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.Negate(x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat256.Create();
+            Curve25519Field.Square(x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new Curve25519FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat256.Create();
+            Mod.Invert(Curve25519Field.P, x, z);
+            return new Curve25519FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Q == 8m + 5, so we use Pocklington's method for this case.
+             *
+             * First, raise this element to the exponent 2^252 - 2^1 (i.e. m + 1)
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             * { 251 1s } { 1 0s }
+             * 
+             * Therefore we need an addition chain containing 251 (the lengths of the repunits)
+             * We use: 1, 2, 3, 4, 7, 11, 15, 30, 60, 120, 131, [251]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat256.IsZero(x1) || Nat256.IsOne(x1))
+                return this;
+
+            uint[] x2 = Nat256.Create();
+            Curve25519Field.Square(x1, x2);
+            Curve25519Field.Multiply(x2, x1, x2);
+            uint[] x3 = x2;
+            Curve25519Field.Square(x2, x3);
+            Curve25519Field.Multiply(x3, x1, x3);
+            uint[] x4 = Nat256.Create();
+            Curve25519Field.Square(x3, x4);
+            Curve25519Field.Multiply(x4, x1, x4);
+            uint[] x7 = Nat256.Create();
+            Curve25519Field.SquareN(x4, 3, x7);
+            Curve25519Field.Multiply(x7, x3, x7);
+            uint[] x11 = x3;
+            Curve25519Field.SquareN(x7, 4, x11);
+            Curve25519Field.Multiply(x11, x4, x11);
+            uint[] x15 = x7;
+            Curve25519Field.SquareN(x11, 4, x15);
+            Curve25519Field.Multiply(x15, x4, x15);
+            uint[] x30 = x4;
+            Curve25519Field.SquareN(x15, 15, x30);
+            Curve25519Field.Multiply(x30, x15, x30);
+            uint[] x60 = x15;
+            Curve25519Field.SquareN(x30, 30, x60);
+            Curve25519Field.Multiply(x60, x30, x60);
+            uint[] x120 = x30;
+            Curve25519Field.SquareN(x60, 60, x120);
+            Curve25519Field.Multiply(x120, x60, x120);
+            uint[] x131 = x60;
+            Curve25519Field.SquareN(x120, 11, x131);
+            Curve25519Field.Multiply(x131, x11, x131);
+            uint[] x251 = x11;
+            Curve25519Field.SquareN(x131, 120, x251);
+            Curve25519Field.Multiply(x251, x120, x251);
+
+            uint[] t1 = x251;
+            Curve25519Field.Square(t1, t1);
+
+            uint[] t2 = x120;
+            Curve25519Field.Square(t1, t2);
+
+            if (Nat256.Eq(x1, t2))
+            {
+                return new Curve25519FieldElement(t1);
+            }
+
+            /*
+             * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess,
+             * which is ((4x)^(m + 1))/2 mod Q
+             */
+            Curve25519Field.Multiply(t1, PRECOMP_POW2, t1);
+
+            Curve25519Field.Square(t1, t2);
+
+            if (Nat256.Eq(x1, t2))
+            {
+                return new Curve25519FieldElement(t1);
+            }
+
+            return null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as Curve25519FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as Curve25519FieldElement);
+        }
+
+        public virtual bool Equals(Curve25519FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Point.cs b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Point.cs
new file mode 100644
index 0000000..eb8fc12
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/djb/Curve25519Point.cs
@@ -0,0 +1,313 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Djb
+{
+    internal class Curve25519Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve the curve to use
+         * @param x affine x co-ordinate
+         * @param y affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.CreatePoint to construct points
+         */
+        public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve the curve to use
+         * @param x affine x co-ordinate
+         * @param y affine y co-ordinate
+         * @param withCompression if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new Curve25519Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement GetZCoord(int index)
+        {
+            if (index == 1)
+            {
+                return GetJacobianModifiedW();
+            }
+
+            return base.GetZCoord(index);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            Curve25519FieldElement X1 = (Curve25519FieldElement)this.RawXCoord, Y1 = (Curve25519FieldElement)this.RawYCoord,
+                Z1 = (Curve25519FieldElement)this.RawZCoords[0];
+            Curve25519FieldElement X2 = (Curve25519FieldElement)b.RawXCoord, Y2 = (Curve25519FieldElement)b.RawYCoord,
+                Z2 = (Curve25519FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat256.CreateExt();
+            uint[] t2 = Nat256.Create();
+            uint[] t3 = Nat256.Create();
+            uint[] t4 = Nat256.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                Curve25519Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                Curve25519Field.Multiply(S2, X2.x, U2);
+
+                Curve25519Field.Multiply(S2, Z1.x, S2);
+                Curve25519Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                Curve25519Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                Curve25519Field.Multiply(S1, X1.x, U1);
+
+                Curve25519Field.Multiply(S1, Z2.x, S1);
+                Curve25519Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat256.Create();
+            Curve25519Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            Curve25519Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat256.IsZero(H))
+            {
+                if (Nat256.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = Nat256.Create();
+            Curve25519Field.Square(H, HSquared);
+
+            uint[] G = Nat256.Create();
+            Curve25519Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            Curve25519Field.Multiply(HSquared, U1, V);
+
+            Curve25519Field.Negate(G, G);
+            Nat256.Mul(S1, G, tt1);
+
+            c = Nat256.AddBothTo(V, V, G);
+            Curve25519Field.Reduce27(c, G);
+
+            Curve25519FieldElement X3 = new Curve25519FieldElement(t4);
+            Curve25519Field.Square(R, X3.x);
+            Curve25519Field.Subtract(X3.x, G, X3.x);
+
+            Curve25519FieldElement Y3 = new Curve25519FieldElement(G);
+            Curve25519Field.Subtract(V, X3.x, Y3.x);
+            Curve25519Field.MultiplyAddToExt(Y3.x, R, tt1);
+            Curve25519Field.Reduce(tt1, Y3.x);
+
+            Curve25519FieldElement Z3 = new Curve25519FieldElement(H);
+            if (!Z1IsOne)
+            {
+                Curve25519Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                Curve25519Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            uint[] Z3Squared = (Z1IsOne && Z2IsOne) ? HSquared : null;
+
+            // TODO If the result will only be used in a subsequent addition, we don't need W3
+            Curve25519FieldElement W3 = CalculateJacobianModifiedW((Curve25519FieldElement)Z3, Z3Squared);
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3, W3 };
+
+            return new Curve25519Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            return TwiceJacobianModified(true);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return TwiceJacobianModified(false).Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            return TwiceJacobianModified(false).Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new Curve25519Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+
+        protected virtual Curve25519FieldElement CalculateJacobianModifiedW(Curve25519FieldElement Z, uint[] ZSquared)
+        {
+            Curve25519FieldElement a4 = (Curve25519FieldElement)this.Curve.A;
+            if (Z.IsOne)
+                return a4;
+
+            Curve25519FieldElement W = new Curve25519FieldElement();
+            if (ZSquared == null)
+            {
+                ZSquared = W.x;
+                Curve25519Field.Square(Z.x, ZSquared);
+            }
+            Curve25519Field.Square(ZSquared, W.x);
+            Curve25519Field.Multiply(W.x, a4.x, W.x);
+            return W;
+        }
+
+        protected virtual Curve25519FieldElement GetJacobianModifiedW()
+        {
+            ECFieldElement[] ZZ = this.RawZCoords;
+            Curve25519FieldElement W = (Curve25519FieldElement)ZZ[1];
+            if (W == null)
+            {
+                // NOTE: Rarely, TwicePlus will result in the need for a lazy W1 calculation here
+                ZZ[1] = W = CalculateJacobianModifiedW((Curve25519FieldElement)ZZ[0], null);
+            }
+            return W;
+        }
+
+        protected virtual Curve25519Point TwiceJacobianModified(bool calculateW)
+        {
+            Curve25519FieldElement X1 = (Curve25519FieldElement)this.RawXCoord, Y1 = (Curve25519FieldElement)this.RawYCoord,
+                Z1 = (Curve25519FieldElement)this.RawZCoords[0], W1 = GetJacobianModifiedW();
+
+            uint c;
+
+            uint[] M = Nat256.Create();
+            Curve25519Field.Square(X1.x, M);
+            c = Nat256.AddBothTo(M, M, M);
+            c += Nat256.AddTo(W1.x, M);
+            Curve25519Field.Reduce27(c, M);
+
+            uint[] _2Y1 = Nat256.Create();
+            Curve25519Field.Twice(Y1.x, _2Y1);
+
+            uint[] _2Y1Squared = Nat256.Create();
+            Curve25519Field.Multiply(_2Y1, Y1.x, _2Y1Squared);
+
+            uint[] S = Nat256.Create();
+            Curve25519Field.Multiply(_2Y1Squared, X1.x, S);
+            Curve25519Field.Twice(S, S);
+
+            uint[] _8T = Nat256.Create();
+            Curve25519Field.Square(_2Y1Squared, _8T);
+            Curve25519Field.Twice(_8T, _8T);
+
+            Curve25519FieldElement X3 = new Curve25519FieldElement(_2Y1Squared);
+            Curve25519Field.Square(M, X3.x);
+            Curve25519Field.Subtract(X3.x, S, X3.x);
+            Curve25519Field.Subtract(X3.x, S, X3.x);
+
+            Curve25519FieldElement Y3 = new Curve25519FieldElement(S);
+            Curve25519Field.Subtract(S, X3.x, Y3.x);
+            Curve25519Field.Multiply(Y3.x, M, Y3.x);
+            Curve25519Field.Subtract(Y3.x, _8T, Y3.x);
+
+            Curve25519FieldElement Z3 = new Curve25519FieldElement(_2Y1);
+            if (!Nat256.IsOne(Z1.x))
+            {
+                Curve25519Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            Curve25519FieldElement W3 = null;
+            if (calculateW)
+            {
+                W3 = new Curve25519FieldElement(_8T);
+                Curve25519Field.Multiply(W3.x, W1.x, W3.x);
+                Curve25519Field.Twice(W3.x, W3.x);
+            }
+
+            return new Curve25519Point(this.Curve, X3, Y3, new ECFieldElement[] { Z3, W3 }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs
new file mode 100644
index 0000000..70b1190
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.GM
+{
+    internal class SM2P256V1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"));
+
+        private const int SM2P256V1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SM2P256V1Point m_infinity;
+
+        public SM2P256V1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SM2P256V1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SM2P256V1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SM2P256V1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SM2P256V1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SM2P256V1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SM2P256V1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Field.cs b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Field.cs
new file mode 100644
index 0000000..b1d2323
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Field.cs
@@ -0,0 +1,307 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.GM
+{
+    internal class SM2P256V1Field
+    {
+        // 2^256 - 2^224 - 2^96 + 2^64 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFE };
+        internal static readonly uint[] PExt = new uint[]{ 00000001, 0x00000000, 0xFFFFFFFE, 0x00000001, 0x00000001,
+            0xFFFFFFFE, 0x00000000, 0x00000002, 0xFFFFFFFE, 0xFFFFFFFD, 0x00000003, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0x00000000, 0xFFFFFFFE };
+        internal const uint P7 = 0xFFFFFFFE;
+        internal const uint PExt15 = 0xFFFFFFFE;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat256.Add(x, y, z);
+            if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(16, xx, yy, zz);
+            if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                Nat.SubFrom(16, PExt, zz);
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(8, x, z);
+            if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat256.FromBigInteger(x);
+            if (z[7] >= P7 && Nat256.Gte(z, P))
+            {
+                Nat256.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(8, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat256.Add(x, P, z);
+                Nat.ShiftDownBit(8, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat256.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                Nat.SubFrom(16, PExt, zz);
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat256.IsZero(x))
+            {
+                Nat256.Zero(z);
+            }
+            else
+            {
+                Nat256.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            long xx08 = xx[8], xx09 = xx[9], xx10 = xx[10], xx11 = xx[11];
+            long xx12 = xx[12], xx13 = xx[13], xx14 = xx[14], xx15 = xx[15];
+
+            long t0 = xx08 + xx09;
+            long t1 = xx10 + xx11;
+            long t2 = xx12 + xx15;
+            long t3 = xx13 + xx14;
+            long t4 = t3 + (xx15 << 1);
+
+            long ts = t0 + t3;
+            long tt = t1 + t2 + ts;
+
+            long cc = 0;
+            cc += (long)xx[0] + tt + xx13 + xx14 + xx15;
+            z[0] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[1] + tt - xx08 + xx14 + xx15;
+            z[1] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[2] - ts;
+            z[2] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[3] + tt - xx09 - xx10 + xx13;
+            z[3] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[4] + tt - t1 - xx08 + xx14;
+            z[4] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[5] + t4 + xx10;
+            z[5] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[6] + xx11 + xx14 + xx15;
+            z[6] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[7] + tt + t4 + xx12;
+            z[7] = (uint)cc;
+            cc >>= 32;
+
+            Debug.Assert(cc >= 0);
+
+            Reduce32((uint)cc, z);
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            long cc = 0;
+
+            if (x != 0)
+            {
+                long xx08 = x;
+
+                cc += (long)z[0] + xx08;
+                z[0] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[1];
+                    z[1] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[2] - xx08;
+                z[2] = (uint)cc;
+                cc >>= 32;
+                cc += (long)z[3] + xx08;
+                z[3] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[4];
+                    z[4] = (uint)cc;
+                    cc >>= 32;
+                    cc += (long)z[5];
+                    z[5] = (uint)cc;
+                    cc >>= 32;
+                    cc += (long)z[6];
+                    z[6] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[7] + xx08;
+                z[7] = (uint)cc;
+                cc >>= 32;
+
+                Debug.Assert(cc == 0 || cc == 1);
+            }
+
+            if (cc != 0 || (z[7] >= P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat256.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat256.Sub(x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(16, xx, yy, zz);
+            if (c != 0)
+            {
+                Nat.AddTo(16, PExt, zz);
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(8, x, 0, z);
+            if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[2] - 1;
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] + 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[4];
+                z[4] = (uint)c;
+                c >>= 32;
+                c += (long)z[5];
+                z[5] = (uint)c;
+                c >>= 32;
+                c += (long)z[6];
+                z[6] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[7] + 1;
+            z[7] = (uint)c;
+            //c >>= 32;
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[2] + 1;
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[4];
+                z[4] = (uint)c;
+                c >>= 32;
+                c += (long)z[5];
+                z[5] = (uint)c;
+                c >>= 32;
+                c += (long)z[6];
+                z[6] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[7] - 1;
+            z[7] = (uint)c;
+            //c >>= 32;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs
new file mode 100644
index 0000000..4f6428f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs
@@ -0,0 +1,211 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.GM
+{
+    internal class SM2P256V1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SM2P256V1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SM2P256V1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SM2P256V1FieldElement", "x");
+
+            this.x = SM2P256V1Field.FromBigInteger(x);
+        }
+
+        public SM2P256V1FieldElement()
+        {
+            this.x = Nat256.Create();
+        }
+
+        protected internal SM2P256V1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat256.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SM2P256V1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.Add(x, ((SM2P256V1FieldElement)b).x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.AddOne(x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.Subtract(x, ((SM2P256V1FieldElement)b).x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.Multiply(x, ((SM2P256V1FieldElement)b).x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat256.Create();
+            Mod.Invert(SM2P256V1Field.P, ((SM2P256V1FieldElement)b).x, z);
+            SM2P256V1Field.Multiply(z, x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.Negate(x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat256.Create();
+            SM2P256V1Field.Square(x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SM2P256V1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat256.Create();
+            Mod.Invert(SM2P256V1Field.P, x, z);
+            return new SM2P256V1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^254 - 2^222 - 2^94 + 2^62
+             *
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             * { 31 1s } { 1 0s } { 128 1s } { 31 0s } { 1 1s } { 62 0s}
+             *
+             * We use an addition chain for the beginning: [1], 2, 3, 6, 12, [24], 30, [31] 
+             */
+
+            uint[] x1 = this.x;
+            if (Nat256.IsZero(x1) || Nat256.IsOne(x1))
+            {
+                return this;
+            }
+
+            uint[] x2 = Nat256.Create();
+            SM2P256V1Field.Square(x1, x2);
+            SM2P256V1Field.Multiply(x2, x1, x2);
+            uint[] x4 = Nat256.Create();
+            SM2P256V1Field.SquareN(x2, 2, x4);
+            SM2P256V1Field.Multiply(x4, x2, x4);
+            uint[] x6 = Nat256.Create();
+            SM2P256V1Field.SquareN(x4, 2, x6);
+            SM2P256V1Field.Multiply(x6, x2, x6);
+            uint[] x12 = x2;
+            SM2P256V1Field.SquareN(x6, 6, x12);
+            SM2P256V1Field.Multiply(x12, x6, x12);
+            uint[] x24 = Nat256.Create();
+            SM2P256V1Field.SquareN(x12, 12, x24);
+            SM2P256V1Field.Multiply(x24, x12, x24);
+            uint[] x30 = x12;
+            SM2P256V1Field.SquareN(x24, 6, x30);
+            SM2P256V1Field.Multiply(x30, x6, x30);
+            uint[] x31 = x6;
+            SM2P256V1Field.Square(x30, x31);
+            SM2P256V1Field.Multiply(x31, x1, x31);
+
+            uint[] t1 = x24;
+            SM2P256V1Field.SquareN(x31, 31, t1);
+
+            uint[] x62 = x30;
+            SM2P256V1Field.Multiply(t1, x31, x62);
+
+            SM2P256V1Field.SquareN(t1, 32, t1);
+            SM2P256V1Field.Multiply(t1, x62, t1);
+            SM2P256V1Field.SquareN(t1, 62, t1);
+            SM2P256V1Field.Multiply(t1, x62, t1);
+            SM2P256V1Field.SquareN(t1, 4, t1);
+            SM2P256V1Field.Multiply(t1, x4, t1);
+            SM2P256V1Field.SquareN(t1, 32, t1);
+            SM2P256V1Field.Multiply(t1, x1, t1);
+            SM2P256V1Field.SquareN(t1, 62, t1);
+
+            uint[] t2 = x4;
+            SM2P256V1Field.Square(t1, t2);
+
+            return Nat256.Eq(x1, t2) ? new SM2P256V1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SM2P256V1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SM2P256V1FieldElement);
+        }
+
+        public virtual bool Equals(SM2P256V1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Point.cs b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Point.cs
new file mode 100644
index 0000000..916c906
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/gm/SM2P256V1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.GM
+{
+    internal class SM2P256V1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SM2P256V1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.RawXCoord, Y1 = (SM2P256V1FieldElement)this.RawYCoord;
+            SM2P256V1FieldElement X2 = (SM2P256V1FieldElement)b.RawXCoord, Y2 = (SM2P256V1FieldElement)b.RawYCoord;
+
+            SM2P256V1FieldElement Z1 = (SM2P256V1FieldElement)this.RawZCoords[0];
+            SM2P256V1FieldElement Z2 = (SM2P256V1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat256.CreateExt();
+            uint[] t2 = Nat256.Create();
+            uint[] t3 = Nat256.Create();
+            uint[] t4 = Nat256.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SM2P256V1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SM2P256V1Field.Multiply(S2, X2.x, U2);
+
+                SM2P256V1Field.Multiply(S2, Z1.x, S2);
+                SM2P256V1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SM2P256V1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SM2P256V1Field.Multiply(S1, X1.x, U1);
+
+                SM2P256V1Field.Multiply(S1, Z2.x, S1);
+                SM2P256V1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat256.Create();
+            SM2P256V1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SM2P256V1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat256.IsZero(H))
+            {
+                if (Nat256.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SM2P256V1Field.Square(H, HSquared);
+
+            uint[] G = Nat256.Create();
+            SM2P256V1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SM2P256V1Field.Multiply(HSquared, U1, V);
+
+            SM2P256V1Field.Negate(G, G);
+            Nat256.Mul(S1, G, tt1);
+
+            c = Nat256.AddBothTo(V, V, G);
+            SM2P256V1Field.Reduce32(c, G);
+
+            SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(t4);
+            SM2P256V1Field.Square(R, X3.x);
+            SM2P256V1Field.Subtract(X3.x, G, X3.x);
+
+            SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(G);
+            SM2P256V1Field.Subtract(V, X3.x, Y3.x);
+            SM2P256V1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SM2P256V1Field.Reduce(tt1, Y3.x);
+
+            SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SM2P256V1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SM2P256V1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+            return new SM2P256V1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SM2P256V1FieldElement Y1 = (SM2P256V1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.RawXCoord, Z1 = (SM2P256V1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat256.Create();
+            uint[] t2 = Nat256.Create();
+
+            uint[] Y1Squared = Nat256.Create();
+            SM2P256V1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat256.Create();
+            SM2P256V1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SM2P256V1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SM2P256V1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SM2P256V1Field.Add(X1.x, Z1Squared, M);
+            SM2P256V1Field.Multiply(M, t1, M);
+            c = Nat256.AddBothTo(M, M, M);
+            SM2P256V1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SM2P256V1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(8, S, 2, 0);
+            SM2P256V1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(8, T, 3, 0, t1);
+            SM2P256V1Field.Reduce32(c, t1);
+
+            SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(T);
+            SM2P256V1Field.Square(M, X3.x);
+            SM2P256V1Field.Subtract(X3.x, S, X3.x);
+            SM2P256V1Field.Subtract(X3.x, S, X3.x);
+
+            SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(S);
+            SM2P256V1Field.Subtract(S, X3.x, Y3.x);
+            SM2P256V1Field.Multiply(Y3.x, M, Y3.x);
+            SM2P256V1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(M);
+            SM2P256V1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SM2P256V1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SM2P256V1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SM2P256V1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Curve.cs
new file mode 100644
index 0000000..9da27b4
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Curve.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP128R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"));
+
+        private const int SecP128R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP128R1Point m_infinity;
+
+        public SecP128R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP128R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("E87579C11079F43DD824993C2CEE5ED3")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFE0000000075A30D1B9038A115"));
+            this.m_cofactor = BigInteger.One;
+
+            this.m_coord = SecP128R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP128R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP128R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP128R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP128R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Field.cs
new file mode 100644
index 0000000..d1ac009
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Field.cs
@@ -0,0 +1,218 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP128R1Field
+    {
+        // 2^128 - 2^97 - 1
+        internal static readonly uint[] P = new uint[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD };
+        internal static readonly uint[] PExt = new uint[] { 0x00000001, 0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFE,
+            0xFFFFFFFF, 0x00000003, 0xFFFFFFFC };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFB,
+            0x00000001, 0x00000000, 0xFFFFFFFC, 0x00000003 };
+        private const uint P3 = 0xFFFFFFFD;
+        private const uint PExt7 = 0xFFFFFFFC;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat128.Add(x, y, z);
+            if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat256.Add(xx, yy, zz);
+            if (c != 0 || (zz[7] >= PExt7 && Nat256.Gte(zz, PExt)))
+            {
+                Nat.AddTo(PExtInv.Length, PExtInv, zz);
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(4, x, z);
+            if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat128.FromBigInteger(x);
+            if (z[3] >= P3 && Nat128.Gte(z, P))
+            {
+                Nat128.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(4, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat128.Add(x, P, z);
+                Nat.ShiftDownBit(4, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat128.CreateExt();
+            Nat128.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat128.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[7] >= PExt7 && Nat256.Gte(zz, PExt)))
+            {
+                Nat.AddTo(PExtInv.Length, PExtInv, zz);
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat128.IsZero(x))
+            {
+                Nat128.Zero(z);
+            }
+            else
+            {
+                Nat128.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
+            ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7];
+
+            x3 += x7; x6 += (x7 << 1);
+            x2 += x6; x5 += (x6 << 1);
+            x1 += x5; x4 += (x5 << 1);
+            x0 += x4; x3 += (x4 << 1);
+
+            z[0] = (uint)x0; x1 += (x0 >> 32);
+            z[1] = (uint)x1; x2 += (x1 >> 32);
+            z[2] = (uint)x2; x3 += (x2 >> 32);
+            z[3] = (uint)x3;
+
+            Reduce32((uint)(x3 >> 32), z);
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            while (x != 0)
+            {
+                ulong c, x4 = x;
+    
+                c = (ulong)z[0] + x4;
+                z[0] = (uint)c; c >>= 32;
+                if (c != 0)
+                {
+                    c += (ulong)z[1];
+                    z[1] = (uint)c; c >>= 32;
+                    c += (ulong)z[2];
+                    z[2] = (uint)c; c >>= 32;
+                }
+                c += (ulong)z[3] + (x4 << 1);
+                z[3] = (uint)c; c >>= 32;
+
+                Debug.Assert(c >= 0 && c <= 2);
+
+                x = (uint)c;
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat128.CreateExt();
+            Nat128.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat128.CreateExt();
+            Nat128.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat128.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat128.Sub(x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(10, xx, yy, zz);
+            if (c != 0)
+            {
+                Nat.SubFrom(PExtInv.Length, PExtInv, zz);
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(4, x, 0, z);
+            if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c; c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c; c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c; c >>= 32;
+            }
+            c += (long)z[3] + 2;
+            z[3] = (uint)c;
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c; c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c; c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c; c >>= 32;
+            }
+            c += (long)z[3] - 2;
+            z[3] = (uint)c;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs
new file mode 100644
index 0000000..fa7951d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs
@@ -0,0 +1,198 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP128R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP128R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP128R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP128R1FieldElement", "x");
+
+            this.x = SecP128R1Field.FromBigInteger(x);
+        }
+
+        public SecP128R1FieldElement()
+        {
+            this.x = Nat128.Create();
+        }
+
+        protected internal SecP128R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat128.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat128.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat128.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat128.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP128R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.Add(x, ((SecP128R1FieldElement)b).x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.AddOne(x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.Subtract(x, ((SecP128R1FieldElement)b).x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.Multiply(x, ((SecP128R1FieldElement)b).x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+    //        return multiply(b.invert());
+            uint[] z = Nat128.Create();
+            Mod.Invert(SecP128R1Field.P, ((SecP128R1FieldElement)b).x, z);
+            SecP128R1Field.Multiply(z, x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.Negate(x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat128.Create();
+            SecP128R1Field.Square(x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+    //        return new SecP128R1FieldElement(toBigInteger().modInverse(Q));
+            uint[] z = Nat128.Create();
+            Mod.Invert(SecP128R1Field.P, x, z);
+            return new SecP128R1FieldElement(z);
+        }
+
+        // D.1.4 91
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^126 - 2^95
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             *     { 31 1s } { 95 0s }
+             * 
+             * Therefore we need an addition chain containing 31 (the length of the repunit) We use:
+             *     1, 2, 4, 8, 10, 20, 30, [31] 
+             */
+
+            uint[] x1 = this.x;
+            if (Nat128.IsZero(x1) || Nat128.IsOne(x1))
+                return this;
+
+            uint[] x2 = Nat128.Create();
+            SecP128R1Field.Square(x1, x2);
+            SecP128R1Field.Multiply(x2, x1, x2);
+            uint[] x4 = Nat128.Create();
+            SecP128R1Field.SquareN(x2, 2, x4);
+            SecP128R1Field.Multiply(x4, x2, x4);
+            uint[] x8 = Nat128.Create();
+            SecP128R1Field.SquareN(x4, 4, x8);
+            SecP128R1Field.Multiply(x8, x4, x8);
+            uint[] x10 = x4;
+            SecP128R1Field.SquareN(x8, 2, x10);
+            SecP128R1Field.Multiply(x10, x2, x10);
+            uint[] x20 = x2;
+            SecP128R1Field.SquareN(x10, 10, x20);
+            SecP128R1Field.Multiply(x20, x10, x20);
+            uint[] x30 = x8;
+            SecP128R1Field.SquareN(x20, 10, x30);
+            SecP128R1Field.Multiply(x30, x10, x30);
+            uint[] x31 = x10;
+            SecP128R1Field.Square(x30, x31);
+            SecP128R1Field.Multiply(x31, x1, x31);
+
+            uint[] t1 = x31;
+            SecP128R1Field.SquareN(t1, 95, t1);
+
+            uint[] t2 = x30;
+            SecP128R1Field.Square(t1, t2);
+
+            return Nat128.Eq(x1, t2) ? new SecP128R1FieldElement(t1) : null;        
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP128R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP128R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP128R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat128.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Point.cs
new file mode 100644
index 0000000..ae76d3c
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP128R1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP128R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(boolean)}
+         */
+        public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP128R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.RawXCoord, Y1 = (SecP128R1FieldElement)this.RawYCoord;
+            SecP128R1FieldElement X2 = (SecP128R1FieldElement)b.RawXCoord, Y2 = (SecP128R1FieldElement)b.RawYCoord;
+
+            SecP128R1FieldElement Z1 = (SecP128R1FieldElement)this.RawZCoords[0];
+            SecP128R1FieldElement Z2 = (SecP128R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat128.CreateExt();
+            uint[] t2 = Nat128.Create();
+            uint[] t3 = Nat128.Create();
+            uint[] t4 = Nat128.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP128R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP128R1Field.Multiply(S2, X2.x, U2);
+
+                SecP128R1Field.Multiply(S2, Z1.x, S2);
+                SecP128R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP128R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP128R1Field.Multiply(S1, X1.x, U1);
+
+                SecP128R1Field.Multiply(S1, Z2.x, S1);
+                SecP128R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat128.Create();
+            SecP128R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP128R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat128.IsZero(H))
+            {
+                if (Nat128.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP128R1Field.Square(H, HSquared);
+
+            uint[] G = Nat128.Create();
+            SecP128R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP128R1Field.Multiply(HSquared, U1, V);
+
+            SecP128R1Field.Negate(G, G);
+            Nat128.Mul(S1, G, tt1);
+
+            c = Nat128.AddBothTo(V, V, G);
+            SecP128R1Field.Reduce32(c, G);
+
+            SecP128R1FieldElement X3 = new SecP128R1FieldElement(t4);
+            SecP128R1Field.Square(R, X3.x);
+            SecP128R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP128R1FieldElement Y3 = new SecP128R1FieldElement(G);
+            SecP128R1Field.Subtract(V, X3.x, Y3.x);
+            SecP128R1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP128R1Field.Reduce(tt1, Y3.x);
+
+            SecP128R1FieldElement Z3 = new SecP128R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP128R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP128R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+            return new SecP128R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP128R1FieldElement Y1 = (SecP128R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.RawXCoord, Z1 = (SecP128R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat128.Create();
+            uint[] t2 = Nat128.Create();
+
+            uint[] Y1Squared = Nat128.Create();
+            SecP128R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat128.Create();
+            SecP128R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP128R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP128R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP128R1Field.Add(X1.x, Z1Squared, M);
+            SecP128R1Field.Multiply(M, t1, M);
+            c = Nat128.AddBothTo(M, M, M);
+            SecP128R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP128R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(4, S, 2, 0);
+            SecP128R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(4, T, 3, 0, t1);
+            SecP128R1Field.Reduce32(c, t1);
+
+            SecP128R1FieldElement X3 = new SecP128R1FieldElement(T);
+            SecP128R1Field.Square(M, X3.x);
+            SecP128R1Field.Subtract(X3.x, S, X3.x);
+            SecP128R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP128R1FieldElement Y3 = new SecP128R1FieldElement(S);
+            SecP128R1Field.Subtract(S, X3.x, Y3.x);
+            SecP128R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP128R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP128R1FieldElement Z3 = new SecP128R1FieldElement(M);
+            SecP128R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP128R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP128R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between twicePlus and threeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP128R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Curve.cs
new file mode 100644
index 0000000..7d45c62
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Curve.cs
@@ -0,0 +1,74 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160K1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = SecP160R2Curve.q;
+
+        private const int SECP160K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP160K1Point m_infinity;
+
+        public SecP160K1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP160K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.ValueOf(7));
+            this.m_order = new BigInteger(1, Hex.Decode("0100000000000000000001B8FA16DFAB9ACA16B6B3"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SECP160K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP160K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP160R2FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP160K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP160K1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Point.cs
new file mode 100644
index 0000000..1bcbadb
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160K1Point.cs
@@ -0,0 +1,269 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160K1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.CreatePoint to construct points
+         */
+        public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+            bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP160K1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        // B.3 pg 62
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Y1 = (SecP160R2FieldElement)this.RawYCoord;
+            SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.RawXCoord, Y2 = (SecP160R2FieldElement)b.RawYCoord;
+
+            SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.RawZCoords[0];
+            SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat160.CreateExt();
+            uint[] t2 = Nat160.Create();
+            uint[] t3 = Nat160.Create();
+            uint[] t4 = Nat160.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP160R2Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP160R2Field.Multiply(S2, X2.x, U2);
+
+                SecP160R2Field.Multiply(S2, Z1.x, S2);
+                SecP160R2Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP160R2Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP160R2Field.Multiply(S1, X1.x, U1);
+
+                SecP160R2Field.Multiply(S1, Z2.x, S1);
+                SecP160R2Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat160.Create();
+            SecP160R2Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP160R2Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat160.IsZero(H))
+            {
+                if (Nat160.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP160R2Field.Square(H, HSquared);
+
+            uint[] G = Nat160.Create();
+            SecP160R2Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP160R2Field.Multiply(HSquared, U1, V);
+
+            SecP160R2Field.Negate(G, G);
+            Nat160.Mul(S1, G, tt1);
+
+            c = Nat160.AddBothTo(V, V, G);
+            SecP160R2Field.Reduce32(c, G);
+
+            SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4);
+            SecP160R2Field.Square(R, X3.x);
+            SecP160R2Field.Subtract(X3.x, G, X3.x);
+
+            SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G);
+            SecP160R2Field.Subtract(V, X3.x, Y3.x);
+            SecP160R2Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP160R2Field.Reduce(tt1, Y3.x);
+
+            SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP160K1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        // B.3 pg 62
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Z1 = (SecP160R2FieldElement)this.RawZCoords[0];
+
+            uint c;
+
+            uint[] Y1Squared = Nat160.Create();
+            SecP160R2Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat160.Create();
+            SecP160R2Field.Square(Y1Squared, T);
+
+            uint[] M = Nat160.Create();
+            SecP160R2Field.Square(X1.x, M);
+            c = Nat160.AddBothTo(M, M, M);
+            SecP160R2Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP160R2Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(5, S, 2, 0);
+            SecP160R2Field.Reduce32(c, S);
+
+            uint[] t1 = Nat160.Create();
+            c = Nat.ShiftUpBits(5, T, 3, 0, t1);
+            SecP160R2Field.Reduce32(c, t1);
+
+            SecP160R2FieldElement X3 = new SecP160R2FieldElement(T);
+            SecP160R2Field.Square(M, X3.x);
+            SecP160R2Field.Subtract(X3.x, S, X3.x);
+            SecP160R2Field.Subtract(X3.x, S, X3.x);
+
+            SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S);
+            SecP160R2Field.Subtract(S, X3.x, Y3.x);
+            SecP160R2Field.Multiply(Y3.x, M, Y3.x);
+            SecP160R2Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M);
+            SecP160R2Field.Twice(Y1.x, Z3.x);
+            if (!Z1.IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP160K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and threeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP160K1Point(Curve, this.RawXCoord, this.RawYCoord.Negate(), this.RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Curve.cs
new file mode 100644
index 0000000..87389af
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Curve.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"));
+
+        private const int SecP160R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP160R1Point m_infinity;
+
+        public SecP160R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP160R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")));
+            this.m_order = new BigInteger(1, Hex.Decode("0100000000000000000001F4C8F927AED3CA752257"));
+            this.m_cofactor = BigInteger.One;
+
+            this.m_coord = SecP160R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP160R1Curve();
+        }
+
+        public override  bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP160R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP160R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP160R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Field.cs
new file mode 100644
index 0000000..6a5a2ef
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Field.cs
@@ -0,0 +1,186 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R1Field
+    {
+        // 2^160 - 2^31 - 1
+        internal static readonly uint[] P = new uint[] { 0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF};
+        internal static readonly uint[] PExt = new uint[] { 0x00000001, 0x40000001, 0x00000000, 0x00000000, 0x00000000,
+            0xFFFFFFFE, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xBFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0x00000001, 0x00000001 };
+        private const uint P4 = 0xFFFFFFFF;
+        private const uint PExt9 = 0xFFFFFFFF;
+        private const uint PInv = 0x80000001;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat160.Add(x, y, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.AddWordTo(5, PInv, z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(10, xx, yy, zz);
+            if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(5, x, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.AddWordTo(5, PInv, z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat160.FromBigInteger(x);
+            if (z[4] == P4 && Nat160.Gte(z, P))
+            {
+                Nat160.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(5, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat160.Add(x, P, z);
+                Nat.ShiftDownBit(5, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat160.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat160.IsZero(x))
+            {
+                Nat160.Zero(z);
+            }
+            else
+            {
+                Nat160.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong x5 = xx[5], x6 = xx[6], x7 = xx[7], x8 = xx[8], x9 = xx[9];
+
+            ulong c = 0;
+            c += (ulong)xx[0] + x5 + (x5 << 31);
+            z[0] = (uint)c; c >>= 32;
+            c += (ulong)xx[1] + x6 + (x6 << 31);
+            z[1] = (uint)c; c >>= 32;
+            c += (ulong)xx[2] + x7 + (x7 << 31);
+            z[2] = (uint)c; c >>= 32;
+            c += (ulong)xx[3] + x8 + (x8 << 31);
+            z[3] = (uint)c; c >>= 32;
+            c += (ulong)xx[4] + x9 + (x9 << 31);
+            z[4] = (uint)c; c >>= 32;
+
+            Debug.Assert(c >> 32 == 0);
+
+            Reduce32((uint)c, z);
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            if ((x != 0 && Nat160.MulWordsAdd(PInv, x, z, 0) != 0)
+                || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.AddWordTo(5, PInv, z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat160.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat160.Sub(x, y, z);
+            if (c != 0)
+            {
+                Nat.SubWordFrom(5, PInv, z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(10, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(5, x, 0, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.AddWordTo(5, PInv, z);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs
new file mode 100644
index 0000000..d1fc756
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs
@@ -0,0 +1,203 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP160R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP160R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP160R1FieldElement", "x");
+
+            this.x = SecP160R1Field.FromBigInteger(x);
+        }
+
+        public SecP160R1FieldElement()
+        {
+            this.x = Nat160.Create();
+        }
+
+        protected internal SecP160R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat160.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat160.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat160.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat160.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP160R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.Add(x, ((SecP160R1FieldElement)b).x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.AddOne(x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.Subtract(x, ((SecP160R1FieldElement)b).x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.Multiply(x, ((SecP160R1FieldElement)b).x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+    //        return multiply(b.invert());
+            uint[] z = Nat160.Create();
+            Mod.Invert(SecP160R1Field.P, ((SecP160R1FieldElement)b).x, z);
+            SecP160R1Field.Multiply(z, x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.Negate(x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R1Field.Square(x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+    //        return new SecP160R1FieldElement(ToBigInteger().modInverse(Q));
+            uint[] z = Nat160.Create();
+            Mod.Invert(SecP160R1Field.P, x, z);
+            return new SecP160R1FieldElement(z);
+        }
+
+        // D.1.4 91
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^158 - 2^29
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             *     { 129 1s } { 29 0s }
+             * 
+             * Therefore we need an addition chain containing 129 (the length of the repunit) We use:
+             *     1, 2, 4, 8, 16, 32, 64, 128, [129]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat160.IsZero(x1) || Nat160.IsOne(x1))
+            {
+                return this;
+            }
+
+            uint[] x2 = Nat160.Create();
+            SecP160R1Field.Square(x1, x2);
+            SecP160R1Field.Multiply(x2, x1, x2);
+            uint[] x4 = Nat160.Create();
+            SecP160R1Field.SquareN(x2, 2, x4);
+            SecP160R1Field.Multiply(x4, x2, x4);
+            uint[] x8 = x2;
+            SecP160R1Field.SquareN(x4, 4, x8);
+            SecP160R1Field.Multiply(x8, x4, x8);
+            uint[] x16 = x4;
+            SecP160R1Field.SquareN(x8, 8, x16);
+            SecP160R1Field.Multiply(x16, x8, x16);
+            uint[] x32 = x8;
+            SecP160R1Field.SquareN(x16, 16, x32);
+            SecP160R1Field.Multiply(x32, x16, x32);
+            uint[] x64 = x16;
+            SecP160R1Field.SquareN(x32, 32, x64);
+            SecP160R1Field.Multiply(x64, x32, x64);
+            uint[] x128 = x32;
+            SecP160R1Field.SquareN(x64, 64, x128);
+            SecP160R1Field.Multiply(x128, x64, x128);
+            uint[] x129 = x64;
+            SecP160R1Field.Square(x128, x129);
+            SecP160R1Field.Multiply(x129, x1, x129);
+
+            uint[] t1 = x129;
+            SecP160R1Field.SquareN(t1, 29, t1);
+
+            uint[] t2 = x128;
+            SecP160R1Field.Square(t1, t2);
+
+            return Nat160.Eq(x1, t2) ? new SecP160R1FieldElement(t1) : null;        
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP160R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP160R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP160R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat160.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 5);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Point.cs
new file mode 100644
index 0000000..f9f065d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.CreatePoint to construct points
+         */
+        public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP160R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.RawXCoord, Y1 = (SecP160R1FieldElement)this.RawYCoord;
+            SecP160R1FieldElement X2 = (SecP160R1FieldElement)b.RawXCoord, Y2 = (SecP160R1FieldElement)b.RawYCoord;
+
+            SecP160R1FieldElement Z1 = (SecP160R1FieldElement)this.RawZCoords[0];
+            SecP160R1FieldElement Z2 = (SecP160R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat160.CreateExt();
+            uint[] t2 = Nat160.Create();
+            uint[] t3 = Nat160.Create();
+            uint[] t4 = Nat160.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP160R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP160R1Field.Multiply(S2, X2.x, U2);
+
+                SecP160R1Field.Multiply(S2, Z1.x, S2);
+                SecP160R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP160R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP160R1Field.Multiply(S1, X1.x, U1);
+
+                SecP160R1Field.Multiply(S1, Z2.x, S1);
+                SecP160R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat160.Create();
+            SecP160R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP160R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat160.IsZero(H))
+            {
+                if (Nat160.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP160R1Field.Square(H, HSquared);
+
+            uint[] G = Nat160.Create();
+            SecP160R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP160R1Field.Multiply(HSquared, U1, V);
+
+            SecP160R1Field.Negate(G, G);
+            Nat160.Mul(S1, G, tt1);
+
+            c = Nat160.AddBothTo(V, V, G);
+            SecP160R1Field.Reduce32(c, G);
+
+            SecP160R1FieldElement X3 = new SecP160R1FieldElement(t4);
+            SecP160R1Field.Square(R, X3.x);
+            SecP160R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP160R1FieldElement Y3 = new SecP160R1FieldElement(G);
+            SecP160R1Field.Subtract(V, X3.x, Y3.x);
+            SecP160R1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP160R1Field.Reduce(tt1, Y3.x);
+
+            SecP160R1FieldElement Z3 = new SecP160R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP160R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP160R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+            return new SecP160R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP160R1FieldElement Y1 = (SecP160R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.RawXCoord, Z1 = (SecP160R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat160.Create();
+            uint[] t2 = Nat160.Create();
+
+            uint[] Y1Squared = Nat160.Create();
+            SecP160R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat160.Create();
+            SecP160R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP160R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP160R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP160R1Field.Add(X1.x, Z1Squared, M);
+            SecP160R1Field.Multiply(M, t1, M);
+            c = Nat160.AddBothTo(M, M, M);
+            SecP160R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP160R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(5, S, 2, 0);
+            SecP160R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(5, T, 3, 0, t1);
+            SecP160R1Field.Reduce32(c, t1);
+
+            SecP160R1FieldElement X3 = new SecP160R1FieldElement(T);
+            SecP160R1Field.Square(M, X3.x);
+            SecP160R1Field.Subtract(X3.x, S, X3.x);
+            SecP160R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP160R1FieldElement Y3 = new SecP160R1FieldElement(S);
+            SecP160R1Field.Subtract(S, X3.x, Y3.x);
+            SecP160R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP160R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP160R1FieldElement Z3 = new SecP160R1FieldElement(M);
+            SecP160R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP160R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP160R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP160R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Curve.cs
new file mode 100644
index 0000000..1005614
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Curve.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R2Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73"));
+
+        private const int SecP160R2_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP160R2Point m_infinity;
+
+        public SecP160R2Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP160R2Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("B4E134D3FB59EB8BAB57274904664D5AF50388BA")));
+            this.m_order = new BigInteger(1, Hex.Decode("0100000000000000000000351EE786A818F3A1A16B"));
+            this.m_cofactor = BigInteger.One;
+
+            this.m_coord = SecP160R2_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP160R2Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP160R2FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP160R2Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP160R2Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Field.cs
new file mode 100644
index 0000000..1bef32e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Field.cs
@@ -0,0 +1,178 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R2Field
+    {
+        // 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFAC73, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x1B44BBA9, 0x0000A71A, 0x00000001, 0x00000000, 0x00000000,
+            0xFFFF58E6, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xE4BB4457, 0xFFFF58E5, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0x0000A719, 0x00000002 };
+        private const uint P4 = 0xFFFFFFFF;
+        private const uint PExt9 = 0xFFFFFFFF;
+        private const uint PInv33 = 0x538D;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat160.Add(x, y, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.Add33To(5, PInv33, z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(10, xx, yy, zz);
+            if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(5, x, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.Add33To(5, PInv33, z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat160.FromBigInteger(x);
+            if (z[4] == P4 && Nat160.Gte(z, P))
+            {
+                Nat160.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(5, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat160.Add(x, P, z);
+                Nat.ShiftDownBit(5, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat160.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat160.IsZero(x))
+            {
+                Nat160.Zero(z);
+            }
+            else
+            {
+                Nat160.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong cc = Nat160.Mul33Add(PInv33, xx, 5, xx, 0, z, 0);
+            uint c = Nat160.Mul33DWordAdd(PInv33, cc, z, 0);
+
+            Debug.Assert(c == 0 || c == 1);
+
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.Add33To(5, PInv33, z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            if ((x != 0 && Nat160.Mul33WordAdd(PInv33, x, z, 0) != 0)
+                || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.Add33To(5, PInv33, z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat160.CreateExt();
+            Nat160.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat160.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat160.Sub(x, y, z);
+            if (c != 0)
+            {
+                Nat.Sub33From(5, PInv33, z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(10, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(10, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(5, x, 0, z);
+            if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P)))
+            {
+                Nat.Add33To(5, PInv33, z);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs
new file mode 100644
index 0000000..bdb5245
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs
@@ -0,0 +1,218 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R2FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP160R2Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP160R2FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP160R2FieldElement", "x");
+
+            this.x = SecP160R2Field.FromBigInteger(x);
+        }
+
+        public SecP160R2FieldElement()
+        {
+            this.x = Nat160.Create();
+        }
+
+        protected internal SecP160R2FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat160.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat160.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat160.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat160.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP160R2Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.Add(x, ((SecP160R2FieldElement)b).x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.AddOne(x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.Subtract(x, ((SecP160R2FieldElement)b).x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.Multiply(x, ((SecP160R2FieldElement)b).x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+    //        return Multiply(b.invert());
+            uint[] z = Nat160.Create();
+            Mod.Invert(SecP160R2Field.P, ((SecP160R2FieldElement)b).x, z);
+            SecP160R2Field.Multiply(z, x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.Negate(x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat160.Create();
+            SecP160R2Field.Square(x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+    //        return new SecP160R2FieldElement(ToBigInteger().modInverse(Q));
+            uint[] z = Nat160.Create();
+            Mod.Invert(SecP160R2Field.P, x, z);
+            return new SecP160R2FieldElement(z);
+        }
+
+        // D.1.4 91
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^158 - 2^30 - 2^12 - 2^10 - 2^7 - 2^6 - 2^5 - 2^1 - 2^0
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get: { 127 1s } { 1
+             * 0s } { 17 1s } { 1 0s } { 1 1s } { 1 0s } { 2 1s } { 3 0s } { 3 1s } { 1 0s } { 1 1s }
+             * 
+             * Therefore we need an Addition chain containing 1, 2, 3, 17, 127 (the lengths of the repunits)
+             * We use: [1], [2], [3], 4, 7, 14, [17], 31, 62, 124, [127]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat160.IsZero(x1) || Nat160.IsOne(x1))
+            {
+                return this;
+            }
+
+            uint[] x2 = Nat160.Create();
+            SecP160R2Field.Square(x1, x2);
+            SecP160R2Field.Multiply(x2, x1, x2);
+            uint[] x3 = Nat160.Create();
+            SecP160R2Field.Square(x2, x3);
+            SecP160R2Field.Multiply(x3, x1, x3);
+            uint[] x4 = Nat160.Create();
+            SecP160R2Field.Square(x3, x4);
+            SecP160R2Field.Multiply(x4, x1, x4);
+            uint[] x7 = Nat160.Create();
+            SecP160R2Field.SquareN(x4, 3, x7);
+            SecP160R2Field.Multiply(x7, x3, x7);
+            uint[] x14 = x4;
+            SecP160R2Field.SquareN(x7, 7, x14);
+            SecP160R2Field.Multiply(x14, x7, x14);
+            uint[] x17 = x7;
+            SecP160R2Field.SquareN(x14, 3, x17);
+            SecP160R2Field.Multiply(x17, x3, x17);
+            uint[] x31 = Nat160.Create();
+            SecP160R2Field.SquareN(x17, 14, x31);
+            SecP160R2Field.Multiply(x31, x14, x31);
+            uint[] x62 = x14;
+            SecP160R2Field.SquareN(x31, 31, x62);
+            SecP160R2Field.Multiply(x62, x31, x62);
+            uint[] x124 = x31;
+            SecP160R2Field.SquareN(x62, 62, x124);
+            SecP160R2Field.Multiply(x124, x62, x124);
+            uint[] x127 = x62;
+            SecP160R2Field.SquareN(x124, 3, x127);
+            SecP160R2Field.Multiply(x127, x3, x127);
+
+            uint[] t1 = x127;
+            SecP160R2Field.SquareN(t1, 18, t1);
+            SecP160R2Field.Multiply(t1, x17, t1);
+            SecP160R2Field.SquareN(t1, 2, t1);
+            SecP160R2Field.Multiply(t1, x1, t1);
+            SecP160R2Field.SquareN(t1, 3, t1);
+            SecP160R2Field.Multiply(t1, x2, t1);
+            SecP160R2Field.SquareN(t1, 6, t1);
+            SecP160R2Field.Multiply(t1, x3, t1);
+            SecP160R2Field.SquareN(t1, 2, t1);
+            SecP160R2Field.Multiply(t1, x1, t1);
+
+            uint[] t2 = x2;
+            SecP160R2Field.Square(t1, t2);
+
+            return Nat160.Eq(x1, t2) ? new SecP160R2FieldElement(t1) : null;        
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP160R2FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP160R2FieldElement);
+        }
+
+        public virtual bool Equals(SecP160R2FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat160.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 5);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Point.cs
new file mode 100644
index 0000000..343cf8c
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP160R2Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP160R2Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.CreatePoint to construct points
+         */
+        public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP160R2Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Y1 = (SecP160R2FieldElement)this.RawYCoord;
+            SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.RawXCoord, Y2 = (SecP160R2FieldElement)b.RawYCoord;
+
+            SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.RawZCoords[0];
+            SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat160.CreateExt();
+            uint[] t2 = Nat160.Create();
+            uint[] t3 = Nat160.Create();
+            uint[] t4 = Nat160.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP160R2Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP160R2Field.Multiply(S2, X2.x, U2);
+
+                SecP160R2Field.Multiply(S2, Z1.x, S2);
+                SecP160R2Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP160R2Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP160R2Field.Multiply(S1, X1.x, U1);
+
+                SecP160R2Field.Multiply(S1, Z2.x, S1);
+                SecP160R2Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat160.Create();
+            SecP160R2Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP160R2Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat160.IsZero(H))
+            {
+                if (Nat160.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP160R2Field.Square(H, HSquared);
+
+            uint[] G = Nat160.Create();
+            SecP160R2Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP160R2Field.Multiply(HSquared, U1, V);
+
+            SecP160R2Field.Negate(G, G);
+            Nat160.Mul(S1, G, tt1);
+
+            c = Nat160.AddBothTo(V, V, G);
+            SecP160R2Field.Reduce32(c, G);
+
+            SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4);
+            SecP160R2Field.Square(R, X3.x);
+            SecP160R2Field.Subtract(X3.x, G, X3.x);
+
+            SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G);
+            SecP160R2Field.Subtract(V, X3.x, Y3.x);
+            SecP160R2Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP160R2Field.Reduce(tt1, Y3.x);
+
+            SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+            return new SecP160R2Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Z1 = (SecP160R2FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat160.Create();
+            uint[] t2 = Nat160.Create();
+
+            uint[] Y1Squared = Nat160.Create();
+            SecP160R2Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat160.Create();
+            SecP160R2Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP160R2Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP160R2Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP160R2Field.Add(X1.x, Z1Squared, M);
+            SecP160R2Field.Multiply(M, t1, M);
+            c = Nat160.AddBothTo(M, M, M);
+            SecP160R2Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP160R2Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(5, S, 2, 0);
+            SecP160R2Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(5, T, 3, 0, t1);
+            SecP160R2Field.Reduce32(c, t1);
+
+            SecP160R2FieldElement X3 = new SecP160R2FieldElement(T);
+            SecP160R2Field.Square(M, X3.x);
+            SecP160R2Field.Subtract(X3.x, S, X3.x);
+            SecP160R2Field.Subtract(X3.x, S, X3.x);
+
+            SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S);
+            SecP160R2Field.Subtract(S, X3.x, Y3.x);
+            SecP160R2Field.Multiply(Y3.x, M, Y3.x);
+            SecP160R2Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M);
+            SecP160R2Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP160R2Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP160R2Point(Curve, this.RawXCoord, this.RawYCoord.Negate(), this.RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Curve.cs
new file mode 100644
index 0000000..81f7719
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Curve.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192K1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37"));
+
+        private const int SECP192K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP192K1Point m_infinity;
+
+        public SecP192K1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP192K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.ValueOf(3));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SECP192K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP192K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_JACOBIAN:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP192K1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP192K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP192K1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Field.cs
new file mode 100644
index 0000000..a003603
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Field.cs
@@ -0,0 +1,178 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192K1Field
+    {
+        // 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFEE37, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x013C4FD1, 0x00002392, 0x00000001, 0x00000000, 0x00000000,
+            0x00000000, 0xFFFFDC6E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFEC3B02F, 0xFFFFDC6D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0x00002391, 0x00000002 };
+        private const uint P5 = 0xFFFFFFFF;
+        private const uint PExt11 = 0xFFFFFFFF;
+        private const uint PInv33 = 0x11C9;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat192.Add(x, y, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                Nat.Add33To(6, PInv33, z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(12, xx, yy, zz);
+            if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(6, x, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                Nat.Add33To(6, PInv33, z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat192.FromBigInteger(x);
+            if (z[5] == P5 && Nat192.Gte(z, P))
+            {
+                Nat192.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(6, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat192.Add(x, P, z);
+                Nat.ShiftDownBit(6, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat192.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat192.IsZero(x))
+            {
+                Nat192.Zero(z);
+            }
+            else
+            {
+                Nat192.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong cc = Nat192.Mul33Add(PInv33, xx, 6, xx, 0, z, 0);
+            uint c = Nat192.Mul33DWordAdd(PInv33, cc, z, 0);
+
+            Debug.Assert(c == 0 || c == 1);
+
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                Nat.Add33To(6, PInv33, z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            if ((x != 0 && Nat192.Mul33WordAdd(PInv33, x, z, 0) != 0)
+                || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                Nat.Add33To(6, PInv33, z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat192.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat192.Sub(x, y, z);
+            if (c != 0)
+            {
+                Nat.Sub33From(6, PInv33, z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(12, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(6, x, 0, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                Nat.Add33To(6, PInv33, z);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs
new file mode 100644
index 0000000..dce3770
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs
@@ -0,0 +1,213 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192K1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP192K1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP192K1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP192K1FieldElement", "x");
+
+            this.x = SecP192K1Field.FromBigInteger(x);
+        }
+
+        public SecP192K1FieldElement()
+        {
+            this.x = Nat192.Create();
+        }
+
+        protected internal SecP192K1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat192.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat192.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat192.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat192.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP192K1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.Add(x, ((SecP192K1FieldElement)b).x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.AddOne(x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.Subtract(x, ((SecP192K1FieldElement)b).x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.Multiply(x, ((SecP192K1FieldElement)b).x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat192.Create();
+            Mod.Invert(SecP192K1Field.P, ((SecP192K1FieldElement)b).x, z);
+            SecP192K1Field.Multiply(z, x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.Negate(x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat192.Create();
+            SecP192K1Field.Square(x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP192K1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat192.Create();
+            Mod.Invert(SecP192K1Field.P, x, z);
+            return new SecP192K1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^190 - 2^30 - 2^10 - 2^6 - 2^5 - 2^4 - 2^1
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             * { 159 1s } { 1 0s } { 19 1s } { 1 0s } { 3 1s } { 3 0s} { 3 1s } { 1 0s }
+             * 
+             * Therefore we need an addition chain containing 3, 19, 159 (the lengths of the repunits)
+             * We use: 1, 2, [3], 6, 8, 16, [19], 35, 70, 140, [159]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat192.IsZero(x1) || Nat192.IsOne(x1))
+                return this;
+
+            uint[] x2 = Nat192.Create();
+            SecP192K1Field.Square(x1, x2);
+            SecP192K1Field.Multiply(x2, x1, x2);
+            uint[] x3 = Nat192.Create();
+            SecP192K1Field.Square(x2, x3);
+            SecP192K1Field.Multiply(x3, x1, x3);
+            uint[] x6 = Nat192.Create();
+            SecP192K1Field.SquareN(x3, 3, x6);
+            SecP192K1Field.Multiply(x6, x3, x6);
+            uint[] x8 = x6;
+            SecP192K1Field.SquareN(x6, 2, x8);
+            SecP192K1Field.Multiply(x8, x2, x8);
+            uint[] x16 = x2;
+            SecP192K1Field.SquareN(x8, 8, x16);
+            SecP192K1Field.Multiply(x16, x8, x16);
+            uint[] x19 = x8;
+            SecP192K1Field.SquareN(x16, 3, x19);
+            SecP192K1Field.Multiply(x19, x3, x19);
+            uint[] x35 = Nat192.Create();
+            SecP192K1Field.SquareN(x19, 16, x35);
+            SecP192K1Field.Multiply(x35, x16, x35);
+            uint[] x70 = x16;
+            SecP192K1Field.SquareN(x35, 35, x70);
+            SecP192K1Field.Multiply(x70, x35, x70);
+            uint[] x140 = x35;
+            SecP192K1Field.SquareN(x70, 70, x140);
+            SecP192K1Field.Multiply(x140, x70, x140);
+            uint[] x159 = x70;
+            SecP192K1Field.SquareN(x140, 19, x159);
+            SecP192K1Field.Multiply(x159, x19, x159);
+
+            uint[] t1 = x159;
+            SecP192K1Field.SquareN(t1, 20, t1);
+            SecP192K1Field.Multiply(t1, x19, t1);
+            SecP192K1Field.SquareN(t1, 4, t1);
+            SecP192K1Field.Multiply(t1, x3, t1);
+            SecP192K1Field.SquareN(t1, 6, t1);
+            SecP192K1Field.Multiply(t1, x3, t1);
+            SecP192K1Field.Square(t1, t1);
+
+            uint[] t2 = x3;
+            SecP192K1Field.Square(t1, t2);
+
+            return Nat192.Eq(x1, t2) ? new SecP192K1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP192K1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP192K1FieldElement);
+        }
+
+        public virtual bool Equals(SecP192K1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat192.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 6);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Point.cs
new file mode 100644
index 0000000..58eb091
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192K1Point.cs
@@ -0,0 +1,267 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192K1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+            bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP192K1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.RawXCoord, Y1 = (SecP192K1FieldElement)this.RawYCoord;
+            SecP192K1FieldElement X2 = (SecP192K1FieldElement)b.RawXCoord, Y2 = (SecP192K1FieldElement)b.RawYCoord;
+
+            SecP192K1FieldElement Z1 = (SecP192K1FieldElement)this.RawZCoords[0];
+            SecP192K1FieldElement Z2 = (SecP192K1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat192.CreateExt();
+            uint[] t2 = Nat192.Create();
+            uint[] t3 = Nat192.Create();
+            uint[] t4 = Nat192.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP192K1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP192K1Field.Multiply(S2, X2.x, U2);
+
+                SecP192K1Field.Multiply(S2, Z1.x, S2);
+                SecP192K1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP192K1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP192K1Field.Multiply(S1, X1.x, U1);
+
+                SecP192K1Field.Multiply(S1, Z2.x, S1);
+                SecP192K1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat192.Create();
+            SecP192K1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP192K1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat192.IsZero(H))
+            {
+                if (Nat192.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP192K1Field.Square(H, HSquared);
+
+            uint[] G = Nat192.Create();
+            SecP192K1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP192K1Field.Multiply(HSquared, U1, V);
+
+            SecP192K1Field.Negate(G, G);
+            Nat192.Mul(S1, G, tt1);
+
+            c = Nat192.AddBothTo(V, V, G);
+            SecP192K1Field.Reduce32(c, G);
+
+            SecP192K1FieldElement X3 = new SecP192K1FieldElement(t4);
+            SecP192K1Field.Square(R, X3.x);
+            SecP192K1Field.Subtract(X3.x, G, X3.x);
+
+            SecP192K1FieldElement Y3 = new SecP192K1FieldElement(G);
+            SecP192K1Field.Subtract(V, X3.x, Y3.x);
+            SecP192K1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP192K1Field.Reduce(tt1, Y3.x);
+
+            SecP192K1FieldElement Z3 = new SecP192K1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP192K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP192K1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP192K1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP192K1FieldElement Y1 = (SecP192K1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.RawXCoord, Z1 = (SecP192K1FieldElement)this.RawZCoords[0];
+
+            uint c;
+
+            uint[] Y1Squared = Nat192.Create();
+            SecP192K1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat192.Create();
+            SecP192K1Field.Square(Y1Squared, T);
+
+            uint[] M = Nat192.Create();
+            SecP192K1Field.Square(X1.x, M);
+            c = Nat192.AddBothTo(M, M, M);
+            SecP192K1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP192K1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(6, S, 2, 0);
+            SecP192K1Field.Reduce32(c, S);
+
+            uint[] t1 = Nat192.Create();
+            c = Nat.ShiftUpBits(6, T, 3, 0, t1);
+            SecP192K1Field.Reduce32(c, t1);
+
+            SecP192K1FieldElement X3 = new SecP192K1FieldElement(T);
+            SecP192K1Field.Square(M, X3.x);
+            SecP192K1Field.Subtract(X3.x, S, X3.x);
+            SecP192K1Field.Subtract(X3.x, S, X3.x);
+
+            SecP192K1FieldElement Y3 = new SecP192K1FieldElement(S);
+            SecP192K1Field.Subtract(S, X3.x, Y3.x);
+            SecP192K1Field.Multiply(Y3.x, M, Y3.x);
+            SecP192K1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP192K1FieldElement Z3 = new SecP192K1FieldElement(M);
+            SecP192K1Field.Twice(Y1.x, Z3.x);
+            if (!Z1.IsOne)
+            {
+                SecP192K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP192K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP192K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Curve.cs
new file mode 100644
index 0000000..cb3a981
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Curve.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"));
+
+        private const int SecP192R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP192R1Point m_infinity;
+
+        public SecP192R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP192R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"));
+            this.m_cofactor = BigInteger.One;
+
+            this.m_coord = SecP192R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP192R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP192R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP192R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP192R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Field.cs
new file mode 100644
index 0000000..096c2b5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Field.cs
@@ -0,0 +1,283 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192R1Field
+    {
+        // 2^192 - 2^64 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001,
+            0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFE,
+            0xFFFFFFFF, 0x00000001, 0x00000000, 0x00000002 };
+        private const uint P5 = 0xFFFFFFFF;
+        private const uint PExt11 = 0xFFFFFFFF;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat192.Add(x, y, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(12, xx, yy, zz);
+            if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(6, x, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat192.FromBigInteger(x);
+            if (z[5] == P5 && Nat192.Gte(z, P))
+            {
+                Nat192.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(6, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat192.Add(x, P, z);
+                Nat.ShiftDownBit(6, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat192.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat192.IsZero(x))
+            {
+                Nat192.Zero(z);
+            }
+            else
+            {
+                Nat192.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong xx06 = xx[6], xx07 = xx[7], xx08 = xx[8];
+            ulong xx09 = xx[9], xx10 = xx[10], xx11 = xx[11];
+
+            ulong t0 = xx06 + xx10;
+            ulong t1 = xx07 + xx11;
+
+            ulong cc = 0;
+            cc += (ulong)xx[0] + t0;
+            uint z0 = (uint)cc;
+            cc >>= 32;
+            cc += (ulong)xx[1] + t1;
+            z[1] = (uint)cc;
+            cc >>= 32;
+
+            t0 += xx08;
+            t1 += xx09;
+
+            cc += (ulong)xx[2] + t0;
+            ulong z2 = (uint)cc;
+            cc >>= 32;
+            cc += (ulong)xx[3] + t1;
+            z[3] = (uint)cc;
+            cc >>= 32;
+
+            t0 -= xx06;
+            t1 -= xx07;
+
+            cc += (ulong)xx[4] + t0;
+            z[4] = (uint)cc;
+            cc >>= 32;
+            cc += (ulong)xx[5] + t1;
+            z[5] = (uint)cc;
+            cc >>= 32;
+
+            z2 += cc;
+
+            cc += z0;
+            z[0] = (uint)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += z[1];
+                z[1] = (uint)cc;
+                z2 += cc >> 32;
+            }
+            z[2] = (uint)z2;
+            cc  = z2 >> 32;
+
+            Debug.Assert(cc == 0 || cc == 1);
+
+            if ((cc != 0 && Nat.IncAt(6, z, 3) != 0)
+                || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            ulong cc = 0;
+
+            if (x != 0)
+            {
+                cc += (ulong)z[0] + x;
+                z[0] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (ulong)z[1];
+                    z[1] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (ulong)z[2] + x;
+                z[2] = (uint)cc;
+                cc >>= 32;
+
+                Debug.Assert(cc == 0 || cc == 1);
+            }
+
+            if ((cc != 0 && Nat.IncAt(6, z, 3) != 0)
+                || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat192.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat192.Sub(x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(12, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(12, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(6, x, 0, z);
+            if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[2] + 1;
+            z[2] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.IncAt(6, z, 3);
+            }
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[2] - 1;
+            z[2] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.DecAt(6, z, 3);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs
new file mode 100644
index 0000000..45bcb00
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs
@@ -0,0 +1,188 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP192R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP192R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP192R1FieldElement", "x");
+
+            this.x = SecP192R1Field.FromBigInteger(x);
+        }
+
+        public SecP192R1FieldElement()
+        {
+            this.x = Nat192.Create();
+        }
+
+        protected internal SecP192R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat192.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat192.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat192.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat192.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP192R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.Add(x, ((SecP192R1FieldElement)b).x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.AddOne(x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.Subtract(x, ((SecP192R1FieldElement)b).x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.Multiply(x, ((SecP192R1FieldElement)b).x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat192.Create();
+            Mod.Invert(SecP192R1Field.P, ((SecP192R1FieldElement)b).x, z);
+            SecP192R1Field.Multiply(z, x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.Negate(x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat192.Create();
+            SecP192R1Field.Square(x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP192R1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat192.Create();
+            Mod.Invert(SecP192R1Field.P, x, z);
+            return new SecP192R1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            // Raise this element to the exponent 2^190 - 2^62
+
+            uint[] x1 = this.x;
+            if (Nat192.IsZero(x1) || Nat192.IsOne(x1))
+                return this;
+
+            uint[] t1 = Nat192.Create();
+            uint[] t2 = Nat192.Create();
+
+            SecP192R1Field.Square(x1, t1);
+            SecP192R1Field.Multiply(t1, x1, t1);
+
+            SecP192R1Field.SquareN(t1, 2, t2);
+            SecP192R1Field.Multiply(t2, t1, t2);
+
+            SecP192R1Field.SquareN(t2, 4, t1);
+            SecP192R1Field.Multiply(t1, t2, t1);
+
+            SecP192R1Field.SquareN(t1, 8, t2);
+            SecP192R1Field.Multiply(t2, t1, t2);
+
+            SecP192R1Field.SquareN(t2, 16, t1);
+            SecP192R1Field.Multiply(t1, t2, t1);
+
+            SecP192R1Field.SquareN(t1, 32, t2);
+            SecP192R1Field.Multiply(t2, t1, t2);
+
+            SecP192R1Field.SquareN(t2, 64, t1);
+            SecP192R1Field.Multiply(t1, t2, t1);
+
+            SecP192R1Field.SquareN(t1, 62, t1);
+            SecP192R1Field.Square(t1, t2);
+
+            return Nat192.Eq(x1, t2) ? new SecP192R1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP192R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP192R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP192R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat192.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 6);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Point.cs
new file mode 100644
index 0000000..3b53e34
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP192R1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP192R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP192R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.RawXCoord, Y1 = (SecP192R1FieldElement)this.RawYCoord;
+            SecP192R1FieldElement X2 = (SecP192R1FieldElement)b.RawXCoord, Y2 = (SecP192R1FieldElement)b.RawYCoord;
+
+            SecP192R1FieldElement Z1 = (SecP192R1FieldElement)this.RawZCoords[0];
+            SecP192R1FieldElement Z2 = (SecP192R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat192.CreateExt();
+            uint[] t2 = Nat192.Create();
+            uint[] t3 = Nat192.Create();
+            uint[] t4 = Nat192.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP192R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP192R1Field.Multiply(S2, X2.x, U2);
+
+                SecP192R1Field.Multiply(S2, Z1.x, S2);
+                SecP192R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP192R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP192R1Field.Multiply(S1, X1.x, U1);
+
+                SecP192R1Field.Multiply(S1, Z2.x, S1);
+                SecP192R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat192.Create();
+            SecP192R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP192R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat192.IsZero(H))
+            {
+                if (Nat192.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP192R1Field.Square(H, HSquared);
+
+            uint[] G = Nat192.Create();
+            SecP192R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP192R1Field.Multiply(HSquared, U1, V);
+
+            SecP192R1Field.Negate(G, G);
+            Nat192.Mul(S1, G, tt1);
+
+            c = Nat192.AddBothTo(V, V, G);
+            SecP192R1Field.Reduce32(c, G);
+
+            SecP192R1FieldElement X3 = new SecP192R1FieldElement(t4);
+            SecP192R1Field.Square(R, X3.x);
+            SecP192R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP192R1FieldElement Y3 = new SecP192R1FieldElement(G);
+            SecP192R1Field.Subtract(V, X3.x, Y3.x);
+            SecP192R1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP192R1Field.Reduce(tt1, Y3.x);
+
+            SecP192R1FieldElement Z3 = new SecP192R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP192R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP192R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP192R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP192R1FieldElement Y1 = (SecP192R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.RawXCoord, Z1 = (SecP192R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat192.Create();
+            uint[] t2 = Nat192.Create();
+
+            uint[] Y1Squared = Nat192.Create();
+            SecP192R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat192.Create();
+            SecP192R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP192R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP192R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP192R1Field.Add(X1.x, Z1Squared, M);
+            SecP192R1Field.Multiply(M, t1, M);
+            c = Nat192.AddBothTo(M, M, M);
+            SecP192R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP192R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(6, S, 2, 0);
+            SecP192R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(6, T, 3, 0, t1);
+            SecP192R1Field.Reduce32(c, t1);
+
+            SecP192R1FieldElement X3 = new SecP192R1FieldElement(T);
+            SecP192R1Field.Square(M, X3.x);
+            SecP192R1Field.Subtract(X3.x, S, X3.x);
+            SecP192R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP192R1FieldElement Y3 = new SecP192R1FieldElement(S);
+            SecP192R1Field.Subtract(S, X3.x, Y3.x);
+            SecP192R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP192R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP192R1FieldElement Z3 = new SecP192R1FieldElement(M);
+            SecP192R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP192R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP192R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP192R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Curve.cs
new file mode 100644
index 0000000..d4be7d8
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Curve.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224K1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D"));
+
+        private const int SECP224K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP224K1Point m_infinity;
+
+        public SecP224K1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP224K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.ValueOf(5));
+            this.m_order = new BigInteger(1, Hex.Decode("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SECP224K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP224K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_JACOBIAN:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP224K1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP224K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP224K1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Field.cs
new file mode 100644
index 0000000..98cf777
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Field.cs
@@ -0,0 +1,179 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224K1Field
+    {
+        // 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFE56D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x02C23069, 0x00003526, 0x00000001, 0x00000000, 0x00000000,
+            0x00000000, 0x00000000, 0xFFFFCADA, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFD3DCF97, 0xFFFFCAD9, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF, 0x00003525, 0x00000002 };
+        private const uint P6 = 0xFFFFFFFF;
+        private const uint PExt13 = 0xFFFFFFFF;
+        private const uint PInv33 = 0x1A93;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat224.Add(x, y, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                Nat.Add33To(7, PInv33, z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(14, xx, yy, zz);
+            if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(7, x, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                Nat.Add33To(7, PInv33, z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat224.FromBigInteger(x);
+            if (z[6] == P6 && Nat224.Gte(z, P))
+            {
+                Nat224.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(7, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat224.Add(x, P, z);
+                Nat.ShiftDownBit(7, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat224.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat224.IsZero(x))
+            {
+                Nat224.Zero(z);
+            }
+            else
+            {
+                Nat224.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong cc = Nat224.Mul33Add(PInv33, xx, 7, xx, 0, z, 0);
+            uint c = Nat224.Mul33DWordAdd(PInv33, cc, z, 0);
+
+            Debug.Assert(c == 0 || c == 1);
+
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                Nat.Add33To(7, PInv33, z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            if ((x != 0 && Nat224.Mul33WordAdd(PInv33, x, z, 0) != 0)
+                || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                Nat.Add33To(7, PInv33, z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat224.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat224.Sub(x, y, z);
+            if (c != 0)
+            {
+                Nat.Sub33From(7, PInv33, z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(14, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(7, x, 0, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                Nat.Add33To(7, PInv33, z);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs
new file mode 100644
index 0000000..fec0743
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs
@@ -0,0 +1,242 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224K1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP224K1Curve.q;
+
+        // Calculated as BigInteger.Two.ModPow(Q.ShiftRight(2), Q)
+        private static readonly uint[] PRECOMP_POW2 = new uint[]{ 0x33bfd202, 0xdcfad133, 0x2287624a, 0xc3811ba8,
+            0xa85558fc, 0x1eaef5d7, 0x8edf154c };
+
+        protected internal readonly uint[] x;
+
+        public SecP224K1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP224K1FieldElement", "x");
+
+            this.x = SecP224K1Field.FromBigInteger(x);
+        }
+
+        public SecP224K1FieldElement()
+        {
+            this.x = Nat224.Create();
+        }
+
+        protected internal SecP224K1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat224.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat224.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat224.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat224.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP224K1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.Add(x, ((SecP224K1FieldElement)b).x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.AddOne(x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.Subtract(x, ((SecP224K1FieldElement)b).x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.Multiply(x, ((SecP224K1FieldElement)b).x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat224.Create();
+            Mod.Invert(SecP224K1Field.P, ((SecP224K1FieldElement)b).x, z);
+            SecP224K1Field.Multiply(z, x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.Negate(x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat224.Create();
+            SecP224K1Field.Square(x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP224K1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat224.Create();
+            Mod.Invert(SecP224K1Field.P, x, z);
+            return new SecP224K1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Q == 8m + 5, so we use Pocklington's method for this case.
+             *
+             * First, raise this element to the exponent 2^221 - 2^29 - 2^9 - 2^8 - 2^6 - 2^4 - 2^1 (i.e. m + 1)
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             * { 191 1s } { 1 0s } { 19 1s } { 2 0s } { 1 1s } { 1 0s} { 1 1s } { 1 0s} { 3 1s } { 1 0s}
+             * 
+             * Therefore we need an addition chain containing 1, 3, 19, 191 (the lengths of the repunits)
+             * We use: [1], 2, [3], 4, 8, 11, [19], 23, 42, 84, 107, [191]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat224.IsZero(x1) || Nat224.IsOne(x1))
+                return this;
+
+            uint[] x2 = Nat224.Create();
+            SecP224K1Field.Square(x1, x2);
+            SecP224K1Field.Multiply(x2, x1, x2);
+            uint[] x3 = x2;
+            SecP224K1Field.Square(x2, x3);
+            SecP224K1Field.Multiply(x3, x1, x3);
+            uint[] x4 = Nat224.Create();
+            SecP224K1Field.Square(x3, x4);
+            SecP224K1Field.Multiply(x4, x1, x4);
+            uint[] x8 = Nat224.Create();
+            SecP224K1Field.SquareN(x4, 4, x8);
+            SecP224K1Field.Multiply(x8, x4, x8);
+            uint[] x11 = Nat224.Create();
+            SecP224K1Field.SquareN(x8, 3, x11);
+            SecP224K1Field.Multiply(x11, x3, x11);
+            uint[] x19 = x11;
+            SecP224K1Field.SquareN(x11, 8, x19);
+            SecP224K1Field.Multiply(x19, x8, x19);
+            uint[] x23 = x8;
+            SecP224K1Field.SquareN(x19, 4, x23);
+            SecP224K1Field.Multiply(x23, x4, x23);
+            uint[] x42 = x4;
+            SecP224K1Field.SquareN(x23, 19, x42);
+            SecP224K1Field.Multiply(x42, x19, x42);
+            uint[] x84 = Nat224.Create();
+            SecP224K1Field.SquareN(x42, 42, x84);
+            SecP224K1Field.Multiply(x84, x42, x84);
+            uint[] x107 = x42;
+            SecP224K1Field.SquareN(x84, 23, x107);
+            SecP224K1Field.Multiply(x107, x23, x107);
+            uint[] x191 = x23;
+            SecP224K1Field.SquareN(x107, 84, x191);
+            SecP224K1Field.Multiply(x191, x84, x191);
+
+            uint[] t1 = x191;
+            SecP224K1Field.SquareN(t1, 20, t1);
+            SecP224K1Field.Multiply(t1, x19, t1);
+            SecP224K1Field.SquareN(t1, 3, t1);
+            SecP224K1Field.Multiply(t1, x1, t1);
+            SecP224K1Field.SquareN(t1, 2, t1);
+            SecP224K1Field.Multiply(t1, x1, t1);
+            SecP224K1Field.SquareN(t1, 4, t1);
+            SecP224K1Field.Multiply(t1, x3, t1);
+            SecP224K1Field.Square(t1, t1);
+
+            uint[] t2 = x84;
+            SecP224K1Field.Square(t1, t2);
+
+            if (Nat224.Eq(x1, t2))
+            {
+                return new SecP224K1FieldElement(t1);
+            }
+
+            /*
+             * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess,
+             * which is ((4x)^(m + 1))/2 mod Q
+             */
+            SecP224K1Field.Multiply(t1, PRECOMP_POW2, t1);
+
+            SecP224K1Field.Square(t1, t2);
+
+            if (Nat224.Eq(x1, t2))
+            {
+                return new SecP224K1FieldElement(t1);
+            }
+
+            return null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP224K1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP224K1FieldElement);
+        }
+
+        public virtual bool Equals(SecP224K1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat224.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 7);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Point.cs
new file mode 100644
index 0000000..98cb292
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224K1Point.cs
@@ -0,0 +1,267 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224K1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+            bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP224K1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.RawXCoord, Y1 = (SecP224K1FieldElement)this.RawYCoord;
+            SecP224K1FieldElement X2 = (SecP224K1FieldElement)b.RawXCoord, Y2 = (SecP224K1FieldElement)b.RawYCoord;
+
+            SecP224K1FieldElement Z1 = (SecP224K1FieldElement)this.RawZCoords[0];
+            SecP224K1FieldElement Z2 = (SecP224K1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat224.CreateExt();
+            uint[] t2 = Nat224.Create();
+            uint[] t3 = Nat224.Create();
+            uint[] t4 = Nat224.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP224K1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP224K1Field.Multiply(S2, X2.x, U2);
+
+                SecP224K1Field.Multiply(S2, Z1.x, S2);
+                SecP224K1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP224K1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP224K1Field.Multiply(S1, X1.x, U1);
+
+                SecP224K1Field.Multiply(S1, Z2.x, S1);
+                SecP224K1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat224.Create();
+            SecP224K1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP224K1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat224.IsZero(H))
+            {
+                if (Nat224.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP224K1Field.Square(H, HSquared);
+
+            uint[] G = Nat224.Create();
+            SecP224K1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP224K1Field.Multiply(HSquared, U1, V);
+
+            SecP224K1Field.Negate(G, G);
+            Nat224.Mul(S1, G, tt1);
+
+            c = Nat224.AddBothTo(V, V, G);
+            SecP224K1Field.Reduce32(c, G);
+
+            SecP224K1FieldElement X3 = new SecP224K1FieldElement(t4);
+            SecP224K1Field.Square(R, X3.x);
+            SecP224K1Field.Subtract(X3.x, G, X3.x);
+
+            SecP224K1FieldElement Y3 = new SecP224K1FieldElement(G);
+            SecP224K1Field.Subtract(V, X3.x, Y3.x);
+            SecP224K1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP224K1Field.Reduce(tt1, Y3.x);
+
+            SecP224K1FieldElement Z3 = new SecP224K1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP224K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP224K1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP224K1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP224K1FieldElement Y1 = (SecP224K1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.RawXCoord, Z1 = (SecP224K1FieldElement)this.RawZCoords[0];
+
+            uint c;
+
+            uint[] Y1Squared = Nat224.Create();
+            SecP224K1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat224.Create();
+            SecP224K1Field.Square(Y1Squared, T);
+
+            uint[] M = Nat224.Create();
+            SecP224K1Field.Square(X1.x, M);
+            c = Nat224.AddBothTo(M, M, M);
+            SecP224K1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP224K1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(7, S, 2, 0);
+            SecP224K1Field.Reduce32(c, S);
+
+            uint[] t1 = Nat224.Create();
+            c = Nat.ShiftUpBits(7, T, 3, 0, t1);
+            SecP224K1Field.Reduce32(c, t1);
+
+            SecP224K1FieldElement X3 = new SecP224K1FieldElement(T);
+            SecP224K1Field.Square(M, X3.x);
+            SecP224K1Field.Subtract(X3.x, S, X3.x);
+            SecP224K1Field.Subtract(X3.x, S, X3.x);
+
+            SecP224K1FieldElement Y3 = new SecP224K1FieldElement(S);
+            SecP224K1Field.Subtract(S, X3.x, Y3.x);
+            SecP224K1Field.Multiply(Y3.x, M, Y3.x);
+            SecP224K1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP224K1FieldElement Z3 = new SecP224K1FieldElement(M);
+            SecP224K1Field.Twice(Y1.x, Z3.x);
+            if (!Z1.IsOne)
+            {
+                SecP224K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP224K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP224K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Curve.cs
new file mode 100644
index 0000000..cda8781
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Curve.cs
@@ -0,0 +1,78 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"));
+
+        private const int SecP224R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP224R1Point m_infinity;
+
+        public SecP224R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP224R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"));
+            this.m_cofactor = BigInteger.One;
+
+            this.m_coord = SecP224R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP224R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_JACOBIAN:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP224R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP224R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP224R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Field.cs
new file mode 100644
index 0000000..4f5c3bb
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Field.cs
@@ -0,0 +1,297 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224R1Field
+    {
+        // 2^224 - 2^96 + 1
+        internal static readonly uint[] P = new uint[] { 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
+            0xFFFFFFFF, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, 0x00000000,
+            0x00000000, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001 };
+        private const uint P6 = 0xFFFFFFFF;
+        private const uint PExt13 = 0xFFFFFFFF;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat224.Add(x, y, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(14, xx, yy, zz);
+            if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(7, x, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat224.FromBigInteger(x);
+            if (z[6] == P6 && Nat224.Gte(z, P))
+            {
+                Nat224.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(7, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat224.Add(x, P, z);
+                Nat.ShiftDownBit(7, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat224.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat224.IsZero(x))
+            {
+                Nat224.Zero(z);
+            }
+            else
+            {
+                Nat224.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            long xx10 = xx[10], xx11 = xx[11], xx12 = xx[12], xx13 = xx[13];
+
+            const long n = 1;
+
+            long t0 = (long)xx[7] + xx11 - n;
+            long t1 = (long)xx[8] + xx12;
+            long t2 = (long)xx[9] + xx13;
+
+            long cc = 0;
+            cc += (long)xx[0] - t0;
+            long z0 = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[1] - t1;
+            z[1] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[2] - t2;
+            z[2] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[3] + t0 - xx10;
+            long z3 = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[4] + t1 - xx11;
+            z[4] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[5] + t2 - xx12;
+            z[5] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[6] + xx10 - xx13;
+            z[6] = (uint)cc;
+            cc >>= 32;
+            cc += n;
+
+            Debug.Assert(cc >= 0);
+
+            z3 += cc;
+
+            z0 -= cc;
+            z[0] = (uint)z0;
+            cc = z0 >> 32;
+            if (cc != 0)
+            {
+                cc += (long)z[1];
+                z[1] = (uint)cc;
+                cc >>= 32;
+                cc += (long)z[2];
+                z[2] = (uint)cc;
+                z3 += cc >> 32;
+            }
+            z[3] = (uint)z3;
+            cc = z3 >> 32;
+
+            Debug.Assert(cc == 0 || cc == 1);
+
+            if ((cc != 0 && Nat.IncAt(7, z, 4) != 0)
+                || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            long cc = 0;
+
+            if (x != 0)
+            {
+                long xx07 = x;
+
+                cc += (long)z[0] - xx07;
+                z[0] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[1];
+                    z[1] = (uint)cc;
+                    cc >>= 32;
+                    cc += (long)z[2];
+                    z[2] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[3] + xx07;
+                z[3] = (uint)cc;
+                cc >>= 32;
+
+                Debug.Assert(cc == 0 || cc == 1);
+            }
+
+            if ((cc != 0 && Nat.IncAt(7, z, 4) != 0)
+                || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat224.CreateExt();
+            Nat224.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat224.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat224.Sub(x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(14, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(14, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(7, x, 0, z);
+            if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] + 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.IncAt(7, z, 4);
+            }
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] - 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.DecAt(7, z, 4);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs
new file mode 100644
index 0000000..2b9a065
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs
@@ -0,0 +1,269 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP224R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP224R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP224R1FieldElement", "x");
+
+            this.x = SecP224R1Field.FromBigInteger(x);
+        }
+
+        public SecP224R1FieldElement()
+        {
+            this.x = Nat224.Create();
+        }
+
+        protected internal SecP224R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat224.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat224.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat224.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat224.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP224R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.Add(x, ((SecP224R1FieldElement)b).x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.AddOne(x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.Subtract(x, ((SecP224R1FieldElement)b).x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.Multiply(x, ((SecP224R1FieldElement)b).x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat224.Create();
+            Mod.Invert(SecP224R1Field.P, ((SecP224R1FieldElement)b).x, z);
+            SecP224R1Field.Multiply(z, x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.Negate(x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat224.Create();
+            SecP224R1Field.Square(x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP224R1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat224.Create();
+            Mod.Invert(SecP224R1Field.P, x, z);
+            return new SecP224R1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            uint[] c = this.x;
+            if (Nat224.IsZero(c) || Nat224.IsOne(c))
+                return this;
+
+            uint[] nc = Nat224.Create();
+            SecP224R1Field.Negate(c, nc);
+
+            uint[] r = Mod.Random(SecP224R1Field.P);
+            uint[] t = Nat224.Create();
+
+            if (!IsSquare(c))
+                return null;
+
+            while (!TrySqrt(nc, r, t))
+            {
+                SecP224R1Field.AddOne(r, r);
+            }
+
+            SecP224R1Field.Square(t, r);
+
+            return Nat224.Eq(c, r) ? new SecP224R1FieldElement(t) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP224R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP224R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP224R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat224.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 7);
+        }
+
+        private static bool IsSquare(uint[] x)
+        {
+            uint[] t1 = Nat224.Create();
+            uint[] t2 = Nat224.Create();
+            Nat224.Copy(x, t1);
+
+            for (int i = 0; i < 7; ++i)
+            {
+                Nat224.Copy(t1, t2);
+                SecP224R1Field.SquareN(t1, 1 << i, t1);
+                SecP224R1Field.Multiply(t1, t2, t1);
+            }
+
+            SecP224R1Field.SquareN(t1, 95, t1);
+            return Nat224.IsOne(t1);
+        }
+
+        private static void RM(uint[] nc, uint[] d0, uint[] e0, uint[] d1, uint[] e1, uint[] f1, uint[] t)
+        {
+            SecP224R1Field.Multiply(e1, e0, t);
+            SecP224R1Field.Multiply(t, nc, t);
+            SecP224R1Field.Multiply(d1, d0, f1);
+            SecP224R1Field.Add(f1, t, f1);
+            SecP224R1Field.Multiply(d1, e0, t);
+            Nat224.Copy(f1, d1);
+            SecP224R1Field.Multiply(e1, d0, e1);
+            SecP224R1Field.Add(e1, t, e1);
+            SecP224R1Field.Square(e1, f1);
+            SecP224R1Field.Multiply(f1, nc, f1);
+        }
+
+        private static void RP(uint[] nc, uint[] d1, uint[] e1, uint[] f1, uint[] t)
+        {
+            Nat224.Copy(nc, f1);
+
+            uint[] d0 = Nat224.Create();
+            uint[] e0 = Nat224.Create();
+
+            for (int i = 0; i < 7; ++i)
+            {
+                Nat224.Copy(d1, d0);
+                Nat224.Copy(e1, e0);
+
+                int j = 1 << i;
+                while (--j >= 0)
+                {
+                    RS(d1, e1, f1, t);
+                }
+
+                RM(nc, d0, e0, d1, e1, f1, t);
+            }
+        }
+
+        private static void RS(uint[] d, uint[] e, uint[] f, uint[] t)
+        {
+            SecP224R1Field.Multiply(e, d, e);
+            SecP224R1Field.Twice(e, e);
+            SecP224R1Field.Square(d, t);
+            SecP224R1Field.Add(f, t, d);
+            SecP224R1Field.Multiply(f, t, f);
+            uint c = Nat.ShiftUpBits(7, f, 2, 0);
+            SecP224R1Field.Reduce32(c, f);
+        }
+
+        private static bool TrySqrt(uint[] nc, uint[] r, uint[] t)
+        {
+            uint[] d1 = Nat224.Create();
+            Nat224.Copy(r, d1);
+            uint[] e1 = Nat224.Create();
+            e1[0] = 1;
+            uint[] f1 = Nat224.Create();
+            RP(nc, d1, e1, f1, t);
+
+            uint[] d0 = Nat224.Create();
+            uint[] e0 = Nat224.Create();
+
+            for (int k = 1; k < 96; ++k)
+            {
+                Nat224.Copy(d1, d0);
+                Nat224.Copy(e1, e0);
+
+                RS(d1, e1, f1, t);
+
+                if (Nat224.IsZero(d1))
+                {
+                    Mod.Invert(SecP224R1Field.P, e0, t);
+                    SecP224R1Field.Multiply(t, d0, t);
+                    return true;
+                }
+            }
+
+            return false;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Point.cs
new file mode 100644
index 0000000..73c4f19
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP224R1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP224R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP224R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.RawXCoord, Y1 = (SecP224R1FieldElement)this.RawYCoord;
+            SecP224R1FieldElement X2 = (SecP224R1FieldElement)b.RawXCoord, Y2 = (SecP224R1FieldElement)b.RawYCoord;
+
+            SecP224R1FieldElement Z1 = (SecP224R1FieldElement)this.RawZCoords[0];
+            SecP224R1FieldElement Z2 = (SecP224R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat224.CreateExt();
+            uint[] t2 = Nat224.Create();
+            uint[] t3 = Nat224.Create();
+            uint[] t4 = Nat224.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP224R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP224R1Field.Multiply(S2, X2.x, U2);
+
+                SecP224R1Field.Multiply(S2, Z1.x, S2);
+                SecP224R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP224R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP224R1Field.Multiply(S1, X1.x, U1);
+
+                SecP224R1Field.Multiply(S1, Z2.x, S1);
+                SecP224R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat224.Create();
+            SecP224R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP224R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat224.IsZero(H))
+            {
+                if (Nat224.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP224R1Field.Square(H, HSquared);
+
+            uint[] G = Nat224.Create();
+            SecP224R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP224R1Field.Multiply(HSquared, U1, V);
+
+            SecP224R1Field.Negate(G, G);
+            Nat224.Mul(S1, G, tt1);
+
+            c = Nat224.AddBothTo(V, V, G);
+            SecP224R1Field.Reduce32(c, G);
+
+            SecP224R1FieldElement X3 = new SecP224R1FieldElement(t4);
+            SecP224R1Field.Square(R, X3.x);
+            SecP224R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP224R1FieldElement Y3 = new SecP224R1FieldElement(G);
+            SecP224R1Field.Subtract(V, X3.x, Y3.x);
+            SecP224R1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP224R1Field.Reduce(tt1, Y3.x);
+
+            SecP224R1FieldElement Z3 = new SecP224R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP224R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP224R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP224R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP224R1FieldElement Y1 = (SecP224R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.RawXCoord, Z1 = (SecP224R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat224.Create();
+            uint[] t2 = Nat224.Create();
+
+            uint[] Y1Squared = Nat224.Create();
+            SecP224R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat224.Create();
+            SecP224R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP224R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP224R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP224R1Field.Add(X1.x, Z1Squared, M);
+            SecP224R1Field.Multiply(M, t1, M);
+            c = Nat224.AddBothTo(M, M, M);
+            SecP224R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP224R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(7, S, 2, 0);
+            SecP224R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(7, T, 3, 0, t1);
+            SecP224R1Field.Reduce32(c, t1);
+
+            SecP224R1FieldElement X3 = new SecP224R1FieldElement(T);
+            SecP224R1Field.Square(M, X3.x);
+            SecP224R1Field.Subtract(X3.x, S, X3.x);
+            SecP224R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP224R1FieldElement Y3 = new SecP224R1FieldElement(S);
+            SecP224R1Field.Subtract(S, X3.x, Y3.x);
+            SecP224R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP224R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP224R1FieldElement Z3 = new SecP224R1FieldElement(M);
+            SecP224R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP224R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP224R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP224R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Curve.cs
new file mode 100644
index 0000000..59e2cef
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Curve.cs
@@ -0,0 +1,75 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256K1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F"));
+
+        private const int SECP256K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP256K1Point m_infinity;
+
+        public SecP256K1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP256K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.ValueOf(7));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SECP256K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP256K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP256K1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP256K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP256K1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Field.cs
new file mode 100644
index 0000000..b0646e9
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Field.cs
@@ -0,0 +1,180 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256K1Field
+    {
+        // 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFC2F, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x000E90A1, 0x000007A2, 0x00000001, 0x00000000, 0x00000000,
+            0x00000000, 0x00000000, 0x00000000, 0xFFFFF85E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFF16F5F, 0xFFFFF85D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x000007A1, 0x00000002 };
+        private const uint P7 = 0xFFFFFFFF;
+        private const uint PExt15 = 0xFFFFFFFF;
+        private const uint PInv33 = 0x3D1;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat256.Add(x, y, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                Nat.Add33To(8, PInv33, z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(16, xx, yy, zz);
+            if (c != 0 || (zz[15] == PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(16, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(8, x, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                Nat.Add33To(8, PInv33, z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat256.FromBigInteger(x);
+            if (z[7] == P7 && Nat256.Gte(z, P))
+            {
+                Nat256.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(8, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat256.Add(x, P, z);
+                Nat.ShiftDownBit(8, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat256.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[15] == PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(16, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat256.IsZero(x))
+            {
+                Nat256.Zero(z);
+            }
+            else
+            {
+                Nat256.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            ulong cc = Nat256.Mul33Add(PInv33, xx, 8, xx, 0, z, 0);
+            uint c = Nat256.Mul33DWordAdd(PInv33, cc, z, 0);
+
+            Debug.Assert(c == 0 || c == 1);
+
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                Nat.Add33To(8, PInv33, z);
+            }
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            if ((x != 0 && Nat256.Mul33WordAdd(PInv33, x, z, 0) != 0)
+                || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                Nat.Add33To(8, PInv33, z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat256.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat256.Sub(x, y, z);
+            if (c != 0)
+            {
+                Nat.Sub33From(8, PInv33, z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(16, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(16, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(8, x, 0, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                Nat.Add33To(8, PInv33, z);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs
new file mode 100644
index 0000000..473113d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs
@@ -0,0 +1,214 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256K1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP256K1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP256K1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP256K1FieldElement", "x");
+
+            this.x = SecP256K1Field.FromBigInteger(x);
+        }
+
+        public SecP256K1FieldElement()
+        {
+            this.x = Nat256.Create();
+        }
+
+        protected internal SecP256K1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat256.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP256K1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.Add(x, ((SecP256K1FieldElement)b).x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.AddOne(x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.Subtract(x, ((SecP256K1FieldElement)b).x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.Multiply(x, ((SecP256K1FieldElement)b).x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat256.Create();
+            Mod.Invert(SecP256K1Field.P, ((SecP256K1FieldElement)b).x, z);
+            SecP256K1Field.Multiply(z, x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.Negate(x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat256.Create();
+            SecP256K1Field.Square(x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP256K1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat256.Create();
+            Mod.Invert(SecP256K1Field.P, x, z);
+            return new SecP256K1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            /*
+             * Raise this element to the exponent 2^254 - 2^30 - 2^7 - 2^6 - 2^5 - 2^4 - 2^2
+             * 
+             * Breaking up the exponent's binary representation into "repunits", we get:
+             * { 223 1s } { 1 0s } { 22 1s } { 4 0s } { 2 1s } { 2 0s}
+             * 
+             * Therefore we need an addition chain containing 2, 22, 223 (the lengths of the repunits)
+             * We use: 1, [2], 3, 6, 9, 11, [22], 44, 88, 176, 220, [223]
+             */
+
+            uint[] x1 = this.x;
+            if (Nat256.IsZero(x1) || Nat256.IsOne(x1))
+                return this;
+
+            uint[] x2 = Nat256.Create();
+            SecP256K1Field.Square(x1, x2);
+            SecP256K1Field.Multiply(x2, x1, x2);
+            uint[] x3 = Nat256.Create();
+            SecP256K1Field.Square(x2, x3);
+            SecP256K1Field.Multiply(x3, x1, x3);
+            uint[] x6 = Nat256.Create();
+            SecP256K1Field.SquareN(x3, 3, x6);
+            SecP256K1Field.Multiply(x6, x3, x6);
+            uint[] x9 = x6;
+            SecP256K1Field.SquareN(x6, 3, x9);
+            SecP256K1Field.Multiply(x9, x3, x9);
+            uint[] x11 = x9;
+            SecP256K1Field.SquareN(x9, 2, x11);
+            SecP256K1Field.Multiply(x11, x2, x11);
+            uint[] x22 = Nat256.Create();
+            SecP256K1Field.SquareN(x11, 11, x22);
+            SecP256K1Field.Multiply(x22, x11, x22);
+            uint[] x44 = x11;
+            SecP256K1Field.SquareN(x22, 22, x44);
+            SecP256K1Field.Multiply(x44, x22, x44);
+            uint[] x88 = Nat256.Create();
+            SecP256K1Field.SquareN(x44, 44, x88);
+            SecP256K1Field.Multiply(x88, x44, x88);
+            uint[] x176 = Nat256.Create();
+            SecP256K1Field.SquareN(x88, 88, x176);
+            SecP256K1Field.Multiply(x176, x88, x176);
+            uint[] x220 = x88;
+            SecP256K1Field.SquareN(x176, 44, x220);
+            SecP256K1Field.Multiply(x220, x44, x220);
+            uint[] x223 = x44;
+            SecP256K1Field.SquareN(x220, 3, x223);
+            SecP256K1Field.Multiply(x223, x3, x223);
+
+            uint[] t1 = x223;
+            SecP256K1Field.SquareN(t1, 23, t1);
+            SecP256K1Field.Multiply(t1, x22, t1);
+            SecP256K1Field.SquareN(t1, 6, t1);
+            SecP256K1Field.Multiply(t1, x2, t1);
+            SecP256K1Field.SquareN(t1, 2, t1);
+
+            uint[] t2 = x2;
+            SecP256K1Field.Square(t1, t2);
+
+            return Nat256.Eq(x1, t2) ? new SecP256K1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP256K1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP256K1FieldElement);
+        }
+
+        public virtual bool Equals(SecP256K1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Point.cs
new file mode 100644
index 0000000..072a0b9
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256K1Point.cs
@@ -0,0 +1,267 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256K1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+            bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP256K1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.RawXCoord, Y1 = (SecP256K1FieldElement)this.RawYCoord;
+            SecP256K1FieldElement X2 = (SecP256K1FieldElement)b.RawXCoord, Y2 = (SecP256K1FieldElement)b.RawYCoord;
+
+            SecP256K1FieldElement Z1 = (SecP256K1FieldElement)this.RawZCoords[0];
+            SecP256K1FieldElement Z2 = (SecP256K1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat256.CreateExt();
+            uint[] t2 = Nat256.Create();
+            uint[] t3 = Nat256.Create();
+            uint[] t4 = Nat256.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP256K1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP256K1Field.Multiply(S2, X2.x, U2);
+
+                SecP256K1Field.Multiply(S2, Z1.x, S2);
+                SecP256K1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP256K1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP256K1Field.Multiply(S1, X1.x, U1);
+
+                SecP256K1Field.Multiply(S1, Z2.x, S1);
+                SecP256K1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat256.Create();
+            SecP256K1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP256K1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat256.IsZero(H))
+            {
+                if (Nat256.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP256K1Field.Square(H, HSquared);
+
+            uint[] G = Nat256.Create();
+            SecP256K1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP256K1Field.Multiply(HSquared, U1, V);
+
+            SecP256K1Field.Negate(G, G);
+            Nat256.Mul(S1, G, tt1);
+
+            c = Nat256.AddBothTo(V, V, G);
+            SecP256K1Field.Reduce32(c, G);
+
+            SecP256K1FieldElement X3 = new SecP256K1FieldElement(t4);
+            SecP256K1Field.Square(R, X3.x);
+            SecP256K1Field.Subtract(X3.x, G, X3.x);
+
+            SecP256K1FieldElement Y3 = new SecP256K1FieldElement(G);
+            SecP256K1Field.Subtract(V, X3.x, Y3.x);
+            SecP256K1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP256K1Field.Reduce(tt1, Y3.x);
+
+            SecP256K1FieldElement Z3 = new SecP256K1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP256K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP256K1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP256K1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP256K1FieldElement Y1 = (SecP256K1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.RawXCoord, Z1 = (SecP256K1FieldElement)this.RawZCoords[0];
+
+            uint c;
+
+            uint[] Y1Squared = Nat256.Create();
+            SecP256K1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat256.Create();
+            SecP256K1Field.Square(Y1Squared, T);
+
+            uint[] M = Nat256.Create();
+            SecP256K1Field.Square(X1.x, M);
+            c = Nat256.AddBothTo(M, M, M);
+            SecP256K1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP256K1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(8, S, 2, 0);
+            SecP256K1Field.Reduce32(c, S);
+
+            uint[] t1 = Nat256.Create();
+            c = Nat.ShiftUpBits(8, T, 3, 0, t1);
+            SecP256K1Field.Reduce32(c, t1);
+
+            SecP256K1FieldElement X3 = new SecP256K1FieldElement(T);
+            SecP256K1Field.Square(M, X3.x);
+            SecP256K1Field.Subtract(X3.x, S, X3.x);
+            SecP256K1Field.Subtract(X3.x, S, X3.x);
+
+            SecP256K1FieldElement Y3 = new SecP256K1FieldElement(S);
+            SecP256K1Field.Subtract(S, X3.x, Y3.x);
+            SecP256K1Field.Multiply(Y3.x, M, Y3.x);
+            SecP256K1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP256K1FieldElement Z3 = new SecP256K1FieldElement(M);
+            SecP256K1Field.Twice(Y1.x, Z3.x);
+            if (!Z1.IsOne)
+            {
+                SecP256K1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP256K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP256K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Curve.cs
new file mode 100644
index 0000000..6b3448f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Curve.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"));
+
+        private const int SecP256R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP256R1Point m_infinity;
+
+        public SecP256R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP256R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SecP256R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP256R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_JACOBIAN:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP256R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP256R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP256R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Field.cs
new file mode 100644
index 0000000..5b3de6d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Field.cs
@@ -0,0 +1,312 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256R1Field
+    {
+        // 2^256 - 2^224 + 2^192 + 2^96 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000,
+            0x00000001, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0x00000001, 0xFFFFFFFE,
+            0x00000002, 0xFFFFFFFE };
+        internal const uint P7 = 0xFFFFFFFF;
+        internal const uint PExt15 = 0xFFFFFFFE;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat256.Add(x, y, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(16, xx, yy, zz);
+            if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                Nat.SubFrom(16, PExt, zz);
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(8, x, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat256.FromBigInteger(x);
+            if (z[7] == P7 && Nat256.Gte(z, P))
+            {
+                Nat256.SubFrom(P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(8, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat256.Add(x, P, z);
+                Nat.ShiftDownBit(8, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz)
+        {
+            uint c = Nat256.MulAddTo(x, y, zz);
+            if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt)))
+            {
+                Nat.SubFrom(16, PExt, zz);
+            }
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat256.IsZero(x))
+            {
+                Nat256.Zero(z);
+            }
+            else
+            {
+                Nat256.Sub(P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            long xx08 = xx[8], xx09 = xx[9], xx10 = xx[10], xx11 = xx[11];
+            long xx12 = xx[12], xx13 = xx[13], xx14 = xx[14], xx15 = xx[15];
+
+            const long n = 6;
+
+            xx08 -= n;
+
+            long t0 = xx08 + xx09;
+            long t1 = xx09 + xx10;
+            long t2 = xx10 + xx11 - xx15;
+            long t3 = xx11 + xx12;
+            long t4 = xx12 + xx13;
+            long t5 = xx13 + xx14;
+            long t6 = xx14 + xx15;
+            long t7 = t5 - t0;
+
+            long cc = 0;
+            cc += (long)xx[0] - t3 - t7;
+            z[0] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[1] + t1 - t4 - t6;
+            z[1] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[2] + t2 - t5;
+            z[2] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[3] + (t3 << 1) + t7 - t6;
+            z[3] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[4] + (t4 << 1) + xx14 - t1;
+            z[4] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[5] + (t5 << 1) - t2;
+            z[5] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[6] + (t6 << 1) + t7;
+            z[6] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[7] + (xx15 << 1) + xx08 - t2 - t4;
+            z[7] = (uint)cc;
+            cc >>= 32;
+            cc += n;
+
+            Debug.Assert(cc >= 0);
+
+            Reduce32((uint)cc, z);
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            long cc = 0;
+
+            if (x != 0)
+            {
+                long xx08 = x;
+
+                cc += (long)z[0] + xx08;
+                z[0] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[1];
+                    z[1] = (uint)cc;
+                    cc >>= 32;
+                    cc += (long)z[2];
+                    z[2] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[3] - xx08;
+                z[3] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[4];
+                    z[4] = (uint)cc;
+                    cc >>= 32;
+                    cc += (long)z[5];
+                    z[5] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[6] - xx08;
+                z[6] = (uint)cc;
+                cc >>= 32;
+                cc += (long)z[7] + xx08;
+                z[7] = (uint)cc;
+                cc >>= 32;
+
+                Debug.Assert(cc == 0 || cc == 1);
+            }
+
+            if (cc != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat256.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat256.Sub(x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(16, xx, yy, zz);
+            if (c != 0)
+            {
+                Nat.AddTo(16, PExt, zz);
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(8, x, 0, z);
+            if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] - 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[4];
+                z[4] = (uint)c;
+                c >>= 32;
+                c += (long)z[5];
+                z[5] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[6] - 1;
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (long)z[7] + 1;
+            z[7] = (uint)c;
+            //c >>= 32;
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[1];
+                z[1] = (uint)c;
+                c >>= 32;
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] + 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[4];
+                z[4] = (uint)c;
+                c >>= 32;
+                c += (long)z[5];
+                z[5] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[6] + 1;
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (long)z[7] - 1;
+            z[7] = (uint)c;
+            //c >>= 32;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs
new file mode 100644
index 0000000..d7838ae
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs
@@ -0,0 +1,188 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP256R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP256R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP256R1FieldElement", "x");
+
+            this.x = SecP256R1Field.FromBigInteger(x);
+        }
+
+        public SecP256R1FieldElement()
+        {
+            this.x = Nat256.Create();
+        }
+
+        protected internal SecP256R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero(x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat256.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP256R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.Add(x, ((SecP256R1FieldElement)b).x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.AddOne(x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.Subtract(x, ((SecP256R1FieldElement)b).x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.Multiply(x, ((SecP256R1FieldElement)b).x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat256.Create();
+            Mod.Invert(SecP256R1Field.P, ((SecP256R1FieldElement)b).x, z);
+            SecP256R1Field.Multiply(z, x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.Negate(x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat256.Create();
+            SecP256R1Field.Square(x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP256R1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat256.Create();
+            Mod.Invert(SecP256R1Field.P, x, z);
+            return new SecP256R1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            // Raise this element to the exponent 2^254 - 2^222 + 2^190 + 2^94
+
+            uint[] x1 = this.x;
+            if (Nat256.IsZero(x1) || Nat256.IsOne(x1))
+                return this;
+
+            uint[] t1 = Nat256.Create();
+            uint[] t2 = Nat256.Create();
+
+            SecP256R1Field.Square(x1, t1);
+            SecP256R1Field.Multiply(t1, x1, t1);
+
+            SecP256R1Field.SquareN(t1, 2, t2);
+            SecP256R1Field.Multiply(t2, t1, t2);
+
+            SecP256R1Field.SquareN(t2, 4, t1);
+            SecP256R1Field.Multiply(t1, t2, t1);
+
+            SecP256R1Field.SquareN(t1, 8, t2);
+            SecP256R1Field.Multiply(t2, t1, t2);
+
+            SecP256R1Field.SquareN(t2, 16, t1);
+            SecP256R1Field.Multiply(t1, t2, t1);
+
+            SecP256R1Field.SquareN(t1, 32, t1);
+            SecP256R1Field.Multiply(t1, x1, t1);
+
+            SecP256R1Field.SquareN(t1, 96, t1);
+            SecP256R1Field.Multiply(t1, x1, t1);
+
+            SecP256R1Field.SquareN(t1, 94, t1);
+            SecP256R1Field.Multiply(t1, t1, t2);
+
+            return Nat256.Eq(x1, t2) ? new SecP256R1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP256R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP256R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP256R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Point.cs
new file mode 100644
index 0000000..8332082
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP256R1Point.cs
@@ -0,0 +1,279 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP256R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP256R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.RawXCoord, Y1 = (SecP256R1FieldElement)this.RawYCoord;
+            SecP256R1FieldElement X2 = (SecP256R1FieldElement)b.RawXCoord, Y2 = (SecP256R1FieldElement)b.RawYCoord;
+
+            SecP256R1FieldElement Z1 = (SecP256R1FieldElement)this.RawZCoords[0];
+            SecP256R1FieldElement Z2 = (SecP256R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat256.CreateExt();
+            uint[] t2 = Nat256.Create();
+            uint[] t3 = Nat256.Create();
+            uint[] t4 = Nat256.Create();
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP256R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP256R1Field.Multiply(S2, X2.x, U2);
+
+                SecP256R1Field.Multiply(S2, Z1.x, S2);
+                SecP256R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP256R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP256R1Field.Multiply(S1, X1.x, U1);
+
+                SecP256R1Field.Multiply(S1, Z2.x, S1);
+                SecP256R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat256.Create();
+            SecP256R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP256R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat256.IsZero(H))
+            {
+                if (Nat256.IsZero(R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP256R1Field.Square(H, HSquared);
+
+            uint[] G = Nat256.Create();
+            SecP256R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP256R1Field.Multiply(HSquared, U1, V);
+
+            SecP256R1Field.Negate(G, G);
+            Nat256.Mul(S1, G, tt1);
+
+            c = Nat256.AddBothTo(V, V, G);
+            SecP256R1Field.Reduce32(c, G);
+
+            SecP256R1FieldElement X3 = new SecP256R1FieldElement(t4);
+            SecP256R1Field.Square(R, X3.x);
+            SecP256R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP256R1FieldElement Y3 = new SecP256R1FieldElement(G);
+            SecP256R1Field.Subtract(V, X3.x, Y3.x);
+            SecP256R1Field.MultiplyAddToExt(Y3.x, R, tt1);
+            SecP256R1Field.Reduce(tt1, Y3.x);
+
+            SecP256R1FieldElement Z3 = new SecP256R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP256R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP256R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+            return new SecP256R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP256R1FieldElement Y1 = (SecP256R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.RawXCoord, Z1 = (SecP256R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat256.Create();
+            uint[] t2 = Nat256.Create();
+
+            uint[] Y1Squared = Nat256.Create();
+            SecP256R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat256.Create();
+            SecP256R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP256R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP256R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP256R1Field.Add(X1.x, Z1Squared, M);
+            SecP256R1Field.Multiply(M, t1, M);
+            c = Nat256.AddBothTo(M, M, M);
+            SecP256R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP256R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(8, S, 2, 0);
+            SecP256R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(8, T, 3, 0, t1);
+            SecP256R1Field.Reduce32(c, t1);
+
+            SecP256R1FieldElement X3 = new SecP256R1FieldElement(T);
+            SecP256R1Field.Square(M, X3.x);
+            SecP256R1Field.Subtract(X3.x, S, X3.x);
+            SecP256R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP256R1FieldElement Y3 = new SecP256R1FieldElement(S);
+            SecP256R1Field.Subtract(S, X3.x, Y3.x);
+            SecP256R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP256R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP256R1FieldElement Z3 = new SecP256R1FieldElement(M);
+            SecP256R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP256R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP256R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP256R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Curve.cs
new file mode 100644
index 0000000..7fd5827
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Curve.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP384R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"));
+
+        private const int SecP384R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP384R1Point m_infinity;
+
+        public SecP384R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP384R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")));
+            this.m_order = new BigInteger(1, Hex.Decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SecP384R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP384R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_JACOBIAN:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP384R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP384R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP384R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Field.cs
new file mode 100644
index 0000000..0780df3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Field.cs
@@ -0,0 +1,295 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP384R1Field
+    {
+            // 2^384 - 2^128 - 2^96 + 2^32 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        internal static readonly uint[] PExt = new uint[]{ 0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, 0xFFFFFFFE,
+            0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFFFE, 0x00000001, 0x00000000,
+            0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+        private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0x00000001, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0x00000001,
+            0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, 0xFFFFFFFE, 0xFFFFFFFF,
+            0x00000001, 0x00000002 };
+        private const uint P11 = 0xFFFFFFFF;
+        private const uint PExt23 = 0xFFFFFFFF;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat.Add(12, x, y, z);
+            if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void AddExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            uint c = Nat.Add(24, xx, yy, zz);
+            if (c != 0 || (zz[23] == PExt23 && Nat.Gte(24, zz, PExt)))
+            {
+                if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.IncAt(24, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(12, x, z);
+            if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat.FromBigInteger(384, x);
+            if (z[11] == P11 && Nat.Gte(12, z, P))
+            {
+                Nat.SubFrom(12, P, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            if ((x[0] & 1) == 0)
+            {
+                Nat.ShiftDownBit(12, x, 0, z);
+            }
+            else
+            {
+                uint c = Nat.Add(12, x, P, z);
+                Nat.ShiftDownBit(12, z, c);
+            }
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat.Create(24);
+            Nat384.Mul(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat.IsZero(12, x))
+            {
+                Nat.Zero(12, z);
+            }
+            else
+            {
+                Nat.Sub(12, P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            long xx16 = xx[16], xx17 = xx[17], xx18 = xx[18], xx19 = xx[19];
+            long xx20 = xx[20], xx21 = xx[21], xx22 = xx[22], xx23 = xx[23];
+
+            const long n = 1;
+
+            long t0 = (long)xx[12] + xx20 - n;
+            long t1 = (long)xx[13] + xx22;
+            long t2 = (long)xx[14] + xx22 + xx23;
+            long t3 = (long)xx[15] + xx23;
+            long t4 = xx17 + xx21;
+            long t5 = xx21 - xx23;
+            long t6 = xx22 - xx23;
+            long t7 = t0 + t5;
+
+            long cc = 0;
+            cc += (long)xx[0] + t7;
+            z[0] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[1] + xx23 - t0 + t1;
+            z[1] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[2] - xx21 - t1 + t2;
+            z[2] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[3] - t2 + t3 + t7;
+            z[3] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[4] + xx16 + xx21 + t1 - t3 + t7;
+            z[4] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[5] - xx16 + t1 + t2 + t4;
+            z[5] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[6] + xx18 - xx17 + t2 + t3;
+            z[6] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[7] + xx16 + xx19 - xx18 + t3;
+            z[7] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[8] + xx16 + xx17 + xx20 - xx19;
+            z[8] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[9] + xx18 - xx20 + t4;
+            z[9] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[10] + xx18 + xx19 - t5 + t6;
+            z[10] = (uint)cc;
+            cc >>= 32;
+            cc += (long)xx[11] + xx19 + xx20 - t6;
+            z[11] = (uint)cc;
+            cc >>= 32;
+            cc += n;
+
+            Debug.Assert(cc >= 0);
+
+            Reduce32((uint)cc, z);
+        }
+
+        public static void Reduce32(uint x, uint[] z)
+        {
+            long cc = 0;
+
+            if (x != 0)
+            {
+                long xx12 = x;
+
+                cc += (long)z[0] + xx12;
+                z[0] = (uint)cc;
+                cc >>= 32;
+                cc += (long)z[1] - xx12;
+                z[1] = (uint)cc;
+                cc >>= 32;
+                if (cc != 0)
+                {
+                    cc += (long)z[2];
+                    z[2] = (uint)cc;
+                    cc >>= 32;
+                }
+                cc += (long)z[3] + xx12;
+                z[3] = (uint)cc;
+                cc >>= 32;
+                cc += (long)z[4] + xx12;
+                z[4] = (uint)cc;
+                cc >>= 32;
+
+                Debug.Assert(cc == 0 || cc == 1);
+            }
+
+            if ((cc != 0 && Nat.IncAt(12, z, 5) != 0)
+                || (z[11] == P11 && Nat.Gte(12, z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat.Create(24);
+            Nat384.Square(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+
+            uint[] tt = Nat.Create(24);
+            Nat384.Square(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                Nat384.Square(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat.Sub(12, x, y, z);
+            if (c != 0)
+            {
+                SubPInvFrom(z);
+            }
+        }
+
+        public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz)
+        {
+            int c = Nat.Sub(24, xx, yy, zz);
+            if (c != 0)
+            {
+                if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0)
+                {
+                    Nat.DecAt(24, zz, PExtInv.Length);
+                }
+            }
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint c = Nat.ShiftUpBit(12, x, 0, z);
+            if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P)))
+            {
+                AddPInvTo(z);
+            }
+        }
+
+        private static void AddPInvTo(uint[] z)
+        {
+            long c = (long)z[0] + 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - 1;
+            z[1] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] + 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] + 1;
+            z[4] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.IncAt(12, z, 5);
+            }
+        }
+
+        private static void SubPInvFrom(uint[] z)
+        {
+            long c = (long)z[0] - 1;
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] + 1;
+            z[1] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                c += (long)z[2];
+                z[2] = (uint)c;
+                c >>= 32;
+            }
+            c += (long)z[3] - 1;
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - 1;
+            z[4] = (uint)c;
+            c >>= 32;
+            if (c != 0)
+            {
+                Nat.DecAt(12, z, 5);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs
new file mode 100644
index 0000000..18d48a5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs
@@ -0,0 +1,210 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP384R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP384R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP384R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP384R1FieldElement", "x");
+
+            this.x = SecP384R1Field.FromBigInteger(x);
+        }
+
+        public SecP384R1FieldElement()
+        {
+            this.x = Nat.Create(12);
+        }
+
+        protected internal SecP384R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat.IsZero(12, x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat.IsOne(12, x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat.ToBigInteger(12, x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP384R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.Add(x, ((SecP384R1FieldElement)b).x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.AddOne(x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.Subtract(x, ((SecP384R1FieldElement)b).x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.Multiply(x, ((SecP384R1FieldElement)b).x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat.Create(12);
+            Mod.Invert(SecP384R1Field.P, ((SecP384R1FieldElement)b).x, z);
+            SecP384R1Field.Multiply(z, x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.Negate(x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat.Create(12);
+            SecP384R1Field.Square(x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP384R1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat.Create(12);
+            Mod.Invert(SecP384R1Field.P, x, z);
+            return new SecP384R1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            // Raise this element to the exponent 2^382 - 2^126 - 2^94 + 2^30
+
+            uint[] x1 = this.x;
+            if (Nat.IsZero(12, x1) || Nat.IsOne(12, x1))
+                return this;
+
+            uint[] t1 = Nat.Create(12);
+            uint[] t2 = Nat.Create(12);
+            uint[] t3 = Nat.Create(12);
+            uint[] t4 = Nat.Create(12);
+
+            SecP384R1Field.Square(x1, t1);
+            SecP384R1Field.Multiply(t1, x1, t1);
+
+            SecP384R1Field.SquareN(t1, 2, t2);
+            SecP384R1Field.Multiply(t2, t1, t2);
+
+            SecP384R1Field.Square(t2, t2);
+            SecP384R1Field.Multiply(t2, x1, t2);
+
+            SecP384R1Field.SquareN(t2, 5, t3);
+            SecP384R1Field.Multiply(t3, t2, t3);
+
+            SecP384R1Field.SquareN(t3, 5, t4);
+            SecP384R1Field.Multiply(t4, t2, t4);
+
+            SecP384R1Field.SquareN(t4, 15, t2);
+            SecP384R1Field.Multiply(t2, t4, t2);
+
+            SecP384R1Field.SquareN(t2, 2, t3);
+            SecP384R1Field.Multiply(t1, t3, t1);
+
+            SecP384R1Field.SquareN(t3, 28, t3);
+            SecP384R1Field.Multiply(t2, t3, t2);
+
+            SecP384R1Field.SquareN(t2, 60, t3);
+            SecP384R1Field.Multiply(t3, t2, t3);
+
+            uint[] r = t2;
+
+            SecP384R1Field.SquareN(t3, 120, r);
+            SecP384R1Field.Multiply(r, t3, r);
+
+            SecP384R1Field.SquareN(r, 15, r);
+            SecP384R1Field.Multiply(r, t4, r);
+
+            SecP384R1Field.SquareN(r, 33, r);
+            SecP384R1Field.Multiply(r, t1, r);
+
+            SecP384R1Field.SquareN(r, 64, r);
+            SecP384R1Field.Multiply(r, x1, r);
+
+            SecP384R1Field.SquareN(r, 30, t1);
+            SecP384R1Field.Square(t1, t2);
+
+            return Nat.Eq(12, x1, t2) ? new SecP384R1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP384R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP384R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP384R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat.Eq(12, x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 12);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Point.cs
new file mode 100644
index 0000000..83159ce
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP384R1Point.cs
@@ -0,0 +1,280 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP384R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP384R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.RawXCoord, Y1 = (SecP384R1FieldElement)this.RawYCoord;
+            SecP384R1FieldElement X2 = (SecP384R1FieldElement)b.RawXCoord, Y2 = (SecP384R1FieldElement)b.RawYCoord;
+
+            SecP384R1FieldElement Z1 = (SecP384R1FieldElement)this.RawZCoords[0];
+            SecP384R1FieldElement Z2 = (SecP384R1FieldElement)b.RawZCoords[0];
+
+            uint c;
+            uint[] tt1 = Nat.Create(24);
+            uint[] tt2 = Nat.Create(24);
+            uint[] t3 = Nat.Create(12);
+            uint[] t4 = Nat.Create(12);
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP384R1Field.Square(Z1.x, S2);
+
+                U2 = tt2;
+                SecP384R1Field.Multiply(S2, X2.x, U2);
+
+                SecP384R1Field.Multiply(S2, Z1.x, S2);
+                SecP384R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP384R1Field.Square(Z2.x, S1);
+
+                U1 = tt1;
+                SecP384R1Field.Multiply(S1, X1.x, U1);
+
+                SecP384R1Field.Multiply(S1, Z2.x, S1);
+                SecP384R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat.Create(12);
+            SecP384R1Field.Subtract(U1, U2, H);
+
+            uint[] R = Nat.Create(12);
+            SecP384R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat.IsZero(12, H))
+            {
+                if (Nat.IsZero(12, R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP384R1Field.Square(H, HSquared);
+
+            uint[] G = Nat.Create(12);
+            SecP384R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP384R1Field.Multiply(HSquared, U1, V);
+
+            SecP384R1Field.Negate(G, G);
+            Nat384.Mul(S1, G, tt1);
+
+            c = Nat.AddBothTo(12, V, V, G);
+            SecP384R1Field.Reduce32(c, G);
+
+            SecP384R1FieldElement X3 = new SecP384R1FieldElement(t4);
+            SecP384R1Field.Square(R, X3.x);
+            SecP384R1Field.Subtract(X3.x, G, X3.x);
+
+            SecP384R1FieldElement Y3 = new SecP384R1FieldElement(G);
+            SecP384R1Field.Subtract(V, X3.x, Y3.x);
+            Nat384.Mul(Y3.x, R, tt2);
+            SecP384R1Field.AddExt(tt1, tt2, tt1);
+            SecP384R1Field.Reduce(tt1, Y3.x);
+
+            SecP384R1FieldElement Z3 = new SecP384R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP384R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP384R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP384R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP384R1FieldElement Y1 = (SecP384R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.RawXCoord, Z1 = (SecP384R1FieldElement)this.RawZCoords[0];
+
+            uint c;
+            uint[] t1 = Nat.Create(12);
+            uint[] t2 = Nat.Create(12);
+
+            uint[] Y1Squared = Nat.Create(12);
+            SecP384R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat.Create(12);
+            SecP384R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP384R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP384R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP384R1Field.Add(X1.x, Z1Squared, M);
+            SecP384R1Field.Multiply(M, t1, M);
+            c = Nat.AddBothTo(12, M, M, M);
+            SecP384R1Field.Reduce32(c, M);
+
+            uint[] S = Y1Squared;
+            SecP384R1Field.Multiply(Y1Squared, X1.x, S);
+            c = Nat.ShiftUpBits(12, S, 2, 0);
+            SecP384R1Field.Reduce32(c, S);
+
+            c = Nat.ShiftUpBits(12, T, 3, 0, t1);
+            SecP384R1Field.Reduce32(c, t1);
+
+            SecP384R1FieldElement X3 = new SecP384R1FieldElement(T);
+            SecP384R1Field.Square(M, X3.x);
+            SecP384R1Field.Subtract(X3.x, S, X3.x);
+            SecP384R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP384R1FieldElement Y3 = new SecP384R1FieldElement(S);
+            SecP384R1Field.Subtract(S, X3.x, Y3.x);
+            SecP384R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP384R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP384R1FieldElement Z3 = new SecP384R1FieldElement(M);
+            SecP384R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP384R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP384R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP384R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Curve.cs
new file mode 100644
index 0000000..e5083c7
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Curve.cs
@@ -0,0 +1,77 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP521R1Curve
+        : AbstractFpCurve
+    {
+        public static readonly BigInteger q = new BigInteger(1,
+            Hex.Decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"));
+
+        private const int SecP521R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+        protected readonly SecP521R1Point m_infinity;
+
+        public SecP521R1Curve()
+            : base(q)
+        {
+            this.m_infinity = new SecP521R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1,
+                Hex.Decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC")));
+            this.m_b = FromBigInteger(new BigInteger(1,
+                Hex.Decode("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00")));
+            this.m_order = new BigInteger(1, Hex.Decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"));
+            this.m_cofactor = BigInteger.One;
+            this.m_coord = SecP521R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecP521R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_JACOBIAN:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public virtual BigInteger Q
+        {
+            get { return q; }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return q.BitLength; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecP521R1FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecP521R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecP521R1Point(this, x, y, zs, withCompression);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Field.cs
new file mode 100644
index 0000000..b7f8eb1
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Field.cs
@@ -0,0 +1,155 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP521R1Field
+    {
+        // 2^521 - 1
+        internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+            0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x1FF };
+        private const int P16 = 0x1FF;
+
+        public static void Add(uint[] x, uint[] y, uint[] z)
+        {
+            uint c = Nat.Add(16, x, y, z) + x[16] + y[16];
+            if (c > P16 || (c == P16 && Nat.Eq(16, z, P)))
+            {
+                c += Nat.Inc(16, z);
+                c &= P16;
+            }
+            z[16] = c;
+        }
+
+        public static void AddOne(uint[] x, uint[] z)
+        {
+            uint c = Nat.Inc(16, x, z) + x[16];
+            if (c > P16 || (c == P16 && Nat.Eq(16, z, P)))
+            {
+                c += Nat.Inc(16, z);
+                c &= P16;
+            }
+            z[16] = c;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            uint[] z = Nat.FromBigInteger(521, x);
+            if (Nat.Eq(17, z, P))
+            {
+                Nat.Zero(17, z);
+            }
+            return z;
+        }
+
+        public static void Half(uint[] x, uint[] z)
+        {
+            uint x16 = x[16];
+            uint c = Nat.ShiftDownBit(16, x, x16, z);
+            z[16] = (x16 >> 1) | (c >> 23);
+        }
+
+        public static void Multiply(uint[] x, uint[] y, uint[] z)
+        {
+            uint[] tt = Nat.Create(33);
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void Negate(uint[] x, uint[] z)
+        {
+            if (Nat.IsZero(17, x))
+            {
+                Nat.Zero(17, z);
+            }
+            else
+            {
+                Nat.Sub(17, P, x, z);
+            }
+        }
+
+        public static void Reduce(uint[] xx, uint[] z)
+        {
+            Debug.Assert(xx[32] >> 18 == 0);
+            uint xx32 = xx[32];
+            uint c = Nat.ShiftDownBits(16, xx, 16, 9, xx32, z, 0) >> 23;
+            c += xx32 >> 9;
+            c += Nat.AddTo(16, xx, z);
+            if (c > P16 || (c == P16 && Nat.Eq(16, z, P)))
+            {
+                c += Nat.Inc(16, z);
+                c &= P16;
+            }
+            z[16] = c;
+        }
+
+        public static void Reduce23(uint[] z)
+        {
+            uint z16 = z[16];
+            uint c = Nat.AddWordTo(16, z16 >> 9, z) + (z16 & P16);
+            if (c > P16 || (c == P16 && Nat.Eq(16, z, P)))
+            {
+                c += Nat.Inc(16, z);
+                c &= P16;
+            }
+            z[16] = c;
+        }
+
+        public static void Square(uint[] x, uint[] z)
+        {
+            uint[] tt = Nat.Create(33);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareN(uint[] x, int n, uint[] z)
+        {
+            Debug.Assert(n > 0);
+            uint[] tt = Nat.Create(33);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static void Subtract(uint[] x, uint[] y, uint[] z)
+        {
+            int c = Nat.Sub(16, x, y, z) + (int)(x[16] - y[16]);
+            if (c < 0)
+            {
+                c += Nat.Dec(16, z);
+                c &= P16;
+            }
+            z[16] = (uint)c;
+        }
+
+        public static void Twice(uint[] x, uint[] z)
+        {
+            uint x16 = x[16];
+            uint c = Nat.ShiftUpBit(16, x, x16 << 23, z) | (x16 << 1);
+            z[16] = c & P16;
+        }
+
+        protected static void ImplMultiply(uint[] x, uint[] y, uint[] zz)
+        {
+            Nat512.Mul(x, y, zz);
+
+            uint x16 = x[16], y16 = y[16];
+            zz[32] = Nat.Mul31BothAdd(16, x16, y, y16, x, zz, 16) + (x16 * y16);
+        }
+
+        protected static void ImplSquare(uint[] x, uint[] zz)
+        {
+            Nat512.Square(x, zz);
+
+            uint x16 = x[16];
+            zz[32] = Nat.MulWordAddTo(16, x16 << 1, x, 0, zz, 16) + (x16 * x16);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs
new file mode 100644
index 0000000..6f02a7e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs
@@ -0,0 +1,167 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP521R1FieldElement
+        : ECFieldElement
+    {
+        public static readonly BigInteger Q = SecP521R1Curve.q;
+
+        protected internal readonly uint[] x;
+
+        public SecP521R1FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0)
+                throw new ArgumentException("value invalid for SecP521R1FieldElement", "x");
+
+            this.x = SecP521R1Field.FromBigInteger(x);
+        }
+
+        public SecP521R1FieldElement()
+        {
+            this.x = Nat.Create(17);
+        }
+
+        protected internal SecP521R1FieldElement(uint[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat.IsZero(17, x); }
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat.IsOne(17, x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return Nat.GetBit(x, 0) == 1;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat.ToBigInteger(17, x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecP521R1Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return Q.BitLength; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.Add(x, ((SecP521R1FieldElement)b).x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.AddOne(x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.Subtract(x, ((SecP521R1FieldElement)b).x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.Multiply(x, ((SecP521R1FieldElement)b).x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            //return Multiply(b.Invert());
+            uint[] z = Nat.Create(17);
+            Mod.Invert(SecP521R1Field.P, ((SecP521R1FieldElement)b).x, z);
+            SecP521R1Field.Multiply(z, x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Negate()
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.Negate(x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Square()
+        {
+            uint[] z = Nat.Create(17);
+            SecP521R1Field.Square(x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            //return new SecP521R1FieldElement(ToBigInteger().ModInverse(Q));
+            uint[] z = Nat.Create(17);
+            Mod.Invert(SecP521R1Field.P, x, z);
+            return new SecP521R1FieldElement(z);
+        }
+
+        /**
+         * return a sqrt root - the routine verifies that the calculation returns the right value - if
+         * none exists it returns null.
+         */
+        public override ECFieldElement Sqrt()
+        {
+            // Raise this element to the exponent 2^519
+
+            uint[] x1 = this.x;
+            if (Nat.IsZero(17, x1) || Nat.IsOne(17, x1))
+                return this;
+
+            uint[] t1 = Nat.Create(17);
+            uint[] t2 = Nat.Create(17);
+
+            SecP521R1Field.SquareN(x1, 519, t1);
+            SecP521R1Field.Square(t1, t2);
+
+            return Nat.Eq(17, x1, t2) ? new SecP521R1FieldElement(t1) : null;
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecP521R1FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecP521R1FieldElement);
+        }
+
+        public virtual bool Equals(SecP521R1FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat.Eq(17, x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 17);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Point.cs
new file mode 100644
index 0000000..7ad97f7
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecP521R1Point.cs
@@ -0,0 +1,275 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecP521R1Point
+        : AbstractFpPoint
+    {
+        /**
+         * Create a point which encodes with point compression.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * 
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * Create a point that encodes with or without point compresion.
+         * 
+         * @param curve
+         *            the curve to use
+         * @param x
+         *            affine x co-ordinate
+         * @param y
+         *            affine y co-ordinate
+         * @param withCompression
+         *            if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer
+         *             {@link #getEncoded(bool)}
+         */
+        public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecP521R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+            if (this == b)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.RawXCoord, Y1 = (SecP521R1FieldElement)this.RawYCoord;
+            SecP521R1FieldElement X2 = (SecP521R1FieldElement)b.RawXCoord, Y2 = (SecP521R1FieldElement)b.RawYCoord;
+
+            SecP521R1FieldElement Z1 = (SecP521R1FieldElement)this.RawZCoords[0];
+            SecP521R1FieldElement Z2 = (SecP521R1FieldElement)b.RawZCoords[0];
+
+            uint[] t1 = Nat.Create(17);
+            uint[] t2 = Nat.Create(17);
+            uint[] t3 = Nat.Create(17);
+            uint[] t4 = Nat.Create(17);
+
+            bool Z1IsOne = Z1.IsOne;
+            uint[] U2, S2;
+            if (Z1IsOne)
+            {
+                U2 = X2.x;
+                S2 = Y2.x;
+            }
+            else
+            {
+                S2 = t3;
+                SecP521R1Field.Square(Z1.x, S2);
+
+                U2 = t2;
+                SecP521R1Field.Multiply(S2, X2.x, U2);
+
+                SecP521R1Field.Multiply(S2, Z1.x, S2);
+                SecP521R1Field.Multiply(S2, Y2.x, S2);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            uint[] U1, S1;
+            if (Z2IsOne)
+            {
+                U1 = X1.x;
+                S1 = Y1.x;
+            }
+            else
+            {
+                S1 = t4;
+                SecP521R1Field.Square(Z2.x, S1);
+
+                U1 = t1;
+                SecP521R1Field.Multiply(S1, X1.x, U1);
+
+                SecP521R1Field.Multiply(S1, Z2.x, S1);
+                SecP521R1Field.Multiply(S1, Y1.x, S1);
+            }
+
+            uint[] H = Nat.Create(17);
+            SecP521R1Field.Subtract(U1, U2, H);
+
+            uint[] R = t2;
+            SecP521R1Field.Subtract(S1, S2, R);
+
+            // Check if b == this or b == -this
+            if (Nat.IsZero(17, H))
+            {
+                if (Nat.IsZero(17, R))
+                {
+                    // this == b, i.e. this must be doubled
+                    return this.Twice();
+                }
+
+                // this == -b, i.e. the result is the point at infinity
+                return curve.Infinity;
+            }
+
+            uint[] HSquared = t3;
+            SecP521R1Field.Square(H, HSquared);
+
+            uint[] G = Nat.Create(17);
+            SecP521R1Field.Multiply(HSquared, H, G);
+
+            uint[] V = t3;
+            SecP521R1Field.Multiply(HSquared, U1, V);
+
+            SecP521R1Field.Multiply(S1, G, t1);
+
+            SecP521R1FieldElement X3 = new SecP521R1FieldElement(t4);
+            SecP521R1Field.Square(R, X3.x);
+            SecP521R1Field.Add(X3.x, G, X3.x);
+            SecP521R1Field.Subtract(X3.x, V, X3.x);
+            SecP521R1Field.Subtract(X3.x, V, X3.x);
+
+            SecP521R1FieldElement Y3 = new SecP521R1FieldElement(G);
+            SecP521R1Field.Subtract(V, X3.x, Y3.x);
+            SecP521R1Field.Multiply(Y3.x, R, t2);
+            SecP521R1Field.Subtract(t2, t1, Y3.x);
+
+            SecP521R1FieldElement Z3 = new SecP521R1FieldElement(H);
+            if (!Z1IsOne)
+            {
+                SecP521R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+            if (!Z2IsOne)
+            {
+                SecP521R1Field.Multiply(Z3.x, Z2.x, Z3.x);
+            }
+
+            ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+            return new SecP521R1Point(curve, X3, Y3, zs, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            SecP521R1FieldElement Y1 = (SecP521R1FieldElement)this.RawYCoord;
+            if (Y1.IsZero)
+                return curve.Infinity;
+
+            SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.RawXCoord, Z1 = (SecP521R1FieldElement)this.RawZCoords[0];
+
+            uint[] t1 = Nat.Create(17);
+            uint[] t2 = Nat.Create(17);
+
+            uint[] Y1Squared = Nat.Create(17);
+            SecP521R1Field.Square(Y1.x, Y1Squared);
+
+            uint[] T = Nat.Create(17);
+            SecP521R1Field.Square(Y1Squared, T);
+
+            bool Z1IsOne = Z1.IsOne;
+
+            uint[] Z1Squared = Z1.x;
+            if (!Z1IsOne)
+            {
+                Z1Squared = t2;
+                SecP521R1Field.Square(Z1.x, Z1Squared);
+            }
+
+            SecP521R1Field.Subtract(X1.x, Z1Squared, t1);
+
+            uint[] M = t2;
+            SecP521R1Field.Add(X1.x, Z1Squared, M);
+            SecP521R1Field.Multiply(M, t1, M);
+            Nat.AddBothTo(17, M, M, M);
+            SecP521R1Field.Reduce23(M);
+
+            uint[] S = Y1Squared;
+            SecP521R1Field.Multiply(Y1Squared, X1.x, S);
+            Nat.ShiftUpBits(17, S, 2, 0);
+            SecP521R1Field.Reduce23(S);
+
+            Nat.ShiftUpBits(17, T, 3, 0, t1);
+            SecP521R1Field.Reduce23(t1);
+
+            SecP521R1FieldElement X3 = new SecP521R1FieldElement(T);
+            SecP521R1Field.Square(M, X3.x);
+            SecP521R1Field.Subtract(X3.x, S, X3.x);
+            SecP521R1Field.Subtract(X3.x, S, X3.x);
+
+            SecP521R1FieldElement Y3 = new SecP521R1FieldElement(S);
+            SecP521R1Field.Subtract(S, X3.x, Y3.x);
+            SecP521R1Field.Multiply(Y3.x, M, Y3.x);
+            SecP521R1Field.Subtract(Y3.x, t1, Y3.x);
+
+            SecP521R1FieldElement Z3 = new SecP521R1FieldElement(M);
+            SecP521R1Field.Twice(Y1.x, Z3.x);
+            if (!Z1IsOne)
+            {
+                SecP521R1Field.Multiply(Z3.x, Z1.x, Z3.x);
+            }
+
+            return new SecP521R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this == b)
+                return ThreeTimes();
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECFieldElement Y1 = this.RawYCoord;
+            if (Y1.IsZero)
+                return b;
+
+            return Twice().Add(b);
+        }
+
+        public override ECPoint ThreeTimes()
+        {
+            if (this.IsInfinity || this.RawYCoord.IsZero)
+                return this;
+
+            // NOTE: Be careful about recursions between TwicePlus and ThreeTimes
+            return Twice().Add(this);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            return new SecP521R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113Field.cs
new file mode 100644
index 0000000..49773b6
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113Field.cs
@@ -0,0 +1,225 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113Field
+    {
+        private const ulong M49 = ulong.MaxValue >> 15;
+        private const ulong M57 = ulong.MaxValue >> 7;
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat128.FromBigInteger64(x);
+            Reduce15(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat128.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion
+
+            ulong[] t0 = Nat128.Create64();
+            ulong[] t1 = Nat128.Create64();
+
+            Square(x, t0);
+            Multiply(t0, x, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 3, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 7, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 14, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 28, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 56, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat128.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat128.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
+
+            x1 ^= (x3 << 15) ^ (x3 << 24);
+            x2 ^= (x3 >> 49) ^ (x3 >> 40);
+
+            x0 ^= (x2 << 15) ^ (x2 << 24);
+            x1 ^= (x2 >> 49) ^ (x2 >> 40);
+
+            ulong t = x1 >> 49;
+            z[0]    = x0 ^ t ^ (t << 9);
+            z[1]    = x1 & M49;
+        }
+
+        public static void Reduce15(ulong[] z, int zOff)
+        {
+            ulong z1     = z[zOff + 1], t = z1 >> 49;
+            z[zOff    ] ^= t ^ (t << 9);
+            z[zOff + 1]  = z1 & M49;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong u0 = Interleave.Unshuffle(x[0]), u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c0  = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            z[0] = e0 ^ (c0 << 57) ^ (c0 <<  5);
+            z[1] =      (c0 >>  7) ^ (c0 >> 59); 
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat128.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat128.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat128.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0
+            return (uint)(x[0]) & 1U;
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong f0 = x[0], f1 = x[1];
+            f1  = ((f0 >> 57) ^ (f1 << 7)) & M57;
+            f0 &= M57;
+
+            ulong g0 = y[0], g1 = y[1];
+            g1  = ((g0 >> 57) ^ (g1 << 7)) & M57;
+            g0 &= M57;
+
+            ulong[] H = new ulong[6];
+
+            ImplMulw(f0, g0, H, 0);               // H(0)       57/56 bits                                
+            ImplMulw(f1, g1, H, 2);               // H(INF)     57/54 bits                                
+            ImplMulw(f0 ^ f1, g0 ^ g1, H, 4);     // H(1)       57/56 bits
+
+            ulong r  = H[1] ^ H[2];
+            ulong z0 = H[0],
+                  z3 = H[3],
+                  z1 = H[4] ^ z0 ^ r,
+                  z2 = H[5] ^ z3 ^ r;
+
+            zz[0] =  z0        ^ (z1 << 57);
+            zz[1] = (z1 >>  7) ^ (z2 << 50);
+            zz[2] = (z2 >> 14) ^ (z3 << 43);
+            zz[3] = (z3 >> 21);
+        }
+
+        protected static void ImplMulw(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 57 == 0);
+            Debug.Assert(y >> 57 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^ y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^ y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^ y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7];
+            int k = 48;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3
+                   ^ u[(j >> 6) & 7] << 6;
+                l ^= (g << k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 9) > 0);
+
+            h ^= ((x & 0x0100804020100800UL) & (ulong)(((long)y << 7) >> 63)) >> 8;
+
+            Debug.Assert(h >> 49 == 0);
+
+            z[zOff    ] = l & M57;
+            z[zOff + 1] = (l >> 57) ^ (h << 7);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113FieldElement.cs
new file mode 100644
index 0000000..9ba25d9
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113FieldElement
+        : ECFieldElement
+    {
+        protected internal readonly ulong[] x;
+
+        public SecT113FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 113)
+                throw new ArgumentException("value invalid for SecT113FieldElement", "x");
+
+            this.x = SecT113Field.FromBigInteger(x);
+        }
+
+        public SecT113FieldElement()
+        {
+            this.x = Nat128.Create64();
+        }
+
+        protected internal SecT113FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat128.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat128.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1L) != 0L;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat128.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT113Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 113; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Add(x, ((SecT113FieldElement)b).x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.AddOne(x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and Subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Multiply(x, ((SecT113FieldElement)b).x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT113FieldElement)b).x;
+            ulong[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x;
+
+            ulong[] tt = Nat128.CreateExt64();
+            SecT113Field.MultiplyAddToExt(ax, bx, tt);
+            SecT113Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Reduce(tt, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Square(x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x;
+
+            ulong[] tt = Nat128.CreateExt64();
+            SecT113Field.SquareAddToExt(ax, tt);
+            SecT113Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Reduce(tt, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat128.Create64();
+            SecT113Field.SquareN(x, pow, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Invert(x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat128.Create64();
+            SecT113Field.Sqrt(x, z);
+            return new SecT113FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Tpb; }
+        }
+
+        public virtual int M
+        {
+            get { return 113; }
+        }
+
+        public virtual int K1
+        {
+            get { return 9; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT113FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT113FieldElement);
+        }
+
+        public virtual bool Equals(SecT113FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat128.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 113009 ^ Arrays.GetHashCode(x, 0, 2);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Curve.cs
new file mode 100644
index 0000000..2705c94
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT113R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT113R1Point m_infinity;
+
+        public SecT113R1Curve()
+            : base(113, 9, 0, 0)
+        {
+            this.m_infinity = new SecT113R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("003088250CA6E7C7FE649CE85820F7")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("00E8BEE4D3E2260744188BE0E9C723")));
+            this.m_order = new BigInteger(1, Hex.Decode("0100000000000000D9CCEC8A39E56F"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT113R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT113R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 113; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT113FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT113R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT113R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 113; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 9; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Point.cs
new file mode 100644
index 0000000..6ecc8b0
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R1Point.cs
@@ -0,0 +1,281 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT113R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT113R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT113R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity) 
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero) 
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT113R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity) 
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero) 
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT113R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT113R1Point(Curve, X, L.Add(Z), new ECFieldElement[]{ Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Curve.cs
new file mode 100644
index 0000000..abfd26d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113R2Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT113R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT113R2Point m_infinity;
+
+        public SecT113R2Curve()
+            : base(113, 9, 0, 0)
+        {
+            this.m_infinity = new SecT113R2Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("00689918DBEC7E5A0DD6DFC0AA55C7")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("0095E9A9EC9B297BD4BF36E059184F")));
+            this.m_order = new BigInteger(1, Hex.Decode("010000000000000108789B2496AF93"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT113R2_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT113R2Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 113; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT113FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT113R2Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT113R2Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 113; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 9; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Point.cs
new file mode 100644
index 0000000..1453d78
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT113R2Point.cs
@@ -0,0 +1,291 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT113R2Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT113R2Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+            {
+                return b;
+            }
+            if (b.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT113R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT113R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity) 
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero) 
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT113R2Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity) 
+            {
+                return b;
+            }
+            if (b.IsInfinity)
+            {
+                return Twice();
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero) 
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT113R2Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT113R2Point(Curve, X, L.Add(Z), new ECFieldElement[]{ Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131Field.cs
new file mode 100644
index 0000000..1b6697a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131Field.cs
@@ -0,0 +1,330 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131Field
+    {
+        private const ulong M03 = ulong.MaxValue >> 61;
+        private const ulong M44 = ulong.MaxValue >> 20;
+
+        private static readonly ulong[] ROOT_Z = new ulong[]{ 0x26BC4D789AF13523UL, 0x26BC4D789AF135E2UL, 0x6UL };
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat192.FromBigInteger64(x);
+            Reduce61(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat192.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion
+
+            ulong[] t0 = Nat192.Create64();
+            ulong[] t1 = Nat192.Create64();
+
+            Square(x, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 2, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 4, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 8, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 16, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 32, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 65, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4];
+
+            x1 ^= (x4 << 61) ^ (x4 << 63);
+            x2 ^= (x4 >>  3) ^ (x4 >>  1) ^ x4 ^ (x4 <<  5);
+            x3 ^=                                (x4 >> 59);
+
+            x0 ^= (x3 << 61) ^ (x3 << 63);
+            x1 ^= (x3 >>  3) ^ (x3 >>  1) ^ x3 ^ (x3 <<  5);
+            x2 ^=                                (x3 >> 59);
+
+            ulong t = x2 >> 3;
+            z[0]    = x0 ^ t ^ (t << 2) ^ (t << 3) ^ (t <<  8);
+            z[1]    = x1                           ^ (t >> 56);
+            z[2]    = x2 & M03;
+        }
+
+        public static void Reduce61(ulong[] z, int zOff)
+        {
+            ulong z2     = z[zOff + 2], t = z2 >> 3;
+            z[zOff    ] ^= t ^ (t << 2) ^ (t << 3) ^ (t <<  8);
+            z[zOff + 1] ^=                           (t >> 56);
+            z[zOff + 2]  = z2 & M03;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong[] odd = Nat192.Create64();
+
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            odd[0]   = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL);
+            odd[1]   = (u0 >> 32);
+
+            Multiply(odd, ROOT_Z, z);
+
+            z[0] ^= e0;
+            z[1] ^= e1;
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat.Create64(5);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat.Create64(5);
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat.Create64(5);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 123, 129
+            return (uint)(x[0] ^ (x[1] >> 59) ^ (x[2] >> 1)) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5];
+            zz[0] =  z0        ^ (z1 << 44);
+            zz[1] = (z1 >> 20) ^ (z2 << 24);
+            zz[2] = (z2 >> 40) ^ (z3 <<  4)
+                               ^ (z4 << 48);
+            zz[3] = (z3 >> 60) ^ (z5 << 28)
+                  ^ (z4 >> 16);
+            zz[4] = (z5 >> 36);
+            zz[5] = 0;
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong f0 = x[0], f1 = x[1], f2 = x[2];
+            f2  = ((f1 >> 24) ^ (f2 << 40)) & M44;
+            f1  = ((f0 >> 44) ^ (f1 << 20)) & M44;
+            f0 &= M44;
+
+            ulong g0 = y[0], g1 = y[1], g2 = y[2];
+            g2  = ((g1 >> 24) ^ (g2 << 40)) & M44;
+            g1  = ((g0 >> 44) ^ (g1 << 20)) & M44;
+            g0 &= M44;
+
+            ulong[] H = new ulong[10];
+
+            ImplMulw(f0, g0, H, 0);               // H(0)       44/43 bits
+            ImplMulw(f2, g2, H, 2);               // H(INF)     44/41 bits
+
+            ulong t0 = f0 ^ f1 ^ f2;
+            ulong t1 = g0 ^ g1 ^ g2;
+
+            ImplMulw(t0, t1, H, 4);               // H(1)       44/43 bits
+        
+            ulong t2 = (f1 << 1) ^ (f2 << 2);
+            ulong t3 = (g1 << 1) ^ (g2 << 2);
+
+            ImplMulw(f0 ^ t2, g0 ^ t3, H, 6);     // H(t)       44/45 bits
+            ImplMulw(t0 ^ t2, t1 ^ t3, H, 8);     // H(t + 1)   44/45 bits
+
+            ulong t4 = H[6] ^ H[8];
+            ulong t5 = H[7] ^ H[9];
+
+            Debug.Assert(t5 >> 44 == 0);
+
+            // Calculate V
+            ulong v0 =      (t4 << 1) ^ H[6];
+            ulong v1 = t4 ^ (t5 << 1) ^ H[7];
+            ulong v2 = t5;
+
+            // Calculate U
+            ulong u0 = H[0];
+            ulong u1 = H[1] ^ H[0] ^ H[4];
+            ulong u2 =        H[1] ^ H[5];
+        
+            // Calculate W
+            ulong w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1);
+            ulong w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1);
+            ulong w2 = u2 ^ v2;
+
+            // Propagate carries
+            w1 ^= (w0 >> 44); w0 &= M44;
+            w2 ^= (w1 >> 44); w1 &= M44;
+
+            Debug.Assert((w0 & 1UL) == 0);
+
+            // Divide W by t
+
+            w0 = (w0 >> 1) ^ ((w1 & 1UL) << 43);
+            w1 = (w1 >> 1) ^ ((w2 & 1UL) << 43);
+            w2 = (w2 >> 1);
+
+            // Divide W by (t + 1)
+
+            w0 ^= (w0 << 1);
+            w0 ^= (w0 << 2);
+            w0 ^= (w0 << 4);
+            w0 ^= (w0 << 8);
+            w0 ^= (w0 << 16);
+            w0 ^= (w0 << 32);
+
+            w0 &= M44; w1 ^= (w0 >> 43);
+
+            w1 ^= (w1 << 1);
+            w1 ^= (w1 << 2);
+            w1 ^= (w1 << 4);
+            w1 ^= (w1 << 8);
+            w1 ^= (w1 << 16);
+            w1 ^= (w1 << 32);
+
+            w1 &= M44; w2 ^= (w1 >> 43);
+
+            w2 ^= (w2 << 1);
+            w2 ^= (w2 << 2);
+            w2 ^= (w2 << 4);
+            w2 ^= (w2 << 8);
+            w2 ^= (w2 << 16);
+            w2 ^= (w2 << 32);
+
+            Debug.Assert(w2 >> 42 == 0);
+
+            zz[0] = u0; 
+            zz[1] = u1 ^ w0      ^ H[2]; 
+            zz[2] = u2 ^ w1 ^ w0 ^ H[3]; 
+            zz[3] =      w2 ^ w1; 
+            zz[4] =           w2 ^ H[2]; 
+            zz[5] =                H[3]; 
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulw(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 45 == 0);
+            Debug.Assert(y >> 45 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7]
+                              ^ u[(j >> 3) & 7] << 3
+                              ^ u[(j >> 6) & 7] << 6;
+            int k = 33;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3
+                   ^ u[(j >> 6) & 7] << 6
+                   ^ u[(j >> 9) & 7] << 9;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 12) > 0);
+
+            Debug.Assert(h >> 25 == 0);
+
+            z[zOff    ] = l & M44;
+            z[zOff + 1] = (l >> 44) ^ (h << 20);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+
+            zz[4] = Interleave.Expand8to16((uint)x[2]);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131FieldElement.cs
new file mode 100644
index 0000000..e0ecc10
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT131FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 131)
+                throw new ArgumentException("value invalid for SecT131FieldElement", "x");
+
+            this.x = SecT131Field.FromBigInteger(x);
+        }
+
+        public SecT131FieldElement()
+        {
+            this.x = Nat192.Create64();
+        }
+
+        protected internal SecT131FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat192.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat192.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat192.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT131Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 131; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Add(x, ((SecT131FieldElement)b).x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.AddOne(x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and Subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Multiply(x, ((SecT131FieldElement)b).x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT131FieldElement)b).x;
+            ulong[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(5);
+            SecT131Field.MultiplyAddToExt(ax, bx, tt);
+            SecT131Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Reduce(tt, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Square(x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(5);
+            SecT131Field.SquareAddToExt(ax, tt);
+            SecT131Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Reduce(tt, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat192.Create64();
+            SecT131Field.SquareN(x, pow, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Invert(x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT131Field.Sqrt(x, z);
+            return new SecT131FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Ppb; }
+        }
+
+        public virtual int M
+        {
+            get { return 131; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 3; }
+        }
+
+        public virtual int K3
+        {
+            get { return 8; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT131FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT131FieldElement);
+        }
+
+        public virtual bool Equals(SecT131FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat192.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 131832 ^ Arrays.GetHashCode(x, 0, 3);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Curve.cs
new file mode 100644
index 0000000..b73964c
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT131R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT131R1Point m_infinity;
+
+        public SecT131R1Curve()
+            : base(131, 2, 3, 8)
+        {
+            this.m_infinity = new SecT131R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("07A11B09A76B562144418FF3FF8C2570B8")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("0217C05610884B63B9C6C7291678F9D341")));
+            this.m_order = new BigInteger(1, Hex.Decode("0400000000000000023123953A9464B54D"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT131R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT131R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 131; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT131FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT131R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT131R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 131; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 3; }
+        }
+
+        public virtual int K3
+        {
+            get { return 8; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Point.cs
new file mode 100644
index 0000000..7afdad8
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R1Point.cs
@@ -0,0 +1,287 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT131R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT131R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT131R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT131R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+            {
+                return b;
+            }
+            if (b.IsInfinity)
+            {
+                return Twice();
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT131R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT131R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Curve.cs
new file mode 100644
index 0000000..724921c
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131R2Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT131R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT131R2Point m_infinity;
+
+        public SecT131R2Curve()
+            : base(131, 2, 3, 8)
+        {
+            this.m_infinity = new SecT131R2Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("03E5A88919D7CAFCBF415F07C2176573B2")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("04B8266A46C55657AC734CE38F018F2192")));
+            this.m_order = new BigInteger(1, Hex.Decode("0400000000000000016954A233049BA98F"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT131R2_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT131R2Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override int FieldSize
+        {
+            get { return 131; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT131FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT131R2Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT131R2Point(this, x, y, zs, withCompression);
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 131; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 3; }
+        }
+
+        public virtual int K3
+        {
+            get { return 8; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Point.cs
new file mode 100644
index 0000000..be61561
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT131R2Point.cs
@@ -0,0 +1,283 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT131R2Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT131R2Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT131R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT131R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT131R2Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT131R2Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT131R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163Field.cs
new file mode 100644
index 0000000..b1e9aa7
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163Field.cs
@@ -0,0 +1,340 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163Field
+    {
+        private const ulong M35 = ulong.MaxValue >> 29;
+        private const ulong M55 = ulong.MaxValue >> 9;
+
+        private static readonly ulong[] ROOT_Z = new ulong[]{ 0xB6DB6DB6DB6DB6B0UL, 0x492492492492DB6DUL, 0x492492492UL };
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+            zz[5] = xx[5] ^ yy[5];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat192.FromBigInteger64(x);
+            Reduce29(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat192.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion with bases { 2, 3 }
+
+            ulong[] t0 = Nat192.Create64();
+            ulong[] t1 = Nat192.Create64();
+
+            Square(x, t0);
+
+            // 3 | 162
+            SquareN(t0, 1, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 1, t1);
+            Multiply(t0, t1, t0);
+
+            // 3 | 54
+            SquareN(t0, 3, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 3, t1);
+            Multiply(t0, t1, t0);
+
+            // 3 | 18
+            SquareN(t0, 9, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 9, t1);
+            Multiply(t0, t1, t0);
+
+            // 3 | 6
+            SquareN(t0, 27, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 27, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 2
+            SquareN(t0, 81, t1);
+            Multiply(t0, t1, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5];
+
+            x2 ^= (x5 << 29) ^ (x5 << 32) ^ (x5 << 35) ^ (x5 << 36);
+            x3 ^= (x5 >> 35) ^ (x5 >> 32) ^ (x5 >> 29) ^ (x5 >> 28);
+
+            x1 ^= (x4 << 29) ^ (x4 << 32) ^ (x4 << 35) ^ (x4 << 36);
+            x2 ^= (x4 >> 35) ^ (x4 >> 32) ^ (x4 >> 29) ^ (x4 >> 28);
+
+            x0 ^= (x3 << 29) ^ (x3 << 32) ^ (x3 << 35) ^ (x3 << 36);
+            x1 ^= (x3 >> 35) ^ (x3 >> 32) ^ (x3 >> 29) ^ (x3 >> 28);
+
+            ulong t = x2 >> 35;
+            z[0]    = x0 ^ t ^ (t << 3) ^ (t << 6) ^ (t << 7);
+            z[1]    = x1;
+            z[2]    = x2 & M35;
+        }
+
+        public static void Reduce29(ulong[] z, int zOff)
+        {
+            ulong z2     = z[zOff + 2], t = z2 >> 35;
+            z[zOff    ] ^= t ^ (t << 3) ^ (t << 6) ^ (t << 7);
+            z[zOff + 2]  = z2 & M35;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong[] odd = Nat192.Create64();
+
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            odd[0]   = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL);
+            odd[1]   = (u0 >> 32);
+
+            Multiply(odd, ROOT_Z, z);
+
+            z[0] ^= e0;
+            z[1] ^= e1;
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat192.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat192.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 157
+            return (uint)(x[0] ^ (x[2] >> 29)) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5];
+            zz[0] =  z0        ^ (z1 << 55);
+            zz[1] = (z1 >>  9) ^ (z2 << 46);
+            zz[2] = (z2 >> 18) ^ (z3 << 37);
+            zz[3] = (z3 >> 27) ^ (z4 << 28);
+            zz[4] = (z4 >> 36) ^ (z5 << 19);
+            zz[5] = (z5 >> 45);
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong f0 = x[0], f1 = x[1], f2 = x[2];
+            f2  = ((f1 >> 46) ^ (f2 << 18));
+            f1  = ((f0 >> 55) ^ (f1 <<  9)) & M55;
+            f0 &= M55;
+
+            ulong g0 = y[0], g1 = y[1], g2 = y[2];
+            g2  = ((g1 >> 46) ^ (g2 << 18));
+            g1  = ((g0 >> 55) ^ (g1 <<  9)) & M55;
+            g0 &= M55;
+
+            ulong[] H = new ulong[10];
+
+            ImplMulw(f0, g0, H, 0);               // H(0)       55/54 bits
+            ImplMulw(f2, g2, H, 2);               // H(INF)     55/50 bits
+
+            ulong t0 = f0 ^ f1 ^ f2;
+            ulong t1 = g0 ^ g1 ^ g2;
+
+            ImplMulw(t0, t1, H, 4);               // H(1)       55/54 bits
+        
+            ulong t2 = (f1 << 1) ^ (f2 << 2);
+            ulong t3 = (g1 << 1) ^ (g2 << 2);
+
+            ImplMulw(f0 ^ t2, g0 ^ t3, H, 6);     // H(t)       55/56 bits
+            ImplMulw(t0 ^ t2, t1 ^ t3, H, 8);     // H(t + 1)   55/56 bits
+
+            ulong t4 = H[6] ^ H[8];
+            ulong t5 = H[7] ^ H[9];
+
+            Debug.Assert(t5 >> 55 == 0);
+
+            // Calculate V
+            ulong v0 =      (t4 << 1) ^ H[6];
+            ulong v1 = t4 ^ (t5 << 1) ^ H[7];
+            ulong v2 = t5;
+
+            // Calculate U
+            ulong u0 = H[0];
+            ulong u1 = H[1] ^ H[0] ^ H[4];
+            ulong u2 =        H[1] ^ H[5];
+        
+            // Calculate W
+            ulong w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1);
+            ulong w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1);
+            ulong w2 = u2 ^ v2;
+
+            // Propagate carries
+            w1 ^= (w0 >> 55); w0 &= M55;
+            w2 ^= (w1 >> 55); w1 &= M55;
+
+            Debug.Assert((w0 & 1UL) == 0UL);
+
+            // Divide W by t
+
+            w0 = (w0 >> 1) ^ ((w1 & 1UL) << 54);
+            w1 = (w1 >> 1) ^ ((w2 & 1UL) << 54);
+            w2 = (w2 >> 1);
+
+            // Divide W by (t + 1)
+
+            w0 ^= (w0 << 1);
+            w0 ^= (w0 << 2);
+            w0 ^= (w0 << 4);
+            w0 ^= (w0 << 8);
+            w0 ^= (w0 << 16);
+            w0 ^= (w0 << 32);
+
+            w0 &= M55; w1 ^= (w0 >> 54);
+
+            w1 ^= (w1 << 1);
+            w1 ^= (w1 << 2);
+            w1 ^= (w1 << 4);
+            w1 ^= (w1 << 8);
+            w1 ^= (w1 << 16);
+            w1 ^= (w1 << 32);
+
+            w1 &= M55; w2 ^= (w1 >> 54);
+
+            w2 ^= (w2 << 1);
+            w2 ^= (w2 << 2);
+            w2 ^= (w2 << 4);
+            w2 ^= (w2 << 8);
+            w2 ^= (w2 << 16);
+            w2 ^= (w2 << 32);
+
+            Debug.Assert(w2 >> 52 == 0);
+
+            zz[0] = u0; 
+            zz[1] = u1 ^ w0      ^ H[2]; 
+            zz[2] = u2 ^ w1 ^ w0 ^ H[3]; 
+            zz[3] =      w2 ^ w1; 
+            zz[4] =           w2 ^ H[2]; 
+            zz[5] =                H[3]; 
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulw(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 56 == 0);
+            Debug.Assert(y >> 56 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 3];
+            int k = 47;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3
+                   ^ u[(j >> 6) & 7] << 6;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 9) > 0);
+
+            Debug.Assert(h >> 47 == 0);
+
+            z[zOff    ] = l & M55;
+            z[zOff + 1] = (l >> 55) ^ (h << 9);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+
+            ulong x2 = x[2];
+            zz[4] = Interleave.Expand32to64((uint)x2);
+            zz[5] = Interleave.Expand8to16((uint)(x2 >> 32));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163FieldElement.cs
new file mode 100644
index 0000000..8953fb5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT163FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 163)
+                throw new ArgumentException("value invalid for SecT163FieldElement", "x");
+
+            this.x = SecT163Field.FromBigInteger(x);
+        }
+
+        public SecT163FieldElement()
+        {
+            this.x = Nat192.Create64();
+        }
+
+        protected internal SecT163FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat192.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat192.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1L) != 0L;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat192.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT163Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 163; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Add(x, ((SecT163FieldElement)b).x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.AddOne(x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Multiply(x, ((SecT163FieldElement)b).x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT163FieldElement)b).x;
+            ulong[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x;
+
+            ulong[] tt = Nat192.CreateExt64();
+            SecT163Field.MultiplyAddToExt(ax, bx, tt);
+            SecT163Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Reduce(tt, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Square(x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x;
+
+            ulong[] tt = Nat192.CreateExt64();
+            SecT163Field.SquareAddToExt(ax, tt);
+            SecT163Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Reduce(tt, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat192.Create64();
+            SecT163Field.SquareN(x, pow, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Invert(x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat192.Create64();
+            SecT163Field.Sqrt(x, z);
+            return new SecT163FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Ppb; }
+        }
+
+        public virtual int M
+        {
+            get { return 163; }
+        }
+
+        public virtual int K1
+        {
+            get { return 3; }
+        }
+
+        public virtual int K2
+        {
+            get { return 6; }
+        }
+
+        public virtual int K3
+        {
+            get { return 7; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT163FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT163FieldElement);
+        }
+
+        public virtual bool Equals(SecT163FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat192.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 163763 ^ Arrays.GetHashCode(x, 0, 3);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Curve.cs
new file mode 100644
index 0000000..68ff646
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT163K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT163K1Point m_infinity;
+
+        public SecT163K1Curve()
+            : base(163, 3, 6, 7)
+        {
+            this.m_infinity = new SecT163K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = this.m_a;
+            this.m_order = new BigInteger(1, Hex.Decode("04000000000000000000020108A2E0CC0D99F8A5EF"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT163K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT163K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 163; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT163FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT163K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT163K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 163; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 3; }
+        }
+
+        public virtual int K2
+        {
+            get { return 6; }
+        }
+
+        public virtual int K3
+        {
+            get { return 7; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Point.cs
new file mode 100644
index 0000000..8693fe1
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163K1Point.cs
@@ -0,0 +1,281 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT163K1Point(null, this.AffineXCoord, this.AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT163K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT163K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT163K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(X3);
+
+            return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT163K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT163K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Curve.cs
new file mode 100644
index 0000000..8ae58cc
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT163R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT163R1Point m_infinity;
+
+        public SecT163R1Curve()
+            : base(163, 3, 6, 7)
+        {
+            this.m_infinity = new SecT163R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9")));
+            this.m_order = new BigInteger(1, Hex.Decode("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT163R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT163R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 163; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT163FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT163R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT163R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 163; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 3; }
+        }
+
+        public virtual int K2
+        {
+            get { return 6; }
+        }
+
+        public virtual int K3
+        {
+            get { return 7; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Point.cs
new file mode 100644
index 0000000..811a09f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R1Point.cs
@@ -0,0 +1,283 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT163R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT163R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT163R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT163R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT163R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT163R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Curve.cs
new file mode 100644
index 0000000..5a4fa5a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163R2Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT163R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT163R2Point m_infinity;
+
+        public SecT163R2Curve()
+            : base(163, 3, 6, 7)
+        {
+            this.m_infinity = new SecT163R2Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("020A601907B8C953CA1481EB10512F78744A3205FD")));
+            this.m_order = new BigInteger(1, Hex.Decode("040000000000000000000292FE77E70C12A4234C33"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT163R2_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT163R2Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 163; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT163FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT163R2Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT163R2Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 163; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 3; }
+        }
+
+        public virtual int K2
+        {
+            get { return 6; }
+        }
+
+        public virtual int K3
+        {
+            get { return 7; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Point.cs
new file mode 100644
index 0000000..69e2497
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT163R2Point.cs
@@ -0,0 +1,286 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT163R2Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT163R2Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                {
+                    return Twice();
+                }
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT163R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT163R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT163R2Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+            {
+                return b;
+            }
+            if (b.IsInfinity)
+            {
+                return Twice();
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT163R2Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT163R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193Field.cs
new file mode 100644
index 0000000..41acb4f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193Field.cs
@@ -0,0 +1,305 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193Field
+    {
+        private const ulong M01 = 1UL;
+        private const ulong M49 = ulong.MaxValue >> 15;
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+            zz[5] = xx[5] ^ yy[5];
+            zz[6] = xx[6] ^ yy[6];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat256.FromBigInteger64(x);
+            Reduce63(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat256.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion with bases { 2, 3 }
+
+            ulong[] t0 = Nat256.Create64();
+            ulong[] t1 = Nat256.Create64();
+
+            Square(x, t0);
+
+            // 3 | 192
+            SquareN(t0, 1, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 1, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 64
+            SquareN(t0, 3, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 32
+            SquareN(t0, 6, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 16
+            SquareN(t0, 12, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 8
+            SquareN(t0, 24, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 4
+            SquareN(t0, 48, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 2
+            SquareN(t0, 96, t1);
+            Multiply(t0, t1, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5], x6 = xx[6];
+
+            x2 ^= (x6 << 63);
+            x3 ^= (x6 >>  1) ^ (x6 << 14);
+            x4 ^= (x6 >> 50);
+
+            x1 ^= (x5 << 63);
+            x2 ^= (x5 >>  1) ^ (x5 << 14);
+            x3 ^= (x5 >> 50);
+
+            x0 ^= (x4 << 63);
+            x1 ^= (x4 >>  1) ^ (x4 << 14);
+            x2 ^= (x4 >> 50);
+
+            ulong t = x3 >> 1;
+            z[0]    = x0 ^ t ^ (t << 15);
+            z[1]    = x1     ^ (t >> 49);
+            z[2]    = x2;
+            z[3]    = x3 & M01;
+        }
+
+        public static void Reduce63(ulong[] z, int zOff)
+        {
+            ulong z3     = z[zOff + 3], t = z3 >> 1;
+            z[zOff    ] ^= t ^ (t << 15);
+            z[zOff + 1] ^=     (t >> 49);
+            z[zOff + 3]  = z3 & M01;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL) ^ (x[3] << 32);
+            ulong c1 = (u0 >> 32);
+
+            z[0] = e0 ^ (c0 << 8);
+            z[1] = e1 ^ (c1 << 8) ^ (c0 >> 56) ^ (c0 << 33);
+            z[2] =                  (c1 >> 56) ^ (c1 << 33) ^ (c0 >> 31);
+            z[3] =                                            (c1 >> 31);
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0
+            return (uint)(x[0]) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
+            zz[0] =  z0        ^ (z1 << 49);
+            zz[1] = (z1 >> 15) ^ (z2 << 34);
+            zz[2] = (z2 >> 30) ^ (z3 << 19);
+            zz[3] = (z3 >> 45) ^ (z4 <<  4)
+                               ^ (z5 << 53);
+            zz[4] = (z4 >> 60) ^ (z6 << 38)
+                  ^ (z5 >> 11);
+            zz[5] = (z6 >> 26) ^ (z7 << 23);
+            zz[6] = (z7 >> 41);
+            zz[7] = 0;
+        }
+
+        protected static void ImplExpand(ulong[] x, ulong[] z)
+        {
+            ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+            z[0] = x0 & M49;
+            z[1] = ((x0 >> 49) ^ (x1 << 15)) & M49;
+            z[2] = ((x1 >> 34) ^ (x2 << 30)) & M49;
+            z[3] = ((x2 >> 19) ^ (x3 << 45));
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong[] f = new ulong[4], g = new ulong[4];
+            ImplExpand(x, f);
+            ImplExpand(y, g);
+
+            ImplMulwAcc(f[0], g[0], zz, 0);
+            ImplMulwAcc(f[1], g[1], zz, 1);
+            ImplMulwAcc(f[2], g[2], zz, 2);
+            ImplMulwAcc(f[3], g[3], zz, 3);
+
+            // U *= (1 - t^n)
+            for (int i = 5; i > 0; --i)
+            {
+                zz[i] ^= zz[i - 1];
+            }
+
+            ImplMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
+            ImplMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
+
+            // V *= (1 - t^2n)
+            for (int i = 7; i > 1; --i)
+            {
+                zz[i] ^= zz[i - 2];
+            }
+
+            // Double-length recursion
+            {
+                ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
+                ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
+                ImplMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
+                ulong[] t = new ulong[3];
+                ImplMulwAcc(c0, d0, t, 0);
+                ImplMulwAcc(c1, d1, t, 1);
+                ulong t0 = t[0], t1 = t[1], t2 = t[2];
+                zz[2] ^= t0;
+                zz[3] ^= t0 ^ t1;
+                zz[4] ^= t2 ^ t1;
+                zz[5] ^= t2;
+            }
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulwAcc(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 49 == 0);
+            Debug.Assert(y >> 49 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^ y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7]
+                              ^ (u[(j >> 3) & 7] << 3);
+            int k = 36;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3
+                   ^ u[(j >> 6) & 7] << 6
+                   ^ u[(j >> 9) & 7] << 9
+                   ^ u[(j >> 12) & 7] << 12;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 15) > 0);
+
+            Debug.Assert(h >> 33 == 0);
+
+            z[zOff    ] ^= l & M49;
+            z[zOff + 1] ^= (l >> 49) ^ (h << 15);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+            Interleave.Expand64To128(x[2], zz, 4);
+            zz[6] = (x[3] & M01);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193FieldElement.cs
new file mode 100644
index 0000000..a1150b3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT193FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 193)
+                throw new ArgumentException("value invalid for SecT193FieldElement", "x");
+
+            this.x = SecT193Field.FromBigInteger(x);
+        }
+
+        public SecT193FieldElement()
+        {
+            this.x = Nat256.Create64();
+        }
+
+        protected internal SecT193FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT193Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 193; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Add(x, ((SecT193FieldElement)b).x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.AddOne(x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and Subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Multiply(x, ((SecT193FieldElement)b).x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT193FieldElement)b).x;
+            ulong[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT193Field.MultiplyAddToExt(ax, bx, tt);
+            SecT193Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Reduce(tt, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Square(x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT193Field.SquareAddToExt(ax, tt);
+            SecT193Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Reduce(tt, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat256.Create64();
+            SecT193Field.SquareN(x, pow, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Invert(x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT193Field.Sqrt(x, z);
+            return new SecT193FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Tpb; }
+        }
+
+        public virtual int M
+        {
+            get { return 193; }
+        }
+
+        public virtual int K1
+        {
+            get { return 15; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT193FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT193FieldElement);
+        }
+
+        public virtual bool Equals(SecT193FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 1930015 ^ Arrays.GetHashCode(x, 0, 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Curve.cs
new file mode 100644
index 0000000..a2cb5a8
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT193R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT193R1Point m_infinity;
+
+        public SecT193R1Curve()
+            : base(193, 15, 0, 0)
+        {
+            this.m_infinity = new SecT193R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814")));
+            this.m_order = new BigInteger(1, Hex.Decode("01000000000000000000000000C7F34A778F443ACC920EBA49"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT193R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT193R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_LAMBDA_PROJECTIVE:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 193; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT193FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT193R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT193R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 193; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 15; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Point.cs
new file mode 100644
index 0000000..062fce9
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R1Point.cs
@@ -0,0 +1,283 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT193R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT193R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT193R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT193R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT193R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT193R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Curve.cs
new file mode 100644
index 0000000..1c84a3e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193R2Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT193R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT193R2Point m_infinity;
+
+        public SecT193R2Curve()
+            : base(193, 15, 0, 0)
+        {
+            this.m_infinity = new SecT193R2Point(this, null, null);
+
+            this.m_a = FromBigInteger(new BigInteger(1, Hex.Decode("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B")));
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE")));
+            this.m_order = new BigInteger(1, Hex.Decode("010000000000000000000000015AAB561B005413CCD4EE99D5"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT193R2_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT193R2Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+                case COORD_LAMBDA_PROJECTIVE:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 193; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT193FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT193R2Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT193R2Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 193; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 15; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Point.cs
new file mode 100644
index 0000000..18d89e3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT193R2Point.cs
@@ -0,0 +1,283 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT193R2Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT193R2Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).Add(curve.A);
+                if (X3.IsZero)
+                {
+                    return new SecT193R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT193R2Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement a = curve.A;
+            ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq);
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq);
+            if (T.IsZero)
+            {
+                return new SecT193R2Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT193R2Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT193R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233Field.cs
new file mode 100644
index 0000000..870dade
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233Field.cs
@@ -0,0 +1,317 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233Field
+    {
+        private const ulong M41 = ulong.MaxValue >> 23;
+        private const ulong M59 = ulong.MaxValue >> 5;
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+            zz[5] = xx[5] ^ yy[5];
+            zz[6] = xx[6] ^ yy[6];
+            zz[7] = xx[7] ^ yy[7];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat256.FromBigInteger64(x);
+            Reduce23(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat256.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion
+
+            ulong[] t0 = Nat256.Create64();
+            ulong[] t1 = Nat256.Create64();
+
+            Square(x, t0);
+            Multiply(t0, x, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 3, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 7, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 14, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 29, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 58, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 116, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
+            ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7];
+
+            x3 ^= (x7 << 23);
+            x4 ^= (x7 >> 41) ^ (x7 << 33);
+            x5 ^= (x7 >> 31);
+
+            x2 ^= (x6 << 23);
+            x3 ^= (x6 >> 41) ^ (x6 << 33);
+            x4 ^= (x6 >> 31);
+
+            x1 ^= (x5 << 23);
+            x2 ^= (x5 >> 41) ^ (x5 << 33);
+            x3 ^= (x5 >> 31);
+
+            x0 ^= (x4 << 23);
+            x1 ^= (x4 >> 41) ^ (x4 << 33);
+            x2 ^= (x4 >> 31);
+
+            ulong t = x3 >> 41;
+            z[0]    = x0 ^ t;
+            z[1]    = x1 ^ (t << 10);
+            z[2]    = x2;
+            z[3]    = x3 & M41;
+        }
+
+        public static void Reduce23(ulong[] z, int zOff)
+        {
+            ulong z3     = z[zOff + 3], t = z3 >> 41;
+            z[zOff    ] ^= t;
+            z[zOff + 1] ^= (t << 10);
+            z[zOff + 3]  = z3 & M41;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            ulong c2;
+            c2  = (c1 >> 27);
+            c1 ^= (c0 >> 27) | (c1 << 37);
+            c0 ^=              (c0 << 37);
+
+            ulong[] tt = Nat256.CreateExt64();
+
+            int[] shifts = { 32, 117, 191 };
+            for (int i = 0; i < shifts.Length; ++i)
+            {
+                int w = shifts[i] >> 6, s = shifts[i] & 63;
+                Debug.Assert(s != 0);
+                tt[w    ] ^= (c0 << s);
+                tt[w + 1] ^= (c1 << s) | (c0 >> -s);
+                tt[w + 2] ^= (c2 << s) | (c1 >> -s);
+                tt[w + 3] ^=             (c2 >> -s);
+            }
+
+            Reduce(tt, z);
+
+            z[0] ^= e0;
+            z[1] ^= e1;
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 159
+            return (uint)(x[0] ^ (x[2] >> 31)) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
+            zz[0] =  z0         ^ (z1 << 59);
+            zz[1] = (z1 >>  5) ^ (z2 << 54);
+            zz[2] = (z2 >> 10) ^ (z3 << 49);
+            zz[3] = (z3 >> 15) ^ (z4 << 44);
+            zz[4] = (z4 >> 20) ^ (z5 << 39);
+            zz[5] = (z5 >> 25) ^ (z6 << 34);
+            zz[6] = (z6 >> 30) ^ (z7 << 29);
+            zz[7] = (z7 >> 35);
+        }
+
+        protected static void ImplExpand(ulong[] x, ulong[] z)
+        {
+            ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+            z[0] = x0 & M59;
+            z[1] = ((x0 >> 59) ^ (x1 <<  5)) & M59;
+            z[2] = ((x1 >> 54) ^ (x2 << 10)) & M59;
+            z[3] = ((x2 >> 49) ^ (x3 << 15));
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong[] f = new ulong[4], g = new ulong[4];
+            ImplExpand(x, f);
+            ImplExpand(y, g);
+
+            ImplMulwAcc(f[0], g[0], zz, 0);
+            ImplMulwAcc(f[1], g[1], zz, 1);
+            ImplMulwAcc(f[2], g[2], zz, 2);
+            ImplMulwAcc(f[3], g[3], zz, 3);
+
+            // U *= (1 - t^n)
+            for (int i = 5; i > 0; --i)
+            {
+                zz[i] ^= zz[i - 1];
+            }
+
+            ImplMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
+            ImplMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
+
+            // V *= (1 - t^2n)
+            for (int i = 7; i > 1; --i)
+            {
+                zz[i] ^= zz[i - 2];
+            }
+
+            // Double-length recursion
+            {
+                ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
+                ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
+                ImplMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
+                ulong[] t = new ulong[3];
+                ImplMulwAcc(c0, d0, t, 0);
+                ImplMulwAcc(c1, d1, t, 1);
+                ulong t0 = t[0], t1 = t[1], t2 = t[2];
+                zz[2] ^= t0;
+                zz[3] ^= t0 ^ t1;
+                zz[4] ^= t2 ^ t1;
+                zz[5] ^= t2;
+            }
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulwAcc(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 59 == 0);
+            Debug.Assert(y >> 59 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7]
+                              ^ (u[(j >> 3) & 7] << 3);
+            int k = 54;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 6) > 0);
+
+            Debug.Assert(h >> 53 == 0);
+
+            z[zOff    ] ^= l & M59;
+            z[zOff + 1] ^= (l >> 59) ^ (h << 5);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+            Interleave.Expand64To128(x[2], zz, 4);
+
+            ulong x3 = x[3];
+            zz[6] = Interleave.Expand32to64((uint)x3);
+            zz[7] = Interleave.Expand16to32((uint)(x3 >> 32));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233FieldElement.cs
new file mode 100644
index 0000000..91b8e2f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT233FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 233)
+                throw new ArgumentException("value invalid for SecT233FieldElement", "x");
+
+            this.x = SecT233Field.FromBigInteger(x);
+        }
+
+        public SecT233FieldElement()
+        {
+            this.x = Nat256.Create64();
+        }
+
+        protected internal SecT233FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT233Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 233; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Add(x, ((SecT233FieldElement)b).x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.AddOne(x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and Subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Multiply(x, ((SecT233FieldElement)b).x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT233FieldElement)b).x;
+            ulong[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT233Field.MultiplyAddToExt(ax, bx, tt);
+            SecT233Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Reduce(tt, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Square(x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT233Field.SquareAddToExt(ax, tt);
+            SecT233Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Reduce(tt, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat256.Create64();
+            SecT233Field.SquareN(x, pow, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Invert(x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT233Field.Sqrt(x, z);
+            return new SecT233FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Tpb; }
+        }
+
+        public virtual int M
+        {
+            get { return 233; }
+        }
+
+        public virtual int K1
+        {
+            get { return 74; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT233FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT233FieldElement);
+        }
+
+        public virtual bool Equals(SecT233FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 2330074 ^ Arrays.GetHashCode(x, 0, 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Curve.cs
new file mode 100644
index 0000000..7293591
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT233K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT233K1Point m_infinity;
+
+        public SecT233K1Curve()
+            : base(233, 74, 0, 0)
+        {
+            this.m_infinity = new SecT233K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.One);
+            this.m_order = new BigInteger(1, Hex.Decode("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF"));
+            this.m_cofactor = BigInteger.ValueOf(4);
+
+            this.m_coord = SecT233K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT233K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override int FieldSize
+        {
+            get { return 233; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT233FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT233K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT233K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 233; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 74; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Point.cs
new file mode 100644
index 0000000..9a357ff
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233K1Point.cs
@@ -0,0 +1,295 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT233K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                {
+                    return curve.Infinity;
+                }
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1);
+                if (X3.IsZero)
+                {
+                    return new SecT233K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT233K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+            {
+                return this;
+            }
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T;
+            if (Z1IsOne)
+            {
+                T = L1.Square().Add(L1);
+            }
+            else
+            {
+                T = L1.Add(Z1).Multiply(L1);
+            }
+
+            if (T.IsZero)
+            {
+                return new SecT233K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3);
+
+            return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = L1Sq.Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                {
+                    return b.Twice();
+                }
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT233K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT233K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Curve.cs
new file mode 100644
index 0000000..db6e6e1
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT233R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT233R1Point m_infinity;
+
+        public SecT233R1Curve()
+            : base(233, 74, 0, 0)
+        {
+            this.m_infinity = new SecT233R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD")));
+            this.m_order = new BigInteger(1, Hex.Decode("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT233R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT233R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 233; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT233FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT233R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT233R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 233; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 74; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Point.cs
new file mode 100644
index 0000000..6347051
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT233R1Point.cs
@@ -0,0 +1,278 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT233R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT233R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT233R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT233R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT233R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT233R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT233R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT239Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239Field.cs
new file mode 100644
index 0000000..2e6ed2a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239Field.cs
@@ -0,0 +1,328 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT239Field
+    {
+        private const ulong M47 = ulong.MaxValue >> 17;
+        private const ulong M60 = ulong.MaxValue >> 4;
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+            zz[5] = xx[5] ^ yy[5];
+            zz[6] = xx[6] ^ yy[6];
+            zz[7] = xx[7] ^ yy[7];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat256.FromBigInteger64(x);
+            Reduce17(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat256.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion
+
+            ulong[] t0 = Nat256.Create64();
+            ulong[] t1 = Nat256.Create64();
+
+            Square(x, t0);
+            Multiply(t0, x, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 3, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 7, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 14, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 29, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 59, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 119, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
+            ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7];
+
+            x3 ^= (x7 << 17);
+            x4 ^= (x7 >> 47);
+            x5 ^= (x7 << 47);
+            x6 ^= (x7 >> 17);
+
+            x2 ^= (x6 << 17);
+            x3 ^= (x6 >> 47);
+            x4 ^= (x6 << 47);
+            x5 ^= (x6 >> 17);
+
+            x1 ^= (x5 << 17);
+            x2 ^= (x5 >> 47);
+            x3 ^= (x5 << 47);
+            x4 ^= (x5 >> 17);
+
+            x0 ^= (x4 << 17);
+            x1 ^= (x4 >> 47);
+            x2 ^= (x4 << 47);
+            x3 ^= (x4 >> 17);
+
+            ulong t = x3 >> 47;
+            z[0]    = x0 ^ t;
+            z[1]    = x1;
+            z[2]    = x2 ^ (t << 30);
+            z[3]    = x3 & M47;
+        }
+
+        public static void Reduce17(ulong[] z, int zOff)
+        {
+            ulong z3     = z[zOff + 3], t = z3 >> 47;
+            z[zOff    ] ^= t;
+            z[zOff + 2] ^= (t << 30);
+            z[zOff + 3]  = z3 & M47;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            ulong c2, c3;
+            c3  = (c1 >> 49);
+            c2  = (c0 >> 49) | (c1 << 15);
+            c1 ^=              (c0 << 15);
+
+            ulong[] tt = Nat256.CreateExt64();
+
+            int[] shifts = { 39, 120 };
+            for (int i = 0; i < shifts.Length; ++i)
+            {
+                int w = shifts[i] >> 6, s = shifts[i] & 63;
+                Debug.Assert(s != 0);
+                tt[w    ] ^= (c0 << s);
+                tt[w + 1] ^= (c1 << s) | (c0 >> -s);
+                tt[w + 2] ^= (c2 << s) | (c1 >> -s);
+                tt[w + 3] ^= (c3 << s) | (c2 >> -s);
+                tt[w + 4] ^=             (c3 >> -s);
+            }
+
+            Reduce(tt, z);
+
+            z[0] ^= e0;
+            z[1] ^= e1;
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat256.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 81, 162
+            return (uint)(x[0] ^ (x[1] >> 17) ^ (x[2] >> 34)) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
+            zz[0] =  z0        ^ (z1 << 60);
+            zz[1] = (z1 >>  4) ^ (z2 << 56);
+            zz[2] = (z2 >>  8) ^ (z3 << 52);
+            zz[3] = (z3 >> 12) ^ (z4 << 48);
+            zz[4] = (z4 >> 16) ^ (z5 << 44);
+            zz[5] = (z5 >> 20) ^ (z6 << 40);
+            zz[6] = (z6 >> 24) ^ (z7 << 36);
+            zz[7] = (z7 >> 28);
+        }
+
+        protected static void ImplExpand(ulong[] x, ulong[] z)
+        {
+            ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+            z[0] = x0 & M60;
+            z[1] = ((x0 >> 60) ^ (x1 <<  4)) & M60;
+            z[2] = ((x1 >> 56) ^ (x2 <<  8)) & M60;
+            z[3] = ((x2 >> 52) ^ (x3 << 12));
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
+             */
+
+            ulong[] f = new ulong[4], g = new ulong[4];
+            ImplExpand(x, f);
+            ImplExpand(y, g);
+
+            ImplMulwAcc(f[0], g[0], zz, 0);
+            ImplMulwAcc(f[1], g[1], zz, 1);
+            ImplMulwAcc(f[2], g[2], zz, 2);
+            ImplMulwAcc(f[3], g[3], zz, 3);
+
+            // U *= (1 - t^n)
+            for (int i = 5; i > 0; --i)
+            {
+                zz[i] ^= zz[i - 1];
+            }
+
+            ImplMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
+            ImplMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
+
+            // V *= (1 - t^2n)
+            for (int i = 7; i > 1; --i)
+            {
+                zz[i] ^= zz[i - 2];
+            }
+
+            // Double-length recursion
+            {
+                ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
+                ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
+                ImplMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
+                ulong[] t = new ulong[3];
+                ImplMulwAcc(c0, d0, t, 0);
+                ImplMulwAcc(c1, d1, t, 1);
+                ulong t0 = t[0], t1 = t[1], t2 = t[2];
+                zz[2] ^= t0;
+                zz[3] ^= t0 ^ t1;
+                zz[4] ^= t2 ^ t1;
+                zz[5] ^= t2;
+            }
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulwAcc(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 60 == 0);
+            Debug.Assert(y >> 60 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7]
+                              ^ (u[(j >> 3) & 7] << 3);
+            int k = 54;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 6) > 0);
+
+            h ^= ((x & 0x0820820820820820L) & (ulong)(((long)y << 4) >> 63)) >> 5;
+
+            Debug.Assert(h >> 55 == 0);
+
+            z[zOff    ] ^= l & M60;
+            z[zOff + 1] ^= (l >> 60) ^ (h << 4);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            Interleave.Expand64To128(x[0], zz, 0);
+            Interleave.Expand64To128(x[1], zz, 2);
+            Interleave.Expand64To128(x[2], zz, 4);
+
+            ulong x3 = x[3];
+            zz[6] = Interleave.Expand32to64((uint)x3);
+            zz[7] = Interleave.Expand16to32((uint)(x3 >> 32));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT239FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239FieldElement.cs
new file mode 100644
index 0000000..a32ffc5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT239FieldElement
+        : ECFieldElement
+    {
+        protected ulong[] x;
+
+        public SecT239FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 239)
+                throw new ArgumentException("value invalid for SecT239FieldElement", "x");
+
+            this.x = SecT239Field.FromBigInteger(x);
+        }
+
+        public SecT239FieldElement()
+        {
+            this.x = Nat256.Create64();
+        }
+
+        protected internal SecT239FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat256.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat256.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1L) != 0L;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat256.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT239Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 239; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Add(x, ((SecT239FieldElement)b).x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.AddOne(x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and Subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Multiply(x, ((SecT239FieldElement)b).x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT239FieldElement)b).x;
+            ulong[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT239Field.MultiplyAddToExt(ax, bx, tt);
+            SecT239Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Reduce(tt, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Square(x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x;
+
+            ulong[] tt = Nat256.CreateExt64();
+            SecT239Field.SquareAddToExt(ax, tt);
+            SecT239Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Reduce(tt, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat256.Create64();
+            SecT239Field.SquareN(x, pow, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Invert(x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat256.Create64();
+            SecT239Field.Sqrt(x, z);
+            return new SecT239FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Tpb; }
+        }
+
+        public virtual int M
+        {
+            get { return 239; }
+        }
+
+        public virtual int K1
+        {
+            get { return 158; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT239FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT239FieldElement);
+        }
+
+        public virtual bool Equals(SecT239FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat256.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 23900158 ^ Arrays.GetHashCode(x, 0, 4);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Curve.cs
new file mode 100644
index 0000000..a499d48
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT239K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT239K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT239K1Point m_infinity;
+
+        public SecT239K1Curve()
+            : base(239, 158, 0, 0)
+        {
+            this.m_infinity = new SecT239K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.One);
+            this.m_order = new BigInteger(1, Hex.Decode("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5"));
+            this.m_cofactor = BigInteger.ValueOf(4);
+
+            this.m_coord = SecT239K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT239K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 239; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT239FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT239K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT239K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 239; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 158; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Point.cs
new file mode 100644
index 0000000..fbd5117
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT239K1Point.cs
@@ -0,0 +1,290 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT239K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT239K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1);
+                if (X3.IsZero)
+                {
+                    return new SecT239K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT239K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T;
+            if (Z1IsOne)
+            {
+                T = L1.Square().Add(L1);
+            }
+            else
+            {
+                T = L1.Add(Z1).Multiply(L1);
+            }
+
+            if (T.IsZero)
+            {
+                return new SecT239K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3);
+
+            return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = L1Sq.Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT239K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT239K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283Field.cs
new file mode 100644
index 0000000..22b7eaa
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283Field.cs
@@ -0,0 +1,402 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283Field
+    {
+        private const ulong M27 = ulong.MaxValue >> 37;
+        private const ulong M57 = ulong.MaxValue >> 7;
+
+        private static readonly ulong[] ROOT_Z = new ulong[]{ 0x0C30C30C30C30808UL, 0x30C30C30C30C30C3UL, 0x820820820820830CUL, 0x0820820820820820UL, 0x2082082UL };
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+            z[4] = x[4] ^ y[4];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            zz[0] = xx[0] ^ yy[0];
+            zz[1] = xx[1] ^ yy[1];
+            zz[2] = xx[2] ^ yy[2];
+            zz[3] = xx[3] ^ yy[3];
+            zz[4] = xx[4] ^ yy[4];
+            zz[5] = xx[5] ^ yy[5];
+            zz[6] = xx[6] ^ yy[6];
+            zz[7] = xx[7] ^ yy[7];
+            zz[8] = xx[8] ^ yy[8];
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat320.FromBigInteger64(x);
+            Reduce37(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat320.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion
+
+            ulong[] t0 = Nat320.Create64();
+            ulong[] t1 = Nat320.Create64();
+
+            Square(x, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 2, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 4, t0);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 8, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, t1);
+            Multiply(t1, x, t1);
+            SquareN(t1, 17, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 35, t1);
+            Multiply(t1, t0, t1);
+            SquareN(t1, 70, t0);
+            Multiply(t0, t1, t0);
+            Square(t0, t0);
+            Multiply(t0, x, t0);
+            SquareN(t0, 141, t1);
+            Multiply(t1, t0, t1);
+            Square(t1, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat320.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat320.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4];
+            ulong x5 = xx[5], x6 = xx[6], x7 = xx[7], x8 = xx[8];
+
+            x3 ^= (x8 << 37) ^ (x8 << 42) ^ (x8 << 44) ^ (x8 << 49);
+            x4 ^= (x8 >> 27) ^ (x8 >> 22) ^ (x8 >> 20) ^ (x8 >> 15);
+
+            x2 ^= (x7 << 37) ^ (x7 << 42) ^ (x7 << 44) ^ (x7 << 49);
+            x3 ^= (x7 >> 27) ^ (x7 >> 22) ^ (x7 >> 20) ^ (x7 >> 15);
+
+            x1 ^= (x6 << 37) ^ (x6 << 42) ^ (x6 << 44) ^ (x6 << 49);
+            x2 ^= (x6 >> 27) ^ (x6 >> 22) ^ (x6 >> 20) ^ (x6 >> 15);
+
+            x0 ^= (x5 << 37) ^ (x5 << 42) ^ (x5 << 44) ^ (x5 << 49);
+            x1 ^= (x5 >> 27) ^ (x5 >> 22) ^ (x5 >> 20) ^ (x5 >> 15);
+
+            ulong t = x4 >> 27;
+            z[0]    = x0 ^ t ^ (t << 5) ^ (t << 7) ^ (t << 12);
+            z[1]    = x1; 
+            z[2]    = x2; 
+            z[3]    = x3; 
+            z[4]    = x4 & M27; 
+        }
+
+        public static void Reduce37(ulong[] z, int zOff)
+        {
+            ulong z4     = z[zOff + 4], t = z4 >> 27;
+            z[zOff    ] ^= t ^ (t << 5) ^ (t << 7) ^ (t << 12);
+            z[zOff + 4]  = z4 & M27;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong[] odd = Nat320.Create64();
+
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            odd[0]   = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            odd[1]   = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[4]);
+            ulong e2 = (u0 & 0x00000000FFFFFFFFUL);
+            odd[2]   = (u0 >> 32);
+
+            Multiply(odd, ROOT_Z, z);
+
+            z[0] ^= e0;
+            z[1] ^= e1;
+            z[2] ^= e2;
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat.Create64(9);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat.Create64(9);
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat.Create64(9);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 271
+            return (uint)(x[0] ^ (x[4] >> 15)) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4];
+            ulong z5 = zz[5], z6 = zz[6], z7 = zz[7], z8 = zz[8], z9 = zz[9];
+            zz[0] =  z0        ^ (z1 << 57);
+            zz[1] = (z1 >>  7) ^ (z2 << 50);
+            zz[2] = (z2 >> 14) ^ (z3 << 43);
+            zz[3] = (z3 >> 21) ^ (z4 << 36);
+            zz[4] = (z4 >> 28) ^ (z5 << 29);
+            zz[5] = (z5 >> 35) ^ (z6 << 22);
+            zz[6] = (z6 >> 42) ^ (z7 << 15);
+            zz[7] = (z7 >> 49) ^ (z8 <<  8);
+            zz[8] = (z8 >> 56) ^ (z9 <<  1);
+            zz[9] = (z9 >> 63); // Zero!
+        }
+
+        protected static void ImplExpand(ulong[] x, ulong[] z)
+        {
+            ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4];
+            z[0] = x0 & M57;
+            z[1] = ((x0 >> 57) ^ (x1 <<  7)) & M57;
+            z[2] = ((x1 >> 50) ^ (x2 << 14)) & M57;
+            z[3] = ((x2 >> 43) ^ (x3 << 21)) & M57;
+            z[4] = ((x3 >> 36) ^ (x4 << 28));
+        }
+
+        //protected static void AddMs(ulong[] zz, int zOff, ulong[] p, params int[] ms)
+        //{
+        //    ulong t0 = 0, t1 = 0;
+        //    foreach (int m in ms)
+        //    {
+        //        int i = (m - 1) << 1;
+        //        t0 ^= p[i    ];
+        //        t1 ^= p[i + 1];
+        //    }
+        //    zz[zOff    ] ^= t0;
+        //    zz[zOff + 1] ^= t1;
+        //}
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            /*
+             * Formula (17) from "Some New Results on Binary Polynomial Multiplication",
+             * Murat Cenk and M. Anwar Hasan.
+             * 
+             * The formula as given contained an error in the term t25, as noted below
+             */
+            ulong[] a = new ulong[5], b = new ulong[5];
+            ImplExpand(x, a);
+            ImplExpand(y, b);
+
+            ulong[] p = new ulong[26];
+
+            ImplMulw(a[0], b[0], p, 0);                                 // m1
+            ImplMulw(a[1], b[1], p, 2);                                 // m2
+            ImplMulw(a[2], b[2], p, 4);                                 // m3
+            ImplMulw(a[3], b[3], p, 6);                                 // m4
+            ImplMulw(a[4], b[4], p, 8);                                 // m5
+
+            ulong u0 = a[0] ^ a[1], v0 = b[0] ^ b[1];
+            ulong u1 = a[0] ^ a[2], v1 = b[0] ^ b[2];
+            ulong u2 = a[2] ^ a[4], v2 = b[2] ^ b[4];
+            ulong u3 = a[3] ^ a[4], v3 = b[3] ^ b[4];
+
+            ImplMulw(u1 ^ a[3], v1 ^ b[3], p, 18);                      // m10
+            ImplMulw(u2 ^ a[1], v2 ^ b[1], p, 20);                      // m11
+
+            ulong A4 = u0 ^ u3  , B4 = v0 ^ v3;
+            ulong A5 = A4 ^ a[2], B5 = B4 ^ b[2];
+
+            ImplMulw(A4, B4, p, 22);                                    // m12
+            ImplMulw(A5, B5, p, 24);                                    // m13
+
+            ImplMulw(u0, v0, p, 10);                                    // m6
+            ImplMulw(u1, v1, p, 12);                                    // m7
+            ImplMulw(u2, v2, p, 14);                                    // m8
+            ImplMulw(u3, v3, p, 16);                                    // m9
+
+
+            // Original method, corresponding to formula (16)
+            //AddMs(zz, 0, p, 1);
+            //AddMs(zz, 1, p, 1, 2, 6);
+            //AddMs(zz, 2, p, 1, 2, 3, 7);
+            //AddMs(zz, 3, p, 1, 3, 4, 5, 8, 10, 12, 13);
+            //AddMs(zz, 4, p, 1, 2, 4, 5, 6, 9, 10, 11, 13);
+            //AddMs(zz, 5, p, 1, 2, 3, 5, 7, 11, 12, 13);
+            //AddMs(zz, 6, p, 3, 4, 5, 8);
+            //AddMs(zz, 7, p, 4, 5, 9);
+            //AddMs(zz, 8, p, 5);
+
+            // Improved method factors out common single-word terms
+            // NOTE: p1,...,p26 in the paper maps to p[0],...,p[25] here
+
+            zz[0]     = p[ 0];
+            zz[9]     = p[ 9];
+
+            ulong t1  = p[ 0] ^ p[ 1];
+            ulong t2  = t1    ^ p[ 2];
+            ulong t3  = t2    ^ p[10];
+        
+            zz[1]     = t3;
+
+            ulong t4  = p[ 3] ^ p[ 4];
+            ulong t5  = p[11] ^ p[12];
+            ulong t6  = t4    ^ t5;
+            ulong t7  = t2    ^ t6;
+
+            zz[2]     = t7;
+
+            ulong t8  = t1    ^ t4;
+            ulong t9  = p[ 5] ^ p[ 6];
+            ulong t10 = t8    ^ t9;
+            ulong t11 = t10   ^ p[ 8];
+            ulong t12 = p[13] ^ p[14];
+            ulong t13 = t11   ^ t12;
+            ulong t14 = p[18] ^ p[22];
+            ulong t15 = t14   ^ p[24];
+            ulong t16 = t13   ^ t15;
+
+            zz[3]     = t16;
+
+            ulong t17 = p[ 7] ^ p[ 8];
+            ulong t18 = t17   ^ p[ 9];
+            ulong t19 = t18   ^ p[17];
+
+            zz[8]     = t19;
+
+            ulong t20 = t18   ^ t9;
+            ulong t21 = p[15] ^ p[16];
+            ulong t22 = t20   ^ t21;
+
+            zz[7]     = t22;
+
+            ulong t23 = t22   ^ t3;
+            ulong t24 = p[19] ^ p[20];
+    //      ulong t25 = p[23] ^ p[24];
+            ulong t25 = p[25] ^ p[24];       // Fixes an error in the paper: p[23] -> p{25]
+            ulong t26 = p[18] ^ p[23];
+            ulong t27 = t24   ^ t25;
+            ulong t28 = t27   ^ t26;
+            ulong t29 = t28   ^ t23;
+
+            zz[4]     = t29;
+        
+            ulong t30 = t7    ^ t19;
+            ulong t31 = t27   ^ t30;
+            ulong t32 = p[21] ^ p[22];
+            ulong t33 = t31   ^ t32;
+
+            zz[5]     = t33;
+
+            ulong t34 = t11   ^ p[0];
+            ulong t35 = t34   ^ p[9];
+            ulong t36 = t35   ^ t12;
+            ulong t37 = t36   ^ p[21];
+            ulong t38 = t37   ^ p[23];
+            ulong t39 = t38   ^ p[25];
+
+            zz[6]     = t39;
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulw(ulong x, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(x >> 57 == 0);
+            Debug.Assert(y >> 57 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            uint j = (uint)x;
+            ulong g, h = 0, l = u[j & 7];
+            int k = 48;
+            do
+            {
+                j  = (uint)(x >> k);
+                g  = u[j & 7]
+                   ^ u[(j >> 3) & 7] << 3
+                   ^ u[(j >> 6) & 7] << 6;
+                l ^= (g <<  k);
+                h ^= (g >> -k);
+            }
+            while ((k -= 9) > 0);
+
+            h ^= ((x & 0x0100804020100800L) & (ulong)(((long)y << 7) >> 63)) >> 8;
+
+            Debug.Assert(h >> 49 == 0);
+
+            z[zOff    ] = l & M57;
+            z[zOff + 1] = (l >> 57) ^ (h << 7);
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            for (int i = 0; i < 4; ++i)
+            {
+                Interleave.Expand64To128(x[i], zz, i << 1);
+            }
+            zz[8] = Interleave.Expand32to64((uint)x[4]);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283FieldElement.cs
new file mode 100644
index 0000000..adfd4e0
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT283FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 283)
+                throw new ArgumentException("value invalid for SecT283FieldElement", "x");
+
+            this.x = SecT283Field.FromBigInteger(x);
+        }
+
+        public SecT283FieldElement()
+        {
+            this.x = Nat320.Create64();
+        }
+
+        protected internal SecT283FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat320.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat320.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat320.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT283Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 283; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Add(x, ((SecT283FieldElement)b).x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.AddOne(x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Multiply(x, ((SecT283FieldElement)b).x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT283FieldElement)b).x;
+            ulong[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(9);
+            SecT283Field.MultiplyAddToExt(ax, bx, tt);
+            SecT283Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Reduce(tt, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Square(x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(9);
+            SecT283Field.SquareAddToExt(ax, tt);
+            SecT283Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Reduce(tt, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat320.Create64();
+            SecT283Field.SquareN(x, pow, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Invert(x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat320.Create64();
+            SecT283Field.Sqrt(x, z);
+            return new SecT283FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Ppb; }
+        }
+
+        public virtual int M
+        {
+            get { return 283; }
+        }
+
+        public virtual int K1
+        {
+            get { return 5; }
+        }
+
+        public virtual int K2
+        {
+            get { return 7; }
+        }
+
+        public virtual int K3
+        {
+            get { return 12; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT283FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT283FieldElement);
+        }
+
+        public virtual bool Equals(SecT283FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat320.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 2831275 ^ Arrays.GetHashCode(x, 0, 5);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Curve.cs
new file mode 100644
index 0000000..4053287
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT283K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT283K1Point m_infinity;
+
+        public SecT283K1Curve()
+            : base(283, 5, 7, 12)
+        {
+            this.m_infinity = new SecT283K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.One);
+            this.m_order = new BigInteger(1, Hex.Decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61"));
+            this.m_cofactor = BigInteger.ValueOf(4);
+
+            this.m_coord = SecT283K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT283K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 283; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT283FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT283K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT283K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 283; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 5; }
+        }
+
+        public virtual int K2
+        {
+            get { return 7; }
+        }
+
+        public virtual int K3
+        {
+            get { return 12; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Point.cs
new file mode 100644
index 0000000..9856894
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283K1Point.cs
@@ -0,0 +1,289 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT283K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1);
+                if (X3.IsZero)
+                {
+                    return new SecT283K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT283K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T;
+            if (Z1IsOne)
+            {
+                T = L1.Square().Add(L1);
+            }
+            else
+            {
+                T = L1.Add(Z1).Multiply(L1);
+            }
+
+            if (T.IsZero)
+            {
+                return new SecT283K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3);
+
+            return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = L1Sq.Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT283K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT283K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Curve.cs
new file mode 100644
index 0000000..e659675
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT283R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT283R1Point m_infinity;
+
+        public SecT283R1Curve()
+            : base(283, 5, 7, 12)
+        {
+            this.m_infinity = new SecT283R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5")));
+            this.m_order = new BigInteger(1, Hex.Decode("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT283R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT283R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 283; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT283FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT283R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT283R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 283; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 5; }
+        }
+
+        public virtual int K2
+        {
+            get { return 7; }
+        }
+
+        public virtual int K3
+        {
+            get { return 12; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Point.cs
new file mode 100644
index 0000000..4c1a780
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT283R1Point.cs
@@ -0,0 +1,278 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT283R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT283R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT283R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT283R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT283R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT283R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT283R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409Field.cs
new file mode 100644
index 0000000..861b77a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409Field.cs
@@ -0,0 +1,331 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409Field
+    {
+        private const ulong M25 = ulong.MaxValue >> 39;
+        private const ulong M59 = ulong.MaxValue >> 5;
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            z[0] = x[0] ^ y[0];
+            z[1] = x[1] ^ y[1];
+            z[2] = x[2] ^ y[2];
+            z[3] = x[3] ^ y[3];
+            z[4] = x[4] ^ y[4];
+            z[5] = x[5] ^ y[5];
+            z[6] = x[6] ^ y[6];
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            for (int i = 0; i < 13; ++i)
+            {
+                zz[i] = xx[i] ^ yy[i]; 
+            }
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+            z[6] = x[6];
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat448.FromBigInteger64(x);
+            Reduce39(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat448.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion with bases { 2, 3 }
+
+            ulong[] t0 = Nat448.Create64();
+            ulong[] t1 = Nat448.Create64();
+            ulong[] t2 = Nat448.Create64();
+
+            Square(x, t0);
+
+            // 3 | 408
+            SquareN(t0, 1, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 1, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 136
+            SquareN(t0, 3, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 68
+            SquareN(t0, 6, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 34
+            SquareN(t0, 12, t1);
+            Multiply(t0, t1, t2);
+
+            // ! {2,3} | 17
+            SquareN(t2, 24, t0);
+            SquareN(t0, 24, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 8
+            SquareN(t0, 48, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 4
+            SquareN(t0, 96, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 2
+            SquareN(t0, 192, t1);
+            Multiply(t0, t1, t0);
+
+            Multiply(t0, t2, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat448.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat448.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong x00 = xx[0], x01 = xx[1], x02 = xx[2], x03 = xx[3];
+            ulong x04 = xx[4], x05 = xx[5], x06 = xx[6], x07 = xx[7];
+
+            ulong u = xx[12];
+            x05 ^= (u << 39);
+            x06 ^= (u >> 25) ^ (u << 62);
+            x07 ^= (u >>  2);
+
+            u = xx[11];
+            x04 ^= (u << 39);
+            x05 ^= (u >> 25) ^ (u << 62);
+            x06 ^= (u >>  2);
+
+            u = xx[10];
+            x03 ^= (u << 39);
+            x04 ^= (u >> 25) ^ (u << 62);
+            x05 ^= (u >>  2);
+
+            u = xx[9];
+            x02 ^= (u << 39);
+            x03 ^= (u >> 25) ^ (u << 62);
+            x04 ^= (u >>  2);
+
+            u = xx[8];
+            x01 ^= (u << 39);
+            x02 ^= (u >> 25) ^ (u << 62);
+            x03 ^= (u >>  2);
+
+            u = x07;
+            x00 ^= (u << 39);
+            x01 ^= (u >> 25) ^ (u << 62);
+            x02 ^= (u >>  2);
+
+            ulong t = x06 >> 25;
+            z[0]    = x00 ^ t;
+            z[1]    = x01 ^ (t << 23);
+            z[2]    = x02;
+            z[3]    = x03;
+            z[4]    = x04;
+            z[5]    = x05;
+            z[6]    = x06 & M25;
+        }
+
+        public static void Reduce39(ulong[] z, int zOff)
+        {
+            ulong z6 = z[zOff + 6], t = z6 >> 25;
+            z[zOff    ] ^= t; 
+            z[zOff + 1] ^= (t << 23);
+            z[zOff + 6]  = z6 & M25;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong u0, u1;
+            u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]);
+            ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]);
+            ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[4]); u1 = Interleave.Unshuffle(x[5]);
+            ulong e2 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+            ulong c2 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+
+            u0 = Interleave.Unshuffle(x[6]);
+            ulong e3 = (u0 & 0x00000000FFFFFFFFUL);
+            ulong c3 = (u0 >> 32);
+
+            z[0] = e0 ^ (c0 << 44);
+            z[1] = e1 ^ (c1 << 44) ^ (c0 >> 20);
+            z[2] = e2 ^ (c2 << 44) ^ (c1 >> 20);
+            z[3] = e3 ^ (c3 << 44) ^ (c2 >> 20) ^ (c0 << 13);
+            z[4] =                   (c3 >> 20) ^ (c1 << 13) ^ (c0 >> 51);
+            z[5] =                                (c2 << 13) ^ (c1 >> 51);
+            z[6] =                                (c3 << 13) ^ (c2 >> 51);
+
+            Debug.Assert((c3 >> 51) == 0);
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat.Create64(13);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat.Create64(13);
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat.Create64(13);
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0
+            return (uint)(x[0]) & 1U;
+        }
+
+        protected static void ImplCompactExt(ulong[] zz)
+        {
+            ulong z00 = zz[ 0], z01 = zz[ 1], z02 = zz[ 2], z03 = zz[ 3], z04 = zz[ 4], z05 = zz[ 5], z06 = zz[ 6];
+            ulong z07 = zz[ 7], z08 = zz[ 8], z09 = zz[ 9], z10 = zz[10], z11 = zz[11], z12 = zz[12], z13 = zz[13];
+            zz[ 0] =  z00        ^ (z01 << 59);
+            zz[ 1] = (z01 >>  5) ^ (z02 << 54);
+            zz[ 2] = (z02 >> 10) ^ (z03 << 49);
+            zz[ 3] = (z03 >> 15) ^ (z04 << 44);
+            zz[ 4] = (z04 >> 20) ^ (z05 << 39);
+            zz[ 5] = (z05 >> 25) ^ (z06 << 34);
+            zz[ 6] = (z06 >> 30) ^ (z07 << 29);
+            zz[ 7] = (z07 >> 35) ^ (z08 << 24);
+            zz[ 8] = (z08 >> 40) ^ (z09 << 19);
+            zz[ 9] = (z09 >> 45) ^ (z10 << 14);
+            zz[10] = (z10 >> 50) ^ (z11 <<  9);
+            zz[11] = (z11 >> 55) ^ (z12 <<  4)
+                                 ^ (z13 << 63);
+            zz[12] = (z12 >> 60)
+                   ^ (z13 >> 1);
+            zz[13] = 0;
+        }
+
+        protected static void ImplExpand(ulong[] x, ulong[] z)
+        {
+            ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6];
+            z[0] = x0 & M59;
+            z[1] = ((x0 >> 59) ^ (x1 <<  5)) & M59;
+            z[2] = ((x1 >> 54) ^ (x2 << 10)) & M59;
+            z[3] = ((x2 >> 49) ^ (x3 << 15)) & M59;
+            z[4] = ((x3 >> 44) ^ (x4 << 20)) & M59;
+            z[5] = ((x4 >> 39) ^ (x5 << 25)) & M59;
+            z[6] = ((x5 >> 34) ^ (x6 << 30));
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] a = new ulong[7], b = new ulong[7];
+            ImplExpand(x, a);
+            ImplExpand(y, b);
+
+            for (int i = 0; i < 7; ++i)
+            {
+                ImplMulwAcc(a, b[i], zz, i);
+            }
+
+            ImplCompactExt(zz);
+        }
+
+        protected static void ImplMulwAcc(ulong[] xs, ulong y, ulong[] z, int zOff)
+        {
+            Debug.Assert(y >> 59 == 0);
+
+            ulong[] u = new ulong[8];
+            //u[0] = 0;
+            u[1] = y;
+            u[2] = u[1] << 1;
+            u[3] = u[2] ^  y;
+            u[4] = u[2] << 1;
+            u[5] = u[4] ^  y;
+            u[6] = u[3] << 1;
+            u[7] = u[6] ^  y;
+
+            for (int i = 0; i < 7; ++i)
+            {
+                ulong x = xs[i];
+
+                Debug.Assert(x >> 59 == 0);
+
+                uint j = (uint)x;
+                ulong g, h = 0, l = u[j & 7]
+                                  ^ (u[(j >> 3) & 7] << 3);
+                int k = 54;
+                do
+                {
+                    j  = (uint)(x >> k);
+                    g  = u[j & 7]
+                       ^ u[(j >> 3) & 7] << 3;
+                    l ^= (g <<  k);
+                    h ^= (g >> -k);
+                }
+                while ((k -= 6) > 0);
+
+                Debug.Assert(h >> 53 == 0);
+
+                z[zOff + i    ] ^= l & M59;
+                z[zOff + i + 1] ^= (l >> 59) ^ (h << 5);
+            }
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            for (int i = 0; i < 6; ++i)
+            {
+                Interleave.Expand64To128(x[i], zz, i << 1);
+            }
+            zz[12] = Interleave.Expand32to64((uint)x[6]);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409FieldElement.cs
new file mode 100644
index 0000000..f954f46
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409FieldElement
+        : ECFieldElement
+    {
+        protected ulong[] x;
+
+        public SecT409FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 409)
+                throw new ArgumentException("value invalid for SecT409FieldElement", "x");
+
+            this.x = SecT409Field.FromBigInteger(x);
+        }
+
+        public SecT409FieldElement()
+        {
+            this.x = Nat448.Create64();
+        }
+
+        protected internal SecT409FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat448.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat448.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat448.ToBigInteger64(x);
+        }
+
+        public override string FieldName
+        {
+            get { return "SecT409Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 409; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Add(x, ((SecT409FieldElement)b).x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.AddOne(x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Multiply(x, ((SecT409FieldElement)b).x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT409FieldElement)b).x;
+            ulong[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(13);
+            SecT409Field.MultiplyAddToExt(ax, bx, tt);
+            SecT409Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Reduce(tt, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Square(x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x;
+
+            ulong[] tt = Nat.Create64(13);
+            SecT409Field.SquareAddToExt(ax, tt);
+            SecT409Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Reduce(tt, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat448.Create64();
+            SecT409Field.SquareN(x, pow, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Invert(x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat448.Create64();
+            SecT409Field.Sqrt(x, z);
+            return new SecT409FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Tpb; }
+        }
+
+        public virtual int M
+        {
+            get { return 409; }
+        }
+
+        public virtual int K1
+        {
+            get { return 87; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT409FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT409FieldElement);
+        }
+
+        public virtual bool Equals(SecT409FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat448.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 4090087 ^ Arrays.GetHashCode(x, 0, 7);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Curve.cs
new file mode 100644
index 0000000..4f57355
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT409K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT409K1Point m_infinity;
+
+        public SecT409K1Curve()
+            : base(409, 87, 0, 0)
+        {
+            this.m_infinity = new SecT409K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.One);
+            this.m_order = new BigInteger(1, Hex.Decode("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF"));
+            this.m_cofactor = BigInteger.ValueOf(4);
+
+            this.m_coord = SecT409K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT409K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 409; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT409FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT409K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT409K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 409; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 87; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Point.cs
new file mode 100644
index 0000000..e67ca9a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409K1Point.cs
@@ -0,0 +1,289 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT409K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1);
+                if (X3.IsZero)
+                {
+                    return new SecT409K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT409K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T;
+            if (Z1IsOne)
+            {
+                T = L1.Square().Add(L1);
+            }
+            else
+            {
+                T = L1.Add(Z1).Multiply(L1);
+            }
+
+            if (T.IsZero)
+            {
+                return new SecT409K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3);
+
+            return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = L1Sq.Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT409K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT409K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Curve.cs
new file mode 100644
index 0000000..9212fb5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Curve.cs
@@ -0,0 +1,98 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT409R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT409R1Point m_infinity;
+
+        public SecT409R1Curve()
+            : base(409, 87, 0, 0)
+        {
+            this.m_infinity = new SecT409R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = FromBigInteger(new BigInteger(1, Hex.Decode("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F")));
+            this.m_order = new BigInteger(1, Hex.Decode("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT409R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT409R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 409; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT409FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT409R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT409R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 409; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return true; }
+        }
+
+        public virtual int K1
+        {
+            get { return 87; }
+        }
+
+        public virtual int K2
+        {
+            get { return 0; }
+        }
+
+        public virtual int K3
+        {
+            get { return 0; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Point.cs
new file mode 100644
index 0000000..92f6143
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT409R1Point.cs
@@ -0,0 +1,278 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT409R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT409R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT409R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT409R1Point(curve, X3, curve.B.Sqrt(), IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT409R1Point(curve, T, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT409R1Point(curve, A, curve.B.Sqrt(), IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT409R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571Field.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571Field.cs
new file mode 100644
index 0000000..98f4f7f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571Field.cs
@@ -0,0 +1,333 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Math.Raw;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571Field
+    {
+        private const ulong M59 = ulong.MaxValue >> 5;
+
+        private const ulong RM = 0xEF7BDEF7BDEF7BDEUL;
+
+        private static readonly ulong[] ROOT_Z = new ulong[]{ 0x2BE1195F08CAFB99UL, 0x95F08CAF84657C23UL, 0xCAF84657C232BE11UL, 0x657C232BE1195F08UL,
+            0xF84657C2308CAF84UL, 0x7C232BE1195F08CAUL, 0xBE1195F08CAF8465UL, 0x5F08CAF84657C232UL, 0x784657C232BE119UL };
+
+        public static void Add(ulong[] x, ulong[] y, ulong[] z)
+        {
+            for (int i = 0; i < 9; ++i)
+            {
+                z[i] = x[i] ^ y[i]; 
+            }
+        }
+
+        private static void Add(ulong[] x, int xOff, ulong[] y, int yOff, ulong[] z, int zOff)
+        {
+            for (int i = 0; i < 9; ++i)
+            {
+                z[zOff + i] = x[xOff + i] ^ y[yOff + i];
+            }
+        }
+
+        private static void AddBothTo(ulong[] x, int xOff, ulong[] y, int yOff, ulong[] z, int zOff)
+        {
+            for (int i = 0; i < 9; ++i)
+            {
+                z[zOff + i] ^= x[xOff + i] ^ y[yOff + i];
+            }
+        }
+
+        public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz)
+        {
+            for (int i = 0; i < 18; ++i)
+            {
+                zz[i] = xx[i] ^ yy[i]; 
+            }
+        }
+
+        public static void AddOne(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0] ^ 1UL;
+            for (int i = 1; i < 9; ++i)
+            {
+                z[i] = x[i];
+            }
+        }
+
+        public static ulong[] FromBigInteger(BigInteger x)
+        {
+            ulong[] z = Nat576.FromBigInteger64(x);
+            Reduce5(z, 0);
+            return z;
+        }
+
+        public static void Invert(ulong[] x, ulong[] z)
+        {
+            if (Nat576.IsZero64(x))
+                throw new InvalidOperationException();
+
+            // Itoh-Tsujii inversion with bases { 2, 3, 5 }
+
+            ulong[] t0 = Nat576.Create64();
+            ulong[] t1 = Nat576.Create64();
+            ulong[] t2 = Nat576.Create64();
+
+            Square(x, t2);
+
+            // 5 | 570
+            Square(t2, t0);
+            Square(t0, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t0, 2, t1);
+            Multiply(t0, t1, t0);
+            Multiply(t0, t2, t0);
+
+            // 3 | 114
+            SquareN(t0, 5, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 5, t1);
+            Multiply(t0, t1, t0);
+
+            // 2 | 38
+            SquareN(t0, 15, t1);
+            Multiply(t0, t1, t2);
+
+            // ! {2,3,5} | 19
+            SquareN(t2, 30, t0);
+            SquareN(t0, 30, t1);
+            Multiply(t0, t1, t0);
+
+            // 3 | 9
+            SquareN(t0, 60, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 60, t1);
+            Multiply(t0, t1, t0);
+
+            // 3 | 3
+            SquareN(t0, 180, t1);
+            Multiply(t0, t1, t0);
+            SquareN(t1, 180, t1);
+            Multiply(t0, t1, t0);
+
+            Multiply(t0, t2, z);
+        }
+
+        public static void Multiply(ulong[] x, ulong[] y, ulong[] z)
+        {
+            ulong[] tt = Nat576.CreateExt64();
+            ImplMultiply(x, y, tt);
+            Reduce(tt, z);
+        }
+
+        public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            ulong[] tt = Nat576.CreateExt64();
+            ImplMultiply(x, y, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void Reduce(ulong[] xx, ulong[] z)
+        {
+            ulong xx09 = xx[9];
+            ulong u = xx[17], v = xx09;
+
+            xx09  = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49);
+            v = xx[8] ^ (u <<  5) ^ (u <<  7) ^ (u << 10) ^ (u << 15);
+
+            for (int i = 16; i >= 10; --i)
+            {
+                u = xx[i];
+                z[i - 8]  = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49);
+                v = xx[i - 9] ^ (u <<  5) ^ (u <<  7) ^ (u << 10) ^ (u << 15);
+            }
+
+            u = xx09;
+            z[1]  = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49);
+            v = xx[0] ^ (u <<  5) ^ (u <<  7) ^ (u << 10) ^ (u << 15);
+
+            ulong x08 = z[8];
+            ulong t   = x08 >> 59;
+            z[0]      = v ^ t ^ (t << 2) ^ (t << 5) ^ (t << 10);
+            z[8]      = x08 & M59;
+        }
+
+        public static void Reduce5(ulong[] z, int zOff)
+        {
+            ulong z8     = z[zOff + 8], t = z8 >> 59;
+            z[zOff    ] ^= t ^ (t << 2) ^ (t << 5) ^ (t << 10);
+            z[zOff + 8]  = z8 & M59;
+        }
+
+        public static void Sqrt(ulong[] x, ulong[] z)
+        {
+            ulong[] evn = Nat576.Create64(), odd = Nat576.Create64();
+
+            int pos = 0;
+            for (int i = 0; i < 4; ++i)
+            {
+                ulong u0 = Interleave.Unshuffle(x[pos++]);
+                ulong u1 = Interleave.Unshuffle(x[pos++]);
+                evn[i] = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32);
+                odd[i] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL);
+            }
+            {
+                ulong u0 = Interleave.Unshuffle(x[pos]);
+                evn[4] = (u0 & 0x00000000FFFFFFFFUL);
+                odd[4] = (u0 >> 32);
+            }
+
+            Multiply(odd, ROOT_Z, z);
+            Add(z, evn, z);
+        }
+
+        public static void Square(ulong[] x, ulong[] z)
+        {
+            ulong[] tt = Nat576.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+        }
+
+        public static void SquareAddToExt(ulong[] x, ulong[] zz)
+        {
+            ulong[] tt = Nat576.CreateExt64();
+            ImplSquare(x, tt);
+            AddExt(zz, tt, zz);
+        }
+
+        public static void SquareN(ulong[] x, int n, ulong[] z)
+        {
+            Debug.Assert(n > 0);
+
+            ulong[] tt = Nat576.CreateExt64();
+            ImplSquare(x, tt);
+            Reduce(tt, z);
+
+            while (--n > 0)
+            {
+                ImplSquare(z, tt);
+                Reduce(tt, z);
+            }
+        }
+
+        public static uint Trace(ulong[] x)
+        {
+            // Non-zero-trace bits: 0, 561, 569
+            return (uint)(x[0] ^ (x[8] >> 49) ^ (x[8] >> 57)) & 1U;
+        }
+
+        protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz)
+        {
+            //for (int i = 0; i < 9; ++i)
+            //{
+            //    ImplMulwAcc(x, y[i], zz, i);
+            //}
+
+            /*
+             * Precompute table of all 4-bit products of y
+             */
+            ulong[] T0 = new ulong[9 << 4];
+            Array.Copy(y, 0, T0, 9, 9);
+    //        Reduce5(T0, 9);
+            int tOff = 0;
+            for (int i = 7; i > 0; --i)
+            {
+                tOff += 18;
+                Nat.ShiftUpBit64(9, T0, tOff >> 1, 0UL, T0, tOff);
+                Reduce5(T0, tOff);
+                Add(T0, 9, T0, tOff, T0, tOff + 9);
+            }
+
+            /*
+             * Second table with all 4-bit products of B shifted 4 bits
+             */
+            ulong[] T1 = new ulong[T0.Length];
+            Nat.ShiftUpBits64(T0.Length, T0, 0, 4, 0L, T1, 0);
+
+            uint MASK = 0xF;
+
+            /*
+             * Lopez-Dahab algorithm
+             */
+
+            for (int k = 56; k >= 0; k -= 8)
+            {
+                for (int j = 1; j < 9; j += 2)
+                {
+                    uint aVal = (uint)(x[j] >> k);
+                    uint u = aVal & MASK;
+                    uint v = (aVal >> 4) & MASK;
+                    AddBothTo(T0, (int)(9 * u), T1, (int)(9 * v), zz, j - 1);
+                }
+                Nat.ShiftUpBits64(16, zz, 0, 8, 0L);
+            }
+
+            for (int k = 56; k >= 0; k -= 8)
+            {
+                for (int j = 0; j < 9; j += 2)
+                {
+                    uint aVal = (uint)(x[j] >> k);
+                    uint u = aVal & MASK;
+                    uint v = (aVal >> 4) & MASK;
+                    AddBothTo(T0, (int)(9 * u), T1, (int)(9 * v), zz, j);
+                }
+                if (k > 0)
+                {
+                    Nat.ShiftUpBits64(18, zz, 0, 8, 0L);
+                }
+            }
+        }
+
+        protected static void ImplMulwAcc(ulong[] xs, ulong y, ulong[] z, int zOff)
+        {
+            ulong[] u = new ulong[32];
+            //u[0] = 0;
+            u[1] = y;
+            for (int i = 2; i < 32; i += 2)
+            {
+                u[i    ] = u[i >> 1] << 1;
+                u[i + 1] = u[i     ] ^  y;
+            }
+
+            ulong l = 0;
+            for (int i = 0; i < 9; ++i)
+            {
+                ulong x = xs[i];
+
+                uint j = (uint)x;
+
+                l ^= u[j & 31];
+
+                ulong g, h = 0;
+                int k = 60;
+                do
+                {
+                    j  = (uint)(x >> k);
+                    g  = u[j & 31];
+                    l ^= (g <<  k);
+                    h ^= (g >> -k);
+                }
+                while ((k -= 5) > 0);
+
+                for (int p = 0; p < 4; ++p)
+                {
+                    x = (x & RM) >> 1;
+                    h ^= x & (ulong)(((long)y << p) >> 63);
+                }
+
+                z[zOff + i] ^= l;
+
+                l = h;
+            }
+            z[zOff + 9] ^= l;
+        }
+
+        protected static void ImplSquare(ulong[] x, ulong[] zz)
+        {
+            for (int i = 0; i < 9; ++i)
+            {
+                Interleave.Expand64To128(x[i], zz, i << 1);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571FieldElement.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571FieldElement.cs
new file mode 100644
index 0000000..c43b8dc
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571FieldElement.cs
@@ -0,0 +1,216 @@
+using System;
+
+using Org.BouncyCastle.Math.Raw;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571FieldElement
+        : ECFieldElement
+    {
+        protected readonly ulong[] x;
+
+        public SecT571FieldElement(BigInteger x)
+        {
+            if (x == null || x.SignValue < 0 || x.BitLength > 571)
+                throw new ArgumentException("value invalid for SecT571FieldElement", "x");
+
+            this.x = SecT571Field.FromBigInteger(x);
+        }
+
+        public SecT571FieldElement()
+        {
+            this.x = Nat576.Create64();
+        }
+
+        protected internal SecT571FieldElement(ulong[] x)
+        {
+            this.x = x;
+        }
+
+        public override bool IsOne
+        {
+            get { return Nat576.IsOne64(x); }
+        }
+
+        public override bool IsZero
+        {
+            get { return Nat576.IsZero64(x); }
+        }
+
+        public override bool TestBitZero()
+        {
+            return (x[0] & 1UL) != 0UL;
+        }
+
+        public override BigInteger ToBigInteger()
+        {
+            return Nat576.ToBigInteger64(x);
+        }
+
+        public override String FieldName
+        {
+            get { return "SecT571Field"; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 571; }
+        }
+
+        public override ECFieldElement Add(ECFieldElement b)
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Add(x, ((SecT571FieldElement)b).x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement AddOne()
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.AddOne(x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement Subtract(ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return Add(b);
+        }
+
+        public override ECFieldElement Multiply(ECFieldElement b)
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Multiply(x, ((SecT571FieldElement)b).x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return MultiplyPlusProduct(b, x, y);
+        }
+
+        public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x, bx = ((SecT571FieldElement)b).x;
+            ulong[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x;
+
+            ulong[] tt = Nat576.CreateExt64();
+            SecT571Field.MultiplyAddToExt(ax, bx, tt);
+            SecT571Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Reduce(tt, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement Divide(ECFieldElement b)
+        {
+            return Multiply(b.Invert());
+        }
+
+        public override ECFieldElement Negate()
+        {
+            return this;
+        }
+
+        public override ECFieldElement Square()
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Square(x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return SquarePlusProduct(x, y);
+        }
+
+        public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            ulong[] ax = this.x;
+            ulong[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x;
+
+            ulong[] tt = Nat576.CreateExt64();
+            SecT571Field.SquareAddToExt(ax, tt);
+            SecT571Field.MultiplyAddToExt(xx, yx, tt);
+
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Reduce(tt, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement SquarePow(int pow)
+        {
+            if (pow < 1)
+                return this;
+
+            ulong[] z = Nat576.Create64();
+            SecT571Field.SquareN(x, pow, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement Invert()
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Invert(x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public override ECFieldElement Sqrt()
+        {
+            ulong[] z = Nat576.Create64();
+            SecT571Field.Sqrt(x, z);
+            return new SecT571FieldElement(z);
+        }
+
+        public virtual int Representation
+        {
+            get { return F2mFieldElement.Ppb; }
+        }
+
+        public virtual int M
+        {
+            get { return 571; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 5; }
+        }
+
+        public virtual int K3
+        {
+            get { return 10; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            return Equals(obj as SecT571FieldElement);
+        }
+
+        public override bool Equals(ECFieldElement other)
+        {
+            return Equals(other as SecT571FieldElement);
+        }
+
+        public virtual bool Equals(SecT571FieldElement other)
+        {
+            if (this == other)
+                return true;
+            if (null == other)
+                return false;
+            return Nat576.Eq64(x, other.x);
+        }
+
+        public override int GetHashCode()
+        {
+            return 5711052 ^ Arrays.GetHashCode(x, 0, 9);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Curve.cs
new file mode 100644
index 0000000..f5806f0
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Curve.cs
@@ -0,0 +1,104 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Multiplier;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571K1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT571K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT571K1Point m_infinity;
+
+        public SecT571K1Curve()
+            : base(571, 2, 5, 10)
+        {
+            this.m_infinity = new SecT571K1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.Zero);
+            this.m_b = FromBigInteger(BigInteger.One);
+            this.m_order = new BigInteger(1, Hex.Decode("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001"));
+            this.m_cofactor = BigInteger.ValueOf(4);
+
+            this.m_coord = SecT571K1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT571K1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected override ECMultiplier CreateDefaultMultiplier()
+        {
+            return new WTauNafMultiplier();
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 571; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT571FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT571K1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT571K1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return true; }
+        }
+
+        public virtual int M
+        {
+            get { return 571; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 5; }
+        }
+
+        public virtual int K3
+        {
+            get { return 10; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Point.cs
new file mode 100644
index 0000000..deaaf0c
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571K1Point.cs
@@ -0,0 +1,289 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571K1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT571K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1);
+                if (X3.IsZero)
+                {
+                    return new SecT571K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT571K1Point(curve, X3, curve.B, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T;
+            if (Z1IsOne)
+            {
+                T = L1.Square().Add(L1);
+            }
+            else
+            {
+                T = L1.Add(Z1).Multiply(L1);
+            }
+
+            if (T.IsZero)
+            {
+                return new SecT571K1Point(curve, T, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement t1 = L1.Add(X1).Square();
+            ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square();
+            ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3);
+
+            return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            // NOTE: TwicePlus() only optimized for lambda-affine argument
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = L1Sq.Add(L1Z1);
+            ECFieldElement L2plus1 = L2.AddOne();
+            ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT571K1Point(curve, A, curve.B, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3);
+
+            return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT571K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Curve.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Curve.cs
new file mode 100644
index 0000000..082afa5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Curve.cs
@@ -0,0 +1,102 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571R1Curve
+        : AbstractF2mCurve
+    {
+        private const int SecT571R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
+
+        protected readonly SecT571R1Point m_infinity;
+
+        internal static readonly SecT571FieldElement SecT571R1_B = new SecT571FieldElement(
+            new BigInteger(1, Hex.Decode("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A")));
+        internal static readonly SecT571FieldElement SecT571R1_B_SQRT = (SecT571FieldElement)SecT571R1_B.Sqrt();
+
+        public SecT571R1Curve()
+            : base(571, 2, 5, 10)
+        {
+            this.m_infinity = new SecT571R1Point(this, null, null);
+
+            this.m_a = FromBigInteger(BigInteger.One);
+            this.m_b = SecT571R1_B;
+            this.m_order = new BigInteger(1, Hex.Decode("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47"));
+            this.m_cofactor = BigInteger.Two;
+
+            this.m_coord = SecT571R1_DEFAULT_COORDS;
+        }
+
+        protected override ECCurve CloneCurve()
+        {
+            return new SecT571R1Curve();
+        }
+
+        public override bool SupportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public override ECPoint Infinity
+        {
+            get { return m_infinity; }
+        }
+
+        public override int FieldSize
+        {
+            get { return 571; }
+        }
+
+        public override ECFieldElement FromBigInteger(BigInteger x)
+        {
+            return new SecT571FieldElement(x);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression)
+        {
+            return new SecT571R1Point(this, x, y, withCompression);
+        }
+
+        protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+        {
+            return new SecT571R1Point(this, x, y, zs, withCompression);
+        }
+
+        public override bool IsKoblitz
+        {
+            get { return false; }
+        }
+
+        public virtual int M
+        {
+            get { return 571; }
+        }
+
+        public virtual bool IsTrinomial
+        {
+            get { return false; }
+        }
+
+        public virtual int K1
+        {
+            get { return 2; }
+        }
+
+        public virtual int K2
+        {
+            get { return 5; }
+        }
+
+        public virtual int K3
+        {
+            get { return 10; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Point.cs b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Point.cs
new file mode 100644
index 0000000..0d1fc98
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/custom/sec/SecT571R1Point.cs
@@ -0,0 +1,278 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Custom.Sec
+{
+    internal class SecT571R1Point
+        : AbstractF2mPoint
+    {
+        /**
+         * @deprecated Use ECCurve.createPoint to construct points
+         */
+        public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+            : this(curve, x, y, false)
+        {
+        }
+
+        /**
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
+         */
+        public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression)
+            : base(curve, x, y, withCompression)
+        {
+            if ((x == null) != (y == null))
+                throw new ArgumentException("Exactly one of the field elements is null");
+        }
+
+        internal SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression)
+            : base(curve, x, y, zs, withCompression)
+        {
+        }
+
+        protected override ECPoint Detach()
+        {
+            return new SecT571R1Point(null, AffineXCoord, AffineYCoord);
+        }
+
+        public override ECFieldElement YCoord
+        {
+            get
+            {
+                ECFieldElement X = RawXCoord, L = RawYCoord;
+
+                if (this.IsInfinity || X.IsZero)
+                    return L;
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.Add(X).Multiply(X);
+
+                ECFieldElement Z = RawZCoords[0];
+                if (!Z.IsOne)
+                {
+                    Y = Y.Divide(Z);
+                }
+
+                return Y;
+            }
+        }
+
+        protected internal override bool CompressionYTilde
+        {
+            get
+            {
+                ECFieldElement X = this.RawXCoord;
+                if (X.IsZero)
+                    return false;
+
+                ECFieldElement Y = this.RawYCoord;
+
+                // Y is actually Lambda (X + Y/X) here
+                return Y.TestBitZero() != X.TestBitZero();
+            }
+        }
+
+        public override ECPoint Add(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            ECFieldElement X2 = b.RawXCoord;
+
+            if (X1.IsZero)
+            {
+                if (X2.IsZero)
+                    return curve.Infinity;
+
+                return b.Add(this);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement U2 = X2, S2 = L2;
+            if (!Z1IsOne)
+            {
+                U2 = U2.Multiply(Z1);
+                S2 = S2.Multiply(Z1);
+            }
+
+            bool Z2IsOne = Z2.IsOne;
+            ECFieldElement U1 = X1, S1 = L1;
+            if (!Z2IsOne)
+            {
+                U1 = U1.Multiply(Z2);
+                S1 = S1.Multiply(Z2);
+            }
+
+            ECFieldElement A = S1.Add(S2);
+            ECFieldElement B = U1.Add(U2);
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return Twice();
+
+                return curve.Infinity;
+            }
+
+            ECFieldElement X3, L3, Z3;
+            if (X2.IsZero)
+            {
+                // TODO This can probably be optimized quite a bit
+                ECPoint p = this.Normalize();
+                X1 = p.XCoord;
+                ECFieldElement Y1 = p.YCoord;
+
+                ECFieldElement Y2 = L2;
+                ECFieldElement L = Y1.Add(Y2).Divide(X1);
+
+                X3 = L.Square().Add(L).Add(X1).AddOne();
+                if (X3.IsZero)
+                {
+                    return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed);
+                }
+
+                ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1);
+                L3 = Y3.Divide(X3).Add(X3);
+                Z3 = curve.FromBigInteger(BigInteger.One);
+            }
+            else
+            {
+                B = B.Square();
+
+                ECFieldElement AU1 = A.Multiply(U1);
+                ECFieldElement AU2 = A.Multiply(U2);
+
+                X3 = AU1.Multiply(AU2);
+                if (X3.IsZero)
+                {
+                    return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed);
+                }
+
+                ECFieldElement ABZ2 = A.Multiply(B);
+                if (!Z2IsOne)
+                {
+                    ABZ2 = ABZ2.Multiply(Z2);
+                }
+
+                L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1));
+
+                Z3 = ABZ2;
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.Multiply(Z1);
+                }
+            }
+
+            return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Twice()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return curve.Infinity;
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+
+            bool Z1IsOne = Z1.IsOne;
+            ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1);
+            ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square();
+            ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq);
+            if (T.IsZero)
+            {
+                return new SecT571R1Point(curve, T, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed);
+            }
+
+            ECFieldElement X3 = T.Square();
+            ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq);
+
+            ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1);
+            ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3);
+
+            return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint TwicePlus(ECPoint b)
+        {
+            if (this.IsInfinity)
+                return b;
+            if (b.IsInfinity)
+                return Twice();
+
+            ECCurve curve = this.Curve;
+
+            ECFieldElement X1 = this.RawXCoord;
+            if (X1.IsZero)
+            {
+                // A point with X == 0 is it's own Additive inverse
+                return b;
+            }
+
+            ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0];
+            if (X2.IsZero || !Z2.IsOne)
+            {
+                return Twice().Add(b);
+            }
+
+            ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0];
+            ECFieldElement L2 = b.RawYCoord;
+
+            ECFieldElement X1Sq = X1.Square();
+            ECFieldElement L1Sq = L1.Square();
+            ECFieldElement Z1Sq = Z1.Square();
+            ECFieldElement L1Z1 = L1.Multiply(Z1);
+
+            ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1);
+            ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq);
+            ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq);
+            ECFieldElement B = X2Z1Sq.Add(T).Square();
+
+            if (B.IsZero)
+            {
+                if (A.IsZero)
+                    return b.Twice();
+
+                return curve.Infinity;
+            }
+
+            if (A.IsZero)
+            {
+                return new SecT571R1Point(curve, A, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed);
+            }
+
+            ECFieldElement X3 = A.Square().Multiply(X2Z1Sq);
+            ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq);
+            ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3);
+
+            return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed);
+        }
+
+        public override ECPoint Negate()
+        {
+            if (this.IsInfinity)
+                return this;
+
+            ECFieldElement X = this.RawXCoord;
+            if (X.IsZero)
+                return this;
+
+            // L is actually Lambda (X + Y/X) here
+            ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0];
+            return new SecT571R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/endo/ECEndomorphism.cs b/bc-sharp-crypto/src/math/ec/endo/ECEndomorphism.cs
new file mode 100644
index 0000000..dfb3213
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/endo/ECEndomorphism.cs
@@ -0,0 +1,11 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Endo
+{
+    public interface ECEndomorphism
+    {
+        ECPointMap PointMap { get; }
+
+        bool HasEfficientPointMap { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/endo/GlvEndomorphism.cs b/bc-sharp-crypto/src/math/ec/endo/GlvEndomorphism.cs
new file mode 100644
index 0000000..f65bdd6
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/endo/GlvEndomorphism.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Endo
+{
+    public interface GlvEndomorphism
+        :   ECEndomorphism
+    {
+        BigInteger[] DecomposeScalar(BigInteger k);
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs b/bc-sharp-crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs
new file mode 100644
index 0000000..d234d88
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs
@@ -0,0 +1,55 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Endo
+{
+    public class GlvTypeBEndomorphism
+        :   GlvEndomorphism
+    {
+        protected readonly ECCurve m_curve;
+        protected readonly GlvTypeBParameters m_parameters;
+        protected readonly ECPointMap m_pointMap;
+
+        public GlvTypeBEndomorphism(ECCurve curve, GlvTypeBParameters parameters)
+        {
+            this.m_curve = curve;
+            this.m_parameters = parameters;
+            this.m_pointMap = new ScaleXPointMap(curve.FromBigInteger(parameters.Beta));
+        }
+
+        public virtual BigInteger[] DecomposeScalar(BigInteger k)
+        {
+            int bits = m_parameters.Bits;
+            BigInteger b1 = CalculateB(k, m_parameters.G1, bits);
+            BigInteger b2 = CalculateB(k, m_parameters.G2, bits);
+
+            BigInteger[] v1 = m_parameters.V1, v2 = m_parameters.V2;
+            BigInteger a = k.Subtract((b1.Multiply(v1[0])).Add(b2.Multiply(v2[0])));
+            BigInteger b = (b1.Multiply(v1[1])).Add(b2.Multiply(v2[1])).Negate();
+
+            return new BigInteger[]{ a, b };
+        }
+
+        public virtual ECPointMap PointMap
+        {
+            get { return m_pointMap; }
+        }
+
+        public virtual bool HasEfficientPointMap
+        {
+            get { return true; }
+        }
+
+        protected virtual BigInteger CalculateB(BigInteger k, BigInteger g, int t)
+        {
+            bool negative = (g.SignValue < 0);
+            BigInteger b = k.Multiply(g.Abs());
+            bool extra = b.TestBit(t - 1);
+            b = b.ShiftRight(t);
+            if (extra)
+            {
+                b = b.Add(BigInteger.One);
+            }
+            return negative ? b.Negate() : b;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/endo/GlvTypeBParameters.cs b/bc-sharp-crypto/src/math/ec/endo/GlvTypeBParameters.cs
new file mode 100644
index 0000000..f93dfaf
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/endo/GlvTypeBParameters.cs
@@ -0,0 +1,60 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Endo
+{
+    public class GlvTypeBParameters
+    {
+        protected readonly BigInteger m_beta;
+        protected readonly BigInteger m_lambda;
+        protected readonly BigInteger[] m_v1, m_v2;
+        protected readonly BigInteger m_g1, m_g2;
+        protected readonly int m_bits;
+
+        public GlvTypeBParameters(BigInteger beta, BigInteger lambda, BigInteger[] v1, BigInteger[] v2,
+            BigInteger g1, BigInteger g2, int bits)
+        {
+            this.m_beta = beta;
+            this.m_lambda = lambda;
+            this.m_v1 = v1;
+            this.m_v2 = v2;
+            this.m_g1 = g1;
+            this.m_g2 = g2;
+            this.m_bits = bits;
+        }
+
+        public virtual BigInteger Beta
+        {
+            get { return m_beta; }
+        }
+
+        public virtual BigInteger Lambda
+        {
+            get { return m_lambda; }
+        }
+
+        public virtual BigInteger[] V1
+        {
+            get { return m_v1; }
+        }
+
+        public virtual BigInteger[] V2
+        {
+            get { return m_v2; }
+        }
+
+        public virtual BigInteger G1
+        {
+            get { return m_g1; }
+        }
+
+        public virtual BigInteger G2
+        {
+            get { return m_g2; }
+        }
+
+        public virtual int Bits
+        {
+            get { return m_bits; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/AbstractECMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/AbstractECMultiplier.cs
new file mode 100644
index 0000000..5178813
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/AbstractECMultiplier.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public abstract class AbstractECMultiplier
+        : ECMultiplier
+    {
+        public virtual ECPoint Multiply(ECPoint p, BigInteger k)
+        {
+            int sign = k.SignValue;
+            if (sign == 0 || p.IsInfinity)
+                return p.Curve.Infinity;
+
+            ECPoint positive = MultiplyPositive(p, k.Abs());
+            ECPoint result = sign > 0 ? positive : positive.Negate();
+
+            /*
+             * Although the various multipliers ought not to produce invalid output under normal
+             * circumstances, a final check here is advised to guard against fault attacks.
+             */
+            return ECAlgorithms.ValidatePoint(result);
+        }
+
+        protected abstract ECPoint MultiplyPositive(ECPoint p, BigInteger k);
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs
new file mode 100644
index 0000000..18a72c0
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class DoubleAddMultiplier
+        : AbstractECMultiplier
+    {
+        /**
+         * Joye's double-add algorithm.
+         */
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECPoint[] R = new ECPoint[]{ p.Curve.Infinity, p };
+
+            int n = k.BitLength;
+            for (int i = 0; i < n; ++i)
+            {
+                int b = k.TestBit(i) ? 1 : 0;
+                int bp = 1 - b;
+                R[bp] = R[bp].TwicePlus(R[b]);
+            }
+
+            return R[0];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/ECMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/ECMultiplier.cs
new file mode 100644
index 0000000..8d6136b
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/ECMultiplier.cs
@@ -0,0 +1,18 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+    * Interface for classes encapsulating a point multiplication algorithm
+    * for <code>ECPoint</code>s.
+    */
+    public interface ECMultiplier
+    {
+        /**
+         * Multiplies the <code>ECPoint p</code> by <code>k</code>, i.e.
+         * <code>p</code> is added <code>k</code> times to itself.
+         * @param p The <code>ECPoint</code> to be multiplied.
+         * @param k The factor by which <code>p</code> is multiplied.
+         * @return <code>p</code> multiplied by <code>k</code>.
+         */
+        ECPoint Multiply(ECPoint p, BigInteger k);
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
new file mode 100644
index 0000000..a8ef5a7
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs
@@ -0,0 +1,59 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class FixedPointCombMultiplier
+        : AbstractECMultiplier
+    {
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECCurve c = p.Curve;
+            int size = FixedPointUtilities.GetCombSize(c);
+
+            if (k.BitLength > size)
+            {
+                /*
+                 * TODO The comb works best when the scalars are less than the (possibly unknown) order.
+                 * Still, if we want to handle larger scalars, we could allow customization of the comb
+                 * size, or alternatively we could deal with the 'extra' bits either by running the comb
+                 * multiple times as necessary, or by using an alternative multiplier as prelude.
+                 */
+                throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order");
+            }
+
+            int minWidth = GetWidthForCombSize(size);
+
+            FixedPointPreCompInfo info = FixedPointUtilities.Precompute(p, minWidth);
+            ECPoint[] lookupTable = info.PreComp;
+            int width = info.Width;
+
+            int d = (size + width - 1) / width;
+
+            ECPoint R = c.Infinity;
+
+            int top = d * width - 1;
+            for (int i = 0; i < d; ++i)
+            {
+                int index = 0;
+
+                for (int j = top - i; j >= 0; j -= d)
+                {
+                    index <<= 1;
+                    if (k.TestBit(j))
+                    {
+                        index |= 1;
+                    }
+                }
+
+                R = R.TwicePlus(lookupTable[index]);
+            }
+
+            return R;
+        }
+
+        protected virtual int GetWidthForCombSize(int combSize)
+        {
+            return combSize > 257 ? 6 : 5;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
new file mode 100644
index 0000000..56a6326
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs
@@ -0,0 +1,34 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+     * Class holding precomputation data for fixed-point multiplications.
+     */
+    public class FixedPointPreCompInfo
+        : PreCompInfo
+    {
+        /**
+         * Array holding the precomputed <code>ECPoint</code>s used for a fixed
+         * point multiplication.
+         */
+        protected ECPoint[] m_preComp = null;
+
+        /**
+         * The width used for the precomputation. If a larger width precomputation
+         * is already available this may be larger than was requested, so calling
+         * code should refer to the actual width.
+         */
+        protected int m_width = -1;
+
+        public virtual ECPoint[] PreComp
+        {
+            get { return m_preComp; }
+            set { this.m_preComp = value; }
+        }
+
+        public virtual int Width
+        {
+            get { return m_width; }
+            set { this.m_width = value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/FixedPointUtilities.cs b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointUtilities.cs
new file mode 100644
index 0000000..d927d01
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/FixedPointUtilities.cs
@@ -0,0 +1,72 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class FixedPointUtilities
+    {
+        public static readonly string PRECOMP_NAME = "bc_fixed_point";
+
+        public static int GetCombSize(ECCurve c)
+        {
+            BigInteger order = c.Order;
+            return order == null ? c.FieldSize + 1 : order.BitLength;
+        }
+
+        public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo)
+        {
+            if ((preCompInfo != null) && (preCompInfo is FixedPointPreCompInfo))
+            {
+                return (FixedPointPreCompInfo)preCompInfo;
+            }
+
+            return new FixedPointPreCompInfo();
+        }
+
+        public static FixedPointPreCompInfo Precompute(ECPoint p, int minWidth)
+        {
+            ECCurve c = p.Curve;
+
+            int n = 1 << minWidth;
+            FixedPointPreCompInfo info = GetFixedPointPreCompInfo(c.GetPreCompInfo(p, PRECOMP_NAME));
+            ECPoint[] lookupTable = info.PreComp;
+
+            if (lookupTable == null || lookupTable.Length < n)
+            {
+                int bits = GetCombSize(c);
+                int d = (bits + minWidth - 1) / minWidth;
+
+                ECPoint[] pow2Table = new ECPoint[minWidth];
+                pow2Table[0] = p;
+                for (int i = 1; i < minWidth; ++i)
+                {
+                    pow2Table[i] = pow2Table[i - 1].TimesPow2(d);
+                }
+    
+                c.NormalizeAll(pow2Table);
+    
+                lookupTable = new ECPoint[n];
+                lookupTable[0] = c.Infinity;
+
+                for (int bit = minWidth - 1; bit >= 0; --bit)
+                {
+                    ECPoint pow2 = pow2Table[bit];
+
+                    int step = 1 << bit;
+                    for (int i = step; i < n; i += (step << 1))
+                    {
+                        lookupTable[i] = lookupTable[i - step].Add(pow2);
+                    }
+                }
+
+                c.NormalizeAll(lookupTable);
+
+                info.PreComp = lookupTable;
+                info.Width = minWidth;
+
+                c.SetPreCompInfo(p, PRECOMP_NAME, info);
+            }
+
+            return info;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/GlvMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/GlvMultiplier.cs
new file mode 100644
index 0000000..f190494
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/GlvMultiplier.cs
@@ -0,0 +1,40 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Endo;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class GlvMultiplier
+        :   AbstractECMultiplier
+    {
+        protected readonly ECCurve curve;
+        protected readonly GlvEndomorphism glvEndomorphism;
+
+        public GlvMultiplier(ECCurve curve, GlvEndomorphism glvEndomorphism)
+        {
+            if (curve == null || curve.Order == null)
+                throw new ArgumentException("Need curve with known group order", "curve");
+
+            this.curve = curve;
+            this.glvEndomorphism = glvEndomorphism;
+        }
+
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            if (!curve.Equals(p.Curve))
+                throw new InvalidOperationException();
+
+            BigInteger n = p.Curve.Order;
+            BigInteger[] ab = glvEndomorphism.DecomposeScalar(k.Mod(n));
+            BigInteger a = ab[0], b = ab[1];
+
+            ECPointMap pointMap = glvEndomorphism.PointMap;
+            if (glvEndomorphism.HasEfficientPointMap)
+            {
+                return ECAlgorithms.ImplShamirsTrickWNaf(p, a, pointMap, b);
+            }
+
+            return ECAlgorithms.ImplShamirsTrickWNaf(p, a, pointMap.Map(p), b);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs
new file mode 100644
index 0000000..a4c2018
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs
@@ -0,0 +1,75 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+     * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left) using
+     * mixed coordinates.
+     */
+    public class MixedNafR2LMultiplier 
+        : AbstractECMultiplier
+    {
+        protected readonly int additionCoord, doublingCoord;
+
+        /**
+         * By default, addition will be done in Jacobian coordinates, and doubling will be done in
+         * Modified Jacobian coordinates (independent of the original coordinate system of each point).
+         */
+        public MixedNafR2LMultiplier()
+            : this(ECCurve.COORD_JACOBIAN, ECCurve.COORD_JACOBIAN_MODIFIED)
+        {
+        }
+
+        public MixedNafR2LMultiplier(int additionCoord, int doublingCoord)
+        {
+            this.additionCoord = additionCoord;
+            this.doublingCoord = doublingCoord;
+        }
+
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECCurve curveOrig = p.Curve;
+
+            ECCurve curveAdd = ConfigureCurve(curveOrig, additionCoord);
+            ECCurve curveDouble = ConfigureCurve(curveOrig, doublingCoord);
+
+            int[] naf = WNafUtilities.GenerateCompactNaf(k);
+
+            ECPoint Ra = curveAdd.Infinity;
+            ECPoint Td = curveDouble.ImportPoint(p);
+
+            int zeroes = 0;
+            for (int i = 0; i < naf.Length; ++i)
+            {
+                int ni = naf[i];
+                int digit = ni >> 16;
+                zeroes += ni & 0xFFFF;
+
+                Td = Td.TimesPow2(zeroes);
+
+                ECPoint Tj = curveAdd.ImportPoint(Td);
+                if (digit < 0)
+                {
+                    Tj = Tj.Negate();
+                }
+
+                Ra = Ra.Add(Tj);
+
+                zeroes = 1;
+            }
+
+            return curveOrig.ImportPoint(Ra);
+        }
+
+        protected virtual ECCurve ConfigureCurve(ECCurve c, int coord)
+        {
+            if (c.CoordinateSystem == coord)
+                return c;
+
+            if (!c.SupportsCoordinateSystem(coord))
+                throw new ArgumentException("Coordinate system " + coord + " not supported by this curve", "coord");
+
+            return c.Configure().SetCoordinateSystem(coord).Create();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs
new file mode 100644
index 0000000..e2470a3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs
@@ -0,0 +1,25 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class MontgomeryLadderMultiplier 
+        : AbstractECMultiplier
+    {
+        /**
+         * Montgomery ladder.
+         */
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECPoint[] R = new ECPoint[]{ p.Curve.Infinity, p };
+
+            int n = k.BitLength;
+            int i = n;
+            while (--i >= 0)
+            {
+                int b = k.TestBit(i) ? 1 : 0;
+                int bp = 1 - b;
+                R[bp] = R[bp].Add(R[b]);
+                R[b] = R[b].Twice();
+            }
+            return R[0];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/NafL2RMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/NafL2RMultiplier.cs
new file mode 100644
index 0000000..ac80cf9
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/NafL2RMultiplier.cs
@@ -0,0 +1,30 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+     * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (left-to-right).
+     */
+    public class NafL2RMultiplier
+        : AbstractECMultiplier
+    {
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            int[] naf = WNafUtilities.GenerateCompactNaf(k);
+
+            ECPoint addP = p.Normalize(), subP = addP.Negate();
+
+            ECPoint R = p.Curve.Infinity;
+
+            int i = naf.Length;
+            while (--i >= 0)
+            {
+                int ni = naf[i];
+                int digit = ni >> 16, zeroes = ni & 0xFFFF;
+
+                R = R.TwicePlus(digit < 0 ? subP : addP);
+                R = R.TimesPow2(zeroes);
+            }
+
+            return R;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/NafR2LMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/NafR2LMultiplier.cs
new file mode 100644
index 0000000..1fa69fa
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/NafR2LMultiplier.cs
@@ -0,0 +1,31 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+     * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left).
+     */
+    public class NafR2LMultiplier 
+        : AbstractECMultiplier
+    {
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            int[] naf = WNafUtilities.GenerateCompactNaf(k);
+
+            ECPoint R0 = p.Curve.Infinity, R1 = p;
+
+            int zeroes = 0;
+            for (int i = 0; i < naf.Length; ++i)
+            {
+                int ni = naf[i];
+                int digit = ni >> 16;
+                zeroes += ni & 0xFFFF;
+
+                R1 = R1.TimesPow2(zeroes);
+                R0 = R0.Add(digit < 0 ? R1.Negate() : R1);
+
+                zeroes = 1;
+            }
+
+            return R0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/PreCompInfo.cs b/bc-sharp-crypto/src/math/ec/multiplier/PreCompInfo.cs
new file mode 100644
index 0000000..5c32892
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/PreCompInfo.cs
@@ -0,0 +1,11 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+	/**
+	* Interface for classes storing precomputation data for multiplication
+	* algorithms. Used as a Memento (see GOF patterns) for
+	* <code>WNafMultiplier</code>.
+	*/
+	public interface PreCompInfo
+	{
+	}
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/ReferenceMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/ReferenceMultiplier.cs
new file mode 100644
index 0000000..4848ada
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/ReferenceMultiplier.cs
@@ -0,0 +1,11 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class ReferenceMultiplier
+        : AbstractECMultiplier
+    {
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            return ECAlgorithms.ReferenceMultiply(p, k);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs
new file mode 100644
index 0000000..f671f6a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs
@@ -0,0 +1,98 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+    * Class implementing the WNAF (Window Non-Adjacent Form) multiplication
+    * algorithm.
+    */
+    public class WNafL2RMultiplier
+        : AbstractECMultiplier
+    {
+        /**
+         * Multiplies <code>this</code> by an integer <code>k</code> using the
+         * Window NAF method.
+         * @param k The integer by which <code>this</code> is multiplied.
+         * @return A new <code>ECPoint</code> which equals <code>this</code>
+         * multiplied by <code>k</code>.
+         */
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            // Clamp the window width in the range [2, 16]
+            int width = System.Math.Max(2, System.Math.Min(16, GetWindowSize(k.BitLength)));
+
+            WNafPreCompInfo wnafPreCompInfo = WNafUtilities.Precompute(p, width, true);
+            ECPoint[] preComp = wnafPreCompInfo.PreComp;
+            ECPoint[] preCompNeg = wnafPreCompInfo.PreCompNeg;
+
+            int[] wnaf = WNafUtilities.GenerateCompactWindowNaf(width, k);
+
+            ECPoint R = p.Curve.Infinity;
+
+            int i = wnaf.Length;
+
+            /*
+             * NOTE: We try to optimize the first window using the precomputed points to substitute an
+             * addition for 2 or more doublings.
+             */
+            if (i > 1)
+            {
+                int wi = wnaf[--i];
+                int digit = wi >> 16, zeroes = wi & 0xFFFF;
+
+                int n = System.Math.Abs(digit);
+                ECPoint[] table = digit < 0 ? preCompNeg : preComp;
+
+                // Optimization can only be used for values in the lower half of the table
+                if ((n << 2) < (1 << width))
+                {
+                    int highest = LongArray.BitLengths[n];
+
+                    // TODO Get addition/doubling cost ratio from curve and compare to 'scale' to see if worth substituting?
+                    int scale = width - highest;
+                    int lowBits = n ^ (1 << (highest - 1));
+
+                    int i1 = ((1 << (width - 1)) - 1);
+                    int i2 = (lowBits << scale) + 1;
+                    R = table[i1 >> 1].Add(table[i2 >> 1]);
+
+                    zeroes -= scale;
+
+                    //Console.WriteLine("Optimized: 2^" + scale + " * " + n + " = " + i1 + " + " + i2);
+                }
+                else
+                {
+                    R = table[n >> 1];
+                }
+
+                R = R.TimesPow2(zeroes);
+            }
+
+            while (i > 0)
+            {
+                int wi = wnaf[--i];
+                int digit = wi >> 16, zeroes = wi & 0xFFFF;
+
+                int n = System.Math.Abs(digit);
+                ECPoint[] table = digit < 0 ? preCompNeg : preComp;
+                ECPoint r = table[n >> 1];
+
+                R = R.TwicePlus(r);
+                R = R.TimesPow2(zeroes);
+            }
+
+            return R;
+        }
+
+        /**
+         * Determine window width to use for a scalar multiplication of the given size.
+         * 
+         * @param bits the bit-length of the scalar to multiply by
+         * @return the window size to use
+         */
+        protected virtual int GetWindowSize(int bits)
+        {
+            return WNafUtilities.GetWindowSize(bits);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/WNafPreCompInfo.cs b/bc-sharp-crypto/src/math/ec/multiplier/WNafPreCompInfo.cs
new file mode 100644
index 0000000..7e0a731
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/WNafPreCompInfo.cs
@@ -0,0 +1,46 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+    * Class holding precomputation data for the WNAF (Window Non-Adjacent Form)
+    * algorithm.
+    */
+    public class WNafPreCompInfo
+        : PreCompInfo 
+    {
+        /**
+         * Array holding the precomputed <code>ECPoint</code>s used for a Window
+         * NAF multiplication.
+         */
+        protected ECPoint[] m_preComp = null;
+
+        /**
+         * Array holding the negations of the precomputed <code>ECPoint</code>s used
+         * for a Window NAF multiplication.
+         */
+        protected ECPoint[] m_preCompNeg = null;
+
+        /**
+         * Holds an <code>ECPoint</code> representing Twice(this). Used for the
+         * Window NAF multiplication to create or extend the precomputed values.
+         */
+        protected ECPoint m_twice = null;
+
+        public virtual ECPoint[] PreComp
+        {
+            get { return m_preComp; }
+            set { this.m_preComp = value; }
+        }
+
+        public virtual ECPoint[] PreCompNeg
+        {
+            get { return m_preCompNeg; }
+            set { this.m_preCompNeg = value; }
+        }
+
+        public virtual ECPoint Twice
+        {
+            get { return m_twice; }
+            set { this.m_twice = value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/WNafUtilities.cs b/bc-sharp-crypto/src/math/ec/multiplier/WNafUtilities.cs
new file mode 100644
index 0000000..7d565df
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/WNafUtilities.cs
@@ -0,0 +1,524 @@
+using System;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public abstract class WNafUtilities
+    {
+        public static readonly string PRECOMP_NAME = "bc_wnaf";
+
+        private static readonly int[] DEFAULT_WINDOW_SIZE_CUTOFFS = new int[]{ 13, 41, 121, 337, 897, 2305 };
+
+        private static readonly byte[] EMPTY_BYTES = new byte[0];
+        private static readonly int[] EMPTY_INTS = new int[0];
+        private static readonly ECPoint[] EMPTY_POINTS = new ECPoint[0];
+
+        public static int[] GenerateCompactNaf(BigInteger k)
+        {
+            if ((k.BitLength >> 16) != 0)
+                throw new ArgumentException("must have bitlength < 2^16", "k");
+            if (k.SignValue == 0)
+                return EMPTY_INTS;
+
+            BigInteger _3k = k.ShiftLeft(1).Add(k);
+
+            int bits = _3k.BitLength;
+            int[] naf = new int[bits >> 1];
+
+            BigInteger diff = _3k.Xor(k);
+
+            int highBit = bits - 1, length = 0, zeroes = 0;
+            for (int i = 1; i < highBit; ++i)
+            {
+                if (!diff.TestBit(i))
+                {
+                    ++zeroes;
+                    continue;
+                }
+
+                int digit = k.TestBit(i) ? -1 : 1;
+                naf[length++] = (digit << 16) | zeroes;
+                zeroes = 1;
+                ++i;
+            }
+
+            naf[length++] = (1 << 16) | zeroes;
+
+            if (naf.Length > length)
+            {
+                naf = Trim(naf, length);
+            }
+
+            return naf;
+        }
+
+        public static int[] GenerateCompactWindowNaf(int width, BigInteger k)
+        {
+            if (width == 2)
+            {
+                return GenerateCompactNaf(k);
+            }
+
+            if (width < 2 || width > 16)
+                throw new ArgumentException("must be in the range [2, 16]", "width");
+            if ((k.BitLength >> 16) != 0)
+                throw new ArgumentException("must have bitlength < 2^16", "k");
+            if (k.SignValue == 0)
+                return EMPTY_INTS;
+
+            int[] wnaf = new int[k.BitLength / width + 1];
+
+            // 2^width and a mask and sign bit set accordingly
+            int pow2 = 1 << width;
+            int mask = pow2 - 1;
+            int sign = pow2 >> 1;
+
+            bool carry = false;
+            int length = 0, pos = 0;
+
+            while (pos <= k.BitLength)
+            {
+                if (k.TestBit(pos) == carry)
+                {
+                    ++pos;
+                    continue;
+                }
+
+                k = k.ShiftRight(pos);
+
+                int digit = k.IntValue & mask;
+                if (carry)
+                {
+                    ++digit;
+                }
+
+                carry = (digit & sign) != 0;
+                if (carry)
+                {
+                    digit -= pow2;
+                }
+
+                int zeroes = length > 0 ? pos - 1 : pos;
+                wnaf[length++] = (digit << 16) | zeroes;
+                pos = width;
+            }
+
+            // Reduce the WNAF array to its actual length
+            if (wnaf.Length > length)
+            {
+                wnaf = Trim(wnaf, length);
+            }
+
+            return wnaf;
+        }
+
+        public static byte[] GenerateJsf(BigInteger g, BigInteger h)
+        {
+            int digits = System.Math.Max(g.BitLength, h.BitLength) + 1;
+            byte[] jsf = new byte[digits];
+
+            BigInteger k0 = g, k1 = h;
+            int j = 0, d0 = 0, d1 = 0;
+
+            int offset = 0;
+            while ((d0 | d1) != 0 || k0.BitLength > offset || k1.BitLength > offset)
+            {
+                int n0 = ((int)((uint)k0.IntValue >> offset) + d0) & 7;
+                int n1 = ((int)((uint)k1.IntValue >> offset) + d1) & 7;
+
+                int u0 = n0 & 1;
+                if (u0 != 0)
+                {
+                    u0 -= (n0 & 2);
+                    if ((n0 + u0) == 4 && (n1 & 3) == 2)
+                    {
+                        u0 = -u0;
+                    }
+                }
+
+                int u1 = n1 & 1;
+                if (u1 != 0)
+                {
+                    u1 -= (n1 & 2);
+                    if ((n1 + u1) == 4 && (n0 & 3) == 2)
+                    {
+                        u1 = -u1;
+                    }
+                }
+
+                if ((d0 << 1) == 1 + u0)
+                {
+                    d0 ^= 1;
+                }
+                if ((d1 << 1) == 1 + u1)
+                {
+                    d1 ^= 1;
+                }
+
+                if (++offset == 30)
+                {
+                    offset = 0;
+                    k0 = k0.ShiftRight(30);
+                    k1 = k1.ShiftRight(30);
+                }
+
+                jsf[j++] = (byte)((u0 << 4) | (u1 & 0xF));
+            }
+
+            // Reduce the JSF array to its actual length
+            if (jsf.Length > j)
+            {
+                jsf = Trim(jsf, j);
+            }
+
+            return jsf;
+        }
+
+        public static byte[] GenerateNaf(BigInteger k)
+        {
+            if (k.SignValue == 0)
+                return EMPTY_BYTES;
+
+            BigInteger _3k = k.ShiftLeft(1).Add(k);
+
+            int digits = _3k.BitLength - 1;
+            byte[] naf = new byte[digits];
+
+            BigInteger diff = _3k.Xor(k);
+
+            for (int i = 1; i < digits; ++i)
+            {
+                if (diff.TestBit(i))
+                {
+                    naf[i - 1] = (byte)(k.TestBit(i) ? -1 : 1);
+                    ++i;
+                }
+            }
+
+            naf[digits - 1] = 1;
+
+            return naf;
+        }
+
+        /**
+         * Computes the Window NAF (non-adjacent Form) of an integer.
+         * @param width The width <code>w</code> of the Window NAF. The width is
+         * defined as the minimal number <code>w</code>, such that for any
+         * <code>w</code> consecutive digits in the resulting representation, at
+         * most one is non-zero.
+         * @param k The integer of which the Window NAF is computed.
+         * @return The Window NAF of the given width, such that the following holds:
+         * <code>k = &amp;sum;<sub>i=0</sub><sup>l-1</sup> k<sub>i</sub>2<sup>i</sup>
+         * </code>, where the <code>k<sub>i</sub></code> denote the elements of the
+         * returned <code>byte[]</code>.
+         */
+        public static byte[] GenerateWindowNaf(int width, BigInteger k)
+        {
+            if (width == 2)
+            {
+                return GenerateNaf(k);
+            }
+
+            if (width < 2 || width > 8)
+                throw new ArgumentException("must be in the range [2, 8]", "width");
+            if (k.SignValue == 0)
+                return EMPTY_BYTES;
+
+            byte[] wnaf = new byte[k.BitLength + 1];
+
+            // 2^width and a mask and sign bit set accordingly
+            int pow2 = 1 << width;
+            int mask = pow2 - 1;
+            int sign = pow2 >> 1;
+
+            bool carry = false;
+            int length = 0, pos = 0;
+
+            while (pos <= k.BitLength)
+            {
+                if (k.TestBit(pos) == carry)
+                {
+                    ++pos;
+                    continue;
+                }
+
+                k = k.ShiftRight(pos);
+
+                int digit = k.IntValue & mask;
+                if (carry)
+                {
+                    ++digit;
+                }
+
+                carry = (digit & sign) != 0;
+                if (carry)
+                {
+                    digit -= pow2;
+                }
+
+                length += (length > 0) ? pos - 1 : pos;
+                wnaf[length++] = (byte)digit;
+                pos = width;
+            }
+
+            // Reduce the WNAF array to its actual length
+            if (wnaf.Length > length)
+            {
+                wnaf = Trim(wnaf, length);
+            }
+        
+            return wnaf;
+        }
+
+        public static int GetNafWeight(BigInteger k)
+        {
+            if (k.SignValue == 0)
+                return 0;
+
+            BigInteger _3k = k.ShiftLeft(1).Add(k);
+            BigInteger diff = _3k.Xor(k);
+
+            return diff.BitCount;
+        }
+
+        public static WNafPreCompInfo GetWNafPreCompInfo(ECPoint p)
+        {
+            return GetWNafPreCompInfo(p.Curve.GetPreCompInfo(p, PRECOMP_NAME));
+        }
+
+        public static WNafPreCompInfo GetWNafPreCompInfo(PreCompInfo preCompInfo)
+        {
+            if ((preCompInfo != null) && (preCompInfo is WNafPreCompInfo))
+            {
+                return (WNafPreCompInfo)preCompInfo;
+            }
+
+            return new WNafPreCompInfo();
+        }
+
+        /**
+         * Determine window width to use for a scalar multiplication of the given size.
+         * 
+         * @param bits the bit-length of the scalar to multiply by
+         * @return the window size to use
+         */
+        public static int GetWindowSize(int bits)
+        {
+            return GetWindowSize(bits, DEFAULT_WINDOW_SIZE_CUTOFFS);
+        }
+
+        /**
+         * Determine window width to use for a scalar multiplication of the given size.
+         * 
+         * @param bits the bit-length of the scalar to multiply by
+         * @param windowSizeCutoffs a monotonically increasing list of bit sizes at which to increment the window width
+         * @return the window size to use
+         */
+        public static int GetWindowSize(int bits, int[] windowSizeCutoffs)
+        {
+            int w = 0;
+            for (; w < windowSizeCutoffs.Length; ++w)
+            {
+                if (bits < windowSizeCutoffs[w])
+                {
+                    break;
+                }
+            }
+            return w + 2;
+        }
+
+        public static ECPoint MapPointWithPrecomp(ECPoint p, int width, bool includeNegated,
+            ECPointMap pointMap)
+        {
+            ECCurve c = p.Curve;
+            WNafPreCompInfo wnafPreCompP = Precompute(p, width, includeNegated);
+
+            ECPoint q = pointMap.Map(p);
+            WNafPreCompInfo wnafPreCompQ = GetWNafPreCompInfo(c.GetPreCompInfo(q, PRECOMP_NAME));
+
+            ECPoint twiceP = wnafPreCompP.Twice;
+            if (twiceP != null)
+            {
+                ECPoint twiceQ = pointMap.Map(twiceP);
+                wnafPreCompQ.Twice = twiceQ;
+            }
+
+            ECPoint[] preCompP = wnafPreCompP.PreComp;
+            ECPoint[] preCompQ = new ECPoint[preCompP.Length];
+            for (int i = 0; i < preCompP.Length; ++i)
+            {
+                preCompQ[i] = pointMap.Map(preCompP[i]);
+            }
+            wnafPreCompQ.PreComp = preCompQ;
+
+            if (includeNegated)
+            {
+                ECPoint[] preCompNegQ = new ECPoint[preCompQ.Length];
+                for (int i = 0; i < preCompNegQ.Length; ++i)
+                {
+                    preCompNegQ[i] = preCompQ[i].Negate();
+                }
+                wnafPreCompQ.PreCompNeg = preCompNegQ;
+            }
+
+            c.SetPreCompInfo(q, PRECOMP_NAME, wnafPreCompQ);
+
+            return q;
+        }
+
+        public static WNafPreCompInfo Precompute(ECPoint p, int width, bool includeNegated)
+        {
+            ECCurve c = p.Curve;
+            WNafPreCompInfo wnafPreCompInfo = GetWNafPreCompInfo(c.GetPreCompInfo(p, PRECOMP_NAME));
+
+            int iniPreCompLen = 0, reqPreCompLen = 1 << System.Math.Max(0, width - 2);
+
+            ECPoint[] preComp = wnafPreCompInfo.PreComp;
+            if (preComp == null)
+            {
+                preComp = EMPTY_POINTS;
+            }
+            else
+            {
+                iniPreCompLen = preComp.Length;
+            }
+
+            if (iniPreCompLen < reqPreCompLen)
+            {
+                preComp = ResizeTable(preComp, reqPreCompLen);
+
+                if (reqPreCompLen == 1)
+                {
+                    preComp[0] = p.Normalize();
+                }
+                else
+                {
+                    int curPreCompLen = iniPreCompLen;
+                    if (curPreCompLen == 0)
+                    {
+                        preComp[0] = p;
+                        curPreCompLen = 1;
+                    }
+
+                    ECFieldElement iso = null;
+
+                    if (reqPreCompLen == 2)
+                    {
+                        preComp[1] = p.ThreeTimes();
+                    }
+                    else
+                    {
+                        ECPoint twiceP = wnafPreCompInfo.Twice, last = preComp[curPreCompLen - 1];
+                        if (twiceP == null)
+                        {
+                            twiceP = preComp[0].Twice();
+                            wnafPreCompInfo.Twice = twiceP;
+
+                            /*
+                             * For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism
+                             * where 'twiceP' is "affine", so that the subsequent additions are cheaper. This
+                             * also requires scaling the initial point's X, Y coordinates, and reversing the
+                             * isomorphism as part of the subsequent normalization.
+                             * 
+                             *  NOTE: The correctness of this optimization depends on:
+                             *      1) additions do not use the curve's A, B coefficients.
+                             *      2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
+                             */
+                            if (!twiceP.IsInfinity && ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
+                            {
+                                switch (c.CoordinateSystem)
+                                {
+                                    case ECCurve.COORD_JACOBIAN:
+                                    case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                                    case ECCurve.COORD_JACOBIAN_MODIFIED:
+                                    {
+                                        iso = twiceP.GetZCoord(0);
+                                        twiceP = c.CreatePoint(twiceP.XCoord.ToBigInteger(),
+                                            twiceP.YCoord.ToBigInteger());
+
+                                        ECFieldElement iso2 = iso.Square(), iso3 = iso2.Multiply(iso);
+                                        last = last.ScaleX(iso2).ScaleY(iso3);
+
+                                        if (iniPreCompLen == 0)
+                                        {
+                                            preComp[0] = last;
+                                        }
+                                        break;
+                                    }
+                                }
+                            }
+                        }
+
+                        while (curPreCompLen < reqPreCompLen)
+                        {
+                            /*
+                             * Compute the new ECPoints for the precomputation array. The values 1, 3,
+                             * 5, ..., 2^(width-1)-1 times p are computed
+                             */
+                            preComp[curPreCompLen++] = last = last.Add(twiceP);
+                        }
+                    }
+
+                    /*
+                     * Having oft-used operands in affine form makes operations faster.
+                     */
+                    c.NormalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso);
+                }
+            }
+
+            wnafPreCompInfo.PreComp = preComp;
+
+            if (includeNegated)
+            {
+                ECPoint[] preCompNeg = wnafPreCompInfo.PreCompNeg;
+
+                int pos;
+                if (preCompNeg == null)
+                {
+                    pos = 0;
+                    preCompNeg = new ECPoint[reqPreCompLen]; 
+                }
+                else
+                {
+                    pos = preCompNeg.Length;
+                    if (pos < reqPreCompLen)
+                    {
+                        preCompNeg = ResizeTable(preCompNeg, reqPreCompLen);
+                    }
+                }
+
+                while (pos < reqPreCompLen)
+                {
+                    preCompNeg[pos] = preComp[pos].Negate();
+                    ++pos;
+                }
+
+                wnafPreCompInfo.PreCompNeg = preCompNeg;
+            }
+
+            c.SetPreCompInfo(p, PRECOMP_NAME, wnafPreCompInfo);
+
+            return wnafPreCompInfo;
+        }
+
+        private static byte[] Trim(byte[] a, int length)
+        {
+            byte[] result = new byte[length];
+            Array.Copy(a, 0, result, 0, result.Length);
+            return result;
+        }
+
+        private static int[] Trim(int[] a, int length)
+        {
+            int[] result = new int[length];
+            Array.Copy(a, 0, result, 0, result.Length);
+            return result;
+        }
+
+        private static ECPoint[] ResizeTable(ECPoint[] a, int length)
+        {
+            ECPoint[] result = new ECPoint[length];
+            Array.Copy(a, 0, result, 0, a.Length);
+            return result;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/WTauNafMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/WTauNafMultiplier.cs
new file mode 100644
index 0000000..1e7ddae
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/WTauNafMultiplier.cs
@@ -0,0 +1,125 @@
+using System;
+
+using Org.BouncyCastle.Math.EC.Abc;
+
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+    * Class implementing the WTNAF (Window
+    * <code>&#964;</code>-adic Non-Adjacent Form) algorithm.
+    */
+    public class WTauNafMultiplier
+        : AbstractECMultiplier
+    {
+        // TODO Create WTauNafUtilities class and move various functionality into it
+        internal static readonly string PRECOMP_NAME = "bc_wtnaf";
+
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by <code>k</code> using the reduced <code>&#964;</code>-adic NAF (RTNAF)
+        * method.
+        * @param p The AbstractF2mPoint to multiply.
+        * @param k The integer by which to multiply <code>k</code>.
+        * @return <code>p</code> multiplied by <code>k</code>.
+        */
+        protected override ECPoint MultiplyPositive(ECPoint point, BigInteger k)
+        {
+            if (!(point is AbstractF2mPoint))
+                throw new ArgumentException("Only AbstractF2mPoint can be used in WTauNafMultiplier");
+
+            AbstractF2mPoint p = (AbstractF2mPoint)point;
+            AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
+            int m = curve.FieldSize;
+            sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
+            sbyte mu = Tnaf.GetMu(a);
+            BigInteger[] s = curve.GetSi();
+
+            ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10);
+
+            return MultiplyWTnaf(p, rho, curve.GetPreCompInfo(p, PRECOMP_NAME), a, mu);
+        }
+
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by an element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code> using
+        * the <code>&#964;</code>-adic NAF (TNAF) method.
+        * @param p The AbstractF2mPoint to multiply.
+        * @param lambda The element <code>&#955;</code> of
+        * <code><b>Z</b>[&#964;]</code> of which to compute the
+        * <code>[&#964;]</code>-adic NAF.
+        * @return <code>p</code> multiplied by <code>&#955;</code>.
+        */
+        private AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda,
+            PreCompInfo preCompInfo, sbyte a, sbyte mu)
+        {
+            ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1;
+
+            BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width);
+
+            sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width,
+                BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha);
+
+            return MultiplyFromWTnaf(p, u, preCompInfo);
+        }
+        
+        /**
+        * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
+        * by an element <code>&#955;</code> of <code><b>Z</b>[&#964;]</code>
+        * using the window <code>&#964;</code>-adic NAF (TNAF) method, given the
+        * WTNAF of <code>&#955;</code>.
+        * @param p The AbstractF2mPoint to multiply.
+        * @param u The the WTNAF of <code>&#955;</code>..
+        * @return <code>&#955; * p</code>
+        */
+        private static AbstractF2mPoint MultiplyFromWTnaf(AbstractF2mPoint p, sbyte[] u, PreCompInfo preCompInfo)
+        {
+            AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve;
+            sbyte a = (sbyte)curve.A.ToBigInteger().IntValue;
+
+            AbstractF2mPoint[] pu;
+            if ((preCompInfo == null) || !(preCompInfo is WTauNafPreCompInfo))
+            {
+                pu = Tnaf.GetPreComp(p, a);
+
+                WTauNafPreCompInfo pre = new WTauNafPreCompInfo();
+                pre.PreComp = pu;
+                curve.SetPreCompInfo(p, PRECOMP_NAME, pre);
+            }
+            else
+            {
+                pu = ((WTauNafPreCompInfo)preCompInfo).PreComp;
+            }
+
+            // TODO Include negations in precomp (optionally) and use from here
+            AbstractF2mPoint[] puNeg = new AbstractF2mPoint[pu.Length];
+            for (int i = 0; i < pu.Length; ++i)
+            {
+                puNeg[i] = (AbstractF2mPoint)pu[i].Negate();
+            }
+
+            
+            // q = infinity
+            AbstractF2mPoint q = (AbstractF2mPoint) p.Curve.Infinity;
+
+            int tauCount = 0;
+            for (int i = u.Length - 1; i >= 0; i--)
+            {
+                ++tauCount;
+                int ui = u[i];
+                if (ui != 0)
+                {
+                    q = q.TauPow(tauCount);
+                    tauCount = 0;
+
+                    ECPoint x = ui > 0 ? pu[ui >> 1] : puNeg[(-ui) >> 1];
+                    q = (AbstractF2mPoint)q.Add(x);
+                }
+            }
+            if (tauCount > 0)
+            {
+                q = q.TauPow(tauCount);
+            }
+            return q;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs b/bc-sharp-crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs
new file mode 100644
index 0000000..72659b3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs
@@ -0,0 +1,24 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    /**
+     * Class holding precomputation data for the WTNAF (Window
+     * <code>&#964;</code>-adic Non-Adjacent Form) algorithm.
+     */
+    public class WTauNafPreCompInfo
+        : PreCompInfo
+    {
+        /**
+         * Array holding the precomputed <code>AbstractF2mPoint</code>s used for the
+         * WTNAF multiplication in <code>
+         * {@link org.bouncycastle.math.ec.multiplier.WTauNafMultiplier.multiply()
+         * WTauNafMultiplier.multiply()}</code>.
+         */
+        protected AbstractF2mPoint[] m_preComp;
+
+        public virtual AbstractF2mPoint[] PreComp
+        {
+            get { return m_preComp; }
+            set { this.m_preComp = value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs
new file mode 100644
index 0000000..554ac61
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs
@@ -0,0 +1,29 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class ZSignedDigitL2RMultiplier 
+        : AbstractECMultiplier
+    {
+        /**
+         * 'Zeroless' Signed Digit Left-to-Right.
+         */
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECPoint addP = p.Normalize(), subP = addP.Negate();
+
+            ECPoint R0 = addP;
+
+            int n = k.BitLength;
+            int s = k.GetLowestSetBit();
+
+            int i = n;
+            while (--i > s)
+            {
+                R0 = R0.TwicePlus(k.TestBit(i) ? addP : subP);
+            }
+
+            R0 = R0.TimesPow2(s);
+
+            return R0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs b/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs
new file mode 100644
index 0000000..91c06cb
--- /dev/null
+++ b/bc-sharp-crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs
@@ -0,0 +1,30 @@
+namespace Org.BouncyCastle.Math.EC.Multiplier
+{
+    public class ZSignedDigitR2LMultiplier 
+        : AbstractECMultiplier
+    {
+        /**
+         * 'Zeroless' Signed Digit Right-to-Left.
+         */
+        protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k)
+        {
+            ECPoint R0 = p.Curve.Infinity, R1 = p;
+
+            int n = k.BitLength;
+            int s = k.GetLowestSetBit();
+
+            R1 = R1.TimesPow2(s);
+
+            int i = s;
+            while (++i < n)
+            {
+                R0 = R0.Add(k.TestBit(i) ? R1 : R1.Negate());
+                R1 = R1.Twice();
+            }
+
+            R0 = R0.Add(R1);
+
+            return R0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/FiniteFields.cs b/bc-sharp-crypto/src/math/field/FiniteFields.cs
new file mode 100644
index 0000000..7b84569
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/FiniteFields.cs
@@ -0,0 +1,54 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    public abstract class FiniteFields
+    {
+        internal static readonly IFiniteField GF_2 = new PrimeField(BigInteger.ValueOf(2));
+        internal static readonly IFiniteField GF_3 = new PrimeField(BigInteger.ValueOf(3));
+
+        public static IPolynomialExtensionField GetBinaryExtensionField(int[] exponents)
+        {
+            if (exponents[0] != 0)
+            {
+                throw new ArgumentException("Irreducible polynomials in GF(2) must have constant term", "exponents");
+            }
+            for (int i = 1; i < exponents.Length; ++i)
+            {
+                if (exponents[i] <= exponents[i - 1])
+                {
+                    throw new ArgumentException("Polynomial exponents must be montonically increasing", "exponents");
+                }
+            }
+
+            return new GenericPolynomialExtensionField(GF_2, new GF2Polynomial(exponents));
+        }
+
+    //    public static IPolynomialExtensionField GetTernaryExtensionField(Term[] terms)
+    //    {
+    //        return new GenericPolynomialExtensionField(GF_3, new GF3Polynomial(terms));
+    //    }
+
+        public static IFiniteField GetPrimeField(BigInteger characteristic)
+        {
+            int bitLength = characteristic.BitLength;
+            if (characteristic.SignValue <= 0 || bitLength < 2)
+            {
+                throw new ArgumentException("Must be >= 2", "characteristic");
+            }
+
+            if (bitLength < 3)
+            {
+                switch (characteristic.IntValue)
+                {
+                case 2:
+                    return GF_2;
+                case 3:
+                    return GF_3;
+                }
+            }
+
+            return new PrimeField(characteristic);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/GF2Polynomial.cs b/bc-sharp-crypto/src/math/field/GF2Polynomial.cs
new file mode 100644
index 0000000..c062d50
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/GF2Polynomial.cs
@@ -0,0 +1,46 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    internal class GF2Polynomial
+        : IPolynomial
+    {
+        protected readonly int[] exponents;
+
+        internal GF2Polynomial(int[] exponents)
+        {
+            this.exponents = Arrays.Clone(exponents);
+        }
+
+        public virtual int Degree
+        {
+            get { return exponents[exponents.Length - 1]; }
+        }
+
+        public virtual int[] GetExponentsPresent()
+        {
+            return Arrays.Clone(exponents);
+        }
+
+        public override bool Equals(object obj)
+        {
+            if (this == obj)
+            {
+                return true;
+            }
+            GF2Polynomial other = obj as GF2Polynomial;
+            if (null == other)
+            {
+                return false;
+            }
+            return Arrays.AreEqual(exponents, other.exponents);
+        }
+
+        public override int GetHashCode()
+        {
+            return Arrays.GetHashCode(exponents);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/GenericPolynomialExtensionField.cs b/bc-sharp-crypto/src/math/field/GenericPolynomialExtensionField.cs
new file mode 100644
index 0000000..13ef571
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/GenericPolynomialExtensionField.cs
@@ -0,0 +1,63 @@
+using System;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    internal class GenericPolynomialExtensionField
+        : IPolynomialExtensionField
+    {
+        protected readonly IFiniteField subfield;
+        protected readonly IPolynomial minimalPolynomial;
+
+        internal GenericPolynomialExtensionField(IFiniteField subfield, IPolynomial polynomial)
+        {
+            this.subfield = subfield;
+            this.minimalPolynomial = polynomial;
+        }
+
+        public virtual BigInteger Characteristic
+        {
+            get { return subfield.Characteristic; }
+        }
+
+        public virtual int Dimension
+        {
+            get { return subfield.Dimension * minimalPolynomial.Degree; }
+        }
+
+        public virtual IFiniteField Subfield
+        {
+            get { return subfield; }
+        }
+
+        public virtual int Degree
+        {
+            get { return minimalPolynomial.Degree; }
+        }
+
+        public virtual IPolynomial MinimalPolynomial
+        {
+            get { return minimalPolynomial; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            if (this == obj)
+            {
+                return true;
+            }
+            GenericPolynomialExtensionField other = obj as GenericPolynomialExtensionField;
+            if (null == other)
+            {
+                return false;
+            }
+            return subfield.Equals(other.subfield) && minimalPolynomial.Equals(other.minimalPolynomial);
+        }
+
+        public override int GetHashCode()
+        {
+            return subfield.GetHashCode() ^ Integers.RotateLeft(minimalPolynomial.GetHashCode(), 16);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/IExtensionField.cs b/bc-sharp-crypto/src/math/field/IExtensionField.cs
new file mode 100644
index 0000000..17f45c1
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/IExtensionField.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    public interface IExtensionField
+        : IFiniteField
+    {
+        IFiniteField Subfield { get; }
+
+        int Degree { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/IFiniteField.cs b/bc-sharp-crypto/src/math/field/IFiniteField.cs
new file mode 100644
index 0000000..b618be7
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/IFiniteField.cs
@@ -0,0 +1,11 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    public interface IFiniteField
+    {
+        BigInteger Characteristic { get; }
+
+        int Dimension { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/IPolynomial.cs b/bc-sharp-crypto/src/math/field/IPolynomial.cs
new file mode 100644
index 0000000..ad6dfb6
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/IPolynomial.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    public interface IPolynomial
+    {
+        int Degree { get; }
+
+        //BigInteger[] GetCoefficients();
+
+        int[] GetExponentsPresent();
+
+        //Term[] GetNonZeroTerms();
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/IPolynomialExtensionField.cs b/bc-sharp-crypto/src/math/field/IPolynomialExtensionField.cs
new file mode 100644
index 0000000..3818c18
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/IPolynomialExtensionField.cs
@@ -0,0 +1,10 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    public interface IPolynomialExtensionField
+        : IExtensionField
+    {
+        IPolynomial MinimalPolynomial { get; }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/field/PrimeField.cs b/bc-sharp-crypto/src/math/field/PrimeField.cs
new file mode 100644
index 0000000..f6ba629
--- /dev/null
+++ b/bc-sharp-crypto/src/math/field/PrimeField.cs
@@ -0,0 +1,44 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Field
+{
+    internal class PrimeField
+        : IFiniteField
+    {
+        protected readonly BigInteger characteristic;
+
+        internal PrimeField(BigInteger characteristic)
+        {
+            this.characteristic = characteristic;
+        }
+
+        public virtual BigInteger Characteristic
+        {
+            get { return characteristic; }
+        }
+
+        public virtual int Dimension
+        {
+            get { return 1; }
+        }
+
+        public override bool Equals(object obj)
+        {
+            if (this == obj)
+            {
+                return true;
+            }
+            PrimeField other = obj as PrimeField;
+            if (null == other)
+            {
+                return false;
+            }
+            return characteristic.Equals(other.characteristic);
+        }
+
+        public override int GetHashCode()
+        {
+            return characteristic.GetHashCode();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Interleave.cs b/bc-sharp-crypto/src/math/raw/Interleave.cs
new file mode 100644
index 0000000..d218406
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Interleave.cs
@@ -0,0 +1,107 @@
+using System;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Interleave
+    {
+        private const ulong M32 = 0x55555555UL;
+        private const ulong M64 = 0x5555555555555555UL;
+
+        /*
+         * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits.
+         * In a binary field, this operation is the same as squaring an 8 bit number.
+         */
+        //private static readonly ushort[] INTERLEAVE2_TABLE = new ushort[]
+        //{
+        //    0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015,
+        //    0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055,
+        //    0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115,
+        //    0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155,
+        //    0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415,
+        //    0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455,
+        //    0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515,
+        //    0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555,
+        //    0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015,
+        //    0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055,
+        //    0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115,
+        //    0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155,
+        //    0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415,
+        //    0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455,
+        //    0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515,
+        //    0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555,
+        //    0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015,
+        //    0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055,
+        //    0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115,
+        //    0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155,
+        //    0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415,
+        //    0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455,
+        //    0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515,
+        //    0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555,
+        //    0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015,
+        //    0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055,
+        //    0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115,
+        //    0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155,
+        //    0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415,
+        //    0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455,
+        //    0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515,
+        //    0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555
+        //};
+
+        internal static uint Expand8to16(uint x)
+        {
+            x &= 0xFFU;
+            x = (x | (x << 4)) & 0x0F0FU;
+            x = (x | (x << 2)) & 0x3333U;
+            x = (x | (x << 1)) & 0x5555U;
+            return x;
+        }
+
+        internal static uint Expand16to32(uint x)
+        {
+            x &= 0xFFFFU;
+            x = (x | (x << 8)) & 0x00FF00FFU;
+            x = (x | (x << 4)) & 0x0F0F0F0FU;
+            x = (x | (x << 2)) & 0x33333333U;
+            x = (x | (x << 1)) & 0x55555555U;
+            return x;
+        }
+
+        internal static ulong Expand32to64(uint x)
+        {
+            // "shuffle" low half to even bits and high half to odd bits
+            uint t;
+            t = (x ^ (x >>  8)) & 0x0000FF00U; x ^= (t ^ (t <<  8));
+            t = (x ^ (x >>  4)) & 0x00F000F0U; x ^= (t ^ (t <<  4));
+            t = (x ^ (x >>  2)) & 0x0C0C0C0CU; x ^= (t ^ (t <<  2));
+            t = (x ^ (x >>  1)) & 0x22222222U; x ^= (t ^ (t <<  1));
+
+            return ((x >> 1) & M32) << 32 | (x & M32);
+        }
+
+        internal static void Expand64To128(ulong x, ulong[] z, int zOff)
+        {
+            // "shuffle" low half to even bits and high half to odd bits
+            ulong t;
+            t = (x ^ (x >> 16)) & 0x00000000FFFF0000UL; x ^= (t ^ (t << 16));
+            t = (x ^ (x >>  8)) & 0x0000FF000000FF00UL; x ^= (t ^ (t <<  8));
+            t = (x ^ (x >>  4)) & 0x00F000F000F000F0UL; x ^= (t ^ (t <<  4));
+            t = (x ^ (x >>  2)) & 0x0C0C0C0C0C0C0C0CUL; x ^= (t ^ (t <<  2));
+            t = (x ^ (x >>  1)) & 0x2222222222222222UL; x ^= (t ^ (t <<  1));
+
+            z[zOff    ] = (x     ) & M64;
+            z[zOff + 1] = (x >> 1) & M64;
+        }
+
+        internal static ulong Unshuffle(ulong x)
+        {
+            // "unshuffle" even bits to low half and odd bits to high half
+            ulong t;
+            t = (x ^ (x >>  1)) & 0x2222222222222222UL; x ^= (t ^ (t <<  1));
+            t = (x ^ (x >>  2)) & 0x0C0C0C0C0C0C0C0CUL; x ^= (t ^ (t <<  2));
+            t = (x ^ (x >>  4)) & 0x00F000F000F000F0UL; x ^= (t ^ (t <<  4));
+            t = (x ^ (x >>  8)) & 0x0000FF000000FF00UL; x ^= (t ^ (t <<  8));
+            t = (x ^ (x >> 16)) & 0x00000000FFFF0000UL; x ^= (t ^ (t << 16));
+            return x;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Mod.cs b/bc-sharp-crypto/src/math/raw/Mod.cs
new file mode 100644
index 0000000..8d9e8fd
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Mod.cs
@@ -0,0 +1,186 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Mod
+    {
+        private static readonly SecureRandom RandomSource = new SecureRandom();
+
+        public static void Invert(uint[] p, uint[] x, uint[] z)
+        {
+            int len = p.Length;
+            if (Nat.IsZero(len, x))
+                throw new ArgumentException("cannot be 0", "x");
+            if (Nat.IsOne(len, x))
+            {
+                Array.Copy(x, 0, z, 0, len);
+                return;
+            }
+
+            uint[] u = Nat.Copy(len, x);
+            uint[] a = Nat.Create(len);
+            a[0] = 1;
+            int ac = 0;
+
+            if ((u[0] & 1) == 0)
+            {
+                InversionStep(p, u, len, a, ref ac);
+            }
+            if (Nat.IsOne(len, u))
+            {
+                InversionResult(p, ac, a, z);
+                return;
+            }
+
+            uint[] v = Nat.Copy(len, p);
+            uint[] b = Nat.Create(len);
+            int bc = 0;
+
+            int uvLen = len;
+
+            for (;;)
+            {
+                while (u[uvLen - 1] == 0 && v[uvLen - 1] == 0)
+                {
+                    --uvLen;
+                }
+
+                if (Nat.Gte(len, u, v))
+                {
+                    Nat.SubFrom(len, v, u);
+                    Debug.Assert((u[0] & 1) == 0);
+                    ac += Nat.SubFrom(len, b, a) - bc;
+                    InversionStep(p, u, uvLen, a, ref ac);
+                    if (Nat.IsOne(len, u))
+                    {
+                        InversionResult(p, ac, a, z);
+                        return;
+                    }
+                }
+                else
+                {
+                    Nat.SubFrom(len, u, v);
+                    Debug.Assert((v[0] & 1) == 0);
+                    bc += Nat.SubFrom(len, a, b) - ac;
+                    InversionStep(p, v, uvLen, b, ref bc);
+                    if (Nat.IsOne(len, v))
+                    {
+                        InversionResult(p, bc, b, z);
+                        return;
+                    }
+                }
+            }
+        }
+
+        public static uint[] Random(uint[] p)
+        {
+            int len = p.Length;
+            uint[] s = Nat.Create(len);
+
+            uint m = p[len - 1];
+            m |= m >> 1;
+            m |= m >> 2;
+            m |= m >> 4;
+            m |= m >> 8;
+            m |= m >> 16;
+
+            do
+            {
+                byte[] bytes = new byte[len << 2];
+                RandomSource.NextBytes(bytes);
+                Pack.BE_To_UInt32(bytes, 0, s);
+                s[len - 1] &= m;
+            }
+            while (Nat.Gte(len, s, p));
+
+            return s;
+        }
+
+        public static void Add(uint[] p, uint[] x, uint[] y, uint[] z)
+        {
+            int len = p.Length;
+            uint c = Nat.Add(len, x, y, z);
+            if (c != 0)
+            {
+                Nat.SubFrom(len, p, z);
+            }
+        }
+
+        public static void Subtract(uint[] p, uint[] x, uint[] y, uint[] z)
+        {
+            int len = p.Length;
+            int c = Nat.Sub(len, x, y, z);
+            if (c != 0)
+            {
+                Nat.AddTo(len, p, z);
+            }
+        }
+
+        private static void InversionResult(uint[] p, int ac, uint[] a, uint[] z)
+        {
+            if (ac < 0)
+            {
+                Nat.Add(p.Length, a, p, z);
+            }
+            else
+            {
+                Array.Copy(a, 0, z, 0, p.Length);
+            }
+        }
+
+        private static void InversionStep(uint[] p, uint[] u, int uLen, uint[] x, ref int xc)
+        {
+            int len = p.Length;
+            int count = 0;
+            while (u[0] == 0)
+            {
+                Nat.ShiftDownWord(uLen, u, 0);
+                count += 32;
+            }
+
+            {
+                int zeroes = GetTrailingZeroes(u[0]);
+                if (zeroes > 0)
+                {
+                    Nat.ShiftDownBits(uLen, u, zeroes, 0);
+                    count += zeroes;
+                }
+            }
+
+            for (int i = 0; i < count; ++i)
+            {
+                if ((x[0] & 1) != 0)
+                {
+                    if (xc < 0)
+                    {
+                        xc += (int)Nat.AddTo(len, p, x);
+                    }
+                    else
+                    {
+                        xc += Nat.SubFrom(len, p, x);
+                    }
+                }
+
+                Debug.Assert(xc == 0 || xc == -1);
+                Nat.ShiftDownBit(len, x, (uint)xc);
+            }
+        }
+
+        private static int GetTrailingZeroes(uint x)
+        {
+            Debug.Assert(x != 0);
+            int count = 0;
+            while ((x & 1) == 0)
+            {
+                x >>= 1;
+                ++count;
+            }
+            return count;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat.cs b/bc-sharp-crypto/src/math/raw/Nat.cs
new file mode 100644
index 0000000..1f9ab00
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat.cs
@@ -0,0 +1,1053 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(int len, uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (ulong)x[i] + y[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (uint)c;
+        }
+
+        public static uint Add33At(int len, uint x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            ulong c = (ulong)z[zPos + 0] + x;
+            z[zPos + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zPos + 1] + 1;
+            z[zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zPos + 2);
+        }
+
+        public static uint Add33At(int len, uint x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            ulong c = (ulong)z[zOff + zPos] + x;
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zOff + zPos + 1] + 1;
+            z[zOff + zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 2);
+        }
+
+        public static uint Add33To(int len, uint x, uint[] z)
+        {
+            ulong c = (ulong)z[0] + x;
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[1] + 1;
+            z[1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, 2);
+        }
+
+        public static uint Add33To(int len, uint x, uint[] z, int zOff)
+        {
+            ulong c = (ulong)z[zOff + 0] + x;
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zOff + 1] + 1;
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, 2);
+        }
+
+        public static uint AddBothTo(int len, uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (ulong)x[i] + y[i] + z[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (ulong)x[xOff + i] + y[yOff + i] + z[zOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            return (uint)c;
+        }
+
+        public static uint AddDWordAt(int len, ulong x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            ulong c = (ulong)z[zPos + 0] + (x & M);
+            z[zPos + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zPos + 1] + (x >> 32);
+            z[zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zPos + 2);
+        }
+
+        public static uint AddDWordAt(int len, ulong x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            ulong c = (ulong)z[zOff + zPos] + (x & M);
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zOff + zPos + 1] + (x >> 32);
+            z[zOff + zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 2);
+        }
+
+        public static uint AddDWordTo(int len, ulong x, uint[] z)
+        {
+            ulong c = (ulong)z[0] + (x & M);
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[1] + (x >> 32);
+            z[1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, 2);
+        }
+
+        public static uint AddDWordTo(int len, ulong x, uint[] z, int zOff)
+        {
+            ulong c = (ulong)z[zOff + 0] + (x & M);
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zOff + 1] + (x >> 32);
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, 2);
+        }
+
+        public static uint AddTo(int len, uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (ulong)x[i] + z[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (uint)c;
+        }
+
+        public static uint AddTo(int len, uint[] x, int xOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (ulong)x[xOff + i] + z[zOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            return (uint)c;
+        }
+
+        public static uint AddWordAt(int len, uint x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 1));
+            ulong c = (ulong)x + z[zPos];
+            z[zPos] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zPos + 1);
+        }
+
+        public static uint AddWordAt(int len, uint x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 1));
+            ulong c = (ulong)x + z[zOff + zPos];
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 1);
+        }
+
+        public static uint AddWordTo(int len, uint x, uint[] z)
+        {
+            ulong c = (ulong)x + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, 1);
+        }
+
+        public static uint AddWordTo(int len, uint x, uint[] z, int zOff)
+        {
+            ulong c = (ulong)x + z[zOff];
+            z[zOff] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zOff, 1);
+        }
+
+        public static void Copy(int len, uint[] x, uint[] z)
+        {
+            Array.Copy(x, 0, z, 0, len);
+        }
+
+        public static uint[] Copy(int len, uint[] x)
+        {
+            uint[] z = new uint[len];
+            Array.Copy(x, 0, z, 0, len);
+            return z;
+        }
+
+        public static uint[] Create(int len)
+        {
+            return new uint[len];
+        }
+
+        public static ulong[] Create64(int len)
+        {
+            return new ulong[len];
+        }
+
+        public static int Dec(int len, uint[] z)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                if (--z[i] != uint.MaxValue)
+                {
+                    return 0;
+                }
+            }
+            return -1;
+        }
+
+        public static int Dec(int len, uint[] x, uint[] z)
+        {
+            int i = 0;
+            while (i < len)
+            {
+                uint c = x[i] - 1;
+                z[i] = c;
+                ++i;
+                if (c != uint.MaxValue)
+                {
+                    while (i < len)
+                    {
+                        z[i] = x[i];
+                        ++i;
+                    }
+                    return 0;
+                }
+            }
+            return -1;
+        }
+
+        public static int DecAt(int len, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= len);
+            for (int i = zPos; i < len; ++i)
+            {
+                if (--z[i] != uint.MaxValue)
+                {
+                    return 0;
+                }
+            }
+            return -1;
+        }
+
+        public static int DecAt(int len, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= len);
+            for (int i = zPos; i < len; ++i)
+            {
+                if (--z[zOff + i] != uint.MaxValue)
+                {
+                    return 0;
+                }
+            }
+            return -1;
+        }
+
+        public static bool Eq(int len, uint[] x, uint[] y)
+        {
+            for (int i = len - 1; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(int bits, BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > bits)
+                throw new ArgumentException();
+
+            int len = (bits + 31) >> 5;
+            uint[] z = Create(len);
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            int w = bit >> 5;
+            if (w < 0 || w >= x.Length)
+            {
+                return 0;
+            }
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(int len, uint[] x, uint[] y)
+        {
+            for (int i = len - 1; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static uint Inc(int len, uint[] z)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                if (++z[i] != uint.MinValue)
+                {
+                    return 0;
+                }
+            }
+            return 1;
+        }
+
+        public static uint Inc(int len, uint[] x, uint[] z)
+        {
+            int i = 0;
+            while (i < len)
+            {
+                uint c = x[i] + 1;
+                z[i] = c;
+                ++i;
+                if (c != 0)
+                {
+                    while (i < len)
+                    {
+                        z[i] = x[i];
+                        ++i;
+                    }
+                    return 0;
+                }
+            }
+            return 1;
+        }
+
+        public static uint IncAt(int len, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= len);
+            for (int i = zPos; i < len; ++i)
+            {
+                if (++z[i] != uint.MinValue)
+                {
+                    return 0;
+                }
+            }
+            return 1;
+        }
+
+        public static uint IncAt(int len, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= len);
+            for (int i = zPos; i < len; ++i)
+            {
+                if (++z[zOff + i] != uint.MinValue)
+                {
+                    return 0;
+                }
+            }
+            return 1;
+        }
+
+        public static bool IsOne(int len, uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < len; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(int len, uint[] x)
+        {
+            if (x[0] != 0)
+            {
+                return false;
+            }
+            for (int i = 1; i < len; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(int len, uint[] x, uint[] y, uint[] zz)
+        {
+            zz[len] = (uint)MulWord(len, x[0], y, zz);
+
+            for (int i = 1; i < len; ++i)
+            {
+                zz[i + len] = (uint)MulWordAddTo(len, x[i], y, 0, zz, i);
+            }
+        }
+
+        public static void Mul(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            zz[zzOff + len] = (uint)MulWord(len, x[xOff], y, yOff, zz, zzOff);
+
+            for (int i = 1; i < len; ++i)
+            {
+                zz[zzOff + i + len] = (uint)MulWordAddTo(len, x[xOff + i], y, yOff, zz, zzOff + i);
+            }
+        }
+
+        public static uint Mul31BothAdd(int len, uint a, uint[] x, uint b, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, aVal = (ulong)a, bVal = (ulong)b;
+            int i = 0;
+            do
+            {
+                c += aVal * x[i] + bVal * y[i] + z[zOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < len);
+            return (uint)c;
+        }
+
+        public static uint MulWord(int len, uint x, uint[] y, uint[] z)
+        {
+            ulong c = 0, xVal = (ulong)x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < len);
+            return (uint)c;
+        }
+
+        public static uint MulWord(int len, uint x, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = (ulong)x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[yOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < len);
+            return (uint)c;
+        }
+
+        public static uint MulWordAddTo(int len, uint x, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = (ulong)x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[yOff + i] + z[zOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < len);
+            return (uint)c;
+        }
+
+        public static uint MulWordDwordAddAt(int len, uint x, ulong y, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 3));
+            ulong c = 0, xVal = (ulong)x;
+            c += xVal * (uint)y + z[zPos + 0];
+            z[zPos + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zPos + 1];
+            z[zPos + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)z[zPos + 2];
+            z[zPos + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : IncAt(len, z, zPos + 3);
+        }
+
+        public static uint ShiftDownBit(int len, uint[] z, uint c)
+        {
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = z[i];
+                z[i] = (next >> 1) | (c << 31);
+                c = next;
+            }
+            return c << 31;
+        }
+
+        public static uint ShiftDownBit(int len, uint[] z, int zOff, uint c)
+        {
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = z[zOff + i];
+                z[zOff + i] = (next >> 1) | (c << 31);
+                c = next;
+            }
+            return c << 31;
+        }
+
+        public static uint ShiftDownBit(int len, uint[] x, uint c, uint[] z)
+        {
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = x[i];
+                z[i] = (next >> 1) | (c << 31);
+                c = next;
+            }
+            return c << 31;
+        }
+
+        public static uint ShiftDownBit(int len, uint[] x, int xOff, uint c, uint[] z, int zOff)
+        {
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = x[xOff + i];
+                z[zOff + i] = (next >> 1) | (c << 31);
+                c = next;
+            }
+            return c << 31;
+        }
+
+        public static uint ShiftDownBits(int len, uint[] z, int bits, uint c)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = z[i];
+                z[i] = (next >> bits) | (c << -bits);
+                c = next;
+            }
+            return c << -bits;
+        }
+
+        public static uint ShiftDownBits(int len, uint[] z, int zOff, int bits, uint c)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = z[zOff + i];
+                z[zOff + i] = (next >> bits) | (c << -bits);
+                c = next;
+            }
+            return c << -bits;
+        }
+
+        public static uint ShiftDownBits(int len, uint[] x, int bits, uint c, uint[] z)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = x[i];
+                z[i] = (next >> bits) | (c << -bits);
+                c = next;
+            }
+            return c << -bits;
+        }
+
+        public static uint ShiftDownBits(int len, uint[] x, int xOff, int bits, uint c, uint[] z, int zOff)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = x[xOff + i];
+                z[zOff + i] = (next >> bits) | (c << -bits);
+                c = next;
+            }
+            return c << -bits;
+        }
+
+        public static uint ShiftDownWord(int len, uint[] z, uint c)
+        {
+            int i = len;
+            while (--i >= 0)
+            {
+                uint next = z[i];
+                z[i] = c;
+                c = next;
+            }
+            return c;
+        }
+
+        public static uint ShiftUpBit(int len, uint[] z, uint c)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = z[i];
+                z[i] = (next << 1) | (c >> 31);
+                c = next;
+            }
+            return c >> 31;
+        }
+
+        public static uint ShiftUpBit(int len, uint[] z, int zOff, uint c)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = z[zOff + i];
+                z[zOff + i] = (next << 1) | (c >> 31);
+                c = next;
+            }
+            return c >> 31;
+        }
+
+        public static uint ShiftUpBit(int len, uint[] x, uint c, uint[] z)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = x[i];
+                z[i] = (next << 1) | (c >> 31);
+                c = next;
+            }
+            return c >> 31;
+        }
+
+        public static uint ShiftUpBit(int len, uint[] x, int xOff, uint c, uint[] z, int zOff)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = x[xOff + i];
+                z[zOff + i] = (next << 1) | (c >> 31);
+                c = next;
+            }
+            return c >> 31;
+        }
+
+        public static ulong ShiftUpBit64(int len, ulong[] x, int xOff, ulong c, ulong[] z, int zOff)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                ulong next = x[xOff + i];
+                z[zOff + i] = (next << 1) | (c >> 63);
+                c = next;
+            }
+            return c >> 63;
+        }
+
+        public static uint ShiftUpBits(int len, uint[] z, int bits, uint c)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = z[i];
+                z[i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static uint ShiftUpBits(int len, uint[] z, int zOff, int bits, uint c)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = z[zOff + i];
+                z[zOff + i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static ulong ShiftUpBits64(int len, ulong[] z, int zOff, int bits, ulong c)
+        {
+            Debug.Assert(bits > 0 && bits < 64);
+            for (int i = 0; i < len; ++i)
+            {
+                ulong next = z[zOff + i];
+                z[zOff + i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static uint ShiftUpBits(int len, uint[] x, int bits, uint c, uint[] z)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = x[i];
+                z[i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static uint ShiftUpBits(int len, uint[] x, int xOff, int bits, uint c, uint[] z, int zOff)
+        {
+            Debug.Assert(bits > 0 && bits < 32);
+            for (int i = 0; i < len; ++i)
+            {
+                uint next = x[xOff + i];
+                z[zOff + i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static ulong ShiftUpBits64(int len, ulong[] x, int xOff, int bits, ulong c, ulong[] z, int zOff)
+        {
+            Debug.Assert(bits > 0 && bits < 64);
+            for (int i = 0; i < len; ++i)
+            {
+                ulong next = x[xOff + i];
+                z[zOff + i] = (next << bits) | (c >> -bits);
+                c = next;
+            }
+            return c >> -bits;
+        }
+
+        public static void Square(int len, uint[] x, uint[] zz)
+        {
+            int extLen = len << 1;
+            uint c = 0;
+            int j = len, k = extLen;
+            do
+            {
+                ulong xVal = (ulong)x[--j];
+                ulong p = xVal * xVal;
+                zz[--k] = (c << 31) | (uint)(p >> 33);
+                zz[--k] = (uint)(p >> 1);
+                c = (uint)p;
+            }
+            while (j > 0);
+
+            for (int i = 1; i < len; ++i)
+            {
+                c = SquareWordAdd(x, i, zz);
+                AddWordAt(extLen, c, zz, i << 1);
+            }
+
+            ShiftUpBit(extLen, zz, x[0] << 31);
+        }
+
+        public static void Square(int len, uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            int extLen = len << 1;
+            uint c = 0;
+            int j = len, k = extLen;
+            do
+            {
+                ulong xVal = (ulong)x[xOff + --j];
+                ulong p = xVal * xVal;
+                zz[zzOff + --k] = (c << 31) | (uint)(p >> 33);
+                zz[zzOff + --k] = (uint)(p >> 1);
+                c = (uint)p;
+            }
+            while (j > 0);
+
+            for (int i = 1; i < len; ++i)
+            {
+                c = SquareWordAdd(x, xOff, i, zz, zzOff);
+                AddWordAt(extLen, c, zz, zzOff, i << 1);
+            }
+
+            ShiftUpBit(extLen, zz, zzOff, x[xOff] << 31);
+        }
+
+        public static uint SquareWordAdd(uint[] x, int xPos, uint[] z)
+        {
+            ulong c = 0, xVal = (ulong)x[xPos];
+            int i = 0;
+            do
+            {
+                c += xVal * x[i] + z[xPos + i];
+                z[xPos + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < xPos);
+            return (uint)c;
+        }
+
+        public static uint SquareWordAdd(uint[] x, int xOff, int xPos, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = (ulong)x[xOff + xPos];
+            int i = 0;
+            do
+            {
+                c += xVal * (x[xOff + i] & M) + (z[xPos + zOff] & M);
+                z[xPos + zOff] = (uint)c;
+                c >>= 32;
+                ++zOff;
+            }
+            while (++i < xPos);
+            return (uint)c;
+        }
+
+        public static int Sub(int len, uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)x[i] - y[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+
+        public static int Sub(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)x[xOff + i] - y[yOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+        public static int Sub33At(int len, uint x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            long c = (long)z[zPos + 0] - x;
+            z[zPos + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zPos + 1] - 1;
+            z[zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zPos + 2);
+        }
+
+        public static int Sub33At(int len, uint x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            long c = (long)z[zOff + zPos] - x;
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + zPos + 1] - 1;
+            z[zOff + zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zOff, zPos + 2);
+        }
+
+        public static int Sub33From(int len, uint x, uint[] z)
+        {
+            long c = (long)z[0] - x;
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - 1;
+            z[1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, 2);
+        }
+
+        public static int Sub33From(int len, uint x, uint[] z, int zOff)
+        {
+            long c = (long)z[zOff + 0] - x;
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - 1;
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zOff, 2);
+        }
+
+        public static int SubBothFrom(int len, uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)z[i] - x[i] - y[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+
+        public static int SubBothFrom(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)z[zOff + i] - x[xOff + i] - y[yOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+
+        public static int SubDWordAt(int len, ulong x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            long c = (long)z[zPos + 0] - (long)(x & M);
+            z[zPos + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zPos + 1] - (long)(x >> 32);
+            z[zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zPos + 2);
+        }
+
+        public static int SubDWordAt(int len, ulong x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 2));
+            long c = (long)z[zOff + zPos] - (long)(x & M);
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + zPos + 1] - (long)(x >> 32);
+            z[zOff + zPos + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z,  zOff, zPos + 2);
+        }
+
+        public static int SubDWordFrom(int len, ulong x, uint[] z)
+        {
+            long c = (long)z[0] - (long)(x & M);
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - (long)(x >> 32);
+            z[1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, 2);
+        }
+
+        public static int SubDWordFrom(int len, ulong x, uint[] z, int zOff)
+        {
+            long c = (long)z[zOff + 0] - (long)(x & M);
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - (long)(x >> 32);
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zOff, 2);
+        }
+
+        public static int SubFrom(int len, uint[] x, uint[] z)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)z[i] - x[i];
+                z[i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+
+        public static int SubFrom(int len, uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                c += (long)z[zOff + i] - x[xOff + i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            return (int)c;
+        }
+
+        public static int SubWordAt(int len, uint x, uint[] z, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 1));
+            long c = (long)z[zPos] - x;
+            z[zPos] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zPos + 1);
+        }
+
+        public static int SubWordAt(int len, uint x, uint[] z, int zOff, int zPos)
+        {
+            Debug.Assert(zPos <= (len - 1));
+            long c = (long)z[zOff + zPos] - x;
+            z[zOff + zPos] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zOff, zPos + 1);
+        }
+
+        public static int SubWordFrom(int len, uint x, uint[] z)
+        {
+            long c = (long)z[0] - x;
+            z[0] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, 1);
+        }
+
+        public static int SubWordFrom(int len, uint x, uint[] z, int zOff)
+        {
+            long c = (long)z[zOff + 0] - x;
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : DecAt(len, z, zOff, 1);
+        }
+
+        public static BigInteger ToBigInteger(int len, uint[] x)
+        {
+            byte[] bs = new byte[len << 2];
+            for (int i = 0; i < len; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (len - 1 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(int len, uint[] z)
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                z[i] = 0;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat128.cs b/bc-sharp-crypto/src/math/raw/Nat128.cs
new file mode 100644
index 0000000..1d3b64d
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat128.cs
@@ -0,0 +1,856 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat128
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn)
+        {
+            ulong c = cIn;
+            c += (ulong)x[xOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff)
+        {
+            ulong c = 0;
+            c += (ulong)u[uOff + 0] + v[vOff + 0];
+            u[uOff + 0] = (uint)c;
+            v[vOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 1] + v[vOff + 1];
+            u[uOff + 1] = (uint)c;
+            v[vOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 2] + v[vOff + 2];
+            u[uOff + 2] = (uint)c;
+            v[vOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 3] + v[vOff + 3];
+            u[uOff + 3] = (uint)c;
+            v[vOff + 3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static void Copy(uint[] x, uint[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+        }
+
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+        }
+
+        public static uint[] Create()
+        {
+            return new uint[4];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[2];
+        }
+
+        public static uint[] CreateExt()
+        {
+            return new uint[8];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[4];
+        }
+
+        public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            bool pos = Gte(x, xOff, y, yOff);
+            if (pos)
+            {
+                Sub(x, xOff, y, yOff, z, zOff);
+            }
+            else
+            {
+                Sub(y, yOff, x, xOff, z, zOff);
+            }
+            return pos;
+        }
+
+        public static bool Eq(uint[] x, uint[] y)
+        {
+            for (int i = 3; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 1; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 128)
+                throw new ArgumentException();
+
+            uint[] z = Create();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 128)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            if ((bit & 127) != bit)
+            {
+                return 0;
+            }
+            int w = bit >> 5;
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(uint[] x, uint[] y)
+        {
+            for (int i = 3; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool Gte(uint[] x, int xOff, uint[] y, int yOff)
+        {
+            for (int i = 3; i >= 0; --i)
+            {
+                uint x_i = x[xOff + i], y_i = y[yOff + i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool IsOne(uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < 4; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 2; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(uint[] x)
+        {
+            for (int i = 0; i < 4; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 2; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+
+            {
+                ulong c = 0, x_0 = x[0];
+                c += x_0 * y_0;
+                zz[0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[3] = (uint)c;
+                c >>= 32;
+                zz[4] = (uint)c;
+            }
+
+            for (int i = 1; i < 4; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                zz[i + 4] = (uint)c;
+            }
+        }
+
+        public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+
+            {
+                ulong c = 0, x_0 = x[xOff + 0];
+                c += x_0 * y_0;
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 4] = (uint)c;
+            }
+
+            for (int i = 1; i < 4; ++i)
+            {
+                ++zzOff;
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 4] = (uint)c;
+            }
+        }
+
+        public static uint MulAddTo(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+
+            ulong zc = 0;
+            for (int i = 0; i < 4; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += zc + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                zc = c >> 32;
+            }
+            return (uint)zc;
+        }
+
+        public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+
+            ulong zc = 0;
+            for (int i = 0; i < 4; ++i)
+            {
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += zc + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                zc = c >> 32;
+                ++zzOff;
+            }
+            return (uint)zc;
+        }
+
+        public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            Debug.Assert(w >> 31 == 0);
+
+            ulong c = 0, wVal = w;
+            ulong x0 = x[xOff + 0];
+            c += wVal * x0 + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong x1 = x[xOff + 1];
+            c += wVal * x1 + x0 + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            ulong x2 = x[xOff + 2];
+            c += wVal * x2 + x1 + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            ulong x3 = x[xOff + 3];
+            c += wVal * x3 + x2 + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += x3;
+            return c;
+        }
+
+        public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff)
+        {
+            Debug.Assert(yyOff <= 4);
+            Debug.Assert(zzOff <= 4);
+
+            ulong c = 0, xVal = x;
+            c += xVal * yy[yyOff + 0] + zz[zzOff + 0];
+            zz[zzOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 1] + zz[zzOff + 1];
+            zz[zzOff + 1] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 2] + zz[zzOff + 2];
+            zz[zzOff + 2] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 3] + zz[zzOff + 3];
+            zz[zzOff + 3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 0);
+            ulong c = 0, xVal = x;
+            ulong y00 = y & M;
+            c += xVal * y00 + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong y01 = y >> 32;
+            c += xVal * y01 + y00 + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += y01 + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 1);
+            ulong c = 0, yVal = y;
+            c += yVal * x + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += yVal + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 3);
+        }
+
+        public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 1);
+            ulong c = 0, xVal = x;
+            c += xVal * y + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 3);
+        }
+
+        public static uint MulWordsAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 2);
+
+            ulong c = 0, xVal = x, yVal = y;
+            c += yVal * xVal + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 2);
+        }
+
+        public static uint MulWord(uint x, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < 4);
+            return (uint)c;
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            ulong x_0 = x[0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 3, j = 8;
+                do
+                {
+                    ulong xVal = x[i--];
+                    ulong p = xVal * xVal;
+                    zz[--j] = (c << 31) | (uint)(p >> 33);
+                    zz[--j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[1];
+            ulong zz_2 = zz[2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[2];
+            ulong zz_3 = zz[3];
+            ulong zz_4 = zz[4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[3];
+            ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_6 += zz_5 >> 32;
+            }
+
+            w = (uint)zz_4;
+            zz[4] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_5;
+            zz[5] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_6;
+            zz[6] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[7] + (uint)(zz_6 >> 32);
+            zz[7] = (w << 1) | c;
+        }
+
+        public static void Square(uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            ulong x_0 = x[xOff + 0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 3, j = 8;
+                do
+                {
+                    ulong xVal = x[xOff + i--];
+                    ulong p = xVal * xVal;
+                    zz[zzOff + --j] = (c << 31) | (uint)(p >> 33);
+                    zz[zzOff + --j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[zzOff + 0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[xOff + 1];
+            ulong zz_2 = zz[zzOff + 2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[zzOff + 1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[xOff + 2];
+            ulong zz_3 = zz[zzOff + 3];
+            ulong zz_4 = zz[zzOff + 4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[zzOff + 2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[xOff + 3];
+            ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[zzOff + 3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_6 += zz_5 >> 32;
+            }
+
+            w = (uint)zz_4;
+            zz[zzOff + 4] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_5;
+            zz[zzOff + 5] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_6;
+            zz[zzOff + 6] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[zzOff + 7] + (uint)(zz_6 >> 32);
+            zz[zzOff + 7] = (w << 1) | c;
+        }
+
+        public static int Sub(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)x[xOff + 0] - y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 1] - y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 2] - y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 3] - y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubBothFrom(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)z[zOff + 0] - x[xOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - x[xOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 2] - x[xOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 3] - x[xOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static BigInteger ToBigInteger(uint[] x)
+        {
+            byte[] bs = new byte[16];
+            for (int i = 0; i < 4; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (3 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[16];
+            for (int i = 0; i < 2; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0UL)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (1 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(uint[] z)
+        {
+            z[0] = 0;
+            z[1] = 0;
+            z[2] = 0;
+            z[3] = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat160.cs b/bc-sharp-crypto/src/math/raw/Nat160.cs
new file mode 100644
index 0000000..1fd00e5
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat160.cs
@@ -0,0 +1,874 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat160
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn)
+        {
+            ulong c = cIn;
+            c += (ulong)x[xOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + z[zOff + 5];
+            return (uint)c;
+        }
+
+        public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff)
+        {
+            ulong c = 0;
+            c += (ulong)u[uOff + 0] + v[vOff + 0];
+            u[uOff + 0] = (uint)c;
+            v[vOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 1] + v[vOff + 1];
+            u[uOff + 1] = (uint)c;
+            v[vOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 2] + v[vOff + 2];
+            u[uOff + 2] = (uint)c;
+            v[vOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 3] + v[vOff + 3];
+            u[uOff + 3] = (uint)c;
+            v[vOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 4] + v[vOff + 4];
+            u[uOff + 4] = (uint)c;
+            v[vOff + 4] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static void Copy(uint[] x, uint[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+        }
+
+        public static uint[] Create()
+        {
+            return new uint[5];
+        }
+
+        public static uint[] CreateExt()
+        {
+            return new uint[10];
+        }
+
+        public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            bool pos = Gte(x, xOff, y, yOff);
+            if (pos)
+            {
+                Sub(x, xOff, y, yOff, z, zOff);
+            }
+            else
+            {
+                Sub(y, yOff, x, xOff, z, zOff);
+            }
+            return pos;
+        }
+
+        public static bool Eq(uint[] x, uint[] y)
+        {
+            for (int i = 4; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 160)
+                throw new ArgumentException();
+
+            uint[] z = Create();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            int w = bit >> 5;
+            if (w < 0 || w >= 5)
+            {
+                return 0;
+            }
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(uint[] x, uint[] y)
+        {
+            for (int i = 4; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool Gte(uint[] x, int xOff, uint[] y, int yOff)
+        {
+            for (int i = 4; i >= 0; --i)
+            {
+                uint x_i = x[xOff + i], y_i = y[yOff + i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool IsOne(uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < 5; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(uint[] x)
+        {
+            for (int i = 0; i < 5; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+
+            {
+                ulong c = 0, x_0 = x[0];
+                c += x_0 * y_0;
+                zz[0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[4] = (uint)c;
+                c >>= 32;
+                zz[5] = (uint)c;
+            }
+
+            for (int i = 1; i < 5; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                zz[i + 5] = (uint)c;
+            }
+        }
+
+        public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+
+            {
+                ulong c = 0, x_0 = x[xOff + 0];
+                c += x_0 * y_0;
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 5] = (uint)c;
+            }
+
+            for (int i = 1; i < 5; ++i)
+            {
+                ++zzOff;
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 5] = (uint)c;
+            }
+        }
+
+        public static uint MulAddTo(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+
+            ulong zc = 0;
+            for (int i = 0; i < 5; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += zc + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                zc = c >> 32;
+            }
+            return (uint)zc;
+        }
+
+        public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+
+            ulong zc = 0;
+            for (int i = 0; i < 5; ++i)
+            {
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += zc + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                zc = c >> 32;
+                ++zzOff;
+            }
+            return (uint)zc;
+        }
+
+        public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            Debug.Assert(w >> 31 == 0);
+
+            ulong c = 0, wVal = w;
+            ulong x0 = x[xOff + 0];
+            c += wVal * x0 + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong x1 = x[xOff + 1];
+            c += wVal * x1 + x0 + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            ulong x2 = x[xOff + 2];
+            c += wVal * x2 + x1 + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            ulong x3 = x[xOff + 3];
+            c += wVal * x3 + x2 + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            ulong x4 = x[xOff + 4];
+            c += wVal * x4 + x3 + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += x4;
+            return c;
+        }
+
+        public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff)
+        {
+            Debug.Assert(yyOff <= 5);
+            Debug.Assert(zzOff <= 5);
+
+            ulong c = 0, xVal = x;
+            c += xVal * yy[yyOff + 0] + zz[zzOff + 0];
+            zz[zzOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 1] + zz[zzOff + 1];
+            zz[zzOff + 1] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 2] + zz[zzOff + 2];
+            zz[zzOff + 2] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 3] + zz[zzOff + 3];
+            zz[zzOff + 3] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 4] + zz[zzOff + 4];
+            zz[zzOff + 4] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 1);
+            ulong c = 0, xVal = x;
+            ulong y00 = y & M;
+            c += xVal * y00 + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong y01 = y >> 32;
+            c += xVal * y01 + y00 + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += y01 + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 4);
+        }
+
+        public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 2);
+            ulong c = 0, yVal = y;
+            c += yVal * x + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += yVal + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 3);
+        }
+
+        public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 2);
+            ulong c = 0, xVal = x;
+            c += xVal * y + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 3);
+        }
+
+        public static uint MulWordsAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 3);
+
+            ulong c = 0, xVal = x, yVal = y;
+            c += yVal * xVal + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 2);
+        }
+
+        public static uint MulWord(uint x, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < 5);
+            return (uint)c;
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            ulong x_0 = x[0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 4, j = 10;
+                do
+                {
+                    ulong xVal = x[i--];
+                    ulong p = xVal * xVal;
+                    zz[--j] = (c << 31) | (uint)(p >> 33);
+                    zz[--j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[1];
+            ulong zz_2 = zz[2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[2];
+            ulong zz_3 = zz[3];
+            ulong zz_4 = zz[4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[3];
+            ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[4];
+            ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_8 += zz_7 >> 32;
+            }
+
+            w = (uint)zz_5;
+            zz[5] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_6;
+            zz[6] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_7;
+            zz[7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[8] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[9] + (uint)(zz_8 >> 32);
+            zz[9] = (w << 1) | c;
+        }
+
+        public static void Square(uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            ulong x_0 = x[xOff + 0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 4, j = 10;
+                do
+                {
+                    ulong xVal = x[xOff + i--];
+                    ulong p = xVal * xVal;
+                    zz[zzOff + --j] = (c << 31) | (uint)(p >> 33);
+                    zz[zzOff + --j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[zzOff + 0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[xOff + 1];
+            ulong zz_2 = zz[zzOff + 2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[zzOff + 1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[xOff + 2];
+            ulong zz_3 = zz[zzOff + 3];
+            ulong zz_4 = zz[zzOff + 4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[zzOff + 2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[xOff + 3];
+            ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[zzOff + 3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[xOff + 4];
+            ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[zzOff + 4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_8 += zz_7 >> 32;
+            }
+
+            w = (uint)zz_5;
+            zz[zzOff + 5] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_6;
+            zz[zzOff + 6] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_7;
+            zz[zzOff + 7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[zzOff + 8] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[zzOff + 9] + (uint)(zz_8 >> 32);
+            zz[zzOff + 9] = (w << 1) | c;
+        }
+
+        public static int Sub(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)x[xOff + 0] - y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 1] - y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 2] - y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 3] - y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 4] - y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubBothFrom(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)z[zOff + 0] - x[xOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - x[xOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 2] - x[xOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 3] - x[xOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 4] - x[xOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static BigInteger ToBigInteger(uint[] x)
+        {
+            byte[] bs = new byte[20];
+            for (int i = 0; i < 5; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (4 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(uint[] z)
+        {
+            z[0] = 0;
+            z[1] = 0;
+            z[2] = 0;
+            z[3] = 0;
+            z[4] = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat192.cs b/bc-sharp-crypto/src/math/raw/Nat192.cs
new file mode 100644
index 0000000..3099baf
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat192.cs
@@ -0,0 +1,1048 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat192
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn)
+        {
+            ulong c = cIn;
+            c += (ulong)x[xOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff)
+        {
+            ulong c = 0;
+            c += (ulong)u[uOff + 0] + v[vOff + 0];
+            u[uOff + 0] = (uint)c;
+            v[vOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 1] + v[vOff + 1];
+            u[uOff + 1] = (uint)c;
+            v[vOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 2] + v[vOff + 2];
+            u[uOff + 2] = (uint)c;
+            v[vOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 3] + v[vOff + 3];
+            u[uOff + 3] = (uint)c;
+            v[vOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 4] + v[vOff + 4];
+            u[uOff + 4] = (uint)c;
+            v[vOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 5] + v[vOff + 5];
+            u[uOff + 5] = (uint)c;
+            v[vOff + 5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static void Copy(uint[] x, uint[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+        }
+
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+        }
+
+        public static uint[] Create()
+        {
+            return new uint[6];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[3];
+        }
+
+        public static uint[] CreateExt()
+        {
+            return new uint[12];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[6];
+        }
+
+        public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            bool pos = Gte(x, xOff, y, yOff);
+            if (pos)
+            {
+                Sub(x, xOff, y, yOff, z, zOff);
+            }
+            else
+            {
+                Sub(y, yOff, x, xOff, z, zOff);
+            }
+            return pos;
+        }
+
+        public static bool Eq(uint[] x, uint[] y)
+        {
+            for (int i = 5; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 2; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 192)
+                throw new ArgumentException();
+
+            uint[] z = Create();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 192)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            int w = bit >> 5;
+            if (w < 0 || w >= 6)
+            {
+                return 0;
+            }
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(uint[] x, uint[] y)
+        {
+            for (int i = 5; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool Gte(uint[] x, int xOff, uint[] y, int yOff)
+        {
+            for (int i = 5; i >= 0; --i)
+            {
+                uint x_i = x[xOff + i], y_i = y[yOff + i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool IsOne(uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < 6; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 3; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(uint[] x)
+        {
+            for (int i = 0; i < 6; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 3; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+
+            {
+                ulong c = 0, x_0 = x[0];
+                c += x_0 * y_0;
+                zz[0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[5] = (uint)c;
+                c >>= 32;
+                zz[6] = (uint)c;
+            }
+
+            for (int i = 1; i < 6; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                zz[i + 6] = (uint)c;
+            }
+        }
+
+        public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+
+            {
+                ulong c = 0, x_0 = x[xOff + 0];
+                c += x_0 * y_0;
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 6] = (uint)c;
+            }
+
+            for (int i = 1; i < 6; ++i)
+            {
+                ++zzOff;
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 6] = (uint)c;
+            }
+        }
+
+        public static uint MulAddTo(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+
+            ulong zc = 0;
+            for (int i = 0; i < 6; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                c += zc + zz[i + 6];
+                zz[i + 6] = (uint)c;
+                zc = c >> 32;
+            }
+            return (uint)zc;
+        }
+
+        public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+
+            ulong zc = 0;
+            for (int i = 0; i < 6; ++i)
+            {
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += zc + zz[zzOff + 6];
+                zz[zzOff + 6] = (uint)c;
+                zc = c >> 32;
+                ++zzOff;
+            }
+            return (uint)zc;
+        }
+
+        public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            Debug.Assert(w >> 31 == 0);
+
+            ulong c = 0, wVal = w;
+            ulong x0 = x[xOff + 0];
+            c += wVal * x0 + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong x1 = x[xOff + 1];
+            c += wVal * x1 + x0 + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            ulong x2 = x[xOff + 2];
+            c += wVal * x2 + x1 + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            ulong x3 = x[xOff + 3];
+            c += wVal * x3 + x2 + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            ulong x4 = x[xOff + 4];
+            c += wVal * x4 + x3 + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            ulong x5 = x[xOff + 5];
+            c += wVal * x5 + x4 + y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += x5;
+            return c;
+        }
+
+        public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff)
+        {
+            Debug.Assert(yyOff <= 6);
+            Debug.Assert(zzOff <= 6);
+            ulong c = 0, xVal = x;
+            c += xVal * yy[yyOff + 0] + zz[zzOff + 0];
+            zz[zzOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 1] + zz[zzOff + 1];
+            zz[zzOff + 1] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 2] + zz[zzOff + 2];
+            zz[zzOff + 2] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 3] + zz[zzOff + 3];
+            zz[zzOff + 3] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 4] + zz[zzOff + 4];
+            zz[zzOff + 4] = (uint)c;
+            c >>= 32;
+            c += xVal * yy[yyOff + 5] + zz[zzOff + 5];
+            zz[zzOff + 5] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 2);
+            ulong c = 0, xVal = x;
+            ulong y00 = y & M;
+            c += xVal * y00 + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong y01 = y >> 32;
+            c += xVal * y01 + y00 + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += y01 + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 4);
+        }
+
+        public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <=3);
+            ulong c = 0, yVal = y;
+            c += yVal * x + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += yVal + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 3);
+        }
+
+        public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 3);
+            ulong c = 0, xVal = x;
+            c += xVal * y + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 3);
+        }
+
+        public static uint MulWord(uint x, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < 6);
+            return (uint)c;
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            ulong x_0 = x[0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 5, j = 12;
+                do
+                {
+                    ulong xVal = x[i--];
+                    ulong p = xVal * xVal;
+                    zz[--j] = (c << 31) | (uint)(p >> 33);
+                    zz[--j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[1];
+            ulong zz_2 = zz[2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[2];
+            ulong zz_3 = zz[3];
+            ulong zz_4 = zz[4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[3];
+            ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[4];
+            ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[5];
+            ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_10 += zz_9 >> 32;
+            }
+
+            w = (uint)zz_6;
+            zz[6] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_7;
+            zz[7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[10] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[11] + (uint)(zz_10 >> 32);
+            zz[11] = (w << 1) | c;
+        }
+
+        public static void Square(uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            ulong x_0 = x[xOff + 0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 5, j = 12;
+                do
+                {
+                    ulong xVal = x[xOff + i--];
+                    ulong p = xVal * xVal;
+                    zz[zzOff + --j] = (c << 31) | (uint)(p >> 33);
+                    zz[zzOff + --j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[zzOff + 0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[xOff + 1];
+            ulong zz_2 = zz[zzOff + 2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[zzOff + 1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[xOff + 2];
+            ulong zz_3 = zz[zzOff + 3];
+            ulong zz_4 = zz[zzOff + 4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[zzOff + 2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[xOff + 3];
+            ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[zzOff + 3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[xOff + 4];
+            ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[zzOff + 4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[xOff + 5];
+            ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[zzOff + 5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_10 += zz_9 >> 32;
+            }
+
+            w = (uint)zz_6;
+            zz[zzOff + 6] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_7;
+            zz[zzOff + 7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[zzOff + 8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[zzOff + 9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[zzOff + 10] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[zzOff + 11] + (uint)(zz_10 >> 32);
+            zz[zzOff + 11] = (w << 1) | c;
+        }
+
+        public static int Sub(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)x[xOff + 0] - y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 1] - y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 2] - y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 3] - y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 4] - y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 5] - y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubBothFrom(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)z[zOff + 0] - x[xOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - x[xOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 2] - x[xOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 3] - x[xOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 4] - x[xOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 5] - x[xOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static BigInteger ToBigInteger(uint[] x)
+        {
+            byte[] bs = new byte[24];
+            for (int i = 0; i < 6; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (5 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[24];
+            for (int i = 0; i < 3; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0L)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (2 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(uint[] z)
+        {
+            z[0] = 0;
+            z[1] = 0;
+            z[2] = 0;
+            z[3] = 0;
+            z[4] = 0;
+            z[5] = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat224.cs b/bc-sharp-crypto/src/math/raw/Nat224.cs
new file mode 100644
index 0000000..978caf2
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat224.cs
@@ -0,0 +1,1176 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat224
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Add(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            c += (ulong)x[xOff + 0] + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + y[6] + z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            c += (ulong)x[xOff + 0] + y[yOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + y[yOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + y[yOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + y[yOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + y[yOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + y[yOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + y[yOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn)
+        {
+            ulong c = cIn;
+            c += (ulong)x[xOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff)
+        {
+            ulong c = 0;
+            c += (ulong)u[uOff + 0] + v[vOff + 0];
+            u[uOff + 0] = (uint)c;
+            v[vOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 1] + v[vOff + 1];
+            u[uOff + 1] = (uint)c;
+            v[vOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 2] + v[vOff + 2];
+            u[uOff + 2] = (uint)c;
+            v[vOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 3] + v[vOff + 3];
+            u[uOff + 3] = (uint)c;
+            v[vOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 4] + v[vOff + 4];
+            u[uOff + 4] = (uint)c;
+            v[vOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 5] + v[vOff + 5];
+            u[uOff + 5] = (uint)c;
+            v[vOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 6] + v[vOff + 6];
+            u[uOff + 6] = (uint)c;
+            v[vOff + 6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static void Copy(uint[] x, uint[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+            z[6] = x[6];
+        }
+
+        public static uint[] Create()
+        {
+            return new uint[7];
+        }
+
+        public static uint[] CreateExt()
+        {
+            return new uint[14];
+        }
+
+        public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            bool pos = Gte(x, xOff, y, yOff);
+            if (pos)
+            {
+                Sub(x, xOff, y, yOff, z, zOff);
+            }
+            else
+            {
+                Sub(y, yOff, x, xOff, z, zOff);
+            }
+            return pos;
+        }
+
+        public static bool Eq(uint[] x, uint[] y)
+        {
+            for (int i = 6; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 224)
+                throw new ArgumentException();
+
+            uint[] z = Create();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            int w = bit >> 5;
+            if (w < 0 || w >= 7)
+            {
+                return 0;
+            }
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(uint[] x, uint[] y)
+        {
+            for (int i = 6; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool Gte(uint[] x, int xOff, uint[] y, int yOff)
+        {
+            for (int i = 6; i >= 0; --i)
+            {
+                uint x_i = x[xOff + i], y_i = y[yOff + i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool IsOne(uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < 7; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(uint[] x)
+        {
+            for (int i = 0; i < 7; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+            ulong y_6 = y[6];
+
+            {
+                ulong c = 0, x_0 = x[0];
+                c += x_0 * y_0;
+                zz[0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[5] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_6;
+                zz[6] = (uint)c;
+                c >>= 32;
+                zz[7] = (uint)c;
+            }
+
+            for (int i = 1; i < 7; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[i + 6];
+                zz[i + 6] = (uint)c;
+                c >>= 32;
+                zz[i + 7] = (uint)c;
+            }
+        }
+
+        public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+            ulong y_6 = y[yOff + 6];
+
+            {
+                ulong c = 0, x_0 = x[xOff + 0];
+                c += x_0 * y_0;
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_6;
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 7] = (uint)c;
+            }
+
+            for (int i = 1; i < 7; ++i)
+            {
+                ++zzOff;
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[zzOff + 6];
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 7] = (uint)c;
+            }
+        }
+
+        public static uint MulAddTo(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+            ulong y_6 = y[6];
+
+            ulong zc = 0;
+            for (int i = 0; i < 7; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[i + 6];
+                zz[i + 6] = (uint)c;
+                c >>= 32;
+                c += zc + zz[i + 7];
+                zz[i + 7] = (uint)c;
+                zc = c >> 32;
+            }
+            return (uint)zc;
+        }
+
+        public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+            ulong y_6 = y[yOff + 6];
+
+            ulong zc = 0;
+            for (int i = 0; i < 7; ++i)
+            {
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[zzOff + 6];
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                c += zc + zz[zzOff + 7];
+                zz[zzOff + 7] = (uint)c;
+                zc = c >> 32;
+                ++zzOff;
+            }
+            return (uint)zc;
+        }
+
+        public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            Debug.Assert(w >> 31 == 0);
+
+            ulong c = 0, wVal = w;
+            ulong x0 = x[xOff + 0];
+            c += wVal * x0 + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong x1 = x[xOff + 1];
+            c += wVal * x1 + x0 + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            ulong x2 = x[xOff + 2];
+            c += wVal * x2 + x1 + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            ulong x3 = x[xOff + 3];
+            c += wVal * x3 + x2 + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            ulong x4 = x[xOff + 4];
+            c += wVal * x4 + x3 + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            ulong x5 = x[xOff + 5];
+            c += wVal * x5 + x4 + y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            ulong x6 = x[xOff + 6];
+            c += wVal * x6 + x5 + y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += x6;
+            return c;
+        }
+
+        public static uint MulByWord(uint x, uint[] z)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * (ulong)z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint MulByWordAddTo(uint x, uint[] y, uint[] z)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * (ulong)z[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[5] + y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[6] + y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint MulWordAddTo(uint x, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * y[yOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 3);
+            ulong c = 0, xVal = x;
+            ulong y00 = y & M;
+            c += xVal * y00 + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong y01 = y >> 32;
+            c += xVal * y01 + y00 + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += y01 + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 4);
+        }
+
+        public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 4);
+            ulong c = 0, yVal = y;
+            c += yVal * x + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += yVal + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 3);
+        }
+
+        public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 4);
+            ulong c = 0, xVal = x;
+            c += xVal * y + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 3);
+        }
+
+        public static uint MulWord(uint x, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < 7);
+            return (uint)c;
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            ulong x_0 = x[0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 6, j = 14;
+                do
+                {
+                    ulong xVal = x[i--];
+                    ulong p = xVal * xVal;
+                    zz[--j] = (c << 31) | (uint)(p >> 33);
+                    zz[--j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[1];
+            ulong zz_2 = zz[2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[2];
+            ulong zz_3 = zz[3];
+            ulong zz_4 = zz[4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[3];
+            ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[4];
+            ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[5];
+            ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_6 &= M;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_8 &= M;
+                zz_10 += zz_9 >> 32;
+                zz_9 &= M;
+            }
+
+            ulong x_6 = x[6];
+            ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M;
+            ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M;
+            {
+                zz_6 += x_6 * x_0;
+                w = (uint)zz_6;
+                zz[6] = (w << 1) | c;
+                c = w >> 31;
+                zz_7 += (zz_6 >> 32) + x_6 * x_1;
+                zz_8 += (zz_7 >> 32) + x_6 * x_2;
+                zz_9 += (zz_8 >> 32) + x_6 * x_3;
+                zz_10 += (zz_9 >> 32) + x_6 * x_4;
+                zz_11 += (zz_10 >> 32) + x_6 * x_5;
+                zz_12 += zz_11 >> 32;
+            }
+
+            w = (uint)zz_7;
+            zz[7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[10] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_11;
+            zz[11] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_12;
+            zz[12] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[13] + (uint)(zz_12 >> 32);
+            zz[13] = (w << 1) | c;
+        }
+
+        public static void Square(uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            ulong x_0 = x[xOff + 0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 6, j = 14;
+                do
+                {
+                    ulong xVal = x[xOff + i--];
+                    ulong p = xVal * xVal;
+                    zz[zzOff + --j] = (c << 31) | (uint)(p >> 33);
+                    zz[zzOff + --j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[zzOff + 0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[xOff + 1];
+            ulong zz_2 = zz[zzOff + 2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[zzOff + 1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[xOff + 2];
+            ulong zz_3 = zz[zzOff + 3];
+            ulong zz_4 = zz[zzOff + 4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[zzOff + 2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[xOff + 3];
+            ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[zzOff + 3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[xOff + 4];
+            ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[zzOff + 4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[xOff + 5];
+            ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[zzOff + 5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_6 &= M;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_8 &= M;
+                zz_10 += zz_9 >> 32;
+                zz_9 &= M;
+            }
+
+            ulong x_6 = x[xOff + 6];
+            ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M;
+            ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M;
+            {
+                zz_6 += x_6 * x_0;
+                w = (uint)zz_6;
+                zz[zzOff + 6] = (w << 1) | c;
+                c = w >> 31;
+                zz_7 += (zz_6 >> 32) + x_6 * x_1;
+                zz_8 += (zz_7 >> 32) + x_6 * x_2;
+                zz_9 += (zz_8 >> 32) + x_6 * x_3;
+                zz_10 += (zz_9 >> 32) + x_6 * x_4;
+                zz_11 += (zz_10 >> 32) + x_6 * x_5;
+                zz_12 += zz_11 >> 32;
+            }
+
+            w = (uint)zz_7;
+            zz[zzOff + 7] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_8;
+            zz[zzOff + 8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[zzOff + 9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[zzOff + 10] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_11;
+            zz[zzOff + 11] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_12;
+            zz[zzOff + 12] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[zzOff + 13] + (uint)(zz_12 >> 32);
+            zz[zzOff + 13] = (w << 1) | c;
+        }
+
+        public static int Sub(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)x[6] - y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)x[xOff + 0] - y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 1] - y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 2] - y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 3] - y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 4] - y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 5] - y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 6] - y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubBothFrom(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)z[6] - x[6] - y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)z[6] - x[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)z[zOff + 0] - x[xOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - x[xOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 2] - x[xOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 3] - x[xOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 4] - x[xOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 5] - x[xOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 6] - x[xOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static BigInteger ToBigInteger(uint[] x)
+        {
+            byte[] bs = new byte[28];
+            for (int i = 0; i < 7; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (6 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(uint[] z)
+        {
+            z[0] = 0;
+            z[1] = 0;
+            z[2] = 0;
+            z[3] = 0;
+            z[4] = 0;
+            z[5] = 0;
+            z[6] = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat256.cs b/bc-sharp-crypto/src/math/raw/Nat256.cs
new file mode 100644
index 0000000..09c751a
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat256.cs
@@ -0,0 +1,1387 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat256
+    {
+        private const ulong M = 0xFFFFFFFFUL;
+
+        public static uint Add(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[7] + y[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Add(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            c += (ulong)x[xOff + 0] + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 7] + y[yOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, uint[] y, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + y[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + y[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + y[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + y[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + y[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + y[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + y[6] + z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[7] + y[7] + z[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddBothTo(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0;
+            c += (ulong)x[xOff + 0] + y[yOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + y[yOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + y[yOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + y[yOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + y[yOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + y[yOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + y[yOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 7] + y[yOff + 7] + z[zOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, uint[] z)
+        {
+            ulong c = 0;
+            c += (ulong)x[0] + z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[1] + z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[2] + z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[3] + z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[4] + z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[5] + z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[6] + z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[7] + z[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn)
+        {
+            ulong c = cIn;
+            c += (ulong)x[xOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += (ulong)x[xOff + 7] + z[zOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff)
+        {
+            ulong c = 0;
+            c += (ulong)u[uOff + 0] + v[vOff + 0];
+            u[uOff + 0] = (uint)c;
+            v[vOff + 0] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 1] + v[vOff + 1];
+            u[uOff + 1] = (uint)c;
+            v[vOff + 1] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 2] + v[vOff + 2];
+            u[uOff + 2] = (uint)c;
+            v[vOff + 2] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 3] + v[vOff + 3];
+            u[uOff + 3] = (uint)c;
+            v[vOff + 3] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 4] + v[vOff + 4];
+            u[uOff + 4] = (uint)c;
+            v[vOff + 4] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 5] + v[vOff + 5];
+            u[uOff + 5] = (uint)c;
+            v[vOff + 5] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 6] + v[vOff + 6];
+            u[uOff + 6] = (uint)c;
+            v[vOff + 6] = (uint)c;
+            c >>= 32;
+            c += (ulong)u[uOff + 7] + v[vOff + 7];
+            u[uOff + 7] = (uint)c;
+            v[vOff + 7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static void Copy(uint[] x, uint[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+            z[6] = x[6];
+            z[7] = x[7];
+        }
+
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+        }
+
+        public static uint[] Create()
+        {
+            return new uint[8];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[4];
+        }
+
+        public static uint[] CreateExt()
+        {
+            return new uint[16];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[8];
+        }
+
+        public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            bool pos = Gte(x, xOff, y, yOff);
+            if (pos)
+            {
+                Sub(x, xOff, y, yOff, z, zOff);
+            }
+            else
+            {
+                Sub(y, yOff, x, xOff, z, zOff);
+            }
+            return pos;
+        }
+
+        public static bool Eq(uint[] x, uint[] y)
+        {
+            for (int i = 7; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 3; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static uint[] FromBigInteger(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 256)
+                throw new ArgumentException();
+
+            uint[] z = Create();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (uint)x.IntValue;
+                x = x.ShiftRight(32);
+            }
+            return z;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 256)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static uint GetBit(uint[] x, int bit)
+        {
+            if (bit == 0)
+            {
+                return x[0] & 1;
+            }
+            if ((bit & 255) != bit)
+            {
+                return 0;
+            }
+            int w = bit >> 5;
+            int b = bit & 31;
+            return (x[w] >> b) & 1;
+        }
+
+        public static bool Gte(uint[] x, uint[] y)
+        {
+            for (int i = 7; i >= 0; --i)
+            {
+                uint x_i = x[i], y_i = y[i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool Gte(uint[] x, int xOff, uint[] y, int yOff)
+        {
+            for (int i = 7; i >= 0; --i)
+            {
+                uint x_i = x[xOff + i], y_i = y[yOff + i];
+                if (x_i < y_i)
+                    return false;
+                if (x_i > y_i)
+                    return true;
+            }
+            return true;
+        }
+
+        public static bool IsOne(uint[] x)
+        {
+            if (x[0] != 1)
+            {
+                return false;
+            }
+            for (int i = 1; i < 8; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 4; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero(uint[] x)
+        {
+            for (int i = 0; i < 8; ++i)
+            {
+                if (x[i] != 0)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 4; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+            ulong y_6 = y[6];
+            ulong y_7 = y[7];
+
+            {
+                ulong c = 0, x_0 = x[0];
+                c += x_0 * y_0;
+                zz[0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[5] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_6;
+                zz[6] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_7;
+                zz[7] = (uint)c;
+                c >>= 32;
+                zz[8] = (uint)c;
+            }
+
+            for (int i = 1; i < 8; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[i + 6];
+                zz[i + 6] = (uint)c;
+                c >>= 32;
+                c += x_i * y_7 + zz[i + 7];
+                zz[i + 7] = (uint)c;
+                c >>= 32;
+                zz[i + 8] = (uint)c;
+            }
+        }
+
+        public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+            ulong y_6 = y[yOff + 6];
+            ulong y_7 = y[yOff + 7];
+
+            {
+                ulong c = 0, x_0 = x[xOff + 0];
+                c += x_0 * y_0;
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_1;
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_2;
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_3;
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_4;
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_5;
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_6;
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                c += x_0 * y_7;
+                zz[zzOff + 7] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 8] = (uint)c;
+            }
+
+            for (int i = 1; i < 8; ++i)
+            {
+                ++zzOff;
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[zzOff + 6];
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                c += x_i * y_7 + zz[zzOff + 7];
+                zz[zzOff + 7] = (uint)c;
+                c >>= 32;
+                zz[zzOff + 8] = (uint)c;
+            }
+        }
+
+        public static uint MulAddTo(uint[] x, uint[] y, uint[] zz)
+        {
+            ulong y_0 = y[0];
+            ulong y_1 = y[1];
+            ulong y_2 = y[2];
+            ulong y_3 = y[3];
+            ulong y_4 = y[4];
+            ulong y_5 = y[5];
+            ulong y_6 = y[6];
+            ulong y_7 = y[7];
+
+            ulong zc = 0;
+            for (int i = 0; i < 8; ++i)
+            {
+                ulong c = 0, x_i = x[i];
+                c += x_i * y_0 + zz[i + 0];
+                zz[i + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[i + 1];
+                zz[i + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[i + 2];
+                zz[i + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[i + 3];
+                zz[i + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[i + 4];
+                zz[i + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[i + 5];
+                zz[i + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[i + 6];
+                zz[i + 6] = (uint)c;
+                c >>= 32;
+                c += x_i * y_7 + zz[i + 7];
+                zz[i + 7] = (uint)c;
+                c >>= 32;
+                c += zc + zz[i + 8];
+                zz[i + 8] = (uint)c;
+                zc = c >> 32;
+            }
+            return (uint)zc;
+        }
+
+        public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff)
+        {
+            ulong y_0 = y[yOff + 0];
+            ulong y_1 = y[yOff + 1];
+            ulong y_2 = y[yOff + 2];
+            ulong y_3 = y[yOff + 3];
+            ulong y_4 = y[yOff + 4];
+            ulong y_5 = y[yOff + 5];
+            ulong y_6 = y[yOff + 6];
+            ulong y_7 = y[yOff + 7];
+
+            ulong zc = 0;
+            for (int i = 0; i < 8; ++i)
+            {
+                ulong c = 0, x_i = x[xOff + i];
+                c += x_i * y_0 + zz[zzOff + 0];
+                zz[zzOff + 0] = (uint)c;
+                c >>= 32;
+                c += x_i * y_1 + zz[zzOff + 1];
+                zz[zzOff + 1] = (uint)c;
+                c >>= 32;
+                c += x_i * y_2 + zz[zzOff + 2];
+                zz[zzOff + 2] = (uint)c;
+                c >>= 32;
+                c += x_i * y_3 + zz[zzOff + 3];
+                zz[zzOff + 3] = (uint)c;
+                c >>= 32;
+                c += x_i * y_4 + zz[zzOff + 4];
+                zz[zzOff + 4] = (uint)c;
+                c >>= 32;
+                c += x_i * y_5 + zz[zzOff + 5];
+                zz[zzOff + 5] = (uint)c;
+                c >>= 32;
+                c += x_i * y_6 + zz[zzOff + 6];
+                zz[zzOff + 6] = (uint)c;
+                c >>= 32;
+                c += x_i * y_7 + zz[zzOff + 7];
+                zz[zzOff + 7] = (uint)c;
+                c >>= 32;
+                c += zc + zz[zzOff + 8];
+                zz[zzOff + 8] = (uint)c;
+                zc = c >> 32;
+                ++zzOff;
+            }
+            return (uint)zc;
+        }
+
+        public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            Debug.Assert(w >> 31 == 0);
+
+            ulong c = 0, wVal = w;
+            ulong x0 = x[xOff + 0];
+            c += wVal * x0 + y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong x1 = x[xOff + 1];
+            c += wVal * x1 + x0 + y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            ulong x2 = x[xOff + 2];
+            c += wVal * x2 + x1 + y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            ulong x3 = x[xOff + 3];
+            c += wVal * x3 + x2 + y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            ulong x4 = x[xOff + 4];
+            c += wVal * x4 + x3 + y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            ulong x5 = x[xOff + 5];
+            c += wVal * x5 + x4 + y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            ulong x6 = x[xOff + 6];
+            c += wVal * x6 + x5 + y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            ulong x7 = x[xOff + 7];
+            c += wVal * x7 + x6 + y[yOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            c += x7;
+            return c;
+        }
+
+        public static uint MulByWord(uint x, uint[] z)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * (ulong)z[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint MulByWordAddTo(uint x, uint[] y, uint[] z)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * (ulong)z[0] + y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[1] + y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[2] + y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[3] + y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[4] + y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[5] + y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[6] + y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += xVal * (ulong)z[7] + y[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint MulWordAddTo(uint x, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            c += xVal * y[yOff + 0] + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 1] + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 2] + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 3] + z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 4] + z[zOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 5] + z[zOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 6] + z[zOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += xVal * y[yOff + 7] + z[zOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (uint)c;
+        }
+
+        public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 4);
+            ulong c = 0, xVal = x;
+            ulong y00 = y & M;
+            c += xVal * y00 + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            ulong y01 = y >> 32;
+            c += xVal * y01 + y00 + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += y01 + z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 4);
+        }
+
+        public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff)
+        {
+            Debug.Assert(x >> 31 == 0);
+            Debug.Assert(zOff <= 5);
+            ulong c = 0, yVal = y;
+            c += yVal * x + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += yVal + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 3);
+        }
+
+        public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff)
+        {
+            Debug.Assert(zOff <= 5);
+            ulong c = 0, xVal = x;
+            c += xVal * y + z[zOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += xVal * (y >> 32) + z[zOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += z[zOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 3);
+        }
+
+        public static uint MulWord(uint x, uint[] y, uint[] z, int zOff)
+        {
+            ulong c = 0, xVal = x;
+            int i = 0;
+            do
+            {
+                c += xVal * y[i];
+                z[zOff + i] = (uint)c;
+                c >>= 32;
+            }
+            while (++i < 8);
+            return (uint)c;
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            ulong x_0 = x[0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 7, j = 16;
+                do
+                {
+                    ulong xVal = x[i--];
+                    ulong p = xVal * xVal;
+                    zz[--j] = (c << 31) | (uint)(p >> 33);
+                    zz[--j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[1];
+            ulong zz_2 = zz[2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[2];
+            ulong zz_3 = zz[3];
+            ulong zz_4 = zz[4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[3];
+            ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[4];
+            ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[5];
+            ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_6 &= M;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_8 &= M;
+                zz_10 += zz_9 >> 32;
+                zz_9 &= M;
+            }
+
+            ulong x_6 = x[6];
+            ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M;
+            ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M;
+            {
+                zz_6 += x_6 * x_0;
+                w = (uint)zz_6;
+                zz[6] = (w << 1) | c;
+                c = w >> 31;
+                zz_7 += (zz_6 >> 32) + x_6 * x_1;
+                zz_8 += (zz_7 >> 32) + x_6 * x_2;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_6 * x_3;
+                zz_8 &= M;
+                zz_10 += (zz_9 >> 32) + x_6 * x_4;
+                zz_9 &= M;
+                zz_11 += (zz_10 >> 32) + x_6 * x_5;
+                zz_10 &= M;
+                zz_12 += zz_11 >> 32;
+                zz_11 &= M;
+            }
+
+            ulong x_7 = x[7];
+            ulong zz_13 = zz[13] + (zz_12 >> 32); zz_12 &= M;
+            ulong zz_14 = zz[14] + (zz_13 >> 32); zz_13 &= M;
+            {
+                zz_7 += x_7 * x_0;
+                w = (uint)zz_7;
+                zz[7] = (w << 1) | c;
+                c = w >> 31;
+                zz_8 += (zz_7 >> 32) + x_7 * x_1;
+                zz_9 += (zz_8 >> 32) + x_7 * x_2;
+                zz_10 += (zz_9 >> 32) + x_7 * x_3;
+                zz_11 += (zz_10 >> 32) + x_7 * x_4;
+                zz_12 += (zz_11 >> 32) + x_7 * x_5;
+                zz_13 += (zz_12 >> 32) + x_7 * x_6;
+                zz_14 += zz_13 >> 32;
+            }
+
+            w = (uint)zz_8;
+            zz[8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[10] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_11;
+            zz[11] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_12;
+            zz[12] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_13;
+            zz[13] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_14;
+            zz[14] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[15] + (uint)(zz_14 >> 32);
+            zz[15] = (w << 1) | c;
+        }
+
+        public static void Square(uint[] x, int xOff, uint[] zz, int zzOff)
+        {
+            ulong x_0 = x[xOff + 0];
+            ulong zz_1;
+
+            uint c = 0, w;
+            {
+                int i = 7, j = 16;
+                do
+                {
+                    ulong xVal = x[xOff + i--];
+                    ulong p = xVal * xVal;
+                    zz[zzOff + --j] = (c << 31) | (uint)(p >> 33);
+                    zz[zzOff + --j] = (uint)(p >> 1);
+                    c = (uint)p;
+                }
+                while (i > 0);
+
+                {
+                    ulong p = x_0 * x_0;
+                    zz_1 = (ulong)(c << 31) | (p >> 33);
+                    zz[zzOff + 0] = (uint)p;
+                    c = (uint)(p >> 32) & 1;
+                }
+            }
+
+            ulong x_1 = x[xOff + 1];
+            ulong zz_2 = zz[zzOff + 2];
+
+            {
+                zz_1 += x_1 * x_0;
+                w = (uint)zz_1;
+                zz[zzOff + 1] = (w << 1) | c;
+                c = w >> 31;
+                zz_2 += zz_1 >> 32;
+            }
+
+            ulong x_2 = x[xOff + 2];
+            ulong zz_3 = zz[zzOff + 3];
+            ulong zz_4 = zz[zzOff + 4];
+            {
+                zz_2 += x_2 * x_0;
+                w = (uint)zz_2;
+                zz[zzOff + 2] = (w << 1) | c;
+                c = w >> 31;
+                zz_3 += (zz_2 >> 32) + x_2 * x_1;
+                zz_4 += zz_3 >> 32;
+                zz_3 &= M;
+            }
+
+            ulong x_3 = x[xOff + 3];
+            ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+            ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
+            {
+                zz_3 += x_3 * x_0;
+                w = (uint)zz_3;
+                zz[zzOff + 3] = (w << 1) | c;
+                c = w >> 31;
+                zz_4 += (zz_3 >> 32) + x_3 * x_1;
+                zz_5 += (zz_4 >> 32) + x_3 * x_2;
+                zz_4 &= M;
+                zz_6 += zz_5 >> 32;
+                zz_5 &= M;
+            }
+
+            ulong x_4 = x[xOff + 4];
+            ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+            ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
+            {
+                zz_4 += x_4 * x_0;
+                w = (uint)zz_4;
+                zz[zzOff + 4] = (w << 1) | c;
+                c = w >> 31;
+                zz_5 += (zz_4 >> 32) + x_4 * x_1;
+                zz_6 += (zz_5 >> 32) + x_4 * x_2;
+                zz_5 &= M;
+                zz_7 += (zz_6 >> 32) + x_4 * x_3;
+                zz_6 &= M;
+                zz_8 += zz_7 >> 32;
+                zz_7 &= M;
+            }
+
+            ulong x_5 = x[xOff + 5];
+            ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+            ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
+            {
+                zz_5 += x_5 * x_0;
+                w = (uint)zz_5;
+                zz[zzOff + 5] = (w << 1) | c;
+                c = w >> 31;
+                zz_6 += (zz_5 >> 32) + x_5 * x_1;
+                zz_7 += (zz_6 >> 32) + x_5 * x_2;
+                zz_6 &= M;
+                zz_8 += (zz_7 >> 32) + x_5 * x_3;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_5 * x_4;
+                zz_8 &= M;
+                zz_10 += zz_9 >> 32;
+                zz_9 &= M;
+            }
+
+            ulong x_6 = x[xOff + 6];
+            ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M;
+            ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M;
+            {
+                zz_6 += x_6 * x_0;
+                w = (uint)zz_6;
+                zz[zzOff + 6] = (w << 1) | c;
+                c = w >> 31;
+                zz_7 += (zz_6 >> 32) + x_6 * x_1;
+                zz_8 += (zz_7 >> 32) + x_6 * x_2;
+                zz_7 &= M;
+                zz_9 += (zz_8 >> 32) + x_6 * x_3;
+                zz_8 &= M;
+                zz_10 += (zz_9 >> 32) + x_6 * x_4;
+                zz_9 &= M;
+                zz_11 += (zz_10 >> 32) + x_6 * x_5;
+                zz_10 &= M;
+                zz_12 += zz_11 >> 32;
+                zz_11 &= M;
+            }
+
+            ulong x_7 = x[xOff + 7];
+            ulong zz_13 = zz[zzOff + 13] + (zz_12 >> 32); zz_12 &= M;
+            ulong zz_14 = zz[zzOff + 14] + (zz_13 >> 32); zz_13 &= M;
+            {
+                zz_7 += x_7 * x_0;
+                w = (uint)zz_7;
+                zz[zzOff + 7] = (w << 1) | c;
+                c = w >> 31;
+                zz_8 += (zz_7 >> 32) + x_7 * x_1;
+                zz_9 += (zz_8 >> 32) + x_7 * x_2;
+                zz_10 += (zz_9 >> 32) + x_7 * x_3;
+                zz_11 += (zz_10 >> 32) + x_7 * x_4;
+                zz_12 += (zz_11 >> 32) + x_7 * x_5;
+                zz_13 += (zz_12 >> 32) + x_7 * x_6;
+                zz_14 += zz_13 >> 32;
+            }
+
+            w = (uint)zz_8;
+            zz[zzOff + 8] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_9;
+            zz[zzOff + 9] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_10;
+            zz[zzOff + 10] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_11;
+            zz[zzOff + 11] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_12;
+            zz[zzOff + 12] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_13;
+            zz[zzOff + 13] = (w << 1) | c;
+            c = w >> 31;
+            w = (uint)zz_14;
+            zz[zzOff + 14] = (w << 1) | c;
+            c = w >> 31;
+            w = zz[zzOff + 15] + (uint)(zz_14 >> 32);
+            zz[zzOff + 15] = (w << 1) | c;
+        }
+
+        public static int Sub(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)x[6] - y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (long)x[7] - y[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)x[xOff + 0] - y[yOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 1] - y[yOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 2] - y[yOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 3] - y[yOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 4] - y[yOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 5] - y[yOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 6] - y[yOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += (long)x[xOff + 7] - y[yOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubBothFrom(uint[] x, uint[] y, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0] - y[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1] - y[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2] - y[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3] - y[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4] - y[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5] - y[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)z[6] - x[6] - y[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (long)z[7] - x[7] - y[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, uint[] z)
+        {
+            long c = 0;
+            c += (long)z[0] - x[0];
+            z[0] = (uint)c;
+            c >>= 32;
+            c += (long)z[1] - x[1];
+            z[1] = (uint)c;
+            c >>= 32;
+            c += (long)z[2] - x[2];
+            z[2] = (uint)c;
+            c >>= 32;
+            c += (long)z[3] - x[3];
+            z[3] = (uint)c;
+            c >>= 32;
+            c += (long)z[4] - x[4];
+            z[4] = (uint)c;
+            c >>= 32;
+            c += (long)z[5] - x[5];
+            z[5] = (uint)c;
+            c >>= 32;
+            c += (long)z[6] - x[6];
+            z[6] = (uint)c;
+            c >>= 32;
+            c += (long)z[7] - x[7];
+            z[7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff)
+        {
+            long c = 0;
+            c += (long)z[zOff + 0] - x[xOff + 0];
+            z[zOff + 0] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 1] - x[xOff + 1];
+            z[zOff + 1] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 2] - x[xOff + 2];
+            z[zOff + 2] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 3] - x[xOff + 3];
+            z[zOff + 3] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 4] - x[xOff + 4];
+            z[zOff + 4] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 5] - x[xOff + 5];
+            z[zOff + 5] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 6] - x[xOff + 6];
+            z[zOff + 6] = (uint)c;
+            c >>= 32;
+            c += (long)z[zOff + 7] - x[xOff + 7];
+            z[zOff + 7] = (uint)c;
+            c >>= 32;
+            return (int)c;
+        }
+
+        public static BigInteger ToBigInteger(uint[] x)
+        {
+            byte[] bs = new byte[32];
+            for (int i = 0; i < 8; ++i)
+            {
+                uint x_i = x[i];
+                if (x_i != 0)
+                {
+                    Pack.UInt32_To_BE(x_i, bs, (7 - i) << 2);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[32];
+            for (int i = 0; i < 4; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0L)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (3 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+
+        public static void Zero(uint[] z)
+        {
+            z[0] = 0;
+            z[1] = 0;
+            z[2] = 0;
+            z[3] = 0;
+            z[4] = 0;
+            z[5] = 0;
+            z[6] = 0;
+            z[7] = 0;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat320.cs b/bc-sharp-crypto/src/math/raw/Nat320.cs
new file mode 100644
index 0000000..c7daa71
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat320.cs
@@ -0,0 +1,98 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat320
+    {
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[5];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[10];
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 4; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 320)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 5; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 5; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[40];
+            for (int i = 0; i < 5; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0L)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (4 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat384.cs b/bc-sharp-crypto/src/math/raw/Nat384.cs
new file mode 100644
index 0000000..ed1c47e
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat384.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Diagnostics;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat384
+    {
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            Nat192.Mul(x, y, zz);
+            Nat192.Mul(x, 6, y, 6, zz, 12);
+
+            uint c18 = Nat192.AddToEachOther(zz, 6, zz, 12);
+            uint c12 = c18 + Nat192.AddTo(zz, 0, zz, 6, 0);
+            c18 += Nat192.AddTo(zz, 18, zz, 12, c12);
+
+            uint[] dx = Nat192.Create(), dy = Nat192.Create();
+            bool neg = Nat192.Diff(x, 6, x, 0, dx, 0) != Nat192.Diff(y, 6, y, 0, dy, 0);
+
+            uint[] tt = Nat192.CreateExt();
+            Nat192.Mul(dx, dy, tt);
+
+            c18 += neg ? Nat.AddTo(12, tt, 0, zz, 6) : (uint)Nat.SubFrom(12, tt, 0, zz, 6);
+            Nat.AddWordAt(24, c18, zz, 18);
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            Nat192.Square(x, zz);
+            Nat192.Square(x, 6, zz, 12);
+
+            uint c18 = Nat192.AddToEachOther(zz, 6, zz, 12);
+            uint c12 = c18 + Nat192.AddTo(zz, 0, zz, 6, 0);
+            c18 += Nat192.AddTo(zz, 18, zz, 12, c12);
+
+            uint[] dx = Nat192.Create();
+            Nat192.Diff(x, 6, x, 0, dx, 0);
+
+            uint[] m = Nat192.CreateExt();
+            Nat192.Square(dx, m);
+
+            c18 += (uint)Nat.SubFrom(12, m, 0, zz, 6);
+            Nat.AddWordAt(24, c18, zz, 18);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat448.cs b/bc-sharp-crypto/src/math/raw/Nat448.cs
new file mode 100644
index 0000000..52a253f
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat448.cs
@@ -0,0 +1,100 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat448
+    {
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+            z[6] = x[6];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[7];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[14];
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 6; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 448)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 7; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 7; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[56];
+            for (int i = 0; i < 7; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0L)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (6 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat512.cs b/bc-sharp-crypto/src/math/raw/Nat512.cs
new file mode 100644
index 0000000..a9ef2b3
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat512.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Diagnostics;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat512
+    {
+        public static void Mul(uint[] x, uint[] y, uint[] zz)
+        {
+            Nat256.Mul(x, y, zz);
+            Nat256.Mul(x, 8, y, 8, zz, 16);
+
+            uint c24 = Nat256.AddToEachOther(zz, 8, zz, 16);
+            uint c16 = c24 + Nat256.AddTo(zz, 0, zz, 8, 0);
+            c24 += Nat256.AddTo(zz, 24, zz, 16, c16);
+
+            uint[] dx = Nat256.Create(), dy = Nat256.Create();
+            bool neg = Nat256.Diff(x, 8, x, 0, dx, 0) != Nat256.Diff(y, 8, y, 0, dy, 0);
+
+            uint[] tt = Nat256.CreateExt();
+            Nat256.Mul(dx, dy, tt);
+
+            c24 += neg ? Nat.AddTo(16, tt, 0, zz, 8) : (uint)Nat.SubFrom(16, tt, 0, zz, 8);
+            Nat.AddWordAt(32, c24, zz, 24); 
+        }
+
+        public static void Square(uint[] x, uint[] zz)
+        {
+            Nat256.Square(x, zz);
+            Nat256.Square(x, 8, zz, 16);
+
+            uint c24 = Nat256.AddToEachOther(zz, 8, zz, 16);
+            uint c16 = c24 + Nat256.AddTo(zz, 0, zz, 8, 0);
+            c24 += Nat256.AddTo(zz, 24, zz, 16, c16);
+
+            uint[] dx = Nat256.Create();
+            Nat256.Diff(x, 8, x, 0, dx, 0);
+
+            uint[] m = Nat256.CreateExt();
+            Nat256.Square(dx, m);
+
+            c24 += (uint)Nat.SubFrom(16, m, 0, zz, 8);
+            Nat.AddWordAt(32, c24, zz, 24); 
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/math/raw/Nat576.cs b/bc-sharp-crypto/src/math/raw/Nat576.cs
new file mode 100644
index 0000000..813fb86
--- /dev/null
+++ b/bc-sharp-crypto/src/math/raw/Nat576.cs
@@ -0,0 +1,102 @@
+using System;
+using System.Diagnostics;
+
+using Org.BouncyCastle.Crypto.Utilities;
+
+namespace Org.BouncyCastle.Math.Raw
+{
+    internal abstract class Nat576
+    {
+        public static void Copy64(ulong[] x, ulong[] z)
+        {
+            z[0] = x[0];
+            z[1] = x[1];
+            z[2] = x[2];
+            z[3] = x[3];
+            z[4] = x[4];
+            z[5] = x[5];
+            z[6] = x[6];
+            z[7] = x[7];
+            z[8] = x[8];
+        }
+
+        public static ulong[] Create64()
+        {
+            return new ulong[9];
+        }
+
+        public static ulong[] CreateExt64()
+        {
+            return new ulong[18];
+        }
+
+        public static bool Eq64(ulong[] x, ulong[] y)
+        {
+            for (int i = 8; i >= 0; --i)
+            {
+                if (x[i] != y[i])
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static ulong[] FromBigInteger64(BigInteger x)
+        {
+            if (x.SignValue < 0 || x.BitLength > 576)
+                throw new ArgumentException();
+
+            ulong[] z = Create64();
+            int i = 0;
+            while (x.SignValue != 0)
+            {
+                z[i++] = (ulong)x.LongValue;
+                x = x.ShiftRight(64);
+            }
+            return z;
+        }
+
+        public static bool IsOne64(ulong[] x)
+        {
+            if (x[0] != 1UL)
+            {
+                return false;
+            }
+            for (int i = 1; i < 9; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static bool IsZero64(ulong[] x)
+        {
+            for (int i = 0; i < 9; ++i)
+            {
+                if (x[i] != 0UL)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        public static BigInteger ToBigInteger64(ulong[] x)
+        {
+            byte[] bs = new byte[72];
+            for (int i = 0; i < 9; ++i)
+            {
+                ulong x_i = x[i];
+                if (x_i != 0L)
+                {
+                    Pack.UInt64_To_BE(x_i, bs, (8 - i) << 3);
+                }
+            }
+            return new BigInteger(1, bs);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/ocsp/BasicOCSPResp.cs b/bc-sharp-crypto/src/ocsp/BasicOCSPResp.cs
new file mode 100644
index 0000000..63ab892
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/BasicOCSPResp.cs
@@ -0,0 +1,220 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/// <remarks>
+	/// <code>
+	/// BasicOcspResponse ::= SEQUENCE {
+	///		tbsResponseData		ResponseData,
+	///		signatureAlgorithm	AlgorithmIdentifier,
+	///		signature			BIT STRING,
+	///		certs				[0] EXPLICIT SEQUENCE OF Certificate OPTIONAL
+	/// }
+	/// </code>
+	/// </remarks>
+	public class BasicOcspResp
+		: X509ExtensionBase
+	{
+		private readonly BasicOcspResponse	resp;
+		private readonly ResponseData		data;
+//		private readonly X509Certificate[]	chain;
+
+		public BasicOcspResp(
+			BasicOcspResponse resp)
+		{
+			this.resp = resp;
+			this.data = resp.TbsResponseData;
+		}
+
+		/// <returns>The DER encoding of the tbsResponseData field.</returns>
+		/// <exception cref="OcspException">In the event of an encoding error.</exception>
+		public byte[] GetTbsResponseData()
+		{
+			try
+			{
+				return data.GetDerEncoded();
+			}
+			catch (IOException e)
+			{
+				throw new OcspException("problem encoding tbsResponseData", e);
+			}
+		}
+
+		public int Version
+		{
+			get { return data.Version.Value.IntValue + 1; }
+		}
+
+		public RespID ResponderId
+		{
+			get { return new RespID(data.ResponderID); }
+		}
+
+		public DateTime ProducedAt
+		{
+			get { return data.ProducedAt.ToDateTime(); }
+		}
+
+		public SingleResp[] Responses
+		{
+			get
+			{
+				Asn1Sequence s = data.Responses;
+				SingleResp[] rs = new SingleResp[s.Count];
+
+				for (int i = 0; i != rs.Length; i++)
+				{
+					rs[i] = new SingleResp(SingleResponse.GetInstance(s[i]));
+				}
+
+				return rs;
+			}
+		}
+
+		public X509Extensions ResponseExtensions
+		{
+			get { return data.ResponseExtensions; }
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return ResponseExtensions;
+		}
+
+		public string SignatureAlgName
+		{
+            get { return OcspUtilities.GetAlgorithmName(resp.SignatureAlgorithm.Algorithm); }
+		}
+
+		public string SignatureAlgOid
+		{
+            get { return resp.SignatureAlgorithm.Algorithm.Id; }
+		}
+
+		[Obsolete("RespData class is no longer required as all functionality is available on this class")]
+		public RespData GetResponseData()
+		{
+			return new RespData(data);
+		}
+
+		public byte[] GetSignature()
+		{
+			return resp.GetSignatureOctets();
+		}
+
+		private IList GetCertList()
+		{
+			// load the certificates and revocation lists if we have any
+
+			IList certs = Platform.CreateArrayList();
+			Asn1Sequence s = resp.Certs;
+
+			if (s != null)
+			{
+				foreach (Asn1Encodable ae in s)
+				{
+					try
+					{
+						certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
+					}
+					catch (IOException ex)
+					{
+						throw new OcspException("can't re-encode certificate!", ex);
+					}
+					catch (CertificateException ex)
+					{
+						throw new OcspException("can't re-encode certificate!", ex);
+					}
+				}
+			}
+
+			return certs;
+		}
+
+		public X509Certificate[] GetCerts()
+		{
+			IList certs = GetCertList();
+            X509Certificate[] result = new X509Certificate[certs.Count];
+            for (int i = 0; i < certs.Count; ++i)
+            {
+                result[i] = (X509Certificate)certs[i];
+            }
+            return result;
+		}
+
+		/// <returns>The certificates, if any, associated with the response.</returns>
+		/// <exception cref="OcspException">In the event of an encoding error.</exception>
+		public IX509Store GetCertificates(
+			string type)
+		{
+			try
+			{
+				return X509StoreFactory.Create(
+					"Certificate/" + type,
+					new X509CollectionStoreParameters(this.GetCertList()));
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("can't setup the CertStore", e);
+			}
+		}
+
+		/// <summary>
+		/// Verify the signature against the tbsResponseData object we contain.
+		/// </summary>
+		public bool Verify(
+			AsymmetricKeyParameter publicKey)
+		{
+			try
+			{
+				ISigner signature = SignerUtilities.GetSigner(this.SignatureAlgName);
+				signature.Init(false, publicKey);
+				byte[] bs = data.GetDerEncoded();
+				signature.BlockUpdate(bs, 0, bs.Length);
+
+				return signature.VerifySignature(this.GetSignature());
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("exception processing sig: " + e, e);
+			}
+		}
+
+		/// <returns>The ASN.1 encoded representation of this object.</returns>
+		public byte[] GetEncoded()
+		{
+			return resp.GetEncoded();
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			BasicOcspResp other = obj as BasicOcspResp;
+
+			if (other == null)
+				return false;
+
+			return resp.Equals(other.resp);
+		}
+
+		public override int GetHashCode()
+		{
+			return resp.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/BasicOCSPRespGenerator.cs b/bc-sharp-crypto/src/ocsp/BasicOCSPRespGenerator.cs
new file mode 100644
index 0000000..0dd4e0a
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/BasicOCSPRespGenerator.cs
@@ -0,0 +1,313 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Crypto.Operators;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * Generator for basic OCSP response objects.
+	 */
+	public class BasicOcspRespGenerator
+	{
+		private readonly IList list = Platform.CreateArrayList();
+
+		private X509Extensions responseExtensions;
+		private RespID responderID;
+
+		private class ResponseObject
+		{
+			internal CertificateID         certId;
+			internal CertStatus            certStatus;
+			internal DerGeneralizedTime    thisUpdate;
+			internal DerGeneralizedTime    nextUpdate;
+			internal X509Extensions        extensions;
+
+			public ResponseObject(
+				CertificateID		certId,
+				CertificateStatus	certStatus,
+				DateTime			thisUpdate,
+				X509Extensions		extensions)
+				: this(certId, certStatus, new DerGeneralizedTime(thisUpdate), null, extensions)
+			{
+			}
+
+			public ResponseObject(
+				CertificateID		certId,
+				CertificateStatus	certStatus,
+				DateTime			thisUpdate,
+				DateTime			nextUpdate,
+				X509Extensions		extensions)
+				: this(certId, certStatus, new DerGeneralizedTime(thisUpdate), new DerGeneralizedTime(nextUpdate), extensions)
+			{
+			}
+
+			private ResponseObject(
+				CertificateID		certId,
+				CertificateStatus	certStatus,
+				DerGeneralizedTime	thisUpdate,
+				DerGeneralizedTime	nextUpdate,
+				X509Extensions		extensions)
+			{
+				this.certId = certId;
+
+				if (certStatus == null)
+				{
+					this.certStatus = new CertStatus();
+				}
+				else if (certStatus is UnknownStatus)
+				{
+					this.certStatus = new CertStatus(2, DerNull.Instance);
+				}
+				else
+				{
+					RevokedStatus rs = (RevokedStatus) certStatus;
+					CrlReason revocationReason = rs.HasRevocationReason
+						?	new CrlReason(rs.RevocationReason)
+						:	null;
+
+					this.certStatus = new CertStatus(
+						new RevokedInfo(new DerGeneralizedTime(rs.RevocationTime), revocationReason));
+				}
+
+				this.thisUpdate = thisUpdate;
+				this.nextUpdate = nextUpdate;
+
+				this.extensions = extensions;
+			}
+
+			public SingleResponse ToResponse()
+			{
+				return new SingleResponse(certId.ToAsn1Object(), certStatus, thisUpdate, nextUpdate, extensions);
+			}
+		}
+
+		/**
+		 * basic constructor
+		 */
+		public BasicOcspRespGenerator(
+			RespID responderID)
+		{
+			this.responderID = responderID;
+		}
+
+		/**
+		 * construct with the responderID to be the SHA-1 keyHash of the passed in public key.
+		 */
+		public BasicOcspRespGenerator(
+			AsymmetricKeyParameter publicKey)
+		{
+			this.responderID = new RespID(publicKey);
+		}
+
+		/**
+		 * Add a response for a particular Certificate ID.
+		 *
+		 * @param certID certificate ID details
+		 * @param certStatus status of the certificate - null if okay
+		 */
+		public void AddResponse(
+			CertificateID		certID,
+			CertificateStatus	certStatus)
+		{
+			list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, null));
+		}
+
+		/**
+		 * Add a response for a particular Certificate ID.
+		 *
+		 * @param certID certificate ID details
+		 * @param certStatus status of the certificate - null if okay
+		 * @param singleExtensions optional extensions
+		 */
+		public void AddResponse(
+			CertificateID		certID,
+			CertificateStatus	certStatus,
+			X509Extensions		singleExtensions)
+		{
+			list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, singleExtensions));
+		}
+
+		/**
+		 * Add a response for a particular Certificate ID.
+		 *
+		 * @param certID certificate ID details
+		 * @param nextUpdate date when next update should be requested
+		 * @param certStatus status of the certificate - null if okay
+		 * @param singleExtensions optional extensions
+		 */
+		public void AddResponse(
+			CertificateID		certID,
+			CertificateStatus	certStatus,
+			DateTime			nextUpdate,
+			X509Extensions		singleExtensions)
+		{
+			list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, nextUpdate, singleExtensions));
+		}
+
+		/**
+		 * Add a response for a particular Certificate ID.
+		 *
+		 * @param certID certificate ID details
+		 * @param thisUpdate date this response was valid on
+		 * @param nextUpdate date when next update should be requested
+		 * @param certStatus status of the certificate - null if okay
+		 * @param singleExtensions optional extensions
+		 */
+		public void AddResponse(
+			CertificateID		certID,
+			CertificateStatus	certStatus,
+			DateTime			thisUpdate,
+			DateTime			nextUpdate,
+			X509Extensions		singleExtensions)
+		{
+			list.Add(new ResponseObject(certID, certStatus, thisUpdate, nextUpdate, singleExtensions));
+		}
+
+		/**
+		 * Set the extensions for the response.
+		 *
+		 * @param responseExtensions the extension object to carry.
+		 */
+		public void SetResponseExtensions(
+			X509Extensions responseExtensions)
+		{
+			this.responseExtensions = responseExtensions;
+		}
+
+		private BasicOcspResp GenerateResponse(
+			ISignatureFactory    signatureCalculator,
+			X509Certificate[]		chain,
+			DateTime				producedAt)
+		{
+            AlgorithmIdentifier signingAlgID = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails;
+            DerObjectIdentifier signingAlgorithm = signingAlgID.Algorithm;
+
+			Asn1EncodableVector responses = new Asn1EncodableVector();
+
+			foreach (ResponseObject respObj in list)
+			{
+				try
+				{
+					responses.Add(respObj.ToResponse());
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("exception creating Request", e);
+				}
+			}
+
+			ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions);
+			DerBitString bitSig = null;
+
+			try
+			{
+                IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator();
+
+				byte[] encoded = tbsResp.GetDerEncoded();
+
+                streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+
+                Platform.Dispose(streamCalculator.Stream);
+
+                bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("exception processing TBSRequest: " + e, e);
+			}
+
+			AlgorithmIdentifier sigAlgId = OcspUtilities.GetSigAlgID(signingAlgorithm);
+
+			DerSequence chainSeq = null;
+			if (chain != null && chain.Length > 0)
+			{
+				Asn1EncodableVector v = new Asn1EncodableVector();
+				try
+				{
+					for (int i = 0; i != chain.Length; i++)
+					{
+						v.Add(
+							X509CertificateStructure.GetInstance(
+								Asn1Object.FromByteArray(chain[i].GetEncoded())));
+					}
+				}
+				catch (IOException e)
+				{
+					throw new OcspException("error processing certs", e);
+				}
+				catch (CertificateEncodingException e)
+				{
+					throw new OcspException("error encoding certs", e);
+				}
+
+				chainSeq = new DerSequence(v);
+			}
+
+			return new BasicOcspResp(new BasicOcspResponse(tbsResp, sigAlgId, bitSig, chainSeq));
+		}
+
+		public BasicOcspResp Generate(
+			string					signingAlgorithm,
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate[]		chain,
+			DateTime				thisUpdate)
+		{
+			return Generate(signingAlgorithm, privateKey, chain, thisUpdate, null);
+		}
+
+		public BasicOcspResp Generate(
+			string					signingAlgorithm,
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate[]		chain,
+			DateTime				producedAt,
+			SecureRandom			random)
+		{
+			if (signingAlgorithm == null)
+			{
+				throw new ArgumentException("no signing algorithm specified");
+			}
+
+			return GenerateResponse(new Asn1SignatureFactory(signingAlgorithm, privateKey, random), chain, producedAt);
+		}
+
+        /// <summary>
+        /// Generate the signed response using the passed in signature calculator.
+        /// </summary>
+        /// <param name="signatureCalculatorFactory">Implementation of signing calculator factory.</param>
+        /// <param name="chain">The certificate chain associated with the response signer.</param>
+        /// <param name="producedAt">"produced at" date.</param>
+        /// <returns></returns>
+        public BasicOcspResp Generate(
+            ISignatureFactory signatureCalculatorFactory,
+            X509Certificate[] chain,
+            DateTime producedAt)
+        {
+            if (signatureCalculatorFactory == null)
+            {
+                throw new ArgumentException("no signature calculator specified");
+            }
+
+            return GenerateResponse(signatureCalculatorFactory, chain, producedAt);
+        }
+
+        /**
+		 * Return an IEnumerable of the signature names supported by the generator.
+		 *
+		 * @return an IEnumerable containing recognised names.
+		 */
+        public IEnumerable SignatureAlgNames
+		{
+			get { return OcspUtilities.AlgNames; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/CertificateID.cs b/bc-sharp-crypto/src/ocsp/CertificateID.cs
new file mode 100644
index 0000000..ec902d5
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/CertificateID.cs
@@ -0,0 +1,141 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class CertificateID
+	{
+		public const string HashSha1 = "1.3.14.3.2.26";
+
+		private readonly CertID id;
+
+		public CertificateID(
+			CertID id)
+		{
+			if (id == null)
+				throw new ArgumentNullException("id");
+
+			this.id = id;
+		}
+
+		/**
+		 * create from an issuer certificate and the serial number of the
+		 * certificate it signed.
+		 * @exception OcspException if any problems occur creating the id fields.
+		 */
+		public CertificateID(
+			string			hashAlgorithm,
+			X509Certificate	issuerCert,
+			BigInteger		serialNumber)
+		{
+			AlgorithmIdentifier hashAlg = new AlgorithmIdentifier(
+				new DerObjectIdentifier(hashAlgorithm), DerNull.Instance);
+
+			this.id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber));
+		}
+
+		public string HashAlgOid
+		{
+            get { return id.HashAlgorithm.Algorithm.Id; }
+		}
+
+		public byte[] GetIssuerNameHash()
+		{
+			return id.IssuerNameHash.GetOctets();
+		}
+
+		public byte[] GetIssuerKeyHash()
+		{
+			return id.IssuerKeyHash.GetOctets();
+		}
+
+		/**
+		 * return the serial number for the certificate associated
+		 * with this request.
+		 */
+		public BigInteger SerialNumber
+		{
+			get { return id.SerialNumber.Value; }
+		}
+
+		public bool MatchesIssuer(
+			X509Certificate	issuerCert)
+		{
+			return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id);
+		}
+
+		public CertID ToAsn1Object()
+		{
+			return id;
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			CertificateID other = obj as CertificateID;
+
+			if (other == null)
+				return false;
+
+			return id.ToAsn1Object().Equals(other.id.ToAsn1Object());
+		}
+
+		public override int GetHashCode()
+		{
+			return id.ToAsn1Object().GetHashCode();
+		}
+
+
+		/**
+		 * Create a new CertificateID for a new serial number derived from a previous one
+		 * calculated for the same CA certificate.
+		 *
+		 * @param original the previously calculated CertificateID for the CA.
+		 * @param newSerialNumber the serial number for the new certificate of interest.
+		 *
+		 * @return a new CertificateID for newSerialNumber
+		 */
+		public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber)
+		{
+			return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash,
+				original.id.IssuerKeyHash, new DerInteger(newSerialNumber)));
+		}
+
+        private static CertID CreateCertID(
+			AlgorithmIdentifier	hashAlg,
+			X509Certificate		issuerCert,
+			DerInteger			serialNumber)
+		{
+			try
+			{
+                String hashAlgorithm = hashAlg.Algorithm.Id;
+
+				X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert);
+				byte[] issuerNameHash = DigestUtilities.CalculateDigest(
+					hashAlgorithm, issuerName.GetEncoded());
+
+				AsymmetricKeyParameter issuerKey = issuerCert.GetPublicKey();
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey);
+				byte[] issuerKeyHash = DigestUtilities.CalculateDigest(
+					hashAlgorithm, info.PublicKeyData.GetBytes());
+
+				return new CertID(hashAlg, new DerOctetString(issuerNameHash),
+					new DerOctetString(issuerKeyHash), serialNumber);
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("problem creating ID: " + e, e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/CertificateStatus.cs b/bc-sharp-crypto/src/ocsp/CertificateStatus.cs
new file mode 100644
index 0000000..edfcc25
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/CertificateStatus.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public abstract class CertificateStatus
+	{
+		public static readonly CertificateStatus Good = null;
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPException.cs b/bc-sharp-crypto/src/ocsp/OCSPException.cs
new file mode 100644
index 0000000..d7b14dd
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Ocsp
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class OcspException
+		: Exception
+	{
+		public OcspException()
+		{
+		}
+
+		public OcspException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public OcspException(
+			string		message,
+			Exception	e)
+			: base(message, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPReq.cs b/bc-sharp-crypto/src/ocsp/OCSPReq.cs
new file mode 100644
index 0000000..0cd95c6
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPReq.cs
@@ -0,0 +1,268 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * <pre>
+	 * OcspRequest     ::=     SEQUENCE {
+	 *       tbsRequest                  TBSRequest,
+	 *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+	 *
+	 *   TBSRequest      ::=     SEQUENCE {
+	 *       version             [0]     EXPLICIT Version DEFAULT v1,
+	 *       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
+	 *       requestList                 SEQUENCE OF Request,
+	 *       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }
+	 *
+	 *   Signature       ::=     SEQUENCE {
+	 *       signatureAlgorithm      AlgorithmIdentifier,
+	 *       signature               BIT STRING,
+	 *       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}
+	 *
+	 *   Version         ::=             INTEGER  {  v1(0) }
+	 *
+	 *   Request         ::=     SEQUENCE {
+	 *       reqCert                     CertID,
+	 *       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }
+	 *
+	 *   CertID          ::=     SEQUENCE {
+	 *       hashAlgorithm       AlgorithmIdentifier,
+	 *       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+	 *       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+	 *       serialNumber        CertificateSerialNumber }
+	 * </pre>
+	 */
+	public class OcspReq
+		: X509ExtensionBase
+	{
+		private OcspRequest req;
+
+		public OcspReq(
+			OcspRequest req)
+		{
+			this.req = req;
+		}
+
+		public OcspReq(
+			byte[] req)
+			: this(new Asn1InputStream(req))
+		{
+		}
+
+		public OcspReq(
+			Stream inStr)
+			: this(new Asn1InputStream(inStr))
+		{
+		}
+
+		private OcspReq(
+			Asn1InputStream aIn)
+		{
+			try
+			{
+				this.req = OcspRequest.GetInstance(aIn.ReadObject());
+			}
+			catch (ArgumentException e)
+			{
+				throw new IOException("malformed request: " + e.Message);
+			}
+			catch (InvalidCastException e)
+			{
+				throw new IOException("malformed request: " + e.Message);
+			}
+		}
+
+		/**
+		 * Return the DER encoding of the tbsRequest field.
+		 * @return DER encoding of tbsRequest
+		 * @throws OcspException in the event of an encoding error.
+		 */
+		public byte[] GetTbsRequest()
+		{
+			try
+			{
+				return req.TbsRequest.GetEncoded();
+			}
+			catch (IOException e)
+			{
+				throw new OcspException("problem encoding tbsRequest", e);
+			}
+		}
+
+		public int Version
+		{
+			get { return req.TbsRequest.Version.Value.IntValue + 1; }
+		}
+
+		public GeneralName RequestorName
+		{
+			get { return GeneralName.GetInstance(req.TbsRequest.RequestorName); }
+		}
+
+		public Req[] GetRequestList()
+		{
+			Asn1Sequence seq = req.TbsRequest.RequestList;
+			Req[] requests = new Req[seq.Count];
+
+			for (int i = 0; i != requests.Length; i++)
+			{
+				requests[i] = new Req(Request.GetInstance(seq[i]));
+			}
+
+			return requests;
+		}
+
+		public X509Extensions RequestExtensions
+		{
+			get { return X509Extensions.GetInstance(req.TbsRequest.RequestExtensions); }
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return RequestExtensions;
+		}
+
+		/**
+		 * return the object identifier representing the signature algorithm
+		 */
+		public string SignatureAlgOid
+		{
+			get
+			{
+				if (!this.IsSigned)
+					return null;
+
+                return req.OptionalSignature.SignatureAlgorithm.Algorithm.Id;
+			}
+		}
+
+		public byte[] GetSignature()
+		{
+			if (!this.IsSigned)
+				return null;
+
+			return req.OptionalSignature.GetSignatureOctets();
+		}
+
+        private IList GetCertList()
+		{
+			// load the certificates if we have any
+
+			IList certs = Platform.CreateArrayList();
+			Asn1Sequence s = req.OptionalSignature.Certs;
+
+			if (s != null)
+			{
+				foreach (Asn1Encodable ae in s)
+				{
+					try
+					{
+						certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded()));
+					}
+					catch (Exception e)
+					{
+						throw new OcspException("can't re-encode certificate!", e);
+					}
+				}
+			}
+
+			return certs;
+		}
+
+		public X509Certificate[] GetCerts()
+		{
+			if (!this.IsSigned)
+				return null;
+
+			IList certs = this.GetCertList();
+            X509Certificate[] result = new X509Certificate[certs.Count];
+            for (int i = 0; i < certs.Count; ++i)
+            {
+                result[i] = (X509Certificate)certs[i];
+            }
+            return result;
+		}
+
+		/**
+		 * If the request is signed return a possibly empty CertStore containing the certificates in the
+		 * request. If the request is not signed the method returns null.
+		 *
+		 * @return null if not signed, a CertStore otherwise
+		 * @throws OcspException
+		 */
+		public IX509Store GetCertificates(
+			string type)
+		{
+			if (!this.IsSigned)
+				return null;
+
+			try
+			{
+				return X509StoreFactory.Create(
+					"Certificate/" + type,
+					new X509CollectionStoreParameters(this.GetCertList()));
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("can't setup the CertStore", e);
+			}
+		}
+
+		/**
+		 * Return whether or not this request is signed.
+		 *
+		 * @return true if signed false otherwise.
+		 */
+		public bool IsSigned
+		{
+			get { return req.OptionalSignature != null; }
+		}
+
+		/**
+		 * Verify the signature against the TBSRequest object we contain.
+		 */
+		public bool Verify(
+			AsymmetricKeyParameter publicKey)
+		{
+			if (!this.IsSigned)
+				throw new OcspException("attempt to Verify signature on unsigned object");
+
+			try
+			{
+				ISigner signature = SignerUtilities.GetSigner(this.SignatureAlgOid);
+
+				signature.Init(false, publicKey);
+
+				byte[] encoded = req.TbsRequest.GetEncoded();
+
+				signature.BlockUpdate(encoded, 0, encoded.Length);
+
+				return signature.VerifySignature(this.GetSignature());
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("exception processing sig: " + e, e);
+			}
+		}
+
+		/**
+		 * return the ASN.1 encoded representation of this object.
+		 */
+		public byte[] GetEncoded()
+		{
+			return req.GetEncoded();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPReqGenerator.cs b/bc-sharp-crypto/src/ocsp/OCSPReqGenerator.cs
new file mode 100644
index 0000000..8032a45
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPReqGenerator.cs
@@ -0,0 +1,243 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class OcspReqGenerator
+	{
+		private IList			list = Platform.CreateArrayList();
+		private GeneralName		requestorName = null;
+		private X509Extensions	requestExtensions = null;
+
+		private class RequestObject
+		{
+			internal CertificateID certId;
+			internal X509Extensions extensions;
+
+			public RequestObject(
+				CertificateID	certId,
+				X509Extensions	extensions)
+			{
+				this.certId = certId;
+				this.extensions = extensions;
+			}
+
+			public Request ToRequest()
+			{
+				return new Request(certId.ToAsn1Object(), extensions);
+			}
+		}
+
+		/**
+		 * Add a request for the given CertificateID.
+		 *
+		 * @param certId certificate ID of interest
+		 */
+		public void AddRequest(
+			CertificateID certId)
+		{
+			list.Add(new RequestObject(certId, null));
+		}
+
+		/**
+		 * Add a request with extensions
+		 *
+		 * @param certId certificate ID of interest
+		 * @param singleRequestExtensions the extensions to attach to the request
+		 */
+		public void AddRequest(
+			CertificateID   certId,
+			X509Extensions  singleRequestExtensions)
+		{
+			list.Add(new RequestObject(certId, singleRequestExtensions));
+		}
+
+		/**
+		* Set the requestor name to the passed in X509Principal
+		*
+		* @param requestorName a X509Principal representing the requestor name.
+		*/
+		public void SetRequestorName(
+		    X509Name requestorName)
+		{
+		    try
+		    {
+		        this.requestorName = new GeneralName(GeneralName.DirectoryName, requestorName);
+		    }
+		    catch (Exception e)
+		    {
+		        throw new ArgumentException("cannot encode principal", e);
+		    }
+		}
+
+		public void SetRequestorName(
+			GeneralName requestorName)
+		{
+			this.requestorName = requestorName;
+		}
+
+		public void SetRequestExtensions(
+			X509Extensions requestExtensions)
+		{
+			this.requestExtensions = requestExtensions;
+		}
+
+		private OcspReq GenerateRequest(
+			DerObjectIdentifier		signingAlgorithm,
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate[]		chain,
+			SecureRandom			random)
+		{
+			Asn1EncodableVector requests = new Asn1EncodableVector();
+
+			foreach (RequestObject reqObj in list)
+			{
+				try
+				{
+					requests.Add(reqObj.ToRequest());
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("exception creating Request", e);
+				}
+			}
+
+			TbsRequest tbsReq = new TbsRequest(requestorName, new DerSequence(requests), requestExtensions);
+
+			ISigner sig = null;
+			Signature signature = null;
+
+			if (signingAlgorithm != null)
+			{
+				if (requestorName == null)
+				{
+					throw new OcspException("requestorName must be specified if request is signed.");
+				}
+
+				try
+				{
+					sig = SignerUtilities.GetSigner(signingAlgorithm.Id);
+					if (random != null)
+					{
+						sig.Init(true, new ParametersWithRandom(privateKey, random));
+					}
+					else
+					{
+						sig.Init(true, privateKey);
+					}
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("exception creating signature: " + e, e);
+				}
+
+				DerBitString bitSig = null;
+
+				try
+				{
+					byte[] encoded = tbsReq.GetEncoded();
+					sig.BlockUpdate(encoded, 0, encoded.Length);
+
+					bitSig = new DerBitString(sig.GenerateSignature());
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("exception processing TBSRequest: " + e, e);
+				}
+
+				AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
+
+				if (chain != null && chain.Length > 0)
+				{
+					Asn1EncodableVector v = new Asn1EncodableVector();
+					try
+					{
+						for (int i = 0; i != chain.Length; i++)
+						{
+							v.Add(
+								X509CertificateStructure.GetInstance(
+									Asn1Object.FromByteArray(chain[i].GetEncoded())));
+						}
+					}
+					catch (IOException e)
+					{
+						throw new OcspException("error processing certs", e);
+					}
+					catch (CertificateEncodingException e)
+					{
+						throw new OcspException("error encoding certs", e);
+					}
+
+					signature = new Signature(sigAlgId, bitSig, new DerSequence(v));
+				}
+				else
+				{
+					signature = new Signature(sigAlgId, bitSig);
+				}
+			}
+
+			return new OcspReq(new OcspRequest(tbsReq, signature));
+		}
+
+		/**
+		 * Generate an unsigned request
+		 *
+		 * @return the OcspReq
+		 * @throws OcspException
+		 */
+		public OcspReq Generate()
+		{
+			return GenerateRequest(null, null, null, null);
+		}
+
+		public OcspReq Generate(
+			string					signingAlgorithm,
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate[]		chain)
+		{
+			return Generate(signingAlgorithm, privateKey, chain, null);
+		}
+
+		public OcspReq Generate(
+			string					signingAlgorithm,
+			AsymmetricKeyParameter	privateKey,
+			X509Certificate[]		chain,
+			SecureRandom			random)
+		{
+			if (signingAlgorithm == null)
+				throw new ArgumentException("no signing algorithm specified");
+
+			try
+			{
+				DerObjectIdentifier oid = OcspUtilities.GetAlgorithmOid(signingAlgorithm);
+
+				return GenerateRequest(oid, privateKey, chain, random);
+			}
+			catch (ArgumentException)
+			{
+				throw new ArgumentException("unknown signing algorithm specified: " + signingAlgorithm);
+			}
+		}
+
+		/**
+		 * Return an IEnumerable of the signature names supported by the generator.
+		 *
+		 * @return an IEnumerable containing recognised names.
+		 */
+		public IEnumerable SignatureAlgNames
+		{
+			get { return OcspUtilities.AlgNames; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPResp.cs b/bc-sharp-crypto/src/ocsp/OCSPResp.cs
new file mode 100644
index 0000000..dc99c6a
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPResp.cs
@@ -0,0 +1,100 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class OcspResp
+	{
+		private OcspResponse resp;
+
+		public OcspResp(
+			OcspResponse resp)
+		{
+			this.resp = resp;
+		}
+
+		public OcspResp(
+			byte[] resp)
+			: this(new Asn1InputStream(resp))
+		{
+		}
+
+		public OcspResp(
+			Stream inStr)
+			: this(new Asn1InputStream(inStr))
+		{
+		}
+
+		private OcspResp(
+			Asn1InputStream aIn)
+		{
+			try
+			{
+				this.resp = OcspResponse.GetInstance(aIn.ReadObject());
+			}
+			catch (Exception e)
+			{
+				throw new IOException("malformed response: " + e.Message, e);
+			}
+		}
+
+		public int Status
+		{
+			get { return this.resp.ResponseStatus.Value.IntValue; }
+		}
+
+		public object GetResponseObject()
+		{
+			ResponseBytes rb = this.resp.ResponseBytes;
+
+			if (rb == null)
+				return null;
+
+			if (rb.ResponseType.Equals(OcspObjectIdentifiers.PkixOcspBasic))
+			{
+				try
+				{
+					return new BasicOcspResp(
+						BasicOcspResponse.GetInstance(
+							Asn1Object.FromByteArray(rb.Response.GetOctets())));
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("problem decoding object: " + e, e);
+				}
+			}
+
+			return rb.Response;
+		}
+
+		/**
+		* return the ASN.1 encoded representation of this object.
+		*/
+		public byte[] GetEncoded()
+		{
+			return resp.GetEncoded();
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			OcspResp other = obj as OcspResp;
+
+			if (other == null)
+				return false;
+
+			return resp.Equals(other.resp);
+		}
+
+		public override int GetHashCode()
+		{
+			return resp.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPRespGenerator.cs b/bc-sharp-crypto/src/ocsp/OCSPRespGenerator.cs
new file mode 100644
index 0000000..e0eb9ae
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPRespGenerator.cs
@@ -0,0 +1,54 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * base generator for an OCSP response - at the moment this only supports the
+	 * generation of responses containing BasicOCSP responses.
+	 */
+	public class OCSPRespGenerator
+	{
+		public const int Successful			= 0;	// Response has valid confirmations
+		public const int MalformedRequest	= 1;	// Illegal confirmation request
+		public const int InternalError		= 2;	// Internal error in issuer
+		public const int TryLater			= 3;	// Try again later
+		// (4) is not used
+		public const int SigRequired		= 5;	// Must sign the request
+		public const int Unauthorized		= 6;	// Request unauthorized
+
+		public OcspResp Generate(
+			int     status,
+			object  response)
+		{
+			if (response == null)
+			{
+				return new OcspResp(new OcspResponse(new OcspResponseStatus(status),null));
+			}
+			if (response is BasicOcspResp)
+			{
+				BasicOcspResp r = (BasicOcspResp)response;
+				Asn1OctetString octs;
+
+				try
+				{
+					octs = new DerOctetString(r.GetEncoded());
+				}
+				catch (Exception e)
+				{
+					throw new OcspException("can't encode object.", e);
+				}
+
+				ResponseBytes rb = new ResponseBytes(
+					OcspObjectIdentifiers.PkixOcspBasic, octs);
+
+				return new OcspResp(new OcspResponse(
+					new OcspResponseStatus(status), rb));
+			}
+
+			throw new OcspException("unknown response object");
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPRespStatus.cs b/bc-sharp-crypto/src/ocsp/OCSPRespStatus.cs
new file mode 100644
index 0000000..9c00c70
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPRespStatus.cs
@@ -0,0 +1,22 @@
+using System;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	[Obsolete("Use version with correct spelling 'OcspRespStatus'")]
+	public abstract class OcscpRespStatus : OcspRespStatus
+	{
+	}
+
+	public abstract class OcspRespStatus
+	{
+		/**
+		 * note 4 is not used.
+		 */
+		public const int Successful = 0;		// --Response has valid confirmations
+		public const int MalformedRequest = 1;	// --Illegal confirmation request
+		public const int InternalError = 2;		// --Internal error in issuer
+		public const int TryLater = 3;			// --Try again later
+		public const int SigRequired = 5;		// --Must sign the request
+		public const int Unauthorized = 6;		//  --Request unauthorized
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/OCSPUtil.cs b/bc-sharp-crypto/src/ocsp/OCSPUtil.cs
new file mode 100644
index 0000000..cbc1e95
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/OCSPUtil.cs
@@ -0,0 +1,132 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	class OcspUtilities
+	{
+		private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary oids = Platform.CreateHashtable();
+		private static readonly ISet noParams = new HashSet();
+
+		static OcspUtilities()
+		{
+			algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+			algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+			algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+			algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+
+			oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+			oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, "RIPEMD160WITHRSA");
+			oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, "RIPEMD128WITHRSA");
+			oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, "RIPEMD256WITHRSA");
+			oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
+			oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+			oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+			oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+
+			//
+			// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+			// The parameters field SHALL be NULL for RSA based signature algorithms.
+			//
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+			noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+		}
+
+		internal static DerObjectIdentifier GetAlgorithmOid(
+			string algorithmName)
+		{
+			algorithmName = Platform.ToUpperInvariant(algorithmName);
+
+            if (algorithms.Contains(algorithmName))
+			{
+				return (DerObjectIdentifier)algorithms[algorithmName];
+			}
+
+			return new DerObjectIdentifier(algorithmName);
+		}
+
+
+		internal static string GetAlgorithmName(
+			DerObjectIdentifier oid)
+		{
+			if (oids.Contains(oid))
+			{
+				return (string)oids[oid];
+			}
+
+			return oid.Id;
+		}
+
+		internal static AlgorithmIdentifier GetSigAlgID(
+			DerObjectIdentifier sigOid)
+		{
+			if (noParams.Contains(sigOid))
+			{
+				return new AlgorithmIdentifier(sigOid);
+			}
+
+			return new AlgorithmIdentifier(sigOid, DerNull.Instance);
+		}
+
+		internal static IEnumerable AlgNames
+		{
+			get { return new EnumerableProxy(algorithms.Keys); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/Req.cs b/bc-sharp-crypto/src/ocsp/Req.cs
new file mode 100644
index 0000000..68fd9f1
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/Req.cs
@@ -0,0 +1,38 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class Req
+		: X509ExtensionBase
+	{
+		private Request req;
+
+		public Req(
+			Request req)
+		{
+			this.req = req;
+		}
+
+		public CertificateID GetCertID()
+		{
+			return new CertificateID(req.ReqCert);
+		}
+
+		public X509Extensions SingleRequestExtensions
+		{
+			get { return req.SingleRequestExtensions; }
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return SingleRequestExtensions;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/RespData.cs b/bc-sharp-crypto/src/ocsp/RespData.cs
new file mode 100644
index 0000000..105726c
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/RespData.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class RespData
+		: X509ExtensionBase
+	{
+		internal readonly ResponseData data;
+
+		public RespData(
+			ResponseData data)
+		{
+			this.data = data;
+		}
+
+		public int Version
+		{
+			get { return data.Version.Value.IntValue + 1; }
+		}
+
+		public RespID GetResponderId()
+		{
+			return new RespID(data.ResponderID);
+		}
+
+		public DateTime ProducedAt
+		{
+			get { return data.ProducedAt.ToDateTime(); }
+		}
+
+		public SingleResp[] GetResponses()
+		{
+			Asn1Sequence s = data.Responses;
+			SingleResp[] rs = new SingleResp[s.Count];
+
+			for (int i = 0; i != rs.Length; i++)
+			{
+				rs[i] = new SingleResp(SingleResponse.GetInstance(s[i]));
+			}
+
+			return rs;
+		}
+
+		public X509Extensions ResponseExtensions
+		{
+			get { return data.ResponseExtensions; }
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return ResponseExtensions;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/RespID.cs b/bc-sharp-crypto/src/ocsp/RespID.cs
new file mode 100644
index 0000000..3238b26
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/RespID.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * Carrier for a ResponderID.
+	 */
+	public class RespID
+	{
+		internal readonly ResponderID id;
+
+		public RespID(
+			ResponderID id)
+		{
+			this.id = id;
+		}
+
+		public RespID(
+			X509Name name)
+		{
+	        this.id = new ResponderID(name);
+		}
+
+		public RespID(
+			AsymmetricKeyParameter publicKey)
+		{
+			try
+			{
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
+
+				byte[] keyHash = DigestUtilities.CalculateDigest("SHA1", info.PublicKeyData.GetBytes());
+
+				this.id = new ResponderID(new DerOctetString(keyHash));
+			}
+			catch (Exception e)
+			{
+				throw new OcspException("problem creating ID: " + e, e);
+			}
+		}
+
+		public ResponderID ToAsn1Object()
+		{
+			return id;
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			RespID other = obj as RespID;
+
+			if (other == null)
+				return false;
+
+			return id.Equals(other.id);
+		}
+
+		public override int GetHashCode()
+		{
+			return id.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/RevokedStatus.cs b/bc-sharp-crypto/src/ocsp/RevokedStatus.cs
new file mode 100644
index 0000000..6e5ad1b
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/RevokedStatus.cs
@@ -0,0 +1,58 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * wrapper for the RevokedInfo object
+	 */
+	public class RevokedStatus
+		: CertificateStatus
+	{
+		internal readonly RevokedInfo info;
+
+		public RevokedStatus(
+			RevokedInfo info)
+		{
+			this.info = info;
+		}
+
+		public RevokedStatus(
+			DateTime	revocationDate,
+			int			reason)
+		{
+			this.info = new RevokedInfo(new DerGeneralizedTime(revocationDate), new CrlReason(reason));
+		}
+
+		public DateTime RevocationTime
+		{
+			get { return info.RevocationTime.ToDateTime(); }
+		}
+
+		public bool HasRevocationReason
+		{
+			get { return (info.RevocationReason != null); }
+		}
+
+		/**
+		 * return the revocation reason. Note: this field is optional, test for it
+		 * with hasRevocationReason() first.
+		 * @exception InvalidOperationException if a reason is asked for and none is avaliable
+		 */
+		public int RevocationReason
+		{
+			get
+			{
+				if (info.RevocationReason == null)
+				{
+					throw new InvalidOperationException("attempt to get a reason where none is available");
+				}
+
+				return info.RevocationReason.Value.IntValue;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/SingleResp.cs b/bc-sharp-crypto/src/ocsp/SingleResp.cs
new file mode 100644
index 0000000..b8979c5
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/SingleResp.cs
@@ -0,0 +1,81 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ocsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	public class SingleResp
+		: X509ExtensionBase
+	{
+		internal readonly SingleResponse resp;
+
+		public SingleResp(
+			SingleResponse resp)
+		{
+			this.resp = resp;
+		}
+
+		public CertificateID GetCertID()
+		{
+			return new CertificateID(resp.CertId);
+		}
+
+		/**
+		 * Return the status object for the response - null indicates good.
+		 *
+		 * @return the status object for the response, null if it is good.
+		 */
+		public object GetCertStatus()
+		{
+			CertStatus s = resp.CertStatus;
+
+			if (s.TagNo == 0)
+			{
+				return null;            // good
+			}
+
+			if (s.TagNo == 1)
+			{
+				return new RevokedStatus(RevokedInfo.GetInstance(s.Status));
+			}
+
+			return new UnknownStatus();
+		}
+
+		public DateTime ThisUpdate
+		{
+			get { return resp.ThisUpdate.ToDateTime(); }
+		}
+
+		/**
+		* return the NextUpdate value - note: this is an optional field so may
+		* be returned as null.
+		*
+		* @return nextUpdate, or null if not present.
+		*/
+		public DateTimeObject NextUpdate
+		{
+			get
+			{
+				return resp.NextUpdate == null
+					?	null
+					:	new DateTimeObject(resp.NextUpdate.ToDateTime());
+			}
+		}
+
+		public X509Extensions SingleExtensions
+		{
+			get { return resp.SingleExtensions; }
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return SingleExtensions;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/ocsp/UnknownStatus.cs b/bc-sharp-crypto/src/ocsp/UnknownStatus.cs
new file mode 100644
index 0000000..c0f7a3a
--- /dev/null
+++ b/bc-sharp-crypto/src/ocsp/UnknownStatus.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Ocsp
+{
+	/**
+	 * wrapper for the UnknownInfo object
+	 */
+	public class UnknownStatus
+		: CertificateStatus
+	{
+		public UnknownStatus()
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/IStreamGenerator.cs b/bc-sharp-crypto/src/openpgp/IStreamGenerator.cs
new file mode 100644
index 0000000..379213a
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/IStreamGenerator.cs
@@ -0,0 +1,7 @@
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public interface IStreamGenerator
+	{
+		void Close();
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PGPKeyRing.cs b/bc-sharp-crypto/src/openpgp/PGPKeyRing.cs
new file mode 100644
index 0000000..6426f3f
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PGPKeyRing.cs
@@ -0,0 +1,79 @@
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public abstract class PgpKeyRing
+		: PgpObject
+	{
+		internal PgpKeyRing()
+		{
+		}
+
+		internal static TrustPacket ReadOptionalTrustPacket(
+			BcpgInputStream bcpgInput)
+		{
+			return (bcpgInput.NextPacketTag() == PacketTag.Trust)
+				?	(TrustPacket) bcpgInput.ReadPacket()
+				:	null;
+		}
+
+		internal static IList ReadSignaturesAndTrust(
+			BcpgInputStream	bcpgInput)
+		{
+			try
+			{
+				IList sigList = Platform.CreateArrayList();
+
+				while (bcpgInput.NextPacketTag() == PacketTag.Signature)
+				{
+					SignaturePacket signaturePacket = (SignaturePacket) bcpgInput.ReadPacket();
+					TrustPacket trustPacket = ReadOptionalTrustPacket(bcpgInput);
+
+					sigList.Add(new PgpSignature(signaturePacket, trustPacket));
+				}
+
+				return sigList;
+			}
+			catch (PgpException e)
+			{
+				throw new IOException("can't create signature object: " + e.Message, e);
+			}
+		}
+
+		internal static void ReadUserIDs(
+			BcpgInputStream	bcpgInput,
+			out IList       ids,
+			out IList       idTrusts,
+			out IList       idSigs)
+		{
+			ids = Platform.CreateArrayList();
+            idTrusts = Platform.CreateArrayList();
+            idSigs = Platform.CreateArrayList();
+
+			while (bcpgInput.NextPacketTag() == PacketTag.UserId
+				|| bcpgInput.NextPacketTag() == PacketTag.UserAttribute)
+			{
+				Packet obj = bcpgInput.ReadPacket();
+				if (obj is UserIdPacket)
+				{
+					UserIdPacket id = (UserIdPacket)obj;
+					ids.Add(id.GetId());
+				}
+				else
+				{
+					UserAttributePacket user = (UserAttributePacket) obj;
+					ids.Add(new PgpUserAttributeSubpacketVector(user.GetSubpackets()));
+				}
+
+				idTrusts.Add(
+					ReadOptionalTrustPacket(bcpgInput));
+
+				idSigs.Add(
+					ReadSignaturesAndTrust(bcpgInput));
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PGPObject.cs b/bc-sharp-crypto/src/openpgp/PGPObject.cs
new file mode 100644
index 0000000..d38276c
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PGPObject.cs
@@ -0,0 +1,9 @@
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public abstract class PgpObject
+	{
+		internal PgpObject()
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs b/bc-sharp-crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs
new file mode 100644
index 0000000..9d56c8b
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs
@@ -0,0 +1,33 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Bcpg.Attr;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public class PgpUserAttributeSubpacketVectorGenerator
+	{
+		private IList list = Platform.CreateArrayList();
+
+		public virtual void SetImageAttribute(
+			ImageAttrib.Format	imageType,
+			byte[]				imageData)
+		{
+			if (imageData == null)
+				throw new ArgumentException("attempt to set null image", "imageData");
+
+			list.Add(new ImageAttrib(imageType, imageData));
+		}
+
+        public virtual PgpUserAttributeSubpacketVector Generate()
+		{
+            UserAttributeSubpacket[] a = new UserAttributeSubpacket[list.Count];
+            for (int i = 0; i < list.Count; ++i)
+            {
+                a[i] = (UserAttributeSubpacket)list[i];
+            }
+            return new PgpUserAttributeSubpacketVector(a);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpCompressedData.cs b/bc-sharp-crypto/src/openpgp/PgpCompressedData.cs
new file mode 100644
index 0000000..e64a17c
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpCompressedData.cs
@@ -0,0 +1,50 @@
+using System.IO;
+
+using Org.BouncyCastle.Apache.Bzip2;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Compressed data objects</remarks>
+    public class PgpCompressedData
+		: PgpObject
+    {
+        private readonly CompressedDataPacket data;
+
+		public PgpCompressedData(
+            BcpgInputStream bcpgInput)
+        {
+            data = (CompressedDataPacket) bcpgInput.ReadPacket();
+        }
+
+		/// <summary>The algorithm used for compression</summary>
+        public CompressionAlgorithmTag Algorithm
+        {
+			get { return data.Algorithm; }
+        }
+
+		/// <summary>Get the raw input stream contained in the object.</summary>
+        public Stream GetInputStream()
+        {
+            return data.GetInputStream();
+        }
+
+		/// <summary>Return an uncompressed input stream which allows reading of the compressed data.</summary>
+        public Stream GetDataStream()
+        {
+            switch (Algorithm)
+            {
+				case CompressionAlgorithmTag.Uncompressed:
+					return GetInputStream();
+				case CompressionAlgorithmTag.Zip:
+					return new ZInputStream(GetInputStream(), true);
+                case CompressionAlgorithmTag.ZLib:
+					return new ZInputStream(GetInputStream());
+				case CompressionAlgorithmTag.BZip2:
+					return new CBZip2InputStream(GetInputStream());
+                default:
+                    throw new PgpException("can't recognise compression algorithm: " + Algorithm);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpCompressedDataGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpCompressedDataGenerator.cs
new file mode 100644
index 0000000..51b6452
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpCompressedDataGenerator.cs
@@ -0,0 +1,221 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Apache.Bzip2;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Zlib;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Class for producing compressed data packets.</remarks>
+	public class PgpCompressedDataGenerator
+		: IStreamGenerator
+	{
+		private readonly CompressionAlgorithmTag algorithm;
+		private readonly int compression;
+
+		private Stream dOut;
+		private BcpgOutputStream pkOut;
+
+		public PgpCompressedDataGenerator(
+			CompressionAlgorithmTag algorithm)
+			: this(algorithm, JZlib.Z_DEFAULT_COMPRESSION)
+		{
+		}
+
+		public PgpCompressedDataGenerator(
+			CompressionAlgorithmTag	algorithm,
+			int						compression)
+		{
+			switch (algorithm)
+			{
+				case CompressionAlgorithmTag.Uncompressed:
+				case CompressionAlgorithmTag.Zip:
+				case CompressionAlgorithmTag.ZLib:
+				case CompressionAlgorithmTag.BZip2:
+					break;
+				default:
+					throw new ArgumentException("unknown compression algorithm", "algorithm");
+			}
+
+			if (compression != JZlib.Z_DEFAULT_COMPRESSION)
+			{
+				if ((compression < JZlib.Z_NO_COMPRESSION) || (compression > JZlib.Z_BEST_COMPRESSION))
+				{
+					throw new ArgumentException("unknown compression level: " + compression);
+				}
+			}
+
+			this.algorithm = algorithm;
+			this.compression = compression;
+		}
+
+		/// <summary>
+		/// <p>
+		/// Return an output stream which will save the data being written to
+		/// the compressed object.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// </summary>
+		/// <param name="outStr">Stream to be used for output.</param>
+		/// <returns>A Stream for output of the compressed data.</returns>
+		/// <exception cref="ArgumentNullException"></exception>
+		/// <exception cref="InvalidOperationException"></exception>
+		/// <exception cref="IOException"></exception>
+		public Stream Open(
+			Stream outStr)
+		{
+			if (dOut != null)
+				throw new InvalidOperationException("generator already in open state");
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			this.pkOut = new BcpgOutputStream(outStr, PacketTag.CompressedData);
+
+			doOpen();
+
+			return new WrappedGeneratorStream(this, dOut);
+		}
+
+		/// <summary>
+		/// <p>
+		/// Return an output stream which will compress the data as it is written to it.
+		/// The stream will be written out in chunks according to the size of the passed in buffer.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// <p>
+		/// <b>Note</b>: if the buffer is not a power of 2 in length only the largest power of 2
+		/// bytes worth of the buffer will be used.
+		/// </p>
+		/// <p>
+		/// <b>Note</b>: using this may break compatibility with RFC 1991 compliant tools.
+		/// Only recent OpenPGP implementations are capable of accepting these streams.
+		/// </p>
+		/// </summary>
+		/// <param name="outStr">Stream to be used for output.</param>
+		/// <param name="buffer">The buffer to use.</param>
+		/// <returns>A Stream for output of the compressed data.</returns>
+		/// <exception cref="ArgumentNullException"></exception>
+		/// <exception cref="InvalidOperationException"></exception>
+		/// <exception cref="IOException"></exception>
+		/// <exception cref="PgpException"></exception>
+		public Stream Open(
+			Stream	outStr,
+			byte[]	buffer)
+		{
+			if (dOut != null)
+				throw new InvalidOperationException("generator already in open state");
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+			if (buffer == null)
+				throw new ArgumentNullException("buffer");
+
+			this.pkOut = new BcpgOutputStream(outStr, PacketTag.CompressedData, buffer);
+
+			doOpen();
+
+			return new WrappedGeneratorStream(this, dOut);
+		}
+
+		private void doOpen()
+		{
+			pkOut.WriteByte((byte) algorithm);
+
+			switch (algorithm)
+			{
+				case CompressionAlgorithmTag.Uncompressed:
+					dOut = pkOut;
+					break;
+				case CompressionAlgorithmTag.Zip:
+					dOut = new SafeZOutputStream(pkOut, compression, true);
+					break;
+				case CompressionAlgorithmTag.ZLib:
+					dOut = new SafeZOutputStream(pkOut, compression, false);
+					break;
+				case CompressionAlgorithmTag.BZip2:
+					dOut = new SafeCBZip2OutputStream(pkOut);
+					break;
+				default:
+					// Constructor should guard against this possibility
+					throw new InvalidOperationException();
+			}
+		}
+
+		/// <summary>Close the compressed object.</summary>summary>
+		public void Close()
+		{
+			if (dOut != null)
+			{
+				if (dOut != pkOut)
+				{
+                    Platform.Dispose(dOut);
+				}
+				dOut = null;
+
+				pkOut.Finish();
+				pkOut.Flush();
+				pkOut = null;
+			}
+		}
+
+		private class SafeCBZip2OutputStream : CBZip2OutputStream
+		{
+			public SafeCBZip2OutputStream(Stream output)
+				: base(output)
+			{
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+				    Finish();
+                    return;
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+				Finish();
+			}
+#endif
+		}
+
+		private class SafeZOutputStream : ZOutputStream
+		{
+			public SafeZOutputStream(Stream output, int level, bool nowrap)
+				: base(output, level, nowrap)
+			{
+			}
+
+#if PORTABLE
+            protected override void Dispose(bool disposing)
+            {
+                if (disposing)
+                {
+				    Finish();
+				    End();
+                    return;
+                }
+                base.Dispose(disposing);
+            }
+#else
+            public override void Close()
+			{
+				Finish();
+				End();
+			}
+#endif
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpDataValidationException.cs b/bc-sharp-crypto/src/openpgp/PgpDataValidationException.cs
new file mode 100644
index 0000000..d06833c
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpDataValidationException.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// Thrown if the IV at the start of a data stream indicates the wrong key is being used.
+	/// </remarks>
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PgpDataValidationException
+        : PgpException
+	{
+		public PgpDataValidationException() : base() {}
+		public PgpDataValidationException(string message) : base(message) {}
+		public PgpDataValidationException(string message, Exception exception) : base(message, exception) {}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpEncryptedData.cs b/bc-sharp-crypto/src/openpgp/PgpEncryptedData.cs
new file mode 100644
index 0000000..558e0b8
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpEncryptedData.cs
@@ -0,0 +1,151 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    public abstract class PgpEncryptedData
+    {
+		internal class TruncatedStream
+			: BaseInputStream
+		{
+			private const int LookAheadSize = 22;
+			private const int LookAheadBufSize = 512;
+			private const int LookAheadBufLimit = LookAheadBufSize - LookAheadSize;
+
+			private readonly Stream inStr;
+			private readonly byte[] lookAhead = new byte[LookAheadBufSize];
+			private int bufStart, bufEnd;
+
+			internal TruncatedStream(
+				Stream inStr)
+			{
+				int numRead = Streams.ReadFully(inStr, lookAhead, 0, lookAhead.Length);
+
+				if (numRead < LookAheadSize)
+					throw new EndOfStreamException();
+
+				this.inStr = inStr;
+				this.bufStart = 0;
+				this.bufEnd = numRead - LookAheadSize;
+			}
+
+			private int FillBuffer()
+			{
+				if (bufEnd < LookAheadBufLimit)
+					return 0;
+
+				Debug.Assert(bufStart == LookAheadBufLimit);
+				Debug.Assert(bufEnd == LookAheadBufLimit);
+
+				Array.Copy(lookAhead, LookAheadBufLimit, lookAhead, 0, LookAheadSize);
+				bufEnd = Streams.ReadFully(inStr, lookAhead, LookAheadSize, LookAheadBufLimit);
+				bufStart = 0;
+				return bufEnd;
+			}
+
+			public override int ReadByte()
+			{
+				if (bufStart < bufEnd)
+					return lookAhead[bufStart++];
+
+				if (FillBuffer() < 1)
+					return -1;
+
+				return lookAhead[bufStart++];
+			}
+
+			public override int Read(byte[] buf, int off, int len)
+			{
+				int avail = bufEnd - bufStart;
+
+				int pos = off;
+				while (len > avail)
+				{
+					Array.Copy(lookAhead, bufStart, buf, pos, avail);
+
+					bufStart += avail;
+					pos += avail;
+					len -= avail;
+
+					if ((avail = FillBuffer()) < 1)
+						return pos - off;
+				}
+
+				Array.Copy(lookAhead, bufStart, buf, pos, len);
+				bufStart += len;
+
+				return pos + len - off;
+			}
+
+			internal byte[] GetLookAhead()
+			{
+				byte[] temp = new byte[LookAheadSize];
+				Array.Copy(lookAhead, bufStart, temp, 0, LookAheadSize);
+				return temp;
+			}
+		}
+
+		internal InputStreamPacket	encData;
+        internal Stream				encStream;
+        internal TruncatedStream	truncStream;
+
+		internal PgpEncryptedData(
+            InputStreamPacket encData)
+        {
+            this.encData = encData;
+        }
+
+		/// <summary>Return the raw input stream for the data stream.</summary>
+        public virtual Stream GetInputStream()
+        {
+            return encData.GetInputStream();
+        }
+
+		/// <summary>Return true if the message is integrity protected.</summary>
+		/// <returns>True, if there is a modification detection code namespace associated
+		/// with this stream.</returns>
+        public bool IsIntegrityProtected()
+        {
+			return encData is SymmetricEncIntegrityPacket;
+        }
+
+		/// <summary>Note: This can only be called after the message has been read.</summary>
+		/// <returns>True, if the message verifies, false otherwise</returns>
+        public bool Verify()
+        {
+            if (!IsIntegrityProtected())
+                throw new PgpException("data not integrity protected.");
+
+			DigestStream dIn = (DigestStream) encStream;
+
+			//
+            // make sure we are at the end.
+            //
+            while (encStream.ReadByte() >= 0)
+            {
+				// do nothing
+            }
+
+			//
+            // process the MDC packet
+            //
+			byte[] lookAhead = truncStream.GetLookAhead();
+
+			IDigest hash = dIn.ReadDigest();
+			hash.BlockUpdate(lookAhead, 0, 2);
+			byte[] digest = DigestUtilities.DoFinal(hash);
+
+			byte[] streamDigest = new byte[digest.Length];
+			Array.Copy(lookAhead, 2, streamDigest, 0, streamDigest.Length);
+
+			return Arrays.ConstantTimeAreEqual(digest, streamDigest);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpEncryptedDataGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpEncryptedDataGenerator.cs
new file mode 100644
index 0000000..014281b
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpEncryptedDataGenerator.cs
@@ -0,0 +1,598 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Generator for encrypted objects.</remarks>
+    public class PgpEncryptedDataGenerator
+		: IStreamGenerator
+    {
+		private BcpgOutputStream	pOut;
+        private CipherStream		cOut;
+        private IBufferedCipher		c;
+        private bool				withIntegrityPacket;
+        private bool				oldFormat;
+        private DigestStream		digestOut;
+
+		private abstract class EncMethod
+            : ContainedPacket
+        {
+            protected byte[]                    sessionInfo;
+            protected SymmetricKeyAlgorithmTag  encAlgorithm;
+            protected KeyParameter              key;
+
+			public abstract void AddSessionInfo(byte[] si, SecureRandom random);
+        }
+
+        private class PbeMethod
+            : EncMethod
+        {
+            private S2k s2k;
+
+            internal PbeMethod(
+                SymmetricKeyAlgorithmTag  encAlgorithm,
+                S2k                       s2k,
+                KeyParameter              key)
+            {
+                this.encAlgorithm = encAlgorithm;
+                this.s2k = s2k;
+                this.key = key;
+            }
+
+            public KeyParameter GetKey()
+            {
+                return key;
+            }
+
+			public override void AddSessionInfo(
+                byte[]			si,
+				SecureRandom	random)
+            {
+                string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm);
+                IBufferedCipher c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
+
+				byte[] iv = new byte[c.GetBlockSize()];
+                c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), random));
+
+				this.sessionInfo = c.DoFinal(si, 0, si.Length - 2);
+			}
+
+			public override void Encode(BcpgOutputStream pOut)
+            {
+                SymmetricKeyEncSessionPacket pk = new SymmetricKeyEncSessionPacket(
+                    encAlgorithm, s2k, sessionInfo);
+
+				pOut.WritePacket(pk);
+            }
+        }
+
+		private class PubMethod
+            : EncMethod
+        {
+			internal PgpPublicKey pubKey;
+            internal byte[][] data;
+
+            internal PubMethod(PgpPublicKey pubKey)
+            {
+                this.pubKey = pubKey;
+            }
+
+            public override void AddSessionInfo(
+                byte[]			sessionInfo,
+				SecureRandom	random)
+            {
+                byte[] encryptedSessionInfo = EncryptSessionInfo(sessionInfo, random);
+
+                this.data = ProcessSessionInfo(encryptedSessionInfo);
+            }
+
+            private byte[] EncryptSessionInfo(byte[] sessionInfo, SecureRandom random)
+            {
+                if (pubKey.Algorithm != PublicKeyAlgorithmTag.ECDH)
+                {
+                    IBufferedCipher c;
+				    switch (pubKey.Algorithm)
+                    {
+                        case PublicKeyAlgorithmTag.RsaEncrypt:
+                        case PublicKeyAlgorithmTag.RsaGeneral:
+                            c = CipherUtilities.GetCipher("RSA//PKCS1Padding");
+                            break;
+                        case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                        case PublicKeyAlgorithmTag.ElGamalGeneral:
+                            c = CipherUtilities.GetCipher("ElGamal/ECB/PKCS1Padding");
+                            break;
+                        case PublicKeyAlgorithmTag.Dsa:
+                            throw new PgpException("Can't use DSA for encryption.");
+                        case PublicKeyAlgorithmTag.ECDsa:
+                            throw new PgpException("Can't use ECDSA for encryption.");
+                        default:
+                            throw new PgpException("unknown asymmetric algorithm: " + pubKey.Algorithm);
+                    }
+
+                    AsymmetricKeyParameter akp = pubKey.GetKey();
+				    c.Init(true, new ParametersWithRandom(akp, random));
+                    return c.DoFinal(sessionInfo);
+                }
+
+                ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKey.PublicKeyPacket.Key;
+
+                // Generate the ephemeral key pair
+                IAsymmetricCipherKeyPairGenerator gen = GeneratorUtilities.GetKeyPairGenerator("ECDH");
+                gen.Init(new ECKeyGenerationParameters(ecKey.CurveOid, random));
+
+                AsymmetricCipherKeyPair ephKp = gen.GenerateKeyPair();
+                ECPrivateKeyParameters ephPriv = (ECPrivateKeyParameters)ephKp.Private;
+                ECPublicKeyParameters ephPub = (ECPublicKeyParameters)ephKp.Public;
+
+                ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey.GetKey();
+                ECPoint S = pub.Q.Multiply(ephPriv.D).Normalize();
+
+                KeyParameter key = new KeyParameter(Rfc6637Utilities.CreateKey(pubKey.PublicKeyPacket, S));
+
+                IWrapper w = PgpUtilities.CreateWrapper(ecKey.SymmetricKeyAlgorithm);
+                w.Init(true, new ParametersWithRandom(key, random));
+
+                byte[] paddedSessionData = PgpPad.PadSessionData(sessionInfo);
+
+                byte[] C = w.Wrap(paddedSessionData, 0, paddedSessionData.Length);
+                byte[] VB = new MPInteger(new BigInteger(1, ephPub.Q.GetEncoded(false))).GetEncoded();
+
+                byte[] rv = new byte[VB.Length + 1 + C.Length];
+
+                Array.Copy(VB, 0, rv, 0, VB.Length);
+                rv[VB.Length] = (byte)C.Length;
+                Array.Copy(C, 0, rv, VB.Length + 1, C.Length);
+
+                return rv;
+            }
+
+            private byte[][] ProcessSessionInfo(byte[] encryptedSessionInfo)
+            {
+                byte[][] data;
+
+                switch (pubKey.Algorithm)
+                {
+                case PublicKeyAlgorithmTag.RsaEncrypt:
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                    data = new byte[][] { ConvertToEncodedMpi(encryptedSessionInfo) };
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    int halfLength = encryptedSessionInfo.Length / 2;
+                    byte[] b1 = new byte[halfLength];
+                    byte[] b2 = new byte[halfLength];
+
+                    Array.Copy(encryptedSessionInfo, 0, b1, 0, halfLength);
+                    Array.Copy(encryptedSessionInfo, halfLength, b2, 0, halfLength);
+
+                    data = new byte[][] {
+                        ConvertToEncodedMpi(b1),
+                        ConvertToEncodedMpi(b2),
+                    };
+                    break;
+                case PublicKeyAlgorithmTag.ECDH:
+                    data = new byte[][]{ encryptedSessionInfo };
+                    break;
+                default:
+                    throw new PgpException("unknown asymmetric algorithm: " + pubKey.Algorithm);
+                }
+
+                return data;
+            }
+
+            private byte[] ConvertToEncodedMpi(byte[] encryptedSessionInfo)
+            {
+                try
+                {
+                    return new MPInteger(new BigInteger(1, encryptedSessionInfo)).GetEncoded();
+                }
+                catch (IOException e)
+                {
+                    throw new PgpException("Invalid MPI encoding: " + e.Message, e);
+                }
+            }
+
+            public override void Encode(BcpgOutputStream pOut)
+            {
+                PublicKeyEncSessionPacket pk = new PublicKeyEncSessionPacket(pubKey.KeyId, pubKey.Algorithm, data);
+
+                pOut.WritePacket(pk);
+            }
+        }
+
+		private readonly IList methods = Platform.CreateArrayList();
+        private readonly SymmetricKeyAlgorithmTag defAlgorithm;
+        private readonly SecureRandom rand;
+
+		public PgpEncryptedDataGenerator(
+			SymmetricKeyAlgorithmTag encAlgorithm)
+		{
+			this.defAlgorithm = encAlgorithm;
+			this.rand = new SecureRandom();
+		}
+
+		public PgpEncryptedDataGenerator(
+			SymmetricKeyAlgorithmTag	encAlgorithm,
+			bool						withIntegrityPacket)
+		{
+			this.defAlgorithm = encAlgorithm;
+			this.withIntegrityPacket = withIntegrityPacket;
+			this.rand = new SecureRandom();
+		}
+
+		/// <summary>Existing SecureRandom constructor.</summary>
+		/// <param name="encAlgorithm">The symmetric algorithm to use.</param>
+		/// <param name="rand">Source of randomness.</param>
+        public PgpEncryptedDataGenerator(
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            SecureRandom				rand)
+        {
+            this.defAlgorithm = encAlgorithm;
+            this.rand = rand;
+        }
+
+		/// <summary>Creates a cipher stream which will have an integrity packet associated with it.</summary>
+        public PgpEncryptedDataGenerator(
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            bool						withIntegrityPacket,
+            SecureRandom				rand)
+        {
+            this.defAlgorithm = encAlgorithm;
+            this.rand = rand;
+            this.withIntegrityPacket = withIntegrityPacket;
+        }
+
+		/// <summary>Base constructor.</summary>
+		/// <param name="encAlgorithm">The symmetric algorithm to use.</param>
+		/// <param name="rand">Source of randomness.</param>
+		/// <param name="oldFormat">PGP 2.6.x compatibility required.</param>
+        public PgpEncryptedDataGenerator(
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            SecureRandom				rand,
+            bool						oldFormat)
+        {
+            this.defAlgorithm = encAlgorithm;
+            this.rand = rand;
+            this.oldFormat = oldFormat;
+        }
+
+		/// <summary>
+		/// Add a PBE encryption method to the encrypted object using the default algorithm (S2K_SHA1).
+		/// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        [Obsolete("Use version that takes an explicit s2kDigest parameter")]
+        public void AddMethod(char[] passPhrase)
+		{
+			AddMethod(passPhrase, HashAlgorithmTag.Sha1);
+		}
+
+        /// <summary>Add a PBE encryption method to the encrypted object.</summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public void AddMethod(char[] passPhrase, HashAlgorithmTag s2kDigest)
+        {
+            DoAddMethod(PgpUtilities.EncodePassPhrase(passPhrase, false), true, s2kDigest);
+        }
+
+        /// <summary>Add a PBE encryption method to the encrypted object.</summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public void AddMethodUtf8(char[] passPhrase, HashAlgorithmTag s2kDigest)
+        {
+            DoAddMethod(PgpUtilities.EncodePassPhrase(passPhrase, true), true, s2kDigest);
+        }
+
+        /// <summary>Add a PBE encryption method to the encrypted object.</summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public void AddMethodRaw(byte[] rawPassPhrase, HashAlgorithmTag s2kDigest)
+        {
+            DoAddMethod(rawPassPhrase, false, s2kDigest);
+        }
+
+        internal void DoAddMethod(byte[] rawPassPhrase, bool clearPassPhrase, HashAlgorithmTag s2kDigest)
+        {
+            S2k s2k = PgpUtilities.GenerateS2k(s2kDigest, 0x60, rand);
+
+            methods.Add(new PbeMethod(defAlgorithm, s2k, PgpUtilities.DoMakeKeyFromPassPhrase(defAlgorithm, s2k, rawPassPhrase, clearPassPhrase)));
+        }
+
+        /// <summary>Add a public key encrypted session key to the encrypted object.</summary>
+        public void AddMethod(
+            PgpPublicKey key)
+        {
+			if (!key.IsEncryptionKey)
+            {
+                throw new ArgumentException("passed in key not an encryption key!");
+            }
+
+			methods.Add(new PubMethod(key));
+        }
+
+		private void AddCheckSum(
+            byte[] sessionInfo)
+        {
+			Debug.Assert(sessionInfo != null);
+			Debug.Assert(sessionInfo.Length >= 3);
+
+			int check = 0;
+
+			for (int i = 1; i < sessionInfo.Length - 2; i++)
+            {
+                check += sessionInfo[i];
+            }
+
+			sessionInfo[sessionInfo.Length - 2] = (byte)(check >> 8);
+            sessionInfo[sessionInfo.Length - 1] = (byte)(check);
+        }
+
+		private byte[] CreateSessionInfo(
+			SymmetricKeyAlgorithmTag	algorithm,
+			KeyParameter				key)
+		{
+			byte[] keyBytes = key.GetKey();
+			byte[] sessionInfo = new byte[keyBytes.Length + 3];
+			sessionInfo[0] = (byte) algorithm;
+			keyBytes.CopyTo(sessionInfo, 1);
+			AddCheckSum(sessionInfo);
+			return sessionInfo;
+		}
+
+		/// <summary>
+		/// <p>
+		/// If buffer is non null stream assumed to be partial, otherwise the length will be used
+		/// to output a fixed length packet.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// </summary>
+        private Stream Open(
+            Stream	outStr,
+            long	length,
+            byte[]	buffer)
+        {
+			if (cOut != null)
+				throw new InvalidOperationException("generator already in open state");
+			if (methods.Count == 0)
+				throw new InvalidOperationException("No encryption methods specified");
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			pOut = new BcpgOutputStream(outStr);
+
+			KeyParameter key;
+
+			if (methods.Count == 1)
+            {
+                if (methods[0] is PbeMethod)
+                {
+                    PbeMethod m = (PbeMethod)methods[0];
+
+					key = m.GetKey();
+                }
+                else
+                {
+                    key = PgpUtilities.MakeRandomKey(defAlgorithm, rand);
+
+					byte[] sessionInfo = CreateSessionInfo(defAlgorithm, key);
+                    PubMethod m = (PubMethod)methods[0];
+
+                    try
+                    {
+                        m.AddSessionInfo(sessionInfo, rand);
+                    }
+                    catch (Exception e)
+                    {
+                        throw new PgpException("exception encrypting session key", e);
+                    }
+                }
+
+				pOut.WritePacket((ContainedPacket)methods[0]);
+            }
+            else // multiple methods
+            {
+                key = PgpUtilities.MakeRandomKey(defAlgorithm, rand);
+				byte[] sessionInfo = CreateSessionInfo(defAlgorithm, key);
+
+				for (int i = 0; i != methods.Count; i++)
+                {
+                    EncMethod m = (EncMethod)methods[i];
+
+                    try
+                    {
+                        m.AddSessionInfo(sessionInfo, rand);
+                    }
+                    catch (Exception e)
+                    {
+                        throw new PgpException("exception encrypting session key", e);
+                    }
+
+                    pOut.WritePacket(m);
+                }
+            }
+
+            string cName = PgpUtilities.GetSymmetricCipherName(defAlgorithm);
+			if (cName == null)
+            {
+                throw new PgpException("null cipher specified");
+            }
+
+			try
+            {
+                if (withIntegrityPacket)
+                {
+                    cName += "/CFB/NoPadding";
+                }
+                else
+                {
+                    cName += "/OpenPGPCFB/NoPadding";
+                }
+
+                c = CipherUtilities.GetCipher(cName);
+
+				// TODO Confirm the IV should be all zero bytes (not inLineIv - see below)
+				byte[] iv = new byte[c.GetBlockSize()];
+                c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), rand));
+
+                if (buffer == null)
+                {
+                    //
+                    // we have to Add block size + 2 for the Generated IV and + 1 + 22 if integrity protected
+                    //
+                    if (withIntegrityPacket)
+                    {
+                        pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, length + c.GetBlockSize() + 2 + 1 + 22);
+                        pOut.WriteByte(1);        // version number
+                    }
+                    else
+                    {
+                        pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, length + c.GetBlockSize() + 2, oldFormat);
+                    }
+                }
+                else
+                {
+                    if (withIntegrityPacket)
+                    {
+                        pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, buffer);
+                        pOut.WriteByte(1);        // version number
+                    }
+                    else
+                    {
+                        pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, buffer);
+                    }
+                }
+
+				int blockSize = c.GetBlockSize();
+				byte[] inLineIv = new byte[blockSize + 2];
+                rand.NextBytes(inLineIv, 0, blockSize);
+				Array.Copy(inLineIv, inLineIv.Length - 4, inLineIv, inLineIv.Length - 2, 2);
+
+				Stream myOut = cOut = new CipherStream(pOut, null, c);
+
+				if (withIntegrityPacket)
+                {
+					string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
+					IDigest digest = DigestUtilities.GetDigest(digestName);
+					myOut = digestOut = new DigestStream(myOut, null, digest);
+                }
+
+				myOut.Write(inLineIv, 0, inLineIv.Length);
+
+				return new WrappedGeneratorStream(this, myOut);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception creating cipher", e);
+            }
+        }
+
+		/// <summary>
+		/// <p>
+		/// Return an output stream which will encrypt the data as it is written to it.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// </summary>
+        public Stream Open(
+            Stream	outStr,
+            long	length)
+        {
+            return Open(outStr, length, null);
+        }
+
+		/// <summary>
+		/// <p>
+		/// Return an output stream which will encrypt the data as it is written to it.
+		/// The stream will be written out in chunks according to the size of the passed in buffer.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// <p>
+		/// <b>Note</b>: if the buffer is not a power of 2 in length only the largest power of 2
+		/// bytes worth of the buffer will be used.
+		/// </p>
+		/// </summary>
+        public Stream Open(
+            Stream	outStr,
+            byte[]	buffer)
+        {
+            return Open(outStr, 0, buffer);
+        }
+
+		/// <summary>
+		/// <p>
+		/// Close off the encrypted object - this is equivalent to calling Close() on the stream
+		/// returned by the Open() method.
+		/// </p>
+		/// <p>
+		/// <b>Note</b>: This does not close the underlying output stream, only the stream on top of
+		/// it created by the Open() method.
+		/// </p>
+		/// </summary>
+        public void Close()
+        {
+            if (cOut != null)
+            {
+				// TODO Should this all be under the try/catch block?
+                if (digestOut != null)
+                {
+                    //
+                    // hand code a mod detection packet
+                    //
+                    BcpgOutputStream bOut = new BcpgOutputStream(
+						digestOut, PacketTag.ModificationDetectionCode, 20);
+
+                    bOut.Flush();
+                    digestOut.Flush();
+
+					// TODO
+					byte[] dig = DigestUtilities.DoFinal(digestOut.WriteDigest());
+					cOut.Write(dig, 0, dig.Length);
+                }
+
+				cOut.Flush();
+
+				try
+                {
+					pOut.Write(c.DoFinal());
+                    pOut.Finish();
+                }
+                catch (Exception e)
+                {
+                    throw new IOException(e.Message, e);
+                }
+
+				cOut = null;
+				pOut = null;
+            }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpEncryptedDataList.cs b/bc-sharp-crypto/src/openpgp/PgpEncryptedDataList.cs
new file mode 100644
index 0000000..8dded7c
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpEncryptedDataList.cs
@@ -0,0 +1,72 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A holder for a list of PGP encryption method packets.</remarks>
+    public class PgpEncryptedDataList
+		: PgpObject
+    {
+        private IList list = Platform.CreateArrayList();
+        private InputStreamPacket data;
+
+		public PgpEncryptedDataList(
+            BcpgInputStream bcpgInput)
+        {
+            while (bcpgInput.NextPacketTag() == PacketTag.PublicKeyEncryptedSession
+                || bcpgInput.NextPacketTag() == PacketTag.SymmetricKeyEncryptedSessionKey)
+            {
+                list.Add(bcpgInput.ReadPacket());
+            }
+
+			data = (InputStreamPacket)bcpgInput.ReadPacket();
+
+			for (int i = 0; i != list.Count; i++)
+            {
+                if (list[i] is SymmetricKeyEncSessionPacket)
+                {
+                    list[i] = new PgpPbeEncryptedData((SymmetricKeyEncSessionPacket) list[i], data);
+                }
+                else
+                {
+                    list[i] = new PgpPublicKeyEncryptedData((PublicKeyEncSessionPacket) list[i], data);
+                }
+            }
+        }
+
+		public PgpEncryptedData this[int index]
+		{
+			get { return (PgpEncryptedData) list[index]; }
+		}
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public object Get(int index)
+        {
+            return this[index];
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+        {
+			get { return list.Count; }
+        }
+
+		public int Count
+		{
+			get { return list.Count; }
+		}
+
+		public bool IsEmpty
+        {
+			get { return list.Count == 0; }
+        }
+
+		public IEnumerable GetEncryptedDataObjects()
+        {
+            return new EnumerableProxy(list);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpException.cs b/bc-sharp-crypto/src/openpgp/PgpException.cs
new file mode 100644
index 0000000..230dab8
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpException.cs
@@ -0,0 +1,22 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Generic exception class for PGP encoding/decoding problems.</remarks>
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PgpException
+		: Exception
+	{
+		public PgpException() : base() {}
+		public PgpException(string message) : base(message) {}
+		public PgpException(string message, Exception exception) : base(message, exception) {}
+
+		[Obsolete("Use InnerException property")]
+		public Exception UnderlyingException
+		{
+			get { return InnerException; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpExperimental.cs b/bc-sharp-crypto/src/openpgp/PgpExperimental.cs
new file mode 100644
index 0000000..8518335
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpExperimental.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public class PgpExperimental
+		: PgpObject
+	{
+		private readonly ExperimentalPacket p;
+
+		public PgpExperimental(
+			BcpgInputStream bcpgIn)
+		{
+			p = (ExperimentalPacket) bcpgIn.ReadPacket();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpKeyFlags.cs b/bc-sharp-crypto/src/openpgp/PgpKeyFlags.cs
new file mode 100644
index 0000000..ea18006
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpKeyFlags.cs
@@ -0,0 +1,13 @@
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Key flag values for the KeyFlags subpacket.</remarks>
+    public abstract class PgpKeyFlags
+    {
+        public const int CanCertify = 0x01; // This key may be used to certify other keys.
+        public const int CanSign = 0x02; // This key may be used to sign data.
+        public const int CanEncryptCommunications = 0x04; // This key may be used to encrypt communications.
+        public const int CanEncryptStorage = 0x08; // This key may be used to encrypt storage.
+        public const int MaybeSplit = 0x10; // The private component of this key may have been split by a secret-sharing mechanism.
+        public const int MaybeShared = 0x80; // The private component of this key may be in the possession of more than one person.
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpKeyPair.cs b/bc-sharp-crypto/src/openpgp/PgpKeyPair.cs
new file mode 100644
index 0000000..9cf78fa
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpKeyPair.cs
@@ -0,0 +1,67 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// General class to handle JCA key pairs and convert them into OpenPGP ones.
+	/// <p>
+	/// A word for the unwary, the KeyId for an OpenPGP public key is calculated from
+	/// a hash that includes the time of creation, if you pass a different date to the
+	/// constructor below with the same public private key pair the KeyIs will not be the
+	/// same as for previous generations of the key, so ideally you only want to do
+	/// this once.
+	/// </p>
+	/// </remarks>
+    public class PgpKeyPair
+    {
+        private readonly PgpPublicKey	pub;
+        private readonly PgpPrivateKey	priv;
+
+		public PgpKeyPair(
+            PublicKeyAlgorithmTag	algorithm,
+            AsymmetricCipherKeyPair	keyPair,
+            DateTime				time)
+			: this(algorithm, keyPair.Public, keyPair.Private, time)
+        {
+        }
+
+		public PgpKeyPair(
+            PublicKeyAlgorithmTag	algorithm,
+            AsymmetricKeyParameter	pubKey,
+            AsymmetricKeyParameter	privKey,
+            DateTime				time)
+        {
+            this.pub = new PgpPublicKey(algorithm, pubKey, time);
+			this.priv = new PgpPrivateKey(pub.KeyId, pub.PublicKeyPacket, privKey);
+        }
+
+		/// <summary>Create a key pair from a PgpPrivateKey and a PgpPublicKey.</summary>
+		/// <param name="pub">The public key.</param>
+		/// <param name="priv">The private key.</param>
+        public PgpKeyPair(
+            PgpPublicKey	pub,
+            PgpPrivateKey	priv)
+        {
+            this.pub = pub;
+            this.priv = priv;
+        }
+
+		/// <summary>The keyId associated with this key pair.</summary>
+        public long KeyId
+        {
+            get { return pub.KeyId; }
+        }
+
+		public PgpPublicKey PublicKey
+        {
+			get { return pub; }
+        }
+
+		public PgpPrivateKey PrivateKey
+        {
+			get { return priv; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpKeyRingGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpKeyRingGenerator.cs
new file mode 100644
index 0000000..4f6a4b1
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpKeyRingGenerator.cs
@@ -0,0 +1,402 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// Generator for a PGP master and subkey ring.
+	/// This class will generate both the secret and public key rings
+	/// </remarks>
+    public class PgpKeyRingGenerator
+    {
+        private IList					    keys = Platform.CreateArrayList();
+        private string                      id;
+        private SymmetricKeyAlgorithmTag	encAlgorithm;
+        private HashAlgorithmTag            hashAlgorithm;
+        private int                         certificationLevel;
+        private byte[]                      rawPassPhrase;
+		private bool						useSha1;
+		private PgpKeyPair                  masterKey;
+        private PgpSignatureSubpacketVector hashedPacketVector;
+        private PgpSignatureSubpacketVector unhashedPacketVector;
+        private SecureRandom				rand;
+
+		/// <summary>
+		/// Create a new key ring generator using old style checksumming. It is recommended to use
+		/// SHA1 checksumming where possible.
+		/// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        /// <param name="certificationLevel">The certification level for keys on this ring.</param>
+		/// <param name="masterKey">The master key pair.</param>
+		/// <param name="id">The id to be associated with the ring.</param>
+		/// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+		/// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
+		/// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+		/// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+		/// <param name="rand">input secured random.</param>
+        [Obsolete("Use version taking an explicit 'useSha1' parameter instead")]
+		public PgpKeyRingGenerator(
+			int							certificationLevel,
+			PgpKeyPair					masterKey,
+			string						id,
+			SymmetricKeyAlgorithmTag	encAlgorithm,
+			char[]						passPhrase,
+			PgpSignatureSubpacketVector	hashedPackets,
+			PgpSignatureSubpacketVector	unhashedPackets,
+			SecureRandom				rand)
+			: this(certificationLevel, masterKey, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
+		{
+		}
+
+		/// <summary>
+		/// Create a new key ring generator.
+		/// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        /// <param name="certificationLevel">The certification level for keys on this ring.</param>
+		/// <param name="masterKey">The master key pair.</param>
+		/// <param name="id">The id to be associated with the ring.</param>
+		/// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+		/// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
+		/// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+		/// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+		/// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+		/// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int							certificationLevel,
+            PgpKeyPair					masterKey,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            char[]						passPhrase,
+			bool						useSha1,
+			PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, masterKey, id, encAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+		/// <summary>
+		/// Create a new key ring generator.
+		/// </summary>
+		/// <param name="certificationLevel">The certification level for keys on this ring.</param>
+		/// <param name="masterKey">The master key pair.</param>
+		/// <param name="id">The id to be associated with the ring.</param>
+		/// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+        /// <param name="utf8PassPhrase">
+        /// If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
+        /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
+        /// </param>
+        /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
+		/// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+		/// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+		/// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+		/// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int							certificationLevel,
+            PgpKeyPair					masterKey,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            bool                        utf8PassPhrase,
+            char[]						passPhrase,
+			bool						useSha1,
+			PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, masterKey, id, encAlgorithm,
+                PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase),
+                useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <summary>
+		/// Create a new key ring generator.
+		/// </summary>
+		/// <param name="certificationLevel">The certification level for keys on this ring.</param>
+		/// <param name="masterKey">The master key pair.</param>
+		/// <param name="id">The id to be associated with the ring.</param>
+		/// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+		/// <param name="rawPassPhrase">The passPhrase to be used to protect secret keys.</param>
+		/// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+		/// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+		/// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+		/// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int							certificationLevel,
+            PgpKeyPair					masterKey,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            byte[]						rawPassPhrase,
+			bool						useSha1,
+			PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+        {
+            this.certificationLevel = certificationLevel;
+            this.masterKey = masterKey;
+            this.id = id;
+            this.encAlgorithm = encAlgorithm;
+            this.rawPassPhrase = rawPassPhrase;
+			this.useSha1 = useSha1;
+			this.hashedPacketVector = hashedPackets;
+            this.unhashedPacketVector = unhashedPackets;
+            this.rand = rand;
+
+			keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand));
+        }
+
+        /// <summary>
+        /// Create a new key ring generator.
+        /// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        /// <param name="certificationLevel">The certification level for keys on this ring.</param>
+        /// <param name="masterKey">The master key pair.</param>
+        /// <param name="id">The id to be associated with the ring.</param>
+        /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+        /// <param name="hashAlgorithm">The hash algorithm.</param>
+        /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
+        /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+        /// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+        /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+        /// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int                         certificationLevel,
+            PgpKeyPair                  masterKey,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            char[]                      passPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <summary>
+        /// Create a new key ring generator.
+        /// </summary>
+        /// <param name="certificationLevel">The certification level for keys on this ring.</param>
+        /// <param name="masterKey">The master key pair.</param>
+        /// <param name="id">The id to be associated with the ring.</param>
+        /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+        /// <param name="hashAlgorithm">The hash algorithm.</param>
+        /// <param name="utf8PassPhrase">
+        /// If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
+        /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
+        /// </param>
+        /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param>
+        /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+        /// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+        /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+        /// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int                         certificationLevel,
+            PgpKeyPair                  masterKey,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            bool                        utf8PassPhrase,
+            char[]                      passPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm,
+                PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase),
+                useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <summary>
+        /// Create a new key ring generator.
+        /// </summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        /// <param name="certificationLevel">The certification level for keys on this ring.</param>
+        /// <param name="masterKey">The master key pair.</param>
+        /// <param name="id">The id to be associated with the ring.</param>
+        /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param>
+        /// <param name="hashAlgorithm">The hash algorithm.</param>
+        /// <param name="rawPassPhrase">The passPhrase to be used to protect secret keys.</param>
+        /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param>
+        /// <param name="hashedPackets">Packets to be included in the certification hash.</param>
+        /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param>
+        /// <param name="rand">input secured random.</param>
+        public PgpKeyRingGenerator(
+            int                         certificationLevel,
+            PgpKeyPair                  masterKey,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            byte[]                      rawPassPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+        {
+            this.certificationLevel = certificationLevel;
+            this.masterKey = masterKey;
+            this.id = id;
+            this.encAlgorithm = encAlgorithm;
+            this.rawPassPhrase = rawPassPhrase;
+            this.useSha1 = useSha1;
+            this.hashedPacketVector = hashedPackets;
+            this.unhashedPacketVector = unhashedPackets;
+            this.rand = rand;
+            this.hashAlgorithm = hashAlgorithm;
+
+            keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand));
+        }
+
+		/// <summary>Add a subkey to the key ring to be generated with default certification.</summary>
+        public void AddSubKey(
+            PgpKeyPair keyPair)
+        {
+			AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector);
+		}
+
+
+        /// <summary>
+        /// Add a subkey to the key ring to be generated with default certification.
+        /// </summary>
+        /// <param name="keyPair">The key pair.</param>
+        /// <param name="hashAlgorithm">The hash algorithm.</param>
+        public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm)
+        {
+            this.AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector, hashAlgorithm);
+        }
+
+		/// <summary>
+		/// Add a subkey with specific hashed and unhashed packets associated with it and
+		/// default certification.
+		/// </summary>
+		/// <param name="keyPair">Public/private key pair.</param>
+		/// <param name="hashedPackets">Hashed packet values to be included in certification.</param>
+		/// <param name="unhashedPackets">Unhashed packets values to be included in certification.</param>
+		/// <exception cref="PgpException"></exception>
+		public void AddSubKey(
+			PgpKeyPair					keyPair,
+			PgpSignatureSubpacketVector	hashedPackets,
+			PgpSignatureSubpacketVector	unhashedPackets)
+		{
+			try
+            {
+                PgpSignatureGenerator sGen = new PgpSignatureGenerator(
+					masterKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+
+				//
+                // Generate the certification
+                //
+                sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey);
+
+				sGen.SetHashedSubpackets(hashedPackets);
+                sGen.SetUnhashedSubpackets(unhashedPackets);
+
+				IList subSigs = Platform.CreateArrayList();
+
+				subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey));
+
+				keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm,
+                    rawPassPhrase, false, useSha1, rand, false));
+			}
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("exception adding subkey: ", e);
+            }
+        }
+
+        /// <summary>
+        /// Add a subkey with specific hashed and unhashed packets associated with it and
+        /// default certification.
+        /// </summary>
+        /// <param name="keyPair">Public/private key pair.</param>
+        /// <param name="hashedPackets">Hashed packet values to be included in certification.</param>
+        /// <param name="unhashedPackets">Unhashed packets values to be included in certification.</param>
+        /// <param name="hashAlgorithm">The hash algorithm.</param>
+        /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException">exception adding subkey: </exception>
+        /// <exception cref="PgpException"></exception>
+        public void AddSubKey(
+            PgpKeyPair keyPair,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            HashAlgorithmTag hashAlgorithm)
+        {
+            try
+            {
+                PgpSignatureGenerator sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm);
+
+                //
+                // Generate the certification
+                //
+                sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey);
+
+                sGen.SetHashedSubpackets(hashedPackets);
+                sGen.SetUnhashedSubpackets(unhashedPackets);
+
+                IList subSigs = Platform.CreateArrayList();
+                subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey));
+
+                keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm,
+                    rawPassPhrase, false, useSha1, rand, false));
+            }
+            catch (PgpException)
+            {
+                throw;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("exception adding subkey: ", e);
+            }
+        }
+
+
+		/// <summary>Return the secret key ring.</summary>
+        public PgpSecretKeyRing GenerateSecretKeyRing()
+        {
+            return new PgpSecretKeyRing(keys);
+        }
+
+		/// <summary>Return the public key ring that corresponds to the secret key ring.</summary>
+        public PgpPublicKeyRing GeneratePublicKeyRing()
+        {
+            IList pubKeys = Platform.CreateArrayList();
+
+            IEnumerator enumerator = keys.GetEnumerator();
+            enumerator.MoveNext();
+
+			PgpSecretKey pgpSecretKey = (PgpSecretKey) enumerator.Current;
+			pubKeys.Add(pgpSecretKey.PublicKey);
+
+			while (enumerator.MoveNext())
+            {
+                pgpSecretKey = (PgpSecretKey) enumerator.Current;
+
+				PgpPublicKey k = new PgpPublicKey(pgpSecretKey.PublicKey);
+				k.publicPk = new PublicSubkeyPacket(
+					k.Algorithm, k.CreationTime, k.publicPk.Key);
+
+				pubKeys.Add(k);
+			}
+
+			return new PgpPublicKeyRing(pubKeys);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpKeyValidationException.cs b/bc-sharp-crypto/src/openpgp/PgpKeyValidationException.cs
new file mode 100644
index 0000000..383ae57
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpKeyValidationException.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// Thrown if the key checksum is invalid.
+	/// </remarks>
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PgpKeyValidationException
+		: PgpException
+	{
+		public PgpKeyValidationException() : base() {}
+		public PgpKeyValidationException(string message) : base(message) {}
+		public PgpKeyValidationException(string message, Exception exception) : base(message, exception) {}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpLiteralData.cs b/bc-sharp-crypto/src/openpgp/PgpLiteralData.cs
new file mode 100644
index 0000000..79bbc39
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpLiteralData.cs
@@ -0,0 +1,63 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <summary>Class for processing literal data objects.</summary>
+    public class PgpLiteralData
+		: PgpObject
+    {
+        public const char Binary = 'b';
+        public const char Text = 't';
+		public const char Utf8 = 'u';
+
+		/// <summary>The special name indicating a "for your eyes only" packet.</summary>
+        public const string Console = "_CONSOLE";
+
+		private LiteralDataPacket data;
+
+		public PgpLiteralData(
+            BcpgInputStream bcpgInput)
+        {
+            data = (LiteralDataPacket) bcpgInput.ReadPacket();
+        }
+
+		/// <summary>The format of the data stream - Binary or Text</summary>
+        public int Format
+        {
+            get { return data.Format; }
+        }
+
+		/// <summary>The file name that's associated with the data stream.</summary>
+        public string FileName
+        {
+			get { return data.FileName; }
+        }
+
+		/// Return the file name as an unintrepreted byte array.
+		public byte[] GetRawFileName()
+		{
+			return data.GetRawFileName();
+		}
+
+		/// <summary>The modification time for the file.</summary>
+        public DateTime ModificationTime
+        {
+			get { return DateTimeUtilities.UnixMsToDateTime(data.ModificationTime); }
+        }
+
+		/// <summary>The raw input stream for the data stream.</summary>
+        public Stream GetInputStream()
+        {
+            return data.GetInputStream();
+        }
+
+		/// <summary>The input stream representing the data stream.</summary>
+        public Stream GetDataStream()
+        {
+            return GetInputStream();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpLiteralDataGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpLiteralDataGenerator.cs
new file mode 100644
index 0000000..7672659
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpLiteralDataGenerator.cs
@@ -0,0 +1,182 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Class for producing literal data packets.</remarks>
+    public class PgpLiteralDataGenerator
+		: IStreamGenerator
+	{
+        public const char Binary = PgpLiteralData.Binary;
+        public const char Text = PgpLiteralData.Text;
+		public const char Utf8 = PgpLiteralData.Utf8;
+
+		/// <summary>The special name indicating a "for your eyes only" packet.</summary>
+        public const string Console = PgpLiteralData.Console;
+
+		private BcpgOutputStream pkOut;
+        private bool oldFormat;
+
+		public PgpLiteralDataGenerator()
+        {
+        }
+
+		/// <summary>
+		/// Generates literal data objects in the old format.
+		/// This is important if you need compatibility with PGP 2.6.x.
+		/// </summary>
+		/// <param name="oldFormat">If true, uses old format.</param>
+        public PgpLiteralDataGenerator(
+            bool oldFormat)
+        {
+            this.oldFormat = oldFormat;
+        }
+
+		private void WriteHeader(
+            BcpgOutputStream	outStr,
+            char				format,
+            byte[]				encName,
+            long				modificationTime)
+        {
+			outStr.Write(
+				(byte) format,
+				(byte) encName.Length);
+
+			outStr.Write(encName);
+
+			long modDate = modificationTime / 1000L;
+
+			outStr.Write(
+				(byte)(modDate >> 24),
+				(byte)(modDate >> 16),
+				(byte)(modDate >> 8),
+				(byte)modDate);
+        }
+
+		/// <summary>
+		/// <p>
+		/// Open a literal data packet, returning a stream to store the data inside the packet.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// </summary>
+		/// <param name="outStr">The stream we want the packet in.</param>
+		/// <param name="format">The format we are using.</param>
+		/// <param name="name">The name of the 'file'.</param>
+		/// <param name="length">The length of the data we will write.</param>
+		/// <param name="modificationTime">The time of last modification we want stored.</param>
+        public Stream Open(
+            Stream		outStr,
+            char		format,
+            string		name,
+            long		length,
+            DateTime	modificationTime)
+        {
+			if (pkOut != null)
+				throw new InvalidOperationException("generator already in open state");
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			// Do this first, since it might throw an exception
+			long unixMs = DateTimeUtilities.DateTimeToUnixMs(modificationTime);
+
+            byte[] encName = Strings.ToUtf8ByteArray(name);
+
+            pkOut = new BcpgOutputStream(outStr, PacketTag.LiteralData,
+				length + 2 + encName.Length + 4, oldFormat);
+
+			WriteHeader(pkOut, format, encName, unixMs);
+
+			return new WrappedGeneratorStream(this, pkOut);
+        }
+
+        /// <summary>
+		/// <p>
+		/// Open a literal data packet, returning a stream to store the data inside the packet,
+		/// as an indefinite length stream. The stream is written out as a series of partial
+		/// packets with a chunk size determined by the size of the passed in buffer.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// <p>
+		/// <b>Note</b>: if the buffer is not a power of 2 in length only the largest power of 2
+		/// bytes worth of the buffer will be used.</p>
+		/// </summary>
+		/// <param name="outStr">The stream we want the packet in.</param>
+		/// <param name="format">The format we are using.</param>
+		/// <param name="name">The name of the 'file'.</param>
+		/// <param name="modificationTime">The time of last modification we want stored.</param>
+		/// <param name="buffer">The buffer to use for collecting data to put into chunks.</param>
+        public Stream Open(
+            Stream		outStr,
+            char		format,
+            string		name,
+            DateTime	modificationTime,
+            byte[]		buffer)
+        {
+			if (pkOut != null)
+				throw new InvalidOperationException("generator already in open state");
+			if (outStr == null)
+				throw new ArgumentNullException("outStr");
+
+			// Do this first, since it might throw an exception
+			long unixMs = DateTimeUtilities.DateTimeToUnixMs(modificationTime);
+
+            byte[] encName = Strings.ToUtf8ByteArray(name);
+
+			pkOut = new BcpgOutputStream(outStr, PacketTag.LiteralData, buffer);
+
+            WriteHeader(pkOut, format, encName, unixMs);
+
+			return new WrappedGeneratorStream(this, pkOut);
+		}
+
+#if !PORTABLE || DOTNET
+        /// <summary>
+		/// <p>
+		/// Open a literal data packet for the passed in <c>FileInfo</c> object, returning
+		/// an output stream for saving the file contents.
+		/// </p>
+		/// <p>
+		/// The stream created can be closed off by either calling Close()
+		/// on the stream or Close() on the generator. Closing the returned
+		/// stream does not close off the Stream parameter <c>outStr</c>.
+		/// </p>
+		/// </summary>
+		/// <param name="outStr">The stream we want the packet in.</param>
+		/// <param name="format">The format we are using.</param>
+		/// <param name="file">The <c>FileInfo</c> object containg the packet details.</param>
+		public Stream Open(
+            Stream		outStr,
+            char		format,
+            FileInfo	file)
+        {
+			return Open(outStr, format, file.Name, file.Length, file.LastWriteTime);
+        }
+#endif
+
+		/// <summary>
+		/// Close the literal data packet - this is equivalent to calling Close()
+		/// on the stream returned by the Open() method.
+		/// </summary>
+        public void Close()
+        {
+			if (pkOut != null)
+			{
+				pkOut.Finish();
+				pkOut.Flush();
+				pkOut = null;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpMarker.cs b/bc-sharp-crypto/src/openpgp/PgpMarker.cs
new file mode 100644
index 0000000..733e4e9
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpMarker.cs
@@ -0,0 +1,18 @@
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// A PGP marker packet - in general these should be ignored other than where
+	/// the idea is to preserve the original input stream.
+	/// </remarks>
+    public class PgpMarker
+		: PgpObject
+    {
+        private readonly MarkerPacket p;
+
+		public PgpMarker(
+            BcpgInputStream bcpgIn)
+        {
+            p = (MarkerPacket) bcpgIn.ReadPacket();
+        }
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpObjectFactory.cs b/bc-sharp-crypto/src/openpgp/PgpObjectFactory.cs
new file mode 100644
index 0000000..c5c6fcb
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpObjectFactory.cs
@@ -0,0 +1,143 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+    /// General class for reading a PGP object stream.
+    /// <p>
+    /// Note: if this class finds a PgpPublicKey or a PgpSecretKey it
+    /// will create a PgpPublicKeyRing, or a PgpSecretKeyRing for each
+    /// key found. If all you are trying to do is read a key ring file use
+    /// either PgpPublicKeyRingBundle or PgpSecretKeyRingBundle.</p>
+	/// </remarks>
+	public class PgpObjectFactory
+    {
+        private readonly BcpgInputStream bcpgIn;
+
+		public PgpObjectFactory(
+            Stream inputStream)
+        {
+            this.bcpgIn = BcpgInputStream.Wrap(inputStream);
+        }
+
+        public PgpObjectFactory(
+            byte[] bytes)
+            : this(new MemoryStream(bytes, false))
+        {
+        }
+
+		/// <summary>Return the next object in the stream, or null if the end is reached.</summary>
+		/// <exception cref="IOException">On a parse error</exception>
+        public PgpObject NextPgpObject()
+        {
+            PacketTag tag = bcpgIn.NextPacketTag();
+
+            if ((int) tag == -1) return null;
+
+            switch (tag)
+            {
+                case PacketTag.Signature:
+                {
+                    IList l = Platform.CreateArrayList();
+
+                    while (bcpgIn.NextPacketTag() == PacketTag.Signature)
+                    {
+                        try
+                        {
+                            l.Add(new PgpSignature(bcpgIn));
+                        }
+                        catch (PgpException e)
+                        {
+                            throw new IOException("can't create signature object: " + e);
+                        }
+                    }
+
+                    PgpSignature[] sigs = new PgpSignature[l.Count];
+                    for (int i = 0; i < l.Count; ++i)
+                    {
+                        sigs[i] = (PgpSignature)l[i];
+                    }
+					return new PgpSignatureList(sigs);
+                }
+                case PacketTag.SecretKey:
+                    try
+                    {
+                        return new PgpSecretKeyRing(bcpgIn);
+                    }
+                    catch (PgpException e)
+                    {
+                        throw new IOException("can't create secret key object: " + e);
+                    }
+                case PacketTag.PublicKey:
+                    return new PgpPublicKeyRing(bcpgIn);
+				// TODO Make PgpPublicKey a PgpObject or return a PgpPublicKeyRing
+//				case PacketTag.PublicSubkey:
+//					return PgpPublicKeyRing.ReadSubkey(bcpgIn);
+                case PacketTag.CompressedData:
+                    return new PgpCompressedData(bcpgIn);
+                case PacketTag.LiteralData:
+                    return new PgpLiteralData(bcpgIn);
+                case PacketTag.PublicKeyEncryptedSession:
+                case PacketTag.SymmetricKeyEncryptedSessionKey:
+                    return new PgpEncryptedDataList(bcpgIn);
+                case PacketTag.OnePassSignature:
+                {
+                    IList l = Platform.CreateArrayList();
+
+                    while (bcpgIn.NextPacketTag() == PacketTag.OnePassSignature)
+                    {
+                        try
+                        {
+                            l.Add(new PgpOnePassSignature(bcpgIn));
+                        }
+                        catch (PgpException e)
+                        {
+							throw new IOException("can't create one pass signature object: " + e);
+						}
+                    }
+
+                    PgpOnePassSignature[] sigs = new PgpOnePassSignature[l.Count];
+                    for (int i = 0; i < l.Count; ++i)
+                    {
+                        sigs[i] = (PgpOnePassSignature)l[i];
+                    }
+					return new PgpOnePassSignatureList(sigs);
+                }
+                case PacketTag.Marker:
+                    return new PgpMarker(bcpgIn);
+                case PacketTag.Experimental1:
+                case PacketTag.Experimental2:
+                case PacketTag.Experimental3:
+                case PacketTag.Experimental4:
+					return new PgpExperimental(bcpgIn);
+            }
+
+            throw new IOException("unknown object in stream " + bcpgIn.NextPacketTag());
+        }
+
+		[Obsolete("Use NextPgpObject() instead")]
+		public object NextObject()
+		{
+			return NextPgpObject();
+		}
+
+		/// <summary>
+		/// Return all available objects in a list.
+		/// </summary>
+		/// <returns>An <c>IList</c> containing all objects from this factory, in order.</returns>
+		public IList AllPgpObjects()
+		{
+            IList result = Platform.CreateArrayList();
+			PgpObject pgpObject;
+			while ((pgpObject = NextPgpObject()) != null)
+			{
+				result.Add(pgpObject);
+			}
+			return result;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpOnePassSignature.cs b/bc-sharp-crypto/src/openpgp/PgpOnePassSignature.cs
new file mode 100644
index 0000000..68fc599
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpOnePassSignature.cs
@@ -0,0 +1,179 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A one pass signature object.</remarks>
+    public class PgpOnePassSignature
+    {
+        private OnePassSignaturePacket sigPack;
+        private int signatureType;
+		private ISigner sig;
+		private byte lastb;
+
+		internal PgpOnePassSignature(
+            BcpgInputStream bcpgInput)
+            : this((OnePassSignaturePacket) bcpgInput.ReadPacket())
+        {
+        }
+
+		internal PgpOnePassSignature(
+            OnePassSignaturePacket sigPack)
+        {
+            this.sigPack = sigPack;
+            this.signatureType = sigPack.SignatureType;
+        }
+
+		/// <summary>Initialise the signature object for verification.</summary>
+        public void InitVerify(
+            PgpPublicKey pubKey)
+        {
+			lastb = 0;
+
+			try
+			{
+				sig = SignerUtilities.GetSigner(
+					PgpUtilities.GetSignatureName(sigPack.KeyAlgorithm, sigPack.HashAlgorithm));
+			}
+			catch (Exception e)
+			{
+				throw new PgpException("can't set up signature object.",  e);
+			}
+
+			try
+            {
+                sig.Init(false, pubKey.GetKey());
+            }
+			catch (InvalidKeyException e)
+            {
+                throw new PgpException("invalid key.", e);
+            }
+        }
+
+		public void Update(
+            byte b)
+        {
+			if (signatureType == PgpSignature.CanonicalTextDocument)
+			{
+				doCanonicalUpdateByte(b);
+			}
+			else
+			{
+				sig.Update(b);
+			}
+        }
+
+		private void doCanonicalUpdateByte(
+			byte b)
+		{
+			if (b == '\r')
+			{
+				doUpdateCRLF();
+			}
+			else if (b == '\n')
+			{
+				if (lastb != '\r')
+				{
+					doUpdateCRLF();
+				}
+			}
+			else
+			{
+				sig.Update(b);
+			}
+
+			lastb = b;
+		}
+
+		private void doUpdateCRLF()
+		{
+			sig.Update((byte)'\r');
+			sig.Update((byte)'\n');
+		}
+
+		public void Update(
+            byte[] bytes)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+                for (int i = 0; i != bytes.Length; i++)
+                {
+                    doCanonicalUpdateByte(bytes[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(bytes, 0, bytes.Length);
+            }
+        }
+
+        public void Update(
+            byte[]  bytes,
+            int     off,
+            int     length)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+                int finish = off + length;
+
+                for (int i = off; i != finish; i++)
+                {
+                    doCanonicalUpdateByte(bytes[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(bytes, off, length);
+            }
+        }
+
+		/// <summary>Verify the calculated signature against the passed in PgpSignature.</summary>
+        public bool Verify(
+            PgpSignature pgpSig)
+        {
+            byte[] trailer = pgpSig.GetSignatureTrailer();
+
+			sig.BlockUpdate(trailer, 0, trailer.Length);
+
+			return sig.VerifySignature(pgpSig.GetSignature());
+        }
+
+        public long KeyId
+        {
+			get { return sigPack.KeyId; }
+        }
+
+		public int SignatureType
+        {
+            get { return sigPack.SignatureType; }
+        }
+
+		public HashAlgorithmTag HashAlgorithm
+		{
+			get { return sigPack.HashAlgorithm; }
+		}
+
+		public PublicKeyAlgorithmTag KeyAlgorithm
+		{
+			get { return sigPack.KeyAlgorithm; }
+		}
+
+		public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+            Encode(bOut);
+
+            return bOut.ToArray();
+        }
+
+		public void Encode(
+            Stream outStr)
+        {
+            BcpgOutputStream.Wrap(outStr).WritePacket(sigPack);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpOnePassSignatureList.cs b/bc-sharp-crypto/src/openpgp/PgpOnePassSignatureList.cs
new file mode 100644
index 0000000..37c4288
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpOnePassSignatureList.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Holder for a list of PgpOnePassSignature objects.</remarks>
+    public class PgpOnePassSignatureList
+		: PgpObject
+    {
+        private readonly PgpOnePassSignature[] sigs;
+
+		public PgpOnePassSignatureList(
+            PgpOnePassSignature[] sigs)
+        {
+			this.sigs = (PgpOnePassSignature[]) sigs.Clone();
+        }
+
+		public PgpOnePassSignatureList(
+            PgpOnePassSignature sig)
+        {
+			this.sigs = new PgpOnePassSignature[]{ sig };
+        }
+
+		public PgpOnePassSignature this[int index]
+		{
+			get { return sigs[index]; }
+		}
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public PgpOnePassSignature Get(
+            int index)
+        {
+            return this[index];
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+        {
+			get { return sigs.Length; }
+        }
+
+		public int Count
+		{
+			get { return sigs.Length; }
+		}
+
+		public bool IsEmpty
+        {
+			get { return (sigs.Length == 0); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPad.cs b/bc-sharp-crypto/src/openpgp/PgpPad.cs
new file mode 100644
index 0000000..48f7f2f
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPad.cs
@@ -0,0 +1,45 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /// <remarks>Padding functions.</remarks>
+    public sealed class PgpPad
+    {
+        private PgpPad()
+        {
+        }
+
+        public static byte[] PadSessionData(byte[] sessionInfo)
+        {
+            byte[] result = new byte[40];
+
+            Array.Copy(sessionInfo, 0, result, 0, sessionInfo.Length);
+
+            byte padValue = (byte)(result.Length - sessionInfo.Length);
+
+            for (int i = sessionInfo.Length; i != result.Length; i++)
+            {
+                result[i] = padValue;
+            }
+
+            return result;
+        }
+
+        public static byte[] UnpadSessionData(byte[] encoded)
+        {
+            byte padValue = encoded[encoded.Length - 1];
+
+            for (int i = encoded.Length - padValue; i != encoded.Length; i++)
+            {
+                if (encoded[i] != padValue)
+                    throw new PgpException("bad padding found in session data");
+            }
+
+            byte[] taggedKey = new byte[encoded.Length - padValue];
+
+            Array.Copy(encoded, 0, taggedKey, 0, taggedKey.Length);
+
+            return taggedKey;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPbeEncryptedData.cs b/bc-sharp-crypto/src/openpgp/PgpPbeEncryptedData.cs
new file mode 100644
index 0000000..f43f2f5
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPbeEncryptedData.cs
@@ -0,0 +1,160 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A password based encryption object.</remarks>
+    public class PgpPbeEncryptedData
+        : PgpEncryptedData
+    {
+        private readonly SymmetricKeyEncSessionPacket keyData;
+
+		internal PgpPbeEncryptedData(
+			SymmetricKeyEncSessionPacket	keyData,
+			InputStreamPacket				encData)
+			: base(encData)
+		{
+			this.keyData = keyData;
+		}
+
+		/// <summary>Return the raw input stream for the data stream.</summary>
+		public override Stream GetInputStream()
+		{
+			return encData.GetInputStream();
+		}
+
+		/// <summary>Return the decrypted input stream, using the passed in passphrase.</summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public Stream GetDataStream(char[] passPhrase)
+        {
+            return DoGetDataStream(PgpUtilities.EncodePassPhrase(passPhrase, false), true);
+        }
+
+		/// <summary>Return the decrypted input stream, using the passed in passphrase.</summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public Stream GetDataStreamUtf8(char[] passPhrase)
+        {
+            return DoGetDataStream(PgpUtilities.EncodePassPhrase(passPhrase, true), true);
+        }
+
+		/// <summary>Return the decrypted input stream, using the passed in passphrase.</summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public Stream GetDataStreamRaw(byte[] rawPassPhrase)
+        {
+            return DoGetDataStream(rawPassPhrase, false);
+        }
+
+        internal Stream DoGetDataStream(byte[] rawPassPhrase, bool clearPassPhrase)
+        {
+			try
+			{
+				SymmetricKeyAlgorithmTag keyAlgorithm = keyData.EncAlgorithm;
+
+				KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(
+					keyAlgorithm, keyData.S2k, rawPassPhrase, clearPassPhrase);
+
+                byte[] secKeyData = keyData.GetSecKeyData();
+				if (secKeyData != null && secKeyData.Length > 0)
+				{
+					IBufferedCipher keyCipher = CipherUtilities.GetCipher(
+						PgpUtilities.GetSymmetricCipherName(keyAlgorithm) + "/CFB/NoPadding");
+
+					keyCipher.Init(false,
+						new ParametersWithIV(key, new byte[keyCipher.GetBlockSize()]));
+
+					byte[] keyBytes = keyCipher.DoFinal(secKeyData);
+
+					keyAlgorithm = (SymmetricKeyAlgorithmTag) keyBytes[0];
+
+					key = ParameterUtilities.CreateKeyParameter(
+						PgpUtilities.GetSymmetricCipherName(keyAlgorithm),
+						keyBytes, 1, keyBytes.Length - 1);
+				}
+
+
+				IBufferedCipher c = CreateStreamCipher(keyAlgorithm);
+
+				byte[] iv = new byte[c.GetBlockSize()];
+
+				c.Init(false, new ParametersWithIV(key, iv));
+
+				encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), c, null));
+
+				if (encData is SymmetricEncIntegrityPacket)
+				{
+					truncStream = new TruncatedStream(encStream);
+
+					string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
+					IDigest digest = DigestUtilities.GetDigest(digestName);
+
+					encStream = new DigestStream(truncStream, digest, null);
+				}
+
+				if (Streams.ReadFully(encStream, iv, 0, iv.Length) < iv.Length)
+					throw new EndOfStreamException("unexpected end of stream.");
+
+				int v1 = encStream.ReadByte();
+				int v2 = encStream.ReadByte();
+
+				if (v1 < 0 || v2 < 0)
+					throw new EndOfStreamException("unexpected end of stream.");
+
+
+				// Note: the oracle attack on the "quick check" bytes is not deemed
+				// a security risk for PBE (see PgpPublicKeyEncryptedData)
+
+				bool repeatCheckPassed =
+						iv[iv.Length - 2] == (byte)v1
+					&&	iv[iv.Length - 1] == (byte)v2;
+
+				// Note: some versions of PGP appear to produce 0 for the extra
+				// bytes rather than repeating the two previous bytes
+				bool zeroesCheckPassed =
+						v1 == 0
+					&&	v2 == 0;
+
+				if (!repeatCheckPassed && !zeroesCheckPassed)
+				{
+					throw new PgpDataValidationException("quick check failed.");
+				}
+
+
+				return encStream;
+			}
+			catch (PgpException e)
+			{
+				throw e;
+			}
+			catch (Exception e)
+			{
+				throw new PgpException("Exception creating cipher", e);
+			}
+		}
+
+		private IBufferedCipher CreateStreamCipher(
+			SymmetricKeyAlgorithmTag keyAlgorithm)
+		{
+			string mode = (encData is SymmetricEncIntegrityPacket)
+				? "CFB"
+				: "OpenPGPCFB";
+
+			string cName = PgpUtilities.GetSymmetricCipherName(keyAlgorithm)
+				+ "/" + mode + "/NoPadding";
+
+			return CipherUtilities.GetCipher(cName);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPrivateKey.cs b/bc-sharp-crypto/src/openpgp/PgpPrivateKey.cs
new file mode 100644
index 0000000..61487a5
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPrivateKey.cs
@@ -0,0 +1,51 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>General class to contain a private key for use with other OpenPGP objects.</remarks>
+    public class PgpPrivateKey
+    {
+        private readonly long keyID;
+        private readonly PublicKeyPacket publicKeyPacket;
+        private readonly AsymmetricKeyParameter privateKey;
+
+        /// <summary>
+		/// Create a PgpPrivateKey from a keyID, the associated public data packet, and a regular private key.
+		/// </summary>
+		/// <param name="keyID">ID of the corresponding public key.</param>
+        /// <param name="publicKeyPacket">the public key data packet to be associated with this private key.</param>
+        /// <param name="privateKey">the private key data packet to be associated with this private key.</param>
+        public PgpPrivateKey(
+            long                    keyID,
+            PublicKeyPacket         publicKeyPacket,
+            AsymmetricKeyParameter	privateKey)
+        {
+			if (!privateKey.IsPrivate)
+				throw new ArgumentException("Expected a private key", "privateKey");
+
+            this.keyID = keyID;
+            this.publicKeyPacket = publicKeyPacket;
+            this.privateKey = privateKey;
+        }
+
+        /// <summary>The keyId associated with the contained private key.</summary>
+        public long KeyId
+        {
+			get { return keyID; }
+        }
+
+        /// <summary>The public key packet associated with this private key, if available.</summary>
+        public PublicKeyPacket PublicKeyPacket
+        {
+            get { return publicKeyPacket; }
+        }
+
+        /// <summary>The contained private key.</summary>
+        public AsymmetricKeyParameter Key
+        {
+			get { return privateKey; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPublicKey.cs b/bc-sharp-crypto/src/openpgp/PgpPublicKey.cs
new file mode 100644
index 0000000..fc125e8
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPublicKey.cs
@@ -0,0 +1,980 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /// <remarks>General class to handle a PGP public key object.</remarks>
+    public class PgpPublicKey
+    {
+        public static byte[] CalculateFingerprint(PublicKeyPacket publicPk)
+        {
+            IBcpgKey key = publicPk.Key;
+            IDigest digest;
+
+            if (publicPk.Version <= 3)
+            {
+                RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key;
+
+                try
+                {
+                    digest = DigestUtilities.GetDigest("MD5");
+                    UpdateDigest(digest, rK.Modulus);
+                    UpdateDigest(digest, rK.PublicExponent);
+                }
+                catch (Exception e)
+                {
+                    throw new PgpException("can't encode key components: " + e.Message, e);
+                }
+            }
+            else
+            {
+                try
+                {
+                    byte[] kBytes = publicPk.GetEncodedContents();
+
+                    digest = DigestUtilities.GetDigest("SHA1");
+
+                    digest.Update(0x99);
+                    digest.Update((byte)(kBytes.Length >> 8));
+                    digest.Update((byte)kBytes.Length);
+                    digest.BlockUpdate(kBytes, 0, kBytes.Length);
+                }
+                catch (Exception e)
+                {
+                    throw new PgpException("can't encode key components: " + e.Message, e);
+                }
+            }
+
+            return DigestUtilities.DoFinal(digest);
+        }
+
+        private static void UpdateDigest(IDigest d, BigInteger b)
+        {
+            byte[] bytes = b.ToByteArrayUnsigned();
+            d.BlockUpdate(bytes, 0, bytes.Length);
+        }
+
+        private static readonly int[] MasterKeyCertificationTypes = new int[]
+        {
+            PgpSignature.PositiveCertification,
+            PgpSignature.CasualCertification,
+            PgpSignature.NoCertification,
+            PgpSignature.DefaultCertification
+        };
+
+        private long				keyId;
+        private byte[]				fingerprint;
+        private int					keyStrength;
+
+        internal PublicKeyPacket	publicPk;
+        internal TrustPacket		trustPk;
+        internal IList			    keySigs = Platform.CreateArrayList();
+        internal IList			    ids = Platform.CreateArrayList();
+        internal IList              idTrusts = Platform.CreateArrayList();
+        internal IList              idSigs = Platform.CreateArrayList();
+        internal IList			    subSigs;
+
+        private void Init()
+        {
+            IBcpgKey key = publicPk.Key;
+
+            this.fingerprint = CalculateFingerprint(publicPk);
+
+            if (publicPk.Version <= 3)
+            {
+                RsaPublicBcpgKey rK = (RsaPublicBcpgKey) key;
+
+                this.keyId = rK.Modulus.LongValue;
+                this.keyStrength = rK.Modulus.BitLength;
+            }
+            else
+            {
+                this.keyId = (long)(((ulong)fingerprint[fingerprint.Length - 8] << 56)
+                    | ((ulong)fingerprint[fingerprint.Length - 7] << 48)
+                    | ((ulong)fingerprint[fingerprint.Length - 6] << 40)
+                    | ((ulong)fingerprint[fingerprint.Length - 5] << 32)
+                    | ((ulong)fingerprint[fingerprint.Length - 4] << 24)
+                    | ((ulong)fingerprint[fingerprint.Length - 3] << 16)
+                    | ((ulong)fingerprint[fingerprint.Length - 2] << 8)
+                    | (ulong)fingerprint[fingerprint.Length - 1]);
+
+                if (key is RsaPublicBcpgKey)
+                {
+                    this.keyStrength = ((RsaPublicBcpgKey)key).Modulus.BitLength;
+                }
+                else if (key is DsaPublicBcpgKey)
+                {
+                    this.keyStrength = ((DsaPublicBcpgKey)key).P.BitLength;
+                }
+                else if (key is ElGamalPublicBcpgKey)
+                {
+                    this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength;
+                }
+                else if (key is ECPublicBcpgKey)
+                {
+                    this.keyStrength = ECKeyPairGenerator.FindECCurveByOid(((ECPublicBcpgKey)key).CurveOid).Curve.FieldSize;
+                }
+            }
+        }
+
+        /// <summary>
+        /// Create a PgpPublicKey from the passed in lightweight one.
+        /// </summary>
+        /// <remarks>
+        /// Note: the time passed in affects the value of the key's keyId, so you probably only want
+        /// to do this once for a lightweight key, or make sure you keep track of the time you used.
+        /// </remarks>
+        /// <param name="algorithm">Asymmetric algorithm type representing the public key.</param>
+        /// <param name="pubKey">Actual public key to associate.</param>
+        /// <param name="time">Date of creation.</param>
+        /// <exception cref="ArgumentException">If <c>pubKey</c> is not public.</exception>
+        /// <exception cref="PgpException">On key creation problem.</exception>
+        public PgpPublicKey(
+            PublicKeyAlgorithmTag	algorithm,
+            AsymmetricKeyParameter	pubKey,
+            DateTime				time)
+        {
+            if (pubKey.IsPrivate)
+                throw new ArgumentException("Expected a public key", "pubKey");
+
+            IBcpgKey bcpgKey;
+            if (pubKey is RsaKeyParameters)
+            {
+                RsaKeyParameters rK = (RsaKeyParameters) pubKey;
+
+                bcpgKey = new RsaPublicBcpgKey(rK.Modulus, rK.Exponent);
+            }
+            else if (pubKey is DsaPublicKeyParameters)
+            {
+                DsaPublicKeyParameters dK = (DsaPublicKeyParameters) pubKey;
+                DsaParameters dP = dK.Parameters;
+
+                bcpgKey = new DsaPublicBcpgKey(dP.P, dP.Q, dP.G, dK.Y);
+            }
+            else if (pubKey is ECPublicKeyParameters)
+            {
+                ECPublicKeyParameters ecK = (ECPublicKeyParameters)pubKey;
+
+                if (algorithm == PublicKeyAlgorithmTag.ECDH)
+                {
+                    bcpgKey = new ECDHPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q, HashAlgorithmTag.Sha256, SymmetricKeyAlgorithmTag.Aes128);
+                }
+                else if (algorithm == PublicKeyAlgorithmTag.ECDsa)
+                {
+                    bcpgKey = new ECDsaPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q);
+                }
+                else
+                {
+                    throw new PgpException("unknown EC algorithm");
+                }
+            }
+            else if (pubKey is ElGamalPublicKeyParameters)
+            {
+                ElGamalPublicKeyParameters eK = (ElGamalPublicKeyParameters) pubKey;
+                ElGamalParameters eS = eK.Parameters;
+
+                bcpgKey = new ElGamalPublicBcpgKey(eS.P, eS.G, eK.Y);
+            }
+            else
+            {
+                throw new PgpException("unknown key class");
+            }
+
+            this.publicPk = new PublicKeyPacket(algorithm, time, bcpgKey);
+            this.ids = Platform.CreateArrayList();
+            this.idSigs = Platform.CreateArrayList();
+
+            try
+            {
+                Init();
+            }
+            catch (IOException e)
+            {
+                throw new PgpException("exception calculating keyId", e);
+            }
+        }
+
+        public PgpPublicKey(PublicKeyPacket publicPk)
+            : this(publicPk, Platform.CreateArrayList(), Platform.CreateArrayList())
+        {
+        }
+
+        /// <summary>Constructor for a sub-key.</summary>
+        internal PgpPublicKey(
+            PublicKeyPacket	publicPk,
+            TrustPacket		trustPk,
+            IList           sigs)
+        {
+            this.publicPk = publicPk;
+            this.trustPk = trustPk;
+            this.subSigs = sigs;
+
+            Init();
+        }
+
+        internal PgpPublicKey(
+            PgpPublicKey	key,
+            TrustPacket		trust,
+            IList           subSigs)
+        {
+            this.publicPk = key.publicPk;
+            this.trustPk = trust;
+            this.subSigs = subSigs;
+
+            this.fingerprint = key.fingerprint;
+            this.keyId = key.keyId;
+            this.keyStrength = key.keyStrength;
+        }
+
+        /// <summary>Copy constructor.</summary>
+        /// <param name="pubKey">The public key to copy.</param>
+        internal PgpPublicKey(
+            PgpPublicKey pubKey)
+        {
+            this.publicPk = pubKey.publicPk;
+
+            this.keySigs = Platform.CreateArrayList(pubKey.keySigs);
+            this.ids = Platform.CreateArrayList(pubKey.ids);
+            this.idTrusts = Platform.CreateArrayList(pubKey.idTrusts);
+            this.idSigs = Platform.CreateArrayList(pubKey.idSigs.Count);
+            for (int i = 0; i != pubKey.idSigs.Count; i++)
+            {
+                this.idSigs.Add(Platform.CreateArrayList((IList)pubKey.idSigs[i]));
+            }
+
+            if (pubKey.subSigs != null)
+            {
+                this.subSigs = Platform.CreateArrayList(pubKey.subSigs.Count);
+                for (int i = 0; i != pubKey.subSigs.Count; i++)
+                {
+                    this.subSigs.Add(pubKey.subSigs[i]);
+                }
+            }
+
+            this.fingerprint = pubKey.fingerprint;
+            this.keyId = pubKey.keyId;
+            this.keyStrength = pubKey.keyStrength;
+        }
+
+        internal PgpPublicKey(
+            PublicKeyPacket	publicPk,
+            TrustPacket		trustPk,
+            IList		    keySigs,
+            IList		    ids,
+            IList           idTrusts,
+            IList           idSigs)
+        {
+            this.publicPk = publicPk;
+            this.trustPk = trustPk;
+            this.keySigs = keySigs;
+            this.ids = ids;
+            this.idTrusts = idTrusts;
+            this.idSigs = idSigs;
+
+            Init();
+        }
+
+        internal PgpPublicKey(
+            PublicKeyPacket	publicPk,
+            IList           ids,
+            IList           idSigs)
+        {
+            this.publicPk = publicPk;
+            this.ids = ids;
+            this.idSigs = idSigs;
+            Init();
+        }
+
+        /// <summary>The version of this key.</summary>
+        public int Version
+        {
+            get { return publicPk.Version; }
+        }
+
+        /// <summary>The creation time of this key.</summary>
+        public DateTime CreationTime
+        {
+            get { return publicPk.GetTime(); }
+        }
+
+        /// <summary>The number of valid days from creation time - zero means no expiry.</summary>
+        /// <remarks>WARNING: This method will return 1 for keys with version > 3 that expire in less than 1 day</remarks>
+        [Obsolete("Use 'GetValidSeconds' instead")]
+        public int ValidDays
+        {
+            get
+            {
+                if (publicPk.Version <= 3)
+                {
+                    return publicPk.ValidDays;
+                }
+
+                long expSecs = GetValidSeconds();
+                if (expSecs <= 0)
+                    return 0;
+
+                int days = (int)(expSecs / (24 * 60 * 60));
+                return System.Math.Max(1, days);
+            }
+        }
+
+        /// <summary>Return the trust data associated with the public key, if present.</summary>
+        /// <returns>A byte array with trust data, null otherwise.</returns>
+        public byte[] GetTrustData()
+        {
+            if (trustPk == null)
+            {
+                return null;
+            }
+
+            return Arrays.Clone(trustPk.GetLevelAndTrustAmount());
+        }
+
+        /// <summary>The number of valid seconds from creation time - zero means no expiry.</summary>
+        public long GetValidSeconds()
+        {
+            if (publicPk.Version <= 3)
+            {
+                return (long)publicPk.ValidDays * (24 * 60 * 60);
+            }
+
+            if (IsMasterKey)
+            {
+                for (int i = 0; i != MasterKeyCertificationTypes.Length; i++)
+                {
+                    long seconds = GetExpirationTimeFromSig(true, MasterKeyCertificationTypes[i]);
+                    if (seconds >= 0)
+                    {
+                        return seconds;
+                    }
+                }
+            }
+            else
+            {
+                long seconds = GetExpirationTimeFromSig(false, PgpSignature.SubkeyBinding);
+                if (seconds >= 0)
+                {
+                    return seconds;
+                }
+            }
+
+            return 0;
+        }
+
+        private long GetExpirationTimeFromSig(bool selfSigned, int signatureType)
+        {
+            long expiryTime = -1;
+            long lastDate = -1;
+
+            foreach (PgpSignature sig in GetSignaturesOfType(signatureType))
+            {
+                if (selfSigned && sig.KeyId != this.KeyId)
+                    continue;
+
+                PgpSignatureSubpacketVector hashed = sig.GetHashedSubPackets();
+                if (hashed == null)
+                    continue;
+
+                long current = hashed.GetKeyExpirationTime();
+
+                if (sig.KeyId == this.KeyId)
+                {
+                    if (sig.CreationTime.Ticks > lastDate)
+                    {
+                        lastDate = sig.CreationTime.Ticks;
+                        expiryTime = current;
+                    }
+                }
+                else if (current == 0 || current > expiryTime)
+                {
+                    expiryTime = current;
+                }
+            }
+
+            return expiryTime;
+        }
+
+        /// <summary>The keyId associated with the public key.</summary>
+        public long KeyId
+        {
+            get { return keyId; }
+        }
+
+        /// <summary>The fingerprint of the key</summary>
+        public byte[] GetFingerprint()
+        {
+            return (byte[]) fingerprint.Clone();
+        }
+
+        /// <summary>
+        /// Check if this key has an algorithm type that makes it suitable to use for encryption.
+        /// </summary>
+        /// <remarks>
+        /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for
+        /// determining the preferred use of the key.
+        /// </remarks>
+        /// <returns>
+        /// <c>true</c> if this key algorithm is suitable for encryption.
+        /// </returns>
+        public bool IsEncryptionKey
+        {
+            get
+            {
+                switch (publicPk.Algorithm)
+                {
+                    case PublicKeyAlgorithmTag.ECDH:
+                    case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                    case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    case PublicKeyAlgorithmTag.RsaEncrypt:
+                    case PublicKeyAlgorithmTag.RsaGeneral:
+                        return true;
+                    default:
+                        return false;
+                }
+            }
+        }
+
+        /// <summary>True, if this is a master key.</summary>
+        public bool IsMasterKey
+        {
+            get { return subSigs == null; }
+        }
+
+        /// <summary>The algorithm code associated with the public key.</summary>
+        public PublicKeyAlgorithmTag Algorithm
+        {
+            get { return publicPk.Algorithm; }
+        }
+
+        /// <summary>The strength of the key in bits.</summary>
+        public int BitStrength
+        {
+            get { return keyStrength; }
+        }
+
+        /// <summary>The public key contained in the object.</summary>
+        /// <returns>A lightweight public key.</returns>
+        /// <exception cref="PgpException">If the key algorithm is not recognised.</exception>
+        public AsymmetricKeyParameter GetKey()
+        {
+            try
+            {
+                switch (publicPk.Algorithm)
+                {
+                    case PublicKeyAlgorithmTag.RsaEncrypt:
+                    case PublicKeyAlgorithmTag.RsaGeneral:
+                    case PublicKeyAlgorithmTag.RsaSign:
+                        RsaPublicBcpgKey rsaK = (RsaPublicBcpgKey)publicPk.Key;
+                        return new RsaKeyParameters(false, rsaK.Modulus, rsaK.PublicExponent);
+                    case PublicKeyAlgorithmTag.Dsa:
+                        DsaPublicBcpgKey dsaK = (DsaPublicBcpgKey)publicPk.Key;
+                        return new DsaPublicKeyParameters(dsaK.Y, new DsaParameters(dsaK.P, dsaK.Q, dsaK.G));
+                    case PublicKeyAlgorithmTag.ECDsa:
+                        return GetECKey("ECDSA");
+                    case PublicKeyAlgorithmTag.ECDH:
+                        return GetECKey("ECDH");
+                    case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                    case PublicKeyAlgorithmTag.ElGamalGeneral:
+                        ElGamalPublicBcpgKey elK = (ElGamalPublicBcpgKey)publicPk.Key;
+                        return new ElGamalPublicKeyParameters(elK.Y, new ElGamalParameters(elK.P, elK.G));
+                    default:
+                        throw new PgpException("unknown public key algorithm encountered");
+                }
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("exception constructing public key", e);
+            }
+        }
+
+        private ECPublicKeyParameters GetECKey(string algorithm)
+        {
+            ECPublicBcpgKey ecK = (ECPublicBcpgKey)publicPk.Key;
+            X9ECParameters x9 = ECKeyPairGenerator.FindECCurveByOid(ecK.CurveOid);
+            ECPoint q = x9.Curve.DecodePoint(BigIntegers.AsUnsignedByteArray(ecK.EncodedPoint));
+            return new ECPublicKeyParameters(algorithm, q, ecK.CurveOid);
+        }
+
+        /// <summary>Allows enumeration of any user IDs associated with the key.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
+        public IEnumerable GetUserIds()
+        {
+            IList temp = Platform.CreateArrayList();
+
+            foreach (object o in ids)
+            {
+                if (o is string)
+                {
+                    temp.Add(o);
+                }
+            }
+
+            return new EnumerableProxy(temp);
+        }
+
+        /// <summary>Allows enumeration of any user attribute vectors associated with the key.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpUserAttributeSubpacketVector</c> objects.</returns>
+        public IEnumerable GetUserAttributes()
+        {
+            IList temp = Platform.CreateArrayList();
+
+            foreach (object o in ids)
+            {
+                if (o is PgpUserAttributeSubpacketVector)
+                {
+                    temp.Add(o);
+                }
+            }
+
+            return new EnumerableProxy(temp);
+        }
+
+        /// <summary>Allows enumeration of any signatures associated with the passed in id.</summary>
+        /// <param name="id">The ID to be matched.</param>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpSignature</c> objects.</returns>
+        public IEnumerable GetSignaturesForId(
+            string id)
+        {
+            if (id == null)
+                throw new ArgumentNullException("id");
+
+            for (int i = 0; i != ids.Count; i++)
+            {
+                if (id.Equals(ids[i]))
+                {
+                    return new EnumerableProxy((IList)idSigs[i]);
+                }
+            }
+
+            return null;
+        }
+
+        /// <summary>Allows enumeration of signatures associated with the passed in user attributes.</summary>
+        /// <param name="userAttributes">The vector of user attributes to be matched.</param>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpSignature</c> objects.</returns>
+        public IEnumerable GetSignaturesForUserAttribute(
+            PgpUserAttributeSubpacketVector userAttributes)
+        {
+            for (int i = 0; i != ids.Count; i++)
+            {
+                if (userAttributes.Equals(ids[i]))
+                {
+                    return new EnumerableProxy((IList) idSigs[i]);
+                }
+            }
+
+            return null;
+        }
+
+        /// <summary>Allows enumeration of signatures of the passed in type that are on this key.</summary>
+        /// <param name="signatureType">The type of the signature to be returned.</param>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpSignature</c> objects.</returns>
+        public IEnumerable GetSignaturesOfType(
+            int signatureType)
+        {
+            IList temp = Platform.CreateArrayList();
+
+            foreach (PgpSignature sig in GetSignatures())
+            {
+                if (sig.SignatureType == signatureType)
+                {
+                    temp.Add(sig);
+                }
+            }
+
+            return new EnumerableProxy(temp);
+        }
+
+        /// <summary>Allows enumeration of all signatures/certifications associated with this key.</summary>
+        /// <returns>An <c>IEnumerable</c> with all signatures/certifications.</returns>
+        public IEnumerable GetSignatures()
+        {
+            IList sigs = subSigs;
+            if (sigs == null)
+            {
+                sigs = Platform.CreateArrayList(keySigs);
+
+                foreach (ICollection extraSigs in idSigs)
+                {
+                    CollectionUtilities.AddRange(sigs, extraSigs);
+                }
+            }
+
+            return new EnumerableProxy(sigs);
+        }
+
+        /**
+         * Return all signatures/certifications directly associated with this key (ie, not to a user id).
+         *
+         * @return an iterator (possibly empty) with all signatures/certifications.
+         */
+        public IEnumerable GetKeySignatures()
+        {
+            IList sigs = subSigs;
+            if (sigs == null)
+            {
+                sigs = Platform.CreateArrayList(keySigs);
+            }
+            return new EnumerableProxy(sigs);
+        }
+
+        public PublicKeyPacket PublicKeyPacket
+        {
+            get { return publicPk; }
+        }
+
+        public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+            Encode(bOut);
+            return bOut.ToArray();
+        }
+
+        public void Encode(
+            Stream outStr)
+        {
+            BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
+
+            bcpgOut.WritePacket(publicPk);
+            if (trustPk != null)
+            {
+                bcpgOut.WritePacket(trustPk);
+            }
+
+            if (subSigs == null)    // not a sub-key
+            {
+                foreach (PgpSignature keySig in keySigs)
+                {
+                    keySig.Encode(bcpgOut);
+                }
+
+                for (int i = 0; i != ids.Count; i++)
+                {
+                    if (ids[i] is string)
+                    {
+                        string id = (string) ids[i];
+
+                        bcpgOut.WritePacket(new UserIdPacket(id));
+                    }
+                    else
+                    {
+                        PgpUserAttributeSubpacketVector v = (PgpUserAttributeSubpacketVector)ids[i];
+                        bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray()));
+                    }
+
+                    if (idTrusts[i] != null)
+                    {
+                        bcpgOut.WritePacket((ContainedPacket)idTrusts[i]);
+                    }
+
+                    foreach (PgpSignature sig in (IList) idSigs[i])
+                    {
+                        sig.Encode(bcpgOut);
+                    }
+                }
+            }
+            else
+            {
+                foreach (PgpSignature subSig in subSigs)
+                {
+                    subSig.Encode(bcpgOut);
+                }
+            }
+        }
+
+        /// <summary>Check whether this (sub)key has a revocation signature on it.</summary>
+        /// <returns>True, if this (sub)key has been revoked.</returns>
+        public bool IsRevoked()
+        {
+            int ns = 0;
+            bool revoked = false;
+            if (IsMasterKey)	// Master key
+            {
+                while (!revoked && (ns < keySigs.Count))
+                {
+                    if (((PgpSignature)keySigs[ns++]).SignatureType == PgpSignature.KeyRevocation)
+                    {
+                        revoked = true;
+                    }
+                }
+            }
+            else	// Sub-key
+            {
+                while (!revoked && (ns < subSigs.Count))
+                {
+                    if (((PgpSignature)subSigs[ns++]).SignatureType == PgpSignature.SubkeyRevocation)
+                    {
+                        revoked = true;
+                    }
+                }
+            }
+            return revoked;
+        }
+
+        /// <summary>Add a certification for an id to the given public key.</summary>
+        /// <param name="key">The key the certification is to be added to.</param>
+        /// <param name="id">The ID the certification is associated with.</param>
+        /// <param name="certification">The new certification.</param>
+        /// <returns>The re-certified key.</returns>
+        public static PgpPublicKey AddCertification(
+            PgpPublicKey	key,
+            string			id,
+            PgpSignature	certification)
+        {
+            return AddCert(key, id, certification);
+        }
+
+        /// <summary>Add a certification for the given UserAttributeSubpackets to the given public key.</summary>
+        /// <param name="key">The key the certification is to be added to.</param>
+        /// <param name="userAttributes">The attributes the certification is associated with.</param>
+        /// <param name="certification">The new certification.</param>
+        /// <returns>The re-certified key.</returns>
+        public static PgpPublicKey AddCertification(
+            PgpPublicKey					key,
+            PgpUserAttributeSubpacketVector	userAttributes,
+            PgpSignature					certification)
+        {
+            return AddCert(key, userAttributes, certification);
+        }
+
+        private static PgpPublicKey AddCert(
+            PgpPublicKey	key,
+            object			id,
+            PgpSignature	certification)
+        {
+            PgpPublicKey returnKey = new PgpPublicKey(key);
+            IList sigList = null;
+
+            for (int i = 0; i != returnKey.ids.Count; i++)
+            {
+                if (id.Equals(returnKey.ids[i]))
+                {
+                    sigList = (IList) returnKey.idSigs[i];
+                }
+            }
+
+            if (sigList != null)
+            {
+                sigList.Add(certification);
+            }
+            else
+            {
+                sigList = Platform.CreateArrayList();
+                sigList.Add(certification);
+                returnKey.ids.Add(id);
+                returnKey.idTrusts.Add(null);
+                returnKey.idSigs.Add(sigList);
+            }
+
+            return returnKey;
+        }
+
+        /// <summary>
+        /// Remove any certifications associated with a user attribute subpacket on a key.
+        /// </summary>
+        /// <param name="key">The key the certifications are to be removed from.</param>
+        /// <param name="userAttributes">The attributes to be removed.</param>
+        /// <returns>
+        /// The re-certified key, or null if the user attribute subpacket was not found on the key.
+        /// </returns>
+        public static PgpPublicKey RemoveCertification(
+            PgpPublicKey					key,
+            PgpUserAttributeSubpacketVector	userAttributes)
+        {
+            return RemoveCert(key, userAttributes);
+        }
+
+        /// <summary>Remove any certifications associated with a given ID on a key.</summary>
+        /// <param name="key">The key the certifications are to be removed from.</param>
+        /// <param name="id">The ID that is to be removed.</param>
+        /// <returns>The re-certified key, or null if the ID was not found on the key.</returns>
+        public static PgpPublicKey RemoveCertification(
+            PgpPublicKey	key,
+            string			id)
+        {
+            return RemoveCert(key, id);
+        }
+
+        private static PgpPublicKey RemoveCert(
+            PgpPublicKey	key,
+            object			id)
+        {
+            PgpPublicKey returnKey = new PgpPublicKey(key);
+            bool found = false;
+
+            for (int i = 0; i < returnKey.ids.Count; i++)
+            {
+                if (id.Equals(returnKey.ids[i]))
+                {
+                    found = true;
+                    returnKey.ids.RemoveAt(i);
+                    returnKey.idTrusts.RemoveAt(i);
+                    returnKey.idSigs.RemoveAt(i);
+                }
+            }
+
+            return found ? returnKey : null;
+        }
+
+        /// <summary>Remove a certification associated with a given ID on a key.</summary>
+        /// <param name="key">The key the certifications are to be removed from.</param>
+        /// <param name="id">The ID that the certfication is to be removed from.</param>
+        /// <param name="certification">The certfication to be removed.</param>
+        /// <returns>The re-certified key, or null if the certification was not found.</returns>
+        public static PgpPublicKey RemoveCertification(
+            PgpPublicKey	key,
+            string			id,
+            PgpSignature	certification)
+        {
+            return RemoveCert(key, id, certification);
+        }
+
+        /// <summary>Remove a certification associated with a given user attributes on a key.</summary>
+        /// <param name="key">The key the certifications are to be removed from.</param>
+        /// <param name="userAttributes">The user attributes that the certfication is to be removed from.</param>
+        /// <param name="certification">The certification to be removed.</param>
+        /// <returns>The re-certified key, or null if the certification was not found.</returns>
+        public static PgpPublicKey RemoveCertification(
+            PgpPublicKey					key,
+            PgpUserAttributeSubpacketVector	userAttributes,
+            PgpSignature					certification)
+        {
+            return RemoveCert(key, userAttributes, certification);
+        }
+
+        private static PgpPublicKey RemoveCert(
+            PgpPublicKey	key,
+            object			id,
+            PgpSignature	certification)
+        {
+            PgpPublicKey returnKey = new PgpPublicKey(key);
+            bool found = false;
+
+            for (int i = 0; i < returnKey.ids.Count; i++)
+            {
+                if (id.Equals(returnKey.ids[i]))
+                {
+                    IList certs = (IList) returnKey.idSigs[i];
+                    found = certs.Contains(certification);
+
+                    if (found)
+                    {
+                        certs.Remove(certification);
+                    }
+                }
+            }
+
+            return found ? returnKey : null;
+        }
+
+        /// <summary>Add a revocation or some other key certification to a key.</summary>
+        /// <param name="key">The key the revocation is to be added to.</param>
+        /// <param name="certification">The key signature to be added.</param>
+        /// <returns>The new changed public key object.</returns>
+        public static PgpPublicKey AddCertification(
+            PgpPublicKey	key,
+            PgpSignature	certification)
+        {
+            if (key.IsMasterKey)
+            {
+                if (certification.SignatureType == PgpSignature.SubkeyRevocation)
+                {
+                    throw new ArgumentException("signature type incorrect for master key revocation.");
+                }
+            }
+            else
+            {
+                if (certification.SignatureType == PgpSignature.KeyRevocation)
+                {
+                    throw new ArgumentException("signature type incorrect for sub-key revocation.");
+                }
+            }
+
+            PgpPublicKey returnKey = new PgpPublicKey(key);
+
+            if (returnKey.subSigs != null)
+            {
+                returnKey.subSigs.Add(certification);
+            }
+            else
+            {
+                returnKey.keySigs.Add(certification);
+            }
+
+            return returnKey;
+        }
+
+        /// <summary>Remove a certification from the key.</summary>
+        /// <param name="key">The key the certifications are to be removed from.</param>
+        /// <param name="certification">The certfication to be removed.</param>
+        /// <returns>The modified key, null if the certification was not found.</returns>
+        public static PgpPublicKey RemoveCertification(
+            PgpPublicKey	key,
+            PgpSignature	certification)
+        {
+            PgpPublicKey returnKey = new PgpPublicKey(key);
+            IList sigs = returnKey.subSigs != null
+                ?	returnKey.subSigs
+                :	returnKey.keySigs;
+
+//			bool found = sigs.Remove(certification);
+            int pos = sigs.IndexOf(certification);
+            bool found = pos >= 0;
+
+            if (found)
+            {
+                sigs.RemoveAt(pos);
+            }
+            else
+            {
+                foreach (String id in key.GetUserIds())
+                {
+                    foreach (object sig in key.GetSignaturesForId(id))
+                    {
+                        // TODO Is this the right type of equality test?
+                        if (certification == sig)
+                        {
+                            found = true;
+                            returnKey = PgpPublicKey.RemoveCertification(returnKey, id, certification);
+                        }
+                    }
+                }
+
+                if (!found)
+                {
+                    foreach (PgpUserAttributeSubpacketVector id in key.GetUserAttributes())
+                    {
+                        foreach (object sig in key.GetSignaturesForUserAttribute(id))
+                        {
+                            // TODO Is this the right type of equality test?
+                            if (certification == sig)
+                            {
+                                found = true;
+                                returnKey = PgpPublicKey.RemoveCertification(returnKey, id, certification);
+                            }
+                        }
+                    }
+                }
+            }
+
+            return returnKey;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPublicKeyEncryptedData.cs b/bc-sharp-crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
new file mode 100644
index 0000000..c2a3511
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPublicKeyEncryptedData.cs
@@ -0,0 +1,272 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A public key encrypted data object.</remarks>
+    public class PgpPublicKeyEncryptedData
+        : PgpEncryptedData
+    {
+        private PublicKeyEncSessionPacket keyData;
+
+		internal PgpPublicKeyEncryptedData(
+            PublicKeyEncSessionPacket	keyData,
+            InputStreamPacket			encData)
+            : base(encData)
+        {
+            this.keyData = keyData;
+        }
+
+		private static IBufferedCipher GetKeyCipher(
+            PublicKeyAlgorithmTag algorithm)
+        {
+            try
+            {
+                switch (algorithm)
+                {
+                    case PublicKeyAlgorithmTag.RsaEncrypt:
+                    case PublicKeyAlgorithmTag.RsaGeneral:
+                        return CipherUtilities.GetCipher("RSA//PKCS1Padding");
+                    case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                    case PublicKeyAlgorithmTag.ElGamalGeneral:
+                        return CipherUtilities.GetCipher("ElGamal/ECB/PKCS1Padding");
+                    default:
+                        throw new PgpException("unknown asymmetric algorithm: " + algorithm);
+                }
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception creating cipher", e);
+            }
+        }
+
+		private bool ConfirmCheckSum(
+            byte[] sessionInfo)
+        {
+            int check = 0;
+
+			for (int i = 1; i != sessionInfo.Length - 2; i++)
+            {
+                check += sessionInfo[i] & 0xff;
+            }
+
+			return (sessionInfo[sessionInfo.Length - 2] == (byte)(check >> 8))
+                && (sessionInfo[sessionInfo.Length - 1] == (byte)(check));
+        }
+
+		/// <summary>The key ID for the key used to encrypt the data.</summary>
+        public long KeyId
+        {
+			get { return keyData.KeyId; }
+        }
+
+		/// <summary>
+		/// Return the algorithm code for the symmetric algorithm used to encrypt the data.
+		/// </summary>
+		public SymmetricKeyAlgorithmTag GetSymmetricAlgorithm(
+			PgpPrivateKey privKey)
+		{
+			byte[] sessionData = RecoverSessionData(privKey);
+
+            return (SymmetricKeyAlgorithmTag)sessionData[0];
+		}
+
+        /// <summary>Return the decrypted data stream for the packet.</summary>
+        public Stream GetDataStream(
+            PgpPrivateKey privKey)
+        {
+			byte[] sessionData = RecoverSessionData(privKey);
+
+            if (!ConfirmCheckSum(sessionData))
+                throw new PgpKeyValidationException("key checksum failed");
+
+            SymmetricKeyAlgorithmTag symmAlg = (SymmetricKeyAlgorithmTag)sessionData[0];
+            if (symmAlg == SymmetricKeyAlgorithmTag.Null)
+                return encData.GetInputStream();
+
+            IBufferedCipher cipher;
+			string cipherName = PgpUtilities.GetSymmetricCipherName(symmAlg);
+			string cName = cipherName;
+
+            try
+            {
+                if (encData is SymmetricEncIntegrityPacket)
+                {
+					cName += "/CFB/NoPadding";
+                }
+                else
+                {
+					cName += "/OpenPGPCFB/NoPadding";
+                }
+
+                cipher = CipherUtilities.GetCipher(cName);
+			}
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("exception creating cipher", e);
+            }
+
+            try
+            {
+				KeyParameter key = ParameterUtilities.CreateKeyParameter(
+					cipherName, sessionData, 1, sessionData.Length - 3);
+
+                byte[] iv = new byte[cipher.GetBlockSize()];
+
+                cipher.Init(false, new ParametersWithIV(key, iv));
+
+                encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), cipher, null));
+
+				if (encData is SymmetricEncIntegrityPacket)
+                {
+                    truncStream = new TruncatedStream(encStream);
+
+					string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
+					IDigest digest = DigestUtilities.GetDigest(digestName);
+
+					encStream = new DigestStream(truncStream, digest, null);
+                }
+
+				if (Streams.ReadFully(encStream, iv, 0, iv.Length) < iv.Length)
+					throw new EndOfStreamException("unexpected end of stream.");
+
+				int v1 = encStream.ReadByte();
+                int v2 = encStream.ReadByte();
+
+				if (v1 < 0 || v2 < 0)
+                    throw new EndOfStreamException("unexpected end of stream.");
+
+				// Note: the oracle attack on the "quick check" bytes is deemed
+				// a security risk for typical public key encryption usages,
+				// therefore we do not perform the check.
+
+//				bool repeatCheckPassed =
+//					iv[iv.Length - 2] == (byte)v1
+//					&&	iv[iv.Length - 1] == (byte)v2;
+//
+//				// Note: some versions of PGP appear to produce 0 for the extra
+//				// bytes rather than repeating the two previous bytes
+//				bool zeroesCheckPassed =
+//					v1 == 0
+//					&&	v2 == 0;
+//
+//				if (!repeatCheckPassed && !zeroesCheckPassed)
+//				{
+//					throw new PgpDataValidationException("quick check failed.");
+//				}
+
+				return encStream;
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception starting decryption", e);
+            }
+		}
+
+        private byte[] RecoverSessionData(PgpPrivateKey privKey)
+		{
+            byte[][] secKeyData = keyData.GetEncSessionKey();
+
+            if (keyData.Algorithm == PublicKeyAlgorithmTag.ECDH)
+            {
+                ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)privKey.PublicKeyPacket.Key;
+                X9ECParameters x9Params = ECKeyPairGenerator.FindECCurveByOid(ecKey.CurveOid);
+
+                byte[] enc = secKeyData[0];
+
+                int pLen = ((((enc[0] & 0xff) << 8) + (enc[1] & 0xff)) + 7) / 8;
+                byte[] pEnc = new byte[pLen];
+
+                Array.Copy(enc, 2, pEnc, 0, pLen);
+
+                byte[] keyEnc = new byte[enc[pLen + 2]];
+
+                Array.Copy(enc, 2 + pLen + 1, keyEnc, 0, keyEnc.Length);
+
+                ECPoint publicPoint = x9Params.Curve.DecodePoint(pEnc);
+
+                ECPrivateKeyParameters privKeyParams = (ECPrivateKeyParameters)privKey.Key;
+                ECPoint S = publicPoint.Multiply(privKeyParams.D).Normalize();
+
+                KeyParameter key = new KeyParameter(Rfc6637Utilities.CreateKey(privKey.PublicKeyPacket, S));
+
+                IWrapper w = PgpUtilities.CreateWrapper(ecKey.SymmetricKeyAlgorithm);
+                w.Init(false, key);
+
+                return PgpPad.UnpadSessionData(w.Unwrap(keyEnc, 0, keyEnc.Length));
+            }
+
+            IBufferedCipher cipher = GetKeyCipher(keyData.Algorithm);
+
+            try
+			{
+                cipher.Init(false, privKey.Key);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new PgpException("error setting asymmetric cipher", e);
+			}
+
+            if (keyData.Algorithm == PublicKeyAlgorithmTag.RsaEncrypt
+				|| keyData.Algorithm == PublicKeyAlgorithmTag.RsaGeneral)
+			{
+                byte[] bi = secKeyData[0];
+
+                cipher.ProcessBytes(bi, 2, bi.Length - 2);
+			}
+			else
+			{
+				ElGamalPrivateKeyParameters k = (ElGamalPrivateKeyParameters)privKey.Key;
+				int size = (k.Parameters.P.BitLength + 7) / 8;
+
+                ProcessEncodedMpi(cipher, size, secKeyData[0]);
+                ProcessEncodedMpi(cipher, size, secKeyData[1]);
+			}
+
+            try
+			{
+                return cipher.DoFinal();
+			}
+			catch (Exception e)
+			{
+				throw new PgpException("exception decrypting secret key", e);
+			}
+		}
+
+        private static void ProcessEncodedMpi(IBufferedCipher cipher, int size, byte[] mpiEnc)
+        {
+            if (mpiEnc.Length - 2 > size)  // leading Zero? Shouldn't happen but...
+            {
+                cipher.ProcessBytes(mpiEnc, 3, mpiEnc.Length - 3);
+            }
+            else
+            {
+                byte[] tmp = new byte[size];
+                Array.Copy(mpiEnc, 2, tmp, tmp.Length - (mpiEnc.Length - 2), mpiEnc.Length - 2);
+                cipher.ProcessBytes(tmp, 0, tmp.Length);
+            }
+        }
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPublicKeyRing.cs b/bc-sharp-crypto/src/openpgp/PgpPublicKeyRing.cs
new file mode 100644
index 0000000..92464d6
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPublicKeyRing.cs
@@ -0,0 +1,200 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /// <remarks>
+    /// Class to hold a single master public key and its subkeys.
+    /// <p>
+    /// Often PGP keyring files consist of multiple master keys, if you are trying to process
+    /// or construct one of these you should use the <c>PgpPublicKeyRingBundle</c> class.
+    /// </p>
+    /// </remarks>
+    public class PgpPublicKeyRing
+        : PgpKeyRing
+    {
+        private readonly IList keys;
+
+        public PgpPublicKeyRing(
+            byte[] encoding)
+            : this(new MemoryStream(encoding, false))
+        {
+        }
+
+        internal PgpPublicKeyRing(
+            IList pubKeys)
+        {
+            this.keys = pubKeys;
+        }
+
+        public PgpPublicKeyRing(
+            Stream inputStream)
+        {
+            this.keys = Platform.CreateArrayList();
+
+            BcpgInputStream bcpgInput = BcpgInputStream.Wrap(inputStream);
+
+            PacketTag initialTag = bcpgInput.NextPacketTag();
+            if (initialTag != PacketTag.PublicKey && initialTag != PacketTag.PublicSubkey)
+            {
+                throw new IOException("public key ring doesn't start with public key tag: "
+                    + "tag 0x" + ((int)initialTag).ToString("X"));
+            }
+
+            PublicKeyPacket pubPk = (PublicKeyPacket) bcpgInput.ReadPacket();
+            TrustPacket trustPk = ReadOptionalTrustPacket(bcpgInput);
+
+            // direct signatures and revocations
+            IList keySigs = ReadSignaturesAndTrust(bcpgInput);
+
+            IList ids, idTrusts, idSigs;
+            ReadUserIDs(bcpgInput, out ids, out idTrusts, out idSigs);
+
+            keys.Add(new PgpPublicKey(pubPk, trustPk, keySigs, ids, idTrusts, idSigs));
+
+
+            // Read subkeys
+            while (bcpgInput.NextPacketTag() == PacketTag.PublicSubkey)
+            {
+                keys.Add(ReadSubkey(bcpgInput));
+            }
+        }
+
+        /// <summary>Return the first public key in the ring.</summary>
+        public virtual PgpPublicKey GetPublicKey()
+        {
+            return (PgpPublicKey) keys[0];
+        }
+
+        /// <summary>Return the public key referred to by the passed in key ID if it is present.</summary>
+        public virtual PgpPublicKey GetPublicKey(
+            long keyId)
+        {
+            foreach (PgpPublicKey k in keys)
+            {
+                if (keyId == k.KeyId)
+                {
+                    return k;
+                }
+            }
+
+            return null;
+        }
+
+        /// <summary>Allows enumeration of all the public keys.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpPublicKey</c> objects.</returns>
+        public virtual IEnumerable GetPublicKeys()
+        {
+            return new EnumerableProxy(keys);
+        }
+
+        public virtual byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+            Encode(bOut);
+
+            return bOut.ToArray();
+        }
+
+        public virtual void Encode(
+            Stream outStr)
+        {
+            if (outStr == null)
+                throw new ArgumentNullException("outStr");
+
+            foreach (PgpPublicKey k in keys)
+            {
+                k.Encode(outStr);
+            }
+        }
+
+        /// <summary>
+        /// Returns a new key ring with the public key passed in either added or
+        /// replacing an existing one.
+        /// </summary>
+        /// <param name="pubRing">The public key ring to be modified.</param>
+        /// <param name="pubKey">The public key to be inserted.</param>
+        /// <returns>A new <c>PgpPublicKeyRing</c></returns>
+        public static PgpPublicKeyRing InsertPublicKey(
+            PgpPublicKeyRing	pubRing,
+            PgpPublicKey		pubKey)
+        {
+            IList keys = Platform.CreateArrayList(pubRing.keys);
+            bool found = false;
+            bool masterFound = false;
+
+            for (int i = 0; i != keys.Count; i++)
+            {
+                PgpPublicKey key = (PgpPublicKey) keys[i];
+
+                if (key.KeyId == pubKey.KeyId)
+                {
+                    found = true;
+                    keys[i] = pubKey;
+                }
+                if (key.IsMasterKey)
+                {
+                    masterFound = true;
+                }
+            }
+
+            if (!found)
+            {
+                if (pubKey.IsMasterKey)
+                {
+                    if (masterFound)
+                        throw new ArgumentException("cannot add a master key to a ring that already has one");
+
+                    keys.Insert(0, pubKey);
+                }
+                else
+                {
+                    keys.Add(pubKey);
+                }
+            }
+
+            return new PgpPublicKeyRing(keys);
+        }
+
+        /// <summary>Returns a new key ring with the public key passed in removed from the key ring.</summary>
+        /// <param name="pubRing">The public key ring to be modified.</param>
+        /// <param name="pubKey">The public key to be removed.</param>
+        /// <returns>A new <c>PgpPublicKeyRing</c>, or null if pubKey is not found.</returns>
+        public static PgpPublicKeyRing RemovePublicKey(
+            PgpPublicKeyRing	pubRing,
+            PgpPublicKey		pubKey)
+        {
+            IList keys = Platform.CreateArrayList(pubRing.keys);
+            bool found = false;
+
+            for (int i = 0; i < keys.Count; i++)
+            {
+                PgpPublicKey key = (PgpPublicKey) keys[i];
+
+                if (key.KeyId == pubKey.KeyId)
+                {
+                    found = true;
+                    keys.RemoveAt(i);
+                }
+            }
+
+            return found ? new PgpPublicKeyRing(keys) : null;
+        }
+
+        internal static PgpPublicKey ReadSubkey(BcpgInputStream bcpgInput)
+        {
+            PublicKeyPacket	pk = (PublicKeyPacket) bcpgInput.ReadPacket();
+            TrustPacket kTrust = ReadOptionalTrustPacket(bcpgInput);
+
+            // PGP 8 actually leaves out the signature.
+            IList sigList = ReadSignaturesAndTrust(bcpgInput);
+
+            return new PgpPublicKey(pk, kTrust, sigList);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpPublicKeyRingBundle.cs b/bc-sharp-crypto/src/openpgp/PgpPublicKeyRingBundle.cs
new file mode 100644
index 0000000..91113e9
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpPublicKeyRingBundle.cs
@@ -0,0 +1,279 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// Often a PGP key ring file is made up of a succession of master/sub-key key rings.
+	/// If you want to read an entire public key file in one hit this is the class for you.
+	/// </remarks>
+    public class PgpPublicKeyRingBundle
+    {
+        private readonly IDictionary pubRings;
+        private readonly IList order;
+
+		private PgpPublicKeyRingBundle(
+            IDictionary	pubRings,
+            IList       order)
+        {
+            this.pubRings = pubRings;
+            this.order = order;
+        }
+
+		public PgpPublicKeyRingBundle(
+            byte[] encoding)
+            : this(new MemoryStream(encoding, false))
+        {
+        }
+
+		/// <summary>Build a PgpPublicKeyRingBundle from the passed in input stream.</summary>
+		/// <param name="inputStream">Input stream containing data.</param>
+		/// <exception cref="IOException">If a problem parsing the stream occurs.</exception>
+		/// <exception cref="PgpException">If an object is encountered which isn't a PgpPublicKeyRing.</exception>
+		public PgpPublicKeyRingBundle(
+            Stream inputStream)
+			: this(new PgpObjectFactory(inputStream).AllPgpObjects())
+		{
+        }
+
+		public PgpPublicKeyRingBundle(
+            IEnumerable e)
+        {
+			this.pubRings = Platform.CreateHashtable();
+			this.order = Platform.CreateArrayList();
+
+			foreach (object obj in e)
+            {
+				PgpPublicKeyRing pgpPub = obj as PgpPublicKeyRing;
+
+				if (pgpPub == null)
+				{
+					throw new PgpException(Platform.GetTypeName(obj) + " found where PgpPublicKeyRing expected");
+				}
+
+				long key = pgpPub.GetPublicKey().KeyId;
+                pubRings.Add(key, pgpPub);
+				order.Add(key);
+            }
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+		{
+			get { return order.Count; }
+		}
+
+		/// <summary>Return the number of key rings in this collection.</summary>
+        public int Count
+        {
+			get { return order.Count; }
+        }
+
+		/// <summary>Allow enumeration of the public key rings making up this collection.</summary>
+        public IEnumerable GetKeyRings()
+        {
+			return new EnumerableProxy(pubRings.Values);
+        }
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+		public IEnumerable GetKeyRings(
+			string userId)
+		{
+			return GetKeyRings(userId, false, false);
+		}
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <param name="matchPartial">If true, userId need only be a substring of an actual ID string to match.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+        public IEnumerable GetKeyRings(
+            string	userId,
+            bool	matchPartial)
+        {
+			return GetKeyRings(userId, matchPartial, false);
+        }
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <param name="matchPartial">If true, userId need only be a substring of an actual ID string to match.</param>
+		/// <param name="ignoreCase">If true, case is ignored in user ID comparisons.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+		public IEnumerable GetKeyRings(
+			string	userId,
+			bool	matchPartial,
+			bool	ignoreCase)
+		{
+			IList rings = Platform.CreateArrayList();
+
+			if (ignoreCase)
+			{
+                userId = Platform.ToUpperInvariant(userId);
+			}
+
+			foreach (PgpPublicKeyRing pubRing in GetKeyRings())
+			{
+				foreach (string nextUserID in pubRing.GetPublicKey().GetUserIds())
+				{
+					string next = nextUserID;
+					if (ignoreCase)
+					{
+                        next = Platform.ToUpperInvariant(next);
+                    }
+
+					if (matchPartial)
+					{
+                        if (Platform.IndexOf(next, userId) > -1)
+						{
+							rings.Add(pubRing);
+						}
+					}
+					else
+					{
+						if (next.Equals(userId))
+						{
+							rings.Add(pubRing);
+						}
+					}
+				}
+			}
+
+			return new EnumerableProxy(rings);
+		}
+
+		/// <summary>Return the PGP public key associated with the given key id.</summary>
+		/// <param name="keyId">The ID of the public key to return.</param>
+        public PgpPublicKey GetPublicKey(
+            long keyId)
+        {
+            foreach (PgpPublicKeyRing pubRing in GetKeyRings())
+            {
+                PgpPublicKey pub = pubRing.GetPublicKey(keyId);
+
+				if (pub != null)
+                {
+                    return pub;
+                }
+            }
+
+			return null;
+        }
+
+		/// <summary>Return the public key ring which contains the key referred to by keyId</summary>
+		/// <param name="keyId">key ID to match against</param>
+        public PgpPublicKeyRing GetPublicKeyRing(
+            long keyId)
+        {
+            if (pubRings.Contains(keyId))
+            {
+                return (PgpPublicKeyRing)pubRings[keyId];
+            }
+
+			foreach (PgpPublicKeyRing pubRing in GetKeyRings())
+            {
+                PgpPublicKey pub = pubRing.GetPublicKey(keyId);
+
+                if (pub != null)
+                {
+                    return pubRing;
+                }
+            }
+
+			return null;
+        }
+
+		/// <summary>
+		/// Return true if a key matching the passed in key ID is present, false otherwise.
+		/// </summary>
+		/// <param name="keyID">key ID to look for.</param>
+		public bool Contains(
+			long keyID)
+		{
+			return GetPublicKey(keyID) != null;
+		}
+
+		public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+			Encode(bOut);
+
+			return bOut.ToArray();
+        }
+
+		public void Encode(
+            Stream outStr)
+        {
+			BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
+
+			foreach (long key in order)
+            {
+                PgpPublicKeyRing sec = (PgpPublicKeyRing) pubRings[key];
+
+				sec.Encode(bcpgOut);
+            }
+        }
+
+		/// <summary>
+		/// Return a new bundle containing the contents of the passed in bundle and
+		/// the passed in public key ring.
+		/// </summary>
+		/// <param name="bundle">The <c>PgpPublicKeyRingBundle</c> the key ring is to be added to.</param>
+		/// <param name="publicKeyRing">The key ring to be added.</param>
+		/// <returns>A new <c>PgpPublicKeyRingBundle</c> merging the current one with the passed in key ring.</returns>
+		/// <exception cref="ArgumentException">If the keyId for the passed in key ring is already present.</exception>
+        public static PgpPublicKeyRingBundle AddPublicKeyRing(
+            PgpPublicKeyRingBundle  bundle,
+            PgpPublicKeyRing        publicKeyRing)
+        {
+            long key = publicKeyRing.GetPublicKey().KeyId;
+
+			if (bundle.pubRings.Contains(key))
+            {
+                throw new ArgumentException("Bundle already contains a key with a keyId for the passed in ring.");
+            }
+
+			IDictionary newPubRings = Platform.CreateHashtable(bundle.pubRings);
+            IList newOrder = Platform.CreateArrayList(bundle.order);
+
+			newPubRings[key] = publicKeyRing;
+
+			newOrder.Add(key);
+
+			return new PgpPublicKeyRingBundle(newPubRings, newOrder);
+        }
+
+		/// <summary>
+		/// Return a new bundle containing the contents of the passed in bundle with
+		/// the passed in public key ring removed.
+		/// </summary>
+		/// <param name="bundle">The <c>PgpPublicKeyRingBundle</c> the key ring is to be removed from.</param>
+		/// <param name="publicKeyRing">The key ring to be removed.</param>
+		/// <returns>A new <c>PgpPublicKeyRingBundle</c> not containing the passed in key ring.</returns>
+		/// <exception cref="ArgumentException">If the keyId for the passed in key ring is not present.</exception>
+        public static PgpPublicKeyRingBundle RemovePublicKeyRing(
+            PgpPublicKeyRingBundle	bundle,
+            PgpPublicKeyRing		publicKeyRing)
+        {
+            long key = publicKeyRing.GetPublicKey().KeyId;
+
+			if (!bundle.pubRings.Contains(key))
+            {
+                throw new ArgumentException("Bundle does not contain a key with a keyId for the passed in ring.");
+            }
+
+			IDictionary newPubRings = Platform.CreateHashtable(bundle.pubRings);
+            IList newOrder = Platform.CreateArrayList(bundle.order);
+
+			newPubRings.Remove(key);
+			newOrder.Remove(key);
+
+			return new PgpPublicKeyRingBundle(newPubRings, newOrder);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSecretKey.cs b/bc-sharp-crypto/src/openpgp/PgpSecretKey.cs
new file mode 100644
index 0000000..b398607
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSecretKey.cs
@@ -0,0 +1,1295 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /// <remarks>General class to handle a PGP secret key object.</remarks>
+    public class PgpSecretKey
+    {
+        private readonly SecretKeyPacket	secret;
+        private readonly PgpPublicKey		pub;
+
+        internal PgpSecretKey(
+            SecretKeyPacket	secret,
+            PgpPublicKey	pub)
+        {
+            this.secret = secret;
+            this.pub = pub;
+        }
+
+        internal PgpSecretKey(
+            PgpPrivateKey				privKey,
+            PgpPublicKey				pubKey,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            byte[]						rawPassPhrase,
+            bool                        clearPassPhrase,
+            bool						useSha1,
+            SecureRandom				rand,
+            bool						isMasterKey)
+        {
+            BcpgObject secKey;
+
+            this.pub = pubKey;
+
+            switch (pubKey.Algorithm)
+            {
+                case PublicKeyAlgorithmTag.RsaEncrypt:
+                case PublicKeyAlgorithmTag.RsaSign:
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                    RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters) privKey.Key;
+                    secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q);
+                    break;
+                case PublicKeyAlgorithmTag.Dsa:
+                    DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters) privKey.Key;
+                    secKey = new DsaSecretBcpgKey(dsK.X);
+                    break;
+                case PublicKeyAlgorithmTag.ECDH:
+                case PublicKeyAlgorithmTag.ECDsa:
+                    ECPrivateKeyParameters ecK = (ECPrivateKeyParameters)privKey.Key;
+                    secKey = new ECSecretBcpgKey(ecK.D);
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters) privKey.Key;
+                    secKey = new ElGamalSecretBcpgKey(esK.X);
+                    break;
+                default:
+                    throw new PgpException("unknown key class");
+            }
+
+            try
+            {
+                MemoryStream bOut = new MemoryStream();
+                BcpgOutputStream pOut = new BcpgOutputStream(bOut);
+
+                pOut.WriteObject(secKey);
+
+                byte[] keyData = bOut.ToArray();
+                byte[] checksumData = Checksum(useSha1, keyData, keyData.Length);
+
+                keyData = Arrays.Concatenate(keyData, checksumData);
+
+                if (encAlgorithm == SymmetricKeyAlgorithmTag.Null)
+                {
+                    if (isMasterKey)
+                    {
+                        this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, null, null, keyData);
+                    }
+                    else
+                    {
+                        this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, null, null, keyData);
+                    }
+                }
+                else
+                {
+                    S2k s2k;
+                    byte[] iv;
+
+                    byte[] encData;
+                    if (pub.Version >= 4)
+                    {
+                        encData = EncryptKeyDataV4(keyData, encAlgorithm, HashAlgorithmTag.Sha1, rawPassPhrase, clearPassPhrase, rand, out s2k, out iv);
+                    }
+                    else
+                    {
+                        encData = EncryptKeyDataV3(keyData, encAlgorithm, rawPassPhrase, clearPassPhrase, rand, out s2k, out iv);
+                    }
+
+                    int s2kUsage = useSha1
+                        ?	SecretKeyPacket.UsageSha1
+                        :	SecretKeyPacket.UsageChecksum;
+
+                    if (isMasterKey)
+                    {
+                        this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
+                    }
+                    else
+                    {
+                        this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
+                    }
+                }
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception encrypting key", e);
+            }
+        }
+
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        [Obsolete("Use the constructor taking an explicit 'useSha1' parameter instead")]
+        public PgpSecretKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            char[]						passPhrase,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public PgpSecretKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            char[]						passPhrase,
+            bool						useSha1,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <remarks>
+        /// If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
+        /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public PgpSecretKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            bool                        utf8PassPhrase,
+            char[]						passPhrase,
+            bool						useSha1,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm,
+                PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), true,
+                useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public PgpSecretKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            byte[]						rawPassPhrase,
+            bool						useSha1,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        internal PgpSecretKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            byte[]						rawPassPhrase,
+            bool                        clearPassPhrase,
+            bool						useSha1,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets),
+                encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, true)
+        {
+        }
+
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public PgpSecretKey(
+            int                         certificationLevel,
+            PgpKeyPair                  keyPair,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            char[]                      passPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <remarks>
+        /// If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
+        /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public PgpSecretKey(
+            int                         certificationLevel,
+            PgpKeyPair                  keyPair,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            bool                        utf8PassPhrase,
+            char[]                      passPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm,
+                PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), true,
+                useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public PgpSecretKey(
+            int                         certificationLevel,
+            PgpKeyPair                  keyPair,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            byte[]                      rawPassPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        internal PgpSecretKey(
+            int                         certificationLevel,
+            PgpKeyPair                  keyPair,
+            string                      id,
+            SymmetricKeyAlgorithmTag    encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            byte[]                      rawPassPhrase,
+            bool                        clearPassPhrase,
+            bool                        useSha1,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            SecureRandom                rand)
+            : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets, hashAlgorithm),
+                encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, true)
+        {
+        }
+
+        private static PgpPublicKey CertifiedPublicKey(
+            int							certificationLevel,
+            PgpKeyPair					keyPair,
+            string						id,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets)
+        {
+            PgpSignatureGenerator sGen;
+            try
+            {
+                sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Creating signature generator: " + e.Message, e);
+            }
+
+            //
+            // Generate the certification
+            //
+            sGen.InitSign(certificationLevel, keyPair.PrivateKey);
+
+            sGen.SetHashedSubpackets(hashedPackets);
+            sGen.SetUnhashedSubpackets(unhashedPackets);
+
+            try
+            {
+                PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey);
+                return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception doing certification: " + e.Message, e);
+            }
+        }
+
+
+        private static PgpPublicKey CertifiedPublicKey(
+            int certificationLevel,
+            PgpKeyPair keyPair,
+            string id,
+            PgpSignatureSubpacketVector hashedPackets,
+            PgpSignatureSubpacketVector unhashedPackets,
+            HashAlgorithmTag hashAlgorithm)
+        {
+            PgpSignatureGenerator sGen;
+            try
+            {
+                sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, hashAlgorithm);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Creating signature generator: " + e.Message, e);
+            }
+
+            //
+            // Generate the certification
+            //
+            sGen.InitSign(certificationLevel, keyPair.PrivateKey);
+
+            sGen.SetHashedSubpackets(hashedPackets);
+            sGen.SetUnhashedSubpackets(unhashedPackets);
+
+            try
+            {
+                PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey);
+                return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception doing certification: " + e.Message, e);
+            }
+        }
+
+        public PgpSecretKey(
+            int							certificationLevel,
+            PublicKeyAlgorithmTag		algorithm,
+            AsymmetricKeyParameter		pubKey,
+            AsymmetricKeyParameter		privKey,
+            DateTime					time,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            char[]						passPhrase,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel,
+                new PgpKeyPair(algorithm, pubKey, privKey, time),
+                id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        public PgpSecretKey(
+            int							certificationLevel,
+            PublicKeyAlgorithmTag		algorithm,
+            AsymmetricKeyParameter		pubKey,
+            AsymmetricKeyParameter		privKey,
+            DateTime					time,
+            string						id,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            char[]						passPhrase,
+            bool						useSha1,
+            PgpSignatureSubpacketVector	hashedPackets,
+            PgpSignatureSubpacketVector	unhashedPackets,
+            SecureRandom				rand)
+            : this(certificationLevel, new PgpKeyPair(algorithm, pubKey, privKey, time), id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+        {
+        }
+
+        /// <summary>
+        /// Check if this key has an algorithm type that makes it suitable to use for signing.
+        /// </summary>
+        /// <remarks>
+        /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for
+        /// determining the preferred use of the key.
+        /// </remarks>
+        /// <returns>
+        /// <c>true</c> if this key algorithm is suitable for use with signing.
+        /// </returns>
+        public bool IsSigningKey
+        {
+            get
+            {
+                switch (pub.Algorithm)
+                {
+                    case PublicKeyAlgorithmTag.RsaGeneral:
+                    case PublicKeyAlgorithmTag.RsaSign:
+                    case PublicKeyAlgorithmTag.Dsa:
+                    case PublicKeyAlgorithmTag.ECDsa:
+                    case PublicKeyAlgorithmTag.ElGamalGeneral:
+                        return true;
+                    default:
+                        return false;
+                }
+            }
+        }
+
+        /// <summary>True, if this is a master key.</summary>
+        public bool IsMasterKey
+        {
+            get { return pub.IsMasterKey; }
+        }
+
+        /// <summary>Detect if the Secret Key's Private Key is empty or not</summary>
+        public bool IsPrivateKeyEmpty
+        {
+            get
+            {
+                byte[] secKeyData = secret.GetSecretKeyData();
+
+                return secKeyData == null || secKeyData.Length < 1;
+            }
+        }
+
+        /// <summary>The algorithm the key is encrypted with.</summary>
+        public SymmetricKeyAlgorithmTag KeyEncryptionAlgorithm
+        {
+            get { return secret.EncAlgorithm; }
+        }
+
+        /// <summary>The key ID of the public key associated with this key.</summary>
+        public long KeyId
+        {
+            get { return pub.KeyId; }
+        }
+
+        /// <summary>Return the S2K usage associated with this key.</summary>
+        public int S2kUsage
+        {
+            get { return secret.S2kUsage; }
+        }
+
+        /// <summary>Return the S2K used to process this key.</summary>
+        public S2k S2k
+        {
+            get { return secret.S2k; }
+        }
+
+        /// <summary>The public key associated with this key.</summary>
+        public PgpPublicKey PublicKey
+        {
+            get { return pub; }
+        }
+
+        /// <summary>Allows enumeration of any user IDs associated with the key.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
+        public IEnumerable UserIds
+        {
+            get { return pub.GetUserIds(); }
+        }
+
+        /// <summary>Allows enumeration of any user attribute vectors associated with the key.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
+        public IEnumerable UserAttributes
+        {
+            get { return pub.GetUserAttributes(); }
+        }
+
+        private byte[] ExtractKeyData(byte[] rawPassPhrase, bool clearPassPhrase)
+        {
+            SymmetricKeyAlgorithmTag encAlgorithm = secret.EncAlgorithm;
+            byte[] encData = secret.GetSecretKeyData();
+
+            if (encAlgorithm == SymmetricKeyAlgorithmTag.Null)
+                // TODO Check checksum here?
+                return encData;
+
+            // TODO Factor this block out as 'decryptData'
+            try
+            {
+                KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(secret.EncAlgorithm, secret.S2k, rawPassPhrase, clearPassPhrase);
+                byte[] iv = secret.GetIV();
+                byte[] data;
+
+                if (secret.PublicKeyPacket.Version >= 4)
+                {
+                    data = RecoverKeyData(encAlgorithm, "/CFB/NoPadding", key, iv, encData, 0, encData.Length);
+
+                    bool useSha1 = secret.S2kUsage == SecretKeyPacket.UsageSha1;
+                    byte[] check = Checksum(useSha1, data, (useSha1) ? data.Length - 20 : data.Length - 2);
+
+                    for (int i = 0; i != check.Length; i++)
+                    {
+                        if (check[i] != data[data.Length - check.Length + i])
+                        {
+                            throw new PgpException("Checksum mismatch at " + i + " of " + check.Length);
+                        }
+                    }
+                }
+                else // version 2 or 3, RSA only.
+                {
+                    data = new byte[encData.Length];
+
+                    iv = Arrays.Clone(iv);
+
+                    //
+                    // read in the four numbers
+                    //
+                    int pos = 0;
+
+                    for (int i = 0; i != 4; i++)
+                    {
+                        int encLen = (((encData[pos] << 8) | (encData[pos + 1] & 0xff)) + 7) / 8;
+
+                        data[pos] = encData[pos];
+                        data[pos + 1] = encData[pos + 1];
+                        pos += 2;
+
+                        byte[] tmp = RecoverKeyData(encAlgorithm, "/CFB/NoPadding", key, iv, encData, pos, encLen);
+                        Array.Copy(tmp, 0, data, pos, encLen);
+                        pos += encLen;
+
+                        if (i != 3)
+                        {
+                            Array.Copy(encData, pos - iv.Length, iv, 0, iv.Length);
+                        }
+                    }
+
+                    //
+                    // verify and copy checksum
+                    //
+
+                    data[pos] = encData[pos];
+                    data[pos + 1] = encData[pos + 1];
+
+                    int cs = ((encData[pos] << 8) & 0xff00) | (encData[pos + 1] & 0xff);
+                    int calcCs = 0;
+                    for (int j = 0; j < pos; j++)
+                    {
+                        calcCs += data[j] & 0xff;
+                    }
+
+                    calcCs &= 0xffff;
+                    if (calcCs != cs)
+                    {
+                        throw new PgpException("Checksum mismatch: passphrase wrong, expected "
+                            + cs.ToString("X")
+                            + " found " + calcCs.ToString("X"));
+                    }
+                }
+
+                return data;
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception decrypting key", e);
+            }
+        }
+
+        private static byte[] RecoverKeyData(SymmetricKeyAlgorithmTag encAlgorithm, string modeAndPadding,
+            KeyParameter key, byte[] iv, byte[] keyData, int keyOff, int keyLen)
+        {
+            IBufferedCipher c;
+            try
+            {
+                string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm);
+                c = CipherUtilities.GetCipher(cName + modeAndPadding);
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception creating cipher", e);
+            }
+
+            c.Init(false, new ParametersWithIV(key, iv));
+
+            return c.DoFinal(keyData, keyOff, keyLen);
+        }
+
+        /// <summary>Extract a <c>PgpPrivateKey</c> from this secret key's encrypted contents.</summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public PgpPrivateKey ExtractPrivateKey(char[] passPhrase)
+        {
+            return DoExtractPrivateKey(PgpUtilities.EncodePassPhrase(passPhrase, false), true);
+        }
+
+        /// <summary>Extract a <c>PgpPrivateKey</c> from this secret key's encrypted contents.</summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public PgpPrivateKey ExtractPrivateKeyUtf8(char[] passPhrase)
+        {
+            return DoExtractPrivateKey(PgpUtilities.EncodePassPhrase(passPhrase, true), true);
+        }
+
+        /// <summary>Extract a <c>PgpPrivateKey</c> from this secret key's encrypted contents.</summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public PgpPrivateKey ExtractPrivateKeyRaw(byte[] rawPassPhrase)
+        {
+            return DoExtractPrivateKey(rawPassPhrase, false);
+        }
+
+        internal PgpPrivateKey DoExtractPrivateKey(byte[] rawPassPhrase, bool clearPassPhrase)
+        {
+            if (IsPrivateKeyEmpty)
+                return null;
+
+            PublicKeyPacket pubPk = secret.PublicKeyPacket;
+            try
+            {
+                byte[] data = ExtractKeyData(rawPassPhrase, clearPassPhrase);
+                BcpgInputStream bcpgIn = BcpgInputStream.Wrap(new MemoryStream(data, false));
+                AsymmetricKeyParameter privateKey;
+                switch (pubPk.Algorithm)
+                {
+                case PublicKeyAlgorithmTag.RsaEncrypt:
+                case PublicKeyAlgorithmTag.RsaGeneral:
+                case PublicKeyAlgorithmTag.RsaSign:
+                    RsaPublicBcpgKey rsaPub = (RsaPublicBcpgKey)pubPk.Key;
+                    RsaSecretBcpgKey rsaPriv = new RsaSecretBcpgKey(bcpgIn);
+                    RsaPrivateCrtKeyParameters rsaPrivSpec = new RsaPrivateCrtKeyParameters(
+                        rsaPriv.Modulus,
+                        rsaPub.PublicExponent,
+                        rsaPriv.PrivateExponent,
+                        rsaPriv.PrimeP,
+                        rsaPriv.PrimeQ,
+                        rsaPriv.PrimeExponentP,
+                        rsaPriv.PrimeExponentQ,
+                        rsaPriv.CrtCoefficient);
+                    privateKey = rsaPrivSpec;
+                    break;
+                case PublicKeyAlgorithmTag.Dsa:
+                    DsaPublicBcpgKey dsaPub = (DsaPublicBcpgKey)pubPk.Key;
+                    DsaSecretBcpgKey dsaPriv = new DsaSecretBcpgKey(bcpgIn);
+                    DsaParameters dsaParams = new DsaParameters(dsaPub.P, dsaPub.Q, dsaPub.G);
+                    privateKey = new DsaPrivateKeyParameters(dsaPriv.X, dsaParams);
+                    break;
+                case PublicKeyAlgorithmTag.ECDH:
+                    privateKey = GetECKey("ECDH", bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.ECDsa:
+                    privateKey = GetECKey("ECDSA", bcpgIn);
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt:
+                case PublicKeyAlgorithmTag.ElGamalGeneral:
+                    ElGamalPublicBcpgKey elPub = (ElGamalPublicBcpgKey)pubPk.Key;
+                    ElGamalSecretBcpgKey elPriv = new ElGamalSecretBcpgKey(bcpgIn);
+                    ElGamalParameters elParams = new ElGamalParameters(elPub.P, elPub.G);
+                    privateKey = new ElGamalPrivateKeyParameters(elPriv.X, elParams);
+                    break;
+                default:
+                    throw new PgpException("unknown public key algorithm encountered");
+                }
+
+                return new PgpPrivateKey(KeyId, pubPk, privateKey);
+            }
+            catch (PgpException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception constructing key", e);
+            }
+        }
+
+        private ECPrivateKeyParameters GetECKey(string algorithm, BcpgInputStream bcpgIn)
+        {
+            ECPublicBcpgKey ecdsaPub = (ECPublicBcpgKey)secret.PublicKeyPacket.Key;
+            ECSecretBcpgKey ecdsaPriv = new ECSecretBcpgKey(bcpgIn);
+            return new ECPrivateKeyParameters(algorithm, ecdsaPriv.X, ecdsaPub.CurveOid);
+        }
+
+        private static byte[] Checksum(
+            bool	useSha1,
+            byte[]	bytes,
+            int		length)
+        {
+            if (useSha1)
+            {
+                try
+                {
+                    IDigest dig = DigestUtilities.GetDigest("SHA1");
+                    dig.BlockUpdate(bytes, 0, length);
+                    return DigestUtilities.DoFinal(dig);
+                }
+                //catch (NoSuchAlgorithmException e)
+                catch (Exception e)
+                {
+                    throw new PgpException("Can't find SHA-1", e);
+                }
+            }
+            else
+            {
+                int Checksum = 0;
+                for (int i = 0; i != length; i++)
+                {
+                    Checksum += bytes[i];
+                }
+
+                return new byte[] { (byte)(Checksum >> 8), (byte)Checksum };
+            }
+        }
+
+        public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+            Encode(bOut);
+            return bOut.ToArray();
+        }
+
+        public void Encode(
+            Stream outStr)
+        {
+            BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
+
+            bcpgOut.WritePacket(secret);
+            if (pub.trustPk != null)
+            {
+                bcpgOut.WritePacket(pub.trustPk);
+            }
+
+            if (pub.subSigs == null) // is not a sub key
+            {
+                foreach (PgpSignature keySig in pub.keySigs)
+                {
+                    keySig.Encode(bcpgOut);
+                }
+
+                for (int i = 0; i != pub.ids.Count; i++)
+                {
+                    object pubID = pub.ids[i];
+                    if (pubID is string)
+                    {
+                        string id = (string) pubID;
+                        bcpgOut.WritePacket(new UserIdPacket(id));
+                    }
+                    else
+                    {
+                        PgpUserAttributeSubpacketVector v = (PgpUserAttributeSubpacketVector) pubID;
+                        bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray()));
+                    }
+
+                    if (pub.idTrusts[i] != null)
+                    {
+                        bcpgOut.WritePacket((ContainedPacket)pub.idTrusts[i]);
+                    }
+
+                    foreach (PgpSignature sig in (IList) pub.idSigs[i])
+                    {
+                        sig.Encode(bcpgOut);
+                    }
+                }
+            }
+            else
+            {
+                foreach (PgpSignature subSig in pub.subSigs)
+                {
+                    subSig.Encode(bcpgOut);
+                }
+            }
+
+            // TODO Check that this is right/necessary
+            //bcpgOut.Finish();
+        }
+
+        /// <summary>
+        /// Return a copy of the passed in secret key, encrypted using a new password
+        /// and the passed in algorithm.
+        /// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        /// <param name="key">The PgpSecretKey to be copied.</param>
+        /// <param name="oldPassPhrase">The current password for the key.</param>
+        /// <param name="newPassPhrase">The new password for the key.</param>
+        /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
+        /// <param name="rand">Source of randomness.</param>
+        public static PgpSecretKey CopyWithNewPassword(
+            PgpSecretKey				key,
+            char[]						oldPassPhrase,
+            char[]						newPassPhrase,
+            SymmetricKeyAlgorithmTag	newEncAlgorithm,
+            SecureRandom				rand)
+        {
+            return DoCopyWithNewPassword(key, PgpUtilities.EncodePassPhrase(oldPassPhrase, false),
+                PgpUtilities.EncodePassPhrase(newPassPhrase, false), true, newEncAlgorithm, rand);
+        }
+
+        /// <summary>
+        /// Return a copy of the passed in secret key, encrypted using a new password
+        /// and the passed in algorithm.
+        /// </summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        /// <param name="key">The PgpSecretKey to be copied.</param>
+        /// <param name="oldPassPhrase">The current password for the key.</param>
+        /// <param name="newPassPhrase">The new password for the key.</param>
+        /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
+        /// <param name="rand">Source of randomness.</param>
+        public static PgpSecretKey CopyWithNewPasswordUtf8(
+            PgpSecretKey				key,
+            char[]						oldPassPhrase,
+            char[]						newPassPhrase,
+            SymmetricKeyAlgorithmTag	newEncAlgorithm,
+            SecureRandom				rand)
+        {
+            return DoCopyWithNewPassword(key, PgpUtilities.EncodePassPhrase(oldPassPhrase, true),
+                PgpUtilities.EncodePassPhrase(newPassPhrase, true), true, newEncAlgorithm, rand);
+        }
+
+        /// <summary>
+        /// Return a copy of the passed in secret key, encrypted using a new password
+        /// and the passed in algorithm.
+        /// </summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        /// <param name="key">The PgpSecretKey to be copied.</param>
+        /// <param name="rawOldPassPhrase">The current password for the key.</param>
+        /// <param name="rawNewPassPhrase">The new password for the key.</param>
+        /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
+        /// <param name="rand">Source of randomness.</param>
+        public static PgpSecretKey CopyWithNewPasswordRaw(
+            PgpSecretKey				key,
+            byte[]						rawOldPassPhrase,
+            byte[]						rawNewPassPhrase,
+            SymmetricKeyAlgorithmTag	newEncAlgorithm,
+            SecureRandom				rand)
+        {
+            return DoCopyWithNewPassword(key, rawOldPassPhrase, rawNewPassPhrase, false, newEncAlgorithm, rand);
+        }
+
+        internal static PgpSecretKey DoCopyWithNewPassword(
+            PgpSecretKey				key,
+            byte[]						rawOldPassPhrase,
+            byte[]						rawNewPassPhrase,
+            bool                        clearPassPhrase,
+            SymmetricKeyAlgorithmTag	newEncAlgorithm,
+            SecureRandom				rand)
+        {
+            if (key.IsPrivateKeyEmpty)
+                throw new PgpException("no private key in this SecretKey - public key present only.");
+
+            byte[]	rawKeyData = key.ExtractKeyData(rawOldPassPhrase, clearPassPhrase);
+            int		s2kUsage = key.secret.S2kUsage;
+            byte[]	iv = null;
+            S2k		s2k = null;
+            byte[]	keyData;
+            PublicKeyPacket pubKeyPacket = key.secret.PublicKeyPacket;
+
+            if (newEncAlgorithm == SymmetricKeyAlgorithmTag.Null)
+            {
+                s2kUsage = SecretKeyPacket.UsageNone;
+                if (key.secret.S2kUsage == SecretKeyPacket.UsageSha1)   // SHA-1 hash, need to rewrite Checksum
+                {
+                    keyData = new byte[rawKeyData.Length - 18];
+
+                    Array.Copy(rawKeyData, 0, keyData, 0, keyData.Length - 2);
+
+                    byte[] check = Checksum(false, keyData, keyData.Length - 2);
+
+                    keyData[keyData.Length - 2] = check[0];
+                    keyData[keyData.Length - 1] = check[1];
+                }
+                else
+                {
+                    keyData = rawKeyData;
+                }
+            }
+            else
+            {
+                if (s2kUsage == SecretKeyPacket.UsageNone)
+                {
+                    s2kUsage = SecretKeyPacket.UsageChecksum;
+                }
+
+                try
+                {
+                    if (pubKeyPacket.Version >= 4)
+                    {
+                        keyData = EncryptKeyDataV4(rawKeyData, newEncAlgorithm, HashAlgorithmTag.Sha1, rawNewPassPhrase, clearPassPhrase, rand, out s2k, out iv);
+                    }
+                    else
+                    {
+                        keyData = EncryptKeyDataV3(rawKeyData, newEncAlgorithm, rawNewPassPhrase, clearPassPhrase, rand, out s2k, out iv);
+                    }
+                }
+                catch (PgpException e)
+                {
+                    throw e;
+                }
+                catch (Exception e)
+                {
+                    throw new PgpException("Exception encrypting key", e);
+                }
+            }
+
+            SecretKeyPacket secret;
+            if (key.secret is SecretSubkeyPacket)
+            {
+                secret = new SecretSubkeyPacket(pubKeyPacket, newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+            }
+            else
+            {
+                secret = new SecretKeyPacket(pubKeyPacket, newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+            }
+
+            return new PgpSecretKey(secret, key.pub);
+        }
+
+        /// <summary>Replace the passed the public key on the passed in secret key.</summary>
+        /// <param name="secretKey">Secret key to change.</param>
+        /// <param name="publicKey">New public key.</param>
+        /// <returns>A new secret key.</returns>
+        /// <exception cref="ArgumentException">If KeyId's do not match.</exception>
+        public static PgpSecretKey ReplacePublicKey(
+            PgpSecretKey	secretKey,
+            PgpPublicKey	publicKey)
+        {
+            if (publicKey.KeyId != secretKey.KeyId)
+                throw new ArgumentException("KeyId's do not match");
+
+            return new PgpSecretKey(secretKey.secret, publicKey);
+        }
+
+        private static byte[] EncryptKeyDataV3(
+            byte[]						rawKeyData,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            byte[]						rawPassPhrase,
+            bool                        clearPassPhrase,
+            SecureRandom				random,
+            out S2k						s2k,
+            out byte[]					iv)
+        {
+            // Version 2 or 3 - RSA Keys only
+
+            s2k = null;
+            iv = null;
+
+            KeyParameter encKey = PgpUtilities.DoMakeKeyFromPassPhrase(encAlgorithm, s2k, rawPassPhrase, clearPassPhrase);
+
+            byte[] keyData = new byte[rawKeyData.Length];
+
+            //
+            // process 4 numbers
+            //
+            int pos = 0;
+            for (int i = 0; i != 4; i++)
+            {
+                int encLen = (((rawKeyData[pos] << 8) | (rawKeyData[pos + 1] & 0xff)) + 7) / 8;
+
+                keyData[pos] = rawKeyData[pos];
+                keyData[pos + 1] = rawKeyData[pos + 1];
+
+                byte[] tmp;
+                if (i == 0)
+                {
+                    tmp = EncryptData(encAlgorithm, encKey, rawKeyData, pos + 2, encLen, random, ref iv);
+                }
+                else
+                {
+                    byte[] tmpIv = Arrays.CopyOfRange(keyData, pos - iv.Length, pos);
+
+                    tmp = EncryptData(encAlgorithm, encKey, rawKeyData, pos + 2, encLen, random, ref tmpIv);
+                }
+
+                Array.Copy(tmp, 0, keyData, pos + 2, tmp.Length);
+                pos += 2 + encLen;
+            }
+
+            //
+            // copy in checksum.
+            //
+            keyData[pos] = rawKeyData[pos];
+            keyData[pos + 1] = rawKeyData[pos + 1];
+
+            return keyData;
+        }
+
+        private static byte[] EncryptKeyDataV4(
+            byte[]						rawKeyData,
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            HashAlgorithmTag            hashAlgorithm,
+            byte[]						rawPassPhrase,
+            bool                        clearPassPhrase,
+            SecureRandom				random,
+            out S2k						s2k,
+            out byte[]					iv)
+        {
+            s2k = PgpUtilities.GenerateS2k(hashAlgorithm, 0x60, random);
+
+            KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(encAlgorithm, s2k, rawPassPhrase, clearPassPhrase);
+
+            iv = null;
+            return EncryptData(encAlgorithm, key, rawKeyData, 0, rawKeyData.Length, random, ref iv);
+        }
+
+        private static byte[] EncryptData(
+            SymmetricKeyAlgorithmTag	encAlgorithm,
+            KeyParameter                key,
+            byte[]						data,
+            int                         dataOff,
+            int                         dataLen,
+            SecureRandom				random,
+            ref byte[]                  iv)
+        {
+            IBufferedCipher c;
+            try
+            {
+                string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm);
+                c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
+            }
+            catch (Exception e)
+            {
+                throw new PgpException("Exception creating cipher", e);
+            }
+
+            if (iv == null)
+            {
+                iv = PgpUtilities.GenerateIV(c.GetBlockSize(), random);
+            }
+
+            c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), random));
+
+            return c.DoFinal(data, dataOff, dataLen);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
+        /// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExpr(Stream inputStream, char[] passPhrase, PgpPublicKey pubKey)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, false), true, pubKey);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
+        /// </summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExprUtf8(Stream inputStream, char[] passPhrase, PgpPublicKey pubKey)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, true), true, pubKey);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
+        /// </summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExprRaw(Stream inputStream, byte[] rawPassPhrase, PgpPublicKey pubKey)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, rawPassPhrase, false, pubKey);
+        }
+
+        internal static PgpSecretKey DoParseSecretKeyFromSExpr(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase, PgpPublicKey pubKey)
+        {
+            SXprUtilities.SkipOpenParenthesis(inputStream);
+
+            string type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+            if (type.Equals("protected-private-key"))
+            {
+                SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                string curveName;
+
+                string keyType = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                if (keyType.Equals("ecc"))
+                {
+                    SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                    string curveID = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                    curveName = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+
+                    SXprUtilities.SkipCloseParenthesis(inputStream);
+                }
+                else
+                {
+                    throw new PgpException("no curve details found");
+                }
+
+                byte[] qVal;
+
+                SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                if (type.Equals("q"))
+                {
+                    qVal = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte());
+                }
+                else
+                {
+                    throw new PgpException("no q value found");
+                }
+
+                SXprUtilities.SkipCloseParenthesis(inputStream);
+
+                byte[] dValue = GetDValue(inputStream, rawPassPhrase, clearPassPhrase, curveName);
+                // TODO: check SHA-1 hash.
+
+                return new PgpSecretKey(new SecretKeyPacket(pubKey.PublicKeyPacket, SymmetricKeyAlgorithmTag.Null, null, null,
+                    new ECSecretBcpgKey(new BigInteger(1, dValue)).GetEncoded()), pubKey);
+            }
+
+            throw new PgpException("unknown key type found");
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys.
+        /// </summary>
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExpr(Stream inputStream, char[] passPhrase)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, false), true);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys.
+        /// </summary>
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExprUtf8(Stream inputStream, char[] passPhrase)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, true), true);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys.
+        /// </summary>
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public static PgpSecretKey ParseSecretKeyFromSExprRaw(Stream inputStream, byte[] rawPassPhrase)
+        {
+            return DoParseSecretKeyFromSExpr(inputStream, rawPassPhrase, false);
+        }
+
+        /// <summary>
+        /// Parse a secret key from one of the GPG S expression keys.
+        /// </summary>
+        internal static PgpSecretKey DoParseSecretKeyFromSExpr(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase)
+        {
+            SXprUtilities.SkipOpenParenthesis(inputStream);
+
+            string type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+            if (type.Equals("protected-private-key"))
+            {
+                SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                string curveName;
+
+                string keyType = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                if (keyType.Equals("ecc"))
+                {
+                    SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                    string curveID = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                    curveName = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+
+                    if (Platform.StartsWith(curveName, "NIST "))
+                    {
+                        curveName = curveName.Substring("NIST ".Length);
+                    }
+
+                    SXprUtilities.SkipCloseParenthesis(inputStream);
+                }
+                else
+                {
+                    throw new PgpException("no curve details found");
+                }
+
+                byte[] qVal;
+
+                SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+                if (type.Equals("q"))
+                {
+                    qVal = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte());
+                }
+                else
+                {
+                    throw new PgpException("no q value found");
+                }
+
+                PublicKeyPacket pubPacket = new PublicKeyPacket(PublicKeyAlgorithmTag.ECDsa, DateTime.UtcNow,
+                    new ECDsaPublicBcpgKey(ECNamedCurveTable.GetOid(curveName), new BigInteger(1, qVal)));
+
+                SXprUtilities.SkipCloseParenthesis(inputStream);
+
+                byte[] dValue = GetDValue(inputStream, rawPassPhrase, clearPassPhrase, curveName);
+                // TODO: check SHA-1 hash.
+
+                return new PgpSecretKey(new SecretKeyPacket(pubPacket, SymmetricKeyAlgorithmTag.Null, null, null,
+                    new ECSecretBcpgKey(new BigInteger(1, dValue)).GetEncoded()), new PgpPublicKey(pubPacket));
+            }
+
+            throw new PgpException("unknown key type found");
+        }
+
+        private static byte[] GetDValue(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase, string curveName)
+        {
+            string type;
+            SXprUtilities.SkipOpenParenthesis(inputStream);
+
+            string protection;
+            S2k s2k;
+            byte[] iv;
+            byte[] secKeyData;
+
+            type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+            if (type.Equals("protected"))
+            {
+                protection = SXprUtilities.ReadString(inputStream, inputStream.ReadByte());
+
+                SXprUtilities.SkipOpenParenthesis(inputStream);
+
+                s2k = SXprUtilities.ParseS2k(inputStream);
+
+                iv = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte());
+
+                SXprUtilities.SkipCloseParenthesis(inputStream);
+
+                secKeyData = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte());
+            }
+            else
+            {
+                throw new PgpException("protected block not found");
+            }
+
+            // TODO: recognise other algorithms
+            KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag.Aes128, s2k, rawPassPhrase, clearPassPhrase);
+
+            byte[] data = RecoverKeyData(SymmetricKeyAlgorithmTag.Aes128, "/CBC/NoPadding", key, iv, secKeyData, 0, secKeyData.Length);
+
+            //
+            // parse the secret key S-expr
+            //
+            Stream keyIn = new MemoryStream(data, false);
+
+            SXprUtilities.SkipOpenParenthesis(keyIn);
+            SXprUtilities.SkipOpenParenthesis(keyIn);
+            SXprUtilities.SkipOpenParenthesis(keyIn);
+            String name = SXprUtilities.ReadString(keyIn, keyIn.ReadByte());
+            return SXprUtilities.ReadBytes(keyIn, keyIn.ReadByte());
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSecretKeyRing.cs b/bc-sharp-crypto/src/openpgp/PgpSecretKeyRing.cs
new file mode 100644
index 0000000..70cd721
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSecretKeyRing.cs
@@ -0,0 +1,308 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /// <remarks>
+    /// Class to hold a single master secret key and its subkeys.
+    /// <p>
+    /// Often PGP keyring files consist of multiple master keys, if you are trying to process
+    /// or construct one of these you should use the <c>PgpSecretKeyRingBundle</c> class.
+    /// </p>
+    /// </remarks>
+    public class PgpSecretKeyRing
+        : PgpKeyRing
+    {
+        private readonly IList keys;
+        private readonly IList extraPubKeys;
+
+        internal PgpSecretKeyRing(
+            IList keys)
+            : this(keys, Platform.CreateArrayList())
+        {
+        }
+
+        private PgpSecretKeyRing(
+            IList	keys,
+            IList	extraPubKeys)
+        {
+            this.keys = keys;
+            this.extraPubKeys = extraPubKeys;
+        }
+
+        public PgpSecretKeyRing(
+            byte[] encoding)
+            : this(new MemoryStream(encoding))
+        {
+        }
+
+        public PgpSecretKeyRing(
+            Stream inputStream)
+        {
+            this.keys = Platform.CreateArrayList();
+            this.extraPubKeys = Platform.CreateArrayList();
+
+            BcpgInputStream bcpgInput = BcpgInputStream.Wrap(inputStream);
+
+            PacketTag initialTag = bcpgInput.NextPacketTag();
+            if (initialTag != PacketTag.SecretKey && initialTag != PacketTag.SecretSubkey)
+            {
+                throw new IOException("secret key ring doesn't start with secret key tag: "
+                    + "tag 0x" + ((int)initialTag).ToString("X"));
+            }
+
+            SecretKeyPacket secret = (SecretKeyPacket) bcpgInput.ReadPacket();
+
+            //
+            // ignore GPG comment packets if found.
+            //
+            while (bcpgInput.NextPacketTag() == PacketTag.Experimental2)
+            {
+                bcpgInput.ReadPacket();
+            }
+
+            TrustPacket trust = ReadOptionalTrustPacket(bcpgInput);
+
+            // revocation and direct signatures
+            IList keySigs = ReadSignaturesAndTrust(bcpgInput);
+
+            IList ids, idTrusts, idSigs;
+            ReadUserIDs(bcpgInput, out ids, out idTrusts, out idSigs);
+
+            keys.Add(new PgpSecretKey(secret, new PgpPublicKey(secret.PublicKeyPacket, trust, keySigs, ids, idTrusts, idSigs)));
+
+
+            // Read subkeys
+            while (bcpgInput.NextPacketTag() == PacketTag.SecretSubkey
+                || bcpgInput.NextPacketTag() == PacketTag.PublicSubkey)
+            {
+                if (bcpgInput.NextPacketTag() == PacketTag.SecretSubkey)
+                {
+                    SecretSubkeyPacket sub = (SecretSubkeyPacket) bcpgInput.ReadPacket();
+
+                    //
+                    // ignore GPG comment packets if found.
+                    //
+                    while (bcpgInput.NextPacketTag() == PacketTag.Experimental2)
+                    {
+                        bcpgInput.ReadPacket();
+                    }
+
+                    TrustPacket subTrust = ReadOptionalTrustPacket(bcpgInput);
+                    IList sigList = ReadSignaturesAndTrust(bcpgInput);
+
+                    keys.Add(new PgpSecretKey(sub, new PgpPublicKey(sub.PublicKeyPacket, subTrust, sigList)));
+                }
+                else
+                {
+                    PublicSubkeyPacket sub = (PublicSubkeyPacket) bcpgInput.ReadPacket();
+
+                    TrustPacket subTrust = ReadOptionalTrustPacket(bcpgInput);
+                    IList sigList = ReadSignaturesAndTrust(bcpgInput);
+
+                    extraPubKeys.Add(new PgpPublicKey(sub, subTrust, sigList));
+                }
+            }
+        }
+
+        /// <summary>Return the public key for the master key.</summary>
+        public PgpPublicKey GetPublicKey()
+        {
+            return ((PgpSecretKey) keys[0]).PublicKey;
+        }
+
+        /// <summary>Return the master private key.</summary>
+        public PgpSecretKey GetSecretKey()
+        {
+            return (PgpSecretKey) keys[0];
+        }
+
+        /// <summary>Allows enumeration of the secret keys.</summary>
+        /// <returns>An <c>IEnumerable</c> of <c>PgpSecretKey</c> objects.</returns>
+        public IEnumerable GetSecretKeys()
+        {
+            return new EnumerableProxy(keys);
+        }
+
+        public PgpSecretKey GetSecretKey(
+            long keyId)
+        {
+            foreach (PgpSecretKey k in keys)
+            {
+                if (keyId == k.KeyId)
+                {
+                    return k;
+                }
+            }
+
+            return null;
+        }
+
+        /// <summary>
+        /// Return an iterator of the public keys in the secret key ring that
+        /// have no matching private key. At the moment only personal certificate data
+        /// appears in this fashion.
+        /// </summary>
+        /// <returns>An <c>IEnumerable</c> of unattached, or extra, public keys.</returns>
+        public IEnumerable GetExtraPublicKeys()
+        {
+            return new EnumerableProxy(extraPubKeys);
+        }
+
+        public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+            Encode(bOut);
+
+            return bOut.ToArray();
+        }
+
+        public void Encode(
+            Stream outStr)
+        {
+            if (outStr == null)
+                throw new ArgumentNullException("outStr");
+
+            foreach (PgpSecretKey key in keys)
+            {
+                key.Encode(outStr);
+            }
+            foreach (PgpPublicKey extraPubKey in extraPubKeys)
+            {
+                extraPubKey.Encode(outStr);
+            }
+        }
+
+        /// <summary>
+        /// Replace the public key set on the secret ring with the corresponding key off the public ring.
+        /// </summary>
+        /// <param name="secretRing">Secret ring to be changed.</param>
+        /// <param name="publicRing">Public ring containing the new public key set.</param>
+        public static PgpSecretKeyRing ReplacePublicKeys(
+            PgpSecretKeyRing	secretRing,
+            PgpPublicKeyRing	publicRing)
+        {
+            IList newList = Platform.CreateArrayList(secretRing.keys.Count);
+
+            foreach (PgpSecretKey sk in secretRing.keys)
+            {
+                PgpPublicKey pk = publicRing.GetPublicKey(sk.KeyId);
+
+                newList.Add(PgpSecretKey.ReplacePublicKey(sk, pk));
+            }
+
+            return new PgpSecretKeyRing(newList);
+        }
+
+        /// <summary>
+        /// Return a copy of the passed in secret key ring, with the master key and sub keys encrypted
+        /// using a new password and the passed in algorithm.
+        /// </summary>
+        /// <param name="ring">The <c>PgpSecretKeyRing</c> to be copied.</param>
+        /// <param name="oldPassPhrase">The current password for key.</param>
+        /// <param name="newPassPhrase">The new password for the key.</param>
+        /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
+        /// <param name="rand">Source of randomness.</param>
+        public static PgpSecretKeyRing CopyWithNewPassword(
+            PgpSecretKeyRing			ring,
+            char[]						oldPassPhrase,
+            char[]						newPassPhrase,
+            SymmetricKeyAlgorithmTag	newEncAlgorithm,
+            SecureRandom				rand)
+        {
+            IList newKeys = Platform.CreateArrayList(ring.keys.Count);
+            foreach (PgpSecretKey secretKey in ring.GetSecretKeys())
+            {
+                if (secretKey.IsPrivateKeyEmpty)
+                {
+                    newKeys.Add(secretKey);
+                }
+                else
+                {
+                    newKeys.Add(PgpSecretKey.CopyWithNewPassword(secretKey, oldPassPhrase, newPassPhrase, newEncAlgorithm, rand));
+                }
+            }
+
+            return new PgpSecretKeyRing(newKeys, ring.extraPubKeys);
+        }
+
+        /// <summary>
+        /// Returns a new key ring with the secret key passed in either added or
+        /// replacing an existing one with the same key ID.
+        /// </summary>
+        /// <param name="secRing">The secret key ring to be modified.</param>
+        /// <param name="secKey">The secret key to be inserted.</param>
+        /// <returns>A new <c>PgpSecretKeyRing</c></returns>
+        public static PgpSecretKeyRing InsertSecretKey(
+            PgpSecretKeyRing  secRing,
+            PgpSecretKey      secKey)
+        {
+            IList keys = Platform.CreateArrayList(secRing.keys);
+            bool found = false;
+            bool masterFound = false;
+
+            for (int i = 0; i != keys.Count; i++)
+            {
+                PgpSecretKey key = (PgpSecretKey) keys[i];
+
+                if (key.KeyId == secKey.KeyId)
+                {
+                    found = true;
+                    keys[i] = secKey;
+                }
+                if (key.IsMasterKey)
+                {
+                    masterFound = true;
+                }
+            }
+
+            if (!found)
+            {
+                if (secKey.IsMasterKey)
+                {
+                    if (masterFound)
+                        throw new ArgumentException("cannot add a master key to a ring that already has one");
+
+                    keys.Insert(0, secKey);
+                }
+                else
+                {
+                    keys.Add(secKey);
+                }
+            }
+
+            return new PgpSecretKeyRing(keys, secRing.extraPubKeys);
+        }
+
+        /// <summary>Returns a new key ring with the secret key passed in removed from the key ring.</summary>
+        /// <param name="secRing">The secret key ring to be modified.</param>
+        /// <param name="secKey">The secret key to be removed.</param>
+        /// <returns>A new <c>PgpSecretKeyRing</c>, or null if secKey is not found.</returns>
+        public static PgpSecretKeyRing RemoveSecretKey(
+            PgpSecretKeyRing  secRing,
+            PgpSecretKey      secKey)
+        {
+            IList keys = Platform.CreateArrayList(secRing.keys);
+            bool found = false;
+
+            for (int i = 0; i < keys.Count; i++)
+            {
+                PgpSecretKey key = (PgpSecretKey)keys[i];
+
+                if (key.KeyId == secKey.KeyId)
+                {
+                    found = true;
+                    keys.RemoveAt(i);
+                }
+            }
+
+            return found ? new PgpSecretKeyRing(keys, secRing.extraPubKeys) : null;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSecretKeyRingBundle.cs b/bc-sharp-crypto/src/openpgp/PgpSecretKeyRingBundle.cs
new file mode 100644
index 0000000..c9f4d39
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSecretKeyRingBundle.cs
@@ -0,0 +1,280 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>
+	/// Often a PGP key ring file is made up of a succession of master/sub-key key rings.
+	/// If you want to read an entire secret key file in one hit this is the class for you.
+	/// </remarks>
+    public class PgpSecretKeyRingBundle
+    {
+        private readonly IDictionary secretRings;
+        private readonly IList order;
+
+		private PgpSecretKeyRingBundle(
+            IDictionary	secretRings,
+            IList       order)
+        {
+            this.secretRings = secretRings;
+            this.order = order;
+        }
+
+		public PgpSecretKeyRingBundle(
+            byte[] encoding)
+            : this(new MemoryStream(encoding, false))
+		{
+        }
+
+		/// <summary>Build a PgpSecretKeyRingBundle from the passed in input stream.</summary>
+		/// <param name="inputStream">Input stream containing data.</param>
+		/// <exception cref="IOException">If a problem parsing the stream occurs.</exception>
+		/// <exception cref="PgpException">If an object is encountered which isn't a PgpSecretKeyRing.</exception>
+		public PgpSecretKeyRingBundle(
+            Stream inputStream)
+			: this(new PgpObjectFactory(inputStream).AllPgpObjects())
+        {
+        }
+
+		public PgpSecretKeyRingBundle(
+            IEnumerable e)
+        {
+			this.secretRings = Platform.CreateHashtable();
+            this.order = Platform.CreateArrayList();
+
+			foreach (object obj in e)
+			{
+				PgpSecretKeyRing pgpSecret = obj as PgpSecretKeyRing;
+
+				if (pgpSecret == null)
+				{
+					throw new PgpException(Platform.GetTypeName(obj) + " found where PgpSecretKeyRing expected");
+				}
+
+				long key = pgpSecret.GetPublicKey().KeyId;
+				secretRings.Add(key, pgpSecret);
+				order.Add(key);
+			}
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+		{
+			get { return order.Count; }
+		}
+
+		/// <summary>Return the number of rings in this collection.</summary>
+		public int Count
+        {
+			get { return order.Count; }
+        }
+
+		/// <summary>Allow enumeration of the secret key rings making up this collection.</summary>
+		public IEnumerable GetKeyRings()
+        {
+            return new EnumerableProxy(secretRings.Values);
+        }
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+		public IEnumerable GetKeyRings(
+			string userId)
+		{
+			return GetKeyRings(userId, false, false);
+		}
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <param name="matchPartial">If true, userId need only be a substring of an actual ID string to match.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+		public IEnumerable GetKeyRings(
+            string	userId,
+            bool	matchPartial)
+        {
+			return GetKeyRings(userId, matchPartial, false);
+        }
+
+		/// <summary>Allow enumeration of the key rings associated with the passed in userId.</summary>
+		/// <param name="userId">The user ID to be matched.</param>
+		/// <param name="matchPartial">If true, userId need only be a substring of an actual ID string to match.</param>
+		/// <param name="ignoreCase">If true, case is ignored in user ID comparisons.</param>
+		/// <returns>An <c>IEnumerable</c> of key rings which matched (possibly none).</returns>
+		public IEnumerable GetKeyRings(
+			string	userId,
+			bool	matchPartial,
+			bool	ignoreCase)
+		{
+            IList rings = Platform.CreateArrayList();
+
+			if (ignoreCase)
+			{
+                userId = Platform.ToUpperInvariant(userId);
+            }
+
+			foreach (PgpSecretKeyRing secRing in GetKeyRings())
+			{
+				foreach (string nextUserID in secRing.GetSecretKey().UserIds)
+				{
+					string next = nextUserID;
+					if (ignoreCase)
+					{
+                        next = Platform.ToUpperInvariant(next);
+                    }
+
+					if (matchPartial)
+					{
+                        if (Platform.IndexOf(next, userId) > -1)
+						{
+							rings.Add(secRing);
+						}
+					}
+					else
+					{
+						if (next.Equals(userId))
+						{
+							rings.Add(secRing);
+						}
+					}
+				}
+			}
+
+			return new EnumerableProxy(rings);
+		}
+
+		/// <summary>Return the PGP secret key associated with the given key id.</summary>
+		/// <param name="keyId">The ID of the secret key to return.</param>
+		public PgpSecretKey GetSecretKey(
+            long keyId)
+        {
+            foreach (PgpSecretKeyRing secRing in GetKeyRings())
+            {
+                PgpSecretKey sec = secRing.GetSecretKey(keyId);
+
+				if (sec != null)
+                {
+                    return sec;
+                }
+            }
+
+            return null;
+        }
+
+		/// <summary>Return the secret key ring which contains the key referred to by keyId</summary>
+		/// <param name="keyId">The ID of the secret key</param>
+		public PgpSecretKeyRing GetSecretKeyRing(
+            long keyId)
+        {
+            long id = keyId;
+
+            if (secretRings.Contains(id))
+            {
+                return (PgpSecretKeyRing) secretRings[id];
+            }
+
+			foreach (PgpSecretKeyRing secretRing in GetKeyRings())
+            {
+                PgpSecretKey secret = secretRing.GetSecretKey(keyId);
+
+                if (secret != null)
+                {
+                    return secretRing;
+                }
+            }
+
+            return null;
+        }
+
+		/// <summary>
+		/// Return true if a key matching the passed in key ID is present, false otherwise.
+		/// </summary>
+		/// <param name="keyID">key ID to look for.</param>
+		public bool Contains(
+			long keyID)
+		{
+			return GetSecretKey(keyID) != null;
+		}
+
+		public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+			Encode(bOut);
+
+			return bOut.ToArray();
+        }
+
+		public void Encode(
+			Stream outStr)
+        {
+			BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
+
+			foreach (long key in order)
+            {
+                PgpSecretKeyRing pub = (PgpSecretKeyRing) secretRings[key];
+
+				pub.Encode(bcpgOut);
+            }
+        }
+
+		/// <summary>
+		/// Return a new bundle containing the contents of the passed in bundle and
+		/// the passed in secret key ring.
+		/// </summary>
+		/// <param name="bundle">The <c>PgpSecretKeyRingBundle</c> the key ring is to be added to.</param>
+		/// <param name="secretKeyRing">The key ring to be added.</param>
+		/// <returns>A new <c>PgpSecretKeyRingBundle</c> merging the current one with the passed in key ring.</returns>
+		/// <exception cref="ArgumentException">If the keyId for the passed in key ring is already present.</exception>
+        public static PgpSecretKeyRingBundle AddSecretKeyRing(
+            PgpSecretKeyRingBundle  bundle,
+            PgpSecretKeyRing        secretKeyRing)
+        {
+            long key = secretKeyRing.GetPublicKey().KeyId;
+
+            if (bundle.secretRings.Contains(key))
+            {
+                throw new ArgumentException("Collection already contains a key with a keyId for the passed in ring.");
+            }
+
+            IDictionary newSecretRings = Platform.CreateHashtable(bundle.secretRings);
+            IList newOrder = Platform.CreateArrayList(bundle.order);
+
+            newSecretRings[key] = secretKeyRing;
+            newOrder.Add(key);
+
+            return new PgpSecretKeyRingBundle(newSecretRings, newOrder);
+        }
+
+		/// <summary>
+		/// Return a new bundle containing the contents of the passed in bundle with
+		/// the passed in secret key ring removed.
+		/// </summary>
+		/// <param name="bundle">The <c>PgpSecretKeyRingBundle</c> the key ring is to be removed from.</param>
+		/// <param name="secretKeyRing">The key ring to be removed.</param>
+		/// <returns>A new <c>PgpSecretKeyRingBundle</c> not containing the passed in key ring.</returns>
+		/// <exception cref="ArgumentException">If the keyId for the passed in key ring is not present.</exception>
+        public static PgpSecretKeyRingBundle RemoveSecretKeyRing(
+            PgpSecretKeyRingBundle  bundle,
+            PgpSecretKeyRing        secretKeyRing)
+        {
+            long key = secretKeyRing.GetPublicKey().KeyId;
+
+			if (!bundle.secretRings.Contains(key))
+            {
+                throw new ArgumentException("Collection does not contain a key with a keyId for the passed in ring.");
+            }
+
+            IDictionary newSecretRings = Platform.CreateHashtable(bundle.secretRings);
+            IList newOrder = Platform.CreateArrayList(bundle.order);
+
+			newSecretRings.Remove(key);
+			newOrder.Remove(key);
+
+			return new PgpSecretKeyRingBundle(newSecretRings, newOrder);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSignature.cs b/bc-sharp-crypto/src/openpgp/PgpSignature.cs
new file mode 100644
index 0000000..c8c541b
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSignature.cs
@@ -0,0 +1,447 @@
+using System;
+using System.IO;
+using Org.BouncyCastle.Asn1;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A PGP signature object.</remarks>
+    public class PgpSignature
+    {
+        public const int BinaryDocument = 0x00;
+        public const int CanonicalTextDocument = 0x01;
+        public const int StandAlone = 0x02;
+
+        public const int DefaultCertification = 0x10;
+        public const int NoCertification = 0x11;
+        public const int CasualCertification = 0x12;
+        public const int PositiveCertification = 0x13;
+
+        public const int SubkeyBinding = 0x18;
+		public const int PrimaryKeyBinding = 0x19;
+		public const int DirectKey = 0x1f;
+        public const int KeyRevocation = 0x20;
+        public const int SubkeyRevocation = 0x28;
+        public const int CertificationRevocation = 0x30;
+        public const int Timestamp = 0x40;
+
+        private readonly SignaturePacket	sigPck;
+        private readonly int				signatureType;
+        private readonly TrustPacket		trustPck;
+
+		private ISigner	sig;
+		private byte	lastb; // Initial value anything but '\r'
+
+		internal PgpSignature(
+            BcpgInputStream bcpgInput)
+            : this((SignaturePacket)bcpgInput.ReadPacket())
+        {
+        }
+
+		internal PgpSignature(
+            SignaturePacket sigPacket)
+			: this(sigPacket, null)
+        {
+        }
+
+        internal PgpSignature(
+            SignaturePacket	sigPacket,
+            TrustPacket		trustPacket)
+        {
+			if (sigPacket == null)
+				throw new ArgumentNullException("sigPacket");
+
+			this.sigPck = sigPacket;
+			this.signatureType = sigPck.SignatureType;
+			this.trustPck = trustPacket;
+        }
+
+		private void GetSig()
+        {
+            this.sig = SignerUtilities.GetSigner(
+				PgpUtilities.GetSignatureName(sigPck.KeyAlgorithm, sigPck.HashAlgorithm));
+        }
+
+		/// <summary>The OpenPGP version number for this signature.</summary>
+		public int Version
+		{
+			get { return sigPck.Version; }
+		}
+
+		/// <summary>The key algorithm associated with this signature.</summary>
+		public PublicKeyAlgorithmTag KeyAlgorithm
+		{
+			get { return sigPck.KeyAlgorithm; }
+		}
+
+		/// <summary>The hash algorithm associated with this signature.</summary>
+		public HashAlgorithmTag HashAlgorithm
+		{
+			get { return sigPck.HashAlgorithm; }
+		}
+
+        /// <summary>Return true if this signature represents a certification.</summary>
+        public bool IsCertification()
+        {
+            return IsCertification(SignatureType);
+        }
+
+		public void InitVerify(
+            PgpPublicKey pubKey)
+        {
+			lastb = 0;
+            if (sig == null)
+            {
+                GetSig();
+            }
+            try
+            {
+                sig.Init(false, pubKey.GetKey());
+            }
+            catch (InvalidKeyException e)
+            {
+                throw new PgpException("invalid key.", e);
+            }
+        }
+
+        public void Update(
+            byte b)
+        {
+            if (signatureType == CanonicalTextDocument)
+            {
+				doCanonicalUpdateByte(b);
+            }
+            else
+            {
+                sig.Update(b);
+            }
+        }
+
+		private void doCanonicalUpdateByte(
+			byte b)
+		{
+			if (b == '\r')
+			{
+				doUpdateCRLF();
+			}
+			else if (b == '\n')
+			{
+				if (lastb != '\r')
+				{
+					doUpdateCRLF();
+				}
+			}
+			else
+			{
+				sig.Update(b);
+			}
+
+			lastb = b;
+		}
+
+		private void doUpdateCRLF()
+		{
+			sig.Update((byte)'\r');
+			sig.Update((byte)'\n');
+		}
+
+		public void Update(
+            params byte[] bytes)
+        {
+			Update(bytes, 0, bytes.Length);
+        }
+
+		public void Update(
+            byte[]	bytes,
+            int		off,
+            int		length)
+        {
+            if (signatureType == CanonicalTextDocument)
+            {
+                int finish = off + length;
+
+				for (int i = off; i != finish; i++)
+                {
+                    doCanonicalUpdateByte(bytes[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(bytes, off, length);
+            }
+        }
+
+		public bool Verify()
+        {
+            byte[] trailer = GetSignatureTrailer();
+            sig.BlockUpdate(trailer, 0, trailer.Length);
+
+			return sig.VerifySignature(GetSignature());
+        }
+
+		private void UpdateWithIdData(
+			int		header,
+			byte[]	idBytes)
+		{
+			this.Update(
+				(byte) header,
+				(byte)(idBytes.Length >> 24),
+				(byte)(idBytes.Length >> 16),
+				(byte)(idBytes.Length >> 8),
+				(byte)(idBytes.Length));
+			this.Update(idBytes);
+		}
+
+		private void UpdateWithPublicKey(
+			PgpPublicKey key)
+		{
+			byte[] keyBytes = GetEncodedPublicKey(key);
+
+			this.Update(
+				(byte) 0x99,
+				(byte)(keyBytes.Length >> 8),
+				(byte)(keyBytes.Length));
+			this.Update(keyBytes);
+		}
+
+		/// <summary>
+		/// Verify the signature as certifying the passed in public key as associated
+		/// with the passed in user attributes.
+		/// </summary>
+		/// <param name="userAttributes">User attributes the key was stored under.</param>
+		/// <param name="key">The key to be verified.</param>
+		/// <returns>True, if the signature matches, false otherwise.</returns>
+		public bool VerifyCertification(
+			PgpUserAttributeSubpacketVector	userAttributes,
+			PgpPublicKey					key)
+		{
+			UpdateWithPublicKey(key);
+
+			//
+			// hash in the userAttributes
+			//
+			try
+			{
+				MemoryStream bOut = new MemoryStream();
+				foreach (UserAttributeSubpacket packet in userAttributes.ToSubpacketArray())
+				{
+					packet.Encode(bOut);
+				}
+				UpdateWithIdData(0xd1, bOut.ToArray());
+			}
+			catch (IOException e)
+			{
+				throw new PgpException("cannot encode subpacket array", e);
+			}
+
+			this.Update(sigPck.GetSignatureTrailer());
+
+			return sig.VerifySignature(this.GetSignature());
+		}
+
+		/// <summary>
+		/// Verify the signature as certifying the passed in public key as associated
+		/// with the passed in ID.
+		/// </summary>
+		/// <param name="id">ID the key was stored under.</param>
+		/// <param name="key">The key to be verified.</param>
+		/// <returns>True, if the signature matches, false otherwise.</returns>
+        public bool VerifyCertification(
+            string			id,
+            PgpPublicKey	key)
+        {
+			UpdateWithPublicKey(key);
+
+			//
+            // hash in the id
+            //
+            UpdateWithIdData(0xb4, Strings.ToUtf8ByteArray(id));
+
+			Update(sigPck.GetSignatureTrailer());
+
+			return sig.VerifySignature(GetSignature());
+        }
+
+		/// <summary>Verify a certification for the passed in key against the passed in master key.</summary>
+		/// <param name="masterKey">The key we are verifying against.</param>
+		/// <param name="pubKey">The key we are verifying.</param>
+		/// <returns>True, if the certification is valid, false otherwise.</returns>
+        public bool VerifyCertification(
+            PgpPublicKey	masterKey,
+            PgpPublicKey	pubKey)
+        {
+			UpdateWithPublicKey(masterKey);
+			UpdateWithPublicKey(pubKey);
+
+			Update(sigPck.GetSignatureTrailer());
+
+			return sig.VerifySignature(GetSignature());
+        }
+
+		/// <summary>Verify a key certification, such as revocation, for the passed in key.</summary>
+		/// <param name="pubKey">The key we are checking.</param>
+		/// <returns>True, if the certification is valid, false otherwise.</returns>
+        public bool VerifyCertification(
+            PgpPublicKey pubKey)
+        {
+            if (SignatureType != KeyRevocation
+                && SignatureType != SubkeyRevocation)
+            {
+                throw new InvalidOperationException("signature is not a key signature");
+            }
+
+			UpdateWithPublicKey(pubKey);
+
+            Update(sigPck.GetSignatureTrailer());
+
+			return sig.VerifySignature(GetSignature());
+        }
+
+		public int SignatureType
+        {
+			get { return sigPck.SignatureType; }
+        }
+
+		/// <summary>The ID of the key that created the signature.</summary>
+        public long KeyId
+        {
+            get { return sigPck.KeyId; }
+        }
+
+		[Obsolete("Use 'CreationTime' property instead")]
+		public DateTime GetCreationTime()
+		{
+			return CreationTime;
+		}
+
+		/// <summary>The creation time of this signature.</summary>
+        public DateTime CreationTime
+        {
+			get { return DateTimeUtilities.UnixMsToDateTime(sigPck.CreationTime); }
+        }
+
+		public byte[] GetSignatureTrailer()
+        {
+            return sigPck.GetSignatureTrailer();
+        }
+
+		/// <summary>
+		/// Return true if the signature has either hashed or unhashed subpackets.
+		/// </summary>
+		public bool HasSubpackets
+		{
+			get
+			{
+				return sigPck.GetHashedSubPackets() != null
+					|| sigPck.GetUnhashedSubPackets() != null;
+			}
+		}
+
+		public PgpSignatureSubpacketVector GetHashedSubPackets()
+        {
+            return createSubpacketVector(sigPck.GetHashedSubPackets());
+        }
+
+		public PgpSignatureSubpacketVector GetUnhashedSubPackets()
+        {
+            return createSubpacketVector(sigPck.GetUnhashedSubPackets());
+        }
+
+		private PgpSignatureSubpacketVector createSubpacketVector(SignatureSubpacket[] pcks)
+		{
+			return pcks == null ? null : new PgpSignatureSubpacketVector(pcks);
+		}
+
+		public byte[] GetSignature()
+        {
+            MPInteger[] sigValues = sigPck.GetSignature();
+            byte[] signature;
+
+			if (sigValues != null)
+			{
+				if (sigValues.Length == 1)    // an RSA signature
+				{
+					signature = sigValues[0].Value.ToByteArrayUnsigned();
+				}
+				else
+				{
+					try
+					{
+						signature = new DerSequence(
+							new DerInteger(sigValues[0].Value),
+							new DerInteger(sigValues[1].Value)).GetEncoded();
+					}
+					catch (IOException e)
+					{
+						throw new PgpException("exception encoding DSA sig.", e);
+					}
+				}
+			}
+			else
+			{
+				signature = sigPck.GetSignatureBytes();
+			}
+
+			return signature;
+        }
+
+		// TODO Handle the encoding stuff by subclassing BcpgObject?
+		public byte[] GetEncoded()
+        {
+            MemoryStream bOut = new MemoryStream();
+
+			Encode(bOut);
+
+			return bOut.ToArray();
+        }
+
+		public void Encode(
+            Stream outStream)
+        {
+            BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStream);
+
+			bcpgOut.WritePacket(sigPck);
+
+			if (trustPck != null)
+            {
+                bcpgOut.WritePacket(trustPck);
+            }
+        }
+
+		private byte[] GetEncodedPublicKey(
+			PgpPublicKey pubKey) 
+		{
+			try
+			{
+				return pubKey.publicPk.GetEncodedContents();
+			}
+			catch (IOException e)
+			{
+				throw new PgpException("exception preparing key.", e);
+			}
+		}
+
+        /// <summary>
+        /// Return true if the passed in signature type represents a certification, false if the signature type is not.
+        /// </summary>
+        /// <param name="signatureType"></param>
+        /// <returns>true if signatureType is a certification, false otherwise.</returns>
+        public static bool IsCertification(int signatureType)
+        {
+            switch (signatureType)
+            {
+                case DefaultCertification:
+                case NoCertification:
+                case CasualCertification:
+                case PositiveCertification:
+                    return true;
+                default:
+                    return false;
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSignatureGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpSignatureGenerator.cs
new file mode 100644
index 0000000..c530968
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSignatureGenerator.cs
@@ -0,0 +1,393 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Generator for PGP signatures.</remarks>
+	// TODO Should be able to implement ISigner?
+    public class PgpSignatureGenerator
+    {
+		private static readonly SignatureSubpacket[] EmptySignatureSubpackets = new SignatureSubpacket[0];
+
+		private PublicKeyAlgorithmTag	keyAlgorithm;
+        private HashAlgorithmTag		hashAlgorithm;
+        private PgpPrivateKey			privKey;
+        private ISigner					sig;
+        private IDigest					dig;
+        private int						signatureType;
+        private byte					lastb;
+
+		private SignatureSubpacket[] unhashed = EmptySignatureSubpackets;
+        private SignatureSubpacket[] hashed = EmptySignatureSubpackets;
+
+		/// <summary>Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.</summary>
+        public PgpSignatureGenerator(
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm)
+        {
+            this.keyAlgorithm = keyAlgorithm;
+            this.hashAlgorithm = hashAlgorithm;
+
+			dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm));
+            sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm));
+        }
+
+		/// <summary>Initialise the generator for signing.</summary>
+        public void InitSign(
+            int				sigType,
+            PgpPrivateKey	key)
+        {
+			InitSign(sigType, key, null);
+        }
+
+		/// <summary>Initialise the generator for signing.</summary>
+		public void InitSign(
+			int				sigType,
+			PgpPrivateKey	key,
+			SecureRandom	random)
+		{
+			this.privKey = key;
+			this.signatureType = sigType;
+
+			try
+			{
+				ICipherParameters cp = key.Key;
+				if (random != null)
+				{
+					cp = new ParametersWithRandom(key.Key, random);
+				}
+
+				sig.Init(true, cp);
+			}
+			catch (InvalidKeyException e)
+			{
+				throw new PgpException("invalid key.", e);
+			}
+
+			dig.Reset();
+			lastb = 0;
+		}
+
+		public void Update(
+            byte b)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+				doCanonicalUpdateByte(b);
+            }
+            else
+            {
+				doUpdateByte(b);
+            }
+        }
+
+		private void doCanonicalUpdateByte(
+			byte b)
+		{
+			if (b == '\r')
+			{
+				doUpdateCRLF();
+			}
+			else if (b == '\n')
+			{
+				if (lastb != '\r')
+				{
+					doUpdateCRLF();
+				}
+			}
+			else
+			{
+				doUpdateByte(b);
+			}
+
+			lastb = b;
+		}
+
+		private void doUpdateCRLF()
+		{
+			doUpdateByte((byte)'\r');
+			doUpdateByte((byte)'\n');
+		}
+
+		private void doUpdateByte(
+			byte b)
+		{
+			sig.Update(b);
+			dig.Update(b);
+		}
+
+		public void Update(
+            params byte[] b)
+        {
+			Update(b, 0, b.Length);
+        }
+
+		public void Update(
+            byte[]	b,
+            int		off,
+            int		len)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+                int finish = off + len;
+
+				for (int i = off; i != finish; i++)
+                {
+                    doCanonicalUpdateByte(b[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(b, off, len);
+                dig.BlockUpdate(b, off, len);
+            }
+        }
+
+		public void SetHashedSubpackets(
+            PgpSignatureSubpacketVector hashedPackets)
+        {
+			hashed = hashedPackets == null
+				?	EmptySignatureSubpackets
+				:	hashedPackets.ToSubpacketArray();
+        }
+
+		public void SetUnhashedSubpackets(
+            PgpSignatureSubpacketVector unhashedPackets)
+        {
+			unhashed = unhashedPackets == null
+				?	EmptySignatureSubpackets
+				:	unhashedPackets.ToSubpacketArray();
+        }
+
+		/// <summary>Return the one pass header associated with the current signature.</summary>
+        public PgpOnePassSignature GenerateOnePassVersion(
+            bool isNested)
+        {
+            return new PgpOnePassSignature(
+				new OnePassSignaturePacket(
+					signatureType, hashAlgorithm, keyAlgorithm, privKey.KeyId, isNested));
+        }
+
+		/// <summary>Return a signature object containing the current signature state.</summary>
+        public PgpSignature Generate()
+        {
+			SignatureSubpacket[] hPkts = hashed, unhPkts = unhashed;
+
+			if (!packetPresent(hashed, SignatureSubpacketTag.CreationTime))
+			{
+				hPkts = insertSubpacket(hPkts, new SignatureCreationTime(false, DateTime.UtcNow));
+			}
+
+			if (!packetPresent(hashed, SignatureSubpacketTag.IssuerKeyId)
+				&& !packetPresent(unhashed, SignatureSubpacketTag.IssuerKeyId))
+			{
+				unhPkts = insertSubpacket(unhPkts, new IssuerKeyId(false, privKey.KeyId));
+			}
+
+			int version = 4;
+			byte[] hData;
+
+			try
+            {
+				MemoryStream hOut = new MemoryStream();
+
+				for (int i = 0; i != hPkts.Length; i++)
+				{
+					hPkts[i].Encode(hOut);
+				}
+
+				byte[] data = hOut.ToArray();
+
+				MemoryStream sOut = new MemoryStream(data.Length + 6);
+				sOut.WriteByte((byte)version);
+                sOut.WriteByte((byte)signatureType);
+                sOut.WriteByte((byte)keyAlgorithm);
+                sOut.WriteByte((byte)hashAlgorithm);
+				sOut.WriteByte((byte)(data.Length >> 8));
+                sOut.WriteByte((byte)data.Length);
+                sOut.Write(data, 0, data.Length);
+
+				hData = sOut.ToArray();
+			}
+            catch (IOException e)
+            {
+                throw new PgpException("exception encoding hashed data.", e);
+            }
+
+			sig.BlockUpdate(hData, 0, hData.Length);
+            dig.BlockUpdate(hData, 0, hData.Length);
+
+			hData = new byte[]
+			{
+				(byte) version,
+				0xff,
+				(byte)(hData.Length >> 24),
+				(byte)(hData.Length >> 16),
+				(byte)(hData.Length >> 8),
+				(byte) hData.Length
+			};
+
+			sig.BlockUpdate(hData, 0, hData.Length);
+            dig.BlockUpdate(hData, 0, hData.Length);
+
+			byte[] sigBytes = sig.GenerateSignature();
+			byte[] digest = DigestUtilities.DoFinal(dig);
+			byte[] fingerPrint = new byte[] { digest[0], digest[1] };
+
+			// an RSA signature
+			bool isRsa = keyAlgorithm == PublicKeyAlgorithmTag.RsaSign
+				|| keyAlgorithm == PublicKeyAlgorithmTag.RsaGeneral;
+
+			MPInteger[] sigValues = isRsa
+				?	PgpUtilities.RsaSigToMpi(sigBytes)
+				:	PgpUtilities.DsaSigToMpi(sigBytes);
+
+			return new PgpSignature(
+				new SignaturePacket(signatureType, privKey.KeyId, keyAlgorithm,
+					hashAlgorithm, hPkts, unhPkts, fingerPrint, sigValues));
+        }
+
+		/// <summary>Generate a certification for the passed in ID and key.</summary>
+		/// <param name="id">The ID we are certifying against the public key.</param>
+		/// <param name="pubKey">The key we are certifying against the ID.</param>
+		/// <returns>The certification.</returns>
+        public PgpSignature GenerateCertification(
+            string			id,
+            PgpPublicKey	pubKey)
+        {
+			UpdateWithPublicKey(pubKey);
+
+			//
+            // hash in the id
+            //
+			UpdateWithIdData(0xb4, Strings.ToUtf8ByteArray(id));
+
+            return Generate();
+        }
+
+		/// <summary>Generate a certification for the passed in userAttributes.</summary>
+		/// <param name="userAttributes">The ID we are certifying against the public key.</param>
+		/// <param name="pubKey">The key we are certifying against the ID.</param>
+		/// <returns>The certification.</returns>
+		public PgpSignature GenerateCertification(
+			PgpUserAttributeSubpacketVector	userAttributes,
+			PgpPublicKey					pubKey)
+		{
+			UpdateWithPublicKey(pubKey);
+
+			//
+			// hash in the attributes
+			//
+			try
+			{
+				MemoryStream bOut = new MemoryStream();
+				foreach (UserAttributeSubpacket packet in userAttributes.ToSubpacketArray())
+				{
+					packet.Encode(bOut);
+				}
+				UpdateWithIdData(0xd1, bOut.ToArray());
+			}
+			catch (IOException e)
+			{
+				throw new PgpException("cannot encode subpacket array", e);
+			}
+
+			return this.Generate();
+		}
+
+		/// <summary>Generate a certification for the passed in key against the passed in master key.</summary>
+		/// <param name="masterKey">The key we are certifying against.</param>
+		/// <param name="pubKey">The key we are certifying.</param>
+		/// <returns>The certification.</returns>
+        public PgpSignature GenerateCertification(
+            PgpPublicKey	masterKey,
+            PgpPublicKey	pubKey)
+        {
+			UpdateWithPublicKey(masterKey);
+			UpdateWithPublicKey(pubKey);
+
+			return Generate();
+        }
+
+		/// <summary>Generate a certification, such as a revocation, for the passed in key.</summary>
+		/// <param name="pubKey">The key we are certifying.</param>
+		/// <returns>The certification.</returns>
+        public PgpSignature GenerateCertification(
+            PgpPublicKey pubKey)
+        {
+			UpdateWithPublicKey(pubKey);
+
+			return Generate();
+        }
+
+		private byte[] GetEncodedPublicKey(
+			PgpPublicKey pubKey) 
+		{
+			try
+			{
+				return pubKey.publicPk.GetEncodedContents();
+			}
+			catch (IOException e)
+			{
+				throw new PgpException("exception preparing key.", e);
+			}
+		}
+
+		private bool packetPresent(
+			SignatureSubpacket[]	packets,
+			SignatureSubpacketTag	type)
+		{
+			for (int i = 0; i != packets.Length; i++)
+			{
+				if (packets[i].SubpacketType == type)
+				{
+					return true;
+				}
+			}
+
+			return false;
+		}
+
+		private SignatureSubpacket[] insertSubpacket(
+			SignatureSubpacket[]	packets,
+			SignatureSubpacket		subpacket)
+		{
+			SignatureSubpacket[] tmp = new SignatureSubpacket[packets.Length + 1];
+			tmp[0] = subpacket;
+			packets.CopyTo(tmp, 1);
+			return tmp;
+		}
+
+		private void UpdateWithIdData(
+			int		header,
+			byte[]	idBytes)
+		{
+			this.Update(
+				(byte) header,
+				(byte)(idBytes.Length >> 24),
+				(byte)(idBytes.Length >> 16),
+				(byte)(idBytes.Length >> 8),
+				(byte)(idBytes.Length));
+			this.Update(idBytes);
+		}
+
+		private void UpdateWithPublicKey(
+			PgpPublicKey key)
+		{
+			byte[] keyBytes = GetEncodedPublicKey(key);
+
+			this.Update(
+				(byte) 0x99,
+				(byte)(keyBytes.Length >> 8),
+				(byte)(keyBytes.Length));
+			this.Update(keyBytes);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSignatureList.cs b/bc-sharp-crypto/src/openpgp/PgpSignatureList.cs
new file mode 100644
index 0000000..61976fc
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSignatureList.cs
@@ -0,0 +1,51 @@
+using System;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>A list of PGP signatures - normally in the signature block after literal data.</remarks>
+    public class PgpSignatureList
+		: PgpObject
+    {
+        private PgpSignature[] sigs;
+
+		public PgpSignatureList(
+            PgpSignature[] sigs)
+        {
+            this.sigs = (PgpSignature[]) sigs.Clone();
+        }
+
+		public PgpSignatureList(
+            PgpSignature sig)
+        {
+			this.sigs = new PgpSignature[]{ sig };
+        }
+
+		public PgpSignature this[int index]
+		{
+			get { return sigs[index]; }
+		}
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public PgpSignature Get(
+            int index)
+        {
+            return this[index];
+        }
+
+		[Obsolete("Use 'Count' property instead")]
+		public int Size
+        {
+			get { return sigs.Length; }
+        }
+
+		public int Count
+		{
+			get { return sigs.Length; }
+		}
+
+		public bool IsEmpty
+        {
+			get { return (sigs.Length == 0); }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs
new file mode 100644
index 0000000..d2177d0
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs
@@ -0,0 +1,210 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Generator for signature subpackets.</remarks>
+    public class PgpSignatureSubpacketGenerator
+    {
+        private IList list = Platform.CreateArrayList();
+
+		public void SetRevocable(
+            bool	isCritical,
+            bool	isRevocable)
+        {
+            list.Add(new Revocable(isCritical, isRevocable));
+        }
+
+		public void SetExportable(
+            bool	isCritical,
+            bool	isExportable)
+        {
+            list.Add(new Exportable(isCritical, isExportable));
+        }
+
+        public void SetFeature(
+            bool    isCritical,
+            byte    feature)
+        {
+            list.Add(new Features(isCritical, feature));
+        }
+
+        /// <summary>
+		/// Add a TrustSignature packet to the signature. The values for depth and trust are largely
+		/// installation dependent but there are some guidelines in RFC 4880 - 5.2.3.13.
+		/// </summary>
+		/// <param name="isCritical">true if the packet is critical.</param>
+		/// <param name="depth">depth level.</param>
+		/// <param name="trustAmount">trust amount.</param>
+		public void SetTrust(
+            bool	isCritical,
+            int		depth,
+            int		trustAmount)
+        {
+            list.Add(new TrustSignature(isCritical, depth, trustAmount));
+        }
+
+		/// <summary>
+		/// Set the number of seconds a key is valid for after the time of its creation.
+		/// A value of zero means the key never expires.
+		/// </summary>
+		/// <param name="isCritical">True, if should be treated as critical, false otherwise.</param>
+		/// <param name="seconds">The number of seconds the key is valid, or zero if no expiry.</param>
+        public void SetKeyExpirationTime(
+            bool	isCritical,
+            long	seconds)
+        {
+            list.Add(new KeyExpirationTime(isCritical, seconds));
+        }
+
+		/// <summary>
+		/// Set the number of seconds a signature is valid for after the time of its creation.
+		/// A value of zero means the signature never expires.
+		/// </summary>
+		/// <param name="isCritical">True, if should be treated as critical, false otherwise.</param>
+		/// <param name="seconds">The number of seconds the signature is valid, or zero if no expiry.</param>
+        public void SetSignatureExpirationTime(
+            bool	isCritical,
+            long	seconds)
+        {
+            list.Add(new SignatureExpirationTime(isCritical, seconds));
+        }
+
+		/// <summary>
+		/// Set the creation time for the signature.
+		/// <p>
+		/// Note: this overrides the generation of a creation time when the signature
+		/// is generated.</p>
+		/// </summary>
+		public void SetSignatureCreationTime(
+			bool		isCritical,
+			DateTime	date)
+		{
+			list.Add(new SignatureCreationTime(isCritical, date));
+		}
+
+		public void SetPreferredHashAlgorithms(
+            bool	isCritical,
+            int[]	algorithms)
+        {
+            list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredHashAlgorithms, isCritical, algorithms));
+        }
+
+		public void SetPreferredSymmetricAlgorithms(
+            bool	isCritical,
+            int[]	algorithms)
+        {
+            list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredSymmetricAlgorithms, isCritical, algorithms));
+        }
+
+		public void SetPreferredCompressionAlgorithms(
+            bool	isCritical,
+            int[]	algorithms)
+        {
+            list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredCompressionAlgorithms, isCritical, algorithms));
+        }
+
+		public void SetKeyFlags(
+            bool	isCritical,
+            int		flags)
+        {
+            list.Add(new KeyFlags(isCritical, flags));
+        }
+
+		public void SetSignerUserId(
+            bool	isCritical,
+            string	userId)
+        {
+            if (userId == null)
+                throw new ArgumentNullException("userId");
+
+			list.Add(new SignerUserId(isCritical, userId));
+        }
+
+        public void SetSignerUserId(
+            bool    isCritical,
+            byte[]  rawUserId)
+        {
+            if (rawUserId == null)
+                throw new ArgumentNullException("rawUserId");
+
+            list.Add(new SignerUserId(isCritical, false, rawUserId));
+        }
+
+        public void SetEmbeddedSignature(
+			bool			isCritical,
+			PgpSignature	pgpSignature)
+		{
+			byte[] sig = pgpSignature.GetEncoded();
+			byte[] data;
+
+			// TODO Should be >= ?
+			if (sig.Length - 1 > 256)
+			{
+				data = new byte[sig.Length - 3];
+			}
+			else
+			{
+				data = new byte[sig.Length - 2];
+			}
+
+			Array.Copy(sig, sig.Length - data.Length, data, 0, data.Length);
+
+			list.Add(new EmbeddedSignature(isCritical, false, data));
+		}
+
+		public void SetPrimaryUserId(
+            bool	isCritical,
+            bool	isPrimaryUserId)
+        {
+            list.Add(new PrimaryUserId(isCritical, isPrimaryUserId));
+        }
+
+		public void SetNotationData(
+			bool	isCritical,
+			bool	isHumanReadable,
+			string	notationName,
+			string	notationValue)
+		{
+			list.Add(new NotationData(isCritical, isHumanReadable, notationName, notationValue));
+		}
+
+		/// <summary>
+		/// Sets revocation reason sub packet
+		/// </summary>	    
+		public void SetRevocationReason(bool isCritical, RevocationReasonTag reason,
+			string description)
+		{
+			list.Add(new RevocationReason(isCritical, reason, description));
+		}
+
+		/// <summary>
+		/// Sets revocation key sub packet
+		/// </summary>	
+		public void SetRevocationKey(bool isCritical, PublicKeyAlgorithmTag keyAlgorithm, byte[] fingerprint)
+		{
+			list.Add(new RevocationKey(isCritical, RevocationKeyTag.ClassDefault, keyAlgorithm, fingerprint));
+		}
+
+		/// <summary>
+		/// Sets issuer key sub packet
+		/// </summary>	
+		public void SetIssuerKeyID(bool isCritical, long keyID)
+		{
+			list.Add(new IssuerKeyId(isCritical, keyID));
+		}    
+
+		public PgpSignatureSubpacketVector Generate()
+        {
+            SignatureSubpacket[] a = new SignatureSubpacket[list.Count];
+            for (int i = 0; i < list.Count; ++i)
+            {
+                a[i] = (SignatureSubpacket)list[i];
+            }
+            return new PgpSignatureSubpacketVector(a);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketVector.cs b/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketVector.cs
new file mode 100644
index 0000000..156243f
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpSignatureSubpacketVector.cs
@@ -0,0 +1,239 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Bcpg.Sig;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Container for a list of signature subpackets.</remarks>
+    public class PgpSignatureSubpacketVector
+    {
+        private readonly SignatureSubpacket[] packets;
+
+		internal PgpSignatureSubpacketVector(
+            SignatureSubpacket[] packets)
+        {
+            this.packets = packets;
+        }
+
+		public SignatureSubpacket GetSubpacket(
+            SignatureSubpacketTag type)
+        {
+            for (int i = 0; i != packets.Length; i++)
+            {
+                if (packets[i].SubpacketType == type)
+                {
+                    return packets[i];
+                }
+            }
+
+			return null;
+        }
+
+		/**
+		 * Return true if a particular subpacket type exists.
+		 *
+		 * @param type type to look for.
+		 * @return true if present, false otherwise.
+		 */
+		public bool HasSubpacket(
+			SignatureSubpacketTag type)
+		{
+			return GetSubpacket(type) != null;
+		}
+
+		/**
+		 * Return all signature subpackets of the passed in type.
+		 * @param type subpacket type code
+		 * @return an array of zero or more matching subpackets.
+		 */
+		public SignatureSubpacket[] GetSubpackets(
+			SignatureSubpacketTag type)
+		{
+            int count = 0;
+            for (int i = 0; i < packets.Length; ++i)
+            {
+                if (packets[i].SubpacketType == type)
+                {
+                    ++count;
+                }
+            }
+
+            SignatureSubpacket[] result = new SignatureSubpacket[count];
+
+            int pos = 0;
+            for (int i = 0; i < packets.Length; ++i)
+            {
+                if (packets[i].SubpacketType == type)
+                {
+                    result[pos++] = packets[i];
+                }
+            }
+
+            return result;
+        }
+
+        public NotationData[] GetNotationDataOccurences()
+		{
+			SignatureSubpacket[] notations = GetSubpackets(SignatureSubpacketTag.NotationData);
+			NotationData[] vals = new NotationData[notations.Length];
+
+			for (int i = 0; i < notations.Length; i++)
+			{
+				vals[i] = (NotationData) notations[i];
+			}
+
+			return vals;
+		}
+
+		public long GetIssuerKeyId()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.IssuerKeyId);
+
+            return p == null ? 0 : ((IssuerKeyId) p).KeyId;
+        }
+
+		public bool HasSignatureCreationTime()
+		{
+			return GetSubpacket(SignatureSubpacketTag.CreationTime) != null;
+		}
+
+		public DateTime GetSignatureCreationTime()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.CreationTime);
+
+            if (p == null)
+            {
+                throw new PgpException("SignatureCreationTime not available");
+            }
+
+            return ((SignatureCreationTime)p).GetTime();
+        }
+
+		/// <summary>
+		/// Return the number of seconds a signature is valid for after its creation date.
+		/// A value of zero means the signature never expires.
+		/// </summary>
+		/// <returns>Seconds a signature is valid for.</returns>
+        public long GetSignatureExpirationTime()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.ExpireTime);
+
+			return p == null ? 0 : ((SignatureExpirationTime) p).Time;
+        }
+
+		/// <summary>
+		/// Return the number of seconds a key is valid for after its creation date.
+		/// A value of zero means the key never expires.
+		/// </summary>
+		/// <returns>Seconds a signature is valid for.</returns>
+        public long GetKeyExpirationTime()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.KeyExpireTime);
+
+			return p == null ? 0 : ((KeyExpirationTime) p).Time;
+        }
+
+		public int[] GetPreferredHashAlgorithms()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredHashAlgorithms);
+
+			return p == null ? null : ((PreferredAlgorithms) p).GetPreferences();
+        }
+
+		public int[] GetPreferredSymmetricAlgorithms()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredSymmetricAlgorithms);
+
+            return p == null ? null : ((PreferredAlgorithms) p).GetPreferences();
+        }
+
+		public int[] GetPreferredCompressionAlgorithms()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredCompressionAlgorithms);
+
+            return p == null ? null : ((PreferredAlgorithms) p).GetPreferences();
+        }
+
+		public int GetKeyFlags()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.KeyFlags);
+
+            return p == null ? 0 : ((KeyFlags) p).Flags;
+        }
+
+		public string GetSignerUserId()
+        {
+            SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.SignerUserId);
+
+			return p == null ? null : ((SignerUserId) p).GetId();
+        }
+
+		public bool IsPrimaryUserId()
+		{
+			PrimaryUserId primaryId = (PrimaryUserId)
+				this.GetSubpacket(SignatureSubpacketTag.PrimaryUserId);
+
+			if (primaryId != null)
+			{
+				return primaryId.IsPrimaryUserId();
+			}
+
+			return false;
+		}
+
+		public SignatureSubpacketTag[] GetCriticalTags()
+        {
+            int count = 0;
+            for (int i = 0; i != packets.Length; i++)
+            {
+                if (packets[i].IsCritical())
+                {
+                    count++;
+                }
+            }
+
+			SignatureSubpacketTag[] list = new SignatureSubpacketTag[count];
+
+			count = 0;
+
+			for (int i = 0; i != packets.Length; i++)
+            {
+                if (packets[i].IsCritical())
+                {
+                    list[count++] = packets[i].SubpacketType;
+                }
+            }
+
+			return list;
+        }
+
+        public Features GetFeatures()
+        {
+            SignatureSubpacket p = this.GetSubpacket(SignatureSubpacketTag.Features);
+
+            if (p == null)
+                return null;
+
+            return new Features(p.IsCritical(), p.IsLongLength(), p.GetData());
+        }
+
+        [Obsolete("Use 'Count' property instead")]
+		public int Size
+		{
+			get { return packets.Length; }
+		}
+
+		/// <summary>Return the number of packets this vector contains.</summary>
+		public int Count
+		{
+			get { return packets.Length; }
+		}
+
+		internal SignatureSubpacket[] ToSubpacketArray()
+        {
+            return packets;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs b/bc-sharp-crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs
new file mode 100644
index 0000000..4cdbeda
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs
@@ -0,0 +1,81 @@
+using Org.BouncyCastle.Bcpg.Attr;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Container for a list of user attribute subpackets.</remarks>
+    public class PgpUserAttributeSubpacketVector
+    {
+        private readonly UserAttributeSubpacket[] packets;
+
+		internal PgpUserAttributeSubpacketVector(
+            UserAttributeSubpacket[] packets)
+        {
+            this.packets = packets;
+        }
+
+		public UserAttributeSubpacket GetSubpacket(
+            UserAttributeSubpacketTag type)
+        {
+            for (int i = 0; i != packets.Length; i++)
+            {
+                if (packets[i].SubpacketType == type)
+                {
+                    return packets[i];
+                }
+            }
+
+			return null;
+        }
+
+		public ImageAttrib GetImageAttribute()
+        {
+            UserAttributeSubpacket p = GetSubpacket(UserAttributeSubpacketTag.ImageAttribute);
+
+            return p == null ? null : (ImageAttrib) p;
+        }
+
+		internal UserAttributeSubpacket[] ToSubpacketArray()
+        {
+            return packets;
+        }
+
+		public override bool Equals(
+            object obj)
+        {
+            if (obj == this)
+                return true;
+
+			PgpUserAttributeSubpacketVector other = obj as PgpUserAttributeSubpacketVector;
+
+			if (other == null)
+				return false;
+
+			if (other.packets.Length != packets.Length)
+            {
+                return false;
+            }
+
+			for (int i = 0; i != packets.Length; i++)
+            {
+                if (!other.packets[i].Equals(packets[i]))
+                {
+                    return false;
+                }
+            }
+
+			return true;
+        }
+
+		public override int GetHashCode()
+        {
+            int code = 0;
+
+			foreach (object o in packets)
+			{
+				code ^= o.GetHashCode();
+			}
+
+			return code;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpUtilities.cs b/bc-sharp-crypto/src/openpgp/PgpUtilities.cs
new file mode 100644
index 0000000..7d96dee
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpUtilities.cs
@@ -0,0 +1,518 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Basic utility class.</remarks>
+    public sealed class PgpUtilities
+    {
+        private PgpUtilities()
+        {
+        }
+
+		public static MPInteger[] DsaSigToMpi(
+			byte[] encoding)
+		{
+			DerInteger i1, i2;
+
+			try
+			{
+				Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding);
+
+				i1 = (DerInteger) s[0];
+				i2 = (DerInteger) s[1];
+			}
+			catch (IOException e)
+			{
+				throw new PgpException("exception encoding signature", e);
+			}
+
+			return new MPInteger[]{ new MPInteger(i1.Value), new MPInteger(i2.Value) };
+		}
+
+		public static MPInteger[] RsaSigToMpi(
+			byte[] encoding)
+		{
+			return new MPInteger[]{ new MPInteger(new BigInteger(1, encoding)) };
+		}
+
+		public static string GetDigestName(
+            HashAlgorithmTag hashAlgorithm)
+        {
+            switch (hashAlgorithm)
+            {
+				case HashAlgorithmTag.Sha1:
+					return "SHA1";
+				case HashAlgorithmTag.MD2:
+					return "MD2";
+				case HashAlgorithmTag.MD5:
+					return "MD5";
+				case HashAlgorithmTag.RipeMD160:
+					return "RIPEMD160";
+				case HashAlgorithmTag.Sha224:
+					return "SHA224";
+				case HashAlgorithmTag.Sha256:
+					return "SHA256";
+				case HashAlgorithmTag.Sha384:
+					return "SHA384";
+				case HashAlgorithmTag.Sha512:
+					return "SHA512";
+				default:
+					throw new PgpException("unknown hash algorithm tag in GetDigestName: " + hashAlgorithm);
+			}
+        }
+
+		public static string GetSignatureName(
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm)
+        {
+            string encAlg;
+			switch (keyAlgorithm)
+            {
+				case PublicKeyAlgorithmTag.RsaGeneral:
+				case PublicKeyAlgorithmTag.RsaSign:
+					encAlg = "RSA";
+					break;
+				case PublicKeyAlgorithmTag.Dsa:
+					encAlg = "DSA";
+					break;
+                case PublicKeyAlgorithmTag.ECDH:
+                    encAlg = "ECDH";
+                    break;
+                case PublicKeyAlgorithmTag.ECDsa:
+                    encAlg = "ECDSA";
+                    break;
+                case PublicKeyAlgorithmTag.ElGamalEncrypt: // in some malformed cases.
+				case PublicKeyAlgorithmTag.ElGamalGeneral:
+					encAlg = "ElGamal";
+					break;
+				default:
+					throw new PgpException("unknown algorithm tag in signature:" + keyAlgorithm);
+            }
+
+			return GetDigestName(hashAlgorithm) + "with" + encAlg;
+        }
+
+	public static string GetSymmetricCipherName(
+            SymmetricKeyAlgorithmTag algorithm)
+        {
+            switch (algorithm)
+            {
+				case SymmetricKeyAlgorithmTag.Null:
+					return null;
+				case SymmetricKeyAlgorithmTag.TripleDes:
+					return "DESEDE";
+				case SymmetricKeyAlgorithmTag.Idea:
+					return "IDEA";
+				case SymmetricKeyAlgorithmTag.Cast5:
+					return "CAST5";
+				case SymmetricKeyAlgorithmTag.Blowfish:
+					return "Blowfish";
+				case SymmetricKeyAlgorithmTag.Safer:
+					return "SAFER";
+				case SymmetricKeyAlgorithmTag.Des:
+					return "DES";
+				case SymmetricKeyAlgorithmTag.Aes128:
+					return "AES";
+				case SymmetricKeyAlgorithmTag.Aes192:
+					return "AES";
+				case SymmetricKeyAlgorithmTag.Aes256:
+					return "AES";
+				case SymmetricKeyAlgorithmTag.Twofish:
+					return "Twofish";
+				case SymmetricKeyAlgorithmTag.Camellia128:
+					return "Camellia";
+				case SymmetricKeyAlgorithmTag.Camellia192:
+					return "Camellia";
+				case SymmetricKeyAlgorithmTag.Camellia256:
+					return "Camellia";
+				default:
+					throw new PgpException("unknown symmetric algorithm: " + algorithm);
+            }
+        }
+
+        public static int GetKeySize(SymmetricKeyAlgorithmTag algorithm)
+        {
+            int keySize;
+            switch (algorithm)
+            {
+                case SymmetricKeyAlgorithmTag.Des:
+                    keySize = 64;
+                    break;
+                case SymmetricKeyAlgorithmTag.Idea:
+                case SymmetricKeyAlgorithmTag.Cast5:
+                case SymmetricKeyAlgorithmTag.Blowfish:
+                case SymmetricKeyAlgorithmTag.Safer:
+                case SymmetricKeyAlgorithmTag.Aes128:
+                case SymmetricKeyAlgorithmTag.Camellia128:
+                    keySize = 128;
+                    break;
+                case SymmetricKeyAlgorithmTag.TripleDes:
+                case SymmetricKeyAlgorithmTag.Aes192:
+                case SymmetricKeyAlgorithmTag.Camellia192:
+                    keySize = 192;
+                    break;
+                case SymmetricKeyAlgorithmTag.Aes256:
+                case SymmetricKeyAlgorithmTag.Twofish:
+                case SymmetricKeyAlgorithmTag.Camellia256:
+                    keySize = 256;
+                    break;
+                default:
+                    throw new PgpException("unknown symmetric algorithm: " + algorithm);
+            }
+
+			return keySize;
+        }
+
+		public static KeyParameter MakeKey(
+			SymmetricKeyAlgorithmTag	algorithm,
+			byte[]						keyBytes)
+		{
+			string algName = GetSymmetricCipherName(algorithm);
+
+			return ParameterUtilities.CreateKeyParameter(algName, keyBytes);
+		}
+
+		public static KeyParameter MakeRandomKey(
+            SymmetricKeyAlgorithmTag	algorithm,
+            SecureRandom				random)
+        {
+            int keySize = GetKeySize(algorithm);
+            byte[] keyBytes = new byte[(keySize + 7) / 8];
+            random.NextBytes(keyBytes);
+			return MakeKey(algorithm, keyBytes);
+        }
+
+        internal static byte[] EncodePassPhrase(char[] passPhrase, bool utf8)
+        {
+            return passPhrase == null
+                ? null
+                : utf8
+                ? Encoding.UTF8.GetBytes(passPhrase)
+                : Strings.ToByteArray(passPhrase);
+        }
+
+        /// <remarks>
+        /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
+        /// the historical behaviour of the library (1.7 and earlier).
+        /// </remarks>
+        public static KeyParameter MakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag algorithm, S2k s2k, char[] passPhrase)
+        {
+            return DoMakeKeyFromPassPhrase(algorithm, s2k, EncodePassPhrase(passPhrase, false), true);
+        }
+
+        /// <remarks>
+        /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
+        /// </remarks>
+        public static KeyParameter MakeKeyFromPassPhraseUtf8(SymmetricKeyAlgorithmTag algorithm, S2k s2k, char[] passPhrase)
+        {
+            return DoMakeKeyFromPassPhrase(algorithm, s2k, EncodePassPhrase(passPhrase, true), true);
+        }
+
+        /// <remarks>
+        /// Allows the caller to handle the encoding of the passphrase to bytes.
+        /// </remarks>
+        public static KeyParameter MakeKeyFromPassPhraseRaw(SymmetricKeyAlgorithmTag algorithm, S2k s2k, byte[] rawPassPhrase)
+        {
+            return DoMakeKeyFromPassPhrase(algorithm, s2k, rawPassPhrase, false);
+        }
+
+        internal static KeyParameter DoMakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag algorithm, S2k s2k, byte[] rawPassPhrase, bool clearPassPhrase)
+        {
+			int keySize = GetKeySize(algorithm);
+            byte[] pBytes = rawPassPhrase;
+			byte[] keyBytes = new byte[(keySize + 7) / 8];
+
+			int generatedBytes = 0;
+            int loopCount = 0;
+
+			while (generatedBytes < keyBytes.Length)
+            {
+				IDigest digest;
+				if (s2k != null)
+                {
+					string digestName = GetDigestName(s2k.HashAlgorithm);
+
+                    try
+                    {
+						digest = DigestUtilities.GetDigest(digestName);
+                    }
+                    catch (Exception e)
+                    {
+                        throw new PgpException("can't find S2k digest", e);
+                    }
+
+					for (int i = 0; i != loopCount; i++)
+                    {
+                        digest.Update(0);
+                    }
+
+					byte[] iv = s2k.GetIV();
+
+					switch (s2k.Type)
+                    {
+						case S2k.Simple:
+							digest.BlockUpdate(pBytes, 0, pBytes.Length);
+							break;
+						case S2k.Salted:
+							digest.BlockUpdate(iv, 0, iv.Length);
+							digest.BlockUpdate(pBytes, 0, pBytes.Length);
+							break;
+						case S2k.SaltedAndIterated:
+							long count = s2k.IterationCount;
+							digest.BlockUpdate(iv, 0, iv.Length);
+							digest.BlockUpdate(pBytes, 0, pBytes.Length);
+
+							count -= iv.Length + pBytes.Length;
+
+							while (count > 0)
+							{
+								if (count < iv.Length)
+								{
+									digest.BlockUpdate(iv, 0, (int)count);
+									break;
+								}
+								else
+								{
+									digest.BlockUpdate(iv, 0, iv.Length);
+									count -= iv.Length;
+								}
+
+								if (count < pBytes.Length)
+								{
+									digest.BlockUpdate(pBytes, 0, (int)count);
+									count = 0;
+								}
+								else
+								{
+									digest.BlockUpdate(pBytes, 0, pBytes.Length);
+									count -= pBytes.Length;
+								}
+							}
+							break;
+						default:
+							throw new PgpException("unknown S2k type: " + s2k.Type);
+                    }
+                }
+                else
+                {
+                    try
+                    {
+                        digest = DigestUtilities.GetDigest("MD5");
+
+						for (int i = 0; i != loopCount; i++)
+                        {
+                            digest.Update(0);
+                        }
+
+						digest.BlockUpdate(pBytes, 0, pBytes.Length);
+                    }
+                    catch (Exception e)
+                    {
+                        throw new PgpException("can't find MD5 digest", e);
+                    }
+                }
+
+				byte[] dig = DigestUtilities.DoFinal(digest);
+
+				if (dig.Length > (keyBytes.Length - generatedBytes))
+                {
+                    Array.Copy(dig, 0, keyBytes, generatedBytes, keyBytes.Length - generatedBytes);
+                }
+                else
+                {
+                    Array.Copy(dig, 0, keyBytes, generatedBytes, dig.Length);
+                }
+
+				generatedBytes += dig.Length;
+
+				loopCount++;
+            }
+
+            if (clearPassPhrase && rawPassPhrase != null)
+            {
+                Array.Clear(rawPassPhrase, 0, rawPassPhrase.Length);
+            }
+
+            return MakeKey(algorithm, keyBytes);
+        }
+
+#if !PORTABLE || DOTNET
+        /// <summary>Write out the passed in file as a literal data packet.</summary>
+        public static void WriteFileToLiteralData(
+            Stream		output,
+            char		fileType,
+            FileInfo	file)
+        {
+            PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator();
+			Stream pOut = lData.Open(output, fileType, file.Name, file.Length, file.LastWriteTime);
+			PipeFileContents(file, pOut, 4096);
+        }
+
+		/// <summary>Write out the passed in file as a literal data packet in partial packet format.</summary>
+        public static void WriteFileToLiteralData(
+            Stream		output,
+            char		fileType,
+            FileInfo	file,
+            byte[]		buffer)
+        {
+            PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator();
+            Stream pOut = lData.Open(output, fileType, file.Name, file.LastWriteTime, buffer);
+			PipeFileContents(file, pOut, buffer.Length);
+        }
+
+		private static void PipeFileContents(FileInfo file, Stream pOut, int bufSize)
+		{
+			FileStream inputStream = file.OpenRead();
+			byte[] buf = new byte[bufSize];
+
+			int len;
+            while ((len = inputStream.Read(buf, 0, buf.Length)) > 0)
+            {
+                pOut.Write(buf, 0, len);
+            }
+
+            Platform.Dispose(pOut);
+            Platform.Dispose(inputStream);
+		}
+#endif
+
+		private const int ReadAhead = 60;
+
+		private static bool IsPossiblyBase64(
+            int ch)
+        {
+            return (ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z')
+                    || (ch >= '0' && ch <= '9') || (ch == '+') || (ch == '/')
+                    || (ch == '\r') || (ch == '\n');
+        }
+
+		/// <summary>
+		/// Return either an ArmoredInputStream or a BcpgInputStream based on whether
+		/// the initial characters of the stream are binary PGP encodings or not.
+		/// </summary>
+        public static Stream GetDecoderStream(
+            Stream inputStream)
+        {
+			// TODO Remove this restriction?
+			if (!inputStream.CanSeek)
+				throw new ArgumentException("inputStream must be seek-able", "inputStream");
+
+			long markedPos = inputStream.Position;
+
+			int ch = inputStream.ReadByte();
+            if ((ch & 0x80) != 0)
+            {
+                inputStream.Position = markedPos;
+
+				return inputStream;
+            }
+
+            if (!IsPossiblyBase64(ch))
+            {
+                inputStream.Position = markedPos;
+
+				return new ArmoredInputStream(inputStream);
+            }
+
+			byte[]	buf = new byte[ReadAhead];
+            int		count = 1;
+            int		index = 1;
+
+			buf[0] = (byte)ch;
+            while (count != ReadAhead && (ch = inputStream.ReadByte()) >= 0)
+            {
+                if (!IsPossiblyBase64(ch))
+                {
+                    inputStream.Position = markedPos;
+
+					return new ArmoredInputStream(inputStream);
+                }
+
+				if (ch != '\n' && ch != '\r')
+                {
+                    buf[index++] = (byte)ch;
+                }
+
+				count++;
+            }
+
+			inputStream.Position = markedPos;
+
+			//
+            // nothing but new lines, little else, assume regular armoring
+            //
+            if (count < 4)
+            {
+                return new ArmoredInputStream(inputStream);
+            }
+
+			//
+            // test our non-blank data
+            //
+            byte[] firstBlock = new byte[8];
+
+			Array.Copy(buf, 0, firstBlock, 0, firstBlock.Length);
+
+            try
+            {
+                byte[] decoded = Base64.Decode(firstBlock);
+
+                //
+                // it's a base64 PGP block.
+                //
+                bool hasHeaders = (decoded[0] & 0x80) == 0;
+
+                return new ArmoredInputStream(inputStream, hasHeaders);
+            }
+            catch (IOException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new IOException(e.Message);
+            }
+        }
+
+        internal static IWrapper CreateWrapper(SymmetricKeyAlgorithmTag encAlgorithm)
+        {
+            switch (encAlgorithm)
+            {
+            case SymmetricKeyAlgorithmTag.Aes128:
+            case SymmetricKeyAlgorithmTag.Aes192:
+            case SymmetricKeyAlgorithmTag.Aes256:
+                return WrapperUtilities.GetWrapper("AESWRAP");
+            case SymmetricKeyAlgorithmTag.Camellia128:
+            case SymmetricKeyAlgorithmTag.Camellia192:
+            case SymmetricKeyAlgorithmTag.Camellia256:
+                return WrapperUtilities.GetWrapper("CAMELLIAWRAP");
+            default:
+                throw new PgpException("unknown wrap algorithm: " + encAlgorithm);
+            }
+        }
+
+        internal static byte[] GenerateIV(int length, SecureRandom random)
+        {
+            byte[] iv = new byte[length];
+            random.NextBytes(iv);
+            return iv;
+        }
+
+        internal static S2k GenerateS2k(HashAlgorithmTag hashAlgorithm, int s2kCount, SecureRandom random)
+        {
+            byte[] iv = GenerateIV(8, random);
+            return new S2k(hashAlgorithm, iv, s2kCount);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/PgpV3SignatureGenerator.cs b/bc-sharp-crypto/src/openpgp/PgpV3SignatureGenerator.cs
new file mode 100644
index 0000000..fc8b42d
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/PgpV3SignatureGenerator.cs
@@ -0,0 +1,199 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	/// <remarks>Generator for old style PGP V3 Signatures.</remarks>
+	// TODO Should be able to implement ISigner?
+	public class PgpV3SignatureGenerator
+    {
+        private PublicKeyAlgorithmTag keyAlgorithm;
+        private HashAlgorithmTag hashAlgorithm;
+        private PgpPrivateKey privKey;
+        private ISigner sig;
+        private IDigest    dig;
+        private int signatureType;
+        private byte lastb;
+
+		/// <summary>Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.</summary>
+        public PgpV3SignatureGenerator(
+            PublicKeyAlgorithmTag	keyAlgorithm,
+            HashAlgorithmTag		hashAlgorithm)
+        {
+            this.keyAlgorithm = keyAlgorithm;
+            this.hashAlgorithm = hashAlgorithm;
+
+            dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm));
+            sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm));
+        }
+
+		/// <summary>Initialise the generator for signing.</summary>
+		public void InitSign(
+			int				sigType,
+			PgpPrivateKey	key)
+		{
+			InitSign(sigType, key, null);
+		}
+
+		/// <summary>Initialise the generator for signing.</summary>
+        public void InitSign(
+            int				sigType,
+            PgpPrivateKey	key,
+			SecureRandom	random)
+        {
+            this.privKey = key;
+            this.signatureType = sigType;
+
+			try
+            {
+				ICipherParameters cp = key.Key;
+				if (random != null)
+				{
+					cp = new ParametersWithRandom(key.Key, random);
+				}
+
+				sig.Init(true, cp);
+            }
+            catch (InvalidKeyException e)
+            {
+                throw new PgpException("invalid key.", e);
+            }
+
+			dig.Reset();
+            lastb = 0;
+        }
+
+		public void Update(
+            byte b)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+				doCanonicalUpdateByte(b);
+            }
+            else
+            {
+				doUpdateByte(b);
+            }
+        }
+
+		private void doCanonicalUpdateByte(
+			byte b)
+		{
+			if (b == '\r')
+			{
+				doUpdateCRLF();
+			}
+			else if (b == '\n')
+			{
+				if (lastb != '\r')
+				{
+					doUpdateCRLF();
+				}
+			}
+			else
+			{
+				doUpdateByte(b);
+			}
+
+			lastb = b;
+		}
+
+		private void doUpdateCRLF()
+		{
+			doUpdateByte((byte)'\r');
+			doUpdateByte((byte)'\n');
+		}
+
+		private void doUpdateByte(
+			byte b)
+		{
+			sig.Update(b);
+			dig.Update(b);
+		}
+
+		public void Update(
+            byte[] b)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+                for (int i = 0; i != b.Length; i++)
+                {
+                    doCanonicalUpdateByte(b[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(b, 0, b.Length);
+                dig.BlockUpdate(b, 0, b.Length);
+            }
+        }
+
+		public void Update(
+            byte[]	b,
+            int		off,
+            int		len)
+        {
+            if (signatureType == PgpSignature.CanonicalTextDocument)
+            {
+                int finish = off + len;
+
+				for (int i = off; i != finish; i++)
+                {
+                    doCanonicalUpdateByte(b[i]);
+                }
+            }
+            else
+            {
+                sig.BlockUpdate(b, off, len);
+                dig.BlockUpdate(b, off, len);
+            }
+        }
+
+		/// <summary>Return the one pass header associated with the current signature.</summary>
+        public PgpOnePassSignature GenerateOnePassVersion(
+            bool isNested)
+        {
+            return new PgpOnePassSignature(
+				new OnePassSignaturePacket(signatureType, hashAlgorithm, keyAlgorithm, privKey.KeyId, isNested));
+        }
+
+		/// <summary>Return a V3 signature object containing the current signature state.</summary>
+        public PgpSignature Generate()
+        {
+            long creationTime = DateTimeUtilities.CurrentUnixMs() / 1000L;
+
+			byte[] hData = new byte[]
+			{
+				(byte) signatureType,
+				(byte)(creationTime >> 24),
+				(byte)(creationTime >> 16),
+				(byte)(creationTime >> 8),
+				(byte) creationTime
+			};
+
+			sig.BlockUpdate(hData, 0, hData.Length);
+            dig.BlockUpdate(hData, 0, hData.Length);
+
+			byte[] sigBytes = sig.GenerateSignature();
+			byte[] digest = DigestUtilities.DoFinal(dig);
+			byte[] fingerPrint = new byte[]{ digest[0], digest[1] };
+
+			// an RSA signature
+			bool isRsa = keyAlgorithm == PublicKeyAlgorithmTag.RsaSign
+                || keyAlgorithm == PublicKeyAlgorithmTag.RsaGeneral;
+
+			MPInteger[] sigValues = isRsa
+				?	PgpUtilities.RsaSigToMpi(sigBytes)
+				:	PgpUtilities.DsaSigToMpi(sigBytes);
+
+			return new PgpSignature(
+				new SignaturePacket(3, signatureType, privKey.KeyId, keyAlgorithm,
+					hashAlgorithm, creationTime * 1000L, fingerPrint, sigValues));
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/Rfc6637Utilities.cs b/bc-sharp-crypto/src/openpgp/Rfc6637Utilities.cs
new file mode 100644
index 0000000..5d992ec
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/Rfc6637Utilities.cs
@@ -0,0 +1,138 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    public sealed class Rfc6637Utilities
+    {
+        private Rfc6637Utilities()
+        {
+        }
+
+        // "Anonymous Sender    ", which is the octet sequence
+        private static readonly byte[] ANONYMOUS_SENDER = Hex.Decode("416E6F6E796D6F75732053656E64657220202020");
+
+        public static string GetAgreementAlgorithm(PublicKeyPacket pubKeyData)
+        {
+            ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key;
+
+            switch (ecKey.HashAlgorithm)
+            {
+            case HashAlgorithmTag.Sha256:
+                return "ECCDHwithSHA256CKDF";
+            case HashAlgorithmTag.Sha384:
+                return "ECCDHwithSHA384CKDF";
+            case HashAlgorithmTag.Sha512:
+                return "ECCDHwithSHA512CKDF";
+            default:
+                throw new ArgumentException("Unknown hash algorithm specified: " + ecKey.HashAlgorithm);
+            }
+        }
+
+        public static DerObjectIdentifier GetKeyEncryptionOID(SymmetricKeyAlgorithmTag algID)
+        {
+            switch (algID)
+            {
+            case SymmetricKeyAlgorithmTag.Aes128:
+                return NistObjectIdentifiers.IdAes128Wrap;
+            case SymmetricKeyAlgorithmTag.Aes192:
+                return NistObjectIdentifiers.IdAes192Wrap;
+            case SymmetricKeyAlgorithmTag.Aes256:
+                return NistObjectIdentifiers.IdAes256Wrap;
+            default:
+                throw new PgpException("unknown symmetric algorithm ID: " + algID);
+            }
+        }
+
+        public static int GetKeyLength(SymmetricKeyAlgorithmTag algID)
+        {
+            switch (algID)
+            {
+            case SymmetricKeyAlgorithmTag.Aes128:
+                return 16;
+            case SymmetricKeyAlgorithmTag.Aes192:
+                return 24;
+            case SymmetricKeyAlgorithmTag.Aes256:
+                return 32;
+            default:
+                throw new PgpException("unknown symmetric algorithm ID: " + algID);
+            }
+        }
+
+        public static byte[] CreateKey(PublicKeyPacket pubKeyData, ECPoint s)
+        {
+            byte[] userKeyingMaterial = CreateUserKeyingMaterial(pubKeyData);
+
+            ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key;
+
+            return Kdf(ecKey.HashAlgorithm, s, GetKeyLength(ecKey.SymmetricKeyAlgorithm), userKeyingMaterial);
+        }
+
+        // RFC 6637 - Section 8
+        // curve_OID_len = (byte)len(curve_OID);
+        // Param = curve_OID_len || curve_OID || public_key_alg_ID || 03
+        // || 01 || KDF_hash_ID || KEK_alg_ID for AESKeyWrap || "Anonymous
+        // Sender    " || recipient_fingerprint;
+        // Z_len = the key size for the KEK_alg_ID used with AESKeyWrap
+        // Compute Z = KDF( S, Z_len, Param );
+        public static byte[] CreateUserKeyingMaterial(PublicKeyPacket pubKeyData)
+        {
+            MemoryStream pOut = new MemoryStream();
+            ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key;
+            byte[] encOid = ecKey.CurveOid.GetEncoded();
+
+            pOut.Write(encOid, 1, encOid.Length - 1);
+            pOut.WriteByte((byte)pubKeyData.Algorithm);
+            pOut.WriteByte(0x03);
+            pOut.WriteByte(0x01);
+            pOut.WriteByte((byte)ecKey.HashAlgorithm);
+            pOut.WriteByte((byte)ecKey.SymmetricKeyAlgorithm);
+            pOut.Write(ANONYMOUS_SENDER, 0, ANONYMOUS_SENDER.Length);
+
+            byte[] fingerprint = PgpPublicKey.CalculateFingerprint(pubKeyData);
+            pOut.Write(fingerprint, 0, fingerprint.Length);
+
+            return pOut.ToArray();
+        }
+
+        // RFC 6637 - Section 7
+        //   Implements KDF( X, oBits, Param );
+        //   Input: point X = (x,y)
+        //   oBits - the desired size of output
+        //   hBits - the size of output of hash function Hash
+        //   Param - octets representing the parameters
+        //   Assumes that oBits <= hBits
+        //   Convert the point X to the octet string, see section 6:
+        //   ZB' = 04 || x || y
+        //   and extract the x portion from ZB'
+        //         ZB = x;
+        //         MB = Hash ( 00 || 00 || 00 || 01 || ZB || Param );
+        //   return oBits leftmost bits of MB.
+        private static byte[] Kdf(HashAlgorithmTag digestAlg, ECPoint s, int keyLen, byte[] parameters)
+        {
+            byte[] ZB = s.XCoord.GetEncoded();
+
+            string digestName = PgpUtilities.GetDigestName(digestAlg);
+			IDigest digest = DigestUtilities.GetDigest(digestName);
+
+            digest.Update(0x00);
+            digest.Update(0x00);
+            digest.Update(0x00);
+            digest.Update(0x01);
+            digest.BlockUpdate(ZB, 0, ZB.Length);
+            digest.BlockUpdate(parameters, 0, parameters.Length);
+
+            byte[] hash = DigestUtilities.DoFinal(digest);
+
+            return Arrays.CopyOfRange(hash, 0, keyLen);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/SXprUtilities.cs b/bc-sharp-crypto/src/openpgp/SXprUtilities.cs
new file mode 100644
index 0000000..68ff373
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/SXprUtilities.cs
@@ -0,0 +1,102 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+    /**
+     * Utility functions for looking a S-expression keys. This class will move when it finds a better home!
+     * <p>
+     * Format documented here:
+     * http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/keyformat.txt;h=42c4b1f06faf1bbe71ffadc2fee0fad6bec91a97;hb=refs/heads/master
+     * </p>
+     */
+    public sealed class SXprUtilities
+    {
+        private SXprUtilities()
+        {
+        }
+
+        private static int ReadLength(Stream input, int ch)
+        {
+            int len = ch - '0';
+
+            while ((ch = input.ReadByte()) >= 0 && ch != ':')
+            {
+                len = len * 10 + ch - '0';
+            }
+
+            return len;
+        }
+
+        internal static string ReadString(Stream input, int ch)
+        {
+            int len = ReadLength(input, ch);
+
+            char[] chars = new char[len];
+
+            for (int i = 0; i != chars.Length; i++)
+            {
+                chars[i] = (char)input.ReadByte();
+            }
+
+            return new string(chars);
+        }
+
+        internal static byte[] ReadBytes(Stream input, int ch)
+        {
+            int len = ReadLength(input, ch);
+
+            byte[] data = new byte[len];
+
+            Streams.ReadFully(input, data);
+
+            return data;
+        }
+
+        internal static S2k ParseS2k(Stream input)
+        {
+            SkipOpenParenthesis(input);
+
+            string alg = ReadString(input, input.ReadByte());
+            byte[] iv = ReadBytes(input, input.ReadByte());
+            long iterationCount = Int64.Parse(ReadString(input, input.ReadByte()));
+
+            SkipCloseParenthesis(input);
+
+            // we have to return the actual iteration count provided.
+            return new MyS2k(HashAlgorithmTag.Sha1, iv, iterationCount);
+        }
+
+        internal static void SkipOpenParenthesis(Stream input)
+        {
+            int ch = input.ReadByte();
+            if (ch != '(')
+                throw new IOException("unknown character encountered");
+        }
+
+        internal static void SkipCloseParenthesis(Stream input)
+        {
+            int ch = input.ReadByte();
+            if (ch != ')')
+                throw new IOException("unknown character encountered");
+        }
+
+        private class MyS2k : S2k
+        {
+            private readonly long mIterationCount64;
+
+            internal MyS2k(HashAlgorithmTag algorithm, byte[] iv, long iterationCount64)
+                : base(algorithm, iv, (int)iterationCount64)
+            {
+                this.mIterationCount64 = iterationCount64;
+            }
+
+            public override long IterationCount
+            {
+                get { return mIterationCount64; }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openpgp/WrappedGeneratorStream.cs b/bc-sharp-crypto/src/openpgp/WrappedGeneratorStream.cs
new file mode 100644
index 0000000..5f4a4b0
--- /dev/null
+++ b/bc-sharp-crypto/src/openpgp/WrappedGeneratorStream.cs
@@ -0,0 +1,37 @@
+using System.IO;
+
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Bcpg.OpenPgp
+{
+	public class WrappedGeneratorStream
+		: FilterStream
+	{
+		private readonly IStreamGenerator gen;
+
+		public WrappedGeneratorStream(
+			IStreamGenerator	gen,
+			Stream				str)
+			: base(str)
+		{
+			this.gen = gen;
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                gen.Close();
+                return;
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+		{
+			gen.Close();
+		}
+#endif
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/EncryptionException.cs b/bc-sharp-crypto/src/openssl/EncryptionException.cs
new file mode 100644
index 0000000..043e902
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/EncryptionException.cs
@@ -0,0 +1,25 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class EncryptionException
+		: IOException
+	{
+		public EncryptionException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public EncryptionException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/IPasswordFinder.cs b/bc-sharp-crypto/src/openssl/IPasswordFinder.cs
new file mode 100644
index 0000000..4fcef1b
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/IPasswordFinder.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+	public interface IPasswordFinder
+	{
+		char[] GetPassword();
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/MiscPemGenerator.cs b/bc-sharp-crypto/src/openssl/MiscPemGenerator.cs
new file mode 100644
index 0000000..22ae1ea
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/MiscPemGenerator.cs
@@ -0,0 +1,275 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO.Pem;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+    /**
+    * PEM generator for the original set of PEM objects used in Open SSL.
+    */
+    public class MiscPemGenerator
+        : PemObjectGenerator
+    {
+        private object obj;
+        private string algorithm;
+        private char[] password;
+        private SecureRandom random;
+
+        public MiscPemGenerator(object obj)
+        {
+            this.obj = obj;
+        }
+
+        public MiscPemGenerator(
+            object			obj,
+            string			algorithm,
+            char[]			password,
+            SecureRandom	random)
+        {
+            this.obj = obj;
+            this.algorithm = algorithm;
+            this.password = password;
+            this.random = random;
+        }
+
+        private static PemObject CreatePemObject(object obj)
+        {
+            if (obj == null)
+                throw new ArgumentNullException("obj");
+
+            if (obj is AsymmetricCipherKeyPair)
+            {
+                return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private);
+            }
+
+            string type;
+            byte[] encoding;
+
+            if (obj is PemObject)
+                return (PemObject)obj;
+
+            if (obj is PemObjectGenerator)
+                return ((PemObjectGenerator)obj).Generate();
+
+            if (obj is X509Certificate)
+            {
+                // TODO Should we prefer "X509 CERTIFICATE" here?
+                type = "CERTIFICATE";
+                try
+                {
+                    encoding = ((X509Certificate)obj).GetEncoded();
+                }
+                catch (CertificateEncodingException e)
+                {
+                    throw new IOException("Cannot Encode object: " + e.ToString());
+                }
+            }
+            else if (obj is X509Crl)
+            {
+                type = "X509 CRL";
+                try
+                {
+                    encoding = ((X509Crl)obj).GetEncoded();
+                }
+                catch (CrlException e)
+                {
+                    throw new IOException("Cannot Encode object: " + e.ToString());
+                }
+            }
+            else if (obj is AsymmetricKeyParameter)
+            {
+                AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj;
+                if (akp.IsPrivate)
+                {
+                    string keyType;
+                    encoding = EncodePrivateKey(akp, out keyType);
+
+                    type = keyType + " PRIVATE KEY";
+                }
+                else
+                {
+                    type = "PUBLIC KEY";
+
+                    encoding = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(akp).GetDerEncoded();
+                }
+            }
+            else if (obj is IX509AttributeCertificate)
+            {
+                type = "ATTRIBUTE CERTIFICATE";
+                encoding = ((X509V2AttributeCertificate)obj).GetEncoded();
+            }
+            else if (obj is Pkcs10CertificationRequest)
+            {
+                type = "CERTIFICATE REQUEST";
+                encoding = ((Pkcs10CertificationRequest)obj).GetEncoded();
+            }
+            else if (obj is Asn1.Cms.ContentInfo)
+            {
+                type = "PKCS7";
+                encoding = ((Asn1.Cms.ContentInfo)obj).GetEncoded();
+            }
+            else
+            {
+                throw new PemGenerationException("Object type not supported: " + Platform.GetTypeName(obj));
+            }
+
+            return new PemObject(type, encoding);
+        }
+
+//		private string GetHexEncoded(byte[] bytes)
+//		{
+//			bytes = Hex.Encode(bytes);
+//
+//			char[] chars = new char[bytes.Length];
+//
+//			for (int i = 0; i != bytes.Length; i++)
+//			{
+//				chars[i] = (char)bytes[i];
+//			}
+//
+//			return new string(chars);
+//		}
+
+        private static PemObject CreatePemObject(
+            object			obj,
+            string			algorithm,
+            char[]			password,
+            SecureRandom	random)
+        {
+            if (obj == null)
+                throw new ArgumentNullException("obj");
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+            if (password == null)
+                throw new ArgumentNullException("password");
+            if (random == null)
+                throw new ArgumentNullException("random");
+
+            if (obj is AsymmetricCipherKeyPair)
+            {
+                return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private, algorithm, password, random);
+            }
+
+            string type = null;
+            byte[] keyData = null;
+
+            if (obj is AsymmetricKeyParameter)
+            {
+                AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj;
+                if (akp.IsPrivate)
+                {
+                    string keyType;
+                    keyData = EncodePrivateKey(akp, out keyType);
+
+                    type = keyType + " PRIVATE KEY";
+                }
+            }
+
+            if (type == null || keyData == null)
+            {
+                // TODO Support other types?
+                throw new PemGenerationException("Object type not supported: " + Platform.GetTypeName(obj));
+            }
+
+
+            string dekAlgName = Platform.ToUpperInvariant(algorithm);
+
+            // Note: For backward compatibility
+            if (dekAlgName == "DESEDE")
+            {
+                dekAlgName = "DES-EDE3-CBC";
+            }
+
+            int ivLength = Platform.StartsWith(dekAlgName, "AES-") ? 16 : 8;
+
+            byte[] iv = new byte[ivLength];
+            random.NextBytes(iv);
+
+            byte[] encData = PemUtilities.Crypt(true, keyData, password, dekAlgName, iv);
+
+            IList headers = Platform.CreateArrayList(2);
+
+            headers.Add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
+            headers.Add(new PemHeader("DEK-Info", dekAlgName + "," + Hex.ToHexString(iv)));
+
+            return new PemObject(type, headers, encData);
+        }
+
+        private static byte[] EncodePrivateKey(
+            AsymmetricKeyParameter	akp,
+            out string				keyType)
+        {
+            PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(akp);
+            AlgorithmIdentifier algID = info.PrivateKeyAlgorithm;
+            DerObjectIdentifier oid = algID.Algorithm;
+
+            if (oid.Equals(X9ObjectIdentifiers.IdDsa))
+            {
+                keyType = "DSA";
+
+                DsaParameter p = DsaParameter.GetInstance(algID.Parameters);
+
+                BigInteger x = ((DsaPrivateKeyParameters) akp).X;
+                BigInteger y = p.G.ModPow(x, p.P);
+
+                // TODO Create an ASN1 object somewhere for this?
+                return new DerSequence(
+                    new DerInteger(0),
+                    new DerInteger(p.P),
+                    new DerInteger(p.Q),
+                    new DerInteger(p.G),
+                    new DerInteger(y),
+                    new DerInteger(x)).GetEncoded();
+            }
+
+            if (oid.Equals(PkcsObjectIdentifiers.RsaEncryption))
+            {
+                keyType = "RSA";
+            }
+            else if (oid.Equals(CryptoProObjectIdentifiers.GostR3410x2001)
+                || oid.Equals(X9ObjectIdentifiers.IdECPublicKey))
+            {
+                keyType = "EC";
+            }
+            else
+            {
+                throw new ArgumentException("Cannot handle private key of type: " + Platform.GetTypeName(akp), "akp");
+            }
+
+            return info.ParsePrivateKey().GetEncoded();
+        }
+
+        public PemObject Generate()
+        {
+            try
+            {
+                if (algorithm != null)
+                {
+                    return CreatePemObject(obj, algorithm, password, random);
+                }
+
+                return CreatePemObject(obj);
+            }
+            catch (IOException e)
+            {
+                throw new PemGenerationException("encoding exception", e);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openssl/PEMException.cs b/bc-sharp-crypto/src/openssl/PEMException.cs
new file mode 100644
index 0000000..6b3e510
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/PEMException.cs
@@ -0,0 +1,25 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PemException
+		: IOException
+	{
+		public PemException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public PemException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/PEMReader.cs b/bc-sharp-crypto/src/openssl/PEMReader.cs
new file mode 100644
index 0000000..9a5f99b
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/PEMReader.cs
@@ -0,0 +1,401 @@
+using System;
+using System.Collections;
+using System.Diagnostics;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.EC;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO.Pem;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+    /**
+    * Class for reading OpenSSL PEM encoded streams containing 
+    * X509 certificates, PKCS8 encoded keys and PKCS7 objects.
+    * <p>
+    * In the case of PKCS7 objects the reader will return a CMS ContentInfo object. Keys and
+    * Certificates will be returned using the appropriate java.security type.</p>
+    */
+    public class PemReader
+        : Org.BouncyCastle.Utilities.IO.Pem.PemReader
+    {
+//		private static readonly IDictionary parsers = new Hashtable();
+
+        static PemReader()
+        {
+//			parsers.Add("CERTIFICATE REQUEST", new PKCS10CertificationRequestParser());
+//			parsers.Add("NEW CERTIFICATE REQUEST", new PKCS10CertificationRequestParser());
+//			parsers.Add("CERTIFICATE", new X509CertificateParser(provider));
+//			parsers.Add("X509 CERTIFICATE", new X509CertificateParser(provider));
+//			parsers.Add("X509 CRL", new X509CRLParser(provider));
+//			parsers.Add("PKCS7", new PKCS7Parser());
+//			parsers.Add("ATTRIBUTE CERTIFICATE", new X509AttributeCertificateParser());
+//			parsers.Add("EC PARAMETERS", new ECNamedCurveSpecParser());
+//			parsers.Add("PUBLIC KEY", new PublicKeyParser(provider));
+//			parsers.Add("RSA PUBLIC KEY", new RSAPublicKeyParser(provider));
+//			parsers.Add("RSA PRIVATE KEY", new RSAKeyPairParser(provider));
+//			parsers.Add("DSA PRIVATE KEY", new DSAKeyPairParser(provider));
+//			parsers.Add("EC PRIVATE KEY", new ECDSAKeyPairParser(provider));
+//			parsers.Add("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyParser(provider));
+//			parsers.Add("PRIVATE KEY", new PrivateKeyParser(provider));
+        }
+
+        private readonly IPasswordFinder pFinder;
+
+        /**
+        * Create a new PemReader
+        *
+        * @param reader the Reader
+        */
+        public PemReader(
+            TextReader reader)
+            : this(reader, null)
+        {
+        }
+
+        /**
+        * Create a new PemReader with a password finder
+        *
+        * @param reader the Reader
+        * @param pFinder the password finder
+        */
+        public PemReader(
+            TextReader		reader,
+            IPasswordFinder	pFinder)
+            : base(reader)
+        {
+            this.pFinder = pFinder;
+        }
+
+        public object ReadObject()
+        {
+            PemObject obj = ReadPemObject();
+
+            if (obj == null)
+                return null;
+
+            // TODO Follow Java build and map to parser objects?
+//			if (parsers.Contains(obj.Type))
+//				return ((PemObjectParser)parsers[obj.Type]).ParseObject(obj);
+
+            if (Platform.EndsWith(obj.Type, "PRIVATE KEY"))
+                return ReadPrivateKey(obj);
+
+            switch (obj.Type)
+            {
+                case "PUBLIC KEY":
+                    return ReadPublicKey(obj);
+                case "RSA PUBLIC KEY":
+                    return ReadRsaPublicKey(obj);
+                case "CERTIFICATE REQUEST":
+                case "NEW CERTIFICATE REQUEST":
+                    return ReadCertificateRequest(obj);
+                case "CERTIFICATE":
+                case "X509 CERTIFICATE":
+                    return ReadCertificate(obj);
+                case "PKCS7":
+                case "CMS":
+                    return ReadPkcs7(obj);
+                case "X509 CRL":
+                    return ReadCrl(obj);
+                case "ATTRIBUTE CERTIFICATE":
+                    return ReadAttributeCertificate(obj);
+                // TODO Add back in when tests done, and return type issue resolved
+                //case "EC PARAMETERS":
+                //	return ReadECParameters(obj);
+                default:
+                    throw new IOException("unrecognised object: " + obj.Type);
+            }
+        }
+
+        private AsymmetricKeyParameter ReadRsaPublicKey(PemObject pemObject)
+        {
+            RsaPublicKeyStructure rsaPubStructure = RsaPublicKeyStructure.GetInstance(
+                Asn1Object.FromByteArray(pemObject.Content));
+
+            return new RsaKeyParameters(
+                false, // not private
+                rsaPubStructure.Modulus, 
+                rsaPubStructure.PublicExponent);
+        }
+
+        private AsymmetricKeyParameter ReadPublicKey(PemObject pemObject)
+        {
+            return PublicKeyFactory.CreateKey(pemObject.Content);
+        }
+
+        /**
+        * Reads in a X509Certificate.
+        *
+        * @return the X509Certificate
+        * @throws IOException if an I/O error occured
+        */
+        private X509Certificate ReadCertificate(PemObject pemObject)
+        {
+            try
+            {
+                return new X509CertificateParser().ReadCertificate(pemObject.Content);
+            }
+            catch (Exception e)
+            {
+                throw new PemException("problem parsing cert: " + e.ToString());
+            }
+        }
+
+        /**
+        * Reads in a X509CRL.
+        *
+        * @return the X509Certificate
+        * @throws IOException if an I/O error occured
+        */
+        private X509Crl ReadCrl(PemObject pemObject)
+        {
+            try
+            {
+                return new X509CrlParser().ReadCrl(pemObject.Content);
+            }
+            catch (Exception e)
+            {
+                throw new PemException("problem parsing cert: " + e.ToString());
+            }
+        }
+
+        /**
+        * Reads in a PKCS10 certification request.
+        *
+        * @return the certificate request.
+        * @throws IOException if an I/O error occured
+        */
+        private Pkcs10CertificationRequest ReadCertificateRequest(PemObject pemObject)
+        {
+            try
+            {
+                return new Pkcs10CertificationRequest(pemObject.Content);
+            }
+            catch (Exception e)
+            {
+                throw new PemException("problem parsing cert: " + e.ToString());
+            }
+        }
+
+        /**
+        * Reads in a X509 Attribute Certificate.
+        *
+        * @return the X509 Attribute Certificate
+        * @throws IOException if an I/O error occured
+        */
+        private IX509AttributeCertificate ReadAttributeCertificate(PemObject pemObject)
+        {
+            return new X509V2AttributeCertificate(pemObject.Content);
+        }
+
+        /**
+        * Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
+        * API.
+        *
+        * @return the X509Certificate
+        * @throws IOException if an I/O error occured
+        */
+        // TODO Consider returning Asn1.Pkcs.ContentInfo
+        private Asn1.Cms.ContentInfo ReadPkcs7(PemObject pemObject)
+        {
+            try
+            {
+                return Asn1.Cms.ContentInfo.GetInstance(
+                    Asn1Object.FromByteArray(pemObject.Content));
+            }
+            catch (Exception e)
+            {
+                throw new PemException("problem parsing PKCS7 object: " + e.ToString());
+            }
+        }
+
+        /**
+        * Read a Key Pair
+        */
+        private object ReadPrivateKey(PemObject pemObject)
+        {
+            //
+            // extract the key
+            //
+            Debug.Assert(Platform.EndsWith(pemObject.Type, "PRIVATE KEY"));
+
+            string type = pemObject.Type.Substring(0, pemObject.Type.Length - "PRIVATE KEY".Length).Trim();
+            byte[] keyBytes = pemObject.Content;
+
+            IDictionary fields = Platform.CreateHashtable();
+            foreach (PemHeader header in pemObject.Headers)
+            {
+                fields[header.Name] = header.Value;
+            }
+
+            string procType = (string) fields["Proc-Type"];
+
+            if (procType == "4,ENCRYPTED")
+            {
+                if (pFinder == null)
+                    throw new PasswordException("No password finder specified, but a password is required");
+
+                char[] password = pFinder.GetPassword();
+
+                if (password == null)
+                    throw new PasswordException("Password is null, but a password is required");
+
+                string dekInfo = (string) fields["DEK-Info"];
+                string[] tknz = dekInfo.Split(',');
+
+                string dekAlgName = tknz[0].Trim();
+                byte[] iv = Hex.Decode(tknz[1].Trim());
+
+                keyBytes = PemUtilities.Crypt(false, keyBytes, password, dekAlgName, iv);
+            }
+
+            try
+            {
+                AsymmetricKeyParameter pubSpec, privSpec;
+                Asn1Sequence seq = Asn1Sequence.GetInstance(keyBytes);
+
+                switch (type)
+                {
+                    case "RSA":
+                    {
+                        if (seq.Count != 9)
+                            throw new PemException("malformed sequence in RSA private key");
+
+                        RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(seq);
+
+                        pubSpec = new RsaKeyParameters(false, rsa.Modulus, rsa.PublicExponent);
+                        privSpec = new RsaPrivateCrtKeyParameters(
+                            rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent,
+                            rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2,
+                            rsa.Coefficient);
+
+                        break;
+                    }
+
+                    case "DSA":
+                    {
+                        if (seq.Count != 6)
+                            throw new PemException("malformed sequence in DSA private key");
+
+                        // TODO Create an ASN1 object somewhere for this?
+                        //DerInteger v = (DerInteger)seq[0];
+                        DerInteger p = (DerInteger)seq[1];
+                        DerInteger q = (DerInteger)seq[2];
+                        DerInteger g = (DerInteger)seq[3];
+                        DerInteger y = (DerInteger)seq[4];
+                        DerInteger x = (DerInteger)seq[5];
+
+                        DsaParameters parameters = new DsaParameters(p.Value, q.Value, g.Value);
+
+                        privSpec = new DsaPrivateKeyParameters(x.Value, parameters);
+                        pubSpec = new DsaPublicKeyParameters(y.Value, parameters);
+
+                        break;
+                    }
+
+                    case "EC":
+                    {
+                        ECPrivateKeyStructure pKey = ECPrivateKeyStructure.GetInstance(seq);
+                        AlgorithmIdentifier algId = new AlgorithmIdentifier(
+                            X9ObjectIdentifiers.IdECPublicKey, pKey.GetParameters());
+
+                        PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.ToAsn1Object());
+
+                        // TODO Are the keys returned here ECDSA, as Java version forces?
+                        privSpec = PrivateKeyFactory.CreateKey(privInfo);
+
+                        DerBitString pubKey = pKey.GetPublicKey();
+                        if (pubKey != null)
+                        {
+                            SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pubKey.GetBytes());
+
+                            // TODO Are the keys returned here ECDSA, as Java version forces?
+                            pubSpec = PublicKeyFactory.CreateKey(pubInfo);
+                        }
+                        else
+                        {
+                            pubSpec = ECKeyPairGenerator.GetCorrespondingPublicKey(
+                                (ECPrivateKeyParameters)privSpec);
+                        }
+
+                        break;
+                    }
+
+                    case "ENCRYPTED":
+                    {
+                        char[] password = pFinder.GetPassword();
+
+                        if (password == null)
+                            throw new PasswordException("Password is null, but a password is required");
+
+                        return PrivateKeyFactory.DecryptKey(password, EncryptedPrivateKeyInfo.GetInstance(seq));
+                    }
+
+                    case "":
+                    {
+                        return PrivateKeyFactory.CreateKey(PrivateKeyInfo.GetInstance(seq));
+                    }
+
+                    default:
+                        throw new ArgumentException("Unknown key type: " + type, "type");
+                }
+
+                return new AsymmetricCipherKeyPair(pubSpec, privSpec);
+            }
+            catch (IOException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new PemException(
+                    "problem creating " + type + " private key: " + e.ToString());
+            }
+        }
+
+        // TODO Add an equivalent class for ECNamedCurveParameterSpec?
+        //private ECNamedCurveParameterSpec ReadECParameters(
+//		private X9ECParameters ReadECParameters(PemObject pemObject)
+//		{
+//			DerObjectIdentifier oid = (DerObjectIdentifier)Asn1Object.FromByteArray(pemObject.Content);
+//
+//			//return ECNamedCurveTable.getParameterSpec(oid.Id);
+//			return GetCurveParameters(oid.Id);
+//		}
+
+        //private static ECDomainParameters GetCurveParameters(
+        private static X9ECParameters GetCurveParameters(
+            string name)
+        {
+            // TODO ECGost3410NamedCurves support (returns ECDomainParameters though)
+
+            X9ECParameters ecP = CustomNamedCurves.GetByName(name);
+            if (ecP == null)
+            {
+                ecP = ECNamedCurveTable.GetByName(name);
+            }
+
+            if (ecP == null)
+                throw new Exception("unknown curve name: " + name);
+
+            //return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed());
+            return ecP;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/openssl/PEMUtilities.cs b/bc-sharp-crypto/src/openssl/PEMUtilities.cs
new file mode 100644
index 0000000..b58e5e7
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/PEMUtilities.cs
@@ -0,0 +1,158 @@
+using System;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+	internal sealed class PemUtilities
+	{
+		private enum PemBaseAlg { AES_128, AES_192, AES_256, BF, DES, DES_EDE, DES_EDE3, RC2, RC2_40, RC2_64 };
+		private enum PemMode { CBC, CFB, ECB, OFB };
+
+		static PemUtilities()
+		{
+			// Signal to obfuscation tools not to change enum constants
+			((PemBaseAlg)Enums.GetArbitraryValue(typeof(PemBaseAlg))).ToString();
+			((PemMode)Enums.GetArbitraryValue(typeof(PemMode))).ToString();
+		}
+
+		private static void ParseDekAlgName(
+			string			dekAlgName,
+			out PemBaseAlg	baseAlg,
+			out PemMode		mode)
+		{
+			try
+			{
+				mode = PemMode.ECB;
+
+				if (dekAlgName == "DES-EDE" || dekAlgName == "DES-EDE3")
+				{
+					baseAlg = (PemBaseAlg)Enums.GetEnumValue(typeof(PemBaseAlg), dekAlgName);
+					return;
+				}
+
+				int pos = dekAlgName.LastIndexOf('-');
+				if (pos >= 0)
+				{
+					baseAlg = (PemBaseAlg)Enums.GetEnumValue(typeof(PemBaseAlg), dekAlgName.Substring(0, pos));
+					mode = (PemMode)Enums.GetEnumValue(typeof(PemMode), dekAlgName.Substring(pos + 1));
+					return;
+				}
+			}
+			catch (ArgumentException)
+			{
+			}
+
+			throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName);
+		}
+
+		internal static byte[] Crypt(
+			bool	encrypt,
+			byte[]	bytes,
+			char[]	password,
+			string	dekAlgName,
+			byte[]	iv)
+		{
+			PemBaseAlg baseAlg;
+			PemMode mode;
+			ParseDekAlgName(dekAlgName, out baseAlg, out mode);
+
+			string padding;
+			switch (mode)
+			{
+				case PemMode.CBC:
+				case PemMode.ECB:
+					padding = "PKCS5Padding";
+					break;
+				case PemMode.CFB:
+				case PemMode.OFB:
+					padding = "NoPadding";
+					break;
+				default:
+					throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName);
+			}
+
+			string algorithm;
+
+			byte[] salt = iv;
+			switch (baseAlg)
+			{
+				case PemBaseAlg.AES_128:
+				case PemBaseAlg.AES_192:
+				case PemBaseAlg.AES_256:
+					algorithm = "AES";
+					if (salt.Length > 8)
+					{
+						salt = new byte[8];
+						Array.Copy(iv, 0, salt, 0, salt.Length);
+					}
+					break;
+				case PemBaseAlg.BF:
+					algorithm = "BLOWFISH";
+					break;
+				case PemBaseAlg.DES:
+					algorithm = "DES";
+					break;
+				case PemBaseAlg.DES_EDE:
+				case PemBaseAlg.DES_EDE3:
+					algorithm = "DESede";
+					break;
+				case PemBaseAlg.RC2:
+				case PemBaseAlg.RC2_40:
+				case PemBaseAlg.RC2_64:
+					algorithm = "RC2";
+					break;
+				default:
+					throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName);
+			}
+
+			string cipherName = algorithm + "/" + mode + "/" + padding;
+			IBufferedCipher cipher = CipherUtilities.GetCipher(cipherName);
+
+			ICipherParameters cParams = GetCipherParameters(password, baseAlg, salt);
+
+			if (mode != PemMode.ECB)
+			{
+				cParams = new ParametersWithIV(cParams, iv);
+			}
+
+			cipher.Init(encrypt, cParams);
+
+			return cipher.DoFinal(bytes);
+		}
+
+		private static ICipherParameters GetCipherParameters(
+			char[]		password,
+			PemBaseAlg	baseAlg,
+			byte[]		salt)
+		{
+			string algorithm;
+			int keyBits;
+			switch (baseAlg)
+			{
+				case PemBaseAlg.AES_128:		keyBits = 128;	algorithm = "AES128";	break;
+				case PemBaseAlg.AES_192:		keyBits = 192;	algorithm = "AES192";	break;
+				case PemBaseAlg.AES_256:		keyBits = 256;	algorithm = "AES256";	break;
+				case PemBaseAlg.BF:				keyBits = 128;	algorithm = "BLOWFISH";	break;
+				case PemBaseAlg.DES:			keyBits = 64;	algorithm = "DES";		break;
+				case PemBaseAlg.DES_EDE:		keyBits = 128;	algorithm = "DESEDE";	break;
+				case PemBaseAlg.DES_EDE3:		keyBits = 192;	algorithm = "DESEDE3";	break;
+				case PemBaseAlg.RC2:			keyBits = 128;	algorithm = "RC2";		break;
+				case PemBaseAlg.RC2_40:			keyBits = 40;	algorithm = "RC2";		break;
+				case PemBaseAlg.RC2_64:			keyBits = 64;	algorithm = "RC2";		break;
+				default:
+					return null;
+			}
+
+			OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
+
+			pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
+
+			return pGen.GenerateDerivedParameters(algorithm, keyBits);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/PEMWriter.cs b/bc-sharp-crypto/src/openssl/PEMWriter.cs
new file mode 100644
index 0000000..aefb018
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/PEMWriter.cs
@@ -0,0 +1,61 @@
+using System;
+using System.Diagnostics;
+using System.Globalization;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO.Pem;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+	/// <remarks>General purpose writer for OpenSSL PEM objects.</remarks>
+	public class PemWriter
+		: Org.BouncyCastle.Utilities.IO.Pem.PemWriter
+	{
+		/// <param name="writer">The TextWriter object to write the output to.</param>
+		public PemWriter(
+			TextWriter writer)
+			: base(writer)
+		{
+		}
+
+		public void WriteObject(
+			object obj) 
+		{
+			try
+			{
+				base.WriteObject(new MiscPemGenerator(obj));
+			}
+			catch (PemGenerationException e)
+			{
+				if (e.InnerException is IOException)
+					throw (IOException)e.InnerException;
+
+				throw e;
+			}
+		}
+
+		public void WriteObject(
+			object			obj,
+			string			algorithm,
+			char[]			password,
+			SecureRandom	random)
+		{
+			base.WriteObject(new MiscPemGenerator(obj, algorithm, password, random));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/PasswordException.cs b/bc-sharp-crypto/src/openssl/PasswordException.cs
new file mode 100644
index 0000000..38e679b
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/PasswordException.cs
@@ -0,0 +1,25 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PasswordException
+		: IOException
+	{
+		public PasswordException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public PasswordException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/openssl/Pkcs8Generator.cs b/bc-sharp-crypto/src/openssl/Pkcs8Generator.cs
new file mode 100644
index 0000000..d03ea08
--- /dev/null
+++ b/bc-sharp-crypto/src/openssl/Pkcs8Generator.cs
@@ -0,0 +1,111 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.IO.Pem;
+
+namespace Org.BouncyCastle.OpenSsl
+{
+	public class Pkcs8Generator
+		: PemObjectGenerator
+	{
+		// FIXME See PbeUtilities static constructor
+//		public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id;
+//		public static readonly string Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc.Id;
+//		public static readonly string Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc.Id;
+//
+//		public static readonly string Des3Cbc = PkcsObjectIdentifiers.DesEde3Cbc.Id;
+
+		public static readonly string PbeSha1_RC4_128 = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id;
+		public static readonly string PbeSha1_RC4_40 = PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id;
+		public static readonly string PbeSha1_3DES = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id;
+		public static readonly string PbeSha1_2DES = PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id;
+		public static readonly string PbeSha1_RC2_128 = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id;
+		public static readonly string PbeSha1_RC2_40 = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id;
+
+		private char[]					password;
+		private string					algorithm;
+		private int						iterationCount;
+		private AsymmetricKeyParameter	privKey;
+		private SecureRandom			random;
+
+		/**
+		* Constructor for an unencrypted private key PEM object.
+		*
+		* @param key private key to be encoded.
+		*/
+		public Pkcs8Generator(AsymmetricKeyParameter privKey)
+		{
+			this.privKey = privKey;
+		}
+
+		/**
+		* Constructor for an encrypted private key PEM object.
+		*
+		* @param key       private key to be encoded
+		* @param algorithm encryption algorithm to use
+		* @param provider  provider to use
+		* @throws NoSuchAlgorithmException if algorithm/mode cannot be found
+		*/
+		public Pkcs8Generator(AsymmetricKeyParameter privKey, string algorithm)
+		{
+			// TODO Check privKey.IsPrivate
+			this.privKey = privKey;
+			this.algorithm = algorithm;
+			this.iterationCount = 2048;
+		}
+
+		public SecureRandom SecureRandom
+		{
+			set { this.random = value; }
+		}
+
+		public char[] Password
+		{
+			set { this.password = value; }
+		}
+
+		public int IterationCount
+		{
+			set { this.iterationCount = value; }
+		}
+
+		public PemObject Generate()
+		{
+			if (algorithm == null)
+			{
+				PrivateKeyInfo pki = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey);
+
+				return new PemObject("PRIVATE KEY", pki.GetEncoded());
+			}
+
+			// TODO Theoretically, the amount of salt needed depends on the algorithm
+			byte[] salt = new byte[20];
+			if (random == null)
+			{
+				random = new SecureRandom();
+			}
+			random.NextBytes(salt);
+
+			try
+			{
+				EncryptedPrivateKeyInfo epki = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+					algorithm, password, salt, iterationCount, privKey);
+	
+				return new PemObject("ENCRYPTED PRIVATE KEY", epki.GetEncoded());
+			}
+			catch (Exception e)
+			{
+				throw new PemGenerationException("Couldn't encrypt private key", e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkcs/AsymmetricKeyEntry.cs b/bc-sharp-crypto/src/pkcs/AsymmetricKeyEntry.cs
new file mode 100644
index 0000000..6da3ade
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/AsymmetricKeyEntry.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public class AsymmetricKeyEntry
+        : Pkcs12Entry
+    {
+        private readonly AsymmetricKeyParameter key;
+
+		public AsymmetricKeyEntry(
+            AsymmetricKeyParameter key)
+			: base(Platform.CreateHashtable())
+        {
+            this.key = key;
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public AsymmetricKeyEntry(
+            AsymmetricKeyParameter key,
+            Hashtable attributes)
+			: base(attributes)
+        {
+            this.key = key;
+        }
+#endif
+
+        public AsymmetricKeyEntry(
+            AsymmetricKeyParameter  key,
+            IDictionary             attributes)
+			: base(attributes)
+        {
+            this.key = key;
+        }
+
+		public AsymmetricKeyParameter Key
+        {
+            get { return this.key; }
+        }
+
+		public override bool Equals(object obj)
+		{
+			AsymmetricKeyEntry other = obj as AsymmetricKeyEntry;
+
+			if (other == null)
+				return false;
+
+			return key.Equals(other.key);
+		}
+
+		public override int GetHashCode()
+		{
+			return ~key.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs b/bc-sharp-crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs
new file mode 100644
index 0000000..b6b7bac
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs
@@ -0,0 +1,64 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public sealed class EncryptedPrivateKeyInfoFactory
+    {
+        private EncryptedPrivateKeyInfoFactory()
+        {
+        }
+
+        public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo(
+            DerObjectIdentifier		algorithm,
+            char[]					passPhrase,
+            byte[]					salt,
+            int						iterationCount,
+            AsymmetricKeyParameter	key)
+        {
+            return CreateEncryptedPrivateKeyInfo(
+                algorithm.Id, passPhrase, salt, iterationCount,
+                PrivateKeyInfoFactory.CreatePrivateKeyInfo(key));
+        }
+
+        public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo(
+            string					algorithm,
+            char[]					passPhrase,
+            byte[]					salt,
+            int						iterationCount,
+            AsymmetricKeyParameter	key)
+        {
+            return CreateEncryptedPrivateKeyInfo(
+                algorithm, passPhrase, salt, iterationCount,
+                PrivateKeyInfoFactory.CreatePrivateKeyInfo(key));
+        }
+
+        public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo(
+            string			algorithm,
+            char[]			passPhrase,
+            byte[]			salt,
+            int				iterationCount,
+            PrivateKeyInfo	keyInfo)
+        {
+            IBufferedCipher cipher = PbeUtilities.CreateEngine(algorithm) as IBufferedCipher;
+            if (cipher == null)
+                throw new Exception("Unknown encryption algorithm: " + algorithm);
+
+            Asn1Encodable pbeParameters = PbeUtilities.GenerateAlgorithmParameters(
+                algorithm, salt, iterationCount);
+            ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters(
+                algorithm, passPhrase, pbeParameters);
+            cipher.Init(true, cipherParameters);
+            byte[] encoding = cipher.DoFinal(keyInfo.GetEncoded());
+
+            DerObjectIdentifier oid = PbeUtilities.GetObjectIdentifier(algorithm);
+            AlgorithmIdentifier algID = new AlgorithmIdentifier(oid, pbeParameters);
+            return new EncryptedPrivateKeyInfo(algID, encoding);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkcs/PKCS12StoreBuilder.cs b/bc-sharp-crypto/src/pkcs/PKCS12StoreBuilder.cs
new file mode 100644
index 0000000..c8fa0f6
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/PKCS12StoreBuilder.cs
@@ -0,0 +1,41 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+
+namespace Org.BouncyCastle.Pkcs
+{
+	public class Pkcs12StoreBuilder
+	{
+		private DerObjectIdentifier	keyAlgorithm = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc;
+		private DerObjectIdentifier	certAlgorithm = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc;
+		private bool useDerEncoding = false;
+
+		public Pkcs12StoreBuilder()
+		{
+		}
+
+		public Pkcs12Store Build()
+		{
+			return new Pkcs12Store(keyAlgorithm, certAlgorithm, useDerEncoding);
+		}
+
+		public Pkcs12StoreBuilder SetCertAlgorithm(DerObjectIdentifier certAlgorithm)
+		{
+			this.certAlgorithm = certAlgorithm;
+			return this;
+		}
+
+		public Pkcs12StoreBuilder SetKeyAlgorithm(DerObjectIdentifier keyAlgorithm)
+		{
+			this.keyAlgorithm = keyAlgorithm;
+			return this;
+		}
+
+		public Pkcs12StoreBuilder SetUseDerEncoding(bool useDerEncoding)
+		{
+			this.useDerEncoding = useDerEncoding;
+			return this;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequest.cs b/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequest.cs
new file mode 100644
index 0000000..c2504e6
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequest.cs
@@ -0,0 +1,464 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Crypto.Operators;
+
+namespace Org.BouncyCastle.Pkcs
+{
+	/// <remarks>
+	/// A class for verifying and creating Pkcs10 Certification requests.
+	/// </remarks>
+	/// <code>
+	/// CertificationRequest ::= Sequence {
+	///   certificationRequestInfo  CertificationRequestInfo,
+	///   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+	///   signature                 BIT STRING
+	/// }
+	///
+	/// CertificationRequestInfo ::= Sequence {
+	///   version             Integer { v1(0) } (v1,...),
+	///   subject             Name,
+	///   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+	///   attributes          [0] Attributes{{ CRIAttributes }}
+	///  }
+	///
+	///  Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
+	///
+	///  Attr { ATTRIBUTE:IOSet } ::= Sequence {
+	///    type    ATTRIBUTE.&amp;id({IOSet}),
+	///    values  Set SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
+	///  }
+	/// </code>
+	/// see <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2132"/>
+	public class Pkcs10CertificationRequest
+		: CertificationRequest
+	{
+		protected static readonly IDictionary algorithms = Platform.CreateHashtable();
+        protected static readonly IDictionary exParams = Platform.CreateHashtable();
+        protected static readonly IDictionary keyAlgorithms = Platform.CreateHashtable();
+        protected static readonly IDictionary oids = Platform.CreateHashtable();
+		protected static readonly ISet noParams = new HashSet();
+
+		static Pkcs10CertificationRequest()
+		{
+			algorithms.Add("MD2WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.2"));
+			algorithms.Add("MD2WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.2"));
+			algorithms.Add("MD5WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
+			algorithms.Add("MD5WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
+			algorithms.Add("RSAWITHMD5", new DerObjectIdentifier("1.2.840.113549.1.1.4"));
+			algorithms.Add("SHA1WITHRSAENCRYPTION", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
+			algorithms.Add("SHA1WITHRSA", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
+			algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("RSAWITHSHA1", new DerObjectIdentifier("1.2.840.113549.1.1.5"));
+			algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("SHA1WITHDSA", new DerObjectIdentifier("1.2.840.10040.4.3"));
+			algorithms.Add("DSAWITHSHA1", new DerObjectIdentifier("1.2.840.10040.4.3"));
+			algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+			algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+			algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
+			algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
+			algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+			algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// reverse mappings
+			//
+			oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
+			oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
+			oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
+			oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410");
+
+			oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
+			oids.Add(new DerObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+			oids.Add(new DerObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
+			oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
+			oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
+			oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
+			oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
+			oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
+
+			//
+			// key types
+			//
+			keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA");
+			keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA");
+
+			//
+			// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+			// The parameters field SHALL be NULL for RSA based signature algorithms.
+			//
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+			noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+
+			//
+			// RFC 4491
+			//
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// explicit params
+			//
+			AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+			exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
+
+			AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
+			exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
+
+			AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
+			exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
+
+			AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
+			exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
+
+			AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
+			exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
+		}
+
+		private static RsassaPssParameters CreatePssParams(
+			AlgorithmIdentifier	hashAlgId,
+			int					saltSize)
+		{
+			return new RsassaPssParameters(
+				hashAlgId,
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId),
+				new DerInteger(saltSize),
+				new DerInteger(1));
+		}
+
+		protected Pkcs10CertificationRequest()
+		{
+		}
+
+		public Pkcs10CertificationRequest(
+			byte[] encoded)
+			: base((Asn1Sequence) Asn1Object.FromByteArray(encoded))
+		{
+		}
+
+		public Pkcs10CertificationRequest(
+			Asn1Sequence seq)
+			: base(seq)
+		{
+		}
+
+		public Pkcs10CertificationRequest(
+			Stream input)
+			: base((Asn1Sequence) Asn1Object.FromStream(input))
+		{
+        }
+
+        /// <summary>
+        /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
+        /// </summary>
+        ///<param name="signatureAlgorithm">Name of Sig Alg.</param>
+        /// <param name="subject">X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" </param>
+        /// <param name="publicKey">Public Key to be included in cert reqest.</param>
+        /// <param name="attributes">ASN1Set of Attributes.</param>
+        /// <param name="signingKey">Matching Private key for nominated (above) public key to be used to sign the request.</param>
+        [Obsolete("Use constructor with an ISignatureFactory")]
+        public Pkcs10CertificationRequest(
+			string					signatureAlgorithm,
+			X509Name				subject,
+			AsymmetricKeyParameter	publicKey,
+			Asn1Set					attributes,
+			AsymmetricKeyParameter	signingKey)
+		{
+			if (signatureAlgorithm == null)
+				throw new ArgumentNullException("signatureAlgorithm");
+			if (subject == null)
+				throw new ArgumentNullException("subject");
+			if (publicKey == null)
+				throw new ArgumentNullException("publicKey");
+			if (publicKey.IsPrivate)
+				throw new ArgumentException("expected public key", "publicKey");
+			if (!signingKey.IsPrivate)
+				throw new ArgumentException("key for signing must be private", "signingKey");
+
+            init(new Asn1SignatureFactory(signatureAlgorithm, signingKey), subject, publicKey, attributes, signingKey);
+		}
+
+        /// <summary>
+        /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
+        /// </summary>
+        ///<param name="signatureCalculatorFactory">The factory for signature calculators to sign the PKCS#10 request with.</param>
+        /// <param name="subject">X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" </param>
+        /// <param name="publicKey">Public Key to be included in cert reqest.</param>
+        /// <param name="attributes">ASN1Set of Attributes.</param>
+        /// <param name="signingKey">Matching Private key for nominated (above) public key to be used to sign the request.</param>
+        public Pkcs10CertificationRequest(
+            ISignatureFactory signatureCalculatorFactory,
+            X509Name subject,
+            AsymmetricKeyParameter publicKey,
+            Asn1Set attributes,
+            AsymmetricKeyParameter signingKey)
+        {
+            if (signatureCalculatorFactory == null)
+                throw new ArgumentNullException("signatureCalculator");
+            if (subject == null)
+                throw new ArgumentNullException("subject");
+            if (publicKey == null)
+                throw new ArgumentNullException("publicKey");
+            if (publicKey.IsPrivate)
+                throw new ArgumentException("expected public key", "publicKey");
+            if (!signingKey.IsPrivate)
+                throw new ArgumentException("key for signing must be private", "signingKey");
+
+            init(signatureCalculatorFactory, subject, publicKey, attributes, signingKey);
+        }
+
+        private void init(
+            ISignatureFactory signatureCalculator, 
+            X509Name subject,
+            AsymmetricKeyParameter publicKey,
+            Asn1Set attributes,
+            AsymmetricKeyParameter signingKey)
+        {
+            this.sigAlgId = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails;
+
+            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
+
+            this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
+
+            IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator();
+
+            byte[] reqInfoData = reqInfo.GetDerEncoded();
+
+            streamCalculator.Stream.Write(reqInfoData, 0, reqInfoData.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            // Generate Signature.
+            sigBits = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
+        }
+
+        //        internal Pkcs10CertificationRequest(
+        //        	Asn1InputStream seqStream)
+        //        {
+        //			Asn1Sequence seq = (Asn1Sequence) seqStream.ReadObject();
+        //            try
+        //            {
+        //                this.reqInfo = CertificationRequestInfo.GetInstance(seq[0]);
+        //                this.sigAlgId = AlgorithmIdentifier.GetInstance(seq[1]);
+        //                this.sigBits = (DerBitString) seq[2];
+        //            }
+        //            catch (Exception ex)
+        //            {
+        //                throw new ArgumentException("Create From Asn1Sequence: " + ex.Message);
+        //            }
+        //        }
+
+        /// <summary>
+        /// Get the public key.
+        /// </summary>
+        /// <returns>The public key.</returns>
+        public AsymmetricKeyParameter GetPublicKey()
+		{
+			return PublicKeyFactory.CreateKey(reqInfo.SubjectPublicKeyInfo);
+		}
+
+		/// <summary>
+		/// Verify Pkcs10 Cert Request is valid.
+		/// </summary>
+		/// <returns>true = valid.</returns>
+		public bool Verify()
+		{
+			return Verify(this.GetPublicKey());
+		}
+
+		public bool Verify(
+			AsymmetricKeyParameter publicKey)
+		{
+            return Verify(new Asn1VerifierFactoryProvider(publicKey));
+		}
+
+        public bool Verify(
+            IVerifierFactoryProvider verifierProvider)
+        {
+            return Verify(verifierProvider.CreateVerifierFactory(sigAlgId));
+        }
+
+        public bool Verify(
+            IVerifierFactory verifier)
+        {
+            try
+            {
+                byte[] b = reqInfo.GetDerEncoded();
+
+                IStreamCalculator streamCalculator = verifier.CreateCalculator();
+
+                streamCalculator.Stream.Write(b, 0, b.Length);
+
+                Platform.Dispose(streamCalculator.Stream);
+
+                return ((IVerifier)streamCalculator.GetResult()).IsVerified(sigBits.GetOctets());
+            }
+            catch (Exception e)
+            {
+                throw new SignatureException("exception encoding TBS cert request", e);
+            }
+        }
+
+        //        /// <summary>
+        //        /// Get the Der Encoded Pkcs10 Certification Request.
+        //        /// </summary>
+        //        /// <returns>A byte array.</returns>
+        //        public byte[] GetEncoded()
+        //        {
+        //        	return new CertificationRequest(reqInfo, sigAlgId, sigBits).GetDerEncoded();
+        //        }
+
+        // TODO Figure out how to set parameters on an ISigner
+        private void SetSignatureParameters(
+			ISigner			signature,
+			Asn1Encodable	asn1Params)
+		{
+			if (asn1Params != null && !(asn1Params is Asn1Null))
+			{
+//				AlgorithmParameters sigParams = AlgorithmParameters.GetInstance(signature.getAlgorithm());
+//
+//				try
+//				{
+//					sigParams.init(asn1Params.ToAsn1Object().GetDerEncoded());
+//				}
+//				catch (IOException e)
+//				{
+//					throw new SignatureException("IOException decoding parameters: " + e.Message);
+//				}
+
+				if (Platform.EndsWith(signature.AlgorithmName, "MGF1"))
+				{
+					throw Platform.CreateNotImplementedException("signature algorithm with MGF1");
+
+//					try
+//					{
+//						signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
+//					}
+//					catch (GeneralSecurityException e)
+//					{
+//						throw new SignatureException("Exception extracting parameters: " + e.getMessage());
+//					}
+				}
+			}
+		}
+
+		internal static string GetSignatureName(
+			AlgorithmIdentifier sigAlgId)
+		{
+			Asn1Encodable asn1Params = sigAlgId.Parameters;
+
+			if (asn1Params != null && !(asn1Params is Asn1Null))
+			{
+                if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+				{
+					RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(asn1Params);
+                    return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
+				}
+			}
+
+            return sigAlgId.Algorithm.Id;
+		}
+
+		private static string GetDigestAlgName(
+			DerObjectIdentifier digestAlgOID)
+		{
+			if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID))
+			{
+				return "MD5";
+			}
+			else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID))
+			{
+				return "SHA1";
+			}
+			else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID))
+			{
+				return "SHA224";
+			}
+			else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID))
+			{
+				return "SHA256";
+			}
+			else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID))
+			{
+				return "SHA384";
+			}
+			else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID))
+			{
+				return "SHA512";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID))
+			{
+				return "RIPEMD128";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID))
+			{
+				return "RIPEMD160";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID))
+			{
+				return "RIPEMD256";
+			}
+			else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID))
+			{
+				return "GOST3411";
+			}
+			else
+			{
+				return digestAlgOID.Id;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs b/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
new file mode 100644
index 0000000..ecbb4ab
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs
@@ -0,0 +1,150 @@
+using System;
+using System.Collections;
+using System.Globalization;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkcs
+{
+	/// <remarks>
+	/// A class for creating and verifying Pkcs10 Certification requests (this is an extension on <see cref="Pkcs10CertificationRequest"/>).
+	/// The requests are made using delay signing. This is useful for situations where
+	/// the private key is in another environment and not directly accessible (e.g. HSM)
+	/// So the first step creates the request, then the signing is done outside this
+	/// object and the signature is then used to complete the request.
+	/// </remarks>
+	/// <code>
+	/// CertificationRequest ::= Sequence {
+	///   certificationRequestInfo  CertificationRequestInfo,
+	///   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+	///   signature                 BIT STRING
+	/// }
+	///
+	/// CertificationRequestInfo ::= Sequence {
+	///   version             Integer { v1(0) } (v1,...),
+	///   subject             Name,
+	///   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+	///   attributes          [0] Attributes{{ CRIAttributes }}
+	///  }
+	///
+	///  Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
+	///
+	///  Attr { ATTRIBUTE:IOSet } ::= Sequence {
+	///    type    ATTRIBUTE.&amp;id({IOSet}),
+	///    values  Set SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
+	///  }
+	/// </code>
+	/// see <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2132"/>
+	public class Pkcs10CertificationRequestDelaySigned : Pkcs10CertificationRequest
+	{
+		protected Pkcs10CertificationRequestDelaySigned()
+			: base()
+		{
+		}
+		public Pkcs10CertificationRequestDelaySigned(
+			byte[] encoded)
+			: base(encoded)
+		{
+		}
+		public Pkcs10CertificationRequestDelaySigned(
+			Asn1Sequence seq)
+			: base(seq)
+		{
+		}
+		public Pkcs10CertificationRequestDelaySigned(
+			Stream input)
+			: base(input)
+		{
+		}
+		public Pkcs10CertificationRequestDelaySigned(
+			string					signatureAlgorithm,
+			X509Name				subject,
+			AsymmetricKeyParameter	publicKey,
+			Asn1Set					attributes,
+			AsymmetricKeyParameter	signingKey)
+			: base(signatureAlgorithm, subject, publicKey, attributes, signingKey)
+		{
+		}
+		/// <summary>
+		/// Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
+		/// </summary>
+		/// <param name="signatureAlgorithm">Name of Sig Alg.</param>
+		/// <param name="subject">X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" </param>
+		/// <param name="publicKey">Public Key to be included in cert reqest.</param>
+		/// <param name="attributes">ASN1Set of Attributes.</param>
+		/// <remarks>
+        /// After the object is constructed use the <see cref="GetDataToSign"/> and finally the
+        /// SignRequest methods to finalize the request.
+		/// </remarks>
+		public Pkcs10CertificationRequestDelaySigned(
+			string					signatureAlgorithm,
+			X509Name				subject,
+			AsymmetricKeyParameter	publicKey,
+			Asn1Set					attributes)
+		{
+			if (signatureAlgorithm == null)
+				throw new ArgumentNullException("signatureAlgorithm");
+			if (subject == null)
+				throw new ArgumentNullException("subject");
+			if (publicKey == null)
+				throw new ArgumentNullException("publicKey");
+			if (publicKey.IsPrivate)
+				throw new ArgumentException("expected public key", "publicKey");
+//			DerObjectIdentifier sigOid = SignerUtilities.GetObjectIdentifier(signatureAlgorithm);
+			string algorithmName = Platform.ToUpperInvariant(signatureAlgorithm);
+			DerObjectIdentifier sigOid = (DerObjectIdentifier) algorithms[algorithmName];
+			if (sigOid == null)
+			{
+				try
+				{
+					sigOid = new DerObjectIdentifier(algorithmName);
+				}
+				catch (Exception e)
+				{
+					throw new ArgumentException("Unknown signature type requested", e);
+				}
+			}
+			if (noParams.Contains(sigOid))
+			{
+				this.sigAlgId = new AlgorithmIdentifier(sigOid);
+			}
+			else if (exParams.Contains(algorithmName))
+			{
+				this.sigAlgId = new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]);
+			}
+			else
+			{
+				this.sigAlgId = new AlgorithmIdentifier(sigOid, DerNull.Instance);
+			}
+			SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
+			this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
+		}
+		public byte[] GetDataToSign()
+		{
+			return reqInfo.GetDerEncoded();
+		}
+		public void SignRequest(byte[] signedData)
+		{
+			//build the signature from the signed data
+			sigBits = new DerBitString(signedData);
+		}
+		public void SignRequest(DerBitString signedData)
+		{
+			//build the signature from the signed data
+			sigBits = signedData;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkcs/Pkcs12Entry.cs b/bc-sharp-crypto/src/pkcs/Pkcs12Entry.cs
new file mode 100644
index 0000000..5dcc94e
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/Pkcs12Entry.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public abstract class Pkcs12Entry
+    {
+        private readonly IDictionary attributes;
+
+		protected internal Pkcs12Entry(
+            IDictionary attributes)
+        {
+            this.attributes = attributes;
+
+			foreach (DictionaryEntry entry in attributes)
+			{
+				if (!(entry.Key is string))
+					throw new ArgumentException("Attribute keys must be of type: " + typeof(string).FullName, "attributes");
+				if (!(entry.Value is Asn1Encodable))
+					throw new ArgumentException("Attribute values must be of type: " + typeof(Asn1Encodable).FullName, "attributes");
+			}
+        }
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public Asn1Encodable GetBagAttribute(
+            DerObjectIdentifier oid)
+        {
+            return (Asn1Encodable)this.attributes[oid.Id];
+        }
+
+		[Obsolete("Use 'object[index]' syntax instead")]
+		public Asn1Encodable GetBagAttribute(
+            string oid)
+        {
+            return (Asn1Encodable)this.attributes[oid];
+        }
+
+		[Obsolete("Use 'BagAttributeKeys' property")]
+        public IEnumerator GetBagAttributeKeys()
+        {
+            return this.attributes.Keys.GetEnumerator();
+        }
+
+		public Asn1Encodable this[
+			DerObjectIdentifier oid]
+		{
+			get { return (Asn1Encodable) this.attributes[oid.Id]; }
+		}
+
+		public Asn1Encodable this[
+			string oid]
+		{
+			get { return (Asn1Encodable) this.attributes[oid]; }
+		}
+
+		public IEnumerable BagAttributeKeys
+		{
+			get { return new EnumerableProxy(this.attributes.Keys); }
+		}
+    }
+}
diff --git a/bc-sharp-crypto/src/pkcs/Pkcs12Store.cs b/bc-sharp-crypto/src/pkcs/Pkcs12Store.cs
new file mode 100644
index 0000000..e657887
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/Pkcs12Store.cs
@@ -0,0 +1,1100 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public class Pkcs12Store
+    {
+        private readonly IgnoresCaseHashtable	keys = new IgnoresCaseHashtable();
+        private readonly IDictionary            localIds = Platform.CreateHashtable();
+        private readonly IgnoresCaseHashtable	certs = new IgnoresCaseHashtable();
+        private readonly IDictionary            chainCerts = Platform.CreateHashtable();
+        private readonly IDictionary            keyCerts = Platform.CreateHashtable();
+        private readonly DerObjectIdentifier	keyAlgorithm;
+        private readonly DerObjectIdentifier	certAlgorithm;
+        private readonly bool					useDerEncoding;
+
+        private AsymmetricKeyEntry unmarkedKeyEntry = null;
+
+        private const int MinIterations = 1024;
+        private const int SaltSize = 20;
+
+        private static SubjectKeyIdentifier CreateSubjectKeyID(
+            AsymmetricKeyParameter pubKey)
+        {
+            return new SubjectKeyIdentifier(
+                SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey));
+        }
+
+        internal class CertId
+        {
+            private readonly byte[] id;
+
+            internal CertId(
+                AsymmetricKeyParameter pubKey)
+            {
+                this.id = CreateSubjectKeyID(pubKey).GetKeyIdentifier();
+            }
+
+            internal CertId(
+                byte[] id)
+            {
+                this.id = id;
+            }
+
+            internal byte[] Id
+            {
+                get { return id; }
+            }
+
+            public override int GetHashCode()
+            {
+                return Arrays.GetHashCode(id);
+            }
+
+            public override bool Equals(
+                object obj)
+            {
+                if (obj == this)
+                    return true;
+
+                CertId other = obj as CertId;
+
+                if (other == null)
+                    return false;
+
+                return Arrays.AreEqual(id, other.id);
+            }
+        }
+
+        internal Pkcs12Store(
+            DerObjectIdentifier	keyAlgorithm,
+            DerObjectIdentifier	certAlgorithm,
+            bool				useDerEncoding)
+        {
+            this.keyAlgorithm = keyAlgorithm;
+            this.certAlgorithm = certAlgorithm;
+            this.useDerEncoding = useDerEncoding;
+        }
+
+        // TODO Consider making obsolete
+//		[Obsolete("Use 'Pkcs12StoreBuilder' instead")]
+        public Pkcs12Store()
+            : this(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc,
+                PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc, false)
+        {
+        }
+
+        // TODO Consider making obsolete
+//		[Obsolete("Use 'Pkcs12StoreBuilder' and 'Load' method instead")]
+        public Pkcs12Store(
+            Stream	input,
+            char[]	password)
+            : this()
+        {
+            Load(input, password);
+        }
+
+        protected virtual void LoadKeyBag(PrivateKeyInfo privKeyInfo, Asn1Set bagAttributes)
+        {
+            AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo);
+
+            IDictionary attributes = Platform.CreateHashtable();
+            AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(privKey, attributes);
+
+            string alias = null;
+            Asn1OctetString localId = null;
+
+            if (bagAttributes != null)
+            {
+                foreach (Asn1Sequence sq in bagAttributes)
+                {
+                    DerObjectIdentifier aOid = DerObjectIdentifier.GetInstance(sq[0]);
+                    Asn1Set attrSet = Asn1Set.GetInstance(sq[1]);
+                    Asn1Encodable attr = null;
+
+                    if (attrSet.Count > 0)
+                    {
+                        // TODO We should be adding all attributes in the set
+                        attr = attrSet[0];
+
+                        // TODO We might want to "merge" attribute sets with
+                        // the same OID - currently, differing values give an error
+                        if (attributes.Contains(aOid.Id))
+                        {
+                            // OK, but the value has to be the same
+                            if (!attributes[aOid.Id].Equals(attr))
+                                throw new IOException("attempt to add existing attribute with different value");
+                        }
+                        else
+                        {
+                            attributes.Add(aOid.Id, attr);
+                        }
+
+                        if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
+                        {
+                            alias = ((DerBmpString)attr).GetString();
+                            // TODO Do these in a separate loop, just collect aliases here
+                            keys[alias] = keyEntry;
+                        }
+                        else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
+                        {
+                            localId = (Asn1OctetString)attr;
+                        }
+                    }
+                }
+            }
+
+            if (localId != null)
+            {
+                string name = Hex.ToHexString(localId.GetOctets());
+
+                if (alias == null)
+                {
+                    keys[name] = keyEntry;
+                }
+                else
+                {
+                    // TODO There may have been more than one alias
+                    localIds[alias] = name;
+                }
+            }
+            else
+            {
+                unmarkedKeyEntry = keyEntry;
+            }
+        }
+
+        protected virtual void LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo encPrivKeyInfo, Asn1Set bagAttributes,
+            char[] password, bool wrongPkcs12Zero)
+        {
+            if (password != null)
+            {
+                PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(
+                    password, wrongPkcs12Zero, encPrivKeyInfo);
+
+                LoadKeyBag(privInfo, bagAttributes);
+            }
+        }
+
+        public void Load(
+            Stream	input,
+            char[]	password)
+        {
+            if (input == null)
+                throw new ArgumentNullException("input");
+
+            Asn1Sequence obj = (Asn1Sequence) Asn1Object.FromStream(input);
+            Pfx bag = new Pfx(obj);
+            ContentInfo info = bag.AuthSafe;
+            bool wrongPkcs12Zero = false;
+
+            if (password != null && bag.MacData != null) // check the mac code
+            {
+                MacData mData = bag.MacData;
+                DigestInfo dInfo = mData.Mac;
+                AlgorithmIdentifier algId = dInfo.AlgorithmID;
+                byte[] salt = mData.GetSalt();
+                int itCount = mData.IterationCount.IntValue;
+
+                byte[] data = ((Asn1OctetString) info.Content).GetOctets();
+
+                byte[] mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, false, data);
+                byte[] dig = dInfo.GetDigest();
+
+                if (!Arrays.ConstantTimeAreEqual(mac, dig))
+                {
+                    if (password.Length > 0)
+                        throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
+
+                    // Try with incorrect zero length password
+                    mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, true, data);
+
+                    if (!Arrays.ConstantTimeAreEqual(mac, dig))
+                        throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file.");
+
+                    wrongPkcs12Zero = true;
+                }
+            }
+
+            keys.Clear();
+            localIds.Clear();
+            unmarkedKeyEntry = null;
+
+            IList certBags = Platform.CreateArrayList();
+
+            if (info.ContentType.Equals(PkcsObjectIdentifiers.Data))
+            {
+                byte[] octs = ((Asn1OctetString)info.Content).GetOctets();
+                AuthenticatedSafe authSafe = new AuthenticatedSafe(
+                    (Asn1Sequence) Asn1OctetString.FromByteArray(octs));
+                ContentInfo[] cis = authSafe.GetContentInfo();
+
+                foreach (ContentInfo ci in cis)
+                {
+                    DerObjectIdentifier oid = ci.ContentType;
+
+                    byte[] octets = null;
+                    if (oid.Equals(PkcsObjectIdentifiers.Data))
+                    {
+                        octets = ((Asn1OctetString)ci.Content).GetOctets();
+                    }
+                    else if (oid.Equals(PkcsObjectIdentifiers.EncryptedData))
+                    {
+                        if (password != null)
+                        {
+                            EncryptedData d = EncryptedData.GetInstance(ci.Content);
+                            octets = CryptPbeData(false, d.EncryptionAlgorithm,
+                                password, wrongPkcs12Zero, d.Content.GetOctets());
+                        }
+                    }
+                    else
+                    {
+                        // TODO Other data types
+                    }
+
+                    if (octets != null)
+                    {
+                        Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(octets);
+
+                        foreach (Asn1Sequence subSeq in seq)
+                        {
+                            SafeBag b = new SafeBag(subSeq);
+
+                            if (b.BagID.Equals(PkcsObjectIdentifiers.CertBag))
+                            {
+                                certBags.Add(b);
+                            }
+                            else if (b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag))
+                            {
+                                LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo.GetInstance(b.BagValue),
+                                    b.BagAttributes, password, wrongPkcs12Zero);
+                            }
+                            else if (b.BagID.Equals(PkcsObjectIdentifiers.KeyBag))
+                            {
+                                LoadKeyBag(PrivateKeyInfo.GetInstance(b.BagValue), b.BagAttributes);
+                            }
+                            else
+                            {
+                                // TODO Other bag types
+                            }
+                        }
+                    }
+                }
+            }
+
+            certs.Clear();
+            chainCerts.Clear();
+            keyCerts.Clear();
+
+            foreach (SafeBag b in certBags)
+            {
+                CertBag certBag = new CertBag((Asn1Sequence)b.BagValue);
+                byte[] octets = ((Asn1OctetString)certBag.CertValue).GetOctets();
+                X509Certificate cert = new X509CertificateParser().ReadCertificate(octets);
+
+                //
+                // set the attributes
+                //
+                IDictionary attributes = Platform.CreateHashtable();
+                Asn1OctetString localId = null;
+                string alias = null;
+
+                if (b.BagAttributes != null)
+                {
+                    foreach (Asn1Sequence sq in b.BagAttributes)
+                    {
+                        DerObjectIdentifier aOid = DerObjectIdentifier.GetInstance(sq[0]);
+                        Asn1Set attrSet = Asn1Set.GetInstance(sq[1]);
+
+                        if (attrSet.Count > 0)
+                        {
+                            // TODO We should be adding all attributes in the set
+                            Asn1Encodable attr = attrSet[0];
+
+                            // TODO We might want to "merge" attribute sets with
+                            // the same OID - currently, differing values give an error
+                            if (attributes.Contains(aOid.Id))
+                            {
+                                // OK, but the value has to be the same
+                                if (!attributes[aOid.Id].Equals(attr))
+                                {
+                                    throw new IOException("attempt to add existing attribute with different value");
+                                }
+                            }
+                            else
+                            {
+                                attributes.Add(aOid.Id, attr);
+                            }
+
+                            if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName))
+                            {
+                                alias = ((DerBmpString)attr).GetString();
+                            }
+                            else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID))
+                            {
+                                localId = (Asn1OctetString)attr;
+                            }
+                        }
+                    }
+                }
+
+                CertId certId = new CertId(cert.GetPublicKey());
+                X509CertificateEntry certEntry = new X509CertificateEntry(cert, attributes);
+
+                chainCerts[certId] = certEntry;
+
+                if (unmarkedKeyEntry != null)
+                {
+                    if (keyCerts.Count == 0)
+                    {
+                        string name = Hex.ToHexString(certId.Id);
+
+                        keyCerts[name] = certEntry;
+                        keys[name] = unmarkedKeyEntry;
+                    }
+                }
+                else
+                {
+                    if (localId != null)
+                    {
+                        string name = Hex.ToHexString(localId.GetOctets());
+
+                        keyCerts[name] = certEntry;
+                    }
+
+                    if (alias != null)
+                    {
+                        // TODO There may have been more than one alias
+                        certs[alias] = certEntry;
+                    }
+                }
+            }
+        }
+
+        public AsymmetricKeyEntry GetKey(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            return (AsymmetricKeyEntry)keys[alias];
+        }
+
+        public bool IsCertificateEntry(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            return (certs[alias] != null && keys[alias] == null);
+        }
+
+        public bool IsKeyEntry(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            return (keys[alias] != null);
+        }
+
+        private IDictionary GetAliasesTable()
+        {
+            IDictionary tab = Platform.CreateHashtable();
+
+            foreach (string key in certs.Keys)
+            {
+                tab[key] = "cert";
+            }
+
+            foreach (string a in keys.Keys)
+            {
+                if (tab[a] == null)
+                {
+                    tab[a] = "key";
+                }
+            }
+
+            return tab;
+        }
+
+        public IEnumerable Aliases
+        {
+            get { return new EnumerableProxy(GetAliasesTable().Keys); }
+        }
+
+        public bool ContainsAlias(
+            string alias)
+        {
+            return certs[alias] != null || keys[alias] != null;
+        }
+
+        /**
+         * simply return the cert entry for the private key
+         */
+        public X509CertificateEntry GetCertificate(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            X509CertificateEntry c = (X509CertificateEntry) certs[alias];
+
+            //
+            // look up the key table - and try the local key id
+            //
+            if (c == null)
+            {
+                string id = (string)localIds[alias];
+                if (id != null)
+                {
+                    c = (X509CertificateEntry)keyCerts[id];
+                }
+                else
+                {
+                    c = (X509CertificateEntry)keyCerts[alias];
+                }
+            }
+
+            return c;
+        }
+
+        public string GetCertificateAlias(
+            X509Certificate cert)
+        {
+            if (cert == null)
+                throw new ArgumentNullException("cert");
+
+            foreach (DictionaryEntry entry in certs)
+            {
+                X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
+                if (entryValue.Certificate.Equals(cert))
+                {
+                    return (string) entry.Key;
+                }
+            }
+
+            foreach (DictionaryEntry entry in keyCerts)
+            {
+                X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value;
+                if (entryValue.Certificate.Equals(cert))
+                {
+                    return (string) entry.Key;
+                }
+            }
+
+            return null;
+        }
+
+        public X509CertificateEntry[] GetCertificateChain(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            if (!IsKeyEntry(alias))
+            {
+                return null;
+            }
+
+            X509CertificateEntry c = GetCertificate(alias);
+
+            if (c != null)
+            {
+                IList cs = Platform.CreateArrayList();
+
+                while (c != null)
+                {
+                    X509Certificate x509c = c.Certificate;
+                    X509CertificateEntry nextC = null;
+
+                    Asn1OctetString ext = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
+                    if (ext != null)
+                    {
+                        AuthorityKeyIdentifier id = AuthorityKeyIdentifier.GetInstance(
+                            Asn1Object.FromByteArray(ext.GetOctets()));
+
+                        if (id.GetKeyIdentifier() != null)
+                        {
+                            nextC = (X509CertificateEntry) chainCerts[new CertId(id.GetKeyIdentifier())];
+                        }
+                    }
+
+                    if (nextC == null)
+                    {
+                        //
+                        // no authority key id, try the Issuer DN
+                        //
+                        X509Name i = x509c.IssuerDN;
+                        X509Name s = x509c.SubjectDN;
+
+                        if (!i.Equivalent(s))
+                        {
+                            foreach (CertId certId in chainCerts.Keys)
+                            {
+                                X509CertificateEntry x509CertEntry = (X509CertificateEntry) chainCerts[certId];
+
+                                X509Certificate crt = x509CertEntry.Certificate;
+
+                                X509Name sub = crt.SubjectDN;
+                                if (sub.Equivalent(i))
+                                {
+                                    try
+                                    {
+                                        x509c.Verify(crt.GetPublicKey());
+
+                                        nextC = x509CertEntry;
+                                        break;
+                                    }
+                                    catch (InvalidKeyException)
+                                    {
+                                        // TODO What if it doesn't verify?
+                                    }
+                                }
+                            }
+                        }
+                    }
+
+                    cs.Add(c);
+                    if (nextC != c) // self signed - end of the chain
+                    {
+                        c = nextC;
+                    }
+                    else
+                    {
+                        c = null;
+                    }
+                }
+
+                X509CertificateEntry[] result = new X509CertificateEntry[cs.Count];
+                for (int i = 0; i < cs.Count; ++i)
+                {
+                    result[i] = (X509CertificateEntry)cs[i];
+                }
+                return result;
+            }
+
+            return null;
+        }
+
+        public void SetCertificateEntry(
+            string					alias,
+            X509CertificateEntry	certEntry)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+            if (certEntry == null)
+                throw new ArgumentNullException("certEntry");
+            if (keys[alias] != null)
+                throw new ArgumentException("There is a key entry with the name " + alias + ".");
+
+            certs[alias] = certEntry;
+            chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry;
+        }
+
+        public void SetKeyEntry(
+            string					alias,
+            AsymmetricKeyEntry		keyEntry,
+            X509CertificateEntry[]	chain)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+            if (keyEntry == null)
+                throw new ArgumentNullException("keyEntry");
+            if (keyEntry.Key.IsPrivate && (chain == null))
+                throw new ArgumentException("No certificate chain for private key");
+
+            if (keys[alias] != null)
+            {
+                DeleteEntry(alias);
+            }
+
+            keys[alias] = keyEntry;
+            certs[alias] = chain[0];
+
+            for (int i = 0; i != chain.Length; i++)
+            {
+                chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i];
+            }
+        }
+
+        public void DeleteEntry(
+            string alias)
+        {
+            if (alias == null)
+                throw new ArgumentNullException("alias");
+
+            AsymmetricKeyEntry k = (AsymmetricKeyEntry)keys[alias];
+            if (k != null)
+            {
+                keys.Remove(alias);
+            }
+
+            X509CertificateEntry c = (X509CertificateEntry)certs[alias];
+
+            if (c != null)
+            {
+                certs.Remove(alias);
+                chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+            }
+
+            if (k != null)
+            {
+                string id = (string)localIds[alias];
+                if (id != null)
+                {
+                    localIds.Remove(alias);
+                    c = (X509CertificateEntry)keyCerts[id];
+                }
+                if (c != null)
+                {
+                    keyCerts.Remove(id);
+                    chainCerts.Remove(new CertId(c.Certificate.GetPublicKey()));
+                }
+            }
+
+            if (c == null && k == null)
+            {
+                throw new ArgumentException("no such entry as " + alias);
+            }
+        }
+
+        public bool IsEntryOfType(
+            string	alias,
+            Type	entryType)
+        {
+            if (entryType == typeof(X509CertificateEntry))
+                return IsCertificateEntry(alias);
+
+            if (entryType == typeof(AsymmetricKeyEntry))
+                return IsKeyEntry(alias) && GetCertificate(alias) != null;
+
+            return false;
+        }
+
+        [Obsolete("Use 'Count' property instead")]
+        public int Size()
+        {
+            return Count;
+        }
+
+        public int Count
+        {
+            // TODO Seems a little inefficient
+            get { return GetAliasesTable().Count; }
+        }
+
+        public void Save(
+            Stream			stream,
+            char[]			password,
+            SecureRandom	random)
+        {
+            if (stream == null)
+                throw new ArgumentNullException("stream");
+            if (random == null)
+                throw new ArgumentNullException("random");
+
+            //
+            // handle the keys
+            //
+            Asn1EncodableVector keyBags = new Asn1EncodableVector();
+            foreach (string name in keys.Keys)
+            {
+                byte[] kSalt = new byte[SaltSize];
+                random.NextBytes(kSalt);
+
+                AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name];
+
+                DerObjectIdentifier bagOid;
+                Asn1Encodable bagData;
+
+                if (password == null)
+                {
+                    bagOid = PkcsObjectIdentifiers.KeyBag;
+                    bagData = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey.Key);
+                }
+                else
+                {
+                    bagOid = PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag;
+                    bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+                        keyAlgorithm, password, kSalt, MinIterations, privKey.Key);
+                }
+
+                Asn1EncodableVector kName = new Asn1EncodableVector();
+
+                foreach (string oid in privKey.BagAttributeKeys)
+                {
+                    Asn1Encodable entry = privKey[oid];
+
+                    // NB: Ignore any existing FriendlyName
+                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
+                        continue;
+
+                    kName.Add(
+                        new DerSequence(
+                            new DerObjectIdentifier(oid),
+                            new DerSet(entry)));
+                }
+
+                //
+                // make sure we are using the local alias on store
+                //
+                // NB: We always set the FriendlyName based on 'name'
+                //if (privKey[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
+                {
+                    kName.Add(
+                        new DerSequence(
+                            PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
+                            new DerSet(new DerBmpString(name))));
+                }
+
+                //
+                // make sure we have a local key-id
+                //
+                if (privKey[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
+                {
+                    X509CertificateEntry ct = GetCertificate(name);
+                    AsymmetricKeyParameter pubKey = ct.Certificate.GetPublicKey();
+                    SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
+
+                    kName.Add(
+                        new DerSequence(
+                            PkcsObjectIdentifiers.Pkcs9AtLocalKeyID,
+                            new DerSet(subjectKeyID)));
+                }
+
+                keyBags.Add(new SafeBag(bagOid, bagData.ToAsn1Object(), new DerSet(kName)));
+            }
+
+            byte[] keyBagsEncoding = new DerSequence(keyBags).GetDerEncoded();
+            ContentInfo keysInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(keyBagsEncoding));
+
+            //
+            // certificate processing
+            //
+            byte[] cSalt = new byte[SaltSize];
+
+            random.NextBytes(cSalt);
+
+            Asn1EncodableVector	certBags = new Asn1EncodableVector();
+            Pkcs12PbeParams		cParams = new Pkcs12PbeParams(cSalt, MinIterations);
+            AlgorithmIdentifier	cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object());
+            ISet				doneCerts = new HashSet();
+
+            foreach (string name in keys.Keys)
+            {
+                X509CertificateEntry certEntry = GetCertificate(name);
+                CertBag cBag = new CertBag(
+                    PkcsObjectIdentifiers.X509Certificate,
+                    new DerOctetString(certEntry.Certificate.GetEncoded()));
+
+                Asn1EncodableVector fName = new Asn1EncodableVector();
+
+                foreach (string oid in certEntry.BagAttributeKeys)
+                {
+                    Asn1Encodable entry = certEntry[oid];
+
+                    // NB: Ignore any existing FriendlyName
+                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
+                        continue;
+
+                    fName.Add(
+                        new DerSequence(
+                            new DerObjectIdentifier(oid),
+                            new DerSet(entry)));
+                }
+
+                //
+                // make sure we are using the local alias on store
+                //
+                // NB: We always set the FriendlyName based on 'name'
+                //if (certEntry[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
+                {
+                    fName.Add(
+                        new DerSequence(
+                            PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
+                            new DerSet(new DerBmpString(name))));
+                }
+
+                //
+                // make sure we have a local key-id
+                //
+                if (certEntry[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
+                {
+                    AsymmetricKeyParameter pubKey = certEntry.Certificate.GetPublicKey();
+                    SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
+
+                    fName.Add(
+                        new DerSequence(
+                            PkcsObjectIdentifiers.Pkcs9AtLocalKeyID,
+                            new DerSet(subjectKeyID)));
+                }
+
+                certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName)));
+
+                doneCerts.Add(certEntry.Certificate);
+            }
+
+            foreach (string certId in certs.Keys)
+            {
+                X509CertificateEntry cert = (X509CertificateEntry)certs[certId];
+
+                if (keys[certId] != null)
+                    continue;
+
+                CertBag cBag = new CertBag(
+                    PkcsObjectIdentifiers.X509Certificate,
+                    new DerOctetString(cert.Certificate.GetEncoded()));
+
+                Asn1EncodableVector fName = new Asn1EncodableVector();
+
+                foreach (string oid in cert.BagAttributeKeys)
+                {
+                    // a certificate not immediately linked to a key doesn't require
+                    // a localKeyID and will confuse some PKCS12 implementations.
+                    //
+                    // If we find one, we'll prune it out.
+                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+                        continue;
+
+                    Asn1Encodable entry = cert[oid];
+
+                    // NB: Ignore any existing FriendlyName
+                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
+                        continue;
+
+                    fName.Add(
+                        new DerSequence(
+                            new DerObjectIdentifier(oid),
+                            new DerSet(entry)));
+                }
+
+                //
+                // make sure we are using the local alias on store
+                //
+                // NB: We always set the FriendlyName based on 'certId'
+                //if (cert[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
+                {
+                    fName.Add(
+                        new DerSequence(
+                            PkcsObjectIdentifiers.Pkcs9AtFriendlyName,
+                            new DerSet(new DerBmpString(certId))));
+                }
+
+                certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName)));
+
+                doneCerts.Add(cert.Certificate);
+            }
+
+            foreach (CertId certId in chainCerts.Keys)
+            {
+                X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId];
+
+                if (doneCerts.Contains(cert.Certificate))
+                    continue;
+
+                CertBag cBag = new CertBag(
+                    PkcsObjectIdentifiers.X509Certificate,
+                    new DerOctetString(cert.Certificate.GetEncoded()));
+
+                Asn1EncodableVector fName = new Asn1EncodableVector();
+
+                foreach (string oid in cert.BagAttributeKeys)
+                {
+                    // a certificate not immediately linked to a key doesn't require
+                    // a localKeyID and will confuse some PKCS12 implementations.
+                    //
+                    // If we find one, we'll prune it out.
+                    if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
+                        continue;
+
+                    fName.Add(
+                        new DerSequence(
+                            new DerObjectIdentifier(oid),
+                            new DerSet(cert[oid])));
+                }
+
+                certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName)));
+            }
+
+            byte[] certBagsEncoding = new DerSequence(certBags).GetDerEncoded();
+
+            ContentInfo certsInfo;
+            if (password == null)
+            {
+                certsInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(certBagsEncoding));
+            }
+            else
+            {
+                byte[] certBytes = CryptPbeData(true, cAlgId, password, false, certBagsEncoding);
+                EncryptedData cInfo = new EncryptedData(PkcsObjectIdentifiers.Data, cAlgId, new BerOctetString(certBytes));
+                certsInfo = new ContentInfo(PkcsObjectIdentifiers.EncryptedData, cInfo.ToAsn1Object());
+            }
+
+            ContentInfo[] info = new ContentInfo[]{ keysInfo, certsInfo };
+
+            byte[] data = new AuthenticatedSafe(info).GetEncoded(
+                useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber);
+
+            ContentInfo mainInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(data));
+
+            //
+            // create the mac
+            //
+            MacData macData = null;
+            if (password != null)
+            {
+                byte[] mSalt = new byte[20];
+                random.NextBytes(mSalt);
+
+                byte[] mac = CalculatePbeMac(OiwObjectIdentifiers.IdSha1,
+                    mSalt, MinIterations, password, false, data);
+
+                AlgorithmIdentifier algId = new AlgorithmIdentifier(
+                    OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+                DigestInfo dInfo = new DigestInfo(algId, mac);
+
+                macData = new MacData(dInfo, mSalt, MinIterations);
+            }
+
+            //
+            // output the Pfx
+            //
+            Pfx pfx = new Pfx(mainInfo, macData);
+
+            DerOutputStream derOut;
+            if (useDerEncoding)
+            {
+                derOut = new DerOutputStream(stream);
+            }
+            else
+            {
+                derOut = new BerOutputStream(stream);
+            }
+
+            derOut.WriteObject(pfx);
+        }
+
+        internal static byte[] CalculatePbeMac(
+            DerObjectIdentifier	oid,
+            byte[]				salt,
+            int					itCount,
+            char[]				password,
+            bool				wrongPkcs12Zero,
+            byte[]				data)
+        {
+            Asn1Encodable asn1Params = PbeUtilities.GenerateAlgorithmParameters(
+                oid, salt, itCount);
+            ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+                oid, password, wrongPkcs12Zero, asn1Params);
+
+            IMac mac = (IMac) PbeUtilities.CreateEngine(oid);
+            mac.Init(cipherParams);
+            return MacUtilities.DoFinal(mac, data);
+        }
+
+        private static byte[] CryptPbeData(
+            bool				forEncryption,
+            AlgorithmIdentifier	algId,
+            char[]				password,
+            bool				wrongPkcs12Zero,
+            byte[]				data)
+        {
+            IBufferedCipher cipher = PbeUtilities.CreateEngine(algId.Algorithm) as IBufferedCipher;
+
+            if (cipher == null)
+                throw new Exception("Unknown encryption algorithm: " + algId.Algorithm);
+
+            Pkcs12PbeParams pbeParameters = Pkcs12PbeParams.GetInstance(algId.Parameters);
+            ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
+                algId.Algorithm, password, wrongPkcs12Zero, pbeParameters);
+            cipher.Init(forEncryption, cipherParams);
+            return cipher.DoFinal(data);
+        }
+
+        private class IgnoresCaseHashtable
+            : IEnumerable
+        {
+            private readonly IDictionary orig = Platform.CreateHashtable();
+            private readonly IDictionary keys = Platform.CreateHashtable();
+
+            public void Clear()
+            {
+                orig.Clear();
+                keys.Clear();
+            }
+
+            public IEnumerator GetEnumerator()
+            {
+                return orig.GetEnumerator();
+            }
+
+            public ICollection Keys
+            {
+                get { return orig.Keys; }
+            }
+
+            public object Remove(
+                string alias)
+            {
+                string upper = Platform.ToUpperInvariant(alias);
+                string k = (string)keys[upper];
+
+                if (k == null)
+                    return null;
+
+                keys.Remove(upper);
+
+                object o = orig[k];
+                orig.Remove(k);
+                return o;
+            }
+
+            public object this[
+                string alias]
+            {
+                get
+                {
+                    string upper = Platform.ToUpperInvariant(alias);
+                    string k = (string)keys[upper];
+
+                    if (k == null)
+                        return null;
+
+                    return orig[k];
+                }
+                set
+                {
+                    string upper = Platform.ToUpperInvariant(alias);
+                    string k = (string)keys[upper];
+                    if (k != null)
+                    {
+                        orig.Remove(k);
+                    }
+                    keys[upper] = alias;
+                    orig[alias] = value;
+                }
+            }
+
+            public ICollection Values
+            {
+                get { return orig.Values; }
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkcs/Pkcs12Utilities.cs b/bc-sharp-crypto/src/pkcs/Pkcs12Utilities.cs
new file mode 100644
index 0000000..923eca5
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/Pkcs12Utilities.cs
@@ -0,0 +1,77 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Pkcs
+{
+	/**
+	 * Utility class for reencoding PKCS#12 files to definite length.
+	 */
+	public class Pkcs12Utilities
+	{
+		/**
+		 * Just re-encode the outer layer of the PKCS#12 file to definite length encoding.
+		 *
+		 * @param berPKCS12File - original PKCS#12 file
+		 * @return a byte array representing the DER encoding of the PFX structure
+		 * @throws IOException
+		 */
+		public static byte[] ConvertToDefiniteLength(
+			byte[] berPkcs12File)
+		{
+			Pfx pfx = new Pfx(Asn1Sequence.GetInstance(Asn1Object.FromByteArray(berPkcs12File)));
+
+			return pfx.GetEncoded(Asn1Encodable.Der);
+		}
+
+		/**
+		* Re-encode the PKCS#12 structure to definite length encoding at the inner layer
+		* as well, recomputing the MAC accordingly.
+		*
+		* @param berPKCS12File - original PKCS12 file.
+		* @param provider - provider to use for MAC calculation.
+		* @return a byte array representing the DER encoding of the PFX structure.
+		* @throws IOException on parsing, encoding errors.
+		*/
+		public static byte[] ConvertToDefiniteLength(
+			byte[]	berPkcs12File,
+			char[]	passwd)
+		{
+			Pfx pfx = new Pfx(Asn1Sequence.GetInstance(Asn1Object.FromByteArray(berPkcs12File)));
+
+			ContentInfo info = pfx.AuthSafe;
+
+			Asn1OctetString content = Asn1OctetString.GetInstance(info.Content);
+			Asn1Object obj = Asn1Object.FromByteArray(content.GetOctets());
+
+			info = new ContentInfo(info.ContentType, new DerOctetString(obj.GetEncoded(Asn1Encodable.Der)));
+
+			MacData mData = pfx.MacData;
+
+			try
+			{
+				int itCount = mData.IterationCount.IntValue;
+				byte[] data = Asn1OctetString.GetInstance(info.Content).GetOctets();
+				byte[] res = Pkcs12Store.CalculatePbeMac(
+                    mData.Mac.AlgorithmID.Algorithm, mData.GetSalt(), itCount, passwd, false, data);
+
+				AlgorithmIdentifier algId = new AlgorithmIdentifier(
+                    mData.Mac.AlgorithmID.Algorithm, DerNull.Instance);
+				DigestInfo dInfo = new DigestInfo(algId, res);
+
+				mData = new MacData(dInfo, mData.GetSalt(), itCount);
+			}
+			catch (Exception e)
+			{
+				throw new IOException("error constructing MAC: " + e.ToString());
+			}
+
+			pfx = new Pfx(info, mData);
+
+			return pfx.GetEncoded(Asn1Encodable.Der);
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/pkcs/PrivateKeyInfoFactory.cs b/bc-sharp-crypto/src/pkcs/PrivateKeyInfoFactory.cs
new file mode 100644
index 0000000..a349a11
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/PrivateKeyInfoFactory.cs
@@ -0,0 +1,205 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public sealed class PrivateKeyInfoFactory
+    {
+        private PrivateKeyInfoFactory()
+        {
+        }
+
+        public static PrivateKeyInfo CreatePrivateKeyInfo(
+            AsymmetricKeyParameter key)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+            if (!key.IsPrivate)
+                throw new ArgumentException("Public key passed - private key expected", "key");
+
+            if (key is ElGamalPrivateKeyParameters)
+            {
+                ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)key;
+                return new PrivateKeyInfo(
+                    new AlgorithmIdentifier(
+                    OiwObjectIdentifiers.ElGamalAlgorithm,
+                    new ElGamalParameter(
+                    _key.Parameters.P,
+                    _key.Parameters.G).ToAsn1Object()),
+                    new DerInteger(_key.X));
+            }
+
+            if (key is DsaPrivateKeyParameters)
+            {
+                DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)key;
+                return new PrivateKeyInfo(
+                    new AlgorithmIdentifier(
+                    X9ObjectIdentifiers.IdDsa,
+                    new DsaParameter(
+                    _key.Parameters.P,
+                    _key.Parameters.Q,
+                    _key.Parameters.G).ToAsn1Object()),
+                    new DerInteger(_key.X));
+            }
+
+            if (key is DHPrivateKeyParameters)
+            {
+                DHPrivateKeyParameters _key = (DHPrivateKeyParameters)key;
+
+                DHParameter p = new DHParameter(
+                    _key.Parameters.P, _key.Parameters.G, _key.Parameters.L);
+
+                return new PrivateKeyInfo(
+                    new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()),
+                    new DerInteger(_key.X));
+            }
+
+            if (key is RsaKeyParameters)
+            {
+                AlgorithmIdentifier algID = new AlgorithmIdentifier(
+                    PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance);
+
+                RsaPrivateKeyStructure keyStruct;
+                if (key is RsaPrivateCrtKeyParameters)
+                {
+                    RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)key;
+
+                    keyStruct = new RsaPrivateKeyStructure(
+                        _key.Modulus,
+                        _key.PublicExponent,
+                        _key.Exponent,
+                        _key.P,
+                        _key.Q,
+                        _key.DP,
+                        _key.DQ,
+                        _key.QInv);
+                }
+                else
+                {
+                    RsaKeyParameters _key = (RsaKeyParameters) key;
+
+                    keyStruct = new RsaPrivateKeyStructure(
+                        _key.Modulus,
+                        BigInteger.Zero,
+                        _key.Exponent,
+                        BigInteger.Zero,
+                        BigInteger.Zero,
+                        BigInteger.Zero,
+                        BigInteger.Zero,
+                        BigInteger.Zero);
+                }
+
+                return new PrivateKeyInfo(algID, keyStruct.ToAsn1Object());
+            }
+
+            if (key is ECPrivateKeyParameters)
+            {
+                ECPrivateKeyParameters priv = (ECPrivateKeyParameters)key;
+                ECDomainParameters dp = priv.Parameters;
+                int orderBitLength = dp.N.BitLength;
+
+                AlgorithmIdentifier algID;
+                ECPrivateKeyStructure ec;
+
+                if (priv.AlgorithmName == "ECGOST3410")
+                {
+                    if (priv.PublicKeyParamSet == null)
+                        throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
+
+                    Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
+                        priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
+
+                    algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams);
+
+                    // TODO Do we need to pass any parameters here?
+                    ec = new ECPrivateKeyStructure(orderBitLength, priv.D);
+                }
+                else
+                {
+                    X962Parameters x962;
+                    if (priv.PublicKeyParamSet == null)
+                    {
+                        X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed());
+                        x962 = new X962Parameters(ecP);
+                    }
+                    else
+                    {
+                        x962 = new X962Parameters(priv.PublicKeyParamSet);
+                    }
+
+                    // TODO Possible to pass the publicKey bitstring here?
+                    ec = new ECPrivateKeyStructure(orderBitLength, priv.D, x962);
+
+                    algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962);
+                }
+
+                return new PrivateKeyInfo(algID, ec);
+            }
+
+            if (key is Gost3410PrivateKeyParameters)
+            {
+                Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)key;
+
+                if (_key.PublicKeyParamSet == null)
+                    throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
+
+                byte[] keyEnc = _key.X.ToByteArrayUnsigned();
+                byte[] keyBytes = new byte[keyEnc.Length];
+
+                for (int i = 0; i != keyBytes.Length; i++)
+                {
+                    keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
+                }
+
+                Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
+                    _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null);
+
+                AlgorithmIdentifier algID = new AlgorithmIdentifier(
+                    CryptoProObjectIdentifiers.GostR3410x94,
+                    algParams.ToAsn1Object());
+
+                return new PrivateKeyInfo(algID, new DerOctetString(keyBytes));
+            }
+
+            throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(key));
+        }
+
+        public static PrivateKeyInfo CreatePrivateKeyInfo(
+            char[]					passPhrase,
+            EncryptedPrivateKeyInfo	encInfo)
+        {
+            return CreatePrivateKeyInfo(passPhrase, false, encInfo);
+        }
+
+        public static PrivateKeyInfo CreatePrivateKeyInfo(
+            char[]					passPhrase,
+            bool					wrongPkcs12Zero,
+            EncryptedPrivateKeyInfo	encInfo)
+        {
+            AlgorithmIdentifier algID = encInfo.EncryptionAlgorithm;
+
+            IBufferedCipher cipher = PbeUtilities.CreateEngine(algID) as IBufferedCipher;
+            if (cipher == null)
+                throw new Exception("Unknown encryption algorithm: " + algID.Algorithm);
+
+            ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters(
+                algID, passPhrase, wrongPkcs12Zero);
+            cipher.Init(false, cipherParameters);
+            byte[] keyBytes = cipher.DoFinal(encInfo.GetEncryptedData());
+
+            return PrivateKeyInfo.GetInstance(keyBytes);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkcs/X509CertificateEntry.cs b/bc-sharp-crypto/src/pkcs/X509CertificateEntry.cs
new file mode 100644
index 0000000..2f81dd8
--- /dev/null
+++ b/bc-sharp-crypto/src/pkcs/X509CertificateEntry.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkcs
+{
+    public class X509CertificateEntry
+        : Pkcs12Entry
+    {
+        private readonly X509Certificate cert;
+
+		public X509CertificateEntry(
+            X509Certificate cert)
+			: base(Platform.CreateHashtable())
+        {
+            this.cert = cert;
+        }
+
+#if !(SILVERLIGHT || PORTABLE)
+        [Obsolete]
+        public X509CertificateEntry(
+            X509Certificate	cert,
+            Hashtable		attributes)
+			: base(attributes)
+        {
+            this.cert = cert;
+        }
+#endif
+
+        public X509CertificateEntry(
+            X509Certificate cert,
+            IDictionary     attributes)
+			: base(attributes)
+        {
+            this.cert = cert;
+        }
+
+		public X509Certificate Certificate
+        {
+			get { return this.cert; }
+        }
+
+		public override bool Equals(object obj)
+		{
+			X509CertificateEntry other = obj as X509CertificateEntry;
+
+			if (other == null)
+				return false;
+
+			return cert.Equals(other.cert);
+		}
+
+		public override int GetHashCode()
+		{
+			return ~cert.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/CertStatus.cs b/bc-sharp-crypto/src/pkix/CertStatus.cs
new file mode 100644
index 0000000..4f40b7b
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/CertStatus.cs
@@ -0,0 +1,35 @@
+using System;
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Pkix
+{
+    public class CertStatus
+    {
+        public const int Unrevoked = 11;
+
+        public const int Undetermined = 12;
+
+        private int status = Unrevoked;
+
+        DateTimeObject revocationDate = null;
+
+        /// <summary>
+        /// Returns the revocationDate.
+        /// </summary>
+         public DateTimeObject RevocationDate
+        {
+            get { return revocationDate; }
+            set { this.revocationDate = value; }
+        }
+
+		/// <summary>
+        /// Returns the certStatus.
+        /// </summary>
+        public int Status
+        {
+            get { return status; }
+            set { this.status = value; }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixAttrCertChecker.cs b/bc-sharp-crypto/src/pkix/PkixAttrCertChecker.cs
new file mode 100644
index 0000000..a6eab84
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixAttrCertChecker.cs
@@ -0,0 +1,57 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkix
+{
+	public abstract class PkixAttrCertChecker
+	{
+		/**
+		 * Returns an immutable <code>Set</code> of X.509 attribute certificate
+		 * extensions that this <code>PkixAttrCertChecker</code> supports or
+		 * <code>null</code> if no extensions are supported.
+		 * <p>
+		 * Each element of the set is a <code>String</code> representing the
+		 * Object Identifier (OID) of the X.509 extension that is supported.
+		 * </p>
+		 * <p>
+		 * All X.509 attribute certificate extensions that a
+		 * <code>PkixAttrCertChecker</code> might possibly be able to process
+		 * should be included in the set.
+		 * </p>
+		 * 
+		 * @return an immutable <code>Set</code> of X.509 extension OIDs (in
+		 *         <code>String</code> format) supported by this
+		 *         <code>PkixAttrCertChecker</code>, or <code>null</code> if no
+		 *         extensions are supported
+		 */
+		public abstract ISet GetSupportedExtensions();
+
+		/**
+		* Performs checks on the specified attribute certificate. Every handled
+		* extension is rmeoved from the <code>unresolvedCritExts</code>
+		* collection.
+		* 
+		* @param attrCert The attribute certificate to be checked.
+		* @param certPath The certificate path which belongs to the attribute
+		*            certificate issuer public key certificate.
+		* @param holderCertPath The certificate path which belongs to the holder
+		*            certificate.
+		* @param unresolvedCritExts a <code>Collection</code> of OID strings
+		*            representing the current set of unresolved critical extensions
+		* @throws CertPathValidatorException if the specified attribute certificate
+		*             does not pass the check.
+		*/
+		public abstract void Check(IX509AttributeCertificate attrCert, PkixCertPath certPath,
+			PkixCertPath holderCertPath, ICollection unresolvedCritExts);
+
+		/**
+		* Returns a clone of this object.
+		* 
+		* @return a copy of this <code>PkixAttrCertChecker</code>
+		*/
+		public abstract PkixAttrCertChecker Clone();
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixAttrCertPathBuilder.cs b/bc-sharp-crypto/src/pkix/PkixAttrCertPathBuilder.cs
new file mode 100644
index 0000000..646cc5d
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixAttrCertPathBuilder.cs
@@ -0,0 +1,215 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	public class PkixAttrCertPathBuilder
+	{
+		/**
+		* Build and validate a CertPath using the given parameter.
+		*
+		* @param params PKIXBuilderParameters object containing all information to
+		*            build the CertPath
+		*/
+		public virtual PkixCertPathBuilderResult Build(
+			PkixBuilderParameters pkixParams)
+		{
+			// search target certificates
+
+			IX509Selector certSelect = pkixParams.GetTargetConstraints();
+			if (!(certSelect is X509AttrCertStoreSelector))
+			{
+				throw new PkixCertPathBuilderException(
+					"TargetConstraints must be an instance of "
+					+ typeof(X509AttrCertStoreSelector).FullName
+					+ " for "
+					+ typeof(PkixAttrCertPathBuilder).FullName + " class.");
+			}
+
+			ICollection targets;
+			try
+			{
+				targets = PkixCertPathValidatorUtilities.FindCertificates(
+					(X509AttrCertStoreSelector)certSelect, pkixParams.GetStores());
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathBuilderException("Error finding target attribute certificate.", e);
+			}
+
+			if (targets.Count == 0)
+			{
+				throw new PkixCertPathBuilderException(
+					"No attribute certificate found matching targetContraints.");
+			}
+
+			PkixCertPathBuilderResult result = null;
+
+			// check all potential target certificates
+			foreach (IX509AttributeCertificate cert in targets)
+			{
+				X509CertStoreSelector selector = new X509CertStoreSelector();
+				X509Name[] principals = cert.Issuer.GetPrincipals();
+				ISet issuers = new HashSet();
+				for (int i = 0; i < principals.Length; i++)
+				{
+					try
+					{
+						selector.Subject = principals[i];
+
+						issuers.AddAll(PkixCertPathValidatorUtilities.FindCertificates(selector, pkixParams.GetStores()));
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathBuilderException(
+							"Public key certificate for attribute certificate cannot be searched.",
+							e);
+					}
+				}
+
+				if (issuers.IsEmpty)
+					throw new PkixCertPathBuilderException("Public key certificate for attribute certificate cannot be found.");
+
+                IList certPathList = Platform.CreateArrayList();
+
+				foreach (X509Certificate issuer in issuers)
+				{
+					result = Build(cert, issuer, pkixParams, certPathList);
+
+					if (result != null)
+						break;
+				}
+
+				if (result != null)
+					break;
+			}
+
+			if (result == null && certPathException != null)
+			{
+				throw new PkixCertPathBuilderException(
+					"Possible certificate chain could not be validated.",
+					certPathException);
+			}
+
+			if (result == null && certPathException == null)
+			{
+				throw new PkixCertPathBuilderException(
+					"Unable to find certificate chain.");
+			}
+
+			return result;
+		}
+
+		private Exception certPathException;
+
+		private PkixCertPathBuilderResult Build(
+			IX509AttributeCertificate	attrCert,
+			X509Certificate				tbvCert,
+			PkixBuilderParameters		pkixParams,
+			IList						tbvPath)
+		{
+			// If tbvCert is readily present in tbvPath, it indicates having run
+			// into a cycle in the
+			// PKI graph.
+			if (tbvPath.Contains(tbvCert))
+				return null;
+
+			// step out, the certificate is not allowed to appear in a certification
+			// chain
+			if (pkixParams.GetExcludedCerts().Contains(tbvCert))
+				return null;
+
+			// test if certificate path exceeds maximum length
+			if (pkixParams.MaxPathLength != -1)
+			{
+				if (tbvPath.Count - 1 > pkixParams.MaxPathLength)
+					return null;
+			}
+
+			tbvPath.Add(tbvCert);
+
+			PkixCertPathBuilderResult builderResult = null;
+
+//			X509CertificateParser certParser = new X509CertificateParser();
+			PkixAttrCertPathValidator validator = new PkixAttrCertPathValidator();
+
+			try
+			{
+				// check whether the issuer of <tbvCert> is a TrustAnchor
+				if (PkixCertPathValidatorUtilities.FindTrustAnchor(tbvCert, pkixParams.GetTrustAnchors()) != null)
+				{
+					PkixCertPath certPath = new PkixCertPath(tbvPath);
+					PkixCertPathValidatorResult result;
+
+					try
+					{
+						result = validator.Validate(certPath, pkixParams);
+					}
+					catch (Exception e)
+					{
+						throw new Exception("Certification path could not be validated.", e);
+					}
+
+					return new PkixCertPathBuilderResult(certPath, result.TrustAnchor,
+						result.PolicyTree, result.SubjectPublicKey);
+				}
+				else
+				{
+					// add additional X.509 stores from locations in certificate
+					try
+					{
+						PkixCertPathValidatorUtilities.AddAdditionalStoresFromAltNames(tbvCert, pkixParams);
+					}
+					catch (CertificateParsingException e)
+					{
+						throw new Exception("No additional X.509 stores can be added from certificate locations.", e);
+					}
+
+					// try to get the issuer certificate from one of the stores
+					ISet issuers = new HashSet();
+					try
+					{
+						issuers.AddAll(PkixCertPathValidatorUtilities.FindIssuerCerts(tbvCert, pkixParams));
+					}
+					catch (Exception e)
+					{
+						throw new Exception("Cannot find issuer certificate for certificate in certification path.", e);
+					}
+
+					if (issuers.IsEmpty)
+						throw new Exception("No issuer certificate for certificate in certification path found.");
+
+					foreach (X509Certificate issuer in issuers)
+					{
+						// if untrusted self signed certificate continue
+						if (PkixCertPathValidatorUtilities.IsSelfIssued(issuer))
+							continue;
+
+						builderResult = Build(attrCert, issuer, pkixParams, tbvPath);
+
+						if (builderResult != null)
+							break;
+					}
+				}
+			}
+			catch (Exception e)
+			{
+				certPathException = new Exception("No valid certification path could be build.", e);
+			}
+
+			if (builderResult == null)
+			{
+				tbvPath.Remove(tbvCert);
+			}
+
+			return builderResult;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixAttrCertPathValidator.cs b/bc-sharp-crypto/src/pkix/PkixAttrCertPathValidator.cs
new file mode 100644
index 0000000..5f53bcd
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixAttrCertPathValidator.cs
@@ -0,0 +1,76 @@
+using System;
+
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/**
+	* CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
+	* 
+	* @see org.bouncycastle.x509.ExtendedPkixParameters
+	*/
+	public class PkixAttrCertPathValidator
+	//    extends CertPathValidatorSpi
+	{
+		/**
+		* Validates an attribute certificate with the given certificate path.
+		* 
+		* <p>
+		* <code>params</code> must be an instance of
+		* <code>ExtendedPkixParameters</code>.
+		* </p><p>
+		* The target constraints in the <code>params</code> must be an
+		* <code>X509AttrCertStoreSelector</code> with at least the attribute
+		* certificate criterion set. Obey that also target informations may be
+		* necessary to correctly validate this attribute certificate.
+		* </p><p>
+		* The attribute certificate issuer must be added to the trusted attribute
+		* issuers with {@link ExtendedPkixParameters#setTrustedACIssuers(Set)}.
+		* </p>
+		* @param certPath The certificate path which belongs to the attribute
+		*            certificate issuer public key certificate.
+		* @param params The PKIX parameters.
+		* @return A <code>PKIXCertPathValidatorResult</code> of the result of
+		*         validating the <code>certPath</code>.
+		* @throws InvalidAlgorithmParameterException if <code>params</code> is
+		*             inappropriate for this validator.
+		* @throws CertPathValidatorException if the verification fails.
+		*/
+		public virtual PkixCertPathValidatorResult Validate(
+			PkixCertPath	certPath,
+			PkixParameters	pkixParams)
+		{
+			IX509Selector certSelect = pkixParams.GetTargetConstraints();
+			if (!(certSelect is X509AttrCertStoreSelector))
+			{
+				throw new ArgumentException(
+					"TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).FullName,
+					"pkixParams");
+			}
+			IX509AttributeCertificate attrCert = ((X509AttrCertStoreSelector) certSelect).AttributeCert;
+
+			PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attrCert, pkixParams);
+			PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams);
+			X509Certificate issuerCert = (X509Certificate)certPath.Certificates[0];
+			Rfc3281CertPathUtilities.ProcessAttrCert3(issuerCert, pkixParams);
+			Rfc3281CertPathUtilities.ProcessAttrCert4(issuerCert, pkixParams);
+			Rfc3281CertPathUtilities.ProcessAttrCert5(attrCert, pkixParams);
+			// 6 already done in X509AttrCertStoreSelector
+			Rfc3281CertPathUtilities.ProcessAttrCert7(attrCert, certPath, holderCertPath, pkixParams);
+			Rfc3281CertPathUtilities.AdditionalChecks(attrCert, pkixParams);
+			DateTime date;
+			try
+			{
+				date = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1);
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Could not get validity date from attribute certificate.", e);
+			}
+			Rfc3281CertPathUtilities.CheckCrls(attrCert, pkixParams, issuerCert, date, certPath.Certificates);
+			return result;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixBuilderParameters.cs b/bc-sharp-crypto/src/pkix/PkixBuilderParameters.cs
new file mode 100644
index 0000000..32fc043
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixBuilderParameters.cs
@@ -0,0 +1,140 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509.Store;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+    /// Summary description for PkixBuilderParameters.
+	/// </summary>
+	public class PkixBuilderParameters
+		: PkixParameters
+	{
+		private int maxPathLength = 5;
+
+		private ISet excludedCerts = new HashSet();
+
+		/**
+		* Returns an instance of <code>PkixBuilderParameters</code>.
+		* <p>
+		* This method can be used to get a copy from other
+		* <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
+		* and <code>ExtendedPKIXParameters</code> instances.
+		* </p>
+		*
+		* @param pkixParams The PKIX parameters to create a copy of.
+		* @return An <code>PkixBuilderParameters</code> instance.
+		*/
+		public static PkixBuilderParameters GetInstance(
+			PkixParameters pkixParams)
+		{
+			PkixBuilderParameters parameters = new PkixBuilderParameters(
+				pkixParams.GetTrustAnchors(),
+				new X509CertStoreSelector(pkixParams.GetTargetCertConstraints()));
+			parameters.SetParams(pkixParams);
+			return parameters;
+		}
+
+		public PkixBuilderParameters(
+			ISet			trustAnchors,
+			IX509Selector	targetConstraints)
+			: base(trustAnchors)
+		{
+			SetTargetCertConstraints(targetConstraints);
+		}
+
+		public virtual int MaxPathLength
+		{
+			get { return maxPathLength; }
+			set
+			{
+				if (value < -1)
+				{
+					throw new InvalidParameterException(
+						"The maximum path length parameter can not be less than -1.");
+				}
+				this.maxPathLength = value;
+			}
+		}
+
+		/// <summary>
+		/// Excluded certificates are not used for building a certification path.
+		/// </summary>
+		/// <returns>the excluded certificates.</returns>
+		public virtual ISet GetExcludedCerts()
+		{
+			return new HashSet(excludedCerts);
+		}
+
+		/// <summary>
+		/// Sets the excluded certificates which are not used for building a
+		/// certification path. If the <code>ISet</code> is <code>null</code> an
+		/// empty set is assumed.
+		/// </summary>
+		/// <remarks>
+		/// The given set is cloned to protect it against subsequent modifications.
+		/// </remarks>
+		/// <param name="excludedCerts">The excluded certificates to set.</param>
+		public virtual void SetExcludedCerts(
+			ISet excludedCerts)
+		{
+			if (excludedCerts == null)
+			{
+				excludedCerts = new HashSet();
+			}
+			else
+			{
+				this.excludedCerts = new HashSet(excludedCerts);
+			}
+		}
+
+		/**
+		* Can alse handle <code>ExtendedPKIXBuilderParameters</code> and
+		* <code>PKIXBuilderParameters</code>.
+		* 
+		* @param params Parameters to set.
+		* @see org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters)
+		*/
+		protected override void SetParams(
+			PkixParameters parameters)
+		{
+			base.SetParams(parameters);
+			if (parameters is PkixBuilderParameters)
+			{
+				PkixBuilderParameters _params = (PkixBuilderParameters) parameters;
+				maxPathLength = _params.maxPathLength;
+				excludedCerts = new HashSet(_params.excludedCerts);
+			}
+		}
+
+		/**
+		* Makes a copy of this <code>PKIXParameters</code> object. Changes to the
+		* copy will not affect the original and vice versa.
+		*
+		* @return a copy of this <code>PKIXParameters</code> object
+		*/
+		public override object Clone()
+		{
+			PkixBuilderParameters parameters = new PkixBuilderParameters(
+				GetTrustAnchors(), GetTargetCertConstraints());
+			parameters.SetParams(this);
+			return parameters;
+		}
+
+		public override string ToString()
+		{
+			string nl = Platform.NewLine;
+			StringBuilder s = new StringBuilder();
+			s.Append("PkixBuilderParameters [" + nl);
+			s.Append(base.ToString());
+			s.Append("  Maximum Path Length: ");
+			s.Append(MaxPathLength);
+			s.Append(nl + "]" + nl);
+			return s.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPath.cs b/bc-sharp-crypto/src/pkix/PkixCertPath.cs
new file mode 100644
index 0000000..3c428f6
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPath.cs
@@ -0,0 +1,460 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.OpenSsl;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/**
+	 * An immutable sequence of certificates (a certification path).<br />
+	 * <br />
+	 * This is an abstract class that defines the methods common to all CertPaths.
+	 * Subclasses can handle different kinds of certificates (X.509, PGP, etc.).<br />
+	 * <br />
+	 * All CertPath objects have a type, a list of Certificates, and one or more
+	 * supported encodings. Because the CertPath class is immutable, a CertPath
+	 * cannot change in any externally visible way after being constructed. This
+	 * stipulation applies to all public fields and methods of this class and any
+	 * added or overridden by subclasses.<br />
+	 * <br />
+	 * The type is a string that identifies the type of Certificates in the
+	 * certification path. For each certificate cert in a certification path
+	 * certPath, cert.getType().equals(certPath.getType()) must be true.<br />
+	 * <br />
+	 * The list of Certificates is an ordered List of zero or more Certificates.
+	 * This List and all of the Certificates contained in it must be immutable.<br />
+	 * <br />
+	 * Each CertPath object must support one or more encodings so that the object
+	 * can be translated into a byte array for storage or transmission to other
+	 * parties. Preferably, these encodings should be well-documented standards
+	 * (such as PKCS#7). One of the encodings supported by a CertPath is considered
+	 * the default encoding. This encoding is used if no encoding is explicitly
+	 * requested (for the {@link #getEncoded()} method, for instance).<br />
+	 * <br />
+	 * All CertPath objects are also Serializable. CertPath objects are resolved
+	 * into an alternate {@link CertPathRep} object during serialization. This
+	 * allows a CertPath object to be serialized into an equivalent representation
+	 * regardless of its underlying implementation.<br />
+	 * <br />
+	 * CertPath objects can be created with a CertificateFactory or they can be
+	 * returned by other classes, such as a CertPathBuilder.<br />
+	 * <br />
+	 * By convention, X.509 CertPaths (consisting of X509Certificates), are ordered
+	 * starting with the target certificate and ending with a certificate issued by
+	 * the trust anchor. That is, the issuer of one certificate is the subject of
+	 * the following one. The certificate representing the
+	 * {@link TrustAnchor TrustAnchor} should not be included in the certification
+	 * path. Unvalidated X.509 CertPaths may not follow these conventions. PKIX
+	 * CertPathValidators will detect any departure from these conventions that
+	 * cause the certification path to be invalid and throw a
+	 * CertPathValidatorException.<br />
+	 * <br />
+	 * <strong>Concurrent Access</strong><br />
+	 * <br />
+	 * All CertPath objects must be thread-safe. That is, multiple threads may
+	 * concurrently invoke the methods defined in this class on a single CertPath
+	 * object (or more than one) with no ill effects. This is also true for the List
+	 * returned by CertPath.getCertificates.<br />
+	 * <br />
+	 * Requiring CertPath objects to be immutable and thread-safe allows them to be
+	 * passed around to various pieces of code without worrying about coordinating
+	 * access. Providing this thread-safety is generally not difficult, since the
+	 * CertPath and List objects in question are immutable.
+	 *
+	 * @see CertificateFactory
+	 * @see CertPathBuilder
+	 */
+	/// <summary>
+	/// CertPath implementation for X.509 certificates.
+	/// </summary>
+	public class PkixCertPath
+//		: CertPath
+	{
+		internal static readonly IList certPathEncodings;
+
+        static PkixCertPath()
+        {
+            IList encodings = Platform.CreateArrayList();
+            encodings.Add("PkiPath");
+            encodings.Add("PEM");
+            encodings.Add("PKCS7");
+            certPathEncodings = CollectionUtilities.ReadOnly(encodings);
+        }
+
+        private readonly IList certificates;
+
+		/**
+		 * @param certs
+		 */
+		private static IList SortCerts(
+			IList certs)
+		{
+			if (certs.Count < 2)
+				return certs;
+
+			X509Name issuer = ((X509Certificate)certs[0]).IssuerDN;
+			bool okay = true;
+
+			for (int i = 1; i != certs.Count; i++)
+			{
+				X509Certificate cert = (X509Certificate)certs[i];
+
+				if (issuer.Equivalent(cert.SubjectDN, true))
+				{
+					issuer = ((X509Certificate)certs[i]).IssuerDN;
+				}
+				else
+				{
+					okay = false;
+					break;
+				}
+			}
+
+			if (okay)
+				return certs;
+
+			// find end-entity cert
+            IList retList = Platform.CreateArrayList(certs.Count);
+            IList orig = Platform.CreateArrayList(certs);
+
+			for (int i = 0; i < certs.Count; i++)
+			{
+				X509Certificate cert = (X509Certificate)certs[i];
+				bool           found = false;
+
+				X509Name subject = cert.SubjectDN;
+				foreach (X509Certificate c in certs)
+				{
+					if (c.IssuerDN.Equivalent(subject, true))
+					{
+						found = true;
+						break;
+					}
+				}
+
+				if (!found)
+				{
+					retList.Add(cert);
+					certs.RemoveAt(i);
+				}
+			}
+
+			// can only have one end entity cert - something's wrong, give up.
+			if (retList.Count > 1)
+				return orig;
+
+			for (int i = 0; i != retList.Count; i++)
+			{
+				issuer = ((X509Certificate)retList[i]).IssuerDN;
+
+				for (int j = 0; j < certs.Count; j++)
+				{
+					X509Certificate c = (X509Certificate)certs[j];
+					if (issuer.Equivalent(c.SubjectDN, true))
+					{
+						retList.Add(c);
+						certs.RemoveAt(j);
+						break;
+					}
+				}
+			}
+
+			// make sure all certificates are accounted for.
+			if (certs.Count > 0)
+				return orig;
+
+			return retList;
+		}
+
+		/**
+		 * Creates a CertPath of the specified type.
+		 * This constructor is protected because most users should use
+		 * a CertificateFactory to create CertPaths.
+		 * @param type the standard name of the type of Certificatesin this path
+		 **/
+		public PkixCertPath(
+			ICollection certificates)
+//			: base("X.509")
+		{
+			this.certificates = SortCerts(Platform.CreateArrayList(certificates));
+		}
+
+		public PkixCertPath(
+			Stream inStream)
+			: this(inStream, "PkiPath")
+		{
+		}
+
+		/**
+		 * Creates a CertPath of the specified type.
+		 * This constructor is protected because most users should use
+		 * a CertificateFactory to create CertPaths.
+		 *
+		 * @param type the standard name of the type of Certificatesin this path
+		 **/
+		public PkixCertPath(
+			Stream	inStream,
+			string	encoding)
+//			: base("X.509")
+		{
+            string upper = Platform.ToUpperInvariant(encoding);
+
+            IList certs;
+			try
+			{
+				if (upper.Equals(Platform.ToUpperInvariant("PkiPath")))
+				{
+					Asn1InputStream derInStream = new Asn1InputStream(inStream);
+					Asn1Object derObject = derInStream.ReadObject();
+					if (!(derObject is Asn1Sequence))
+					{
+						throw new CertificateException(
+							"input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath");
+					}
+
+                    certs = Platform.CreateArrayList();
+
+                    foreach (Asn1Encodable ae in (Asn1Sequence)derObject)
+                    {
+                        byte[] derBytes = ae.GetEncoded(Asn1Encodable.Der);
+                        Stream certInStream = new MemoryStream(derBytes, false);
+
+                        // TODO Is inserting at the front important (list will be sorted later anyway)?
+                        certs.Insert(0, new X509CertificateParser().ReadCertificate(certInStream));
+					}
+				}
+                else if (upper.Equals("PKCS7") || upper.Equals("PEM"))
+				{
+                    certs = Platform.CreateArrayList(new X509CertificateParser().ReadCertificates(inStream));
+				}
+				else
+				{
+					throw new CertificateException("unsupported encoding: " + encoding);
+				}
+			}
+			catch (IOException ex)
+			{
+				throw new CertificateException(
+					"IOException throw while decoding CertPath:\n"
+					+ ex.ToString());
+			}
+
+			this.certificates = SortCerts(certs);
+		}
+
+		/**
+		 * Returns an iteration of the encodings supported by this
+		 * certification path, with the default encoding
+		 * first. Attempts to modify the returned Iterator via its
+		 * remove method result in an UnsupportedOperationException.
+		 *
+		 * @return an Iterator over the names of the supported encodings (as Strings)
+		 **/
+		public virtual IEnumerable Encodings
+		{
+            get { return new EnumerableProxy(certPathEncodings); }
+		}
+
+		/**
+		* Compares this certification path for equality with the specified object.
+		* Two CertPaths are equal if and only if their types are equal and their
+		* certificate Lists (and by implication the Certificates in those Lists)
+		* are equal. A CertPath is never equal to an object that is not a CertPath.<br />
+		* <br />
+		* This algorithm is implemented by this method. If it is overridden, the
+		* behavior specified here must be maintained.
+		*
+		* @param other
+		*            the object to test for equality with this certification path
+		*
+		* @return true if the specified object is equal to this certification path,
+		*         false otherwise
+		*
+		* @see Object#hashCode() Object.hashCode()
+		*/
+		public override bool Equals(
+			object obj)
+		{
+			if (this == obj)
+				return true;
+
+			PkixCertPath other = obj as PkixCertPath;
+			if (other == null)
+				return false;
+
+//			if (!this.Type.Equals(other.Type))
+//				return false;
+
+			//return this.Certificates.Equals(other.Certificates);
+
+			// TODO Extract this to a utility class
+			IList thisCerts = this.Certificates;
+			IList otherCerts = other.Certificates;
+
+			if (thisCerts.Count != otherCerts.Count)
+				return false;
+
+			IEnumerator e1 = thisCerts.GetEnumerator();
+			IEnumerator e2 = thisCerts.GetEnumerator();
+
+			while (e1.MoveNext())
+			{
+				e2.MoveNext();
+
+				if (!Platform.Equals(e1.Current, e2.Current))
+					return false;
+			}
+
+			return true;
+		}
+
+		public override int GetHashCode()
+		{
+			// FIXME?
+			return this.Certificates.GetHashCode();
+		}
+
+		/**
+		 * Returns the encoded form of this certification path, using
+		 * the default encoding.
+		 *
+		 * @return the encoded bytes
+		 * @exception CertificateEncodingException if an encoding error occurs
+		 **/
+		public virtual byte[] GetEncoded()
+		{
+			foreach (object enc in Encodings)
+			{
+				if (enc is string)
+				{
+					return GetEncoded((string)enc);
+				}
+			}
+			return null;
+		}
+
+		/**
+		 * Returns the encoded form of this certification path, using
+		 * the specified encoding.
+		 *
+		 * @param encoding the name of the encoding to use
+		 * @return the encoded bytes
+		 * @exception CertificateEncodingException if an encoding error
+		 * occurs or the encoding requested is not supported
+		 *
+		 */
+		public virtual byte[] GetEncoded(
+			string encoding)
+		{
+			if (Platform.EqualsIgnoreCase(encoding, "PkiPath"))
+			{
+				Asn1EncodableVector v = new Asn1EncodableVector();
+
+				for (int i = certificates.Count - 1; i >= 0; i--)
+				{
+					v.Add(ToAsn1Object((X509Certificate) certificates[i]));
+				}
+
+				return ToDerEncoded(new DerSequence(v));
+			}
+            else if (Platform.EqualsIgnoreCase(encoding, "PKCS7"))
+			{
+				Asn1.Pkcs.ContentInfo encInfo = new Asn1.Pkcs.ContentInfo(
+					PkcsObjectIdentifiers.Data, null);
+
+				Asn1EncodableVector v = new Asn1EncodableVector();
+				for (int i = 0; i != certificates.Count; i++)
+				{
+					v.Add(ToAsn1Object((X509Certificate)certificates[i]));
+				}
+
+				Asn1.Pkcs.SignedData sd = new Asn1.Pkcs.SignedData(
+					new DerInteger(1),
+					new DerSet(),
+					encInfo,
+					new DerSet(v),
+					null,
+					new DerSet());
+
+				return ToDerEncoded(new Asn1.Pkcs.ContentInfo(PkcsObjectIdentifiers.SignedData, sd));
+			}
+            else if (Platform.EqualsIgnoreCase(encoding, "PEM"))
+			{
+				MemoryStream bOut = new MemoryStream();
+				PemWriter pWrt = new PemWriter(new StreamWriter(bOut));
+
+				try
+				{
+					for (int i = 0; i != certificates.Count; i++)
+					{
+						pWrt.WriteObject(certificates[i]);
+					}
+
+                    Platform.Dispose(pWrt.Writer);
+				}
+				catch (Exception)
+				{
+					throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
+				}
+
+				return bOut.ToArray();
+			}
+			else
+			{
+				throw new CertificateEncodingException("unsupported encoding: " + encoding);
+			}
+		}
+
+		/// <summary>
+		/// Returns the list of certificates in this certification
+		/// path.
+		/// </summary>
+		public virtual IList Certificates
+		{
+            get { return CollectionUtilities.ReadOnly(certificates); }
+		}
+
+		/**
+		 * Return a DERObject containing the encoded certificate.
+		 *
+		 * @param cert the X509Certificate object to be encoded
+		 *
+		 * @return the DERObject
+		 **/
+		private Asn1Object ToAsn1Object(
+			X509Certificate cert)
+		{
+			try
+			{
+				return Asn1Object.FromByteArray(cert.GetEncoded());
+			}
+			catch (Exception e)
+			{
+				throw new CertificateEncodingException("Exception while encoding certificate", e);
+			}
+		}
+
+		private byte[] ToDerEncoded(Asn1Encodable obj)
+		{
+			try
+			{
+				return obj.GetEncoded(Asn1Encodable.Der);
+			}
+			catch (IOException e)
+			{
+				throw new CertificateEncodingException("Exception thrown", e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathBuilder.cs b/bc-sharp-crypto/src/pkix/PkixCertPathBuilder.cs
new file mode 100644
index 0000000..fa38a5e
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathBuilder.cs
@@ -0,0 +1,205 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using Org.BouncyCastle.Asn1.IsisMtt;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X500;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/**
+	* Implements the PKIX CertPathBuilding algorithm for BouncyCastle.
+	*
+	* @see CertPathBuilderSpi
+	*/
+	public class PkixCertPathBuilder
+		//		: CertPathBuilderSpi
+	{
+		/**
+		 * Build and validate a CertPath using the given parameter.
+		 *
+		 * @param params PKIXBuilderParameters object containing all information to
+		 *            build the CertPath
+		 */
+		public virtual PkixCertPathBuilderResult Build(
+			PkixBuilderParameters pkixParams)
+		{
+			// search target certificates
+
+			IX509Selector certSelect = pkixParams.GetTargetCertConstraints();
+			if (!(certSelect is X509CertStoreSelector))
+			{
+				throw new PkixCertPathBuilderException(
+					"TargetConstraints must be an instance of "
+					+ typeof(X509CertStoreSelector).FullName + " for "
+					+ Platform.GetTypeName(this) + " class.");
+			}
+
+			ISet targets = new HashSet();
+			try
+			{
+				targets.AddAll(PkixCertPathValidatorUtilities.FindCertificates((X509CertStoreSelector)certSelect, pkixParams.GetStores()));
+				// TODO Should this include an entry for pkixParams.GetAdditionalStores() too?
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathBuilderException(
+					"Error finding target certificate.", e);
+			}
+
+			if (targets.IsEmpty)
+				throw new PkixCertPathBuilderException("No certificate found matching targetContraints.");
+
+			PkixCertPathBuilderResult result = null;
+			IList certPathList = Platform.CreateArrayList();
+
+			// check all potential target certificates
+			foreach (X509Certificate cert in targets)
+			{
+				result = Build(cert, pkixParams, certPathList);
+
+				if (result != null)
+					break;
+			}
+
+			if (result == null && certPathException != null)
+			{
+				throw new PkixCertPathBuilderException(certPathException.Message, certPathException.InnerException);
+			}
+
+			if (result == null && certPathException == null)
+			{
+				throw new PkixCertPathBuilderException("Unable to find certificate chain.");
+			}
+
+			return result;
+		}
+
+		private Exception certPathException;
+
+		protected virtual PkixCertPathBuilderResult Build(
+			X509Certificate			tbvCert,
+			PkixBuilderParameters	pkixParams,
+			IList					tbvPath)
+		{
+			// If tbvCert is readily present in tbvPath, it indicates having run
+			// into a cycle in the PKI graph.
+			if (tbvPath.Contains(tbvCert))
+				return null;
+
+			// step out, the certificate is not allowed to appear in a certification
+			// chain.
+			if (pkixParams.GetExcludedCerts().Contains(tbvCert))
+				return null;
+
+			// test if certificate path exceeds maximum length
+			if (pkixParams.MaxPathLength != -1)
+			{
+				if (tbvPath.Count - 1 > pkixParams.MaxPathLength)
+					return null;
+			}
+
+			tbvPath.Add(tbvCert);
+
+//			X509CertificateParser certParser = new X509CertificateParser();
+			PkixCertPathBuilderResult builderResult = null;
+			PkixCertPathValidator validator = new PkixCertPathValidator();
+
+			try
+			{
+				// check whether the issuer of <tbvCert> is a TrustAnchor
+				if (PkixCertPathValidatorUtilities.FindTrustAnchor(tbvCert, pkixParams.GetTrustAnchors()) != null)
+				{
+					// exception message from possibly later tried certification
+					// chains
+					PkixCertPath certPath = null;
+					try
+					{
+						certPath = new PkixCertPath(tbvPath);
+					}
+					catch (Exception e)
+					{
+						throw new Exception(
+							"Certification path could not be constructed from certificate list.",
+							e);
+					}
+
+					PkixCertPathValidatorResult result = null;
+					try
+					{
+						result = (PkixCertPathValidatorResult)validator.Validate(
+							certPath, pkixParams);
+					}
+					catch (Exception e)
+					{
+						throw new Exception(
+							"Certification path could not be validated.", e);
+					}
+
+					return new PkixCertPathBuilderResult(certPath, result.TrustAnchor,
+						result.PolicyTree, result.SubjectPublicKey);
+				}
+				else
+				{
+					// add additional X.509 stores from locations in certificate
+					try
+					{
+						PkixCertPathValidatorUtilities.AddAdditionalStoresFromAltNames(
+							tbvCert, pkixParams);
+					}
+					catch (CertificateParsingException e)
+					{
+						throw new Exception(
+							"No additiontal X.509 stores can be added from certificate locations.",
+							e);
+					}
+
+					// try to get the issuer certificate from one of the stores
+					HashSet issuers = new HashSet();
+					try
+					{
+						issuers.AddAll(PkixCertPathValidatorUtilities.FindIssuerCerts(tbvCert, pkixParams));
+					}
+					catch (Exception e)
+					{
+						throw new Exception(
+							"Cannot find issuer certificate for certificate in certification path.",
+							e);
+					}
+
+					if (issuers.IsEmpty)
+						throw new Exception("No issuer certificate for certificate in certification path found.");
+
+					foreach (X509Certificate issuer in issuers)
+					{
+						builderResult = Build(issuer, pkixParams, tbvPath);
+
+						if (builderResult != null)
+							break;
+					}
+				}
+			}
+			catch (Exception e)
+			{
+				certPathException = e;
+			}
+
+			if (builderResult == null)
+			{
+				tbvPath.Remove(tbvCert);
+			}
+
+			return builderResult;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathBuilderException.cs b/bc-sharp-crypto/src/pkix/PkixCertPathBuilderException.cs
new file mode 100644
index 0000000..0f10179
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathBuilderException.cs
@@ -0,0 +1,22 @@
+using System;
+
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixCertPathBuilderException.
+	/// </summary>
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PkixCertPathBuilderException : GeneralSecurityException
+	{
+		public PkixCertPathBuilderException() : base() { }
+		
+		public PkixCertPathBuilderException(string message) : base(message)	{ }  
+
+		public PkixCertPathBuilderException(string message, Exception exception) : base(message, exception) { }
+		
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathBuilderResult.cs b/bc-sharp-crypto/src/pkix/PkixCertPathBuilderResult.cs
new file mode 100644
index 0000000..f800303
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathBuilderResult.cs
@@ -0,0 +1,45 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Pkix;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixCertPathBuilderResult.
+	/// </summary>
+	public class PkixCertPathBuilderResult
+		: PkixCertPathValidatorResult//, ICertPathBuilderResult
+	{
+		private PkixCertPath certPath;
+		
+		public PkixCertPathBuilderResult(
+			PkixCertPath			certPath,
+			TrustAnchor				trustAnchor,
+			PkixPolicyNode			policyTree,
+			AsymmetricKeyParameter	subjectPublicKey)
+			: base(trustAnchor, policyTree, subjectPublicKey)
+		{			
+			if (certPath == null)
+				throw new ArgumentNullException("certPath");
+
+			this.certPath = certPath;
+		}
+
+		public PkixCertPath CertPath
+		{
+            get { return certPath; }
+		}
+
+		public override string ToString()
+		{
+			StringBuilder s = new StringBuilder();
+			s.Append("SimplePKIXCertPathBuilderResult: [\n");
+			s.Append("  Certification Path: ").Append(CertPath).Append('\n');
+			s.Append("  Trust Anchor: ").Append(this.TrustAnchor.TrustedCert.IssuerDN.ToString()).Append('\n');
+			s.Append("  Subject Public Key: ").Append(this.SubjectPublicKey).Append("\n]");
+			return s.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathChecker.cs b/bc-sharp-crypto/src/pkix/PkixCertPathChecker.cs
new file mode 100644
index 0000000..da7e82b
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathChecker.cs
@@ -0,0 +1,99 @@
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkix
+{
+    public abstract class PkixCertPathChecker
+    {
+        protected PkixCertPathChecker()
+        {
+        }
+
+        /**
+         * Initializes the internal state of this <code>PKIXCertPathChecker</code>.
+         * <p>
+         * The <code>forward</code> flag specifies the order that certificates
+         * will be passed to the {@link #check check} method (forward or reverse). A
+         * <code>PKIXCertPathChecker</code> <b>must</b> support reverse checking
+         * and <b>may</b> support forward checking.
+		 * </p>
+         * 
+         * @param forward
+         *            the order that certificates are presented to the
+         *            <code>check</code> method. If <code>true</code>,
+         *            certificates are presented from target to most-trusted CA
+         *            (forward); if <code>false</code>, from most-trusted CA to
+         *            target (reverse).
+         * @exception CertPathValidatorException
+         *                if this <code>PKIXCertPathChecker</code> is unable to
+         *                check certificates in the specified order; it should never
+         *                be thrown if the forward flag is false since reverse
+         *                checking must be supported
+         */
+        public abstract void Init(bool forward);
+        //throws CertPathValidatorException;
+
+        /**
+         * Indicates if forward checking is supported. Forward checking refers to
+         * the ability of the <code>PKIXCertPathChecker</code> to perform its
+         * checks when certificates are presented to the <code>check</code> method
+         * in the forward direction (from target to most-trusted CA).
+         * 
+         * @return <code>true</code> if forward checking is supported,
+         *         <code>false</code> otherwise
+         */
+        public abstract bool IsForwardCheckingSupported();
+
+        /**
+         * Returns an immutable <code>Set</code> of X.509 certificate extensions
+         * that this <code>PKIXCertPathChecker</code> supports (i.e. recognizes,
+         * is able to process), or <code>null</code> if no extensions are
+         * supported.
+         * <p>
+         * Each element of the set is a <code>String</code> representing the
+         * Object Identifier (OID) of the X.509 extension that is supported. The OID
+         * is represented by a set of nonnegative integers separated by periods.
+         * </p><p>
+         * All X.509 certificate extensions that a <code>PKIXCertPathChecker</code>
+         * might possibly be able to process should be included in the set.
+		 * </p>
+         * 
+         * @return an immutable <code>Set</code> of X.509 extension OIDs (in
+         *         <code>String</code> format) supported by this
+         *         <code>PKIXCertPathChecker</code>, or <code>null</code> if no
+         *         extensions are supported
+         */
+        public abstract ISet GetSupportedExtensions();
+
+        /**
+         * Performs the check(s) on the specified certificate using its internal
+         * state and removes any critical extensions that it processes from the
+         * specified collection of OID strings that represent the unresolved
+         * critical extensions. The certificates are presented in the order
+         * specified by the <code>init</code> method.
+         * 
+         * @param cert
+         *            the <code>Certificate</code> to be checked
+         * @param unresolvedCritExts
+         *            a <code>Collection</code> of OID strings representing the
+         *            current set of unresolved critical extensions
+         * @exception CertPathValidatorException
+         *                if the specified certificate does not pass the check
+         */
+        public abstract void Check(X509Certificate cert, ISet unresolvedCritExts);
+        //throws CertPathValidatorException;
+
+        /**
+         * Returns a clone of this object. Calls the <code>Object.clone()</code>
+         * method. All subclasses which maintain state must support and override
+         * this method, if necessary.
+         * 
+         * @return a copy of this <code>PKIXCertPathChecker</code>
+         */
+        public virtual object Clone()
+        {
+			// TODO Check this
+			return base.MemberwiseClone();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathValidator.cs b/bc-sharp-crypto/src/pkix/PkixCertPathValidator.cs
new file mode 100644
index 0000000..fcfa638
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathValidator.cs
@@ -0,0 +1,420 @@
+using System;
+using System.Collections;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/**
+	 * The <i>Service Provider Interface</i> (<b>SPI</b>)
+	 * for the {@link CertPathValidator CertPathValidator} class. All
+	 * <code>CertPathValidator</code> implementations must include a class (the
+	 * SPI class) that extends this class (<code>CertPathValidatorSpi</code>)
+	 * and implements all of its methods. In general, instances of this class
+	 * should only be accessed through the <code>CertPathValidator</code> class.
+	 * For details, see the Java Cryptography Architecture.<br />
+	 * <br />
+	 * <b>Concurrent Access</b><br />
+	 * <br />
+	 * Instances of this class need not be protected against concurrent
+	 * access from multiple threads. Threads that need to access a single
+	 * <code>CertPathValidatorSpi</code> instance concurrently should synchronize
+	 * amongst themselves and provide the necessary locking before calling the
+	 * wrapping <code>CertPathValidator</code> object.<br />
+	 * <br />
+	 * However, implementations of <code>CertPathValidatorSpi</code> may still
+	 * encounter concurrency issues, since multiple threads each
+	 * manipulating a different <code>CertPathValidatorSpi</code> instance need not
+	 * synchronize.
+	 */
+	/// <summary>
+    /// CertPathValidatorSpi implementation for X.509 Certificate validation a la RFC
+    /// 3280.
+    /// </summary>
+    public class PkixCertPathValidator
+    {
+        public virtual PkixCertPathValidatorResult Validate(
+			PkixCertPath	certPath,
+			PkixParameters	paramsPkix)
+        {
+			if (paramsPkix.GetTrustAnchors() == null)
+            {
+                throw new ArgumentException(
+					"trustAnchors is null, this is not allowed for certification path validation.",
+					"parameters");
+            }
+
+            //
+            // 6.1.1 - inputs
+            //
+
+            //
+            // (a)
+            //
+            IList certs = certPath.Certificates;
+            int n = certs.Count;
+
+            if (certs.Count == 0)
+                throw new PkixCertPathValidatorException("Certification path is empty.", null, certPath, 0);
+
+			//
+            // (b)
+            //
+            // DateTime validDate = PkixCertPathValidatorUtilities.GetValidDate(paramsPkix);
+
+            //
+            // (c)
+            //
+            ISet userInitialPolicySet = paramsPkix.GetInitialPolicies();
+
+            //
+            // (d)
+            //
+            TrustAnchor trust;
+            try
+            {
+                trust = PkixCertPathValidatorUtilities.FindTrustAnchor(
+					(X509Certificate)certs[certs.Count - 1],
+					paramsPkix.GetTrustAnchors());
+            }
+            catch (Exception e)
+            {
+                throw new PkixCertPathValidatorException(e.Message, e, certPath, certs.Count - 1);
+            }
+
+            if (trust == null)
+                throw new PkixCertPathValidatorException("Trust anchor for certification path not found.", null, certPath, -1);
+
+			//
+            // (e), (f), (g) are part of the paramsPkix object.
+            //
+            IEnumerator certIter;
+            int index = 0;
+            int i;
+            // Certificate for each interation of the validation loop
+            // Signature information for each iteration of the validation loop
+            //
+            // 6.1.2 - setup
+            //
+
+            //
+            // (a)
+            //
+            IList[] policyNodes = new IList[n + 1];
+            for (int j = 0; j < policyNodes.Length; j++)
+            {
+                policyNodes[j] = Platform.CreateArrayList();
+            }
+
+            ISet policySet = new HashSet();
+
+            policySet.Add(Rfc3280CertPathUtilities.ANY_POLICY);
+
+            PkixPolicyNode validPolicyTree = new PkixPolicyNode(Platform.CreateArrayList(), 0, policySet, null, new HashSet(),
+                    Rfc3280CertPathUtilities.ANY_POLICY, false);
+
+            policyNodes[0].Add(validPolicyTree);
+
+            //
+            // (b) and (c)
+            //
+            PkixNameConstraintValidator nameConstraintValidator = new PkixNameConstraintValidator();
+
+            // (d)
+            //
+            int explicitPolicy;
+            ISet acceptablePolicies = new HashSet();
+
+            if (paramsPkix.IsExplicitPolicyRequired)
+            {
+                explicitPolicy = 0;
+            }
+            else
+            {
+                explicitPolicy = n + 1;
+            }
+
+            //
+            // (e)
+            //
+            int inhibitAnyPolicy;
+
+            if (paramsPkix.IsAnyPolicyInhibited)
+            {
+                inhibitAnyPolicy = 0;
+            }
+            else
+            {
+                inhibitAnyPolicy = n + 1;
+            }
+
+            //
+            // (f)
+            //
+            int policyMapping;
+
+            if (paramsPkix.IsPolicyMappingInhibited)
+            {
+                policyMapping = 0;
+            }
+            else
+            {
+                policyMapping = n + 1;
+            }
+
+            //
+            // (g), (h), (i), (j)
+            //
+            AsymmetricKeyParameter workingPublicKey;
+            X509Name workingIssuerName;
+
+            X509Certificate sign = trust.TrustedCert;
+            try
+            {
+                if (sign != null)
+                {
+                    workingIssuerName = sign.SubjectDN;
+                    workingPublicKey = sign.GetPublicKey();
+                }
+                else
+                {
+                    workingIssuerName = new X509Name(trust.CAName);
+                    workingPublicKey = trust.CAPublicKey;
+                }
+            }
+            catch (ArgumentException ex)
+            {
+                throw new PkixCertPathValidatorException("Subject of trust anchor could not be (re)encoded.", ex, certPath,
+                        -1);
+            }
+
+            AlgorithmIdentifier workingAlgId = null;
+            try
+            {
+                workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey);
+            }
+            catch (PkixCertPathValidatorException e)
+            {
+                throw new PkixCertPathValidatorException(
+                        "Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1);
+            }
+
+//			DerObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.Algorithm;
+//			Asn1Encodable workingPublicKeyParameters = workingAlgId.Parameters;
+
+            //
+            // (k)
+            //
+            int maxPathLength = n;
+
+            //
+            // 6.1.3
+            //
+
+			X509CertStoreSelector certConstraints = paramsPkix.GetTargetCertConstraints();
+            if (certConstraints != null && !certConstraints.Match((X509Certificate)certs[0]))
+            {
+                throw new PkixCertPathValidatorException(
+					"Target certificate in certification path does not match targetConstraints.", null, certPath, 0);
+            }
+
+            //
+            // initialize CertPathChecker's
+            //
+            IList pathCheckers = paramsPkix.GetCertPathCheckers();
+            certIter = pathCheckers.GetEnumerator();
+
+            while (certIter.MoveNext())
+            {
+                ((PkixCertPathChecker)certIter.Current).Init(false);
+            }
+
+            X509Certificate cert = null;
+
+            for (index = certs.Count - 1; index >= 0; index--)
+            {
+                // try
+                // {
+                //
+                // i as defined in the algorithm description
+                //
+                i = n - index;
+
+                //
+                // set certificate to be checked in this round
+                // sign and workingPublicKey and workingIssuerName are set
+                // at the end of the for loop and initialized the
+                // first time from the TrustAnchor
+                //
+                cert = (X509Certificate)certs[index];
+
+                //
+                // 6.1.3
+                //
+
+                Rfc3280CertPathUtilities.ProcessCertA(certPath, paramsPkix, index, workingPublicKey,
+					workingIssuerName, sign);
+
+                Rfc3280CertPathUtilities.ProcessCertBC(certPath, index, nameConstraintValidator);
+
+                validPolicyTree = Rfc3280CertPathUtilities.ProcessCertD(certPath, index,
+					acceptablePolicies, validPolicyTree, policyNodes, inhibitAnyPolicy);
+
+                validPolicyTree = Rfc3280CertPathUtilities.ProcessCertE(certPath, index, validPolicyTree);
+
+                Rfc3280CertPathUtilities.ProcessCertF(certPath, index, validPolicyTree, explicitPolicy);
+
+                //
+                // 6.1.4
+                //
+
+                if (i != n)
+                {
+                    if (cert != null && cert.Version == 1)
+                    {
+                        throw new PkixCertPathValidatorException(
+							"Version 1 certificates can't be used as CA ones.", null, certPath, index);
+                    }
+
+                    Rfc3280CertPathUtilities.PrepareNextCertA(certPath, index);
+
+                    validPolicyTree = Rfc3280CertPathUtilities.PrepareCertB(certPath, index, policyNodes,
+						validPolicyTree, policyMapping);
+
+                    Rfc3280CertPathUtilities.PrepareNextCertG(certPath, index, nameConstraintValidator);
+
+                    // (h)
+                    explicitPolicy = Rfc3280CertPathUtilities.PrepareNextCertH1(certPath, index, explicitPolicy);
+                    policyMapping = Rfc3280CertPathUtilities.PrepareNextCertH2(certPath, index, policyMapping);
+                    inhibitAnyPolicy = Rfc3280CertPathUtilities.PrepareNextCertH3(certPath, index, inhibitAnyPolicy);
+
+                    //
+                    // (i)
+                    //
+                    explicitPolicy = Rfc3280CertPathUtilities.PrepareNextCertI1(certPath, index, explicitPolicy);
+                    policyMapping = Rfc3280CertPathUtilities.PrepareNextCertI2(certPath, index, policyMapping);
+
+                    // (j)
+                    inhibitAnyPolicy = Rfc3280CertPathUtilities.PrepareNextCertJ(certPath, index, inhibitAnyPolicy);
+
+                    // (k)
+                    Rfc3280CertPathUtilities.PrepareNextCertK(certPath, index);
+
+                    // (l)
+                    maxPathLength = Rfc3280CertPathUtilities.PrepareNextCertL(certPath, index, maxPathLength);
+
+                    // (m)
+                    maxPathLength = Rfc3280CertPathUtilities.PrepareNextCertM(certPath, index, maxPathLength);
+
+                    // (n)
+                    Rfc3280CertPathUtilities.PrepareNextCertN(certPath, index);
+
+					ISet criticalExtensions1 = cert.GetCriticalExtensionOids();
+
+					if (criticalExtensions1 != null)
+					{
+						criticalExtensions1 = new HashSet(criticalExtensions1);
+
+						// these extensions are handled by the algorithm
+						criticalExtensions1.Remove(X509Extensions.KeyUsage.Id);
+						criticalExtensions1.Remove(X509Extensions.CertificatePolicies.Id);
+						criticalExtensions1.Remove(X509Extensions.PolicyMappings.Id);
+						criticalExtensions1.Remove(X509Extensions.InhibitAnyPolicy.Id);
+						criticalExtensions1.Remove(X509Extensions.IssuingDistributionPoint.Id);
+						criticalExtensions1.Remove(X509Extensions.DeltaCrlIndicator.Id);
+						criticalExtensions1.Remove(X509Extensions.PolicyConstraints.Id);
+						criticalExtensions1.Remove(X509Extensions.BasicConstraints.Id);
+						criticalExtensions1.Remove(X509Extensions.SubjectAlternativeName.Id);
+						criticalExtensions1.Remove(X509Extensions.NameConstraints.Id);
+					}
+					else
+					{
+						criticalExtensions1 = new HashSet();
+					}
+
+					// (o)
+					Rfc3280CertPathUtilities.PrepareNextCertO(certPath, index, criticalExtensions1, pathCheckers);
+
+					// set signing certificate for next round
+                    sign = cert;
+
+                    // (c)
+                    workingIssuerName = sign.SubjectDN;
+
+                    // (d)
+                    try
+                    {
+                        workingPublicKey = PkixCertPathValidatorUtilities.GetNextWorkingKey(certPath.Certificates, index);
+                    }
+                    catch (PkixCertPathValidatorException e)
+                    {
+                        throw new PkixCertPathValidatorException("Next working key could not be retrieved.", e, certPath, index);
+                    }
+
+                    workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey);
+                    // (f)
+//                    workingPublicKeyAlgorithm = workingAlgId.Algorithm;
+                    // (e)
+//                    workingPublicKeyParameters = workingAlgId.Parameters;
+                }
+            }
+
+            //
+            // 6.1.5 Wrap-up procedure
+            //
+
+            explicitPolicy = Rfc3280CertPathUtilities.WrapupCertA(explicitPolicy, cert);
+
+            explicitPolicy = Rfc3280CertPathUtilities.WrapupCertB(certPath, index + 1, explicitPolicy);
+
+            //
+            // (c) (d) and (e) are already done
+            //
+
+            //
+            // (f)
+            //
+            ISet criticalExtensions = cert.GetCriticalExtensionOids();
+
+            if (criticalExtensions != null)
+            {
+                criticalExtensions = new HashSet(criticalExtensions);
+
+                // Requires .Id
+                // these extensions are handled by the algorithm
+                criticalExtensions.Remove(X509Extensions.KeyUsage.Id);
+                criticalExtensions.Remove(X509Extensions.CertificatePolicies.Id);
+                criticalExtensions.Remove(X509Extensions.PolicyMappings.Id);
+                criticalExtensions.Remove(X509Extensions.InhibitAnyPolicy.Id);
+                criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id);
+                criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id);
+                criticalExtensions.Remove(X509Extensions.PolicyConstraints.Id);
+                criticalExtensions.Remove(X509Extensions.BasicConstraints.Id);
+                criticalExtensions.Remove(X509Extensions.SubjectAlternativeName.Id);
+                criticalExtensions.Remove(X509Extensions.NameConstraints.Id);
+                criticalExtensions.Remove(X509Extensions.CrlDistributionPoints.Id);
+            }
+            else
+            {
+                criticalExtensions = new HashSet();
+            }
+
+            Rfc3280CertPathUtilities.WrapupCertF(certPath, index + 1, pathCheckers, criticalExtensions);
+
+            PkixPolicyNode intersection = Rfc3280CertPathUtilities.WrapupCertG(certPath, paramsPkix, userInitialPolicySet,
+                    index + 1, policyNodes, validPolicyTree, acceptablePolicies);
+
+            if ((explicitPolicy > 0) || (intersection != null))
+            {
+				return new PkixCertPathValidatorResult(trust, intersection, cert.GetPublicKey());
+			}
+
+			throw new PkixCertPathValidatorException("Path processing failed on policy.", null, certPath, index);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathValidatorException.cs b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorException.cs
new file mode 100644
index 0000000..a477f7d
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorException.cs
@@ -0,0 +1,221 @@
+using System;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/**
+	 * An exception indicating one of a variety of problems encountered when 
+	 * validating a certification path. <br />
+	 * <br />
+	 * A <code>CertPathValidatorException</code> provides support for wrapping
+	 * exceptions. The {@link #getCause getCause} method returns the throwable, 
+	 * if any, that caused this exception to be thrown. <br />
+	 * <br />
+	 * A <code>CertPathValidatorException</code> may also include the 
+	 * certification path that was being validated when the exception was thrown 
+	 * and the index of the certificate in the certification path that caused the 
+	 * exception to be thrown. Use the {@link #getCertPath getCertPath} and
+	 * {@link #getIndex getIndex} methods to retrieve this information.<br />
+	 * <br />
+	 * <b>Concurrent Access</b><br />
+	 * <br />
+	 * Unless otherwise specified, the methods defined in this class are not
+	 * thread-safe. Multiple threads that need to access a single
+	 * object concurrently should synchronize amongst themselves and
+	 * provide the necessary locking. Multiple threads each manipulating
+	 * separate objects need not synchronize.
+	 *
+	 * @see CertPathValidator
+	 **/
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PkixCertPathValidatorException
+        : GeneralSecurityException
+	{
+		private Exception cause;
+		private PkixCertPath certPath;
+		private int index = -1;
+
+		public PkixCertPathValidatorException() : base() { }
+
+		/// <summary>
+		/// Creates a <code>PkixCertPathValidatorException</code> with the given detail
+		/// message. A detail message is a <code>String</code> that describes this
+		/// particular exception. 
+		/// </summary>
+		/// <param name="message">the detail message</param>
+		public PkixCertPathValidatorException(string message) : base(message) { }
+
+		/// <summary>
+		/// Creates a <code>PkixCertPathValidatorException</code> with the specified
+		/// detail message and cause.
+		/// </summary>
+		/// <param name="message">the detail message</param>
+		/// <param name="cause">the cause (which is saved for later retrieval by the
+		/// {@link #getCause getCause()} method). (A <code>null</code>
+		/// value is permitted, and indicates that the cause is
+		/// nonexistent or unknown.)</param>
+		public PkixCertPathValidatorException(string message, Exception cause) : base(message)
+		{
+			this.cause = cause;
+		}
+
+		/// <summary>
+		/// Creates a <code>PkixCertPathValidatorException</code> with the specified
+		/// detail message, cause, certification path, and index.
+		/// </summary>
+		/// <param name="message">the detail message (or <code>null</code> if none)</param>
+		/// <param name="cause">the cause (or <code>null</code> if none)</param>
+		/// <param name="certPath">the certification path that was in the process of being
+		/// validated when the error was encountered</param>
+		/// <param name="index">the index of the certificate in the certification path that</param>																																																																																   * 
+		public PkixCertPathValidatorException(
+			string			message,
+			Exception		cause,
+			PkixCertPath	certPath,
+			int				index)
+			: base(message)
+		{
+			if (certPath == null && index != -1)
+			{
+				throw new ArgumentNullException(
+					"certPath = null and index != -1");
+			}
+			if (index < -1
+				|| (certPath != null && index >= certPath.Certificates.Count))
+			{
+				throw new IndexOutOfRangeException(
+					" index < -1 or out of bound of certPath.getCertificates()");
+			}
+
+			this.cause = cause;
+			this.certPath = certPath;
+			this.index = index;
+		}
+
+		//
+		// Prints a stack trace to a <code>PrintWriter</code>, including the
+		// backtrace of the cause, if any.
+		// 
+		// @param pw
+		//            the <code>PrintWriter</code> to use for output
+		//
+		//		public void printStackTrace(PrintWriter pw)
+		//		{
+		//			super.printStackTrace(pw);
+		//			if (getCause() != null)
+		//			{
+		//				getCause().printStackTrace(pw);
+		//			}
+		//	}
+		//}
+
+
+		//	/**
+		//	 * Creates a <code>CertPathValidatorException</code> that wraps the
+		//	 * specified throwable. This allows any exception to be converted into a
+		//	 * <code>CertPathValidatorException</code>, while retaining information
+		//	 * about the wrapped exception, which may be useful for debugging. The
+		//	 * detail message is set to (<code>cause==null ? null : cause.toString()
+		//	 * </code>)
+		//	 * (which typically contains the class and detail message of cause).
+		//	 * 
+		//	 * @param cause
+		//	 *            the cause (which is saved for later retrieval by the
+		//	 *            {@link #getCause getCause()} method). (A <code>null</code>
+		//	 *            value is permitted, and indicates that the cause is
+		//	 *            nonexistent or unknown.)
+		//	 */
+		//	public PkixCertPathValidatorException(Throwable cause)
+		//	{
+		//		this.cause = cause;
+		//	}
+		//
+
+		/// <summary>
+		/// Returns the detail message for this <code>CertPathValidatorException</code>.
+		/// </summary>
+		/// <returns>the detail message, or <code>null</code> if neither the message nor cause were specified</returns>
+		public override string Message
+		{
+			get
+			{
+				string message = base.Message;
+
+				if (message != null)
+				{
+					return message;
+				}
+
+				if (cause != null)
+				{
+					return cause.Message;
+				}
+
+				return null;
+			}
+		}
+
+	/**
+	 * Returns the certification path that was being validated when the
+	 * exception was thrown.
+	 * 
+	 * @return the <code>CertPath</code> that was being validated when the
+	 *         exception was thrown (or <code>null</code> if not specified)
+	 */
+		public PkixCertPath CertPath
+		{
+			get { return certPath; }
+		}
+
+	/**
+	 * Returns the index of the certificate in the certification path that
+	 * caused the exception to be thrown. Note that the list of certificates in
+	 * a <code>CertPath</code> is zero based. If no index has been set, -1 is
+	 * returned.
+	 * 
+	 * @return the index that has been set, or -1 if none has been set
+	 */
+	public int Index
+	{
+        get { return index; }
+	}
+
+//	/**
+//	 * Returns the cause of this <code>CertPathValidatorException</code> or
+//	 * <code>null</code> if the cause is nonexistent or unknown.
+//	 * 
+//	 * @return the cause of this throwable or <code>null</code> if the cause
+//	 *         is nonexistent or unknown.
+//	 */
+//	public Throwable getCause()
+//	{
+//		return cause;
+//	}
+//
+//	/**
+//	 * Returns a string describing this exception, including a description of
+//	 * the internal (wrapped) cause if there is one.
+//	 * 
+//	 * @return a string representation of this
+//	 *         <code>CertPathValidatorException</code>
+//	 */
+//	public String toString()
+//	{
+//		StringBuffer sb = new StringBuffer();
+//		String s = getMessage();
+//		if (s != null)
+//		{
+//			sb.append(s);
+//		}
+//		if (getIndex() >= 0)
+//		{
+//			sb.append("index in certpath: ").append(getIndex()).append('\n');
+//			sb.append(getCertPath());
+//		}
+//		return sb.toString();
+//	}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathValidatorResult.cs b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorResult.cs
new file mode 100644
index 0000000..c7d81c7
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorResult.cs
@@ -0,0 +1,69 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixCertPathValidatorResult.
+	/// </summary>
+	public class PkixCertPathValidatorResult
+		//: ICertPathValidatorResult
+	{
+		private TrustAnchor trustAnchor;
+		private PkixPolicyNode policyTree;
+		private AsymmetricKeyParameter subjectPublicKey;
+
+		public PkixPolicyNode PolicyTree
+		{
+			get { return this.policyTree; }
+		}
+
+		public TrustAnchor TrustAnchor
+		{
+			get { return this.trustAnchor; }
+		}
+
+		public AsymmetricKeyParameter SubjectPublicKey
+		{
+			get { return this.subjectPublicKey; }
+		}
+
+		public PkixCertPathValidatorResult(
+			TrustAnchor				trustAnchor,
+			PkixPolicyNode			policyTree,
+			AsymmetricKeyParameter	subjectPublicKey)
+		{
+			if (subjectPublicKey == null)
+			{
+				throw new NullReferenceException("subjectPublicKey must be non-null");
+			}
+			if (trustAnchor == null)
+			{
+				throw new NullReferenceException("trustAnchor must be non-null");
+			}
+			
+			this.trustAnchor = trustAnchor;
+			this.policyTree = policyTree;
+			this.subjectPublicKey = subjectPublicKey;
+		}
+
+		public object Clone()
+		{
+			return new PkixCertPathValidatorResult(this.TrustAnchor, this.PolicyTree, this.SubjectPublicKey);
+		}
+
+		public override String ToString() 
+		{
+			StringBuilder sB = new StringBuilder();
+			sB.Append("PKIXCertPathValidatorResult: [ \n");
+			sB.Append("  Trust Anchor: ").Append(this.TrustAnchor).Append('\n');
+			sB.Append("  Policy Tree: ").Append(this.PolicyTree).Append('\n');
+			sB.Append("  Subject Public Key: ").Append(this.SubjectPublicKey).Append("\n]");
+			return sB.ToString();
+		}
+
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorUtilities.cs
new file mode 100644
index 0000000..a2704a7
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCertPathValidatorUtilities.cs
@@ -0,0 +1,1194 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.IsisMtt;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixCertPathValidatorUtilities.
+	/// </summary>
+	public class PkixCertPathValidatorUtilities
+	{
+		private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities();
+
+		internal static readonly string ANY_POLICY = "2.5.29.32.0";
+
+		internal static readonly string CRL_NUMBER = X509Extensions.CrlNumber.Id;
+
+		/// <summary>
+		/// key usage bits
+		/// </summary>
+		internal static readonly int KEY_CERT_SIGN = 5;
+		internal static readonly int CRL_SIGN = 6;
+
+		internal static readonly string[] crlReasons = new string[]
+		{
+			"unspecified",
+			"keyCompromise",
+			"cACompromise",
+			"affiliationChanged",
+			"superseded",
+			"cessationOfOperation",
+			"certificateHold",
+			"unknown",
+			"removeFromCRL",
+			"privilegeWithdrawn",
+			"aACompromise"
+		};
+
+		/// <summary>
+		/// Search the given Set of TrustAnchor's for one that is the
+		/// issuer of the given X509 certificate.
+		/// </summary>
+		/// <param name="cert">the X509 certificate</param>
+		/// <param name="trustAnchors">a Set of TrustAnchor's</param>
+		/// <returns>the <code>TrustAnchor</code> object if found or
+		/// <code>null</code> if not.
+		/// </returns>
+		/// @exception
+		internal static TrustAnchor FindTrustAnchor(
+			X509Certificate	cert,
+			ISet			trustAnchors)
+		{
+			IEnumerator iter = trustAnchors.GetEnumerator();
+			TrustAnchor trust = null;
+			AsymmetricKeyParameter trustPublicKey = null;
+			Exception invalidKeyEx = null;
+
+			X509CertStoreSelector certSelectX509 = new X509CertStoreSelector();
+
+			try
+			{
+				certSelectX509.Subject = GetIssuerPrincipal(cert);
+			}
+			catch (IOException ex)
+			{
+				throw new Exception("Cannot set subject search criteria for trust anchor.", ex);
+			}
+
+			while (iter.MoveNext() && trust == null)
+			{
+				trust = (TrustAnchor) iter.Current;
+				if (trust.TrustedCert != null)
+				{
+					if (certSelectX509.Match(trust.TrustedCert))
+					{
+						trustPublicKey = trust.TrustedCert.GetPublicKey();
+					}
+					else
+					{
+						trust = null;
+					}
+				}
+				else if (trust.CAName != null && trust.CAPublicKey != null)
+				{
+					try
+					{
+						X509Name certIssuer = GetIssuerPrincipal(cert);
+						X509Name caName = new X509Name(trust.CAName);
+
+						if (certIssuer.Equivalent(caName, true))
+						{
+							trustPublicKey = trust.CAPublicKey;
+						}
+						else
+						{
+							trust = null;
+						}
+					}
+					catch (InvalidParameterException)
+					{
+						trust = null;
+					}
+				}
+				else
+				{
+					trust = null;
+				}
+
+				if (trustPublicKey != null)
+				{
+					try
+					{
+						cert.Verify(trustPublicKey);
+					}
+					catch (Exception ex)
+					{
+						invalidKeyEx = ex;
+						trust = null;
+					}
+				}
+			}
+
+			if (trust == null && invalidKeyEx != null)
+			{
+				throw new Exception("TrustAnchor found but certificate validation failed.", invalidKeyEx);
+			}
+
+			return trust;
+		}
+
+		internal static void AddAdditionalStoresFromAltNames(
+			X509Certificate	cert,
+			PkixParameters	pkixParams)
+		{
+			// if in the IssuerAltName extension an URI
+			// is given, add an additinal X.509 store
+			if (cert.GetIssuerAlternativeNames() != null)
+			{
+				IEnumerator it = cert.GetIssuerAlternativeNames().GetEnumerator();
+				while (it.MoveNext())
+				{
+					// look for URI
+					IList list = (IList)it.Current;
+					//if (list[0].Equals(new Integer(GeneralName.UniformResourceIdentifier)))
+					if (list[0].Equals(GeneralName.UniformResourceIdentifier))
+					{
+						// found
+						string temp = (string)list[1];
+						PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(temp, pkixParams);
+					}
+				}
+			}
+		}
+
+		internal static DateTime GetValidDate(PkixParameters paramsPKIX)
+		{
+			DateTimeObject validDate = paramsPKIX.Date;
+
+			if (validDate == null)
+				return DateTime.UtcNow;
+
+			return validDate.Value;
+		}
+
+		/// <summary>
+		/// Returns the issuer of an attribute certificate or certificate.
+		/// </summary>
+		/// <param name="cert">The attribute certificate or certificate.</param>
+		/// <returns>The issuer as <code>X500Principal</code>.</returns>
+		internal static X509Name GetIssuerPrincipal(
+			object cert)
+		{
+			if (cert is X509Certificate)
+			{
+				return ((X509Certificate)cert).IssuerDN;
+			}
+			else
+			{
+				return ((IX509AttributeCertificate)cert).Issuer.GetPrincipals()[0];
+			}
+		}
+
+		internal static bool IsSelfIssued(
+			X509Certificate cert)
+		{
+			return cert.SubjectDN.Equivalent(cert.IssuerDN, true);
+		}
+
+		internal static AlgorithmIdentifier GetAlgorithmIdentifier(
+			AsymmetricKeyParameter key)
+		{
+			try
+			{
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(key);
+
+				return info.AlgorithmID;
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Subject public key cannot be decoded.", e);
+			}
+		}
+
+		internal static bool IsAnyPolicy(
+			ISet policySet)
+		{
+			return policySet == null || policySet.Contains(ANY_POLICY) || policySet.Count == 0;
+		}
+
+		internal static void AddAdditionalStoreFromLocation(
+			string			location,
+			PkixParameters	pkixParams)
+		{
+			if (pkixParams.IsAdditionalLocationsEnabled)
+			{
+				try
+				{
+					if (Platform.StartsWith(location, "ldap://"))
+					{
+						// ldap://directory.d-trust.net/CN=D-TRUST
+						// Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE
+						// skip "ldap://"
+						location = location.Substring(7);
+						// after first / baseDN starts
+						string url;//, baseDN;
+						int slashPos = location.IndexOf('/');
+						if (slashPos != -1)
+						{
+							url = "ldap://" + location.Substring(0, slashPos);
+//							baseDN = location.Substring(slashPos);
+						}
+						else
+						{
+							url = "ldap://" + location;
+//							baseDN = nsull;
+						}
+
+						throw Platform.CreateNotImplementedException("LDAP cert/CRL stores");
+
+						// use all purpose parameters
+						//X509LDAPCertStoreParameters ldapParams = new X509LDAPCertStoreParameters.Builder(
+						//                                url, baseDN).build();
+						//pkixParams.AddAdditionalStore(X509Store.getInstance(
+						//    "CERTIFICATE/LDAP", ldapParams));
+						//pkixParams.AddAdditionalStore(X509Store.getInstance(
+						//    "CRL/LDAP", ldapParams));
+						//pkixParams.AddAdditionalStore(X509Store.getInstance(
+						//    "ATTRIBUTECERTIFICATE/LDAP", ldapParams));
+						//pkixParams.AddAdditionalStore(X509Store.getInstance(
+						//    "CERTIFICATEPAIR/LDAP", ldapParams));
+					}
+				}
+				catch (Exception)
+				{
+					// cannot happen
+					throw new Exception("Exception adding X.509 stores.");
+				}
+			}
+		}
+
+		private static BigInteger GetSerialNumber(
+			object cert)
+		{
+			if (cert is X509Certificate)
+			{
+				return ((X509Certificate)cert).SerialNumber;
+			}
+			else
+			{
+				return ((X509V2AttributeCertificate)cert).SerialNumber;
+			}
+		}
+
+		//
+		// policy checking
+		//
+
+		internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
+		{
+			ISet pq = new HashSet();
+
+			if (qualifiers == null)
+			{
+				return pq;
+			}
+
+			foreach (Asn1Encodable ae in qualifiers)
+			{
+				try
+				{
+//					pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded())));
+					pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object()));
+				}
+				catch (IOException ex)
+				{
+					throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
+				}
+			}
+
+			return pq;
+		}
+
+		internal static PkixPolicyNode RemovePolicyNode(
+			PkixPolicyNode validPolicyTree,
+			IList[] policyNodes,
+			PkixPolicyNode _node)
+		{
+			PkixPolicyNode _parent = (PkixPolicyNode)_node.Parent;
+
+			if (validPolicyTree == null)
+			{
+				return null;
+			}
+
+			if (_parent == null)
+			{
+				for (int j = 0; j < policyNodes.Length; j++)
+				{
+                    policyNodes[j] = Platform.CreateArrayList();
+				}
+
+				return null;
+			}
+			else
+			{
+				_parent.RemoveChild(_node);
+				RemovePolicyNodeRecurse(policyNodes, _node);
+
+				return validPolicyTree;
+			}
+		}
+
+		private static void RemovePolicyNodeRecurse(IList[] policyNodes, PkixPolicyNode _node)
+		{
+			policyNodes[_node.Depth].Remove(_node);
+
+			if (_node.HasChildren)
+			{
+				foreach (PkixPolicyNode _child in _node.Children)
+				{
+					RemovePolicyNodeRecurse(policyNodes, _child);
+				}
+			}
+		}
+
+		internal static void PrepareNextCertB1(
+			int i,
+			IList[] policyNodes,
+			string id_p,
+			IDictionary m_idp,
+			X509Certificate cert)
+		{
+			bool idp_found = false;
+			IEnumerator nodes_i = policyNodes[i].GetEnumerator();
+			while (nodes_i.MoveNext())
+			{
+				PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
+				if (node.ValidPolicy.Equals(id_p))
+				{
+					idp_found = true;
+					node.ExpectedPolicies = (ISet)m_idp[id_p];
+					break;
+				}
+			}
+
+			if (!idp_found)
+			{
+				nodes_i = policyNodes[i].GetEnumerator();
+				while (nodes_i.MoveNext())
+				{
+					PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
+					if (ANY_POLICY.Equals(node.ValidPolicy))
+					{
+						ISet pq = null;
+						Asn1Sequence policies = null;
+						try
+						{
+							policies = DerSequence.GetInstance(GetExtensionValue(cert, X509Extensions.CertificatePolicies));
+						}
+						catch (Exception e)
+						{
+							throw new Exception("Certificate policies cannot be decoded.", e);
+						}
+
+						IEnumerator enm = policies.GetEnumerator();
+						while (enm.MoveNext())
+						{
+							PolicyInformation pinfo = null;
+
+							try
+							{
+								pinfo = PolicyInformation.GetInstance(enm.Current);
+							}
+							catch (Exception ex)
+							{
+								throw new Exception("Policy information cannot be decoded.", ex);
+							}
+
+							if (ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
+							{
+								try
+								{
+									pq = GetQualifierSet(pinfo.PolicyQualifiers);
+								}
+								catch (PkixCertPathValidatorException ex)
+								{
+									throw new PkixCertPathValidatorException(
+										"Policy qualifier info set could not be built.", ex);
+								}
+								break;
+							}
+						}
+						bool ci = false;
+						ISet critExtOids = cert.GetCriticalExtensionOids();
+						if (critExtOids != null)
+						{
+							ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id);
+						}
+
+						PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
+						if (ANY_POLICY.Equals(p_node.ValidPolicy))
+						{
+							PkixPolicyNode c_node = new PkixPolicyNode(
+                                Platform.CreateArrayList(), i,
+								(ISet)m_idp[id_p],
+								p_node, pq, id_p, ci);
+							p_node.AddChild(c_node);
+							policyNodes[i].Add(c_node);
+						}
+						break;
+					}
+				}
+			}
+		}
+
+		internal static PkixPolicyNode PrepareNextCertB2(
+			int				i,
+			IList[]			policyNodes,
+			string			id_p,
+			PkixPolicyNode	validPolicyTree)
+		{
+			int pos = 0;
+
+			// Copy to avoid RemoveAt calls interfering with enumeration
+            foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i]))
+			{
+				if (node.ValidPolicy.Equals(id_p))
+				{
+					PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
+					p_node.RemoveChild(node);
+
+					// Removal of element at current iterator position not supported in C#
+					//nodes_i.remove();
+					policyNodes[i].RemoveAt(pos);
+
+					for (int k = (i - 1); k >= 0; k--)
+					{
+						IList nodes = policyNodes[k];
+						for (int l = 0; l < nodes.Count; l++)
+						{
+							PkixPolicyNode node2 = (PkixPolicyNode)nodes[l];
+							if (!node2.HasChildren)
+							{
+								validPolicyTree = RemovePolicyNode(validPolicyTree, policyNodes, node2);
+								if (validPolicyTree == null)
+									break;
+							}
+						}
+					}
+				}
+				else
+				{
+					++pos;
+				}
+			}
+			return validPolicyTree;
+		}
+
+		internal static void GetCertStatus(
+			DateTime validDate,
+			X509Crl crl,
+			Object cert,
+			CertStatus certStatus)
+		{
+			X509Crl bcCRL = null;
+
+			try
+			{
+				bcCRL = new X509Crl(CertificateList.GetInstance((Asn1Sequence)Asn1Sequence.FromByteArray(crl.GetEncoded())));
+			}
+			catch (Exception exception)
+			{
+				throw new Exception("Bouncy Castle X509Crl could not be created.", exception);
+			}
+
+			X509CrlEntry crl_entry = (X509CrlEntry)bcCRL.GetRevokedCertificate(GetSerialNumber(cert));
+
+			if (crl_entry == null)
+				return;
+
+			X509Name issuer = GetIssuerPrincipal(cert);
+
+			if (issuer.Equivalent(crl_entry.GetCertificateIssuer(), true)
+				|| issuer.Equivalent(crl.IssuerDN, true))
+			{
+				DerEnumerated reasonCode = null;
+				if (crl_entry.HasExtensions)
+				{
+					try
+					{
+						reasonCode = DerEnumerated.GetInstance(
+							GetExtensionValue(crl_entry, X509Extensions.ReasonCode));
+					}
+					catch (Exception e)
+					{
+						throw new Exception(
+							"Reason code CRL entry extension could not be decoded.",
+							e);
+					}
+				}
+
+				// for reason keyCompromise, caCompromise, aACompromise or
+				// unspecified
+				if (!(validDate.Ticks < crl_entry.RevocationDate.Ticks)
+					|| reasonCode == null
+					|| reasonCode.Value.TestBit(0)
+					|| reasonCode.Value.TestBit(1)
+					|| reasonCode.Value.TestBit(2)
+					|| reasonCode.Value.TestBit(8))
+				{
+					if (reasonCode != null) // (i) or (j) (1)
+					{
+						certStatus.Status = reasonCode.Value.SignValue;
+					}
+					else // (i) or (j) (2)
+					{
+						certStatus.Status = CrlReason.Unspecified;
+					}
+					certStatus.RevocationDate = new DateTimeObject(crl_entry.RevocationDate);
+				}
+			}
+		}
+
+		/**
+		* Return the next working key inheriting DSA parameters if necessary.
+		* <p>
+		* This methods inherits DSA parameters from the indexed certificate or
+		* previous certificates in the certificate chain to the returned
+		* <code>PublicKey</code>. The list is searched upwards, meaning the end
+		* certificate is at position 0 and previous certificates are following.
+		* </p>
+		* <p>
+		* If the indexed certificate does not contain a DSA key this method simply
+		* returns the public key. If the DSA key already contains DSA parameters
+		* the key is also only returned.
+		* </p>
+		*
+		* @param certs The certification path.
+		* @param index The index of the certificate which contains the public key
+		*            which should be extended with DSA parameters.
+		* @return The public key of the certificate in list position
+		*         <code>index</code> extended with DSA parameters if applicable.
+		* @throws Exception if DSA parameters cannot be inherited.
+		*/
+		internal static AsymmetricKeyParameter GetNextWorkingKey(
+			IList	certs,
+			int		index)
+		{
+			//Only X509Certificate
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			AsymmetricKeyParameter pubKey = cert.GetPublicKey();
+
+			if (!(pubKey is DsaPublicKeyParameters))
+				return pubKey;
+
+			DsaPublicKeyParameters dsaPubKey = (DsaPublicKeyParameters)pubKey;
+
+			if (dsaPubKey.Parameters != null)
+				return dsaPubKey;
+
+			for (int i = index + 1; i < certs.Count; i++)
+			{
+				X509Certificate parentCert = (X509Certificate)certs[i];
+				pubKey = parentCert.GetPublicKey();
+
+				if (!(pubKey is DsaPublicKeyParameters))
+				{
+					throw new PkixCertPathValidatorException(
+						"DSA parameters cannot be inherited from previous certificate.");
+				}
+
+				DsaPublicKeyParameters prevDSAPubKey = (DsaPublicKeyParameters)pubKey;
+
+				if (prevDSAPubKey.Parameters == null)
+					continue;
+
+				DsaParameters dsaParams = prevDSAPubKey.Parameters;
+
+				try
+				{
+					return new DsaPublicKeyParameters(dsaPubKey.Y, dsaParams);
+				}
+				catch (Exception exception)
+				{
+					throw new Exception(exception.Message);
+				}
+			}
+
+			throw new PkixCertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
+		}
+
+		internal static DateTime GetValidCertDateFromValidityModel(
+			PkixParameters	paramsPkix,
+			PkixCertPath	certPath,
+			int				index)
+		{
+			if (paramsPkix.ValidityModel != PkixParameters.ChainValidityModel)
+			{
+				return GetValidDate(paramsPkix);
+			}
+
+			// if end cert use given signing/encryption/... time
+			if (index <= 0)
+			{
+				return PkixCertPathValidatorUtilities.GetValidDate(paramsPkix);
+				// else use time when previous cert was created
+			}
+
+			if (index - 1 == 0)
+			{
+				DerGeneralizedTime dateOfCertgen = null;
+				try
+				{
+					X509Certificate cert = (X509Certificate)certPath.Certificates[index - 1];
+					Asn1OctetString extVal = cert.GetExtensionValue(
+						IsisMttObjectIdentifiers.IdIsisMttATDateOfCertGen);
+					dateOfCertgen = DerGeneralizedTime.GetInstance(extVal);
+				}
+				catch (ArgumentException)
+				{
+					throw new Exception(
+						"Date of cert gen extension could not be read.");
+				}
+				if (dateOfCertgen != null)
+				{
+					try
+					{
+						return dateOfCertgen.ToDateTime();
+					}
+					catch (ArgumentException e)
+					{
+						throw new Exception(
+							"Date from date of cert gen extension could not be parsed.",
+							e);
+					}
+				}
+			}
+
+			return ((X509Certificate)certPath.Certificates[index - 1]).NotBefore;
+		}
+
+		/// <summary>
+		/// Return a Collection of all certificates or attribute certificates found
+		/// in the X509Store's that are matching the certSelect criteriums.
+		/// </summary>
+		/// <param name="certSelect">a {@link Selector} object that will be used to select
+		/// the certificates</param>
+		/// <param name="certStores">a List containing only X509Store objects. These
+		/// are used to search for certificates.</param>
+		/// <returns>a Collection of all found <see cref="X509Certificate"/> or
+		/// <see cref="Org.BouncyCastle.X509.IX509AttributeCertificate"/> objects.
+		/// May be empty but never <code>null</code>.</returns>
+		/// <exception cref="Exception"></exception>
+		internal static ICollection FindCertificates(
+			X509CertStoreSelector	certSelect,
+			IList					certStores)
+		{
+			ISet certs = new HashSet();
+
+			foreach (IX509Store certStore in certStores)
+			{
+				try
+				{
+//					certs.AddAll(certStore.GetMatches(certSelect));
+					foreach (X509Certificate c in certStore.GetMatches(certSelect))
+					{
+						certs.Add(c);
+					}
+				}
+				catch (Exception e)
+				{
+					throw new Exception("Problem while picking certificates from X.509 store.", e);
+				}
+			}
+
+			return certs;
+		}
+
+		/**
+		* Add the CRL issuers from the cRLIssuer field of the distribution point or
+		* from the certificate if not given to the issuer criterion of the
+		* <code>selector</code>.
+		* <p>
+		* The <code>issuerPrincipals</code> are a collection with a single
+		* <code>X500Principal</code> for <code>X509Certificate</code>s. For
+		* {@link X509AttributeCertificate}s the issuer may contain more than one
+		* <code>X500Principal</code>.
+		* </p>
+		*
+		* @param dp The distribution point.
+		* @param issuerPrincipals The issuers of the certificate or attribute
+		*            certificate which contains the distribution point.
+		* @param selector The CRL selector.
+		* @param pkixParams The PKIX parameters containing the cert stores.
+		* @throws Exception if an exception occurs while processing.
+		* @throws ClassCastException if <code>issuerPrincipals</code> does not
+		* contain only <code>X500Principal</code>s.
+		*/
+		internal static void GetCrlIssuersFromDistributionPoint(
+			DistributionPoint		dp,
+			ICollection				issuerPrincipals,
+			X509CrlStoreSelector	selector,
+			PkixParameters			pkixParams)
+		{
+            IList issuers = Platform.CreateArrayList();
+			// indirect CRL
+			if (dp.CrlIssuer != null)
+			{
+				GeneralName[] genNames = dp.CrlIssuer.GetNames();
+				// look for a DN
+				for (int j = 0; j < genNames.Length; j++)
+				{
+					if (genNames[j].TagNo == GeneralName.DirectoryName)
+					{
+						try
+						{
+							issuers.Add(X509Name.GetInstance(genNames[j].Name.ToAsn1Object()));
+						}
+						catch (IOException e)
+						{
+							throw new Exception(
+								"CRL issuer information from distribution point cannot be decoded.",
+								e);
+						}
+					}
+				}
+			}
+			else
+			{
+				/*
+				 * certificate issuer is CRL issuer, distributionPoint field MUST be
+				 * present.
+				 */
+				if (dp.DistributionPointName == null)
+				{
+					throw new Exception(
+						"CRL issuer is omitted from distribution point but no distributionPoint field present.");
+				}
+
+				// add and check issuer principals
+				for (IEnumerator it = issuerPrincipals.GetEnumerator(); it.MoveNext(); )
+				{
+					issuers.Add((X509Name)it.Current);
+				}
+			}
+			// TODO: is not found although this should correctly add the rel name. selector of Sun is buggy here or PKI test case is invalid
+			// distributionPoint
+			//        if (dp.getDistributionPoint() != null)
+			//        {
+			//            // look for nameRelativeToCRLIssuer
+			//            if (dp.getDistributionPoint().getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER)
+			//            {
+			//                // append fragment to issuer, only one
+			//                // issuer can be there, if this is given
+			//                if (issuers.size() != 1)
+			//                {
+			//                    throw new AnnotatedException(
+			//                        "nameRelativeToCRLIssuer field is given but more than one CRL issuer is given.");
+			//                }
+			//                DEREncodable relName = dp.getDistributionPoint().getName();
+			//                Iterator it = issuers.iterator();
+			//                List issuersTemp = new ArrayList(issuers.size());
+			//                while (it.hasNext())
+			//                {
+			//                    Enumeration e = null;
+			//                    try
+			//                    {
+			//                        e = ASN1Sequence.getInstance(
+			//                            new ASN1InputStream(((X500Principal) it.next())
+			//                                .getEncoded()).readObject()).getObjects();
+			//                    }
+			//                    catch (IOException ex)
+			//                    {
+			//                        throw new AnnotatedException(
+			//                            "Cannot decode CRL issuer information.", ex);
+			//                    }
+			//                    ASN1EncodableVector v = new ASN1EncodableVector();
+			//                    while (e.hasMoreElements())
+			//                    {
+			//                        v.add((DEREncodable) e.nextElement());
+			//                    }
+			//                    v.add(relName);
+			//                    issuersTemp.add(new X500Principal(new DERSequence(v)
+			//                        .getDEREncoded()));
+			//                }
+			//                issuers.clear();
+			//                issuers.addAll(issuersTemp);
+			//            }
+			//        }
+
+			selector.Issuers = issuers;
+		}
+
+		/**
+		 * Fetches complete CRLs according to RFC 3280.
+		 *
+		 * @param dp The distribution point for which the complete CRL
+		 * @param cert The <code>X509Certificate</code> or
+		 *            {@link org.bouncycastle.x509.X509AttributeCertificate} for
+		 *            which the CRL should be searched.
+		 * @param currentDate The date for which the delta CRLs must be valid.
+		 * @param paramsPKIX The extended PKIX parameters.
+		 * @return A <code>Set</code> of <code>X509CRL</code>s with complete
+		 *         CRLs.
+		 * @throws Exception if an exception occurs while picking the CRLs
+		 *             or no CRLs are found.
+		 */
+		internal static ISet GetCompleteCrls(
+			DistributionPoint	dp,
+			object				cert,
+			DateTime			currentDate,
+			PkixParameters		paramsPKIX)
+		{
+			X509CrlStoreSelector crlselect = new X509CrlStoreSelector();
+			try
+			{
+				ISet issuers = new HashSet();
+				if (cert is X509V2AttributeCertificate)
+				{
+					issuers.Add(((X509V2AttributeCertificate)cert)
+						.Issuer.GetPrincipals()[0]);
+				}
+				else
+				{
+					issuers.Add(GetIssuerPrincipal(cert));
+				}
+				PkixCertPathValidatorUtilities.GetCrlIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX);
+			}
+			catch (Exception e)
+			{
+				throw new Exception("Could not get issuer information from distribution point.", e);
+			}
+
+			if (cert is X509Certificate)
+			{
+				crlselect.CertificateChecking = (X509Certificate)cert;
+			}
+			else if (cert is X509V2AttributeCertificate)
+			{
+				crlselect.AttrCertChecking = (IX509AttributeCertificate)cert;
+			}
+
+			crlselect.CompleteCrlEnabled = true;
+			ISet crls = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
+
+			if (crls.IsEmpty)
+			{
+				if (cert is IX509AttributeCertificate)
+				{
+					IX509AttributeCertificate aCert = (IX509AttributeCertificate)cert;
+
+					throw new Exception("No CRLs found for issuer \"" + aCert.Issuer.GetPrincipals()[0] + "\"");
+				}
+				else
+				{
+					X509Certificate xCert = (X509Certificate)cert;
+
+					throw new Exception("No CRLs found for issuer \"" + xCert.IssuerDN + "\"");
+				}
+			}
+
+			return crls;
+		}
+
+		/**
+		 * Fetches delta CRLs according to RFC 3280 section 5.2.4.
+		 *
+		 * @param currentDate The date for which the delta CRLs must be valid.
+		 * @param paramsPKIX The extended PKIX parameters.
+		 * @param completeCRL The complete CRL the delta CRL is for.
+		 * @return A <code>Set</code> of <code>X509CRL</code>s with delta CRLs.
+		 * @throws Exception if an exception occurs while picking the delta
+		 *             CRLs.
+		 */
+		internal static ISet GetDeltaCrls(
+			DateTime		currentDate,
+			PkixParameters	paramsPKIX,
+			X509Crl			completeCRL)
+		{
+			X509CrlStoreSelector deltaSelect = new X509CrlStoreSelector();
+
+			// 5.2.4 (a)
+			try
+			{
+                IList deltaSelectIssuer = Platform.CreateArrayList();
+				deltaSelectIssuer.Add(completeCRL.IssuerDN);
+				deltaSelect.Issuers = deltaSelectIssuer;
+			}
+			catch (IOException e)
+			{
+				throw new Exception("Cannot extract issuer from CRL.", e);
+			}
+
+			BigInteger completeCRLNumber = null;
+			try
+			{
+				Asn1Object asn1Object = GetExtensionValue(completeCRL, X509Extensions.CrlNumber);
+				if (asn1Object != null)
+				{
+					completeCRLNumber = CrlNumber.GetInstance(asn1Object).PositiveValue;
+				}
+			}
+			catch (Exception e)
+			{
+				throw new Exception(
+					"CRL number extension could not be extracted from CRL.", e);
+			}
+
+			// 5.2.4 (b)
+			byte[] idp = null;
+
+			try
+			{
+				Asn1Object obj = GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint);
+				if (obj != null)
+				{
+					idp = obj.GetDerEncoded();
+				}
+			}
+			catch (Exception e)
+			{
+				throw new Exception(
+					"Issuing distribution point extension value could not be read.",
+					e);
+			}
+
+			// 5.2.4 (d)
+
+			deltaSelect.MinCrlNumber = (completeCRLNumber == null)
+				?	null
+				:	completeCRLNumber.Add(BigInteger.One);
+
+			deltaSelect.IssuingDistributionPoint = idp;
+			deltaSelect.IssuingDistributionPointEnabled = true;
+
+			// 5.2.4 (c)
+			deltaSelect.MaxBaseCrlNumber = completeCRLNumber;
+
+			// find delta CRLs
+			ISet temp = CrlUtilities.FindCrls(deltaSelect, paramsPKIX, currentDate);
+
+			ISet result = new HashSet();
+
+			foreach (X509Crl crl in temp)
+			{
+				if (isDeltaCrl(crl))
+				{
+					result.Add(crl);
+				}
+			}
+
+			return result;
+		}
+
+		private static bool isDeltaCrl(
+			X509Crl crl)
+		{
+			ISet critical = crl.GetCriticalExtensionOids();
+
+			return critical.Contains(X509Extensions.DeltaCrlIndicator.Id);
+		}
+
+		internal static ICollection FindCertificates(
+			X509AttrCertStoreSelector	certSelect,
+			IList						certStores)
+		{
+			ISet certs = new HashSet();
+
+			foreach (IX509Store certStore in certStores)
+			{
+				try
+				{
+//					certs.AddAll(certStore.GetMatches(certSelect));
+					foreach (X509V2AttributeCertificate ac in certStore.GetMatches(certSelect))
+					{
+						certs.Add(ac);
+					}
+				}
+				catch (Exception e)
+				{
+					throw new Exception(
+						"Problem while picking certificates from X.509 store.", e);
+				}
+			}
+
+			return certs;
+		}
+
+		internal static void AddAdditionalStoresFromCrlDistributionPoint(
+			CrlDistPoint	crldp,
+			PkixParameters	pkixParams)
+		{
+			if (crldp != null)
+			{
+				DistributionPoint[] dps = null;
+				try
+				{
+					dps = crldp.GetDistributionPoints();
+				}
+				catch (Exception e)
+				{
+					throw new Exception(
+						"Distribution points could not be read.", e);
+				}
+				for (int i = 0; i < dps.Length; i++)
+				{
+					DistributionPointName dpn = dps[i].DistributionPointName;
+					// look for URIs in fullName
+					if (dpn != null)
+					{
+						if (dpn.PointType == DistributionPointName.FullName)
+						{
+							GeneralName[] genNames = GeneralNames.GetInstance(
+								dpn.Name).GetNames();
+							// look for an URI
+							for (int j = 0; j < genNames.Length; j++)
+							{
+								if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier)
+								{
+									string location = DerIA5String.GetInstance(
+										genNames[j].Name).GetString();
+									PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(
+										location, pkixParams);
+								}
+							}
+						}
+					}
+				}
+			}
+		}
+
+		internal static bool ProcessCertD1i(
+			int					index,
+			IList[]				policyNodes,
+			DerObjectIdentifier	pOid,
+			ISet				pq)
+		{
+			IList policyNodeVec = policyNodes[index - 1];
+
+			for (int j = 0; j < policyNodeVec.Count; j++)
+			{
+				PkixPolicyNode node = (PkixPolicyNode)policyNodeVec[j];
+				ISet expectedPolicies = node.ExpectedPolicies;
+
+				if (expectedPolicies.Contains(pOid.Id))
+				{
+					ISet childExpectedPolicies = new HashSet();
+					childExpectedPolicies.Add(pOid.Id);
+
+                    PkixPolicyNode child = new PkixPolicyNode(Platform.CreateArrayList(),
+						index,
+						childExpectedPolicies,
+						node,
+						pq,
+						pOid.Id,
+						false);
+					node.AddChild(child);
+					policyNodes[index].Add(child);
+
+					return true;
+				}
+			}
+
+			return false;
+		}
+
+		internal static void ProcessCertD1ii(
+			int					index,
+			IList[]				policyNodes,
+			DerObjectIdentifier _poid,
+			ISet				_pq)
+		{
+			IList policyNodeVec = policyNodes[index - 1];
+
+			for (int j = 0; j < policyNodeVec.Count; j++)
+			{
+				PkixPolicyNode _node = (PkixPolicyNode)policyNodeVec[j];
+
+				if (ANY_POLICY.Equals(_node.ValidPolicy))
+				{
+					ISet _childExpectedPolicies = new HashSet();
+					_childExpectedPolicies.Add(_poid.Id);
+
+                    PkixPolicyNode _child = new PkixPolicyNode(Platform.CreateArrayList(),
+						index,
+						_childExpectedPolicies,
+						_node,
+						_pq,
+						_poid.Id,
+						false);
+					_node.AddChild(_child);
+					policyNodes[index].Add(_child);
+					return;
+				}
+			}
+		}
+
+		/**
+		* Find the issuer certificates of a given certificate.
+		*
+		* @param cert
+		*            The certificate for which an issuer should be found.
+		* @param pkixParams
+		* @return A <code>Collection</code> object containing the issuer
+		*         <code>X509Certificate</code>s. Never <code>null</code>.
+		*
+		* @exception Exception
+		*                if an error occurs.
+		*/
+		internal static ICollection FindIssuerCerts(
+			X509Certificate			cert,
+			PkixBuilderParameters	pkixParams)
+		{
+			X509CertStoreSelector certSelect = new X509CertStoreSelector();
+			ISet certs = new HashSet();
+			try
+			{
+				certSelect.Subject = cert.IssuerDN;
+			}
+			catch (IOException ex)
+			{
+				throw new Exception(
+					"Subject criteria for certificate selector to find issuer certificate could not be set.", ex);
+			}
+
+			try
+			{
+                certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetStores()));
+                certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetAdditionalStores()));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("Issuer certificate cannot be searched.", e);
+			}
+
+			return certs;
+		}
+
+		/// <summary>
+		/// Extract the value of the given extension, if it exists.
+		/// </summary>
+		/// <param name="ext">The extension object.</param>
+		/// <param name="oid">The object identifier to obtain.</param>
+		/// <returns>Asn1Object</returns>
+		/// <exception cref="Exception">if the extension cannot be read.</exception>
+		internal static Asn1Object GetExtensionValue(
+			IX509Extension		ext,
+			DerObjectIdentifier	oid)
+		{
+			Asn1OctetString bytes = ext.GetExtensionValue(oid);
+
+			if (bytes == null)
+				return null;
+
+			return X509ExtensionUtilities.FromExtensionValue(bytes);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixCrlUtilities.cs b/bc-sharp-crypto/src/pkix/PkixCrlUtilities.cs
new file mode 100644
index 0000000..c386b8a
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixCrlUtilities.cs
@@ -0,0 +1,114 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	public class PkixCrlUtilities
+	{
+		public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix, DateTime currentDate)
+		{
+			ISet initialSet = new HashSet();
+
+			// get complete CRL(s)
+			try
+			{
+				initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetAdditionalStores()));
+				initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores()));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("Exception obtaining complete CRLs.", e);
+			}
+
+			ISet finalSet = new HashSet();
+			DateTime validityDate = currentDate;
+
+			if (paramsPkix.Date != null)
+			{
+				validityDate = paramsPkix.Date.Value;
+			}
+
+			// based on RFC 5280 6.3.3
+			foreach (X509Crl crl in initialSet)
+			{
+				if (crl.NextUpdate.Value.CompareTo(validityDate) > 0)
+				{
+					X509Certificate cert = crlselect.CertificateChecking;
+
+					if (cert != null)
+					{
+						if (crl.ThisUpdate.CompareTo(cert.NotAfter) < 0)
+						{
+							finalSet.Add(crl);
+						}
+					}
+					else
+					{
+						finalSet.Add(crl);
+					}
+				}
+			}
+
+			return finalSet;
+		}
+
+		public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix)
+		{
+			ISet completeSet = new HashSet();
+
+			// get complete CRL(s)
+			try
+			{
+				completeSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores()));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("Exception obtaining complete CRLs.", e);
+			}
+
+			return completeSet;
+		}
+
+		/// <summary>
+		/// crl checking
+		/// Return a Collection of all CRLs found in the X509Store's that are
+		/// matching the crlSelect criteriums.
+		/// </summary>
+		/// <param name="crlSelect">a {@link X509CRLStoreSelector} object that will be used
+		/// to select the CRLs</param>
+		/// <param name="crlStores">a List containing only {@link org.bouncycastle.x509.X509Store
+		/// X509Store} objects. These are used to search for CRLs</param>
+		/// <returns>a Collection of all found {@link X509CRL X509CRL} objects. May be
+		/// empty but never <code>null</code>.
+		/// </returns>
+		private ICollection FindCrls(X509CrlStoreSelector crlSelect, IList crlStores)
+		{
+			ISet crls = new HashSet();
+
+			Exception lastException = null;
+			bool foundValidStore = false;
+
+			foreach (IX509Store store in crlStores)
+			{
+				try
+				{
+					crls.AddAll(store.GetMatches(crlSelect));
+					foundValidStore = true;
+				}
+				catch (X509StoreException e)
+				{
+					lastException = new Exception("Exception searching in X.509 CRL store.", e);
+				}
+			}
+
+	        if (!foundValidStore && lastException != null)
+	            throw lastException;
+
+			return crls;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixNameConstraintValidator.cs b/bc-sharp-crypto/src/pkix/PkixNameConstraintValidator.cs
new file mode 100644
index 0000000..f4ae739
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixNameConstraintValidator.cs
@@ -0,0 +1,1939 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Pkix
+{
+    public class PkixNameConstraintValidator
+    {
+        private ISet excludedSubtreesDN = new HashSet();
+
+        private ISet excludedSubtreesDNS = new HashSet();
+
+        private ISet excludedSubtreesEmail = new HashSet();
+
+        private ISet excludedSubtreesURI = new HashSet();
+
+        private ISet excludedSubtreesIP = new HashSet();
+
+        private ISet permittedSubtreesDN;
+
+        private ISet permittedSubtreesDNS;
+
+        private ISet permittedSubtreesEmail;
+
+        private ISet permittedSubtreesURI;
+
+        private ISet permittedSubtreesIP;
+
+        public PkixNameConstraintValidator()
+        {
+        }
+
+        private static bool WithinDNSubtree(
+            Asn1Sequence dns,
+            Asn1Sequence subtree)
+        {
+            if (subtree.Count < 1)
+            {
+                return false;
+            }
+
+            if (subtree.Count > dns.Count)
+            {
+                return false;
+            }
+
+            for (int j = subtree.Count - 1; j >= 0; j--)
+            {
+                if (!(subtree[j].Equals(dns[j])))
+                {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+
+        public void CheckPermittedDN(Asn1Sequence dns)
+        //throws PkixNameConstraintValidatorException
+        {
+            CheckPermittedDN(permittedSubtreesDN, dns);
+        }
+
+        public void CheckExcludedDN(Asn1Sequence dns)
+        //throws PkixNameConstraintValidatorException
+        {
+            CheckExcludedDN(excludedSubtreesDN, dns);
+        }
+
+        private void CheckPermittedDN(ISet permitted, Asn1Sequence dns)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (permitted == null)
+            {
+                return;
+            }
+
+            if ((permitted.Count == 0) && dns.Count == 0)
+            {
+                return;
+            }
+
+            IEnumerator it = permitted.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                Asn1Sequence subtree = (Asn1Sequence)it.Current;
+
+                if (WithinDNSubtree(dns, subtree))
+                {
+                    return;
+                }
+            }
+
+            throw new PkixNameConstraintValidatorException(
+                "Subject distinguished name is not from a permitted subtree");
+        }
+
+        private void CheckExcludedDN(ISet excluded, Asn1Sequence dns)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (excluded.IsEmpty)
+            {
+                return;
+            }
+
+            IEnumerator it = excluded.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                Asn1Sequence subtree = (Asn1Sequence)it.Current;
+
+                if (WithinDNSubtree(dns, subtree))
+                {
+                    throw new PkixNameConstraintValidatorException(
+                        "Subject distinguished name is from an excluded subtree");
+                }
+            }
+        }
+
+        private ISet IntersectDN(ISet permitted, ISet dns)
+        {
+            ISet intersect = new HashSet();
+            for (IEnumerator it = dns.GetEnumerator(); it.MoveNext(); )
+            {
+                Asn1Sequence dn = Asn1Sequence.GetInstance(((GeneralSubtree)it
+                    .Current).Base.Name.ToAsn1Object());
+                if (permitted == null)
+                {
+                    if (dn != null)
+                    {
+                        intersect.Add(dn);
+                    }
+                }
+                else
+                {
+                    IEnumerator _iter = permitted.GetEnumerator();
+                    while (_iter.MoveNext())
+                    {
+                        Asn1Sequence subtree = (Asn1Sequence)_iter.Current;
+
+                        if (WithinDNSubtree(dn, subtree))
+                        {
+                            intersect.Add(dn);
+                        }
+                        else if (WithinDNSubtree(subtree, dn))
+                        {
+                            intersect.Add(subtree);
+                        }
+                    }
+                }
+            }
+            return intersect;
+        }
+
+        private ISet UnionDN(ISet excluded, Asn1Sequence dn)
+        {
+            if (excluded.IsEmpty)
+            {
+                if (dn == null)
+                {
+                    return excluded;
+                }
+                excluded.Add(dn);
+
+                return excluded;
+            }
+            else
+            {
+                ISet intersect = new HashSet();
+
+                IEnumerator it = excluded.GetEnumerator();
+                while (it.MoveNext())
+                {
+                    Asn1Sequence subtree = (Asn1Sequence)it.Current;
+
+                    if (WithinDNSubtree(dn, subtree))
+                    {
+                        intersect.Add(subtree);
+                    }
+                    else if (WithinDNSubtree(subtree, dn))
+                    {
+                        intersect.Add(dn);
+                    }
+                    else
+                    {
+                        intersect.Add(subtree);
+                        intersect.Add(dn);
+                    }
+                }
+
+                return intersect;
+            }
+        }
+
+        private ISet IntersectEmail(ISet permitted, ISet emails)
+        {
+            ISet intersect = new HashSet();
+            for (IEnumerator it = emails.GetEnumerator(); it.MoveNext(); )
+            {
+                String email = ExtractNameAsString(((GeneralSubtree)it.Current)
+                    .Base);
+
+                if (permitted == null)
+                {
+                    if (email != null)
+                    {
+                        intersect.Add(email);
+                    }
+                }
+                else
+                {
+                    IEnumerator it2 = permitted.GetEnumerator();
+                    while (it2.MoveNext())
+                    {
+                        String _permitted = (String)it2.Current;
+
+                        intersectEmail(email, _permitted, intersect);
+                    }
+                }
+            }
+            return intersect;
+        }
+
+        private ISet UnionEmail(ISet excluded, String email)
+        {
+            if (excluded.IsEmpty)
+            {
+                if (email == null)
+                {
+                    return excluded;
+                }
+                excluded.Add(email);
+                return excluded;
+            }
+            else
+            {
+                ISet union = new HashSet();
+
+                IEnumerator it = excluded.GetEnumerator();
+                while (it.MoveNext())
+                {
+                    String _excluded = (String)it.Current;
+
+                    unionEmail(_excluded, email, union);
+                }
+
+                return union;
+            }
+        }
+
+        /**
+         * Returns the intersection of the permitted IP ranges in
+         * <code>permitted</code> with <code>ip</code>.
+         *
+         * @param permitted A <code>Set</code> of permitted IP addresses with
+         *                  their subnet mask as byte arrays.
+         * @param ips       The IP address with its subnet mask.
+         * @return The <code>Set</code> of permitted IP ranges intersected with
+         *         <code>ip</code>.
+         */
+        private ISet IntersectIP(ISet permitted, ISet ips)
+        {
+            ISet intersect = new HashSet();
+            for (IEnumerator it = ips.GetEnumerator(); it.MoveNext(); )
+            {
+                byte[] ip = Asn1OctetString.GetInstance(
+                    ((GeneralSubtree)it.Current).Base.Name).GetOctets();
+                if (permitted == null)
+                {
+                    if (ip != null)
+                    {
+                        intersect.Add(ip);
+                    }
+                }
+                else
+                {
+                    IEnumerator it2 = permitted.GetEnumerator();
+                    while (it2.MoveNext())
+                    {
+                        byte[] _permitted = (byte[])it2.Current;
+                        intersect.AddAll(IntersectIPRange(_permitted, ip));
+                    }
+                }
+            }
+            return intersect;
+        }
+
+        /**
+         * Returns the union of the excluded IP ranges in <code>excluded</code>
+         * with <code>ip</code>.
+         *
+         * @param excluded A <code>Set</code> of excluded IP addresses with their
+         *                 subnet mask as byte arrays.
+         * @param ip       The IP address with its subnet mask.
+         * @return The <code>Set</code> of excluded IP ranges unified with
+         *         <code>ip</code> as byte arrays.
+         */
+        private ISet UnionIP(ISet excluded, byte[] ip)
+        {
+            if (excluded.IsEmpty)
+            {
+                if (ip == null)
+                {
+                    return excluded;
+                }
+                excluded.Add(ip);
+
+                return excluded;
+            }
+            else
+            {
+                ISet union = new HashSet();
+
+                IEnumerator it = excluded.GetEnumerator();
+                while (it.MoveNext())
+                {
+                    byte[] _excluded = (byte[])it.Current;
+                    union.AddAll(UnionIPRange(_excluded, ip));
+                }
+
+                return union;
+            }
+        }
+
+        /**
+         * Calculates the union if two IP ranges.
+         *
+         * @param ipWithSubmask1 The first IP address with its subnet mask.
+         * @param ipWithSubmask2 The second IP address with its subnet mask.
+         * @return A <code>Set</code> with the union of both addresses.
+         */
+        private ISet UnionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+        {
+            ISet set = new HashSet();
+
+            // difficult, adding always all IPs is not wrong
+            if (Org.BouncyCastle.Utilities.Arrays.AreEqual(ipWithSubmask1, ipWithSubmask2))
+            {
+                set.Add(ipWithSubmask1);
+            }
+            else
+            {
+                set.Add(ipWithSubmask1);
+                set.Add(ipWithSubmask2);
+            }
+            return set;
+        }
+
+        /**
+         * Calculates the interesction if two IP ranges.
+         *
+         * @param ipWithSubmask1 The first IP address with its subnet mask.
+         * @param ipWithSubmask2 The second IP address with its subnet mask.
+         * @return A <code>Set</code> with the single IP address with its subnet
+         *         mask as a byte array or an empty <code>Set</code>.
+         */
+        private ISet IntersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+    {
+        if (ipWithSubmask1.Length != ipWithSubmask2.Length)
+        {
+            //Collections.EMPTY_SET;
+            return new HashSet();
+        }
+
+        byte[][] temp = ExtractIPsAndSubnetMasks(ipWithSubmask1, ipWithSubmask2);
+        byte[] ip1 = temp[0];
+        byte[] subnetmask1 = temp[1];
+        byte[] ip2 = temp[2];
+        byte[] subnetmask2 = temp[3];
+
+        byte[][] minMax = MinMaxIPs(ip1, subnetmask1, ip2, subnetmask2);
+        byte[] min;
+        byte[] max;
+        max = Min(minMax[1], minMax[3]);
+        min = Max(minMax[0], minMax[2]);
+
+        // minimum IP address must be bigger than max
+        if (CompareTo(min, max) == 1)
+        {
+            //return Collections.EMPTY_SET;
+            return new HashSet();
+        }
+        // OR keeps all significant bits
+        byte[] ip = Or(minMax[0], minMax[2]);
+        byte[] subnetmask = Or(subnetmask1, subnetmask2);
+
+            //return new HashSet( ICollectionsingleton(IpWithSubnetMask(ip, subnetmask));
+        ISet hs = new HashSet();
+        hs.Add(IpWithSubnetMask(ip, subnetmask));
+
+            return hs;
+    }
+
+        /**
+         * Concatenates the IP address with its subnet mask.
+         *
+         * @param ip         The IP address.
+         * @param subnetMask Its subnet mask.
+         * @return The concatenated IP address with its subnet mask.
+         */
+        private byte[] IpWithSubnetMask(byte[] ip, byte[] subnetMask)
+        {
+            int ipLength = ip.Length;
+            byte[] temp = new byte[ipLength * 2];
+            Array.Copy(ip, 0, temp, 0, ipLength);
+            Array.Copy(subnetMask, 0, temp, ipLength, ipLength);
+            return temp;
+        }
+
+        /**
+         * Splits the IP addresses and their subnet mask.
+         *
+         * @param ipWithSubmask1 The first IP address with the subnet mask.
+         * @param ipWithSubmask2 The second IP address with the subnet mask.
+         * @return An array with two elements. Each element contains the IP address
+         *         and the subnet mask in this order.
+         */
+        private byte[][] ExtractIPsAndSubnetMasks(
+            byte[] ipWithSubmask1,
+            byte[] ipWithSubmask2)
+    {
+        int ipLength = ipWithSubmask1.Length / 2;
+        byte[] ip1 = new byte[ipLength];
+        byte[] subnetmask1 = new byte[ipLength];
+        Array.Copy(ipWithSubmask1, 0, ip1, 0, ipLength);
+        Array.Copy(ipWithSubmask1, ipLength, subnetmask1, 0, ipLength);
+
+        byte[] ip2 = new byte[ipLength];
+        byte[] subnetmask2 = new byte[ipLength];
+        Array.Copy(ipWithSubmask2, 0, ip2, 0, ipLength);
+        Array.Copy(ipWithSubmask2, ipLength, subnetmask2, 0, ipLength);
+        return new byte[][]
+            {ip1, subnetmask1, ip2, subnetmask2};
+    }
+
+        /**
+         * Based on the two IP addresses and their subnet masks the IP range is
+         * computed for each IP address - subnet mask pair and returned as the
+         * minimum IP address and the maximum address of the range.
+         *
+         * @param ip1         The first IP address.
+         * @param subnetmask1 The subnet mask of the first IP address.
+         * @param ip2         The second IP address.
+         * @param subnetmask2 The subnet mask of the second IP address.
+         * @return A array with two elements. The first/second element contains the
+         *         min and max IP address of the first/second IP address and its
+         *         subnet mask.
+         */
+        private byte[][] MinMaxIPs(
+            byte[] ip1,
+            byte[] subnetmask1,
+            byte[] ip2,
+            byte[] subnetmask2)
+        {
+            int ipLength = ip1.Length;
+            byte[] min1 = new byte[ipLength];
+            byte[] max1 = new byte[ipLength];
+
+            byte[] min2 = new byte[ipLength];
+            byte[] max2 = new byte[ipLength];
+
+            for (int i = 0; i < ipLength; i++)
+            {
+                min1[i] = (byte)(ip1[i] & subnetmask1[i]);
+                max1[i] = (byte)(ip1[i] & subnetmask1[i] | ~subnetmask1[i]);
+
+                min2[i] = (byte)(ip2[i] & subnetmask2[i]);
+                max2[i] = (byte)(ip2[i] & subnetmask2[i] | ~subnetmask2[i]);
+            }
+
+            return new byte[][] { min1, max1, min2, max2 };
+        }
+
+        private void CheckPermittedEmail(ISet permitted, String email)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (permitted == null)
+            {
+                return;
+            }
+
+            IEnumerator it = permitted.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = ((String)it.Current);
+
+                if (EmailIsConstrained(email, str))
+                {
+                    return;
+                }
+            }
+
+            if (email.Length == 0 && permitted.Count == 0)
+            {
+                return;
+            }
+
+            throw new PkixNameConstraintValidatorException(
+                "Subject email address is not from a permitted subtree.");
+        }
+
+        private void CheckExcludedEmail(ISet excluded, String email)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (excluded.IsEmpty)
+            {
+                return;
+            }
+
+            IEnumerator it = excluded.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = (String)it.Current;
+
+                if (EmailIsConstrained(email, str))
+                {
+                    throw new PkixNameConstraintValidatorException(
+                        "Email address is from an excluded subtree.");
+                }
+            }
+        }
+
+        /**
+         * Checks if the IP <code>ip</code> is included in the permitted ISet
+         * <code>permitted</code>.
+         *
+         * @param permitted A <code>Set</code> of permitted IP addresses with
+         *                  their subnet mask as byte arrays.
+         * @param ip        The IP address.
+         * @throws PkixNameConstraintValidatorException
+         *          if the IP is not permitted.
+         */
+        private void CheckPermittedIP(ISet permitted, byte[] ip)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (permitted == null)
+            {
+                return;
+            }
+
+            IEnumerator it = permitted.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                byte[] ipWithSubnet = (byte[])it.Current;
+
+                if (IsIPConstrained(ip, ipWithSubnet))
+                {
+                    return;
+                }
+            }
+            if (ip.Length == 0 && permitted.Count == 0)
+            {
+                return;
+            }
+            throw new PkixNameConstraintValidatorException(
+                "IP is not from a permitted subtree.");
+        }
+
+        /**
+         * Checks if the IP <code>ip</code> is included in the excluded ISet
+         * <code>excluded</code>.
+         *
+         * @param excluded A <code>Set</code> of excluded IP addresses with their
+         *                 subnet mask as byte arrays.
+         * @param ip       The IP address.
+         * @throws PkixNameConstraintValidatorException
+         *          if the IP is excluded.
+         */
+        private void checkExcludedIP(ISet excluded, byte[] ip)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (excluded.IsEmpty)
+            {
+                return;
+            }
+
+            IEnumerator it = excluded.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                byte[] ipWithSubnet = (byte[])it.Current;
+
+                if (IsIPConstrained(ip, ipWithSubnet))
+                {
+                    throw new PkixNameConstraintValidatorException(
+                        "IP is from an excluded subtree.");
+                }
+            }
+        }
+
+        /**
+         * Checks if the IP address <code>ip</code> is constrained by
+         * <code>constraint</code>.
+         *
+         * @param ip         The IP address.
+         * @param constraint The constraint. This is an IP address concatenated with
+         *                   its subnetmask.
+         * @return <code>true</code> if constrained, <code>false</code>
+         *         otherwise.
+         */
+        private bool IsIPConstrained(byte[] ip, byte[] constraint)
+        {
+            int ipLength = ip.Length;
+
+            if (ipLength != (constraint.Length / 2))
+            {
+                return false;
+            }
+
+            byte[] subnetMask = new byte[ipLength];
+            Array.Copy(constraint, ipLength, subnetMask, 0, ipLength);
+
+            byte[] permittedSubnetAddress = new byte[ipLength];
+
+            byte[] ipSubnetAddress = new byte[ipLength];
+
+            // the resulting IP address by applying the subnet mask
+            for (int i = 0; i < ipLength; i++)
+            {
+                permittedSubnetAddress[i] = (byte)(constraint[i] & subnetMask[i]);
+                ipSubnetAddress[i] = (byte)(ip[i] & subnetMask[i]);
+            }
+
+            return Org.BouncyCastle.Utilities.Arrays.AreEqual(permittedSubnetAddress, ipSubnetAddress);
+        }
+
+        private bool EmailIsConstrained(String email, String constraint)
+        {
+            String sub = email.Substring(email.IndexOf('@') + 1);
+            // a particular mailbox
+            if (constraint.IndexOf('@') != -1)
+            {
+                if (Platform.ToUpperInvariant(email).Equals(Platform.ToUpperInvariant(constraint)))
+                {
+                    return true;
+                }
+            }
+            // on particular host
+            else if (!(constraint[0].Equals('.')))
+            {
+                if (Platform.ToUpperInvariant(sub).Equals(Platform.ToUpperInvariant(constraint)))
+                {
+                    return true;
+                }
+            }
+            // address in sub domain
+            else if (WithinDomain(sub, constraint))
+            {
+                return true;
+            }
+            return false;
+        }
+
+        private bool WithinDomain(String testDomain, String domain)
+        {
+            String tempDomain = domain;
+            if (Platform.StartsWith(tempDomain, "."))
+            {
+                tempDomain = tempDomain.Substring(1);
+            }
+            String[] domainParts = tempDomain.Split('.'); // Strings.split(tempDomain, '.');
+            String[] testDomainParts = testDomain.Split('.'); // Strings.split(testDomain, '.');
+
+            // must have at least one subdomain
+            if (testDomainParts.Length <= domainParts.Length)
+            {
+                return false;
+            }
+
+            int d = testDomainParts.Length - domainParts.Length;
+            for (int i = -1; i < domainParts.Length; i++)
+            {
+                if (i == -1)
+                {
+                    if (testDomainParts[i + d].Equals(""))
+                    {
+                        return false;
+                    }
+                }
+                else if (!Platform.EqualsIgnoreCase(testDomainParts[i + d], domainParts[i]))
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        private void CheckPermittedDNS(ISet permitted, String dns)
+        //throws PkixNameConstraintValidatorException
+        {
+            if (permitted == null)
+            {
+                return;
+            }
+
+            IEnumerator it = permitted.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = ((String)it.Current);
+
+                // is sub domain
+                if (WithinDomain(dns, str)
+                    || Platform.ToUpperInvariant(dns).Equals(Platform.ToUpperInvariant(str)))
+                {
+                    return;
+                }
+            }
+            if (dns.Length == 0 && permitted.Count == 0)
+            {
+                return;
+            }
+            throw new PkixNameConstraintValidatorException(
+                "DNS is not from a permitted subtree.");
+        }
+
+        private void checkExcludedDNS(ISet excluded, String dns)
+        //     throws PkixNameConstraintValidatorException
+        {
+            if (excluded.IsEmpty)
+            {
+                return;
+            }
+
+            IEnumerator it = excluded.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = ((String)it.Current);
+
+                // is sub domain or the same
+				if (WithinDomain(dns, str) || Platform.EqualsIgnoreCase(dns, str))
+                {
+                    throw new PkixNameConstraintValidatorException(
+                        "DNS is from an excluded subtree.");
+                }
+            }
+        }
+
+        /**
+         * The common part of <code>email1</code> and <code>email2</code> is
+         * added to the union <code>union</code>. If <code>email1</code> and
+         * <code>email2</code> have nothing in common they are added both.
+         *
+         * @param email1 Email address constraint 1.
+         * @param email2 Email address constraint 2.
+         * @param union  The union.
+         */
+        private void unionEmail(String email1, String email2, ISet union)
+        {
+            // email1 is a particular address
+            if (email1.IndexOf('@') != -1)
+            {
+                String _sub = email1.Substring(email1.IndexOf('@') + 1);
+                // both are a particular mailbox
+                if (email2.IndexOf('@') != -1)
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(_sub, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+            }
+            // email1 specifies a domain
+            else if (Platform.StartsWith(email1, "."))
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (WithinDomain(_sub, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else if (WithinDomain(email2, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                else
+                {
+                    if (WithinDomain(email2, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+            }
+            // email specifies a host
+            else
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+            }
+        }
+
+        private void unionURI(String email1, String email2, ISet union)
+        {
+            // email1 is a particular address
+            if (email1.IndexOf('@') != -1)
+            {
+                String _sub = email1.Substring(email1.IndexOf('@') + 1);
+                // both are a particular mailbox
+                if (email2.IndexOf('@') != -1)
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(_sub, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+
+                    }
+                }
+            }
+            // email1 specifies a domain
+            else if (Platform.StartsWith(email1, "."))
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (WithinDomain(_sub, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else if (WithinDomain(email2, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                else
+                {
+                    if (WithinDomain(email2, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+            }
+            // email specifies a host
+            else
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2))
+                    {
+                        union.Add(email2);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        union.Add(email1);
+                    }
+                    else
+                    {
+                        union.Add(email1);
+                        union.Add(email2);
+                    }
+                }
+            }
+        }
+
+        private ISet intersectDNS(ISet permitted, ISet dnss)
+        {
+            ISet intersect = new HashSet();
+            for (IEnumerator it = dnss.GetEnumerator(); it.MoveNext(); )
+            {
+                String dns = ExtractNameAsString(((GeneralSubtree)it.Current)
+                    .Base);
+                if (permitted == null)
+                {
+                    if (dns != null)
+                    {
+                        intersect.Add(dns);
+                    }
+                }
+                else
+                {
+                    IEnumerator _iter = permitted.GetEnumerator();
+                    while (_iter.MoveNext())
+                    {
+                        String _permitted = (String)_iter.Current;
+
+                        if (WithinDomain(_permitted, dns))
+                        {
+                            intersect.Add(_permitted);
+                        }
+                        else if (WithinDomain(dns, _permitted))
+                        {
+                            intersect.Add(dns);
+                        }
+                    }
+                }
+            }
+
+            return intersect;
+        }
+
+        protected ISet unionDNS(ISet excluded, String dns)
+        {
+            if (excluded.IsEmpty)
+            {
+                if (dns == null)
+                {
+                    return excluded;
+                }
+                excluded.Add(dns);
+
+                return excluded;
+            }
+            else
+            {
+                ISet union = new HashSet();
+
+                IEnumerator _iter = excluded.GetEnumerator();
+                while (_iter.MoveNext())
+                {
+                    String _permitted = (String)_iter.Current;
+
+                    if (WithinDomain(_permitted, dns))
+                    {
+                        union.Add(dns);
+                    }
+                    else if (WithinDomain(dns, _permitted))
+                    {
+                        union.Add(_permitted);
+                    }
+                    else
+                    {
+                        union.Add(_permitted);
+                        union.Add(dns);
+                    }
+                }
+
+                return union;
+            }
+        }
+
+        /**
+         * The most restricting part from <code>email1</code> and
+         * <code>email2</code> is added to the intersection <code>intersect</code>.
+         *
+         * @param email1    Email address constraint 1.
+         * @param email2    Email address constraint 2.
+         * @param intersect The intersection.
+         */
+        private void intersectEmail(String email1, String email2, ISet intersect)
+        {
+            // email1 is a particular address
+            if (email1.IndexOf('@') != -1)
+            {
+                String _sub = email1.Substring(email1.IndexOf('@') + 1);
+                // both are a particular mailbox
+                if (email2.IndexOf('@') != -1)
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(_sub, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+            }
+            // email specifies a domain
+            else if (Platform.StartsWith(email1, "."))
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (WithinDomain(_sub, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                    else if (WithinDomain(email2, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                else
+                {
+                    if (WithinDomain(email2, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+            }
+            // email1 specifies a host
+            else
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email2.IndexOf('@') + 1);
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+            }
+        }
+
+        private void checkExcludedURI(ISet excluded, String uri)
+        //       throws PkixNameConstraintValidatorException
+        {
+            if (excluded.IsEmpty)
+            {
+                return;
+            }
+
+            IEnumerator it = excluded.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = ((String)it.Current);
+
+                if (IsUriConstrained(uri, str))
+                {
+                    throw new PkixNameConstraintValidatorException(
+                        "URI is from an excluded subtree.");
+                }
+            }
+        }
+
+        private ISet intersectURI(ISet permitted, ISet uris)
+        {
+            ISet intersect = new HashSet();
+            for (IEnumerator it = uris.GetEnumerator(); it.MoveNext(); )
+            {
+                String uri = ExtractNameAsString(((GeneralSubtree)it.Current)
+                    .Base);
+                if (permitted == null)
+                {
+                    if (uri != null)
+                    {
+                        intersect.Add(uri);
+                    }
+                }
+                else
+                {
+                    IEnumerator _iter = permitted.GetEnumerator();
+                    while (_iter.MoveNext())
+                    {
+                        String _permitted = (String)_iter.Current;
+                        intersectURI(_permitted, uri, intersect);
+                    }
+                }
+            }
+            return intersect;
+        }
+
+        private ISet unionURI(ISet excluded, String uri)
+        {
+            if (excluded.IsEmpty)
+            {
+                if (uri == null)
+                {
+                    return excluded;
+                }
+                excluded.Add(uri);
+
+                return excluded;
+            }
+            else
+            {
+                ISet union = new HashSet();
+
+                IEnumerator _iter = excluded.GetEnumerator();
+                while (_iter.MoveNext())
+                {
+                    String _excluded = (String)_iter.Current;
+
+                    unionURI(_excluded, uri, union);
+                }
+
+                return union;
+            }
+        }
+
+        private void intersectURI(String email1, String email2, ISet intersect)
+        {
+            // email1 is a particular address
+            if (email1.IndexOf('@') != -1)
+            {
+                String _sub = email1.Substring(email1.IndexOf('@') + 1);
+                // both are a particular mailbox
+                if (email2.IndexOf('@') != -1)
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(_sub, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(_sub, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+            }
+            // email specifies a domain
+            else if (Platform.StartsWith(email1, "."))
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email1.IndexOf('@') + 1);
+                    if (WithinDomain(_sub, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                    else if (WithinDomain(email2, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                else
+                {
+                    if (WithinDomain(email2, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+            }
+            // email1 specifies a host
+            else
+            {
+                if (email2.IndexOf('@') != -1)
+                {
+                    String _sub = email2.Substring(email2.IndexOf('@') + 1);
+                    if (Platform.EqualsIgnoreCase(_sub, email1))
+                    {
+                        intersect.Add(email2);
+                    }
+                }
+                // email2 specifies a domain
+                else if (Platform.StartsWith(email2, "."))
+                {
+                    if (WithinDomain(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+                // email2 specifies a particular host
+                else
+                {
+                    if (Platform.EqualsIgnoreCase(email1, email2))
+                    {
+                        intersect.Add(email1);
+                    }
+                }
+            }
+        }
+
+        private void CheckPermittedURI(ISet permitted, String uri)
+        //        throws PkixNameConstraintValidatorException
+        {
+            if (permitted == null)
+            {
+                return;
+            }
+
+            IEnumerator it = permitted.GetEnumerator();
+
+            while (it.MoveNext())
+            {
+                String str = ((String)it.Current);
+
+                if (IsUriConstrained(uri, str))
+                {
+                    return;
+                }
+            }
+            if (uri.Length == 0 && permitted.Count == 0)
+            {
+                return;
+            }
+            throw new PkixNameConstraintValidatorException(
+                "URI is not from a permitted subtree.");
+        }
+
+        private bool IsUriConstrained(String uri, String constraint)
+        {
+            String host = ExtractHostFromURL(uri);
+            // a host
+            if (!Platform.StartsWith(constraint, "."))
+            {
+                if (Platform.EqualsIgnoreCase(host, constraint))
+                {
+                    return true;
+                }
+            }
+
+            // in sub domain or domain
+            else if (WithinDomain(host, constraint))
+            {
+                return true;
+            }
+
+            return false;
+        }
+
+        private static String ExtractHostFromURL(String url)
+        {
+            // see RFC 1738
+            // remove ':' after protocol, e.g. http:
+            String sub = url.Substring(url.IndexOf(':') + 1);
+            // extract host from Common Internet Scheme Syntax, e.g. http://
+            int idxOfSlashes = Platform.IndexOf(sub, "//");
+            if (idxOfSlashes != -1)
+            {
+                sub = sub.Substring(idxOfSlashes + 2);
+            }
+            // first remove port, e.g. http://test.com:21
+            if (sub.LastIndexOf(':') != -1)
+            {
+                sub = sub.Substring(0, sub.LastIndexOf(':'));
+            }
+            // remove user and password, e.g. http://john:password@test.com
+            sub = sub.Substring(sub.IndexOf(':') + 1);
+            sub = sub.Substring(sub.IndexOf('@') + 1);
+            // remove local parts, e.g. http://test.com/bla
+            if (sub.IndexOf('/') != -1)
+            {
+                sub = sub.Substring(0, sub.IndexOf('/'));
+            }
+            return sub;
+        }
+
+        /**
+         * Checks if the given GeneralName is in the permitted ISet.
+         *
+         * @param name The GeneralName
+         * @throws PkixNameConstraintValidatorException
+         *          If the <code>name</code>
+         */
+        public void checkPermitted(GeneralName name)
+        //        throws PkixNameConstraintValidatorException
+        {
+            switch (name.TagNo)
+            {
+                case 1:
+                    CheckPermittedEmail(permittedSubtreesEmail,
+                        ExtractNameAsString(name));
+                    break;
+                case 2:
+                    CheckPermittedDNS(permittedSubtreesDNS, DerIA5String.GetInstance(
+                        name.Name).GetString());
+                    break;
+                case 4:
+                    CheckPermittedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object()));
+                    break;
+                case 6:
+                    CheckPermittedURI(permittedSubtreesURI, DerIA5String.GetInstance(
+                        name.Name).GetString());
+                    break;
+                case 7:
+                    byte[] ip = Asn1OctetString.GetInstance(name.Name).GetOctets();
+
+                    CheckPermittedIP(permittedSubtreesIP, ip);
+                    break;
+            }
+        }
+
+        /**
+         * Check if the given GeneralName is contained in the excluded ISet.
+         *
+         * @param name The GeneralName.
+         * @throws PkixNameConstraintValidatorException
+         *          If the <code>name</code> is
+         *          excluded.
+         */
+        public void checkExcluded(GeneralName name)
+        //        throws PkixNameConstraintValidatorException
+        {
+            switch (name.TagNo)
+            {
+                case 1:
+                    CheckExcludedEmail(excludedSubtreesEmail, ExtractNameAsString(name));
+                    break;
+                case 2:
+                    checkExcludedDNS(excludedSubtreesDNS, DerIA5String.GetInstance(
+                        name.Name).GetString());
+                    break;
+                case 4:
+                    CheckExcludedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object()));
+                    break;
+                case 6:
+                    checkExcludedURI(excludedSubtreesURI, DerIA5String.GetInstance(
+                        name.Name).GetString());
+                    break;
+                case 7:
+                    byte[] ip = Asn1OctetString.GetInstance(name.Name).GetOctets();
+
+                    checkExcludedIP(excludedSubtreesIP, ip);
+                    break;
+            }
+        }
+
+        /**
+         * Updates the permitted ISet of these name constraints with the intersection
+         * with the given subtree.
+         *
+         * @param permitted The permitted subtrees
+         */
+
+        public void IntersectPermittedSubtree(Asn1Sequence permitted)
+        {
+            IDictionary subtreesMap = Platform.CreateHashtable();
+
+            // group in ISets in a map ordered by tag no.
+            for (IEnumerator e = permitted.GetEnumerator(); e.MoveNext(); )
+            {
+                GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current);
+
+                int tagNo = subtree.Base.TagNo;
+                if (subtreesMap[tagNo] == null)
+                {
+                    subtreesMap[tagNo] = new HashSet();
+                }
+
+                ((ISet)subtreesMap[tagNo]).Add(subtree);
+            }
+
+            for (IEnumerator it = subtreesMap.GetEnumerator(); it.MoveNext(); )
+            {
+                DictionaryEntry entry = (DictionaryEntry)it.Current;
+
+                // go through all subtree groups
+                switch ((int)entry.Key )
+                {
+                    case 1:
+                        permittedSubtreesEmail = IntersectEmail(permittedSubtreesEmail,
+                            (ISet)entry.Value);
+                        break;
+                    case 2:
+                        permittedSubtreesDNS = intersectDNS(permittedSubtreesDNS,
+                            (ISet)entry.Value);
+                        break;
+                    case 4:
+                        permittedSubtreesDN = IntersectDN(permittedSubtreesDN,
+                            (ISet)entry.Value);
+                        break;
+                    case 6:
+                        permittedSubtreesURI = intersectURI(permittedSubtreesURI,
+                            (ISet)entry.Value);
+                        break;
+                    case 7:
+                        permittedSubtreesIP = IntersectIP(permittedSubtreesIP,
+                            (ISet)entry.Value);
+                        break;
+                }
+            }
+        }
+
+        private String ExtractNameAsString(GeneralName name)
+        {
+            return DerIA5String.GetInstance(name.Name).GetString();
+        }
+
+        public void IntersectEmptyPermittedSubtree(int nameType)
+        {
+            switch (nameType)
+            {
+                case 1:
+                    permittedSubtreesEmail = new HashSet();
+                    break;
+                case 2:
+                    permittedSubtreesDNS = new HashSet();
+                    break;
+                case 4:
+                    permittedSubtreesDN = new HashSet();
+                    break;
+                case 6:
+                    permittedSubtreesURI = new HashSet();
+                    break;
+                case 7:
+                    permittedSubtreesIP = new HashSet();
+                    break;
+            }
+        }
+
+        /**
+         * Adds a subtree to the excluded ISet of these name constraints.
+         *
+         * @param subtree A subtree with an excluded GeneralName.
+         */
+        public void AddExcludedSubtree(GeneralSubtree subtree)
+        {
+            GeneralName subTreeBase = subtree.Base;
+
+            switch (subTreeBase.TagNo)
+            {
+                case 1:
+                    excludedSubtreesEmail = UnionEmail(excludedSubtreesEmail,
+                        ExtractNameAsString(subTreeBase));
+                    break;
+                case 2:
+                    excludedSubtreesDNS = unionDNS(excludedSubtreesDNS,
+                        ExtractNameAsString(subTreeBase));
+                    break;
+                case 4:
+                    excludedSubtreesDN = UnionDN(excludedSubtreesDN,
+                        (Asn1Sequence)subTreeBase.Name.ToAsn1Object());
+                    break;
+                case 6:
+                    excludedSubtreesURI = unionURI(excludedSubtreesURI,
+                        ExtractNameAsString(subTreeBase));
+                    break;
+                case 7:
+                    excludedSubtreesIP = UnionIP(excludedSubtreesIP, Asn1OctetString
+                        .GetInstance(subTreeBase.Name).GetOctets());
+                    break;
+            }
+        }
+
+        /**
+         * Returns the maximum IP address.
+         *
+         * @param ip1 The first IP address.
+         * @param ip2 The second IP address.
+         * @return The maximum IP address.
+         */
+        private static byte[] Max(byte[] ip1, byte[] ip2)
+        {
+            for (int i = 0; i < ip1.Length; i++)
+            {
+                if ((ip1[i] & 0xFFFF) > (ip2[i] & 0xFFFF))
+                {
+                    return ip1;
+                }
+            }
+            return ip2;
+        }
+
+        /**
+         * Returns the minimum IP address.
+         *
+         * @param ip1 The first IP address.
+         * @param ip2 The second IP address.
+         * @return The minimum IP address.
+         */
+        private static byte[] Min(byte[] ip1, byte[] ip2)
+        {
+            for (int i = 0; i < ip1.Length; i++)
+            {
+                if ((ip1[i] & 0xFFFF) < (ip2[i] & 0xFFFF))
+                {
+                    return ip1;
+                }
+            }
+            return ip2;
+        }
+
+        /**
+         * Compares IP address <code>ip1</code> with <code>ip2</code>. If ip1
+         * is equal to ip2 0 is returned. If ip1 is bigger 1 is returned, -1
+         * otherwise.
+         *
+         * @param ip1 The first IP address.
+         * @param ip2 The second IP address.
+         * @return 0 if ip1 is equal to ip2, 1 if ip1 is bigger, -1 otherwise.
+         */
+        private static int CompareTo(byte[] ip1, byte[] ip2)
+        {
+            if (Org.BouncyCastle.Utilities.Arrays.AreEqual(ip1, ip2))
+            {
+                return 0;
+            }
+            if (Org.BouncyCastle.Utilities.Arrays.AreEqual(Max(ip1, ip2), ip1))
+            {
+                return 1;
+            }
+            return -1;
+        }
+
+        /**
+         * Returns the logical OR of the IP addresses <code>ip1</code> and
+         * <code>ip2</code>.
+         *
+         * @param ip1 The first IP address.
+         * @param ip2 The second IP address.
+         * @return The OR of <code>ip1</code> and <code>ip2</code>.
+         */
+        private static byte[] Or(byte[] ip1, byte[] ip2)
+        {
+            byte[] temp = new byte[ip1.Length];
+            for (int i = 0; i < ip1.Length; i++)
+            {
+                temp[i] = (byte)(ip1[i] | ip2[i]);
+            }
+            return temp;
+        }
+
+		[Obsolete("Use GetHashCode instead")]
+		public int HashCode()
+		{
+			return GetHashCode();
+		}
+
+		public override int GetHashCode()
+        {
+            return HashCollection(excludedSubtreesDN)
+                + HashCollection(excludedSubtreesDNS)
+                + HashCollection(excludedSubtreesEmail)
+                + HashCollection(excludedSubtreesIP)
+                + HashCollection(excludedSubtreesURI)
+                + HashCollection(permittedSubtreesDN)
+                + HashCollection(permittedSubtreesDNS)
+                + HashCollection(permittedSubtreesEmail)
+                + HashCollection(permittedSubtreesIP)
+                + HashCollection(permittedSubtreesURI);
+        }
+
+        private int HashCollection(ICollection coll)
+        {
+            if (coll == null)
+            {
+                return 0;
+            }
+            int hash = 0;
+            IEnumerator it1 = coll.GetEnumerator();
+            while (it1.MoveNext())
+            {
+                Object o = it1.Current;
+                if (o is byte[])
+                {
+                    hash += Org.BouncyCastle.Utilities.Arrays.GetHashCode((byte[])o);
+                }
+                else
+                {
+                    hash += o.GetHashCode();
+                }
+            }
+            return hash;
+        }
+
+		public override bool Equals(Object o)
+		{
+			if (!(o is PkixNameConstraintValidator))
+				return false;
+
+			PkixNameConstraintValidator constraintValidator = (PkixNameConstraintValidator)o;
+
+			return CollectionsAreEqual(constraintValidator.excludedSubtreesDN, excludedSubtreesDN)
+				&& CollectionsAreEqual(constraintValidator.excludedSubtreesDNS, excludedSubtreesDNS)
+				&& CollectionsAreEqual(constraintValidator.excludedSubtreesEmail, excludedSubtreesEmail)
+				&& CollectionsAreEqual(constraintValidator.excludedSubtreesIP, excludedSubtreesIP)
+				&& CollectionsAreEqual(constraintValidator.excludedSubtreesURI, excludedSubtreesURI)
+				&& CollectionsAreEqual(constraintValidator.permittedSubtreesDN, permittedSubtreesDN)
+				&& CollectionsAreEqual(constraintValidator.permittedSubtreesDNS, permittedSubtreesDNS)
+				&& CollectionsAreEqual(constraintValidator.permittedSubtreesEmail, permittedSubtreesEmail)
+				&& CollectionsAreEqual(constraintValidator.permittedSubtreesIP, permittedSubtreesIP)
+				&& CollectionsAreEqual(constraintValidator.permittedSubtreesURI, permittedSubtreesURI);
+		}
+
+        private bool CollectionsAreEqual(ICollection coll1, ICollection coll2)
+        {
+            if (coll1 == coll2)
+            {
+                return true;
+            }
+            if (coll1 == null || coll2 == null)
+            {
+                return false;
+            }
+            if (coll1.Count != coll2.Count)
+            {
+                return false;
+            }
+            IEnumerator it1 = coll1.GetEnumerator();
+
+            while (it1.MoveNext())
+            {
+                Object a = it1.Current;
+                IEnumerator it2 = coll2.GetEnumerator();
+                bool found = false;
+                while (it2.MoveNext())
+                {
+                    Object b = it2.Current;
+                    if (SpecialEquals(a, b))
+                    {
+                        found = true;
+                        break;
+                    }
+                }
+                if (!found)
+                {
+                    return false;
+                }
+            }
+            return true;
+        }
+
+        private bool SpecialEquals(Object o1, Object o2)
+        {
+            if (o1 == o2)
+            {
+                return true;
+            }
+            if (o1 == null || o2 == null)
+            {
+                return false;
+            }
+            if ((o1 is byte[]) && (o2 is byte[]))
+            {
+                return Org.BouncyCastle.Utilities.Arrays.AreEqual((byte[])o1, (byte[])o2);
+            }
+            else
+            {
+                return o1.Equals(o2);
+            }
+        }
+
+        /**
+         * Stringifies an IPv4 or v6 address with subnet mask.
+         *
+         * @param ip The IP with subnet mask.
+         * @return The stringified IP address.
+         */
+        private String StringifyIP(byte[] ip)
+        {
+            String temp = "";
+            for (int i = 0; i < ip.Length / 2; i++)
+            {
+                //temp += Integer.toString(ip[i] & 0x00FF) + ".";
+                temp += (ip[i] & 0x00FF) + ".";
+            }
+            temp = temp.Substring(0, temp.Length - 1);
+            temp += "/";
+            for (int i = ip.Length / 2; i < ip.Length; i++)
+            {
+                //temp += Integer.toString(ip[i] & 0x00FF) + ".";
+                temp += (ip[i] & 0x00FF) + ".";
+            }
+            temp = temp.Substring(0, temp.Length - 1);
+            return temp;
+        }
+
+        private String StringifyIPCollection(ISet ips)
+        {
+            String temp = "";
+            temp += "[";
+            for (IEnumerator it = ips.GetEnumerator(); it.MoveNext(); )
+            {
+                temp += StringifyIP((byte[])it.Current) + ",";
+            }
+            if (temp.Length > 1)
+            {
+                temp = temp.Substring(0, temp.Length - 1);
+            }
+            temp += "]";
+
+            return temp;
+        }
+
+        public override String ToString()
+        {
+            String temp = "";
+
+            temp += "permitted:\n";
+            if (permittedSubtreesDN != null)
+            {
+                temp += "DN:\n";
+                temp += permittedSubtreesDN.ToString() + "\n";
+            }
+            if (permittedSubtreesDNS != null)
+            {
+                temp += "DNS:\n";
+                temp += permittedSubtreesDNS.ToString() + "\n";
+            }
+            if (permittedSubtreesEmail != null)
+            {
+                temp += "Email:\n";
+                temp += permittedSubtreesEmail.ToString() + "\n";
+            }
+            if (permittedSubtreesURI != null)
+            {
+                temp += "URI:\n";
+                temp += permittedSubtreesURI.ToString() + "\n";
+            }
+            if (permittedSubtreesIP != null)
+            {
+                temp += "IP:\n";
+                temp += StringifyIPCollection(permittedSubtreesIP) + "\n";
+            }
+            temp += "excluded:\n";
+            if (!(excludedSubtreesDN.IsEmpty))
+            {
+                temp += "DN:\n";
+                temp += excludedSubtreesDN.ToString() + "\n";
+            }
+            if (!excludedSubtreesDNS.IsEmpty)
+            {
+                temp += "DNS:\n";
+                temp += excludedSubtreesDNS.ToString() + "\n";
+            }
+            if (!excludedSubtreesEmail.IsEmpty)
+            {
+                temp += "Email:\n";
+                temp += excludedSubtreesEmail.ToString() + "\n";
+            }
+            if (!excludedSubtreesURI.IsEmpty)
+            {
+                temp += "URI:\n";
+                temp += excludedSubtreesURI.ToString() + "\n";
+            }
+            if (!excludedSubtreesIP.IsEmpty)
+            {
+                temp += "IP:\n";
+                temp += StringifyIPCollection(excludedSubtreesIP) + "\n";
+            }
+            return temp;
+        }
+
+    }
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixNameConstraintValidatorException.cs b/bc-sharp-crypto/src/pkix/PkixNameConstraintValidatorException.cs
new file mode 100644
index 0000000..b187525
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixNameConstraintValidatorException.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Pkix
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PkixNameConstraintValidatorException
+        : Exception
+    {
+        public PkixNameConstraintValidatorException(String msg)
+            : base(msg)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixParameters.cs b/bc-sharp-crypto/src/pkix/PkixParameters.cs
new file mode 100644
index 0000000..01ed9d4
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixParameters.cs
@@ -0,0 +1,893 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixParameters.
+	/// </summary>
+	public class PkixParameters
+//		: ICertPathParameters
+	{
+		/**
+		* This is the default PKIX validity model. Actually there are two variants
+		* of this: The PKIX model and the modified PKIX model. The PKIX model
+		* verifies that all involved certificates must have been valid at the
+		* current time. The modified PKIX model verifies that all involved
+		* certificates were valid at the signing time. Both are indirectly choosen
+		* with the {@link PKIXParameters#setDate(java.util.Date)} method, so this
+		* methods sets the Date when <em>all</em> certificates must have been
+		* valid.
+		*/
+		public const int PkixValidityModel = 0;
+
+		/**
+		* This model uses the following validity model. Each certificate must have
+		* been valid at the moment where is was used. That means the end
+		* certificate must have been valid at the time the signature was done. The
+		* CA certificate which signed the end certificate must have been valid,
+		* when the end certificate was signed. The CA (or Root CA) certificate must
+		* have been valid, when the CA certificate was signed and so on. So the
+		* {@link PKIXParameters#setDate(java.util.Date)} method sets the time, when
+		* the <em>end certificate</em> must have been valid. <p/> It is used e.g.
+		* in the German signature law.
+		*/
+		public const int ChainValidityModel = 1;
+
+		private ISet trustAnchors;
+		private DateTimeObject date;
+		private IList certPathCheckers;
+		private bool revocationEnabled = true;
+		private ISet initialPolicies;
+		//private bool checkOnlyEECertificateCrl = false;
+		private bool explicitPolicyRequired = false;
+		private bool anyPolicyInhibited = false;
+		private bool policyMappingInhibited = false;
+		private bool policyQualifiersRejected = true;
+		private IX509Selector certSelector;
+		private IList stores;
+		private IX509Selector selector;
+		private bool additionalLocationsEnabled;
+		private IList additionalStores;
+		private ISet trustedACIssuers;
+		private ISet necessaryACAttributes;
+		private ISet prohibitedACAttributes;
+		private ISet attrCertCheckers;
+		private int validityModel = PkixValidityModel;
+		private bool useDeltas = false;
+
+		/**
+		 * Creates an instance of PKIXParameters with the specified Set of
+		 * most-trusted CAs. Each element of the set is a TrustAnchor.<br />
+		 * <br />
+		 * Note that the Set is copied to protect against subsequent modifications.
+		 *
+		 * @param trustAnchors
+		 *            a Set of TrustAnchors
+		 *
+		 * @exception InvalidAlgorithmParameterException
+		 *                if the specified Set is empty
+		 *                <code>(trustAnchors.isEmpty() == true)</code>
+		 * @exception NullPointerException
+		 *                if the specified Set is <code>null</code>
+		 * @exception ClassCastException
+		 *                if any of the elements in the Set are not of type
+		 *                <code>java.security.cert.TrustAnchor</code>
+		 */
+		public PkixParameters(
+			ISet trustAnchors)
+		{
+			SetTrustAnchors(trustAnchors);
+
+			this.initialPolicies = new HashSet();
+			this.certPathCheckers = Platform.CreateArrayList();
+            this.stores = Platform.CreateArrayList();
+			this.additionalStores = Platform.CreateArrayList();
+			this.trustedACIssuers = new HashSet();
+			this.necessaryACAttributes = new HashSet();
+			this.prohibitedACAttributes = new HashSet();
+			this.attrCertCheckers = new HashSet();
+		}
+
+//		// TODO implement for other keystores (see Java build)?
+//		/**
+//		 * Creates an instance of <code>PKIXParameters</code> that
+//		 * populates the set of most-trusted CAs from the trusted
+//		 * certificate entries contained in the specified <code>KeyStore</code>.
+//		 * Only keystore entries that contain trusted <code>X509Certificates</code>
+//		 * are considered; all other certificate types are ignored.
+//		 *
+//		 * @param keystore a <code>KeyStore</code> from which the set of
+//		 * most-trusted CAs will be populated
+//		 * @throws KeyStoreException if the keystore has not been initialized
+//		 * @throws InvalidAlgorithmParameterException if the keystore does
+//		 * not contain at least one trusted certificate entry
+//		 * @throws NullPointerException if the keystore is <code>null</code>
+//		 */
+//		public PkixParameters(
+//			Pkcs12Store keystore)
+////			throws KeyStoreException, InvalidAlgorithmParameterException
+//		{
+//			if (keystore == null)
+//				throw new ArgumentNullException("keystore");
+//			ISet trustAnchors = new HashSet();
+//			foreach (string alias in keystore.Aliases)
+//			{
+//				if (keystore.IsCertificateEntry(alias))
+//				{
+//					X509CertificateEntry x509Entry = keystore.GetCertificate(alias);
+//					trustAnchors.Add(new TrustAnchor(x509Entry.Certificate, null));
+//				}
+//			}
+//			SetTrustAnchors(trustAnchors);
+//
+//			this.initialPolicies = new HashSet();
+//			this.certPathCheckers = new ArrayList();
+//			this.stores = new ArrayList();
+//			this.additionalStores = new ArrayList();
+//			this.trustedACIssuers = new HashSet();
+//			this.necessaryACAttributes = new HashSet();
+//			this.prohibitedACAttributes = new HashSet();
+//			this.attrCertCheckers = new HashSet();
+//		}
+
+		public virtual bool IsRevocationEnabled
+		{
+			get { return revocationEnabled; }
+			set { revocationEnabled = value; }
+		}
+
+		public virtual bool IsExplicitPolicyRequired
+		{
+			get { return explicitPolicyRequired; }
+			set { this.explicitPolicyRequired = value; }
+		}
+
+		public virtual bool IsAnyPolicyInhibited
+		{
+			get { return anyPolicyInhibited; }
+			set { this.anyPolicyInhibited = value; }
+		}
+
+		public virtual bool IsPolicyMappingInhibited
+		{
+			get { return policyMappingInhibited; }
+			set { this.policyMappingInhibited = value; }
+		}
+
+		public virtual bool IsPolicyQualifiersRejected
+		{
+			get { return policyQualifiersRejected; }
+			set { this.policyQualifiersRejected = value; }
+		}
+
+		//public bool IsCheckOnlyEECertificateCrl
+		//{
+		//	get { return this.checkOnlyEECertificateCrl; }
+		//	set { this.checkOnlyEECertificateCrl = value; }
+		//}
+
+		public virtual DateTimeObject Date
+		{
+			get { return this.date; }
+			set { this.date = value; }
+		}
+
+		// Returns a Set of the most-trusted CAs.
+		public virtual ISet GetTrustAnchors()
+		{
+			return new HashSet(this.trustAnchors);
+		}
+
+		// Sets the set of most-trusted CAs.
+		// Set is copied to protect against subsequent modifications.
+		public virtual void SetTrustAnchors(
+			ISet tas)
+		{
+			if (tas == null)
+				throw new ArgumentNullException("value");
+			if (tas.IsEmpty)
+				throw new ArgumentException("non-empty set required", "value");
+
+			// Explicit copy to enforce type-safety
+			this.trustAnchors = new HashSet();
+			foreach (TrustAnchor ta in tas)
+			{
+				if (ta != null)
+				{
+					trustAnchors.Add(ta);
+				}
+			}
+		}
+
+		/**
+		* Returns the required constraints on the target certificate. The
+		* constraints are returned as an instance of CertSelector. If
+		* <code>null</code>, no constraints are defined.<br />
+		* <br />
+		* Note that the CertSelector returned is cloned to protect against
+		* subsequent modifications.
+		*
+		* @return a CertSelector specifying the constraints on the target
+		*         certificate (or <code>null</code>)
+		*
+		* @see #setTargetCertConstraints(CertSelector)
+		*/
+		public virtual X509CertStoreSelector GetTargetCertConstraints()
+		{
+			if (certSelector == null)
+			{
+				return null;
+			}
+
+			return (X509CertStoreSelector)certSelector.Clone();
+		}
+
+		/**
+		 * Sets the required constraints on the target certificate. The constraints
+		 * are specified as an instance of CertSelector. If null, no constraints are
+		 * defined.<br />
+		 * <br />
+		 * Note that the CertSelector specified is cloned to protect against
+		 * subsequent modifications.
+		 *
+		 * @param selector
+		 *            a CertSelector specifying the constraints on the target
+		 *            certificate (or <code>null</code>)
+		 *
+		 * @see #getTargetCertConstraints()
+		 */
+		public virtual void SetTargetCertConstraints(
+			IX509Selector selector)
+		{
+			if (selector == null)
+			{
+				certSelector = null;
+			}
+			else
+			{
+				certSelector = (IX509Selector)selector.Clone();
+			}
+		}
+
+		/**
+		* Returns an immutable Set of initial policy identifiers (OID strings),
+		* indicating that any one of these policies would be acceptable to the
+		* certificate user for the purposes of certification path processing. The
+		* default return value is an empty <code>Set</code>, which is
+		* interpreted as meaning that any policy would be acceptable.
+		*
+		* @return an immutable <code>Set</code> of initial policy OIDs in String
+		*         format, or an empty <code>Set</code> (implying any policy is
+		*         acceptable). Never returns <code>null</code>.
+		*
+		* @see #setInitialPolicies(java.util.Set)
+		*/
+		public virtual ISet GetInitialPolicies()
+		{
+			ISet returnSet = initialPolicies;
+
+			// TODO Can it really be null?
+			if (initialPolicies == null)
+			{
+				returnSet = new HashSet();
+			}
+
+			return new HashSet(returnSet);
+		}
+
+		/**
+		* Sets the <code>Set</code> of initial policy identifiers (OID strings),
+		* indicating that any one of these policies would be acceptable to the
+		* certificate user for the purposes of certification path processing. By
+		* default, any policy is acceptable (i.e. all policies), so a user that
+		* wants to allow any policy as acceptable does not need to call this
+		* method, or can call it with an empty <code>Set</code> (or
+		* <code>null</code>).<br />
+		* <br />
+		* Note that the Set is copied to protect against subsequent modifications.<br />
+		* <br />
+		*
+		* @param initialPolicies
+		*            a Set of initial policy OIDs in String format (or
+		*            <code>null</code>)
+		*
+		* @exception ClassCastException
+		*                if any of the elements in the set are not of type String
+		*
+		* @see #getInitialPolicies()
+		*/
+		public virtual void SetInitialPolicies(
+			ISet initialPolicies)
+		{
+			this.initialPolicies = new HashSet();
+			if (initialPolicies != null)
+			{
+				foreach (string obj in initialPolicies)
+				{
+					if (obj != null)
+					{
+						this.initialPolicies.Add(obj);
+					}
+				}
+			}
+		}
+
+		/**
+		* Sets a <code>List</code> of additional certification path checkers. If
+		* the specified List contains an object that is not a PKIXCertPathChecker,
+		* it is ignored.<br />
+		* <br />
+		* Each <code>PKIXCertPathChecker</code> specified implements additional
+		* checks on a certificate. Typically, these are checks to process and
+		* verify private extensions contained in certificates. Each
+		* <code>PKIXCertPathChecker</code> should be instantiated with any
+		* initialization parameters needed to execute the check.<br />
+		* <br />
+		* This method allows sophisticated applications to extend a PKIX
+		* <code>CertPathValidator</code> or <code>CertPathBuilder</code>. Each
+		* of the specified PKIXCertPathCheckers will be called, in turn, by a PKIX
+		* <code>CertPathValidator</code> or <code>CertPathBuilder</code> for
+		* each certificate processed or validated.<br />
+		* <br />
+		* Regardless of whether these additional PKIXCertPathCheckers are set, a
+		* PKIX <code>CertPathValidator</code> or <code>CertPathBuilder</code>
+		* must perform all of the required PKIX checks on each certificate. The one
+		* exception to this rule is if the RevocationEnabled flag is set to false
+		* (see the {@link #setRevocationEnabled(boolean) setRevocationEnabled}
+		* method).<br />
+		* <br />
+		* Note that the List supplied here is copied and each PKIXCertPathChecker
+		* in the list is cloned to protect against subsequent modifications.
+		*
+		* @param checkers
+		*            a List of PKIXCertPathCheckers. May be null, in which case no
+		*            additional checkers will be used.
+		* @exception ClassCastException
+		*                if any of the elements in the list are not of type
+		*                <code>java.security.cert.PKIXCertPathChecker</code>
+		* @see #getCertPathCheckers()
+		*/
+		public virtual void SetCertPathCheckers(IList checkers)
+		{
+            certPathCheckers = Platform.CreateArrayList();
+			if (checkers != null)
+			{
+				foreach (PkixCertPathChecker obj in checkers)
+				{
+					certPathCheckers.Add(obj.Clone());
+				}
+			}
+		}
+
+		/**
+		 * Returns the List of certification path checkers. Each PKIXCertPathChecker
+		 * in the returned IList is cloned to protect against subsequent modifications.
+		 *
+		 * @return an immutable List of PKIXCertPathCheckers (may be empty, but not
+		 *         <code>null</code>)
+		 *
+		 * @see #setCertPathCheckers(java.util.List)
+		 */
+		public virtual IList GetCertPathCheckers()
+		{
+			IList checkers = Platform.CreateArrayList();
+			foreach (PkixCertPathChecker obj in certPathCheckers)
+			{
+				checkers.Add(obj.Clone());
+			}
+			return checkers;
+		}
+
+		/**
+		 * Adds a <code>PKIXCertPathChecker</code> to the list of certification
+		 * path checkers. See the {@link #setCertPathCheckers setCertPathCheckers}
+		 * method for more details.
+		 * <p>
+		 * Note that the <code>PKIXCertPathChecker</code> is cloned to protect
+		 * against subsequent modifications.</p>
+		 *
+		 * @param checker a <code>PKIXCertPathChecker</code> to add to the list of
+		 * checks. If <code>null</code>, the checker is ignored (not added to list).
+		 */
+		public virtual void AddCertPathChecker(
+			PkixCertPathChecker checker)
+		{
+			if (checker != null)
+			{
+				certPathCheckers.Add(checker.Clone());
+			}
+		}
+
+		public virtual object Clone()
+		{
+			// FIXME Check this whole method against the Java implementation!
+
+			PkixParameters parameters = new PkixParameters(GetTrustAnchors());
+			parameters.SetParams(this);
+			return parameters;
+
+
+//			PkixParameters obj = new PkixParameters(new HashSet());
+////			(PkixParameters) this.MemberwiseClone();
+//			obj.x509Stores = new ArrayList(x509Stores);
+//			obj.certPathCheckers = new ArrayList(certPathCheckers);
+//
+//			//Iterator iter = certPathCheckers.iterator();
+//			//obj.certPathCheckers = new ArrayList();
+//			//while (iter.hasNext())
+//			//{
+//			//	obj.certPathCheckers.add(((PKIXCertPathChecker)iter.next())
+//			//		.clone());
+//			//}
+//			//if (initialPolicies != null)
+//			//{
+//			//	obj.initialPolicies = new HashSet(initialPolicies);
+//			//}
+////			if (trustAnchors != null)
+////			{
+////				obj.trustAnchors = new HashSet(trustAnchors);
+////			}
+////			if (certSelector != null)
+////			{
+////				obj.certSelector = (X509CertStoreSelector) certSelector.Clone();
+////			}
+//			return obj;
+		}
+
+		/**
+		* Method to support <code>Clone()</code> under J2ME.
+		* <code>super.Clone()</code> does not exist and fields are not copied.
+		*
+		* @param params Parameters to set. If this are
+		*            <code>ExtendedPkixParameters</code> they are copied to.
+		*/
+		protected virtual void SetParams(
+			PkixParameters parameters)
+		{
+			Date = parameters.Date;
+			SetCertPathCheckers(parameters.GetCertPathCheckers());
+			IsAnyPolicyInhibited = parameters.IsAnyPolicyInhibited;
+			IsExplicitPolicyRequired = parameters.IsExplicitPolicyRequired;
+			IsPolicyMappingInhibited = parameters.IsPolicyMappingInhibited;
+			IsRevocationEnabled = parameters.IsRevocationEnabled;
+			SetInitialPolicies(parameters.GetInitialPolicies());
+			IsPolicyQualifiersRejected = parameters.IsPolicyQualifiersRejected;
+			SetTargetCertConstraints(parameters.GetTargetCertConstraints());
+			SetTrustAnchors(parameters.GetTrustAnchors());
+
+			validityModel = parameters.validityModel;
+			useDeltas = parameters.useDeltas;
+			additionalLocationsEnabled = parameters.additionalLocationsEnabled;
+			selector = parameters.selector == null ? null
+				: (IX509Selector) parameters.selector.Clone();
+			stores = Platform.CreateArrayList(parameters.stores);
+            additionalStores = Platform.CreateArrayList(parameters.additionalStores);
+			trustedACIssuers = new HashSet(parameters.trustedACIssuers);
+			prohibitedACAttributes = new HashSet(parameters.prohibitedACAttributes);
+			necessaryACAttributes = new HashSet(parameters.necessaryACAttributes);
+			attrCertCheckers = new HashSet(parameters.attrCertCheckers);
+		}
+
+		/**
+		 * Whether delta CRLs should be used for checking the revocation status.
+		 * Defaults to <code>false</code>.
+		 */
+		public virtual bool IsUseDeltasEnabled
+		{
+			get { return useDeltas; }
+			set { useDeltas = value; }
+		}
+
+		/**
+		* The validity model.
+		* @see #CHAIN_VALIDITY_MODEL
+		* @see #PKIX_VALIDITY_MODEL
+		*/
+		public virtual int ValidityModel
+		{
+			get { return validityModel; }
+			set { validityModel = value; }
+		}
+
+		/**
+		* Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute
+		* certificates or cross certificates.
+		* <p>
+		* The <code>IList</code> is cloned.
+		* </p>
+		*
+		* @param stores A list of stores to use.
+		* @see #getStores
+		* @throws ClassCastException if an element of <code>stores</code> is not
+		*             a {@link Store}.
+		*/
+		public virtual void SetStores(
+			IList stores)
+		{
+			if (stores == null)
+			{
+                this.stores = Platform.CreateArrayList();
+			}
+			else
+			{
+				foreach (object obj in stores)
+				{
+					if (!(obj is IX509Store))
+					{
+						throw new InvalidCastException(
+							"All elements of list must be of type " + typeof(IX509Store).FullName);
+					}
+				}
+                this.stores = Platform.CreateArrayList(stores);
+			}
+		}
+
+		/**
+		* Adds a Bouncy Castle {@link Store} to find CRLs, certificates, attribute
+		* certificates or cross certificates.
+		* <p>
+		* This method should be used to add local stores, like collection based
+		* X.509 stores, if available. Local stores should be considered first,
+		* before trying to use additional (remote) locations, because they do not
+		* need possible additional network traffic.
+		* </p><p>
+		* If <code>store</code> is <code>null</code> it is ignored.
+		* </p>
+		*
+		* @param store The store to add.
+		* @see #getStores
+		*/
+		public virtual void AddStore(
+			IX509Store store)
+		{
+			if (store != null)
+			{
+				stores.Add(store);
+			}
+		}
+
+		/**
+		* Adds an additional Bouncy Castle {@link Store} to find CRLs, certificates,
+		* attribute certificates or cross certificates.
+		* <p>
+		* You should not use this method. This method is used for adding additional
+		* X.509 stores, which are used to add (remote) locations, e.g. LDAP, found
+		* during X.509 object processing, e.g. in certificates or CRLs. This method
+		* is used in PKIX certification path processing.
+		* </p><p>
+		* If <code>store</code> is <code>null</code> it is ignored.
+		* </p>
+		*
+		* @param store The store to add.
+		* @see #getStores()
+		*/
+		public virtual void AddAdditionalStore(
+			IX509Store store)
+		{
+			if (store != null)
+			{
+				additionalStores.Add(store);
+			}
+		}
+
+		/**
+		* Returns an <code>IList</code> of additional Bouncy Castle
+		* <code>Store</code>s used for finding CRLs, certificates, attribute
+		* certificates or cross certificates.
+		*
+		* @return an immutable <code>IList</code> of additional Bouncy Castle
+		*         <code>Store</code>s. Never <code>null</code>.
+		*
+		* @see #addAddionalStore(Store)
+		*/
+		public virtual IList GetAdditionalStores()
+		{
+            return Platform.CreateArrayList(additionalStores);
+		}
+
+		/**
+		* Returns an <code>IList</code> of Bouncy Castle
+		* <code>Store</code>s used for finding CRLs, certificates, attribute
+		* certificates or cross certificates.
+		*
+		* @return an immutable <code>IList</code> of Bouncy Castle
+		*         <code>Store</code>s. Never <code>null</code>.
+		*
+		* @see #setStores(IList)
+		*/
+		public virtual IList GetStores()
+		{
+            return Platform.CreateArrayList(stores);
+		}
+
+		/**
+		* Returns if additional {@link X509Store}s for locations like LDAP found
+		* in certificates or CRLs should be used.
+		*
+		* @return Returns <code>true</code> if additional stores are used.
+		*/
+		public virtual bool IsAdditionalLocationsEnabled
+		{
+			get { return additionalLocationsEnabled; }
+		}
+
+		/**
+		* Sets if additional {@link X509Store}s for locations like LDAP found in
+		* certificates or CRLs should be used.
+		*
+		* @param enabled <code>true</code> if additional stores are used.
+		*/
+		public virtual void SetAdditionalLocationsEnabled(
+			bool enabled)
+		{
+			additionalLocationsEnabled = enabled;
+		}
+
+		/**
+		* Returns the required constraints on the target certificate or attribute
+		* certificate. The constraints are returned as an instance of
+		* <code>IX509Selector</code>. If <code>null</code>, no constraints are
+		* defined.
+		*
+		* <p>
+		* The target certificate in a PKIX path may be a certificate or an
+		* attribute certificate.
+		* </p><p>
+		* Note that the <code>IX509Selector</code> returned is cloned to protect
+		* against subsequent modifications.
+		* </p>
+		* @return a <code>IX509Selector</code> specifying the constraints on the
+		*         target certificate or attribute certificate (or <code>null</code>)
+		* @see #setTargetConstraints
+		* @see X509CertStoreSelector
+		* @see X509AttributeCertStoreSelector
+		*/
+		public virtual IX509Selector GetTargetConstraints()
+		{
+			if (selector != null)
+			{
+				return (IX509Selector) selector.Clone();
+			}
+			else
+			{
+				return null;
+			}
+		}
+
+		/**
+		* Sets the required constraints on the target certificate or attribute
+		* certificate. The constraints are specified as an instance of
+		* <code>IX509Selector</code>. If <code>null</code>, no constraints are
+		* defined.
+		* <p>
+		* The target certificate in a PKIX path may be a certificate or an
+		* attribute certificate.
+		* </p><p>
+		* Note that the <code>IX509Selector</code> specified is cloned to protect
+		* against subsequent modifications.
+		* </p>
+		*
+		* @param selector a <code>IX509Selector</code> specifying the constraints on
+		*            the target certificate or attribute certificate (or
+		*            <code>null</code>)
+		* @see #getTargetConstraints
+		* @see X509CertStoreSelector
+		* @see X509AttributeCertStoreSelector
+		*/
+		public virtual void SetTargetConstraints(IX509Selector selector)
+		{
+			if (selector != null)
+			{
+				this.selector = (IX509Selector) selector.Clone();
+			}
+			else
+			{
+				this.selector = null;
+			}
+		}
+
+		/**
+		* Returns the trusted attribute certificate issuers. If attribute
+		* certificates is verified the trusted AC issuers must be set.
+		* <p>
+		* The returned <code>ISet</code> consists of <code>TrustAnchor</code>s.
+		* </p><p>
+		* The returned <code>ISet</code> is immutable. Never <code>null</code>
+		* </p>
+		*
+		* @return Returns an immutable set of the trusted AC issuers.
+		*/
+		public virtual ISet GetTrustedACIssuers()
+		{
+			return new HashSet(trustedACIssuers);
+		}
+
+		/**
+		* Sets the trusted attribute certificate issuers. If attribute certificates
+		* is verified the trusted AC issuers must be set.
+		* <p>
+		* The <code>trustedACIssuers</code> must be a <code>ISet</code> of
+		* <code>TrustAnchor</code>
+		* </p><p>
+		* The given set is cloned.
+		* </p>
+		*
+		* @param trustedACIssuers The trusted AC issuers to set. Is never
+		*            <code>null</code>.
+		* @throws ClassCastException if an element of <code>stores</code> is not
+		*             a <code>TrustAnchor</code>.
+		*/
+		public virtual void SetTrustedACIssuers(
+			ISet trustedACIssuers)
+		{
+			if (trustedACIssuers == null)
+			{
+				this.trustedACIssuers = new HashSet();
+			}
+			else
+			{
+				foreach (object obj in trustedACIssuers)
+				{
+					if (!(obj is TrustAnchor))
+					{
+						throw new InvalidCastException("All elements of set must be "
+							+ "of type " + typeof(TrustAnchor).FullName + ".");
+					}
+				}
+				this.trustedACIssuers = new HashSet(trustedACIssuers);
+			}
+		}
+
+		/**
+		* Returns the necessary attributes which must be contained in an attribute
+		* certificate.
+		* <p>
+		* The returned <code>ISet</code> is immutable and contains
+		* <code>String</code>s with the OIDs.
+		* </p>
+		*
+		* @return Returns the necessary AC attributes.
+		*/
+		public virtual ISet GetNecessaryACAttributes()
+		{
+			return new HashSet(necessaryACAttributes);
+		}
+
+		/**
+		* Sets the necessary which must be contained in an attribute certificate.
+		* <p>
+		* The <code>ISet</code> must contain <code>String</code>s with the
+		* OIDs.
+		* </p><p>
+		* The set is cloned.
+		* </p>
+		*
+		* @param necessaryACAttributes The necessary AC attributes to set.
+		* @throws ClassCastException if an element of
+		*             <code>necessaryACAttributes</code> is not a
+		*             <code>String</code>.
+		*/
+		public virtual void SetNecessaryACAttributes(
+			ISet necessaryACAttributes)
+		{
+			if (necessaryACAttributes == null)
+			{
+				this.necessaryACAttributes = new HashSet();
+			}
+			else
+			{
+				foreach (object obj in necessaryACAttributes)
+				{
+					if (!(obj is string))
+					{
+						throw new InvalidCastException("All elements of set must be "
+							+ "of type string.");
+					}
+				}
+				this.necessaryACAttributes = new HashSet(necessaryACAttributes);
+			}
+		}
+
+		/**
+		* Returns the attribute certificates which are not allowed.
+		* <p>
+		* The returned <code>ISet</code> is immutable and contains
+		* <code>String</code>s with the OIDs.
+		* </p>
+		*
+		* @return Returns the prohibited AC attributes. Is never <code>null</code>.
+		*/
+		public virtual ISet GetProhibitedACAttributes()
+		{
+			return new HashSet(prohibitedACAttributes);
+		}
+
+		/**
+		* Sets the attribute certificates which are not allowed.
+		* <p>
+		* The <code>ISet</code> must contain <code>String</code>s with the
+		* OIDs.
+		* </p><p>
+		* The set is cloned.
+		* </p>
+		*
+		* @param prohibitedACAttributes The prohibited AC attributes to set.
+		* @throws ClassCastException if an element of
+		*             <code>prohibitedACAttributes</code> is not a
+		*             <code>String</code>.
+		*/
+		public virtual void SetProhibitedACAttributes(
+			ISet prohibitedACAttributes)
+		{
+			if (prohibitedACAttributes == null)
+			{
+				this.prohibitedACAttributes = new HashSet();
+			}
+			else
+			{
+				foreach (object obj in prohibitedACAttributes)
+				{
+					if (!(obj is String))
+					{
+						throw new InvalidCastException("All elements of set must be "
+							+ "of type string.");
+					}
+				}
+				this.prohibitedACAttributes = new HashSet(prohibitedACAttributes);
+			}
+		}
+
+		/**
+		* Returns the attribute certificate checker. The returned set contains
+		* {@link PKIXAttrCertChecker}s and is immutable.
+		*
+		* @return Returns the attribute certificate checker. Is never
+		*         <code>null</code>.
+		*/
+		public virtual ISet GetAttrCertCheckers()
+		{
+			return new HashSet(attrCertCheckers);
+		}
+
+		/**
+		* Sets the attribute certificate checkers.
+		* <p>
+		* All elements in the <code>ISet</code> must a {@link PKIXAttrCertChecker}.
+		* </p>
+		* <p>
+		* The given set is cloned.
+		* </p>
+		*
+		* @param attrCertCheckers The attribute certificate checkers to set. Is
+		*            never <code>null</code>.
+		* @throws ClassCastException if an element of <code>attrCertCheckers</code>
+		*             is not a <code>PKIXAttrCertChecker</code>.
+		*/
+		public virtual void SetAttrCertCheckers(
+			ISet attrCertCheckers)
+		{
+			if (attrCertCheckers == null)
+			{
+				this.attrCertCheckers = new HashSet();
+			}
+			else
+			{
+				foreach (object obj in attrCertCheckers)
+				{
+					if (!(obj is PkixAttrCertChecker))
+					{
+						throw new InvalidCastException("All elements of set must be "
+							+ "of type " + typeof(PkixAttrCertChecker).FullName + ".");
+					}
+				}
+				this.attrCertCheckers = new HashSet(attrCertCheckers);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/PkixPolicyNode.cs b/bc-sharp-crypto/src/pkix/PkixPolicyNode.cs
new file mode 100644
index 0000000..fc5b82f
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/PkixPolicyNode.cs
@@ -0,0 +1,158 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// Summary description for PkixPolicyNode.
+	/// </summary>
+	public class PkixPolicyNode
+//		: IPolicyNode
+	{
+		protected IList				mChildren;
+		protected int				mDepth;
+		protected ISet				mExpectedPolicies;
+		protected PkixPolicyNode	mParent;
+		protected ISet				mPolicyQualifiers;
+		protected string			mValidPolicy;
+		protected bool				mCritical;
+
+		public virtual int Depth
+		{
+			get { return this.mDepth; }
+		}
+
+		public virtual IEnumerable Children
+		{
+			get { return new EnumerableProxy(mChildren); }
+		}
+
+		public virtual bool IsCritical
+		{
+			get { return this.mCritical; }
+			set { this.mCritical = value; }
+		}
+
+		public virtual ISet PolicyQualifiers
+		{
+			get { return new HashSet(this.mPolicyQualifiers); }
+		}
+
+		public virtual string ValidPolicy
+		{
+			get { return this.mValidPolicy; }
+		}
+
+		public virtual bool HasChildren
+		{
+			get { return mChildren.Count != 0; }
+		}
+
+		public virtual ISet ExpectedPolicies
+		{
+			get { return new HashSet(this.mExpectedPolicies); }
+			set { this.mExpectedPolicies = new HashSet(value); }
+		}
+
+		public virtual PkixPolicyNode Parent
+		{
+			get { return this.mParent; }
+			set { this.mParent = value; }
+		}
+
+		/// Constructors
+		public PkixPolicyNode(
+			IList			children,
+			int				depth,
+			ISet			expectedPolicies,
+			PkixPolicyNode	parent,
+			ISet			policyQualifiers,
+			string			validPolicy,
+			bool			critical)
+		{
+            if (children == null)
+            {
+                this.mChildren = Platform.CreateArrayList();
+            }
+            else
+            {
+                this.mChildren = Platform.CreateArrayList(children);
+            }
+
+            this.mDepth = depth;
+			this.mExpectedPolicies = expectedPolicies;
+			this.mParent = parent;
+			this.mPolicyQualifiers = policyQualifiers;
+			this.mValidPolicy = validPolicy;
+			this.mCritical = critical;
+		}
+
+		public virtual void AddChild(
+			PkixPolicyNode child)
+		{
+			child.Parent = this;
+			mChildren.Add(child);
+		}
+
+		public virtual void RemoveChild(
+			PkixPolicyNode child)
+		{
+			mChildren.Remove(child);
+		}
+
+		public override string ToString()
+		{
+			return ToString("");
+		}
+
+		public virtual string ToString(
+			string indent)
+		{
+			StringBuilder buf = new StringBuilder();
+			buf.Append(indent);
+			buf.Append(mValidPolicy);
+			buf.Append(" {");
+			buf.Append(Platform.NewLine);
+
+			foreach (PkixPolicyNode child in mChildren)
+			{
+				buf.Append(child.ToString(indent + "    "));
+			}
+
+			buf.Append(indent);
+			buf.Append("}");
+			buf.Append(Platform.NewLine);
+			return buf.ToString();
+		}
+
+		public virtual object Clone()
+		{
+			return Copy();
+		}
+
+		public virtual PkixPolicyNode Copy()
+		{
+			PkixPolicyNode node = new PkixPolicyNode(
+                Platform.CreateArrayList(),
+				mDepth,
+				new HashSet(mExpectedPolicies),
+				null,
+				new HashSet(mPolicyQualifiers),
+				mValidPolicy,
+				mCritical);
+
+			foreach (PkixPolicyNode child in mChildren)
+			{
+				PkixPolicyNode copy = child.Copy();
+				copy.Parent = node;
+				node.AddChild(copy);
+			}
+
+			return node;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/ReasonsMask.cs b/bc-sharp-crypto/src/pkix/ReasonsMask.cs
new file mode 100644
index 0000000..e389bfe
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/ReasonsMask.cs
@@ -0,0 +1,96 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// This class helps to handle CRL revocation reasons mask. Each CRL handles a
+	/// certain set of revocation reasons.
+	/// </summary>
+	internal class ReasonsMask
+	{
+		private int _reasons;
+
+		/// <summary>
+		/// Constructs are reason mask with the reasons.
+		/// </summary>
+		/// <param name="reasons">The reasons.</param>
+		internal ReasonsMask(
+			int reasons)
+		{
+			_reasons = reasons;
+		}
+
+		/// <summary>
+		/// A reason mask with no reason.
+		/// </summary>
+		internal ReasonsMask()
+			: this(0)
+		{
+		}
+
+		/// <summary>
+		/// A mask with all revocation reasons.
+		/// </summary>
+		internal static readonly ReasonsMask AllReasons = new ReasonsMask(
+				ReasonFlags.AACompromise | ReasonFlags.AffiliationChanged | ReasonFlags.CACompromise
+			|	ReasonFlags.CertificateHold | ReasonFlags.CessationOfOperation
+			|	ReasonFlags.KeyCompromise | ReasonFlags.PrivilegeWithdrawn | ReasonFlags.Unused
+			|	ReasonFlags.Superseded);
+
+		/**
+		 * Adds all reasons from the reasons mask to this mask.
+		 *
+		 * @param mask The reasons mask to add.
+		 */
+		internal void AddReasons(
+			ReasonsMask mask)
+		{
+			_reasons = _reasons | mask.Reasons.IntValue;
+		}
+
+		/// <summary>
+		/// Returns <code>true</code> if this reasons mask contains all possible
+		/// reasons.
+		/// </summary>
+		/// <returns>true if this reasons mask contains all possible reasons.
+		/// </returns>
+		internal bool IsAllReasons
+		{
+			get { return _reasons == AllReasons._reasons; }
+		}
+
+		/// <summary>
+		/// Intersects this mask with the given reasons mask.
+		/// </summary>
+		/// <param name="mask">mask The mask to intersect with.</param>
+		/// <returns>The intersection of this and teh given mask.</returns>
+		internal ReasonsMask Intersect(
+			ReasonsMask mask)
+		{
+			ReasonsMask _mask = new ReasonsMask();
+			_mask.AddReasons(new ReasonsMask(_reasons & mask.Reasons.IntValue));
+			return _mask;
+		}
+
+		/// <summary>
+		/// Returns <c>true</c> if the passed reasons mask has new reasons.
+		/// </summary>
+		/// <param name="mask">The reasons mask which should be tested for new reasons.</param>
+		/// <returns><c>true</c> if the passed reasons mask has new reasons.</returns>
+		internal bool HasNewReasons(
+			ReasonsMask mask)
+		{
+			return ((_reasons | mask.Reasons.IntValue ^ _reasons) != 0);
+		}
+
+		/// <summary>
+		/// Returns the reasons in this mask.
+		/// </summary>
+		public ReasonFlags Reasons
+		{
+			get { return new ReasonFlags(_reasons); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/Rfc3280CertPathUtilities.cs b/bc-sharp-crypto/src/pkix/Rfc3280CertPathUtilities.cs
new file mode 100644
index 0000000..c6f3fbf
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/Rfc3280CertPathUtilities.cs
@@ -0,0 +1,2448 @@
+using System;
+using System.Collections;
+using System.Globalization;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	public class Rfc3280CertPathUtilities
+	{
+		private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities();
+
+		internal static readonly string ANY_POLICY = "2.5.29.32.0";
+
+		// key usage bits
+		internal static readonly int KEY_CERT_SIGN = 5;
+		internal static readonly int CRL_SIGN = 6;
+
+		/**
+		* If the complete CRL includes an issuing distribution point (IDP) CRL
+		* extension check the following:
+		* <p>
+		* (i) If the distribution point name is present in the IDP CRL extension
+		* and the distribution field is present in the DP, then verify that one of
+		* the names in the IDP matches one of the names in the DP. If the
+		* distribution point name is present in the IDP CRL extension and the
+		* distribution field is omitted from the DP, then verify that one of the
+		* names in the IDP matches one of the names in the cRLIssuer field of the
+		* DP.
+		* </p>
+		* <p>
+		* (ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL
+		* extension, verify that the certificate does not include the basic
+		* constraints extension with the cA boolean asserted.
+		* </p>
+		* <p>
+		* (iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL
+		* extension, verify that the certificate includes the basic constraints
+		* extension with the cA boolean asserted.
+		* </p>
+		* <p>
+		* (iv) Verify that the onlyContainsAttributeCerts boolean is not asserted.
+		* </p>
+		*
+		* @param dp   The distribution point.
+		* @param cert The certificate.
+		* @param crl  The CRL.
+		* @throws AnnotatedException if one of the conditions is not met or an error occurs.
+		*/
+		internal static void ProcessCrlB2(
+			DistributionPoint	dp,
+			object				cert,
+			X509Crl				crl)
+		{
+			IssuingDistributionPoint idp = null;
+			try
+			{
+				idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("0 Issuing distribution point extension could not be decoded.", e);
+			}
+			// (b) (2) (i)
+			// distribution point name is present
+			if (idp != null)
+			{
+				if (idp.DistributionPoint != null)
+				{
+					// make list of names
+					DistributionPointName dpName = IssuingDistributionPoint.GetInstance(idp).DistributionPoint;
+					IList names = Platform.CreateArrayList();
+
+					if (dpName.PointType == DistributionPointName.FullName)
+					{
+						GeneralName[] genNames = GeneralNames.GetInstance(dpName.Name).GetNames();
+						for (int j = 0; j < genNames.Length; j++)
+						{
+							names.Add(genNames[j]);
+						}
+					}
+					if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer)
+					{
+						Asn1EncodableVector vec = new Asn1EncodableVector();
+						try
+						{
+							IEnumerator e = Asn1Sequence.GetInstance(
+								Asn1Sequence.FromByteArray(crl.IssuerDN.GetEncoded())).GetEnumerator();
+							while (e.MoveNext())
+							{
+								vec.Add((Asn1Encodable)e.Current);
+							}
+						}
+						catch (IOException e)
+						{
+							throw new Exception("Could not read CRL issuer.", e);
+						}
+						vec.Add(dpName.Name);
+						names.Add(new GeneralName(X509Name.GetInstance(new DerSequence(vec))));
+					}
+					bool matches = false;
+					// verify that one of the names in the IDP matches one
+					// of the names in the DP.
+					if (dp.DistributionPointName != null)
+					{
+						dpName = dp.DistributionPointName;
+						GeneralName[] genNames = null;
+						if (dpName.PointType == DistributionPointName.FullName)
+						{
+							genNames = GeneralNames.GetInstance(dpName.Name).GetNames();
+						}
+						if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer)
+						{
+							if (dp.CrlIssuer != null)
+							{
+								genNames = dp.CrlIssuer.GetNames();
+							}
+							else
+							{
+								genNames = new GeneralName[1];
+								try
+								{
+									genNames[0] = new GeneralName(
+										PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert));
+								}
+								catch (IOException e)
+								{
+									throw new Exception("Could not read certificate issuer.", e);
+								}
+							}
+							for (int j = 0; j < genNames.Length; j++)
+							{
+								IEnumerator e = Asn1Sequence.GetInstance(genNames[j].Name.ToAsn1Object()).GetEnumerator();
+								Asn1EncodableVector vec = new Asn1EncodableVector();
+								while (e.MoveNext())
+								{
+									vec.Add((Asn1Encodable)e.Current);
+								}
+								vec.Add(dpName.Name);
+								genNames[j] = new GeneralName(X509Name.GetInstance(new DerSequence(vec)));
+							}
+						}
+						if (genNames != null)
+						{
+							for (int j = 0; j < genNames.Length; j++)
+							{
+								if (names.Contains(genNames[j]))
+								{
+									matches = true;
+									break;
+								}
+							}
+						}
+						if (!matches)
+						{
+							throw new Exception(
+								"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+						}
+					}
+						// verify that one of the names in
+						// the IDP matches one of the names in the cRLIssuer field of
+						// the DP
+					else
+					{
+						if (dp.CrlIssuer == null)
+						{
+							throw new Exception("Either the cRLIssuer or the distributionPoint field must "
+								+ "be contained in DistributionPoint.");
+						}
+						GeneralName[] genNames = dp.CrlIssuer.GetNames();
+						for (int j = 0; j < genNames.Length; j++)
+						{
+							if (names.Contains(genNames[j]))
+							{
+								matches = true;
+								break;
+							}
+						}
+						if (!matches)
+						{
+							throw new Exception(
+								"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+						}
+					}
+				}
+				BasicConstraints bc = null;
+				try
+				{
+					bc = BasicConstraints.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(
+						(IX509Extension)cert, X509Extensions.BasicConstraints));
+				}
+				catch (Exception e)
+				{
+					throw new Exception("Basic constraints extension could not be decoded.", e);
+				}
+
+				//if (cert is X509Certificate)
+				{
+					// (b) (2) (ii)
+					if (idp.OnlyContainsUserCerts && ((bc != null) && bc.IsCA()))
+					{
+						throw new Exception("CA Cert CRL only contains user certificates.");
+					}
+
+					// (b) (2) (iii)
+					if (idp.OnlyContainsCACerts && (bc == null || !bc.IsCA()))
+					{
+						throw new Exception("End CRL only contains CA certificates.");
+					}
+				}
+
+				// (b) (2) (iv)
+				if (idp.OnlyContainsAttributeCerts)
+				{
+					throw new Exception("onlyContainsAttributeCerts boolean is asserted.");
+				}
+			}
+		}
+
+		internal static void ProcessCertBC(
+			PkixCertPath				certPath,
+			int							index,
+			PkixNameConstraintValidator	nameConstraintValidator)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			int n = certs.Count;
+			// i as defined in the algorithm description
+			int i = n - index;
+			//
+			// (b), (c) permitted and excluded subtree checking.
+			//
+			if (!(PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (i < n)))
+			{
+				X509Name principal = cert.SubjectDN;
+				Asn1InputStream aIn = new Asn1InputStream(principal.GetEncoded());
+				Asn1Sequence dns;
+
+				try
+				{
+					dns = DerSequence.GetInstance(aIn.ReadObject());
+				}
+				catch (Exception e)
+				{
+					throw new PkixCertPathValidatorException(
+						"Exception extracting subject name when checking subtrees.", e, certPath, index);
+				}
+
+				try
+				{
+					nameConstraintValidator.CheckPermittedDN(dns);
+					nameConstraintValidator.CheckExcludedDN(dns);
+				}
+				catch (PkixNameConstraintValidatorException e)
+				{
+					throw new PkixCertPathValidatorException(
+						"Subtree check for certificate subject failed.", e, certPath, index);
+				}
+
+				GeneralNames altName = null;
+				try
+				{
+					altName = GeneralNames.GetInstance(
+						PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.SubjectAlternativeName));
+				}
+				catch (Exception e)
+				{
+					throw new PkixCertPathValidatorException(
+						"Subject alternative name extension could not be decoded.", e, certPath, index);
+				}
+
+				IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress);
+				foreach (string email in emails)
+				{
+					GeneralName emailAsGeneralName = new GeneralName(GeneralName.Rfc822Name, email);
+					try
+					{
+						nameConstraintValidator.checkPermitted(emailAsGeneralName);
+						nameConstraintValidator.checkExcluded(emailAsGeneralName);
+					}
+					catch (PkixNameConstraintValidatorException ex)
+					{
+						throw new PkixCertPathValidatorException(
+							"Subtree check for certificate subject alternative email failed.", ex, certPath, index);
+					}
+				}
+				if (altName != null)
+				{
+					GeneralName[] genNames = null;
+					try
+					{
+						genNames = altName.GetNames();
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Subject alternative name contents could not be decoded.", e, certPath, index);
+					}
+					foreach (GeneralName genName in genNames)
+					{
+						try
+						{
+							nameConstraintValidator.checkPermitted(genName);
+							nameConstraintValidator.checkExcluded(genName);
+						}
+						catch (PkixNameConstraintValidatorException e)
+						{
+							throw new PkixCertPathValidatorException(
+								"Subtree check for certificate subject alternative name failed.", e, certPath, index);
+						}
+					}
+				}
+			}
+		}
+
+		internal static void PrepareNextCertA(
+			PkixCertPath	certPath,
+			int				index)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			//
+			//
+			// (a) check the policy mappings
+			//
+			Asn1Sequence pm = null;
+			try
+			{
+				pm = Asn1Sequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings));
+			}
+			catch (Exception ex)
+			{
+				throw new PkixCertPathValidatorException(
+					"Policy mappings extension could not be decoded.", ex, certPath, index);
+			}
+			if (pm != null)
+			{
+				Asn1Sequence mappings = pm;
+
+				for (int j = 0; j < mappings.Count; j++)
+				{
+					DerObjectIdentifier issuerDomainPolicy = null;
+					DerObjectIdentifier subjectDomainPolicy = null;
+					try
+					{
+						Asn1Sequence mapping = DerSequence.GetInstance(mappings[j]);
+
+						issuerDomainPolicy = DerObjectIdentifier.GetInstance(mapping[0]);
+						subjectDomainPolicy = DerObjectIdentifier.GetInstance(mapping[1]);
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Policy mappings extension contents could not be decoded.", e, certPath, index);
+					}
+
+					if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(issuerDomainPolicy.Id))
+						throw new PkixCertPathValidatorException(
+							"IssuerDomainPolicy is anyPolicy", null, certPath, index);
+
+					if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(subjectDomainPolicy.Id))
+						throw new PkixCertPathValidatorException(
+							"SubjectDomainPolicy is anyPolicy,", null, certPath, index);
+				}
+			}
+		}
+
+		internal static PkixPolicyNode ProcessCertD(
+			PkixCertPath	certPath,
+			int				index,
+			ISet			acceptablePolicies,
+			PkixPolicyNode	validPolicyTree,
+			IList[]			policyNodes,
+			int				inhibitAnyPolicy)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			int n = certs.Count;
+			// i as defined in the algorithm description
+			int i = n - index;
+			//
+			// (d) policy Information checking against initial policy and
+			// policy mapping
+			//
+			Asn1Sequence certPolicies = null;
+			try
+			{
+				certPolicies = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CertificatePolicies));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Could not read certificate policies extension from certificate.", e, certPath, index);
+			}
+			if (certPolicies != null && validPolicyTree != null)
+			{
+				//
+				// (d) (1)
+				//
+				ISet pols = new HashSet();
+
+				foreach (Asn1Encodable ae in certPolicies)
+				{
+					PolicyInformation pInfo = PolicyInformation.GetInstance(ae.ToAsn1Object());
+					DerObjectIdentifier pOid = pInfo.PolicyIdentifier;
+
+					pols.Add(pOid.Id);
+
+					if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(pOid.Id))
+					{
+						ISet pq = null;
+						try
+						{
+							pq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers);
+						}
+						catch (PkixCertPathValidatorException ex)
+						{
+							throw new PkixCertPathValidatorException(
+								"Policy qualifier info set could not be build.", ex, certPath, index);
+						}
+
+						bool match = PkixCertPathValidatorUtilities.ProcessCertD1i(i, policyNodes, pOid, pq);
+
+						if (!match)
+						{
+							PkixCertPathValidatorUtilities.ProcessCertD1ii(i, policyNodes, pOid, pq);
+						}
+					}
+				}
+
+				if (acceptablePolicies.IsEmpty || acceptablePolicies.Contains(Rfc3280CertPathUtilities.ANY_POLICY))
+				{
+					acceptablePolicies.Clear();
+					acceptablePolicies.AddAll(pols);
+				}
+				else
+				{
+					ISet t1 = new HashSet();
+
+					foreach (object o in acceptablePolicies)
+					{
+						if (pols.Contains(o))
+						{
+							t1.Add(o);
+						}
+					}
+					acceptablePolicies.Clear();
+					acceptablePolicies.AddAll(t1);
+				}
+
+				//
+				// (d) (2)
+				//
+				if ((inhibitAnyPolicy > 0) || ((i < n) && PkixCertPathValidatorUtilities.IsSelfIssued(cert)))
+				{
+					foreach (Asn1Encodable ae in certPolicies)
+					{
+						PolicyInformation pInfo = PolicyInformation.GetInstance(ae.ToAsn1Object());
+						if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pInfo.PolicyIdentifier.Id))
+						{
+							ISet _apq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers);
+							IList _nodes = policyNodes[i - 1];
+
+							for (int k = 0; k < _nodes.Count; k++)
+							{
+								PkixPolicyNode _node = (PkixPolicyNode)_nodes[k];
+
+								IEnumerator  _policySetIter = _node.ExpectedPolicies.GetEnumerator();
+								while (_policySetIter.MoveNext())
+								{
+									object _tmp = _policySetIter.Current;
+
+									string _policy;
+									if (_tmp is string)
+									{
+										_policy = (string)_tmp;
+									}
+									else if (_tmp is DerObjectIdentifier)
+									{
+										_policy = ((DerObjectIdentifier)_tmp).Id;
+									}
+									else
+									{
+										continue;
+									}
+
+									bool _found = false;
+
+									foreach (PkixPolicyNode _child in _node.Children)
+									{
+										if (_policy.Equals(_child.ValidPolicy))
+										{
+											_found = true;
+										}
+									}
+
+									if (!_found)
+									{
+										ISet _newChildExpectedPolicies = new HashSet();
+										_newChildExpectedPolicies.Add(_policy);
+
+										PkixPolicyNode _newChild = new PkixPolicyNode(Platform.CreateArrayList(), i,
+											_newChildExpectedPolicies, _node, _apq, _policy, false);
+										_node.AddChild(_newChild);
+										policyNodes[i].Add(_newChild);
+									}
+								}
+							}
+							break;
+						}
+					}
+				}
+
+				PkixPolicyNode _validPolicyTree = validPolicyTree;
+				//
+				// (d) (3)
+				//
+				for (int j = (i - 1); j >= 0; j--)
+				{
+					IList nodes = policyNodes[j];
+
+					for (int k = 0; k < nodes.Count; k++)
+					{
+						PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+						if (!node.HasChildren)
+						{
+							_validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(_validPolicyTree, policyNodes,
+								node);
+							if (_validPolicyTree == null)
+							{
+								break;
+							}
+						}
+					}
+				}
+
+				//
+				// d (4)
+				//
+				ISet criticalExtensionOids = cert.GetCriticalExtensionOids();
+
+				if (criticalExtensionOids != null)
+				{
+					bool critical = criticalExtensionOids.Contains(X509Extensions.CertificatePolicies.Id);
+
+					IList nodes = policyNodes[i];
+					for (int j = 0; j < nodes.Count; j++)
+					{
+						PkixPolicyNode node = (PkixPolicyNode)nodes[j];
+						node.IsCritical = critical;
+					}
+				}
+				return _validPolicyTree;
+			}
+			return null;
+		}
+
+		/**
+		* If the DP includes cRLIssuer, then verify that the issuer field in the
+		* complete CRL matches cRLIssuer in the DP and that the complete CRL
+		* contains an
+		*      g distribution point extension with the indirectCRL
+		* boolean asserted. Otherwise, verify that the CRL issuer matches the
+		* certificate issuer.
+		*
+		* @param dp   The distribution point.
+		* @param cert The certificate ot attribute certificate.
+		* @param crl  The CRL for <code>cert</code>.
+		* @throws AnnotatedException if one of the above conditions does not apply or an error
+		*                            occurs.
+		*/
+		internal static void ProcessCrlB1(
+			DistributionPoint	dp,
+			object				cert,
+			X509Crl				crl)
+		{
+			Asn1Object idp = PkixCertPathValidatorUtilities.GetExtensionValue(
+				crl, X509Extensions.IssuingDistributionPoint);
+
+			bool isIndirect = false;
+			if (idp != null)
+			{
+				if (IssuingDistributionPoint.GetInstance(idp).IsIndirectCrl)
+				{
+					isIndirect = true;
+				}
+			}
+			byte[] issuerBytes = crl.IssuerDN.GetEncoded();
+
+			bool matchIssuer = false;
+			if (dp.CrlIssuer != null)
+			{
+				GeneralName[] genNames = dp.CrlIssuer.GetNames();
+				for (int j = 0; j < genNames.Length; j++)
+				{
+					if (genNames[j].TagNo == GeneralName.DirectoryName)
+					{
+						try
+						{
+							if (Org.BouncyCastle.Utilities.Arrays.AreEqual(genNames[j].Name.ToAsn1Object().GetEncoded(), issuerBytes))
+							{
+								matchIssuer = true;
+							}
+						}
+						catch (IOException e)
+						{
+							throw new Exception(
+								"CRL issuer information from distribution point cannot be decoded.", e);
+						}
+					}
+				}
+				if (matchIssuer && !isIndirect)
+				{
+					throw new Exception("Distribution point contains cRLIssuer field but CRL is not indirect.");
+				}
+				if (!matchIssuer)
+				{
+					throw new Exception("CRL issuer of CRL does not match CRL issuer of distribution point.");
+				}
+			}
+			else
+			{
+				if (crl.IssuerDN.Equivalent(PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert), true))
+				{
+					matchIssuer = true;
+				}
+			}
+			if (!matchIssuer)
+			{
+				throw new Exception("Cannot find matching CRL issuer for certificate.");
+			}
+		}
+
+		internal static ReasonsMask ProcessCrlD(
+			X509Crl				crl,
+			DistributionPoint	dp)
+			//throws AnnotatedException
+		{
+			IssuingDistributionPoint idp = null;
+			try
+			{
+				idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("issuing distribution point extension could not be decoded.", e);
+			}
+
+			// (d) (1)
+			if (idp != null && idp.OnlySomeReasons != null && dp.Reasons != null)
+			{
+				return new ReasonsMask(dp.Reasons.IntValue).Intersect(new ReasonsMask(idp.OnlySomeReasons
+					.IntValue));
+			}
+			// (d) (4)
+			if ((idp == null || idp.OnlySomeReasons == null) && dp.Reasons == null)
+			{
+				return ReasonsMask.AllReasons;
+			}
+
+			// (d) (2) and (d)(3)
+
+			ReasonsMask dpReasons = null;
+
+			if (dp.Reasons == null)
+			{
+				dpReasons = ReasonsMask.AllReasons;
+			}
+			else
+			{
+				dpReasons = new ReasonsMask(dp.Reasons.IntValue);
+			}
+
+			ReasonsMask idpReasons = null;
+
+			if (idp == null)
+			{
+				idpReasons = ReasonsMask.AllReasons;
+			}
+			else
+			{
+				idpReasons = new ReasonsMask(idp.OnlySomeReasons.IntValue);
+			}
+
+			return dpReasons.Intersect(idpReasons);
+		}
+
+		/**
+		* Obtain and validate the certification path for the complete CRL issuer.
+		* If a key usage extension is present in the CRL issuer's certificate,
+		* verify that the cRLSign bit is set.
+		*
+		* @param crl                CRL which contains revocation information for the certificate
+		*                           <code>cert</code>.
+		* @param cert               The attribute certificate or certificate to check if it is
+		*                           revoked.
+		* @param defaultCRLSignCert The issuer certificate of the certificate <code>cert</code>.
+		* @param defaultCRLSignKey  The public key of the issuer certificate
+		*                           <code>defaultCRLSignCert</code>.
+		* @param paramsPKIX         paramsPKIX PKIX parameters.
+		* @param certPathCerts      The certificates on the certification path.
+		* @return A <code>Set</code> with all keys of possible CRL issuer
+		*         certificates.
+		* @throws AnnotatedException if the CRL is not valid or the status cannot be checked or
+		*                            some error occurs.
+		*/
+		internal static ISet ProcessCrlF(
+			X509Crl					crl,
+			object					cert,
+			X509Certificate			defaultCRLSignCert,
+			AsymmetricKeyParameter	defaultCRLSignKey,
+			PkixParameters			paramsPKIX,
+			IList					certPathCerts)
+		{
+			// (f)
+
+			// get issuer from CRL
+			X509CertStoreSelector selector = new X509CertStoreSelector();
+			try
+			{
+				selector.Subject = crl.IssuerDN;
+			}
+			catch (IOException e)
+			{
+				throw new Exception(
+					"Subject criteria for certificate selector to find issuer certificate for CRL could not be set.", e);
+			}
+
+			// get CRL signing certs
+			IList coll = Platform.CreateArrayList();
+
+			try
+			{
+                CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetStores()));
+                CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetAdditionalStores()));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("Issuer certificate for CRL cannot be searched.", e);
+			}
+
+			coll.Add(defaultCRLSignCert);
+
+			IEnumerator cert_it = coll.GetEnumerator();
+
+            IList validCerts = Platform.CreateArrayList();
+            IList validKeys = Platform.CreateArrayList();
+
+			while (cert_it.MoveNext())
+			{
+				X509Certificate signingCert = (X509Certificate)cert_it.Current;
+
+				/*
+				 * CA of the certificate, for which this CRL is checked, has also
+				 * signed CRL, so skip the path validation, because is already done
+				 */
+				if (signingCert.Equals(defaultCRLSignCert))
+				{
+					validCerts.Add(signingCert);
+					validKeys.Add(defaultCRLSignKey);
+					continue;
+				}
+				try
+				{
+//					CertPathBuilder builder = CertPathBuilder.GetInstance("PKIX");
+					PkixCertPathBuilder builder = new PkixCertPathBuilder();
+					selector = new X509CertStoreSelector();
+					selector.Certificate = signingCert;
+
+					PkixParameters temp = (PkixParameters)paramsPKIX.Clone();
+					temp.SetTargetCertConstraints(selector);
+
+					PkixBuilderParameters parameters = (PkixBuilderParameters)
+						PkixBuilderParameters.GetInstance(temp);
+
+					/*
+					 * if signingCert is placed not higher on the cert path a
+					 * dependency loop results. CRL for cert is checked, but
+					 * signingCert is needed for checking the CRL which is dependent
+					 * on checking cert because it is higher in the cert path and so
+					 * signing signingCert transitively. so, revocation is disabled,
+					 * forgery attacks of the CRL are detected in this outer loop
+					 * for all other it must be enabled to prevent forgery attacks
+					 */
+					if (certPathCerts.Contains(signingCert))
+					{
+						parameters.IsRevocationEnabled = false;
+					}
+					else
+					{
+						parameters.IsRevocationEnabled = true;
+					}
+					IList certs = builder.Build(parameters).CertPath.Certificates;
+					validCerts.Add(signingCert);
+					validKeys.Add(PkixCertPathValidatorUtilities.GetNextWorkingKey(certs, 0));
+				}
+				catch (PkixCertPathBuilderException e)
+				{
+					throw new Exception("Internal error.", e);
+				}
+				catch (PkixCertPathValidatorException e)
+				{
+					throw new Exception("Public key of issuer certificate of CRL could not be retrieved.", e);
+				}
+				//catch (Exception e)
+				//{
+				//    throw new Exception(e.Message);
+				//}
+			}
+
+			ISet checkKeys = new HashSet();
+
+			Exception lastException = null;
+			for (int i = 0; i < validCerts.Count; i++)
+			{
+				X509Certificate signCert = (X509Certificate)validCerts[i];
+				bool[] keyusage = signCert.GetKeyUsage();
+
+				if (keyusage != null && (keyusage.Length < 7 || !keyusage[CRL_SIGN]))
+				{
+					lastException = new Exception(
+						"Issuer certificate key usage extension does not permit CRL signing.");
+				}
+				else
+				{
+					checkKeys.Add(validKeys[i]);
+				}
+			}
+
+			if ((checkKeys.Count == 0) && lastException == null)
+			{
+				throw new Exception("Cannot find a valid issuer certificate.");
+			}
+			if ((checkKeys.Count == 0) && lastException != null)
+			{
+				throw lastException;
+			}
+
+			return checkKeys;
+		}
+
+		internal static AsymmetricKeyParameter ProcessCrlG(
+			X509Crl	crl,
+			ISet	keys)
+		{
+			Exception lastException = null;
+			foreach (AsymmetricKeyParameter key in keys)
+			{
+				try
+				{
+					crl.Verify(key);
+					return key;
+				}
+				catch (Exception e)
+				{
+					lastException = e;
+				}
+			}
+			throw new Exception("Cannot verify CRL.", lastException);
+		}
+
+		internal static X509Crl ProcessCrlH(
+			ISet					deltaCrls,
+			AsymmetricKeyParameter	key)
+		{
+			Exception lastException = null;
+			foreach (X509Crl crl in deltaCrls)
+			{
+				try
+				{
+					crl.Verify(key);
+					return crl;
+				}
+				catch (Exception e)
+				{
+					lastException = e;
+				}
+			}
+			if (lastException != null)
+			{
+				throw new Exception("Cannot verify delta CRL.", lastException);
+			}
+			return null;
+		}
+
+		/**
+		* Checks a distribution point for revocation information for the
+		* certificate <code>cert</code>.
+		*
+		* @param dp                 The distribution point to consider.
+		* @param paramsPKIX         PKIX parameters.
+		* @param cert               Certificate to check if it is revoked.
+		* @param validDate          The date when the certificate revocation status should be
+		*                           checked.
+		* @param defaultCRLSignCert The issuer certificate of the certificate <code>cert</code>.
+		* @param defaultCRLSignKey  The public key of the issuer certificate
+		*                           <code>defaultCRLSignCert</code>.
+		* @param certStatus         The current certificate revocation status.
+		* @param reasonMask         The reasons mask which is already checked.
+		* @param certPathCerts      The certificates of the certification path.
+		* @throws AnnotatedException if the certificate is revoked or the status cannot be checked
+		*                            or some error occurs.
+		*/
+		private static void CheckCrl(
+			DistributionPoint dp,
+			PkixParameters paramsPKIX,
+			X509Certificate cert,
+			DateTime validDate,
+			X509Certificate defaultCRLSignCert,
+			AsymmetricKeyParameter defaultCRLSignKey,
+			CertStatus certStatus,
+			ReasonsMask reasonMask,
+			IList certPathCerts)
+			//throws AnnotatedException
+		{
+			DateTime currentDate = DateTime.UtcNow;
+
+			if (validDate.Ticks > currentDate.Ticks)
+			{
+				throw new Exception("Validation time is in future.");
+			}
+
+			// (a)
+			/*
+			 * We always get timely valid CRLs, so there is no step (a) (1).
+			 * "locally cached" CRLs are assumed to be in getStore(), additional
+			 * CRLs must be enabled in the ExtendedPKIXParameters and are in
+			 * getAdditionalStore()
+			 */
+
+			ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, cert, currentDate, paramsPKIX);
+			bool validCrlFound = false;
+			Exception lastException = null;
+
+			IEnumerator crl_iter = crls.GetEnumerator();
+
+			while (crl_iter.MoveNext() && certStatus.Status == CertStatus.Unrevoked && !reasonMask.IsAllReasons)
+			{
+				try
+				{
+					X509Crl crl = (X509Crl)crl_iter.Current;
+
+					// (d)
+					ReasonsMask interimReasonsMask = Rfc3280CertPathUtilities.ProcessCrlD(crl, dp);
+
+					// (e)
+					/*
+					 * The reasons mask is updated at the end, so only valid CRLs
+					 * can update it. If this CRL does not contain new reasons it
+					 * must be ignored.
+					 */
+					if (!interimReasonsMask.HasNewReasons(reasonMask))
+					{
+						continue;
+					}
+
+					// (f)
+					ISet keys = Rfc3280CertPathUtilities.ProcessCrlF(crl, cert, defaultCRLSignCert, defaultCRLSignKey,
+						paramsPKIX, certPathCerts);
+					// (g)
+					AsymmetricKeyParameter key = Rfc3280CertPathUtilities.ProcessCrlG(crl, keys);
+
+					X509Crl deltaCRL = null;
+
+					if (paramsPKIX.IsUseDeltasEnabled)
+					{
+						// get delta CRLs
+						ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl);
+						// we only want one valid delta CRL
+						// (h)
+						deltaCRL = Rfc3280CertPathUtilities.ProcessCrlH(deltaCRLs, key);
+					}
+
+					/*
+					 * CRL must be be valid at the current time, not the validation
+					 * time. If a certificate is revoked with reason keyCompromise,
+					 * cACompromise, it can be used for forgery, also for the past.
+					 * This reason may not be contained in older CRLs.
+					 */
+
+					/*
+					 * in the chain model signatures stay valid also after the
+					 * certificate has been expired, so they do not have to be in
+					 * the CRL validity time
+					 */
+
+					if (paramsPKIX.ValidityModel != PkixParameters.ChainValidityModel)
+					{
+						/*
+						 * if a certificate has expired, but was revoked, it is not
+						 * more in the CRL, so it would be regarded as valid if the
+						 * first check is not done
+						 */
+						if (cert.NotAfter.Ticks < crl.ThisUpdate.Ticks)
+						{
+							throw new Exception("No valid CRL for current time found.");
+						}
+					}
+
+					Rfc3280CertPathUtilities.ProcessCrlB1(dp, cert, crl);
+
+					// (b) (2)
+					Rfc3280CertPathUtilities.ProcessCrlB2(dp, cert, crl);
+
+					// (c)
+					Rfc3280CertPathUtilities.ProcessCrlC(deltaCRL, crl, paramsPKIX);
+
+					// (i)
+					Rfc3280CertPathUtilities.ProcessCrlI(validDate, deltaCRL, cert, certStatus, paramsPKIX);
+
+					// (j)
+					Rfc3280CertPathUtilities.ProcessCrlJ(validDate, crl, cert, certStatus);
+
+					// (k)
+					if (certStatus.Status == CrlReason.RemoveFromCrl)
+					{
+						certStatus.Status = CertStatus.Unrevoked;
+					}
+
+					// update reasons mask
+					reasonMask.AddReasons(interimReasonsMask);
+
+					ISet criticalExtensions = crl.GetCriticalExtensionOids();
+
+					if (criticalExtensions != null)
+					{
+						criticalExtensions = new HashSet(criticalExtensions);
+						criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id);
+						criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id);
+
+						if (!criticalExtensions.IsEmpty)
+							throw new Exception("CRL contains unsupported critical extensions.");
+					}
+
+					if (deltaCRL != null)
+					{
+						criticalExtensions = deltaCRL.GetCriticalExtensionOids();
+						if (criticalExtensions != null)
+						{
+							criticalExtensions = new HashSet(criticalExtensions);
+							criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id);
+							criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id);
+
+							if (!criticalExtensions.IsEmpty)
+								throw new Exception("Delta CRL contains unsupported critical extension.");
+						}
+					}
+
+					validCrlFound = true;
+				}
+				catch (Exception e)
+				{
+					lastException = e;
+				}
+			}
+			if (!validCrlFound)
+			{
+				throw lastException;
+			}
+		}
+
+		/**
+		 * Checks a certificate if it is revoked.
+		 *
+		 * @param paramsPKIX       PKIX parameters.
+		 * @param cert             Certificate to check if it is revoked.
+		 * @param validDate        The date when the certificate revocation status should be
+		 *                         checked.
+		 * @param sign             The issuer certificate of the certificate <code>cert</code>.
+		 * @param workingPublicKey The public key of the issuer certificate <code>sign</code>.
+		 * @param certPathCerts    The certificates of the certification path.
+		 * @throws AnnotatedException if the certificate is revoked or the status cannot be checked
+		 *                            or some error occurs.
+		 */
+		protected static void CheckCrls(
+			PkixParameters			paramsPKIX,
+			X509Certificate			cert,
+			DateTime				validDate,
+			X509Certificate			sign,
+			AsymmetricKeyParameter	workingPublicKey,
+			IList					certPathCerts)
+		{
+			Exception lastException = null;
+			CrlDistPoint crldp = null;
+
+			try
+			{
+				crldp = CrlDistPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CrlDistributionPoints));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("CRL distribution point extension could not be read.", e);
+			}
+
+			try
+			{
+				PkixCertPathValidatorUtilities.AddAdditionalStoresFromCrlDistributionPoint(crldp, paramsPKIX);
+			}
+			catch (Exception e)
+			{
+				throw new Exception(
+					"No additional CRL locations could be decoded from CRL distribution point extension.", e);
+			}
+			CertStatus certStatus = new CertStatus();
+			ReasonsMask reasonsMask = new ReasonsMask();
+
+			bool validCrlFound = false;
+
+			// for each distribution point
+			if (crldp != null)
+			{
+				DistributionPoint[] dps = null;
+				try
+				{
+					dps = crldp.GetDistributionPoints();
+				}
+				catch (Exception e)
+				{
+					throw new Exception("Distribution points could not be read.", e);
+				}
+				if (dps != null)
+				{
+					for (int i = 0; i < dps.Length && certStatus.Status == CertStatus.Unrevoked && !reasonsMask.IsAllReasons; i++)
+					{
+						PkixParameters paramsPKIXClone = (PkixParameters)paramsPKIX.Clone();
+						try
+						{
+							CheckCrl(dps[i], paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts);
+							validCrlFound = true;
+						}
+						catch (Exception e)
+						{
+							lastException = e;
+						}
+					}
+				}
+			}
+
+			/*
+			 * If the revocation status has not been determined, repeat the process
+			 * above with any available CRLs not specified in a distribution point
+			 * but issued by the certificate issuer.
+			 */
+
+			if (certStatus.Status == CertStatus.Unrevoked && !reasonsMask.IsAllReasons)
+			{
+				try
+				{
+					/*
+					 * assume a DP with both the reasons and the cRLIssuer fields
+					 * omitted and a distribution point name of the certificate
+					 * issuer.
+					 */
+					Asn1Object issuer = null;
+					try
+					{
+						issuer = new Asn1InputStream(cert.IssuerDN.GetEncoded()).ReadObject();
+					}
+					catch (Exception e)
+					{
+						throw new Exception("Issuer from certificate for CRL could not be reencoded.", e);
+					}
+					DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames(
+						new GeneralName(GeneralName.DirectoryName, issuer))), null, null);
+					PkixParameters paramsPKIXClone = (PkixParameters)paramsPKIX.Clone();
+
+					CheckCrl(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask,
+						certPathCerts);
+
+					validCrlFound = true;
+				}
+				catch (Exception e)
+				{
+					lastException = e;
+				}
+			}
+
+			if (!validCrlFound)
+			{
+				throw lastException;
+			}
+			if (certStatus.Status != CertStatus.Unrevoked)
+			{
+				// This format is enforced by the NistCertPath tests
+                string formattedDate = certStatus.RevocationDate.Value.ToString(
+                    "ddd MMM dd HH:mm:ss K yyyy");
+                string message = "Certificate revocation after " + formattedDate;
+				message += ", reason: " + CrlReasons[certStatus.Status];
+				throw new Exception(message);
+			}
+
+			if (!reasonsMask.IsAllReasons && certStatus.Status == CertStatus.Unrevoked)
+			{
+				certStatus.Status = CertStatus.Undetermined;
+			}
+
+			if (certStatus.Status == CertStatus.Undetermined)
+			{
+				throw new Exception("Certificate status could not be determined.");
+			}
+		}
+
+		internal static PkixPolicyNode PrepareCertB(
+			PkixCertPath	certPath,
+			int				index,
+			IList[]			policyNodes,
+			PkixPolicyNode	validPolicyTree,
+			int				policyMapping)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			int n = certs.Count;
+			// i as defined in the algorithm description
+			int i = n - index;
+			// (b)
+			//
+			Asn1Sequence pm = null;
+			try
+			{
+				pm = (Asn1Sequence)Asn1Sequence.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings));
+			}
+			catch (Exception ex)
+			{
+				throw new PkixCertPathValidatorException(
+					"Policy mappings extension could not be decoded.", ex, certPath, index);
+			}
+			PkixPolicyNode _validPolicyTree = validPolicyTree;
+			if (pm != null)
+			{
+				Asn1Sequence mappings = (Asn1Sequence)pm;
+				IDictionary m_idp = Platform.CreateHashtable();
+				ISet s_idp = new HashSet();
+
+				for (int j = 0; j < mappings.Count; j++)
+				{
+					Asn1Sequence mapping = (Asn1Sequence) mappings[j];
+					string id_p = ((DerObjectIdentifier) mapping[0]).Id;
+					string sd_p = ((DerObjectIdentifier) mapping[1]).Id;
+					ISet tmp;
+
+					if (!m_idp.Contains(id_p))
+					{
+						tmp = new HashSet();
+						tmp.Add(sd_p);
+						m_idp[id_p] = tmp;
+						s_idp.Add(id_p);
+					}
+					else
+					{
+						tmp = (ISet)m_idp[id_p];
+						tmp.Add(sd_p);
+					}
+				}
+
+				IEnumerator it_idp = s_idp.GetEnumerator();
+				while (it_idp.MoveNext())
+				{
+					string id_p = (string)it_idp.Current;
+
+					//
+					// (1)
+					//
+					if (policyMapping > 0)
+					{
+						bool idp_found = false;
+						IEnumerator nodes_i = policyNodes[i].GetEnumerator();
+
+						while (nodes_i.MoveNext())
+						{
+							PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
+							if (node.ValidPolicy.Equals(id_p))
+							{
+								idp_found = true;
+								node.ExpectedPolicies = (ISet)m_idp[id_p];
+								break;
+							}
+						}
+
+						if (!idp_found)
+						{
+							nodes_i = policyNodes[i].GetEnumerator();
+							while (nodes_i.MoveNext())
+							{
+								PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current;
+								if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(node.ValidPolicy))
+								{
+									ISet pq = null;
+									Asn1Sequence policies = null;
+									try
+									{
+										policies = (Asn1Sequence)PkixCertPathValidatorUtilities.GetExtensionValue(cert,
+											X509Extensions.CertificatePolicies);
+									}
+									catch (Exception e)
+									{
+										throw new PkixCertPathValidatorException(
+											"Certificate policies extension could not be decoded.", e, certPath, index);
+									}
+
+									foreach (Asn1Encodable ae in policies)
+									{
+										PolicyInformation pinfo = null;
+										try
+										{
+											pinfo = PolicyInformation.GetInstance(ae.ToAsn1Object());
+										}
+										catch (Exception ex)
+										{
+											throw new PkixCertPathValidatorException(
+												"Policy information could not be decoded.", ex, certPath, index);
+										}
+										if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id))
+										{
+											try
+											{
+												pq = PkixCertPathValidatorUtilities
+													.GetQualifierSet(pinfo.PolicyQualifiers);
+											}
+											catch (PkixCertPathValidatorException ex)
+											{
+												throw new PkixCertPathValidatorException(
+													"Policy qualifier info set could not be decoded.", ex, certPath,
+													index);
+											}
+											break;
+										}
+									}
+									bool ci = false;
+									ISet critExtOids = cert.GetCriticalExtensionOids();
+									if (critExtOids != null)
+									{
+										ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id);
+									}
+
+									PkixPolicyNode p_node = (PkixPolicyNode)node.Parent;
+									if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(p_node.ValidPolicy))
+									{
+										PkixPolicyNode c_node = new PkixPolicyNode(Platform.CreateArrayList(), i,
+											(ISet)m_idp[id_p], p_node, pq, id_p, ci);
+										p_node.AddChild(c_node);
+										policyNodes[i].Add(c_node);
+									}
+									break;
+								}
+							}
+						}
+
+						//
+						// (2)
+						//
+					}
+					else if (policyMapping <= 0)
+					{
+                        foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i]))
+                        {
+							if (node.ValidPolicy.Equals(id_p))
+							{
+								node.Parent.RemoveChild(node);
+
+                                for (int k = i - 1; k >= 0; k--)
+								{
+                                    foreach (PkixPolicyNode node2 in Platform.CreateArrayList(policyNodes[k]))
+									{
+										if (!node2.HasChildren)
+										{
+											_validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(
+												_validPolicyTree, policyNodes, node2);
+
+                                            if (_validPolicyTree == null)
+												break;
+										}
+									}
+								}
+							}
+						}
+					}
+				}
+			}
+			return _validPolicyTree;
+		}
+
+		internal static ISet[] ProcessCrlA1ii(
+			DateTime		currentDate,
+			PkixParameters	paramsPKIX,
+			X509Certificate	cert,
+			X509Crl			crl)
+		{
+			ISet deltaSet = new HashSet();
+			X509CrlStoreSelector crlselect = new X509CrlStoreSelector();
+			crlselect.CertificateChecking = cert;
+
+			try
+			{
+				IList issuer = Platform.CreateArrayList();
+				issuer.Add(crl.IssuerDN);
+				crlselect.Issuers = issuer;
+			}
+			catch (IOException e)
+			{
+				throw new Exception("Cannot extract issuer from CRL." + e, e);
+			}
+
+			crlselect.CompleteCrlEnabled = true;
+			ISet completeSet = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate);
+
+			if (paramsPKIX.IsUseDeltasEnabled)
+			{
+				// get delta CRL(s)
+				try
+				{
+					deltaSet.AddAll(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl));
+				}
+				catch (Exception e)
+				{
+					throw new Exception("Exception obtaining delta CRLs.", e);
+				}
+			}
+
+			return new ISet[]{ completeSet, deltaSet };
+		}
+
+		internal static ISet ProcessCrlA1i(
+			DateTime		currentDate,
+			PkixParameters	paramsPKIX,
+			X509Certificate	cert,
+			X509Crl			crl)
+		{
+			ISet deltaSet = new HashSet();
+			if (paramsPKIX.IsUseDeltasEnabled)
+			{
+				CrlDistPoint freshestCRL = null;
+				try
+				{
+					freshestCRL = CrlDistPoint.GetInstance(
+						PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.FreshestCrl));
+				}
+				catch (Exception e)
+				{
+					throw new Exception("Freshest CRL extension could not be decoded from certificate.", e);
+				}
+
+				if (freshestCRL == null)
+				{
+					try
+					{
+						freshestCRL = CrlDistPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.FreshestCrl));
+					}
+					catch (Exception e)
+					{
+						throw new Exception("Freshest CRL extension could not be decoded from CRL.", e);
+					}
+				}
+				if (freshestCRL != null)
+				{
+					try
+					{
+						PkixCertPathValidatorUtilities.AddAdditionalStoresFromCrlDistributionPoint(freshestCRL, paramsPKIX);
+					}
+					catch (Exception e)
+					{
+						throw new Exception(
+							"No new delta CRL locations could be added from Freshest CRL extension.", e);
+					}
+					// get delta CRL(s)
+					try
+					{
+						deltaSet.AddAll(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl));
+					}
+					catch (Exception e)
+					{
+						throw new Exception("Exception obtaining delta CRLs.", e);
+					}
+				}
+			}
+			return deltaSet;
+		}
+
+		internal static void ProcessCertF(
+			PkixCertPath	certPath,
+			int				index,
+			PkixPolicyNode	validPolicyTree,
+			int				explicitPolicy)
+		{
+			//
+			// (f)
+			//
+			if (explicitPolicy <= 0 && validPolicyTree == null)
+			{
+				throw new PkixCertPathValidatorException(
+					"No valid policy tree found when one expected.", null, certPath, index);
+			}
+		}
+
+		internal static void ProcessCertA(
+			PkixCertPath			certPath,
+			PkixParameters			paramsPKIX,
+			int						index,
+			AsymmetricKeyParameter	workingPublicKey,
+			X509Name				workingIssuerName,
+			X509Certificate			sign)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			//
+			// (a) verify
+			//
+			try
+			{
+				// (a) (1)
+				//
+				cert.Verify(workingPublicKey);
+			}
+			catch (GeneralSecurityException e)
+			{
+				throw new PkixCertPathValidatorException("Could not validate certificate signature.", e, certPath, index);
+			}
+
+			try
+			{
+				// (a) (2)
+				//
+				cert.CheckValidity(PkixCertPathValidatorUtilities
+					.GetValidCertDateFromValidityModel(paramsPKIX, certPath, index));
+			}
+			catch (CertificateExpiredException e)
+			{
+				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index);
+			}
+			catch (CertificateNotYetValidException e)
+			{
+				throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index);
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Could not validate time of certificate.", e, certPath, index);
+			}
+
+			//
+			// (a) (3)
+			//
+			if (paramsPKIX.IsRevocationEnabled)
+			{
+				try
+				{
+					CheckCrls(paramsPKIX, cert, PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(paramsPKIX,
+						certPath, index), sign, workingPublicKey, certs);
+				}
+				catch (Exception e)
+				{
+					Exception cause = e.InnerException;
+					if (cause == null)
+					{
+						cause = e;
+					}
+					throw new PkixCertPathValidatorException(e.Message, cause, certPath, index);
+				}
+			}
+
+			//
+			// (a) (4) name chaining
+			//
+			X509Name issuer = PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert);
+			if (!issuer.Equivalent(workingIssuerName, true))
+			{
+				throw new PkixCertPathValidatorException("IssuerName(" + issuer
+					+ ") does not match SubjectName(" + workingIssuerName + ") of signing certificate.", null,
+					certPath, index);
+			}
+		}
+
+		internal static int PrepareNextCertI1(
+			PkixCertPath	certPath,
+			int				index,
+			int				explicitPolicy)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			//
+			// (i)
+			//
+			Asn1Sequence pc = null;
+			try
+			{
+				pc = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Policy constraints extension cannot be decoded.", e, certPath, index);
+			}
+
+			int tmpInt;
+
+			if (pc != null)
+			{
+				IEnumerator policyConstraints = pc.GetEnumerator();
+
+				while (policyConstraints.MoveNext())
+				{
+					try
+					{
+						Asn1TaggedObject constraint = Asn1TaggedObject.GetInstance(policyConstraints.Current);
+						if (constraint.TagNo == 0)
+						{
+							tmpInt = DerInteger.GetInstance(constraint, false).Value.IntValue;
+							if (tmpInt < explicitPolicy)
+							{
+								return tmpInt;
+							}
+							break;
+						}
+					}
+					catch (ArgumentException e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Policy constraints extension contents cannot be decoded.", e, certPath, index);
+					}
+				}
+			}
+			return explicitPolicy;
+		}
+
+		internal static int PrepareNextCertI2(
+			PkixCertPath	certPath,
+			int				index,
+			int				policyMapping)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (i)
+			//
+			Asn1Sequence pc = null;
+			try
+			{
+				pc = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Policy constraints extension cannot be decoded.", e, certPath, index);
+			}
+
+			int tmpInt;
+
+			if (pc != null)
+			{
+				IEnumerator policyConstraints = pc.GetEnumerator();
+
+				while (policyConstraints.MoveNext())
+				{
+					try
+					{
+						Asn1TaggedObject constraint = Asn1TaggedObject.GetInstance(policyConstraints.Current);
+						if (constraint.TagNo == 1)
+						{
+							tmpInt = DerInteger.GetInstance(constraint, false).Value.IntValue;
+							if (tmpInt < policyMapping)
+							{
+								return tmpInt;
+							}
+							break;
+						}
+					}
+					catch (ArgumentException e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Policy constraints extension contents cannot be decoded.", e, certPath, index);
+					}
+				}
+			}
+			return policyMapping;
+		}
+
+		internal static void PrepareNextCertG(
+			PkixCertPath				certPath,
+			int							index,
+			PkixNameConstraintValidator	nameConstraintValidator)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (g) handle the name constraints extension
+			//
+			NameConstraints nc = null;
+			try
+			{
+				Asn1Sequence ncSeq = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.NameConstraints));
+				if (ncSeq != null)
+				{
+					nc = new NameConstraints(ncSeq);
+				}
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Name constraints extension could not be decoded.", e, certPath, index);
+			}
+			if (nc != null)
+			{
+				//
+				// (g) (1) permitted subtrees
+				//
+				Asn1Sequence permitted = nc.PermittedSubtrees;
+				if (permitted != null)
+				{
+					try
+					{
+						nameConstraintValidator.IntersectPermittedSubtree(permitted);
+					}
+					catch (Exception ex)
+					{
+						throw new PkixCertPathValidatorException(
+							"Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
+					}
+				}
+
+				//
+				// (g) (2) excluded subtrees
+				//
+				Asn1Sequence excluded = nc.ExcludedSubtrees;
+				if (excluded != null)
+				{
+					IEnumerator e = excluded.GetEnumerator();
+					try
+					{
+						while (e.MoveNext())
+						{
+							GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current);
+							nameConstraintValidator.AddExcludedSubtree(subtree);
+						}
+					}
+					catch (Exception ex)
+					{
+						throw new PkixCertPathValidatorException(
+							"Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
+					}
+				}
+			}
+		}
+
+		internal static int PrepareNextCertJ(
+			PkixCertPath	certPath,
+			int				index,
+			int				inhibitAnyPolicy)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (j)
+			//
+			DerInteger iap = null;
+			try
+			{
+				iap = DerInteger.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.InhibitAnyPolicy));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Inhibit any-policy extension cannot be decoded.", e, certPath, index);
+			}
+
+			if (iap != null)
+			{
+				int _inhibitAnyPolicy = iap.Value.IntValue;
+
+				if (_inhibitAnyPolicy < inhibitAnyPolicy)
+					return _inhibitAnyPolicy;
+			}
+			return inhibitAnyPolicy;
+		}
+
+		internal static void PrepareNextCertK(
+			PkixCertPath	certPath,
+			int				index)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			//
+			// (k)
+			//
+			BasicConstraints bc = null;
+			try
+			{
+				bc = BasicConstraints.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.BasicConstraints));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
+					index);
+			}
+			if (bc != null)
+			{
+				if (!(bc.IsCA()))
+					throw new PkixCertPathValidatorException("Not a CA certificate");
+			}
+			else
+			{
+				throw new PkixCertPathValidatorException("Intermediate certificate lacks BasicConstraints");
+			}
+		}
+
+		internal static int PrepareNextCertL(
+			PkixCertPath	certPath,
+			int				index,
+			int				maxPathLength)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			//
+			// (l)
+			//
+			if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert))
+			{
+				if (maxPathLength <= 0)
+				{
+					throw new PkixCertPathValidatorException("Max path length not greater than zero", null, certPath, index);
+				}
+
+				return maxPathLength - 1;
+			}
+			return maxPathLength;
+		}
+
+		internal static int PrepareNextCertM(
+			PkixCertPath	certPath,
+			int				index,
+			int				maxPathLength)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (m)
+			//
+			BasicConstraints bc = null;
+			try
+			{
+				bc = BasicConstraints.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.BasicConstraints));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
+					index);
+			}
+			if (bc != null)
+			{
+				BigInteger _pathLengthConstraint = bc.PathLenConstraint;
+
+				if (_pathLengthConstraint != null)
+				{
+					int _plc = _pathLengthConstraint.IntValue;
+
+					if (_plc < maxPathLength)
+					{
+						return _plc;
+					}
+				}
+			}
+			return maxPathLength;
+		}
+
+		internal static void PrepareNextCertN(
+			PkixCertPath	certPath,
+			int				index)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (n)
+			//
+			bool[] _usage = cert.GetKeyUsage();
+
+			if ((_usage != null) && !_usage[Rfc3280CertPathUtilities.KEY_CERT_SIGN])
+			{
+				throw new PkixCertPathValidatorException(
+					"Issuer certificate keyusage extension is critical and does not permit key signing.", null,
+					certPath, index);
+			}
+		}
+
+		internal static void PrepareNextCertO(
+			PkixCertPath	certPath,
+			int				index,
+			ISet			criticalExtensions,
+			IList			pathCheckers)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (o)
+			//
+			IEnumerator tmpIter = pathCheckers.GetEnumerator();
+			while (tmpIter.MoveNext())
+			{
+				try
+				{
+					((PkixCertPathChecker)tmpIter.Current).Check(cert, criticalExtensions);
+				}
+				catch (PkixCertPathValidatorException e)
+				{
+					throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, index);
+				}
+			}
+			if (!criticalExtensions.IsEmpty)
+			{
+				throw new PkixCertPathValidatorException("Certificate has unsupported critical extension.", null, certPath,
+					index);
+			}
+		}
+
+		internal static int PrepareNextCertH1(
+			PkixCertPath	certPath,
+			int				index,
+			int				explicitPolicy)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (h)
+			//
+			if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert))
+			{
+				//
+				// (1)
+				//
+				if (explicitPolicy != 0)
+					return explicitPolicy - 1;
+			}
+			return explicitPolicy;
+		}
+
+		internal static int PrepareNextCertH2(
+			PkixCertPath	certPath,
+			int				index,
+			int				policyMapping)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (h)
+			//
+			if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert))
+			{
+				//
+				// (2)
+				//
+				if (policyMapping != 0)
+					return policyMapping - 1;
+			}
+			return policyMapping;
+		}
+
+
+		internal static int PrepareNextCertH3(
+			PkixCertPath	certPath,
+			int				index,
+			int				inhibitAnyPolicy)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (h)
+			//
+			if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert))
+			{
+				//
+				// (3)
+				//
+				if (inhibitAnyPolicy != 0)
+					return inhibitAnyPolicy - 1;
+			}
+			return inhibitAnyPolicy;
+		}
+
+		internal static int WrapupCertA(
+			int				explicitPolicy,
+			X509Certificate	cert)
+		{
+			//
+			// (a)
+			//
+			if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (explicitPolicy != 0))
+			{
+				explicitPolicy--;
+			}
+			return explicitPolicy;
+		}
+
+		internal static int WrapupCertB(
+			PkixCertPath	certPath,
+			int				index,
+			int				explicitPolicy)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (b)
+			//
+			int tmpInt;
+			Asn1Sequence pc = null;
+			try
+			{
+				pc = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Policy constraints could not be decoded.", e, certPath, index);
+			}
+
+			if (pc != null)
+			{
+				IEnumerator policyConstraints = pc.GetEnumerator();
+
+				while (policyConstraints.MoveNext())
+				{
+					Asn1TaggedObject constraint = (Asn1TaggedObject)policyConstraints.Current;
+					switch (constraint.TagNo)
+					{
+						case 0:
+							try
+							{
+								tmpInt = DerInteger.GetInstance(constraint, false).Value.IntValue;
+							}
+							catch (Exception e)
+							{
+								throw new PkixCertPathValidatorException(
+									"Policy constraints requireExplicitPolicy field could not be decoded.", e, certPath,
+									index);
+							}
+							if (tmpInt == 0)
+							{
+								return 0;
+							}
+							break;
+					}
+				}
+			}
+			return explicitPolicy;
+		}
+
+		internal static void WrapupCertF(
+			PkixCertPath	certPath,
+			int				index,
+			IList			pathCheckers,
+			ISet			criticalExtensions)
+			//throws CertPathValidatorException
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+			IEnumerator tmpIter = pathCheckers.GetEnumerator();
+
+			while (tmpIter.MoveNext())
+			{
+				try
+				{
+					((PkixCertPathChecker)tmpIter.Current).Check(cert, criticalExtensions);
+				}
+				catch (PkixCertPathValidatorException e)
+				{
+					throw new PkixCertPathValidatorException("Additional certificate path checker failed.", e, certPath,
+						index);
+				}
+			}
+
+			if (!criticalExtensions.IsEmpty)
+			{
+				throw new PkixCertPathValidatorException("Certificate has unsupported critical extension",
+					null, certPath, index);
+			}
+		}
+
+		internal static PkixPolicyNode WrapupCertG(
+			PkixCertPath	certPath,
+			PkixParameters	paramsPKIX,
+			ISet			userInitialPolicySet,
+			int				index,
+			IList[]			policyNodes,
+			PkixPolicyNode	validPolicyTree,
+			ISet			acceptablePolicies)
+		{
+			int n = certPath.Certificates.Count;
+
+			//
+			// (g)
+			//
+			PkixPolicyNode intersection;
+
+			//
+			// (g) (i)
+			//
+			if (validPolicyTree == null)
+			{
+				if (paramsPKIX.IsExplicitPolicyRequired)
+				{
+					throw new PkixCertPathValidatorException(
+						"Explicit policy requested but none available.", null, certPath, index);
+				}
+				intersection = null;
+			}
+			else if (PkixCertPathValidatorUtilities.IsAnyPolicy(userInitialPolicySet)) // (g)
+				// (ii)
+			{
+				if (paramsPKIX.IsExplicitPolicyRequired)
+				{
+					if (acceptablePolicies.IsEmpty)
+					{
+						throw new PkixCertPathValidatorException(
+							"Explicit policy requested but none available.", null, certPath, index);
+					}
+					else
+					{
+						ISet _validPolicyNodeSet = new HashSet();
+
+						for (int j = 0; j < policyNodes.Length; j++)
+						{
+							IList _nodeDepth = policyNodes[j];
+
+							for (int k = 0; k < _nodeDepth.Count; k++)
+							{
+								PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k];
+
+								if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy))
+								{
+									foreach (object o in _node.Children)
+									{
+										_validPolicyNodeSet.Add(o);
+									}
+								}
+							}
+						}
+
+						foreach (PkixPolicyNode _node in _validPolicyNodeSet)
+						{
+							string _validPolicy = _node.ValidPolicy;
+
+							if (!acceptablePolicies.Contains(_validPolicy))
+							{
+								// TODO?
+								// validPolicyTree =
+								// removePolicyNode(validPolicyTree, policyNodes,
+								// _node);
+							}
+						}
+						if (validPolicyTree != null)
+						{
+							for (int j = (n - 1); j >= 0; j--)
+							{
+								IList nodes = policyNodes[j];
+
+								for (int k = 0; k < nodes.Count; k++)
+								{
+									PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+									if (!node.HasChildren)
+									{
+										validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree,
+											policyNodes, node);
+									}
+								}
+							}
+						}
+					}
+				}
+
+				intersection = validPolicyTree;
+			}
+			else
+			{
+				//
+				// (g) (iii)
+				//
+				// This implementation is not exactly same as the one described in
+				// RFC3280.
+				// However, as far as the validation result is concerned, both
+				// produce
+				// adequate result. The only difference is whether AnyPolicy is
+				// remain
+				// in the policy tree or not.
+				//
+				// (g) (iii) 1
+				//
+				ISet _validPolicyNodeSet = new HashSet();
+
+				for (int j = 0; j < policyNodes.Length; j++)
+				{
+					IList _nodeDepth = policyNodes[j];
+
+					for (int k = 0; k < _nodeDepth.Count; k++)
+					{
+						PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k];
+
+						if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy))
+						{
+							foreach (PkixPolicyNode _c_node in _node.Children)
+							{
+								if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(_c_node.ValidPolicy))
+								{
+									_validPolicyNodeSet.Add(_c_node);
+								}
+							}
+						}
+					}
+				}
+
+				//
+				// (g) (iii) 2
+				//
+				IEnumerator _vpnsIter = _validPolicyNodeSet.GetEnumerator();
+				while (_vpnsIter.MoveNext())
+				{
+					PkixPolicyNode _node = (PkixPolicyNode)_vpnsIter.Current;
+					string _validPolicy = _node.ValidPolicy;
+
+					if (!userInitialPolicySet.Contains(_validPolicy))
+					{
+						validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes, _node);
+					}
+				}
+
+				//
+				// (g) (iii) 4
+				//
+				if (validPolicyTree != null)
+				{
+					for (int j = (n - 1); j >= 0; j--)
+					{
+						IList nodes = policyNodes[j];
+
+						for (int k = 0; k < nodes.Count; k++)
+						{
+							PkixPolicyNode node = (PkixPolicyNode)nodes[k];
+							if (!node.HasChildren)
+							{
+								validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes,
+									node);
+							}
+						}
+					}
+				}
+
+				intersection = validPolicyTree;
+			}
+			return intersection;
+		}
+
+		/**
+		* If use-deltas is set, verify the issuer and scope of the delta CRL.
+		*
+		* @param deltaCRL    The delta CRL.
+		* @param completeCRL The complete CRL.
+		* @param pkixParams  The PKIX paramaters.
+		* @throws AnnotatedException if an exception occurs.
+		*/
+		internal static void ProcessCrlC(
+			X509Crl			deltaCRL,
+			X509Crl			completeCRL,
+			PkixParameters	pkixParams)
+		{
+			if (deltaCRL == null)
+				return;
+
+			IssuingDistributionPoint completeidp = null;
+			try
+			{
+				completeidp = IssuingDistributionPoint.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint));
+			}
+			catch (Exception e)
+			{
+				throw new Exception("000 Issuing distribution point extension could not be decoded.", e);
+			}
+
+			if (pkixParams.IsUseDeltasEnabled)
+			{
+				// (c) (1)
+				if (!deltaCRL.IssuerDN.Equivalent(completeCRL.IssuerDN, true))
+					throw new Exception("Complete CRL issuer does not match delta CRL issuer.");
+
+				// (c) (2)
+				IssuingDistributionPoint deltaidp = null;
+				try
+				{
+					deltaidp = IssuingDistributionPoint.GetInstance(
+						PkixCertPathValidatorUtilities.GetExtensionValue(deltaCRL, X509Extensions.IssuingDistributionPoint));
+				}
+				catch (Exception e)
+				{
+					throw new Exception(
+						"Issuing distribution point extension from delta CRL could not be decoded.", e);
+				}
+
+				if (!Platform.Equals(completeidp, deltaidp))
+				{
+					throw new Exception(
+						"Issuing distribution point extension from delta CRL and complete CRL does not match.");
+				}
+
+				// (c) (3)
+				Asn1Object completeKeyIdentifier = null;
+				try
+				{
+					completeKeyIdentifier = PkixCertPathValidatorUtilities.GetExtensionValue(
+						completeCRL, X509Extensions.AuthorityKeyIdentifier);
+				}
+				catch (Exception e)
+				{
+					throw new Exception(
+						"Authority key identifier extension could not be extracted from complete CRL.", e);
+				}
+
+				Asn1Object deltaKeyIdentifier = null;
+				try
+				{
+					deltaKeyIdentifier = PkixCertPathValidatorUtilities.GetExtensionValue(
+						deltaCRL, X509Extensions.AuthorityKeyIdentifier);
+				}
+				catch (Exception e)
+				{
+					throw new Exception(
+						"Authority key identifier extension could not be extracted from delta CRL.", e);
+				}
+
+				if (completeKeyIdentifier == null)
+					throw new Exception("CRL authority key identifier is null.");
+
+				if (deltaKeyIdentifier == null)
+					throw new Exception("Delta CRL authority key identifier is null.");
+
+				if (!completeKeyIdentifier.Equals(deltaKeyIdentifier))
+				{
+					throw new Exception(
+						"Delta CRL authority key identifier does not match complete CRL authority key identifier.");
+				}
+			}
+		}
+
+		internal static void ProcessCrlI(
+			DateTime		validDate,
+			X509Crl			deltacrl,
+			object			cert,
+			CertStatus		certStatus,
+			PkixParameters	pkixParams)
+		{
+			if (pkixParams.IsUseDeltasEnabled && deltacrl != null)
+			{
+				PkixCertPathValidatorUtilities.GetCertStatus(validDate, deltacrl, cert, certStatus);
+			}
+		}
+
+		internal static void ProcessCrlJ(
+			DateTime	validDate,
+			X509Crl		completecrl,
+			object		cert,
+			CertStatus	certStatus)
+		{
+			if (certStatus.Status == CertStatus.Unrevoked)
+			{
+				PkixCertPathValidatorUtilities.GetCertStatus(validDate, completecrl, cert, certStatus);
+			}
+		}
+
+		internal static PkixPolicyNode ProcessCertE(
+			PkixCertPath	certPath,
+			int				index,
+			PkixPolicyNode	validPolicyTree)
+		{
+			IList certs = certPath.Certificates;
+			X509Certificate cert = (X509Certificate)certs[index];
+
+			//
+			// (e)
+			//
+			Asn1Sequence certPolicies = null;
+			try
+			{
+				certPolicies = DerSequence.GetInstance(
+					PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CertificatePolicies));
+			}
+			catch (Exception e)
+			{
+				throw new PkixCertPathValidatorException("Could not read certificate policies extension from certificate.",
+					e, certPath, index);
+			}
+			if (certPolicies == null)
+			{
+				validPolicyTree = null;
+			}
+			return validPolicyTree;
+		}
+
+		internal static readonly string[] CrlReasons = new string[]
+		{
+			"unspecified",
+			"keyCompromise",
+			"cACompromise",
+			"affiliationChanged",
+			"superseded",
+			"cessationOfOperation",
+			"certificateHold",
+			"unknown",
+			"removeFromCRL",
+			"privilegeWithdrawn",
+			"aACompromise"
+		};
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/Rfc3281CertPathUtilities.cs b/bc-sharp-crypto/src/pkix/Rfc3281CertPathUtilities.cs
new file mode 100644
index 0000000..101ef5e
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/Rfc3281CertPathUtilities.cs
@@ -0,0 +1,608 @@
+using System;
+using System.Collections;
+using System.Globalization;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Pkix
+{
+	internal class Rfc3281CertPathUtilities
+	{
+		internal static void ProcessAttrCert7(
+			IX509AttributeCertificate	attrCert,
+			PkixCertPath				certPath,
+			PkixCertPath				holderCertPath,
+			PkixParameters				pkixParams)
+		{
+			// TODO:
+			// AA Controls
+			// Attribute encryption
+			// Proxy
+			ISet critExtOids = attrCert.GetCriticalExtensionOids();
+
+			// 7.1
+			// process extensions
+
+			// target information checked in step 6 / X509AttributeCertStoreSelector
+			if (critExtOids.Contains(X509Extensions.TargetInformation.Id))
+			{
+				try
+				{
+					TargetInformation.GetInstance(PkixCertPathValidatorUtilities
+						.GetExtensionValue(attrCert, X509Extensions.TargetInformation));
+				}
+				catch (Exception e)
+				{
+					throw new PkixCertPathValidatorException(
+						"Target information extension could not be read.", e);
+				}
+			}
+			critExtOids.Remove(X509Extensions.TargetInformation.Id);
+			foreach (PkixAttrCertChecker checker in pkixParams.GetAttrCertCheckers())
+			{
+				checker.Check(attrCert, certPath, holderCertPath, critExtOids);
+			}
+			if (!critExtOids.IsEmpty)
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate contains unsupported critical extensions: "
+						+ critExtOids);
+			}
+		}
+
+		/**
+		* Checks if an attribute certificate is revoked.
+		* 
+		* @param attrCert Attribute certificate to check if it is revoked.
+		* @param paramsPKIX PKIX parameters.
+		* @param issuerCert The issuer certificate of the attribute certificate
+		*            <code>attrCert</code>.
+		* @param validDate The date when the certificate revocation status should
+		*            be checked.
+		* @param certPathCerts The certificates of the certification path to be
+		*            checked.
+		* 
+		* @throws CertPathValidatorException if the certificate is revoked or the
+		*             status cannot be checked or some error occurs.
+		*/
+		internal static void CheckCrls(
+			IX509AttributeCertificate	attrCert,
+			PkixParameters				paramsPKIX,
+			X509Certificate				issuerCert,
+			DateTime					validDate,
+			IList						certPathCerts)
+		{
+			if (paramsPKIX.IsRevocationEnabled)
+			{
+				// check if revocation is available
+				if (attrCert.GetExtensionValue(X509Extensions.NoRevAvail) == null)
+				{
+					CrlDistPoint crldp = null;
+					try
+					{
+						crldp = CrlDistPoint.GetInstance(
+							PkixCertPathValidatorUtilities.GetExtensionValue(
+								attrCert, X509Extensions.CrlDistributionPoints));
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"CRL distribution point extension could not be read.", e);
+					}
+					try
+					{
+						PkixCertPathValidatorUtilities
+							.AddAdditionalStoresFromCrlDistributionPoint(crldp, paramsPKIX);
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"No additional CRL locations could be decoded from CRL distribution point extension.", e);
+					}
+					CertStatus certStatus = new CertStatus();
+					ReasonsMask reasonsMask = new ReasonsMask();
+
+					Exception lastException = null;
+					bool validCrlFound = false;
+					// for each distribution point
+					if (crldp != null)
+					{
+						DistributionPoint[] dps = null;
+						try
+						{
+							dps = crldp.GetDistributionPoints();
+						}
+						catch (Exception e)
+						{
+							throw new PkixCertPathValidatorException(
+								"Distribution points could not be read.", e);
+						}
+						try
+						{
+							for (int i = 0; i < dps.Length
+								&& certStatus.Status == CertStatus.Unrevoked
+								&& !reasonsMask.IsAllReasons; i++)
+							{
+								PkixParameters paramsPKIXClone = (PkixParameters) paramsPKIX
+									.Clone();
+								CheckCrl(dps[i], attrCert, paramsPKIXClone,
+									validDate, issuerCert, certStatus, reasonsMask,
+									certPathCerts);
+								validCrlFound = true;
+							}
+						}
+						catch (Exception e)
+						{
+							lastException = new Exception(
+								"No valid CRL for distribution point found.", e);
+						}
+					}
+
+					/*
+					* If the revocation status has not been determined, repeat the
+					* process above with any available CRLs not specified in a
+					* distribution point but issued by the certificate issuer.
+					*/
+
+					if (certStatus.Status == CertStatus.Unrevoked
+						&& !reasonsMask.IsAllReasons)
+					{
+						try
+						{
+							/*
+							* assume a DP with both the reasons and the cRLIssuer
+							* fields omitted and a distribution point name of the
+							* certificate issuer.
+							*/
+							Asn1Object issuer = null;
+							try
+							{
+								issuer = new Asn1InputStream(
+									attrCert.Issuer.GetPrincipals()[0].GetEncoded()).ReadObject();
+							}
+							catch (Exception e)
+							{
+								throw new Exception(
+									"Issuer from certificate for CRL could not be reencoded.",
+									e);
+							}
+							DistributionPoint dp = new DistributionPoint(
+								new DistributionPointName(0, new GeneralNames(
+									new GeneralName(GeneralName.DirectoryName, issuer))), null, null);
+							PkixParameters paramsPKIXClone = (PkixParameters) paramsPKIX.Clone();
+							CheckCrl(dp, attrCert, paramsPKIXClone, validDate,
+								issuerCert, certStatus, reasonsMask, certPathCerts);
+							validCrlFound = true;
+						}
+						catch (Exception e)
+						{
+							lastException = new Exception(
+								"No valid CRL for distribution point found.", e);
+						}
+					}
+
+					if (!validCrlFound)
+					{
+						throw new PkixCertPathValidatorException(
+							"No valid CRL found.", lastException);
+					}
+					if (certStatus.Status != CertStatus.Unrevoked)
+					{
+                        // This format is enforced by the NistCertPath tests
+                        string formattedDate = certStatus.RevocationDate.Value.ToString(
+                            "ddd MMM dd HH:mm:ss K yyyy");
+                        string message = "Attribute certificate revocation after "
+							+ formattedDate;
+						message += ", reason: "
+							+ Rfc3280CertPathUtilities.CrlReasons[certStatus.Status];
+						throw new PkixCertPathValidatorException(message);
+					}
+					if (!reasonsMask.IsAllReasons
+						&& certStatus.Status == CertStatus.Unrevoked)
+					{
+						certStatus.Status = CertStatus.Undetermined;
+					}
+					if (certStatus.Status == CertStatus.Undetermined)
+					{
+						throw new PkixCertPathValidatorException(
+							"Attribute certificate status could not be determined.");
+					}
+
+				}
+				else
+				{
+					if (attrCert.GetExtensionValue(X509Extensions.CrlDistributionPoints) != null
+						|| attrCert.GetExtensionValue(X509Extensions.AuthorityInfoAccess) != null)
+					{
+						throw new PkixCertPathValidatorException(
+							"No rev avail extension is set, but also an AC revocation pointer.");
+					}
+				}
+			}
+		}
+
+		internal static void AdditionalChecks(
+			IX509AttributeCertificate	attrCert,
+			PkixParameters				pkixParams)
+		{
+			// 1
+			foreach (string oid in pkixParams.GetProhibitedACAttributes())
+			{
+				if (attrCert.GetAttributes(oid) != null)
+				{
+					throw new PkixCertPathValidatorException(
+						"Attribute certificate contains prohibited attribute: "
+							+ oid + ".");
+				}
+			}
+			foreach (string oid in pkixParams.GetNecessaryACAttributes())
+			{
+				if (attrCert.GetAttributes(oid) == null)
+				{
+					throw new PkixCertPathValidatorException(
+						"Attribute certificate does not contain necessary attribute: "
+							+ oid + ".");
+				}
+			}
+		}
+
+		internal static void ProcessAttrCert5(
+			IX509AttributeCertificate	attrCert,
+			PkixParameters				pkixParams)
+		{
+			try
+			{
+				attrCert.CheckValidity(PkixCertPathValidatorUtilities.GetValidDate(pkixParams));
+			}
+			catch (CertificateExpiredException e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate is not valid.", e);
+			}
+			catch (CertificateNotYetValidException e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate is not valid.", e);
+			}
+		}
+
+		internal static void ProcessAttrCert4(
+			X509Certificate	acIssuerCert,
+			PkixParameters	pkixParams)
+		{
+			ISet set = pkixParams.GetTrustedACIssuers();
+			bool trusted = false;
+			foreach (TrustAnchor anchor in set)
+			{
+                IDictionary symbols = X509Name.RFC2253Symbols;
+                if (acIssuerCert.SubjectDN.ToString(false, symbols).Equals(anchor.CAName)
+					|| acIssuerCert.Equals(anchor.TrustedCert))
+				{
+					trusted = true;
+				}
+			}
+			if (!trusted)
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate issuer is not directly trusted.");
+			}
+		}
+
+		internal static void ProcessAttrCert3(
+			X509Certificate	acIssuerCert,
+			PkixParameters	pkixParams)
+		{
+			if (acIssuerCert.GetKeyUsage() != null
+				&& (!acIssuerCert.GetKeyUsage()[0] && !acIssuerCert.GetKeyUsage()[1]))
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate issuer public key cannot be used to validate digital signatures.");
+			}
+			if (acIssuerCert.GetBasicConstraints() != -1)
+			{
+				throw new PkixCertPathValidatorException(
+					"Attribute certificate issuer is also a public key certificate issuer.");
+			}
+		}
+
+		internal static PkixCertPathValidatorResult ProcessAttrCert2(
+			PkixCertPath	certPath,
+			PkixParameters	pkixParams)
+		{
+			PkixCertPathValidator validator = new PkixCertPathValidator();
+
+			try
+			{
+				return validator.Validate(certPath, pkixParams);
+			}
+			catch (PkixCertPathValidatorException e)
+			{
+				throw new PkixCertPathValidatorException(
+					"Certification path for issuer certificate of attribute certificate could not be validated.",
+					e);
+			}
+		}
+
+		/**
+		* Searches for a holder public key certificate and verifies its
+		* certification path.
+		* 
+		* @param attrCert the attribute certificate.
+		* @param pkixParams The PKIX parameters.
+		* @return The certificate path of the holder certificate.
+		* @throws Exception if
+		*             <ul>
+		*             <li>no public key certificate can be found although holder
+		*             information is given by an entity name or a base certificate
+		*             ID</li>
+		*             <li>support classes cannot be created</li>
+		*             <li>no certification path for the public key certificate can
+		*             be built</li>
+		*             </ul>
+		*/
+		internal static PkixCertPath ProcessAttrCert1(
+			IX509AttributeCertificate	attrCert,
+			PkixParameters				pkixParams)
+		{
+			PkixCertPathBuilderResult result = null;
+			// find holder PKCs
+			ISet holderPKCs = new HashSet();
+			if (attrCert.Holder.GetIssuer() != null)
+			{
+				X509CertStoreSelector selector = new X509CertStoreSelector();
+				selector.SerialNumber = attrCert.Holder.SerialNumber;
+				X509Name[] principals = attrCert.Holder.GetIssuer();
+				for (int i = 0; i < principals.Length; i++)
+				{
+					try
+					{
+//						if (principals[i] is X500Principal)
+						{
+							selector.Issuer = principals[i];
+						}
+						holderPKCs.AddAll(PkixCertPathValidatorUtilities
+							.FindCertificates(selector, pkixParams.GetStores()));
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Public key certificate for attribute certificate cannot be searched.",
+							e);
+					}
+				}
+				if (holderPKCs.IsEmpty)
+				{
+					throw new PkixCertPathValidatorException(
+						"Public key certificate specified in base certificate ID for attribute certificate cannot be found.");
+				}
+			}
+			if (attrCert.Holder.GetEntityNames() != null)
+			{
+				X509CertStoreSelector selector = new X509CertStoreSelector();
+				X509Name[] principals = attrCert.Holder.GetEntityNames();
+				for (int i = 0; i < principals.Length; i++)
+				{
+					try
+					{
+//						if (principals[i] is X500Principal)
+						{
+							selector.Issuer = principals[i];
+						}
+						holderPKCs.AddAll(PkixCertPathValidatorUtilities
+							.FindCertificates(selector, pkixParams.GetStores()));
+					}
+					catch (Exception e)
+					{
+						throw new PkixCertPathValidatorException(
+							"Public key certificate for attribute certificate cannot be searched.",
+							e);
+					}
+				}
+				if (holderPKCs.IsEmpty)
+				{
+					throw new PkixCertPathValidatorException(
+						"Public key certificate specified in entity name for attribute certificate cannot be found.");
+				}
+			}
+
+			// verify cert paths for PKCs
+			PkixBuilderParameters parameters = (PkixBuilderParameters)
+				PkixBuilderParameters.GetInstance(pkixParams);
+
+			PkixCertPathValidatorException lastException = null;
+			foreach (X509Certificate cert in holderPKCs)
+			{
+				X509CertStoreSelector selector = new X509CertStoreSelector();
+				selector.Certificate = cert;
+				parameters.SetTargetConstraints(selector);
+
+				PkixCertPathBuilder builder = new PkixCertPathBuilder();
+
+				try
+				{
+					result = builder.Build(PkixBuilderParameters.GetInstance(parameters));
+				}
+				catch (PkixCertPathBuilderException e)
+				{
+					lastException = new PkixCertPathValidatorException(
+						"Certification path for public key certificate of attribute certificate could not be build.",
+						e);
+				}
+			}
+			if (lastException != null)
+			{
+				throw lastException;
+			}
+			return result.CertPath;
+		}
+
+		/**
+		* 
+		* Checks a distribution point for revocation information for the
+		* certificate <code>attrCert</code>.
+		* 
+		* @param dp The distribution point to consider.
+		* @param attrCert The attribute certificate which should be checked.
+		* @param paramsPKIX PKIX parameters.
+		* @param validDate The date when the certificate revocation status should
+		*            be checked.
+		* @param issuerCert Certificate to check if it is revoked.
+		* @param reasonMask The reasons mask which is already checked.
+		* @param certPathCerts The certificates of the certification path to be
+		*            checked.
+		* @throws Exception if the certificate is revoked or the status
+		*             cannot be checked or some error occurs.
+		*/
+		private static void CheckCrl(
+			DistributionPoint			dp,
+			IX509AttributeCertificate	attrCert,
+			PkixParameters				paramsPKIX,
+			DateTime					validDate,
+			X509Certificate				issuerCert,
+			CertStatus					certStatus,
+			ReasonsMask					reasonMask,
+			IList						certPathCerts)
+		{
+			/*
+			* 4.3.6 No Revocation Available
+			* 
+			* The noRevAvail extension, defined in [X.509-2000], allows an AC
+			* issuer to indicate that no revocation information will be made
+			* available for this AC.
+			*/
+			if (attrCert.GetExtensionValue(X509Extensions.NoRevAvail) != null)
+			{
+				return;
+			}
+
+			DateTime currentDate = DateTime.UtcNow;
+			if (validDate.CompareTo(currentDate) > 0)
+			{
+				throw new Exception("Validation time is in future.");
+			}
+
+			// (a)
+			/*
+			* We always get timely valid CRLs, so there is no step (a) (1).
+			* "locally cached" CRLs are assumed to be in getStore(), additional
+			* CRLs must be enabled in the ExtendedPkixParameters and are in
+			* getAdditionalStore()
+			*/
+			ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, attrCert,
+				currentDate, paramsPKIX);
+			bool validCrlFound = false;
+			Exception lastException = null;
+
+			IEnumerator crl_iter = crls.GetEnumerator();
+
+			while (crl_iter.MoveNext()
+				&& certStatus.Status == CertStatus.Unrevoked
+				&& !reasonMask.IsAllReasons)
+			{
+				try
+				{
+					X509Crl crl = (X509Crl) crl_iter.Current;
+
+					// (d)
+					ReasonsMask interimReasonsMask = Rfc3280CertPathUtilities.ProcessCrlD(crl, dp);
+
+					// (e)
+					/*
+					* The reasons mask is updated at the end, so only valid CRLs
+					* can update it. If this CRL does not contain new reasons it
+					* must be ignored.
+					*/
+					if (!interimReasonsMask.HasNewReasons(reasonMask))
+					{
+						continue;
+					}
+
+					// (f)
+					ISet keys = Rfc3280CertPathUtilities.ProcessCrlF(crl, attrCert,
+						null, null, paramsPKIX, certPathCerts);
+					// (g)
+					AsymmetricKeyParameter pubKey = Rfc3280CertPathUtilities.ProcessCrlG(crl, keys);
+
+					X509Crl deltaCRL = null;
+
+					if (paramsPKIX.IsUseDeltasEnabled)
+					{
+						// get delta CRLs
+						ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(
+							currentDate, paramsPKIX, crl);
+						// we only want one valid delta CRL
+						// (h)
+						deltaCRL = Rfc3280CertPathUtilities.ProcessCrlH(deltaCRLs, pubKey);
+					}
+
+					/*
+					* CRL must be be valid at the current time, not the validation
+					* time. If a certificate is revoked with reason keyCompromise,
+					* cACompromise, it can be used for forgery, also for the past.
+					* This reason may not be contained in older CRLs.
+					*/
+
+					/*
+					* in the chain model signatures stay valid also after the
+					* certificate has been expired, so they do not have to be in
+					* the CRL vality time
+					*/
+					if (paramsPKIX.ValidityModel != PkixParameters.ChainValidityModel)
+					{
+						/*
+						* if a certificate has expired, but was revoked, it is not
+						* more in the CRL, so it would be regarded as valid if the
+						* first check is not done
+						*/
+						if (attrCert.NotAfter.CompareTo(crl.ThisUpdate) < 0)
+						{
+							throw new Exception(
+								"No valid CRL for current time found.");
+						}
+					}
+
+					Rfc3280CertPathUtilities.ProcessCrlB1(dp, attrCert, crl);
+
+					// (b) (2)
+					Rfc3280CertPathUtilities.ProcessCrlB2(dp, attrCert, crl);
+
+					// (c)
+					Rfc3280CertPathUtilities.ProcessCrlC(deltaCRL, crl, paramsPKIX);
+
+					// (i)
+					Rfc3280CertPathUtilities.ProcessCrlI(validDate, deltaCRL,
+						attrCert, certStatus, paramsPKIX);
+
+					// (j)
+					Rfc3280CertPathUtilities.ProcessCrlJ(validDate, crl, attrCert,
+						certStatus);
+
+					// (k)
+					if (certStatus.Status == CrlReason.RemoveFromCrl)
+					{
+						certStatus.Status = CertStatus.Unrevoked;
+					}
+
+					// update reasons mask
+					reasonMask.AddReasons(interimReasonsMask);
+					validCrlFound = true;
+				}
+				catch (Exception e)
+				{
+					lastException = e;
+				}
+			}
+			if (!validCrlFound)
+			{
+				throw lastException;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/pkix/TrustAnchor.cs b/bc-sharp-crypto/src/pkix/TrustAnchor.cs
new file mode 100644
index 0000000..22078ba
--- /dev/null
+++ b/bc-sharp-crypto/src/pkix/TrustAnchor.cs
@@ -0,0 +1,259 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Pkix
+{
+	/// <summary>
+	/// A trust anchor or most-trusted Certification Authority (CA).
+	/// 
+	/// This class represents a "most-trusted CA", which is used as a trust anchor
+	/// for validating X.509 certification paths. A most-trusted CA includes the
+	/// public key of the CA, the CA's name, and any constraints upon the set of
+	/// paths which may be validated using this key. These parameters can be
+	/// specified in the form of a trusted X509Certificate or as individual
+	/// parameters.
+	/// </summary>
+	public class TrustAnchor
+	{
+		private readonly AsymmetricKeyParameter pubKey;
+		private readonly string caName;
+		private readonly X509Name caPrincipal;
+		private readonly X509Certificate trustedCert;
+		private byte[] ncBytes;
+		private NameConstraints nc;
+
+		/// <summary>
+		/// Creates an instance of TrustAnchor with the specified X509Certificate and
+	    /// optional name constraints, which are intended to be used as additional
+	    /// constraints when validating an X.509 certification path.
+	    ///	The name constraints are specified as a byte array. This byte array
+	    ///	should contain the DER encoded form of the name constraints, as they
+	    ///	would appear in the NameConstraints structure defined in RFC 2459 and
+	    ///	X.509. The ASN.1 definition of this structure appears below.
+	    ///	
+	    ///	<pre>
+	    ///	NameConstraints ::= SEQUENCE {
+	    ///		permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+	    ///		excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+	    ///	   
+        /// GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+        /// 
+        ///		GeneralSubtree ::= SEQUENCE {
+        ///		base                    GeneralName,
+        ///		minimum         [0]     BaseDistance DEFAULT 0,
+        ///		maximum         [1]     BaseDistance OPTIONAL }
+        ///		
+        ///		BaseDistance ::= INTEGER (0..MAX)
+		///
+		///		GeneralName ::= CHOICE {
+		///		otherName                       [0]     OtherName,
+		///		rfc822Name                      [1]     IA5String,
+		///		dNSName                         [2]     IA5String,
+		///		x400Address                     [3]     ORAddress,
+		///		directoryName                   [4]     Name,
+		///		ediPartyName                    [5]     EDIPartyName,
+		///		uniformResourceIdentifier       [6]     IA5String,
+		///		iPAddress                       [7]     OCTET STRING,
+		///		registeredID                    [8]     OBJECT IDENTIFIER}
+		///	</pre>
+		///	
+		///	Note that the name constraints byte array supplied is cloned to protect
+		///	against subsequent modifications.
+		/// </summary>
+		/// <param name="trustedCert">a trusted X509Certificate</param>
+		/// <param name="nameConstraints">a byte array containing the ASN.1 DER encoding of a
+		/// NameConstraints extension to be used for checking name
+		/// constraints. Only the value of the extension is included, not
+		/// the OID or criticality flag. Specify null to omit the
+		/// parameter.</param>
+		/// <exception cref="ArgumentNullException">if the specified X509Certificate is null</exception>
+		public TrustAnchor(
+			X509Certificate	trustedCert,
+			byte[]			nameConstraints)
+		{
+			if (trustedCert == null)
+				throw new ArgumentNullException("trustedCert");
+
+			this.trustedCert = trustedCert;
+			this.pubKey = null;
+			this.caName = null;
+			this.caPrincipal = null;
+			setNameConstraints(nameConstraints);
+		}
+
+		/// <summary>
+		/// Creates an instance of <c>TrustAnchor</c> where the
+		/// most-trusted CA is specified as an X500Principal and public key.
+		/// </summary>
+		/// <remarks>
+		/// <p>
+		/// Name constraints are an optional parameter, and are intended to be used
+		/// as additional constraints when validating an X.509 certification path.
+		/// </p><p>
+		/// The name constraints are specified as a byte array. This byte array
+		/// contains the DER encoded form of the name constraints, as they
+		/// would appear in the NameConstraints structure defined in RFC 2459
+		/// and X.509. The ASN.1 notation for this structure is supplied in the
+		/// documentation for the other constructors.
+		/// </p><p>
+		/// Note that the name constraints byte array supplied here is cloned to
+		/// protect against subsequent modifications.
+		/// </p>
+		/// </remarks>
+		/// <param name="caPrincipal">the name of the most-trusted CA as X509Name</param>
+		/// <param name="pubKey">the public key of the most-trusted CA</param>
+		/// <param name="nameConstraints">
+		/// a byte array containing the ASN.1 DER encoding of a NameConstraints extension to
+		/// be used for checking name constraints. Only the value of the extension is included,
+		/// not the OID or criticality flag. Specify <c>null</c> to omit the parameter.
+		/// </param>
+		/// <exception cref="ArgumentNullException">
+		/// if <c>caPrincipal</c> or <c>pubKey</c> is null
+		/// </exception>
+		public TrustAnchor(
+			X509Name				caPrincipal,
+			AsymmetricKeyParameter	pubKey,
+			byte[]					nameConstraints) 
+		{
+			if (caPrincipal == null)
+				throw new ArgumentNullException("caPrincipal");
+			if (pubKey == null)
+				throw new ArgumentNullException("pubKey");
+
+			this.trustedCert = null;
+			this.caPrincipal = caPrincipal;
+			this.caName = caPrincipal.ToString();
+			this.pubKey = pubKey;
+			setNameConstraints(nameConstraints);
+		}
+
+		/// <summary>
+		/// Creates an instance of <code>TrustAnchor</code> where the most-trusted
+		/// CA is specified as a distinguished name and public key. Name constraints
+		/// are an optional parameter, and are intended to be used as additional
+		/// constraints when validating an X.509 certification path.
+		/// <br/>
+		/// The name constraints are specified as a byte array. This byte array
+		/// contains the DER encoded form of the name constraints, as they would
+		/// appear in the NameConstraints structure defined in RFC 2459 and X.509.
+		/// </summary>
+		/// <param name="caName">the X.500 distinguished name of the most-trusted CA in RFC
+		/// 2253 string format</param>
+		/// <param name="pubKey">the public key of the most-trusted CA</param>
+		/// <param name="nameConstraints">a byte array containing the ASN.1 DER encoding of a
+		/// NameConstraints extension to be used for checking name
+		/// constraints. Only the value of the extension is included, not 
+		/// the OID or criticality flag. Specify null to omit the 
+		/// parameter.</param>
+		/// throws NullPointerException, IllegalArgumentException
+		public TrustAnchor(
+			string					caName,
+			AsymmetricKeyParameter	pubKey,
+			byte[]					nameConstraints)
+		{
+			if (caName == null)
+				throw new ArgumentNullException("caName");
+			if (pubKey == null)
+				throw new ArgumentNullException("pubKey");
+			if (caName.Length == 0)
+				throw new ArgumentException("caName can not be an empty string");
+
+			this.caPrincipal = new X509Name(caName);
+			this.pubKey = pubKey;
+			this.caName = caName;
+			this.trustedCert = null;
+			setNameConstraints(nameConstraints);
+		}
+
+		/// <summary>
+		/// Returns the most-trusted CA certificate.
+		/// </summary>
+		public X509Certificate TrustedCert
+		{
+			get { return this.trustedCert; }
+		}
+
+		/// <summary>
+		/// Returns the name of the most-trusted CA as an X509Name.
+		/// </summary>
+		public X509Name CA
+		{
+			get { return this.caPrincipal; }
+		}
+
+		/// <summary>
+		/// Returns the name of the most-trusted CA in RFC 2253 string format.
+		/// </summary>
+		public string CAName
+		{
+			get { return this.caName; }
+		}
+
+		/// <summary>
+		/// Returns the public key of the most-trusted CA.
+		/// </summary>
+		public AsymmetricKeyParameter CAPublicKey
+		{
+			get { return this.pubKey; }
+		}
+
+		/// <summary>
+		/// Decode the name constraints and clone them if not null.
+		/// </summary>
+		private void setNameConstraints(
+			byte[] bytes) 
+		{
+			if (bytes == null) 
+			{
+				ncBytes = null;
+				nc = null;
+			} 
+			else 
+			{
+				ncBytes = (byte[]) bytes.Clone();
+				// validate DER encoding
+				//nc = new NameConstraintsExtension(Boolean.FALSE, bytes);
+				nc = NameConstraints.GetInstance(Asn1Object.FromByteArray(bytes));
+			}
+		}
+
+		public byte[] GetNameConstraints
+		{
+			get { return Arrays.Clone(ncBytes); }
+		}
+
+		/// <summary>
+		/// Returns a formatted string describing the <code>TrustAnchor</code>.
+		/// </summary>
+		/// <returns>a formatted string describing the <code>TrustAnchor</code></returns>
+		public override string ToString()
+		{
+			// TODO Some of the sub-objects might not implement ToString() properly
+			string nl = Platform.NewLine;
+			StringBuilder sb = new StringBuilder();
+			sb.Append("[");
+			sb.Append(nl);
+			if (this.pubKey != null)
+			{
+				sb.Append("  Trusted CA Public Key: ").Append(this.pubKey).Append(nl);
+				sb.Append("  Trusted CA Issuer Name: ").Append(this.caName).Append(nl);
+			}
+			else
+			{
+				sb.Append("  Trusted CA cert: ").Append(this.TrustedCert).Append(nl);
+			}
+			if (nc != null)
+			{
+				sb.Append("  Name Constraints: ").Append(nc).Append(nl);
+			}
+			return sb.ToString();
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/security/AgreementUtilities.cs b/bc-sharp-crypto/src/security/AgreementUtilities.cs
new file mode 100644
index 0000000..12d427c
--- /dev/null
+++ b/bc-sharp-crypto/src/security/AgreementUtilities.cs
@@ -0,0 +1,105 @@
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Agreement.Kdf;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+	/// <remarks>
+	///  Utility class for creating IBasicAgreement objects from their names/Oids
+	/// </remarks>
+	public sealed class AgreementUtilities
+	{
+		private AgreementUtilities()
+		{
+		}
+
+		private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        //private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static AgreementUtilities()
+		{
+            algorithms[X9ObjectIdentifiers.DHSinglePassCofactorDHSha1KdfScheme.Id] = "ECCDHWITHSHA1KDF";
+			algorithms[X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.Id] = "ECDHWITHSHA1KDF";
+			algorithms[X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id] = "ECMQVWITHSHA1KDF";
+		}
+
+        public static IBasicAgreement GetBasicAgreement(
+			DerObjectIdentifier oid)
+		{
+			return GetBasicAgreement(oid.Id);
+		}
+
+		public static IBasicAgreement GetBasicAgreement(
+			string algorithm)
+		{
+			string upper = Platform.ToUpperInvariant(algorithm);
+			string mechanism = (string) algorithms[upper];
+
+			if (mechanism == null)
+			{
+				mechanism = upper;
+			}
+
+			if (mechanism == "DH" || mechanism == "DIFFIEHELLMAN")
+				return new DHBasicAgreement();
+
+			if (mechanism == "ECDH")
+				return new ECDHBasicAgreement();
+
+            if (mechanism == "ECDHC" || mechanism == "ECCDH")
+                    return new ECDHCBasicAgreement();
+
+			if (mechanism == "ECMQV")
+				return new ECMqvBasicAgreement();
+
+			throw new SecurityUtilityException("Basic Agreement " + algorithm + " not recognised.");
+		}
+
+		public static IBasicAgreement GetBasicAgreementWithKdf(
+			DerObjectIdentifier oid,
+			string				wrapAlgorithm)
+		{
+			return GetBasicAgreementWithKdf(oid.Id, wrapAlgorithm);
+		}
+
+		public static IBasicAgreement GetBasicAgreementWithKdf(
+			string agreeAlgorithm,
+			string wrapAlgorithm)
+		{
+			string upper = Platform.ToUpperInvariant(agreeAlgorithm);
+			string mechanism = (string) algorithms[upper];
+
+			if (mechanism == null)
+			{
+				mechanism = upper;
+			}
+
+			// 'DHWITHSHA1KDF' retained for backward compatibility
+			if (mechanism == "DHWITHSHA1KDF" || mechanism == "ECDHWITHSHA1KDF")
+				return new ECDHWithKdfBasicAgreement(
+					wrapAlgorithm,
+					new ECDHKekGenerator(
+						new Sha1Digest()));
+
+			if (mechanism == "ECMQVWITHSHA1KDF")
+				return new ECMqvWithKdfBasicAgreement(
+					wrapAlgorithm,
+					new ECDHKekGenerator(
+						new Sha1Digest()));
+
+			throw new SecurityUtilityException("Basic Agreement (with KDF) " + agreeAlgorithm + " not recognised.");
+		}
+
+		public static string GetAlgorithmName(
+			DerObjectIdentifier oid)
+		{
+			return (string) algorithms[oid.Id];
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/security/CipherUtilities.cs b/bc-sharp-crypto/src/security/CipherUtilities.cs
new file mode 100644
index 0000000..de05bc9
--- /dev/null
+++ b/bc-sharp-crypto/src/security/CipherUtilities.cs
@@ -0,0 +1,755 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Agreement;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Encodings;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <remarks>
+    ///  Cipher Utility class contains methods that can not be specifically grouped into other classes.
+    /// </remarks>
+    public sealed class CipherUtilities
+    {
+        private enum CipherAlgorithm {
+            AES,
+            ARC4,
+            BLOWFISH,
+            CAMELLIA,
+            CAST5,
+            CAST6,
+            DES,
+            DESEDE,
+            ELGAMAL,
+            GOST28147,
+            HC128,
+            HC256,
+            IDEA,
+            NOEKEON,
+            PBEWITHSHAAND128BITRC4,
+            PBEWITHSHAAND40BITRC4,
+            RC2,
+            RC5,
+            RC5_64,
+            RC6,
+            RIJNDAEL,
+            RSA,
+            SALSA20,
+            SEED,
+            SERPENT,
+            SKIPJACK,
+            TEA,
+            THREEFISH_256,
+            THREEFISH_512,
+            THREEFISH_1024,
+            TNEPRES,
+            TWOFISH,
+            VMPC,
+            VMPC_KSA3,
+            XTEA,
+        };
+        
+        private enum CipherMode { ECB, NONE, CBC, CCM, CFB, CTR, CTS, EAX, GCM, GOFB, OCB, OFB, OPENPGPCFB, SIC };
+        private enum CipherPadding
+        {
+            NOPADDING,
+            RAW,
+            ISO10126PADDING,
+            ISO10126D2PADDING,
+            ISO10126_2PADDING,
+            ISO7816_4PADDING,
+            ISO9797_1PADDING,
+            ISO9796_1,
+            ISO9796_1PADDING,
+            OAEP,
+            OAEPPADDING,
+            OAEPWITHMD5ANDMGF1PADDING,
+            OAEPWITHSHA1ANDMGF1PADDING,
+            OAEPWITHSHA_1ANDMGF1PADDING,
+            OAEPWITHSHA224ANDMGF1PADDING,
+            OAEPWITHSHA_224ANDMGF1PADDING,
+            OAEPWITHSHA256ANDMGF1PADDING,
+            OAEPWITHSHA_256ANDMGF1PADDING,
+            OAEPWITHSHA384ANDMGF1PADDING,
+            OAEPWITHSHA_384ANDMGF1PADDING,
+            OAEPWITHSHA512ANDMGF1PADDING,
+            OAEPWITHSHA_512ANDMGF1PADDING,
+            PKCS1,
+            PKCS1PADDING,
+            PKCS5,
+            PKCS5PADDING,
+            PKCS7,
+            PKCS7PADDING,
+            TBCPADDING,
+            WITHCTS,
+            X923PADDING,
+            ZEROBYTEPADDING,
+        };
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static CipherUtilities()
+        {
+            // Signal to obfuscation tools not to change enum constants
+            ((CipherAlgorithm)Enums.GetArbitraryValue(typeof(CipherAlgorithm))).ToString();
+            ((CipherMode)Enums.GetArbitraryValue(typeof(CipherMode))).ToString();
+            ((CipherPadding)Enums.GetArbitraryValue(typeof(CipherPadding))).ToString();
+
+            // TODO Flesh out the list of aliases
+
+            algorithms[NistObjectIdentifiers.IdAes128Ecb.Id] = "AES/ECB/PKCS7PADDING";
+            algorithms[NistObjectIdentifiers.IdAes192Ecb.Id] = "AES/ECB/PKCS7PADDING";
+            algorithms[NistObjectIdentifiers.IdAes256Ecb.Id] = "AES/ECB/PKCS7PADDING";
+            algorithms["AES//PKCS7"] = "AES/ECB/PKCS7PADDING";
+            algorithms["AES//PKCS7PADDING"] = "AES/ECB/PKCS7PADDING";
+            algorithms["AES//PKCS5"] = "AES/ECB/PKCS7PADDING";
+            algorithms["AES//PKCS5PADDING"] = "AES/ECB/PKCS7PADDING";
+
+            algorithms[NistObjectIdentifiers.IdAes128Cbc.Id] = "AES/CBC/PKCS7PADDING";
+            algorithms[NistObjectIdentifiers.IdAes192Cbc.Id] = "AES/CBC/PKCS7PADDING";
+            algorithms[NistObjectIdentifiers.IdAes256Cbc.Id] = "AES/CBC/PKCS7PADDING";
+
+            algorithms[NistObjectIdentifiers.IdAes128Ofb.Id] = "AES/OFB/NOPADDING";
+            algorithms[NistObjectIdentifiers.IdAes192Ofb.Id] = "AES/OFB/NOPADDING";
+            algorithms[NistObjectIdentifiers.IdAes256Ofb.Id] = "AES/OFB/NOPADDING";
+
+            algorithms[NistObjectIdentifiers.IdAes128Cfb.Id] = "AES/CFB/NOPADDING";
+            algorithms[NistObjectIdentifiers.IdAes192Cfb.Id] = "AES/CFB/NOPADDING";
+            algorithms[NistObjectIdentifiers.IdAes256Cfb.Id] = "AES/CFB/NOPADDING";
+
+            algorithms["RSA/ECB/PKCS1"] = "RSA//PKCS1PADDING";
+            algorithms["RSA/ECB/PKCS1PADDING"] = "RSA//PKCS1PADDING";
+            algorithms[PkcsObjectIdentifiers.RsaEncryption.Id] = "RSA//PKCS1PADDING";
+            algorithms[PkcsObjectIdentifiers.IdRsaesOaep.Id] = "RSA//OAEPPADDING";
+
+            algorithms[OiwObjectIdentifiers.DesCbc.Id] = "DES/CBC";
+            algorithms[OiwObjectIdentifiers.DesCfb.Id] = "DES/CFB";
+            algorithms[OiwObjectIdentifiers.DesEcb.Id] = "DES/ECB";
+            algorithms[OiwObjectIdentifiers.DesOfb.Id] = "DES/OFB";
+            algorithms[OiwObjectIdentifiers.DesEde.Id] = "DESEDE";
+            algorithms["TDEA"] = "DESEDE";
+            algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "DESEDE/CBC";
+            algorithms[PkcsObjectIdentifiers.RC2Cbc.Id] = "RC2/CBC";
+            algorithms["1.3.6.1.4.1.188.7.1.1.2"] = "IDEA/CBC";
+            algorithms["1.2.840.113533.7.66.10"] = "CAST5/CBC";
+
+            algorithms["RC4"] = "ARC4";
+            algorithms["ARCFOUR"] = "ARC4";
+            algorithms["1.2.840.113549.3.4"] = "ARC4";
+
+
+
+            algorithms["PBEWITHSHA1AND128BITRC4"] = "PBEWITHSHAAND128BITRC4";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id] = "PBEWITHSHAAND128BITRC4";
+            algorithms["PBEWITHSHA1AND40BITRC4"] = "PBEWITHSHAAND40BITRC4";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id] = "PBEWITHSHAAND40BITRC4";
+
+            algorithms["PBEWITHSHA1ANDDES"] = "PBEWITHSHA1ANDDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithSha1AndDesCbc.Id] = "PBEWITHSHA1ANDDES-CBC";
+            algorithms["PBEWITHSHA1ANDRC2"] = "PBEWITHSHA1ANDRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc.Id] = "PBEWITHSHA1ANDRC2-CBC";
+
+            algorithms["PBEWITHSHA1AND3-KEYTRIPLEDES-CBC"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC";
+            algorithms["PBEWITHSHAAND3KEYTRIPLEDES"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC";
+            algorithms["PBEWITHSHA1ANDDESEDE"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC";
+
+            algorithms["PBEWITHSHA1AND2-KEYTRIPLEDES-CBC"] = "PBEWITHSHAAND2-KEYTRIPLEDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id] = "PBEWITHSHAAND2-KEYTRIPLEDES-CBC";
+
+            algorithms["PBEWITHSHA1AND128BITRC2-CBC"] = "PBEWITHSHAAND128BITRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id] = "PBEWITHSHAAND128BITRC2-CBC";
+
+            algorithms["PBEWITHSHA1AND40BITRC2-CBC"] = "PBEWITHSHAAND40BITRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id] = "PBEWITHSHAAND40BITRC2-CBC";
+
+            algorithms["PBEWITHSHA1AND128BITAES-CBC-BC"] = "PBEWITHSHAAND128BITAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND128BITAES-CBC-BC"] = "PBEWITHSHAAND128BITAES-CBC-BC";
+
+            algorithms["PBEWITHSHA1AND192BITAES-CBC-BC"] = "PBEWITHSHAAND192BITAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND192BITAES-CBC-BC"] = "PBEWITHSHAAND192BITAES-CBC-BC";
+
+            algorithms["PBEWITHSHA1AND256BITAES-CBC-BC"] = "PBEWITHSHAAND256BITAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND256BITAES-CBC-BC"] = "PBEWITHSHAAND256BITAES-CBC-BC";
+
+            algorithms["PBEWITHSHA-256AND128BITAES-CBC-BC"] = "PBEWITHSHA256AND128BITAES-CBC-BC";
+            algorithms["PBEWITHSHA-256AND192BITAES-CBC-BC"] = "PBEWITHSHA256AND192BITAES-CBC-BC";
+            algorithms["PBEWITHSHA-256AND256BITAES-CBC-BC"] = "PBEWITHSHA256AND256BITAES-CBC-BC";
+
+
+            algorithms["GOST"] = "GOST28147";
+            algorithms["GOST-28147"] = "GOST28147";
+            algorithms[CryptoProObjectIdentifiers.GostR28147Cbc.Id] = "GOST28147/CBC/PKCS7PADDING";
+
+            algorithms["RC5-32"] = "RC5";
+
+            algorithms[NttObjectIdentifiers.IdCamellia128Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING";
+            algorithms[NttObjectIdentifiers.IdCamellia192Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING";
+            algorithms[NttObjectIdentifiers.IdCamellia256Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING";
+
+            algorithms[KisaObjectIdentifiers.IdSeedCbc.Id] = "SEED/CBC/PKCS7PADDING";
+
+            algorithms["1.3.6.1.4.1.3029.1.2"] = "BLOWFISH/CBC";
+        }
+
+        private CipherUtilities()
+        {
+        }
+
+        /// <summary>
+        /// Returns a ObjectIdentifier for a give encoding.
+        /// </summary>
+        /// <param name="mechanism">A string representation of the encoding.</param>
+        /// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
+        // TODO Don't really want to support this
+        public static DerObjectIdentifier GetObjectIdentifier(
+            string mechanism)
+        {
+            if (mechanism == null)
+                throw new ArgumentNullException("mechanism");
+
+            mechanism = Platform.ToUpperInvariant(mechanism);
+            string aliased = (string) algorithms[mechanism];
+
+            if (aliased != null)
+                mechanism = aliased;
+
+            return (DerObjectIdentifier) oids[mechanism];
+        }
+
+        public static ICollection Algorithms
+        {
+            get { return oids.Keys; }
+        }
+
+        public static IBufferedCipher GetCipher(
+            DerObjectIdentifier oid)
+        {
+            return GetCipher(oid.Id);
+        }
+
+        public static IBufferedCipher GetCipher(
+            string algorithm)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            algorithm = Platform.ToUpperInvariant(algorithm);
+
+            {
+                string aliased = (string) algorithms[algorithm];
+
+                if (aliased != null)
+                    algorithm = aliased;
+            }
+
+            IBasicAgreement iesAgreement = null;
+            if (algorithm == "IES")
+            {
+                iesAgreement = new DHBasicAgreement();
+            }
+            else if (algorithm == "ECIES")
+            {
+                iesAgreement = new ECDHBasicAgreement();
+            }
+
+            if (iesAgreement != null)
+            {
+                return new BufferedIesCipher(
+                    new IesEngine(
+                    iesAgreement,
+                    new Kdf2BytesGenerator(
+                    new Sha1Digest()),
+                    new HMac(
+                    new Sha1Digest())));
+            }
+
+
+
+            if (Platform.StartsWith(algorithm, "PBE"))
+            {
+                if (Platform.EndsWith(algorithm, "-CBC"))
+                {
+                    if (algorithm == "PBEWITHSHA1ANDDES-CBC")
+                    {
+                        return new PaddedBufferedBlockCipher(
+                            new CbcBlockCipher(new DesEngine()));
+                    }
+                    else if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
+                    {
+                        return new PaddedBufferedBlockCipher(
+                            new CbcBlockCipher(new RC2Engine()));
+                    }
+                    else if (Strings.IsOneOf(algorithm,
+                        "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
+                    {
+                        return new PaddedBufferedBlockCipher(
+                            new CbcBlockCipher(new DesEdeEngine()));
+                    }
+                    else if (Strings.IsOneOf(algorithm,
+                        "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
+                    {
+                        return new PaddedBufferedBlockCipher(
+                            new CbcBlockCipher(new RC2Engine()));
+                    }
+                }
+                else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
+                {
+                    if (Strings.IsOneOf(algorithm,
+                        "PBEWITHSHAAND128BITAES-CBC-BC",
+                        "PBEWITHSHAAND192BITAES-CBC-BC",
+                        "PBEWITHSHAAND256BITAES-CBC-BC",
+                        "PBEWITHSHA256AND128BITAES-CBC-BC",
+                        "PBEWITHSHA256AND192BITAES-CBC-BC",
+                        "PBEWITHSHA256AND256BITAES-CBC-BC",
+                        "PBEWITHMD5AND128BITAES-CBC-OPENSSL",
+                        "PBEWITHMD5AND192BITAES-CBC-OPENSSL",
+                        "PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
+                    {
+                        return new PaddedBufferedBlockCipher(
+                            new CbcBlockCipher(new AesEngine()));
+                    }
+                }
+            }
+
+
+
+            string[] parts = algorithm.Split('/');
+
+            IBlockCipher blockCipher = null;
+            IAsymmetricBlockCipher asymBlockCipher = null;
+            IStreamCipher streamCipher = null;
+
+            string algorithmName = parts[0];
+
+            {
+                string aliased = (string)algorithms[algorithmName];
+
+                if (aliased != null)
+                    algorithmName = aliased;
+            }
+
+            CipherAlgorithm cipherAlgorithm;
+            try
+            {
+                cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName);
+            }
+            catch (ArgumentException)
+            {
+                throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+            }
+
+            switch (cipherAlgorithm)
+            {
+                case CipherAlgorithm.AES:
+                    blockCipher = new AesEngine();
+                    break;
+                case CipherAlgorithm.ARC4:
+                    streamCipher = new RC4Engine();
+                    break;
+                case CipherAlgorithm.BLOWFISH:
+                    blockCipher = new BlowfishEngine();
+                    break;
+                case CipherAlgorithm.CAMELLIA:
+                    blockCipher = new CamelliaEngine();
+                    break;
+                case CipherAlgorithm.CAST5:
+                    blockCipher = new Cast5Engine();
+                    break;
+                case CipherAlgorithm.CAST6:
+                    blockCipher = new Cast6Engine();
+                    break;
+                case CipherAlgorithm.DES:
+                    blockCipher = new DesEngine();
+                    break;
+                case CipherAlgorithm.DESEDE:
+                    blockCipher = new DesEdeEngine();
+                    break;
+                case CipherAlgorithm.ELGAMAL:
+                    asymBlockCipher = new ElGamalEngine();
+                    break;
+                case CipherAlgorithm.GOST28147:
+                    blockCipher = new Gost28147Engine();
+                    break;
+                case CipherAlgorithm.HC128:
+                    streamCipher = new HC128Engine();
+                    break;
+                case CipherAlgorithm.HC256:
+                    streamCipher = new HC256Engine();
+                    break;
+                case CipherAlgorithm.IDEA:
+                    blockCipher = new IdeaEngine();
+                    break;
+                case CipherAlgorithm.NOEKEON:
+                    blockCipher = new NoekeonEngine();
+                    break;
+                case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
+                case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
+                    streamCipher = new RC4Engine();
+                    break;
+                case CipherAlgorithm.RC2:
+                    blockCipher = new RC2Engine();
+                    break;
+                case CipherAlgorithm.RC5:
+                    blockCipher = new RC532Engine();
+                    break;
+                case CipherAlgorithm.RC5_64:
+                    blockCipher = new RC564Engine();
+                    break;
+                case CipherAlgorithm.RC6:
+                    blockCipher = new RC6Engine();
+                    break;
+                case CipherAlgorithm.RIJNDAEL:
+                    blockCipher = new RijndaelEngine();
+                    break;
+                case CipherAlgorithm.RSA:
+                    asymBlockCipher = new RsaBlindedEngine();
+                    break;
+                case CipherAlgorithm.SALSA20:
+                    streamCipher = new Salsa20Engine();
+                    break;
+                case CipherAlgorithm.SEED:
+                    blockCipher = new SeedEngine();
+                    break;
+                case CipherAlgorithm.SERPENT:
+                    blockCipher = new SerpentEngine();
+                    break;
+                case CipherAlgorithm.SKIPJACK:
+                    blockCipher = new SkipjackEngine();
+                    break;
+                case CipherAlgorithm.TEA:
+                    blockCipher = new TeaEngine();
+                    break;
+                case CipherAlgorithm.THREEFISH_256:
+                    blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
+                    break;
+                case CipherAlgorithm.THREEFISH_512:
+                    blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
+                    break;
+                case CipherAlgorithm.THREEFISH_1024:
+                    blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
+                    break;
+                case CipherAlgorithm.TNEPRES:
+                    blockCipher = new TnepresEngine();
+                    break;
+                case CipherAlgorithm.TWOFISH:
+                    blockCipher = new TwofishEngine();
+                    break;
+                case CipherAlgorithm.VMPC:
+                    streamCipher = new VmpcEngine();
+                    break;
+                case CipherAlgorithm.VMPC_KSA3:
+                    streamCipher = new VmpcKsa3Engine();
+                    break;
+                case CipherAlgorithm.XTEA:
+                    blockCipher = new XteaEngine();
+                    break;
+                default:
+                    throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+            }
+
+            if (streamCipher != null)
+            {
+                if (parts.Length > 1)
+                    throw new ArgumentException("Modes and paddings not used for stream ciphers");
+
+                return new BufferedStreamCipher(streamCipher);
+            }
+
+
+            bool cts = false;
+            bool padded = true;
+            IBlockCipherPadding padding = null;
+            IAeadBlockCipher aeadBlockCipher = null;
+
+            if (parts.Length > 2)
+            {
+                if (streamCipher != null)
+                    throw new ArgumentException("Paddings not used for stream ciphers");
+
+                string paddingName = parts[2];
+
+                CipherPadding cipherPadding;
+                if (paddingName == "")
+                {
+                    cipherPadding = CipherPadding.RAW;
+                }
+                else if (paddingName == "X9.23PADDING")
+                {
+                    cipherPadding = CipherPadding.X923PADDING;
+                }
+                else
+                {
+                    try
+                    {
+                        cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName);
+                    }
+                    catch (ArgumentException)
+                    {
+                        throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+                    }
+                }
+
+                switch (cipherPadding)
+                {
+                    case CipherPadding.NOPADDING:
+                        padded = false;
+                        break;
+                    case CipherPadding.RAW:
+                        break;
+                    case CipherPadding.ISO10126PADDING:
+                    case CipherPadding.ISO10126D2PADDING:
+                    case CipherPadding.ISO10126_2PADDING:
+                        padding = new ISO10126d2Padding();
+                        break;
+                    case CipherPadding.ISO7816_4PADDING:
+                    case CipherPadding.ISO9797_1PADDING:
+                        padding = new ISO7816d4Padding();
+                        break;
+                    case CipherPadding.ISO9796_1:
+                    case CipherPadding.ISO9796_1PADDING:
+                        asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
+                        break;
+                    case CipherPadding.OAEP:
+                    case CipherPadding.OAEPPADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher);
+                        break;
+                    case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
+                        break;
+                    case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
+                    case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
+                        break;
+                    case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
+                    case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
+                        break;
+                    case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
+                    case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
+                        break;
+                    case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
+                    case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
+                        break;
+                    case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
+                    case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
+                        asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
+                        break;
+                    case CipherPadding.PKCS1:
+                    case CipherPadding.PKCS1PADDING:
+                        asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
+                        break;
+                    case CipherPadding.PKCS5:
+                    case CipherPadding.PKCS5PADDING:
+                    case CipherPadding.PKCS7:
+                    case CipherPadding.PKCS7PADDING:
+                        padding = new Pkcs7Padding();
+                        break;
+                    case CipherPadding.TBCPADDING:
+                        padding = new TbcPadding();
+                        break;
+                    case CipherPadding.WITHCTS:
+                        cts = true;
+                        break;
+                    case CipherPadding.X923PADDING:
+                        padding = new X923Padding();
+                        break;
+                    case CipherPadding.ZEROBYTEPADDING:
+                        padding = new ZeroBytePadding();
+                        break;
+                    default:
+                        throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+                }
+            }
+
+            string mode = "";
+            if (parts.Length > 1)
+            {
+                mode = parts[1];
+
+                int di = GetDigitIndex(mode);
+                string modeName = di >= 0 ? mode.Substring(0, di) : mode;
+
+                try
+                {
+                    CipherMode cipherMode = modeName == ""
+                        ? CipherMode.NONE
+                        : (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName);
+
+                    switch (cipherMode)
+                    {
+                        case CipherMode.ECB:
+                        case CipherMode.NONE:
+                            break;
+                        case CipherMode.CBC:
+                            blockCipher = new CbcBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.CCM:
+                            aeadBlockCipher = new CcmBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.CFB:
+                        {
+                            int bits = (di < 0)
+                                ?	8 * blockCipher.GetBlockSize()
+                                :	int.Parse(mode.Substring(di));
+    
+                            blockCipher = new CfbBlockCipher(blockCipher, bits);
+                            break;
+                        }
+                        case CipherMode.CTR:
+                            blockCipher = new SicBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.CTS:
+                            cts = true;
+                            blockCipher = new CbcBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.EAX:
+                            aeadBlockCipher = new EaxBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.GCM:
+                            aeadBlockCipher = new GcmBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.GOFB:
+                            blockCipher = new GOfbBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.OCB:
+                            aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
+                            break;
+                        case CipherMode.OFB:
+                        {
+                            int bits = (di < 0)
+                                ?	8 * blockCipher.GetBlockSize()
+                                :	int.Parse(mode.Substring(di));
+    
+                            blockCipher = new OfbBlockCipher(blockCipher, bits);
+                            break;
+                        }
+                        case CipherMode.OPENPGPCFB:
+                            blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
+                            break;
+                        case CipherMode.SIC:
+                            if (blockCipher.GetBlockSize() < 16)
+                            {
+                                throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
+                            }
+                            blockCipher = new SicBlockCipher(blockCipher);
+                            break;
+                        default:
+                            throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+                    }
+                }
+                catch (ArgumentException)
+                {
+                    throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+                }
+            }
+
+            if (aeadBlockCipher != null)
+            {
+                if (cts)
+                    throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
+                if (padded && parts.Length > 2 && parts[2] != "")
+                    throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
+
+                return new BufferedAeadBlockCipher(aeadBlockCipher);
+            }
+
+            if (blockCipher != null)
+            {
+                if (cts)
+                {
+                    return new CtsBlockCipher(blockCipher);
+                }
+
+                if (padding != null)
+                {
+                    return new PaddedBufferedBlockCipher(blockCipher, padding);
+                }
+
+                if (!padded || blockCipher.IsPartialBlockOkay)
+                {
+                    return new BufferedBlockCipher(blockCipher);
+                }
+
+                return new PaddedBufferedBlockCipher(blockCipher);
+            }
+
+            if (asymBlockCipher != null)
+            {
+                return new BufferedAsymmetricBlockCipher(asymBlockCipher);
+            }
+
+            throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
+        }
+
+        public static string GetAlgorithmName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+
+        private static int GetDigitIndex(
+            string s)
+        {
+            for (int i = 0; i < s.Length; ++i)
+            {
+                if (char.IsDigit(s[i]))
+                    return i;
+            }
+
+            return -1;
+        }
+
+        private static IBlockCipher CreateBlockCipher(CipherAlgorithm cipherAlgorithm)
+        {
+            switch (cipherAlgorithm)
+            {
+                case CipherAlgorithm.AES: return new AesEngine();
+                case CipherAlgorithm.BLOWFISH: return new BlowfishEngine();
+                case CipherAlgorithm.CAMELLIA: return new CamelliaEngine();
+                case CipherAlgorithm.CAST5: return new Cast5Engine();
+                case CipherAlgorithm.CAST6: return new Cast6Engine();
+                case CipherAlgorithm.DES: return new DesEngine();
+                case CipherAlgorithm.DESEDE: return new DesEdeEngine();
+                case CipherAlgorithm.GOST28147: return new Gost28147Engine();
+                case CipherAlgorithm.IDEA: return new IdeaEngine();
+                case CipherAlgorithm.NOEKEON: return new NoekeonEngine();
+                case CipherAlgorithm.RC2: return new RC2Engine();
+                case CipherAlgorithm.RC5: return new RC532Engine();
+                case CipherAlgorithm.RC5_64: return new RC564Engine();
+                case CipherAlgorithm.RC6: return new RC6Engine();
+                case CipherAlgorithm.RIJNDAEL: return new RijndaelEngine();
+                case CipherAlgorithm.SEED: return new SeedEngine();
+                case CipherAlgorithm.SERPENT: return new SerpentEngine();
+                case CipherAlgorithm.SKIPJACK: return new SkipjackEngine();
+                case CipherAlgorithm.TEA: return new TeaEngine();
+                case CipherAlgorithm.THREEFISH_256: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
+                case CipherAlgorithm.THREEFISH_512: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
+                case CipherAlgorithm.THREEFISH_1024: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
+                case CipherAlgorithm.TNEPRES: return new TnepresEngine();
+                case CipherAlgorithm.TWOFISH: return new TwofishEngine();
+                case CipherAlgorithm.XTEA: return new XteaEngine();
+                default:
+                    throw new SecurityUtilityException("Cipher " + cipherAlgorithm + " not recognised or not a block cipher");
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/DigestUtilities.cs b/bc-sharp-crypto/src/security/DigestUtilities.cs
new file mode 100644
index 0000000..7ddf6c8
--- /dev/null
+++ b/bc-sharp-crypto/src/security/DigestUtilities.cs
@@ -0,0 +1,222 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <remarks>
+    ///  Utility class for creating IDigest objects from their names/Oids
+    /// </remarks>
+    public sealed class DigestUtilities
+    {
+        private enum DigestAlgorithm {
+            GOST3411,
+            KECCAK_224, KECCAK_256, KECCAK_288, KECCAK_384, KECCAK_512,
+            MD2, MD4, MD5,
+            RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320,
+            SHA_1, SHA_224, SHA_256, SHA_384, SHA_512,
+            SHA_512_224, SHA_512_256,
+            SHA3_224, SHA3_256, SHA3_384, SHA3_512,
+            SHAKE128, SHAKE256,
+            TIGER,
+            WHIRLPOOL,
+        };
+
+        private DigestUtilities()
+        {
+        }
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static DigestUtilities()
+        {
+            // Signal to obfuscation tools not to change enum constants
+            ((DigestAlgorithm)Enums.GetArbitraryValue(typeof(DigestAlgorithm))).ToString();
+
+            algorithms[PkcsObjectIdentifiers.MD2.Id] = "MD2";
+            algorithms[PkcsObjectIdentifiers.MD4.Id] = "MD4";
+            algorithms[PkcsObjectIdentifiers.MD5.Id] = "MD5";
+
+            algorithms["SHA1"] = "SHA-1";
+            algorithms[OiwObjectIdentifiers.IdSha1.Id] = "SHA-1";
+            algorithms["SHA224"] = "SHA-224";
+            algorithms[NistObjectIdentifiers.IdSha224.Id] = "SHA-224";
+            algorithms["SHA256"] = "SHA-256";
+            algorithms[NistObjectIdentifiers.IdSha256.Id] = "SHA-256";
+            algorithms["SHA384"] = "SHA-384";
+            algorithms[NistObjectIdentifiers.IdSha384.Id] = "SHA-384";
+            algorithms["SHA512"] = "SHA-512";
+            algorithms[NistObjectIdentifiers.IdSha512.Id] = "SHA-512";
+            algorithms["SHA512/224"] = "SHA-512/224";
+            algorithms[NistObjectIdentifiers.IdSha512_224.Id] = "SHA-512/224";
+            algorithms["SHA512/256"] = "SHA-512/256";
+            algorithms[NistObjectIdentifiers.IdSha512_256.Id] = "SHA-512/256";
+
+            algorithms["RIPEMD-128"] = "RIPEMD128";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "RIPEMD128";
+            algorithms["RIPEMD-160"] = "RIPEMD160";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD160.Id] = "RIPEMD160";
+            algorithms["RIPEMD-256"] = "RIPEMD256";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD256.Id] = "RIPEMD256";
+            algorithms["RIPEMD-320"] = "RIPEMD320";
+//			algorithms[TeleTrusTObjectIdentifiers.RipeMD320.Id] = "RIPEMD320";
+
+            algorithms[CryptoProObjectIdentifiers.GostR3411.Id] = "GOST3411";
+
+            algorithms[NistObjectIdentifiers.IdSha3_224.Id] = "SHA3-224";
+            algorithms[NistObjectIdentifiers.IdSha3_256.Id] = "SHA3-256";
+            algorithms[NistObjectIdentifiers.IdSha3_384.Id] = "SHA3-384";
+            algorithms[NistObjectIdentifiers.IdSha3_512.Id] = "SHA3-512";
+            algorithms[NistObjectIdentifiers.IdShake128.Id] = "SHAKE128";
+            algorithms[NistObjectIdentifiers.IdShake256.Id] = "SHAKE256";
+
+            oids["MD2"] = PkcsObjectIdentifiers.MD2;
+            oids["MD4"] = PkcsObjectIdentifiers.MD4;
+            oids["MD5"] = PkcsObjectIdentifiers.MD5;
+            oids["SHA-1"] = OiwObjectIdentifiers.IdSha1;
+            oids["SHA-224"] = NistObjectIdentifiers.IdSha224;
+            oids["SHA-256"] = NistObjectIdentifiers.IdSha256;
+            oids["SHA-384"] = NistObjectIdentifiers.IdSha384;
+            oids["SHA-512"] = NistObjectIdentifiers.IdSha512;
+            oids["SHA-512/224"] = NistObjectIdentifiers.IdSha512_224;
+            oids["SHA-512/256"] = NistObjectIdentifiers.IdSha512_256;
+            oids["SHA3-224"] = NistObjectIdentifiers.IdSha3_224;
+            oids["SHA3-256"] = NistObjectIdentifiers.IdSha3_256;
+            oids["SHA3-384"] = NistObjectIdentifiers.IdSha3_384;
+            oids["SHA3-512"] = NistObjectIdentifiers.IdSha3_512;
+            oids["SHAKE128"] = NistObjectIdentifiers.IdShake128;
+            oids["SHAKE256"] = NistObjectIdentifiers.IdShake256;
+            oids["RIPEMD128"] = TeleTrusTObjectIdentifiers.RipeMD128;
+            oids["RIPEMD160"] = TeleTrusTObjectIdentifiers.RipeMD160;
+            oids["RIPEMD256"] = TeleTrusTObjectIdentifiers.RipeMD256;
+            oids["GOST3411"] = CryptoProObjectIdentifiers.GostR3411;
+        }
+
+        /// <summary>
+        /// Returns a ObjectIdentifier for a given digest mechanism.
+        /// </summary>
+        /// <param name="mechanism">A string representation of the digest meanism.</param>
+        /// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
+
+        public static DerObjectIdentifier GetObjectIdentifier(
+            string mechanism)
+        {
+            if (mechanism == null)
+                throw new System.ArgumentNullException("mechanism");
+
+            mechanism = Platform.ToUpperInvariant(mechanism);
+            string aliased = (string) algorithms[mechanism];
+
+            if (aliased != null)
+                mechanism = aliased;
+
+            return (DerObjectIdentifier) oids[mechanism];
+        }
+
+        public static ICollection Algorithms
+        {
+            get { return oids.Keys; }
+        }
+
+        public static IDigest GetDigest(
+            DerObjectIdentifier id)
+        {
+            return GetDigest(id.Id);
+        }
+
+        public static IDigest GetDigest(
+            string algorithm)
+        {
+            string upper = Platform.ToUpperInvariant(algorithm);
+            string mechanism = (string) algorithms[upper];
+
+            if (mechanism == null)
+            {
+                mechanism = upper;
+            }
+
+            try
+            {
+                DigestAlgorithm digestAlgorithm = (DigestAlgorithm)Enums.GetEnumValue(
+                    typeof(DigestAlgorithm), mechanism);
+
+                switch (digestAlgorithm)
+                {
+                    case DigestAlgorithm.GOST3411:      return new Gost3411Digest();
+                    case DigestAlgorithm.KECCAK_224:    return new KeccakDigest(224);
+                    case DigestAlgorithm.KECCAK_256:    return new KeccakDigest(256);
+                    case DigestAlgorithm.KECCAK_288:    return new KeccakDigest(288);
+                    case DigestAlgorithm.KECCAK_384:    return new KeccakDigest(384);
+                    case DigestAlgorithm.KECCAK_512:    return new KeccakDigest(512);
+                    case DigestAlgorithm.MD2:           return new MD2Digest();
+                    case DigestAlgorithm.MD4:		    return new MD4Digest();
+                    case DigestAlgorithm.MD5:		    return new MD5Digest();
+                    case DigestAlgorithm.RIPEMD128:	    return new RipeMD128Digest();
+                    case DigestAlgorithm.RIPEMD160:	    return new RipeMD160Digest();
+                    case DigestAlgorithm.RIPEMD256:	    return new RipeMD256Digest();
+                    case DigestAlgorithm.RIPEMD320:	    return new RipeMD320Digest();
+                    case DigestAlgorithm.SHA_1:		    return new Sha1Digest();
+                    case DigestAlgorithm.SHA_224:	    return new Sha224Digest();
+                    case DigestAlgorithm.SHA_256:	    return new Sha256Digest();
+                    case DigestAlgorithm.SHA_384:	    return new Sha384Digest();
+                    case DigestAlgorithm.SHA_512:	    return new Sha512Digest();
+                    case DigestAlgorithm.SHA_512_224:   return new Sha512tDigest(224);
+                    case DigestAlgorithm.SHA_512_256:   return new Sha512tDigest(256);
+                    case DigestAlgorithm.SHA3_224:      return new Sha3Digest(224);
+                    case DigestAlgorithm.SHA3_256:      return new Sha3Digest(256);
+                    case DigestAlgorithm.SHA3_384:      return new Sha3Digest(384);
+                    case DigestAlgorithm.SHA3_512:      return new Sha3Digest(512);
+                    case DigestAlgorithm.SHAKE128:      return new ShakeDigest(128);
+                    case DigestAlgorithm.SHAKE256:      return new ShakeDigest(256);
+                    case DigestAlgorithm.TIGER:         return new TigerDigest();
+                    case DigestAlgorithm.WHIRLPOOL:     return new WhirlpoolDigest();
+                }
+            }
+            catch (ArgumentException)
+            {
+            }
+
+            throw new SecurityUtilityException("Digest " + mechanism + " not recognised.");
+        }
+
+        public static string GetAlgorithmName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+
+        public static byte[] CalculateDigest(string algorithm, byte[] input)
+        {
+            IDigest digest = GetDigest(algorithm);
+            digest.BlockUpdate(input, 0, input.Length);
+            return DoFinal(digest);
+        }
+
+        public static byte[] DoFinal(
+            IDigest digest)
+        {
+            byte[] b = new byte[digest.GetDigestSize()];
+            digest.DoFinal(b, 0);
+            return b;
+        }
+
+        public static byte[] DoFinal(
+            IDigest	digest,
+            byte[]	input)
+        {
+            digest.BlockUpdate(input, 0, input.Length);
+            return DoFinal(digest);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/DotNetUtilities.cs b/bc-sharp-crypto/src/security/DotNetUtilities.cs
new file mode 100644
index 0000000..69322b5
--- /dev/null
+++ b/bc-sharp-crypto/src/security/DotNetUtilities.cs
@@ -0,0 +1,245 @@
+#if !(NETCF_1_0 || SILVERLIGHT || PORTABLE)
+
+using System;
+using System.Security.Cryptography;
+using SystemX509 = System.Security.Cryptography.X509Certificates;
+
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Security
+{
+	/// <summary>
+	/// A class containing methods to interface the BouncyCastle world to the .NET Crypto world.
+	/// </summary>
+	public sealed class DotNetUtilities
+	{
+		private DotNetUtilities()
+		{
+		}
+
+		/// <summary>
+		/// Create an System.Security.Cryptography.X509Certificate from an X509Certificate Structure.
+		/// </summary>
+		/// <param name="x509Struct"></param>
+		/// <returns>A System.Security.Cryptography.X509Certificate.</returns>
+		public static SystemX509.X509Certificate ToX509Certificate(
+			X509CertificateStructure x509Struct)
+		{
+			return new SystemX509.X509Certificate(x509Struct.GetDerEncoded());
+		}
+
+		public static SystemX509.X509Certificate ToX509Certificate(
+			X509Certificate x509Cert)
+		{
+			return new SystemX509.X509Certificate(x509Cert.GetEncoded());
+		}
+
+		public static X509Certificate FromX509Certificate(
+			SystemX509.X509Certificate x509Cert)
+		{
+			return new X509CertificateParser().ReadCertificate(x509Cert.GetRawCertData());
+		}
+
+		public static AsymmetricCipherKeyPair GetDsaKeyPair(
+			DSA dsa)
+		{
+			return GetDsaKeyPair(dsa.ExportParameters(true));
+		}
+
+		public static AsymmetricCipherKeyPair GetDsaKeyPair(
+			DSAParameters dp)
+		{
+			DsaValidationParameters validationParameters = (dp.Seed != null)
+				?	new DsaValidationParameters(dp.Seed, dp.Counter)
+				:	null;
+
+			DsaParameters parameters = new DsaParameters(
+				new BigInteger(1, dp.P),
+				new BigInteger(1, dp.Q),
+				new BigInteger(1, dp.G),
+				validationParameters);
+
+			DsaPublicKeyParameters pubKey = new DsaPublicKeyParameters(
+				new BigInteger(1, dp.Y),
+				parameters);
+
+			DsaPrivateKeyParameters privKey = new DsaPrivateKeyParameters(
+				new BigInteger(1, dp.X),
+				parameters);
+
+			return new AsymmetricCipherKeyPair(pubKey, privKey);
+		}
+
+		public static DsaPublicKeyParameters GetDsaPublicKey(
+			DSA dsa)
+		{
+			return GetDsaPublicKey(dsa.ExportParameters(false));
+		}
+
+		public static DsaPublicKeyParameters GetDsaPublicKey(
+			DSAParameters dp)
+		{
+			DsaValidationParameters validationParameters = (dp.Seed != null)
+				?	new DsaValidationParameters(dp.Seed, dp.Counter)
+				:	null;
+
+			DsaParameters parameters = new DsaParameters(
+				new BigInteger(1, dp.P),
+				new BigInteger(1, dp.Q),
+				new BigInteger(1, dp.G),
+				validationParameters);
+
+			return new DsaPublicKeyParameters(
+				new BigInteger(1, dp.Y),
+				parameters);
+		}
+
+		public static AsymmetricCipherKeyPair GetRsaKeyPair(
+			RSA rsa)
+		{
+			return GetRsaKeyPair(rsa.ExportParameters(true));
+		}
+
+		public static AsymmetricCipherKeyPair GetRsaKeyPair(
+			RSAParameters rp)
+		{
+			BigInteger modulus = new BigInteger(1, rp.Modulus);
+			BigInteger pubExp = new BigInteger(1, rp.Exponent);
+
+			RsaKeyParameters pubKey = new RsaKeyParameters(
+				false,
+				modulus,
+				pubExp);
+
+			RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters(
+				modulus,
+				pubExp,
+				new BigInteger(1, rp.D),
+				new BigInteger(1, rp.P),
+				new BigInteger(1, rp.Q),
+				new BigInteger(1, rp.DP),
+				new BigInteger(1, rp.DQ),
+				new BigInteger(1, rp.InverseQ));
+
+			return new AsymmetricCipherKeyPair(pubKey, privKey);
+		}
+
+		public static RsaKeyParameters GetRsaPublicKey(
+			RSA rsa)
+		{
+			return GetRsaPublicKey(rsa.ExportParameters(false));
+		}
+
+		public static RsaKeyParameters GetRsaPublicKey(
+			RSAParameters rp)
+		{
+			return new RsaKeyParameters(
+				false,
+				new BigInteger(1, rp.Modulus),
+				new BigInteger(1, rp.Exponent));
+		}
+
+		public static AsymmetricCipherKeyPair GetKeyPair(AsymmetricAlgorithm privateKey)
+		{
+			if (privateKey is DSA)
+			{
+				return GetDsaKeyPair((DSA)privateKey);
+			}
+
+			if (privateKey is RSA)
+			{
+				return GetRsaKeyPair((RSA)privateKey);
+			}
+
+			throw new ArgumentException("Unsupported algorithm specified", "privateKey");
+		}
+
+		public static RSA ToRSA(RsaKeyParameters rsaKey)
+		{
+            // TODO This appears to not work for private keys (when no CRT info)
+            return CreateRSAProvider(ToRSAParameters(rsaKey));
+        }
+
+		public static RSA ToRSA(RsaPrivateCrtKeyParameters privKey)
+		{
+            return CreateRSAProvider(ToRSAParameters(privKey));
+        }
+
+        public static RSA ToRSA(RsaPrivateKeyStructure privKey)
+        {
+            return CreateRSAProvider(ToRSAParameters(privKey));
+        }
+
+        public static RSAParameters ToRSAParameters(RsaKeyParameters rsaKey)
+		{
+			RSAParameters rp = new RSAParameters();
+			rp.Modulus = rsaKey.Modulus.ToByteArrayUnsigned();
+			if (rsaKey.IsPrivate)
+				rp.D = ConvertRSAParametersField(rsaKey.Exponent, rp.Modulus.Length);
+			else
+				rp.Exponent = rsaKey.Exponent.ToByteArrayUnsigned();
+			return rp;
+		}
+
+		public static RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters privKey)
+		{
+			RSAParameters rp = new RSAParameters();
+			rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
+			rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
+			rp.P = privKey.P.ToByteArrayUnsigned();
+			rp.Q = privKey.Q.ToByteArrayUnsigned();
+			rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
+			rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
+			rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
+			rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
+			return rp;
+		}
+
+        public static RSAParameters ToRSAParameters(RsaPrivateKeyStructure privKey)
+        {
+            RSAParameters rp = new RSAParameters();
+            rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
+            rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
+            rp.P = privKey.Prime1.ToByteArrayUnsigned();
+            rp.Q = privKey.Prime2.ToByteArrayUnsigned();
+            rp.D = ConvertRSAParametersField(privKey.PrivateExponent, rp.Modulus.Length);
+            rp.DP = ConvertRSAParametersField(privKey.Exponent1, rp.P.Length);
+            rp.DQ = ConvertRSAParametersField(privKey.Exponent2, rp.Q.Length);
+            rp.InverseQ = ConvertRSAParametersField(privKey.Coefficient, rp.Q.Length);
+            return rp;
+        }
+
+        // TODO Move functionality to more general class
+		private static byte[] ConvertRSAParametersField(BigInteger n, int size)
+		{
+			byte[] bs = n.ToByteArrayUnsigned();
+
+			if (bs.Length == size)
+				return bs;
+
+			if (bs.Length > size)
+				throw new ArgumentException("Specified size too small", "size");
+
+			byte[] padded = new byte[size];
+			Array.Copy(bs, 0, padded, size - bs.Length, bs.Length);
+			return padded;
+		}
+
+        private static RSA CreateRSAProvider(RSAParameters rp)
+        {
+            CspParameters csp = new CspParameters();
+            csp.KeyContainerName = string.Format("BouncyCastle-{0}", Guid.NewGuid());
+            RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp);
+            rsaCsp.ImportParameters(rp);
+            return rsaCsp;
+        }
+	}
+}
+
+#endif
diff --git a/bc-sharp-crypto/src/security/GeneralSecurityException.cs b/bc-sharp-crypto/src/security/GeneralSecurityException.cs
new file mode 100644
index 0000000..d4ab38c
--- /dev/null
+++ b/bc-sharp-crypto/src/security/GeneralSecurityException.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class GeneralSecurityException
+		: Exception
+	{
+		public GeneralSecurityException()
+			: base()
+		{
+		}
+
+		public GeneralSecurityException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public GeneralSecurityException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/security/GeneratorUtilities.cs b/bc-sharp-crypto/src/security/GeneratorUtilities.cs
new file mode 100644
index 0000000..3beebd0
--- /dev/null
+++ b/bc-sharp-crypto/src/security/GeneratorUtilities.cs
@@ -0,0 +1,352 @@
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Iana;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Security
+{
+    public sealed class GeneratorUtilities
+    {
+        private GeneratorUtilities()
+        {
+        }
+
+        private static readonly IDictionary kgAlgorithms = Platform.CreateHashtable();
+        private static readonly IDictionary kpgAlgorithms = Platform.CreateHashtable();
+        private static readonly IDictionary defaultKeySizes = Platform.CreateHashtable();
+
+        static GeneratorUtilities()
+        {
+            //
+            // key generators.
+            //
+            AddKgAlgorithm("AES",
+                "AESWRAP");
+            AddKgAlgorithm("AES128",
+                "2.16.840.1.101.3.4.2",
+                NistObjectIdentifiers.IdAes128Cbc,
+                NistObjectIdentifiers.IdAes128Cfb,
+                NistObjectIdentifiers.IdAes128Ecb,
+                NistObjectIdentifiers.IdAes128Ofb,
+                NistObjectIdentifiers.IdAes128Wrap);
+            AddKgAlgorithm("AES192",
+                "2.16.840.1.101.3.4.22",
+                NistObjectIdentifiers.IdAes192Cbc,
+                NistObjectIdentifiers.IdAes192Cfb,
+                NistObjectIdentifiers.IdAes192Ecb,
+                NistObjectIdentifiers.IdAes192Ofb,
+                NistObjectIdentifiers.IdAes192Wrap);
+            AddKgAlgorithm("AES256",
+                "2.16.840.1.101.3.4.42",
+                NistObjectIdentifiers.IdAes256Cbc,
+                NistObjectIdentifiers.IdAes256Cfb,
+                NistObjectIdentifiers.IdAes256Ecb,
+                NistObjectIdentifiers.IdAes256Ofb,
+                NistObjectIdentifiers.IdAes256Wrap);
+            AddKgAlgorithm("BLOWFISH",
+                "1.3.6.1.4.1.3029.1.2");
+            AddKgAlgorithm("CAMELLIA",
+                "CAMELLIAWRAP");
+            AddKgAlgorithm("CAMELLIA128",
+                NttObjectIdentifiers.IdCamellia128Cbc,
+                NttObjectIdentifiers.IdCamellia128Wrap);
+            AddKgAlgorithm("CAMELLIA192",
+                NttObjectIdentifiers.IdCamellia192Cbc,
+                NttObjectIdentifiers.IdCamellia192Wrap);
+            AddKgAlgorithm("CAMELLIA256",
+                NttObjectIdentifiers.IdCamellia256Cbc,
+                NttObjectIdentifiers.IdCamellia256Wrap);
+            AddKgAlgorithm("CAST5",
+                "1.2.840.113533.7.66.10");
+            AddKgAlgorithm("CAST6");
+            AddKgAlgorithm("DES",
+                OiwObjectIdentifiers.DesCbc,
+                OiwObjectIdentifiers.DesCfb,
+                OiwObjectIdentifiers.DesEcb,
+                OiwObjectIdentifiers.DesOfb);
+            AddKgAlgorithm("DESEDE",
+                "DESEDEWRAP",
+                "TDEA",
+                OiwObjectIdentifiers.DesEde);
+            AddKgAlgorithm("DESEDE3",
+                PkcsObjectIdentifiers.DesEde3Cbc,
+                PkcsObjectIdentifiers.IdAlgCms3DesWrap);
+            AddKgAlgorithm("GOST28147",
+                "GOST",
+                "GOST-28147",
+                CryptoProObjectIdentifiers.GostR28147Cbc);
+            AddKgAlgorithm("HC128");
+            AddKgAlgorithm("HC256");
+            AddKgAlgorithm("IDEA",
+                "1.3.6.1.4.1.188.7.1.1.2");
+            AddKgAlgorithm("NOEKEON");
+            AddKgAlgorithm("RC2",
+                PkcsObjectIdentifiers.RC2Cbc,
+                PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
+            AddKgAlgorithm("RC4",
+                "ARC4",
+                "1.2.840.113549.3.4");
+            AddKgAlgorithm("RC5",
+                "RC5-32");
+            AddKgAlgorithm("RC5-64");
+            AddKgAlgorithm("RC6");
+            AddKgAlgorithm("RIJNDAEL");
+            AddKgAlgorithm("SALSA20");
+            AddKgAlgorithm("SEED",
+                KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
+                KisaObjectIdentifiers.IdSeedCbc);
+            AddKgAlgorithm("SERPENT");
+            AddKgAlgorithm("SKIPJACK");
+            AddKgAlgorithm("TEA");
+            AddKgAlgorithm("THREEFISH-256");
+            AddKgAlgorithm("THREEFISH-512");
+            AddKgAlgorithm("THREEFISH-1024");
+            AddKgAlgorithm("TNEPRES");
+            AddKgAlgorithm("TWOFISH");
+            AddKgAlgorithm("VMPC");
+            AddKgAlgorithm("VMPC-KSA3");
+            AddKgAlgorithm("XTEA");
+
+            //
+            // HMac key generators
+            //
+            AddHMacKeyGenerator("MD2");
+            AddHMacKeyGenerator("MD4");
+            AddHMacKeyGenerator("MD5",
+                IanaObjectIdentifiers.HmacMD5);
+            AddHMacKeyGenerator("SHA1",
+                PkcsObjectIdentifiers.IdHmacWithSha1,
+                IanaObjectIdentifiers.HmacSha1);
+            AddHMacKeyGenerator("SHA224",
+                PkcsObjectIdentifiers.IdHmacWithSha224);
+            AddHMacKeyGenerator("SHA256",
+                PkcsObjectIdentifiers.IdHmacWithSha256);
+            AddHMacKeyGenerator("SHA384",
+                PkcsObjectIdentifiers.IdHmacWithSha384);
+            AddHMacKeyGenerator("SHA512",
+                PkcsObjectIdentifiers.IdHmacWithSha512);
+            AddHMacKeyGenerator("SHA512/224");
+            AddHMacKeyGenerator("SHA512/256");
+            AddHMacKeyGenerator("SHA3-224");
+            AddHMacKeyGenerator("SHA3-256");
+            AddHMacKeyGenerator("SHA3-384");
+            AddHMacKeyGenerator("SHA3-512");
+            AddHMacKeyGenerator("RIPEMD128");
+            AddHMacKeyGenerator("RIPEMD160",
+                IanaObjectIdentifiers.HmacRipeMD160);
+            AddHMacKeyGenerator("TIGER",
+                IanaObjectIdentifiers.HmacTiger);
+
+
+
+            //
+            // key pair generators.
+            //
+            AddKpgAlgorithm("DH",
+                "DIFFIEHELLMAN");
+            AddKpgAlgorithm("DSA");
+            AddKpgAlgorithm("EC",
+                // TODO Should this be an alias for ECDH?
+                X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme);
+            AddKpgAlgorithm("ECDH",
+                "ECIES");
+            AddKpgAlgorithm("ECDHC");
+            AddKpgAlgorithm("ECMQV",
+                X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme);
+            AddKpgAlgorithm("ECDSA");
+            AddKpgAlgorithm("ECGOST3410",
+                "ECGOST-3410",
+                "GOST-3410-2001");
+            AddKpgAlgorithm("ELGAMAL");
+            AddKpgAlgorithm("GOST3410",
+                "GOST-3410",
+                "GOST-3410-94");
+            AddKpgAlgorithm("RSA",
+                "1.2.840.113549.1.1.1");
+
+            AddDefaultKeySizeEntries(64, "DES");
+            AddDefaultKeySizeEntries(80, "SKIPJACK");
+            AddDefaultKeySizeEntries(128, "AES128", "BLOWFISH", "CAMELLIA128", "CAST5", "DESEDE",
+                "HC128", "HMACMD2", "HMACMD4", "HMACMD5", "HMACRIPEMD128", "IDEA", "NOEKEON",
+                "RC2", "RC4", "RC5", "SALSA20", "SEED", "TEA", "XTEA", "VMPC", "VMPC-KSA3");
+            AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1");
+            AddDefaultKeySizeEntries(192, "AES", "AES192", "CAMELLIA192", "DESEDE3", "HMACTIGER",
+                "RIJNDAEL", "SERPENT", "TNEPRES");
+            AddDefaultKeySizeEntries(224, "HMACSHA224", "HMACSHA512/224");
+            AddDefaultKeySizeEntries(256, "AES256", "CAMELLIA", "CAMELLIA256", "CAST6", "GOST28147",
+                "HC256", "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH");
+            AddDefaultKeySizeEntries(384, "HMACSHA384");
+            AddDefaultKeySizeEntries(512, "HMACSHA512", "THREEFISH-512");
+            AddDefaultKeySizeEntries(1024, "THREEFISH-1024");
+        }
+
+        private static void AddDefaultKeySizeEntries(int size, params string[] algorithms)
+        {
+            foreach (string algorithm in algorithms)
+            {
+                defaultKeySizes.Add(algorithm, size);
+            }
+        }
+
+        private static void AddKgAlgorithm(
+            string			canonicalName,
+            params object[] aliases)
+        {
+            kgAlgorithms[canonicalName] = canonicalName;
+
+            foreach (object alias in aliases)
+            {
+                kgAlgorithms[alias.ToString()] = canonicalName;
+            }
+        }
+
+        private static void AddKpgAlgorithm(
+            string			canonicalName,
+            params object[] aliases)
+        {
+            kpgAlgorithms[canonicalName] = canonicalName;
+
+            foreach (object alias in aliases)
+            {
+                kpgAlgorithms[alias.ToString()] = canonicalName;
+            }
+        }
+
+        private static void AddHMacKeyGenerator(
+            string			algorithm,
+            params object[]	aliases)
+        {
+            string mainName = "HMAC" + algorithm;
+
+            kgAlgorithms[mainName] = mainName;
+            kgAlgorithms["HMAC-" + algorithm] = mainName;
+            kgAlgorithms["HMAC/" + algorithm] = mainName;
+
+            foreach (object alias in aliases)
+            {
+                kgAlgorithms[alias.ToString()] = mainName;
+            }
+        }
+
+        // TODO Consider making this public
+        internal static string GetCanonicalKeyGeneratorAlgorithm(
+            string algorithm)
+        {
+            return (string) kgAlgorithms[Platform.ToUpperInvariant(algorithm)];
+        }
+
+        // TODO Consider making this public
+        internal static string GetCanonicalKeyPairGeneratorAlgorithm(
+            string algorithm)
+        {
+            return (string)kpgAlgorithms[Platform.ToUpperInvariant(algorithm)];
+        }
+
+        public static CipherKeyGenerator GetKeyGenerator(
+            DerObjectIdentifier oid)
+        {
+            return GetKeyGenerator(oid.Id);
+        }
+
+        public static CipherKeyGenerator GetKeyGenerator(
+            string algorithm)
+        {
+            string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm);
+
+            if (canonicalName == null)
+                throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
+
+            int defaultKeySize = FindDefaultKeySize(canonicalName);
+            if (defaultKeySize == -1)
+                throw new SecurityUtilityException("KeyGenerator " + algorithm
+                    + " (" + canonicalName + ") not supported.");
+
+            if (canonicalName == "DES")
+                return new DesKeyGenerator(defaultKeySize);
+
+            if (canonicalName == "DESEDE" || canonicalName == "DESEDE3")
+                return new DesEdeKeyGenerator(defaultKeySize);
+
+            return new CipherKeyGenerator(defaultKeySize);
+        }
+
+        public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
+            DerObjectIdentifier oid)
+        {
+            return GetKeyPairGenerator(oid.Id);
+        }
+
+        public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator(
+            string algorithm)
+        {
+            string canonicalName = GetCanonicalKeyPairGeneratorAlgorithm(algorithm);
+
+            if (canonicalName == null)
+                throw new SecurityUtilityException("KeyPairGenerator " + algorithm + " not recognised.");
+
+            if (canonicalName == "DH")
+                return new DHKeyPairGenerator();
+
+            if (canonicalName == "DSA")
+                return new DsaKeyPairGenerator();
+
+            // "EC", "ECDH", "ECDHC", "ECDSA", "ECGOST3410", "ECMQV"
+            if (Platform.StartsWith(canonicalName, "EC"))
+                return new ECKeyPairGenerator(canonicalName);
+
+            if (canonicalName == "ELGAMAL")
+                return new ElGamalKeyPairGenerator();
+
+            if (canonicalName == "GOST3410")
+                return new Gost3410KeyPairGenerator();
+
+            if (canonicalName == "RSA")
+                return new RsaKeyPairGenerator();
+
+            throw new SecurityUtilityException("KeyPairGenerator " + algorithm
+                + " (" + canonicalName + ") not supported.");
+        }
+
+        internal static int GetDefaultKeySize(
+            DerObjectIdentifier oid)
+        {
+            return GetDefaultKeySize(oid.Id);
+        }
+
+        internal static int GetDefaultKeySize(
+            string algorithm)
+        {
+            string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm);
+
+            if (canonicalName == null)
+                throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised.");
+
+            int defaultKeySize = FindDefaultKeySize(canonicalName);
+            if (defaultKeySize == -1)
+                throw new SecurityUtilityException("KeyGenerator " + algorithm
+                    + " (" + canonicalName + ") not supported.");
+
+            return defaultKeySize;
+        }
+
+        private static int FindDefaultKeySize(
+            string canonicalName)
+        {
+            if (!defaultKeySizes.Contains(canonicalName))
+                return -1;
+
+            return (int)defaultKeySizes[canonicalName];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/InvalidKeyException.cs b/bc-sharp-crypto/src/security/InvalidKeyException.cs
new file mode 100644
index 0000000..ebad9e3
--- /dev/null
+++ b/bc-sharp-crypto/src/security/InvalidKeyException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class InvalidKeyException : KeyException
+	{
+		public InvalidKeyException() : base() { }
+		public InvalidKeyException(string message) : base(message) { }
+		public InvalidKeyException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/InvalidParameterException.cs b/bc-sharp-crypto/src/security/InvalidParameterException.cs
new file mode 100644
index 0000000..48172f4
--- /dev/null
+++ b/bc-sharp-crypto/src/security/InvalidParameterException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class InvalidParameterException : KeyException
+	{
+		public InvalidParameterException() : base() { }
+		public InvalidParameterException(string message) : base(message) { }
+		public InvalidParameterException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/KeyException.cs b/bc-sharp-crypto/src/security/KeyException.cs
new file mode 100644
index 0000000..e19fa89
--- /dev/null
+++ b/bc-sharp-crypto/src/security/KeyException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class KeyException : GeneralSecurityException
+	{
+		public KeyException() : base() { }
+		public KeyException(string message) : base(message) { }
+		public KeyException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/MacUtilities.cs b/bc-sharp-crypto/src/security/MacUtilities.cs
new file mode 100644
index 0000000..278f3be
--- /dev/null
+++ b/bc-sharp-crypto/src/security/MacUtilities.cs
@@ -0,0 +1,256 @@
+using System;
+using System.Collections;
+using System.Globalization;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Iana;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <remarks>
+    ///  Utility class for creating HMac object from their names/Oids
+    /// </remarks>
+    public sealed class MacUtilities
+    {
+        private MacUtilities()
+        {
+        }
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        //private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static MacUtilities()
+        {
+            algorithms[IanaObjectIdentifiers.HmacMD5.Id] = "HMAC-MD5";
+            algorithms[IanaObjectIdentifiers.HmacRipeMD160.Id] = "HMAC-RIPEMD160";
+            algorithms[IanaObjectIdentifiers.HmacSha1.Id] = "HMAC-SHA1";
+            algorithms[IanaObjectIdentifiers.HmacTiger.Id] = "HMAC-TIGER";
+
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "HMAC-SHA1";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "HMAC-SHA224";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "HMAC-SHA256";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "HMAC-SHA384";
+            algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "HMAC-SHA512";
+
+            // TODO AESMAC?
+
+            algorithms["DES"] = "DESMAC";
+            algorithms["DES/CFB8"] = "DESMAC/CFB8";
+            algorithms["DES64"] = "DESMAC64";
+            algorithms["DESEDE"] = "DESEDEMAC";
+            algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "DESEDEMAC";
+            algorithms["DESEDE/CFB8"] = "DESEDEMAC/CFB8";
+            algorithms["DESISO9797MAC"] = "DESWITHISO9797";
+            algorithms["DESEDE64"] = "DESEDEMAC64";
+
+            algorithms["DESEDE64WITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING";
+            algorithms["DESEDEISO9797ALG1MACWITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING";
+            algorithms["DESEDEISO9797ALG1WITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING";
+
+            algorithms["ISO9797ALG3"] = "ISO9797ALG3MAC";
+            algorithms["ISO9797ALG3MACWITHISO7816-4PADDING"] = "ISO9797ALG3WITHISO7816-4PADDING";
+
+            algorithms["SKIPJACK"] = "SKIPJACKMAC";
+            algorithms["SKIPJACK/CFB8"] = "SKIPJACKMAC/CFB8";
+            algorithms["IDEA"] = "IDEAMAC";
+            algorithms["IDEA/CFB8"] = "IDEAMAC/CFB8";
+            algorithms["RC2"] = "RC2MAC";
+            algorithms["RC2/CFB8"] = "RC2MAC/CFB8";
+            algorithms["RC5"] = "RC5MAC";
+            algorithms["RC5/CFB8"] = "RC5MAC/CFB8";
+            algorithms["GOST28147"] = "GOST28147MAC";
+            algorithms["VMPC"] = "VMPCMAC";
+            algorithms["VMPC-MAC"] = "VMPCMAC";
+            algorithms["SIPHASH"] = "SIPHASH-2-4";
+
+            algorithms["PBEWITHHMACSHA"] = "PBEWITHHMACSHA1";
+            algorithms["1.3.14.3.2.26"] = "PBEWITHHMACSHA1";
+        }
+
+//		/// <summary>
+//		/// Returns a ObjectIdentifier for a given digest mechanism.
+//		/// </summary>
+//		/// <param name="mechanism">A string representation of the digest meanism.</param>
+//		/// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
+//		public static DerObjectIdentifier GetObjectIdentifier(
+//			string mechanism)
+//		{
+//			mechanism = (string) algorithms[Platform.ToUpperInvariant(mechanism)];
+//
+//			if (mechanism != null)
+//			{
+//				return (DerObjectIdentifier)oids[mechanism];
+//			}
+//
+//			return null;
+//		}
+
+//		public static ICollection Algorithms
+//		{
+//			get { return oids.Keys; }
+//		}
+
+        public static IMac GetMac(
+            DerObjectIdentifier id)
+        {
+            return GetMac(id.Id);
+        }
+
+        public static IMac GetMac(
+            string algorithm)
+        {
+            string upper = Platform.ToUpperInvariant(algorithm);
+
+            string mechanism = (string) algorithms[upper];
+
+            if (mechanism == null)
+            {
+                mechanism = upper;
+            }
+
+            if (Platform.StartsWith(mechanism, "PBEWITH"))
+            {
+                mechanism = mechanism.Substring("PBEWITH".Length);
+            }
+
+            if (Platform.StartsWith(mechanism, "HMAC"))
+            {
+                string digestName;
+                if (Platform.StartsWith(mechanism, "HMAC-") || Platform.StartsWith(mechanism, "HMAC/"))
+                {
+                    digestName = mechanism.Substring(5);
+                }
+                else
+                {
+                    digestName = mechanism.Substring(4);
+                }
+
+                return new HMac(DigestUtilities.GetDigest(digestName));
+            }
+
+            if (mechanism == "AESCMAC")
+            {
+                return new CMac(new AesEngine());
+            }
+            if (mechanism == "DESMAC")
+            {
+                return new CbcBlockCipherMac(new DesEngine());
+            }
+            if (mechanism == "DESMAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new DesEngine());
+            }
+            if (mechanism == "DESMAC64")
+            {
+                return new CbcBlockCipherMac(new DesEngine(), 64);
+            }
+            if (mechanism == "DESEDECMAC")
+            {
+                return new CMac(new DesEdeEngine());
+            }
+            if (mechanism == "DESEDEMAC")
+            {
+                return new CbcBlockCipherMac(new DesEdeEngine());
+            }
+            if (mechanism == "DESEDEMAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new DesEdeEngine());
+            }
+            if (mechanism == "DESEDEMAC64")
+            {
+                return new CbcBlockCipherMac(new DesEdeEngine(), 64);
+            }
+            if (mechanism == "DESEDEMAC64WITHISO7816-4PADDING")
+            {
+                return new CbcBlockCipherMac(new DesEdeEngine(), 64, new ISO7816d4Padding());
+            }
+            if (mechanism == "DESWITHISO9797"
+                || mechanism == "ISO9797ALG3MAC")
+            {
+                return new ISO9797Alg3Mac(new DesEngine());
+            }
+            if (mechanism == "ISO9797ALG3WITHISO7816-4PADDING")
+            {
+                return new ISO9797Alg3Mac(new DesEngine(), new ISO7816d4Padding());
+            }
+            if (mechanism == "SKIPJACKMAC")
+            {
+                return new CbcBlockCipherMac(new SkipjackEngine());
+            }
+            if (mechanism == "SKIPJACKMAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new SkipjackEngine());
+            }
+            if (mechanism == "IDEAMAC")
+            {
+                return new CbcBlockCipherMac(new IdeaEngine());
+            }
+            if (mechanism == "IDEAMAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new IdeaEngine());
+            }
+            if (mechanism == "RC2MAC")
+            {
+                return new CbcBlockCipherMac(new RC2Engine());
+            }
+            if (mechanism == "RC2MAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new RC2Engine());
+            }
+            if (mechanism == "RC5MAC")
+            {
+                return new CbcBlockCipherMac(new RC532Engine());
+            }
+            if (mechanism == "RC5MAC/CFB8")
+            {
+                return new CfbBlockCipherMac(new RC532Engine());
+            }
+            if (mechanism == "GOST28147MAC")
+            {
+                return new Gost28147Mac();
+            }
+            if (mechanism == "VMPCMAC")
+            {
+                return new VmpcMac();
+            }
+            if (mechanism == "SIPHASH-2-4")
+            {
+                return new SipHash();
+            }
+            throw new SecurityUtilityException("Mac " + mechanism + " not recognised.");
+        }
+
+        public static string GetAlgorithmName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+
+        public static byte[] CalculateMac(string algorithm, ICipherParameters cp, byte[] input)
+        {
+            IMac mac = GetMac(algorithm);
+            mac.Init(cp);
+            mac.BlockUpdate(input, 0, input.Length);
+            return DoFinal(mac);
+        }
+
+        public static byte[] DoFinal(IMac mac)
+        {
+            byte[] b = new byte[mac.GetMacSize()];
+            mac.DoFinal(b, 0);
+            return b;
+        }
+
+        public static byte[] DoFinal(IMac mac, byte[] input)
+        {
+            mac.BlockUpdate(input, 0, input.Length);
+            return DoFinal(mac);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/NoSuchAlgorithmException.cs b/bc-sharp-crypto/src/security/NoSuchAlgorithmException.cs
new file mode 100644
index 0000000..c56ec65
--- /dev/null
+++ b/bc-sharp-crypto/src/security/NoSuchAlgorithmException.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+	[Obsolete("Never thrown")]
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class NoSuchAlgorithmException : GeneralSecurityException
+	{
+		public NoSuchAlgorithmException() : base() {}
+		public NoSuchAlgorithmException(string message) : base(message) {}
+		public NoSuchAlgorithmException(string message, Exception exception) : base(message, exception) {}
+	}
+}
diff --git a/bc-sharp-crypto/src/security/ParameterUtilities.cs b/bc-sharp-crypto/src/security/ParameterUtilities.cs
new file mode 100644
index 0000000..c121558
--- /dev/null
+++ b/bc-sharp-crypto/src/security/ParameterUtilities.cs
@@ -0,0 +1,325 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    public sealed class ParameterUtilities
+    {
+        private ParameterUtilities()
+        {
+        }
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary basicIVSizes = Platform.CreateHashtable();
+
+        static ParameterUtilities()
+        {
+            AddAlgorithm("AES",
+                "AESWRAP");
+            AddAlgorithm("AES128",
+                "2.16.840.1.101.3.4.2",
+                NistObjectIdentifiers.IdAes128Cbc,
+                NistObjectIdentifiers.IdAes128Cfb,
+                NistObjectIdentifiers.IdAes128Ecb,
+                NistObjectIdentifiers.IdAes128Ofb,
+                NistObjectIdentifiers.IdAes128Wrap);
+            AddAlgorithm("AES192",
+                "2.16.840.1.101.3.4.22",
+                NistObjectIdentifiers.IdAes192Cbc,
+                NistObjectIdentifiers.IdAes192Cfb,
+                NistObjectIdentifiers.IdAes192Ecb,
+                NistObjectIdentifiers.IdAes192Ofb,
+                NistObjectIdentifiers.IdAes192Wrap);
+            AddAlgorithm("AES256",
+                "2.16.840.1.101.3.4.42",
+                NistObjectIdentifiers.IdAes256Cbc,
+                NistObjectIdentifiers.IdAes256Cfb,
+                NistObjectIdentifiers.IdAes256Ecb,
+                NistObjectIdentifiers.IdAes256Ofb,
+                NistObjectIdentifiers.IdAes256Wrap);
+            AddAlgorithm("BLOWFISH",
+                "1.3.6.1.4.1.3029.1.2");
+            AddAlgorithm("CAMELLIA",
+                "CAMELLIAWRAP");
+            AddAlgorithm("CAMELLIA128",
+                NttObjectIdentifiers.IdCamellia128Cbc,
+                NttObjectIdentifiers.IdCamellia128Wrap);
+            AddAlgorithm("CAMELLIA192",
+                NttObjectIdentifiers.IdCamellia192Cbc,
+                NttObjectIdentifiers.IdCamellia192Wrap);
+            AddAlgorithm("CAMELLIA256",
+                NttObjectIdentifiers.IdCamellia256Cbc,
+                NttObjectIdentifiers.IdCamellia256Wrap);
+            AddAlgorithm("CAST5",
+                "1.2.840.113533.7.66.10");
+            AddAlgorithm("CAST6");
+            AddAlgorithm("DES",
+                OiwObjectIdentifiers.DesCbc,
+                OiwObjectIdentifiers.DesCfb,
+                OiwObjectIdentifiers.DesEcb,
+                OiwObjectIdentifiers.DesOfb);
+            AddAlgorithm("DESEDE",
+                "DESEDEWRAP",
+                "TDEA",
+                OiwObjectIdentifiers.DesEde,
+                PkcsObjectIdentifiers.IdAlgCms3DesWrap);
+            AddAlgorithm("DESEDE3",
+                PkcsObjectIdentifiers.DesEde3Cbc);
+            AddAlgorithm("GOST28147",
+                "GOST",
+                "GOST-28147",
+                CryptoProObjectIdentifiers.GostR28147Cbc);
+            AddAlgorithm("HC128");
+            AddAlgorithm("HC256");
+            AddAlgorithm("IDEA",
+                "1.3.6.1.4.1.188.7.1.1.2");
+            AddAlgorithm("NOEKEON");
+            AddAlgorithm("RC2",
+                PkcsObjectIdentifiers.RC2Cbc,
+                PkcsObjectIdentifiers.IdAlgCmsRC2Wrap);
+            AddAlgorithm("RC4",
+                "ARC4",
+                "1.2.840.113549.3.4");
+            AddAlgorithm("RC5",
+                "RC5-32");
+            AddAlgorithm("RC5-64");
+            AddAlgorithm("RC6");
+            AddAlgorithm("RIJNDAEL");
+            AddAlgorithm("SALSA20");
+            AddAlgorithm("SEED",
+                KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap,
+                KisaObjectIdentifiers.IdSeedCbc);
+            AddAlgorithm("SERPENT");
+            AddAlgorithm("SKIPJACK");
+            AddAlgorithm("TEA");
+            AddAlgorithm("THREEFISH-256");
+            AddAlgorithm("THREEFISH-512");
+            AddAlgorithm("THREEFISH-1024");
+            AddAlgorithm("TNEPRES");
+            AddAlgorithm("TWOFISH");
+            AddAlgorithm("VMPC");
+            AddAlgorithm("VMPC-KSA3");
+            AddAlgorithm("XTEA");
+
+            AddBasicIVSizeEntries(8, "BLOWFISH", "DES", "DESEDE", "DESEDE3");
+            AddBasicIVSizeEntries(16, "AES", "AES128", "AES192", "AES256",
+                "CAMELLIA", "CAMELLIA128", "CAMELLIA192", "CAMELLIA256", "NOEKEON", "SEED");
+
+            // TODO These algorithms support an IV
+            // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them
+            // "RIJNDAEL", "SKIPJACK", "TWOFISH"
+        }
+
+        private static void AddAlgorithm(
+            string			canonicalName,
+            params object[]	aliases)
+        {
+            algorithms[canonicalName] = canonicalName;
+
+            foreach (object alias in aliases)
+            {
+                algorithms[alias.ToString()] = canonicalName;
+            }
+        }
+
+        private static void AddBasicIVSizeEntries(int size, params string[] algorithms)
+        {
+            foreach (string algorithm in algorithms)
+            {
+                basicIVSizes.Add(algorithm, size);
+            }
+        }
+
+        public static string GetCanonicalAlgorithmName(
+            string algorithm)
+        {
+            return (string) algorithms[Platform.ToUpperInvariant(algorithm)];
+        }
+
+        public static KeyParameter CreateKeyParameter(
+            DerObjectIdentifier algOid,
+            byte[]				keyBytes)
+        {
+            return CreateKeyParameter(algOid.Id, keyBytes, 0, keyBytes.Length);
+        }
+
+        public static KeyParameter CreateKeyParameter(
+            string	algorithm,
+            byte[]	keyBytes)
+        {
+            return CreateKeyParameter(algorithm, keyBytes, 0, keyBytes.Length);
+        }
+
+        public static KeyParameter CreateKeyParameter(
+            DerObjectIdentifier algOid,
+            byte[]				keyBytes,
+            int					offset,
+            int					length)
+        {
+            return CreateKeyParameter(algOid.Id, keyBytes, offset, length);
+        }
+
+        public static KeyParameter CreateKeyParameter(
+            string	algorithm,
+            byte[]	keyBytes,
+            int		offset,
+            int		length)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            string canonical = GetCanonicalAlgorithmName(algorithm);
+
+            if (canonical == null)
+                throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
+
+            if (canonical == "DES")
+                return new DesParameters(keyBytes, offset, length);
+
+            if (canonical == "DESEDE" || canonical =="DESEDE3")
+                return new DesEdeParameters(keyBytes, offset, length);
+
+            if (canonical == "RC2")
+                return new RC2Parameters(keyBytes, offset, length);
+
+            return new KeyParameter(keyBytes, offset, length);
+        }
+
+        public static ICipherParameters GetCipherParameters(
+            DerObjectIdentifier	algOid,
+            ICipherParameters	key,
+            Asn1Object			asn1Params)
+        {
+            return GetCipherParameters(algOid.Id, key, asn1Params);
+        }
+
+        public static ICipherParameters GetCipherParameters(
+            string				algorithm,
+            ICipherParameters	key,
+            Asn1Object			asn1Params)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            string canonical = GetCanonicalAlgorithmName(algorithm);
+
+            if (canonical == null)
+                throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
+
+            byte[] iv = null;
+
+            try
+            {
+                // TODO These algorithms support an IV
+                // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them
+                // "RIJNDAEL", "SKIPJACK", "TWOFISH"
+
+                int basicIVKeySize = FindBasicIVSize(canonical);
+                if (basicIVKeySize != -1
+                    || canonical == "RIJNDAEL" || canonical == "SKIPJACK" || canonical == "TWOFISH")
+                {
+                    iv = ((Asn1OctetString) asn1Params).GetOctets();
+                }
+                else if (canonical == "CAST5")
+                {
+                    iv = Cast5CbcParameters.GetInstance(asn1Params).GetIV();
+                }
+                else if (canonical == "IDEA")
+                {
+                    iv = IdeaCbcPar.GetInstance(asn1Params).GetIV();
+                }
+                else if (canonical == "RC2")
+                {
+                    iv = RC2CbcParameter.GetInstance(asn1Params).GetIV();
+                }
+            }
+            catch (Exception e)
+            {
+                throw new ArgumentException("Could not process ASN.1 parameters", e);
+            }
+
+            if (iv != null)
+            {
+                return new ParametersWithIV(key, iv);
+            }
+
+            throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
+        }
+
+        public static Asn1Encodable GenerateParameters(
+            DerObjectIdentifier algID,
+            SecureRandom		random)
+        {
+            return GenerateParameters(algID.Id, random);
+        }
+
+        public static Asn1Encodable GenerateParameters(
+            string			algorithm,
+            SecureRandom	random)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            string canonical = GetCanonicalAlgorithmName(algorithm);
+
+            if (canonical == null)
+                throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
+
+            // TODO These algorithms support an IV
+            // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them
+            // "RIJNDAEL", "SKIPJACK", "TWOFISH"
+
+            int basicIVKeySize = FindBasicIVSize(canonical);
+            if (basicIVKeySize != -1)
+                return CreateIVOctetString(random, basicIVKeySize);
+
+            if (canonical == "CAST5")
+                return new Cast5CbcParameters(CreateIV(random, 8), 128);
+
+            if (canonical == "IDEA")
+                return new IdeaCbcPar(CreateIV(random, 8));
+
+            if (canonical == "RC2")
+                return new RC2CbcParameter(CreateIV(random, 8));
+
+            throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised.");
+        }
+
+        private static Asn1OctetString CreateIVOctetString(
+            SecureRandom	random,
+            int				ivLength)
+        {
+            return new DerOctetString(CreateIV(random, ivLength));
+        }
+
+        private static byte[] CreateIV(
+            SecureRandom	random,
+            int				ivLength)
+        {
+            byte[] iv = new byte[ivLength];
+            random.NextBytes(iv);
+            return iv;
+        }
+
+        private static int FindBasicIVSize(
+            string canonicalName)
+        {
+            if (!basicIVSizes.Contains(canonicalName))
+                return -1;
+
+            return (int)basicIVSizes[canonicalName];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/PbeUtilities.cs b/bc-sharp-crypto/src/security/PbeUtilities.cs
new file mode 100644
index 0000000..33f31e5
--- /dev/null
+++ b/bc-sharp-crypto/src/security/PbeUtilities.cs
@@ -0,0 +1,663 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.BC;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Modes;
+using Org.BouncyCastle.Crypto.Paddings;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <summary>
+    ///
+    /// </summary>
+    public sealed class PbeUtilities
+    {
+        private PbeUtilities()
+        {
+        }
+
+        const string Pkcs5S1 = "Pkcs5S1";
+        const string Pkcs5S2 = "Pkcs5S2";
+        const string Pkcs12 = "Pkcs12";
+        const string OpenSsl = "OpenSsl";
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary algorithmType = Platform.CreateHashtable();
+        private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static PbeUtilities()
+        {
+            algorithms["PKCS5SCHEME1"] = "Pkcs5scheme1";
+            algorithms["PKCS5SCHEME2"] = "Pkcs5scheme2";
+            algorithms[PkcsObjectIdentifiers.IdPbeS2.Id] = "Pkcs5scheme2";
+//			algorithms[PkcsObjectIdentifiers.IdPbkdf2.Id] = "Pkcs5scheme2";
+
+            // FIXME Add support for these? (see Pkcs8Generator)
+//			algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "Pkcs5scheme2";
+//			algorithms[NistObjectIdentifiers.IdAes128Cbc.Id] = "Pkcs5scheme2";
+//			algorithms[NistObjectIdentifiers.IdAes192Cbc.Id] = "Pkcs5scheme2";
+//			algorithms[NistObjectIdentifiers.IdAes256Cbc.Id] = "Pkcs5scheme2";
+
+            algorithms["PBEWITHMD2ANDDES-CBC"] = "PBEwithMD2andDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithMD2AndDesCbc.Id] = "PBEwithMD2andDES-CBC";
+            algorithms["PBEWITHMD2ANDRC2-CBC"] = "PBEwithMD2andRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc.Id] = "PBEwithMD2andRC2-CBC";
+            algorithms["PBEWITHMD5ANDDES-CBC"] = "PBEwithMD5andDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithMD5AndDesCbc.Id] = "PBEwithMD5andDES-CBC";
+            algorithms["PBEWITHMD5ANDRC2-CBC"] = "PBEwithMD5andRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc.Id] = "PBEwithMD5andRC2-CBC";
+            algorithms["PBEWITHSHA1ANDDES"] = "PBEwithSHA-1andDES-CBC";
+            algorithms["PBEWITHSHA-1ANDDES"] = "PBEwithSHA-1andDES-CBC";
+            algorithms["PBEWITHSHA1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC";
+            algorithms["PBEWITHSHA-1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithSha1AndDesCbc.Id] = "PBEwithSHA-1andDES-CBC";
+            algorithms["PBEWITHSHA1ANDRC2"] = "PBEwithSHA-1andRC2-CBC";
+            algorithms["PBEWITHSHA-1ANDRC2"] = "PBEwithSHA-1andRC2-CBC";
+            algorithms["PBEWITHSHA1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC";
+            algorithms["PBEWITHSHA-1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc.Id] = "PBEwithSHA-1andRC2-CBC";
+            algorithms["PKCS12"] = "Pkcs12";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.Id] = "PBEwithSHA-1and128bitAES-CBC-BC";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.Id] = "PBEwithSHA-1and192bitAES-CBC-BC";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.Id] = "PBEwithSHA-1and256bitAES-CBC-BC";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.Id] = "PBEwithSHA-256and128bitAES-CBC-BC";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.Id] = "PBEwithSHA-256and192bitAES-CBC-BC";
+            algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.Id] = "PBEwithSHA-256and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHAAND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
+            algorithms["PBEWITHSHA1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
+            algorithms["PBEWITHSHA-1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id] = "PBEwithSHA-1and128bitRC4";
+            algorithms["PBEWITHSHAAND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
+            algorithms["PBEWITHSHA1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
+            algorithms["PBEWITHSHA-1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id] = "PBEwithSHA-1and40bitRC4";
+            algorithms["PBEWITHSHAAND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHAAND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA-1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA-1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id] = "PBEwithSHA-1and3-keyDESEDE-CBC";
+            algorithms["PBEWITHSHAAND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHAAND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA-1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHA-1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id] = "PBEwithSHA-1and2-keyDESEDE-CBC";
+            algorithms["PBEWITHSHAAND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
+            algorithms["PBEWITHSHA1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
+            algorithms["PBEWITHSHA-1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id] = "PBEwithSHA-1and128bitRC2-CBC";
+            algorithms["PBEWITHSHAAND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
+            algorithms["PBEWITHSHA1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
+            algorithms["PBEWITHSHA-1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC";
+            algorithms[PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id] = "PBEwithSHA-1and40bitRC2-CBC";
+            algorithms["PBEWITHSHAAND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
+            algorithms["PBEWITHSHA1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC";
+            algorithms["PBEWITHSHAAND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
+            algorithms["PBEWITHSHA1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC";
+            algorithms["PBEWITHSHAAND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHA1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHA256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC";
+            algorithms["PBEWITHSHA256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC";
+            algorithms["PBEWITHSHA256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHA-256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC";
+            algorithms["PBEWITHSHAANDIDEA"] = "PBEwithSHA-1andIDEA-CBC";
+            algorithms["PBEWITHSHAANDIDEA-CBC"] = "PBEwithSHA-1andIDEA-CBC";
+            algorithms["PBEWITHSHAANDTWOFISH"] = "PBEwithSHA-1andTWOFISH-CBC";
+            algorithms["PBEWITHSHAANDTWOFISH-CBC"] = "PBEwithSHA-1andTWOFISH-CBC";
+            algorithms["PBEWITHHMACSHA1"] = "PBEwithHmacSHA-1";
+            algorithms["PBEWITHHMACSHA-1"] = "PBEwithHmacSHA-1";
+            algorithms[OiwObjectIdentifiers.IdSha1.Id] = "PBEwithHmacSHA-1";
+            algorithms["PBEWITHHMACSHA224"] = "PBEwithHmacSHA-224";
+            algorithms["PBEWITHHMACSHA-224"] = "PBEwithHmacSHA-224";
+            algorithms[NistObjectIdentifiers.IdSha224.Id] = "PBEwithHmacSHA-224";
+            algorithms["PBEWITHHMACSHA256"] = "PBEwithHmacSHA-256";
+            algorithms["PBEWITHHMACSHA-256"] = "PBEwithHmacSHA-256";
+            algorithms[NistObjectIdentifiers.IdSha256.Id] = "PBEwithHmacSHA-256";
+            algorithms["PBEWITHHMACRIPEMD128"] = "PBEwithHmacRipeMD128";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "PBEwithHmacRipeMD128";
+            algorithms["PBEWITHHMACRIPEMD160"] = "PBEwithHmacRipeMD160";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD160.Id] = "PBEwithHmacRipeMD160";
+            algorithms["PBEWITHHMACRIPEMD256"] = "PBEwithHmacRipeMD256";
+            algorithms[TeleTrusTObjectIdentifiers.RipeMD256.Id] = "PBEwithHmacRipeMD256";
+            algorithms["PBEWITHHMACTIGER"] = "PBEwithHmacTiger";
+
+            algorithms["PBEWITHMD5AND128BITAES-CBC-OPENSSL"] = "PBEwithMD5and128bitAES-CBC-OpenSSL";
+            algorithms["PBEWITHMD5AND192BITAES-CBC-OPENSSL"] = "PBEwithMD5and192bitAES-CBC-OpenSSL";
+            algorithms["PBEWITHMD5AND256BITAES-CBC-OPENSSL"] = "PBEwithMD5and256bitAES-CBC-OpenSSL";
+
+            algorithmType["Pkcs5scheme1"] = Pkcs5S1;
+            algorithmType["Pkcs5scheme2"] = Pkcs5S2;
+            algorithmType["PBEwithMD2andDES-CBC"] = Pkcs5S1;
+            algorithmType["PBEwithMD2andRC2-CBC"] = Pkcs5S1;
+            algorithmType["PBEwithMD5andDES-CBC"] = Pkcs5S1;
+            algorithmType["PBEwithMD5andRC2-CBC"] = Pkcs5S1;
+            algorithmType["PBEwithSHA-1andDES-CBC"] = Pkcs5S1;
+            algorithmType["PBEwithSHA-1andRC2-CBC"] = Pkcs5S1;
+            algorithmType["Pkcs12"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and128bitRC4"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and40bitRC4"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and3-keyDESEDE-CBC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and2-keyDESEDE-CBC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and128bitRC2-CBC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and40bitRC2-CBC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and128bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and192bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1and256bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-256and128bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-256and192bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-256and256bitAES-CBC-BC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1andIDEA-CBC"] = Pkcs12;
+            algorithmType["PBEwithSHA-1andTWOFISH-CBC"] = Pkcs12;
+            algorithmType["PBEwithHmacSHA-1"] = Pkcs12;
+            algorithmType["PBEwithHmacSHA-224"] = Pkcs12;
+            algorithmType["PBEwithHmacSHA-256"] = Pkcs12;
+            algorithmType["PBEwithHmacRipeMD128"] = Pkcs12;
+            algorithmType["PBEwithHmacRipeMD160"] = Pkcs12;
+            algorithmType["PBEwithHmacRipeMD256"] = Pkcs12;
+            algorithmType["PBEwithHmacTiger"] = Pkcs12;
+
+            algorithmType["PBEwithMD5and128bitAES-CBC-OpenSSL"] = OpenSsl;
+            algorithmType["PBEwithMD5and192bitAES-CBC-OpenSSL"] = OpenSsl;
+            algorithmType["PBEwithMD5and256bitAES-CBC-OpenSSL"] = OpenSsl;
+
+            oids["PBEwithMD2andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndDesCbc;
+            oids["PBEwithMD2andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc;
+            oids["PBEwithMD5andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndDesCbc;
+            oids["PBEwithMD5andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc;
+            oids["PBEwithSHA-1andDES-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndDesCbc;
+            oids["PBEwithSHA-1andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc;
+            oids["PBEwithSHA-1and128bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4;
+            oids["PBEwithSHA-1and40bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4;
+            oids["PBEwithSHA-1and3-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc;
+            oids["PBEwithSHA-1and2-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc;
+            oids["PBEwithSHA-1and128bitRC2-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc;
+            oids["PBEwithSHA-1and40bitRC2-CBC"] = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc;
+            oids["PBEwithHmacSHA-1"] = OiwObjectIdentifiers.IdSha1;
+            oids["PBEwithHmacSHA-224"] = NistObjectIdentifiers.IdSha224;
+            oids["PBEwithHmacSHA-256"] = NistObjectIdentifiers.IdSha256;
+            oids["PBEwithHmacRipeMD128"] = TeleTrusTObjectIdentifiers.RipeMD128;
+            oids["PBEwithHmacRipeMD160"] = TeleTrusTObjectIdentifiers.RipeMD160;
+            oids["PBEwithHmacRipeMD256"] = TeleTrusTObjectIdentifiers.RipeMD256;
+            oids["Pkcs5scheme2"] = PkcsObjectIdentifiers.IdPbeS2;
+        }
+
+        static PbeParametersGenerator MakePbeGenerator(
+            string	type,
+            IDigest	digest,
+            byte[]	key,
+            byte[]	salt,
+            int		iterationCount)
+        {
+            PbeParametersGenerator generator;
+
+            if (type.Equals(Pkcs5S1))
+            {
+                generator = new Pkcs5S1ParametersGenerator(digest);
+            }
+            else if (type.Equals(Pkcs5S2))
+            {
+                generator = new Pkcs5S2ParametersGenerator();
+            }
+            else if (type.Equals(Pkcs12))
+            {
+                generator = new Pkcs12ParametersGenerator(digest);
+            }
+            else if (type.Equals(OpenSsl))
+            {
+                generator = new OpenSslPbeParametersGenerator();
+            }
+            else
+            {
+                throw new ArgumentException("Unknown PBE type: " + type, "type");
+            }
+
+            generator.Init(key, salt, iterationCount);
+            return generator;
+        }
+
+        /// <summary>
+        /// Returns a ObjectIdentifier for a give encoding.
+        /// </summary>
+        /// <param name="mechanism">A string representation of the encoding.</param>
+        /// <returns>A DerObjectIdentifier, null if the Oid is not available.</returns>
+        public static DerObjectIdentifier GetObjectIdentifier(
+            string mechanism)
+        {
+            mechanism = (string) algorithms[Platform.ToUpperInvariant(mechanism)];
+            if (mechanism != null)
+            {
+                return (DerObjectIdentifier)oids[mechanism];
+            }
+            return null;
+        }
+
+        public static ICollection Algorithms
+        {
+            get { return oids.Keys; }
+        }
+
+        public static bool IsPkcs12(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            return mechanism != null && Pkcs12.Equals(algorithmType[mechanism]);
+        }
+
+        public static bool IsPkcs5Scheme1(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            return mechanism != null && Pkcs5S1.Equals(algorithmType[mechanism]);
+        }
+
+        public static bool IsPkcs5Scheme2(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            return mechanism != null && Pkcs5S2.Equals(algorithmType[mechanism]);
+        }
+
+        public static bool IsOpenSsl(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            return mechanism != null && OpenSsl.Equals(algorithmType[mechanism]);
+        }
+
+        public static bool IsPbeAlgorithm(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            return mechanism != null && algorithmType[mechanism] != null;
+        }
+
+        public static Asn1Encodable GenerateAlgorithmParameters(
+            DerObjectIdentifier algorithmOid,
+            byte[]              salt,
+            int                 iterationCount)
+        {
+            return GenerateAlgorithmParameters(algorithmOid.Id, salt, iterationCount);
+        }
+
+        public static Asn1Encodable GenerateAlgorithmParameters(
+            string  algorithm,
+            byte[]  salt,
+            int     iterationCount)
+        {
+            if (IsPkcs12(algorithm))
+            {
+                return new Pkcs12PbeParams(salt, iterationCount);
+            }
+            else if (IsPkcs5Scheme2(algorithm))
+            {
+                return new Pbkdf2Params(salt, iterationCount);
+            }
+            else
+            {
+                return new PbeParameter(salt, iterationCount);
+            }
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            DerObjectIdentifier algorithmOid,
+            char[]              password,
+            Asn1Encodable       pbeParameters)
+        {
+            return GenerateCipherParameters(algorithmOid.Id, password, false, pbeParameters);
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            DerObjectIdentifier algorithmOid,
+            char[]              password,
+            bool				wrongPkcs12Zero,
+            Asn1Encodable       pbeParameters)
+        {
+            return GenerateCipherParameters(algorithmOid.Id, password, wrongPkcs12Zero, pbeParameters);
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            AlgorithmIdentifier algID,
+            char[]              password)
+        {
+            return GenerateCipherParameters(algID.Algorithm.Id, password, false, algID.Parameters);
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            AlgorithmIdentifier algID,
+            char[]              password,
+            bool				wrongPkcs12Zero)
+        {
+            return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero, algID.Parameters);
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            string          algorithm,
+            char[]          password,
+            Asn1Encodable   pbeParameters)
+        {
+            return GenerateCipherParameters(algorithm, password, false, pbeParameters);
+        }
+
+        public static ICipherParameters GenerateCipherParameters(
+            string          algorithm,
+            char[]          password,
+            bool			wrongPkcs12Zero,
+            Asn1Encodable   pbeParameters)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            byte[] keyBytes = null;
+            byte[] salt = null;
+            int iterationCount = 0;
+
+            if (IsPkcs12(mechanism))
+            {
+                Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters);
+                salt = pbeParams.GetIV();
+                iterationCount = pbeParams.Iterations.IntValue;
+                keyBytes = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero);
+            }
+            else if (IsPkcs5Scheme2(mechanism))
+            {
+                // See below
+            }
+            else
+            {
+                PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters);
+                salt = pbeParams.GetSalt();
+                iterationCount = pbeParams.IterationCount.IntValue;
+                keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
+            }
+
+            ICipherParameters parameters = null;
+
+            if (IsPkcs5Scheme2(mechanism))
+            {
+                PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object());
+                AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
+                DerObjectIdentifier encOid = encScheme.Algorithm;
+                Asn1Object encParams = encScheme.Parameters.ToAsn1Object();
+
+                // TODO What about s2p.KeyDerivationFunc.Algorithm?
+                Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object());
+
+                byte[] iv;
+                if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3
+                {
+                    RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(encParams);
+                    iv = rc2Params.GetIV();
+                }
+                else
+                {
+                    iv = Asn1OctetString.GetInstance(encParams).GetOctets();
+                }
+
+                salt = pbeParams.GetSalt();
+                iterationCount = pbeParams.IterationCount.IntValue;
+                keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password);
+
+                int keyLength = pbeParams.KeyLength != null
+                    ?	pbeParams.KeyLength.IntValue * 8
+                    :	GeneratorUtilities.GetDefaultKeySize(encOid);
+
+                PbeParametersGenerator gen = MakePbeGenerator(
+                    (string)algorithmType[mechanism], null, keyBytes, salt, iterationCount);
+
+                parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength);
+
+                if (iv != null)
+                {
+                    // FIXME? OpenSSL weirdness with IV of zeros (for ECB keys?)
+                    if (Arrays.AreEqual(iv, new byte[iv.Length]))
+                    {
+                        //Console.Error.Write("***** IV all 0 (length " + iv.Length + ") *****");
+                    }
+                    else
+                    {
+                        parameters = new ParametersWithIV(parameters, iv);
+                    }
+                }
+            }
+            else if (Platform.StartsWith(mechanism, "PBEwithSHA-1"))
+            {
+                PbeParametersGenerator generator = MakePbeGenerator(
+                    (string) algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount);
+
+                if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and128bitRC4"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC4", 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and40bitRC4"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC4", 40);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC2", 128, 64);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC2", 40, 64);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1andDES-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
+                }
+                else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
+                }
+            }
+            else if (Platform.StartsWith(mechanism, "PBEwithSHA-256"))
+            {
+                PbeParametersGenerator generator = MakePbeGenerator(
+                    (string) algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount);
+
+                if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
+                }
+                else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
+                }
+            }
+            else if (Platform.StartsWith(mechanism, "PBEwithMD5"))
+            {
+                PbeParametersGenerator generator = MakePbeGenerator(
+                    (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount);
+
+                if (mechanism.Equals("PBEwithMD5andDES-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
+                }
+                else if (mechanism.Equals("PBEwithMD5andRC2-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
+                }
+                else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 128, 128);
+                }
+                else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 192, 128);
+                }
+                else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL"))
+                {
+                    parameters = generator.GenerateDerivedParameters("AES", 256, 128);
+                }
+            }
+            else if (Platform.StartsWith(mechanism, "PBEwithMD2"))
+            {
+                PbeParametersGenerator generator = MakePbeGenerator(
+                    (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount);
+                if (mechanism.Equals("PBEwithMD2andDES-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("DES", 64, 64);
+                }
+                else if (mechanism.Equals("PBEwithMD2andRC2-CBC"))
+                {
+                    parameters = generator.GenerateDerivedParameters("RC2", 64, 64);
+                }
+            }
+            else if (Platform.StartsWith(mechanism, "PBEwithHmac"))
+            {
+                string digestName = mechanism.Substring("PBEwithHmac".Length);
+                IDigest digest = DigestUtilities.GetDigest(digestName);
+
+                PbeParametersGenerator generator = MakePbeGenerator(
+                    (string) algorithmType[mechanism], digest, keyBytes, salt, iterationCount);
+
+                int bitLen = digest.GetDigestSize() * 8;
+                parameters = generator.GenerateDerivedMacParameters(bitLen);
+            }
+
+            Array.Clear(keyBytes, 0, keyBytes.Length);
+
+            return FixDesParity(mechanism, parameters);
+        }
+
+        public static object CreateEngine(
+            DerObjectIdentifier algorithmOid)
+        {
+            return CreateEngine(algorithmOid.Id);
+        }
+
+        public static object CreateEngine(
+            AlgorithmIdentifier algID)
+        {
+            string algorithm = algID.Algorithm.Id;
+
+            if (IsPkcs5Scheme2(algorithm))
+            {
+                PbeS2Parameters s2p = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object());
+                AlgorithmIdentifier encScheme = s2p.EncryptionScheme;
+                return CipherUtilities.GetCipher(encScheme.Algorithm);
+            }
+
+            return CreateEngine(algorithm);
+        }
+
+        public static object CreateEngine(
+            string algorithm)
+        {
+            string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)];
+
+            if (Platform.StartsWith(mechanism, "PBEwithHmac"))
+            {
+                string digestName = mechanism.Substring("PBEwithHmac".Length);
+
+                return MacUtilities.GetMac("HMAC/" + digestName);
+            }
+
+            if (Platform.StartsWith(mechanism, "PBEwithMD2")
+                ||	Platform.StartsWith(mechanism, "PBEwithMD5")
+                ||	Platform.StartsWith(mechanism, "PBEwithSHA-1")
+                ||	Platform.StartsWith(mechanism, "PBEwithSHA-256"))
+            {
+                if (Platform.EndsWith(mechanism, "AES-CBC-BC") || Platform.EndsWith(mechanism, "AES-CBC-OPENSSL"))
+                {
+                    return CipherUtilities.GetCipher("AES/CBC");
+                }
+
+                if (Platform.EndsWith(mechanism, "DES-CBC"))
+                {
+                    return CipherUtilities.GetCipher("DES/CBC");
+                }
+
+                if (Platform.EndsWith(mechanism, "DESEDE-CBC"))
+                {
+                    return CipherUtilities.GetCipher("DESEDE/CBC");
+                }
+
+                if (Platform.EndsWith(mechanism, "RC2-CBC"))
+                {
+                    return CipherUtilities.GetCipher("RC2/CBC");
+                }
+
+                if (Platform.EndsWith(mechanism, "RC4"))
+                {
+                    return CipherUtilities.GetCipher("RC4");
+                }
+            }
+
+            return null;
+        }
+
+        public static string GetEncodingName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+
+        private static ICipherParameters FixDesParity(string mechanism, ICipherParameters parameters)
+        {
+            if (!Platform.EndsWith(mechanism, "DES-CBC") && !Platform.EndsWith(mechanism, "DESEDE-CBC"))
+            {
+                return parameters;
+            }
+
+            if (parameters is ParametersWithIV)
+            {
+                ParametersWithIV ivParams = (ParametersWithIV)parameters;
+                return new ParametersWithIV(FixDesParity(mechanism, ivParams.Parameters), ivParams.GetIV());
+            }
+
+            KeyParameter kParam = (KeyParameter)parameters;
+            byte[] keyBytes = kParam.GetKey();
+            DesParameters.SetOddParity(keyBytes);
+            return new KeyParameter(keyBytes);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/PrivateKeyFactory.cs b/bc-sharp-crypto/src/security/PrivateKeyFactory.cs
new file mode 100644
index 0000000..8c2ecfd
--- /dev/null
+++ b/bc-sharp-crypto/src/security/PrivateKeyFactory.cs
@@ -0,0 +1,222 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    public sealed class PrivateKeyFactory
+    {
+        private PrivateKeyFactory()
+        {
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            byte[] privateKeyInfoData)
+        {
+            return CreateKey(
+                PrivateKeyInfo.GetInstance(
+                    Asn1Object.FromByteArray(privateKeyInfoData)));
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            Stream inStr)
+        {
+            return CreateKey(
+                PrivateKeyInfo.GetInstance(
+                    Asn1Object.FromStream(inStr)));
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            PrivateKeyInfo keyInfo)
+        {
+            AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm;
+            DerObjectIdentifier algOid = algID.Algorithm;
+
+            // TODO See RSAUtil.isRsaOid in Java build
+            if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
+                || algOid.Equals(X509ObjectIdentifiers.IdEARsa)
+                || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
+                || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
+            {
+                RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
+
+                return new RsaPrivateCrtKeyParameters(
+                    keyStructure.Modulus,
+                    keyStructure.PublicExponent,
+                    keyStructure.PrivateExponent,
+                    keyStructure.Prime1,
+                    keyStructure.Prime2,
+                    keyStructure.Exponent1,
+                    keyStructure.Exponent2,
+                    keyStructure.Coefficient);
+            }
+            // TODO?
+//			else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
+            else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
+            {
+                DHParameter para = new DHParameter(
+                    Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+                DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
+
+                BigInteger lVal = para.L;
+                int l = lVal == null ? 0 : lVal.IntValue;
+                DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
+
+                return new DHPrivateKeyParameters(derX.Value, dhParams, algOid);
+            }
+            else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
+            {
+                ElGamalParameter  para = new ElGamalParameter(
+                    Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+                DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
+
+                return new ElGamalPrivateKeyParameters(
+                    derX.Value,
+                    new ElGamalParameters(para.P, para.G));
+            }
+            else if (algOid.Equals(X9ObjectIdentifiers.IdDsa))
+            {
+                DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey();
+                Asn1Encodable ae = algID.Parameters;
+
+                DsaParameters parameters = null;
+                if (ae != null)
+                {
+                    DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
+                    parameters = new DsaParameters(para.P, para.Q, para.G);
+                }
+
+                return new DsaPrivateKeyParameters(derX.Value, parameters);
+            }
+            else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
+            {
+                X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
+
+                X9ECParameters x9;
+                if (para.IsNamedCurve)
+                {
+                    x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
+                }
+                else
+                {
+                    x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
+                }
+
+                ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey());
+                BigInteger d = ec.GetKey();
+
+                if (para.IsNamedCurve)
+                {
+                    return new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters);
+                }
+
+                ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H,  x9.GetSeed());
+                return new ECPrivateKeyParameters(d, dParams);
+            }
+            else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
+            {
+                Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
+                    Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+
+                ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
+
+                if (ecP == null)
+                    throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key");
+
+                Asn1Object privKey = keyInfo.ParsePrivateKey();
+                ECPrivateKeyStructure ec;
+
+                if (privKey is DerInteger)
+                {
+                    // TODO Do we need to pass any parameters here?
+                    ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).Value);
+                }
+                else
+                {
+                    ec = ECPrivateKeyStructure.GetInstance(privKey);
+                }
+
+                return new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet);
+            }
+            else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
+            {
+                Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
+                    Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+
+                DerOctetString derX = (DerOctetString)keyInfo.ParsePrivateKey();
+                BigInteger x = new BigInteger(1, Arrays.Reverse(derX.GetOctets()));
+
+                return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet);
+            }
+            else
+            {
+                throw new SecurityUtilityException("algorithm identifier in key not recognised");
+            }
+        }
+
+        public static AsymmetricKeyParameter DecryptKey(
+            char[]					passPhrase,
+            EncryptedPrivateKeyInfo	encInfo)
+        {
+            return CreateKey(PrivateKeyInfoFactory.CreatePrivateKeyInfo(passPhrase, encInfo));
+        }
+
+        public static AsymmetricKeyParameter DecryptKey(
+            char[]	passPhrase,
+            byte[]	encryptedPrivateKeyInfoData)
+        {
+            return DecryptKey(passPhrase, Asn1Object.FromByteArray(encryptedPrivateKeyInfoData));
+        }
+
+        public static AsymmetricKeyParameter DecryptKey(
+            char[]	passPhrase,
+            Stream	encryptedPrivateKeyInfoStream)
+        {
+            return DecryptKey(passPhrase, Asn1Object.FromStream(encryptedPrivateKeyInfoStream));
+        }
+
+        private static AsymmetricKeyParameter DecryptKey(
+            char[]		passPhrase,
+            Asn1Object	asn1Object)
+        {
+            return DecryptKey(passPhrase, EncryptedPrivateKeyInfo.GetInstance(asn1Object));
+        }
+
+        public static byte[] EncryptKey(
+            DerObjectIdentifier		algorithm,
+            char[]					passPhrase,
+            byte[]					salt,
+            int						iterationCount,
+            AsymmetricKeyParameter	key)
+        {
+            return EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+                algorithm, passPhrase, salt, iterationCount, key).GetEncoded();
+        }
+
+        public static byte[] EncryptKey(
+            string					algorithm,
+            char[]					passPhrase,
+            byte[]					salt,
+            int						iterationCount,
+            AsymmetricKeyParameter	key)
+        {
+            return EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(
+                algorithm, passPhrase, salt, iterationCount, key).GetEncoded();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/PublicKeyFactory.cs b/bc-sharp-crypto/src/security/PublicKeyFactory.cs
new file mode 100644
index 0000000..f1b28b7
--- /dev/null
+++ b/bc-sharp-crypto/src/security/PublicKeyFactory.cs
@@ -0,0 +1,253 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Generators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+
+namespace Org.BouncyCastle.Security
+{
+    public sealed class PublicKeyFactory
+    {
+        private PublicKeyFactory()
+        {
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            byte[] keyInfoData)
+        {
+            return CreateKey(
+                SubjectPublicKeyInfo.GetInstance(
+                    Asn1Object.FromByteArray(keyInfoData)));
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            Stream inStr)
+        {
+            return CreateKey(
+                SubjectPublicKeyInfo.GetInstance(
+                    Asn1Object.FromStream(inStr)));
+        }
+
+        public static AsymmetricKeyParameter CreateKey(
+            SubjectPublicKeyInfo keyInfo)
+        {
+            AlgorithmIdentifier algID = keyInfo.AlgorithmID;
+            DerObjectIdentifier algOid = algID.Algorithm;
+
+            // TODO See RSAUtil.isRsaOid in Java build
+            if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption)
+                || algOid.Equals(X509ObjectIdentifiers.IdEARsa)
+                || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss)
+                || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep))
+            {
+                RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance(
+                    keyInfo.GetPublicKey());
+
+                return new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent);
+            }
+            else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber))
+            {
+                Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
+
+                DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.GetPublicKey());
+
+                BigInteger y = dhPublicKey.Y.Value;
+
+                if (IsPkcsDHParam(seq))
+                    return ReadPkcsDHParam(algOid, y, seq);
+
+                DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq);
+
+                BigInteger p = dhParams.P.Value;
+                BigInteger g = dhParams.G.Value;
+                BigInteger q = dhParams.Q.Value;
+
+                BigInteger j = null;
+                if (dhParams.J != null)
+                {
+                    j = dhParams.J.Value;
+                }
+
+                DHValidationParameters validation = null;
+                DHValidationParms dhValidationParms = dhParams.ValidationParms;
+                if (dhValidationParms != null)
+                {
+                    byte[] seed = dhValidationParms.Seed.GetBytes();
+                    BigInteger pgenCounter = dhValidationParms.PgenCounter.Value;
+
+                    // TODO Check pgenCounter size?
+
+                    validation = new DHValidationParameters(seed, pgenCounter.IntValue);
+                }
+
+                return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
+            }
+            else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement))
+            {
+                Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object());
+
+                DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
+
+                return ReadPkcsDHParam(algOid, derY.Value, seq);
+            }
+            else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm))
+            {
+                ElGamalParameter para = new ElGamalParameter(
+                    Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()));
+                DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
+
+                return new ElGamalPublicKeyParameters(
+                    derY.Value,
+                    new ElGamalParameters(para.P, para.G));
+            }
+            else if (algOid.Equals(X9ObjectIdentifiers.IdDsa)
+                || algOid.Equals(OiwObjectIdentifiers.DsaWithSha1))
+            {
+                DerInteger derY = (DerInteger) keyInfo.GetPublicKey();
+                Asn1Encodable ae = algID.Parameters;
+
+                DsaParameters parameters = null;
+                if (ae != null)
+                {
+                    DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object());
+                    parameters = new DsaParameters(para.P, para.Q, para.G);
+                }
+
+                return new DsaPublicKeyParameters(derY.Value, parameters);
+            }
+            else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey))
+            {
+                X962Parameters para = new X962Parameters(algID.Parameters.ToAsn1Object());
+
+                X9ECParameters x9;
+                if (para.IsNamedCurve)
+                {
+                    x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters);
+                }
+                else
+                {
+                    x9 = new X9ECParameters((Asn1Sequence)para.Parameters);
+                }
+
+                Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes());
+                X9ECPoint derQ = new X9ECPoint(x9.Curve, key);
+                ECPoint q = derQ.Point;
+
+                if (para.IsNamedCurve)
+                {
+                    return new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters);
+                }
+
+                ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed());
+                return new ECPublicKeyParameters(q, dParams);
+            }
+            else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001))
+            {
+                Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
+                    (Asn1Sequence) algID.Parameters);
+
+                Asn1OctetString key;
+                try
+                {
+                    key = (Asn1OctetString) keyInfo.GetPublicKey();
+                }
+                catch (IOException)
+                {
+                    throw new ArgumentException("invalid info structure in GOST3410 public key");
+                }
+
+                byte[] keyEnc = key.GetOctets();
+                byte[] x = new byte[32];
+                byte[] y = new byte[32];
+
+                for (int i = 0; i != y.Length; i++)
+                {
+                    x[i] = keyEnc[32 - 1 - i];
+                }
+
+                for (int i = 0; i != x.Length; i++)
+                {
+                    y[i] = keyEnc[64 - 1 - i];
+                }
+
+                ECDomainParameters ecP = ECGost3410NamedCurves.GetByOid(gostParams.PublicKeyParamSet);
+
+                if (ecP == null)
+                    return null;
+
+                ECPoint q = ecP.Curve.CreatePoint(new BigInteger(1, x), new BigInteger(1, y));
+
+                return new ECPublicKeyParameters("ECGOST3410", q, gostParams.PublicKeyParamSet);
+            }
+            else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94))
+            {
+                Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
+                    (Asn1Sequence) algID.Parameters);
+
+                DerOctetString derY;
+                try
+                {
+                    derY = (DerOctetString) keyInfo.GetPublicKey();
+                }
+                catch (IOException)
+                {
+                    throw new ArgumentException("invalid info structure in GOST3410 public key");
+                }
+
+                byte[] keyEnc = derY.GetOctets();
+                byte[] keyBytes = new byte[keyEnc.Length];
+
+                for (int i = 0; i != keyEnc.Length; i++)
+                {
+                    keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // was little endian
+                }
+
+                BigInteger y = new BigInteger(1, keyBytes);
+
+                return new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet);
+            }
+            else
+            {
+                throw new SecurityUtilityException("algorithm identifier in key not recognised: " + algOid);
+            }
+        }
+
+        private static bool IsPkcsDHParam(Asn1Sequence seq)
+        {
+            if (seq.Count == 2)
+                return true;
+
+            if (seq.Count > 3)
+                return false;
+
+            DerInteger l = DerInteger.GetInstance(seq[2]);
+            DerInteger p = DerInteger.GetInstance(seq[0]);
+
+            return l.Value.CompareTo(BigInteger.ValueOf(p.Value.BitLength)) <= 0;
+        }
+
+        private static DHPublicKeyParameters ReadPkcsDHParam(DerObjectIdentifier algOid,
+            BigInteger y, Asn1Sequence seq)
+        {
+            DHParameter para = new DHParameter(seq);
+
+            BigInteger lVal = para.L;
+            int l = lVal == null ? 0 : lVal.IntValue;
+            DHParameters dhParams = new DHParameters(para.P, para.G, null, l);
+
+            return new DHPublicKeyParameters(y, dhParams, algOid);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/SecureRandom.cs b/bc-sharp-crypto/src/security/SecureRandom.cs
new file mode 100644
index 0000000..bd639a3
--- /dev/null
+++ b/bc-sharp-crypto/src/security/SecureRandom.cs
@@ -0,0 +1,262 @@
+using System;
+using System.Threading;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Prng;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    public class SecureRandom
+        : Random
+    {
+        private static long counter = Times.NanoTime();
+
+#if NETCF_1_0 || PORTABLE
+        private static object counterLock = new object();
+        private static long NextCounterValue()
+        {
+            lock (counterLock)
+            {
+                return ++counter;
+            }
+        }
+
+        private static readonly SecureRandom[] master = { null };
+        private static SecureRandom Master
+        {
+            get
+            {
+                lock (master)
+                {
+                    if (master[0] == null)
+                    {
+                        SecureRandom sr = master[0] = GetInstance("SHA256PRNG", false);
+
+                        // Even though Ticks has at most 8 or 14 bits of entropy, there's no harm in adding it.
+                        sr.SetSeed(DateTime.Now.Ticks);
+
+                        // 32 will be enough when ThreadedSeedGenerator is fixed.  Until then, ThreadedSeedGenerator returns low
+                        // entropy, and this is not sufficient to be secure. http://www.bouncycastle.org/csharpdevmailarchive/msg00814.html
+                        sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(32, true));
+                    }
+
+                    return master[0];
+                }
+            }
+        }
+#else
+        private static long NextCounterValue()
+        {
+            return Interlocked.Increment(ref counter);
+        }
+
+        private static readonly SecureRandom master = new SecureRandom(new CryptoApiRandomGenerator());
+        private static SecureRandom Master
+        {
+            get { return master; }
+        }
+#endif
+
+        private static DigestRandomGenerator CreatePrng(string digestName, bool autoSeed)
+        {
+            IDigest digest = DigestUtilities.GetDigest(digestName);
+            if (digest == null)
+                return null;
+            DigestRandomGenerator prng = new DigestRandomGenerator(digest);
+            if (autoSeed)
+            {
+                prng.AddSeedMaterial(NextCounterValue());
+                prng.AddSeedMaterial(GetNextBytes(Master, digest.GetDigestSize()));
+            }
+            return prng;
+        }
+
+        public static byte[] GetNextBytes(SecureRandom secureRandom, int length)
+        {
+            byte[] result = new byte[length];
+            secureRandom.NextBytes(result);
+            return result;
+        }
+
+        /// <summary>
+        /// Create and auto-seed an instance based on the given algorithm.
+        /// </summary>
+        /// <remarks>Equivalent to GetInstance(algorithm, true)</remarks>
+        /// <param name="algorithm">e.g. "SHA256PRNG"</param>
+        public static SecureRandom GetInstance(string algorithm)
+        {
+            return GetInstance(algorithm, true);
+        }
+
+        /// <summary>
+        /// Create an instance based on the given algorithm, with optional auto-seeding
+        /// </summary>
+        /// <param name="algorithm">e.g. "SHA256PRNG"</param>
+        /// <param name="autoSeed">If true, the instance will be auto-seeded.</param>
+        public static SecureRandom GetInstance(string algorithm, bool autoSeed)
+        {
+            string upper = Platform.ToUpperInvariant(algorithm);
+            if (Platform.EndsWith(upper, "PRNG"))
+            {
+                string digestName = upper.Substring(0, upper.Length - "PRNG".Length);
+                DigestRandomGenerator prng = CreatePrng(digestName, autoSeed);
+                if (prng != null)
+                {
+                    return new SecureRandom(prng);
+                }
+            }
+
+            throw new ArgumentException("Unrecognised PRNG algorithm: " + algorithm, "algorithm");
+        }
+
+        [Obsolete("Call GenerateSeed() on a SecureRandom instance instead")]
+        public static byte[] GetSeed(int length)
+        {
+            return GetNextBytes(Master, length);
+        }
+
+        protected readonly IRandomGenerator generator;
+
+        public SecureRandom()
+            : this(CreatePrng("SHA256", true))
+        {
+        }
+
+        /// <remarks>
+        /// To replicate existing predictable output, replace with GetInstance("SHA1PRNG", false), followed by SetSeed(seed)
+        /// </remarks>
+        [Obsolete("Use GetInstance/SetSeed instead")]
+        public SecureRandom(byte[] seed)
+            : this(CreatePrng("SHA1", false))
+        {
+            SetSeed(seed);
+        }
+
+        /// <summary>Use the specified instance of IRandomGenerator as random source.</summary>
+        /// <remarks>
+        /// This constructor performs no seeding of either the <c>IRandomGenerator</c> or the
+        /// constructed <c>SecureRandom</c>. It is the responsibility of the client to provide
+        /// proper seed material as necessary/appropriate for the given <c>IRandomGenerator</c>
+        /// implementation.
+        /// </remarks>
+        /// <param name="generator">The source to generate all random bytes from.</param>
+        public SecureRandom(IRandomGenerator generator)
+            : base(0)
+        {
+            this.generator = generator;
+        }
+
+        public virtual byte[] GenerateSeed(int length)
+        {
+            return GetNextBytes(Master, length);
+        }
+
+        public virtual void SetSeed(byte[] seed)
+        {
+            generator.AddSeedMaterial(seed);
+        }
+
+        public virtual void SetSeed(long seed)
+        {
+            generator.AddSeedMaterial(seed);
+        }
+
+        public override int Next()
+        {
+            return NextInt() & int.MaxValue;
+        }
+
+        public override int Next(int maxValue)
+        {
+
+            if (maxValue < 2)
+            {
+                if (maxValue < 0)
+                    throw new ArgumentOutOfRangeException("maxValue", "cannot be negative");
+
+                return 0;
+            }
+
+            int bits;
+
+            // Test whether maxValue is a power of 2
+            if ((maxValue & (maxValue - 1)) == 0)
+            {
+                bits = NextInt() & int.MaxValue;
+                return (int)(((long)bits * maxValue) >> 31);
+            }
+
+            int result;
+            do
+            {
+                bits = NextInt() & int.MaxValue;
+                result = bits % maxValue;
+            }
+            while (bits - result + (maxValue - 1) < 0); // Ignore results near overflow
+
+            return result;
+        }
+
+        public override int Next(int minValue, int maxValue)
+        {
+            if (maxValue <= minValue)
+            {
+                if (maxValue == minValue)
+                    return minValue;
+
+                throw new ArgumentException("maxValue cannot be less than minValue");
+            }
+
+            int diff = maxValue - minValue;
+            if (diff > 0)
+                return minValue + Next(diff);
+
+            for (;;)
+            {
+                int i = NextInt();
+
+                if (i >= minValue && i < maxValue)
+                    return i;
+            }
+        }
+
+        public override void NextBytes(byte[] buf)
+        {
+            generator.NextBytes(buf);
+        }
+
+        public virtual void NextBytes(byte[] buf, int off, int len)
+        {
+            generator.NextBytes(buf, off, len);
+        }
+
+        private static readonly double DoubleScale = System.Math.Pow(2.0, 64.0);
+
+        public override double NextDouble()
+        {
+            return Convert.ToDouble((ulong) NextLong()) / DoubleScale;
+        }
+
+        public virtual int NextInt()
+        {
+            byte[] bytes = new byte[4];
+            NextBytes(bytes);
+
+            uint result = bytes[0];
+            result <<= 8;
+            result |= bytes[1];
+            result <<= 8;
+            result |= bytes[2];
+            result <<= 8;
+            result |= bytes[3];
+            return (int)result;
+        }
+
+        public virtual long NextLong()
+        {
+            return ((long)(uint) NextInt() << 32) | (long)(uint) NextInt();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/SecurityUtilityException.cs b/bc-sharp-crypto/src/security/SecurityUtilityException.cs
new file mode 100644
index 0000000..8a19530
--- /dev/null
+++ b/bc-sharp-crypto/src/security/SecurityUtilityException.cs
@@ -0,0 +1,36 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class SecurityUtilityException
+		: Exception
+    {
+        /**
+        * base constructor.
+        */
+        public SecurityUtilityException()
+        {
+        }
+
+		/**
+         * create a SecurityUtilityException with the given message.
+         *
+         * @param message the message to be carried with the exception.
+         */
+        public SecurityUtilityException(
+            string message)
+			: base(message)
+        {
+        }
+
+		public SecurityUtilityException(
+            string		message,
+            Exception	exception)
+			: base(message, exception)
+        {
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/SignatureException.cs b/bc-sharp-crypto/src/security/SignatureException.cs
new file mode 100644
index 0000000..3ad617d
--- /dev/null
+++ b/bc-sharp-crypto/src/security/SignatureException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class SignatureException : GeneralSecurityException
+	{
+		public SignatureException() : base() { }
+		public SignatureException(string message) : base(message) { }
+		public SignatureException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/SignerUtilities.cs b/bc-sharp-crypto/src/security/SignerUtilities.cs
new file mode 100644
index 0000000..9a4915b
--- /dev/null
+++ b/bc-sharp-crypto/src/security/SignerUtilities.cs
@@ -0,0 +1,566 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Crypto.Signers;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <summary>
+    ///  Signer Utility class contains methods that can not be specifically grouped into other classes.
+    /// </summary>
+    public sealed class SignerUtilities
+    {
+        private SignerUtilities()
+        {
+        }
+
+        internal static readonly IDictionary algorithms = Platform.CreateHashtable();
+        internal static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static SignerUtilities()
+        {
+            algorithms["MD2WITHRSA"] = "MD2withRSA";
+            algorithms["MD2WITHRSAENCRYPTION"] = "MD2withRSA";
+            algorithms[PkcsObjectIdentifiers.MD2WithRsaEncryption.Id] = "MD2withRSA";
+
+            algorithms["MD4WITHRSA"] = "MD4withRSA";
+            algorithms["MD4WITHRSAENCRYPTION"] = "MD4withRSA";
+            algorithms[PkcsObjectIdentifiers.MD4WithRsaEncryption.Id] = "MD4withRSA";
+
+            algorithms["MD5WITHRSA"] = "MD5withRSA";
+            algorithms["MD5WITHRSAENCRYPTION"] = "MD5withRSA";
+            algorithms[PkcsObjectIdentifiers.MD5WithRsaEncryption.Id] = "MD5withRSA";
+
+            algorithms["SHA1WITHRSA"] = "SHA-1withRSA";
+            algorithms["SHA1WITHRSAENCRYPTION"] = "SHA-1withRSA";
+            algorithms[PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id] = "SHA-1withRSA";
+            algorithms["SHA-1WITHRSA"] = "SHA-1withRSA";
+
+            algorithms["SHA224WITHRSA"] = "SHA-224withRSA";
+            algorithms["SHA224WITHRSAENCRYPTION"] = "SHA-224withRSA";
+            algorithms[PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id] = "SHA-224withRSA";
+            algorithms["SHA-224WITHRSA"] = "SHA-224withRSA";
+
+            algorithms["SHA256WITHRSA"] = "SHA-256withRSA";
+            algorithms["SHA256WITHRSAENCRYPTION"] = "SHA-256withRSA";
+            algorithms[PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id] = "SHA-256withRSA";
+            algorithms["SHA-256WITHRSA"] = "SHA-256withRSA";
+
+            algorithms["SHA384WITHRSA"] = "SHA-384withRSA";
+            algorithms["SHA384WITHRSAENCRYPTION"] = "SHA-384withRSA";
+            algorithms[PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id] = "SHA-384withRSA";
+            algorithms["SHA-384WITHRSA"] = "SHA-384withRSA";
+
+            algorithms["SHA512WITHRSA"] = "SHA-512withRSA";
+            algorithms["SHA512WITHRSAENCRYPTION"] = "SHA-512withRSA";
+            algorithms[PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id] = "SHA-512withRSA";
+            algorithms["SHA-512WITHRSA"] = "SHA-512withRSA";
+
+            algorithms["PSSWITHRSA"] = "PSSwithRSA";
+            algorithms["RSASSA-PSS"] = "PSSwithRSA";
+            algorithms[PkcsObjectIdentifiers.IdRsassaPss.Id] = "PSSwithRSA";
+            algorithms["RSAPSS"] = "PSSwithRSA";
+
+            algorithms["SHA1WITHRSAANDMGF1"] = "SHA-1withRSAandMGF1";
+            algorithms["SHA-1WITHRSAANDMGF1"] = "SHA-1withRSAandMGF1";
+            algorithms["SHA1WITHRSA/PSS"] = "SHA-1withRSAandMGF1";
+            algorithms["SHA-1WITHRSA/PSS"] = "SHA-1withRSAandMGF1";
+
+            algorithms["SHA224WITHRSAANDMGF1"] = "SHA-224withRSAandMGF1";
+            algorithms["SHA-224WITHRSAANDMGF1"] = "SHA-224withRSAandMGF1";
+            algorithms["SHA224WITHRSA/PSS"] = "SHA-224withRSAandMGF1";
+            algorithms["SHA-224WITHRSA/PSS"] = "SHA-224withRSAandMGF1";
+
+            algorithms["SHA256WITHRSAANDMGF1"] = "SHA-256withRSAandMGF1";
+            algorithms["SHA-256WITHRSAANDMGF1"] = "SHA-256withRSAandMGF1";
+            algorithms["SHA256WITHRSA/PSS"] = "SHA-256withRSAandMGF1";
+            algorithms["SHA-256WITHRSA/PSS"] = "SHA-256withRSAandMGF1";
+
+            algorithms["SHA384WITHRSAANDMGF1"] = "SHA-384withRSAandMGF1";
+            algorithms["SHA-384WITHRSAANDMGF1"] = "SHA-384withRSAandMGF1";
+            algorithms["SHA384WITHRSA/PSS"] = "SHA-384withRSAandMGF1";
+            algorithms["SHA-384WITHRSA/PSS"] = "SHA-384withRSAandMGF1";
+
+            algorithms["SHA512WITHRSAANDMGF1"] = "SHA-512withRSAandMGF1";
+            algorithms["SHA-512WITHRSAANDMGF1"] = "SHA-512withRSAandMGF1";
+            algorithms["SHA512WITHRSA/PSS"] = "SHA-512withRSAandMGF1";
+            algorithms["SHA-512WITHRSA/PSS"] = "SHA-512withRSAandMGF1";
+
+            algorithms["RIPEMD128WITHRSA"] = "RIPEMD128withRSA";
+            algorithms["RIPEMD128WITHRSAENCRYPTION"] = "RIPEMD128withRSA";
+            algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128.Id] = "RIPEMD128withRSA";
+
+            algorithms["RIPEMD160WITHRSA"] = "RIPEMD160withRSA";
+            algorithms["RIPEMD160WITHRSAENCRYPTION"] = "RIPEMD160withRSA";
+            algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160.Id] = "RIPEMD160withRSA";
+
+            algorithms["RIPEMD256WITHRSA"] = "RIPEMD256withRSA";
+            algorithms["RIPEMD256WITHRSAENCRYPTION"] = "RIPEMD256withRSA";
+            algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256.Id] = "RIPEMD256withRSA";
+
+            algorithms["NONEWITHRSA"] = "RSA";
+            algorithms["RSAWITHNONE"] = "RSA";
+            algorithms["RAWRSA"] = "RSA";
+
+            algorithms["RAWRSAPSS"] = "RAWRSASSA-PSS";
+            algorithms["NONEWITHRSAPSS"] = "RAWRSASSA-PSS";
+            algorithms["NONEWITHRSASSA-PSS"] = "RAWRSASSA-PSS";
+
+            algorithms["NONEWITHDSA"] = "NONEwithDSA";
+            algorithms["DSAWITHNONE"] = "NONEwithDSA";
+            algorithms["RAWDSA"] = "NONEwithDSA";
+
+            algorithms["DSA"] = "SHA-1withDSA";
+            algorithms["DSAWITHSHA1"] = "SHA-1withDSA";
+            algorithms["DSAWITHSHA-1"] = "SHA-1withDSA";
+            algorithms["SHA/DSA"] = "SHA-1withDSA";
+            algorithms["SHA1/DSA"] = "SHA-1withDSA";
+            algorithms["SHA-1/DSA"] = "SHA-1withDSA";
+            algorithms["SHA1WITHDSA"] = "SHA-1withDSA";
+            algorithms["SHA-1WITHDSA"] = "SHA-1withDSA";
+            algorithms[X9ObjectIdentifiers.IdDsaWithSha1.Id] = "SHA-1withDSA";
+
+            algorithms["DSAWITHSHA224"] = "SHA-224withDSA";
+            algorithms["DSAWITHSHA-224"] = "SHA-224withDSA";
+            algorithms["SHA224/DSA"] = "SHA-224withDSA";
+            algorithms["SHA-224/DSA"] = "SHA-224withDSA";
+            algorithms["SHA224WITHDSA"] = "SHA-224withDSA";
+            algorithms["SHA-224WITHDSA"] = "SHA-224withDSA";
+            algorithms[NistObjectIdentifiers.DsaWithSha224.Id] = "SHA-224withDSA";
+
+            algorithms["DSAWITHSHA256"] = "SHA-256withDSA";
+            algorithms["DSAWITHSHA-256"] = "SHA-256withDSA";
+            algorithms["SHA256/DSA"] = "SHA-256withDSA";
+            algorithms["SHA-256/DSA"] = "SHA-256withDSA";
+            algorithms["SHA256WITHDSA"] = "SHA-256withDSA";
+            algorithms["SHA-256WITHDSA"] = "SHA-256withDSA";
+            algorithms[NistObjectIdentifiers.DsaWithSha256.Id] = "SHA-256withDSA";
+
+            algorithms["DSAWITHSHA384"] = "SHA-384withDSA";
+            algorithms["DSAWITHSHA-384"] = "SHA-384withDSA";
+            algorithms["SHA384/DSA"] = "SHA-384withDSA";
+            algorithms["SHA-384/DSA"] = "SHA-384withDSA";
+            algorithms["SHA384WITHDSA"] = "SHA-384withDSA";
+            algorithms["SHA-384WITHDSA"] = "SHA-384withDSA";
+            algorithms[NistObjectIdentifiers.DsaWithSha384.Id] = "SHA-384withDSA";
+
+            algorithms["DSAWITHSHA512"] = "SHA-512withDSA";
+            algorithms["DSAWITHSHA-512"] = "SHA-512withDSA";
+            algorithms["SHA512/DSA"] = "SHA-512withDSA";
+            algorithms["SHA-512/DSA"] = "SHA-512withDSA";
+            algorithms["SHA512WITHDSA"] = "SHA-512withDSA";
+            algorithms["SHA-512WITHDSA"] = "SHA-512withDSA";
+            algorithms[NistObjectIdentifiers.DsaWithSha512.Id] = "SHA-512withDSA";
+
+            algorithms["NONEWITHECDSA"] = "NONEwithECDSA";
+            algorithms["ECDSAWITHNONE"] = "NONEwithECDSA";
+
+            algorithms["ECDSA"] = "SHA-1withECDSA";
+            algorithms["SHA1/ECDSA"] = "SHA-1withECDSA";
+            algorithms["SHA-1/ECDSA"] = "SHA-1withECDSA";
+            algorithms["ECDSAWITHSHA1"] = "SHA-1withECDSA";
+            algorithms["ECDSAWITHSHA-1"] = "SHA-1withECDSA";
+            algorithms["SHA1WITHECDSA"] = "SHA-1withECDSA";
+            algorithms["SHA-1WITHECDSA"] = "SHA-1withECDSA";
+            algorithms[X9ObjectIdentifiers.ECDsaWithSha1.Id] = "SHA-1withECDSA";
+            algorithms[TeleTrusTObjectIdentifiers.ECSignWithSha1.Id] = "SHA-1withECDSA";
+
+            algorithms["SHA224/ECDSA"] = "SHA-224withECDSA";
+            algorithms["SHA-224/ECDSA"] = "SHA-224withECDSA";
+            algorithms["ECDSAWITHSHA224"] = "SHA-224withECDSA";
+            algorithms["ECDSAWITHSHA-224"] = "SHA-224withECDSA";
+            algorithms["SHA224WITHECDSA"] = "SHA-224withECDSA";
+            algorithms["SHA-224WITHECDSA"] = "SHA-224withECDSA";
+            algorithms[X9ObjectIdentifiers.ECDsaWithSha224.Id] = "SHA-224withECDSA";
+
+            algorithms["SHA256/ECDSA"] = "SHA-256withECDSA";
+            algorithms["SHA-256/ECDSA"] = "SHA-256withECDSA";
+            algorithms["ECDSAWITHSHA256"] = "SHA-256withECDSA";
+            algorithms["ECDSAWITHSHA-256"] = "SHA-256withECDSA";
+            algorithms["SHA256WITHECDSA"] = "SHA-256withECDSA";
+            algorithms["SHA-256WITHECDSA"] = "SHA-256withECDSA";
+            algorithms[X9ObjectIdentifiers.ECDsaWithSha256.Id] = "SHA-256withECDSA";
+
+            algorithms["SHA384/ECDSA"] = "SHA-384withECDSA";
+            algorithms["SHA-384/ECDSA"] = "SHA-384withECDSA";
+            algorithms["ECDSAWITHSHA384"] = "SHA-384withECDSA";
+            algorithms["ECDSAWITHSHA-384"] = "SHA-384withECDSA";
+            algorithms["SHA384WITHECDSA"] = "SHA-384withECDSA";
+            algorithms["SHA-384WITHECDSA"] = "SHA-384withECDSA";
+            algorithms[X9ObjectIdentifiers.ECDsaWithSha384.Id] = "SHA-384withECDSA";
+
+            algorithms["SHA512/ECDSA"] = "SHA-512withECDSA";
+            algorithms["SHA-512/ECDSA"] = "SHA-512withECDSA";
+            algorithms["ECDSAWITHSHA512"] = "SHA-512withECDSA";
+            algorithms["ECDSAWITHSHA-512"] = "SHA-512withECDSA";
+            algorithms["SHA512WITHECDSA"] = "SHA-512withECDSA";
+            algorithms["SHA-512WITHECDSA"] = "SHA-512withECDSA";
+            algorithms[X9ObjectIdentifiers.ECDsaWithSha512.Id] = "SHA-512withECDSA";
+
+            algorithms["RIPEMD160/ECDSA"] = "RIPEMD160withECDSA";
+            algorithms["ECDSAWITHRIPEMD160"] = "RIPEMD160withECDSA";
+            algorithms["RIPEMD160WITHECDSA"] = "RIPEMD160withECDSA";
+            algorithms[TeleTrusTObjectIdentifiers.ECSignWithRipeMD160.Id] = "RIPEMD160withECDSA";
+
+            algorithms["GOST-3410"] = "GOST3410";
+            algorithms["GOST-3410-94"] = "GOST3410";
+            algorithms["GOST3411WITHGOST3410"] = "GOST3410";
+            algorithms[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94.Id] = "GOST3410";
+
+            algorithms["ECGOST-3410"] = "ECGOST3410";
+            algorithms["ECGOST-3410-2001"] = "ECGOST3410";
+            algorithms["GOST3411WITHECGOST3410"] = "ECGOST3410";
+            algorithms[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001.Id] = "ECGOST3410";
+
+
+
+            oids["MD2withRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption;
+            oids["MD4withRSA"] = PkcsObjectIdentifiers.MD4WithRsaEncryption;
+            oids["MD5withRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption;
+
+            oids["SHA-1withRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
+            oids["SHA-224withRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption;
+            oids["SHA-256withRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption;
+            oids["SHA-384withRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption;
+            oids["SHA-512withRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption;
+
+            oids["PSSwithRSA"] = PkcsObjectIdentifiers.IdRsassaPss;
+            oids["SHA-1withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            oids["SHA-224withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            oids["SHA-256withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            oids["SHA-384withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+            oids["SHA-512withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss;
+
+            oids["RIPEMD128withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128;
+            oids["RIPEMD160withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160;
+            oids["RIPEMD256withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256;
+
+            oids["SHA-1withDSA"] = X9ObjectIdentifiers.IdDsaWithSha1;
+
+            oids["SHA-1withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1;
+            oids["SHA-224withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224;
+            oids["SHA-256withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256;
+            oids["SHA-384withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384;
+            oids["SHA-512withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512;
+
+            oids["GOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94;
+            oids["ECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001;
+        }
+
+        /// <summary>
+        /// Returns an ObjectIdentifier for a given encoding.
+        /// </summary>
+        /// <param name="mechanism">A string representation of the encoding.</param>
+        /// <returns>A DerObjectIdentifier, null if the OID is not available.</returns>
+        // TODO Don't really want to support this
+        public static DerObjectIdentifier GetObjectIdentifier(
+            string mechanism)
+        {
+            if (mechanism == null)
+                throw new ArgumentNullException("mechanism");
+
+            mechanism = Platform.ToUpperInvariant(mechanism);
+            string aliased = (string) algorithms[mechanism];
+
+            if (aliased != null)
+                mechanism = aliased;
+
+            return (DerObjectIdentifier) oids[mechanism];
+        }
+
+        public static ICollection Algorithms
+        {
+            get { return oids.Keys; }
+        }
+
+        public static Asn1Encodable GetDefaultX509Parameters(
+            DerObjectIdentifier id)
+        {
+            return GetDefaultX509Parameters(id.Id);
+        }
+
+        public static Asn1Encodable GetDefaultX509Parameters(
+            string algorithm)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            algorithm = Platform.ToUpperInvariant(algorithm);
+
+            string mechanism = (string) algorithms[algorithm];
+
+            if (mechanism == null)
+                mechanism = algorithm;
+
+            if (mechanism == "PSSwithRSA")
+            {
+                // TODO The Sha1Digest here is a default. In JCE version, the actual digest
+                // to be used can be overridden by subsequent parameter settings.
+                return GetPssX509Parameters("SHA-1");
+            }
+
+            if (Platform.EndsWith(mechanism, "withRSAandMGF1"))
+            {
+                string digestName = mechanism.Substring(0, mechanism.Length - "withRSAandMGF1".Length);
+                return GetPssX509Parameters(digestName);
+            }
+
+            return DerNull.Instance;
+        }
+
+        private static Asn1Encodable GetPssX509Parameters(
+            string	digestName)
+        {
+            AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(
+                DigestUtilities.GetObjectIdentifier(digestName), DerNull.Instance);
+
+            // TODO Is it possible for the MGF hash alg to be different from the PSS one?
+            AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier(
+                PkcsObjectIdentifiers.IdMgf1, hashAlgorithm);
+
+            int saltLen = DigestUtilities.GetDigest(digestName).GetDigestSize();
+            return new RsassaPssParameters(hashAlgorithm, maskGenAlgorithm,
+                new DerInteger(saltLen), new DerInteger(1));
+        }
+
+        public static ISigner GetSigner(
+            DerObjectIdentifier id)
+        {
+            return GetSigner(id.Id);
+        }
+
+        public static ISigner GetSigner(
+            string algorithm)
+        {
+            if (algorithm == null)
+                throw new ArgumentNullException("algorithm");
+
+            algorithm = Platform.ToUpperInvariant(algorithm);
+
+            string mechanism = (string) algorithms[algorithm];
+
+            if (mechanism == null)
+                mechanism = algorithm;
+
+            if (mechanism.Equals("RSA"))
+            {
+                return (new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null));
+            }
+            if (mechanism.Equals("MD2withRSA"))
+            {
+                return (new RsaDigestSigner(new MD2Digest()));
+            }
+            if (mechanism.Equals("MD4withRSA"))
+            {
+                return (new RsaDigestSigner(new MD4Digest()));
+            }
+            if (mechanism.Equals("MD5withRSA"))
+            {
+                return (new RsaDigestSigner(new MD5Digest()));
+            }
+            if (mechanism.Equals("SHA-1withRSA"))
+            {
+                return (new RsaDigestSigner(new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA-224withRSA"))
+            {
+                return (new RsaDigestSigner(new Sha224Digest()));
+            }
+            if (mechanism.Equals("SHA-256withRSA"))
+            {
+                return (new RsaDigestSigner(new Sha256Digest()));
+            }
+            if (mechanism.Equals("SHA-384withRSA"))
+            {
+                return (new RsaDigestSigner(new Sha384Digest()));
+            }
+            if (mechanism.Equals("SHA-512withRSA"))
+            {
+                return (new RsaDigestSigner(new Sha512Digest()));
+            }
+            if (mechanism.Equals("RIPEMD128withRSA"))
+            {
+                return (new RsaDigestSigner(new RipeMD128Digest()));
+            }
+            if (mechanism.Equals("RIPEMD160withRSA"))
+            {
+                return (new RsaDigestSigner(new RipeMD160Digest()));
+            }
+            if (mechanism.Equals("RIPEMD256withRSA"))
+            {
+                return (new RsaDigestSigner(new RipeMD256Digest()));
+            }
+
+            if (mechanism.Equals("RAWRSASSA-PSS"))
+            {
+                // TODO Add support for other parameter settings
+                return PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest());
+            }
+            if (mechanism.Equals("PSSwithRSA"))
+            {
+                // TODO The Sha1Digest here is a default. In JCE version, the actual digest
+                // to be used can be overridden by subsequent parameter settings.
+                return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA-1withRSAandMGF1"))
+            {
+                return (new PssSigner(new RsaBlindedEngine(), new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA-224withRSAandMGF1"))
+            {
+                return (new PssSigner(new RsaBlindedEngine(), new Sha224Digest()));
+            }
+            if (mechanism.Equals("SHA-256withRSAandMGF1"))
+            {
+                return (new PssSigner(new RsaBlindedEngine(), new Sha256Digest()));
+            }
+            if (mechanism.Equals("SHA-384withRSAandMGF1"))
+            {
+                return (new PssSigner(new RsaBlindedEngine(), new Sha384Digest()));
+            }
+            if (mechanism.Equals("SHA-512withRSAandMGF1"))
+            {
+                return (new PssSigner(new RsaBlindedEngine(), new Sha512Digest()));
+            }
+
+            if (mechanism.Equals("NONEwithDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new NullDigest()));
+            }
+            if (mechanism.Equals("SHA-1withDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA-224withDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new Sha224Digest()));
+            }
+            if (mechanism.Equals("SHA-256withDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new Sha256Digest()));
+            }
+            if (mechanism.Equals("SHA-384withDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new Sha384Digest()));
+            }
+            if (mechanism.Equals("SHA-512withDSA"))
+            {
+                return (new DsaDigestSigner(new DsaSigner(), new Sha512Digest()));
+            }
+
+            if (mechanism.Equals("NONEwithECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new NullDigest()));
+            }
+            if (mechanism.Equals("SHA-1withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA-224withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new Sha224Digest()));
+            }
+            if (mechanism.Equals("SHA-256withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new Sha256Digest()));
+            }
+            if (mechanism.Equals("SHA-384withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new Sha384Digest()));
+            }
+            if (mechanism.Equals("SHA-512withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new Sha512Digest()));
+            }
+
+            if (mechanism.Equals("RIPEMD160withECDSA"))
+            {
+                return (new DsaDigestSigner(new ECDsaSigner(), new RipeMD160Digest()));
+            }
+
+            if (mechanism.Equals("SHA1WITHECNR"))
+            {
+                return (new DsaDigestSigner(new ECNRSigner(), new Sha1Digest()));
+            }
+            if (mechanism.Equals("SHA224WITHECNR"))
+            {
+                return (new DsaDigestSigner(new ECNRSigner(), new Sha224Digest()));
+            }
+            if (mechanism.Equals("SHA256WITHECNR"))
+            {
+                return (new DsaDigestSigner(new ECNRSigner(), new Sha256Digest()));
+            }
+            if (mechanism.Equals("SHA384WITHECNR"))
+            {
+                return (new DsaDigestSigner(new ECNRSigner(), new Sha384Digest()));
+            }
+            if (mechanism.Equals("SHA512WITHECNR"))
+            {
+                return (new DsaDigestSigner(new ECNRSigner(), new Sha512Digest()));
+            }
+
+            if (mechanism.Equals("GOST3410"))
+            {
+                return new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest());
+            }
+            if (mechanism.Equals("ECGOST3410"))
+            {
+                return new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest());
+            }
+
+            if (mechanism.Equals("SHA1WITHRSA/ISO9796-2"))
+            {
+                return new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true);
+            }
+            if (mechanism.Equals("MD5WITHRSA/ISO9796-2"))
+            {
+                return new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true);
+            }
+            if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2"))
+            {
+                return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true);
+            }
+
+            if (Platform.EndsWith(mechanism, "/X9.31"))
+            {
+                string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length);
+                int withPos = Platform.IndexOf(x931, "WITH");
+                if (withPos > 0)
+                {
+                    int endPos = withPos + "WITH".Length;
+
+                    string digestName = x931.Substring(0, withPos);
+                    IDigest digest = DigestUtilities.GetDigest(digestName);
+
+                    string cipherName = x931.Substring(endPos, x931.Length - endPos);
+                    if (cipherName.Equals("RSA"))
+                    {
+                        IAsymmetricBlockCipher cipher = new RsaBlindedEngine();
+                        return new X931Signer(cipher, digest);
+                    }
+                }
+            }
+
+            throw new SecurityUtilityException("Signer " + algorithm + " not recognised.");
+        }
+
+        public static string GetEncodingName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/WrapperUtilities.cs b/bc-sharp-crypto/src/security/WrapperUtilities.cs
new file mode 100644
index 0000000..c576320
--- /dev/null
+++ b/bc-sharp-crypto/src/security/WrapperUtilities.cs
@@ -0,0 +1,153 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Kisa;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Ntt;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Security
+{
+    /// <remarks>
+    ///  Utility class for creating IWrapper objects from their names/Oids
+    /// </remarks>
+    public sealed class WrapperUtilities
+    {
+        private enum WrapAlgorithm { AESWRAP, CAMELLIAWRAP, DESEDEWRAP, RC2WRAP, SEEDWRAP,
+            DESEDERFC3211WRAP, AESRFC3211WRAP, CAMELLIARFC3211WRAP };
+
+        private WrapperUtilities()
+        {
+        }
+
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        //private static readonly IDictionary oids = Platform.CreateHashtable();
+
+        static WrapperUtilities()
+        {
+            // Signal to obfuscation tools not to change enum constants
+            ((WrapAlgorithm)Enums.GetArbitraryValue(typeof(WrapAlgorithm))).ToString();
+
+            algorithms[NistObjectIdentifiers.IdAes128Wrap.Id] = "AESWRAP";
+            algorithms[NistObjectIdentifiers.IdAes192Wrap.Id] = "AESWRAP";
+            algorithms[NistObjectIdentifiers.IdAes256Wrap.Id] = "AESWRAP";
+
+            algorithms[NttObjectIdentifiers.IdCamellia128Wrap.Id] = "CAMELLIAWRAP";
+            algorithms[NttObjectIdentifiers.IdCamellia192Wrap.Id] = "CAMELLIAWRAP";
+            algorithms[NttObjectIdentifiers.IdCamellia256Wrap.Id] = "CAMELLIAWRAP";
+
+            algorithms[PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id] = "DESEDEWRAP";
+            algorithms["TDEAWRAP"] = "DESEDEWRAP";
+
+            algorithms[PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id] = "RC2WRAP";
+
+            algorithms[KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id] = "SEEDWRAP";
+        }
+
+        public static IWrapper GetWrapper(
+            DerObjectIdentifier oid)
+        {
+            return GetWrapper(oid.Id);
+        }
+
+        public static IWrapper GetWrapper(
+            string algorithm)
+        {
+            string upper = Platform.ToUpperInvariant(algorithm);
+            string mechanism = (string)algorithms[upper];
+
+            if (mechanism == null)
+            {
+                mechanism = upper;
+            }
+
+            try
+            {
+                WrapAlgorithm wrapAlgorithm = (WrapAlgorithm)Enums.GetEnumValue(
+                    typeof(WrapAlgorithm), mechanism);
+
+                switch (wrapAlgorithm)
+                {
+                    case WrapAlgorithm.AESWRAP:				return new AesWrapEngine();
+                    case WrapAlgorithm.CAMELLIAWRAP:		return new CamelliaWrapEngine();
+                    case WrapAlgorithm.DESEDEWRAP:			return new DesEdeWrapEngine();
+                    case WrapAlgorithm.RC2WRAP:				return new RC2WrapEngine();
+                    case WrapAlgorithm.SEEDWRAP:			return new SeedWrapEngine();
+                    case WrapAlgorithm.DESEDERFC3211WRAP:	return new Rfc3211WrapEngine(new DesEdeEngine());
+                    case WrapAlgorithm.AESRFC3211WRAP:		return new Rfc3211WrapEngine(new AesEngine());
+                    case WrapAlgorithm.CAMELLIARFC3211WRAP:	return new Rfc3211WrapEngine(new CamelliaEngine());
+                }
+            }
+            catch (ArgumentException)
+            {
+            }
+
+            // Create an IBufferedCipher and use it as IWrapper (via BufferedCipherWrapper)
+            IBufferedCipher blockCipher = CipherUtilities.GetCipher(algorithm);
+
+            if (blockCipher != null)
+                return new BufferedCipherWrapper(blockCipher);
+
+            throw new SecurityUtilityException("Wrapper " + algorithm + " not recognised.");
+        }
+
+        public static string GetAlgorithmName(
+            DerObjectIdentifier oid)
+        {
+            return (string) algorithms[oid.Id];
+        }
+
+        private class BufferedCipherWrapper
+            : IWrapper
+        {
+            private readonly IBufferedCipher cipher;
+            private bool forWrapping;
+
+            public BufferedCipherWrapper(
+                IBufferedCipher cipher)
+            {
+                this.cipher = cipher;
+            }
+
+            public string AlgorithmName
+            {
+                get { return cipher.AlgorithmName; }
+            }
+
+            public void Init(
+                bool				forWrapping,
+                ICipherParameters	parameters)
+            {
+                this.forWrapping = forWrapping;
+
+                cipher.Init(forWrapping, parameters);
+            }
+
+            public byte[] Wrap(
+                byte[]	input,
+                int		inOff,
+                int		length)
+            {
+                if (!forWrapping)
+                    throw new InvalidOperationException("Not initialised for wrapping");
+
+                return cipher.DoFinal(input, inOff, length);
+            }
+
+            public byte[] Unwrap(
+                byte[]	input,
+                int		inOff,
+                int		length)
+            {
+                if (forWrapping)
+                    throw new InvalidOperationException("Not initialised for unwrapping");
+
+                return cipher.DoFinal(input, inOff, length);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/security/cert/CertificateEncodingException.cs b/bc-sharp-crypto/src/security/cert/CertificateEncodingException.cs
new file mode 100644
index 0000000..ab9024f
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CertificateEncodingException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CertificateEncodingException : CertificateException
+	{
+		public CertificateEncodingException() : base() { }
+		public CertificateEncodingException(string msg) : base(msg) { }
+		public CertificateEncodingException(string msg, Exception e) : base(msg, e) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/cert/CertificateException.cs b/bc-sharp-crypto/src/security/cert/CertificateException.cs
new file mode 100644
index 0000000..4bbaccf
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CertificateException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CertificateException : GeneralSecurityException
+	{
+		public CertificateException() : base() { }
+		public CertificateException(string message) : base(message) { }
+		public CertificateException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/cert/CertificateExpiredException.cs b/bc-sharp-crypto/src/security/cert/CertificateExpiredException.cs
new file mode 100644
index 0000000..864fb85
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CertificateExpiredException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CertificateExpiredException : CertificateException
+	{
+		public CertificateExpiredException() : base() { }
+		public CertificateExpiredException(string message) : base(message) { }
+		public CertificateExpiredException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/cert/CertificateNotYetValidException.cs b/bc-sharp-crypto/src/security/cert/CertificateNotYetValidException.cs
new file mode 100644
index 0000000..02112be
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CertificateNotYetValidException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CertificateNotYetValidException : CertificateException
+	{
+		public CertificateNotYetValidException() : base() { }
+		public CertificateNotYetValidException(string message) : base(message) { }
+		public CertificateNotYetValidException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/cert/CertificateParsingException.cs b/bc-sharp-crypto/src/security/cert/CertificateParsingException.cs
new file mode 100644
index 0000000..ae909ca
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CertificateParsingException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CertificateParsingException : CertificateException
+	{
+		public CertificateParsingException() : base() { }
+		public CertificateParsingException(string message) : base(message) { }
+		public CertificateParsingException(string message, Exception exception) : base(message, exception) { }
+	}
+}
diff --git a/bc-sharp-crypto/src/security/cert/CrlException.cs b/bc-sharp-crypto/src/security/cert/CrlException.cs
new file mode 100644
index 0000000..fe9807e
--- /dev/null
+++ b/bc-sharp-crypto/src/security/cert/CrlException.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Security.Certificates
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class CrlException : GeneralSecurityException
+	{
+		public CrlException() : base() { }
+		public CrlException(string msg) : base(msg) {}
+		public CrlException(string msg, Exception e) : base(msg, e) {}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/GenTimeAccuracy.cs b/bc-sharp-crypto/src/tsp/GenTimeAccuracy.cs
new file mode 100644
index 0000000..8a2f299
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/GenTimeAccuracy.cs
@@ -0,0 +1,33 @@
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Tsp;
+
+namespace Org.BouncyCastle.Tsp
+{
+	public class GenTimeAccuracy
+	{
+		private Accuracy accuracy;
+
+		public GenTimeAccuracy(
+			Accuracy accuracy)
+		{
+			this.accuracy = accuracy;
+		}
+
+		public int Seconds { get { return GetTimeComponent(accuracy.Seconds); } }
+
+		public int Millis { get { return GetTimeComponent(accuracy.Millis); } }
+
+		public int Micros { get { return GetTimeComponent(accuracy.Micros); } }
+
+		private int GetTimeComponent(
+			DerInteger time)
+		{
+			return time == null ? 0 : time.Value.IntValue;
+		}
+
+		public override string ToString()
+		{
+			return Seconds + "." + Millis.ToString("000") + Micros.ToString("000");
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TSPAlgorithms.cs b/bc-sharp-crypto/src/tsp/TSPAlgorithms.cs
new file mode 100644
index 0000000..e3dfc79
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TSPAlgorithms.cs
@@ -0,0 +1,48 @@
+using System.Collections;
+
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Tsp
+{
+	/**
+	 * Recognised hash algorithms for the time stamp protocol.
+	 */
+	public abstract class TspAlgorithms
+	{
+		public static readonly string MD5 = PkcsObjectIdentifiers.MD5.Id;
+
+		public static readonly string Sha1 = OiwObjectIdentifiers.IdSha1.Id;
+
+		public static readonly string Sha224 = NistObjectIdentifiers.IdSha224.Id;
+		public static readonly string Sha256 = NistObjectIdentifiers.IdSha256.Id;
+		public static readonly string Sha384 = NistObjectIdentifiers.IdSha384.Id;
+		public static readonly string Sha512 = NistObjectIdentifiers.IdSha512.Id;
+
+		public static readonly string RipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id;
+		public static readonly string RipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id;
+		public static readonly string RipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id;
+
+		public static readonly string Gost3411 = CryptoProObjectIdentifiers.GostR3411.Id;
+
+		public static readonly IList Allowed;
+
+		static TspAlgorithms()
+		{
+			string[] algs = new string[]
+			{
+				Gost3411, MD5, Sha1, Sha224, Sha256, Sha384, Sha512, RipeMD128, RipeMD160, RipeMD256
+			};
+
+			Allowed = Platform.CreateArrayList();
+			foreach (string alg in algs)
+			{
+				Allowed.Add(alg);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TSPException.cs b/bc-sharp-crypto/src/tsp/TSPException.cs
new file mode 100644
index 0000000..0f29b12
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TSPException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.Tsp
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class TspException
+		: Exception
+	{
+		public TspException()
+		{
+		}
+
+		public TspException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public TspException(
+			string		message,
+			Exception	e)
+			: base(message, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TSPUtil.cs b/bc-sharp-crypto/src/tsp/TSPUtil.cs
new file mode 100644
index 0000000..1026914
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TSPUtil.cs
@@ -0,0 +1,202 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tsp
+{
+	public class TspUtil
+	{
+		private static ISet EmptySet = CollectionUtilities.ReadOnly(new HashSet());
+		private static IList EmptyList = CollectionUtilities.ReadOnly(Platform.CreateArrayList());
+
+		private static readonly IDictionary digestLengths = Platform.CreateHashtable();
+        private static readonly IDictionary digestNames = Platform.CreateHashtable();
+
+		static TspUtil()
+		{
+			digestLengths.Add(PkcsObjectIdentifiers.MD5.Id, 16);
+			digestLengths.Add(OiwObjectIdentifiers.IdSha1.Id, 20);
+			digestLengths.Add(NistObjectIdentifiers.IdSha224.Id, 28);
+			digestLengths.Add(NistObjectIdentifiers.IdSha256.Id, 32);
+			digestLengths.Add(NistObjectIdentifiers.IdSha384.Id, 48);
+			digestLengths.Add(NistObjectIdentifiers.IdSha512.Id, 64);
+			digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, 16);
+			digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, 20);
+			digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, 32);
+			digestLengths.Add(CryptoProObjectIdentifiers.GostR3411.Id, 32);
+
+			digestNames.Add(PkcsObjectIdentifiers.MD5.Id, "MD5");
+			digestNames.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1");
+			digestNames.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224");
+			digestNames.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256");
+			digestNames.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384");
+			digestNames.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512");
+			digestNames.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id, "SHA1");
+			digestNames.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id, "SHA224");
+			digestNames.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id, "SHA256");
+			digestNames.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id, "SHA384");
+			digestNames.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id, "SHA512");
+			digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128");
+			digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160");
+			digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256");
+			digestNames.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411");
+		}
+
+
+	    /**
+	     * Fetches the signature time-stamp attributes from a SignerInformation object.
+	     * Checks that the MessageImprint for each time-stamp matches the signature field.
+	     * (see RFC 3161 Appendix A).
+	     *
+	     * @param signerInfo a SignerInformation to search for time-stamps
+	     * @return a collection of TimeStampToken objects
+	     * @throws TSPValidationException
+	     */
+		public static ICollection GetSignatureTimestamps(
+			SignerInformation signerInfo)
+		{
+			IList timestamps = Platform.CreateArrayList();
+
+			Asn1.Cms.AttributeTable unsignedAttrs = signerInfo.UnsignedAttributes;
+			if (unsignedAttrs != null)
+			{
+				foreach (Asn1.Cms.Attribute tsAttr in unsignedAttrs.GetAll(
+					PkcsObjectIdentifiers.IdAASignatureTimeStampToken))
+				{
+					foreach (Asn1Encodable asn1 in tsAttr.AttrValues)
+					{
+						try
+						{
+							Asn1.Cms.ContentInfo contentInfo = Asn1.Cms.ContentInfo.GetInstance(
+								asn1.ToAsn1Object());
+							TimeStampToken timeStampToken = new TimeStampToken(contentInfo);
+							TimeStampTokenInfo tstInfo = timeStampToken.TimeStampInfo;
+
+							byte[] expectedDigest = DigestUtilities.CalculateDigest(
+								GetDigestAlgName(tstInfo.MessageImprintAlgOid),
+							    signerInfo.GetSignature());
+
+							if (!Arrays.ConstantTimeAreEqual(expectedDigest, tstInfo.GetMessageImprintDigest()))
+								throw new TspValidationException("Incorrect digest in message imprint");
+
+							timestamps.Add(timeStampToken);
+						}
+						catch (SecurityUtilityException)
+						{
+							throw new TspValidationException("Unknown hash algorithm specified in timestamp");
+						}
+						catch (Exception)
+						{
+							throw new TspValidationException("Timestamp could not be parsed");
+						}
+					}
+				}
+			}
+
+			return timestamps;
+		}
+
+		/**
+		 * Validate the passed in certificate as being of the correct type to be used
+		 * for time stamping. To be valid it must have an ExtendedKeyUsage extension
+		 * which has a key purpose identifier of id-kp-timeStamping.
+		 *
+		 * @param cert the certificate of interest.
+		 * @throws TspValidationException if the certicate fails on one of the check points.
+		 */
+		public static void ValidateCertificate(
+			X509Certificate cert)
+		{
+			if (cert.Version != 3)
+				throw new ArgumentException("Certificate must have an ExtendedKeyUsage extension.");
+
+			Asn1OctetString ext = cert.GetExtensionValue(X509Extensions.ExtendedKeyUsage);
+			if (ext == null)
+				throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension.");
+
+			if (!cert.GetCriticalExtensionOids().Contains(X509Extensions.ExtendedKeyUsage.Id))
+				throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
+
+			try
+			{
+				ExtendedKeyUsage extKey = ExtendedKeyUsage.GetInstance(
+					Asn1Object.FromByteArray(ext.GetOctets()));
+
+				if (!extKey.HasKeyPurposeId(KeyPurposeID.IdKPTimeStamping) || extKey.Count != 1)
+					throw new TspValidationException("ExtendedKeyUsage not solely time stamping.");
+			}
+			catch (IOException)
+			{
+				throw new TspValidationException("cannot process ExtendedKeyUsage extension");
+			}
+		}
+
+		/// <summary>
+		/// Return the digest algorithm using one of the standard JCA string
+		/// representations rather than the algorithm identifier (if possible).
+		/// </summary>
+		internal static string GetDigestAlgName(
+			string digestAlgOID)
+		{
+			string digestName = (string) digestNames[digestAlgOID];
+
+			return digestName != null ? digestName : digestAlgOID;
+		}
+
+		internal static int GetDigestLength(
+			string digestAlgOID)
+		{
+			if (!digestLengths.Contains(digestAlgOID))
+				throw new TspException("digest algorithm cannot be found.");
+
+			return (int)digestLengths[digestAlgOID];
+		}
+
+		internal static IDigest CreateDigestInstance(
+			String digestAlgOID)
+		{
+	        string digestName = GetDigestAlgName(digestAlgOID);
+
+			return DigestUtilities.GetDigest(digestName);
+		}
+
+		internal static ISet GetCriticalExtensionOids(X509Extensions extensions)
+		{
+			if (extensions == null)
+				return EmptySet;
+
+			return CollectionUtilities.ReadOnly(new HashSet(extensions.GetCriticalExtensionOids()));
+		}
+
+		internal static ISet GetNonCriticalExtensionOids(X509Extensions extensions)
+		{
+			if (extensions == null)
+				return EmptySet;
+
+			// TODO: should probably produce a set that imposes correct ordering
+			return CollectionUtilities.ReadOnly(new HashSet(extensions.GetNonCriticalExtensionOids()));
+		}
+		
+		internal static IList GetExtensionOids(X509Extensions extensions)
+		{
+			if (extensions == null)
+				return EmptyList;
+
+			return CollectionUtilities.ReadOnly(Platform.CreateArrayList(extensions.GetExtensionOids()));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TSPValidationException.cs b/bc-sharp-crypto/src/tsp/TSPValidationException.cs
new file mode 100644
index 0000000..80f6420
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TSPValidationException.cs
@@ -0,0 +1,44 @@
+using System;
+
+namespace Org.BouncyCastle.Tsp
+{
+	/**
+	 * Exception thrown if a TSP request or response fails to validate.
+	 * <p>
+	 * If a failure code is associated with the exception it can be retrieved using
+	 * the getFailureCode() method.</p>
+	 */
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class TspValidationException
+		: TspException
+	{
+		private int failureCode;
+
+		public TspValidationException(
+			string message)
+			: base(message)
+		{
+			this.failureCode = -1;
+		}
+
+		public TspValidationException(
+			string	message,
+			int		failureCode)
+			: base(message)
+		{
+			this.failureCode = failureCode;
+		}
+
+		/**
+		 * Return the failure code associated with this exception - if one is set.
+		 *
+		 * @return the failure code if set, -1 otherwise.
+		 */
+		public int FailureCode
+		{
+			get { return failureCode; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampRequest.cs b/bc-sharp-crypto/src/tsp/TimeStampRequest.cs
new file mode 100644
index 0000000..0b41ade
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampRequest.cs
@@ -0,0 +1,186 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.X509;
+
+namespace Org.BouncyCastle.Tsp
+{
+	/**
+	 * Base class for an RFC 3161 Time Stamp Request.
+	 */
+	public class TimeStampRequest
+		: X509ExtensionBase
+	{
+		private TimeStampReq req;
+		private X509Extensions extensions;
+
+		public TimeStampRequest(
+			TimeStampReq req)
+		{
+			this.req = req;
+			this.extensions = req.Extensions;
+		}
+
+		/**
+		* Create a TimeStampRequest from the past in byte array.
+		*
+		* @param req byte array containing the request.
+		* @throws IOException if the request is malformed.
+		*/
+		public TimeStampRequest(
+			byte[] req)
+			: this(new Asn1InputStream(req))
+		{
+		}
+
+		/**
+		* Create a TimeStampRequest from the past in input stream.
+		*
+		* @param in input stream containing the request.
+		* @throws IOException if the request is malformed.
+		*/
+		public TimeStampRequest(
+			Stream input)
+			: this(new Asn1InputStream(input))
+		{
+		}
+
+		private TimeStampRequest(
+			Asn1InputStream str)
+		{
+			try
+			{
+				this.req = TimeStampReq.GetInstance(str.ReadObject());
+			}
+			catch (InvalidCastException e)
+			{
+				throw new IOException("malformed request: " + e);
+			}
+			catch (ArgumentException e)
+			{
+				throw new IOException("malformed request: " + e);
+			}
+		}
+
+		public int Version
+		{
+			get { return req.Version.Value.IntValue; }
+		}
+
+		public string MessageImprintAlgOid
+		{
+            get { return req.MessageImprint.HashAlgorithm.Algorithm.Id; }
+		}
+
+		public byte[] GetMessageImprintDigest()
+		{
+			return req.MessageImprint.GetHashedMessage();
+		}
+
+		public string ReqPolicy
+		{
+			get
+			{
+				return req.ReqPolicy == null
+					?	null
+					:	req.ReqPolicy.Id;
+			}
+		}
+
+		public BigInteger Nonce
+		{
+			get
+			{
+				return req.Nonce == null
+					?	null
+					:	req.Nonce.Value;
+			}
+		}
+
+		public bool CertReq
+		{
+			get
+			{
+				return req.CertReq == null
+					?	false
+					:	req.CertReq.IsTrue;
+			}
+		}
+
+		/**
+		* Validate the timestamp request, checking the digest to see if it is of an
+		* accepted type and whether it is of the correct length for the algorithm specified.
+		*
+		* @param algorithms a set of string OIDS giving accepted algorithms.
+		* @param policies if non-null a set of policies we are willing to sign under.
+		* @param extensions if non-null a set of extensions we are willing to accept.
+		* @throws TspException if the request is invalid, or processing fails.
+		*/
+		public void Validate(
+			IList algorithms,
+			IList policies,
+			IList extensions)
+		{
+			if (!algorithms.Contains(this.MessageImprintAlgOid))
+				throw new TspValidationException("request contains unknown algorithm", PkiFailureInfo.BadAlg);
+
+            if (policies != null && this.ReqPolicy != null && !policies.Contains(this.ReqPolicy))
+				throw new TspValidationException("request contains unknown policy", PkiFailureInfo.UnacceptedPolicy);
+
+            if (this.Extensions != null && extensions != null)
+			{
+				foreach (DerObjectIdentifier oid in this.Extensions.ExtensionOids)
+				{
+					if (!extensions.Contains(oid.Id))
+						throw new TspValidationException("request contains unknown extension", PkiFailureInfo.UnacceptedExtension);
+				}
+			}
+
+			int digestLength = TspUtil.GetDigestLength(this.MessageImprintAlgOid);
+
+			if (digestLength != this.GetMessageImprintDigest().Length)
+				throw new TspValidationException("imprint digest the wrong length", PkiFailureInfo.BadDataFormat);
+		}
+
+		/**
+		 * return the ASN.1 encoded representation of this object.
+		 */
+		public byte[] GetEncoded()
+		{
+			return req.GetEncoded();
+		}
+
+		internal X509Extensions Extensions
+		{
+			get { return req.Extensions; }
+		}
+		
+		public virtual bool HasExtensions
+		{
+			get { return extensions != null; }
+		}
+
+		public virtual X509Extension GetExtension(DerObjectIdentifier oid)
+		{
+			return extensions == null ? null : extensions.GetExtension(oid);
+		}
+
+		public virtual IList GetExtensionOids()
+		{
+			return TspUtil.GetExtensionOids(extensions);
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return Extensions;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampRequestGenerator.cs b/bc-sharp-crypto/src/tsp/TimeStampRequestGenerator.cs
new file mode 100644
index 0000000..2c698e4
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampRequestGenerator.cs
@@ -0,0 +1,139 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Tsp
+{
+	/**
+	 * Generator for RFC 3161 Time Stamp Request objects.
+	 */
+	public class TimeStampRequestGenerator
+	{
+		private DerObjectIdentifier reqPolicy;
+
+		private DerBoolean certReq;
+
+		private IDictionary extensions = Platform.CreateHashtable();
+        private IList       extOrdering = Platform.CreateArrayList();
+
+		public void SetReqPolicy(
+			string reqPolicy)
+		{
+			this.reqPolicy = new DerObjectIdentifier(reqPolicy);
+		}
+
+		public void SetCertReq(
+			bool certReq)
+		{
+			this.certReq = DerBoolean.GetInstance(certReq);
+		}
+
+		/**
+		 * add a given extension field for the standard extensions tag (tag 3)
+		 * @throws IOException
+		 */
+		[Obsolete("Use method taking DerObjectIdentifier")]
+		public void AddExtension(
+			string			oid,
+			bool			critical,
+			Asn1Encodable	value)
+		{
+			this.AddExtension(oid, critical, value.GetEncoded());
+		}
+
+		/**
+		* add a given extension field for the standard extensions tag
+		* The value parameter becomes the contents of the octet string associated
+		* with the extension.
+		*/
+		[Obsolete("Use method taking DerObjectIdentifier")]
+		public void AddExtension(
+			string	oid,
+			bool	critical,
+			byte[]	value)
+		{
+			DerObjectIdentifier derOid = new DerObjectIdentifier(oid);
+			extensions[derOid] = new X509Extension(critical, new DerOctetString(value));
+			extOrdering.Add(derOid);
+		}
+
+		/**
+		 * add a given extension field for the standard extensions tag (tag 3)
+		 * @throws IOException
+		 */
+		public virtual void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			Asn1Encodable 		extValue)
+		{
+			this.AddExtension(oid, critical, extValue.GetEncoded());
+		}
+
+		/**
+		 * add a given extension field for the standard extensions tag
+		 * The value parameter becomes the contents of the octet string associated
+		 * with the extension.
+		 */
+		public virtual void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			byte[]				extValue)
+		{
+			extensions.Add(oid, new X509Extension(critical, new DerOctetString(extValue)));
+			extOrdering.Add(oid);
+		}
+
+		public TimeStampRequest Generate(
+			string	digestAlgorithm,
+			byte[]	digest)
+		{
+			return this.Generate(digestAlgorithm, digest, null);
+		}
+
+		public TimeStampRequest Generate(
+			string		digestAlgorithmOid,
+			byte[]		digest,
+			BigInteger	nonce)
+		{
+			if (digestAlgorithmOid == null)
+			{
+				throw new ArgumentException("No digest algorithm specified");
+			}
+
+			DerObjectIdentifier digestAlgOid = new DerObjectIdentifier(digestAlgorithmOid);
+
+			AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOid, DerNull.Instance);
+			MessageImprint messageImprint = new MessageImprint(algID, digest);
+
+			X509Extensions  ext = null;
+
+			if (extOrdering.Count != 0)
+			{
+				ext = new X509Extensions(extOrdering, extensions);
+			}
+
+			DerInteger derNonce = nonce == null
+				?	null
+				:	new DerInteger(nonce);
+
+			return new TimeStampRequest(
+				new TimeStampReq(messageImprint, reqPolicy, derNonce, certReq, ext));
+		}
+
+		public virtual TimeStampRequest Generate(DerObjectIdentifier digestAlgorithm, byte[] digest)
+		{
+			return Generate(digestAlgorithm.Id, digest);
+		}
+
+		public virtual TimeStampRequest Generate(DerObjectIdentifier digestAlgorithm, byte[] digest, BigInteger nonce)
+		{
+			return Generate(digestAlgorithm.Id, digest, nonce);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampResponse.cs b/bc-sharp-crypto/src/tsp/TimeStampResponse.cs
new file mode 100644
index 0000000..0695211
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampResponse.cs
@@ -0,0 +1,184 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Tsp
+{
+	/**
+	 * Base class for an RFC 3161 Time Stamp Response object.
+	 */
+	public class TimeStampResponse
+	{
+		private TimeStampResp	resp;
+		private TimeStampToken	timeStampToken;
+
+		public TimeStampResponse(
+			TimeStampResp resp)
+		{
+			this.resp = resp;
+
+			if (resp.TimeStampToken != null)
+			{
+				timeStampToken = new TimeStampToken(resp.TimeStampToken);
+			}
+		}
+
+		/**
+		* Create a TimeStampResponse from a byte array containing an ASN.1 encoding.
+		*
+		* @param resp the byte array containing the encoded response.
+		* @throws TspException if the response is malformed.
+		* @throws IOException if the byte array doesn't represent an ASN.1 encoding.
+		*/
+		public TimeStampResponse(
+			byte[] resp)
+			: this(readTimeStampResp(new Asn1InputStream(resp)))
+		{
+		}
+
+		/**
+		 * Create a TimeStampResponse from an input stream containing an ASN.1 encoding.
+		 *
+		 * @param input the input stream containing the encoded response.
+		 * @throws TspException if the response is malformed.
+		 * @throws IOException if the stream doesn't represent an ASN.1 encoding.
+		 */
+		public TimeStampResponse(
+			Stream input)
+			: this(readTimeStampResp(new Asn1InputStream(input)))
+		{
+		}
+
+		private static TimeStampResp readTimeStampResp(
+			Asn1InputStream input)
+		{
+			try
+			{
+				return TimeStampResp.GetInstance(input.ReadObject());
+			}
+			catch (ArgumentException e)
+			{
+				throw new TspException("malformed timestamp response: " + e, e);
+			}
+			catch (InvalidCastException e)
+			{
+				throw new TspException("malformed timestamp response: " + e, e);
+			}
+		}
+
+		public int Status
+		{
+			get { return resp.Status.Status.IntValue; }
+		}
+
+		public string GetStatusString()
+		{
+			if (resp.Status.StatusString == null)
+			{
+				return null;
+			}
+
+			StringBuilder statusStringBuf = new StringBuilder();
+			PkiFreeText text = resp.Status.StatusString;
+			for (int i = 0; i != text.Count; i++)
+			{
+				statusStringBuf.Append(text[i].GetString());
+			}
+
+			return statusStringBuf.ToString();
+		}
+
+		public PkiFailureInfo GetFailInfo()
+		{
+			if (resp.Status.FailInfo == null)
+			{
+				return null;
+			}
+
+			return new PkiFailureInfo(resp.Status.FailInfo);
+		}
+
+		public TimeStampToken TimeStampToken
+		{
+			get { return timeStampToken; }
+		}
+
+		/**
+		 * Check this response against to see if it a well formed response for
+		 * the passed in request. Validation will include checking the time stamp
+		 * token if the response status is GRANTED or GRANTED_WITH_MODS.
+		 *
+		 * @param request the request to be checked against
+		 * @throws TspException if the request can not match this response.
+		 */
+		public void Validate(
+			TimeStampRequest request)
+		{
+			TimeStampToken tok = this.TimeStampToken;
+
+			if (tok != null)
+			{
+				TimeStampTokenInfo tstInfo = tok.TimeStampInfo;
+
+				if (request.Nonce != null && !request.Nonce.Equals(tstInfo.Nonce))
+				{
+					throw new TspValidationException("response contains wrong nonce value.");
+				}
+
+				if (this.Status != (int) PkiStatus.Granted && this.Status != (int) PkiStatus.GrantedWithMods)
+				{
+					throw new TspValidationException("time stamp token found in failed request.");
+				}
+
+				if (!Arrays.ConstantTimeAreEqual(request.GetMessageImprintDigest(), tstInfo.GetMessageImprintDigest()))
+				{
+					throw new TspValidationException("response for different message imprint digest.");
+				}
+
+				if (!tstInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid))
+				{
+					throw new TspValidationException("response for different message imprint algorithm.");
+				}
+
+				Asn1.Cms.Attribute scV1 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
+				Asn1.Cms.Attribute scV2 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
+
+				if (scV1 == null && scV2 == null)
+				{
+					throw new TspValidationException("no signing certificate attribute present.");
+				}
+
+				if (scV1 != null && scV2 != null)
+				{
+					/*
+					 * RFC 5035 5.4. If both attributes exist in a single message,
+					 * they are independently evaluated. 
+					 */
+				}
+
+				if (request.ReqPolicy != null && !request.ReqPolicy.Equals(tstInfo.Policy))
+				{
+					throw new TspValidationException("TSA policy wrong for request.");
+				}
+			}
+			else if (this.Status == (int) PkiStatus.Granted || this.Status == (int) PkiStatus.GrantedWithMods)
+			{
+				throw new TspValidationException("no time stamp token found and one expected.");
+			}
+		}
+
+		/**
+		 * return the ASN.1 encoded representation of this object.
+		 */
+		public byte[] GetEncoded()
+		{
+			return resp.GetEncoded();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampResponseGenerator.cs b/bc-sharp-crypto/src/tsp/TimeStampResponseGenerator.cs
new file mode 100644
index 0000000..b596f8d
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampResponseGenerator.cs
@@ -0,0 +1,209 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Tsp
+{
+    /**
+     * Generator for RFC 3161 Time Stamp Responses.
+     */
+    public class TimeStampResponseGenerator
+    {
+        private PkiStatus status;
+
+        private Asn1EncodableVector statusStrings;
+
+        private int failInfo;
+        private TimeStampTokenGenerator tokenGenerator;
+        private IList acceptedAlgorithms;
+        private IList acceptedPolicies;
+        private IList acceptedExtensions;
+
+        public TimeStampResponseGenerator(
+            TimeStampTokenGenerator tokenGenerator,
+            IList acceptedAlgorithms)
+            : this(tokenGenerator, acceptedAlgorithms, null, null)
+        {
+        }
+
+        public TimeStampResponseGenerator(
+            TimeStampTokenGenerator tokenGenerator,
+            IList acceptedAlgorithms,
+            IList acceptedPolicy)
+            : this(tokenGenerator, acceptedAlgorithms, acceptedPolicy, null)
+        {
+        }
+
+        public TimeStampResponseGenerator(
+            TimeStampTokenGenerator tokenGenerator,
+            IList acceptedAlgorithms,
+            IList acceptedPolicies,
+            IList acceptedExtensions)
+        {
+            this.tokenGenerator = tokenGenerator;
+            this.acceptedAlgorithms = acceptedAlgorithms;
+            this.acceptedPolicies = acceptedPolicies;
+            this.acceptedExtensions = acceptedExtensions;
+
+            statusStrings = new Asn1EncodableVector();
+        }
+
+        private void AddStatusString(string statusString)
+        {
+            statusStrings.Add(new DerUtf8String(statusString));
+        }
+
+        private void SetFailInfoField(int field)
+        {
+            failInfo |= field;
+        }
+
+        private PkiStatusInfo GetPkiStatusInfo()
+        {
+            Asn1EncodableVector v = new Asn1EncodableVector(
+                new DerInteger((int)status));
+
+            if (statusStrings.Count > 0)
+            {
+                v.Add(new PkiFreeText(new DerSequence(statusStrings)));
+            }
+
+            if (failInfo != 0)
+            {
+                v.Add(new FailInfo(failInfo));
+            }
+
+            return new PkiStatusInfo(new DerSequence(v));
+        }
+
+        public TimeStampResponse Generate(
+            TimeStampRequest request,
+            BigInteger serialNumber,
+            DateTime genTime)
+        {
+            return Generate(request, serialNumber, new DateTimeObject(genTime));
+        }
+
+        /**
+         * Return an appropriate TimeStampResponse.
+         * <p>
+         * If genTime is null a timeNotAvailable error response will be returned.
+         *
+         * @param request the request this response is for.
+         * @param serialNumber serial number for the response token.
+         * @param genTime generation time for the response token.
+         * @param provider provider to use for signature calculation.
+         * @return
+         * @throws NoSuchAlgorithmException
+         * @throws NoSuchProviderException
+         * @throws TSPException
+         * </p>
+         */
+        public TimeStampResponse Generate(
+            TimeStampRequest request,
+            BigInteger serialNumber,
+            DateTimeObject genTime)
+        {
+            TimeStampResp resp;
+
+            try
+            {
+                if (genTime == null)
+                    throw new TspValidationException("The time source is not available.",
+                        PkiFailureInfo.TimeNotAvailable);
+
+                request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);
+
+                this.status = PkiStatus.Granted;
+                this.AddStatusString("Operation Okay");
+
+                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
+
+                ContentInfo tstTokenContentInfo;
+                try
+                {
+                    TimeStampToken token = tokenGenerator.Generate(request, serialNumber, genTime.Value);
+                    byte[] encoded = token.ToCmsSignedData().GetEncoded();
+
+                    tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded));
+                }
+                catch (IOException e)
+                {
+                    throw new TspException("Timestamp token received cannot be converted to ContentInfo", e);
+                }
+
+                resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo);
+            }
+            catch (TspValidationException e)
+            {
+                status = PkiStatus.Rejection;
+
+                this.SetFailInfoField(e.FailureCode);
+                this.AddStatusString(e.Message);
+
+                PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
+
+                resp = new TimeStampResp(pkiStatusInfo, null);
+            }
+
+            try
+            {
+                return new TimeStampResponse(resp);
+            }
+            catch (IOException e)
+            {
+                throw new TspException("created badly formatted response!", e);
+            }
+        }
+
+        class FailInfo
+            : DerBitString
+        {
+            internal FailInfo(int failInfoValue)
+                : base(failInfoValue)
+            {
+            }
+        }
+
+        /**
+         * Generate a TimeStampResponse with chosen status and FailInfoField.
+         *
+         * @param status the PKIStatus to set.
+         * @param failInfoField the FailInfoField to set.
+         * @param statusString an optional string describing the failure.
+         * @return a TimeStampResponse with a failInfoField and optional statusString
+         * @throws TSPException in case the response could not be created
+         */
+        public TimeStampResponse GenerateFailResponse(PkiStatus status, int failInfoField, string statusString)
+        {
+            this.status = status;
+
+            this.SetFailInfoField(failInfoField);
+
+            if (statusString != null)
+            {
+                this.AddStatusString(statusString);
+            }
+
+            PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo();
+
+            TimeStampResp resp = new TimeStampResp(pkiStatusInfo, null);
+
+            try
+            {
+                return new TimeStampResponse(resp);
+            }
+            catch (IOException e)
+            {
+                throw new TspException("created badly formatted response!", e);
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampToken.cs b/bc-sharp-crypto/src/tsp/TimeStampToken.cs
new file mode 100644
index 0000000..105208a
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampToken.cs
@@ -0,0 +1,305 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ess;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tsp
+{
+	public class TimeStampToken
+	{
+		private readonly CmsSignedData		tsToken;
+		private readonly SignerInformation	tsaSignerInfo;
+//		private readonly DateTime			genTime;
+		private readonly TimeStampTokenInfo	tstInfo;
+		private readonly CertID				certID;
+
+		public TimeStampToken(
+			Asn1.Cms.ContentInfo contentInfo)
+			: this(new CmsSignedData(contentInfo))
+		{
+		}
+
+		public TimeStampToken(
+			CmsSignedData signedData)
+		{
+			this.tsToken = signedData;
+
+			if (!this.tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo))
+			{
+				throw new TspValidationException("ContentInfo object not for a time stamp.");
+			}
+
+			ICollection signers = tsToken.GetSignerInfos().GetSigners();
+
+			if (signers.Count != 1)
+			{
+				throw new ArgumentException("Time-stamp token signed by "
+					+ signers.Count
+					+ " signers, but it must contain just the TSA signature.");
+			}
+
+
+			IEnumerator signerEnum = signers.GetEnumerator();
+
+			signerEnum.MoveNext();
+			tsaSignerInfo = (SignerInformation) signerEnum.Current;
+
+			try
+			{
+				CmsProcessable content = tsToken.SignedContent;
+				MemoryStream bOut = new MemoryStream();
+
+				content.Write(bOut);
+
+				this.tstInfo = new TimeStampTokenInfo(
+					TstInfo.GetInstance(
+						Asn1Object.FromByteArray(bOut.ToArray())));
+
+				Asn1.Cms.Attribute attr = tsaSignerInfo.SignedAttributes[
+					PkcsObjectIdentifiers.IdAASigningCertificate];
+
+//				if (attr == null)
+//				{
+//					throw new TspValidationException(
+//						"no signing certificate attribute found, time stamp invalid.");
+//				}
+//
+//				SigningCertificate signCert = SigningCertificate.GetInstance(
+//					attr.AttrValues[0]);
+//
+//				this.certID = EssCertID.GetInstance(signCert.GetCerts()[0]);
+
+				if (attr != null)
+				{
+					SigningCertificate signCert = SigningCertificate.GetInstance(attr.AttrValues[0]);
+
+					this.certID = new CertID(EssCertID.GetInstance(signCert.GetCerts()[0]));
+				}
+				else
+				{
+					attr = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
+
+					if (attr == null)
+						throw new TspValidationException("no signing certificate attribute found, time stamp invalid.");
+
+					SigningCertificateV2 signCertV2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]);
+
+					this.certID = new CertID(EssCertIDv2.GetInstance(signCertV2.GetCerts()[0]));
+				}
+			}
+			catch (CmsException e)
+			{
+				throw new TspException(e.Message, e.InnerException);
+			}
+		}
+
+		public TimeStampTokenInfo TimeStampInfo
+		{
+			get { return tstInfo; }
+		}
+
+		public SignerID SignerID
+		{
+			get { return tsaSignerInfo.SignerID; }
+		}
+
+		public Asn1.Cms.AttributeTable SignedAttributes
+		{
+			get { return tsaSignerInfo.SignedAttributes; }
+		}
+
+		public Asn1.Cms.AttributeTable UnsignedAttributes
+		{
+			get { return tsaSignerInfo.UnsignedAttributes; }
+		}
+
+		public IX509Store GetCertificates(
+			string type)
+		{
+			return tsToken.GetCertificates(type);
+		}
+
+		public IX509Store GetCrls(
+			string type)
+		{
+			return tsToken.GetCrls(type);
+		}
+
+	    public IX509Store GetAttributeCertificates(
+			string type)
+	    {
+	        return tsToken.GetAttributeCertificates(type);
+	    }
+
+		/**
+		 * Validate the time stamp token.
+		 * <p>
+		 * To be valid the token must be signed by the passed in certificate and
+		 * the certificate must be the one referred to by the SigningCertificate
+		 * attribute included in the hashed attributes of the token. The
+		 * certificate must also have the ExtendedKeyUsageExtension with only
+		 * KeyPurposeID.IdKPTimeStamping and have been valid at the time the
+		 * timestamp was created.
+		 * </p>
+		 * <p>
+		 * A successful call to validate means all the above are true.
+		 * </p>
+		 */
+		public void Validate(
+			X509Certificate cert)
+		{
+			try
+			{
+				byte[] hash = DigestUtilities.CalculateDigest(
+					certID.GetHashAlgorithmName(), cert.GetEncoded());
+
+				if (!Arrays.ConstantTimeAreEqual(certID.GetCertHash(), hash))
+				{
+					throw new TspValidationException("certificate hash does not match certID hash.");
+				}
+
+				if (certID.IssuerSerial != null)
+				{
+					if (!certID.IssuerSerial.Serial.Value.Equals(cert.SerialNumber))
+					{
+						throw new TspValidationException("certificate serial number does not match certID for signature.");
+					}
+
+					GeneralName[] names = certID.IssuerSerial.Issuer.GetNames();
+					X509Name principal = PrincipalUtilities.GetIssuerX509Principal(cert);
+					bool found = false;
+
+					for (int i = 0; i != names.Length; i++)
+					{
+						if (names[i].TagNo == 4
+							&& X509Name.GetInstance(names[i].Name).Equivalent(principal))
+						{
+							found = true;
+							break;
+						}
+					}
+
+					if (!found)
+					{
+						throw new TspValidationException("certificate name does not match certID for signature. ");
+					}
+				}
+
+				TspUtil.ValidateCertificate(cert);
+
+				cert.CheckValidity(tstInfo.GenTime);
+
+				if (!tsaSignerInfo.Verify(cert))
+				{
+					throw new TspValidationException("signature not created by certificate.");
+				}
+			}
+			catch (CmsException e)
+			{
+				if (e.InnerException != null)
+				{
+					throw new TspException(e.Message, e.InnerException);
+				}
+
+				throw new TspException("CMS exception: " + e, e);
+			}
+			catch (CertificateEncodingException e)
+			{
+				throw new TspException("problem processing certificate: " + e, e);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new TspException("cannot find algorithm: " + e.Message, e);
+			}
+		}
+
+		/**
+		 * Return the underlying CmsSignedData object.
+		 *
+		 * @return the underlying CMS structure.
+		 */
+		public CmsSignedData ToCmsSignedData()
+		{
+			return tsToken;
+		}
+
+		/**
+		 * Return a ASN.1 encoded byte stream representing the encoded object.
+		 *
+		 * @throws IOException if encoding fails.
+		 */
+		public byte[] GetEncoded()
+		{
+			return tsToken.GetEncoded();
+		}
+
+
+		// perhaps this should be done using an interface on the ASN.1 classes...
+		private class CertID
+		{
+			private EssCertID certID;
+			private EssCertIDv2 certIDv2;
+
+			internal CertID(EssCertID certID)
+			{
+				this.certID = certID;
+				this.certIDv2 = null;
+			}
+
+			internal CertID(EssCertIDv2 certID)
+			{
+				this.certIDv2 = certID;
+				this.certID = null;
+			}
+
+			public string GetHashAlgorithmName()
+			{
+				if (certID != null)
+					return "SHA-1";
+
+                if (NistObjectIdentifiers.IdSha256.Equals(certIDv2.HashAlgorithm.Algorithm))
+					return "SHA-256";
+
+                return certIDv2.HashAlgorithm.Algorithm.Id;
+			}
+
+			public AlgorithmIdentifier GetHashAlgorithm()
+			{
+				return (certID != null)
+					?	new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1)
+					:	certIDv2.HashAlgorithm;
+			}
+
+			public byte[] GetCertHash()
+			{
+				return certID != null
+					?	certID.GetCertHash()
+					:	certIDv2.GetCertHash();
+			}
+
+			public IssuerSerial IssuerSerial
+			{
+				get
+				{
+					return certID != null
+						?	certID.IssuerSerial
+						:	certIDv2.IssuerSerial;
+				}
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampTokenGenerator.cs b/bc-sharp-crypto/src/tsp/TimeStampTokenGenerator.cs
new file mode 100644
index 0000000..07eddd4
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampTokenGenerator.cs
@@ -0,0 +1,245 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Ess;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.Tsp
+{
+	public class TimeStampTokenGenerator
+	{
+		private int accuracySeconds = -1;
+		private int accuracyMillis = -1;
+		private int accuracyMicros = -1;
+		private bool ordering = false;
+		private GeneralName tsa = null;
+		private string tsaPolicyOID;
+
+		private AsymmetricKeyParameter	key;
+		private X509Certificate			cert;
+		private string					digestOID;
+		private Asn1.Cms.AttributeTable	signedAttr;
+		private Asn1.Cms.AttributeTable	unsignedAttr;
+		private IX509Store				x509Certs;
+		private IX509Store				x509Crls;
+
+		/**
+		 * basic creation - only the default attributes will be included here.
+		 */
+		public TimeStampTokenGenerator(
+			AsymmetricKeyParameter	key,
+			X509Certificate			cert,
+			string					digestOID,
+			string					tsaPolicyOID)
+			: this(key, cert, digestOID, tsaPolicyOID, null, null)
+		{
+		}
+
+		/**
+		 * create with a signer with extra signed/unsigned attributes.
+		 */
+		public TimeStampTokenGenerator(
+			AsymmetricKeyParameter	key,
+			X509Certificate			cert,
+			string					digestOID,
+			string					tsaPolicyOID,
+			Asn1.Cms.AttributeTable	signedAttr,
+			Asn1.Cms.AttributeTable	unsignedAttr)
+		{
+			this.key = key;
+			this.cert = cert;
+			this.digestOID = digestOID;
+			this.tsaPolicyOID = tsaPolicyOID;
+			this.unsignedAttr = unsignedAttr;
+
+			TspUtil.ValidateCertificate(cert);
+
+			//
+			// Add the ESSCertID attribute
+			//
+			IDictionary signedAttrs;
+			if (signedAttr != null)
+			{
+				signedAttrs = signedAttr.ToDictionary();
+			}
+			else
+			{
+				signedAttrs = Platform.CreateHashtable();
+			}
+
+			try
+			{
+				byte[] hash = DigestUtilities.CalculateDigest("SHA-1", cert.GetEncoded());
+
+				EssCertID essCertid = new EssCertID(hash);
+
+				Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(
+					PkcsObjectIdentifiers.IdAASigningCertificate,
+					new DerSet(new SigningCertificate(essCertid)));
+
+				signedAttrs[attr.AttrType] = attr;
+			}
+			catch (CertificateEncodingException e)
+			{
+				throw new TspException("Exception processing certificate.", e);
+			}
+			catch (SecurityUtilityException e)
+			{
+				throw new TspException("Can't find a SHA-1 implementation.", e);
+			}
+
+			this.signedAttr = new Asn1.Cms.AttributeTable(signedAttrs);
+		}
+
+		public void SetCertificates(
+			IX509Store certificates)
+		{
+			this.x509Certs = certificates;
+		}
+
+		public void SetCrls(
+			IX509Store crls)
+		{
+			this.x509Crls = crls;
+		}
+
+		public void SetAccuracySeconds(
+			int accuracySeconds)
+		{
+			this.accuracySeconds = accuracySeconds;
+		}
+
+		public void SetAccuracyMillis(
+			int accuracyMillis)
+		{
+			this.accuracyMillis = accuracyMillis;
+		}
+
+		public void SetAccuracyMicros(
+			int accuracyMicros)
+		{
+			this.accuracyMicros = accuracyMicros;
+		}
+
+		public void SetOrdering(
+			bool ordering)
+		{
+			this.ordering = ordering;
+		}
+
+		public void SetTsa(
+			GeneralName tsa)
+		{
+			this.tsa = tsa;
+		}
+
+		//------------------------------------------------------------------------------
+
+		public TimeStampToken Generate(
+			TimeStampRequest	request,
+			BigInteger			serialNumber,
+			DateTime			genTime)
+		{
+			DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid);
+
+			AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance);
+			MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest());
+
+			Accuracy accuracy = null;
+			if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
+			{
+				DerInteger seconds = null;
+				if (accuracySeconds > 0)
+				{
+					seconds = new DerInteger(accuracySeconds);
+				}
+
+				DerInteger millis = null;
+				if (accuracyMillis > 0)
+				{
+					millis = new DerInteger(accuracyMillis);
+				}
+
+				DerInteger micros = null;
+				if (accuracyMicros > 0)
+				{
+					micros = new DerInteger(accuracyMicros);
+				}
+
+				accuracy = new Accuracy(seconds, millis, micros);
+			}
+
+			DerBoolean derOrdering = null;
+			if (ordering)
+			{
+				derOrdering = DerBoolean.GetInstance(ordering);
+			}
+
+			DerInteger nonce = null;
+			if (request.Nonce != null)
+			{
+				nonce = new DerInteger(request.Nonce);
+			}
+
+			DerObjectIdentifier tsaPolicy = new DerObjectIdentifier(tsaPolicyOID);
+			if (request.ReqPolicy != null)
+			{
+				tsaPolicy = new DerObjectIdentifier(request.ReqPolicy);
+			}
+
+			TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint,
+				new DerInteger(serialNumber), new DerGeneralizedTime(genTime), accuracy,
+				derOrdering, nonce, tsa, request.Extensions);
+
+			try
+			{
+				CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator();
+
+				byte[] derEncodedTstInfo = tstInfo.GetDerEncoded();
+
+				if (request.CertReq)
+				{
+					signedDataGenerator.AddCertificates(x509Certs);
+				}
+
+				signedDataGenerator.AddCrls(x509Crls);
+				signedDataGenerator.AddSigner(key, cert, digestOID, signedAttr, unsignedAttr);
+
+				CmsSignedData signedData = signedDataGenerator.Generate(
+					PkcsObjectIdentifiers.IdCTTstInfo.Id,
+					new CmsProcessableByteArray(derEncodedTstInfo),
+					true);
+
+				return new TimeStampToken(signedData);
+			}
+			catch (CmsException cmsEx)
+			{
+				throw new TspException("Error generating time-stamp token", cmsEx);
+			}
+			catch (IOException e)
+			{
+				throw new TspException("Exception encoding info", e);
+			}
+			catch (X509StoreException e)
+			{
+				throw new TspException("Exception handling CertStore", e);
+			}
+//			catch (InvalidAlgorithmParameterException e)
+//			{
+//				throw new TspException("Exception handling CertStore CRLs", e);
+//			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/tsp/TimeStampTokenInfo.cs b/bc-sharp-crypto/src/tsp/TimeStampTokenInfo.cs
new file mode 100644
index 0000000..cdef826
--- /dev/null
+++ b/bc-sharp-crypto/src/tsp/TimeStampTokenInfo.cs
@@ -0,0 +1,107 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Tsp;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Tsp
+{
+	public class TimeStampTokenInfo
+	{
+		private TstInfo		tstInfo;
+		private DateTime	genTime;
+
+		public TimeStampTokenInfo(
+			TstInfo tstInfo)
+		{
+			this.tstInfo = tstInfo;
+
+			try
+			{
+				this.genTime = tstInfo.GenTime.ToDateTime();
+			}
+			catch (Exception e)
+			{
+				throw new TspException("unable to parse genTime field: " + e.Message);
+			}
+		}
+
+		public bool IsOrdered
+		{
+			get { return tstInfo.Ordering.IsTrue; }
+		}
+
+		public Accuracy Accuracy
+		{
+			get { return tstInfo.Accuracy; }
+		}
+
+		public DateTime GenTime
+		{
+			get { return genTime; }
+		}
+
+		public GenTimeAccuracy GenTimeAccuracy
+		{
+			get
+			{
+				return this.Accuracy == null
+					?	null
+					:	new GenTimeAccuracy(this.Accuracy);
+			}
+		}
+
+		public string Policy
+		{
+			get { return tstInfo.Policy.Id; }
+		}
+
+		public BigInteger SerialNumber
+		{
+			get { return tstInfo.SerialNumber.Value; }
+		}
+
+		public GeneralName Tsa
+		{
+			get { return tstInfo.Tsa; }
+		}
+
+		/**
+		 * @return the nonce value, null if there isn't one.
+		 */
+		public BigInteger Nonce
+		{
+			get
+			{
+				return tstInfo.Nonce == null
+					?	null
+					:	tstInfo.Nonce.Value;
+			}
+		}
+
+		public AlgorithmIdentifier HashAlgorithm
+		{
+			get { return tstInfo.MessageImprint.HashAlgorithm; }
+		}
+
+		public string MessageImprintAlgOid
+		{
+            get { return tstInfo.MessageImprint.HashAlgorithm.Algorithm.Id; }
+		}
+
+		public byte[] GetMessageImprintDigest()
+		{
+			return tstInfo.MessageImprint.GetHashedMessage();
+		}
+
+		public byte[] GetEncoded()
+		{
+			return tstInfo.GetEncoded();
+		}
+
+		public TstInfo TstInfo
+		{
+			get { return tstInfo; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/Arrays.cs b/bc-sharp-crypto/src/util/Arrays.cs
new file mode 100644
index 0000000..df9b4e7
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Arrays.cs
@@ -0,0 +1,704 @@
+using System;
+using System.Text;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Utilities
+{
+    /// <summary> General array utilities.</summary>
+    public abstract class Arrays
+    {
+        public static bool AreEqual(
+            bool[]  a,
+            bool[]  b)
+        {
+            if (a == b)
+                return true;
+
+            if (a == null || b == null)
+                return false;
+
+            return HaveSameContents(a, b);
+        }
+
+        public static bool AreEqual(
+            char[] a,
+            char[] b)
+        {
+            if (a == b)
+                return true;
+
+            if (a == null || b == null)
+                return false;
+
+            return HaveSameContents(a, b);
+        }
+
+        /// <summary>
+        /// Are two arrays equal.
+        /// </summary>
+        /// <param name="a">Left side.</param>
+        /// <param name="b">Right side.</param>
+        /// <returns>True if equal.</returns>
+        public static bool AreEqual(
+            byte[]	a,
+            byte[]	b)
+        {
+            if (a == b)
+                return true;
+
+            if (a == null || b == null)
+                return false;
+
+            return HaveSameContents(a, b);
+        }
+
+        [Obsolete("Use 'AreEqual' method instead")]
+        public static bool AreSame(
+            byte[]	a,
+            byte[]	b)
+        {
+            return AreEqual(a, b);
+        }
+
+        /// <summary>
+        /// A constant time equals comparison - does not terminate early if
+        /// test will fail.
+        /// </summary>
+        /// <param name="a">first array</param>
+        /// <param name="b">second array</param>
+        /// <returns>true if arrays equal, false otherwise.</returns>
+        public static bool ConstantTimeAreEqual(
+            byte[]	a,
+            byte[]	b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            int cmp = 0;
+            while (i != 0)
+            {
+                --i;
+                cmp |= (a[i] ^ b[i]);
+            }
+            return cmp == 0;
+        }
+
+        public static bool AreEqual(
+            int[]	a,
+            int[]	b)
+        {
+            if (a == b)
+                return true;
+
+            if (a == null || b == null)
+                return false;
+
+            return HaveSameContents(a, b);
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static bool AreEqual(uint[] a, uint[] b)
+        {
+            if (a == b)
+                return true;
+
+            if (a == null || b == null)
+                return false;
+
+            return HaveSameContents(a, b);
+        }
+
+        private static bool HaveSameContents(
+            bool[] a,
+            bool[] b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            while (i != 0)
+            {
+                --i;
+                if (a[i] != b[i])
+                    return false;
+            }
+            return true;
+        }
+
+        private static bool HaveSameContents(
+            char[] a,
+            char[] b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            while (i != 0)
+            {
+                --i;
+                if (a[i] != b[i])
+                    return false;
+            }
+            return true;
+        }
+
+        private static bool HaveSameContents(
+            byte[]	a,
+            byte[]	b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            while (i != 0)
+            {
+                --i;
+                if (a[i] != b[i])
+                    return false;
+            }
+            return true;
+        }
+
+        private static bool HaveSameContents(
+            int[]	a,
+            int[]	b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            while (i != 0)
+            {
+                --i;
+                if (a[i] != b[i])
+                    return false;
+            }
+            return true;
+        }
+
+        private static bool HaveSameContents(uint[] a, uint[] b)
+        {
+            int i = a.Length;
+            if (i != b.Length)
+                return false;
+            while (i != 0)
+            {
+                --i;
+                if (a[i] != b[i])
+                    return false;
+            }
+            return true;
+        }
+
+        public static string ToString(
+            object[] a)
+        {
+            StringBuilder sb = new StringBuilder('[');
+            if (a.Length > 0)
+            {
+                sb.Append(a[0]);
+                for (int index = 1; index < a.Length; ++index)
+                {
+                    sb.Append(", ").Append(a[index]);
+                }
+            }
+            sb.Append(']');
+            return sb.ToString();
+        }
+
+        public static int GetHashCode(byte[] data)
+        {
+            if (data == null)
+            {
+                return 0;
+            }
+
+            int i = data.Length;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= data[i];
+            }
+
+            return hc;
+        }
+
+        public static int GetHashCode(byte[] data, int off, int len)
+        {
+            if (data == null)
+            {
+                return 0;
+            }
+
+            int i = len;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= data[off + i];
+            }
+
+            return hc;
+        }
+
+        public static int GetHashCode(int[] data)
+        {
+            if (data == null)
+                return 0;
+
+            int i = data.Length;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= data[i];
+            }
+
+            return hc;
+        }
+
+        public static int GetHashCode(int[] data, int off, int len)
+        {
+            if (data == null)
+                return 0;
+
+            int i = len;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= data[off + i];
+            }
+
+            return hc;
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static int GetHashCode(uint[] data)
+        {
+            if (data == null)
+                return 0;
+
+            int i = data.Length;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= (int)data[i];
+            }
+
+            return hc;
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static int GetHashCode(uint[] data, int off, int len)
+        {
+            if (data == null)
+                return 0;
+
+            int i = len;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                hc *= 257;
+                hc ^= (int)data[off + i];
+            }
+
+            return hc;
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static int GetHashCode(ulong[] data)
+        {
+            if (data == null)
+                return 0;
+
+            int i = data.Length;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                ulong di = data[i];
+                hc *= 257;
+                hc ^= (int)di;
+                hc *= 257;
+                hc ^= (int)(di >> 32);
+            }
+
+            return hc;
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static int GetHashCode(ulong[] data, int off, int len)
+        {
+            if (data == null)
+                return 0;
+
+            int i = len;
+            int hc = i + 1;
+
+            while (--i >= 0)
+            {
+                ulong di = data[off + i];
+                hc *= 257;
+                hc ^= (int)di;
+                hc *= 257;
+                hc ^= (int)(di >> 32);
+            }
+
+            return hc;
+        }
+
+        public static byte[] Clone(
+            byte[] data)
+        {
+            return data == null ? null : (byte[])data.Clone();
+        }
+
+        public static byte[] Clone(
+            byte[] data, 
+            byte[] existing)
+        {
+            if (data == null)
+            {
+                return null;
+            }
+            if ((existing == null) || (existing.Length != data.Length))
+            {
+                return Clone(data);
+            }
+            Array.Copy(data, 0, existing, 0, existing.Length);
+            return existing;
+        }
+
+        public static int[] Clone(
+            int[] data)
+        {
+            return data == null ? null : (int[])data.Clone();
+        }
+
+        internal static uint[] Clone(uint[] data)
+        {
+            return data == null ? null : (uint[])data.Clone();
+        }
+
+        public static long[] Clone(long[] data)
+        {
+            return data == null ? null : (long[])data.Clone();
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static ulong[] Clone(
+            ulong[] data)
+        {
+            return data == null ? null : (ulong[]) data.Clone();
+        }
+
+        [CLSCompliantAttribute(false)]
+        public static ulong[] Clone(
+            ulong[] data, 
+            ulong[] existing)
+        {
+            if (data == null)
+            {
+                return null;
+            }
+            if ((existing == null) || (existing.Length != data.Length))
+            {
+                return Clone(data);
+            }
+            Array.Copy(data, 0, existing, 0, existing.Length);
+            return existing;
+        }
+
+        public static bool Contains(byte[] a, byte n)
+        {
+            for (int i = 0; i < a.Length; ++i)
+            {
+                if (a[i] == n)
+                    return true;
+            }
+            return false;
+        }
+
+        public static bool Contains(short[] a, short n)
+        {
+            for (int i = 0; i < a.Length; ++i)
+            {
+                if (a[i] == n)
+                    return true;
+            }
+            return false;
+        }
+
+        public static bool Contains(int[] a, int n)
+        {
+            for (int i = 0; i < a.Length; ++i)
+            {
+                if (a[i] == n)
+                    return true;
+            }
+            return false;
+        }
+
+        public static void Fill(
+            byte[]	buf,
+            byte	b)
+        {
+            int i = buf.Length;
+            while (i > 0)
+            {
+                buf[--i] = b;
+            }
+        }
+
+        public static byte[] CopyOf(byte[] data, int newLength)
+        {
+            byte[] tmp = new byte[newLength];
+            Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length));
+            return tmp;
+        }
+
+        public static char[] CopyOf(char[] data, int newLength)
+        {
+            char[] tmp = new char[newLength];
+            Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length));
+            return tmp;
+        }
+
+        public static int[] CopyOf(int[] data, int newLength)
+        {
+            int[] tmp = new int[newLength];
+            Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length));
+            return tmp;
+        }
+
+        public static long[] CopyOf(long[] data, int newLength)
+        {
+            long[] tmp = new long[newLength];
+            Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length));
+            return tmp;
+        }
+
+        public static BigInteger[] CopyOf(BigInteger[] data, int newLength)
+        {
+            BigInteger[] tmp = new BigInteger[newLength];
+            Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length));
+            return tmp;
+        }
+
+        /**
+         * Make a copy of a range of bytes from the passed in data array. The range can
+         * extend beyond the end of the input array, in which case the return array will
+         * be padded with zeroes.
+         *
+         * @param data the array from which the data is to be copied.
+         * @param from the start index at which the copying should take place.
+         * @param to the final index of the range (exclusive).
+         *
+         * @return a new byte array containing the range given.
+         */
+        public static byte[] CopyOfRange(byte[] data, int from, int to)
+        {
+            int newLength = GetLength(from, to);
+            byte[] tmp = new byte[newLength];
+            Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from));
+            return tmp;
+        }
+
+        public static int[] CopyOfRange(int[] data, int from, int to)
+        {
+            int newLength = GetLength(from, to);
+            int[] tmp = new int[newLength];
+            Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from));
+            return tmp;
+        }
+
+        public static long[] CopyOfRange(long[] data, int from, int to)
+        {
+            int newLength = GetLength(from, to);
+            long[] tmp = new long[newLength];
+            Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from));
+            return tmp;
+        }
+
+        public static BigInteger[] CopyOfRange(BigInteger[] data, int from, int to)
+        {
+            int newLength = GetLength(from, to);
+            BigInteger[] tmp = new BigInteger[newLength];
+            Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from));
+            return tmp;
+        }
+
+        private static int GetLength(int from, int to)
+        {
+            int newLength = to - from;
+            if (newLength < 0)
+                throw new ArgumentException(from + " > " + to);
+            return newLength;
+        }
+
+        public static byte[] Append(byte[] a, byte b)
+        {
+            if (a == null)
+                return new byte[] { b };
+
+            int length = a.Length;
+            byte[] result = new byte[length + 1];
+            Array.Copy(a, 0, result, 0, length);
+            result[length] = b;
+            return result;
+        }
+
+        public static short[] Append(short[] a, short b)
+        {
+            if (a == null)
+                return new short[] { b };
+
+            int length = a.Length;
+            short[] result = new short[length + 1];
+            Array.Copy(a, 0, result, 0, length);
+            result[length] = b;
+            return result;
+        }
+
+        public static int[] Append(int[] a, int b)
+        {
+            if (a == null)
+                return new int[] { b };
+
+            int length = a.Length;
+            int[] result = new int[length + 1];
+            Array.Copy(a, 0, result, 0, length);
+            result[length] = b;
+            return result;
+        }
+
+        public static byte[] Concatenate(byte[] a, byte[] b)
+        {
+            if (a == null)
+                return Clone(b);
+            if (b == null)
+                return Clone(a);
+
+            byte[] rv = new byte[a.Length + b.Length];
+            Array.Copy(a, 0, rv, 0, a.Length);
+            Array.Copy(b, 0, rv, a.Length, b.Length);
+            return rv;
+        }
+
+        public static byte[] ConcatenateAll(params byte[][] vs)
+        {
+            byte[][] nonNull = new byte[vs.Length][];
+            int count = 0;
+            int totalLength = 0;
+
+            for (int i = 0; i < vs.Length; ++i)
+            {
+                byte[] v = vs[i];
+                if (v != null)
+                {
+                    nonNull[count++] = v;
+                    totalLength += v.Length;
+                }
+            }
+
+            byte[] result = new byte[totalLength];
+            int pos = 0;
+
+            for (int j = 0; j < count; ++j)
+            {
+                byte[] v = nonNull[j];
+                Array.Copy(v, 0, result, pos, v.Length);
+                pos += v.Length;
+            }
+
+            return result;
+        }
+
+        public static int[] Concatenate(int[] a, int[] b)
+        {
+            if (a == null)
+                return Clone(b);
+            if (b == null)
+                return Clone(a);
+
+            int[] rv = new int[a.Length + b.Length];
+            Array.Copy(a, 0, rv, 0, a.Length);
+            Array.Copy(b, 0, rv, a.Length, b.Length);
+            return rv;
+        }
+
+        public static byte[] Prepend(byte[] a, byte b)
+        {
+            if (a == null)
+                return new byte[] { b };
+
+            int length = a.Length;
+            byte[] result = new byte[length + 1];
+            Array.Copy(a, 0, result, 1, length);
+            result[0] = b;
+            return result;
+        }
+
+        public static short[] Prepend(short[] a, short b)
+        {
+            if (a == null)
+                return new short[] { b };
+
+            int length = a.Length;
+            short[] result = new short[length + 1];
+            Array.Copy(a, 0, result, 1, length);
+            result[0] = b;
+            return result;
+        }
+
+        public static int[] Prepend(int[] a, int b)
+        {
+            if (a == null)
+                return new int[] { b };
+
+            int length = a.Length;
+            int[] result = new int[length + 1];
+            Array.Copy(a, 0, result, 1, length);
+            result[0] = b;
+            return result;
+        }
+
+        public static byte[] Reverse(byte[] a)
+        {
+            if (a == null)
+                return null;
+
+            int p1 = 0, p2 = a.Length;
+            byte[] result = new byte[p2];
+
+            while (--p2 >= 0)
+            {
+                result[p2] = a[p1++];
+            }
+
+            return result;
+        }
+
+        public static int[] Reverse(int[] a)
+        {
+            if (a == null)
+                return null;
+
+            int p1 = 0, p2 = a.Length;
+            int[] result = new int[p2];
+
+            while (--p2 >= 0)
+            {
+                result[p2] = a[p1++];
+            }
+
+            return result;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/BigIntegers.cs b/bc-sharp-crypto/src/util/BigIntegers.cs
new file mode 100644
index 0000000..f2d0425
--- /dev/null
+++ b/bc-sharp-crypto/src/util/BigIntegers.cs
@@ -0,0 +1,90 @@
+using System;
+
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+
+namespace Org.BouncyCastle.Utilities
+{
+    /**
+     * BigInteger utilities.
+     */
+    public abstract class BigIntegers
+    {
+        private const int MaxIterations = 1000;
+
+        /**
+        * Return the passed in value as an unsigned byte array.
+        *
+        * @param value value to be converted.
+        * @return a byte array without a leading zero byte if present in the signed encoding.
+        */
+        public static byte[] AsUnsignedByteArray(
+            BigInteger n)
+        {
+            return n.ToByteArrayUnsigned();
+        }
+
+        /**
+         * Return the passed in value as an unsigned byte array of specified length, zero-extended as necessary.
+         *
+         * @param length desired length of result array.
+         * @param n value to be converted.
+         * @return a byte array of specified length, with leading zeroes as necessary given the size of n.
+         */
+        public static byte[] AsUnsignedByteArray(int length, BigInteger n)
+        {
+            byte[] bytes = n.ToByteArrayUnsigned();
+
+            if (bytes.Length > length)
+                throw new ArgumentException("standard length exceeded", "n");
+
+            if (bytes.Length == length)
+                return bytes;
+
+            byte[] tmp = new byte[length];
+            Array.Copy(bytes, 0, tmp, tmp.Length - bytes.Length, bytes.Length);
+            return tmp;
+        }
+
+        /**
+        * Return a random BigInteger not less than 'min' and not greater than 'max'
+        * 
+        * @param min the least value that may be generated
+        * @param max the greatest value that may be generated
+        * @param random the source of randomness
+        * @return a random BigInteger value in the range [min,max]
+        */
+        public static BigInteger CreateRandomInRange(
+            BigInteger		min,
+            BigInteger		max,
+            // TODO Should have been just Random class
+            SecureRandom	random)
+        {
+            int cmp = min.CompareTo(max);
+            if (cmp >= 0)
+            {
+                if (cmp > 0)
+                    throw new ArgumentException("'min' may not be greater than 'max'");
+
+                return min;
+            }
+
+            if (min.BitLength > max.BitLength / 2)
+            {
+                return CreateRandomInRange(BigInteger.Zero, max.Subtract(min), random).Add(min);
+            }
+
+            for (int i = 0; i < MaxIterations; ++i)
+            {
+                BigInteger x = new BigInteger(max.BitLength, random);
+                if (x.CompareTo(min) >= 0 && x.CompareTo(max) <= 0)
+                {
+                    return x;
+                }
+            }
+
+            // fall back to a faster (restricted) method
+            return new BigInteger(max.Subtract(min).BitLength - 1, random).Add(min);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/Enums.cs b/bc-sharp-crypto/src/util/Enums.cs
new file mode 100644
index 0000000..9e908c4
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Enums.cs
@@ -0,0 +1,78 @@
+using System;
+using System.Text;
+
+#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE
+using System.Collections;
+using System.Reflection;
+#endif
+
+using Org.BouncyCastle.Utilities.Date;
+
+namespace Org.BouncyCastle.Utilities
+{
+    internal abstract class Enums
+    {
+        internal static Enum GetEnumValue(System.Type enumType, string s)
+        {
+            if (!IsEnumType(enumType))
+                throw new ArgumentException("Not an enumeration type", "enumType");
+
+            // We only want to parse single named constants
+            if (s.Length > 0 && char.IsLetter(s[0]) && s.IndexOf(',') < 0)
+            {
+                s = s.Replace('-', '_');
+                s = s.Replace('/', '_');
+
+#if NETCF_1_0
+                FieldInfo field = enumType.GetField(s, BindingFlags.Static | BindingFlags.Public);
+                if (field != null)
+                {
+                    return (Enum)field.GetValue(null);
+                }
+#else
+                return (Enum)Enum.Parse(enumType, s, false);
+#endif		
+            }
+
+            throw new ArgumentException();
+        }
+
+        internal static Array GetEnumValues(System.Type enumType)
+        {
+            if (!IsEnumType(enumType))
+                throw new ArgumentException("Not an enumeration type", "enumType");
+
+#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT
+            IList result = Platform.CreateArrayList();
+            FieldInfo[] fields = enumType.GetFields(BindingFlags.Static | BindingFlags.Public);
+            foreach (FieldInfo field in fields)
+            {
+                // Note: Argument to GetValue() ignored since the fields are static,
+                //     but Silverlight for Windows Phone throws exception if we pass null
+                result.Add(field.GetValue(enumType));
+            }
+            object[] arr = new object[result.Count];
+            result.CopyTo(arr, 0);
+            return arr;
+#else
+            return Enum.GetValues(enumType);
+#endif
+        }
+
+        internal static Enum GetArbitraryValue(System.Type enumType)
+        {
+            Array values = GetEnumValues(enumType);
+            int pos = (int)(DateTimeUtilities.CurrentUnixMs() & int.MaxValue) % values.Length;
+            return (Enum)values.GetValue(pos);
+        }
+
+        internal static bool IsEnumType(System.Type t)
+        {
+#if NEW_REFLECTION
+            return t.GetTypeInfo().IsEnum;
+#else
+            return t.IsEnum;
+#endif
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/IMemoable.cs b/bc-sharp-crypto/src/util/IMemoable.cs
new file mode 100644
index 0000000..cc8a2e5
--- /dev/null
+++ b/bc-sharp-crypto/src/util/IMemoable.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities
+{
+	public interface IMemoable
+	{
+		/// <summary>
+		/// Produce a copy of this object with its configuration and in its current state.
+		/// </summary>
+		/// <remarks>
+		/// The returned object may be used simply to store the state, or may be used as a similar object
+		/// starting from the copied state.
+		/// </remarks>
+		IMemoable Copy();
+
+		/// <summary>
+		/// Restore a copied object state into this object.
+		/// </summary>
+		/// <remarks>
+		/// Implementations of this method <em>should</em> try to avoid or minimise memory allocation to perform the reset.
+		/// </remarks>
+		/// <param name="other">an object originally {@link #copy() copied} from an object of the same type as this instance.</param>
+		/// <exception cref="InvalidCastException">if the provided object is not of the correct type.</exception>
+		/// <exception cref="MemoableResetException">if the <b>other</b> parameter is in some other way invalid.</exception>
+		void Reset(IMemoable other);
+	}
+
+}
+
diff --git a/bc-sharp-crypto/src/util/Integers.cs b/bc-sharp-crypto/src/util/Integers.cs
new file mode 100644
index 0000000..ccbf872
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Integers.cs
@@ -0,0 +1,17 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities
+{
+    public abstract class Integers
+    {
+        public static int RotateLeft(int i, int distance)
+        {
+            return (i << distance) ^ (int)((uint)i >> -distance);
+        }
+
+        public static int RotateRight(int i, int distance)
+        {
+            return (int)((uint)i >> distance) ^ (i << -distance);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/MemoableResetException.cs b/bc-sharp-crypto/src/util/MemoableResetException.cs
new file mode 100644
index 0000000..99554f6
--- /dev/null
+++ b/bc-sharp-crypto/src/util/MemoableResetException.cs
@@ -0,0 +1,27 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities
+{
+    /**
+     * Exception to be thrown on a failure to reset an object implementing Memoable.
+     * <p>
+     * The exception extends InvalidCastException to enable users to have a single handling case,
+     * only introducing specific handling of this one if required.
+     * </p>
+     */
+    public class MemoableResetException
+        : InvalidCastException
+    {
+        /**
+         * Basic Constructor.
+         *
+         * @param msg message to be associated with this exception.
+         */
+        public MemoableResetException(string msg)
+            : base(msg)
+        {
+        }
+    }
+
+}
+
diff --git a/bc-sharp-crypto/src/util/Platform.cs b/bc-sharp-crypto/src/util/Platform.cs
new file mode 100644
index 0000000..8648485
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Platform.cs
@@ -0,0 +1,229 @@
+using System;
+using System.Globalization;
+using System.IO;
+using System.Text;
+
+#if SILVERLIGHT || PORTABLE
+using System.Collections.Generic;
+#else
+using System.Collections;
+#endif
+
+namespace Org.BouncyCastle.Utilities
+{
+    internal abstract class Platform
+    {
+        private static readonly CompareInfo InvariantCompareInfo = CultureInfo.InvariantCulture.CompareInfo;
+
+#if NETCF_1_0 || NETCF_2_0
+        private static string GetNewLine()
+        {
+            MemoryStream buf = new MemoryStream();
+            StreamWriter w = new StreamWriter(buf, Encoding.UTF8);
+            w.WriteLine();
+            Dispose(w);
+            byte[] bs = buf.ToArray();
+            return Encoding.UTF8.GetString(bs, 0, bs.Length);
+        }
+#else
+        private static string GetNewLine()
+        {
+            return Environment.NewLine;
+        }
+#endif
+
+        internal static bool EqualsIgnoreCase(string a, string b)
+        {
+#if PORTABLE
+            return String.Equals(a, b, StringComparison.OrdinalIgnoreCase);
+#else
+            return ToUpperInvariant(a) == ToUpperInvariant(b);
+#endif
+        }
+
+#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE
+        internal static string GetEnvironmentVariable(
+            string variable)
+        {
+            return null;
+        }
+#else
+        internal static string GetEnvironmentVariable(
+            string variable)
+        {
+            try
+            {
+                return Environment.GetEnvironmentVariable(variable);
+            }
+            catch (System.Security.SecurityException)
+            {
+                // We don't have the required permission to read this environment variable,
+                // which is fine, just act as if it's not set
+                return null;
+            }
+        }
+#endif
+
+#if NETCF_1_0
+        internal static Exception CreateNotImplementedException(
+            string message)
+        {
+            return new Exception("Not implemented: " + message);
+        }
+
+        internal static bool Equals(
+            object	a,
+            object	b)
+        {
+            return a == b || (a != null && b != null && a.Equals(b));
+        }
+#else
+        internal static Exception CreateNotImplementedException(
+            string message)
+        {
+            return new NotImplementedException(message);
+        }
+#endif
+
+#if SILVERLIGHT || PORTABLE
+        internal static System.Collections.IList CreateArrayList()
+        {
+            return new List<object>();
+        }
+        internal static System.Collections.IList CreateArrayList(int capacity)
+        {
+            return new List<object>(capacity);
+        }
+        internal static System.Collections.IList CreateArrayList(System.Collections.ICollection collection)
+        {
+            System.Collections.IList result = new List<object>(collection.Count);
+            foreach (object o in collection)
+            {
+                result.Add(o);
+            }
+            return result;
+        }
+        internal static System.Collections.IList CreateArrayList(System.Collections.IEnumerable collection)
+        {
+            System.Collections.IList result = new List<object>();
+            foreach (object o in collection)
+            {
+                result.Add(o);
+            }
+            return result;
+        }
+        internal static System.Collections.IDictionary CreateHashtable()
+        {
+            return new Dictionary<object, object>();
+        }
+        internal static System.Collections.IDictionary CreateHashtable(int capacity)
+        {
+            return new Dictionary<object, object>(capacity);
+        }
+        internal static System.Collections.IDictionary CreateHashtable(System.Collections.IDictionary dictionary)
+        {
+            System.Collections.IDictionary result = new Dictionary<object, object>(dictionary.Count);
+            foreach (System.Collections.DictionaryEntry entry in dictionary)
+            {
+                result.Add(entry.Key, entry.Value);
+            }
+            return result;
+        }
+#else
+        internal static System.Collections.IList CreateArrayList()
+        {
+            return new ArrayList();
+        }
+        internal static System.Collections.IList CreateArrayList(int capacity)
+        {
+            return new ArrayList(capacity);
+        }
+        internal static System.Collections.IList CreateArrayList(System.Collections.ICollection collection)
+        {
+            return new ArrayList(collection);
+        }
+        internal static System.Collections.IList CreateArrayList(System.Collections.IEnumerable collection)
+        {
+            ArrayList result = new ArrayList();
+            foreach (object o in collection)
+            {
+                result.Add(o);
+            }
+            return result;
+        }
+        internal static System.Collections.IDictionary CreateHashtable()
+        {
+            return new Hashtable();
+        }
+        internal static System.Collections.IDictionary CreateHashtable(int capacity)
+        {
+            return new Hashtable(capacity);
+        }
+        internal static System.Collections.IDictionary CreateHashtable(System.Collections.IDictionary dictionary)
+        {
+            return new Hashtable(dictionary);
+        }
+#endif
+
+        internal static string ToLowerInvariant(string s)
+        {
+#if PORTABLE
+            return s.ToLowerInvariant();
+#else
+            return s.ToLower(CultureInfo.InvariantCulture);
+#endif
+        }
+
+        internal static string ToUpperInvariant(string s)
+        {
+#if PORTABLE
+            return s.ToUpperInvariant();
+#else
+            return s.ToUpper(CultureInfo.InvariantCulture);
+#endif
+        }
+
+        internal static readonly string NewLine = GetNewLine();
+
+#if PORTABLE
+        internal static void Dispose(IDisposable d)
+        {
+            d.Dispose();
+        }
+#else
+        internal static void Dispose(Stream s)
+        {
+            s.Close();
+        }
+        internal static void Dispose(TextWriter t)
+        {
+            t.Close();
+        }
+#endif
+
+        internal static int IndexOf(string source, string value)
+        {
+            return InvariantCompareInfo.IndexOf(source, value, CompareOptions.Ordinal);
+        }
+
+        internal static int LastIndexOf(string source, string value)
+        {
+            return InvariantCompareInfo.LastIndexOf(source, value, CompareOptions.Ordinal);
+        }
+
+        internal static bool StartsWith(string source, string prefix)
+        {
+            return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.Ordinal);
+        }
+
+        internal static bool EndsWith(string source, string suffix)
+        {
+            return InvariantCompareInfo.IsSuffix(source, suffix, CompareOptions.Ordinal);
+        }
+
+        internal static string GetTypeName(object obj)
+        {
+            return obj.GetType().FullName;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/Strings.cs b/bc-sharp-crypto/src/util/Strings.cs
new file mode 100644
index 0000000..3937a08
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Strings.cs
@@ -0,0 +1,103 @@
+using System;
+using System.Text;
+
+namespace Org.BouncyCastle.Utilities
+{
+    /// <summary> General string utilities.</summary>
+    public abstract class Strings
+    {
+        internal static bool IsOneOf(string s, params string[] candidates)
+        {
+            foreach (string candidate in candidates)
+            {
+                if (s == candidate)
+                    return true;
+            }
+            return false;
+        }
+
+        public static string FromByteArray(
+            byte[] bs)
+        {
+            char[] cs = new char[bs.Length];
+            for (int i = 0; i < cs.Length; ++i)
+            {
+                cs[i] = Convert.ToChar(bs[i]);
+            }
+            return new string(cs);
+        }
+
+        public static byte[] ToByteArray(
+            char[] cs)
+        {
+            byte[] bs = new byte[cs.Length];
+            for (int i = 0; i < bs.Length; ++i)
+            {
+                bs[i] = Convert.ToByte(cs[i]);
+            }
+            return bs;
+        }
+
+        public static byte[] ToByteArray(
+            string s)
+        {
+            byte[] bs = new byte[s.Length];
+            for (int i = 0; i < bs.Length; ++i)
+            {
+                bs[i] = Convert.ToByte(s[i]);
+            }
+            return bs;
+        }
+
+        public static string FromAsciiByteArray(
+            byte[] bytes)
+        {
+#if SILVERLIGHT || PORTABLE
+            // TODO Check for non-ASCII bytes in input?
+            return Encoding.UTF8.GetString(bytes, 0, bytes.Length);
+#else
+            return Encoding.ASCII.GetString(bytes, 0, bytes.Length);
+#endif
+        }
+
+        public static byte[] ToAsciiByteArray(
+            char[] cs)
+        {
+#if SILVERLIGHT || PORTABLE
+            // TODO Check for non-ASCII characters in input?
+            return Encoding.UTF8.GetBytes(cs);
+#else
+            return Encoding.ASCII.GetBytes(cs);
+#endif
+        }
+
+        public static byte[] ToAsciiByteArray(
+            string s)
+        {
+#if SILVERLIGHT || PORTABLE
+            // TODO Check for non-ASCII characters in input?
+            return Encoding.UTF8.GetBytes(s);
+#else
+            return Encoding.ASCII.GetBytes(s);
+#endif
+        }
+
+        public static string FromUtf8ByteArray(
+            byte[] bytes)
+        {
+            return Encoding.UTF8.GetString(bytes, 0, bytes.Length);
+        }
+
+        public static byte[] ToUtf8ByteArray(
+            char[] cs)
+        {
+            return Encoding.UTF8.GetBytes(cs);
+        }
+
+        public static byte[] ToUtf8ByteArray(
+            string s)
+        {
+            return Encoding.UTF8.GetBytes(s);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/Times.cs b/bc-sharp-crypto/src/util/Times.cs
new file mode 100644
index 0000000..99a78d2
--- /dev/null
+++ b/bc-sharp-crypto/src/util/Times.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities
+{
+    public sealed class Times
+    {
+        private static long NanosecondsPerTick = 100L;
+
+        public static long NanoTime()
+        {
+            return DateTime.UtcNow.Ticks * NanosecondsPerTick;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/TypeExtensions.cs b/bc-sharp-crypto/src/util/TypeExtensions.cs
new file mode 100644
index 0000000..e2aeae4
--- /dev/null
+++ b/bc-sharp-crypto/src/util/TypeExtensions.cs
@@ -0,0 +1,17 @@
+#if NEW_REFLECTION
+
+using System;
+using System.Reflection;
+
+namespace Org.BouncyCastle
+{
+    internal static class TypeExtensions
+    {
+        public static bool IsInstanceOfType(this Type type, object instance)
+        {
+            return instance != null && type.GetTypeInfo().IsAssignableFrom(instance.GetType().GetTypeInfo());
+        }
+    }
+}
+
+#endif
diff --git a/bc-sharp-crypto/src/util/collections/CollectionUtilities.cs b/bc-sharp-crypto/src/util/collections/CollectionUtilities.cs
new file mode 100644
index 0000000..18fcb67
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/CollectionUtilities.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Collections;
+using System.Text;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+    public abstract class CollectionUtilities
+    {
+        public static void AddRange(IList to, IEnumerable range)
+        {
+            foreach (object o in range)
+            {
+                to.Add(o);
+            }
+        }
+
+        public static bool CheckElementsAreOfType(IEnumerable e, Type t)
+        {
+            foreach (object o in e)
+            {
+                if (!t.IsInstanceOfType(o))
+                    return false;
+            }
+            return true;
+        }
+
+        public static IDictionary ReadOnly(IDictionary d)
+        {
+            return new UnmodifiableDictionaryProxy(d);
+        }
+
+        public static IList ReadOnly(IList l)
+        {
+            return new UnmodifiableListProxy(l);
+        }
+
+        public static ISet ReadOnly(ISet s)
+        {
+            return new UnmodifiableSetProxy(s);
+        }
+
+        public static string ToString(IEnumerable c)
+        {
+            StringBuilder sb = new StringBuilder("[");
+
+            IEnumerator e = c.GetEnumerator();
+
+            if (e.MoveNext())
+            {
+                sb.Append(e.Current.ToString());
+
+                while (e.MoveNext())
+                {
+                    sb.Append(", ");
+                    sb.Append(e.Current.ToString());
+                }
+            }
+
+            sb.Append(']');
+
+            return sb.ToString();
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/collections/EmptyEnumerable.cs b/bc-sharp-crypto/src/util/collections/EmptyEnumerable.cs
new file mode 100644
index 0000000..a61a078
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/EmptyEnumerable.cs
@@ -0,0 +1,44 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public sealed class EmptyEnumerable
+		: IEnumerable
+	{
+		public static readonly IEnumerable Instance = new EmptyEnumerable();
+
+		private EmptyEnumerable()
+		{
+		}
+
+		public IEnumerator GetEnumerator()
+		{
+			return EmptyEnumerator.Instance;
+		}
+	}
+
+	public sealed class EmptyEnumerator
+		: IEnumerator
+	{
+		public static readonly IEnumerator Instance = new EmptyEnumerator();
+
+		private EmptyEnumerator()
+		{
+		}
+
+		public bool MoveNext()
+		{
+			return false;
+		}
+
+		public void Reset()
+		{
+		}
+
+		public object Current
+		{
+			get { throw new InvalidOperationException("No elements"); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/EnumerableProxy.cs b/bc-sharp-crypto/src/util/collections/EnumerableProxy.cs
new file mode 100644
index 0000000..9eec4af
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/EnumerableProxy.cs
@@ -0,0 +1,25 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public sealed class EnumerableProxy
+		: IEnumerable
+	{
+		private readonly IEnumerable inner;
+
+		public EnumerableProxy(
+			IEnumerable inner)
+		{
+			if (inner == null)
+				throw new ArgumentNullException("inner");
+
+			this.inner = inner;
+		}
+
+		public IEnumerator GetEnumerator()
+		{
+			return inner.GetEnumerator();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/HashSet.cs b/bc-sharp-crypto/src/util/collections/HashSet.cs
new file mode 100644
index 0000000..1facb58
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/HashSet.cs
@@ -0,0 +1,99 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public class HashSet
+		: ISet
+	{
+		private readonly IDictionary impl = Platform.CreateHashtable();
+
+		public HashSet()
+		{
+		}
+
+		public HashSet(IEnumerable s)
+		{
+			foreach (object o in s)
+			{
+				Add(o);
+			}
+		}
+
+		public virtual void Add(object o)
+		{
+			impl[o] = null;
+		}
+
+		public virtual void AddAll(IEnumerable e)
+		{
+			foreach (object o in e)
+			{
+				Add(o);
+			}
+		}
+
+		public virtual void Clear()
+		{
+			impl.Clear();
+		}
+
+		public virtual bool Contains(object o)
+		{
+			return impl.Contains(o);
+		}
+
+		public virtual void CopyTo(Array array, int index)
+		{
+			impl.Keys.CopyTo(array, index);
+		}
+
+		public virtual int Count
+		{
+			get { return impl.Count; }
+		}
+
+		public virtual IEnumerator GetEnumerator()
+		{
+			return impl.Keys.GetEnumerator();
+		}
+
+		public virtual bool IsEmpty
+		{
+			get { return impl.Count == 0; }
+		}
+
+		public virtual bool IsFixedSize
+		{
+			get { return impl.IsFixedSize; }
+		}
+
+		public virtual bool IsReadOnly
+		{
+			get { return impl.IsReadOnly; }
+		}
+
+		public virtual bool IsSynchronized
+		{
+			get { return impl.IsSynchronized; }
+		}
+
+		public virtual void Remove(object o)
+		{
+			impl.Remove(o);
+		}
+
+		public virtual void RemoveAll(IEnumerable e)
+		{
+			foreach (object o in e)
+			{
+				Remove(o);
+			}
+		}
+
+		public virtual object SyncRoot
+		{
+			get { return impl.SyncRoot; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/ISet.cs b/bc-sharp-crypto/src/util/collections/ISet.cs
new file mode 100644
index 0000000..1f8edba
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/ISet.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public interface ISet
+		: ICollection
+	{
+		void Add(object o);
+		void AddAll(IEnumerable e);
+		void Clear();
+		bool Contains(object o);
+		bool IsEmpty { get; }
+		bool IsFixedSize { get; }
+		bool IsReadOnly { get; }
+		void Remove(object o);
+		void RemoveAll(IEnumerable e);
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/LinkedDictionary.cs b/bc-sharp-crypto/src/util/collections/LinkedDictionary.cs
new file mode 100644
index 0000000..933d38d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/LinkedDictionary.cs
@@ -0,0 +1,178 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public class LinkedDictionary
+		: IDictionary
+	{
+		internal readonly IDictionary hash = Platform.CreateHashtable();
+		internal readonly IList keys = Platform.CreateArrayList();
+
+		public LinkedDictionary()
+		{
+		}
+
+		public virtual void Add(object k, object v)
+		{
+			hash.Add(k, v);
+			keys.Add(k);
+		}
+
+		public virtual void Clear()
+		{
+			hash.Clear();
+			keys.Clear();
+		}
+
+		public virtual bool Contains(object k)
+		{
+			return hash.Contains(k);
+		}
+
+		public virtual void CopyTo(Array array, int index)
+		{
+			foreach (object k in keys)
+			{
+				array.SetValue(hash[k], index++);
+			}
+		}
+
+		public virtual int Count
+		{
+			get { return hash.Count; }
+		}
+
+		IEnumerator IEnumerable.GetEnumerator()
+		{
+			return GetEnumerator();
+		}
+
+		public virtual IDictionaryEnumerator GetEnumerator()
+		{
+			return new LinkedDictionaryEnumerator(this);
+		}
+
+		public virtual void Remove(object k)
+		{
+			hash.Remove(k);
+			keys.Remove(k);
+		}
+
+		public virtual bool IsFixedSize
+		{
+			get { return false; }
+		}
+
+		public virtual bool IsReadOnly
+		{
+			get { return false; }
+		}
+
+		public virtual bool IsSynchronized
+		{
+			get { return false; }
+		}
+
+		public virtual object SyncRoot
+		{
+			get { return false; }
+		}
+
+		public virtual ICollection Keys
+		{
+            get { return Platform.CreateArrayList(keys); }
+		}
+
+		public virtual ICollection Values
+		{
+			// NB: Order has to be the same as for Keys property
+			get
+			{
+                IList values = Platform.CreateArrayList(keys.Count);
+				foreach (object k in keys)
+				{
+					values.Add(hash[k]);
+				}
+				return values;
+			}
+		}
+
+		public virtual object this[object k]
+		{
+			get
+			{
+				return hash[k];
+			}
+			set
+			{
+				if (!hash.Contains(k))
+					keys.Add(k);
+				hash[k] = value;
+			}
+		}
+	}
+
+	internal class LinkedDictionaryEnumerator : IDictionaryEnumerator
+	{
+		private readonly LinkedDictionary parent;
+		private int pos = -1;
+
+		internal LinkedDictionaryEnumerator(LinkedDictionary parent)
+		{
+			this.parent = parent;
+		}
+
+		public virtual object Current
+		{
+			get { return Entry; }
+		}
+
+		public virtual DictionaryEntry Entry
+		{
+			get
+			{
+				object k = CurrentKey;
+				return new DictionaryEntry(k, parent.hash[k]);
+			}
+		}
+
+		public virtual object Key
+		{
+			get
+			{
+				return CurrentKey;
+			}
+		}
+
+		public virtual bool MoveNext()
+		{
+			if (pos >= parent.keys.Count)
+				return false;
+			return ++pos < parent.keys.Count;
+		}
+
+		public virtual void Reset()
+		{
+			this.pos = -1;
+		}
+
+		public virtual object Value
+		{
+			get
+			{
+				return parent.hash[CurrentKey];
+			}
+		}
+
+		private object CurrentKey
+		{
+			get
+			{
+				if (pos < 0 || pos >= parent.keys.Count)
+					throw new InvalidOperationException();
+				return parent.keys[pos];
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableDictionary.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableDictionary.cs
new file mode 100644
index 0000000..0bdf70a
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableDictionary.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public abstract class UnmodifiableDictionary
+		: IDictionary
+	{
+		protected UnmodifiableDictionary()
+		{
+		}
+
+		public virtual void Add(object k, object v)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void Clear()
+		{
+			throw new NotSupportedException();
+		}
+
+		public abstract bool Contains(object k);
+
+		public abstract void CopyTo(Array array, int index);
+
+		public abstract int Count { get; }
+
+		IEnumerator IEnumerable.GetEnumerator()
+		{
+			return GetEnumerator();
+		}
+
+		public abstract IDictionaryEnumerator GetEnumerator();
+
+		public virtual void Remove(object k)
+		{
+			throw new NotSupportedException();
+		}
+
+		public abstract bool IsFixedSize { get; }
+
+		public virtual bool IsReadOnly
+		{
+			get { return true; }
+		}
+
+		public abstract bool IsSynchronized { get; }
+
+		public abstract object SyncRoot { get; }
+
+		public abstract ICollection Keys { get; }
+
+		public abstract ICollection Values { get; }
+
+		public virtual object this[object k]
+		{
+			get { return GetValue(k); }
+			set { throw new NotSupportedException(); }
+		}
+
+		protected abstract object GetValue(object k);
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableDictionaryProxy.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableDictionaryProxy.cs
new file mode 100644
index 0000000..0fca909
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableDictionaryProxy.cs
@@ -0,0 +1,66 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public class UnmodifiableDictionaryProxy
+		: UnmodifiableDictionary
+	{
+		private readonly IDictionary d;
+
+		public UnmodifiableDictionaryProxy(IDictionary d)
+		{
+			this.d = d;
+		}
+
+		public override bool Contains(object k)
+		{
+			return d.Contains(k);
+		}
+
+		public override void CopyTo(Array array, int index)
+		{
+			d.CopyTo(array, index);
+		}
+
+		public override int Count
+		{
+			get { return d.Count; }
+		}
+
+		public override IDictionaryEnumerator GetEnumerator()
+		{
+			return d.GetEnumerator();
+		}
+
+		public override bool IsFixedSize
+		{
+			get { return d.IsFixedSize; }
+		}
+
+		public override bool IsSynchronized
+		{
+			get { return d.IsSynchronized; }
+		}
+
+		public override object SyncRoot
+		{
+			get { return d.SyncRoot; }
+		}
+
+		public override ICollection Keys
+		{
+			get { return d.Keys; }
+		}
+
+		public override ICollection Values
+		{
+			get { return d.Values; }
+		}
+
+		protected override object GetValue(object k)
+		{
+			return d[k];
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableList.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableList.cs
new file mode 100644
index 0000000..28e49ea
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableList.cs
@@ -0,0 +1,67 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public abstract class UnmodifiableList
+		: IList
+	{
+		protected UnmodifiableList()
+		{
+		}
+
+		public virtual int Add(object o)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void Clear()
+		{
+			throw new NotSupportedException();
+		}
+
+		public abstract bool Contains(object o);
+
+		public abstract void CopyTo(Array array, int index);
+
+		public abstract int Count { get; }
+
+		public abstract IEnumerator GetEnumerator();
+
+		public abstract int IndexOf(object o);
+
+		public virtual void Insert(int i, object o)
+		{
+			throw new NotSupportedException();
+		}
+
+		public abstract bool IsFixedSize { get; }
+
+		public virtual bool IsReadOnly
+		{
+			get { return true; }
+		}
+
+		public abstract bool IsSynchronized { get; }
+
+		public virtual void Remove(object o)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void RemoveAt(int i)
+		{
+			throw new NotSupportedException();
+		}
+
+		public abstract object SyncRoot { get; }
+		
+		public virtual object this[int i]
+		{
+			get { return GetValue(i); }
+			set { throw new NotSupportedException(); }
+		}
+
+		protected abstract object GetValue(int i);
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableListProxy.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableListProxy.cs
new file mode 100644
index 0000000..9d00737
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableListProxy.cs
@@ -0,0 +1,61 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public class UnmodifiableListProxy
+		: UnmodifiableList
+	{
+		private readonly IList l;
+
+		public UnmodifiableListProxy(IList l)
+		{
+			this.l = l;
+		}
+
+		public override bool Contains(object o)
+		{
+			return l.Contains(o);
+		}
+
+		public override void CopyTo(Array array, int index)
+		{
+			l.CopyTo(array, index);
+		}
+
+		public override int Count
+		{
+			get { return l.Count; }
+		}
+
+		public override IEnumerator GetEnumerator()
+		{
+			return l.GetEnumerator();
+		}
+
+		public override int IndexOf(object o)
+		{
+			return l.IndexOf(o);
+		}
+
+		public override bool IsFixedSize
+		{
+			get { return l.IsFixedSize; }
+		}
+
+		public override bool IsSynchronized
+		{
+			get { return l.IsSynchronized; }
+		}
+
+		public override object SyncRoot
+		{
+			get { return l.SyncRoot; }
+		}
+
+		protected override object GetValue(int i)
+		{
+			return l[i];
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableSet.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableSet.cs
new file mode 100644
index 0000000..8792815
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableSet.cs
@@ -0,0 +1,59 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public abstract class UnmodifiableSet
+		: ISet
+	{
+		protected UnmodifiableSet()
+		{
+		}
+
+		public virtual void Add(object o)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void AddAll(IEnumerable e)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void Clear()
+		{
+			throw new NotSupportedException();
+		}
+		
+		public abstract bool Contains(object o);
+
+		public abstract void CopyTo(Array array, int index);
+
+		public abstract int Count { get; }
+
+		public abstract IEnumerator GetEnumerator();
+
+		public abstract bool IsEmpty { get; }
+
+		public abstract bool IsFixedSize { get; }
+
+		public virtual bool IsReadOnly
+		{
+			get { return true; }
+		}
+
+		public abstract bool IsSynchronized { get; }
+
+		public abstract object SyncRoot { get; }
+
+		public virtual void Remove(object o)
+		{
+			throw new NotSupportedException();
+		}
+
+		public virtual void RemoveAll(IEnumerable e)
+		{
+			throw new NotSupportedException();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/collections/UnmodifiableSetProxy.cs b/bc-sharp-crypto/src/util/collections/UnmodifiableSetProxy.cs
new file mode 100644
index 0000000..e119e29
--- /dev/null
+++ b/bc-sharp-crypto/src/util/collections/UnmodifiableSetProxy.cs
@@ -0,0 +1,56 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.Utilities.Collections
+{
+	public class UnmodifiableSetProxy
+		: UnmodifiableSet
+	{
+		private readonly ISet s;
+
+		public UnmodifiableSetProxy (ISet s)
+		{
+			this.s = s;
+		}
+
+		public override bool Contains(object o)
+		{
+			return s.Contains(o);
+		}
+
+		public override void CopyTo(Array array, int index)
+		{
+			s.CopyTo(array, index);
+		}
+
+		public override int Count
+		{
+			get { return s.Count; }
+		}
+
+		public override IEnumerator GetEnumerator()
+		{
+			return s.GetEnumerator();
+		}
+
+		public override bool IsEmpty
+		{
+			get { return s.IsEmpty; }
+		}
+
+		public override bool IsFixedSize
+		{
+			get { return s.IsFixedSize; }
+		}
+
+		public override bool IsSynchronized
+		{
+			get { return s.IsSynchronized; }
+		}
+
+		public override object SyncRoot
+		{
+			get { return s.SyncRoot; }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/date/DateTimeObject.cs b/bc-sharp-crypto/src/util/date/DateTimeObject.cs
new file mode 100644
index 0000000..793376b
--- /dev/null
+++ b/bc-sharp-crypto/src/util/date/DateTimeObject.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Date
+{
+	public sealed class DateTimeObject
+	{
+		private readonly DateTime dt;
+
+		public DateTimeObject(
+			DateTime dt)
+		{
+			this.dt = dt;
+		}
+
+		public DateTime Value
+		{
+			get { return dt; }
+		}
+
+		public override string ToString()
+		{
+			return dt.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/date/DateTimeUtilities.cs b/bc-sharp-crypto/src/util/date/DateTimeUtilities.cs
new file mode 100644
index 0000000..311ad5d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/date/DateTimeUtilities.cs
@@ -0,0 +1,47 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Date
+{
+	public class DateTimeUtilities
+	{
+		public static readonly DateTime UnixEpoch = new DateTime(1970, 1, 1);
+
+		private DateTimeUtilities()
+		{
+		}
+
+		/// <summary>
+		/// Return the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC) for a given DateTime value.
+		/// </summary>
+		/// <param name="dateTime">A UTC DateTime value not before epoch.</param>
+		/// <returns>Number of whole milliseconds after epoch.</returns>
+		/// <exception cref="ArgumentException">'dateTime' is before epoch.</exception>
+		public static long DateTimeToUnixMs(
+			DateTime dateTime)
+		{
+			if (dateTime.CompareTo(UnixEpoch) < 0)
+				throw new ArgumentException("DateTime value may not be before the epoch", "dateTime");
+
+			return (dateTime.Ticks - UnixEpoch.Ticks) / TimeSpan.TicksPerMillisecond;
+		}
+
+		/// <summary>
+		/// Create a DateTime value from the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC).
+		/// </summary>
+		/// <param name="unixMs">Number of milliseconds since the epoch.</param>
+		/// <returns>A UTC DateTime value</returns>
+		public static DateTime UnixMsToDateTime(
+			long unixMs)
+		{
+			return new DateTime(unixMs * TimeSpan.TicksPerMillisecond + UnixEpoch.Ticks);
+		}
+
+		/// <summary>
+		/// Return the current number of milliseconds since the Unix epoch (1 Jan., 1970 UTC).
+		/// </summary>
+		public static long CurrentUnixMs()
+		{
+			return DateTimeToUnixMs(DateTime.UtcNow);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/encoders/Base64.cs b/bc-sharp-crypto/src/util/encoders/Base64.cs
new file mode 100644
index 0000000..ccecd8d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/Base64.cs
@@ -0,0 +1,120 @@
+using System;
+using System.IO;
+using System.Text;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    public sealed class Base64
+    {
+        private Base64()
+        {
+        }
+
+        public static string ToBase64String(
+            byte[] data)
+        {
+            return Convert.ToBase64String(data, 0, data.Length);
+        }
+
+        public static string ToBase64String(
+            byte[] data,
+            int off,
+            int length)
+        {
+            return Convert.ToBase64String(data, off, length);
+        }
+
+        /**
+         * encode the input data producing a base 64 encoded byte array.
+         *
+         * @return a byte array containing the base 64 encoded data.
+         */
+        public static byte[] Encode(
+            byte[] data)
+        {
+            return Encode(data, 0, data.Length);
+        }
+
+        /**
+         * encode the input data producing a base 64 encoded byte array.
+         *
+         * @return a byte array containing the base 64 encoded data.
+         */
+        public static byte[] Encode(
+            byte[] data,
+            int off,
+            int length)
+        {
+            string s = Convert.ToBase64String(data, off, length);
+            return Strings.ToAsciiByteArray(s);
+        }
+
+        /**
+         * Encode the byte data to base 64 writing it to the given output stream.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Encode(
+            byte[]	data,
+            Stream	outStream)
+        {
+            byte[] encoded = Encode(data);
+            outStream.Write(encoded, 0, encoded.Length);
+            return encoded.Length;
+        }
+
+        /**
+         * Encode the byte data to base 64 writing it to the given output stream.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Encode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            byte[] encoded = Encode(data, off, length);
+            outStream.Write(encoded, 0, encoded.Length);
+            return encoded.Length;
+        }
+
+        /**
+         * decode the base 64 encoded input data. It is assumed the input data is valid.
+         *
+         * @return a byte array representing the decoded data.
+         */
+        public static byte[] Decode(
+            byte[] data)
+        {
+            string s = Strings.FromAsciiByteArray(data);
+            return Convert.FromBase64String(s);
+        }
+
+        /**
+         * decode the base 64 encoded string data - whitespace will be ignored.
+         *
+         * @return a byte array representing the decoded data.
+         */
+        public static byte[] Decode(
+            string data)
+        {
+            return Convert.FromBase64String(data);
+        }
+
+        /**
+         * decode the base 64 encoded string data writing it to the given output stream,
+         * whitespace characters will be ignored.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Decode(
+            string	data,
+            Stream	outStream)
+        {
+            byte[] decoded = Decode(data);
+            outStream.Write(decoded, 0, decoded.Length);
+            return decoded.Length;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/encoders/Base64Encoder.cs b/bc-sharp-crypto/src/util/encoders/Base64Encoder.cs
new file mode 100644
index 0000000..7b53df2
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/Base64Encoder.cs
@@ -0,0 +1,324 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    public class Base64Encoder
+        : IEncoder
+    {
+        protected readonly byte[] encodingTable =
+        {
+            (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G',
+            (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N',
+            (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U',
+            (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z',
+            (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g',
+            (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n',
+            (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u',
+            (byte)'v',
+            (byte)'w', (byte)'x', (byte)'y', (byte)'z',
+            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6',
+            (byte)'7', (byte)'8', (byte)'9',
+            (byte)'+', (byte)'/'
+        };
+
+        protected byte padding = (byte)'=';
+
+        /*
+        * set up the decoding table.
+        */
+        protected readonly byte[] decodingTable = new byte[128];
+
+        protected void InitialiseDecodingTable()
+        {
+            Arrays.Fill(decodingTable, (byte)0xff);
+
+            for (int i = 0; i < encodingTable.Length; i++)
+            {
+                decodingTable[encodingTable[i]] = (byte)i;
+            }
+        }
+
+        public Base64Encoder()
+        {
+            InitialiseDecodingTable();
+        }
+
+        /**
+        * encode the input data producing a base 64 output stream.
+        *
+        * @return the number of bytes produced.
+        */
+        public int Encode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            int modulus = length % 3;
+            int dataLength = (length - modulus);
+            int a1, a2, a3;
+
+            for (int i = off; i < off + dataLength; i += 3)
+            {
+                a1 = data[i] & 0xff;
+                a2 = data[i + 1] & 0xff;
+                a3 = data[i + 2] & 0xff;
+
+                outStream.WriteByte(encodingTable[(int) ((uint) a1 >> 2) & 0x3f]);
+                outStream.WriteByte(encodingTable[((a1 << 4) | (int) ((uint) a2 >> 4)) & 0x3f]);
+                outStream.WriteByte(encodingTable[((a2 << 2) | (int) ((uint) a3 >> 6)) & 0x3f]);
+                outStream.WriteByte(encodingTable[a3 & 0x3f]);
+            }
+
+            /*
+            * process the tail end.
+            */
+            int b1, b2, b3;
+            int d1, d2;
+
+            switch (modulus)
+            {
+                case 0:        /* nothing left to do */
+                    break;
+                case 1:
+                    d1 = data[off + dataLength] & 0xff;
+                    b1 = (d1 >> 2) & 0x3f;
+                    b2 = (d1 << 4) & 0x3f;
+
+                    outStream.WriteByte(encodingTable[b1]);
+                    outStream.WriteByte(encodingTable[b2]);
+                    outStream.WriteByte(padding);
+                    outStream.WriteByte(padding);
+                    break;
+                case 2:
+                    d1 = data[off + dataLength] & 0xff;
+                    d2 = data[off + dataLength + 1] & 0xff;
+
+                    b1 = (d1 >> 2) & 0x3f;
+                    b2 = ((d1 << 4) | (d2 >> 4)) & 0x3f;
+                    b3 = (d2 << 2) & 0x3f;
+
+                    outStream.WriteByte(encodingTable[b1]);
+                    outStream.WriteByte(encodingTable[b2]);
+                    outStream.WriteByte(encodingTable[b3]);
+                    outStream.WriteByte(padding);
+                    break;
+            }
+
+            return (dataLength / 3) * 4 + ((modulus == 0) ? 0 : 4);
+        }
+
+        private bool ignore(
+            char c)
+        {
+            return (c == '\n' || c =='\r' || c == '\t' || c == ' ');
+        }
+
+        /**
+        * decode the base 64 encoded byte data writing it to the given output stream,
+        * whitespace characters will be ignored.
+        *
+        * @return the number of bytes produced.
+        */
+        public int Decode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            byte b1, b2, b3, b4;
+            int outLen = 0;
+
+            int end = off + length;
+
+            while (end > off)
+            {
+                if (!ignore((char)data[end - 1]))
+                {
+                    break;
+                }
+
+                end--;
+            }
+
+            int  i = off;
+            int  finish = end - 4;
+
+            i = nextI(data, i, finish);
+
+            while (i < finish)
+            {
+                b1 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b2 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b3 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b4 = decodingTable[data[i++]];
+
+                if ((b1 | b2 | b3 | b4) >= 0x80)
+                    throw new IOException("invalid characters encountered in base64 data");
+
+                outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+                outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2)));
+                outStream.WriteByte((byte)((b3 << 6) | b4));
+
+                outLen += 3;
+
+                i = nextI(data, i, finish);
+            }
+
+            outLen += decodeLastBlock(outStream, (char)data[end - 4], (char)data[end - 3], (char)data[end - 2], (char)data[end - 1]);
+
+            return outLen;
+        }
+
+        private int nextI(
+            byte[]	data,
+            int		i,
+            int		finish)
+        {
+            while ((i < finish) && ignore((char)data[i]))
+            {
+                i++;
+            }
+            return i;
+        }
+
+        /**
+        * decode the base 64 encoded string data writing it to the given output stream,
+        * whitespace characters will be ignored.
+        *
+        * @return the number of bytes produced.
+        */
+        public int DecodeString(
+            string	data,
+            Stream	outStream)
+        {
+            // Platform Implementation
+//			byte[] bytes = Convert.FromBase64String(data);
+//			outStream.Write(bytes, 0, bytes.Length);
+//			return bytes.Length;
+
+            byte b1, b2, b3, b4;
+            int length = 0;
+
+            int end = data.Length;
+
+            while (end > 0)
+            {
+                if (!ignore(data[end - 1]))
+                {
+                    break;
+                }
+
+                end--;
+            }
+
+            int  i = 0;
+            int  finish = end - 4;
+
+            i = nextI(data, i, finish);
+
+            while (i < finish)
+            {
+                b1 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b2 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b3 = decodingTable[data[i++]];
+
+                i = nextI(data, i, finish);
+
+                b4 = decodingTable[data[i++]];
+
+                if ((b1 | b2 | b3 | b4) >= 0x80)
+                    throw new IOException("invalid characters encountered in base64 data");
+
+                outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+                outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2)));
+                outStream.WriteByte((byte)((b3 << 6) | b4));
+
+                length += 3;
+
+                i = nextI(data, i, finish);
+            }
+
+            length += decodeLastBlock(outStream, data[end - 4], data[end - 3], data[end - 2], data[end - 1]);
+
+            return length;
+        }
+
+        private int decodeLastBlock(
+            Stream	outStream,
+            char	c1,
+            char	c2,
+            char	c3,
+            char	c4)
+        {
+            if (c3 == padding)
+            {
+                byte b1 = decodingTable[c1];
+                byte b2 = decodingTable[c2];
+
+                if ((b1 | b2) >= 0x80)
+                    throw new IOException("invalid characters encountered at end of base64 data");
+
+                outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+
+                return 1;
+            }
+
+            if (c4 == padding)
+            {
+                byte b1 = decodingTable[c1];
+                byte b2 = decodingTable[c2];
+                byte b3 = decodingTable[c3];
+
+                if ((b1 | b2 | b3) >= 0x80)
+                    throw new IOException("invalid characters encountered at end of base64 data");
+
+                outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+                outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2)));
+
+                return 2;
+            }
+
+            {
+                byte b1 = decodingTable[c1];
+                byte b2 = decodingTable[c2];
+                byte b3 = decodingTable[c3];
+                byte b4 = decodingTable[c4];
+
+                if ((b1 | b2 | b3 | b4) >= 0x80)
+                    throw new IOException("invalid characters encountered at end of base64 data");
+
+                outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4)));
+                outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2)));
+                outStream.WriteByte((byte)((b3 << 6) | b4));
+
+                return 3;
+            }
+        }
+
+        private int nextI(string data, int i, int finish)
+        {
+            while ((i < finish) && ignore(data[i]))
+            {
+                i++;
+            }
+            return i;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/encoders/BufferedDecoder.cs b/bc-sharp-crypto/src/util/encoders/BufferedDecoder.cs
new file mode 100644
index 0000000..633cf1e
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/BufferedDecoder.cs
@@ -0,0 +1,117 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    /// <summary>
+    ///  A buffering class to allow translation from one format to another to
+    ///     be done in discrete chunks.
+    /// </summary>
+    public class BufferedDecoder
+    {
+        internal byte[]        buffer;
+        internal int           bufOff;
+
+        internal ITranslator   translator;
+
+        /// <summary>
+        /// Create a buffered Decoder.
+        /// </summary>
+        /// <param name="translator">The translater to use.</param>
+        /// <param name="bufferSize">The size of the buffer.</param>
+        public BufferedDecoder(
+            ITranslator translator,
+            int         bufferSize)
+        {
+            this.translator = translator;
+
+            if ((bufferSize % translator.GetEncodedBlockSize()) != 0)
+            {
+                throw new ArgumentException("buffer size not multiple of input block size");
+            }
+
+            buffer = new byte[bufferSize];
+//            bufOff = 0;
+        }
+
+        /// <summary>
+        /// Process one byte of data.
+        /// </summary>
+        /// <param name="input">Data in.</param>
+        /// <param name="output">Byte array for the output.</param>
+        /// <param name="outOff">The offset in the output byte array to start writing from.</param>
+        /// <returns>The amount of output bytes.</returns>
+        public int ProcessByte(
+            byte        input,
+            byte[]      output,
+            int         outOff)
+        {
+            int         resultLen = 0;
+
+            buffer[bufOff++] = input;
+
+            if (bufOff == buffer.Length)
+            {
+                resultLen = translator.Decode(buffer, 0, buffer.Length, output, outOff);
+                bufOff = 0;
+            }
+
+            return resultLen;
+        }
+
+
+        /// <summary>
+        /// Process data from a byte array.
+        /// </summary>
+        /// <param name="input">The input data.</param>
+        /// <param name="inOff">Start position within input data array.</param>
+        /// <param name="len">Amount of data to process from input data array.</param>
+        /// <param name="outBytes">Array to store output.</param>
+        /// <param name="outOff">Position in output array to start writing from.</param>
+        /// <returns>The amount of output bytes.</returns>
+        public int ProcessBytes(
+            byte[]      input,
+            int         inOff,
+            int         len,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            if (len < 0)
+            {
+            throw new ArgumentException("Can't have a negative input length!");
+            }
+
+            int resultLen = 0;
+            int gapLen = buffer.Length - bufOff;
+
+            if (len > gapLen)
+            {
+                Array.Copy(input, inOff, buffer, bufOff, gapLen);
+
+                resultLen += translator.Decode(buffer, 0, buffer.Length, outBytes, outOff);
+
+                bufOff = 0;
+
+                len -= gapLen;
+                inOff += gapLen;
+                outOff += resultLen;
+
+                int chunkSize = len - (len % buffer.Length);
+
+                resultLen += translator.Decode(input, inOff, chunkSize, outBytes, outOff);
+
+                len -= chunkSize;
+                inOff += chunkSize;
+            }
+
+            if (len != 0)
+            {
+                Array.Copy(input, inOff, buffer, bufOff, len);
+
+                bufOff += len;
+            }
+
+            return resultLen;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/util/encoders/BufferedEncoder.cs b/bc-sharp-crypto/src/util/encoders/BufferedEncoder.cs
new file mode 100644
index 0000000..5c3b1ab
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/BufferedEncoder.cs
@@ -0,0 +1,117 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    /// <summary>
+    /// A class that allows encoding of data using a specific encoder to be processed in chunks.
+    /// </summary>
+    public class BufferedEncoder
+    {
+        internal byte[]        Buffer;
+        internal int           bufOff;
+
+        internal ITranslator   translator;
+
+
+        /// <summary>
+        /// Create.
+        /// </summary>
+        /// <param name="translator">The translator to use.</param>
+        /// <param name="bufferSize">Size of the chunks.</param>
+        public BufferedEncoder(
+            ITranslator translator,
+            int         bufferSize)
+        {
+            this.translator = translator;
+
+            if ((bufferSize % translator.GetEncodedBlockSize()) != 0)
+            {
+                throw new ArgumentException("buffer size not multiple of input block size");
+            }
+
+            Buffer = new byte[bufferSize];
+//            bufOff = 0;
+        }
+
+
+        /// <summary>
+        /// Process one byte of data.
+        /// </summary>
+        /// <param name="input">The byte.</param>
+        /// <param name="outBytes">An array to store output in.</param>
+        /// <param name="outOff">Offset within output array to start writing from.</param>
+        /// <returns></returns>
+        public int ProcessByte(
+            byte        input,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            int         resultLen = 0;
+
+            Buffer[bufOff++] = input;
+
+            if (bufOff == Buffer.Length)
+            {
+                resultLen = translator.Encode(Buffer, 0, Buffer.Length, outBytes, outOff);
+                bufOff = 0;
+            }
+
+            return resultLen;
+        }
+
+        /// <summary>
+        /// Process data from a byte array.
+        /// </summary>
+        /// <param name="input">Input data Byte array containing data to be processed.</param>
+        /// <param name="inOff">Start position within input data array.</param>
+        /// <param name="len">Amount of input data to be processed.</param>
+        /// <param name="outBytes">Output data array.</param>
+        /// <param name="outOff">Offset within output data array to start writing to.</param>
+        /// <returns>The amount of data written.</returns>
+        public int ProcessBytes(
+            byte[]      input,
+            int         inOff,
+            int         len,
+            byte[]      outBytes,
+            int         outOff)
+        {
+            if (len < 0)
+            {
+            throw new ArgumentException("Can't have a negative input length!");
+            }
+
+            int resultLen = 0;
+            int gapLen = Buffer.Length - bufOff;
+
+            if (len > gapLen)
+            {
+                Array.Copy(input, inOff, Buffer, bufOff, gapLen);
+
+                resultLen += translator.Encode(Buffer, 0, Buffer.Length, outBytes, outOff);
+
+                bufOff = 0;
+
+                len -= gapLen;
+                inOff += gapLen;
+                outOff += resultLen;
+
+                int chunkSize = len - (len % Buffer.Length);
+
+                resultLen += translator.Encode(input, inOff, chunkSize, outBytes, outOff);
+
+                len -= chunkSize;
+                inOff += chunkSize;
+            }
+
+            if (len != 0)
+            {
+                Array.Copy(input, inOff, Buffer, bufOff, len);
+
+                bufOff += len;
+            }
+
+            return resultLen;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/util/encoders/Hex.cs b/bc-sharp-crypto/src/util/encoders/Hex.cs
new file mode 100644
index 0000000..3540a9d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/Hex.cs
@@ -0,0 +1,130 @@
+using System;
+using System.IO;
+using System.Text;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    /// <summary>
+    /// Class to decode and encode Hex.
+    /// </summary>
+    public sealed class Hex
+    {
+        private static readonly IEncoder encoder = new HexEncoder();
+
+        private Hex()
+        {
+        }
+
+        public static string ToHexString(
+            byte[] data)
+        {
+            return ToHexString(data, 0, data.Length);
+        }
+
+        public static string ToHexString(
+            byte[]	data,
+            int		off,
+            int		length)
+        {
+            byte[] hex = Encode(data, off, length);
+            return Strings.FromAsciiByteArray(hex);
+        }
+
+        /**
+         * encode the input data producing a Hex encoded byte array.
+         *
+         * @return a byte array containing the Hex encoded data.
+         */
+        public static byte[] Encode(
+            byte[] data)
+        {
+            return Encode(data, 0, data.Length);
+        }
+
+        /**
+         * encode the input data producing a Hex encoded byte array.
+         *
+         * @return a byte array containing the Hex encoded data.
+         */
+        public static byte[] Encode(
+            byte[]	data,
+            int		off,
+            int		length)
+        {
+            MemoryStream bOut = new MemoryStream(length * 2);
+
+            encoder.Encode(data, off, length, bOut);
+
+            return bOut.ToArray();
+        }
+
+        /**
+         * Hex encode the byte data writing it to the given output stream.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Encode(
+            byte[]	data,
+            Stream	outStream)
+        {
+            return encoder.Encode(data, 0, data.Length, outStream);
+        }
+
+        /**
+         * Hex encode the byte data writing it to the given output stream.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Encode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            return encoder.Encode(data, off, length, outStream);
+        }
+
+        /**
+         * decode the Hex encoded input data. It is assumed the input data is valid.
+         *
+         * @return a byte array representing the decoded data.
+         */
+        public static byte[] Decode(
+            byte[] data)
+        {
+            MemoryStream bOut = new MemoryStream((data.Length + 1) / 2);
+
+            encoder.Decode(data, 0, data.Length, bOut);
+
+            return bOut.ToArray();
+        }
+
+        /**
+         * decode the Hex encoded string data - whitespace will be ignored.
+         *
+         * @return a byte array representing the decoded data.
+         */
+        public static byte[] Decode(
+            string data)
+        {
+            MemoryStream bOut = new MemoryStream((data.Length + 1) / 2);
+
+            encoder.DecodeString(data, bOut);
+
+            return bOut.ToArray();
+        }
+
+        /**
+         * decode the Hex encoded string data writing it to the given output stream,
+         * whitespace characters will be ignored.
+         *
+         * @return the number of bytes produced.
+         */
+        public static int Decode(
+            string	data,
+            Stream	outStream)
+        {
+            return encoder.DecodeString(data, outStream);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/encoders/HexEncoder.cs b/bc-sharp-crypto/src/util/encoders/HexEncoder.cs
new file mode 100644
index 0000000..af526e0
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/HexEncoder.cs
@@ -0,0 +1,176 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    public class HexEncoder
+        : IEncoder
+    {
+        protected readonly byte[] encodingTable =
+        {
+            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7',
+            (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f'
+        };
+
+        /*
+         * set up the decoding table.
+         */
+        protected readonly byte[] decodingTable = new byte[128];
+
+        protected void InitialiseDecodingTable()
+        {
+            Arrays.Fill(decodingTable, (byte)0xff);
+
+            for (int i = 0; i < encodingTable.Length; i++)
+            {
+                decodingTable[encodingTable[i]] = (byte)i;
+            }
+
+            decodingTable['A'] = decodingTable['a'];
+            decodingTable['B'] = decodingTable['b'];
+            decodingTable['C'] = decodingTable['c'];
+            decodingTable['D'] = decodingTable['d'];
+            decodingTable['E'] = decodingTable['e'];
+            decodingTable['F'] = decodingTable['f'];
+        }
+
+        public HexEncoder()
+        {
+            InitialiseDecodingTable();
+        }
+
+        /**
+        * encode the input data producing a Hex output stream.
+        *
+        * @return the number of bytes produced.
+        */
+        public int Encode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            for (int i = off; i < (off + length); i++)
+            {
+                int v = data[i];
+
+                outStream.WriteByte(encodingTable[v >> 4]);
+                outStream.WriteByte(encodingTable[v & 0xf]);
+            }
+
+            return length * 2;
+        }
+
+        private static bool Ignore(char c)
+        {
+            return c == '\n' || c =='\r' || c == '\t' || c == ' ';
+        }
+
+        /**
+        * decode the Hex encoded byte data writing it to the given output stream,
+        * whitespace characters will be ignored.
+        *
+        * @return the number of bytes produced.
+        */
+        public int Decode(
+            byte[]	data,
+            int		off,
+            int		length,
+            Stream	outStream)
+        {
+            byte b1, b2;
+            int outLen = 0;
+            int end = off + length;
+
+            while (end > off)
+            {
+                if (!Ignore((char)data[end - 1]))
+                {
+                    break;
+                }
+
+                end--;
+            }
+
+            int i = off;
+            while (i < end)
+            {
+                while (i < end && Ignore((char)data[i]))
+                {
+                    i++;
+                }
+
+                b1 = decodingTable[data[i++]];
+
+                while (i < end && Ignore((char)data[i]))
+                {
+                    i++;
+                }
+
+                b2 = decodingTable[data[i++]];
+
+                if ((b1 | b2) >= 0x80)
+                    throw new IOException("invalid characters encountered in Hex data");
+
+                outStream.WriteByte((byte)((b1 << 4) | b2));
+
+                outLen++;
+            }
+
+            return outLen;
+        }
+
+        /**
+        * decode the Hex encoded string data writing it to the given output stream,
+        * whitespace characters will be ignored.
+        *
+        * @return the number of bytes produced.
+        */
+        public int DecodeString(
+            string	data,
+            Stream	outStream)
+        {
+            byte    b1, b2;
+            int     length = 0;
+
+            int     end = data.Length;
+
+            while (end > 0)
+            {
+                if (!Ignore(data[end - 1]))
+                {
+                    break;
+                }
+
+                end--;
+            }
+
+            int i = 0;
+            while (i < end)
+            {
+                while (i < end && Ignore(data[i]))
+                {
+                    i++;
+                }
+
+                b1 = decodingTable[data[i++]];
+
+                while (i < end && Ignore(data[i]))
+                {
+                    i++;
+                }
+
+                b2 = decodingTable[data[i++]];
+
+                if ((b1 | b2) >= 0x80)
+                    throw new IOException("invalid characters encountered in Hex data");
+
+                outStream.WriteByte((byte)((b1 << 4) | b2));
+
+                length++;
+            }
+
+            return length;
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/encoders/HexTranslator.cs b/bc-sharp-crypto/src/util/encoders/HexTranslator.cs
new file mode 100644
index 0000000..9775b69
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/HexTranslator.cs
@@ -0,0 +1,108 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    /// <summary>
+    /// A hex translator.
+    /// </summary>
+    public class HexTranslator : ITranslator
+    {
+        private static readonly byte[]   hexTable =
+            {
+                (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7',
+                (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f'
+            };
+
+        /// <summary>
+        /// Return encoded block size.
+        /// </summary>
+        /// <returns>2</returns>
+        public int GetEncodedBlockSize()
+        {
+            return 2;
+        }
+
+        /// <summary>
+        /// Encode some data.
+        /// </summary>
+        /// <param name="input">Input data array.</param>
+        /// <param name="inOff">Start position within input data array.</param>
+        /// <param name="length">The amount of data to process.</param>
+        /// <param name="outBytes">The output data array.</param>
+        /// <param name="outOff">The offset within the output data array to start writing from.</param>
+        /// <returns>Amount of data encoded.</returns>
+        public int Encode(
+            byte[]  input,
+            int     inOff,
+            int     length,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            for (int i = 0, j = 0; i < length; i++, j += 2)
+            {
+                outBytes[outOff + j] = hexTable[(input[inOff] >> 4) & 0x0f];
+                outBytes[outOff + j + 1] = hexTable[input[inOff] & 0x0f];
+
+                inOff++;
+            }
+
+            return length * 2;
+        }
+
+        /// <summary>
+        /// Returns the decoded block size.
+        /// </summary>
+        /// <returns>1</returns>
+        public int GetDecodedBlockSize()
+        {
+            return 1;
+        }
+
+        /// <summary>
+        /// Decode data from a byte array.
+        /// </summary>
+        /// <param name="input">The input data array.</param>
+        /// <param name="inOff">Start position within input data array.</param>
+        /// <param name="length">The amounty of data to process.</param>
+        /// <param name="outBytes">The output data array.</param>
+        /// <param name="outOff">The position within the output data array to start writing from.</param>
+        /// <returns>The amount of data written.</returns>
+        public int Decode(
+            byte[]  input,
+            int     inOff,
+            int     length,
+            byte[]  outBytes,
+            int     outOff)
+        {
+            int halfLength = length / 2;
+            byte left, right;
+            for (int i = 0; i < halfLength; i++)
+            {
+                left  = input[inOff + i * 2];
+                right = input[inOff + i * 2 + 1];
+
+                if (left < (byte)'a')
+                {
+                    outBytes[outOff] = (byte)((left - '0') << 4);
+                }
+                else
+                {
+                    outBytes[outOff] = (byte)((left - 'a' + 10) << 4);
+                }
+                if (right < (byte)'a')
+                {
+                    outBytes[outOff] += (byte)(right - '0');
+                }
+                else
+                {
+                    outBytes[outOff] += (byte)(right - 'a' + 10);
+                }
+
+                outOff++;
+            }
+
+            return halfLength;
+        }
+    }
+
+}
diff --git a/bc-sharp-crypto/src/util/encoders/IEncoder.cs b/bc-sharp-crypto/src/util/encoders/IEncoder.cs
new file mode 100644
index 0000000..5887d5d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/IEncoder.cs
@@ -0,0 +1,18 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+	/**
+	 * Encode and decode byte arrays (typically from binary to 7-bit ASCII
+	 * encodings).
+	 */
+	public interface IEncoder
+	{
+		int Encode(byte[] data, int off, int length, Stream outStream);
+
+		int Decode(byte[] data, int off, int length, Stream outStream);
+
+		int DecodeString(string data, Stream outStream);
+	}
+}
diff --git a/bc-sharp-crypto/src/util/encoders/Translator.cs b/bc-sharp-crypto/src/util/encoders/Translator.cs
new file mode 100644
index 0000000..10bd24b
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/Translator.cs
@@ -0,0 +1,19 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+    /// <summary>
+    /// Translator interface.
+    /// </summary>
+    public interface ITranslator
+    {
+        int GetEncodedBlockSize();
+
+        int Encode(byte[] input, int inOff, int length, byte[] outBytes, int outOff);
+
+        int GetDecodedBlockSize();
+
+        int Decode(byte[] input, int inOff, int length, byte[] outBytes, int outOff);
+    }
+
+}
diff --git a/bc-sharp-crypto/src/util/encoders/UrlBase64.cs b/bc-sharp-crypto/src/util/encoders/UrlBase64.cs
new file mode 100644
index 0000000..94195ef
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/UrlBase64.cs
@@ -0,0 +1,127 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+	/**
+	* Convert binary data to and from UrlBase64 encoding.  This is identical to
+	* Base64 encoding, except that the padding character is "." and the other 
+	* non-alphanumeric characters are "-" and "_" instead of "+" and "/".
+	* <p>
+	* The purpose of UrlBase64 encoding is to provide a compact encoding of binary
+	* data that is safe for use as an URL parameter. Base64 encoding does not
+	* produce encoded values that are safe for use in URLs, since "/" can be 
+	* interpreted as a path delimiter; "+" is the encoded form of a space; and
+	* "=" is used to separate a name from the corresponding value in an URL 
+	* parameter.
+	* </p>
+	*/
+	public class UrlBase64
+	{
+		private static readonly IEncoder encoder = new UrlBase64Encoder();
+
+		/**
+		* Encode the input data producing a URL safe base 64 encoded byte array.
+		*
+		* @return a byte array containing the URL safe base 64 encoded data.
+		*/
+		public static byte[] Encode(
+			byte[] data)
+		{
+			MemoryStream bOut = new MemoryStream();
+
+			try
+			{
+				encoder.Encode(data, 0, data.Length, bOut);
+			}
+			catch (IOException e)
+			{
+				throw new Exception("exception encoding URL safe base64 string: " + e.Message, e);
+			}
+
+			return bOut.ToArray();
+		}
+
+		/**
+		* Encode the byte data writing it to the given output stream.
+		*
+		* @return the number of bytes produced.
+		*/
+		public static int Encode(
+			byte[]	data,
+			Stream	outStr)
+		{
+			return encoder.Encode(data, 0, data.Length, outStr);
+		}
+
+		/**
+		* Decode the URL safe base 64 encoded input data - white space will be ignored.
+		*
+		* @return a byte array representing the decoded data.
+		*/
+		public static byte[] Decode(
+			byte[] data)
+		{
+			MemoryStream bOut = new MemoryStream();
+
+			try
+			{
+				encoder.Decode(data, 0, data.Length, bOut);
+			}
+			catch (IOException e)
+			{
+				throw new Exception("exception decoding URL safe base64 string: " + e.Message, e);
+			}
+
+			return bOut.ToArray();
+		}
+
+		/**
+		* decode the URL safe base 64 encoded byte data writing it to the given output stream,
+		* whitespace characters will be ignored.
+		*
+		* @return the number of bytes produced.
+		*/
+		public static int Decode(
+			byte[]	data,
+			Stream	outStr)
+		{
+			return encoder.Decode(data, 0, data.Length, outStr);
+		}
+
+		/**
+		* decode the URL safe base 64 encoded string data - whitespace will be ignored.
+		*
+		* @return a byte array representing the decoded data.
+		*/
+		public static byte[] Decode(
+			string data)
+		{
+			MemoryStream bOut = new MemoryStream();
+
+			try
+			{
+				encoder.DecodeString(data, bOut);
+			}
+			catch (IOException e)
+			{
+				throw new Exception("exception decoding URL safe base64 string: " + e.Message, e);
+			}
+	        
+			return bOut.ToArray();
+		}
+	    
+		/**
+		* Decode the URL safe base 64 encoded string data writing it to the given output stream,
+		* whitespace characters will be ignored.
+		*
+		* @return the number of bytes produced.
+		*/
+		public static int Decode(
+			string	data,
+			Stream	outStr)
+		{
+			return encoder.DecodeString(data, outStr);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/encoders/UrlBase64Encoder.cs b/bc-sharp-crypto/src/util/encoders/UrlBase64Encoder.cs
new file mode 100644
index 0000000..5611a83
--- /dev/null
+++ b/bc-sharp-crypto/src/util/encoders/UrlBase64Encoder.cs
@@ -0,0 +1,31 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Encoders
+{
+	/**
+	* Convert binary data to and from UrlBase64 encoding.  This is identical to
+	* Base64 encoding, except that the padding character is "." and the other 
+	* non-alphanumeric characters are "-" and "_" instead of "+" and "/".
+	* <p>
+	* The purpose of UrlBase64 encoding is to provide a compact encoding of binary
+	* data that is safe for use as an URL parameter. Base64 encoding does not
+	* produce encoded values that are safe for use in URLs, since "/" can be 
+	* interpreted as a path delimiter; "+" is the encoded form of a space; and
+	* "=" is used to separate a name from the corresponding value in an URL 
+	* parameter.
+	* </p>
+	*/
+	public class UrlBase64Encoder
+		: Base64Encoder
+	{
+		public UrlBase64Encoder()
+		{
+			encodingTable[encodingTable.Length - 2] = (byte) '-';
+			encodingTable[encodingTable.Length - 1] = (byte) '_';
+			padding = (byte) '.';
+			// we must re-create the decoding table with the new encoded values.
+			InitialiseDecodingTable();
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/io/BaseInputStream.cs b/bc-sharp-crypto/src/util/io/BaseInputStream.cs
new file mode 100644
index 0000000..a5613d8
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/BaseInputStream.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+    public abstract class BaseInputStream : Stream
+    {
+		private bool closed;
+
+		public sealed override bool CanRead { get { return !closed; } }
+        public sealed override bool CanSeek { get { return false; } }
+        public sealed override bool CanWrite { get { return false; } }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                closed = true;
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+        {
+            closed = true;
+            base.Close();
+        }
+#endif
+
+        public sealed override void Flush() {}
+        public sealed override long Length { get { throw new NotSupportedException(); } }
+        public sealed override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+
+        public override int Read(byte[] buffer, int offset, int count)
+        {
+            int pos = offset;
+            try
+            {
+                int end = offset + count;
+                while (pos < end)
+                {
+                    int b = ReadByte();
+                    if (b == -1) break;
+                    buffer[pos++] = (byte) b;
+                }
+            }
+            catch (IOException)
+            {
+                if (pos == offset) throw;
+            }
+            return pos - offset;
+        }
+
+        public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); }
+        public sealed override void SetLength(long value) { throw new NotSupportedException(); }
+        public sealed override void Write(byte[] buffer, int offset, int count) { throw new NotSupportedException(); }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/io/BaseOutputStream.cs b/bc-sharp-crypto/src/util/io/BaseOutputStream.cs
new file mode 100644
index 0000000..0dbe821
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/BaseOutputStream.cs
@@ -0,0 +1,69 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+    public abstract class BaseOutputStream : Stream
+    {
+		private bool closed;
+
+		public sealed override bool CanRead { get { return false; } }
+        public sealed override bool CanSeek { get { return false; } }
+        public sealed override bool CanWrite { get { return !closed; } }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                closed = true;
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            closed = true;
+            base.Close();
+        }
+#endif
+
+        public override void Flush() { }
+        public sealed override long Length { get { throw new NotSupportedException(); } }
+        public sealed override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+        public sealed override int Read(byte[] buffer, int offset, int count) { throw new NotSupportedException(); }
+        public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); }
+        public sealed override void SetLength(long value) { throw new NotSupportedException(); }
+
+        public override void Write(byte[] buffer, int offset, int count)
+        {
+            Debug.Assert(buffer != null);
+            Debug.Assert(0 <= offset && offset <= buffer.Length);
+            Debug.Assert(count >= 0);
+
+            int end = offset + count;
+
+            Debug.Assert(0 <= end && end <= buffer.Length);
+
+            for (int i = offset; i < end; ++i)
+            {
+                this.WriteByte(buffer[i]);
+            }
+        }
+
+		public virtual void Write(params byte[] buffer)
+		{
+			Write(buffer, 0, buffer.Length);
+		}
+
+        public override void WriteByte(byte b)
+        {
+            Write(new byte[]{ b }, 0, 1);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/io/FilterStream.cs b/bc-sharp-crypto/src/util/io/FilterStream.cs
new file mode 100644
index 0000000..a92dee3
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/FilterStream.cs
@@ -0,0 +1,78 @@
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+    public class FilterStream : Stream
+    {
+        public FilterStream(Stream s)
+        {
+            this.s = s;
+        }
+        public override bool CanRead
+        {
+            get { return s.CanRead; }
+        }
+        public override bool CanSeek
+        {
+            get { return s.CanSeek; }
+        }
+        public override bool CanWrite
+        {
+            get { return s.CanWrite; }
+        }
+        public override long Length
+        {
+            get { return s.Length; }
+        }
+        public override long Position
+        {
+            get { return s.Position; }
+            set { s.Position = value; }
+        }
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(s);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            Platform.Dispose(s);
+            base.Close();
+        }
+#endif
+        public override void Flush()
+        {
+            s.Flush();
+        }
+        public override long Seek(long offset, SeekOrigin origin)
+        {
+            return s.Seek(offset, origin);
+        }
+        public override void SetLength(long value)
+        {
+            s.SetLength(value);
+        }
+        public override int Read(byte[] buffer, int offset, int count)
+        {
+            return s.Read(buffer, offset, count);
+        }
+        public override int ReadByte()
+        {
+            return s.ReadByte();
+        }
+        public override void Write(byte[] buffer, int offset, int count)
+        {
+            s.Write(buffer, offset, count);
+        }
+        public override void WriteByte(byte value)
+        {
+            s.WriteByte(value);
+        }
+        protected readonly Stream s;
+    }
+}
diff --git a/bc-sharp-crypto/src/util/io/NullOutputStream.cs b/bc-sharp-crypto/src/util/io/NullOutputStream.cs
new file mode 100644
index 0000000..13877fa
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/NullOutputStream.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+	internal class NullOutputStream
+		: BaseOutputStream
+	{
+		public override void WriteByte(byte b)
+		{
+			// do nothing
+		}
+
+		public override void Write(byte[] buffer, int offset, int count)
+		{
+			// do nothing
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/PushbackStream.cs b/bc-sharp-crypto/src/util/io/PushbackStream.cs
new file mode 100644
index 0000000..9546942
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/PushbackStream.cs
@@ -0,0 +1,52 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.Utilities;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+	public class PushbackStream
+		: FilterStream
+	{
+		private int buf = -1;
+
+		public PushbackStream(
+			Stream s)
+			: base(s)
+		{
+		}
+
+		public override int ReadByte()
+		{
+			if (buf != -1)
+			{
+				int tmp = buf;
+				buf = -1;
+				return tmp;
+			}
+
+			return base.ReadByte();
+		}
+
+		public override int Read(byte[] buffer, int offset, int count)
+		{
+			if (buf != -1 && count > 0)
+			{
+				// TODO Can this case be made more efficient?
+				buffer[offset] = (byte) buf;
+				buf = -1;
+				return 1;
+			}
+
+			return base.Read(buffer, offset, count);
+		}
+
+		public virtual void Unread(int b)
+		{
+			if (buf != -1)
+				throw new InvalidOperationException("Can only push back one byte");
+
+			buf = b & 0xFF;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/StreamOverflowException.cs b/bc-sharp-crypto/src/util/io/StreamOverflowException.cs
new file mode 100644
index 0000000..36d21e2
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/StreamOverflowException.cs
@@ -0,0 +1,30 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class StreamOverflowException
+		: IOException
+	{
+		public StreamOverflowException()
+			: base()
+		{
+		}
+
+		public StreamOverflowException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public StreamOverflowException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/Streams.cs b/bc-sharp-crypto/src/util/io/Streams.cs
new file mode 100644
index 0000000..cc7fa92
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/Streams.cs
@@ -0,0 +1,100 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+	public sealed class Streams
+	{
+		private const int BufferSize = 512;
+
+		private Streams()
+		{
+		}
+
+		public static void Drain(Stream inStr)
+		{
+			byte[] bs = new byte[BufferSize];
+			while (inStr.Read(bs, 0, bs.Length) > 0)
+			{
+			}
+		}
+
+		public static byte[] ReadAll(Stream inStr)
+		{
+			MemoryStream buf = new MemoryStream();
+			PipeAll(inStr, buf);
+			return buf.ToArray();
+		}
+
+		public static byte[] ReadAllLimited(Stream inStr, int limit)
+		{
+			MemoryStream buf = new MemoryStream();
+			PipeAllLimited(inStr, limit, buf);
+			return buf.ToArray();
+		}
+
+		public static int ReadFully(Stream inStr, byte[] buf)
+		{
+			return ReadFully(inStr, buf, 0, buf.Length);
+		}
+
+		public static int ReadFully(Stream inStr, byte[] buf, int off, int len)
+		{
+			int totalRead = 0;
+			while (totalRead < len)
+			{
+				int numRead = inStr.Read(buf, off + totalRead, len - totalRead);
+				if (numRead < 1)
+					break;
+				totalRead += numRead;
+			}
+			return totalRead;
+		}
+
+		public static void PipeAll(Stream inStr, Stream outStr)
+		{
+			byte[] bs = new byte[BufferSize];
+			int numRead;
+			while ((numRead = inStr.Read(bs, 0, bs.Length)) > 0)
+			{
+				outStr.Write(bs, 0, numRead);
+			}
+		}
+
+		/// <summary>
+		/// Pipe all bytes from <c>inStr</c> to <c>outStr</c>, throwing <c>StreamFlowException</c> if greater
+		/// than <c>limit</c> bytes in <c>inStr</c>.
+		/// </summary>
+		/// <param name="inStr">
+		/// A <see cref="Stream"/>
+		/// </param>
+		/// <param name="limit">
+		/// A <see cref="System.Int64"/>
+		/// </param>
+		/// <param name="outStr">
+		/// A <see cref="Stream"/>
+		/// </param>
+		/// <returns>The number of bytes actually transferred, if not greater than <c>limit</c></returns>
+		/// <exception cref="IOException"></exception>
+		public static long PipeAllLimited(Stream inStr, long limit, Stream outStr)
+		{
+			byte[] bs = new byte[BufferSize];
+			long total = 0;
+			int numRead;
+			while ((numRead = inStr.Read(bs, 0, bs.Length)) > 0)
+			{
+                if ((limit - total) < numRead)
+					throw new StreamOverflowException("Data Overflow");
+                total += numRead;
+                outStr.Write(bs, 0, numRead);
+			}
+			return total;
+		}
+
+        /// <exception cref="IOException"></exception>
+        public static void WriteBufTo(MemoryStream buf, Stream output)
+        {
+            buf.WriteTo(output);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/io/TeeInputStream.cs b/bc-sharp-crypto/src/util/io/TeeInputStream.cs
new file mode 100644
index 0000000..6996f3f
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/TeeInputStream.cs
@@ -0,0 +1,64 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+	public class TeeInputStream
+		: BaseInputStream
+	{
+		private readonly Stream input, tee;
+
+		public TeeInputStream(Stream input, Stream tee)
+		{
+			Debug.Assert(input.CanRead);
+			Debug.Assert(tee.CanWrite);
+
+			this.input = input;
+			this.tee = tee;
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(input);
+                Platform.Dispose(tee);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+		{
+            Platform.Dispose(input);
+            Platform.Dispose(tee);
+            base.Close();
+		}
+#endif
+
+        public override int Read(byte[] buf, int off, int len)
+		{
+			int i = input.Read(buf, off, len);
+
+			if (i > 0)
+			{
+				tee.Write(buf, off, i);
+			}
+
+			return i;
+		}
+
+		public override int ReadByte()
+		{
+			int i = input.ReadByte();
+
+			if (i >= 0)
+			{
+				tee.WriteByte((byte)i);
+			}
+
+			return i;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/TeeOutputStream.cs b/bc-sharp-crypto/src/util/io/TeeOutputStream.cs
new file mode 100644
index 0000000..a6c7fd5
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/TeeOutputStream.cs
@@ -0,0 +1,52 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO
+{
+    public class TeeOutputStream
+		: BaseOutputStream
+	{
+		private readonly Stream output, tee;
+
+		public TeeOutputStream(Stream output, Stream tee)
+		{
+			Debug.Assert(output.CanWrite);
+			Debug.Assert(tee.CanWrite);
+
+			this.output = output;
+			this.tee = tee;
+		}
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(output);
+                Platform.Dispose(tee);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+		{
+            Platform.Dispose(output);
+            Platform.Dispose(tee);
+            base.Close();
+		}
+#endif
+
+        public override void Write(byte[] buffer, int offset, int count)
+		{
+			output.Write(buffer, offset, count);
+			tee.Write(buffer, offset, count);
+		}
+
+		public override void WriteByte(byte b)
+		{
+			output.WriteByte(b);
+			tee.WriteByte(b);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemGenerationException.cs b/bc-sharp-crypto/src/util/io/pem/PemGenerationException.cs
new file mode 100644
index 0000000..6b39585
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemGenerationException.cs
@@ -0,0 +1,29 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class PemGenerationException
+		: Exception
+	{
+		public PemGenerationException()
+			: base()
+		{
+		}
+
+		public PemGenerationException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public PemGenerationException(
+			string		message,
+			Exception	exception)
+			: base(message, exception)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemHeader.cs b/bc-sharp-crypto/src/util/io/pem/PemHeader.cs
new file mode 100644
index 0000000..72da8a4
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemHeader.cs
@@ -0,0 +1,55 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	public class PemHeader
+	{
+		private string name;
+		private string val;
+
+		public PemHeader(string name, string val)
+		{
+			this.name = name;
+			this.val = val;
+		}
+
+		public virtual string Name
+		{
+			get { return name; }
+		}
+
+		public virtual string Value
+		{
+			get { return val; }
+		}
+
+		public override int GetHashCode()
+		{
+			return GetHashCode(this.name) + 31 * GetHashCode(this.val);
+		}
+
+		public override bool Equals(object obj)
+		{
+			if (obj == this)
+				return true;
+
+			if (!(obj is PemHeader))
+				return false;
+
+			PemHeader other = (PemHeader)obj;
+
+			return Platform.Equals(this.name, other.name)
+				&& Platform.Equals(this.val, other.val);
+		}
+
+		private int GetHashCode(string s)
+		{
+			if (s == null)
+			{
+				return 1;
+			}
+
+			return s.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemObject.cs b/bc-sharp-crypto/src/util/io/pem/PemObject.cs
new file mode 100644
index 0000000..41212f9
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemObject.cs
@@ -0,0 +1,47 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	public class PemObject
+		: PemObjectGenerator
+	{
+		private string		type;
+		private IList		headers;
+		private byte[]		content;
+
+		public PemObject(string type, byte[] content)
+			: this(type, Platform.CreateArrayList(), content)
+		{
+		}
+
+		public PemObject(String type, IList headers, byte[] content)
+		{
+			this.type = type;
+            this.headers = Platform.CreateArrayList(headers);
+			this.content = content;
+		}
+
+		public string Type
+		{
+			get { return type; }
+		}
+
+		public IList Headers
+		{
+			get { return headers; }
+		}
+
+		public byte[] Content
+		{
+			get { return content; }
+		}
+
+		public PemObject Generate()
+		{
+			return this;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemObjectGenerator.cs b/bc-sharp-crypto/src/util/io/pem/PemObjectGenerator.cs
new file mode 100644
index 0000000..6f9bfc1
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemObjectGenerator.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	public interface PemObjectGenerator
+	{
+		/// <returns>
+		/// A <see cref="PemObject"/>
+		/// </returns>
+		/// <exception cref="PemGenerationException"></exception>
+		PemObject Generate();
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemObjectParser.cs b/bc-sharp-crypto/src/util/io/pem/PemObjectParser.cs
new file mode 100644
index 0000000..91d26dc
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemObjectParser.cs
@@ -0,0 +1,17 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	public interface PemObjectParser
+	{
+		/// <param name="obj">
+		/// A <see cref="PemObject"/>
+		/// </param>
+		/// <returns>
+		/// A <see cref="System.Object"/>
+		/// </returns>
+		/// <exception cref="IOException"></exception>
+		object ParseObject(PemObject obj);
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemReader.cs b/bc-sharp-crypto/src/util/io/pem/PemReader.cs
new file mode 100644
index 0000000..bf712b6
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemReader.cs
@@ -0,0 +1,96 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	public class PemReader
+	{
+		private const string BeginString = "-----BEGIN ";
+		private const string EndString = "-----END ";
+
+		private readonly TextReader reader;
+
+		public PemReader(TextReader reader)
+		{
+			if (reader == null)
+				throw new ArgumentNullException("reader");
+
+			this.reader = reader;
+		}
+
+		public TextReader Reader
+		{
+			get { return reader; }
+		}
+
+		/// <returns>
+		/// A <see cref="PemObject"/>
+		/// </returns>
+		/// <exception cref="IOException"></exception>
+		public PemObject ReadPemObject()
+		{
+			string line = reader.ReadLine();
+
+            if (line != null && Platform.StartsWith(line, BeginString))
+			{
+				line = line.Substring(BeginString.Length);
+				int index = line.IndexOf('-');
+				string type = line.Substring(0, index);
+
+				if (index > 0)
+					return LoadObject(type);
+			}
+
+			return null;
+		}
+
+		private PemObject LoadObject(string type)
+		{
+			string endMarker = EndString + type;
+			IList headers = Platform.CreateArrayList();
+			StringBuilder buf = new StringBuilder();
+
+			string line;
+			while ((line = reader.ReadLine()) != null
+                && Platform.IndexOf(line, endMarker) == -1)
+			{
+				int colonPos = line.IndexOf(':');
+
+				if (colonPos == -1)
+				{
+					buf.Append(line.Trim());
+				}
+				else
+				{
+					// Process field
+					string fieldName = line.Substring(0, colonPos).Trim();
+
+                    if (Platform.StartsWith(fieldName, "X-"))
+                    {
+                        fieldName = fieldName.Substring(2);
+                    }
+
+					string fieldValue = line.Substring(colonPos + 1).Trim();
+
+					headers.Add(new PemHeader(fieldName, fieldValue));
+				}
+			}
+
+			if (line == null)
+			{
+				throw new IOException(endMarker + " not found");
+			}
+
+			if (buf.Length % 4 != 0)
+			{
+				throw new IOException("base64 data appears to be truncated");
+			}
+
+			return new PemObject(type, headers, Base64.Decode(buf.ToString()));
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/io/pem/PemWriter.cs b/bc-sharp-crypto/src/util/io/pem/PemWriter.cs
new file mode 100644
index 0000000..e85b315
--- /dev/null
+++ b/bc-sharp-crypto/src/util/io/pem/PemWriter.cs
@@ -0,0 +1,120 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.Utilities.IO.Pem
+{
+	/**
+	* A generic PEM writer, based on RFC 1421
+	*/
+	public class PemWriter
+	{
+		private const int LineLength = 64;
+
+		private readonly TextWriter	writer;
+		private readonly int		nlLength;
+		private char[]				buf = new char[LineLength];
+		
+		/**
+		 * Base constructor.
+		 *
+		 * @param out output stream to use.
+		 */
+		public PemWriter(TextWriter writer)
+		{
+			if (writer == null)
+				throw new ArgumentNullException("writer");
+
+			this.writer = writer;
+			this.nlLength = Platform.NewLine.Length;
+		}
+
+		public TextWriter Writer
+		{
+			get { return writer; }
+		}
+
+		/**
+		 * Return the number of bytes or characters required to contain the
+		 * passed in object if it is PEM encoded.
+		 *
+		 * @param obj pem object to be output
+		 * @return an estimate of the number of bytes
+		 */
+		public int GetOutputSize(PemObject obj)
+		{
+			// BEGIN and END boundaries.
+			int size = (2 * (obj.Type.Length + 10 + nlLength)) + 6 + 4;
+
+			if (obj.Headers.Count > 0)
+			{
+				foreach (PemHeader header in obj.Headers)
+				{
+					size += header.Name.Length + ": ".Length + header.Value.Length + nlLength;
+				}
+
+				size += nlLength;
+			}
+
+			// base64 encoding
+			int dataLen = ((obj.Content.Length + 2) / 3) * 4;
+
+			size += dataLen + (((dataLen + LineLength - 1) / LineLength) * nlLength);
+
+			return size;
+		}
+
+		public void WriteObject(PemObjectGenerator objGen)
+		{
+			PemObject obj = objGen.Generate();
+
+			WritePreEncapsulationBoundary(obj.Type);
+
+			if (obj.Headers.Count > 0)
+			{
+				foreach (PemHeader header in obj.Headers)
+				{
+					writer.Write(header.Name);
+					writer.Write(": ");
+					writer.WriteLine(header.Value);
+				}
+
+				writer.WriteLine();
+			}
+
+			WriteEncoded(obj.Content);
+			WritePostEncapsulationBoundary(obj.Type);
+		}
+
+		private void WriteEncoded(byte[] bytes)
+		{
+			bytes = Base64.Encode(bytes);
+
+			for (int i = 0; i < bytes.Length; i += buf.Length)
+			{
+				int index = 0;
+				while (index != buf.Length)
+				{
+					if ((i + index) >= bytes.Length)
+						break;
+
+					buf[index] = (char)bytes[i + index];
+					index++;
+				}
+				writer.WriteLine(buf, 0, index);
+			}
+		}
+
+		private void WritePreEncapsulationBoundary(string type)
+		{
+			writer.WriteLine("-----BEGIN " + type + "-----");
+		}
+
+		private void WritePostEncapsulationBoundary(string type)
+		{
+			writer.WriteLine("-----END " + type + "-----");
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/net/IPAddress.cs b/bc-sharp-crypto/src/util/net/IPAddress.cs
new file mode 100644
index 0000000..38c1245
--- /dev/null
+++ b/bc-sharp-crypto/src/util/net/IPAddress.cs
@@ -0,0 +1,197 @@
+using System;
+using System.Globalization;
+
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.Utilities.Net
+{
+	public class IPAddress
+	{
+		/**
+		 * Validate the given IPv4 or IPv6 address.
+		 *
+		 * @param address the IP address as a string.
+		 *
+		 * @return true if a valid address, false otherwise
+		 */
+		public static bool IsValid(
+			string address)
+		{
+			return IsValidIPv4(address) || IsValidIPv6(address);
+		}
+
+		/**
+		 * Validate the given IPv4 or IPv6 address and netmask.
+		 *
+		 * @param address the IP address as a string.
+		 *
+		 * @return true if a valid address with netmask, false otherwise
+		 */
+		public static bool IsValidWithNetMask(
+			string address)
+		{
+			return IsValidIPv4WithNetmask(address) || IsValidIPv6WithNetmask(address);
+		}
+
+		/**
+		 * Validate the given IPv4 address.
+		 * 
+		 * @param address the IP address as a string.
+		 *
+		 * @return true if a valid IPv4 address, false otherwise
+		 */
+		public static bool IsValidIPv4(
+			string address)
+		{
+			try
+			{
+				return unsafeIsValidIPv4(address);
+			}
+			catch (FormatException) {}
+			catch (OverflowException) {}
+			return false;
+		}
+
+		private static bool unsafeIsValidIPv4(
+			string address)
+		{
+			if (address.Length == 0)
+				return false;
+
+			int octets = 0;
+			string temp = address + ".";
+
+			int pos;
+			int start = 0;
+			while (start < temp.Length
+				&& (pos = temp.IndexOf('.', start)) > start)
+			{
+				if (octets == 4)
+					return false;
+
+				string octetStr = temp.Substring(start, pos - start);
+				int octet = Int32.Parse(octetStr);
+
+				if (octet < 0 || octet > 255)
+					return false;
+
+				start = pos + 1;
+				octets++;
+			}
+
+			return octets == 4;
+		}
+
+		public static bool IsValidIPv4WithNetmask(
+			string address)
+		{
+			int index = address.IndexOf('/');
+			string mask = address.Substring(index + 1);
+
+			return (index > 0) && IsValidIPv4(address.Substring(0, index))
+				&& (IsValidIPv4(mask) || IsMaskValue(mask, 32));
+		}
+
+		public static bool IsValidIPv6WithNetmask(
+			string address)
+		{
+			int index = address.IndexOf('/');
+			string mask = address.Substring(index + 1);
+
+			return (index > 0) && (IsValidIPv6(address.Substring(0, index))
+				&& (IsValidIPv6(mask) || IsMaskValue(mask, 128)));
+		}
+
+		private static bool IsMaskValue(
+			string	component,
+			int		size)
+		{
+			int val = Int32.Parse(component);
+			try
+			{
+				return val >= 0 && val <= size;
+			}
+			catch (FormatException) {}
+			catch (OverflowException) {}
+			return false;
+		}
+
+		/**
+		 * Validate the given IPv6 address.
+		 *
+		 * @param address the IP address as a string.
+		 *
+		 * @return true if a valid IPv4 address, false otherwise
+		 */
+		public static bool IsValidIPv6(
+			string address)
+		{
+			try
+			{
+				return unsafeIsValidIPv6(address);
+			}
+			catch (FormatException) {}
+			catch (OverflowException) {}
+			return false;
+		}
+
+		private static bool unsafeIsValidIPv6(
+			string address)
+		{
+			if (address.Length == 0)
+			{
+				return false;
+			}
+
+			int octets = 0;
+
+			string temp = address + ":";
+			bool doubleColonFound = false;
+			int pos;
+			int start = 0;
+			while (start < temp.Length
+				&& (pos = temp.IndexOf(':', start)) >= start)
+			{
+				if (octets == 8)
+				{
+					return false;
+				}
+
+				if (start != pos)
+				{
+					string value = temp.Substring(start, pos - start);
+
+					if (pos == (temp.Length - 1) && value.IndexOf('.') > 0)
+					{
+						if (!IsValidIPv4(value))
+						{
+							return false;
+						}
+
+						octets++; // add an extra one as address covers 2 words.
+					}
+					else
+					{
+						string octetStr = temp.Substring(start, pos - start);
+						int octet = Int32.Parse(octetStr, NumberStyles.AllowHexSpecifier);
+
+						if (octet < 0 || octet > 0xffff)
+							return false;
+					}
+				}
+				else
+				{
+					if (pos != 1 && pos != temp.Length - 1 && doubleColonFound)
+					{
+						return false;
+					}
+					doubleColonFound = true;
+				}
+				start = pos + 1;
+				octets++;
+			}
+
+			return octets == 8 || doubleColonFound;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/zlib/Adler32.cs b/bc-sharp-crypto/src/util/zlib/Adler32.cs
new file mode 100644
index 0000000..c38258f
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/Adler32.cs
@@ -0,0 +1,88 @@
+using System;
+/*
+ * $Id: Adler32.cs,v 1.1 2006-07-31 13:59:25 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class Adler32{
+
+        // largest prime smaller than 65536
+        private const int BASE=65521; 
+        // NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1
+        private const int NMAX=5552;
+
+        internal long adler32(long adler, byte[] buf, int index, int len){
+            if(buf == null){ return 1L; }
+
+            long s1=adler&0xffff;
+            long s2=(adler>>16)&0xffff;
+            int k;
+
+            while(len > 0) {
+                k=len<NMAX?len:NMAX;
+                len-=k;
+                while(k>=16){
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    s1+=buf[index++]&0xff; s2+=s1;
+                    k-=16;
+                }
+                if(k!=0){
+                    do{
+                        s1+=buf[index++]&0xff; s2+=s1;
+                    }
+                    while(--k!=0);
+                }
+                s1%=BASE;
+                s2%=BASE;
+            }
+            return (s2<<16)|s1;
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/Deflate.cs b/bc-sharp-crypto/src/util/zlib/Deflate.cs
new file mode 100644
index 0000000..ca04309
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/Deflate.cs
@@ -0,0 +1,1640 @@
+using System;
+/*
+ * $Id: Deflate.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    public sealed class Deflate{
+
+        private const int MAX_MEM_LEVEL=9;
+
+        private const int Z_DEFAULT_COMPRESSION=-1;
+
+        private const int MAX_WBITS=15;            // 32K LZ77 window
+        private const int DEF_MEM_LEVEL=8;
+
+        internal class Config{
+            internal int good_length; // reduce lazy search above this match length
+            internal int max_lazy;    // do not perform lazy search above this match length
+            internal int nice_length; // quit search above this match length
+            internal int max_chain;
+            internal int func;
+            internal Config(int good_length, int max_lazy, 
+                int nice_length, int max_chain, int func){
+                this.good_length=good_length;
+                this.max_lazy=max_lazy;
+                this.nice_length=nice_length;
+                this.max_chain=max_chain;
+                this.func=func;
+            }
+        }
+  
+        private const int STORED=0;
+        private const int FAST=1;
+        private const int SLOW=2;
+        private static readonly Config[] config_table;
+
+		static Deflate(){
+            config_table=new Config[10];
+            //                         good  lazy  nice  chain
+            config_table[0]=new Config(0,    0,    0,    0, STORED);
+            config_table[1]=new Config(4,    4,    8,    4, FAST);
+            config_table[2]=new Config(4,    5,   16,    8, FAST);
+            config_table[3]=new Config(4,    6,   32,   32, FAST);
+
+            config_table[4]=new Config(4,    4,   16,   16, SLOW);
+            config_table[5]=new Config(8,   16,   32,   32, SLOW);
+            config_table[6]=new Config(8,   16,  128,  128, SLOW);
+            config_table[7]=new Config(8,   32,  128,  256, SLOW);
+            config_table[8]=new Config(32, 128,  258, 1024, SLOW);
+            config_table[9]=new Config(32, 258,  258, 4096, SLOW);
+        }
+
+        private static readonly String[] z_errmsg = {
+                                               "need dictionary",     // Z_NEED_DICT       2
+                                               "stream end",          // Z_STREAM_END      1
+                                               "",                    // Z_OK              0
+                                               "file error",          // Z_ERRNO         (-1)
+                                               "stream error",        // Z_STREAM_ERROR  (-2)
+                                               "data error",          // Z_DATA_ERROR    (-3)
+                                               "insufficient memory", // Z_MEM_ERROR     (-4)
+                                               "buffer error",        // Z_BUF_ERROR     (-5)
+                                               "incompatible version",// Z_VERSION_ERROR (-6)
+                                               ""
+                                           };
+
+        // block not completed, need more input or more output
+        private const int NeedMore=0; 
+
+        // block flush performed
+        private const int BlockDone=1; 
+
+        // finish started, need only more output at next deflate
+        private const int FinishStarted=2;
+
+        // finish done, accept no more input or output
+        private const int FinishDone=3;
+
+        // preset dictionary flag in zlib header
+        private const int PRESET_DICT=0x20;
+
+        private const int Z_FILTERED=1;
+        private const int Z_HUFFMAN_ONLY=2;
+        private const int Z_DEFAULT_STRATEGY=0;
+
+        private const int Z_NO_FLUSH=0;
+        private const int Z_PARTIAL_FLUSH=1;
+        private const int Z_SYNC_FLUSH=2;
+        private const int Z_FULL_FLUSH=3;
+        private const int Z_FINISH=4;
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        private const int INIT_STATE=42;
+        private const int BUSY_STATE=113;
+        private const int FINISH_STATE=666;
+
+        // The deflate compression method
+        private const int Z_DEFLATED=8;
+
+        private const int STORED_BLOCK=0;
+        private const int STATIC_TREES=1;
+        private const int DYN_TREES=2;
+
+        // The three kinds of block type
+        private const int Z_BINARY=0;
+        private const int Z_ASCII=1;
+        private const int Z_UNKNOWN=2;
+
+        private const int Buf_size=8*2;
+
+        // repeat previous bit length 3-6 times (2 bits of repeat count)
+        private const int REP_3_6=16; 
+
+        // repeat a zero length 3-10 times  (3 bits of repeat count)
+        private const int REPZ_3_10=17; 
+
+        // repeat a zero length 11-138 times  (7 bits of repeat count)
+        private const int REPZ_11_138=18; 
+
+        private const int MIN_MATCH=3;
+        private const int MAX_MATCH=258;
+        private const int MIN_LOOKAHEAD=(MAX_MATCH+MIN_MATCH+1);
+
+        private const int MAX_BITS=15;
+        private const int D_CODES=30;
+        private const int BL_CODES=19;
+        private const int LENGTH_CODES=29;
+        private const int LITERALS=256;
+        private const int L_CODES=(LITERALS+1+LENGTH_CODES);
+        private const int HEAP_SIZE=(2*L_CODES+1);
+
+        private const int END_BLOCK=256;
+
+        internal ZStream strm;         // pointer back to this zlib stream
+        internal int status;           // as the name implies
+        internal byte[] pending_buf;   // output still pending
+        internal int pending_buf_size; // size of pending_buf
+        internal int pending_out;      // next pending byte to output to the stream
+        internal int pending;          // nb of bytes in the pending buffer
+        internal int noheader;         // suppress zlib header and adler32
+        internal byte data_type;       // UNKNOWN, BINARY or ASCII
+        internal byte method;          // STORED (for zip only) or DEFLATED
+        internal int last_flush;       // value of flush param for previous deflate call
+
+        internal int w_size;           // LZ77 window size (32K by default)
+        internal int w_bits;           // log2(w_size)  (8..16)
+        internal int w_mask;           // w_size - 1
+
+        internal byte[] window;
+        // Sliding window. Input bytes are read into the second half of the window,
+        // and move to the first half later to keep a dictionary of at least wSize
+        // bytes. With this organization, matches are limited to a distance of
+        // wSize-MAX_MATCH bytes, but this ensures that IO is always
+        // performed with a length multiple of the block size. Also, it limits
+        // the window size to 64K, which is quite useful on MSDOS.
+        // To do: use the user input buffer as sliding window.
+
+        internal int window_size;
+        // Actual size of window: 2*wSize, except when the user input buffer
+        // is directly used as sliding window.
+
+        internal short[] prev;
+        // Link to older string with same hash index. To limit the size of this
+        // array to 64K, this link is maintained only for the last 32K strings.
+        // An index in this array is thus a window index modulo 32K.
+
+        internal short[] head; // Heads of the hash chains or NIL.
+
+        internal int ins_h;          // hash index of string to be inserted
+        internal int hash_size;      // number of elements in hash table
+        internal int hash_bits;      // log2(hash_size)
+        internal int hash_mask;      // hash_size-1
+
+        // Number of bits by which ins_h must be shifted at each input
+        // step. It must be such that after MIN_MATCH steps, the oldest
+        // byte no longer takes part in the hash key, that is:
+        // hash_shift * MIN_MATCH >= hash_bits
+        internal int hash_shift;
+
+        // Window position at the beginning of the current output block. Gets
+        // negative when the window is moved backwards.
+
+        internal int block_start;
+
+        internal int match_length;           // length of best match
+        internal int prev_match;             // previous match
+        internal int match_available;        // set if previous match exists
+        internal int strstart;               // start of string to insert
+        internal int match_start;            // start of matching string
+        internal int lookahead;              // number of valid bytes ahead in window
+
+        // Length of the best match at previous step. Matches not greater than this
+        // are discarded. This is used in the lazy match evaluation.
+        internal int prev_length;
+
+        // To speed up deflation, hash chains are never searched beyond this
+        // length.  A higher limit improves compression ratio but degrades the speed.
+        internal int max_chain_length;
+
+        // Attempt to find a better match only when the current match is strictly
+        // smaller than this value. This mechanism is used only for compression
+        // levels >= 4.
+        internal int max_lazy_match;
+
+        // Insert new strings in the hash table only if the match length is not
+        // greater than this length. This saves time but degrades compression.
+        // max_insert_length is used only for compression levels <= 3.
+
+        internal int level;    // compression level (1..9)
+        internal int strategy; // favor or force Huffman coding
+
+        // Use a faster search when the previous match is longer than this
+        internal int good_match;
+
+        // Stop searching when current match exceeds this
+        internal int nice_match;
+
+        internal short[] dyn_ltree;       // literal and length tree
+        internal short[] dyn_dtree;       // distance tree
+        internal short[] bl_tree;         // Huffman tree for bit lengths
+
+        internal Tree l_desc=new Tree();  // desc for literal tree
+        internal Tree d_desc=new Tree();  // desc for distance tree
+        internal Tree bl_desc=new Tree(); // desc for bit length tree
+
+        // number of codes at each bit length for an optimal tree
+        internal short[] bl_count=new short[MAX_BITS+1];
+
+        // heap used to build the Huffman trees
+        internal int[] heap=new int[2*L_CODES+1];
+
+        internal int heap_len;               // number of elements in the heap
+        internal int heap_max;               // element of largest frequency
+        // The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used.
+        // The same heap array is used to build all trees.
+
+        // Depth of each subtree used as tie breaker for trees of equal frequency
+        internal byte[] depth=new byte[2*L_CODES+1];
+
+        internal int l_buf;               // index for literals or lengths */
+
+        // Size of match buffer for literals/lengths.  There are 4 reasons for
+        // limiting lit_bufsize to 64K:
+        //   - frequencies can be kept in 16 bit counters
+        //   - if compression is not successful for the first block, all input
+        //     data is still in the window so we can still emit a stored block even
+        //     when input comes from standard input.  (This can also be done for
+        //     all blocks if lit_bufsize is not greater than 32K.)
+        //   - if compression is not successful for a file smaller than 64K, we can
+        //     even emit a stored file instead of a stored block (saving 5 bytes).
+        //     This is applicable only for zip (not gzip or zlib).
+        //   - creating new Huffman trees less frequently may not provide fast
+        //     adaptation to changes in the input data statistics. (Take for
+        //     example a binary file with poorly compressible code followed by
+        //     a highly compressible string table.) Smaller buffer sizes give
+        //     fast adaptation but have of course the overhead of transmitting
+        //     trees more frequently.
+        //   - I can't count above 4
+        internal int lit_bufsize;
+
+        internal int last_lit;      // running index in l_buf
+
+        // Buffer for distances. To simplify the code, d_buf and l_buf have
+        // the same number of elements. To use different lengths, an extra flag
+        // array would be necessary.
+
+        internal int d_buf;         // index of pendig_buf
+
+        internal int opt_len;        // bit length of current block with optimal trees
+        internal int static_len;     // bit length of current block with static trees
+        internal int matches;        // number of string matches in current block
+        internal int last_eob_len;   // bit length of EOB code for last block
+
+        // Output buffer. bits are inserted starting at the bottom (least
+        // significant bits).
+        internal uint bi_buf;
+
+        // Number of valid bits in bi_buf.  All bits above the last valid bit
+        // are always zero.
+        internal int bi_valid;
+
+        internal Deflate(){
+            dyn_ltree=new short[HEAP_SIZE*2];
+            dyn_dtree=new short[(2*D_CODES+1)*2]; // distance tree
+            bl_tree=new short[(2*BL_CODES+1)*2];  // Huffman tree for bit lengths
+        }
+
+        internal void lm_init() {
+            window_size=2*w_size;
+
+            head[hash_size-1]=0;
+            for(int i=0; i<hash_size-1; i++){
+                head[i]=0;
+            }
+
+            // Set the default configuration parameters:
+            max_lazy_match   = Deflate.config_table[level].max_lazy;
+            good_match       = Deflate.config_table[level].good_length;
+            nice_match       = Deflate.config_table[level].nice_length;
+            max_chain_length = Deflate.config_table[level].max_chain;
+
+            strstart = 0;
+            block_start = 0;
+            lookahead = 0;
+            match_length = prev_length = MIN_MATCH-1;
+            match_available = 0;
+            ins_h = 0;
+        }
+
+        // Initialize the tree data structures for a new zlib stream.
+        internal void tr_init(){
+
+            l_desc.dyn_tree = dyn_ltree;
+            l_desc.stat_desc = StaticTree.static_l_desc;
+
+            d_desc.dyn_tree = dyn_dtree;
+            d_desc.stat_desc = StaticTree.static_d_desc;
+
+            bl_desc.dyn_tree = bl_tree;
+            bl_desc.stat_desc = StaticTree.static_bl_desc;
+
+            bi_buf = 0;
+            bi_valid = 0;
+            last_eob_len = 8; // enough lookahead for inflate
+
+            // Initialize the first block of the first file:
+            init_block();
+        }
+
+        internal void init_block(){
+            // Initialize the trees.
+            for(int i = 0; i < L_CODES; i++) dyn_ltree[i*2] = 0;
+            for(int i= 0; i < D_CODES; i++) dyn_dtree[i*2] = 0;
+            for(int i= 0; i < BL_CODES; i++) bl_tree[i*2] = 0;
+
+            dyn_ltree[END_BLOCK*2] = 1;
+            opt_len = static_len = 0;
+            last_lit = matches = 0;
+        }
+
+        // Restore the heap property by moving down the tree starting at node k,
+        // exchanging a node with the smallest of its two sons if necessary, stopping
+        // when the heap property is re-established (each father smaller than its
+        // two sons).
+        internal void pqdownheap(short[] tree,  // the tree to restore
+            int k          // node to move down
+            ){
+            int v = heap[k];
+            int j = k << 1;  // left son of k
+            while (j <= heap_len) {
+                // Set j to the smallest of the two sons:
+                if (j < heap_len &&
+                    smaller(tree, heap[j+1], heap[j], depth)){
+                    j++;
+                }
+                // Exit if v is smaller than both sons
+                if(smaller(tree, v, heap[j], depth)) break;
+
+                // Exchange v with the smallest son
+                heap[k]=heap[j];  k = j;
+                // And continue down the tree, setting j to the left son of k
+                j <<= 1;
+            }
+            heap[k] = v;
+        }
+
+        internal static bool smaller(short[] tree, int n, int m, byte[] depth){
+            short tn2=tree[n*2];
+            short tm2=tree[m*2];
+            return (tn2<tm2 ||
+                (tn2==tm2 && depth[n] <= depth[m]));
+        }
+
+        // Scan a literal or distance tree to determine the frequencies of the codes
+        // in the bit length tree.
+        internal void scan_tree (short[] tree,// the tree to be scanned
+            int max_code // and its largest code of non zero frequency
+            ){
+            int n;                     // iterates over all tree elements
+            int prevlen = -1;          // last emitted length
+            int curlen;                // length of current code
+            int nextlen = tree[0*2+1]; // length of next code
+            int count = 0;             // repeat count of the current code
+            int max_count = 7;         // max repeat count
+            int min_count = 4;         // min repeat count
+
+            if (nextlen == 0){ max_count = 138; min_count = 3; }
+            tree[(max_code+1)*2+1] = -1; // guard
+
+            for(n = 0; n <= max_code; n++) {
+                curlen = nextlen; nextlen = tree[(n+1)*2+1];
+                if(++count < max_count && curlen == nextlen) {
+                    continue;
+                }
+                else if(count < min_count) {
+                    bl_tree[curlen*2] += (short)count;
+                }
+                else if(curlen != 0) {
+                    if(curlen != prevlen) bl_tree[curlen*2]++;
+                    bl_tree[REP_3_6*2]++;
+                }
+                else if(count <= 10) {
+                    bl_tree[REPZ_3_10*2]++;
+                }
+                else{
+                    bl_tree[REPZ_11_138*2]++;
+                }
+                count = 0; prevlen = curlen;
+                if(nextlen == 0) {
+                    max_count = 138; min_count = 3;
+                }
+                else if(curlen == nextlen) {
+                    max_count = 6; min_count = 3;
+                }
+                else{
+                    max_count = 7; min_count = 4;
+                }
+            }
+        }
+
+        // Construct the Huffman tree for the bit lengths and return the index in
+        // bl_order of the last bit length code to send.
+        internal int build_bl_tree(){
+            int max_blindex;  // index of last bit length code of non zero freq
+
+            // Determine the bit length frequencies for literal and distance trees
+            scan_tree(dyn_ltree, l_desc.max_code);
+            scan_tree(dyn_dtree, d_desc.max_code);
+
+            // Build the bit length tree:
+            bl_desc.build_tree(this);
+            // opt_len now includes the length of the tree representations, except
+            // the lengths of the bit lengths codes and the 5+5+4 bits for the counts.
+
+            // Determine the number of bit length codes to send. The pkzip format
+            // requires that at least 4 bit length codes be sent. (appnote.txt says
+            // 3 but the actual value used is 4.)
+            for (max_blindex = BL_CODES-1; max_blindex >= 3; max_blindex--) {
+                if (bl_tree[Tree.bl_order[max_blindex]*2+1] != 0) break;
+            }
+            // Update opt_len to include the bit length tree and counts
+            opt_len += 3*(max_blindex+1) + 5+5+4;
+
+            return max_blindex;
+        }
+
+
+        // Send the header for a block using dynamic Huffman trees: the counts, the
+        // lengths of the bit length codes, the literal tree and the distance tree.
+        // IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4.
+        internal void send_all_trees(int lcodes, int dcodes, int blcodes){
+            int rank;                    // index in bl_order
+
+            send_bits(lcodes-257, 5); // not +255 as stated in appnote.txt
+            send_bits(dcodes-1,   5);
+            send_bits(blcodes-4,  4); // not -3 as stated in appnote.txt
+            for (rank = 0; rank < blcodes; rank++) {
+                send_bits(bl_tree[Tree.bl_order[rank]*2+1], 3);
+            }
+            send_tree(dyn_ltree, lcodes-1); // literal tree
+            send_tree(dyn_dtree, dcodes-1); // distance tree
+        }
+
+        // Send a literal or distance tree in compressed form, using the codes in
+        // bl_tree.
+        internal void send_tree (short[] tree,// the tree to be sent
+            int max_code // and its largest code of non zero frequency
+            ){
+            int n;                     // iterates over all tree elements
+            int prevlen = -1;          // last emitted length
+            int curlen;                // length of current code
+            int nextlen = tree[0*2+1]; // length of next code
+            int count = 0;             // repeat count of the current code
+            int max_count = 7;         // max repeat count
+            int min_count = 4;         // min repeat count
+
+            if (nextlen == 0){ max_count = 138; min_count = 3; }
+
+            for (n = 0; n <= max_code; n++) {
+                curlen = nextlen; nextlen = tree[(n+1)*2+1];
+                if(++count < max_count && curlen == nextlen) {
+                    continue;
+                }
+                else if(count < min_count) {
+                    do { send_code(curlen, bl_tree); } while (--count != 0);
+                }
+                else if(curlen != 0){
+                    if(curlen != prevlen){
+                        send_code(curlen, bl_tree); count--;
+                    }
+                    send_code(REP_3_6, bl_tree); 
+                    send_bits(count-3, 2);
+                }
+                else if(count <= 10){
+                    send_code(REPZ_3_10, bl_tree); 
+                    send_bits(count-3, 3);
+                }
+                else{
+                    send_code(REPZ_11_138, bl_tree);
+                    send_bits(count-11, 7);
+                }
+                count = 0; prevlen = curlen;
+                if(nextlen == 0){
+                    max_count = 138; min_count = 3;
+                }
+                else if(curlen == nextlen){
+                    max_count = 6; min_count = 3;
+                }
+                else{
+                    max_count = 7; min_count = 4;
+                }
+            }
+        }
+
+        // Output a byte on the stream.
+        // IN assertion: there is enough room in pending_buf.
+        internal void put_byte(byte[] p, int start, int len){
+            System.Array.Copy(p, start, pending_buf, pending, len);
+            pending+=len;
+        }
+
+        internal void put_byte(byte c){
+            pending_buf[pending++]=c;
+        }
+        internal void put_short(int w) {
+            pending_buf[pending++]=(byte)(w/*&0xff*/);
+            pending_buf[pending++]=(byte)(w>>8);
+        }
+        internal void putShortMSB(int b){
+            pending_buf[pending++]=(byte)(b>>8);
+            pending_buf[pending++]=(byte)(b/*&0xff*/);
+        }   
+
+        internal void send_code(int c, short[] tree){
+            int c2=c*2;
+            send_bits((tree[c2]&0xffff), (tree[c2+1]&0xffff));
+        }
+
+        internal void send_bits(int val, int length){
+            if (bi_valid > Buf_size - length) {
+                bi_buf |= (uint)(val << bi_valid);
+                pending_buf[pending++]=(byte)(bi_buf/*&0xff*/);
+                pending_buf[pending++]=(byte)(bi_buf>>8);
+                bi_buf = ((uint)val) >> (Buf_size - bi_valid);
+                bi_valid += length - Buf_size;
+            } else {
+                bi_buf |= (uint)(val << bi_valid);
+                bi_valid += length;
+            }
+//            int len = length;
+//            if (bi_valid > (int)Buf_size - len) {
+//                int val = value;
+//                //      bi_buf |= (val << bi_valid);
+//                bi_buf = (short)((ushort)bi_buf | (ushort)((val << bi_valid)&0xffff));
+//                put_short(bi_buf);
+//                bi_buf = (short)(((uint)val) >> (Buf_size - bi_valid));
+//                bi_valid += len - Buf_size;
+//            } else {
+//                //      bi_buf |= (value) << bi_valid;
+//                bi_buf = (short)((ushort)bi_buf | (ushort)(((value) << bi_valid)&0xffff));
+//                bi_valid += len;
+//            }
+        }
+
+        // Send one empty static block to give enough lookahead for inflate.
+        // This takes 10 bits, of which 7 may remain in the bit buffer.
+        // The current inflate code requires 9 bits of lookahead. If the
+        // last two codes for the previous block (real code plus EOB) were coded
+        // on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
+        // the last real code. In this case we send two empty static blocks instead
+        // of one. (There are no problems if the previous block is stored or fixed.)
+        // To simplify the code, we assume the worst case of last real code encoded
+        // on one bit only.
+        internal void _tr_align(){
+            send_bits(STATIC_TREES<<1, 3);
+            send_code(END_BLOCK, StaticTree.static_ltree);
+
+            bi_flush();
+
+            // Of the 10 bits for the empty block, we have already sent
+            // (10 - bi_valid) bits. The lookahead for the last real code (before
+            // the EOB of the previous block) was thus at least one plus the length
+            // of the EOB plus what we have just sent of the empty static block.
+            if (1 + last_eob_len + 10 - bi_valid < 9) {
+                send_bits(STATIC_TREES<<1, 3);
+                send_code(END_BLOCK, StaticTree.static_ltree);
+                bi_flush();
+            }
+            last_eob_len = 7;
+        }
+
+
+        // Save the match info and tally the frequency counts. Return true if
+        // the current block must be flushed.
+        internal bool _tr_tally (int dist, // distance of matched string
+            int lc // match length-MIN_MATCH or unmatched char (if dist==0)
+            ){
+
+            pending_buf[d_buf+last_lit*2] = (byte)(dist>>8);
+            pending_buf[d_buf+last_lit*2+1] = (byte)dist;
+
+            pending_buf[l_buf+last_lit] = (byte)lc; last_lit++;
+
+            if (dist == 0) {
+                // lc is the unmatched char
+                dyn_ltree[lc*2]++;
+            } 
+            else {
+                matches++;
+                // Here, lc is the match length - MIN_MATCH
+                dist--;             // dist = match distance - 1
+                dyn_ltree[(Tree._length_code[lc]+LITERALS+1)*2]++;
+                dyn_dtree[Tree.d_code(dist)*2]++;
+            }
+
+            if ((last_lit & 0x1fff) == 0 && level > 2) {
+                // Compute an upper bound for the compressed length
+                int out_length = last_lit*8;
+                int in_length = strstart - block_start;
+                int dcode;
+                for (dcode = 0; dcode < D_CODES; dcode++) {
+                    out_length += (int)((int)dyn_dtree[dcode*2] *
+                        (5L+Tree.extra_dbits[dcode]));
+                }
+                out_length >>= 3;
+                if ((matches < (last_lit/2)) && out_length < in_length/2) return true;
+            }
+
+            return (last_lit == lit_bufsize-1);
+            // We avoid equality with lit_bufsize because of wraparound at 64K
+            // on 16 bit machines and because stored blocks are restricted to
+            // 64K-1 bytes.
+        }
+
+        // Send the block data compressed using the given Huffman trees
+        internal void compress_block(short[] ltree, short[] dtree){
+            int  dist;      // distance of matched string
+            int lc;         // match length or unmatched char (if dist == 0)
+            int lx = 0;     // running index in l_buf
+            int code;       // the code to send
+            int extra;      // number of extra bits to send
+
+            if (last_lit != 0){
+                do{
+                    dist=((pending_buf[d_buf+lx*2]<<8)&0xff00)|
+                        (pending_buf[d_buf+lx*2+1]&0xff);
+                    lc=(pending_buf[l_buf+lx])&0xff; lx++;
+
+                    if(dist == 0){
+                        send_code(lc, ltree); // send a literal byte
+                    } 
+                    else{
+                        // Here, lc is the match length - MIN_MATCH
+                        code = Tree._length_code[lc];
+
+                        send_code(code+LITERALS+1, ltree); // send the length code
+                        extra = Tree.extra_lbits[code];
+                        if(extra != 0){
+                            lc -= Tree.base_length[code];
+                            send_bits(lc, extra);       // send the extra length bits
+                        }
+                        dist--; // dist is now the match distance - 1
+                        code = Tree.d_code(dist);
+
+                        send_code(code, dtree);       // send the distance code
+                        extra = Tree.extra_dbits[code];
+                        if (extra != 0) {
+                            dist -= Tree.base_dist[code];
+                            send_bits(dist, extra);   // send the extra distance bits
+                        }
+                    } // literal or match pair ?
+
+                    // Check that the overlay between pending_buf and d_buf+l_buf is ok:
+                }
+                while (lx < last_lit);
+            }
+
+            send_code(END_BLOCK, ltree);
+            last_eob_len = ltree[END_BLOCK*2+1];
+        }
+
+        // Set the data type to ASCII or BINARY, using a crude approximation:
+        // binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise.
+        // IN assertion: the fields freq of dyn_ltree are set and the total of all
+        // frequencies does not exceed 64K (to fit in an int on 16 bit machines).
+        internal void set_data_type(){
+            int n = 0;
+            int  ascii_freq = 0;
+            int  bin_freq = 0;
+            while(n<7){ bin_freq += dyn_ltree[n*2]; n++;}
+            while(n<128){ ascii_freq += dyn_ltree[n*2]; n++;}
+            while(n<LITERALS){ bin_freq += dyn_ltree[n*2]; n++;}
+            data_type=(byte)(bin_freq > (ascii_freq >> 2) ? Z_BINARY : Z_ASCII);
+        }
+
+        // Flush the bit buffer, keeping at most 7 bits in it.
+        internal void bi_flush(){
+            if (bi_valid == 16) {
+                pending_buf[pending++]=(byte)(bi_buf/*&0xff*/);
+                pending_buf[pending++]=(byte)(bi_buf>>8);
+                bi_buf=0;
+                bi_valid=0;
+            }
+            else if (bi_valid >= 8) {
+                pending_buf[pending++]=(byte)(bi_buf);
+                bi_buf>>=8;
+                bi_buf &= 0x00ff;
+                bi_valid-=8;
+            }
+        }
+
+        // Flush the bit buffer and align the output on a byte boundary
+        internal void bi_windup(){
+            if (bi_valid > 8) {
+                pending_buf[pending++]=(byte)(bi_buf);
+                pending_buf[pending++]=(byte)(bi_buf>>8);
+            } else if (bi_valid > 0) {
+                pending_buf[pending++]=(byte)(bi_buf);
+            }
+            bi_buf = 0;
+            bi_valid = 0;
+        }
+
+        // Copy a stored block, storing first the length and its
+        // one's complement if requested.
+        internal void copy_block(int buf,         // the input data
+            int len,         // its length
+            bool header   // true if block header must be written
+            ){
+            //int index=0;
+            bi_windup();      // align on byte boundary
+            last_eob_len = 8; // enough lookahead for inflate
+
+            if (header) {
+                put_short((short)len);   
+                put_short((short)~len);
+            }
+
+            //  while(len--!=0) {
+            //    put_byte(window[buf+index]);
+            //    index++;
+            //  }
+            put_byte(window, buf, len);
+        }
+
+        internal void flush_block_only(bool eof){
+            _tr_flush_block(block_start>=0 ? block_start : -1,
+                strstart-block_start,
+                eof);
+            block_start=strstart;
+            strm.flush_pending();
+        }
+
+        // Copy without compression as much as possible from the input stream, return
+        // the current block state.
+        // This function does not insert new strings in the dictionary since
+        // uncompressible data is probably not useful. This function is used
+        // only for the level=0 compression option.
+        // NOTE: this function should be optimized to avoid extra copying from
+        // window to pending_buf.
+        internal int deflate_stored(int flush){
+            // Stored blocks are limited to 0xffff bytes, pending_buf is limited
+            // to pending_buf_size, and each stored block has a 5 byte header:
+
+            int max_block_size = 0xffff;
+            int max_start;
+
+            if(max_block_size > pending_buf_size - 5) {
+                max_block_size = pending_buf_size - 5;
+            }
+
+            // Copy as much as possible from input to output:
+            while(true){
+                // Fill the window as much as possible:
+                if(lookahead<=1){
+                    fill_window();
+                    if(lookahead==0 && flush==Z_NO_FLUSH) return NeedMore;
+                    if(lookahead==0) break; // flush the current block
+                }
+
+                strstart+=lookahead;
+                lookahead=0;
+
+                // Emit a stored block if pending_buf will be full:
+                max_start=block_start+max_block_size;
+                if(strstart==0|| strstart>=max_start) {
+                    // strstart == 0 is possible when wraparound on 16-bit machine
+                    lookahead = (int)(strstart-max_start);
+                    strstart = (int)max_start;
+      
+                    flush_block_only(false);
+                    if(strm.avail_out==0) return NeedMore;
+
+                }
+
+                // Flush if we may have to slide, otherwise block_start may become
+                // negative and the data will be gone:
+                if(strstart-block_start >= w_size-MIN_LOOKAHEAD) {
+                    flush_block_only(false);
+                    if(strm.avail_out==0) return NeedMore;
+                }
+            }
+
+            flush_block_only(flush == Z_FINISH);
+            if(strm.avail_out==0)
+                return (flush == Z_FINISH) ? FinishStarted : NeedMore;
+
+            return flush == Z_FINISH ? FinishDone : BlockDone;
+        }
+
+        // Send a stored block
+        internal void _tr_stored_block(int buf,        // input block
+            int stored_len, // length of input block
+            bool eof     // true if this is the last block for a file
+            ){
+            send_bits((STORED_BLOCK<<1)+(eof?1:0), 3);  // send block type
+            copy_block(buf, stored_len, true);          // with header
+        }
+
+        // Determine the best encoding for the current block: dynamic trees, static
+        // trees or store, and output the encoded block to the zip file.
+        internal void _tr_flush_block(int buf,        // input block, or NULL if too old
+            int stored_len, // length of input block
+            bool eof     // true if this is the last block for a file
+            ) {
+            int opt_lenb, static_lenb;// opt_len and static_len in bytes
+            int max_blindex = 0;      // index of last bit length code of non zero freq
+
+            // Build the Huffman trees unless a stored block is forced
+            if(level > 0) {
+                // Check if the file is ascii or binary
+                if(data_type == Z_UNKNOWN) set_data_type();
+
+                // Construct the literal and distance trees
+                l_desc.build_tree(this);
+
+                d_desc.build_tree(this);
+
+                // At this point, opt_len and static_len are the total bit lengths of
+                // the compressed block data, excluding the tree representations.
+
+                // Build the bit length tree for the above two trees, and get the index
+                // in bl_order of the last bit length code to send.
+                max_blindex=build_bl_tree();
+
+                // Determine the best encoding. Compute first the block length in bytes
+                opt_lenb=(opt_len+3+7)>>3;
+                static_lenb=(static_len+3+7)>>3;
+
+                if(static_lenb<=opt_lenb) opt_lenb=static_lenb;
+            }
+            else {
+                opt_lenb=static_lenb=stored_len+5; // force a stored block
+            }
+
+            if(stored_len+4<=opt_lenb && buf != -1){
+                // 4: two words for the lengths
+                // The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE.
+                // Otherwise we can't have processed more than WSIZE input bytes since
+                // the last block flush, because compression would have been
+                // successful. If LIT_BUFSIZE <= WSIZE, it is never too late to
+                // transform a block into a stored block.
+                _tr_stored_block(buf, stored_len, eof);
+            }
+            else if(static_lenb == opt_lenb){
+                send_bits((STATIC_TREES<<1)+(eof?1:0), 3);
+                compress_block(StaticTree.static_ltree, StaticTree.static_dtree);
+            }
+            else{
+                send_bits((DYN_TREES<<1)+(eof?1:0), 3);
+                send_all_trees(l_desc.max_code+1, d_desc.max_code+1, max_blindex+1);
+                compress_block(dyn_ltree, dyn_dtree);
+            }
+
+            // The above check is made mod 2^32, for files larger than 512 MB
+            // and uLong implemented on 32 bits.
+
+            init_block();
+
+            if(eof){
+                bi_windup();
+            }
+        }
+
+        // Fill the window when the lookahead becomes insufficient.
+        // Updates strstart and lookahead.
+        //
+        // IN assertion: lookahead < MIN_LOOKAHEAD
+        // OUT assertions: strstart <= window_size-MIN_LOOKAHEAD
+        //    At least one byte has been read, or avail_in == 0; reads are
+        //    performed for at least two bytes (required for the zip translate_eol
+        //    option -- not supported here).
+        internal void fill_window(){
+            int n, m;
+            int p;
+            int more;    // Amount of free space at the end of the window.
+
+            do{
+                more = (window_size-lookahead-strstart);
+
+                // Deal with !@#$% 64K limit:
+                if(more==0 && strstart==0 && lookahead==0){
+                    more = w_size;
+                } 
+                else if(more==-1) {
+                    // Very unlikely, but possible on 16 bit machine if strstart == 0
+                    // and lookahead == 1 (input done one byte at time)
+                    more--;
+
+                    // If the window is almost full and there is insufficient lookahead,
+                    // move the upper half to the lower one to make room in the upper half.
+                }
+                else if(strstart >= w_size+ w_size-MIN_LOOKAHEAD) {
+                    System.Array.Copy(window, w_size, window, 0, w_size);
+                    match_start-=w_size;
+                    strstart-=w_size; // we now have strstart >= MAX_DIST
+                    block_start-=w_size;
+
+                    // Slide the hash table (could be avoided with 32 bit values
+                    // at the expense of memory usage). We slide even when level == 0
+                    // to keep the hash table consistent if we switch back to level > 0
+                    // later. (Using level 0 permanently is not an optimal usage of
+                    // zlib, so we don't care about this pathological case.)
+
+                    n = hash_size;
+                    p=n;
+                    do {
+                        m = (head[--p]&0xffff);
+                        head[p]=(short)(m>=w_size ? (m-w_size) : 0);
+                    }
+                    while (--n != 0);
+
+                    n = w_size;
+                    p = n;
+                    do {
+                        m = (prev[--p]&0xffff);
+                        prev[p] = (short)(m >= w_size ? (m-w_size) : 0);
+                        // If n is not on any hash chain, prev[n] is garbage but
+                        // its value will never be used.
+                    }
+                    while (--n!=0);
+                    more += w_size;
+                }
+
+                if (strm.avail_in == 0) return;
+
+                // If there was no sliding:
+                //    strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
+                //    more == window_size - lookahead - strstart
+                // => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1)
+                // => more >= window_size - 2*WSIZE + 2
+                // In the BIG_MEM or MMAP case (not yet supported),
+                //   window_size == input_size + MIN_LOOKAHEAD  &&
+                //   strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD.
+                // Otherwise, window_size == 2*WSIZE so more >= 2.
+                // If there was sliding, more >= WSIZE. So in all cases, more >= 2.
+
+                n = strm.read_buf(window, strstart + lookahead, more);
+                lookahead += n;
+
+                // Initialize the hash value now that we have some input:
+                if(lookahead >= MIN_MATCH) {
+                    ins_h = window[strstart]&0xff;
+                    ins_h=(((ins_h)<<hash_shift)^(window[strstart+1]&0xff))&hash_mask;
+                }
+                // If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
+                // but this is not important since only literal bytes will be emitted.
+            }
+            while (lookahead < MIN_LOOKAHEAD && strm.avail_in != 0);
+        }
+
+        // Compress as much as possible from the input stream, return the current
+        // block state.
+        // This function does not perform lazy evaluation of matches and inserts
+        // new strings in the dictionary only for unmatched strings or for short
+        // matches. It is used only for the fast compression options.
+        internal int deflate_fast(int flush){
+            //    short hash_head = 0; // head of the hash chain
+            int hash_head = 0; // head of the hash chain
+            bool bflush;      // set if current block must be flushed
+
+            while(true){
+                // Make sure that we always have enough lookahead, except
+                // at the end of the input file. We need MAX_MATCH bytes
+                // for the next match, plus MIN_MATCH bytes to insert the
+                // string following the next match.
+                if(lookahead < MIN_LOOKAHEAD){
+                    fill_window();
+                    if(lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH){
+                        return NeedMore;
+                    }
+                    if(lookahead == 0) break; // flush the current block
+                }
+
+                // Insert the string window[strstart .. strstart+2] in the
+                // dictionary, and set hash_head to the head of the hash chain:
+                if(lookahead >= MIN_MATCH){
+                    ins_h=(((ins_h)<<hash_shift)^(window[(strstart)+(MIN_MATCH-1)]&0xff))&hash_mask;
+
+                    //  prev[strstart&w_mask]=hash_head=head[ins_h];
+                    hash_head=(head[ins_h]&0xffff);
+                    prev[strstart&w_mask]=head[ins_h];
+                    head[ins_h]=(short)strstart;
+                }
+
+                // Find the longest match, discarding those <= prev_length.
+                // At this point we have always match_length < MIN_MATCH
+
+                if(hash_head!=0L && 
+                    ((strstart-hash_head)&0xffff) <= w_size-MIN_LOOKAHEAD
+                    ){
+                    // To simplify the code, we prevent matches with the string
+                    // of window index 0 (in particular we have to avoid a match
+                    // of the string with itself at the start of the input file).
+                    if(strategy != Z_HUFFMAN_ONLY){
+                        match_length=longest_match (hash_head);
+                    }
+                    // longest_match() sets match_start
+                }
+                if(match_length>=MIN_MATCH){
+                    //        check_match(strstart, match_start, match_length);
+
+                    bflush=_tr_tally(strstart-match_start, match_length-MIN_MATCH);
+
+                    lookahead -= match_length;
+
+                    // Insert new strings in the hash table only if the match length
+                    // is not too large. This saves time but degrades compression.
+                    if(match_length <= max_lazy_match &&
+                        lookahead >= MIN_MATCH) {
+                        match_length--; // string at strstart already in hash table
+                        do{
+                            strstart++;
+
+                            ins_h=((ins_h<<hash_shift)^(window[(strstart)+(MIN_MATCH-1)]&0xff))&hash_mask;
+                            //      prev[strstart&w_mask]=hash_head=head[ins_h];
+                            hash_head=(head[ins_h]&0xffff);
+                            prev[strstart&w_mask]=head[ins_h];
+                            head[ins_h]=(short)strstart;
+
+                            // strstart never exceeds WSIZE-MAX_MATCH, so there are
+                            // always MIN_MATCH bytes ahead.
+                        }
+                        while (--match_length != 0);
+                        strstart++; 
+                    }
+                    else{
+                        strstart += match_length;
+                        match_length = 0;
+                        ins_h = window[strstart]&0xff;
+
+                        ins_h=(((ins_h)<<hash_shift)^(window[strstart+1]&0xff))&hash_mask;
+                        // If lookahead < MIN_MATCH, ins_h is garbage, but it does not
+                        // matter since it will be recomputed at next deflate call.
+                    }
+                }
+                else {
+                    // No match, output a literal byte
+
+                    bflush=_tr_tally(0, window[strstart]&0xff);
+                    lookahead--;
+                    strstart++; 
+                }
+                if (bflush){
+
+                    flush_block_only(false);
+                    if(strm.avail_out==0) return NeedMore;
+                }
+            }
+
+            flush_block_only(flush == Z_FINISH);
+            if(strm.avail_out==0){
+                if(flush == Z_FINISH) return FinishStarted;
+                else return NeedMore;
+            }
+            return flush==Z_FINISH ? FinishDone : BlockDone;
+        }
+
+        // Same as above, but achieves better compression. We use a lazy
+        // evaluation for matches: a match is finally adopted only if there is
+        // no better match at the next window position.
+        internal int deflate_slow(int flush){
+            //    short hash_head = 0;    // head of hash chain
+            int hash_head = 0;    // head of hash chain
+            bool bflush;         // set if current block must be flushed
+
+            // Process the input block.
+            while(true){
+                // Make sure that we always have enough lookahead, except
+                // at the end of the input file. We need MAX_MATCH bytes
+                // for the next match, plus MIN_MATCH bytes to insert the
+                // string following the next match.
+
+                if (lookahead < MIN_LOOKAHEAD) {
+                    fill_window();
+                    if(lookahead < MIN_LOOKAHEAD && flush == Z_NO_FLUSH) {
+                        return NeedMore;
+                    }
+                    if(lookahead == 0) break; // flush the current block
+                }
+
+                // Insert the string window[strstart .. strstart+2] in the
+                // dictionary, and set hash_head to the head of the hash chain:
+
+                if(lookahead >= MIN_MATCH) {
+                    ins_h=(((ins_h)<<hash_shift)^(window[(strstart)+(MIN_MATCH-1)]&0xff)) & hash_mask;
+                    //  prev[strstart&w_mask]=hash_head=head[ins_h];
+                    hash_head=(head[ins_h]&0xffff);
+                    prev[strstart&w_mask]=head[ins_h];
+                    head[ins_h]=(short)strstart;
+                }
+
+                // Find the longest match, discarding those <= prev_length.
+                prev_length = match_length; prev_match = match_start;
+                match_length = MIN_MATCH-1;
+
+                if (hash_head != 0 && prev_length < max_lazy_match &&
+                    ((strstart-hash_head)&0xffff) <= w_size-MIN_LOOKAHEAD
+                    ){
+                    // To simplify the code, we prevent matches with the string
+                    // of window index 0 (in particular we have to avoid a match
+                    // of the string with itself at the start of the input file).
+
+                    if(strategy != Z_HUFFMAN_ONLY) {
+                        match_length = longest_match(hash_head);
+                    }
+                    // longest_match() sets match_start
+
+                    if (match_length <= 5 && (strategy == Z_FILTERED ||
+                        (match_length == MIN_MATCH &&
+                        strstart - match_start > 4096))) {
+
+                        // If prev_match is also MIN_MATCH, match_start is garbage
+                        // but we will ignore the current match anyway.
+                        match_length = MIN_MATCH-1;
+                    }
+                }
+
+                // If there was a match at the previous step and the current
+                // match is not better, output the previous match:
+                if(prev_length >= MIN_MATCH && match_length <= prev_length) {
+                    int max_insert = strstart + lookahead - MIN_MATCH;
+                    // Do not insert strings in hash table beyond this.
+
+                    //          check_match(strstart-1, prev_match, prev_length);
+
+                    bflush=_tr_tally(strstart-1-prev_match, prev_length - MIN_MATCH);
+
+                    // Insert in hash table all strings up to the end of the match.
+                    // strstart-1 and strstart are already inserted. If there is not
+                    // enough lookahead, the last two strings are not inserted in
+                    // the hash table.
+                    lookahead -= prev_length-1;
+                    prev_length -= 2;
+                    do{
+                        if(++strstart <= max_insert) {
+                            ins_h=(((ins_h)<<hash_shift)^(window[(strstart)+(MIN_MATCH-1)]&0xff))&hash_mask;
+                            //prev[strstart&w_mask]=hash_head=head[ins_h];
+                            hash_head=(head[ins_h]&0xffff);
+                            prev[strstart&w_mask]=head[ins_h];
+                            head[ins_h]=(short)strstart;
+                        }
+                    }
+                    while(--prev_length != 0);
+                    match_available = 0;
+                    match_length = MIN_MATCH-1;
+                    strstart++;
+
+                    if (bflush){
+                        flush_block_only(false);
+                        if(strm.avail_out==0) return NeedMore;
+                    }
+                } else if (match_available!=0) {
+
+                    // If there was no match at the previous position, output a
+                    // single literal. If there was a match but the current match
+                    // is longer, truncate the previous match to a single literal.
+
+                    bflush=_tr_tally(0, window[strstart-1]&0xff);
+
+                    if (bflush) {
+                        flush_block_only(false);
+                    }
+                    strstart++;
+                    lookahead--;
+                    if(strm.avail_out == 0) return NeedMore;
+                } else {
+                    // There is no previous match to compare with, wait for
+                    // the next step to decide.
+
+                    match_available = 1;
+                    strstart++;
+                    lookahead--;
+                }
+            }
+
+            if(match_available!=0) {
+                bflush=_tr_tally(0, window[strstart-1]&0xff);
+                match_available = 0;
+            }
+            flush_block_only(flush == Z_FINISH);
+
+            if(strm.avail_out==0){
+                if(flush == Z_FINISH) return FinishStarted;
+                else return NeedMore;
+            }
+
+            return flush == Z_FINISH ? FinishDone : BlockDone;
+        }
+
+        internal int longest_match(int cur_match){
+            int chain_length = max_chain_length; // max hash chain length
+            int scan = strstart;                 // current string
+            int match;                           // matched string
+            int len;                             // length of current match
+            int best_len = prev_length;          // best match length so far
+            int limit = strstart>(w_size-MIN_LOOKAHEAD) ?
+                strstart-(w_size-MIN_LOOKAHEAD) : 0;
+            int nice_match=this.nice_match;
+
+            // Stop when cur_match becomes <= limit. To simplify the code,
+            // we prevent matches with the string of window index 0.
+
+            int wmask = w_mask;
+
+            int strend = strstart + MAX_MATCH;
+            byte scan_end1 = window[scan+best_len-1];
+            byte scan_end = window[scan+best_len];
+
+            // The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16.
+            // It is easy to get rid of this optimization if necessary.
+
+            // Do not waste too much time if we already have a good match:
+            if (prev_length >= good_match) {
+                chain_length >>= 2;
+            }
+
+            // Do not look for matches beyond the end of the input. This is necessary
+            // to make deflate deterministic.
+            if (nice_match > lookahead) nice_match = lookahead;
+
+            do {
+                match = cur_match;
+
+                // Skip to next match if the match length cannot increase
+                // or if the match length is less than 2:
+                if (window[match+best_len]   != scan_end  ||
+                    window[match+best_len-1] != scan_end1 ||
+                    window[match]       != window[scan]     ||
+                    window[++match]     != window[scan+1])      continue;
+
+                // The check at best_len-1 can be removed because it will be made
+                // again later. (This heuristic is not always a win.)
+                // It is not necessary to compare scan[2] and match[2] since they
+                // are always equal when the other bytes match, given that
+                // the hash keys are equal and that HASH_BITS >= 8.
+                scan += 2; match++;
+
+                // We check for insufficient lookahead only every 8th comparison;
+                // the 256th check will be made at strstart+258.
+                do {
+                } while (window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    window[++scan] == window[++match] &&
+                    scan < strend);
+
+                len = MAX_MATCH - (int)(strend - scan);
+                scan = strend - MAX_MATCH;
+
+                if(len>best_len) {
+                    match_start = cur_match;
+                    best_len = len;
+                    if (len >= nice_match) break;
+                    scan_end1  = window[scan+best_len-1];
+                    scan_end   = window[scan+best_len];
+                }
+
+            } while ((cur_match = (prev[cur_match & wmask]&0xffff)) > limit
+                && --chain_length != 0);
+
+            if (best_len <= lookahead) return best_len;
+            return lookahead;
+        }
+    
+        internal int deflateInit(ZStream strm, int level, int bits){
+            return deflateInit2(strm, level, Z_DEFLATED, bits, DEF_MEM_LEVEL,
+                Z_DEFAULT_STRATEGY);
+        }
+        internal int deflateInit(ZStream strm, int level){
+            return deflateInit(strm, level, MAX_WBITS);
+        }
+        internal int deflateInit2(ZStream strm, int level, int method,  int windowBits,
+            int memLevel, int strategy){
+            int noheader = 0;
+            //    byte[] my_version=ZLIB_VERSION;
+
+            //
+            //  if (version == null || version[0] != my_version[0]
+            //  || stream_size != sizeof(z_stream)) {
+            //  return Z_VERSION_ERROR;
+            //  }
+
+            strm.msg = null;
+
+            if (level == Z_DEFAULT_COMPRESSION) level = 6;
+
+            if (windowBits < 0) { // undocumented feature: suppress zlib header
+                noheader = 1;
+                windowBits = -windowBits;
+            }
+
+            if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || 
+                method != Z_DEFLATED ||
+                windowBits < 9 || windowBits > 15 || level < 0 || level > 9 ||
+                strategy < 0 || strategy > Z_HUFFMAN_ONLY) {
+                return Z_STREAM_ERROR;
+            }
+
+            strm.dstate = (Deflate)this;
+
+            this.noheader = noheader;
+            w_bits = windowBits;
+            w_size = 1 << w_bits;
+            w_mask = w_size - 1;
+
+            hash_bits = memLevel + 7;
+            hash_size = 1 << hash_bits;
+            hash_mask = hash_size - 1;
+            hash_shift = ((hash_bits+MIN_MATCH-1)/MIN_MATCH);
+
+            window = new byte[w_size*2];
+            prev = new short[w_size];
+            head = new short[hash_size];
+
+            lit_bufsize = 1 << (memLevel + 6); // 16K elements by default
+
+            // We overlay pending_buf and d_buf+l_buf. This works since the average
+            // output size for (length,distance) codes is <= 24 bits.
+            pending_buf = new byte[lit_bufsize*4];
+            pending_buf_size = lit_bufsize*4;
+
+            d_buf = lit_bufsize/2;
+            l_buf = (1+2)*lit_bufsize;
+
+            this.level = level;
+
+            //System.out.println("level="+level);
+
+            this.strategy = strategy;
+            this.method = (byte)method;
+
+            return deflateReset(strm);
+        }
+
+        internal int deflateReset(ZStream strm){
+            strm.total_in = strm.total_out = 0;
+            strm.msg = null; //
+            strm.data_type = Z_UNKNOWN;
+
+            pending = 0;
+            pending_out = 0;
+
+            if(noheader < 0) {
+                noheader = 0; // was set to -1 by deflate(..., Z_FINISH);
+            }
+            status = (noheader!=0) ? BUSY_STATE : INIT_STATE;
+            strm.adler=strm._adler.adler32(0, null, 0, 0);
+
+            last_flush = Z_NO_FLUSH;
+
+            tr_init();
+            lm_init();
+            return Z_OK;
+        }
+
+        internal int deflateEnd(){
+            if(status!=INIT_STATE && status!=BUSY_STATE && status!=FINISH_STATE){
+                return Z_STREAM_ERROR;
+            }
+            // Deallocate in reverse order of allocations:
+            pending_buf=null;
+            head=null;
+            prev=null;
+            window=null;
+            // free
+            // dstate=null;
+            return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK;
+        }
+
+        internal int deflateParams(ZStream strm, int _level, int _strategy){
+            int err=Z_OK;
+
+            if(_level == Z_DEFAULT_COMPRESSION){
+                _level = 6;
+            }
+            if(_level < 0 || _level > 9 || 
+                _strategy < 0 || _strategy > Z_HUFFMAN_ONLY) {
+                return Z_STREAM_ERROR;
+            }
+
+            if(config_table[level].func!=config_table[_level].func &&
+                strm.total_in != 0) {
+                // Flush the last buffer:
+                err = strm.deflate(Z_PARTIAL_FLUSH);
+            }
+
+            if(level != _level) {
+                level = _level;
+                max_lazy_match   = config_table[level].max_lazy;
+                good_match       = config_table[level].good_length;
+                nice_match       = config_table[level].nice_length;
+                max_chain_length = config_table[level].max_chain;
+            }
+            strategy = _strategy;
+            return err;
+        }
+
+        internal int deflateSetDictionary (ZStream strm, byte[] dictionary, int dictLength){
+            int length = dictLength;
+            int index=0;
+
+            if(dictionary == null || status != INIT_STATE)
+                return Z_STREAM_ERROR;
+
+            strm.adler=strm._adler.adler32(strm.adler, dictionary, 0, dictLength);
+
+            if(length < MIN_MATCH) return Z_OK;
+            if(length > w_size-MIN_LOOKAHEAD){
+                length = w_size-MIN_LOOKAHEAD;
+                index=dictLength-length; // use the tail of the dictionary
+            }
+            System.Array.Copy(dictionary, index, window, 0, length);
+            strstart = length;
+            block_start = length;
+
+            // Insert all strings in the hash table (except for the last two bytes).
+            // s->lookahead stays null, so s->ins_h will be recomputed at the next
+            // call of fill_window.
+
+            ins_h = window[0]&0xff;
+            ins_h=(((ins_h)<<hash_shift)^(window[1]&0xff))&hash_mask;
+
+            for(int n=0; n<=length-MIN_MATCH; n++){
+                ins_h=(((ins_h)<<hash_shift)^(window[(n)+(MIN_MATCH-1)]&0xff))&hash_mask;
+                prev[n&w_mask]=head[ins_h];
+                head[ins_h]=(short)n;
+            }
+            return Z_OK;
+        }
+
+        internal int deflate(ZStream strm, int flush){
+            int old_flush;
+
+            if(flush>Z_FINISH || flush<0){
+                return Z_STREAM_ERROR;
+            }
+
+            if(strm.next_out == null ||
+                (strm.next_in == null && strm.avail_in != 0) ||
+                (status == FINISH_STATE && flush != Z_FINISH)) {
+                strm.msg=z_errmsg[Z_NEED_DICT-(Z_STREAM_ERROR)];
+                return Z_STREAM_ERROR;
+            }
+            if(strm.avail_out == 0){
+                strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)];
+                return Z_BUF_ERROR;
+            }
+
+            this.strm = strm; // just in case
+            old_flush = last_flush;
+            last_flush = flush;
+
+            // Write the zlib header
+            if(status == INIT_STATE) {
+                int header = (Z_DEFLATED+((w_bits-8)<<4))<<8;
+                int level_flags=((level-1)&0xff)>>1;
+
+                if(level_flags>3) level_flags=3;
+                header |= (level_flags<<6);
+                if(strstart!=0) header |= PRESET_DICT;
+                header+=31-(header % 31);
+
+                status=BUSY_STATE;
+                putShortMSB(header);
+
+
+                // Save the adler32 of the preset dictionary:
+                if(strstart!=0){
+                    putShortMSB((int)(strm.adler>>16));
+                    putShortMSB((int)(strm.adler&0xffff));
+                }
+                strm.adler=strm._adler.adler32(0, null, 0, 0);
+            }
+
+            // Flush as much pending output as possible
+            if(pending != 0) {
+                strm.flush_pending();
+                if(strm.avail_out == 0) {
+                    //System.out.println("  avail_out==0");
+                    // Since avail_out is 0, deflate will be called again with
+                    // more output space, but possibly with both pending and
+                    // avail_in equal to zero. There won't be anything to do,
+                    // but this is not an error situation so make sure we
+                    // return OK instead of BUF_ERROR at next call of deflate:
+                    last_flush = -1;
+                    return Z_OK;
+                }
+
+                // Make sure there is something to do and avoid duplicate consecutive
+                // flushes. For repeated and useless calls with Z_FINISH, we keep
+                // returning Z_STREAM_END instead of Z_BUFF_ERROR.
+            }
+            else if(strm.avail_in==0 && flush <= old_flush &&
+                flush != Z_FINISH) {
+                strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)];
+                return Z_BUF_ERROR;
+            }
+
+            // User must not provide more input after the first FINISH:
+            if(status == FINISH_STATE && strm.avail_in != 0) {
+                strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)];
+                return Z_BUF_ERROR;
+            }
+
+            // Start a new block or continue the current one.
+            if(strm.avail_in!=0 || lookahead!=0 ||
+                (flush != Z_NO_FLUSH && status != FINISH_STATE)) {
+                int bstate=-1;
+                switch(config_table[level].func){
+                    case STORED: 
+                        bstate = deflate_stored(flush);
+                        break;
+                    case FAST: 
+                        bstate = deflate_fast(flush);
+                        break;
+                    case SLOW: 
+                        bstate = deflate_slow(flush);
+                        break;
+                    default:
+                        break;
+                }
+
+                if (bstate==FinishStarted || bstate==FinishDone) {
+                    status = FINISH_STATE;
+                }
+                if (bstate==NeedMore || bstate==FinishStarted) {
+                    if(strm.avail_out == 0) {
+                        last_flush = -1; // avoid BUF_ERROR next call, see above
+                    }
+                    return Z_OK;
+                    // If flush != Z_NO_FLUSH && avail_out == 0, the next call
+                    // of deflate should use the same flush parameter to make sure
+                    // that the flush is complete. So we don't have to output an
+                    // empty block here, this will be done at next call. This also
+                    // ensures that for a very small output buffer, we emit at most
+                    // one empty block.
+                }
+
+                if (bstate==BlockDone) {
+                    if(flush == Z_PARTIAL_FLUSH) {
+                        _tr_align();
+                    } 
+                    else { // FULL_FLUSH or SYNC_FLUSH
+                        _tr_stored_block(0, 0, false);
+                        // For a full flush, this empty block will be recognized
+                        // as a special marker by inflate_sync().
+                        if(flush == Z_FULL_FLUSH) {
+                            //state.head[s.hash_size-1]=0;
+                            for(int i=0; i<hash_size/*-1*/; i++)  // forget history
+                                head[i]=0;
+                        }
+                    }
+                    strm.flush_pending();
+                    if(strm.avail_out == 0) {
+                        last_flush = -1; // avoid BUF_ERROR at next call, see above
+                        return Z_OK;
+                    }
+                }
+            }
+
+            if(flush!=Z_FINISH) return Z_OK;
+            if(noheader!=0) return Z_STREAM_END;
+
+            // Write the zlib trailer (adler32)
+            putShortMSB((int)(strm.adler>>16));
+            putShortMSB((int)(strm.adler&0xffff));
+            strm.flush_pending();
+
+            // If avail_out is zero, the application will call deflate again
+            // to flush the rest.
+            noheader = -1; // write the trailer only once!
+            return pending != 0 ? Z_OK : Z_STREAM_END;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/InfBlocks.cs b/bc-sharp-crypto/src/util/zlib/InfBlocks.cs
new file mode 100644
index 0000000..479d9b5
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/InfBlocks.cs
@@ -0,0 +1,618 @@
+using System;
+/*
+ * $Id: InfBlocks.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class InfBlocks{
+        private const int MANY=1440;
+
+        // And'ing with mask[n] masks the lower n bits
+        private static readonly int[] inflate_mask = {
+                                                0x00000000, 0x00000001, 0x00000003, 0x00000007, 0x0000000f,
+                                                0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff,
+                                                0x000003ff, 0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff,
+                                                0x00007fff, 0x0000ffff
+                                            };
+
+        // Table for deflate from PKZIP's appnote.txt.
+        static readonly int[] border = { // Order of the bit length code lengths
+                                  16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15
+                              };
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        private const int TYPE=0;  // get type bits (3, including end bit)
+        private const int LENS=1;  // get lengths for stored
+        private const int STORED=2;// processing stored block
+        private const int TABLE=3; // get table lengths
+        private const int BTREE=4; // get bit lengths tree for a dynamic block
+        private const int DTREE=5; // get length, distance trees for a dynamic block
+        private const int CODES=6; // processing fixed or dynamic block
+        private const int DRY=7;   // output remaining window bytes
+        private const int DONE=8;  // finished last block, done
+        private const int BAD=9;   // ot a data error--stuck here
+
+        internal int mode;            // current inflate_block mode 
+
+        internal int left;            // if STORED, bytes left to copy 
+
+        internal int table;           // table lengths (14 bits) 
+        internal int index;           // index into blens (or border) 
+        internal int[] blens;         // bit lengths of codes 
+        internal int[] bb=new int[1]; // bit length tree depth 
+        internal int[] tb=new int[1]; // bit length decoding tree 
+
+        internal InfCodes codes=new InfCodes();      // if CODES, current state 
+
+        int last;            // true if this block is the last block 
+
+        // mode independent information 
+        internal int bitk;            // bits in bit buffer 
+        internal int bitb;            // bit buffer 
+        internal int[] hufts;         // single malloc for tree space 
+        internal byte[] window;       // sliding window 
+        internal int end;             // one byte after sliding window 
+        internal int read;            // window read pointer 
+        internal int write;           // window write pointer 
+        internal Object checkfn;      // check function 
+        internal long check;          // check on output 
+
+        internal InfTree inftree=new InfTree();
+
+        internal InfBlocks(ZStream z, Object checkfn, int w){
+            hufts=new int[MANY*3];
+            window=new byte[w];
+            end=w;
+            this.checkfn = checkfn;
+            mode = TYPE;
+            reset(z, null);
+        }
+
+        internal void reset(ZStream z, long[] c){
+            if(c!=null) c[0]=check;
+            if(mode==BTREE || mode==DTREE){
+            }
+            if(mode==CODES){
+                codes.free(z);
+            }
+            mode=TYPE;
+            bitk=0;
+            bitb=0;
+            read=write=0;
+
+            if(checkfn != null)
+                z.adler=check=z._adler.adler32(0L, null, 0, 0);
+        }
+
+        internal int proc(ZStream z, int r){
+            int t;              // temporary storage
+            int b;              // bit buffer
+            int k;              // bits in bit buffer
+            int p;              // input data pointer
+            int n;              // bytes available there
+            int q;              // output window write pointer
+            int m; {              // bytes to end of window or read pointer
+
+            // copy input/output information to locals (UPDATE macro restores)
+     p=z.next_in_index;n=z.avail_in;b=bitb;k=bitk;} {
+     q=write;m=(int)(q<read?read-q-1:end-q);}
+
+            // process input based on current state
+            while(true){
+                switch (mode){
+                    case TYPE:
+
+                        while(k<(3)){
+                            if(n!=0){
+                                r=Z_OK;
+                            }
+                            else{
+                                bitb=b; bitk=k; 
+                                z.avail_in=n;
+                                z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                write=q;
+                                return inflate_flush(z,r);
+                            };
+                            n--;
+                            b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+                        t = (int)(b & 7);
+                        last = t & 1;
+
+                    switch (t >> 1){
+                        case 0: {                         // stored 
+           b>>=(3);k-=(3);}
+                            t = k & 7; {                    // go to byte boundary
+
+           b>>=(t);k-=(t);}
+                            mode = LENS;                  // get length of stored block
+                            break;
+                        case 1: {                         // fixed
+                            int[] bl=new int[1];
+                            int[] bd=new int[1];
+                            int[][] tl=new int[1][];
+                            int[][] td=new int[1][];
+
+                            InfTree.inflate_trees_fixed(bl, bd, tl, td, z);
+                            codes.init(bl[0], bd[0], tl[0], 0, td[0], 0, z);
+                        } {
+
+           b>>=(3);k-=(3);}
+
+                            mode = CODES;
+                            break;
+                        case 2: {                         // dynamic
+
+           b>>=(3);k-=(3);}
+
+                            mode = TABLE;
+                            break;
+                        case 3: {                         // illegal
+
+           b>>=(3);k-=(3);}
+                            mode = BAD;
+                            z.msg = "invalid block type";
+                            r = Z_DATA_ERROR;
+
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                    }
+                        break;
+                    case LENS:
+
+                        while(k<(32)){
+                            if(n!=0){
+                                r=Z_OK;
+                            }
+                            else{
+                                bitb=b; bitk=k; 
+                                z.avail_in=n;
+                                z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                write=q;
+                                return inflate_flush(z,r);
+                            };
+                            n--;
+                            b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        if ((((~b) >> 16) & 0xffff) != (b & 0xffff)){
+                            mode = BAD;
+                            z.msg = "invalid stored block lengths";
+                            r = Z_DATA_ERROR;
+
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                        }
+                        left = (b & 0xffff);
+                        b = k = 0;                       // dump bits
+                        mode = left!=0 ? STORED : (last!=0 ? DRY : TYPE);
+                        break;
+                    case STORED:
+                        if (n == 0){
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                        }
+
+                        if(m==0){
+                            if(q==end&&read!=0){
+                                q=0; m=(int)(q<read?read-q-1:end-q);
+                            }
+                            if(m==0){
+                                write=q; 
+                                r=inflate_flush(z,r);
+                                q=write;m=(int)(q<read?read-q-1:end-q);
+                                if(q==end&&read!=0){
+                                    q=0; m=(int)(q<read?read-q-1:end-q);
+                                }
+                                if(m==0){
+                                    bitb=b; bitk=k; 
+                                    z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                    write=q;
+                                    return inflate_flush(z,r);
+                                }
+                            }
+                        }
+                        r=Z_OK;
+
+                        t = left;
+                        if(t>n) t = n;
+                        if(t>m) t = m;
+                        System.Array.Copy(z.next_in, p, window, q, t);
+                        p += t;  n -= t;
+                        q += t;  m -= t;
+                        if ((left -= t) != 0)
+                            break;
+                        mode = last!=0 ? DRY : TYPE;
+                        break;
+                    case TABLE:
+
+                        while(k<(14)){
+                            if(n!=0){
+                                r=Z_OK;
+                            }
+                            else{
+                                bitb=b; bitk=k; 
+                                z.avail_in=n;
+                                z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                write=q;
+                                return inflate_flush(z,r);
+                            };
+                            n--;
+                            b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        table = t = (b & 0x3fff);
+                        if ((t & 0x1f) > 29 || ((t >> 5) & 0x1f) > 29) {
+                            mode = BAD;
+                            z.msg = "too many length or distance symbols";
+                            r = Z_DATA_ERROR;
+
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                        }
+                        t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f);
+                        if(blens==null || blens.Length<t){
+                            blens=new int[t];
+                        }
+                        else{
+                            for(int i=0; i<t; i++){blens[i]=0;}
+                        } {
+
+	 b>>=(14);k-=(14);}
+
+                        index = 0;
+                        mode = BTREE;
+                        goto case BTREE;
+                    case BTREE:
+                        while (index < 4 + (table >> 10)){
+                            while(k<(3)){
+                                if(n!=0){
+                                    r=Z_OK;
+                                }
+                                else{
+                                    bitb=b; bitk=k; 
+                                    z.avail_in=n;
+                                    z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                    write=q;
+                                    return inflate_flush(z,r);
+                                };
+                                n--;
+                                b|=(z.next_in[p++]&0xff)<<k;
+                                k+=8;
+                            }
+
+                            blens[border[index++]] = b&7; {
+
+	   b>>=(3);k-=(3);}
+                        }
+
+                        while(index < 19){
+                            blens[border[index++]] = 0;
+                        }
+
+                        bb[0] = 7;
+                        t = inftree.inflate_trees_bits(blens, bb, tb, hufts, z);
+                        if (t != Z_OK){
+                            r = t;
+                            if (r == Z_DATA_ERROR){
+                                blens=null;
+                                mode = BAD;
+                            }
+
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                        }
+
+                        index = 0;
+                        mode = DTREE;
+                        goto case DTREE;
+                    case DTREE:
+                        while (true){
+                            t = table;
+                            if(!(index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))){
+                                break;
+                            }
+
+                            int i, j, c;
+
+                            t = bb[0];
+
+                            while(k<(t)){
+                                if(n!=0){
+                                    r=Z_OK;
+                                }
+                                else{
+                                    bitb=b; bitk=k; 
+                                    z.avail_in=n;
+                                    z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                    write=q;
+                                    return inflate_flush(z,r);
+                                };
+                                n--;
+                                b|=(z.next_in[p++]&0xff)<<k;
+                                k+=8;
+                            }
+
+                            if(tb[0]==-1){
+                                //System.err.println("null...");
+                            }
+
+                            t=hufts[(tb[0]+(b&inflate_mask[t]))*3+1];
+                            c=hufts[(tb[0]+(b&inflate_mask[t]))*3+2];
+
+                            if (c < 16){
+                                b>>=(t);k-=(t);
+                                blens[index++] = c;
+                            }
+                            else { // c == 16..18
+                                i = c == 18 ? 7 : c - 14;
+                                j = c == 18 ? 11 : 3;
+
+                                while(k<(t+i)){
+                                    if(n!=0){
+                                        r=Z_OK;
+                                    }
+                                    else{
+                                        bitb=b; bitk=k; 
+                                        z.avail_in=n;
+                                        z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                        write=q;
+                                        return inflate_flush(z,r);
+                                    };
+                                    n--;
+                                    b|=(z.next_in[p++]&0xff)<<k;
+                                    k+=8;
+                                }
+
+                                b>>=(t);k-=(t);
+
+                                j += (b & inflate_mask[i]);
+
+                                b>>=(i);k-=(i);
+
+                                i = index;
+                                t = table;
+                                if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) ||
+                                    (c == 16 && i < 1)){
+                                    blens=null;
+                                    mode = BAD;
+                                    z.msg = "invalid bit length repeat";
+                                    r = Z_DATA_ERROR;
+
+                                    bitb=b; bitk=k; 
+                                    z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                    write=q;
+                                    return inflate_flush(z,r);
+                                }
+
+                                c = c == 16 ? blens[i-1] : 0;
+                                do{
+                                    blens[i++] = c;
+                                }
+                                while (--j!=0);
+                                index = i;
+                            }
+                        }
+
+                        tb[0]=-1; {
+                        int[] bl=new int[1];
+                        int[] bd=new int[1];
+                        int[] tl=new int[1];
+                        int[] td=new int[1];
+                        bl[0] = 9;         // must be <= 9 for lookahead assumptions
+                        bd[0] = 6;         // must be <= 9 for lookahead assumptions
+
+                        t = table;
+                        t = inftree.inflate_trees_dynamic(257 + (t & 0x1f), 
+                            1 + ((t >> 5) & 0x1f),
+                            blens, bl, bd, tl, td, hufts, z);
+
+                        if (t != Z_OK){
+                            if (t == Z_DATA_ERROR){
+                                blens=null;
+                                mode = BAD;
+                            }
+                            r = t;
+
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z,r);
+                        }
+                        codes.init(bl[0], bd[0], hufts, tl[0], hufts, td[0], z);
+                    }
+                        mode = CODES;
+                        goto case CODES;
+                    case CODES:
+                        bitb=b; bitk=k;
+                        z.avail_in=n; z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        write=q;
+
+                        if ((r = codes.proc(this, z, r)) != Z_STREAM_END){
+                            return inflate_flush(z, r);
+                        }
+                        r = Z_OK;
+                        codes.free(z);
+
+                        p=z.next_in_index; n=z.avail_in;b=bitb;k=bitk;
+                        q=write;m=(int)(q<read?read-q-1:end-q);
+
+                        if (last==0){
+                            mode = TYPE;
+                            break;
+                        }
+                        mode = DRY;
+                        goto case DRY;
+                    case DRY:
+                        write=q; 
+                        r=inflate_flush(z, r); 
+                        q=write; m=(int)(q<read?read-q-1:end-q);
+                        if (read != write){
+                            bitb=b; bitk=k; 
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            write=q;
+                            return inflate_flush(z, r);
+                        }
+                        mode = DONE;
+                        goto case DONE;
+                    case DONE:
+                        r = Z_STREAM_END;
+
+                        bitb=b; bitk=k; 
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        write=q;
+                        return inflate_flush(z, r);
+                    case BAD:
+                        r = Z_DATA_ERROR;
+
+                        bitb=b; bitk=k; 
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        write=q;
+                        return inflate_flush(z, r);
+
+                    default:
+                        r = Z_STREAM_ERROR;
+
+                        bitb=b; bitk=k; 
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        write=q;
+                        return inflate_flush(z, r);
+                }
+            }
+        }
+
+        internal void free(ZStream z){
+            reset(z, null);
+            window=null;
+            hufts=null;
+            //ZFREE(z, s);
+        }
+
+        internal void set_dictionary(byte[] d, int start, int n){
+            System.Array.Copy(d, start, window, 0, n);
+            read = write = n;
+        }
+
+        // Returns true if inflate is currently at the end of a block generated
+        // by Z_SYNC_FLUSH or Z_FULL_FLUSH. 
+        internal int sync_point(){
+            return mode == LENS ? 1 : 0;
+        }
+
+        // copy as much as possible from the sliding window to the output area
+        internal int inflate_flush(ZStream z, int r){
+            int n;
+            int p;
+            int q;
+
+            // local copies of source and destination pointers
+            p = z.next_out_index;
+            q = read;
+
+            // compute number of bytes to copy as far as end of window
+            n = (int)((q <= write ? write : end) - q);
+            if (n > z.avail_out) n = z.avail_out;
+            if (n!=0 && r == Z_BUF_ERROR) r = Z_OK;
+
+            // update counters
+            z.avail_out -= n;
+            z.total_out += n;
+
+            // update check information
+            if(checkfn != null)
+                z.adler=check=z._adler.adler32(check, window, q, n);
+
+            // copy as far as end of window
+            System.Array.Copy(window, q, z.next_out, p, n);
+            p += n;
+            q += n;
+
+            // see if more to copy at beginning of window
+            if (q == end){
+                // wrap pointers
+                q = 0;
+                if (write == end)
+                    write = 0;
+
+                // compute bytes to copy
+                n = write - q;
+                if (n > z.avail_out) n = z.avail_out;
+                if (n!=0 && r == Z_BUF_ERROR) r = Z_OK;
+
+                // update counters
+                z.avail_out -= n;
+                z.total_out += n;
+
+                // update check information
+                if(checkfn != null)
+                    z.adler=check=z._adler.adler32(check, window, q, n);
+
+                // copy
+                System.Array.Copy(window, q, z.next_out, p, n);
+                p += n;
+                q += n;
+            }
+
+            // update pointers
+            z.next_out_index = p;
+            read = q;
+
+            // done
+            return r;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/InfCodes.cs b/bc-sharp-crypto/src/util/zlib/InfCodes.cs
new file mode 100644
index 0000000..6fcafe4
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/InfCodes.cs
@@ -0,0 +1,611 @@
+using System;
+/*
+ * $Id: InfCodes.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class InfCodes{
+
+        private static readonly int[] inflate_mask = {
+                                                0x00000000, 0x00000001, 0x00000003, 0x00000007, 0x0000000f,
+                                                0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff,
+                                                0x000003ff, 0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff,
+                                                0x00007fff, 0x0000ffff
+                                            };
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        // waiting for "i:"=input,
+        //             "o:"=output,
+        //             "x:"=nothing
+        private const int START=0;  // x: set up for LEN
+        private const int LEN=1;    // i: get length/literal/eob next
+        private const int LENEXT=2; // i: getting length extra (have base)
+        private const int DIST=3;   // i: get distance next
+        private const int DISTEXT=4;// i: getting distance extra
+        private const int COPY=5;   // o: copying bytes in window, waiting for space
+        private const int LIT=6;    // o: got literal, waiting for output space
+        private const int WASH=7;   // o: got eob, possibly still output waiting
+        private const int END=8;    // x: got eob and all data flushed
+        private const int BADCODE=9;// x: got error
+
+        int mode;      // current inflate_codes mode
+
+        // mode dependent information
+        int len;
+
+        int[] tree; // pointer into tree
+        int tree_index=0;
+        int need;   // bits needed
+
+        int lit;
+
+        // if EXT or COPY, where and how much
+        int get;              // bits to get for extra
+        int dist;             // distance back to copy from
+
+        byte lbits;           // ltree bits decoded per branch
+        byte dbits;           // dtree bits decoder per branch
+        int[] ltree;          // literal/length/eob tree
+        int ltree_index;      // literal/length/eob tree
+        int[] dtree;          // distance tree
+        int dtree_index;      // distance tree
+
+        internal InfCodes(){
+        }
+        internal void init(int bl, int bd,
+            int[] tl, int tl_index,
+            int[] td, int td_index, ZStream z){
+            mode=START;
+            lbits=(byte)bl;
+            dbits=(byte)bd;
+            ltree=tl;
+            ltree_index=tl_index;
+            dtree = td;
+            dtree_index=td_index;
+            tree=null;
+        }
+
+        internal int proc(InfBlocks s, ZStream z, int r){ 
+            int j;              // temporary storage
+            int tindex;         // temporary pointer
+            int e;              // extra bits or operation
+            int b=0;            // bit buffer
+            int k=0;            // bits in bit buffer
+            int p=0;            // input data pointer
+            int n;              // bytes available there
+            int q;              // output window write pointer
+            int m;              // bytes to end of window or read pointer
+            int f;              // pointer to copy strings from
+
+            // copy input/output information to locals (UPDATE macro restores)
+            p=z.next_in_index;n=z.avail_in;b=s.bitb;k=s.bitk;
+            q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+            // process input and output based on current state
+            while (true){
+                switch (mode){
+                        // waiting for "i:"=input, "o:"=output, "x:"=nothing
+                    case START:         // x: set up for LEN
+                        if (m >= 258 && n >= 10){
+
+                            s.bitb=b;s.bitk=k;
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            s.write=q;
+                            r = inflate_fast(lbits, dbits, 
+                                ltree, ltree_index, 
+                                dtree, dtree_index,
+                                s, z);
+
+                            p=z.next_in_index;n=z.avail_in;b=s.bitb;k=s.bitk;
+                            q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+                            if (r != Z_OK){
+                                mode = r == Z_STREAM_END ? WASH : BADCODE;
+                                break;
+                            }
+                        }
+                        need = lbits;
+                        tree = ltree;
+                        tree_index=ltree_index;
+
+                        mode = LEN;
+                        goto case LEN;
+                    case LEN:           // i: get length/literal/eob next
+                        j = need;
+
+                        while(k<(j)){
+                            if(n!=0)r=Z_OK;
+                            else{
+
+                                s.bitb=b;s.bitk=k;
+                                z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                s.write=q;
+                                return s.inflate_flush(z,r);
+                            }
+                            n--;
+                            b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        tindex=(tree_index+(b&inflate_mask[j]))*3;
+
+                        b>>=(tree[tindex+1]);
+                        k-=(tree[tindex+1]);
+
+                        e=tree[tindex];
+
+                        if(e == 0){               // literal
+                            lit = tree[tindex+2];
+                            mode = LIT;
+                            break;
+                        }
+                        if((e & 16)!=0 ){          // length
+                            get = e & 15;
+                            len = tree[tindex+2];
+                            mode = LENEXT;
+                            break;
+                        }
+                        if ((e & 64) == 0){        // next table
+                            need = e;
+                            tree_index = tindex/3+tree[tindex+2];
+                            break;
+                        }
+                        if ((e & 32)!=0){               // end of block
+                            mode = WASH;
+                            break;
+                        }
+                        mode = BADCODE;        // invalid code
+                        z.msg = "invalid literal/length code";
+                        r = Z_DATA_ERROR;
+
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+                        return s.inflate_flush(z,r);
+
+                    case LENEXT:        // i: getting length extra (have base)
+                        j = get;
+
+                        while(k<(j)){
+                            if(n!=0)r=Z_OK;
+                            else{
+
+                                s.bitb=b;s.bitk=k;
+                                z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                s.write=q;
+                                return s.inflate_flush(z,r);
+                            }
+                            n--; b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        len += (b & inflate_mask[j]);
+
+                        b>>=j;
+                        k-=j;
+
+                        need = dbits;
+                        tree = dtree;
+                        tree_index=dtree_index;
+                        mode = DIST;
+                        goto case DIST;
+                    case DIST:          // i: get distance next
+                        j = need;
+
+                        while(k<(j)){
+                            if(n!=0)r=Z_OK;
+                            else{
+
+                                s.bitb=b;s.bitk=k;
+                                z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                s.write=q;
+                                return s.inflate_flush(z,r);
+                            }
+                            n--; b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        tindex=(tree_index+(b & inflate_mask[j]))*3;
+
+                        b>>=tree[tindex+1];
+                        k-=tree[tindex+1];
+
+                        e = (tree[tindex]);
+                        if((e & 16)!=0){               // distance
+                            get = e & 15;
+                            dist = tree[tindex+2];
+                            mode = DISTEXT;
+                            break;
+                        }
+                        if ((e & 64) == 0){        // next table
+                            need = e;
+                            tree_index = tindex/3 + tree[tindex+2];
+                            break;
+                        }
+                        mode = BADCODE;        // invalid code
+                        z.msg = "invalid distance code";
+                        r = Z_DATA_ERROR;
+
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+                        return s.inflate_flush(z,r);
+
+                    case DISTEXT:       // i: getting distance extra
+                        j = get;
+
+                        while(k<(j)){
+                            if(n!=0)r=Z_OK;
+                            else{
+
+                                s.bitb=b;s.bitk=k;
+                                z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                s.write=q;
+                                return s.inflate_flush(z,r);
+                            }
+                            n--; b|=(z.next_in[p++]&0xff)<<k;
+                            k+=8;
+                        }
+
+                        dist += (b & inflate_mask[j]);
+
+                        b>>=j;
+                        k-=j;
+
+                        mode = COPY;
+                        goto case COPY;
+                    case COPY:          // o: copying bytes in window, waiting for space
+                        f = q - dist;
+                        while(f < 0){     // modulo window size-"while" instead
+                            f += s.end;     // of "if" handles invalid distances
+                        }
+                        while (len!=0){
+
+                            if(m==0){
+                                if(q==s.end&&s.read!=0){q=0;m=q<s.read?s.read-q-1:s.end-q;}
+                                if(m==0){
+                                    s.write=q; r=s.inflate_flush(z,r);
+                                    q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+                                    if(q==s.end&&s.read!=0){q=0;m=q<s.read?s.read-q-1:s.end-q;}
+
+                                    if(m==0){
+                                        s.bitb=b;s.bitk=k;
+                                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                        s.write=q;
+                                        return s.inflate_flush(z,r);
+                                    }  
+                                }
+                            }
+
+                            s.window[q++]=s.window[f++]; m--;
+
+                            if (f == s.end)
+                                f = 0;
+                            len--;
+                        }
+                        mode = START;
+                        break;
+                    case LIT:           // o: got literal, waiting for output space
+                        if(m==0){
+                            if(q==s.end&&s.read!=0){q=0;m=q<s.read?s.read-q-1:s.end-q;}
+                            if(m==0){
+                                s.write=q; r=s.inflate_flush(z,r);
+                                q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+                                if(q==s.end&&s.read!=0){q=0;m=q<s.read?s.read-q-1:s.end-q;}
+                                if(m==0){
+                                    s.bitb=b;s.bitk=k;
+                                    z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                    s.write=q;
+                                    return s.inflate_flush(z,r);
+                                }
+                            }
+                        }
+                        r=Z_OK;
+
+                        s.window[q++]=(byte)lit; m--;
+
+                        mode = START;
+                        break;
+                    case WASH:           // o: got eob, possibly more output
+                        if (k > 7){        // return unused byte, if any
+                            k -= 8;
+                            n++;
+                            p--;             // can always return one
+                        }
+
+                        s.write=q; r=s.inflate_flush(z,r);
+                        q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+                        if (s.read != s.write){
+                            s.bitb=b;s.bitk=k;
+                            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                            s.write=q;
+                            return s.inflate_flush(z,r);
+                        }
+                        mode = END;
+                        goto case END;
+                    case END:
+                        r = Z_STREAM_END;
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+                        return s.inflate_flush(z,r);
+
+                    case BADCODE:       // x: got error
+
+                        r = Z_DATA_ERROR;
+
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+                        return s.inflate_flush(z,r);
+
+                    default:
+                        r = Z_STREAM_ERROR;
+
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+                        return s.inflate_flush(z,r);
+                }
+            }
+        }
+
+        internal void free(ZStream z){
+            //  ZFREE(z, c);
+        }
+
+        // Called with number of bytes left to write in window at least 258
+        // (the maximum string length) and number of input bytes available
+        // at least ten.  The ten bytes are six bytes for the longest length/
+        // distance pair plus four bytes for overloading the bit buffer.
+
+        internal int inflate_fast(int bl, int bd, 
+            int[] tl, int tl_index,
+            int[] td, int td_index,
+            InfBlocks s, ZStream z){
+            int t;                // temporary pointer
+            int[] tp;             // temporary pointer
+            int tp_index;         // temporary pointer
+            int e;                // extra bits or operation
+            int b;                // bit buffer
+            int k;                // bits in bit buffer
+            int p;                // input data pointer
+            int n;                // bytes available there
+            int q;                // output window write pointer
+            int m;                // bytes to end of window or read pointer
+            int ml;               // mask for literal/length tree
+            int md;               // mask for distance tree
+            int c;                // bytes to copy
+            int d;                // distance back to copy from
+            int r;                // copy source pointer
+
+            int tp_index_t_3;     // (tp_index+t)*3
+
+            // load input, output, bit values
+            p=z.next_in_index;n=z.avail_in;b=s.bitb;k=s.bitk;
+            q=s.write;m=q<s.read?s.read-q-1:s.end-q;
+
+            // initialize masks
+            ml = inflate_mask[bl];
+            md = inflate_mask[bd];
+
+            // do until not enough input or output space for fast loop
+            do {                          // assume called with m >= 258 && n >= 10
+                // get literal/length code
+            while(k<(20)){              // max bits for literal/length code
+                n--;
+                b|=(z.next_in[p++]&0xff)<<k;k+=8;
+            }
+
+                t= b&ml;
+                tp=tl; 
+                tp_index=tl_index;
+                tp_index_t_3=(tp_index+t)*3;
+                if ((e = tp[tp_index_t_3]) == 0){
+                    b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]);
+
+                    s.window[q++] = (byte)tp[tp_index_t_3+2];
+                    m--;
+                    continue;
+                }
+                do {
+
+                    b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]);
+
+                    if((e&16)!=0){
+                        e &= 15;
+                        c = tp[tp_index_t_3+2] + ((int)b & inflate_mask[e]);
+
+                        b>>=e; k-=e;
+
+                        // decode distance base of block to copy
+                        while(k<(15)){           // max bits for distance code
+                            n--;
+                            b|=(z.next_in[p++]&0xff)<<k;k+=8;
+                        }
+
+                        t= b&md;
+                        tp=td;
+                        tp_index=td_index;
+                        tp_index_t_3=(tp_index+t)*3;
+                        e = tp[tp_index_t_3];
+
+                        do {
+
+                            b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]);
+
+                            if((e&16)!=0){
+                                // get extra bits to add to distance base
+                                e &= 15;
+                                while(k<(e)){         // get extra bits (up to 13)
+                                    n--;
+                                    b|=(z.next_in[p++]&0xff)<<k;k+=8;
+                                }
+
+                                d = tp[tp_index_t_3+2] + (b&inflate_mask[e]);
+
+                                b>>=(e); k-=(e);
+
+                                // do the copy
+                                m -= c;
+                                if (q >= d){                // offset before dest
+                                    //  just copy
+                                    r=q-d;
+                                    if(q-r>0 && 2>(q-r)){           
+                                        s.window[q++]=s.window[r++]; // minimum count is three,
+                                        s.window[q++]=s.window[r++]; // so unroll loop a little
+                                        c-=2;
+                                    }
+                                    else{
+                                        System.Array.Copy(s.window, r, s.window, q, 2);
+                                        q+=2; r+=2; c-=2;
+                                    }
+                                }
+                                else{                  // else offset after destination
+                                    r=q-d;
+                                    do{
+                                        r+=s.end;          // force pointer in window
+                                    }while(r<0);         // covers invalid distances
+                                    e=s.end-r;
+                                    if(c>e){             // if source crosses,
+                                        c-=e;              // wrapped copy
+                                        if(q-r>0 && e>(q-r)){           
+                                            do{s.window[q++] = s.window[r++];}
+                                            while(--e!=0);
+                                        }
+                                        else{
+                                            System.Array.Copy(s.window, r, s.window, q, e);
+                                            q+=e; r+=e; e=0;
+                                        }
+                                        r = 0;                  // copy rest from start of window
+                                    }
+
+                                }
+
+                                // copy all or what's left
+                                if(q-r>0 && c>(q-r)){           
+                                    do{s.window[q++] = s.window[r++];}
+                                    while(--c!=0);
+                                }
+                                else{
+                                    System.Array.Copy(s.window, r, s.window, q, c);
+                                    q+=c; r+=c; c=0;
+                                }
+                                break;
+                            }
+                            else if((e&64)==0){
+                                t+=tp[tp_index_t_3+2];
+                                t+=(b&inflate_mask[e]);
+                                tp_index_t_3=(tp_index+t)*3;
+                                e=tp[tp_index_t_3];
+                            }
+                            else{
+                                z.msg = "invalid distance code";
+
+                                c=z.avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;
+
+                                s.bitb=b;s.bitk=k;
+                                z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                                s.write=q;
+
+                                return Z_DATA_ERROR;
+                            }
+                        }
+                        while(true);
+                        break;
+                    }
+
+                    if((e&64)==0){
+                        t+=tp[tp_index_t_3+2];
+                        t+=(b&inflate_mask[e]);
+                        tp_index_t_3=(tp_index+t)*3;
+                        if((e=tp[tp_index_t_3])==0){
+
+                            b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]);
+
+                            s.window[q++]=(byte)tp[tp_index_t_3+2];
+                            m--;
+                            break;
+                        }
+                    }
+                    else if((e&32)!=0){
+
+                        c=z.avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;
+ 
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+
+                        return Z_STREAM_END;
+                    }
+                    else{
+                        z.msg="invalid literal/length code";
+
+                        c=z.avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;
+
+                        s.bitb=b;s.bitk=k;
+                        z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+                        s.write=q;
+
+                        return Z_DATA_ERROR;
+                    }
+                } 
+                while(true);
+            } 
+            while(m>=258 && n>= 10);
+
+            // not enough input or output--restore pointers and return
+            c=z.avail_in-n;c=(k>>3)<c?k>>3:c;n+=c;p-=c;k-=c<<3;
+
+            s.bitb=b;s.bitk=k;
+            z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p;
+            s.write=q;
+
+            return Z_OK;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/InfTree.cs b/bc-sharp-crypto/src/util/zlib/InfTree.cs
new file mode 100644
index 0000000..6ed7d19
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/InfTree.cs
@@ -0,0 +1,523 @@
+using System;
+/*
+ * $Id: InfTree.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class InfTree{
+
+        private const int MANY=1440;
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        private const int fixed_bl = 9;
+        private const int fixed_bd = 5;
+
+		static readonly int[] fixed_tl = {
+                                    96,7,256, 0,8,80, 0,8,16, 84,8,115,
+                                    82,7,31, 0,8,112, 0,8,48, 0,9,192,
+                                    80,7,10, 0,8,96, 0,8,32, 0,9,160,
+                                    0,8,0, 0,8,128, 0,8,64, 0,9,224,
+                                    80,7,6, 0,8,88, 0,8,24, 0,9,144,
+                                    83,7,59, 0,8,120, 0,8,56, 0,9,208,
+                                    81,7,17, 0,8,104, 0,8,40, 0,9,176,
+                                    0,8,8, 0,8,136, 0,8,72, 0,9,240,
+                                    80,7,4, 0,8,84, 0,8,20, 85,8,227,
+                                    83,7,43, 0,8,116, 0,8,52, 0,9,200,
+                                    81,7,13, 0,8,100, 0,8,36, 0,9,168,
+                                    0,8,4, 0,8,132, 0,8,68, 0,9,232,
+                                    80,7,8, 0,8,92, 0,8,28, 0,9,152,
+                                    84,7,83, 0,8,124, 0,8,60, 0,9,216,
+                                    82,7,23, 0,8,108, 0,8,44, 0,9,184,
+                                    0,8,12, 0,8,140, 0,8,76, 0,9,248,
+                                    80,7,3, 0,8,82, 0,8,18, 85,8,163,
+                                    83,7,35, 0,8,114, 0,8,50, 0,9,196,
+                                    81,7,11, 0,8,98, 0,8,34, 0,9,164,
+                                    0,8,2, 0,8,130, 0,8,66, 0,9,228,
+                                    80,7,7, 0,8,90, 0,8,26, 0,9,148,
+                                    84,7,67, 0,8,122, 0,8,58, 0,9,212,
+                                    82,7,19, 0,8,106, 0,8,42, 0,9,180,
+                                    0,8,10, 0,8,138, 0,8,74, 0,9,244,
+                                    80,7,5, 0,8,86, 0,8,22, 192,8,0,
+                                    83,7,51, 0,8,118, 0,8,54, 0,9,204,
+                                    81,7,15, 0,8,102, 0,8,38, 0,9,172,
+                                    0,8,6, 0,8,134, 0,8,70, 0,9,236,
+                                    80,7,9, 0,8,94, 0,8,30, 0,9,156,
+                                    84,7,99, 0,8,126, 0,8,62, 0,9,220,
+                                    82,7,27, 0,8,110, 0,8,46, 0,9,188,
+                                    0,8,14, 0,8,142, 0,8,78, 0,9,252,
+                                    96,7,256, 0,8,81, 0,8,17, 85,8,131,
+                                    82,7,31, 0,8,113, 0,8,49, 0,9,194,
+                                    80,7,10, 0,8,97, 0,8,33, 0,9,162,
+                                    0,8,1, 0,8,129, 0,8,65, 0,9,226,
+                                    80,7,6, 0,8,89, 0,8,25, 0,9,146,
+                                    83,7,59, 0,8,121, 0,8,57, 0,9,210,
+                                    81,7,17, 0,8,105, 0,8,41, 0,9,178,
+                                    0,8,9, 0,8,137, 0,8,73, 0,9,242,
+                                    80,7,4, 0,8,85, 0,8,21, 80,8,258,
+                                    83,7,43, 0,8,117, 0,8,53, 0,9,202,
+                                    81,7,13, 0,8,101, 0,8,37, 0,9,170,
+                                    0,8,5, 0,8,133, 0,8,69, 0,9,234,
+                                    80,7,8, 0,8,93, 0,8,29, 0,9,154,
+                                    84,7,83, 0,8,125, 0,8,61, 0,9,218,
+                                    82,7,23, 0,8,109, 0,8,45, 0,9,186,
+                                    0,8,13, 0,8,141, 0,8,77, 0,9,250,
+                                    80,7,3, 0,8,83, 0,8,19, 85,8,195,
+                                    83,7,35, 0,8,115, 0,8,51, 0,9,198,
+                                    81,7,11, 0,8,99, 0,8,35, 0,9,166,
+                                    0,8,3, 0,8,131, 0,8,67, 0,9,230,
+                                    80,7,7, 0,8,91, 0,8,27, 0,9,150,
+                                    84,7,67, 0,8,123, 0,8,59, 0,9,214,
+                                    82,7,19, 0,8,107, 0,8,43, 0,9,182,
+                                    0,8,11, 0,8,139, 0,8,75, 0,9,246,
+                                    80,7,5, 0,8,87, 0,8,23, 192,8,0,
+                                    83,7,51, 0,8,119, 0,8,55, 0,9,206,
+                                    81,7,15, 0,8,103, 0,8,39, 0,9,174,
+                                    0,8,7, 0,8,135, 0,8,71, 0,9,238,
+                                    80,7,9, 0,8,95, 0,8,31, 0,9,158,
+                                    84,7,99, 0,8,127, 0,8,63, 0,9,222,
+                                    82,7,27, 0,8,111, 0,8,47, 0,9,190,
+                                    0,8,15, 0,8,143, 0,8,79, 0,9,254,
+                                    96,7,256, 0,8,80, 0,8,16, 84,8,115,
+                                    82,7,31, 0,8,112, 0,8,48, 0,9,193,
+
+                                    80,7,10, 0,8,96, 0,8,32, 0,9,161,
+                                    0,8,0, 0,8,128, 0,8,64, 0,9,225,
+                                    80,7,6, 0,8,88, 0,8,24, 0,9,145,
+                                    83,7,59, 0,8,120, 0,8,56, 0,9,209,
+                                    81,7,17, 0,8,104, 0,8,40, 0,9,177,
+                                    0,8,8, 0,8,136, 0,8,72, 0,9,241,
+                                    80,7,4, 0,8,84, 0,8,20, 85,8,227,
+                                    83,7,43, 0,8,116, 0,8,52, 0,9,201,
+                                    81,7,13, 0,8,100, 0,8,36, 0,9,169,
+                                    0,8,4, 0,8,132, 0,8,68, 0,9,233,
+                                    80,7,8, 0,8,92, 0,8,28, 0,9,153,
+                                    84,7,83, 0,8,124, 0,8,60, 0,9,217,
+                                    82,7,23, 0,8,108, 0,8,44, 0,9,185,
+                                    0,8,12, 0,8,140, 0,8,76, 0,9,249,
+                                    80,7,3, 0,8,82, 0,8,18, 85,8,163,
+                                    83,7,35, 0,8,114, 0,8,50, 0,9,197,
+                                    81,7,11, 0,8,98, 0,8,34, 0,9,165,
+                                    0,8,2, 0,8,130, 0,8,66, 0,9,229,
+                                    80,7,7, 0,8,90, 0,8,26, 0,9,149,
+                                    84,7,67, 0,8,122, 0,8,58, 0,9,213,
+                                    82,7,19, 0,8,106, 0,8,42, 0,9,181,
+                                    0,8,10, 0,8,138, 0,8,74, 0,9,245,
+                                    80,7,5, 0,8,86, 0,8,22, 192,8,0,
+                                    83,7,51, 0,8,118, 0,8,54, 0,9,205,
+                                    81,7,15, 0,8,102, 0,8,38, 0,9,173,
+                                    0,8,6, 0,8,134, 0,8,70, 0,9,237,
+                                    80,7,9, 0,8,94, 0,8,30, 0,9,157,
+                                    84,7,99, 0,8,126, 0,8,62, 0,9,221,
+                                    82,7,27, 0,8,110, 0,8,46, 0,9,189,
+                                    0,8,14, 0,8,142, 0,8,78, 0,9,253,
+                                    96,7,256, 0,8,81, 0,8,17, 85,8,131,
+                                    82,7,31, 0,8,113, 0,8,49, 0,9,195,
+                                    80,7,10, 0,8,97, 0,8,33, 0,9,163,
+                                    0,8,1, 0,8,129, 0,8,65, 0,9,227,
+                                    80,7,6, 0,8,89, 0,8,25, 0,9,147,
+                                    83,7,59, 0,8,121, 0,8,57, 0,9,211,
+                                    81,7,17, 0,8,105, 0,8,41, 0,9,179,
+                                    0,8,9, 0,8,137, 0,8,73, 0,9,243,
+                                    80,7,4, 0,8,85, 0,8,21, 80,8,258,
+                                    83,7,43, 0,8,117, 0,8,53, 0,9,203,
+                                    81,7,13, 0,8,101, 0,8,37, 0,9,171,
+                                    0,8,5, 0,8,133, 0,8,69, 0,9,235,
+                                    80,7,8, 0,8,93, 0,8,29, 0,9,155,
+                                    84,7,83, 0,8,125, 0,8,61, 0,9,219,
+                                    82,7,23, 0,8,109, 0,8,45, 0,9,187,
+                                    0,8,13, 0,8,141, 0,8,77, 0,9,251,
+                                    80,7,3, 0,8,83, 0,8,19, 85,8,195,
+                                    83,7,35, 0,8,115, 0,8,51, 0,9,199,
+                                    81,7,11, 0,8,99, 0,8,35, 0,9,167,
+                                    0,8,3, 0,8,131, 0,8,67, 0,9,231,
+                                    80,7,7, 0,8,91, 0,8,27, 0,9,151,
+                                    84,7,67, 0,8,123, 0,8,59, 0,9,215,
+                                    82,7,19, 0,8,107, 0,8,43, 0,9,183,
+                                    0,8,11, 0,8,139, 0,8,75, 0,9,247,
+                                    80,7,5, 0,8,87, 0,8,23, 192,8,0,
+                                    83,7,51, 0,8,119, 0,8,55, 0,9,207,
+                                    81,7,15, 0,8,103, 0,8,39, 0,9,175,
+                                    0,8,7, 0,8,135, 0,8,71, 0,9,239,
+                                    80,7,9, 0,8,95, 0,8,31, 0,9,159,
+                                    84,7,99, 0,8,127, 0,8,63, 0,9,223,
+                                    82,7,27, 0,8,111, 0,8,47, 0,9,191,
+                                    0,8,15, 0,8,143, 0,8,79, 0,9,255
+                                };
+        static readonly int[] fixed_td = {
+                                    80,5,1, 87,5,257, 83,5,17, 91,5,4097,
+                                    81,5,5, 89,5,1025, 85,5,65, 93,5,16385,
+                                    80,5,3, 88,5,513, 84,5,33, 92,5,8193,
+                                    82,5,9, 90,5,2049, 86,5,129, 192,5,24577,
+                                    80,5,2, 87,5,385, 83,5,25, 91,5,6145,
+                                    81,5,7, 89,5,1537, 85,5,97, 93,5,24577,
+                                    80,5,4, 88,5,769, 84,5,49, 92,5,12289,
+                                    82,5,13, 90,5,3073, 86,5,193, 192,5,24577
+                                };
+
+        // Tables for deflate from PKZIP's appnote.txt.
+        static readonly int[] cplens = { // Copy lengths for literal codes 257..285
+                                  3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31,
+                                  35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0
+                              };
+
+        // see note #13 above about 258
+        static readonly int[] cplext = { // Extra bits for literal codes 257..285
+                                  0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2,
+                                  3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112  // 112==invalid
+                              };
+
+        static readonly int[] cpdist = { // Copy offsets for distance codes 0..29
+                                  1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
+                                  257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
+                                  8193, 12289, 16385, 24577
+                              };
+
+        static readonly int[] cpdext = { // Extra bits for distance codes
+                                  0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6,
+                                  7, 7, 8, 8, 9, 9, 10, 10, 11, 11,
+                                  12, 12, 13, 13};
+
+        // If BMAX needs to be larger than 16, then h and x[] should be uLong.
+        const int BMAX=15;         // maximum bit length of any code
+
+        int[] hn = null;  // hufts used in space
+        int[] v = null;   // work area for huft_build 
+        int[] c = null;   // bit length count table
+        int[] r = null;   // table entry for structure assignment
+        int[] u = null;   // table stack
+        int[] x = null;   // bit offsets, then code stack
+
+        private int huft_build(int[] b, // code lengths in bits (all assumed <= BMAX)
+            int bindex, 
+            int n,   // number of codes (assumed <= 288)
+            int s,   // number of simple-valued codes (0..s-1)
+            int[] d, // list of base values for non-simple codes
+            int[] e, // list of extra bits for non-simple codes
+            int[] t, // result: starting table
+            int[] m, // maximum lookup bits, returns actual
+            int[] hp,// space for trees
+            int[] hn,// hufts used in space
+            int[] v  // working area: values in order of bit length
+            ){
+            // Given a list of code lengths and a maximum table size, make a set of
+            // tables to decode that set of codes.  Return Z_OK on success, Z_BUF_ERROR
+            // if the given code set is incomplete (the tables are still built in this
+            // case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of
+            // lengths), or Z_MEM_ERROR if not enough memory.
+
+            int a;                       // counter for codes of length k
+            int f;                       // i repeats in table every f entries
+            int g;                       // maximum code length
+            int h;                       // table level
+            int i;                       // counter, current code
+            int j;                       // counter
+            int k;                       // number of bits in current code
+            int l;                       // bits per table (returned in m)
+            int mask;                    // (1 << w) - 1, to avoid cc -O bug on HP
+            int p;                       // pointer into c[], b[], or v[]
+            int q;                       // points to current table
+            int w;                       // bits before this table == (l * h)
+            int xp;                      // pointer into x
+            int y;                       // number of dummy codes added
+            int z;                       // number of entries in current table
+
+            // Generate counts for each bit length
+
+            p = 0; i = n;
+            do {
+                c[b[bindex+p]]++; p++; i--;   // assume all entries <= BMAX
+            }while(i!=0);
+
+            if(c[0] == n){                // null input--all zero length codes
+                t[0] = -1;
+                m[0] = 0;
+                return Z_OK;
+            }
+
+            // Find minimum and maximum length, bound *m by those
+            l = m[0];
+            for (j = 1; j <= BMAX; j++)
+                if(c[j]!=0) break;
+            k = j;                        // minimum code length
+            if(l < j){
+                l = j;
+            }
+            for (i = BMAX; i!=0; i--){
+                if(c[i]!=0) break;
+            }
+            g = i;                        // maximum code length
+            if(l > i){
+                l = i;
+            }
+            m[0] = l;
+
+            // Adjust last length count to fill out codes, if needed
+            for (y = 1 << j; j < i; j++, y <<= 1){
+                if ((y -= c[j]) < 0){
+                    return Z_DATA_ERROR;
+                }
+            }
+            if ((y -= c[i]) < 0){
+                return Z_DATA_ERROR;
+            }
+            c[i] += y;
+
+            // Generate starting offsets into the value table for each length
+            x[1] = j = 0;
+            p = 1;  xp = 2;
+            while (--i!=0) {                 // note that i == g from above
+                x[xp] = (j += c[p]);
+                xp++;
+                p++;
+            }
+
+            // Make a table of values in order of bit lengths
+            i = 0; p = 0;
+            do {
+                if ((j = b[bindex+p]) != 0){
+                    v[x[j]++] = i;
+                }
+                p++;
+            }
+            while (++i < n);
+            n = x[g];                     // set n to length of v
+
+            // Generate the Huffman codes and for each, make the table entries
+            x[0] = i = 0;                 // first Huffman code is zero
+            p = 0;                        // grab values in bit order
+            h = -1;                       // no tables yet--level -1
+            w = -l;                       // bits decoded == (l * h)
+            u[0] = 0;                     // just to keep compilers happy
+            q = 0;                        // ditto
+            z = 0;                        // ditto
+
+            // go through the bit lengths (k already is bits in shortest code)
+            for (; k <= g; k++){
+                a = c[k];
+                while (a--!=0){
+                    // here i is the Huffman code of length k bits for value *p
+                    // make tables up to required level
+                    while (k > w + l){
+                        h++;
+                        w += l;                 // previous table always l bits
+                        // compute minimum size table less than or equal to l bits
+                        z = g - w;
+                        z = (z > l) ? l : z;        // table size upper limit
+                        if((f=1<<(j=k-w))>a+1){     // try a k-w bit table
+                            // too few codes for k-w bit table
+                            f -= a + 1;               // deduct codes from patterns left
+                            xp = k;
+                            if(j < z){
+                                while (++j < z){        // try smaller tables up to z bits
+                                    if((f <<= 1) <= c[++xp])
+                                        break;              // enough codes to use up j bits
+                                    f -= c[xp];           // else deduct codes from patterns
+                                }
+                            }
+                        }
+                        z = 1 << j;                 // table entries for j-bit table
+
+                        // allocate new table
+                        if (hn[0] + z > MANY){       // (note: doesn't matter for fixed)
+                            return Z_DATA_ERROR;       // overflow of MANY
+                        }
+                        u[h] = q = /*hp+*/ hn[0];   // DEBUG
+                        hn[0] += z;
+ 
+                        // connect to last table, if there is one
+                        if(h!=0){
+                            x[h]=i;           // save pattern for backing up
+                            r[0]=(byte)j;     // bits in this table
+                            r[1]=(byte)l;     // bits to dump before this table
+                            j=i>>(w - l);
+                            r[2] = (int)(q - u[h-1] - j);               // offset to this table
+                            System.Array.Copy(r, 0, hp, (u[h-1]+j)*3, 3); // connect to last table
+                        }
+                        else{
+                            t[0] = q;               // first table is returned result
+                        }
+                    }
+
+                    // set up table entry in r
+                    r[1] = (byte)(k - w);
+                    if (p >= n){
+                        r[0] = 128 + 64;      // out of values--invalid code
+                    }
+                    else if (v[p] < s){
+                        r[0] = (byte)(v[p] < 256 ? 0 : 32 + 64);  // 256 is end-of-block
+                        r[2] = v[p++];          // simple code is just the value
+                    }
+                    else{
+                        r[0]=(byte)(e[v[p]-s]+16+64); // non-simple--look up in lists
+                        r[2]=d[v[p++] - s];
+                    }
+
+                    // fill code-like entries with r
+                    f=1<<(k-w);
+                    for (j=i>>w;j<z;j+=f){
+                        System.Array.Copy(r, 0, hp, (q+j)*3, 3);
+                    }
+
+                    // backwards increment the k-bit code i
+                    for (j = 1 << (k - 1); (i & j)!=0; j >>= 1){
+                        i ^= j;
+                    }
+                    i ^= j;
+
+                    // backup over finished tables
+                    mask = (1 << w) - 1;      // needed on HP, cc -O bug
+                    while ((i & mask) != x[h]){
+                        h--;                    // don't need to update q
+                        w -= l;
+                        mask = (1 << w) - 1;
+                    }
+                }
+            }
+            // Return Z_BUF_ERROR if we were given an incomplete table
+            return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK;
+        }
+
+        internal int inflate_trees_bits(int[] c,  // 19 code lengths
+            int[] bb, // bits tree desired/actual depth
+            int[] tb, // bits tree result
+            int[] hp, // space for trees
+            ZStream z // for messages
+            ){
+            int result;
+            initWorkArea(19);
+            hn[0]=0;
+            result = huft_build(c, 0, 19, 19, null, null, tb, bb, hp, hn, v);
+
+            if(result == Z_DATA_ERROR){
+                z.msg = "oversubscribed dynamic bit lengths tree";
+            }
+            else if(result == Z_BUF_ERROR || bb[0] == 0){
+                z.msg = "incomplete dynamic bit lengths tree";
+                result = Z_DATA_ERROR;
+            }
+            return result;
+        }
+
+        internal int inflate_trees_dynamic(int nl,   // number of literal/length codes
+            int nd,   // number of distance codes
+            int[] c,  // that many (total) code lengths
+            int[] bl, // literal desired/actual bit depth
+            int[] bd, // distance desired/actual bit depth 
+            int[] tl, // literal/length tree result
+            int[] td, // distance tree result
+            int[] hp, // space for trees
+            ZStream z // for messages
+            ){
+            int result;
+
+            // build literal/length tree
+            initWorkArea(288);
+            hn[0]=0;
+            result = huft_build(c, 0, nl, 257, cplens, cplext, tl, bl, hp, hn, v);
+            if (result != Z_OK || bl[0] == 0){
+                if(result == Z_DATA_ERROR){
+                    z.msg = "oversubscribed literal/length tree";
+                }
+                else if (result != Z_MEM_ERROR){
+                    z.msg = "incomplete literal/length tree";
+                    result = Z_DATA_ERROR;
+                }
+                return result;
+            }
+
+            // build distance tree
+            initWorkArea(288);
+            result = huft_build(c, nl, nd, 0, cpdist, cpdext, td, bd, hp, hn, v);
+
+            if (result != Z_OK || (bd[0] == 0 && nl > 257)){
+                if (result == Z_DATA_ERROR){
+                    z.msg = "oversubscribed distance tree";
+                }
+                else if (result == Z_BUF_ERROR) {
+                    z.msg = "incomplete distance tree";
+                    result = Z_DATA_ERROR;
+                }
+                else if (result != Z_MEM_ERROR){
+                    z.msg = "empty distance tree with lengths";
+                    result = Z_DATA_ERROR;
+                }
+                return result;
+            }
+
+            return Z_OK;
+        }
+
+        internal static int inflate_trees_fixed(int[] bl,  //literal desired/actual bit depth
+            int[] bd,  //distance desired/actual bit depth
+            int[][] tl,//literal/length tree result
+            int[][] td,//distance tree result 
+            ZStream z  //for memory allocation
+            ){
+            bl[0]=fixed_bl;
+            bd[0]=fixed_bd;
+            tl[0]=fixed_tl;
+            td[0]=fixed_td;
+            return Z_OK;
+        }
+
+        private void initWorkArea(int vsize){
+            if(hn==null){
+                hn=new int[1];
+                v=new int[vsize];
+                c=new int[BMAX+1];
+                r=new int[3];
+                u=new int[BMAX];
+                x=new int[BMAX+1];
+            }
+            if(v.Length<vsize){ v=new int[vsize]; }
+            for(int i=0; i<vsize; i++){v[i]=0;}
+            for(int i=0; i<BMAX+1; i++){c[i]=0;}
+            for(int i=0; i<3; i++){r[i]=0;}
+            //  for(int i=0; i<BMAX; i++){u[i]=0;}
+            System.Array.Copy(c, 0, u, 0, BMAX);
+            //  for(int i=0; i<BMAX+1; i++){x[i]=0;}
+            System.Array.Copy(c, 0, x, 0, BMAX+1);
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/Inflate.cs b/bc-sharp-crypto/src/util/zlib/Inflate.cs
new file mode 100644
index 0000000..ac87893
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/Inflate.cs
@@ -0,0 +1,387 @@
+using System;
+/*
+ * $Id: Inflate.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class Inflate{
+  
+        private const int MAX_WBITS=15; // 32K LZ77 window
+
+        // preset dictionary flag in zlib header
+        private const int PRESET_DICT=0x20;
+
+        internal const int Z_NO_FLUSH=0;
+        internal const int Z_PARTIAL_FLUSH=1;
+        internal const int Z_SYNC_FLUSH=2;
+        internal const int Z_FULL_FLUSH=3;
+        internal const int Z_FINISH=4;
+
+        private const int Z_DEFLATED=8;
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        private const int METHOD=0;   // waiting for method byte
+        private const int FLAG=1;     // waiting for flag byte
+        private const int DICT4=2;    // four dictionary check bytes to go
+        private const int DICT3=3;    // three dictionary check bytes to go
+        private const int DICT2=4;    // two dictionary check bytes to go
+        private const int DICT1=5;    // one dictionary check byte to go
+        private const int DICT0=6;    // waiting for inflateSetDictionary
+        private const int BLOCKS=7;   // decompressing blocks
+        private const int CHECK4=8;   // four check bytes to go
+        private const int CHECK3=9;   // three check bytes to go
+        private const int CHECK2=10;  // two check bytes to go
+        private const int CHECK1=11;  // one check byte to go
+        private const int DONE=12;    // finished check, done
+        private const int BAD=13;     // got an error--stay here
+
+        internal int mode;                            // current inflate mode
+
+        // mode dependent information
+        internal int method;        // if FLAGS, method byte
+
+        // if CHECK, check values to compare
+        internal long[] was=new long[1] ; // computed check value
+        internal long need;               // stream check value
+
+        // if BAD, inflateSync's marker bytes count
+        internal int marker;
+
+        // mode independent information
+        internal int  nowrap;          // flag for no wrapper
+        internal int wbits;            // log2(window size)  (8..15, defaults to 15)
+
+        internal InfBlocks blocks;     // current inflate_blocks state
+
+        internal int inflateReset(ZStream z){
+            if(z == null || z.istate == null) return Z_STREAM_ERROR;
+    
+            z.total_in = z.total_out = 0;
+            z.msg = null;
+            z.istate.mode = z.istate.nowrap!=0 ? BLOCKS : METHOD;
+            z.istate.blocks.reset(z, null);
+            return Z_OK;
+        }
+
+        internal int inflateEnd(ZStream z){
+            if(blocks != null)
+                blocks.free(z);
+            blocks=null;
+            //    ZFREE(z, z->state);
+            return Z_OK;
+        }
+
+        internal int inflateInit(ZStream z, int w){
+            z.msg = null;
+            blocks = null;
+
+            // handle undocumented nowrap option (no zlib header or check)
+            nowrap = 0;
+            if(w < 0){
+                w = - w;
+                nowrap = 1;
+            }
+
+            // set window size
+            if(w<8 ||w>15){
+                inflateEnd(z);
+                return Z_STREAM_ERROR;
+            }
+            wbits=w;
+
+            z.istate.blocks=new InfBlocks(z, 
+                z.istate.nowrap!=0 ? null : this,
+                1<<w);
+
+            // reset state
+            inflateReset(z);
+            return Z_OK;
+        }
+
+        internal int inflate(ZStream z, int f){
+            int r;
+            int b;
+
+            if(z == null || z.istate == null || z.next_in == null)
+                return Z_STREAM_ERROR;
+            f = f == Z_FINISH ? Z_BUF_ERROR : Z_OK;
+            r = Z_BUF_ERROR;
+            while (true){
+                //System.out.println("mode: "+z.istate.mode);
+                switch (z.istate.mode){
+                    case METHOD:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        if(((z.istate.method = z.next_in[z.next_in_index++])&0xf)!=Z_DEFLATED){
+                            z.istate.mode = BAD;
+                            z.msg="unknown compression method";
+                            z.istate.marker = 5;       // can't try inflateSync
+                            break;
+                        }
+                        if((z.istate.method>>4)+8>z.istate.wbits){
+                            z.istate.mode = BAD;
+                            z.msg="invalid window size";
+                            z.istate.marker = 5;       // can't try inflateSync
+                            break;
+                        }
+                        z.istate.mode=FLAG;
+                        goto case FLAG;
+                    case FLAG:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        b = (z.next_in[z.next_in_index++])&0xff;
+
+                        if((((z.istate.method << 8)+b) % 31)!=0){
+                            z.istate.mode = BAD;
+                            z.msg = "incorrect header check";
+                            z.istate.marker = 5;       // can't try inflateSync
+                            break;
+                        }
+
+                        if((b&PRESET_DICT)==0){
+                            z.istate.mode = BLOCKS;
+                            break;
+                        }
+                        z.istate.mode = DICT4;
+                        goto case DICT4;
+                    case DICT4:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need=((z.next_in[z.next_in_index++]&0xff)<<24)&0xff000000L;
+                        z.istate.mode=DICT3;
+                        goto case DICT3;
+                    case DICT3:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<16)&0xff0000L;
+                        z.istate.mode=DICT2;
+                        goto case DICT2;
+                    case DICT2:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<8)&0xff00L;
+                        z.istate.mode=DICT1;
+                        goto case DICT1;
+                    case DICT1:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need += (z.next_in[z.next_in_index++]&0xffL);
+                        z.adler = z.istate.need;
+                        z.istate.mode = DICT0;
+                        return Z_NEED_DICT;
+                    case DICT0:
+                        z.istate.mode = BAD;
+                        z.msg = "need dictionary";
+                        z.istate.marker = 0;       // can try inflateSync
+                        return Z_STREAM_ERROR;
+                    case BLOCKS:
+
+                        r = z.istate.blocks.proc(z, r);
+                        if(r == Z_DATA_ERROR){
+                            z.istate.mode = BAD;
+                            z.istate.marker = 0;     // can try inflateSync
+                            break;
+                        }
+                        if(r == Z_OK){
+                            r = f;
+                        }
+                        if(r != Z_STREAM_END){
+                            return r;
+                        }
+                        r = f;
+                        z.istate.blocks.reset(z, z.istate.was);
+                        if(z.istate.nowrap!=0){
+                            z.istate.mode=DONE;
+                            break;
+                        }
+                        z.istate.mode=CHECK4;
+                        goto case CHECK4;
+                    case CHECK4:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need=((z.next_in[z.next_in_index++]&0xff)<<24)&0xff000000L;
+                        z.istate.mode=CHECK3;
+                        goto case CHECK3;
+                    case CHECK3:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<16)&0xff0000L;
+                        z.istate.mode = CHECK2;
+                        goto case CHECK2;
+                    case CHECK2:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<8)&0xff00L;
+                        z.istate.mode = CHECK1;
+                        goto case CHECK1;
+                    case CHECK1:
+
+                        if(z.avail_in==0)return r;r=f;
+
+                        z.avail_in--; z.total_in++;
+                        z.istate.need+=(z.next_in[z.next_in_index++]&0xffL);
+
+                        if(((int)(z.istate.was[0])) != ((int)(z.istate.need))){
+                            z.istate.mode = BAD;
+                            z.msg = "incorrect data check";
+                            z.istate.marker = 5;       // can't try inflateSync
+                            break;
+                        }
+
+                        z.istate.mode = DONE;
+                        goto case DONE;
+                    case DONE:
+                        return Z_STREAM_END;
+                    case BAD:
+                        return Z_DATA_ERROR;
+                    default:
+                        return Z_STREAM_ERROR;
+                }
+            }
+        }
+
+
+        internal int inflateSetDictionary(ZStream z, byte[] dictionary, int dictLength){
+            int index=0;
+            int length = dictLength;
+            if(z==null || z.istate == null|| z.istate.mode != DICT0)
+                return Z_STREAM_ERROR;
+
+            if(z._adler.adler32(1L, dictionary, 0, dictLength)!=z.adler){
+                return Z_DATA_ERROR;
+            }
+
+            z.adler = z._adler.adler32(0, null, 0, 0);
+
+            if(length >= (1<<z.istate.wbits)){
+                length = (1<<z.istate.wbits)-1;
+                index=dictLength - length;
+            }
+            z.istate.blocks.set_dictionary(dictionary, index, length);
+            z.istate.mode = BLOCKS;
+            return Z_OK;
+        }
+
+        private static readonly byte[] mark = {(byte)0, (byte)0, (byte)0xff, (byte)0xff};
+
+        internal int inflateSync(ZStream z){
+            int n;       // number of bytes to look at
+            int p;       // pointer to bytes
+            int m;       // number of marker bytes found in a row
+            long r, w;   // temporaries to save total_in and total_out
+
+            // set up
+            if(z == null || z.istate == null)
+                return Z_STREAM_ERROR;
+            if(z.istate.mode != BAD){
+                z.istate.mode = BAD;
+                z.istate.marker = 0;
+            }
+            if((n=z.avail_in)==0)
+                return Z_BUF_ERROR;
+            p=z.next_in_index;
+            m=z.istate.marker;
+
+            // search
+            while (n!=0 && m < 4){
+                if(z.next_in[p] == mark[m]){
+                    m++;
+                }
+                else if(z.next_in[p]!=0){
+                    m = 0;
+                }
+                else{
+                    m = 4 - m;
+                }
+                p++; n--;
+            }
+
+            // restore
+            z.total_in += p-z.next_in_index;
+            z.next_in_index = p;
+            z.avail_in = n;
+            z.istate.marker = m;
+
+            // return no joy or set up to restart on a new block
+            if(m != 4){
+                return Z_DATA_ERROR;
+            }
+            r=z.total_in;  w=z.total_out;
+            inflateReset(z);
+            z.total_in=r;  z.total_out = w;
+            z.istate.mode = BLOCKS;
+            return Z_OK;
+        }
+
+        // Returns true if inflate is currently at the end of a block generated
+        // by Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
+        // implementation to provide an additional safety check. PPP uses Z_SYNC_FLUSH
+        // but removes the length bytes of the resulting empty stored block. When
+        // decompressing, PPP checks that at the end of input packet, inflate is
+        // waiting for these length bytes.
+        internal int inflateSyncPoint(ZStream z){
+            if(z == null || z.istate == null || z.istate.blocks == null)
+                return Z_STREAM_ERROR;
+            return z.istate.blocks.sync_point();
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/JZlib.cs b/bc-sharp-crypto/src/util/zlib/JZlib.cs
new file mode 100644
index 0000000..4f2cfda
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/JZlib.cs
@@ -0,0 +1,73 @@
+using System;
+/*
+ * $Id: JZlib.cs,v 1.3 2011-02-15 05:46:04 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    public sealed class JZlib{
+        private const String _version="1.0.7";
+        public static String version()
+		{
+			return _version;
+		}
+
+        // compression levels
+        public const int Z_NO_COMPRESSION=0;
+        public const int Z_BEST_SPEED=1;
+        public const int Z_BEST_COMPRESSION=9;
+        public const int Z_DEFAULT_COMPRESSION=-1;
+
+        // compression strategy
+        public const int Z_FILTERED=1;
+        public const int Z_HUFFMAN_ONLY=2;
+        public const int Z_DEFAULT_STRATEGY=0;
+
+        public const int Z_NO_FLUSH=0;
+        public const int Z_PARTIAL_FLUSH=1;
+        public const int Z_SYNC_FLUSH=2;
+        public const int Z_FULL_FLUSH=3;
+        public const int Z_FINISH=4;
+
+        public const int Z_OK=0;
+        public const int Z_STREAM_END=1;
+        public const int Z_NEED_DICT=2;
+        public const int Z_ERRNO=-1;
+        public const int Z_STREAM_ERROR=-2;
+        public const int Z_DATA_ERROR=-3;
+        public const int Z_MEM_ERROR=-4;
+        public const int Z_BUF_ERROR=-5;
+        public const int Z_VERSION_ERROR=-6;
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/StaticTree.cs b/bc-sharp-crypto/src/util/zlib/StaticTree.cs
new file mode 100644
index 0000000..097735d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/StaticTree.cs
@@ -0,0 +1,152 @@
+using System;
+/*
+ * $Id: StaticTree.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class StaticTree{
+        private const int MAX_BITS=15;
+
+        private const int BL_CODES=19;
+        private const int D_CODES=30;
+        private const int LITERALS=256;
+        private const int LENGTH_CODES=29;
+        private const int L_CODES=(LITERALS+1+LENGTH_CODES);
+
+        // Bit length codes must not exceed MAX_BL_BITS bits
+        internal const int MAX_BL_BITS=7; 
+
+        internal static readonly short[] static_ltree = {
+                                                   12,  8, 140,  8,  76,  8, 204,  8,  44,  8,
+                                                   172,  8, 108,  8, 236,  8,  28,  8, 156,  8,
+                                                   92,  8, 220,  8,  60,  8, 188,  8, 124,  8,
+                                                   252,  8,   2,  8, 130,  8,  66,  8, 194,  8,
+                                                   34,  8, 162,  8,  98,  8, 226,  8,  18,  8,
+                                                   146,  8,  82,  8, 210,  8,  50,  8, 178,  8,
+                                                   114,  8, 242,  8,  10,  8, 138,  8,  74,  8,
+                                                   202,  8,  42,  8, 170,  8, 106,  8, 234,  8,
+                                                   26,  8, 154,  8,  90,  8, 218,  8,  58,  8,
+                                                   186,  8, 122,  8, 250,  8,   6,  8, 134,  8,
+                                                   70,  8, 198,  8,  38,  8, 166,  8, 102,  8,
+                                                   230,  8,  22,  8, 150,  8,  86,  8, 214,  8,
+                                                   54,  8, 182,  8, 118,  8, 246,  8,  14,  8,
+                                                   142,  8,  78,  8, 206,  8,  46,  8, 174,  8,
+                                                   110,  8, 238,  8,  30,  8, 158,  8,  94,  8,
+                                                   222,  8,  62,  8, 190,  8, 126,  8, 254,  8,
+                                                   1,  8, 129,  8,  65,  8, 193,  8,  33,  8,
+                                                   161,  8,  97,  8, 225,  8,  17,  8, 145,  8,
+                                                   81,  8, 209,  8,  49,  8, 177,  8, 113,  8,
+                                                   241,  8,   9,  8, 137,  8,  73,  8, 201,  8,
+                                                   41,  8, 169,  8, 105,  8, 233,  8,  25,  8,
+                                                   153,  8,  89,  8, 217,  8,  57,  8, 185,  8,
+                                                   121,  8, 249,  8,   5,  8, 133,  8,  69,  8,
+                                                   197,  8,  37,  8, 165,  8, 101,  8, 229,  8,
+                                                   21,  8, 149,  8,  85,  8, 213,  8,  53,  8,
+                                                   181,  8, 117,  8, 245,  8,  13,  8, 141,  8,
+                                                   77,  8, 205,  8,  45,  8, 173,  8, 109,  8,
+                                                   237,  8,  29,  8, 157,  8,  93,  8, 221,  8,
+                                                   61,  8, 189,  8, 125,  8, 253,  8,  19,  9,
+                                                   275,  9, 147,  9, 403,  9,  83,  9, 339,  9,
+                                                   211,  9, 467,  9,  51,  9, 307,  9, 179,  9,
+                                                   435,  9, 115,  9, 371,  9, 243,  9, 499,  9,
+                                                   11,  9, 267,  9, 139,  9, 395,  9,  75,  9,
+                                                   331,  9, 203,  9, 459,  9,  43,  9, 299,  9,
+                                                   171,  9, 427,  9, 107,  9, 363,  9, 235,  9,
+                                                   491,  9,  27,  9, 283,  9, 155,  9, 411,  9,
+                                                   91,  9, 347,  9, 219,  9, 475,  9,  59,  9,
+                                                   315,  9, 187,  9, 443,  9, 123,  9, 379,  9,
+                                                   251,  9, 507,  9,   7,  9, 263,  9, 135,  9,
+                                                   391,  9,  71,  9, 327,  9, 199,  9, 455,  9,
+                                                   39,  9, 295,  9, 167,  9, 423,  9, 103,  9,
+                                                   359,  9, 231,  9, 487,  9,  23,  9, 279,  9,
+                                                   151,  9, 407,  9,  87,  9, 343,  9, 215,  9,
+                                                   471,  9,  55,  9, 311,  9, 183,  9, 439,  9,
+                                                   119,  9, 375,  9, 247,  9, 503,  9,  15,  9,
+                                                   271,  9, 143,  9, 399,  9,  79,  9, 335,  9,
+                                                   207,  9, 463,  9,  47,  9, 303,  9, 175,  9,
+                                                   431,  9, 111,  9, 367,  9, 239,  9, 495,  9,
+                                                   31,  9, 287,  9, 159,  9, 415,  9,  95,  9,
+                                                   351,  9, 223,  9, 479,  9,  63,  9, 319,  9,
+                                                   191,  9, 447,  9, 127,  9, 383,  9, 255,  9,
+                                                   511,  9,   0,  7,  64,  7,  32,  7,  96,  7,
+                                                   16,  7,  80,  7,  48,  7, 112,  7,   8,  7,
+                                                   72,  7,  40,  7, 104,  7,  24,  7,  88,  7,
+                                                   56,  7, 120,  7,   4,  7,  68,  7,  36,  7,
+                                                   100,  7,  20,  7,  84,  7,  52,  7, 116,  7,
+                                                   3,  8, 131,  8,  67,  8, 195,  8,  35,  8,
+                                                   163,  8,  99,  8, 227,  8
+                                               };
+
+        internal static readonly short[] static_dtree = {
+                                                   0, 5, 16, 5,  8, 5, 24, 5,  4, 5,
+                                                   20, 5, 12, 5, 28, 5,  2, 5, 18, 5,
+                                                   10, 5, 26, 5,  6, 5, 22, 5, 14, 5,
+                                                   30, 5,  1, 5, 17, 5,  9, 5, 25, 5,
+                                                   5, 5, 21, 5, 13, 5, 29, 5,  3, 5,
+                                                   19, 5, 11, 5, 27, 5,  7, 5, 23, 5
+                                               };
+
+        internal static readonly StaticTree static_l_desc =
+            new StaticTree(static_ltree, Tree.extra_lbits,
+            LITERALS+1, L_CODES, MAX_BITS);
+
+        internal static readonly StaticTree static_d_desc =
+            new StaticTree(static_dtree, Tree.extra_dbits,
+            0,  D_CODES, MAX_BITS);
+
+        internal static readonly StaticTree static_bl_desc =
+            new StaticTree(null, Tree.extra_blbits,
+            0, BL_CODES, MAX_BL_BITS);
+
+        internal short[] static_tree;     // static tree or null
+        internal int[] extra_bits;        // extra bits for each code or null
+        internal int extra_base;          // base index for extra_bits
+        internal int elems;               // max number of elements in the tree
+        internal int max_length;          // max bit length for the codes
+
+        internal StaticTree(short[] static_tree,
+            int[] extra_bits,
+            int extra_base,
+            int elems,
+            int max_length
+            ){
+            this.static_tree=static_tree;
+            this.extra_bits=extra_bits;
+            this.extra_base=extra_base;
+            this.elems=elems;
+            this.max_length=max_length;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/Tree.cs b/bc-sharp-crypto/src/util/zlib/Tree.cs
new file mode 100644
index 0000000..29d0a30
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/Tree.cs
@@ -0,0 +1,367 @@
+using System;
+/*
+ * $Id: Tree.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    internal sealed class Tree{
+        private const int MAX_BITS=15;
+        private const int BL_CODES=19;
+        private const int D_CODES=30;
+        private const int LITERALS=256;
+        private const int LENGTH_CODES=29;
+        private const int L_CODES=(LITERALS+1+LENGTH_CODES);
+        private const int HEAP_SIZE=(2*L_CODES+1);
+
+        // Bit length codes must not exceed MAX_BL_BITS bits
+        internal const int MAX_BL_BITS=7; 
+
+        // end of block literal code
+        internal const int END_BLOCK=256; 
+
+        // repeat previous bit length 3-6 times (2 bits of repeat count)
+        internal const int REP_3_6=16; 
+
+        // repeat a zero length 3-10 times  (3 bits of repeat count)
+        internal const int REPZ_3_10=17; 
+
+        // repeat a zero length 11-138 times  (7 bits of repeat count)
+        internal const int REPZ_11_138=18; 
+
+        // extra bits for each length code
+        internal static readonly int[] extra_lbits={
+                                             0,0,0,0,0,0,0,0,1,1,1,1,2,2,2,2,3,3,3,3,4,4,4,4,5,5,5,5,0
+                                         };
+
+        // extra bits for each distance code
+        internal static readonly int[] extra_dbits={
+                                             0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7,8,8,9,9,10,10,11,11,12,12,13,13
+                                         };
+
+        // extra bits for each bit length code
+        internal static readonly int[] extra_blbits={
+                                              0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,3,7
+                                          };
+
+        internal static readonly byte[] bl_order={
+                                            16,17,18,0,8,7,9,6,10,5,11,4,12,3,13,2,14,1,15};
+
+
+        // The lengths of the bit length codes are sent in order of decreasing
+        // probability, to avoid transmitting the lengths for unused bit
+        // length codes.
+
+        internal const int Buf_size=8*2;
+
+        // see definition of array dist_code below
+        internal const int DIST_CODE_LEN=512;
+
+        internal static readonly byte[] _dist_code = {
+                                                0,  1,  2,  3,  4,  4,  5,  5,  6,  6,  6,  6,  7,  7,  7,  7,  8,  8,  8,  8,
+                                                8,  8,  8,  8,  9,  9,  9,  9,  9,  9,  9,  9, 10, 10, 10, 10, 10, 10, 10, 10,
+                                                10, 10, 10, 10, 10, 10, 10, 10, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11, 11,
+                                                11, 11, 11, 11, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12,
+                                                12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 13, 13, 13, 13,
+                                                13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13, 13,
+                                                13, 13, 13, 13, 13, 13, 13, 13, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+                                                14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+                                                14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14,
+                                                14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 14, 15, 15, 15, 15, 15, 15, 15, 15,
+                                                15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+                                                15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,
+                                                15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15, 15,  0,  0, 16, 17,
+                                                18, 18, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 22, 22, 22, 22, 22, 22, 22, 22,
+                                                23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+                                                24, 24, 24, 24, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+                                                26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+                                                26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27,
+                                                27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+                                                27, 27, 27, 27, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+                                                28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+                                                28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28, 28,
+                                                28, 28, 28, 28, 28, 28, 28, 28, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+                                                29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+                                                29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
+                                                29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
+                                            };
+
+        internal static readonly byte[] _length_code={
+                                                0,  1,  2,  3,  4,  5,  6,  7,  8,  8,  9,  9, 10, 10, 11, 11, 12, 12, 12, 12,
+                                                13, 13, 13, 13, 14, 14, 14, 14, 15, 15, 15, 15, 16, 16, 16, 16, 16, 16, 16, 16,
+                                                17, 17, 17, 17, 17, 17, 17, 17, 18, 18, 18, 18, 18, 18, 18, 18, 19, 19, 19, 19,
+                                                19, 19, 19, 19, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20, 20,
+                                                21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 21, 22, 22, 22, 22,
+                                                22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 22, 23, 23, 23, 23, 23, 23, 23, 23,
+                                                23, 23, 23, 23, 23, 23, 23, 23, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+                                                24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24, 24,
+                                                25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25,
+                                                25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 25, 26, 26, 26, 26, 26, 26, 26, 26,
+                                                26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26, 26,
+                                                26, 26, 26, 26, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27,
+                                                27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 27, 28
+                                            };
+
+        internal static readonly int[] base_length = {
+                                               0, 1, 2, 3, 4, 5, 6, 7, 8, 10, 12, 14, 16, 20, 24, 28, 32, 40, 48, 56,
+                                               64, 80, 96, 112, 128, 160, 192, 224, 0
+                                           };
+
+        internal static readonly int[] base_dist = {
+                                             0,   1,      2,     3,     4,    6,     8,    12,    16,     24,
+                                             32,  48,     64,    96,   128,  192,   256,   384,   512,    768,
+                                             1024, 1536,  2048,  3072,  4096,  6144,  8192, 12288, 16384, 24576
+                                         };
+
+        // Mapping from a distance to a distance code. dist is the distance - 1 and
+        // must not have side effects. _dist_code[256] and _dist_code[257] are never
+        // used.
+        internal static int d_code(int dist){
+            return ((dist) < 256 ? _dist_code[dist] : _dist_code[256+((dist)>>7)]);
+        }
+
+        internal short[] dyn_tree;      // the dynamic tree
+        internal int     max_code;      // largest code with non zero frequency
+        internal StaticTree stat_desc;  // the corresponding static tree
+
+        // Compute the optimal bit lengths for a tree and update the total bit length
+        // for the current block.
+        // IN assertion: the fields freq and dad are set, heap[heap_max] and
+        //    above are the tree nodes sorted by increasing frequency.
+        // OUT assertions: the field len is set to the optimal bit length, the
+        //     array bl_count contains the frequencies for each bit length.
+        //     The length opt_len is updated; static_len is also updated if stree is
+        //     not null.
+        internal void gen_bitlen(Deflate s){
+            short[] tree = dyn_tree;
+            short[] stree = stat_desc.static_tree;
+            int[] extra = stat_desc.extra_bits;
+            int based = stat_desc.extra_base;
+            int max_length = stat_desc.max_length;
+            int h;              // heap index
+            int n, m;           // iterate over the tree elements
+            int bits;           // bit length
+            int xbits;          // extra bits
+            short f;            // frequency
+            int overflow = 0;   // number of elements with bit length too large
+
+            for (bits = 0; bits <= MAX_BITS; bits++) s.bl_count[bits] = 0;
+
+            // In a first pass, compute the optimal bit lengths (which may
+            // overflow in the case of the bit length tree).
+            tree[s.heap[s.heap_max]*2+1] = 0; // root of the heap
+
+            for(h=s.heap_max+1; h<HEAP_SIZE; h++){
+                n = s.heap[h];
+                bits = tree[tree[n*2+1]*2+1] + 1;
+                if (bits > max_length){ bits = max_length; overflow++; }
+                tree[n*2+1] = (short)bits;
+                // We overwrite tree[n*2+1] which is no longer needed
+
+                if (n > max_code) continue;  // not a leaf node
+
+                s.bl_count[bits]++;
+                xbits = 0;
+                if (n >= based) xbits = extra[n-based];
+                f = tree[n*2];
+                s.opt_len += f * (bits + xbits);
+                if (stree!=null) s.static_len += f * (stree[n*2+1] + xbits);
+            }
+            if (overflow == 0) return;
+
+            // This happens for example on obj2 and pic of the Calgary corpus
+            // Find the first bit length which could increase:
+            do {
+                bits = max_length-1;
+            while(s.bl_count[bits]==0) bits--;
+                s.bl_count[bits]--;      // move one leaf down the tree
+                s.bl_count[bits+1]+=2;   // move one overflow item as its brother
+                s.bl_count[max_length]--;
+                // The brother of the overflow item also moves one step up,
+                // but this does not affect bl_count[max_length]
+                overflow -= 2;
+            }
+            while (overflow > 0);
+
+            for (bits = max_length; bits != 0; bits--) {
+                n = s.bl_count[bits];
+                while (n != 0) {
+                    m = s.heap[--h];
+                    if (m > max_code) continue;
+                    if (tree[m*2+1] != bits) {
+                        s.opt_len += (int)(((long)bits - (long)tree[m*2+1])*(long)tree[m*2]);
+                        tree[m*2+1] = (short)bits;
+                    }
+                    n--;
+                }
+            }
+        }
+
+        // Construct one Huffman tree and assigns the code bit strings and lengths.
+        // Update the total bit length for the current block.
+        // IN assertion: the field freq is set for all tree elements.
+        // OUT assertions: the fields len and code are set to the optimal bit length
+        //     and corresponding code. The length opt_len is updated; static_len is
+        //     also updated if stree is not null. The field max_code is set.
+        internal void build_tree(Deflate s){
+            short[] tree=dyn_tree;
+            short[] stree=stat_desc.static_tree;
+            int elems=stat_desc.elems;
+            int n, m;          // iterate over heap elements
+            int max_code=-1;   // largest code with non zero frequency
+            int node;          // new node being created
+
+            // Construct the initial heap, with least frequent element in
+            // heap[1]. The sons of heap[n] are heap[2*n] and heap[2*n+1].
+            // heap[0] is not used.
+            s.heap_len = 0;
+            s.heap_max = HEAP_SIZE;
+
+            for(n=0; n<elems; n++) {
+                if(tree[n*2] != 0) {
+                    s.heap[++s.heap_len] = max_code = n;
+                    s.depth[n] = 0;
+                }
+                else{
+                    tree[n*2+1] = 0;
+                }
+            }
+
+            // The pkzip format requires that at least one distance code exists,
+            // and that at least one bit should be sent even if there is only one
+            // possible code. So to avoid special checks later on we force at least
+            // two codes of non zero frequency.
+            while (s.heap_len < 2) {
+                node = s.heap[++s.heap_len] = (max_code < 2 ? ++max_code : 0);
+                tree[node*2] = 1;
+                s.depth[node] = 0;
+                s.opt_len--; if (stree!=null) s.static_len -= stree[node*2+1];
+                // node is 0 or 1 so it does not have extra bits
+            }
+            this.max_code = max_code;
+
+            // The elements heap[heap_len/2+1 .. heap_len] are leaves of the tree,
+            // establish sub-heaps of increasing lengths:
+
+            for(n=s.heap_len/2;n>=1; n--)
+                s.pqdownheap(tree, n);
+
+            // Construct the Huffman tree by repeatedly combining the least two
+            // frequent nodes.
+
+            node=elems;                 // next internal node of the tree
+            do{
+                // n = node of least frequency
+                n=s.heap[1];
+                s.heap[1]=s.heap[s.heap_len--];
+                s.pqdownheap(tree, 1);
+                m=s.heap[1];                // m = node of next least frequency
+
+                s.heap[--s.heap_max] = n; // keep the nodes sorted by frequency
+                s.heap[--s.heap_max] = m;
+
+                // Create a new node father of n and m
+                tree[node*2] = (short)(tree[n*2] + tree[m*2]);
+                s.depth[node] = (byte)(System.Math.Max(s.depth[n],s.depth[m])+1);
+                tree[n*2+1] = tree[m*2+1] = (short)node;
+
+                // and insert the new node in the heap
+                s.heap[1] = node++;
+                s.pqdownheap(tree, 1);
+            }
+            while(s.heap_len>=2);
+
+            s.heap[--s.heap_max] = s.heap[1];
+
+            // At this point, the fields freq and dad are set. We can now
+            // generate the bit lengths.
+
+            gen_bitlen(s);
+
+            // The field len is now set, we can generate the bit codes
+            gen_codes(tree, max_code, s.bl_count);
+        }
+
+        // Generate the codes for a given tree and bit counts (which need not be
+        // optimal).
+        // IN assertion: the array bl_count contains the bit length statistics for
+        // the given tree and the field len is set for all tree elements.
+        // OUT assertion: the field code is set for all tree elements of non
+        //     zero code length.
+        internal static void gen_codes(short[] tree, // the tree to decorate
+            int max_code, // largest code with non zero frequency
+            short[] bl_count // number of codes at each bit length
+            ){
+            short[] next_code=new short[MAX_BITS+1]; // next code value for each bit length
+            short code = 0;            // running code value
+            int bits;                  // bit index
+            int n;                     // code index
+
+            // The distribution counts are first used to generate the code values
+            // without bit reversal.
+            for (bits = 1; bits <= MAX_BITS; bits++) {
+                next_code[bits] = code = (short)((code + bl_count[bits-1]) << 1);
+            }
+
+            // Check that the bit counts in bl_count are consistent. The last code
+            // must be all ones.
+            //Assert (code + bl_count[MAX_BITS]-1 == (1<<MAX_BITS)-1,
+            //        "inconsistent bit counts");
+            //Tracev((stderr,"\ngen_codes: max_code %d ", max_code));
+
+            for (n = 0;  n <= max_code; n++) {
+                int len = tree[n*2+1];
+                if (len == 0) continue;
+                // Now reverse the bits
+                tree[n*2] = (short)(bi_reverse(next_code[len]++, len));
+            }
+        }
+
+        // Reverse the first len bits of a code, using straightforward code (a faster
+        // method would use a table)
+        // IN assertion: 1 <= len <= 15
+        internal static int bi_reverse(int code, // the value to invert
+            int len   // its bit length
+            ){
+            int res = 0;
+            do{
+                res|=code&1;
+                code>>=1;
+                res<<=1;
+            } 
+            while(--len>0);
+            return res>>1;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/util/zlib/ZDeflaterOutputStream.cs b/bc-sharp-crypto/src/util/zlib/ZDeflaterOutputStream.cs
new file mode 100644
index 0000000..d0f0bcb
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/ZDeflaterOutputStream.cs
@@ -0,0 +1,171 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+    /// <summary>
+    /// Summary description for DeflaterOutputStream.
+    /// </summary>
+    [Obsolete("Use 'ZOutputStream' instead")]
+    public class ZDeflaterOutputStream : Stream {
+        protected ZStream z=new ZStream();
+        protected int flushLevel=JZlib.Z_NO_FLUSH;
+        private const int BUFSIZE = 4192;
+        protected byte[] buf=new byte[BUFSIZE];
+        private byte[] buf1=new byte[1];
+
+        protected Stream outp;
+
+        public ZDeflaterOutputStream(Stream outp) : this(outp, 6, false) {
+        }
+    
+        public ZDeflaterOutputStream(Stream outp, int level) : this(outp, level, false) {
+        }
+    
+        public ZDeflaterOutputStream(Stream outp, int level, bool nowrap) {
+            this.outp=outp;
+            z.deflateInit(level, nowrap);
+        }
+    
+    
+        public override bool CanRead {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanRead getter implementation
+                return false;
+            }
+        }
+    
+        public override bool CanSeek {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanSeek getter implementation
+                return false;
+            }
+        }
+    
+        public override bool CanWrite {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanWrite getter implementation
+                return true;
+            }
+        }
+    
+        public override long Length {
+            get {
+                // TODO:  Add DeflaterOutputStream.Length getter implementation
+                return 0;
+            }
+        }
+    
+        public override long Position {
+            get {
+                // TODO:  Add DeflaterOutputStream.Position getter implementation
+                return 0;
+            }
+            set {
+                // TODO:  Add DeflaterOutputStream.Position setter implementation
+            }
+        }
+    
+        public override void Write(byte[] b, int off, int len) {
+            if(len==0)
+                return;
+            int err;
+            z.next_in=b;
+            z.next_in_index=off;
+            z.avail_in=len;
+            do{
+                z.next_out=buf;
+                z.next_out_index=0;
+                z.avail_out=BUFSIZE;
+                err=z.deflate(flushLevel);
+                if(err!=JZlib.Z_OK)
+                    throw new IOException("deflating: "+z.msg);
+				if (z.avail_out < BUFSIZE)
+				{
+					outp.Write(buf, 0, BUFSIZE-z.avail_out);
+				}
+            }
+            while(z.avail_in>0 || z.avail_out==0);
+        }
+    
+        public override long Seek(long offset, SeekOrigin origin) {
+            // TODO:  Add DeflaterOutputStream.Seek implementation
+            return 0;
+        }
+    
+        public override void SetLength(long value) {
+            // TODO:  Add DeflaterOutputStream.SetLength implementation
+
+        }
+    
+        public override int Read(byte[] buffer, int offset, int count) {
+            // TODO:  Add DeflaterOutputStream.Read implementation
+            return 0;
+        }
+    
+        public override void Flush() {
+            outp.Flush();
+        }
+    
+        public override void WriteByte(byte b) {
+            buf1[0]=(byte)b;
+            Write(buf1, 0, 1);
+        }
+
+        public void Finish() {
+            int err;
+            do{
+                z.next_out=buf;
+                z.next_out_index=0;
+                z.avail_out=BUFSIZE;
+                err=z.deflate(JZlib.Z_FINISH);
+                if(err!=JZlib.Z_STREAM_END && err != JZlib.Z_OK)
+                    throw new IOException("deflating: "+z.msg);
+                if(BUFSIZE-z.avail_out>0){
+                    outp.Write(buf, 0, BUFSIZE-z.avail_out);
+                }
+            }
+            while(z.avail_in>0 || z.avail_out==0);
+            Flush();
+        }
+
+        public void End() {
+            if(z==null)
+                return;
+            z.deflateEnd();
+            z.free();
+            z=null;
+        }
+        
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                try{
+                    try{Finish();}
+                    catch (IOException) {}
+                }
+                finally{
+                    End();
+                    Platform.Dispose(outp);
+                    outp=null;
+                }
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close() {
+            try{
+                try{Finish();}
+                catch (IOException) {}
+            }
+            finally{
+                End();
+                Platform.Dispose(outp);
+                outp=null;
+            }
+            base.Close();
+        }
+#endif
+    }
+}
diff --git a/bc-sharp-crypto/src/util/zlib/ZInflaterInputStream.cs b/bc-sharp-crypto/src/util/zlib/ZInflaterInputStream.cs
new file mode 100644
index 0000000..ef742bb
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/ZInflaterInputStream.cs
@@ -0,0 +1,140 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+    /// <summary>
+    /// Summary description for DeflaterOutputStream.
+    /// </summary>
+    [Obsolete("Use 'ZInputStream' instead")]
+    public class ZInflaterInputStream : Stream {
+        protected ZStream z=new ZStream();
+        protected int flushLevel=JZlib.Z_NO_FLUSH;
+        private const int BUFSIZE = 4192;
+        protected byte[] buf=new byte[BUFSIZE];
+        private byte[] buf1=new byte[1];
+
+        protected Stream inp=null;
+        private bool nomoreinput=false;
+
+        public ZInflaterInputStream(Stream inp) : this(inp, false) {
+        }
+    
+        public ZInflaterInputStream(Stream inp, bool nowrap) {
+            this.inp=inp;
+            z.inflateInit(nowrap);
+            z.next_in=buf;
+            z.next_in_index=0;
+            z.avail_in=0;
+        }
+    
+        public override bool CanRead {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanRead getter implementation
+                return true;
+            }
+        }
+    
+        public override bool CanSeek {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanSeek getter implementation
+                return false;
+            }
+        }
+    
+        public override bool CanWrite {
+            get {
+                // TODO:  Add DeflaterOutputStream.CanWrite getter implementation
+                return false;
+            }
+        }
+    
+        public override long Length {
+            get {
+                // TODO:  Add DeflaterOutputStream.Length getter implementation
+                return 0;
+            }
+        }
+    
+        public override long Position {
+            get {
+                // TODO:  Add DeflaterOutputStream.Position getter implementation
+                return 0;
+            }
+            set {
+                // TODO:  Add DeflaterOutputStream.Position setter implementation
+            }
+        }
+    
+        public override void Write(byte[] b, int off, int len) {
+        }
+    
+        public override long Seek(long offset, SeekOrigin origin) {
+            // TODO:  Add DeflaterOutputStream.Seek implementation
+            return 0;
+        }
+    
+        public override void SetLength(long value) {
+            // TODO:  Add DeflaterOutputStream.SetLength implementation
+
+        }
+    
+        public override int Read(byte[] b, int off, int len) {
+            if(len==0)
+                return(0);
+            int err;
+            z.next_out=b;
+            z.next_out_index=off;
+            z.avail_out=len;
+            do {
+                if((z.avail_in==0)&&(!nomoreinput)) { // if buffer is empty and more input is avaiable, refill it
+                    z.next_in_index=0;
+                    z.avail_in=inp.Read(buf, 0, BUFSIZE);//(BUFSIZE<z.avail_out ? BUFSIZE : z.avail_out));
+                    if(z.avail_in<=0) {
+                        z.avail_in=0;
+                        nomoreinput=true;
+                    }
+                }
+                err=z.inflate(flushLevel);
+                if(nomoreinput&&(err==JZlib.Z_BUF_ERROR))
+                    return(0);
+                if(err!=JZlib.Z_OK && err!=JZlib.Z_STREAM_END)
+                    throw new IOException("inflating: "+z.msg);
+                if((nomoreinput||err==JZlib.Z_STREAM_END)&&(z.avail_out==len))
+                    return(0);
+            } 
+            while(z.avail_out==len&&err==JZlib.Z_OK);
+            //System.err.print("("+(len-z.avail_out)+")");
+            return(len-z.avail_out);
+        }
+    
+        public override void Flush() {
+            inp.Flush();
+        }
+    
+        public override void WriteByte(byte b) {
+        }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+                Platform.Dispose(inp);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+        {
+            Platform.Dispose(inp);
+            base.Close();
+        }
+#endif
+
+        public override int ReadByte() {
+            if(Read(buf1, 0, 1)<=0)
+                return -1;
+            return(buf1[0]&0xFF);
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/util/zlib/ZInputStream.cs b/bc-sharp-crypto/src/util/zlib/ZInputStream.cs
new file mode 100644
index 0000000..434fe95
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/ZInputStream.cs
@@ -0,0 +1,238 @@
+/*
+Copyright (c) 2001 Lapo Luchini.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS
+OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+/* This file is a port of jzlib v1.0.7, com.jcraft.jzlib.ZInputStream.java
+ */
+
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Zlib
+{
+	public class ZInputStream
+		: Stream
+	{
+        private static ZStream GetDefaultZStream(bool nowrap)
+        {
+            ZStream z = new ZStream();
+            z.inflateInit(nowrap);
+            return z;
+        }
+
+        private const int BufferSize = 512;
+
+		protected ZStream z;
+		protected int flushLevel = JZlib.Z_NO_FLUSH;
+		// TODO Allow custom buf
+		protected byte[] buf = new byte[BufferSize];
+		protected byte[] buf1 = new byte[1];
+		protected bool compress;
+
+		protected Stream input;
+		protected bool closed;
+
+		private bool nomoreinput = false;
+
+		public ZInputStream(Stream input)
+			: this(input, false)
+		{
+		}
+
+		public ZInputStream(Stream input, bool nowrap)
+            : this(input, GetDefaultZStream(nowrap))
+		{
+		}
+
+        public ZInputStream(Stream input, ZStream z)
+			: base()
+		{
+			Debug.Assert(input.CanRead);
+
+            if (z == null)
+            {
+                z = new ZStream();
+            }
+
+            if (z.istate == null && z.dstate == null)
+            {
+                z.inflateInit();
+            }
+
+            this.input = input;
+            this.compress = (z.istate == null);
+            this.z = z;
+            this.z.next_in = buf;
+			this.z.next_in_index = 0;
+			this.z.avail_in = 0;
+		}
+
+        public ZInputStream(Stream input, int level)
+            : this(input, level, false)
+		{
+        }
+
+        public ZInputStream(Stream input, int level, bool nowrap)
+		{
+			Debug.Assert(input.CanRead);
+			
+			this.input = input;
+            this.compress = true;
+            this.z = new ZStream();
+			this.z.deflateInit(level, nowrap);
+			this.z.next_in = buf;
+			this.z.next_in_index = 0;
+			this.z.avail_in = 0;
+		}
+
+		/*public int available() throws IOException {
+		return inf.finished() ? 0 : 1;
+		}*/
+
+		public sealed override bool CanRead { get { return !closed; } }
+		public sealed override bool CanSeek { get { return false; } }
+		public sealed override bool CanWrite { get { return false; } }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+			    if (closed)
+                    return;
+
+                closed = true;
+                Platform.Dispose(input);
+            }
+            base.Dispose(disposing);
+        }
+#else
+        public override void Close()
+		{
+            if (closed)
+                return;
+
+            closed = true;
+            Platform.Dispose(input);
+            base.Close();
+		}
+#endif
+
+		public sealed override void Flush() {}
+
+		public virtual int FlushMode
+		{
+			get { return flushLevel; }
+			set { this.flushLevel = value; }
+		}
+
+		public sealed override long Length { get { throw new NotSupportedException(); } }
+		public sealed override long Position
+		{
+			get { throw new NotSupportedException(); }
+			set { throw new NotSupportedException(); }
+		}
+
+		public override int Read(byte[]	b, int off, int len)
+		{
+			if (len==0)
+				return 0;
+
+			z.next_out = b;
+			z.next_out_index = off;
+			z.avail_out = len;
+
+			int err;
+			do
+			{
+				if (z.avail_in == 0 && !nomoreinput)
+				{
+					// if buffer is empty and more input is available, refill it
+					z.next_in_index = 0;
+					z.avail_in = input.Read(buf, 0, buf.Length); //(bufsize<z.avail_out ? bufsize : z.avail_out));
+
+					if (z.avail_in <= 0)
+					{
+						z.avail_in = 0;
+						nomoreinput = true;
+					}
+				}
+
+				err = compress
+					?	z.deflate(flushLevel)
+					:	z.inflate(flushLevel);
+
+				if (nomoreinput && err == JZlib.Z_BUF_ERROR)
+					return 0;
+				if (err != JZlib.Z_OK && err != JZlib.Z_STREAM_END)
+					// TODO
+//					throw new ZStreamException((compress ? "de" : "in") + "flating: " + z.msg);
+					throw new IOException((compress ? "de" : "in") + "flating: " + z.msg);
+				if ((nomoreinput || err == JZlib.Z_STREAM_END) && z.avail_out == len)
+					return 0;
+			} 
+			while(z.avail_out == len && err == JZlib.Z_OK);
+			//Console.Error.WriteLine("("+(len-z.avail_out)+")");
+			return len - z.avail_out;
+		}
+
+		public override int ReadByte()
+		{
+			if (Read(buf1, 0, 1) <= 0)
+				return -1;
+			return buf1[0];
+		}
+
+//  public long skip(long n) throws IOException {
+//    int len=512;
+//    if(n<len)
+//      len=(int)n;
+//    byte[] tmp=new byte[len];
+//    return((long)read(tmp));
+//  }
+
+		public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); }
+		public sealed override void SetLength(long value) { throw new NotSupportedException(); }
+
+		public virtual long TotalIn
+		{
+			get { return z.total_in; }
+		}
+
+		public virtual long TotalOut
+		{
+			get { return z.total_out; }
+		}
+
+		public sealed override void Write(byte[] buffer, int offset, int count) { throw new NotSupportedException(); }
+	}
+}
diff --git a/bc-sharp-crypto/src/util/zlib/ZOutputStream.cs b/bc-sharp-crypto/src/util/zlib/ZOutputStream.cs
new file mode 100644
index 0000000..1633b2d
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/ZOutputStream.cs
@@ -0,0 +1,265 @@
+/*
+Copyright (c) 2001 Lapo Luchini.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS
+OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+/* This file is a port of jzlib v1.0.7, com.jcraft.jzlib.ZOutputStream.java
+ */
+
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Org.BouncyCastle.Utilities.Zlib
+{
+	public class ZOutputStream
+		: Stream
+	{
+        private static ZStream GetDefaultZStream(bool nowrap)
+        {
+            ZStream z = new ZStream();
+            z.inflateInit(nowrap);
+            return z;
+        }
+
+        private const int BufferSize = 512;
+
+		protected ZStream z;
+		protected int flushLevel = JZlib.Z_NO_FLUSH;
+		// TODO Allow custom buf
+		protected byte[] buf = new byte[BufferSize];
+		protected byte[] buf1 = new byte[1];
+		protected bool compress;
+
+		protected Stream output;
+		protected bool closed;
+
+        public ZOutputStream(Stream output)
+            : this(output, false)
+		{
+		}
+
+        public ZOutputStream(Stream output, bool nowrap)
+            : this(output, GetDefaultZStream(nowrap))
+		{
+		}
+
+        public ZOutputStream(Stream output, ZStream z)
+			: base()
+		{
+			Debug.Assert(output.CanWrite);
+
+            if (z == null)
+            {
+                z = new ZStream();
+            }
+
+            if (z.istate == null && z.dstate == null)
+            {
+                z.inflateInit();
+            }
+
+            this.output = output;
+            this.compress = (z.istate == null);
+            this.z = z;
+		}
+
+        public ZOutputStream(Stream output, int level)
+			: this(output, level, false)
+		{
+		}
+
+		public ZOutputStream(Stream output, int level, bool nowrap)
+			: base()
+		{
+			Debug.Assert(output.CanWrite);
+
+			this.output = output;
+            this.compress = true;
+            this.z = new ZStream();
+			this.z.deflateInit(level, nowrap);
+		}
+
+		public sealed override bool CanRead { get { return false; } }
+        public sealed override bool CanSeek { get { return false; } }
+        public sealed override bool CanWrite { get { return !closed; } }
+
+#if PORTABLE
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing)
+            {
+			    if (closed)
+				    return;
+
+                DoClose();
+            }
+            base.Dispose(disposing);
+        }
+#else
+		public override void Close()
+		{
+			if (closed)
+				return;
+
+            DoClose();
+            base.Close();
+		}
+#endif
+
+        private void DoClose()
+        {
+            try
+            {
+                try
+                {
+                    Finish();
+                }
+                catch (IOException)
+                {
+                    // Ignore
+                }
+            }
+            finally
+            {
+                this.closed = true;
+                End();
+                Platform.Dispose(output);
+                output = null;
+            }
+        }
+
+        public virtual void End()
+		{
+			if (z == null)
+				return;
+			if (compress)
+				z.deflateEnd();
+			else
+				z.inflateEnd();
+			z.free();
+			z = null;
+		}
+
+		public virtual void Finish()
+		{
+			do
+			{
+				z.next_out = buf;
+				z.next_out_index = 0;
+				z.avail_out = buf.Length;
+
+				int err = compress
+					?	z.deflate(JZlib.Z_FINISH)
+					:	z.inflate(JZlib.Z_FINISH);
+
+				if (err != JZlib.Z_STREAM_END && err != JZlib.Z_OK)
+					// TODO
+//					throw new ZStreamException((compress?"de":"in")+"flating: "+z.msg);
+					throw new IOException((compress ? "de" : "in") + "flating: " + z.msg);
+
+				int count = buf.Length - z.avail_out;
+				if (count > 0)
+				{
+					output.Write(buf, 0, count);
+				}
+			}
+			while (z.avail_in > 0 || z.avail_out == 0);
+
+			Flush();
+		}
+
+		public override void Flush()
+		{
+			output.Flush();
+		}
+
+		public virtual int FlushMode
+		{
+			get { return flushLevel; }
+			set { this.flushLevel = value; }
+		}
+
+        public sealed override long Length { get { throw new NotSupportedException(); } }
+        public sealed override long Position
+        {
+            get { throw new NotSupportedException(); }
+            set { throw new NotSupportedException(); }
+        }
+        public sealed override int Read(byte[] buffer, int offset, int count) { throw new NotSupportedException(); }
+        public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); }
+        public sealed override void SetLength(long value) { throw new NotSupportedException(); }
+
+		public virtual long TotalIn
+		{
+			get { return z.total_in; }
+		}
+
+		public virtual long TotalOut
+		{
+			get { return z.total_out; }
+		}
+
+		public override void Write(byte[] b, int off, int len)
+		{
+			if (len == 0)
+				return;
+
+			z.next_in = b;
+			z.next_in_index = off;
+			z.avail_in = len;
+
+			do
+			{
+				z.next_out = buf;
+				z.next_out_index = 0;
+				z.avail_out = buf.Length;
+
+				int err = compress
+					?	z.deflate(flushLevel)
+					:	z.inflate(flushLevel);
+
+				if (err != JZlib.Z_OK)
+					// TODO
+//					throw new ZStreamException((compress ? "de" : "in") + "flating: " + z.msg);
+					throw new IOException((compress ? "de" : "in") + "flating: " + z.msg);
+
+				output.Write(buf, 0, buf.Length - z.avail_out);
+			}
+			while (z.avail_in > 0 || z.avail_out == 0);
+		}
+
+		public override void WriteByte(byte b)
+		{
+			buf1[0] = b;
+			Write(buf1, 0, 1);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/util/zlib/ZStream.cs b/bc-sharp-crypto/src/util/zlib/ZStream.cs
new file mode 100644
index 0000000..7ff9614
--- /dev/null
+++ b/bc-sharp-crypto/src/util/zlib/ZStream.cs
@@ -0,0 +1,214 @@
+using System;
+/*
+ * $Id: ZStream.cs,v 1.1 2006-07-31 13:59:26 bouncy Exp $
+ *
+Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+     this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright 
+     notice, this list of conditions and the following disclaimer in 
+     the documentation and/or other materials provided with the distribution.
+
+  3. The names of the authors may not be used to endorse or promote products
+     derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES,
+INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT,
+INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
+OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * This program is based on zlib-1.1.3, so all credit should go authors
+ * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu)
+ * and contributors of zlib.
+ */
+
+namespace Org.BouncyCastle.Utilities.Zlib {
+
+    public sealed class ZStream{
+
+        private const int MAX_WBITS=15;        // 32K LZ77 window
+        private const int DEF_WBITS=MAX_WBITS;
+
+        private const int Z_NO_FLUSH=0;
+        private const int Z_PARTIAL_FLUSH=1;
+        private const int Z_SYNC_FLUSH=2;
+        private const int Z_FULL_FLUSH=3;
+        private const int Z_FINISH=4;
+
+        private const int MAX_MEM_LEVEL=9;
+
+        private const int Z_OK=0;
+        private const int Z_STREAM_END=1;
+        private const int Z_NEED_DICT=2;
+        private const int Z_ERRNO=-1;
+        private const int Z_STREAM_ERROR=-2;
+        private const int Z_DATA_ERROR=-3;
+        private const int Z_MEM_ERROR=-4;
+        private const int Z_BUF_ERROR=-5;
+        private const int Z_VERSION_ERROR=-6;
+
+        public byte[] next_in;     // next input byte
+        public int next_in_index;
+        public int avail_in;       // number of bytes available at next_in
+        public long total_in;      // total nb of input bytes read so far
+
+        public byte[] next_out;    // next output byte should be put there
+        public int next_out_index;
+        public int avail_out;      // remaining free space at next_out
+        public long total_out;     // total nb of bytes output so far
+
+        public String msg;
+
+        internal Deflate dstate; 
+        internal Inflate istate; 
+
+        internal int data_type; // best guess about the data type: ascii or binary
+
+        public long adler;
+        internal Adler32 _adler=new Adler32();
+
+        public int inflateInit(){
+            return inflateInit(DEF_WBITS);
+        }
+        public int inflateInit(bool nowrap){
+            return inflateInit(DEF_WBITS, nowrap);
+        }
+        public int inflateInit(int w){
+            return inflateInit(w, false);
+        }
+
+        public int inflateInit(int w, bool nowrap){
+            istate=new Inflate();
+            return istate.inflateInit(this, nowrap?-w:w);
+        }
+
+        public int inflate(int f){
+            if(istate==null) return Z_STREAM_ERROR;
+            return istate.inflate(this, f);
+        }
+        public int inflateEnd(){
+            if(istate==null) return Z_STREAM_ERROR;
+            int ret=istate.inflateEnd(this);
+            istate = null;
+            return ret;
+        }
+        public int inflateSync(){
+            if(istate == null)
+                return Z_STREAM_ERROR;
+            return istate.inflateSync(this);
+        }
+        public int inflateSetDictionary(byte[] dictionary, int dictLength){
+            if(istate == null)
+                return Z_STREAM_ERROR;
+            return istate.inflateSetDictionary(this, dictionary, dictLength);
+        }
+
+        public int deflateInit(int level){
+            return deflateInit(level, MAX_WBITS);
+        }
+        public int deflateInit(int level, bool nowrap){
+            return deflateInit(level, MAX_WBITS, nowrap);
+        }
+        public int deflateInit(int level, int bits){
+            return deflateInit(level, bits, false);
+        }
+        public int deflateInit(int level, int bits, bool nowrap){
+            dstate=new Deflate();
+            return dstate.deflateInit(this, level, nowrap?-bits:bits);
+        }
+        public int deflate(int flush){
+            if(dstate==null){
+                return Z_STREAM_ERROR;
+            }
+            return dstate.deflate(this, flush);
+        }
+        public int deflateEnd(){
+            if(dstate==null) return Z_STREAM_ERROR;
+            int ret=dstate.deflateEnd();
+            dstate=null;
+            return ret;
+        }
+        public int deflateParams(int level, int strategy){
+            if(dstate==null) return Z_STREAM_ERROR;
+            return dstate.deflateParams(this, level, strategy);
+        }
+        public int deflateSetDictionary (byte[] dictionary, int dictLength){
+            if(dstate == null)
+                return Z_STREAM_ERROR;
+            return dstate.deflateSetDictionary(this, dictionary, dictLength);
+        }
+
+        // Flush as much pending output as possible. All deflate() output goes
+        // through this function so some applications may wish to modify it
+        // to avoid allocating a large strm->next_out buffer and copying into it.
+        // (See also read_buf()).
+        internal void flush_pending(){
+            int len=dstate.pending;
+
+            if(len>avail_out) len=avail_out;
+            if(len==0) return;
+
+            if(dstate.pending_buf.Length<=dstate.pending_out ||
+                next_out.Length<=next_out_index ||
+                dstate.pending_buf.Length<(dstate.pending_out+len) ||
+                next_out.Length<(next_out_index+len)){
+                //      System.out.println(dstate.pending_buf.length+", "+dstate.pending_out+
+                //			 ", "+next_out.length+", "+next_out_index+", "+len);
+                //      System.out.println("avail_out="+avail_out);
+            }
+
+            System.Array.Copy(dstate.pending_buf, dstate.pending_out,
+                next_out, next_out_index, len);
+
+            next_out_index+=len;
+            dstate.pending_out+=len;
+            total_out+=len;
+            avail_out-=len;
+            dstate.pending-=len;
+            if(dstate.pending==0){
+                dstate.pending_out=0;
+            }
+        }
+
+        // Read a new buffer from the current input stream, update the adler32
+        // and total number of bytes read.  All deflate() input goes through
+        // this function so some applications may wish to modify it to avoid
+        // allocating a large strm->next_in buffer and copying from it.
+        // (See also flush_pending()).
+        internal int read_buf(byte[] buf, int start, int size) {
+            int len=avail_in;
+
+            if(len>size) len=size;
+            if(len==0) return 0;
+
+            avail_in-=len;
+
+            if(dstate.noheader==0) {
+                adler=_adler.adler32(adler, next_in, next_in_index, len);
+            }
+            System.Array.Copy(next_in, next_in_index, buf, start, len);
+            next_in_index  += len;
+            total_in += len;
+            return len;
+        }
+
+        public void free(){
+            next_in=null;
+            next_out=null;
+            msg=null;
+            _adler=null;
+        }
+    }
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/x509/AttributeCertificateHolder.cs b/bc-sharp-crypto/src/x509/AttributeCertificateHolder.cs
new file mode 100644
index 0000000..04460cd
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/AttributeCertificateHolder.cs
@@ -0,0 +1,442 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <remarks>
+	/// The Holder object.
+	/// <pre>
+ 	/// Holder ::= SEQUENCE {
+ 	///		baseCertificateID   [0] IssuerSerial OPTIONAL,
+ 	///			-- the issuer and serial number of
+ 	///			-- the holder's Public Key Certificate
+ 	///		entityName          [1] GeneralNames OPTIONAL,
+ 	///			-- the name of the claimant or role
+ 	///		objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+ 	///			-- used to directly authenticate the holder,
+ 	///			-- for example, an executable
+ 	/// }
+	/// </pre>
+	/// </remarks>
+	public class AttributeCertificateHolder
+		//: CertSelector, Selector
+		: IX509Selector
+	{
+		internal readonly Holder holder;
+
+		internal AttributeCertificateHolder(
+			Asn1Sequence seq)
+		{
+			holder = Holder.GetInstance(seq);
+		}
+
+		public AttributeCertificateHolder(
+			X509Name	issuerName,
+			BigInteger	serialNumber)
+		{
+			holder = new Holder(
+				new IssuerSerial(
+					GenerateGeneralNames(issuerName),
+					new DerInteger(serialNumber)));
+		}
+
+		public AttributeCertificateHolder(
+			X509Certificate	cert)
+		{
+			X509Name name;
+			try
+			{
+				name = PrincipalUtilities.GetIssuerX509Principal(cert);
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException(e.Message);
+			}
+
+			holder = new Holder(new IssuerSerial(GenerateGeneralNames(name), new DerInteger(cert.SerialNumber)));
+		}
+
+		public AttributeCertificateHolder(
+			X509Name principal)
+		{
+			holder = new Holder(GenerateGeneralNames(principal));
+		}
+
+		/**
+		 * Constructs a holder for v2 attribute certificates with a hash value for
+		 * some type of object.
+		 * <p>
+		 * <code>digestedObjectType</code> can be one of the following:
+		 * <ul>
+		 * <li>0 - publicKey - A hash of the public key of the holder must be
+		 * passed.</li>
+		 * <li>1 - publicKeyCert - A hash of the public key certificate of the
+		 * holder must be passed.</li>
+		 * <li>2 - otherObjectDigest - A hash of some other object type must be
+		 * passed. <code>otherObjectTypeID</code> must not be empty.</li>
+		 * </ul>
+		 * </p>
+		 * <p>This cannot be used if a v1 attribute certificate is used.</p>
+		 *
+		 * @param digestedObjectType The digest object type.
+		 * @param digestAlgorithm The algorithm identifier for the hash.
+		 * @param otherObjectTypeID The object type ID if
+		 *            <code>digestedObjectType</code> is
+		 *            <code>otherObjectDigest</code>.
+		 * @param objectDigest The hash value.
+		 */
+		public AttributeCertificateHolder(
+			int		digestedObjectType,
+			string	digestAlgorithm,
+			string	otherObjectTypeID,
+			byte[]	objectDigest)
+		{
+			// TODO Allow 'objectDigest' to be null?
+
+			holder = new Holder(new ObjectDigestInfo(digestedObjectType, otherObjectTypeID,
+				new AlgorithmIdentifier(new DerObjectIdentifier(digestAlgorithm)), Arrays.Clone(objectDigest)));
+		}
+
+		/**
+		 * Returns the digest object type if an object digest info is used.
+		 * <p>
+		 * <ul>
+		 * <li>0 - publicKey - A hash of the public key of the holder must be
+		 * passed.</li>
+		 * <li>1 - publicKeyCert - A hash of the public key certificate of the
+		 * holder must be passed.</li>
+		 * <li>2 - otherObjectDigest - A hash of some other object type must be
+		 * passed. <code>otherObjectTypeID</code> must not be empty.</li>
+		 * </ul>
+		 * </p>
+		 *
+		 * @return The digest object type or -1 if no object digest info is set.
+		 */
+		public int DigestedObjectType
+		{
+			get
+			{
+				ObjectDigestInfo odi = holder.ObjectDigestInfo;
+
+				return odi == null
+					?	-1
+					:	odi.DigestedObjectType.Value.IntValue;
+			}
+		}
+
+		/**
+		 * Returns the other object type ID if an object digest info is used.
+		 *
+		 * @return The other object type ID or <code>null</code> if no object
+		 *         digest info is set.
+		 */
+		public string DigestAlgorithm
+		{
+			get
+			{
+				ObjectDigestInfo odi = holder.ObjectDigestInfo;
+
+				return odi == null
+					?	null
+					:	odi.DigestAlgorithm.Algorithm.Id;
+			}
+		}
+
+		/**
+		 * Returns the hash if an object digest info is used.
+		 *
+		 * @return The hash or <code>null</code> if no object digest info is set.
+		 */
+		public byte[] GetObjectDigest()
+		{
+			ObjectDigestInfo odi = holder.ObjectDigestInfo;
+
+			return odi == null
+				?	null
+				:	odi.ObjectDigest.GetBytes();
+		}
+
+		/**
+		 * Returns the digest algorithm ID if an object digest info is used.
+		 *
+		 * @return The digest algorithm ID or <code>null</code> if no object
+		 *         digest info is set.
+		 */
+		public string OtherObjectTypeID
+		{
+			get
+			{
+				ObjectDigestInfo odi = holder.ObjectDigestInfo;
+
+				return odi == null
+					?	null
+					:	odi.OtherObjectTypeID.Id;
+			}
+		}
+
+		private GeneralNames GenerateGeneralNames(
+			X509Name principal)
+		{
+//			return GeneralNames.GetInstance(new DerSequence(new GeneralName(principal)));
+			return new GeneralNames(new GeneralName(principal));
+		}
+
+		private bool MatchesDN(
+			X509Name		subject,
+			GeneralNames	targets)
+		{
+			GeneralName[] names = targets.GetNames();
+
+			for (int i = 0; i != names.Length; i++)
+			{
+				GeneralName gn = names[i];
+
+				if (gn.TagNo == GeneralName.DirectoryName)
+				{
+					try
+					{
+						if (X509Name.GetInstance(gn.Name).Equivalent(subject))
+						{
+							return true;
+						}
+					}
+					catch (Exception)
+					{
+					}
+				}
+			}
+
+			return false;
+		}
+
+		private object[] GetNames(
+			GeneralName[] names)
+		{
+            int count = 0;
+            for (int i = 0; i != names.Length; i++)
+            {
+                if (names[i].TagNo == GeneralName.DirectoryName)
+                {
+                    ++count;
+                }
+            }
+
+            object[] result = new object[count];
+
+            int pos = 0;
+            for (int i = 0; i != names.Length; i++)
+            {
+                if (names[i].TagNo == GeneralName.DirectoryName)
+                {
+                    result[pos++] = X509Name.GetInstance(names[i].Name);
+                }
+            }
+
+            return result;
+        }
+
+		private X509Name[] GetPrincipals(
+			GeneralNames names)
+		{
+			object[] p = this.GetNames(names.GetNames());
+
+            int count = 0;
+
+            for (int i = 0; i != p.Length; i++)
+			{
+				if (p[i] is X509Name)
+				{
+                    ++count;
+				}
+			}
+
+            X509Name[] result = new X509Name[count];
+
+            int pos = 0;
+            for (int i = 0; i != p.Length; i++)
+            {
+                if (p[i] is X509Name)
+                {
+                    result[pos++] = (X509Name)p[i];
+                }
+            }
+
+            return result;
+        }
+
+		/**
+		 * Return any principal objects inside the attribute certificate holder entity names field.
+		 *
+		 * @return an array of IPrincipal objects (usually X509Name), null if no entity names field is set.
+		 */
+		public X509Name[] GetEntityNames()
+		{
+			if (holder.EntityName != null)
+			{
+				return GetPrincipals(holder.EntityName);
+			}
+
+			return null;
+		}
+
+		/**
+		 * Return the principals associated with the issuer attached to this holder
+		 *
+		 * @return an array of principals, null if no BaseCertificateID is set.
+		 */
+		public X509Name[] GetIssuer()
+		{
+			if (holder.BaseCertificateID != null)
+			{
+				return GetPrincipals(holder.BaseCertificateID.Issuer);
+			}
+
+			return null;
+		}
+
+		/**
+		 * Return the serial number associated with the issuer attached to this holder.
+		 *
+		 * @return the certificate serial number, null if no BaseCertificateID is set.
+		 */
+		public BigInteger SerialNumber
+		{
+			get
+			{
+				if (holder.BaseCertificateID != null)
+				{
+					return holder.BaseCertificateID.Serial.Value;
+				}
+
+				return null;
+			}
+		}
+
+		public object Clone()
+		{
+			return new AttributeCertificateHolder((Asn1Sequence)holder.ToAsn1Object());
+		}
+
+		public bool Match(
+//			Certificate cert)
+			X509Certificate x509Cert)
+		{
+//			if (!(cert is X509Certificate))
+//			{
+//				return false;
+//			}
+//
+//			X509Certificate x509Cert = (X509Certificate)cert;
+
+			try
+			{
+				if (holder.BaseCertificateID != null)
+				{
+					return holder.BaseCertificateID.Serial.Value.Equals(x509Cert.SerialNumber)
+						&& MatchesDN(PrincipalUtilities.GetIssuerX509Principal(x509Cert), holder.BaseCertificateID.Issuer);
+				}
+
+				if (holder.EntityName != null)
+				{
+					if (MatchesDN(PrincipalUtilities.GetSubjectX509Principal(x509Cert), holder.EntityName))
+					{
+						return true;
+					}
+				}
+
+				if (holder.ObjectDigestInfo != null)
+				{
+					IDigest md = null;
+					try
+					{
+						md = DigestUtilities.GetDigest(DigestAlgorithm);
+					}
+					catch (Exception)
+					{
+						return false;
+					}
+
+					switch (DigestedObjectType)
+					{
+						case ObjectDigestInfo.PublicKey:
+						{
+							// TODO: DSA Dss-parms
+
+							//byte[] b = x509Cert.GetPublicKey().getEncoded();
+							// TODO Is this the right way to encode?
+							byte[] b = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
+								x509Cert.GetPublicKey()).GetEncoded();
+							md.BlockUpdate(b, 0, b.Length);
+							break;
+						}
+
+						case ObjectDigestInfo.PublicKeyCert:
+						{
+							byte[] b = x509Cert.GetEncoded();
+							md.BlockUpdate(b, 0, b.Length);
+							break;
+						}
+
+						// TODO Default handler?
+					}
+
+					// TODO Shouldn't this be the other way around?
+					if (!Arrays.AreEqual(DigestUtilities.DoFinal(md), GetObjectDigest()))
+					{
+						return false;
+					}
+				}
+			}
+			catch (CertificateEncodingException)
+			{
+				return false;
+			}
+
+			return false;
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+			{
+				return true;
+			}
+
+			if (!(obj is AttributeCertificateHolder))
+			{
+				return false;
+			}
+
+			AttributeCertificateHolder other = (AttributeCertificateHolder)obj;
+
+			return this.holder.Equals(other.holder);
+		}
+
+		public override int GetHashCode()
+		{
+			return this.holder.GetHashCode();
+		}
+
+		public bool Match(
+			object obj)
+		{
+			if (!(obj is X509Certificate))
+			{
+				return false;
+			}
+
+//			return Match((Certificate)obj);
+			return Match((X509Certificate)obj);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/AttributeCertificateIssuer.cs b/bc-sharp-crypto/src/x509/AttributeCertificateIssuer.cs
new file mode 100644
index 0000000..7df1416
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/AttributeCertificateIssuer.cs
@@ -0,0 +1,199 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Store;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * Carrying class for an attribute certificate issuer.
+	 */
+	public class AttributeCertificateIssuer
+		//: CertSelector, Selector
+		: IX509Selector
+	{
+		internal readonly Asn1Encodable form;
+
+		/**
+		 * Set the issuer directly with the ASN.1 structure.
+		 *
+		 * @param issuer The issuer
+		 */
+		public AttributeCertificateIssuer(
+			AttCertIssuer issuer)
+		{
+			form = issuer.Issuer;
+		}
+
+		public AttributeCertificateIssuer(
+			X509Name principal)
+		{
+//			form = new V2Form(GeneralNames.GetInstance(new DerSequence(new GeneralName(principal))));
+			form = new V2Form(new GeneralNames(new GeneralName(principal)));
+		}
+
+		private object[] GetNames()
+		{
+			GeneralNames name;
+			if (form is V2Form)
+			{
+				name = ((V2Form)form).IssuerName;
+			}
+			else
+			{
+				name = (GeneralNames)form;
+			}
+
+            GeneralName[] names = name.GetNames();
+
+            int count = 0;
+            for (int i = 0; i != names.Length; i++)
+            {
+                if (names[i].TagNo == GeneralName.DirectoryName)
+                {
+                    ++count;
+                }
+            }
+
+            object[] result = new object[count];
+
+            int pos = 0;
+            for (int i = 0; i != names.Length; i++)
+			{
+				if (names[i].TagNo == GeneralName.DirectoryName)
+				{
+                    result[pos++] = X509Name.GetInstance(names[i].Name);
+				}
+			}
+
+            return result;
+        }
+
+		/// <summary>Return any principal objects inside the attribute certificate issuer object.</summary>
+		/// <returns>An array of IPrincipal objects (usually X509Principal).</returns>
+		public X509Name[] GetPrincipals()
+		{
+			object[] p = this.GetNames();
+
+            int count = 0;
+            for (int i = 0; i != p.Length; i++)
+            {
+                if (p[i] is X509Name)
+                {
+                    ++count;
+                }
+            }
+
+            X509Name[] result = new X509Name[count];
+
+            int pos = 0;
+			for (int i = 0; i != p.Length; i++)
+			{
+				if (p[i] is X509Name)
+				{
+					result[pos++] = (X509Name)p[i];
+				}
+			}
+
+            return result;
+		}
+
+		private bool MatchesDN(
+			X509Name		subject,
+			GeneralNames	targets)
+		{
+			GeneralName[] names = targets.GetNames();
+
+			for (int i = 0; i != names.Length; i++)
+			{
+				GeneralName gn = names[i];
+
+				if (gn.TagNo == GeneralName.DirectoryName)
+				{
+					try
+					{
+						if (X509Name.GetInstance(gn.Name).Equivalent(subject))
+						{
+							return true;
+						}
+					}
+					catch (Exception)
+					{
+					}
+				}
+			}
+
+			return false;
+		}
+
+		public object Clone()
+		{
+			return new AttributeCertificateIssuer(AttCertIssuer.GetInstance(form));
+		}
+
+		public bool Match(
+//			Certificate cert)
+			X509Certificate x509Cert)
+		{
+//			if (!(cert is X509Certificate))
+//			{
+//				return false;
+//			}
+//
+//			X509Certificate x509Cert = (X509Certificate)cert;
+
+			if (form is V2Form)
+			{
+				V2Form issuer = (V2Form) form;
+				if (issuer.BaseCertificateID != null)
+				{
+					return issuer.BaseCertificateID.Serial.Value.Equals(x509Cert.SerialNumber)
+						&& MatchesDN(x509Cert.IssuerDN, issuer.BaseCertificateID.Issuer);
+				}
+
+				return MatchesDN(x509Cert.SubjectDN, issuer.IssuerName);
+			}
+
+			return MatchesDN(x509Cert.SubjectDN, (GeneralNames) form);
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+			{
+				return true;
+			}
+
+			if (!(obj is AttributeCertificateIssuer))
+			{
+				return false;
+			}
+
+			AttributeCertificateIssuer other = (AttributeCertificateIssuer)obj;
+
+			return this.form.Equals(other.form);
+		}
+
+		public override int GetHashCode()
+		{
+			return this.form.GetHashCode();
+		}
+
+		public bool Match(
+			object obj)
+		{
+			if (!(obj is X509Certificate))
+			{
+				return false;
+			}
+
+			//return Match((Certificate)obj);
+			return Match((X509Certificate)obj);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/IX509AttributeCertificate.cs b/bc-sharp-crypto/src/x509/IX509AttributeCertificate.cs
new file mode 100644
index 0000000..9a3004e
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/IX509AttributeCertificate.cs
@@ -0,0 +1,57 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <remarks>Interface for an X.509 Attribute Certificate.</remarks>
+	public interface IX509AttributeCertificate
+		: IX509Extension
+	{
+		/// <summary>The version number for the certificate.</summary>
+		int Version { get; }
+
+		/// <summary>The serial number for the certificate.</summary>
+		BigInteger SerialNumber { get; }
+
+		/// <summary>The UTC DateTime before which the certificate is not valid.</summary>
+		DateTime NotBefore { get; }
+
+		/// <summary>The UTC DateTime after which the certificate is not valid.</summary>
+		DateTime NotAfter { get; }
+
+		/// <summary>The holder of the certificate.</summary>
+		AttributeCertificateHolder Holder { get; }
+
+		/// <summary>The issuer details for the certificate.</summary>
+		AttributeCertificateIssuer Issuer { get; }
+
+		/// <summary>Return the attributes contained in the attribute block in the certificate.</summary>
+		/// <returns>An array of attributes.</returns>
+		X509Attribute[] GetAttributes();
+
+		/// <summary>Return the attributes with the same type as the passed in oid.</summary>
+		/// <param name="oid">The object identifier we wish to match.</param>
+		/// <returns>An array of matched attributes, null if there is no match.</returns>
+		X509Attribute[] GetAttributes(string oid);
+
+		bool[] GetIssuerUniqueID();
+
+		bool IsValidNow { get; }
+		bool IsValid(DateTime date);
+
+		void CheckValidity();
+		void CheckValidity(DateTime date);
+
+		byte[] GetSignature();
+
+		void Verify(AsymmetricKeyParameter publicKey);
+
+		/// <summary>Return an ASN.1 encoded byte array representing the attribute certificate.</summary>
+		/// <returns>An ASN.1 encoded byte array.</returns>
+		/// <exception cref="IOException">If the certificate cannot be encoded.</exception>
+		byte[] GetEncoded();
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/IX509Extension.cs b/bc-sharp-crypto/src/x509/IX509Extension.cs
new file mode 100644
index 0000000..e861e87
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/IX509Extension.cs
@@ -0,0 +1,27 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.X509
+{
+	public interface IX509Extension
+	{
+		/// <summary>
+		/// Get all critical extension values, by oid
+		/// </summary>
+		/// <returns>IDictionary with string (OID) keys and Asn1OctetString values</returns>
+		ISet GetCriticalExtensionOids();
+
+		/// <summary>
+		/// Get all non-critical extension values, by oid
+		/// </summary>
+		/// <returns>IDictionary with string (OID) keys and Asn1OctetString values</returns>
+		ISet GetNonCriticalExtensionOids();
+
+		[Obsolete("Use version taking a DerObjectIdentifier instead")]
+		Asn1OctetString GetExtensionValue(string oid);
+
+		Asn1OctetString GetExtensionValue(DerObjectIdentifier oid);
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/PEMParser.cs b/bc-sharp-crypto/src/x509/PEMParser.cs
new file mode 100644
index 0000000..28f28ee
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/PEMParser.cs
@@ -0,0 +1,95 @@
+using System;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace Org.BouncyCastle.X509
+{
+	class PemParser
+	{
+		private readonly string _header1;
+		private readonly string _header2;
+		private readonly string _footer1;
+		private readonly string _footer2;
+
+		internal PemParser(
+			string type)
+		{
+			_header1 = "-----BEGIN " + type + "-----";
+			_header2 = "-----BEGIN X509 " + type + "-----";
+			_footer1 = "-----END " + type + "-----";
+			_footer2 = "-----END X509 " + type + "-----";
+		}
+
+		private string ReadLine(
+			Stream inStream)
+		{
+			int c;
+			StringBuilder l = new StringBuilder();
+
+			do
+			{
+				while (((c = inStream.ReadByte()) != '\r') && c != '\n' && (c >= 0))
+				{
+					if (c == '\r')
+					{
+						continue;
+					}
+
+					l.Append((char)c);
+				}
+			}
+			while (c >= 0 && l.Length == 0);
+
+			if (c < 0)
+			{
+				return null;
+			}
+
+			return l.ToString();
+		}
+
+		internal Asn1Sequence ReadPemObject(
+			Stream inStream)
+		{
+			string line;
+			StringBuilder pemBuf = new StringBuilder();
+
+			while ((line = ReadLine(inStream)) != null)
+			{
+                if (Platform.StartsWith(line, _header1) || Platform.StartsWith(line, _header2))
+				{
+					break;
+				}
+			}
+
+			while ((line = ReadLine(inStream)) != null)
+			{
+                if (Platform.StartsWith(line, _footer1) || Platform.StartsWith(line, _footer2))
+				{
+					break;
+				}
+
+				pemBuf.Append(line);
+			}
+
+			if (pemBuf.Length != 0)
+			{
+				Asn1Object o = Asn1Object.FromByteArray(Base64.Decode(pemBuf.ToString()));
+
+				if (!(o is Asn1Sequence))
+				{
+					throw new IOException("malformed PEM data encountered");
+				}
+
+				return (Asn1Sequence) o;
+			}
+
+			return null;
+		}
+	}
+}
+
diff --git a/bc-sharp-crypto/src/x509/PrincipalUtil.cs b/bc-sharp-crypto/src/x509/PrincipalUtil.cs
new file mode 100644
index 0000000..0edc4a3
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/PrincipalUtil.cs
@@ -0,0 +1,70 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <remarks>
+	/// A utility class that will extract X509Principal objects from X.509 certificates.
+	/// <p>
+	/// Use this in preference to trying to recreate a principal from a string, not all
+	/// DNs are what they should be, so it's best to leave them encoded where they
+	/// can be.</p>
+	/// </remarks>
+	public class PrincipalUtilities
+	{
+		/// <summary>Return the issuer of the given cert as an X509Principal.</summary>
+		public static X509Name GetIssuerX509Principal(
+			X509Certificate cert)
+		{
+			try
+			{
+				TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance(
+					Asn1Object.FromByteArray(cert.GetTbsCertificate()));
+
+				return tbsCert.Issuer;
+			}
+			catch (Exception e)
+			{
+				throw new CertificateEncodingException("Could not extract issuer", e);
+			}
+		}
+
+		/// <summary>Return the subject of the given cert as an X509Principal.</summary>
+		public static X509Name GetSubjectX509Principal(
+			X509Certificate cert)
+		{
+			try
+			{
+				TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance(
+					Asn1Object.FromByteArray(cert.GetTbsCertificate()));
+
+				return tbsCert.Subject;
+			}
+			catch (Exception e)
+			{
+				throw new CertificateEncodingException("Could not extract subject", e);
+			}
+		}
+
+		/// <summary>Return the issuer of the given CRL as an X509Principal.</summary>
+		public static X509Name GetIssuerX509Principal(
+			X509Crl crl)
+		{
+			try
+			{
+				TbsCertificateList tbsCertList = TbsCertificateList.GetInstance(
+					Asn1Object.FromByteArray(crl.GetTbsCertList()));
+
+				return tbsCertList.Issuer;
+			}
+			catch (Exception e)
+			{
+				throw new CrlException("Could not extract issuer", e);
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/SubjectPublicKeyInfoFactory.cs b/bc-sharp-crypto/src/x509/SubjectPublicKeyInfoFactory.cs
new file mode 100644
index 0000000..7614321
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/SubjectPublicKeyInfoFactory.cs
@@ -0,0 +1,184 @@
+using System;
+
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509
+{
+    /// <summary>
+    /// A factory to produce Public Key Info Objects.
+    /// </summary>
+    public sealed class SubjectPublicKeyInfoFactory
+    {
+        private SubjectPublicKeyInfoFactory()
+        {
+        }
+
+        /// <summary>
+        /// Create a Subject Public Key Info object for a given public key.
+        /// </summary>
+        /// <param name="key">One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters</param>
+        /// <returns>A subject public key info object.</returns>
+        /// <exception cref="Exception">Throw exception if object provided is not one of the above.</exception>
+        public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo(
+            AsymmetricKeyParameter key)
+        {
+            if (key == null)
+                throw new ArgumentNullException("key");
+            if (key.IsPrivate)
+                throw new ArgumentException("Private key passed - public key expected.", "key");
+
+            if (key is ElGamalPublicKeyParameters)
+            {
+                ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)key;
+                ElGamalParameters kp = _key.Parameters;
+
+                SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+                    new AlgorithmIdentifier(
+                        OiwObjectIdentifiers.ElGamalAlgorithm,
+                        new ElGamalParameter(kp.P, kp.G).ToAsn1Object()),
+                        new DerInteger(_key.Y));
+
+                return info;
+            }
+
+            if (key is DsaPublicKeyParameters)
+            {
+                DsaPublicKeyParameters _key = (DsaPublicKeyParameters) key;
+                DsaParameters kp = _key.Parameters;
+                Asn1Encodable ae = kp == null
+                    ?	null
+                    :	new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object();
+
+                return new SubjectPublicKeyInfo(
+                    new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae),
+                    new DerInteger(_key.Y));
+            }
+
+            if (key is DHPublicKeyParameters)
+            {
+                DHPublicKeyParameters _key = (DHPublicKeyParameters) key;
+                DHParameters kp = _key.Parameters;
+
+                SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+                    new AlgorithmIdentifier(
+                        _key.AlgorithmOid,
+                        new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()),
+                        new DerInteger(_key.Y));
+
+                return info;
+            } // End of DH
+
+            if (key is RsaKeyParameters)
+            {
+                RsaKeyParameters _key = (RsaKeyParameters) key;
+
+                SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
+                    new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance),
+                    new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object());
+
+                return info;
+            } // End of RSA.
+
+            if (key is ECPublicKeyParameters)
+            {
+                ECPublicKeyParameters _key = (ECPublicKeyParameters) key;
+
+                if (_key.AlgorithmName == "ECGOST3410")
+                {
+                    if (_key.PublicKeyParamSet == null)
+                        throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
+
+                    ECPoint q = _key.Q.Normalize();
+                    BigInteger bX = q.AffineXCoord.ToBigInteger();
+                    BigInteger bY = q.AffineYCoord.ToBigInteger();
+
+                    byte[] encKey = new byte[64];
+                    ExtractBytes(encKey, 0, bX);
+                    ExtractBytes(encKey, 32, bY);
+
+                    Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters(
+                        _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
+
+                    AlgorithmIdentifier algID = new AlgorithmIdentifier(
+                        CryptoProObjectIdentifiers.GostR3410x2001,
+                        gostParams.ToAsn1Object());
+
+                    return new SubjectPublicKeyInfo(algID, new DerOctetString(encKey));
+                }
+                else
+                {
+                    X962Parameters x962;
+                    if (_key.PublicKeyParamSet == null)
+                    {
+                        ECDomainParameters kp = _key.Parameters;
+                        X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed());
+
+                        x962 = new X962Parameters(ecP);
+                    }
+                    else
+                    {
+                        x962 = new X962Parameters(_key.PublicKeyParamSet);
+                    }
+
+                    Asn1OctetString p = (Asn1OctetString)(new X9ECPoint(_key.Q).ToAsn1Object());
+
+                    AlgorithmIdentifier algID = new AlgorithmIdentifier(
+                        X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object());
+
+                    return new SubjectPublicKeyInfo(algID, p.GetOctets());
+                }
+            } // End of EC
+
+            if (key is Gost3410PublicKeyParameters)
+            {
+                Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters) key;
+
+                if (_key.PublicKeyParamSet == null)
+                    throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set");
+
+                byte[] keyEnc = _key.Y.ToByteArrayUnsigned();
+                byte[] keyBytes = new byte[keyEnc.Length];
+
+                for (int i = 0; i != keyBytes.Length; i++)
+                {
+                    keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian
+                }
+
+                Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters(
+                    _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet);
+
+                AlgorithmIdentifier algID = new AlgorithmIdentifier(
+                    CryptoProObjectIdentifiers.GostR3410x94,
+                    algParams.ToAsn1Object());
+
+                return new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes));
+            }
+
+            throw new ArgumentException("Class provided no convertible: " + Platform.GetTypeName(key));
+        }
+
+        private static void ExtractBytes(
+            byte[]		encKey,
+            int			offset,
+            BigInteger	bI)
+        {
+            byte[] val = bI.ToByteArray();
+            int n = (bI.BitLength + 7) / 8;
+
+            for (int i = 0; i < n; ++i)
+            {
+                encKey[offset + i] = val[val.Length - 1 - i];
+            }
+        }
+    }
+}
diff --git a/bc-sharp-crypto/src/x509/X509AttrCertParser.cs b/bc-sharp-crypto/src/x509/X509AttrCertParser.cs
new file mode 100644
index 0000000..a5c0736
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509AttrCertParser.cs
@@ -0,0 +1,173 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.X509
+{
+	public class X509AttrCertParser
+	{
+		private static readonly PemParser PemAttrCertParser = new PemParser("ATTRIBUTE CERTIFICATE");
+
+		private Asn1Set	sData;
+		private int		sDataObjectCount;
+		private Stream	currentStream;
+
+		private IX509AttributeCertificate ReadDerCertificate(
+			Asn1InputStream dIn)
+		{
+			Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
+
+			if (seq.Count > 1 && seq[0] is DerObjectIdentifier)
+			{
+				if (seq[0].Equals(PkcsObjectIdentifiers.SignedData))
+				{
+					sData = SignedData.GetInstance(
+						Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Certificates;
+
+					return GetCertificate();
+				}
+			}
+
+//			return new X509V2AttributeCertificate(seq.getEncoded());
+			return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq));
+		}
+
+		private IX509AttributeCertificate GetCertificate()
+		{
+			if (sData != null)
+			{
+				while (sDataObjectCount < sData.Count)
+				{
+					object obj = sData[sDataObjectCount++];
+
+					if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 2)
+					{
+						//return new X509V2AttributeCertificate(
+						//	Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false).GetEncoded());
+						return new X509V2AttributeCertificate(
+							AttributeCertificate.GetInstance(
+								Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false)));
+					}
+				}
+			}
+
+			return null;
+		}
+
+		private IX509AttributeCertificate ReadPemCertificate(
+			Stream inStream)
+		{
+			Asn1Sequence seq = PemAttrCertParser.ReadPemObject(inStream);
+
+			return seq == null
+				?	null
+				//:	new X509V2AttributeCertificate(seq.getEncoded());
+				:	new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq));
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public IX509AttributeCertificate ReadAttrCert(
+			byte[] input)
+		{
+			return ReadAttrCert(new MemoryStream(input, false));
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public ICollection ReadAttrCerts(
+			byte[] input)
+		{
+			return ReadAttrCerts(new MemoryStream(input, false));
+		}
+
+		/**
+		 * Generates a certificate object and initializes it with the data
+		 * read from the input stream inStream.
+		 */
+		public IX509AttributeCertificate ReadAttrCert(
+			Stream inStream)
+		{
+			if (inStream == null)
+				throw new ArgumentNullException("inStream");
+			if (!inStream.CanRead)
+				throw new ArgumentException("inStream must be read-able", "inStream");
+
+			if (currentStream == null)
+			{
+				currentStream = inStream;
+				sData = null;
+				sDataObjectCount = 0;
+			}
+			else if (currentStream != inStream) // reset if input stream has changed
+			{
+				currentStream = inStream;
+				sData = null;
+				sDataObjectCount = 0;
+			}
+
+			try
+			{
+				if (sData != null)
+				{
+					if (sDataObjectCount != sData.Count)
+					{
+						return GetCertificate();
+					}
+
+					sData = null;
+					sDataObjectCount = 0;
+					return null;
+				}
+
+				PushbackStream pis = new PushbackStream(inStream);
+				int tag = pis.ReadByte();
+
+				if (tag < 0)
+					return null;
+
+				pis.Unread(tag);
+
+				if (tag != 0x30)  // assume ascii PEM encoded.
+				{
+					return ReadPemCertificate(pis);
+				}
+
+				return ReadDerCertificate(new Asn1InputStream(pis));
+			}
+			catch (Exception e)
+			{
+				throw new CertificateException(e.ToString());
+			}
+		}
+
+		/**
+		 * Returns a (possibly empty) collection view of the certificates
+		 * read from the given input stream inStream.
+		 */
+		public ICollection ReadAttrCerts(
+			Stream inStream)
+		{
+			IX509AttributeCertificate attrCert;
+            IList attrCerts = Platform.CreateArrayList();
+
+			while ((attrCert = ReadAttrCert(inStream)) != null)
+			{
+				attrCerts.Add(attrCert);
+			}
+
+			return attrCerts;
+		}
+	}
+}
\ No newline at end of file
diff --git a/bc-sharp-crypto/src/x509/X509Attribute.cs b/bc-sharp-crypto/src/x509/X509Attribute.cs
new file mode 100644
index 0000000..248d66c
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509Attribute.cs
@@ -0,0 +1,76 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * Class for carrying the values in an X.509 Attribute.
+	 */
+	public class X509Attribute
+		: Asn1Encodable
+	{
+		private readonly AttributeX509 attr;
+
+		/**
+		 * @param at an object representing an attribute.
+		 */
+		internal X509Attribute(
+			Asn1Encodable at)
+		{
+			this.attr = AttributeX509.GetInstance(at);
+		}
+
+		/**
+		 * Create an X.509 Attribute with the type given by the passed in oid and
+		 * the value represented by an ASN.1 Set containing value.
+		 *
+		 * @param oid type of the attribute
+		 * @param value value object to go into the atribute's value set.
+		 */
+		public X509Attribute(
+			string			oid,
+			Asn1Encodable	value)
+		{
+			this.attr = new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value));
+		}
+
+		/**
+		 * Create an X.59 Attribute with the type given by the passed in oid and the
+		 * value represented by an ASN.1 Set containing the objects in value.
+		 *
+		 * @param oid type of the attribute
+		 * @param value vector of values to go in the attribute's value set.
+		 */
+		public X509Attribute(
+			string              oid,
+			Asn1EncodableVector value)
+		{
+			this.attr = new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value));
+		}
+
+		public string Oid
+		{
+			get { return attr.AttrType.Id; }
+		}
+
+		public Asn1Encodable[] GetValues()
+		{
+			Asn1Set s = attr.AttrValues;
+			Asn1Encodable[] values = new Asn1Encodable[s.Count];
+
+			for (int i = 0; i != s.Count; i++)
+			{
+				values[i] = (Asn1Encodable)s[i];
+			}
+
+			return values;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return attr.ToAsn1Object();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509CertPairParser.cs b/bc-sharp-crypto/src/x509/X509CertPairParser.cs
new file mode 100644
index 0000000..8261259
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509CertPairParser.cs
@@ -0,0 +1,95 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.X509
+{
+	public class X509CertPairParser
+	{
+		private Stream currentStream;
+
+		private X509CertificatePair ReadDerCrossCertificatePair(
+			Stream inStream)
+		{
+			Asn1InputStream dIn = new Asn1InputStream(inStream);//, ProviderUtil.getReadLimit(in));
+			Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
+			CertificatePair pair = CertificatePair.GetInstance(seq);
+			return new X509CertificatePair(pair);
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public X509CertificatePair ReadCertPair(
+			byte[] input)
+		{
+			return ReadCertPair(new MemoryStream(input, false));
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public ICollection ReadCertPairs(
+			byte[] input)
+		{
+			return ReadCertPairs(new MemoryStream(input, false));
+		}
+
+		public X509CertificatePair ReadCertPair(
+			Stream inStream)
+		{
+			if (inStream == null)
+				throw new ArgumentNullException("inStream");
+			if (!inStream.CanRead)
+				throw new ArgumentException("inStream must be read-able", "inStream");
+
+			if (currentStream == null)
+			{
+				currentStream = inStream;
+			}
+			else if (currentStream != inStream) // reset if input stream has changed
+			{
+				currentStream = inStream;
+			}
+
+			try
+			{
+				PushbackStream pis = new PushbackStream(inStream);
+				int tag = pis.ReadByte();
+
+				if (tag < 0)
+					return null;
+
+				pis.Unread(tag);
+
+				return ReadDerCrossCertificatePair(pis);
+			}
+			catch (Exception e)
+			{
+				throw new CertificateException(e.ToString());
+			}
+		}
+
+		public ICollection ReadCertPairs(
+			Stream inStream)
+		{
+			X509CertificatePair certPair;
+			IList certPairs = Platform.CreateArrayList();
+
+			while ((certPair = ReadCertPair(inStream)) != null)
+			{
+				certPairs.Add(certPair);
+			}
+
+			return certPairs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509Certificate.cs b/bc-sharp-crypto/src/x509/X509Certificate.cs
new file mode 100644
index 0000000..6d7bd7a
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509Certificate.cs
@@ -0,0 +1,604 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Misc;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509.Extension;
+using Org.BouncyCastle.Crypto.Operators;
+
+namespace Org.BouncyCastle.X509
+{
+    /// <summary>
+    /// An Object representing an X509 Certificate.
+    /// Has static methods for loading Certificates encoded in many forms that return X509Certificate Objects.
+    /// </summary>
+    public class X509Certificate
+		:	X509ExtensionBase
+//		, PKCS12BagAttributeCarrier
+    {
+        private readonly X509CertificateStructure c;
+//        private Hashtable pkcs12Attributes = new Hashtable();
+//        private ArrayList pkcs12Ordering = new ArrayList();
+		private readonly BasicConstraints basicConstraints;
+		private readonly bool[] keyUsage;
+
+		private bool hashValueSet;
+		private int hashValue;
+
+		protected X509Certificate()
+		{
+		}
+
+		public X509Certificate(
+			X509CertificateStructure c)
+		{
+			this.c = c;
+
+			try
+			{
+				Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.19"));
+
+				if (str != null)
+				{
+					basicConstraints = BasicConstraints.GetInstance(
+						X509ExtensionUtilities.FromExtensionValue(str));
+				}
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException("cannot construct BasicConstraints: " + e);
+			}
+
+			try
+			{
+				Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.15"));
+
+				if (str != null)
+				{
+					DerBitString bits = DerBitString.GetInstance(
+						X509ExtensionUtilities.FromExtensionValue(str));
+
+					byte[] bytes = bits.GetBytes();
+					int length = (bytes.Length * 8) - bits.PadBits;
+
+					keyUsage = new bool[(length < 9) ? 9 : length];
+
+					for (int i = 0; i != length; i++)
+					{
+//						keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+						keyUsage[i] = (bytes[i / 8] & (0x80 >> (i % 8))) != 0;
+					}
+				}
+				else
+				{
+					keyUsage = null;
+				}
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException("cannot construct KeyUsage: " + e);
+			}
+		}
+
+//		internal X509Certificate(
+//			Asn1Sequence seq)
+//        {
+//            this.c = X509CertificateStructure.GetInstance(seq);
+//        }
+
+//		/// <summary>
+//        /// Load certificate from byte array.
+//        /// </summary>
+//        /// <param name="encoded">Byte array containing encoded X509Certificate.</param>
+//        public X509Certificate(
+//            byte[] encoded)
+//			: this((Asn1Sequence) new Asn1InputStream(encoded).ReadObject())
+//		{
+//        }
+//
+//        /// <summary>
+//        /// Load certificate from Stream.
+//        /// Must be positioned at start of certificate.
+//        /// </summary>
+//        /// <param name="input"></param>
+//        public X509Certificate(
+//            Stream input)
+//			: this((Asn1Sequence) new Asn1InputStream(input).ReadObject())
+//        {
+//        }
+
+		public virtual X509CertificateStructure CertificateStructure
+		{
+			get { return c; }
+		}
+
+		/// <summary>
+        /// Return true if the current time is within the start and end times nominated on the certificate.
+        /// </summary>
+        /// <returns>true id certificate is valid for the current time.</returns>
+        public virtual bool IsValidNow
+        {
+			get { return IsValid(DateTime.UtcNow); }
+        }
+
+		/// <summary>
+        /// Return true if the nominated time is within the start and end times nominated on the certificate.
+        /// </summary>
+        /// <param name="time">The time to test validity against.</param>
+        /// <returns>True if certificate is valid for nominated time.</returns>
+        public virtual bool IsValid(
+			DateTime time)
+        {
+            return time.CompareTo(NotBefore) >= 0 && time.CompareTo(NotAfter) <= 0;
+        }
+
+		/// <summary>
+		/// Checks if the current date is within certificate's validity period.
+		/// </summary>
+		public virtual void CheckValidity()
+		{
+			this.CheckValidity(DateTime.UtcNow);
+		}
+
+		/// <summary>
+		/// Checks if the given date is within certificate's validity period.
+		/// </summary>
+		/// <exception cref="CertificateExpiredException">if the certificate is expired by given date</exception>
+		/// <exception cref="CertificateNotYetValidException">if the certificate is not yet valid on given date</exception>
+		public virtual void CheckValidity(
+			DateTime time)
+		{
+			if (time.CompareTo(NotAfter) > 0)
+				throw new CertificateExpiredException("certificate expired on " + c.EndDate.GetTime());
+			if (time.CompareTo(NotBefore) < 0)
+				throw new CertificateNotYetValidException("certificate not valid until " + c.StartDate.GetTime());
+		}
+
+		/// <summary>
+        /// Return the certificate's version.
+        /// </summary>
+        /// <returns>An integer whose value Equals the version of the cerficate.</returns>
+        public virtual int Version
+        {
+            get { return c.Version; }
+        }
+
+		/// <summary>
+        /// Return a <see cref="Org.BouncyCastle.Math.BigInteger">BigInteger</see> containing the serial number.
+        /// </summary>
+        /// <returns>The Serial number.</returns>
+        public virtual BigInteger SerialNumber
+        {
+            get { return c.SerialNumber.Value; }
+        }
+
+		/// <summary>
+        /// Get the Issuer Distinguished Name. (Who signed the certificate.)
+        /// </summary>
+        /// <returns>And X509Object containing name and value pairs.</returns>
+//        public IPrincipal IssuerDN
+		public virtual X509Name IssuerDN
+		{
+            get { return c.Issuer; }
+        }
+
+		/// <summary>
+        /// Get the subject of this certificate.
+        /// </summary>
+        /// <returns>An X509Name object containing name and value pairs.</returns>
+//        public IPrincipal SubjectDN
+		public virtual X509Name SubjectDN
+		{
+            get { return c.Subject; }
+        }
+
+		/// <summary>
+		/// The time that this certificate is valid from.
+		/// </summary>
+		/// <returns>A DateTime object representing that time in the local time zone.</returns>
+		public virtual DateTime NotBefore
+		{
+			get { return c.StartDate.ToDateTime(); }
+		}
+
+		/// <summary>
+        /// The time that this certificate is valid up to.
+        /// </summary>
+        /// <returns>A DateTime object representing that time in the local time zone.</returns>
+        public virtual DateTime NotAfter
+        {
+			get { return c.EndDate.ToDateTime(); }
+        }
+
+		/// <summary>
+		/// Return the Der encoded TbsCertificate data.
+		/// This is the certificate component less the signature.
+		/// To Get the whole certificate call the GetEncoded() member.
+		/// </summary>
+		/// <returns>A byte array containing the Der encoded Certificate component.</returns>
+		public virtual byte[] GetTbsCertificate()
+		{
+			return c.TbsCertificate.GetDerEncoded();
+		}
+
+		/// <summary>
+		/// The signature.
+		/// </summary>
+		/// <returns>A byte array containg the signature of the certificate.</returns>
+		public virtual byte[] GetSignature()
+		{
+			return c.GetSignatureOctets();
+		}
+
+        /// <summary>
+		/// A meaningful version of the Signature Algorithm. (EG SHA1WITHRSA)
+		/// </summary>
+		/// <returns>A sting representing the signature algorithm.</returns>
+		public virtual string SigAlgName
+		{
+            get { return SignerUtilities.GetEncodingName(c.SignatureAlgorithm.Algorithm); }
+		}
+
+		/// <summary>
+		/// Get the Signature Algorithms Object ID.
+		/// </summary>
+		/// <returns>A string containg a '.' separated object id.</returns>
+		public virtual string SigAlgOid
+		{
+            get { return c.SignatureAlgorithm.Algorithm.Id; }
+		}
+
+		/// <summary>
+		/// Get the signature algorithms parameters. (EG DSA Parameters)
+		/// </summary>
+		/// <returns>A byte array containing the Der encoded version of the parameters or null if there are none.</returns>
+		public virtual byte[] GetSigAlgParams()
+		{
+			if (c.SignatureAlgorithm.Parameters != null)
+			{
+				return c.SignatureAlgorithm.Parameters.GetDerEncoded();
+			}
+
+			return null;
+		}
+
+		/// <summary>
+		/// Get the issuers UID.
+		/// </summary>
+		/// <returns>A DerBitString.</returns>
+		public virtual DerBitString IssuerUniqueID
+		{
+			get { return c.TbsCertificate.IssuerUniqueID; }
+		}
+
+		/// <summary>
+		/// Get the subjects UID.
+		/// </summary>
+		/// <returns>A DerBitString.</returns>
+		public virtual DerBitString SubjectUniqueID
+		{
+			get { return c.TbsCertificate.SubjectUniqueID; }
+		}
+
+		/// <summary>
+		/// Get a key usage guidlines.
+		/// </summary>
+		public virtual bool[] GetKeyUsage()
+		{
+			return keyUsage == null ? null : (bool[]) keyUsage.Clone();
+		}
+
+		// TODO Replace with something that returns a list of DerObjectIdentifier
+		public virtual IList GetExtendedKeyUsage()
+		{
+			Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.37"));
+
+			if (str == null)
+				return null;
+
+			try
+			{
+				Asn1Sequence seq = Asn1Sequence.GetInstance(
+					X509ExtensionUtilities.FromExtensionValue(str));
+
+                IList list = Platform.CreateArrayList();
+
+				foreach (DerObjectIdentifier oid in seq)
+				{
+					list.Add(oid.Id);
+				}
+
+				return list;
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException("error processing extended key usage extension", e);
+			}
+		}
+
+		public virtual int GetBasicConstraints()
+		{
+			if (basicConstraints != null && basicConstraints.IsCA())
+			{
+				if (basicConstraints.PathLenConstraint == null)
+				{
+					return int.MaxValue;
+				}
+
+				return basicConstraints.PathLenConstraint.IntValue;
+			}
+
+			return -1;
+		}
+
+		public virtual ICollection GetSubjectAlternativeNames()
+		{
+			return GetAlternativeNames("2.5.29.17");
+		}
+
+		public virtual ICollection GetIssuerAlternativeNames()
+		{
+			return GetAlternativeNames("2.5.29.18");
+		}
+
+		protected virtual ICollection GetAlternativeNames(
+			string oid)
+		{
+			Asn1OctetString altNames = GetExtensionValue(new DerObjectIdentifier(oid));
+
+			if (altNames == null)
+				return null;
+
+			Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(altNames);
+
+			GeneralNames gns = GeneralNames.GetInstance(asn1Object);
+
+            IList result = Platform.CreateArrayList();
+			foreach (GeneralName gn in gns.GetNames())
+			{
+                IList entry = Platform.CreateArrayList();
+				entry.Add(gn.TagNo);
+				entry.Add(gn.Name.ToString());
+				result.Add(entry);
+			}
+			return result;
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return c.Version >= 3
+				?	c.TbsCertificate.Extensions
+				:	null;
+		}
+
+		/// <summary>
+		/// Get the public key of the subject of the certificate.
+		/// </summary>
+		/// <returns>The public key parameters.</returns>
+		public virtual AsymmetricKeyParameter GetPublicKey()
+		{
+			return PublicKeyFactory.CreateKey(c.SubjectPublicKeyInfo);
+		}
+
+		/// <summary>
+		/// Return a Der encoded version of this certificate.
+		/// </summary>
+		/// <returns>A byte array.</returns>
+		public virtual byte[] GetEncoded()
+		{
+			return c.GetDerEncoded();
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			X509Certificate other = obj as X509Certificate;
+
+			if (other == null)
+				return false;
+
+			return c.Equals(other.c);
+
+			// NB: May prefer this implementation of Equals if more than one certificate implementation in play
+//			return Arrays.AreEqual(this.GetEncoded(), other.GetEncoded());
+		}
+
+		public override int GetHashCode()
+		{
+			lock (this)
+			{
+				if (!hashValueSet)
+				{
+					hashValue = c.GetHashCode();
+					hashValueSet = true;
+				}
+			}
+
+			return hashValue;
+		}
+
+//		public void setBagAttribute(
+//			DERObjectIdentifier oid,
+//			DEREncodable        attribute)
+//		{
+//			pkcs12Attributes.put(oid, attribute);
+//			pkcs12Ordering.addElement(oid);
+//		}
+//
+//		public DEREncodable getBagAttribute(
+//			DERObjectIdentifier oid)
+//		{
+//			return (DEREncodable)pkcs12Attributes.get(oid);
+//		}
+//
+//		public Enumeration getBagAttributeKeys()
+//		{
+//			return pkcs12Ordering.elements();
+//		}
+
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			string nl = Platform.NewLine;
+
+			buf.Append("  [0]         Version: ").Append(this.Version).Append(nl);
+			buf.Append("         SerialNumber: ").Append(this.SerialNumber).Append(nl);
+			buf.Append("             IssuerDN: ").Append(this.IssuerDN).Append(nl);
+			buf.Append("           Start Date: ").Append(this.NotBefore).Append(nl);
+			buf.Append("           Final Date: ").Append(this.NotAfter).Append(nl);
+			buf.Append("            SubjectDN: ").Append(this.SubjectDN).Append(nl);
+			buf.Append("           Public Key: ").Append(this.GetPublicKey()).Append(nl);
+			buf.Append("  Signature Algorithm: ").Append(this.SigAlgName).Append(nl);
+
+			byte[] sig = this.GetSignature();
+			buf.Append("            Signature: ").Append(Hex.ToHexString(sig, 0, 20)).Append(nl);
+
+			for (int i = 20; i < sig.Length; i += 20)
+			{
+				int len = System.Math.Min(20, sig.Length - i);
+				buf.Append("                       ").Append(Hex.ToHexString(sig, i, len)).Append(nl);
+			}
+
+			X509Extensions extensions = c.TbsCertificate.Extensions;
+
+			if (extensions != null)
+			{
+				IEnumerator e = extensions.ExtensionOids.GetEnumerator();
+
+				if (e.MoveNext())
+				{
+					buf.Append("       Extensions: \n");
+				}
+
+				do
+				{
+					DerObjectIdentifier oid = (DerObjectIdentifier)e.Current;
+					X509Extension ext = extensions.GetExtension(oid);
+
+					if (ext.Value != null)
+					{
+						byte[] octs = ext.Value.GetOctets();
+						Asn1Object obj = Asn1Object.FromByteArray(octs);
+						buf.Append("                       critical(").Append(ext.IsCritical).Append(") ");
+						try
+						{
+							if (oid.Equals(X509Extensions.BasicConstraints))
+							{
+								buf.Append(BasicConstraints.GetInstance(obj));
+							}
+							else if (oid.Equals(X509Extensions.KeyUsage))
+							{
+								buf.Append(KeyUsage.GetInstance(obj));
+							}
+							else if (oid.Equals(MiscObjectIdentifiers.NetscapeCertType))
+							{
+								buf.Append(new NetscapeCertType((DerBitString) obj));
+							}
+							else if (oid.Equals(MiscObjectIdentifiers.NetscapeRevocationUrl))
+							{
+								buf.Append(new NetscapeRevocationUrl((DerIA5String) obj));
+							}
+							else if (oid.Equals(MiscObjectIdentifiers.VerisignCzagExtension))
+							{
+								buf.Append(new VerisignCzagExtension((DerIA5String) obj));
+							}
+							else
+							{
+								buf.Append(oid.Id);
+								buf.Append(" value = ").Append(Asn1Dump.DumpAsString(obj));
+								//buf.Append(" value = ").Append("*****").Append(nl);
+							}
+						}
+						catch (Exception)
+						{
+							buf.Append(oid.Id);
+							//buf.Append(" value = ").Append(new string(Hex.encode(ext.getValue().getOctets()))).Append(nl);
+							buf.Append(" value = ").Append("*****");
+						}
+					}
+
+					buf.Append(nl);
+				}
+				while (e.MoveNext());
+			}
+
+			return buf.ToString();
+		}
+
+		/// <summary>
+		/// Verify the certificate's signature using the nominated public key.
+		/// </summary>
+		/// <param name="key">An appropriate public key parameter object, RsaPublicKeyParameters, DsaPublicKeyParameters or ECDsaPublicKeyParameters</param>
+		/// <returns>True if the signature is valid.</returns>
+		/// <exception cref="Exception">If key submitted is not of the above nominated types.</exception>
+		public virtual void Verify(
+			AsymmetricKeyParameter key)
+		{
+			CheckSignature(new Asn1VerifierFactory(c.SignatureAlgorithm, key));
+		}
+
+        /// <summary>
+        /// Verify the certificate's signature using a verifier created using the passed in verifier provider.
+        /// </summary>
+        /// <param name="verifierProvider">An appropriate provider for verifying the certificate's signature.</param>
+        /// <returns>True if the signature is valid.</returns>
+        /// <exception cref="Exception">If verifier provider is not appropriate or the certificate algorithm is invalid.</exception>
+        public virtual void Verify(
+            IVerifierFactoryProvider verifierProvider)
+        {
+            CheckSignature(verifierProvider.CreateVerifierFactory (c.SignatureAlgorithm));
+        }
+
+        protected virtual void CheckSignature(
+			IVerifierFactory verifier)
+		{
+			if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature))
+				throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
+
+			Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;
+
+            IStreamCalculator streamCalculator = verifier.CreateCalculator();
+
+			byte[] b = this.GetTbsCertificate();
+
+			streamCalculator.Stream.Write(b, 0, b.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature()))
+			{
+				throw new InvalidKeyException("Public key presented not for certificate signature");
+			}
+		}
+
+		private static bool IsAlgIDEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2)
+		{
+            if (!id1.Algorithm.Equals(id2.Algorithm))
+				return false;
+
+			Asn1Encodable p1 = id1.Parameters;
+			Asn1Encodable p2 = id2.Parameters;
+
+			if ((p1 == null) == (p2 == null))
+				return Platform.Equals(p1, p2);
+
+			// Exactly one of p1, p2 is null at this point
+			return p1 == null
+				?	p2.ToAsn1Object() is Asn1Null
+				:	p1.ToAsn1Object() is Asn1Null;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509CertificatePair.cs b/bc-sharp-crypto/src/x509/X509CertificatePair.cs
new file mode 100644
index 0000000..fbeba4d
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509CertificatePair.cs
@@ -0,0 +1,123 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <remarks>
+	/// This class contains a cross certificate pair. Cross certificates pairs may
+	/// contain two cross signed certificates from two CAs. A certificate from the
+	/// other CA to this CA is contained in the forward certificate, the certificate
+	/// from this CA to the other CA is contained in the reverse certificate.
+	/// </remarks>
+	public class X509CertificatePair
+	{
+		private readonly X509Certificate forward;
+		private readonly X509Certificate reverse;
+
+		/// <summary>Constructor</summary>
+		/// <param name="forward">Certificate from the other CA to this CA.</param>
+		/// <param name="reverse">Certificate from this CA to the other CA.</param>
+		public X509CertificatePair(
+			X509Certificate	forward,
+			X509Certificate	reverse)
+		{
+			this.forward = forward;
+			this.reverse = reverse;
+		}
+
+		/// <summary>Constructor from a ASN.1 CertificatePair structure.</summary>
+		/// <param name="pair">The <c>CertificatePair</c> ASN.1 object.</param>
+		public X509CertificatePair(
+			CertificatePair pair)
+		{
+			if (pair.Forward != null)
+			{
+				this.forward = new X509Certificate(pair.Forward);
+			}
+			if (pair.Reverse != null)
+			{
+				this.reverse = new X509Certificate(pair.Reverse);
+			}
+		}
+
+		public byte[] GetEncoded()
+		{
+			try
+			{
+				X509CertificateStructure f = null, r = null;
+
+				if (forward != null)
+				{
+					f = X509CertificateStructure.GetInstance(
+						Asn1Object.FromByteArray(forward.GetEncoded()));
+
+					if (f == null)
+						throw new CertificateEncodingException("unable to get encoding for forward");
+				}
+
+				if (reverse != null)
+				{
+					r = X509CertificateStructure.GetInstance(
+						Asn1Object.FromByteArray(reverse.GetEncoded()));
+
+					if (r == null)
+						throw new CertificateEncodingException("unable to get encoding for reverse");
+				}
+
+				return new CertificatePair(f, r).GetDerEncoded();
+			}
+			catch (Exception e)
+			{
+				// TODO
+//				throw new ExtCertificateEncodingException(e.toString(), e);
+				throw new CertificateEncodingException(e.Message, e);
+			}
+		}
+
+		/// <summary>Returns the certificate from the other CA to this CA.</summary>
+		public X509Certificate Forward
+		{
+			get { return forward; }
+		}
+
+		/// <summary>Returns the certificate from this CA to the other CA.</summary>
+		public X509Certificate Reverse
+		{
+			get { return reverse; }
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			X509CertificatePair other = obj as X509CertificatePair;
+
+			if (other == null)
+				return false;
+
+			return Platform.Equals(this.forward, other.forward)
+				&& Platform.Equals(this.reverse, other.reverse);
+		}
+
+		public override int GetHashCode()
+		{
+			int hash = -1;
+			if (forward != null)
+			{
+				hash ^= forward.GetHashCode();
+			}
+			if (reverse != null)
+			{
+				hash *= 17;
+				hash ^= reverse.GetHashCode();
+			}
+			return hash;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509CertificateParser.cs b/bc-sharp-crypto/src/x509/X509CertificateParser.cs
new file mode 100644
index 0000000..8f0e740
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509CertificateParser.cs
@@ -0,0 +1,183 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * class for dealing with X509 certificates.
+	 * <p>
+	 * At the moment this will deal with "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----"
+	 * base 64 encoded certs, as well as the BER binaries of certificates and some classes of PKCS#7
+	 * objects.</p>
+	 */
+	public class X509CertificateParser
+	{
+		private static readonly PemParser PemCertParser = new PemParser("CERTIFICATE");
+
+		private Asn1Set	sData;
+		private int		sDataObjectCount;
+		private Stream	currentStream;
+
+		private X509Certificate ReadDerCertificate(
+			Asn1InputStream dIn)
+		{
+			Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
+
+			if (seq.Count > 1 && seq[0] is DerObjectIdentifier)
+			{
+				if (seq[0].Equals(PkcsObjectIdentifiers.SignedData))
+				{
+					sData = SignedData.GetInstance(
+						Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Certificates;
+
+					return GetCertificate();
+				}
+			}
+
+			return CreateX509Certificate(X509CertificateStructure.GetInstance(seq));
+		}
+
+		private X509Certificate GetCertificate()
+		{
+			if (sData != null)
+			{
+				while (sDataObjectCount < sData.Count)
+				{
+					object obj = sData[sDataObjectCount++];
+
+					if (obj is Asn1Sequence)
+					{
+						return CreateX509Certificate(
+							X509CertificateStructure.GetInstance(obj));
+					}
+				}
+			}
+
+			return null;
+		}
+
+		private X509Certificate ReadPemCertificate(
+			Stream inStream)
+		{
+			Asn1Sequence seq = PemCertParser.ReadPemObject(inStream);
+
+			return seq == null
+				?	null
+				:	CreateX509Certificate(X509CertificateStructure.GetInstance(seq));
+		}
+
+		protected virtual X509Certificate CreateX509Certificate(
+			X509CertificateStructure c)
+		{
+			return new X509Certificate(c);
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public X509Certificate ReadCertificate(
+			byte[] input)
+		{
+			return ReadCertificate(new MemoryStream(input, false));
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public ICollection ReadCertificates(
+			byte[] input)
+		{
+			return ReadCertificates(new MemoryStream(input, false));
+		}
+
+		/**
+		 * Generates a certificate object and initializes it with the data
+		 * read from the input stream inStream.
+		 */
+		public X509Certificate ReadCertificate(
+			Stream inStream)
+		{
+			if (inStream == null)
+				throw new ArgumentNullException("inStream");
+			if (!inStream.CanRead)
+				throw new ArgumentException("inStream must be read-able", "inStream");
+
+			if (currentStream == null)
+			{
+				currentStream = inStream;
+				sData = null;
+				sDataObjectCount = 0;
+			}
+			else if (currentStream != inStream) // reset if input stream has changed
+			{
+				currentStream = inStream;
+				sData = null;
+				sDataObjectCount = 0;
+			}
+
+			try
+			{
+				if (sData != null)
+				{
+					if (sDataObjectCount != sData.Count)
+					{
+						return GetCertificate();
+					}
+
+					sData = null;
+					sDataObjectCount = 0;
+					return null;
+				}
+
+				PushbackStream pis = new PushbackStream(inStream);
+				int tag = pis.ReadByte();
+
+				if (tag < 0)
+					return null;
+
+				pis.Unread(tag);
+
+				if (tag != 0x30)  // assume ascii PEM encoded.
+				{
+					return ReadPemCertificate(pis);
+				}
+
+				return ReadDerCertificate(new Asn1InputStream(pis));
+			}
+			catch (Exception e)
+			{
+				throw new CertificateException("Failed to read certificate", e);
+			}
+		}
+
+		/**
+		 * Returns a (possibly empty) collection view of the certificates
+		 * read from the given input stream inStream.
+		 */
+		public ICollection ReadCertificates(
+			Stream inStream)
+		{
+			X509Certificate cert;
+            IList certs = Platform.CreateArrayList();
+
+			while ((cert = ReadCertificate(inStream)) != null)
+			{
+				certs.Add(cert);
+			}
+
+			return certs;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509Crl.cs b/bc-sharp-crypto/src/x509/X509Crl.cs
new file mode 100644
index 0000000..ecfb141
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509Crl.cs
@@ -0,0 +1,426 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.X509.Extension;
+using Org.BouncyCastle.Crypto.Operators;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * The following extensions are listed in RFC 2459 as relevant to CRLs
+	 *
+	 * Authority Key Identifier
+	 * Issuer Alternative Name
+	 * CRL Number
+	 * Delta CRL Indicator (critical)
+	 * Issuing Distribution Point (critical)
+	 */
+	public class X509Crl
+		: X509ExtensionBase
+		// TODO Add interface Crl?
+	{
+		private readonly CertificateList c;
+		private readonly string sigAlgName;
+		private readonly byte[] sigAlgParams;
+		private readonly bool isIndirect;
+
+		public X509Crl(
+			CertificateList c)
+		{
+			this.c = c;
+
+			try
+			{
+				this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
+
+				if (c.SignatureAlgorithm.Parameters != null)
+				{
+					this.sigAlgParams = ((Asn1Encodable)c.SignatureAlgorithm.Parameters).GetDerEncoded();
+				}
+				else
+				{
+					this.sigAlgParams = null;
+				}
+
+				this.isIndirect = IsIndirectCrl;
+			}
+			catch (Exception e)
+			{
+				throw new CrlException("CRL contents invalid: " + e);
+			}
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return c.Version >= 2
+				?	c.TbsCertList.Extensions
+				:	null;
+		}
+
+		public virtual byte[] GetEncoded()
+		{
+			try
+			{
+				return c.GetDerEncoded();
+			}
+			catch (Exception e)
+			{
+				throw new CrlException(e.ToString());
+			}
+		}
+
+		public virtual void Verify(
+			AsymmetricKeyParameter publicKey)
+		{
+            Verify(new Asn1VerifierFactoryProvider(publicKey));
+		}
+
+        /// <summary>
+        /// Verify the CRL's signature using a verifier created using the passed in verifier provider.
+        /// </summary>
+        /// <param name="verifierProvider">An appropriate provider for verifying the CRL's signature.</param>
+        /// <returns>True if the signature is valid.</returns>
+        /// <exception cref="Exception">If verifier provider is not appropriate or the CRL algorithm is invalid.</exception>
+        public virtual void Verify(
+            IVerifierFactoryProvider verifierProvider)
+        {
+            CheckSignature(verifierProvider.CreateVerifierFactory(c.SignatureAlgorithm));
+        }
+
+        protected virtual void CheckSignature(
+            IVerifierFactory verifier)
+        {
+            if (!c.SignatureAlgorithm.Equals(c.TbsCertList.Signature))
+            {
+                throw new CrlException("Signature algorithm on CertificateList does not match TbsCertList.");
+            }
+
+            Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;
+
+            IStreamCalculator streamCalculator = verifier.CreateCalculator();
+
+            byte[] b = this.GetTbsCertList();
+
+            streamCalculator.Stream.Write(b, 0, b.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature()))
+            {
+                throw new InvalidKeyException("CRL does not verify with supplied public key.");
+            }
+        }
+
+        public virtual int Version
+		{
+			get { return c.Version; }
+		}
+
+		public virtual X509Name IssuerDN
+		{
+			get { return c.Issuer; }
+		}
+
+		public virtual DateTime ThisUpdate
+		{
+			get { return c.ThisUpdate.ToDateTime(); }
+		}
+
+		public virtual DateTimeObject NextUpdate
+		{
+			get
+			{
+				return c.NextUpdate == null
+					?	null
+					:	new DateTimeObject(c.NextUpdate.ToDateTime());
+			}
+		}
+
+		private ISet LoadCrlEntries()
+		{
+			ISet entrySet = new HashSet();
+			IEnumerable certs = c.GetRevokedCertificateEnumeration();
+
+			X509Name previousCertificateIssuer = IssuerDN;
+			foreach (CrlEntry entry in certs)
+			{
+				X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);
+				entrySet.Add(crlEntry);
+				previousCertificateIssuer = crlEntry.GetCertificateIssuer();
+			}
+
+			return entrySet;
+		}
+
+		public virtual X509CrlEntry GetRevokedCertificate(
+			BigInteger serialNumber)
+		{
+			IEnumerable certs = c.GetRevokedCertificateEnumeration();
+
+			X509Name previousCertificateIssuer = IssuerDN;
+			foreach (CrlEntry entry in certs)
+			{
+				X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer);
+
+				if (serialNumber.Equals(entry.UserCertificate.Value))
+				{
+					return crlEntry;
+				}
+
+				previousCertificateIssuer = crlEntry.GetCertificateIssuer();
+			}
+
+			return null;
+		}
+
+		public virtual ISet GetRevokedCertificates()
+		{
+			ISet entrySet = LoadCrlEntries();
+
+			if (entrySet.Count > 0)
+			{
+				return entrySet; // TODO? Collections.unmodifiableSet(entrySet);
+			}
+
+			return null;
+		}
+
+		public virtual byte[] GetTbsCertList()
+		{
+			try
+			{
+				return c.TbsCertList.GetDerEncoded();
+			}
+			catch (Exception e)
+			{
+				throw new CrlException(e.ToString());
+			}
+		}
+
+		public virtual byte[] GetSignature()
+		{
+			return c.GetSignatureOctets();
+		}
+
+		public virtual string SigAlgName
+		{
+			get { return sigAlgName; }
+		}
+
+		public virtual string SigAlgOid
+		{
+            get { return c.SignatureAlgorithm.Algorithm.Id; }
+		}
+
+		public virtual byte[] GetSigAlgParams()
+		{
+			return Arrays.Clone(sigAlgParams);
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			X509Crl other = obj as X509Crl;
+
+			if (other == null)
+				return false;
+
+			return c.Equals(other.c);
+
+			// NB: May prefer this implementation of Equals if more than one certificate implementation in play
+			//return Arrays.AreEqual(this.GetEncoded(), other.GetEncoded());
+		}
+
+		public override int GetHashCode()
+		{
+			return c.GetHashCode();
+		}
+
+		/**
+		 * Returns a string representation of this CRL.
+		 *
+		 * @return a string representation of this CRL.
+		 */
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			string nl = Platform.NewLine;
+
+			buf.Append("              Version: ").Append(this.Version).Append(nl);
+			buf.Append("             IssuerDN: ").Append(this.IssuerDN).Append(nl);
+			buf.Append("          This update: ").Append(this.ThisUpdate).Append(nl);
+			buf.Append("          Next update: ").Append(this.NextUpdate).Append(nl);
+			buf.Append("  Signature Algorithm: ").Append(this.SigAlgName).Append(nl);
+
+			byte[] sig = this.GetSignature();
+
+			buf.Append("            Signature: ");
+			buf.Append(Hex.ToHexString(sig, 0, 20)).Append(nl);
+
+			for (int i = 20; i < sig.Length; i += 20)
+			{
+				int count = System.Math.Min(20, sig.Length - i);
+				buf.Append("                       ");
+				buf.Append(Hex.ToHexString(sig, i, count)).Append(nl);
+			}
+
+			X509Extensions extensions = c.TbsCertList.Extensions;
+
+			if (extensions != null)
+			{
+				IEnumerator e = extensions.ExtensionOids.GetEnumerator();
+
+				if (e.MoveNext())
+				{
+					buf.Append("           Extensions: ").Append(nl);
+				}
+
+				do
+				{
+					DerObjectIdentifier oid = (DerObjectIdentifier) e.Current;
+					X509Extension ext = extensions.GetExtension(oid);
+
+					if (ext.Value != null)
+					{
+						Asn1Object asn1Value = X509ExtensionUtilities.FromExtensionValue(ext.Value);
+
+						buf.Append("                       critical(").Append(ext.IsCritical).Append(") ");
+						try
+						{
+							if (oid.Equals(X509Extensions.CrlNumber))
+							{
+								buf.Append(new CrlNumber(DerInteger.GetInstance(asn1Value).PositiveValue)).Append(nl);
+							}
+							else if (oid.Equals(X509Extensions.DeltaCrlIndicator))
+							{
+								buf.Append(
+									"Base CRL: "
+									+ new CrlNumber(DerInteger.GetInstance(
+									asn1Value).PositiveValue))
+									.Append(nl);
+							}
+							else if (oid.Equals(X509Extensions.IssuingDistributionPoint))
+							{
+								buf.Append(IssuingDistributionPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl);
+							}
+							else if (oid.Equals(X509Extensions.CrlDistributionPoints))
+							{
+								buf.Append(CrlDistPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl);
+							}
+							else if (oid.Equals(X509Extensions.FreshestCrl))
+							{
+								buf.Append(CrlDistPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl);
+							}
+							else
+							{
+								buf.Append(oid.Id);
+								buf.Append(" value = ").Append(
+									Asn1Dump.DumpAsString(asn1Value))
+									.Append(nl);
+							}
+						}
+						catch (Exception)
+						{
+							buf.Append(oid.Id);
+							buf.Append(" value = ").Append("*****").Append(nl);
+						}
+					}
+					else
+					{
+						buf.Append(nl);
+					}
+				}
+				while (e.MoveNext());
+			}
+
+			ISet certSet = GetRevokedCertificates();
+			if (certSet != null)
+			{
+				foreach (X509CrlEntry entry in certSet)
+				{
+					buf.Append(entry);
+					buf.Append(nl);
+				}
+			}
+
+			return buf.ToString();
+		}
+
+		/**
+		 * Checks whether the given certificate is on this CRL.
+		 *
+		 * @param cert the certificate to check for.
+		 * @return true if the given certificate is on this CRL,
+		 * false otherwise.
+		 */
+//		public bool IsRevoked(
+//			Certificate cert)
+//		{
+//			if (!cert.getType().Equals("X.509"))
+//			{
+//				throw new RuntimeException("X.509 CRL used with non X.509 Cert");
+//			}
+		public virtual bool IsRevoked(
+			X509Certificate cert)
+		{
+			CrlEntry[] certs = c.GetRevokedCertificates();
+
+			if (certs != null)
+			{
+//				BigInteger serial = ((X509Certificate)cert).SerialNumber;
+				BigInteger serial = cert.SerialNumber;
+
+				for (int i = 0; i < certs.Length; i++)
+				{
+					if (certs[i].UserCertificate.Value.Equals(serial))
+					{
+						return true;
+					}
+				}
+			}
+
+			return false;
+		}
+
+		protected virtual bool IsIndirectCrl
+		{
+			get
+			{
+				Asn1OctetString idp = GetExtensionValue(X509Extensions.IssuingDistributionPoint);
+				bool isIndirect = false;
+
+				try
+				{
+					if (idp != null)
+					{
+						isIndirect = IssuingDistributionPoint.GetInstance(
+							X509ExtensionUtilities.FromExtensionValue(idp)).IsIndirectCrl;
+					}
+				}
+				catch (Exception e)
+				{
+					// TODO
+//					throw new ExtCrlException("Exception reading IssuingDistributionPoint", e);
+					throw new CrlException("Exception reading IssuingDistributionPoint" + e);
+				}
+
+				return isIndirect;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509CrlEntry.cs b/bc-sharp-crypto/src/x509/X509CrlEntry.cs
new file mode 100644
index 0000000..caca294
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509CrlEntry.cs
@@ -0,0 +1,201 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Utilities;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * The following extensions are listed in RFC 2459 as relevant to CRL Entries
+	 *
+	 * ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
+	 * (critical)
+	 */
+	public class X509CrlEntry
+		: X509ExtensionBase
+	{
+		private CrlEntry	c;
+		private bool		isIndirect;
+		private X509Name	previousCertificateIssuer;
+		private X509Name	certificateIssuer;
+
+		public X509CrlEntry(
+			CrlEntry c)
+		{
+			this.c = c;
+			this.certificateIssuer = loadCertificateIssuer();
+		}
+
+		/**
+		* Constructor for CRLEntries of indirect CRLs. If <code>isIndirect</code>
+		* is <code>false</code> {@link #getCertificateIssuer()} will always
+		* return <code>null</code>, <code>previousCertificateIssuer</code> is
+		* ignored. If this <code>isIndirect</code> is specified and this CrlEntry
+		* has no certificate issuer CRL entry extension
+		* <code>previousCertificateIssuer</code> is returned by
+		* {@link #getCertificateIssuer()}.
+		*
+		* @param c
+		*            TbsCertificateList.CrlEntry object.
+		* @param isIndirect
+		*            <code>true</code> if the corresponding CRL is a indirect
+		*            CRL.
+		* @param previousCertificateIssuer
+		*            Certificate issuer of the previous CrlEntry.
+		*/
+		public X509CrlEntry(
+			CrlEntry		c,
+			bool			isIndirect,
+			X509Name		previousCertificateIssuer)
+		{
+			this.c = c;
+			this.isIndirect = isIndirect;
+			this.previousCertificateIssuer = previousCertificateIssuer;
+			this.certificateIssuer = loadCertificateIssuer();
+		}
+
+		private X509Name loadCertificateIssuer()
+		{
+			if (!isIndirect)
+			{
+				return null;
+			}
+
+			Asn1OctetString ext = GetExtensionValue(X509Extensions.CertificateIssuer);
+			if (ext == null)
+			{
+				return previousCertificateIssuer;
+			}
+
+			try
+			{
+				GeneralName[] names = GeneralNames.GetInstance(
+					X509ExtensionUtilities.FromExtensionValue(ext)).GetNames();
+
+				for (int i = 0; i < names.Length; i++)
+				{
+					if (names[i].TagNo == GeneralName.DirectoryName)
+					{
+						return X509Name.GetInstance(names[i].Name);
+					}
+				}
+			}
+			catch (Exception)
+			{
+			}
+
+			return null;
+		}
+
+		public X509Name GetCertificateIssuer()
+		{
+			return certificateIssuer;
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return c.Extensions;
+		}
+
+		public byte[] GetEncoded()
+		{
+			try
+			{
+				return c.GetDerEncoded();
+			}
+			catch (Exception e)
+			{
+				throw new CrlException(e.ToString());
+			}
+		}
+
+		public BigInteger SerialNumber
+		{
+			get { return c.UserCertificate.Value; }
+		}
+
+		public DateTime RevocationDate
+		{
+			get { return c.RevocationDate.ToDateTime(); }
+		}
+
+		public bool HasExtensions
+		{
+			get { return c.Extensions != null; }
+		}
+
+		public override string ToString()
+		{
+			StringBuilder buf = new StringBuilder();
+			string nl = Platform.NewLine;
+
+			buf.Append("        userCertificate: ").Append(this.SerialNumber).Append(nl);
+			buf.Append("         revocationDate: ").Append(this.RevocationDate).Append(nl);
+			buf.Append("      certificateIssuer: ").Append(this.GetCertificateIssuer()).Append(nl);
+
+			X509Extensions extensions = c.Extensions;
+
+			if (extensions != null)
+			{
+				IEnumerator e = extensions.ExtensionOids.GetEnumerator();
+				if (e.MoveNext())
+				{
+					buf.Append("   crlEntryExtensions:").Append(nl);
+
+					do
+					{
+						DerObjectIdentifier oid = (DerObjectIdentifier)e.Current;
+						X509Extension ext = extensions.GetExtension(oid);
+
+						if (ext.Value != null)
+						{
+							Asn1Object obj = Asn1Object.FromByteArray(ext.Value.GetOctets());
+
+							buf.Append("                       critical(")
+								.Append(ext.IsCritical)
+								.Append(") ");
+							try
+							{
+								if (oid.Equals(X509Extensions.ReasonCode))
+								{
+									buf.Append(new CrlReason(DerEnumerated.GetInstance(obj)));
+								}
+								else if (oid.Equals(X509Extensions.CertificateIssuer))
+								{
+									buf.Append("Certificate issuer: ").Append(
+										GeneralNames.GetInstance((Asn1Sequence)obj));
+								}
+								else 
+								{
+									buf.Append(oid.Id);
+									buf.Append(" value = ").Append(Asn1Dump.DumpAsString(obj));
+								}
+								buf.Append(nl);
+							}
+							catch (Exception)
+							{
+								buf.Append(oid.Id);
+								buf.Append(" value = ").Append("*****").Append(nl);
+							}
+						}
+						else
+						{
+							buf.Append(nl);
+						}
+					}
+					while (e.MoveNext());
+				}
+			}
+
+			return buf.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509CrlParser.cs b/bc-sharp-crypto/src/x509/X509CrlParser.cs
new file mode 100644
index 0000000..d830bb9
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509CrlParser.cs
@@ -0,0 +1,195 @@
+using System;
+using System.Collections;
+using System.IO;
+using System.Text;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Encoders;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.X509
+{
+	public class X509CrlParser
+	{
+		private static readonly PemParser PemCrlParser = new PemParser("CRL");
+
+		private readonly bool lazyAsn1;
+
+		private Asn1Set	sCrlData;
+		private int		sCrlDataObjectCount;
+		private Stream	currentCrlStream;
+
+		public X509CrlParser()
+			: this(false)
+		{
+		}
+
+		public X509CrlParser(
+			bool lazyAsn1)
+		{
+			this.lazyAsn1 = lazyAsn1;
+		}
+
+		private X509Crl ReadPemCrl(
+			Stream inStream)
+		{
+			Asn1Sequence seq = PemCrlParser.ReadPemObject(inStream);
+
+			return seq == null
+				?	null
+				:	CreateX509Crl(CertificateList.GetInstance(seq));
+		}
+
+		private X509Crl ReadDerCrl(
+			Asn1InputStream dIn)
+		{
+			Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
+
+			if (seq.Count > 1 && seq[0] is DerObjectIdentifier)
+			{
+				if (seq[0].Equals(PkcsObjectIdentifiers.SignedData))
+				{
+					sCrlData = SignedData.GetInstance(
+						Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Crls;
+
+					return GetCrl();
+				}
+			}
+
+			return CreateX509Crl(CertificateList.GetInstance(seq));
+		}
+
+		private X509Crl GetCrl()
+		{
+			if (sCrlData == null || sCrlDataObjectCount >= sCrlData.Count)
+			{
+				return null;
+			}
+
+			return CreateX509Crl(
+				CertificateList.GetInstance(
+					sCrlData[sCrlDataObjectCount++]));
+		}
+
+		protected virtual X509Crl CreateX509Crl(
+			CertificateList c)
+		{
+			return new X509Crl(c);
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public X509Crl ReadCrl(
+			byte[] input)
+		{
+			return ReadCrl(new MemoryStream(input, false));
+		}
+
+		/// <summary>
+		/// Create loading data from byte array.
+		/// </summary>
+		/// <param name="input"></param>
+		public ICollection ReadCrls(
+			byte[] input)
+		{
+			return ReadCrls(new MemoryStream(input, false));
+		}
+
+		/**
+		 * Generates a certificate revocation list (CRL) object and initializes
+		 * it with the data read from the input stream inStream.
+		 */
+		public X509Crl ReadCrl(
+			Stream inStream)
+		{
+			if (inStream == null)
+				throw new ArgumentNullException("inStream");
+			if (!inStream.CanRead)
+				throw new ArgumentException("inStream must be read-able", "inStream");
+
+			if (currentCrlStream == null)
+			{
+				currentCrlStream = inStream;
+				sCrlData = null;
+				sCrlDataObjectCount = 0;
+			}
+			else if (currentCrlStream != inStream) // reset if input stream has changed
+			{
+				currentCrlStream = inStream;
+				sCrlData = null;
+				sCrlDataObjectCount = 0;
+			}
+
+			try
+			{
+				if (sCrlData != null)
+				{
+					if (sCrlDataObjectCount != sCrlData.Count)
+					{
+						return GetCrl();
+					}
+
+					sCrlData = null;
+					sCrlDataObjectCount = 0;
+					return null;
+				}
+
+				PushbackStream pis = new PushbackStream(inStream);
+				int tag = pis.ReadByte();
+
+				if (tag < 0)
+					return null;
+
+				pis.Unread(tag);
+
+				if (tag != 0x30)	// assume ascii PEM encoded.
+				{
+					return ReadPemCrl(pis);
+				}
+
+				Asn1InputStream asn1 = lazyAsn1
+					?	new LazyAsn1InputStream(pis)
+					:	new Asn1InputStream(pis);
+
+				return ReadDerCrl(asn1);
+			}
+			catch (CrlException e)
+			{
+				throw e;
+			}
+			catch (Exception e)
+			{
+				throw new CrlException(e.ToString());
+			}
+		}
+
+		/**
+		 * Returns a (possibly empty) collection view of the CRLs read from
+		 * the given input stream inStream.
+		 *
+		 * The inStream may contain a sequence of DER-encoded CRLs, or
+		 * a PKCS#7 CRL set.  This is a PKCS#7 SignedData object, with the
+		 * only significant field being crls.  In particular the signature
+		 * and the contents are ignored.
+		 */
+		public ICollection ReadCrls(
+			Stream inStream)
+		{
+			X509Crl crl;
+			IList crls = Platform.CreateArrayList();
+
+			while ((crl = ReadCrl(inStream)) != null)
+			{
+				crls.Add(crl);
+			}
+
+			return crls;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509ExtensionBase.cs b/bc-sharp-crypto/src/x509/X509ExtensionBase.cs
new file mode 100644
index 0000000..aaf6695
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509ExtensionBase.cs
@@ -0,0 +1,82 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.X509
+{
+	public abstract class X509ExtensionBase
+		: IX509Extension
+	{
+		protected abstract X509Extensions GetX509Extensions();
+
+		protected virtual ISet GetExtensionOids(
+			bool critical)
+		{
+			X509Extensions extensions = GetX509Extensions();
+			if (extensions != null)
+			{
+				HashSet set = new HashSet();
+				foreach (DerObjectIdentifier oid in extensions.ExtensionOids)
+				{
+					X509Extension ext = extensions.GetExtension(oid);
+					if (ext.IsCritical == critical)
+					{
+						set.Add(oid.Id);
+					}
+				}
+
+				return set;
+			}
+
+			return null;
+		}
+
+		/// <summary>
+		/// Get non critical extensions.
+		/// </summary>
+		/// <returns>A set of non critical extension oids.</returns>
+		public virtual ISet GetNonCriticalExtensionOids()
+		{
+			return GetExtensionOids(false);
+		}
+
+		/// <summary>
+		/// Get any critical extensions.
+		/// </summary>
+		/// <returns>A sorted list of critical entension.</returns>
+		public virtual ISet GetCriticalExtensionOids()
+		{
+			return GetExtensionOids(true);
+		}
+
+		/// <summary>
+		/// Get the value of a given extension.
+		/// </summary>
+		/// <param name="oid">The object ID of the extension. </param>
+		/// <returns>An Asn1OctetString object if that extension is found or null if not.</returns>
+		[Obsolete("Use version taking a DerObjectIdentifier instead")]
+		public Asn1OctetString GetExtensionValue(
+			string oid)
+		{
+			return GetExtensionValue(new DerObjectIdentifier(oid));
+		}
+
+		public virtual Asn1OctetString GetExtensionValue(
+			DerObjectIdentifier oid)
+		{
+			X509Extensions exts = GetX509Extensions();
+			if (exts != null)
+			{
+				X509Extension ext = exts.GetExtension(oid);
+				if (ext != null)
+				{
+					return ext.Value;
+				}
+			}
+
+			return null;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509KeyUsage.cs b/bc-sharp-crypto/src/x509/X509KeyUsage.cs
new file mode 100644
index 0000000..e0a7b49
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509KeyUsage.cs
@@ -0,0 +1,59 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	 * A holding class for constructing an X509 Key Usage extension.
+	 *
+	 * <pre>
+	 *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+	 *
+	 *    KeyUsage ::= BIT STRING {
+	 *         digitalSignature        (0),
+	 *         nonRepudiation          (1),
+	 *         keyEncipherment         (2),
+	 *         dataEncipherment        (3),
+	 *         keyAgreement            (4),
+	 *         keyCertSign             (5),
+	 *         cRLSign                 (6),
+	 *         encipherOnly            (7),
+	 *         decipherOnly            (8) }
+	 * </pre>
+	 */
+	public class X509KeyUsage
+		: Asn1Encodable
+	{
+		public const int DigitalSignature = 1 << 7;
+		public const int NonRepudiation   = 1 << 6;
+		public const int KeyEncipherment  = 1 << 5;
+		public const int DataEncipherment = 1 << 4;
+		public const int KeyAgreement     = 1 << 3;
+		public const int KeyCertSign      = 1 << 2;
+		public const int CrlSign          = 1 << 1;
+		public const int EncipherOnly     = 1 << 0;
+		public const int DecipherOnly     = 1 << 15;
+
+		private readonly int usage;
+
+		/**
+		 * Basic constructor.
+		 *
+		 * @param usage - the bitwise OR of the Key Usage flags giving the
+		 * allowed uses for the key.
+		 * e.g. (X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment)
+		 */
+		public X509KeyUsage(
+			int usage)
+		{
+			this.usage = usage;
+		}
+
+		public override Asn1Object ToAsn1Object()
+		{
+			return new KeyUsage(usage);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509SignatureUtil.cs b/bc-sharp-crypto/src/x509/X509SignatureUtil.cs
new file mode 100644
index 0000000..83863ae
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509SignatureUtil.cs
@@ -0,0 +1,128 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.X509
+{
+	internal class X509SignatureUtilities
+	{
+		private static readonly Asn1Null derNull = DerNull.Instance;
+
+		internal static void SetSignatureParameters(
+			ISigner			signature,
+			Asn1Encodable	parameters)
+		{
+			if (parameters != null && !derNull.Equals(parameters))
+			{
+				// TODO Put back in
+//				AlgorithmParameters sigParams = AlgorithmParameters.GetInstance(signature.getAlgorithm());
+//
+//				try
+//				{
+//					sigParams.Init(parameters.ToAsn1Object().GetDerEncoded());
+//				}
+//				catch (IOException e)
+//				{
+//					throw new SignatureException("IOException decoding parameters: " + e.Message);
+//				}
+//
+//				if (Platform.EndsWith(signature.getAlgorithm(), "MGF1"))
+//				{
+//					try
+//					{
+//						signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
+//					}
+//					catch (GeneralSecurityException e)
+//					{
+//						throw new SignatureException("Exception extracting parameters: " + e.Message);
+//					}
+//				}
+			}
+		}
+
+		internal static string GetSignatureName(
+			AlgorithmIdentifier sigAlgId)
+		{
+			Asn1Encodable parameters = sigAlgId.Parameters;
+
+			if (parameters != null && !derNull.Equals(parameters))
+			{
+                if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
+				{
+					RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters);
+
+                    return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1";
+				}
+                if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
+				{
+					Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters);
+
+					return GetDigestAlgName((DerObjectIdentifier)ecDsaParams[0]) + "withECDSA";
+				}
+			}
+
+            return sigAlgId.Algorithm.Id;
+		}
+
+		/**
+		 * Return the digest algorithm using one of the standard JCA string
+		 * representations rather than the algorithm identifier (if possible).
+		 */
+		private static string GetDigestAlgName(
+			DerObjectIdentifier digestAlgOID)
+		{
+			if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID))
+			{
+				return "MD5";
+			}
+			else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID))
+			{
+				return "SHA1";
+			}
+			else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID))
+			{
+				return "SHA224";
+			}
+			else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID))
+			{
+				return "SHA256";
+			}
+			else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID))
+			{
+				return "SHA384";
+			}
+			else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID))
+			{
+				return "SHA512";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID))
+			{
+				return "RIPEMD128";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID))
+			{
+				return "RIPEMD160";
+			}
+			else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID))
+			{
+				return "RIPEMD256";
+			}
+			else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID))
+			{
+				return "GOST3411";
+			}
+			else
+			{
+				return digestAlgOID.Id;
+			}
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509Utilities.cs b/bc-sharp-crypto/src/x509/X509Utilities.cs
new file mode 100644
index 0000000..52a122c
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509Utilities.cs
@@ -0,0 +1,187 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.CryptoPro;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Oiw;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.TeleTrust;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.X509
+{
+	internal class X509Utilities
+	{
+        private static readonly IDictionary algorithms = Platform.CreateHashtable();
+        private static readonly IDictionary exParams = Platform.CreateHashtable();
+		private static readonly ISet        noParams = new HashSet();
+
+		static X509Utilities()
+		{
+			algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
+			algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
+			algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss);
+			algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
+			algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
+			algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
+			algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
+			algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
+			algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
+			algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384);
+			algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512);
+			algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
+			algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
+			algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
+			algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
+			algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
+			algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+			algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
+			// The parameters field SHALL be NULL for RSA based signature algorithms.
+			//
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
+			noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
+			noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha224);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha256);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha384);
+			noParams.Add(NistObjectIdentifiers.DsaWithSha512);
+
+			//
+			// RFC 4491
+			//
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
+			noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001);
+
+			//
+			// explicit params
+			//
+			AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
+			exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20));
+
+			AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance);
+			exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28));
+
+			AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance);
+			exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32));
+
+			AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance);
+			exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48));
+
+			AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance);
+			exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64));
+		}
+
+		private static RsassaPssParameters CreatePssParams(
+			AlgorithmIdentifier	hashAlgId,
+			int					saltSize)
+		{
+			return new RsassaPssParameters(
+				hashAlgId,
+				new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId),
+				new DerInteger(saltSize),
+				new DerInteger(1));
+		}
+
+		internal static DerObjectIdentifier GetAlgorithmOid(
+			string algorithmName)
+		{
+			algorithmName = Platform.ToUpperInvariant(algorithmName);
+
+            if (algorithms.Contains(algorithmName))
+			{
+				return (DerObjectIdentifier) algorithms[algorithmName];
+			}
+
+			return new DerObjectIdentifier(algorithmName);
+		}
+
+		internal static AlgorithmIdentifier GetSigAlgID(
+			DerObjectIdentifier sigOid,
+			string				algorithmName)
+		{
+			if (noParams.Contains(sigOid))
+			{
+				return new AlgorithmIdentifier(sigOid);
+			}
+
+            algorithmName = Platform.ToUpperInvariant(algorithmName);
+
+			if (exParams.Contains(algorithmName))
+			{
+				return new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]);
+			}
+
+			return new AlgorithmIdentifier(sigOid, DerNull.Instance);
+		}
+
+		internal static IEnumerable GetAlgNames()
+		{
+			return new EnumerableProxy(algorithms.Keys);
+		}
+
+		internal static byte[] GetSignatureForObject(
+			DerObjectIdentifier		sigOid, // TODO Redundant now?
+			string					sigName,
+			AsymmetricKeyParameter	privateKey,
+			SecureRandom			random,
+			Asn1Encodable			ae)
+		{
+			if (sigOid == null)
+				throw new ArgumentNullException("sigOid");
+
+			ISigner sig = SignerUtilities.GetSigner(sigName);
+
+			if (random != null)
+			{
+				sig.Init(true, new ParametersWithRandom(privateKey, random));
+			}
+			else
+			{
+				sig.Init(true, privateKey);
+			}
+
+			byte[] encoded = ae.GetDerEncoded();
+			sig.BlockUpdate(encoded, 0, encoded.Length);
+
+			return sig.GenerateSignature();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509V1CertificateGenerator.cs b/bc-sharp-crypto/src/x509/X509V1CertificateGenerator.cs
new file mode 100644
index 0000000..9adebcb
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509V1CertificateGenerator.cs
@@ -0,0 +1,210 @@
+using System;
+using System.IO;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <summary>
+	/// Class to Generate X509V1 Certificates.
+	/// </summary>
+	public class X509V1CertificateGenerator
+	{
+		private V1TbsCertificateGenerator   tbsGen;
+		private DerObjectIdentifier         sigOID;
+		private AlgorithmIdentifier         sigAlgId;
+		private string                      signatureAlgorithm;
+
+		/// <summary>
+		/// Default Constructor.
+		/// </summary>
+		public X509V1CertificateGenerator()
+		{
+			tbsGen = new V1TbsCertificateGenerator();
+		}
+
+		/// <summary>
+		/// Reset the generator.
+		/// </summary>
+		public void Reset()
+		{
+			tbsGen = new V1TbsCertificateGenerator();
+		}
+
+		/// <summary>
+		/// Set the certificate's serial number.
+		/// </summary>
+		/// <remarks>Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data.
+		/// You will be surprised how ugly a serial number collision can get.</remarks>
+		/// <param name="serialNumber">The serial number.</param>
+		public void SetSerialNumber(
+			BigInteger serialNumber)
+		{
+			if (serialNumber.SignValue <= 0)
+			{
+				throw new ArgumentException("serial number must be a positive integer", "serialNumber");
+			}
+
+			tbsGen.SetSerialNumber(new DerInteger(serialNumber));
+		}
+
+		/// <summary>
+		/// Set the issuer distinguished name.
+		/// The issuer is the entity whose private key is used to sign the certificate.
+		/// </summary>
+		/// <param name="issuer">The issuers DN.</param>
+		public void SetIssuerDN(
+			X509Name issuer)
+		{
+			tbsGen.SetIssuer(issuer);
+		}
+
+		/// <summary>
+		/// Set the date that this certificate is to be valid from.
+		/// </summary>
+		/// <param name="date"/>
+		public void SetNotBefore(
+			DateTime date)
+		{
+			tbsGen.SetStartDate(new Time(date));
+		}
+
+		/// <summary>
+		/// Set the date after which this certificate will no longer be valid.
+		/// </summary>
+		/// <param name="date"/>
+		public void SetNotAfter(
+			DateTime date)
+		{
+			tbsGen.SetEndDate(new Time(date));
+		}
+
+		/// <summary>
+		/// Set the subject distinguished name.
+		/// The subject describes the entity associated with the public key.
+		/// </summary>
+		/// <param name="subject"/>
+		public void SetSubjectDN(
+			X509Name subject)
+		{
+			tbsGen.SetSubject(subject);
+		}
+
+        /// <summary>
+        /// Set the public key that this certificate identifies.
+        /// </summary>
+        /// <param name="publicKey"/>
+		public void SetPublicKey(
+			AsymmetricKeyParameter publicKey)
+		{
+			try
+			{
+				tbsGen.SetSubjectPublicKeyInfo(
+					SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey));
+			}
+			catch (Exception e)
+			{
+				throw new ArgumentException("unable to process key - " + e.ToString());
+			}
+		}
+
+		/// <summary>
+		/// Set the signature algorithm that will be used to sign this certificate.
+		/// This can be either a name or an OID, names are treated as case insensitive.
+		/// </summary>
+		/// <param name="signatureAlgorithm">string representation of the algorithm name</param>
+		[Obsolete("Not needed if Generate used with an ISignatureFactory")]
+		public void SetSignatureAlgorithm(
+			string signatureAlgorithm)
+		{
+			this.signatureAlgorithm = signatureAlgorithm;
+
+			try
+			{
+				sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
+			}
+			catch (Exception)
+			{
+				throw new ArgumentException("Unknown signature type requested", "signatureAlgorithm");
+			}
+
+			sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
+
+			tbsGen.SetSignature(sigAlgId);
+		}
+
+		/// <summary>
+		/// Generate a new X509Certificate.
+		/// </summary>
+		/// <param name="privateKey">The private key of the issuer used to sign this certificate.</param>
+		/// <returns>An X509Certificate.</returns>
+		[Obsolete("Use Generate with an ISignatureFactory")]
+		public X509Certificate Generate(
+			AsymmetricKeyParameter privateKey)
+		{
+			return Generate(privateKey, null);
+		}
+
+        /// <summary>
+        /// Generate a new X509Certificate specifying a SecureRandom instance that you would like to use.
+        /// </summary>
+        /// <param name="privateKey">The private key of the issuer used to sign this certificate.</param>
+        /// <param name="random">The Secure Random you want to use.</param>
+        /// <returns>An X509Certificate.</returns>
+		[Obsolete("Use Generate with an ISignatureFactory")]
+		public X509Certificate Generate(
+			AsymmetricKeyParameter	privateKey,
+			SecureRandom			random)
+		{
+			return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
+		}
+
+		/// <summary>
+		/// Generate a new X509Certificate using the passed in SignatureCalculator.
+		/// </summary>
+		/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
+		/// <returns>An X509Certificate.</returns>
+		public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory)
+		{
+			tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
+
+			TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
+
+            IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+
+            byte[] encoded = tbsCert.GetDerEncoded();
+
+            streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
+		}
+
+		private X509Certificate GenerateJcaObject(
+			TbsCertificateStructure	tbsCert,
+			AlgorithmIdentifier     sigAlg,
+			byte[]					signature)
+		{
+			return new X509Certificate(
+				new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature)));
+		}
+
+		/// <summary>
+		/// Allows enumeration of the signature names supported by the generator.
+		/// </summary>
+		public IEnumerable SignatureAlgNames
+		{
+			get { return X509Utilities.GetAlgNames(); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509V2AttributeCertificate.cs b/bc-sharp-crypto/src/x509/X509V2AttributeCertificate.cs
new file mode 100644
index 0000000..c41b312
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509V2AttributeCertificate.cs
@@ -0,0 +1,280 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <summary>An implementation of a version 2 X.509 Attribute Certificate.</summary>
+	public class X509V2AttributeCertificate
+		: X509ExtensionBase, IX509AttributeCertificate
+	{
+		private readonly AttributeCertificate cert;
+		private readonly DateTime notBefore;
+		private readonly DateTime notAfter;
+
+		private static AttributeCertificate GetObject(Stream input)
+		{
+			try
+			{
+				return AttributeCertificate.GetInstance(Asn1Object.FromStream(input));
+			}
+			catch (IOException e)
+			{
+				throw e;
+			}
+			catch (Exception e)
+			{
+				throw new IOException("exception decoding certificate structure", e);
+			}
+		}
+
+		public X509V2AttributeCertificate(
+			Stream encIn)
+			: this(GetObject(encIn))
+		{
+		}
+
+		public X509V2AttributeCertificate(
+			byte[] encoded)
+			: this(new MemoryStream(encoded, false))
+		{
+		}
+
+		internal X509V2AttributeCertificate(
+			AttributeCertificate cert)
+		{
+			this.cert = cert;
+
+			try
+			{
+				this.notAfter = cert.ACInfo.AttrCertValidityPeriod.NotAfterTime.ToDateTime();
+				this.notBefore = cert.ACInfo.AttrCertValidityPeriod.NotBeforeTime.ToDateTime();
+			}
+			catch (Exception e)
+			{
+				throw new IOException("invalid data structure in certificate!", e);
+			}
+		}
+
+		public virtual int Version
+		{
+			get { return cert.ACInfo.Version.Value.IntValue + 1; }
+		}
+
+		public virtual BigInteger SerialNumber
+		{
+			get { return cert.ACInfo.SerialNumber.Value; }
+		}
+
+		public virtual AttributeCertificateHolder Holder
+		{
+			get
+			{
+				return new AttributeCertificateHolder((Asn1Sequence)cert.ACInfo.Holder.ToAsn1Object());
+			}
+		}
+
+		public virtual AttributeCertificateIssuer Issuer
+		{
+			get
+			{
+				return new AttributeCertificateIssuer(cert.ACInfo.Issuer);
+			}
+		}
+
+		public virtual DateTime NotBefore
+		{
+			get { return notBefore; }
+		}
+
+		public virtual DateTime NotAfter
+		{
+			get { return notAfter; }
+		}
+
+		public virtual bool[] GetIssuerUniqueID()
+		{
+			DerBitString id = cert.ACInfo.IssuerUniqueID;
+
+			if (id != null)
+			{
+				byte[] bytes = id.GetBytes();
+				bool[] boolId = new bool[bytes.Length * 8 - id.PadBits];
+
+				for (int i = 0; i != boolId.Length; i++)
+				{
+					//boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+					boolId[i] = (bytes[i / 8] & (0x80 >> (i % 8))) != 0;
+				}
+
+				return boolId;
+			}
+
+			return null;
+		}
+
+		public virtual bool IsValidNow
+		{
+			get { return IsValid(DateTime.UtcNow); }
+		}
+
+		public virtual bool IsValid(
+			DateTime date)
+		{
+			return date.CompareTo(NotBefore) >= 0 && date.CompareTo(NotAfter) <= 0;
+		}
+
+		public virtual void CheckValidity()
+		{
+			this.CheckValidity(DateTime.UtcNow);
+		}
+
+		public virtual void CheckValidity(
+			DateTime date)
+		{
+			if (date.CompareTo(NotAfter) > 0)
+				throw new CertificateExpiredException("certificate expired on " + NotAfter);
+			if (date.CompareTo(NotBefore) < 0)
+				throw new CertificateNotYetValidException("certificate not valid until " + NotBefore);
+		}
+
+        public virtual AlgorithmIdentifier SignatureAlgorithm
+        {
+            get { return cert.SignatureAlgorithm; }
+        }
+
+		public virtual byte[] GetSignature()
+		{
+            return cert.GetSignatureOctets();
+		}
+
+        public virtual void Verify(
+            AsymmetricKeyParameter key)
+        {
+            CheckSignature(new Asn1VerifierFactory(cert.SignatureAlgorithm, key));
+        }
+
+        /// <summary>
+        /// Verify the certificate's signature using a verifier created using the passed in verifier provider.
+        /// </summary>
+        /// <param name="verifierProvider">An appropriate provider for verifying the certificate's signature.</param>
+        /// <returns>True if the signature is valid.</returns>
+        /// <exception cref="Exception">If verifier provider is not appropriate or the certificate algorithm is invalid.</exception>
+        public virtual void Verify(
+            IVerifierFactoryProvider verifierProvider)
+        {
+            CheckSignature(verifierProvider.CreateVerifierFactory(cert.SignatureAlgorithm));
+        }
+
+        protected virtual void CheckSignature(
+            IVerifierFactory verifier)
+        {
+            if (!cert.SignatureAlgorithm.Equals(cert.ACInfo.Signature))
+			{
+				throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
+			}
+
+            IStreamCalculator streamCalculator = verifier.CreateCalculator();
+
+			try
+			{
+                byte[] b = this.cert.ACInfo.GetEncoded();
+
+                streamCalculator.Stream.Write(b, 0, b.Length);
+
+                Platform.Dispose(streamCalculator.Stream);
+            }
+			catch (IOException e)
+			{
+				throw new SignatureException("Exception encoding certificate info object", e);
+			}
+
+			if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature()))
+			{
+				throw new InvalidKeyException("Public key presented not for certificate signature");
+			}
+		}
+
+		public virtual byte[] GetEncoded()
+		{
+			return cert.GetEncoded();
+		}
+
+		protected override X509Extensions GetX509Extensions()
+		{
+			return cert.ACInfo.Extensions;
+		}
+
+		public virtual X509Attribute[] GetAttributes()
+		{
+			Asn1Sequence seq = cert.ACInfo.Attributes;
+			X509Attribute[] attrs = new X509Attribute[seq.Count];
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				attrs[i] = new X509Attribute((Asn1Encodable)seq[i]);
+			}
+
+			return attrs;
+		}
+
+		public virtual X509Attribute[] GetAttributes(
+			string oid)
+		{
+			Asn1Sequence seq = cert.ACInfo.Attributes;
+			IList list = Platform.CreateArrayList();
+
+			for (int i = 0; i != seq.Count; i++)
+			{
+				X509Attribute attr = new X509Attribute((Asn1Encodable)seq[i]);
+				if (attr.Oid.Equals(oid))
+				{
+					list.Add(attr);
+				}
+			}
+
+			if (list.Count < 1)
+			{
+				return null;
+			}
+
+            X509Attribute[] result = new X509Attribute[list.Count];
+            for (int i = 0; i < list.Count; ++i)
+            {
+                result[i] = (X509Attribute)list[i];
+            }
+            return result;
+		}
+
+		public override bool Equals(
+			object obj)
+		{
+			if (obj == this)
+				return true;
+
+			X509V2AttributeCertificate other = obj as X509V2AttributeCertificate;
+
+			if (other == null)
+				return false;
+
+			return cert.Equals(other.cert);
+
+			// NB: May prefer this implementation of Equals if more than one certificate implementation in play
+			//return Arrays.AreEqual(this.GetEncoded(), other.GetEncoded());
+		}
+
+		public override int GetHashCode()
+		{
+			return cert.GetHashCode();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/bc-sharp-crypto/src/x509/X509V2AttributeCertificateGenerator.cs
new file mode 100644
index 0000000..bf046cd
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509V2AttributeCertificateGenerator.cs
@@ -0,0 +1,203 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509
+{
+	/// <remarks>Class to produce an X.509 Version 2 AttributeCertificate.</remarks>
+	public class X509V2AttributeCertificateGenerator
+	{
+		private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
+
+		private V2AttributeCertificateInfoGenerator	acInfoGen;
+		private DerObjectIdentifier sigOID;
+		private AlgorithmIdentifier sigAlgId;
+		private string signatureAlgorithm;
+
+		public X509V2AttributeCertificateGenerator()
+		{
+			acInfoGen = new V2AttributeCertificateInfoGenerator();
+		}
+
+		/// <summary>Reset the generator</summary>
+		public void Reset()
+		{
+			acInfoGen = new V2AttributeCertificateInfoGenerator();
+			extGenerator.Reset();
+		}
+
+		/// <summary>Set the Holder of this Attribute Certificate.</summary>
+		public void SetHolder(
+			AttributeCertificateHolder holder)
+		{
+			acInfoGen.SetHolder(holder.holder);
+		}
+
+		/// <summary>Set the issuer.</summary>
+		public void SetIssuer(
+			AttributeCertificateIssuer issuer)
+		{
+			acInfoGen.SetIssuer(AttCertIssuer.GetInstance(issuer.form));
+		}
+
+		/// <summary>Set the serial number for the certificate.</summary>
+		public void SetSerialNumber(
+			BigInteger serialNumber)
+		{
+			acInfoGen.SetSerialNumber(new DerInteger(serialNumber));
+		}
+
+		public void SetNotBefore(
+			DateTime date)
+		{
+			acInfoGen.SetStartDate(new DerGeneralizedTime(date));
+		}
+
+		public void SetNotAfter(
+			DateTime date)
+		{
+			acInfoGen.SetEndDate(new DerGeneralizedTime(date));
+		}
+
+        /// <summary>
+        /// Set the signature algorithm. This can be either a name or an OID, names
+        /// are treated as case insensitive.
+        /// </summary>
+        /// <param name="signatureAlgorithm">The algorithm name.</param>
+        [Obsolete("Not needed if Generate used with an ISignatureFactory")]
+        public void SetSignatureAlgorithm(
+			string signatureAlgorithm)
+		{
+			this.signatureAlgorithm = signatureAlgorithm;
+
+			try
+			{
+				sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
+			}
+			catch (Exception)
+			{
+				throw new ArgumentException("Unknown signature type requested");
+			}
+
+			sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
+
+			acInfoGen.SetSignature(sigAlgId);
+		}
+
+		/// <summary>Add an attribute.</summary>
+		public void AddAttribute(
+			X509Attribute attribute)
+		{
+			acInfoGen.AddAttribute(AttributeX509.GetInstance(attribute.ToAsn1Object()));
+		}
+
+		public void SetIssuerUniqueId(
+			bool[] iui)
+		{
+			// TODO convert bool array to bit string
+			//acInfoGen.SetIssuerUniqueID(iui);
+			throw Platform.CreateNotImplementedException("SetIssuerUniqueId()");
+		}
+
+		/// <summary>Add a given extension field for the standard extensions tag.</summary>
+		public void AddExtension(
+			string			oid,
+			bool			critical,
+			Asn1Encodable	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
+		}
+
+		/// <summary>
+		/// Add a given extension field for the standard extensions tag.
+		/// The value parameter becomes the contents of the octet string associated
+		/// with the extension.
+		/// </summary>
+		public void AddExtension(
+			string	oid,
+			bool	critical,
+			byte[]	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
+		}
+
+        /// <summary>
+        /// Generate an X509 certificate, based on the current issuer and subject.
+        /// </summary>
+        [Obsolete("Use Generate with an ISignatureFactory")]
+        public IX509AttributeCertificate Generate(
+			AsymmetricKeyParameter privateKey)
+		{
+			return Generate(privateKey, null);
+		}
+
+        /// <summary>
+        /// Generate an X509 certificate, based on the current issuer and subject,
+        /// using the supplied source of randomness, if required.
+        /// </summary>
+        [Obsolete("Use Generate with an ISignatureFactory")]
+        public IX509AttributeCertificate Generate(
+			AsymmetricKeyParameter	privateKey,
+			SecureRandom			random)
+        {
+            return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
+        }
+
+        /// <summary>
+        /// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator.
+        /// </summary>
+        /// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
+        /// <returns>An IX509AttributeCertificate.</returns>
+        public IX509AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory)
+        {
+            if (!extGenerator.IsEmpty)
+			{
+				acInfoGen.SetExtensions(extGenerator.Generate());
+			}
+
+			AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo();
+
+            byte[] encoded = acInfo.GetDerEncoded();
+
+            IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+
+            streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            Asn1EncodableVector v = new Asn1EncodableVector();
+
+			v.Add(acInfo, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
+
+			try
+			{
+				v.Add(new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()));
+
+				return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(new DerSequence(v)));
+			}
+			catch (Exception e)
+			{
+				// TODO
+//				throw new ExtCertificateEncodingException("constructed invalid certificate", e);
+				throw new CertificateEncodingException("constructed invalid certificate", e);
+			}
+		}
+
+		/// <summary>
+		/// Allows enumeration of the signature names supported by the generator.
+		/// </summary>
+		public IEnumerable SignatureAlgNames
+		{
+			get { return X509Utilities.GetAlgNames(); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509V2CRLGenerator.cs b/bc-sharp-crypto/src/x509/X509V2CRLGenerator.cs
new file mode 100644
index 0000000..566d502
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509V2CRLGenerator.cs
@@ -0,0 +1,278 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+
+namespace Org.BouncyCastle.X509
+{
+	/**
+	* class to produce an X.509 Version 2 CRL.
+	*/
+	public class X509V2CrlGenerator
+	{
+		private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
+
+		private V2TbsCertListGenerator	tbsGen;
+		private DerObjectIdentifier		sigOID;
+		private AlgorithmIdentifier		sigAlgId;
+		private string					signatureAlgorithm;
+
+		public X509V2CrlGenerator()
+		{
+			tbsGen = new V2TbsCertListGenerator();
+		}
+
+		/**
+		* reset the generator
+		*/
+		public void Reset()
+		{
+			tbsGen = new V2TbsCertListGenerator();
+			extGenerator.Reset();
+		}
+
+		/**
+		* Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+		* certificate.
+		*/
+		public void SetIssuerDN(
+			X509Name issuer)
+		{
+			tbsGen.SetIssuer(issuer);
+		}
+
+		public void SetThisUpdate(
+			DateTime date)
+		{
+			tbsGen.SetThisUpdate(new Time(date));
+		}
+
+		public void SetNextUpdate(
+			DateTime date)
+		{
+			tbsGen.SetNextUpdate(new Time(date));
+		}
+
+		/**
+		* Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
+		* or 0 if CrlReason is not to be used
+		**/
+		public void AddCrlEntry(
+			BigInteger	userCertificate,
+			DateTime	revocationDate,
+			int			reason)
+		{
+			tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason);
+		}
+
+		/**
+		* Add a CRL entry with an Invalidity Date extension as well as a CrlReason extension.
+		* Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
+		* or 0 if CrlReason is not to be used
+		**/
+		public void AddCrlEntry(
+			BigInteger	userCertificate,
+			DateTime	revocationDate,
+			int			reason,
+			DateTime	invalidityDate)
+		{
+			tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason, new DerGeneralizedTime(invalidityDate));
+		}
+
+		/**
+		* Add a CRL entry with extensions.
+		**/
+		public void AddCrlEntry(
+			BigInteger		userCertificate,
+			DateTime		revocationDate,
+			X509Extensions	extensions)
+		{
+			tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), extensions);
+		}
+
+		/**
+		* Add the CRLEntry objects contained in a previous CRL.
+		*
+		* @param other the X509Crl to source the other entries from.
+		*/
+		public void AddCrl(
+			X509Crl other)
+		{
+			if (other == null)
+				throw new ArgumentNullException("other");
+
+			ISet revocations = other.GetRevokedCertificates();
+
+			if (revocations != null)
+			{
+				foreach (X509CrlEntry entry in revocations)
+				{
+					try
+					{
+						tbsGen.AddCrlEntry(
+							Asn1Sequence.GetInstance(
+							Asn1Object.FromByteArray(entry.GetEncoded())));
+					}
+					catch (IOException e)
+					{
+						throw new CrlException("exception processing encoding of CRL", e);
+					}
+				}
+			}
+		}
+
+        /// <summary>
+        /// Set the signature algorithm that will be used to sign this CRL.
+        /// </summary>
+        /// <param name="signatureAlgorithm"/>
+        [Obsolete("Not needed if Generate used with an ISignatureFactory")]
+        public void SetSignatureAlgorithm(
+			string signatureAlgorithm)
+		{
+			this.signatureAlgorithm = signatureAlgorithm;
+
+			try
+			{
+				sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
+			}
+			catch (Exception e)
+			{
+				throw new ArgumentException("Unknown signature type requested", e);
+			}
+
+			sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
+
+			tbsGen.SetSignature(sigAlgId);
+		}
+
+		/**
+		* add a given extension field for the standard extensions tag (tag 0)
+		*/
+		public void AddExtension(
+			string			oid,
+			bool			critical,
+			Asn1Encodable	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
+		}
+
+		/**
+		* add a given extension field for the standard extensions tag (tag 0)
+		*/
+		public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			Asn1Encodable		extensionValue)
+		{
+			extGenerator.AddExtension(oid, critical, extensionValue);
+		}
+
+		/**
+		* add a given extension field for the standard extensions tag (tag 0)
+		*/
+		public void AddExtension(
+			string	oid,
+			bool	critical,
+			byte[]	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue));
+		}
+
+		/**
+		* add a given extension field for the standard extensions tag (tag 0)
+		*/
+		public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			byte[]				extensionValue)
+		{
+			extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue));
+		}
+
+        /// <summary>
+        /// Generate an X.509 CRL, based on the current issuer and subject.
+        /// </summary>
+        /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
+        /// <returns>An X509Crl.</returns>
+        [Obsolete("Use Generate with an ISignatureFactory")]
+        public X509Crl Generate(
+            AsymmetricKeyParameter privateKey)
+        {
+            return Generate(privateKey, null);
+        }
+
+        /// <summary>
+        /// Generate an X.509 CRL, based on the current issuer and subject using the specified secure random.
+        /// </summary>
+        /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
+        /// <param name="random">Your Secure Random instance.</param>
+        /// <returns>An X509Crl.</returns>
+        [Obsolete("Use Generate with an ISignatureFactory")]
+        public X509Crl Generate(
+            AsymmetricKeyParameter privateKey,
+            SecureRandom random)
+        {
+            return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
+        }
+
+        /// <summary>
+        /// Generate a new X509Crl using the passed in SignatureCalculator.
+        /// </summary>
+		/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
+        /// <returns>An X509Crl.</returns>
+        public X509Crl Generate(ISignatureFactory signatureCalculatorFactory)
+        {
+            tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
+
+            TbsCertificateList tbsCertList = GenerateCertList();
+
+            IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+
+            byte[] encoded = tbsCertList.GetDerEncoded();
+
+            streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            return GenerateJcaObject(tbsCertList, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
+        }
+
+        private TbsCertificateList GenerateCertList()
+		{
+			if (!extGenerator.IsEmpty)
+			{
+				tbsGen.SetExtensions(extGenerator.Generate());
+			}
+
+			return tbsGen.GenerateTbsCertList();
+		}
+
+		private X509Crl GenerateJcaObject(
+			TbsCertificateList	tbsCrl,
+            AlgorithmIdentifier algId,
+			byte[]				signature)
+		{
+			return new X509Crl(
+				CertificateList.GetInstance(
+					new DerSequence(tbsCrl, algId, new DerBitString(signature))));
+		}
+
+		/// <summary>
+		/// Allows enumeration of the signature names supported by the generator.
+		/// </summary>
+		public IEnumerable SignatureAlgNames
+		{
+			get { return X509Utilities.GetAlgNames(); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/X509V3CertificateGenerator.cs b/bc-sharp-crypto/src/x509/X509V3CertificateGenerator.cs
new file mode 100644
index 0000000..bc619c3
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/X509V3CertificateGenerator.cs
@@ -0,0 +1,344 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Operators;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.X509
+{
+    /// <summary>
+    /// A class to Generate Version 3 X509Certificates.
+    /// </summary>
+    public class X509V3CertificateGenerator
+    {
+		private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
+
+		private V3TbsCertificateGenerator	tbsGen;
+        private DerObjectIdentifier			sigOid;
+        private AlgorithmIdentifier			sigAlgId;
+        private string						signatureAlgorithm;
+
+		public X509V3CertificateGenerator()
+        {
+            tbsGen = new V3TbsCertificateGenerator();
+        }
+
+		/// <summary>
+		/// Reset the Generator.
+		/// </summary>
+		public void Reset()
+		{
+			tbsGen = new V3TbsCertificateGenerator();
+			extGenerator.Reset();
+		}
+
+		/// <summary>
+        /// Set the certificate's serial number.
+        /// </summary>
+        /// <remarks>Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data.
+        /// You will be surprised how ugly a serial number collision can Get.</remarks>
+        /// <param name="serialNumber">The serial number.</param>
+        public void SetSerialNumber(
+			BigInteger serialNumber)
+        {
+			if (serialNumber.SignValue <= 0)
+			{
+				throw new ArgumentException("serial number must be a positive integer", "serialNumber");
+			}
+
+			tbsGen.SetSerialNumber(new DerInteger(serialNumber));
+        }
+
+		/// <summary>
+        /// Set the distinguished name of the issuer.
+        /// The issuer is the entity which is signing the certificate.
+        /// </summary>
+        /// <param name="issuer">The issuer's DN.</param>
+        public void SetIssuerDN(
+            X509Name issuer)
+        {
+            tbsGen.SetIssuer(issuer);
+        }
+
+		/// <summary>
+        /// Set the date that this certificate is to be valid from.
+        /// </summary>
+        /// <param name="date"/>
+        public void SetNotBefore(
+            DateTime date)
+        {
+            tbsGen.SetStartDate(new Time(date));
+        }
+
+        /// <summary>
+        /// Set the date after which this certificate will no longer be valid.
+        /// </summary>
+        /// <param name="date"/>
+        public void SetNotAfter(
+			DateTime date)
+        {
+            tbsGen.SetEndDate(new Time(date));
+        }
+
+		/// <summary>
+		/// Set the DN of the entity that this certificate is about.
+		/// </summary>
+		/// <param name="subject"/>
+        public void SetSubjectDN(
+			X509Name subject)
+        {
+            tbsGen.SetSubject(subject);
+        }
+
+		/// <summary>
+        /// Set the public key that this certificate identifies.
+        /// </summary>
+        /// <param name="publicKey"/>
+        public void SetPublicKey(
+			AsymmetricKeyParameter publicKey)
+        {
+            tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey));
+        }
+
+		/// <summary>
+        /// Set the signature algorithm that will be used to sign this certificate.
+        /// </summary>
+        /// <param name="signatureAlgorithm"/>
+		[Obsolete("Not needed if Generate used with an ISignatureFactory")]
+        public void SetSignatureAlgorithm(
+			string signatureAlgorithm)
+        {
+			this.signatureAlgorithm = signatureAlgorithm;
+
+			try
+			{
+				sigOid = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
+			}
+			catch (Exception)
+			{
+				throw new ArgumentException("Unknown signature type requested: " + signatureAlgorithm);
+			}
+
+			sigAlgId = X509Utilities.GetSigAlgID(sigOid, signatureAlgorithm);
+
+			tbsGen.SetSignature(sigAlgId);
+		}
+
+		/// <summary>
+		/// Set the subject unique ID - note: it is very rare that it is correct to do this.
+		/// </summary>
+		/// <param name="uniqueID"/>
+		public void SetSubjectUniqueID(
+			bool[] uniqueID)
+		{
+			tbsGen.SetSubjectUniqueID(booleanToBitString(uniqueID));
+		}
+
+		/// <summary>
+		/// Set the issuer unique ID - note: it is very rare that it is correct to do this.
+		/// </summary>
+		/// <param name="uniqueID"/>
+		public void SetIssuerUniqueID(
+			bool[] uniqueID)
+		{
+			tbsGen.SetIssuerUniqueID(booleanToBitString(uniqueID));
+		}
+
+		private DerBitString booleanToBitString(
+			bool[] id)
+		{
+			byte[] bytes = new byte[(id.Length + 7) / 8];
+
+			for (int i = 0; i != id.Length; i++)
+			{
+				if (id[i])
+				{
+					bytes[i / 8] |= (byte)(1 << ((7 - (i % 8))));
+				}
+			}
+
+			int pad = id.Length % 8;
+
+			if (pad == 0)
+			{
+				return new DerBitString(bytes);
+			}
+
+			return new DerBitString(bytes, 8 - pad);
+		}
+
+		/// <summary>
+		/// Add a given extension field for the standard extensions tag (tag 3).
+		/// </summary>
+		/// <param name="oid">string containing a dotted decimal Object Identifier.</param>
+		/// <param name="critical">Is it critical.</param>
+		/// <param name="extensionValue">The value.</param>
+		public void AddExtension(
+			string			oid,
+			bool			critical,
+			Asn1Encodable	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
+		}
+
+		/// <summary>
+        /// Add an extension to this certificate.
+        /// </summary>
+        /// <param name="oid">Its Object Identifier.</param>
+        /// <param name="critical">Is it critical.</param>
+        /// <param name="extensionValue">The value.</param>
+        public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			Asn1Encodable		extensionValue)
+        {
+			extGenerator.AddExtension(oid, critical, extensionValue);
+        }
+
+		/// <summary>
+		/// Add an extension using a string with a dotted decimal OID.
+		/// </summary>
+		/// <param name="oid">string containing a dotted decimal Object Identifier.</param>
+		/// <param name="critical">Is it critical.</param>
+		/// <param name="extensionValue">byte[] containing the value of this extension.</param>
+		public void AddExtension(
+			string	oid,
+			bool	critical,
+			byte[]	extensionValue)
+		{
+			extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue));
+		}
+
+		/// <summary>
+        /// Add an extension to this certificate.
+        /// </summary>
+        /// <param name="oid">Its Object Identifier.</param>
+        /// <param name="critical">Is it critical.</param>
+        /// <param name="extensionValue">byte[] containing the value of this extension.</param>
+        public void AddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			byte[]				extensionValue)
+        {
+			extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue));
+        }
+
+		/// <summary>
+		/// Add a given extension field for the standard extensions tag (tag 3),
+		/// copying the extension value from another certificate.
+		/// </summary>
+		public void CopyAndAddExtension(
+			string			oid,
+			bool			critical,
+			X509Certificate	cert)
+		{
+			CopyAndAddExtension(new DerObjectIdentifier(oid), critical, cert);
+		}
+
+		/**
+		 * add a given extension field for the standard extensions tag (tag 3)
+		 * copying the extension value from another certificate.
+		 * @throws CertificateParsingException if the extension cannot be extracted.
+		 */
+		public void CopyAndAddExtension(
+			DerObjectIdentifier	oid,
+			bool				critical,
+			X509Certificate		cert)
+		{
+			Asn1OctetString extValue = cert.GetExtensionValue(oid);
+
+			if (extValue == null)
+			{
+				throw new CertificateParsingException("extension " + oid + " not present");
+			}
+
+			try
+			{
+				Asn1Encodable value = X509ExtensionUtilities.FromExtensionValue(extValue);
+
+				this.AddExtension(oid, critical, value);
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException(e.Message, e);
+			}
+		}
+
+		/// <summary>
+        /// Generate an X509Certificate.
+        /// </summary>
+        /// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
+        /// <returns>An X509Certificate.</returns>
+		[Obsolete("Use Generate with an ISignatureFactory")]
+		public X509Certificate Generate(
+			AsymmetricKeyParameter privateKey)
+        {
+            return Generate(privateKey, null);
+        }
+
+		/// <summary>
+		/// Generate an X509Certificate using your own SecureRandom.
+		/// </summary>
+		/// <param name="privateKey">The private key of the issuer that is signing this certificate.</param>
+		/// <param name="random">You Secure Random instance.</param>
+		/// <returns>An X509Certificate.</returns>
+		[Obsolete("Use Generate with an ISignatureFactory")]
+		public X509Certificate Generate(
+			AsymmetricKeyParameter	privateKey,
+			SecureRandom			random)
+		{
+			return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
+		}
+
+		/// <summary>
+		/// Generate a new X509Certificate using the passed in SignatureCalculator.
+		/// </summary>
+		/// <param name="signatureCalculatorFactory">A signature calculator factory with the necessary algorithm details.</param>
+		/// <returns>An X509Certificate.</returns>
+		public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory)
+		{
+			tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
+
+            if (!extGenerator.IsEmpty)
+            {
+                tbsGen.SetExtensions(extGenerator.Generate());
+            }
+
+            TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate();
+
+			IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
+
+			byte[] encoded = tbsCert.GetDerEncoded();
+
+			streamCalculator.Stream.Write(encoded, 0, encoded.Length);
+
+            Platform.Dispose(streamCalculator.Stream);
+
+            return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
+		}
+
+		private X509Certificate GenerateJcaObject(
+			TbsCertificateStructure	tbsCert,
+			AlgorithmIdentifier     sigAlg,
+			byte[]					signature)
+		{
+			return new X509Certificate(
+				new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature)));
+		}
+
+		/// <summary>
+		/// Allows enumeration of the signature names supported by the generator.
+		/// </summary>
+		public IEnumerable SignatureAlgNames
+		{
+			get { return X509Utilities.GetAlgNames(); }
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs b/bc-sharp-crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs
new file mode 100644
index 0000000..006dc00
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs
@@ -0,0 +1,102 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Security.Certificates;
+
+namespace Org.BouncyCastle.X509.Extension
+{
+	/// <remarks>A high level authority key identifier.</remarks>
+	public class AuthorityKeyIdentifierStructure
+		: AuthorityKeyIdentifier
+	{
+		/**
+		 * Constructor which will take the byte[] returned from getExtensionValue()
+		 *
+		 * @param encodedValue a DER octet encoded string with the extension structure in it.
+		 * @throws IOException on parsing errors.
+		 */
+		// TODO Add a functional constructor from byte[]?
+		public AuthorityKeyIdentifierStructure(
+			Asn1OctetString encodedValue)
+			: base((Asn1Sequence) X509ExtensionUtilities.FromExtensionValue(encodedValue))
+		{
+		}
+
+		private static Asn1Sequence FromCertificate(
+			X509Certificate certificate)
+		{
+			try
+			{
+				GeneralName genName = new GeneralName(
+					PrincipalUtilities.GetIssuerX509Principal(certificate));
+
+				if (certificate.Version == 3)
+				{
+					Asn1OctetString ext = certificate.GetExtensionValue(X509Extensions.SubjectKeyIdentifier);
+
+					if (ext != null)
+					{
+						Asn1OctetString str = (Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(ext);
+
+						return (Asn1Sequence) new AuthorityKeyIdentifier(
+							str.GetOctets(), new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object();
+					}
+				}
+
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
+					certificate.GetPublicKey());
+
+				return (Asn1Sequence) new AuthorityKeyIdentifier(
+					info, new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object();
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException("Exception extracting certificate details", e);
+			}
+		}
+
+		private static Asn1Sequence FromKey(
+			AsymmetricKeyParameter pubKey)
+		{
+			try
+			{
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey);
+
+				return (Asn1Sequence) new AuthorityKeyIdentifier(info).ToAsn1Object();
+			}
+			catch (Exception e)
+			{
+				throw new InvalidKeyException("can't process key: " + e);
+			}
+		}
+
+		/**
+		 * Create an AuthorityKeyIdentifier using the passed in certificate's public
+		 * key, issuer and serial number.
+		 *
+		 * @param certificate the certificate providing the information.
+		 * @throws CertificateParsingException if there is a problem processing the certificate
+		 */
+		public AuthorityKeyIdentifierStructure(
+			X509Certificate certificate)
+			: base(FromCertificate(certificate))
+		{
+		}
+
+		/**
+		 * Create an AuthorityKeyIdentifier using just the hash of the
+		 * public key.
+		 *
+		 * @param pubKey the key to generate the hash from.
+		 * @throws InvalidKeyException if there is a problem using the key.
+		 */
+		public AuthorityKeyIdentifierStructure(
+			AsymmetricKeyParameter pubKey)
+			: base(FromKey(pubKey))
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs b/bc-sharp-crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs
new file mode 100644
index 0000000..4c7b79a
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs
@@ -0,0 +1,49 @@
+using System;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Security.Certificates;
+
+namespace Org.BouncyCastle.X509.Extension
+{
+	/**
+	 * A high level subject key identifier.
+	 */
+	public class SubjectKeyIdentifierStructure
+		: SubjectKeyIdentifier
+	{
+		/**
+		 * Constructor which will take the byte[] returned from getExtensionValue()
+		 *
+		 * @param encodedValue a DER octet encoded string with the extension structure in it.
+		 * @throws IOException on parsing errors.
+		 */
+		public SubjectKeyIdentifierStructure(
+			Asn1OctetString encodedValue)
+			: base((Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(encodedValue))
+		{
+		}
+
+		private static Asn1OctetString FromPublicKey(
+			AsymmetricKeyParameter pubKey)
+		{
+			try
+			{
+				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey);
+
+				return (Asn1OctetString) new SubjectKeyIdentifier(info).ToAsn1Object();
+			}
+			catch (Exception e)
+			{
+				throw new CertificateParsingException("Exception extracting certificate details: " + e.ToString());
+			}
+		}
+
+		public SubjectKeyIdentifierStructure(
+			AsymmetricKeyParameter pubKey)
+			: base(FromPublicKey(pubKey))
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/extension/X509ExtensionUtil.cs b/bc-sharp-crypto/src/x509/extension/X509ExtensionUtil.cs
new file mode 100644
index 0000000..5f65ebf
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/extension/X509ExtensionUtil.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Security.Certificates;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509.Extension
+{
+	public class X509ExtensionUtilities
+	{
+		public static Asn1Object FromExtensionValue(
+			Asn1OctetString extensionValue)
+		{
+			return Asn1Object.FromByteArray(extensionValue.GetOctets());
+		}
+
+		public static ICollection GetIssuerAlternativeNames(
+			X509Certificate cert)
+		{
+			Asn1OctetString extVal = cert.GetExtensionValue(X509Extensions.IssuerAlternativeName);
+
+			return GetAlternativeName(extVal);
+		}
+
+		public static ICollection GetSubjectAlternativeNames(
+			X509Certificate cert)
+		{
+			Asn1OctetString extVal = cert.GetExtensionValue(X509Extensions.SubjectAlternativeName);
+
+			return GetAlternativeName(extVal);
+		}
+
+		private static ICollection GetAlternativeName(
+			Asn1OctetString extVal)
+		{
+			IList temp = Platform.CreateArrayList();
+
+			if (extVal != null)
+			{
+				try
+				{
+					Asn1Sequence seq = DerSequence.GetInstance(FromExtensionValue(extVal));
+
+					foreach (Asn1Encodable primName in seq)
+					{
+                        IList list = Platform.CreateArrayList();
+                        GeneralName genName = GeneralName.GetInstance(primName);
+
+						list.Add(genName.TagNo);
+
+						switch (genName.TagNo)
+						{
+							case GeneralName.EdiPartyName:
+							case GeneralName.X400Address:
+							case GeneralName.OtherName:
+								list.Add(genName.Name.ToAsn1Object());
+								break;
+							case GeneralName.DirectoryName:
+								list.Add(X509Name.GetInstance(genName.Name).ToString());
+								break;
+							case GeneralName.DnsName:
+							case GeneralName.Rfc822Name:
+							case GeneralName.UniformResourceIdentifier:
+								list.Add(((IAsn1String)genName.Name).GetString());
+								break;
+							case GeneralName.RegisteredID:
+								list.Add(DerObjectIdentifier.GetInstance(genName.Name).Id);
+								break;
+							case GeneralName.IPAddress:
+								list.Add(DerOctetString.GetInstance(genName.Name).GetOctets());
+								break;
+							default:
+								throw new IOException("Bad tag number: " + genName.TagNo);
+						}
+
+						temp.Add(list);
+					}
+				}
+				catch (Exception e)
+				{
+					throw new CertificateParsingException(e.Message);
+				}
+			}
+
+			return temp;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/IX509Selector.cs b/bc-sharp-crypto/src/x509/store/IX509Selector.cs
new file mode 100644
index 0000000..75358cb
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/IX509Selector.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public interface IX509Selector
+#if !(SILVERLIGHT || PORTABLE)
+		: ICloneable
+#endif
+	{
+#if SILVERLIGHT || PORTABLE
+        object Clone();
+#endif
+        bool Match(object obj);
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/IX509Store.cs b/bc-sharp-crypto/src/x509/store/IX509Store.cs
new file mode 100644
index 0000000..e5c3a46
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/IX509Store.cs
@@ -0,0 +1,11 @@
+using System;
+using System.Collections;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public interface IX509Store
+	{
+//		void Init(IX509StoreParameters parameters);
+		ICollection GetMatches(IX509Selector selector);
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/IX509StoreParameters.cs b/bc-sharp-crypto/src/x509/store/IX509StoreParameters.cs
new file mode 100644
index 0000000..aee3036
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/IX509StoreParameters.cs
@@ -0,0 +1,8 @@
+using System;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public interface IX509StoreParameters
+	{
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/NoSuchStoreException.cs b/bc-sharp-crypto/src/x509/store/NoSuchStoreException.cs
new file mode 100644
index 0000000..28b1889
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/NoSuchStoreException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.X509.Store
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class NoSuchStoreException
+		: X509StoreException
+	{
+		public NoSuchStoreException()
+		{
+		}
+
+		public NoSuchStoreException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public NoSuchStoreException(
+			string		message,
+			Exception	e)
+			: base(message, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509AttrCertStoreSelector.cs b/bc-sharp-crypto/src/x509/store/X509AttrCertStoreSelector.cs
new file mode 100644
index 0000000..9f1dc20
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509AttrCertStoreSelector.cs
@@ -0,0 +1,376 @@
+using System;
+using System.Collections;
+using System.IO;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	/**
+	* This class is an <code>Selector</code> like implementation to select
+	* attribute certificates from a given set of criteria.
+	*
+	* @see org.bouncycastle.x509.X509AttributeCertificate
+	* @see org.bouncycastle.x509.X509Store
+	*/
+	public class X509AttrCertStoreSelector
+		: IX509Selector
+	{
+		// TODO: name constraints???
+
+		private IX509AttributeCertificate attributeCert;
+		private DateTimeObject attributeCertificateValid;
+		private AttributeCertificateHolder holder;
+		private AttributeCertificateIssuer issuer;
+		private BigInteger serialNumber;
+		private ISet targetNames = new HashSet();
+		private ISet targetGroups = new HashSet();
+
+		public X509AttrCertStoreSelector()
+		{
+		}
+
+		private X509AttrCertStoreSelector(
+			X509AttrCertStoreSelector o)
+		{
+			this.attributeCert = o.attributeCert;
+			this.attributeCertificateValid = o.attributeCertificateValid;
+			this.holder = o.holder;
+			this.issuer = o.issuer;
+			this.serialNumber = o.serialNumber;
+			this.targetGroups = new HashSet(o.targetGroups);
+			this.targetNames = new HashSet(o.targetNames);
+		}
+
+		/// <summary>
+		/// Decides if the given attribute certificate should be selected.
+		/// </summary>
+		/// <param name="obj">The attribute certificate to be checked.</param>
+		/// <returns><code>true</code> if the object matches this selector.</returns>
+		public bool Match(
+			object obj)
+		{
+			if (obj == null)
+				throw new ArgumentNullException("obj");
+
+			IX509AttributeCertificate attrCert = obj as IX509AttributeCertificate;
+
+			if (attrCert == null)
+				return false;
+
+			if (this.attributeCert != null && !this.attributeCert.Equals(attrCert))
+				return false;
+
+			if (serialNumber != null && !attrCert.SerialNumber.Equals(serialNumber))
+				return false;
+
+			if (holder != null && !attrCert.Holder.Equals(holder))
+				return false;
+
+			if (issuer != null && !attrCert.Issuer.Equals(issuer))
+				return false;
+
+			if (attributeCertificateValid != null && !attrCert.IsValid(attributeCertificateValid.Value))
+				return false;
+
+			if (targetNames.Count > 0 || targetGroups.Count > 0)
+			{
+				Asn1OctetString targetInfoExt = attrCert.GetExtensionValue(
+					X509Extensions.TargetInformation);
+
+				if (targetInfoExt != null)
+				{
+					TargetInformation targetinfo;
+					try
+					{
+						targetinfo = TargetInformation.GetInstance(
+							X509ExtensionUtilities.FromExtensionValue(targetInfoExt));
+					}
+					catch (Exception)
+					{
+						return false;
+					}
+
+					Targets[] targetss = targetinfo.GetTargetsObjects();
+
+					if (targetNames.Count > 0)
+					{
+						bool found = false;
+
+						for (int i = 0; i < targetss.Length && !found; i++)
+						{
+							Target[] targets = targetss[i].GetTargets();
+
+							for (int j = 0; j < targets.Length; j++)
+							{
+								GeneralName targetName = targets[j].TargetName;
+
+								if (targetName != null && targetNames.Contains(targetName))
+								{
+									found = true;
+									break;
+								}
+							}
+						}
+						if (!found)
+						{
+							return false;
+						}
+					}
+
+					if (targetGroups.Count > 0)
+					{
+						bool found = false;
+
+						for (int i = 0; i < targetss.Length && !found; i++)
+						{
+							Target[] targets = targetss[i].GetTargets();
+
+							for (int j = 0; j < targets.Length; j++)
+							{
+								GeneralName targetGroup = targets[j].TargetGroup;
+
+								if (targetGroup != null && targetGroups.Contains(targetGroup))
+								{
+									found = true;
+									break;
+								}
+							}
+						}
+
+						if (!found)
+						{
+							return false;
+						}
+					}
+				}
+			}
+
+			return true;
+		}
+
+		public object Clone()
+		{
+			return new X509AttrCertStoreSelector(this);
+		}
+
+		/// <summary>The attribute certificate which must be matched.</summary>
+		/// <remarks>If <c>null</c> is given, any will do.</remarks>
+		public IX509AttributeCertificate AttributeCert
+		{
+			get { return attributeCert; }
+			set { this.attributeCert = value; }
+		}
+
+		[Obsolete("Use AttributeCertificateValid instead")]
+		public DateTimeObject AttribueCertificateValid
+		{
+			get { return attributeCertificateValid; }
+			set { this.attributeCertificateValid = value; }
+		}
+
+		/// <summary>The criteria for validity</summary>
+		/// <remarks>If <c>null</c> is given any will do.</remarks>
+		public DateTimeObject AttributeCertificateValid
+		{
+			get { return attributeCertificateValid; }
+			set { this.attributeCertificateValid = value; }
+		}
+
+		/// <summary>The holder.</summary>
+		/// <remarks>If <c>null</c> is given any will do.</remarks>
+		public AttributeCertificateHolder Holder
+		{
+			get { return holder; }
+			set { this.holder = value; }
+		}
+
+		/// <summary>The issuer.</summary>
+		/// <remarks>If <c>null</c> is given any will do.</remarks>
+		public AttributeCertificateIssuer Issuer
+		{
+			get { return issuer; }
+			set { this.issuer = value; }
+		}
+
+		/// <summary>The serial number.</summary>
+		/// <remarks>If <c>null</c> is given any will do.</remarks>
+		public BigInteger SerialNumber
+		{
+			get { return serialNumber; }
+			set { this.serialNumber = value; }
+		}
+
+		/**
+		* Adds a target name criterion for the attribute certificate to the target
+		* information extension criteria. The <code>X509AttributeCertificate</code>
+		* must contain at least one of the specified target names.
+		* <p>
+		* Each attribute certificate may contain a target information extension
+		* limiting the servers where this attribute certificate can be used. If
+		* this extension is not present, the attribute certificate is not targeted
+		* and may be accepted by any server.
+		* </p>
+		*
+		* @param name The name as a GeneralName (not <code>null</code>)
+		*/
+		public void AddTargetName(
+			GeneralName name)
+		{
+			targetNames.Add(name);
+		}
+
+		/**
+		* Adds a target name criterion for the attribute certificate to the target
+		* information extension criteria. The <code>X509AttributeCertificate</code>
+		* must contain at least one of the specified target names.
+		* <p>
+		* Each attribute certificate may contain a target information extension
+		* limiting the servers where this attribute certificate can be used. If
+		* this extension is not present, the attribute certificate is not targeted
+		* and may be accepted by any server.
+		* </p>
+		*
+		* @param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName
+		* @throws IOException if a parsing error occurs.
+		*/
+		public void AddTargetName(
+			byte[] name)
+		{
+			AddTargetName(GeneralName.GetInstance(Asn1Object.FromByteArray(name)));
+		}
+
+		/**
+		* Adds a collection with target names criteria. If <code>null</code> is
+		* given any will do.
+		* <p>
+		* The collection consists of either GeneralName objects or byte[] arrays representing
+		* DER encoded GeneralName structures.
+		* </p>
+		* 
+		* @param names A collection of target names.
+		* @throws IOException if a parsing error occurs.
+		* @see #AddTargetName(byte[])
+		* @see #AddTargetName(GeneralName)
+		*/
+		public void SetTargetNames(
+			IEnumerable names)
+		{
+			targetNames = ExtractGeneralNames(names);
+		}
+
+		/**
+		* Gets the target names. The collection consists of <code>List</code>s
+		* made up of an <code>Integer</code> in the first entry and a DER encoded
+		* byte array or a <code>String</code> in the second entry.
+		* <p>The returned collection is immutable.</p>
+		* 
+		* @return The collection of target names
+		* @see #setTargetNames(Collection)
+		*/
+		public IEnumerable GetTargetNames()
+		{
+			return new EnumerableProxy(targetNames);
+		}
+
+		/**
+		* Adds a target group criterion for the attribute certificate to the target
+		* information extension criteria. The <code>X509AttributeCertificate</code>
+		* must contain at least one of the specified target groups.
+		* <p>
+		* Each attribute certificate may contain a target information extension
+		* limiting the servers where this attribute certificate can be used. If
+		* this extension is not present, the attribute certificate is not targeted
+		* and may be accepted by any server.
+		* </p>
+		*
+		* @param group The group as GeneralName form (not <code>null</code>)
+		*/
+		public void AddTargetGroup(
+			GeneralName group)
+		{
+			targetGroups.Add(group);
+		}
+
+		/**
+		* Adds a target group criterion for the attribute certificate to the target
+		* information extension criteria. The <code>X509AttributeCertificate</code>
+		* must contain at least one of the specified target groups.
+		* <p>
+		* Each attribute certificate may contain a target information extension
+		* limiting the servers where this attribute certificate can be used. If
+		* this extension is not present, the attribute certificate is not targeted
+		* and may be accepted by any server.
+		* </p>
+		*
+		* @param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName
+		* @throws IOException if a parsing error occurs.
+		*/
+		public void AddTargetGroup(
+			byte[] name)
+		{
+			AddTargetGroup(GeneralName.GetInstance(Asn1Object.FromByteArray(name)));
+		}
+
+		/**
+		* Adds a collection with target groups criteria. If <code>null</code> is
+		* given any will do.
+		* <p>
+		* The collection consists of <code>GeneralName</code> objects or <code>byte[]</code>
+		* representing DER encoded GeneralNames.
+		* </p>
+		*
+		* @param names A collection of target groups.
+		* @throws IOException if a parsing error occurs.
+		* @see #AddTargetGroup(byte[])
+		* @see #AddTargetGroup(GeneralName)
+		*/
+		public void SetTargetGroups(
+			IEnumerable names)
+		{
+			targetGroups = ExtractGeneralNames(names);
+		}
+
+		/**
+		* Gets the target groups. The collection consists of <code>List</code>s
+		* made up of an <code>Integer</code> in the first entry and a DER encoded
+		* byte array or a <code>String</code> in the second entry.
+		* <p>The returned collection is immutable.</p>
+		*
+		* @return The collection of target groups.
+		* @see #setTargetGroups(Collection)
+		*/
+		public IEnumerable GetTargetGroups()
+		{
+			return new EnumerableProxy(targetGroups);
+		}
+
+		private ISet ExtractGeneralNames(
+			IEnumerable names)
+		{
+			ISet result = new HashSet();
+
+			if (names != null)
+			{
+				foreach (object o in names)
+				{
+					if (o is GeneralName)
+					{
+						result.Add(o);
+					}
+					else
+					{
+						result.Add(GeneralName.GetInstance(Asn1Object.FromByteArray((byte[]) o)));
+					}
+				}
+			}
+
+			return result;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509CertPairStoreSelector.cs b/bc-sharp-crypto/src/x509/store/X509CertPairStoreSelector.cs
new file mode 100644
index 0000000..2796971
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509CertPairStoreSelector.cs
@@ -0,0 +1,92 @@
+using System;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	/// <remarks>
+	/// This class is an <code>IX509Selector</code> implementation to select
+	/// certificate pairs, which are e.g. used for cross certificates. The set of
+	/// criteria is given from two <code>X509CertStoreSelector</code> objects,
+	/// each of which, if present, must match the respective component of a pair.
+	/// </remarks>
+	public class X509CertPairStoreSelector
+		: IX509Selector
+	{
+		private static X509CertStoreSelector CloneSelector(
+			X509CertStoreSelector s)
+		{
+			return s == null ? null : (X509CertStoreSelector) s.Clone();
+		}
+
+		private X509CertificatePair certPair;
+		private X509CertStoreSelector forwardSelector;
+		private X509CertStoreSelector reverseSelector;
+
+		public X509CertPairStoreSelector()
+		{
+		}
+
+		private X509CertPairStoreSelector(
+			X509CertPairStoreSelector o)
+		{
+			this.certPair = o.CertPair;
+			this.forwardSelector = o.ForwardSelector;
+			this.reverseSelector = o.ReverseSelector;
+		}
+
+		/// <summary>The certificate pair which is used for testing on equality.</summary>
+		public X509CertificatePair CertPair
+		{
+			get { return certPair; }
+			set { this.certPair = value; }
+		}
+
+		/// <summary>The certificate selector for the forward part.</summary>
+		public X509CertStoreSelector ForwardSelector
+		{
+			get { return CloneSelector(forwardSelector); }
+			set { this.forwardSelector = CloneSelector(value); }
+		}
+
+		/// <summary>The certificate selector for the reverse part.</summary>
+		public X509CertStoreSelector ReverseSelector
+		{
+			get { return CloneSelector(reverseSelector); }
+			set { this.reverseSelector = CloneSelector(value); }
+		}
+
+		/// <summary>
+		/// Decides if the given certificate pair should be selected. If
+		/// <c>obj</c> is not a <code>X509CertificatePair</code>, this method
+		/// returns <code>false</code>.
+		/// </summary>
+		/// <param name="obj">The <code>X509CertificatePair</code> to be tested.</param>
+		/// <returns><code>true</code> if the object matches this selector.</returns>
+		public bool Match(
+			object obj)
+		{
+			if (obj == null)
+				throw new ArgumentNullException("obj");
+
+			X509CertificatePair pair = obj as X509CertificatePair;
+
+			if (pair == null)
+				return false;
+
+			if (certPair != null && !certPair.Equals(pair))
+				return false;
+
+			if (forwardSelector != null && !forwardSelector.Match(pair.Forward))
+				return false;
+
+			if (reverseSelector != null && !reverseSelector.Match(pair.Reverse))
+				return false;
+
+			return true;
+		}
+
+		public object Clone()
+		{
+			return new X509CertPairStoreSelector(this);
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509CertStoreSelector.cs b/bc-sharp-crypto/src/x509/store/X509CertStoreSelector.cs
new file mode 100644
index 0000000..3874edf
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509CertStoreSelector.cs
@@ -0,0 +1,337 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public class X509CertStoreSelector
+		: IX509Selector
+	{
+		// TODO Missing criteria?
+
+		private byte[] authorityKeyIdentifier;
+		private int basicConstraints = -1;
+		private X509Certificate certificate;
+		private DateTimeObject certificateValid;
+		private ISet extendedKeyUsage;
+		private X509Name issuer;
+		private bool[] keyUsage;
+		private ISet policy;
+		private DateTimeObject privateKeyValid;
+		private BigInteger serialNumber;
+		private X509Name subject;
+		private byte[] subjectKeyIdentifier;
+		private SubjectPublicKeyInfo subjectPublicKey;
+		private DerObjectIdentifier subjectPublicKeyAlgID;
+
+		public X509CertStoreSelector()
+		{
+		}
+
+		public X509CertStoreSelector(
+			X509CertStoreSelector o)
+		{
+			this.authorityKeyIdentifier = o.AuthorityKeyIdentifier;
+			this.basicConstraints = o.BasicConstraints;
+			this.certificate = o.Certificate;
+			this.certificateValid = o.CertificateValid;
+			this.extendedKeyUsage = o.ExtendedKeyUsage;
+			this.issuer = o.Issuer;
+			this.keyUsage = o.KeyUsage;
+			this.policy = o.Policy;
+			this.privateKeyValid = o.PrivateKeyValid;
+			this.serialNumber = o.SerialNumber;
+			this.subject = o.Subject;
+			this.subjectKeyIdentifier = o.SubjectKeyIdentifier;
+			this.subjectPublicKey = o.SubjectPublicKey;
+			this.subjectPublicKeyAlgID = o.SubjectPublicKeyAlgID;
+		}
+
+		public virtual object Clone()
+		{
+			return new X509CertStoreSelector(this);
+		}
+
+		public byte[] AuthorityKeyIdentifier
+		{
+			get { return Arrays.Clone(authorityKeyIdentifier); }
+			set { authorityKeyIdentifier = Arrays.Clone(value); }
+		}
+
+		public int BasicConstraints
+		{
+			get { return basicConstraints; }
+			set
+			{
+				if (value < -2)
+					throw new ArgumentException("value can't be less than -2", "value");
+
+				basicConstraints = value;
+			}
+		}
+
+		public X509Certificate Certificate
+		{
+			get { return certificate; }
+			set { this.certificate = value; }
+		}
+
+		public DateTimeObject CertificateValid
+		{
+			get { return certificateValid; }
+			set { certificateValid = value; }
+		}
+
+		public ISet ExtendedKeyUsage
+		{
+			get { return CopySet(extendedKeyUsage); }
+			set { extendedKeyUsage = CopySet(value); }
+		}
+
+		public X509Name Issuer
+		{
+			get { return issuer; }
+			set { issuer = value; }
+		}
+
+		[Obsolete("Avoid working with X509Name objects in string form")]
+		public string IssuerAsString
+		{
+			get { return issuer != null ? issuer.ToString() : null; }
+		}
+
+		public bool[] KeyUsage
+		{
+			get { return CopyBoolArray(keyUsage); }
+			set { keyUsage = CopyBoolArray(value); }
+		}
+
+		/// <summary>
+		/// An <code>ISet</code> of <code>DerObjectIdentifier</code> objects.
+		/// </summary>
+		public ISet Policy
+		{
+			get { return CopySet(policy); }
+			set { policy = CopySet(value); }
+		}
+
+		public DateTimeObject PrivateKeyValid
+		{
+			get { return privateKeyValid; }
+			set { privateKeyValid = value; }
+		}
+
+		public BigInteger SerialNumber
+		{
+			get { return serialNumber; }
+			set { serialNumber = value; }
+		}
+
+		public X509Name Subject
+		{
+			get { return subject; }
+			set { subject = value; }
+		}
+
+		public string SubjectAsString
+		{
+			get { return subject != null ? subject.ToString() : null; }
+		}
+
+		public byte[] SubjectKeyIdentifier
+		{
+			get { return Arrays.Clone(subjectKeyIdentifier); }
+			set { subjectKeyIdentifier = Arrays.Clone(value); }
+		}
+
+		public SubjectPublicKeyInfo SubjectPublicKey
+		{
+			get { return subjectPublicKey; }
+			set { subjectPublicKey = value; }
+		}
+
+		public DerObjectIdentifier SubjectPublicKeyAlgID
+		{
+			get { return subjectPublicKeyAlgID; }
+			set { subjectPublicKeyAlgID = value; }
+		}
+
+		public virtual bool Match(
+			object obj)
+		{
+			X509Certificate c = obj as X509Certificate;
+
+			if (c == null)
+				return false;
+
+			if (!MatchExtension(authorityKeyIdentifier, c, X509Extensions.AuthorityKeyIdentifier))
+				return false;
+
+			if (basicConstraints != -1)
+			{
+				int bc = c.GetBasicConstraints();
+
+				if (basicConstraints == -2)
+				{
+					if (bc != -1)
+						return false;
+				}
+				else
+				{
+					if (bc < basicConstraints)
+						return false;
+				}
+			}
+
+			if (certificate != null && !certificate.Equals(c))
+				return false;
+
+			if (certificateValid != null && !c.IsValid(certificateValid.Value))
+				return false;
+
+			if (extendedKeyUsage != null)
+			{
+				IList eku = c.GetExtendedKeyUsage();
+
+				// Note: if no extended key usage set, all key purposes are implicitly allowed
+
+				if (eku != null)
+				{
+					foreach (DerObjectIdentifier oid in extendedKeyUsage)
+					{
+						if (!eku.Contains(oid.Id))
+							return false;
+					}
+				}
+			}
+
+			if (issuer != null && !issuer.Equivalent(c.IssuerDN, true))
+				return false;
+
+			if (keyUsage != null)
+			{
+				bool[] ku = c.GetKeyUsage();
+
+				// Note: if no key usage set, all key purposes are implicitly allowed
+
+				if (ku != null)
+				{
+					for (int i = 0; i < 9; ++i)
+					{
+						if (keyUsage[i] && !ku[i])
+							return false;
+					}
+				}
+			}
+
+			if (policy != null)
+			{
+				Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CertificatePolicies);
+				if (extVal == null)
+					return false;
+
+				Asn1Sequence certPolicies = Asn1Sequence.GetInstance(
+					X509ExtensionUtilities.FromExtensionValue(extVal));
+
+				if (policy.Count < 1 && certPolicies.Count < 1)
+					return false;
+
+				bool found = false;
+				foreach (PolicyInformation pi in certPolicies)
+				{
+					if (policy.Contains(pi.PolicyIdentifier))
+					{
+						found = true;
+						break;
+					}
+				}
+
+				if (!found)
+					return false;
+			}
+
+			if (privateKeyValid != null)
+			{
+				Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.PrivateKeyUsagePeriod);
+				if (extVal == null)
+					return false;
+
+				PrivateKeyUsagePeriod pkup = PrivateKeyUsagePeriod.GetInstance(
+					X509ExtensionUtilities.FromExtensionValue(extVal));
+
+				DateTime dt = privateKeyValid.Value;
+				DateTime notAfter = pkup.NotAfter.ToDateTime();
+				DateTime notBefore = pkup.NotBefore.ToDateTime();
+
+				if (dt.CompareTo(notAfter) > 0 || dt.CompareTo(notBefore) < 0)
+					return false;
+			}
+
+			if (serialNumber != null && !serialNumber.Equals(c.SerialNumber))
+				return false;
+
+			if (subject != null && !subject.Equivalent(c.SubjectDN, true))
+				return false;
+
+			if (!MatchExtension(subjectKeyIdentifier, c, X509Extensions.SubjectKeyIdentifier))
+				return false;
+
+			if (subjectPublicKey != null && !subjectPublicKey.Equals(GetSubjectPublicKey(c)))
+				return false;
+
+			if (subjectPublicKeyAlgID != null
+				&& !subjectPublicKeyAlgID.Equals(GetSubjectPublicKey(c).AlgorithmID))
+				return false;
+
+			return true;
+		}
+
+		internal static bool IssuersMatch(
+			X509Name	a,
+			X509Name	b)
+		{
+			return a == null ? b == null : a.Equivalent(b, true);
+		}
+
+		private static bool[] CopyBoolArray(
+			bool[] b)
+		{
+			return b == null ? null : (bool[]) b.Clone();
+		}
+
+		private static ISet CopySet(
+			ISet s)
+		{
+			return s == null ? null : new HashSet(s);
+		}
+
+		private static SubjectPublicKeyInfo GetSubjectPublicKey(
+			X509Certificate c)
+		{
+			return SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(c.GetPublicKey());
+		}
+
+		private static bool MatchExtension(
+			byte[]				b,
+			X509Certificate		c,
+			DerObjectIdentifier	oid)
+		{
+			if (b == null)
+				return true;
+
+			Asn1OctetString extVal = c.GetExtensionValue(oid);
+
+			if (extVal == null)
+				return false;
+
+			return Arrays.AreEqual(b, extVal.GetOctets());
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509CollectionStore.cs b/bc-sharp-crypto/src/x509/store/X509CollectionStore.cs
new file mode 100644
index 0000000..9217314
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509CollectionStore.cs
@@ -0,0 +1,51 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	/**
+	 * A simple collection backed store.
+	 */
+	internal class X509CollectionStore
+		: IX509Store
+	{
+		private ICollection _local;
+
+		/**
+		 * Basic constructor.
+		 *
+		 * @param collection - initial contents for the store, this is copied.
+		 */
+		internal X509CollectionStore(
+			ICollection collection)
+		{
+			_local = Platform.CreateArrayList(collection);
+		}
+
+		/**
+		 * Return the matches in the collection for the passed in selector.
+		 *
+		 * @param selector the selector to match against.
+		 * @return a possibly empty collection of matching objects.
+		 */
+		public ICollection GetMatches(
+			IX509Selector selector)
+		{
+			if (selector == null)
+			{
+                return Platform.CreateArrayList(_local);
+			}
+
+            IList result = Platform.CreateArrayList();
+			foreach (object obj in _local)
+			{
+				if (selector.Match(obj))
+					result.Add(obj);
+			}
+
+			return result;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509CollectionStoreParameters.cs b/bc-sharp-crypto/src/x509/store/X509CollectionStoreParameters.cs
new file mode 100644
index 0000000..7fd047a
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509CollectionStoreParameters.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections;
+using System.Text;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	/// <remarks>This class contains a collection for collection based <code>X509Store</code>s.</remarks>
+	public class X509CollectionStoreParameters
+		: IX509StoreParameters
+	{
+		private readonly IList collection;
+
+		/// <summary>
+		/// Constructor.
+		/// <p>
+		/// The collection is copied.
+		/// </p>
+		/// </summary>
+		/// <param name="collection">The collection containing X.509 object types.</param>
+		/// <exception cref="ArgumentNullException">If collection is null.</exception>
+		public X509CollectionStoreParameters(
+			ICollection collection)
+		{
+			if (collection == null)
+				throw new ArgumentNullException("collection");
+
+			this.collection = Platform.CreateArrayList(collection);
+		}
+
+		// TODO Do we need to be able to Clone() these, and should it really be shallow?
+//		/**
+//		* Returns a shallow clone. The returned contents are not copied, so adding
+//		* or removing objects will effect this.
+//		*
+//		* @return a shallow clone.
+//		*/
+//		public object Clone()
+//		{
+//			return new X509CollectionStoreParameters(collection);
+//		}
+
+		/// <summary>Returns a copy of the <code>ICollection</code>.</summary>
+		public ICollection GetCollection()
+		{
+			return Platform.CreateArrayList(collection);
+		}
+
+		/// <summary>Returns a formatted string describing the parameters.</summary>
+		public override string ToString()
+		{
+			StringBuilder sb = new StringBuilder();
+			sb.Append("X509CollectionStoreParameters: [\n");
+			sb.Append("  collection: " + collection + "\n");
+			sb.Append("]");
+			return sb.ToString();
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509CrlStoreSelector.cs b/bc-sharp-crypto/src/x509/store/X509CrlStoreSelector.cs
new file mode 100644
index 0000000..c4b0062
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509CrlStoreSelector.cs
@@ -0,0 +1,283 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Date;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.X509.Extension;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public class X509CrlStoreSelector
+		: IX509Selector
+	{
+		// TODO Missing criteria?
+
+		private X509Certificate certificateChecking;
+		private DateTimeObject dateAndTime;
+		private ICollection issuers;
+		private BigInteger maxCrlNumber;
+		private BigInteger minCrlNumber;
+
+		private IX509AttributeCertificate attrCertChecking;
+		private bool completeCrlEnabled;
+		private bool deltaCrlIndicatorEnabled;
+		private byte[] issuingDistributionPoint;
+		private bool issuingDistributionPointEnabled;
+		private BigInteger maxBaseCrlNumber;
+
+		public X509CrlStoreSelector()
+		{
+		}
+
+		public X509CrlStoreSelector(
+			X509CrlStoreSelector o)
+		{
+			this.certificateChecking = o.CertificateChecking;
+			this.dateAndTime = o.DateAndTime;
+			this.issuers = o.Issuers;
+			this.maxCrlNumber = o.MaxCrlNumber;
+			this.minCrlNumber = o.MinCrlNumber;
+
+			this.deltaCrlIndicatorEnabled = o.DeltaCrlIndicatorEnabled;
+			this.completeCrlEnabled = o.CompleteCrlEnabled;
+			this.maxBaseCrlNumber = o.MaxBaseCrlNumber;
+			this.attrCertChecking = o.AttrCertChecking;
+			this.issuingDistributionPointEnabled = o.IssuingDistributionPointEnabled;
+			this.issuingDistributionPoint = o.IssuingDistributionPoint;
+		}
+
+		public virtual object Clone()
+		{
+			return new X509CrlStoreSelector(this);
+		}
+
+		public X509Certificate CertificateChecking
+		{
+			get { return certificateChecking; }
+			set { certificateChecking = value; }
+		}
+
+		public DateTimeObject DateAndTime
+		{
+			get { return dateAndTime; }
+			set { dateAndTime = value; }
+		}
+
+		/// <summary>
+		/// An <code>ICollection</code> of <code>X509Name</code> objects
+		/// </summary>
+		public ICollection Issuers
+		{
+			get { return Platform.CreateArrayList(issuers); }
+            set { issuers = Platform.CreateArrayList(value); }
+		}
+
+		public BigInteger MaxCrlNumber
+		{
+			get { return maxCrlNumber; }
+			set { maxCrlNumber = value; }
+		}
+
+		public BigInteger MinCrlNumber
+		{
+			get { return minCrlNumber; }
+			set { minCrlNumber = value; }
+		}
+
+		/**
+		 * The attribute certificate being checked. This is not a criterion.
+		 * Rather, it is optional information that may help a {@link X509Store} find
+		 * CRLs that would be relevant when checking revocation for the specified
+		 * attribute certificate. If <code>null</code> is specified, then no such
+		 * optional information is provided.
+		 *
+		 * @param attrCert the <code>IX509AttributeCertificate</code> being checked (or
+		 *             <code>null</code>)
+		 * @see #getAttrCertificateChecking()
+		 */
+		public IX509AttributeCertificate AttrCertChecking
+		{
+			get { return attrCertChecking; }
+			set { this.attrCertChecking = value; }
+		}
+
+		/**
+		 * If <code>true</code> only complete CRLs are returned. Defaults to
+		 * <code>false</code>.
+		 *
+		 * @return <code>true</code> if only complete CRLs are returned.
+		 */
+		public bool CompleteCrlEnabled
+		{
+			get { return completeCrlEnabled; }
+			set { this.completeCrlEnabled = value; }
+		}
+
+		/**
+		 * Returns if this selector must match CRLs with the delta CRL indicator
+		 * extension set. Defaults to <code>false</code>.
+		 *
+		 * @return Returns <code>true</code> if only CRLs with the delta CRL
+		 *         indicator extension are selected.
+		 */
+		public bool DeltaCrlIndicatorEnabled
+		{
+			get { return deltaCrlIndicatorEnabled; }
+			set { this.deltaCrlIndicatorEnabled = value; }
+		}
+
+		/**
+		 * The issuing distribution point.
+		 * <p>
+		 * The issuing distribution point extension is a CRL extension which
+		 * identifies the scope and the distribution point of a CRL. The scope
+		 * contains among others information about revocation reasons contained in
+		 * the CRL. Delta CRLs and complete CRLs must have matching issuing
+		 * distribution points.</p>
+		 * <p>
+		 * The byte array is cloned to protect against subsequent modifications.</p>
+		 * <p>
+		 * You must also enable or disable this criteria with
+		 * {@link #setIssuingDistributionPointEnabled(bool)}.</p>
+		 *
+		 * @param issuingDistributionPoint The issuing distribution point to set.
+		 *                                 This is the DER encoded OCTET STRING extension value.
+		 * @see #getIssuingDistributionPoint()
+		 */
+		public byte[] IssuingDistributionPoint
+		{
+			get { return Arrays.Clone(issuingDistributionPoint); }
+			set { this.issuingDistributionPoint = Arrays.Clone(value); }
+		}
+
+		/**
+		 * Whether the issuing distribution point criteria should be applied.
+		 * Defaults to <code>false</code>.
+		 * <p>
+		 * You may also set the issuing distribution point criteria if not a missing
+		 * issuing distribution point should be assumed.</p>
+		 *
+		 * @return Returns if the issuing distribution point check is enabled.
+		 */
+		public bool IssuingDistributionPointEnabled
+		{
+			get { return issuingDistributionPointEnabled; }
+			set { this.issuingDistributionPointEnabled = value; }
+		}
+
+		/**
+		 * The maximum base CRL number. Defaults to <code>null</code>.
+		 *
+		 * @return Returns the maximum base CRL number.
+		 * @see #setMaxBaseCRLNumber(BigInteger)
+		 */
+		public BigInteger MaxBaseCrlNumber
+		{
+			get { return maxBaseCrlNumber; }
+			set { this.maxBaseCrlNumber = value; }
+		}
+
+		public virtual bool Match(
+			object obj)
+		{
+			X509Crl c = obj as X509Crl;
+
+			if (c == null)
+				return false;
+
+			if (dateAndTime != null)
+			{
+				DateTime dt = dateAndTime.Value;
+				DateTime tu = c.ThisUpdate;
+				DateTimeObject nu = c.NextUpdate;
+
+				if (dt.CompareTo(tu) < 0 || nu == null || dt.CompareTo(nu.Value) >= 0)
+					return false;
+			}
+
+			if (issuers != null)
+			{
+				X509Name i = c.IssuerDN;
+
+				bool found = false;
+
+				foreach (X509Name issuer in issuers)
+				{
+					if (issuer.Equivalent(i, true))
+					{
+						found = true;
+						break;
+					}
+				}
+
+				if (!found)
+					return false;
+			}
+
+			if (maxCrlNumber != null || minCrlNumber != null)
+			{
+				Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CrlNumber);
+				if (extVal == null)
+					return false;
+
+				BigInteger cn = CrlNumber.GetInstance(
+					X509ExtensionUtilities.FromExtensionValue(extVal)).PositiveValue;
+
+				if (maxCrlNumber != null && cn.CompareTo(maxCrlNumber) > 0)
+					return false;
+
+				if (minCrlNumber != null && cn.CompareTo(minCrlNumber) < 0)
+					return false;
+			}
+
+			DerInteger dci = null;
+			try
+			{
+				Asn1OctetString bytes = c.GetExtensionValue(X509Extensions.DeltaCrlIndicator);
+				if (bytes != null)
+				{
+					dci = DerInteger.GetInstance(X509ExtensionUtilities.FromExtensionValue(bytes));
+				}
+			}
+			catch (Exception)
+			{
+				return false;
+			}
+
+			if (dci == null)
+			{
+				if (DeltaCrlIndicatorEnabled)
+					return false;
+			}
+			else
+			{
+				if (CompleteCrlEnabled)
+					return false;
+
+				if (maxBaseCrlNumber != null && dci.PositiveValue.CompareTo(maxBaseCrlNumber) > 0)
+					return false;
+			}
+
+			if (issuingDistributionPointEnabled)
+			{
+				Asn1OctetString idp = c.GetExtensionValue(X509Extensions.IssuingDistributionPoint);
+				if (issuingDistributionPoint == null)
+				{
+					if (idp != null)
+						return false;
+				}
+				else
+				{
+					if (!Arrays.AreEqual(idp.GetOctets(), issuingDistributionPoint))
+						return false;
+				}
+			}
+
+			return true;
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509StoreException.cs b/bc-sharp-crypto/src/x509/store/X509StoreException.cs
new file mode 100644
index 0000000..ea7e51e
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509StoreException.cs
@@ -0,0 +1,28 @@
+using System;
+
+namespace Org.BouncyCastle.X509.Store
+{
+#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE)
+    [Serializable]
+#endif
+    public class X509StoreException
+		: Exception
+	{
+		public X509StoreException()
+		{
+		}
+
+		public X509StoreException(
+			string message)
+			: base(message)
+		{
+		}
+
+		public X509StoreException(
+			string		message,
+			Exception	e)
+			: base(message, e)
+		{
+		}
+	}
+}
diff --git a/bc-sharp-crypto/src/x509/store/X509StoreFactory.cs b/bc-sharp-crypto/src/x509/store/X509StoreFactory.cs
new file mode 100644
index 0000000..96f22be
--- /dev/null
+++ b/bc-sharp-crypto/src/x509/store/X509StoreFactory.cs
@@ -0,0 +1,62 @@
+using System;
+using System.Collections;
+
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.X509.Store
+{
+	public sealed class X509StoreFactory
+	{
+		private X509StoreFactory()
+		{
+		}
+
+		public static IX509Store Create(
+			string					type,
+			IX509StoreParameters	parameters)
+		{
+			if (type == null)
+				throw new ArgumentNullException("type");
+
+			string[] parts = Platform.ToUpperInvariant(type).Split('/');
+
+            if (parts.Length < 2)
+				throw new ArgumentException("type");
+
+			if (parts[1] != "COLLECTION")
+				throw new NoSuchStoreException("X.509 store type '" + type + "' not available.");
+
+			X509CollectionStoreParameters p = (X509CollectionStoreParameters) parameters;
+			ICollection coll = p.GetCollection();
+
+			switch (parts[0])
+			{
+				case "ATTRIBUTECERTIFICATE":
+					checkCorrectType(coll, typeof(IX509AttributeCertificate));
+					break;
+				case "CERTIFICATE":
+					checkCorrectType(coll, typeof(X509Certificate));
+					break;
+				case "CERTIFICATEPAIR":
+					checkCorrectType(coll, typeof(X509CertificatePair));
+					break;
+				case "CRL":
+					checkCorrectType(coll, typeof(X509Crl));
+					break;
+				default:
+					throw new NoSuchStoreException("X.509 store type '" + type + "' not available.");
+			}
+
+			return new X509CollectionStore(coll);
+		}
+
+		private static void checkCorrectType(ICollection coll, Type t)
+		{
+			foreach (object o in coll)
+			{
+				if (!t.IsInstanceOfType(o))
+					throw new InvalidCastException("Can't cast object to type: " + t.FullName);
+			}
+		}
+	}
+}
diff --git a/bin/x64/Debug/ufr-signer.exe b/bin/x64/Debug/ufr-signer.exe
new file mode 100644
index 0000000000000000000000000000000000000000..a60e67897b6a08ea1acbe84bfd395d6cd714e3db
GIT binary patch
literal 2455552
zcmeFad7NBDxi^01bkFH^CezcC?wQPFx&uk*q-T;4wh06X`yvQ}LK0*L1yl~6P7pKB
z5O4zpWM9G}f-ADAsHj{8T&~+yRNP@i<z5$1(d)g}d#^XV-|zF(Ij2rfCxEZ-?{ok7
z<&)`C_0&^UPd)Y2Q%^lrr_Pb<uXIw5<D~KT{PT|UAfEiUMt-;dvl+>~wa@lC59I!7
z!Gm2#{L_M0o^^JseqP|eHaPVS_0vy1_gsHN{j@Xd!NzmzXP;X?@Tg<!Z}87Jb6HPM
zexWJ)=z|>RjCZ)sqTJWlg|$8B?BEpK6^?V>BFFJUD4ul*uj%50VOQy9G(vkAc>w1>
z*E!|wQA^ec2tR!qsE6?g5(5~zeUbA}cM@dBUcF+WGhzc?YPjw=hgx}-Z8-CS4Tz8U
zpdV?{cGHd!4d7Fj1+Cz80E9NsC=CzrwEnG$8f^i$5hM++)9t+ajb-OY5A`|ZE&9gW
zb=g9v(N_O9iV*O(+{zT>D2)e1i4QQ34|Gi09hfTe(HM4|JnC!INcYn6inMcXSg7mz
z;AcJn0p~U5Bjk_r2bg)kj-SQ?hIYV@<4%@Q+Ni&yMu42Igpql6WG_3icN|%|yAxzs
z4_caE3_4QI9-sqNmz>lUXLql?{Cvdnl|r-Vc$xGqPNtZxt}SHF?LKE~x+gdO+mzSM
ze#$#uIo)(h>7~vv+HxfLh5sd|wHRr6FE|->_&W(+@I!_h3=b4Me+dHBtzE_Js$nv@
zg~oY3Ie)2w%jr^jRTmQ+&u;>jBMZFRKx+(<a(AiQA7{WTdHym4{N?<?fXN4Qx=_u|
z2vxRrm3vA(V?$0*1uVD_Kb2ZvV<plSKluT)RoRFlc46*a@l)>Y?``bH*zSyFN}0;m
zba_r`&e#ekcsB~LkuTc}9tDp8+5q$N$qK^4Gukh9J``)Ho<O$ND*m_)$17y~JRTd)
zNjq*iTgq1a6^x$7Xs(p4TG4zd=O3~Jy!l-QJy0m+tyr;Ha!Q420}X6afSct4;+3n$
zi>1O9XO}XgCv0__U6pcQsc-xTvv7+}sR-OGa4TC=#4D9b<3DjH2O&MBLSr>s`fc*_
zd-(AoQ;|#_L5$+IF`Sv<a=%mR_xE8LiSBS_oS6Y9Gq5#PE|<z<nT)?La2)3e$ALsR
z`=M|6?`8P=7TPt0W?>{bkbe;p!k+<rcfbb_=0D2g*AT~;H1bHH3cgROMIsS7$qhxa
zlny15!nNueWJJES$X;U&XrZXJmU-Ydgu-9J0J_NE4@r+fp}LLz5o#Pj%v>oqHX3Gb
z9Y|2Vly4kFgf~h?C(L=bo5)!x6~^{P;s(O~+vlN!??MOX6A*TJF@$`OIE3^#6Tc+M
zhNQQ5B?>N<ieqb8Fya1+eu&jaXI0TDEv&39?R{~zO+T!YC0cCY*xQqJ&aNqjgyjpw
zE)}EpTJ%m*OrHF2G*L%wzY~wsf{fDMQt#Lz9i`rj8JcEfHs?55Yp@iZEW|&bz2a;y
z94Hw6<39yj&O+;PazM-E!a>5pG^2wgyX_I+PI8RowvE6cg3(**JVbOXm`N83$~hlm
z3Q>v1!Z74=XU;y9c{kN~_qgLtAsrfIk`MnCOCc_|=NxbT+R+mVHc$ll_X$CUZoV9q
zAnyX?t@;N;fD;9M0tNXO@`v4+&v;jyz18i>jrF=-g^_g)5aQ**I?rMq<_szrq-RtS
zVOWko=}s<0CEj*eGw~6jC2oh1{9J-$8N3%M(K}c~TP@wd9R6=XH6{oPE^PUZ1yID_
z0dY3;*^ba>2yNuhW-=`%^Z~&A=lEmsi3;VVatf-4oI=-ck5hKlpX^vQG}lY58cK~-
zLlM7-s*j<Vtw%@CZZ$OFORXAOkyT^fP6sp42_1!`aR{U{w2p-JLc|FjiJ&@si9!l(
z77|g0rYZG`vGyWKIhOpe`<@oXOC*3A23&xRv;7W$Ig~aM@Jd!&kNC2E<s$Q}(Jeg~
zL0OF5x%dm`+22E?Vb!I57|c`y3<po6J21}b`wg}ZV?BpkY3URuSIo?LwR2CvL=1}<
zdTA0i9MlO^VOY+KF0&GqnIzz;HM0pA^^c5enBz8Hj+oMu%-f0hik&xD8r7Q0d#mp0
z5<LW~G#%{96fl4dVXNk(v>F3~ksCJ@Mn@b0x8n$m;yA*TIq5_(OrO)80NLDs;l>-P
zq%;2Z#wT;WaIK~h{~y<C_$0MD6Zh&|Af2_ky|a=mCF4UuB*()r;gwKYnGi+Ty-|eS
z8%17P_asP8a`}aYbN@&<mpbJYuCo>`Hsg%bwtp0)Gw+QZ0tw{|8;-k1meZ6<t=-Zv
zY;yn$y|8H<%dUeZOIQaaJ*uN&>WJ9D3c~_fh^buc7?#8Jq9;0`s%z&-C>&@nE@=Iu
zLHO1#Owyo!q2pRmU0_dwinOjmWVoU7C|_;P)^s5=MrA`L7~92xCE`w!;t*hEDP|7>
zDw`#LRXq8JK92sdns)dHy&`{D-8%dW@b`B7-Dv(kgeU(#W&M2_Vg5aC{+`D3&*m=;
zjl#bH^EXjLz@4;K@)JD~WKb8B6KV<*XP$xl2E}Qv5d*=J+dz!3V1gtlPOV^&J|2U5
z4CuWvXpRA07J;e?X-;W5LneBzMu$!GWR1=@(W6bJITK%F;&~HaVd6y-ubX(UiT9a!
zpNU8EfEg>_$cQYf{{_QU#z6-24d4_3gwhbA?umbgylFuqU4_g+C17{s56atl75=92
z_YwSYEma5455wOE{Jj@{U&r5*_{*Xc2(PmSe`n$E0{l(fj2}yy;M#!X7PDhL3N-GS
zi494#TA$#F%`DPe3;F%BB;t_ZaRnQe7|Ov8NyJ*eVqz5w3q#8+DbptY1H@Z24lgTP
zu@T9~1wRc_Lv|=y|B%dC8(21AWv$JP^1?!msx6ypHzzZXDuJ{?O)W-9CXP=c)|82|
zo(`K5@^P#URW$|I*-`aI)F!&xPz@`&)(%SzdHDnMy5U*a@-Idp5t&+1saFe9*&7Zd
z4u6{~%2Dw_g%yRP<2+M~8F0;0?0kknT+fF2!eKOF@`b~qVdtwWX=+<4X|-^;sDJKa
zumXDjh5U1ocdn3GbqunocdnQXy>mUeReKT)>k<=dK1&-j^36d+)i*~c-7+LwzPTef
zSJ5{|8C&%Ti)eimdFfL@wpS1vic?)Hn^^uE$MEx16F-;Gn0;m^$7_`66+07a+Qt=F
z-<ETR2ge{c++xSFc*?;7(;0xhk}xcHIX{$4cR9^M@Ji6r!m!V8a%DDwCnK))7p(Pr
zsB1fG(q_d8?m!_)H^oeyrZzok+gQhQ0^HBo+J}G%^TEwC@E6+JT*sdWt(A-Vs+hGr
zSJ~jVWaM!m+{s!_tZeARLI=Sz#lNiOz(U8U1B)Fa4lHznI<VfI^xU8~R(+QpTq$Qm
zi6(db<AsmSL%~Cs8Tkz@_}`?R;%T6yi-)1)ZD5K1e-D9!&+_LXEJL|$8grWir7Rt)
z)wL)a<zUYvKYrg#rBv7mqp6Et$+2vy&tDI?^8~z}Ypw3}PXKglnx0*FCC3WEpR5j)
z&dsX88w#j8EGk0B2gD=im*~Q3Tceip;=(BRm-@%%z=<L8?RhbBz%S+1jRD8y_!D8l
z$#o|jv>EzF$^)eV6r4f9h-<+G7$q6YJyLKoaF67W9u_>eG<W<770_+3e>0t=)Y>v|
zCQ|6pu*3VHsVrArrBqq<Ey|0I#;S^qx-JJx)zY9fG>1w<)*#vb(41%WU1^>U&Ee8;
zJT&L&&>S&C)7UK?ho)WY|HaU(acItWO7pidG?&uXj49Q*8h^A1eucjZ{=$E&5vXEt
z9gDwsyr!I$faf`0onX(jb6!4pHGT`NR|8t~GT8<aVCv44;5n448z&0>40S;l`UAgC
zt?od%VHCi;I2VwDjQ^8>nD^2?OwGL0It9OljO(Aun3wTS6X@yqEoRfLGw}4!l%%Zx
z8hQG!)yG+Q^rR}Sv+-=5gP(Fb2c`QursDZ}K0yojg4Uq!qSXBcK=YpKgBsLLN(x?Z
z0b1t!2p2Qhq&N?O4dbBNe<P7HDL=ror|INmUx{V)%r46dE(=RBOv+}oEFW4W?{8pP
zZnn`6wn<s^=N}B7_p+>N-buNWC_25h3wHjbZa6_n-o`?AV%}`<6^6l1gk!}xwih(o
zLC9G3H%b)}X`GL+|E3tABfu=}hh!_yY4$pme30%A=L~0J4+@Gq2?H`s)9fIuUc{Pw
zE1rEAZnPRFN<ad!`w6jhP>zim5|j{eBsDHgVWPQ!RO}#BR85`xAnO5|m3G;3leO_?
zV72GxxD4|TYW|69Kmv-`UyGo57BaxjJ&BB+6o?^4_cEQPMGVciZ4$%cIuYX~h~YlT
znr*blf6I%f$Z(c({<bL6;ySSRP0EGF6e+g)-&$8HMn%OXW+m;%oZ01VE{i*umSN7-
z?rT=!-s5&i#?@|t)#S`vSndsF2lJuG4#f$2!l~mAJDN^&wf3A@t~SS2jKb)sibfcn
zqaz}WV#eiUIv1|WebBn3iGmF`jP=k4!LV|^h|0f$zY7uG5u=&oZ3f{vLXtZP<&_>U
zpgk~HFzT>Sz><oRd^qCzyDdp(R;PK4mQme>g&Z0dg3-IGLm@9HkW!{Ivwsnp8HP=O
zRTNmjl0z0?eL-qXG`mecg!*^O&CdR8dwE5-GlaH7Etj11<&fIpyqoeW>BclTiJjV}
zlL7mnD?R6OJke)ZXI9)R&K^9W0cJMyu7qPip#{D|L$@wi0)57Pk!I_UFlMPXs+WV+
z?xIT7Yu$={l-7Yjxx@bxQlXcl#LTQjXz$il!1XW24|Lo`sG;1A-S}?O#{T;po=~7A
zr*aMy=7!zTw2FT*n_v(Aw~{jCe;c0lUxWN}PAD|@1WFdXb0_oUZqEM&HVqvwch1_p
zmr)Z8q>uHp=tRj}A8Q_cTyeJlb`-p*rvm#2+Hd@W&P*XYmdP3ukMl7a>TRoYx?m@}
zkjQhd;&jM=Y3JtmI>YQI5_t>&{yW$vUE^#41{5;7MAHn$JAvU}LbO@n>bh+tgka?Z
zjPbPpG`Ik{pBwCoX&~5upGs|w9w}&+gSQcQy8u@x(3$B&g_!>!gh#M;=LvKU<;}%>
zf61kK7-tyr_Ik)f+0eZ=t3tc2(+n`_?`GrO$-Tlv+0VWUwKXmU>i8Hov_BQa79;kR
zC{{=82T^QZvmX2lV)^Ed0Xh}W;b2sr<zTfu3&DCkb!k+o>b_<?x<wKJMT3+~nY~m#
z-wU(4;7rh+<xa-!xCF)N$`2y2>Zk23!E6%PEy*TYf~h>By$;M|ORg1)cMLu*&*9*4
zd6t8JmuDdu%!Dm5)+iaP3l=VbxFw1QcZ=}gP7NO1Il<#qc(k6u0;Ze^*aCovuC{p0
z5C72|&@-($(sryX509(#8vlb~Go>QL-%7@RibKhm4VVNY)jtnxS&2WmY@O!G@OaWr
ziL067NQ4@-;nb4~-_vck31rgK#QAQWlZu?`QAi<pOH5?Pj^ccJ6v#B%6{k!JV>SBS
z4o^_ksKP><;^1(a^OMOW&PsNg2Ux{%o}8D&rwwFE8ce20Go=ocz!6_DW7B^Z>M*>7
zV@I4VuXS4Q29)bfcdG|I?zJvM+=r%yrAyc#VOJ3L9)(r?E2Bj8g4eo=iB~JkzlKj8
z#m2S$<Rj>!go2Eeo#@FhDbg9mSz0GlE^LjZqh3H6$=dm)sGs3-pM&LeXA2;l|1nsd
zqo99|#@{f))UBL9o<ev)bdntCDrACtAv9`VXM$ojw68OveT^dn;2a#U;&*6W3&u6B
z!%yC;qe$l*IUWF?$r@x$8YDAt!BE_7!%K~y*7Ym}WN^&v4-_+<E56p$xPdsU@ze2a
z60EJ^a+<50&U^^x|1W+?=M}d7XS3S=4BNXC>TtHzb_mf6w0&-;wxeAfQ^}?u3Wzp+
zt~Q;3sOiN2yEHvodp`O_Z9CVVv`=LYO^v~8RzzJmnWYvVZB_zw_U0jz8_5ywJ$cSw
zb|nMw&u!fV=oIHYw}lxwKZRu*f;TgW)ii>)F!(YF-pU{+69a`tK~SI=sbMxq0D`v>
z_h<>emqARKVKz+pAp%&2pi~U|6+x+Zj~I7Cf>On*7@-y;jK>JeV(9W1x*~?|97CbL
zLvnVBp<qi0-7SW~91AI1B*EL+pv5sRWDN*HWFv+yiJ?nlD7q}f9h0E6xGur>vD^i5
za0dxW2VkU!*%nGrvO#A8Dy)8m1clY}B`DcOV<^-ma0NOnLCH2ELFs@#2}-#KOYjbo
zBWh2pczK-dNC^tPhr~fjzNz9c2?|R%1Wd>7D?zCkb0?ru!kRd^UmT<cF$f1pP)I*e
zf>JKEkSTXh2}<Mlj&b*ip?k&9)e^juZR=-Hj6VPUh-1W1`ol2AKMYf*!!QLk3{z6W
zFoiM<Q%=G#`!)=-!@@B69fry9Fia+eVK&T!8-_%VRqQ@}KnZ5d{~*GK_7BYh3%Rqw
zQo9AN6>G)ThmqU=NL)m4Z4RpRt{719KN?5s=clm*c3rq5?`Fn(;-rdyuSUqw#(hkE
zQw$jN?~fyfdf~RAM|wdUC5*Sg^J*2P@?&ucmDa~u!6#x!aF<0lOB+&@2V#`^xg`GA
zU2Vh@x#E8^#tXj0qA(IE9wf5X6Y^e2Rx+s{xg!!HnMP4pb^udvb^ud{+ThXJF^L{w
zeWQuC5)%BvYAXSCI5eHwDTzKIyc+fiBNhKsF}1;8tv0eLRsYkP%E(A<p9C3%8Gag;
z6A}#MV^JZXwnwceK?8w<Aq|pcj9Cn8$*P#Oj3s<M1O#h<5A>1!Dns?(JLtIwL8bp0
zB~=PoQ`<8^D}hPzkb>4)v=UICLzYz%<Pts<lFJ^8n8L_NZ8T94VM(SC5}apML_lq2
z8&e3328(2Qm&FuHM9dV%5=<dr`%IAn*3{-DXcb^SAxKivEf%o^bm9u(ksxt!#^lLR
z)!}e75<*F~z_bB6fN2kO0Mj<G!J}s68~wy`lcRx<;8Rv32++}Rc%o|wkC?6zGa5*E
z{dy>c+MEQ-2v5opA;EX8$|URUkjmPML}i4}3*|_1{mJTK0;>LJRfHMAs>kEP=5rM7
zhZIh}4f_8ON2>nk<A{$bI$z6QJ|C9*qDnAQaL&79Q8id7&%t0!o<qT|@|+i}mgjJA
zuslbCqvbh2STE1f;0$@za>2O__+N-Cs-0fzOK^pB1s4D<oFWLQy`?rc!2klIfyBO!
z1`;EqwQ{0N!h-9qG6|@?s%_X180iwp@&L0KT|&vJKg+I2_9Ef6q~H@2{KTqG@^<J(
z!XufHT>sTpW7LgIMK^Z0cOz%w#9T-~G#AP|t;1&zz(dKmz+zySNyY+;O<{rCr%0j(
zM;GH>A|N>-60(g6kxA8XLX@J;Vo`?Eq%_t5Lbo<y0tsOgEbyu}@MwJ_XJFgzAa-(G
z6B4}5Y5)N`uFpzH8sQ`1P-7&T<)nx$7U85Xl0!yDF>Gxz2umt-LV^b^G6<;c)Fzn%
zEQLf!o^M(8k^wQp7)xk$0=BQwrGVW+E6C_V0;~SRI#i{MCoDQO^^rKWKE&y6zXb23
z-2RYmidsyj2%h%qI1<8swZO|dgO_&(ujmZkxiffWXYeka!Mk<_@75W-duOni?`B9@
zt*m#(=Gv?SPZqX;=eL=2EI2u*5EA^!>Nx^L(CfqPhANYyX+??(EjlS>q$eJv?6XML
z8L89jTmJ(TWJ2VbloWYFf<sx9SpyJIE47Kd0L!81NS>3d>M0uuAtzw_LQahO2#I{A
zok%7nxhBP(VG&6{v}-Iyy&I*pnRkTO2124Ks1b`8Q5Jo>y>=!gSwu*%$*P@zT7Mgh
z1Q=-r$#bQ}A`XanxG|Ps7y;X77%`M#-)JXU%1%ytQr`6z%>+aold^V6&El986ln+!
z)`(+_)c=H<>o>Mn&!i;B2np`CYA2w!u#IB^oD=qs<ayNM7?ncIF~$-cBVhX+BZhFS
zHk}v*geT>TkVv^o!H-$QYwAW-t{O3#mXW&fF{x<@ul0p3qZ*6&$VmNhu&{Pgf+)h1
zOe7@u7mE%8YJF`?6kv~CRq$7fiPV)b6B$b|k$~+pkr?&gklytPdZpmr#0o<Sb9-Y|
zLO>*QQqXH=%bXSzHh@Yz;uRyxt2K$b2~YBhkYLcNnt)ln5@5luDp<ih#?s+T5%Y?%
z1g{9#KCg(Oyjq>0R|-y!PbqA7i(mpGUP(b6cqIiD!v@F{rgQdU<PPU23%pZjaHBJL
zNoO!Un;pt-b_S2Nfuk1?NLH;-yCA_C0+W^?A;A$AV+g1}LB(?e70=xmhM^luip<;W
zh^#>=<}Fs|l0y~$Q60pLgfC2u>^IoK)j$mR%aZF+E#qOUj1OCcGBxT!Mg3xoTK_u7
z(EJ4bQb{yrFc!$0T1Fn(d(l{61O&Y)!9D_$1A&m>Cl*zbuhOP81Q=;v$@3?RSCo&0
z=o7Gg(I-Z2Nv)M2kHDm&m4g1uB9DNGX^hl6Oyq>e>Xc#{v4s(^<@iLs1SZ)+NYFng
zR!x$xoh<^4bgAT7$~>k&I1mzSAz=G#AqLoTY=S%iCe?wIw9=xFfQT=QbmEH?)Emk_
z2V}$-M!=Un5)~7e<O?Ce;a0tpubnRfjP$1DX@A=;!58X)?em2g;L9!v@&uUVi<ESl
zMIQkXUl{4c7bz%GlXYMjXYB$8Kcs`w0;7Ku;7Df?2RdsoK_-DosU{@YWKl^#{Q(C9
zer;mF6CU|A7>V>1Bf%9c!U!8lje1if2P@%>plg#3KLI9rM^JFLMU~*ZrdCRjL}29f
zV5I7QDXu5@`Ye)+Ba5i;faD_&$d@%2c^T2o2uR&6!9N0%{39fI&Z1QEy|Il_0wceq
zWa;aR`K76bI7UERp`AD`<09f1QR`xd1bu`jM+qUpo~-OHZ6pD+tP27oPD+-w7JXbQ
z#>NF>i6KM4_J<5H)VN5xrKR9x&r4w^S@aSRjT$MagK?oq_i77=kRv9SF*Af-!JrvJ
z78st%PT<kb;CY?F+_daa_DCDJ%}Y!wk~Rb(!CS2M6VS;^On4+xj6~y+&FthQCOj#;
zgap@Hl}Xmy9Sr`YmzeNcWUWXx+f7VB<X>b20z4-YVB;nxo9p*?IgbAo?I!{vzcC|`
z-<Xk#|Bo@6I*}KIPGsD#Bu->pnS$qF@U%RKg1^XfUQjF%J{;8LITGwD&-uZj@*E9b
zEl)U+&(lCYc$)?a!HpUy26t<qCwN!`y}{!em=pY31AW0?HBbur`dMMEKUk=NaxkHR
zf#3)Y%neS_Kqc6qfogDx1_py$G%yt0uYq~NmozXO{73^M!Lu5eAK-W&>lzIPG*Al~
z8mI@W83=viWa2EJxbQr&@*yNR8W}?cA^F<9<O0lv(=}u0;$qarU)8SSkco5@Bkk^U
z!h+MR$_S_(&}QOE&af`YvVmEk8M%SU0T_u5Bazt1&^!iMwNfZ4mysjbZn##S;Iur4
zg7?dFUU0WOhl2;?ITAc1&-uZZ<T)CAQ=X8N$2E`-p3p!ccv=I+;8_jy1b@~*Z}3+Q
z%n8y1(pP;!k%6#hNGEz`X+m`q7z_X{><7VW?*{^--3ms~4L$AMKwT7d10$og@kCvO
z1uLw&2$;2tL0~lFOBQ<<gPN_=E(YOkyBGuoM_AQK-VSPp@Ms#6T=p&o0g;wr1a0q)
z+WwGAM<3vcT?_)ET?|IdWB`jKQrH%F-_GDY+raI+7%U+;$7&)0+t{;U(onc(AsMHc
z(TF$cif1pO@`GraIooGuFAMx~;D-~B1wOJf_>j)vLpy^H>kK};4Ln-^DW;5sgprcu
z#70PPyTu^_)O&m>bKi|dhKpk+)gsYjESlV;m<KI>VZ2-XlGs7D^Ap4nC@0eWuc?p_
z5PZv`MKE${%zOC+A%s``ugAHn{x{-CtrjXNc0w%|p1feJ@lCepO^QrF{oWLcPwplX
zo}7^h37)kmldLjSlG~Pq*GBF716zuu<Z$Db5sVcK;pE0GWhADWu{zf9?L-ouB$AMz
ze{QU*Bx?sE39ro$iIi;nGn)~00-^!U2#Cbgk|dH68!0nJYMa^?H3SA1TjU7V-fbqh
z03+qXShQM@0zPOFrm3IR&SM0G&21-)V<sX@BM?r`P>j?LYNL|C-~o$D!CKx%r2yxK
z9Ahk^QVRI4MWv=1DjDfSC5LcCB_pG?!xDpou;h|~kl-g4r3B16FC)On0VH|sVM!ek
zt1-qBYX$<gzh;mE4yr9r5KCa>?3ObAWYMXqk7y?_QkNl}^luYhi}neq?qf1V`F{}k
z-N~bn5UN!RyrwgFzs}(OJA)7C3_h?k_@FlMXzi5=o{+la_#`CASK{$WfUY4fOsF@)
zqv0v#gu8T7#3+j}W0m}fbp>Op&;}B;5T2xkkl^(eEt0i^t{^;CXp-&Pw)!Jo!Bhx4
zY=ES$VDCi2&Pe@x4)j^l2SRx8m_?BwPGVuwHWmr5MN2HkqOmAt{MjN;Q_Wap1mq30
zlSe6u$YZ2-TpMi!2JflHJttW0s!V{9Dq}1nObW17nWh@T80kb9<uoEpBSw`mQd`hQ
zC4s?x7L|h4uF3=$sWQeQDy0Bhm1(M>l95hSa@a&vGE%?Enbo_52Vb*jBcQfxTh|IO
z+Fq4Bzha&pRCf>%2^%Aw$l-8}$YG>ivl5ontb_#rY7s|3t=zW!5n!ZQB~NBBCXV_b
zR#}WCG%Eqy*Q`>&f;P=cV5C{4j2_l`moh|CABiLN@ibVU)T~l&q*?b&kja=ay!U4C
zLt2yt-lsEoug>7rZQwS)3d>EJpM(SptR@klI`N2vP9!`sJsF8iPZAz2JQ;}=p3)@P
ziuu8C-O1~Nx$flaUeUUbXtUOR1O`W1gb7yrx=(=7`kTCpM30g71s-9+$yT8R%v#_{
z&d}D7EN^5MGYH7}sJV<p&6Pf3bLWN4<x6*LE?*p^LxwNf-LYs$Ua^as&usPgaL6Xl
z=@A}WXAw(4?dZ01dIF3%!2XXoz(~8Nfw161R-pvcFJkS<bH9=~WP;@SjKze0<cg;~
z#_At;annj-)+0FhomH3MeX~oHlfAAXJep86@=rPtq=*c!wl>@+pti>UR-6nSl;Vu?
zZGim81P<JX*Wl;q{aW7vpz&RSRvVc0V29RmHG)&;CC4J*jmHJrQ2U1En^9;WJu#%-
z$DF*FN{7bxC1;Qs!b_s65vq+JD69&Yp&0}sht9~2A4;;ky-@Lgq>*0K5Jf8O5&y@E
zg=sU!VkAtMV<+&)TvQe#Ay&;!U?fafWG65ZCe-Z&M#2R3sv6=M2@|+zk1EGZnT&*3
zYEYT%jD!iQRZIdSCZW<081B31;)}-)mK?ly>{Y}V0dw-WN@(dxxCH)KK;lc_cLdY<
z8ou0Dh8-@aoB8COD<US|xgwzBJ6GRE*U3NghRiEjg}yYz`ps)R$Hl?p84Tb0Aa*ny
z8L7Rd&1N7lIFiC*rWC<Cx@|BL7#TK_<@8v-gb~}H+DIxkZFWu!PXdFBtf~cTss9s|
zH^$^VRof9P!lS{;hFATcY7RzF%eq7@1O_))wFuUxS~W4d5E#ualI2dTfdoW$2N^sV
zR>?^HGIUT|t%L_3wQ3c_w-GT}G2xNpP;!02s+fSVVt0~cG@g*Q?yy}A<4!VT<4Hl)
z174S->JI9Lcu94`N|F#VJPDx$7|2j#MrsMZ4YG|AnindeU&T!^W5{iYHd%U()A$+l
zRT@w6(SlC)8b4=n>0-C>3kKr5C@UN{(`!-bfLs^3gA@EGN`4IENv}Ebe~ApOr}0zB
zY$l#!7n@F2$6uFRE>M+n)*)R+><*5*nGqS+*w=FgC4GIA?l%5eC_1i%QoP2$AhN+j
zotufW^tg~tyd-%%G{Dpegl>tT0PluuX}R#B^?G2m)<<Z#zaixuh&rLZN?{f!)i@0~
z^3F^zu8ESDSz9Gs8L`QAJt-^YZ$^5@0`(o&tWzjEy-++|=Z1y4hK|;WQRSbC(o)^&
z)=9WtqIEIed+$v*e&2=g4J7sC2%Gw=%V~htdE}2f$#(juAssg*^n3nI2>E};MQZ+M
zKx?yWu3VoH<{9po=Vs=42kP`sLG8`1fhZ4X=XXci>*?|QTbPFzwuR_I7x6pP0sJk*
zw~H5i>hJk1Kh@eD2(3f$BhtWf@NVpD@Em1&+J707@QsWEa1YZKT#vUJ@p*C&37C=f
z_eQjF8!oU*`5(itT;Aw8)pGaDVrQm%F<weWQ5jx^$4_hU<}uzG$-D5z@2x}^d1$}Y
zoCRx~ZuT3$8FDi+Vur-M9{Ea7bCHwEZ3!!vTJpGXeJwBBz#z%-SzX(c!*@Nj0#rEu
zO;0SqLZw(KXK>j^s+5U~;N3nWPA024i=}Q!jhb@@YR+gHiH*wT72%)Cl)<c0p6>&v
zoezV~I_Y#%!YqC#gB+{iqao<0QhLkA$8q%uKl=b8@!D1fWP?16wNhFc!}cUt^VQ7d
z%u}rN;C8y^ZYU)im%=NBs!leid3#D8Q#TNwL}yKrXkSz$ZaEnLT(%7HDi!2z+hw46
zfzYgSd@6bo1oF}k-bo;`O;}?BZ7DR<Dw#Tm@6wj{lqj#<bRc;N^WQML0KRv<68U$q
z>W=ddg~Lj+pUW~1#=uC_-xa>QAB~OQ;|`e(d!hCGY>JU$zT5sXXw!wP$1YVHd8iHY
zql#3q_`iaN8ykhfpc*pFh#Ry!fOt#1@Z|5%4vSSN88@LW;>+Tv$N7Yb%z}G+vQD+|
z<foA<%tq}&u|V&yx|;BTayN82800lh<2N+AotfNX2X$S<OpTq9z}_9pp(DNOvc=7P
zoD?r^@EWhhkN+ER0>avj54x0awVwY~Ucu3v2b^n}GmDgLrG&3Om=s*1(>N3LxDE8F
z*Z3*a9>*r-s~fe>z#^XUSpQ5K3c$f_K)g4O|L(;fb;uX+m%|^&EFSW+4?_Fm4|9a`
z5XfequR$0_E%c2mcbRoN)nao+Y9rPZ92k195$Y^9hf^B}gpZSg<f$mKM`RicZBOWx
zsQ-VB#87v!uANX9{!rIOSi+`wNH&|)oa3f85Zb_!Rc|=5CNTdB=;EnYa{`-=Cx=)=
zw)TaF({$9qvHx>Cp$16{vu*r_HPA7V1h|1f|3GBT^L8}@{3w9XV4^WZL3vOX_-0P5
zpm>cLZgt}wlBH}BmB@{usylemqUceoqpxN~%|TV9D^N_UQA|EAhBumwI=DuO#UOXO
zl$G>^rpuc|D2k|P++8yMK(35?=}J9nKcpQf7^g1n<yT<-H*2~7E%R8H+^dN35z0v8
zT@bR?e&im8KN!oq2yX&km&7=s96@T&2?d5ygpVg31UXVwvlomb#yab-A<RY>p%Q~5
zy7(Z(p}KmS%aM4oBvLFJg!eS(8K5PgCIy!qg1&GZBRp#yXQP1zJr|B+0x^y`Fg*Dc
z&Dv=k6UG1A#_=JbU3C-3<EfyN|Dw?w>@g3Q%mzo{SMCX&IuTX5!3k~9lLR`|20dAz
zSG7S;0W{>t2GoT$E$$lr4YW|fX;yJZaF5)Hox%la8Sgv(Z;`MVD)<>Z7v*a`%X+<9
zepwEhme;wlJ96V+hvHp{&V3d*3gnzHem{}KXz(yKcqq@W0|Ox_1DVHvi25<>h4nWV
zbHZX18_QkC8}CJoO_Nx&tBMH<WI+;B4Ya~rl!qj-`sNDeV{_wtK#1~@8s;3%;0qtp
z9=ilmIR5#N`jpI2dqX%$YXdj@>Se~XqBe4xR((%}Ggfqh`@r4S?}53gl#yAyoNIOu
z;KwOJ>S&9iea<-B2rc?{P%T#@H~t-iC-3=x#RC%+3i=%i%C<Z%6f#T0yKaU@bRF=5
z<vbsiQyYE}<t#JwJRH$epnmuKK0IuC=60rM2P2>=N8Qf9r{pd~^o*|U3c;};qxA>!
z#r1c=JdP^_`+^ey)RgBWW#g5&fmpS{k&e58F??Qb2sd<<)6?T~aSwFbuOWs<9go(l
zmO)+6UTVD!N+{>UHZbd`C((ZPW7(T{9cXbkzFkXZuZ^9AvKeQe`H%9ZFq#Mpa1Ah)
zyB;2o>Ek<iv=*TxsRIj?a(;SQKd8t{eaQSIF?jV~ODgmxwz{lr+Em85Y8@(Lyo~wB
zzaIFw?yBg+b>ZRS<va8NuLNTs!lU&WT#p^M38<eWG_C^|WT8>lOFbVo_3-xaHK>R2
za^Li82b}cu=dsvPGW+DCWVla?pXzFTC2Wt9j4PQ@+#yojyG?PpNqN<oT@X`Ou7u{-
z-TeOo6~TSzFS)mlcOtKPA21vw{S`^*<}xn{E(BjD&H{|qO-PdanooyaP{w`8K5kmj
zj|-J6h^>oa)!G`l<g7ec8pN%}jk6$yPHC`KFI7!gE1B-9@_Ho<?()#|)(SdeDCSgo
zUTI!wu=Pf(Gv3HHSOnr_MX(6~-f>;7m+ErQH6Fi19FO1Y;}80H4v*GRkgM{7(t_6B
z42(EUT+F4!wDwVmX=Up~M1`6Sdq63a=TGM;DI*qvqoq;YU|h!<sx?FL^d=r7k2hXt
z*uFz)hgBaYPu&d!m3J)d=tJELZ=ocTyxq}11WEqyF&@hcOAD_!TRFI>QeM);P05Q&
zOG*N+t}88BchxOUX-Ro$X({ZbB}iEmnp@3MbNsue8jHJ&r~ilCU2GA*Q)#EtBAdI-
zN`PA)&w~|@zHVUJ%D4U~YENx|ZU;*(X9e|2TEC){me1nJH_TucSD>`BYdtLKs_U{O
z5Vl-Tu9(F&l`>a6h4~;Q_nKmrfcaU!vPgXkt+WexSlzkg>Bkl~o~c@xtC-9f*7XXW
zz7oSgr|2y2JoU`C7}o&1+Tc>Qv4;BNVEjy-hS|YwoCCq@;g`=Ex1l#%-B>`tT!h}{
zT>LJy2TK{+J;a8Zf;qFnX&!F?SZAINIKR0$#X#2I7j+ae8(HC4UuFZJ{;L5SH1p)x
zu%pn5k`q;mm3AGavJ|b%-yhj@?i{}obEo-yr`Rw%f-bCg;7fzGkWTTAY5H(_tVUSA
zl@#x*bg=B<tXXOO30>AWmpLGjY^SEf#bu@YQ99?H-7u=K0z{vLx*a#t8Qq@p{}lyd
z$`|#1EZ~78s(PP10|X)yrfn>ZQ&Wt>zb?G52+y46POf03WH|uitGW$DjFPY$WP;`e
z$?g0KJu_nk7*Oona&~4iS>XUcXQf(rNkv>eV%2coprIn`Mj{+iO5^tZJ%EE1W^IM8
zRCv>3kK>lojn`?(3lNr1f;P@pK%acW)30-AWI1n^#BZr{`GwA%J9PD-@8sTa*vkBt
zYsqQg%OJ4-;8cP44H*}s`O-gP+Z40o|B?}j+&{RKOoxf%ZDzOAZ}|sIgkVdmaRY>R
z>P$i}j-lcaOt;=k{dm)M5Z;$Wpq;EX|6GxYNtWwxp|YbFF0%R4&S7W+#yrP|;M@Wn
zj8#gm+?9(}VYA=KWIY`icR1OeTy<?Rt0>A;T8U4<O$BR7?!yh&$E&PzIp0gQa4G*Y
z+Rv|z^4kj)$mO2E3!xCO*ML^X4L(U$(IM(T4g5UU8<5X3R6^r%4DrUd$&S|&*O|eW
z5rVG)Kil{>_M13r!PKBM-!7vkhcc+AR$Yu%J2@@qn`kP9NBo(T$}7$uU61JFfUhfO
z+)}2NTbV9pnr<z3`6tlzQ<&+n#?3az!8C?T*%F*zqbFQd-;81rI<Zze`Sg?VQCDd2
zEG1Hx&!tQxgyUawnmJfaQWhF87g8520=4+=YutpTsBMI#&T&@k>y#;Xj&rPYkJB|*
zWw48P$MZu;>_75NSj;sN{UY50Z~Qx0!V5~nZWsMSdsfotbh-Xpk=XbTpjB4RW&CYX
ze5<P~0Vx-E0Bd2>NSAvET?YeH{T%K2pv>yQiD;1$=KEYE4s)R=vrd6SD_OUEN2(sc
zjS%KJH<_oGdBBrUz81&r_Fo57Bi51ZueQ=(&!XtZGe}_>@W6z;^WV@`26<?wpVyXN
zLHa&cej#@xMheHEjU#O6fU~bv&N-y@nQ*|w?X__>#MMZ9he3-O>y!gOU>Wbg5NT|M
zZ%rFbdbWvYDF(_9^qRBAqDjiT1m)=rN+)St58*;^>?94_zMoZww5uy7e499K5@!Ku
z*<Z`ya2xB_Vdwt^63eeV4P&MZ`<`>%b-+JB@PmI$C;%!EPIBpiVsj&9TolPt4D=pR
z;kdXo=Z}j%Xx5+t*0KWHDZDm2jVp<%JdK7&GB&L8<3GX&Rl4<qDqN*x@yTLrN%4a!
z>EcWuzPu9rl*2mP>ZkPTT!Jy}I;)+rv%=3^)SNTk>O}L((V*Yc_ENv`+f97>-vgUr
zE@5Qx@_hk4E<M6F<(&HS&p&@*v5DKFqa@h|DmK$|jlV<n!fwi&Jw~z9d=;t+c^B#p
zlm4<!>DPm{10{bdshqoHd5%SMck_H@Y$4M)81_j~SlfeLnwN?F%w3Q}pfEFAz#L^e
zG$fW~+|#*iGjyDCSYY%I%3Q24AcpMc{skCLb-nUq*m*IN58JR4Xgo;yCo)RiFtj{1
z(8Q<B1R#Q#ii9kb!-K6n{2Ef@2hq@pbdEg+ts#nZm-dx&2+J`3<uu&OJE{LyBoBsB
z8q+Dh=S3<!rR7%;7U>=J6&{5$4i!4EdE@nWHU5*rgzkoULRSr}FxlXccKjM?Q_#R^
zd<22%m`ETA8L#nQB7yEC)6^EG{o+F7@4Ct<pbE^rY3IxozPiS`#BY?J{yMPn&5@JY
z?{u)Z{)LbZ|GyE;sK><%-V-NoX5wG%#4p5&7tKoiL!8L@<}!@vu4MLFEvlF^PzQ{o
zVvLJtRd8XPc+ITD`{KlRGLh{wjdFRXy;t;tpM^NtN^PL=R#=WUT8#$$DyKGpt&386
zUE_aHLb=-u=F|<<SsI+PvO#gw2I%lkBOmNjZV7(2T@KYUfjF=FDrR^np?5+2{6W@0
zZwD2P7`DAw&hH!6w-{ZQwRBWIhmX_08yR_jxQ~ydQdiS~v1%O)H85Gq^73x+V3m8l
z;OwwKU~FQ&TTxx`(Ga>AdyLb2l+CJ)AC$uOoLA}<157$_u`>bDA=)kxntTsK&^B`j
zQ%rz%r=q<dP9a(2$+xB8tt|C!I38-Yg->yWxXn!{52thuBEJ)*h^G?KwGdwc#Csw{
ze$?JVOk0Rh?BI~-aPc2{!N<ZzqB&){a0HHFv;;oPZQ%xA4s&618Iohfh@BxF1ux5<
zr)_=yc@$S?$IXRmn!6M&*EK}V{kMVCk{uC+SKXRLQ?1-EvTQ+#&Qc`d(;YI%W#;`e
zoNp$H_JHn7AI`CBVcAmk-{5-VW|Re;0liZQz5}9lL1X2RPrc=_{-bYC9h=3B{~N@z
z74FbI5BlLlC7{v78VBLuBD~=P__n<c8~-`PQHN-MSmFCFKsE1y-h`pXbt#rv&dY>O
zu|`sQ(tt`&m021a0Y|tY9W*2goTM}OGlk+K7!BCH_{`BlZ>&$fH5+$>5J0+{y&3U#
zgmKYzCq;hu)D)^uyXmRd<3V~{S?}xwdP1C({~MV?=@!7+LZhuWgK?4<E{xx5x~@Gm
zs_86L&Xm#ScrV&{1l#Eh<Ogt*H!B8#P}fa#5o5Cbscz%fVw8n5LLvA7S=LSK0GKS4
z!xs8tjOz==+j17j9IjZ<tIx!Fy-e#@Ahp3+sqD@4moqp!AO~0Qy#(<{!(AWUL4N7G
zoPNq6=e{CnKT>6hgo-)P1}7N??y{ZE%ZYEzb9<*YqU~_=fHpJFE!B2=(t7E_F?<D+
zC3*5IAlNgJZGw4^A7m&wbFpD#7znoaaa%w*$ocM6oZ1Yz1nxo=)k^E}-7Mvl!B7Vf
z<!>{}ggy2D-WPQ)+9hZGP&YnAg3WNM(howAL?}6C&jT&5P(BkI-3*~y?=<&DizK@{
z38#(vq8NyLQD(yee8qUr#3dV#6LGZ!+v9Xs<Z+_hFGStPu<q$M06X$G;mhc8aiPO0
z(f274cGLIjXHr=S{ZJo46V-z3?1#E5N)P=|$4Y-dP|*B>x|;rgp562Uekicd_Cqm>
z1+*}(GDRMUABy0lAF2Z)4Jy+Gksqp^iwQr}`_TyFhq5aCd-$O~pe4tCD9n+pihihI
z=N;$~XyvFJw(o~}C3)J>55@kO<%fDL3RXW9#Q~EO`y2)Zzr%;IA|5fgf%2F#Wj_qI
z{69mv;HyfvqBu1vMZcGk=Q!qx{F3(rVSDoMu_&GLa4+&7|F_A*8$mgQ2uc8+!qgO_
zPIJheWFV3NI9W^*KF-$JW5}~CShr+m@F5?p>cnG658*u^6i}|=Ftyhqp~fMIBPd3X
zo{p~($LqEwXbYB%+vo@KrL7-;Paa^labP*vKCpm|!EE#-HTrLmbE?HwNn9pNRUTLh
zSTI?FPhmG0d=Tf71Tj&6jRj!Ai_eTvsxCz5XVlF!K*>ULOnc@y$DOHurnYqy>G7We
zF@t6uC4ip*;Lqh`25W=<ye_AXvatRwafAtuERysPCDQUOsnLt}M(6bD-snDPNvod*
z(5FFcXaGqG<bf{+(1Vf$xl22@pq|57kEw=8CMZ<Rq4qUq2J|K@lY1!gQoEHUG(3y}
z^e`%T2?o$3KyNpIcHJ>DfH<bW2#%|WPV!K>rDKli#>XU${drru<ztfcUyvDX{-Y+!
zIKispm%tf=8$dEJA{kmA#)2mDl<>^!B=WtQ`C5-433IMwcmf$<3x1ZYfW5~>NKbP`
zP8S+qhE&SuUEE2^Q?~UDpkWn+aq}JZwEO=g8FT6#`RdHvoH|E1%HSt8&JheOSj8Af
zx-Q+pS$z`SR~!#1=Mp?mwAw?8uoxvp1vG{f6`Kc`r4K2>hdz~_jM9@%<$R9<K!=|$
zG-xitAj0}<W*i&QB(eaP1P%7_PtMHEcJkoxv;)sLD2*e|QLj@PIX3E`@g$+K@ee2q
zx)LA1hE0ppF*thS!RG=W6OKG{Oe_L!VoZpHZew5oSJw$$&cIw98=)K---Gnh&&U%Q
zbt*@+;lM!388w9@G2d_umwYmq=od`*`&3R%`P3S6`Zz9MeH$mUe9Pv8Z)2d%=7Vp8
z)p#mO9Dl~Q5w^h|3pCckI_QshDCIb(u#TiZ;!2DtS(v%}P(YhM!g4uKK9UZFhvS@|
zLt+Pq!gDdkL$k75K7&V@_&d-W`3yMrZJ)tnESWlc4Z53q8LvUN@fvuR*8ur&BGT*N
zH|VC{0CKB-12_l9A2dTW(!1(6fQw+&0Q{f{zX4rkly3Pz_W=9`^@WCw;d&KkTP*KE
zA&2F^cn^5wA@m-=Pq6CNE);EG;xSD+4T{@v8Wg4{B5wel28+ZSupdX{A^2(iH-(UX
zfsmew=UGo-dUceIP6VvqgQGz@R_MvRGJ)BB;!J#A3)nj<fS<0ei+h14bR)okNmhB8
z=2#Qupr2uWoa5ixiEN$-3J;FZ>2269I<~37*BA6TggkI&mecdFjU2J(A;gFO0o#s|
z3xZuLolYOb2z?MPFVvA;Qm!g-o@4B2FgdNhrAl)_siHCf-Qkw$H>s+xCMpsLq9lI+
zKX*m7Bo2H)l@A(K4wlv_XG74HL-I{$@YMMdgoa<P-wL^0jyTtv6wz}q#+TuFBc7bw
z_>cM&x`pTFqIvSCU_2L--1FNXtMJVnZtxXAa&Q7aQtnyR?p!U)dH?3H6P`%t2gBiS
z<GA?-KCf;Z#I&~#LtUpyUDF~ePor#jTg6`nYqAWJOEv~XT;2qkDR7Ii#|d5oIm}sx
zQzqKdkL;(~GPR!qYeVyVXhhd-d=u47y&2)9ceN*`r`|-I?x_pfQAzL3p!am;4bk8@
z0aLQhKyl)&NO7n4p*Tt-%<7v<WR_HHo{2iOF?7YN2OfKu-OZKU(CCg2=yG~48(4HG
zw>Yy1Te@T+obAv=rL?dV`eyv$@VyG1=1lu{b56L@G4D>OU%}WmY<4s!(dIG!d9udO
zMiwOJ|D+8m2-}z{!+A2aAvwoTrdBJjBx@uoW}*pk_OWm>G!+symCJAOnf=qrh(_An
z;3DR9*LfbYeFn=&&Q%YEO4e;W2G-lk#tWW{6TgGR4%5-XMd4J}poL;*cVjw=Sx|zn
zlm?&yHcad*#xT&~kG@)UEK|K;ZCGTeGJvxd<JIhI(IgYCk4}!XJ|~pFAU7RIoC(Bd
ztp4Jh?Jv%3L-l*pt0E1_6BpDgxyB!`m~1^CD%8bJ^MsP8vP(NbK6<$T1ivFBxRjHn
zr)(mrQgY-~7PAe<*?6(-!p+$(+(>_^LfuB57okuMM=>ex`3My%xj}NV2Ih%$mBDh?
zm3MY6-w`@)sat7$A4oXguz%=d#0nIqHs5ViKMV#X{4kpUO88-ZMArNmd1F6}`mbI?
z{Qrk%sSe>;s<(g~moL|b{;P-_S?%*X%~+>9uO%(+B(cW^-N`BDl9+KlK{?@wFC07F
z4qn$;3J13oteA4jidodN)rhJH&rYk(I7`~w`UGe(Iz#<V0+0L*PlU;lA7VG5E%Zx0
z8KrZ)9*5Czwv_vl{Z7*$Sp5ug{)tieoupZnDYi!ZP6S6@2RZ-L0g<a>X5?Iq0XMcE
z;_WOHzY|8_7~ay5{wU|3ya}97)``Q(Pg47D!>7Sf#{<kWr^P;v_!JaRxaujWAAm`~
z!pF}kq2v6{wTofe%pmX|m}|?P3)}REidDfen^JKTW<nf$<si`IG>=G|b1D})pWnO7
zdj!Pt>*k+7AbD2m9P+=TkBWWS<{Q~RxF3o@eN-GOsDu6ZZnXJz($D_S*ulm`Xz3cZ
zh!GU2!=C0U+rUjj38hunK|PA*LVt<-ug}5Wof>Ih<SLey^g6U}{0q_YmAw`3?PqcN
z2kgy42Vh5E*M|$8gU*iEhdn3+u5OH#ivJV|<-`FPbwHd}ot4%PoHs~5dw*RsGcRP^
zId^vZVS}cmZDwwOODrp@8x{(W?d#D)Xr%DC+0-S<({Nq3O3Iuhv~>}xv*{f{o!v}N
zjrC1m3XD|fS<%x7=xot#_W%!GRJ2*$D%h?O^vDsTXFVs8&K2nNdDc-+SiOzq&_g&m
zz6&0Dbmg~TT<{>opm7LQZn}At$yvZD-FRIOIc@L|2m4Y_k;>%OknBIOvcoU0`%kpT
zW7~~<od^AJ9%-Mx1XQ_FIJ6l2M!!V?g^9nSZPQD!%cw~(6Or^MN%}dH-W(;Vx9P8v
z^c5zZA0>sGWY`Ktkso2=o8m-BB?}#tL@rFGFNhOqpXHojF%z4?^sh0$DkY*vkg}_!
zteyT<oI)jnltU$DpXuMkDOemb<<*k1aQZ)SZrGGY#etObBn5V)j0#cD%j9tSX7)b>
znLfA?2*n%0v&Ld<4Q_rH5;TM{niiMRX0!tDe={Yx7$r`h#U6LzC^5jhI{_ah5cfnT
zFrV!Nbaw*g>)J4vbpjqt;D$EL^E&~rCh(1In2&Y>&JY;1VfHpU03n>`O}E-G*LMP*
zPoRtoi%Yk30)C|v@VQRFc}qH!iB}WOn|_8?npM%JPQY6Te6|hqyPbf4Ch&J{m`j&-
z03Jc$at>mv_A@#G-$LL`7zZ}yjRbCK13p0D&27NP2)v~Y_$+~$w%Vb~X9E`!SZu>Q
zkiecc;28w=wgKNp;G8z#`w4s=BhGHow>km066oOV2^$lK;%5WTXajQGX$!?GJ1uc(
zhZUD5SaG4=iVNXZT>8t3ORrdQ=@2U}ePP9=8?3nSz=}&tHBLnvzYCL}rbY=kHaxi4
zevetfaD-Yn#w#cuhfAh5V&hQ-$9P4>;|R*u>NXy=ag5iacpOx@+6o(wiaEx^YfeHS
z2O3WMtg$dLFQ)1HaNrfiyf}R>lz=NQ_@r6~U=pgzZ);~vc{<~AF4_b5aN+{Lu@suM
zPnD(Xr=U17Ck=#gd;?6EafN2imD6~k9i8HSfCEP^<}>!a>pxBpzlT?OUAbSP(A+nr
zg?9<<DJdMY8g`TnKuQPoN^YUq>&7h(>**4MXQR|ZE$`#yi+t+~tShp2()6`BSVW^e
zX1gx95%Q|<m8Ba0gTo^EZduXN^-@iDx8BN^WS+vo5_q=?1er*0T2GmJnF?MI_J2VP
z&;KPJW->n}T5`1(W8FG+IcQqCJDL#3Kuc&xsZHbm276#|++*be29=!PgCH*W3n_dK
zR>vlHlBJ~NWiEdwl<F+SW|ac{B@#a-jJJjm_m_48V%#QjE|a*}v@1Xp96NA}m}2!s
z`sKuMW(M<4&_52*7n55oA$?~j+C!^Uok6ZWxp#6D%94LrbY2O%v8~ql0|w006^zXE
zFLr_hQCRQ}{FwH+lT1rB&{}WmJqRil?j*y0L+R9YZr14=49|_EoL*FPr1WcQps^LX
zO{Y`lhoUrhl60ift*z+Q1{ct_Y(Op?xT+u<hNDlSH#b}Zy0vBn`zt^N&MD0xv7kqd
zx4%v2!W@oDGKZF~!=WYr9+bd?C-xrpU`T5UviEIzDb7N5_PGbWvqt2+@yDnIT#qb7
z-ZyLCHTscN-a*RG^yAW)O)%!}2AlCdC`QF5>?6^TM&0mNr4M6(;Q_P%iGIRd=r#EI
zk~j~-bu30b0m#Yv*5XN7u{?-ZfxX-Zejoh@_wwgD{tQCBOkKn7w3DullCEa9nO;cO
zR!Wx=X=G}Sv*%&q-jmCFGQvGf)}<AFgayg|8n2qEu8sO$_ncO1pT_w2g!qccb;lx<
zi=`d=KE}I?c%5$3;JDSYu~bdw`6%*OFS8S`h_d%lJT_D+ZG)3H2JSgng*$I)FZX_w
z8?G=<09m~8riksB(e<9b9wP69@XCYcPQ2UztH|grkaXfL5P5+bPE>g4a^Y)yFzLs?
zmcvFU4<BG9$zuhgn@V_!ZZfZ1^g;p*dnJ7=Oy~O(c?!*cKv9`@Hwsa_^Sc{;6em3k
zcM8hciEU;%c0TCAVSRT)z~ZP>w|Df~MqI7DwlS=)Z3s0My1ubNzOzl>anx^jkhReq
zk=TC}S$Kb#ehv>w3W!<EA<4PY2qfW<WR#|71T+a_CGC6&b;1dgsM8j;yHQ}cl7&Yd
z!}W+|(27}}iO@5Vm@X~R{LN0>@@qdHsQ^75iSdMOf*+%lT<g!6n>Km&dC7iI-F{ra
zJ};>{b}wh;8=PM1hmddkT5TW=Hs2~}<3U!sD1ncK%+qz+vB0^o9p^sc=u4TG&%w;Y
z7rm;Eyy&%pDi8*XXT9ykmp9|Ly?z+I?L}Sx1(d(JWBKar!M4rre9=29m&3q^HieSj
znG1Wae4#J_{4=79;eO##p0AcFfm$(KFyjwqWS_l?jUBFT>DtIO4^W^q1D7o2@hWW=
zSBT*JZiW^TTXzReCu8`bRPKi=KFWY2Z2Wt8Lkpu%-WSz<?u*!#<UThvcj9a#_PHr{
zo=V5BKy~MRZV}F3BU$=v+HKv0nPuu)WQ{GAoe8=Qprx;Yr4q&5Nuv4JBGp++3xg;r
zy^3a~0D*3RuSSww>EZ8@L|3b2w>DrurUrka6L6IP(Vw&>4#!je!IroYHAJ?=^^DB)
z7+XTE5sXrTjTvzRf=Zk_$*{k>DcG_jdT6smZ4jL=FG2dd3hqiLSiU@bD}6nhN_MDI
zEZyy2Cpfdf*N61;EF$fbT}3WopDe-PGXp2IPc+S)WZOdfWNC~B9&|fTpp1)Ewxv66
zKn1WA#goIApx7y<r(o22{$3=&!2Q*TV2pA5s-VUTt}f$YYPDZs3*l-V>vVM^4THD!
zN1*rQ2Ick3MHLTs##*+_9sZw?j1f{b=~>k<k#QpijKRvau0l`8uSMfNv_8Db6dVt}
zmN4UIc&xD7%=zze_WW9SmaU_`6H4z*Y_ho*&}|)xHco8;NTfH4xsyaQ(o1`pC@KGN
zvPYy@;%YA+*$Mb^0iGM?6hTf4ez*S$NqbkPwBB?}r2CldWItBY)SiNk>%fnW@s70#
zCV@h51DIphCbD-f1^`w@@H*?+qn_p(<5!-Gp2le?LkHB?w}GQayy=hhk77j*c;4*<
zcarDbExC##bT2;`xtHnQi%&;kepXv?wX@(vr;l?1Zy-710`)I*Y`zS1(+<R#oVpdP
zjmGB9jEGrBJKt+%X?tRD5^e_PEeL9dxRVU~hbcp>u_^Z!a&)m5+XmgiAvhX_>?Ipf
zZXB?NsHDNR<~0un9FEVk!tuFRJn+KtscG&c+ZT?{)iD}up)~!E&f9c+s)R*WzqSf@
zY%#~*ZRvn}#loe7*kY?u|J${G5qP5?U_ntkkR&q_L_54v1VZ8ds}PZeG}}R&PTD(U
z#&rtgK8<^#bwzSV>q?GfZkXBoV%r_3x3ThQoF0eTrrryXjMFIQP7=+GQ_%2I*TyW-
ztc{NsDdJccpubMyoVgT9*2X7v0-o5G^Q0t_E{9JQAZ7n(&?)~Q`*)!JNcL}MWTuRH
z>30}yDQm5a0l-8v0N#h7QsquE?5~xwE%}#st&cOLV`+wK{IG>ASnbf01zN_t>|8^<
zgR+2o8hK-eT<(#FUA425%3g(ifjZu+89m`WSo6vRQc53EosYN0*Wq>X)4qGkcaOnt
zK5ZesUmsod$W_9_h>f0D$Z+D}MihJ^qUNyy)#Ht3*0sI`ZDV$$IB40W9R{s{6NA=9
zv`1%DNOI6(<cGyJUIC6kPtnePIokbBw!1qOA47pItvbOjD|qqMVff{Rl+l~{dM2gl
zrqbEQku1oWnS(=|^0rD&-;~8-Nc&@nGj|_n4sC@{XGA^+9C2u$(>2YVq+EnL<CQU*
z=!`o-?<G2BRZ?S}A%bAWgc-`{Hx6ZDngkijr?J}&+&>+Wzn_kI73d9jr`YDd(LaHk
z7QQ09UAhz!{Er%32A((Yk|Aiv^@6fXGxcFMO@kj{(7yARGR=S6M|D$^U}}1bKM22{
zVg4Ze0fza5@CO;@55icSrKk9VFl%i+3a{am)SsFpMG9aj^nHBIb(~9Oe1&uM=@2Y4
zS8vRLNY2%KAs|!fnYb0$u8=iW(r2{T!#<=Ka6~&_&`8Kw#q*EA1nvrL;lhx(T%Qp4
zaKU9`h<lXaGG^m)CMWKw;IgsAg~~#?jM=yx%f$T?TtTjI4Y(TcKLU36uR=CCQGx3w
zu-qXox)iu%i=H@MftQ-eweb8gPG9g<(N$Z3hdtJ#xE*s6LR|Oo*a4P2tEQNS6_K6{
z`z@B?*x8p$K6{>g4bpJf^H~D%;(1)rR=12>tX9Fu$H~3&oJzT`c{&aPl=`;#|4QUi
zrQF|~aB$?Ze~bTXLU=fGjuwIYmgs>dGjTLg&g#u+4mqWM9!bQ)496}@B{^J%Q-<T8
zbxM6E0Y^YfJy)E)JX4xu7*Q=%$KNS2-aLhKaA3;ENK}#!<)PBhD!6z^?7T{OScx4r
z#Ew+T^GWPTY5o@fS0onqJds$kvNReI%gd*Duy7uUoo{HGUz%SU5n^#06^R`-3Ajtk
z5IfHhi%Y0LEMsL{6vaykdzu;0RFy+D2&j%bxT}9{S59@D`mPX$ZPz*xBUM%{q3=r9
zEF#tdUrYm#!w!Qa#DVXhJ`WDS7>BX#;DmWMX<kZooR={xukpW8nqwTsEF9QHq=Dlq
z#$imH=aj0HzA?bXKuT@qJ<$)1*HbqU3D6A)i*};FN_|8dwOkeu?=#TmV8?Bv$n)BZ
zB(9;ggg!835*n8YIQ^{`;`uJtsqaW&mB16JXW`(Dc@JT4eGdV%*T%bGiExPVG-{C!
z582GZJ4py{NTIyAnI<WG1L1Sg8wgZ2I1nD4tu?P8m@_7W&S9s9XH2@VU*_;U4ET&I
zBK(Wd$_<M#48nIjtgFTS3&_d4&_FnYH!=KC4ZnrqyOkZ0{2Zq|CVJd=j4f3eBhR$n
zNfy)Ch(ZK$Pj)3^Qatv)w9gDKtLcO*)zj{T7(17-?r1G$>vz-|>36<0jEx!6MCH!s
zEags|<6NO|tfEiP$1Lvo?*oNqe3IQn9Cs&41`+x6{M*|Qsn&^@HX}D2FJ_#+DP+O^
z?%b(+Q9?9{qD^eugLv{^TQa)it>o7|%#!lo&ah-p`R`=-K80V(@ckNoH^WeP#J`;3
zk8Ai!hCiX<s~LVk!`CwWNey4m@TW9<Bg3E8@XZW^M3#x;{@&DQH2hwMKZ~&RWfAn7
z_FjYp>GH6T_f?r;JK}doL>_pLy|gbX142sOz;>E4bdRB1`o6YxYZ}X^zTkD3+=Dwg
z!#@YpaTD|$a~K&UEo$pcl1H(eGG^fzT}a-=IE)z_%JS=#9`dyD{;**}J7dD@i1xh|
zmpqTlW6YE{g7W6ZIODi=1aE^A!LNsIz>sJAD<1o-ac81l#-uN!F=S|DpLU{=@Q6m!
zX7+hZBV!g{jDDsp#5jyuIHs+Xkr;=u*=;4%w3WfxZ8h>i8S5k;gh%vWu6&^k#`Q90
z(RPL6P&Q*6kyQ0v;(ZV2J;br@UxDJzREiTjAjzGiq<Yf_z&vVv5Zs17fT7Rilq6Hs
z=0*<hu_K^1P$gb<Q@MqZ>d`@%1>FWut-0a^3|YAGn4q}ESIx3N#3WQsA*JHtGoiS6
zFpG%OKy)W5r(zK@pcdg<K!nj<JgP<9V+5DdYwWwR^Fb|`2&=ACBn)ryjGf8?iKMT7
z^fs53daZ-tb71t9=I9y799%}USor!4DtPjbFl8NJuY&-Oe+}<}^y+&ce7h!FDur_u
z%BP(3%|kvt|00l3_3y{p$WY9eYe@0!VjENLNgd6^<3aIdq!`vAVSG_#e^_pnCa*do
zW~p-3SiUrXhbatppcHnjP*;Hw33Cv4lvZjva2(d(_?OvajtrKFi$+)dBf0NQ??;>X
zY1RgV4GRXb{YY09MU{rtDwYF<Bbs0L9F`YxF{oT(xiw8gmbM{teHRup%t;uNdUsSE
ztgS0+KLv}RyueUVTHxOS3rB2Au?A^a&d2LJz>Zj3@5I{De0B$J7M1!=LwzWc1DXxP
zg`ul9Yr}Sp8n&pkhz-N#p^{}evXmBS!#+-Hcd_OdnJVvuJ3~K7%D81*ZXotR6kF22
zQ>mf*iz|8&UZP=gpjyU7q*DB2tlpiZ`rr)8r{{yFglLbI#sv9J!KId<r10ta7XvpT
zDdVMaxhv_-?j%)%H@(stsO4p)Ws-V=J4v;`I{EY(xR)eR=kn5WL0suhQa6kZ>(d}U
z#a8|bLTw~!MQMd#^WG+Yt%g2W*BR>C>y=#<X`!>h-RnMA!d#bE0hBq*9m~5ZrN5b`
z@ggco>?z{xPdy|y+Fwvv^2RdG1^vKL{XUj;W!W2=aIw9mIx+stg4Uq6#Y*JAQtCj}
zP;#Vy$5ir_AYME*$2D(q@EZ%#MC-EyjfFUBH1#=fN#1X1q0FmTrm@B5pnsVtXvO9_
z+1cavD1o9<dYTK=Ee?-(3cm2;QHiXab3AwbXS95A==c8NHvHa7l(BW2&iLBU)^+8Z
zH{^9_R|%JSeZ+l{3jnsKwBaGPA)I4(6TVCmCaE#s($2wX<JC;pcX+(u%P33UD8zdu
zxt)0pA@c=0At>&vFbxj95Km@0Jq{&y9{NfCg>=H8x(|$)`Uez*@W&YbyoNu)@E0`v
zNroTR@TVDmM8p5U@Rv0FIflQe;V&`_b;dG3!|<aTeuUw#X!r{ZLkDu&jBNWIg&(bZ
zkS44kpNdF7Qu#zO1upAK#;iH_1jQlwF%Dw}r-X70zuByq-(pKi-w+<n^Q*NyHajkl
zF{@64Lw3YCj9EClYB^*<jKi3PqvLdv?2B<2n~g(u$2g1`9JbHcF=T5eJ4V<Y^3>GH
z?ug4{%&OD0k6jt#Fa{j@x^HwH=Nh)pde_=GxGqGJJ4ya?8sMVySQA&Z-tGAqoH!Nl
z`4D5gao^APjQ@lBZsk09o+^lE1U1y@q6e#ytBEcwl*m3~4YW;YSwNG*n^eI~5}Kw4
zMX|XUZlkqSaQq06yd;7>cbWd_I1)Ds@5lv~%y!>_AyL%Xj;{x2VSTJeZd{yL;B2SH
zN6*Afn7U9A#bO+mG`k+eaQ1=uvFdF|#EdR)8b3|CU}A9Mqmzl=vJ;TI)UOj?^!jia
z*ATJ1vHp??`S)Wh6lVZAt<&^i);h9keTv7L4W3N@urve@Ivtlj6+nf&xGYq_HX+C8
zpMqgkjq5MK)6I|R^gM~;9J$B|mI^%OZi7ReR*DpQCkw@gb=(F=y<E~xnqVS<CW^;c
zB_pp<Ys{v9q%?wAtOx!scap+ZhP!I)7?2me>slUlCn>086pa|X_c=;(;mwkqOPuBc
zfaI+|#f-kn1AmsFc%chR=g2#pUA`Z_&ilTu<~P-s1qU>a3FYBwrUUv_>|AH5IG}OZ
zh+(vb@0INYPG2iy7!<(@F9ge>VAZdyM_{X$!=~t3RH-e$)h{A%9`E)J!pfu28|*)#
z_)T7QOR$RCx(7%y`BZ|V5O;%(gf0M1YdsjcDYc;iPU2%1cOh2vDqDCoB)EY{mjY>g
z3^Cr3qcL1s9y}7I?T#4VP13Zznnz?G%b~Ew{>a$)2Fi1qM`a)DYXhy$J_h}fz*>@h
zY@iLa4RW)s4^a%vDKYw`z)jwB$|7a_<(uQ4jJ|@C%J?`jX6{$31V0DiDSr+ix*yhu
z&?XFH8HC@M>Gxy|a`BTh1CaefzohHroK^dadEy*{9^^~W`by>(u@9;JM;-M+;9sw_
zG)}`Hly4Q8+arg>AAbZ+71M$ft2?@ed2Cm62eV$j4_}OkoPG$-6$7&MRn!z82gL0i
zxGXESg77Uj`D&a&{&G8VA1*-)hE`(dJ)^ryyaLVmT)UjBuhH`k<mb+4!wseluSFa3
zUh7MV(h73P^y^TTxnx={xsx+{>chp^#1Vb>dmr%XpTMhzVH4xuvf>dh`OSgG<FG<Q
zUh4Uy8<TW=pJu9@h$MbtW)KI}t|1*_duXT1jo0zLL_&+431;0`pkTvIs|oF*Rjk8}
zU+k612Rxv!Y7ozxBz=1Ku+#E*3lPPa{ptkHZk=$*Q#gs7Ei6ZkMfyeynN_a^lu}P=
zlGnD1@PhKv-JS_v25yd4U|W$#D<mfda=Jn1Fa{~6uvr(yDug?u2Vo%6BzMp}`D1w0
zg82x)5`PnK$Bz^yH_Vc|YNAeDVkgKq1%=I;+I&NlXTu~Y^#8yU4S&YKU)($<N@~2C
z(D<(4<{oj<FwceXYZ4~cNbnnqr`0GuX!(1Txrx{6Na4nC-t%X8139vtxg&(XaQTg6
zCOO{!un%&Y8_+RL<78W&<C)(~<8%(S=QP0PqwzNv;qYG>0qi?EXW<V+U+!z5EHn|m
zS!4k(OTsOet`?dj?wCjW8<Q|h5q^~o%b&(mp?HW4z4&}T{~PoDB9X5LbfU8%(<zy(
zVtGzG`yuTXNxS0gych1Q3+cE}0_5X*l<GQ8Ci#r(U6t~#I`xzS?E(2#;`lGP?;h^g
zyfmKtGC|{u=gHGnz7)@QI=9ZEp9?)K>c(-}5!CnO@=AK_vyvrW+>9TaRV~N(ODOZ2
zly}YFyG*k9?_K7#Dev09cbV6vyz5?MnWvzSZet(SPH2@d!{*&9AV27%32gjUw&?u@
z=z$Tu(OTFgyyYQl62kAOxU#DVK^*@P?zKG8|1C9(xo|))Fk#;vh`Qb@@_<1IF_vA$
zU6D7>&zs`*$xOWq!+3px(tIi;8N!XpH7_5?pl!_xexjeG;Mt?j<-rNh((v(zsI-)~
zcAMq>C@e3<yVn!+(Hh+bdDp%Gd63m~=khv}x6Selc_RBSfxheh&h%}wJexjPX3p(a
z|B`=)N8O8+xp#dz9ra2nefFsZD^{zY0f2NmY}!0tiI#7?Q3A%lq@9HFDMuaaF??-6
zk$P+Y)_NYb>d}2lT{m-|66>YB?1n~8F0KLAfTs6_ZN@w!*GH^KjrBlXb5!tF1f6f-
zbdr^Kp;>Y(sS45?(<stO8QVnbyF<!~>PuraZPlkZSY+9LIZPk3ao(TAfu%MZ=L1Qc
zOcF=i1{)c5VZ6Rz+x}H_f9JNj{01H0YvA{Y`86iYR*}mOx2*8UJnq7cw8#u5i154H
zv-4j4f06gv7o9i7Z%Fg|#ArWMRI>=GtLqAxd<LIK;i4Pg$9Wb$A<tO=JZ!?l*P$op
z+=^F8A&*?OuAOYYvPk(={JRvN%ftMO!T+e@Z+@}(cPsv<Uo8GTivKvQtrwst<Io<s
zSMbvf7v9&rC+#k{sSJ(*U2%3wuZz=`XS65FD>NT=j=-lVAKUYy^4*`z$9BD_d>>2Z
zWBXnpUrO%%!cGwAbl2snhA<tDxR;UEpoBRvB|$wH_(u%kO~(IAeJ}yuVB1H>4Cc6=
zs_<q}C3Q<rvra*Rup4$&z%IiiFLg^e4`~?>B+GaZb)$@1tuhEIxQQ}uO_uS=WErF%
zW!z?!q3lnTaa&x*F=z_}RNDd`<Wi!*ip_m!MPuciQ;h~=j=g@x+1fCXABw-KHx-F6
zYFLGF&`rJRpd)2`U7mvW;dj6BB20I4SA6QKTYMYz?{I?>N+LrCAEtJGw&)K0p+0zk
zdF+%4oF`BzoGbA6jej94JPyC=i!~U&>dP}^6};|NDumQ%7_YbKYc?!~ui2mw>_Cox
zJ@NhCZr(%9^AI*ao`cd$@IwI+Kgi%0&5xHRJJnEjAX;&sv5XflJ60Kgv+P)9Sh8~j
z==e;?D~Jl-6-+nxs=&NFyO5E-DdJPASy+1PIJ|~g>c(gJGHUS^B8v}}!1#}|=1?hR
zhULPMt9>x5T(Wysx!2zIg5~O7g3k5wl|xyEvA$zbAH31f1qz4Mxm5i)=P?9T5WEaO
zdd@>qI4Zh%2)5?xAonU6yz-5-b@(%b-997x1C$RhH`<dDXQ=2K*bEqMxKvnX8F&hh
zVlAR-+@1+c+gQQh1<!9veg{v$5l4CyN1W*sQ#eiL`p+OS-6%mfyZ)UB_cU7^R=kjq
z`S4*j{L*#kst0yuUkQa7XR=r<_}UFd9X=m~yn7@DS^d`-s%DtoXX=tttLwB}x1m+a
zhmUEmT>yfyC4)9LDj*5v%Q=}F$iIJ#_?Png>HXVzI92h>^!g3p2X<6#%%95y*}Mi@
zmN==}c<p2#PM3UNSE{x=3ge2cMitNvdx#i#twBWa=_0Oumw<-PzaR~6V+dKywitAj
zD|bF(BZ0Kzs!}iCxEIGk<%>n<oP4(D<NBTai3MERHXPS0hD&lU#UDYkk*T!Y(YILp
zoG0kr)R}mkaq2eG&(QSKG@Tx4dP3=WV;u#w3;q!Js^*7P2;Eh{VHlEb-o>DoCWz-(
zJq*0BkiHYi3#3uz=J)Cc@-w{gDfA8IVUZsVc82YFla$%2g_VUgJWO~Cdk^Mj+z?;j
zZfil9&<5WjgwyYKFz9(CE(bzBh}jkPaz;GFIGULCcSMH8xZW9Sfc*HcX8JR;yui^B
zbmI%2<IEpZUvNn4qf*DhuxjBWW)er>ZfjAP5YlSki(|Nck4kvwHn0tl_u-q0?gXaX
zlu(|Xj@S4!9m^meiYD(YWoRkDW<Mb<`|=_e(_h0bhnuRSj5U5U%n3TTg)=q_NBTZd
z&iISKS!Utr8Axq|zaJ<TU%W`qIof8N&d6^jsSWJ7d7HnEkc_nzp!<vDv6I4#-kj%U
zw!nDKiu6%GR-pi~*vC|!fl^%g6yHO~6`shO7W?T-%!`RaHcwaruGh%8nX4L*+5D}{
zSj<Y+t!aFJ`<Gs8XTYs8c0v7L4$C;7GjLSKHI0?P<wVm~My!+5{H~+PFDgkCIg6kT
z;$~Dibu8v*vFx!e;GG$pZwC9^3Yz5ag6eeys?VBoBJ)l|aQt0gApI>UDb8=#u^V!}
zP#uD^ojNo<SqDy%fX1(opYjz&d}+9`JL;PL2Ksxw=*q>lGtSw}D0LDp&T<_Gdwuv8
zubPQ@r+Q8~J#iMmDX30drh9TeRqH$5gbNe9BgN@W*Y5|%R%YbUbbHgq-gI_dUwQ%u
z3$U}1?p8~oF9lPfj#8YH&smF)#IG&<|4IJ~xsk2)t-}sUtxvr;ur>Caz%D?R-f5Z^
zE4SOFa4d@NuSiQUMf-mIG0eMvr0|@W&zL{~LIV?t7XO|P{m=8yXKH<?d8dR!8M2sh
z4yWwkUoC%m3z}e2CHOHc4!oln{HHtzgYR`QJ`~K^mCt#>B6$u6`^s}9c$GZo2UGGK
z4Q`NUEvFeb!+=Y(^ndAg+|A!dWSTz}`Pafi#=AoR)p_$q=T$Ah;Jo2l->3~4nm1Cb
z*XlNC-n@CWzFOa)m2Y?y5TMzx5y0x3(MtKTQ|6D>>YCz!5q3(H;3A=pHY8GOIpmWR
zO~%%W$-Gqc)<tA0{<*Ddp!=sVx!_eS31SWjgP0)FZmsX~2f_I%DDSje-y1{y^39Ax
zX@_y@=qYHv==8Z;-voj*AErnYvPmPD3=w&`MlkE~xQXbT@8PMw8r<&MhlKT0upjZ}
z8_Y!f!V*kZ*HvzX_X$&r0KLks*cZe^z>hF#`c{0yX#6QxI?SEKe4pMjdC5Gy?*)?}
zodmy=U`+aL;7bX{T;B$M7r`(%(r#r6HWDAO2>E~kggdqe7Zs*p*`za5u;K`YeZ>c?
zS<$K3lSKREpF1hMo+MkQaPSk2BVhWsjOQgTJupdD83Y2RpNSEqUna>ugFwLavk^jN
zYHx&5|2}+-PT}Qcbj_jY=*U*N4#a$wI-VSLg&J>gedSie(K_r&EE2%ZU&09t1X7bD
zLXIr&$<;>n7{vI~T$tcm3Q|+*CPt~7C{*^fGLX0gd`fGmb1SfVtLs+4uRW0=GqsAO
zNqjGf?}6V?CT;|cFi+Uw6t?uW`E>QPLi6=b#+}6conBtYH7ra)b=R5@o)p9eUYX-t
zUs&j6oeV!6jq?eR6T!A|WZ~uF!eFf;#JDZf=Vnk@Se4vq!zPViY%smsVDF^Fmj=TL
zG^PgEU!8Z;_{Dl+<$#yjrKdY}Rd@QT@ID;6k;N;@e3yd1m~rvVu|lePHT@j(%iZ(J
zUJk1((XU0P{w}n?+&zSw6H@8w+QIeJwR155CiX*CCs$0t5k=V5Jtd@4hoUXHQulH%
zo0Ct*%Xuo#naBYjjuL(mo=3NL06W=P*}?Vi;lQR>rBpbyls;?iS;smP??d6D<l#XX
zI~*%~-H75*?)e=v@{m;(Sv9d%w+ju^oaT|Zpf0am<f$u2f)G*Lp)>kun7*)MI@pyh
z2&;HptJh{#bA-*84?O0b5oKR9>nL|IXOU6V8EGX3=eG8|5A&MJTsP02I^UH3RFT!u
zIhn)2Y`lyE2yb+Y5}V|pwBeI7D*Y>oRO`<-cQj3y#vKZ2?<(mk-I{Z;xrO_js&GyY
z$?OU%_`4{VV_^ur`hS=^6F9l<;?6(yeawvJxkueIqhn-a$<6ePEK3-V<om{e56;Zk
zVA+ywY;iR7*bqGQU~`jziM-;B?IaF_GY27o5H1t4*@evkPDp@&mT)Y05=ht$A=vx<
zRsG-Vo<p*1?9J+<>G$6MtbbMg>t9v>>+<!p>u1MjXRUMeR8o_ZHvyl^$*fI}&8=@f
z)xbhLCa?MNxp5Drb3<-Nbw3<q9-YX~y!G_IC84BJwlUYdq_3%z?B9-~Z1f5k>MxF(
zcj4Fz9wf&OE#=rLhN+S_qRFcJg4h}LB5=I)3mAC%@1vPJ`g!+)CA>SntO#!85hF1B
z9x=l87tR%2V{@YcL9HkD_*RPvCrFJnRR3{MEOmm;7Hm7gEzwJ&C#rKBLuoy>RUcT5
zZN<(<!?vtJ-2EQ0?VFGdnS~PYWEQIY=G{jHDeY^vs|SRWUcVmnn0*>Dcp5phEfqd&
z*Z*f8DBZnx9Ik{-`|iCXwF8e>mr@?C6e}Zd^D<Tjq7}(nxZMnnJvjglua4KG@8Tbd
z{?hvHf(E{c;oRJPY~9;+E8*$|8Wb5ZEDpcTRX$2O@*Ec$xC|GJFiO1)#O2YOt|0-I
zke8|B6t3|yJpc&iW^D}C1p<c!AS4bcjaJ!+wP3;jGa9%nvso(O;<o`SuwHXcoq^2^
z8sBFpDzgb3Y(&9BhX8t@yisPODF>o^K6(@7|CQs<8ES@dGYcA$M=zhv_EBtMNlarl
zn<8of6Ex(R75Y58@tDfVx@&X;vQeUja!tMuluD1&Ak6^OdWJA1Wxz7&h3hICbHi&q
z%VHjJnmb^~nAHfltN<6!+2(EFW<?~`3X0A5Phfp&S+8`&QD1+H2R3kurP*}3_FS2=
zw;)|_u2#?u;*YlNRT=@}B18TD_4^m^w~vGSXD`12t%vjU1h~d<(~)HQ{Es+4wok>W
zH36YloQTUjF5vvNRlNu!IaVsIbpgiA0!BJwj<F1Xfi0#IjTj@M&x%I%0WV1654~iU
zMtQhAhyu}v0e<$troEdZjIKS)BO0^82EU5?*PPm-Tqy~zmZZ4hWs$qr6cP?GFJ^=M
zoq4q?Gg1@}3}(s+HA4L2eH2wbDBUVpe^d3SxLAO4<%4t83@5H71CZ6iKxp)$q`=#T
z)Lsd~PMxL1MK6IRM`;OYD~<?PZ+8C#sTg@*3DDq((-lCs2Tpfc_zK|voZ%7A5VO_m
zRE$^>rn#L~iyJFZVPnv8|A7R^gfu}lNnpkqiKH5S<#44KdPpQy_$!%GadhAIYy<7|
z-tHhZn!NlZ@Z8%kyUfY1Lu`yV4_!Phu?3<Qj3D`k_6}XqjxT+{8e9@?N+p}*qPuVU
zW!<JZ7j!O*bJ_#h-=0kp#8c-zU}Z;Yt)y+#+U5=LnH6nuJ0gC#2BF^;^6_mKum#`x
z<)-Jjg_H+EdSCAP=94TmcU^dsKw?INb6uL3Dkf>;*_31dh?j_{pO{_O!pPA3648-u
z?y(X*&`rmM0;$^n)+;X?y^t=99UMnC&dIE$Q|Hz*h(RdrdhpLmG$RFxZyBEr(_?YV
zve~71l~rTm(*?;|Z7k5#QVA<<ra>;xq&^KZPUUCNb!}{PL8k&|6ARZ&TWbtHItP7f
z$e+xxTHy_o45tb~Dxf&$_HZ#2(R_x(qoyvLMc-Au2t)_xHCA=Mh;_?<Gs&YlcRQ)$
zGmh0)ElJi)Ugqc7Se3Qv%y;Sfne6y|YgSDyduAXzzAamCtr;bgz0(WFct@yDE>cZn
zZ+=?wjoD<-#qw%i5r`!Di%^bOgy8a5qX&!#@~;80>dT`vQ1~upnzP<^v-aI8$e7KL
z2_MZTk^muYTL0|E*|B{{Vj0C__JM=kEfgfnRHj&oFk*7+XSY-<QEq&;u)Uo1?Z2Y1
zNXe}&93$MkQnf~{MRL2?M)7E@Y?i4Ji{GKP<}Y{-mdcN=OxI`rG*B;6o2N0$On&oX
zYod!qA9q7(!P$^EVsj;I)B2e@j&KM*Bb;ow&NB<{<PodQIS;X-bei2UVkZsIis|EH
zT4~;)!D!|pC{YFn620tp@uNHEh`>=rDrabUl03(3KU*<4`+(^k+f(>EdpeaVRil~t
z3MI^S?Y+O~IcM~w%PZqt=-%>3Rk+F2omFy&LZyK?QDSLYofJ%<TXiSGb;<kO^*FXX
zy{)2i_vr^cp%=MMSyw62!jGy*I@a_DxxG{%&vGY^iKB(nLLarBHS<9eGU~hun);+f
zx&0HUU!muVM1@)J`S#&Pt&Fm%OA^`XSPMFb`NhbIK%(gN{MtOK30Y5=swY=x7MP>W
z?XfJ0_%c$Sh}vy}#ersP7WV{kTh=>qB)dL)M>dLZ@5;wDa}n>fQm|TXS-ex)=hP=M
zz1T!<(yPntug=XpovbM%8n@+VGQHwLYt;u4AxCP|Xrf##X;k9k6f%NYgCGzk6Ha4Z
zJ;%5$e(~aOzq9|#lZk2ePaW$Yg*i8soW6ncb<(_$B=5bP6U=)`UL`V_owi)cz7L|B
z6H{&8NQ%%r_+{5y=~#)V&n&1j&}S{pT=VJVs|IH9z%UkAg3N+Eu-h3uL;x>RpulIl
zzF@<E=Mm2|=DdCi6T4YZ7?b`pkqbC#DxD4(4MOb~%o@vGc0U8p3UH&=^*wAUZ#uH-
zgY?oVJlD_NFBk%uJ6u`f61oKJiUg}bTeRaE4m;S&`@vwFYdv0r?b?~&{f{FJw(?`F
zi!>ISCoVrqMh@!A^^Lm8oN+$7j=6%r3;py^uVX#fe!7`rmiN;)_lo=fr=JE^vKa&3
z)secJM3hnEtHRWYnFY-zc&|C}X#4d32kz6(!|S)BM635VwjJjoV>@9U7w*=rH)}7B
znZ@Wr>ZsDg7{?tzp;_>a?O>obUbatDSCU?ByRDKk#c{J^^qjzU4djLz%)`oAE<P04
zm<s~L(~Qm;x{?lsfsIGnMqiGCtGcEn4evi$1PeZg-r&<~JSZ_i_t|}>#6*}Ia!dw%
zC@qdB5ujL;YmlWStE;@~SLpJ&8P*~2Z-!;O5JR&~sze8)be0K%##|6CE((g;sf>#;
zDL+AI9|!;?f>}r+#BHEWG<Y4HVnC?&s5Om-=@VW-1om39vM33Uk(qG`j}&a}d{&G5
z<<~N>1KQAW52xO1TXc{(I-%w8636ZTwFm}A9?dOjUXKx1*hec9$!h7)EA_~S&+TYv
zK`-qeRhi|^EIe9yFxNCt*HFJyl+C`fveg@f$77Zz)zG*k_4Rq6My0APv(V(%?H%b%
zoZmmXkNxTtC^|4dF2<%HqY9Hj7!4|fTOVc*#Fd@r_dcm2F7JFy2sjWbJFxS(5JI<s
z5eMR-Bnmw%+2SC2V-Wr(j8z<+#s5P}{6FF^1KIOd)4Uh}NnvLVn9BWt$-Zga`hdyg
z$32Ql-+WZbcFsR=Q9Ca^iZrdGNK-7vCHLpii|yW4V}rO<oSPerOZG9xjprh&y7CMR
zZB_+ycV*4cNf}cw&T!>m$|)-uNBEJ3n2n2jg3h>Qcukx?X{`(g2v>=R5C{^+n&A30
zDsc>-IXkHibzyvHwGp;ZI$w=o1dm8>F4|%{_uXf6oAR6L&FiG;vj*Gjx18<MOyVcj
zHm^xyHOKH0IN^&vmS;!0=U`9hI4hQYW;YD8B#2d@=-uV0Q5nizJDiJ#@{Jv>q5MR7
z`<DEsoyQL4Cdxb3^SgHYx?Ft+b1&uX14D)Sj^a?k+_Vj}@=7#u9}*BYVu646T&l<v
zx^Q5Q^1HE~xWx68QPEWoMhxkJW~m;U8Om>*?T+b<gnC*+8EhofgM>0V_)_c`J$LMi
zuFRBB(CFp1rmQPY4ne-6!L)WS!vjobZw%!(%vv3I50pWV@lZx^UwKfs+)FTeMOR+j
z%$TRYynC{~a$PwcGDC%~2JlS&-Y&i%)*3dS1r@@|8SPPdEuG^_qC+-Y-@m2OJsUI?
zx~$&doFF4hcC>rGP*=D44jvVivmiYBjtPeQx}jA=go3AY6O*mX#0$DbKC;<`3&~#J
zKT@x^A#<U7ftR*c#Waays<cU10Z(<`UZB0e73OGE%*5n2&bqR<7i?qZOmCathJPSP
zr8+)2rc>{$;`bZr8m>mVhSZU+A$!D$kQ9NC&P@C)ECAL#`wywl_OR9~ff4f&oCxGQ
z){46-`TCAR-g(P7bK<_i83~{zi%5Q%^&b|%f)c%N8^|sQm-YSL$>j23Cs?EXuQZs!
z)#ep)Zd=JcaV>5|C)|=^AKtYo5%;*C0RH;Ui7!O6^pd|9ALQ|K=XBDnqdk%Ow7H}v
zvz`K0F`8x<M9N$}-=nMMsok%|VIUNsLxp=oBf?CLtkLdXU?pFet1{BL7)v(F&{Iv#
zEV!2>L>`6t(+Fvnn9g{<+{RkXk-*%_VeD-&jz-r9u&d(&HZ>QwU@tS&Vc!?VaK#35
zdHOZ1i(!Sl`r2QiOMF>4&W&#`sP~{WYr746J23MHL}nMx0Hafn&MxfcIbF({qh*?&
zo$~w6at_Ug!jaizN6giu?4lN@jla$MtIE3G%1YEQF<p{qV@UMVfthnj#HiwK8}&w}
zPP^7CQ__oEyFLn&N1VtaNx5lmeDCb0z0zSMUK+R$h}_fIr^b&#UpZ~FV|*3j;)cCf
zDWT{nrBkK>;S-w)<uReZXU>7JL{#V|=O>#yNb|_Qq@A9|X{;o@AtdmCu&y)&CTzJ(
z)WB?-+7<*-n%Gs~&h%{RXqMK5Q)8Vqp7ZipM~}9;BOre;hYz)fbJKoS!RC))_I@%|
zJ$o2j8EID|!9D6sPUFo!yiSjD>Q7%eeWaGczl(m$TI1UA67e8OBW>V(C>ja)LH<Vh
zYaN@(HJ=GeISYG~*Q@<?kk`Hbnqf2_9^F=qhdBrZelo2eH=oH?6X3){wqYDVik3dG
z8JH8^(m6&90FFB(_{<NeHXd%EI!If;86M$PIydtY&8LaFk@+C%b$3DI<XKabBHqG>
zHmU_;lG^bo%fm)>NFqIoQ;K}3M7D7L&@^3W1r0eUkt2;$8n$jwhj6*-=M4?$tX&_p
zvUcK-4xu~u=r}9XM(L(K7(Y$h#9VKk)(dF2{$(1z>hW?~k-T4__j%6MD|DY>udmVT
zv-Fx=f3f+i7}B2eDuw4=ak$#vyL<J>b+6T<-hG-L+!*v+VbkZBirUW}eZ^!8JLwn<
z%Q?)X>qz-)nFVDS--gYim-R+S#14$&AscLhPY37;x@`MJMx~^pdiP2~`P!ogEAR%p
z*YH;E?$h^zVA9?_37KQF;B)C{zonM%3W_*y<G%F9N_3F69ullD(y0i#LGJ^yrc?=l
zs!FpcRF$MqW<k~MAWFE1^K&}2RzbYVza7oYP-tk7gwgpGKAF6WzE6*N935jnAIBA8
zi!v8F(m}2sqMxiqc=0#$9{t=-YE}$MQb>#yqdMb%>oTUZz3nB#1V;yU<w-Vy7ME>!
zFMB)Y_RqTJRPL%-Y;81D=|+PNIIUG?ewBKt!X0evk#|8~w(nW|6JhWwNeR5FTH1tJ
zRnm|ufA!UP1&SN@FsI$v(|smQFCccY#m>i_Wi4g-la33F-of7t11$F0*uH9MOv|&$
z7Znk>dk82HfF&+wnE4K=B4^p!P<XCwyq+T0*M`G0j)&s49CIIMo3El7Tb)lZ91e2I
z{lR#+{<eA?^OJ4gWSrBhHnYKNdAVvyfys<nXzTfXK@(*Q%XU7=s%sy|em0zW7%_h=
z<esVNr;p5XaXb=a{sRf%2TA6M&CnU~y89~8`MPA=#Gayi=v|gc+&(MHq}ck_BZRGg
zQRfRacb^WU)VB=CDW}(Iyz^o|n*iO&9I4azLu66sal!wv_L^%|w5=~;Alb$8Nj{MX
zk_0=07zpF629gsPNRCEgc!>-yyBJVt?y}wr_bnW)^f?SPIyvvbL8IgK9#+&%YTuv)
znbWR<EsvI_(Goev7jwro4Ukz*;t0Yhv!GEY&WCNs<pP2!SJ3f8`GQt!7kDp(@(OcX
zYE@$ppXAU{e)*aAA$v*CV-n|(Hxk_6`*fqlBhmXFE7AX8d*2YfkFy4?_lfh*WMse`
z{smAWu{p7E`#@p+K6{hDyJ3eB_IJf&Pkv+s*Y%87<_{7Wvkt>7&X_qM<M<GJvhmoA
ziJFc-Wc^jaH3=orio$yBIGx2|N#o<{cSZ4WKH}(<XD#>U<mT!BiG-dQVtAMs()dvC
zViD#t<1VVB8P+l^r5?vRKO)ro#nOYPo`y(Hl(r$#o4I(lpwBF*5#Cm7Ph3675XwIB
zWMBj<N-~~V5Tz$7`(`O>YrJ*$FjBa6d_daaO9Po+f^A_qAwFUH&oc|s{puU<$}E_Q
zXK44p%z~+c3sUj2?N=~bY8!Z#BdwcLZ7x#J<R*TG0DW})XzuyOk0Amk!v5h@Lq^bp
z5(=+RDEvgT9t;n#m$0&e?cDFEv#(LOjwgL+>%mHYzt-v3k3_$|65HXy_G@uBhinJV
z5ccZ_wH8E2X`2FU+P0CUez3TB76}Rm_sov5U*aHGI9%-L?7<r6g=^DW?WFjmsT2E^
zE9bz~m@l5XE1LPbjbBp}$6$3$(b-ySHgXQSzO!RErK+`7KQed3J01~a#?p-+q>wDc
zlj<Hj<DI*&l#<fZC*zjmE}jH=wN^2nbX7B+oMRHgI^m>uu}VA{w`Nyx*7jjxb0-<O
zI@etrwa3Jdnd0WgrQIOgx#1BKwD-f$0zwPF&??mTfMyOt2PqIw2B|s8Mi?j=w|tVH
zW9Ds!|K#}O>A%UulO}02fA!dz_u2fFvE9165<UBrpl8p7=dSSF9iPJ80C&YR^$o}l
z$s;&WBE&XunD}o5`5(YLC7y|Q#k-wPxt%2yD5u7!N}!lDIW0bI6={O7c^I|pPg!4*
z`A8cM(gL<lsqe(Q(zo69gNcC<%!1a>FVf6n#lC8DOIl&ea0X|CG|<!I(=`nC?5;-v
zpD96o7VZ&k&!gA<T+dOhXT)br;W}{xede8Xb5_mE%A%n^hjQt5t^?%FJ2O7>;nfmz
zf^}1XwehfW#=8+S6A!B?*P5HS@8JZo#Vk|pteJcMiMg+eE+0)?D@Y#mzl?On%9Fk(
z@i^LJb6VO?qv(3NlO~V8D2t(Bt`SS0v9mXP4$QnS4O>>)@JTYwq5W4-kLtzz%fgxX
z41zf`z$~tcI*F&u9IY1CcZn77?tHV=r1%fyh{N4e%uW2%e8T34$-?Wl+CR=)g2G%^
z>5?Fu<H1*<XU~J9g=v$C2giL!-ojGB9Q<2qMR(;CeG11~kBeF^>tb?75i5X81&&;B
zu;~<dQg;0nIJ12SYC;-g{$P5G2QF`&Z9!bEeRASHr1r_p`*5|7GpxHJSEgjNW(@>>
z)WOM*PsFBqZ~5#CamhAM;q-)Cq*6@OLh!4`l3?klljqR<mkKAzjh6RGe7r;<*?YUM
z&@*>$_mz6)yRXuNnafw(Gv9rUJqz8}>N(O~<Y7Elj$Vkp{8jN(-Ot6!=giGk<0;Qo
z4HlB04Y!;8Y&9-z7xv{f%LX@F*4=DH+-x2c7v*Lv&5Teq!=XSFg;FmY8(pGDF@PSA
z=jiWIE&d2y?agTN6>PDu@^><J=*-Lc36tA9s<{6vrcY|}8KUlD_6dhz*?etsvI#b(
zU(DHN9<X@8oNaMvPU3CDE;V->bKK5LnFYh#g5hn!(6(SmTQHO@2w@BjzsQg=oPF3(
zW9JuWX#`sX@{MiG8KT%3EoTma02#yrt9uJSybCO&8Setl`JiDL7%vu-tTLme3+DQ;
zg+Z*V8_u?#@^B!DCE#uINv@r_2<Vu-Vwr&)spXu_J;iwoki9<~oRUnk%PWa9V3QrB
zmXmI+{e@Sc3uYF?$K}QA`E>=l$`Tgwr1o4(86;mX0B=J0I5@y2;x#tyuu(X&EU4Gr
zTgi)}AWoaPv&`<DiQzr6l{5o!0-H1^*6!)POlkV^boD*zd2X;gXOYKmTVM-F$&p_i
z<6fSmo>@cu%&C@ov(=!93&!z4ykm)x4JJTxojd!K&+Nm%tbKI&B;6&mpe8M$yXH<F
z5xPH#`W`afakM$zGYdj`kMLdlG|M2kjUbSEV#4_9g9+oSCpzPg9iH)ZNyQ_AfXlFg
zA2I^)?fu-0A2?c0zr%6#%fS#%80!UZMy8e~oTKHzJ2FS#K<Xafe*Tf;+p;QJ$+z+<
zJ|bj$E5pk}CL0dQgl~n~KEAcjC49R+@MO%|1jVwGyfw%P_C7drk^=8c;_G&{>2J@x
znGulDP2vVW;x4U|V2h`x-5EyF;HBQoJtp!CAH{$hO2n_X3oViHF${8v+!$sp#?cPm
zhk-`-{ysQpbkW<xJqmqF-Y1k`snl^X3_i>|hmdjzDKi}1!RehoT9p!FfOPpIvn)VH
z+(-m@3X?`~r$RJ%$VvDM+WqBP*35ab`Hg1y{EkR7Tzd}^OE~o&F`CIk_~2-!oAw@V
znytmEmR$`GE+<=NLF4zmeWXfI{y92EoZHB}gKp>B!22f6Ew}=r<uk5%uwM4(Vs=+s
zy>qzLto!{QZVa%MPlmI^b1Q0qh@W45O?tMrPJmr(=ZCk{)-y1lALb%uK~K+o<6p3#
z*G?wq9Ok3<Gr;}>)Q*NqZh#bcF$<(PR5TN$mg7Z=el5?72{H^uUiT5UV}KV~zj0}<
zrFRALj+*LnJA1HJF^w~KkjuVwe5nhLIV5Y2s<eozkFiokHgAfoCbZCG*@&N?7;#m0
z`eU4bQ`u9=S2>gpJ9g~y+FCAlKe&aZ`L3g$2fq>$bXpbRU$83xS}$<nq_c{Li9?m8
z7r6KW?wOyu-}NwMlzU3<t`W`amr-*Ey_h&>Z7s{gIuPf|QmO?&nYw?Twy&k_%qv^l
zt9vR#G@e6edW~nuJ6w|!aM74|{j!9Cf%|g+qnlAtc&9(UvdL(ZOPb6PMguzAr4$eP
zv;->YuHOL$1bRHE#m%L7Xs&)zWz=5$>;~zQmq)8mDhV12<IIr8nIy1}qDjz_bn(FG
zTx~!b9Mb6Ir8MdrMB~z^IAVz3p^!Y9`E(z&++Rx`aXTsakYa(3IsL5=N?Qiwfihwf
zb#d2imU95o4<yYLCWcsdD05oc;n|$DxRN82pe67}I^Tv7b&$0j43cPW)1Qhs!6HqZ
zyp+mGYs%IdeuwIVXfmv;2yj%nrnd)(=7Z0D5P-x34hhXNP^4OYa&^SU0|_kgfB~b&
z5L-K=8TJgriLNN?{y1(sa(?1Cr@mfPS;FKqZxT+2N}W_y4#Eo82jFlpM?A127Z0@P
zavahz5EoUU7COR)y7y^dY_CZHTo>}L3>EQ9NVE-=(AgyQhDw?=jyJm(L$Xk-gc3If
z$qMGjAY;iK852LN9Xs<pb*o10xS1C+l`!*B#+#&N(!yT!z%6sxCGF_vmR)C1do-i<
z7n~YsrZW1}uGc!=OtAl_;i>_u&J}nNFtySDzaZdm3q6h6)|tY;bKpo^wy7`NU&TK6
z7s}=C(|&UQ{r}kj*K5b($2@j&?<#&wd3Gj!Pt<j^=xZ9+vr`y0=fT9B|H_&O{LpzV
z!GD77B^WUOa%st40!!>!7Ji2UeGO6f-Mog--_z?z+txO66mO(E<8;n)lRE!Wb#m)C
zNqmtb%O5O#yNxeTGllx{Tv~7aD)L~Q0;g|f2no<cRW}BKJm-TE8%#2+hf^3UoOj?#
zUu#P|SR<*!5}FGXzLjOwty5Wp`MacYP|<qT^w19E?nuKtWb@A<y+K0Wo0T`&*dUm0
z!|U>O$6d_}5DulOI1ZC__Sch+MVq!y;itoyiJw+xE+z;I$to4b82oeRBYAD{9}Bmm
zf8y^J<i$p;nh*204-MiC{GE%=@p=B{LB=pT*$?^qF@H1qN!BU*`3OaBx%&a3xk^^6
zwBth1*I3#<7nVJGuy!@bx!*|EJO<LLB}rC^HyOEXS=4J>JfJy*_W(NFzjn_i*UL2z
zFd5o4G3dO|S@YPin#S9^zWdwcnt8mzYY0#&<NG$v27HJtjE!0^zM`yCRxRs3kl~pd
zR%fdZ6PjZXCcaLZhk%JA<G`29hmNzLc5K>PWZTa(HTK#h#d2iqS+xPD16<MM@ETi`
zeoV-=(V8=}DQ(~AiuP$ay4sh0XzddLoM#VDX>aAk=-&OC;n4e^x2O9)TIvWNTLF;v
zvI?LMT>20YE`X%K#KQ|-%h6DPGlT`({hU%g+XvkE3gEQQPQZPhuJr#3xJ`oXex0D*
z58L_`u-OV$VB7Wo1h(fHRa2Nk-xJDhO3=SI7?7jfUx5hnptM`-OlIFzX5yl5-CEm<
zUYw?NiC$=<_^>+4RxrrrKe4Q+zWg&g$!yC*wLBIX&Usv6A%I-@CEeUPMiOY}!qdi#
z@cv$a_t7Q<Xc$mWl;6FUR61a7n)wXE)st;nK?yBA6_@-jX&xe%{5*Y%848UF{ZdTE
zjv(6j&>?!bI@LsF1$0^*E9jUvdZ_q%(9o^kt0t-|fRjsJz<mwb^$>~qAb?xet(-~4
znDsZ^5V%r(%rBWU<L-onF_ZD~^{WjLt&N_0!r2!O)nKbO@w36!5M9oeJ#3hH@Bg{~
z{<7&<1)cNk=P1|lfMloEd+w>Ar!0uS*eil71YIxDQ)D&yrjN${WGkTW&hpV+`$E{5
zNu}+uZE)HCtYRZHQA4;KGj7dmqu^MyJdS(W^2IrJQ1&`<j!RjdkE{q`KKdnl?s5^E
zPoi(EqN{3&_*9t<!iAahND>NE6DI~8augS?=JAL`fb~foVr0~9(LL5ugedH%6!w1%
zA5wRc5nh_hK<mk**QiuHu=sugN^GaM9dYc<kk+CN^dgrhk^GSkqCK%us}PNsSdv@x
zbXE3|kRBwk<Fz#IyU0-+rtiv14TuNLykz1*FeJt$%N6vQ_1Sc9Q^|xcCD@WFQwg9G
zJ0(x?J*zAa&;k)=YJ(b!b5mNM=H?aQr38GFjY*lHtDg!EOjplNje4pn{P?D}x$fR?
zEF|2enDz@Gq$&MRX7AL8B2J4}HweokCOhM{D{9NA4MTTq8T02YLMT;ZClsRJLWB6G
z=*?6>UWfKB{5N8=oOnHZ@C~<6qPEe+Yag%f*_eH5@XYC0>@a1ZJHl)LVA!9&$FtWD
z=7ayQhEt@z?yjLyy?$4{R-2ijIzA58iVeJQ?2=S%asHqvsL?3X8ta=%&&#q9zc4OM
z|1}Zpl8iZ2*#;Z#V9IkH_{3UvXKxO0$2luWV@rl5+&vf_L?rz5=i{7w5z>AoQYi(U
zTQJ4NyBfGQ=~1jsc?`=_Qs7v$k3-Wo(`l3Z&uGW<(H~U5VTHai*dP~94UU_Tz?r@$
z&7M1$WY-K|$bJ&pL-DzOEXRYhPt7cR2AnkNYz4ckQ7ezu23p%ltU!E4?Bg($l@HD;
zK|ByZ80b-k76q?R&b>l-m8L(&;U<unQ;kJgvI^tcQE+@T#3CvyJ>L&XLh#`@$I{Jo
zK1qeoDh_LESfs#VH2rQbpmcDUV}Mmu9q4lqyu5BOE?&#|Gz*`$P=YFWzh-nwNP>U@
ztDz4u<VG{kLa=b&oZ*zsU2$=?RxQO<J9r^3ZqLO-tqd;fp$3Ll6|5Suwp2My6=G_V
z@LHA?H)iKpD<cn7tUU@^;eT<|+R4o}d$$0GA#Wfw0k7FXXE06bWm=D7=F$^znkwWC
z$yn22Wog+zoh;#!p`i+EH-~07|2j+!1o9aL`f|`E%~PApO0=a`xr=8%ddc@xW<za?
zZHn`(3~h8OR<izgp(@Vb8(tf6@!q?1As@~n^I^jRN-`R=+|{aJ(d``j`jV_etRzXo
z<2+9JG57rGq(gdRT)7L@1%u!hsI_?i)tch7LLIf#SBAFgd78(Q6TyJmd=CV=D{6Iz
zs&V<?keFRd@lQ_TE!Yla-I1HP3eRfNhEc@?PGw4xo99})(oBU=+T6j3;n|6^W_y|P
z%d!pS=E&+Ws-sqg7RO186T}_Jp>oU#z<teT&Oz&PoFAA8oc=r|G=$5&$e^`wbez9h
zVl2-FLAr39H(wnyfYV<OaSf|xFWsudjn83r!dR5Um--@AR%uTl=0P7Rn6{h#b8RWs
zf}x7{Naogd4{&%$GBI!4;7iVmY!}%5Rh*YBjp8iAo$k@7)fg{oHeL)wH$sI=C9^XV
zwdSiemS+}N7fG+Xi>uxyY7@1Qk$i55B|{3$Ec_Y2&6lV40e+fc4hZRdDA9qU)}sm&
zKiyVht$(VlFbS3K6i-R_=rDYSefa~?h4j<^W%X~~%<FOx@^wE#fAJpbUHl|JLxmx{
zxvPLPUFPVLP$^)Y=}WNDl>o5ZxiqPsp}sKjABIjg@B>=8^Ts4@;%9)yu_Ye>DVctF
z^4VN{@lOQ8rvyTAD8D)gwV{0d;B>`dw)p^USCYDOWmplem7WIBUniADt<%96-9t(b
zV_dm2IMau!)<goXX*ve*nf(cLqKF;(2E%BNZ#LQt_*)I9TGO7bufGfEKMvq`=j)4~
z(33j{I4MTwd}<c;Tb9-cj3W%c+{NiuY9o5~^|weJ5b1T(jD1M7Wybtn{W&wS);}aI
z(o~Y)FqCp~d8u9UDz{#*JRLkDk)RYMHuRKqrt?6Fr1G#$f7325A>JfuUfZYgN+Fcm
z1`yCW{Z*a$JwhVE5f_!nZW9qgwL1v~arz&;2=-+QzB(u3EV4i{6ilcMG!w%fI{6vA
zmDchRZ}dplnmf|9mX36-jU!!UO7tV){WkEff1Bm`v^H+}?51=vst7P~RS3Q{U5qMv
zOiYB}Qkq))o(5l?2CD~5YznELlm?46)8Kzf%NDa*KkvK4uyZTSW90wiWa%p>QT%|E
zcv$~Yk9-$rrY(2<XM5(mKjdlU<fE5*6Qj*6YWB;6wtV*4DIDJ>;lycntj?Ct-k-wp
z9fJKd+xvL4Efsco&BWUI*C9%7`L5zE(fz#DCpIM!-{W(H<Kh%p+vthEPnh^TCms)c
z?&Czfm?NdVXEyGeJ;25o1!NAS=OPuNzXR-VJHP8<ABMdOj|H`#5#8Q}1a{8YyD)+B
zX79p+6rXAx$vu)?*v>Z#Sngy=3^o8v38N)SCbq!zS6J(N5^1svJNZ4R%SGyU`iD4p
z2C*mOM@i6HYlQ;LY&VeDkC$h<rR;-YdN&nRLsi@u>51dg^>^x=6kUG82rOq_e&%IX
zu*2tfvoK)9!;jOFQ61oqG8Gq?@716zFII{9uQI!B%2w#@H5}0Red3y(d&~&PTA$g=
z{i>6q4jhnny*Wv<Tkuzyj5Dx3rNX4rI$r3kb|)2m5#@V#i8ZU*wc}?~<YzPl&^j9s
zsmn4kI3@_bT`AGRr@xVetZ35Q^-oFS8ngYeqck?e<od%65#)-i%pRki0Zm3{UF^P5
zuz~2Aw>xnhhqq&5byHFSDD6T74Pbg`fm*=5On^-5Y1kExiIR`m@@JeJCD_^}Y?byW
ziT2Og+wJ?gm%y)*@!TS-26Q1%M=WT=bXL~D?wf#+3Eu=uT0v#g#=9>eLj9r;y&oR`
z&XIXsJ$qnXEuXD-SuK~#8hyIrQ_T0LL<O#q0`Go{+)1J3b~Hm=vTL2-PUa3QZ(J_R
zddS+HPUSkszcYxEU)(MgoOHU3iZj<_JWv1T%xfLB)-}{;Rx6TQs&=5Qpm}>uV4GUl
zpv4i=&iV8tT_Ocy?nnR=ZmqgGL#45*O!@I7f!H!()H%D{il(XkqW}l0cV7z*wO>dS
z4KY`6wN|!JZeJwb$Xmnl*X)!NTdJFXjawK3h8hPk+|@38C(D}`08?$~yLWLjlouH?
za1q1OJfa1p7nb!3mO*iUp(_%g@EdB3cucnIl7#D1GzIz`2x!Y4XwI-jqA`2#9ZoFE
z(3s^wr7g9gJL4fTT1#L;qagM&5F}9d@Fp}Mb?i=u2LLdXco5C9`39krseA98%>(*m
zh%x@vIQm`jZ@AWuQ?WQOW{j(8i#k#J_SweX>$g<z#CwB|Aax;;x(J%-FT%hVL>Xg1
z`mLWdAk`|<Izgd?xFj&ndz?28Nq|Ib-VPM>J6+O6xr61bYtdrc-?s73?-Ki-V5`IB
znZ_Qj=4k92#_7FRXN%1Zl!n*PBQw?F^jA3}#ME5V$vz>b=ikJ}FnE6<9UV0$t}=LQ
zC`>o6{47na!I0n=qLFR+>_|HDt|53caZ!l5JI#=ei6Q1oX^d`ZN#S`@8eC9tqGNn2
z4K5Nqxg(R^P;b6j)Qa?xOFw9vbf70%D^Z{4e@dcml}ya}4(PG@DxI?<z`H~GZumPZ
z8PTHXyA^U}yE^xcW25+Go5T+(V=H><nuyuQ2-8@2w?hseFf85YwI<Ts?e{J3{-F1+
z7M72GN;=L^;v6=Z8WSQvLoReg0h8^@Js1Ephn~OZZDuwk$}Fg1UG2*9*t+jjvJ$NM
zwinFfI1-6;ej1&mJC@4&&g)UmJbFRrGBz(nOP&8mer^t-XAx>8>0Vx)$hzPNQ^j?Q
z=u0@)W*Q5$2Jp;jTHnr@>}rwiPNSi+P~i97GhzH#4L6Q|^sNN{Tx4Mtw-Ko<I@Gbo
zqGLU)+l1_`;dRq(;ETNO%!p`*-6vp7@nBFj9<bEdRuHCe20)!7A!`L9{3?=%30;Hb
z-H+8k5gJeXGSPP0XZ-2Nbvr7<74?Se_K(HL;r-v$d$2HshDqJYt-FxJzfAM(ij5BC
zK{n?!9b#in^BtDK@ZD^M%%Xbq<xKNT5f~(|*`N|KQFSoNU&Lo7S`&?|i#95Bn=WmC
zmz7Ij%0yBR^)K|%n4;*T$LL{*^M1)y>}eler*{r@^pp)fdOg-c7gS2F{T*tdomS+6
zN(kLX0rk*r{9O)w;9k;?`}*wB_V=Uf+pF<(KH7)k`A>cQy~r7APa@3W&xU?%4GaBP
z?|JLPA(3?{-GL#TSZAu!Ex8`cP|)9E4p$=ymuV=Wp}GA^XlLTXQ+xOHA%_mB&1|6*
z;fhr<sw07plM(r9e;<5f!zhMHvt%Et91d#CD<Cq*k%bvqtxjb0qvO28q>LJ~Qp%{P
zY0kIWiI}hyk~p~Fm0QDT4vYQ7r1ciJQ=QV{8B%wD9seI*#Wd@jozo_Hq4tL^^Yri;
z*g0^qY&!L$zZ6Z7BjUPx!_Y+kr4C#ZxpmxCAELtMIGeN(U#}zYKP#_|J>1RX?C7%^
z)(JlBo!}g8PyZ0_%|G@4AG`3!MkkP;&M;2Zna%X4Fkr3McNnlX=$$)e^$5Kn+x{15
z**sOkP>YEGwCqr*pW5`xbTzl2b8v}u`BerR-==zmQntHEg?T~}beT4mIX<Sxg8vGF
z(3upFu$I4DXY%3rquwHo#c!ZJ`uFp-CxNcvQ2DstgDe@Pj~-5wmurD5$jb>e2b>+<
zxSo#xzAmk=43M5_jq99qLz_^#oWIsY+CyvO7<ZPCz$!Hg=xcIQG=Ca2yxGUBH?ATd
zUT*S1%}?Zm-g7}d=slGW`bg!2xFwYjdtiUX_7joQ_6gyp6@~kQtL*zkL|UBp1&!Gz
zBD|m=B2<k;gcwLy^eEC>YNA42r!VMV;T5EZGOZ##-U6ytN)PTmu)>R-k0C```Oc?!
zbUtko#XvN@<yg8yqPM8{M50)Vvj|v4qV(dHN|g7zL`kDvq5z!ah4hO=UZ`WPCNB`r
z7Ih$9)3`>8i0g!o5SzGl4)if;dAw#_d+|pjYd-58(PYhE^4|QM2e_<xHT4Hs!vPsf
zWX<vV4zgy8-cuoSI=uOF2$>U9SWn1owa@NxJc26!*AAg%#~$F*KV-*4fe)c!wKcj{
ziwh0a#8IpKCPG90ilf!-Gf|(+Xi~@$nIZKj$O6TgEEvi(zn~T+TGDb|tNkTwZ>no?
z<W!@p+?n<lE#HFLkg8nzh`xMyUF&$^OXJYvc#5|4Lp3(h1yAANUOrJ>b;k~Gt`)ZM
zHQLt?s1x1E-v8a|A93P{&$YJUhbl7^%9RL|5L6UpNlXpBd*p351ZzXJ>f}I0jk_EO
zb*@ybu|nwKmSeRZt|DA#=<neI<+dBV0y8V-szs!f9gxf|Cd4{K^<vK;v63XU%pkEZ
z$pw><Zjc<)r(;WhP&tXpZG6)w%f+KTS+1|3TlV#1t3#_Odi{8b9I*JM{X8FWB5w2}
z;axT%T$Q(@wY{l{O{k2ypxo*`wF&j{pb3T4_IzqZDz*E9B(;TKS&R>!R(;e+*rcCu
zfj}YXaP+|f+9-2TcArF)+kN)7#O}*PL-4JSx6HYG7svzhC1cc|leld2dugQNdik(j
zdQs3l8*NGR&EHC<?s<l0`(;&oww1|V+kQz}n#)_|@o~bmG4GSMVjex$vS!;|@`NG6
z`tdY*e&74CQjkYZ0j);oP-M%~UQjhyM*1rBpP?^duzGzQ@9ueDnpBs}Wvrf_A=}b(
z($Zp*!`sxuUl!#4NT38AYRUZ%6KiwLe@P-$S6@E-H)#}Y?w?bcKc75)b%QCcnJo7%
z=31HDwe4$?(i{$Gn6&j=#}ggJZv+6j3d&^L&n8bg{$`@79&SUP1h?Gxppf?Ussz;P
z!%>^S7w{DFsZ(m_19(!1PNce_zb<dn1LoP^pU3ZzM5mVwSE+XHv~K&9jFNkg+av8=
zhY0G9)<iB?;u5Yq$wT|7@Nv>v+=xm}1)j<Cr0pScMashL4$k53Pg~&JH+(b*Q>>A`
zY<<Oh1}{3C288*fin#Mn4^JzVG0rUrAj0(^l>}ZPIgrTP6pk!flBudpbAAs+4<oeQ
zX1AHtwLrh2LQ0wDAy^v{z0+|hK~gE?4RaYTado6=vSASz6ieZHgjNkuoeGzdi+Y~1
zqpdS`6g?MkTDnt}sdxPW5cI;cxgHuUo$rF69Law**PiB{y;;5(%R1u2X}V$MLefrN
zl9`8$g|0r5$zIwey`{m^b&lqJB$+N{n%QhrfLKXCT#_atPHEQkr&&)q>yvWORPLvs
z%Ap~;R8UKTz2p8J^uKD9e=7bR{jUs1`KR%se({@>@vnyK_A$gHxU)NDUqf8IlIeT}
zCEYxVRq%dERABj`=3h7}g0(Bx70adaT>A_%%S+HaQ!g0&b?uk3#eTLiNB(lpa59$*
z4f=veZecDLt=<!dixb<*?X$?dMLQ<tHDC&6`gW_#FL4ET+2|Z#`mw<~abkNN$#u5&
zZ2N59s)hPV$7kvVgT*jAwXWzGuCVE%$-R!kF+~S~tMa6C9ihC*v^-I0YP4vSnjS1}
zzJ-i^MJA<6SCnn>zYRvi1`hxFj&i{#1!Ti7AybfTPN!0I%y>d4-Y1++%W0hhl!rp=
zCqsSoL1a@(Yk7Qh6J}xNu|$g4|Ij1$fG#6r(gJgieLv>K@wA8lCSJ=vPYEaNI-o=>
zXk_tNV1;rZY-4WcP+XqaX0$@L6JePbncBj7KBJ8|PLpk3^6#lKo1=s`TDzB)$*kGt
z2w~PdM?A*tws>sF&f0b!vsr9i9P%7)EI5HJvfGAJFbr5~FYVDPC@s?^-Fb}xQgJj=
zS||Iaogvp1Cw9j<=ScQ3+q|8C*Xc>$$FdYkN?eP<ny6$AZJ(X-IC?!T>-Fa%4YNL<
z`XN@>FXzaNP{y9!k&T{0zJC+V*ddY2&sJNUAk&5>m4OmxqDr{8#<DEs(Zo|F&Xu@E
zyTA?3lCIOAj}FCKqXKu;nEx(w-#D(}0%xKW0h&#EYlbNt>2mT+6wCK}T(B6$zYo#A
zVzx7Fx3xzBNqf}ao<-R|QG2p12ymOUp4(o{WpBH|Ty>z>L(!X6QZQTdvz2;bd$q74
zS+3eT21i)&K>J*n0w&bFp6*v>nq&HZO``v2>tqU(3iuD*K;DApiOFx%931J^b4ouR
zc$4<a25>pOpkVXW1vS+0vpk+f>6IhJ%M4#0|9$I^Uj8c}>yhHmPx7C^pe2a1?F-cC
zNx4P!z0_?b+sEMcxfa*CYP6}ZPLv*&QFyJrQXglf(#BjgLVDM=y+$nXS0-SJM}&jE
zcw<d#!vzV9<Zv|i$~RI?!fwYR$)d>%xTWI>fY0>qaSCufAQPQP+5hhNQ8fInE>*D0
zh!ju_`HBOra;CYBtjXOTxk&fG2i?u`ZY#i0l0M|;Dj4(y1>bu|D56otoaPvh<}{`B
zbos2w^1uU2V5oM!iJ+Xn2u$6a$=W!##~LxYHPd{&@E1)^(x86?S-j#!&NT}jY<PVX
z@G)-~M<&s1=A_b+qE@IEg8vS9nGXKGd>xr+ob>;p^z$zj`nk>bY@w>qzLn2ZKh8$-
zXY{Ab?k_aYA?4P-l%i{oZq`4VXOX7Id--T5<@`+bA+I*kiO~GG^vP&nEwYLM)iu)^
zEEEybsAuYIUrMehv-XL0_bqSVK$I<{wtQbpw`d*BKxz7`zCP>e<b`FH;HJL6ibT&A
z=Sur+2D94PxC{L60_>ZMrTw$jT%le{jL;qqw+v9Sq~r9biYP0rEt;I9HSH%DhkrcN
zJVsdLZW?s<#6{Nbxyx`zaSys&>X-1Cd=)&c@6gW{6qxk6vI=te)%IZjDYZ_Au|9+L
zDhoiifpUV=0C38;nP}V6yxyP4C|O8ePRO;qg?od%^Q<()x)KfP0iWx8ry-Y8B@MZZ
zhc!gsNkbHvG^B0~c^MTcg@Cv2n^{nz^mCHCNIiiA5~BTM^2)v?f=?nF^*)&gf>knO
zfHpGcB0MP4*lt<4Qit$dbR6kj#(0M2Qvq>e0<B!h?CbK`z`W`!=($pJ8DlbrG+i5X
ze)gs((YqLQKqSMarlU^E-l#A<*#e_rzfI}KQ}|L;bipf75R$`$i^?CPc#|!RVdmS3
z5Fh1i``bxZ#CO}o@lwb&xnErJ?6y99JcWX}%;|U;2T#>|zWX#DD{-TQOK@|K<4l>B
zgrDi*DkTk<zOhC)$T(sIw`7iFSprM|zuMWQuJlhpk0|TT8ZZexGFHZd0z=u^=o-q&
z_QKmw1V4z?!9wShaV&)sX&LB(TX#nxNT!A9=<E)iHdSyy-Bm`zpq9Ouy;jYXn^%D^
z`e`8=3B6T112$xoQ+=H-<!8+lsThK*^WOpLf!2#T-D0<utCDnBycF9wDwW$8t7=wf
zRJKN~Cq?BtI-RPuaH&O|3u(N;Y&OjR>fES-%IYlC*<f3Ea;^Yn+1>o50NKW9qDWX+
zs4*058Jrp@7n;*F9|*vJY@XeF@pqNs6VrN+0U;Nwz6;6i^Bko%!*ONYc9KgE9*8>o
zL=FucH)o5b_GVt1&!@_HF%vs+qIkf^gtHQQPMr1n4?^zlGXP};ao^id+{=|>@iXAl
zwA}6$eA_x1^~t=`RB4RX>lr6LM>ykF9F1n%zo2%DloOR%u0<f(?ByF~$7d_q_N=1d
zHw;Jw`4o$FLKs(?RR&w9m)o<vSa)NW18c_GmnDUDJ}iW&*ja*~lmsU=$VP0>k$L(f
zht`#E0_9HJQk-vJPH^;PyekF^3#r<3WWVi((b=&p#xJiHibb|^u*>2s4i8n5%V#-F
zCRN!@|II|FM;E=yrhp^aZl9#RMYT8EzJjtCXsy}J>-eCF{q2Oo8H+=h+R5c)rCvKZ
zj&wn&EPGQgp@AX9THNjnD0{OnRg$RWt^LD8>q_2Q`7*c<IJDLaZC_?-fle)MUMuJl
zP@km_#7Su1$<d{+@b+mv&5H^DwB$v$`E1e+qY$<BM4Z2Yp-`NadaaShM)xL{Mge~@
zOT>XYi&{Tljc{KnkaV^MQ6uZ0IY=JC@Xk^QngLZjAt<+E%_Mo_ByJN!i^+;?=Tb?G
zV?kcqTHlMduD&9g@gp0_Z1M4<p1F;i1gS5TO+#rM3RfEAy07xNth9X3q5Ww-%8PKS
zAup4Bg(l9OK3y<px>ecI815=4Gt$*;c;v;jFzHsCD9h7PmerD9C8dvr(#O5t<_y(U
z3e5$O;R;<MgB@mz2=Fd}MY7>Auw>QV=v_WO?165ks5bv?4IBdD$DoBmIS-%T!hwRU
zN7Oq==0Rcy^s+CwUUL>@>0btULl0*i;SI?uzpe_%Oq|}mQcrV^_-Y_4zWFtERJ>Fj
zV@>hl$B^l`5ttttd!}6{$|~QPUsCDWxDpm<4DiY&)~;L+@{wNp$r*G3=+fvl6KC!T
z)?XSpzPCJn%~dNS%A<SZ+=kU+I4L<TCW<R#vy#_2cBk1@G`p`uikpw%{45|ch^jr&
z4gAe~T|X?j!l<C1IItQ@M)y%7OkWz`s~5H(IZosJGHByMUx4uEN|e&~zFIF`QoKG=
z)G*HU*A|z@_o?lSZnRe~#iOfRG~~dSRjcRv9YktjDm%`=HXF`Pr_s_Yv{=k+r0hgx
zTb!L3<O<!1^0s1@`_UK&gI7~&Ip-X@GoE8t)R@g>JA*Fl$+BE~?m+V<xC7y1<1i~`
z*?(xOY;~+82Z*C3XhH4gI14?_kK@E38>4aaMdZSN^$mas>`b_2)Q-0DfdiE#37zAY
zC8<7e63oNC>Q*fUbLgtlRpqOU{Y{RVXRF%zL^_}k<qD&Fi_j<N??bub_+E(D`z~$R
zTTZ@W?x)sX?!JmqPh$CZwCa2irsRa~A+~pekOTaV+3%?R3ZpLuH<ZB61V8NF<sf6I
z+b5hSfOowyI}G9TCxQf4cZ&$7y-k0eE$~rk(&_frKDuR134nCE=2fI?*AT%+CZCi%
zk?$|GmaLzAH#_-$co_0o(J2W%@hZsoWC<A`AX!4n2S|1l<XlG0WyH)KmX=;~KP@At
zrIXTHW8_TUMjgj}*j`Cm`d2P`26SQ)gzbJoe3*qIXN)9q?f`3A^pZa?P%QN^Di%?-
zvwn9^?;PD*>TxOa>N6<dY{ztw6!h!orlso6U@w+#X>UWh1N38f^{TkP9`(zmHKA_r
zjr)28rzMZ?l{`y2!6=o#y2l-qi@_Eu3$0OQtV~egQ2qeBD=KmIs(9e4c(AXDau_eG
zx<b{}UNf_N?B%4#wCZd;uwgHSgw8sa-ofsEA+zz9_Mx@(A){GeKl-1&ew2w$p(Xt`
z7zWo~5hmOIRXT#K04ynNfLDqZbP7zeoR6eekxb)oA$kU7u>VrN8LsRh7)$tS9vZp3
zdMUD;+Cn^9${HHoR>-BgJdm|w%6i)k82EQlb%hl>%A4-7E$U2$XvoHB{0|fWSpPEx
zE2&#klgg)4K5Xg6OU=7xU|B@bH%G!Dt5nXOT(6$%@w|S{3gL!_A~I=+y9<Z&d3eqN
zeI{oPhf+8}01Y6`%7$rWigS`=`1$P86s8#D=Ia5HUixBS<sDTTJAw<}#<ErDb1khq
z3i|9L*(&r=F!W*S+v%ehqmN#=Cy3uZ`lv1sggzbzeeMYKQI-coA1}ZwUq&AT%b@Df
zXO+qg$*SJyqxx5)kJl6Eqf%1(c-AA)rw2%nK330c*PGi<pB1|Q%Y_*&UXWcN9e%C&
zRXY4D6;m*!y5FC>%m%Pjo<AQQPk!^AvIT1XDY7aSuM<7wsCx^=E%l+Y#)tHbrE%oR
zWK?7=p+Tf^GvD){Cq?CZDHPA}>UEO2F*|xif4wTO(0=Q(ntcp^behiw<K<Zk?YFJS
z20Yp5n58ghEuF!;ZT|ISxkW9uF+Uf*m$bolU{S>?wu3^s?u_4Mwu6Ea+aa@{WD{qH
z=hX+0O%`%ac<xO@&J7{^(vb5)$Texm`61-mG~|L1a@~PDCcmaF<ZheXn(T4v3YvbK
z#K2B%lGoAd2>!`MkEgxE;vd`}C*i6-z>(74JjSO!wOHlpFvJkVv;$Mxl>+LlIl}*I
ze)RG%QixW4`f*13aYp(vw>)esW>)COIr-e9*kt<v<qftrb90O|xi<i%bYuCo(2Z;C
zXVd`_gHc(EG4t)yf6FH0nfH-BYT?9^mW*a+C*zb)ta1R5mm#+l#>w<o9BG6n2{A+1
z@caN-8NLsb6>m%bV5>RaYUhMg6O97JcYJR#8A;jtDCks~j*rIgwfh1TAa<v^cT0H7
zMQD`?E?ngt#8?nIe1ttbN~CNGCHHCq`y;EPWGzkam6M?5i>si;QmuxXl|=|WhcDs*
zQ1n0;I;9^&@(swxYw~B*1&-v&(+M*kuCx2GbvkO`5J!(Jva$)Gd|-T^*!B(&Y^1>!
z$OvzifOB(kbha8Mc0RI{pZn@f*Q?~B4^b~ZJnZ?=D=PItKbbk3W8>uPfvP{TR|kp{
zS3_?`Y8_@F&?dIejqk<nz-bQtef1pPMGGofS~2_vi+h9mwHPNZTv#ICy|ec|nNvAd
ziL){+dWhqhbeQRIp52-DHdxjjNOXbS&jg<sif~++({opdja!5>_F3hlvuGQ<n9RLJ
zi~A)|Tsqsh5FHw;;+%%ri|sSe+04CLoX5_s-0bsiW=Z*cdofzKAsV|#ZK3Sm7?Kvc
zWDI$r`fYUZ`al1$)vrRs7`C1<<Fr-VABLC*S$8~|w7q{UvbHZ7i{7cRNWqi;o@vfY
zM5Dc$lgWPZ@y<<5Gm`WN;pyFTM`mK1JE4NJiOK!oead#9t@0#Wd=3gyX%0%E)>?&Y
zo^?dD4&lc{_tnpVR_2CJ=UFq+`J`j{QOu&q#ph5!lZ7=nzqNpTxHEkkTN_@^&-_12
zgI^mpSzS}Hbk$?l*vH)F;S)G2^on3&+c<G7WwLIVx;^r8%TYPTv(L^yl|p*D%o_89
zGI<b3&HpW?dtXAe$8Y|9L_?!7&qbD%TLj&t`L=gaenaKs+?Kz((u(n3^HSwj&oH5Z
zLz#f-Zyh?OVBTlce&!(D(GKc@Pq`dz+-j<XmHPz3N3GmUD0h8QZnoIQg3z)u3S!yb
zq2qCwTMb`1w9acVY0&d;bKYUZ;fCrfnW!9{us!izJI(&YXf~fm4^C;Oxr=)|{J7=e
z&++h6d*PXAp7djaxAR8P=;;7hamcGh0}fcv!X0k7F~a)<5`%G}Q{^~R|6G|M^6X58
z|1A@g&uo7eRH8I)=8-4_;;}0AkE{O0=OwJSZT>@I_~#m}64`D(HD52ZBkH_Wu-bZq
zZS#Mu#L8^@G7mei_kLwb=JncX*)V|DpIJ~~pczW^lQT_L@E5wzCp76c5MA>kqOo{q
zl@zOT)2FP<9+{h*#_OYvGtNsa7+O%(oF)DX(8P3O)qP~XJ(`+U@~sxfsIE2_9jhkk
zY0`}i=K+j1lbk-YpanLTnkljh7XF-N5}kxg8-qgv&4C5cX>vyL-DurcKo8-rA8L(F
zU%g=-%@>a)b@azyzN`+x&>zp;#Y<pV9*>X6<Fz73&C0f)NzhT^`!A1zvMceOv;$t1
zY&B$FnZU6axatMQcbYlxcI?$9_v8!7p*S$le6*&~6rFXEWt#~U>!kF!_MXt7WpuSt
zdUO?U=b|Tpzx77SklBUf@u?8=+KX*`V3nXImD*RShD4hEO(HLGq!r66<mFJb{S4>v
z1P_5{4DRJTBYEaL)BXpLy+qD!5S*F$?<L_{hT)Ae5+<0rIyB#SP<o>Ahs%-&6((4W
zX7$&70IH_2h^J0=T8b97oFU<R=?qsBztLbdS{Y9_AEg<tKt1aO)z$`=vICkgR69zB
z<S-byIGz6Tp<{|R81*AJU2T-`+C+rfr7oQI<-lu>9?>oUC_8vN=|Z3Jc=dILDXn8j
zkZ4o<Dd)LJx{?KBHv(rO9`WDJ^J#PF!im?}{sHuP9Ybqa0V<fX=3m%kIBEV!^rOkj
zYwa#ryXW@;g$?oIlN9$EPoMZXo=83DL+VEcikBiX7@BS7fp+Ltg{`=rlt!x}4Q@`r
zvpV}yTYWeOy<y0E^_dN6TY4}$7zSwIgG_WW=_Z`cs;9nV;}L+;To5}v=J(M`4yH%}
z@holT-IwS$ef{9y6Mh$7QhrYDk4!X}!kca9lEEI`?_bD>CXwyl1azToeR5u**`7Sm
z2xLKth_}8Xx`zI$NJDbM>q&q1ercK8*U*mT@qyPY{}JT3#i#O_dXw@4FI#*nH~Zp4
zU$l4)Qp@Y_kH2<FypMZ*<%7Upf}_Frv3>X+=H2l9!d3CD&}^H@aR*TNwxGk|Tal~c
zJB+Co@8TN$#qi<n3H0*%u1o6c;WN;~@;|E=o#MMc{s{E2{7dPv1fO2N7&{PT6@0>_
zoPh6Gdy%lVY|K(vw*5Cr4-n2Q=x{hw<dJY@@k?>04xGwEi~oF5T_2AHoLKzdK0y2t
zaAx^aob}shzo^!`{Ap0H(=fB3;5IjP6`GGrIL&0#iZoM4k!E^%8sBSUb!DdpSyIi_
zQ|%8IZ5GstCOiEpz_VFs8h<_0-D|egGtKh>=5@F5arc&n?UA{A%V?%~fj~Sa>U<2{
zyLml?zkADArg`Ct(B=)qndt3gn%^{mj+A;aO=WrN=>XZiS=cxulbz2sY5K*Kz)C`W
zXZpUSAD;(o#{yeY4&ts|QJRxgjEam7ZLLI|{|ZQj=8v&Pe03Q<3k4PXf+mxFDC;&x
zwM%Flt5c$N+oKvb8~zI4bL4bcP{HjPs_3CC!PlB-Gcc|5G0M{IQo0@bdDSF8SAk?p
ztTLq|`x+N7)6(uFZC{_E&L!pTCVJ|ajAzh?70HD@%ktp6&^T!@oZ6p99|ri!Jb}+G
z&uRU6^wIt{n8jTf>Jk1?9irpJ8`(_rQpjZT4P8R(bvr)*!?qw`{<n#`IX4A2Jc+j{
zX724JNlls9ox`1-r;|a5_Y9fl)0MiAXXz?QP=TI@e6_&#FHKRIdNS7KV{vDqa8z!*
zmXlLiF@fLAP?8ic#~G#1Tj|j)p>!OuZjOKQ5Gx~ny%}yY)|(ZB5=&ibQ}eg@L1SrN
z##0kkaz^7tn;PhRm?Fm=*u-vsNp$WfjI60V?WgZ|PDn|c#-HCuCvks3ul4h_&_2*a
zeF8*ytmLHDo;*sp&nzfTTjcf3wtpGi^hlf5bC1`fG|l&@Nw)LV#|7yd4u_%FqO^fz
z{z|yDyFeD(PtyDb9MFA<KABh7ifA>cc_pR!Jc8DL-==yzCzG^Y5;H$A{{jk{f3c`$
z+9X$+D<ar2eTB8Jvcm4BRmw^oeOZGEq^yYvB=~c-KlgaUMK(9m+?%#e^6Qs@X^Ziw
z)}qR(%53gWpqx)K2S^KxA7}Ps{uOl5YB4u|5`-8SK_6CKHl%27Rg9!#a~0_D&A);s
zae&lRDL;Q6O$6_?9Ga$3rYq!ytMdFQls5l(pi1^1Nhj9&w*a%TYp!{9AKbqGWJ!F!
z*RY#|*(elcY&~$-U~-3_+w_T^->0v?l;qj=xj-XMvh5`PIsam+?%qOlgexS--5UsN
zUdIo@SAiyc`vcuSvYU2n6@J;CWwQ57G4Y`$GWO&%5*b^Z{|ySd8O$rJWOBFUVNza_
zy_#!>qY=ql{a<^0G$J{?O!le`?Q^K2ealXMG+ZTpA{)I3SWfUh(MxwL=^#BKhDpi6
z)~v0ZhBcR_;EdW_3pW>g`Pwro`F9{^SU$~E5qzULC2f*Bg;<vY@Wb?9xR)zAx6s!)
zG?&BhGKT@214C82;d`|!ZhkvIHYQqsReyZ6mm#891J&o-U}n<7o6iNG716O;+;uX+
z0J}iYK(_s49#eIHmfCOTtNks+BVtQ)J)r~4Lx%bH5eF;nR|by$(9^FXQbI91^!iwu
zFx!>{EVbXpZ}TfGq?90($Rt&KW>Q?K{Z`_$Z5s|w@_JodMxAz=s?hF|YVp$}5c3Hq
z(S<_5XOe(gt~?DXpqpUP+8Jv3>oh;U21ROIu;t|$d3J4Zq2YR#+6Vb<2LO~TEHOXf
ztOU{s8`0ZdP1}y0rUhoIY+ssC{Ygkq$7-WpD$5^>BpexOcBl{P=qsOoeW|bay#h+I
z9psgI<h!rZV<^{swVur!bC>f!M3{D8#<#hB^wM}e!Y#v=z4<S|jd!<yM2ct<J(xS*
ziOyct)kE;*qt^moOJF9MxYe4-`E!-i%7*7vX#4+A3KNA4(#JvYP=&|MA0YMoV_?Qm
z8PZNw_}Lj7`;#kpe(Ev3lm*ZH5;A*laM>&$-<0vJg!#MBo|`WMRmRiuL7|mJ(}rFK
zdTme{?tBE)Z;qg;kF8v5VMtproGl1r?WYRcESymjGoAa%(44oR=1n|s>n{l18lv7!
zjqTeARPSxSoR{`%9>o_Of$I~1=63jRAUZV6wujEfv!mz71s6=k()`&HWznJC+)<Jl
z^}0|GeupxeH}Vs4A%;(T_0=tAA4zi3w!*w*Xst{IXrgaa1r@J=**D_XH2J}s@R(bp
zVa<){|F7N=?d~E_qv-FV>eoD6`j&hS+Z>k;P0rzviiCW_!<2V4pt}eU2nd6O)$0bu
zAVA~-5IG0JVPMW7icX3ur+Qt|wHHBB^JcX&VlFTn-3eqTQg<ImzedPk&~N*dq+a|Z
z_1++B0EbTWMVcGLjHkPWbnUkvFVJjQb$J8TkBvI5bI{T))QpSHKE9i$AVPekc7-oY
zRBUD5#*{uL1Tx*%0s<sANM0r4=4`VdH0Gf2_Fh6DRla>IWjW2yhp_Y9Hd*NYlC?nv
zwBG<&J&_~<2wF|Toy3C0_8IU=y?v%w=EEmaM=2AR+8^bu{<h{@dCX7K8M?nLP+B_A
zuvcbJs#%%7Bc|H<E86GCSz7uhRC+lRm)n2prT@B0-<Fmh9ctJS+{SuwwY?vE%86<G
zWVC!s^n+KfX|S#(BiW_##6(zTLG2CWiFLZ@B;zNC_EjQGpI#`Lx1%p!7&=n?uPljo
zf51-9FWO|=FM|}JfW+2c694iCh`+TLum11}c#<=%0W-58#J5ibN!j*6dR_AxcC8@s
zEchgX(=iLV2WMV*Zi4)fW(R4k8|}J>Rwo52wEa9#Vir@jeTxR#z~ade`5UVh)qbur
zJ%OLWY;!NUbPzu0Mig78vAe4Hw)Sa6jqhyO`{}$l??RPCLcQPAcU!B%UVUBEw4Ocd
zVOclBZ8@<)w5a$GVx6*-jBOL=C2eAp%iD8sJ)%<tZ{N;Gdl4uCUuN5Hg;dHKM!VPd
zvL0&JxJ7-?*h(Eht4G%<Kok5S+}W-3MRLW1rp?8J9#&h6cCFyG9=tXL4@aF-&nI}e
zw@x4)PPq2$Cko{z{Gv;sDLZ0p?p^%bAO6dP%lGk7la0OfcM~qZ?H>`I@H<M8Y$NgA
z5`GW%n8^wa1Qw|?=kh}u#$P40X+lUc@0*m#1a^#v_;r-S<MsZyO^<r_4SI}pe?<@1
zz2$JdU7xw`f6*h~J*Wo*{Q-Lxx^Lo{bLtF9ZW}wYpz~713nxF6BAbb<P;=)!`RMt%
z9ybq^=6@AQFlaKWJpU0%g<sQneHvL=Aqw-H&KnQ2v7$qpv4%U(7S{8D3Jh_-tM4$x
zWeW2bkfZxXU^3YuBt|zy=l)SN>^SEAzemHu>sB@G%}Qu*Z%N;T84nY3{7v}rH=)Si
zgeAjkIVwTbQ$!!v6V1%5EHS}c+3eY2s-(W1gML&;eLKsaRRvm%G&Wh|FJR+jIkRBt
zSOg`uUJLp4Z7LAAZ;fdEwB;uOM`~CCeS3lm33}xk+p7fC;|Z#)m(c?2`6i>sAgLMr
z)I7UGLP_;uHZp@O+c;eXR~OQ`8*6E-RCBWvAxvgL9AQnbA+w~kDyi;oRZ@M2NCux$
z&a&m_kAdE7&eTn0!e_QEAIbcM0ECV*|2p`Y`zea;@1f$=YT5Qvh}9Jmx(x%Lk;vEn
z5{a<U`4kP?f3Ht{8QU%x*De^-E{H8M3u4&z?Vieqc=@p6+Wa+yHQIObtNShHr7P6x
zhql)mQRl~EvPNLK(WtZQ0=`GX_gK`qLEmHk9oHva2fAd<t3SVH*!w*1-&_;)A>Mzy
zW*FAVNamjohhpdT>mhFiLb$ViF=%Ly0$lfP3OO{2!u6Zf#MrHo|3aw}zYdf)8?W0q
zxi(sNd^E}&fZ3Vy#|3|j%4}bv0_FBf$1EFcA}#`uY_T*?Bu$7;ZMU$#Mo^@(M_r3E
z+sW5F01QmF*>nCpJ`#70WS3wF{zEJO@q!`s8oIwmX-;#0j-`2m(#U<g49?wsa9*|y
z&aKPJxRiML6|F#htl}e7z38QB+b>cw`8NCN-AtN(_|r5;_J3NnmUfx{v(N6bG^yQ1
zJ&CO67~uq_fN%C9Y78NK@io#)g}_^W6?!aAu1h}e(C3TO&pY+`!u0bleZDCD{55_4
zV*2^(`uuh+De5=$`K|QxZhd|y{rpXR{-mBHemkGhMCJ9Y#=)Jws81Z}i-HbE`l7(X
zb-pNg?%p!KC_wJsvVKtz+`VPPqN=`o%f?03dH0r0i>mDIEfeKMRdcs*55MIdykiHk
zb-!LLy=^dBR6se*F0<Tmpj5o=h8^FaBghwZuZ^<UTc6CLi2MORxBM3A&9l_}fIi=;
zPc4zT<z4C9yLpQi_1(kq#IWh^zFNWKQiM;8tcXjoKe1s&TuO?G%`4(kx=d_e5tkBa
z;;a>MDaBTSGbP_DaHh0e1(uYsOXGx{9$q@%-NNcAb6_r7Op2AxkCw%xIO+VyvX~Sj
zoyyjwrKR}jj4q2wvC-MOEaurszgPjmjcLqs2wsrJEQg?z#w>?mK8;xpK}wCzW0t{|
z(xUUYWicrwI?q@ZlhUE{{4~b&jZ7p5+3AuI#?dT!lc7@8bvFa0T`YR!Uvcrz1?R=6
zL+yWK^c<Y|BB5dT{;L?S8PhdqAS<waIzs~YQQb}o%u2IE<*31fAVcvV$!=Z+*^cH~
zm4;&OIjQmHAZxyZ?wM&H01mTM<i#RtiEm9Ft7_-#7bHr3fkJF$Ms#R=E9UZrNdzCS
zPCo<@KGcexzrfr^-sd)?5S8MAWNyPx7TCRkmB8uY0?U#V(yf!xn#Tx5d!y?=6Aeli
zwD-S@1~qPGqD!K8{EN?d=#<LuHP#^h-8cL}o@bbBZod@cW6a#9D7@9qrv&d00rTd}
z;`tJk-ymN8O!;X;w7VzUUn9oTNQm2XFop{*gKB5`aR~}Y)7~u8+*~?S*i&-%EWZC3
ziav?2skPAVF}x%WPQPTZ+WB~|h(m)Qa^#|<NO;HBE$@rYe^)f<>y|UN$NfyT$@+1|
zmJHk|QC=xbXHiF!jq|c^chdg9)Ocx<Fk{OtfE_n*wR62HGHoP8YVE;0ZlR!_A6Rn)
zXBqyCU)a^N7ppdj&uE@FI@{tw9Ho{PCAO=r8XS%pIsYe#IQJ~b`XlCf!;$iwv!ou4
z2UgE*<gqnSHcnVQ7jOuS8U~}R>%NDCoO6|i<UFJ|cGCup-Ab40O7d4+;o-lNgqzi&
zFB`MmrxEi0_L4OE;v60>O4l3anKA|Q%;Z5nIuQ;&SMABRpPv`s-E=&_A`YCfE{WEM
z!MXE3sKns>S;aTcfnVEeZDxD4!=@Qx#y$(hmc)#A1{BkLw!AWb2O4gMH*Zw_Z2P%X
z)-3W<mA?^B+y;`yx%n?BSuxBrrIS=Q66qz3aG|zOcNS(e=NeWo-&m$p>HW9hjYq~5
z+n1>yoX1bCY-71D{2gckw{E112j13ZH#6Ekm&OHPG62)Q7dGMe%wg>Q&bI~8phLuY
zD>8$a_&_woay*!=GyQvUrLAQWX4h0Z^G`_NH1R6mRK=l<Ta$6@@)2!2Q{%uoZht<8
z?WWBS)8v7YEFP}S<3z1WL`uo6>Ayf|#V)jTZC)uJ2|~+K%b4N(Eup}q+z&aCkPKl(
z^|B1QXXJOGKGkRnpdQz!SfKE4!0X}O%u+9z%{J%)Ydl0(J~3%lsW!@9iP6dE>}z05
z{ymGopbOhtbjd-5e}_MKQhV{za9Ay3QKIdCeG5<J(?5lOfIrr~N1yHs*S?28=leYI
z=MXo<Xw48pu{bg~^FhM%?N5TboXJ63L9PfnXY=h(5aDOV*)-2)vb&RY&f_q9HLIfx
z&mn`AZUf3lW&We&t+L6neYtq_hkS`Pn%;Q=>E{1C0ksmRQkL@VkLbNDe!;%F8!X|_
zt^(xEVzT!4iRJM<fBb;Q{1^Ed{K`+Lk>hvr%^&e;>;{tmP1y%LyK^kuQzcP#Ib+^>
zu`#AsRCWIIjm<-sK&Yo_EFr5i-rCkoyta?=Fn@=eKc-%@uXX7~mJ76pa>j->jb_(6
z8XK;4Hv9x!wbt2C99oKN$=HcuSz{Ww^G52$?iEB`ahcATL=Kz1T{YxF_X?fSrbEtt
ziM2oa6&{+`|26((f+oCkFYl6jheG&0&LTEHqH%z;QquI|9c(+>i}6yP2~QCmJ)b}3
z4kLPcG|Icm7f-4D^TkuSl`_xRVoPMwZkebvtGV+7q4=MLVi#pv1FVVi<|iT30Gm$l
z;mH!B&w}E*EoZ!uw%O@cx#lN`Lv_kEKdu)teaxQOQm*;OA>^Za(ofel*YJjS1m-G6
zo$RGxxH$j6DD~zd<2kqASryHXD1Dh*MG<W2IQ_P0=v~pU+MA4X7uc9(ES+gTgFN%M
z0{8sKDUTH$?Q2wu52v?h)^~qT<AgC`_x*a!HZN9!D3fbHQ!hRbC>qhnHD)P87_)pm
zhWQS%>ufU&%smhI^S4ulP8U;RKsB3HHtln~4Ao@gbTFZ9jHV6lhe!@8bIWXaP1MqD
zz?R-%4D0vh6S>gZnr&L6vNyd9xaq+t1zV%+jryu)iUzT_v$&AfoRlQkGSRV=^|%#y
zTLopL)7p!DJTFpuJ6x+`v+LDj=R35$V9eu_=*3KPvxZMQkgV7lyDZsEQp}j#YX6kj
zt;Irz4X9)UiX?4Y`FyvK;A284x<|NkUB1w{NJW_#D|F`i-mmVxyAAvMMgjSCHU2-|
z+qi}<s>>|luBj5shh|2I%k=SZ`&N2zrBQ9L9s3E4UxhyQE^^F68{Fas`#tm^b3`_l
zrt$1iiw$p8&Xeprpalk0<-U|a&iuQJ=EyfFZlm{lysaG{$e4~b$Y?%uCkUX9fj&40
zAHp*)NbtY=j-J|ZtA)4Sj1%jNu|`-mCSDuB)lIgVVi?lsJM3cb&k=jWtBE}h9Y(fk
zfE|fSRAv|#7z`x{Iq3=*H?Av$mig_qmudH=k3$SV8iPw^@ccgV)N75_FH%~g*A~ZD
zoe}pu8adjFsErlkv3_Lhn%H$@9!o$Obx<^4G8$mvhT0Ss?t-0uUlcb&6r;RD<pkIe
zZ`j=dQctdZv>W4%Q+Xh5<xBkN0L`#B>rgaPUt=P7f6wdhI`Dr(vUEQnK4S{iIJ5Z~
zf;6F^xo+%+=n3#$k}cPqw2cAI#P(rJ7O+ZxOH}qnH-lwcSR)p_=~T>2y0u6VR&qQS
zHlHsQ5i-^x7(R11Dph-0MrxsTTB0mczm&ze*xB(Uddzp_BE~MQ&;N-2RVx?k^Y0aN
zl$-D7(SEK`HE3C!K$ogm+TUD4!SkJQQR{Jqj`g&YC}o<H5UmU9L!Nn=u<If#INN*=
z<r<o*5l0tyb^}GYuhGEAs;wb3uO}F;+Dr-Vv9-udvDw3IboOKD0pRD^{9VM~AMn>d
z25NjoZPMO6+t)}M^Y79RnB9=9k}R121UhUgzwajQi6#@W0l6i*{LJeJ&ffHL>ND%q
zG$N+)3auArY$&Q0>@ncldp}2MR>D#~(RKI1pu*=`lgZ-4t?pmIG*vgX6F5a#EqAe;
z$Al9A?Es<ANCF{17)0dv)EMI9kO5$4a3*7j{N&hA(Z!Z5)BYdupeaU`7Q6CP7b^m8
zng=WJ61pXas}{|MZT}T1`}Qi{dzih7tfT7fRUC?ToF$j9Z2n^OH{hH(JZvlH{|Rw;
zVd~jYZ;=aHx%x=ZO$WFgub3`F@u*U--#0%8NXcpx-FDBFv3@G7I>hv!W{S4%q<JsN
z5G(9yq-JqsQ#DJo+4Xk8w)h78J0tUdh_|{{?7>pw!2e2XCwjy(5MXhwUN=2v2@G*X
z2Lg&Dea&zo0=rNDVZ&yN=I_E;fw99XH(o~UbN=jYR9?<3{tBSPWrHPw`z}DtTIX@N
z<&0VIGmkY_HUB(dnLiU<qBexsT-%z6Vpe<#jVQVTw0#zl@b+4RjsxLWK*uc9^rz#Y
z_Fj1fra%tLrd%HP(BtOwk|2onTVW2wUFe^F<Y<V@Pr5(k@--K~bB+0a5<a{~eah>z
zp|+n7H`6fYb79voF)t4dhxoHTaKn>XA2?r7&4o}l>;BjuFC9)ith|?b-k#9%yw@Er
zull-VE$i$f4rG*#FU=1dpWc$lPL1~Gue9=&VpS_Y(>w`$;f-Hm+?&2gZz|lV%&S_}
zOv1hfXqki!cD~upvc#&LKPMuw@lAdYCYFA&bppyoZ}=`T9G0@>_TRwgZa7O!n8gxy
zi+vU$?c2q~oP9#t4BS6}Rp{->QaG+jT~LrsjfGcRNMbPd<uH?2+_=mnMgqix$Rc06
zd2O_T^-H2#Ci-ynm>;+}79IW!I&d5%=Og&`mte}ipWvLCvcAJ3HDzTZ=a!qY+y@b)
zg-7*Svg|ZKSq|%gF=W3EeySXRw9=5hhDq5{luv9~w_m580%d~z$_%nB++6!>k|k#0
z!lh>6R*%NQ{R)u4=DD7Qi$moDs$j6+!sYM}nM`Kk{%PWR8Hze);SPn02HKyIhea1V
zR6G3^?m+v~iWr7HmTGsIIL3Szdn_|(gJvi8SXHw_3=GMjjYqoTh<-D+BFtWGsz9=+
z@9cxt%IMWRWDETl{xq(N_B^8B;!or6AM)29{%yXM9=*}R@1eW!8db?9`&RRHNqR-l
z?<0o!=oLKs$M)wE#+s$*F8+piSG_Fce2GavJ9)nAuXghMqQ8?)w#o@SWus-Z*rWN6
zpbB!i>$KWA<EeDTe?t7pTKhu~(X;oSBL2-RC@|F*eu=V}0N`wl?~tcb=v+pAH*X4^
zw<PbG=9j3Y{U0QmsDy3toj>cv%3IR@Z^$Rpdrj-HGJ1)>-AgQIiWSwVKP|1x@}&OV
zC3`2^5YFJ$xco%g$~g+M|K;M5qhc%`<EZG)1`6wZh#$A`-NX*-^H6VOq)01~zCG0W
z3(}2b>+|0NmYZ|!D=BJ##Z{qq_J+*9{x=vMT3<scU+*i3)@PH{UWlC$jrvXD#iy(A
zbso-gDb6o>{RPmsR;<@Hw(97v@kW!9cSrHY+NO9D<1lJ^%v>fW+(bMv{bhF|p?fWU
zU()S!>R*<nu4S2@<kKSR^REPQG_7L&ZFs9-%F5Px{0>~t<0TAmP_sTa$D5~$jJW8m
zMcuK%ORoK7#T*+SYcYdK%pfsORm^emaTYU_#0;UwiO4nCU<l#bqvA(#83Xp%%g~8&
zqsDEzk!-hCgQTA(>HIrnP!5;dpHV(K)S+W)$48xO!BBjBf}#;Tsw}kn-_U|LQsBe+
zv{GzIQWR^ooQ;2GxsApn{qC9eZ{Q7qv>Fq(##>o;(s}wXEFtgJsvMWAd)0C+)`5l1
zHgtci<gZXOeZaTU)J}*`m_9U8<02yQOoQV~XRcOPF2?z}T7lCqd+brGb5dG9UK`W)
z=5JC9r{Ct|O7o4$EB<DvJ=lD+ASf%c-271Q9S`!|N*Z(Li|xo^;%C=)5D5|X<v?7w
z`6lLi)U?TX5)HTW18W+iu(2*BHs6#~R;03_=C7s2SDL?-L{*!=tzgcP%9G@G^gg8b
z!RGJkox^$a!1DIKH1Ft3^Ufqq^Ig1I8*9yXE3l@FwI)lv{Jr^JB>?cRi4h(hKU!?k
zid(xrNt>eh(dP3}_~OoFT|xT`Vs1jtUJ-K6ijWIegq*%2<g^tb=dB1iWktxzD?-j(
z8WM3*q<5-E8wMU7uWP=~TPt^L=mY3!pM{$s3nE$^f2dZQiaM9h!p>75%gNT`b_{Zp
z0C1TWLF(}C+H^d<`?jBPHf%MnH-AsXh;EHpDD-~&O7M&EFZ^zcx9$3C!*9d!OZW=>
zHdf%bvA7(+jm72oZ7eRwZ)0&eejAI+@!MEjj^D=Oa{M+Hm*E$f&pI5&8^SmUSQj^%
zzb~9;bDSSffLMN@`2k^NG_KaS7voXW4jZ)-;}dc5l;cs5C8;#8ak93(wYKvc&|;)V
zitUp=FZ`6~Q7??v`}n`O=CnUva||;xbj80~Gx+5-$Gq0Y`M2b1@6FZpeh!m@e}rgG
zhiqMfV*%M_7`gW@4`DUs2Q?te|A+nV_W&=;m7lH*g`0Bd^jMtetKS4*AJU21F`l0q
z8A3%8o0)_%rXew&3SShwWsdaEM|N@csMW~&%?}Ay)^7?#)LrwD$_L32L+Auett>Nr
zixNQQKx=bmL9l{Mrl_?lP+vCk4YYD2i67I)>7ZArilA34nb%a6OTsa3rHB0S@^IFB
zD*VIC!x=jj{*hjICL+x7*F@4((1%?A0b6fX>tCSOODA%Sd?gJ-DN^|$M%9BDl?p<%
zerO|QLVw{y3QeY|*`G|)CV#{|)`)<+1)fXvrpD!|F0(>2TB<kAB`LjvWm?sPP?Y2Y
zW-cU}72d*;P$Sh5cKrENDz^l|pZ_X8`M>PF37lM2ng4xLRb5M0b*HPV)7@D}I(w1o
z&Pt#<VF~-9?23R0IDm*F7T!t#6Vpb-jR6$Ig@_yO=&0j9u7HZmILd(AI1u+86&)N=
z5#R6cIp;1_-L1~N@BIJs`Mi@)s_(hyoO{;iJm=ZYb4+0>bp%}8v#1|L1jX9Bv-w5(
zLAo($ki;CPu`OO`MXVj%5og7WvePbWa-#uwJB!h>sss(JM9Uo7d2+#a{BcUqW^c>T
z*?%8Nxz-HCb1A9-OA-9TJCU;)iBPV-jEme?Sf!#-CAm6Gb1EKgJ_QzAucCSgin7^x
z_qmL8Mf%k7JXSHbYoc2-^N_+s9tzF)MlmCBG~Z(wN^TSi@F9qfwJw|u=e%HWb##v9
zwL$Z1LE+t083ex!Dt`#d!Vy}-PbL3Z2D7b~(iVzmy`F{4Qg23U$b+BfegRmFLYze2
zTZ#RMma@9$2SqPAZmVFJ`fUASCXLb^ORTM7;zK%{>h6HS{{%4FI+L+7X&x|MG#6sr
zqm{RlLecufW{6VoCq(`ouq9rX!g@A=kWuSpDAJ7S;1j+3@Lo@f+qxK~3};Vjn_R{|
za}($3@=UOdJopSiK9Z?lO!pzYzm1&=cO|kUPkbV$CB6QOL3Z*NG7mZ#iTb7QT^-}2
znW>MnC`~ntPCKI9L2rHmiXWdM|C3Z-w)G4fhw+fA!<(teE`woAP6;ym*-bFW1^s1{
zeI>70mgEEjUuDk>m+VFv6Vn2Fu&@^G-@~`7$fd|lb~-uJy}WxpZQPeia6!x25veb0
zX&e2SWz6?5I^~9@U=b}AEg9L`NLKVLzD4E(KPDoddvFbfX;m~X@Y3+U#)00Ti*Yc6
zE*Z<4xz@WFa>p$AwO&2P*1D-4y%cuh&e&8+D;y`^UI^}Qv0{E`7^mHWkt5w2kT;nl
z&ULa;;mPw!Jx^`qAezQLZY2A{@nXpU>Tz8V0HKYS&WP1X9Y1v!icmd-c7<FR0=$rt
zBy@O0ke@LC)_9ytU1(_;%WP{WS@wEHo--_}IzJ9_$+mV8_6v>+ObnT^1~V1Vge%am
zq>1m&<cdh=Bm|S0pdKtc!TBH(ulcXw)+ej(;ofX!uP^_=XhB;A#nyAE8sjXtlt+V+
z-eOPASyNr2>Ai~N07DPIk|pc?gq>JnO;7Hkf*>xs$@<ZfkDFi1+d^Q1REgCg1U$)E
zBb*%8iW2nn=ZvnaSIALcBVCCJd;sDLH1&}jrsVV}y^W{x;apj^sFwO0fEUrI12s5{
z_vwQHhY?-Hb6d9xpv+)RJv6g}l|c5~)*DHv|DL%*7RBcXTK}Za2i+=X5mALOvFu_d
z{tm_yBaZI^`Le;$<{}LoY*-~lmC8ektZwoKRkc3XhQ3tiWi@k<<AXElQLgqO?&3s)
zF~h^W4Y#m$1e`K^2^v=%G_-A5i=d9Tyc~NQO}oeUuMS4u>*Rg`Hzo~!FA5LL8C*7J
zK=hvW+CIkpZyY?RXj1|?sIYA`HFFhi0ZIeL<Qu4pI4u_;_@W2*%-+1y_GQFoHZB#J
zySJ9t`KqHC2qdQ_ycejM@ugrsQmxEKs8uc2|G*p!WJUg%xHN-9RUNcqLxsx+S{P2T
zu?Q9z`H9=aZzwIzZy=bTcz%HPR1Swp?2R^_E&H2crI*IaOr?n6-Koraklq6bHiou#
z;M^aK^e0)#Xo3qgRzteh2`QShX*8W)o%?9=?e}SyKxW5Q{KO~4TQPU8{f-{BJ|Qfr
zP241^?w0MG5fRvYxBi(_w*gJe#Rlvn@vF3TT3O%Fcn{TZ@punuMz+-H)zl;$hFdGY
zG`*r=w+QId0CXHi5+U|851)nBzv$E6!Cre^w+&<|E#yOdINW*|asR}Ge;skJi~Z}U
zd!6fF7u%~^CQ<h`=2Z(o6we4=K3svVpHN=wy~2H(h@N2|?s2WK1IMlRSTaZF4L@gt
zCCl9Y83fk`!?!w^70$#4A-K@v%vkxuhAeumT-d=WWUoK~PZtZgSpFwIC~Q}JrP#W2
zzL7Gfm@O7b{d-cgKt{g#d_o9VJ8TDl(P`xxB(m=>IhU>S2ef*pE8Sq&mG4gbWl-+B
z8bMpd*8NnCLg_vpwcNfYdQ?=Xhk`}iep^LQQSDPps*%+}PL_RJo(h<zDyu@!I~wC%
z!Qk!DxMYL7Xg$8OL_1x~LUJ~=Y$4qARsVNdS#G|C96FB08biRJ#9y!Yk+X<q$Swh}
zasag$Fd|dZARuq*8#-L^eL)Vbtj|SjMrKn`y;`I3czUzb4*eTYGL!7xI_y*4H!ev0
zEtz6SoS}}^^E8Q#prAd=;NYlW{q~>_%*KklE-1e$7*JSnAf$uqtcaGN$)nU>Zd~Fq
z)lw!?vg{(XBvgo{_BBR5aiK*`(?wgD_%R|Mz8#YfbQgpWUE`*ul;@z{d2}G}my%cM
zyky@zk3%{?VPS$p)D^?SnP4JVajL^1NYaDHT;k>~!;;+L??4kCzMK3Pt6xT0U<W^s
z&4@Jx&G$6sR&RD>wZe7hCvb<LKc(t%$vOs5aXPK)s3sj*^}7UpfJ6GK`rtVvRPdTf
z?mRCQO+E`w1&ub2r>2_K>;32i;o0X$6YNGB-_(#c$YpIuN2QVRwGd@Hk<4ZG$$`xK
z8GhC^L(W}P!G4dA&dTTHQy@S$#2mhpJiU%AtYmjE^;*P$<9<Og>qtp#1)SOJ@LoS<
zkeS7-;{e?pW{UZqdRBX*rVG>E!jtK0&P`V~Vi9cZS2=_1xP<qpbwOisT&uB$bCq7A
z8Lf|4Itck=3QT<r;yusyJeO)<22D-Kpp8En3k2mC_LEh?I2K)cua&}GY6TbVF*RoQ
zJG?ji2cq1ud0R5%HGu4Od3%iq>CVKq2RxOdJqe^1ocOqC{o^N;vAiTTmIglRYtD8M
zH#w5;+H`n${(ze1;Taw?H`R=`5G~-SFOXD)`r$0&*0Ea4Ho7Ga5L&<7=wkhxGijRb
zKSGiESla+*OTBj1k;TZYfH<H0H&p8FN%MvAzQWYGS<uQG*(5k**ZQ!=8RsCk+jFFK
zr#%a;PbcG_&Di+&If-SC#jCZ?S&047jvG7<Y3QNT`s;Zn%2agn=g$W3Kt*Sz1*H>T
zLgUuwY^ihtw1~pakpMW9sWRSG8}9=IyM<uc{t@52HE2A=jeQVY8LWD3w3Z(U4&3PM
zj>IcT=7PdjI9cQ&$7d7qq6or>4~_8I-`e~cZ}gwUXIe4;6Y*Il_*cdN^E1W(i0I8v
znoI^*%d{SrBPVDiK;nKt!c!=?=fBxT8!RRiBoaxmB;<<maIUo<ks=epTjNhv#9|`q
z$MDDSqV!P3280M&Vuu?Sky*saQXgk0`41F0%YTqyH5N%!i$*`5sU_?+Rw69lOM^--
zrLW`^S?twY&SYnHbhhEPxj}hB#Pb(|TlnTu^*amsyI1!eTp_RBG06)t@?1c(ujCFs
zCbr_odO^G`UE@v?1sNVP#DOW+Ysd0pabteKWBL)cp0S{yUT`gDAtsU;g)LXmXp!LB
znriTY*U(N3S5ob4b+*$u6-V($oZwNuiA;@eeY%Oct|s<q8;zUT<1kTUl=j)ylWL!K
zpQ~7K+6SdWMmfsfu!n{3G=62B$9k^ts2BMOb`Tvzu)`YVn6{nZNDfUX>gkMhJ&AIJ
z`8WA6mXYNc5R)A{x`V?Di-Z2-jqaET);uAaS7+~n_}O@N`1e>yCAl#d?0$vD8h<Zc
z_ABUv{<R0Ge~-3~uzq21*&a!N4Ar_bub<#`;hs<OchR2P`MabX9c|f0ZaHu~)1IT@
zc6-hbueaxd@cs5&7=FQ?i^7NOxnDSRk-l3TuCV8lQn<|pdc&tEu;&hHv2o7Hw{(C&
zIi{oXxLI)HRi)AH+=<26uqJVC4EIo+A45aN<sOu>lHF;^0v_Z2V0OJb$(^RoP<2mZ
z3ZO_(wX}q-k11KcfNI6TV$ok(V3(zgpA0^HH$$t1tfFN+vrgZ9ly8)s4fbk+(M<=o
z^<eTt4v+8~9dGdoyvxM|&T;~;5S^}bFi{A`H#s=K%U5vy9~1kTP0VrFJ%-cA3quu+
zS9JG=lVdu%s1S@Uab*kk#fr3(@`gAg%rI);`Wgp$ifgIE_#$Ds&6uHaQ#FE{q?*XQ
zyQs;Nc_wA{_Y~g|6S%^kiF~X$A*r&7kVVd93OgBA)`U#=JuSXGnAZ$yyk|04gB*EA
zBs0qd+sLDT-ZKAApvwn8l>|SX1V57m?^4jKIlxC*yZ>Oj`krlVf*Bn#Lw&Q%KG(%$
zEZ%N%w&-Jh#<Thw4KCnmt>>$Zd$c5k)?Oh<w9E^@;~-Y<CMtP-B*QTAIj%?#3Tw=1
z*Jo)^wmt&LdM{q;O}0L25%f{}`cruBur@jgCU+j4l{HDkL^)^8qf(SsuvsJ>>a`b`
zmU~@<Y=8T5rTP$sTHDAqN}|!tG;iW-;qX%+w;xNo93iMqaFOmO)wqc0gdO0cEm6@c
z(?wTuMJpQm8T@!{TvAj6qcQPi&8y1&9M3BfSaV=jZoZc2NL<Gu&rIudZLkSjA!%Gi
zIw&d`4NQ5VK}O6{j91(_o`^yCbEFoWEqC?3rd`YRUciQNO7u}<K8`e8il}H1ezJlo
z!3GEvF!3HW&fdTTTTW*YBV7Yr%ce(=G3k}bSiuGFCvBhfWyK&{X}*ATu$*CrY^AZ&
zZD*W~G2E1EoGG#*X>AW?5Ux#HGu&!LOB_~dOh8|!JHl@6Q))@JI8w!0qv_kkt4r}d
zaRcpn*0ec5VitMOif5pHFd*@l#{Ga~+%f6#<KAW&a}y>5pRaGA5O{Mxp4xT45s#;u
z_CoM1gK2)pw2xg#`*wDWC)by`@$6wd8^@;x^N{YrqzQg7tqDEQFo6DqYl0sSEy8ak
z<8dqXAwG`wBoC8~T{8n@eIc-DCyW2mz)U6sGZqg_7J38A7bHK$`WUV9M=jH%b8mWd
zwrI;p21w&`3GIFMpBbN%QsZ+(_xR8fKR(uy9=wVHQ%h1UNe$AyZjh)?Yxh8&&>+z`
zp<wtoHUglW6_t$uaWD=e%6GsSDMRFwkPS50ZEfea&B$++7`HyxP)@VlOctnu`ZC(o
ziz~Hqeq?VYKf1RsKYuR{b_zwj-PD(pXsC5BH~sFdZ__JAMVM~&jP9);rdMWJj3hy%
zQ|8^rv;3TYZN^!TP}U-M?$j+59g@YATW1&ROG$R!sP;xTvZ)`!XYbNjpnmDikDhH8
z?Ul2`h2gxr<1;s00Q9HW5rTr-dKtqWc5>{_egC-~EbqQ^k4ozEY`z$k<P!VbgPWp<
zOHqm(JVoIJc*zMCt{g5vz!h;CQsN|XHFs-tPDOPKPjNQTx4EO{t~xNZYdlUyTFB6E
z03F?M-aWTKR>yCOddm6t+yZK1|G1&wXVG!I<lSPG3)pwGw<b(CjtK?4VYUW4GC+GX
zy3YV=oc6~1-r3O(gyTtvGPTMp8MdJPnJIP$wyDje8Q#;*^Yxrv3OP}BJEq$yjlCmh
zIsARRUCFjHYxf>L*Xm5|dt0MgSIt%{8{bnej<(Qr^<T36G;3$#uIlW|8BwWmUo?Z(
zmwMb6`Iboa<@(wB@rk(hq#w`w%l+uCk$&W#I(t8Qf~%Ml>~B2`v4TgR=&bFu9p_P0
z_B1YVz*NrV<Hg`&Djv#oR;JD|t$dDq7NMC1U8QQCtG%N)NNoX$6Hog)>L&iVSTckY
zfwaw+c%J85d$LQmwdSFn89CDw)xA0Y?zGfksl~X!)8Q(2#LAzlf==U>t;YwAlXAm$
zxnZqmuxH8II`nl+%8fzjcYSE$0Q+<S7f@zYrtpZ!3ybA?FFOunYyNK9_yV<&8_~=;
zzG>Bs5|f_DHJ8A39|V?H4lh~znpTDC%h~Rj3Q|+a10+*75Y~X_8{1v<S$*?hv>y+r
zO_xn7IL06sN@wm3@127|jcFYvnQ&hniWJf%)9Sr;#6-o4)o~g2qa-h%AcvDfNIdb{
z=+u$c%kJrG^s)%9ar@e}Mm0ziH8%mp<Zv7MoEcW`9e;l19uvc<qb;*`-{Z8k3%xEf
ztGBUn=GK%z9Xb}|+5r5&G%h#2^zQWQ_??*`c%i{t2Y4ZA`V1oxWV@iS+zEwH=o3=R
zt3o4}v8DF}+@S30EsVs)#RZLL<htNxJv5q!HE<~#Z=9L)IWrV6p~KbDsi(h~J!swy
zd!9|z$;40ohdS2T4}-2_U{pHSoVh4vk!dLij%ePW?O*fdDmhi12m$UFV}uM+N`9!M
z?*sBW+CQFwO|qJhjs3-%8f!VT?ek0b`j=W3H1C?B*RpmxVtTKU<YwI<%T?cBD!Ox0
zb>Nms^*uJv7k|a1`f)MM|6i(4wocjLf8jR1rQv_!*6olSGWeelw|B4%UnG3%Y`7wM
z!7H^o|7+~(xd~T>T}UUpDyGbEiZ=4Tlr*3*U#zT4lcXRmc!*dx2?}5dQi6iBQ-T88
zt9AGmo-elj!|2OtvVs?po?_pg-Oaw89kXu<d+VAdVL^o}u%iuST?T4A-J6sg;V()H
zZjKl~wfQ$}3N!C{FQ&DB#hy1mwddLSv1orgCXM_>K`!dt-#RkS@7T-INkJ3S>uLMe
zht#+k_N{f(F}Pf7r}iz%j)pO4T$*m9HYntFe`bS<H@wk!!_fxSQRITo%_yA~G_RSV
z+1hy4;v~3hyX{=S>0%lkBdbk@kxg$hWR6-IG~)TO4JDmqe6C>N1X?wXw)!)C(Ls)b
zfu6c&MtaKeMY-Vrpe%~T%{5T83%33LrYvf$YeGuQ63e3gcdd01ga5x=YyUa9hhJ&`
zNx8?+B@vhJ<ORpFzOS);son%Wds9dct`P2dNQ|>M33!<4jIVHa2jeR_<=ZLq?^I?c
zvt&yLZ=Mg&rT+Q^#g)aaQU%2#Ml6ha?wvcMx3o}7^}1A;B?ODZQKT7}vj^)v&GQq{
zDFn!SV|7=GvD~hlb@p9UPApPjkIn_R)9!2C9xa#rz4?)|jxG?_!*3zKm+{-;pQrQ0
zT0UsXtc^=pJ}(7R*5u~(6<X+xD~bJ_lscx)sK=H7bsPYZd=|#ooqCS?JWJTdcVC$4
zy8|tGsV^^<MwiL|PvkGuS6K#k|JLm^>%ZC;Q=$33th6%K7wOoh^@Yiwxi7<(puR{8
zH|@KPmONu$q^c{_S6c?x7i59Kb($CF4?k;m*yY9(y_~*&8k2>cgQ<=*aeevHwR;e$
zm<c%|M4Nu#*u@$_>HXrTGj2z`&WRXDqIhBsUVGx^yj^CB>E_QEQz?U`vUxLqIE*}4
zsG~*feY2`FJBS2gu$2wo#_u@)d@9cu@oT=3KN$u_Aj9`N_}=QSFQm`A72Dk7vj~1V
zvaC}U#Wv1Y5z-=dq|aBnVjB#-gQJf0O-dJZaX5{1!A(c{eo9wt!+L5GNa))wJy5jp
zlPRC%-Baq%l}KOkx3qqh$;jg+g!IH*0UXH_Bcedh{rO3?&^X*{an<$40sh50x!S*2
zj~4hBYkr@9acvbYbAIjcmW7PcU;%4gK|{HaTE=74C!OO~|2&W9PJT}Lz=#;^=iNG9
zq`^=`V@iW%N@kx#ZTa1bXk4HqDQ{D1OJ||IKzWqXI81p=8|^<oKuL;dtWc6b-hG}Z
znd*y`M=1>vW1__lrlBuU|G0Q@Wsu3=Fot1Ja9%bFJgSSF@K0Rf=s04gku&jZXXciY
zhkqFbT2M5Zz+WsU_t%soOVdEU1ZAUQ0$P|Fr~T$#nwX5mx_zVE$jyuF&@@+@_!h|-
z-(G)-X(VL2RAVE^6mG~CZjkn%P%*P2>q1{?;(O?@o%KxQ>)l{1lejz57`>2kUA&u>
z`q65Ln>-7j$&2PRe$f!eFPfA1MNk*N2p;1XL2CRW5R6|0obJUf2(1U{HD79Q2{N+b
zKuY{L4#b#*vfP;Th)j5Dha~fnAsXX>3opgge~8BIOfCgsuSAdcV=xeJ5zi^T=0}}Z
z4vm2XcQ;slJFWxOP@3Dy3&WM>eWYc#E4nw6H@NlVbS&dE$sqvX%0asQty}aPU9_zY
zH+U9(t&7$GIvBRx<5yCG0lWQmaTgM&;dCg=#hpT&M%8VTF79CBG`J2sy0|)V8e@m9
zT-*?G8fu5)EKY_Hf^fH1-bdSRv@yteh5SgR`FbL=<9X?no!GY+FeKL~*32rLAF4#J
z0W?<{&xi!ckN1M)8cd=@%kGTH(r8D}El@oiCOM9QG($l7(<|r{kJscN8J)NXFB5D?
zVkfO|41}GUM*{ZOjkpd7W}Zl+UKX|A78b@Mk4YNuz^L44W({J-%Q56I4p2>;8Z*H0
z;A09~Y?BZ%{D`Kzl_;9$ZPas<>M>n`7U41!xdl)Q3FlqAhkebF<{WhHl}gjrB+5_p
zKRH(AJrHN6Xv2vAP<Apj9T$qkgRboDwQQ`~l@wXc%~obLr$Pn%?ns+9-7ifm)_Xit
zo3Es4FHhQ>4_|(8T%%u7OIY;YLf@9p@k~niR5fg=>xYecr8x0*-}*;05vkeH8@`ek
zO4pqT0cnjL#g6uhbQ_)?_u9cYs}3wm&%>+Z6fV2hB4~}#hH$mYb**tLfG?O;eQ|yI
z3oVfuzR)V+3tFu&_NKp3(hOf{z3_!mL;B{n^fyYJ;Tx?xeIum<O3?6wsc-yxJfVm9
zRA=(x?QtfDTTJ35u$QPxHFu1NcE}lO*5(?2D6yPA>=+o!F?}e7rQ#1Iv(twi<6}9d
ze<++4e<*#KKI|AI%Q5{!A;9=U=|85Alx;H8Mk-}Xv^Q}7G9$bHh2pqT>R$KwihF!j
zkCEM9b8p{vkMHQ=t=eEGp4bC1?&%`#@gQj#jMnbEli)X!;J+zowD9ixlHmPGa9<Mq
z7D2<S&L;u<5c~EnwbM2^^T)2Y>3P(NB#+*v=TQ%nJbIg+N8L~I=xur)jZKnAZ>c=s
zQ?>ca9eMQT^HdrBr@K5~BDTX1uk7ZpA^nwxkJ&uH$K~*i>*1t-$x7ZCo5~G@Ujy`A
z%7aSr1FRCg^tsYlU3ALPo7ieG@`_fZ{6i>TDN+I!4Mk1-%f5L<cW^*!FgYqjyWM%)
z!-GxR6C24o?R=Hmnc4MqN^_01n`Ub+riFE1uX(7mO+b5%zOgxt9AH5+?AF()xS{Rb
z7h^QnMVjrKzA>Ai%r1c%4iNRAI*?w`3+*|esA~soQ_~n;#5Y(}(>4cp`hqHT;{OzF
z!P->Ijg=m6x9K2fKuHJ3X>^o5;?F$gGjVTxDoT<Fta&15qzsQApZ$UjCq-u}Gr^OH
z-)n717Kd-caY-A-d>f!9bpU#omQb<v9Zquj(?|YL);DH53LV!yetdKmIumdRCwR5$
zc4w}9xxU*AJF3J|ae8g{&s1BqDaHLA3RZ7*b!u)G6Ccg323nU^t2fzn`L+f!CgZrp
z#>V`DwNC_}bUDX{56J}U;K%JBuwh2mXBpz*R5{Pq`TpfJy`1h}PSMM${zaa#T95ZH
zC+X#6{~{k^t@HfL8G3nwf05%x=X;w<<+aRXyX-FE!rg`tv%7>4cN<pB?)s*}`jg4-
z`d1#~gYKDtGsl2-D}@X~jCK}zx1q@FE}=&kVTdxjOGwhd*`dqqF5yQPVVE+zOSscT
z7#7X$654bT4uM8|i^rd8XM(TvX7kYD_eK3m^5~5`T1(Qv;OgJmNHMQ05C_m|f6%xr
zf#pdDSS+O-P#c~bU`dSyVeV<cWp^vGegsR;?z1pTr#%3U*cq*{PtLN&;PO^zf3X^q
z^|mxP`Y8!Mnom2^@TY~W54@K~uV=^vGv(9Bcji-v1Ig)x-{L8<0V2N32dS#D7N*lV
z9_HGUF#t)%R*>S?fdmuy6jU7o4~L<&aP*ddPZ>cTH+Tnj_Ocs~YOT%dM4tLu4zNJ3
z7BqQEYTt<=ENZW8^slEaUGto5+CgJSGS7!5^Q^6fRzq?bc^ICec~)dH&yJ`U`Pn(y
zADMNs6X4gRxxHs;aKhh4bM5BF@1gNpNc!UZHO<%;<<?EP-FtvwR@*?_7t~67=}Tvm
zXWIiJ@Ay`F8a_9iHe;LP1^rjGS-JoF+H9r&6>W}DOw#5*12f7!8_YasCYVv=|9hCR
zYG;8Ntw$%X+4VhIXWfX_F~F@g_+8=?2i@fF!lOTqzB4*hZ`2i);o<RzDnrCbG)_?&
z^IRQ2iptPB9-<D9qgA(eo|Elpn=kkK9p!Fe!MkOmcw67<-x&^<{2;2s+Nn2dXC?sf
zt-gqq_heX%($xre-Gf88_Kx>04H(|HRF~Y6sl-fw&u;ZK)1Tk1K4tm~yKO|Ue#o@0
zw$0QA)Z^7Phx!5bE@6ze6HapD;tU91%xBTK$#0O(DZWm9YX1cM(TffE&v~wbyH%C`
zCHyrD)rajq2p9I%d7@{PCwg8AoauN*Hhh?`Y!7OwR{xEsw(gmc{)uW2Gk-f%g_!Kq
zxJYyu)65&&5sl>b+vNrat-p)9D&IA<DtNv6X*+Ai05r2Jo^r0Bjls%wJ+n(=Z7x)}
zfZfKqi>P%SEm}Q&IGVB<$(P)@#c0Ew4WVK9jsVp8-p&L^1RL58j~x*K4vyJ=LIZGp
zJ6yk3a~-VVFn?y3BD1X<HK1SR5X1Q{m(g<2+!3rR*VIq>WBK875S{}MC>Y7}2Al8e
zG(606SAplXRa@(NRq0O~>$_#0Wv5!;N_g`5!w~<fC0Vbxy0xMT+8-jxl8+es(;kkh
zsggZvAo+EV&Ei}Tyixh_kCHkTUJvyh2M0L_mj@=IgK+F3+@|mV@*vv!Eb<T`VaVhm
z7G<AVe67bO9C1ZYd<<BEgu`V&&~*&BB%kr~k@3k9+uq1GL9e%;MHt{O%aVNWU-iAt
z75j4uldqvEDQEbcB=@K2f3h0WW4pgj2cVqaA?N5la!nuIX~c5OL@x1(GldQ2AroKG
zDR`uMdl-Of)t#Q_{;unke<cSItsnkF8sG0c=gW&j`#@UgJHiRx$U{R`*CI{AzOhu@
ziRqpp%odXo^4^H1jZiJ!YrGFl{#Lz?9ZuLaAfWlg<wUI(G$w+P>u%E#F22S=thryX
zhTW=u;dShT>eq;Ok-;4y&6lXuYOOk&_DYeA-u#rG{{?cHzaSoq`Hmm&7|Ho=By~~9
zS5jF!hmFdr3%Ujlcf_N9^0{%OS~LBNZWK8m4I1qe%;`FjNi4V*H&zI6YSqPi?P@Q%
zEyf00Qez-$u`dSS#=aOF5Knvw<7|o2<Z>8l=n;m&J5uBNlxR@rm{(zv?|6EYoF3n0
z!?hKz>SfgxzUr0Ll}XhreAO$eE2_(^2lxb@_>!v`*S=jf2Sa^Gn|qm5^I7VA199??
zo3WX!dJyisl*y|5$;!8O0AS<&_{}M`?j@JG-5i!fTa~+yysk(2*5%5GAg=5((r?7}
zWH&#)<ZV79$_vC^NoKjpRUt1(62KMCH)%GQH|oy52EiAClSZRErSG3pdoT(=FT3D1
z*#Y(fyEj1o>fdDe$o$l3qqB4M1N78;!>$ywXZ02AKC$sqsp#E^ju=|OtU?-^t8{c2
z*-cA}x}9S^<KhLKKrbQZZLA=F&0L`NLt4%Gqpb69iwzrofy^dA0aK_eBUtV178%P?
zM!B*tm~U7&^72tY6j>RG4=QUV%F4MYE%B*m%1P|I2;nk_Bh9AG=xZDixwR0@4Kf-5
zEljGgxpuY0q|m$WnAoC#%E#eZ{W8iQh{})sU3?(%cOl#8BEEgkW*ZLf!}T^RK!$0T
z;sS`(U3BggYASCi2;ZjihLZAXwRzmu*Ek5bwZnT^_%vXo<y$h6w1kVrN1w@;qsf=U
z=oGkOs5+0^jqlL4JHebYg(FT21}_W-HOIO=eE7Ox5FQI@{;k3Ahokt+oZ-<q7M}@z
z6r6mZ^R*!_kbO^`<G;Oj&hV`+k7%MYrM-DJSka}8<|x=rkR57eY2dZ%6*RgOwK+Q8
z>Kr|D)ewg~OlQSN6*SA}m-2S-*n6p~mWJKyIr1=pAK#JGt3d!z^&c9S7^=+WIpCD|
zqmwSGKYVJ4L*J+&E>kg;Nmls%;oH)gfZ@cI6yU96)SU5>FR8~0*Wo{Ek;Z!@m^U8z
zFgYjKc)c5AyB~)A`z^DLne!%L>r1Yp3f(UHa0oT11LzOXrfN^raves(kDDDZN82!Y
zDOLCbhTM0Q^B(+~Zy?tD@7pfCFPC{`=g7$1`O#f-+eZiSJnqK93`5+=_?Qhqv~aNw
z7M#i);lQSna_Waqz(H-nPjA!0YSh9K$K(3&U0q@k$r4)yXgSOcqLf}+Ue-Wu=XUIv
z<<vXVRa{Q*FwvK@hM9K{9hz`=bLCq1!todyarb&Q{??C${A<~wA8xF|yC3VKm$gM-
zN1THYwl2`9Tt!FHXmY7Bh@)9kGq=Q7HqW1I?e7_0Ketp|S9Ivnu>6QF8kpS2TA_P>
zHWoDB&U<x1vJ1N#0?Zkw&Bh`(>WjKPDYB1F;`4=%7o~=Maet1Rf%evx4A;h*2U+rx
z>R93tMO&x&L~$dqtog9DW|<oW-0?>u2XlmvhmPfT9}+J28+8&d0$hZ`v<>2NfBAMr
z7=$QCK4`w3;)ZK018Rv~YS!xb463^xiUp|cAF#FVpK{A6&-575@m)Yh8*2Fss?Rjk
z)s+GoZFPtF`5do~S68^HGSaog`%>tJ72bWz1aA|L$zXK$5`Kuu6yLqf5jwa(-}12h
zIabHy^&8X)u~A(TxjkH8UBBf6B<r@-1@^_3$GF>87tGYapr=-34r&`3A<i|c8}`;V
z4%ap{jt{CEtD90YaX|F|b3v-^Y_4wR_<XfU{sYV*qs*z$C)5tC9;m~e`_b4<zHOVT
zo2nb5wjESGXyPqFb%Ui*XLW;jxzMaOC-xLt-_`z$I!}`}S)Ckz0y|!}$ILAnmD<+f
z+QE%gL3L~O;8Y_IsUA|@(%Nl{vU;#@!NJvot6QTM99lhe;`21Uc31<N_%L|1!`4K1
zqp;7I1CL3bgZ$jS!#%J5{onla#Xtp{Q1DEC@8`D?z#ZnPe~Rbax7p0#ounfkZq$sZ
z7Gyi)|3p4qi3J}`#Y>)e0C8^>&P_2)X#FEz2zQEk#|T}ajbAFKTrg5*+jZ`}M8n_`
zE+RC|!S&?3t&u4L-h3mSC4Az2BQ0ParBU6&BwA!_`Dj#8(Vg#<>Xh30%!3zXj=7NY
z*X{6OQD?z`OyI&hO~Sx_;%3e@iXs+S=uUWrp9A4K5)$tlbG%os@bv9bEC(Qce;i}s
z{bz%Wef9R4JJS_@Gycr`mb)^jzdrIUmkA!B?{Cw1!h>cK*JLpd${v64j@Wrke!P}%
z?PO%fIhH)c({EK$UU5LsqKrj1Ue{$!-s>;bp3&0;Rw$w9l65fHm1IL86?<=BY&_C}
zzZptW?U1TZ;tG@6wCc*iP=yA$BcwhfzML^avL+|(fSM_`Tw7v!1hU(hz80LF1YCmG
zkr83N2{(>MC5($=k4ko@>w6g(?sSE8>WywJEadTVdnw&CH%j&QX#cXfr+3DQvB1;g
zGcTuvqAQ`0b4bnItyeKT*ykAeT=NG4QLlIv`7UU5rZ9G3aWvrFeXg663^_LcLEi-J
zucGy<m0dUFh>%lBd9YgR0$Q{kt}`RB^tvhTQTVvB_w{p0iR0;<r}S#yuv2nz_8cO4
z#J_MmMPKV)sTJ*Rpu6>Lf2t|mv}t!>cyzsQOeFW0)oJfzSoFm&_3l}G`l!7_6vdVb
zRG8@sYG5V&;no_L(9K%H!-!01T`Tk`r@$kkl=s`%SDiQY3uG)e*qSnKOBZ!gZ|e%b
zfZ$(%3W(91FD)h#YBd}KvqW)NT#B$Gw8X><p%3RU%@dsZ2Ew#fb>k5H$-_~hJ3F!%
z0jFz*@W0PxbUn3&K-$8XmxGoYjeO*-4aU!o=*!!Kmz+Fj;Q59!37;4F9d<sjZ}aOk
z(loE|(nro{%ZDe%zaL~Uf@0sk%}|`x95STH#BSm%v0kK84IdtNC70AX2$UleNAoTS
z`c?-e;rdKa4%TmVayselE(N6C5#b9j9E{q5+*$3w8E@2%qyFl47y{Sg2jM&;X_CL4
z@h`P2A3THg`cAdWoZ$D)&6>mBLFdMoJJ!@|rt9?-?NDnbm(SL7tO2}64aFB)Hh<0j
z0<QM1M${u&{bcGllT#R|ztFmYpzyMIihOYY?R<etfc{*6Pqx2U->ZzAxx<p~)e4q|
zY8Xmhq@d1I;lBuf0reiegYNOvaf^a-kbE%#=a1G<{$_Ce)dKG7VAVPU@AT31JIsnu
zKE1jx?iB~LDE(EG<U%(ogb<IuzF$EuCd&2m@&Wfkv-9;2D%_uM{R69aG5r!XUm;>i
z**hTar{7LEN)x`TCctxv9MNs!C%}1_&OnjVZi*?VTsgWse%yWM8b1;F<#5%rq8Xu`
zDpYIvd~rAFnzV%f>ou{csp+bura=C`O0`jzAu=ADZ=s#>5kCw|%9|?8^h+2SLnF4_
zw|t-bc(}0B-5-_>O7b~%xbcYY{_-CI30y`Qlz<?uorUX5!Qs6By<0DMbIjWHHjaz_
z4Wc7lj+wLBAJeqN*(?`K7d0nJ#GCFZJ4y6QwEaFNsnV7lo12nz=6jUcnS6zy)&wc$
zFH+)@0c0cQF%oaewnaJ7g@}}=LEx7ghe7wJHUS8fYI(2j^W#RjVyVBU{u(s`S&)Vb
z!nx1zNwqAv1xGU7RUA01n^!c*VaO13rACa6V*&y3EUALrXRFDwc7HA~m57(>k}MHV
z4-lyQPQ7<m)9)N!z&_E0>}VgSKj75-&`^7jM{O|O7cH6E%>BUM{5;nWyJksn#U8yg
zYNfNC6}&u_mcLs&n|az>Ft{MRWEZL(e1P@VM#I+;u8x|bM>|3IZ@f?al5NKowATzH
zmE!3*8<+_Wd1#R>DZ4EM=`60hic2bfo%z%X5T;AySlGX!SXTm|7R-69X1OPrw;<Xt
z8bRftD132HX-DB(gZ)0~@He*x&sn&6j>!a}u;)DUg>wwAOMdYNgbVKyY`Xh@XO#~+
z`GqcuO5{I+ia|lABtRfYFZAmH(VD@ffbw7oFK`fBv~w@D$VE|n^EUujF@cYrHxPPs
z;-C~u%3a`2CX|Yst1Hf0StdejQDknzvylK5;yn{|C=X6*pFl3*zsR9&V-egFZ#m-a
z(27uK^bL)z2>Sut;C3W?UL*vX+j26*2sp`v4&~;la3zwsNbumeYp!F`P218BEMm#C
zz=mPTT>g>9HZJQ<anFzx#yUg3NCsoH#3EMOFcS9?k#Xz%)e+cWk2tyrl49b0)nRoU
z=$T|EhP8?7X`0BkqpDc;@EjJit4(5u^Y!6SZShcTNm?}JCSr-Ec6ksU|7@mqc{H^F
z?6h6Py`r%bX5G4OvZs|41lPGTC4X9_5?13=UnQ)LN^oM3Ro!9`6h-5!8O~K{A&3gt
zKL~qvQ^5XF0b<`*IQD%f^MQO}g=60(eJEDfco{8%6VEmyD$$lAQ3DHqX*b(ECdte5
z7?|2J*S2LTi3TzW_&qO<=$Mu2GDH(Y)iHP1#00NiHjx%hG`JwqPnv`iPmypUXpS)M
z1}U0B1QnBcO@yY<RO1d_)|)f_>iQJKY(PNJ0Wuq_8{K8l#H$B9UMO@evBf4_z#%o;
zlrHmt##V$CHfbin*&I|i$Fd8FDC7b!SKaJH7f?%Lq!3MTEic?NpPESLV+{ELGYz?9
z8(KM3Ufq<)FScx#BsHKb`rKV5F<f0gV+mSMM*Ab=*z&qZB+KckZGmjwVz`f{YgZkf
zjAY!P>Y<F6WgnFpJR=G}KQs8sjNR3i3D#$>`AEjZ5Sicy+2ba1K72!VU(1Ch`+h4W
zBbSJLHJF$6GVIuU#3?xl=qvT4{DT)tk$Z6Mj^PL7;X7CV4PA`fs23tf=s#mmD0oNQ
z6;B6>7DY}5((Exp&<h;hZhw&=-tYFo=yjJsfvz0JG1^G}R_~73)9CYpB?kl}$FnWq
znK-EVJB!ty+vyK&kNV?kEf*ZTm<#e_Vq7jN1X@TpaJ-qCJ*i-VD>3z~%buxexs7I7
zIz>Yx2l*!Y7x{jK=>LR#DFoql%ICS{89NOhY@POeu;@$YR?+FbO#W{7Xp7347xPM&
z2bHU${qAK!?JX{>^A%(CzXzz}3XS#tu#9fe<4({;&q-+s)+}6~4-R7V{vo{w<`VuA
zSGYZ`SJ56(Vhqrgd|k@qBJ~#2nyb$dTAgxvP7*MDkxZ};hXM>n9&r7d|3cD!OYKRe
z_Qa{|rTu#}_fbr?CEHRHd&smmuCBkQCtrW97JIO7t+Xn|*3(3lz;|oWiok>BFG@95
zw3@0(qYM7}l>VF(8VL<afpQ=>h$ErIi&uCqjqtws!pki@zdxt@!r!Zx`Xy8~6g3eY
z$u<TX_OP-v7<ebJ8U!1I+R?${PekDhg2kVV!q1J??(2im4+m=<jhxdty5PO(IY{d%
zP4}eBB@@~McpcPG|4_q)^{bl@13@jV9Z+tzQRQWl2g@R?SAT+tN-;9$5Ky;e5y7@q
z7_J{7C+ElL&p+Z^A6MgWRtzSiSgQ5zYwTOD`jF=x^IYnS)s`yR@D;Se#4Cdwb`($=
zhO3MxFu3*j>2bkvw*+>Vq}J#E`Toja<NscNf5rU1@6XP!t^rNvw=X_aPzp-z=R@8j
zRbUEOKOfc<#M-h5>rCD#AS||CEKYzq)}F5kT&iub(Aw(Ois`5qTtxw~Hj!_x(KjZl
zcNZ}r<oDo%><}}CiUXh1l&ufdSL;wKjd+`Uc%g}Js&QbKH>&Kp5j>j8HgI<djs*3?
zBG_*SeS4ztdxG)%Tv%}N3_9`tKRZskn$?Yy?wMd62raF7p3qWy6$o>W(YF|;CH@dp
z3qxZS#72TzE!s}ZrYx=JR9hs+|G=MZi>`NdZIP*jZ_70^wq-GGk)?!|omOZ${4x35
ztw1^w8V+6^z1sRg!kKQ5aJpEZ56;#er=g>C&YvxdF7L5Z7hy=rv0j*)dN8Ex$$4u!
z^>Yv9erUFG4fp&f`ni#QeuaLjlY&7FH#(sn!z%(z&4Jb-^1lL`Tmkru_PQDRyp6VT
z&Bx6AS-~WqbhuKS`gttx)X_;G@e}D@v(LFRhyOTRSv^K~RvPQHh>S*jAt)OP=-Y6s
zEWKgQ`PfcUvYjS^H8R^80Nf@%lbj&a4AX{-o}U_duX|V$j2svYznH>hr@EE?{Z(^{
zwg*c)x>j&ADBz9HQvc5@hkY&hz37ju8P-hX@p~zOFf<6(^E%Hj5xzSstGW3!`ME!5
z=6S|8sbH5Yr|_fS|31SAC;OivO^y9_Cd==CPmH#|?b~D}5N&@3gPF#`v~k+@XPYaM
zqmdU-c!E~6bRA_O(a|s_mFey8RZIvc3GgePvYGIEUl@$MIKgoteVr8!ol?Kj*uN7F
zdm=a#w!4*f#m!1X;6L@mXBa&M{+_Jy+6S??I|K{{{e6D9;9)rVk0xVpQvTk4aX*Gj
zvMrtbaf|BA7pgdadpE+o=7;$<SN|<*#O$TM11X6xOCJaUOny%92o&w|BcTEoMMoKt
zVFx#{G~Y&E>6(jsYi5%9Y{@BlQ)=9@<50^f4pjnZ=zsX8L{Z<@nCGpabgxe#7JLw?
zwaVp}@kKt;>=coGoK1XiALaB)7=rMFc}DvqeFx|Y`O22d#Kl2Tx?~Vozg%GFOiOdD
zr8%V)Dw+vYDuzLf%Nz=jW=Qf-o7bPO&NJf-L6XF7l9G_wTJ;55RdZZnXR9<5St(`4
zcOe`<t2WxWP@^=uw>E#cwxF>!sLn^BZ&qzqAwrRutCb9GZqSc3v%1h-ktn8Mf$s&9
zl<NGblZZqn-Y?5X^^jVsqn?MwcyU5USo(XIZ<|o3k-|7*sk=9s(wFY7VUoDKiL{dn
zmQ|Oh8nnVq+lth*$yD)aWL%M&wpEP-k$)ruw>og&txmqvxJgukUCWZ{>R4s9%8lS1
zjNq!7Mv#h@`z~V}g1v;FSIiYnsD)U>CnGHJ^NKiS%W~!wiO(p&Q5(a>112a*^AM=G
zX&uj1$KzS$&iZJ;8_9r=xlIBg$izq7bn04mH=XO<bgti9+b~?)sOj8*VMH>W2ovJz
z#MmM#eN$5UM&EekA&5YH->}8dbguW)iS>t{P6QoHrzW#dI|zJr&>GQa8LSzW{mhvq
zWP)SoY<aG;m&*iuGDm*O$q%FxKAZ)OO#*lt^dJ`_&5gvMIM2?YIESivKM2D!wK>xO
z^_3>Yts`%hE;)T?r6w2b3}v+OMUlu?V%Kh!JW+@V;FxbATckP0qeh)_O&lt+m#R0s
zI4Om@2d0jUh&7043c#%HK5|rhon`>_Dm5i}^2!6lbHz2}@dgY|A|#Yk4l92bm2T=#
zQ*4#PGm}`^`TYpUQMbHN!+YXXJ2U5a`+;EI%E+b_rNo|ypMOtKy(0>LC8+)&;q8|(
ze8$_O!In~OJg?KQZgb_ND?<PJpNwb$--~V(D`xq7V$nO>aA!{K!Kah&<H<hIDGN6`
z@bG8|&3Mt%yRzPkccWNp!nwKuNV3Q~m)my|J3_S!0?YonJC7tKa(5m*Kxp9}5p;|8
zNR9p9f60-w7HjN0!pCXRC)^l35%}aDwv*|zvmUg2*yO|jKvArtMt%xcgsfNhOI>hn
ze7`pay2*#8^$U7hS29_KP5K%O{oOn|odrOPgu#8#2W;B>{X6%^_wQ&gPfm@y-Be(u
z4V4>*KSi~96TLZh!uSW{zxNB~ZH(?AIxkrLf=Gv53_i}*^GWs7Nm%fK{Vr`rnW>Z1
z-E-->t?$W;6wBOay0mth`x=rh)7ll>ZO2e7DX|v|)U<Z~!gJHw^_kYLmK!p=SYusT
ztdlPn7@#ADl+jIZ1l-!YU)TSYqr%ad;Kw7I(%1E|Nmuq}s(oA&Qbqe*zmow*hk)p(
z;x%+qV)UY+<8pJScG^@yGS#J`yDiu^B&&>LuA@F@l_4B~7IT)5AP6R}Q=@71AgJsV
z#>-#W*sa6kI^coYJg>u>=Wq==yun#?c(ru@hN`tpb!b}WXzZ|W?64K+8e28qQgi~h
zUf-gw^thpmdf^m%vI~7IJxdgO3kMgb6npc-PwU(HPO%4xkSO+CL0+*(iUT)4o)eX%
z9vO#-^e6|VShMF-rP<Tr36{&y^%2J#;Njgtn1SBJKxXQ=1P(!MBQ>ZHeX}R|#^F%Y
z2d)n09US4x6NAcGQTV!`a&r{EEjX_<XGrq4AUJZ)vWp^p;9+yF_@Il|{`Ohs^meTa
z0PXT<x%M_TrM%&DAz`6)nynByd*L8U&r3L=lsb)TSN#GJM%R62-(cQ|67g=Oh|<iq
zwnwGI#!W`X7G|}N`!D!qSA$#Rn8rVoI;uU>D&a$`<rDjAIG$QX@6y#c`|V879~^d~
zJ1Zyam1Ew=rCj`zEeq^!aEJAmqu~Dz`e{9Zp26=fVt@P@b><xmu@maeuk^?+oDT<s
zekbQ7JQnmz&Z%*H8Rg!oa<i?Fj$)qZQ6E<TbvVzMdKMGS)i8F(VwmoHh$9W9*5@@k
zQVdS?b3@l>^`^~KkRWX63>v+Ajd#cHHG~kcJMn{ThipVq05_Xn8o?TEAE1#8$Kx+{
z_)vWKskC=BbRvuSS_WWzfqM?$FoB_@Vn&=X)o`@UhOdiD%(Nhn^Uh5rBoVcpbVE{`
z#yKlnh~QHikM{Q%<X$O0THhs9wvFT8$nWuF!L<*grJzy^`XwjO_rC>dKdtYF{QZWR
z*2z@b+QJ{P2gn~LUr8O#R!?K(Gaz8dw_YhNPU;Ki_UcHo>o@{eNVM>|$E@qtn8b81
z(aC_ze|!S)=i6wK8%`?ti`9(}f?=9?x4-39(sV}Q#v7wii0Yp7tpzJjUY)d-A-2va
zxz<0-jq294KGfH9lcsU$R%}(6G!3+EO&jprM0Kvjo-_?6s@iW&16#*UbA~<PSucy5
zmNj!f?4N>|fjc8&-~=cbV3^^c^xAN8W;$4ek9#IC=`9O~gX(b6iZMe#wl9q6f^gs_
zhHS*z<t%JGr}u`0(-Sf-q6v5Wr-?6QR42n4XHN)&2fqeP9H8MkDOkND!e>7TRu4ot
z>=knc-!`ZAd|HdAx;Yno*3s_L?Vtk-K4a@Jy|X)KP#C)3L~>*;7Tt(w)?S*wl%ZG_
z2eQ)*#g_0jAe1%~W4U=lF|o+`ZbPx3D}Nz7G?eQvI5V*l40_3#iS-WExDzjJCWhoX
zF%#=`W@6ku+-)W%v)hvdJJ`G+>;5Rg_;yFQS@k7t9+st4XC9`IGY=~xn2gNB%GrLd
z)$-<H1zx;)m?NK4=3zaFc^I~C&OFRnRq4oMmsM3nd}CFWPZJ=RfNl8@nsKwLlHr$G
zRYf*c07fvxFh7G|iLmxB;j3+gMbk&ehW&Z-a`;(*&bc(=B=NsP*W#+;LHGETd;D6D
zT>YN}zjjs}p4M>Rw6eYxm*u?zmBZi0QIu=NXLnnH+142NdAHS(b2av)>bQ(LUOiKL
zdtM&3cZNE$=Ex0FmwmPz)|B;E)Up%l>zmmoT+P0=tgG9%DyiF@4L^~(InJ#XqodN9
zXcvEoi&qyq;=NA+b*Cf#7?)oo>f@8Su)D6{te^;oc0WW89>3uca8MI;|1d2#e||14
z>kbEBO>0~(YZHV=aG0w@CDeZbUbc#e*St$k%9+M$VCV6B?eu=RVBYiGL3^(7Ws&u+
z%Is1b*%}zSLxV#21P0GiTte#+GWo29@b8jD_1N-72lqK>TL|xnGt_M_PJPX&s*}_N
z<)OSkiSt@Qx+YNU81;I=^%)s6imLxwkjMz_{twDoa}2QA857NwAA9AB$6mb7XAQsY
zfQ!iVI<{pzhto&S_A6`N{u=e*#LebcVvz4vxp7t|^TzoUKhW}Rx{!2aU7`nc%+3ty
z>I*p<U;jF-bs3dU#uP5!j9I8FYd)qwZ)Mf*qJ$l<z*gBBY7AU8ti2+*EMw$$WR}}g
z|F}-!XR?L*odhcRkz(sTIKK{LTCejPt&j57m#Ke%DDC})_SIhJQfhy8f;e|;v*Z6K
z3w9=@YNNg9w{+Kq9*#r5i$lLBWa7O&e;^c0DR+3)Dm<c{N-NvvN<*AM&f-(vIcv(D
zO4&8jHxJC3@@BHn{7q&xDIcAww6(LQ97D>~_8}%W)!@r#io8*g&+N*1=S-3N6d88q
z?61!d$pO*JrrKRO&z>praz$R&mGhRFBJY|h^1+!R7wkVnnLp6*&Nzs-DEkBAxKcxP
z&rFd=De`AsId{$!`H&)i-j#FBni(P=OJw-RnI`wbSyP^^f^OCs$W)78rO3Tqk?&XJ
ztGgoaR^%;Rkq;=cFxXk<iUyIDuE?Vl+1C|$p(6XcB0=w$P0j6!<eJ3k6}?H3e;V$r
zed#M_h<sEzIg{Jb_wn%=A}{QU)ap(kAk^CN<EIo`ETL9NI#TN*)M7|SY6*mb`*ftB
zJrsziBh{l&eM?8G@u9kricA)MC=8KKiBV4|e3MRzp(Yd%rBZAjL(OP9Qu7$D=&aY~
zF+8d(Qu7#I*cGXH46p8r#HunkZ6q6t>~504H5A~cn<Q`z1-L#^sCepPjpSTi{O6$C
zBG;<+#{dvMQV80Ct2@?g?*^%<cLUPYyTNDb-9R(-zK%+qUS-P4vn7^Fx7C$;H-JsO
z8(6ycHS}!i6X>mNZ|a@Wb`uKO<(CZA|CL?T_v2X|`N}Sz@LyrcqIAB?JMvXrKB2_o
zlCgBYD?0M^xqQNsr6udr`L689SIfDK!kkqu>q+GljUjopc=*t0hN)*TK^f~;wtXaf
z;)wliZ&>STgH@UOt!%^Cznq3#MP6W>KlwMg$TdXzpwb7s(^X&I?$`MObVF2D7LhFE
zWjTDo#59`ubl}2~{a$Zd4lhWeTAM^Jl*R|bD~NO{4?>9T?B~qCF4aINCxe-R@O4W6
zmcF#~4BSuqj|;dz1QjBT(6^0gu<^*7Kh+uA_nWxpn5O@4YhPExG*8=U-#;0>m2KTm
z@3y}TCDQJrnX;bx#qfr`oO|lewco*9>^_RvY-=C6%9&kyY5h#cV+*aH5LF!Ja7XJ;
z3>1W`BI*sCB})AFQx%K<>P+kJ3AMk>1nxeDuZ@NmP3UP=EAib_RR0>3T1;O``s8&o
znN0mV3~K#*F<Hsnr_;0T!G)xMKb@Wp&`CO-P9~e#rLMIeQu}@o<&r+<eDZuz;{b^s
zca4Ks|4z=b>kuxwXX>HvAkHxGJf(iM?xBaR2l=pKcC!1uisjUPh(7Hsdb^f6!O5pM
zU4z<>T*}GQa^wBE9h;c|7zDt~iO-h7uz!of!iy-UPIh+_b%>=Y{<L}BDdDclc{=6%
zv(07eMNqhae}BHSI3#WdGY>By)lpHB6T<YYVmQ{Z9{WnIO*||^{l|<?_~Dh_KN)<;
zfdAB;{?8$7(Hv$tF%ksutngVcqWc+RA53W${*<rFO&FkHN*K;1Q6EBvUt7|5lq96)
zl2~>mJz`0BDM@(DCE1!IkyHE>`F14=dHF=iIY}I~L`0CmlrWZ0l%x|2l~qb?gi}9;
z&hjY|c#?8}rJOnSqa;OESEL+gDThw|BuSCRl$3KUWyRF**t30UvUefnGE3ojw2hNF
z%ml@KlhFjl37h>}61*=7-tU4(NGECdW1owVOccE&WBet<Z>}KWH%6-)zu732!%hrh
zQsC)0&N!-RSdQ!AfT><%X7cW2i99}(F_LsDXUu-{#@pCoG^CwJfnkw$7U6Vu2DTFx
zoL3Ev6fje0Uj@7wP6--E+0K!-<2Ys@G)4v=XUACRtJ^I62Y6&IBs-&vbf`%;NT*Sg
zUt3oP<(D|QU*r?f%LtNXEun__E=+LID)H2Ym7J{q4q)iZHs0SAN>l11?8&Uf3+ZQX
z^D5F)H{+Cp!8vv_PUK9($zfK6?_ibQElow@R?@iF@aH7BeS<G`C(aJ_+%0@2c14)I
znJ*PL`<Jvp3XLsoY%liBbD9%_fW$Gh_G2f*9|>-HM<T<Q%JXi+6}!~0tkc@YGZ4!R
z@Icg=uQLmH$K8<w4v@@9Wwm<fjj3)^IQ;+X`gS;ZL|k9mVP-V%|6*;jZLIxO=G-^O
zaOFAlOaC(M!wvvA|46%?gk|@m3cA=oC9xd$k21_raA<dr#l+B&(Q9sZR*#<DIUbNR
zQ@;WsPCdk*;rj30ay}tb|AU2C=k-4+guP`}eiws#)ZT3Ui`xB6>QK%X+IN!$fjh<>
z5*wMJ*mCk>N!B`qeFl$7zvKlyj#=Am1zu1!W2Tq(jKmG&?sbd4&<SJgwT>XHBWNff
zCf}g~<z4A8W$49ag@XqjnzM7u<ET4)oB#kzGwmEAg>*={93Bs_wtqp?&VUP=qr7A@
znjBlOsW)n8)JJCEu>|X}?Pt>1*1Mnx`!c&U0i|N=5GI2glJ?_+H^m>w#H*|i4pQ%O
zuDb^Kx~2&QfrosFuZtYwa|!}>Ck>d+`)!lleT=Tvuj24#ZP3m==rA(K#cHk&##IZ7
z1p=k&puaTBd>9vPzJoQAHD_qSMt=0o{EOHjA>JjwTEdfC$T>?w<!plU0+4yOz8`a1
zmWAve9Tb4m^8r%j;43!g!mZlE%HfAJkjyAv_7hUKH{bp}bP;sOBRud&k{c)dN5WJh
z{V_Y-<fo_^(o3;sxOu+<Y-6oFppTxX(AuY%UIO1D;B1V`#ny*-v5~bAVz%+l3BJZ$
zpqv}V!NUMeXO@dC#AG^yj;5)8Kay5WzGmjcAa_0Xs<NG;{hx{fAzjW$Qcn7F%}x3f
zxk7Oh(rOA2+)T921mYwn){65EE^u8yv!`AX!w9;n$!};~OzRNyoG=ybS7{972V$=R
zI^A0v9<GfvU&^;QPaD~5hrF%y+Wes!Hh-x~bO0B(QKQ{swjgMnOvany)<~bf)#SXU
zzn_S{see+nE*`EfZheXnK(@H`X#x&7s~YJAfIk3MT_E7aLE@yAH?K(_YGX34GmG7&
z&37tsX=?E=!=kXg6(UYP5nBfnnEGklE*u<U@PHqS<=(?a;~7z=pTwDDZ#afpeR=B;
zzOH|c_7OgmFqbtvYVeDHI$!pW<IixJIKDXftVn+UnFo4xOKr84dz@RjOPvX#oJ$ok
zQuHgAlaMGSvCgOtUw_GA7wITuW|xq01Qx=^9xQeV9lNkrIkbLnt=>FYL+Bk)&BaDQ
z4yg9G{upoBzD4tZ*<$N;1X9r7XoCv#)kgiTJZj^Hg=-T-wY5W>zTDpiLGz;1l=~SL
z_K^-3Z)$!|UEGwKjsrLgna0JNs|TcUF$RV)BIfku<gI)kR1frsxLKXx)TOzuGfXUZ
zPHTfC(ok_TM#WpITSNq>aWT5JsEBGaLdKg@$argYD>|5JGeO3+b;7@!Q}`F>Pr|=V
zhkw_)F4`<s-7IdJaTc-k#IhmZ-o#R_t;a*xM0-pSz9F+q^H*Ju0p=5IY46g?*0|z(
z3VWN3n^PHQ3d!JZYMfzQ-`Y$;4uc=&vQ!UCiqHm9C0<4OZ6s*m0%EPo-B#TONLSaU
zHi5%^5r;=b1l4uQdPMaI2E>6|bsdRrOEPe>KED~S4(vJJQ&}hEt_co*tlJ;90)U@n
zq>vSM_^<jxHn983Zf6^d_6@QGrxE`*1n{~M$BVZT{r1&pk1&D8F?*vO!lBA+>tM!Z
zyEHo9IlsP}<h#{0I?}V1!}NDrOYXbzYPuBmA-0olAOEwLqd|A&Fm(2rXc=r=g0HE~
zwtPU{ZtZTNnYKR5jp*_Z5yll{2jOXS%5S&c`SpyKe^8XFY{f;vm2QZ1>M9KDE_pH5
z!qA>7&Tl|5;pq$G3WO#!lM{E%Xa|(&gXY*?KR;N#EwTr?C^+<u&K@YDdmSBG&jQ#+
z_jb~u8R^Zu?7;@X4c0{0pv!10MJrG7&DWzjhh?8_?zX>{IXC4PEcJ1Wjp&xF<JmMA
z$+@^;5``yAF44XV8oJ^^vHlYm%K~*?w;dn!C~aY1O~H|-%26nMZb*5Oi7ht{cix5U
zqR>h(m~j_<s!*f~OBtW6BmX2j8&djqCdoNN=(+z@R0Hv1)AFI%^-!mYl5efMowR`W
z)>MU<I1d(+8fDg!u2Y<ORXI|1qMo7zt5M!t3l4{MR*CH;QjQ)Lp@W5`!HLgsJX8jW
z<H_H4OI7@N4{P^dqjBn<vn*Ho8NtLn74aV2BqtnYJx{FW&zU4)O6O0H<MZrXz2vPA
z<_oo2FnjCP_q8w4JAI^H9Szy;sRz-wcS5;|qHlekfbz%ydyJ7YjO(J?2WTN0AE()2
z=%CNFS|H^e70I|fSM~H0xJm)6gE;u{510`MAw%g+?$w0(aubHHR&D$Zu5XPM`H8k&
zVN$DlFjXNGnd_M7Fe_i?Lj6|09rZxOfThcjZ6EGHb+uM2?i*k+?W0y|uxWca(^hrU
zCQHsD{u5#XqQ|@Rt`_r&DJP6kkvk=GvcY%5g8|W&mqTB8XI$6WfZ#jKTxRDv^3f9=
z7f}k%t`|U<Kn6k>k`|pGfZUt7yUK->xi0@x$Icmk(wv@m@hRXjr`2+{M&c8mO+RGg
zF%y1{1;OXUORW=0%T8f9yo}Ur%E-}KdpI=Xw?H@eIUDU{GtN0oi|j6kXXqgKW(2og
z`%B!856A65-vNd-Ik-8V)pkK+%HbE3#kZhiS3s7*4v?*vfpr0lCC1IOji_fBALhU$
zPEc~3DRhm-FU;Pqc3YHD44`oFOUwn>qzA(_-K;HaKXC_ZRr}xmtRF6cbmMC+Oz(e5
z3vJ)DHAq8sS&vKFN^=kirEs<(TS>v(g@TPZ(XzTW7rGkUdXmT+2WevO@L1lBqt$4Y
zDM{qAIN84Q1WIbDatuXzC7T>4uW&bvzt5~?HcJD7!bF~0G+DwO&^O`Gs{tNoM`5$Z
zu-Uks7QtoiZb7`sp6W-kTLK##gRakE8q19hxw}PgB&m$>d{Twx#__&wn2n|yF_DW1
z3hkK{%4ZqFW!L+K{UnNu<TXCt_EHglk-SEJv3?Jhx-Xhf&ucd6L!!qqPM@tZj!Zn@
ziv-cUrs#&j=C^?mcznZEMmp4jB|~;KZ*8at<a4Fw&V2{IifOFcJS_`z!81RY68i(n
znrF+xY+f*C<o?eou~W6-%r1$Aa@C<RM2GO2F56dGLS#$YC!TX&>tU@d<6jmuE{yyG
zTg&jZGLM65ztwk(stX<Yo_MsDiFgJ&Xf$&1KN?+ou+RjxcxR|CYQGLa%dPE~>Tm1U
z=xu0^b8S2EGVrMPYb(p~B21~rqtlDDx>aDU{Vg_}nM$4KScm_hwHhfo`9BrDux3CZ
zKfB2)k#FMq@6@ejGgKuBkg8fXLoNBJuVUKGlTdZE{RTSM-U8zp_i)g5iY-H+cse=g
zHjB<q=G~13Qe~Bm*Dthpt7jj8Gpu-s=<6vtcu37zu4I$i{*zeAp3E*u{@4=a#@QJd
z<=xT0!gSzU-n>=7w>$-WD;S{_ZiH4&y_JsRA4x=0>n89=`<d$4YgEyyR0|+rR;Hk)
z4%B#-*PsTLcO~qpLCu=#{@qX`Cr5&s)zL`CP_uswHEU)V`N&<fpvE&nodX(7FEWOj
z6|+Lk%1)?}H>G3MKO2OXi3s7ipo5jQGgJ`4%G#M)oQt|>q7V*FYLcp}r@;$Ehp*7I
z@|qzL8e2|t;In)t@L_h12u@g%b<G!QcGsn5cfHRA6KjaX$PD;kAtfIt#I7TYJ<a3!
z+JV4^89`uU3IsOE&r^apHaB)7Fi23^fyffvxF*;FH_^=d<2gBbpo5Kr$YavkB##6Q
zf{jhlz{Rj}U<?}v%{0=R-GE);<N}*#9I)x7#^AAjR`BSW!i{bUH_bGKe$@OFu5&HA
z)J@^K8C&Fb?-UukrMXm7xWx^nQL<Z^LZf82rYPBiftZ8cB<a9g?Xc=$OyCdL<J<)L
zw5~OLNNNHP4JaU)z-^85tJ_i&cz94fyn6yAp~y6v)kCLE&f)Ro99%uzCU>Se+GZm%
z@k-Y3wwZ>b+BMdPxUoKT+E{CVY<=A826xNMr6u^aR<ynI$m)@ZQ4QCkH;j=j4u~2}
zF5$={b}rUU7<!b;l&>D;vfUvRc(e&xt4BLjD>TiQqt`uxa=>}Ms+MjQZ`8h-q|7d<
zVkQdV<Dd%~J>kYv(P#gZ<zI8io+EQf11dwfY|%nIrg{v1(<5@=*q-XK4*i=JyLzl4
zep*>}!tvuQI#E*Aj;|hHJ+6&{JYPGZdV<g2zE3U1BVDE1*ZzaT{jPDf$5bDK+%DU`
z5-g8jm<9)g+t;%N>4F6~uhw&kmmuiyPeXG7TR-IYOn#8Uv8+h(ob3<(ow$Q}Nz0ZN
zAzM=Z>v*Q)xujV>TY_C(vZy7<pspkTJ5#bKmH#I4?Ir)A&<^QxzRmlkq@P&mjK7%p
z1IYjCRJ?eO1Ic^8XgR6CJ|-$KgOVg)|0Kb3rv7Oj+qsW2Qz;f&_hR`F6tSjxEwO!#
zKt6|6#s!qYy$aCx&R9VoCC0+g^225->{EXO7I*f-Su>5O&w)t5Rk#!#xt@a6T*>1Q
zIW`=Y%`n^ujK-S1PK~#_2q0xlnYX*7;PCEVJ?h`3aC6=xz7Ezk_?Go;m*wAOS$8RC
zTN=QKrWKFUPhO}{je{#OB?C&QSwXX;Srbxe%P8|ZR;DwV*WD|oJmR8y!G24y?*)9)
zLG>{|-<>(XDVxwUNkLR!NIAG8H6@x%wD5o|4NNI1)DbCKj@%VwS|}aWP3f9?Qbk!o
z@IJYg)KsRTa$2XHX{k6`g;vk4uEMlTsg(vRgs(VTX)reAl#YwDoVM0D`@TR&*Uw?;
zqlz43o*c*X3qm_7*Op;=V7yZj#?YO?etht}Zv+dL^IBV943-1`-?OoTt~Fj+Qboss
zWFp%zWIqGp_0(u0M{gOn<0To>?ZYM=A7r-ct#4`q3zbr9J_cj0CH(QhF@o*K1D+1O
z$yB}6TBS(LiSz9eDYablW|neh$JMS>Qyrc~xq7eVr)2yHUwG$y3i&dBqVV0R@V^jl
zuLMIS)sXG$icQzE!Rp!V>k*TB9`)$mREw`5f9qBiTWneQjj8ZkRoFi=AMl*T)+?1#
zO4U|uy-OL=wQ<8ey?TeQ4HQ2438o@26VKG7moq!w>GMeY{1{rKcPW-zuV<uqyv04<
z;2v*vkGHwU+uh?f_jm`7_6m(E{<{vLC{-`TrWG~yBo;1V6=dO={zRYS;JD&C=x0gD
zIJ4s#-&Tpu28f{!MTuW+{edBnTa?x>2()f1@J4*=_q>Jg2Ds{+Y3wzb*eMcwJwm*A
zDjkI@ho4afvjFo+Q**EtZogtZrHo8HieVBb>g=oohoi|-R9AOtLgodHXQj(Snl*lq
zxZww=fXC0>Lyh9?m+tW(kM_wDFd_hJAELng0HZKpdHYZo6IX>Z<0-3bs#gFx-!}yp
zFV%Sw9RG`kW5-Q?gpi|6%Cd_QQj~P3t%GQ^y1cBqth3AewT>dG^$U#|49NADINlvk
zE6ce&1)nF&@w!U%$XV6pXWej%+?t^NL}VnlCQBlj5z5YqdwexEd_(P5YW&8g{;2UA
zO8{29YITXja&CSb!{N7C=$ZNkET&Sj6!r|W1rQGZzTpdQ^pgcZjHk1~`K0|oX}Q+t
z8KmBP{WH-H=1i?5CU<+7H^)o%FwVo)?;v-jFzk0M3=6(MDek08sV?2Cmt0RfH&h0o
zJI@VSOeC8*5waIbS8>+bNC)*pwKcm#jEiX;Ky&`wkh13O1C#I1d~QgYQs;)!H+WXm
zpuN#H%2ucdENS}m=-J(`2e-Y>RW_%S_!W!jM-d)2+1>@~V?4a$`A`nfaF76_z>(fs
z8`#Y2s~IscrwE?R4#Zr_WSFxrvt6&ks+M-TPm?NOFtc5+ttX1Q&oz+=@$rDqAar<8
z5MI12xC}|rc10Vzj$zyar0QY)78%BM?>j+rwUsjDOOZg1QqCZ=N>Oy{1Ms_63cHt;
zGHv$?n%~hn*`d1})DaycMsvDd?-Kgkc4Wpm2#+d*{q_Cne!0rUXVhb`iXa?U3s<RH
ztTQgAMl<KddvEgvR&>cXP(~j3P<Zhoa%Q$mC)OIq{)0PJo}AgiIclq4)*obgm5R%3
zSFD}ABGbW{9o&FmnPl%lrYE0bnG_pk;so&Re41WLC(6${22hW;p*Kp5W=Rhd1lI-w
zw*(75MlD!P1q0s=7TiHtXUsU89sD?g4euf+feu+sn)tLFK1_9P>o%T5vw)+T*F=%B
z3^xT!TB4YVfXjw^VH&*TNTx0bt28S#VW@YAT`HO!?NW#U+~jDNk{!7j&)_h!e{jH0
z&Omx{<f=wCmpa9-ahq*~oV{kH7%rymZoAOAZNP7w2yPS)k5R%pP}D?raU-*2ps(aG
zWe$0|V{1kVIV=Y22dn)(qxI$Fm0UVJg)hSk`O`j`NpL13L_eFDV))ccWc+XX`1(?I
zsZ<`mg$6rA69+n|Ry@tVnSuF<&5cP)IZ{~xQ9)sf496{@=oZ5v_&u`o`B^){acaTQ
z>?_1i<s6k`lnSdi*V><0UCq*3En?>L+70rHy!><6P8vvr=#q`txOL?yuXS?!*ZIB_
z|GEHg$|6c`UAd4>SjeQN^`AgFb5^ijG<w7-GbM`Wng%<6a%#{xu4vn?rA_n|ZR4{S
z&7y%Ad9P>q$h#;AZz7Ze`S3mswVfr%xB3|xTOIN7M6&}v3F!Z+#t<Ye49VJu5?#uh
zp-qd+>@uXeODNNTvb=AROE)Cw+$elslh{5<iwrjkp5C1k9CB#T4<9*aZ6-TZUk5<I
z*&M@u106&Vv^?POu=a%#tM6xSKF=dL+7}8#mF9y?HSRHp4SQb;_>o&@D*7_{dXqvc
zO>Ap@2B~oBYtXj{8IO&=|L5m!emsGfu72sF%}WRz(ev=Ut-qq%(!^Ty*1LIYUO@>&
ztUdOKv$tY#>XKjh?Ps06_3Ke)6}I(v%6x*$yrE~q^ES`ttIw}Gef!!ItwhDGJ+oPN
zIhMR@^L1;v^O!u}eCX-dZ$(GvN-n?h(ci5-wuxQ>uEx-&Ew(MUsraAqhuCH6swlQC
z?2|$Bt1ebJ(Z$}VSXqUTcUzQq;yKQUD`y*tWt_OYd9%xPS)A(v!^(Up?CEly-MF0h
z8{;e|G@in{HWHV9RO1ZZg}2@Np^al0|BV{|#%Y8$Sm-!Hn=N!Gp-mP#fY3n}T0`gn
z3yl#v&_cuEUg~tyn_{SnfRWKX`}2H2aFK1D1q3)o^fN5D-r;=fb39q6T7IvCeoJgk
z45-~%5dYm*sLhj1z`pap@^i~(R$4ySTLGlreWN&Cxr<i0L({HRIIU#|iF}0235Mnc
zqvGYFvN$i!I%<D~0(@ED{4bTIe*e<Sa>cY|;Q!~F6tB0r1FlVx4(tGc!;f1V75%jS
zv#@BhZ?4^#edC6xvWNca{uhH^!`MMbsjkjdTHh+Ymx~>C4|6Qw*6|>TXSELHZ|g+<
za6m>gTsA`=L|Cmed2>3fTw^78)kM*!YH#id<dy3b(s`V!Y>_6{i6iep9O<0$XzM`<
z6?vv9+BW2buF`Atm268gkk$r2c|F4q{u5%-rtJ)pH@*&3`WOL#OKGhjtgT;J<YKNI
zzA4U9v@I>ELa2J=x(`y>%HbvBuW7NP_lg)mPpw|F`}dBxVEx7Pq*fWm;#u6EZJ|(5
zLBZWvTQ%m+b_cfvkE;&ao@Q@bK0;0+v>~{N#|gU(hL6%R7lHdgBE~D#!McWi5>ZXi
z1a66~+I1sKN>2CfE=L-CJ-s%tuU6~J#Rb4S)>^9w@mS5n79FHVM<j1`mt}wVSmPcI
z_rT^*pHJ{;znL{#8)!Z^)r3W^1u~8;hv%kR;BR928(D47t71009>LLed&O{Le(H6k
ziY_uq9j&76OkU@s9F=Qo?qs#ch&|f>3_mIZT^G5a{WZN0P>p3;(7sRabDLjduo$iS
zmEuJgIbL*8>nh$HLkg40tsbVfGqw(<(M<3uYEkRC`UnlCNNhBh^3J>;UM}yIRBazP
z%oLb9t|qxHtnh%b_Vso9xtJ$;xOC753oGb@|LlN1Jb+fs%C`Q`Drm*Nv(;SjaIPII
z_8lMI#;`gTGhDYJA`%b|541Uis&7_tlWKM4PA*mn?^fRMA^xK28e=!AKMT<DV6g&Z
z71=1F<TX2XotKK_xdekVnA|pd`{%(CZ2FQbYr5n3FB3n;yKt%KfF|Kz3zuZ-$B%)G
z#IM62;=8!M9LlcO7<l-!YB>0YPVWs)qAT2Y9AzLbsRnod47R`-7R-Zac(Y!SA3Qp&
zfOTip-4AqT(QA2d&ZEN$xGbEh=m}&S{gC0y-00&n;lWgHs|q(&;bWs0C^Oo+Ajl>a
zXX>@6=Ev>3G_z!))n)*Dv3=4VP;_KlM{YJXA;i>2xuk`e{K%QD!{cPN@NxU*2m5+f
z$(AWRHyM!Qg{<Q9fj7N8=s~x_`1Y8b|2OJK&!CPOZ6#w+5H33!fuv~!dQ;B^;zvrY
zH0FnIvuD+6>2Z6a)zXg>F|#5&I{J{=wt_bBoaA@7|1tHZR?xF?a`-U{?5pC;cQFS?
zWPY|FSnQbzZmFs2|Mi#Dr+_)KZwNoF?2Y}yui0~HxX+&R!w2j+y<O3r5+z9X@Iv?t
zX!XLi8nath&i4@uitbJcQH%Anv|#c%IW#>)!9rowAtSNFs9Fk~4||R<7M5T64AyKW
z-{*EalaxfviRAX*p@aXSF-CA;qk`_kEIpU<T*nXRHwL6<@Vt;;$Zt2l=JWV7wue9E
z@FDuu+t@jFyS-s9#@o}!w0O$lfW4jTb82LI8>cMUR<^<EZ5-_r#KrYC4)R4TwvYDr
zX&ScP#=<4_vW;MGV?f`#SgyRxHOAWKfOsm!Onrb`OmR)gTTsjwT6jl;b%LtR*#X2S
zvuQ!siw@dMQ-5n~1V2G58N>R8mbh;j%htTN@6hrG|FKHA_Va0g@^;1S1X%gj$;l~T
zFj#g9Fm#fXI%sp+tKzcOq@_LF+nZZ+O-kCM2-u2IJ;nm8e0I-Q7CVo(Fb<8xAxo7U
zs3&*}^*^k(XLjjxhjqqyQ<=tMR*Y&X8XskXguce*UaQxe*`?xzkR@vC3o`9*)8yTX
zqzFCojyv|nXLhL(C=}HKU&q&Ey3!M_WtyOB#2~s_aAV2!EN3e^?|3Y`D-#J(5S$lm
zz9~7M_(VnVZ|axWe3+^Ko+{-}Js7_Z>Q(2+Txw0Pzm8vr^!o4d>pZ>cyqU{9%&U_{
z3fJqOQEGe82;#3sf2THz>6Yd{you&IqRgcrHS;MS>`Fm=;ZwdArvMBQ4f{Kr6DzcS
z3S%14@LFe|rVYQhbbroNjqoOJqV7!i35u1wKl~#-O!*#X7s5xQ7jQPrWT}1fG6U=F
zg>b<eeLj=umD*>yl(P%riYR5GuMn<}Uc`@!%q+E^<Z`Yrga=27CN?UyFLEiv;c+Bn
z!lx-2Y|z_&kUs77XP*b@PpZG!`e{jr)!$c;{)fN5zt=`>P-`{p)_K?8p=^6<DG>H*
z+SNYSHEwGm)D&1Q>v~6~r$jw?+bliMoMp^^(>!P-2NCYrazYHd*;8Nc0cku!UmOhW
z$HckNVnNg0KL<^x_HDh|zO8`Yw|~)@MX$DRE8w&IvNMZbD}$LwhZS&Hrd09N^H82S
zu>CfD^I&T!*UXx7!)z&G@0$>Gbrlqj%@ldmOp#~L5IJ>qT-y}M=@$OotSL9nn)3WO
z<!xQ1T{~;a%Vte^L7ei%uF|fXHRYz+Qo;w-{mPp=IvK9#y*ttg&J5XfWuLk<!dc<j
zodr#;itBxLS4urjxwb21Wt?(LSIX)*<(*wA`^PETgH!VrevF(ZUQI<#JuhzXU0nrT
z9jDyanG!yrf)>4{v-GvRhv#%fUZ%(^yCSceDe}gdB0sFiA9sG9>@eLa;qY6@eiVPw
z9gKIN?v(H{WxuH_`&8WPu9Wb0W&eIx_UFXeyHdh|w~_rc{-hcc-Z(>KvMEl>{<#^l
zhrd?j0dMapIN3?NQ^M`!4By$6J>F@%Q^M~m`{-?*rN=vQcS`tJa)#G*W)JV0DKh^K
zavsH>^my!<De`tjKH8OY%R6U?+^NV<@F!hn@b{{SKk3L9DDn$kk(GB5In1AQ&NVYc
zPW=HTszcM;y0Txc>{oY2PCY$dgV%PYTsmvYGiFV>Cr-J&v$XI5RX+Ugr~^j3WCC=b
z!5?j}cBEuETu&Bn-(lp+Kw!I1Cbc`l?CLm1Hcy&1LZ2p|8QxsU=pvDR(Aw;=%4DX7
zUcagegWyrC*U?PkY9g9RbnZt=LGY)jU3Q`;t-i|mmQ8D#Bw><UNZQ3kWVB$YHxnL3
zmmIkuy<Tr%L=?Kf`S8SXlC*inz^EwW-rX^Jk+(*H90y<FLKiP0^uERX*)BQ6U~?{Q
z&4g#FB&nQq<@Y3qt`vE`A|W^I{PpDLi6c_T!Zk<kTt|ZT2`X$JUVPeL6yrA7{5U*8
z#_)&Br@LUt_h5Ivmn+}sbs{3Ul~C(kT%-`mt@Q&`tIi1V;X&OWp40K6R=hscQuZIp
z+G3^}m-AuJe7W`GX;J4STnM8Vk(u&QygkS)DMd}ws#gtK(=fQUV#VKTJ?h>>EkTq|
zw(4$OxhTAv(r#V3U-$)kE)ECY!@KK}>^5lGUd=~(%wCMe9itJ;FxNR5W_ieYk|+%C
zMILLQ4BKKS!8B~L>kz=`^g4IokR?Uc!EM(V#W#zbgSpu^ilpfbS~8t5&dYA&XoN#L
z_!tQArL$elZzI2mk3OC7x%@8Sx1HY}eiB4U@pr5Ly^H5R@)OhWWqyd~gCFpFkl!Qx
zXnA1TR-TLa?a%K(en;|q48PO)ox|@Ue$A)y$408sM4S_}an&G|{>2J^QEYQlS=&Ff
z;He50fs{(~7zGzt5Ye~;&`J}Ll>?<pbESgY$<Wut3rf(w!t&ygE@;1!Aa!tfJ7~Yb
zg?~%C+qYVl2Ne9W1;3-9Z_!s37I;^hUr;bZLo22>YF91ze#MSi@a+m7YeA`;+Gi2$
zYragu%Lr2U3l)Buax|XPzS*8vv_ECfR{Jydym(9^iuT?1a`u=6LH^}Lcf`S^Y-@kd
zax~lDx99qH4rw1^h1KnX3oLF|2vo3(nHe&qt+dMtRs{tNbC4nFa7a0P3UK5Ok71Md
z9EV8m$|01j6-H{sA@f+m2cvv|5Oxw-7?{)wbF$P=$KMyY=?OcX@ZLEQT9M0x0{2`j
z3mT`8(Ekrng4`SwgC&cVav+c%a~>Q?F-TVgiL*mGo)&6&Jve%d<_OgL_=z8kev1j~
zCpn3J)MCFQcnbXWyU_nap8D<azw3GGcZ>hMnP>W^rSTzt*g)9*piSXZT@3bhp3Qss
z)BcR`XQ_FY!e4M<DI7}eVJ4}ssS--<Wfs<gE44G?E|*)x4HjX@-bL)Oi0k4Ujj+^y
zee!l;sr}yM?Tk|U&gAX5QhSpMZ5-DAx;3M5VEaB7m>5C3U2lKKy)9|~&;@3JpTMTI
zR`#&N(fi3y3KR->?LgpHe<J&)e0>bB%T>z_{FiV*#YD5_{UL#giP5`bPPDqen`}i0
zTjLW#*MA?~Pq~^?{d)Ng^Ak!tmEV*2J)PgP_`QJNjr`uo?@Rn__<u{Fi9f8MXjr*o
z9?**ICG2XoUh~%j6Ft0f0F_bQ35O3utkx(lF1Fqd^q*Zr{Wad+MD|Ma4$3OFzi#0V
z5N5=pQr}`pN4ipPwwE*9ix6qC-LjAND2y@fIgC#GHcM}`{zCl|MVvK!TAw$LDz?99
zfvv7_O9r^ejmx>@X`;?za_iQ&aJH5IXBQDC^|QL$98WUba>?aeV1y^US4s|Ayb}Y9
zd0P7$=CZck9QJ9jILf%8x`C{3NV4{}4|2%k#p<()#Zkxj<5Vm+gJGyqY#*Wl7;OBl
zJ3*}jH+_swsr^rayurrlR97svZlf4M0~dqYSEpIAjm?aO%h#|2*t!RuYg^h!yX0BG
zwmQh-m(E51!i?Jvujk2Gzu+wPUB#aRplO@Dl4m-8D?9mB<Pa4U#dpeVB=nd~W|J{|
z146F`!@XFXWb&<=bP+rGBMUy}m;Q{L*;ne#|3A#V37lM2l|TMcuj<v_>6hxR>TF#N
zA)%nUlMqBYVT*vEfC2*A9gKk_fC-X<SKvZS5fOL5VGJ%&q9W+HqN1aWEAF^~D59cK
zK-?V{bkuPMf8Xyp_rALIsshf>-~2!SeA3<ToqOK7+qvhSd+xdCrevEJoeOj5)IFoI
zAD_=VMZGzs0oT8HUJn4|+`bS$%kaaUgCp^CB7T_mH1n6w95Byz-rIQY;D_C`3qNnh
z5Apc(4m{t2pO4^&t`c9w&$sY%KYsolKmUOri~9(k#Un%J_2P7h?`1A8P7_7u^5XPg
zfhBW!ahi&Q%;iNnq$A2^ahhs{sD;I8Y8f(t7pFhRM^4nmY3d*{Q5QvO%H&*}=8%`k
zxj6lLK5}v{PG7@EPR_;YEBVODx!Am1reH)LlqtB_+$vLWvAI#E;9?WAE(^?ww%Ek1
z3+^y4Yr9i$v3aOW!Nq1%rr=_8iA=bNr=b(>)l|-+-(WyA4v!6$S)8x+y|1RB526p%
zVpj*x=+gwAyt{sj?;P75U&VIEht>p0E$i@;&P(G}`w_R=#gnGIEKWHtk@E65<rhnP
zzL5}+(YrD|KsidIE5<~MgoTVwPEcp;NJUSiNTA5*UlY_BPg2nnDH1v|`a%Mo5hfKq
zks`q)Bbfi~5?GptF((y0krJJaVn>%G%6@r_o=AyaLG(8#(6`6viInIgL}w67vmTei
zFwCVECXo_-jp&SQ>7q0CrJ^TNq6dlo%mg|EVk&wfCHf1|=YFV{I-_JN`o#%CFN|xo
zB=OCTIOVWJN+(V^F_CgboHCn8*%_x?m`Hh1oU)^v!f_Fi$(85DSEVCB@^?qr-2sxd
zCHkppQo$qxD?dA!WK)TF>SB@^CDy46B+E&RQx{0alGvs$knGbDZgMgrlXQe<93b1c
zBTeoA*}NTTZ3oDf?MOpAKsIVe+SmcIJv-984v<aRk(PCUWJC$S>K2~tCXrWNAel;n
zuDU?7j>KD4pv0d2yKFWb5Bsv&u%{l=W<#WYn~g7XqOf&iV~@?o_nr<3o|bg8&&4wA
zYo80Nk5~d{RUhShInTNHiBt=yhSE&5KYk9y&++&<3qR-MC&CYB(^ul>wfMOaKkvg2
zmHjW^=WhJ$#m_JB!`U;7nPv<>%kabFdB@`CH2gdZKhMF>W%!wX0e-bFn}AZ3`N6C3
zJn<uZ*?zAApgwpyVHv;{0w(awV$2Y*(*c}FfJ|%V6Ry+S4=BBZ`TRS59_KSxBFGpn
zPhR@~eU=IRXnp=qmgNk6rcThlNS`0zGZ!uR_S<~sdIis4<}+6-c>W}xxmLmR2l>pE
z3ZAJ<YbC#|0NQo5k_K>9jPY^7*!x^fHgC_?`kFVhj5cqlOzgzR?R)jRqxC!Uwz56G
zKTELp!1m+xVLWyZc{N5+wr}T=@ra&4uE0O4Uh}|f)A%8iP@nA850&}lY<Fzwv3q)H
zm>lq(@~N<J;8%S_x&9I~TKEE-hhOTUNgaY&!r%Zsu=RPQi{nQj6;xYy;BA>A@@yvc
z)MEtCA(j$iJvPrk$ImZmSKJPb)Y?4lKC(%NhL}uG$$AW9A9uttU|*{BLaMdU9j)P%
zZ7>hz$Vwiy)()mWr#nblPP%X8Bz=1a$y5GF6M?z-nA&~?ez)(32U($(+73o8v~S2l
zQ%-Gvk@F12T;W0c>p(3c`NbBL75}pmKv#7^bWtnk^6Ipu{un5OEi3$~(Y94B>$cvq
zo&&tX|8iNIUQT4H+iovG;TspbWyyP2qAW$01(kcLtsL9wW%i|5#la1__m+Yz;4imu
zJio$uex>saArrUp)z0%Z_E}sH`x?)-UCFeals9tAoAwSsc_qE-7T7JXl-2NN$~zhO
zWubT3Gcla7j)aRnVgp^ux5kAaUPS1O%MQ{s82_2Zw?<3Sa5DhLZS+I@Qg41Z*jt_+
z61t7&0kN^YTg+to^B*Jq1^wwh$G$h0^x-Zy`Ye<O(YNFjqa2dk!LHI{s#y9hVj531
z2GWJ_+PWMhcd)0L^K6=a$6m!k5zGPllmlFr4L^E5q`)(nT?&No9Hv6Z1%&WOrb5UI
zHsAg-F@@(g1K}TATJj82c$72PP6{@K9K;l!?(9t=KRGgOU|r}htEFO_kq%vFd+S0^
z+1|R)X|}g64L}Chg`Ty8>q2MS-V)oo(EqkKrKc_#?=<vFDEuYGDB!vRU;Gu*FuqO8
z8&0{&)fImvgC6){%b>o<@?ucU`aqk-k2>*XWebaa{&>*FJOg=)6ISqrj1IxajaTFO
z>d%n#{|Qe!uEVdO{m=Ma%%)ne!Cx;M+YvI}r?_8&f4cJA4+@b!?H@la!ILLmhP7)J
zgDf_3&OkmlHm(G7dg5QV$R=!J!qS@fSzsHbL!Sn0qljk+woy9tn7}ql=VknB2+$=j
zCUA`*Kz9rhpz8w((1C;m=vYAl*Yd9+Krg<Sz-@*Ay*5aI9ug!#KNAw5{{;zL&%cJi
z=itK^*NxkdHsK)<ixd7t%I1skU%iXROr>Rml$CBdBoA^CxKB!iiyed~xCq=XCBh{R
z!YmNtyy=f%^F9v=4X71OQ<iU|^b2fR=$JuDbi-iv>2$&B)5XFPpex0E+hdo28a@zz
z3VuM3ix?3N8`qM)6{P%L{xw;1yE&#*V#9$F_nb+I+sqd6Wr;GsCh`7eyvLQLM~40I
zoe9KWp|Ww2=+wa?z0WBUoir?hIBT#-^vAFixxF1{#SL$pa9bj)FDBmaOuXNpc>f*V
zZO)x<O1sxO-0rp+{5A1G@guz*xj6B@H1Ym~#QXZh`}V~9s}k>TOuXNmc)u<2&Xu+@
z+Ep^rxyW|kxxTh7*;y{Vt%$!zLfjIsFrBo*LEvQ~@t3cZ-qSA&SWU(WuW}Nwv)N6!
z+DTaECS2nr(7NN6mgXDxovUv5oeOUFooj9Poy%<Zo$F@zolEAp=!ZC!{VbX_PFU$A
z(2vq4h#%#RjTcKp^NuVft?xXGVi7y^0JVq<;AUqN#8bc~h=Zlb2&F(bN{iT`r>I4I
zdC;2`;~Utni|$0pIedP~zou-NkM@2riud?~1M$KSj^JPO0rp(utfRBK3H7x#yZKHD
zc4Om3tb6^m7|P*cpt4e{k6L`XbTb>uZAhAk(ilQ6qR8ZCJp~*$>nU}(S$~BTYjN~y
z`8yuHS^n1Z(JlH=h$w$<Tv{(ils9-Ni3c|x$`J($9)`p(1`l&14tzWeM;!5Z2qTVM
zJj{zYgz!*_IM(nm5^<2(TD%4GZ0rp270DZo%fDLriBAJz+}4tQ{j4SDN7j;43TsLK
zbJp@NLSSJ;xx`vhywD|qV!#sok(*=rHX_ubCH!l0^st(*mu!}tNr}OEk6Ch(VwRk8
zm?h;s8<ygmSw2B1E{>idf5#(=P}DjfQFh{?5K)HVp%_sZ*-Wu?^Wtv4%q<NT%y9#~
zN{H4Xiaq-!G?DI?lz%2c{i&O%Ep~}vlkst1dvj5c-CgoJ)L(L`t9L?mF~QcewV7fT
z`qZku`rS0X8{u~y>OZNJnzDL`FhQdR*i?rIb+IlDYEA=bFyT>YL@387%Mra5b=MnJ
z3sNSW&Qy~f%MrahPVE7IBnkHXBCe5Ll+EofYt;~y7%NtL$}d-&K{O|A23hZN+h~;Q
zcWnnTl65^%tbM}uO_sXu15bUZs;rN0g*6~-tSJEbrNxb;Ch3irFo|cBuyU(LpJh#w
zCYGRa4Umdi+*1!n^FtO|rX@0%7ROP>q94lhe4G<s5Iw}_#)VLLb<;A4C}-4Pi3)ci
z+eTz47<rn91>J-CQ)Rqh7ziG>8|je_)c=B06;SbX9XA$j2<mu^IOf#zm5F-(0qr_p
z>-kb!Pb~MUQTE>k)wAnhkH#prODJS{nr5+}drVQ548`_*Nuz-=&=ZT|-^H-D`JjC;
z6Pqs#B9YnH*DL5L&h{!v*c3z*-r67xn~`fzOTtM(_i&^HX2`W)Aqm|!XTkrTHqR&G
z$f{lT>O}i&L-`l{f5rz{bLd8GJd?=#>%#Mt6Dhd^3kS+zTu6@=n-!5BYKp#jCnSg%
z-f(l+E>r;yB)mE7dVR#<{B+~B`V5+s39EcO;GeFj4gh_x!{4GT>CQ_N4QYn9q)>6t
zl%o<U)Soov>_iH63QcJxQmA_k{)S4Iro1Ha4Ye*!xgn84wM$bzoJgVGr72(QO_3oN
zJ(K`GjQ1$>v7VYoi}4;ElmK!jkB;aCI$qw1l;~8_xS$t3dI^DVO#nYd;5QP$pA)#`
z<GtnDg!ew+hX(=Yd;*yB@yqGZ=x_peB!E<HqE94%_Ym`U2_O}dsPf5PnoIB=9i9Mk
zWfYyB0B#`WB?%x`K+!7_z}FG;oe3c4`{?!rkg82|Ujq0`ex3yWH-Y6(^%j09-lO9Z
zz)ihC7`3czZlNPrclXE*-}^kq*CLf02g41rAcJdP`#IU@3S=S<u$Vq7IL9RK*v=@3
zyAMw`aoSZESxyj70fbYn#%aOXA5O6HV&{djmt80y!!5H30t@U595ZRTZ_^dGlAVS-
z2xz^U`HL84gpzs2Mf4Cw;hiK|87Ydwz$8Es&)bTk+$$&?H;Tfuo)%@9qI^hDIEoa7
zM=nQ{N_}m6RFPgSNN<iy!|Mn@M|^NiX`Uk}99~L?=l3m&Db14wg@a8|=+SIZOlg)0
z3P+iu(773<VMg83z=;JF=crR8x;f8}k?14WuA2HoZA2egay*U2(I%g<M;MXEw#Oy<
z$xZSJho2H>6dw5IN~;R#Nb#^!0n!|iipP7%K#DGzZByS_LE-pR6dvxkD5k#LKFi8z
zRTO$p1BL!7mP$oXICd3<j?)&!P@z9eRz|X-&_x<3;#+OX@-;!>xK<Q8Lt7L><z0fp
zQLZTTcm@jnR&7~cCMX>9ibBWbxduh4G%v`?@Yi$(6M%2}tTb8kl&p+*O`>-)lHRUK
zhh$~cYZ3#YBkARuRE<6izU$vUW4IfPc~`gOe7G+ks<gN+FV?XyVgbj8B`hfd)#A8w
z>t5X}y8(l6;9l81J$q%}dGx(9A(m>8nAwlWc(27ug#UDIUy8Eo(=yKTgRG@D;p>0M
zTB-#80c)ue_y??|N??GsR1*eROErP(b890=SW6Y*QLLqk@F><&MHpZ$)r79KRNwyx
z)>8d|Du^|&MwiICHeoG=c~y;~<^!xAVq1$?O&gl<cUVgmv1={W_pY^6-v?MrHKA)Q
z)%QoSmMX%dSW6XQfVET;y4F&C?^;Xsy=yJi_pY^6-)TFEd7{@^st8?cslHQZQlpr@
zcde!R-nEwMd)Hd3?_F!DzSB(N(xZXGeW#k^zIUyq`hC}0D(~Y9?0QtKQZ-S1xh7R>
zl(E}1Zl)Nh57!G8-I{sSs5NHHJ@X|tfh=Ri7PHV8xfU5S&|+ho8MhXzyjr7_zUWV`
zO@i`ipiP1ak7|<`Y*V3>do-JhE5{}8eb@-n;xjPb)$znRq46#&X*nk#Vlm{b;`Aj;
z`beBEix7tWiz#p&_FkmdB@cUstQ%-B)p$EIi%k!o!t~T{dgz)CpgWe3LHm^qWRq?_
z{n1PZT!#ztm5O{&AZA6K7im|J#D9W{14{C|S)Umb0%c~|EBHI%v`@P6p15&%uN&QT
z5N;MW7B!yqo<fW3hGJKvfpr@xV%Pfvph=U$=%EJ&Vo;PaPAv!`8Fo}!X&8|)!WXJr
ztlhAe?q1Z$;FEzEVY@X1LgV+?BW?W=zkskd5L>Gv(C9#fKNI1vicojkh<fr65atn~
zCI}wFIN(0-d(chr5QjfMf=1J+oXRkQU1c@2ND)r&18W-=(XbjH;|TBlzqBzQ)Gy_(
z?s-4I@xHj3r60bFe%SvXX=iO@F<<dsBrY(DeztK7TRzk5BpYtjA8))LX=3_rKa9Eq
zYo@RD3|9Luig0+c^@c4%MG^MZEOcK&J+&P!qCEtb4dySgb=CAI=~dvplj*uW4Ob%#
z$YInh!RgvmC@1=DDhj3J)6F}rO@+LEdkMtxPc^9~zSXD6_-P7HUWX~s!cSuzc^H0~
z)wTdnC2&hGu(LC^P9##I7Zd%x3G~Zj^h8Q@FVW}R-jii#dyJk)iJHKS&Pt%aFh)<L
zL{|{~oeA_EF?u3J4}5>K7d@Ku8PG@qd7QHkc;EocPWQZcl7^fYKMUWut^H!sNCJP%
z+>*d|4#4bmkDDja?<M*}y}5OMH)f4Y4<}N7AEzAp*`5-19*$GmiIhLYDYqt4{urnH
zDUtFYamo>&>&ZtB??+c8fFH%qQ6KOFKuQ9gC;&+s$FnsbOc0jP07+ow^Zl6Jh&6pQ
zjwAXG{Bk>#2Xp&?9~*=z0RfVq|7j5BVPEK{=|l-g(s%*UZ^bXSTs%132mIY2Oo=Cu
z{Cw(*13tfS0MLm%kfgyQ$k8qM#x0kGBS->&PQnRbHyThfMb0!wOTN@gSOOO$foB6L
ziP?=SluVI822o<DXo!O(P(mCefjkKvCB{=EaSxI}iF=R)GUP$j?j1mp1VcyyB^W{y
z$aB}xt%=ViLP8SAli5*Xq(%}pAqix}geW<3C6+=G_!_qKM-qMV(?P(>9l$&azg)Ix
z4+7HU8Qq+~{30<EK<BhgA|?7c(aT@%&FxUUCxLpHL4vv@(PxRiBSGVB1Auz=L1-k=
z?;!fay)^U;fuJW+qQzeU`ic1EG?Jb!5cEV!bP3Vlm_YBIZAqj=pC|fHd(q{5ew6=e
zPnL36KRPu5<jMW$`Yw>lhUgX1eF-47hv=6HAa#U3OlkssK+gAlK+fuYKu*4WK+chU
zK+ciwL@9;m9MT8mbkPT-@a+Rq^7R2J&-#EAP<=qkkv`y|7|DG=j`=<yhj$;4Be@UA
zLE8u9pzQ;4eD(o3w)%h^EPX(7e;<%M-UlQn_W{YTeL(VSACUYS{WZa0<kvnR`PBtd
zFBV0%BigI_3J8#_s5+_xBrA4A6Lo-O#g6Ek4v?&<YM}!pE2{S90LgW#$T&c9ohl&?
zkX)x4fCD7g>GbOW$#pt)IzV!rPJ0fJz3Cq7lDe}u-D6z>WN*61x&+AHbPquZkiF?1
zf)XHm(>(+wKuQK(W=N5AEtU3OgS8Ce_G2xj1NRWDoU!kZ*!1m-u%V6sFXyFHpfClS
z{jif?stKp0lslM!wL3pKPg7Q<wBwl~t4Msr2$P_O>j;WpvyLN9Oj=y0HH4#5h&L&#
zNVz<lYrQonUt9LRxp>l;HC=y?VYwdy8{s2fhqZJLWEF9#vI!E-eY#=LIZWsf&pngn
zdpPsz9l$n_Ra-I-P=~h>*@==%x9&`Aese)B*M)xv4a(|&lm<onKT3n6_fcr1yp@mD
z9>dP(Fl@+ey`G*IrY*>|QKTE6K#z9)a_ED!RQRp&5heuWo3vbpT5L|F8n*#Rml6Vh
zgCNR9>{;URL3xxsa0@qRxb~)My75_?32kx7blBQ@(#N~s^9Bhu$W>E%TSSaWTSHpn
zaG1QhxZtyw<HIgh#hn||_1z+YPR7H=jEB9(eeu``LhMw_fwYNOtq$@sa@ic+VOl;6
zBPIMz;cx3UoF^*7k7E>L1=gy^2hwH|dlLIS&1LxTeny{$VXF0GJe2VFA^bHTN{H8@
zhp?~aL+s+NUIGi9r+3gce#(zws%rg`57?cRYc>!*swkC~h}Q@aRcQT!MA;4kYW$k$
zLt&{SaqND|q0g<%suz~UIL44pVjwdiugh{boL=aL3k!!@4}(AnfB!(bT1zb~V1EQ`
zDvv<vuR=#Rc@+vFf;GOb;_~CAkQQ@BvblWYLqO$*D=xL64i^raaJJ!G8soS(ikoh+
z-)nAwYTP#m_}mX=Ga?8u?(b4d9k<b@8CM3U7a+TI_Z_>Ut9dTbbH;+?Ee8qX{A+=(
zZ$uPw547%u*qeE)ck#qdd@R3OLlS1!n|>F%A<zYl;B!N?i~s39e4eKabOj^$+#T)W
zdr0l2f0E$K`d#q3Te^Vdx%lm-Jf?}f>AIlG0$xzLds?%o^+t^MClo5s^|;`1D|Hd^
zxTPS@qV=_L{k|;7vTPM(-v8T0-icHP`36CjMXDe(<PWaBsfm4B>eWSVwgX*T3MOLx
zknI$+-f+-P3Dn3WXo&ZtXx~O})Ym#_O9QnI2^udD8;PkoXx{V((f@FGi+KW3g;u{C
z#qQ^cx8MY4%o7I$x@;8k3@3y(IA9+<L3^q!5(ODigB;{fBd4AYZZ-p5JPI=6+^}~I
z<vwokrXQ9*-VzrdA#hgzZD8?vt~M?{wg{-4wImb7y<x9ttZugvr*8qJK#hfh$$O&(
zlRJJrm@g4bSqTXy?{G$w9P}tnA}b_8#_i4y@~1(nuSsO(B*=_EgC;SQ2Q<l#q$pR!
zO~UXpt^V%h`Qx}fRt9RHl^hsb2E4aYc4ORHHo;V4eHApumjP3)6lQkOyyiJUbbXvZ
z!_S<GW)w*52gD1X#d)W4SW^0ghsEW3Jg#)+d0PlbT-6*N-kPgoCR>F=ZDSWq+YpNB
z#+N82rxD|OT6IG8iCrT0brGD6FWAWyjYD1P6#P9<=5U!B1PK?>aq5QZ*nlf-cUItR
zg8M%?mz48@-k4#A=_bA)VdLpYU5^LK8~dIkopzCIlC4q_=ck;+t8dWZqCEZk-tL^j
z&QZ+n+&PNHId_iYam<|~?0u|$KfXrWzn8s%;sr$dtbMWDOYnq#kg!?F@I~^)!xl-L
zS%<uc5oi^oxiN_RuN#6gX(O4DU`_IIK{P*3*1e^O;b2WNL<eQHhC`(P6}}dLWZ%qq
zBV~Knt-HS|y0i3CS9k8}WG_Ua50d_j;*w7dr@H0DW)O5dsAU<1xo<wrzwB-1;zjNd
zE%p3M`Hs8n5ft!B><$V`;rT^$jA9u5a&z3j^i9BlU-x-<FJ>FpV!P4Hwl_&CZs#Rm
zao^?y;XA$hCkJ&$uCj>tc6xB;;WCZxbr&&C&ifu*+2CwPpKe|hhD@ot6|>#@x26uv
zcCKS25~?Xv3$mSyxrZSy<*ddO<_r25mB!7ha;uhHi~=U+DbKu|?99vcC;1l7bmm(;
z$C+>Ogl4|Q)0lbZ=9BdF3G}b)Jm2OcO5SsN6eziJ_unv3Dma(UYrOQzlPna!PY_CO
z;EkwMjTpu%kA#mQ0e?P@KO@*{+`~=W0`4o2t4!bs{$APDoxXz(Y;tj|R8p>?JGnpe
zrz6u!$;}*2bxNz$dIl1qO3mO;dog=<DSjbP;6*|^zJpD|hMs4dOlvS#)x^s12-LA*
zDqmC#CvoeEYK{l+LKJF;yo!x?%IF{7(59EQgwWHp7@^+QlAit(WJR`nPa4%Z4Grq3
zr0rwS?bPU6Yx$r-FY$IP-Yz{4fmR#Ku_&!nd7+^N9|3UtWTIDXx61`E@NjGGWG{?a
za#WrsJaK6c35=<>v)V9cqKLS9=5!FlpQq`cGxX1y`sXbCY5$UaG#@nPx6}G1!$D@d
zH^MQn=IT8d9Q{4^dfqt-ovZZ*JTxxl8<Z++voo3@f}9-$S)!5Fv{xB8@iN||!(O0f
zv&0L>yO+p@b?Gr_YrXMxf=;7hU2nlbb$R#-x0|vlOs=N7&1Yxj>QiMf##cOfAH_Yu
zFxdGhMg@25E!Eqhane4JU<r(k7#<)sY9A*J(nQR->sb?x>_*1}yAQ1L!fz~s`0bSy
zx=(D=<;ttOfE3G#-gFTrkCOf+R9NoWiNDW?yfX1BXuW9MgIgWsGKWXOK^&e0PLE8J
zVtyZt-{9pyF`XV9DQXgjcXD6G({w8LegqQ#sNBO<8m;?T6kfqruIA+mwtV*rHjMo=
za?ExP<FyX5;Df)#YV4W!Gb%-z&>92BbJ}Yyz=QA^<XX_U7q!L3NyC#NZ^Q~3-{E_D
znm5Pet;~-w+qJ^@qXOO#AJ32|;;j<Dl}4~W&9_DXAe+<Y7FR4OK(j1k{W}E6C{TEx
zrj<#{DQG50h&MGsCe3Z_7n9{>$Ri?s+qZGZ4tXdlqD6+KupADx-vU_sR+YEEN(g(d
zDjyH3UA>6Hz5<&A8%3pLEejDNa=U7)f3uL8!uecnUalWc?jzF{u|40V1yQG@=BwDA
z?}+V#RmMD7Xvbn3p2{7FLCuJ|4aFP9c(;Iyj2K@$0vWTIO~xe|#Q0)IjAQMkVthiy
z_=H@vsbYNG!_8Py!*RW2D?R;LnLH3G!PF2^YxUlQq*E~tVWnamx&c?B`*#Jdit!~P
z#tpbD#+RTD51^6t?yXB;2*7pDOH?W!&_0I@fF)RKBOjL8JPryEie)>2UD-aYt%oos
zxENZgEK%9Mq$RR_NlRq=l2%u?9|(DNV7sheej_2<v4C3bcZbZSQgRXNP22j1Q&3KN
zd&>x&{L5INhm&eMnW|6dRZ7e4!-{HURTE3C<>9Jus$LIQ$u-ui7|RmZSYzoCuCUiw
zV<9p1?P}#PqOS-K1Nt%HVS;{`K}RUdaJfZC;L53QhfQa;LD)^sHiw6YPa@!MS~Tu(
zrQ8Qz3zuu~n{b8vZM{8@Ha<kBkV6cWwrNlXopL9T>2P}Wt}Y`u%>t{7GNsHPYx<gH
zjW){>;Su&~?<1>~qj|OWk>SyyfN{0=(Nf8yO(l<Jiml`^;W1Np*TN%pGCC?eDqO9T
z(Fr;k&GVuY?}USR<Bw1gohixOG5jSz{H|YqGOSRZ_rrAf+q67$zB(WEnN<0FD26|-
zoPu_lu0f+lcohKVBTg|j>U0$`Z&P~hUE>Mh*aCw4@LD^0DXPp<9Z#-)-`e;iRKnK#
z@vHhs3d(xC21qlWk~hUX(`~Ajm=mZ=V*QlMT167KGf|B+T4YX?$g-bLwLc`nOm2UY
zbsuf$zoLGA#d27}8`on6DKivx_af4kGoQ{1r0K*(yZBQ8$ALfS;u`AAI5DQNPB}bi
zmykozmr5_i-G|?W)Nc&|hUf3$Igs^h<NE}c3HCIw2xziB{~kZDvMpDt*4PU=W=h5P
zX$dU~GAx^%%?YBnqF-fgg$9~NYX*9SrGUBm)+;PaIlplqXq6?Ht9Z#FnCk<8!2b;!
z9Pb7dJsGRFMgJCja(S4M7)c?@BRYdrFeP=9GCeINktb_Hxj|xB#6&3xc3E|SDZlk&
zrs8_tYU8zB#lsJ72b$XWW3obS9)35Eqj4n_5&hPDw&uaz_XYB9+Ldvfma(5xtzRLh
ziNF2rZ&z$E4aYv+j&xjI5C6KcN77*7anHvUch~|Nj(&=&M}NVu_Ullx%d1%3pYHp$
z*$wn3q&FrmzjlcRTm7x;>h(=qfJnoElV9MkFT%<)i?3%uo=fSeAH)YESq_e;RV+u^
z7q&;I!TZUCuE9d}<fwj^Re#g|EHC2I0ao(i68L%)aHiZ`*4*FZ%kufFvSB9uNSf;_
zdcOix#^Sm8{k+py3#GA6u#K6{v=#}3JXu4T4i%ni{Tgl8cms0j9D+7KyE`Vh2ZEag
zLT`Z$g=YK{tJf8?;~R1AyLR0<=4mW`n$IVRio<-yKtsl&w%NA&#76UUj%4(`#xc;R
zcXFV%1C&nKb0^2<5`4*jYt6%HYa6>!$ek>to;80zH!|=~JsWXC)c80aiYKqb_vk&#
z(9aj5b&b1(0IwVX>^wX64osrI2%kr<OVD`l0AOcJOe2Z@D`t6bg2rbC06SY_8cFo!
z2ZF{=GQD+44FGm7jA<m%f6ZbifzKt4>^FJ|pD+N}xilu6L|=-}`)GWIG%$dBTK}I1
z06Uk&gp=sUk#G_?)BtciL3l3-CxD$OCY(r#&L!a_a2*LBnIH@uxDVKA$ApvUSCDWL
zcmsjA;+M;acMJfkiAS7ylITAifF3=Uh5L1a@aWwGfJY4it{((^6KP(76t}SNCT0?N
z?;zk`2LZo8n)`jTm*!LO-UocaAm9yyfWIZp&n9U8hL}m<!fy=#9y18I;2>b0hZMK&
z*AX)b{KO#O{eysalV<jwUYc(j0POrK4m+Ggzntg?C1@N!0ND9uOe2YY@WG&Qa)QPm
zNFxF4{5qzQNQo}O=MvMvZJ(D60^TqP_-+C}g<tOH_YDI6We~9bZG3(>ez~8YItX~d
zARwawMVBQ$-^^A?0$<I~lfZWl0^T+V_?1DxQwC-9!vUBbTzYJR03?g>7ov~e+uHz#
z;=K=e`XJy1gMcq&xso)m7=YP%16ST6o08}^5dAj%ay#bULBKx_0v5kB;PcnBTuGWs
z24Hq}$K^_*KY{4$@yjjO_Cdfm3<BOV2>2nED@pT<128*pjLVfoe~9RFzS~=_I^O$$
zM-2j=F$j1U%ax>g;Q-9eo8odM(O*IIoAJwSuiFO!8SW}V?2aDH9}qJMe0UHr*BpRZ
z{N4cIuUM@l&4UJDcCzuXNuYOr6U(ziN^~L#or_;?g<m`f_~t>tPYnWMqoAMW{R1#N
zrMSe&BKY@##s?G4yLb?A^&sHvAmH&VSCZ!T0hpa~T&^Vg4MhJ|qFf&t1pMY8;KPG}
zn^~?T&C&1o13N=;xsvFI6a7CD<vM*3@S;J$YX$+YV!4tuZyA8unH!fYiT(|u{|>)g
z{;K_80Pv^*z|L=D#!b>-fH;Xd<Pv7IxIW-btOnx~IhdWl#gT3jDH5tqj9(6Vw26h|
zriu%EgoG2o4wjZ?j&M@AB$IWRuCvtJRDfJ5>B7kYa_OThAqU81i!N;(AlD(fEOCHb
zF6ffN0aDf1<$wdEny#w61Ek)qYPbWWirojKI@|}OlG_KQLfQwUM%f3X;-`9`lRGsz
zRqPxfRWsGp93T}2)gK%ng`P@B2S|yd0>}Y!xa;V5fE;T&^c)}=UHRStl9!aV93c5X
z*+PI~U!uM3zwMomFo+Dii;}DLecfw7=5gF;jVUp<|EUixkz5~I^%-&eJ{$iD<A*UB
ziLLGRDA!?P7a4TEndUd#gE^pFG?Av@Hy~>~Ig$%I(_Bxke`)*`nZR(gHi$mD)H+4b
z$h53$x|4*i>5fJn`&qv8Ntlje|C6+LEXw$JDPv;;C`)qtDr^iCI@_=+4dl6~hD@<c
zB1(C#eH;w5HTm5>1bgGL?N!_4aJ2<dw`=@&qD@ZEO8kA;+5RuvWbPcu4f+$IO)6e{
z3B0sM+P@xSqfGx1_QOC;G~#i@c0q8J2PU}VtSEO23I&Dwa?#)gl;1fhIQk1JVlfda
zJPyqeEy&4Ixmr-f_8};AQveFDQ?Mvo1Vv06f?@&(@s<UPa)O|UJwi}S;2`?VS(GJ$
zB9;X~Vc;NS^g#y&-=nx<BM=l5Hs~`B$`7z*8R()>P)yh$-WFjq`Zqz5MV_FTut7&V
zD6bO~S;Gkm!v>)&XE-RA3W_Yr1ckesi0i|f7Nv0--_Tw-MexKXA$Z)bbn)8XRJ;QO
zPb?CGXW|6K^eo<gVb3&BgM#2OPLQQ1EpF(2OYp>UAb50$wRqC(2JbzBCkubU<6fr4
zleRZ_R|%dh<^|8(w<_h64lsDn6g*jL3ZA)MwS`&=2e;4D`aVwZWSu5><~CKq6Xr5_
zCBc(*li<;57UdH>sjtENF*ZB{UG@l`x`Qa5)YssBT<~OFA$Z&fwe+OE25*<(iJmWb
z>LIK2q`n64If5suzu?hB7WAH%tncxH#~DROBb{R{o?G8Vf+uRN(Bmeo#dGWX2W(LW
zs+9^Jy<#n%Ti>q=o~V6-N5>J1=hpWo!4ox1@aR2a@!a~pQ1C>n5<I$sSUed*rd`ey
zyq7@#(fabjP2gS4c5&;A9W&J9%`qMwW-XpuU)-7lyide<^p&-EZhgOxeYqgIFUF&r
zti^Nd`ys*mON^)c&RRaVzE=yLD0@<0?j3{PTUn3GCh+Te<>$?UC%T*9(Q_7fFH7Pb
zDR{NLwq58qJLbrZTKkhqup)@Z#fWs9wTLMQq8RZPnAd{nq8O1bvlfv(5+mL&h;IX;
zIvB!TcJ=E3>rSVV=1iyXkBvS+eC#m>yn~TjEcAihNat2bAvSlNS5&btd^BFT=c?YT
zkHelb5@eGNyVRPB4QI83Nh|TH#8It1H<`o7wf`)&Z(;)^`WSNV3xs0hlDPhls#tIm
z?)QK6z2#`g)tIMszvFSxZM?gFhkKM7$6{)2jG|^Y^A%nSk5u^}5o(uph$y!NsO5$i
z4j3g~QW*Y!a0=u44^C;tDU9UrQe#|x{U({hfc%3~81YF{7!%5&7JUT`CxN0IpoFMb
z^dBJEO=0XKP5E`4B0gBE<E(LXoD?>pt=`AjFLThgM@YKvu}Z5sy--AC6voO;V<Q-h
z)@^rlpB3Ai`@`Ivdm`_Fz$o{I@WYL^3H%&{pH=u-i=U_Br@5~E6?*jrKX@75+F1m)
zs|0&H?PK)evi6_#;W_Q=F%u(clSUO>p>JpDrP$`}M7avGZQfSf`;}7Sja!nNLa7lI
za_zN`BQb<@`P)FA4A5LArpq$##xHr9{`;25Gy`MFA(U$tt!hHK=JZiQx#smbN;MwB
z7?pkC!$`$%oeNEL$K&zLd>3NBZ~}i%lkQ4wC%nbmlL~u>ie41{5Y7zkCxX`H!ND4L
zW{x*^*c+k`1NRznqlVcJ)=%F9;^N069t5=++uzoQ_ekk)#eFZ`MPCHk2Fc<aE&I!g
z^FGoW!{Cf@(sC!sQ4XD3fCJ|Rx=CDfH)<+TqrGe{$f;+<UCifd<a48!E9Xtr=tt(5
zFg8>7WKB3^<{zRyPjvEsKWW27h;7AmhIrBR#v)sC!sFP}sqJj$)+UyluEmYWqRIFB
z#FH_kIoWa?-K}H$@|cR2gXL8JLe1}dr<@#HZ(usVZy@RqoJ17s*}&qc^09JyE<7e$
zQ)n}6hUZ%|5NDUd?*Rh}>>?Lng=ukElpC;Ge?a;&Z|?*mg+^z9DZ-3$1+Hz^_dwsh
zd<*Pbn0oKt(fno0$Rr#DIXLyL1K9gMMgpvmVNQ6yfkJwZ^A?@v4XaNKp3m`yKY>0>
zc?WpU*v@d?tZ$mW-`-kjkH-FNil7DQQMd+fC(_+D?d~jKmlB4a<_)x^oZ^`qXuoHB
zTKRq@Xg+~7z33WL$(PdsDWTtf=Nxq1m+?!-!8-<xgZhLwv;<XLi1M8YTE_~lRAU?k
z)CFBo^;<u}F$=f@!~?4s$RUf?1B3^u#(uzV{TMH$y(48Wx(_+!8+0GS9l%JsJQt6<
zqmK4Qn4jejxBq{Bpv$LvNAGbgkDq#E4%YhVTB&)Uf7xfyHWDn1Vim#FN0c!FWe@sk
z#&_%JSU?wI4XVjML$Yw_HZ&5rYRBOeD2)f$vGg-pO__4#z_j*@Q58kl26Frm#}xkq
zUyih&2=S==b#NjLJl0KnZtr(+s%@XpP2C!&B4H@wCc#(L-!aXyp^xYb`&G<4$4lF^
zet>qr^fh36>k!)j`#0OaLu-}{MJyJemt>nqfQMz2Jj`ha(@m~+4F}B9D*W!Bgp%CY
z`aM3wy@(RwEBui}_>wNfWzjk+KEAgaW_4I_5epYlGb~cu*?6t1&`O#1Jczqo`#Sti
zZD+aL@4~Px!-LNATYFL9N--}YTFzbm9DuM?4NHg``Zx9j&SDbQfVXeJmtU}o@W)EE
z-ixR9ofz?;w6|6Pvz^F7mWA8Gva(yY(MBOEnUPA6p3J7Nt;!kR3f8%+ccT5gZUf=0
zX0<ZhTnWEe+Y;$;cy|k~d4V3%xL~r|D&a7lZQ)~xwJsu@s`$k^b?VcUDitq!70XgF
zQf0)8ZsR++1Eskfr!CnW5H|TRgTt3W`&np`c9kU^g*X{Kc+OfD?r3k}tj0u3c~jn#
zE)zE}z(3$U<q@yOv4asm=gF^}W8@8<ch4FAIJmb0zMyZ@6Ui3{g$^znX{-W$XWp4a
z`U%1}&`WSS8J_14qL9Xi-Y45V0yjXqd#}Woa>AUl3;8C$+wXqoyG$2d<_Ib~mvP)R
zE{zMoxt4UW&=2j9^R*bo=sZ&U4LbjFaQYF#>CATu_&Z$u_OsB4j_E3ell5)vX9tb7
z$jE%D^NTZ2kzi{Z+S@tNB{L%B5dG|o91^@1@g~4yal7^7T)YpQBURQ2olA&Af8dyo
zFZE&lF)-sY`R1AUQVa7=QD#1k=j{`vZ{=G_Vw<i-`JW_x+Le=s_?LYyAt%QT*?&Kf
z_oYehd=%Gf<9DU?H1e{G5erS7#|}q+2tD0X2Sb}pXCB!?zVuA{Ie2Uz7V`n;n&*MW
zNu+@>O%+2`2fwii0}r!{&f1$Xxs?1CVmQDTv2g+Z;8ZuJ^w{6IK@1$s%1MYk%;)rf
zPD_5!d~21g7hMRx3e}f2G+JO79Bg#eIo>nZ>zEoJ*?A<H?pR0HJc@v$Q+_)QUT8cS
z<%f>S_muOFdQktQYJM{6V?W3EYZZw0V$^*HDS3NW7QE>5M|u|rEog@YnW@|VPL79?
zN_aL2hp?Zs2!y?yH@esxqfRZ)hk0Yj4|8_PTZ+`vjNZ#!S}#R@dPqZ*-`An~vGNOC
ztN)IScJ<%=0XKc#C2=3=ka>HRV5=vtVV<e&UHtC@zp(~mN;#He_bkvoMfs$Q_XFTr
zMfdCI{iLG%8l<<Mi?)6YMHjSfSyY#G%CeVbc@YG+ElZEi`&7$_96N`A&Qqj}jk5rU
zJ`JJB$Qp}H<z5C_tuOIc%%&#n2J%mN2jcs+GM*FPSKRNvjPLa;>b2M6o2N2QtJg~F
zNJd{FqET+o?<%)P{N2j!a8kLo%Iqg%WtL`eoI&X-vsuhO4F0XWw%S{CmYshN@=m<C
ztG}*CxliqBEBbfC)A`A%#?#oSJqj&09u|AqPzJ1{(}roxpIGd2(HkqaDALq7W8Y`;
z^|8q7w4S_7zbsE^y3Dw%=@$16VMe2-n=`5a>jiBZ+~U<&sjka@8v(?~;kfm&rVxgq
ze8Sx2ou16U7~RQP>Ud;%Ias%G8XiPRE@rz*a+lSq&z7>eY7T0RXv*1C1A8K>DVHIh
z5T%@|G7c$IR}Rx!<UDmeE%O5J*k`JIO6bdyNvtnF9V78*41Ry4{p7AX8AH=96tu~M
z`{6HSFy-$8zm4P3!H#1@NDV<qO+5f1rGZ_$Wx;@-r|l=oD6tQgr?q^dPKtXXyr&6Y
z#|mh{luQ-SG!)RZDxiO$0*Vd@tlEY1v?ui{pjefO0%})f_*9l<R6x^%)@7;fEL32$
zP8O^EU5=-b(nuM4hR+kGt1o~EMWKiZ)k98-f@9XB#<pL5nTw=fOVFV39k*FVpev`L
zufG`Dk*<e$au6`{VzkjaKq#S&jv!dBPH2^(TsTw>hb%wjS`WtRY@P(L@pmFs#<|K6
zbCn_duDVkxWG1s2tI$FXUHwW_$5m)UD75pa(1x~UGvT~_Dzx)>E)@e3N^Hg|wAd(7
zg?7{^w4+*#O4TT|Rei_VuzVOwYq!6Eb}oB3$4FrN^YZ3p^X;qf)II?`U#UUJ)G+U!
z!tyq~g(p}Uv%q`OMyum~(p&RqtK-g_bKvSZM&IqsdGZ&nzKiF3t-hO)xJPHmI32;i
z#(HEWW0)~%IP5hIy6{Nj9GkWfX={-N3q97BRsrp*!MMAuaS4!%sjQrPB+=5|3Qi|w
zAGAwsRhaF%cGRmjy$a`Nj?)3U?@P^!lA|;=B0~*-$f8COrsDAcgaCNc-|+;%yNbv8
z$lg^v%)9Cx)WtZC?bos1@k+G35c2lU$B;e)C3p0WpdG->aJkikM8BBNwS}EijXuDV
zw5|cE)*qnEh$^6SDrNLG<b9U3{dU2-7I?BS=URQF)I1|--2_nQD4JKP%woa*cnta0
z%_K+#TbEet@ha<}5>`==i91l%giO?L%(`A><8p8Ol!3BQ$`Z>)l#%it`Fc;6{_g6?
zuqE7q_D<Lm_<5ieVwnfq5+n~tEfyW{D&+AD=0VAV>1x#T+y8{RjkI6I8g3#>H8-cl
zfT8xQQxLoRGblnCv-C0~i~h=$?J#XpA7DEe=_ied8RAAzs$`Td^j(K=F}e@<D#WtJ
z-g2lH9<SqU|5T$zKB7G5*^)aUqWMqv1fGgI>(i-tYTxdA!Oqk0<aL-5@!*3x;H1Dc
z2FN24eLx;fPzM|blZP1kfINVpUO5gXk1F&5d7?mFbsS8dJ?I1Sh=BU<IG8+4&<CW?
zzdH3em^>ZO2c#3fdipq+bocKA(y3Z~Z5&LxU-tp&!mX}44kn$w`+#(^R#zPdlkV7k
zKspJl|Bi!67v(-6-FDR@*TJOEth&QGKzdNB`;P;p17;ua00K*NW^*u)Cr~^B9pGjH
z#U0N9UPYkz!a2a32o!fS2l({_ko+oKC`Wco?gHe2n24<B0(rtEBA2;9o=%C#P%e-s
zOCs`)3*@Pgh-~5ld7>jCN4P*b(?{%l7f3Jti2dvW=`tU&OI;uxxg&O|3#1oy#NKm(
zbYYIzdoGX;tr2_A1+sgh1JHghklhm<p8&FZqRj~)yC=FT0c7_?H+6v&8p<5sfDG|E
z@-BSgybDV>@4^kvyD)<D&c<jt@8V7Fyo(pNyz_ilN@5jCOhrBS2*)c*F^z!_v5Z)X
z`p)S05+|eB#A#64m2{0p8Y>_hWnI`IGr8aDyL`(~Z2VRf#_qS2u``?pr247Wx6l;G
z7rJo!N|-u|&7o9Rqce+1&by=d4(kql$MT8)S^HD`mX<2lFmXDPkqN({?aJ6<2yMNV
zGfmgjA~;a;?S7Epybd@ziz^LhKj`_GBl@y?nr0_$yBM^LZa{GB@7yaB+{f4}6P(A`
zD-)dmrM)tt{V027S2%4Gt7>PkZJutmFW83Oh{oL^P|*oaMSIPH7c2%;OWLsta_%)q
zShApSiU!c$ZHah$N3c4f4J#*00<)^^>TRpmboW!(kL$>HsqHL)^rO{%&L+HfALXuo
z-G`qA^0DY^gLNMwwPM`|eE9?_7SvnMWMf>}1;{Qyy8Q^4zWuMPk|4x<YxYP9Y<(2T
zy?dlRYjnZ64LEj<&U&pzePKdkeVue;)h_-R%FvUk<T|NcEmnq|JEqQJ+55&6p{;Kq
z-`+8m@=ikD&(yXSoV$So`^WR~2R0-qzz9`UY96GJnz#UrpoT9%dgDW+_cAnEshMlP
zM*e!-Otj<Kw2RRFCUAS(We!$Po_Ds^TX4PwoXJ{hd;B6FwEqR7qd8|pM>=UcazIe;
z!FT(R1J_wz$L73tuaqzFU{dwgqu%wk*Fb|@xU@Qc%}z+crFUJl04n6+Xm8v}yU@Va
zbzx%`c3>Aae}Tb!-Te651r~N^7q-yCs@-oFS=i6Ic#AD8>f+%}C@tR?x_I@x1^&PR
z7Umnw-#fsf1%A*0mMrio-F)h03q<TF+Yt333p~mJ&b2^9Dv2?NEiiO|p#|>e0OwiY
z2b>~REbw^_=7<Ge>|l;s;1v$AYJnehfHe!e&H;{D;CCJ1d<%TGlluY-e9*yMXo1gi
zFc(?iCmhVh7I?gaIc|Z6JHWaHmL1@P1&%tv{VcHI0Qa}RGaTR&3tZ^{53s;bI^|qy
zfd@I5%PerCgL$9@UhM!I7I>EP`9T)=RR{B63%uC@HZ2fAwqjnIw7`@@bIJlQb%4t)
z5OJvD&sSLBlN{hm3w)*nJj4R`cYv!b@Ls1#hg#sz9pK|E@D>Mnm<1l|(0sfFe%--5
z+yW1EFsCi>CI@r11>Wxf*I3{Y&gVy1;2jR;krw!T2lFTkJiq}SZGlg8fX7(i_hXtn
zpN@H@D)MIMI(d99gy_z*@mLS9`4%SAozKMc1owL+hQiXjPP7zvZbVA^N7(q<*}{{R
zzYF8^ivjhj9iiKP9R&H#^?-EvtGeU4-N)zgk=axw?Z#T6S@i@E1lt-9<HH+ao}DRX
z3&A!4U%O>1<6%sFPu^;~cRtHf7~8#bgMFUAd*?a!xn9`4^IW`)X$Y5{7chapYOVWN
zuxI0O+@x(`8h@Fzt$3^#OyY%1<ga=~zl7Iux;|`DFJdZx)rU288v$%%gvg=z-}wwY
zBkIh_o<Q@vx%*JvRmtFPc~n~W<9DrtK{`Z@>F&dW6e0Kc)3h2-eZNBr*tp;0!TE{^
z<-ExN81VO>x>?sAjK`w-@%T(_cHBh8;M`7S!Si%~xWk@nzu8W*fYV+HOOW?0pruBo
zoA8HSl&bD{KK~f=V5ShPz8Z)gg0ttmEIq++>oH2YBA3qYg6@IP9_9ShLj=LT&FC$N
z^jF<+8EFVp?6?$<Uh_n1Y=ma%M1~!i$)cA^o5X|gc<q+#thAoM(%IB@epuB%h_Kob
zb0v(qh*GbV?B@rsO8NCd;|-`E440@I_8WZ9+wfR*^Tkt^#i7GhF}jdC+#9LGNiU4A
z913$|%jeVgYJB+t&1Z$VdSUr;zSf7AuWmkdaiLZe_9}JAS>@)50wGhCI^?Hv^RUH*
zdZj3=RO*n4%FX>JycDWZA1(?Hl{(~}a<dq{A<iCgUQ#t_EWg@<Uvi;7g+lU}$1?b{
z&;uAMp4@-u78)JM_T@egE#ql!Hh_6>nIa<8@S_!rd~9lvUZp&*+;|fng2u7<t=-6d
zhp8`G<VVtM7@pM_8_=KApM|K9ag44^XJ^R2nu&ytVGy|0-zD34$PydP%oE!OLE{EK
z!K+0Ed}Usm8v<j?Lo{k-eEH%0gSLHU^MWuO+xkd`Mc_e-dC?EiIN`8vVoMi=nOf^1
z^f(+5PYA<tgUr(u^P(jW^&!u<$n(PtLQ|VBOJOG8`nFQxu$<R=o4kbB`40nD3nSF6
z7fxZUIS2uK;x@%_#EFa5?=V%>+rV+Q!qgO}C$y#u!pwH|4jsCA1R{czLgjeMq3Bf`
zN1$22+D}c71IQx{4sbQ(44^!~AhKgjI&*BJse}jL?J$!I6)XbDREafOU~1$wQI!SU
z0z+6?8Cf#S4qlVe3pU@VgNJhAbad@Gk2QAKH83)`{O6~yy8w}eirLlht3f`>j_J%y
z3G9v9<tZKLVwhWz_w(0XFe<`>qG0NQd`|g|o5eLR)uE{GmeQNvO^UhvEJvz_XUidC
zYZKAgbD^P&@sajz9%1^r^Y4BWq7;T%^bj1!rtU!&bF`fy$oN?m>G)HdWx4qEbrbLg
z^U%~7I8)ze+N(KFa$JO^6A=WlT${Q3X{j&=_caKlH=)T?etAuV#p4~MF(_rk)|6jG
z^gkJwu`QgLoJ;ZSr)LU&kxi3jy*T#;D{`sqb!I$rCU`I#Xv=W)mpzfFmBKXquNcf}
z{>*~2acXXM!TNHZV})n9(%ynHHVRQ~?jv?Tc?DZg1Z*W;tz;08DO)Kwp9&@!-^fl#
zg=KAk4d+xcc`48=sWJkZkppxi!<>ZCA;ql(3(BB`r6C%IAT|+-%h5mej(9@DxSz~p
zz{t0hOIQSk1#URW#odiP%6gF7Y43$7<bfdgsB@A(x+?H%kEGDD!h#oIxU1Yo;4ChN
z2hTv*J(m5ozE0XwTjlfC4bx2=10O><Ha^xEFk!li(KRf<?;zAK?=3frBU9q&01?_;
z?>DYT)eC_zbP;0m`IG|V!8(7ol&vc7p<}|#iNct<dVRy@yElLXHRSlfdem$^I1i@1
z?HJ3O9<v^ZJEk*o^flIG4~lWQnSe0WQY%1cvN;mL3sDp^V-oCZvecpCC8M-i=ujc+
zj@ao8GVZOP*2}3$xwberi#lz*8|N!w9fF61X#!h$uvC~mF^?+uLc;Vp00p&KZ6igi
z0oK<tMzv9$Ce1;?^OULP7O+CC@o_Z2OslEpObu*_Scp=Eu<+`g9QYVcVezC)>&<A8
zbI<I4!hw})E(I5Z@4@pFFjh~g%_0*_n^U)X(@o42s;9vr*63n73t*TxzJuJGb5h1`
zmhm`1H&ZU8uH90bE%^LhtZpqe5AbrSVAnPuN+2NlUE5}6N-4Og0V$u`vL{!c*j)0U
zR>_PFSvGZNuDTU|1mK*>Lm9#rMxs^wrzGSxz6o<$J88C)D3H&j@GvpjroI7Bi9ANA
z_=Ql9r0?8$QZ6%tiO&)Q*QS&JeEBWjsc_Ia#?yCDq{DQo*gVn#a5xz1;as??vFeRq
z;#U!&%(W$2`ifNPg2qjf>cLTn`rI2)hV!)y)C#ZNg4QuiTlRd@__)3WI;DILx$2FU
z0_c>YmU3DNa@p#x*-}v5l@rCHEHV!F7XYg^V+13V@LFrBXqwHrFopdYkC)Q&Bx+Q)
zaU)6v<xFZErt`AivEKO{Z|8vRFX*-v?)$ZE#vridJqTnjjVk%+!+@)lsw?N|l-Hp8
zAr)xCuaPw^7y>Kj`7$ZWbZ#)TrHY2eia0NZ+cR}<yalXV&YRkCg@M}6f-|UY^C_r;
z?=PnxMP>!&s%*fg*<E1$LKp}n%O^leCLc6A5BX-{D1Ckfw+WdF3eyu>I=@2g6JH^e
z?}j}&&IYKpKmgr!{vOD84jjx295`m#1D$ZqWf(6t^nf;NHYb72i*yD59@`znvxYUv
zm-Ic>^^Gs-jhlgF42<NN7a;xF+811gLfyb@@hscqR8+8Ko=P=HyY&wIl4X$BT;o-7
zc~El!Mx8WteplmPkUCS6wHR2qoVSBrS#au}R8GGIab|^89`r_-Fok!Yh`(E;9EBjL
zZJsy_|280e;>4l&w;>qYtPe9tU9fp(VlMt|!1MTKLh8f(Q$Gd}vvnghuLsSoq}e<e
zY6Qmu#v9$^Q1DLL$HGj*fTnQCIGP%gU>JtnZ`CI_bY^R_>k2@E<7?yHtQi8LuE=Mz
z=WWQwVqo%dkl*%8#BelOaF&N|3eiiN1>EZ+naz<^>(_ZO2A2;=z0>e4kL~50LbUyt
zqQ!+{CUK5J6k=`5#ye3E&Rs-BGxAToSLJ&fK<h%&hV`+{aDbBoIpz9ThxUo=bqGDV
zmW?GTB4^6=;cnUiXiiO{P%MpiQws7JT&E=`U(t`7N{!`|LomYFt5|cPfXZN&|8(u`
zUrHNFgArq6{!4o&gAVp%&_{WCebi>)Ae4gKTAuS$X60PWPW>3EX-Q3aX*fkK&t=jk
z6}FEbi&}XL2;1`c;s^5_wgqV6gV|JiR)TT*VCWJ>y$>Z|wA4Hq^O+B?H>{M9b(q;z
z&d4;6H>?46RbXF8>zM+I#}eKSH(#RaDqqptQy;^b7qefGk@&M(XX!j0{Hvz5EA?&V
zfu@5O^>lF6$aU6b9oiA{5T!KD1)k1$pT|UX5$lCEF3=RjZo~tMvLfdPrcqd*srzA#
zD9{=~ls<a|6_u&`#UhbbjX&_S=>~Hy<+uPtwN_6cH?IaT8LyJ71-?E(&kl35l|r>r
zs$w3e_`>=)CDGL3=2lp^$xar~4XU-UP@h;&C1wv~TjN2}D&rO`9MPTYHJe^dB=6E{
zZBM00kvq$^uS(-`IvbX&SP83PBP<%@QF(d?CI()mm0wi}{BQ{VeJr}p@0>>9J-1pG
zL?-nYNL`i>i!wVc!=lKx9Tr3~{V`@iE?*g$-bBjUl)T7c>Yn-pFain$Kvft}AqsP<
z_A}_fDz2iiJmWf7sVoMS-WH{v%YXuz=`SDyEj-!~Vjc;MAg~N;gm7qAZF6M-GQtXY
zLAVeiipyVONk3L_5T`&@l<VL9afKNw{!>(qhh=n)HWv%AqQbo9eu9BU|B2#+g<13!
z5G+WnAVY>WqRX=YEGQPzQ$L}Fq-4_Yh^b1_aQc7hC*E}D5iIdBFtz)zoZ@#p@jv0^
zyK7TzZ=Vbr%<2t5SmcgC_9Iq4Wq;bEU0|DxRWnU;c~Xpi-c_?L9Kt&%nnAhwJiqlG
z)Jde+;gBnD#f#tKZ;4M`n{EA!$r&AQI?9&ASSV^$6JxvFe4I+vuKofQiPBa-S(ggT
zX#4;O>2z!5OUC;zl)3e2WgZigv7xB*P7VC2X5FBsf4%AVgO1h&ir_3Bof<%gl4`*o
zrFBWc1Mf$yRe%G4Qq%$Ux-r1EBdY<ksptqddd;UmOjA+nR<)8%g;}S5m0SQTqEq`Y
zXTFZfWi2@@2SoLyd_M~1zgXI#>%+I)zl@^Z_2FBnv;)cE(0nRrd>Hkh3Z`OH=Ibq>
zb&0mAXmwVB&|-3sq8-5+JYaY%=5QE9jqafs`CTfhsX!BF9E>J{y+;?J-1`DfEsD5C
zzA5jS$T#ZgOY}uS+a4bCPtdZHyE!iww2zR`NEQ83bI8l)TAx8}3b`T<_vNIDR4tg%
zgEn|H`CNSUb<R}%+^&a!jcTppF&!pUcb#ifwqOMhrmxy0+a$GF;KZ8oDnDqZg7dq2
zh3`EBb!xLtap9rY<z!eE5$N3%l99CQqe|2nvcHNMzSyidcBaI7gM0mDJ#!*TN~~Nh
zwZ$~mfF`udYT&E<Y%`TT&n@c^=%_B?R~sK=OVYVUWdlz4dY4MysF8);kIs9N_71{p
zxBiR|&^PF^p+FYc#!X^rAT^RVkrHHy;lLL=f4aqGZ9Hcq_yY2|%;ux>VM?fp!h*aF
ztlD6H=B4p2JlAH;rbFYuu?{L=(!B(>xo4msv%4BUU@nrL-3>EPx_Jyv8m6(ykqa~H
z$syz_s*8&t!bq(?yrP5~N%0hBRL{&cr?D=86vmXpdgQ5PinZ=TGPwf`lNdmlYNuWz
zs?aC#xmj?L@8)*fH(hNo(duVu?`BL>&lNtA><h5Qn5yEgfI*c;X!NnOVTH>`u}?v$
zcBrD>iiP+KWnslI{(|I+bbVDbRUdB78E?*6P|5lA%_t#?%0*5tD@}!!C|2b4RkKCh
zzcNz<H<xntM_PYE`LJvkWnJ4jmsk0hmJY2?<YbgwyJejicXO>Dvbt<hSsue2?d4<+
z(A^xFF@@hJ_X`U-y|Ms-L9m2tQ3y@RDo!4$H^6K$^(ij6a@EFHNtpJHjBpYAimSR=
zxbqJ+*J5f#uW*4j6b|Q+#x)#FhGFx}uqeFKPeK-Jf&(?Fhyy=A1<#N!w2!Ix!N!S6
z92AS;Fx4qo_1CQ6at}0dc)-q=&q9AbuV-vy7-y<mdFaP9jWh7Jj&9pf3?N5j5L7+0
zXB3Rh?qU*xxSvCVfQ;bY!AaRTg1pT7QAff`S^=#+W<a`F3A^c(5zm)#B{`s5F@lRx
z?I*Db&2O;(3OY4liG^953;gCBJ3M7>croa_pob0yyi3PX2XMmLZ+wn@mua4gN2Tx2
zo74CrfF+fJam!;6g3y!W0%fgi6b6R^t>u9NZNfQ-&hitK=W;1e>*pXEj~ZVV$<XL}
z<b}#7c#U<l@r{~-dFE3f(D(v=6@&U(3=_^@bHNH*xuo4#+d8`enah0}B_hab1$Xk8
znpFV9s-LIFxJl#daLDC^1960$CL<@M1RMHBu@X>bU_?%RE}pYQtiUHSr&Y#eR>ATz
zEE-vS8tS}V_^yV#6?{{}RBdL#hT2A~kArpfxf|lD2V($W4W0Z8XctFTuar@nKpRn<
zFkjWSZlGZ<roMG%!PYK)JZ`m(8;otWS?u$HxphC##WM5bIf)(2Ph?6#)Ujf!<d^fN
z`*pY+=QWSQmP+eZG$IWC*b1xdE<^vy7GgXr!Bfpq?1qJz>TYRmHPv~|+u^-;dd^7W
z$HT-8!=<Xhh@F`BevNW;SdO$E9~jFnU#rj)ZUx7eq@XYb|0}*z6_EK;FDXe)kVG?}
zo#53T9e=gc`3mc4;c#>|Eseu-Qt1ZOn4+<vS;<6u+~LM-t;TDZ0%v!T1$4W$j3JV4
ze3_q$MEBD*k(`j|a;Y<}eMz@I%Vetzp%gq9|20e$S7_ahJ|tDZ!fc`L+ZFYFk-nu{
z9|RFtopk76GA)R)33g;!&N}q5fC`wR9G-fpmgj<#EhCD!%(bZ-Q>}YJBc07PzJkA%
zYz=`14ulyh9Oh4Lb~nsu97Pu6MqC&OA&)F5mN6x#xi+2pno&3#Un3Q?5Kn(8$717a
z7l)PD@Hb$d&W~@Rp^%F_hR>Tv`y3Wv5cH%f=2+xisBPK}lOUoeG|$6YGXA<KmY1+_
z-AtuY#j*)k3YB{6fQ8wJDI(^Ju!16T)p{>hc}ljYLdaSQ#9h5IOMp+g=383H!}i23
z<?ij}m~^T*9yTzyn#m1I-LQz<u%=~h75V_o*E!1fzKA~F$-YgAoP*L#?FPm)xxFQu
zDo?)y7}%Aw6Vvm+&dLRHsVCNN_p@ywoikDa@+yrq3eI5xhvx@~f`zxQC^VGDVBF7!
zC>4}`@P&wFI(H>7-KAxYfvrib;l4qGNHsSa$u0rr`l$y}cFh-fpM!$)q8@&&PXz0V
zX{p-SOjgVRCHSTy&vHhLA*g>=w3M`nWn>8MR?`Ly<g70_6iZ|I)^L!#3!~whn?SMW
zapN62Axv3ndJpGeQxW@<w$*AYi#qo}ZKEDTa|X<wQa11nxP%4|a0a*QM`W;s0Y?k^
z8)r*vVIboLtt?KYWa?^|xiQQ%ev4=|XykO5*WsVfHNJ%!f>&$J$B~a}{K41}%o~A-
z*WC{GH;Ijth9-aV4L6+0H=owxBS5N*By=Ezi`6?}Q=*N%Xa)lY4Te$~771`E?IjpW
zd9ZL9Ly7gmSw~p#a!B8#MZs-(IKJ7u05e!jqO9Yogz>bXT3LuSBFa0|TQM(OXo?Ca
zgm3|h3KI<OAOoTyALC2av|QXCn9G9T+qvN=MpV&^D41&2JYPoC_&)L*H~GQp5|)u4
zEiB*8h%u!CHPd9*xLX>sd1!93h7+q*1vlOYsI_}l<qpnyo|F6wBrik%4(al}vOk9D
z{xbK3kiS>T7_IK&MMXw}1!CeV$_CrQjoF!+KXdjNT$+RtxrnLn2NPWe%t($Yz+J26
zEALb*bU2uPH-?qh+(@x%91Eb%fc-Xt#WtS<{=+p~C@{NrazCzzsC1(R(ju~QjjyA`
zdq5WC#5{$NOT@q%Xu$r3AujJ2IrRz9;W+(g_$VkeAC^#bun2@3Hm>$T9_Ky6{4N+U
zGv4%R=o_Go?#Y8&U`Vqv3|m~@2f1Fy8b4LrG)!B60TU%&IQhXY{j-!mzVV!{Eg|h8
z27~uvX;aRUMOeLRv!&_V*&=>!*S2y#zb=)<=42t24YuqFuq#=}(QwCwA-sTgZG*#G
zkm51`k`D`nUE83ehnb6N8?m9;{fKRkJr6Dn1(Q0X+1tbjp1QS{g!!;b)u3`}hq9by
zF}CdC@Zl4*FQdJ}vVnCO%ZI|KRTwkdnpJ2ozq)H1c3#}d^pVGC#_j8=?5lTn_lYH|
znKK9Em8zf}!;<Kl8Cj2CC9?L~EinAYv&O%nA<?~P*V!U8D=ixK-efHUpN*}Mr}z!?
z3s=>r(fkjbT=Q`H`K0|YCx|FEmYni9gN+|~3o~2xkfAn%C1BA;jrk#@VC-5l^)XqW
zv19B;GOLI)M3|Y_ez2cn85XymEDOlxYo3M{(}{$8ZnSCqQtd$WB2?=SPv!Hi)Ld(4
zE4%!bdBU#jpn9E$25}T{T$YLfv$QNOiFwDSaUb$|iQz@GgDn>xL14BxeGSsR6dre#
za_M#8O`p%(*5$T|sre%CxS5gCY?d^Zj93CK2h)L7GeG1H3D^>LN{-1ejRsUqj#1@H
zj8TU#KbJz70E6W;l;s@Ts%Z5!n<y|-Ro@YBRI9+R0#&KTeeb|Sv`p`%tS4qi^2!`2
z%JXqQ9C#GAv`lpu@5!Z1nf`Z-PBP6dY{^PpIc~BXa~NVnXamtVv=zWWnJ{}1+JcGQ
zwjhgyS^Po*TO<b$)-a7pk7F12V`ub<U*|b?NrF5EH_4fp$HF`bSTf)@G#7Zu;Wx0&
z)H_nO_=_#rwL)&C=?Apec2&wg?D5+u=2!zLz09qQ@<LP9%0N}kn99t9_BxN1VPdy3
z!>r6)Da$;m(l9frG|%9y6INKIxgerXq#>D*P>L}Mr1!B=RzcN<(XajF;Hzk=28G0M
z0)rX6IUFXN4WowkL(~w{fVKm~y+Ou=x~9zGQ_bxe%1njm{fxsCFd<WeQMSl5lr2&<
zzZ&S4k;?LbHZJdFjyxfcECi2WhtCI3q65JxhD&h9(69&A-C1RhjPiys4;tm~=8aRZ
zIEq=rFo}H3&dRG;AHW<C?vKSBZy&@QCxO8+q`@3vnMDS3m?8^jfJvOrXTMkGvctpX
zA>2ztmxnT}5l>CJc5VtTrZeGObgd#YgoXAHcq=SHePpP$&nhQE`vP~ZgX#%FV9j+f
zV9gCHtm%kw3?_L?w&ak7J1Ymnh%g{D1v0^C^DI#Fp+|uXw3)O%)j+UDf>mj{6tyi&
za?~YR<@^}dEXh$*YH*X`D{7xNgmcM+bJ3Evii4RD+UA;@vE3z1m=-2XCzz0-y+t;q
z2Qne${?pJmFBf^d&EE#Y$VC|}9=4To7{28oj}`(b9-5peMMxBaobgk@@q*ke_Ilx(
zqjEX8$eN_YM)see{|eIQnL_Y)Io0557bb!G$rZ8&Qk#LS-67Vx_JmIX!<f)8zfB&(
zrI51~)ev7`Y#51|a3wrO?LHdT^wU?8d_%V5s8TFP0c7J!79Uv2$;a>qu^;E{$1rHa
zlyBC3b|r&m5LL5iER_mx+=Z$vb1QLf?Oe2-(Q4Ds9rUcA@9ji!UMcNtmVI>ku=|G3
zHU*`TtqRAMWF^bZ6KsK?Z0cim7n~;0Gn@$~bC9T<CK9D=+{yCQvQ^o0lSL!@obqRX
zo$JjW3HD*=@MU(}&NDg4S8ART`{G6T?p1Cb)NcBc*i6~8JHdS%HTadA)2YTsQIu-y
zulQYnPGWXNXjBFB)HllpNL4mKSSK{Z)P2Ttf_51_lc+Xdp(LHv^+E8xZ=h^f3!lO4
z2@=SB!d}N(jBbyMXbn;~0^jO1+J^A;0NcEhaAh0v+>xHYRX0Iuvs)=*vvLdURtOnY
zRHKJ_Nr%}j%3A5>v65E-?Rp5bbQ&Q=SwMZ&o>KsH)9@VeHKop$Y8JDa0t3v~FhmUd
z$T;GDiPpcq*>Ar^nvok)w1+<lY1i1g>nN;l<)#ldaD<Pc+`~#cu`zd!zjeL1UzD*w
zV_6ET6}I;`gDqy{(x(Hlti5YV6FwbW<G|Sv1&5Xk2gul?gP%QU&zFEC<`r@Iu;)w2
zo7iroo@f0zQd!^e=Rgy$zLnEM4Pf!-$kq@hRy{kguEm-zUxl_x>l8hjIfcN(zz_54
zu~ES4EYBqtR^{<p(Ssuevc$KTY1C3t@Zk&xiLLXmH@%v9;@cb?HB#bu(CesyIcfE^
zKtYWqRi<z>r?x|0*K(LwCUdDuIF0K^z%<e-GWC3?J^>7I&H&UnXMkO>@)VzJnn704
zD!`Q}Pe}-sJ0v@|c{ma<IlwtX$|40ugJ4yO1S%K@aD88-b4HEx>llm}W01?VL(o4S
zeO7`0cAl;ooC<IVfj$=Mnt=%o$tAfgp1VzX<Bov_g+}MWj>$tPKq+b_EDTH!Q$O>j
zKSL)A@vNX5$Xrxis%so6&>~=5ZVZu+M$tB}7T&aSPxe{{`%x6dl3W&b(n?;|m2z>t
zvBmK;7WMZO<=x~7)arr3!Dzp}iM;_E5%)P|#Wi0Cx^?LZvwKt^HZz)E6R}f`$TM=?
zaD$B3G!{u`nrVo`6sKx>ry+Vj6ujny8EjpDhJtn0*ee)XiXN{GZKLfd@IOf#VNHoS
zGOvdP(#`Yz`UFmg)hEs_m~D92>19XP%tl&jJCK9ftW`0Cg&X0EE<RJ7AI9KitSeqL
zS{R%(DlX|8&cyzakuqGfaDV<fBS)|TwA)2yDlGVVpuw59nt`t;zp#-mP6Ei^pVdL8
zwRNW+;fK@z-aOds2l+bbDs_-X_`H2mSNr`BLI0nn4huIIXab_m2u}Hii{^W|Ky97n
zRK98)hNs_-k6^dNDhfg)NL6=<;c+vW2U112pw17CnY0X-9r2OkGOPf0k_c~>F1Ay4
z(dJZaVrPY82p+h-ALOz$P0_G~znjn5BW9$qXh>p_g_V~vA$<a0rtrE;KEa_vZ1Q3m
zM7f{#jz_6qBXynRu?jdj)>QhV%7x|#MN%;pU~A1kXAi#L3@Z`z1PF47QuZ(06z_w#
zsZ2A}3qApQyGT#_ZW4~eV*LgxNORoEcqvW47Kog-z^mC*Y5HaQs+)wxlz(31XJGhJ
zGg3NA#TSXKnh{hO<Jil7A%pHmXA)J#Ork$SPims6hpu{-8tWy8J`6(&^Jmoe)Y+R2
zyl<jR*Rw9^g_~0|g)}(<lL8E10TfX!`!hfRX09Bjy&C3}4E~4d*<E`eQ;ewvMN_6H
zD?lTGmX&KlmxToeSdKv^)iuc6Pmg||ojG}?CmdCTm90|BVH;%<pTab}t1^VYVTql(
z83x=U`2l<|L<ek|j!{2Ob+Ew8#?c*cRSSd#Ht&J<M!5=Iz(aqEFDXVQ%?C}y5#vM2
zN1t!T2nR`=`DCFXK;b=*dL)GtpWpLSaAU1)-UEAU#ybx3`L)7B><S86Oh%dMDS*+#
za@#x||IbrpJ2O4P1l5SN$~0;1XZmhcRu}|_N_Y%RbTrVqA4SzKe4HAYS-8n+ss6%E
zB@R(N0!0xH%bXP?aB{b^HTT)kl9-ob|Lxi=T|HT~Vsi%3LyZ7}wSs0_t_DlHxY@RO
z51l~C>_&9}stQ8r2I0_2njM_mVf<hpoC&pn+h8>9Vj!ANxp}u6-P+YLw8BQZ*#!^v
zRK`|W*43>=Mdet1C*ZFWe#~^WAuwcW7Vl{ccN9?vFMtKWidCGC==Po11v4~Cp^u6%
z%F<6_HotWSy)8#cj@h&Yo1STK448K6a~R^{?KQbV&XEWuXbza?wfa;?awjRdGht^&
z1Chn=@xZwd2nDVYSnf~a@9Tv>?EH;E4;D#J-;5N~?`9BV6O_BQNP9(`rmHjE#gkEM
z50OyyhwRxnVCJRWUp<iW!cRauLX7idk(}paPn@SB>FH)l5Uk4z->4T(qw6bXr#Gn!
z{lniaedEm0Rk$t6>e%kXr@S)ojuE_S<2RhT)%6QB+_YLEEzLV9yf?6|dYh%@Pa%9h
z4<th2;L-g`FirEIKN&AS;c)RTWK^TfQ=g|mj+hno%%l~>Tgo`TXiu?F1wxmtz73`I
zn&+C4lNaVMl)=)Kd`?X9wBhkoNB-_NB>>}_`#@M!_QS>i!?rduqy_MLGe$AXH8G#|
z<dM7kO*nJC8QUUZPWHFJg&0dy-|0j1rb`edvbnsYzwGBj?v-V?5_?T^v5NxB4y}GN
zkP~^%O%`}=f4$}osMlPaN3ivR#c0iQY0*>h0|AZfsi#9A51~n!{gB6_B|X(0!dcaD
z2=#@PeaP0Aro?*(;9-cTM4un+r6S+G2@YcR^a=TF2yKHnU*IJikpEqm2{}(+<$K<4
z8Iz^l_{tKFx+AJ6PPz{_hk4K)j<7uEo@!!28D)QJk63Ee5OER%xD=fVI0ot(km}{u
zQZ%bcbtGZ&H*PwI%Nvy_KH7o%wqQOk2~|g+{~w0u)Hk{S>xp3rejPmD{yBWhjN2t;
z4rfU$8|zc8UmyX8<jG;<E5oojwtOk%P;q?uWz(=Z;Hh3X;$m<Nf%V}d%6OcHgDm|y
zN@ghwnLpNeE6z=|eobQNtz<%dqVapQCCG7a4;27&y6a%>+I@MN@rgaI^N*<v8IN1c
z0J>{EEU~z;#F@kz2SD+P9NI9h`Tl|V!Ynzi&Vh4bd>)7M9IS@*adbZIl3&W2ugoV>
z)G(AQUchJ-oJh`++gcI}n~~$d0H)A1TeHx;X6rkrw{j%mb_iSDQP_qCH$<E=ZfSCB
zm^4Rw8iE_}U!F$n0Z!dCNAVDWw19Yn(a|5R3lROp{Kk!OqfhU}C;Or8`0omT>)Dkt
ze`{rat+Jqrkv!jr5oLb3z~s3A5Uf~bQB3Fly*PCLM`pHATX_)<NnuU9P+gts;i9l!
z+wEql?Om_#uGAEfCwa`I4X^*H+XodfTx1)2KWXem;eOr54j0&l+0QgK?g2Cuans+_
zolV4Oo<KLpdUMK~M3w)AV^sqV6rdrd>MIRLW27)LN?IbK{1mgFbhzkV+wk2RWxjx2
zbxR?&rHHcgx}ve#m@IsjR)alDYj(L>ZXPR|C6%<5Ud=9NZE_`J4uZ+TShl29bLO!E
zYiX22UX(9fJG@Eq#-114uAnER_5+Onc5)vXTHpDNKcG3~h+e5VmO4*gImMR{%uvE3
z$j%<=t-yEti@d6CT~$tX<G}Fb6|WBwNa|a=83$1ab?4i0eEW6z*6J9vM~>p8P-?V6
z*W1_zsWI_y&^cB;b71FE5d>X{OPgK(1~Xkc>KbCV^ddp^p5Qhz=M%K&)Q@2Az`Rw;
zjuWb$8BC)t#Um%V8q#PEL8^M0L7AEQ8IJ!$9x*09<ucdtdqggSVbG1mXg#H`p2{{=
z<NCg$M;CqTCJt6Q9xHukk*^vn7e?^QO*fZm;jO5x&Ei;RF^f-lfN2xU1BDC)fw7r7
z8$*}BS=-3icf~%E!%BAg6r^>1^eBFz%>6$<(z?n$(pvi;9BD1`NGp7s&5>3-@c=6z
z_DCz904du!tM~A#t(XKdn8c~m^7-(<!A=@Z358{>hD4(<5J2@vD`Txt;$r48M_Q>3
z^c`uXHc%XNq*dDdg^$wa=MHXj?u(gv{69HHoHx~9Vb0oAdwPNA_Wpm;5$FCdbp*#C
z{m|cH#~{Q=F?wrv4El0V0<tZgDm7P|wm+n7*0VIaKw4pd7U0JGh={onJ!#^LO~3IM
zftfRvzIX0p=LH$^f1lmkyV;3+!I@N**<6_?>!$K0Ss7%$ugd&qOr3Us7HGfKl^Mp-
zgIS>xW@&1cDQGBTXcFbmSxp5vrCyuG!hTkknb^=cNgT1bxJDobDP*A5S9J<upFIb8
z-za(882k6K&whhh_Hx9p;4af}bU#4RUkU#$;S8NFA~ydsi^}`EsN4=mivf!yL2z;Y
zqyaCBppnH+Mm%q09}Ifl+a%xUD16aKBU$47i%F^&o$$t(Gz_yctqw=0llB&7s<cHZ
zVvr3eQIn;{$+(-MlAFGZV>><vBo@T5vmI-{#wm($3lR#b&gC?e&>^&#l5}}4Wn2FN
zP&sQ4nc%Gd^!fP06P%pi2yx*V1y<1dS0HkUrIb|v(L=98Vaew91bj>B7PRglI@DZ6
zr$6;nAuMObmzyq{5QNxoK-GAj1Z$wVIJMe55t3AL?tZUd$P$TOmqX3vE=}3hNHrIb
z0ImapfW<xr)!#hYk-Fvk;3|kVgHpL#tUK<<OyHSRoJPUteK~haPDJi?z<HGUV4>J;
z&V4lu_dzfln1*RK8&8q`XzmZ2hbbl|MQCf>>{xR(b~;R#VtUost0|8$LG)~x!#Al$
z2JB<(JsIyo;M}xN-WrasAR7sTDLen243<MIis_ewc7nN}Cghs!{}DsMPqvqva8Ljz
z%ZrTw^<dM2si=PBnhUjUz%^X2v29>Fo4OrE(MF;CV3}_2t8a8ecU(EV?m9G6n;nim
zz~&%wa#V>9#OQm?-pc6+!L2#6(kchpJVpgeZWhthNom8<enQLwITBM_RaD<^NEL89
z71QYF$ko?uMUP8)4?`}zopqUb>BK2zoFUQhfpVZy7JS9**!szp+4<`yo7siyCzoXx
zub<p6TQ9DkT$rtw*H4aS>*4yzx!HPU{bW8{udPROa{8t9s#czcUD})Y^<5o=KN&!}
z4q_lv7cxtQ%t1n?X~?LRmV|I=mN!v9_iIZA6IvmJ4iiF02%)2d&~cU!8&^u?lhE6)
z3(&@cN_3)-c(RZ<RY;s+NzkSzBt8uhGx3#k)@25hm=zM|3W@WC#08cF1*eeU@%f2!
zAO1^zFo_F=#6?2l5+QMgC835vv<O{YC)R)P!0JE}6O=XUC&#lBG*FV<#H-|?l$~H;
z4oi+ceNv)d0yy!!Uq5%*U~;dMk3sGRc>uY$$pgsoB!ML-S~mL&MjmhChW4Gu3?}zp
z`55GGl?RafusnbqU12Oah<!wju9cgoO}t@2W5Zxtw_94Dx3s=!X>n`B(vmSwT8ux!
z#Ubb8D}nG1^8Zj85$!o+6oRhQo#JUYP8`b7X?*<jY7xN;n``0L!8y);qi8ajqP)ds
z)1e}>DKmu)fCouwf`BOCVHTQ^K5Q@f;(F#A;Ld*$+0yzv?m@z~-hNzPt^Nqg=~c@b
zh6}Es8ecA>G3QdCR&C@trQ_^Rk$(ZoBtSU4o<kCLi}~kVmTDBC6&T%W^9H`vaJH1n
zOYIyuiQAB#I2up_x~!^Tct8|XS}hP&=xLlx^3(gF!1)FKIxNfB_c&v>_~#I95@p<*
zJ{Ojels|uF?Ci8?B(Q(A&ftf|Z0k(?9mesDv-n;@<Slqq)@H-<*$}xUIEBI8zc$k-
zFmt#cNT(oOv{MmJe4&pGQi~?cVrcM0vw)$A2bQ!qX@WOM^QxH2=izJ$4;pn-5qaV?
zj3^w=5H-g)2Fw$^o}3k*O3XgV52Wo{;YMWo<g^3zU^T}RyDP3N&u5HuUTBpisjKjs
zoSA_hF)yqbDJ>fdQXfJ`RO1=LDWtJ(IYn#IS90<s{3f6tDQ*``KThfwP+>;kJZO5i
zd4k92IZ`%ZD^vr09nPK6Rl7RfIXzBKRJ8608b``D;!VFBdWDVCm6ki~-bwzh78YRZ
zRu3ZMV0axNcdp%nlLoWb!542lw~mZ>4h$6-FW_!CnqjoiLUFI1^$;XUqC&R5gmJ>C
zd96F}uuSH)G-KL$?{dab8V7~U1_K7-gqICwv3rY?&@yWN4|{I{VAoOId0)MI-`20Y
z)mN|eUT^A_Y)gLD>y~ZVm_`QM*lYnq!kU(n-~~-Gc49Z5gtMR#@#M>pZ!&{3PAny(
z5E+yOLN>yh6-e@BfrKRv5S9d(%wz&dW(E?H$u?$w|8wdt@AYe0HpZC6pnmsO)jf6U
zoKvT&&N)>Thh9@0o}`gq)qSwrIQnC7yRcWs(PhB4eF^4!ZsQ}Y-Mz;Cy;^+VE8|7N
zoNy;zx)mGEcw;PtuR~t8D}2Cpj(pEQW4O)VFV`|-B{rLxePfl`eYMKGjh_>%|5;+u
zy@4pg*%xBCn17)UtTrOD^Jt=fZ1EN7IgXkC+U%HP>_c4~bT{h2B@W4|p5ScIN?OyG
zHf1O53)?IvvTJM)2g*mW_Epv~w3dNj<(>5<j6!uB2rDdS4pr<7GIXDHZPUXw#SZjO
zH~0S3PU+S=zY8%n59pnm-P@kmJEa%x*u6U?#NOt|Qut@B&2DgFPgrH{<{LRkiZgKa
zGQ-PdP}W|$ygdK;{^A}f>1x^WG8mr=CE5M~z|Z+-4v>?n3V<A5r56XtkygBfc`KJ{
z0q^Gwr^@2tn|1;v(g;&qy!ob^^wAuNpN>B5iE|-whQx9Hvyw9*u}k84{AY<>PwXDP
z-A>WERa?9(+4GILeJ_blQ~%F<{ZJePqR)Nqb_20A6##?RF5xu_w_U<*6n?vepZ*)h
zahGt^e<eKQq_Rtged)g&?q%=jTBUoqloI-rW)r{QxYF2BfM6jRUhz=X5OOrKn>KF~
zdSrIgYV<>>>em}SxR9~RUz3edQ%8P)@#n~EGzi&pgUqXysfi9|>rRrz4Xr*08020;
zZmZV2lpmsqx~Dr6_09=5d}>5v?@_(h*cSKZD8L7G2d9|{Legv`y;)_fa{CP)B7?^G
zY~btwQ{u8#wL-G3RB~!F4`Kf|lYs8Q6D#9b?DSxryQ9_W%7?W$=^X&5)*j2xVW>&!
zy>H`vPllLVB${;bhGk$VT$^AQOg+alLlb8XM?Ms2N;wb<q8bb$69;drgG_5R&T+7;
z=0VdQpqEy+)x7m!;;mOaAi;11SXD#&`*oaDGYt3M-(O0De=+BeQG@s#8am#<zI-Ep
zXYB8s{av)bF#SgDvbfnMHxn=WZnQ_!&l_!a>b+hYGTVWgzpMRBj0$P;j0S;SHSQ2K
za!Fyoony*bs%7VwoDUvv$nntew~G)mJDQD%k&3r=kHwn!o!+lC`@G2&<!{_j{vxp=
z#HL&Xd|P(~I~5{9i~~Sb&7O$!8Iw-c_ME?r!B;1LdmP;V&+i*Eya+3u;@G23@9XrD
zo9p9_WP-4z|BlR_=*^R32i=<fSLtS_cfA#FV#YVE{H;;dnd!buZgx$cj!DZ@f14Lx
z)m)*k9blUCh9rpsN%~;9!5`d}Xnhw6-FyD@-qTc-0ua|U6V%YC0a;_l_v7DjzYu;(
zyg|5i{6ie7NM83a!As^B3fuN*(x*J!dEe1b=)``p+4e(fjChl1;t{><y^ZT9Zcq5f
z*1KxGcAM|l)2S;Q@LnelNg+N2;g|dY&jrSt1*2M-Iau1%n^Ze%CkXo|Jc_3b6!)Ze
zN$%cC1$xZWi3dxnGi$vk&}@y}c)}#tRkOJo{K;gvg2^PWfyW$_j`Jm&F0aMj^4#S~
zDw<5F>Z)>8wl+DCwS_+FsCV-3l5PgDo2Oy^OlAgA22K)Pm&19GL}-Z!gNO;9;;~A6
zI={rH>e-p~ft*>Q<<|_txdb?z(thH0=%Jsr$?7D>n;ZB2F>C3d1pHnO6nMh#>$CQb
zmH~o^MoIxbro-nf2RCPRY$gYxmXVT>*L1G3;OA7D+?gym@Ih(FfIhH1JT=2TbczQ>
zkWFObtbI2*m%dw798y`X_6*AdN<fk^S_<wfq(Cwte1aap*CDUFE2a4Mq>4n*+cPlO
z#Sn8=nj8B1H5m+eya5QTb2w!Vhu#dZa&Ok$l{h)a2L$NNAW(2m{kA(;y~*)~rEfMM
zEk1Mys=2}@Hx-X0%*L5nV7$e~8CxuHz7*%od6CT3OkEz!_v1G1c{zoFW$8cZ=~!2`
zgt>EU>$ta?t{&_63EukwjmeDa&yZ*OdEqPzoEcg#Bpm*)AQ}b@V!IhO<WK(n?U~xP
zwlerczZBp-0eC0aAe+?cr}>UmRNZ4?ad_<1F5iR@(Gwwy5gdq21y(+(m5Cx{Lk+*Y
zJp?O?{#p+jzKRUZrGfk4K2PKYTXEh7yIO|L!LutIds|z3(4={1K^kZi+daLnF&=O*
zHajzDd{R4MafVQswIC4-5Lh7rSwM*B@yFRAdxG&T;P}g;Z|vtK;V(5a2N*NbL)hBU
z83J2gS_x6BK4Y^({5awmaPUF5ZYT!mG^)l-(OT(-<Cp9pZ|<wlCSR)a$<+BPR;SHm
zIA6b_`N>58Qk-U>y1%8(6lO`#8k0)Yn2G*2k7ci&u$W<eke%1-cg+2&VA3PU*b5CU
zkdqS_$641lJ%nH{FMhB%ciAME^r4MpE~gF?<(1!7R<UPIy64w|{PhOpnLr2~J+2c1
zHx=gh<iMnRBoDtHU>z`7UMtHoupXQs|C$!{%)Pu%$I<l}uEVnYc_1!+Ju8DdEXO*&
zxh%)$LXtnoNrDVlqHBQtHkXAHgzqB|I3(aUmQuu&-Qo?VyP}Jwbql+Xdb8&Be~M9+
zNtj?gp#+PM9vUEEv|0IG!LQBts};;iCz$U)iFw#*?tPkzI0#~`qR!T-)_PA-a+t|V
z#W0Qi7z}A&(zJUI4TfeZ`Xo8QK&6-7lLN5bkzQ+SmRnoP@@s3O;Qo=pt=fLox0@W@
zIu_sFs@~4oODuMh<_XRSn6w|8BQ=XTQnMHxWx$1S6Ktvo3i7uYBFk%|RoecJ0)B_J
zS3PL}oPoBH4Uah|6jPr~xLq7Ihr4PNjA{dnfFdF^3XC#aUIyv?;FAfqU_EtnSPsdj
zf@cT%`vp+J{BB_WhT6y&K3kp$u*QI<H2AjL55X<14z$Y9Q`U4cnGz~j(|6A;tr19{
zQMx{wDL%qrN5X7ApU8aw)#x$c@|(g16V$Y6F5A7pehqdn)TeNB5ARq}R<5RywW{6k
znZcN`Zh4}m&dDwajwCTSTyZ%B=Z}>&2xlWMRqdpBP`F%KYR_E2MT~j?Y(7xNMtiZo
zE`yVFE)~fwG{vWDPzuQCcqpZPEr+YgzcR}(^xD|Y4}{#%RKb2h2D=JuHa!i(X7ePp
z3ls#c8xBt<)x3ga10mm+W#`0H9n$y4lacsy$^rOu48S=w;QfOQ0IuM#W$;I~VOK_Z
zQ!upg0bB8&p;k!u_p>^nxHe;m;>k#%{4-`-K5$AN_w(IvnGPv&s(UlMVzZaav?g%U
zm@L*mru6J{lV|DQ?EA$sH@Y{|5`!T=mtcHE=>sq};viW*cO0Y#GaPni)C_XG85SQZ
zVIevQ2IrI69%6@a5}tcs0LImaZ@kwfw$u_}T%EN<e12wz$3{8AmIBnGAKdJMGKxMQ
z3RyXcOon6^u{Lg$Az<$=Q(h8ua}W`$K>eVE_8(<=Sq;Kn@U8t0pJOyJo8)#Nhkw#F
z6|D~NufD;^G7>&{W%!z#82%$^Lmw#hv9l28kB5mP+;KFVg*F#v5>fQ8vr*>{hpFRz
zSaobpAFl(6$?7;eg}jaug;Yn??w{d)0?mzYR;ciJjh>vH9+lQk+^#8hnsA^>qOCK`
zh$lEPlc9lQmv$Y#?Z(rkWGsD$Z{s|s+bnR{cHgYLK~XU0Ye!(xdm$4Wjh>vGb8}C-
z<}nUxd<Uougqm{5ICx(Tv*rn^=sjCyWJ9Y(uY(pF@JtFs8B}vj8A=OW*UHEa=8VGk
zb;6f9F-TIlcY~wMqanS#Dbnwj$&*Q((0-1iZS<8LEt@Y@;uE*GY{pd4j46pV<&pJ>
zhiv{(nmWa%{{C=qZlba2cT8v8O5mdG2?3%3!zy#Aih-778EBYh=p}=#ImtwGDp4I1
z&GDxEmGE}u9Yq!3>~@gf4RtWtF4<HM0x{TSUS#Jalx?c)yef43HQ-r-abYxQrvs4W
zHZ#l&1N%eHT5w>(M|$G-gwJT(-0cTT_F2}5nSGWz3i~YSnSJ&#uxEpP*5Geum$Mpj
zLRuBPxqa4Zu{S5PD$4D%SCp%Qws9o;tkvcASx^r)9YHnwtN;dkoM4%Kb^vALk>twZ
z1pDl{62Wb81Bi*nvd@<Ig?(0LS=rJL%9svPn=$?aC0@CGwgd<Jtn(RIW}rPtH<5i7
zfM*kc-^+o5m++H)_AD}hw2vf!44lTHYz{7x20Q%#QKbuIpFOJ_gjz;QLSECk%7WWx
z3t4dBgVK-zePDUeI;boU4~ih0$b{^nC0?QjBnl=I$mqH00oh1OFtE=C0SMw?E1}KQ
zz<q@jWO^ycz<_C0*4fzlXwe0OeRcznugT~%Y@aokO9rRR;le&!?lkJlvd<R$69NVI
z+&(){y~(lW%w;|eE3aj@(Uz;S?=;VQr;XFW)v5Dqm;%&sj=B*f<pc%{T=j!9H}}q$
z+fyggTOf?Nz04r;-fnFmGDUqWj^-$8wg_f*<IIZKyU*lJyRsOPv041J*%th~Z?liH
z4(1dHh$X8uqEMKnE2yxTe@ZQ!3Y8gB`KQ#GY&5D>W=Z9rQfKqj+cLjdV)yfHtj|p0
zqbrpH-K6GZ^Xikc;qW48vk?cbHyzpLcx0R7k!_Agw7F{cgj#)*31@X;UP4#8%S8<<
zyCEx_Y^uCqXDEic!}?BEh6Hb<6NHDHzzVHXp8gul*&@%0FJ1V<1MMC}Ls$XsY}g1n
zE0XEmjYtVcE3!FmLe+|FK=D@m7D(XfxQoP{j%Sdt)A1}4b$Tz>Q?gFptE`jvBD%<U
z$yYJAiLYYj6(wIqsk{eF1s{f|n{Q*TT%J%4>iJQ#w<})Y`xy7R*RIZS$GY4@i@M$^
z%?fpfYErGlr4&DwL;dhFV3^H*b_@e_rFMb^N@lUwMJS^T_8$rc`+@JVMC$vKaqZ-T
z`Tj=gf0yZ)VDI1R!QeaZB*Sd}M4bhjfA8O@iRd6K<@E{dhOK7B4gHnO&`&5@Zs^xE
z^MktEK_+S8s=9vvT<bbMqAqQ$y|==R*E&mO>a2BX3>xWE=*LUneM4*{Dm)1tIT}WK
z6J$qz8nDcl0FU;GN7y_*A5Vg4A=`Wgb3Xzj>k_`kwTA$gO$XV$xnw_=3uT1;oK=Vq
z9mDo>9iKg9Kfe|n%@$AB(&Y>#WBf8AI2TnKCv}AH2y48K*AlcpacjK#qsM-jtTX0t
zFLq6sWR9ur8h+%M5+0JAkGqiTyA|-rzT>2+npL{tLsh8{KNfn2>g3EeqOJZwGN*BC
zOv6-5qtdtrp$P&=I5~n0a3v19c8H-f;gnGpw0=IWQtOt=O`Zd(4NILFN^M%|Y$-LF
z(+j(SYO6m%GgKotdTEW#QD<qRc8Kf0+@{=Sk<4RSryd<!t8g5y;86ir_f~-8dj|_N
zRKRt<72t5q!2(ScaK&#0X3GW0nzMJE`|Vd3u`(AA2x&X;EDO^zI^LGi(FZ15WkE|H
zZpM9N3G}pqqeM~ZJ=!%$KclL0bRO|W$|{GJ4CWYhl|vJX93{{O5{$}r^oPL8t}w+h
z&(J$g=~y|%^+85*e;%S({g9F~qWkkuk%kq?$gUzI=&t09@cvwaqJ*=M{&7xvqy66^
zH}Bp|h9$x{v{!#6NEd;;OpOs94t1AwWlgQwW6IFV5nD(XY)%Q?B{eiu1z^Tt0ZCVw
zQM6TnRt^@BbY+cH0a!CofCHClre+=XJuS|&lYuZX$s8Ozuu8*WW_IF^`moNwxAvb+
z_A)xWFQ)@XSBdL^5~6qDdd;5;Oad*GoDsvHhl&hv-Jp!1hrSG4w;~%Tq5>I7{JE&c
zFpyzvN&(jhaR{QzsB_*RbzH~&5>4hH5$t(byiwA@oQkmsWoI6%@mjr6@?L2bUbwFm
z%ZoB(yV#+|8uJz>fi2aGnOtl>ECN=E2tCwPu`tgRtYS77<IsZU*wxeOp)^rBr-gwl
zP3hnb_u9CZQ9S->+F<^-WUdr<F*)$Y5`-4jxWz_{EVYMPismR^P1w{QN4{`ZerSU|
zA(!eHWBOh=D?i|FPkH`r?x}Oy-vi$7-9USt#W>6eR_DeB7viCry%zm}1EXj6&CwJ4
zFr`NwmuQ;>I*P73f5GTFARC+yIe?#eI4hVZLl+rbb<{_r6fmM}!GAWF&w)!8Z&dg+
z6+>@$3|H+O-K=KOg}fk=1M8i0uHJO$LF#{>_*C_?RR;P9C&6l<9ohI$xea)^2v{rg
zh{q!CgnK2ZC%63uJ1sE_@^UAmecW_yJYF9fu*X)TUq|P$$BRC#c?$;QS++iLa6^Tl
zaDu8WJba3tM&x%o$>HyIhMsZ=4d=uoZ1r2+RzHxzu~CN^0Jh$yBiwaD23wm~ekS66
zi1s#pbbGpuuWoE{)cQ8c>8SbJx;Kn#g9&vdnmMr(1Qozksa3y?eOS#dC+ME$pt!@_
zxfM>^XO9ZyYMNrT>+u|aIr^$f$T+hjCWU-9Q~nH9K|Ksd$stAw<~-p<b$;nHguu&a
z&~C=_CvHz0lw4zO(ojw#ULc7(i%H_RRwZ%7OFeC>B4$riG+VC70dw7uRn*}4FM;Eo
z@&XDBhlPuRZ|BP2j*&25PH2&^P)dk*oZt{9=(RQx@9=bAhgPG%$a!f~qcS%+kiB3h
zN+;)MQnf=514Gx!939FU$<v?Q$Ww{;Fjvi-z?|2H_yNvJ>`SdH@z%@?4CXe-F{8Ax
zY?#A>SpNKhd2AMnHfnAjG7RxKsV*q-Y@8N4<q97huhoe1*Kk{il#}4M&?qG()g5a&
z&-LPY@?E*z%xr#TyP2%gg}E@Zn<=$0_GWf7rOvp*!G4|D&6FB!NTlA9+0Cla|BK!!
z>MPl9_(GG6Y<v`~k`XE7X5+l&YEX2E2)UVhw_FX0&ijy?4LoIh+>V#yBlDf~*g-AA
z_^d<(neRl1gIby?tDuC;ccR8YsU2k%<dFGJBsnM@qpT4$8RCJeHXI5&9vG`utDe-N
zW>si4lUh`&x~x)CN7UzIZP8{MP289#49gtwF~#{{c_sQg<=vQPc_r#Q-QAdHd829n
zbY#Ko#!FMSLq;Z>-Rw@v&Bj|X8_$k38f%`Zb^9L<8;vE?&j9Xy8k0(J_W<`K=4dwq
z2ynN4a28kZkTp6p2)u6)@Y5OJI;SgL{>|`jwsShzoxh8^M%iF9(UENt-hF;{=L%z!
z#wSh2=JLTkSfe$+OQIhfiN_;gkIr#RHbqeQZAPbu)mEM3g5-~+Q&qkM=hqj-hFyuZ
zpz@)}X4Z3SIXf${Mid`c$g36hZY`M$87t{bihWV--9ydME6q{!@>Y2(zGqXDcsvKw
z=u884@cBVI_yq0$aoMkz#)=Hm6nimf+x~?Sw(WOpux)$F2;27DL$ht)2reUS)2||9
z*f#yz5%yvWLO(a#^mTw7X)nGw#Gp58^XD3YK43GZ?GL-n7?_U=n=urz(V`S{y$l^Q
zTkWPcUVS%U<E=*D#T@yMG`5Vg)7ly$k?pi<)>?LxhSdbt+A0ebEg*ymVM<zKBwWWe
zkSc3!HJKSol|8YV%nqe$bwKi5DLI+f3+Bc8>hI7#A;QI`_{FhUajAsNZ1rGUYS<&|
zhtoEPmHj4d%FKpe)~sMEfSGNufXr-lH%7Eo0JG9y0h!tAZjG=47?lPKfHft8SxF$U
zv=t?IpSO3GM;Mi`?P`4_Hn2VUz;emf_@;~xz8bb=?*=<>nDYmYxV^XFiBC66<jeV@
z9NIpDH_D;WgE__@<<Q!}9Osd;Xl9Y61lmc0@#;^-D>DVtU^4|bFa;|TCF7eu$Qb9(
zC89a!l$^27pNEPJ7zGKpw}up?7nG)1i!=7A$SD3PJ!7ChmugbNSy;GTER?-x9{#=m
z?EOgHhzn^~|0Ia=qsbp3mxqZmZVBrya*DW_yl{$CNz<4vYk@r$W_7HlB|nA)Tz-s>
ztftl5vP;rMrzd1|Iu|+5D8|vc!GrT?^e6<{mBgqX#Av`FgfUa1<m3xtl^3X5cQMb&
zNJ`$XLs|+-x()ObP~`(=tNN0$KgWsWt6jrRT|0y=8lt$snVq^c&%$%0``7VdYfn)%
zdM9mlJN10YggTj&-yS7)YV6o*lkC``ZT3`5A<K5`SJSQ$cI+WLu^bAIoE>|)HP1+s
z*^;wJQ<u3-?Ak-d-G|ez4K8Q3YY$cZaND&vR?j@W8Wnc!*^)fE1jY}+u1z%$lU*C-
zJHoDgQzeQ%Xu1M>j4YvZ?X62=90y<FQf`hD#<0y*lyprj(`kxXIyPfBIoL_tW(Jjs
znjrLn49?S(VSAel+goMW)`bIZ*w(#H7`C@(hVAW?<2<vkB*V5_%M1H<W-HgazCDiR
z`gSv2ui-mr$%@{J7fG5hV>kz%Dv1N4xv{;*)R-CV2IIIJ(%JZ1Hl*t^C%w10)<>3c
z-kH&<5@0%P4$*udyLvi7iC|E7H^U?eizPd3ywp6APKu+L-j|x071s5{iCo@t+j}l?
zaarUv9Aq+wg<T$&Aarhg4^lUjHB#=}_&y+aW_%x#ysup2`=;_}W}G(RBv{smWiqKQ
zD)DSmsdY(7Ffs?vLzK%0_5esW3&Vddox-$)Mp9j3=WQmT_Ewfrx8db>V=Ztun#nU;
zr>wq(o%+G}3Njm>AOss;VX^nVqB%f;N68+>H<~CuB0hw&?JLxqO~(fDb=z!??<47B
zkV#hbJSfA&Xo6<8*&M$wl>b2}7%qivc92dU*PG+v>zzl=FX6TV=c-6W7xfuvfu(3w
z_$;P3_gT!1^jT<?H^OIeXoG8^GH31uv+Mr=vR>GJL!XoBcw~%s*5~APn4y32Pi1HF
zxpd~AQ)&_8o%K1T7IyOrj%+!zl{%k82wn%#;^#)<_Qmx%<VYu*VJ;n#M4Qp|5%5Rk
zDAE%~(6t)9DWmJ7-AAF3XGkzK*Oxu3klB)cMv@-w{)!<lj9zKsh=!he0GCEQ51&u(
zeU25&BL1}*U_{*iLgCiP{2&&`KU<FD-(q*$xgTV__yAfDe6vvgX4pUS;Sv6kzuMp*
z@stt%k@<(_AGsVH&DK7n(|!hH{|WCNy?G#<_LIfqkMys+1Hi-nmG^vp{*@a6IWqQt
zR9){KQP+cr{XYj^&cZ|T<-n(h-IoK*M};p3iVXX5K9BhS*#Paq$NvkD0pHNM#{a9z
zjq(4#gq`<~&u$ObSWN5_Mqb<CmIVweV7XI7=7tzyrFMr><z1@bT|%LiVyor7sNr22
zOf}C%4e!!Wa@9)Dmy(kOz2L}btbUTtBmA0`lu$xU+Rb!KPNzojT{P`6ZBl=eb+F>7
z(=j=n*z|37UKPOcGFU)Pr$%r(sQ~_$!2)tRHG<bd1#nsn7BEYF!;OoCZlyd9m#7Lx
zur{j%K8yke?+f<sX9D1hl6656z}dG4#xkGAKW98V7hAnM`ZIpIZz_a<!w+A^l&I`c
z@F8bJ_<P715$7FpAj%Lc<v+BFpvF*^aXHxBi!3EThm6}>Xs)}hAc(oGnz*fWZa~I)
zZ-sL<w5TAe^Ipjr^ZmI*cNH0MTQyZ=1pk$s34lKjK|unPo{4}z50|N0nM?>&W<Uy*
za27H63@!&hQ&smef9PELvbu5yXYKu=-+XB~YvnN{dft4t#$&m2-S=1cl-X-hS5PGO
zG-X4-+~vsCKP4xxdXt>IpOxo^AY+XF>A2JLmW-Ycre9^W<rKi+2>()bsRlZ`JUS(V
zZ04kt_ujg4M(QA|c>zv3aDVy~p2rbX|HvTK-Okd0bRYim^q0knx_P^fU#)%!-x(e!
z@Au|cE3Im9!{b-;%aXLV`4rORezk>?A7e5pzkP}L)$qHi&GNg2w%Zfx-S?La>>qhG
z?H=KG+vrSsME!0H57zHC<a~NK{chlLR=?X&)epDdZDaLj=Xmh@JW#|V{9!xdDEdg*
zA2#3Kwlv;u;}6@WYhQ3fY)dgu$)S}_A8K!p%|}KK?um~1!{pgAf0&$SAtT*x{;=)x
zhi#KTjLTwzKWxVRVKbROY=&9mjJzjbIU7AT^*>-seI)#0zEx#|Tg-iLg?B9TyveY|
z4j<fHx0@GX4Oi%-oN|-#(imw|=1k*GBc*Y%_E@@AjyfV=HaOR84@J7w9d)^5ZmT=$
zGRGYG=BS%YsR!7+kIQj4g?}v6#m$MpF7JPNU_V_t#V476&YdNxQpQTYl6a|gB26WY
z^5wP4ev)eR4S8S5eR+9riObzZLr~UVaM+dlh5PbCj~U7u*=O9BH_&Iymp9aFzUs>x
z-kswX|3}W3_h9>!MTNJwx^r&0Uy(Y75M|OnvS)2@4?e7YYiO_0xp^AZ!%F_eypLIP
zO1+Ht79Ppa&+IMhX_*Z__ZK~~{>aRRFHcdh;g|hH)#&ZamkQiUHt^spd=&U7%ckyt
zRW|W0x5fQDd0QSO{!6)c#02gucGu<xE);&A9QQ}ow<*jF#lp{1rfW5NV_8NXP5w@|
zO}TuSFLbnA6u!`z&3&QsBYmM-?T_$<I?syzTLs*W`?qFB?%&D`x<mW7ZXM}lt<2~9
zxbU}>d{&PFKWl|O!`e42@9RRbCi9(?zCJ&jpG^jUOvl*yRx+}MJ>niEk?rNP++r^!
z_37JeH=pIowB~#ILT<L7&vIo{bMJY`%{=FptEHvOQ^?I^$#P|{@LjVZcVXC}2w$Y@
ze{Upz9<{#aoO{V8ER-!_0sG2mKdE!in141#D$k9l#<R^h>io>1ZN^#^b0exj+l<F5
z7UFdMF&EDAfU>5%%%ozErD7$ntC$<DtkMna7w<Rgn_o0vea>Ap`zC!;$GaGBzodNl
zmAJ$j6c4P)*;edFj5d|qFAM+v5E1kW5k}DB4d)aB5HBDu+Af^?>CK0~qj2HNe_!lz
zoGdczn_(Y*rMdC^zG>11&+qe;5kCBdhvvh-5nM+4;6Fjeun+#9NBG4b-aU>x9+F?2
zwm<BCabP|w{Nhk#*e`xgdmQ!MfFHXW{crmBN6*E7rTIylON4ZGnQVU?W}&0vwB4yw
z>~#v~!zr~plq!#O9glRrugA*DBVETMJ(y}9={g?ip=9|g>+F0SN_I3BO3BF%z2K;B
zu8z?{p*>bfF;?kNmb4{Dbu&1s$LtZi)M;BR%S4s7<f!H_N%O#{0AAR^0&-M0gQHpn
za8wQ!kfXX8{FEwyPj;|?IjWn%OQ{mLW`|11;nwtlwXG63+=fb6LwroN68PMT5`3}4
z-Xk@@?ry~kFCpNn)&rl+eVEr0k8U#XV0>;qlglK+ecFXgXs91?ZXn!K4%8gvpvi`E
zAmd<;$%k^F-(Zf*h_Z(F;&BVC<V0CeZ0IYK6=gxHB1;L-iUgCH-I5t|qv7;7cQ?Uo
zsqQMu<VPQ50_4vn!n*`1ITIm&9x5{6?hZ5Yp&|pjG{aPFs0efr^h}WadAQ7gyW8N5
zk|lkc36npU;3(lN;`DA4C&s;M^sP|uPtIMZNTqa$DA^f0>X%zYi6R>?W?Nv1DHO$=
zcyK`x8l&4Nw7~$Awz45~9z9VXh(uBMRV2!N^5WKSYje<7I^n+a6B*qfN<YrH@c5hy
zU(WFzfhQ$_w{VjUTyddywuBB)@Wm8_#lwu`&|3yM<m-5*f6<?QW&7FVL^`J3z#rc@
zgwGvMv@0F+$Cp+i#24X@ZzAAL_PHj}522LJAD=tjnTT+RU1@Dt*Wo)#3L8=|Jk%8#
zucVoLc~jT1NlGfh;_Xa0B^5F8bs6=PR0M9<H49QwX(gDQCzwQU8OBd0i$gL*V(=&h
z@iRA4I)9X2!c?bA9oiVk&-_T~{89N5&f4>FXyai)%#f7MAC)g*F9XG)5r(F)=~lY?
ze-5|di+r%<18o?7puh(5C0q)82tsC0xhQ0T4{H0XY5Rz{hmFqsM>OtX$AgV~C?8fz
zPkA`w9>C?SaSuaPKiqK-8>@eaaSsflBjO%DjW73O<+z81_V%U8c89o!?d{ogmQaT6
zDZNmE3u*UIdnUG62yzH<n6<bEMKD<0gMuVNMml404>O8;*si#TxpXeXJ<NOD!+aL^
zFwY`n{;P2hIx|!Il)j?l9tI*Witq>D`Me<t!ecLrV2I2;Eb}EB)(K&_-F&NSgy^J-
z$w=d+anjlrr!k$jmDVPNBHgAH60@2Ou@t^xdYjf=#fIs0o5yM7aT(h@P9uxUAm8FN
z(v*4?x3MkVs_)x`4u!gzzf#v(w^N@>m`2)G;6@0~a5wX`QpQV8=6Gr1L^_>?a&TRQ
z4vMuiG**+W@8@wGdGC+Q-Ct9etp5|NQR?R&#}PEZP}WEt;Bg!SIzTh`bVv()HICz}
zaU2g2$MG=f3iAlGw|OYWu)ZL59O2J;?MRIwqfn{4Wzl3`Af55R+uYAJ_(Zy+6mpVl
z4{LL&LA*~8q!KiUz2!Q@eOGz>!J{EYCG%a$uOC({MN~rJS1xe=5{z9bdvHQzOSXg@
zY^(c~^R_<vV_URZ69*4!#WsqCnZGn|)1x8gMaUY~#VUD_57p?stg~{Q-B$JJ*!zFB
zSQxi=yR=!H%tk2_KZ-b+h0Wt+7DmR&$g(#gPUfYXhO<-_in9ZL6`B_D1(+N*njNz9
zItGmnU#PPKGTo!v3TsJ)bA5ESk5YFOi}2#i@P8g?M@b*?g$!_C;&CpOSVmqyOD42v
z$FSSo*0le1fDRcyzZ7F&a+W7&<Gc3J74lo=yK~({=4=9>yf54Mm;td-OWjpqJz}){
zY^D!Nw$hS5D49!3`k-VnEuAG&GMbjo5-HhDvv^tLyJR{o>4TE>G#3uaj?@Q#o%Mq+
zo7kEGUZMu!<&YwjE%N+L`@>gC+|3Z3^a`Cukn3F!A~Yx7fyABO>(_P;p46dhJ4c+?
zaZdMcmScLRhGKe3cXckF?YxeQN5uMEw;|TYQ%1!4?09IgKKXea+#~t0p4XwkvEf*u
z3)I9fz+IiA>e@Y`t_N{mht8Q8dG`9gc<1NHdl1)kGM<<2>x54adt4GQ9~E&)i(v*^
zI(z-|IIknS_v68z*C9Lx;+)R)ybe{l@w|>Jh>!XBxyLhTe#;F}IMf>!DHYCR*QWSR
zu_Hbl!miZrP^zL~8bnIvJG!l`B4HXtN)4u36ikCisi9;=z%+=I8cLRJx4|hML&<eZ
z-cd?U7WG0f%-HHOJz1@3RZ@2L5q!|np_@rM7UEx8_K3mwv{{H{J5I+HKs6SkUsQmQ
zpTPnOpc)GSR4PE^&tL%sP>qEEDit6AXs`fHCppBus0499LnRbIH5LM>RDz(Fp%T^*
z_YAgGf(U@264sIsnxPVeW)vlOU$l32I1*w-T$SR-B!66icHno4n3#W`$<RZI&G7X?
zCQ~*!&Q6Pmojxlr@lJ;b7)O0hJd|V7r5q?eC<Z2B%7N5_IWA?&g2qExCTYroxI<Yc
zZOVeGLs>a~kh92AS?EcEN#55;@+`^%!de(si!dzhg3F{(A7o<a&n4!#94a{zM1LMC
zG7yH<Qjrm|sN_r-{douqBvN`Nj{ZDcW*`j9sv0Gc`Zg0ue;$V8x4~vYsWJmnsf4qL
z<xjg<TCCO&LE=w5SluSo)*-a=+MpS}@<J;W;m2tb7GbHSsRducgCh8n5*&ik)cLR>
z8;<1JTs~L|$&|iONapJmG1R!NJxR#Rq{npqM#i7dM{i{Ox-sY1S9&mG;Gg##=TPWH
zIg1nrY`QgLVdzzPfre=&3lJU2%^w`(rrX=sV8MU+YWx=(`~l;?;zSCr-6T$|d5Bmr
z0(UaA2lxAyR?P(F5+^oBrx~+2v7chpc+|y-)io_t=vc|jk;h#n(R+q*{t}5DtIMi)
zXoN{OZ(B8*MCJ$i@x{F?`3oIW27C#sV$OoV+EZcWDbeQD@O?zg*~UPsM>OVa@xjKN
z4P7<zaK@a0%UNU2hN^zJW6m~K{}5x&801I9oPC72lRqoRob71OEKRj%i8-5TFQf~E
zk<FyI)D$$9&K+vc#}<c14&h}B7IUWPF^f4<fLh2%=Pl-JUNL7giaFbn?g%kwiym{f
zn8lnevTj@aYRuVJW6qd@K1^{WlGjHh=4>z+E)P8$2!<;n(EKc-4S{GL4p+pZWsxoN
zO>njqA!D~&#K#&@p3@4Gn~s+zN$XhXTsQ3~twR)Bx?KxiCh{A?+3bdhbi0<(Ygh)t
z5k}iRbS@8-+wP%rd8piW51q?G<@nx0=cZHeP$=E@berIHh(-;#uxz02@<k*MSL9sU
zQ7m1EnDh9Uu2LpT(J}GT))Q$ri>})mB4d2syIjrmoS83l%TBK8;<BpKlrPhD1ksgr
zn#b1#Z8wxPQr~%e-GIKc__`sD_tp5iug2GXna0<BVfCZMGPJjQP~5PNBz2O$oN1<!
zT2gk+lKu#%%so<ia_CB&hdWkK8nYB3nCna<OsUnpZzZNM=uLYInp5#a^5f^RQjgx4
z!px7a$f&TuEuy~U&sJPd(T-AlM~K<W;(GYX@1XbdYeH^z+KJ^B=huYX?2r@7m66uZ
zuL-%?*(R1N^Q@m=6LPcjYb>`ozb52n=hs-SOtKyY7II4wU}a}@$juBCe0xh4-;_j(
z>&fZxB^`sPg}>N-P>X-sJc{o_^84tGPgEPMF@=Gq%(rUvR|9-ApTn1S%%c00TyDj^
zJPf7W?s7ci&duW)cZ`f@lvR5~Jfr4=NmQKsRlwbN?$_+dbH6gj@X)zm-+$IX$;u9b
zCH-#tQE?x-n_kf$1NW=Um*X`&#>4Jv;coihj-oAC9BY2oOC05K6x@UUP~#{@-bHc^
z#<Sr#it9h0*oI2<dHCeBd#wh1@+<U>?0)qb-TBhF_5Qe3XUflgFWVz7Kb~lg>8kn-
zzV)&k^m6&yC<k1!HG6Zf-;Qcjr6bL8(zooca0%Fu9KgeRBpdL5HM>fj^ghNJHBn_D
zUPzY4dmq<JVvoPCvun6fBU$M5-o^7;tClQnqfp&n$9lS9X59WxR2C|oMyGclDe*$w
zY5L>+TRQh|X(zq+k=(8}I3(X|tEI`x<kEOr1$gf^GW+A%+g{$*#+GJOSFg{@9)zfU
zNiF(zaQ<(ObMKR+3uO@glpd*)M@KmB#0A3f5-aT?giEOIG0Y|!O@~-xI}~3VMur2Q
z2ORu_qs{w<E;%BX6OK0YlO08O$j&$Nell5P&^F!gllK$O(s@|>$vZ~$leI5eKgnXb
zA3{ITr^7KQ<$khymVQED`G|g!A@hL!<Z|d0RTksLWNE7R7`-I+xJz_YKUwVbcJgff
zWQIa@e;w;7vTNM_PE;1HpY%wH7p<S@G3zILcn<x<YV&?FrGB!Q^^@=x`pHiE$;_tx
z<Qm`!We|R%9;uQ?N0@$6ARI5vkTZyI3DrG4VWxg!5Nk_Q^b^O3ezLR1=K+U58*$5*
z#}4`!Qtl@TH>A%jRu;29qqD!fZ#0McMtOYMHk4QDH;WH*zqy9Ml;QE^Fr*lc(>v$b
zxk_{$ZG4;Cv`=<#HO`OKG#a$}E8X$_TvTb;5HZp8#F>bTfF$$djiqLoG<>w1&6z9F
zKHzOSzI3wj#XeQX`BUnM8m3c|=z6}rPq-{S?JWIfab&;Ak$G>ocJ#;U2yP7@W6gYw
zw*mLhy^Z&D?vH6-8XftWPem_2vg0qK7a#p}6pg)<ChUzW^?NGy?!kNP28r>8id{;H
zQZWr^6U|n=a@Q@P>%Z$|FOQ?7a`Zdl!_gP>r(LDus?Rkl(Jj>d->vTT*MZeoW&Kn9
zbS|ycX6{e=Te=Lr)bgXM<;^)VHBL*V`U|7Vx{ha?XwK~8ri<q6zE*#mRmWZC(=Yoz
z>gAyoRgQkI>P@IO*?ZT_t-ZhFBTKtexXqRm^wHiIR(gL%qob%2AOHV^eRBNYD;-=l
zCZzm6KH{fxOu6gdEfLG-PnBo~`Fl$FcamQ@CJ5{Qmd8UyS&ygv3v0i@vaGC*03-i!
z_`6T~cghdnRibB6_opm9zJH6&Taciu;yeBujTx&=-@nBLb-cgVk*|3Z{(|N%w;jov
zqpGC-7G^y`{^IC@p>}a?)>vql9??~Em8f=;;qrolguPF1iE78c-wCL3vs=JXYUP;z
z-gOIt<t@zGf5vI3T!T@xzY?ti<1dHX*^BS^^Wk<*JNTMa()$>wSc|ec0*$SXPm*bM
zTw5T2{6A!PJFf!Ym1;!=r=GQ^o8j;H{nZHk{&EC<0#-Ywzw09UDEur_L@sFHa#%GQ
zt-leu>V5x^9BM8b@+E@ZOLtUER$q2QR@HK=atAlVRHpBbVfEQy|HmQNTZdrZA65{u
zkHCZIudVIN?Ra?#T@c@O%ViCIyVj?*l3H#Z`6Kn`&(Nlql0(n~H^6oG>4cox%)aUV
zg_X{!xN~a#JI3g`_0=B)rl(Z8r{eCZ-d!NnuJ@1kmE5YYKbLajwO4$WViV0y{S5cI
zp`D3W<#MXVsosC0_!&Rih;!p~4O$HaMO@6vM;q(!AoGs)mZ&1d4J{P*x!jJLahmi_
zk=MJ&E1PP@z5iT#=Sm{i3DxK{`27!Svthyv!>XL3L)`JdzzKELXsmyfk0CUDa0j}@
z+Ll!9XZ;BHdp$}2`BAOFsZ|$7BH3~@W9{4Bshru}P0q}`;{8D0-HCato~f5mP5Rp^
zaZ>G_%#n5F=j&DV<NrAdSNrBf_Kgi%iuaZr{V$b|y=|4+`ma%l#R3YZb>!B+%J~?t
z{{k5%zzX6{rh7lgdjyfRCipSnd|GglSHO1EQKu50I>Sgh9o4wesC)2KC9bcXTK{{#
zIg>Aq(j+l&^G7LQYo%&Nk4gLNR5g51tDjo`C#!xrit8%cJ=jVUE{m(AwNo7RnARxL
z@X{RbXAk31T`pzhVdY(wxN*k$S&9AwxPHdl{AwSUBw*`r0Dh}xL)CbL58>q3LW%W%
zpp0r<PNGVSc+YBonZfDX`D7}prB%;Iz?a9Odc}C%qT^P%3sEaTnA<=ag~U4{vW<ZI
z<9feVUw;W8!m&}%uwpv+Z=84knk;z0a6NV8b@1TG?}!mLT2}(^s!_sH;%~jY8ZZ``
zP)Q7laej}IJTVspD?yZ+XLipZV6%-g?Sv`q`s>BQrDiCRCbOpuD@vxxO!hnjwX^5h
zG@;`P^E12W>SuP(>;25`1r<57dxyR{vwKm1&a|s>wYRfH8*6o440+crblWRX0cqoI
zU9-3}bMw-|i|D7#r3HIx%@I9)h%jZH0a;J0>G-Mj@1!OIin)UEphA_Q<7CIqS(X2C
z<qc`Qy%nvpmAOvM?!o%3^VP_Fe==5eg5RIC;&t(QYD?9BW1<&g<8^NjDE9sjx~li8
zEof*ms-rR{DvfUMA~h#Tn&GKhTWLbYE~))G53}A{602Ea)f4MpQU$D}K4~}VRx%{|
zC+%h<?wzOHv1ZjDS|S-ye#Doht=^Bovg{^0?|c6RdH%Zx-R{sxwRxBXv^44Uz+s}&
zyFjQUP5=GEwzqLk?M<Tn$o=1|y-X}7t9RXEd>dn^Fcrplp`JY6nCKwmh)s3%gAj-w
zN%8%0r(aFd>fPVMkW|&jO5r9tOR~EzZ<L_~@m%IMpo9+0IMPm5|2+^INFTk@hmbu8
za_`3>9<o~N?2jw`Eip3Lz`Z`+ebFiFf^EWQQ9-dJml<tZ_Yby`xIeD;E0YQL0yS{6
zZ!Le3NNI6G&hjKfT(W+L`Y=t=cxT;Vf~L?c;RV{EH*8C{9hl|PPr4&tx6}4=tN1!<
zwx{VO)26Gd(J9*UzfEswY<>k-K5S{#UNO!X$so(wQuC^=e^bN|d8%DSu94=@p<c<O
z`cb<|H{n_H`XT9Q*BWV3;Zufu>n~?$1rqGcJ>x`0H%g^yoR((1r_O@*l@e^t5t@c)
zV!oJvFgycm*WW^sF=iC4diQ1<AjdoHYKP^{wNVnM)l;?g-vpucCrD=NFiXH;p}J2U
zH8qri#u6#nnvga`$~xG<_?0&%>sLznll8|75QJWyh$_uS??;7UtN$&kU6YY^(rJUi
zME@$npvF(NC!6Wy`s<{zxFw1$7GArAV)D#T!d9vt4^<PItE#8csg<{;NyDZgRKp=h
zvhyZUjJ*G&(Lwy`-rTAi&&KP<vx&O#Ot@56-{z9uz1e15I)qrmV}phxJUI^=&O=>(
zc?x|a#ZqK8J+mnWH;lpL8lOj~3Y}J5J!M;I#=5cTjP`hw+FGVCV0}Hs-U1m#fSN*;
zO{eLt&Rf&poDFDnu|YziT`89%&KN2a7YtYPMvvz~kAD(9I%9O{miRv#aj9qRRHh5)
zo6uH5#<(onO3401Q%>pKAWh>9Qxp?TBb_uwbM^N{zh--^1O0E0lC*V-?%hnsgPurv
zL3My=)~l}~o+k9_Sf!_wh4{Db-q%d0O!uSjr>tH&^%(uS=<H)?rB*<cX{ivUAFq60
zI@Ux7sS{gY_m))q7pk{cbUT;nCc2+=gJDmvO2>S#OcdmO&>D|02lcQ$-G1N#sRx6=
zMR$U%e(ex=Zg&y5F5{@L;cR`j_=-Ex4ZGj>fmv2*k44wnD&l0NbNoNE%BV~qKjl9^
zs-I$6eGjib*Gi&A==skkyOm@1(J}kxm_9lBg3I&8wd%cyvj1Xb<7EA()YWV2VIst2
zbUZrpu6#D?^H9pGf2gkPyXyLD&gnyar*+Q%3H5dSyS_Xn%A3#gn9IK!kj$p^Q(gaQ
z!4KssR`>k|!y0BQ4XwrHSHL<^J6c2F#`}$<9s3RI?TQQ#zJ7}}%`<S(JafQnNdKJU
zwEoM~6vY_0YTLH-{*ehv6vfBh3gK9AOg55r=6_=^X`;6KTc#&IMuqiS@1IocPnvtT
zOrf7R!GF(X5wlTrI`ozOAd2ZXH0dm`-H<R9#dEz2S>o&-Kdw5X2CJE`r$){nD^~^a
zv$`I0t=A>`y@0B=gt|02wYh9Hid+3B#_Qiq0&U>%JfC#;SK{>-kv6pj%ntFe{%M*X
zuYW`F_$_+;Nm6b0i@wEZde<$}>%S-(frHkjkcf0^AGrRiaw_Y;#1Auh*^uV<Rr<T4
zNm~VKK0kHjeod{f`Ri<Iz4|LasQLn?YO>$zXoTs1Z4}d4)=o*CEVn0<6~_Gan?VWY
zVaQ_Hr~bymkFk#x!#9$1rmpD%qtCeZ*HqV7M3%>zDt%pJ%}=q?*kVIW9QCiNb=b+_
z>ndrW^P_s&x`)#RQ~m!GTJ_ZWVZnB_p<xTPq2+}p!}mc3=rCY+QdczT%F<(_&#@Dm
zq@Ns44>pk>-X#4;hSP)1MO{7ATZww2D$S4L<w+Rq;^36C1<uo8z>&LhF6=!Jxa%xb
ze~hE=0Y)O+W5koMT1QUl1D4-oFHJi8*<H7PEI}fw2hB)~gialKt>9WQTR36vT7{2|
zwNuE$WTja~gb9xc#D@kyF@rBd(s)Dsg83_NGg+%d-v&NEsy0=y#eq+P5%rsd8*-hn
z?0t5{>^8CeHPg@Xfy(-u5XK<e`J-oIzIk(znLk=4;+3!0w`H`f#CLG!M8#I?L4Sx&
z*O2c#@S4qzSJb<%_eHnmm1?x)0UKW?FIATpDQ&AI(@`}`AJ9z|Q|eBF$*59U{}~!|
zT#6oJs(wc6sA{w?=qTxp-(qa93-&bT;#UD+$J*jIwBpX)%;%d=Zg}e>ZMeLYXZ?Ex
z|MdQ0e)VtlNxVdeLO1wwjIkH|4`ks8f5IZ#6wlb|zEGBxx|dcro;vb9gQXkY8`{-w
z+^ruyt+_8YhbsO5?O?|U^>wZW)Y*|rE!N%ewR#_D2#=Zip$xigPg6(UKM1`5+|=V*
zs70F<8Pk74wXD8;BP^{crjG3Wp9AeGV2zhyX~JT5ipGxnw|GOhrd#>^C4-+ci%loI
z%6{j_d&q43N4&jTdVh!59Q{$W|4XrT)l7j)=`m#m$o+#rYVDM%M7sB?O5D2*?0fg}
zCqhZf#-TAj=z^up8q$fqvzP&M{q>NTSqtEUSo2*Hy@c-?CUZUxL->CLZ0J&d%VW)K
zK0&CJz(Vk!`5ABcfYv&)|9@q?X{;x3Ek;5L8EHn1^?y)#M(sw|hWX&mI3U~E^mOlc
z$@O+5(Km`A{6`yq%aU;?{1`IMdkfIVPwTldJ$>|h^>(klIp)Wudn*;zQG9n?3YT@@
zaVgl!Wc9cdYGuymS9`Bjy$n~=y?2J1eZC`Kk^b9IcQUHls#i!IURO2LRU4>F_LGZ&
z+4TNyO*v+bu(6_Y%sxJ5XdV-iM}?DfNV-CN{d?2#W3?y4U?v~MKd5H!eQ8N)$0*oV
z2kh>u(*S0=$LD6pM7%sb1=JqXyT?@C7AA$9#L*1-VT>!<5Fed@3jxO9ysvun-(^|I
z85hy>eKseA_D5fy=Zf}CJ9~S~XygOgzG<Ig%v^?rN%I;T*E);{M}kS!W+1Kl%)uwK
zv>qT!|N08U;S2f5#sr^c#_Kl>By?>$f>}8Bc|}q5OuVjHk)b%==Y9nVL~f&{E{zAG
zhmGOM(VwR<B|a(eZ{<%;57`4+YLm@HYno|)bKX_3C&(1sk61ax3~pq8Z=N}8lce3<
z_%vq4)4gv)BqsV_m&E2ov>}z^Z_0~T6VG5o6`c3y8S^DL$?4s*)ziD@a(Gd5@2#vg
zUIn|oL-gKHJ-Jp<J1dfjOs_0tdZq0KJ|9P{=0d4Rr+g>hj0aw-GmeEhe#==p-k6u`
zv9Z9k@rlsvezmT-d_hzXs>ep@8kE!&PV<M_(HW`8s6Q3eYwQ1;^0jr-L{XpF9eSni
z%ZH#>gu|bJ!-U}w^x8BgXw?L%xyaln1yW<JX!Qpu3m(#YW(*IxGN}*fK~*_XY4$$M
zukgxj>d$7GH>CJ9pKU4mvsO0Dmo=H4H+M~4jc0FG5*iYoRVBTcp&H#9M!rJ3($1hi
z-I^mgRDAHH$(Xgy$ko90vHIg=R9^N?>dWH6xN}SPmflI(a+HWksTH^Da{FA470oEn
zZu&2Sq-%bsblQyV!EDBwSG$cx?s^8_mEYiNQCA$p?6O>oreVf;4ytZns(Yx2=F|u7
zV9i_)?6URQ^FVj2@#~lblIGLZABSV0GhW|T39Gb9mZym(Gojx3+fel?uf<bixn2+J
zG$uw$4eo1SN42BgmDxIKOY}tQv+=TGx_5bh#kB7-E?#Nm_5TB=%R4Hjqz&zriSVKv
zUz-&Au^DOpsQ>6mosJJKAE%&(HPdg?o}K4UvW2-9N=W~e^7&f13{QD}HF_W4zYF(e
z=&2tt*o=*5Ko(c~kL#y;{3rCoi1d^8TMr{r!$%~In)kwm<3B~N)Q?T~3yp*#l17?g
zCFd%sRnkaN|I#R^8HnF1DWA!tTBxN~N%_E_$uJuG&^+l<=i}vqkHs1rZY*d++k2mP
z+ce%=jgw&>kk{3SuB5Io78~h~8Rd={;f@*EHXD~e0m+@?(u=acWaIKO=QZGlMW@x&
ztp^5Ujk!ydoif=rXC`ECMo0H!w`ld7m7ZqvK5}Q{a~Ow(Ul>cO=EDl(?`XW^qpbUj
zv8QZ<sUCe*mW3>C9E)F_=So(6?hxh(5|x01r*Fiq63x-R(3eEVl~%<li8z(Vg@Nxy
z^-*y3{it+tW+45+te=ayjSun`G~=cr8{<SP$AA4_U<R{StIG1!FGHSeC&8TS1*Csx
z$#=fQHc!StA|<~5cl>cEK3~|ZoW_)LxniDW+8Be~Ah>Mq;dKs_$w6h~c4{)GK(4J|
zq~Q%uDu$Crs~($s_)`pHEGcAE)HlT%*y!Xdn}FP4etgGgP<87Xqf7ak=MJykcb3-f
zOzGVIWRz6cMj`jZJkol)pi3oc1ADv8PYuS>)cR)_#k_=Yn<xKj&;J`5s@1L6)|<lC
zmX(Vw#&(<cMH7SC(v9Z!MDZPBBC&MM!Szo97#p?%-nJ9HhPvxSFMA;ZSX=*d(kknJ
z#a{?_ac##98t*jg+7U{0Zw_VNK$-Oqc|i?^PUojoVqeE3J<XgM9fZ5=hmx^MZ_E;_
z%QL|-w0~<g&K7Rgow_KGsUx3df_LOK1e=9LcYORcpvN%qTK!ay|1>|w(}8t>QjHMm
z<1$_vJ&&w@I(l(NACHd-eOxey)&T?Xlpo+#ZJiSIli_mAP^lbKrLlLrT{Ny(Fi^i_
z`APcqabHD^&g(x8-Pi|o%rNkEt45|qWb+x!o0e0tIvnJ<BCe#{v|f4uJbD}PIH&LS
zjQURY*y#fQF>h-tu_ljK?Pr3Rgb$i1G@AZUEw=!l9u5Nu)%t~56(Q14G)kh^Q^)oP
zUx$GeDKV@Vsh0QnuPd>OXPDrr4+J{vv3s+ud~S5zg|jC^GZzJuZtnmXflF*4P^5%C
zLt!d@_}X_fey~V0O|Y9*uMbgI?OrW-DcLZzmoFHoHDF-bqM*rFe@o?@<kF>cxMtD3
z8a<P`JDbv+^@kWbQEvps4j?7(@(?>q@tcWaS)=Z`!xlJWBT}PYwSkT9E_M`*qZu2u
z3W1Hew2fk8b%>4C5*zEVvF?7G^9x>V=-=yNV5w(|?>~*5V#eC&v*$*|rqoQF&7$8R
zd}#IMlyR(msF5;NfI#cWRp_MNE)@4mJ-_S0K=K$rJ$y1_db-dT98WmF1k*ezQxR+Q
zJ2TnnErBa_kL7jGIBZrekNagB33y49e>ZEDlwh<cDk%#AlQ&6hd$OWkt0qG@r?)yj
z8rtM>g!ltUrISXb42PFvB(=CgufSVWu53!cryO`X2q_(aq)Qw9!>(aWh^bJ_y0%(h
zU?wul2ilm14i)=Sg`r=4{XBI={Ta``kmS)~QPDy8=$F-J@@6Z__B4?Y0ejQg7q3(}
zRAJhBNTcWwWu%a7(aMK54l?Mhyq0h3&E8JY7Uyb*K#6pF7Y7jv1{EWkH|!f-!n3>>
zTJ0S}I_Lrl7-?A3UWDiu&0c9?UH1AUg)`~Qfyc56g$Sms;Jn7-eEt>NgvsYPEAcc@
zC_$$r(MO=!tYq6e9>Gw550P5cx=B*+N;&ha-f`pZMBH}LwH=#wO+NAZ>K~Z2naSHk
zsaj<bZ9#D|c|VuXhic-yuT=>Bu*Y!*3m-!W%P`6oghezlN?0Op`a)A%hbGRY|6J$+
zA;Tb49&^qHww+X(UL}6EA*d6~S`=bPuT{5}wO<QM*#{2ng1Bzb_tp(GCj(eue>N0o
znH&QSr;7vc@oXVz27+vkoW81tuiUdIJS`xgA}s0hD{sjHLK_yvmtCi7vT!*J`cC<b
znT3y-k^~DLbL$}W>KW=fJ{PIjUMK(F={7W_dBE>`)PJ7lw3sL*7n=J8fsYNLsV!0L
z9o{C=lHap_BLp{m6Gu;`o;lamnmdoxmX_A$U(^cC>aDW>Y`hlR??k<KDX;Cs0!X%N
zXBu%#y(3C1jd8Kf*L{r!@ibPN6lU|xB>FY_(7ca<8q?g~vptFfDHU!6rmJ^TEQ{_W
z*s#uIe2jMwISjNg6*OL++7Qekv*8`y3mYc1?J#;43V}J+<D<A?3bS2TfBHDJVs$es
zmIk5}=?-vh{zkkccb4X)w~FyZQyl`o^2W#_uJLUiTw1yT`xt|d+UCmuge`8QEni+3
zMPvvgWz7-5?G)N>RryF_*;;hq5!%W~U<huF!_(B3INfSJh^H*j$Rgavi7}hX@RZp!
zqiZGsWj*a(Rsk{}BDNv}q~LZNCJK=YA4hSBdXv1#Sef+^lmBdq46~Mtu3_CLbPelU
z%Y3&W{>K%wIwfqm*b(3HH;gOUmWu?(@)&W`d&_-F^AKN;+mICd@UB5*xrq^8{Vz8<
zWcs|kp3%Cp(yLSKrhJb0+rZ=;)O`IlSzYd6xw5dX{o_1oYK-ljVZ)YRFJyL7T7Fem
zxN6*nunujWk18|Ae-5@+x^8^$B&U!60`C#g4w$!$+8Ci*M}7h@?$T875CF`u_K`fb
zGV5@HGXOY*tm6=v%m8Bk`*~F~Sv4QT@z?XRS57r7kUd$0SYQ51wy4YsYtzWSc(%VK
zV3`<lEE?@=cr&mDRO0#@0p&ecW2EN?9$5Y_JV5^IA0Yp?N8|_lj=|5JD)4D=?K=LM
z^4fKr{J?9`CGfWr$-ckCbj=-qi+n9l#`cT(-niCv@5?l>!q$qHsMuI+Kdss^akFlJ
z&8rEUaI(BSFJ3#Q+UoZAvQF)om|eHOwspqqFonct|B`>^@fVK+w?)^3*4DokEwY;H
z$CTDte;bJ?J7cy1t{vS+k_|LQlUU<Kw(c#8RqXrqU!kmh5SXZb!N{H4t#ZSW!Ky{V
zDXiIsVL4_7wv5mEyN0TOPwo$NIQU!FnH1%Am?Zi+>R2k;9hz)_TZs|gp2w@jGt20K
zI^PXI4MZCgndjB^F)r0DipYYCT5`sSxJ-n!Fb+f|qP9fV_4iO<fY51Tgk#f;t%Q7z
zD4XC;(_Q8+l8y?Fn>uS=-`nKvc7kg?sXdIF&~yNUKL&$AUd7R5{w-r^g#tMrljv^p
zcAWzq8O#e_u74OHEM5oFoSaP}%FLqGjG9KT357ccY7LTl1F@P;E8ipuURnoUk>MV9
z_xH>7xok2nmC*W7*7$4%FBs=eJ9%J-X?JN>f9MO+MJxDqa>cbW#llKBbPuk_WENGM
zt|{phsezzV25i~-IHXsMS3w6!4|KxzJYZF#1#l_l5y5gXLGo}xCA(g7WVzW=xtXGz
z#?bRj4hP0iQ(j@)Vm5|8gO=s<(y!sWpudHCY|X#y@`|ar*#2I&$FYhFJ*KUWqFU^<
z`%9x$DVD_d*@X5Pd2OsU;5Rw6o^}gn<8BhY5<Jc~*<HpwpnyUR-SW`NJ*=q0#>;+@
z8YlYSfs@xKZgN|;=)~Hn^yC@<SjXEx8S%AA>p*z#uVx<p`k9IT6|=$J&(@kQ|7Mi9
zYo?Uwo?cR0NB;HSWFtXy?{nmEi+j(cwYa9fmLCSy58^g|D~Oe1bKjuX<oFx)Q$7AB
z{osdtv;9_&zlC3q)6tsZ0&BB{$*sTDCfv)5rS<trTB-GZi1Z@v!8b!^W3T&WEV6U`
zd0-UOK`yUN*9Sr=m)DZ)DSeqGy?%45%N>%zcRl6s6*XFhFFSoXU!kPseA($k{!JoQ
z#o|uAgy3(?FCZvi{ms8WCR*nBm(oStkY0&)X656~{_SWJQT(o3F2(?&r}z{hyrFE>
z#<kr}8!yIgItwh6MOi5m{rQ@S1T%NNcj}#5?`6ywqdH+AO-$-Jjn5s&peu@cbKDER
zSr+rk^s;s2l@dQ9@5Wvl{4(n2=4-61KVRgoEzj5H_jN11Z{}@fYo&K1zXab0&vd>P
zd@kQzX!Tl2zQfo@ps<4}bu&xe8)bkdng+_IES9yEpib=)v>@5cXA?&^0KaGO174*r
zsWB`2C!4&wX`jvKalHPoz_!J+TUf>$?l@x`STkfXO?ppGgSy)v<y#7JuQ=CAPvJfO
zWu>Rc9(R;gdKS<;7)xHz*<?!oNy!jv&U~qm^EK#2b=aIw*HiaJ1s$2>YqfG^#d@#>
zr86b$A?nWt4<yP6C(S!k>19!jauO-28u4lHRY+BNo1Bw<hq$qA&X~})*TINlkka^g
zRya<bj8c-6P2iOMfAJlkg=OpCMroshkHdRejPEr%5Swe!DUB|BJElpNmrsk}WxE%`
zjEYVjkLGG=I2u<_3p?K=wQZb2_RCZ)t==f3j4ahW->{rEnm4X+>br&DdZY!l{5-^}
zv}=T`G@3V9j0r&>{cme%6|GGdb<<abr}WpFwl9pdny1yG{*wYYaYqrFwTSyG`rkCL
zIk*N4g?XK6Pt{mGzn;e^ox%di8x}|w|20!)6th_R8tqu-3|9-MC()wnm8g|-vEM3=
z4uU#?O2jk=iCJ#eEHe0;DcN#@xFX_aC_{Oo-t;;&gf69rZfcQW@RhK03lt|UVy_qT
zQbrc>C$_oZ@_?K+qa)LQ8@+hEf9&X|_z=rZZ~ZTM*b_R?`oGxA(sG_^L2{PbndqMv
z)ru_Bh|N>}Nu=8=7=$O761pxW5C|Dxd3SB;q5y1tC%}s}ip!V#Xe-Cm!PZ|~mM`C<
zu_F9gm&trEb>tu4%SwBJ76eD<SYKL5TZFL!bq`K7r?!NhIOC0#KS!#J9GXMPmmTzl
zipREZFqdUt|9F1Iw)a@p{*Gz?J2mOBg|xy^p2g?LeFz$ztY(t{?-TOP?JH=GBAAT2
zcG3u&8}A|08A@2K$xIVqgj`7*?2qa!#n-$nw(U-B{r@3%C7$VTnZ56o^$tc{O8EH0
zmb;|?G#9mX0bvjJUAHvux@9ecfcdpEr?2Y8R}J2*5()-5naE^u1SOri{u>Y%pWHtH
z-pFC`xlrI32?G@PH=dBq7hGqqA0*Yn-~ySE$x3uFqI$8@M;aU3izJLlKxuJ{pC>ZS
zo)z^s5n|91AELB!v!GXMU=T*=OaCmwZS|)~$p<dkpl#?<H<uCpGU){cK478NW;`v^
zP*d!Y^T&jnlI)4Sbz}B05%mui@K8%RJcYGgiW%AAp>_NL?+=?34e(a>BWBRHX3$zk
zc1nJ2Jog}shK0lVnz89Yb*2R^oT5F22v7N3aVJf)ee13(8NU;T@2#*%`^0@myh47j
z&>XeX`*$S5rl70&R(uKZV&83f8uB;^z=N}GuJMh+?K2Sfr6mEsGXNTp5rQ|?NUs>1
zE&AHnEFQ}Si29-5b}wtqIqQ6E)!zNe`U$>kVakhp+Q5^|AL`L}g5ae^-?4Q%v5WQ9
z8_5XcgSd#Zu)cadY1$KF9>NJfCxGO~C^@KAj|leRbKC`O!sCE7+(_=&b*oV-mnlil
z6jPIrGnVLgRmbt8Q5zP&!>Ckk`V*I)dGMkl^Y^jE)ZctJagNMu`8r6mwn~HENm7XY
zZ&}c)hAI;p2aiEQQ9=w>n1Ltl*@Pxkxz!=z0c3_}0m))8Fs~Jk*<6it*4KUdhp~2>
z&)cTcwm)o7r_JlN&EWR&hu~w|zB1ONfF!oRrHLDj^TQpH87rOu#xijyamN6~8+q{t
zM|01nb6$Ktop&l+kY2EiuWiQPcBi`)oM~DbZ10H`TN}vneY{Xf8>lVLWe-?X(rw_@
z=I(-d?^9e>z@zo4MIPt;afuq#m(vA%PZtf1O1iXu7ld(~cBb>`PA|SIUE)y`PG>kF
zeR2JBBKCRdV)(v&el6XVo|ml>)AP>+GQZr({83w3hPicnPfq3w(>+ez-gJ98?a`1u
z>4nyJHSX_A_dV_p;ZG!wow4^~9a>;dm!uavi5`<aMg+UW->yinC=={O)SDCR1-$T;
zsjy2M>80MZ{b;c8cv-qXz0AM|?RGg}jY|8y?Vj1bh;kQs$|X*|%N?n`>Ba4S+G{^H
zeJlYs>80)EsL#}?Pb-Z9bnexoDDj9gPfDMp9kP4ctBA(qkfs9>XLeB1@LNqu_KzON
zWBC5b>62-{fjSUDC@oUjSEg6CpOQX>W~UdnAKz#{q1nDF>hD#)fqH!Uct3Nb{e<-K
zB--asO`jUt$mZZDq>pp_uTHN@5BTFX>D5lrr=?F5eXsGiuSvhAOkeH#&gsjtD&i}v
z^oi*cd9<po<?#vrcpYGjp4XbHuB6wM#O<Q=x{RvVq}Qfbxs2^iuNFx)2t7T0x+bS3
zYNl5z{Tb;qJUz4xrQc7lCgb|_dM2mo6JbMCpCjR!=`)wl!x!97m)Gx+WIijiTBLm)
zC-ST_?UjfCzg&*{N~on5rF+wr0f{EYyfhXO*r9VW|AHR5zodiZH$&f6SKmuUP^@9h
z_6Tp&(i4Gz)m0o^P*b)WG_FSYiH1huT*Lkw2>d1}{$k1<=HKeK@(0tRQC!Cit^WWY
z1*K_w_hgMG62bbkLj9%itvHL&qNB6LT|>6|mGP<WA`m7P><4FFT`0{e8x*NFSDK9F
zE{HTlm1@CY!m?7=K69-LbqT@pHZD}4sE~DOKw!1Q(GrBX58r6;l`%HtTbceA&Q4K6
zy47bHI+DhkJEfiLCSPeKP1paExVeprm5B~4wXR*kv8Tqi(dC3t*hkwdd~S&y)19W;
ze8N#lJC0L9pe`sh`BcEMF;c)jo#9>?d!hn^I$Pts^=>XbvjbYNy83(S`Z?XC@~s0e
zgeIY>y={wukV~jz?e=Q#MENSZE1VSPF&lf*J<Csy(giScRgd1EZ(mqx(#OSj{pKt+
z$!PDYq&vLZJHgJ2Ruw;$iBPYS_Ci6f#JMQF2&W@zeaRWKixncz+0KN$>E7jU+)#Z#
z?Ry)RL0JL7e4!s!G%M)}!JoiWmdNE&23Ue!l)B`p!o9r<LN%d>l{4m^M<D}UNzXH)
z`{(DU=cVV{BiSllVRX7%(qzNL1ws1TyVC{f3WgNvirv|exEl=5PcO(>wtJ9eeU9Mm
zuAh|fREN5J)om%Cg{PNUpJzVBiiO$Kcd2-?`cZPi0$ocKCS%F!?~)cKV~Qusre4YF
z&s$+lt61IG&JH@hf1_I^y-%}Q(3FF1+FsUS6OFkmpH24a3;9E3(iv?wm)I}ilQvCj
z=?Dv_29u{i7Y=~&Y83f%0p~;b8-YBg-a`}EDWn5LR;Tz4T~{+K=kQi~FM!n(P#)r%
z(VxCxlxK41FlW<Q+a+WR6Pvpvt8WKgj+F6EE-$;8#OT0NVZuZu)}z|^gRBPco8gPB
zP}{2_FpBAqbzybz0u@J#*r#T?-SfTs2O@OBtZ;kUDJ!^yJ?)i_aov}?EEi>ODAvCD
z+Bk{+Eu^`;(D_IJ8b4Y6R#DEDXBj_D29))6%CcE@!A}W;_*t8~QWw0f&hsbZXFZTW
zi!i5rvl3QfBlUfoNx7G6shl)xSeP+&Hr7aEn~W)PO&hq%tocQ;hVuZN{+eaWS_#|7
z!-6a<?$FDwyR+ni??D7C%A#O~?_7e}b=Ympas?iku`MtoP1&MUj5Z}^__<{zX5<OE
z-KMTHSE9#=AF_Mc_`1RJ5yK)goDBp}{w5!4v+cl|sImGpBs*r=ayty&GSFp1cVqQ?
zDHeuqSKip>tQX?f(2@e{#C`zy>Z0EY9tt^NWWTU+K<Y`RyBj#e2@YZZwY3TCkj?su
z{8J2X|7wcc2sj}NpK~c;q_rnFUgc49n~6SSTy;7;H+|)(4Vazw<m$(P#1=sl0y}6W
z%t0Efzl!8B^RybaYUGssw5KvPN>>fb{cVbn^VN;@P+KzDXVZiodeZi$RiTzi&&<>3
z!y=t%OfpTot9zr8r>stvF7~MlYJxs!hq=EM4&9iwq>+sELK<km;Fq@9jx&iZ4K1cg
z2>UWvbIl%T6FjHI)?7Z3dJ3)oZvIIP=}<sBQv*OI=^B@<9bEsG4HG*!hb}C2>S0tW
z3n}~uN{Js9EGHn&pDLf%^D(A6Fvc|c&p2!DigNR5YSkj^Lfy8wYT#rmtRh5;%VtrE
zNx(^<K3KLR6@H`Gh+QrrJ4KO?c|`27KMrAZzDDRQzhZl|%%_8k-TJ>M;p?_ZU&v);
ztI>-g+!clX#F3IzCi*voF6UjUW#^M=Hhm%EyY(yAtu{OIUR5H=M1SX~Qn^ks_mgOJ
zCv`v8>UIsN*=tbOD|k|Z3ka27mBsJ{viO*_QBiYh5>^iHDU7O`r?JsRbDdf?<B?WR
zBjVak&Q+on_3?kXR1_v>`5k2US#>%{NpOS~hl)}m1WDOTP{AkVeR+3_qbc2krZoq?
zh3Ikqo%Btnq%u{5K~NSW6qSjz&OEaoo!QE=ehsRjUo+f<E^b_B)Ny^I<%P+D4I!8S
z9U><{jCnzY1j_`deDAE;a1$%$m&rn_)Z^O|4e!EZDM8305ItBS;Km9aXO+wRq?TqA
z1Dz&2Pceyfr}Ke=hqPa0V8Nof&v?+qHQS=hNqaVb(wb@kRx+MG?jw+ofi_ruv^ugW
z`B>16(#Mx`=7JFq!y*HU0<6tt!dx~iy(S2!4)Ya^hO2i9W}`hBD72L`@MP&?MefTJ
ze$*>67NBDV9>yrOje~{rCj(^7jI3^!Hl(RQ$^mYv1ppz7I>K$6g|YA*^bhM0?0BoM
zG%S434TCu`(H4a$e@eT%FX=xIuT9=~g_o=GY9G<!%a6gj<dt(p9!nmZk9DaeETO7e
z5h+mvQP;Bx%qwdn94$iG31KCQRsyKzR@xcRnL%x#x9WB`%#|+B-z<5qE!Qip)juXT
z^R&)$%C<JVKWFtVYN9io;npU*3A0~A6lQtlv6%}IVyCXl7yGfxYGYk~z*hey#gxmT
zF;B=Pqwam)p>sqW9l+QT=9n#Q>b9DL4W4OED_8mBL3%?)9J&?vZjqeYDHH1dM`+69
z2ih(B^i4&h6~>_*vDXc^xM--V&!j4AXLUq7t@>N@>TSH(N&V+y9~Y0_OW7wBxMp)+
z?f4kf+s>PDHm9f6C)btDzZL$ewb{Qct^Z<LW=yQ15v)tN)^gQuhn>9SAAo@_es)&0
zo^z;?edN-Xliop<>7M}^G~wX+YhTic-VbIY+V(b*&!KJdtba%8pW3Fh{v8>@v@N#S
zs1!e%Vx&g2?s-|^f!2l3kVAb|w9ntqrGde>@hU#geH+gMJMA+KzKtKYykXx4lq#GX
zWX3oYcSW4<e1(eRuhyX(TeUe+L#U??IJthrtK46S*@=H|QNN%4VSckgpNPuXBthf!
z4};@XuH!vsgX?OvL);F2I0~_(@-ruePwiJY>{_#1P4Ttzsy2yGe{R#=ML``V3yROv
zI{PAEgpRI7R;C3Nw$98nA<2wq%*QnZ^yxoAP_<-p|I#;r<JI0LY#h!H$l$7miT<_z
z0TwkiK+ax2x*}1J-p)*1NBy|N&%<Ji(>W}w81KIW-F{8c_bfcZ&ZxM7jFM@=?2gaa
z%%S5Zf(adYTwk8074`0w@0OhMv~cA?#CA32+pL|4taZ#LVI`(UrT@Ys<^^9zC=>ug
zamlxndoHT0zX9!XJLj83NPTBi)oRpw`*>NQ`pE6IVXWZDT6^|E#Ghe{Av4M7i!H(z
zjS_AwuFs~540~eH19S23SUWg$C8SI<eA<Y=9iK@@9-QqO|72U6iSXw50>`d}4Ub(7
zi}uM3D~?$$EVvYUOZ&p~LVYru4Uf2Xvd1|=nssF7ai7fjBkK#NTrcg3a=`;6yIYBJ
za`WVrdnqq`Wm5t<cHDc@Uc?8~PG`&y<YO|EDfxk>+e<ic7Q8;Jh`j6wl#L)%Fu7qd
zGeYiS!Q)0WTswlcBeVcWJKE=`^9>64+ykT8PRa^M`vTlRZo6ymu3?TFVNKJi2yo?B
zr4PMh;_`SLaX!94Y#&Gu<csO*>OB<WxGkMX&qubi(fixpoRj^)$>p4rD_9<lE&H17
zi__)yCFwq~1@DO1axu9!I$xY#l09A$r7Ql)rH%IfbZ`5z^iq9-!$hC#C)Yl~DU?0p
z1HTNPkWuS$N?h!Z_@JDVPe`92PG0VBSEW~#Ir-~MRdY_ho|n-0tJA9=_nQ!g0Y(Q*
zwy(iUVj7KK#i_KPNOR;xaj!{GM%Upyv2Jsn;gC7PbF+UNSD2%L*9dK0ORw;0upKxy
z*jvumqW`)EAE;&C$NV{cqPGxl6}jrKp-}s=WgEt7wE8Bs06Lg#J|=}aPQ9n_c(Fe|
zHGN9@RDaBolSAq3$h}-}F9)(Q<7v*L;0t<M#+au?=~F2p^wX!|t?7G96yS|F?rAvL
zOd5i#Xf+c7EGjf8eQZ9Ou7+{+s7vf9n{PcjN-un3p@Xye&o_}A<_KXG5>^o!fVeBb
z9k<CU<|$r+C0A?2j)sx$zHimf!j*lPv09}}roYh9bt8SSpk;Qzp#RF6vZ>?O8+K5V
zuL{Pn{iQ65Z1MXlQ6pJ>vwC3|!B{8-O<1^bh8-~S$gmI!wpVmPtBp6t_{_S7HHUSF
zl!Nct_vGm^>2C9M8D~+HC9T8iVjG4WV`nGWeUyT-F@4g_z1i)Vnmp<`cV-5-ldS#~
zq{><{o3{i@k9TV<IUp_{yXpe*S-HjWm&_TKB+RvgIz)x4EFSW#>>{dj*2)F_iH@^|
z${AyZGdbrax;r=NSIO!#)US3rNp@KUJBtc-w$BUe()00PxZyyDNp@d^-HHL|ao(e5
zo$C(dLQ0yF(;$J{WC?KAWsMs>bEPbyo86J*BGAJV3=-BgymW8^<Lt4-UEVI#xVKB5
z9UMOw;AgQ0Ul8>#B2V>7J>ue7o>lgu$r+_Y-K=QTC!%9s9=t$xJb24;`9MYWMg|S5
zG>5IgfnvlsZ;-=7{m<s;^=JtJzIL$x$+^<hu#rVVR!h#6Ps4_h9aEjJ$rik1_1zT7
z`=smx`*6ofx`H!>8Bpja>R)0%$LqSW0Geo)DL2P7)s(#itKY7gee9wW1_*2mv{}e_
z=tL9Dgp7ZaOrGoklL3#`L8iRpgq3|T9nfivGbw%Yv*6O+7D{=a8!DVKJ=*GBtIfPE
z*a)m&8W^vWCBL&@zFNkxw!hJb&|R@dpd_n52}yEA_9MJx<(SN{gS@7W{$`1Tj)NOe
zJN?@zs@7$*q7J5A*8&+zT}x5RydXLR!-DAqQv@@)BIpi@$w>E%*%PEquN#yVIbpUN
zV@fl1TP2w5=AWcfHu`65{i->!EET^}`gar0-^0JvH}fascD;@j%{#>a72GTnM51I~
zpg2dCs_A(fn?r5<R~hUv3Xd7z2SE3qloco`b&5)H4*<@L5kAHx8~Rx3>a171m4j7}
zzg;1m*OoSDSc1pKT}zvx3Ull~v#`QsrBUTP*(_vDrUv^y>T|w8wSX71SxjKqU1^&F
zJk~Cbz81zj34Uep;$j!Au49wYP8YJho>;phpU8t*vyHayz1fD-wy0_KbD$Wn{}1+^
zj^T&l5WHIFZYeT(a0vaB(}jzAx;*NnBMv1jzSSZ1NqzB~8r+f7xs@aSbYp{#S!T4v
z`QG2jh`q=?1~B_>BGOoh+<v1haSqhZ#JA#jBUaw;4Q2&t6|!>U&Xjv2E?W}h4tK<0
zA<Upz8GYZn8{;8C(++oQNN2638-W>ESAIVOD_|wy?4srWTQnxG{Ftv%p9vwJY<<B<
z&yJ1kN<r51cERi=-3e|Itu^gRL0el|@~nj@GmV*OLP07<ajtyGgYSW<HM)FLPbtCX
zpsYD8e+CHSfUSaO^E;L54hD!TAE8RNg9yenF!mrzI_N{PL7?p$7&3w#AdZfc|I|_)
zF;MJM9JXw8vsc!LZ=hYeHJ5qWc~PH1fkSk;VI{3jZAq)ju}uXle-U$h7o*j1Zfst|
zI?h0{x5|%5$Yfey`5-$E>}Y)2>-+qlR^Y;=7dAR(O=WwYTA;%zSnLxedlGZMRjoF^
zzqW95z4vB5S@V^>Xc$M=(LRG2FI}~^aQO3rD0trmyst4Fmv$cJRt|}SyeQ46atkM!
zMQos0+R4#*OH+r(?TB}9lM-L#b-A_pvbWKK#@%cEx;@qICZ6~FsIhq12sE)YW65ca
z65PF)m7a*|O$1k#1h?s8&<2m66<=fPS?njWp3n7Lfz7dBZDfj|WD`}q^V1Fg-Y-fH
ztO2rEO!(nd9Jw+fJ)V*JWNXnPz{fkf9A*dm2A&Yr7t`jUrK@i^d>{QiAtVX=J=^g)
z_yW^@o13!O^lI+bHLMKj7*=zRwJ`Uq9KoRv;RRoL^CHYVMAINrh%?8Nit&ctIZ4dv
z-LJ&H?~vqt)M1|V(v?rtW)2dE{H%awI(4$mT6$Zbn2TDeVrHJ(98JJ%3kcA40|Gee
zSKfn<G-NRC4jGK%D?iaq!<Cxh^cC5YB}>l`?Ut^o9vti3irS;jO59jGIibJJDnz-t
ze&fB(nyAw%t_@{Zz1p~P9~YBoMIzl%jh<4#o6G_34gixX04FzvsEzst@_ji-U?$P?
zfq8wY4<Vlj-ZbHN8g_Pfy0_kY^k-rGME?>tXh{UZElRcCTX?}O_yZ~^nNE}IySLu-
z{CX&#?JuiE>(uc~)sZY+tv*#<INTDVF7WCNg!q^M)#D(Ry|)8AVo%awa-;Wa!lfzI
zqSh>P_o_=?ea-PeE2g#Un>Rh5!AvyMp0Q^+4+@&?$8MT2p^Sb`znh+4W(gIIbKgSH
zxxa<Q&U=>Ne?9QOb^!il!o`|rt>AF|#!$h{;`u@KWnB*CgN6A1j)6L!K^<SGI^y-b
z55gpl3Vv)YS>vKrBLRa#1$Da>&0RO%_?YjR>~i(~?u2#PNGCj7aM|_B-PLi;Y1pdQ
zuTQGAwUZE$>v6^#V{8@m>-Y3s&CaBIt#k?B&2hTwB!%_$N&o6zebuV-6(MKrWBJoe
z2VGXGPyJxHK8JMjrc%8?m}sv2k?M_g9%A&IfbTy0{$#6?1SsQ;#`X1^o?ihMV`+F7
zE)z{}frNDBcLi%pd0(>+bM6i|nfX@gd9KkrSvb5lhSc65_qRF*)0&!rpJ+C(uY#y%
ze5I7Sdh|`tuP$9vKd3%E6*Ff+Rwd-Klq50&{*I;90U#!;m1r0BY91G4`mW{FnWrhj
z4FW?LXF${FaUSKLCp<yZvFzSz2#gyy8um>X+(f_gDgXRU%jXz1ZhF4+`P(V~0+p|X
z`Wf9Pb>>IhNnDO1ZaaNSo(+923E8!BM^)oH%1A;dg#>BUI;q$r@n>5__wep1reP3E
zBmL_T8u__?mbt^%8xFlU()E4(k(rwTv^}+Y7unpM;hKn{mD!lBCZ|?kLQZ8o=8y&E
z4rp<$pvEf`wRXEcmbNwGN*6J+^xtZ&zGfpn*dz);LaTGFW5c`6NqJ*+^|Qs$aFhU5
zx2YhlnVQrtgr=3GVVzFz_oTddNNf0K-pdQc{~MzulUuK?zBKiUJEb;pVb0y`FmUHH
zJT|)N*lCB=k=cmr&}>MaY0vauK(HaP|6K65w!1xcI-Tj-d7WDIViBis_pp6Z@AiI~
zO7}!ucSVBiQG9dIe|ql_a-co~<ymJcQfFxj-6l)T>9l#*EshS()K1z0hr4c>b8t=z
zhQHA0iKVUW$)(lyLjPMB!*_7E8l(4)lj(v4{}!w{i|OPISa25S4(nkjOW++{VbMsJ
z?qTBHNO#`DRd>H(_@p~#*4i?sOU>>|cX4Io1oT_%{gSmLU06Jb;fVNAn^2#Zp11NJ
zsQUc=5n`z>=wG9%FF2W=?^R<JQjL4k-Cp&DRDFR}yvHlPuvGB{RLqVKs~9i9%A3;j
zHQjU<zyK0adOlcSDGFF%q*=MsO5|*2V3@Kv^fjboZF9Lju&Lbc{6fp^+Y!W!h36o*
z|LMy}Zf8SRGs*2BxVK1d7EU5~3++WFi0O`7TxNI79hNlOn*^5`>?pBKLpjve7D=tf
z<S`1@*4m3v|MmEZLMKxkn<U!=mr!5sI6c2l^vVQ=!rDRqSu~xw2Pq?IcN-~-C73H8
zrdU~(1R1Nz2N@k4mNA8mNH=y?IZ9(dH!A#3mbT7ngPdG9dc3jg##wZuZW(<5-6-=^
zNjIW7OgBO>Dri!{Yf8Eib8oI27c$+rP-;+Tl>@h;xi(6%-B`M&-CRTuHkYp1k3FV)
z5DPK4SFs2Ws*`m=I(CSKKFf$h?a6Lh=Ww!{U7He$)1Km%S1j76v5HTu>6o!DFEel#
z4<M^}OM*jFr=xTc<`Ca+nrf@9sj(}sd?*y7c*tj}?>aFJ!$FEgoIRJlkGkqYVPzUS
z#gZB{cDH?=Rv0NIl{${j=5Kml(9P`B^4bxJbPUlzudKW;3hiN1xQ*k=R{s=DEe$6)
z=(o1?TYGm0)t0m`?0-E`^tYtjZfK*oBrVcec+DtER8sGrHJ&cyT1A^nv#lvqxCfK<
z81gC`Gx9pEGHduwcSA}8AN5~@Z8?;_fYOp&OwI?sohVN1gOfC+owB;pViv>lG7{Nd
zy2jtN#Q><wOV=>uC?J*pu|H2o$lZKHn++%;2<FzH*jE<?6Y6sY+x570Z}q8$?-E#4
z>8<H>_wYUba1XP4Ujs0>Eri^AtjIxry5#qMGmLN3&`{i+PM5mq^NZ7qSMC)Q70UFr
zygnWDbv3#WIv=vWWaD`6Z#db7$p+SqIO)9)kgfmA-kShec9dnqH+MOA@9sNyrf;uv
zC);pH&x8;l>4a5e2UoV9fSDx|mV6{FGXa;-!+?r_fGEiz0W%mtRD_>RL>5J5S0HQ=
z5fE`h1pNGDjgb7$^So8()H(Ouo}OezKr)cN=TyD5zg6e0r=F^crt1e^iw8p>Xq!9&
zYP-%De;&MxZIcD~B>nGJ+9p4?o^2uq@v&?Zm4-Id?IZm6#|ZBl#EtK@(!HRQk4beh
ztBwZW!Q=*}Ti5WU`JM-Krt2Z5ThpBek5yc{D@rPj9n6u^GzuK-?Wi;fWxygT&VuDP
z;F6ZVdKUvbE+SmU)@sZ)_SFXa2D=0pweeQp)d5!q2N)5~ohoAt-_<GMuMG$Qd3Jtb
z0zhJS0{3C>x*C^656;nL%GKr!UU5upb$Fi@!3sckakug=%nmGe<bbmQ_FtmCcgIbu
z7*qhBU<lz^2A^bKU&8i@N|Ji7wK9F#Q3!Ssh?wsedff%gvk@;GICGGAFJkzQGkgz}
z;5zR75JMEKk4l|hAEg&8cX#jw$B1)Lc)0aA^dQCfy$}I8l0kU?R{SvqVMTNrs0Luv
z7$DnqUARcB<vs`xunhAl1b!cdtAKG>HEq;ixiV3$UmdNO4`5mx2hmPXgZO(imU&^k
zib^j;TsXrY?S#1>@CHP=as;zf%%7kWm}=r3^?)C=4=2{~Cz9N8HVX1Tnihb;&Udq^
zac`aGj6FUJT=X+B4DR&N?2yQRukkPp!W6?iw_E{(G>lzi>4m<W)rl&~S7Z5DXk4FN
zzj~z>zgs!U7w~fsaDJNmHA)Zi@zfUfr7;Z<6VhEl-C2b3jfL@jDit#c+2zFFceCCq
z6R5eBsZ#`*P2q}fv=thY?V!fAk0!Sv0feT@@IC;L;&&pgcDbVJ@DPLH8}-sJBkn!w
zV*ysm$uEwL!rrwf+Lg?N%Ycq9;W8k7YMO)nN1*pQa2Qwx?3(C_@xLOOqZv2C$L3sW
z`kRX1*_g)vl24S4A9idl_4VhFpS`*K03l*-s!JCOjJrfPWGhP!YiRf*qA+=E@I(1&
z)~=Gl3%`Uqs)UnvVEG|vbpwK07ThT=)cLE{uai9|rA}V(#IPzbu2qG_?o+!D_O)=5
zcDVxV2xv0Utwueq+r-J&HI^;VnNI;U&(4hQ@*ZL%_0pv%*LIEt6SY<}yGz?z@Kx77
zp(*#f6~9YoIeq#Jt8wYB?(OgOw%xsbL2onmCJ=w3_8S;r|4HsZhish>>6JY0Ho(~7
zP`CKA5KBQf7;6CCKCeDhDLoKjp2jnu%ctUr{|@iQxy?`9cFQfp((d?k2)d^{+_FD(
z80>@7SsAC9eS17l+U^d$gmro7Pp~>s9zK2d)h&Bm+|QS`bD!9Mb*FLJmMeA-&)Qel
z@0NXgB0lVK>rFM*VPTm*zfPHUBg~gs_bkS+gkt;yq|3uDvz)xE6muCTl%hPmL&j;A
zPIt{X&F$M`C>t@eJ0dOY^F~?Uo|aXQi~Fx`Td7XpXN5}FrpA}+AIFxfTDlf#jkeXH
zcQ9d;3}5EmNA}q3u*odT1?6;Zn-Vt^)Va+kZYZg9J0o#JQJve)#BDxtJ1=ot@XZh1
zujx!~uZOtt+v_2|G5=gpy3b+Ut&|R<Y?rbgc}MchF5KXZ{NKX1`xmv{6w^xH)pi*0
z0w=ZIIT<IE2we@!jyPg@=kIfo5CA2X60Gl*lU|M3AXirNFfZK8XKng6R_!(<TcQf<
zZEMo3+rnn$7($-5g?non?nQ_6vUR^j^P=Gt)W_Vgrso{p`^<iMJGIHhUn{*4?fE#?
zQ8~amVZ!VH-R%;dpU115WWpHu`Ad*5$6rSMwJWmLI*o&`!CTkOMk_EgWRsXPKl=t}
zVo}FA)n+tvK65(4Va)i@UDuChp8wy7_RMLXEZMxik9}{4Z6)Zse#86qs@xA$yT0EX
zz~%!L;%cnrHTZ+=&EV1XTDz`>owocL)ELnV%pW<;0i~sTsn+Pht+|c?dY$VioR0(x
zm%Y}tF#O<mt&0!r<F})5&a1upX1oyZ<s_7wXmR^sQ}S5qdlHaRWdgH5fS=boAJE`@
zBzRhZ=jL7qh95B#oE5UU-+^f-w^Mj|1B?L+-Lb?vEDKU>?^;122qG^JIeVSbSerd>
zj&->DC1f#KSE%S)_;|H1_NhZvdFtMic+wm`$~;SNk1eoa(>RxTK#XV6Xg`Pma9>_9
zj%5#rGas=P9jvCC9KOdU2b`lOqghK0-1QHeZRh(OQ-J#a5H!jYOwY8QG~mJ{Oi0Dt
zIMM~8auE(_dm>J0vnTeXy;!PZX1E~4NMWPz{OfQn@s!du;(emxRZN;gYcVjWgWrM7
zWkK3pPlmyY-3`0`we+*y<zIroWh7X)pNX%B`X780{<N3w@BNRMGjp=K30^cwIO$;F
zcYx4;;H%)K01)^Q_^o~g%$V(%1k~J98oL8?SxK*|>x{RM55TRd{I{)y&i4FYV^6r@
z!E>c*d_H15%&x!fFubjg-0)lshvvgCqlJMt!n`!`;V2V^d0pbe&&oFL&(U=5%p0ys
z(%~n-V#AsYVtZiXLw-Pp7xXSV7$0O4GNyeUI7gJut0YLMEkYvEpDO^lAE7*5S1<GO
z#*O$%#E0Wfu->Gz<Y6s?lJ_{sU@f03k9Ibqqu4IdxY5N1t6zf%;FEJ2bshAD14TNG
z_-gR1V1|M&qdCLl5ciW9_ssLZrr{@u3}a2@`j*|@MOEDiN`x+u*okQ*k{&d{@W8SS
z{(o(R6a9W3>0PhIbf`wBL2DVRvGW7izv-54Pb<e?hY&0)_J_Yk+LtqJOS2WlrvL-R
zomV_3pUX$wgaQqH^4I*qXV|iN6T;&Lgt!7x95DJFykcg%dNY4((6bdRb<`dMT9P{}
zij$^`Fh$0Jk}Vv`Hf;muu6}3fOy1?OuivhMB&O?9Ky~17)E?j*NenqyaDiB_;}n&1
z+7DrT1b4}b%99*<eJSR)oPcAV3ly|BwezJ|P_i4gQ9j?kvRNxSaq*nW{L(24N#C?{
zU9V8zyy`E|{PNijOL>iN(y7cj(SMnd;oDgk;UHlOm$$6(-4VzTROxTS@2cWoeG6Kj
z`eQeC;XD`J;f`hFr4rBav3oy$R<b+V<)`2P&N6m5as5+Auw6-q_EO^@?tL?|3hk1+
zpo>1);^%1!twDvLBkuh;^loHk^|eSdE+YW<2*V#L+ra7;)Pr0U3~d*D6&ZvKTc4v!
z1#MVC6IP^>99E{w*Yk4OAwNP`x+6Y~&(rEt5Zm?q<g8FtINoyKJKAFBjoiqqlQ-*%
z1k?pni0jFRYA-#6F}1JlcLu#SGmGy^7mSug98!)wreJ*|{*HEGAbz|K_N@@qph}b3
z@+oSGT~`B`#VH8e{`as6QORPr(07qL+=;$=3x8c@G*(}S+Ta#h(~z?dd<V*XnDxXy
zQPvr(H7K9!C?#<K*=qP)p}IIzJ}~!n5CAX6pXA!U_ps5cYwuMwh^Jb59%}S}=@dO(
zuYLz2;>Qh@jLVQ^+c+O7M)@knfUUy3Hf8mmY~%X$wVnFlS{(CCuhqM=i9lb}%RTtQ
z?;n_AIHs%_zZlV@r*GyP?si7GaY?Ybp}x;LyF4=&HxUR#(u;ioq2}*H%*g%w@gtk{
z&yaWQGf2jTG7g=m%xarC;u}Tv)~Uu@;fV7d?Q|7XH;-NgW0ADN`qFMRX#Hwx#&GHq
zC<$O}vu(Nh&0V-uA&nar4htYOnn;jpqjziE?6<fNu4Q|2ssnKxp>Y@)sG87Z1RzW5
zYK(&x3+{34P1qRsD3s+&D+_l$R0VcaEA6HGVwC<vxY&1i+kwl_p4I0a#%Jch3-K7A
zj}Pa84<?O_i+UJ*_0e}l%Upy%33ga3Jq2kzg=rjX46k>V&N;>yegO4xebnS|PBu4(
z^8%jC+tMK&X>%+m-tbiB!5Rd%6!-Jsl$R^<(+NH*T|oQz{+tUkbQK^Z5G^ze+QOQp
zUq>5FpIfOfozl?vq|4p*Y$R?*bX~5Rkke>9yrqeO9c^Xx&ARxxOg=ayNjusVBgbJI
zaVBk?tLJp0i(bpLI>3UEiN+H4)iVEfMCL$Q5V4h`7RrH!XAWLp_h_Y!w_W7HzW-I7
zzwU;5^~<MYto(Vk)o=>ene$7xx&<0+EWnq;xM@|QL3~GQdVO_(A5i7FG}w)*@esc}
zf-)%*>JKO;`yioOXyXNMLE2PT+F2aaK+6r(-zh(a$Y%Tsnr>tpu%I}=5i^LHeFNOt
zw0j@Q#p%zZO2%>o4|g)^O@hmZQ4b3_T2tEF?+uU$#gWt|nCDY^UcscG)7vz-1Oq5`
z+Fx?5+slRz<P_!`*d)&{Ya1RsvZRK7WnHkuRkd8cF;Ad&V0Vnu4y>D7zPVS?<s0j$
z*d~MMW)a)0l!j`BUHdL#f@Nh=E<m%W_2;20^VF5#n_7vtqh{4i-raqVKY)Qo?)o0{
zE%+WgnGa@U_!h|6xwu#TRYrzyXFV0)Y(|J5hQSY={imB_IE?GkFHl#?(i2n#7aM71
zPaU`sBg28tH<E9FySB-WtL+@Zse4>D;0cmA#EUmSmEF~2iVEoCB{H2maK8z@UEaP{
z#Y_j|CZ?7+8v)ZdSw;L@a18*;PtK5Z3UHe9-B}qdowB9h1~Z&q5WpEc_@qwl>qUF6
z!&oT`iGeVP(pb_Xbb(8ow5VR32{~{9fvti&Zp#Lk|6pksYJ;<i8%alF{alLr`9;;w
z3^K`j0oO?11F&OpP%dszI=5a1$%Z#B$(WovFoh~R@Q|e5@RdU8UCqL97_HfqUeAw$
ztJ%i#mr%17xcnF#oqQPMc56^(4?x}S!YA_*@^Gy}m!At^+@yt*Qji#meu}!6t5KSd
z(b8q~{vy121=pY8x52~7Wl(a4-9gn+kdIBUkHl;f>k0;I2WvC%s7;@P{<Gxz5QbES
zP>W3VI;`04p6hV(Ioi=OZnv!iAGmN2X44qXROOt~qpn?*WAF>_HLR7Mhibhl)k%v<
zYe<8YRwQz8n@g-o;qevL$?n+u%3_H&upegn;_g01+rTNJ6WAVu-L&9XM5-P31%RA2
zvzt%_aEq0>yTH<$-Hit4*^1C6fHb|<rBE-z5WD&1W>5}a2#Vp2LGc3~1A{h_pr{)L
zZC@%|p9^b<9W4VZj+21eU@ylfz~rzH>5c)8?h)LHg`i$hQ&778a4UR?vJ5b}s5gdN
z)r_5{djKaK%?Me9sA3VnHMbA_V{-SNkAdwB3uMpE>4ucBS3jrIbWf(S82&DN&&{{o
zf}^*gGzOP&L9H5}g%-k7->;)rOWcq2G;0^#H-<bB!Dt@(Fh_#g($k8D0c`!K8*AJT
z1L(0!cSqkhRaKul75xtbJuk(i`dW|w*vm8;;OmFlu#rK}I7$Z{8%?zHZ4LB;!OI#*
z8|9Q;cQ5G9+DLyr6=gwxJ<a-SRNfkP*GJ{Mt1le;YR3xKSpFAwFIAm8#e95MeD+9J
z92wl6P|y|IXhZ50x>*|y$x#g7v3A-OsZN|bqAS7!-=Cl}Vo+pnL?HD>jE^6C*=R?E
z;$65e=!jG}>xgXaup@GwKu+(WOnU>(sbYC+m}_Vo-(gF<8jWWN3+=T9gnzn)r!`SN
z^w-c6o2s43<d$@gi_HfQOOErwPJTW}2hIl<5hj^K_7L}WXa(-t`4D1_@8BbZJJUWJ
zzkf}Cuxhtpo*P}Q4J=@<@VF-tpSg{S4CH@^z!G%JS_oS!5i@>9nr|$nSIt<e;UkHH
zbfQMCD3}|}BLnOXn953}x0GNvNgQJk_B1ZQpJ&3++@kFOE+)YcP9d74yI><REehDg
zOae1P-dX?+q@q(ADvxnz=Z)+)GmOhNN!<@2eN-3_Czfys98POMbQ9OguH@X(#RTOd
zI}I^GlXm`16M*TQa^=d?w25OQJ=eWfdMY5RX9jgK(ux3W2Gc<OH9qs(gt|}}RTnl5
zY?lt*z##(17hyPrHHoim6WM@Gc>#@8xHV%cBKZRtRrs03eU?=mAV~}V`qJ_WrF1SQ
zZ3T8rPMB=UjvMQnO@5vE@no=poe_#)JqB}agD;)t^yniUo-~HqxZu6;W;`|#>BA=P
zSVQ5L;MdMU6#p9LL^~!Uff$bWz|R7z@PcPCxNU3Ym_D-$yT8z;!GBAa;?p_3`dGx(
zZ$^k!H!JY0Sv>Rb0lQWFcj16fQF<yB9=}1iO$4Qd?P0$+Av>Jw#Twuj6hlFE8V7fk
z$n^)T!159HMr${Sh9d>ew9f291oxDnzJY}UR)BTTXf{CBU3~+RKv<0SUZsePUx^yy
zY=C@dRunnNllbn;G)-d%C4wXa%n4u?Gg?vxF=!238xD{gXyE`hbG0|)v`~~}WUdbm
zn*x!N{OLOOpE?z^(V=cCSO<R-1WVbtwbDHD`1|b36@5rr<!O<(j06+xXQJF|Oztpk
zrS;@~i8^iIkL1e!)`=v(O6k6ckN*z50AGm19K04B7QB|=x*U9_m94}43QkMlFiqoW
z)z)DuzRD4mo`bl4S?NCITTl~>6l_W=d;7q3G#A0ZY5ihF=O^KuJdT-H{s#mxuyW%%
zCTTi-g4!da=J8!zKD`MIRjsdnn%YuB!(t4n4qNedx<@!`E~-a|K8ieO+{N{H@i}Z-
zx08uuWmLKc^7Sjs*F<$k{m>h$rRq}c(ChI7e#cyV8e(cs)T(pCsmtQ8V}P$m@mX*K
zKw69MjL0<L(^h^sdfT(ou|j!AIdYk9S9eTQp8_tDs{q=~1bDzjsmDu<_~3cWBI>2F
zdN(}r%fS+0l5W7((nP6xB_mk9E4(q5U;t!=V*G0?ZG~mgfSq7^r@Ey2qf<Ee4${zB
z3?Vx|Y1@!Bad(GS!I;Kp0rQkLrYA7aEL5%1Yrl}DBF#S9gE&Eshl5_n4oL$XKIh<!
z@6M%|BVs}iQyO!{3CK*S3%bamnr-HS(I<!=hvIASDTnPvvyk)uBxXD(7+&X_&_Py1
zI<Ndy)%8^$gJU{><eT)ZQo01~`fTZ&hEX&HfrfU}F-)L~1MtzD7;|Ai4N48BYt|Q#
zkw}wVTKvc@ngV6SFo8^>sdj#x7X}E#z>tiN+Av&%CyqVG(xdLGURxE1wIflc#@m7z
zvfacd_jI65h)Id23ka$*oDfKC2zCxurI;wbtx*FFhmYjW_v6Sr4s9(WfkgdqbL<zi
zJsL>g$58=5`aZ!Q;9vKHimdV=*n|Ip5Nn^b>d|-pmB{aNtqv)@`VffXV_&{XZx6y-
zw0d9s1t-Y4Jved09nO+^09*iE>iL0q26R$y;(Nl2kx@(TN%LaeeheJ2IY_+SlX-uN
zje#ZFPe7H=oW=?)mSJ(hla<h82ES(cWig!nWOsNH&*hFCm{hWVxSsPo%G!Dk0LPYJ
zvSHTRb+oH0zEiJhGSO}TGoL8c?dn3_fsE4Z1W1OuR?f^qx+$pX8(GEGwZGv{ZS7P1
z!99Y1tKZt%r}Z1H{hfa6YoEbys=F9-V7pz#D3Wqu4VGgO-5F=b{rOgICQ{_iL^JL#
z9%iD*otetGZ?|-rN#|ZIJq`Kczw)8a!a4p+C=p)Dn>QbPI_hTa@8MW34-RZa&y1n>
zwn<dFwswv4+f(3ognokq*Jr%eUQAb2{@QQxac1o$_`#g!6s&{bEF+fx;6stFvWGS<
z>m1o{FyEC{G=qcAs<?WwijCo=y45qosUDPnAI>l-hZ(U9uDqv|K%_96TJoCfBz|n0
z3iD7o_ynH`j`@>tx41y9J9yZ8sejQ%Py8mT2cO}6FB%;9r%dS&vw}5$<DBCKYHJwX
zPr+5~pnnXiv)2s2dw#ci=<^VZp9NP~VEAreogLKGct7Ihxe>Jc?;VDpM~f-^;x)tX
zF#JC-{Mm3#!fz=Z`T`tZ@I?K<&PU|iU0g|C=5U<kJzQQYmX}IlUMfLe%B8y@FTbv`
z#J{A_7BtEPMHwbaa*5)XDe>U0<Z9`zh~tHdWBM9x3B&5lL}{)(U5OteX&#}k;1yL@
zd#+NCA0!{u=Pbg%f;ti(ViqtFil2uE47~Bru-fpc7_GM#P?Yt4>*@`Csig6!96whv
z!L+Z$FK4p6{X@A$jlKj9tZJqI5`_6=8Tl+vUvovPJh<kHc6sKSD>~)bYp&>)=dQT|
zD?;=5TPrW%Z&Y5yU*Pz4kSc-qaOn)gZM4!M+`%_3(_%)A?-$;<e7u6IgsOPyR;HuN
zud7EOKCHAWgZkyyHAoU%=~QMKmtWUx@VQ%=ZQ>b^msjG8(|W3wuwk$C8*C5kPAgy0
zt{}Jdm6oDpjNow_OZN<(dvMJa@ERaB^QxdgaG3E95JBmfdAQDcSHy5W`ZJ<|bqGC;
z?+y^X6kSf56YLL6Sf8ajE0<=Fm#}T4_{FT_sN$NIW5oR-^P9{sDO47f(*!T=6aki3
zHRlBSl_yBT2HpAhURM?nr^X#ljM<9Zxmj_Y@lxxI92+PvxuK@edjiRPw|i2m3#RiL
z1El5;SFoLfjdeVZ0sQv8$n}{k2A8eSz*iewV$Fk`qIsxe@N&%qFX|f{T=Q_^N#&cl
z46RdU>!?5F;@))|<K7j<{iDb?|II!BePV(<En$Li+}rA0AD7HMIGTCagNZDMGmeGj
z(t{C~t@E}}7>wUL797%iZohKqpCPyUdVJ??Y1uFQZvPg*>sS9<0{U0t6}0HuzcALH
zF2@#AIer>i#T>ymagG&pK-wh2`!V1u2DO1;iPj1G`>6l3*~*E3xwIu49yi880N6k(
zV{y3eywbQX6Nh~_5f6^Dc`6EJA(?jiol_kUop;~4igfmB>W)f?qcj+E<x1StVUJP#
zNGf=A@G|_^r&e`6M1DuYMe(Ea!qiXJ!H8@ojlKC`NMj@6E-DO%W!^A7`&xuW+JcIM
zwyUgBJQ4|YX-xSZn@?~Z+1;bE6<vcJ)P;Q;Tt+NgX-%^Zczp+qE82)`8Sr`diP_nR
zVrmfQk_3lv&{TW*pHOVIVmqqGO1zE-l}^r``b;C<!%Q{mjljLzm}{Cl&SN!qu;ZFQ
zGt3qD1>jNfa9V`fHWo4z59i)^mKP4h#kw;XJI)JVAUw+pvpOvPVvnIRg>$U%XdZR3
z2zFy1oW;irrEn6g2?8OEpTWZ7w0F=`R4<sPVp0i(V!e~&W#8S(Q>d`3Peb8chuMff
zPf~uV>|k&hVQ0{u+(r(gVBhxAX4e~3^U8|1HLE4^;ql$?m26!3B4%SIJv|rW7(sWF
z`q{E953}3(n;>a2!gwR@%6_5o%64fyU4vHstmJlZRI<uF_Kag1>8@YbcxOoohBx%a
z?)2rkYdF_;VR;cA?o>POafRkAEW_9aWDINu``nXr?iQADem5$WQ(JcozWR_m3t!J5
zAzTb^J>xpZ-ToQIi#wf8UH}=~ad-BLi@VXT{f5-C-?X2W{rI~$2tRPoBiN5kH2{E!
zsy$4UmL7@)DgX{OIrJu+W;G!*VbZ;>Q?WqEbPh0u4<!cx%60}KkO|(5g#%;imd;ee
zeqsDPgiuDW7g@-jOAp8~?k_R7DVJU#Wa(j}EqiXSX9Ctm0d!(dZ*Nnqkq<m8u7yqX
z`tE&`dbxIC^XNQ#!{%C;!tV0Mh2=+JWH8JDE%-pZphj@~aBs6^&T13O{BYXh^40<q
zcry~7cJIJPV~uD?d<#0EEM@EmCMDphY#{(4c$7idYg-58p?U+A$W?;9@S-wvwGwSH
z=^384Y2}{@z3l~2HR8vxL!j3?e_83hO%{BX5Y#E$PP_wn@2o}S8r|MprDC5n<apU-
zD(4z2BR9|`!ay5lukX)A!ffZ<sdt>MB`_?;mwM^$(0@!*lRl(n%yPfCe0tb15~T-h
zsdGHJZs~9G=`DW~En~;GT93(ejIOm(&3+>LsXL8w<E1%@p=UMj?v!Y{ZXtS=A>=s0
z6IbZE4$v}bY^|00anQD=i9jvzZf*O#V^O!(Ydfs~R)=S`KhP>XTKm`0BkL|;$3*9F
ztHyNvC~68NJ0>}Y6=A?R@h<OPb1}Ff9BXyGt|^0k5bOmE7Uyc&EOzafV(|JXCoo}A
zSs;5s0?yTSc`I(syPB+1=t)=IlNQe<Qb#b>?AR2nRGEjXRVQU5hYku)RBH12P?H>6
zmEWPC!8i|$1A1g!d0d{v3(-1D54ORXl=%uSt#`vRs&WTJ2nTk+Jl1ia?iv}Qfs(}q
zwDh<8#L~Sw<<dDwOZP6gbL-tj7Sc>JdF`HJ1-CP?^-<&Z2)1PymS03HL@wDUz;xJh
zGkQ<XGf-<To@(g{h=>2mhyE1<Ux*|9CdAhM4UXmVp`XD|2p%mO+HOt`GrAgfYzj4P
z3^RH*((tzL@nA;Gs}GmKjF?~dT@7t%%8$j2{?lh-6f=5}_re$hHU#P^#Eh=?zGol$
zIuba{RJ`fHkcRu5aNB_mld&BD#wFw4iLo6(MkssRfzRG{;Ip?K_#D^{dQEKyy+-lx
zo9*y>{AtGeY1vPq?QjcfP_}~}Lfe53upPd{YQ-m5wu9Wd@juIrwu2M$4%Li9q3xh_
zU_0nHv>g;x&!y*V2f0nT^k_RcAxjUoL-<~@VtU)*%P!;IcChzN@f%n(Ji$e_gWfi5
zJE$@&8E-pSR#Mx+-f27ht1@7=!yAz(?<EkOkQp%B;ol_EKKNhw#R4mB2bRcHg1yLg
zkgJtoi%Fa9pz_aHAoI2t*$)4r*l9Z`_!srM$%5x?2Sw!CbJpZl5}vUV+76O)?U0d6
z2KrIkfxR|sJA4(N{cD3h#8oud+7rt+(jM?ewQL8fwYME$gC@4a#PT1cwgZK5CCMHP
z`qS55$+xbxQmwAC;CmZ19j0QKd<72paI0K(SMh9|di)Bu6TjT`*xIRv`B=?~HcTn!
z!4wO=@ePx-w43w22%q|9`l)Zah$3qP9M#opSzTK%vlp_?%+*@7*tKDCXfvMWz8wa#
z7bM_ZO)Z@(xM`tm-J<Hay6TwUSE(+^q1#%H#OK~To0g)JG(`dN5=<p;K_<r@tMMH@
zUGvf(g6}=c+_wEK;kwb6*tLUoqYpuB?aOfFy3v<1AM^0jKR9rYZ-*cHj1BODjMv6&
zfR`d&|1Ccr8-V%u;W9P=%TQngP=2fp@D`tmQ5)dH-mB0C_=xxAx>2U|hnb*o*=5)b
z$-2??=*L*Un6A!Uv*j*W_W25=;@813S@xMM&2PhCa=04rgfmtln5V}ej+b(bGQ4`L
z#WGtRHWAI_uvI<uRYr7S7}3tsq5ps*){ppO>qh{?ftYMUG*#yr-&3go;UI>U<aIt>
zSDLOUua$N3T1oR-*1C{eTlz!gQ^BK5a9dhp;c;@3GGI$fENk()(tK`RiD4@-tFt{n
zZe5Ayht`$!#lyPNYtdZ7a#+?~zD~JT@Mh(7=ZURRTR#H!<ky_|frqWmHK+IB(bk+;
z64dse!NILLRZAa2n3w6Bgq5Wh7na&wSL&3va?J^?jzuS&9gaB$7p0;V>|4N64Zs`B
z<}L@%AL~8x#6m)S1>0%O6MLsaPb?}lRvO-OChLjyh2~1rdt!4z7!r$KShWJa=pvrW
zcq4J1OlM0v@TtVFOY6O=^Mwox+%YLlFIT4Hx1;ns$7vd>%=d~!(+pQk*O{!XqxhYy
zSFAHxQ*%ytf7E4uohd8r6vNh;ECS~=Zk_2g#F?x!vE}?alh0>0{@JiS?+f{_aamw=
zy(!;Kx!zRJP4A}YsJ!eW7a%^3De4w(9co<lp|kmH1=Xkiem}&+fAeky=M~8c4z+UF
za?USHoH@)aI@fzA3p*TOFist7UFW|bR<N#f-c9*+o!^7LtbL7<2J1SUKA2;;t|KXw
zC9`frN7>f)g<zeH`oA9WrT&?99fqHdUkicp>pDu~-I+MTb)9FSQ0ez6UDr_^j9J%V
z34u*B=E{{@VL0kBieJU<6CHdje)J_b-A~s&f^bp%>b!7veI}62r16G)FzE+z@2fcu
z$%-t>+aDB$OV@Rjp2q%6a(-QhWsTyINT^F=%J+x)1lN)M|3+oQb)7VCzNX!}PEymX
zyBJ^N-_}^H=D@lRhjFg!P=mOxLv}CE#^@}67xks8;=+zn=faMPCuc3}yq>w@!j9bQ
zTGWvn7j@*uMV+l!$&o7<$as`H=x`Wxr!a#sA6wLs7glb#s<RD~3G=gwh57Mh1{_j=
z$%FaX8jtw_+=pe}u-xJ*5<Hp*b{pY5%tg!@T%bPiOPru+m5PVguo|@D)0A#vQ#ovM
zjRWC&4;6X!gDA7>Y;3P%`EOvoN4-QXqKvd1w<uiiQD3w59!gKoXV!aYpdF@&2W@ET
zot*U^8rLd4aU`zyTqk`xk?TFIWslkL*<&_*_LvQy1I$LRDQ2VB<Hl@QvBGTh5MnlT
z0A?d~@tBR=x=z7}**GE7IIj1E4uzNv1^U2j^c!L}3fc2|Z0kL8n{w$9vvER}9x$8m
zJ%`z7L=4t@?ESW3HmVGpk$cR>vXWvp_D;-3Bb{6C8H3r#u)=x|2P}u#utcsB239<-
z_sG>su*IYevr+kHLT`H!X7d_$2(9-hxJ)Xn_b9PEW}}E)d(K*XDoGx*k(_IXj9fBX
zAH{4w!qR!#J-$n}-g7kQL+h;fP^~>?Gj_d)LMdj$H;>s^V@39Z^&aKljqT<b44>(G
z55+iM60hQp2*2K=;BE}XdXK$gJh!INdXIB!+h^ac_n21LdQXA{wau^w1zPJp3fM7a
zpU<!NNK=3i<=1;mgBsSTw%)^doCb9*hg`vtt7Ws;wPSJEdXMrl5eBjst@kJ@E0J^M
zdQXsmQ)sOBD4t34dy~{LyWT_pW=6`iZp?a*G^vNrRL^)wKLq#>i`*W?f4F23;y;ZJ
ztm|*Wk@(LmVZ5e`Ia&PY8wGxD4d_At9R}MN{&OR;=k4U<!GD;4A1;Icung{78?FIS
zek}g;pFR_#_)in{;?o&j18R9+;6K-8N`IIM9vlDp7Nkb;pXWau=iSDq!oJ!t{_|}{
zl*fN=f+O%B{*2;3=6M|W&-lDn(!7qxf5PB~|Ip>u;y(;~-1v`H9XO}i2>x^1Yt+&?
z7XHJMWbvPR>0;#Z<@~;Fqbig+%b$+l0)1%7A;Q~R@rG)Qa7;0e#xb;|o?<9rb;BR9
zA3*>{m$Vl1m&0R}9Af_y+V%;ckc-RVF(Yw>yx%OsQi-kVY5Q*kkCAj1kCD@@!ef|E
zQ1PudS((?zV=~<)kH@%fb3AxVuKFAvldC@IWFC)sK?1xmjs%bSP~uD_^?1z76IbSO
z19;5M5G%lA{x1fyEYJ2IF+Q$wRcZu}kz<I*$N^=^;4O4q508=mI(Q8IkA=r5j`4WR
zeZEtS$EXh0$72|CMGJXaX^P^{qdI`caG_LRR_as%Ucqot{Dr)5As#c5hL+oMX@opm
zhvSTd)B4v)xI7+1ZORnM<1v=!kx14lpH`N`1lN)MQc+!;fwAstj&(ApTZfppva4x_
z$0Rk)y89sTnBS4@FQEcFhAX(lV<wi5LRQfdk5THxV^lmjcYwmkxe>WVR5{}$By+||
zP=Pd1nOQ(F|ISkMs@OwkenMpyVZ@t<fig<NK$%%!GUmmNAYpt&WhQ{im@kg+!?OkC
z@-A?DfHCH0lMM62c}qCZ>s|n6%+H9p=GWk)V;10yd9|>7>tf_-NA2Mzki^Uj2d3iL
zLbYd7=fHI~b;a7Pmt9C*8>wqi44jwX4qB^9Y%32CBS$lsfGLin!qk64Oo*%It2J+2
zZOnfIn2~ymv}P=3r18KoBTDBmBN}ywDdI6BnujL`GonG>TGBZbh8f+?^Fgn>o##W2
zu=Uy$GqU&Fc|JJT!E=N;GaJQ>uHP7D6!Lt=Vn*Y6KKh3AQ_P412}X8(Xw1)sb2+4#
z5ygryBL#0+a9~FEiqDNq1ki}V5q55EGff<3<i>WqwNw63+tGd;W~6`}Q>YQlNKB&w
z%*Yr>j`U-g5#zBO0xGgd-Gj?!v1`ZJK86`7*n|zwRyKPPW~2nHM9!6%kz7sIeNliJ
zDV|C5`>MXxS<Hz3jx^+?6faI60k1HDArp?UH0g&6Gh&h39y3Zg!X+HM5n@I^3bC~^
z91A$YvjrUCi(!MOu+qlxp`QN?%0}qJR@~UWa^_W^Pt8TRN8IfzXMWvxHN=M~KNcUt
z88ZG`oZnY|KktQfM)9Hhdtcx~@5+?^FcTcbhu+6IKKViO#t*7MD*hB41AfrLwhw@d
zJO&@aC9F7u)M5dfr7eC?r+TQ$i1PSQ4UWKv_>;qj5W+mi;6n=`KS+7492%e31aaWp
zfczfE5Bj9?so+s2xZy*LFp9qdq3tBt;|lii{Gf##KZs!~F{`t^FpeK|1C!^z^UvXd
z`_4~Ca~1Q0K2Onz{Gbz9qqJ))x{Jj4F!5)U$`0~_{*zhKo^+N3wf!YHIDSxw4^b7$
zEc|r*1%{Sx5Fh#{ycOa@#jPcL$TTZyE#@zW4=Fjs{?CXV_)u|N!iNgt3h^PU`zZb*
zA|hYMs-F5$gb!t<T|*f@WDz*04dFwq$&|0-d(#+vNc}0?9}d1wrrTujp|snK!H1-#
z316qU`h*XSRG)Ok<3kIMg0q%TaHu82j&puM;>>REH)7wE;6p6H2JoRK#0v1C)4rR>
zhqj{MthE?vz}NXOs@WVvd`MC#O9mgJqbWZpJQyE}{6EcROZ+o@9fqHd{{{l%`8rDD
zKQeKIe4PU*RQkP0`8ukDG58Qm2u=)Ru3WhtQ&v4j@jQo-=-}D-(O1;wuPL7;2p7eR
zdEqQR6v$@MxI;de^dsf#j0?A|FkFfcDV)aQOmZF{Vp*ejB$6!V6Qmu*r{xn|NA}E7
z*^sZ3=FQi%!-tZZX5Ia6iVrcjz=t@jlCMJzB3~zA_&<&C5Mw1gq{ImisdRECJS1nr
zL#cDOG24u{Gp}Uq$Q@@!X&bg&Z5y`SwGDeKjCJ!cY)C#SHe_DHhSD^|*qOqt!F&xH
zvVevSoepfs{A@B|eufP_0N9ZE88&2o!iI)8gVp)z3LVQnHlz|A+Kickg)?->!nNm8
zXCgk%l{k<S4qV}AHRiA%Yf@l8A7>+oE!0-ez=4p(*bh6>>U~hVuCr5LLTsqWe*@T$
zdZ{|7vSJ;R-?wysxca(bKa`$c$nb?|upOp|$9`z~ogD0khPAU%4f}aTFmF9Ed%ReS
zo-f2_&llpe=L_*U;0x(B<qPRGiuq~A{&4mp?D5i1%YF*?c(G!|7t%w>7or3BLQ)vd
z7m{1oX&kX1CuAx}zEJ2;$QPmj`9k^)`9ccWbLqJ~UUHjq>5(twge*Pqg~E3mI+Fe2
z8j%COkiBox=#%d8;#kD{xHq;xT$N$9>G?vIl@$B2cVa&pX&qlk7OmUk^?oL4d%Vt|
z%7QP%0n_n?SRz*m11lc+LUOedY%yu$3#t4wp|`z=FLbJ6=N>Nwmq`b{kP^%Dg%pu%
z&smdKN%DLl$+>pO$R!i?QNGaqS-K2gh<m(V8T6s#3oyFJi)!upLSy%MQ7GjL@vUpE
zggstXGOJQ^G%9A$me}JZDfiLg4lj)KYA4&{W$onlcuCZKe-`q4yd-JKG#5tqcv(bd
zivU~V9xq1c8r)vA$4jo(;Ki;DYe(DTr7X2ADhp&UNWi(8S~^$m@d^^CTU6NNrFc5#
zcSmYZ!5%NlG&7Q>C}Z|`sqw>a%MSs^hh<Liny0~j=D+fxHd{K_<8>HfYh5^!<MToo
zyeSxy<@o%+0zb#`dBn|Ou#I6j4@0`%wmu$?5A*NCWjH=8gZn;)7!KvfVmLV2*?&{>
z7|t`i7i{QJ4Ck5N7Z}c4GNnJv1cl+8i~3IXc;zvi2}orz93BmLDWc^TaikgU?;3~S
zOfr%@elrC};5Ymk#c#|ri{B*qEW&S!@>vP<IUc(SgBo^2ms^Y7Fzj(-Hy5)$ZSI)c
z+f{(w-1gdJyB!<5VM(&sO{Me;_!hlN-y&@5YH?dvo7=iN+SY~5T`g|zDg$T2k%BxN
zupjYWw>~b}<`GQX?}gI@d60JFaxDa7s~6p|)eC11!o4zp53aeyHY|8V4W3b3Z}Q@v
z2G5a80$+jeffH)*I5`)3HWM0mz#%k_^=D{q`%=;s92}A+(ctliE;LpPQV+z>gW_>a
z)D_Ivbm-U6P2ZSw?7)HC$TJSOOR{eHLQve<+G`=cmX)Qk0|gymYgxi~>NR$>7Amt+
z@)V8=wUP5Z-f_?brj~R$wcR!7v%kxBn7#~0<>{2bM+1pM{g$ubv4`$tzVzV4K74gD
zUwUvNTu`MZpB$bT?WjkYT;i1WW9Je_i{$gT9$seZzEQkP(pkJrPUG;h%sGl7UdEB@
zaW-;s+)8;=ML1bzc*^5sZg|S#WOwo7XdzCPYgY_3VU4jrt|0uY)wj@$#pf%c74zpS
z!Ue4e@$igAe_Up}v`{t$6BlzNjiPfF*GYrNDkkSRX49~$(D#HGDF1n!Z&w27u?`ZP
zZ(HKb0d3fH@ZbMQfIe2TjfuzFn}-_^im<+!Tk=@nF0}sIX2zSx`s5g5eR4ow%V2$U
zTo3D$|2kM7{f~w9DUR`2-xE-%)UHUeKGnhcSRZ4qTzM7@{;T*H#gAfVhz|ZA{H%xd
znea+pxDe|bNn>9=n8vRWtZyXTV+zCNu|8^4rbr&^vpkPPQi$J~?9b#ATt{}#sO%`#
z$GrKPc359h)2zGCppX2X`n#HA6zk({o4_!Z-wZ*`lG^&)0nDci5bsk7dE(+;W{Df~
z<kFa{n@hdnWwwsU45vnfhTBG^?lUTNuf)l60)){+WKmuEl-yIB#lNV0t82)rsW5cm
z*!~;9$D}=~#j*I9`iJ3Tl+NK}G=>jT#N%T$t4|I-#)*ux{|z7eed)l7+)u|^_V^f|
zJwC=~kB{*=z{m8O;$wO}ZhVXtD|}23AwEV2;A2u-kB`Z%Yx*i~loOHy!=b7MMJPEG
z;$un&_?Uh}d`waGTzU>4liQR_kNB7qvh;wDh3`3hOruzUkJ<Ze!^cz^hJJW_%(9Z=
zWA;vbOrz8K_}Ff$EbuW7G7cYOiCiTNta!x7<Z30@V$z0>sr)mcx4j4-d#qw7KBnNZ
zz<`e_u{=Jeh-#MLtjW7J%$|WHIoA#uxpnZdXR>q|e2nKO{z1@(*4a--wf6YfSZ)-B
zQhbbW9v`#DitGpb>6Cvr7@MOlXQ*XUZWP5Zl^EGir{FDXA8@1W70WHwG~z}%x3+z%
z9XHCf0@DwyS0uPwJGS<B+$aU?n6fYA_tQxdXk30joyE|wMm25}<8d0)wH$Ikom?%O
z#jYKT!?;n(%S0H+Uc`-3R8}JAN^Vq;fKzC2qZH4i`R$iFX1P)HZ)T)S>&9@Sq)9(q
z+$a_~!P-)8)D|{!fVI6HVrv697I35H3%F6wf=!yjaT~+co`W>J9eX^u8uRMIWpFj-
z*L_z*T#fQ$akW?aOmIFp2{S7>Bk|xnyccYgQC#hv-WRyqcQU0v%mg(LO3ou9tLeY6
zjv;Q;f^nl}AQhhyUYRjjTHN-cxv|`+i7Yp&D{j<8_0TLM%42JDa0Ir-pB%P^5ayZ1
z){?v~hTJISwQ^{DUK6$r?YMv&b&E=?;87;H;cJXAil<Tf?Z@OsE#|mU3|mokwim~7
zqrSuB$&IQZ338)eismZD*XockZqx~^(Gh&Ds#L^{nq`*6jbceq+kH3`aHFUSWfp!q
zZZfoVgWRYt-cXIBd*_N<OWY{atfaLJx4jqi-MCvg%Sg!~_6fueFse8%aia?23b7um
z`zY=qB66dw>Zu<^+^DRyYbe8dECS~=4(mA$Wk}94Voj#pDBqjLaHG_pa@?p)x5;2W
zX}8H@KFL`|QqzPRRa|{&HQ&jDrqF!YV<vt(+|MN_2(@H5;lPn6CYTAkeS(?Xm`Jk(
z8^cVtLb8A#bw%lv-2S;E=sRoM7;k`?{5N`-Ifj^tq)?s=W<tkU9U$R9jrv#Ebcuh4
zAI0#~aR~zB`B6$^CKE@<kNQ&-D*a}pn2G9O3}(U-f*-}0D_5QkBT$b~{2~q|(ZS!v
zPa$R!gp1;9^1@lnB#_OdaWo%HI+9{0<HG$`VYn1CQ8<mqndCfX!m>v3NF-StBuG1o
zugxd8j_hxb%7&Opnm1q54l_w=nswKQt^XRsOqg3>Ce$qQqo_f|%X!r=P?O2!e<MGN
zv63I9#EF-vbais0<V0?ioFvJub8_a^xzri-s5$JHyN(601C0Vdu%d9lob#;lzH@ov
z(qOEdZ^f253ugCJn3wLUn8TvEdGWp_3)IA#M;#=mhV#J+2%dw)xOeU>@S`lC@uMtG
z<455lZ0D!ta+j4l_))FlBQRUAaJp05`L(&g0Pa-B`E`(F$N6<Iuk+4<>rA054r%wY
zxTw*`fG1U`=KPpB*c%M;_-3?>&O*gyh#hsO{^ZhfuXAXKb`2uP2f-Yex1uINYMT)b
z#0xtUBjj4K)2_Z1jphax>gKWhH-I&1M9^TMGT0!H<zi`EF|3Kw(~AKY>sg0rAReZO
zAM7tphHsYLBTzIz-5To&KZlzJzO$7LgZjf@{(NFMTC9DKLGjsRP<-|n6rTeOO0Ovf
zrPnB?i2#lkdonm$`f1ruAxDc9E(}T!AqGVUph>Ad;tmhFb)B}7qveFGQxSs-9SSih
z3Xr3v-w=aR$ev5jVNi0La_JF+azd6KFsSg|hOdO9rLRJOLD~Bzjesdfi{s(OIa;a=
zt4)tVSyoaE%HD}VX|#73lq_q<(fT@@#yDCp(-_&d{%q%PvqY{E239;`P;#{rY%yuW
zpj7^u(A!>wLA^w=6N6H4nU=ty_=UiA%Go<S6p?GsS(8^u@*FM6xpv6Nt%E_mlL=-p
zsITH<^V*;ft;5lxT6+v?EJuq%DF(&2uC)?4T2?ZvQgbwpR?wE<Xi3U__#8(|?PMG+
zYbVFilBoO6Eao{{lC)%+i=!MZi^%LDU|i&AF*?`a_9Bj!T&=;2T^rVp#?exi+7^`s
zvKMi*6qTu^b0tSBNT6;}fup5(I_CE~)Sd#47G>N>;3Q2^#&ERM_&;PEEtWaKjZ%)*
zsch*0H~KEb)=q~bIa;5A(Vc=qS&r6^pEBy_I9l(@cx?<zdN<Pb_Wki-NzA_wm%)-)
z2KRjou_Vfm#ghKPXJQmfy4iabVoA4nUtme+mcxoU%mha{T6rw#3`k|MBr+X7i)aft
zTH|n}GZ{%9N7@cY;7I%##gWW2iz6i*ts)$$D4&%upW`v4FsNZjbh)({62l%hhIAwA
z)8^JWj#dGNblYolV;B-klEsiJr8nYR^g4ZuNXKf4jnys>JECcIc?LIVTlJN}WxHT|
zfxHEtQ%(FW@T@@U;FnxPt?DlFuIiUxp;^hcOXNYOR*fEDYT=GoOjn$T*je(J$$F5T
zRb7da$S~XSVaUm<t<)6?^Pw<0va+I;hP>vpUSOU@D^2+<WPCt^VID!ws^aKEcZ4@D
zv(<Hf;DH4+E|o?!E?#VSXWVvfG_HKPbh#`_YlX7BBfe5)wuh^1amK6_ALOojhBno!
z?`SPn<~+H}0Yae~bFxYb8EHU4U#*mWADGtb*?uXv>xsA&w<CHNY9wKIxqDYZ6BxM`
z7hc(Gae415uf=Tym*PUGi0yUkZ0qW%Fxwc{*24g;>riGR7@(xH7@(ZSVSpLFSBL>}
z6#Sfxf?2*-5%!lE>hjp18|v-`Lw9>JrY3x^LhLWs)EKnFh9;KrM6`3j_bTFIZTvo6
zBY?Tvj-6rv`fZmM%cg{an1v(d(gmmMHr(TjQN-P~i_4hv=~{jHF*A>G{z@|KWnCp0
zXEcXqJ0F)bALbxBY&+=lNr^KXV`CWS9U)nOalR5C+3Xo%ABC2zoyB<b7^fUVj8hJ%
z#|(x^$MrBy`LBa<(*IZ(r{WloaefVjN^O}G<5V52k8v{Q%9ZD0l5rIuvA)et6CM0V
z{H%v@n(z&I;X;gaB#lq!gGo0>FwT*1A1@4-$2h4`nIdgL*X3QjmgkX33UN!5{bWAD
zb!0y^Dm#jCGH*U3maVj=S$E|2zCqt_<+cFh<oH`F_iIa6XktcyQ@K2(L1!98?Z~4W
z#ot7Zc#dz>i*^7it1aDqsa0w;VzpYS4#4xjodmv|JO8=ah^-6_fm_`37&VnW1TFPy
zzTbs78Wm^t>xjkFPv3%L`ELMcQ_HIc#^P+!ZNu3pox#~`jcYIJ@{O!Z)ra9m?Q#^~
zM0J?%EZw1my3<QEz-=PC_eJsFstxN=EF~#51}oiWr?Gf*l~-8p{75w1?PY{HhxJk^
zU5@nhZ=zbAa8XP|W&c>KOw=siiP}VjXZ5sNDq5>qZYHXgiK>%?FP<eiQAHRv&_u25
zqp~)smwp}zze#%IA_>ckvOc1O6;YM7>dI_I?k;spb~W%#EPAOq*v0!-y1klRVXkt2
zwj9+>=vxv(wNS_^2FkVbddyR*rF$a}e^^F+S74Q@0xOmHGYnC78L!sLR+ehb6>zcY
zZvJXvrS@+qODwlmdO6~HbJ})3^QQ9k>A`h+>L6o{YW!`6lY;|FsspslPnH1WtH``t
z+S-}YDyXd;sAnve)OC88<)}win=WsIetij-b=6Q>(Dzy5;T~uLE*IGO%4zt)ZanMk
zL!71^rZRf$mJ_~{h23(J?dGP2-Tsl<{6z8x*`qyn%V&?>^4Vjzd=9W%y{6c$UXL5Q
zWhWMPtA`M~r30{AslMkA%B^c!CjOuklG=$s7&;VUw-g|DtKSg2Rmh%8&tbQ6n{w$9
zyLCdA9<bZ+J%`=uYZqX*_I}&2TUCZszVESH%Swvf+B>mZeIM4xZq@a`ALM7>@dsHV
zR|x|v9<f`wS_!t8v|+a@|4is@FT!p=!7icm_!V3hJ+NCPmd9=tQOy#ZwfIz$Ja#KN
z*A5xEb+B8aEm`cA{K2;beP|v2Al2Gqw`2K(6iTsMzIp7{8Y{9N@CTLux>c|_8h=nN
zoAL)KR>U7v@RkJ!f6!jB0BKDl{-ARMaa`4J_b;1P7=Q5V_z>!D#<mT;{ycsK#K8v)
zwwUJ+N>hLo=lO%CK@DqE;}0?(r$JrIA^C%HwQLr<b}SC#4=OJcVIX@Ee^60biJU9>
zgFymLp}`+iJd@_9Z<0|mH}^L0(EZEwZ)T)S>&Ea0rAa?r{6Q8u!GTl$;1U}-z=4;$
zm`?44V*!7#=>FwRl@RsZ80H%x4L{#G9?X|{_2Dv@FZ1iZt0Cq~`LUSqsXh~<nC}JN
zOSVk@{^bk3FEHP0GNnJv1V{OU^CY+MY_&z>51tLF_-t_=rhz1hTC{cBM{zyRn6uTU
zvi!kG@du}>hwj9PF2pF19MXnEqF~7p_vKFx_eBWv%;LTYe{gHaA5>l|hsNhMp+Rv@
z74Qd_R9Xd(GQkb|WrR_De+X?qCVy~ijz7q-m6+Ap-a3vyxSh$9KX_L>kUuzs<|@X1
z&!ec$Ry%<;I)eS4t5n1vd@!>l{vb<&+P*Iw1n%%|ne^;^szRBCpN^LqTDn30;63n$
zY8>Sc7Ppr8gQi(YYZdSZl^kNfCt?SGusAO92Mgi~u|uo-D83IOB7e}TejIj~m39qf
z*r7$>oW@~?8U7$^GUX5Y-ZX|ksQ#4W4`#Ye2187{&E3$|QVcQS4@ylF{$O$S1)V%-
z3gIRmTl2@IU7cWS)RN(p1JS;cIJ4U)NAh2oU~4RapW{Cm^RHT|)GNm=fXBFcVaGyc
z_225i6VB~d4&4=!1=!k5HIJ?J(RbGF#&`p4?F>}4IfmGpq)?s=wnoQT9U$Qcj{2X&
zrc3-Y{6U7Fj(0*}JbzGWJTMbS$RB(H3YC5{Qfy6iFa}#=3Bey^%#|z8gAu65D4ya_
z5*<7pKZV#@5H5;0<%P4@S|FQAV<8_*I+9{*<HBtz43}bS3a9ZnlbnHAzJMc<Wbv{f
z?I<4P6I@4jZd5kJ*3!Hs86n0K)HLhvO;{WIW7+y@4q$84Eb<4bK^gwwb08WsR>Esa
zocuwRPR`^I%9$L()LG}N%`>k&Urp{jUyWz)%eAMo_vMaL)W9CZ-L=lAhO-iam`ETT
z;w&@gYa|Z~Xm=t`gEwe#+MS4LCbVL=1KdILwpm5sO&;M2c!cI{JVJ}vc!WE^BQ!tb
z5t^TPggjT@yxKfD&3ueSH~?+Wyo^O?ejRK-^3HWUI#;p?C0xghpUgmOUp(BAEuzEL
zI_f6l_<ihDt9L_9yN*xY3310F{|(@d>ao%e<-|HE?Ys1>HT8SL9W}aa4fuU$AEE(w
zm?9nxqA3V8h?o}ppvF|g(w?q?wYvG{Q)>9{=2L*w;v3mM@Yw$<{p`X2ER|Znhyc{v
z8HCf`l+ESU6$C1;?!w=LG_;+~YFN-)gL&+U;qkE+Jr=}gj|K7BV?lflupqsrSdd<$
zn4fC!_}HVs<I_*eehPVftXN?|dI+%~IsgljzIZH1Ze6Ea<ncKnQ#SJWLWe>uhyuid
z^c!M93fXh%IV?zSQ!YJXK~Bih0~Qp%+c1*w_%u2PSdhJM(nyr@_&6?YoX4liu-f!k
zkYy#sg6y4GkVajH1<As7JibLHiDdwY%u;261@SZGuppMmRl>lEM=VILR)Q@iZCH@X
zKNEV}i?E<+#ZDfdg3H7M7No@TSdb!e?Kx}mDoGv-lALRYjNCd{(1k4B2#@bif<Ckk
zkB@5Yv7oU$J_@B+5Z}7iO5pKX$*fAv(T4b-Ey3fHl=}cV9-rFDczo7Qj>jia_bu9*
z=kZC>l4*jL4(O&C@ABYJ(>1t#Egg@K(YXe1SvGJXi?x6?c(H54+R=D?%2GQFWG~|J
zDFIVU=Sm)*TrGjRMFk$8;^~;*R%%ZHkB>6VjHD^b7#^P*|A&mn$1*4QP0Hgtk1ZYG
zH&21s+A<u;<9im2-*G&?W^L5Z@%WyX@!A-s^CL*t+u6s1=`jC3Tn5u&8Qk|V#B?Y>
z7Sp-dXJQo7d8+rqH+ghV=+AjyU^<ggSTTp0;3$tTkLg?hsVt^L2Fpc=HsPFbeNAVz
z4MRL<t~#8&W_a`YlS9liFJvqkKxe8noRV`j=A@Kh0d0zet5<~C6y>E7=4Cuy69zTB
zhAy`juVL8Z#%mtVI<t9frF2hUXGFjpUUU34wlPeGxy@oS)zWh@k$9WFDInW{j@RU&
zX{6@i)HEEFhEvl(&4c+g1UHXNyb1h7WwhuO{d%-;*{)Uu1{+Rx0qv~OT<L+w*21Og
zD<F?mdA3>yH*ZBNFqLrD*$TElb$g9n{Yminu#O=fUwc<?5^T9CoMAQv%GwkuYxE<P
z5Ak(&^(N#!$a<5|*IMay<u{Y{Bd4!D*tgP~TycSCvjSxHbtn*FnxPoxvI6Aybt%x2
z?|jx56hGW%qWGEdg{&{=i(uRBTS45dUC2L07BeCXU;?6uStj7r<(2pmPBEze--KSg
zo$ZqF>@N6IIHgp(;2<@}Y&t%w9jSU*Miy6EMAk$7z;iCT{5qpe;W7d`%zFnQU#J6-
z{T94i1XRuVdy9$FD1R>n-@<;#nJpHt#X<7}3g=6lSG)okPf6x^3(N?QyIB{a46&u(
zWIa`;Z!R0FGACV)C7s3H<TMU<%W(EW+>ImNV{F9Z_<JVO*8W}_??SvS7}f6RMm57F
z6JA~+rk1M}3{d3drFBv%y$Wdtyu6dbk0Y^9I#5n^fF}_mu|NmP&;cXZrAk2Zu95wy
z1%8an<@uy=36CewJdG}&XA%XK=eK#3^6?2A$yP~F%4a9e{FdRnd93r_?g_C1Eb=$;
z5zg}bejJ*$b}vSn$0FqzVv%ydcQS)D(s4a3QvT~;k@P<n7O6PKW07A#p;B8X#UfP)
z>tm6OxpL)&n1o!#$0&X%J6d#b4}R9eB2D<m^1>WLseg9=rSLb4IFrVs^TA|$96Q`k
z7KY1Xk<^<^avqDcJdZ>|T}tn=2=W}oKb=o-9oa{Y%8p`@%$u)i%T`*`th>*m?%err
z%<U)^>Cb=rBM55d*4AI1|E3HOk5mbH{@bINC7%B#7oPtn7oPuSGC2P&C&TmKazevx
z-YJQDxM$SqV(;YB0|e?}I~)K<g>nbLA?vKi5SOC@t{#Ahsqu#VH-Ou*4l7dZvACW3
zh~ajWp3dTSG|~@K#N&2PWtE;3+>R40H!m^V?i~T<aAI&f*0RU#`0Q~zK6~7b&jD_y
z*A%zY>v7|DtXSc8dI)hlIsmtm>U!KxZe7z*ak!k2R8}0W(4i2wqX2O`{f4-mLiSvG
z4!4urluM7eofES3fZK)dIowVoS%BNw`)$MRR2hcKc-+pilHzvuPTWo-)cUxc>|5Y=
z>VdZZmL+nPFtFkgx09=tV2eo`Zm06kgx>Zd-0r8?A;jTQa9Mc3?UYy^w^KwlOK{fW
zQ%Ul;o#b3QWaQSt?S2mV$l`Y7aJ@6=L+fz3sMa308_VIMP>S2}&Es~~SdsmJ!=?PY
z0ofdFwM8wPa=0i~#Nkr#mbDK!T=t4(AZr?NxSU(tKG*IHIMWK_a3y$P+vYc(!=->7
zQ}(TS4wp0qC}Ez%Wg675Ml}u><8d0)wH%VeC0EO4v1`ZTFb<dUG7$!{7jd{0m6gc3
zlEW1w;1n7hF2yrxe!HZO*)!ni-^@sv){WtCNt1rKI9x1p0S0()HgbRgz5!xuKLST$
zfTel}XJz;D{$+um!vLSv2!m}513ZLuy?uK;7$EcS!(}i)mce~%Lky7eV==&MeI`aR
zz&Cm?*e#<N;G4WJFu(^l!_psSf|$!xOSEAP!y9*B!hIo{h445nK7zOj1Tv1tAdZ)E
zyc^DBd0hkXx@M|}esm-b@Vf2?NASA%ljC(Egn4FpUFU^)jqibZHpxyEf01P6P*GMZ
zNmh~9N{Q!;>CVh;hk=BZ<7LI-qlhw5U^<R@eMfGQLo4m}Oq<)2XZAvk^V8Q1cH464
zBmx8^uX(;If{N}EZ4WzHp4U9$5auzQiSNw3km>aZtbLK`_3Nx;tK%Jzs}UPPeDQsh
z=^b6XRN{kp0SAjdN(hJ_kqH2+Ebmr)iwy4@P6_bq3Gmw_z^^aBZ?ge@TMY2Saqk5D
zfXDUg0t12Wad&P*kRZXmrcgnGX@K|uAp#rZQ(KoS5C8-yC;)I50Ki7CyOIF_Cvmev
zA^KNe0ageMklqF8Uk!e{fC19G000E`)+Pc-?@{;<d94BaTj>#gl*}js7%_2zj2#J#
zf`AQd4yJ!w{-ZD;_5ov$u=CDBfZW*}t)PTe?G>J?Y|S8qf?*r*1%Rl?hs~Tn0NMtk
z2LRfeFo{-90^lwDs~!RcS0lt%xf{6<gM6W>nEJ+FK*wHBeNHgQ9f!sNkldgwL~xM6
zf84-~St2iY09*?IF*%*TaJO#-kdrn5r=Zg)fVhJlX5Ka~uhY{7WfD5`!xG9<F5%F^
zT;Gb~N2+U8eAklP10k2g6qDZQL%7apsG>#UoJLVaj)~-F7*;rPp96=_7rWsT=~sih
zA2fc3xMF^o%<%ZqVKU3(3&-^7O6-Vy>r|h^9ew3-+;|4^KMr>!SZ_#Rw($`S?`u%w
zr&lw;1qgk9OE3XPb4#0_3Iv8{hhv<zIah~lts|G845n!LA<B0=`N?h-w*1g-Tz;&M
zeSRK*eDPm$gT!SCPROs&aK@1we>`C`@*6npIp@{HnIAetN_}0Q<M==b7T}7VRvuUU
zHR#sbgBa~ao-K)iTwfP+4v|I4p&U$~cY^zG%vJQT4~>|N#s2r^hbZyi;=`8}dOE%U
z-Wi^wrEw4U9kVnJ1aX8s$H$^zKJL&~Qaxm_MSdHF`?*qr>B!tyuDlnfN_vdqXS2ga
z2VaICXK$8Erxu5c;^*dsA;&(kk#t^^3%b#8&o2l^K5nL5W=Mp^@(3f#8^!rZl<#%Q
z`GQ=c$CCezB6+*JX*8d{<{jFY)V%A@u)h9Owv!sDHSA!u2b!=`Pt+@}5^<w2&QGi_
zKOEw&b@4@zE_d8-*ZuaZKnayYLXoNpLXp48JQIqP3pN`|gfvNWm~Wa036gSY&VwDP
zP{xjwV-JhkJ}x-Burn@fz3CEc4i}tL1DlsEf#E&!DPZenbNKU^S6eEzCLS%7+Hf*;
z=89_KeroDYVx||rPwEW5PU5_^ZgHd7DlTfb5ueZM<sRy~x`Ep;>e@WSMA>atUx#|L
z?x(R~eg8`7&WPuw?APUrXoJ;3d+D?ac!U_xtJCeJX^iRCEA>~IaWFsPuL=j>&hUrS
zzYQ0qRwH1B(8!s~Vaj-5lye|a5)jV`=QO^-*8<~S!7heBlg{S$x84UHmDR_A1leEg
zEmC6_mUqC7b<yA2+q$D$UVSQk7nZlsdG+CVX_e!P@uS}Cu~F8%$42?=u~9w;*r;Ap
zY*eq2Gg<l#|IqXu16@iz28;By)$fv5hhsMT!`^VmmQqvAA&iu@-48KRIshY;26>EB
zZe6En<Tg4XQ%G_fLx)0)lmf&^^&4WO3fXh%IgC_pQ!YJXq)y1v14bIY`ynD>H)=HY
zrSAi+oapsq=h)k%0Y@aqC4__z2cSI7aX&_$X!VV(wT0zJ;{`W7Z|-gCZT3COs@4Oh
zmah~rwRZxh8f+b4stF#FoW}pQ#HTY^qdLkQ2V~08(or2*KvyRND=i^YxvC_+EhcS{
zsj6cp^tKm3rcIkyVoKHo8T&cxHiAzTm8P12PnB>UK2@Zysb?*2l`9XQO3pP=Ms6MW
z^i3?O(H^;H=z*B8zANZs33hrXcqAQXchYg{t2eW0ve;>bvT5&1u~YRauMai<5cvln
zs49Z{j(BIoP}L1m43&aK7^)&@S%U#XwO0(y)>gt$om<<C5{IFxLZK3dqDm#ms%*!m
z67D7q1?^aOfN;khR-jF@9TSD~2##uTG^}+EM`cV-t-6-W4scYtT2_l)I~IrGsLIVm
z7|33Pqbe#>f9FaZHAui|IdD|PGiiR;NH4QED*bJs>NzP>zcDzfRO*KdM`e)<aMTC0
zkpmp{-yyd4P&g7t{Y4nq<G7T+(jN75IO+>Kq1VQ6)VCpBZ_6JKj>`P|a2XtxWsnCs
z5h?G0@?&w-PxwsG-k5~FlHRZJW$z^$BELWOE8Z74>Px#}=?^nO;ixN!FUN%}194la
z@J}n+b_>27cbl`{yNDY3Fa(tul<algQi{NtjPH)mfe(U#4pfxrI$?P~9i}1tQ%MxW
zUO6--_DVi><PWi%P0n>~!$zALK!uGCdr=x0X87$ATpZ}=z);#o#5?|6<2DN10znG9
zB_D!<w3)zQe|<REzsIMOVxFh!<0;JZ22?UJ&kyo9k9lI-AHU7mjsncH7h;}0WiG@#
z>!m};%U@Vtwp}yav_Cn2uRPqQybY&@P3}JZ3B-wvwd>KaxqqcyC$B3ee+$p9#q5_Y
zHd3dsY`2sU#?`3{vb$YEk?X#!yffS7MfJjz%JEL5VY;xpD5-K<<E9)wDKOrG+#x9_
zfRd7pp5k4;UZeP<s@96HR>>9NUHK5MAq?-bNSsqK-o?3UjvGhir1}F?!KqJG=#EqH
zyRZySYZC=Wc=pRP@SD}6;b5O(SkYkL9;%Zy$!_+EW@#yr2cLEi!96D1V!G|>a2u4b
zQZJ(m#Xrg_uV1u+hUuTvC}FN)X9J<d_XfcjVz3VgK7u@eK_Uj(mjE|Y32?(6#<-4!
z+x$4kq}Ow&s!oE$v=(YSb>Md=^0>`=(Nt?c!B_*_rl%fa&LM6iIn`N++w{s;(Zf1R
zg3F}1j`tsn+c5Moa2p@TINatNC|EjXr(?6~VGM3#r37xn^eb217t<X*M)A9)zXxx`
zPXTU|2^Yoh$qB1|Lfj@JpGoJ#xu99xW_-B!7lcc38y8O9Ig^~nZCKtY&PU?f^;G;C
zu98VVia(G`^jPwLT_hjkHeo(}%{$yCsd@WGJPv6&o*47q;>W<@Hh6Nl4ORhgB3yOp
zo<obc?S4DawmQBn_4q@~5Wop#3{hmj38t73w%ETy?18GW`b9{XimCst@4pdj!s&Fy
zdJln;Vr)V>Y}kZ)3d;5Gr<9_-%FNk^Xbl{ujK?NuSDZ9#g2tS)foi3n2Cndz!Mtg%
zH@Blv>CZ1;m|_zPy#-<u^UK>kHbJz)V-xeslOxy!YujTJeD>G`pFK9g=K!0~Yl=<i
zHFE9Wult9Fe`xxLmd7SA0TO0HY=V^xu%c=Y-O|!SO9CQla=`XnDNwHgnXXA=Bd>ZB
zb{-@`-oc_lC^;n91TJY27_zxkw{#{O_B&NtdI+ccQ-B?qlirj|uil^RO_^|S(xn#&
zS$aS?Tp&x%7qr)##1`XTtPuxU-_)BzW;faU5CDO}5Zij&b^w;>g)qegbYD2q{PHC!
zEHS_QD8drWJ^_xt?^6a#Y{tC52du)f)Wq3beI&mn$@6CH+BUzI#@PNepp9u|+?CZ{
zdYiqg24wfr+u~iVFitk-y4hkLB+`H{STn8$>;=g-TuwOM&Penuf|*{Mhew{)J8j2e
z3EMSQyRMP#%_1oECMb7$@AN><wO~drK_zCc@6SenVg|k0a{PE;3kPZP_vdk<-n?w%
zdg)#mx85D}FK)6#Uz%FpPE*+fda!09eZ4%V3zfg4>)@lQ<(tq>4wqoRNO1|ib-jXM
zmB<>e<{u)bYf-jwZKJ)qfWsvkuFEug4ORhBk<B<Tu-|l@qiGQUmr&(l=Z<THTECUJ
zwd|wYYXN>}S(QQ!aWXaDh)Zn8?_Y6X>jBNc*lls)_D{M&vh6^L?Eo(%2e&$yT~%%I
z+>T!hUAJcKAmWZGg!N{70fyjQO}C0&+ZG2Q4JXjGs4S4ZAOYuUs_tB?-qmDX2bgem
zJz?>DL<LoC_IrIE&1D|0LY<W2E#X=sY$JL;w#t{!obF9rAL`N+bZN@1^Knk_Thb-q
z!(4kUul@oQr?d3nvVdiLKC6|^(%l`T%xyXlVaM+*Z7;`EvQ}ic7q`(+cGCPSs|O@i
zY9J|n8_&V-|Kk~$7WK}qg;!`ZMXTku4-O_Yf;&5_R>C@67#3zLWtU9bO^;n{-+~2Q
zj`tvNP-ew*5$wtG^pVQ+k-bN&gYw`=Wq_x%{-DsgI#ZrGQkkLXY<c!bWtO53z*Zl`
zFt}{*(F!9t3cJ5tnnvE<WBu`$p_7<l#NT04`42bkx3@s%y(aT(kijG>I*4(z^^5Tu
zgXk~MU%goY@$hXuj5y5J<I)7;=DLzZ>U9fKFMEf@$V4I>)oQT}Cq_aI7e=L)N2Dqi
zx0{pCq72wigFR7CXP(IpDl;#bDgQTfYwcVS*P%$R3c;^CLC(`JL45C1olGCWdijwy
zYP^HG?$(>b$$ib?%)Y&Q+l}V%&ik9gc>mtLSU7?^))e60syE=?kUJ*Jci!KxR;F>6
z*j}uTHTSW3>ZjhKf2WjoALZPrR-*pB-*kPja-<a@RJ&aH_4kxYSQ%<OtX^lxy^kzc
z1}jk*m|;0j{ea7B+*k1jNA%E+wp_6rC-?8$)4`Ut{dHQ(C8oT4Pq#9S>|d~NZ*yK*
zYA&KAci#_1Qh(qcv#_3U?y9P@;;NH+ldp3pQvsymt5R{@A8~z<`3v@<Su6QiT_f2n
z+7fb3qqAu1uN}mxGi#ypmk)L)_T8u9{#RkUMZ*jB*BAHgb(MC@DZAUg0`ZJv`Hyta
z)w&IcH8Wz}MjE8E@O-uemQEWz%=;?Ra(oqL>@lkEZ8XukbN1S+4vxU@$X=clGkpZB
zv(?!nSh%Rp9qC1Td$qkd>7_b<q*vE-vpUTi<Jc7F`Mt*Ceq2y+E?;KwFtHyuFD&tG
z77ttYqj{t+-$ptATIEE>K?rd-CsZ<TTb1ipG^iYnW}?B7!M>x>Y=og>@6l)uzkHvM
z=JdW0&FXzITHt&6^7iy)-Kf5}`$)e!Jf~kPm2t4my?5`w94G6*F{;n*$ItA(y-|IE
zPYe6@!T`lpdJx*T7l-HI@lpoZ+r^i4*xYqyA4e0Hxm3OLP0jMDrN-2@`y4Kvvb(al
zZ+P!Zc5j6syHi@0Drzrnf}>TO=Zg+x&2;pveI*T-@h0ediR0yrJ*s}n;tJI;9(ZO)
zWycnO4i=1aPOpbgzPao{hRu_Ckl~vc3)X&`Q<PxS8HYo23?T+d<@TJ>Eq)HWVsgG!
zW>1>@IoPKDne(sc&#`<rxjw0k#UWlu`6|V6G!sY23)zD*SxDxs0eu0M1NP&S<;eca
zG4VsxAsgo{#>$oVhmoboqxfqY=npoa?{1>UZwmKfjf9KhZ{&q3+l6dJdRkfiFMR#d
zvTP)M`$S~ZH%!{aS*@*>_?dSYPNl?o_lK39iqHy*)2^mP>(tWcu09#0MZn~`iG^s;
z;M0?8hTRw|Q~HkdYRXMNf}IjMUE{pkm+>Z)arGN%L0R|p#NX$0Y#rJsHYhOLX(9<<
zsjilj;$j@AlpYDck8Gg4Dq|N1Yu~~G@(B5$d{vg$idVJb1?R>aE_4Ias0;*8R?D5G
z#f;AQ@3jJVmS9$`qbJ`g(vvYd_1#fft550jjIYlk{SMul67+4Mu+wQ+woleAi>0tb
zte$~BU_tav3$c_U{|)SYWB;vKFMcL^v2`$FyZo*yKii)CC%!LE&%|Fz5ES_HyT68C
z{woikJZw%+$Df4S;jO%R^TE3!w`-3;0$RYrNHA^z>#YTTZUO5X885ehwYyTPuE8j;
zmKWAuf*+0{tk*Vvo79nm+mni-4iHln-d$-$3ul*?$af*nrBtV#ky)!^c9V7*9j{DQ
z{j72@@`;SDQQggZsgCk%ROcnWmT$H_zZ0cEABxgW<OZqUq;kilU+01RUz?7Z&#{=-
zi_yz*D(tO3V~p+Z>atv-EsLW*IkzE`280?;jeu8?iGySG{3J*0;94C=@ZYT-X|%SX
zESZ0I(*u0SIBQ{`T>U1Lu2TY43j-o<nqZrAFaO7a^eh1poVrW%F7^6q6{$!1t25NP
zOQj~m*GpdnRPb>NFRl=$=fLRt%QwKoP4;;HGjN6e@;gFYfyHZAR{7I$j0aFkcEqKI
zO#{IrNnnQl@-rBn&E*i$K}MvS!Q78iwCQVMx399Q`Uy@)Th6FK^#-gsAO^U)3JAiW
zH`p;lnn+cHKfExc+G8^T&{{Z)uL%gQ#Sk;S8HNBbU}Bh<`$yiC+iR);KsdsgO!f%;
z%}O!bn?;d&U3(*f>9NWF@@rGPtH1nmyttBMf9eH)fp)=2##^QOz&KYg!b2OskD<dN
z3bVDh*xRba>S|ZQeXHL_1LKDu@4Eg*t8d1$<q7bP<>J)dsXI=E;AFJ=NA&$~{Bd(!
zDmv=7kIeLjbp&8kDztm<Em~xN^58;+avuGu=+MO&WVCmw-zzP@o+UsvFi$!)rEQgW
z8V^vh$J2YK^-j0PBy(r>&fKwez058B0wS2OP-j^CZ0~K~0n7Ca-zaC4dZ$B#dGDRU
z##Jf!H3sf^2GB$4!5w;cV5pvNd<;J*Om8YdJ9-}N;6T*xqto>9t*n<WK<#`Y(D~#>
z>{H>9;AYZqr`TltAP%EkO)hgnVCtLiuI$!3LEBXEmQLY?7}cG4WhE}1((I!XvOzgP
z+1UoBXl=7p#*V~B!<xTl<#vjQi!`j!iQ2JVn`0V%a_MmpRbv4pL*&gg@+ObM+1af7
zY>~JFtp~czI_<SA#kPL>T^<LPLPqUOCAyoWIiA-`Uq^L)GN?y_Q5ZWmFMk#uZtUQY
z;CsyG<#&&(U=9}8D}k`Tqp%uPDyud$bgf_QY$rn^dAJ+~Hlw+SK^ew`(1f6^Wm5Q`
zBZ@{A^eNR3D&HP3sMrH^439J=`#`bSLa0l=y79nO5uwG^uTiSwq&il0Sz$J8Q?_!y
zi^0j_g_8BGhAqjY!*Fm)M;MMbSj7;czIpj-D4Nr{&C9>a{um5I)CS<Vg+svRrN=^)
zrS)Bnfc~VF$>pdg7j-QOa#ZYDwl_ss0N6C9BW*@U+HAH+y|fRRx-r!OzsmL#?(-Kw
zf?9n$-+ht%sNb>fh8t>Bkv_#nM(L_ZkjBq3?68NShps)!*<p8`8gGXkDDZQ3*y}T1
z8@9vlg`~Z$a$I&8vwH&UupbN3AKi2L<B9M0+74qrPnsRZ_Wyyk!@dNIC~t>xK<qDn
z6h46=*2K!@?Uq>o``!|xs(;^FVwSn@fhESF$XQ}$L*V3y5nGHZKDqn@YK*CBPr5Ot
zdi2H^ZLx2n9`m-C8C0K>L8ZwZjj?3C{&s6jCdWy(#-t7>$r_UqIBSeLaFT5?C1<wS
zGmo)Ude+B|A&{=6R_DrC6q)0y>c#n0)e6^MN7hzvBn*$W)r)CNq*!^S^vAG8-P-DB
zArq{veuP0{{^i>09tFh1WArdnkN5F`OQ~|H&qe0Kl~a?!=Czy*IGK4No(-0hs#{`Q
zl(ndbKQa;wXCp9q;xXYm-$$8euB~3GTvp?sF)5Cl;o53ej%%xrc7n8*Ux+$+ne6l2
z+A3<jU&Tylc+Y+Kb8juNV(n}{7S#4*c@6)^TIJpjW=3481ey)OrsP`n=Is6^q?%gK
z)Y2?OI*r-=m}+71wT87etj+dnSh4EWwra@}8w7{TSn;gPG!`$zLM-!kU*yfL!_IIW
zb~d*Ri#Y0tqK+7BH8x$MWn5UGomq(#TRJ!R8<tfqja!@D!Yo#-v_jjdV}-WC720kz
zjg{K{jZ={Ww?=yus%GoBl)?(dfD%WeL%U$2SFH6a)5-x43hmV%*4+EZ${=(=tv%A_
zMdft8c0N8=4H?CcS36e5v|~<=3%hAMmP-#nMsw@Bxe#c0X^1WCT4K(rU}4wmnqSvN
z9kHEJ320cq$cr@DP8?Up>ri?A2oB|)j_Si5Xz4PlZ8O&6(RQd&uFE&)paodgq{D1;
zc#r+i1T0{}X$tyKp2O=I`;V6Ar!PC|=6FMJ{yvr0+4^vX%lv+E8G9vmW1W2mSp1tq
zH^1Oae=az8vEU47aRzxriZe_+69>1w?ts!~W5JTDt%fq1F0KL6igXkKQ<;t*$94pC
z(2Hj5nM=}p`*m~`Ei!9sRxg?}Pn^TsKxF{DtPb|6UjSn0q3iTodwbD>2@x>Z3q+Gn
zTb&cuhVg=hZGaAocpNtI4BQ6UP1kLC$S`7okLX4N)GLJd0<Y_U4;W!V92`KbkmCtH
z7-a#T>3trLV)?;&<_MceYt(y1*qgxHtT}R_dapJYPVUt$nth~ChkjZ?2!pMLa>sAr
z4k=q!bt~q0-QU{`C$6$1)MmVH@voclxL;(zK9dBP)a$e2^neW71I7Y-7)~Wm+w3Vw
z7*Y57!zE=D=(QCA4~!2#z0HhI4~$O_iqD=HAD)8vkT(>N@xg>bJ|Un7#-|6yrw7KT
z2gPSkj1N!4vx0^L5n+lH1h6Aj^`anP2j^bBlVk)E0usgV9DdO_c$#Ok9IeLtZGdOr
ztiZZ++=QJ$^p#=wc4D{*MKlEP6;9m{Ujf5Ilhg%LYu4i~bVBaJtDD2wpin7Ef!)%R
z6n211gCXGPSx3gO6e@EV)h>@GF$`Y;BV$&b`OF(0lI)t`2=B-3`(v!jav5ekmtoSl
z4BLJQA}O8Wt3ZshXXx%i>#SYGI0HHZZ4Yw{=?s#>7@OfM&@uiyel&{t4DzRello`)
z4D>%1pFwf_-%K1KpW(t@$Y<bs<94pwspys}zaOkK<0i<yDqqD|D_1_0>!^H;;z#L|
zckoI0DdaQ+;i7mYFT8P1Ll93UeKX#&>95aecs$DFI1MZUI1Nd0z-dUH!D&dIyY?Y=
zq=v_`6e2a~Nv4P+HR$sUQUj~QlNwmY+s0`K%I;0upulXW^*9ZWLU|phVcqgt8A)o`
z%L0<r5R^}(1}k3GiswlUOrK|z+`#X7hSLz_8%D0|=15@+I1Pbp6kk-NCn={PBfEQ4
zHsCbOdR;c%AJy?dHsC*SeOj_X_{43ik2A|_pth_&8@X|v*0;OX!^@SY6#3r?>EzF^
z*cO~$vDx)Fb+-5u=*@nuKjbxht6X;dae8)?*YI?t!GC4-?U~uFA+zDPkl(e(q8pIe
z@Cb|v<CqQC7Wg?t{qq^Gv50z>*YMn=qF7JI!E0b<Rl`2MqBbR;(Qz9t^9hY|8(!kQ
zWCQ294c8{Vw2@6u)RqCap?KUZmQD2M`1H*28<^LVhO1KxT%F#|Z@8V`fITSRJAMNd
z{reVGx6FMHP<0MQ0l(pY9j2~|J?WUbYVmeV{rjKcAayuNn7WkUe-2Yuav{HAU3={H
z=;vz}J9}*Vrt$XJlM4KtJ@&?o*9Pse>%9p8Tj$vJ*f_gqV|LdYg0x1t3~x+)&F*5H
zc4o>|teC|1qdoP#v&UG5lV*=m3vRc^$if1scDp_HJ+;TE=-;>Ym}TyJV2^Q-`rmAi
zsbWvMJ*HX=?XlbWroHb&zNwVqBw1rpf&WRqsS-4M?50~mVW`eyHMD}YH7;e!Rtoln
zd)~rd&^So(@Ji`JklhGx;oS;2sK@Ws1IP(~#)tZdON8CwIhhd`tS62LjXFic`BAA6
zr)c<7iB!chW#upAGkid~uf~7QUoXdV!d}HShB)CfNRE7lw>v?ucYO|WAJ*9cMSKRW
zMPq4pxQL}zEc9bNc6hq}o?&DLymAS68z>GC(%%K_DDRR8fiO6o3({4EsSX*Yjcq0j
z10P63NPiio14_gqC=m$JWPqmRL5_epTtSbZFiu~FY`X!+K8|<8Rvxaca=Ddj;1PB~
zbBj7@5n67f*~)F|!W?;Ke#nnN9NB&9Bu5|`Zn<`Bh)g7`FYa4A@tlagFtuGn9|tEQ
z-REv?9L0YnRj4>s@SKED51b6?5MB+`ukMd><@gXzb9}5$!Hf=J2|1?%It1dZ2xm_C
z5Hm;Ed<heRb-4#=ZiEMMKB*4iK{P>FIGfMlL2QCfoXKZUAm*t~Xg87{pk-9ZKHui?
zuoJt^nO3`)193K@+=La>Xm~!D4_HgJMe19gUP`yx<9U?%a5hsxNb()dXZo423EzPc
z<@pXDWFtAggPzCn9prf|zJr9ad<SzH%Xc_GSOWfD@Ey(%`3|fg5D-WQpnJl1ko$PP
z!+EIrfbYQ96U29L86w}|yc5B9a0Ouj8J`#ox03I0*P!8U6W`(e_5onO_($|X$9Gr`
zqOX7uma<|_0N-I&XEEGqL)?b-_zbzT7>0KWvYGN3Sm~b6a6U!~bWVH(xF&U1l=pS+
zdxz6O^CvKX*`Qmp;~rN3j^cW3e0WBw4$BGEfdjYpi*x*};d`5&*)YO$cm+gKp2N3*
z8)bP8??kJt?PG*_o`W1io`W1vo(#`{j_dIp<i8Hjf&RzhIVg_tJcs-Bi+K(#x*!&P
z7ignocn*xUa^+8v=fKA(ew)5y2XDa7dOQacen(!InA*n9Zg6YcBk9WyjI!yk&vSSj
z%H((sj14@8q&VO?B+uYEB+p%aU>(ijT`YuX4tfe{4zlY&b6{<Fngi<b1o0fK4$Tw}
z3VbY{LvVJ(y5&_FNppA)3rLznP(INdtaw!`o~JoTPuAr*sLdj0mMidho`aR~PmA<q
zgy&$ge>o}}a2EoeLW<3XI$kWBtVu8Uz7WVQdbcdkf!ebAW#q=ZlXmA=gS#i5Qsln@
zo`Y&nooy`7;Z08`&w+wPJcs?zcm6AHW4UJ+7DJxHcah(<{Rmkur+c8+uHnfG<*WF!
z=D_odF<zt`h;iV#=N{M@4PQ+vW24yl-;yhH@Z7eqM8+53+{~zI*Qa9~hirQWSo?>4
z21Yp!H+wI%(<s({OX8d3I0WZ1tfx<E^MDVL=u@DNiQ9M`a~uce^`v3y)BsnfKX@F6
zPhp2(e(#{paCjFyf~|u(!vPbV+#dH0pW*OiMwgu7a0w&&fj`6Hx51xvJFNT5FT_i5
zh6DGLpssG~84k8%JlXHf(;F7BFWa5o;0|t}b^}PCKn`x}!40orwr}0R4YOnN^*zAQ
zIrsz^`XVak)7leY_Z)!;j{^hB{qAxVK81%i@K^^#Vuv<#mp{YCl)fJKp$*xS8QgIk
zxE#k$W<bmCV8!7a7w*Lm8??LhL`dn-0pLja6CaulJLJOzc$lfZ<B$OzebEY!An3Po
z7y+ig{wU9;-y*My!htTmu3>5Q(v7H*zYFRrIn(7&;Sr1n{#=Is@~g(xAy?RJ8}c(1
z_F^2ifHU3JJC}h+Ipoe|=r7-o38?aK^|=hZA;{MYtB3m{a;G!|2QPGzgBQ9u<{&(H
zAvxNG2T0)Hg^sl%k74i!FZ9EM7y5Saf)nHU3~X#10FiI({?cAVrlS<PcIE>QRko8(
z{3#GqatY5|FuFx=$_`#YktTb+q>-mGjcg~F@LPP+_xeexig^hI_S2S0*iVm>{WLi6
z=8TP$y$ZXvIkcb5&zV+xGG60ME0jGv|Ei9JQ#<rHc%sbg39_N4gFKAdP=mxbXF~;c
z(f^zc#k`(08;V-+18YOwehwB-1k(8Wzu_D#D*E>=FTpbRJ+P@b7zH-f|2m$iD)yxF
z5>$(~^Af(_&%u&1oFra?RN#M-m!Jegd+bV1^6;+^&)SK8zV?J-JZo^^Eg4HIV}y0K
zg!b7uBP?r!4gF_dSl@BjV9ekNvcb*{@-S+H-6`??ez3uq*OO+0vE_eYZLog?qEv`u
z{S|>HyUQ5+vh6I=KPLR-?>OPKbmM1{K8?{OIMx-6=m!SJx?|=Dz~nHW{_?9a!%l##
zYw;2QS?|zDaWa6cF~^Wn$G>mQFU#Eb!2IGk<jgP4;fH9YVoWO{T#`|4hc)FeEwZ6b
z8m7hbB^{;}9x<!x>*BQ0b%3qhX`_O+{Ar^O#Bp<taj2H+%As1sJ9wmM9@8>lif4)j
zgG10I{$N}!rl{7hD)6mEwI0j_et=M|mq1;TG2(f6@!%IxEjG79wMLrzWI|hEulOIq
zwv=FKOFf9gBmWg$3siLfPkLrmO8BfUlyR8{PGUKF)>Dhmv8wR?AkaEwCk4Dv0IWLC
z>fSUAQvN`t^fqM4@j~wcnczIDGZ`f2U!G_6BMJx>=#T0FywH2_fxOVH3wfbAmxU3R
zVQ16{M`Y!~4bK^M+LJg{EC(uU$N{|r^UX7@9;lpF<9qSfaO?0)tE?P3pvz8>>y*EP
zdimt~98k1HANR*ZJg^F9SmCx`JWqfo*~Lk}(ePX_n{fCQ?oZiAhGz}lHF-m}MqeC)
ztV6L{Acn%TDo=4i;n~6ASN%H4oVZn{j;n~o;l$IO?SQMJmDwgvwP91Et!t&b<Ja*x
zXL-&QZuiYzH-s2Q4!A;GIN)k_C9;?p&odE^=O5~*DqfakXI8Cq_mDr=>i=i&Tj1;{
zs`NYEeY@{-W;%Cr@4W9MA)(2g32zt@6h%Q)L_onA5RyPth{DyGfXX-_x~}^K6(J%b
zSy5MoeX6^ztE;ZMzSbu`*9W?|yXvlw_3f@2{@-^__3Pd{lK~S5`zOE5?e3~mRi~;>
zRh>HL)Ttt2K!G$^g%Jk~h3Ks-Ux3FNn4r=DGTsVwtW{{NX4n9lVu}reuR^22x((v1
zVeZATt;C*F`^yU-FWu^xZq3?rW?*Q~8Fi_Q2ihaG+jC}8fChwE)SgodGC|$#Ic?FI
zNA{eNAt&4M_fghz=*J$#O+w<?>S(kFEjoK)ez}J4u;?6votBtw!lH8$BtjobxyJE~
zrCBHZTzQT45>}$0EBNkd4Do^?7}M>wNAPk4yk3pc>lJb0UER^WQkgrjKxW3qlNVSy
zb>3DbG?xw?@EdD@8agl?I+$-%f#f6#lrmn0<?3tH3k~UAMf%_jayt9X@%0H`QGRU?
zu3kDrdb7UAukUf|=4)V&Kd=XPF=^c39)EC;JE&j7<>rXx=EWmgrBFE2&DUr4Y&*}w
zgKp8wxUkNq>$J(QpaeLf+J;h)^|n;raBs8?`6JV9QLdvfAsWX$mtK-Dydg=(7}k<A
z?>VX?Z)oHuzks_0_Rw2WHIE{gU$ww;7*a%O%o>^_Xot2z-&Tr?QLjMouLUPuLD|$D
zDknI_HdROH9*9QE@FxcET5u@V>kh;?1(j{*xr3?Cpa(<R9ZEuaHDovyg0^wP({y4Z
z4UixFy6EjPcQZMeuLEG)n7L949-IzamX%}LgA?A%;?1eNv^S^Tv^S^MVqVEuKT1=u
z*8=~{`1&bOIT{Z4Pi14#2D}Uojk@7&i}-oMMCS~tg`_iriB2X?+T3t%p)JZ1wvPV@
zki^#U5{N;vwvL<7OAF72z#?ty$n{qP)3%NRg*h!_>&U?HXs&+UeL6`z7x^SU<I{=p
z`?GbFJkH4Ek@o5I7pRox9?5UiZirQn!qYyTgvYSwnX9vNhPIA;^}-WnR+xJd9$jr6
zQ|Y|$q;}xt+d8K5$&@d=jh8Kd*|v_X0&E@Q>cG}9euu4N{9XyU_!wKqN3arN>nLx+
zcNv#XvLwOQk*#q6Z5>l}kJ!6Zh3|u{<C682I?~qhR929-j;Z>It)o`Y)#@$7)-i=Q
zm^@_}C2<#9#}up=Ztg}WiLGM>_EDX%DZ9j!|C~gxnx^seT~)n8_#6+h9a>5++ZmR%
zbtJX4E(bPd&_*_{V)q7H$8Pb<uyvFXCxb2A03z(>)2T5xYQ|%2sMDv@Zj5ODv&UKQ
zMsN1Isuu#`g)1-)=+x<>8G&zBS--KC76xbJ#5ZQ5mM15EcHB_Qv4c$6I}+EppBC%W
zl)d8<qk=l^9j}R^gfDOR=`<h5E=NwBr76;i^n1!SGP$$rKGB)6cO<R{O-@WAFm3wK
zvv+)0SO0%XS5HDeWQE0w+=C!2=4AALSywL&d(d_D(uxo3>JN2Yy%57e($xzIJdnD2
zDKITx-VNS>|GM*Iuf#xKXc>O&e>03#mLJ<%Uz8vFa3*Sb{MheAEP%-0?t|W*xE>&W
z?1mH$oqGFM#j%G1KSo>+8b3xNc$gpKmiu9!PW#vl52BAv68a&_k128w0zbyd=>IZ5
zCJlSg`7vq5hxxHXogWioI7s}MkiY}Uk4b@Pe(YRj#}1Uf-yMab(7~-MOX&9BK;|Kl
zmpj&1fWvZh`)`tjP|^K~ym(<-05tk<W(+T{5)j{45MDW@0i&LR@HQ*WrO~thRE;jl
zHgzOx?Ci+g(efA9{og4yal_mBTtfFRaMb<ZY5=Jtqpz%gS%&Ukbho%Loa$EU{Hbom
z4^-Jue&g;Qp9<}2jwS+tposthJONM}0mh4s0ODyQz<AMx6PjvpH4;E9jRY8ryHJq5
zSP3AuTtHYgPcwnM8VKYYMW|xo>WKyds;FII+&zH@cdbXFZfQFKq|X=%bl3<WJGBwW
zW>!7Qvwjyj-z~aCa|_mevlW2)tj(}MO$Pkc96R^o-<GY^<-(T{w6E|f1fNDZI5^r$
z2SeiN$Y@af!RvNg){1qXxis=YQq9+@g(*Fx3N`GFBbQc-)W_b~IAseov!&WTC)~Wk
zDq7GB7F7wz+p5cFLKzDXRGATxeo&*(p%Mp>X8>mVRs|X`N<;(XDG-6vP=g&%5)18Y
zP^eEs<y*n!O*njb{pI^ysD67kJr>mud`Ag5@_(ge<dZwWOrfbe!8+|F{#=HF$q738
zPFoo-6d2k|M8iP#Yt(5jW-p<+ngOQv5}Bax_7a``uRz3+*@Vc;e-~xmH@k_=v~{Ta
z!>~<&%Of$HC_;}b<`giS=;fG^Tf=BE(N7XOoM3c>g`4O+wY3<*%NPeQou%2Mcv&kZ
zD1y_|fYW~LChqmsZesIxA6MEL0|^O)*~AGz4Z|oM3bP5LY{rDnIcIUZi96VTu$z!)
zY&Y>|(yNi(gnmVK6Z#d|O~}`8VK))wowb{g(1UL`A;q-YO-Nv5H=!Q~$8O@Sx+t)J
zegzsZb`zUZ1_ll;v^$_aq1x>xPFTWjVhNv6BWa_E_ZAw*r?7N$S+j?PF1s2<Y~Ehr
zEseN!kn6`OXosbJMMd@znBI%dh<Al?8#StKqx#@O3O8gSuVvXxd>6$fHWL#A?KTs)
zp@$Y`AuQ^!nUKJ=&4dJ?+>Ffx1DCRykoYBRCK$gzn+eHdahr)3pi&~15!@2pBdZ>T
zcd?mZuFlRaw3*<m7rs_zgt@=QV=0>n1%6#S@O`$K=qO*=zHIr+wwYjVu$hRf1DlEX
z9X1p3d&Xws^{j;0Ovqc>W<vNr*i5iB4!q5TwxM##sS4i*n~5ds8{16$DJw{uiB$c>
zW<smyYW0?HGa-EzG1HQGahnOP<KAv`(qS{9uy5>yP1!tjwV6oMc-m&-39;<A(>@}V
zXKY82wV5Ebv_1)Jboj_z!~4%7n~84m%dnY{)|0`usLjMzu3KxyV>g?L=Ku%(v&UKQ
z#uKtO6L$mQg`F4&a1eD7{6VD!^C^!}#+AVhm^IqHL=Ei-f94~To9R?)WZ^Y<fZt2|
zGWc}dD9f>r;9S(rPgM6gO8rNfJFosSDyY*w;u}#E`lVAI|IIj7<?$&S4Yo~&F4}D&
z7Q<_4yNUZmYsPMZbvS5pdJ=-E=R?nK;`2D^*7bbddw3wO?R?!^cq}e+1gX<c)Dh7k
zGx~gqUF}q-p2Pg&19lfPr-#e|J9vbts7IKgU}z$7k#jRP)bZJwKf*`qeBIk*=J>78
z*Wt$AUM;%2k0??$1oMZSk0{0KL6FIFLQ2WxAA?@`M#}FIcHqWG)CR<4iMjiEI-77p
zs$G3V<qP88r@5j)^G|ly#7fWsUH<5)wyI|}1F${fM<cIJfIJKSoJ6P77xaneFE8Ue
zNLsI=PKG>n1qFE$d__U7A~`hez^mpnzM^oM^dy8(F*Zf)xQx@Nocc&AsPCwvei^?~
z21%T`^HZLr@{yAvY0lJ{yU(LFzL089+{8QqzjFOk??Hr_FQ~4I21)<a8y0J4P7pk<
z*FUve(q6oOKT>qh)aFO3f9g~g@LQg^gN48PIYASvZ#If*OoN%zi78J~mDrOMWIq{C
zQt@!5@2KQpE)Uc7pna}J9Z}(zV{$MPNB`7I@R6Qh=t`>6Ne%}|^e!E&qW1^Dhm@3-
zmb+iYX%hds^H@K}U|zUdd8~`uc&z$telX2bWsFf@l8IW(_yOf+`K|9nOS$l%_rd;w
zIL5rrVth@?9(4(R>lY~;I{B?%#<9z>f5`Id2cEAYt_O{;V&^|(`Ko)s;B@7yK2AQU
zjj#G!azp#!tHOx6;IxV9;cc`Cs7}o@yO^!If*C#J*{VazZ2?LAkhOeJ<Q@bri_=i#
zwg7XbZ;fFQZueUN-?EjdL)mSCG~YpYTOe%}IpbtoeHCrh?zcdE^L|kHpl1q?0G}oi
z4^^Fd*lR&G>x=XLcr7r4<={EwOb?0&fR~cu(!A7zV8f8_0|SuAuN~{x;Hj2l!%&oj
zuwlr_ix;*9z=omB7}_uh2y7Sxgf<Ks0AmCJp$&uPLK}wtrJ@Z(Te6PA8=IGr&+|L-
zaTLR@I$Iol>yw(gq0i?MHVy(u8;2DJkaD-LqFwKkjYAOGI2=iv1+i{8l2`p;3+Xok
zgo!HzK#83LfYic)FogC5CP#k=fDu~<z=)LtKnRNn=1ivufDn5JK!~LSAOMMQ<XXV>
zCTWWY+ByVsEIqM!xK=G5y4pJ&*=g@!RQTn5{!E|e+tc<ACM&E-p7mBtr{8=4>>ZAV
z=LaaTsjBY1WUJaf^s=q>z-WHpy4^H)s5K71ZC$<bg4?QvTD3U!S@bBZ34$W69ZK>-
zYX|H*6Ke-JcUIjW9Trz$?NBz>4)pqLOcXQ<T_$k=iR~Bw6j?hMAb4|O1_Vw+Mb-`m
z$~RDePD2f43j|bb69Ll;T0y{Q15yXEiNHR1(->_c@{SUGWD}ufq--Kgp-b9CtdyZ+
za_Tz1yij0h6A=v?*~2Ym6QQ}90jV|-nV`jNB6u%d<U<19Hb~|;XAW-*iD?AN&RH)7
z+<mi+I9Y8YhG2j&rM40DC~+KLVH#1UX~a?dplL)O=}inJXc_@S39k_{j;0X<G>yPj
zb!r+hV(t$+ANcIgE}~cMB2M1!!*@lbX=WhoBBr+I6K@jtG7x4F#{of{_*Xl(rR*Yl
z*@v);kY{Wc5lGKQb`km&*+uAAWEUY{zlB{yly}xHLP8I|U4#_VZWkeekzIs-92~od
z9$iRClPfVN8oP*-Q#J+;e3Lu`>>}*d<N24!|1HkYC5=-q-7+joO!_*w#mpsoyZewh
zd3ynrPIC#2*$3QS;)fWLiM_<HA+^f-m~hZ@3onFlsl#4E0@L;q5`a2n>?Ihul)Z$+
zFJUji`2E>SNFIyZOPn#(-ClxK7x4~o?qV;&T%DcIpuGfNz0i`GVy=eAQuY!GY_|j7
zXM2f`@|DHRmcML!3FZcSiMTqjmx$kCFA=|I>?J%_LhL2vEp0C$JS6NT*cu1kUP9YY
zIr3D6?}NR>lJ$-4B}%Ly?Ilw66MG4*o~zYczP*I>S;Ur0;>GPHw2p2!I_a>NP}o8z
zY|6HwtGz^;##OJs9z35lep`z6Q+dSp5#7SFHWQ?n)-k|HhY-fl{^O5Csjp@EwzF?V
z(VKAVrRKQPzi$P+$hoyrvtNgrBLi+xn~8mY`J5FB*v)35g);ch9%tR9qFJ+v#{lPr
zc?^eTnN3`R$zwTY6Eg2n?ymQ19TzvuZ(}!+vSlE`UF7@O{!PjE`y&K8?I|7`MFHnd
z`Tl8fY@2*P<wGLTFJ#N_Cf`qB?=#IA+X>=(&}96ihKH<-|8tPGca`zKn?m_E8ULFp
zn!kTC{)bH`u;d3LtqUm_9Sw5Tv0yY96Me1U`UUkMji4cVZ#;g2Z&hvY&vb%>eJGkv
zC|(bOP@i*8B-E$;l8W_q+X<2BAIhc^(t3x4>4Y?ATJHZjv}ae_iFYHStL?<?h{#SF
z#zrNvow!!g-e22^N3(!K(sm-TxuWev<^GyZ2ss=i(+TNdb87JckoQY*X?g$C$!PK4
zf$>qCoLO|o?6E!07*8)=zm(r%XUHCc_hRx`Dc{9U#tdBaYT<cg9Fo17W06}ix`A^5
zlk#1BCX<BxrRUM7NkY7wD=%;~Ji`~N0wlyA@-&2!e}x(AfblgOstYtxBj`xgQB-4X
zM?Q_y_n&P1I@GKqrK1?|>_qwu*OORR`a8ZzYUhSe<+D>CkcFc@;4A}3zVTQL+^;Y9
z%p-cUihX1rhw<>U0S;*MlpNysXox;2%+K?%UcOP=&cJ^8?cL5}k$DIbk;<1;zNCUr
zW2AzB-)ACU68Vyd&Tx^R4+$jFc#_7GH1JT1G*AwBOyfx!PttgjrVPV2rpZYfk!#|e
zX`oo(i9-AkISM-Y%W_H(g5s!Qfu||qxs|70f&$Ki1uBqq>V9;ta<2n{={Tg(zIb3}
z`yG!SGv_LY=zkeGWzJRdSeTE@;M5dIK*KOJ?Ik&oH_ut`LmvN1{en<#(Ke?lOOXfW
zvJdaddH7b|TJdT=oGa&7BZWCBiGy$EIAwIMG69EH1&)Q=;fD-7bFJn)2xP~%@AY==
z!q&u58job`@O>M2XBLukhZ+z-#_kNLLcxUO^qi1wQKtPS?hPA-@EDx=DPs6-5dw8$
z0wo;}F9t`+yCG1{2af|>+gZepoDJ!#<XsChL7kF!mQ8!CSnfWwheVJ$i+CsE@7tKL
z8-+d9g1B=&iPG}AKMK+NF?@wL=N^c*n|z1teHCTzB2lO8eT4KVM-M4`Un>+%K+4`X
za7;k`qq28sg(x)NYmZ@I!E<&2XM^{mSP<zcJh4bRngiY+F?y<upJ&XjRX1_=eD4Ys
z&Y!fMlo<)<83<Z928hF%c{&u*`6jBcDjPafXdK4Mi~tcmBX$?ICik%XVf6v656;9-
zCj~%eFVBYhhAyk@K3@wj7Wxp`eSW}viR?Z<WWGdppC2(_Lwo$8J^3;7rT(5P#^Eza
z-uP(FMXs4WxNP=@;F{T|`)9u7A-k850$esrNHNG!o*#Jh;hb-*)Vy&;1$;;cd3ut@
zbf$r5a(a1ogW@(Q*-GLM8m^ng3p8vvgEFQ+le`l2<Qt|&&|~5>sEL4HG~Xykg#>vt
zx%q$|FW>0X54V=D?b+)#3VD#%UcBdl2X`ZRdYp#EFEYdnyvPT^-u&R6JnObH-ze=t
z=6J0JD}(B`YJbod^lz)KatDG{dvOKm%5BwJet1tF_X$+%K`p3nqfta2%XAezT|wd=
zybc9}!O*tqFd73PHH3@=Bd85tMuXvCbX#@I9Sp|y=10*L2*lQjXl|>H2jlrhfS1+o
zSg?9;FwO$j<Qu)nrVqhugEhh0ZPmlv(crMX!C^tLt-21*#1Y$%*!B4aDk8-ku0^xX
zVX!_pd|UO1;D{jHR^1S62-a<@Hr=71xi?r9tln0gK+MFp>SVsL%3!-Om<%><s~+hN
z2S@G=2GM%ksz(J!DUL@6N3(Lr1jjJJw(7CLvH1oIIxaYl2yCk!?~Vk=?{&iqQ)}h_
zV0?W-##iH{l$OKEd>t4c+VGrx)DkB^J%5BQvN80QI1Ab+qz{9>y<o4l@_plv+HI}a
z;*5&YV@#ADN2luI!uC8h^yw=bL;R%eTo0+5!#v|!N8<Sw&hd~luCi=zkK@%ZQRmo}
zSD!BVMQ>;ye6mk|%NfJeV@`r@xLD_db)Wg?K`0YW#4-HcTyvIvCUh9AN}}WV8YFsI
z9mm<|s)cKr<GGPHZd+DV4NU7e1PXP@=r|Y{o=vW*yB}?dC&QV<XZ&b0et$X+$>ZEi
z9%(<?;c#~y2dl27a{XdId@{u^%rjSK=jGIK@YM^SBs1#Vc09W3ID}7*fS=qB%yqYd
zGUQB`?T9EOsq=EmS7tg}{?a;*%TV5@WNb+lpyP<E106^F4jo7QUNMXSrhFV~2%o}g
zh?Ya%r00z%ZQ+ce<zRalEeGq!vw=|^{}+8C#~MsUNgI@dYJAl8ww1{AGi|6_jZ}r%
zPd#yZ$8FgVI>mWA7JUnRdKvXKb)+ZlX;zS0j#T|b%c0eCwR%R&!SW|i#%EZDQ{U&7
z{0Y}CH%ASRsWcO9NhE0(9Y>~)=X9f!McU*1PS}(#VlZmYv@Rn}<0;tT1eX0FdXLd0
zEb)U}mcXcAqcfkRmey`yqe(F4v-*v0@toiGqu-DbCv6y>1<L8>NBhoWn`S)LhCBUe
zKL=&-pFPfc508Qy_yRIQfZg9e_evnV@L~+*WhpmK#jLR$<wo|5!b{>tVVmsli~{BV
z-OhxjbQ{Fi^ugl&n$m4t5+Ts3+qfZ$627+Gm-egT*yZRpI_XMiqnnQGKGK>|Y!F#d
zY>)@%+|2xK$IbP);j1y~Ay<KJEQh~+D{7)JE6qOrC)RW4euPQ=8YJLYrT>=Sa39`p
zx2BQEZq49V2qC8HO9As)nKMGl>53|FE7>6}eJAsJ60EtR4#PWlBIj3g&Es*$8U@)p
zwY8r+12VkcWTMDZWt4xHtvnK0K~C4?V^Q8+sq(Y{QSw!q!=`k<<)U;?ex-hpR2G=t
zw;tAO+<#x%hrp3g()FRJ*HFA31ic35ork<$Lt5{U&}&F@KCIW^{0y;yk5i&>Oy*UW
zc_#D#={1BL4w7C&I{1OpYe;cvy+(2-v>T80R*dF_-%%c`^GxU$GCWo0Oz34Jo$S`G
zEjU%0alnDKGs|zi7Ud}ux*UEh#a9u>1H@O|k;0+VX5`K|wvDe!@k)su$U*0;i0r}Q
ztJwJuS-$GwGokmNuR5g8gp$G!*)ySv+=IYoaT<!)EZIjqB+rCO^Bwdvq0&}q9_p)*
zCOmv5)Og&Wf7Ogv4V*1fcPVrL0uHLIU%&mCP%~H#-kH$!pm+dmM5MShFLeg^8Tof$
zY(zFtR<aryMtX#m5L=5T0mdSc5}{EMEyBNVc<=s=N1S1Mc+Xzk%{e01U}N6M*pgfb
zCY!b-?<P-?$iy9so-MwmGLDM?Qz=Y%bC*IjaZNbQB=TF5-!k-={~*b6_x1ba1!g0E
z#~0p)oekk_*li)W4ZAIbw_%&0yk-Q&muG?+Fjr}Z$GzC?L0db5#@~-Bb%f&hoS>>Y
zoU|Ru4C_fdk`GFq-0<)DjNoE@ewc-$9mzWkAp7zWn0J=1GlzPz3b)r#Wy2@0oF#?U
zjfNwSgpmYfQhtyhz@bpzhAtC;v@0Q?D@hVS9zqpB&xR&cO;Z4;hA0V`Bx8O#(bMO7
zZWLg!JV})*i3sG1l?yN+3@lAjFiZiEO5j6<tN<`8NdXWX0A;A}2V;v8T&#@Eo!rfA
z{Bw&P$zBIKe^6{7_8=?bJH6fXo!%p2Q!<#fDe3Ul4O;+MmW-%niRQ#U8Bg`e{kYRR
zvL`9U7l1?40$Y)+pKd7lOy0vCZoRz@a3AAS!I>#q5&6;bCSQ;vh<aBzUkfzQfkA>C
zGp3D^SnTkYaJWn|=0kueG%8R`!YqgIfWcRxaV%2~!+N4ZLm>GY0RX;y`NI3LDV-<g
zqO{#gCAM4nCm9e<JRm5iP3%_M;AppE1_bl#X1CIo0wYL<n%b>sVJ4`X-OA#3j?=T)
zzsVd{+tX?Hfq4;x&pYe&&T-ms8G98Dnxc%clFcDmwxRy7R>Y2FGwn+bhI?&{mjUKY
zLzWPREPBzoShC=%^CFE;VAz5az%WIDQ}u#;!gqV)#O*<u7ok@gr$`u1IP)g-N}X4r
zH!8gCocq?C_2-xXKeY^-wv<K8{dVIWDa)AwEMg{T5!0U-$}o5sL5Gt#2eaWL2wFpv
zAKLZkeCt||2k!sQz8qB>8hy})<^!Zg*wDzcR&MsgK0Uw3&4(Xi1a3l~t`y4oQTUOE
z_<!;qH~dF4JxiM$0UG%a=6k?ASJz5Y9|y9Q?eBrfOWGZF{t9#kEXxXXYF!wlr2?v6
z^%^HseT#;G@S=YOG@99H7en2ZNWx;K$A=yahap7Z)3deDTi!9nPQD9GmvwFJn?vQW
z&It-<2GPCtaK%pN*8X&K$~}q)!a+{_TVwT}=7IB)&$a`hZ8`!Leo=oMg&IaY$|AN7
zBgWRDQN}2Xj2$=!oQAZb3kr)6>_L}2G2pbm3s0@JV|ty|9e5dk4Z0<<Y4{Z+OIe$S
zzeOJ|ybJ=Mv`qs!6Aet;Gzb*>I%Cto!0_o@;k(;3NIV&zBtB!)!1(>yG)Nv7XYxqf
zG(2v!yG;YDuBCEbWqYelgYaGUJact+wrJD9S1)`!$=RFx7#>}18dB-J@Ne3I*&oZZ
zX-MUhDPP#9w(^&4)4(dgrXj8lY#QQs*fhlNm4+@7#-`z2tcKV$$eZw?#->4*4%jrX
zJr0;nL#pl(vzuyg_R}(L8kVfDsUvL~-pdNorXf{7v1!oixmvwgC%KqSLke#&vdSY%
z(k?a)DOfLjXE!=YY#K7K@9Bh1*(r2Ax0$B#w4dvz8QEhheM-g}+d0HxS(^n?OY7f(
zjTyA0?X;ikZt=^oX^;^ogDt!Oqq&<+!?!Pcq#2L3(WPt}SntNuvIjPQ4ulteALC$I
zHVxY_YutC6hHuA>!ZtYoHVwo#?yE%ho$c3@O~Xeb1UhXRei22<dfaZ)@XI*1P4?dP
zyk@q1(u>$Mq+k=fnEOO)#-xF`9<;NXBm~o@4?REE58E`{f7$yXVADXtJ``;l6t4$C
z*v@$;61G2N&uU8R9TGMT(wu2|{KIE8A9$MvA%}xx(;yxEz}YlNacMbxV$;x#$La~d
zWBsA>Se-TvM~$U<s*Fv8(?~}x+s`%R35E$>4!@PMX&{aVh_C8R;m~Q*&=<$H@l`Qz
zowijy*nAanJ!pItJO3feS3PXgaR2$LL&~OsB!0-+G$?Wp0-MEYC}Oj)|9gn~xt8WT
z=r#?~R%ssUVVef8T8?iDdBAKM%wRcqHVx@P@c`H~NO5UiYIRDs-_`!0VC)Y7M?b(v
zq~M3F9=9jwO+#@$y~o8%+HOJ9eO+}3p2c$%-=^*bJjY=sot&O8`Tm)y3~(zjj!%~J
z@FIX5Duv0<@f^i6>?BsE@pO4cN_7@a4ZZ~GJGSkGU<kLy(7+-wu23Yu3na<ArTlI@
zi=uqkN~|HXlE~T}s~1u|V=HkvU{bac+nFTfZ%Ka3c0N3e$@88*;c`R1>1m@O`NF(m
zy}ZOBfYqqs_9(w21l}HEpu8r7FKEwX*?=35w#*wRw+H#1LEiW~&~zPuT|+%sR0z84
zqqIH6GuRfirwFBbZn&CHr3EMPj}T_zXiqV00NLk11tQ-Ooh}YlLq{9zDZ$Z+549Cs
zNu0!=6ZmuV_H9MjD<obfaNn?a4JbGIaFpkC%MNmTN=}d)o9UW(FXC}dxLXD|22`Kn
z`5-79a*g6Xm&b+tz@NO+D>?N=a;tUA2_9hJzI*d_`XGQY$F{(Q0yuE#XT#NN%g4->
z<?yVrg??ai))eY*{A!Ge4aDZG4TO&@q}I%U)(>OTDV?9@@do7aUACdnq@mARxmIaD
z#j^9P8b({-sX+qlK01P+!VFy4DWLvvzOmP*FY<Bd4LNZ{?l&yn<BhB;1)O=7_IU#`
zH+km0p&*Y8_WF3z&4%Ugx(-_(Lprn>7|>4V7)<W)R@(5w4MIYWA)#(`W?-08L_RW}
zse5emn_(y}%GD62S|4aZCaBZ;fOCY>ZtOQ>Y!8VKv`1=;-Dd#Kw{~Kl_)oU`_$z>g
z>an3~ZxnEtbr+O=R;@Hzb(<$yeq-e{H2j`lzqGakQ^a|27_uHuop~7H`HjMKILKzO
z;OAh5v`GCn6~Soq$@h5IUoHid@#58nYCGUh;zDNA=&dxSs(y2;Rj=lon=laadyMLt
zSFRVfK<8T++Ky)lm<7cP;29t&T>w*~`b;>a1?C5)scz<MOn>T=f8XeHYh$$?;WSHt
zQhIELJzmqXfrWYU29(*;e704q_BN+bX78S$N7UVP*MPEupijzN$ua{eb0x~`jY{lA
ziE!{BCE`l7$@c_3tZF}Q@#wW0E7PT0K@W<DMWZPmx1~+~o{SyZ{rnf(zcH?j@70~X
z1LfwB<>kG6{n9=4OZMV9?dA74u(m@jp}-%P73b@<9i>{;o%#n-xE;7K9SL$*RM8Qz
zQ)q12v#kWpe!g*XwSegXwj0#sS3MI62OB)bLeKDUsslxTP%sMoJRH;yLxEplWuR-H
z{Ks0g)ZB<XR^L7U!+-b%ezw%NqbwMOIWYA=4s^;4PaPH=)U)xandb;&D}RJ;3XH;^
z7pL`{>2EtP$d^bW3JemFHl+Lb<DkxWG0U|lKwG)iVW{VR^!v;R&J6C^a7m*e?YZtV
zt=NMBN3+iD%hLC6hKrO$-~UBOU9$TAQ4rq3^~^Kn!+`6m2B!7>0)_FG(f2bjyo@VQ
zcYVLabMa2%Gx~nU?@!+^dF;sKk=FOG8Sk#|XVtY-&LwO!)%OeUV9zsGXXjPa_w&`$
ziP4)o5-rkI-=9k7g(DoWX<*K$%hUI#^2wC1yhyhErS<*KM4gNe16Be0{<u2O_s8$h
z_s8!QnUsyTf1H&NZNI$9s)aG(202{-pzUXC96&$Ksk%puTB^eAr=|4$=b^sFhryEd
zl{!+}zm658wm(%r(e?|A6u4TwW%y}M;SEMhSv^VIMc<!-^}?}kbdu=%Gq7trVN?40
zu09OXG@gP@*#^YA{nT0WL|0pk<#%a)KB=YkL||hEEopmy@ypQn%ZQV~7CsZBInnpi
z<`;VitlytF>}h5^*06See}(03i*d+V&jB3&+2gGDz%bk!rF<AX9SASH0^?v=`u>wK
zYutBz|C8cIVVfKPeLwLveUO$5XZtm!@1Kki=+yUL6h&c<?vzVk9LKiFrBgcm#NHrV
zeys0L$*^O(x{tJG6#hi^V4bxiA;fh3un&Xo_b)!|n;A3Ef%nZ!x;_;3{fgIvAc*F?
z6A7Xpvig2$y+cCZFU^^jRX?onf8h1~LJkK>-!C2f!0G#?xU`IVyRuk|@K{%2G%wts
zJXV{&f7h!Jys!su3GDjpmerlyRj12>tiOV1M$0z%m;LirDcwHtIY2zr)hQf0d8p^d
zv28q5iZ6N~c&PW*XJ4`=-N18X3wN^vq!(Jh0(&iczTGz>Y=hysSh<76bCEC}vOL!p
zv76|6AI5tT(S9Gs9SF<1ws%?=V-6}C5BCs@;iPX~5Bg^BylyeO_|EHX%;+J1=k;qL
z`-?C2z8)W@=EK48Nq;MwwbrGaq2bK6bpc-P2hY{|Dabi{DaJ5d*!1oqaogdukn0?2
z8+=y<2m}p3=oK$y;$P9c2cr^1Z?OoW^Dz@q?eliUQ&}~zrtTotIJf;jEVV}tbpM>M
zYw((vEY+o~zCz%qUA-<?H!;v1tp|ba;#3u}T_PhNK+AN!=h{L<mYxkEL(DnR6ZLIn
z>dR;qCD(ShZgT#s0GDoTrsfK`bi;Wte6j(XD+;)<Rqr^-Ne=|-A&zovZ8)@`G@Rej
zp9fv@FRi596nWDxpeefgGWZ8Xq~?L-e(N_b)_9x+3YG(se6ggJ8Nz981+CU@spuG)
zEEQV6K^sBOMJIZkEBetDR|Cdr&EglSAHxEE%X=<xh*(>`s6(KHgKyedQAElc)NiTx
ze-)@Co(^8dfn;1B@G=Yzk8(#ZSDOb<<DVG@G7c^QPG1x~r+6`hPB~{oH}qs%T^y>*
zK`J3M{6yn*&<?fh$~shV5>nc-ejR)&+Usih+s!;A1t$EIYrP2N@t?ixCd^jh2hrd7
zpwG>>V~8%ino}4UrZ=rkujgtic@udl#D#}-#u+~A&P<dsqvUL+uAv4NUW0e&9aOfY
zcZ^*dE!7=-*1$%)$-C8fr<&zc&#dWArfg2|mnB}pQ~Vd}5c6MssO$O|UJf0`aVa_0
ztq~HPa;$emQ7EUA2m6~S_JaEC#&zk2+06z<T^+H1xL*3$fsz|7Ui2pG?&wX8eJ57j
zT{p8IHp<*o!?=T=+5!S@M!sZ@h|ejggQRct!L4RE#%l$<$sxDV%Pe}Kl-u<hX0izp
z%@rn-KC96u!EX2*(blP+p0*g0*O={uCu>f1M{#kw;^L%mvE{ypmn*$Cr6!ux%Oph|
zdMpX?!qWh?9_&cd%B!BpwT=T0uaG=yH`TYOOVA!`%&s}%69m=f0O*tL0;MjJm&S1H
z_YAEB+j9`<q1%RDdp%L0t-*14v0y^*N;aF8<5-V~>dIC-fuQ%N)l~Nj8qzaHc6f~B
zG*Pmg@bN6xYW8Yn(W0j!U_B8ao-f2?`8}!U*iBc$hM{oNl{jZ!yy;4uGcVnAWd&!>
zZ@LnC_eKQ|_-5$A1D+gu@qpqNs@HsB8oFAX1Lgr;ID43;5-{-Vmr%)vTdAj^4TS1;
zI;h~<XecJJblJ6=t_*sngWNR0kr3)srxx^HaT}DX<Ch9VT_C)f1fZS;7yv+JhA9WK
z5rdM_pUKZ4f5s1H<A=2D!i;22fT1kFFaXNac}Y8*jT*V>%0dd~k!<X!=3It1c1b*%
ziN=k)w9W`O!*Pj)7$>|TO$Wb3-@TjtP}_maMfN!*|D^XK$g;02dk)$Q_!Oa^zv4D{
zW4IKSKRfn0n1`!a_Rv&_sz*@>LEGeK5H=8nc@A1dau|$*m;<?xiQ|z1jRN?gIMP8Q
zAYeENK-Cd25(OX)sw-KJMq%Cru433B3$xY|4sRD7wz6DcwT}ia_ph|ANRJsWd=zOH
zW)nJO2t%8R8`w?`)YMvx8DSB$8DMHNp&6K<#cU=<kmt`iRyhVaI?%rC0h#1pqmvxx
zxOEYn&T(61W>U!1Om>7$0)S;2&Ld_n!_@H<NwRpWNSUcNad=OQ^=2~<U0L5T4dRH~
zn_Y+$AOc&6z)lf?4I-%T02SB?71*ExWPz|O8NgdGh`<&iuoEJ%g$V3~2y7t&J4FOG
zh(L2B6-0Ad8_qNL4QJxljx+0VU~y)Sg7e>xUH1{oTCwgklS5dZ<i-Qe>Ww}V{E^s<
zfa@35N?ZIt<UlXc4F=A{NaQo1>g>7|V6DHR2LT!IST1q>YTxW%W8ux(5&SVIYvFaw
zG-XF{7|2fp({=;`1$xTZ5in3E`tEiF5`PrQIgZcR5iq_MP6D6~kJmAbmLdF$Jui7Y
zE|W*vj$p<5v>idh$4DE{d4l0%)Ry2z(s9Td7By#Q=Zk1dz(Tz64>-`gx!dq)vnA+A
z=Y@aN4$QTT^w$BKDdVR0WU>bCKi&0R)18<tPq~3~l~!T6V_=yIc4R_YqF%cLXD@t3
zdx1;9zN!<}5u2G*zJgnXh@zFWG~4bEzz4ie<{81Z=m}-PVR=Xj;$92OIwnNBTAsQX
zu+ohs*nvsuysk~EC&9R9Cm-HOtnz+76<)~?6g0fx7c|_jx`h#33?a~g*cl}Ga8ukU
z!?HqS)yhJm0~eNMIk;sqQLq8@G{XWm$?#33XyI-kylRRZti=3ABQTi3WD<Kknm?I%
zSXaeyu;a$Nrh~t$?%}W&G^Nv7RSccV1@5Qf;5d^!*ra?=R0KV|9D(+obo!fcQYBqd
z1sfWabuP`?5OA=x{tE4C1}kYIZDY_aei=3f9Da_Dbm9{2V_a(tw5j_N8PDH=ZIF^s
zZ7lq+*v??1>~eM!B$AqPJA#b?_adx^%$4eE|5|L(e;Z%>+yI(61^2o+mi2w1S=pCX
zAwQeQJJpe?QA8No!)P!%fqP6xrm&HdyRdPg?ASykjTo8wal2?z#xMN!Zvm$AURGJ9
zyyI%hI2=r|+2Bf4H5Z90^b;m8Xv`{XtobPDqo|KkkP|6}*v#QlrioQnK{^1uva2sW
zR`ZEgP=qioCjmi^A?X5OdK5aS81hO1Dbe<rY>-L<EJ%<jHX(0KaUO&wzLwLM*Jofg
zp8z{P7(aSiUSP`0!zwaR;GoZxmjcrA0?j1|OmSMxmAKTZ608hm)(r}{>neaDVAXuD
zlo_VFI#@k%goRLUSs*Z6gKe1#bkJ!}#Y|&FBO_Cf!v|WVA2(+8D{@-Qs(?YO3~ogT
zg?O7*&3r?uq_ZgsUxfiFyD;3SRYUkFi=;i|DrLrll8(T7Pz~zR45ktE1L;ku)@YSN
z5Ac32ZL|SRq|y3;tn%T@IUq3XO}wzP!Aea&7?f$Xy*5}oF=_>anvv;r{W6Uj^b+o{
z;II^&>8uP~Bwz^!Z?6t{K|L4<hK#7?Z-7U21oO*?&M&@2tCb(5#t=+kIbMRPwdsKo
z6Me}DAXf$}Cn~0Af~jAiXH*!ZBPKI2D%wjqeZYiG8r@KonW#08({Wx~T%~-~f*BSt
z17_V}Z41i9)Lk?Kz)Yi-AwO(D4RLwZQXE!N)&jfITu?Gp!98k8`yYECyvk+_J_E~v
zZxWUjbSx+j)WY+zl5@8dlob+=(FSWMZ6*rOnH<a<4wt4uB~3y4f%AhVR7s?JXjuuP
zCx#As(sZRCD8Pi8A#VsL3e^G(LHC;G?$vx=E#xRoN~`4&>_;WSw5oy9nZv^n?ukjN
zHxk+jB?X|QfHE7~x(M_9%|b`cz7^cY*sT|01}!%quUDU7v+6qK=4LZ3bK?mR%5BTd
z^*Y-YQ-Vao_NL{!iEPHU=<f^jHuh_Jt4c-Fi)dWgZPzYE$yIkGiyGG>@U`i*V9g2J
zR1u}pu*vP0pi?E})Zj7sxE5^W<)6LlHY|K;8Rd`BxC?)RK*}K-V2~4&xvY%x_AYTo
zM!D|rbTXAuj_nA4298>#ltU_|RGljIrz)p>56V{NfPIp-wHsPePRTk%=~h@NIVJ01
z*4q_U!rv2qQ90#TBP2TIls}20Kr@|k%AZEDr|x<^3JAIH*v+CaS&>Iwi+YlmkbOFZ
zZtGnIq+}93NtxuAkOzfZEc@^XK9NbTry%kT%$$Nqljh5Dnp7E)>~X!*R)&)*!?q?-
zMq1X0Gh6~63l)>pC4cf;9Wq9(&r&i*HigO<*N-{1Wy%;og(?Z}#dcd4wL>IhT(T9k
zt-<##DN7_)Sy`fI%_GeZWe%X!cWiqs?t+-0h-;=H$O@l|W?$c^BIzb{TK$p|<Va;d
z-)L;d*@f*h)1^Fb-o17Uyd?UK>IF_Xi3HPSXEcAC#++D5bqFNMm{=%AO85H=@c4k@
zF_a*Ig5Y@b5*D+yB>r5l-BR?@r4*e}?>3ETF9jl!bSZ43rQ}uG{De6Txa?0}CD2)U
zl?2@{dDRz`m`VTS-$ky~DX-#C`Jy3v87n+vA+#tWZpx_^Cw$V>8G!$9X=4Z{8`T}%
zggj+y)UJoeBd;Bp=P4^1N2=XdQo@r+4X-fv;I6eBu|JCPlu?Sj0ox(*Dnk%o4<CVy
zuVluMToVI8j%8$H=(HZI(F>t=f&?Ykk~LoH(}GH)H%@g06q^Onhp>KMk-0|e*BuSk
zFGeG-UnE;nQSIfK`u(`Qe%%|6^@|%$>&I4Gw0<!XZS^B6srp?m^@~MbIO%9aUL4M`
z$ZJO&%$ZWxcltafeRP+3y$Nt#WL|H<GM1HjeGD|W@Mh-PF7uMWw9HEaK${tv7Xz1)
zc}e^dGB3vOPv#|gEH3l<UsNhtE0Z-*+F)s!7jt%Y?xxI(uU`0JPSf7p*YQ|N=B2<N
zZ3pH!Bp;uW^JvDIGVW?mhBjSJx_|DPu3hFOt5dp4k<3eR?#P65Vu#F2VL#bk;1aN(
z>4fc+dC3}OTH46G;+AF`ydB$?J7qiyP#2jO?K!X;>Ybu^Og1SLc}d|Ec}eYjEMFRg
zgL@hzkQJPv5y%2g)d-~Sa@@io1YVzI1p*gGZ8c6TK!&iR(1=_CuaZbbT|<y>X^e=v
zBt}GCjb2E&G)4tqnh1giNV~90F>$)J(m0=zug1xcd}%t$!3>50rBj7Q31TUYqe`!6
z5XnIVSZurin<b4aK}uFKaV3f}usM<nW2=wLwjrI+Ucw9IN<3XTQHE$s$em{|Vc77e
z7zRkDh;=5xo;{N!*N=4At>~PTmVI$hwSI_3)uAct^Zw$OAsZuQIzk;%hi<Yl8TTq1
zBXmYK_A=QW>?TO0X83BXPhj06i5VH=#q11!TbUU*B!-9Au?NzZ`({^w|1F}~egl9~
z6FTbf=~zyqI_9kNATs-jj1QHsi7d^jj!iuxk*`sDg%L6~bwngzqj)KjuZ>NuWN_;#
z$QM^((xOM^ib%f3UW-kmBnA?;7z$_6Roq6flzdG-mz1v=@d1ydQodBfNRv(kUFP%!
z@-@i2AYUuUHw0w~=~8;et_0yKVJ1N4+vI{&5|9zEQG`YD8gr;Zye7}IculenOnFAU
zCSiT1IEvQ{kd_DWTKZdOqG}{wlL<a0Uej+QUZYqk5wB5r6pPo!rf_I260eO-T^3Do
zM#3iTp;J~QVN+}p37dXX!X|U~(h{~$lf)rm;}ncL?I~enrA#~Mhe+5YR4cJcp;f{r
zO)#K|G+IAI!uAQtof0-lF8nhjY*Lt!u+iEOqK-j<Fx{>nQ7?*sZGEs_1#D8D>4_{{
zIq2O&k-Z)CSBLCiFc@n6nzb4pFt$w)y{)SU!?#yQRQ@(%L<rpBR>v@djj8<2wjPP~
z`=`km<HfCZr8yZ78A{$Fp_>RzROnX0aILrYAv@vdbU$)2^6Dysc|t}8b8<Hs%;DW-
zFnxASN>SrFBZT3)d^F11zYHcyo)W?!-ES#}VIvwjjAP9rzn@9_$t2Ty2UZ%HNQ#a~
zyxE{=qqFC}##FrISBxI&W`M$2Nyx#Fq2=nhRie~)r2rEy6z|7v4jlx_|GD-bt=)=V
z{T7|!d=!PkYuM!4uwRtGej$@}rQ5A23$%rAl^|;Uh2{~@edgj|%`29t>U=2^b|h9c
z1e!DB2v&ID97M1Uaxqk%3ma&bX%S%NLK%oUusy97n2XP&dCa^5KEebW4o6|ZLYT4)
zmjkvTpH5d0ZJL=z!BI$-fv;mw7zrJl3Q?2~s=_o>M|AhlyyiiF1qPs$PNW}{?rNw`
zOC}UNN*Y#~ZMbUEKyDQ%Stg^0xuGnfX13K2GdJ{CD-N|M6DPq<f}#U22Lf&ySwGAa
zt{(<KTf!`ZK`|)B(?prmL?x1`%IwgG*`ZJQ8_Mr~DRkkq{vDz}XAbJVlzfkKi0;Ym
zp~nvJ9{XG@>807BaD}<K+IAM+f=SkP7v74;hL_o)f`aTBu940>BNc*UdyUB#+Z0A<
zbaF5DS#j<_fPD000RKP46E->R2soOD$b@;f{fI3Eo8XyLy>xP6`K*_zcW9%=z=Oyt
z%B?q`B{b7ia|j+`oGx946wx&m%cAX%mL+LgU+$7S;mAuyec=J8(2cudzh(bd*E}7W
zLl>{-7voe~+v#+5QKoH;#yDwxTS<}*Snk{YS7|BTrkb@hQPDFE{I<AY$tB_kyOh@k
zX;|;>xRHQ6yG>xZAB4P-a@{m;1|6ExMEh+=>a4JxeVjn*dRRxk#*Re>flzbnJDL3G
zFYH%r7dg;S*LJfFrY$Gx=~f@!v?Z9g$|MwzkWsC7#knT&-;+9N{QKJCDPuSF;21Of
zxoe#RF6`IRPl7GyCV0Y`SgAvxHI9K^Ely1U%9f0wk!Rf^gxSh1(p$+SkgH7e&XkEk
ztz@dteT79D!mT>C&);<ste;!oMlmQF;#KbJz%rWi9vpjE<phng=5rlRtgNW`1Fat+
zjw?)SB`h3aDk}H~Ik=~)RV$Eg7H}!hQLnRt3MX5*fT52(513(6oxG=3?Q4zz#0&ah
zJ{k12s>lSueFhkN#~=q_u$YryF3cUxBK-W^`Fvs-n*I8e_1xC?f%ST<5q|V$nhP^(
zk#h>i4CPqA(Q%-2QoY>V<XrU<>@bQRmTc;&aB<J!rdf4TU~^3LX^lLom$Z#xha_Lx
zE~e<Rr5i$at$Jf%*?$0-eJtCVe}~Lx{FOmlibDP-3Mo7DeAi!rsmmy>*f7=-7G@>9
zbjY+;kl&)!4DD5jqaD7)kqqLvvNiiJ@w}b5ClTDA4ZQ9Zyqs2nbndwFEW7%ww<-v2
zE1C0Op(V3mN6CIVu6xOBk1v9XEtliI)sGb5*!b{drI8i6G<$E1vs>R-a8W-)mRyQU
zsVdp60BK8(Jj%A;%Hy-*<mCw?BSp2EbJ={9MD)@*k}DO!-9^oceiCzDWkfn=-69Bh
zPl{fB$%2xJ0TOIWlE5R3uXz=$W=+DGoY&p?3Q>T+sUkco1vx!B)r)B36^hFAbubUu
zbq9OjM2NE6#}=|=HFNNfh4sDJ0Pi73LL(qf57gl11P)cmX2BCR8<?>i)=HJgb2Cr@
zJmXoK`zpzOjJe;LMu9hQ0tErH{Gg~BNFg^myDX)@MdCBJk(D06fEzHp0rjLS*vCEY
z@btiiJvj)Zdt7g3U?w*$Q*p`hg}lr89#;Y?Zb1U76pm?GAZf2BHzUzB{NhJ_ru9qC
zI56Ls=)(qF>&OYJiftw!WGaVSG1Omh@x<quE%XLj;#e`X#0fS-OYr!HdO#mdac&86
zw4>a{nx^9q!3o!OALV=p|64UkBxD>{v2b#%R{g0Dp|&Wzrl@i1+zMK7rO#-Vrejzp
z-Ccjqmi_<=kWX1ao^>mLUqK4R<cL|9IsIB|)a<OIOS<)$f9+O)LUQNTwTVhHNsy-n
zmHW6|)ievKoS&Q-*h)o(7p4adDRVJqW;BtPtOFA;|4F{2$?6<Io2pRM!P6T?BGRCX
zq-8+ywIEN^2=qJ*-Sbs765yICXIXT-zm9t)nw&;+va8|TzP0`vKWKbiy10q*tW_8V
zt4$wsHpVpVS#<<rb~*2eh}(rVA-dc6`dT6S@0{kl4_Qt+_2!CI&x&}772-EZ<0sNl
zm=j&=PIROvX|uG#J$RZ{&<Qf%N*5Px9TC6_YGAIUMIp-)#;@0Wgw>DRGTFOWu`sTD
z+_cs#TE1z1bPf71Uck$Kk<QX+rf9quI#~bcm+kKcuKPTe|8+GFy9fXFN&#-#AXwp^
z!LgnTynW*B48f?^n;5rPA`CK0)`%ikZk}T`%up^jPXp6c3s-~OD}u1o`W1=8E!1zp
z==&hwb5gfL?G_o9FkK^?iAd5e9sI@mtq-H@ytemO&Ay5?EzN!;?jgJNC+u8X_UY2m
zLii;=90v+GDfUi8hwF%rH#qIj$RwcnRdac^9S19RYB`V?Fe1BtJDgzRzxhxeN4`n*
z1v6<#KS+`!)HHn5oB`W2@NchzLWE%;9lQ*6DoA?@hDBG9E7^n7&P>^ZBSUFAT2Qko
zxFporQi4~Zj#kuH#fqOS-dChtL5ko>pyHH^adL@M?shmy1bxUnW?PR1PDN?wiIOdI
z6rApXS3`HN#ac>MwB!$n_`$7LnnONFL0ATNpuz!D-4G2J>N-8^lgO{c{CZ?*W1sa|
zXkE4`F#~JS6Mb{)C<4%_OU+Au{g$!~*u3lX<icTgoQ-tJCrBx9d)#mcQQ!(Od&{IL
zL?jc@fRZH(6T-^LWSYcRJw&Bbp)`EPoRZFFqWsY1r+}s^ps6q(JnJcVmX#(cgx>i>
zj2z4@q{5QdMup|P^fBz(zJh2-pZ)x^AVY!6to4dKX0?!S9!l_Zk4`yQr89rdV_^fZ
zCEp20@T9lhBk;s%P0dlZwHN7olJr3BZAiKk$AN70?M|Z1cQ{0KuD=|<HC>3UBX6b-
z77I>4ID#U};5y4Mv~EL^QVnwM+EGrvxdL}F!l+J;#%iWmpJ+VoF)#Y)#D5u7lW&O}
zKSC!E<%2mYHMe{M{93Qznw=AMkSFXVwsGz2r`K5HPB(K{LEU%_&6(8-OfDH=E~m1L
zV!z-|9ZTL2mC%(G)80uRM*x{L4}1a%MMyKJvk=Ys(h6wd9$_h1%B2?9YMILgmOl=V
zXW@$itMaXNDyz^ABHby0OT#BP9za%vQ3L~(>&XS>Ta<2P?IacwBvfdY(<Uw}PeXF(
zpnKAg66ArC<Ff5@+0Io9vLuk7Tm`Da#3hr1)Q$^$H65shgS^uVH~0$Z0#;%X_K{z*
zRAb>zE#qe4h6&}SH}1Rl-a=I!rcf43+r2*at25#6dONzJncMZ(cogBUwLV?new|RG
zU$bvVKzXo&Yfb$^eY@=yZV{Tk-6{;=V$=LSar-)Xj|#8-)?a~=K|v{Bfxh(u_ACA=
zyT)m9H@RNrYUPt0=&r5Yh05oj;d4l*h}~qF;NSD5*sQIqOAb<78TPlY8{9=$;ebuZ
zuzaLLMl}_SRG8g=h1ap`@|HEcu3i@wW?ij*D{>n&AFFO%H^6}5D4=cvMu!rJK|t(g
zo9!1pvf^3vQXvMtBxLv74h(v$fF65x!^MdNaDk%^l0nk2@L^}6Utlu_8xIu{I;~?d
zV_{Y4n|&gdjM?XN-S}^;J=eGr1Cjz`(Kq{QM*dSA37O;HYR>Ou&MFTf?{_-#hAfYf
zhWAsR(1a6O!eIpxNhufpPP4#VuCQXGWY06$<YCJl^?}guRWFP7@jxtRVIyC}t-Qx`
z{*BM}+EzbsN#)~6ZsrIS%VGSd6jv!{r4_<yK~cm%<X6|4^maIloN?3uas!dOew%H8
z6{dI%+TdM+c_b@ZrTH<i^+LGf5af{$dA5lNANQ&^+LqnF&p~dzmb;T*t>1%7;6A*}
zGc9)J^GMCJ6=@li#I;_O$ya5T>yvVw*6$<$tOsS9nfRBc<6UWobiA8uT^m7g-Z%&8
zSL%Au+AfrWHK)JndDmTyJyOYb{95aoY<sVEG`t!Mj{?Sh(8>!y)%9ywf%0aj;Fhv;
zg=amV?IZoFf|=6nJ6~g&2F}$nW0M(&NkFc7j-Bg{0j?FUwRW`OAe>r^g%2$J7z;mz
z1^I`RTu0kK$2$dDyVLD(3h?ZgcBr*3MOjii5MHfyCB8~NW=(o0hAzmLsEP+3(bsAh
zuv|wR0n6KgyjDeZMw)b;QOP8GuJ5%b8W|TGXcbGo4bGB9PMb2Nv9(ONuVrJKQUjO8
zMiVn>kh+FUU$<TyRS|x<mA-x#A=U<rP9=NL_}|Ago|0$22Z8bU4p<+hK?1j42lNu!
z&(N^M@7+)QpR~pM5#H)g>c<!`&jSchW_B1Zx5<}&wwSv!iFR92pO&szcsHQz+5&OL
zm~yRCkzY;va-L!KJOS8$nCxVX|BPe&waDihjk9e51S32xx%kel{bsV^7-4_bnI8!j
z8MytW=7pRv+WS^=$xX)v+UUH}Y*LzIaM9w-_SzJl)1r~JrF#U|qP+jD+U~4J?I?fO
zKjPUO(3a3*YMNQ=^{5W^WYTc4{f8^}O@Ov3m&ee*3_$Dc*0Tw#heb&@w0|~pDO*bC
zt}!$}zmUH+Uw9+tPs_BkwE+hIN<zv*Z#H>Eq21@x_aj5wX}uNYYuEh)18NKJ#e?}M
zEg4!PaO=$psxr?~S34km>nywv06N`L?8{@+dCyF>F$FObP|#bDjj^T9(5sX|bP{@2
z9m$}KUwfXIO&1}WC#Kh5ei3ZPX430W5AcyO2W^<bM(vujo`<+6YyU|-6$0wzX{oU1
z+^Qi_=CTw&!h+ac3!5g<+CpUKG-Ha@*0SfNEd{cMp1l)wsKA4XQEQ{E{(qR;ed~$f
zMTerXDT~P%wz*hWDAFm-eq$3Bn;&sCuT{ON27v9>CG2jq*p%d|d&(bIVhh)k^Jm%8
z;q@dJupUuQXg|$Vas~L+=T_-zi(^@ORl40=xRB3ui>xy2nCY^i@myi1&v6UWeRgw=
zWq=**tb20#Y3ai0a?T@&2atpiP$)zulb>uWG?_q1d6+=>XeTL(n<fs63R9eGnGy|d
z7Ov%p_QW}B8)$c!?J83a?6+mvlI8+I;!26^0$C}@0x2CZXcZ)~ibV~(Khrcpu82Jo
z4j=0jmF&QEkN*mkHzH%M%e<;<W>HWnLE_GN6?gbZDW%jRYWM_VVM7$E>nOi`&i+CY
z!`M12b{=>JuBV1|@o)ksg&qWZBCQ$5IC?Q~6J8QiBAXa{b*usx;Y+5EJJ7>eS!Q2M
z%K2kb4rzmcv+s(DDMJ{h7o^A6n~x}sqGL)b-A&s*nbWPWaapidz*yO~R#-c)qP2i!
z-2q6FA*N}aG~#Jmi9s;@Ga{w3Me;eLY-dcv&p@y!%rJ9OVHW1li8|@X!j()q9%h(z
z7)2HUboS#qOTNIYEj36sWOYgAQ7^@hIE+Ug<l+>9=}${=F>6yAn+aU|1ax|25^Tpu
zhE^6M(orW)SHvYMpMDI=9FzL%D(JEdAh*v(Ba~$HD`((g)o3e#yj{X$MRj^^Tms{H
z24h~%waH;=u$fY44+;}rW2Gcn)CKyOno#0yF6!)C^79+<%wf&2=dMM2FMJ459ZPC%
zBDF>NfF|bJ$unfKcFsQbFD<oiKMVc5@Iin`P`KI#&x3MOKJ#NAp0@aZdYi6S%oPJs
z+N8?j9*@QU8mw_dsP$5yb~%(l^UQhD^BVm#O&7n@5p8tOpL;T;7s<wH!OL6G>KB4w
z-(80I2Ky#v9+JHRrCfr|qlt~o=$z(das1V{qe&i<p!B7X%adYAMVk!Jy(Hp(!>qGR
z+71{VOR9#kUX0i%d!EhU)j%Sxca32epsbnDSuL(hH@@mrj7nx#+tE6MbyOZ{d3(-(
zLb?uKh=HyDiYZNLd6|1orUfy752<y}*~V{Y>A{J{XQ~h5u$(m<)w?dVyAJb?<lp)}
zvcEM->k1vqoSDmT-pQ2Wg3U>#g!?s1`CiXzqKt9U0r_ptO<=}Ha#9{>POHNW(+^l9
zBNgD-I|}LUBK<~uI{dk<29=P7T7@1lDP``Ev{uf@16IgBT4__KTV3`dUe2|`Hk|ST
zP;Rb@`Ra&j6d`W7SYGRg((Ka4<P|x#DZQTX9i3+|@Hy@=ZZ*zvr)^G01j)r9OTpN1
z9&`=1boGUgqQFS*V)8xG<l7eO=uW0@_Rld$W`D$yB0?d|79T?<N`I;SAOp=fwPlWz
zdL-lYyl77kW<s!VS~p6?ui--TYrHOen8?AP6YrzbV;3%b#FXP$X9366GAGY7EozP{
zo#t7j_J3(Mn2e^NDF3-{idPl_&HV~lYH?UB_uwPmyV(})hs>NK2+XtC@M}mc)xj?2
z)kpxd{SA<K->k12dB*ZJ`p&-LeljCd!^{XIOS7lHHmbJ4)U@Z*h;G!LA4h?Z(ET$W
z(kChd+bC<qJR?oJYPi|I6FNfhmIOiWS%Iq{c&okxH{$p>gJUvxmR}bm7tQ3C6E7p%
z3V#6a9}Axl<n;ZMe9tX>3Xf#|F>OaUffA&oOvTrX84olV*CXKz=9%YG>GJ7xDS9Ik
zCO_SeJxa!nHhe+X%~G>qhbLe~OXlUJVNYy>U4wdb&9^5!9<#RHIu5__yredjOTxbh
zi$@B+g8a38YT>G=q6p($bvm9h$Jsb~0TDd~YxK$3XQ^ysK&HELb1fsM2QJXrFMJd6
zsv!*1-=E@reVW#>*Hk*yxq0C;XvAnbh=*z--_(6Lw4RX+cn;(-EAbKSei}J!;9|y?
zcpKfePiI`)K0POPk!y5J6O9`8x&*Z6<<mSO4p_oonb4LeXH(ZQeNQfDct9C)e@PM+
z(G4bd$|w{wA28Ux=_YEu<(F~oTFK8z-EhI@mo{)d7DSa7-UK^Wd+gG?ZguMRUALl&
zV87)P7n?BvedNfRaG2Dg_R6tK?D{LW7QN5L{j0K7jdvLD)Ta{&rsv!vyv2}NyKvd(
zTF`-^*lUPGV_>@=(dgrIz#ijckSN?hoHUw9DS$gLtsw4Tf+yExEeC{QC<T(sa9vWC
z)Q4->TR4uu^TG3_cN3;L!N(oqb`x@mk`GY__e!{j?QY1@)K=5nMfl3b02`svcga?J
z02SV952C)hL?VAzWa<j*2rL^!pq+tffp-SkLXv{;m{VhX>a>4!!oz{`Z4S`E<fP~b
z`v7#lp?wm!=~&XH(62>pdWmJ@`bRisT*EN?3TH@bxZz3@VQP#RRNBO`o^czFW!rEv
z$-8SC?m-($`R>>vZK!k7I-#R*J+dp>LsHL@cO|a7^sn5S$depv9Brbo+88*|1w7d-
zS@1>L???dd#T}j9+D~X+h>eu4G>=abmjrasJUSb_yg1DZ#it+^qxln)HWZpy9F*Rb
ztOu3QmF6Ry2tax_ln;WJ(V%n?_t#LizfMZZ>e^qVdBJCyG_P#{dKW?-Bwa5`^HF=)
zq<1BJ5PXtikv`iDl$W4+<vpWui<5_P8*<p0s>hATtt)3*)|2Mk>plXhK@qcM9Y!k{
zVyT3XcbD_Ao?-GEu@*!37v09%qm%Z<Si?X&fdM+`hO}il)-b&ELt{ABq}63kiTkc?
ztUV^lyKCQZtV#Kcjx{|K9kta6cu!my4Q-Dm>tQ-Ko>-){zGnDj+Toiqx(R4-jIyCh
zKF6rH_!uRSj?qr=Mf&@6Bw1{XqTY-2cW0`&zt`B|^N}ZH@>b*QxewsD(lwjxx#@nG
zubjnj(f8aSZ{Y7gi&dCo$d)-zd`m!_)hNQbOvw$;L+bSzU)YZ9eSXDt1MR;7&djk8
zS8Ug7JsDYocYxIr7?*<8I8w_78Yt#2DF)@}KJswVqHgsijJ#ebb7JeM$j0z`D#MWQ
zUE5)`8m$$YhwM3Gc}32;4S5`)`P%a=uT=u}utPf%NMg^o8us;A=)8r`A<heLKqMvk
z{0fgkIEBG8C_KCXF%TI%$+8Eo+l|q(uGXmEwyxe7xNYI{0JaBZt$}R;tOf>dUHC#K
zJ3@p{Mh-k1!Km<Tek3YEsV`+STCYn|_0qLL_k^vd0TrjUX_Yi8+Bn}h-83lDvK`rG
z!cQuHCygU*{UwyDt^Q@caUMPou-vn7KR{{a6VWG)O6zQt!MCD$n`hGSLLe->C#HvU
z@xJgygwoIkkR^rW>nih#Ap?9;ehW<*`9?8DIO_NJ6Nk9p)z{7j>Gyf!%4&iisBbJb
z`{uq!H1J$0&wND7BKPFDI2z?PHLak1Hfhn;Dx8aVoR=VRD=k2c`mbopWNlU7N8ckp
z*ZvD@eG~X+Lw9P|pTnNa?qB#i^XOl=TOZ%h$2a*fCJjU3sVv!R{S&reLK-xHhE)uN
zwccEL5DoYhg3t3ed?uQ_HH1KLpb~HjSgmw`-x`!yXW^?%<t}^;4{c-Z^9ijp6UXC(
zv|#p-OqB_rRCs2S3D@y9&-zKY&<?*+`%(kL$|o@VO2Nojw&&S02@JndFpzc8PK3>t
z!0=08au&>ytc}Feov47t3-7_|q;rXA_WNd?jo6G_gdek!ZtXxjqRpR&PKDLqEc+H>
z{XE3C6{;-7daej7Cge6fU5RuMH1Vd1LXZQn5%u#G*3PhSMldpnf|(ai7cevGcqXXu
zBS`ooAP2Lo0me!qVyw2&6mKCIu?5*|h;3_W_Ju@TWTv*)dM<E<onJ0I5oBX5Q#Xbr
zgWV*=j6Ki4A^;?C55qaeD6c+J`}11}bHZ0+T1PY7h(`(MQyt86y=Z7A@WT^O0A`-}
zY^!bk8tE}~DDPj83}lXkn+(p8v4e6+j?HyBf6^UDfc%I@rBI(ajm8sW_@iLjHqXVr
z3B$h$^GCQo^T+on9pjl7zxm#rz)XEO5R!T~kHA+Le+}d7i1@40EX{r_Zd@c?t#xOo
z(UfGRHQRgSisyRa&#)KQ9*}m7<!cc*B{(k91CI@lMC-Hy%sQ=IoF74=GT-`mX4jk*
zawou}gtl9|g&;9an>9C5-AmfUJ}H5VW=Hlbo7K$w%m<_oe6WTlFx}QX^#>>Ea8A=C
z3C*M%t@$^y4%s#T-$+i`I;HME?X0KXL4UN+jXnP}q?XllU2%c$k-%lKHHqQLdUt7R
zy-SB@*FoAZ9>emCprT-fGqMak9*U{sEhm3tr4X*cK$?Ib*0p@XHOobSfY^jb+{BCs
zrwN*{3DTns<vdjZVkbNKKE2sPCcJ-VTgcmgNUP{twl3-qXQFDiZb1{;^Neq8Mp<f?
zoo}3PT6zaZ)3*@|+YLU1fmrwfvy+U!!#B<MFOcu6XmWrQ-$k%4l_%YTU<8G4K@ArE
z6XAHjo$vp}_j&%-jtTVTu5cVU#Ee!x;<J$C4kr1YCO?{E<olAGzdAL51(s^aa7Py4
za^mzX{~TuUL(M=|{{O~12LO497H~XPXrT4lq(R7_fL5Vdl4io9%XadGalvGSt9&$M
zU1j0Nh@h?Xh6sj@DQZ|uS$+xtgl~8qp8R0hx1sFgr0jXtCY(X-ipW`TohO#9TY(eo
zt8c~wrq#`-<4W%v;m}ul1ZrJ4H1#Id`I9hR7Y1h%E_>{Gq7+Uevx#B=p73dSBl+k7
z5Ib<!RlS9u00xIP{N`wErd`0=09wMbFnM#s3^-%U?^tI8*W(4(@HIe&d#y>dJE_3)
zUm5-kh@fFW0{B9ue~NIn%BY3?7fUufFfM$PABl74{GYSFjl56Lb|9HRSlGG=Whg~9
zPzsR^&qFo9!1bU{UX9rBCUh$jMuar1FX1<_j!pEWsS5c3H7G|UT@-V(B)8{DSuAmn
zmI&gBOSsK|uqUt^P&CL#vNbsvL#v%_{t-Z<a`<leWSw6kL$>aGqt1mVvK?YxQp2V)
zVf*Jv8)%l3v_07mAY{9lH=JiYlY`@I<2R+14ZkVxhTr7GYR_{@>EJgNmrX3Iwqw^7
zc_=Cl=g^_}OJ<3mBNh5s@48nxaX)0NZzl;E8Cg!2PhBSvmuvk^6v;8tgStSb4Z`Yo
zTJMZvbnIs0-WA0iW6id(I_kQJI@;D5SpPOldteWE`l)v!ORrHoe!@EmMh4KtVPm*?
zg?a0rIn6;lR#xnhaNGocQ#R6jjj@^2s1W@t{JkEb`}=!0;69AM&*JZE_#=`37=ORP
zUmodkaM&8d-x2u3F=0XD<jqH#x6?OI;%(~p@#8hlKYq2>c--c-ChqLbtIgZ_o3{|^
z5`ns4GY&LMHrqEtG$wCX&YZ?E!rHLh9D;d`-YWc!;%_R%&+L!UTBWIVd@Ucv*CD<h
zBd@)DJzHK~zV4LQ|3O}}H_Gb|`1*c%{T5&UO<upuSNmvY#zQ-^YvlC<d_7lQ-^tf&
z<n_<^db_;7p06L5*FAjwfxP|^U)^Jv*>1j$^R@Yc*-i3%?(F&UylnPG^4vOmn>?py
zKQ7O+XTKxQGiKdmneI`u>*YB$d#*f>ntiD}!`ZjUbA0wY@*J2QJC5*uvuDUNKYO)2
zEnn#QSYQHvE3k&HgIEQ-X*+x$C=jQhW?u%l+t&@)e|$9}V4y$yhYScWkG5h$lSd$Z
zM3eQ6+#e2be>i)+6w)_)n><s60-ocjOSvCdX1OV+8mbH%z;Rq#RaXmxcu%|C2p<8~
zeW3#aIHdOI_B;V(Ah(4xI}@(9m+OU}wCk5{?Ze_ZppPMajOnA%C(rt{B-~_=W0khT
zPoZ|;^zMRE^f2OETUe)$^?bwz_;9E%yHp$r;WV_c7O@-tb3cg$3Of<WIHwuc7nrfE
zOP@!ZpRDsJ!!VDQX7511m`%^TB%3EX(=>=>k<@Bqk-8eo62o)T;U|E98D?-%EEbp}
zW5aR{wk0Q6J!>M}bzz+r^uYZiGp1HBeb0c>V3oLtO;#FGQ8W2P7)dozKkY~D7eUta
zmup>!ddqx_BAJCK>Zc+?pZzh(d0pN8<K05v1GDAh88E288Y<MT?F56G1SeOmQ@Hlz
zETlK`8yHT_z-<Cr_>tDI8BnuFNw#%xxN%8mYe_j1Ff{vz4A8>FUPf`~k=)P^I7E0e
zAfgUS@aS=;vD9eG$ascY(|QE^8t7`BkvysMM-479CQH{@yNbLV^KxdCv^3P2R(g|G
zfve%UH)CQD5e~=qcHp6Vp9l{$%1QAoGkec{L}UpJHarvDu}jJE=Qze-y#;dp0$+tU
z&dEMdbZ$Ddcv1k;(JvAr+8#+i&H?8~>NsI_b<<YEwR7=Ej0m&|j#`>Th6N4+M8kqc
zPDe+_4$=fu$WXdn&>?H+-J*BalPHt2?72?@uZ6==zR))H^M<w=*7_`Bg}@OW@n6!;
zOYRX<`_mW>XWfv8+P}@md4ozrEU~bwk}zC>R%=PKnwDbUCOC;*UF&xVFI*6D%88v;
zd%n3$t}xVUwYR_e=lPV%qGEis6WmoLTGBJLUTb{`ZBTpV_`N`XOWK|Q?bKPHbh%zj
z$U>{aE@XyUhtH52Hk=-Xfql~uY#+5)6)QtGUaOlZ)HQv!sdfxc7UC{B3favZls>z3
z4_Ya8cF8&c<Js7EEWqQ0+4GlChf{<GTR)4sn&ps3+^lUwVCNRo;G_Y@85&{S^_RzS
zc8VvRmpHa3yJ{Fb=^K#lQA+QcF2p4i+!CSA4B$?!nJ?T@1&lj;%sFuR@}GxuQ;1WO
zt)HSg>-`{i{pEwx(<N@ca3b;g%a8fAAAXf0IGn@%F`p3BKz>q$z49QOcTD4TCm7RV
zo}C29uLT4V@F8BDy!&pL`Cf&p=#hQw;93_T+=AjqZE2rrt^Z>=CV{qht-lBUj~4vH
zUT!(L@0Q(R#oDz2_`{0)W`KBhSd%?hZ4QiUu^g^JEh|`#^5GD|DU1wP^99aB^5L^4
zfU#5#*F>L&F_~|@6sfSGq*?br7h2%3i`T(C0avoZ!$=ceJlvp&8y8zXB6c$3c6xe{
zdl_lattpTm?kOhk3f#FLpkE{NZ5hL4$F<L;*;~Ivc{>YeB<ZQsYf_pd+s$fixF%s2
z7U+ruEB_=PxrL34mOO=ylwJrTIYn#b`!$?tx`i{7m`2V5w|uJ72=keMnLVG^3z_q#
zwX%hK_I@DUh&wMe)(P*G0DGQgK)Qi72<(!40s1&JHaEO1h;DxPlx9`S8cd<R%=Et{
zkEu_ibqufo36atvNE9gKm1`aYq7?E1W!U1ABt^15{lZAEqPHMY9>9%}s8vqs?w>$+
zxo&g^am2q6ivYr0MW>+DTmUr}Qq&C38$~Dlm0*mBn3@aSa^<?TVg!}4UT>Z9O{Hgy
z)D`PbSV2-i|2fuQ;Q1J~yAzhsTt%b1z{v=>yTRdm4W=Iwo<qioWC$ea-HB3<Z}h{*
z>-T|+2)K)E%j1zp*;2}P!a-6yHvT#wu$^CnrqECjY`BKeB|00vEg1}GD~<*{%y1w%
zf7H(x=6*qXh8R1j$a<^y!E#NC$P|mM0}(i<9-eI-$ILf-8K=L<bm>SC0Eie%2Ssr)
z{TiDj#%Abrt<o>SO}K3xiFA);d)4iEMx;tC&0fR8RKhQjJBM;O?k`5HoLe7@w5KVJ
zvn)f-_Pi7feV5%F*Gwf{LRIuNAQM<KmPTOBw&l)~(<MLCcd&3mCg3Dw!l7^!Egb&g
zMzSCI#xW|X^!&NsuqD-90rNQ=cs)+?!8s&kP<E~&;v7%dVZE2lcu(AnA_wW(_Qm$L
z|7DyAg3hB+W3>G-cywud#&&Caf@j+P4Ab_E2$K>^v-uN~wrAwdU#&>D{S@kG`k7_L
zZ7&5&t^4iyIGxiv5@H#vt-X0B?(v=N4U5C00G(}O7mbmeyXxA;L~zMAej3U{-z4-M
zeh(cNk@r(k;n^dPhC!#0H{92xCpXT7vo{jty=<6h1e}PvqZg*|Nak<TE{x0c!TXi|
z2`u5mpp}b((-Wi(<_T}waqhz7Fn3_0B&^I_rDo07dFw12ZZ0gG!rKC3gcBQ`wC=fk
zr7v?9_IL0~q028+-A_kGGH>;9-db&~d5oCcVXUe?_K7SznyaGrki|GAa3`#wBplqt
zG)3PnaRi1D7wB?c=c9^DQy2#jbr!;{h`|JhS=+421(}Bm(KN&f?@MrxGgm>+R#U!6
zT#H`&&IDfZJS3AMnFQXg7>`*Df=y_i#(1$&E)94W4EPt|0+f9C2$alq2103XZaYqe
zqdGY3l@36;CIIJ_ro(-Z9ursG&CFCu7(8n+EO7Ixc%-MQr2M(HIIys=893PbdNO;k
zRfL3A98<yl4yW>5wP*+Vg+~xB@E0D5r_~(7%#ApxDjBA6d5yE@nPojF*z*jZyB1Yw
z%{I`F_B>0d1z_@-ODaa@uOes(Oc?sJ(KjO$#yQ!uE<yN{gvLzP*kdy1Rt-&G?8!Cy
z^pG#q3@lkrZsVBO^QA}}oy)aG09dxYykEn|AU-NMnB9{rL@L_Ep%lxb;^izU571RW
z^Q>Toa<DO#ng9`2Btc|`2etjUJfH&2J<H>p*q@r-Vn2mnN57FQc(yR#=-2t!oa4sP
z2NuC}bdMsHL6awb&Rn*Y^<=>lP^~(ODLQVyr_CxyIiRu}Kyb<)^;D!en`s(l*;y1F
zZz%j9@(<8Rz{J3RIi+speExB+|H^H5olE^gr2yY(WwZeZY4U67^W>haf9FVkkBai+
zS(y0bMXfO|G>jv8;V)5L%U5d)?$;g<Tt+FIo_o;<Sq-Q4Iohk+o?F9aqBRW6@qxOb
z8_Wm8hcq04^5%uF%j~C9=b7Cd;VGCQQAatS^Cjjkyh2V?&_5SiV-vR|ss~r2Tom02
zUA3HDC!qssjXrNi<29{A`x>>SZB*hqYa6=WSolLWrajN0-6~@!dAOEl9fq`(^BN^J
z6VMJhq0uYJce5B>1J%cc;Dy5-veVp%_VUK9^J&V_bQ7zqL>gHaQ<H@)9>(W@zHi0*
zhX07>A2<QN7y%3XvFpw}A;ZT4C6mUPC%lG8%JmRz2(+#VKI(g}(3uQMC<wk5FRl@9
zukmy1NQB(yMd6O<9+Gfs7p9_>8TpduBpr(^*cQ}UA3{IPehg5yASU18YHUv8IYHY=
z<_eSM!$@Pm`5OKSct!&*YXyYN(O#9+7qc7#PYWHDna-l$80)k?f-rorHO$9`mqd}+
zqkl9N9et`y?kbc66#?`u(&kiqvDw4#f+|#zb{v(TEM?cbq4nPN9{e<pY8@v;ttF-+
zLXC)vZhZ_TWBL@tum;FC&YMpQZ$Y7f)b8U6el2-Nf4J6Dft$#q6sJ}J)H(kLRK1%4
zBGqzS9R1ZAI^i=ov@)@|B-XECN28E3e}4t}KLvDRhflz$OUWF*z#bQwgVXvkqJ$Y4
z{f_nAS&318MNCT|A^yfY;xj3c_Zjd6eY4+3CK{>mS1o{%0KX)fMDVzCPhJCxehwNI
z=a{a*!)iX-z3LAQ5S6zCnu&pG257{Zt(>&txo&tgw&&sFKxU~@Fb;MwM|a`bc*xwL
za^I)Qc$jCTp?BMQ0_uOBh6@_=Ow)R!_60+n)}Lzk5j`{l&dP?pD7D-Kvq^x~n-K4X
zeG+D=KTFrT0sO@I%ohS)(V<b5bU6N~UE(wSR|67<;qUoG27hnC--qz`4g8G&_BcFG
z!{6`W?`Hf_zxF-+{V)D7a2wCsxP_0)Hopl0Qvp)gPOfzZ$g?y>Z60j=`f{yD%lEGU
z!tX|3>#-8>pC(|;e3K#!z-a>Tu_&P2I$Z+(P6NiHEQu~sjK^8N+5|*d5^n<_SvFrN
zUnalivsqlObt*G&Ud#{V^f>uCn}AW&V<c4+bvzcz#|Ti9wSBz2j%!v=kPqBsmuo#y
zUSkG|Mu+4V4hKq4WB)jI>nwnn-(2fy{LqIx_oYa&+mYrel16@)NTYN&E#=IuL=r=H
zIo$4LSu>{mCre)Zb#rr{h>Jv-S-7(Wj=$}2p4j|G`JE$h{B?5!bDxYeY|rmpf#Yvy
zeqpM8o+@zi>uUSxqcM;)5a%k^=>n}&25#;@Floi>fG>8(7n-`CCwa?nwjFD8pT+cR
z+6&hor0_Xk(#UV7oJL<7AGJw(I?I{6Wi&#7YaDHuH2gm@;gnTNxZOGvMa->=yzC&H
z=@@?z^E2^{{luT2iPtlWsq`k7J7TD|GM+>nvUw;D21ki+#}QjDQ@0bbQAnx~)%#*;
z4_xzQI)vd#npYt_n}&PEEz(z*$FM$#eIK8__#43AYW!hLS<RziCwIK^HKpc+GBu^<
zS~aRIHHU_U%_%j55%ZE7ldyC@lgkgi&pb)iAvw2ctlY_Ou&CR~`+))54Q_YcXFe2N
z))dd>Zv@O%=^wQnK4$>6<R)?kvyNg(RWik$>8EYJ+n<Dq{y0OA<1hVe9t|7Ni_l5s
z=8<^2Sl-s*ZHv4O<87<F1$Jwjyu>xmW9?PHPTQny)p)&sZa5w&-Q#Pi_?#>m>Gbye
z=f!O03-U`_@40KE1RVQZV)g_7f&^Y^P2d&1xhF&e68Ug1e+Ql)2bdkcQ2GqgTT1Op
z${`5v;4aEL<RaeTL@eaWXylgS9dcLQnc^K>5S(EGa*HtmS7LDn6VT!#xA0s%WbV)K
z0*o~Dqi5pOUT0p?&NIzU7VCr;MRf;-zAB+mW0R@#1Lu`X*q^(u?lIY-ozk?s($MbR
z9klymq`g#W_b2GMFh#o%kIFS3XX42&<Z~1LAd_sAHm>I*n1M`E$0Wxh2Mdvb*ZJ17
zgz^r@QTw%a>oWNmvRgYM!o0klFp-RX`$jy?SZc@TppB)L;KH%=TzTVIdY-&-EX~Rr
z#?qX;w2dWJIihVbmTWy6V99`r`k@O<JgC~oh~$&9Otj}|-nRIdS_FQvF-7oXOr1cz
zbbojiu;x_7KA=o$J7~fV-@DxL)#6|hUOOIN32(mS_;N(xHR1Pg6i3E>eY3AZhO?hd
za*anJnRDoH<}Sp*ShxxU#cEFHu6n5%qm;Zb_AJaNCU#RUX6z|DVeHG3*rf;aJPUAI
zH=ryG#)aqM3nP1$kKDo>A3g5EPCVm1tl{+uBIA1){K?s%k!Ns>VavrVq{f)AXiUoj
z?0IHk&oe{#IY42hyJ?7`aT@w62`!azA}c@lLEwLlzk&KjEJ@a>kFiQGhd`KXDi@h&
z>Ud_R@ft;&3;q+i<?gEyh1mkXyKcvnp;AlzepB1`TiU+wZ2SI;w(q}g`+i6Ky<w9r
zMTGN8YiXCB&j%`^@8!PpS*EQRC<5VPvtiV-e}R66>KDgj7C0L7(DT(RcOM3!p{TR|
z<?dBRHw*F81n&yC0DCm+YwE^K^|QF;?<8@LA#>yjD35v|*z;@zKi_&61dy)$wsxU}
ziGGCrorLjM!a$_FQJ#_uowGPGMR^oparteO8A03<3s&ZCKz<9?piXwU9-Fp>dA_b%
zcoD1q#Tcx=1H=&!d!F!)7`lP`gvf&D^FWj@WO^C5+kwYr+V>2UJ$vg)vf-2*Vh_2&
znmbII&7K#4_4ojt5vP3XmHf!J4#%U?9D|G0$AOK}qV0Jic~|Qd0x#kN&J$~*dTSQZ
zDxBLC$!ySel7xu1Ue3hAe{4az%N0+_mxt(BIZrCr!j84L^A^yvNSPq0C4ShvV`oq0
zEx&xl79z;G-N=?UUs9nLvy8k^Pf7n$53)nbQUpv@AQmyXqFEry6xI-W<8)J0Ky^zX
zrWzW~?>kV&v$Z}+A0^d@oKOwVJ_Rk~gnj6d+2`R^<W$CR%ah6`Xo-SZ@$sU{iiAaq
zg=Fk?aVuNYtvmxbJV$Xb6{8;0G?(#=)I1&E#IW@YG;y1%g$)i>i;-Y0scPX;uVd*b
zYt6Z;W8pk^c{dzZMmRwBbuR~F^NcQ73>bw^gheDMi}3hnH<eF<$1&Dn=SO%f(iW7m
zv1K9`O1$NuqcK)x(NK9<gu}O%#^Gpdb=(%Vb#=Baa0o;Tqh-cWY=PrVV7}`_V>p9G
zhAJauzTOQPoHAq;xi8ZGInFx#!bk_^Se)yw=%7;v7^z-x1j;d<M8uFw=-Ah}Mh`X3
zU347A%3~akWbB=;Wq<12!@l4g7|mlbPyTJvsqo~Os}_JA7SLUIAVJ%D#YnSW={jb3
zVnWC3812FSA9?Q`r^iv`|Bq&#xJi2ate#y3>sco;)}s}&WMFOC*ai%?0mBg`8?Z6a
zK49!!nV^S9mdRjjFu??y9FCmf2nYB`M?SF0L2$s4k7#oGzCTqx^USW+feU~9UO&CG
z&&>4nbXQkbS65e8R~fI3`^pbnfX>Ah^ps>TV{8ed`X<;qIDAL)-6PcYNunsq?tlT-
zq`fZ}d*mu}19YPc&xV885R?C&w~C!a%uD#6LMF=ez0MPv8gX>~Pes$zTH8n*op0{Q
z+q>{cW4%*@C!jW6I2+8d89&&v4)zuI9}j@Fh3m*MxH&28XZ#nFdcCiQ?4gKV=_Y_2
zJdID2koq09jbN0@l5{%@?+3cEdS3-*-{l?rvC+()&Sw&%BnfSdn%Pr%)~1oPpX@_&
zY^2^CY~>r$21juPF&v(0WLHvLySe{V;{Nc6t<XmRD0`t$&>Go8P#{vfcMS=ndvJzd
zO6cB|7|te^@XdJwH2Q`GTv&0m%Ku_C{++0^naSJke;>6@mEfZE=89=-C04}T-|3JQ
zBg%amTUptsRWTFDOLSEqR-=zo>iO0OjwU<7nb>`0;ac*sp_Vv4Uc}Q_W$%MPU-luD
zP@igKU$&d<t6au==kexh?%E?>LiR9_u4vW-0|;lPEn+}%ys0vo{i_OylV*1A(KPer
z`kIhOW9e&kH(t-auJ?7KH!iA*PIxH!*FYkQYxZP+Bo>E-5}3{5XvImZmAytqRJbvy
zi@IK=WcicK5A@ZuFIdi6{~5F~eY+l#{v7=&zyHU4P<SK;kvcfLg8pzTbSdx&tzabc
z3w7^@{X3D={J~JJ<D#B@k@U%Q7TQTqVq~=2alJd4eTCFkJ9}H{qvLPjqe;GLP3E}x
z+VHESF9OUi(CQ*U^J}1Cl>CKE?bUPNf-3XAPx`kaGsav=TOq0@Bl=h=lM9z>gs3E#
zqIIfcwyVG^3RAUa*jN9g%0sRQ8!)eRGW)raYECu3;AwCi1txv}wbA%lfrgL2Q2HpP
zPq(HwuN{{DN<ocKVn8S`ihrN|yS~IQYcm_TrjS4?Y_Dmp5$EX)juqsgQ0?rlZLKYX
z{IW$LGjKxIF|w{}tt)4J^`fjr^<S{+!)N1sw!XD~^VT8QFZIvV*Gc~bpvnFq#&a4S
zKE&0q;t5JnxNlCe*#NLE+0fdcW2V7AXfcJV;OvtEB6RYvz^~Y(c#(pH6N9^&zKdM#
znR<7sHRGg0ZULiA3e<g$I{bL+6oc^#>ZB8up?zr5w;OUQinY2`&vx{-jlI~RV#^Bg
z+ziH+N=x6V3J*hv(K@WCFfT@do;#uYLSbJqEDk&M%k~U)zF6hd>fKeCh6dL1B_-9t
zrU(a~Ya?jzbTM&f+eTOEW(ZeF2aH33v3ZqOeBteUO)F-8v)0WvFND_ZR(d-Pb)+fr
zg=+01TSuy`TUuK%cC2L!LiDDncaUOx9htp|$Luq}O<F5$ZOX3Fq|j>}+3MMZ*WL{8
z*_>S^=x6KQm95zVF~%8gXplEF$OCUp`a5Vq`{u2iZ{D6$kdvRH4Q*|0<v4Z0(q2Jr
zi&z@%yHP&W9P**2^Pzec7>gKzXy&NaQO7)0>@Qik@Mw0(vWL<7^ig*Ea3SK+cB@15
z*<-k6XzsC;-Ad`(?S;C1EVoJjmK2)}xXm8PkIk6Sqw%k&fkkJr=@vS{SW({3Lk35)
zte+QgI4luY+dioFF8-|br}<|c!3)Y2li;P6p_m)`eyc=pWVXCOb6?1p{U;z21pJm<
z#5~;OB%B;~AjTT??BQau^;&wk#&pAc9*h(JN=^?teqmSE#Bw`8Kzt)>n(!!P$t=JZ
zO*N^9Q?8et+nxDqELJ9Yf}y3O2Ux1Y=xXU7McS4U?km~%sf<8Atc$rBYzLp*|48?@
z;GP<EnOOl8<_$&$p`vBxW#u))20MJKX4?FGmIWZ47GD_Vz}bcu4o}&<I=qo7ME<SD
zkwWMVzq7Z)@BEuung~}>5}e*0EqMF-t+~ap!z&DVFg-{>4M?}D<)P!+E9u~sl8LoW
z?k?_QpBxA%B}P*2Xyv^<dD$aG&a}CkYLIVNho|gWU=0b><+h@$Si&lYb<`z-f*g9#
zIza2wJ5uJn%T3~=AeS#-+Tq-BFtHs0of?0&^v@8@K)kk=9%;pe+0fYUmjt!T)Y_y7
z<!UaYf4tn_bD$`<md4QZ;MT(u{ri99`vt+3=d7h0!2M_~o#rwYYOgz3CZFY!nMB?E
z*!tcF!(RQk_^hn^ojCo_aFMAoJP#a4M^NwX#r0yxr+PzkHD2r4uZ8Tq4^QEn3m1QL
z9cUVUBY~lweO}lBkv8IgDH`{gOTYE(T9xQVP38xjLk5rZei7o`BT2x;XjC_3wDDrc
z{9<AuTkSJ-GeaC)qA8_rcp69;3PO@KKA4CF?@11ezt4Um007S<s?9S_Gn=P9p)}Of
zuVa42fEh@jteZ_F!Dltt8h#G`kjCZ>jkHU*&UPB1gB~H_K}X>sgdumxyNRwy|5>cf
z0cvDFHDs9e@wgALrX6k9Foy*UJJ>&HX8&ct*V8S~<UnlMnX^WsVu3x89%9%!!>;BE
z4q}zv8Hs);-1JrZSZ64P*O)OIsu4Sgd$T@(k>llzN~}i%yU~4w+t>xETES(Jg%m5y
zRE@909)HxVP)&?)5TDp}jX4Y@jz%CaL8+LoJs8X27=UlJj7z3+qgELA5s8b6!?;vI
zqNAj*{MpZpw2aq?O$z}Ek7gpj;=SG$<&Dex&jC@}+s*LwT%OFLQ+=Z7uZ;Xa8wj-_
z(+kOj*O^*l@I)x9)*L*EiwkN9-N(F?hST(_`Ij)+dR3TL<tf1WyJJFeG2m*gslnxx
z!TefHUkm7iXQ^O^7qinU<nRu01ub8c$6QZ5lLyFCZJHfxRo9VemI_3P;xPFuBH48h
zE4`D{!R#X(OS;DAsUePY06!DWXqGn4=AyuM(a)1rZFg+&6s{WMt}nUYiZkAwpKplG
zoy?=kV?O8HUsP8FZecvu^FF$q7mqm9Ll9?YCbrNBdBsZ}GaUDL-_g*K_Z>xmK^s}g
zG7>^7D%p>%5xuE;B|Dy5&<+0^_9Ajb&0>S>QJLLC72awLtc`N)qK-p8j56cP&gIaY
zTfXAb0-r;9a3h_i`!aw=+;H%x;U<X*IhuO4R~nv}<%^!=NV>Vp(+C)thYGSePUb_J
zx8j8#t5+{VzKuKQ4IZa!I5>=l8J#*^HGf~$jPs9@p2T*H!h|&Hu3~dl(LQ}y8C=Z8
zd9d$iKGtjm<Gu>!#KCzxtqM1i%=JlT_Y(K@=^}m7M$M~nUnMU}?+b5nUobC9|EcG<
zs@zWT2F}VoUhT<&mv+bJxTC<!W38{<aC`*uspe<B0s+BagKaOJUkv`d&C=PK4{~9T
zo(F+PMoHnq#XbpA-_(X=XSaLSIip0n{(v~G&;PNRa18`Q#eBkOHy}*b9G&r^*yos?
z;J}W2#sp@eO%4?wRh<t8y%_LFPFW(ivQPSJk!)F<SuS5KPPd8L4#>w*qhNEHnp+Hx
zRro>uxQA!+4*}L5j+oo-)!<2BHzz8Ticip^2jLhzQTKgi=u{T&e>C-62L*3bU${;&
zoLA5{MPIA#6TGkWrJdl~te|CaU*&~-)#x+G;CqF~iRuJapmATNB-?STqime3-d?M5
zfE&Ca2i2lE>`J2v4Oh^3cRrfs99dBTZscKW3}kFP9biA4_a{!zNYc(82=shwYDFnH
ztx?&-nAiY!?sk-|5HyE#4KEQB?0BD*fb^c7LkXO>QX!JmfoOu<yim~-RgVI5%$F%Z
ziONm5R)8L1KJ`pBJDIAZ2(6J_?J=yMTO&IOwCycMS2h;7fj&?HVNyMwX)+WMrc>>8
zss)?^P;ls7ELc{C#wY-%B2Yho?*WDVfzrnUUZL4>{}R6EEEy%}`y!k7^urA`6g84P
z$cyrmXP%qREO3u`I#cqoA0g)Drk96;Gu(UV6pEoa@6kmh1Pvv!iM4;>4D@9*iQ}~G
z!87ukXX<8>l*{v*XW7l*1%7#<E^x*xbq$;mBECeAmBG_>sSYmHWr{+cts6-BKN$cE
zubYIkK36G|gDZ52`+6EYuXO)>-OofPqOCR_uxSe`ZVGx1>CRK!z9#TOeVV<Ia*fDo
znZ}9E>ZZmM|Jv@W8TK+1r02X)wTwcAmo0n~^zs7D*DbY$2Y}Q)z$vh-o~fOQw?nzY
zw=zGqHBa2PrdX@CFj%ZH_GA(zyssX4k#c**AiEijbHoNz7<SV)u|YAj@3rjA?KC{&
zv?0f3+*ieAEIOYq#Vk`94!_)I^z}FpBvS0<D7R<Fr~8p~e1b0_+S`%60ldb2^=vlB
zZFhWEwx9XiPka0JF}Pdyd&5`h`(v)}`*mCE(fe6PT%`V*9GQC~_XK*%KE?-DQFnaj
zDCd|sXHhqw@bIE$9&L%NabI+~d8Oej?u#moG1>7W+CN#QTTWPT6sD4Xj>0(=!!Xhz
zp=Q)<kAL$RDsFbiNt5(ki@tdn2|C3vfhb}}jex{Y7D<#QL#zxP6II0IG|UP7axzq8
z#(omE%YVJNSN-N^NvW;zGHZlRZ-L-~hG7*7najq6r74v9RwTvFcHCvC7Zv>0?~D}P
z+(bgT#=SDwfp0AUB!>gx*{W?_I;j>k;Ad~5-RQc0z@;sbn=H6)!QE(ju(GgfDfBTC
zw0XUO*Krs{%(3B)d_j<tQbJm7vi{n6vpSusG$uLeeT^<01{nvnyRvUXJ;s{@AV1_S
zn=_Z4tAa&%uyiTDDeYC1mRF}1Nn;ISTFt<jbR-K|IY;<Kq8k3b$=`$clUt&>X@0DD
z?NvxSeP^CJm!o|inYz5aKJJT6wbr%PXTOp_+*+r6(hx&8*{2M)^*(jC){Bq3t~gFV
zt5?*;UZ?{pE@uj107vMG=H#u7>1~EhS|*tprxBFF9$cV(XzS3;NraJt4Q7e`hqVrq
zFR?JXMG-(g!&HG@xINRF5t1NHbiuQ4{HAFKg&fr@z@+uXNu&)0l_quTRCp%*@(8EU
zP?NpIz}|m)FNyY_ntwjaW~oLHpQ$g?R;t!79yJt@FmdMMwC>vD`$yYHMy(_F%$@${
zzx~aQB}XSo5aFNnDvxDwyjcT;d+n8J|Lc9+@6$N%PK^}x7i>}lY-|!QoYul_ha+Bw
zx-kxn*`i@V`xyDBrZd!F5l2LSCww}`^`cCVprN5jhWA=vxg?Qu;XG!~)Kx@rM-5!%
zh&rwOybvXyI>seo8gl<)iQ=`s5AFP(KG4KTAHds>FoIQ|z}Z1!_l)@$Ayj9dF}&ww
zV{^t(4!3WHWuRZyv}u!YptDVpbS<|6cRoKYsuQ*yPbZU;>A!pDR!P{uTp3y)LQ>Jn
znW%ag{c%e&ae&Uh119;Zke+Rsb{*?PE|_R2ZDT97GnqHb=ZE7Cs9tSCfY0mQw8QHa
z9cZo%@~TFl`IX6jsUhf5J`nJet7=n~tK#nJT4y>(J-Dw%-{sqjZEo*Nb}?Tqh@znX
zp`7ZAhlyh4fQx{7L?~9i5cLg<$7$R+o5vOIjTy@wM^RpPoO7mf(1JmY5|c_JxKfcC
z?m=YLoakU5OT$Hop*o|v<1xnSj_!0W-{_9F8as7-6y6m}(_?mXUT&+oQ|Y_h+exe0
zX1E|>hLx$-#Xq6FkF)mD?~+$U!?Gc)&Rxr^2^$T8buQAOPgJIEK9XoJ5iDqEOCMes
zf0iT~)&VwKzn+$Wz+&dE)s1_5GrtAr9+Pr%+!x{FNwX79{{^@t^Eapb^k1#H#t;A1
zo9oiwX}!d!&HO}Qqr+rCLRg#|GMgRFr)E1uMJ~^XTz&m|-s(r3)!lkd;$a4~c0*5P
z|AHObOTh{p>t(w50_)|vof^DCm(JjoetDI>|Be&_5t8bQ^|){mH4a{)+rECW9ugUD
zI$f+-3E9VawhT6IeGTU4|LlEOTe*(>@lKcePVSuS`%mTHhl8o&ALjx66O@-VmpgKa
z`-0U+7b}hQn?gk1g1(yL;=RC9bEFipb~Td9!h?@S{EaPFST3SK`L2~vOTWXF<s)M!
zHeW<fG#FFu^rE-XzJ6j9!muvfmDg;0)X%Q2g9d*DyifAB2}~p~PK|dQy=DrSeoM6>
zzRmm)mOnc84(pz|XXp~A`*}IemWXf3G@9+kH=nN;eRY8edIWObtbmy<A~s0NC-o`b
zK736q4z8SvO<B)APGO>d32z!pF{cT-%pq3R2YIO&o9VZei{W5WAO+OZZ;&#|%>1yw
z{q1kje(WBMPp1Dt^6>TC9eCT)QMACfwnQ)bR8;f%E4DMdPZl1q!6|hZyu&*z>di29
zIx^zE=#fU7yc#b&>}c8P<W0#wqIxX|k5Nf}ZqfZ2!^7D>nLcCY>>sm`F;7t@ZOcyX
zZou{w!9Y<j75)lM@knpRjZ9y)5Ae~y$9<8!aY2AUkVBhbs^72dKgg|2VUC6W0UGT(
z#CEj#gxuz;5}nUyPxZc6bzbJvRf8J{eh0I=JlgPWso=ddY^*`MDSMj)2^*G>tzZ$4
zfN*uoUR(Aa@-~cojZ9&CvQu#8_oUFi^!vgT->Y^nEE(t?c-yQUu0{rXn&9h<%$+ZJ
zj5U6@xiejbK#SNgwsV}L@6d`!3I&3EV3K3XGqiOcdVRQus2V$=K<Clq-R^liJ6(Je
zlb_sTakkraHphJ}ATI~xMRB2W3F~3Y1=JPZ;$)}mFSO36Lw;8SVgAnFNQZw`Xl$#o
z1hZO;h~aC+!QQ`IFuWUlwDDOh9EAL>iD2W_not&DU~DI?$=)a2MZMDtVl-963Dl-u
zIk2{po_|fm!-0iOLBkUY*vmO}V)s_j3hA^woJ(ttWA~zwP%sQDKmAXtXXY8L+hPNr
z5r&(;wT_MI?bTr~If-rua$Y0a55xJR0v|VDjH;ZynS$ugsF<9=<*`frwJE+Vipgiu
zDOaM$Q{E+_jl>w8hpEkYI`?RpL2wE%<}VvzI^&dYV=Dc%X_T{vkgu`Ur?O6Cy(cRN
z$J{N8Gx<h`*(^UNt?^tsEF2}dooyvz6DNAQk0oPQ|3>@pGCQ`*{dF)Vq!rKiz}-gW
zTpWbq$az=Y_yA&Rf|H8$d%_Gi^6TG#x}nY4uUeb$PaT)4j_z1>=fZh3V8k1U1(i2S
zjh7DBJclLL#+o}`V!zZ9tKo`KpEBo$udF={?0+Ops##>l*pA&^rutYi6;`<gE7~pg
z04p-K03pMNs!^w8@cxzSF?gSHtmQmuBHDbc+q|zszjGVve#U`yt`0W#d7b|<De4bA
z593$od4Pbipl@~22<Led(IGb<@;vS9K2zl<hcF-TkE47(OCn~<Ex}#zh4C8t+3a8`
za0e8t=VTY_+!N39@u2Qh=0oHDYk4<yUh~}U31^*iR_8osLP>CX2{v*cN!94x)O-2$
z)w^o`Gun3eL9y*nhJo1|^;UoZwkH^1z^noD${SYs*#m(BOSrpyR|@1^;>iWf0*e*Z
z)Ont-cX(bvt76|<a#3a|4HcG3iZ-1V#jDS=dnpK2)24HlrUaGYrrRUkyp9}0D^=Is
zF)!zOIK4LcYNNDddZNE%%lZTIJj?I|Nzu&F`JWe?7bYJI^~+eYcHENn5zwzJS?|EE
zTVct10fS?33Mqvps~$?0tiEI2x74#VlCWgeLt)7(bJFY=&|JHU5vrt$1{!TMLjAcY
zu~plHeuh+xP(7i(r`;$gV1ydZ#z3{X5o(n+l-ZzO7L8w-+n{p)*4ze_`wvCI2KBP&
zPG2+q`eGZ@U#fn|)m7>Lqh}lLyeYv3RV@iNsBQ*0)-awaQ$$UjvU_S6H^}~=!peqn
zyvlx~c4Pgs$ePn|rLDpCXa)VaS)c00OhfC_=()}84EA8Qph;gnlAQ~3U0l?pxjJgP
zh26L;?1EvcOaLtJ!_;f{P%rfT*Qzvw$2`k<%5qP#*k-Za&?f2lw9Trof|;YDDuhy$
zEBl;Q0!iQQ6$?WH#cl6a%Jyz$0Dg&eq;&me9eFp(;B#F}tGA5@gZUo;NL%R=h^40^
z@?g?BDEqZAh{b6qw>Z`Ixq)}BDraQs1F7Z4Ik?E?a$(};Z8Gc9W1h{>D6sQzHJyXd
zU`N0DUfQ(_C|GzhGje}rhLgN^nMQli#Y!>9iAu=Kct%Fb_Vg=(JY8pjJMF-@-EFBz
zx5dQqRd>Ry1<KjnvT_l%ndNJ4MjFWNPa?OF%Pn7p#mVduG)^e;mbpo3(W7qT*t-WN
zV_M>LW%DZIQCZZ6a(}m|T=pb~I58a{GjXs3iWBp6nf+E@;E>&mTt$&m2$n|1A1%Wo
zBWE+Htg(MDgtvl8axkb=l4G|ps5Al@8a6Yq{!E#sTAT)nE6swrJp;kaz*~NA^?BLz
zZsVvj543)+53LUCx%Kni$!YefhtqVc_k0oNp_F}ScAaWHtiHBnVXBgYiS_c8lnp5h
zqed&ZY&m#1(%#|l@g=rmr%^ie$NVZwFg+EvVtOF$RL{XoryP39a$7MyNFZ5eUzb(J
zpKi*&F8Njnn+NRcF4-q0-zHQcOY>EuOIcq%XDMGbTgTBHzYh|AVItmPi|oNn9w-et
zVVEt{U`3%PGqI?<9V7;k7VoL!mqiwkb+=#)UHV|E#PI1(6tKMEQ&Du;@JV{4p&$xa
zZuk_8YeLZvp=j)$?o81`yQf7ureKBBsJnF8tOp4+6!1_A7~F-=lm0*OYg@ec0#`~Z
z*&Z?bXa&St-xl-R#od&}0`P?Ii%)F%G_*?!%OX7g$au##d%D;6eR_rXeW+iol7-nZ
zromwJT7?#yMm9kt+|}Sd-G22F91X33LjJNvkn+!B7_GeP$eddRX?mbR_PXV-u?!l%
z*C@q+(CQBcnod5!eCYsNpt>2}wkH^76ATH)L=s^H6J2RKg`8V5&cfbi(%(rHw70AP
zN-6`Ty3IfG?NYwF5d~*yW=v0Iu|2rAnqo6nCHrc?rG`IbOi%mxOw8@Yb2UzeHj`yL
zM4gN^J}cOz_x>5zD|}o9PLIGBV9$$ij1V=(f`R3BmoVz*h>c;NqVrOwEdp?#x^z&0
z>D=Oj;c>8JVUEl0mCQGii`)#o$~VGBC;Np&83spo0d^<Sr>0+m6SOf~Q`@ge?-VxC
z>VDw5h1pRfdoD1v8cf$$0EE`b?iX=;FiP3qHjBPJ?eVC)y*2J<kZ8Po*Af9Ldd=53
z#B1k{xc_!EF5SKQ^rt8sp0^l}W_vocsFv7Pn6q_f+-L{n$ToExZL91|4Jkz?e}^*8
z3?{{srnj-koH~n@v($2e9KI0FN+i5KvzD$`-;2T2%oI}ik@HF4Sj`RfFafQl>y%Uc
zBB{9zqz@mlAR*IGE-sMt^<rpr*Qy6QaAzF#>}=7KKR9ojDeR=P`|Dk+(eRUJHnDl0
z?40sf0wa5XQYc8!56!eqHbjJ*8i+0NTF{gj5`01IK`I$DhE%TB_>k%3)=+L%SvH2$
zXmDni8$+sS6{c<9nNU^w3I@-{ym`uzJ<tF(d;1Mg#S)u735m7r>l$)5)uvC7)Ln!M
z^QOwR{Us;n&bEo1s_#g*p~bP4Soz5N>uo_MdkYr-(MH$XDA829mYwwF-kaVd*biuo
zOE2<#(K1U|72sPA()5n(KS?_?O04@*>eHH~>wC2Ar&QKbmeSZWz9gl4*QO7q+NKpL
z6>wZ{a&^9b;=UIhB)zVsA0MsJxYF7ZgZt<Oi($z=p*o}eCrJ~nO2ewoDz5Fx0n9-;
z5V*qSfyQ-!r9C->g;OmBEbZeQ7R6^*UD+p9x$lWg0-NsvPT>cCx;TX^RBoC73v1wg
zU*MBXx9(2w`<amQpnbp8v*e=TxALJsJi)7P)ko)2b{=EqWHgm#x-i1^ApRr-9m*f@
zTL8x1+<fmi1-zM?zlB}5&L3~rbp8%@oteL<U8m<CVAoai7ufYC#i&_{fOV5&<A_Zf
zPG-K%UA%QXwvoIDH)?-wACsFbCFy#qfgdv!uA09H=;lAjPvI<hBG}amH_}N2yE`Qt
zX%ix`uZQ3S*l?__eW7S44nC>#I&5wYHp{hzw)WC`c)Sx_eZJA$JcMg)39e5FuCkxw
zm24T!h-OX4<d%A?=BJJ)+a34`E=;<sqy?p2_tuMxiWjI+Rsu7-U#oPf4q9A9Tb1Y`
zz!COjm4!$@;yH0&8QG;W5AFF=C8!JinV=h<$<N`$eHD7?BLNc4V;!zk%hoBLD;qfI
z9fvVpl1Tm|uUv$$(Don>2aLt;(|F<hqrqF;NKex7ZO#T|JWEmFhljLvQ15N@NCN5C
z1ijy%%Up++tHx}+Fa>VOg}t6gdGWY7a7_LE@0X6N*!-{MV-_2O^+!#|HkWLJP-7H}
zIib>(Mpvry5McYQ@l*Vw>RgfgMOAkBMMYyM)nQb$LBrJR5It)|-!CU8di)H!gC0MV
z3ysd{+4oladKv0nbY@+-EqxvuP^Kik&Iv+qij(P%!*$eumG@(d$$|sw`Dt_ocr#Kj
z19Trs0HFJF5$$=sSNr^-cZ=XT+0&Idq*tO}Qs0ZLzP|D+yn(Kz@CFQOi<#i@1bVyu
z)Y&MZGq=$mWp22w>A`Fzj5p_paW`0Y)kBPdB5r1>_@HZlZ{1vDJDK_YxgmN1j<(Ie
z0QCrHk*8KgWpHj4-j%9F?8!%&?m}5fi<rFHTcGFZ<eX+-LHl2<_S<eZvyvZhX<!F|
zaD3;e;lVhx*36?1=<I_<BtSfK&-gFEGd@Q>k-M&=@Qq|x5_<rUW<SoRuC_PjR9t#M
zYA}(J-61@`%b~c0LND-QgkpAB@j<`}oefq-+1RE>4heC_^yq_!fE0TFp<KK@-v2><
z(A&_@9*?DzzTpA(#%WH|Qt6#B{j*B%+r0NNksb{=Gk@hd3=SLj6UF<z_ovSMmAzY8
zyt8jP`0fR3Y;NP-OPtoj(M4ztA{y--9NTey+vMO-p~Af47T?0Q7e1-|eB5;snPMwD
z$pl@#1J7>2SntRry9H@+s^47<Ce<_BWUkUSTd&TI0^r!Na$KAUOgCKSVat}uUOD^i
z@a4b8#e8&l(e`A^n&iU2uzy2@%w)H2QW^ar3YK}5L<7TfqG71+OYGNdPKy4xzCKQ(
zH}m~V4WA>mHCs4#=v}qtE_0XhCSqA?9@?~f%?K!@k=~4T+gNY+Ud7EF>pjd6KGu7n
zA$+WNpE#Mnl8G-p37E%vcV-{1Im1?Z<S`pXJ}OV;_NJ}l#(HVKT(Kj0V?;wr=3g-^
zgQZWHk+2ZR`PORZPa<b)t>)6(Q|QZ_M*L`spHPW6oRgeAGNakMc6N7F`Z8>br?Qjy
zO*e7)bF@~Oe<QUKC<oXUwi(>PFK!$?hBEb!RRV_=->E5GIrfQoXI3cfqeYr9f{u{1
zFBWMc$C*TF|5>CxP-%Z-WX%7jNR!8jnZGEle(Ssr9Z=kK>v&-&qG*!dj%wjWw`b?(
zbg9;4OmnVsfRiMe0>+mMCu=X=M@x_R+}Vp<_SyJ4i9BZ;eir+i#6;8rYBqVF|1r&V
zr<wIQ6qKD}C@IurW~b5K+OUw>xqrHAaSj*v1<xdYh7a)TcpQ_M^;6ND(}vA)r-U@;
zJZp~iF&u4K--I`%o!ZY{&Nt!Gc8-%TZ|67;2l3T+$E8gb?<wK!*EF;6b-1)V;Vv&v
zc)RP;!gw#d9mO@ro1E%_Ftr^2s(ermEgT&9709#iV{^C6t*ks2^xfoOw_h&w%Om~r
zD8D>fmxbL3ZG*=QZ}-^kMNs^p@A)3<m%V<uNSCR>K3#^V4bInNWpIHm)xo?j7PHm?
zz#knc1A`)7xIi@yNZ9m8wEuPzVPGJ|eO(3)ml=Xt)qVX2L$G)zI+2qI_YjQ?$9$M~
zE+(JR(z_^kpeJ@lb+KTS9PIKGT|&y^xn<JJd551-=&Pkxj_q^mX_MWl>3*lyZ@P_Y
zF+5iW!mQx&vr#_J_4RHu7JPb%*dZ>h03hKsCa@_(z=~xGO}8#lKlpt7-zd|%-79v~
z4!b!o^GxU@z-hS+nC&;mNgx$FXxj;0ZyjU6ZO7x3b&WmQ4CyU`4d+cN=q|@cBHk0d
zT)ZW5%Y5uBM$(6>|2Q~DRhl^)Y?dceX&3Qjym{VC#18)>&N9Y&o^OC5I1N>2Q4f30
zU?ESS3iVIE=Fm=hw-pj|lXw&NhI2)fxVgUq7^?rfo%CEMC;G2y;dWmkc!^0Za!yxE
zg0@q<1_hzG=dPhm;h+J*DV8=z8aKS6V8pKmsrKcXgfv%f(#b=k|6!A4PiHpv12s}j
zBdm#Ti>3t)V3-E;lMHfSS8iHNQ`MG6b`~wg8c4&n?k1i!ts<s!3s;SWTJ(0>_e$ZQ
zS}~at>pF3W?nt)4*oC4+74_hmUuOtpiOLa5<q6pIA&=iL(y|(h&T&B3!>~iwV=7~Y
zIwnjvvt#YNRQeE=C;L<%yWI`mJtQo#pOtMyp(<_U!Q}-12`i%LRX(3-%!)eHch$Kg
zd6A&aH~Pa=*SG`EMgRvG=z0ag{3jn6)}Sg40x24!XqgNt@MmwHbwA$zZLri!*18dg
z53t=KzJWEkR&KDU<g#-o0$<7@%FAfgJ9?d&(XXS%x;Fq0YStZK1>9H5bNgR%<QBjf
z`>x|LxAhgPc0w?q;=U3bGB>&v^L3+J-3@teu(?%Ykh5H-e6{0U{5_;Evc<Lhus$o+
zY;koLY;k2vB)yRT3*)bcD2B4n4e6QN48n9#s(6~~=kWm!)t)Mm4#{WL&HP@vyHdN1
zPancJuXS0`y7XdZJi1i(xktYMmCN+fCArQC4#ue>Sd9s*ap}s5qT+0+<^t(qoyR6-
z5nr!_gQukH{Sn1`i-dvVnF&IqBez;1WDS$Jp2Avlk=!mfaEovs=0TmfUz8qnWjcbt
zC_UtV^7W+aDEp%PCpf+Y&vNPVEw@~{EOnMkmm8zy(l5Q9^vj0nv7Ju`eONe|5fK+P
z8!KqFk|#Bai`o!S$VCux5kOp2KNnTUMWyqB+y_v~GyQV8U!J9lOFQ}ed06PXTnLgI
zKYDL;{sGU+Lx><AJev=PW9FZHY$!3b+vDcFW|*E`focvqRG#de+>hcHj!TlBVEYN#
zD~1nfHY^dnWn$~#*IGI0t&Ka`Wi+<SSOYD<ReZVdc7D?1$*}M!O$EKENrOa-w^-Vq
zN_sIlq`)fT7p~C?#E#h0wC4yX9DKAEstl*iKx=xtsBgiS>`0ZpX#35n^UfM3s4VrO
zRO9IUVXEv@JML*OcP}uibKAVwd?3Hh@us?p7<yJQJ9NESFVj9tkJWk(7RpW-(nhgj
z0fQF4a!G8x(}3&sj!Tb2$v1KD2o~H@*=Vm$J8CYJgw3~RI;ScYMK<h%zhYt)ju~%7
zY(okpw4vIhz1}>u;Sj@8ChD8(r!(Q_=Wwk(bjB5+U`S_IJFb;zxRzb$v#I+HYLokW
zvh6W6N!jB8(mc10^={EHw<fy@n-pWy)XW~syYxx?m@A3U;4mLHYuQD-k@=0;uzz^}
z>c)jM&=13Cf7MMoYbC{;-{;CSXxbfr2Aj{d(Mf0Kew5?r8NmBS?*l2jaLoY9eMZh>
zM=l9*YfUQR=p9X@+kF7oM$e4vt-K|!pOyl!5FKzHay`LsrEz;VTI$ECoDgMCeR4Bk
zJ5e}J(j$1axyjP|H|F3*5`KmF5hJ94#^Q{L$D)3d+B0cg@}`_`(0R|JpBPEc*QM%y
z6<?@(T!FuU>#$#s^L|z0qOldyRlsuTDt}RW;Nz;q(!a*QRHh_-uj`amQt_Z{iCeL7
zG;#Pwa8+!+ezW(}d$g91Q(fRY=5ooO#%l_h`ZQtD1AT%&;qlH~^{<4BD=8mbT%}9E
z#fx+gE?#WckoXdN2wo^(Y7h0n%edzJc?0E!^^FSfxm9it^c3b+O{zMxAl~;DYeV1a
z?_2ej6BBC{-naVtR#9KoEL=`&40(K;^S&^js*FYW4m?q%E=mvmAcz*F2cPe%c~N@E
zFIbjK7jz*#HhJN#-X_7z?8K&51!V@jRtdp-i0}NDbe9jKJ&X6hzD<AnG|-CXFNW*P
zfB6SRpwBeCrSSZ%Iq0=nA}sEB@hW{bd;!tF8W`y4f8t{MouxfJy;{`1fIsCe+IJFg
zzD?~*E^NZD=wDz2ilDOHtwat~$x~r$zuWOJ^kRF`uc<>rvyB!zl;{0txx1^*i7mUI
za%0!UlJjZCUgcYj_PzF8-tObT<_zC*ln3CesLpC)i!xcbh!s@M_cU+s;JbI|yM;>+
z6`KoD^s;C06nXHOg@+KK5CiFj2gqamc|33gw!ZM{yxekV?AJM3U$0Ab@CGhM<CW+g
z)bmcK2c_<PEk7OmWnp0v2;;t9cx3oeLiR<%g8BBL=ODb|S4i6EPkUcu1?l%D7sLuu
zRS_mL6eMtKSQ<T(MsvnfjcC*s-U{KFgtB*j>_yS}>8)U>`&7~Vxw9ye?NQCxbT3zh
zF6@~^P^zS_2QjV?wG_?@hm_ZqRitm^%bdl$N%#06_!&%m@MaZhV_Mtp#zWlLg0zb5
z+oRJU=JKWcnC*_}%xt)t-JgOkXZYqQr-OT;jWw${`J-1A={sprm=x6al7E;>pyBRV
z@IK`OZ4z>O1Fb0UQ$sxI{iNR&Y_SDSSypGe+I6;z)+JIpzRk#`5Pdwp+j6mV3^4|8
z+!rnuUJlgOzCuU)4#)6b#OAjOb(4d)>5`;{#`Y~dn_ODxW!F2tK6lt!5OFKyIxF%F
zHS6VS7T0%Ckrik(n?&~pKVP*uFMTChMr!H%$N^H0hmWgbMm?e#M#OPn6?$U!5)~tW
z$fXOsk8QX{cOjT~6|<1=czfztRwrD-Bh+MJqIw<pCqZZ4X{bai{I2D2x~Oj!>xD~Y
z=KW)e^nY2doQnAiE9-;3ecq^rSLD6obLr8*C|WJerSGThi3OX~X?-LUbV=QG@Bv|_
z$1Y`etKXa5gZNk2JJEL@2lI=t?eq>>8EX@JFMYK8D)?&lAQ+JkmJgCQ&OR!7@G+w`
zuk+Eqm7@TcPCWF6LuBzSH{Cve&Rz4nJaG}<zsvbl@qNyHlmPcp7)rR0p5nd$U`o>k
z{u5$j>Xikz<c*qJPIs$^QbwGIs>IRIj3P#C#q|4tBc+4E5+YmPSjF#ikcJiKGKuCG
z(>WyGBK8z5EUk-)kL=#EyEXk7sNAO#y7$SS{)MMS76ez5z})$-N?#&-=#`;6PY*JK
z@>)9EMAAV`RHsq})U!=&={+w%WAe}7J*OWJqXRn%_K~?7Y@#;!G-XY&q1+mq+9IiV
zY<kOhZ))vGykYQfyy{JM$3|E}+kL@rnDRf$%Xp$X_!!seiOLy-o!&W$(@Djg=2Tsy
zIZ^SD(-rP^mY%EOxmgPVjBDKSzId+dxfxD?>Hud^ZHOqX<0YFSX2g#RhRWa*y5O(=
zlXk5QKE+i5j`2d*B-)g=&@5*)<gA69b<Zi|Xd+N+Q%0=}e(+ef>!YbwW5Y!CjMm7)
zV_0lweZt~FK&r9RY98<=rwzuQj~mW`2|>8TQqg%RYHV-o(IxcJyM1g3aH&X#)l<7V
zMh2VSEsg0dz1}0^zOr^|j0FG2HGc`9hi41G+`DH|!y0JAt`Luz<<8BplWjgjc0)2T
zXpP*#zi2frG;^zoGZfU%vO>s<ax>G}e;Y2RCn}>8Rc3VI1?wMBf%aK2Hv`TX!FrT4
zcJ&*w4N!!pV=du#4l+noRvo#dtj|Nd?b;+RMue?1(77+{0o`p*bcJ51JL<I^pz5m}
z|DunxeE_jjD@jkbw2M70+CSc&;J{~V!YvhBSR&)*MGhOxyp&CZFbtrRRZ#w_+@Hq5
zD{g(}3bO@PKRtzhdXM!JaiTv9pgJ7y3jeTnjr*dwyrqtdyaPe#lnjho&FL+3bNh__
zD7W>Yf942b7?-eBM%4kmIbyvz;=M_)wMOYpBl;2V%@KN&0j-|SVFPBmWN~kLB|GU<
zzuQIMin2rBHjS^fD{PX`NzEJVBp(o^PEx`$ouuStI%)Fn=p^@fvUbI-cX}U5_JS`u
zFTSBT+TvI@97o&aM6F%k>*MlTzF5S6L;4qn=~dZ=MDHu{T6p7Uc+ci0FARl)&+_cn
zdU0R(ZnB4r^b-j;|E}DL$557va_~8RrYCA=u(@CnrJ*~IEFJfiH)rEabCvA1{8sIE
z=T0J(pbmupVv3az?Y$8SSokI?!twlRC-3N)P^i6YSMtZ5W4x(3<F0a7ey-WG!(bNZ
z8)%8@cRHy%82-?Rdbf<~jfQ6kjJ}>fQb{8Ko&FUmy<I%ASLF6O#z2Ncw8Z(b@4|VI
zx+ZQ8)DuhupVy@_xP}YI>Khif9$r>$)%}*ZLbt$Csei@S_F2V0tNLd}Uip#<CCDUM
zMNi?9>oqi#M^%BtCx0}V`2Nt#zc{@puVI8?Cjhf=f%wscVWoc4(F&TkOV-uuVpG9Q
zU~9Q+tkJ05mvnp``km6E27VCXY-7c4m}J9RG>fqL{u`<<?u-76(#IyMuxM2#qS2WJ
z4z?5GoBhdMO{$dB9=)Ai9X_%^-p};>YzUh<+9_xS%}Q#tk=@GppLx8|Zsq34Ov750
zU9~gYV+ih6bAwj5#<FjSsgE<-#}N(MY_ULgxPaIRbAsUrBX$^|fpMI8I2Wg#8s2om
zdmRI~eNJFlKw0s!dc~iznZ1VonQX1Hj`nV8t?JN+99Y?lu!}V+rPsN%8}L}Yz>j5k
zGg0N$5J5U9u$A6X-vz-c`!==dK&chkIw;?4!;vKSD!9{b_cq9TggIiMarM?@t8&d%
zQL8P_3?y(4Rh}=@1)MOQy|&e8cZd_}u=Amc?qsirz%Uf-04+Y>@PJX#dD7Xh1Y(hk
zwjpdS9I@0LHqMheY->ueac_;TwbwHDtaZ7h5&aOB^Z}<G5pqte8V*jYTCf{!no<?o
z-04(V$EU|jS>}m$t>-iWikf*pQI(Sf5mzHWy;6{!5s+wZ7rqo~_myNIx@mM*`|>T+
zrt>U!!u5svW4ziLukUJ&J7>TbhoB3+QOC=j`UARXO_Yy<*clJl#bj6&1}Npe?=V2N
zQ9G$Ac442?E;g8X!qY~x259QTnUGIJ(%$L6d8f4L6nasvPUzCvFUGuXB6Qi<N$Obb
zWnUMyGq<Uit5`$h!_?o0Zr^+tXrwOBrnNSK?^~Un?Wt;u9>yD%@xbX)OIsZ<7Uqio
zP=nXN%ht4}^Cq8d!^OPr;k?b;3`ipHP}(}WeI5L%5?u>_`k?x}Qr$U{Fz_!Qt-C>|
zIe*3#z9x7ZTIr9Nk2Xs{-`d0j$xfWWiV4UB0#_m9vel?HcWE$H6OAW?Q;~b)^7{R+
zIr|#HRL7&NNMZIHO^|^fA@jbzxuUPN^3v>w)AhBKfZXEpExe&zM8zgfih(F*zuX$_
zxSWIZ(i*=*t9t)y?uJLnZ~{+jew|TRqxL1)PtnInJMvBXVzgdyFJt*x0IjL7wtVym
ziiT=;X1sTJGJ?VP1Ywy3MFpqW4;+Cxawf~RK4!mPH=WfM1fcXGQfw$jq3i!kx};yB
zGx;Jd<MJiHeAzEw@yl2J@-@GFT^Gu`j*g|g-~M+#uBN~7uYdO6_&WWqf2;W<iT(gy
z{?+i}YGpia4>zOwYL+Wzh-jvC-^5G2y%xl5&?CY}+}E#1Gh-e&q)758W`-8a;-Spq
zzEVmKAf6_qSZ(2z#WRchGggpgz8k$tCo7m4>W@Y(4`#-^x{)#cRA^Uy2(-4f#0F(;
zaHKwG!r#Od`pXiv9E-Q3l%7@iB-->gwk#6efyx`}HyCNY7XOfN=D;qJ5kGuA=^ycQ
zAvEN#L>Hr!{HUjI10tGrC)9_N+u?eG5RaJ<B16zrhxvi|O19ph?XC>XIK&^v!(&yC
zb4OA%`m~d$>0VqoM(^PdAINq+H9RYA=^tbr)%kfge`h0VEPb!%(NNBN$h)09bMGJ#
zTnOfI7CLO~HrH&a&OMdXkSyn)bdH><PG)~oPqHjebvSi^6LC(&Sa6NFuLrp}(zOVR
zrJcg2oTA-=R0_0V<ykDG1_URxW)@Pz23y~MtrUx^!74V#-&(`dTw@5cINVyyV385~
zszRe*6Ce{x{!zuFlxPU&u&%Rmh6T^POSp3^h&Oh}x6sjCCn);3@S;1u9eb`@QVElW
zO`7FOmiDZ5WvPaHlxkpcHwBJgZ8+w5hEevk(|`?|?EXS?oUJhO=!?K?@>PUQAF>)1
zOX9zU5tsde;<BIf6Z@^XP1xlH&ZxksH%r;;ylf2{3;3mp9DR4(S4xP%rZGtNq66me
zXjI?{rY-|y9C}tPB!bgMDKje5A~TAg>0KwQ--L(d{^lNFs#v4MHOwKwe{Vr@_F^qB
z<QoK^Sw>3kqJ+^eq6z)9o;-5mi`!Vw<KfcszTZ&B^Esf!{cQv~{1pk3QN)VmQ-rN~
zJenM8Xp6f|`*yO8Jgcbyu4_(yL4ns4+-smr4^*sN*%wqM{!f%$enuoeY8+&iJ$5G=
zUGJF<;T=-4#V3ook&~6o-=i!Zarm=}QB8L=JpPVH69UX5ur@A~;uX0Y4N4YE&K@Xm
z@NI8|WVwi9G7M<uA6iiwO!9eh1EmETTbA7L_%ha7RStJ17bY3%8V_~0&Z}yz^H68_
zArXdf>dO|UgXag$54Lz`E!+`n7t!OL9gK|BI@sf#ZD_4;ZSZ(!-MH1wV#mywVFpAP
z(Z`wb+97$yUFW)U?}a5&pE#iWen6&1w@NJi;WNeah&JV?xXca<+LXKE>!VF|c_p(D
zBY_r6z^pf5=M;@JhXoJEYkd!?JY41;M~;wXy{p6&2yY3oJN*fra)At=$}NK(<rNPF
zCF;zFg;AuFb?|26)S?j*l7~SAOMoA2fcGAqLye1NxM$o$%WJ$+G$iNAC0-d=PbG`g
zQKhoF6JA)4ovARXs8=|(xk7>PG?8SfkCTEWZTdbHX$na^=3~6Z%E;#xi~Q)5j{O?F
zXP;HYzJGTx*gRJAc#`&L>PV8;tTG9HL7MI1>pb>fk|_F^@{(Cj1vD+%`r72|k|9eN
zY4;Sl>TFOxD-~J18?sU0K;n@)G!ISc>dE|sr}Y7q+*@G8+3(4pyFc+(^YmlA0|^?>
z-I-(<M+z;Kj6Ym5GPWL^8~B2+s6#Dvw(oJI!W?kf=9##!8DKN(8<Vc=DN}U3B94@%
zro@iHp*Wf4p%&su)i!Uag*Z}7MB+uJ)+oDEVHy-!EP|uv;iD2eD9rx!7K*GF;iG&3
zy6A(thmWGI7Cws88?;5g;^53_A$*jl4V{9v#|a-bZgy6$+9%ce1b#v6OewS`-Gv#h
z-JEh*t>)pQ<in~69~JwwEX9NP1cjOXmBL4jy8)JFum&Ei+yF~mB)Cc*6PU>ar6#MM
zMBAfPU3(di37UzD0}Cq1yG;4rV?x{)sAvFG12ULN4DvsJl18ry3(tW}wo7GVPtWBk
z7g23e8g|4a#aJH2j*|BP5mwF3I_<u0ww>m<7S+Zvub}muOY#s>nl6Z)R*D`ao<F2}
zE1<Q;Lr8hi&7nsNPly}M?#;8CL1u0RYTq=6fux{MwQqK`S&kzm=`VjX)?5@uN-|p{
z->Vj1RmMlcUo!-e3YCWWQjJ{_PRcVJ5L4=-E6(UL)$mViS)KR$H}Qt<%7rIjTf%xh
zM0||1C-W>OqBYwph~?wHZtw+?K*_!bs>2|6d00^(F`JR{&V=t`Bh8sW%>zKX^`MVZ
zHBZvE{M~ER+BjwP(Zt*`kLxIPK*OUra(>IvU|}4k05m`>l%vLRp728;7}zMhOlN3B
z7}O*QSYr0=D8zCPY0Sqzr#AFaiQ4i(EVYC&xgi{(ZVMeLI-W8N63;TV@RsarS+86m
zBt1#EtT){bj@p&KG^Ai{n)L!RGG$2~ClU#o7|?l)N!lmCJ%`1L)MJDT=kTI%odWY#
za}jstlCJ!A_?f3RLx@Rld(*>8I*95WZGNtdXpLYFVI`Y6b%=(#1r4oo8glV1k0_aE
z-4w4*+nT|mP2b74iQ|PoVU;uZwy|>kW<TV4V@UoFOV)3a{X*%Q`;w?leRfWOy-vNH
zT6ml&S2hL*yjPi>;rr8(xxb@QQSYVe92gr1+bI)yMfPAJ&Mo-UqCelVW52`%+P!XU
zVxpiG<#q?3;`>kd`1l^>t25n7H0<~-JZlmV>4xueFfWt7I_@iDE#1NW;0J=q-o<^v
zXQJh3J-w~=w!=r#l(TEym*S%1m)vB5)Jr^7mprxB$S$W=ELk6fno62?70uLZ;dZO_
zR@J3XhF3o5-P;tAuH-day1Zx6u1|Wq3~~W6vhYesnyvSR+u^!ltdZ{FaU2Bo!41^_
zuh%1gO|@(-pR`q5_6qVz4_7fSO4;|&KTE{0;oS`$l;URgXtJ4+`QV3?6H}h9X4;+|
zDQpRG#+Tg2;!}bzp?UwQY%hcXkJPG;Ccl7??`SiHR6~<riqvqN+h|Aru{X*N26fpU
zQ@?SjV$H6To1{yzaRh(xAiHY*)N}dTI}8d_^Lt0c3ukIBu!re*;dDW652N#+*iz`V
zs@@unBkFY;L@Ic!k(nWqF$f`w{p;(*ol!Yojw9LK7~L`ype%Vt%n3Ir5)^MDiGE1F
zPkTS+`OK0%WJ*l)VP;O7T)CULe=L}}ykoJRbnjRL;aD5pm8jdpw)w-fYL7!EninTO
z4UBkS?B0vD&yDt^N~=ZPEo{MCX|)aMagaR=_@hFbL(g6bIz=x*QL@DWC9)E23!i{F
z8=#x~JkMOT>J;~}r7$u_T@j6+E};ortKWXB@$Pub538?}MGF2USqaD|hkSEH!7oQ8
zI+1TaV>rzA(LI2|JSCgh&2AKbgQMF$5t<>Vc-ZYJ>$6MCDpm)H4Jj#>Z~9n>qlZ%F
zzc21%Q{#n2RFeH3s7G)~a13s+FCTAC`I1qjUH(Ir);$pf#4K@w%*xK7X{$L1VsUHe
z=Gph5myV;m@bQ&HJc|CxTr;__?bfvbg1RBut;fOlMMJ%{1*?S;S-Z;7X5g02d$v$^
zply8teNl8*#I=NpCh4&nTw<d6xX@T#GA<0Rd{C$lwvy-Y#ArYahH(azisO@nGcbWi
z4^O=qLn_++GH<uT=DsfDzMcZZx<*{Gw<+!mFiNMHT4Wnjv$S*$uyyDoG#g5ju2=j;
zJSehb#`(PF@g6>>{!Q#mPxiVxvq+Xwh6S>0bng&`ZhD-RE6P<L$vJ}A_)o>@Q{mVP
zFXBTl)_C3_y#Kt>O}dE>IV+I?BS(k!{s_S93opVj#t8SpQM^|ksGh!$QIw=x$?Pr}
zH!XQ{)bI^u3kKQKzt-?&CD__T9a2lTk+-*kLk|MC$a{^!vo!B^%e%UiS2S{>mAm<%
zn1eOj#`rbq$aa#-v>2yN*h=xOpEq**wzR<;!-!y=q0AY_M@{L_Jf}x&DCK8I!Z<FU
zSxT$JGFI5xglnygky;T#Y=nZ<84|h=<*%3S{RtQz?H#`NzwEkx@6YWzx%ZcL9ozeB
zyXs7cp~vteyWf9Oo3SfKw5vTQy(M@7zRJ{?!uJwjwTaEJjZ~)l*>5o9<#<AE`#zJE
z^SzPU%sVOQ_(!eaG;;UEt@E|+wynq3x-HjtzJiR){fRx!?sx%jb+>KDGq{_(jGtO}
zZtGO7yM4zXyqnvxpm+23?wB194#_9(xQ~+0RPxN_K(O`EweHFK^maRL6Y`wAgX2)q
z946Wn`w)-8*5P4o_|v`q0Ac3I6tU}MjhS!I68(L9nZNv9ew`ztG#|fC^`BOoc|lRg
z^GMg<m8HL>Y5B9NR|z|wM&`Mv@>836y`J}QtCw%HVx^b64=Lrpxic;I6<5;(ui|}e
z<|F)Wy-jWA1G*kun|VLi9Y=+Nl(<8&HRleq?>?;O$?#HN?oh;vxthIv=GByN%i7Fi
zxq4@Qi5&X-TKLPK1*3BB_yjNJKF$waqG#>1=%wJ>@dh5|)UMjh8$V6a8LcFJ>)mTJ
z&(r&-^Gcat%)_peCwS8AroYp|-%Wk)odQCsV#{$VPnB)i);rprW^J9UakQV58ND+%
zTAki>ZRQ}QLEyESw(gcp+@krr1BK58eiqWX=MON|*nCXvCnD`Pv!so2_DUGu=5>i*
z+y3lNmW8DtE2|-2K9utDOu`wAyBsQZkz{w`D&BlLSETrrtX+HvG6s`qhWuZ&{MCb%
zpJN@DQ)8C!#HGT;hPz<jM&2(OA4$?<80E-gTM=bVvKp=15zk6~w(}^xVD!27ALpev
z{JovxtYnXoTwco#{62~9NBv*6`VDI%j<3<$boO4R2t**0B7>Mvw+SPAi{5PO)P4TQ
zU~x51GnQ;ZX08h>4s;1GccreccwIWiYO@#>+A-EeMX$qQvQD*nbxX=G0~Fg{y6`Br
zo6mtdg*lu9IaXsGG<1TdIru5$*T21IB~fLc=E3<BPQW4KkGb2cpR`AB>=XN*k8j6|
zpX!Bv{Dt`WeDyS5{7f(O<1fVE=Not9#V_<iKmI}-e}43Sy!e$~=*M4Z3P9$l*_`rK
zr-i90gpA+jOUZ@D%f#dkA`hJ-Hd(7y?GnDy*FB09TB~-5g%_S{*>|CpK$6g8)oj(j
z7Rv5a7nRi_4ll~=VPUJ3fJMo$I5a^^%3B5QVBg5sNoT6!<uOKSM>Q(H>nwWbb`CT8
z&bO=$wo54M>w-;DR=wHg0@#*1vT+MBSU0zma761AP!ZIGSevj3Tx4k^wj0x1F+Eb5
zMf$i6w9soV9CnD-sIBTKBKN6$Twiz)FUA^G+1+HfCnftfEsS!@xI^RgeOjTJEVvT*
zjK3roKGCJ!oHwjstAIJlV7ICkUM|`@pPxeh@;2KUwP{PF?9-?)+QfcbcO=MKcNYlv
zmWvBZ9u3L&7$*C8*Lv`q){i(AkpkF-tb3BL5VABLl+Wcc!nh6d-D_#S!^wA|%U2D_
zR~FD~u~aoeEd{^o4fBu1os#m5Z&*Zj>{u%VP!`4nkIw4sH@G2S`gC-D;t|CG<>IiR
zj`EJyr?)lgg%e}-Zeayh&pjCDPNNmz4~>J%K1Wc;BDt=Bj}bFeB$viTVxpR#Yf0}5
zZe|I?-Q0T}BQl=a^}?bLtI-1~`&$NodT;WX#}_SYCdYfH*V0pG1h*E*0v8c2J#15+
zq9wDk-3%|)|3GRzyPN&q-G1+3zxU*K;U{psf}a&MXTWGDJg2$X&V~KcBKh!4K)Px2
z;mwh%erx?bQk%K*YNV4FnM`r1Zu@q-g4<mu@1VgFK>n})6!i7R{{F9F$OWx=Yq`w7
zuDFrE7xMn^`Ma_5=AKJ|wV4-QjkxtBZYA!hceXsXx3@O)21#WnawWyr^!Fl9`A_*@
zLoOGkWtgVFx$vj^9s;90lKS@@Qp$h&ezFj>Rv##6X$(s*>vEQkv<FeCBqyyc-gk~#
z89U*gn>$P`#*&}w{&vm_;2YAy+?q8Ed$UqoNCl)}q~x15iE(0DC#h@Jn4SW4A|8xv
z^@FBp_LC(Yj{8(O!RY(oog2<f(p89Np=w(n-3Ay@kZFy5_Yq!o*cG~jlRAuLEK#S@
z`)MRay~$eoR8nD7?59tMR8F9t&o?ER#^nyL5B;%@y`3%YpqbG5bxM8Tv9=1Hk%UNI
zHgPdp3$8Ymn6zTkweb9QzCi=R9J#r{B<wudJ_uq}rE@uUSPin>BK$F`BmHeHrRiOd
z_zQVUI4_LV`nts0>$7G=d^o9PLb*NcR!4?fp&Co>&0_?ol=A|5#pPn_jo~*OkNXgq
z%Ka-z7kM)({+{4RILLkqSF5BCFrJw#jDw=l{i9=48A2za6!7yGE21@PqtU~H{!V!N
zPnEH-3mIE7_r17E=HAH_uP68BQn&66cyqb?`}WO|CU+<C!gbW1^<3`WJe0c=i+TJ5
z<;6<q!3Lbm-Ip-IqxrVJtfsqpLjfi@KdlhFr8oaE@cmHVuQrhk@~JCKa@0E!!_*%B
z%9_s+iqk_8y*FdLYqN{?Ycw68BuD%qR1#V@sCm2zSzx{)YW^4wT*0*&jA=V+6q4Er
z6wu_cQDVy?+c+{qFVHxZzg?Hu@b;J5!XClYEWC_tYSJ$CPz9$-?99bDDxhk*pqA>`
zXRVrEX!o&_AHpqr(rhCeJ-aOPBg5NpK7#(EA1f_MA4YzbFt1}tz~-KGDjUGxdw3jc
zbdIVuV#yaB$#jTXl@jT-Q22}X3pqYm38d$!#Nl`<-lOZ16~R!>kI;iRqK`41{6w%I
zUAuD@g7po}Rr-Lsi!5_m(MRsuIemoMTQS%Pqb1lY=|7S-UVdm}lA;RRI6YG<+hnpU
zzALblz*v9b-!u*yI043auLzz#Y7kUHuYL?2wnx4x2V>MKKAhJok%xF&9*hCQfHZ+(
z!~$iKRVZj%<Ty`7j<0S{ti}>xOy-ZW;O|7myNTj%r6sBj7<loi-9d!bfP(_y?Qosc
z3C%Xf)8nmGm<_aBlMCOZCB4;_G=X7!p8PE}aCOpJ-8#q{*x|NgUw8xe-w`}oi`Z~a
z4+|~PR{M})#Jn+#a}{N`NA|DI8Blv2jG?tI9IqRJ=1$UV%s(OSo&3CuKN)`Ke4@*J
zn3KjJncwA{s>8f8taB-CotOTGUWTir^FR=7VvU$Jq5a^;#C$iVXYs1y8@kF67Lk8M
zx<d)A^{o8J{nY5*xE$xtHIqQ|heT7sA$u)*J4x9^{8YTIXin-JpI*iq$4Ko$2IboQ
zBWPp1nLS=#JdU4sWjYiCfoUSx^&GJeckbST4$WP*-r(}scG;$iiV58MoJyLhby4s3
z%Cn9<+F6;6hNTvHT9xTMd#kc0zt!=f`Aw43e<?>o_IO$GSj*mF%{pI|)UtODA7K0c
z1;N`~7%-S*KeLIz@QqE>@WGL-X){N*_<(ev-mf_sd4~o~`kLI+M(}hW9B`{&Do!kX
z-(7#{0uM)Y=I0KI&R2+nJK1%5{%pIhncr>KwewH0>$>@??7DvbEp|P4{v&qXFpnP!
zzV9~Yf9f|Q^9Vyq8J(Z>o3Z)SZ^q}3^P7qJv6kgoIX~k!tLBgPo7Vg(esj?Lef*|9
zf4<*L&OgC#R?k1*Z#wgD@SCamtNmtr{tJGyX8vpR24Jk6|D)fmn_ruevQH}*&V)}6
zpmW;{*GZW4A|nS|({9i4TWr$6b3k#iS3w^hxF4?4gyU-TUcSc%E%Wm-8{fZErTyRY
zTT35Gor6DHf_8P{zRLJN+WuD2H(~p`&V1&35tZn9wBu)LN7!^)X8$|x58Km7A5MG5
z8_r2}$kO)2tL$0*R+U#RhEXlsORjdUj^`-f6R+_`k%fvqagD@Au_x}xl9=#7K1|OQ
z&i+Dq&bK79{@nSD@9>TGjzsuD2Aq-yZVqy@sYwvgC3||DKpAfmWvSRF_*9Td#Zql-
z6@4!u96m9W4xo`Gd+&b)od4n8`vugy5!rmv-g|eIuUQ0?7QMPklGT;XcHd(cZhMEs
z3(pW@>|qkxwwooJ?bcOzgA(z{nZO?mi!O^(ci<_-{=148?!W8lM)u!X<L3h<-)cne
zh@;O@c6tAue5R=UyZ7IP=L7fO9Zp{fF?1m}<=ZW3bx1AOztOH^ek#I0%gP(=jqcyQ
z&%XAe;XeB;?f$K;x6D2P=a=j+K}*($%sqBhe;%;kUbP*BW%t{+Ew|r39E2sNQrdM_
zA6G2q`!8%f=X?0&ZYU4s#D+44wGxU(!Km@8`T--*Y3DqeP~Ll|e{Dr}z~1|gu=l>D
z%Rc+`mNmB9zKqYE8`*t-PZ+Crq24Qp_zj*~3NF3;{`;RqLpQenUX6~SY@cKM`hq6G
z2UvtJ+JDyoiu+<l*`JuS6I&7(L)TV3IFHS4CX{2gCtgrt>|ng)c=G<z`K-$F-E#Kg
zdyan$<1|ND73vGs%5mGJ+|cV2PG06Xak%rnc|8SKi@kXjJKURB-CkAtAb82rz4_Q!
zP~eRkT;dJ3_|Tq#6eb7gdLIq-6zh|cu6NDwI~F6+hYa4$N!+WZ8{_ba6u|AL??XmO
z($@n{NdcTEzhRhsFLHM*clxHqsZ*Z%=3%NzUKvV$%P^TDJa3Y|b(pHmt3&3uEl!>c
z$xEQilNUqhz$NM1hh<RVx=_SBhN*Xp;<c8VzH^x9eOuC7w@Z5Ke<t4n`fax%=$7-n
z+wuhi0@0?*`<2mMcV(%(_bn|?x+^bls+8?t%EcM2tGuSg1L>|VWqf}*V_t92zfYF(
z-B3Hq`3`7@;KNxIa!RLE+y~0dF!+@3I?K1Nl<$KF<WoETWHgCO?&1Exdn{wnsO9Yl
z`O1iS@6vp#*Ym9{6?b(xo5A<LZ_nZOG^T?yyW`=w8wDmyPu~a}H<s=`5q&<&xqEKh
zd69fvv30cCH&QR=vDojuK0A{YrZ2Vn<FHD(^pOnp9FCh(-xHRp&+UZDa1O<`FmKkf
zhU`MilVfgobRa&wyeo|soO3VQo6*)oS@(zuN^Wa11AZ6nxBNHkXvQeR=Z^GUc_#_h
z<<nzRaQ?>V8(5jz7r|QWBXz(Vid{Rb<L9mOGTm2X*_J1cP5}n?S{Yjhwx6M}7Td_n
z!GZ}AK~t*Z-4d={4b7rs_G{dR%_xl<DPn(@mwCN#K5-d1{oCK)=(kO}c=<Li#V2RY
zCsUbTVwrtElq6TPvsp<mw*-94{FOP8Il64?)K{7jYMy^`nE!9f<X4*ImtN$1wEYjj
zUl@TWg9y`dxf7_GBNz>(p^vx~ysKPzN@BAuq&9_yY#&7o5?;jJRf7uGs7Lp7PxQ16
zo|M>WK#+Sgw73f&0GESUWfeZ{&@*y2Ypv(jCOO&UEYq?f5-WEtyH*>&$Q*hyZ<d29
zcfozmGijLV%CYQ=`+9*^^)HNn%j9SGMXNr}`)W(TgX2@{9ct2tA-xh^PX0ey|MrC!
zJAj1JRGv^q>$8>acrWgb8m|~j8XfnzRcUNUe=gNio#hAZ8bi$NHq#@JKI8_afzSTw
zUFk2C!&~C96M~~oHO<f;TzPty^hM$k--Ql}Ee&{dEqWU8{mI}fyDULO6SRi&9LUkQ
zjz^#DI~2iP)$ex6NX=`QsN<qb-RSk20~!X)n4DTj#Xa7{^MxUvoR?=`vYzmc_^R&F
zw)*z2%^mF1y4@s30-}kXUiO)WSl(&e9m(}X;T)B^qun;35NwGHJlb2yr|OIJ4=4(4
zQ~TI>{#aBd>1(w29&IW+ORbTSWoF$k4KA+xxRyHpT%vDD&Q<<wX=q#`%o_|Yl`%Oo
zIVu^HZaW`T$n#S0ztpZItoh|&sa@@~aZZZyJT91&!`vv1<WKAqB&hyc;X`{lnm^el
z0{&pk5t$SV!wG?Ht`YUGwh|74k9lKi12rbn8R?p*)IG)Z4bW`#Hp3x(uGRxP;}WwF
ze>BG~yHJ-Fb6_nxi*NqoH0@uAITLF^E<_*<b4W7YyR{dvh^!{6Xeivp*(llTo!psD
ztpiE%&Ry#`8#nrVHg)~g>ry+wyp7O<7S{&pJR<HZgTXsOS?qZDS%hHbNzyK>bLS99
zPGjgB1JV8Aa3&-7k`m5*l>MXR&Q=OL1YZOA`4y*3@zy#pm(sSy2?r2<V=UO#N7wOQ
z|KiTVXJOBSgMlHQ_WKRG59wXqPYw>Xq`$TYhvhei=Ql^_W{OuE^OT$EW^$1F#T-~n
zn*RzCb%KeD+!}DPGgFgxu8Jp}2jZf$dw5FFkykD{;>KmWUv$(jcv0Y@18tlayp=AK
zgE_w(qf7c7Sf=zANoC<5#HeSKS{=x%hqZqly7d1aw7=uXS@^2@*bwBmh9o8!OX};X
zgr>yN1nv92rO)r?MS<PdUx|p4DO<d=h0Pk;sEVlQarQUeRu(?WWsi?-+3&DF3x9Mq
z)*(^+*LGht!*f}q5qGk`SV8(OiRSsvWkj-z==}5hv!D!AnBZh%SQNW_#xmmW8S^h9
z(s8yyQxoJp|2nv>KZWDS4}u=bP{25JqS_p&z>&q*E79T9@9kbxf15349K;@M^PV@?
zZMK+?L;f5-1Jp)I?qfnUm@TcHnPOPGx19sD(KSAgYq<2EflT1@7nyIvR9B>4lg`i>
zP*a`-rf@=8<k;Emo^=if7FBoM1C<qe6s@7GjZ9J+U(2W(!9^TBD$f`9HKwJb@VGE~
z8peguQvfbI&v1N`#`%p6aHk{T*Xg0J;SK=XIap!cDC(f^hm%m8O?c;<KLQ<_Hw?{w
zo|emAU?*e$*%p>u(w^~|zIa~t6`A10eet~f-umo5)*3&)Z5|IPFK2i|5(FkZb*cM}
zB^sQ-g%lVsd<cMyi9(WgEEOcO8~1KnMS`CuMLId=IhL?+;nAA=)QNru_ff;=hXYIY
z=;8DEdVY*Oo3EHX!&kfYsy}?bP|uIGXYtr<z-{(Oew;a%&dWMT3zrINbAIB-Z9|R=
zgeFFed06?i4ch&ft%MQujZNA^l?qlY_D=lVnLn7Z{nOa`D|dg>d<q@qv5W3S8nkG3
zZ-;W7`vO0pM*U(zsy=6ZlQz|}b04&qL)051399e7ueq%JO~byq#J*8_I--Q$An)qW
zQ?z27HrPn@-Y<Ra329xQM7<MCu3h+dz8H_2o{C>l9wibe{H^RQI7DGYq+;+FxQjg^
z1D^s4O{(#kYV=1zh1;=cZolr<`jVYkW@|gywQ6!6*p2vYtB~8q);4yICsw0;xv945
zoX7}f?oJ}M)a%mPVmy<@0=jN82$DeyWN)c(4C_q#N}dSX%DH`wkLuYL?)bDDm5HJt
zPZ^I$jMHIXUP-Kj?6bot)28+au3@9&0pxFH*9h2Nl&sCZsJo<*eZjC2*J*uZ*mJP)
zT|+stCpmVU$a;o{Bs!KRtPmc0>I3!qbSL{VC5+TMm*dpz^0Bzy$o^===I;#$)45px
z$xzM{g$k8}VbO&g;>4TW7-+*NV<;^bPH)BZX5p4L_>Bs-;?l;3f1nAlXp6eSi;_3_
zOq$G4cc~=%vq8l%8PNboMZI5UF9sy|r!g8|M>uI3;KMaUHM)v?iD0f`dIcA$cSh%)
zMjBCRHN%O&L7Q{-pa}(tM(01vw6^dw2G*X^ENF7+==`zg=f^=&C){?(4mB{Wc69)x
zGy4+U<`s#y%v?pUDur3DlYL1&S+!-$I>xPRYG0snOAo2%lkC32L$v>PjQ(2o5zsLI
zUaGETe-%b*doa-L-qn)oo>bq1#1N7ip47c-FwDX(E2RRsM(dzx3TG0q5blqR+NT;T
z;r_U2t?V!a%Tvi&5zYcE+5G?o+{ODZEaAiWLfA5i_MeVN(mi-`XbwSbIuOl0oIlM0
zgI*2(R%H(k0gKdX4ll=?rQFyP#GQrj=|O$HLUxb9jLAa<AEyTY=A(vf*?daW$=kB|
ze$m0+mTGh+UoFC`v7fUK!0q=B#I2H+;8sc3kK5IqAv~*RhqzsRqT^P3?Oz3+ZMNPC
z)CXQMJh&hyxVbl}okFujesKIydyv?VnP9>@SyN~RnB<ShSKTSoly*AVN-=`ot?(oo
z)(cBtttWF*nevPkDZN(3)u~-v5=2SdF~&yYTOugexX;}|lTj`%AoVF5-&P4XJNdL#
z-L(pc>_gUK$DZsg$K)CrEV}&D*;Y%Y^8<eC=ATJZ6W=iS4I^y+b87l8Y^)^!u7>*9
zu11;4u(1nYD@$Q4x5Rj0U$zie7`=j9N`(BI&551Ss4731OPYcjs*_aYYt|bB58XM6
zQ@g-f*jSfbCK<J+x?__y7}VBLzY?_W<gl-GTVYFo2Ki0y@%)zg+4Du_(Ao4Se&l><
zkbMmf;8SC5;k9Ti%FG5fR5)WP27%!EB=z8cFNe$O`N4Aa5S?xzCn~Qn$$liB(_4tv
zxkAd58`-x>-q`R^sq1#)+C?iD15eW+d{?Id8ritf*Ife3%ekjblN|Id%Y!y64rRvP
zI$jrLuJbtx-NvyC`5d((I)rw8*5&dbgJKMz1~{^_Q7SiNlTYJFqhM+NC+#lsLj|#Y
zW8|BS6<<q6+QGNBZYuRvbYbx=eKlM|jn41Y8=nkBTdRZx(Z~wTI|sn9;*mu;w)8VJ
z2EbLfbXrT{e*ThgR1I_O$gsU0yClFI{G-tII-#tm>{;SxEYtNsn#4-i^C*XTYPm#U
zlfxuV2AF6Gei=2KmVE8ui^g2xWebwa2;tVzSSy@XDQhiPqA)7y=im-P<5oVbgkRPa
z(5Q*A(`wHzHET^9-5t@HzUqjn<SHgM8=KwLwa#=FShC0d%<YJ0qSd#Es^aD9bJ-`9
z%7r0KE-rV<%Vh^tB^s-8UXqv|w5hg+Ls!kneB!NIfmZET&_4~iXAs>m+Y17j(LMoa
zhQ6gl?WWu{5<i6FD%p&<*yN)^^c1`wb&o`(vn4Xy4N-Tr@YVBc4L_`&hrW8MW?yY>
znhLm?x@siuPI}}LYe8UOXQ+!scNMdD9<hE4kO^E99!L1{vU3-n$hre#p$_-X3+qLt
z>UW?DeuUf$j%+8li9Qy=me`5VQLD!gFp|vH=Z|Oo->c3a%w?44y%#_Yz3Se1E@LdK
zjMvJaTf@Bl5e=@Ho&@;>r8EW!Q?82GbZqGT?7`MBji(9VvN<E?EkTeI%%|~gpn0>B
zzMR&I^-I)+p&k|0e5t+}X<G~4*$LXCOeU2gY9nZB_K2!}<eudPh8#8q+`irGv^JVX
zoRL*9-?;n0`7`KT?@*r`WX=@6IT^kkTiC;JtUt)V=)v4a$c$j_&g4sv;Flb*QMq=~
z!$1x5Ord*SwEtMwu#>@p*3}Y!{$#qI>>Fx7M5zS@2K^_HZSYjo7}0((>BHU%w|FyH
zIc$<mejGKT&IX13aUIN2T*quYWS>@f98ZX?@viLQ3}U5&p{YmHK?;ypngAv=n3%7b
zai@(k4(Jl5uIeQHz1u@*5+%^K?rOfFH)<9WWB7`$yK!-~Zjm<IH7u=7EXWdY8kDnP
zhc17G30`cf{d%TK>jCjvO3l7mHt5*mhkljZH(~IlYlX+9P#lWg##nDAKrtSGsL1|%
z;p5;jyN+SKkz-zqDw16P>HJ)w;X(ZT&*~T7uB{QR{3shr#6b5ObJN4_qK6*^Jkyh0
z$aSUQga1@%i^b&}>7885c2e=H_QCQ-qonQ_sgPkelGeJhN`pOIHYY&x8espbs-kE!
z9;O5Tq-WV6qvjf!ef$2^HFp!IIh>Fv!A+cCaGIEi{^2aA3E92vCViD)^0olkG{ubd
zjt;>>S0Q)fs6G1x_z`Oi#>>nGR(~`5Brj?Kh!89EBi9=%^kT{uTK+7U1C6eXPP|J_
zqj7Z03W)VS{4X+%uyHZ-QD8hC3W@679e!T^9Ux}8Kb$bg9f6efmy+fB{>V0?MdGfL
zg_bWPS^t>7|LIk7@!u%tre0Ow-}5&&N(J?q!>$(Kmjd{+_<Pm=;QA@PUHbRlQd;?b
zX}<rjKmSj0_rLYM@R;LyxvT2=-~1El`$0nul84^FpK{8d!>*HMHwUdQ`zN{Yru<#s
z_wsebL|u)h#(O8^$4H#jkT^Zw+f+(~6?@`p&S-J$-2^iGv_b;&yKl?=4wl5m0}nWn
z3lEyVUJa}pVK0cpCn7U&Ims`#@yl)fay!4A?3dg7<qm#1MVGScvF^CrhBhfX|6~5{
z%7t~@TVmXNtiHy$d52xAgX8R48ys)f`ry`fZ46G}3TKi$0XGhEhx-p(8La$s<7MS3
zodq}&c8xgTOV>g-y7Vl7at+iJ$u`yKC)9C}@!YsC(6VFUypE#25H(BeynV>Al<JZ~
zeR9lnq`_RtGNB@6f?DO?7xM{0n^^WXPY7PnCc>64I=H@&pe<l^?hxWdHmu4L9Pz2E
z2;CFP(IG1B2ot+|(FcamzR($Ljn$`2k(z&8qLF;{LfWkm6#!v&ui%y@N^H#4lQ-S%
zn#klpvu~wl+pz{%+Pb)}SG!+NM`Wi8+oCUy+_{@HY<%2Hn$Ou9VXN-we$v$6Gr;{@
z$sf6IH2le%TQm_}$t{}J4Vot=t&NGvT%lX7z4QWN?<~ju<RB1Rkdiku8w+t?7jx`q
zv>NqpH$*&mx+M?{QSAoV<8BaaZU)r>iw{L;P(_<I7GCs?{*GX3U+w)Ma)TI<mF4_g
z<0ZSLWCc$2hG(az>{gZ<vdr<2pXe`>kbQrQ&}##|uV1IrA{WaB6QD}RM{0vhk*q^Q
zb4o>vzKFs^lEJN+ljMVkn6b{@yyOFo>A0`<m+i2PF6DwOCqN@-EY`fTxG%a$()*|l
zr*a$i8Y_{+p^k9o-73$O8oIS?#{ta+nMH8a8)zo|c?6~1nw0@tF+MI!p4CJN(cCj2
zr&2>DW9o#mAFPb~YK}FJP&aX3P3H7uwPXfv{olJ&slBpyQ78l*F0#c)I2oIy$KwjE
zP1rDknE7&{A+(5XwHnzo0W-&l#sm^{G-WgtTQ{?eIYm^lR>moL($0muBUKZ$Iq!23
z#G;4c?yJ2TG7QxrelhKIS{gq+fENi2l`l4SEX^FqjrAU!JCGZq4qiFShe8-1n$kgf
z8=G`2)$H5Hdc7r|!lR75q(~7#jP;rxZM0ZV#^$<gjnPK-GR|uku7GTf8<tntQbqMm
zk7EuzjZ(PW(Jyz>WeScUy@lx>{=4&wO7i{Ti@@7jhbO3A8r@Ad?8Q<*Mf*p`abnrb
zeOM~ZnW-&p3dBGZdgaXY?jnD+Wf^9w^^Y98t=cv`r+yn!{x{ENt))EE6BK8&mdwSQ
z&KnMH!5Iekow?OwL~_clxZ1kEG%6UxtPO2U*pdG*>{XT!UGo9qrHEEl){N~r^p)s5
zwcvWOC63VTdYLcs_1&R-chhJ`u+~iWSZ8A*S<dItE{(ymYa{n;<XTS29>`<S`tUt|
zjXeJ%??u?teUBNm(5KdH{<~G-yXXKvOIC(-C@NoFp6A7vQR$uQ#6n+bBHlcj7<svv
zQ|O_R=*^UIu+c9=b*X<N*k<9pXu|y)`PL|+5`#RvbCvo?WR8sJz(b{y3<G)L@JWy)
z^H%qLWR8endg2QbZs2s`#VKet7JkYP-UMVGbOzY1EnI2|b@s;H2U5Kq4oFJBruJ_T
z><hcPe7t>zs$9QRiJs28uHJRGx~?iV$H$mMz$Gbul$udknT_i3bGCjH&**Ng<|vYN
zscRm0@G#~|C6fj#ZpO+oVuU$-Bx+Q0eTBQIy=(5GHn$Y@F?!qR=to84FImCq6Z#Nc
zOEhCNVj$u3BLF<+a5Nm?hJ~yi_m(ymZUHFbtDOU(ZB<;+C1}T^{jPtmZyvAhJ%^d!
zVkXdg);*{rdVM6vqmhuBoy*O0<yrTyWw+4tRQ`OnI;vHhdO*0D&TrQG&D2>_yB^%G
zV*tQ*JYEI(e|f9^;ImL-aXss7#RhC>;$zR7wC+~+VDJGkdo6*@ApF*-=}NSE*}f~+
zjk`^v(eIRXsbY?u&T!^(7r)%qFaO||yXmreaCd*Yhc2vSuA`G-^olw5cYnMn=Gfo+
z_2QUg@1u`xuR{ZaiE4EIS!iGveh%T_zF1}Z{5m@SYNh)QQQ{ykjXBmCJV657qL^bB
zXkIY1m>EzWb4)3vm}8fi;AbuA+pDwqjG1;u$nuoCX>sW(oouH)gs5RxaF#QV8nz7P
zCkH~g^LW?!hInDB$U0EtRkr9KcD{W;dWaV$@Iroc#1OzC#+&eCs>LFOY67yW?r-St
z$*juD@Aso%`puHGjioZ~%)2=vjY<ZTaSW3Z=a=i<RXf(}%_02AfN`H8Ef1;oM0;8$
z43+h2b}p~SEQo>@fUuoL9u}#HxS|GU4<p~e(Au|O-=F!csF$9$EaxeUh<%d%OuL5V
zq1F=m$iq5W0B|qFa%G>hLi}E5<`I8GTqMpOsGV%gHjB_>ZlE2EW+_+!BFwOdMX1B^
zkHDe9ECw!5F6^WdF81-H3O^nsEC6&Z)rm<dtNgntYbATKWsN;}Pu>&{J8}s{6b*j3
z8f?S5uU{3Sa02JTyJe4LPWWPbl_|&$?`?(aK~@X-DWF0ngb+R9o5u-^(*91VsPr@@
z9YNx8dgAO!miKysVD&Iv_Xs=KYX!~4oZQe-y6~&WC>vP29vm<j0)IWi$_&x5N?+c#
z^d+%VHds)#Rox~foEl2(Y8P8ERHT3qaZF}b8c&X?6&47rfCj4F>$Q0ttWs@XWTh2K
zRgAC=LuWJ^X8N0Z4?pFK6?x^riq+EY2yiLv%A-n<D4<F~qF)v<Mm-K*4*M{Vq>@|Y
z4Y#e#g^ae^+3J#zXK}TPR@spmj{`PP>jY&byVx7*5xz<d{pqk3iX&=H);9shQ^=1@
zWI;}fqABMhFUR9ymCAW#sT_iDQ4ZXS>lpp>m>f-GH*a{!nrIJh9X!;zP;!W77{V7?
zyr=et)`rbAGz_uxsXKdu0pM}Cuq*N?Paz-|$7kIVHCqxfZwRRE*F7F!4>j2WMSxH*
z8_FYr^!&U7enc$_Q4&U&Yrswm?HFrpaOVvozN7QTL3~I*2T(w%C-Qh}a@mlp@=W&M
z3p`i4ZYK~blVK1d^IrDzd^s^BX8d35XfGwCjaXPa3o(Bn>8T7{mjP_tC)rnx;2f_>
zmI<d!Qd$dWI=P4DqQt^77Ulr8%&3Vy%4#H{In3~v4=g5y9A2Z-Bz>Ob+h9vTw<+ob
zl3T%{jCrQu&Nz@5RU^Hn*h}2kjM*55XCvOM0+RJewGeKKA|%51Pzd6q77RgxTlyt7
zFBNcC;?6bcohVQHi(&KpS!!jgPQ*|-^=M&kc?BsVa@aPc7>paD{p~j4qDS_$M=^M4
zjrvM7#4bpqw|oW4VBvr>sOT;GbNyTreI1T*xXsBH&Wl4hk{>u7E@>eI-*IhcSd8c4
zwMJc&GR9#rh1N0Yzi=Vt;jjp%xvkMGylZMQD*VvJ&FM3fbiF!wmI^)Cm9T;tq#?N|
zi%BL)*D2!`GNNv@AXhiny<s=Rl6ftpF?g0_A`1}~q60ap)UvaMM1LqpuaOI<?Ed~v
zJyjn(tt3?mu<V@jmx3UBfKn(-uT91t`a#2*-$PjOS`fMqH63}*=U7dgXkkL2tL8F+
zt`vl_*xpw?niAr^PQR1`UF8$#OsFb-1qj%f=T_y}0}W8O$@u7StV+5_vacHh36b80
zOqvlq40WiSdEmq_w<>a?35Nms_N5d5^#)L6lr3MT%c^cmzHIo!B7Pn#SDlowFor>|
zShf=xFKk%;Bwf%VJCSm}PLXc~V`*tV?Uf&4V_}I3Vr}u+CL0!owTgI8HF_VTYNNiJ
z_I#nwvIl|xaiSZEd)R8Qh;Rp;)5nD&lZIR~yO#;*hLdI<2up9Ka?$<wl+(;IwXj+H
zf84zZoLoh<KYnv>_w8+Fn9fYPCkxX9n0T3<fe=uJh!_xwyR0&ks0k1S!g8S}ET-up
zf-EA71Gs<zB?<`cE8vQ_J$H<_pb~L=sNnkaJy-aBzvoolrKg7^!2A6FpBL!4_ttXi
z)TvXaPMxYcrT0Ri3epMWE*iZUN?6KQUt-D*;cI{hMg=l#PMCFMH#p17nY-z%py>km
z<lS`a_VFe;EhlI0KqF6vCju;vu(4C*t=~qG1MRu;a$6dFZ0J4!KlnX4(~gfP;X@C8
z36sm#3aAwAH^pJDNu>coPZZUCnSUvY4z32?CO^NW&&j@oxO1tq3w9><@+QTEsIYPY
zNGBk{TL6^l8Og53YxJ%Ie;5#^==ZSbX%QI&42)DRF<0&I_WRpRrrVi`XMK@;84`|S
z-#IfZtQ{VVLR4VXmaBqoH0~)CczYz`dHM}a&v0{#R=PjRuyZOHD%h9Qy(B`>T;XQ!
z)r~s}*IxouPxgA5lL)mQSXBPNrmEls!hcDdsp(`c-$f_c6?yc|w=SH5m7QI5pea|B
z#n5$(9z<H`pj->$NLN{gi=uVNdy!UKW{R5jD5T{a+n(l&rrN)brrId4x{U5D&DCxY
zGrf&}A-W-H{wULN_-=!YZykg3+)V4`c+k%4iZj!vi!MO7taIlCe;2cl+hh`6;ml`v
z4JZg#AYI!48|?cJruhkOzp(pLvd$iXT(KfBpN8;Y228if!rMXU{+6r*N|umK@~^;i
z&l&kaE#d+ugb<|NT`;pdD*1t3_(}ZCUKQ*?-7kg>T6TaPgHAy}4K052;3pMXMaOy;
zp2LctUz->E8REV;D(v-sTrILtyl9o`eR4@v$u2AZiLH?veksg2lN%v>c@$?0xk&8x
zo^vMh^B+t*t5GF9UZIay>f=@VSfh`%`Z!J>$MX>_bVEaUCjhsOWoWiF&Ii`9C*+xJ
zt>Sa?WO#IK5wzMkJm*p^{;4lt%AK5Kc~S>hK0iYAq<Z-H7(b*w`1mM4SgUA%p7xi>
zhZrjbPQWNljh$a@KE$f1hv{Q++Gr-Eyw7>LSxeS5PjDTX4K;HenIPRJ<09W*sz7$|
z{S_}Bt1WeZr+1~*O<iY2To+lxnzvU^a-{;>CP9aI813XlkgNe(&agkqxV;3rZ(aDg
zDNWOqHfgdk2E?#!Rv_~b*x^}dL6DpY!?W=YO_|BVyRd3yUhkAwHlIIv86-zZ{1tZL
z?9x>_v=bY&9?tr0LDc|_3yE%%!FvBQ^a8o259b;5UMlXP#E^=^_<9GOdD@MS5<x>?
z1rdDO2<%AI`}*+Y34gJfV`R;ibCvL`2!N)@VzCogF7U(VyK-J{@WTL`*K0eSyk6nQ
zDKY({^6bqJXoh_)l;K2PHhIG3fCoLm@EetQm<ZDM`r+QdH-QG-a1N|jbi(*y{26lf
zm07WQQt$Zt5IO;lrvWwfXGqV6DSw901kmhu-U9>J6#!ibFUQ}>JJ1H&x0=%PwUKTF
z$auzNuC_wPE0IO|8<mNuISb(%5guH`K1+c^9*2kHy~{<ryeC3QGR$O@Q^+XB2L5el
z=nqc!RahI~`1)M5`GGqADFBgQO_2~y%BApBG8UHkKM8!36m}(%4rN!OnRTu5`G7ad
zwn$;`1$QBL68jR7Hy7e1nr#M9?Spfiq1~JkappMrJe0AQmLa@9+UGVEc~T}k4G7nv
zplJV*pmU@S;=y)?_iejJWRA1{n3h4h9E>uedlyA;T#p(&fqNH|4mC~ydKmH7@sVx4
z8V`{Jv{~=1{L2)^Hl5tp++^BRxM?$jl5qMk>k<vq3+@1>#+90kkqZI;HfiHpSHd~f
zok*7QDYgjdR!BNsLx{y#z<t%Sf=Ii@Ql!Ha1N{x@pa69CK_qSk+k6lu{9D6+b^4wf
z9nYcb#rHETxSQMOxGfB`neG0PTX#r~9z%}LCCCxcV;{l4rk6-lWc$J0?erinNk3Di
z#_{LcH5IdUD?9;&@%4ULH(Vzl{{S2`!0Vu0=%xbF>_os?W@#qkC`GmE<e!lo9+bOD
z==2RBX3k@F$tSM>A&I*UiSvcY<MC<y&>!Lk2XGM*60P+b<ug}KznO8EVc`-W3JDbP
zRSq~xeBw@nejDaCXXN38NCKb68oL4Lh3i{*NI^muGgNh%jFi1Z<qRWvyoCphOxYPZ
z(=kX}nV#u@honkX4)ox(7jT3wnVHvB$8zel(DX1<2;uZfIqOY`Jrm+>1^|uXe3;jf
z?F;%xy1SfLDS|vF0v)#}*E*HYOzR{*vaOTx80hg=K>^}eHQr-9*1$Ku_^auvbbCG6
z`flRIAx&S#e&R?pd=eE*CXLM6&v7_Z>G8!8RG*Kx<abWK3prh9FgLNAIXT><!%zc@
zayi>tPb|xs)+vguAe|AU%Q={;VA_#Y8l=#aSxuR$9#Z9zy5RKW#1a0GGpIvyH{7;&
zPo9ra3keGL6}FBh%c)}b5Zpj>EFh68SelVfJ?GH}evx*D(Ue6SUpZVdN8j_EGZ1h5
z<dEQy9uOl2uor%xO^GuIiM;9=2bvAbhK3HGHI?x9T0RQ^2QV;v5LyZB2~3r%;BIXn
zVUo<=DN}GZqHL`9QBPpmFfmKnQVUzQ+ayVo9&^+#lJuC<lNCBay<k=;K5udIGI@CI
z$yajW_gELai0hw(A17b-r#yprNLGnQ{aCJ->G6AVJ$bDS_E|lk{@g*Pe9d^>QQO&W
zsEf>twatp4iaN@|0WV+L&bErm)mR4)9t2|S_6a>z+b)sjXFHJQ=R1(*7dw#VmphQ=
zS38jAKX)L_LpzY>*R!SJUJ#X^x{bk&WT)P{l89Ts#zrC!<$p5oV~!I=GY-m91Q&6S
zpZBrH$@|#MyxkG(d8bE(8k}O;z8eme;$I4{PV*C-d5_?U+cr7ZCqmr7<X(57!_*11
z?}P_HYZVitNyK?i8;sz$Ab4jO>vkB%BNoOm{6K`y<=8j8fR|=(#(iR*J9xrY4fI^|
zGJF|=YrS!Jha~F>fN3`42>3XG;ALRk-MV@BlgvF3=iUyas|6C$D<lIGpcLkOfyupV
zhk<_b58#6Y_@Tu6ju-oLDHd={v4EmAAnJHSxdxR57L|p93V2rUMzpw$CCXo#cz^OZ
zvVUZp7n^De!YIrjjG_#}S_vYol>ow~62RD0Vv()Hu2PBDIPgii)!dZexfOir(az!H
z8Ds8D=oIm1a1$Chkpq{{BtL~d)NS5Fod)_6wjBG@u=j{*63kM{^|}sRaFlZ9rrNIj
z=ud_>vfSVYgq}bR7KeW`2rQY7HsD}Ks=|YuB%!?6Jy9-p2Kd*SnzWbqOCZR03=-+#
zJq77A>M0StJQK@pV&|zLkBs93Kxq{e)B9OGrh#HE2gY-tY>J&M!@Ed2rZuGi{ekho
zwdvK)`An+|V;CwmHb#0iO4IFs(D>qoxr+EMFk5s{r>t`-%G}?=kU2;Kh9)lp7Fs}5
zDU9_IG&MYwaB(794W103M}fR_j(}Zcc;)gZHFV=HZ}i7@Lm+8CALTwr^w_8&QOwq$
zfYy#>n3uQ@TAMpoYn4Uf{g_^SS78;PtiFTs91F-Gx!vpOIc$>;uxxFU0pEBHbaRy;
z!?d}0zCj!Kn9wJDSY{SD`wNm9uL=Ivn3k@byV+g#OnK9B9bD1LyD6?+g`tlUJaAHP
zv!Di#&#jfiL(-2IpxgtbTyJ{tc;5XgePK>+dTlY@C+mr=yLTpREdqBX$qoQpM6LJu
z+~DzR^J}Bys!|sFpDhbXl7%64@-tobp~$y9K^s#qQ?@>M4V!K{jgS~P9y_&w1z;D}
zo*wzS&FJ|pQ|H=13J+#TA~F-N(`}o1(y!OaeeJ<6Xil8J<)h@U$IuP9IX>5#hGV}*
z|8z7x?s=08-u!WSn=Oy)tVEsz1y?L;Q>~N*sqXrIuIRKy4~L_1Zh(z!ZlS}~jny2q
z83u4FYUyFyT-)*!(kB3u{Z?Rh)ps{AT?5qiL<=G2!HisYA$o&~*<b~bKyQ!};wHVw
zCGz#N1%GqBm7vWtvDHKmP@RiurN6i`tuC65-!Uz9q05CImG-_XE*y-_!xKLWUy?d1
zo#4m_2k3ITM_@DEA$R401=)7=A$xQmFxgJ@!Elh^e8nbMo3OZJ@^Z3&<KyMch!5?+
z^iB4q>EJogsI-?-9&vs6IRg9f`e;saX^ZK2OC3z)yUTtmkk>xBzVA9m0Okt8#X6!!
z3r>0g*(ogI!F`H6<ra%#IVz5wNDxuVVX4_xbi1jxC+$uLYuoQecJ~|0j&RNhfBSS6
z;0D+>!g-C%mCSU_&iyiS&$QGx_y9O-=-1e(xqkJ@nE&IbA#@B9z!xpT^#;a$YGp1u
zlMhXABSwDNz8q<gvU%C6k;hYG(RkHaG<LI$y{>Zza6W`MF9`PF5aCxYKN~!tN9Fx$
z@?#+RF+cgCLjZV5?Pqt(7%(uonHJ%fk`gk#Zi}D4o%m|Uc=j0`-$wdePb_F*bd(;}
z!k9-g4)<C;mvvL$IE(Ma6<3*Hf9T%D`O-@k-}{gaDFxy^0LM(9<#6P!IeEXFna&la
z1r6gmAT|8Ty*=1mG<u(06bRYVUBJX1Vi|V$(Yx~4431sjhR!3v<xt|%53$LU?~p_D
zc_09<Gmf^wYR1#9q-P!Zo+muz8Ph0O6nQhaj}v}D)LBw4qo-{WzTY{odb;*YaZ4D}
z#g%(9bPm*M{zB7aw=qpFL*rRXt@1c+wTB5lweEzic3&h+*lJa0_!s%W7$PfvupiPG
zyQ9?^TxTD^TPg5nx78x=Gmtm!Oda`XYrh-M=iB_COQ~@|tgD4{(AL#ubFp%dmmy~p
z{Su=Ks`HTE#;1`~)Bh12eB*$oi?vB}gB$b<Y?Ui^*OwPUoI@*afHDQQT8=jgN7-`Y
zwZPN^1-Owd|5{jK|3rv5h!Ea{UVyX1>b~K#+vXM2eFGQ=?i+mTzCqWH*ExsX9{WlF
zy3Pw&H{BXm^szO}w_C$fVrpPDZn<aw?IQ0Uhzwg$DptgRVK#{&OT|u;*at_FvB9>~
zD|5P=j2w(pr{x0n0lLn8z~zOO&Y~0V7@g51Gw95H38E5TJnEPu0D7=Sxf!NtB{-^b
z00<nD9OY+ax1gSv*|%&er@7_yvh1aCw*hY)20{~zes)`>oKcd?W;!g9twOl-lZXmt
z?f-P=u#ZXC5Z&!u)b~YF-=zC@fnI8SkPR$H6d+DO^%8F4Tn-M!u179DhNpx0dQUEk
z?D2AWtlS@f1P}>(6awty#|Ye$5g7!XCFAi%%4Z=I^)pg~b58F4c(JxWODW<~0G5I~
z(or74MY>j2&Mv-0@WljWd|<UzCRC@uRp2@FA_&AHteKd0OyupS+6ue%(U+;pB5p2I
zP<(W$E)TBIZ}51151eqxUd2&@<S6?qu@0J@K5pxg#2yva847)`VbO7PYr$|4<wsW5
zW^}Cw6Wn+<QSmvKRRp~XH7i8wr(M^{JJ8{rmr5PwmH;gJO`ZTFaJU{<2H>!QE0*xC
z?3E|y$Ey?h)!lx03SyMX*q#}G(3gAt1gJ+e#D=FaJA{2DJRNUK${8FWO+@HXB9jPC
z9yL+6l11-bm1k*qPKZx3MHr4l4H-Zj?o%fjt~TQUc+z>9^40ng;O^lM<v;iQKG*T5
z_U(gp_l*dYGZX0KqgV#sgz=L-GyE=;l*%;KTyKrp>(3q?-4Vu}AxdZ3D-PFk$db6e
zfNn~0FK+`6KRgqE4a>@*Toi;gcbpCu)~wHUbB(`($q}-@hR_QSdGa%Wdj#PsqZE}v
z0GF!}UAcJSygQTE>0e(4Ohba7?o3U>hFs2GFDuoRGKv2mw3O%6bfNEF1x;_l3ufWn
zPb9!Gt%6N}R)YwYwfVB2r=R_-p0MIp4L<|gV`YBy60~hb&D<CUWm#T$@inN+kx3fK
zCb!W(C6AIyh=g?=*^gX`PQG!OWrb4aX})I5HOd?5M{DXnFeC0d&F5-Mlhk9oWQ2!z
zjDGp~s|@S5(a(Qs>6bP1%YuHSnjs+gYJN<=K1(?E;b($wM+x05?_@C*#btoHvms)&
z5KIO)v{-Uzr-QCH9xX76KJNd;2r28QMLg%?$7wpvNMz^w(n)tW@NRu<a!Q^{C$Era
zF!@e-4o!YUo&%Hj$g{UGik4_h;E#Ht%yIo-jzit?7%3B*)nptIVOP)T2~BJAKw8(~
zexDBb(M(RUOm%KKe$U6RezdpYMYtVh(v#9(?rk`dU+2r$^Sup6@#{+YTJCK)nqN1`
z*NC^_7=C?Jz6QMw$MWk7@-<r>hEU)d(d#e><BmE(y;SdUgOy-MsgIcxs(mDpw#VD>
zZR}8(T#T(`xM@Rkc)_8_7wco(SMYMvF5;S$E8A?53V!v0##yB79T8<0l<NHpOZDEy
zchcdYxax~sS3Y(}+j;8Je!AZro4OKGuvA|<_1bxS22*Ftb7<-uc@9jSE6+|eqOS5u
zlsPVCS~q~XdEH~TAQVpX|A?)?kcMYM#FpS~OO6pxw9fS60kwh0hPnHOLKf5Mp-q6H
zE<CE;+u&{Vtcy$nj`QgR1Kr#9M*?$69mfD%@R5X2ThWb+mFudxW0kX3FPo$A^kb*{
zN_KNDd#~>8V!cj4=@YCMj}D{xF_x%1uTp)lT&yO+Yp*bOcOfXF2huKr3i9Y3+<ajy
z0F<2SMqk@DFQ=*z4JX|HWK<)&mvOGM{Kc_8I)t1n4e!a#roP;4>dVchDZeDT4{eog
zciy!ar!Ce8%s$5<xiGYZ@70_UfsOu2HafT&cU;;hXb)RWST*cGpwF*`CCq;Iz-=`;
z!gLpE2j|DP2I3qK*L`o{-Q}FBb>(RzMcqcf3$NY~{X8?S^B<Y>R?VE(HPhY1Joa*w
z*_1Qr!Qtp2IDE+tfN4PVqeW)6AH@WJ$#@&q=?U`GPE;Q+C*hz`*8pfyE!DeViHSD3
z<OKIe(R_+m(I5KY-7q#ijHw(&D6Buu`$3!!<M%cEK7-%q%{#yCZ_N{YC%jHDY}n2|
ziKqRYfcH+nCc-=YK5o)8E}8FIe0TcoEN)MAdg9n#4;%JWmu2DIh%!6<$P?rNTmJUG
zzl5}%erF>5GW?$G)8fH4y$iqXeRpbKhIOhd!_c>e=AffYJdb`J9>VW`@Ov|U*WveJ
z{GRGC!nQw_VSg;k{%qN^J#R(YyYZXt*<J?=hjqb%ii3mo7)1VW{=SB4(H=3|^V^8K
zAHV<Y=WONM@Ed>w=dAX*1@E82&pvIqecEvQY!4s%Co=m9_kNa{Iz7quv3tMy$hi!^
z_UCB`+mT;;KKoriW!F+Y94ysOsqIpNAEe$={kR&OT)(1rVyS*?tx&2TSu2<7FR9Hf
z)t_H0;dX`ENu~NhwXRbAfErw1>{sh9)%UL948(8^x56&QfVUfdyW%$=zj+u4%lLKI
zdQu~y>XyHG+_CTm^nLy)SCa4iwm%!sZ>&^B;U^{DPfNU?ZQdzAEsW&54cpo0+W?Pp
z^d|g>6LBF9ESqJrjK>SN^-JcPE&a~o_Ee{5eUf<E`aKnNoDJ96XhFIse{6%~kL{8C
z%?8KPpLOAnZD-q$ZOHoa$2#(7%d}<LGHkeg+Iai4>Fo3I@aaV3^jP?DbpH0==MdKZ
z<9w?9_f>?o|2~AU_TNts_MiCu48PglZFv?K3)hypz4$Kz_V#`p6aO#%wnv-qqTc+y
z&-`x0lfQSF-}QL%XZ4ls!TT1{@<+XdzaN<2Y~i+D+VN=rZqMKTZSk_tF)~$hEZmIm
ztMNM@znk!TD}EdCy9K|QV<E>cnz8uX-Tbi5AZ`Y?_k0%8@n<J@`{13w`pY@MO<+Jg
zh6CT>^Go#?bKF`91Icqa#2v)p@c<5m`*Bd*yM~c%n4{ogj)Fs&@GasfTIEPMw}#=b
zyN0mD1Q3OA{(9@<j(gOfPsDE$zvMf=?a#*ZduQGWuM-R#wzE%`{X~DKAaAGNZ18p#
zx2HONCtPjVQ(cyYHybUUs&G4=J=rJe5SsSf(Wj-|jy%)j9`)+~Kl~`BZpLr6r<KXG
zJ=^PG;V|63--h@9i$7bx*`Bk}?5Pf)t$Z8)RF^mQZZv3e+&c;1v;ETJo{N;7el%?E
z$gfjghSmEqR1ILH>ZjQfqh1$Q1(Kr{$E<ni-LEkA;P}D^-(L7|9{_dwp$7KChxa4N
zY(G|%3V>et01q|JQ}KHYaCYXmvt^F`0|gi>?y>T^$K9+0EyQof_mlaNA`O9d5THHP
zT=+!cwM(q_?<Wd(wtQo6L*<{^-ckg_9r?}LTk=!fb%h=>b(}n%Xsv7)fQB)j`=^7K
zVbQ@H-w~ZJio?0oS>rSc3qHEri)%)A0Ol*%?;JNcf(seWwnE9Nc0KS;L|~K3{E6qy
z!`qPgAsy2?WSZp9)+QOo_q|Oz=3yF!4dKV{`hlL=Ojy9~tFHP!p4m>QpSyczL!o~5
zd1gzYerC*GHeCms<CMCb!V9?N1a+zcxX{TBjzX2Z_Cq|ZH`V`FiM-MMa=4=iNxQ~g
zhwx5Y9iu&7E7E(sxR2;YtfKX0vA00?JQ6`Js&P@U7aK=R@L#|eO90*M^tv<J>6PAg
zWH#;Sey^p@i_f#`Yo2oga`RtB*8Mk~hRqU{EAB+4H=Qo8oA?^aE1GrArZe!WZf6$X
zd!yaRxarJ9=($m71EIl7K!Q!&gQ4f?PDfc!M_WZ_PDd7c;auG^r!PY&CfYKG702Gj
zX;_<U+!Za*Wk$N-KY{n>>J~WJ?)7=5$(?5x@o<K91IonN)w85%S&Q#N*<d`Lb!4P4
zto4uj91Uk`6P|HihV(Fh+VryRil_dKbAP7QhVF7I=0uHCA9CR7T>K{Cv?r5P^nvXo
zk4Z09I!prg8uE&9x(%1|^r*%~)5xP5wjgq&SAUo8sO~PvUUTk`%U1UqsPCqmI)x{q
zJoUa>zuvUhh4Ikrxy$7zUx8+beK@<$IVk__sdku$Eilz(yWnqX(;`}+?C7q=`4M?d
zy-RvCM=!RF*3cw!0#NQ~MvmtoapU|b2O8uY5CaWzE*`o!g6*+I>C3oI?ZLzn{wm8b
zfbd!Z@>&}S$nN<!?aHX|i&*q-T!NzACewsp$9J$Bh%b;hpY@yzQ1)8st6r;#M47YR
zt;_1*CM@)C;8%DFc6x2N82cB*J$lBxdL!6+#HD*>KiO3{&5B-yEnOSEQFs7kEZjq3
zhf}HX%_zzZPem($`-qj73BQ3<&hSA9AlhE|75P5Qe&ZOo>`szBP%j6*#|geoqKl%X
z+;R)$z5v|^4vnSmkrNS|o@D?I1{*gbEYuIbi8632N9Fol_4?p6pkp?`)9>PHlyQ7q
z1}IT#T(qMF;8cBZI^f|1u#}XqT%WIAAASqvb#L>RIF;^gyev;;>oc6eqa2^Il_%o`
z@vlkc(KZSHRs&by%UxXYCJ)`y@wY6lX7pw9P52BR#vXUWGg)T^a6du&QyCl9HarU%
zivw3+$p-mBgry8T9)aOu3d*mxhsjF(W$<X!0;TYn;v@LEbXs@vH>g|dJOmAIoF$2;
z(c~|T9l%F;vhkv~I%g>3v2L_qts|cOyoPM#NGD=EwC8|fyzWAHF<7ry5DrB5%AECj
z<xY+Plo6%ILu?q~I5)F_v4XZ!uOqS9A;QGmWKnADGnGipSWWD@-UytUu~y-GP(Nj8
z+&9m<vij_&8Rwh8`PIr7Bu#kFeBkDX_u>Io^1`#U*%>F8gg-zGTysTmxixX54=v4*
zT)_)(M-B|u^pYh(Zj+^jw@I+c_+EVUfn&b|U^sXdejCs5t2ykT4DZ2T)GU(=zkoM*
zKF@~V$4mGw{^1*GWRm%o3CdY8P}$!SZIKr_K>O@#wpX`I_!|JN?6XTQ6Ml$q;(q}<
zx@C(^0h{*=WA6f>Y?LnBmX2Nv;GPZJQm3+tH5?uYss_yr919Y2TRE+7A2tDM{ki2(
zD&{tY&TPc+0g?tjhcpTVF@!(}Nn~Jw_?hq_u(90~%QhVXx+k*UklSbvq#j%?`$>z{
zOvRtP5dqR4$jj7y_Ts)2Z=^djnwxwOa;`onV^2P?%e)TFhsOncq`S-}1WA|al*DUE
zG~lQE%%yOO@Z|f<W$k_D!elpKtl+JE#%!93`^?vqi5aVjO`jp&sXns_>?-xwK7;ci
z&PmEwthiiYgFb`PAlheINDfiSxDCW4%%j7j&qQ#eKEsf<J|jVHlhn3-CY)k-L8mex
zr1xN#upj=8Op*`(hPyn&6Yz)IQ^Rq7{jm`72zFQ*CWp-6Edh6w^HJ}D3vaMP+`BA~
za%a4B4CH|uj?oLEu9jg}%WmnzX7O^Dj9)i{9w)caL#R>Ia;wXBS76m;^U>L*m+iev
z*1Xvh6yi~m{jD^13;?>&!%4^z(oqu7g%?p(_Q!7E#1}4)5^76J2vO*~OX$zW4a=ZE
z_wp97y*v|K3DU3y!q<>u;_8)!J_t@l;86_3?mBMMgLCu)Xdl6`oA3_i>M8e(^p|_4
z&S&c+rA37<$wzS987c2XN&q^ajRtq)BVFa*@KJ=R1QsvjhqI(rENO0iA3(>c4rb~N
z|C^=2Yj}BXh^dv|N6+BCQ-w|cP*9FC5F-ZDZ(%|>1|R)AaIaJA&It#^t*?Y4M;Hl#
zK97qbP#fw<`{KFY$cVvJ5Db$y061<mp}4><H;h<iCx<rR_eA(>Mmjlr22#hs`+0VA
z@}I!d_Gec%u%1G=*ieW~WH}V$;zxDR{uY`rhS%p~oBS&P0nQ4|TljZWtyIrofy3b*
zwe8BNXAZ6p{tEmyu~oEw$uata3uAfXI&VRtryBf5*2N<<#_O6Hp}TOU0Eg(->j5us
zhv_<;M~ifnU}TIXkf?$)<<Eu4K12TK06$ayNMaz*{m_fR{-+6!SDq|Ww<0eB0Y>G#
z$GOBrIX^L-z5xWmdY+K|`}<X2Thnb4tn`Ymy!1#&AqK@_sV~zHuh-$lWL7p-K^oj`
zvhI`b09E12x?GAx0eZyfkKqVgB~K|KdC-qy-Yb}4JSj!ccShe)#>q(b;%GP%o;JyG
zT*Z${LVsF*DtvTAa>owwy<p>B@I}^n9_Vy>8=dHxz%S!iuh6L|bShGUVH-MV6VVCi
zcBGR~sVg(}D$n-tWxIe0w6B}9UUF#yB~{PZ7eKOXDsi?wF$IGrChviClxE#oRSEJ+
zs0@1a!w60VLWD)lr$P-*4yE;Cp$5NvASHYXid54v0K!W}8-))}O7zr+5E6|FrpQ<>
z^njo}$$m4lUnl$1!t>`u<F_m89@3vMX}btK!+pft=~kB@S%+@L;2r5!7c-rx!iiyh
zwr(YfwQd<_Pw-1fesP;bmFfU>H=M9rj5^t=7PDyo_$Reej_MfPDF#bbPx=-55<k(G
zqO@>@m4gFzI;;Y?R}$RYG3nXZ--mmyeP?pdUD1=ka~O#U)orr2lYe0WxWxjD-xZE9
z35TVn$hd)ZBcI9G6*nG7puF@MBi>P+c%TNWjb4KysBd5l%Z2+8RHTA%EPzU>Bd742
z0WwpM)=ma~r9Me{bVf`!OSJ3SiAJ13s)%gp>!eecAsc2s{G|S#??kJ%PM2%zbR4MJ
zkGjXMkWTl?L=T1Do$jF=sHu~8*H17AQB{J`Ez$*`TB|CcohH%;*j>?SaFHzN7j>FG
z99hc?$&7*oQWjM4#+X>{9*%7oUh7h{Ele42z(e$-=K)`tFD|?SrlC2DD~<1gbWo$*
zCX<FYpp~{P9%!sP*+D37sAo>GbZl9?pmEuLNE@62JAjU|I(}aOnAXN|8Ing+%_nB#
zc!+J;*~YQQCL863*J7AJ?;+N(aoh;J)y6@DlQs_dPT4qK0(^&LuYZ&1qVI_b;zR;B
zHV&zE(#FAn*v7#^)${dDDA)Q@pl#!Fz&=y?lduKw4|Wu=t&W@$6Uewtfx`s-r9I8T
zn>jU=$GOikW>kotz)#QSl`}XU;fvd{zU;OfOd)unOB&y!&v0IHfs@<A*g~X&Y70rS
z%jLis?D9rDIKNOo7slqrz@*KKX*=4yUZ3EHE0E|(@dHHItVS=yC9PhYl_Q8(%IZbL
zlN=%65l5&WTduG*wB3lZ<%ws!F6IfTf08E{V0i*f$8y#1)m2*|4b=_fRQP+5Gqh33
z8w@3d+E5v1D<{ImwE2`Xh1v=>rui=P`P=3~|3R0>ibJuSoBRvyeK_BtHmxz|WtTW}
z*^czTdlvAXjPVxrFKJ7Ae59*hZKyV+v+$}{F|S?Dwq6_oZ+sM$#~pW4yr~{k23p!8
zmwJ(%ZQ<cgujMT%GqSTK$Lo1_K2iPmDiF8BK+Rwb)Yn4VW0Hhc69W7fTg}?67}vUz
z>13dObClE=xK>_}NX%GGZ1mq>g1#F_U)Zay{_Bfg=NrAw7rjn~OXzi2IEnN+o{dfD
zzr-PYCWb>EVmc5{8G_s<>mcfFw*ybh5)ls|a>(=B`S96DkJx818x1rjp;)Le-ispZ
zHd(|5RyaHq2{HOc6Y6C8Y^2B9`7@+Bj*e1~rLWGj+UlE=`sPf1b5dV=y2KeJDhW}2
zF%EUEubJ{M>sKt&)77es;X2vg25K7>!X|FFaM_`^H1=U620xNuQ`n@VTC1riNfhg~
zLQ^G`#UQES#?eriNoXhqF{L@77rK%+!j+6hvZx_wA2jAL6Uu@N8d4@$B0cNnI^V%S
zp8p~%mM7=FTW>-O!Y3ym@uBY4)g42p5o&d1&X;7}Q14S*<}|J&U(0aDcKs*X^=y$7
zUh5h{YZ7Kv&y~4Nf-?69>oj}U@xj%~?-_O7j5GFVXdG*vz)uI9wv=6NHn<fcxEqGo
z1OwADTyzjdl7qzs9Q$4+kD*HhAO9#wt-0cpH~?>hi8I!@_`o`soLkqZN_Z+yy6cCI
z%!ydN$TJaODy-+-EpXCcXUbGO%%OP;WL6BT|6gOs@jUAs1U@)N#|yH7h@iNw#}*>m
z!Iqa}4Jl0>JCQt9eX_=cO(phS%t(Y5ey*TRn=6dNYC~Zm%a5ZsxW2FpW-wyh+ozm&
zn}U;J9xQC>LL`nn`ePTfvq--%fNg2BvcXf|$j;b<k3RMoMq<@_v6kzcOMA7MR1`5r
z46ZVj;Pm2A7y2IrMtiv0uwZFY&5?E`8l=qH@O#iMqFz%@aQhQ2YO$PX-GF%LXq)9B
zP6=A?<a@St3m!cg%zAMd#L%aavvm_focf-b;9KaJKn4q@Uxi#~JWS#6N2nJt6J~;M
zB2tqMKNB7Uvz6feRHb-AojA})W^_Onsyg7`0U=lk2-e=_IUB${=aRRQ3g4);Wa;QF
zH(eJ!4AZy`&DgeXB$Ce9n@~*VtebUwmce<Q!y#QaBQ)k;2)yq&23}PJ@5~0KB!h%+
z1c?<c+%t!l;j8ryfOMPud*#V)lXOv&6oxA-Q=JA->cqyuj8|{pE_$-a5?R(1DYr>#
zd%n&uTt9p#pi8G|ZDA2^laHtawcf?RCaEs;2l5ycNA{wdWkwMhAtBXB^cNyFQN@2E
zYFqEdr&Ax<PU?YVYB&4@n+jvM=Nt(Fq77(MxEYX8np7Iio^^1jc&u843#gjo6{a(V
zX{85k6&d)@gt3jJtd4gVY&Md8bgQ!HGtm%W;^11${8*OnJRKI(*Qy*53Pn>Enzdr8
z=n>@+T+Wmx6c(ItMMW8D@&5#VM*RE1M_8RQ4bBLyPMBMYg__5a8Q6lbLgN<c(<RA(
zO)_|VD#zMBh!fIUSYMi<)VM8bcnTYdCGSV(%8_d0AtWj1FW&_HI`}KtTZhmATyENA
zFO!DCf(rA(@wBdavtW&$pcG`fWJvI7l+jJw`0h|1O6p#Q2AHmug>p%~%amwffj$MR
z4LpD-LbOtT%daHU*Un$F^+@_bT1YL$<jIt~r{TC$%>FKJ8N@24NLkq2Mt^8NNIKpr
zij(q&#=Nby`l#Ew71+8cvz)OEsmw?*gfiSFUohzM5w(+ixlJ-`MW->ax!r~@*Kgg<
z2fUxZm(N`5eR$|v73bYJ`#}C=($TrfrwWD`L*het@g`LQMxP-Y<Ie8!7GHASX1O|C
zXm93o#wSe1IS#P@9K*(b89+L~f#wQ<HXVM9TqU4--7FwZ^m<OVvQH-r;4Jp*h<nt9
zj3TORX}Y?XJrbro*SQGgabJr`5Xy817wZyHMPL0GKoaYxGB%Qvj)+6AtT2wB8i#dF
ze!!7~wuul4DY5(klJqNi-6qK!W#EUw$#>p~KDkl*B$1Y(!TL(ldf3Ze)Ny&2q440U
z_4(jaq>$xnC}vt;4bU2Z2Uxpgg!&Q^%BZvjy4uwMiqaRiUh;-l$~oaGXay9k1-<p$
zl$UUNqvge(cBp)_F7#j|eQkiNX-WA?t7#UiQdt1AB9>@QfTc}eoG51@VtJt^6Tl11
z=BPp@U|g%FLa2a>ro+bp%LphSLTxoJi=CYXNGInt>G0`cP)T=nSjK1eb@~a4JNs7v
zT_MkeuVTeuk)i;tgkW>Q+2*TGh{QyP;l-}3jg1)qQAoeRb#Swoim93yT<ES5GbN7>
zhbGoS3~8x?v`z9kK3J&XQ|%VGC0<Rrv|AhnUTrF`Mq(9PiP+ZGq*4L1P)?vP%h0?4
z3ZNH$lzi%J!*)dMa(JK{V4V6MK$s~#>xa^sg<te~I|o7v_7&VxK(PeK6iZ#USM`g~
zGFLEA@Tjmu$G{qGqGy=aw_QL|!Lggz+9|e(zGjXDrjZ-AYLLt}H~R<s3um;rc+g~K
zC^D<+VlrdU*63Wpq6Us-r%FLjbQ^RM={E4`CEW&WmIs%jOZ53wa%nfX6!!P-X|CFI
zj~jJ>rfTR4TzxBdb3DO_gmH-(l}kCKe8tU~cEwVU4%gzbmcz?#k@Pa6Fe%`;EoF`N
zG!kuYdG5&mRy>+?A4cnPsKT-{c{&2Z@j%NWkj^nxyYEEpWTQ^k0Zx%NDXU-0{Mc=B
zz!Rl)BPi|F2G9{QFogB;IpDEhWafKtKKc)d9y8HPHM$mPd~Jx&1t$AKlYNn9-<8>^
zJLjA%bmH^K=f))-cs%0wl5TLtbtc+cI*7oPO+NT!ERCbFM-%B>)`(oTv6bnVpo2RI
z98(ZJR8~a(JIlE7LL*k28Q7a``W|`{gElsTTV<Yf;oxu!cfz0m;}{G~IgkW2NzHXW
zW7~rBjH40XHrM$C;xX6xI3C&LyygxB?BKjck`6C}8c+#7E5bwZNX=_lfX-_^1Ch}-
zui;Mq7TeIw6x=4!>NqL56A=&}e8iK2yBOFc9%fR2v41fcpAj5Oq;#1QSl#}Uh!MHg
zDbaj00gyy)_!U-4>*R?)jwzL^pORvk2));Z7V$Jl5&e`9=r>%J%G7~@24nl_5YjLs
zQ^ankCD|beD?;<8zq>sguk24_EH#3IS~=zs*o`PR+t4xyelm(R?SkKi`%UnGu~%h5
z5FBS!JcXEv`9o!T=x$JaO>G4fe$QBGAD|@vF$S8AM$515vZmH0320y{HR1%gzY{#z
zVd_8*-?6DfPTNGM4lr~Aeq!oiW8<j<CwXS-kn1pYsB~faH3+NVG_fwqJcfFUTOWXJ
zLpB7!os*?F#)HxC+F*ooN)dBNcOgHa`vNJMfmrsUh%%Mw+Rz$`Ps;J7yjA+s<N@SR
zm7cxL$Ha$Ej4^yz#m1>)l3Lk`^w9S|OW=O%b9@MfZII1CXA5d6L$Xw5I5TsQx$AS$
z;%08Zx*GLfdC{_`I3(vC@#I#G!ju60h=669z!#lsa3Ax3Q$M#efG@F^z&29FwF?j>
zi5Y;RW%>!{Af?>s*R?{i?A1cD<5CH9Hp;8BQ3mA|Fp~DMa{vLTSO#BELC#8JtXC1H
z1kore_CgUu`zDEsln@c3^b3vMCTVP7^$Wq-;c3t7LqFQ2{V3uQI61Fiikc8OBHRyj
z2BH3_%<-WRBMGx;P~L9eR$-;7VlDDm2j{!v%mX`+nTjS+P(?EhR%4)OR=S~;lV0P4
zt8(MGS42eTgqVl1E>E$tkC8}ak*E`W`P$lUbV*{sHUl3MHbTr`1H}gJ=fLFz+n!28
zP0D<gJxS&(>)~*10*)Z5M-yDRIP@vBE;cslh8@I}aWF=dwb37&BC8WRHK&Huy|M}~
zu^LgSm7rP^jM1PqL18W2$cnBiQMKZ%iFAN5AoKyXQPk`#I_XUQ(lp8-a8zq{(QrNb
z)1KqJPWeMQOSfu6Ei$86EO?Dl?LY7a<Z<dy&4d|arCN<=iz#o+GCA3@2o4r5HH---
zt||FV@!12T!`ILgV8<N+@EIbU@-vYpk2JGNaSF~Ilj2}lGPp`{YS}3%ZewF9PI+pi
zc&VclhaR4i;S{qTJV!!^i>{my;#8Ek+F&CeqP630k?NeFlF=i1P6ZnFf{0Xe(6>QN
zBh#TSAMiUgOeEHY!I>RA%)Ob(tY3!OnUYFE2_M(G<|pj@gS4?uXsdmFmA-lP<+Li5
z=Z!00SIYPgCaQTfQE9|9`#`l^m03a`WZyh9OThL|)JIi@f%3rUC(3;sh~}5)r|{Z~
zcoB*14@hG?+8vEaf`5$df=b^)gYCjLY!_N=7mf?Ii^_`xTTCCz3k|jl%L^lHcP;M<
zY!?vQ!SY}V+f77Z$FNnwLh97YwUIqJD(NUi;U3%r-e&<r<st0Jidq=<K$FhMcHca;
zk5`RfN1e}<oq0>_e8zRqfpxvFqdf2wPIQ-~>fC1jL!H2^FL=)H0cRiXg$b638}7z_
zOPn)?z5#z)(gQ-57GJ;dd<osBE%f#*(_;H>D(#Ct%Fwa4&`(I({n|pmETPYA3;n)?
zKBF!4Oo4kqTj)C^bVXa}TOp)|zOjEgH24UvpOBrrI(~CqV+qIasjq`1uIT@A;lj<E
zFl)5y8hY=L&@P$I17Xmll4`Hu8))E7gra(QPVNi3K;-V^9&mc=d7jM9`(*|&`6DE^
z@N;tRA(=Ll?eEFNX%55GMU8pEeaMGp8HQv9Qt(3!S;aINOw&y;3qV3%ua0S-CcR(7
zaN!72_CWKq5hn2qB_fqpgL*RkJ=wsd0?oMA@Mb(olf=5zy(D6$^-Vsqt#9#xd)B`#
zpHlhORt?jS@5)EEb)P)xCcO1MzBc(6iW2%skKg(MKE&#4E`HPicd#c5U4ih_O=|0h
z%!->te}t#DL27<SEOdT%=VB*4zteL^7qYFA>sHYYY`g2ku2y{qpx_t4;Tl%7S|ovx
zxTJyIjg~p<w!~UiFJ_PY4&RCuBy-O1z4)d<K3-L-PPD!c5N?xy2epQ)@FbB|jn@j}
zW<jOYcrS<HKXC;QB7~{q`R4uj8s>37HbrvdlYCoK_V99(Ld_1MPx{Uy5YVqzeL)(s
zDTI~3oT-xH(CdiKgw+`N0l^1y@JJzBkD`t%Oa1sJW!xs4F|zsc!)*hs5Er999JpAF
zj1VxF2qQ^qsCvXEwxBV}S_|DKtF3>DsQ{!&Q&7el8?-GgxI?-qm08P>9Rx8f10wh(
zdJv|++4|FgBf+Ha3c%Lq8CL~F_Fbq!qhHlrMk~a06c-H0VOCodSC8426Sdl!6SiWh
z2ikEOU4x3jGZo3olKoLp>538wnh}6eA8GODXYc@JfxQER>v;iGu8VfA-G$d<^|1|A
zs5oXrTe=FEmn)j0E5Is&!+A-hD&1o@LhmtQ7W=4y^kqh{ZJJEnG#OQ5U>zuDSLSfv
zjojiOb}m>az@AalK(B3U8qM_hO~Z2#T-Ovn$cw5$HFjoo;FuhO5_=e||M@oT4X+MN
zsP+W?cJw`(WVVD{?PDL~7Vnwmt)Y%3{ZLHHSWXtkH@(O9AycY8?9}OCQ=hnC=|&0a
zr^SJZ<->s3Zhvj>_`=Xulqjo4#r453sy*HWVP<oLC3!dah>_)<X)yzF83cB64O9ki
zW32k~Y1P(d=q~q|Hz@J86s0Ov_v>eeQ#JP&<>-ObxtM(>w(W9I6Ty|V?aJUI#sOjv
z1M4r?``jkOV+(_PrmVY+kF2{i?h^Vc?fM1fVeF@(RhJR8>Vj`aZ?Fm5th!I6P%$Y>
zsp!rY?hLCgZMs-7P<>Q&&O@+N)A}*6f<o{UJYeH-#n-u<^KzSvl5G@FF5M<m$PP$s
z5R%P6)n)xKvPq(NCz;%A1Vf^szvuiH%H%&$T{ry<K%6Q56&-f!*Su{6u4jrSkSgrd
zLv4YtVBl}s0;$%DoBm{WYPI6CKN(1+Rvh>z1F6%BH~(ZHRa$ZFpA38!VP1@T0g{2w
zW#A=kfxlghK;9srDTk+APpaz0O6!JKW9c|}M3uakLzkQSEHs+Q*AL?e`|mXLMt5=o
zQ`pIUhp<KF0Z=NTz5SG*nbtNuI_OV~RsCs~i)Yx!FF+ftm9fKXJ&1%!HR=iYIM~7c
z|9{a=#A;ZLOOzg>npAq^J5qXhhU6IFYwkfOx{#z8hDwbZYGw@^Qr~F44lRTMk*eVb
ze?{RiAh2*<1E+CDPb6|bdDb}qLiiFLPgw?(qf+CV9W4N|L8=uEuDBLSip0)rS@_I6
z@FUa#0~i+SF%F>HW8Rv}>)!v&*k__h4l0y$dUO;SI4loL^yQGzyyo*&9Vs#Jl#43|
zCbk}#pWhyWRX46|58=uzjF#on_%!qxK8{<9>mAA^jx>-+7?1!Jf(WLR(eLuO*8<7W
zgX9p?lD5aBh1@OkIxfiV(I1s@<tKE;x-LkVbpq?dVb>#d-b;m58YbFXu6M{?s&ppn
zs-Kjs<8{?B-Z8|R#JU4dO+Ebdc)wl8wWddq8a?1)JW^{-zem6ht~E(g$U3A)6U^h>
z(rpr;_8s*V!gA!CP2*kLFc*0(M3l@0b&2Y~wX1TDbrfL8KX_i?RH5}d<aC?N51%jm
zFx%41N4z)f4@~Gb`G}_le`H|zZ^D<3LcEe4MZTksLShT%N^IJiPXjV<5LyS15em)>
z3C)^>407{f6iqpsRs;$R3;w~>kn@5vu|#WNdt~@|{6XJ}f}`E2e$Y#gG(2>RGD%Nb
zzAn>t7OdDek(C6O8LRYR;;cx}zK#CLq#Bg7DhA_is@T4LbRy@#4&<b9n`O&ol~QI5
zQ)6To1q-XxPT8Crn7~c0ri_9yEf=VSRwsCwnkOUoPYtR->yxN1myku4d=}3)vhLJw
zr1c}g&|(RZP<RUxqEQ&84d91&fyA;@X2b;A0bA#&w?<Ug#y}5AriILam6d6=OJX{y
zjc)6ilO}=@o~5be=}xt`o7Z+nHO<1G_UAdyf`!_jUzHes{sbuKe1FD6)`JF6mCLog
zC9267Z}QUp(Cp~X!w0#Ox1-}!gAC5n!O}tfg7iw-Bs|>(R%-l}g7*(HSN2-}r6v7^
zC8;eVQI<qD8Rt!2Zp&J(Wd%7c>W~E5e<c)7wfW+O@1?o{T(Zu3;Bp1=$M8aHMsMTa
zK%(*NOMr>&U&VIHOcv95EcBEbFJQ1t<`JCT*XNjog(wV5u!4ADQ3|dva?FKxxa>xP
z3Kgi2M)8)q=$)r1I&rR`^>?5KAkk>n`X>Xb>sx<okNAg)_#Zq0kG{rM0M?b#4p>$4
z=gtZKu2Xa`=qFNWaY9Rf%oB9Cp=LQh_y^Pf#N0!eb@tv*T-Iy{cHfhN4KbkGReK3$
zSo+YpsK-?^>w$H$U@lXkExLKp*Rvh09FY#uz>1xpnxxW&MQ_Ls#+un&7Z$+H#pUQQ
z?9T;^Xq->p>2$9DiKlA)Dbrx!bRLm0B27iN$(F$y<@#}HBR@#dL&%Hf5xMwEJg<>^
ztI-r}H_gVkI2$oeH<4{Ti4lOByH;HP%F22<5LrOI%hHmztld$T>`~W^QoOHv1#X-I
z_mjo+)P;JIdZ`JMX3+J9VN3}mooBWr>3M`h0P{_37f<ayID3F?3gNvF?_E$Oyqw-X
zh?8_}2MIh78uZ2v<>)XPWxz_nOYR|wWWYz+#Y6^V2Bg>ZHok(OM)p$MBQaz77wX~a
z1g`aOypwla2gYz`dM59{^8P5(H<`-|=L@aUtqwDCFZv>+(r!y)zTYu;3w8)z#Ou2=
z`S3EZK170kEQDR>D&T(gOx&>_;RLh?@rOG&Xs302N$s1gHwJS)FqkhQSg@9UN`)O<
zdM88IIF69R3d<;@5LmLHC8=O=+3e(bQzj>+*R*wqh%QqXDqU`L`-7ijzyY<q)|>*H
zq2=<CZ9PW#up~S9l>1tjqfXb%tdrYhKG=~VHnA2aUtai20oq=CRQ{fO#qF|FaDTO<
za5K*9fbX@P@bv^=&OYXo#!}HHYaI@N>@7y49(;KHZj<#7&p`x66toyOJqmyjo)Fmy
zXQW$#eUd353_L79o^h6yL-6r|aOu}NycA)OK9>WT9}h1wzRtDjTtO1<|4^_lW1ydS
zatC?Gb`dm1L)&gWwKB8gz2bR_H^%=5(E^pA&dNK(zr`xF4+6PE@apKaa`9`Puhv(T
z*UIqI%S_HezE&0=!&`SOYrn~=nJ8;|K#w;|yLwu-p+$R~ATvvxU>C*t;<W!Q0<$TY
zHi@F!WU_E8gd#3HZ%RFzggW^q=qTCAJ>quYo<l6XIgbwm+d~sTt_2V*I7Lus55|(*
zc3`AHTs;#HPp(!JzM8xa(OxEaD;`qUA3=5&STSiWk^GDA-FpE>sr|utt)fIx?QNC#
zYFbanA>a83BHl_GRf=Ogx6QsIS(=jCyc51yaMw(ad;avec~^)t(_prsFyeeRgiuXx
z*w*8cG%U9n#WPdY6tPvRhVcu#;NZrS^WpBo@?+sYhMJ-m?1?cmd?wkJOE5Y_9w48n
z%0jeX7dZHB$^$GcrFcP4>B@AEVXM>*R6AK^59T{XJ^43LHIvxZVmhj7Ops}A$Jgv}
zpbbfYin7LGWh_f{BvW+mD6iI6=uyje2d&yffXb~R_H@mm%R|}wbTVJ?kGgCHgtB~s
z5u}%&*;bhkFT4#MN0_WN7XcjI_%si@11^;gMvZjFegr80Wu3!a+<T_&!(bfx6WK<k
zhiD8ro8Zq%&X45h^<~C(M{;inT7VO*Kr@TArq);py<><MDaJcZ8Yf4(h*OWD0UV&w
ziZdecwt_tX4}~Z^Zp*RoFkp0sml*|v&jWUt6Iq9X2eRXkM51oB7^`Wxentuk;j~$}
zv{7oDLj+~-56{E9O|AZF_=GCT0ZmXqC~xUYGFHO(g8WNR6jQrRA+4Yi97L{1gq9pf
zn+VBJ@yeLzYe85Y(-)odASc@~cn-nXom%Qz32Fx{QsT4;h{E(>08EsyRb8CfjBNN{
zK{hTb*9l3WOcvn=O=|ai2YzOT%yHuo@H6MIJKi*yTqYaFb_Ou3-D_>;(QIjvzMP*@
zzQ2d%z+T_ycz(v8&iYs)+l)Cs4qU0+;vy4{Lp`Xi3Q1+!Qeb<|fq-#6`vIy@oha59
z1CAIDyYl&!)$y&}g(GR(fC}Q)aW|`)JBn0aXzZg}_^n8<&^nLgc{}=}E)RlnmOqu$
z3I~8cw8Hs(WLs4{fCu$+>TPeA{+JS#Zj(7;eUM)}tq<-n+#S{jJ-LXdBV1MumOWN2
zd={7*l!9)EGZjt7ga=A@k@sY(8ET%@@m9Wg=XE^#;FK}jl=*CwnNaj1wd?uP=Y}s!
z$lL|M5&X@EQLh%_HQ|k@za>e$mV}c(RfpOvZRfQX5kNv0Iu*FwpmLT`YR$pM`J_N+
zMDPLZ>v5ZWg+9m`spD1QH4|b7q+^*NmjG|FWX(RfO7yA8<)}z@@?iWGb0g>FA4Iv&
zL%D8ceJel)C@XvNVbqYUC@pffyVUq7C8BP_fP%A%z@*VijYHpHV|p^-cYq5bWEtT8
zD1x(^-3Zxh?aoK0wFe*B)?)dxh>o|O#&4(&6M%1UITEkX)O&nv&3OslVdo(3X9D*d
zNwfJ^U`2l+d>Yf8F+4hDw*)!v@Nz*Zf(wp9CX5LzSmZqS2C(?pV7!E-=5^qFI^VG-
zCt*!~1utc(6gQ-i9UJdP`R`!)kO?}YPZS{mvNt&@6)U`aui_N?YQR(f3(|7+!yGu2
zI6?}MG}#IkLuD+1VIW^vHBnevFmLraurlHR3_@{WYl<c(9zlSJfv=UqD&T?v0R!mh
z`{2qGlZL|y)vshK7`!#PkGE_E8>sXXaw+3rtC{Hw0jcc;{tN;NIUk=UKKGbKvbJJm
zZBNF>;z?TEqO*@aXk_aM^1PFDtkSChZi+<tx#{tum-Dx7_6OG$9UNlqE|ef(bpdO1
z8*ujIvaTWZZAH$KkzJ2ulc(6W#^m_y%j{4d`LE)*@I@#WH?iDAvk3;7!PQ-ZxpAHl
z_s6Rf{%U^}1-djT&SaLexk_-1G#1>WEYMf4QqB&VagcB0Lz_@7Xouvp!PUO*-NIRL
zg_1MRJXV`*8jUGV4I@VdTd>PT+eGyv>ERR$N4D4;)~|5ScW^YZ;L-AO!Cy7uFD*sy
z^*MBWm*dHEM3uX=t;<|X$AT3XvJlKYIK<B%T*cj17^z3!Vh{tQG!6g+e9EOtxn$AG
z45;6fK3{5~%v~<d;O-X~3QK0g*Ab%aNbkZ_iu5iPX`&3o6=~)KvfR3GD-4lkSlr9t
z2j96C1mDu$o?4v}_W=5<yYy@Jj;Ndv_dXsOg1M-W>p}bbtF$v|qC(U~v4qF&2LzEQ
zZ+hR?a!?__&ZduD?|9kDc&0XR!q&|ml4feX@-{Fo>ndJ${&<E5={Qb6QP#bht_UAG
z+K6<SUx8=erFEp7hQ2}NnNn$LSNxH)Pq}&BW1pkqJXJ#wd{7?`E+KA4b(Y}Hs<Wu#
z0&P&Bi2_e}p}-qTz@v_?s`wOxJHyM$u?B1%%mgnZtM>Q8@jBELIpm6+Wzdl$0p08J
zvt7XGF?c4D?t%Q4D)J3|S=ml=wzD2jP@YNo3~s;jWb}|LPhMJ<PYY$$M4ir_?3o8{
zGkOLUQW5(JiL4=Xd#_>{y1IY_yNe8lepxW9y_i3s2moCzKF!Iz%g@C$uT%9<63K0q
zWWFQs;3`>PALbNV=q9=&*I7k(^uk*)#x}Oy<eU-ig8^W4t_k_{%_aoX9#t;LPX{62
zR?)L{R2?a1hM*5SvhD(v+IMPa;I3W^!$O5RhO=w%2s|&^N1PR%{oOJDA@@?JHXuz=
z!u%eB@f9K%y<KyI_O;fNtM%$fuB$E!)=pkzzc2Sc0~J)PCsP^6xyAA6p-1t#X6t5z
zR5fJR<2}4i5B-Y~)f3iA+yLSbxCn6ri2EDk229+1#367Y;^rd`i%`y*`6g}w;t;q1
zaSIUlAmbL8xP^#A;C#ekNBz*<j9X~p79kFS1BhFMxJ`^(Wa4&390IGy3uc4CRiwf2
ze-9zerqegEWA27meBgg}ESU^%V(%P+9~fs7J5b{Wj8Xy4qxhRR0GP4y9%jQo-S<;R
zgfqpz4Q|{KB&6f%-gS+UJ?VEN&x{yu;Sq&yMvUxDr!{d#3^((1&Lex&JC-B+)Z3s*
zeRQ8PbOh`}XDw#ihn{uz0{%A(pN02<*Nc)I%P!)qGkhN`XCd4>72_@J5s&%~wrDxG
zFmJ5iiCQ4bf~!l_E;n8vgsYOw7#9xUp=Yb!7UGJOj@}`s?K@V$?W=uBtope2$Od{o
z7RM-V@MkHPcFbqpLqK1)P{9Ec#$y0i{Y|&$b#WkpSk-|9er-8*gvDd|S_qHK;48Uy
z&J#v2a|ZD>!EGwAMwD=x5uR42`?~NKj#diTPrI&M94r^Ov-Ws&mU34gTrZXkXtQrc
zHdS)#$~_nx^bi$g1?}FQ=cl>`_ZyN5|EkjE7gwsAH^Dn>g1txaH6%>E7v7X@_r{wu
z#lOn7ceXK_#0cAVj1ji&7$c0<F-DlPV~nu+xtK5{SzRy?R&R>|+hR=4I#^9}ZUs--
zi4puStU)J-eTCy{a&DBB2@p@2LnlB?VhZH7mVySD^X$V%rnQU@p-W<K+s&ICXHIKh
zMg=FKh@zd{@UoU3c;g=E$>{tBGaACfOogd~<B%9W)LZ*8Ym<Lrs!+8P3J<?41?-s6
z2xUBsK7;@bG=k822D4+P^GrNdAHmrttB)|XbRMIU2yJdbbH0cDO-8PwKgE^@Wmtcs
zAuvSfEq;a)#y_{oa;C^NvE45>b~Hd{t&^%uu%7ZX(j91@TgS~GT9t9s(`eV&)KwXP
z&MlQK7o#LvTPoF25OWzKU<f}21@x6b4(2SEf|FSw)c}6`!D;vewY5A$Q)~y3V)7A4
z)0r#tH)B5tA##%l(-ah*`Er{iu?DGE1o99pw4{V6h}bG)zNjRYGXwg?4LIe@eEon&
z69tY*pkRwn0uUVp<~F{kRM6NlLEGGk%$S%vktw$~cgo0~kK0U}gOU@lM&Z$g6)O17
z%#TlJ^3&tvCBEjiZq5y^E6Jf#)D!EdI*sctjD8o>G2C|GA#KUa&z6vUG<v^`A6e%b
z@FIpj%-OVaEHG35DM}%6?M#BBlc2ZE_jbCU6e<<VK2M~tc+PIX4~O|Ur;PfFQB<*o
z;8e1e8ec9pDUt(-WU=0VbkD$DfcIXhZw#-<`Q+*ndYeG*@+$dwrhzyKMVC(_fO{UW
zdtepDIdF_1f*}Y82GDG)Cir)0cOsyUrovc-fvQ5^<xEueO@GM?u}vSr5nK#W7_!hx
zX2|04kGB=9hY}q(K7@L_5A{gM&$S?i%vU-}&vx^X*E$dl3!(XJKC-Q6@eynQjK>p@
zUidv|4?>XE0nFhx`7o4gEoV@Zf30`WToAI2C;$&au-F*}fxC{0UL`n#(b#Fh^X=F!
z<5e{TCMmH=eJo1b6nv#Pwe)-!n4r-$m}R2N^MRcQKZv8?$Ce+a1YYpO49X>vECRub
zRKg!3^%4t}K|52JB4B{X93wIJRNSJuXU@3|Lizos&m-8M8bfii_G6?xzh{y1B<9rq
zl3qs4f-|o#J2oz2o-;|AB2JRFk(lRN4^E6_v_&E#8~NT6ZZ(8(M>6xk%Ib(xvl2U1
zfAf)}yF9HstRwoOjL(BD7<<6$;Be0Kd3@#iI5iL1WaOX<e9LUFojVqtf)#(*QwWw8
z;9}C#ih91ciTW&zB3ad4+=NWh{$i|qxM!@5*}=PQV*`6xVr*dFdz`W1HI#ms;^2Qa
z^^mB6WD0e)*&l3V13SalTPXlz@WF^icV59qrgaD(uoORsne3X*ApMTIO{O$<5Iy57
z^9Z-eJgIPF(<h8h;VeqRm%DOe)M6#N%sIgS1LSctsV&09QtRCd7ewZ21A8s12QF-?
zn9Yjbj`v#cpuX4ll$ZhYwXiYt#yMvsd&4-sbvvXVTm(8`dR=O~hJk;=6n>-bsK+5z
z5#^hZAb5jPOHRNB$q?X3U42hHai$r1R}pJY*f#%0WPn8oF5)<@`h!^7f*y*2_UG6G
zB~xyZQL&EiaS3W7xDfe-BHI3x0V?k*h>v4g=B`m3t_uZSV4%1Zx$8N+ToQv3TH*k-
z^Fh+Gf_wSkIly;w({66iIN(|fvo5y{lyctSxGcN^(I3N3B|B)TbFV}G4{3gS`S7~y
z2LVQ5+AYK|a`Ij4wLnXGiFFHc5N@2M$e}gYmLw|0NB!KI{2FuaoOP?2x}hp3VB<Cn
zXu;*I5*HnBj~YtX9(Iq?Vhh?jO`VYjn2}s)ej(C-m~|0~56V8-QsdVVRO|&j8jefh
zv=m04f;T=rbr{$*H@K=`{gt5#+OmDI|5Cu=tZwuhc{5d{w+M(nXkn}(iCgPM8c40t
zn<x_@!c?d4Hu%HofMU%hNQANfKMl{12(H!RioU;K9sdr<-zxuB*I+5&xUJC|(jG|v
z9`d2AuVT@~pAN17;iC0b)R_xKqrXs{W^p1tHi~=xIDc(<z_`fqv*FXl$RQ*6;(Kq1
z?!hH>u-t}qsB2JC@K27J7%N&U87}ou8G-95DLWV($pT6#l^x-&$UNHZhFkEI9r<-!
z%EUlPd<fuAor{x5!J82T!G-hW!7^La^8pi*>jhGxl~txZ#zp1P-|>~I6Ed+0cO9;K
ze3W$dT-k-nyOMYH&T7KMS;QIfIZ%Nz=(r$ua2?8*E=)cpy|sTfS&k=v1K3-NBkYgQ
z0D^W=8SSa(MzD_vbO@e_IG9YC4Jr&|1uj0;&+ylfLdRhvob}VJ;|4b0ARo93Y@Hu^
zCrU2Wdt7-D*Vn=Xbfny032=8YiDcX=n=iHzEP27(5sAa~{lQI|ipT8{-jj`kc(6Y!
zpeu~9DTOC5gr@K@(8`V+(O%atKMXI)n4K3la?unuDm4Z!hftLuEaLwShXQ~;q-}3w
z5h5Cr0Tw}IP*?hL>TX#j<Her!jZb&1%~#O~y^SN8QNT*Z>_}f$xJA9fo164tNkSLx
zZM>6-e@Pr9aSs+@ZwC_5P5>nNHIocq5hZ~OR*xNd<Y1>Kn@mm}sJF2fQZ}|ElFM;N
znu2;8x1{5o9^5V5V=f7hnu)7fas1QUs9Xs^hvSc;hT-=`-~@D=7xR&Ay@U@8zb}(#
zwsp8X{nkt6nQI+^C;PDWE$oS4-y(<<ubXhf>=e#II)$^4RJiuhCXwkBPUKSI9~YU`
zB$6gv`xxv;?S1ULnSCt0J=w=r#C?qQ^Q4w?@z4mgZC1^bzZ%r%Hd!lA{z^}@9gzKx
zdq=eYDHQfJg<(3K=1z1-0!w$u7rNC<aIJJ5wAzt~hr^31#vYYSHmtpEm@q|)J7&_N
zHIo*>hmy2N$Q#1*n*6I3r@WzTvegxNGl2S<wv&`n-{5*AJI>(Z$-VA(N_**6hf?Ec
zvZeG|H`y;2VhaSNbH~m}0oE8NQ%i2?Z(jIrBp=xg`S_x_<sK2eFYX~w9|8dwLngpS
z{Oi-%U0HcK-mS#shBr<CY8^$QzXlO8(UUP8J5&9F=~J}7YbNcdI?(<O6xK=B6Q0-P
z-yNg9q?}26*P&j<@neQ8{dwF3UWf&i;sy`<Dq2UQNXUp|@DQE6g8W9uW>lO~Y8%tR
z@Bs6r=<vyzbU42Q9X^w!Ltt=*ydgYK{_cx@M+`jqD-LljBeLHOArA&q$|%8Mt`oc;
zgQVsO{&NoaQHHOL7<cq4WXkF4M66A`9Kd6F_bK7mCIh8DP|Ra(;8;l-@qkIo&{W+&
zJ+tnw>rnSEChMN)e}v~X`FE$rduB+87k;M2%RxFC&kMeSf-#1F(((ob%POQs^RMP3
z+j<2b7$RON&ur^ec#7>KH78>pQ}0wbfpiKdluqF+Efp?zCc90RF5#kV^atNkw8?v}
zvj*)>f919gkEbihI4x2q3qd4vvRHjU<=3DfRDLZV+17D<pz_D#8S{l1@0c`&s|jb`
zPT>TW3jd7q7lE5_9lt(1lV>jMz%%zHd1eJ@z&;M%CtjZXjm9sc<Td#>8o!8**W_Ob
zO7<hpGfiJ6Ea4nib5pz==V~^27sQdC^N7U;2M%4Imj;Sj;@00-tqn9j0YH;FyP+F{
zQ*`*;OgiwA_I6$Q{v;g|eTVS8CjZ9rll{zARd^>cc1cQ=pI<_<c<fq_dTpj$F-AHV
znvx?H%nBk++DELV9Fpz@B#rJgBvmn>;i5MVNoo~vTr+VeJ?;8G$EG%VCI(MTiGGYi
zTI+<WZDSGxQ#8GMCQW$_dOJ;j3W%M?B*OEW{JUc`m6Yu?<zeu7!Ou|yB#-cp>paWy
zj@gJ9an3Ab)T@C4`sr)<$hJ<zL;Gi9tYVVwjaAHV=#!FL1el`R=V#LG;+b>{A4<|K
zFm*zoWI3Mv<rqfHJo)>0W0>F;jbY4_7{kO!BnnROTP36s>HWdOmavqK7XgQBaBs>C
z+4!oz+8)_q9u>*P7wv0PVJ>HGpnD{tHMC9wT5d+}_H3=^d$x579}t?S$}=1M9s_Ud
zWPBw1d_m52Hkmy||9|WFO;D+DBO?gAQ#i|t!po?$(N|ckARv(lCrvmHzh`E9UecjG
z|D0@3`YbRqmUw%DefViyqdjtf+a$`K{0&dVw3^cfV(ZD@NbC|(ugSkDu`77J81Rk$
zLii$gi+*h}Oz#TbjNvwj;M;-(unJ~fc51koj`D6@nUh*g$7`L2ytJnTE^Jwu;4i{6
zkj<wvT<E0z;R~db+hp>Hz6tvVlbdkYc`owF`P7V2lcG-ix6PJ~$XPOJm)nk1{r7@7
zK%#X9V1a$k6b#r-FWVV-e@t*?5}s60fC6^Iz}C7M9~LY(RX0;-B9aO>HXQ<q>bw)Y
z#ED2JnaXm!CjZ7Vb%sqRF-}QJm8mrE*m25r_6EJasO?1@b<K)CrTOJe{uOOps_)`T
zQJ!3itea@KANU~T{gUJjhPe}XDnuT)A`jSvA*t(F#zo6j8vR$zIl~QBqBad_SDA$w
zGZOeX>r4U`c3psPY-1-HC)lu*CRSCxo(~h%Ubv6ByMS*or(lA17~nS~hd?fbN5IWb
zAv{w49wmQ|mcPf~?<A#N5sUe{0`liYSD<uW{d?sNyyUmqxYXx!pt0axa_Mj5Y4Tjq
z;C1y|7B6fZ$nQ<8?eHP4<iddJi-A}Bf!;yGe(y>qC^vtX-V$;5jX>DUWWClTAyLj`
zs6*+z%d2LCzeyenQ85@N@?>VsqvdQTkMgpSk1RdKn_po&r0tEor@DQ-FQUSoc$4tF
zCjZ8~`6y~Kn+_!@l{X(lvY0m~K#TvdJRuZ_HE~z2QJ1;>7PftCOLJvl0SkvGp^dFs
z@5^n8WCkBM-Y&NB*aqwqaoa(WYHPa$7GBUrF|<J%ka;8h%d5<2zeK*w<K}B?!`bs`
zJDTy2NTk~Ft25hCuK@=`CG5t1v$P}Oc}@P+!HIU9$7@GP+1`#c?FLnpV26=R>nsw>
z>YQJb_H8mOlA8(J`)<fd+j|Yq$o9@aNt~KopG~mnLrN0^mw_poe0?TOuIRwq3sFQT
z-X=V+$-g@_w`PXK+?t<e5H`iAucJYf3iX!b*rDJ-85i4i+sCzKV=z7ku%YCh%SX2L
zT0A0JoBqxe5v@5cn{Z}Hg+mr`94Cwv4ZksyhF5l=;T}mEKHKyuz+?HI{8jm|hudV)
zp8VCIUM<y=vULk`wD#o6+LOVJu!NEdLy4-HtsF_uF$aXikr+<RF*gEOQjaloVQ{Mc
z-<(<ht2)#_NY+1^V|q=(bLDR=AIWdC$w#KwItGi7tV6vZqT1?}oa?oko$JNmRK316
zvtDoNP_NOB^>Ukp=gHq4s~6MHsF&E;<TBxQJKK4zg@}`Vfk1%M@#rhy^cKUTe*bOO
z!EG{eikFQZ#>6Jv6J7CMNe_W23T9I0xFn%-^fn$zD;R$GCPe$;wEVpqe<u$BLNcnP
zq|y|zJ3C<n491YI#bDrmK4aT)XIv-TnfQMjcVjABF2vQo@T6^J<8Ml+I-9iOuj3=z
zx_}Q%`!2*Yri1BsOq!yD31{9;;RKcn|Bmtkftzrh$8DX-=ht-L^A#XMGzP4Q<rnet
zn*6JLj!7F)^5m}uVZKgmJozg@wsTXqCv0T`MaE3c%~#mUm|10+Ada$W+j+Ucfwr>!
zq=h`=9dwDV2g)A&rSm<k;Uc>I>U5s>pyRDqpgkJ5(zqtNGRBP8qd3t&(`7v4f2E9+
z?#Yr(+j!0kZ2ch5()Ej~B$B}_S;_*9R%r{X6ff_fN*8IBgl<W=={h|bxT$)uIH^a{
zhug&nL?^$5s3gNL)$lhk-0CZ4JY!lz4~1{S2`Ux-h>p#K(J7oom~hv55$O6|;rX-P
zB78ow+;6fZSN`rh;x`3V`Md9+-y~F5{_flBHw9h!D<iR;|GDC?OYu98&~)MCJc5$f
z<J|KIDEJ`OQ}9kO`YwnGPrJ_fcy_eI|7SvKs5$5|0024Ph(~rLm%UQkpK_a*23?L|
z2baC#jI0=s<Xa3-T-L|-1l{0yg(QPJBy2a3bP~Y*2wbx}TsU6kUdGu4xZNi*q}uOI
zGEOn4o*&0m`ukIHyl^<OB@yQ~Tavb`u?ev<QTrwG5&IeW67j@3j^Ai4bzuA}5d$h+
z#YeXFCOje@GxjZ}h{~k?XTq5!6>fNsFeLm)E&v7NLL*A;X#z+7HXdfMq)$2qyt*x|
zDU-pHHrYR}MIfqh4YOF-COxB4IGS*#HQ}x^3Y=vA)~-7rh55UkbjMcS)|*+7)FbOO
z@a)Ksao$X2S)K>*=$3)T_)_Ed<kb&>%{OK%%ZhMGV`F8lNH+CJtg8;Cq(C|@V!@au
z%05AnzjK^~Et;`0mQp(`8_3qb6O~Wj61BSl{1#*(U_N8Oq+tRsBirC|`q3Y(H{8!L
z>cgPJ_rUwM1ZvDu*MCL*k~RjZ;NY|!;Jxsln89O5p*&^aLobzW+J`aGpD?^_q&ZLQ
zHZbCZzeD;=m`BOsIhd~dlihgj#X81rel`V!d)2t^@y!ShnEkD&3OMC$d}LeK;gRG=
zoYkQ&$V4fgG2zUW3jdAn10$G-m)6e45BpzjD@{5GX^xG8ln!Ys2&r03B2)nO*P|d{
z|8_hgJ~ucpsuONZYr;L}dB9EPh?rvQ=C+>9z$@VkUu-4rHMXdpObwd=1;wMIK+tP5
z%SS)Hfe3)LWDnMv$^^FG85zK&DSS*gvqs@L;3INPot0dW(0W@pvaD?D9ekk3cj6h<
z+30ml62YQeGG#DrD%_+eED1l`tx_<ZEtnJf7R0zc+15>Xntqj-=Q1>cN16Hq<rC(b
z+#S7GA`xzBaJP=NjF%{`nuw=_O_o+!=U}8y%ACjm_i0l659E8a_`3iC2<lMuZhU0m
zd5lkNW{bptl$+?UjBo3&F>XV;_Cdg=POihbc1PPmY(I~9_OQ3dBC&NdpnxH7!2=Fu
zy~zi05GA-!E195&uCE6dBO;<B>1)>AnLQP5a3u6J{obIU<BbHCG`A8Fuk{{0NFjbE
zC}i8k$bQClDv!A(JUO=9hCo#Dc03~fGjJHz2@bPJI2am&UG|zT&EaiuRXsZdt-}eX
zwIZCnX0w_gn~kHd)@V))b<;2~crP)~5mmPalW`?5;yc6t3^aHpeEM2Y#ON^)|54ay
zF%;bsckoQ>eJms96$6i<5xfy(P4cZ5?#u0;1Xa1#3J^5K`;iG)e}E7z{kxR+7?q-%
z>7Pt1;p<)WPP6;gYkiQAP}dI;R8&`!hmk2*24^OYa7J3^hwQW7S-0DH8>Aa9YVN8p
zcAHG=%U`aW5~44E?K~`+(+vTRSvwQ>(Yh(~==4jJU5<w@L0VbQcf~DqmDh^OY-&BI
z)VP|Y(%ID1hne{k*d&zNN+!~GOH5Hg0x${tc09kv^;Wx8C=wn5SA<8j2KESHNKi&5
ze|q;Rb==0IX;iX_c-f)4*PDT=<QG)E(e7+q8B9>k-qf|}WH?ZABlx%V5!4G3{G)gz
zc*?XJBU9~W!kId1x0j)w_iMY!O;23VvF$eI3*)%~*>B$^zFYz2HVM~Esr~RKpy4(N
zGS!qqL-MiiL)JVxr<Sxjrxw6PH1WGR9g%i@VdE{RYOQzjI<(d%wj22|<J<yR{D)yB
z8@xmMZl>|}w;JLFA7DsNMm7mI?n1B$$;u)`<EwFq-?*Q-ej1158h>KQ|HL8rM&WG;
z>BAp|gI@MApu#Tlad~E2pOB~Dx<j71)}8Xqx9-AoW?L|Kr?w!pPT_>!DV(Ks3TNq^
z!ikLucb%_*em|17)_v=_YS-Au5$2usKHFu%letRQ*gFvFhqp=FvPfy$11^%#+a;6*
zDibse69i-h4O(MZB@l1_4`HAkd9fefDj8X0O?7}DzDI&sSq%b@-6BDxmj?Cu;d>>B
zRgoa{3hk-vr>_Q1Dvtu9YiyUqQH6!8Xc>MJe9Sx1v1y2heJ29;oh9qL5D{gu%zg3X
zST5_L5I8x{C=-d!jXpHDu@4w1BP*<)N+M`<a<V@75CCIUAvqhn2lb0(FZ@SPPiA1$
zev44985bE|xqK6rNX3(a?Dw24-QaBLcqS+Tuh!KmA=0qU?P+^=B5i-Cv`Gcv3#bjc
z*cXKY@z`kO6@yLPQuZC@lJJI|5MfOGvVc-E!k60Mne%8&l7eSwz~mAR&ph5}PBg9h
z9Iy2ig5mgD0xe{(LE|VitRw|(Jn?1wW9e7$mp`$!h$B;+@G)Qb2-LN$o1y6QPG?L6
z>4i{E$o$01_?y)@ZTE=DUURB5(Y@g6;?M;%VU~3=3N_b@TmDbtG@ZhUe%rfg_5ird
zMA6HL24oSbcLT$U{SveUsoy9<rp;-i`ZxJdP%75*Jf#LFidezjCl7bEV(h_g?9qqt
zA@I#{ur#*F?ZfA`91r`f8ytbb1ajPK-JOwE{|}G}8|-5Lr=MYXrS(}nMC1Jd`bzM1
z?Jz>`BZ1dXNN)i798&cclehT{;1a`kL!NczL(zuq-H2FxK9fbeO_u0~pCLrINi499
zSlqdZ+}8anT5sGgjA$Ik!*$qrx$@*!(l;k(*to^3$+96Zci{-A(eNZypU0zcy*_V5
zj|1hl7%MxpU1o>f69dGR96mtF8V2f~b&f{eA7-0WupgSp*-~WK9yArwKv>Vj=~2;8
z6Olq&&B!x+Lgc&`@uA)q_5f*%qb=gRo^AQl<(QD@3^_cWs;HX{*Wsy-N@)a`i@~=i
zn`<0V$B=oYv@oytRsv{w6W!T@aTRg4^bf&B>QK;m77oq|Pe?X7N+jrycNzS%g^6A-
zQ$R<;rL-oomtn#Aag#FZGl|c>hB=BBk3w-AXY`wGg&G?V&g7DexHX-Rygh42AIHNu
zyR=RCOz;vGg}(%C_^$i`m!T~{Q|9x<qH?g48Sq!BrAZVw90OOT6T(co@cXziRY`Cj
z-BOj}7Lx9u?Ie)H&w)>uz*k6uG+riWDqJ$~o%(q(CSsO>56WZ~!x8Dy;D^%UcQb{{
z+kwhP+}WgEM6-l<qkP^rLt?_&x^b0<`&?{Z=O;L|=%ah{Afo#9{DTuz=M+hvwA?)I
za3>)*F@`!Rxk;(y&n}fHCr?72pNgziIa#DgT9)V3Pi%i;(TOGHKsT;hr${YKOrwp^
zccooQ31J$a$~0~ecrf$pxxO4~lxvgwze~y3wZP>;!9`>&{9{1qj8stx2=MBf5wC)|
z=wnE<6<5?CSTSyoV5M`LAxNSTLOb5*Lv}Ni9b<l$thWFwK_>Gs?gTEStLy{Eizpb?
zgocDOxxYe^oE5xFC@jCqk*vK<{+g=O5kU9nQJpZB?F~L+KAjijfox^7gHy^J;TUd4
zI0vUbqY7|{0|H-?A<jsCz<p}QxjEM*$6n}u$#HJG0~>KzhCJUe<64mogR>*N8xzAU
zjGVjBDY^`DbdfOnGf*)azE}tB2gBt2Oyrl#>o$E2L{N80Uyt6tfw#%e(<Rt9@rJvb
z@wagS@9{f{_v5*k?wG*$bqc(Pf$Q5+KGG@BeL7N}(w1_sPJxFpa6?<lvpWS|&A>C;
zQr^=ka2o>~Z7F+#4uQiAoNP<Es#D<E3_PPP<>pR-U+xt6$4-F@_Ur)jPzFBCYZVjC
zv9VL&W(GdemU3&Sz`ro?cWo($hdTtmn1OrGO_#o|Q{Z_FybgC1Ch>e51Fvrj{1^k@
z-WGT-12?w?KEl9UTj@AuJ~QxX4D4!4c_;(B+XB}yu%|8X^$gslE%4n8e5{hL(YHDU
zKFUDcJ)Wxj$Vi94b!~y{cUr^mpc^_<@-6j9d`lG)--3POTM$otOM4~0rBxE&(jbX%
zX^X_SG(+NBXps1pn(Fs3S}eXCvp7YG(qP~4YyH7*F(eyqcx@_ONz<{r<Z6qO>CR52
z>(X@WLHXKHGTk|;blsYcovKh<noM_YDqUYj6SAX~Gqn|olrrA9&I0ICXHe$K4WX_~
z<S})Ia{1fE&Kae#e?cZsvC<laaTHO1mZ+aGiuKeeXxxbUmqdM;QLLIq$=Hra+&>AB
zw=t6SF_C7mYCs|{XCy0OB6*0r;53#nvfhx3SxpR&awBFxi5ZvMSxpQNawCS9wwCG#
z$rY_8hMvw4!<$=iSJc$s!Rsalu4fo?hQv^XTDvEAb3435kn@B01Fw*Da>Gl9#pv5R
z#Sum=D>~!CIMqb_#fVo)Nec@owuD=-;8d`?5bleIBnW;DUTNG3YKa{JgYnBu&Juei
zbBekMECL8=pQqU?;ZnTmU9FP+`-$w_#LJQe@#NT^5&s5Qs|D^;r$d0da<8j5`CP!R
z%HPR-fR>#%yUzZoD|UG!z3f%*)gjRhJ+AloxS3tXO;;@(yg9a1FSwJhiU`KBd^KQf
z5WZp$cf<S8+mRQPoxA{8mg>*(6!;wBP)~q^RttdSH;}_q=or-%U3y7~`<>laF^BVh
z=PW6QV|kbbij$vXS=<8&GY;-jg}w_N>syE(9&{!@i~#7;)E5>aFYWo9Q*lKA6>c&a
z7AC@<%Uo%g*YinG_%jBm9Vln>>DnD&CGIee{KO{066x~D`v}XdtQQn@HTh96gFUOI
zdJy;ES@Ve(JdF4vDseBcgF)syd}Lc&`GE7GM-bckHa?6F*@ZH&hmzG{sFcI{a(?~`
z>X5kP9pS;hVFSTzm0)zkEf$&KC{LhE=p@&(!Uu&E_1-Abg!q&0LbL0O^i-RNv_<ec
z;>#9Dnt;BGa<EYL2V#34-lMgVTXZd%VFp*-7h>wbe3MxeC6P(f-1i7Y%jVjou@^Bk
z`~{Gf^a$ttoOZGT!McG@P`sZCjzo2Wix<<?kyib+bfSNz^#g#8DE@tx9-GTdtk;ro
z(j(Ch3^R4pbBDjwc3^n$8&E_W!-oqqmZ22(C%b^EV3wrg50Svq@qWCw(~)7F=*WDN
zyL6)Cj|hcyO8P5pG8A`S#DpXrsn`Eg`iv~h7QG6t|FCp)6L|#fWMlnU3Sk+%C*oH!
zm)UR)`Zq4?CT0bT*=)Qd_;Fo?|7_ntr+5&#jiIXbQ@-P-Up#c-_$TcF53~ntLqKfb
zeTDKOVHz4{MfU%vw%5-Xjxzboob@i4v$W^D5XLQj!MOE0v?e|ODHieE7USP;m?EjY
zrhtYfY850jMwajbWQ2Xh4HkhC(j{dC;MK2E#ikUh7BQzj2;&w5v;Yp1DB!xN05qr2
zi!u%}l6{^))X{bJdRT*2Vu;Zml9FEuS;anu_Kxz>6sS40Pmvc)JTbx91Kk!e2>k2t
zUM+hhcD2p=C{U0p<AQ3|T)%AfapAHC@`1o>DYp&I@1p<`{>(aWK$#D*EilbxE2~jQ
z4Y9kRT52o7Ld5RK&2sW`t4w#Huo71f^4f$W9eV>IOjQJdX+2bs(QjKa3wCg&BQ}{L
zULu4UV-d!PY)mVlbJlqW@cQ)(yi{F^@#5s%)RQG^%WJtpt^Y^fn+M2sRQLW@x4Un5
zPtQnmHKXp4EKQGWOKvn8A<Had8L-)G_F#u)Mv9Ro%LFOlCNnk(ZdxcW3-A)02r%zO
z7?B7P2q7B;@&W`1OV|?P_(x12ge@cl2y57q0DhnEIdyN}9*u<I{qp<c_r_M=duu&)
z>eM->PMxaqDmk=jyUy>fFZfm39D|dVuW~5r)`I-vtGoqf9PuPNc2$-11#VpJ>pefL
zRQ&A-uuAU5%g==d`d?5ofBm9fgC`hN{*U@R_8ESCFnyLcw+LIHksflhz4SmZZ$Y-A
zu=Ee}s5NL2BTnp2i_Q<j_)^JXe3k5e=Fi*sD)s+~i1N+P$_Lgw14~~V#M?cF|5N{;
zNx*ww@1OJc=kPwgzyB|M)w(@CMxxoP^U;Z3szNk6xq>V$+W_@qCcT8Xr-t2nWXj7R
ziH0JDFrr={n)(_|xrG&2yJ{IVF;4oQCkGTJXm)afte&?X*|KMC_SzmZvzHx0L@^)C
zi;27U((qnod<rK%KDWN?jPY3*i<T}Qi_%ckgQf06HDq>NnSG<gVB;dh_`u{~tg4ek
zY9H*<4KB>$p~IzF)&D|`I<CQ1>a46RePU~EUvQqN6y4WTIl6?sKb-d?Tsz;aVn*FX
zYdIj?8eKDc`D-cF+F;|_p>H1TKEg-5O31!!%$FkV%?z?#9R=r5S9iY8zUM$gu4@@D
z%K2BUJlQ!x2G=iujw7W7z!a4k&wz=ltcB6pR(Rc`MFoW|7S=P9=*g7zMQ?A&yk3@U
z%j}Xc!lD^Mv}S`-$RcR;g`p6>7*dKgqRk66+r!F^?q2+t7~Rn85P8Y<Pm>&O=u$y;
zby`MVBkgq<f2*6|U7GD|i(1pweL9|eqFzbsel(V*G>xTK=Xs;SNFJ><F-dOWQUEWo
z*6MB(t$4>Qe+0nBIK)~ljeCNnw)|X%gv%b-<=V;wSW>i(=e+dqK~C0omRe-_Ps>aH
zCMvQu2esD+S?Atr^8k>EQL3>{O-I8`5ZvKgFQu@*loe)ZaC@3q`US>PCA@*83QGg_
zg-z2gT6uq=)G-Q3$C{P$LRtxjeb)Kr|4`%@%NS`=jHiCVUExw%qb_qajpl!h`Ek}X
zDoWFI)s9`I(IuERg%v5*%FG%Zq8uQvbYi{EowO|Jdd#`$`iY5jg7Z<=r|Uf!Yq}ZB
zC)3HfzrDwp0+1Y48`2GP?<=5colv!|iHNC`7js+@ur9;ZI>Xgaf<pdroG;Yf>A3f8
z0Drvm4-8M)^_yuElx@2`8w)y=zlG>*p|@6|9nk!joaV(791qj`mN#r>a6@AvzOJ40
z+a9;k(}+74Lqld#*noB2MI-_|tz6Z<;yT3pa9Cm|7Edis?cZ`><DolAFdW}z!?ttp
zMH>+$@Bl_g7UOcdGTIuO-4azfmbSiF^D8g!yuCJk{b*fmp7Ssxj*aw1t&b+vCh5XK
z#11h7_0nx3r?|6QEns}kM6hVcO1Gpi`QnxVZbY#2ig^!jQxo-Q_OVf76^2N=(j!l(
zGtLJex?dqHVwK`HQ(WAW<di()qQjj!NYnygtP0P-CYc0FSL~d7z5V9Hdu5?w_!Ee`
zJjs!XbxFDwy75MHeM>sB&>p{5N9E}_KJFLV+0msg>Fgww;V^R55abQ^G_veyO-Oz2
zQ+T;Z=GghnoO0*~Do;#6H4`QiVw;Bq-P0g2-tO@4gu#0|;NS~EVb#22orbdMv(^Ec
z^lOfKetZ15bR6ih6g`GC`YUKbUn4H&81VjA^-^3B|JRiPUs@UPWdic~S<rn{UXWXr
z=sDE&WuyO6|0_h~Y72VR!-Lw=sG82gx~(eY{xZ&o=TdY3tn-!Wk&15CU3aby<`WNq
z+Pu5%Kt*~`AY`}PX%B5V>HtTWCn(bOkS8)|<DQy5z0Wi|Q|g9fuHmy_^U$0(^o#Q4
z?IbJ<S2Odu!ezjg&lUFaVL3FvNTN@Y=PSYuY(a&&t`A~Rs0KQ<^mB{l0yeu?k60~t
z`%J*w8u!#QU`+iH_!@JBEz+`UFlhzXPJ{^pSC4DaZ<OhQ%4K+hwz&^`86K9Gr(!kL
zQ^LSJZNgxLV3p>vo+#@oWymg{S6e^vU)t7t3cKbfKLGR}9&LrDO7$}$%@ODnonggD
zFPrW`1Eomk8rWPV_@|U^{!0}3xkl;ccljK_cj`5k4oJY5qRzy{*5rMp_P-9MnGxwR
zwa@1<=HU=LStwt;LB3-@y8nmYMQL=;b&+yB81S7+^gPNwyKl(V;H2O~0Naz+BiSdA
zzrUt)nJdQbmSL^&HGfYKQ0E`!D?xdd)&V)worLyQqeml%zN)cR^e1`G0EcJsCz<9v
z)#`#Se+w=nLxT;cVy|07FDwM#613P$-vAP9aoXFV*dOR#V(kDC%F@hkOGvDd1)r0v
zR}>o(p6Rucd!u-XD+(^UsOTOV#P!^7ttk2|zA2n$p4K(b;(jmmnXkD%qb3HPl`Viw
zynMiy)aUNH5?oal8-B3@IFtvIj1rfATUZ;Sk6K_~Arst5a|F6!u~4?E#$)EZKnk3$
zpVpGa6KIr$6Zf;Oa*a}F@87|lEwhsFLU`J6)e03M9lffSHYh;W6D~gTL;F!$90)H!
zcOSjmLB09UHAX`R%yK}1+Io`$yG?06$otR*!Ovzp7jEDkl=-mCzfR3|Y)HpY_8(N{
zx)epu2qnW%GBJ*ZoUTpBlf{~TPK1Vy+vS<*cxVTTNwFO$B6IH#;4w|gSd(B7lwks~
zb_ih4&)FO1$yP^?M|VfA#&)lZ^<i#Ru|DsAQ(UREd@*Wn|69(X6y*Hr-#tL#h5I(X
zvufzK6<V?>TmRp95Bkvzl?HjP(C*)XcNglv3!My%f0>;+=q5^=%lCrK!OHmfKs-b1
zoM{9P`FhY@zCp&^ZWBx{vfGIA&2Td!(~DVczE4tp1hdV5@X43#Hn`&q>^5fnykBOy
zfn-bx8e#jY6%hAw^kBEKLK0JXD1_1QMvaCb4(6Z?!*@@~7C4gJJ{{NpDQE`Y3_g`x
z^*IM5tc<Ni-D0C~X<Z7*ZWvJ*x2R<*vnPss>XiH{5#g>i>483t{wRoKEIdjN>#wr;
z51L&)?tPE+?(*{RxYgHJR;(x>FE%F^i3*2OS2a0AMJS=eO7ukN;oqDu4Kik_{n8VT
z%*Pw4C*s4?Oikc=fu8EDo;aBBj~i#h4FjGEAs~0658_A>w>pou)`%{&z+3aWjBY+*
z&Gr8Js9BYo{qIt2+!OM_s2-WkSKdA{c?%4p^vI$J9l)M9y0vPfaolsviCCEFV33*8
zQiDDzRu4Muv4SkO#bE*o^8@PxS2VvZLJGDQ;kM)x7rM>Hz(w~cPd1m4j40dwQrD3?
zk1*6Q*XcZgw}S5bK*}BW^(sr##KCbEW`QZCx^O~M?qtF8EacZdRE!VPAs@{yeJ~i4
z=tjorH>^KGeLZ2HS(4*DOslg#(MSec&qnltV;eC`x1P#PIX!i0=sE6G{s+L`&SfcF
z>SfjqCn>H|&ZfSPv=(}IipP7AA#u~GCaY&`{yl)K>8Pr8#e2xyl7qBZ04YoE7o<H5
zDp5ZL5JTi*Hek;Ny;qrE4AXJ2y^ySo&J$^iOd2pFz<L`<aq}K`J{a|93EeH&^a0JQ
z7!O)QQJW0cVBV-(t9=S|WcWg#bY7kF$2u3je6jVEESBmOs%CItC&=(aH?fgx%xsq`
zNZxToYLHx;`zFWHrIh#jRm#gOpvoF7pn5e6s1=u6Kz+SOz98T9acx}Fq2vCF1sl#u
ziIF%M*D_T#s+YctOt|qnR7+nj5R#gNq?iLWg<fH(h^7J`&N6!UMYFqyd$-8uRxO3I
z3<9eO2sBMhRay%SRe@59eF38o0xT=bMU~l#?)uUdK;otIwCG#HgAGdLmiK3s2_$3l
z;C1<k%=(Ej`7tA$GG&x^?21d1ohNHtXzpDy-V7fZtoNIWfHg#>KDf|kTVHAW){d2n
zD>4()k@aYKJ?ug2howH2T)7FX;o*GB?+Fe1fMQ)0xbPK4RRDS&TBA|ATo<U(X5(4y
z@eo#t9#@K@ZyP<7`XyC4*&o%T)i3jyY!vl@Wd!+<KG4YZff|W}Iv|<fp4qcL4I4wb
zD$TCxWRhotZYo;Z1<Yy1tr6eEW*vk)3HSFaUQ$>BdUS3}F%@}trb?g-n<~)&Uez79
z$317w^oN_+x)}T7&(o;O%P-9}+GvTYU}2UFEJwNe&>*C`vxcp&rHdh2b}<C{$7=^!
zW$4>^10+`^?M~ELJ*(Ntv}XIeGSdD&v&ND4Q+eLF$1+rTCtEZ1Ou9E<gwHdga7*tW
zq-Lg2?W=HGs^aqTogDGunfl7FN=g$b$~(FKyr=GM1(QB4^5)bD^r*O}cQ}+iGAp%6
z%7eO9$W4cdfGZ9YInP7Y3K{x<Yv*rd$jeI~vD|`?%Z^4#Dswu@gJFcK6wkvGWb#CT
z?R71jn;#_sJ}4tkcvM3vv|s{5x#vGReRN;Ce!7D*J#c!)bbaTiY~1A_jR~Zz^=peC
z>xv(f`e^ny*yCuw8J;aYy=dRsG_HX5_xq_O=&ujyxGxs8iP+Qw*z{c)Q2_1L17+ko
z=Lq7pYs|hG*1R;Pc5?loo>mL?GNVKnCVtqP<{CvlubL${G%hnfZ`A86U3xV>ub06}
zm+CIrx>+WFiscmKkFwb+m&qS323bLpKbU-T*;9&s0>0sUO*=QLeR0oF*%Ky_7qPwQ
zUM0h=ZdVe=+o=w--mv7}X&L_Gp3vVO=Tc6+h=*3>YZiUSbsVdQWxxZ&m7#l_7*se~
zvkGgf5d8d572*hmb#Nr9nELzcR{#H?{+GF&7f{&Cb)n&ffS_j3$s(u0MQ7fIzUYS}
zLI&1o;6T24QpXed6xVsWp)T$jy;;zW3t47`sXEtiy`H!yy3VUZ!&SdN3K;*xV9feL
z+$-*>kF78CVtt_(<^YP87^fwi0)&!!Sa87oW_6EJxO3cnGXA}Qdpz@5oC~LDXe~K7
zWsHzXoTpH$Tr$)tUbBR=jhPgvvdU2rCUpdnX}ksiB!<?@1*ohwasg_MelQP?SFP~L
zxS94!uA<4d#|sK$+|zgjXKEO$A)SLZ@&H41azMz_oKnNs;mD+>K^2*8L}?@o^rU}8
z_kmUUhbMKpn?%2jJ?K9QxEa)Knn<B`!$BCaHuv4=8n`N0C_o?0ULuXdM_^Dz2P@6_
zNJLdGW<ve2m8qR<Eef!+#L_vEwcI#bMp^#hzalSqmKLwx4?YLfYJzL?@IW1+SCVG5
zX_Adz3}aejq4Qm@+WG=k-G1)Tg)N6CxM$AT+60)8WRXCTpkrU(@~Dg@3iPNThbodo
z6s-uYIdu~gOjZ>)5r575()hfEg^EKxuu`=X0IJO(Dl&+w1KFY6Rp&w>ANr|jSuV3O
zlN0s=CG{%ox?**ci&n93nGf_FrW<3@TEpHc+ndG95U(-8bZJ0ftQ;FLj776ok}xlN
z0{e!jF=5TNnBL1u*X2vGlFW^zpOs+#d*<P{K-it16n?ZQ$5Px5o5)*;({DNY99^#S
z?Wxc7M)%ps1g2p%`}i-Go@yb|(|M7PzRq`8W5%j%`ft!a0aW7_ZfN6HnrJk85uri)
z!cNQ(u$t^OK3R#bq|GjSJI??+Z1xQu%Erz7s!H!^uWYVVnq89wDdi*F#FN+zh?IPK
z)EQ;MPQNGIC+>HU^AM+0wZV(!Y^sd?tGo)FzfkTh<-SHd4uQvVR<a0y?2#Rj`(0A?
zoRKk1i7WO5|NV}qz*oFMaZmbOsaw;C*>RL`7Oxzt;V5sz|Dvw{G+x$|euFw7EHAxA
z^yC(j*dkaxTQm)b0|(=tRHF8}6H-R}m3`OA^x-^e?I3FHim0(c)Yyus(LvNGQG?O!
zqf#|BF;AESNj12`OGmnxHkeF^dm;^=V4WX`#uTNcFX!!9df0DfP4n>(+nHy!9@Xk^
zA%9_+c(Xpkn$vlD@9B3so5Z0J|96!ZY?3y`bH*?=$mjtZR|ae%!02dbex?fZx!A{P
z*LSUN0$|Plw2Eo=+dT4_&`5IWOGp`}LfOJHOUQ9gV7Nt(>46xP!4-nF<eV=wbNGq*
zsVD*WS+lBO^4G<2R*-Tamob&heK_I*&8);waJFb271pVrrQu*2vX(U1(9ly8i|f=w
z^H@dtJoXL{J1}XR{#>Pz>ZfS+wP|%tz+DpkIrg#d33s8-&c4p9Yzt>uXBIgy9v&%e
z!AQfPk9+D(8m&IemTr*1_SyLvTI~H4f;M@O`b?5lT{yFbzlD&hr<j?th3GXN1V|ah
z5zIp*?dcn7P97kQ0y~WroRu74>-?<n9@2T(rVw`4CN%MWy-=&?sVsVGOqyW+;LF!m
z*dnX?)crmVAO$*g?k~N356f{Q6o~|d-e7_Y7|N0lrSOE={7{*~?(o;rdJ!e)4p?`h
z&XO9%`0}!?UqB;f(<qfUE}Upj9XdKg$lW&{I8rK45iov;@4KS|3v3)-I5Eu^-a7g^
zVZJyAe2w=-@Z^mPB{|{TUam~>h6fIBt%VZqH@uYYyxn~;cT&31WNFi`k<#W}NeS){
z)~{u@xdhN{@#5n-qmZp=Q|I~WAkA~)$aFBu2@bm#lO??F(d#BFq`;N7D>QJWiw5t`
zXm+j)xYx>n9V-K7R|d?j4A`|Y;NB|(b}OLV`6ac=`D!_uV+?-Z#$dtu_oiSp!mD13
zMaM2A<L*u2V;diP#{45Q5-|ecvoAiK^V#4uYz+<hE+F6jzTqOc5v$d?<M0!5UTFj9
zQszD8JM3=5R#4m%R(&1M%9-q|h>&jJJN*6u9C1$x9qW$Meun@rDYwG(gqfxmG*q5U
z1&ktBR}=tQ>w&4@RwoGPKr~VC@i)L;jc&J8dgU2Bv9O+(H^7*nl`|w;6mL;-FBXv%
z-HYuTJ1wI@?!~~6M8D2F=Wg{MUW5hw*d&lHSqC&O`mhA&m0ycr7%Y?chvxBdPdKKj
zA}k*I5^vDpz(X$#WjXzb(3+i-#=QK)Go6v=*!iT)c!1HX6^_YnF~-MFJ=1v^#ejE#
zmRBuW&sa8K7wRiEB7pXNUFthlzx203W+VwIQ?;^aE-T=JGe13wr=mHB`f|F-NSB?O
z$cjt8M^{T@lIRJ7)ORq56v!CLta;v=7%X|2ofXhZDY~Hg?OAiI9bQ;y&it1Q$dN%M
zBSk;TP|1i_G7>7mj5%Bh4glw>q%y+c7tM)Ln>AZYMvIk{($TW-$4Ey*4LBMM*C3yQ
zcb>f&Vf@%g<Y*B@O-@>in4;u$$gFDb&)j|Y-I@MY@Pik_JhvaboXj#mcuSoT{lE|Y
zK4mbOK=<g*=9K2?&6T)t>WUAduDlfGO35VV@nK+@=RC7e4JwO20uIC*<~GDVRqBCG
zri-&g4g$yGYO_}F{Hk#S&n2dH=_1TjPRltqG|-m1;t0QD>#tgHe2EVnr}!}D#Hs^{
zR9Nu19I51&N_SqY)M>HI#fi!a{I4xWFO0(tw6RisJNKq0=XQvqRYO{JI)G}^8Wb(A
zmsU?K$ho8%oH7^&9wC)f7W4rf7?5E&x`N-tZKY!;-J}iF5gT<4)~=1{8m^HHd97&3
zQ!Mm0_r5SN;-2_249D1kuVr?BU9F~73R{>Mo4*P!mwgx6+)DfgKC%i{3!SomVr>%_
z6(r0Ml7Apl3w|r<T3R88mA6#NU>e`qOJ4<qjJk;dwkKA>_Jm`5B48VfbOGCPF3(5Z
zYS`W|yUnq^A;b0tDSsP+^0y(BimSP!4j}OYpZlN)#83%sG;spY38J+Mh%E=vR#aed
ztrS)*N-=_%N~g{RqK2PWMK2lO_OD!eH1qgu90VqLCJ`9KCb?y2vBJ#GQlJwfor0ZZ
zW4cj7?RO;9%+L}KQPScB3&iOd`dkwID!sKv`~#M9K^Py2VWUy4hOv<tCUpFXop_ZY
zfmOv1WxR2<UMf?d5MkR8ToS35jOl95rt-ut3M5HKA!O#>=e}$|2W+umgOmSsg#W=z
z5J^6MM{70Ym{vUHbT60L24gnoIg~}=()gXloGFEd`E?NvofBmiOF{FC&bx>992pM`
zdyWSDFzh+%yoh1To+BH*zURp1gwlV)nu@x4a3(zA*&axr54ct&-D)jy9u`P9C`_6^
z94F57`JgelIV#Xd_F*br_F*{4J}gGco*IyCd2&H8_zH?30>i9UtEz#r?SC0qO6sfS
z&m&_-q*k$Ed+CFaU>9M}$qStKpDZnYF3P@{F1E*akJYDlP0vQW?%FoHzuunNwNqca
zcU_{#6}$G%UYRWYbzaKse6sYB!Pkyt>63%6&B@Z|248EFrLPRWpd2Ydt;MO%Z{p9|
zz#>pxev)<;7)+fv@Y<aLP)<zhuIEErn?yf<msGt0iA7I!{+P%+!)p93n~qDjn?5e3
z9_oyu<C-J1uQ;yRK_>HA%d)@1v}iBUL$3Vy83gn%9lX27e&3Y=_ai`KWJqULnMNJ5
z_nn|d_v>%<?@vTNtDq+zx5E4q_f&iE>-P`jkcYW5zl<mP9yt5wW)nHPeH%Qxc5Rae
z&}P;X0hC)$;?Aoj%rcx5<_t>ac9eU)>Wn$VYIc;uJi_wkdl6}~#>^Pc^KBn>sq<S@
z8iovUN%VB$%A!+kwQ@gVpR~!v$k&OoI|0=FVx#v3st}|50vc;8qqAG#Z1`o!#xROj
zQVRBlk+gEcs=Pf)st}M=kH5{==PIf<?#<I)U&`cq#AfF;LQCBF9eecDptz?F2j%MK
zYyw~(7)g}de5&=ro`HjRj?G@~Nmq?UXI4rtQ;TWVEY^LReT9d6kPJ8Sb!VQBE~#_N
z;?8M6`hFRL0SSX;G|W$H2eEFl93T%}!ZXT}`zmjm$_dML)KiHrqn^OGM4D8<GEQi@
zsEn2y0$jNYQC+wEJJi0O_)y9@sX1TCClbnJ8?%s8Y1xFBWJGJ>&awJ6+5-fzoPK}?
znq$M|&AZ$_@&(GXvz;gV52L8KJ>|pi;r0<c6s|0O{Fpvg-du6L=;bT0l3U#F5gci#
zeDl(?i3^T29eIx|Sz<flnW5wM>_5o!`y4;yhfG(=Z;AbgXd6R5lDZdDHZ*2^-B@~$
zO8lB2!pidi!CdY?kOzZt1rJeZ;2}fvdWHKKz5j2m7^6w_HTYiQwEZCErxHC`5V@L1
z?uDb#uyZMxR5Z^tzueK77xT-#g2cSb(xM4v`wIMUYBR^_l->2TmYG<j+wE+*8&2&^
zH=G)7IG1}t!K1g}h9gIq+zp4>W7yU-*;mzgVR+8QzzxTJc^^!Z1NySHrmK`8IOV81
zbINgQc?6%e%$uej`CT@n5%%czI&|dVHS_a%nN`_YwD_h)B6Uuy>ib;dp0HlZzMLpA
zWhW(fc$Xs$BXe-(LheWM5b}9haZm3ID0>7i8vp9NonhI3sFHThN8RZ^*mC)=f-OP!
z8<5R*HoX5nsS(!KPL%7@`{8_IVdiQhCx49)P0lnp2CM$FKY^B=&SH@c2~Nm6#?zwu
zq2^Q0<cSG%e`RDIv7SSs*hHL8OsC~V-VR@f&#!IKQ(_V@7RnRaLi)R6V2>mhk4M?#
zX#dgS`4~O3o_cKY<8k_MDC3?6Zw_pp{_&PX1fhP>=22686aX6a!2b2eVr)T{C8qmS
zMgO5r9ZG^rHe7U(f3EY(*HVPC=@6?=?RAP9FevtX5_Y0}`GE${JbdOI(Eb7K2NgTo
zDO0vy%mEARW4VPVJTt46!vzxOTSi5mmVLEBfbinD&zmfl!tJ4N+T&?uL0fE3=m%@F
zoUJnpy5t;}l9*}eucK;q6sqx#GyU?0e22sU<U6Ei?mHwr*jUMR*<s%y^{1BW#6(QK
z&~O`M?mMJc^BvO5xqOF;<+#8#-&JKB_8qc<&h#CUpXG-n596MV_nzp@998sUjw*U#
z(xGU{Rzw++wfhz)56Qa6Q-=8kF~54qa6y?vkQatSkY2E(Wrfl7L1Du_KW{>(a6eu5
zr|F65#630G;M0r2rx)N;bb!wsX}WI}ghfXh!TMBSeTA>(GTC}8&=!i-L`$ABUi4Vq
zMjajjS<xu`xtoj^AKYX(;d-pzsLHk|efoE@(@Q0LxJw$@QPbF&3>{8KQPcvJt0wPw
zTUsifXAt1<*hOamMj}pDMZmLx=fjX<h2?B{YU@ysblxGXP_~$5_ifgR4u;Y*2rj(?
z43R~IsnNj6YQ?HT{+_cCA*S=LP>3lCR;~vHP9euNlgG}Cbi|si7<;K{;)&&qA!HQ%
zX*>aL?;evGmj#&kGUD@|!bS@mUV-TKWg#X6tOXgAN(mdWM+T|q7H18)y;ocqYTSqP
z&IAG*%m7xiFg_YWCD<>;jtRYLKo)(DLSD`GJ<{`MDG}3JLRV!;?rb7qkLn{in>m|w
z|4iLc#ahQMvK?|Z@etF4N_H-kuaCK(2Pg2_4PJH@5ZqpK?x#QiS7?lweZ43$_1;~>
z<gm5at@5z5_X{#q-t>7IJ0W8vnR|<el?FNN+$tX%bJX>(#(!dnQqrw;6bp>Wxuo;w
zw59uI{TQVNap?1_O7t!A)-|pMzGvY;72z5_C9&;YHz3p?ONlXhrBaDfD#blgZ`DDi
z8KpRfDAJCUmO!52kx|N-X%zwy=T0p~2+jd6TMa(rHgbNmj73raRuPS{0=mk0%R9kA
z@U_q&3o{7Qs=~W7+wPx=EGR*xhL3YA7jaK&MV?Q@A3j!BE*#aKL>@%&bytpQWKcEW
z_UBSG#48_5d+g7vFJ*n;!buQiA<k12&Umv&)(5TuDag}i^m1Pc9x3WDangAwXc<;W
zo=2)yb#db%bhGR4#O_wO7oZfKPpr$!lBw;t&w|ww{uw37qVYBIu7&jGzF_?m+dhVd
z>Wt+J3D-v?UBTH?9AVFKi;{Sf7$eozVT>}ZqX(2qY<TXoUaiKXe2zyQZtYOofWh#@
zXep_+4pq?|Yg-Pt4m2o<<E|-5N~`!ImdlS+g9(THDo1`yV^+?(5o|;8zy``41~M>G
zhJ0@G0zU3@(8rKZf7vXMxzCe8uASHLM7{VN(7E9?D+7LfWxx{%K(-IrbyQw%*Lg2>
znV(I;pmSE28r3IrHEN=})EEFg4_?)!Mp0mCrAy5qM=)ySE;WjQ#ymlgvAJz1?tD-q
z%QR_;OS#mjHMvp9d1{9?ZE!tHu|CiICX74o357q(*$>JWaF#^>Ncq`04vILte~rbS
z#lOb7wWl7Vz3QhRtBVH`D0sDV98_-5e>lg%dfl4l@06z?tuiZNw#Mw0WXXq8c*0DG
zDpR0ld7y+Y36K_h#<B0bFO0!eY?J#aE_2z~ulKm8hm-J=R|YJs3}EFG!@>$0R++2W
z6%_9MeK-Am4}7Q!wm-`|Z2R-`A-6j%T}#>dIUjdHi1|4mf6IqK^B0;${sigbo*G6+
zs5#-0P2J+2)s*?|R3gchwZ^wfeN}Q#hN6le8j6NUtJMv!XLz?M!74-13tG*)O)-G(
z3C<jfcWNklTe9&NXh1l1dudOdSC&!H&_npd?ppNHIEvP(y`V{yaQ5+Iv1b`Sj%KCM
zbqJUKDTM=$k&l%+wWyOzaBlKSrWQLN2I6gFx7S&s7$j>cS!;oW%u+omUKxd?>a4sU
z)t)d;r|^lmIMkSytv0Pp`HGYR28FC}C^VSenEUo<{<$n}$33-1nzq>5vjSRIt5u#9
z+U}<Yq%}FLao!7cvhN_R6>ALEWOt<qHOh<PT@1eg>K2Szqj{!%0SHF{kf85gDo%F}
zU;=`hR`2ZvJhnW<!JNw5Auzy;Ek-MEp&K~RDq}xqM|fj^@P;Ft<#8I{pz#D0o8ORN
zN8sC`4x#y49)J64&G$BkRZP)n5^+ggH2z;gqfjIUi~#{oE!Ks)n7MDjkBIMfqsO6y
zEl&uohNOW`A?LHBOf>2w8Ojo6T7@FkdQPV+C3HZU795~aW-Ng`es~&n;=H|rOV1FU
zQsWOtqw8`YhG_IV=cZB6J<%{^PK*l8X=8|7)6siCtHa%uHdZi@bo88EFgAN1b-~!e
z37!3619xm{F<q-(Cp6|n559fGu#6rE7rSm~W?5St=iYh_!X0P+IW8ILcS;#T^7A?R
zPhr$$^7nw=<DMQaf3I5^aByY7Ap*{jzbZ4x-%|83Dokyx*a^ZT+WV>X+NIWSbGxBk
zJZmco?A_F1!oIUm#X2ByPwzpP%`DwOCXX;{{L)+aE*!o(?Qv84!?plxOIE}pSL@gs
z#raDg%!{cmu3C_vu8}z<qUiV3D0~;?@EA@dj=Of&Ly&8QHAW?MJ!9jme^@=k@($}6
zNpun%t~VXPz=(V57^JVdBU20;e!!P(77EVxXBUsLP`G1K2YjiFTaS#)!pnTRQETow
z--CTVB3i=<j}<K~rd)%)$S(CU!`cV4{NaY8Pk<o<DqHVYuK{5I)cY{w;nqgiaP~51
z>wF28*1w(%pwj46=Z{XPy`9eyg@qe0GN!C@&s4I`*VqX&%0$m*X(c8cm{V(=uag%0
zUU(_Bt{-26O+{z<q1w#d!FA%DFDS{5L8XViQjLvi>U^biIfq9(HWcfnvMI*13cj-L
z3y3BK-%JGCc_GuJHJT4TmLs9IjN#~0ZPm51z*Vp%Be*oG&5-5OTk5vXaBviJ3A047
zJH|?(iFWbQ_a@caDKal8rct%RgC+d8Sfyed*EH7LcJw=fHCqEnnmz~iV-+lo?umYr
z?&00!@R5X&<EKIrOS6fP_moI8^}_e44M}q=A^JQ1ia|P`AG$9|=R!6Z+t}Wv*>-1}
z_8Xghc#2#@FmWVqXHL;xlBc%-OWz`W5x$r+uR24?n<Wnzw7CeY((hiG-U6K0&1B`r
zMqeY|tqryb8J#3?=uzSG??}7B##i&Uk+^kRBc8f#G~RgI7_O}>T;TtYM<2@7{I8KP
zDy6mCChE<Jk=bW(5>~r?J$gjF#bLB5o6;Hw4$|e7s=ZXwgrlSgNz!WFUaF)&G<`iM
z!L|<9c)f0{);e6(%P5wIL@$k`bvPZJp`uS8V8o^)&;$HlDpz|3a$xmt?s<?x2*&y<
z?-8WH-b1*4#w@~|id$*rR6La?r{axi^_1aTJ7JpM#+TB@mo}P5N1I30!r7<Or1DFx
zovfd6D8c2|qiR-YQl$pu2M&(b(L4_v9ILi37w|O$_3{8}Eu$F+SB4Z+NwJLf6#xd<
zte>SQ&=$;4oFY`-v@eL8wO7Qg`YV919JPV3W$<;r!zi7;o(ltiRU-@6utz5W9Zyi-
zmKk<g+EVA=J#lHZ#Ij=vIxly+^B<%w7JKX`8R1EL>hNs`DOqE?Vs@pFzSQ|oWhfNA
zB7<PLihNT!?KJ7UQ|iVBWCWV|tX>xarU;lS25cl?;~*frPjf|?tnU@eEUhfFw6e_7
zDrHup>wt4(24{Pw#BF-bq@-ofQwaok;LvD**urW69YP)Km7xy%aHyRGBOIPt7bn`C
zQ5WKLIR7ZaZiLGVSB6qonT2S<n!^?9Dn~y>yUdo>968gF=6l!Au&@0n!P-|Cw!j;m
z$cDE`_>>v2V#}x_NrI1H#eD=TGU1JvI3!p6y-}U}sA#tm{W$qvBi;?XoH@isBANVd
z2c$-I<VOf_xY+CXM?N+lLiy);KilvDs7IHY5O~}ge7E#HHTa&=_r}5ZMh%G9N`g0U
zQ|43U7SvH9+o|#ty;LH@sq#ixWQnAweC(8M>}(EoyFf`EQ)<5S;1j7k|8DWUV^`;&
z7+S|Q{!D-J{rX#!H^|?(_cS7RZbT02rRj?nteBkF`6S|>(|XVd;@OSybmsy&6ey7=
zP27zjl)DdnOsibiB@ok><(dO}C`&ojPD5KlLq*j>MXpi!n&L`*;?21_A-++H4pL9s
z+HUaL;tZQ<ZKni~;(cY|s9J*xaMW;JCR18GP0bsS+oaR77b73o$Z=hY-n%A>X1u<m
zG##xPQ$N;iRDuzZ)K_3Miwbsxmy#{x14a_fpCBVj*Ox(JUvY6yNzo1nf1&VuI)t2T
zy6TXBn~ve#bGm)SsNKqFc~91A3n#nGwMK4I0b}*fH|Skj9AfLIIltg~9LZeQkvjHn
z<mx;NSTIj^*IggAP$cEMp&V)DWSSJpb2CL2Q$5+adr-QiO{)uO?KJ-MLC7GjQk=;$
z*@Gyu&3TzZCE;_c82}`xI6_`dPqu46o_$sZ!WsCWrVJs52rL5gIl!&Olj&FyWTbTG
zTf<<ErE7t4taZJ_xfXdfbNe&QE8o|S4at%o=-8@04LTdd`s7eW^<=4f;^b)JVvZX=
z9$nL*PJB??w+40MgWA3|s1qO5_N_r}+9mjJ*x@6ZucK<ty)4O9Iiuw#GbcFTY3u3q
z$AGqGoVFBbwDnWG6lrTK88g~aT-;MqoIo<d(r0V<vzepSQ@76eo(?p($w|)2I4jA8
z*wsi5RC;Wy*i#@NBUi;XPfn+m)6piV^8O)16LN%vikYCW;Y_5c(z^-0OWHu_=w@?o
zX-?GV%TDMcM(7PAbk&vCPo^WqVr@@Q7SqTHJqsDZn3axFO(Q6OP;xo~p-U%3$wJp!
zFg;O@OQNn5D5kDGaw7oRqdQT>v(F(M0@R5_KNT9OQBdq9V9UsTnj=0%>JG*fq`tlg
zH2WzsQqKTgpH2YfdXT{`4UxKbS^QZP&3`+m^-r##_4c~P{2K`i^;D}1qWJc@1OMkl
z?~qes%gUU=-Vhzwbp8K%!Hgzb>(dp~Hj9In_Fje-J{V6=ic7vIH@$Ca|752rNfYfD
z3N2@$emz=9BAKE)%wVYbS!reSON7rimM*}uka<}yZ-CMCyATxjq&-s)9pL`cdMPdl
zK0^V`{*63LHu}9|VJ%F#&1PYfyQi?kxJ97GJw>!iZt`&1<MY9=?x9+Ot*2t}1|KHX
z68BUk76*wY?e{PcEfBe+xXc5^p(2IB826N0x78c4)za+-ZzXy+_`tK&&v8b0H;R{n
zTj{ntPIGsau-K?z^1(dN#l#lMwut<k+aCZ>rK*d(tGer3&O1t-6%-&}d5*F~+uyFJ
zZE%jVfZ~pCJ(%-UqL0v?aK@m@cHrZlx)7d=xZcHCW5ZZ6Z)_D%W8Ku7iKIg__`7KK
zF?oRd;@&fq8^Ji@4LN?-cW7?trs3Z5t`jEI`@yP{(Tjo#>x0(Io}DEwzv#+)+woag
zA6)f5f@e{jk@L-ZDU$Qj%7EpS0XGp~czzyuzCiM<uz0rf`V|`!Smla)Dl`}yx7sNV
zR!ayTTExzdc~AnV*)uvWipM-$=%Yx@7%YTI))&^H73uauzk@(c{ZZDTl`o9NB>D&1
zoUKDEB40;qthi3VBC}<*#?Wm7hWwuJN(+U}%-C4CO+dk`twO6<q>u&##zyO#p2GZ{
z@)RVLE3mli<4K2NJyB*pRE9udzXX|j4=H^!yVu7M>IOzQS+CHHQfR@BeQ{~J$e8ct
zjCnY?+zG+=V|Ai3nSGg#bQJs+d9$D0cm{8_G40m$p8-V5S)Qh<{w?}gTkiMt)Nzi_
z(M#M@c=vo#c%GkCXtV!p9%u4wOFKi_oM-P=E4&bRc3WSo@N8AJ8qZcOaZgnic(ws*
zf%KW0(Cl77x!VI&)MhZoJ>@o@t(S~vC%WT2x=>?JXYa#{hk171T<oWCZDm~?t<>CR
zyK~t%sg-Y0H75Z)@y-I(0!9r(R;4D+T@&ZNAPVWlum%lSXsqPj(uDt?6*Ufcw?Kn;
z>tQ_QPiPlyW5zY;GrUUGpF_O6fF0xAD!_TS-g4f}Rj`&fpwpV0bK<kKc6){gwW_<#
z``%iprmB}S-W=#cLD>7S#_f>rhCriJ^(gRWffd?h%xlM^1}aQvk1EOMpzi_)FZ)6I
z3ER%Ko-w`8Z1~gB(m_<0EX)>PY;%e$Ga-D}I)Bl`%vT+d_G~|R^%+{v&kI_qJHMb8
z&*eks_{xBvTN&_N1vLBrjfdu6L;8@)9q2=}Q#^YwPxJqZSvdI-9l#{_A3-_WY<_j?
z5d(Gv2e|uy+6D!)IkDV6Z?-ZcsWqAq(sJ*8CUIBQh8^NUXR1t@rY{mbmTuOWuI^NN
zkX}|xG6fC>qeh2X`@hJ$C-88HK|z^T=3kxr0$Bf-lr-+?;Q`O%4H;OXA{3Q0TKaeT
zrnsKhxlFXeSQ*k6)lIAM9(6+8Qx_F@k9DpE0-5?VgUmaP##x`nJ>@puqnC{L{2+bN
zy4aT5;5^E>LSMA9Eh5(!e*i!$^hKrCNGw3UlIINc#X)TYo+F^(IeHk+c?W%L_ilQp
zW%{Dx6W`ATO4LR8D9=R8A7HIApvaohc^?5V4Ru{ZM`=qzRK0aGUrJVU^=9>qTQ>#2
zlp@V+wZ-|YSn!sr$?E2e`4}B|P*^P#^HII@svZUAqo#z$x%{?q*`VDvPg#2SYt}r|
z$mf=U59IRWXCTn$D`yEt@B&^;R+eo{Y}Ys|j){Fy$xc1C^MxBRhZ#G+_!Sj^G4SCc
z_h04%UpsMSh1aSzKL$xVRq_jy6k~YtUexB)Yk@CJ%X$V;&q|8z!Cszg0QHP9A&A46
zC`VV*R_PT8qT#zKRgha^nsMg=0J-!$Dl;#(?8tuANH(v9(fZ%{u5fa!o~{R!q8ZBn
z{n+G|CGRc@q>z~7&9mg<cUtGP`JB2`P!4Sh_`v{m9wrtL2TTZE^tfX!z}P%$z<Cnx
z8+jtYxKq07zk>P=7x?TJ(siF?ARA7d&uz&oSq0s~ciGOeyU2L1fzw@}49AdHZUIN1
za%6EN;W|?tZpN1KLev6l%tk0o_I<I{bL%ioXsA89*m<y)BRz{>i08fS>q`HVwsedZ
zrSuB*R^tN4@(jNA7vA@wP2|bg!d3XXmfJ7|B<j>zfE+C~xxa;hW$sip-W+CLruWsD
z$Ozv13tsLAHiba;2Cb#&uQ0YAGtFqY6=-d2{i<FhZC|LDxTkL)J-@ax;Ka&+7p)9<
zF#*0N@?`3CnlH#MxzDNMRv5021(FaH_f#0PWRLFE#IWVR#UT`oh*IZb)&qQ8U@RE9
z#bx_|htz*3@DSrIti}782XRl0%E#fAga=#3O9+p90yoGeuI%vdX6G?R;my9%0G$#M
zr!SL7dKt*0-=oZ;{Q`#Z$-Pm|Fx1-aQ)!G07|NLoq$itNYK2=wCXiNxq9BA=nd0<I
z193IM^XV0(4g`-XNAT#e;{$4}y4N-Usardb^<iyf(NhRrVJW;T7;j0mleUI+E?nF>
z&$yIu7)ON*4t>90BK)YKq9Hr1^JA9p56Op$DZN_NXL#44Gfb|)*jBnPTz4004OoZ`
zlmMK6WF+DVhv7DWhv0S!2s34r8Y(O7H6P$WbP|M{(TpwJN(Z|h*zGSAn>oW6in0%*
z+3Z7I+RQ$z|DSelGDlyvUU^XL+a5Yst1qG*PZ^Ba{%yirx&KlgKEAZ(crTZOx*6Je
z<~(vxU)i~s?nrN<5$7_M(W=Ki6;fM%Hru4T`?Z{5NA^8KU67Bh*knquBPw5ak(6%G
z_+3&C9Ic1W81b^F_uGh*Ymc&)x(8H?UF>Y%NHaSse#d$6r}JsY4z(joUGCmM@{v!h
z)j=9F40e}<3Bqp8xOxJeetop|6>Fjxryr}K`&6sI^!Z0A34dJTa66U9#v_fNZM);e
z8|mcxv$d*!N>Q1|+_ba1mnkf~pVWJ^|LZ(V@8GTo%49nVGz_D~>TV0b%zXbO$J_J^
zj{}^}2<LjxT3p+-uX7z8c`8#b{3KPgo_w;nhq0tF6|sy**`24_Ff2e(x|tKWL-#&{
z?$sCF`$E$L)r?>vsdjHA2r@v*Av*nYpcHlXQE>m|q^B7V%5^8C4f;?)c`Bq6^S#$=
zS7W}?{|CJH7fE9sZoIcjTefSgZ_2`4XP;C1$|Y^fHK^IAd|=^(4&2dadpy~6y@hN#
zWT)_0;0!J!7C2o9+?}*XJ+wVq2)=@~{17}|2!4Fho(#d0h2ZP(5DCFkh2Uo<?ad*0
zvx3`=L!;I9hQnjE`gOTXt(e}i%i2@1F6LB^O$+wcKm(s=(|UQ9AwOD;6TEO<(s>HF
zKR8lr47r7CL$s9dk8pT3W(sX`l@|@GP;+mCqpq!V4vH44dZl#xFk0l^vJA&@X~nsp
zacSt>&zOx<gL6OQ(u#9Gb!;eyRB*_r&I@Ik+1~Is*14bPhkov7C3-mZy~p@Bo6^G_
z;2c@fl$LMG2=iw2jw*L->8h=Pf1(LjMhdp<Pp!Dq>E)DpZ=?C1Mp@j`kPEW-M#i;&
zx_0JY9ETkDG)S{r<DN#i)(o@@L+|FeVOc}c&LMC}blel^X9YAn2ZY)%z(ZxE5g<AS
z%Eo=&mMEa<Bx<qL$HVPi2$7<_3-?rITO6ry=OWt@K1jPv1{({pxcp|RLYrX6`fAo!
zZIhV94{Fs|)~c+C;Z_Zl12&pU*B9mt9b*9-EAmyQWnP=s$yIFDx9!Svf3cz^18qWW
zMw`$>@+gVkOtUW*j%;<q8t<4fok{7cwz{D=NFV2xzZ>dg_<|us+pW*+WEmOH-N|?g
zc_(KDWazNcvNEUkZ(1ysHw8)W+;&qK*)I)*007=m`O=194)O$jreyOub#pF3O8wtd
zl2Z3QSjGCM{rxZW{z|>aJw05?{PrLq?kVMhhrgOvhBvqzIyXh-cHd1&ORs><4#ckU
zTIsnZpZ6(U&~rI60D9fyW6Sb?fc(W7@(71Zi1P|65v^TerIbmt+I^oA$31<<Jwe;-
zzMr7&4lPy)K0uMh1f7-S`V1vj7X#uvP25w{$f4RY70a+-A?^Eho@s;8l6k83Ph??&
z;^sYI8o>q)+)tgXu$vUtosyH#Z}A!T^n24ubb_JkyfMSAaaftR7aE#XVdKtr(XOcE
zRTO{59ACYcYdXqM>b_UVGfl_7(R8eqz_-6nf3aUqda$A$RBv*IW3_{}!epdA<xqG7
zyBlfnDw#c@5npIAj^o8Tz`i;mYjlWXZmynX<SEkO@LtY3P|bFgLQ9qfXcXblM1`u1
zCWi4Fj)(f~kiBc9n1QxRdK+Kcz*F%5LkTIk`jventzBMIvL(__?|9t6ls(zGNu(4N
z!^&Bhuf&H0?%##%GW%*aj#piaFWtPMWb~J5e80;;9A2jXU7@eif1MthN&lW+igxSQ
ztPJ=a1vLAw<zci@)Th2#(5JX-k+FP<jpa^HjdRs)Zf(i7UeGyiOBaJ&8vET0vRuIn
zlEgJUE(MziGlanrMc6>hY&I$jf}EyMMsT64HK&&kqfs{E+O)s*e_udX`+vYAntiB}
zPmvrQX6KHxCg*;lklV8{|9VLQ$}n}YU2x|^Bf?~>>XR7TJL30^zDC0;n$`ASPZ73j
z1l$$o`$B!r2jy!K=KI2Q+!NY^jv+g#^_vAUK-5PATeQ-X!ul!h>C5DpUb4CW4_XIP
z>2A)obueW;V;#)Ox8euuU}u5K*1=TB%5^ZMmw+EM;9ToqgBl0I+)7<=YSf%}8#H$x
zmmh;h#68hB)=K2XZkO@}?3mi5a_T1K^(JpUSyAtDF9r{C^15fpxAEj%U?|Gh&d!3N
z?aPls>&BKB_e84QhiKZ3P%^}1__>n6?NyFq6+NCKNk}imil#D+!N#Bm;Z25f*bW)K
zg$QcZqhR<}i=D`VN5nhhmJ9pWD+b@JXE9;yze69*{-5iSO-U#Ff5c~|59r(m+0yQ5
z_MwF~x3GLBA9NfrFetke{Q_m*SADJXa}?qHelLtB3{Dt~agp(*`@L>xImn0USltHd
zNZnY<IQw%lgP$^rnKYJOMaHlgXj4*5^u}|N&T~!ncYa9^ct7V(LVNcUJeW1ZJlj}I
zW9hEE5C?SUdQMja-}!=K3kPE3B#ouX-^(j(b}nOXGQuqcdNxYa_8cv>N9|=SPG<1#
zDjn#*K^>5^Hyy5SK6Kqo$-@3vVb%5|8#_h`y!#zW_(lcR+G`Kj+v^p0`Bw>ilLG70
zhbe4bbfEty`iy(Zf8M_S|MD+o<m*rUOF8&@vwtZAUvJS@=m$TBrxCH?s69SWiDvJY
zZ4R<6ES{{zbq(!tW7XNIZ|cSJ;NY%^iz+$Ddcm68f2%4`0CP$qr2l7Gz;p<BTNcnB
z4IytQB%?(=gI!4VaFX5=z_r6-_94?zXDdrjBiKy<rmNP-XLf;b|K?GKjfO$f&YQBg
zR_Eu93`k#zj*$NG+Q-DXSNln;;h~;}`yd87zhHFZqsDIy@+6DCOHhVMu3aaO2M0wp
zsbYT!AqzI*$SZfUxtDwU%F%C?qUiq4`$Cm=7`>@ugYtCht)lV79I>lp6qSy^`_d6@
zgi$zqd*rjJO~{|10ZQStcq1cCUrv!Xa(t1#oGx$Vd~|&U>by~twRiIEM0)hVGZy;#
zB=lW8s_mIW$#sydk+8)onAmsos1aMe4&oieDwx>!@ZhN2L$&Lm;z6u}iTw-3P9LT!
zy?H}TGtkk4b|H(xXXqfVb<r!WGoX4JLY?Q)H4a|f6FFM|y<v6tMDAIL)z{N-$U?kA
z4HpmLOuA6CMv{ePMdx+pMHegcqKlPz(Syn+IBw9P*03BZI<G4)x>%VPU98ND9#p1N
zxx8qN@u8ygy7Honm3h&{%Dm`7WfRCVFIo&^sOY?|yy#+OUUacCFM3efL=C?145Nkv
zMr3RiEkj#uU5wL879sk=F}h+ANt`BGgt}Kg`W8{;P|hquHFHpY)gq{)mPHr<-W*Qr
z+;sRE=j|J!ZjVy7exPc#yZ~S}X8#5k^?8#Su!yBwU_9BS2O6XDRc1)qMTy2XG)c4q
z4U^|6Ka3+!ZRx`JQSJaofXvaWXiI0GPVymL$mvK|w51Cu(051|a(W*tnsf!cC?uo|
zdGA?Etf}X*I74w0l_2uqL(0v`jhH$WUiG5kNY<MbCR!F=^Kf{Rz$5)w-NNf0jxkHX
z5H6-rHvj2%`>=0^eJZ0NbaHY4!Z~nVk%Ohl0k$O)7Vv2GCI@O37I0>DCI`4nnREd^
zR$p>Jf{Z{zMHm+<sJ-dXbvMR6$+{aCG-MRG`LH*uJ!z4Wdqi?xqN-_+605S?Yb{nn
zkXTkrEO0%ss$|+CB@c-lfyP;jvn5v}@EOJm`vV9>xOy-L&$boJt`ve1u^v2vYrcXJ
z5(G=oT6pY=5YnFYr*zcmyBggGtiI0dJV8z5IJdaDZN%E0@Dz-CswH}=xrw0}ohmk4
zz555;Sh{ha3FTe!)TYi0Bt)YfZ_-lyUy}tb^bUXgjUJgYTI#=7pXL7hcw}Slfxu*X
zz@`^&K@e<fF1?;{cX}I|wNn4eaRN_on_BwoH4&j3<DN2mXy*t^FhMmi-5_5xnD$WF
z*nX1oFSRjk>g3>zfp=3)!6(TluMI8NyJHzM;qj%>-ycfEH6xuXrR=<44dGr)`}lx9
zx+gN7!|m!mUyOUg$MoUSjqUkE*Ew?Ho{(dwV(O*JdJeiZ%1HM`K^akS1cIc$+zUN+
zui$TvRNCJ;z>rcbDlrPo;b@ivtGVBB!2vPcdnq{8F-ST38=d6iI+QSnM5lcYpvgCq
z=~hJB@blrARbuPEX#NjC9zt0)Zal<1<pJ1nLuHHx<I<NOIOIjA$qk$vdpI;Qv?Z-t
zn{#MH)^l&3{jsyc1DvW2y@x5EL6Pd}K+*k~C>jP{yNO>dw1KyB^y@sIW3=wzZSjJ2
zWE@atJ>k7m{EB;`*^M+xa4Z}h^jm0B-1{pc?BcVd2m5*lW)Wrg#nyej4=Sklm;4^|
zv^+kfuaQ6`+4gzh^!@tpGdR1yN`AHlmfcxoI`efYMbA_>=#QF2d0TJ3VfmRiJfpjO
zuy2*cJ(1wnXLJwWcyOtE_+Vd^XK4>E-EiX#Kl$vZ=dfDZ<r{8#_MyW!+;p%n&{iL~
zW<z^8)tbIddBThq=KD6Ry;Y9gP>he+fQUF?LO6Cny>H^^b(DFT>&Ai~@gaaAZDAAP
zAdqbL`5_jA7Dj6Ig;9K3Ixhh~jXGyE>Se5&9BkBU2gj23j0KF;stcn@ePN{9PP3#N
zLed&ZlY?WhPzxCKJ?G3RMP(QOZ2|4Y99wMYtUCT`-nn(d5V$BuQ^5TIgPU%Gj1DCw
zr}+`@(tQI~S6=@1R`|r<(vlrV2f;lBEPp4D@-hBs${pr`^Y9(xflA-~KIwzg{}3y*
z$nO;*3mj4W`sXS4fzJDW&li8S=!E4?Ul{QonoqG|ChchX<b9%~xQ2U*@9wMkAuWrz
zj{~SPJZO^c>utT5wK+LOyp}YXlbgUxx_1K~qcZcMby_k!bOpL`YAwK9W8(9bSSD+I
zavG_9UzvSl2d`O(+g&GUU!gqg&~;)n-d~M=jyc$a)c#gu{uA&~ji0}x+_?8q`}Oya
z@b32*o>&OazQt#WKV^wO$?rlnPho*s3dO~}PYkE9z$}I0;@&?Dr?9{*h2k8rLM<Nn
zF^js3U-r4jy`fKz9#bL~ON$Y$g%v3+fV8S|McS#AX)S=XYQT!L8&{^a0MZH_N*nhC
z<|ZY(v#-~zc?B#p!dGHG3lZK!AJCpbUwK$f<*T4p=!QG{`pWLyX>W8(;oeDh5^4|e
z^Xc-{`aG><{p~no7ScYjqVuitJfUV{f+h<%6E@DIJ_Ft~VII#pE=V(Y%}fM20wF8&
zd!LG_s6A<RyAd58^806l6pfjv6~HCB<<5~){4F3a<jU}r0mn54UYrzCYflKsiYpYc
zT6^j`d&}B`9B)t37=-TLhiX?N9$>5n2J>e3l@f(~hZBxz!mzK$7vB~Yd_4v>ok<(K
z;$44Cp39wg4eW<9+AMv2SSNGq;fNo<<W@m{FPINamwVJ74C``!s8s*&>DIWX-<_NN
zdFzqZo-}*)UW+;7J{T`guPDYXko}LV7;iVSB8isaH&>XfXgW8Uu}$=5sTJliN3Dmg
z={4crX4#u1S}m0=Ykvk8kYlS+FOwxFiBcWg=C!NQZI(o457iL9?_n>OZ;v=9U5+Ff
z$wIw*f0|zAw3~SudRGH0Wise+F|Ws*x+-9KB2A`@07I^O2wD{aG)zfiXV5{5dyfJg
z(+;r%$(mYp6R<qk@E`ZAZ>)<ur$v~W_V~m{={3<2`_fY^PfxK)J;hoR=VR>|H?xcT
z;-{j;SG~#`p{m_GOno_m2X*_Ot^X_75*`xjS3~ca%;9KmPh9*h49b<`n)5MpnN|=}
zA(=HRk1q(REdFdFDvLjxfJ$;P`2R}*g(m9w7kM}?vXDYwtim9xs|%=XPI4(Ud4cYO
z!sUgbYu8^Ew_HM2m__X>x$dh(s2OE3H-oS~yW?4b#5uIv01T|fC)lEUzrW%lt?_g&
zWp>O+E%iT5E3_Qrv&?e;Ga|>y{%3ha6~a*pIS0Jb|3?KltiCVj``Y#t_mn>H<)Lt;
z58>tLr)k?mjovN2??&L*LRH@VBJP)s*&mO4s&gloA^sCj{{jt~&B9+{?h{z#Uq{0U
zfMu6AG-lh>uS`&}@`wlHSEbjqd?FlCPrED88>s(bL-o_FNv~h~9)1xJM(2N(RB+x~
zLaAp1#aMj-7+ZddXCJQ>f(&d2$kz!lTp5rCqo&C9AP7BC-67WGB(ixn%xmwnB{j2i
zo#N<GK&Jh2K=#kHj=mC?xs(o9V_{jH-vcq;X`W;bGF7dhnguHyp+1&<mkMY1zm;+y
zKEO-&kL0P5>?|ehB9laFRE@2THt_?q&Z_BdwfdqVOzq~p3R^hCF{;%UXtV3Fpe>9=
zO6Tg#+`9urme)G7bD5|w1VaX*p<4G%R6d)1HS68C@@=@TrR7_V3Q&f)GNKYqPB2bb
zF~NLQx4GAgXvdXmhjx{D>CN))M%l)ZXZ29+CFR>c7-%ESWOpMuBU#)N`T8=n1hME;
zbb<_HwzI>d74Rp(*wEcbP$VQ_34IHPCDnk@-0&*ktLYA~ykO{0js{k6_n|_^Y$p`k
z{bTC|3U#8lL`f5c$?K<3jpa6FYP~j;()~AJ+exnrndGI{v$@WhX&*?1O6#pGrd<<N
zvvTwNWjoXV3a=|<fl6jWYr1b163%G52Xyy3qp?PGI5QFf+qqn5)M<(q>PdF6F)L?E
zpQ8<!0{=yiO8@gbe2!S~MN`}m-zm9|niA)HM?S2<7fMBDLmiufvV$eM0k3Y1_n=ys
zR4_v{I5=h3&KbUCi!797Y-^|>uI+K^k|G+)O73)TEw(0%aaE-APrna9e3(>%7eK)0
zdD`i$<0`XYfoq;!FzQ|gztNSK6We_Nfd&TUaCeTC8XU#4yiR3~M;zfZ+EKYiJ5DXG
zi?56qy__rlVXMUdtGCa}M=d-fe=+{yS$<9Kt)<;7MK?R16u!@-94ps|%f?tK(tN*A
zCiDHP&Mfs2R%(&dzCimSwJ+*X>HjMaE6-)wc}`P`9HO-luGFj1n#wHDnzFA#YYG;v
zeT3ly>=}V*Y!_%vWo5KBC}<_EDF#}*Yq%)mJ<=-ztqI;$XidQaHvkg%GWgF%YlCt`
zYnDA!9rB)q)~qe!Q)i(ii$4dgS^PO@&En5NYZgC5YYHh9XieW|(wgNv3$0lRD`?G2
zJ(JeHMCs7lm-VRhzrv$HYxj3rQ{)h>g>a=_jn-6Vf!36L6<SlUXzeq@1hRtGR8~f7
zgMwDlnqr`}PY)NhlGX(8Dzv6xfg1pcdl~#^qqRXfqBYANst$S2LTlERbI_W_pM%yc
z{v5Ps@#mm5iyxvjg%oK`-)GXA<vR<lSqUp>%}aG!EAHj`Dy2hfU*qBWf_z=BG9BsW
zm$|(cnR5a5UVX_|>L8}t{@0bQ+C8NAf8#xxy?^QElb#;AHcfhcjm7oufjs?WNQ#N~
zs~AAC9bPU=3Nl;31RAbHFGRn5gu!#`k;<Zue36r9W9eakNC_{4xNfN&MZPMJIUP5W
zttiEJ%Tmi)J9aYC-lVi&gQ47#RF5vSjxJV@?mvPBG0$Y`>)0lH$lf8Wa9u^`0@mpu
zCw<ODlzKpi*w*GhM&Sf2d)yN$@VC<=^J(@d3fSa=IqnHZkhv{E$sO9WDwM2xWLZO8
zJvh4SfGOF>c5aO7SjU3vkR2Ii`!J(fbZ8=i|0L?}M&E0Xr%yV1mCn}2QRW(*2e`%@
z4_X)#O=mZAV%|oCa80MYVP!;ju7PD8_&Y_D1D4EJIyo}or@f!dS0iTV`^Zj!?z6Ou
zBjI}gSi=W8cO`lvsPgsVo)VOF8g6W_1_mBuhkbUua2viNN-`5+_9)4FjjRV2Ze!`o
zgE4)UvcQFbY^X&4jfCHl-pnyWIyd7+T~8(mIKpt8Ng=yV@PY1poym`f*KRv_a6B%>
z9KSsXYf%-+quP{Q4g4_H_tL>CsGU+0i<;$A6^vS?Qzd=eM&jxeMw`sL^!di8E4F3=
zNKtg`+up;1ziI9DIo+}E48kqA829hRI8afH`;THA_$bDG%j2xw?e$)f#&jwA89;et
z7(?KPU4hqeJcD+I?TYHthd2lCx-puik<~~OS|e&<+O`vyZ}!$Pha$$8Q*{=!wuQYn
zAkxls70slzN7p(3vF1rZ;CfQB;yQPmV5mfBS<#~e!)7CpZOvof5WKgY+SanS7H?Db
zHpSaUd)vs{CVSh&+j;hO-fgGY);RwgLT__yUR@t0_1h-O2`2K}fI9RTT|ZH7vEDon
z#p6s==;<_}qb(&zGY$wqO;iMv#$?KnVLo$e?OSypY(@vTtT1^!rTRDvJE~7%<lIbS
zL4g@K!2#{&E^Ti8C0N$&YZyr30%lGK567C@TrJz(V7=yb<X*c*_V5Q$PZpTn_h&fW
z4Ne~|oK{5XBWufL&gg6~O*Nm)`3lh)#VcOe*n<;tGSq0A%+W|3Tb_@EfC$b8Ux|lz
zVsXvT&?s>X`6+%{3kj$8-c~(0THbgYE2L><3dA@OffJnx``-bC<pyiyZ3jnN%*ppe
z^_Zjd2bI<VWULm~hr+B!SZW2yLaKF$*682K+Cv7&7%)sN)CJ1Mh1w}lQ9n2WCRnhg
z>o)~PM^E5*wfA3jK;*>kYV-n-^BCa{)DFBga1YMqN@>%cDu+UUzhJljDv?VM_#>pr
zS0zm<vNza38R1A(ndQgXp3(URjmnN#<zQ+*Wu9t`@No%Gpzvxdfx4?x2_vA&f!ep7
ziYuLODkD}ZwJd2iJKxrKkxZNxLMM2-TaQdF!cdhZ3urCg=2^|e;1q^yuFl}b_&)oy
z*y%!5O{hybJO5Uwxji1rgXwvNA-epd<bsIAFr2&8{IX|_l%J7o>3oZNgMkJTkqzXf
zJRhrmVVjkFS{h5EFXsq@uL$4T?)(Uw`;ISNNiTSmbp;k3d9yT@j?B?JmYQ)e=-Bb4
zTb03LEkl{!Whu1SyYEwqLGLbq4dBY9xbqzWS;2}_G5%gM7y&b5Wp^CN_HrK=PYWV&
z+Z`XygT<PSRXgvygUu|y`TMv8L^0;Gc^-*~V$4(XJQ5Jan4iz{NIdM=9(V3mcSbvQ
zAoL>ia$XI$ZwF?#50<*$MRn@`MOlKe`#s*bEU;PVz54FycPHwRp6v~0ilZY&Is19a
zQbe=Q36X2<6iLO5hnPblW@^{E@K!ux>tWG(nTJ;Ldh<@0c?U54%JC>N2d!NexN(N>
zEO67(yaLTDA=4No)2<}RjO^fEjg3AT3)Q5g`?H$BC!Je4R{$0$qgV$lC375b-1#M5
z7`Ir9IW_&S+<Xeoe$6H-hO-m?3eHNA&iD3tajEkXg?oK6iwQqlGW4(|bUNT*&ZB&f
zJ%*Ys(bD5-L;DJAr?sbWr;O259Njx>kMFlXYg0PE4EO;4Ne3M3Sm~x)P__GPE%te0
zDS9MjJx*ijSd~DuW5sn}q>Ks7!@ku2-73T}%B>*X8ZTq@>hc>%Q>!k&j>q!7NfEZA
zQl4;e7tbG4xux!_NudiQOUC{#i;^i0Cg!@Qq`dr!YLsvcdFMZQYUp<^;L=K+mn~)~
zfq-DCa%k}jC@q@(t78XB`0bRszfFmw9A{rLeRn)M_7uWv9B2Mdl!L=b_f;eqt254n
z2W_c)S|L&0O6Y!3)yd%7eJyW*GdkOes%g30Niio%4R%0A9T1e=omJg<RG%$Hvv*-3
z_BNV-j%-q;?kg#tshDc%zMnEp<=nNLfUDy|tX=ft$gdglg`+cYuc!g;?dyla{Zq93
zQl}86X(M`6`VFg1@K&OSfyBofzwB9}o~7w2NhbwTI_V@=ew-YwB7iM)z52RZuNm4V
zmw$uig>DxAm4D~eRvrTD!%TCeP;-bxHLkwoXy==t;j|9<9<8DF%68A1(r1eKzl&VG
z#`1GPK|FQ+Sj>`UtgdH9wev~Q?4wbz%get(L97p3=UPv9UnvYHrB?SXykv4Up50uU
zx_GQQ2-dzD%>d(B{r84w{uXID^Ec|Z)(i!6>Opn>{e(o-W9z^~T0PnQB*k|Blpko2
z^OWt5xt*6Y@7Z{*2#W243S`!_^Ip+Z+SrH2F;-2-yv+t(11)!K;TVU3P~c0hov5MU
zk9q03uVwA*gHcq{wJ%}rR7=-gJ29S)?;J_T({-)ujZ4^h*y{mlluTaYyfnke=3Sg*
ztr=Kaw-pf%y`K9cKXG0W3?r+`;yCPj?*-(m8l?xBx*^>FPL5Wm%B}9(0tTCDldvbP
zhUP-5R@x%fZty%_Eln*BVub3cbc)D{#Kuk?C2C{3k$`x%GXFwUDQ@-=jcjWsc$!sD
zPi#U;ZbH8*MOT3QA2&J}49}6s-nrR8Lvqw9Ft)M90V_@hpF_|?Q-50xH2KcW-UG*l
zv|~?#Cma{fk3Cs$>I&<R&bS7px|(6kxQL^zJS#SiGd;rY0&_j0bklLM%rsA5lFdGP
zf{!Bwci+LVz#-%g9&yh?G-^97>S-k1za}{8{tds?&J;nTwPg9@`bw7X;$ghgE&0NQ
z))$W2x=!FtBTT%GjZ;l*zs9>thLnc0OXrp-G!-0^#GvlT_|sa-dVsYHSCIi%GUOds
zkvsOr%g1nv>ud%tB>zM5xq7L;-Wx3ZT$SUevyFt%J~DoMX$e8KbkQ5pxJ*l8>98d*
zOZ^FZbS@%oe^T$|{suiNeWr-Pc7%B;`hczXwnDb<`@lxX+kL;@EpMs&LA_f6rS4zq
zU8SIkd_eD0dhe-5GcWAnTnqoeNVFTTnmk6QHX+9i^1B52<KB?z=7m(3tdD!DcIG!|
zb9Ue-a=Ec|jgp&TC`-<mzU2In{8J>~mF3ksXO`ENO3D8GGqM9<URyB->wb-;zbqtI
zPnf-GdY{+E&=P}eEX98eOpio=xrK4GCfW=TZ}Bxj^~78)?#|E$vq{`NpQp(r&1as6
zrQnI8-^?W}JR9LT8lEgO3w^Cc!^VDDyYxN1-;H0)a|PPX*W~-mjoUVs_T^yBbJT&%
zU+S@-X?Z5b!gfG{m};hR*>NnjPDf#$f_q3T1$P#3_8}9xYFa;0;~#E+@J>m7CJKa$
z2^v3!Gtb>sZx)SOrX5~)=QZ{AL@~HUP^-TDa&dUrW!w{Wb>AFVp|*=v=AS|*`W1ju
zL>w|0_xvS<BQw^|J`j0O1URjQHdULttnSt$Tsp9TfB(Kke%!>u2~YuU7`5iT6XM-}
za<+2FXXTWwltnf}7Cya1!io*c+RLR|-a1TkOsGtBcHgPyB4W~UXP?r7TovN-1>-i}
zzm82L2h96HDPt(d&V(e#4mM_{LYg|YyOkcBXeuCWCh6McPctZ&Kg7>Oi!(h<TG3OI
zRx{B!!=fxPvG*;K2lM~<y}R#DTW)vKp7$q-CQAe0%H7uk;z(&A6&l=VXJ6GykPAu4
zI2*fprON3h2@Q=3XA_AP-Wld$NpwAg_+;nVB3jtB&ODjkhi<O%K3WS@ozr|Zr}x%k
z^;!%$mcc1MnI9j}bv?`=>S^K>+e#BdzBR;)52|U$x&Vr6cBS#=ai;!4Wd&4A!O-q6
zEF!Oh;_7xu&P08achSBH+&D*FpE-6d;%x#GT`H<P%-C?MOi(aZKm@s^klmUIbuQ-J
z2?H^$6zF3DJvW_5*L#o@t%<QHO&MzRJ=xb+7r016rI@0I+A#ORbSyO0xkVwXl$2VL
z{MHe$ZqUO{ekea@ke@V-iuuo^;{~*slF@@ji0_A+E~I9#%A24*)v)y_rhB2ta#OlV
zhV=8&^LB1gWV)%IGFMfC<<I1Fx*0VSk|sWo^aaZ68Mct2K+>CMXV~5pa3Qm~E<Bk|
zr}zGh(eoEY&zpVzybgLc*^7Tw#YTy-U(>_?nz#kgVtIgxiqrbi2jHEZ7nIN()?x-?
z;B!;Rl%KUTy0#3rRIrczYO@y7__xl|+_<>5!WmctS{=iWboOyv?qsaBRI3LX4cre#
zm2jMjx*1K`2ihO<6;KPQ?j)QGAKT29oZo7I%`geqSeAY5m6L<}ApQKkigb>6CSr`>
z*lKclcRg-jfe4oCkRd`-6`cwiRz0%QdXQsrv<dud4`q}Q<5iPC!GXxpXmd=>KNf9F
z<3hVQq7z+`6Rcx2;-q>zdb_+`VogX|i(_@oKy6wH_;Yum`7GUvv8b~{5-0e-bSO`-
zXIhX9MP^p|&h5Ebsnl7cMXHU^5U?iEg$&Mp#<y;MzOQMKV>@eF`qCQMx22_=M{?f3
zrT0y|NAvHcF6NCgrx-%N!sqU-VD=rn?79@)xIFVIz247W6}{_{*{g+mYTUKkLXYcp
z&R**vd)JQH-N!Ck4>y~=<k<Zt^_)Gn!@e&#HfPWCj@{qFCyveAv$6DX3F{XjiEpWO
zc7cqsxaQ#2yI1ePT;9FLet+D4pJ2aF<ahatd0SA$%tEwTjqK@H6K|~v;N!LYDT?kZ
z(9gcbH80xld{~I+ewkum#y$@p<=zl~_j1fW(5M#3a?iSI(j5?J<|fUw!<AtzN2z9?
z^1VLp&e5c}XH|WPs;XUVWwf!U9uafU{E+)Vd+Jb_hk}>K>0u8+%2`O25I1sEXEE7?
z#42@pT`{qRB!$FG%ft`-oScv9T!7{O1b~bexF6L|7(P0Wnh`3%9r`8?lAZ0KnY5YD
zUMYG4xVzTUcK=gov!ar&+7)+e)Y@fv5WlJJcL||!kbjeHe*d9%d!RLKY<4^ZCI-Dt
zKFm1uE1KzSp;dyp65T+3Pf>lDZAekwCKYj#W19yDUGh80>04WQF290`Mma*VXX$dw
z#aL3So7G5!UR~ZnQp`u&l*8;sZZ0+3#WWQ#TWIT1>CYG>ZflYM$^oYvOVqP8JtaBQ
zc448xcCoyLiiT}dKS5d7sjSk?C-O0ie^u!wefGCfW`ug@WPL1d(aXCj1jCbtYqfhZ
zAKlCJV>-v8DNN!u$dRgNw|VVnsOO-=tTJtsU}3X&l>rtXz+<$11@Jv2vXKoIVZW#|
zpXbrqv#wrSLGH4O!PM$*p^^@X4jkzHtyKey4bj~PQm}}d<tJzFkg`?0hX@fqtef-G
zq{rpK%U2S|AQ%KZlmPFf#_UvDtu8-YDXPm4DTH$c*beKw^JycUhY3%ecOeh6lU1U}
zvif*Pc+mZnJw<f?6|OK79fudNFj{Kv87a+}NU;SJq|V%3Izek?+LliFD>wIy!v$f3
zyKCjC{U%dd($VKWRQCD*$jloN>HgkmnbiSnVaWqdw_ZrK`1>MBPuZoq_1UW<CK0U#
zi<lUxH#rf5fS_TIVBE4C3MDFw0PU>>eqJ)Q|CHTrhC#6|olRm=;qBA~4vNCuDM?R*
zMC>UoFGX*}$~(UN>-6$z;udwU@7TP!ICGukCGGM36KkXS&%@v&#JcBPS8Jy0ntTSx
zSc3P)DU_%zLVDmOQBCs?eoj`qcTr1XRwQGk?eXs46JisB)0&ew(3+F1g`PAg`E%DQ
z$D0$AQsc*K>Ey}wcsjYSpxli|>14=?K51Fe5$FD<)~uy#Po6g2Mr{eoFU@Av^rY!I
z>G+uu6u&kUFSXymmA=~Seuq!y7)^X2)6`WaQ%uun{sj0TFe_UPoj`T8fvGB(56CQq
z7X1gPXiAp01|^&}bfnCdbjhQ%Adi!PnVa!QD|=<6*%F#&;9{0B2~@I72auzA?GB-_
zi^2|ruz}_wWz_sJnX#QbU7^a>$<wvwNjEc|H#>)wY`wHd%*@^$OhavoxH;Xt_g~N~
z3yGujJhxp{qN^EO*W1{VS8+bJruH4Rfpv7x+R|3xNQC4ISQ=d)p2hLMn7Xxa)P~m4
zJ<W2Sem6JZ9^KEi<yru-5%vMr^}r1Stn%T?83W8szW?8iudU}8Un4(Ye9in<j<1;?
zZG6rA*N(55|0~DW+r<*@>G%qX3*+kvaOA^3gzS<W`e9`k!eZ`2ZXF+)Y)p<$js-zB
zQ7%X_j<dnvaz-P$vlp#)e2tcCJPaTQVWaH_ySzaB=TeV_J7bR3X#Tn41(*-GR1|i|
zbXLD7(G!$_H8Jtl)#Sve7RC^6$TRa+VRAqBXD%nOMy#8?P`7?2={gCDbwxqJBHp@?
z7kiZDWy(Ky2jJ;u_8=-|?uM0_cuA`+Bu0usHjQ-YGY}7O${-$)0TK_50dvO~VfF)b
zoV4MMN5Yw8u(A*hNIHpz&r39{ALJZ!&cD9CQY4&j5m|97qk~Y8ZKZ+ZeH|`eJw3Y-
zm<GZDn4XSsn12pcq9azKg`B?bDgPFQ{V4ofRQ7>kDl>*HBFnjXk;pDvg~;--(e~B?
zkvZr8k!Wm~R~BiE?TvPu?CLZ&b50sl-U5xy{9jCC?$h^F@vwqzbp*4I#!-V)>Pj{!
zTpzIM2g_|*QTLh0#VlB5a}caIEKhWzTGh?2n$Z=KGOf_$o3(P>0B14X%)XM7CT%YH
z0GQ5C3WgyHjC-0bv@jPy)tBBXMWvvYXu%=ZXmswGW*D08m}zMj^H#l5&8`izTkUW_
z*ki^Dw{su6j#)}N4}gxN*~ZdlRD$5z+vLLC7R(cq{ey@dt5xetyZi{vYxeRpF*5(l
z1!%s+bVYme4I2Ak-el0gfd<g<nnS}S%mEsW8G}Yaod*`7v9%l6_?gg<cKMM5XlUxl
zj$g_QQ*mkeCvn^9Zv!7#U+nbm?Y!H3s~l<X+S9DRZ~h-Xzh#nyQDJ=PDWITm2vO-K
z#bbVXA~i9A)oIBpGwD7-RbS6f_o(>?&C*DVij(e>2=)}6htimkf`}&*(Z5JAHT(C{
zBkl<*vzhlhyao7v5%`V>J}<Ids7NL^AkAwV6i`Tn#vQVjilL!29q-?LhM+D~&$Qbb
z*6iL$%yw^^TUKOWC`Xz|e8cyj8t7K>{=yb{M<M>`Zxb1rH+kGsQnxc^sEd1QD86!P
zxr32mt|!zGqsIV51MAN2(;Z;zQ7^(F1!ZPGN_mF;XiC#PLi%6|wej^O;*UB`1r$e`
z$tBvs;JQN%RGpWy=S{=Fdjc6|ZRE=A^e_=<Q~_fHL|n@<i5fH%wg_XeV=FPIsnOL^
zx$ZMlI$n9%hpI<XUmW3``!64u74M}D<;FAp+_`0xj%CuA`_oFeylq$9<UV#`F50mx
zZsqSwgMrfDA+W<3K`uKD#?d_3`6=P+j+Zk8IuF5>pwwN<Qfl7Mr-dq8@Gae>G+d0>
zeVQnIR;9?MSJ;Q3TC6*?zWN||-P3LSg?$L{OmIKgh7k7ziH(a9cLv4LI_{|uKWQ9Z
zrxc;zZlNRLRF6@|c&fN3AfP2ZawEDG;Cn^GA@M3P3Ht+dWCpf5mAeo3c|E<iB2E(!
zUPsd;)Vm+)2_v6-zC3X)gHG$xV!)yQ*CDB7RfLOoqe@s#FpK1GfcX9{K=pBuM9+f3
zKEvr;!Df+zRP9|BM+nv4m+2``YVSAk-nj<s;kMSfT2GT%6E3>6Ph*lJ%hGZ^o$OX2
zft%!~;u<41ok^{Hfg$v|dUp-cQ$mjxzWy@%X04O_l{$up75Q0>Z-xArB|JU3u}RE*
zND{|uNx;6z;KlatMd5i0&O?ts9$1l#L!b5LQM4j9Fk4n%Tf>V;c0TFvAz*y|uOM*N
zUuC1<BE5;V?WwFlEPv@bOFU3{rPQ-fm-$o4SWz)o?AeD!gPaX=HoBi<tk|MjJbO{v
zVC_!z7K&n)5Q>_>c7bUU6Um#I7$~ojcHfkzS5e|UThc8%Nwt|JwJ}d4%c}NDu)3xg
zIT7uWRV7P+WoXpv)G~HhfwbjB%RjMRXqs=K4Md&u<<!@1PHdfhI>xoFgFc!#ACuSl
zrUy-2fCaXIE?gTO{mc>43s@f?Scfv8FHA3Fg(GdJ6Wwpnj_qpaTcdPq=<luR*3jSP
zov<z4HurN*cN5Kt?X!<n&g}(QE~*cGcBuCvu-5UpkON?C0~lLJW~p|2sB3$=J*TaE
zrT3b9WpiStIk96FpEcHU>*<a`J;mZ2f!3e1=`2&B*2E0=prkuOu{+Wod9gdwopXPb
z&P>dubDA^#nW&4hr@H?l{IA5%#IAIglF3C|$<mRt)O+vr-s<0<wnUAyB-)+sR-(sP
zqS{#!U7TL5L>F12`dJd~N%v&r^jU0bO%kVJ>@7bFHc|Mlr|Xw{1iAhD5;U+&On)gw
zxnC8NZ}Uzx&L2g(7wiBHzR~!T@rup`&>jxDU3^73l45JMyTHq6R7xzmwb1>aaFnqG
zGygMq!3nXuNP@YKd}2fO=Ixm6OmJ(o<6JxveLQzA*PUW9r?|~ML`S*#8p&lmyH>YX
zi#H~+@z@-EGIPjuO3lvsh;8Kp7rKvTD<p^7H<+<|+a3R$dx|T+t!Ml^<v)}1+gF(A
z+IGind768ZX688Y7IS<zpG)6DfF8e?Hywd7868ugAHQ?E);^?LS(qFZIZome96;3a
zRL4|Y{X`v4pKvmeg_uX9mTy0*IYr6#PW`mn+kU`u3idc9_QLKLz|;2RnCk7K6!D%1
zmfItH>g(dpeF>f&Ut0WJ^h`h6({6oUnYz^32mAF<I=b`k;1ZwcLTJ*Rp`>hmt`glr
z`<D#=S^$;CRosyv)z*}()i)kU0`Ht!`YuRgS^QVP<r=??+EmS<EeI0C<4ZgLWM~Tl
z7qN=eaI|ed;@<MNZ7s~k?MGODH29Pg()R=|m*q6Wtqq0!A}DX2CrdOIHiFcHBt8%Q
z`0?m8%htB;dQjbdfO`pPx;L}*BtVHR+~8jN1-{*F-Sy;VcS3nCyyU!iWA-{8Zw{|k
zk}S-^!1&T>wd)i71h>N0R2PM6#C!B&S|EYpDEQ8B(k26Klc(-nE_#SQF@xvr(u4jN
z;AIh4Q9_~kguNX}wzq?+<<9dgdEyN@O3s4+y>+1$&KgUnhzUDQpf66}!W)g1SHn#k
zZ{}*Px@d5B_6w_}deT{tG}j^aU9}<{RpxgCo{HB0VKj4r#yd8ldxPtn4A*q#)UMGu
z-<={iTLHOc>78m*pp&J~=3pAWn<F8IE%I%RS|jW;(UzkL?xe?JMr>F?YQRNi!5Sg0
z#pdnN@^gVqH-FpipJm))k`rV6a2=Z<XOGtj78iYZP95e*$`ig<Is|Pxl$JLgzHViB
zTAn(TRyMB^Q5ht~7P-;XP%YtW$?U&XyFUjso%>39SChF0W<jC1wFq77+!p-oYKG#8
zF_`n1+Zm34yPKU(-zXAbjqS&IY6P?)9MO(CaLdxJKV9=o0==J~#z%o*n{>`K2!qCp
z&DeR%?iMD`U3*YD+LvBj<M+YeFVhvGS(Kffo0pzX{&aLOXqP@lfYUEFNm;Q_ATbqC
zA+5s*I`^CG@q3fHB#{wx-~*Z35T2+u**<$T@XU1l#V1CceWv5Bg%_U~%RZ*~K#eud
znvQSOSEX8;I#mDP?0pM>WJPuM-P_&w_H$<L_R`(+>K+~o?amG&5?xlKMx&?@6A`gz
zR-El+C4nT2nMD(AdmK??LIfP#A&O*Bd_Q9R6N7I>eBqm{Z=?9g>yL?ve_}NLG4Oxi
zIaPJ<?de^X1@rn@W%}0Z)TvXaPF0;cb!y_my@yQK6xb_`I2>iC&>J=xXM4Ez231)E
z=e?W^=dMt?S8=aZnFhX~YY|R9<0DZB2HXMO3aW42ajt*BhY4~2bO>C(o#icPZ^!94
zOwZQaIfk@fJ^<PHEa{gXbH)Zr#f*w5T-01c9&B&~Qt#8aF@p^bf8q^}CVfVe_>)eu
zTb&H(d|D<m%ijv*9ju<zz!aWcGlluFEqr}Q1T+>5Cu)uMi6>Se{b3xX$YEZXxYOl(
z6`(oeQ-6_J8buS$^e=h@+Ti{s+X*w-F(0>v7cuIKd~~q=W+;(LvtEd~RQ+B_KD-k?
zwnZ~%vK`Hit(v@y0q492R<Q(;QmUtz1N`4|@N+1PtI0W2F0LjFvN<Ul>o_vrq{U6@
z#Dy=x%~mFr+-SQHX50^AkD8tHgY{e9hTDa2(OoYA-jA`q^K!6ut<RfR8e#87t2G;h
z{aVpR!SP_w++Rd`W4<&y3+Gg!D-?F@E04?{c1&Jbs^E=jHQvHf<&)&65XunGd$#fu
z@ev*>>Q4#6fv>$q`3y~k%@td+EQg;J0du#*|1UU*x7UP|jQSp<bmv}hA)%U-i!~(g
zV>5csf>Z|?S;oE(@<8+1U-}|My=6*jJuac=DybLJV(zovY{9E31k^(YCl12s1_#KC
z1P(d`hT{OU&r#q|h;W6D`RuR3VbtINiQ~+qsTNP*P@#PR64l1An#EX$nW3E_FzmCM
zZZtbW7eT(71AWLBLKlAQp^B6rnjY4x(XK~A9;21yrNpSx2vh_=T-F3o^3XI^p6#nc
zywEO-1u5yVe6bD^OqAxM`GV3JhdXfP3>qk@X~pnC?(DIj$-z7!<bQ@N+e{IfEr1!d
z0Bsk(P^;EvXE5z$Bgh{1^#bmFUxXnHHkYXv9g3|#(bn`mS{R%Axm&rFfLx)$K^vz|
zwGei*@ZUy?ETHN{$m%+XTsj|dG-?^xH5fbr7?8!_7TfvVZ^hwJn7BXVWR8w&=)r!O
zLMJt_DRZXn_*ZdL&uYF{YEU>K5A&Xm-{)|ACFGL@>^HPz$<`3!G8N^N5jHH3HMZ9q
zkW-s0^cy+B0XNQSDz7k=^ZJUc?+4m7KCE51vZ8Yi1lE}#w8ftr&yP|z`8`G_<{ORB
z;j(FhVO|~0NJ>vIOtKS9y)=7@ft=#%WFEK4Ql{kXw@=$`7Tb5^dE{}x|GAESz{#~j
zE;UcVFAA0zx_w#R`5wD`5q+iKzBD!I#B)H_!|qby#{G(EXApc-!6QZ2N5d<y-EXI<
zWIeR8>pT2qp29Shss{%SrXHjmsh*fY-Lxib!ad+)Q|*B-kD+wR90|N_hM;e6L_Jf+
z{EoN9?4?I8yU8Gak3UOa#3Uo4uKy4Ob)7>)-4$s!mKb6@{1|kO(Idm|4u>1`>c{eG
z|Ew;uG$vPrG*YKo8sYZ{xwiBb)O4~5@L^^Bw2}f|OD;1oO&*(mSXkI=pW+cxp`-Ul
zuv?9?XK6X!u{qb{+=cC31qOjcLRPNWq0QYY`eLM%^Rzz1PHgUSwq4)SeIDDMpbwTl
zm>+^YCDn76!$2obx)jkdC`ULv-6Kt)#r!<l3Pn^f`&4fndVY9x2w_RZ1!su4HdJ(}
z!z`XfpEa1T&!vTxyxA~!2z|q0t203!r+V#Yu_q%q$rNuL1cZj6A#j(&Qrv1>Td-S*
zyBwEJCfW7fZ>EOYU9RsWyX81LaE@YqH&Bfm2=SO3vc5}ICY3C3%_`Q~a-Y97BlplD
zG<lvuMbeu@X11?IClv9_9cgEmpU9K(ejj;OrH`?p()Z+r%M-8Msav5^7@mbk&<~yK
zPfM4@;Z|udVss#4!i8skg8B%gxjCv;-V{eZ^u-r*PTFyJ9M@W-?dP*~{&f7=DkZ*0
z<L`+z!NU}2rb4Z9GKh7tFYh*J{h5mvv7{3MUFF2UjuVUr0iCOS?-I1}`J`#)nXkop
z2c!f_v~h=kA>JW)G3M6G-om4hhhdB$;<pjee>lFq*>Tz}$7yPBFG+rnxtAV@u7s#9
zEq^!0K<A$x>b+dYD|5z5t5e?#ktJu-2F9yUpRv-f&*T2B-(wBNRzMZ{SVxM@^3G{v
zJV3Sb+*l#jF=MoG$IOGJ_rv!Oc8|t3;NieS=#_cqn_c_G9-G1bW2Bu}m96|dzLb5{
z6uY(mz$-`z$-%xacrV6!^95|vu4n7YlWBTN1T98m4>Wl5<zReIh1dQeCM5Yf0D%O;
zi%v_w1D*hGxMGC2oHPUp2Nkj0mU}gH-P|P0VGXZ1W6_BNj$eSDUaf2?UL+9<K}r`|
z7>&@(DqOmmWrNw{aobP498h@DR%ir9<F=|mZmPdP@|#-@RK*JjtUE)<EnHUzyp>0>
zS>nf_fcxHY2ro22*Ul3bNX7zATxjHh7#_Sp*5#t|(uetporvI>S1HKrR{recU~*cJ
z+wV|WR8Z=h%!(U?Xup&igUSVF5;uTe{6HSGj90p%u>-F|r0U8WIIOvxHdPJwNyd8>
z`uBzG6ZN;S@<`x*+SZjv;3q5guk9ag!8KLh4EjwkgO`}3Qz)g(-T$l{cxWrhR<yOB
zJqKJU8DEKt-O&|}TK(Avz<M{Epo*S236WS_7!mUi6tp;3;@;k$eKBqd5?A{0;J-<u
z27jSbaT8s^S^jXtdvNvV7{@<q3o8^|W%GpVS6SoC7Fg_Q@+$dPWNje6MZx#fA!Ku$
zh}$pWM1no>4xA%oy%z(A7m;Q;QL8T${me)<SZKp1N&pi<58DJdOekFWap;iBROmjG
zx)xz-JVgO@JGuw1-mapE;|3@zlQ~(IbNILO@GNyEOZXwGCeUhldmY9(zW{jKYay=a
z=WlFZBc;F2J1lzMQ1{ONb+1nPaE*T&et(-d9(WZrKnJ*FDh59MFNoeJ$Tk;5J)(~!
z=(`0nT}?vAi4!yL#nQgk%mTD@(vXt*Ee8^;=ub79y%OSK5>JWx8SEJY-5+5f%-)Yp
zgX4~+e?_-m#!NTjib=kZYhSGmr!yg0Iz*wlDlzwIV{KoYJ%h`F*4X?yUUS1}!Qvw-
zU5CA0`=u<L2E@z81cYS=0ddvvA>iU?3^v~F*z)C+ViSgnQC2)1Y;WZ8l32l!bBEG$
z&fEBu*H&8QJnB+@hxDK>7C2>Ucz8&ZRyBClpnmqka$_XBPyyB%A8ru@$7VLuer^lM
zW@@?67RU#kaK40wb&6QT$*Xp_?EqT>O5R&?HJ__Yg{|wh`=RbPk{1!rdvx32cia!w
zVQmU0XB)geR|@U*IULk{Tj#Be$9sArx6PCVkzMnbCZKLrM^aGz$$UJ6e80=KsfQ3O
zy{;?cM&g=u5qe16gPi`iq8F<nulfL_7pnd62$GqnJF2}#$;L6tHJIj^c^>{P*7x}{
ztN6D#y}vcN(3PCbcM9?~gr+kO$G^qKzM?;KGyW}NF;d?TUuI!re>a@m-_=!=-S=vl
zVh}Xj2Z1B=wb%Jkg#FgFCWhpe)NV1k@5T60+*Z!QVE5Gr;hF}lpTf1~zP%dbJQ}XG
z##~&(xHDX9HC(f0yj=@oU%~d^fCy(@W2f^ms?+kpG#43|TE%m~KF-~;4TLbj;$f=O
ze<CsI@h>inaF9TAmBsU~I98mHfp#O9U03@QikemD1qzEVhg{@O%s(1M+27tl*kIgZ
ze*X<8?7OZ;1XxfW=B?&&Q32D$hIzTTT0poS!RMO36k9DK+=z-B_9f$L2@$Z8-KayI
zwh!uZrF#42AoR-PfHX{$=hwQJvEWjr3-B;jCVb3p`7WR%NbuMY6uJP8AfdxBq1Xjz
z1PNQO?P36kLcgeuqXF~PyKaXj(IJm3HUK{AkRKD|#~kudg#&yPBfnLU--?JaZGJUh
z2ZSmjwrRvRMAV~gXx?$rwnW>a<GPsAkE`!P{Ag6`R!5Psfx4lKAMIAh5E_rhHn7?l
z>sF(D15l$4oTNwH>Q;p6(bf$fb$6>(gc_(3%B*U)x(%UmR5xC&@8aSa1}sOeG$Oun
ztq9f=)gs9D+IkTjPgES$aifQ=wRKAbTYJ~FqGYnQQZm`#sNNv#WZj5JHd}HeTP_i7
zJgjbTn1n@53oe|fklXz)T#sy~gdu#3EEUrL!6Xe3Ows^B(qPx?xWKerKQ4?j?igo6
z7-zyU&ZIETWXw2I!Z=eg<4g<VOvjAV6vk;HqM@AB5(a4@VoD=sghyt;S|>EBC+@=D
z4c$GH?Cuk~)#IZRz+)#w<I(Zm>Ucgn5ltQ6h$f=(ZgqmedNi>SO-2*l>Li1WXmTT(
ziYB|&DF(-*DFkIS0@O5tOe0?UeR?BmM$_GDQzPn8a|1>#&2F`&5sj#|5zR!cZgoZ@
z#-kbZ&57`rbYgU3i<iw{M6>&`H0;@own4Zxl0q24B*F+L5k`;*Lu;`7TDOUjYu~WH
z*?AuH3Maz~F&~|LUG<b&wN3r&DN&pMt+#(40teW&IZr|wwxc#Zn9`i)YqYe{SXkN^
z`IxQ3JZA1s;KCCp8PTlFby;r@y5RRHqqFh*pV0Z#mTv<(+4ci)nAtuHixm~oK5Pn~
zj^%5n{R&jxKbL|!(|?Nm%!MnD#m8(;rV8=@(C;9EbGF_m#(q8Wmf!d4<l9yu>W7S$
z_s6-GWZpdDU`ql!i7_)bX1(Vkjw?gxYFI1wezHrQd7s_+;d$4w<<aY)SiF)78LUwe
ze&Q^`S20YBh*tw=lqb4qB9|@#tNj|rd$aJaZ6aPP5k6qFZ{%ldOeWkP3KV(G{YiiU
zkoIx+^E7Cmc7L)4-NWwZBW&pXb7+VB^LvB=tn@|N9znzp+WI}hh+nexdxVjA!dBNb
zIq!I2{t}sEYuCZ9kTBtQvkS9A0)+F;F3xHQ3!XW<FnlE#xaaIvaoUmJ^<&zbWfDhD
zh3kqdk4F}~P>httbqVC{LSP*uTh<T~4VR^6=3lpK3yF_HI6^k%b!>Nu63%@I*}SNx
zkn#Mv$(Vu+2*W`Sfs7VbbBa$A=O`Qw`f!l*n{fugs)1=y67*pp<NVn*#w@iIt<8{y
z{=>))cL@o)N4eo`z$K*NRUL-%C2fRx)lVrO;b8M_ksfc9Z|YTYm%=vBlo{BEp%6eE
z2JhTv*ksos#K&{D!|~1?4tB5^w$L9Zt!9xq53z}T((Zry$(?r&>y`TkLzmLyr#u)S
zzGUXGV?Z|{@fg4^1n$x~qa^sB`w$x&3kU8*MCSBGPMcEpRZFeK@ju~eR4f~kU}L^l
zuweSW$a{;74kLrEWBnLx%=H3R>xwyEp@P1BnKlem!*h5#R9ft~K0$?;;}dXWZdbTq
z^}d;YFt_HsDK}pz^WV)$!;YB2xq}BDoIB1=&K(R4lf#T3HhD09h#c0rLlUiYWWZ56
zo|PCqbnak6VY3|2xkD0@kcZ57QsEE@V`|(a8Fjd5Y7+F236GhE%^h0hCdjF|BT05U
zZq}s}4oCOI*okLt!87K_^~9`QQfO}OkgSdykCODLbW=NI?ht5h?oc!~%Xh8w?oq#D
zsE{Q7usKibJRIzJ>^qv+xr46TIBEQtlSchM)^`N@X|q1pxw6x+3~yzm69@?z8LyO7
zMskOO=Zq~k9(ke|CVRE!;WI_d<##btC>EB{Wu}m*ftkWi1q0~1slwo*EN-cgn%4}3
zftkX#YXGjBDyWNGl}!rl25}moM)KQlD>ygp)D<REE_J64Y)4D|d~d()L9PJxVp@O)
z0NZan!=-RfkW5*1pg1)DE9zKZk1e6-Sl_@8>R8`sV!#${Nj;p7bpcIsI#vlJm|*XU
z#5h?*j<s<~hPA5Yd!%E%gqZaB_b7F&%=(|HV<lbNZ^oaMrvj7zSvpqNw*N>S>yaw`
z>FHRHT<d?1j&%U1|Cu`0xRLjoj+LYFr>$chK>I&h$NDBT@#u7{A|HqASgG?n79Hzb
zP<j7XDX263XW&P5e)p;_mC%n#m-;8b4Z2jKWp$~9)&5h)8(peI+$0gAOMM4FH|tV=
z4doKL)L+-2)umplL8nVyLU^+-l`vvmDnTT5sf3Z#r4q&vUFs)rESS)x5~k6m5}?tg
z5|+`W5=^X1z27ih>IKN+)JIQ4Al_ScR~8XY?1Q^2dl4ZzymhNFWqGGDW%+mmspXT~
zT?Ifj2+Hf;mgNg}55)3`eW3z~m$K_xo;z@q*JV7*N2vz5RW`D-0g0`vmghbj<x~4q
z+9FUrAmE&iQ}Bs(oTfqXlHDMbph!s}xZS8ga4TMe(Pol}?ow$|RtRp-Ig}<zMWyK#
z?irLS6@`!@N<u4XS`ja~Z7aAtuyhgKqb$Cx?(r7f?j6)Ul3J;1{=Z`$ZuPh*c3V9S
zIi8WNlVpgwMmKsA$)ON$@kGuT0A|mmA;&;5xOh|~z)>3z@9acQ82~A8ZiK|(1~zsE
z2?vflI+1glVETMbLr&QegNvCffgSlvvExS0h)L1;-Qwh$uK20*yBosIY!jes+Le-V
zR{7LTvgtndmZJc8|3XBhgxr2a7#X9QJ(hPej^zi7rw2648yTZAj^&+<WBKGTVfArm
z0v{H)5=CVk%f~W~0FpwM08%oJ0E~=H$+#prEWfU=45dd>31=`e@`XotD}s=daRR|H
zfuZPTl8BDY$~b}GWSl^7W5z;=d2%yVDvE;>J_5lF6AK|`Lkoc;Bq8Ihj_eZ@Zq$(x
zuQbrXzW$%hDx$mE10q-kSzD2iqk@cai5e7W5=kx@6lj`YC6I(1x5VJ$F`y#D)M3G4
zB=uFGX+jE|W1SdW%sdHjvAB%|nt*cxO@SwL9$jsJ%t;AwvA9hLG_j|HN{auI8mL$|
zMaiE`iFH$~eTZ&~`h=tgD%MSL0#2qJaJnfj8<Ht6btzmEB~##U-Moj$)m<_r)^u@L
zBvbINv?;@ZmrVI(mqNLeOxf=+pn&=>pf~e9_y;idjLr7Du=a;Xs%{C4D1o3Gw%?7&
z!`m{li0IiQ8})4OF)<cK_i%c)Wstz>*(8wQxxFhAGoWYFxO-jC_8el;<KLsyvoY&`
zrk;&dZ@(XZRxSf3|FiULu5JI3dbT4~`qR_19l6&396j3rPX9CYY;hy+H9Z?g<4;@9
zHh}hjw4UvKXyVc7*+f3xyLz?{pz?l?f;!V*#m`Sc&qnCSq-XmWaD$$WXjwfQVYP2%
zywS5s#3v*|^lTsJ=Vm?Ib5Sm#XX|Uw>e*H_==5yQLwK{EjWA+88$l%XY=n{2vk}G+
zJ=;ffDLoru8a*2U8a*3f89f`p#Co<54b!u6_I9gG2HYM{)~t+)cNV(FWSndS&03c>
zL+$s1bjDawpxAY=07$GMy0V5y?80K0Tm^3esXJAHk^~v=lpUIb3w1$b7)af`GTClk
z*958bUP6mov%46}*cwLm6WZ|9e%9*jqz0q2(;Ct?SxSk)?TX?x3~$-uO0wDF8lY}_
z=}0k@ya_wR1m>V`*&uQk^iAmYVrmSU1SmN`;fm?!6wvhcN}G~eO&abPum?!cSoD9g
zD75;&9YgeggnS=U-&;&gU83~Wy~4{B5`B@V3iMv#Ws1JO$Ylj;G&p8}Y#!K0#mf|;
zeUa`8G{sS|;yNC6gPU<7+5j(89QVx>Av(qnIGL`y9qJhGhF~{aB<dJb^4%)c4kU*H
z0|SziQG)`Waj`j}3Jb0?jC_}5JFXc>)0Z)u1P~(!C8vN?`7X&xkm*@SDj5(IrkeDW
zAs|)0YkCr<Q%*{cF+EmKszlRzhJZ}T_atd!b(GeZn&~8JP`*p#fFV`eQn$3C$w{;a
zI8EyrMvMVYQ=lT>6_FIsv}#H+463F~O+&~b@?DctK+`jkWEdP1rlui4g~pKYR`>Y;
ztNUaTH}<sFO=P~0g%^*Cg+-65eUR$8Aw&3R7&jrz1*j9|TE(Vr8Y&kOMy{%&jfJ^@
zal%}y*bMY&7&jrz1x%Wuj*)Sb!kqfmb40s(IQ=T8164fIMd$Y0V*M&H8lqpN9*Hlv
zUkBOSK7+Tv&HJVF?Zki1`~AxABCFi+?f)LW{6zRA1K}$N!dFT73jEdbSK~|falXep
z&X}I;9XI$Zfky>gAFC~&kLzQbFS%v<FD10BI0BISZv8bz_&xr#zsT*?<~`!u0jntf
z5O{}e^S!p5w;y<*@w~%EKz2WPOX3b&Gkt}vnY_W)BUac1($ffiFtoo!M7&uz<k0Y!
zCEP5}dU@!76^D~qU(@21^&SNr^e%djB*tCM{p)^@)WwZpvu|04-z(BLV|jEPS1d^2
zj1IQ-j)j-=t^m9r@(p*~#mB|}*=OOle~-k+`e<wmJUyMpO=tV_KuzQG>)q~{4=0ex
zxO#`NxcS%U;4POIqxc>4KlTx*P6<n5m}kt-h1rc9?%-!OG7PMvP}ty&eB9x|smk1{
z>{)XjFS}mJdvPl-ATqwRwk8avt^`(IsPSxiD*i<pPXeUke_P{8hgAIK8ZT{LAp<IW
z-g&R#nS|NBUX9M9;2p5g+?Rp(4&K%*MY*-T6=F@VE4a136JDoF=qq{10Jk~O7T)Hh
zx2lgD!d*?%Svqxy@@E&i=iwr!fC9l-D>B2c;M_HS4UHu-?JtlWz_da^W@*f$t6iwh
z5P865WI!k+8C^&+l1wfm193(dl8mIA%g8{S(S;-<38@)%Eakixf|st6yNucPDfCk+
zx&?lf4D*1gir}eJ;n62Z@(;KNS;AzLuvBr7qdo>FEJ6YD7_*c@j-(UC8412{p;Nvw
zevSqo$CyR=I!esufi5w_gCuZsK_8(8D{hSsi%-V;1JH;6;2l}5sK4OOe8_~U(;#<F
zMD|an{G}_y0gz0&$d%y`NT$5NmEj<0jjfV;l3|q+TiV{}tdhsHFTu>fbC_QYBRa%(
zIh|*p^_{Ul&J%dAmloqs4)33KGPP`H-KT$zOdVgX8K2HJ_V3-u)tSmTO>Lx8;fbV^
zVVtIpr&Gt7$~aAB9Wi89DRr-J5WZA|PXNmiDn3y%M-b~9B72fJOTCB1S?WD3&eGn)
z;w<ewBF+Xo;;h&S&V*`kCJ2Y~AE)W8Sj~tl6Cqsd5ouB@VkU#oGtMBbR@_VmA!(dJ
z8m?q98CYLj#WB!4#$Reb68=*Ak?<GF9|?aU{$1gJcj%w>=+owE%09Z!p*P^>K0nNK
z*5DH-#7ifb;V>OQRQz@9k`rSn<DG<Z;tL1PsA^tjJeY@f%tP1v&HZqdZeA@wNw~rJ
zj>xnpU|xJF>+x&rGMc)@l~-ci28Y%$k^BL_n)?qyo0ea>o&hWhG<2PW8WQsB>oV40
ztHS8;(0ZjHP_X_+ZUhL3noJE564jy%`3;@NFu_IHv-5>+_dI`mAS&N%e-)D#lN#&7
ze#eC6__~bhW5TjFfD%xt4@AXSnsI*-`eIUOt6AZZ=WI*n#d`Z|Y|?qYLS~xEtNQw0
zwo`yhtZ?4A#42GVRv5Oi?%+tBMel1^Xs)r&rpyU=o{3WfyjSw4tUnbv!{maZHFjzP
zt{-4macWn7XCCrapu8&wp787am$8Ry*;@OXKy)LhXD7^8Bil4z<Jnf(d`<+D!Bj9^
z+g{CWM7iYOja?rE)Vl!*h#8=hS$Lt*>ZgK<^@}!w>0lB+c%Y5g&0c(up`!7og6S;W
zl1N<^dTIFwT#Ab`q8eP^O?q%7hqc){{+qyB0S8oYI|lcj;*XQdGc3jCz80>$0=U)M
z-{yJ?PM2qoN4bJB3vLKT#j}H`u#N>Ap4-;aSg5fyT!GGgK}%0)X}`y2(&x{a@0DW?
z`n@~zeDn|Y4A-(2Y*jb(vkq;c`D_FY`#Fxy+(v6Oz#?!R`6t?cPOMr@8-f1Q7-T8b
z^jovGwiW~mi?yl+f`OxdzxVqIFcKjd8U{=pGm`{{H#>+Cv(`hwlb?;y)i53ko}t0B
zX|ZAiYc!~}M#Dig#|jQ~3l7WKS_=itqm4Vk#Z0xoAq0TiY9*VYh_~y!n5q*oRVQPr
zPQ_H6PE!?(^YsC;ZZk1TR!KEv-HfjzYt0mLL~IU5m>dQanq{flIx!||YbK^^>-aQb
z!S0Hx5J~&eMSua4m~Li(n6hO9#!+^neS4a)rpF*p9!C#Vwdx245MEY?zeNn75i@{B
z%n*PtD-HoZE%CLy44|eCfeasaIP*nu=Nu)=&p8esGhHr&U^w?0UTvM=3hi`-CY0EA
z<ctQ0NOEM85veh7f{QuHLb3d3`MPN%EQ>14rgkF1w+h;c@?B&nYL*t>5&(}szyWA$
z9g0IO?>M5KkH=X)9%p%uvu56mGdKL>m?<-69>_eDF%w#Ww`(=-grgiGaVJa}_DFPs
zvYq2~prSFZ6KbxErEuFauk8doK;llY1J89r(?W3+JIO$aJHZSJrEnwegz>l!YH=6T
z(>-7~-!Q?caSycaA9q1(XWR#^xq(iYu?V?t88b1i6KbXtsA!_E>Mx=%uF>`3?9X5_
zcsV)>?wEs#g^roTG)kr&xC=a6`!e9X19!T7yb9wD3&;;^S;Ibd+95cNax+mJWk#kg
zsDt4<9Q`&*hC_KXFih++E2i>oOUDu1M0+#1Mmn2RF*PJ^CK;#8sJQ(TXunpjOQ|?z
z(xvEvEKZqnDY}e{Q>I-?W1VV)Z^bkiX9TndiKrT*U|x}ksxyiv782JQgIWmdF?6x?
z@kyBS@9X2c>|-N3hp@~^Nmel9vppnkXEN@;C(F=p_anhK{D<}HH5|XKy|U`>bEx>b
zALvt{`>nDjaH#pZC+N%YZhr@^-KdV2z2t)dD>p<>URvJ$e!DJ)sySARxBo&0KwYXI
z^z*igGFDGKOdmeX&s)yh2OOZ(rjDF#Qbm1f`5Gc19=`9&&zr2Ep(TemH`R*&C2%a$
zxtj+6N`lakYnxY5AO9H=ZNF{SX~DRvPinzVbt&BRCR3j6^kdvgCsTgLmEj&Zner@G
zhI{2B+H1%9utB}reL6Ghjbbg}eL6GH<EZtN_vy@zMrWpD?gYH7>_PTW_1w&=*7=Z%
zH<6v&AVXB&z4CgD=geBY{X<9^$w58cru6A#dRE@Dkn&R8&m7Y7Yo-d+k@enzHK6G3
zGPU(=EeDMRZd4p<|Ckaj?^AEr{#Sg%TQh^yzO{dZFx`kiokz52TXBe|(|gOA`g*ob
z7$r#w53S+l6zcB;9$+viFbI<{Bm(6XC}30y&GtVcu>vh#*?i}_73jtO0kMe7q;!2S
zZjkJG==Cybm7l^vbYnf+xTg&pU(b&Jv>TRE52hNH))Lx=LB0o`(+_51{h;ki==DfS
zkRa9%O8=mrpdU1pq$W@rml6G-p`yf+Y#^V5BlBC)`^LSeAAA)Vi2A`F08!Ns>KFBc
z`X%~7{X8oD;L$;%eo%9Yeo#LL^@GID=m+l!RO$z{yyyqz6YDF1evJA-KU{eokgK)-
zFX(pn6@;evgckREMCC9V!W&tQ>azH0G=%&#8bW?1G=#54aH9QvqNN%_MqppAF{;Xv
zZ@(ugMnNRs2@T<E5@2L|FBuvJOdK<#F$&CR2$|Jr2>EF=g#1is2pMczthlXbjkP!e
zdaNXxM&rg(Ne!Wdx0zC+$C8+-_CE;$L_<gd8HzX!p~S^hH5x+38Vw;o6B<GT_5Tcz
zbz56wl&tb?$hsL{p_w*P3ppY-4HOqq(+C5~Xb1%bqal=Uqal><goaSU4U3qi>_i*^
z$|f=0%mAVx6fk8|%29Tr{m*H_nqGp2@bPz3L+Iya2sL#Kq*R0?{!#M0Xr~0%G1KRw
zof^)*hFMibD1~;qLQqdJ#tt1(5hhtuv{O>X4g%3mNz6$W3aQN)%h;lwk}QTtmCcQc
zkl?L~P`-_dP`(o?LIKd$IuyQ95i-H32>IDi^%OtHW9^ibw&Pz^gc37l290Q^WH@LA
zPDLnjM>j;`PM9+Mk?4d0W``)!7*P=tm6|JK`k>Xe%t{p@sbNP*+zEE%xlU+WD7Ft;
zCmASlCzw&8FpY|k;EjrqpGHN<&xDGQXd2cxgVLx7g_K4`DBng!DBlScp@e5FLR1k-
z%$SLBolrBK!0o%}kG?gaBYZ6|u{uJX$a)f$&=IoZhUo}>$!QqK%sk0BI~yhA%;<#0
z5o@tR`rjx6T%5F|JOm)7c$ps4Ikyc&lGGFJAs`zA8Ks`7VUaT?QjkpQeuRfb!AJCy
z>O!Wdx{xVJbs<w!UC5NAx{xWVE@X<T3;#t(Ar)J7VIs<^3lmXJT_|x*UC6cM0|#`4
ztmVGG9$+-v*GZ0S4r8B_hH*-JSme(C{_F!;k<cAlr6EU*RT`3cozjqF&MFPbWzJf+
z*1rKk*=Hnuk{yfQFXP>P-Q!PWG}R3fwAV}M4vE<@=nlEIPU;T-9d#shhj&O2y2DQn
zQ5SNJuL?f3i~d)q;N#Al2GD<v;?@BAJ$@^aC)@gej8q0_u+je$23GzEfBQG_(<x}V
z|L;J~=Z5HKk6%6n^{Bs8Y<j_R`2)_R87~UjcRMoucMx1cciaC{M)*DcERCY1hdpYt
zALnm6@;e<lZyEUfqUdUuMgRaeeh3U^%^)Ej))I7H{6@UMaTXsCG1}W8ZQ&fGES!lX
z9?P@J+NCjotvKE7QY1lnaCx|WbKpG!uXeqR=VY+IZIy7s4Eu|n6}-jxc7PU|;%2N6
zo{zY#g64RBy#%Fi7?m<n$-L<fOOF!wSg`bfkp@5k5Z^-oDxRTh0Euc4PUuG%HuWPP
zVznY^1w4277StBDDhJ^h=dJQN%FjQP&oV#XCZ8iNwu!HDKB%?p0FUb<0wJg|odAM{
z%^B4B#p1!Z{R&$}d{zp<gehLo;?v9^#i#hi>VrvJD45`vB3i&FErjrbnARUE0D-Fz
zTFj#$S|taAXqy%?k`~DU=paD+9=W-$kdSc`96?W7BIpqnX(vv;S+Wu1V2Vn;!&>3m
zXo`-Tq9C;?DqSH(9n}&vmByK}6Q(Ts#*}q^m!Q4$jNsm4e{P`X*!g920e>r?q%Z?i
zZiX%JrlCTX9uSO$0D_eCMNA5bV-@o7uVD)1iO}&x=y)P@JQ1c_M`H_cs&t3)MCf=T
zbUYC{o(LUJNK<Lw1pZc*$O-n!YC@PWW{EIniO{ix@F$JZIWiI)F{yxnse*}{A*3`z
zLpn^jlK@TMOleUxSBnZQNUX3WLx~g&Thd=7u#P}ec3R7#{aQ9|zF@3H9g_<oP06N~
z1eLU;5J_w0xHAa5K_MjGxKC1GG{<ZaIJQt;86qiKMrv8cNRCe@GXoW>A}f-kwpEl)
zBHKzQspyn(6thMUvj&D`%vP<E7Ph<*INngSb(}liND8S|S&LfcP^qf*I_5~yfuQe`
z7H-%$wm6)$XjOFdA)}7IgwzpPCIeSGOr!+`pc%KV5iQDD%#?LA$e_#<aY1;t?5HVg
zrw}un%dmGsHX(x95L<T4l(kcc5lK=u7S(PFF=FaIiE(!%2A9ppu(rSf9(sv|k7aog
zmp-NyMqK=u78xvl-#WuixJQ&6?BHWrXT&{pOiPWp_%W<D;=;$W;9%+dB*@*BAjh`m
zh<obTmK}-m$FTB9ls=Zl2aDe)MUGmE9LxG6(L=|w1W6P>mQ_fi_%SU+SYGVWejfUr
zgQ82>bRV~&_lx`>%(suD#sXH*w1}0<v#^3zV^|3_E3?qpP=9rl@M=d3ZvpsyC_`P3
z5A$ZR&A|iX#yF?A@&?QSu``kNl{ZS*U2^ZPyonL+j{E$|n;EuO+)J}wD7ww8m#7C0
zNAGSu^8@vCQuTC)*E4_j>*);C(@oVg@9N2U-v!;)rC*ELQl^}()T`ND??R-PFBVE+
z*<3=Oe>AQTdN^nBTKMmw$M`+_lmNGzsn3bBxNy#iIm#YvZ$&3}E3><YCRR0ZdT8P{
zO@!VtOYMl>mG^s8m#W`X=sb3xjwhOPwF2%1=Qn26zBT9l4VsW@x0d?v-1vEF?P_?6
zj*Z@(ZuECxuQuK>Zg4j;*+vJqLY2J{s&{-?ce$YNT(#-ge+X!0?r$H|Ot2dBGxd%Q
z!63}fG;9#|Vt!`ahRh39w0rv|;P7A4^!4>lGtMEJOu5CSaIhv*p5Y8>Ick$BEtkUa
zn@qXGLF3Lanetqh!hK&d<wq`syR~G>>8>8`IB^M{TKZObm5OEBKKs;#%Rj$$nyU8S
zjU)y{wf`OlW^P6fO?+=0mh|^AY^=85&+m4gf)LD`*2_OVrI+9QR(9ysa-MfB$M?)D
zo_+a3apu*3_ti^Ft!lXy!4XAn_KC1T3gi+AtAsPZg(&F2peyV^gHNnXRDL60=wLD^
zr>;FVp$g}<$D6$<XYO)A>Dy``n*JwV(|W{}JpZU>Ghoc6?X)kiRg1GTFz9Bha32!?
zO)Q9m2dLSL1_sphgv=|EU#wNjyB?DTp`vnQp}A1Sv(+p*rB^C(b1WLc^%h1=L!w9{
zD)<o8D@L^7)(108ZZ0$B%E14FEd{=Ai_|gYCN`IwbmbaxIShcd2qaU^m^CJGoN(pF
z<8l}(DgsS8V<?#{H}1;e>YT-MVgOHLZI~?AaOEcBa+3pi8vDg$xw<Pi6_=YDz;k*t
zU23k}bX;!Q;mJO%ckb)O%75!#^m~+LQF&rP$5m}zSD7{zvx$ti#y~vg9EqP8h{wDn
z@lz(A!ZC(E&C8EA%7UIuMq0RXP15GHKyeQeqQeLloZ_|0kSw@qy8A8vcITb4rVG61
zL%jU{@U^XYu%*|Tvih#&XGL$#RI^<17NTtXc*<r-xOmkYWmC)ENR2*l|4UZEQC3Vo
zc=t=fFy_eN?pF@zi0#fj#pi^38J}N*Ez!$KpIUL(<-pOyO~Vpa_1Z5X#yq<|G*WB~
zcWX?F2vtdQG8OKgY&j8~lIkSq*p`tjd`7VoLy?e@>;&Xkme%dOzc|JFi@OhCku!xQ
z+f_sgPLdX?z{-@5at;7LEpqTdY}hI1>W}bgMEBShi#$CunU?X>ObPHaW!oL)T(Sj@
z{RfV$brmX%hBfK#3xVWFu9n#t$<?#?)5zfu{El#K6?nYQZ)y7?HltMv=KqV3_Zfz~
zYl>Ht1!DgdDZKZv6h7H+KSQ0&aZNUfb{q#r@s^t~jPQF`l)darR<S^7{|lBTMdz<A
zUPqNBl55vllzj!q034*DSgS0PAFqSf;il|7IB%jCxzh3(fUM>XJ5G0bYwT;aNjZh}
zXW(`Yxz7^Agqb_Gps<=rTn1#9F9!%UlMwF{K1>d@(pr0ojmf|YkT^^<+doTRRj_U`
zNL9u)X2*@Fnyu4#cyPma`vDXS`kkq@&t%aZJK&G)H;fxTS+~YCdfO3bl<{^Q6+If3
z1eG+oXkQX|4ZzTSg`uf!Ms0g>BT$-A7A9$Sk<e`H)G}>4lytLOY6<GS?`Wwvp|r{n
z(Ad0I-87LgNk<xnq`-rH_;y$;Ung?~i%HkfNx{zGKm!&w&w+Op8yiKDjrAKB)b7Ys
zw?<pRA$O2Nq-Sy8qlhaVC0x}g;}S<DGqH}P^5l9omzi3x2AS#gYM5!RSM!-xVZB<&
zw2JH1Vy0DEua+{c@_MzLX;s#%l}u}7y*iR<jjmTm{c3gBuW*|lMA=R;DhFK{Q})rp
zuwcnYW%}{XM)@ud;UzNbvNea~nl_ojC<iBXmC(VeM1`o*!5Tjo6&$Rb%VuDuav4~;
zJoXpmXap!2yhgAK80o+?Cy0s;R^YN3SgBkFR#1q-P9+)z3I^6_REkDvrUL^W2P<^h
z46IZx11k*B#$q%Y(`yuX0ag)hjPc63Yz|f;mu(|F#eiPrm|kVz1=^R;#u%@_Wizl+
zxojKrXk$65#Pq75A3=M>C;BmT*$k{yF55<|RY0$im|i33N6;SeiGIwwYz9^;mw|;F
zaMi|qwHj5aaM%`Y+kFLm+rs!BJl)xV2{iZ`zl}V28^7ZP@Hc)ZqAZvkACplIjE;|~
zC;+qLV>$}K@c3v(c`!XbTG&I9^ZAJ_A=#gwG{V9d;3w8|90>e`MHWW`Ke3VFkl-g4
zdK?!Wl_k`5y^>=$`^@Wo&sX1{l>&T!?*5=Nlsk*|X)-($26Dv!<GOKbnLj${A#|v2
z!FYZt%4z{T8Sx>kT=d2BQh-}6;Z+x_2S`5?wjT@m+y8*eP!3>JpN}(O63A<w4<e6L
z2zQX!Pw(6ThfcDO4siDlmpvjRTCh=|Wo||pasTP}SVdpLvc65)@!kIFK|8*aIUhNn
zpgHePL8I$+o+BJJ;43X3Vk3>!-VywgDxOdskPa~3qjw5|fpdyl`*Aw|Nb7J*!-k1z
zP{XoHBfQxMq7WmGRER*6g;cS8g5Q2TE0K0*ycw*m{y^H2>3<9b`~we0>Ve}X(GRyE
zoPFkNl?^a`K%sLPL*@L^izmEb%+D|VHhzoVY~DNYt$<&SYrry3@QnRr|HA~_BY5El
zO!`WM{znl7SC#x(`Yp^2v`5y=j5_c<K<|G9U+~)6&pz`tii!01rI_N4C(zRJ$jy$u
zvX?QJ6ap-kU3xyD5T1>=91(IU-yp`ct1fQpL<Pm*&avhFfVlk5CwtF0@O|+5a|Ufa
zlRT31U^nV*C_k``#0wgqon>$N3L+*fkrVEOhfef};me@?P>{L=M#T{5NP0QI?Gwkj
zVJ)wTra+G!vNVCNsbEYLWWL1s$N2h)tH+m2b<^}Z@_NW?R7_MXO@ea>C$E~NrAcHt
z8G5Ax<#-W!l?<X-(w@2M;t1qX1gqG#kX*GWhXs`qPO-z@E;5N)z(nWT4?`=f=w){7
z%E$3X`n3uzH}R-P;gX;UE!OOmK@O8Zng3br%D@hSjDuRyqjBly;azM5d%_XBCww3J
z;fA;$Y$x2|h=Vod7HZwtH9J3quK9B~4t$Q{A#^R~0--96VC&xUKI94F)vwK-Zb(VX
z*Gx0CqsugswXMlyqf#dym27KDftblUTBBuiU&srcD#?*i08`GJt}7UF*P2S#LK6g+
z42C&|4;+JAk{#HY3N%-%RveO;-zu2LD;CKLkOY+@_$gMBW6A)@5wti3M&e>k196Mq
zXOiu84dITU!PiH3hV7pPD{y#V&S4*1=lTF$IfkwrlRdyAAz$A_nd|p%1&3s6Sbi?u
zimoyde(w{At}T56Q71cbDsh3WFL38KzE=f2sCWS{BSS9R{>ByvE3=mgyfcvgQAszH
zp-aha9!^tyjLmvye(ieeR1y*573e$Gt>oqYftBMSUx=vR+9rhU6BT2MzT;_%;P%_T
z<22<Q1In{oyfW&(QQP_{M7zDz!!6EEqJnPXgZsN6+7KVyiJ4euJAxb3g@0+&+$MB^
zFHA4cydmlxobTul{IfBR)(`jYTdZ({1}JT%p7z5{Ow^f(Om9uoHKNBk8w>GQam==6
zM9p7p?Yi<$u-z<~-*T-oyTe=gEI<_2s@bprHTn4dwUtjJBFauLUbBc@!}VT)lR~{y
zDYSM$cLkNg+^1^QaMu$d5j>w-@|{HwjtKWv3*KzW!<r|YmjE2%LGHodAXe7KHRA>a
z(Ziq+TlpO82-mof%(tLT;dlVsVvm4zC3s@CV!m5bWD)An1Ph8P$<HBkQ){X^N_eAb
zc*K*NBElO@z~i@tH)`NvxJbLOU7EY8R^2-LbT7Yh8?oEEw#EhKP6%<hP+a9f0v4Ll
zw#To0Mv@Qih2LwFwbke#_i@p2lDl}A++MWR)QYW`98=Vy+T7Kko{7c;iS=E!T94|x
zUv<Zwch;(n*=1DUI9MIWU#Nkq6ZnnBXFTsG-s03geBC_id5f*$zP-_e#<q(4`7QBN
z@JB2KS>*c}WGtgh>*0%ZqQC--n_zy#?S-nc(dbkgQNwI)tCP{>?&m_i5mcujLZ-;a
zS??O~)vL)@cztWoH}=H-usbt~e~aZX4@cPfiG4Vy#_1lS@4OS3nrPJDEryN#L3ieX
z__tUN@(Abg?o|nn9}s(|cPBDyY?HC|ePOG$e{U%Oq&MTAO++R2eF2k-waTszxiV}`
z?F-Q=xSl9XEYvy&@gUQe(Pw!y5?fptzkiXT=6;6vO2p?Sc`On0XA;w}F(E;r1G+ep
zUipdzriH&W2<;1-pdCs>!@iefnc5dPG@%2$7tjodCe)4h4w@m*EX4wVr(#qoz7nj7
z&e#{$hxZ4P0wfh-(7<k&o>Xo?PZom)W3|^c7QJ4ie-C!M@Q8Lhc?7<O8Lb?p(cq}V
zc_vpsO0(nv{A*tME)3f3x4qBJ4wP)Ih6uy$w>``qqH;V#ChA?OeJ+}U5f^hb`T;JQ
zq6-J98hx9CO__lM$B#>u7rJP&k&Aw_izYv~=pVaivZ0Iqyo)A3x#&N1(d1$m{Vf+w
zc68Az4sVVC7yTZWo4m|%9eN+ZxXwY;Vx0sn)8zJ=on9}unQz=)w{ahe;~F;ZDYmW~
zw~yPnljFDv8+UFTH)-RpiQ!GzxM#=trfuBSE?@s|f%zs}$Kx^%*YCSB+a0d&j^iAz
zzZ92sxc(&0=Wu;%9OrQD#c>YTvV+(EE^(bObe-|Qp@xC}DlS(~#{YdB-$=&4I*x}(
zkKx?v;`@JhxVj$U@Y$ZKs~X3r>iW4jK2_J5F24WwtjpXC%*?D})SY@<M({edf?sfy
ztZ<>Ozyb@)(r0jCWAw`XzhvRe%2)BTr~gd`{2qU<{HTZfhhNtS{y^>Vh=rA};cJhO
zt^YSiNc-PN!&(<QV$^;k=P9?&D+XuYLE!*R$zLN^VqI6lK2a)IC@T(v)j}n2+LSkK
z!f&EYoVMAj+g+;)lHcr}r#zdT2Y}4@*bm$0dj)}L_Or}M;>CNYbWW*L?hm#cOfL4h
z`bvY%bA_ZxH!x+F74HfC1ejB&W>4`~zKz!R{|bL*C;XM~xIo2U`3o2D;ORoU=39tE
z*Dya`j>a-}vVS|ixy1oFdi;)H7~#6^MlY&Vu|UK656e2uz{S0|*!?UZ5ukSRH}D10
zYn0Ml`&l<ex{6zVmLnUzB(O~TES?`E>cnxVrr<#I3D^oz-NB3q{-Olizr-JJ_IN0j
zGF58Fu?xK&fQKyjg*#-w^euGCYjof1ng{)o`!1mx7f_b%kz;FDlZVUs{5hJg4eZoA
zmvo+-jJabAv^f)ACZJ~GCaP&NA+>h$>CK)3RSf+CvkKk*;dqe&(jkuY@C3<u+R7)(
zPuQMM1_x3FLuiczfYc=CAwR&-c&)b8bx^vkQbIZodxs444$P;x@>!X2thckrZ-G?e
z|8AgFoG#kY3tF2lAm+Zj>jfN!h?GH|K*Z0RhDZwZ7%`5hZd2~?h|RXCrX2aSa9t9l
z@^rxr!ob`017M}CGWharjB1TD--r~i(CAcvVTZK6+sLye+Jsc!;i;G-b)8K;iZ)QQ
zf|J4rrqB#(*H*)z9#HjFH!1`&TYWwXZ}95X(ynJ>H7D}&F=*irxfiV$MF~oJ1@(DQ
zOuo{TvyttmkQiRjz^S;B^A22FpSxLfpgHdVU?Q3N298F%zuonbcz^3JT?7#6O|FT1
z;w+9LuTt#<1vV6=?!~EdrQZ0(sV7NT3zqrp6xK8u?`fzXz6H5gQQE8EsKHxZ`vR7j
z1!`>_G(meoV8D*EoG<1Rt@(PKMG7e>>Wm*H$C$eAJWO2*hZR1}Rd_zX5MwLE^E*X8
zzyr#C+i%-c$v>>FtalpP^*6LPhJIlh#O25cMCRa3_?%2|ZRg3>R>6)uI9&eHj;Eou
z7fR*rJ^HiAABo?q5l_{h{Swb}((_Q)>nIl*P!?fxQN)jkYL(OrrA+&gAVWEjxfve#
z0u>4QAYTiE`Sv?0)(W*ez5^9v`C3N%LHKSi(H6WL5;vp1&ou&7igM^%nfAK~PIWv-
zL5Hpbk)i|lu@6DLuUC0T2G3ka-IOI}=mdBWUJD>$1?r5F5l9eY5NUH?Addy!LBM$f
z;T(sx13N;<VJ5`pf>5QJMMrhu5K*z%168OVu0V$jcEf{PvnN1a!lDP(NR$*8G#5IB
zAjDs4$ke(xQ9afZbDyK`msZEvXaOTyLT*5FX>gDUQsnx*il3sD#PS~Emlb~-mX}Z3
z#LFsZGS?|f%g}_NA&G<`KBqbf`s_Fw81rC<Aut}s<pTE;?XIxBgt=xnVd>}VP{$jU
zUtBL&bLiJ+dbLZc+3C{kIe1@fx{OCR3VxK!2kg8|cwK(2y$?{khoIA{&$G+;*p{4S
zup19W*}|phXecB0L7(7-ng@=wG!Ogr4Q7N#*&B#IVNl#E6*xcbem1l;B6EH3V&M5E
z;>q`W@ao&+v20tc%St2kf=u@i78$ZaTs&0D)b|}4+Y;KvC%78x$;`^1qv>5FpyY*z
z#{9(lZd`<$S^SN7fduPHUQH1CoPjwV)1=sGP0BJ`#ggCSj--b9L!{KT&<J?mC5u<A
zU8*VdI0dQ#q%`*<jb_|Zu#rec`X$g^F`XJL%`l$K;N5xYBJ9VR0d7GDt3DnzvkoZ2
zW+cyy%@ZRbd6;Rj)s{SMn<vIZ^B~h=>om!8n#~g<WAb=+F1B__o?ZL)qW7T5lBrVr
zuAJZfMV)`4E8lWB`f-;voPJD+QJ*2&N%}E4#(IWrPt%VXVw90#kbdc^rA?dYmqtR{
zJxISaCWbZx^h+aS@*FMwlIP67h2=%j=-qv9D_V83u0got)LBcD!MB_If#1}6#47ha
z%~kUH%=8w|Tjh9Y6<4`!YK^RN!_?Zk%B|9lYwhmW&m1@hqrCqQi1oMizsH|Ub5H;K
z%q8`dfQQ<DU6H^q<2@Sj)Vpw7`j5z+*skt8(H-;(z#gGv3&6nAFHlr@v)KQ=oy#fN
zRok(61Gai^R#`=moNc%TEiLCiYFA!3Q6z41D91C^((>s{6EKasN!`;~C}Isb1%pe?
zZVpp3*}OY!6)+9mnOE|7BS&*K_UL5aKEcOCmBo>qji2XHC+lwPf%X66Ao4Y!Gi3qB
zH_;#vnusi6bzVG~C!v}hU?K=X4L~Nsgq3DaSO(9%6=#IIPC(Cb-7$a<rpTobYlzFJ
z<f>trrvU7)BJB&MVIWakdLqbta#X5!+CPI;P8G+GmD!!x>0p94RbNeAAUC|x$XPf^
zt*mtqoy#pS&K7hF9F=AJi{0$p$6SSjO>9)7*@t2c5JmO*1cHocBqMCKil`SwrXFl*
z14w2ZEzG?;U&C7Bh^0!V6f_7SO5vbm_iYeFo5^LXs|K~|w%Id@;I;&M=q#H<5sJgo
zCEH9rI5+_xp(Y%X%)KXHtzqV<>H6s(!K-hHc~#DqOUq9i%BXrKpJ3G7f>yuBvZ*i;
z%%y*7{8=P_7B?|fR6I)l<ncfFv%Kph^5<Yb4RR|w#M0OPDxJfqJg*#yn=~WBks~%o
zM>!Jw7mc2UgXR(C$Pu23fg{PO72!ypdVOq=*EbL02F}HB%m#D4t@8uS$*2T7SPU$4
zZZ%bcE6JQ-v$=P=2Bk;hV9~NE3Vjwiltx~ky-N-~PC4|r1WI?sp~snez?jORJd}G6
zjyRpfny=RJpkV|nxBA-NL)FlW>YyTM$%8tY8f1B9Hunu2$wU5(N8^yCFCqJi4TM-(
zY2)VGP(KD$YU3sb=Y+SSKs;xC2(0l|jtOTZ1pR5-7zvg9P^^S5yOQ=e{|AB;5i}R-
z{}aAF=wV<T6sL*(kS1Y<`DbSLdn~mCWqGiKOKZW>o3S$N{{V3rm`!bmL}vOkU#eC?
zm_4AS!aVanH$ix_F4NU6lUN`j+s=>KdBp6~GV*KAxrqQ8gQuc<tgt@c+*6tzZD?q^
z)7-P*><fmK8}rgxA%<fx?w%~H5WGKBnZlMp?|>GRmN$r*7!CP7;xU)^mwp5CeHJ@6
zg+c^issgJ*u7yj>UuTI|LIv@hL7KrhMTlhDFS_7Myd3AWI?Pgn0~?@eHI(m;4TASs
z=rR_<x;+e6o|ZvJ{2j7lg2Q1+Am8EACm54o`VxM^rCSII^V-rs;G^vA`ZsWg2f#V4
z0}@3#FqFT#Yrt?Bg8gOe(P}wdS+uoQE1nkfdt{yiH?XP^SpF>iExvY&s91VCKB1kM
z-BK6v{h1^wW`HwgJYH85q%kgFZMp<Ec6ez`qmr$N{H0|OT%~k0CN09873oJc+M36J
zYV3)&UUl)jUfGMPjEbr*0=p42d#K*!sg$GmCz}`ny#2QG?GeT5kI|}R%GoaE{|=<Q
z%pRev{@XyxvP=2NK+4k{w0|E+`GG5Q$3RMq+noa`Z*XN`ypnC7jD^$c7JPZjCx3j)
zGgjD?_OrO^TYeD3Y=8;>Ji|oWgwJ7^$eQqZ3=>5Yek#L6%!KzdOms|mnPEXf>f3Ry
zw?ahx_732bS@J~(b1BxjKSUW{Fzf#-Kil8IB2Aw0!J0Qq+aK?3D#u>0asosD5)1%_
zO5xI#V3RVsS0F%=Qr{{g^*KPm92Di-{{X2e;KQY>P=E@2j?NZ#?HP?qJOs1?0ts4J
z8=vFW(lR_@HI{xfD9&rn1+cN^xxoG2Jmg$J*Vf5>#;rio%Ir=12)DP8y@#`L4ZJ6S
zCPo&LdR8a;b+-7fZCoL{SxSw5R>=(3=!f?M&IjySk$ai`kC2T=XL?Nmx>JbecfQGz
zwRz<#R;@+o2Vjns&*pIt_W6Le;pM66D(8*OCiPt34BQ1V*6|V4F(-YR;Wb@$dkyZ)
z7CUQHP%+pV3nng<n2CL&G?U1gpsA6~MC57kex|W7O^Ne90yZNidMpwBOF?U!iQblo
z-V5IfCc2S`eg-ToO!O3^Tcv&Fuyx#is3@Um!6eLc!kkC>@ki30oRFZH&EfSl5(6Th
zM649fd;!{w%fneLgLrTG1aPe%WTM=`_VbVrJ~*SGTg;bI7m=+}?(?X~+yDeM$FW+#
zDt7Lj)36vt*)rab&qPH9q%ia%@;oIz&D*(P{Ia*}Wr{*ME>unyN?bBz#kAu5G8cwV
z@}^-Vbp|AQ<AGr`it$C;aUQJUtYFquKbnLzD#*@Ls2dd&mx&($1k(yk3Ty>;8aH}G
zzh;V;f|2Y<u6;S0<%RqN9VGxdXT67^0lE*z^?bhka>)#0ps%@@xA)he&_Ng~fe!EX
zuQd^(5&<FO2{nFu%J&|Gk~4e<Cn1)WvUXQjgoxOp4Bx!fGJGInM2`kAHZ$G?VCemy
z>GtmeWxusme!Kqo{;tyxWV|VtuN9e$Rg)36R+^LWS~ef93P^gcRo8rQ1kVag12*OT
z9i%ZYf4j)bUzazVc&{geo38MD@O1pZyoL%6(si4y*Jt{EP2U%%?{w+C3}kp_Mie->
zJt!gPc|lH!JL_68;U>!Ysd5rJTshyXxcX-9#2$OmkP<Xcr(xKo(negl%zXPw(7^RU
z-YX&V+eNPRvcN@?eficC`5e}*mtaXr+yc4nRVftChOm@~@%B}KhbBu1-IEN?+zH?s
z)BbIe{ybX@_mm`K`wB#x!g!^~oBb8kMCzq#k_cCmgyNbcn5^l=wkFMJYx+H@N#a-&
zFkyS4e0T{G`uq;<ON~5x_yAD<UrLu8(%k(JFn?+JFC6dV*_Z;7@k0nRR5yvG62<=x
zi2ufgG0A!alwWJ+#}^mKZ!~k{bjwLWtP^pjJNGFZC{9f1E{`r89)Q(e(73SKNx;EM
z70ckYW)#GbV2muFsKNGo%yHGl_s0&6fGL-#5PwI|#H3(=<8pF-b~o3;_<v)5z5OE4
z0iV<J>mB^GMiKQwl9GWjL`L}z>=^TuvDl<Ru_dj&BPV*HcLu`c+Lblo9Bl*Q!K&J+
z$#~kD)2yF-6P5h-)u;;KOQsbN&B}iA49?t_s2gH-_8$~PHhaZnhfucJAw%cBWcmXO
zi?m;j)+ge1h3~xt<KmBHek!_)8tC8Sxy$2?484UxTADB~Vc_Nnc33r84)>Yn1@_hv
zMhX@}dQD>q3)rB~9{1ZXMcc4?nDUnAP=CTKB5_*-Z?lKU47ro>9s|7oM0t<Qg_#9d
zZNmX0iRAb4h-*KH=c6D91AdR$){5Y1e$+eTi^7#~Yi`~^%z3{Gm?u)M`#shJm{>2u
zf%h6fE^l(+olBe=bGpeTJb2?oZOUV0*vVwW&YItT8DMk|IeYV*oF9FC$H~B0ny%|R
z--AJ|r*Ev;GAf8DzaEJ+{_~|D)td@=BN=Aro1TTq7j=VuX}%eQx<Zyd54_```+A4c
zu#93xVER1?pwqlNAlT0Qu2k78B1bSjubI}d@s$V(+DMqeXsnDwE_$OJ9F$1LR?+4v
zKrX!s)QGZ}b@<W6sbdMyardrkz;_@9O}VlyhbkqPn?WRGJ^9!P#AHfL5NISO78~C%
zu6|_5NxYy(akuMx+ET)eTgn?Q5|eH!7Ml{AZmLAZO@(MNZ4DD`Wre&ok!q}#bd6=L
zn$I;?gPYr{@k1JH5;nJ3>M{bJeO>R&+zG>~#XbWeL>@$#@?+pV2ju%x<&g?fxuQQc
z@_Xjn-3Jtr|9p&Gvu)~)Xl6)OjQG;>M-xdFj@@tlyoWmiqQwUPFcJD=XgD>SN=O&q
z8XHK6vVCU6kTo^VU~ve(+xd$QDoDvR-es}5EL0P3qj?X>ej9TY+;8bK7ay06@QWWE
z9z{2c;UMyKuybhUF^c^t556Z}xMt9d!o(C5nz;dU4faOjmVfRR3i>kuqU0tq2ZVLQ
z9e*<_C4iI+5X=Aqgcpr&#$;8Q-47@g%v9A8{BnM(j^ZO4!QxTI+(@gcV-8VRJ|c~C
zSu{GW$)i|>%8-mku?)quR?%s#!fCBybd@rZp!t~AxHi8M(-)XT`4!U_<c6EpMEsK7
zlJUIgP=(xkImZ6Uyq2J|C06t^9z3mqDAd&6ZYT{#OwUizC-46JL@FL`ev;lj!u-T;
z^xLlhvN}JtQ2$})r%_}coS(=x@%+SA`@J#5x%r6!zsGDcKk-B6Cw?4eequdte!31I
z@9F$>JzyMWev+oEJV?(^TE@;#ceNKt&0k;=oxdogFn_r)nZ@+Hoxg-UX7nZIudMe7
z$ZI*fbcz;3lH~*GJ~Bcnt$z7mXmP)a>d;?Fy~+(KzhaP!TE`LZQl<1NglY9E9|a;u
zr&nPq)vLS}h$ZwYS#KIRoXj)YOxEp8>9{VnHGQO)&1LXx>GfIMm&zQvUdByEd^X-h
z`ORy!Sk6?umE%xTb{_T>v%3smn#hbqo``A|@J{MBWLv~tV9YG=43nA9W=_x4poQ(A
zWJXgf^k}K}7catI;GL`o3vxf3YrhGNDB`2hk<Su7u^(q_8J|=7iNm9C7qn539#BIB
z6na=TV=;ZO{T7xF(~;1kXuYNUK!QcL?BgEUCO8%BTJlxc#B|GHp<D6?N=se18We-~
z2P&2vr98Y57_yXc5vW+e8?U${*)75Fv<v5Om^lT1h;}MLAk}uC1j87AXxl_r@n-h)
zAUYi;foz&MfQcl6keVp1Ra&tSs4DR~R$<(QK6w}Wq;-bs+hEAXy$&Yp8NU9)Ik%jt
zQNxXtdHkn>JC7d5^}IUXuJtp8#)5R)2Cm}B?x|8>>$ng5X0saXdMUdv3Z@r%k&egw
zCt?c1CMlSnKiGQSVymzZ-&6Akr!U;Aowwo5o~QZsI`v6I^0!9P1uRU=Xfe=%O!Us@
zws);FOb>MB0vTjfR1~?~2e$8)@jy>~$iEX#WuR2MxL%Zjk=awy-wP_U5AiaEJ>^W{
zg0U^Ija%p_{%~6Yg9bDTC8?Xde<8D{T*zEd2?Li0_m+?eBTn{|@2ZFMTGpvDMIXVn
zzKrWy#-zux^b$;|@6o=iW=;RW-V1|^3=TTWK!M+>x5+>oi2Nf&mIiY&vOE~c;=CV>
zqcB1RMZ&^HI-DN}hXdhYqh8JLx}AKGMx&SxmeOE1gBgZfaWL{;ZQ39XgH7djJ8!6s
z!EJ~2HZWDXZT|^P)vmwCeFyKAIy&?`>m>Bzdu4oJvVaOG+x|oH5-pX@cl+%U;e|WS
zmm71doG4~!bic}(Wyc5XF$~UoYl!f({W^bg{f7K3eGvzmx-*?%{@d?fet#s}A7{C1
zXtFd(klFr}K<-cTXC!;s%b}R)H<=0JEb#saa`1g@)3)Na5?z=vX=xtHhXZ@@2gk1x
zu?OGSWD?o@(uZjH4Qn6bEEq#taLkvM|D9919Ihvm=f_|fMZ7TclVNr~8G=1mXzuB>
z-vxSA^Tts`ty+MYFV0(WN?YixVXIJpeZ=)%RG^LsgBsIDPDKY*?_Z1r$btR94XVGV
zVwp``FM9=5FBc%PTJ~{oxw$8<2~8j#H8?qCf)riqvN@W7MaI&vBUr?~Knoh^h71dY
z3L>%P;nL@|AOkG;<v55<8eI+~qx>Fww6^pW<T^Q<>(JpHATbh-Ce;1_6NkpgWqpcB
zXrn;Zr+mti6(_n7*Q45ZH=ys{e}ulPp}DU2h_>wmb`~_Hd5AXG31PCw)R?T8!y+Uv
zU6Mza<k2O(v@Knd(Bqjdp?TLAqflTPs_ptC3cgL<f>lOTYVJu?4mKlh^{8B9%BFtF
zEnNt*RSLQlHoXX%qaT+pK?>=lAh@Ahx)f1jO_ShJ)1+twTQpqViAHojhgq0GWk^pO
zlB9Y%s1=gkN<R>}bWaBb?c_vXsm}gQT&HHG4LF|TSjy;F(tunAS^6;fLp?c6;tcF!
z5by)+W4|W?qsQUA^jc(cF&x=TuSX1kGSAZM@Ex?ra3BmJ)uR}g!`zn5h3%U#+-5Ot
z@cW(kF5f=lsW+m7JUI5gF1n2^*lGH({yt&eqv~Jg<DbLt?-7sWegcc7$>rYwa}MA0
z=`}uFun=Wt`-7;^*_}KI@QjY~WFQD$2e1k3d~aqhXd+KQZ2Kf=Df_433+>>K-(%)A
zno1)Jzp0;rf_SmdfY}g=Tm$@~>MQSu6kXs$U-^E3zuWskT+Wcn00kPGBVaj_4M%d&
zrzLR>vmFkZVffn13($CSxi$ClLEEE`g0`~m5xe&`8e*x)HuB2k2Zc8>eWv-n<MEe5
zmP($jc+hYLVcknI1+5@enSl}@oq;L5v@(NS%#4jVqXKw{z)B$8pq%Csz8DBpT|&+s
z@_nB<`rDB=3i)-CeDzPn4>qgp7A&6e|M5i~f|U#`QQdkPHP#JYIHtf2m4~3qQP~74
zf~yx)L%H&el@{PgOXR{vl{RlP?|$}!H<EZU4+?N@_$J^&kAh2vA3}%Ys*^>20vV_h
z`V06heLZ*t7d&>oP=3pBcO7N(s<ecVh$?3X_0u7lNDb_O)-iB|B>e91>_zB-ZI7v!
zCkO9$RpJ1LUJgxR0A9xl{$LTD<j#G~3k3qVSnMw#h(qArzlwEKj5ZhKP$=#G1#X(m
z7^(Nk*=CPP8}*xo7yKT30PMyt;n|S%O}--?15XS;VQUq!!g{eVzDU-4G?Wa~RLR-v
z1MvG;{5ShFK#_iwzpcu?u5|0{V^Z-``%U!yQ_*l9pt&2VXl$8HJV&`gCz14mE=Dsd
zUR>`e{|NaCh9Rx87N><QhGE8rcD9$`2$-x|06ZZ#w08zf(Ai#=cIUZ8!>FLU6ia1{
zf!+VCHvU=fTF`Hj^vkH*>tYa`4PSMzOz57MQIFjc1vhr*Wz?g#gd3Z}jr}O0zQGL;
zlu+N@5{AROfiRpeoR?8A<T1=do$!p8!U2wwLB#Vi>g+rQny3^$^ioJnuEP@vil}dH
zDI!o4wZhw83X7@r309IIhX74f3b%YIB&OG;B?;;X%tW0+y;QhWU?mCi2+%~O@E3TV
z@OZ{M7p%d5ux?^M<A>c2A!B5X@O@3#-AEplfQ@~+q!y{XO+{r*29H@@?|4FUm4jHu
z;pDzm4nwIksr&jfD~mB7X1yKYmk$})y93#i=Afg-9MpJ><8k1tx$2%Jwms&S>F&(G
zmB#cKec6r303UPk3W0TYVQCAd<0~J-6RMre4qwK4&o#=b0qqw+1@iOKyJ;2(S<P&)
z01w(HV%opahObjAMzPOdxd5hxFnh#`?y<C)U3xC+T6zu3V@(cFf6Pw|HU)KEe(5)n
zAu8mTp3RJ(K&l#2bK9ruaR@*$ZKuS2D~)M18i;5MRMzf(G)0-v)Ax3x&Bn%xguq7X
zI0z$>VClC|4Xr%uc!z|dQzE5q8o?sI<Lpm|!8u%!q42Ro<GLp2!Gg`ZMfy?d!`vum
zGT-BhTb<bXOCQG+Qt#a1i~ZY!KaCV)cWSy)R3+2c5lK!on$s_Ax~^tc*$u@up_oHh
zN+w`DVH_-d62Ni3whwrCdLskJXO1N}VF*)H3%oh8jk%x$l)i(L&Qi<`(tSvAorT?x
zc4g^0zK$ThTDnd+YoH`~NVip(k9I!Go4OKO)h*j=%azY;c?MjI49WhIRphvFdt>=g
zl4bnxStgcWCs`)bC@6sT#o%)#5qDfm7a_>C{Bc;K&=Lwn{410;Il^e<lJ>tO_^`w|
z5&J^$AB=Q4W<Y$LmF)fs#5#Do(EbdlORik{9*UK4U$ctsQ`PkS`5@*wIayn8<~6%a
zmlTc!>|x_vG8zPCSmUj2xCWS~dw>-hStidVK94#+to$YYPS&_TeHHslw*t4*D%kz$
zr<(C{VTM+3`K)cVH#?`<$%Q66KQ%jd)9LK>%z-~ZTZ{Fq{K74hSoy-`QUZP2ErUJc
z_Sg|7t*+#STx9E70gEthW#{=vn^&->pd3HnM*BV@^CsJ&h{2o3dl8LYIKw4v9vl-u
zjG^Hn26En9zRk`4npc1wfGqUD>N~M!%M@UojB?cwDHSoA&lHfOFmIzJfTSp-!6}pi
zJIC=&4Vp1b#!3`>YFybw1DEGxQW6X}ge%J5iF6}|fvBGRj2j0i5KFVX%PtQ11P@4^
zs05aQyvTSr;rF9#uZYv4$XDLwob<v>J~0|;A6~L1n;FZSpeSuoa=38}8^t)g*eR+2
zrYsJYK8)fR``B(v@3E1%xf&NRv9wL61c#%y9IZnsd0b^|=F6>-x;Elrm@_E|?7Vjf
z=SUytEOQzo&G!Qm->1i!dCL1h1PAvhF93b5Zg#k>Z5}ieU2bbkGSXh-7ZEpnKlw7i
z8@``}PU{TfQx`l2c9&lQ%V3frPyPyEn>mIEyS?9S$g+9w*BVP0tH5;t!b$fAtZ}Zw
zEi=3dd<76@p*)trml2Q|=?+X*Bw7vb)9H5&>rn>lnTceuk!dD_<M2?dVd&m--cCsN
zYgA6KFKWhx8$dCLD+M^%Ft8cXa1T(J9OLmj6dTz4>;XywN47I`N567^6bsh7w4q~)
z;@JKg$!4P3f1V6{H5vFi1CSZA0pvLeoEBVvx2jNd;-@f7!;-JSX;gzz_DKwl+Vm_&
zY$LpIFVfBQqTeIe!yba2XoVg~#MqTn@kfb9W(JuRLrpc*ybH=76`Aq48%&Hr<v+Mv
zHT)E)tm~xbVocRV&g=4?ECt`)7r~GBMT>5mAhC^gY@8T34mbAWaQwXiUpX6QjW0QB
z%+W=97rBlao{SUT_5YaQ0U(Wac&+n;X8RjpPan4C^3m<$7|QW|Ktz%u*_dZ^pHFPC
zGw)(Iug3LM4^T+o4g`tcVZiJDgrx~ycP}Qi<Mm#q4nyhnx*&sg!-#r)(geow0@}Kw
zxv}GqP0m&;nYES5+tS8u===i>4cafZ(HQTr0nNm38Pe+bDiz_Y<kD6oqJ8^qP*`Q#
z560qXl_G#<b@l$w@GE_`|GnXI96o0@`AKzgIqw4C^Kq41gsHN&wEQDZy5`PAJuP4B
z3GoVBz^aGgZcG7T0!W1gZsLo8`769Rh`E<rG0646dlJU_t*mQi6)|#bTcYXzga?0!
z@R4fH{BbUo@NdK^UrrmbvYPu6LS^I8OHX9a#-V&Zg!_ksMQ`Q7XaQ~v;5?j~0?fa;
zgGM1?K*JNJrj?@{v{Vifrsuhv@zhvn{KB$8QO6DWd3_0QI{WlR^wx!o4ve%QKObzE
z51cR-XHRw*6!Y*D=`u$}p0yRFW^?&~gce2Dr{Ose)YyW>mH4;7oy<m5UN|U!;T98D
zI#4#@q?JlFp$8OPbDt|%Z_=EDUI?mwLi#e(-wje^pZNytO0mYmF6~6@Q5k|?tx(jt
z;nK^nC~p5XMqd9+WcFsycB)})p-w@5I@7NdBsaZ)VS5U3+FVGM!Ihr-e=arOt3Ap9
zZ~px;`S9J3_F&ec?wlB6Z^v`H<>#S7%bQ2^;Y%7oEA2cR{ew(`v1g-ylyFn5WT_M2
zJp)<iz>*(oti`b{c94$AgQFL^HxF~(x1enMq{uOFjp^y;zD#z?2H?#nJ81(<nXrLQ
ziElP0%HWQM>bp9)UhPa@Sf=JuxcHu3@%%zQxM;Bx2DrW<M8P|ooqGFwXbBu>g$1Mq
zg*Xii)M-d+*~bw+QVaPw6`oN$<C0qPgF=YZd>E&~*=c7|Qn5M(_LQqwIr!vUjIZ5%
zMF`pk_Dld5D+fCjY*830NC?+&Bt+k^2RkLGIG7ensMy*D)AnJl369Vj?BS2l8aT>2
zLTiFlYoMLx2ENsf9}~Stt=Wkk)v(s&kI)*d#E#IK{1ID|PqikG)?n||dIaV^2r_v+
z3o^OZDIB^Uzx7U`d7*qYI(hjW@8nI)L?@J($xdiuraFPdOm}dp43<`uEC2c*&Fig)
zLSc3}Mk5p~t&;E{*>jLP=Zk*Wsz@?<dyuu~aZcG9kz@{x!ErGUgR0i3By&uqhtxcF
zr`ZX4d9}4uFaDC}e+@jJ<mCBclFR2y$q_JLPL7WGN~;Zvq9Zm+nDp?C5)MCnqhxp-
zzEK!iY*c_ok@dGZKS}qjQMg5N<VFdv9==h+=!b8VjFQ7Q3ImLd%A-*j0p?O2$H1?n
zqwcjaaOn&TK&)TcuDeRi)dt2##v4WIr_8+ja76kCz7KhPK;9#H2*OF-a?9wJ>1sec
z3p|2S(Q2CEo!wWj0*uC4t$98K6Y_qsaugNj=BGn`mbLml{^+HZhb1C-Yo-5CM)Vks
zDO?v2kms09`D%#H*|^mURkz8>c2Lake6VMqcMzC8BBp@c>nAa6ef@-JY<|-=xdsTl
zb0AYbEi~(~DzhA-E-dl>h<IQVKRP(_gExHKUus@3-@%9Ix!}nwcj$UtLaCeQNuV{#
z!H<R{;_@?{Mqrh+vxx-+(atNzaGr<NAq)dm9p=GN<PSN2qBIs)ddLZ{{j}6~D!~Fm
znr_SvKt`zsG=i-NR8VfG$uGahewXJt;I&{N<^t;Li5rbW(BR}lC@hADP^2Tx3nQbm
zr@>+*0db*<ivr9DjoBFgv(I0Q8g(k223U_ZAF-WID+kjyNGbMZ4I{>;npUA5CJ|ag
z6fn`Cl{OYi>?-U@pe?TQA^^Py=u;CB?Ak?@3-flyV=989gt;&JJu=72&*6{0paT85
zv=J&@)4t=_zT;Bu16tC)LR3RlHQT=9OdW72LhpR218zd*Zh?7G1KW%S#$w>%pvL=5
z%vTf(r14$7rvgh6)+jyZUQ;<<UsFjWiPl?Q6;ze>VDn7tYJoOR?V_;U1EVS_c^l$X
zs3Q|F7pUlG<#0TM|J%lv$hxW<2jeC3??JnHRQ+y5E2r0BR5T$^G9Zesk@&JhG-?2V
z8xV~`P{_}HH945kPv%_|c$YFfVV*w8H{l<L$%-~)%dkPNSfOaluNXnfDp?L0zV>1p
z9<iTsy~fdbp}JK=*jQ}kf41q7!5kblFm%{<UZA*%@%BxZoVqaQII|<s;%&Ap^SB=4
z-gJR)tM-pD-YIhE%mdt!c+&+;kI`(_<Dld;?uqmHiJji^pJLy^L6J%qj#$3p4ER%h
zFwPFlNe3V(6`<9|V?j0Qv&~ovlRh?ba_{X;y2p7Wcp&v|3?uyBqwsg|-57~;Z93e$
zF_dbFcVq0cF9Oy+`$9-on>^&%7Y<yED_`y;rtc$QFD5r7xl7dBj*lfQzsH~Uov7QJ
ztu23Z=<bmEfaKZiGhQFRUzYP;iG|-IWeoeh#{d{@gb=mZX8;vEnm>}V=J(D*z^3y%
zm5lKiXSUzWwFc#<rZ5y-kHaAi#@PWo&ar0o2;D<^h)KWxUjtIV&+{kflM^};nyaTS
zOcwR<7nt9()<9~+=-KbhtqHFm$p$cE$^@`nvf1K-E=o$q?YiEohvojJSgP!J81<uZ
zf6BRA*83#d{aLf#kv^|!&(!(^sWs|BEKQVt9&s`l`ow|8_qfU`4JlxQ5?kI&MvQMP
zI_7Q{51ZH{o)5RRW-w|Q+<WeX25CbNMDbxRLg(FQ{)V=HG1Fd;sRC-F3$Tk#7}49>
zFh9(_a>uE%!doS(J09a~c3b8C;~10X)n~me=GEcnCA?Q7dIaa2#24Mn=SZ{L-iYzi
zek85imPVk|!!SAtYeL3yO}Ng*8f!Ibnsxz?e8QCHQMYlNCCXt**swYp7##4rvCT`R
z%xy!IGB|(v1#M4`_$iKlk8$pVq=f3+2}uzFRUeA}?gFfHZ(|!k&hgH~9#LEsc}x9)
zyyq~n=jv5xvcwu8d^~K(t%?Il7s!owSY4qHKyu7$DBx6kRKLC7Z}>enyxv(5!2QRQ
z3O)X<t(=X&FvX{iO`{?VZ6?94c>dtZIryTUtZ0Da=uDGk;-h)PtvKX$QSj6x>&bCM
zF2MA-;*Hxh1Z#TKiDN$AI=|3XNXa8LW)J2&1t?C+pw9Lx%<A)H976i|PZIKlP9mwo
z`~4R91<;{j>4{n|s6uX347Ql)>4=S!`ZcO6&3SZ6@@G26vh5Mnq%dj+;Tc8_lj68K
z)GPJ!?1Qjb4!fb$t(hD71!fO}Zjg?p>cJguD%DjJLe=@Z`~W+r_9*Ja(iopOxspKB
z-teGKU=w}`v@kB&k%AHiCW!`AP$}G0R{%D^Jtfl~qBtK)EN&f%79TFVp+4s9Ol;n7
zbJh;dC(u%;b%`5_AAO6cE{}S4t7^yZJpOY&K62uNB$aPJRq`g^zS!3XeOjA*hOJYo
zy1kjK)8f&AZbHLHceyf%uHh{<bBB$(6<#3Az#9+0#_`plzUBOx3!nJycdnA(#XfSC
zteuugzr>idOnUcS-0M^SAcB8m<rh(Y!3=ARYu|ec+IDD|Y(ghMe+qH(f??uBg%<j~
ze;y#h6h>qhv9lJ#4f2ql>7s5cZ<yQ3n+arb@@5=?guFQbdGmQAZv^Z5d`EuwT=`B2
z8j(B?rR34bs~M@%=bTvjTmm;4k`56BN6>KJepnIo4vHY+PZ305{U@?9J^rn&oQuCV
zSP{f1${78v&tJRpB*b*^G($=RF?m1)nW&*6NYf~SE-BY8p~}|?q5Tj-QWb@eeq1X;
z=#us%XtupNaziv?rI4gh3dKoA3Mu>}OCg%Hu4$jW8h!Q!D}$y{k0HgiB7=meopu~w
zzcwX@Si2U$AZHPgL#fz$2Sx1Bosxc&9BKlL${|ysL>Ml%5=qZEH{nZ}lt2@5iM?y(
z5~(3_=~~F8DO6+Rl8L_-a*44=kW0*2yH@0qK~o!Cm$<vYH}FmcegB?oe_;6pfU3`5
zvUo9>G$X-F;@Ejc8>yvdX@@Jje|T9Vf><^yHhf=Xzt%1(3X-(g8;5pfUxvo+y4b!1
zYL*b9c;5O;$65B*v4AoMdenPyOuv!%!(d?>R?%2;LLJk@m0B29h&OJ5PB#g2-`a5t
z+&{CG(zfQFRf?hGe|5+AuGmL`$I*5CanF7H^Jo;l%E2^fr}FWmmvIv-=L0}W#ytwS
z4zpLOEq{5KY=cmHDnJa_sGLGx)UmM-@Z|jqf9XWTLKJk6AFEyn%+m5He-<B64ZOe+
zB#ux09xHLO@O}W~WMLZt=f5TJeiyRvOI8-Lb(Dqtg@0bom00NR%;JF&uFWLAQ=iv#
zSxl7>jWfzTjL~pDstN7`hm0BA3o>U=SVrmPprlTfwn!iK8;zBxpvr|#qoYeSwpm+V
zTbai<mS`neqA`J54*lg4Z2>V{q9y!0XtKyhn)Kg_O|pyfMRQm5#u164x<n&135qS6
z$VNC%9+~}Rh)1a@2l1#M2MZm%iay@n0Wxl{;@W2c_n8A9|7i*zLr)~?!pzo=)fp8`
zsQLnWzaHVS3YM%`pyjbnqlCQ5o@vA4(fhKMk#L*{PQYkp$8_2Z(%49XjRlS1O&*CD
zHxU&qk%%*vcBO)TVntWM*|{p#wV7cf#0qKw4!)z@q#$0+6&eMJ3*gAZ#Nl#su8SKx
z&~dQke9M5a8&Q@^L0J2Cd8aNXi8Lv+iChtuVX_y(*IuC<g*^T+t5dAPq}Nq4Q@MVz
zo`OhOWeA>D@nM%l6pyIj%8zTdIbdQ$xDrMq@<?-}(WrurB5@?j4CTZ<&cM6$p3{62
zuJdI}D%Ya<qI{wsuE1cYdqQk=3UFUs3Clq#3h~Tl+$Sr0K;|L+l86s%rRWSUhP5YV
zL7cL5j75Nbg##1zArtY^E4tM7ha5?n^)dV6>3RxF!eccY^Ae6!ek!!TA1Gng!7EQ@
zrSrPDmO$1<B^KGpPrdB$a+s|MBvsB$RWeuYLV3(5oMVJn)VMr7RSlV`zF}voqnxM6
zmu8;&Qfp?FNC{?`r<l~*wo1XLYjX-ZU7J&;O|G)%cbxCE1{pp0xqz{3yYD>>ZFs)Q
zi2fp?ljlK6*VA$yv=<q$_vd5v`Yim@5aG?jrxSMk?s$l~tedjF<S=#3pe}g}!S4}+
zr5aw@U3vp96fR$YIjMaX^bWGZ<{oY<#?e;<uO89DG=eIi4*g9xdnphcNU#dkX&bnF
z(Y*+_7eQlzwm!fNU!vy0ej2v)NV#BVi9awG4i;uJ_%z9KYD4$UYZo25K7=JCOdj|J
z6G-f#@CAMOgne+n$CidD3}Kv`pO|0zE<6)pEYfO7QGx9c{%>{1SzH{2#6oVPO8P4G
z6LDTT6t#H+<i#k{yqG}$AA4^CUB^-7jko)~*Kd`qXW8#*Z`p~Qj$}D|;y9ZF*?=U3
zkc1~2Bg=M7Y)F*IP9RYv#11ng83o&b33d{;Ko}Ti7?y#7gdM(tF=pR)W*GK;3*rC!
z-CNb&uho{t{Lh^4%y+C~_v^Y{b?>cPx2kS!w}!tQIf$apJ`DMMIg*bohe14%1N|mh
zba;>i@lk~LQG|MsT61k2Gsl(!=t&<_>}G;pN((dTB51DI6=c0cWsZh9mW4c6wOPm`
z3kYf!IG6Qhz60&Zf{`03*79bZMZ=aAvq)2n(Jx|SzNKFTeKbQ#pGLx$^LFwau&xpH
zvPy|O97-gNA(CmycNIZ<)-DrZ$WwtE*gVb>QyE|ez~Nu9TA3Z=9X{9zg<cqaF${*z
z@XW*TK}`K)L5)Wa$`d~cDHU<^1J)b{_nTFZfrFp4tG82Ip;u9zof<<BRY>aVYw-IO
zQ(w0L9<Q&-vq9mWDcxwK2IJIbq;iHf#Mf^x#bg~<bFrc7xhP&LX}A*0b=J0tV-794
zG42r%?!Sb|;yCp|c4HaDSmRP&*)WFnomr5o9*ym>Ck#6LRn=i;1$7*iwW*Hh;FldY
zDw$K@V2hux1}}O_1}kIa!Y&?``<la8yW(e*poMEeLeVWCtjc5%Z3%@l{s2!vqf1p6
zIdyD}coTAh!^~WXQi6&okMa9@^qdN_t2mRyCAWw?2t+H<MXs;1D)4j^T=M1*wHL!Q
z)xwBg+W`HnmM*Rqaf=At*lgu}0|jovgF0cWJ{5>&=)+hawyQ;jJ|S<Ya^^szqn6_U
z2kmam-L1U{eJ~vq>o*i;k7_0~b?tI|%bP?0Y*Rjf^7vX*9#jL$J8Dy!i-Veh&#z~3
zSicM^30>ueiLF7YOO-_7w6Kk_F>JZma0BhIeYeYeB37h`iU>D1l)6zmhgdpjht~W(
zU-Tx6L^0uht@SWqn+ghoT3^jWzIFJ9K*1CawU@#;)uJgF2(DVbxLRVt;P&wL0$oO+
zEKo2-ZtIX`{NaaPVXuhe$Kz7!yi>&#O_2pf2EwAs3j%TcV$3BL$77_Z;8_C5Wh0E)
zGXk4_Z7;qVr3w8vXp0ivIgvLlir6NsgI{M^!v7TaSavzn*Fi1)&grM)C-km7TOP{s
z9y&+QtYyU(il^(;boF_XfnLTrHb##%86<Izg(UlN2*k<2Pk2a)@t4ny-)dOAt|>C&
z9RdGO)9}y3&o}4B&xSrexu~?05~}STo8k+?yBMw`%ol`jX1D`kz94)H!<`88MQoj{
za|(!jL*$?3^hgQQw!G<a6%N!ayI~Z&M6jxN1EOQ|CMH!jxs&4vjOw78_Rsl9FMl`$
zZy1;j*1_a9Ojs@qP&u)z7@%PX^2<5vfb5&(2lFZ@?*Xj7X1L*Ti;S!>w_~SP2!xsI
z<oj@FTzM4Z^V6Pq9pfC$<;od$z=1arR`3{drs6W}Do7<}m{m{{s|t$A?Oe1$-%>sY
zS_UcuWz3{z?YVLiz(&s)*Su7UG!jq@S4buSMRrIj0WDyNnhVZE1~60&*5Y>zK0>Pn
zxCuo*M|VhcNF>kC8ZB?46~-|9X^w_%cGbLzRxr_WV;I{uN5lTRYQaRynP@_{IU0w$
zePT4)l8{}LzrYbh*T_4s3Q<sHEXH;4JE^j~7f_g||1+}0`e<g^&{AnFsyWS!(Jane
z#6Eh>AK}L{_A%f55wk(DkA>!sT7Ku6@;jU5$09gKUkbrle9<J$WvNN>fk{%ZNpfjP
zv|Kew!6wPsBycS;mx`9LCdt_(o=uWZOLCa<zHA}oop-Lm&bDt$-Kk(ot#5rx*Yq~%
z`_A_)!pYa{^tE`$Ro)()5pcR7KeP-RwDMiDns9&Ii=K&z5d+NU;jf5?r2c!MH7C}p
zrT!VbtX>V<wIs0B#|@o^*M|u07wEV6+9|Kxo49(((9*8bP<J=HarD4*MsI0oF&3Z8
z6MvxLAUDsU*S!hM>B<_qTaG2Yp2pOT06Ifhs8{Xp+hAcBH_;S79@V2->Dq|@8|W9z
zuHNGE&3{3jX^|@kT`CuJ^@fB`;(|;}%v}!?Z!s>StL98I*SBHAzUpFKsX^abZMziM
zam7vWUf?ncgeyChmyOa)V!>vyA%R|+2Yj$CXc))UTMe|;I43MuTfGx%AjB+j(UomK
zZaq>5=sZ?@1A6#16R@7aR=eH_*Io<W$D+edpz6|#r?(>sIKr;Bu8lB#Vr=P6U+sn_
zHX)G{-nsT3j6Ir>JOfCqs}S+Gbfwp$)*^1eS~Z5tq3gIiw1!=4*b0`dc2w(e9u#6|
z%Y}CxhA8gBB2nCfHT*GLm1UsV1INvNUDdAP2OVw2>+Rh_phpSxRJ#)d0ErXmF{pZ~
zJtWXu?InS31MRMM6WUkp8-B3X?qi`DEc#t>lvZwj=NyUo28)j*z|vpsAO1jh`*PuL
zh4Qzex;%~y*a3<2x5D69QC&eC$5f9Yf6EPYd38AjaBTHh2%y$JAX>L_j@GSAXx+-{
zK#bWPbG2@z!N0P)l2nhY9!IUiiofh%7znj)U>>ats)1-7Zu6L{mhHz^k6(M!pK;VZ
z*FK24JUF=4m8u_Hf|kyX@iGqgU97}9iyf}Q*3_n=?rBSLCXRS%L-DjV%Msa=rsAv@
zK+*Yyjm24SHUTylXB|Xf&F}DV{r)Ld6L;ASQ?!oU>1X0u+c))W30$v%Tk*4oC*fT`
z(C8f2@QjQTOI44jLO@b+EbaOy##13#ELBH56#`5(w8Qn+G$r{<JV|Ff2?CPj4A)<0
zva%zFzAGLV0f}3lc*19GyNHz@wu?HR&N!EW-yGMplKX9RyBl1Ag!|osi%?2a6G#jk
z&m!Bki5CNJ?C`TW3<aFc>-FD8G##ZA&iz6{6YFStR?ij3T`Y505iFmM4Q5bJ+we}r
zhkEcEsoQf=zha)unLV2-wk-`)>mf9DKpF>?pGa+UCz%CU&p@kqgC~g=4#CZZ0bD5n
zmvj18Xd2}$T&K!8xGKi^19{70Aw*XJ^VaND<8=;H?AJL^F=6LGX<PPH)=&cEN(|!!
z6&^U+ys2qiksc#H(nyb?X0(ny(qoVxr_hH(k1AUk__q|-j-qy8k4Da!0Ha187!s_<
zb~ZVKjp*cEMhBSi41wfn4v=ij0g|!-HjN|nqOak-GDgZc&jNi}qlHI=eZhGwHJtuD
z8T<0s)di20Vss~2-GlQb5L_TX8P7zwYq{Eh$vEZV!>7iOi`}nD%eB&sb8Eyy(^q$T
zN1O*%O~Zq>l_SDv$cP(UD4ZQGl`yL3uCd_!(I~@Ow>{^X&`ti~reWG?SdXUZ)*n0E
zkqM95as)58%E-jZz`=p=i;TBpX^P<&N;Hn`20Pg}!+iR>O?lwp>0tsI3f*_W{ayD!
zO)s<<IGDFz;kYFQ){z41w6JMQ@cw}=3u}b<X4teR$-N^=5|Vo`f`#N>8NotwH;1Sr
za^DQ&&9L)G>{G%?nXui<$hydPXiK}3w;^sOJHD9(9G`BDFOSHQ$b*<doti{!dw%A2
zyqlXjqi=eKMm|YB(0NkRo|4x17Em%xs<h3VM~#2q+VoxhMSWL!C3W52TAn!NbGFU3
zdB}}l%cSlkquq?7-aLSdi_ZQJHBX_t2<6P*_!~GAj5$8~LBUknnY$SY@Ouf@D=e$A
zn=IW)W+|w`MHH<N4lTs5lPB&(5Rm&UVd*oAn52I?IDxkmOm3<}k}@Vh%kjAIE)yad
z{|~GUaY_@0JZ90ihdFcD0|-h_FqUCeBq91eKfa9=F^N%a8NA%xc^yJi<i%JnrYwNK
z+}GW#4`YCTk1`H50NqjD9GHT0Em43sL3X%<rwFjVx|36&knzS}0ime|p+BA>RfSDW
z>-#J5ed;-Q*Y==ECx~J`osjQIoj4!-UadYVg$4MKHDyog;Jtz&RxnC+aE3~J-z4wK
zu_wYZT_<!f>u`_C_f^NpW+{Uy7V<uRA2>I!)C~3IMGrMx-<KEyX6cvAVF0c>o(z0H
zP<&yeQU+7T#I8PS;2K`^p`7<bdCGa2fwE=CY{kpYb-3^4IO*SSex2$z45PV=BCLu~
zYN!*$fGbj{Om|`B?lu@uQca&r%$cd@@yDHHNR(dh%Y8nAqARWwfZnIo)?r)_<Ndab
zp!eItGZq8%J0>%%%=h8bXf%^X5jc6YQCZmo`5!7Pi%)K=#fm8I`y%_|Gc3Ftmh*NI
z*LshuSzU?8kKHMjb)JB{{3mH-<Wg3&5zG<<bP`TbP`N7D8H^n!SfS~23exek<7#L$
z6nAdN7kh1Mw#1qE94c8(``1qZ?+=xCvSb?_xN#B(_R6R<I=C40jZmOUe*6LawB*O%
zgdd!B8-Fu@bNTTH`Rl<G(l?<?aC)gX&*n2l1>}kfP|rp`LL5$CU`3V6$k&2tf~v)$
z!no#AP%m|O#qOYfSO_9GRq9BFbjgM9p|7U+`H<#zg5@jrvOD<#<k#50rnw<R;kG}K
zJ}B0{Gsb*%UA{Nhbx-E5*Qp-HXg0O~5oJqX+XHDdrLu=>06FIz<U#ry>;N9=+JLJu
zr(X=dygmDQ$A!Mv8w_=rP=|y%O{fzg3>T+gh(y6n&>ajHsr#&-lntCc{VgSds}MfM
zovbg52kwx-I?=GHI~k}=-Nhes$!w-}QXx|x#i|DG#6Xq93e+*5M-`BXB-Gl!L0qYy
zS*IN~6_(`LW^;8@E{KHwcDv)dz|_ReNG6*OVhfv|EPz7o+pt9Jj_*V~F`Ib{GIV{_
znl9tNPI15vnm7P7@K&dhUp9jb-9OMd@exAR1)Xr_$wFzR0ELjXdRV!W%oaN}uFJ!H
zurT#a%ao3m+@<;P+eCsx=M?N+ZnB{co^1=!crT0vup+wb3nq6)GULxC8n|a6Ro%bH
zv7MB2corlh`!7Gjb3+rK0|GPyl&6%W$N`eUX3UAL+npQrlVn(qm&JY4Wu&ZsB=tUc
z4hSP13hH}6x$`er6ve&T)Bt22ZCH(?C6@H~q_8-Ci)2_~8qs=XW}<ongD6oTU6IiB
zp)-(|S7|##b?OVf^3dtaRamFviWJ>A@~dBL{w(_@J?A0dc)yFhhed-lwqX9Md+6L;
zFr&FHPXu4InTB_u5#TmChbA5-=dIa-czPD?m*}&ZLg?waSq9NHjdb)3b8YxFgHNM7
zHAZuTX_e@${6QVW01J5(A3rJyEXt}tY6GSH9y|eYTu3=!O%;8C_-8ruwFq<Xrr)-j
z)2O)miUT>^+{nT+>h`|(H>sP%M%#f7o%n0gXyo_6p%{bR8e|({=$912cEmsyD}-%H
z2CKeIR__YVfeSPzqu5QvvVnq%LV7wh+Ti^VHq}?b?j)O*;C7LSyu+p1nZ&0ySI)Tv
zqn&-!A;B-1lx-W{&JIk&-iDqIK1Rg94Q6>)8K~PKXL2!xi_Z8_NI~lxTvNeQ)Sfc@
zGgaW0sU_332ObK$_q69SJ$ulL_3mlUXZrTE7czcvPkRx!$L?t_W&HA<_A;Ee?P;%M
z{FXiKEg8QRcZy~F#kf$+ZEs&Aew5*#8XHi0gDGTX49ybm!SNb?(S&g=0U-@|pU?={
zdk;thSBy!xgiaCnBiiIeIL8DaN{_v$fP~3$dk6qwYN%K%x=k-k-&!CbOkSya0EDU0
zwjpvv94qXYQZL)oEx7fhx;RXXh7EfcBih)tfXG;*x4gG6&U;0h7#9OY*{&3EO_0rU
zi&u<Df<DF(S(^$RVVhMv!`PukP?#DLMf^C`9GHOELKI~P7?6l>+$KR#grdm!F`;9m
zQ{h@dh@wKDr17ldZUKTK6s?ROm;7RQ7ws6~8Dn^F<D$UYUt)e1*KkAE8vC>LJoF8}
z9R=tdemjfMJN$ORe-->O@6UF_e<R#1@6Yz&cpJPY@6YyD^H4;*^i>N`M!fj2lc<q=
zg-t}Y<SW)>sGEG{QVJB5uh?HgE#)irFHlwaiiHsBYh%CIuAxscxu<wD=5#Z$4VcnW
z{T-`lZE9A3?#7Sw-x=pBG&?_*Hr<_MBsl5KPw@r&Vc49X#*Tx@<O5&$0gV!FV|6Eq
zNIvi-@AuPWXyG0NvyPo{IHvoF_8G)VxBvXjG=zu-yhn5ByKsKZQfes*r$wd2%jFFv
zd?2NwQo<%c-3o{y^WZPBN0Y|T#NVMW2-aeVjJ+Y}qUo8TT{UsYLT6sW;IG5rOA#D=
z9`9S(hc{dV6Lt8(OHlczUd0G9M-Yu$e{qDf2#cHo@-6*-=rhxEaNN`Rsmg*#?Hoew
zOK8x{yzTtXEa?y`xC2aalQ~>0@)fN=8Ang|I4pi-vB@Uip7S6vl8}Ah(JOWx=Yzjv
zi-s0QwiLrG!X_J7UGxb_n`ihT2TL<PR@?+rF~WqCdKQx$<_j?ufvG?Piw6usFD%gP
z;rBb7E3P&2!JQx~fxd>P0bJ>5jeYi+--En<M%noNcg(=PLk?>ufAG7>jKYIe@HhBv
z!S74)3zuXC0bqYZK_OVM%&&PdFkv%lHNW0vn>+nV$f26wGZNf|MEm6f76;Mzcq8^(
zL%-pgOY}2(b5}3jg1ihVa40uHmN)r=;@{#Uws0p|K%XAJ2a{rjDAw-4gs>gnaLzx}
zkIZ(NhNA6G{SuwQ5yUMDhTdglEkMr+;h=`UCUy>}=^IWiuGwr{l*xR;slaE?`C#(-
za3_3F<Kg818IPavp^XAw!t*^Hn7Ph2a=qS2AJ5U@sG>}_;+6+o93|&_Xd`Bw3vC{z
zcSG*>O7!VH4D{(nn9)6B(|Z}l*+*US1>h9|=m-JP+??kyA3vvV<U}sH?bzFnlS;we
zEP;Z)&*B|-1MKkoHy3tb_YXFUVkpV^$DGq=d2&&0#-Nd7V^ZJ<Xvv3bE1u+8%7AgX
z&_Tq_$r5QY&J6JLPv?F)+!{ED`-_azM#>@nB^Q37P~u;12)|G~@h`W9UnnOtrW-hT
z$WFG-P{}bI-1%~F8=Q&<R}WdQuEk`*FQi_zX}!Y2d_|QZa)p?|MhUc(`<;9jl%dP`
zb4HEEcHS<j5@;FV640BQMD7hkt>=Yth5CL>4Pp#(Ia@RtlJ#>9vZW}b+p~Sx1b7bS
z6^i)RH?kYg?vdTNsI}OsKR72eCOhlL_<annzwSd;aA?Tf{lFOpX{gw^yvysu%DdU`
z*N4Vr9oMDH{14pxA#(l_JAY&7%Q56-n)GM|(E%4xThaLr|1;W$8gSI{zXSg}cL#5x
zPyux(?}e=Q<C{BqpT6PL=>7VJW8|;p8<KY+SvUUo;D7J#;EkHRD@+c5>Lz(ln7lVi
z-iKs<k&hA|<=w&S6$3^Sh5;WFy#|GkL8M{9M~7f}@GDH)!bd9~i+2aFRV+UC?OHUL
z4zp-*36n(wk3%7vHYTp}v4oHI-ND-p8h9eIXsQt!_;s;p+GA*zGVwA#C|ke2J9wKx
zvot~jPe7I%$l9WTutRQGAbuwwl(FBvJNSEp1_fccK}lFNkhw(zp@(Q#Fn%u|B5NOa
zO&T;P5Q_#SV$neG7L6Z6(@zY``B=fnF`=gT{Slhw5t<bdnqy*Uj%DHjK34K^T&OYr
zu@Rbq2+hg}&2cd_0TUn3#~>d=q1yOCgy#4N&0vIPD28Sg6A$yTnvWAAy;&8Z8II7b
zj?kPCLvtb%pTx(>e4G;L&5043lOi-HM`%uop*fX_PvhfsKF)~r=F|wyX%U*!BQ$5k
z(5zwNGx=D{$61lytclQ^8KGGlp*bst=4>WDhmUjlI4{zhvm-R;L}<>9(3}@TvyO?+
z=i@PaJT}ssbrG8LBQ%eR&^$JV<^m?ZkdKS_xH!_A3nDZZMrbaI&|Dlta|shaj*rLl
z@q|ckE{V`QE<*G82+b2>Xf9>q%lNpQk0(ZYb7_R;vIx!P5t=8)&|Ja9PvYZBKAs%u
z%@q-vCq-zkjL<wehUO|JzM79~_;^aBH&;byu8z=L6QOxZ3{8WH*`xUD`PdNY4fdGX
zhGHZ_vpzzzA%^CuOuUhgr|~fw>CICkG#eu{Pm9ou#?WkH;xRrp^RXq;n@tg#u?WrP
z2+fulnypNHEg#$XczUEaTO%~rMrgK0Xr3NJa~%_J=VJ#S&xrKqx(Lno2+fWN%`;+X
zp2@`5^Kk<o<B{GxGeUEHgyx0_&3FvWjZAzK9}|4+jPwRGskWqUiqK3%Xm-ZX>|)}Z
z`M8CTXGMCmD?)Q~gyxnA&9h=?p3TI!@^Kp<laby$J3@17gyyyg&14MC?Myty$21?$
ziS*|72+dT4W;#OioCr<-3=A=(?|-iOeV+M!K7XxsBe6oP5;sKL&lDl<ex@_%aa35B
zd;y}(xfM32{K0M(!*YtUM*yB$XlG8bOGOYPSP8OQMbNL9FuQ0BU=QG@wp+P@LNi!L
zkcmyO13@M>!A=C3c1*1tH~1%Z=mt|)Gp6olOg+t*dP7WNbv0w^YsLgCt%)fZY)xFj
zcC&1W5!j3jCR$StVXZY|YfWHV9AXoTG=Z%xfvuXrwj_bAJ;Wx)PXgQ01h!=fY%HCa
z{9)1AoQg%3z{b*|BAC*G3D=xcmQWlUi%5%8%)|sXmRKAci!7!ZFzTAI`5`v3T@%>)
z6WEp~u&qd7J0`>?26Y14u?cJg32ZA9*p3UarKp=9B(NQyz&4n`HWXq@)3;R#Y{Lm`
zs}tBx2(hK<+ldKmCnd0*oWOQUh%HUuPEBAtErIRy1hz9mY-#$oCV}nD1h%yaY-feo
z()8`@1h#V$*v?I0J1@kRrf=&K*v?O2drSh`V?%6d`gTDA+l2{i7bUP=9AZn;w@VV(
z9+$xO_yo2mgxJ#b?a~Cc%M#cwPhfjuh%HUuu1H{eQUcqR32aXev8CzTRS9fYC$L?U
z!1k07TbjN#64*u(*f@V0Z{IeA*wXavsR?Ww6WE@Xz&09UOVhVa32b8tY?~9<wuIQy
z^lfVb+qDU7+Y;EG9%4(=x9bwvwkNRdNML(Lh%HUuo|(XQeFEDJ32fsbwlsaaF@f!-
z1h$C;ww)oiG=1BZz;<&2+bs!f&kC`n>D#jt*ltZ=yDfojGQ^gqZ?`9~O(n2RC$K#y
z#HRWt_L*9lreo&p=^0%6RohK1Pt!@`8;rsDSFuM;1;JO?hVidrr5bYpUui1JXPMtU
z7581My=f@TAhg@qo?~i!#(4-0(J{3|%{Sp7v`WXOSXYhlDAq18S`&3_%Gju4*oxhu
ztSgJbKN`bRKhtvcZ{HnqBId8i3wC|TgOF3`G@ypM&{61f0F_|yjwbYqPLuO{@DEL&
zh5EBoso$DP{kBx<lMAK(*16PorBc5+mHI8I)StCb>Tj7#{l--4H>FaaNTt4Wq14|z
zm-;hPsb8N;{f1QP;|rz!z+CFrrBdIXN_|Hv^=B-U`Wxm_-<nGO+EnV>QmH?Eq10bD
zm-?nu>SL+YH>XnHvQX+N_5G=-)HkM5e_AT_(S=e^sqeUc%C>v4)&}b!w#AFJHtSQV
zZ&)bxl=^;ED)p;Vsb7;y{V5Bjo>JehNTvRyRO(lzQh)M7si)NUOH-*|mP-BdRO(M$
zDD{;3en~3z$E8w#d@A)PER=dmeZL@;`h}^~FG{6;@j|Jm)c19%)Xz_){+Lwik6kGB
zl=^;lD)n<xsh^ul{k(-zPpR)~QmLPrN_}lA^|KaAJ*B>%no9k&RO+XvQa@v%)KlvF
ziK*02N~L~sD)mzqN<F2%uS%spoJxIlD)kc<N<F2%2dUJLPo+MXN_}Xd)KlvFv8mJt
zQmL;@rGDH(si)NU{#5GAQ>m{=rGCspsi)NUo>c0+snq*Ysrw71o>JdCQmJ>QQtwKo
z-n~%jDfNA6D)nWl)N85K>kFlxQs3KBsaI2}FG;1|zEJ8Z^}Uixy(N`;Yby1{3#C4{
zzEhE8OsT_Y9k^lvBF(HTr4lbMl=$50PCc4KoN6Q%rXBxsxXHRPXZ*^lv7q6rR&|-&
z*9=01Vsi<RJqsmjnn#FiT2zmwIfQ5wjVjVKf3U(0_HpQ-`_r?|lQ4CV<G%dRu^%?Z
zVIS=BiMz3>$sNB3ktZtHf^JUv--=!9;klUoGGh?iK|21=h(1M;DE|1FrhfxI-FTMn
z13=@-UbN{~1A~p5b0)zfHhA$21ySqyCma$G-sYU4ki^Y?02CB+0x(I=c_Ih<V7cpU
z{GF7E6JC`%{w@hiI_p16?=lwtQuiI}en9R`j^b>!dy|{?Dbm-~F!!isur&{-?#9a5
zJp2?RG+I!d$z;9JF<fw(D{eBHB`ZVu;@Bv*f#$bWvqlT6+2S_UQV5*;5l2GY+i)T4
zSQ%I2<Ts5~as{A6a#2$c7Z{IXlfR2o`P89mcGRHD6h_S^E6^1s(g_}Tj~)xj2%Re}
zoor?s@{sX1;gSpBRSH><1y!8ZBz}-C<_n-fjQIj7E7~v{*s)I@SldiKMuGpAlo3$j
zer(DEhj$?*<V5fwUlftZrHI{+aCL2kBJ)$*=*Ei#i(~Ed#szm-TAO){7|e+z^lZwt
zp!F*$k8LHAE9bmX?7jsdGKBJJ0V=+Na|#QXvD4NF2&GodZPM?>O~{1QN}QG?Z7lsU
zDAG_7+j{p5(EN3nKW|$(lS3(iRJO<>#$gMkp2=@&hk}A!I}Sm3n{e|F4jU-#;<k2_
zpfpiJZBsivfWhCRwoph_7-cZZYu35J(uH!AGP%(*_}^3kg|QZ|0LqXe2x|VwdKSgS
zvko{Ef<nrVf}#gMW-3a_oN_Qq+HjO=Xd}y;uz3-rDF#!fH%7EK;Q%1jezcN-X68^v
zNP%L^p%@`q<_RyG+M%jKn){cHZZZ2d-^d{7l2BY*l_PLzM9zA_GX70i=TIP{<s8&0
zTiDcsyMQ%$cAFeOB^OW<BY&Gccp69fTN&WA2ZSI+jSN&#+<Z6H$d>U<mL|lz38$M!
zrJkdXX@*f<tjcDftyP>UVp~57b)|o7&5?j8i9BLU#!c0+Wq`e?*e=6_VA+<mwgtC@
z^47M1&5h_-zQ78@N-dJ6qZCRUij9n@qT4D%#Hhvuf(I#+0#3t@g{mepAZ^1$(bRJ(
z^PHU76S?P5w;%yF5h(M~mMo7MDGyW;u)rV4K2yzwA|Q1tXnP(y$Wn)j*^EORqeax3
zuqsQt^mHrp4D!snOnPVnjmSfZBcntPdXOtC7Zl7JMeSndq+kgkNz+DJveoQ1irgwT
zb!&5+CYukC%z2wypwY~u)MXOG3q>sCfSh$%)w)Rl$YfN*sHh+p6)frPvgL|8gzh60
z>KG^jYnF{EbeQ>)mH>@}=GDufafvq|nnRJiRwZdYq)4j;Y=I(Up=whHWc`6Mmi{Z3
z$&PL+wZfCdrcvxsH_cLOc3TBfZ$VGO^aVOHc5&UkX&O-3sc^!PX-A-73_^uS0|%y=
zZZym^^ZXLf{4MLR#=)s9Zk0CMfIB6Cjljg>jY0g1B0uJJZe~APmk8P{7JD@yd5b7B
zIM%J7$b}0H5tw4_-8|;k^ee?9=a6DN5r*&ggQsLN@JM{!=A+4|pa#eM?Uhg9ncwOX
z0MEz=nAcXIh@2Sld7To$bTg0xX-YL7T;aFP&~noDCnsl2ekXm5J>?7A4pvWX;%l(Q
z=D2N&*>O0HGWBL)g83p_*{9wR54<rRcpx5l69PDqx(%ho6a}x)wcamnG!BvWyOT^R
zP@K4p!-+-U9nEke6nJMGZm-b6snIMC^9<jG@`&4-<#$DXSJM1VDNO9N@SJka*$N$l
z6-XT;pXQwX#OYs-&MWmb8<u@dmzz*xaij7fl+4PQQTag$_lZGCoo0WiHjX_hQi2a2
z07uKyuLmw@Af=euJ$5(lu@DfdGFc-CHB3OLW|SU5G_3^2zJ#J95N#0pmcGq68wAhr
z@aZhNdkM~F{a*S*oL8E~IUAg7GsV<^xdq4cgms26T<Y4Tu<j66$z*#J)*HgiB~I$G
zimvES!i|S=g#_9<FZcjNP{!d3oKL7X#!Atp8%?)V;fRg6iTrR4_h1k~xzK{vMbcCv
zJk@d&g4j(|M8I<mAEujXw4XTbfHMyrfYN{UR-8>jvtQFI-|+^I{pP}Wdo6sYxhTFX
zygI(yTqfTWUN7Iv3+Mab^%1TaMW#`CYAKeowp_#Vw1pBYPg{7g^0Y<VRGwB9q&#yd
z&uqLrah~pfraXOLZsm#>XaQzW1?SRm?LhD_3KTbXn8Lwn6cIOW?U=7X;f1_d!Sz^D
zpfNnvaub68s|9K<L4UWLZhC2W@QC$t@G;hL1df>g69Kfh;_XlGf1~|z#a~L=olUrq
z?iRE`a~f<k((eFu_+KCs+I-_46}=nt-%v1eCMxG_Lz7~B$}pl1@G*Y=D56Zv89&e4
z#F1Wjf77RtKD@u_QwWH^k8fa1T?>xmzSp;ryG)k`{y_qL8hE<|{ECMD5h0Ob*0~G3
z{z2O%`G&R#8z+d3=eSyMR<j@{rf_>tzH75PNfM2Gp)r>4-s(=0Mq{i|%6t4qA`KiA
zAM^N)MDVQ~-N0&`4zOt$en4)IIfmOe%pH*O-e;Oju`PKA<Y9R0??2;bA65PiPkRI-
z*u(KWQqp{lRQ~(?y%798fd0$BLOSi44<N_WeBh4i8R+rMLrK8HNx%mI;PqxFJJXEp
zd46@{e!+p)B3_xo^SbfIsGirkalbtnX-LWO$cNMh$v7VePwZ#i?mIpL7N$OmRAKGO
z^lg~>5CQHae-QexhWMlLKSBV`IT3<egcSHO1n3l$Ug=iX=<<_33|0@wTNZDp4m|-l
z8O@y}#hnkF3U&NA-iFR;{_tS<;n?O6Zw)_`Cq7CGK+gA}ozFQJg6tpFu6mpLeWDS9
z+o7|&7^XgrzZZ^$q#~9Ocpn0|CT2}I$HvpctCk>s=v=e36cJF-um4I)MPFK3+Tzh?
z8jmH8JMfL90#nBk=-)tl;uA=z;FqzmC;YGCTsT~q*y%bEp~$aN!?{FWpf2YU*9Tuk
z)x}MY;*%LYC5F?uPz8M@4hRl^*~ybIeWX3!f&Uuotpfe%s$Sf?3nG4-68xLfnh16X
ztpQvvp#%o%`96JvC+19{7#spwGY{!H!_brC#P-TeeFEhK>x)+mz>8Qm_$(tjbQ%Zi
z3XojzIe}O^_W;uVN!knwhMFRRLF7;@1S*$f&0<-;qU(`2eWm*|-6hzqeX#tfG=)rI
z?*SO{^1gRW?`ajEmx5ev&d*u}Bg{LXAspdTts{^=nfa?XQRrOLZQwP>e8L|{hp>rU
z_BazafvpbZ@UCVKRfB7|JODJP%yrxwU|vx%2&wHgU-pif4>%5}A50i$0ww9*1JcfB
zoL=xD_a;po06A0t)(Zo{Z|tQ>h;z8P+6un0UPEH6x-wbIy74c7Kf<!$7>{2XxIz9=
z_(@uYbFz2tM?Dh1V)i4XAXgaR<It<^N0dY-@UrR`I=A3XkA_iE<9L*4={0QlE2y&4
zK*%%r3bbM+eFFF<H4d_F*~<YwE~opNs7&PgUXe)K{~6`fHucDJ#(4$u@n_~EUZ8tx
zJ7jVk-2OA9W}Fx#m98l-XnSKS2|p4|VsIy^>+od&f8>*Fp5Vjl4QO~U6^*HB3wfhJ
z6pcCNE&UNa6hA6@-`8*{NTAO<>R1L>GQjg)z6JOAm5Z}Ch(Wqz6#ny)pgv4Z&xP_%
z-!w4q_DzZ1pAHVv!6&AJd6*ww4&)fS<d2&m|B*U|-H}#NZ2ssi(0G=O`IGJ28VmSs
zO`(paP=8Y>XbPR!6k3B2>u%QR06%XPUrrhN+=T;X_#NRrrI<>kBV)$tLL77g&>H|f
z#@p(dc$+tc{?OvK;_skIcCEv6wv<xNuOstadSz+Tfpl6$Ji{(mmb&ayhQCg4CDKha
zpI%pkZ2!^I>p0)86IwXYjz;pesB=e8ugl~$1md?x67i3oUWY(dgv#O{J-tp1IeL1X
zhf<H8UXL{tM^CRqBaWV4hqD;}=;`(UO{drAoL!emJDNn;6=P=I%o;b(C&^bXQQ<2O
z21!_!%Ivl!UFkCCoq0H#u}zStp}9(Cf;<dON=MJGTZzEoP?Nymd#Fiba6@E8mUh<e
z=-G9nS@28LEVrX)*Y!Nz(X;DTLyn$ZA5#Zy2|o@;&#qeyIeK<|OdaqgH00>nb*mx&
z`_HZ?&X@<X;HjpZ_&&1TC??Qh4934c7n7X$D%Kso!ZwV5ozbtf4DH@?`7CQ^bIz^{
z7dX34Ytrm?it`W}qGq?H`6e95*>z1PW~uom^dl41>@ic@RGC)$K&`2xXV<ZaB38Uw
z2}jSaV}N7TgvSlwr_F4=vuY#Iqi5GePBL0l%{h8@9TNF(_^LR1c0F0+j-Fi?iEz3^
z`!skd4g0@XjXQdFeE~Ht<t*#bv+Kzkcl7Lfvc?@fyDk!mwKhl3t}mdqIeK=zX*6;4
z?0RA_@&D%8^{AE5^X7IwAhKZegnBfOAOm(8H|VMMXbvG7i|RReE;U8-2fMKM_Al7;
z=E~+@J)HD2+DWnS&lBNaB*MRBIQR~BIXX^<peX52S%0uUHoN8#%wjmxpG4GJH5<Hl
zkyFw`9W7q1xIbTWi@~q3qflY{3k?4{3QM|rB3&Kn>WOp=$I`iz%nJ_6)OY9WyRkK|
zP~Xk1c>KZEI~<^5-f&N8Z8!emd%h;$J^bi*<`w5M>bsEy-+`z(J@bz5wcSWU{F<I<
zm>z4m+!2XQz=$Lg#WrB<D_i@^N9BI^jI$9^k^QUTUS@NgU?Tsul%2~sqVQ8tjNdXf
z^;-hmN&eiq9ecii6NQ5xahIm<>y7V`8wGB=M=tF=SI*&?L~NVneoZ2_XSc?YaA9{%
zO_I;p>8;?$vSBoI2@w25!hW0e2jI#*J0c59lRK7iQ?v#(FU$=0&=$a-?3WGi$0|5)
zz*co951zYJ3H7I}KNZ&xRK0&i`Akwub(98fMdKdQ1I(CgN!L$ZxV{ayr18_|!%wyL
zwpx32=y6W9t#5rhj+M6I9A-866LPXYuL0CZ3F2UxP#CGUjo^fL+irZ{9sG<jk-8mM
z5ke{2kVc|`4_p~H{Ki`Q(xDri>e7A}f9r9~-wS?<Bs|#LzX*T02}{DzDIP%cJGSD$
zEzZ2+C>pZFj8&I*tgrHVnFOrfz;=Qn4mtVtt<=k<h6P+v=Pw2MWz}WFFM{^sRD69m
z4w!Z9ZZ8x%cjH)cKTa?>D!E^SK&`#DW_1RFuGR+HTL#)I1MTH@oXKQvJ4f5=)%t}j
zhJ*NzvUEO-_T};TzvgE+QQ%GzL$%g{D-KvOO><C+H3vAX8~g@Y9@~w|X=8KaH!G@%
zUrxmTZ8E+bUqBjGUek0`5@~)nC(R--h%~IwCQVBs&F?kMnqv{uL}_NdsI0e_QW-4<
z!f1Qhd~If_7zj)4l~m%zK#0>%ek$cc6XklfSww|-DHob3*Q(9gE<}{00*M!&$xX8)
z^2$#_fJZ1;le1>t^U8Yy(*laz@YO8kyyi85Z2`()cx#qTUS*TOX4GVeRm9Y?TD4|d
z|Bh<M+J_!N>(6#9=R6N}<6W{Z9&`3=IkXz1tL7bjrZrI*I`%SP=-H!qFazM|M7EDa
zK-df|eLQ8DU-J;EATN&p12EGWMDRzx!1Dz>P(azG#n2;$?4k<08)Mi6zO~@{n>SU8
z_02`!-?|A0J*(dO^w>C8ZE+V3Zt-rB9=qh#v3nc1OZocd{E={%aT8uggPX7A&Mq9I
zS$h&rn$pV(`Gz|otd#_hAVZFeL%W2*n~<)qDAWiO?u2wzMWHwb%((C;1SqW`0h{u8
zetLO;*qrhJu{q@dQgh1#lv@1b<}DETKbb3Jocfd^X(`k<qexg1$x^dXP*_`0SexN}
zV@`p<LBip2m%aLC6v=$JQCM41SlDhqe}Nb`OHBn5x>#x|kkGwSQ-MUTl}v%OpO|+(
zhqiVR`*b%WO$tgu8U#pQsxqW4m9Pa@eZZRx`mP*qTx<7m<yw2bM!zPeV}klf$Hapu
z?3gA|&_#Ak*GtC~bw^%Pb<S!-hSj;K1Ij02Xk&zh%&5O9B%){wgD6q=QcOhAW&<8F
z)_fIgX?xSmi)mC%@6ybLX(mnI(oEhodZuS-rfZt8uwQAWX!>HMSZ}82X~UdK(bHyD
zDb|`PdfI4$;@n=OnR+gz6G<x%l~pr$xs+}rtFYZoC8ga&v%qpGy+l@FOdOS=Qf|&)
zE~Qh*Dr`4O7sqi5IEC+2OIW{koy*uhQ@^t%+^UE}N?!1Dv}h$K&(k=#Oi>PI{il~1
zEAb>2&NbNxRa~2?0}I5Fb64L*%MQez+WUGpulV@Lz)&<t=vm$SXFzmxI8z(S^<M^E
z8`E!S3buN61Ahae(D6s64^2<U<}tLvo5u=$o8dPDC07LR8M&uiZ17BdOU5RA2NT+{
zMaEfypvLLglIbwWC5}nq`s+<}^oJQ|aTp&J`<IYJ3|Bq=?HBx(jN>{jVH}fT9wY*c
zvW{@~S#ii$erpTU;h0k_Y2sTbM?Ih9$^FEVKQ)eO9T`o$p0_#Beyw+8EH%KOJp_t@
z+JOs94XM}{nxXh&3Gs_clX*y^7mpf}44G&qn8Jyn7w06Rmvznx<&rh-EMlH5FyIx}
z7D|l+<Cu#J4uA#IM2FZuJKuvb|G>c|;Z>xZ3xFQQ$EB~1o%7E)ZwKx3Xd7j3eyyGh
z#@HBV^2!s{uiMdDb{9XDyz%GZOmNIC3(f$RC&t2P`dy9(!?Diza}jy!kD%{P^0^8(
zHuCq*?e&wZ_O;)^DCbdkXi;5GBbO)M9%6Izauj*$PsHF(%8wuzclyKew&(0b-C8HM
zU2W<Qj4E=t18$@iP5mBWoD1hUMZS7)m|@R-ODs9{{T&?8pXT_NQQS$vA@4<%_-rFn
z#96kDvkengGEGr9Fl2I*B#z4@x@Rt|n!U#<mh*Moh^u0d24?L|Fu&k~WX%guFllU6
z&HT-51MZk0%~Zz1NbsB_oLRtJHfGaU%in`0j=XUq#d3!;+j2!R97y~QndSLH&nZLx
z8MdwPNf`4p)0%C~<zkLzYNa(_JWPh%Nn*3Yo-1U_a#TJhj`^wEf`MlujT6HM2SrJk
zg|MUziWCtP?tw}Wkwt$<G7V={t+@uTS)R?0QJr{LwdCc{J7D%{Z4U}>@ER7|;q>*B
zkU~~$tvDa{J;u4sRZQJ%tRqSSQw7Of&!$Mn#+qLe`E*HSys<+vt#pgg2Y0DdIE17Q
z>0D)^?RkBy?cszd%tVpJ(YhP8JGQFM{!i3hcu_cf%M!JC)x$P<RU3)(QB*PuSeP<Z
zOK4f7)uYP>+p@rELsQEFhp*_qWm2`d@A@6O2W$7l=O;S^$g%!uXpcN;k1(BzsZqF$
z*##?RqWBFsdbl|BEP)o?cv3-MXX8AjIS$7B!EH#3qulP~%aGN+j^G?RThS04lza@m
zOvzuWVK2Cyku^~FYJ2ppwr2#hY)szabsJcB2<!Cxk^$ny#_aO^#TL3ag!*N#$3S}`
zV8!b-z}^Vh;`JF|Uj%H0Hx!Gt2r%v_SH^lwz6K%p8<~f}uee>3xv9T^Z#q<CPN!h_
zMS(>Om<0*cc^5&o0pqsDdt&uHZ4Nxmr`dnYr%;C6)P;+LPoZ{IB<jXCw7tfs5ZN`0
z0Pc7TqWqOUg-9>-DYOjfL!UxR5eU!Bd(N{!^S3$lkF|kvX{a0OL6Lg6&7GS-;fF>X
z0`N|EPlq92mxyN}BE{{Y|7L=G=jfis{=B*oLQ_uZhu{427Wr(Dd7+EBe^DO*6W}4Q
zeY8+*@=pY}IrQ)YS43lZ%qWp)Vb7SlBZ3d2F-~ET8iD0GPV7E(I2S}Y43ctC2>KVe
z`SA38zXAs6ekegp{SGC#8d0w%Bb7q!Q5GNj+~J4kXW?m3&NBE9bu}|pK+uj?y1|?H
z6mcgB9)Hae>Vj<uqPB*<L;6^b8qc&h85x@tDBJAKuT%ROjZPh2au})<#$OC8c-Mn8
zpPiv1!1}64;5cJH$YHoSelLyX3fXig`7{3JJOCvEGE+tTSbmQKAL3ua@OuCV&=NBW
z2p1i%-ssp+8OlKyhMWS+-=&Y5rZo39rIDy%LYs!ZRxpJFyRO%ILU|BU3EgN@q_)1t
z{HhRaWRn%T>vVmK{9&PqUUag#z?V8=0{vlyp*^`D?RQaZf=TASx6!vjjCtgdxG`MM
z!KULUzop@~ZGi7SZ|EXetHr_ymXqjgsF${AqgeGuMm)G3Dvt0~{n<D}OYxD=Dtv5>
z6bux}3u5XPVaLJD9ex{PbQIT*z~|8Ujv}cRJ2o_C+u=8^IPHOa)vT>{ZJq7fY#{#P
z(b-Lh?m-kR1xZhbxmEOYz@~1G=$+_o#Me<+KXMlbDfCiQtz4WxG<N7pey9u2^${TL
z0V?!7%xit5ZzHB5Yg~xxQ&e<jbgtvo;#kC-#qyIsy5-O)@HKy&L6Mq|n+{#+z~hWp
ztKH+(n=mjEzSi4wM$<9X47RGdk@5SWHpX)x>vi7w4a%ydWyQJ!sY{$v9Su}eLY2C=
z^EJ@smg004vBp1$_vswp{sYM=Za9D`!uj6NT9Bmj7sr2uIIP@hDOm3zQw%*nM1}k+
zxVjDb8viNMlvISXD2N^vQ>j`)%uBy%V>ZcH&HvAIZJEx4tdz@$8G(0gK?$%dYf`pe
z-NM7-2FR2*iUnFIh1Xsly3NrP)$-gVfJvJ6idQY8kgF9lFI0oSDwgQ!Xf>HZu9)^Z
zD1}5kC{TT*-E)SpX8MvaQz+MR#|V928P(F(5o@b!$1x(o7!Ku3ogeAY+QezwwxJ%(
zHCNlbj%wR_%z49?CTz2|_G-1N%cfPh&O&{_GV1Ub+<bjRn$c>$y&X+^yVm`Ta|!f?
ze}3DJ;5R6N8J2O6d1op6ZBl;+4&D*^BV_dn!TUlm%K&Z)Gdri3JKoaZShNd{Gk7vu
zj4*II0%$)5^b`A*Ye1XrRIGVl3_Nabs+B+4@sB`1bUL5~fb94u5r(5Db=B2IKj*bp
z45P<CPB>CbGFol?69}$ECTV}h+J53T?VIbw`VPXi?|3IlMGQ^bcc_fMqjM~#k3dss
z`v^EZ8h;U6|2Cj-hR`VP{FY~f?j#Y1{X}M}ilEF3o``&#en4oOet_T64}kglNQdU-
z&h6_*q7H%cf626_KQL*fKbVUE9RuafzGR)Y>5Lz>>8s*x`fyX5z5(q-ne9Z*4UWf`
zN8O2ol+w#6as{E+3b}1)gRkv$ZX~CTH0xJxq&`x|U|os`3s3x|uPXi3c<v+x8N$8>
zSwh4$=rRyk@JMh1_&`UZDO-k)bG)LqgJ^ZC*^3KU?9y)|vuK&oKFJo7mZ&MG=b}&M
zYaYC(HIWb5ijxcD2w5x|4y|zDfV7EXH7}G<!E`qZx-y$gn=*DxpHPkPYQU}yauKz$
zsB<wTjHfHw9;@1z_E^)5vzSG+Wv`Z3d5i#!iVfkY1nLb;jnSF3<_zEL>xg|30iyFQ
zASdu|t~o)oTrFN)tQIsUn1ipD(3XI4n=I-EKY>EA&^Q4_Y`?TuhK7K@(u_YWI4zuN
z#SlVI3RGeLIQ$Vz=hx6>os5o!S*f<phMB6iHfA*@x1i+E)?!OVwbfuk`)gUyNZ3X)
z{2m~0&qZRwHkISRTy++$cQq%JN7-DiLS3(-1LadCfHpN`jGItCA<^rwSg>$7TNe_z
zH~@}+H9ore!X|oK$JUWmOC7i){QV--m5JYnO+L_}PnO~o7x&eCjU==%p+n1{7R#jl
z$~%8RoqZ8)*Ve37Eq9WQW7ITa`wndp_yRRwq>&uD5^KJNU^QwA<i`~3;ia9_V4((|
zi*Z2Sw410FMKH5IWC-0m{pPkfMflRcbNdFfm~ud3wZbtT=NVUB@&A_|v{^7(YtKVP
zLm#Jom9ATeO*_35nW@c63q9y)$h`;cTh3VpS;=@{qV-#7qWWDJ74<v*3DOy;!G857
z9uM&NNw8cnX?@QO5e<IOT{hK)7tDZl>rW4V?BF;vRg>U}5ad)RUI)MNS0-??g5Tx?
z?XUd(^;m>GG?|Jn(YKMyw7!jS?c1)RNG?X+qrUA;;G~6ZPJH}xj2-{D1?}6G0fiY0
zy=ak)g_hcWj-Rr-6zWcrR@mKn<ENm>n(6=yqo6u}G)B~vO^Ku@DgD|>@C3#T4#WH;
zR!jg5Evm^P#f@OxI70=$91|_a@1*#=6Pn|u|0I#&j5n0UybQe8Iic<(<C{KH;=|2s
zX=G@T9rgo%R@UUs(|%Ioa2G=^I1ef?RFv1V@v34({G9VE@Y8Dg$TRUtJWRGt+zZAh
zK1uF>4zb^6vQK7hO{R1(hjkK+`T9Ne7OZx7Iz@-o1yk$TX|e0nmJGei@K>Fo5!7i)
z$s2z*){Kz4<DNQ(Qo{~0RMCs^<M@x!eR7(+>Y<SnCw;@;#%M_qv(h%9W)JlN884As
z?VdyzuH2{fT{*cQVlneygRjQgY{%H965K;(>Wz_dy)qOyZeg~iSgdc^glC65yYTdi
z_0jssCQJ(`N0ma}G%cU@T$6ql9vVF)#1jeeL_%zmLAq^bDVO6;h}UV;zLOGVW+5mH
z9lk)}%OJyQXV|M!*`Q?7cJ)G>)Iup1qkwr8EeHOpnPvR40f5kAiY&!~Ra<WeQl~yw
z&|MN&a1Im!O>&4=wzr@|<P99S^8>A~ejI7c7PpPUV3;kAV$6ajPdu8-z8;MMsi12f
z{z$>}B-k?x<&*XCoRfupR@J<d)H2l*4$QbE1ZsOO_`t;R*CC@hLO5K0I23V%wNz!$
z;wTJhC3ntH7Pc2c6!dVWKD4OgP)ngU%OWfq9fhCvLa>fxp<^7_$Wj!x=J=&YaRCZl
z`!02CW+pEEwk@N)jG|(no*90Ev@igY^1<FqY%ERmm}*F|?v5g#ODK<J*e?L>I}?o;
zv=2JrVcuz!e6Gqm1?(Tlpz9WxRyi$6?BTI4FAHdEHAl$C@VoOY<VDMDuf%p}322?o
zcB1YEFU>eQR1Vt(ogXb`@ZF8tT+YoXZ2YyDxWS0&+%h~jH{f!0d_5i#^G;`aIpph(
z{~8U)N;eopPuAv4_Y#&FcUkAPKgl?c2R`|Wr<m?X%#5osr+o&p8VGUq#c(NN69b4j
z&NvrH+bKs)J`O!AmEaSa^YY%#EePE<4=yiclDIy=?XdU@Rw5rW%!R&@2Yn-p`bN%!
z6^us-I1_uJ1Jgh62Jk{?lr!<YHs{9ala^u+>MsbqNPv|pfGY|7Wd!UeaDc#HMZi-D
zJcYntN5D%6Je9!TM8KyKcn*QTjes{2cp8Dfi-0d6@N@!y9|2!U;Bf^0Ap*XIz;g-w
zV+4GNz%vN^Qw01RfolkSBm({?fy)W}a|C>Zz!d~O8Ufpu0Eqdr?DStE;IRav>Sd>$
zo=|ja2<#(pQ3Sk{K%YQ20&XHOATSdFcM&*DU^W82guvAV<|5!d1fD>k7Xkl)z!M3~
zN5Bsg*iT>~0)C0W;|VNAz#kJhNMI=fI_&_SNnkkwE+ud+ft3gt5O@}WEfMf+0?#I}
zH3GhcT6ld8z{L^pAp$9o;9}9je`A=LG2t&UOzuqhdkm8Y6aG2Fq-4U6FwCMb;lg(i
zro>EmDZ><j3HLM1jGFK&hM64`Uc)do*n}@&n0ji$S1?R%G~uT*Ohq)|>lmgEYFOu^
z1JvWC(k@7ABu$ev4!d5K<vx>D1+-&>u#^@p6%&l@<S}6y)^m5h=wjb-Zstz5tJBg-
z#b{hh8sVO#8sdq)FYTSdyA$SqtPO5M9IRmg7u%DaXo|Fn<s9ho=sWr6_T7ONs(YZ;
zCq2x-!ROg|t@{V+7WQxi>#(q=*u6UU4|H1C$_UnFVOK`5ZVS6R!q;PAw?^@LE$pr^
z-qfj-UYFsupO+CBe!m~a8K}qMKaSwK$H>ILFM@Z*<9|GaPn||u;V3A0A~jt5oGj<A
z<lYAu7?YUv%1-ftcPtTPr})78FyHyW`)a=Pf%g;e6Z{kd;wioXa3X%N9LoZj;yX6|
z&>rKfr(eB&lHh*3|3^QX&bd+;{tU33gy>Uz;QeI2^MUtM@T27TCVgAp>BC&hGU)Kp
zayR;Lm~zjEZmeFC>7RkFtu7%9$#G;>H*<$LO~ta8DeYZoE_9rx>0}gig5&njKwVTV
z{5Dkyzg5*iK1D_E46StF<Xq$SnW!a=>aUB%gTsEV#!^RMZd1!7Blp`S&QL@2=7i5_
zxV8_IR;q4??s0h+i0JK7)kIg+SMW@Qx)NUx{{ix6+n%iRT4d@cY*%ox1?+4LN*Zmh
zHyezwqT~=9Y0H2`s^KaR%L3RZS1ad-Kg(AP`F1!%r!ZY`72{*dlhp<oFh~|Hmhg^-
zs5CAE<yRs!uaCO8jNqa9D3c6r-QlmH)^d!x3H<isk|gj%WVsQ)<x!n&#+(=->m}=0
z>1;JoOc>+9nw`eYNr7P!mpu0ESkDopUl|F`=gtaUwB&ef0NPSx9}$&rDSE}dI^f(Z
zXajeD-o6~B@IH?fnxPF2mkQ73Sax3(LSQM%>ujd#^{vNQE^O+;p02zAV=#=TP%<q=
z4n<T`FrvX=Yxo^ltdS2GDf0F%4uAJy@9-v;2hM?v@t60OJQ>f@(5Xh<s-=BZGue!R
zO|^WnCy?2^{)}-c5JNM;jDb@~5`&)M_hGVEK43IQl2|huzF*taoU;!yt5arF0qP%g
zmC6%58H}igO51tocJ6~-!EI`6K=Z0Vm>CrXDkGDkE1VR-vJ~eFJ{O4|2Ti@9L0rV*
z8R3VL1ZZDh@J@~_I7I*n>Ha}mVT^=6jMEb$Axh?Qk<9SnBvY^=QGpOA$C6DV`H+Z2
zKE;IcMy#B&Qmabp4R5VOj{&*GXd!Uhq+z>tUv=^9Js1uvyU^~%;F@$WElde>;`iS%
zF>IhRF-*kxgjwC;w-$>Wg|ihH$p9%|%tAzPjp%`Z+LvIoy+rzsjNA=<1;=#gr)(Q!
zG|RL>viA}bA*QL3jjCVJP;(1Z+o3&HO*<<sb)78M!o@llX25X3Q;OP*{-r+ay4Fgz
zKgzZ=Om<Gtz^MoZo^`H9{qGR{5;{;HY8RU=q3&f+tEJBr{gGi_ok}LEs7i*-7>q$E
z>pwQXm<Gz~@I|1Z`(;W)r#nzntmfzUK@v13ysnM=7@EaOC6udDC_`zrFwmHNftw#H
zg_6f&W4rZ`$UE!29ymM6w^?+oENj7j)E5Hkc)h1!F@Y#}Nf6ps8QkX`zue*sl^oPH
z>VFFv>2?bFVnZWu6fT4bevjB-8!`L^#9kt77xKz!A`;YV_?zUGaOD?m$J!gXdlXF3
z-n|yTUF5mOJH$%3LoACat49~1F!Pvq7&}yU(4`{M=%GrczWGqwqJji59mVO13cmKD
zIT*tSq}+0-4a4C$J@WaMyq$?4&79a|-K42C8>`xtHFtpo*QEP`-K^NXWt_}~ka}B&
z1~3hUJCXJkXWdC!m3h1cPld{l9l}ydk;~LoEc%<BI?VE?vFgEH&sa<5w=(Yikcl?7
zn{P%Q+Z~|eegg=N%p#5ohf`PIb$Aj3AkL1N3W%m)?WhWk^EM}g)fTR^0+;V(ynVX=
zp`6cO?D=i$v)Zy6C9z1LIG+<e!96BO-=q3X0&*8r8MrRM1|?t%E<_h~An)b9y~}^~
zbNNHfVN4IRojb4szCOES%wMy4tZ^X2SiyNn0FzU;c$o?=M@`<w{xrjRAGLu&<9PJs
zUhp(&F*3n=^Si<PZsadzQqHqgpdBo2!Y5@dcrKn%lkTs<qwPVj<bUVoKw#=UC&{t*
ziSW#>^I?$Sx;|seUlUsQx_~rw1{fQ>JA`H?34mqJ)g}3e!zA0t+u&Cm{fI7#acVZI
zX*)BMYXF_%0~Yw1eCLC5%Q{a1Kfaa|)1ob5JZXpcBJGf*G~}a}NJx!8Q>0T9>}-jM
zSz97Y!*jj@8vUdJ!{uIRep{x7ZiiUWC&Ktz?+jgv(vQ*SPH;h4gt;Tz!i(5Zp=r8I
zwd^3dxl9aU`i@)3+10+;$$2CGBcooUJcO1RxEji^<8@)DIp?=g35LIq`nLe`ikFq|
zGbW=sG`N~gX=lzsK3^{Liz0^3%_TLqgQrtSLj|{{Z(-hHfc^*@)~**Bj^7}KxzBOY
z5fLle_ek=lY_TdSZ3lEUzGrux(XWiN8ayngtaV&U;{<CEd2BnS-rR4SdfgxSgYdc~
z(S_e3E&sSlRkZ9Za$y5!#{=iY1Lraj>;n5!=f&ac7})u&KENLvhhNBmwu@62$%nQ(
z-c7B(I3Bnpp5$@yz~keAC&UAnGGIr^6B8f965I1h{sO`$$wVDHj2YVbGT6N14?s59
zHSv6ryvTrSNBj%3{l8lV869jdH2<#i@0$Jpck=&ITek7B<L_f*$9O&J5ACz9kb|+$
zM2+3a^Px4;F7id%MZUO`{LIM@OvE3{CW+zT1*B>MwO~d<wJ9bb^fCC=Mv`x`R{n9&
z`)M?Ooeged8Z(ZK#;?TCG=3f0j7^wI6itNkV%q(~vl4QR5iUk=nhN7t!<vQM(3m2B
z9Oar!VyHZPmyUDOIpjDOR=_tTPd6e@E2Q0LGjtW&Sk`=VZCeKBTr;3AFKv80j^CC7
z>mbaYH-&u)daqMV=JGg>c^?nj$0%*`JIQtihR1Bi>yweGoxDPN<mnrkzD&*UFoKiF
zHJoYeQ$R*eknRT-X+bhOw?u7+fOtX++c_RYYohzyat@|F^$)k%vsnvXC^|67R?T0m
zu-e`FTfZBp9vP{_zI56bzY@MJzI*Jt*O&yZ;HmkGEyqNg30_1R?AP<o#h4j7miec4
zu(huF{Wh{RX_IV4YvTi0(L%<gJ)dM-YCtffFsPkmg9;;waXr|kjNox#Z^g&$@sQu=
zIZ9^S;C8U!PO`a%I+9Q=m?l^CmNgGkAc#j~!4!b930L}Fg5WFw|3QR(ND<QtLWcta
zwY6m@KD+CG2Qg(uu*hRdSceIIoMD<9z65LDuq|7{xST8a(2EN`n#-R`VZPW0moH==
zFPZ^+zL1BPVMDJy8MZQKB4kv?{07fqJ~7!K1Yl146-33H#PHW^*m_0A7_EvilKz4*
zioIIVj8-HaCMJY2PDX$+iK>{n`6@($9aZEGo3ISFRz=b(NHDM#Bp7xNe~P<P=P=nO
z@h~3u&jFJhe1BaL*-}&db`zA^*q5XH2B=fof?>jm1~l!0U>#?iFvx?6BMld#u&IK5
z2OH;y$OmKDhR~g)#b81*UdTAd0{2Q8KL^jH9F;znNmW6$i}s`T`60xYKUzy{rC=>-
zdn`&9vM<(>A+JBygfi7ae<C2Yug;lCeQEyCX+L!Ci#|wZG*1zb4QA9J3m4Oukxjwd
zvCmX98FO5QjI0dX$&-+GqRiX#%l4(=HK054sc`6?LLaV*%+ogJh?!8kJkH_zdv)yV
zIcEa*1C%Q&^l=!+xn2jZQJ(GF-0%FwaYh+5bT(c08e6Ne+oJ>f%22UCrFgQk&(-4T
z10G^=y}SFi@WM^_NAm8D8U-8(Gs(Y@uv2aMHI0v+h4ME2uIHSGf%b9IZtZ%kj*rA#
zTaX3kX@jF>U(*muWSUK!ry6K9K||3uX&{Y4cv35)Z?WP9P8GDpnNSvd54FZnWf-L$
z7Q4pip!&pO#PrJG5Ct<aV!DK{+7)YR*OO|dn(v8SA(dfpv$5I-4qj^4ux6-!qHnLz
zngbheo!a@A<4YKLVmxp~Jn*D=;L3R5$??Ed@xav@n7W3)#xh5jNQ(YCo!~@}>1~j0
zP0p!64+83ezs{Xx;t|>qY<fsIUkeQYf1RhBv0w&#Tfh3}VG;qx1(W&fbk7JUa(FGU
z@FQPLTqO5YnCzP*Ba<QmAr!n)8Y5RgnAr|qWx^sDjk3>xn0C5>hsF+*#^6lV1a~JX
zt>D#yLf&iej<n8{ZZJ!@zYa6*JOP$I=F2(QMW}yVtPw#AyJmvYog~#TK*>WL$y6;Q
zBw{g9RQ_)R#^bdfUch?jNs%F;q_+t@C8QY+(RoVI5RT$fe}F-LA}GrfQ2B|V!e4?-
zPubK$45^_GFwc^4@}6~Qcm7uT5-o1kg!)LylSpE_GYK{!!DzoES?*Mku#l(<vdoq!
zd5NSYZ-nlkd~(j`K|5y0bHE_$P%mdmMs~ca=IYo=)Mtin6kCn@5amtvLvw7jq*+P-
zN@jEZI@tNpFmUA{Ad`k@=U<RmylP@MH0qHz%J*$~oF$=d^vSedskWn>pB^FK`!fC-
z)1B-cGr&54CnkX%07ARb1v#T(%uWFNlfW(jJCeX|0Nawlo_(3VB&>H|rWV1lSN}j0
zvu8%%GzVn%q$H5c9-jn~+2u(fne9vh$!s+V1halI2?V$HY!rmz)f3#VO~xm;CntgA
zb}$Jfw=0rBa@&;zlG`OoAh|6if#5b)FkVN3+q07K$?YjgAh{h%0?F+$Ng%oHP6Eko
zdlE=)?SZjSxxj6#WW3G<w`V7jklRy}Kyte(2_(12CV}L(CkZ6COOrryTS)@JZLDOx
zt^~K|B;%9Y(~>}PJDdcP+kqsI-1a7c<aSvSNN!t_KyVu?8LvCR?YYVL<o5I=kle0L
z0?F;lB#_+Bsp;f4R@JpSliSv0a&Q|f8Lub7?Rm-g<o1jtkldb-1d`k1l0b6nCxPTP
zR@EbJ7bjza+gQnXz4-%PZErc#oA-G!eWoYx%XRhLd0#HE@4~p2@XkE^EaA5Uj<EP!
z&-d}Cmd7#7I@0@#4FbQ_VDMWE3cq4-_+^8{FBvR;QPK1fO$X7`Et;A|v&^DdYSFY?
zG)pX+s-nU44)Ammk8knxSv<(0<j6-BB}+c?D0%XcNy(JoY4CIqPZ#kVXYs7Gcm^z<
zV=bOzES?n>&vJvOpLn{7=LCyqwZ$`R@vO3VhAf^zi|2TQCm^04;yJ_OIo;wp&Eh%L
z;yK0QIoaYl$>2GWczTKFJd5XCi{~7R=WL7TEQ@EY#dD^?vj%w7HVV+=+I787jN{}m
z7+3XVUgt`#i*ebPmO(g=cQ4Y&*e{c`-ne6Cuh_1cU=M#W$~=$u6m7ier{IC5K8>I-
zjpf4RXN=~wc1_MN%h2=PaWsDU$auv5x&XY&A9-!IrINh5nOyJ+W!{+KCM!AROU6pu
zf$R^oB~b*XY8p>RjS@gO(2?<N`<Ct7q83fV>)XQ5=i;+}4wt(z+o_-QOP&Wouyo5+
z_u9!G_J(jj5(NGQ9dBo3+%9x$CI7rKCdon!;lzNU(u7OwIp8^H$L*X~QT}zO$`TYw
zeI!4^=~p|4ic<wh@&n}8bH0ml7ytZ<+1F^shyw@zIoymmP!ECcjDQ^>@cIbY83KP3
z0lPxriz8rn2z(#{_JqJib{KpAKyL`#6~*iefn8BdzZgPa6-D(+A@p4_XgP#l7eZ&K
z!UjIWp<Uk{uzj&JRd(Wu^*eCzp)k7L?fDTbW(^!HM~rmD<8O%IX1Axt|5b#iD;~ci
zir*cF|00Ut6NmRi@q6R&_lEIjXsok6h_8v1zH9c=t#zl@vvU3|>xMJ9zA1=B=er44
z{YqOq$#EW!u1Yy}m-z)Oa@T@8k!mH}sbKJ7CZhd*b0~~_RFKB3mmfe(nGf0=mdF9i
z`V2X<w981djCFHjb&U57&Ai8ghv(g{pEmLF2Fu6kRs)C&#5vBp544A5exgGML3Qq<
zyB+)JYC8_V4c@3zhkx7A&Dfp+Z~UWX^A|Tmt>R|8yIADh<W?<QTHgUr66cL>9=qDf
z_s;;Y#P;BF_)r;pzcAUns^H}Po48K}=g=^-%w21}W^(xzI3OdS3jAIIh6&`gw_tAC
zqwno%i^?kJTnD_^?SeAt6yNCZ&WUEH>g^}rIO=vbwwV<hU<2TM_r~r*_r~=Ne6Ho!
z*9+?#-5cAp9r^X0`ihzQay3^0Gsq8_@jF48bLsB^zaU#2T<iAta|-A0sVvUmr`_qN
zL3nUL!i-Oi;@$0k2t4To)Fy`Qx@{(SHxvDpY2GGjq-?Nut$&$G5<*8HKN_+VZ<$FF
z#W(rUko|^j5@Yx{#RuLu^PLa8Z{a&1c;Cu*KJb1m-}w;za3g;P6IVhvT}k({8RR|q
z4W=VSy}_&Nw1QLA7fx&uYv&gE1h;o}k<36Xb5E@v{EK7`N3VH;Oan+qJ&fkfxzM91
zf`4Uncl@3D^LG50`PH2CE1xDk_-ZiDXk5CbelOz^|2#;fx}MAKopeko2_H@Qpwvu0
zbiQDR%_HtdkOt|*KK1Fk`c#}9=>HZzuO8%^1C3eTKXjrey0f}Q*bHItzk{z>(pv2f
zEphwTfmLkO8VTM*u7}ztHbce}AH+kCc1js!<Q!y9`tI6E)r_P%p@>eK^-K3m<47VC
zJx-2KWwgBGIs=6;3kaemW;0+-m7%6(Uz1`tOpVmHh<1oA@_l4%n03w-73w8jIYRqL
zL{yYWwwb}R%J)KEBmsoziXwJyK_y-De4ul@;c_9D$6<F&UU7>Zwz**0nFUv91n;Lf
z3i(FG3FF8Hmv1>kmtf!3NUksv{2A)ko@aDbeVpAhGtt$2qlA-?jS4o#NZSP07bt7Z
zxuC9<z(Ik#Yq$b-BU%~P>)b5TfXJbbS?4zV%KTThezKQ^zat15lWc7he}~LXe4IJ_
zIXJ-STUIC$33dRLCz2u&IYk1g(-99EQwW6oXzI=_8E+I@$2F8~SVmYco=UZeWUq33
zG#i}7op;Sh#017!){E<wDbhLw&pie+O=7`~-Evg!Xb)6OHdudRj!+bmvz{$DY)Sx|
zR5}~tR$pu}7wxKg+Ww>UtmZFOZmPN9A}pefU5)+E*vlyUq$>p$pLL}4!78h)^arOp
zw$rHZ7@_w-HgLtmBCVE2(Ya_W%|d;oXG=W#augf?W*9Gch<fA(ACMnSph|8uzb=|D
z_Tv3Wbb`v6Eg`fL#fdYz!TXrl$?d={C``Ex-2(D#9uYyby=NXWCh86^KN9>a%4<7B
zsiiIrvfvp(;lq>LmhFvV=N2<vt`v$R!fU>`13uRBJTc3yU^CJtWSxt^FP6tyCyA_Q
z3zrpE8rkGUB$YzpQj8U}G;n<ZW=f@#D+@BNt{pTY8obRUL^q<?l+jvn0oOydPPooh
zpef@gjE*ieDS{7*aHZga55?X;9DDyr^zH>8Wx%e`v8%_l?LVRnvd&WAf2*9oXXCcn
z&0LG0t(#1npK+dthVvxJb8WBNy?4y@OMEQmW9eR86j0ym_ApT9qm7Scm^X7f_PV_c
zRQRa!QQM2_0y_7)eGIhlv4oHM-mw<9Yp?4U8EWODosW*aW3+yPhrxO^JBAA#YN~Y5
z>Z*5XH8*y(+dT*3m*#>N&jl?_f(lB=Bb|EkquVnF;+N-w+UA0mB|$}{lP8^y<VUx6
z4#cm_1y$#Q=7<JfK16Z_66&0jpl=SuZ<z~PG8Z&QHlETcl1|s$_@-Tnm6_i<H&**x
z&>Z1N9n3k$+xk#1aoGWD(tD>jqB45BCBFwkC5KfBCI7nZTiy}sd3`UG7CL*t?V-{g
zz=O((-x~D~zpYel{4RwSA8<RU#0cS1r566SP(ktAPTj?CowWhKi=o8_+%9S^LP)iY
zzssQS2i!hZ4TRcIg$}sgs0IhzPF4WGmau-{x5_$%-!dxB0k@YG4WW{EK<okXe=_SK
zx`Q>ZMgZF-a8zcmTjz6|+rghv)<=O#aGTqyP*g{ON^qOorBKvHfl6?jq8nvp6sTa|
zrszgd73I5kKmd721(6EK1b&LhHGZnu16XM6mc8_1)1%PWUc+7CY-eiVxQBbfO*KZJ
zdFk|1QE-{PV^>SrHjSU&idrvi5KP9*u8XmX7`%;b*x+>VX8g`DW$+;1Sor-P2lg2b
z5(W>MGiuuqaQ!QE$gq<EJ47&>N1smE_(4JX%OfVrOftURK`m)B!M{mjwWUAFBH^FL
zM5E3~*iNnKOfQp}ybjPQK4AB6=Q|&G-@$i2@cs<G^MUtg@|_R7U(a_w@O}f|`M~=)
z-}%7%jeO?=?>F(C54=zCosY~Ur2+orM?<l(%Pz*_L&~ISkGJI7l^n=kM&?4+LnS*V
zqmg|h`42ur8Nt3`99o3Tu5MrC8|M)+&H;$+r?j<oA#pbN6cf$azep6#`xnoo?W!bT
z)~Td*TcW<}wnUMz`HD@~402ndM&Sv*;djqRI9kCZua|?@Q=~r(4oTJ|N8GM0MOZew
zwj~F;r%7JXbCZ1-@gVm@*UJZ=mDIuK_#?8;I3vI<eLeRj3D@`)olyC~1fcCf#^FfN
zwsc`m*xr2$qGsut;?*BJ5&;>pv)ADF(>iXHnlZ@~5abCkJPx3Y806L<!G!7HM;GCU
zDD5&~mTT2n=R)9+@sSqka@2GF`7$nC&5{<zMLPaDTN|2>MC4H|4CO213`aQ0g5N60
zBEp&*zcqWnye-Zg(6pZO{*2?C8Y>sS4U-9QWF=}|E!y9Xk-foJAaWb-9odVq45d&l
z`it@L%lH^U+VB~z8jl}go`mMJ|3n!+$=<yCT&b!kdR9<4n_=C=HY-+3n4PSVype#l
z5xt{S$97O=EtLCuu(fZ^jj*q<u@KiiehHMhixHQ?eV$BA-;8+GLdaj_#jUirfunIn
z47XaUc`x`PVte^Q@CBygnK`d0$Z)t01A~R&!W~)IA4XR!f(%IW78{NM6$D!W=oW+w
zXNz(TOz|Ke<cwH7iw%=MdBK)16c>an3z0NRk`X}$tYFgQG>a<(DK%z(0ojDGiXykH
zGN!UtTrC*93NFd}0+2ykbXALNkS`UrqN<<(6qV$B0k|NnJi1Nfg1AJ`imD9hD=N+R
z0&qcA9<Db-0TLI*tf)#(+&dq=_wdZ>+UNcm<8W1Duc3X8YIDA!y^bn%p`rbb>UOcA
zJ&&q53P?L2)pQiT_CKodP%Q0&RPUj)(hD^=Q+}H{nZoudBlB8jOfu?j%fhO`6pm>l
zc?K%{hEJL3v$So;gx~#RH@kk%)=jS8hnE#wH(^lGiMQkMrU==N#p0igkFAWq8ZS#E
zejRVeH^uLc@SnHY#r={l4w|`rjNQ96hPNk*Hw+~0h)Ck+Fk+91Xy>k1YFkW`MHt&`
z?3RIpB|9BI!^Qyq>iiS$xP_CT&qfgDqy}z_2X1G;+B(4xp#;w0cmCRRnc#bpP;DE|
z%gA45l5}A^$d86%w!^LXIK@Y1k}M&f{Aef^Z<6u&$V`%3#FHNl#o|pd9v@Qn@%4tY
z{>cf?@5k2>+C+ZMd)+K7=ez`&__q2ECu2M>OfE(ap#|rQ?h)jtycaHTX(q5gmg`*K
zLS5na;Kvk?4gACen2SIIA|ZEDgn=Wic2AxZ2fC&#=DBr0<sR_#aVh_rh|cu!6mU}?
zPe9}*<LjtD<QR(uv<S#j5f*{D#wKKWk(n_W{wm^AkUW16kAEU>945t<_Hc{50_{Fv
zG~2^p)V?+ATnZk4t2#<b$Tn$<4agU<0r^5p0rPdogn~(tlJc$l-ChN}O?KaZQIK=&
zKB7+AeVl71FSSs%hb@?#-zMAE+H~7mn^=7Bw-#R-$;jeU{l5Zyo+h@12+m(T%ZZ=U
zj2zW_EGB*~o}LCrSRD0?GihwAzf#4TpAGk0%l(d=2zp4yb#DRg(`8&&9)j5<dIOWI
z!8KMJ>SxFVWUIcpFO8_6l%J@{b!kuK&=6;}HDWcVu3BZ}t(@`j#Xx)h$|}yT>Vh&l
zg&YsXa+b?K(JaHfpIxp@r*Fh}8tZbSv%f^AZiin9zMIBs-$kjJdZ%Yp&tQHsyB?=|
zuuW5PgP@cKYvABjVY^0=4c@}0Y=-UH3lMaJt<(c7LhRu0;B@oXOmMA!&IG@b?`ZdP
z&SuC_{_M$CjCp2&Y>E%OKbP-(;Qe`g=L7H0=Q|&nNzz7JBtII8wM8#vJU-^MMUOo~
zTja@o7pDG5{@h6-lKR6JFZ18IZVZ>1FtMp~Fp~8QsE#GF&S?;avCk!1XiJ-Dnoqwq
zv+Rb^?Z8FG{KeQqxpn*g!Mov9By;GVEWB#qLN~s2G<bm<-#YQeoirkcoQzqt{|dIV
zG|)Iu;uuZ*-UKOhx!u(QD0#Ws)dEEPayzL)wA{^Q*T@HLf-U%cK-!={w8HIQbj*cM
z*V65O>4Ts8nHFyUqhI@%S8Cbz-*VN-ZBn#o{3rv{v@)k&4L5%97z+=f5D;rxb+1be
z^dw(cbH<E51d|=Xi<udX>=YAcG_x%?s<Wp0jdn`-4WF{nXXM9q%F*|+Txd679OL1d
zPHk%_NAygTAI27x8palsRSTxQXxTji31h56{%gA%oxz_FF5!Au+QYGL_1%qL`G)&a
zam#i-{;gwo!!OH6`k5}kppGT%#K(5|h<oIc6uai3*gX%$p7|*D&PTCt9*TZ(9+G}(
zKAL`cKB9hQKB_JAQEi=<>f$+6|J+oZ{ja+9dFvB}8jAt(YmDxuqK(CXxHN`eY%1Vb
z6lTuEX=y6wSR8225m-TKAAuE?&JlTmERVzswDkzQK)a5_3zXrAyrAfg#0x6N5qN<z
zABh*J-Vu3$qNMWjXtTQ9_oFZ0kWiOc3@U@fFv?(?f>;!4ltyW85Moh8Uo_6*CVh#;
zVHwTO3#;Rim|-~{i5V8s5tyO!9)TIEree`*k|G%@_>q{Q_8x&5YRnOsp*|de8EVy$
zn4!uvGo!sS#^PcQX{UmrxEMs*w_u1bCXseA7~-?1u{|dSEHxOG>}jx&ydP#EO-3~g
zn>tY0GVpn0BURAHnSEKmWY@$|Jo`TOjc2Nj_;_O@swF3O;KyhOzJkQl?7--2%nr=r
zq7oQBhqD7;4rEh&z~0-<cRujGhwpsgeJ|hn$V`$p>_GX^P|OZ|CFAii#}53jf%(Uz
zStmB{D*2lv9#~3eVcvB=3?~L<-jy%0c~@)MalT?4vZKF4lm=s&Inw1exL8JDuo_6f
zUtHU7%|eY{k>Mi06;O(>>|2W1`qc`{o+Fa)nPjb*>tPWp23myI?^m1XYHPE&#@3sp
zP?3Q%xMJ;!Y{k+uVTx7^Jrfr3ik+u`zrxOw(o;K63Qz4kDLb|Eh#T5UnHW2d{5RQo
z1f<$|Z!zoNu=C)$Ba>?9nK&{Z6}R(RArt+U9nEC7#cV*e@l3k0Y-r<UWWS=oGj4X9
znT%rD{-NkNYqe~dUz8&A3fqtQgzd*Xw#b}b1qu(#k2$LCY4kt)bvwS;n0^&PK^b4L
z7YAluA&AAQBi1$V`q+OqruW%cUZVx}UOpbH1F^n(WB;*@=~vrW#YP3DrWcRZiC91V
z^uIpbn7+rxD&X2YTBI?GU5NFz#kc=ve!jX9Yw)8lzIcAVdJwDqq7xsOpRZoTTD0e)
zKhMusA7Xv!l{4Gt=L<J9g8koJ@VE0bhPxsg{cqp!m%q%<nO{b<_kZ!JFP)z?zk+Bh
zs(<&4Bk<OOXfMC%mB{FPh3U5<+MSQR^$kbhZ84%PFTCS%DZI5rYDNXxJka;s#`J4!
zp<6YJ#bQCN`=@meHKzC5SXRwqu|ynCTK}|_jp+k6n$@#dG-~#nKlaWaHm2{jv8<lO
zVo`%Oww>^W`5BXfdh*f>+#_&CVLbN-_kC%8&ZyfT|I=sxV}8y=hko#>Z!bRrYb>WP
z<j?rf{H(Foy}0G`zn-5nYWGi;uD|dIoKb^vKm6{S=I4yf!S7%Dvq$D<jMeVT?)cN^
zXH0baZ!R6YBZafpNX=N9k2&*?s89FVGPi0Li^W_%_qR8_xG{adjb+s=7E9D@#n@}E
zZ%n_|Mzd-bk4E`d)_fn;>2)@m)w5VMR)7os>;12rpEGL4oBsV9Pne%Gifq#p-iyjK
zFJo+6ZhYSd-akKMJ`3}s)2|NZ=Zv-KkH_8jU-NTDEqmdKKl|MLoUxkcdS8+~0%L4L
z&pi0KFVD}IXvX(n_0=ED&lzswg*M)Pzdt`~)Y)sVdCP}WSX&&a8HI7disMn4UT=%s
zs#z=+i|G}A8GLMG`VBUgRkK(uX=mSf%<cyp({HrVteVB5QM1py_vNTe57<~%%VM!a
z7#|whaP9n@v6$}ux5`~d;EW11_3NLZHqFNwHTyFgU+}{DIb)rB;`9UK^D`!;^sOJP
zdUSrys6a~}yXdv^GbWmSU$t=g{G74QJ#YHSzdHhF?1NAH<=TIppEK&udk=ka@Ccky
zwP!#3q8~ML1{<D+8-`h8ud4lqVV0PzYQ|xhC046ia~NjD3|9;(FotQGThBmeo5oFN
z>A2|$X53^(KAP@&q~~An3{645GDGvgug=hz^J_D-*1Bidefz~3_RoIn4EtYy=?pvA
zt{FDDetCv%s^2!lrpd3*uuc5`xO)>gNs20eJUg>0>+0_5qMPb#rmF{-A?==l;nH#B
zzC^iCdq7}j7(s@kpla}-thPbC1q7K<xdc|cbzKisL`7T=@IpLrm7Sli_pPh0*9yPy
z_r1u>$f~UA!q0#A^Z);QK9d<48Sll57cbs>5%D5x=>msIwYb1>P+hV>X{zqJKtWcT
z^>+cd-W+Z{diZ$}M2(c{k1%ZeHxjn(wcaTZY$NA@yXu}2Gi&&v2yH0x!}qd&>Ne#)
ze?C$efq*c{@oJw(mNRp7_#FNwn#L3j1CIrdj{)(QBn87d1ED`bY36a!dabGNb75&i
z57%pj-uh3`Ai*Pa=E8a~>)<9eY2PKxbDQsC+pa<DFN}z1mRCE1vE)L$JcIZrP>TCv
zp0fh*at6x4UxhbC>=K0EGujP8;ox)Ka;D;Nw1y}uTWZG$&J*0mO99Ygrs)l9gXR5_
z+iinI-dYpum8?njsnYgW-UD1MUNC=tFVnmr{XV97LHeJW=EZ9gIp)=J(<f_Q{Vy!X
zOUJx=|CKwRS10yYqycV|h-80-iGO&1g}^=RuSl`Z{S}fD@2|*HxW9t_<yyu1NKT@?
z6LJ$1>RIv~+Jp?18FiRJuF8};%n;VfoLY09#GG1sPUqCpaXP1#e$zQMabr%+_L(^~
zTalPkGb43QZT3F8?45Mm|IpYE1KYNz;>x_)ygPq`*)$2`MKnKqZYFEb!F^|0#A8gh
zd01(0uy$@RJ2&VDdm*W#mi^&NEQsL28DlBC#+23d*91gr`F+CjviP=m`F+FkkKH$U
zeUc*L|9^(|-yeM0C7rk#_mXI9MEf3JJN~&nl#git@oVoosl9y8sbTT&KwZnAoUJHf
zHG@*NVgL&nl(7}VSq8^Z#;_@kxHtr%;dcOxez*y{Qv0!cT>P{hUTF5{P1QlkMsXJQ
zaj1q8ICc}hX2{~eC|C@d@tdmslHZ@eK5^4z3i8RDrqXaPy=hq*>SZ@!C7o3!QBS24
zjt!9NKpJ+eg@;W_l8#*|)23tvSb|?Fh?1PC4uoVTIa3`B>1<<7b%|+i68$ou*}sGD
z6R4B9ZEQ!SQ<|To9o;k_`AOVtYbgc$Qj(a4eu*Kbjdb+tk~H-FskB!p18LaNC5omE
z{bWc^l6uHk8u4JTa;%*<=s#sb8+u5H(vw7wMwNmCIyg_B4M=`F{z3E!%eSGQ06EM~
zVyFBKrlDWL#tNFG+<;0`ZAaHGNx={1q@iC1`A9*IE=fhc)HJD$_5lo6Vri3jFt|Sr
z`=sGO8)GnV6ipI4WVIALwG%rS)-U<(d`Go|`Xb30_S6!2k*olX)$&R5!C)=jj=!Hh
zLW0`pp8zkJoy3kIXo@G%L!1ni$$ni1CZr&THdva5eb7{zL_TQ>w~@Xy9XDh{If)2^
z0>Xmv#YyUHs@rvFPsuIkn6J62ub4lab6Gft&}|kMeJlA{SFji~U~ftA3?#6t!tKN_
zmLdhcs@oL&v=z*5Lr-<viJi704LNmf3T`nLoyf(?bs|?&k%C^VTnc(I6`kls-9EjO
z^P;er-^O`Sx00XaJWU0&lbjKCn}VIDA_ci9+Z5z#D>~7Ox=le(Q;~vRlx-S%+KNu>
zv~wxQ#ZshT7dw}NT}(wMb__C%)wLa*r@~@x8{dI_iRLHyE|!AjlZ>aX?Zgd!ElopC
zRV#HSajTu^M9$&SpMqY@gy2bzR#CPo_{C17pcgC0{G>JzLy>}>MlJ<Al;Nc0Cpjak
z_Gul+sjisY#&+si$xd=c>;&_ZxJA!);wHZa)3A%8O+hbKq7yweZ3=d=5rQSjc2Tt{
z*wspOqGxyar&K^Ik%C@LTpE7b2|>@3Eb8d<BnoD*boFrt0E=KU$5e;kpTokJOf=ml
zX9xK?o*IzpW;v%T3TE0loR`1@T7WXQtjl>G!a?8xJ{Y2gA&gkY`JB}VJZM`#TY(;v
zDP9<NaFDK_onY3_bb%v|Km8~wN{u^MU{r#<wU$Q?1$Gm6a4F_f@@K`Leh|o7ykH&V
zLrn96^oN<|1?hX3<^}1GFwKkCWKCErk()kQYb76JIbJ%}N{;EWRx)CEkXS2`*0@a~
zlC=^h{^7L}0{5_1BE>q_N=Qn)Rw7SrYb6(fxjJ8s)=J1(td$(aPJpD5xw2LgW{|_O
zRuX2A%?Ri0pNn9G*`PbjF{>xaF36JSuwPT+PNi3M?L<0N*G{BQb?rpDbo#g7f8;aL
zqgX~^)6Fsp8<<!|VMbyZ1$FD0SzXuY7K8e~wT_}O3x<|#9JAm%7f(CR!8*?;Ph_4?
zj>tTp{4n!;@<ZqOBIYZG3&VK?mC9^Acow=4;SA&g0$JhE9fOQ=ehzLYR-NSu-Y`Zy
zmjdk4i0^`)mC`u%ly~!{bU&62P~Okmg&FI*L<?tdbj!tWn9CDuL3tFnOEdVjU*6-K
z7b_15K`pZQP);C6^xUMB=7-k#^XT%xS~}Z^c(N&Z-AfY@3AaoOFWy3i&la?B4=qGY
zpkZ}SErhX{!@P~m?xBsa6;app(2+2hQRgh)PPi9yOM7l7te;_FZ|!8<u5z)Lb|TiU
zOK0YEq7ob*OE)74WxdRR6z1UYWJ6)ex;UuHxsVM456-}ZU5m4V1-D>;1~7dBSgv5h
zFh)?S2|=<n#yJDRDggx`8wLZ<!07P9QAyGh(uNvkK2}atM42#9Dj7JE3e+JG>g?nJ
z14NZLGZ=ee0s|uxK#Mbh@vH)(;}RamqCB9aD2xudo_N4eRjEf|df)(@Km*dd7%+fW
z8DO;I;tXK$tAZF6*$W34n`;C0!~#aPDv)Z-UU<OJbAd4fxkCz!wtsd!dZK{pohw8O
zB8rk<L|a%OA_Ee8ubtCfXIMZ{ko+PF(gLA^G;!UF*gFd-3U3bwb{Ab~frzk4dkojQ
zSq2LxifuRcvL_x;DQknYqHfC5s)ss9NHdnUt39+}MCB-u(I1QRAUdHCvaJUmL}v}E
z+C9DTAUZhEGY@F_3=>p^_QHhtY=;gw%&?N)kFg`i#e;{UBU?Km54tE23q(j$7(-e&
z4PpUNb`(atr@I2NfH<-RNZHm+e^?L{9j(T2phJIjvOtEm02#fzI14B_T8;6mdf<SJ
zYz11(lv)iEJ1<Z@^FW5S1yb&T2b3J8&G2n;9>~D9tLcFURJ;PBink{rkddvlsp#||
z22{KXVkEQ&7I0)MOczsXrVhu(gNH&L9=ed(MmGgw!H5_rkkZy&gV<2fsTSp2H!W&`
zkk?X=3Qkx3VSxy%mA0KvpKO@;RLLT93=4?j_M~~hPE{b4gC2OmK25Zz+nmFqjY>yg
zj5cW3p`BttrDL}S2c^^Jkyb6#y8@&A*_#kVr-^nxr?jdOU9Gg4f!zZKsNDp{NY3IM
z5M3Z3#;b1UfSHWglu>RZ2qCmQ-SmeAM9Kt4DeJC3EEtN7*0Xc<VS#X5D~M4A-PDH#
zL$MK<of{DgLR7ne7&o*B22gA)ke(PIqgtDzqq>^{wP~aKp)iXWQVWQqT49XV?P5eM
z5D^@KS!6n9!EjL9&FPH^^s8;+dSC*_wGGnMkXpo1>k5n+J3X*~qgp_^upnH8vb+My
zv;+q&>V;ZBA_oekecDZd+Ax#@g)tVPoBptY$ZG}CA=lxD8XaoEkk^TN+BHZD7btIb
zHQkk{Rgp-XLhXDt$AV#}3Wyooz3_m&YFE<(52$t&#PGTY9#HKFj0#V0ETHNYpq)Dt
z76(LE2}tiOpt81V>45>%ZdPNu+EI%zDgy!OwkjJfYFU#-3eL}7aLJY7+G2MNVgZpj
z0a8wP(;pTD#YP|u&$?L=3xoq(DeK~d8bfM<P-+y!NKH30V!?=8U<38U0hw3`l*&yH
zEa0%V>*=aOE#fFQRxS88Sn9&21tDWvt65||W&u%h6h^gSZ!F-jwrlEv2cmcFntEXZ
z$F;y1qtF8rsCBg(qjh@`1kNi2NM*Ex3DKs8wOmcPKH=}DzH_nla0`TTpdf~}ZYtD*
zp&ST|VL=x+)PfLBYc*#0bkm>~5IHR{i+SP}j0l_nDcibPQVWFQrlc9?s0R+nTv36H
z7uEw0*rNht*wzCJsCDdWx?2&eLDV~TgL>cr^{#>};!If8h^kT`)2EB`fT~(RjN<Kq
z1)|#oM%mUA3uNU;fYJ?Vv^QeyWKwjLtZu5qE(}X;y0M$_uuDS&giEGf^o3O#qj<5I
zmsJ`fVo-Oeh_qH>>?++oG!jw~?$-9uNDNnHb~n3V5e+#o63|T*T7@w{%`$yYEo9&C
z+zeW{=|1(|k5HE3j`ZT)h+$~R?z)v_6T;nE9Y?*j68^s_-`0~F(!)J{6Vk(7efW4V
zZW_?yN)QW{oe<<B5fH9y@k@}8gh9AXh6ZSm4<jzHL#SafCMaUKC_z5l{x269<WuD5
zbrIx)m>!J^2!nj^14Rh(X^ZhW1nYE(7@tEl#^*#6<71+9^jukdj_bKyVr8ZUR~!=b
z8B(0~DUt<-1j$<~B<OSyqu*f5IyWMAME<OpppOGvix<TE+{ZL8NPmK9UXcDI)4U-4
zDW-Wr`hKQ)LHg57^MdpPO!MM3Ne<$M<fczn+|a+W94`_#l!yhAX1Gnhlvp4p{^3|4
z0{0LLB*i*ofk;Xm3nWi%u|Ri%sco@9<S1f+=E!}-0+Fc_3lwIMvl0swW{|xa3l!#%
z$;d%0P?$qjBWEPeA;Xa~7Uu}tGu5SGj)@>rAp)I@A-W#-lo%qB0*xUOA<!5ikpYb%
z5)qgl+V`{<s02*E>E6d4R{@y*&6nT(YVH5&3y#{oPr4sLM&zjpG9u>^K}O6-1R4Fm
zE5<10ywh{J0<UMa&I$*)@HFMD*4d`4?xo@ERSc1OR_mOwysTy}UjE#$yi7tn%6FXA
z`iE$j)u9gD9cQ&7+GQJK@$wPvvf<uVKIc4&vs#C03>Re*I+yZ@b6S)|#6F2a!a}zw
zBYcjA;{x9|=V0J>%{c@RS`nV#qL@ik{swkgbbgE364}mdAPdiLF<+wcB|kn>!F-8q
zXMTL>f!U17??lc61u3{0lb?cG&J%Q^mXQ2T+?a2`_NHKm;|`Z51wXu5nD)*J;1w>F
z>?CL4WEe7&oPj?9-z^P4&lD*7@Kgm^Lnd4RhQ)Ez%vCJRM?Zz9D)>UUAo+2$GxMeY
zm>)+w3m#!ZCw}R_6!gl36#VSL6!c_5CwBH=8gg<V1-EozCvuU!PUPBwDd<J^QqW5W
z3VMGypDUL0_%^0QF{;(&sfdkWT(Wz4uz<O3a*tl0()^^{gVq7bPs%-MEu~<W6CG*j
zc`8Ekljza3C28n+D58^g$U?tjX%kI37LkHp&U7$8Nj-!ljd;kWA+im<oJUDPkN#D9
z;`2n5O<}_MsI^V>1r77tL|>R7`AN}d2QoV;`ND)0?Cii4<idg!<l2Ls=!FR>=-GiO
z=!FGo=-Gpv*eQJ}$ff^Mu#5DiV3!UQ?D^q*p}(BRcW5oi2SZE2CU7n(`fT!m<hKhy
zkEXD^b<m9+$-^DYPD&3o@L(ExIaDKPlJWx{nQD{5kJc?o!H>qJq35ZZ6yy+xROCEX
zlR`Vsr7*jVGZ4-GH0(SOB$Xy9hvrc<Nx{d0228~BfIcbt#KPP*xtI1!ep2qG`<R~;
zd@`UDH{^9`8gjNj1-EuyCvw_{{uK1mcY-Hru7m?A_@(nw(2M9XKgk*Cy%hA6ycF!v
z(vy-ufX`m$%Q&`<Qz+Sl?1QPL;5<~+*256me#vi_eKdSfU$pfxNM0f@lHw1NwS2My
zFiK0e<ChacB&cI>O{HK*3n4<C^g|{LmC3Qi^Fb-dA&E=Vu=8|KCvu)`5+q67JeHM$
z8(plNObWj+U~@+g6A5$MWS?idBs(ek(tFHLioUeI6E}r+Fb%sjKLx$?T_<|BKLxw=
zoM1`HzAzvKyY^itdXBmNlnU5)Dd?%Dm*|Tmb1>AEX#@B@Y5YnKzVMm{Tiqt73i#5I
z%wl!MfNvYgL{=vb{9PEC%<B9BD@MAeq0<Pg70IfG&L*&wB<mVFso-HSS=!LK1%ES!
zbBu6$iywC4$7pFQ$^|YLncubM$uP|hmy589lyWBQH1u?0z34DqFFMJr7llhWa+WM!
zFIw`U^zYCFZR<r3lhm&3Me^2KFRFo<aJ}eVnA^&qwO;f&U~BP$b)L^N%?r|BV44@C
zA7q*rq#t6M7o@+)G%rYhiD_Pt{xZ|NApI4lc|rQCO!MM3Nha2j<fc#7I?~rzj+f4L
zBx#=8<V#scV&WfOM<Q?!>qt_pa~+AK#Op}%)V7ZFSune89f_RAI#Qjz0vRW>WgRKZ
zAjf4LDa;_-bsZ_pA@g+|Da>IP=sHrE!;a8(q%eowfgG$Og*ogL<V?po(lwdt9$}7I
zYf=G3Te#MAH|{BGO(H?M)+7R?YfU0Qy4ED(qvzE`dUV-Igh!X1M0Rx9Nkm7NokVh`
zmrSibPy`1<l)YhApvd#Y3KTOED^R5Q{~PDrel+bkhwB;%d5JX=@)2t!<RRBc$Us<O
z8GwkzmcfU$60!|zC1e@bO2{v0PZ?_1><$lyy#Vrt190RI_XJA8708GKIr)S-!UJ$t
zY3|kxYUyaVjHTlPa8_Y%d@Rwz(MA~y!>0&?ZmiPWZ|IlO@fMj7VjY09ier~)Qc6eL
zgHkv?0B4oOrqPtr5$%mi;nXH#Z)cenUc80aGlC;STyaPVpVC{%{U~L1Pc4K+<qiz-
z_0UEb)TnEEXeGRgsB;!?CmdnyN%h)JxCn-Yy|oj2ScZ$ev=cj*T{<&7{B<QbW~7^2
z{jvyYK%#v>wnYw{=>a$k1P(}ey2x~Gv{y!;_yC**!>xWjkYqrjZ9#%yHV__wvtSsx
zpfD;E@wS=JW*vaDfG86NN+l!OJQJY!0GtKG00FJY48~rV!0@~T(Be#B^oD@wxQurV
zyYqmOqA)t-dg1{$;iVph>45{X2QMJKivdFllmSLNF3tc(J1B@zkv&KOhiw9=Cl)Y7
zLTgfu*$WS>190q+I95m`C+iOvvAS4<teS&xFGL|TiYVUZNSA<iQ5Y5kWkDbo(Ha(r
z$b!IVCw12y77$skhqHFBC@m1-xWX)A_bedFoWhs^zBmg+=mf@?lWsQ9s)qfl)#y;|
zi3e293Z)fwQ=(Qq)IC~{%1>9*Z^4M_v5AZ0E-4hT2VlWa{VK>JR?>o@x>A_MY^4Px
zN?V|M<^e6BsYqp~7bZ|EC~<~y?Q&pFfxS2$JQN*0{<Cv)Vu1*0;V~l_aoseD1w`3V
z7?qvwio^oq$QGcT>rxAXqNCLq4s^377K{vS0W$ixi!QZ5C^=fqA{Nzxk&&%Hi<wj#
ziuPWhdgg%)Z40DbmqzF6t!gMaN}J)^;yjRnZCBHS6j1RBh$`Nmgg{2N(x#%*&74@x
zq2g5#GkAIs1CDHkNj0hX!D+1W7vW%Gg^u6Scu_ovDBOD5$bfcJrWTBdg90gy-L<I=
zMR5=)<zP2$YJrgF0-*xbRgYL8!g8f;=hG=0hSBv3vxqjefGBnf^CWn{&Q&0lhaPyq
zzD=~J+Z@EAjmk%0j8<sZrJZ6x<zu&|>#WPFh5A=uv_E?j0{W!_wDUQpRgLIurEL+L
zY5`Hp35=1P#W^54!J@2#1165&szkJv9yeM<ms&ui%p5nO0qU+tEEtN7*0XapVu5g6
zD~K7_-PDK$L$MK<of{JiLc9Y3G45zLMQXuNY%GwT7$Boso1>$;n<BO95xG&AMGUG1
z#8Is<M*DU#CKiYYj=(H3J+ojqsO{$T#sto2Y~p%g0>`xt($%0^#8K-Cj2SyUuz;gl
zKvG$N-L|6awiUTB5Ux<Q**rZGq{7-=l~_O`6X8K34yA6&)P|vJsxZbnbkn9b5c#e^
zI{do%=N1h4o~WmrS+!s&dv-Owae;Fbg;E{V0~grA0%FE_FFarm+tu{I1F9eeF}&`9
z2UI}<qk_~M3#`L&y~+W7ktfLlDsBNWs;-Mku{xBR&T34DMM)V6R15;rZN)ZP@UrG;
z6rAuF(avp(1w`V^aV5fZ(<K%J#l{>wB1BhJVu8?bDP^gSY4ph}3xramAVzAsnG_2~
zRJ{$<U7y-elpBH49_@hz9M*O{z3_l?W7QHLf*=#)MNgYBj%lrC5x>F$qU0!yTD#s@
zz+r9I)B_Jh@7gu>!UT?MfiVW6i%qfGBa;lR#%SGM1cBpPfK;`$GXXo_McMf-V(%t8
zC}%C{QpWY@($2N11wxrn5JP7-b!x#-Cd|<#8A@Gri3K5C*J>7-s98Ydy1*>vp<6KG
z&IpjQu$w)xKqz`jnsJ(X;DB_m0vYeD2Oh9@1;$8GH-lo)Mh#?F)7_$2K-58YgL>cr
zb+Cdg;#gSKh}u#h)2EB`fNEPnjP34$1u{($n8l2$O&c|X0IBS>vmiP`X6*)2bd;=a
zYQ!!K?Q6QR+tkD^%}qEXC|z`iRT`r>+&%23G_2AP5rev2UBsVCw2EWwD&0La5>gTF
z>h{n`3|He@EZ#)Ofsue7T8IH^_B(rOAy*Z5ZW1kaa0=LaKSEiCJJ*Z15yQ}s-F3^$
zCPWX)QJ?nKN^aEZxNGl8x5>}|#5qZ{g+>S<CQ1S>G*AG(oCfV^yZ~dOB=ADR24E32
zbVs8H5cVYT7aBx>cM^i3u>=f}k}wPnDPV|{gkor90am;c;TXduiI`$|LAk_;snRe`
z(&2y|0;DwRAdHwAC=W1VO3%t!zu$c+*prBvIznTnPBt-98peb}b0=LZztH_{RFx70
zWxut8pca6AC*RTjI*_$^L5$KjnC1oPZ!*mb(%)j57o;C$nisE0IuOSsH+{0=nEs9B
zc#$}!J|~X#dRI0*)+_vucH+0ZrL9fkLFCY$=C{20D8J>+M3>+4-WPn%>Tlq&l=&_1
zf)oE{H&G*oNq&P{TTxwtALkZ&GtT*dPsA@Z$s`c5yZ#<G*(A|R=9#RL;3e}+b|JzD
z-@`T;!ZSGnry0r5VM~0`b5W=Kxxp6vrn}=#_w9bv1=>3rUnHHQ@kP=%8eb$`qwz(o
z1%X0rvgsMUp=WNAU$6^*(<}Wqx4ZwYHh;q}g2|k_!NY$MTIBQh)_x3TA4$2b4h{RW
zryz!q{4M+A>$io;srB17hUw~{{V;?FM(!v`IXAiq-?^=B-hk1>xJdk#IwB+e>Ph%5
zb;KdAzRQ))K%5Zyfl)?YAY6!iKs*q6Fr29jXDh?SwNL2-f#r-pxyi3iZr;Ej(tagI
z1U7r6vaCU$E$8v8ld{`|FH+~KQ=4*Qn>UmS<;>(Jd?y=_{L$~lAP0N^`T#8E3zM4)
z1Vh!iMdA8U#T4oRBr4BOZpsrBmHUf=mI{C@01!W3KDjAJxI6$Cg)8O(mj_%wj|3}^
zu_ZnM7DI8Zd+_lmo~R7>r?Kx<UD+o~wL4+oVvya~w;0?`*tZyHH})+CXS1*0un%gV
z?1P#&>>EsD->bW_PZk+=!oI~IyRmOExSg<XG0<-8TMW)--=JaNV0n=2TT)(P*f*5M
zzV03Ktxs=y2&d?~4&KEeyRmOExSg<XG0<-8TMW)--;iP7P<e>#E0@c{J_Oj(V8ICz
z<F2X_o{U%!)tGQ(#E7WkgbyTkMD-_~sZLu`9Wqv=!-sh(q&nfl9Hl<YDaMCUF9bf!
zq3Xl@1hl32F!o!^hq)fujSrJ{?*IP)S&J9=C*Nb57o@+>G%ra12h+SD{R5_XLHdVG
z^Mdq`nC1oPA2ZF1*Ceg*bL6H^mY?%emgA+v&pGyk>3+^q!>5FwBm8I*kLBm^QT!Yx
z7WZ>lD#gzs>e$bbC(F-y70hGO&mkjYKZmTe{T#B>_H)S6gr7scA_GVLjpIY+A_FJ=
zO$IrP3>@@NctRmxJf{Vk<S+7rzI}W4)7rz+xo^JYsoKHQqyK){8tvcdr>`IUlXma)
zKBfDg(B7Rc?>hH<?cC|NU;mfQ+PBkhJ@K!fl&*!NM4p+h)m!8!fdHOuzsGZ&qm5rv
zm^}%84LQie5PBb5zb&{G;u$_KTfYsyg}$pU!OL4z-<uqGI&;ZW71cu?cPo$g(dw?g
z(`}ObaBRqSI5y-q92+tjjtyDMaA<Or0ncP4!=fps!@0_Eo)-Hu7nJk6BEik587INB
zWj}Z$iJ1Qx%F)j;^dW`M_7^a}87Sxc;LRvQC+AHpix=W{!6krx@e6_seg%F%p*t>|
zSj3tHe(fVC$bd8#Vne{SescuavU$NKZc2A#*&OC!C83^_5vw0!gSQr8%j5(b9lP$x
zGK^U+3i*NzJOPoWrQk`3t>6nXvY{(7Fbk7e@GYaQR1PbyffyBz^9U~CLRVzq7M8z!
z5Kp?4!HNoJKtrl>=t1dB;XzkiU=}9uS<p^g!d^vHic$IKKtZJ(=!y%x!onAQSK=ab
z6&228hg3P`ettv-k8pgZjN^0l-=BB_riW4t(<3@rg&C$tw6e-HOpoYg6>XRv(ab90
zG(Do6RnR#b7yYdA&S|}<Xcc=-&ME%Mp`5T&`n$)`+~xetxf{*Ig>#{{dCf-5Yr@xZ
zequL_CWRf_?80T<;8q8a7~ZsDqg$;YRYWSnmvNRy<(J~+1k0C@*j37pZ+4f(#RdP;
zsQfY%8)x}lkQik7@y&{v=QyUKa@8{4FJZx9BnAX=(Uk14%h#dz5_b8SYL`znc3Ca!
zCS#UYJpBG~ClfpkGsOie3;wpbG0DFtlf#o&!8?K0nVC<%wG8%M@}Bd;G<*FE;A-&#
zJNrwfc|rPDO!I>DubJir>EAHT3(~)3nir&h$22cU|0mPDcukTDdo4G8vh4LASdNzt
zdwoxrbqW344Eta$`rs?NrXcKS5|3rC`6%|9iN)<TOQqOrqK@sgJX!Yo&7dJ^ugS>R
zUXzu!y(T+tdrg)m>^1qCu-9a6!d{cZw!Ic!BLnBD5(Zou^#Lce+A1X&nQW-(54~AN
zmcJc$CfX!_?(_veE^JZJn11>DF8H`g#&rGnmma8sF}?1OC*G}cG5yk022WP8n10>!
zv$v>JOuzfzURG71m>&P~_s$ZTkiPbvgF9?Fxl3EFciQszL2|=qwdMLwZ25cf64uk?
zENaWyGqC0C64-L~1Z+7w0JfZLr!6P9Y0JrE+H#6;WXu07ix;rvVg}!h+UNg>_iDq1
zilhyP>VFSOY%|_s_qsyIRvX%0!IRdSmaZ#wY^G_S6+CI4VLQ4)$97o^vVte<F`Cp3
zIyS_@9sy1oU^J*3aAbIeIRcxsxNJ^0;K<UFH3FM7vC^1sz>#SMV+1y7Q;m7GZ0cXt
zrc#<<{6uf6P{H<z=2Y2&O%>g#A_ki(+EXQsHdPd;3LI^!=unkA+Eh`aDt@%76vO1m
zP1w{7kJTEx*xk;#-nlN#?VM#F_ln?lVowPOIND+x_J7z`-ie`;u$9NCtvt=xN;PU}
zwvvN#W~CcE#8q2oW(H@Bzo<#rczf;pb6srA8dGn^c@g+y^!rz34Y+v`kVC)E>bmpA
z@-#IUK3^iwoNk!{mud!PS0<yT893`|GA`4MAk3&e%!;ZZ4X$&QC}UjQKwi1aIsZEQ
zwvT_YMPl6LoP*6g<>pN-QsXY?JnYQA^*6LgjJuq3v2Xu!?_FCY#a+G+=3^JE-0y-G
z32~QmPWH-Yf9Sdv$#9o*UN*2-|94xL%OmGz%Z~Z*Gh1~$QpVc8NBF_^K6;k+(dnj-
zzQm>|oa>wh_@)aN&n^1X4s_|75r6u7$lPms*3q23Dzjt$^a9@P)h~INJ?-VrX57;3
zr2D!Be1)+7pFixoEcm126zdQCpzpHAZ;`q(H?z(ajKO^%2wi?Ky8K=wgZFB`Qv}|p
zNw&dtCQ<FK^d0JZ{HX6Tw|O4gC-?=m4iNgIqbR5SKQ<P8oEThm{)dnV%VeFGq0HZj
zYcNyUH#eAB_P9ISH`<?HHB?^%<n{A$Q984ugYxs1qwCKd)6|BdUwJ%(31{#O?gtEJ
z#^y>nc<;y=D6E=t+|g@afL5=l_>bIL84d0w1-Ys9C4cI?B1!Qd$ps%q=5S^f%jzA!
z3Hyn-e{8w`Ru{QHG?M$9qjm@XTXNr|$ia_U6ApwXg$@~O!wfSrluGT#&ashy@V?)R
z+oEIR8E=2+8gX58Y|Q@orpLv7(XsKnr!G5JTo@f2U%UFp?-e&j$42$ygJ;E+(XnyS
zCl33YxHCF7Uc7vMSX`PeW8*V1?<w?-^K2a(&*>Z+y2f$~WGGZx-n0YJ7da^U5Ttnu
zQY`S^)Y+BCy;2Tu?r3`>qv!EH5x;LI-?`q@S*^c-shAS-Hg#t3Fvp9ljGehMQk3xE
zSwIVWweL~v@GVl$;kW;E+)VtK<3`c6kDORf=-82BMz*rfe{_*8#TI-`NNR?f)zq;*
z%#SpzzNijGZz5G|-i$?WBAsjAOh<1b<!jyq(VIvb&6_pRn@B9po3-H^WuxY*dJtW6
zA=)c{q5gK8e<gE8K;7owm=@`DoBz$Uh^E{8JJTYUZu4=bMJV0o6HJRlx=m*gX%R=a
z*~fG&i=OiisL?%Tezg3(7muIuz!C5HsxcV1yS3%hr3a>r!MN`1ea?FHj4!^~7>v{2
z@X^1%<)oiG#$asS^N9R+{`BrY7=v-|gSTAwlrP_LurU~48T;WmgD+WmuQ3>pUGv?0
z?tA`Gj|(Ag_0-_Y6dkvEOqe(<OsozQ2ZV`z!o<E|VsA}&)y<E?W~^EVjaS`#7Bs{o
z(TlT(`jA;nWEM3uD(1`{h$4@>7%wY`VzJVLEEGe#Mg_WJ`&;Zg3?TMci+zVQd#uI2
zLz+F-V&5Un9&54hkY<my*mp>?$6D+=q}gLF_8rDo*4Yn&B7K&vNRyue-c4`5#LHxZ
zM>sCB6VeRWP~=U_Whd5aK5QOjE$i$9_<=sCn~7`yn^Y{$jyO}}{`xaZuoZLoUDWEi
zn;*H=@kiGW6p95kJ^lIB-%YXYU$pfX*A0$U{WT~0ONO*B*T?%{t-#xUr@jhGp|Q+$
z{3~5Q5aaLqD(u2FUxi(`=Buy^*L)Rr;hL|)E?o0f*oAAp3cGO4S78^fsU6^2K;&C2
z;KBG0^dyr0!&Z=(>OT-Fc$7?5|KXcRhW<mF&+s<Ued#_!#u))3)q7sXt^ErIK<&FR
zFEh@V^*&pB46jzYwR<>DvXT8|e|$y8ZgVpP1Pq4!_d^(#OsE?|<DU&aAyB1RCkFto
zkH`K>Sa)_XQ`-?%FEVl`a39CM9L&;R$#(Zw1~a3BS%}OgI4spAnr!!2vJ+3jW643P
z@lCPJs*>YkHYg62)sm16!&!JU*%X=lcGwX5a7UsY94l@Bi&AtPZ^Uq^{s?@;#&75u
zX1v;GcX50fG?32^P(FXh7p~WGIRG;)FC2S^0H4^liEClz;B&c67ODL!5Ztw5wEl|y
z`!2g{#hBY9#MGH$^zK?QUVjbqgA3umsnQR9WMlhST3#HC-3lV~YM%#2XXfbeIg_n@
zL2}rKS?3v`qrfq2>SqJQ3&i3D;r&YOL1eA;E9he(CYUD!G%dmaO{ug$6yYVpP%ib|
z=kQJlyE5b;WUBEeu(*{&HSS388>F3?E%ECnUo`$47NO2jU;22}4QHutU@2e9*8W>i
zpj@A0#aR6exklEr&av%$uP^-xIX&tsipNnnV)t16t9=e$j+>W%w_djOfz@6TRAW)?
zA@xt%-?N^mqX^;Eo<No}Lv9KNcQ-z=AN6%kp4pG`jDE~Z4)J@=aLjLgT`S<NQow#b
z0LqDf!AjTh7nYzxM<y}T3&@<f7N2bDTk-HqC(H_P@JG_31@5p4yfa)PwhMgEDzK1-
zfzz+Bii_JZ!1ELurVI@m+A**IX$T7prWGI!VS!JjRskBq0+**@pbH!pxFU&R=1OOt
z9CN46f>Rs(7kDG%F;jC*T$L;GCS%a64sCKb7<u!YO(2Z1Xl8EJ8Y3Q~Lo(u6L)VTv
z^%+Q^H7PWDBLg40ObD;>a1}#kh-uhy-fNE{r?J}s$R5Sx%qv{4rqb()^ugig@WM>q
z3;rUaMLBsT=#f9SNhnXQwcUXQ<(j(?zg&Yq^Z~Ivd(C0V=2f%h*=vqSHm|{NSX!RF
z=B|>>Yw%ap+mdImS&?jBHJd5*BMt{aCvZ%=s#LSiNNILoZ`FWz-G#1+pwvk&jM8-%
zUb{bN9qM!3idR7i)kj`rml9*2+QamP>l}f4PE_6TT+tl?`Q;1O_8WGa<g_nW@iI`Q
zIvQ7_Zz4xSSsCdVqjw2v>PhInsH1cwa;&<}d7$G?v9}}2;Spush_Y&=Mb^N;co2=%
zj#vA@1ir14yY51Kvn_+E7EH?zNs%!vwSU3uz@aX{qD>#~ZgowNVS@bioFAgTlce3X
zECjX&pP*O_c7q})$+ds>e7FsB$h~_3dSJjSh<MjBD7@8koXOz~ytlsLY&lD}pqvqM
zo!Pw$)iv1r!~X25VTYTdjbX@9?GHe-(wQwg+=jHX@NPZcVTC%k`Z_mP>jQr2Oldb_
z04XVz+InO|%ZUKx9B0;X^Hx#v2A=`rEh@@~K#Ibz%{YHUdrxM2b<|2Py8$(FJa)Bl
zfSH7$qu{RgeQ<oXufmBg9ERZceP#eSv&Z9`b%JH;EYVWhYXSxs&VC_`iYD;1BPLXw
zrq0~bD1#}%F1(m`(lh{K(d8(og4L8&rn%+J%{-Est&N~GZo9@nIJ5~qV}TeBjq(Nq
z1G@!a<pcbp9!IK@%)vQxJ1{Z<s`$p-!od>D$6eG8A}Xp6G8KGCPGM>*P&*_lD}qEj
zBnqRp2eW4w<;iDLc2CI!-$NTsoo9+fp3+`F4W)Kw3*J!`R=it5yrf10wP#nNPM>v}
z3NzRtVH=bl_0xRkr>N@`(HUA8iU7257|w-*<T6%w3;Yha9MTAtns&xhczR|$3)_qr
zselBD>X;i{@1IpdEXM4<+(=>`zVC46dYK&It90f37Ef~U8!tgo<OJXR)NVx-W)A&{
zP4(5EaRagaiUBd^h%1L&`_2c@=2O|`DfQ4izY;tKBLGg3LC}me<0ZFxh~1@r#lP;t
zoas&Jvs_KOYcMkfil@%%uMEtd>P!u03R5AiV91mi@EqCOGg-Ww)5@ILWy}ie_AB}l
zyCLEj!kyG64HWW5K>x|i7hVDSPXqmCUwL5~L_7GV;R<JZ{HQOzxHQiUKj(82kgHDn
z>p6i$ATY$fKVS5z{ss!GA3>CHW_Ew9Kvt*E9?nj`=C)T}IqVB8_H!_72#$#1>2fwi
zP{!75f1X39dZ?l4exXTi0?2aQDGg4W1PN|+NFSEU!;$(hB@bpxyvm1QGiO9t(UOR5
z^-qr?GW`7`_^eIzK^b(wL*MOa!HA33BzYLj)-4><UX#?~oplS}!Ll#I%N8%vZhL+9
zUolM7I?->=qnec*yH(xNZS$oEKv!f>$5Hll%A>dSY_raIJ~;yAY0>Y=zJ@d*+#Oc>
zr)!mk#_ige(dmzUVB}fmVQl)*!}l09597f2n(vs0iRt^+)ZS?xCa2%EcAtuQSUP?D
zudn@qc~~}m!r<TDe>*m@q{Xxe?+)AL1{VsAO2alUQwg`SC1(^l6N#KL<Y3Rm1hA3w
z<H)h1`<XSttT^tCS(D6)Bj1>{lvz>io7A_AS?Rm!V!P=ZogqBdGZ4@<B9+pi{_Rkn
zY@$RSFrkkeDKOYDO!1)y>GzCtJMcZCx|!uo48opJAu(F;v>k2jQW5pp=|u|SwLuF{
zW%VNlt7evRqjS<BIUKw=?-KNtRN3*;oWt;(Drg<^DPPsXCa*e**m|#8MrsMd^F4oK
zZX@<>^6KMQWtX5tS;~$gRcJ43opbOq8?z>Whkg?0XcF&(%||bL?uHEh+kRUqexHCF
zjPuX+&X0kH*W{cl;6FWw{YSGf1@=&l;L~%`c5LP&Adpd2INHEiUUr<=fNw#`m1bcI
zwR{OjDHv*n*dJWbxM7452&PhX0Iv`~y=+r?usV)6OTstkL{kLO3Q@X%^A_cSjlmd3
za(M|3WoVhD$ObL^buiL`h{WoVpaqe|>t6T-&jXZaXFv`0Ub$?5$|2VB#GF8v4KxCg
zMbYk3-evVeMq6!z<Z=v*ZbLi-6Jy&D5y8axHZ+EbiEWIEU}|z3<06<^x{Z+$OfB2S
z*ofh^cY)iEU+u@CjuA9>q&$KhZdL!o+vbLME$<3e>?*9Nlq=<tjl-i@{>ca9XmDW;
zB$`&R@EDv~2_TpxH*$033f>As_;x%$kb~sqD0%&UsXSK1krad`A_5GT0aT9ALON{Y
z!6@K|GfsKfaA3GREPXjqo>+Gx_=oPCY^Qu_d1*xXB&u6hUIxmS3FTAesq)f|!&RYt
zLMg9?l(X=3NcmDj`BX?b-!5;Xe7YOu%OlDs4ds*NN$I=Y%DV~W%KXappNDHPyn7k{
zj`cU5rn#ebZZ6Cnvvc!d?zo*>2y-Xw+;S$&o=jwC!|bJr?1+qIiEPqg6#reY!rakp
z%|d>V{s_~nnKm<UH`p8Ob7tPQXhAR7M@rHjQV;09)R(&0&M{*nZF{OaiS*+>2KfI{
z9W2DS&AmXAeAk-^eAj!~+zr!Dpwzirs%tlSnWgdLnoT%<H5oq#e4dD(r};b{KacTw
zEPfv1^Jw&pphj9iQ`@B*-lDX)O%lebH)cbyA;AnAk4a8z74l(9V4E_|Nw`<3+uWuw
z*lqHyw1WvBzP;q=Yl96_C4H_0yDL(+IfK&u`Oz(NEv97e?`6RKYw~Dzf@`)n1beWs
zARltGsAK&QTn<6M%IE%t%-mLgeRdBPSJW`uC_9CcsFIkcObt$U>TwtL=^HykPNZ-*
zchJ80&d))Q`~lTdfXdt0;tfxG;x@k<)AHg%?YQmpyGL2oq4UDrjq`iN+0$0`ia2{s
zoV~t9?5HHbZ9XnD6&11ZjYYW|?b-t?JEpU`HqM@F5x=P>bEZ6rzmRM<X+gVfk`y0v
z!WNpEnU&IR$?j~oWGC8f2qKS7yIH2A-2&LzZprR!w`3>UZTgTmw41k-c9Ryg+a^id
z&78J&Gb^RtlHJ*E$xgJ}5JXB%yIH2A-2&LzZprR!w`3>UP5ef7(QZCTyR**Eu}(Ut
zW11?Uay@ls(f5y2m9T94^1IF7#`ULb-e_By%Jz-s%~;!;(d~2Q&3N0JvF!%e_VZy~
zBh(XZ#l|DllWlJ%BGgOU-b@<Q6F@z>IYPaxt=Q5Cb!VGHsyka6awS1^XR||wbT&Ig
z-Puw_J(i@pv)Li)&Sr<GJ6pP(zjDc+w*)t&-#rJbfzEpEcS-}CH3|(}H40=uL`9@w
z`{b5jB^9yB7-hzuR>l}J0xM&@9b}>%WU?J(X*<ZW7$kU#g}btSS+cTGX4v$NF~g>B
zyd7ks9b~c{WNACdvKXX|oN6Ii+vs-Y*z6dS9Gk>($+2mi=zyB+fLhuCwJZU}KJ*i+
zI=9|dU<eo$O;c&n<G=#Y2#hJaxKP>h7Odc4sbq9+0MXH*A7IvhSASdNCF2|y+QUqC
z*_;Ps^2n{3>{6uGNNN(PKvEM(O-pJVsWC~7AvGka(K&BQ65b=X&g^AqSmwP2K7cEG
zlW*X(Os)6$rlLEle!wgih%1^jPJl!xt^OI79#)BjsK-Lvopp`@t+J-!2CI$ukUtEp
zG>?>ZndOHWWRA}0HAnr#YUtN_&UWCujB`^r8cb>!m-BaJ<p*Vn)Ls6{?|<MkAG&+{
zZxj43&hBE`>XYAC-5;GRVxD7h8}7+t#@|Bsgg#cGa;sBdY4#1BE_zk$8+6#}@4A&O
z>Os*zOYDPG(NN=)W}R1q_A@!wy{+fyx{Ww7O201yUuDIY(Jz$yssM~0(5Gm5$rlG!
zM9CMbuna}wD*9xVqhBaKBtkXlk%i=fUe5_*m!`R4D9-wdheyM`x&@kC`^^W#O}Yho
zTK1bOqc?Q6>^BES*yu|^lu>Wd`2ear3;fWM3l6tJ{}$ocFM(rW|K#HV$;YQAAD@<d
zT$_A+dh&5y^6?pXtWID1QINB65Yo;(uhr_*ZI$9$?EN^-JW2C!f;emno{A2J3$2NP
zLT)4WY|In)ZSd^RlXO3qD_{y+&fvUWZ~%bbGS4Pp5juKdve^`#4+!&3Hk*WLZ}h@s
zvuRj+jb4~+Hqj63116Krruq>bxtz&nll_=JlZ}}*wmCRJq=T?3ft8YVkK-!^qKkZI
zKlI;UFjv5FE1lvU2s}KWBy+z*<UtwPI*boyB6zr!KEg^LX{C>{(nm8LP8^%8qk_RZ
zT3q{fcE%K@Bxk~2GGAGp+rFGH@b|>I!eq1|%zDB(cjG)coEr=CFyBKS*_#_Tc`^mu
zI8WZ@Cg!$J6V;_CM6Tv0CF2Qa3o^*h+)`!$gc;;yZW%I&0vXUTkPfhrp=r<;1BG?Z
z#<GO2ogIKOzm)l?OgFbw*KFFD*-{NQZOm?|PH);ch=(!U@HB**zhw&7+?Md@8^)09
z>;W9upMah!`dAJ}k8F`ONX#FLh__ybjEzXhf*s3mMS1@HZ}yoNJd^q!w#A;qzwzbi
z>)+vgJ?n4{R^r^;;0PkXmc>%2Z_1Cq9ieXA8abFRLPd_4YEj?8GnnfJPseRw)+rcY
z>sDzw8((Q13M6imVhNqe8<eGdt;KCpaFNMdoXJX&$y=OB=|v`QaVEtWnY_iBlxJk}
z7H3khk;z+_2_9vgGeF`y*r#YPmo5nfBSnJH=HMW-%CcPwE-nAM8yq4n58Id06yry{
z7InNt;`BW%LtJX)6{{YuhgFK`8Ot87hh>Z?1M42Hhjor90}CInhlP+R11le{hn12j
z14|#ShozJ-18X0yhn1G_8Np^6M8Ns}URK+u9f@bGu0^ZYR}VS&JVPa88`W}ahpTUt
zb6%2hoafTMf^Xc~C1=1lVc&M`COoS6tSG%D7mrTh!IHz5Mu#(Ne}si&EE;Fmz7s<S
zNZ60%EEG<dl=%y{+RFZMqS_TR%B){@?sj{6k2#k@CqSt7Ly%Dcu_mJFAXHc($e4gw
zbIo)R>a!4JTtKW@a5@OpT?jHEAl5`T9fS%o1ep|&p?Gy89fT?~1X)Uuc#h2}RSLtX
zQ$vVlgb1hp8&5|7A=N7_ExM5AYTdJ7pA-#-R&s!v06NLEyF`sgIfI!fb_>?N-|Bd5
z7_fLbzdh{#ybWpkpMqA-ckTZqi1xpNbnX8ni1xpNbnX8ni1xpNbnX8ni1xpNbnX8n
zi1xpNbnX8ni1xpNbnE{lg!aEebo75-`X7!7`yV?f>kha3pFpvO)qV0Zmpmn&!`NhQ
z{H!bdH#b{Kv-=qXQ!d&4th%IJf)=4RL1H6?uOyhTXT!>|O|<#}SwlS%io>ikQvth8
z8XF0?V1nL&F+XaA)X+prz6Vl+!+0IWJMd+kQ-N=#>b1~Tjjk`v9sp8lxpFs(UOZR)
z)ZC48_#Q+aCx^_-yuN(?ZBA~W05C-7a*t9bE}v9C1amZ{H(ZuIlvN9%SjQb*U-Yr&
z%VpV8j?1#}JF?D)0CP5Ja)TpL8nsDNwXI}}G%<fYUBOZ=_sr=90Bm^V6fF>1S2+O1
zb#BvW;Z$|n#1AiXbiOI%ps{2Z=9?VttACR6j(}_$H1p~o_~>_%gm?xRR~`CVjqvp8
zAm_8Rv2gWCW3f^~>wN@6*(`;n$+0n|9FT~Ocq}@FrE|S_-#+wP67#>OkvBNxCU*Ug
zsPi21%-eb{=YPIBv#NeTE?wA=R$quWZ7{d+9p-Rkg>cxneHfH8u8g$T7h8wSr1N6l
zS-KHL_!Q#zMGGU7%GliEcN_r7v~KY`YrLTdpTc(#8}V0Piu-`@;EK1p3_Rokr`^F3
zKJ_Ew>=o#R*0TYbue}n<t*__<ryQ=6G`{DXSDwlBuV^U_@vIr3_w6Xu$@RDLW$T$h
zg;g`&YTL(w;25M-?oS3S=aQC2|1xwFd;`|&Hd&%^1IpHl$j7aOTM2=4`yi-Eu-4v3
zOwU5OTx|_A=TTMd!^qT~akkZ?Z|`i7wjvY@L1(3U@H2!)Y0NsZI0liqCd%}LLM5Q~
z6NKzhni>69svpWi8hI%6)$T%NMNjGk2lvd)V@V-Xdw<UHEBlP+e0}@{9yLz}Jt8YP
zIDqbs2puGz?eJ?4qHKR&;aE4VDN6p3C7*@Rz$?KS;Ue3v#q+gq0m!dCfGf7yv84_<
zcb(^;-FtFud0`(TpmK@nW9ikQKD>+j4h=~5ou_?wEW5*P@}_-v98&B%S7H=&Z7F^&
zJgL14#4MYeI!hx6*biR@Jsa5%iYn&((9grRdD4SL-*f=$*+~b;Yj!}%*G|u`+S72(
zbU@zpM-LqU7eg9Iw&tW41`0dr1;i@|qtPbvVHeyFB(F!^;ME=ilW#-wwdwMH6z?}-
zgB&{cB<Lbfu8mtMJXA{}r#$c1Q6{4$Z;MK@J_fI&tngCa7yWstvW!1k`zh-68n=@v
zJgGvyV@S(ieGYtHI37H$fA<$ioq*IlALp40P6k~IC-Uw0`Sv8Hq}<6Y!pC{0wA?9t
z`@>(M+^I}SxzkvLkMm4vxzqXfC%;9xGnkTc&tVZh&NHRu=J@vKe?YnQOi8&jS%i=C
zOli5Z`1V(SMY-oPCFRa$5kAf{rRC1y+uyqGWeevrCFM4-2p{K}(sCR5_V<G*w}~k!
zcOHxIah@qHx0#P*&cgGUV)GZy$EE&XQ-HmIslQAk^?auOdpD#mL~5Qd=9xFo$KVvQ
zcnebX6Lv?Di<mljPoyqp>a<y;E<tLZFXovy&qoEj6sh{>Sfs|(gL@-&8B<@{52?$M
zn&*po=FRg_!RmY@%?k~tNb|y0T<Rz853nnk$IJBh9UP80mGr%UZ`~uo;urEQFVn;D
z#r5rr_%{1&ynQj>@-lr?^!7@=&7Xp|O}^!2`i0Tkm+)=r9K3DuEicorkKWGXQS=sV
zRCY1F<$7CRL%Z@)Lg^T+0?z0n=GL%=>DPYA%N>QJE^?g)%AO}SVe4yw1{#N@-DV7E
z^ge>fO7&CLx<>i>wKA-sDVImG_ChS{)Nnu?Q{meAxQT&zR|Jr&&9T65K|y?O+(l&i
zlW5~YY8#om(>C6KIyQH-u>?yKgND{kO<@1i!*=FszY%^&NogldOs@88vXgeEUpbMF
z+doi{_8UWaeuS!EalnVpgtpWEItX{#CpTCRxr@$}mFj=K)v?SotWv4|5YdUn#$mFn
z&~h9myIR>I`tUs9dY<S*FPH;1IKnIyybgW?RwbEkobwbqmVU4S?;AJZf&eVy$k#p%
z-@(Ztx}7d4qOq7;s1&Zdu=W|eSvgt|b#C|H?x^o|dTuNh8OmDFm_hBHA8f@vTu<q}
zzi+2ZzYNtIndZ8pk!j}EE~3bF5p1s8yb0yc*FJv><=SmVV31D&_UHXtEy9xQ|3{)u
z%R@>8@?sHpNnV1a!uqw#kPbG3ha&pPu0L{JC`FxJ&pFF381ffLUx_$j?9o>kof|u=
zBnCHE`w<1qm9aZ8ek~4ExGO4!tPH*2^%zMwuU5cOOAbZzJXRRA-(&T^3@;2t5hq>2
zsRHch-OO;cv6~seW=SNbta){uFlz;eQ1dYSIf{I_D1KE&9%}!DH^#*(mF-cD38%q;
z&)*shgRYF9a>@40mSC-Fu)M^|!nX>S1lLhD3}IjlnLdxl#q+@6CowLrfrMaOyj;bn
zV_cjEY!C>R3daT0(YSa%-iPCYI6B7#b9X*2f_Pj+f)~qc=ir!kFrHrlw4nQyyk%QA
z@HUuf-H7|lIe1_D7&^nNeH2%m`rAUDz)twiiKt6_F8HPb)FdJv)qNStv|dX*_~tp&
zuab0AYG}%XlodCx^=iIs@*4VLS?72Qw_pukPCTzsJaKIb=QjBwxSB;?Cq;r9)7LWH
z<kh%>(kIj%O1DL}Ylvg3gKGdB(xPY9ek^;f9p!_oSki4urA@Y2q|22yipWCwX{&`D
zajSh(kd0G?u8qjo=qtNgkcu9PK+14lqKo+C{YJE5H`-`rz$zRcBMVlcIyM)+JtjGF
zjJp0-s)IK{k6xMRC!2E$6ug2wyAI%PlULQAv=v$BQq*^utdmPeu|5__)~EBA6Q2>)
zm*AInv!W-B!7Ir-2o`mqoGXJUUXK@}1G5YXF#8o5=k&O(gtO~ral5U%92nJY%cN=F
ztJuER1H^6eD($<S1K<tJ%d~FdE!*10+hDe}UGACI8*!gGzkMJ;|7`_6Ipda<{iGkM
zjIg-d6qHS3G&17WUc~C(%(v)YR$@eeMMVT$DepF=j9`!fB66e{rC94`;%M?}<`~KG
zLVTW%mp8Gb+q6lNECJT>a*GrRUQFU{WxC00m+@jF5^gogq_*+Gbw4w{gq2OHB5se{
zBn_R7Z)>)Y&?b8XWdF16ls%HF{jak3nYjPEG+JRq)Z1n6HXuvNUSgbub+cHqZXIXW
z9AwF!%_!wK!A#{8{MPOA%xgT(60**=v8`c!EZSAp?fM89h^)T_DYwaMTt{zn<-M~q
zS8jn)FW|ND5vc!AC%VqH=wtrX_c_?TOr~wYJW4Ixg}UndADYO!n|V(=B9ZqF=5fAR
zU-wM+GKGCN^EkJ(^4`Zh&Lge7e_<ZyjP*k!*bgC3{o0JP1aztVd5E!j4af@VPP~Ji
zO1?WEaL-r2$odRHwvvS(D&H({tLyZ01~8A6L9FSS?C>K6t{h*CGO<<~rS&TYqq;6(
zI)iHi{Qkj(tW)-^J@LfG&eG4Bh%<(5eR0Q1o-T&aI`rrA*`Vyk_CWnxu?L<jI%25L
zo5!IjUA=*Pmg+}?S84|0v&vaHx378&c6%@ryqesK{N}~pXPm=8{}%Cg;{_-Dbi`|c
z1}lXXoEkPPkWW*He~;Bo^HGP<y!iD-)r)Pe0pCSk@MRTm|DdU0AW=cSl8-7=A4&Tx
zt{A5~;EbA{z|mkX5rtph;F=EC>n>iT?ygnF)eN|Wu#)z9OV-&RbzH(a++Ybhum~CP
z9?w8|Ep<HQj$g@p$X$>Bx?G><q?Xo@zF6zS5OkQTdw9#XK0>iSv&}Tst^@atU0RL$
zj9p?`w@LWWMT6r)Jg`R06<Z^s`Ba3kXGek?iN=|^ISM-QS|25jOzUI3Wn1_122b(h
zxQp+sYyQ`%U&69Rhikr>M-e!Ye~6YRwzPa=m;A#mLheJRj(6AL9>%58Z(A?Xc(U3X
zKzi#FDC7FIo0$HjrnfQuDNS!@`u+%y(&(v=L-dB0oO2K6OEtlN-G$lp8SHU!EgCDe
zN4_8HrgFkJy9K-?kcdIaUyk6GCjjPP3x_MsD7=-0W#!t>ZJ8V0vOc%vtP3#%j-Yh%
zi@o>CaBl7H1lE^slLTWQfwxe^$F7CIVpirh*-FgEaQ<~UKGWE^9Fy$38n4H7I6rC%
zmGgHsezzxb5VXezW4D1Ptnh)Tav>};3RHY22pabiOYJ`agT9H&jJZuRGOo!kSS~bf
z09fz~)@0aGE>_CLkY;U8I5@I7@CI|YRpU+pA9u;AuxD~SGm+!zirE2qk<}NNNAl-Q
zxMPV=%=5$<l31GOAz%J($5&;)Q<y2=f$=XibGkEPsc9U84UE>O(E?fL;@C)&n+H%J
zl$+0JTIA+m2?!X*@04*jvO;{d2jE|ez{q>w*@F9Jl$p4rh<5&yWw7`fEKQ)xM!`<v
zZ)d0U9vDc(Zj-h8H8Qn<Z<F}CR-!L4N@amW2JPV(wDbQ#baz0oF>cS~C~n+=&ko3r
zQE;bblYY;+AM|mJFJz8ae*tajS6C)f@4wA4>1_RTzX;QVnffoT#s{UO&|tQH^ey3=
z%yrnIQ7`C5ni<`o@mgPI3m~)C-h*|W)>rU^2FVS|4Z{jywAtEwIS#+ZlG)n(n0`dl
z|IGB)nTCq_s@$`!hk2j>EUvA`a6vyNbPMy$xXn8O#?a-WYn#lU{~Rvi!PH9qArOim
zT|-{*OiVy@ZwJ1z)ZS!0!KX;UH<3za-_PuCX|~Ya6e^o689cz3k9NLfd42h9zHBO>
zR;J(rBuJDj{N|gK6jDA1v=E6-D8(k!NMkynO0G0q*cBqystD@m8Xo{^u`fI?`tOj7
zy2Z24qfE@Rkz>+$=G8vPMt_6UdbJNR{coE7Fw@^b+N<4zB-V94f*bsHvR%P~FChn-
zj-`SxXu7kN#D|$8>(K@V4|OX_M7flr^K6O=4ca)oChuT5(`i_3{Q?STPyqFNrM{5b
zT9qZ`i|BTUQhGschVoh%qK*6vC`VUv7zCe28thOpU?=8+e?=C|Ld*j{AAA;hSQfSN
z3fL}_(bX;_aB}9^5UaoW8I+F#!*C9ZT=;kz`}uol`&O&%4~A{WM7&Zz`&nuIY_}Y%
z?3Mb1>BW>xZE-AVfwtSL-3wA$-$i|1?c+#B((o}ngwjA+!nzZ4zKjcQ5Av2^f!ib!
zbTx}5q+*_}3H5{Td>(DR!fNY7cpJ;~hG%zgt8zu!`lj?^Q7@Vvg%xEM)SE_8j)>N?
z=~hw44<Dfz$YvXYFQNq{cSLo~i0YOR;gLH}YNai?c>O!?yajD~fz_rjqLj1=u4JXY
z%dy?tq^*~3er|d(l`9#}&A9*EW-P;=VfR--chQ|^<(9npjr)+VUj6Wzg7Zz#x~KYh
zqKCf}(h7@FssApW2q~$wN|Vk$F11OjNIrr3lA<FyB0AwX*;#v_kEv_D+9!$VYq%gJ
zL$&xwOEm0=s<aW&X6`(jpaS+El?7U(YH@+)r8=@e%}||M;25k13zVShz6)$f^}q!(
zs(SPSp=ZR&t_1I4Wn5477~|`l3hySi$+7LlX7B4l)0?f2MQKb#X?dUiDe&0w=6?;$
zvVf=yO7p+s^G`H_0&FbR{|jtX^PH6(Yl({3b+1a+f|a~cSwWQDw{^!yFklhaA+;WZ
zS2o<vkIHz}k=nf|!<Y@-)w(Hq2mVCwG@j!_(K}9V{vG6Eda;AIZ0rBv7W!NKo}O7#
zVj*MW)%KfwLZ#&sjmghAn48F7{TrybI@EYGD6KzwVw`@;Nl|*V!OmIu9^mV%PKmPX
zd!G@f?~K!?`1e`-t!KtX-o7DD&uom+rZ_z|G?M*)yP+-af7>TpeL?7-W$On-Y4~IZ
z#Shu~^P&f^^9R5UcK(pJZ0kq7an<75Z(wTC`Y|2{A^3Wa{INl-c4&d0umC=Tp!cwV
z(5igjRmU`IN#i@KP0J@8Cf}2N*!L<P5@PCxGUXH0qh_kFXqF{}SCk6_NBUwoJ^@ZM
zJK;FT=U+OH=UyL=v1@Hk{uEfj$)E8SG3e)b0)Kd`)K*}S$(%dE8^WdWfQZs~KwNQK
z_=L7-rrnlvLh{kczd#|7_DkG4`-U&m>SyVw{%P>zg|sE2E}+jNEmHDxo-8z(a}%Bu
zmt~=ym35s8@XFW>@b$-{TiYMk#?2UTQnSkZU|5EqaHVRA-nq_r{7x2&v$|v~>szK6
zWWkj+EUCvci^^6Bj;p8+^j5MC-#Hs~yeMwFr3KOU!JIZ8AAA$IflMJgm>u+k&qFT^
zXU1flU}qF_x%?n>ozN%h*Ao)%3RjodR@XTcb;<f7whm;Dis2W0llp%U>-8p)2@~1i
zTly+^9{iu8FPxK^9&s%NE{V}Fy+vIt%X}Y!*y=K$%yGMxD?i^VmvvqOd@m*+U{G!@
z;#;^kmok3b*#4}VlJ}#BM)x}sd}M0Z{nll%-WXd1X0BeD$!T8Ju+8eWFbWSJx*LVv
zz_LjGLW>U1*$Z??Uvf24`T1=iRema3Y&0_#qP;IYIRm6T@oM`hKk#MCGf;tBzaQ6N
zIWi;OWSqkz9%^}=!|v-$UW@1yd=j^Q`WBa;X7%tP-1<8uJ?`GMVxs=<YaM(9_ach3
z?5oMR)9>DE{aB_)XXHGMn4qp=pS=k8D}~2CB<o@HZgDWzxL_%KzntGVkCXc?c!22)
z@asDWh^YS_l?MMtG03^*?wNZg__pL{%^hpEnlTvW1h)ZIe_rIq%<o+KVUDb~c`AaQ
z8$3chUcK)k)b({qtHhbOxV*DBVD{iSSP$l7FpHic{o?!igL%unKz9xUi($&au;{YL
z8GM6S`N=*}1YQloRy3JhyX03ib(PpNEuV>DA5DYROm5x5EPWRxDidazdFRN!lZH$)
zBSIc!EJ{R3xW1rkl(JGIs^<(@U0<MoCF}AFREIP63gvH@fqvJuB86`<Gx#++SCHUm
zTTa;>wdv2coT|ya`2CR6G|iv(_&bupk4d<Gs{3*4S#{_Q=$|I!$}$T7g?hZ&8}|X|
z94-j)I19HDR<)jsd+Sel?bpsh5}^}PYBGTIP2<wo4E&gDvPhw^7T;CGjFLa;cp~y!
ze?%^joJ%Bs*7OFX1+w*5&DhA7e?eO1KGA*_iQ5mlL;kkZ2Vkwj8s^h}7$1ZAwO3%-
zthND5j7Ir~urJ}5a+{<rf~CLM(tPs5<h$H6cjh&p^y@&);CruwZj%{}V?cehKa(iW
zCMC)<BUwJtR@Phl*`9G<XTU+z*I7;C^PiX>Ex_-8DQR-DwQZ2T;amnk;P?)V-ja({
z?U^V%oOd($S<GDuwWIM=#4l{(HBW5hYG0?oHeQM`#YNq6v2oBI=*D9_yzlqQ{k2W3
ztK1*Vy1bWaS5XVL(AE9rqUZ>&tID$PfU{%G@Ss!AT<l&}9&AtuuN+?D)c5D}67xLd
z)Hm~aNS}iYK9Q=c%UF<ZK4S?QJw{r}v!|BJ@>SQZAH=HsFd}pj1Qf1F?}D&~16lSw
z5F4&E@0cDQcIx*K`>?5P#Hs(8&m;Qm0OfjMU;Wk{m2&xtmC)1t;?}BsdDj|#%B|=;
zHh=3VB4--g(2c{{`MdCd?{hWogw*&W<?Kjdq;Wc4>3giqH#o9}D_9t*%=8@x;lR<+
zYhLaQ;n=e)>21!?`@;0y&d{@%>3q-G-Rm>?NDuc7y$5An=c~?!z56J(=+}(HIHCpV
zS8T_kyBJx|Hv6?3(PfRl;Zl18I}an?4}J$iN;?LjL)Tv7UY6JP@>BOt-w-kOIrtdw
zAnC$NZ>8~{Xl?KZRSS4aKj%i=uR?uL8k6jE{Gd*&5A|X7vVvQ6sCEmQzV$%#Q)4qy
zt^bCE;&(VGrx)P4_G>QRuY+V10V3JYXR*J>#kSzNl$%gQYk{b?2X)3Js19pZESMLa
zG2r5NTSa614S8Z8)h{;VoF${NYK?Q|r;hU}wC!pgw^HU+&;>BDh^6~AM%Zj0MzEv5
z3!wEFoxs|ovCsZERQ1f`$k(x4g;n}1*tjxm^2Ou?HDQZ|Akw^v&N5Yi*IDN#;Ch+T
z^90_n#&R54jjup~s>=Z-?7N8U!YNz6%3;?9)9KTkc*G3g;|}GFbjWZv+GRm_96KT$
z6uH{5AZEp|?Aq{1&zIbS$g`-P7HdaOH+eS;d~Nh$KV0Z@JL$W`(8pK*L-etB(#N}@
zZzTl2<>7foQW>Tuu_pN-czO+as%o%^L1C1jFFLRvDlor`CmL`#6SHwR3;eO-@u7J1
zbJD7Ka_I7Gq<C^&6i?nL9y9QU3r6u2LdByWj~2z_tKxz7h2kk1#p8NqXy|Ovhp}Kj
znv3@IF(A)5+1Y(-s7H{##xeThP-nv(V&<SPvd%%!EH7vK9k205jzVAbSM6~~IArn(
z+$y7uH{newHxitOzH1x-LDBa)d5=LzcCOCn8+YT?te<bZ73Bxu*4O?FcpRD-FXvS&
za|030MA)Tbz_At8tvjGw^Jz^i)Epplav2543zb~t5v8k{m<0);SO{eo2R`)sa8?I(
z@Man<$Z%GT7C(JxSu5=3mGLvsP}c$7juMO!w4oTIeq#;>j4>K8&oEYEjEu3uhl;`N
z!!|?Ua6cRWVIkx<%S0(7%|Ec2zd7L)@t>+yb$y&aVe(b)$N4iRpEiK;0-US7g8kKt
zdUqfek&enZPf3T(wp)b=48GzsM5)V9{2i#t$Un@-&*C4NXSEA(4V+hkPRl>^(KW_D
zyc}{=giqJNy_G}0U)xHx;McCejYrY$;F~<&xQ$il7=&FI-JWHhUwZ-H7c~7sq*Z$s
zHRDBmSwdQU;j=&s|K?x4D>OZwxrKhboPT}vIKam@MvsGhd{y+ggpb!pk3)Ri9zB-v
zD8Gj%PV+z;Q_QpNr0+t2NzBdQR5-6<U*cQV$Wy2I)u0`&^XqU!@HYMAtxv<CfzLdJ
zanSgv%aK(GF!6+wyki1-sD3qUcR6cxMnQcp=P~|T9fXFHar|mg=|J@(T%;$DgVTaP
z(r^auPl5*8DD?wEO1z*?Nf~M<MF>zo;%QF*5n6xfKN~-p?T&0Rl#tF74L>43R%rE{
zCho5mU8SBUl)$cyN5GKbtOo<8K4(_juMy6Tt7)>K9<IX36aTa1>=+vMo%)x^GhcZo
znj|OgS^xY$!Fz)Sdj%LTIRk|T`!L+c3jLx(4%PO=e$lSl^ZX@5^@OC4&jHP^5t>sR
zqU*G;Z;-yW9Gw1K?PlcFra^UHy&d*@<4>q!0Q6^^`s1WOqxAC|8zEiC9;bAPmD`n)
z#__1XiS#x(i{`1~<S@tt6ToQrpK)FVT3<_ABU3<TsETbf1r^&0)K9n+6L6li5PmCw
z+6K|q{dw&Tqrr_)!595Op6Kd<g7zamS=(46vp@L8Iz~2trq_X{P>-13AS%_bW}Vng
zm0ubf1tw5^9Hf(HMNh$9UCuXyjV(H&&W@$f>#qZlF}Bd^pTm<ewKF<Sc5{{=;S8$3
zjr7UR;0a*uIt)<Oppq4j^{Vzb6{09W^DKTbW6G|z=!W+(4irZJeNa389(KH6`v`84
z&YM7~eC<wTC8oyAE;J5on;MTH7s~LXDBYSwTJ@dGL)GUbSTw#YpO^WmJ}+U7A4}vB
ztl*?<xJ|ah<R|8;Bp@+YWyVhCs>Bn|RZ%bfF@E{uI@U8%d@?iB^=4)|%3rtUe5dg;
zE^WO(F-;x8JoW8Z>{@J!${8udL!1E1=*x`MnxTplU}mVXV>poT3x{S;DGyl_QmDAt
z=Pq|~3wJSY;V#DE!2DF^qh@}JLnG=l-3^~<NPQ-J5gKmch&>;L61x?00Uw^<l|D#1
z$CHWcZXl7*^1Dd2A7COfjIT!5PDbg*9T+-L<ny<4601HxKNsEjXTFpPE+?>*^x;tq
z(owN7$D#8a&w0s9!#OO{*N46*(r;0n<T(H4?Dn@XAL&v!hy8+c?w-jx?Ddp^o}8Qj
zwDdNI<@|UpC{4rN;RJO-8|v9TgZ6nbPSSIw1^78Hz83e_bNq+a0Q2H$@H}l^{BaK7
zWqjG>wf0Fo+w)@0{S<Pk-0o)SDU`#M_-#mU?U)ktWnOeeJSAR=Jf$r$CuY%Tj9dDF
z`KkKBniETz9_PfY-qe$r$5xTgc`R8I&truP_e*;#!nOaQc_M4)Jdt-};LpJx{Bk_v
zwi|Du1H7p%-wTX8EQWS>6xE649!!Z0^f}9Mzd>~-QLaYR330CWDzklK*j(X6DxBZ{
z|6?v%z+7}Kbpx8E^P(p+7d;fZ|3(@2kpn_Cl<I)E!BbI>?P_2eO6LF1PD8s)KMjr6
zJd_fVoQKYtdFUv#ahrw08X=Ubn5LXt&dGFi|9^Zs8qP)MAb*^T&f|akT(lp&X6#4%
zT$K6za2@mQxhV5joBV%hF8Va8>2STQ_qk{Uw$9avQZwvc<I2x?wYUU>p-FQVx`=SK
z$lur(dV`KZmJuB!LzYh%sN5r4hPK|sGL8K(mEj4U{c$&T-2Aqej%hvfkSu!u%laC_
zTzhIK;0au6&5n#Tz6^yH98N1?>SZkOHmP@9>dn?B1eaG^syJ(to#+5V`*I@g+X?H{
z&H_rWb~dh!->e4xjbi~-%FSOjf|-oO{nm~n9xS1pAa`t8Z$#<Z@iF$C{(>2K=F9gz
z?x+7a8tjf~N72VZ4$k8iSF#~K_WF*}MvxB5)*DGjrnVoPEo^5Z<Y%bfU&Be6r{ZFM
zmt9_BC32`f$2SYno5pS+0xXy5Lv43bgc|f|4}HR~U`ZmIY3$AA>y>=c#kaU~ILE;r
zuJb0+lGRV!RNz5!r50PuT<m@iP@n9~_B#>~jm*r+m@{zNqFj=A1I~$G3_OU@5g*i>
z-xGo&Tf1o3GtJLXLDx{k^0gN+o*2;+Q)dnorn$&t0`&)+`4uQoxDj);*{p+)3u8i)
zZ;b2(YMfbok3|s#?*mOm$Jvp^INbrg8J(3^KLg)~z1Ycet%$r{3;g_(isU1yD;~Z)
z`erNZn|~SlTvs?&^6{GJk*%1&CR((Z;p1zgM^KcRzcG5m2V?Llis*4QA1{d>_u}KF
z(c|8Hd?b2Y!^ihV_3p#RS4MC5<>PhH<9>YH7Cr9I$6EAw03R=l9-qp`%cIAq@$u`?
z<61uABSEJ5Pv;{f(mbxiqr|&CrYv+CCqsr84o0^AI_M!$>QJPdc|OmRhtu~1;&ls{
z2I?<g>KpQJ8kwDM$jWpWa#gy{#>U#Dp86Ex-%S;g$tvpi-I>fJ_Kr*<wlXCKV-L`F
zJi`O#F9`c03Q)i@^Bov~rP++0%A(Bghw=!M!Tin(o(<Me3+{t4uLBycxF2wi)xTqj
zNUG!Mqx=?;%IcU?+)ZVb_~<9DlkfyDaC5-7qfE6cxJ?E>ffKD;6iZH7<=mBTuH8af
zIN6s7!iT6YWU@a`-gx>;hK!gf;uj40qfeFkBPfHfor31N6#p&P2K@RjkuAAlY^cjM
zCg&^EZ_<}u&BGwpI1GetWG+iVV+!)eA@5#5t!l_PCXWHGTS=>!BYw$j%7K%92&PfN
z@%w^dejeZbp}v%Fz~O6VZtZZqjK5(0u-~{88qI|55GVI}a88W6{Uo3$`d8eJ-3HZZ
zqxhw<t$fTho(`z+hbJ%auee3afEQARkD11_Rpto)ircgdqG0eXZhtEuGr<h?sWZEW
zf5qGMwS-Xa$^y*DG)|6@%p8qq`wxQ+ILP=MX%*rROinPT8TZ77xb|ms!d9#uOtua~
zzo9b5A+!!>I@>w|x6rO$fi~ZcHixh}`w$ye`$;5+mHHm&9<#9jM`SmC$6n6VI1Le9
zAN-0Y5G1wL?ALye7g{s8hIH*?5X*>$N${Qf^!kTyxq&upC-8=F4~eVZk#~a$ROdWq
z<kp449~*b_gyFg-MoAbuK)A*};FCBU)_W6^K@OzGB<TBqHa(h`aqR`8j%zPuS(G3D
zCQlt)(V9p{oPTv9ADdFTzB(dh?KSBmfmiefziFlGgiYq@TCWt}M585ndPDro6Xb^a
zS!_GLaX=bbM%XW4SRI>o7VssZ3spMoFv6oz5@CeTWaWV89%41FpKoiQ0uRSW@k`Y#
z)VM$5DE+pvsBCQu`Gr%%hk0}$%tBqb)@<k^J|XEG?2bMQ5238VVLS$pXn&u?^=bQS
zmy=+85H19J4R)TbJX4t#Fg2<iu)nm<+NGq6K~2<&>yZBzj%ycs!r!GY_zU@mDo6~*
zZK?hm^p`mlG%6%IJD~q^e(=|%+-04o>?Pgo{5Wnz^EjYs@q*tzJf3M@kUo}aUXVV4
zX<lZ|h<5a4@p7K6)dO5+qhGRLqS-v?rBOjGE5j}kt%4dvmKM;u4LPomrh6Tmq1}Yw
z8N2i;q;#jH!AJK0X51P37PCNGoLYq|?5SOZDy4F$Q|y}KM*!Pj$aYJ-_A10PR=&@f
zM15u)lFPLViR)<ikD^MXn`KWG-Rj&S{VeR3HPNSk7ny1#unZvJmjb-s$=42oIT%>`
zI=sfGbI{M?D+UXA%Y{2BDpYUB{DD6VNB#h(d?Rqu;fLmt$?hF#ye!t#vj;)2SQI-W
zuOy*SB$M?U$9aJsDd!tIunK5{gBEO071v#eGo?FrE$AvEwr#P>SO_<tbB#MupGXtx
zqEHQk3FRWkGJOKqS>@dR5LF`kE8{#3_dAs@Cu$qe12C8K&&Cs!i!}9O()tSsS&L<W
zm$%T~CUBgza~!`U4weB9-coU#+!e<qq~lk_!7{+XTZltt!NiFrd&mkFqs(yLeVyvX
zWH}WVu^ZGEcPU@kjq)bcU1pz*BRR^at~GXq`E6_H_<jWD3HWjm^i1OgXaMx0^ijM<
zU5b<aa5COXsev*rV)}7R7{+if<EL^?E(~IjPC{VVt62EAKx<+};sd|fw8FbEgamjf
zK&$^5i_|7|0iRuh_~ecFKzcBA2J&*_k01(vIA7cP4Dfq68=hjt*S%|NFh&p+ThKGb
z{bR!g{DN*=brwP?MWW-w3{%5lT}UkCe?LHvu2+`};cBZt8$)Icy;v>338jKaCHcN8
zDvml|Xp`k{(J<ISfSmWoa=xE)`m4g23g3AY{qt7xpYu?29_8oI?7?!(rmr-eGE#yM
z?Sf%J1{a?07Qc|+*u@I_Dtrnf3p<X@zMNA(=5lQI<#ab-q#vGx7r~LA^d||&;R(1r
z<Oy&^r+yRRiVCOv9q<daEs*SjD8gL6P@@)VJP#L9#5->_#Gk8rx>r_pRvzW>^Hm6Y
zc#gBOrRlxquYyP}a753XV%BI*!-E@q3o-)(gQL;AfekIm^nyn<cM}&$=1)aIFI)Q^
z^0LA8d^59!FM{teXE4(kLc2#sf?MQO3d{`_%=gn^>K*kkx;S`)z+Gq8g++)mY8&($
z@8m6OD(!+`n}xts{Nxb4Q4mOz!qzhCKWuB4YTs-@Mb*Yo_dsnapPL^gYnvaF>%DUQ
zIIbg&!?4U4ul*Fn|AP3^D^W<C*O8EXM2#PsD63~2aLNLD2BFKhgA}9FCUMU7C`iTK
z90RecDaJ{dz?Y)>+8q2jRyEHD(LhCLprUS=i3TcR<eK<R5f8+YwrikBMd4jS0~KQp
zR8#}TqyKq?r)t<Hr<eH6io7lYA)b$WcWkwiGO+eF;6r&psW}L~AmUVGa>|3X!@&@v
zKVl*V3(#c?#Bx;p+Szd^gIXWvfV6^If6HeR)H+;t>igF5TsGT&*akeG&t@Btl!!^*
zLX%u652Q6|go^Yfth^7brBcAJvaVW!b}>^`O~#QO!IoW$`-d#WOrwxc%FoJv;h`qd
zw<6(yqvg?6@X|BbF_ef4>Y6d9ejQ02Q_>OG8b@3p+M<BfZP`1-kpn7y#9YBGQ3D{l
zXE;B98&>+^he)wP2H$m{=Q%tMjWaHK7M>AfS5ALLxRm{{v#!`@Vq=k>2xDWBp6MI<
znCK;>*YyqEhqUY5=iIhl_ZS`L+kFE+Qds&W!{}y}<N1rwe(0OqB4Orxu4TMU?CFSC
zy8+rj;?*lss<sdoHJXn)jB{e+ME?_BL+fGMZ01tITQz4dcf<?Rz|XzO7VP%hQ4glc
zlTru+t2GCF$xXxHa%$@{m@jKrt@TVcKJ6j*OeULrSKEqG#o4V6zTXL!2UlT+ES_cT
z2qISbbd-eU`4Ot4Ye`Hn+-5;UJj@wLg=TAEzxFc}u04k%*KM*sz<&*OqY-8q6R#zF
zv_$g<1GVl&kXS?26`-m=Z^gO{6j+L;>k#<D686H-l!Au6{E39&WFEOdpO;?{>37_6
zQTW2|&_i4N4TVrUxWr<scF}w7FUXeVT|^`b;?{HU8i62;@cSsmwZC>STohRyDw}9O
z%GzQ3<AOiNjcvgHkK;e)8Bxq$0co_~*?|8HuhRXH#QZ>dpn<lw&kyL=(SN&GeM0iD
z@c_7IRHw`zo(8<{5P55!rR~OH+i_$fZ1~-5t60#IbUv6N-BZh=Lqu;4%+5sfh<q8+
zAibASum5Iz(Opj3Xa^cEfAv=)7oR6&^XO64kf>3G=|yM?yu&%1<yUc%=}BHi0$+<~
zOXCTKh*N<x1+JKF^&sBEMVusXo9qFGVYE*-AaojW%$;8L^6G7ibd+mmALJ0I<ZT#B
zeB}Z4Ph8A4o_dMSJsd=1&iC~#4fm~{4o;eR$hjeZS51e^b)`|5jyxCdbSA=5sDn41
z0qA_j!n0v9JTe<$Dd6F)3!aTT!E-j=>5PP>fQPpb57!q?MZ4aqa&rz|VRGfp9)-9A
zK5%r1P`&_N6}%r()MER>+!sc<ti{<eSaRy$!Vob|CwR&YL1)BSbEL*ch4T|Lw_(4E
z2y-3nDwKSe(qYCe7BRBUNdN4`W@!Eu^;3ONG;7a`C3jpUcPqsd$_n3Z9ckQ)h@E06
zsQ;&npjty-!{ox>0?>KrKF*3W;&~|7SKm$g8Xq7XZi7m?gaz+^#~u3ey}0$~A&3J$
zeq-Q0c#=t7q4s$s@s(Nm6w?s26`O%mN{4yWKYp&hOT)da_70YR43{Y9oy_@;o%1f{
ze3v-@moqXMv-LxJ^A6DWo=*C5wYL%M9)cx^9DEW~%9Ml?j64FOg-Uoqo@n|!I3QGt
znU~3$pHV9D5$LzGZedVJ@*sZn1p}@iYa^qe`MuKTs|MUScm+<Ch=nnZG&eKfGBbel
z@L<f=W+v5`Jugn4FG(|R_|B7piY6A^bZ9*vh-P5Oyg-;o9nbLs<?p<YG-D1-=d(Cl
zF){qyStwy0KX{1DM#JfNt^SW4yXZ_7YjwGB8Vh79V+CioS@}r-=h>(UUqO<|O7L-F
z;5kHOg)^AoKFQn?W|n1!ArlQ#Ui^KOPfj8XoK6Ndp;6&vNhUFh^c*6!rx3vdQdxqi
z`_qW}ba$e(e3yC^PV4<Xa0uBru&nih$Ncuo-njp>$OjIM3Rgj<nOZcCfujr~Pl3Q*
zbK~fEo^d`}qYi&$U4jRNPQj~l5EIv02|kNA#*l`7T^RF9$1W3a0BZrRHID#C;(a#w
zLRf(Bsq)Nwewr?NH;Fy+TVRgg|9_c#6F51mD)0a4r`E3O?sTP->h6T3!;(;Rr9;@H
zL0MeD1w_CZP0$etDw1(1tV&!`RvY&Xkc_A!;)e6;3_7m3>$u{+AS$i|L|g{<4bf5j
ze}CuP=c%VU4eE^V`}yaSuIG8q-S0j3oO91T_gu9{iwF~6xM76p-?3e)T#IuRc7uq{
zYmB$=MTiI6uGCn5BMt?VIM_XzToa;Qq+Bc-r2Bjga&j<3BJxtkFp`Y4j&Unntz$~@
zaN~0{#bfu^UC`9HtI6gooRQ|?$UsQel^w!(j2<(m<wi|*$~X^8bSoo18?I#yGU96x
z9HSvLj3q)tIQ!O+{r1E%Hw3ONtJjt#TLzFXo!9WA97r7DFi2r8x1z~`xzs>d^VW@M
zKnw2fypASKU^FQjVQhmVi(e3|9M{Tr=Vs?Y;7;OL+vnwfMkoBy*9_7b>pa%ME_<nO
z;gPb2RF~vhU&$o~4Au5OYZUD26>ZliF<j0S{m?$$xjf%yIGuB(T(CK5(lqF-S{D0a
z7w2ber}8jzQ_<$aWciMy7)$HIHLGJwTM9y&mxs=u^4{*{iIzA*js;_fYBW|Th80<|
z0YZGyxl6#+cPL$*eTVu;os+g&4T|n#LVwH^M3bN=nBzsEc|M~cykPN$_U=T`CgBpN
z0@xvdB>UDQrCAFTpcqY#M9pS^P5~A2109W;D+6>o$nb?|veHDqMKMNNF9VqhOD$*_
zO-_n#9E(<)x!lCq{D-ZwTBxc@xZ&G~+~X@(ul;y)U9h=jNzH-Hr1r~e%aKARt6DS!
z3)-(yY_OmmR1HKWTR2zKVw<N9PiT=`jaG$<G><LMtu|YF_a?n@3}H%&jK=3dNnQ7&
zL!#AaI*DJIOx~i}n8s9kG+7kwc$MR49Q`nwTbbCw#&$RGH5#{+KOG(T)B8})R+&Xo
zci2t=$3vba89d#Mprb)BI-f%#>k|g{k-aN}Dt1uJuP0uf`n>GEr@Fi({5h4nzEkzc
zRoDU(r>r(t;|*VQLz3D^g!Xi$s-g*6p<XtoH|||tvLU4+rDW3p`3adJ&k9{_uSN$S
z?mSa-Q!+%+d;l|3n3?6y5zI);6k?Zh6-RvJT{Z_i&Ty{rMGB=tuFcsv90vfKz;+<n
z(gyiM^HckkxoCBsjQHo)9~WrYHlUW=y`8scLEj4pVOz5BTv<=V5c2>$U@7260cT~3
zl8L#4lnYN;1bl*kPh13S3;3i(z>a`VUIcucfY0G4ThIjpF0SWx0iU-h=06I!xSl19
zWcC4$2)MZNqXI6j{Fs1?E5A&@#g)f+Yu|!iP7C)b=n4TB7xW4N7Z-G;fQt+I@dUsh
z@{{eQ9|`z_MZlj3_+N{Ff2srg9Y5LRAm;#3c+$SQ5M7k*Is=~a4uF}iGvK=vGt(ji
zenP-Ziwt;!fSDE<@R#cWW(LlHe-LnSL6r>v7Z)@o;NpTd2)MYQ1Fr%2R5~@Z-3mHN
zz}_O@{RLcD1l%g%(-r|QhQ}@JUIcuNfKOipyhv5b^t_dRPxWU8=M8vY0W&ynz}wUz
z8JsuZk;*fJ3<i9FfEi>k;3Ea>BZKHf9GwY`c(>6$({C(Xq$wqX6qd9rq02HnX&j1K
zU+W0B?K{8;Mb6bBrvG>h+_Eo6Rajh_*_7qKj{JL)M;26vVA!-Mf$Rqo^VhIn^2@Lq
z63-5=;)vl@TqrE3q-M|Tk4rDjdMy{7Ou6q-yNv8ra_~}GG>!mt@l#+fxgdHJr|mQE
zpT$Z0DwuUg0HtjiGWu<6z}&{soF6BVwl`S=vIa64BW!!U720kKBU3u(d{4`P)J^)(
zC-B5bN9wZN3hfp6E@h>8SYU%F;$VZGYkjID`Lo!lX&diV42$^*ZvC3E+K@27PcF5B
zL)*b=pKCzK<S-ZoI&U72j(f24Cm_+e+oCb-I)=m(PbUr@=ZrU}`=^!WfddTM<$+*Z
zi&fZ7aH@1Q`PHTB68Pd+bm(yjUvz!pM_p#sa5fq+s<6xfhdliKs!QA`!-YFfK@wOx
z+#N0NS`<#x>|g(2;BGCKoZ#4T*~jbCNR55|lRk~e*yn}%H1cAfEqxkcvCoV2X|vKk
zpP)~h<M!Fsr%g}$?C8@brhV?vr%g%w+^Nsho^kgR^(n667Ozjzr?{DaK3ShOT`lcX
z^!Z0ob^F|<&pXr4E}u3p7+(oK^rgkCEIf}86eG^qpR12R8{Jm=jSQ&%b$-d%?tZ#*
z?N{L$`V=emGM}kWF;V|~mOjNk{qx!S6yx;I=kVzwi3;^M)y3bQ&zoudcfTNoy^yzP
zK@7Dm*3drXWw=WIu261447DxRkOhjNw#6E<Krz&|SVI=r6i_@U3zQ_(79DOc8%hh3
z%(M^iKmkRZvoR$zd7hc%kAu3lMewsRCEx6mr{tS`@|1kDPo9#)yhAbtNe=T4$p9sX
zd52_xlEb`1GC&Qn7le<Mq?0w!UQh<8;r4<uKn=PVlmTk!y`T(G*u78B{|dC-r}SS7
zXycwq{u=>p+%v%21+;O`0Dmi>je7?8Qvq$<Gj0D_nr8<1^EBq|(9wW(zer<dfWqd5
zO*G5U+z=`=x%#u)Fd!Rp8)Di%z&(=PG@<ti(R^>K+-x4{{BN&(Pik0gHA+cA`z@;n
zLfRuc(cLTt9xGrb56w&$QmisU;ZUxHn51GMnlRarlrS1HXG2WfvosokY)DFoZM?G~
zDNVLP&xWMr*+xDal2U3L{%lA}mfI4dvLPvjZcCENhNQ&0EpaLvlG6OP#Jo&M`*G^b
z3{b?)&~7quiYGz)s*uD&h3ILhB<_JwVSE}Y(R(0NsGo*P1|JC397sbYj3=QYv<u=f
zzT3HA-=gr@Z;|-yw`hF!TSPwlEh-<rMZOn|(ORa?a13bd)^g4Ojp<tU8KALVD<cCm
z25bcx(B<0o@T_aK);0#W$e>=LU_oMPK9}sHNEU9AW{aIEP}_4h?@VdNTD=nG?C?L@
zm7HHT&|kCboYMy+pDbwXLRq88c%&OGx}~;0o5i{fc(SLZGW+$^H2w4Slx&7=T=YSg
z%^KU-hN<j5990wA{~y2%QGYd8mxr%F6{^h_4`04P$8R{Ay=8Qm8(j{+skDp332x`K
zE}}km21hbrr5YXn9x_Yzzm8Ua;4n|cxSek<(ixNgRQY};Kzgcb>6ljl#caaNJx7`s
zWgOzr_F*$#mpU$0S4l;4530Dslx=L;n6gc3HC+z9nw=+nHZ~D<&Hk^$N+UT9VCG-=
z7J4c33X=+Rsm5-VDP^9wcV%$1Gic07)!Mfb-%n6r^h9=z&+s!*!M=mt!0{)NS=BSc
z#M94p&PHcGH5!*p9Ah2()R(!=NGAtZe>xhcKxE}ybP}0=XmNj_8H;g1@lz9tDg2U~
zqJ0Y=G0|K_2hqH2dNXuKpi8vssA%jjDdT5J8TTWjeH!?em$5*pA67d$Z$ygc+?S1I
zwfW$n3uDQGE{vX*5##9aPMI-EN6Dyat%yy7G~%r{XbIrU64}n+z~!N|J$2v`v}bSJ
zyVA91W)4_p_<c*B4sg6&8y))Kr0<tSTOXI`>vCon{Sm9@R|e{N#9%#hm_=BHzS*yk
z_4jH0{!Vmx*QT{mV=ya7YLnDulCf|+SQeddn%7117hSv43|}g{(r&_6$Ne>NdKAgl
z#Fw!i`Kao@qLSPB#yC0pGRrOI`brKOn#KH+sjD9XS<rHz63w4R>fFv}d9u;rW8NlY
zams2Znrt{YpC?jI^ouQ2B-TSU?UuP1Z3K?vdXMM0TN<vtQ^F-tC*h}ZXe|xb<Ro0e
zbrQajbx0bneO1CGXD8v9qg<UfBbvX28s&ECqGKVCrs-B%u5T&STfgT%SM3*>OwxEh
z%UiqA1_h-SF;uq^Er@Ldiw|w=*dZy?qgUH^_DhPI>vKCV59MeNhdi_{A`hzcxF;n&
z%O(yw+hwzljTc^oG;GxlhdS=CsU>@-{5m`35da*|y@i^I>h>-n%b5Mpk3c;;r?WrP
zyA%j`oY2r<N3D29Lld~~y>%7a;Ov*$N8?^O7B%7BcF+4f4P544Gwh9?w!KpH=bbU^
zY}kP#%|h{lK2P(tv)fpA@=_f9i3au8&hAgz!yA7fsFPb1N&Mzs4A{qnui$1y;s1=y
zaAof-R8tOTf(->-`Z>C^?|w#Kfvgn+JspacjVJzRcwg)OXBfd~*+!>zN#D5rcjGvE
zBJ^1t!AF8!c&>4L5&%qf#7-mnxYf~_QaDcbFzTF9t&B9+2fifr{HV;ZE{8a{PUZZK
zDcuUp<jW~D8KepzXaT>PxLJDd%}}=BW=WRJFVuJFkXk{stU*CoogQ|2!aIhd?f)2=
z&7Ru5z3VhCX~VUDMH^NmZFpzehOeU+3bgkxZo@Abr)(QmJ(=&nqzxZY(+1j5h#ti_
zd_ryLZ_4&JRb~bVbZYoo4mPF<G5*Gq8!PU*#dlXI)%I6bM9mXik0f7z{};=ao-f@*
zT3ojDjXDSMNwphF(RnVDq=Nm)^LYkgPk603pRzcuXQv}}J5p7ckm4uO&*1x8x~>ws
zE<C0Efe6Lc@A<Xeug<5Ke3ohUq}hv%2K6p8!jt4vFj-bQo4Bh8X4xo*sfyNkEFzud
zgBg3EWu|-S?NKJmV-s~LKyQ+8DNzw=$E7}f2(_@7x>79YVwKR({^ueji0Cucj;_G2
z(<?5#jBSR*{1U2l1Wut%<?7qW(hHARoO0*Y^myl9lp>S<<9H4yD%*vB$z)>O?zkxD
zn%j&$UcsUvb?EZ8er^**Nt()!hZ%V?u<0E>vDr*~*2l3mW&_YUnaE3a)IY1EXy;$l
zSBjkJEBiDakuw|1&v{=7+}QvlVRx_Cn4kioY~k3CDC_fzmvox!SQ(J}!~Xv#9h)EQ
zSaNy!;+~yDQUKPt9cI_L6uoMuCkwKSwVo`5p3DypjYNs1hNk30Q(8PUWelV}!*a;b
z`5tsGO2%aQqA}r+=l-w)C=oXfYdnsJaq1=Kw~Ef5oP2Yyn_XTxYbH}KQ`~1L)k}C|
zXZxjkboJ3#OBua?Q3Q*s5avVP<jyZx|F<5ai(3~iw={~GF%CTyHd-xlqEmSVKV7#k
zr;4RwUALG1mUnA8P8L)PZtmr`-1#bK)_EXZjFqQs&f@49NP1s1ylCIRIr+w+(u;Gw
zPh|cFGScPzS;UOnKTaYcIZj0jZ$_4xIo9^%%}Yjg{s@bvGxwGk`_?<y;!#`V;XzYr
z-ER7tC76b;8ku7Q1o-BOgnZaTB>xd29|sEAKnN^AX(ag(B6kN0K^{06PU6BV^H8n|
ztMhLqm$?0lcZDjL_{YLoehxwmaq_tRy>})tWMuJ#Y&DS$lWNLzf+FQo0i$QCSxu@b
zagPvrS5U|XLP9lVQ9+0tEhvO)?&w!@BrNiQzA1&4W;ZPy&lv62c!xQABDK7Zv4IqR
zi-F5G9<8}5e0sUYw6je(^fq3xIV2o&8GRI6U*f|KU$)Lx0?y4AqMhXRC5<zvs?@D-
zCy_|@b^-dvVe&OlE!A@^Ln&;X$t57x9UzuD_r=#<V>|FsWE5N}nxD7eN>QsZ^Ya$m
zY09-?SZ@tQXFfFXZ^rw1?#Ik#z$>VO&xI@XhQGjE;~*V!dSx2$D!q}HY{#xcD!4u~
zPvWjZTbrpLra$(MBMZ)kmKqJJ*@=bp(cYC4tm&_l@KJ93M)c-I5Wih^;zJcMv3%iJ
zy&a}S0Skv?UPg)PHH9~xPjvI%zT<_+{P|WS4|!KnkZkB*$5X2ctA!Q2qVs0T?X-=v
zmu>w)uqu|ktHPF7XFFMqM0;mtS-<uv)NmwIL;2Ec3pknqX6~p|pK-R&=4-e`lyk4D
zGPB}Y%!&!l$fXY7OEgE_>b5>(^CvU8Fg-J46v;dj%lKZlNPw6akM@pkh}wUo8ezhX
zo8W*U(4gcnQRDp0&EVI>a&mbwV#oy7VK3Fc`_=Zt(?V^+dLTSH7t#^<llK(dyse5#
zhub(qosR(#MtbI%@L%b>sJ5au(Rw{^6DvJ#<Ap?9`v~0et*q4>JJfavrE;lFHr}8t
zrWUT?E0c3e^mJmnHa%IJ%2LzXbf26~tg5Xtk~*=v)<3AUytcY?ufx+5OzK6ch>m?T
zx0+%XHRk46Yies)@2?5#eXjMZaeT)vUG032Zt6UM946MXK3qF{@248NMeBGl6wzk>
zSlik82p-Y-{QV<;*Ymd&oNaZ3OTWfz#E!4+DYtlPZR7fdD7qitTlsq>u_QC<pZLMy
zJil!Gpg~cR4R4lIDB{p(2F2Db0)83Mv$KM_o8%Jcm%5foDw?yGyuM;I2h#cz(VIC5
zt@A90csFd5x<^J>()Kj&Nme69)kfjb>Jzv{>lPsr8U-!n#WL1&6spkrjIz5F-I{%U
zR$pef^)i7X9EgzeyGmIa=D5XHGINS}rG>}2;d1MEfcZ`n>JU~lZlZkbxprK8$@8|-
zHR1W?;k%fL!<{ms(JtC5{Y@M#i(dau>v~!@6n*aV?yvC*i1&}F2d0K8^?tRmFK?6^
z4<4_v4wLMK4MX%*^;f=CrEbzV<lvvkzQ}2F)RWc0KXmTHOEupr6T=Mb&657W2xIDg
zpYX9ymrRlEFo`B`jaF>kpaBe>QEF`R%;_}ISK)!4+}0z#>}uu=crb!(M!q#o4nFXE
z$)Q?m+(4))0}hYcZ=qj0x(;O*dF1TO&({o>`W&W`uNFr9EI@|Nis3(;8Lysc{YZl;
zC&}XWzHEM*>OCCmi1OQc_0Fi2oNQE_eu`{VoyPia=K`asc(f4VKq=iaf-%e)faU7T
zT;pQkP>O<1(mACl<}i`{H^7PaJ;`Lp(idE2#CoZ#!Lqtl+$9feGVg3M!yreTWtJ_Y
zQAt{w51dUSpKmB1GBTEHhA*?U)DLGj9to9mg;vbj8S9MO=#0ij4SB3Py$<DVB<5z(
z&Ag1_WA)GQUg-}W)CF6E{=j)L`U2tTgHGx5;s-q<@hJ)%-GS(Y@IdFczG--{^EsF)
zf{}RnLG~MO?;_jwL)qwaL+jiQg@Y%-g&Bw&T$uIa#Kp#8)|8UT4q>tTX0duLM0;0h
zV&sft^j@d;xGPW#9|*<X|KV-c^e|0TU;mJV6iw%H^fZcP@tjkAoEkc(O3vPtqm^r-
zQJrBjnd4tAOK>$Gy^ZX?W$kpiJMOAHBYxF|*YaBG3rNN;M#^v%m6~N3<vzc_Kv;Db
z)si~&P{!QaqNR3tUBopZZk-c_=&a#nF0I;i?(G1sC>Zvo%+ElG&iw`T6=fj1s-ots
z_6lCf^V_tAuKYEzGnD7`#2Szre?@o&q`My(vQ|ET*OPc{=vpDx4w5I!S;E;oI*IWK
zQqo4n7|u|h1hSa?_=rqBwLc;Zf*2e(6P*7d9~0r*K|uOGx7;e2^$0}wBGOiy!@gx^
z97jCnGUDH;af`cZT<bSf%O@yEk;=7=V}*9ef)Z^<%7db97_?Nh9p#+yUofpMr#{KF
zl3MOMeFv4+@a)i$YTH54>}kmy<NZ;|9OM1MXdE3q+?V%-X#CZ@tNr5Xd#ydW#yzPt
z9{z2vSc9_*(KpaqTX^b)b1^Nu|H_u825H@}98PF!yi>^YCd;$Ikqa)R;-?ZfUdlrT
z_2MyAB>dJ7kzCG2lh(l4J@6LkBnc}gVQ^x^6qJst>)GUcv+~Ww=3^{hA8DS>ZUeS&
zrY$F5fsTu<*ka2H{}y>~<WdBcUTo>N0V%3%obY0cEfwCliXYB&7-KmgZtUhWntflQ
zB#PasV(;H*I*u#<U5~Cla;;qwEq+ZyHq3G%*NVnT^dV=5UzH|x%Q;WVE{ywuz`V|K
z@peh(`i|q2GHn!W9J(rogIV@87^%2yurtbpv5ID$L0wH`pO10$KJvT8^AosLBY`n@
zb~K+$7&Vsr33C*Q9k@HQX&x8O@j;w)jt_Z8LXwC{x+x}cXl2Av(}wiQou{O2*Jh~X
z(7E@gXZ^%t%ZNf}0gk@ij(Sp~_jf4E%_)PKW_tjRGYlHy`pCKHflqW9N4n(y2knxs
zx$};{qFtMoXqRArX}glWf$#Rm%QUCPFW#g<wYUFB-`?y4EgteIhVoXM4?%bHM#AE*
zVzeGCjm?4pC1)Qcb5>|Nk~yw;Y7VU(9lqp=;<|ZBy-#LNK+{wXM}eNEB~hU~S;K#)
zEq!cdp5ZpWGASnRUc68{e8j4d45Xk8>%!8)TTt3Ssh*{!5$B23sv4W4oz387=Ry30
zGl_w<sM519fSKHbpbRs43-Amx(cB4pLE1lxy9#d|C0vK)`CKTNUzhKxkCF(=)DG4o
zI!GQe$2BbBE%ng^8Z{p&Ef$eRO<gi<9jkSMk@kr~Y0{k77z4AE6UE$)OQA@^=C4)z
z{<PHk6TeM$CPYTbQ7e?|m@c$ZR$zysTvi!I(SbV{Q*;D(Fxt{LMMtuwk96gGxkJ%A
zu1V-V?;m%%pYi+mFegiWzkd&Rz~QL&Q?Gz_qhN3dDEzuN`1O7DU1!G{Q4n{n*BGCW
zL~$RDhWWN@6#(GQ);cKHIt|QgjR4wlB`OQ!BbkakVsS+t>43W_Z~0$c9`#Oe!}r{}
zZ>6?<-+iX+F|US#8_#+;X`E+yT=6XDBgVeY{af&_Hf8+4=4;?zlOxUZay#F?h<}|P
zTNR345#wLS{4ZJB3o`Sj&zX9XS6CRnL!A)%Yz@yJs*Z72;8usxWTvFbIvdXr7rTk*
zzdWwQvaqK);HzFGq;ReKkvEigDk=H$!zZl9Y%Ot~;dxpdO;O~reeQ1)KbRx#ZT-6D
zT02!)u&>Rtb2~qN$H1vZqs^qIq;|R-I2J8i<NLPCOEUiHMou6+{{&9jL2<jXr?OWQ
z@9|_(a%I@x!_v&w$mGePXk|T`kc=-G<y7+dk=N-O+U~X!o08t#p*odzzRFiNENf6Z
zm3HXUE?Dd-i71txhOV}n(^~H3<ojdt4ck)hB0@5dC_AR8QKfl$P;y)YLP^Q-Sek)Q
zt+-|1MLL;U%6W(1xQ@?J4|MTn{b<;sV8v<@4V_?2{on552wI{seJ2GZ{VJQHM?T4U
zw)#Ulpr2TO<Qf-IpM*9mOlf}VeWf}ELowBn5g%ibT7oI<P-`UlG$RdOGOsr{9;s+^
zo72zNdBRcsa8v8{!(&zeQS`IBDz{v;_|1ZGa4S`H{l6*G{#<n#lxg3!h$j4RWm?hs
zdgCbxt&OA8=!5J&C`;S-(w9(!_vlgReL#<{ei@AAti*fo6J$m2{XC-PiYT_j@&nKT
zmym<mS>mz0rN)(~@^#7P-FkB!&=__4h2u)^gDNZxn)*K*_MdkX_Mw5WT%={uFO{d=
zCxt?3H^N=#euyWXPqTFMa~INgJ%hff;%>dGJ}Q}fEuGRT(*MfR`*PUMVWjaBoXpEN
zO!RB3dskJb&+z${o9w8|tIdbTT~%7QNvMLXfjDc*^goOlr~qc9E8e_M1tPVFd6Ld9
z%c#Q1@+aFHvq5X`-%{>xC^sPnjN?a1jl()(^**B4eDBltppf1dlyk22Y)MJQR*y$m
zg)c}f3afCX3T9@mv9ndU#R#i##TZ<LJ7noq_*)^Jt`~u}K9_=eA5(=eDAW73{{8~J
zf5P9NulJAp`}24=!K(Ku0SdiO>H#KwhG(K@X+{^mJXzB_{}FD}xoWRrk?4l_6+3Z)
zt49Xl`27`J%}C*^i67{U`gGB0T}RF&UvzCsuZE@RGyG2QJ`?q%M$0n%&f?q^ztbGh
zIocDwoX?V<^A>h*ZdLz2P|D%Bs{pso&7queqPeJ!>e!{~DEObNqs6(qIv!0O7knOQ
zU^jyCpW{hg{i+xkUfflP-%6@5x=oLyuJQtu<{^Yo9-rqqn1@0<4~3D39!VZ<ml9+@
z;Z46wLf>mo?;!RgZnwHNE@QSNI)sU+ZcF3NYXMH==kKIC&J2nRSIC&)!4M8PfxW}l
z$F}_&j^6Kh4$imj{C(?qB1!tUrS>FO3}`D^TO@$wJ(e}k7Szk>t^~q9TY9!HVSbvb
z=9H1$J58AWu(;c=ky5R?Vnq$b?;h&dspu!;N0xkzale`^q2LBqyUJy}(fM*bIm3VK
z{oF5IIL1F1$(=PNXTNRF;YrbBzMY(VKR)`{ke_=OZthRZLVw%1<Iqdb_Tgu6Zs0aL
zDmhU|JjpZHAm{v6eZTNwqQ#Bp(*$?IV1U%ALW-0KGAZ(nmiuQqrJy+G4swl5uCY!2
z_K^$B2;Ue8X4-b%)5b$*KCM4}wtCmHjb*Ms*iFTy^Hphb2J6Tq{=$Vaq)cMU_dvCM
z$kUR7h?(ZxI9D2dX+Mrq;`D$&`@5yqJqAG6o6}Qwb80*P?U$rkcDBx7(t}H`&R3>{
ziP{a~BGb{`DE`8oW>FKb=<Vk|b?BndkC&()e~6gbU_>et%M8q}=xu<=LBgd7r_{vb
zwQ;mLOh*A)QzYz(dPGfbKk16fDiT|(7-#r*$s7g*e-+KuKEljOwq2LQ?%EenG4FM}
z@H~bt@cdM5u0#8Qs-0Yi7MpQT`=qC%DR~7YYnxR$$^F716eqeZZYdlxZduoLXLR`4
zqzEJ1JU2v~n5s<?wDB29P;JFdnO%{P%>(VT68fV|=njQW;1tmrK{}>vxe~Me%p@Om
zm)Z5SZw2NRU0qwPifShrH^@l^C$!~SZO6|_lQvI}YO8nZ8qiRUnc9px>5FNU+G=xK
zJ+aoQc5SV(xrP>es`k3tI&yr-v(p@@OyfoBtNm;HZ>-n$?-QfeZ<%2AI}wxX69?7~
zR571V)5S*ICJv|_pz%DYcF@KPAVLRZQX3sx-`reV@8rmc*oLUK!H8H&zz(h*OodK*
zPFf-28=3heWM;kZJhOcUnQ0_shJx}azi(cSOqKN2(8M9NLpJJQae|1mwOP(afQUlB
zoYS<%%hb~5jh7h8CfK;Kwoxc+*ol_u^~4G27&WKqo);_89NTMi_1YYYm0MIWb?`h}
zxAHmB+<UKyO;P)L+ELpS+;$!s(DTsny*X-cd@kXeGtLG#hjSFoaR2+c(H9OKvVE&4
zx@hQ$-*?}XarA=Rai7eEE$*9gFWs3B_rLT0?0oQj$@@$4`@NSD744J`-sF|s&ZEGW
zxgti1uuHtHxE@P!9!#7&L@#soJu{n)ULd(K&`+kGou6t&n)AKO9I24){tJ}2^n%=_
z7g$_mP2ygyxJDM;Ad5UjixC~7-(_fVN<&yn`x!kMr=UE32?-)o^Vnr1ty3T>>~7@!
z&c<?~^?o{d6hB5U)i_A4$lW-1O>9N0hokyL=|*WX<0QJoi^faHL9;+y)8qUrafre$
z6sk$?j&0n?L?P|Pz>9t+QPni-E5`5W8!)!g5g!p)s%SV^tK{l*iQ`4BQgDnY?L8%G
zf0Mo`wtva5QBLnB7XG#BE?LOTKM!<p3z@|2q-<n%3G6m9wQ%iZ&2$X+mLh<E%k@M5
zF6R$aO#M+N@G0Pvz~4j%C~5*fG{6(R!Y0BFrUMY(wc*M7B3#S#+sl(3(YSFXowk8h
z`Q<!a6hg*~&8Fk`F6Ssl*b3OljYh@Rp2HcS1*;nZxol@Fby)wn%>3V$wksJp$c;I(
zwfKYQ>9W(t8YiwL8D)qOYZ`86c@KS*Z-12EOwT$gGyh6L6vh|_xAV`Zl_k#x?>M4r
zW`ZG?b;Zd|rRKwk)I7gjZ~dAe7q%o~nXCn-1X495#L*dydV9a;tLy{#&6Hgu16}qK
zHaME~_JT#*{{@55Wb3Xq);zWPqqWrxN83j$p177tj7-BkZW2+!6dNz1H%H8B=?vmH
z4wcP6K!m+~<&bC;f{C7}X#3oEX8LtSRhGz1(=kTaZuOLTc9lwMtyVNCkeOufS{|Xi
z=C{;&I={}v0?#%%(2W2j<K9l)|CA{wZfUq|8_xP&dLk8v)!=BxzI`O~K1z-Ll|*j6
zRcIcZ2)puVgs|Jc9JM&;%Q^Uox(@ab1WX1ivniB%bT?k)7nhoObg-Sj`?k9i`n%`=
z?yt}8BRwcOa>3=+;8aLLCwkvpbbtCsYrmjZyAF7|ln%RoUlgpXU-q}5FdJC7YVhN(
zV$=Hya@Cpa1zcCh4KqvSNmqg>8C_lC6-qfG;ws0x)YVzw|58_{x=Qcn`)h-`I)hVh
z7_5rA3w@kwe3$w->k7HC?(?nzeVoGYP9L{#xl8EdvfI*M3hj{&m$iBntNt`V@LcOV
z%SCkeY9r-ZCS=j|x4(vMnH^Qo-`18#6XL}hJLv`o@?fXirHG|-aa}TZ(5&!0vU{@E
zhq@)}@55ckAaJ0g`AA$1?#KD3-Mra`-0m+EVdmZybZiTHEf#0)z4iJlHESogREjfa
z-5EpRa2|N`%(<h@Nslx<Jag{WnN?eeH>`N0!!x@qo@V*nw`Mj&I9GdAE*~k(Y~DI^
zq#|=;0kO4+nmNYf!<FZ5u!3irGsj=)Z->sDa3%8vDFwciQy-7z>nv(Ty5WvL5w-g_
zX&?$S$3c9_j&rb<G`DBnpJ>_H75mDEuj*J~syMZ+wCcQbJor^p6UBLT##r8R5T!UV
z$stKwwLA)YM#c)0gQ>}`v}#*<D$Q=vJRgS|?33Q$WBEO!V}<(Sj3x&&BIojc+lG^B
z)`QPi_R1z3Z)Vc6*)JX|Io0&3lfADpX7ThTyXmXm4ffvqnjW2B6213zz1Dl*&||Xq
zO+8lhzU9Dg`{PD`?A5~*551cla<f5}=Ts_+zOU#rZ+S@JIE(=N7K&iQxNeoud=`yc
zi)4|vdF>_1p<p)Su1bPeyEDN1MNOFN%-j*nkuOU#l})A6%&5tuT3%?tamY8)+z;jy
zcU6VfkDzGlSw4diHuQ5Jj>_WO$H?I}D;`{pbRGtBOqA*q<vMnCR-oiEaHm$9nQPr9
zvKq}pUE%*TqeqmAGZoVqnUhV*!wOPoFbUg~hN(JQg%_jwuaS;$f~=->J2wgZL%@M;
zTAXllLbmkxk}hT)Mav^$>%r8pg_u^6vPNs;!u)QM$6a+k;YRvv><fRCILfxNiOEQL
zv|3fsN*UjUrQ(;oIkYuuV&Jr7@xiYlQN-kz>c@%N#IZles<-Ao49BvOAaq`>aAQDh
z>t+@}4h<V8Iz?)j#nFR%zc9Wi?h4Hs5|Vp{Vv{`~TzR4nudIVC37rbMQ^g5%YCxy@
zoyBn0FX9=>J;X1V-EhHqiTckfI%xz3dCB}rKPc0L$*tx@pu#!-b)1Uw5Ki{{4v-ph
zRm6Rqcshl!v8-`@2~=k8OTjUh<{;e?y<K(5_7!WGnRP;%VZ-5SY3@5ANh%xPMVcCE
zHjQZf5|o=H_18SL%Daj3ir&U_9tb5iO@bUpEQ`CEuYC+*MMv8iNbmP({^^EZ8UtbO
zoS_jC;Qa@xZvjkBMz@{}n^Bm_o~CWo9KZ~0IO;a491k%R-KQ2dgCP|m8VCA&swRsq
zPPjm}37YI_h$VYV?v_lGiylT@OKK}8jq`;qRWLhlybEeGQeJ7B7dckoIa~C>q_{U#
z46EdM&V2<IjG$P|Lmx!gF?!v_3Zj_bIv}UPS)zL!lkBCIqFW#zW$#}R(5cNBkBDw+
zX<R(!^&&2D;~MHv9UxO9<ztx33VWxA!I6?P<#FsOmiX<8RyW>65+~PPm8sh})GP3~
z=Q4$Sp-l%F`L-1G%bkJEjBkq#Fc|=Ax1HmFsQ@@fT_1PF09wDH7)N3)g30~U{oIY7
zPL$?vRhJ7bY!Up_h$Y5AJ8g+Wx39|L%lc}d!%)|`FM5B8EK9LTF%uW3jYxTr^DAp~
zNmwA7+Q)*G*nR#(WC7AoVjS-1A^1sgT>A4pN%f2k#@3^vypvn3wA$F^$uUKni;t$k
z-*8%@Ix$%qq!o)~R%E!Fcj4`HVZ!N%CThhrftVUvqPCun8}A_wa=N;l%OsTm3<at4
z?49LBE23e?FO|2kSa2O01@E_H!Om9ug)#MHKJ#ueCfoCUY9MGGMI}_UuIEtM*uPuh
zwIXxHXF!DWQ!_Z%Y{3{x)1_9R_gS~XKbbEOF3lGWT&`A0=1cahaD><LQ(ofp<zduH
zM94kU$BkhL2}aY4(f4R)#pW*UYur=pE5GW_yuYn7nG?Op<<(++;k#r}nmTXhgtPZt
zNv}_CJ&A232{xwSe+bX{OZmZput#0B&7u~kW{$hEIL%M9&AHXfNBiN!h<G86B^jOy
zNi6pL6dTj{smmt{{WP`wqC~a))V5k-za*z=%L$QH)oen-><}Virf#-$ndkAUCI1pZ
z?0Yl}n)iJ@ToC(#Lw=~oWbZcr`jJ0=tVjP4=B*Z|aj=eu{aWu`{Vv?1pI`CgUXE-%
z`E1G*|NPsP>*tIYmzx|oM(&$p=$EQb+851GC)+|Jfta-tZ~?iAGEGiDJ0L7$Nh!JU
zex&0_ToT>d>vkmK$jmEc;`c%6=m^thiK_T{WLrCYmi(&1L!yFN6+Sgw(t91w-?981
z5T1Hh_;UWV1>c-E=TepC$>t@i(mdXLVpW>=Fb`Oj<|cDNS7~lApInvZTJv(n?EvlL
zAbGiquVdBftG}O;^DdW&7Jf<t8mIs&jZca=#O+rQxoBVydkP&C!X|r$9Fsjmj(YFE
zNGlVDy1~^D*@yoJtr>BeqUi7`^C1*>g+sa4ebwP{S6R?qr$jjy6qHvgD9A9t7_?#$
z0}cRT(`JM6m|2%(VqbIq1?!aDu~c?-*k!`>z4BT+sKogkm5sYXeKEOX&KK9r&7634
zxX{k{4o;$&W*D5~f?ID>=kZ=EiB3&zJxP>-ox$jk@W(+u8_(v!ar@ut%id4OTpyoJ
zKUT%<pQRt8aXWWO5{=E4pAkLoD$&Bv^<x8+8H7Hf+XS#R#DS#KRLsnRK9)8<p@CI1
z4Ot&e|8vyl6!ulOFzo+_pCQz{%SReJ2ninbYonH5V^oo~P*|-9JJSfu;@W6!S&}nZ
zZ6&L@H=*XL`Ywo84`q%i`etkFt#Ayh8>OK-qD1nnu4ThR!q~=LBU2XE_<&(#AX#x&
zbc%&K%YvR>YZEie7$@I*gAZlOP-8{ha?W%@re31b!+lkFZ6X(z-ojni2fcD=%WwL7
zx^uuq%g9e7!lneoBW~^&H?Fn1t+3Heh-af7SPrx!FFr2aqtdD{7!UX^NyTXCKJ5$*
zXitC)*$HV4F=+{Mqt2-pXU5M9^>)Z)aqS>r3Li3*e)g-fg-wV4%=A;d@Cz~wv)h{(
zJ{Er256C94%D0XM5&V+F_Ir<sF4_l4p>=s9S|_OexdvCNO9)ZJ2N{)U?4ziu{<SA*
z`EH@{%!$U4*I#$RG_^aL!gh-*FMNhY{BF&M_Q8s(nbLm9s_3HKnkeo23#RrsObuwC
zCz$vX1FZE5XRM-8qfI+M3^{~kGoFy69s1&^OWgSk<7yiRkAke-PRh8EY8!rI87ZHQ
z<nsj|Tg7pX65@A%3#8f{i@S<%qO4`8K4CgUzwD<2dzI8<>O={=6EF40#Fht=D0DE-
z<?Ib@he@<+Kb;13enzZaIcB>`y8g;gQLYGx68pdr%CWwWv%YrncK5X7v!u2YL01GW
zs$ibeI9VyPU~LaIz997WvtLgnuQ8|RYAbaHkLgdA+GzuOs!6nW1ZJ=@yh}<}d=OrN
z-Wb-k`WS6)@E52lcp;F{TsO)@M4dVh+0Rw@HZP-SS+w$?XaxC~y@OnYhy7@o)yev|
zVrw_wOk2UaVI{%Eb-Ss!5eV&|A^E>ZeP_I{=oH>=l|Z3mr2Lo<5S<0%31^SQzW!kS
zu<paa5J@G1$~t8<n*V1Y1l*(mX(4T~u%1??oq_7b6K-9*tv0&F^4P*{5|03^X-OK_
zy=2nNOtE%Kb6_QPPUh3rQEA{gWHqiE5+-YvnVGZszikxp;Hgn@`s|5iYQWTaBei8x
z;GC4FI0+Y3{$$sDU;dgWd;3P45Ac_@+x&UXX!9QarrKB^SVinjb+8v=jZ=8D+P*gJ
z&uEyAsO8T#QqEC#If}q!qLv@-oT-~l(Dm5F0$vvVJ!u8?*q=Yya~;RuDg41gOlPu_
z=QH`+!{4j<yPCgu^7mo>BtLzJzcKi<{%+v?$Nc@4KNd9;GxyqRZT>#r*}wUp0N`By
z5nL((e*DJ2PWLbDSrm4ee~E1K^<Mu{fqb3hUmx_Zr~B7i{OjTV^;-YB*uU6DRJxxq
zjVO<4t*>`mSaTPz$NFoF*Q5OP(Y$`xU$^r5C4W7Q*N^+_eR(~{U*~y!kH60GdM|%H
zfMZFWP5xeQ7cS+v(Z$~!6#Cei)iO!Aw0N0h^l^VGI<9%uc^WjPQtW(9<ggUCekgiS
zwCgc#W0ZIaJ*_!C<vPF&J=K@dQ_H{zQxaeFCs|pDu0ejP?FUj@r)x-NcThda-vz^u
zzbt;7pPa03Z`|l~OKF8i+Asd|WffLlXw3PZ_?M`sxy0)rHc{{QR0dL~hjFFe?*y0`
z@BO!)_1+(Nm<oz}q3UeOs{&!&QONjOa(6a&-CjygQX8)-*qPGh^li5OP~Ii_YM|By
zuV7czy!3(!HB?2Jj>XAG!|CF#K3UgpF}SY5VeXC&&)wu9Gi&eU?3?dtJY0j~iv{e2
zlupFPd&C<~RT-yT^pVilQEuIbdEIVIMP@1*%G~uqLZ5#nVYzi5TBjJIoiyjzB+1tC
zp%6U?GuzMhytahoi!y6IG-PiyHCYi@c{5Yz4W>b08U(Ce^qtf&Y0nI_1<iEWlY&L5
zH+_MJJU7|ct5IgxLSXggF(0L68~~cyc21=LqsCgiIDJl%>%3?K+d5WLZ@G0brw@ur
zy~grM?B-6zgi(Z;Qog}oijzrxnEv+bpGkKdk)|?{GTp$IQojq9P7VP*6!v#w?woTt
z0UIh)2rh$CJV&{NUxjZQlG_?NAN><;GnqoN6sm~0t0}SFBl)0t|J6ODMbj#jc4RVs
zH<N**S6X?)n>3Z?UPu)x;^UMzJJ}$IsZgJ$MpC2(_F*D#o3dWI_WEqjmU34*jX_3_
zRu~PliZ7i9u3d}}Sd^^^^5WZ*GA(xtC^WDmu}P-d6uh8l{$-RvEixI545ll4x_o)d
zcw8uN9nU3oZ{kWVltAw(gAmg{6y4u4X`%qSGiFwQI8DBE-RMZsW%Z|xp|{56VlHXT
zHEyz@Zt8Tr&8;w%EnPmPZ=sJpUC;^M>?yVWv6P6nKJpyIj;CD0ujjzzE7wovuD`N1
zV~eLZN3rYU*4J}FU<C?yuUtRnai{xnRrjLF4(i}2UYle(GanLe_JlJHJ*RUs>-1a|
zGF}}r-p?~$lS?bXxW=uYtNydw=!8NYN*Z_z9*Df67UwG#$NNycbEWWz3#X9TmlsP{
zU?Ls2EKUU4RZHyK9R5QI+14Xr8KwSTN7{Y*e_u*7dlf32AF0f24*s6-b6<m=#n4IE
zp;vMyw)O4=d03bEK33iFU9hlU<@U=<^8W9uzzpv{AZ|QFS<jvsulqv&-BGVN&eRLu
z1~sSh(IaWk9d;*H+*K$&z3p6!SFbdoQx2Wn=1DDzx?o6p7nlM^Ydprf|339OL!J=w
zDy~&2uDug2_uTu_wrqgM(;q5kV6Sd5{2o!Jy0hPp8(&qs=%3Dsw5C^5Bf@(*^FEw;
zukb#5TPEeb)0Fs)(7UB9_`9X#Vn_?Hr1Z^@$>J+j=k`0`uU2LBX4p^A0VfE~7=M|n
zRra!vy`sV<QF6wEg)rt&2hvYph;pkg`3N%BddPxm&Y9!5tHQ5ZKNWXX@>T1n<E~1*
zs`X!LsPz|_%kQiDOL1EFq0U|d;jr7OgmC40ci}4R?!r}cKm1{tPP6W=5<HuQS}z%t
zI{vNt>3Ak`SDCs1ySNW5WUvqXe#C?Ea>Wd)(LGFOn?RMKQI~4z(hE>pA-u3QueRSW
z5ee&2*5jqt7uC;kslKN-LXmN4a!+s6UZ(c+#`Mw{QHF72RFB#JWb34{+=^hWY)J~9
zfU`YI#1H+VwfzBjCtwVfW&r0WeO{~70r-@|m8rphD$-t8(Ya}-==76vOFxuF5CRBN
z!tg~Oy8a_uR&lLwlW47({550Nh(j+*`X^17txIvuU8LLEPdA$mg#1e+J?8Hd)_b!b
z?PFJC8jza-%ePMt&&0{JZfK-?;{Z5YpUnQre5-}7q4Ua82xI-BG_&|&4Fn=@X%hI~
z1UKELwP1Fs(>^vT)J&Eux#A>@Vsfjq%ebo=8xg63W3~`8JQf~=xvCfg<9(^mapf7{
z1v{7f4uc1L-dJ%pp;-lh&8SE|rfzo?$<!9d_qa3#%1>==nM$Zs-|x!OBztuw)6Qfk
zuubb4CGI<|4f;2o)5<Z^7a6){A?cicS2~J0C-cimn2>q=>!t52RPk(Vqem7yP;iSK
zNV~-j^HI8$|1CXVM0-_ipLT|FGHp~<?k-%_>xW;>Bu|-zvNmR+Jd9Z=a>66_8PAmj
z?mM0ay{qwD)E33<*M+wHwY<(~xaH!w-;Nu<2%NiDCvzmS&-2}zR8>P?X>P3Yd8H`n
z+^7RL9vgQRebJe?v&1bdOADQB{lFL}28|}~Kr?#>c_C_}%2@4X2pY=BN4tUlj(N6^
z1h$@7ftSS2OnMstAuH+_x?VB-{t*iZcES-CN6H9{$?AM>5aZCyc^qlx{0+^VznpX7
zx*z6PHlEcxn7mRN5#%71p7w+4{$r;RikrfPV}{FKpT<3<xaYV*(ys~+{ipi&{Ykuw
z-Ch*ML+h`5VWP9|HHeXn6&<TjXOXiHVjqn~wIE3+y9|8~@^^iY4{@q5sa*zPGQD>^
zv%*U19YSid)gxr<c_e!_Y0-&}=||5PO7h6{N8a*D+Lyr(%l8gOV+Vb@+B!ki#;vA8
z>H#;Xuk;_M@-&$t@C?=4<b!^_lfepORVl97vi1>9VpGv!vgCYdmJ*C#o~V3<OPPF4
zUpABWN3Mkf3hBR*o5$M+18-a4&#C$@FgE1n_!{_yVAi5n3FGzEx|&QL*ZQsyJ^|sF
zpcocAPt-CZ6NRr#sQMr;oVR~TzXy!%HOW4C-<Wxy%e-&Wd)z&ghxgC+nfYz!^z^+5
zym@JGV`=cZrNO9amdcwcwFH>?wJ-F-0Q1`RHdE2rpQbIJ4vp?vd-FYOYN2PXM7FbL
zjd5@IBvzB2mYz#!N|>)on$Anj*ZrK<D3bwrki%5Q06ffZ6&B!y=tA;YqkIPSyUB_>
z?rN~K=8n56U#sr8tDLobj=L&5StN6zxw3A3PbkBOx*!o4SNUpjaBj1133K}vDM{=K
zdc)<1r??Ed9!55<m+7E`TT5NjUJZSHHZeeob9iKNMc<3S!j&b!!j&b!!j&b!!j&b!
z!j*l&!j*lX;EKUQ{m)fJyZWtgqUT_!>(r+G`JEYeV}iBx(|P=frs%2f=DG3YC89%U
zMNE!qX@z)IZyUMb0M0;Fe~h48@t7r#w0^RjjeS5rC)*ngnN-{7YZy%S^ELdLl>2W+
zdjh+i?pfF8yfyirHKcIq1y-C@g~h$>UsS7Np?HO{hpSLLqx#_D1dLWumCo&j*e=3#
z<+~K_s@n$OVGda5i7h4h%=p|;!6AM=+C}}>?ThPiSEU6^1#eYGip0t|1mOv9Qh2RA
z%U3uZj8H&~4v%1jDX7{bJ?`AsORjv$P40{L`3R*~wEq%#d>&Z@x_I|oz4vIv>?;1W
zX&#w1NDPinYq$CHoZe#yPoTZWS`z)5p%DmS`)$%u>5mPWEV}6w$VUE-<<HO!cU7J9
zv|2i!9Gds#>$l*We;viwx-{%yzKZGBG+$%s*8om^BAv&pde(F-P0{$d$npqpW6tYc
zu!0hvEZP@nqS7se4{GNCJj7R*1bA$F-^aVmqYe$SQsY0U#6a2u9GBGcG_CfM4qOVC
zRHHsFDc=iPw~8WW#|uedT&Se#1RkqT)w-Wn<?WD4C%e~Xi>#BQ+<tNEQFLoUP_-o1
zwj&!&?!Ih`e@H+X8;ts#M08+eY=!nX%1PcY;C(h5!xlXjBP@C>hR@f``a{qGnO^fS
z6RsTg3IAKHlb#dhrqZR1O0lJks*|i>To!pN<E4L#8^4{HN#p-9^ZxkE`#<SD?kcLa
zA?_-sy)HZ|#~aSAiY+{)6?+%%6IB^48MWn6)9_5Lt&b_Mi--U{%iDhUK}IiJ|A5~7
ztwb;z2j4Tp6`k$bp?~^_i1sfe>g7iY<8gT$1j@O_(b^h@(b^i;uGUsERjD4+TAa%-
z*}7a|G1yvC$Y*M;K6m|bkT25?i@RxqTllu#XDt!pr+sY`j&WOrPicO45uO&34Hw-A
z`D>iQTpo~v)s&^+8jBSEx4_#0eXUw+c&ldF5?u8+eXT|!!DQjWCuqZqnOa!YbP3||
zR6P>SRFEj1ELeDdir%||%sj>xk1&h#phkkYavi?|zERTK1q@+d57fwdVEH4Xpyb00
zkb-THXMyUI?M?0Q_^yI#MID<51}!NkL$!iU9!WISI+}gyT{NTK^A_|}`PsMMMXbqe
zEDn9CzO!Gri^$VUM8<QHs=EYVQSs?`3vYr<t@@<!%-UB)_t(C}Pvnpv8-HmnK#oJY
zobg+O&y2@iRRFWaE&jIZy#2OlOMSaV&g2vLm%1(F6Gz%b#F7?!Iv<L_I`~pG!`I@W
zXRjqQ^qhD1p$+0pI;O^<2vhY!P7G=jc5?rq5uQ0MdHMTPN37~4u_ZIccE+FUH~TXC
z&hJ8yd|OZ#Oql^oZ#U`8WFprQ7xV7~Rh~g$+|{pbmv7?uj(yxo^TYWiolOY%_e{mk
zb)Kkfo|R<lDS8T{`2ue|z@M#MM4Wld5v<|`Zas}pw}8Mzm`*sA_$rN=0-CGyl*t;G
z^ET3gFms*_)Le$ojJq<z0Cb?9u8q*nk}Ia34$NfUIC?0J$m%y(@TfDuW|gC2nXc@$
zTGM-~Nz^n$XnO^LRcr0Qo9j*$7LOHrRzQFCIglr5lveJ-JZ&MHw&-b7{0+K!RVKxI
z&4+-G$|;3s=7TD-<a}7~vXn|r(^-BFSK9~RLARs^1$Z2Ni1H6!O7>D}6N?<1k*HL^
zbRy{EE>MV(ULy%i?F{kxGK?@CBjc_nfwy46GR3rUwT)lGRK1NHRoC-U#w<A%YB2>2
z)5})_!GAYW-0HaT0wG+`9Z8CNI^Rffx{0zdmLDrLp5cH8C4jMF<CzX3gEfO0i0%}k
z+aSOVlNZ7|EliE)P?5N+-|0>G5z-6S@cPNIRjjQOik(cQ=PJIZ-JUK;w)gdn+fzm3
zh36!S#^)(b+<iWeB&GB=`d$RqT6_tx*5XTmwH99jthM+OV6DaX1#2z750tgI!9pLs
zpx@@+3we*`*Rg%&owZ8#Nyq$JJ+(v^^%f`f9Mk34NZAO(Xl~fa!En8U;cun$?+oTd
z-p(|G7##jBa5Tye*2=ZZ)r78}&`}aQ1@)a6M-xNrE?)9I$Y}3UYFMABG@qzc6+aoO
z0GX%mJP2B+bUM2x+so<>L0Z=w3}sZ4qvj#RYKB-k$i{g}VhPgvGO=tq*3*d60V=9i
zsa3DS*459e>7aqblf$PR89ug+_q0VV*Xb^6`$Rd1LlWB*#otJ_`Lyb6TBU2c?y~)u
zug)!M|BI~swdN^GRm-#=`_i=in3u|aptgK*`?)PqjjGj_)2Lc#6rT=H8ig0Gxz|L^
z{i60S5Um{(F5Zo1JLC8^Sg-UhAwOuo9^TBjE3D8_<jGB#Le*AIZ(6TMverHgTsn}y
zxAFHJ{`5WnCVqTvHc>}6a{~jq9#3Ca^)4o_`DNf=2%QYiDasGACXpj+Qz7cD{fwqV
z)K%fR8uffgGOZ-55IbwDL%K`__6zaX^o!U}@z;c?Pp1fP<jkWFhcm0WGZ;^@91#&*
zTU)#FzOsu`)lJ1XF@sZ;+DvU-A}2Vqte;qi#+p>}<TbZ9uFaTfY40-9S?90Wqs~|M
z7k`Tm$(&ni%2;V)bH#iHQ621s0__|tj+MsBjTbw)v^Y{`=wCujSFFfHiN}hD?twR-
zL%c=2*+^)<XOywvgabZmGat4qf}uP#SK_f!Pv{kol?^T8v0>|kG0kOoy3TH1<rPb0
z#lTZl#sCita1}ZL|FP>XG?xQBA8iLa4iRr$!Q3=bZ$_2(iB{VT1gQBObSxu9q<m$2
z{guVZvKdzur^;qrRh%x%5UaRKhnDBZMe}U<Mu+3Z<y1S29$zmR`1+TDub20~eDGPR
zTnTKVfF}UFlQC<{S3u?d4H%6ni^g%F2lM=zl!NB9NQZWBAP$&TnJ5m|*a=UK9qlWr
z3irq>&^O74J$`9Xb&dVIxQgGwOE2hKMEYlH6KS8Ba)_IhV>x3XkX%oc%1S{ODQp-R
zr?7Sqb_~F0UFOl$Fu44+Xg)O^F4PBC5KW+7U48ZUs7ASj>S=UHVvtP)WitUcC^Qe#
zT}oGQxIEG=Q!c-7>mK)`oXaGtWj%H?0`BRg#!Bz-Pr7^(j#-3r7AHlcXGSaCKEc<@
z8@+zQ@`3gQxUhZz9`IC%7vO~mY9GxhpMho|R|#iBPX`1ZlvU`CZBZ$)7F=yR6OO{E
z(3ipRpnD@<&61$iO%gjf@y!hlPO_1~(FrdahL5=S(5Mu)GSk_j?GO#KZ-->lQj+?m
z@mest@fx8u5cNm~V)X2pM$gpR3^OrhI|+<|m~iRiDmE???3!}ZK)VH(790Q!HCz<U
zO${oXvF+#ZPEau-w78`rIHtAP5j;2b#{m0$RNTu;<ts*`;bNGR=(k78AphY%46<uD
zY_0V7BmJRDAH)M0Ic|0%$3(24`w%M1OUV>X+-xN#ke`{oA~6?a0knq(vH<#LJqo=S
z>j9CyoTt{5j)R*W2NiVy*MiNY(k=y8W+^<gx2w$iv&&+rkMa@4MI058ZI$9+g|h`3
zs%+R@Jpog7Df7enx7ep9IUUIhXq@9PUiundqWQ~6hqC*_{F+h)k75Z?jhZ`)W)p90
zlrH3A8H>0TOQ7Unp8*m}_)Jon&;JkWL>tv_hG|n|vzxlbU3GC{hOKi($TtEd4dGKA
z!_@Hpaq`RhC76FQo-ZNXbu5MGr%2O>`Pc~@43A*_cCfa*Vq$pyb3~Clo}_c^K<hB4
zP9pP#SInHW(kZNUN#}5Cshj2*4p~*B=9a{!$pqo!@zaxurgKgGL|WQpK3OkhzRn>p
z45Hq^ybVVn`Uyul?vytNJJt3#6v6yHaiH79URGVI7#F0RfG%yKFl=4xM~a7Mp2kUH
z7@>BLjNx$<?3icK^*T|EL_NKEthQ`w(==k^vgu8yHP5Ln!w1XZ`kWcxRBxWnsj5}A
zLi@0P=9uUk#a#2v`vY4G?A#3Oh!C%pfz1Ti8#AzK`zF4;1*!sKH;0<#_nWyT+XLN$
z89j!-_wzR&o|;Sg?u4h_lfQ>&-Ua&){uD18cTb4(OrEdiZ~k5U)QV+1ntq9;2x#%n
z6!0zw{A&vMssmn}0zU76XQY5P7@)bsb9}phJ=VW&^sg<tl}6=V>)#LXulM=avHtaG
z|H84OVt&KF*80~6{cAkQ=XDy3Va93L<jGvLnd+P<T2jD?1){EY?b;JBjxQR^w-4dr
z?idYqa`k-UPJDUV3C?5V8IA`O8p;sWz*+jNOFPhbGmr!<dQ~uAZU3$^robmR*khj{
zM!v(Cos+@>`-uV1TXcMkdL3?avhfBotnW$bpNF|zV_}p1u!8v(I@N5tEv$m@HRTvz
zEl!o{a1AfXZw{apYcj1kQ=hb=am_w$5UsF$bB*I<ZY1N!V0&0nQ|j0o4(9FrOzk*g
z$#xVX_W7bC`(dgpYCeRC;b`GwtUO1X`wNs*e==KrGkP+iND3M^qGuG6*F+ca9+5e$
z$On}!p8}f1__V#dZt^n@H$%10D&<Sll&gB4sAuu<>aVDUp2bS|U(m}bM#|4dXk*Z?
zDaio*1mOhUgcrj%I9vsW_=RW(`5dLb8kEiYVv}OK*rf6ku?a~;#k#=hMM)>7B7;th
z?lyr%pr8@UO%Dnz!bfd7--Gg#4)JO<t2j?exsEZ8#IX-H1mBH4pWf%ldv<%0l;!gi
zWrS7-`#p%f)rT40uM~@TzqU=Ox<V4&oTbZ03p|g`)GgQfBKTV|_00(GAj<uFVy+`#
zeHGD-!wEl#%dWQhC2QB-=gF5-#_|`{)jO`C<i!^>+@Wx^5$1dX$($gMk}wC3G|zon
z+%>^6%d9UK%^Qweu3<d$(Mi<#nErSM^FkF|x}w<n9Mxo{praI=>$H@iFzWra+zd+y
zExi)^Hnx|cO`o<zv%4}}{tM)X)b>R^3cc%iIL~)^?O3muA}xiNik{Z@E7TV)oA6a|
zlet_NI25&|3UKWL64-#$wBS<H=7C7y-2Wr-2}wxJOGG`dJaUn@A;?9-@B7ofd#XQ@
z`)zO?IG@|8p-=8x(4CFzJ-?#mstpQdRJ31nh>m{6Pu?m|=5chdOdl_g?yUcs4DHfL
zPwJO;8Ar)VXI~;$;SWB2k#&#rJOs?hW;#fZY*w1D6J<a)b6?a;$!2mkJRqB;c`hZJ
zvC7|gJOiFaGRds}Ws+I?X_8s`bxw5>SG~w)r@%xL*(?op*-VmRwf$~I*he-~)F7Lg
z6z1-}!Y=2q+`ve*o7@yPN5u7S5uYzL$GEAEFU^GDu?t)2WLEk<&sWs7eOlBwiW#13
zJ(bzivmnMyYm6D5W@Bp+@L5GN@J0{R8Ap)FriO?TS6>R85GC^7v_aDs4)Z09Om=)s
z<mIa>*79~6jBvI~;MPxxWw~X-U+-r}Ec{5C(+`iMClK#=!->Y%6jU7WAh3$i27k>X
z<HpwsuHs6-UM4&5g>zS%NBd{zJ@$1-_`2>0g{^K+Uye@C^1b-uRNQrXpmK3nNvAnh
zHoirk$=T^RdJ-j_KwT1|gBmTZ4Qqxd`Qx0)c>4nKZr^cb;s`vCmocaYB;yb|_wZ64
z--o#D)fOM_xc?84v+M9*FhslP)ZPvB8AR=C)}xvuXHd?GK1aR|&~<s$_Kjo^PW@o$
zODThgve$OLE^Dc8D7VI5HHys;rSH5BWa^)v&zoF*@4qsCYT>rUeP1APZf(Bvt-C2R
z(eViXUPPM$j#v%5YIPuE_^IO~)6udF6LQ^;zvkc53?=EQEzJjqFPz%(Ioa8Qrw0!?
zVj!fR37HNdork57i=Fd8d7Kf8uAN0OvUi3w^!xji@a2Uk1B(rU#c|U+DV>$V<FvvV
zNmbTQSrV*|Xm&%~_>-fVq&s0B4YYGbL;jv6mfs|a*%;QSSC}_~wHD7C`LhVR2!-$b
z3HU8!aT~>g?p%uQ<MZl!lrF`$j&)btYhD5-*&M)oC@FV*KZY$d!EOIGsvK115(a({
zcfYL)Jc|CS7F+M%Pp2YF^{LjU<mb6;caDq>W0NU42+t-{+&&>H=c4&AbniyHGk|qU
zNm`f#n5n(*l4CN<m<6}$vvYHikni!TQ!#fLE#JF&QEZM@-A!!E@bz~SrC?<;36<~c
z-Nnp%%tG%win)pTJJtA!hL+<6NG*-0GS?>aji0BW$wAQJij{;jJ`<ZucAng1>cY%9
z_*Nq0#`DMq9gy`=S6zd3j6FDtwwtidxeSHx;5iP@CAg4lZ3m@%<p;aks-ZSg<GJNJ
zkIAHT-tZ98>g<S&qq&Wmi4mdDo3^bI|EyQ=^D~C4fzqBWl|+ss&eT>r7W@62y-Npm
zrCukua#qXv{h{P->#V%rmCFKXI$dWWFc-PVbv=}j6O4^ts?&TSXFlCNhym$+olfng
z3#c5FG)o7)Nx>Pf)Tq_=>(pL98VSWRHPaxOH0L6{8_6$|nq``KVtY5WWe%v@-I?#s
z`$I-4*gO)<3<T{^khUFL+vriY70)8ru-J#NYeN`@t??_`rb~GHS?_p&(&JxwxCUIK
z-a4C%aGO3Zzv<tlA+<_ph{1$Qbo&(!UWTug;AMxT-8;~qExd}?=BBQHQ59+<z7#lF
zbzrY-w1z-CSO;!AvO0`;9lQ$MWaVYnMx-}l^}x<=rXyXuq+QgPh6**FOh5R26LPr*
zO0IutLVeWNnsIi=5XP$QGYB#_Waz=h_-^&T!H=yX4mS}WKgH^<w?TcJ<Z$biAd^L0
z{^-tMZ;M}{{8rJZf{=lWhc;fA6sfz5j%G5>EYD`QeaqDLEtA`~%+$AU>3mbX%{yMd
zldgi5n{JW~?~^R<iY9cvk)(omosg8KyO7pdX$5DQOJocGA=^y2x+iU@JQ#)3krOMt
zeYF+!+C=L%dL^o{gM8@)tG4=cYU`AfUKpPWBEItJyaB?!eqvQmv#GXfVrA%ku2#ae
z)>Pw(jFc`|YHTCRi8XO;<%-&x&igFU+TJZnw02@8JIgAV;=)nU+Del!CT2j~by52j
zj9G1+BTa2aY&^M><woAcvmi&2SUj83i26}<F291~>2Co3O}?+=?`r5k5?`{!GU7U4
z%;i@!e$C8sX;NW|7sBe>^Zh{io&5k|_Zy%mxQV<PApNY?G0%~z9uU4}CT3P_Hyq$f
z6!Sgju?F5hK<7C7!?`+H4A)_U-Y;Y$h)3tcN8HBqeW0Z4CLHXNL$r6f-~Wyt2~W<Q
zq9hbV2<5^<>7#I`Nhdn^ifFm|Pi?-97F3Y01B3g%;s=>s_l0%^aM?ZBeB@f!fuxh0
zs{Vp`r5WhVeK`^Fua}7b1Cp_he{#s7WE5lP&s@lW63-<8UV?}3P&j@NN!xiaw5#=T
zu@hPKg;)cTzuk}g+<xS!G|CRG6a}iek$0ynte}p)5Ze!sN^;vI?LNuJ)0=48jo*`J
zf)9QVF8!pr)%abCDN66_mJKfVr3LlZC4VkFHk=LeSDIdoH#s9B`3)O>$(0K4d?+#c
z2cGEISZ@&CU`yQ>VEe4LzDRR=KO{M4!*lu8W>6>JI*i{!qezz_N8Z+#qVNXQc?8hj
z&q%;9=+Sx{fbjYxUJISSQ;eT`mi-+ROOkhZzkkBMYMN2Df20dM+52DNX}bl#zr$6E
z!I6M{6&c1(HWCl8IEITeBb#z7n$_4>m_JX45IMkoH9k;r{W{1BcE2IwtwgNi;D82=
z6iemK5ELxncx?G%dxnPTI`%8}?uQ?^_7_E*3Ypu*3O>#7OwD8x@qi>9e?qk1AIVub
z_8K4$QrS5ZFwbx!sx$nS;xn4(hniH1JAXq8ry$cTlJzx`JDo#NAYG^u_C3WNzaU^V
zclvPa69ja&_bZ$~-5cVO3w({ztbx|xY8E$vn!7VKo3oN{j(v(|#DHx|Fioik+mvzg
z(SmAXb2XY)6Zz-1DfO{}#~B-L)IuzceZ}+z{dhzwm>erZma*ZnN@IB@&s~-ydAbb#
z3&y;UlD*&PGvB*Ik3#R4da%>_D|;4tx7)MW`>j1oz2Dih-21&fhkO66XIEJcHfn6R
z^R~2m45vo80o(s2b~mB@R^Jtw`tH9d9*rt`>#S{K)yB$9UyMYyQAV1-zJ0~ezEWsk
zIkay$w6Egr!>s4mi`&UP+(~D5-q~*{LMA#u>!q&xs4=Cg&OT}pINz8yIP+)N{1~2M
z^9QFrq-hN+zsK`4)j0qJ<n9CxTv|v)AqN5zl|j(qS!iw4)5eyw;h8LQp3z|hJDP@p
zYAF{FTv6&gijTN!<K5M0qjj>u?rLc3oi`C2kbLiQTo>))cDH3Oi!T~>34)=GhW68d
z4MnfLD#~kK+WYIHG4VgOPuqB>F4;cF;s3uHxFNc86(X=22(_Z=b{|q`-&L>cx9_Sq
zc>5AQ^<cHn`?qrw>H2gyAIUlBX$rS7V%ezaV)tEDOXeeaL&-0gT#k|DNU_}dNZRMk
z`*9DMJTmXFFc0dSP59{Wu%XCs>pZ@OyLDaV{STs9=kn9jXK^?ToR=bEH22nG=Q834
z^W%NE*_Ro<9yJ}%9R?mOaO)mq-fx@pVAEU1T??OIB0TInS@<!F!nFs3Jf*&~@S_Ru
zpT6t!xu9pUID>i?-&^qT#zC~rs+U#R6w~$;?Y<7<nH(9DHe`L>cCoNDOSZ6b1sDCs
z5(~KsUX?tm8Fyf9WQHA_g0=<q`e_!^sZovgU!O*s9^&{=py++q#c~8-tKq(bOX#-_
zK2{30-C1R&Q60;()?ov6`<7MPIU1r?_~J#GB0T7kFBKaN+ANt)-!AE=_BnpG`>(Ex
zAHp1{OIY^&rA5P|iqSgyAz23$TGt{%6<RL=mkX^=@ZLBi87uMe&BP6|n#!Qh*csm+
ztk74YxwCf{^;h)tfxGEMZb?MruLy%ngvmk4EtDo++W52<ePuy0s&}j7#-Zvr=`pqT
zI0LG6x{sNn856JQS_)Pir4=LdM-a}O!#%%FeoeCKQS0<<@TZl_t^A=zi+&THAK{%P
z0;g(+69=@{@R|La{~!RT3hV@KVj93pRea}9)GeX9E3x8p!6@9*_ETCVokLntq$nvm
z=Khl%L^BLu2_bR&${Dk-#2B#b3I&C*x5!4H>@3a7GDz@w+1Siohqu^cU>GCw_g39P
zDV<xW&&Z9N0CDwa`@WFJS~X*S8*05rvF6Lf3V<7!%_H-_?dLONF}~ji++i`ks-lcK
zq61MsptG=kIC7vLP<cFCMUQ2Q&h`VgdeVB(4<p_W!|I38`owsXei*Hd*GBL@Z>tc6
z&=2FGAJB+|G}!Q<2caKEJNH#(oA(M;nX|7=;VWlf>)KzVJ`OUJS?pT3Z2VE%BT+A!
zygXXz{BhaP^8JUx`?H58uk`n1&Ee~z#$gm;v`q6uS)9@5A?z|2lU?T6V%jb<o8Uii
z57}oX^WkgEhsIH41*+pDCz%nwVbF{?_ox4R6-^AygIshz<(z5rpxzq+EW)Cwtp^Y>
zygrcE#*;u2yGOQHRkXch=)|i3!YvWbHiZHT;FjYHDcrA_B^KE8Kw^~==IXLTnIp^2
zPtit1lUt&(H<N+dt^NyiLA68?2wgBAl=Idm^FgVCl1mLqpmYx<-7Cab*e|m*_$X~0
z<4Nv;pBbCjx;sLR3|CCBW|l>^$FhT5)`TQyl;DaytEs0FXGZ-V#qd?}FDswBgDL+&
z-&5<?`(XA>n|OgmP22G5hb?z>vbKU|E%cqJIS~rT+{tVGAYH;K<oi&kQ~i9KcJ)*q
z!%gxoCwZ5(N@pJ+U7IU!F<R>`&ieZOjaql)&8PBzTYt5t7+HiA#d5#=7B3`gt&udT
z3!`llnY1nggmtK)%7eg<#WF&WAuL=tw>Ui5M_ah?YjJq6t4>j|A0FGC0)J55-AE)Z
zHtwT=cAEvO=9w%HZ-4~^1U41v0P8T9K4VOQ-l&H7u_;%XyhM}&+mWk0M7Tw~=<j?C
z6gziCsEoo!)399QBx=#G=a8if{h)OCVU{MsWgO+XbXaUUvoHrNU0;V$h#o+?zgJym
z8YZOR+8I-?WNQa)KJQzvukt&>?s&0Wx-trQL0BI%zL!XZl3%uw=fkXhB%9p2r^2JS
zbws8r<voe>DRlYgF_C?n3J2~8m%=updamqbanF_#TD_`qJ!?)Cu24HU&NsfxXfxS!
zy)pHCf=@x-TVh`=XL_9=SA-3n#+gZ1YkyX{$`BrQcLu}N*J=7RrRZNFx*g{AaJ8Lz
zq6)R%FJuI9?BfG`gdHCA@do-JAP7gPoSgZS&BGRGqx9;1g}Eum#bN6u4r!&DanpwT
zHQ}{N+3pF~xh>4^JcC+wvR2g~G_D4rp<%_wLuu;ha6gL)l$s^fk<zPsPLS-h--cJ1
zR@nt0?In6xvKMLgu=67F3hSK321id@i9y+n$%8AK$A}?#ZES@poO_B+7wM5~ChClM
zu$_PjgCB1Yewd|2X4`TCN5o2Hdzft76xfL8)W)58RGfCbWHudg3)5t3>z-QS`Xk2u
z3xwoaFh5#^&Fq||wu44xM4%Ff$~-LWW_(MP_zr`#%gdcuzPCOx!L0zhxSH0L;VYaO
z)s{0C?|mf5!9NK<-{waW9q1W3-|oY|3p}gy)_nzAoF=I6t$*iA?cB@bi<*V@G>=No
zQR2}TL|mx8Kahql@TvN~Nq_%8j_yfbn(qm>F4)!PzGXPxe%b8MMeUoeNsJnpILp9O
zG&tjW6nZsHBcsdG^98!BC`N4(8DoRjRcQv`CyS28U1ef$$;NxhXRF1x1!g5~ZKXfm
z>kO!WI$E=vkTOsV+_s*}<+VFeEe*FGOQgnDur=c2G3iHyrZ3Mu^mG8?s&whLqXY&I
z5qDSAynwl9CwM0ccDYr^aNWzPM(dMs9*(rIUXww6|EvGbrP`?YZRcA>Av;@9#Y|C&
zj8d|#f%L9Dmqpe^hdeOaPr8dJx*$5`8h;m$WS#4N?%dBA4$<v?H7g3#q0b8u>h$O=
z@7r`mUSaa+qp^hs_Ezxb-<fV?m9aT=;|OMg>blm4O2nQ}>;Sl0fRzBE`Ew{nv(_`y
zFCDUV&xJTh8w9QqaI=iqvr+dGw6PevT2Kzz4#r(2C}(U3q0@qzK~^?jX6l7&7e{5n
za==y%Dee@Wu(o6Iy9QcjXyc8|wC$NRt+?}(9@BP+S1GOltv|xV&E=f;L-VZS&d-O4
zGM%u90<;cN5B4){9#-7>*$`2NY_PK84gp$ILd;D#PidVo%g<{#WZ-#6b{FD*($SA#
zJcDj=O2gr5)am}~s{ZS0dvz&0Z}XO+9dDnaN&DN&lS!N3`9>@{Trsc?`wo3U(_aG#
zA8x&t-_E0{RwbIxQG9;qvpur)#j!-!xAwzZA4Qd|t?$+sdEs%LKfa_#p>-pV&K>j^
z8NH8A&F_3+$Viuso<m0Z=0NVuau!bFTdP<Zw*H{h<yMVqtX<P7Sw)(M;^dG>GSQn_
z6sfb!qo6nIFsXw?&^#r-^RiH!4DU8moW8|zTGQk$d%D&PFFe-iG1B77&SGc(G`Cl#
zx#4ZS*x5pW>9zJ90QEYO`&lA3+Mj2k_z}^Uus6=+^u2?thN}NDG>&XO#QMmF(SOdh
zgg%F3v+tt2$k1$7{;DyD9BZmWjwkgf^!77^u$m?L>&%1x{m=3@QnFMbIh*26Uvgc|
zH>V!Cu4slKwcC7f=X7+X@t6Ne`!eO{y6PLdx4vh+l<R6%IKbvduB*A>0GlPbuExq%
z=ZynpW~5I%#LdEV^y=ZoVEw>AS=yiqfvw2bdnON)HCgq3B-d3(J89X1G-;oiViYQK
z>jNoA?;asoT!-vya*Jm6)|upeY4%!WD{A*=x)?qX!#Vul|7?sG4X^brn=;m=Y(`j5
za>iI47O+0Stuy{6<yt|7ee)mKb2a`ZNgym^(zRgF=UVt92g2j%@2KA+GyHKtlF)q;
zmg*6t8g0(SjmI)EIlGd%9wpCR*ei<bcAqg6ZGXfC)yY!hHAqor%BX&qp5#QAVKf0z
zw4yKIUhQfV<7q)!A0=;dOJXZS@%5`o^AAhbNvCtNb=vObo>gsj<HkQyH^iR@Mbzj}
z?tfWWPWHo>H_itxQcbPxFuNEN79iaIb~2ZBL#E{}&>|;mCDYyMQuMe!Gv(>AsZP?1
zFq6JqZ5E^Yc3*b0R*55gDn*Y{y;p9ptlZAxAm7+Q*|xJVGXDlb%f5FYr5{%E8z+Wa
zD_NDq4Q)9aV(Waq_+i}a4!2ejri#lJM;sz<K9&jcC_xK@Dea)%VbO4FQh}A_mBu|7
zgc6qosj@2<2UKf?3X0H4Is(zHXhyeodm0Ca6jHWbkYi6{qjc}evfmXcj}>Kj0>+<}
z=-Y4$j1x!w&Vv|9?7d$wacr@iE2@{uv)Wq-dk>nni_Ukrp6EWrIXg4<X9-`I^uQSt
zQ!9b&vzf>4PDU7!-?0~)?MqmzJ3(@DgLG~LJ%(YqmE|gcv>h89cSW&N`CEQj&QTo`
zR1B4LFZl;ir{s^!60Z{46qRw`PW~RtpT6hc%1@YL+A1>nt6DFa2v#x~z4L0Z=KPJq
zo@`7>U)b6F32CBiQdqflr@jAy-_GYHX?&X>_VF)@+s`Yq3~1Rj*n4i=UiG^E=b70|
zC8;6yY@jN`Cb12-*7M$3BROE!DzbO~_U}?L01JUyVV6YuQ?7u!2Ql7k1G4KjN$#k@
zZM3rMHo;N;X4Y*vJBM*@X8f&NBp6nhN7ThcL$>K892Q%Xf-Hk=wLXfRIFc)Sq|P{X
zb!%$P%Wd@CHsxvZ1E!P46@A06xz6|V*h$@q95Cb@3vF&WFd_E)wu16=U*Eg3<THU8
z$xO&6Gr`PM!u}l@un3i<%f=IZKKwQ1uYxT6t;?7GrA7PCQ~Og#-H-VWlJC#7ZNXgO
zbh7t|TO_r90314s>~0c3uv0pjwpmk0n+HWDktH`d5^FNP-e=5jS>b)JvSlm&XqAmj
zF`pFV;)E51G@cZc5i+bGDY($ANWussro9v|hT`YmwjwOj)yLA4KPEfI4F=0eZ?(BT
z?AeO$GSICRP|2Ka`7JTfU;c{*IvMA~PU?@d`uVY{gNrnFZix2DhBTGSgncG)O{tfg
z^}rEMqIXA`b&a>8v`Gl?+$|~f9mF|iqimxRr1QGWMhBdl(BRlEIzE5jy2u_sQy0&t
zuj}x=+n|dOO$@YqDV^?9=wEvH>9ix|fw|}o=JVrJt}A#obVgfE#p@g&6sK2~N&9O8
zfCYs<gVk|Qn;fQy+^MEEO-Gwk!+q9iR(}`-GKvwb&8Fwgdshzo^b~u?RY{nhu+#ZJ
zdTzp0)@0glN~XH8)eV%C3G>U9%PhG%*F#={{ciJ+MX@wlCx(l);nqJ<kIuFIsIke|
zp(Gk>i?r2huH?i3-;uFLCTF2U5~7)At;U(jbhrR|hwUKZh-oBgcXFNc-u`vYgDvNz
zwjGh$B7tI`3B-Z+V}E!j7uYpVRZojIdYQ{8b6KXZ$Jvxi%UtH2tumJ_)!W!xBJjo0
zL!yH^j*D@0^3aCI`(4d(^uD1DHz)Tt=c2bUF5ee_t>dL4mERs5HDxKOu{Y_5`5%@A
z)(JLwXV%&5%}0~${+8y(X`kVW5ePJwcw9jf`QE5WW{85;yt~efQ{5(XWwWym>1QX2
z@ZFHTGE$H2A&Rz1Z|(Mc=%9N{hah<Wxv)2r?gE>eW;s$>As-({;%mat&^LySIHHzW
z5fu$N!gjH6gC?iyeNVE8{=Ty$tdkfy5|#3Sk2Q~W_E$|Ho;2sdMZ?V%$%oJ}+0IN(
z(z$%5{glw=#_oQTk(Ye0W$Cb7)Fs{aOq+FJ5f@=gwz<i$CVlaEW-DEwnNx0s57jPw
z+(lQ|QQf)MmgX>$96}?*sIjrL&$v9Z-+(_CwwwC@<Kp_CzI6T394;O+@k{K;XiT-_
zhl*H$<Xh*eb^I%9w6tB59nZYk5L}rw!ckBCEQQ?Ttu8ICc_5~1aT6$}HUlcdy3zc+
z2!X8g3vqaPwh5s=YY6>qKQwk6EZQ6q-iX!IXo0QD6Xbzf+YAfn(&s(eqrMb!{ZE;`
z@w9U^Mw7Bx^zSP7raYGRj<6x1b=c^z6~*E6WGoXCht@^3%BfMIc|N4v46Y=dA!_0@
zuGng)5lYR2I8mYq+ysgzyP!B5izY|uQd~D`h@mk-iu*E@D~NGYot4@9@dXWntkbs3
zh*5CbHW)*<Cu@;(%oQ3jG?h<CD=|VXN4%EC7MLV4TC`3YVT@Xic`fnoT3bd=SUBLJ
zSG63?HJ%Y_Ip%dxEytFs1N6UN%aJ8xFf=vLy*5jCv3C-);5h8{cC?=Nzl(N!DtTW$
zbl9m0UH*Nv<3fLb)T&E%lXCraw<R~k?A9`Rc3@|4jUd{ei)|@$p~hYk`qbtTmTGlY
zJyV;;n+?`J_A#?!)3WBO_C-%+i)CvOgxz~od+RIGk4F22e8d?Sa(2`%*f#2TM6hkt
znl7<zJmbv1?cW&>OKkuAj+fiz|H6)7K|R^qH{UyFFFuH+qo?fe-{@zt_Q-bZh*3X{
zwI|una>K1;4>auEsP(Of!tVpQH`+%BL@k>GxyB_LO<Z;avB>r@Kgt}rC>zes;q!?n
zq!Qn*wm(fLbk+dcrKBYVh=g-gC*3^cuy>byO15#O`2%Z9cegZmb@F>Tl%>DVNt`Au
zJl{VWWYUw3!$`!|n+{a%(gCVpP=0!V3TIRD=P~X3oD<b@W`C0jT&vbb?qY+p{AV^e
zwH0~S8=TAv-{7pVnPMB9wIwz<N9wf^w$yEdlNU^c@GW_l8=Rca?r(68)kd|!ITkiJ
z<%cr6!5Q`>OLWW%4hikz_)dHMm2}L?uqP=Ty!WF;0NgR8^c9!!2VqM0Bv0dA@R#zJ
z>`C$(*&3el`*;4b@e}x4fG6>__kAnhPcWS68qWQ_a4z=uzvEro1W3!jQr@}N!$2L|
z58Ux-U&g1)<q7OYt`L^h!&KnL`@&>0Ep)??FwM*YU^#`US_!9pejo}TNX4lwdpr!O
zda733GPwm^SgoAcG$5R5F%E^*8hm0n*LpZL+3^DHEmSzHS80`5jklfz8*iP*&jhDv
zR96hv{za1WdD1J447Vz@sPP;il3E$y*6rF_#7fKyYu&+T<5Ut(jLm<R7H2x5@jSq|
zF2lG<W&5tX_8petUQeU9%ttSi1Ok=$!i*`|?nY@sXW=iXHdU+Hm3r@{;0;le8_v9C
zFH*}uINLR`9TVHwvVNrhCP?47lxnaoI#HYq?^L+d(mAGyG3v!m_iI(JWT$&<*6G^8
zL(7jD8b>}vsr8AW>X(MbweKn0O{DbbM9Ipw|DL-OYODLJ^V57!Z*7G-Zj5qn-I1Rv
zVX10yx7u$w-)1%+A$G>}Qig)qqhX|5wKsN6);f*<|G0Y(IJ>Umj{oYuy8CulTCKFZ
zs=F?dul2NRS;n&58@9n<V*@sla5rFF@H6j82DDxwOb@m}v;<?CO>YS?CA2^iTIiVG
z6k4bWU=jiW0{`!C=G^k$u4F;T|Nr^?_4#P;yXT%VXU?2CbLPy<k-zN+X}b*_W?%gr
zMmgM)6WxrQEE=_y)BUxHp-hu0c7%u9x9Mtaq;GLw`+}Fj^&g86U`Nd14ny~0`KA<F
zRdY=ltePtaWV^VsxVpHO3<;=sMh({c6i9Ixa_d}1s>>(lwWY7s<Rw`mAI<XvaI^!P
z`UbWv?gQmAs#O=9Lx<p`&ds%^T|j?3ns=d16Gi%)lT}~hmAMgd9hhrvk+&*%VCk}P
zUz^bsRefph-n9p<2m@+5qM>O0ap`{D_4ud;r8`hZY=2)|UzP(?mrYgc#X?HY{yR2%
z>g|F()Ai&w&Bg9Cny48~u2OecYfCNL(5LFI@9bUdauRzG%mrLX()w$#9~2#YdbAjj
zOs4)I&mGRE1iPIOv7;LuKoS2SsS?e?Q|(CNGqjZg@@(xJl)Mk$aMw3-NUF8Pj~&?n
zTYL$^Qqoro8y#qC>MmO)rQ$w@$!Vn|vrQmRdu)-d(3?xaRd~bWOxl*IW-7+Qe$4tF
z4ao3-(Z_Z4<;MB?!u|=JVAd1Vq#FLL9~$Zb^&=H#fdP(dGQC4xR*$CMW8!=@v|FRy
z8ts<soa71CZay9Q-NA{i@gPl^!`8+8Fy$H-pMD3S7ZNSaPJna{I45}&=JXw8WlnRj
z+L2{-a+LnO%oE+V^o{iOiL{wjm8{hXpjGEnTvdWu>8kphS2+E{XLl?T&D3=+p?-4%
zQ*tCF+aJ~RK8wtL=3H+*pXLlttih_b?-o497t~v^Mk1b3^_~>=8DR#!IGaHdjdEp9
zMt^Ig>#^MheCV(13`{i|y7Ren-`{mE5$2wNY&{z2iW5+0QVX*@rP0ykF8bvy^n5E9
zzloQiLWrKEadq8uh0Pk#0+My0YZ0H~<ds5^5InG1;}P_MLNL3CKF46bA1d1skj-1$
z4@m((Qmtr$tZ%T%wTjs#dFV!rtl0uh(bm#%6a?+3PACzl`+RO4N!zBPDt<#^bY`}P
ztw`CqnWj`7wNuzIg+rnT6%UEJvji=rPcHhVH7>?Nvh&__4{}KKzJKv?6s{ggo}I!~
z5iR}ALj&IxP9VNg>jj`p)F-nQ!f9~Ef#~4ieqkS!vxK8&`jnnm4MiJH%G-So?atWT
zGa@Y+k+v}PAe66Zr$rSZwM^=EgQU5&2<AZZu&$wloe50M4+-X?<4V-mV3lyZO?@uY
z?Mlk8v#E8waxxkrWICTcF*@pol+KHGr={f8R8GZ4gj(0;tPjcS$uW0*km!1o`Wp1J
zVHO$%HkwnuCcH+o6r*lKN8QnpbzE%N)}C~!_{2UG=H`2?v%zD}P5a<y5wq5Q&K!_w
zh2d(BcLo+M#nP9j+}krG36zYTrzW{AG6OX)gJ33xQV%u!CltLF@7CLG0DRnqqsP<t
z`)=E|g=+qe18u%_aj|vN>2$YVWYz}(Jk0uF9<Vd^hV|$mq`h6>B;&*WxorMq_jNPe
zB~+qA_S3?Dy*Hm2MAbJVs&Yyw3#NMOb@uo5{Ow$;oka8Ekn3sWVm<q^4h<LBm(#-+
z6XLaION8&Nuy2QjZzcvq*R8escDQ|Ov~wFFWGEc32oKJ=;Fl4O#G^vwYl!_R`cxl6
z%WgY~PiUwJ>@nPzR2k%vdPVzRE#?o3hI}<Ann*k&wAq0|Wyum0^f%M$tS}liv0t0>
z`PS@nwE4B*1&US$tt)74xf=sW4MWWHdSzS}dkobU4=f%`z949ZqUNYR6w*KM=|k12
zn&}jpmC4^z>&QYtlzHnR-7pL<#J^<_qo=24a5N9vN0!^NEEr6Uj<AVeyc4t7_93re
zn=s<r7tu?4uKF2%6L}`;hjv)zv%P1UzKHa6FS$Qo=eN=&IbH4F*ZHqQF0HqXXp;8y
zFZd0ozRqK*|84R%&px-#p-SdsoMxh)5qwhDT8-3Mc5hfhsp4Fmypx)20Ca0W|5zgL
zSAk2J{rfN99WpB4!D-#WB|7t89&_hx9GKs+zj_O<#aTwdtZAoz1(<R5#&hsp4z=BM
zFx1GPmag;`@;_Pp53#D(tvK4d40oIh81Y(e92-1ys`v&KoQ*5N*?6ez-p05ehx(3S
z2R-1w%k^XiNCw@&_XVP)c?^8}!rqhkn`6;3x3hgnG;zJ#*$U=c=Yx5u;;zE~UjYqF
zsV;DAJcawbXrh(c2lvkz_YT|ms{8Mc%E_H^Psty8>bFZjs5Yf*LLFrJJ^Ro=RzT|s
zc2%jZim{dJ$SzxzLr{P&n_ea3kKwIZG(62xCZ+xFwNr5!HQ1?GUE0j#GHh%Yewsf}
zJR^SBdN%w5>7<U5Zp>`;Gn*H$E5xF;yiZeJpb`H_<>i0#y{5ILjZE)%=A-taR{rVp
zl(+a>;rlatzO!XZ<6NlzAfq^3LC&^zCD!(~Tl_8sd-{C^dWa8$zTKKTp<U}&0Ur%%
zQ`wH!YJ;0!DpVIU7GMn?BO{o7TmPN`{Bnb^muK-}hTvg=VAVSIW2(!YN2Gml$C(cU
z-3SMd8H#KzVAWzpLqAcU;;-~aO&lV))MClj#1}c;4RocVSoPyKp-;nvz}Y(7zh#e`
zHb{ov94)_f6$HL!wEcOetuA-zzhyTG+z8YDgQYA}F;7dbM*aw9zFY)^r509`tewi?
zb)r$5x+U6tEel43UdYvXm?WFsog7n#Mn{G>%P$_K)zF^RSMYaiOVAKrW}2<V06V0Q
zcj(917SD0V@X+{{k)Z-^hKGh1Cx#nztLPE!eHRN=q+jG69wvT{R(C=$Y3oQb4gy=z
zPU`7;Du{15^n-O3H&W&2!k*(UX16gvAOdam6_e2)n3E2htNkw<S%|;s=*TF?U^tal
zhf^i!mJ#&g#P~97ah1>T5PD=nUQK;vc+n&W<I$x$qtRK78dvzM>8RcJ%J_!G3v)eI
z`zj?Y$`j0oBpnM_@8}59#j>3v%cJ%a$U3~-mvV(4&(`w8`Hc(~y@mhc5~+<;ntnIw
z=~^!T4|dqmQ)~^1L$t7x?Yd2=-;Yx#!mEx=Ld1kB5xon_`mmn1-iI>M?R2!)fVQIX
zW%)VE5>h-SO&X*x`R8;xN?%d<p89lkeb?D|RzCaU^6pz8!<%g$C-0+9w#4%2ehI0C
zIf#CMdHNx~6D-!Qr81u>l!7gp+exg%`MX3jYYP7n_A`sSe<uA({!6|7cl_7;X6?s=
znq0mQ2&LuDHL8zU+q#Y)=&|J+!`tKhalJo?x~Ie&{PB2yw0U%1gZyjG+m+2a*$=hL
zK#xgS?f@S;Z`9!OmEa*WJsz2z9u(MURaD<V=Swo#t2D218$IGceq2nZ(%kAce0jnH
zLMyV^LtkF*Bx;4j4Kv&0u||-|ZVw0Sp;lAXFYK(*d!^YZnDE8P-_r!Fz@i)tK(8|R
z*ooa{`wgPkVW(HKc}Qi?)%5ZS;PFMmCBIX8P19dWdP=XNm7~e?)B@i&7MmOPl{?D;
zuYp2!f@iScs{v|im!z|hCsD`KtPWPaY4p**$X%NV5b6F!?mslJ_k3KR{srj6xnYE%
zx$fX06kEA8T-k$3xv5Qb<gT5$NB-CTWa^t~6bkNYAUGp@mv9s*96nEK5l-_KOJ)9j
z_ou*T@4mYfjWdUzF8Fi1C|fv!U6j^CvxZ_%&wSwAGHhnLETk+~Fk|K5=SJ|XIb+Fx
zCR-`^URGtnC`!o5jHZ|>>sO$-bW17OKy_J4t=1<y2k#f5&oz%Scnh{rQjloXo6LG$
z_}F78Wo75LmKwlvDV)NawUoj%W|m9g++3DR;oQ7iwFut`m(9Ug0!n*K8#%c=?%QTE
zb$*7T+-_<StuJzoy0t#c5|*{T$hA{yeUU5EdRh;5Q&&cZKGSt2adgpwwKu2d^Iuzl
zk($($$Zu7X1)pJaA@F9jjuuB%*H3&7@(V&!PhRKK<-o4z$t#6^sJA@Y^Idw14)pd+
zYqur7Et=r)biu38(%6YTUO_D}Z1g#qP}Ep5umt6ACR&Y9uhvu1Pz(3_Le^A%l0N^z
zkz}UD>0K?{BIXft$G5tGz`J{*x=;n5^;i6P5m4-944G<d&mB>-0;pw_B9G&Mkd{qH
z8JTc^C6(EIz;=SPCoA_cZ8^u;fL0cl7RRm(K*7MA94cq2rV5}|7^diKr(B$DuO3{S
z!cvyrtgA2>%<5r!U+Ytda_#rg(-I*dPm`K}w3PljZxWIhv7{|RABgTWiar^gHngDX
z{FdKK((}PM+Q`>u8GkW-d)yLRH_-)t*=RpWgLE%a7+$v;i;`8I?HOw3Q~GR`AF3=l
zpZoC6FAY`B<0cRV&y~NqA1mreXY+Ff37+TN?L*j-E+Mg8tMlQG8tL}!4l|lzMuF5)
zHLj0u87AZ&(Zjx|u2mw|r5Z}0^N|1QcDKq%EzicmU&w}RSX0?dKCBZldCQgoPKKZ(
zoeTvL5z;yCazw;lFlxx$+>vQ|gIa`HO!ODl*J^p<GWP3=9!!U;=ZWa8$3rzRP>toe
zFRhRPV%U=Wbpz#}qw*+#Jz8sSZ?O*<jJi23L9Mws8e)l)zd7wbQ|%I1QcatL#-{qI
zEPQ@|UDb6mCZ+}Dbt<Q=T$Qdr?gQJ!3katCRn5U{zt@!~O#ZofbiR?+Q~W9(GQzyS
zMg5JFR{=2^EOQo5UM||Gw(o+r>=c2ESoc!ReAx#3+Mh|Y*~uOzo^vZ3sTHdp;4(%v
zXV(aPIp;ES%K^mqZdu?!7-!*RJiz!0YLE>KB5~!;j8S>T2$=O`uTf&9rBIKfOP1gh
z(|K7fC_7u9M^-Z>W5p+9AF|V7Sv9&uD3yg%+&LpozL^d|&-YYT?)olSIV+!iabCX-
z+~0a&xL+f2U>>Y?;a)uZ{P}VbY`HM31NHU=^fNg^%2+Yvktn1rX0O>gl|P&h{7K^@
zrS5%<&%{XbU+}7WvSuB#18!*}vIzEQPN(eEdk0W)3p9Au`38?6y@>JfA#8LHVI%N_
zZ-Beo_KoMuL581{2^ptm<fSRV`K(Wi<dwV)q-Yf74W@w3rN$i@8Lg_P3W>_9_8UkZ
zu3+Tg0pVTAKs*N90cpkcw&p(BxBLX0*`#C+kkj970yy_ODfO}a7T7?G%CSVlesP9;
z2#W&85{L3wN50Ons_Q$RZ-lk~g%H<s!B1Ai4~VUp|5VW)bC4C&eYI7#2+1T{OFq^h
zAEk%)X$|rn_B8`ss$R9zaKLa|juTnGp&x=O?blF5P}S=#?K8T~MT`Xetl19)yk1~5
zvEb6s-uCZmTeXk&S;^D(M^a0bp?F4ZqV6BCR!!@FF<=)OjGCL$>i4SpMc#)I4sCV3
zKZ2p3P>9Nb%a1!M91g`p=T}W*`=460$XW^g%5lfD*qPme#Dg=9ehrdf*P<YWt$&~@
zTMo2e8OwN0Z$4i!QvG1i!>L!rqj0nNyns5Mr?wDsl%dByMva<%jEf+DcKaA%sSBq0
z_hCPx+o0|#5OR=nbjJKLVBaIy=eLi^x|7?-SfEGQ$JoX$J@lN{J_dXUIKu~P_A=D%
zc2sYsFFLAEjcn4>^}TyX!s&XCnN2t=&+TktR2gfZ9gP4!V^E52<oW!3yv^pp9Jpmy
zQRv0t!OF*bQL39<Xh+k7)p}oYPfljRLi#iNIL)nE7)^H3bOWC0=hG9>(GU0i$_nHJ
zouj{CA27B4RV~TRq0!vj1ykKN6L#X8Io(OvhAT=O`*aRriu(`l3q(hMN9-*HG==m2
zSLSEX9|6u6=5X%AUP%};dnJ)^Dah0F+bg|S4NA)WqwJNelvcw(#$Kt|#niAu^xvjW
zFPg7U1-m8nh;!bq{;*a0BkYz2*c#jPGZee^Qt@zm4b;ynvX)1|66xolXO1P(y`Csq
zej~8I7}&G(Z?{9T%6x56h4a}VA=%Amhjjd1J$6XnrLoiwN!9k)A*uR5uN{(V+@BrN
zyx$9UNCNTz?2vv%zf!*4Wut^fApe%yA^oN3V_$Yi|0xt{es<X*3BhKE^gVt4$21Sj
zO|Iz1-2VS*hxAv%6%uZSmfQ|WI59h<?}Ls%rybJsm<KOWyCpOzqJV-$3`#-y$re)0
zAjc*^^P(c4gUxlpS5hDOkJ7UxP{q5XY7?VU{DT3Ek%IT+r!((K?GKP1Q)47keL4?4
zIoh-%<)PiSNWZ4?{o5k_jvUZW&sr>7q}#2(77S1;m(2@bC3<a<)b*k*l6ogwBwOdx
zrQwgZMS7{V-^v)oT+F*I(z9VHsRBiiq_#)`_&{uteyRb;;sCoX(tWp$zRH^)fAs-2
zKff(fq4g{fsqO+uA~q?oX0Fy+lISvkU|SK-iFuZZORp0oKZ8%~WY=&sy~pfEkJgKj
zwr4jfp*(vGk9BvlOY%>D#i#J|CHySJD&4G%sm!_7&z!Bc7n098TYhF8Vl~)zRoVMJ
z#H_UMYNz+RpRXr!luHicPx@VJ5DwVU9ioMJboN+vVn(2$vq62PAf&M&M-s2n?<<O`
z%SREn0*q~%H+HJ<REVA0XSG}GR8^lwIJLd$K4Pc#dy%f#sRFz^cB<#{*r~;u89QaR
z*r`g-W2f3%8awqk4&g=#hMEkhHNZjN(G~MF??-RUQ}5C~W1bo?`-*uQCn4ska&^T#
zRYIK1iFsO$P60Oi7q2i?rQI&OW(?m4T>wvPaQ))?_dC|eW5UjMmh<DDJCcUFMyM8h
zLW@<qU+iR~#ZofK*Zz1}sMBKJDd2dhVw@jY71dCM$>&c6n3ownm6L@wR2~c!DMkk(
z@_t=htKU9|qgA-=6+I@wVQ;&7;}7G>&r#ahWin)i@fjgT-+P&RXhRmjOLnGn>n}B-
zybng21?&`MU~Gw_Qyv&utS#xJPNxN*4*|Y-^6ez~?atol0kq&VNb)E8f>2+{`wK>`
z-v?ZaXv=MY4>R1`Je`=FUKsl?^uw@26bZ~ow0XZ0AF_+f&}tlLOTH1DkKc%UrTifM
z9&BWcpS-x|yKG!eayS)p$BL?)WH?WE*7tG^&s!8p-W9TG-A-SgM?;vm9b5Dm9~=LE
z2j8b~S293e#tVzBE+A5k!kPB;FE?5Xc~l@-nSy0_os&oPbmduK4joocX??xaxq$M`
z1xo^8I)jyc$SbTJ2jzCEP>>5<Gk28^Y~W}tSLn7!Z*QH($JS44kb2a_U}5}L7zc5C
z(@&lIA0Ab)Yr#Rvvif`Hd88&kqUDC%w;=grUz3wOnqbARFf_cB>Jh?H61V+m6de^E
z{n(Vo=d+2nkP%&Si14SglUJ%=`Pr<s5zc0{n9)fjFpF8C*ANr}hA7#3lJe)7c~i-Q
zU0fo>SZwXb1Ac137w)235G`C34Ly)0LT$^25M3wh4!4Rd%B{sXE}qv~Omp`<zUg1Q
z>o{PUJxx5(f1a+Nxns!jdM(eMU=O>l%$zG{PgVj-$2?~ENu&_+o5Ur_p`hP*z1GFc
zY3EhW$7WBoVza0400obL3-wE&G{pG3A74n2Q-x!Bm~keo!i)!tlz2uEv_1}{XuUm^
z7p*ORzOgXcaB{w8t|2|l1+`mPGuH~t2yY(de`3FVeTt)VDf3d{v>0prFwcHuG1j;m
z?p`lFS68hpl?LELqj+M_TZ$+8{l~g?=xSK8y<;VhgSswTJ=Zx#wRU3UpT-N%`_sF2
zde`P%J15fy)3q}+$*YH0U3UctVg9zRrqO04r;B+%h<4y1l?aoHG={d|if4>yW{iSn
zH1Mqp81GW&Oh~(Pw1(dKna+hTgjnx%z90fbgjTf;IKN)UlluXQPF|%tUm6jm)wKJa
zdq_@><_|;YStk}*-l-AZRYiDrwr|$pE4cTP3vn`lI(Mg)G$JmFaf@?qZX9ZkWAQR{
zJEk?S2V#g}DBQnD;1f8N8+Bpdg|%11_9Zd|yY1?gTRIQpY(p-n^>EwnFvr(IN#Rvk
zDZC0**{f<%DBRPjM&7Hu7GBJ8+3&l<NJsmjK`}b4ZSE4I3)VJ1ef(~`5bRwO#uIFq
zR|bKkE*lj)%SOb(+|PxbW%^~p&T@X4u(N_6_uN5OG%@#Av*&1im$@keNww=yc`KP|
z41UD2jKPKY4jDiS8_T9S$=8qINy|2J3e|hEo#DX%vYhPThwk%q;>yO)3puq_F_grn
ze~&0k`;w8x=o%FR+WEp$qQAp8*7;@$dxI#t%lT4r44I=Y`DK%(B-1=HIxShOf>#&I
zgaGw_v`l8zhXtxjCbJfM)}*4`6-Uz3JKUuJcR4(BXtgfLzOFl8{{4Tu=4_&FjN&XN
z7qLOAx3^vm&ar}mlUMM#RM^)+i@TNHgCITV)EC3m_IBnuK^?CVF3B>s<<@^?GfBvU
z@|~q>xSuw=kKlhJn;&lDSWfIYM>ao7!+T${xmQsQRcstJP<LzLoO|H_hu|w_@2^kA
z3kPJ*V;2tC7y7O7(V4A}&y14i+&Per-SIgIQm*UH0hQa=odZ4Jiux97kKpzm$nZke
zgEIs`x$|k7@*|^lh1A#2oBHNFbz4?LrL#9rE>!WZc~ieMZ>pGj0D?Q#477=*0QZr3
z(i{6oAMH*rK=R(a78?imn>G0$?A06X@4`rff+EGt*YaXogAb={cbR*8%ZzfhQ(nm0
zszev@JX*0u%B|IW?3cv5by86be~%Vg(xH6u-BKoM63$KL-{G~&3!A&Gg-aL0z>U^A
zugRM#boS$UDr<V^3r8ZIzt2Au2k&ksaX`Ip?KP^H+zrf_|Gp*vR%k(sXDA`OoKN1@
z`Z}({roZ-?O_V_HV&sBRrH6okn(}u>_+<~&b@gag!fv>}r)v9$pz%64MBP=MAf77L
zz;{^wkYY=-XOa$|*Sun@5WP+?5HB#H7y1+!6cPJiP;yK3!~rf53Vh0w(q&!D>O&zo
zpz4$@s>_h2<U+cP%o_Gi<>=LXd%d@ZxB9wJd7raHS~Le|JY(Hb6ma2-Qlt*{Wo^1+
z_lK*7DtWyVz#h@hpd7B{HR=2td-v2Yd>D@db%ZQ;!i*K^n0j@@U#J<8Y3l8%^^(Sj
zy=C+U8>5LO$rd^zD!lbDSd>%>BUE3l-@aY%cNQ-eDH{j>cD`Q{UJjzJH+o%*3^DAi
z2dmo;rEu%*RNaiT@U}KKIUdJ*@EAu^)b%E-%fF?;4`p}rS|%h5Hi2!nH&yrNsXMi)
z6&#Zp9Low|aF`aizFY*O2j;#)<~7Rvcg4)qnb!Sg@8i-!{zUmds{9Mw;kGAl<B!NY
zdLVh<;xMcz<XtNm-e)j)#M%^ww|d@{g}hVB`}H1p(UU}f?Rgz>+Ycw3?Z}xZ5N+!d
zlo%i&u47yD!@3{+jmi*nZvgW<r?vX+t=GUI*t}Cpq(acWLTI&&Ak7s5DxLah_0}IS
z{~OdobhQ&wYG<aZ9<vNx8P(FNbd8#kdYH*Chu*_Coknz5&or6(YYapX{(^m#_UCW&
zey$EUK`~1g%S`g+Rco@^dMyoCTd(79=S|k_NJi^DYp$T!*P1)$n{+(utzCoOct(+J
zo#kvR<6D30cs0JIZ}j%#fRpnrPwe7bO4=9Sl27;D*8W&>EnQ-I)~nl(V2o3$_5KOY
z%?_uk3%soqy^!>`E4>sOx@uzsn{Otqv_sa}HbWV4QAevf<AB8B>H8xc4p$<+KSbv9
zM-l^0xrQsZdp3TwegF^G-cE-~mi18V12q25&bsT<(7p%xl93UuZvd8eIL;s-Rc$=X
z)S`qb_#staj#qc87ySVw15s$dS~7l9T*DW&&w<UfpCVrKa|&YT`T#0KlK3u|3yU1>
zrR&@~9bd}h>)bCS!Dj26(!)BZ4~2CuE0L~q*HC}YI;TA8I!Bwb8NGt%yVNFU3Bw8T
zk&b5wh@{oppqDE&9`&*O1@+euP7E)iJHd%z{MIi42nw{;ndrzmr$Sh$&uWFY^mr-k
zmlj0pnyH?tVt4(nQ~P6~p0U_X<*Xtj8KdJp!1;HE8$22Pa>d0Y#rzjJp2mMTL*{MH
z3^VoFaXb&^fAbV`%xE;vZ6AMkbORyQ?GBno^Q86z*6Mvz`*%2QG@8?Gyjgj!ZI9b?
zb$hKnN86vF&+#pvrL%skpsgGVy9Iou=w_bpHu!LipFWIO3CpGr;%^#eTR;dv0WE+H
zsHDAcL3BeujX&rw^_;d4*!?vAtg7Bux8MBX1w2RF&DYHniLPX-v-UG@T5tmgN7Nq{
zFVXNvY2!TsUuS4j5c6M8bPlErUd>aRRVi4s@zMf*CjZan|AqX&g#VA>fAcyPqFwFP
zFB4X7Y`@~2dS2h&YR|{C|K@!Qc)z6G0l-G{!uFS5rSIpq-)GM=!}Fx@+|<7G8_GZ3
z-u-?(*M{fn@EmPF**f~uIapSob^^|OQygzSgY*BW#($Xz>zV#nPt$a%m-WB+-dr_t
z3b-~A6kJb!kniBy1ZLrSUJz2jKyYXe{62%j%&fU+B6)okwJ*bM{Npgbzu&(<$=IVD
z6<yxOndpg9z{Is=C!f;wFE)B`-TV6S(o{W8Heun~Y$QjMJ8s>Nzq!s^ykaSBtd5yC
zs7BMv&33D?9{cJvPio-Xn@7k?^NhNUxz!-Msh5Mvzc2Ko+^A+f!QdY6rOjsu*_^?a
z#9EJ4z)h4EGw=W-O+sG|*FA1tMQRD6`MsC%O{4jZ5=a=|r^=}7C8Oa+@Os1*VmLTI
z$wTxTrPfVUsSs{E^+Z)>-plY=8{A*=+^qjFSgP|_Vy2GT{NI)`+&3zpQ`baxXZQ*k
zO08Y0b|LY*_L-5G3Dm$&Y0EWRM;11p7<mF$H(10>ylSlQ!q7<bF(Dyu)+$h8ic*hC
zDmH@<KwP`D;OI4EKuOpIr58|9%IcB}g?Y34;+relKLDeS81uR<FsG=w1&6dBrw(cI
zryc1=_((uFCYve3@qV59Mpx?^Il>JNzMhc_;RXTEm2WJsw_Q!hy}qpgg|n)BNvfmu
zK1&Kdv)m<VY04Us`t*AX{(+(Wa-<UO=X%_m|K|^X;3f>6ZOA-V9<GBNZ6l5(So^|6
z<GM|rk!7s9%V5CngK~T{_<+db(lI+1oEgVij5@979}pdP;N?gwOc}dn7~245e%Wpr
zZXM32M!7brU0L!}W>RE&9qq~IFRQzWE3I{2OdcR!i2RzLr||rs&7Iaq$=F}^`H#JS
zsYY=1KiFzeby9sgFKY%ye;*U}^IN5)$;@X0*~9qB@zmw}#EDZkR^o|mN3M$}F4wP}
zM^45Q8}#egBS+(j=Jaqpam4fh2LjVI4g)NDpmPMBlM!bu`Ui*U{=k%qM~m9WGPLa-
z{0SmT>kNVHw&9JMG0ICveU1}?H)g5lJ2pJ^%`2#~mOKq~sWvInNAvHUw<x?yeKY4s
z(ZmUcfPt~Wv5|6pw06%O%|{eU%G_|ClJBErZK7Y%`?#HzCPWZ&lv*6&tdtVZ@Br1}
zb7L;koLo<wKoCW<GGEj1n7%3|PI7AsJB~SJ@ezVk#R1IbLsuJ!BNYNWb~$}R>@9`0
z$HE#X?cKlxHi(oP4=?Jx)w+ncmHg^<T6`3Xk>N1}Jtnu)=Mf9mJbXb_dg3VJ_qN<e
zO7W%s(Z;2}x@zkgTC2oX)BjS<icP2g30eEFcW_fiT+^C!Nc&g$%V_&nMlrr+{`GT|
zO5OkqiDK($f2rz=QBaAR9HTt{Bv@9L%?*gl>q?y`!5(dO`*A@za<+uY^6Z1`Q8>gq
zR|#E*c;}Fk9^yU6W|rFuUrt-;8Qz1f)a*leAo=e93{Um#=L}B(WM_Ei@gf=RKF;ve
zZs82?RzVp~+n#H`RfpDoiAQtJ@NV<$U1xY|xcdyxb9L2<j>!P@GdycaXL$C*&hXUL
z><mvGOV9AcW3~ZHxH~w9zj$}BccV7IR)r|nVLRt{2OrAL#wwQ?jo<Ja&sYPN5YFtJ
zm#LkH8GX*=?ev}vdRzNE8??6avq5VqKO0m#U1xo2C!R6dnlVC~5rOREtWSO*KLf@O
z3C85DOx4LB;(&k6Bl}aEo7e!?nN&5H-EgRFMmGwte8-yQ)qC#Xph!SEOAe=70<$1a
zcn&**;^J|Av{i60J%Q@81E@ZoKLNeqw(}?b2<K1IQPk^x{8X*`=~H!?gBRz0^umsS
z(3x#`k5)U+XD0d~RE@=t-G^xMQu_X38=pMRE}>8RG;3?CJs5$Q2}`H#Kbqt155Oh{
zn$7kP?0HCg;T!b6qJ0ccFIm{>+)L4&C@s_${44s1wPm~tG#j7FtKRj@rR<lRYj@pd
z&(*tLWY5v|ELG3PnS5TILPZ~)Td#Pb)CkRm6N?(n$%*ksbH&6YP7wR5PV?eO3Vh7!
zN?yXuWFa%BeuW?Ah902>F}$Bg@|S$BCb#o9Y@Lh_ncvYrt9-a8x~sUN7q@<-64m+`
zLd)1zU(Bnq#eWEAs?}wF(8{Tk9k_A{yV^~^dh_YquJa*~QTxkWG|?bVbO-2Q)lWn%
z$<0I3&9wS?HE@1haF$xzq*d$V53xCK1UPPsy#gUZ8+p6?bk1`uq!+FxCAJx2j0?$i
zC+xn_vb(>!g5$LI2N=ZU+03xrf*GbLnm8Ib{#NTsX=20HeqA3u(Z8*<MK5Rv<^8p0
z(Sp&9{iTWH(nY*coBC=2=Ox>?f5OJBl)Q`%^jB|vCtTa?(NG?HHJ^J~syjx2&Qw8D
z|5EE5i9nK_Zwe-DZ{KQbT~^<Xs*jD=$$-DMmhF{GM1G8-PddH4il#aBcNaA|(QzlM
zzsO$=(}Da;@-f;>eL=?wtamM!B3s}RwLeLn|7Go435;mmP7Li}qdojaM6I7{R+)S^
zH}B!rx!$~rb$>9xGv!LN4;B8U&exCD7a^`_-Er~6B;F~>U3!!JT8fC)6HV%V`7vMf
znE}|1R!7I~0R5Ff_nYG7g<@y(#<;(h4yQHwIHM#Aa_Gzpxx09D4>DnKzlr4R_o#VW
zYewTc>@#4kF4TXnUTNTs#Ri14y#8Geqf^OSh5u|n8%N{a?U#}|jKKvw%O)Gi7nA2x
zHYX6#=<A~PbAJ@w&^|{PXL~69n_%~{oD5sEJ@%TMlf}(T%jg{uL(@DZB=K2gkDB)f
z)B2?e?_wexUI~f-5Q36>0!K2#WxL?I8iE4E!)32!-RiO3>Y2@(a&$JZnmp!$C(y(b
zn^}&kV+i$nj>i*;p34|lJ(tI}dR14%wt7`p##+6qt786`d<Lc$bz^#wF#Wb7rZtu&
z-Rl|MWcq_JmL8Sp8oL-+{YvAoU*op|D``CV)L-LQ0xM}*mNcpBe3i63OBzp;R%A(w
z(xjDXl3fF=a;x@SZ!lbQ>1F-i8}T?$<v3dI^eY_6a8@|d3J#782g`~$=<CKopK$Pw
zxi~m)UpN@Q!n=~=AcH%@K?e7-dEl<tn*3?eVSt;k(}PV|dSBePdfUXrr2@TA6UYwo
z*#8pqp-%^Gg{T2+uBSeQ!rFR1z_xmn^~QJ5^>7(A1HPiWvn$lucXxGGcs!N964=+y
zS6E18_b#NTmr&FUs4Fh(kAk%5pL3D%)2S|*7MB!S+@@CoIpGoafnuX-Q--^r5e|GE
zt;SQOQ9@JhCONE%qw_zP44B>vwGT740k1d0NVqSnf6%^^?aKh@$iEPQsSi>JHTI=H
zEMQJZBxp|fRU7RK%Ql<6a`@@?R_;kCek2{6@4M4EBG7|@1HaVAX`Y|8wIdKe(I@QJ
zialHUR|ox_qq^EUN-Ks=8NBTMDf_v7mGxRyDw>5AU$tjTV|8_lW5$!}HLEeKITee=
zf6pIVU(Kis11yn4y>GPU1jZ#E;Y_1!iu4cLS{CAM=sW_ef?8aAAsg?MVsc{nUQR5K
z3ZxMhq_d^0tRx>Q5K2m$C&_-nfuNDyEY)g+uv45m7YX&{X>%x$Y>{L;^R=`&8<PWE
z^PuBp1v+L?TBe!vu`bw(Ym$M{v*sOOTbtrlg{IEtjg~%HXz9S#SLrxEZ{wT1xv<G`
z4#UkXzPG8d#}Q|&joaR)wv4@vOFNt5@h&jN1;%H)z_7L96x#VhPDi7AxYpfAVQi1z
z<*pGKhcpArU$*D6>-*DvidmHhUHG5Ezc<CjaXFhep!`A+O08f2cf7kCok0Jc-dl<)
z;R_GcIASE<8X>Jf_Le6l#c!sh2zjk6ARF>pseXK=yB{7i??X1XjJ}|KiM^tIjNN)@
zAMrQLwF2>fwd%re=EGIC<DHXLXSy$CZCo=}y2qulO>y^%p#`Ioe4_xEc%RNV*5+`f
z!3l$$HRpS}Qrh?Fc(jy!hYC#wt(Z?Z)p7MPYN3BN*)-1Ni`7>kNV@QG+3ckVM{y=+
z%wA@%sf;muxxL<Ybv&bdE{4rs!B0dnD><VV%y9KcS4#Q&mXq(Pd*61DjBh^-cz&n;
zg|%s7QO{D8ZrtLKzUvazZGY2ETGf1zii?MlJ@tqCDjk37MZjBEy1LVqZe!-qTl%Jn
z0i(U$YTDKew~hIt=4ODqvxak8?3`Lp;q;X~;8R#5^Sx{w9Y;UEr2M7!#`7bO6~cM_
zgqLsBI!~nB0Q)N|UvtynW?yX14jzWld<i6b8+=i06(v6gnf-gKYojIod-3;h{hIj@
zn2s~`Cvh5T{gm9TaX__>QI}}!ES_IB*sudY@~)s7Zf+{=*r`)ztfBk{Do!oR&B@rR
zXyCdbcx!bcc+^{CRH%p(f%c{2-b$TcQJq-QM9t2<f|5-r;N##w5ghzkx4BxRIu?9C
z>UXw&VWbg44SaRJJ4VupP5tVtW<c{~ziXr&%*Y<iFy#u;#Ojp%s=k7U=&OPYCt4==
zShaS$EXGtMz0ns*uTf)WZ~Sf;Yw@A48Gd9LR$Y(1Nl6>xL)<}2r*5)@&~50dC%Zr)
zvrPE1_JHn(^I6G$p0DJ$g$M~g8p@-?RL@gN{!>WH_FWzyH}C?rvp@gweSYU|>a=|u
z46DCrwDK5gwto8@d9C)W@r+U}t6)3_7{4xj#5;Bayd#C)Z`WH3Wf<Fr>39d~A6=Ks
zj&2#>^fuVndKv`KXXhGQuWmH!1XBIOlWn%b9!d$fgI1Fgf8bd7kEXlq^6XW#&qm``
z^js@uA1e^g#q-dD-k>*4ivX9_r0?_mhK<+6q|QrlI5<0&mE$|9xlx)pMTvk#5DAPp
z-b-TV{rnl+{MQsLP44Ee9kXaqmqfMBgZWr3C+Axp1+g$!>Gj*WMT4!u>J3A~)#cMV
z1gox|KDv3DB8>X$#PIZr=EfL95w)>P<(ud7TDM>K=U1QoIxfxf8+&cGFJ_xuwqwNh
z6Zn}N1J+zoQD!Yt|C1rh8Yxh$bheuS>znFxVZLdhOy^cDom+9zPsue68=0xSt|?I+
zPG5TsZ=IMtNtHi2{lzxP{>8=}(p83A;Q=9o=t99qzE$`>n!GH_ARCvR3!>=T_C4rg
zIBL@Yj_|zNPp;T_p_kbsErID}mT)~UXJk;IMi56vnr&2lSW*2dF`f}|Bm;aQ5-i6_
zIsv~IP$Djp^g99??Js6E77KNL4t$C`<aKn;p$_isbpo;Tt);{t?&~~8oqeo6RyQLS
zpx55bU!xHP1RRaVl<Td^^|zkud3>+ws7ur_=+rT|diu2HdBcNH$8v~e5b8L%c?t!e
zqk^|u!R9vJU!wPy`uo|uzgF+B_xIy?9{_4&!<g2sYajEb6j`9DTI)+HmXpI`LJscW
zBNq((7EZELSDc3Pm#qtiu3E4N9*vKg+su5&#+?l@8nOw~*j$SVpsU#i>Jv|<vsxN3
z*L*|Po<(8d6MBMGSEPBt`o@8Jh9I5zF}_n@)UBS{S2MhgHv{qOk=}MzRWqAi5Uc4E
z`0Y1A-gmp{q-;94)ANGXfJgIQI=J~Ql&DTTnX_-&I#zmPy<V#JmXj#sv$6J5C_P*$
z9L^hs$wIN#JTfRqMGOK|C#a3~2lDo~60eTU<1n_igpJ%HA{(xdkweg_f0Fu2r=AqK
zS4FI1?D{N{B}72_>2FEX#RP2HGUv*+SNxv$Rg4oG7WPvr2Y=FnDeg4bY~qB`;MQKB
zD+m!)zm9LsNafDq3TLO>9Y;p48B^67)7zOe|7!Kh4r(DLF)OF1WCzthy@a*BoD7mb
z`FH*dY`%fKY09rH<&r{53u+tK{9vURH2oZpk8eFg3eB_m&&E7@6#pg2y?G!1_v|BG
z2d<Cf|Bd{=o&Tru|5^N3-BM=X#s9<k|78BF?qU9KejR_R$=3`{n~a^k_WO-W?~E9<
zFSp+Z+wbSw?+y0*8TNa#em7^Uoipsm_FaDu0~u&uSM5C960WRv9&bOkRXb0&ALmy)
zciWE#aA%SIIJw&SXZx{<+e_@nRJF6$ejHlueBXYoFg_m7%g5{M*2c*)05{ouL4?{#
zdJY`De)v6^nkgE;{CKp#`o6{yM@U=lFq^pT>W<b(&QQe4iTWiofvPR7VgCccy&@wx
zU4TRcvG&)q6l^3@Iq~FEqQP_F11sSF6SRe&w%YOqK-KqK*~8wNk}q(jW${zBvRXTI
zKxAcmWEt1nlv+zwRY8`~VbWTY%Uh%Ar-S3<XOjP51I!IS&-j7QjZ2lMG}Wl?IL0Lo
z#7$TNoFiGmr-3FhL)Y;mnXxxh?N}WbQr8cyj`fYWP#7_e>9t+8VRRVpIK``F){Vs5
z_0m$4R=G~OuBHF6U1F9XE%$q*4<@X&aR_awpXq>Ru`u2wtZ^c0u`sTd)WVpSY_0wg
zFs1o9M(|C6WcgX;i}sFVqjfjMtF1}O7aFBa$A3Lqx+)rfpz&~Dn}e*T3IeS-!qf5j
zvEji-L1`L;u-8!;`;f{3VQeOagzqmXj$Lfy^Apuo+VL1Lm74O)P<Tn)QW2n5!LL&=
z)3e29W9l^iBcXFfjV3pvL9y;x^Xm}$v=d@hIBu^1MnC8GSR3%V<jIzyc}{7^CLc8@
z0bsW4Ep9ELWwsngly*q6b^&yhuX?jpGt0ta_U{@YW7nFGS2B-iSwJXq06z(QLXdU;
zZS(QV!1HezJ;_Ly7UXP?YXtP9gvMqmT;m-lWX+H9MQ^rgGCFN+mV^-RkUUETtgJ`y
zx?Qhk{_C0cUN0B-iN9vuDqPGG!px-Ivqg0sg|iN7z1tB$(?Yer!P@Ge;il8xL45^U
zZeO_}3THA9wA0qZq9s>F%TwBVA)x-d_1PvxzdX7RrZ*RZX<w-t?RQYA1LiFaHm~#y
zCfyxES0C!=FmRc-o##_}uz6y&^IV2=uz9~6WG&a^Fo*{^4Bt1ved{hvClO<Ih>nS_
zfvAjjT%Ha49i`^`9r}~fzkhE{0Zc~!nioH{{&pV6Sz<`<+P|s3``W*mwYC*5v=`>p
zQN{MOta<v3!O0y2T&L*wv1kprmhV4v{98FtFL)cxjlPf8LGSRke%-eSA#pdmEoiMD
z!Z<GPkD3i)<)tra9HfuzD@0y;cq=-PXVgjA-E496BH;MB;3ye&r49n77?_P)f(_j|
ze{B`Afwpg#2Y9On_CWJ!ncZ$8Ul3xkBh26A<Xg+!1`x;ATOF$c<m-vsiQI}6E>}~_
z`6<&n<h=M^gVCdpX;P#NsvZ{lvNNTV*j4yA{wEc#m0g9?jPWS{mb?S@R2&P<|6kZx
zXgxX6X*!?(N=WDbN&b-~Me|>8KL3x?*xlFsw@g0&|L`Zx{{UJ({|&T1dj3n7Q$qIp
z52rt0hnfF)2JLhHtEIusp8-<^7J$2B=M|dizJp3pXH>$s?OsSyU^gSUp|GPJsX0>^
z0hqcG6K+6<42N)L8fr|NaV-h@q~ZQ_(@Pc+&D0kNu-~_Xxfa5_XSY>yrFG{{<3syr
zH^v_|6E=L<@2H%^f3BUE|0s2T{O3ey!pKZ=j|}BM>v|fMyH7rIa$1;jDPIeG=Ct%v
zO51_Y7(7KjqrHgEHU87bS>+6iQj+27&k<8g&E$?QEoCtumv5&kxwP$HS{<DmQr_9a
z!we=!Lw){#ork@cKK_^BD;WiL@vvR7b*k!JOMTghg(uA?Ow0hT+9NQrv*<$3#PYX4
zor!7uB~Kn84`aN`c5%(G4Cgc1xQ_q64CAS6{u}Cw^JE{>VuC~tor$vpwrt@xW}8f$
z<PMkbtnnw8Pwy;xxMt0<|7F#ldT*`T*}<?UpODC;jrHnKEq6Q0*Y!gtN~PXkVon8E
zs6-xMpIRr*?35okv(vTK$-tZSHRsK_?(iH2B$FMropibUJ4}A<U;l$A5(~oGqV|LS
z24m|}SEjNLraaeCDVDU4(<9Y2Ue8Ont}$x@+?VVEp<f$4^`i+KKoK~>%DsAeQFEiz
zfGc=G&$Fs|Xl!bmM)R21^gYs$nxd!CToapy2N&x0vw>;hg2HW4w%PcNv^U6RqKyyH
zr~me`7PvcZ@<oOo9Tb)58mzfX+f_~;0!jup-$pr!na85EL`SlG`cM=u1W=hCvFGq~
z+*}cN-UtgEXg(Uq?8ik8>p=5iQS%H6N}V#DP@qD=rS??8!`q($?v8=ke(2lMpYe<!
z+<pNNc6L~O2;85{KFi0iEZIK#jp5IMN3P6^4UD3cmj=Z4<DK^ygT6ja9!?TU-68@^
z%tV3G`W47R;W3J`@OdivM*cL1#t0MFl0Mzu2b+g?Wt1M%YA<H=)}*P?o(&VE=(joE
zg93AD(8$!6j8ry%n`JT{O&&&rp%ZiTl}2GRBCvwKl8JNd(?NslD_!$c)K}((TwiIE
zMs>KpvYzTIWxKx!eP!MBl>l@e02Ne~ve(D{Oc|uAB*PJ87{+=*B*N<?uL1Ht)0K}5
zq;*S)H5%1x#4oq;c)yom=TvM#hWwt(bmnO@A5-6CweQ`mjSyEydeKF$7hSY^`i$no
zh8ICo+=<9@czR9qbZ)zn-rXh(usw}B(j*Zla_aW<T~y2aqtbWjM|pp^sb6aIs$XjI
z`B@I_HYg<GB>$nPY===QYs#B?eWZdCb#YLlE)Ggmf?N9@>6;5iexB-3Jx-VFI=aY`
zdATH|Xie2p>s}gzLrG_UJbn6|XsW2QCoWMcztl`#Ol6q3^-%DUD(=6^mPxcJp1?jW
z`X8gssSy{=ry9Pz`Q8+sP{ynFu##yx(k0Kf>s%8?rBzpUT)@x#%yNPG!u{UnCf(qC
z$8wo+M3*EC{cXDAOZ6b?kL8ag8wZVw%f`~RC;_wK{cPuI>s}m>&E5e1vt3<yEzP!+
zTAqD8k9D8!&4p&Dvg1k43Te=*D0`WTmjSjESAVcR<;W0z&|MrA&!~~A{XOcSct(I!
z?e9?|adK&nC|pOh0m*UYzRG5M8{ec#67I0Wb7w~2G6=M=NTyzTO}Ao>>QrV5a+%5o
zInebpfu;mXmM&eJr4s`~yTnvxAcUjN>Oz}7X5OTZeH+bkxI0|=wWnO5{2XX5pPtq-
zwP<?WSF5-=g@x<!^tW|?{xq7W^V-zw5%zjNUYF~2!d}-%(qMoMLsFKV3uTmS+L;qv
zauEA+U%y<&v^6}t!16^WM7qGzk#D7Ri6!y~saWKzH+R|%meyHQ$ovECGKY$h#cv}U
z<nde{%q`!?#f}f9+1zn#IUTH||E{l`v7$4UOAAZq(frBV`n0ztozQ3UpP$Wte$Iay
zeU+mV)3GV-I2L-;M0`+2mki0Ws6?mU07&=5Gp`q9GsX}+PTiNht}_XG_dLGQ=I<Ce
zx_WzW3NyfRRA%=mV|n)ZJl5gAlKhWWx!b6y<hBI9ua!>2^@End`nQ(cH>$;T&j{s8
z!7k5hncPhwH@mPih3k3!h3RZ()Hc1@0=cPS%Xt}|8v@2RytRqR%aV?2rx*5&u)8ez
z(H(*a{3Op}&N#J@4dorwlomo5EIByIsj|5?-Hx9@``obp1OrCTn7$a4>p9#LRLoZZ
zUKu)?W+@hqqyl`fvu6$WIsVh>WdnV;_VzKZ_!F*hR0ZhI_0k(hJ5K}&yI%kZfS&2}
zOQKDWwGLx-b<SwFSwv=!;Ct73Z<O#;<zRT>I-7;j!AH71gw9;$K3-N^Zl^+9Zh~=8
zXiEy*fv9f!+AcSTR8#cjeQAn{R+_Gpj&Y5fI>F2}BOy?SDA4XUe%=HQ!aIWYi-Zj2
zXnPJWl(Ah@`VPz~U!1F-_E<6%pWCX*6~oX|@-$ir{o}?JeG6}qmZ+>w*ZCzkliTKj
z)?)F)YCb0Hde4HkrJ=^#*xZ=5nB6NOc-`O$OHF;PnP-UGYF7J9PW50CQ7EO@M_vuv
z8=Zu{Ua|%vw4d)hn|5nzcOP{1Xr|1ePFQZ45Qr=`@bg<pd>pyI<7Pu?u%MZjW=eth
z(`P!}d@O*+>FAi~;H^$am|7&)gDix@i9?g^`i0(AR&}kORG%xO)Zx6w5NEbi$zP<{
z_B`?nu{@=*jYDxM&(o~N$+Noi$|lC^D|K#6l?p|hl@~J*#uuFLd)^tPcJ9urvbm>u
zTo=9}ms|LjoCs6t%qo}NuKqOEuCCkF59ia)+^%ZL(r8(#7ymy#oA{OlEI*rYoN3MK
zGrIR(&c=G&c_H8t#q%%etMl|Yxy=Vs^Gm9AW}tp5a&Gv!Cycc8GNQl!`=GxK^U>eD
zJPZ0W`?ZvL{4w<R`~cNl`kU_Tp_jYWM{UJ3THG)%EvBhO0{JT=kRG`}i9K?G$7c?5
zfqgfLKu9+1=Ht-l8HZQ;IJ_hs2gz7E#_r13$HiH%>dDBO^YVOXq#<RLka9*7=_CDj
zIsNVH$AOI5k@Jq(i8P+`4C#1SxBeGncGrH!?B%qzTlnZ2vm@snvoy6hX1C8bW=iZC
zGuM}fF|+R)vr$8|4I0SA6T>0hXlzScdoX(%_OUi|l90f7X|Mlu_Q3=Do)gE)IwC4f
zzLLK#wYFweVUa(_$t40p`j}%^`nFmkJPF*(`&$YIIXyj*Huc5*)5Hh3#Av$lMImv!
z5(gs`_%0LM(Y2Irwsac@gHJZM`PZ)FzpM(K2~x$TkS9GN&>>5f$Mo>JchocanYT&s
zTm~Z90hK#<%jc&nsN73j<LmQ2RkZ6S+j$l3x@w^0Rfi&|tpcrvXIPKk*F#(53)Y^r
zKub$>NgTvTO!}lFNTkkSJa^_spR+Fo+epQC=uw${8IN2JcDZpzS;G3?We=<}A-xpc
zpY{et3let^11Tz%>e&|EopR`SMok!H4m6kgo98XH&I3BzDvGw&Q(strtcYidXVhp*
z7KRoV+*hDZ!h2!uS+UaNHC=-6{|fTQ$zn;w$jY-X=hbuyU!wjY<4rTKBn{b!z2`Z=
ztpdP}<Xu<57@0c8Gb(04Z{G}Q=&l;K^|dUwD9fm~RBs&$EVHUokrx%#TE9!>>Xu4%
zYwPKv3uqC8K09zyaOLWj{%VE#><CXs1Sdz$W9PJ~Lp-%A<rN3$ORNdy9*&`<ywRw6
z3sx)6f8POM3%mNr*gPQbBO8z!_s~9Xo-XD_RAqGDk59W-E40+y8aih>KFvX_yTF`v
zjC*k^gUw@mF{i$(7wRkK#NLaggH1wHREt%=M&_Exp?<%@VX_&4H?f6h6lp^=wy3=m
zs%roC2bp5JJbNdohM4c-5onJM(pU@sC6Rq5*RJ)wnX(1?Ek{DaFWsj{=}x)jr31~I
z;+e0IkXd5N<?_UAQ~q{fuuZv|&Nk(rv{d%5s>)MsXYR&)v8Ru170wJ;p)QS(nZcXt
zJv_GNA|J;9TNt@p0h;KSN;IJxMT%gB+Kke$XmeTm&jWC6>za|O!z+$$T(^MV)TXW+
zJrl4%xO6N6Ee+(rpf%dR7Av@yX`qWY^fiENUd~(B3|Re`7D^TLzeIBwc#V76?pzq|
z!XXXRcfAS-2AVk83KVyo>4K{o;2LqN!gtn;Q2soS`3MtA`9@^9-2z3d*^S-cRj(Fy
z%CoQ0qcZziecs4QTu$B(i-Ddunt#d%{Y87T$Ab68^f9fYVw*)Q-hLvrR$Qtk(p(nn
zm36nQBCYnQ$z{T|<R8g1h!105>Nl)&Ex$!|7vmPmJ6OO(>$Gp)PMafzHi6p!9<yeA
zGtDOPXy$Fr4i*d;ViCwU)Ll_LMBj05SBO5D5beYwm<^!33(6+IXJ!&p?<OA3QvkxT
z;riu+qE#oQ@%ds41-C@wTpHWc?@E1R?UiVJpm~znzA}Lc!6>s=9q_=3nTG4fBe#3?
z>FPnL>{gWF^7s})e^NS&gDD+RSQ|A)U29|5hYLYn>4E16H(9#Q>0BO5J_ORupvgW8
zr|`Z<@LXzr!PHnRNu$-i2t@gI$DLmKHL#zce4~ozn;G)cLkzM<pDVgjCx^>tp=G+~
zp#(4*CS$s<*1Qm({V&Z`V$8)e>JIaw26`qhLta4@Yoj@%{<L;U(g<q{d%I}VVB2va
zOJZs|67<8Wr)srHKddUM_80xIRaLdWX7|>kAI7{Z`i=7r!|mcIc{McQl{6MFFop5u
zUW*yrUG4)TU;4W#J0_U$(2|Ar7#8r@XoHO>uo#yK+ADYE#&9M0ZwWP!fp{6~l5DpB
zLb$bIZywCjtgmjgJzrtY1xGg$6U>x)GIE!#4TnxsA5Ke}Qe<oD5Y46T9)QEOAoWo^
z-0CBBbQ~;D+GE}T{NsY(&IKL;S~HtDrrmZWG@9pS#&A%>6p}}74CguaP80C*-!z+A
zlT4L@N#wq)GkqSdkCvPgjdP}M_o>JaYnj0kY}sT}nu7$9V0o5&5^5q^a@B-vw`KgA
zC55>X8&Bfw5}x!HlT$OB&zr9Y)j!ih02Zs|Rlg?~t4viFwb#Fcb^THN>HJ)uOSer`
z#dbv~qW|ss;wwlg`6-r@vr-SkD5Wg+9bwQ#i@s%Dvz&fp?WZd(zBbNyz4)jV-+UL@
zOUav<0NCmi1+g(&JEE@!lb{#?B*#OGk-H!d)O-c!mW*n1jQCzv#<R5g%0(zwm|`L|
zkyVW)SVXb6<W7V1#A~V7$d7Q<pBW0kv-+UhD~uv_!vC**tAEb{gW8Pi4riZtQ<^|=
z^;FjmzlhBQ{1l%%!UZkalKUYc%!t}G>4r4-{1cz4nC!m7#@aOP_MI8$btnJ_F~jil
z8ry0NWuRU^%evw@1n@nV!dv{HE!9T`ey2JDzpI#e`U6YQ_h|oe2L+d;|6z>fB!>H_
zr`7kYt}Eie6)+$?!v_0MB?gt?Hv&*c4x%j7sLQ8XvrZg*GU9AR?Wrt7Qw8~}86&If
zF_%KFAqIiT12;3!E4|O5pWsT7_KlcA<zrj-G`cFqk?&GD&$uJobe3IJ+>`Wiej`wZ
zD?(PS?{es2*>I(`Q<UGtwsyV~jlfSQfoI0!TNuvZdpa6(c%0D%ALZE2Lstp*lFi5>
z?_J|4s2U=~ZPlHs{q5$qnj2Tq=4#c`mYs3uLfRu7j|mG5$o-;Pea~QZ*XyXEZ~3Dp
z7GC;-){hyiwVuSsJc(m#cxebQoG;h!cdP8wX+>+=3~f#r-ocUC-YjZwcqbG7I{x^C
zk4N|P$75LUTPPn^wIdtV)koB7+|?i^06RY-;tdq<86mD(814$oTt!?s@Nz6{uGU&t
zBfby6#S+5!UxCfaJ7IHcKKtQi2+qgQ?cM4m`@-04&L<5%oy~6P<-tnO(cOOS+{HT&
zvN{U9Gp{P}&Tj<XX}0sOoG=HCRL-c{_#8|<8SnC4YNMUo%OhKlKQg#r4>S+Lg0(bW
z--f5V9%EZlN98;aQR<1U@tXQ<?9SM;Z&de<hsdT%vQ4o~<05&Rh<Is!*9Qb!BPE8p
z?zZoT2nQuYVv$Cd#52lTwZE++A*oEZDn}2e{X-3R{`nmuN`M~UW>T^^#p<X==c@G=
zD3FSNj&0!u5BCtvt*eWlFHNkj`3%g)ca7Dr@!i@xzDl@{@m*jCH*2kqsoJhL(-joU
zZ%I23{Gub#z+slBKm&Pmfd;-CXrQou{<|fG^|KU79`f<<eE|bbXf{?O28AuKX3oU(
zvYAsF-81_pAkmd9={~}PnEZiy{FB4CFw_eRQvt0NIwOA!Yfu&q$-dkXkVk&?i@kW1
zs9z;RUU6KZnI8gtwWYrZt47FL50+5o)3z>IhW;Sa1%9@`;!8UX+4reh`yc67v(o-F
zk021M?X#%oaKmYe1kecg`iih{S7x0r{(&D`)fTB~bpPK6o-jl_G++kXC8M1m@MX6W
z#{8#7(dWS?+FECAiB7il(uor8gHD_Vn!PlTR~2aBXTZ=SLz#1#(1#6II*ivOzeFl&
z{X2hV-zqQ*7PW;`;YsJuE^`%V1`&PzL(n1anHpkil*+7HJ%Iz!ckR2NA``2~W2if-
zm@$Z7T^V)wYyz0UBl_@jCH%m(_g8A?c8OA=tTQ>FV>we|N>PGU`;YZbPr^)*p5PP8
zUA4d6J~G};kTI00$M>de@y(~4R(!HRC+E?{_A}H^6D(O_m`e2iL5PBT2I{;1nu_FA
z$O>~zWN-D`#V3)%O~R-l@w1jS{Znjx@B9bDw`QbvCmxU0CfeaVH7t9IilDCTR`q5d
za4?GQX<$nSca+GcNk2kDqqgJGPHBLEMQCliUT6PCSnvfl%Nf;nT;W*_G|Q}n*|*J~
zIanD<`qf?s>9;ofxASE!*_NB2V7`nay258}6XxERVXl@MEvY)winl-Blf$f-2I6|_
zBJh(`Bmu=UchlhLM$8}dW85VE;6Zxr-!UpKqt=aK&c2;2urW?ghsst751HpAzoSCt
z=66!;L4+l%zMS;gvyv>Z=TJGcJLHOxq^4w(x608&p}Qx@XFtTHh-ZZ5q@gSbqQYYK
zB0Pnc)$xn~>*$!olTfj*cBMqu{`flT|EkXe6)<Ba$X|^V?40zP+Btcnd}NnnMo@ww
z|0p2%2w~Vqy`~>?yYe_{)9w*Q_kLZ54BD<N?RX@lVRMV}+M}Q6pj5rrveR0RveszF
z`))~V;~Aq7`<qx2BBlCMwZG<m0td;~Z<hzc8Iy|I)W?3NWW;8;_dK^bZiIk5kKPJ-
z!u%GoSRV0<%x-92YJ$hDXukwn@~@_PE$DIpLzRi=r2CWrtNN6~p|=7Y8w{U@mpqSf
zWqJJG)5!AJ+$q^^(bnfr07|>@?u_G<Tm|N4W|7+imd&5^6yZaG=_$7q3v83ZxuX#|
zH)zRp)04S<3Y+gx>nXnt_FGEpIrHl}r?u~PPWv0CkoCmZ^y9(Dkp{okx{IBy<o1Y4
zkUe6L%-ih`r?HXDv(fP&BS7~<&8rLR-9n~L_j>2f$S(Iv4{{Xs97R3(44-``eS^1-
zQ+BO8eJ%v6RSR8R&~T(SrwgOT@@O1cazVa=VlRF?Ws)aA>{efK1x+@~Cr+&t#y!Zj
zN)7Z^jZTDj-_QCuqx9JRT1X`Vt18mc#5R-7*1_(Sf#^PZq&ZF^NBd%dfiTnGup0nE
zPRp`lD~7cyP`Ank`zEHQYkd<<ZFBM9A^^mB(TZC;+P#FD3C^xcIfQ6Go_etf3>7R3
z>C4*R-YgqIw%k_nvMsGsRUo;Rzm4YOi_I_FZ}Zw^uTT5s&03o&#HzOaBz5jdR`sZk
z&eUd{jEY}cmv!j`<E#DWb9o*uTuwCEcWP`K$tNjUYki8p1B>HbpXQl-hCd1%pymgo
ziK+g@aq?MZi1_h2ehl)whv!H+MNL4(*y8B-quT13CJfZ{C1bRLy=00LZq&3CLq@(&
zb-Cmm+m92LUgu3qqV`tKn&O<NG@AVjqXf-1Sj^@!fnB3bIeoBSskNUXlt9<S-B^D%
zRJ;NhY%JNw+Njqirdvztz}9ijgxXIhdrS=XWn^o=Mr9A84IC8fkx_6z&i#K6>KwNd
zQ&x0z!{YGX^mkufwboxilS_r%F`~a(+gjAw-W!&ZDF8!Tk%BN%4*=91fH!pm@P1wa
zpm|E#582_b3;ifo(;uqow`y$cy$e6_8sZx9q?Zd5U~jnLG!aK^2cu(zzs`@;X^sx?
z)0}vWYaY^D@`xBg7`-0^?LvsAB%6e?-7UCT<x%+Nh-XQqfzLh;Qb<mt-ge)6K<fxS
ze~r@mqrDXt8{$GuERx#0oP3_qs3u?FZ=*6*sx@n9p1;VO8I!xdbR=4RWK>D@rSe4!
zX9A-5fX#`aH2Px7tHb$#@+8O6zA+Zb#^Z6a5^VI!#>c8JC1c7xvazbDI&<mTLwCu>
z%H*<#WN=^<pVr>yIHOVV`%8NHy%G*+Z*#oWQP|(+RRvx@NsoGX{lS*R-Ubz>aoyw)
zQV{4Iwgb~Yyo+w-=edDTD>3kC$3eig(z|iJB2L!KgX<F<*Xl(Nu2n^KMt@rwu4R1u
zccjpbg7I-z3ib!~UYUKjGL~oG!^6)bVd2q<)}F$#z+Wzo#u}vo=6G$8s}UPfef5>P
zW5YC!Q$LPtZaN(7j!|o_-o`Nw4znekj1-<V*gFnaR@=F9IE!cgPkmjk&2eh7Y(~uK
zOU!;JSttC*c43K&8crvE@7YN<#xv>$Kt2(sqdqt=2=eL|lS}prO6SzbKMk5#Ehfig
zYFYzkLd;R39pHIdgfB@jQ3)F?nK~<UfsC_jp(NZ!`zj@+m0^=akIH70=v4`3$qqYt
zo@_9SwlC|YZ6!3C+lpr>8@ta?EXUr>bI(u;^3MK6q2Tvo=P9dF{vg@t6oacUUvlum
ze3=GQJ@dr^vPd>!zwbvV>8|^|AUu-+!yHgra&*d9XtRg!*mv#OGrogPT8TN|>Ea)j
zf4;aDryA`Vf_vtQid3!6?mfHnozt?hxx9C5lyE?N=k#7Y=2ZneZkmh7&6Wfnae_3y
zGnyPHx(r5y;kWU}Gr=2ruKnpi%j+AZ<P^%Y19lb4qW0meDXyAz^+IX(eHtMj1DzR%
zF;eP$d`juvd}=gKPN0o_jE(Zo;q96S_xG_8R(i%pMXEDaFymwSnsA27QHDi#6&C<V
zn#JT@{0YIuy?ePB)uR5H*s}3!c~F6LT{$xw-=Lnz_Yq3C&+$D6_|LLBQf0S=-S`=c
z_D*-K@@++4JM2eCk*9*FL5?B|>hv=#3Gc6b6HqFu(cTX>oY&=kY3ZILJEt_gqBmc1
zJ)0F%fBz&sTMH`b+^g=~hn_9Z2&;2FTL3tn(?QRs)LhR7{sh}%p7x#dE6eb*R1tSt
zRAP&uw0+Q(KK1C+TpoUa)0I%)Lsu$NwK}`!yz>&L`{YcK@}#6X$s!k~$FCotY@94~
ztq#Dgh-Z`(fKy*GU3F>4m9(u*vPm<-LydkSx(!E5Ee$u4b7*F_B2{Jj{s(3>`6w@*
z)1(salP1Nx&$c=WygRQd@SKOzu6TEW06k1r7tgtnTq(~9zyBzn^GM3?m*;#?J)gsK
zlsX^JQF=GeVK23XHgekVv44<{y?Wg<_Nt;fqrbUq<TNN7kpfTIP~<5aM(Puj(+zG$
zgUfh_7!~-8MKS4SGat>_jN$46>V0rFra@!sW7-#+%G5$tm5>Nroi-GVBwBRrJ~bJR
zI~ZZ)Iw~9U<RXeX)#-c5Vtd*ev1Ili>G~YD@d8bAV;iO9aXx0y$!Plxq?g+7=CAGQ
zIxnUBMDU#b2P$!1RF2N0Z9DVnuA6%kuk)Ia#8y~M<@V>&n%WEATTnAyM#lCx+4q;N
z8LwXRrLYdE$v_hxPu2Td>Rj5@*Vy7qpJVt=RBwN&r3bNX6>ZvgutzRqaP{gskm;lP
zs<q?@<d9T5cqhi5MMS~UuBQ?MEM;%{?l`DK=Yxa)kUi!^pPS{aZXgg&Jo%bSxruER
zw=Z0|h#-z*Te&p7ZpkKhUUM18fG(YKUm;}0Hu3YNYHgyg7OuTXar_t5f3EseZoLuC
zxN^&?N9uMB9S30QpIKO6jd<%J1P9q9V{V&7h_Ln6yD5WlP!P)RsIO}Mkdy%(5TK?|
zPMHb{0;$`lKHf)ZH^*Y{JzP7BviCf+RJbiC)l0t}xE^A-p3(SpFoeYvrN#c3(}Cn<
zFg%fLBb1#d7|JIWo5GQ~vy_#heof78dfAdZ3j88FV+dcWb^Z$Q>c03Tckw%Uw0}K`
zsXn(Z(@tR8Uh=xqsu06NRiQYA`+-b-o_Z(tfU$))JkQ`qjHt3}{%;t*bQKz0mULF@
zm9BFijQf(u2#C1PZTgghO*kV^t0uouG3-5*7~J-PzZEfDkGC*@+`&^?87Eg!N6M}8
zxoc}eY&e`(Mmk?Gmh8Btho1@URWEoXK=kOggACU-cWz+J9;*5j2vn1R>v}m~aRF*#
zLw!Sked5^Egh(td8tZQ!TA!GPI;7GgzOD#G`YpI$wRtF(<Mv~POpG{RX$;pxkW6T2
z>eXo!P_2y*rtOCrzOChD8y8_fY<fs)r&ib^2$jnJuz1uy5V&;1##(h^qiKi$M<4s+
zabqslTk*FRdaQ@5-k^uMrm=*(5M>d6EMH^<x@V+PJ7_m?iTM{<??mdyK98@&2dF^d
z*T~k+rifWIN$YeSmxk!T=o}(!Cc08o>LbD$O>77np5}(y#CiH4LwDlxP8{hUlznR>
zGHuYtH0eAgjjH&xC&7fi1pe2KUPD&Ge6G5Jc#+K~M`p0ExDI`oK<XS7xz<7SQ`P@g
zQV~`KDLoNb70+QM^@k?wz~&`>q7q$A*IU1XT-Gibu*R`nTGjejYYFMZ?ry{$jM3)Q
z(NETh^KjhTfB%O+1TEGgg>;Y|VA<>dFR(FnF^rRJ*0M_*yFLVI(rA5gDNHL%so5dr
z`h|>1OOqir^a)#PomuWZ$aBV>E6I=^SMF`}t*_O?R3oaa^jf;L=<F-P{F>B+yj2VA
zZZ&QGaVuR=ldIgSOlCv3d^H)uG~5)~{Y<T!G`n?d@g3&@rP&Xw7S>N+hl2m15^Wt4
z|JVTaq<$azkcTzdhu@)D4A1pD6nuX7RIYEiP&h5^Q{VEa|CjVFPZC<X^eu0NucjX5
zvK`x!ggma)iT$E8OgQ?Zb-N0AIpGW$bx7*p!JlmUUd;0m>M!PSroYDTw^Y6?RTDLD
z;&oyoefK5v_p<%Pxg@=HCTd>5VZ)6mNOg0~V7<@RHB4S*7^{_5t8h<px+K!D;tXqL
z_%eB@pf4=Jh`-MeFo}7C#dJ9IqS#IJ<iSrIwskslngvq)?*G`AbVNebPeJrf1O>Hs
zD0nozZn_~v6ZK>bpgCySiF6t#)Akz^`_7MIIm>EwOAoun=DBoLSNHBslyE?MldV=q
zVQ-RG#eiya{8S+B*_%AwlDhUL&$NEI32pdoaGnXA2ci$Th4QxK$fRUGeaJ^_`cr3@
z9IDj$_9ja2-kT6z<k_^5uJ#%q$#dImUK;{?)^b%*ozdUky~zhC_ehm9eaGfk@><-U
zn99SvyZ(|d_2kP?pz+hVxxKD+ZsNG3AI{&&t!KbA&4Otq&-wl@58w6F_u_l{8{SWi
z(~Fynd7d~8Hh7*)*qvB{K)JcJpmjO<;Vih>jz~CAt^Z<iZE}BS`7UGZ^wAWz>xj6t
z-ud;}@mTl?k32?cf!3SU^Hu7JF)|A|{Pu^%e)~h+a|aa=7eD;a?baVexr@LhHpz-A
zl@)FMnm2B!ujWpWayALIRI_jmRf{x;WXKg6+r;F);pez9p#u-zoW^J<nJxLn8na-t
zVRwO0qq$fQHph$3mStoRRLw@wA*kWE_AU*smXfqs|3hQ7aD%l;p#$6rSq}u}>)~j0
z=y4vaVY+i0_3ai;QC}DkvmfIHG$z&%kyeVSIQ}2*>BJkEQBH%n<Y3KN2bIC*!8YOt
zZ14iEEMKo$x)#!Z77Ut4+NZ|CNj#&p{hj~YcRT+Vaac>v<3vB->Y<-kkp=qscnXu~
zOn%y3`Q)c9@9Sbl5!wkkq4`fR^gt&x)q}=8r!&vcLuZz`Kxc9C04t7*@>sWz_g3n<
zq(FOVb^D?{uX%s8C-bj9xV*J!{3WG>1ENK_j{o^+@yLDCqP*dEYkV?V`~)v^Y0*==
zX;EqWrA1}PXz|E+M(_Kg#ZU6Bmll=QLyKMh=l0$G&qY8^jNR)(>#gaBl+JxmXX$hH
zbXrR<wRxbm^zprGsS*xoExpX@D6FM<RbefC8({UUr5^L1wNz)CI(<prPNqNdO!HGh
zWAECiL_>~_h?m64yQnu^{w%NN|H;yS#xu&B9Mg67<Ll$)>Ql*((z8CQNYx7F>!XDM
z*y1zT!vJjc7YhR*=9h#7$(c{5{Uh-9Wx@ncew0%e0nOvd7_68qG#KoCEGh;AsJXpd
z)Wmqg9M@cO94z&91q-N+nW=v;f{O4HDOTbxJfSAZ0^%>Cg)1^z==9Qp5)OzKuI#0S
zysAJ8@1IKxAFw27!C^VD^X$)nEZ?VG1?;QU?tXnTK281}pA04aNj@2FBNk{#fV6(i
z8f;!=8Re~vXY9*Pk+sRW!u6w^u7s5yx>Dw<70J&7=5xCc&@R_&%pRSM+4kNsQ^Em_
z*<*UgEUzkz*@wfJ<u>=>h6)=q?Lj5)UPV1~l)5KtcM#5kW<Lw;Q2ocLP9|xMs4bJU
zLQEV#<pEJzKO&+8Hm2Mr?Tu;0F*a!rq|W3p#LMI>{Be_&vlsxYUx&V_0l1r}sa2=*
zlEpth$>x5Xd<rnySE{a0@+;-1-FZHvJTl<v$s;LrRH6iXG8w)kU*(Ui^kwmq*)~<9
zYtZ~W*6=$cFjC8-Bd|QO_tf$z#1NCvqjXnNHcYoV5z<B{`prD8eXBrLe+M=XnqtX{
zj7|*r=gd@YU^BZiM4e*GevOfYIYs3tfWRKsUPsFCk_?1pTU{GVZUXhbCT)0x%WSdn
z^0)<OX4ZA+Zv%`nt$P!>u^+=Dw119W9f^bEZfs{}WCLjbQbRP=;$0~i=uu!`zFHP`
z*AjS0aj%qU2yJl1=hlOet8F}N_|adx=I`i@wf4IJ7!Qi~^Wc&;$FQsj(zP_qcOj>H
zk2QvI9gU=mjM@>sU88nNJ2abm=DMn=I+lC%rCOVO&GyefWSE^Y#T$$LvhP{H#0##q
zerYY=(aQ^za6r7^I;*3wmgiLkUhqYF+Ow8_*^<E26|rCHJIZdz?yXI}!Y3{2!pVX0
z_0NHuIcvHSv%U(qk8|7#x*psrYjs9{^Y!_9B!To+UHftqXibMJvw^uj!{3d)_*26E
zZD1_N|BVeyt9MLt@WPmUBaBIbKkrS)WR4BYJwk9w(?K_{wEfw@*!M0Q7y{8KF-2lp
zU!YyfKc5ZE4L)w_LC?6UNY(1h*FTpBp2&DVJ{uc65W0Q5mC$Hz$!_35Y9cOf0Ttf|
z6$*}>dSI|wQHE0}=LePFvkd$6P)z&Q&c`895hKXVB<}~LnE3if(E8^!6ut9WiGkLA
zuNwG{(!2T2a-tc~YCZ<ecRG$^;iU)1s-ilhzxmv7zEa>j_BrD_ikkaH3P}0r!DQk%
z`6aE+enF|pFZj9E=ePF6ZqHfrA~Pz8Y^$xI<#Rbmx{qJD{H;1rf05@1@~B$wI5u|<
zyr%vMMjWCxEcMnxc#^TfCMMrrww%T)u0&6w-t9I<*6>tcWh|T^={#qE9#oPcq8be}
zAD)-?vz*h@C@^DNIEl1KFgn`It`Mw6oj0(s?<`@xu6FOaqlg7Of5MTMjlFE~|JM5_
z1P~?Edha$*ijRYRi7M&us>5p#pFB7({}r<3VRYz43J9Hm-%4X&_ML`)#{M&<SJQ9#
z#cG}3fLbFe>Q29#ULt&lMf>;D(jb2vuz!ixVYZU*E~VTK!)?zQrSiDN!2OUQ^w#+=
z+8S)4WWrM1bY(>M>IbwnBg$#&?eB85t-L*Fm#Ge`5}o@nKTi=p<O}&(O@%o5Emflj
zPc~3pHb+MI9^!8L_e3#Iy|?PCzB^wE<&&eb?~0rC0KVV2@4o5$mB34-<oRk`$7$%h
zysJL*dOP8|k4kjR3E@mA4Z{aYzw9W@aQcM#+Eu0;r+Vwcsq16r#i{c4f|H#A?*pd`
z7<zT@<P<3>&H_&Tdm<&xyf_WtPs_fiIDO*2`<CJKt{kVROa%Uc;gtByS%5N45)6gE
z%EQ(**=vM#NNIsia(gxCR7DE+8z_#tlD2onQD-V-r*L0W<<u*Bl%1IKxtXt%OrU<T
zFgF&LkH${EKgs%@eusi8(UL)KKbTQP6VtJMX`P}?Lp6=`KM55296ri5WTX-=omC?W
z4R%=ZGY)r3-)cg1BZdW8K94As!@1MoC|QW@WH6oN{#`afGxl9F<ITl&6`LTvn@v!-
z?TbEO6Qq~ULh6xCQ00C5x$Vo_(B9nrYTXYjJrZhv<R=6nvwfjV9N=t?_V_IeLQ=)8
z9vbcMWl7APZwNQ#*>CDmncb_$P<i%W>{*%p7EfP?K1Q22(XZ6^t7I2PE!)`eA1mw-
zpYBYyPo@K&c*}12Is6i_u>FJM0psWV+F3F!d4F6@IAwNoNe7~sVBi!J1em|8SDDW#
z>>t4cbCa6cT^igWTg3I79v)*vHW22rxr!F8Pg*k<*m;HXKtBQ~EonC5{EQ&bxbF`(
zIPD2t^Q8;m`O*dVeCa}PSNg2iFNBBmN;C`3cPV{YxF9K>QTrC>O%0llm0Gyd@9U0d
zR4v^GM}=z%JUP3TU`A~?C+y0k<TO*YBh|c10Xf}2*<dUsr|~TrpG)_<?YrpysXcVB
zccc4YF6(r!m(H?4_gCFF-RFCq9=d<{Z7GpM(ch*Yx%?N#O^IFj4*r&fbmu`n4q<MK
zUaV9;x1W;rv3G7iE$!pnxjhm3_=5ZHqx?z_L(a+O8M78iuF?KZ*2ipae}d{VHPCnH
zArtw#)_cKQiY}%u@zks?o3rE2TC4XxRS9Zqcj8%irCDpBH0CL%LIQ=he2$#z@|iMr
z;W~_gKnv+*+qc>njAyj1az@+AcxUH%G~vkC`fxRUx!G`^9HUWD_(sTFQt)%8c#o6-
zSt;TB(`iCDLb))@VRlZ+^G`>mdF(h<NzXXKl2Y$GA9J<)RB!jVo_24`Y7OoFsJGp%
zS&ppTkIZfN+52kuY2NO!J?-9_)f(FUVQ;%zvK(2vAD-Lpv*v5}Li+o3Z+CM~ySHSu
zhISv3B?LTwC~rjeWJ2mQLn9%Cx~=tEBcGu*Jf40vIi8l1zfo+|YVuqvO@IHGj-|i1
z71BRSJ8Ak~&_MWYDnf*q%scse5E66ZUwNc*#woNd87$2emLoriTT58KEi6(V?m(q`
z(vM+|dv#hrBon!<>WuPs(LC;aItx+L`=fc4Gn!Y%0?iYDG3&+m`9v>%phso)hdk(v
z=EQSo|C!)1%{zZzOuASHhG$h#^E~#p*2lK^Rn0;gAZjtBT1IW}ZrgloFKSMD4wwdG
zY%8f;sy&B5!Cb)>PZ8SGt8>2lETf?rH8~$%)S3CxRb@!8+By5PRZn`sPHgpMtDP$G
z)sEZf(>%B%E8QX^WXoCl5r+e{Q2gjio$dVI6YcsDU*lvQhgYRmjI0>#`Uxr6%lONW
z^-}g1_0{j0Vi=-iEoFAAxc^d4|D_6|_IKgcyAE3%m3LjWQfeW_BWnM*5)&mpHcwpm
zei9E?;?;TL8YQk%;x&2V@k%7}b9vXbdE)s>T(89I^2Do@IHknL<%zROT&%?F^TZb@
zkxP`yyIOhT8<e<2i8thlA5h{_B|bh+{Gt*^mDtV`f1*Tupv${DdE$b<CvjYf+w;UR
zC9Y87jy!Qni7S<OW1e`r5?3kl33=jHC9YQD6Z6ED5)V@1lk&u;EAe0@?#vTks>DN-
zIFl#7O^Jsp@uocSqe@((#Mvy-X@42C@E1n=iSzCC^=cwc+FTHB^YOVWS!M}=T%ui~
zl(<!f*tXxolw`55S6kbPB{bJpkl%PsfkeHK%pz^d7*7}_pXncsa6`Q~dFFd5j~lf^
z{K@jP9!=Ao55RrB7S~PaJoP!&56N@SrVVCV?ysVR23xQ6MrYUuhJALUbLV7WZ!{m6
z`8L8hP{<eJLwb(AhjHT3{wA0#UY0yu?$m*2XM4p55N__(j=}u&{p{)i(UOazmEdjx
z8rYOUnruJ&Z=kU&G=(J?PNeGydrKvzv26mMaa~C9`_bOp@ZI@*kQY^czv-M>FG<eO
z>~_5z>%jbbwM%}P?$wZ4|6MdtcIT>}^1GCPd(?J9>Mr)i<=LN+8a3CH5*T9DvAt_S
z{sGP2BQu2gT33q>j-%)n#xO-ywoiPMvUcwiZG#q$6k9Few-)0WwQCSqj1?Mw6hT35
z;QMw-@2xWt(gyp=E+^Wm(0L3WIq)jGq*zF+#PYg*ET3CHrxVycWxqQgA;GW^Z9dD7
z->hNv&>A+A?)CZ-TEB+Y70)uXoB?AV5tw$@Li3s(BYmSI{i7oU$Q&5%+f~Zy#PWIl
zD(;^hH<>o?kk>(!fQ#~v)*koZ&EH=C@S@OO4<L=<Mf2B=i$;C8f0*m+x{!C3kT;lp
zD&o*S4aMoV;lUhz!$bM+&fW}_;7&@pWt=H;d!Aw~l>;!3(Aa&RZ?mE{9jvADOrPRn
z#xo+wjLxOU4*GIsH!`)4q|5f=ojh%yTDTXlmvW{!ob4V`_Xv1!zH)o3t+xYz=h31P
z?b*W;o-OYo(>vzN1l)qp_qMBw6)U;(8Ty+^1jP-m`0LU1;a1~!JDvk_r~^h!xYO-=
zLocHgpLTZDd*?v_nBUMQJd~o}Qpat@`R2r80kYOlhRsw?X1gva1?o0q)iJ7P8oxK2
z#_3+`dYUTvz<Jwel7IrGbr#Rrd+AzfnNcu$ky{;hST0A=we5PH{RKIqCZiwED09uH
z<Yg*spW@Q;o(VAfALOHf2Pn@k)qoMwN(f1EJymgemej?0XJ-FXt*kpv2Lel$BoCn^
z9FT(?#m!ohoY(UnzUx+^&c%Eq(@-VNr5MUz2ba$+;1VV&;E{s`Gjgzjh^k8M#zPec
z)7T~hw+aYbcS9pBbQaalHR{LD1>ojqP_Hvlxa$pY6Xn`Yj1O*8XtB|&w%BFD(r&w2
z(?-2TEbbeBVc*ybJJ)8_G>;;~3Nq->e+3zqD}%Bvdtv9gJR9S=?s{|+wvI(a0B!#&
z8{S-24s%ZZ>zZ@_<8fHk;no#Yn$J03lTPqGhA@$p)1D-x3o~8mVGe6RL%Q3-J<sUg
zh$EiS*Nzr2Z!P5udpwVj*j4BAJzX${^h)$pU@*CTMcCULrFZUsIP*^z2dWa&UD=4{
zE!zEos>y-`saswq)o!UnOhX2)YjP{uGq!#K$6!ZdliSaJbk1@L@Vvm_>^W!oFRM^{
zpCM*P>ya8brNKz_80_)^>kED<m1z1XKZ9VcA5AWy5S0G%bdiPduI#6t|E2<{yG4{5
zzYcfySEQ_aMxJl>*UIAT)Gi|P9K;1EdkE`Gy=vpllIz0wsUFXe9UeRXVcer%IL)Ya
z*Bl+9d2cPvWCdIQC_>M`q`S&*+h_4Y*<ZuUv<_rNm{d!vx2@;OkUitmb^bCv;NUuc
zv!FvModh{a<%}NC_os5&>~BcK2fj4s;CJK--WdQtiP$|zyxG~s7=iL8;Vz!R90x*%
ze4Q%!I;AQD-T67~3!NU7p0ufzSa<qu5=S-JPD-O@$Tsr0IfKrntlyFqTVhe_?C<!!
zZW9oV;_vG4ftQgD_2?d+FQT2iut{PnoNhErozq3_PPw{O1ESp&4RJ1OR~@vE|6nTJ
zR#OF-2`0>svKI}s+`KfZl#lEmDp%5DS9p74-tuJx8_K83;!w|;v5Hr?W_&0lnQARv
z2?@QsC+qGzvo58ozl-$E(c;30OWTGV(TdJxUu-zv@mybfpcGCz^wMZ9XW7*B(oLpA
z?5j1XkJA`*(M-^xsFg0>5@<<nh4gv#hAL-#MHve^6vit4f0%m@@HmU(fBf}(RXWMm
zS+XQcwq<bP@JR-2FtUy5#y|puZUd$U2oQ2`vXa2%6cY&D^b&e75CVh}NJ4;w5+JnD
zA(Vg#EkJ<KNum8epPAi#i%z!k{eFMX^Y`;u_s(peot>SXo!#~5@-|g?x%6S3CwHkk
zehG#BG#Zxj4nVqdrCp_efK74VC2!<JFLrtQ_+109BFAZ>Me>4#xk|sWI8!3}GILBa
zQJYigR=tfINfzP1#^&}@(i+)W*Qa1j;lJ{M<c>W-`K4c?Ndx>-e(16hhn4mr?knQ>
zCxqh~L2*YTt;Qo$${L}3oWuDJcdEltA=Y^3IvjaP%e}<m(!}vksN9T;7nEB^9RGyk
z!HdtNz0Bp8BaVMU@fsX1$gk1ig0v$YE~wuq;)GT~ye8uKM=niMy5x!DpHR7C1`%9P
zu2?|?7vv{K5WxlIiVZ|?SGu-|2}E$$IGk8O1b4l|i2+1#H#yu`SHGJbuEXJOb2zb+
zNZPv`PRt~NyU*doN+P(87g*j9BZ=T1cJaDg8BaRgM2CCM;Z}3FmmE$^DU#po4kwlr
z!O;m&X)lHp!O<g7abic2J_>kzD$C%XP#=l)OmIOTiSbNuK_7|jOmIOTiRnymK_7|b
zOmIOTiQ!CeK_Ag>R(>1J(jhsW;1}m$^)4fHErO%&vY~4O9N?dFP|0;1E~w-ThYJWh
zlgZY1S*^<`{8Qc$IHlEk4!66*%_5F}LbO`n;eu-PI$ThV*$x-bYL3GNw3_R10j)N0
zxPVsk94_GJ4S~actM6?G+4d8iE6xbd6$FOZ6+c2Ii_Y?XXsxer+tEokbO#o!LtJ~&
z-()3wUAgiFq^s!RZd*&{woOnws3fwSDa?VxL3LBsH@uA?QId+cdXAa17!;Ya=7>*C
zg?X%O&SE;5vluZtXC=IeXp7kJ%CEE86-Jh;F3KmaJHp(;NY99Y@|ZtZzS{_K%5xpK
zF+ia?{VK4J3|-FbX&wcNO3kRt=={Az!c|@5Og-7}KU4b$Q#a;v0>S+KV>^F`RlCht
zUdSdVW1}kAFeQn=5^i(GR-N@*HT$j2`W5Kq%up#hYx)(`>QE^|7p(0w>P*kV`l_YI
z`j3$#{b%}h5MKQRDy+GQ4__qI{XFus)%yGj(;2NVWU^qY<)x3fI8klO>OVex+Pw31
zOq}J$L?i4DgmS%SBiQeM$n^&7frSmbk;^jag(Lj_Ycvd6Aq}vE`c9Ux#m+a=E@Q<z
zv$ZfUNI%<m4^MI>%iOmBXPF#UG3>xU>PvZn>Pg%fDx7H9E4<K|kM?5~!XH&1x4_r5
zQvzkPDluBIcf*gqTcPGuC61KAHLamPgCqTAbVNorcwgSDx=?9)Ht5llrWP95u89-Z
z)nKEZq?3KJGlX=jXgJ3W$JIqrh8b6<*@i1$V~cHN@@QD>Jc?vkfR;J=B$zFMiO463
zlB^2e^7qA3w+e$I^fGwHHTar3HPeZFV#KI?Qu<yZ`EzgJ9A&_OzC;W~-=7SRz6tOD
zf_@_3w?YFP{pNs0t6KvTp`S!aD&Er1$N>g9`q2)Gg#y>b%%ij!a+5&dZMti@r=#I3
zqc8In`ZA+9eYvK(RLbc;SBa}@DgwHu;v&+nr+z9VrQG&1)5814UqjXqwqNH@s=5t+
zjLbc_CU0UvPnWx4irOntYE??Gb0;SjEzBA#`6^dXuG*}YEB%<#(Us#{=co!R8^If&
z64u_~L-uImOHV}lAt~okL@wB+uwP+$LT?rzwkM_x5#Ekzt)CgwY^0Q`bLIA^=VjV2
zKXLs+8!@4wIR59-J*$u?Dl=wcf8%oGZ{?y+V&i8t=tozbIN70x#(Be;4aG-iTQt+L
z|E^STwiAr8CsSNkzabd4As3_@w-=0>h1Iie2f?V-w?J7}-BB>(RB__UzPb}I<8#IR
zyhKK@4O#nA8)m0gXdsGKccPsU*(*-Z$^_Jt%l1E^B!wK2`3ml%HvUnVu&TQ-zGvUg
z%P2{3KM$|9Iwi2B8ebze+wlwe>k8#NHa>#axvN4FMDT_mNr(vE<WF)$@H!V%NR$Zv
zXId^v6Tut4CKV$1`D%A#YYjf-U5fh4{>pggE5-H+KeIu?&uoDhP+4U$pt6q3r{Eex
zR%-baoSkGXoc9EaR%>d+4UlMO8>+A#y7Li<M6`{h8jbi0LIJeSy@dk&A*#C~p6ciH
zE4os6+s4p48rHDUaMx4;4?W7m1ch@sX#5J3XG-S-$f(Z+w?5nOPO)C_AOZ_FtKDzp
zT8%R3KwTJA2EDR}Q3ex7%TRmy&$UlkyM*q+bIOzMayrpfL7cv+*wEHcohK;2{-FKL
zJcLw1xa#CrOZxuvot%LlPN23;?KaZO*wm78u3!@06p6|aymAK7kt^@RMZyQ%Scj>a
z`-984{;DoSO<>FAbLITZ*unRGWWC&7crFR#*7Ikk9bohK+a!xAt%>E54X?IM_TlE5
zbm4dS1H-Pin>OrglrAhn&-cOz*J&DW^+}`CF;2(}P-QUJ3%_6<eb}?9uOE0254z^k
z<+IVK(!0P+1*^!fX$P*UDi*SJxS9%QPXBeVXJcU}`twM1Tz1`92YcR(C(K1y>ak|$
zg=?kWW?uLMTIK4jZ=GDH{dIxsFU|{u<P=p6P4jN#kt=TC_dl*lAR>8yicsN)5O@U^
zLWl5`E`4$4At7%@Uyt%_e_&Tj4{PjWT)j4CJ#aVv9_a0c?ED01=;J^6a3cN}d+@+V
zp#y={MWA_cO@a$JSL{ZxgW#srMRzBdD?jWw2)hW2K*gSOSB%!nQ_zY`oxMCo&ulb#
zhgL;h#@I;8I{k)FUHb;`SR5`EymvGh@w;&BfJ6B!C|Y)>?eo0%BM>s6we$c!ruu5Y
zm%3t&oAh=^8~zXTgwDiv`zhTAV56r6hVd3D7ehxp%DGz7*t!KJBnq!=bYq8P#pxW$
zwngJSXnPC$4TqDs634tP6l5E&1jolXwAJhbF+q2uU*WIpmtc`ATxoUD@hW3js>3rq
z_KB#YvSCcmUvcCJ(r3Jj5bu}d>Bycwi_$rxE7)G=vW)?<Y_qe1UtzI2b%f($`;P&!
zxU2%=f_uVo;jPDjNL-z5>`jcSH%&xcjlBe%86t?<OR!8=@oUHOjWSlvSbj7*mcNg@
zuq6!oaBXv;j?G|gL&Q)c`mt4wXco1q5lvgxnW)2=5g%2GX`Gyc{I2p+P;R~3Hv_RH
zLDfo;g;zO<_W;qnA{8iu6-{t4u`2O#gbxddb-)9Rip4Pq-&CG-H|`A&4r(~9F-Q$T
zP8xQiei2(6>IIX9ygjIeV<*pU`vq7qIyc3ttcW{*Vf?OG5Aq^^<=sAPEY{*#re!?-
z#&|a6?Spy^_CwJo4muM-bil04uZEsOw2c(fb5M>wlLT)SjwMac)zcbYc`p#sFFeWK
z9zEjA)|(*JN)y3^f%&eXxLL<C3{SkCBeAK<)kpxvu6!yo6TQwgd3oU=C=|NAE&V}T
z1RP>e55v>XMtPd+$=^tL|3%8ss3-IZ0)y9+&k2{B^(697h&~bNZ|hd1>&2$>9dXVv
ze3zr*z9(qtcu7_ldkMy@KxC1)H!y(?f3wn*2^|k`uKI0&FEt};2?XBi4gD(Dn6A_k
z3lFU^S-i`ac%zH65)RMujGQGtw#HPum+mW8q`byhc}zbqRG+3A;kSg^lV3&n=ty|Y
zH7@HRYXUY<)&#71Y>m4s>UFD>OZj$jT)q)8)Jpbm!w_GhkI;ALHk4syfDt;=N9u<j
zK;ZyScdu4^B^we$Mw!VKznu}kb=;U**cDQ)vCg`#%W@ISU)NSR092~(gI0UR4Ky4t
zD~gj&D12WD#~S*r86F-dr&1K0R8!3ux{~NMC$AWjkxSvY%*0h~aLmOx4(^59#{2%g
zdM8`h%FPNuiC{U9b7_x0po8TSW9eKP^<F1F?4S<m!kkn(g`#36B|Z{0E~C`uGFSPK
z89V+a-y1x0F?iqW0seQ6KQ0OL2P6jJU?<=`VF(X9FshqV4*g!z8aec~l|$jB!f%j=
zEEV=cxe<?DK}cRnd1LkGsJG=IyH;W9DkEZg;97;BX)GH#B^EA)Hntp!$--QQYedeP
zeA>C^8I>(uf7~whlVrO7z(5^h{lTnb>yLzY4Dz^`^em6M2kR((t6H+dVR-p9&qHHg
z##`iF6U~Ld8rFKgt~&4-;v}p`ax>j}M8mTt+&(yNa)jprnY`yu(2FO60rBFFmruz_
zb?!lOfn{}@JHqt;#L{2;hhzUv3GcrYWQ^Ozi5qI{e>#k@AKnl8Ci^zLAH>sKRl(}q
z$-Th4v@eL&g(xoKl~+G-(=i@aC*D|$a4B)H2-OhnU79Rm0eI9tJt=bmdE2ZZnTO%+
zgxqKR2bLLKJI+Q&M%Rvh;a_O4EFGh(Ml2-b%SLvLSvrcXK#t-+VEQS|3pAyl=u)Kp
z6!zUKECAY#J@TjOu{)zme&KUeLXOW$3|>a?0XQ1D?10hmF+Rmn*&?-%*Fzq63tbB?
z25w!LF*4m%zjoa~3G_&xj|+JYMG3ib6@N3qr94PWy@uzD`L8QyUid4Yjd++^%Gb(o
zd-(zR9b0}?emlx__cFY*+$F!`%3I0r`0_#WJE44p{C3rq&(@Fn@@@QB%IXBXdymxH
z$c_ZMT-vSe+8*_}SHk-*2bVw^V)oz~o6t~Pi(#@#g*y=3$?9RK4jfGnms+vhgtr6A
z9jyDfGn7r`r_qqmbmeqz(R7%T(|tPGWAtm2a*RzRq?a(V;RWRpqkphg2A}i_sE_cr
zbsNJCcL<kxpAls(8JY7F-swp5NJy6IO;{7}2U^w?O^~Jn$+`C?A9`f<d&mnq^L)A_
z(N@rn|MZudfd9o_KiM~%1N!@jB@nM9QfL~&-f+-3KrgY$5_2S=ASTU1LSyJjF&gvo
z`f&Xc;rfm6{C24y78EYG$V9@zgucE<zQN%FO#l5A$2Z*WBh&|*85m@S-+zUMVO2z)
zBDAW7n$%tOKqG5ds+@o^Y%8(|(~FL2zryg+dv?G}dfi97FU<E8bs@ed|J^U))Ym8=
z!TP~^ln7}+4GU9V8rNFx`XhzOIxw`#NLLMqlQ#MLDCGYD^0)IWrqz9EhL!o0dX_mN
z7&9A9K{C)S(^eRZQmRLg4<^x0^e~e2{g${Ri5uliNfm<d&E>0dZgQshmYMD3$j%kB
zg961Iuye(fvR>p^c~EFkVT{OFS<bHTD@+o>W06HX^Dy{~cOmi_Y};U#we&IKBTAN*
zqWW0aTmglQ#YfB)S~B7eHf^v<k+>1l2G3Re4)uJ9?G-C$z06v<OnF!Ir_NUyyu%K4
z0M8?v%7cI5jh;!Dk7Az-RuqOpJ9-2ISt_Wt(Rf!#JXSjzkCj6_QLQ!RuO%k&;h33n
zaUH9}*xF<yg3(c^mu!P}=)6V)EL<tI)`^t)l}Av`chdaYIQAF!%1cw>8!f*oJ9PXg
zPqY<w0q+$$(9+QOq0aLsH-4^+j~^mr_MnMWyOhF#P+u2vT9p(CW{*U*3fh2ce}Es{
zUEZ1~bPCafb?sE;MaGNpsPS!JLW57>O_8Wf#Ej2{iWX8~7P|NbbHfQ;jI~V9+u(_q
z%eaCt<GdaDiJXG5PAXbqsPLaDQ}0lHcrd>`P=nu01;B4OY5{)xOt^ztDtD|dO)o0z
zG~P#Mj0X<QI^laK{$KOXBf=X-=a?Mj9m?KE9q;@+&O1a5C3~j|@3fZZvFU?lZ(vR~
z&gM%&IZTe?czzVWjotT0_=fDmJ18-J(AACGvtQ-4D^4#FYn~KmH|_-^h1!jK!AQ|=
z4l_1mCM-Fn6?L+<7Zc8GRu;}oW8pPz87xP18fGZA45p0eH9Gbm3-@1lwEqr8{T`R_
z{;Ra}jLt|XSKQG#KY@*%2T+gn94@vSYF~zh$hD8PyB1|~Po@vQXN%6ogW=VqQF}YZ
zLc2N!pxdRHp}RELps^=YF|<*oT=`NIVYccj%psF0?F!Avp1JS&W6f<BPxoC`_cq+y
z<C0wF`T6*L0<`euP<pIBvdT4;;;W18de6R;na!Fq_3D3Yki8-cnzca&EJZpoPw~9Z
zleO~>?H-`L5JI@eb*;dVLk}H1Xl1sw>x`+@mxAl+Y{6=adBE9Xcq%K44Lr5Q*aHlt
zslDrLsyBBZwaeIbF?D#%f23lfln6Ft$-i88J;OJ?G+YlvuRb`=ok1QFr!W~^>*kt>
zO_1f3Mg&>NI0>ywSy@RLo<L3k((kCAil2yolHikZe6lL|gyPxGJJ61&q#xXo8|Ia0
zn_i!2pPo+O{GMu#xW~aL@XW&NJpl<56XcKzjtwT&c~gRlhbKCO83lg@&1;HZlo&7D
z2J0byVI%MYRR!!Mh_S7yyxRR(6^-4{UiySv>vWS#6T|kl4I(50vs?Kjz<NOx-*QNJ
z<q@9uw2WQqy;p~2FTEp)$n|cANY2Z#Av^mcw8PBa#yrScu}bsn5CR_X#^Qeu{=?=g
zK4#y>?^68d8fiKH_g;rT`D9(I-0s!a%fa6JhQ+N9el@r!Yv9-c<ulQed@^X74q#;2
zR=5cCGs(}g$>H^2aZ4>OD5hAFx^Qn+6BhRr#9~*G;x-@wc69l~pjataCkcos<dI5T
znsX}(Q@!%_B=H9rf=8DBjnB}u6m_Q-`Qdr%j%e9(MB`T2q_AU1eVdJ*MOWz%?~}KU
zenXx!I)$!djef(vH+bJWAMyXp{#9EHZeC-u(q~j>)8$)cTcuL*IXpl%AL2%qqFj!y
zi~pVGmvC_ga$o_4S)hzw%`bXl5mqh@xERD2<wO<8Vv7j~<4g><x03Ywz+%s^o{7Q;
zT#?X|O%!nS47WM7)u(4)jgoP3;ac+2Julhh8`M+0t|r;ZZiK;Ra~T<6e=yW$_{LLS
zsosgm)9acjk($$(nQ>V+M1@Aq_;{EvZDJ=NbW3t)9Ud#|nj__4A5dN^!;!^&)}-Ol
zQbL=uxC}m#MOTxSn8&ktz1Om$@UPJpd<nUQ7VvGe*{6it(2Tdq&<dQBZ|LsuI<$sp
zN4~MOunDW5Z-idIpEp56MxyTdoK!wP(!@yQbGFVnUvJ)@XPt3)o`;h2qw*s=G&8Tr
zHVC{iGxzc%k$bAeEFB;-Q`|%G)}v1)?oy;U#q2Z*6XAs2Qw!xC!-i~jL0e|RV!S=R
z?-P4Jv4f}2mS@y)N7k0um*pIo;(m_zEc+5K&o29o?7nqPzi3KZ*IE~q8cgP$GW8`>
zT&6Z9>atQQo|tm8-%HfzQy%YIeU5oeShf^7)ob-~c)|{b-E3FW?xzynSXZ}o8z8CP
z-aC0&RtOiHW;21U@G<+09`a4fIrN`%p20$Vb=d0KcS|iyq|chL-xC)Sz*VXQQ6VhM
zWg%^zaf6lnacyVXI~n}-yzp#!_5--qobO+<U~JMt=Oa5cjlh%V2@S=>ArB|wcArFR
zLM}<iZLMTT#7eYTLd{Vcm7Z5ZX|o%~H1_@;l)$)w!*2Z&Xg%`Kq~yZ2J>S}EMW19d
zd~Oeh`FytZVz2jjrU8piHyo|+?~U_9(emku9PNcoQQpN~aUr6+x=h!)G}njY*SDT8
zoi$<Ke0`gK?tO72LVFNltc@UbUxd1o_2;aMCyg?20@B{$DA)+Ez-58S)Gb<s|9Wx{
z@A2Wr(kw>B#T*gRGCt8~;%VxU`H^_?KHEGBHsDdB!%swE##TgOhly3Cn+mA#T1<Vc
z|H3{LKLq3CAJ~0}7|QCoHOA7a)~(<*)t}WqV%9%&I}r&T-ml?QEBiI4q0Z9|4zyU^
zKY@nXS(PB+->uO`@^2`b_?R&liDvd~n8NMba4uQyI6AQGgQ=eaQ(GPF1))cUNrSSb
zzQH=g(3f#ydpEw^C-oxph}!=*!WhvxA>=#84F31NV+oHc$_kVj(8KJF%Tc4#QHrkQ
z>hUnEIA&2vsmK3s;eYSH`DYZT3%gj0nB=;%xUjfwdcHWpxoDk%9E;N&cqYM4+38gG
zualQzh{~pdssg>gMCQ@#-Oj2p|CDzJfokuQ`k2<lGmOPjtOj;NYF%Qozz!@W0XI;`
zmCr*~1|P49pHG?0SZNQnu62{B)>`)ru;z^1m57BE2};8i7J8Ul%z|1fhwD%20|KmB
zT1zR@@UjfAtB~nO<)@B|mxR}JT=Z>g#|8OJ?+W>=gzK3pTtk~HPVxJH0UlQy5{<}&
zg1u5^p&pvbtJIgwSuxhx=tU#EiNKq+G^<Tt7yhcROKM;-t_*Q;#|3fO7{=vq%r7Rx
zd!uy!*)FvF3d?k!z)}$Io_7V6-olY*998G(ex7)CD>S-#F;>KGsikVe!*O8`WpyHP
zBOBDDCD-UL3oZMvRq~lNI-#M~=!=Ayk;~_u)o!7Lt;%f@{g{wBoI0x=n`&Z1`50Dd
z9ab=<9Sop)78(LaNNZ|4n_#Z|47gbt(r>Mv3mo|};r$kEdL=aGt*wUsTPx#g=r#vi
z-+A$Iz?CF4`Zd<oa@ov=tG1>OP^^GbwGM*ku;S;$YwBfG2gz9%dKsM<tUbrzR(fd!
z?zLzu?2gn}--p+yBmxYa5{EK5r1KLed?{)79GsTbvT4J4vVOK)o9C;-4;2>Yc%5bG
zTvcIK5&UZ!pII4v#(M?vUspWq1|bA}{X!r^4vp|IXBn1rGj@28%NY>iTwlsXT(RT_
zalz%RP%JL%g1Dk}bwPPF7LHc9G%_d>J0lk`K<S;~$`ENe+G`DGjtKck&8(V?^>WHP
z1Czwxgy$fKi*oNo^+J?{tFABNk8#Iqt+(!j8|!Gp_+FhBV-eiufS~Zv1xTgd_Fi!f
z<zT%8vcpA}vx3!7M6+*X&lFPZQ|-jHH;D)BNHKBbxE&QtaaG0&<py*OW(H9sXQ6J*
zSZt)NK}_Ci&Uo!u+Z5*j%_mAoUcTC#@x~H83Fre1nr}8|yf&gy_FPxCUm-2Hz~LLr
z5YqXKPzTq1X;7f|A>9d~bR?zi#Jsyj3iYMxIA?RHjVo})gSrawt!C(k&Q-|R<9_Si
zT^T`Bljt)cekK7U{7jhyTNLYR@OT;s{riUSbKwAtF5&0ytq_YflcN;NcsVH-AmhAD
zR`FRmO(FL^E%&lq(qQFbwOjN|&(k<h(|bLt<V&vTVBx%PMDmp@)H1Ej+2U#-RNmyB
zH<>eZIW99}?(C+#D*&C-^GF^g;Lg!-J=uA39~<+-6=)iUb>zo5AiIR2$S)`Pp_}sc
zw!%=yk)L&b5jv*jj$^rNC}e5$D<moS1I!(An8K(gKC+kRW;U&aj6`FF)Tzpt0%YFj
zUecS=2ee6DkBXv<Kqn_+D4qNe^x3d=a+QBZCqD=&g$u|x3GZ0cVU5U~MfJMf`qt@&
zfcn-A@01vI{_4e`i}O<u>;EOd*m;YW*U+0d?6LV%ghyuw$s<{1LZh>Xc$|R|9$#B!
zGh;{an<(!ydxKBOy#dn4fzJc;ll=i^;1n6A(r%BORw6p;#jCw)*FbMcT@1a;VS4L2
z?C-A6Z;1Cf5kvL)lHv7v#>1;?-rFd{3Tf!Em!itN)$9uSO;>-$-&FN7{v@l*1)Hp1
zj^7a9<9<i7d`F<KwY4T9Qw{A?;Std$-r12TuzW<Kv=5Gg3*Fq-up2<FV{yF@4{lpZ
zk4%XzI9yyujl5v}z{(&Tt8;KHYvaEX4OSiNZx{z*zXi~Yfvxquw<2T+4+bbS?%>N5
zd}FaFo74N?x7g>r8A$wMiEF6WF}B1VT}WQsJ&I#*6c-Q|cs;O7iZi3}*onoiD2^Qp
z4f07h#|+^aF=rjjEuryb_A$r-k#S@2tWqsJt56HiYDDnHzk(!);EjI;n-{^G^)_j5
z@F@?rBkvuKnW*2wq=)P}+j<K46_x{L0$Yat7KjzIY@v!Vgg&dVy`p$=vw3%9q^RcP
z=p<jZs&^4d0O32l@Q0|!NmM}&ipsW-k;#8r`t=f<_-N^*l9;kI(?=zmAO~eiLW{Pd
zQB!|nRRtM~I`sB;a~&*3b<*emZ+$230o(K6!2D*kcyEl|@_5u&y@Uop`K4E(HRVab
z^$B=2!37SyhTtI%`~|^N9e6Fln;du@!Dk$JJ;Bc$cmu(%hiyT>B)FLaZzOo218*XD
zwgZ0!5cW0S!(N5=uE^^C8&y!7wIm_zJGwnxuv_%3-BJ<NI8o2j2z@^i$jiWiH6iEF
z5~ZhrFFb-jSQ23#Rv*cKNLdo29=CcyCxi5z?3Hgu)o?@J#II1Fy&6XQ<()4ARlh|x
zT>y2lvAC8-X){qK?CWChT`Rf=W?=iMf4nDUQvbLqJ{J)&)LisqY0@fI#oTw}dc5XY
z!VPPlC5&32xR+JE9o?aRUjp7i(Ct{?T6@PDHYqq4^0v0Eck^V=8tcep;W*S91gGA!
zKI#?GdoXg*yIA&Pm*sfGlXC6!PjphzEZ_9mrpV)c(k~%fv&(3q;f6vR+>LSEHG>Wk
zt4-**E4Ogvxa$jPF(<l%XLhanGwF{C8y%602G7zBJ|jLHgU<mlDH;RT2^&wKtTG@n
zqxuzQr{Xdk7pp`DMB;`GEnFXR>H7ie8qybV2e9tQ@8x#n`=3HLP$+WU*5qZE5Ei$T
zMz1(E+rJb&#bDkRgWxL&%c(8|;~BMfkn2dN64?EGdz#`rw}T%&O@S>dNW9E6<$)IO
zkRR&aJ&zF=PDbArPEkexqL0)}7EV<}Iixb(2@=5KcRIva^)7s?p0F70=G<r_x|J*z
zr{JIA`^`XQOjo50Yl@XS540q;3(iDYxMUD(xBg%0;6w>HH9?^Ex$V=CsXe!?_LPs5
zpIDILo22N!A1j{4sjoaQnkMtAuRQU_SDxy-<6ytyQpnmi<||+G?iZFVx;2xATyC5U
z`b6qN8T4yyX0Qe#VkjB(6KU)!WRTU#)uv-~^0SdrsG)S`K3=#_!4-6juilILCa{JD
z)y4SBvk}!l0tuUM^*;RKX)Cz}x{3qE!XHVwTLEVgV*Jsuwt3fT?3Z{%m@gd;Z!z_r
ztp@BY(oO0-L6eEOVT>LxQYUqUWk7nNTFu2{T&kI9w>UW+r?n022A?V~u(^guly_j~
zrQLunj^L|`XVww?CW>eF2A}fw2W@4oWvv~4h2^*<7Bg3A6<J~tZ54laqp4qEk-|zW
zV~BNi!aE#gMr6B?Ztxvo!|MZ~Fb;~F<txs*qWidfH9a81_CbVu5ub6Uh*&#`z*>tj
zjV?AF_57#feV#-DB?8_jA~5)0?1nbRO{9OAaiky2T)~oDKWs6$ADGVd10&by2clg+
zh%A()Zun@<Lx>_CTvwuoRA*p6%zEdbynmr>R!)Yei9{&{xo+l)Ep@Jtt=<MNk<|+@
zxbYh}a@loyRy>Ko0CoByQ>d+;IbwH%n-n<Z40h|1>RSC^qPNo$>(`|;HR}(?650)v
zAE#n?723A+VIa$&IPeiRJZyV@6bSV2W5kCJEHhbE!V-GQK_Y-Y)I(sOjL4q<@q8j|
zs--AnYCS0bIFI~W_^kgHWip*d2-KcOu64{7<24o#;kC!qPo7OO_?mM7)5*YP#P}Rg
zM*aSy^}E&8k6T`ZhB_U8lT>jf_g&m55jt1ln?xP;NR<Csh*zB_<(4&cRLt{G_aPUt
zOmCv_eH<<FisN)U6goSWl~5OL=o1XZqMvr%9`L4KYa!}Tz?&E|R$txen^AteSm;t=
zArZP8JhM0Wq4Yr})sY?6@t_YfAfn^pwP=lt28QE8A7nrzZdf0*JodTv;qP1@LRTR$
z_)PfkrEh{W;lB5c*f>abPf3<GK(ui)$0bYi@F6E`<h)Dy$q{hpS_c$WVF}y%*hlPs
z01P)Tpt2Z;FX9J|^DT+Otw;{Zbg(}z(Va-(v>G$$n+<H?HVu-o_%qaD@IKprId4FP
z+M)KQ8`m~<x(#SI*H}|*17_O_b5ReeF^o7jxW;%xZmwM@bBM|;vya8hB0OUDgGmR6
zr<0qUo$xEf$0#e&gci#X?+fKU=8KJKFh#xBDku0FVce<^UHTfT&9$na@gPdFxFud<
zNuDqHQmeP8q{J%H;$`x9B{k^D<zBH-abh4@4h2FCBQX6#dLv(KtzZwJ=NkKDD(aT;
z_D0=ArwC0dTA!MH&Wc8P*Xkl|;A~PM92zpyQ$EA@#QTzTD8GhY@e6mN!Q~I}Sy&DH
zXV2@hi0*udCOEW9-&kl0O^Ba<)LN>%;`Z1ZxeJ*zq`P*Pv%Fax;(Zr+O~s4ZFk1$P
zczHNf0^sBaYS=@eVvg$hbGmD>B%cc5G7-tmGlN#&{Yv`I=)3o_m+;@{9Xp^+@Ckto
zqt5+%9j<}iLBvq!5bi@RbXFgU7KI!>b<<kUfcf&yXym>Tb!*6#&p6Azt4W3ead3_9
zxfYc$UIKj28@$$3{t~e@$@{48k;zavWNcG;Thu|*OE?Dp3UmVo{!92lQ-zQB#cx=*
zkIk<u+dj9um~vsA95T=Xtm4Ook)ln3cCIx37OagMcig)$c*ZvPr1%bt&S7;Nzi>Zj
zEK6ign1u%%G|2ym_L~u|A8(KMBN0Qbo&F^KxQewC-@4cXW%ww=>T$lju~_{p+Tf<i
z)!l&uxse~|))}0Y8_`N1leO&x_~)AD8lC$(z3E$dVyofF<VR3Ji0sgjZ}E<og0*jx
zauzco?Uw@82y+fv9js$n5o3vAKxiGy5J@5Cm?vW981Rnz-}md9hOr}Wn%QyoxadC#
zx$Ua(1S%aGXD5MnNvU7|9ojk2yQtR?$`udy`|ngV*q#0+g!-PAp4r*&=k_b)nW_`|
z#?Dg`hD&zMSrSnrqLxQifdllEAqFVxJqh)Sj0rnF|Aa*D0oa$(<S_m9sBs)ycpe2-
z1uHZopJP4Ebt93E|MS2b-I{pu-Z!Lj>6Dg20h3PsVpBpxDXCsPg>!r?VZx$JD>jGK
zg)-CX+;_W1?e)YCVR&Qs@n-s-L`C%^811cdP@gpO9eiP!zp4wv>||tl0COeUYh>*U
zC?>=M)V(vx1E#Z8_a-n{FM3IO&*(*gF)G>jI1K@>f^d*>udrjnfqaN65{NQ6cm1E)
zs>G7OV%?%w><Fxnjz!f&j9q{cUBA;o!Sp+$%e^;pkigMM(;C|W<CwHH*AdKH))9;t
zUq@_@va(9+yL9lF@kU4_;l_$K<Bd??>q7EXNJ6FOPRPFw`CD07%fHKLa<8F!aGQkR
zlPGqt6YP|u9GWQZtf*HU-hvsWzzWGS+KmgN$1xK}SB^7-XITcH@Sqi=k~02?hX4T$
zaHBZ%eZr#Y<cdwye3+ksJ$L5{X;`l`{6mC>goc_;-W~=G!zP2jp=8lTlHS)*UQWuZ
z5UaMxyHQpk!-+Sx$oElDNQS!<Mur<}dT7$<JC#c`DGzUl^?iu+g?BB1?R;(cld%jP
z^_+i$(t)*6I#PBM8j21d{FiiigLDYj_B7U3u#{1xO{3C=IHe7FIiL;khBmK7Y2#8v
zX%lNRW4ShS^1WZ~n>MoSQ)DTj<bSmzj8vN3<7k349)ZEK?4Lr6V2zjbzCFV8Mj^c&
zKdtqUW^bYf)`zUDxng+YDxR<pS(|zVzlFG7vB?`#@3-pRZ-Vg?xS~gGp5klrcSHlO
zJ!}VkTXACzj)!-u@381}hoZ!REQfWwX4Jt5?=q2j`LQ6Fe`q$H;cVVh+&F{d1W<jS
zSxbkd$1Pmcwy3dq2z&^}Evz$zv89~7#UGRFB;&2^qYKy#tK&a581qT>1*m?2{IKQk
z;13Cp0$h;Gj6WiXanDs23ajJ!7#x-8IZ5_0u_<HEQjuQb&ns8G;J^nei#RHSjSmgu
z)WVaj5xkN2By9vgPv?J<H-f)K<r1k{3s2fc@FpM9H-gvswn7?5@MaDnt!m*(vj~2^
z)|14G;Eg;WXBvFMI|ww4=uFbN?e<-Xv0wVSfLeu3x%x3OwXCf-VSgeRV@wt%`xKb)
zylVP|5hL|9^kj5b&rMO!CY2fg1iq)qudqm|tvs>DThhkz4L73O%}xQCozbDS@kh6i
z-27wc!33rp^=a38^^C0G-Fy<NvVwDEUS-7}k!`)-olZlD>Y6x(<!=%0*5;BCqv8_k
zYd|&)E4`&Q3w}*{=RuZ?4#^T7Y-4SIjF<jc)jo>|pnsuR*3p!kV5p@LK)R(;7m_Uh
zCXIN?%!nU>A!_JcSZ^YVvh*KBjNwJ(d^Q*_UH&=n=7zDg*0!}-g4*<SS!gk#yoK)5
znu4Bi&XaWjH-#b<k&M4!jcv{?HnkD7Vx(x5&DTMxWn1IRaB5e!NzH<}@yfjrbHR%U
zqpz4q`PcVCvWLW4mF!`h2#*^XLwZK=MmCV15xf}_q-QNW$zkwGkG6qk9V=|8nj~oB
zx);Q4C~oOjh}LPBsCwM}jMI2^iZ|U&I`yT%waWuDjT)}#1OGUf*~^Nq<8x2SYl)P{
zwSYHpsLvrcQnT&5W4-tuu8~uuYotwPT#|tup6e{7K}p_EArnX-+lo1yJ}r^GF}wEL
z2=8a<+Aq;Bj5jjTPnN@QP&N^B&9ht~en4{!rfv^zKHAR-?>oqMOlUlg8c}}x7FfyP
zi&$TH7Jte|5nMp+GTqvt2UK|iGnbioamMpz)MqA+$npXyur$UWPIjjI@>GXdirhY%
zZkMx$efK%6q3dBNyH)5)dsZ+qNL_yk;aqWhUs|Pud!)aFP3&t2apa*W(@+Q^1Q9Sn
zD_<6np0Me7+vppatf(ynMPpc0h?1g8kD}7KVzWW9h|(BALG`AcWf$br#x|H#LuT|4
zQ?2N>nM+RXf@_Bzd=!YBEo}%YtJl?5ps+l6P8$oXMc&*EymrWDoWa&P-|!GC>UfB2
z3$+m!IxYKz_qj$OGR$l~estZ!l!Y!twd<CI_agF$*Z_6Dl+E;_Q|=0<Q(2PytW{0?
zBAB(;dm-{rxvs8IJK4L6<*sZydw^N^Jg?E)f(%=vf;jgD9yUdoI6)C!ajq5s7Dwlg
zc2RBOl}_hY#&M0`F8tSjKROmXrkqEh_Ws&x!g%O<H^+{Z^c9jK(htUeg9I`7q3$JS
zQWTA08rexF+HR5h73QO3AQFja8!5E2^BuocCpz(QuO<-7zQ{0bDrjC!0;69k_my^E
z8Gg+{JQ+<@0VP>B8X%wq)VZ|v`~qER@8^Mn4y6wZ?4IdYSX_6}uduN0Nq&WScjIXa
zX4Q>R#*82gD$E8FPIWVkkCw+EzhqF1b8lZTPq8U5Q@I<4x#EswXOfldB?|Lbvx7W|
z!D8e|43?w#K3(^qZ_lx`^4oN=l0zgv*t4iM0aofY@M}57G*NbUA|adH$-YZ4y8F(<
z-HoP)rtKS#Xaj_Xqg<{d-B+XgYIa{O?kn%UM)M0aPkR%fUv(<YnIUP;>_~HFMw&A#
z(wrHQ=4=FM&Ne8`!Hb~z$&Tjs{bs*HQV2nrNNCPn<z8wQBgAF7#y`QifN7~(X5X0s
zO+pb^eE8gjUt#-dFg?+h>HP|uj!2LKk&!{Pjie)^a3zWj`R%DLJWgn3bm0xH)YLhb
z@?pG$+n3i=K0M^)L-_rr%|tesb+aBP-Bd*@06cvj04+%igr8{|gBn9RxAG@dZNrb9
zqyLS1Oh7&C`rGKt;?S~EK{x1>mu}JEV1OvTPWZ~%50)<kI?_vEf$J{*qnatpT_hI0
z5z>}NbPwhfz}kAnjZ6%PdvT98G34MO8{!qm>n+PBUfha?-9tI%gN3!WP0wFp2XW3}
z>h|vB?RZ`Lv9b|)Yt9O?J`ub*6UbT^d`5g+e#td$FsAW5G_$NBhl#d~<X4!#vSfIp
z9Y#6^gtsFx)LEu-W;iYkcnpZdRR(odFe7%_5zUGs6*psn(XS4E1tPkW;0}=3J&BfL
z+Q{v3F17@VkP#g9pEbc#To<FB6A(|eN!+NT+eAc}5Zo{etz_!7Es%RsCWKUBd-C<P
zS;VAT3Ofjd{ODi$XZ&_?%t%J{@;8TvuQ^h-@KSwWVh}cZ>4DiOL37Tu)|KAEi7(k&
z=sN<LnZ2hKWAIo@dF<o7MkjPq9j|ADs<Qam7<&N&b3-}dcEF*sN_*w4n3dk7tGY0X
zqGK;=Cv3|FQ8JzB`!VWJ*paQ0`&2l16~cfVF%AvH3Dm-TZwz#DNZSLwHBZxT-Uk8|
z&YQ^g+es(^acRY&IeXq59Lz~M)-pnBJ0Yg@)p#@vYv!~!3#F_ka;QQMpv-3fQ)aVg
z!!r8>G*Rct4mVGdk3?oOvB+$u7MacD&XtV3p}ZZDq(r+~8fKxm{gz=6-M*s{pgD;(
zDOOta6;QUqco%PKhT<?^3jP6Dd9v>`+-&5D&Fg+Q7vPd88dQTqNeT8j1VZG5kY8a)
z^dO&1A!3d&=O>^HwaYxN%1{?lL`T&`V02Wi=Dt?vS1`UNxd8bJ0w%kF;A@J*t?9m|
zxv#1G()pzqyt2CVYofXa&^)(=8D<SHF|Z!M(n;V2OvTwu=}3HG*^V((=i!ue0ijUY
zsbif3-k7Ak!FF`d^($-z=Y6(;^FFK0d7m}pywCde;PfVQArG-e%0tK>^Zpl(hb#|k
z9>PP+#O&V$S^;S)p{#;%80#P$#!5gdNGq42G?tEbf`K}M^U#X69S%o)cT#%bK0I)4
z0~}T>ZP0#&bS8gb{(u9Ni^XHp42sBFzrwy?Y;a*DHqK--C>EO?!`QT#ObGHG>sJ^O
z;XOUTEsCV^WZ$&h{{#jk9gvq65na!3&`_**?i;=1Ky<InPJ!MrS^Bj9Q4AcEu6hT7
z+Ut^o$SLOCFFhY}0c5+=7gW0E%Ez%X@6if?CaE9Cxef*4q_+)T<xp5D;5Hy?B|ZE}
zRi~Ra4C5`3Um}-U_hEByLUXk%M=`uf0g;oXwk%!m>i$NB)p7GXZ6;H74kNzwFJx`V
zDEb1!jSW`9|5GE}*rO!;^BUpCE+ye#tRno&8sXvmzp4>#Y~qqXF4vCKpX>RmwvXg-
z?IwN`#gj-5&-R)<eBxtomDIdnljX|DWdSmBnKHCNOFzrck?$1pqh1)^-I#1GHDliF
zn#2_v4bugfKay>QTgZklK8onLX6_3xKtfKFsYzpJ;XAnzD#&3E$pLaFhxL<QN##TQ
z9nR{%fdoB`iGh9#U^NJ_QIAo_OUHA?gAxM=+AtaW45IBRSKKx+u(J*7StBv9y8}8B
z1N%DwxtA<}+(jfXlVc^5x}@AIE(1&LFylPj;?&N0e|5j`JG9o>OV>uDb)VrCR2%jW
z9di(;>pf`)9Zr$G$u0l2P$b6G+W4U#vL?V-3*)Vw$LMGba{bKyKUDjlc|`E)*DEi_
zIeZu5SH#v;sG!cJH&MfSzrabQCz(E=I3grFsJ~2QUnj&_r5?tA3W}763kBBjC4IUi
zxv+b>n>3rW%uw2wYB!~AYzp$iy+^c-X%b#~uTBIjM&`Wo0#GK?m!+wTE^gvWOO>i+
zj5iX#F7Cd;`O;P+D`~2hmZ_}#KGLlrvJz8S=<QH2C3k(F5RtjiZCQZR=&>VP7C%Bx
z^77usDrCW1^vNNlHdq$5s>Ax7*we^k4lbY$=1$e^*}eAJE7hlW0Lr>u_1=vt8wX`1
z_W2;6ydg)6G;Vs4bNn-M`l0(%GWn>>o1)_jsH|GZG#`4DH=5)#+q1eur9pfa%s#8t
zoWzx`EDX22aj~Z{_&7l`v@<rMj*6UW<UTqH`X1X+7jX@nGlO?tSodgN^M;!rf-5hK
zfAm!E>Ce<ZTKsyC0b!xPkanko7;Dz1of$%7AX?<$fjW{2DY=!C2*IXm=4iqi=4b-1
zq`-ZM(w1z}oKT<(mU%?foIH4Z#b|xp2MiEAT4?yu$L&Bf2V`$o);EyH-n82F4c7=}
zZKal}Qcuk)*=--ukq1}op&^b$*s<b!)4kaThUj|Se@)jH(61pn{?F+8A~KN&EC2sS
z*A=xZ_TSKza+vdKhxiK?P6UOeON|I}dWP{gBzF$-H*7=tNs?Yz(YzJQ{?=T$Zhj1L
zij-p^n?!_#dXGkoT3n<DZ<t%7wLoT7+iu2KrI43ttsToU8!i_sSfx5Z*NK!i`0#4%
zbVw8%T?fsavJCs0k75~XM))k}SnurXluxNooQ;-1I@9(*F(Zq>MDQubAINV$LtC<O
z+{vScVsBP&2jcLC#X=I+2^BOG{TB6sCMzxqkkyLGURF<Y+__>*R&VIx3LuL$>TaB}
zUuZMi=SF7D@-{zG>uh<TN9)W!E}Q|n20Y+<jcAjGw-!zxGOR5U#yPTrbkn8ZSI7OE
zF{v?o75%N<n=p;6$AzOtHrtc7cQ^?WZE9NTZ(Pq!dt1Eui)?!n^1kR=(q3KPli2ls
zy0x^3Gl41$q|3{g`}nW?J*qjf&{+rcDWBlL83gm=ad1OIXA-=~g|16*{RuXd>)!I$
z95{>MugBTY^$GscrR^nnuLEgPDnIAIIRxKzAk9SO5l`7lZa{F11LqN3(}5cjoaexe
z2yXAdjS24Wz)c7q;lND^E_2{!1TS^q<^=C^)R<53*DiDmf)6-w0l^m?xFx|6PunJJ
zMQ{xVZcT6-2Y!v<;ST&d!LuE>4Z&L+xGlkl9k?CAmmT;GfZV*$E8}+rWXyy+F@SbI
z^&7x2f~ZWD-i9@=-doWO74H*dk_j2_XkaUxgYiMd+3s!T8oXxJ_w<aj(Ro>rxuZSZ
z-R6~NuI(L`C{Ow`wxe+iK)u<{uCNluNQo!T2_#b?TcT(#y6$cPpPIaxNEn;1VPjba
zTZ+Evt-7XUs=4)1S&=9(*2^9KF#;F`9_?Wslmk-6!1qu@>*<nmnx~L|A<Dr!%~_5Z
zjG0Z)79AB_tdzHR;4TFBbKtH7`yIHD;BgLIMDSb(?ndxR2Xf_8zS)6$5WLTUiwQpC
zz&#1R;lRBJ{@a0j6U;qh>%0%a@ebUV;93sckKiT_{3gL29mpkEd4C5UK=6AG<f^WG
zfdjuq@D2waMDSGy9!xOvtgY1{1d9&*Ho*lBJe1%f2Yv_Oz{&Wtw8XDv{5p(Z=d|GK
zaDJW3uQI<b;#VKP7_f8+{*(`KS#gzGzSM!=1=zOiCNTL@GD6>Eh|Q(ncV9=iuOr=8
z1z+9(<H*{z{4_Evy+m=VNMVZSVo2eI7h_1_mzQHmVUssvNMVO<ZyFIPNSNZ?SWMxg
zk77s?qTKjgw4OqVd<;o?l-puRVb!h}Qh2Z@h7?Ym7efj^ZXZJmSMC=>ve(K-#E|UN
z@})7PaPi$Sq;Tu&F{JS9+cBi@*H<y5@L=cjQ7Q@B&Ws_2c^Ai!!tY1NkTNDtk0E8;
zToXge$h$j+l+pQI49PK2{wzR}Ne8i_Amgkk$T-&tauM?kah)LJTqnpl*9kJtA%cuE
zm>}Z}#&I>M@`8+4UXbz13vyAc@`8+4UXbz13vxFm53x4~c)9a0{$XmH(xENLE+Sbk
zGu{O`iAav`FmeqdS=lhMhe%d7j9k8K#9;%hY#2F{F<IF#ayF41-(lpAM6v~8<UT}F
z@P&~TBH1Tl<hYN#!7-0wOm<W_<_Sb{(1(%d5y?RxMqW!K2YncM2az1~VdT?9a?pp7
zUl7SbA4Yb)03-)}7`X|NVkHdq(E=hl=)*C0Cz69cjQk#v9Q0x2sYG(nhmp4s$w41R
zzC<JkeHi&JksS14WadR6#RM9vXBUwi^x>H65y?RxM(#=^2fZRi2jbp@+N_Pejqa~z
zp+o%!`jNM`tP5ywdkU)pY)`104t(|q=ZaH_gQX4kXo;8QPmu-Au9Uxr@*+=+Ty6Bo
zAD|BAb0GNqp?vBSHn0_8-H5fuIw*VCsbEuGicFm4Z9QaA%knk{MlW3Q-V0q3Cz0w(
z8#!|r>(3RW^@6iL5V`UdXpB`sS%0|rhs<cS!RcBI%j*EomAIU&?jD7YKBXS=q)RSs
zXPaV=G&p6={m$}R*FoQvmm7G=ZIf5N4+Z0i4|-%aXR-Vx#drxT;Hh}c!C)jEmbTmu
zFZ>AaeMkZm%de2OIBk$PnHq}0*6|$>IjvmU6wTJ#ap%1A<yT*!EsK!-oICODY<+wc
zA)9Xq+4?rY-nb76a$j=+Ncltjhd-kH;~h?Y-vc8QmgA558?sMtL+FhEs!vnZs`e>d
zl<Vt@`<M>p0u`GG88HMjWMQ_3IS;Fbhd{1OIkO_RYG9XTwBbsP)(|O_sFtSY5{PqM
z%V|*vUjm`$V0*nouh8ZOZN1#Jm3seWXzL`Hi-*s@+E%@$%$$1VHQg|dU}Iqc+N2x^
zL&?VIcecsgUuIiI=0H1XV6-T9eYmk+rhyM~;2Lmu$=OYKS-5aM>OR1UC{egdn}HKg
z0Ww**MzLtEL`&LeTUbQOMgazEGU<Jj2y3N;cRc7Zld>dHm<HoV`CN7qSsfb=O<tly
z-G*s3XejOjM^V{xT6;#5{ha+J&zxiIpr`9Sb-Tm)1XOrUWTJL4v0HExL+n7{hf7gN
zLiu4eFpv^Zy}fxp;UF;Zy8jhFj!X(eruu#lderxBP8pIe-3cI<>6#}Gn>1v{paR@M
zMz=lWx-HWRmtXWuV+I`{jcrc)b;-ijNDE1k>?*p4ejprX--3)`#Oo^d-OdOQ4pK@p
z{MtnTrECw2L@;Lh!OUI!CT?lglo;=(hPVj3-ag@jSATFDv#k*x6JYLszCkM%DWuUt
zWU98%2x1X;u$FxN<W#S?wqZ|5BoS0bY#A4z!IdNlB|Y8_nsY70PJ-_S&3=R=kS&$w
zy#9>VpXRpame%Gm#UG*^)+Ikic>W5CH_Gg`d>i+$np?blOLKd^9gZk1`S#}4d_E87
zEg_$#C>_cLSAI0nLdOWYndngd8r#c{F?o*3<M{;UX2w$U*!<Wz2f<Y8=krx1<LD~0
z_4CbD=418`)y90M?&&d}*yPQ$>+A{|-cq;@gbl(H-f<wxdK^bW3m!6D>?OKe5?U2A
z`ng?)c^cF5`euqS=j;1GqQ<&%?j<|VP`uUS#uMR4_-fe=9}ib}(}gF8OVZf}ZKHkE
zqvvFMeIM#u?-el&X0c9wg;TKXhR$x}*a!^Vx!|**r4grL<k2<DDM@u5;sEA`lyru{
zvC7S9Y}c92P_%S5cX2tB^7i{lfxAYw@6y1A9V!;jrWijd>+6zF$$mKJn0zXqF5L!V
z8_(g=hnP$;LpNd+a`@?OC*ckkVql)0vp)LV`JqG#_ti^86%!>+GdeS0uQsYANVGob
z#&=yI2l;r|FHwbt-giJdZizwIWm+40UnJ-oxt3{b==~EAp}OF0<q#)I#b^U&(&dPW
zBS8B4k|sezWfMxMozavL9Cr0Eq{&1aPP{fhi5=nHO~07b(l2!h?W-`ZK3|uwFWiWB
zFf}y?rXG)*{rOyydWBKpfV7x%Fi6)Xr*Ak%^no6|qz9WW8yQ(veKF9|df9Po1LkYM
zti1X39;=gvcOh<Cj5BaZ;&5w~)@!r%Tbe5G3goc$oo;M{FJdvr%~HH|MaRT!bA9h!
zAS5z0ndIw3G{j{Z!m$P?lmUy6EPfmJ=8QaDUO`KE#hnbPM~0G)$~WXkY55RO-D`V>
zpeBxFH9FszA1wrJZq7HudjgrZUD(#lOHBEET1&nKR0TOnRY;|t6ZoLp2nf8^?lftD
zD{CO-lMAWy)v3EJWaOObB);7jpuP`Z2XD5F<HAi8I|=#8;f17iloudSCPS<HH3Kv9
z6AA>cvb1C|jaL|O(lt+WvB<L>@H<EImC1S=h~4^hpzVV7rz6{6k@d6oG9qNxj=M-J
z5D9Xjl+N>#6dmdc;JylK2TdM)1AjRYWQ7x`1m~gH)~^@~%XA*{4)5)u5uzDq`W{3L
zqJ9WtTD`IK^&lMvkl$R^SKo~C&C6yywy_w;3Pm?*!2ZkMks)sc>h=6OL1LS|YvRlt
z=Ix0>X6t4GUc$0MqJu0A<_z${#yZU!-3Hd~xdrp!L}ZCa7cixYjXB}fgMBw(U6LtP
za>x?&)Sy=#?&33VW%CVaysgdqoXvei3C#9VVxk0TQlCq>*R%z07zy)kWEx0&nf8S_
zua`HX@N%rbf<|54)3>vqt54tDe(o`Sw*4$lpKd?rO`l{xH<;dTKR2A-Xg}vtfm6qu
zi70_e5?_Z)%QB~Q6Uv*KRb&I^9}V>~S>;$zXwLrNSfNYW+Zc42Cw(-L+|-i8lI|?l
zT&IaT8Dla_h%(sgWuRdRJ^V~k1%bv{LNTZV*dR#Z!f(Kgm{#U058%xCuoGdpU;`NI
zGjy}eq3Gt2bWXBib9P2c)DgK3J%)|7dQVGgNS9s##KYl~VLN(R?89+yTUf(fLIrQv
zHN9+Cw>Bu7&ez4G;4*Q@1QbuPrdfi^F#db)!`A3Tav63&^Euh0;Qb$1yJ7xTou6ju
z!p$7y+%3^DJQi^_B)#z%`zEMPeL5Iqb}u#J$CN0X3}%!Za3-RwyFf)2Yr&uSGODV_
zppcM1)KLV-RDZ;uWc6tL=p0EGY_pFeVHHM{0jXQZx}Sr67VyJHte;;Q6b~b%&TE0n
z!OIOa97lm$@otJ=VKt!V@kho*=~XmtYOiQ7z7&?$p$%Ggtq!S5&A!{qQowRPs`Ky!
z=!l$G#5oAb1zNALSt~rZ^qs_PW^d`sD%6RtNi!#Cyil2N%8|h~PmKdy``g^Q_R!qC
zVmA^OXO6;i#i(jm(a4up_9+iyO4%;<psEztLvlFa$!rb*-N46lplLBPU^z=;hFUk)
z1`1l4v#|@T#0V%a^Y?Sm*8Q~hn$nQ0RiczO5}NXK1CX8nLi<?9qTJAy*l`4JcAHPf
z6AU)4P9PX;n4L&4*f2YZ-~xy;-Cg4jPkE68xy@7F?+&}Gd<wxsT<EC;f9$~12wvvE
z(+S?}z%u|2@K5<k;B=!?wz<!A0nbGP&SC)nlwXbpob3W)S)IcG{#kl1zZh@nPw+?V
zbr4M6#=_&Y$2|+V<?M0ve<MO(Pve}aRyp{;73z9$-r^n%zVMAG7!uAm?p_I7`7zq?
z%`oR_eG=Y@sLvXZ8`c3%&-36iW{e1!Emn4Kn>h+<CwmSd+_zkQ17xzNMAyN(UZ!hf
zd9!%7r+Pl>;4V6%;jVfCYsLFx8W3J!dm(JXCt@W@QsYsknLCYCX0S~nt73R25<Kl!
z`=h;^YJ8R^cEV+^g4mEH7&(ILL0xb+g1W6>L1iz8#B0FP6L^zJJyTvB!ZXFa42xL^
z=Yf51HE)eAt*=IsKEL+vAl4b(3`(ObD}=<YFISvs*EfEJ^_MjcE2m2vmDU`Wyqj(_
z$4}42`H6@y&xHLcA07tJfW`@V!)kMs5#<r=#G}7g${_MaSiRcgruu65E8LA@s~4gv
zy;qP92Fv#`-LrX|?&o915bGpowki0(F8*(c|HYm8NZzK@lD5E~>P5(^xCe1^P3*-4
zx8YTv^<=V32yV#GW0>MPruZpw(_EBG3F=#$`fgv`TNCMMPUTcQ=j&8op0|{M!I~|B
zr#*}1!#~U$lOHSPk4#sYH*PPNYGC{;zs^_wW6B7>ZlLxArj6ju9keVWg5N~*VG|>G
z)dMQ5N(67>vrYz|rJtO)1@j3O*?7{_oke0D-LVZ;49tpN#|py6;nQ{uked`^XE9h~
z6=Jaybqt8bWh)RDLM;@x4QD(U5R1!}A+BhJQ$kh2ArA(%^&N+9j-_F%nFgI0DWL<8
z*~CjQ9&u@CS5|lW890ys%47d(XQ|~#Ho!menc*@Q5Stk;cL7D@5}JLkU;vZFr=_1U
zfT8h#D;dE2;sHMg&ggrT4GV-vIM@6oE*pp#EE{wS=s6=BR{G#PWy9Vm10&VR26sl)
z=jgi%m2o2eC>$lMUM(1N9}b<DtJeVIPRK$K@>JhgJ<d9dqxBaE_okg68gi0rQnN})
zdJZwh<5_UsfWpYE5v@gIq0V+JZmDC4aU)~Joa111BY5M-&q_z|TWLP5gu$oe&T+Xv
zcdQ#vEJtKHGnVrk%*h?;V{$MlMp)!XAJNvIQ+d<aTYPT`+QNV3bsS$_i`WDF6K9R<
zTtG~fx!whQEy|ZSxPTbL{t^MA&zyp?w{|@CVw}f_$Q8fi_Xjur;DIH%kO|KfQ+~?@
zSsclIuL;j>>h~X{xyVp$N9>~!jXJwX@4nZE!<y*dq&&qO=FP;!Hxiz=b~=Hn3yWCr
z+QwezvhkRtr?i&0N6XPOZ6f^9Gv$i}F;>zTWJmeLbw?bwyl@b7W2@2Vl>@)F^q38L
zM9LIx8^;1r8g?@-L#AWn^9vLn9$=|TCP>eDy~X4Mt$=7t6UTGGdQZZakY++3iJ|=6
zi9E1`<$8*FEMXr6G}nk62Qa$WyCWG-G!T=G)P-{7Yp#!1XzwTisk0I>lpJ|`IGsf~
zQZnte<JU?AqlXUvy_Z)}V)Zv@hLbyTSKZBmF>*&RzXfL6a$6qcg(OO9e@gU}eoI6v
zFTSqhoN--WkbY+FW;!8pKtH9g31?oh@S5kmn7_ygW+-xkDMRPHtnRms>z9|}{X)c0
z{qo^(`(^!Dzc~3W?;zZQN@-8wxeirg%_+g^tq6*~)WOIRZJr3|N{s1rBghl-D}x+;
zu?qJdQ-6HMHTaab1@N&qPngb0Q%0^KO^L1{O?BLDiahzR`~^m;u10S|`~m)n%hTVv
zfS5e}Jpw{=@V2gxUXJ$>5kvLSXT$5Gq{p3v?NEm0W!ocsH4+<`T`${xXMMESD&(qp
z=Q8%OUZ`Gc;z5Oi^z7|uf>C?9zXa>2IPt?slEka&IN4xzshz!ys0__%9}=49la^hL
zMpf@X25^$VrVd`Y!Z-FK(l}`(*Hp}b#RtdBGiFl;HW-r>_AOXWdj1q$^|3DC6Xp_m
z`i1xiLSh7SyWu59i}2D5dOsp#J6<{fG#nUo#{`qs;2@$c2WjgN3B(>B=%R{_oQv0)
zyAh8Q7~VJmWq!l)#w&5&AOeRbhc$O5pl#)f^L*QvGIus(?qp|j?(9oSj8#3;A@ZJQ
z3L|q^H>XV6eKEvgr%I??`~#@qVgI7MKNu_#pVT59!>EINx{0)Uf$N{poW<~!&RM2^
zC7$>VsHqceh|FmWA2g>OjW%vCwD0HYAN_~6aW*3)R6k77=+;f}FxcUMdM2rE($ndS
zFHldjFE3j6K)YV3u|XqamSOU~oDdy%zU+5b<R1TsSC!CwGU~Gf>%&{%P?cQyDmQG+
z@kSa=WZ@q+<lIflhOf4LmYRfM9UaVikjSu#;KHG^Q07WFPc}+tpguh3v@XW_j;vSG
z-UEjB*uOxa=a>I=u%|c8<x;*{wUhl{cT{WgQsqz31`Y9w#bp1%8VCw8aMUY7;7Gu0
z25@TN9#-~Uth%Ry3Fac5zBisMF2*j*Lg1G`!NW!~?6KVq@XcCJvj+Xex;xoRWi)xJ
z{N`(LmzJy|*}~eJNx;&}7N-hLATAn(%(>L>IUmo0C-u+~EyTeYNw0TGJ#L%tH+M5q
zg3bPGj2z8%0X=rmdWp@Jjh-7c5{LIv<(&gKxrCWE*Qc;Cxd-HEbHnI{!g{EUsl0uN
z0>O(B3_hV@7f+_8$_ECygxiRidom;JD|S!uQrKcpGL)+>emJ^UY{s5L0;zbVp`%If
z%sRGsJJS+)c+CE7yv0qn#i{ZMwewCcnTHHY^H`sJamRc<)Qh9xz`^ZeZjG{@O}3sx
zbsg&2l*o^c^<7^3?sD{9zINXolx0f}H7&uW>)@7*30iXAs$0^Emb8Xi(&pvc*b=y`
zNK3{Hqa|Y!`L<X~aBPcQ$d<I$ZpkGXwuDlT6EWOYx;OJuoy)lIHKo;u>R7%CwTI@I
zl+7{ORm24!x`3I|A>(U#;Seljw1!^qHj?8alVeA|qkD%~jt|=$8A*;MH+PQi{Ic~X
z6k3{y3a`9?cQC-5z;7OxAE#B;^_NunC0l@7sSM7MYcE^n^CibEO_j&z$9EqHX~72_
z<PnAD35lMJyg^jV`uPckF&N{`U8!+q$tOjAphe~<oN|y^<c%$ld6ksw$amq&IYX#$
zsgtGD15BwC^AlsGt`;tJH7#}ZXsMl2LVJF-8l|pYyVUD2BPaWJHKk6<Pn!KB4#MOT
zqM9e?C(C=b%~QgKPtn4srY3}&ypbt<N~rMMOi!9TSzgRFl;|{+7?+>Ae9HJ5l<1H;
z?PKb+Mt+S!Ot_bpm0ZF|GWoDaubC*N)nLN=;RlqINtJAk?f*eJ_S+o$hnM4bB}Z#g
zSTn!opd6Rk9Nijv<#n7aIeyQydRl(kpd7EaIWp2PTKxpf5=pB<G#B&5K{-BbbEKXz
zj2xFrj#OGm$L@Uhpd4SdIWp2Pa-1$X?rn1H$@dJ(@!vK_MjA$rFTiy(*^mB_I!@0|
zACzO;Yes}I(lBy7QF7#!vuyQR`Lzb+xW3JikxCCkS6X>r_ezeu{FOPbonL!Uj$7Fr
z8A<M%U3rdwgTX!7znRH#o%}l86ET7Bbb)smoNkv8U&upFSrK=$MBl|kpOK#-(PwP0
z(TR^lKVG8mW}?r`&+J|R5ka_lT}%%lS$l}qJHKw}V@%1cv)H!W)DV_<GbGpDO|I+Z
z*PERN1{o98JS*jwPeN`ooC~Wtg(ajQHm{$bRq{b?Qn5GR+dUPt{QBifkjeze1f@9~
z5lDChW=*Qu`PnAby_$*vGV9bzh5PcPtU38P-B1?RPar4atWuNeFto_8&$;qFLyTFa
zBqG^~z{sb75}Hpsluxn4OX0c;PJZ#`d(%b~xPx`PckqWE&2{+R*5CU&-+Z?x_WpiC
zzNu#yK+v72XRE(bs&qGcC6}3fI}>`TuBOs`K<K+qX*+}Qt~$(O?d8<#94KQ`rF#*{
zRKKHKT!&(|#uSznWxBDrW?e{i!Lf@#qsN+GRFbq&jO$b(d342?x>`r^y%nRH({PYV
zmp%t2rg|$(*I@m>qn&$JQQ38*37x6ZJ!~gWKrEj!&hTV-?y+x9k0U+5?X7pIJ+d&y
zyZjb!l=^=qaSMp&?X2rNE)>9bSX32^Cy?j_t-dTFq?s9QW=1-)q1arWjoLtoKx1V4
zTFmXTPHRNIx}It+v|yatwG!>kQxJ9r*HYStQcA)P(@_~V@U=;KxJ}2~Md}$4zsVC`
z(ns%FbK)uLB~Cdgvj{$EJ{F{#!<9n?L^_e_npij*)H1N-5)Ny1!Xz!Z8o^Rr63#<1
z4`m~8W3d%Z{`-LvCXIU@&$!0X$k6jbI$ES=HAJcK;F`#z3-aI~*k#TXY^NHJIlX^^
zw%{E>$6bT5kjNFgVV63+0giby>a$$~kz)kbhYuzx?jp#^h~z@`H)H+oHQDQC-t>V7
zA-9%tbx8xoY=|20QKEVu5!P-%+XvRe#Fah*3j}?vc7<>_jt{Ifd|r)k`0}~@kExM=
zIDEcMzoDs7qO=7oJ#7~Q7mDz)z$^f#0$_2|q1GF376GI!Ea5eSo}oP9{e{y$TI(R!
zEj0o8n0pUXgF50YNa@G6nwCbP@Y35h5O<DB=}hsJ)F;S)Gn>Efore6wJ}2@9soM)`
zo6!<_zCgBL<g$9bxeWHqgTRrx`;zLOk_t97kT3*A5@JIQ32$}@(c|}{cVSd~fIq3~
zgWCTI@pD=T-m|vU*7{y<k<&?&rb}zDLWX$U!yv^-B^i3XuZ7|o8$m->&q3JOL}T+y
zmiV--Lb!l$r|&5Du={oD+n^PzuzKMZVuw453YsY<KeRISH%p%4B9|N6=U4bQmRl4R
z$_=BFG}}4I4QJ>a0KX0RCc-oVw{<c4!g32!$egF(OeXt+^cP+va*cb>Z>R_k_Kb)a
z>g~%lA+h+h-a{yDh_^4*kHXv)$ewie!v>UV@FY|%JezFrL)|UREHP!o_hE?+?7qw&
zksyyl9t(7bU_i|KfMp_X)VqQAT{0jN*Z3Y-=WFiske0hSTD}>lB@si>a&1G)v2P4X
z%Y@`lnPz!jd(`=WHI<*fxAxtTM{!60QMADAwQ)yZA256j=*Vu5#KWuI#0NI|s>&G#
zM*0fkj53n34L<2Xozi{Ez&DENWS@)?<rb0H9vNx3yQAG(aoQ0v6zygi+Vu@hyQH@U
zgu@;od7-p}Gnt>zb9!0b@{ldZ$5F``ek~MIeFFGQWAEdrtC!ICPMm3n5`v<}JcA;e
zGfyJE*Ly)IHVr1=FOdPQL2N1YDaI}yW;3=H9uDwO)K}4S)u$!ud>eIRlPgW2IM$$5
zkPG)X*xe=LbautIKpsw3OS${{XXXMAH=a{$tmBCWIJnMPot{&Fw>)O=>Q|Bo1t5*t
zFi2z8m@XZx4xOr)VTfnU_-4`w&n%XHu8^7${3*&y%shfO`LMJIeyZ*dvGfRjzUIT)
z7<@+V&)$>e20Y1n2~V;jZZndl*AOX02O@=4QIQhy{~$Vu#CqYJQH8(uazF@{ND77p
zDOh822YD$bs~A*E{-iJ|rG(}xfA(@?=<o3{M8r^IXk#;m9vFHIVa^4!gyoOhW3J2u
zH$8(I+8s^qG1EWDyyA7nItYIj;nDp<rT{ZB!0jvVt-QgYNS{{a9li?V8hp)tWu|jo
z$;dUjl4wiwke3ekQGD^U-N(`J?KlmI$Q2K+dGF;GLc?vtFVz;Iw1(`Q=vO%@Q<%@F
zD<<JK*VW#%T0r@5eAb*t^**O9z47~djk<11c!xor?TdQaaT?t+wmzI9SDr(AW4@gt
zot__z7b*9b!Fb8%g~9kySYlUS1l}L`1-725FX6NI0k8>X7uo!oMS5lWjex=wysMXy
z?US%#Ri}zozBs|JGY^EmjEvy=2_;J;)hh%$%fAPOR3VeKbLjpnFJm{YM6}`>OYC-2
zWUoL<1crsF1d14CbrEQVGR3C^N^}3pK(vDve$kl<6pWnbaUYlbv$VG|l7xoFO1grr
zNk+&>QjIcFs010w3en?~W&0yDRTkrq%vRZAe`H;iO&u&lnRR457#Ye!B6uT1S%(PT
z$WYcMg6~y-4c01xH@>W_bp&r@E^8mboBY|D2p;Pj>IZCH1aD+CTWjzckH-ha$2GVC
zo$VGG%?62o4O<Ko3f`8N54eT0j&97eAvMN4(RR%H71o}TnZH&tgEu3RnPEW+whP(D
z#W&GGBsQ{!_~u))42p<vzrv<7cFfV0$|i#%v5m5699_A#!zPedmmqD0e7AZ7uObmH
z2Ei&bq4$LjybcWP8gf(Hz-t7O3J8BCJS<S<pIpDTl<D=0QT2;Cc;#0y>;^u@=fID~
zA!H|vE3ce*3&>B1JUT#5BJxurj|q^Q5&2Ide;gq9Bl2HF9vdK!Ci34z9v2{=|IUcR
z2L40j@d5HO#{7)P69VMjM1D@>i2?FeBEKN=qyYIJ=J_R&CkM#H-x2dGB9{fojuK*G
zrJWo&B|uJM%n?MM>X2s4js-<e6uqRd5Ol&km`xXU#aD4eOJGmZH^*Bzr%A{7dfxD4
zNJ~jk+6@}JOF@}Ke+wDgp?=mxfky@7Ie$axeUon=HvWW7RG)`k%<HF)BymdnW5pl4
zTQ%uzV#~7z*z#s*G>78J*i;^Yp~wxaMZgtPW!|Vn%k)E+S+7fNyz}$$y_;a5=fCn|
zBvF5@zme4ZQ!W7)^0I!z1so9#c+&+O9SwNP1uTmO{G9>(6Zido+Xcj2Y2R@HF<07m
z86ed?H(JI&7{EVqzq9vTK+Ny#eV5gx(X2jT0RP0Z`j7$q6A$=^0sIpWknt)3vBG7{
zN<ggTGHxXx)^ZuU5^#OAx-xzx;MdUr8N(8ATQoq%u>{-|4Un-c0ry1%WIRj2!_fd4
z(-QD>G(g6+1iTmxkg+WRuSWx9d`rN)(EyI|X}b(u${PxOj`#cdl^_<p%<)G5r2U+}
z_+DIJBqCSbucp4ZFQh`QxWMl}M^lN>!CykCbRountK65QcdBdL;h!5D#VXRKNO|y0
z)~`>_?!pvS*q`!SJ(Se$$T*wAL&w~6F(?l8;#&}Bf97Lu58oP^ZH1-C7DcYuu2<?d
zc-g`s$iLBDXKpS7|Es$(my4U=mLIRUe<UY7bTb3aK2#pDQ-N27m|HU(fHI|T<4ce4
z^RzDRBm(YZ#G{EbrTZTD!Vx2-8y~S^*k62Oh_{hWo~wHiK3+WC=u+MD;hajF)NEZl
zvSm(R;Td)Q8@LhJrAho5xQSmWe*KDHX?~qC245L|oy4y!zmDNo9lpx%Tw%{e))Som
zGYjSjegeKzso20|N8``ZMt&W`uaWpO?MQ!sESM<ufe!i_&m~a53w#L=$L~DtOUmt9
zYc$#25EqkbtK=d#)QdB4uuzjo)i#8i{Cv_QVgokapDT}g8#R_UPoVNLOQUu{fz~al
zXg&*&&jD_nd=MWeMC9-gf^}YlHs;Pu9)$Mhin;QdEb#+$I3Mt|{blrBR>1XFs2|xD
zgRi+>WICriGI9;wk!Y*rMb?X~!=`8#|0!=YA*%95o?pTnqwy8$UtE=A`nQE&(!XQy
zHSN0?Q0@4z2euM@r=ojJ!P9P!g<3O)JcA{Eo{`H`rd_?V_|d42mMgLt-&zTw*}mb&
z8Cf-ZCGU6q0m{JE)`V!O@*<<<LmSq%lCbs~VW1)9=}i0{D0~9<Ea*af_iwV_|FJR*
z*aElV5#am4dIahSVGmDuLiMUJ|2uwtWA2E6U&oT*C@<x0j`C{8-?0+|RQcP|THlX@
z4wNYUBV!&`Q&LtXL+1A_<d=mkwQEB#ls*U)<OePMY9#-XZr@GiMd0f4No4K!$=ZqW
z3n%QJEHpululENPtdF^c%jAQI$wC!0ureUyor*e~4IR|hfi!@LJXa3tFev9plRltx
zDIZls4e_X<<;b?yRAg1c!GcLE9HT9|Zo!+yr_)3r<e3G>iI!C1hmpE+UilXK+t!uz
zLaE`pI(nh3mC|caqb#}Do}4~!$7!K6xWA~ab!4>0Y_%-OLa%7GwME-)uNqP=Qofyx
zb{r&pTOnEvUt;>HZ&OQq-$m$jSptyHM<YIDHO5<8;b>4q+{0wlX@1<l*14!v!cCCa
zsD6mBgIN{^D+|-(yTvVy&4v5u_VE+k@v^ZF9T0CS?sy?Y`=S_ydBZ)IpAGb<r7vl7
zdIe@vwR!a1;4bEiy4JSXdu;T~^hj@~eeId)$Q;V58QD8%y^67yz-xbY4O_ab4%^&`
zz76I4!n&xzZun!{Z0QC2W8Q1?<uVMRrbNKfw*w_bm%ihGaZBG$0>RQ(%6{6cM|7Rb
z4D^d}^@~|}<=-`VhYd`^=fG)P>YYI5Ek8!&WFk)wkgpNB4v}XB$bS(zgUB-jWJ4av
zsYIR?ASV(zg~+o5<hn%8B=Vd9xh0Y75_xWb+=Iw@ME)c|9!BJPM4lHQk0Ejvk>>}<
zpAfkQkrxC=nDh=C*pSEz1LU1Vu21Ae0rDv#dx^X_K)y-jYD8WVAU`K^bt0Ds$fnUi
z7KywfKu#tSR^;Ts)d8}X$O%MVA0WR@WEYXY3XppfSs?P30J((79wKiKkjE1_oyfZa
z<b_18MdUpJ@&+Q;Ci1=jc@L2jiF`0XK1<}9L_QoK-yw1ukxv9juNlbML_QNBTZo)P
z<nsZtK;&E^Uks2N5V--7uQ;UYf+M`K7+=N~u?&2xwuqDQ<tz&-YbGI{+9JsP|BWpo
z7<enUMQ|*w$`-*mwQLc-SA<I=|CO)eG%44BjAx7aC%)_z-jIOUvRC*+0%FTv={gCB
zEqjG^B_Ou!750^Y*s@pTgapKvy&@|lAhzt40WSfuWv_?_35YFwWspk1??H`_)kJt*
z0`83l2peiv(EwpZ33xghAVX0CUW^9FaFl@8qX9CeB;eg>fQ%~%_#_%2V@m?Qhz7{`
zl7Q4Zkp_xvm4L=*fXG(~7!wT;$teNjqX8m4C16T4K!l|P^h5(hU`oJx(Et&J5-=|s
zAmUI0=0^i$uuH%;(Eu6n60mbLKnA@8ERF`qz+Ypums~oJ1EPmt6xe!(Ye$TkLqsR(
z|0kyXdcQkOXG?f@K*LI5kzSmo3$C1;5~ONW?`8VVgoJ3sZp;2CE3_XKItzt^ah$)m
zLH-flIdq#dgw4?Y2(taO5$fr72zgU<bz{~%e2t7mNh%&?#nyZbb@~O@eAnt8A+s^~
zq(|8%dX!ZT{R-2`o&qDPF0GmdeX72W_&<l9Vf9hGEhuLtKL-J;n;=1JeQ_N0E`Fws
zr%>T0P;5Dry9}<n!sSg2gXbKNL^ou6o|txUD6@Y-$zK9TuTIHK*Riy}d|P!#CM~%*
zS}kce&n~MzDB1U&34)nm=?nT#{LlMhQxxm^f>*qVHdx&Z=tzf1yrkj>^#=nD-6MJ+
zb20doypJ9052izZV3&k3_2pMNkQua3*M)~FFaJjsT5uTFf&}#KR=pWr&1ILPLvls)
zX8cr3ewa{#TPHS0S=gnU&!1Fv3;c+^Y_FPh9Bc1c8k(oCMv+y?)b4tV*Nx;Kd4E-k
za=iQ<?RO@O(9ZbVFnI*8YlaFlad`5E@xvj0IPa6PJQ)KlK=##`GBg<MTD+t*|13;%
z0%4l#I{X)5nxlQb+^Zox*{TOo7odnx4{S*=S>1|1sp{7FNfmBHCb(l4FL5(6T+%8G
z#+p!F(%|TJ5u}n@fuz5FfwmupI{G!s(5vIs?@vm%eZ$-Lt5N~mH!onbLh7OeUT=aJ
z=b0-`WX~Em6SfxSQc|(95CZ(sD*F{?R=eI1w()vL{Nh+K*O!!I^V9~(93%K;iYG-P
zcq8{%8-vey<m1?#CM-w#oEb}>Gbd;LVsgw5FcidGPZ$tc_lJ#Ov<;t*vJMwMK}TU&
zrh0z_46N8ZM3^fsGOw+1T?+fK7#SPu3TL3JWhHtxJ_asCA!^*^f^-TOq~`!HH|FC^
zGY?VH5h_=n`mXJNKHIkl;<V=yXIqXgRK?~i_j<K@`&aB5)%Vs$<;u3cXm7Hmp}3mg
zPZ4i#`%L0uF>7G@73$&c%^k|Vs;1Sip%q~t7&?R*Qves<DpkLZNKr=^Cc{WzfYsf}
z2gbI^&`5tjrhDp)Zt!WDw_<lJFrDjNM%Lb)5EyhIa*6M|3jGvVIL`v)?yVVouY_D6
zRow>Ze7#Jnx-Gs_c=P~W59_bFjbl3?VMV4KSd6yxaf}-2ThmuX2Pw0S`l=|NMJOKq
zh4b>p)IraUswqk5Bg#Ut6ZjS8RayY^lMo4b>JOoC<~b-FTLd;e^QD&ne<dE4O@`hn
zZ#%>jdIx$1%aifNj2+>bS_vO<FCaP~IgMn&*@f+q_Y&dH{x8u$qy}Yq=AF>sTPSqO
zyAxc>M|FqR+F&6i4HDh~`28592>OF6j{1>;yo2UAa~q)aMBtWOkCV-ub0OP~bz{=8
z`&{<SH_*sw587gUd%cp_tVIk!3bn$hcs2P?R2oep_0)Ic%ot!!MwmzUyW0@g%$1B|
z9L_lPYOj<3W+6_$(6hogqR?SR2T{jEh!dsv&8U!vjPH;UK(XNI-M}^UNS$w_znOzp
z-<J8m(2YfF*d94rQWoU)tsQ`wR(7OJR3(bK(pDvqed~MVo$o5|d==pxLPPP+ABW33
zI&T?zvj%27=(sXE2x}w0#Yzp<s|Nk>z9`}e{g@!6dQ69%xNwZ_YL%^zp~zP|d;bab
zg}K|d_j}r2=)a+{LTIS=K0N&PQeLRuT{<3B60Ti&yGq9*9@`}eLhW+>^L?%Fh)8`2
z4OQPKhFjnN1>cEAv?F@L@tt_V?F3AO?<9&5{1O;muxVgb@G5UZ`V0ddzYuSH#u(e+
zYw`)x37;@xh@R7Mh5wJ0O#<FOLTQ_b(3a3pwEfHQX?q~*9A0Bt-Yg`jJMN6yS=t3Y
zpVeJ}wkjn>PA60XBW^f*i9D_Dib!4&kM0ianSdLmfYWXbjdsc0tPEid>y&K$)WL;M
zu&E&NA>8fy_#X9(W*SFtt})H{WQ}x<$(#%`+q7oxWDQK(l(!$!#^yTaEq%hwj6c8Z
z8u=9_m1c-K2gMCjO60;FMi3=psQHigm>sG8m_*O@q%o|`0)Vq1aYOayE5qr{|CQ}R
zr13&D!S=OWl2=^>%(P>J9ut~WC7!veOkzkMQKp!_V1$^gjOZv#BrIaOX((CBe55~^
zAT&lq=1||Q2t7f^K;KP)j<xjNw?IRg`NAW6H{=Tyb$9$g?k44}=^r3Z+hS$$Rq7BT
zKSg1I`XDDR2983O!Ya@uCSn8-PMdlBT~wv-IsB=ze2>qlr~96Du<ZiLweSe>QbDxW
z@^e+%U14%J7ASiL6wl}eUsLulozRsL<8<8_`TS7w;n}G)$O%<V7pkyK5YAZ(8v@Y0
zk-q9`|3FQLsjIz#GL{ae^NgGlyhD!MA?ra(n-xwXimHoIeM>FXsP_b>1$X&d*@UBR
z-7TIGP4#Bki)+L-usti=hTT0jiu0P*4MdxekFA?;+(;y6ySZ*-$7#8Hp<GYwjn3U#
zRGz(wA3TDj;${S~$}mSkJ9rNS!~)YSHJBw{*1~DV!uuKke{1G9ZR>DkMH$`*jX@T%
zvN6bFV`FfHyyI<TC5z`efxi+jSSRpCX`M5mXtGA#qxE-S4@O4k^6j8tY>yB>PorNk
zeosbX7GYH+s4?kh!23ky9<*Tn!FC9*vchit!CKW=e-LfuuV45SWD{#;)CZbH+DN+S
zms`<x88`s}1GmHDzmIy_QZ`2BpM-ZX>UC6@UqdDsC8FLWsunc}BP<_&HE8)D7S-xL
z$kwtaodW2nWNwCh9u=<ci}2_|nkgWq7!aBdf23obfe{&SwBi}t;A^bw#;S7-^tlQ%
zaCBv=8gwN(AemcA51JXiiFjB)Z$|Hk{qT+ILT3Fh^f#H8Bv-2?i~bhmt!sm0q|N<s
zQ3>hFgoc_?Jv<jPELjzqw^;0;F%uedtY~b^)s(-CCp^sz<MOvL3!>p)`AssA><b=%
zXaoEszR0D0K;ESXI^5BB;*7lDzU6S2Iov@GcZtIt>~L2)+#wEkjl+H0;jVYMLmloW
zhx?Ah-Ry8Bhr7+;4s*D>9PV(3yU*du4!7|F+qOQ3d)UQW;&4woT))FT=WyQzt~~M|
zmYm-w*z3R}3GVB_3c-^d_ydB!abT6;UmZ9=u;D$M^A8F3I&dk$Z#wWOf~Ps~XoA0S
z;4uVWaNw~7{r7Fo#}O<z@OXmTI*^j9yu^Vg5<K65ClS2UfhQAu(}BwfHho|VI+frY
z2cAaon+`mk;3*C~gWzu+cqYMD9C#MNh7WDd=MbFbz;g-i?ZBT9Jkf#Y5&V?{&nLLT
zffo?Weq?i|nYBE_ffo_n!+{qQJl27i5WLZWKP9-rftM1j|JdfdoZu`6UPf?V2VPF_
z6bD`r1+OG{y9@m}!GAdLYJdZheK1z9A&!5_!MOZ|!v*8=T89h9<#i4hjKS+2E*OJ1
zI9xD}eo36PoM#<WmfYxYfqc2i;etB<ia2S<j<{t~)BYN`@`O(;5pO2Ag9Cp{@K^`l
zLhx1x-b(O&2i`_->ZdlV-xJ);fwvPp#esJa{DTAUB>1TV?;<$upEj#M5Zu#&_YgeA
zf%g*pg9HCa@KXogN3i=}Hmmyy?(4t@2>!%@4-$ODfe#V%|83L$iD0h-A13%62R=gZ
zatA(2@OcM5MzHBWHmk=8ZsEWu2>!r<PZGS*flm>9(}7PDobZ{=>dypsa^N!rPjuk3
z1n+d<a{vc~exCxTEbzR;eeQ67aX9~T8}9{&%R1bP4mZ-_RuD(xEPaVzq|4I3@{1%{
z`ZB-R{H3qpPq_ujbmn}G;Fb=2o!}1~_$I*{9rzZ(Hy!wQf)l>5S-nkgCkMVm@I(i`
zOYlwyzDMwV2fj}bx96BzeL(OV4*ZbdQU`uS@CFBd3{dqb^{;%5DhZ54MVNC7S?DoF
z(Wc#ye#So*T}bz=jGu9RO7tQqn^?j9f6ToJoSa3`KmKH9c4v<yWOM9>B!qB<VJCrb
zg%GZA9|Cg7DTjapUM$RJJs6%f0)iqS2q+*Rm&zrGA_&MK-l!NA5K-|$1@uKgyb$5{
z{Z@6?)BVgdo8|S@|39Bk_L;8kuCDH?uCA`W7|8Y+_lhBuR0px;wlclegCKm6xBCe&
zcESG@<(Hsd_f1Y5dInog)d%nwLOasGDRH#%u0`2rplqKtUJnVDHpGJJt;*H=>TJgq
zwZBAt6_h^&8!w#HWLia<a&WN}NtMDe@53^cD|H!MQf`ft1k=YF`Fx2kvZ38vC4$q}
z<n}7C7_sy8g+M(JHXAr+`805WO(tuen1s{NgRg?|yW>2XJQ%3wo)PNx=bn`ox86wt
z9W4dxoq>Oz#L0RmsWAhd+0}s0t#>k_?RqC=XDMhuQ|)Lja{vkadUjl4hRDg-3o+qE
zz$bAE@DG$3O@3u!@OMBlNyt*@9HDrx2UbZz25*XRQ?4yQn;=f=^E0R{nF(UQGMS}w
zbEaSoj0rin<u^CCogfEioF9wyE1#d85cIPSxwAxkhcz6gt`9pOA<-2~o(Q(dlizh-
zY7)5vhfB}m+u9er_@MG)qV`=h0=<L`wVTt-83&7Q@V&D%`Y)89zJx!e(O3BMpYron
z{(KpKqHQIT%q8j2XqnexPf_yiU{C%kv0|Um@%}a=*|iNlz^jNRcI^zeEzU7<GeDBe
z!~goiQgxuV0yA-;vc7=@NojqS1xYOq(j3iR_B>A;V51k_F0{LWWSJe?z!sj7@As@$
zQNL#aMR1m6ee-V6cq@I<kqi)}G;QD~4tgT@12IX|6H84NC|vNlpsK@Mn5HvHE*Hre
zCBu9!D7`Qjo-bmOD3^+wfBcmFen-@U|3(LKsw;4RP(DUwX2)OZ5}}}s4&hJ#Iq$;B
zGwH(`Lo#$-oM!+&B(m$qsCB3aRY&?U>MV(m#;8f*7{x#~My)4;jWJ64#x6oFWF_16
zgiR21kWApGBQ5a*Us+kc9ce|rooR=Bt7)fvyV5GYq8rKy?hs4X#kq5j(<>WW%fPDz
zcVbNf!xfx6y^WJi)*|<#=#o^ZaW0)~by=zN8*dD;Qj6E?dB0bXT8J;t&V!{c<vDq<
zRIR*59xOF2&&`9i;(iQt{ytJ2$-INJQH$Vg<svu<FM^ZuA~;Def|K?lIEi=gO7daw
zO~&LkyWJy4*#KFa53$h|ne}FtYU^jA)l0Qn7MfM6ZIFd#<HSW4np3LPv(Or)8lM?<
zIOmpX3oR7v?4yixt>?oc<Mg3VR?$`;I<+_f?X>tNz_}{V)T3TbOQRFf9BCK+ltw4<
zXSe*E%%45-b2a|##h>UAE6L$fcW6rV7)eH3j+dRpdVT!mK*cxPsCW#Pk&534;riC5
z$VpUvi3M2|)%tvHPl!~lFG12e9<9IhL|$-$g1o#t+m3}r^5x(xHG;eKT()KroOC#N
zHTg5jk^7jUF@Z%1qr9Gm4hi)%#snsb^mM67LWHM2SL>L-B)ME9bCm4&xmw2rCduVu
zB}OSJK3D#-rU6_{!bDL%H<q}|nke_nP=Ef*k0q2I9ZUF2M+}PVn$yKsyn+PlIm8vD
zBC<WE008CQ$ItY1>R8bo8m;yu_lXy+YwMmi!Rl>A-ifHY*jS1==V5bY&Utx2K=8}{
zFSXg-J{}^AWW&u9h%JIU8=sYM@Q#G*ZMk)5;)8z}azPAk@31p6nYX~mB-o5hIiBdY
z`N){bwbHZwn47JYPJtdOS}WZFI!LlVZi=RyPD2Uc!*qT+(i!|fW%SFpBOQ=$XF3yK
zj??AjS(JGW%JeAW`JkVgiQ!Jv@pMjGn`OmtT|!~ux*O9?@Z5z=cID-QLz1yCWOB1X
zQeT$~nYP04E0w@zvwJbRx4DpsYqeD+jy3hC3VGge>5wWKuV<XzVBLyjfOU)DZas%}
zi{MUXNNN$B4POK&c@ADpt^zM)UCnP+D>X@%tU-_vnMbl@n@6&^!g(YkA}vsAk_4oU
z^%HOWVMLVH4&CBBHsWmh!xbg>G?B<F=RfC)ypHtg;OXW+47D3M_Z-K_`I47LI5t)X
z1rX?2{B)$V`GG*sk#9%3hI~8Ix$>>1YvPOfLpgaFw0&fJa?KKQ^7{iW@v+DpT-+L@
z!NFCqqf5p%r04~%3{qNzg_I}t8JNOrWvc2k5pXWOI89hXg=4J1MxIuu3G1HJyNOYL
z+C0k1IO`e7;CaHkChHl&oh*~`2=2yS)<1&3Q}>3G!U*otvq}-%;U|#}UQKRjm3`7H
zvQGj<_F1yYKFKSTeMZFcoUK!n7QsnkonV)mq@=KGFd{}JN?STXxU9MpO`my4?6)Pa
zh2J8F|Lb!~vVtloqcv4QjJBfw;vC%B|4i7jpE!tTwp@JSnkVr{`!GYi<~bqxBFf{x
z#*>^_$(rZdNY;48g6l9iGby{+bs5~mg6lDu-8M3x!96W@eFl%UV2!~Q7Tkcr?0xq^
z1~0Q%^dqcrS#SY^4_j~{f@)i;Z}xnVdpGYr9QsJ4kZr1Sf{#i(=LFMLtz~lp0@`V|
zBb{a&>m9F41I@M}$bx3uh@Xyh5kJsu8!NHYVaKAai)^FXbtoy7>|QoRF$pF=r9Frq
zI3o3i5^wjK1z()Ln=2}6K-|+(B+Mm|Deh0YK=lF(i27|ixa;REK1$yXj&ls~jW<bL
zl)eZ~8Fqd?rq7)(Qv2@Hy62EB7vXD#7x-#RP1aLno)r*1!;(zT5N(T|q1DHT0_C6<
z9c76=mR(D%tCO|2x60auCTlbDvPM8VS$pSel(kJjD`ag`emc_4_<^i#j<4{&oSc-C
zHI<rKt3G=sk|*fBEXr^tCHWmQ0+B+U^y$7uSG>uclNTb3_~^zLqAY?FaRhhc9nm{@
zCD|PH6MKJ_y|c`6gzrQwd?zNk-;r4Z?RSFp+WvGgqDta`OSiz!;E3XY#+CE%vcfA0
z2OaF&+|N57{lGAn#ltE|^=D6~I9u5Pyu-CV2M+ey7ufq*cD)u50*m+sXgtlEU!75(
z9Q_>^nY{Jq<&6N5H(D<`9CBfSq2YIpL*9&!tQYz>TPotqN?8+Yl5__zCo@5l@C6-8
znpUEvTS=PPXsauc=9a*Jow!L#{iMJM;;kcN`lz?y7`=qewk4ex;-1)&!9fP6Fm@?}
zvm5g#l(EW1WchZ)Cj3Kq>g&uWrgq9zU$Dih-9xyPwI})6px#L`B}vbbu5azJyXsSx
z9kqv(QxXxu-TkMe#=)z}<!FOeKQ>Vo>Lx}+x~bG;F)c>U0PKH8<kGTeq;2&|Fd|AD
zd#ZH|H9KLe2fUrIHS#s~LA$EiunmHv0?XZ$u&qVpZc5nBB62q+EVGE*O$pmuMDC`9
z9V{YuQ^Jmj2<?QA3E!OVKCM-Ef86@g>iNDzKs(+2f${aF5{Kky{4c939*%7`q}~rz
zPIm&;Q0+S_@zgCl<nsAdx!PmY989m;9XqC-O%R+D9H@PjsfaGL2`*L{X68s%FHty?
zo2=626<<lVjK+L6qB3!z)H0$#x<Vfb$J9$hzMR#{mrod9@c3M|FPc7G0^0HA?0=gt
z=Y@RP1(g9`cE!hyvAee8%b%cXhR<iSGt-#Nxss`fGw^R+raWNYh&PujoT<m+4f7dq
zn7EKPj2H)Rt_XQ^K`U=QX}p<}=M4evcyrOe&6}G;-t3LafH$wl$ML3ZpP|i`GX0or
zk(<JaF6=XE`!$(4;>*rDJ~H`Od|^K03lkUeg%PXZ%lVMIE3Mtv$hSKIz4enyBks9M
zc!)UeGc<guwEF?2;3h9TA0#$`-Q<PEf4Rx4k5AOpF30Ki;ZI1mxeW6>qeFv3%{=Ml
zV!2YN<Hb6;eqnm<Ex)pR@XF~vsHoa8uPwdKlMfX;T-?XCOF*48yeoepzRQ#+EM$b6
z642J_SZ)%OovE^$9bDcTzHd~!CYQGZZ=mBGx8#?4yZhJ5awas<IZG}Nt{B5|FoD9-
z-ue^{&_P%l&Ce~gf4lMNs;p9e9($GXd~TlS1hngG*9h~*zV8*bO^J5}6yMKzuk|&^
ztX}_j{NmsW#C=ggbie)ZQ5pC*_MXdqE`l(ce`L6$H2@}z`l6d#Fu8*l`bC&e<_b(0
z%nYO*I40@b*ztn%b0=V)7grlE*39#QfOfpNaU8t3E1N^42Y@`Z?1B7rqzCbXdEUYD
z?MM&7cX030=>GWP#LDDK?Rwys%Nu#FifaMafKHFEzsIexM-I+i6ZLPpR}^?V0&nk`
zhuZ|xH?SbQqaemLY3Zb9z%CCxV90WXL@X%sz+o1~y}vFcuG8fryL3{mM?PvfU(wXM
zwM5C$Z&p{eb>}N3xw?UV4}F}=`8`BmvpGV2?d);V9m$C5jwTy5f;&5%tsKFf-+^RA
zaHscKtb<pRo6zRs^N-dd*^Ucml$s<(TFI~Y!4uWGEXh>y5Rfe(kZ2KHQYn*Ml4YJx
z(gIZ%FA7lSFe1j8c|JGM<@*(6pV#5+1J{a-yFPGRYajTO^?`Z$K0rXbK5)l4`T)*t
zPp{qXgqeMgbcMb%8&e)L-Gs%3Ls0{Cmp5ufXgjyF(NyS|UL|Wlt}k8_auwOm&vCTF
zLN*QqA}Ofw>r75oh#-=QPfMFLnc8Hcz<y>vvjv#A&=z1s0n_sK^JhXneYurS*BPJI
z%JYeUc6_>TynMQMJbe0V$fv_lG4Sbde85=p34ZU0zc$B_v*b)4@+p7KG!bR{OEHeo
zU%^ZfZ`}GY6FYd}J<iN$ykTPHO?2f3!G#OIlvVZ}okzL8^R-r<TyH#CJI@mW+VSL@
z<KT(zDgK5sh4kzMde%pq_;JAc&KV0~k3G-Ldp54)WTyk6I~{>qf=x&A(~-UjA6Wx=
zLpxrH?@%)NUL;;?=2!0NO&QeQ?%4V=sD9_QCi;wr&UZ*;5f7bDnJ5iTmzwh_6F!zt
znT5D~)#O0r%k2SRd7@s4$b^8o3Ogtx+I7%y7(WW>(2z&-(~%y-4~FqK%eNza3%=fN
z;vS$IARC@n)(>RfB6z%A^loriQTo=Dft1*_wQ-;qHt%L=?P!faTw_wU-vFmvkTI0B
zB=y}ryYS%Bg01c1DyExgZ@|Hugl^X5d~HOS)G^TjAj2ej+xLkZLp`;!wNKn+ePW$_
zpCF)JpLl2-eZus%o5QgoO@6pW@>wanNe)GDr{~$IMR3+Sf;*dl&FJ7&*)JzHK{kxD
ze33I2D8o2QFo7f5LV;sMBygoBi$dDgA)gUZTJ`PeiofTH`hlFDqCZKf)_ENL%QqWO
z*3I*TfOb52d>lOaw8{ABu^=@)4u7C@j_0S6zLlSj^lkWP->4)nfSy}GkI(no?b){z
zskdiYp0`rfel;?jJ)4D{wdtqLVuY?kBQ&;hoi(}@@9<zf3Q~wg%gSjN!;`8oxOsfN
z*rsLu3v61_9?6}18;gZTaA&)+zzFW-l;|D2ntUDY+v<~MQNkdxSr>Gbnry{F!<9)R
zi7PcpP@!}(B1#+VQX#cw(vn1AX!Tt)BE}#lt=nbojau?hY>WxX8&N<0Ypl&dPS(5M
zf!M}@7JMgzXIbzB2Jf}t5Q8sR@I(gZmp!VJ5F9)s8ExPjUm!jVh`&HwWf?c}Pf%L)
zesJc|Urd`c?*G*Uy>PnrBsx;k_%6eXu-V&%A7gkh3qQ&5(k%QO!&_(Jml>X$g}Z)@
z@J3m9I>Q@e;du;inS~cHyj2!n!tgd(cqfJzXW@Mq-Zl###_$$d_;`kwSlIDrbu@{)
zWBMs-B6;uX_xKgvF|G6e&xu~D@dj!qzu~)984t$3OPZ~{s=K6_ruZ)DJ9u~k{~Cvy
z5G+UHQT}P1X6K+s2;-mN9QnHpmZf{Q!LG5q?=e_*j{Lm_%g(EwY_ROSYSUoZdDT-4
zmYpL{4R(i>J8H1(4D0(0mYpMCVX*8R`TGfzHu%vmqDz-gWd#4^FWNrMB67<|r&~mB
z`RD@{ky}1G!y<CaM`v0@Zu#hg7Li*%`jADe0Do(Lft{>M<1CBF-F5w8i^$z|eYQp9
z?z%q5B64?KpKB4hyRJWC5xKjr&$EaR#^j!F5$DAbAGL^!<A@6^;>tMULW{UAj=0Do
zJ{L!P%p$%NM|_+SA|*N2Ud#yo$xF#47Lk*ZOD!UY>Jt``lak92q5Ea`MgP53bje5!
z_6!CZs2#2>G1ShwdDdAs_oGUBt99e&OOg|7Yf(gGK2;t3p|?_C(p-+>%#fGMVXqK~
zyP0S)*Q!4$B$=J+=BmsYjoatw+?M$xxLcDZ7So5AD<z-Tx@{2EjiGigB)uqg>un5H
z{6w%C9VR@9#9oDB{EZ`5;<vUX{Tz{xW}J6;>$O6H)6W}agR)|#EgGE<WWs{;fttqc
zRbW;*7bFLWq(z9Q&=*X6Vv93V-WSX^{DQXOVAO^TwQIwdTpOMqv|-CJ&8tzGwi|7N
z)^^h~nDlgnXE2$|+k<nE&&_)Y=GjVqrERi%gF3{wBJ<qHC&{D`cTDgi&j!H-o(;|y
zj^Mr({A)bKdWrpX4N{NtPcXJ!Yp~O7Jo%Ktt})oB4VH~<pD|cAW?g5nY|OgeVA;5H
zgTb=<OKt?L@mC}FCMMyZ#@vpwJ2U@TgUvVC%?8`hV7C}-iNQW+upJC`tHJg(*yjOj
zyaB-#Utlc%G~R<?4em)dsN6=_SxoXpCgGpPO>vUj3CrGoyMw_mA&Ii$OU%YU0W0n#
zjDH%BBc0w6aF@Y;ZLqry_Kd;4Y_Jy$b`Md#grF9AFO%?3V}7Scf1klNG}!$HTWqke
z7;Krr9so>i!E&+?a(0{ayP+S!2iw!w1F1Uu&!6`yB982xI-zmE<uERe$BAxfMDdAk
ziyQWDhJLDTi9h}gtKc2e#&RGjX%e=)>4h-OwQbXUkiw6Djfas$Ti`pa1^+Z&1WX(F
zy9Rs3VBa%XSJkI`$Y4_q_I-oRG1y9j%{SN&02>@_YyyB1@<RX`2V3w*jAx(ym78ZY
zR{y2nyYn#d@lSq$eS{JGlaF}Ra^wcsA2Wh~@;M%}h}>BH6N|{9dfXy%WA#rhB4^S4
z%p!6Y-Onu|XVE=j5xJ*Reqj;0r&E4u5xJ*Req|Al#Ls;G+9Gl<hW^GPaxaEHX%YVu
zqx!8y+!H@*@;gK{&M;>G9zj2^<XzHV)bVN)8?SKx1Osw|U=vOWoseVsz8ll0;Yl0m
z*~gJv+P%?H9o!+XW}aek;czyQrz-@iV>SJ0+Y1d%Ld{O0pVrwmgy-(R)xFxcOFr(^
z-c-rY_G%N*&LW%Y>M+(`ZH)irWC;D?4wT{RV~$Sv&t^Ba`*I08E_s7>ey3o3j>_#*
zggp_wNDmLiyAxeYmCc5-jOyN_@5kOwjdG9DKaB>cZ)UJXpg(<vuz8KAH%U$m(Bvs`
zhe<*b@b3IFWvgu5I6R^PS0)Z@SgKF|zbdO#l{XsFKY&`LMch}oP2~5O?kQQdjp5<Y
z!A;EJ!E=3k!y0DQ;oxI!aqHrFv?qxxTU&F!ET%Krp-g>AWr`UE&b_2>1N=^f6Nx^s
zvLz&?r@t3#KmuC`eom~<>ynpXmy>CelFlmGGjMQkU!}XYJzD>2ye4o6#)O5BJu#z8
zpMB+RlwDZA*6pBp(5{Y0WYN)dU+7xNg1wR%C?0ZEO+J8c>$)$ipf*<S<S8Q}-&Lu}
zYH7y|(_-nC5mDN}Q^xu^Yc2Hdk|ym>cUgbhEZ?69XxE=sA8&s;3H7GU?fI*{rw1a}
z1t;jt4g2d$y#cFY^FN@tzP-Vg(pCCL!2H5%kZP>{80^z7YyL_~)T#&D-4()u3T$42
z&F0NEITBygxNhOquK_zbWo{>@`sUBwDv!*r@<`1EdBkHsoz+s4@TzW#=o7)iQ$G{C
zdR>g<c%?F_d*Ki9qy;1{yfT}wr1CZw5r_0yAkz9)lB2+fFQZ(~hsw}Ym_{>S!FmmD
zPPl<%h4e%m_&pN{dgxE>1tPu+i<?<zCH_p+C|>I0bO@K|vumOg^$%2o^0JG3``y#4
z0UauH_n6FWo|icSMCP2n0(G`0eeLndTq#+Cy2kS*?(IfhF?F9U>a%#)JamsVndhGy
ziwHA4!!hb!<sadq$R!eR_Nk5Wy)Pf%xu8_XQEg`Em%TFC)D!#5X2?b{m!JE~?r+IY
z1-+U_z$>O~TN=w`p0BjznHlEcnqHKLYc~%_9*(7p^L!wnweRcWI~$CT52|}(K5*o;
z_l?HtzSjRw1L5hP&~VoO<)GYi0&y3#3gme}!fVV`jy0>h`&2TydweCiw7KpVgrer2
z0G1^7f5uadcjxYiLYUVko@jINm1F_R5n0OC_gIej6o^pP_n0$qE_nU?RpZeXc^(na
z$|Jq?dE@c%NcSS>xarpTHbPEUInr<`?4hrL2Cp~F9)e$BECxpQ(8R7S&qN#GG{wOf
zL3M=f9^vB}P_|+QO-V}KdIi9r(GE%d(C(3=0*eL5X1i;2g9&fa7bVT&?h$9K%5ob~
zh{2lvMWP4P;ONfV8tzPo7$ql!Bu&Fp?^bGeUpMc!>g#GLc1xu4<@WUTaE%+OXeqmb
zXKKL!=BylFa&KSng59E$C-zM=oRj({3C@W{I48E?go5|_%H4aw78DM8xU;p{ED_wv
zJX=%XCwnGC5fTZEFvek(m04+jb@H8{f;B*<E*Lin_Ty%$NnC2c1kVB~cwl%bn42YK
zc}R*eDDpiK>=Q)?QQkJnX;prb`2t`%{^_{$b?Zw@@_mVbc718f@%5#0@=vtQH(L72
zfWJQ-&wS~s=s5b#l54X5QsX0eZd(Pe&^pBK<l^0T>*0U>aBiwN-MYtLQSbVj3G1O$
z{*A!{x@0djJ6kjtp!8O1VrBgu>12ln0B@z)^$!8)h^f0e@^cL@(U?Ol-J2IJd@K+l
zk^vE7@i?MR?2shlY@4b>Q%%=YCf80*i7%30C)X?>f;+p5B}VYy=pJm6;NV@!*U)~g
zYuYSI<$1mA1uJfoWQ2|^k;PqVk_Z*<&^pKFZbszNk}#F-wF2xg5Ev1qt%t~vfTTwW
zqF&&~jBlEpbE1QivN<vV?c{ui@yhuO_<6t8BImQkmK=v{7feuXeu^G{P@<DtimI4b
zxZX>qt#ib5bHKbLLW&1!GE1J+@8_NKgYgD-s+*Tiws;O3EdvwwK648OT1`d>j4CeQ
zYRHFysXFpj7meX!0S2aOjW&u7Oj9Jy;;KJVFpa~AppYZ6eG=^krfQ2Sce7;<D#wSz
z14!~^a_DGRraR6t4TFi4DJMG8@s-IzXQy159^d4?$>Yc8^=<3<nv{&eqL57J$%GEH
zF)VW2-Qs5X(!$*M#%3%{?hx8#e5)ouL_cl4!-*(?rFDxmBjS#dP1{(u8%0V@mI(})
zXG9|n!G5GEHAxQ=K{%t4i(pj-SyDDPl8R9iVPu3)=6bEWqRI5!JJkkd%1CcHzXt2%
z;5v`|w)FER>!b6?-#{|6c_iU(9!cxu>cr-emLr}=a{cQqXy*qNuQm;jbMz$r=g?Z4
zSbv?im=-6mqxDa!qfxpQ-mTMCp3%5E!EKLhhDk2YO<dWP7e3@(pv!C*r{meAu8yVT
zXU;c0%7HvTxW5FLM&vxm|Fnpl2l-`-$a#?eWf3_K@+%gR^B})!5jhVs?kROt<vhp}
zEF$MYE?Gp*gIu<VoCmpL5jhWXhehN($ek9E^B`9(BIiNwvWVOR-`y7Rz1Zj6V-bIZ
zGokhuTe#}Ah!^9CiHMLj2>PVIBQiI#R0k}m1^A>HXycRK(~VW*^+``<SuH+kfo3x3
z><L1x|8c(W`~ZX(`lP=rv~wQ4ReroBpxt=8?|8@C!$CvqJX+sB5|>7Mx3tZpW$X1c
z)WGJ^9Fb%xIGxVMK^e3ku<TX57yOWu{edp%H$CI^GQCFrShC;_-uiM_{T#&Y*Jdhf
zTiUN~eVQZ`yc1Rt--fim_dnr|ETomWGc(C$r@49aFz|lQc(Qe#Cj|7?_t)phRrkZk
zR6CAG6%P@fY!RM+H2>4V<KtH;Sr_F$#PZ8HECmMjHm?7bzXexsw5uH`xRR>ump=mO
zzmN3ZcJ}u{ESLi;oUWf5m?j4+m0ts>cYUK6)=!vTWl-$gik4_*AT_!}S({I;va7Lr
z*_!AEplPMFVUvl`OsEK5RXC-@vb5bQa9UOdy#I>t^X`XyKgj390nU=38G0I5mG?fe
z2_E8^(^WpPOVxy2!fj|V%3{P|8NGG<U}aqadPnza$!c?xX}iPCPI)~5<^530b7X<e
z83}HeU{J5Zy%WPxZ+(&CQo?5>Fy@ImOo79jtgG~KUniEq``dpcWsGd2!h|xQpBQL;
zoBBv$t$Pm~eX5dt1^FLFe*bRtOcY|gUf^EEf~e^1u(z=vnnt~`>TS`UE(=iSA*y%*
z%6htZ!&rnr2f+94dvJf)4)~t)eGKF2>WGzbyVT^*?#}L^?GPzl0OK}C?SX?iZZj6I
z%U5L3{sH#+=t;0NtN|{&IR;f0q`F4Ke(m<zFk$BGl%B8pmU?x&iul}Eh@f!MVh?5U
zsusGl=L4lp>GRC#1(qdxfe44Mqz#f?0PFeqi1KmUkdF+s^6}UlAODRrtHP35pej<n
z>1;s4_b&B?CP`P(NNua2JsDZpo?QQO_9M|c9b34ci8!R4m@sG}(f^ze^Izj@6hhg<
zGY82=`6t*ovIb%N6Ts#Y#y<gUO@p0g`+DXX>>7iuWw30o&)Npd_OY&Guxuaex`gph
zQ0{sNifzHZ`>67KS;%t+T6um#j^~x612*W7gTA{y5Vz^OvXT<^U9KzQit0mP3e9)-
z_vuAQM3RHc_*~22Zk==xDDW^nGYH$W$1b5JXJG)3kiVDxa1d!RD;0CQb`l^ya1P}>
z-2l=3SU6f6Dw)6gDpgFW<p}OukoamWD6zMz?XFnR|1ncu_|V|*eE$zyA%c}t)&X80
zqAo#qC<W9D**&yT4u4;`UNoBu<`_$dR4G8lb@~m#SK35)01%s8)|?`~HK^q|jYlE4
zYfcgWK;x{<CY)H?f~M&6_;a$%B_n^nHEgJR*q5BW!rHjLr2EPr6Iqg$i{L*|I2+%=
zJCY-T=kYAPDx+)-fMrWRWFc4sfV$#svS2r{=r}bKlQz4+ieNv5tY*h^!;1;efYwXv
zNQa5G{Du?T*>>a5UyHlTCpLb+6%4)S*jzTG$Rdnj^<#=aGTb^w{#5EZvVGXk7-;Qh
z@5%MEXbpx16|TX!IU<YA#TV*1;*s`chP<BRn}+<?I30CXJ+~0aM)@Z{)!fh`a#PKX
zEFw46Tx1csspiIr5WSSTxozWGD}NKjHNI=XO&NUAf}1foug4R+IfMIHa501LvEUXA
zUTwi846d}`mJGgR!KDn=dOhZ?7(CR1TQhjJ1-D`FUJGu^;Byw-j=^;&dQ{68JlKNU
zGkCTIcVO^-3+~9^ix%98!P+E`YG(!yv*0cao@c>b8NADayD|8b1$Reqlz)N&Vh;p$
z&NCsYLJqp|&H$VzFt}A$@r<sl`3;n6A1Y&Ja5)|tkm$RT(bpk!e1vB&K>QJ&(LEWc
z43)6Jo@g26WDg1({^=<mBG6w<tG|dMX-u75K5_IU{2YC54q{HH{%+jF<2mmn@J|MG
zx@>jebZ25dh_ujvU7fWv@hdtLQ%ZP;%JeGgDAc(#EoakT#2iD1;t0Ftpst>c^s=55
zRCesMGNgZ1XJweC_^b>ry_SEC8X7?R<KC<=|1@?3O!rQ{-e7Mq*ggh(lfm{i*gFii
zpTXW^u>B2oy20LHu=5OdfWa;^*ntMS&R_=_>^6fPY_R(cc8I~gYp_EN_L#xmXs{;@
zc9_AQGuYt<d)Z(|7_4hG-+o6LY`VeTWUzS#JIY`S40g1^mKf|9gY9InHydmpgT2LI
zhZ*cxgB@?M;|#XkV8<KmRD-?MVCNa^Z3er-U~f0r%?5ji!EQI0bS{y#dkuDirF+m|
zLk4@)U?&>v*9Maw%!okcG?-3cr<vV5Y_RN|zU2mc!SIb3?2Y!G-@6R<lBIjM!Aes+
z&);LP9)rEtU{eitvcYB<tZA^d4R(sb1`U=PY%_z65+-fBt-;=Buw4wc!eILu?EMBi
z!eFNw>}>`+jWGTR&eNT4=^B>q0|q<UU}qTYRD+#qu(J&IL4$qNU>`Err3O38U{@RL
z!v?#-U}qbwG99nC9R-tZ#W@E1yrnxAF!2v@ug=fJwxW-57d5Z4H9Z2_`54a?Lu+>9
zE?{kU5(&0>Il(+4`8mq4xs4tw!Sv->&^I!IkpdPe)&ekZ=&U_LGxH;$&nC2TEz@~`
zB=zh_N-cv%`|+3#OTt9Z3a=;}^myN)+t<Kck<I;t+SWv4HaGoGt!G)7M9GiVWC->K
zb+BoY1v#*;)Y!hhvb-Vl3**JEd0r48yl{7lx&3Pl4PWGVF}1HfFT#D)=Yxzv99a+-
zRgJmfp7U+u=K4$%waJ#ch7`b+=3g4kyX9#npq>0&>S$g*2F)TrC!yWfN7*JnGXJ!_
z57>OC0*h_H<M39?YUxK&H}!Sl@*PNCcBzYQPq+Z_N#xX*vuDf}c~uOGX({ta8;XBP
z+lm>)u__H2$er6Sz&s{jyLkD^re(};H#0DCfus>^k|t9(lc`d|cR+q6{87((W%|VW
zTBVWQ!Iz?UK&}E$BsYDF-$LHcw6r_6nxMhv6*hG+!Lthz{Cc&D>*&WpZF(X8B-ns}
zOAO@UHeK5j=cqniAPI_Mvz3L5fJ0fxo4Md?zyhkjnM*Oz!J+K@7|X+hm(y{x)2CF}
z^`;sNOfOe_jQA5Uv5(h9^uAO$?86%1frPSF2K*;M*oDHf)K?kI^;sY5OM!eaPc3+A
z(Dag%4<a-9;M-TN`@D%-X!7@Zfjf~VVgi$oOte_Ebbo0qm!Q;SiQYdD=q-W`N#-Be
zVf0;Ct{grUCjJU?*2a`yn@-pxuM-GprxR{+I^i3u(g~kNTYRELHeaJoaHkuk0lb)^
z^|H4oYoaVJM#Z9`r_3Ep0yP~1>Bj4$-i47#-X+XCc&JxhTo%E`YRx_Pu0k+mh`DsG
zxE1Pou-rG<WPuT>m|jiRhnIu_z4d7&NmL_!LpU*jm5C&HLvNYtq#`_^J;NW~P#K}D
z8p^z!l3<h50zJkuO^-2gfgU3`7BSOfI?nvYWa@Q!nIfQ_Ox@;WYR=U5W8;5doS_V)
zm!eK4Bk?#R@t;6^JkD@ayksN)D+$-HpOktxiAy&}um@#(F$i~iF>XXvgS{A*L$2P(
zw*K$?ZT*7#7~uY`;wBwBK;Wv;iS@lpO+vJ^+c}fBtr&#6tr%B99HJ#1%OmB<!p?Wx
zZj5P*3hz53g(eqDM9ZmQg2$AL-<e$OnU@O!+R4RTPA<;+|3EG-L!HKwi^~yTAQ#M*
z$;I!LcLXY@Xl-S3LAaBPOH?i<cHz(w&U#pmRmuhFh~<KiBDo;Eom^O+amxiMG`UbB
zTI7P@wsOI>+owz}_6p?!tE&vl?hm&e588WjNq4v3@1)|{v800YhjQ{hlrbK=bd|P}
zcZO$XOL_$=7Yax=xCDtli9`ib!n~2~D%;`&3c5>49dw6#J}?ci6jaPIuK3+_T88PO
zr&Z>NOr=09NjqOexRbdnW0|uY#WHtvri)l&W~@RL5l|#@gtrqp%hM`ys7s+PB84V%
zN<@py5!^=RbicqeCUbk|WRBrBGWRVfa|cfIBb1z9Y#g%)cO=Sk2}W@&QiFHY**(Gg
z6?UJZEUn0f8TX_GRz|AXnTUxvV)!gpfNI=|G9T|-aB*+p6HiR7w!A$7llDqfbI_eN
zTql{oyMKd1&jW?BW98ot+Wm$d6(>PLdE=dpQ9n^zy0?+#DX-+_ff{yp_S9~LOB_2E
zFj`J&tOQm~=2ner&!G}xe=3n2BliUUKd4-?OcfR4%XA^(PA=I1!5C>d^7|EaP0r1E
znM&-NzmDF6tD{z2h4ART{B<>d-N#?o@YntPbuE8=g}*+<Uk~utr}0bt>MAFHG&$KP
zCnpTIk&~59PL@s|Q%<OxKAPn0W8dbPoH+I3j}YiI8m<1?)RmsB`3!1j>MF8@Me0Pg
zrq>}+GAP&U{tz{BcSV<y%|L6Rd|ZcmdYMXD1ho?=#I&p8uz8<_^W!j)&9gZFa(B?N
z=&|fm=Ci)f#0B;#!3BL^>ht5UK9HH>`aBrc=X#)X#bBGVTK4G;0NT3FIsaWAlAw@>
znNLJ`7}BOP{68kc`{rbr;Wje-n3Lg`S0%&IUF)PR;;ZYIY_GBS%6!IGCNAJB!3BKf
z7_aqw*6O)muAU6Hspk`}p2yD^v#<W2==52O#-Y=1L^WTdPJbA*`~IgoU672a)3ZF~
zm4~5uT6Oxfz}k>xtvcP|uO$0I_Wz_hoiNqu#7CWuqb;yv30Ix2BO6;GQ0$gX6#MsV
z=9Bq;oeVLdlOg5zbH?xebNptw4Zojs{NA?zKhN*Kp{!Mo;Wxc@eqRULV}1*gG5MY4
zDX%=Rkl*(MYeSN?^4sB8em}4LCQSKFd>Ow95Bbej2>5N;R>f~7jQIV6@%s%qely&L
z-_JOHPaYVP-yDlC9j_jr>BnL_&NuF{SY8E5KZ~lF6YA^qB-{*$Ds?@NPo*9nZN3HZ
z^o*7((`$c3l{hGq-#fP(!;VFLy^LsimEmvsl6dR}<Fg#Qk#|fLJ#hJPdK>jYkx<j;
z^oMS%aFRRp9iWp)mydUixiiwl$GgV(l}&5mU1PK}b9ZX99MKN4S%=tdG$4wC(SYEB
z(ZG)de>Pb;ASWvfw~>_>oUEKYwyeyCtlWq?yofTqXVC2H7Q0O*Hm}`W<BT``94ZNq
zA3sBSL&>b@hLUd8sIP$T`TlN_C+uz#`r5m&vClnK=jI7R$^47_og`z-6CMoYN5>RW
z0l)DW^Mou<dF4T9=GHOgVPI`YvQ{1A@T-pbi|QDuId2R&hxjrbLwKlT*aCr$v22Ap
zhH~u26eg7WEiyUQvE{EOKU8jzKV7<lPlDk#^7D5mKZ7&J)HSpvZUqg08(V&Ce)tYI
zKU@Y`;Qa7Nw8tbpjLY>DI}1DoIOpPj9q*>so(C=It*Bmo0YZ~7=BA%#Xf8q<G4ut7
zrZi3gt-*4TpK+f3#0;Hr(mNR3aKrhn-fgo^@}5tq9EE4bSt5*n76tz}%b=c88}aYT
zQzkK;Lfiiz3TK`O{*uCp#KHCLlv{a*H@c^gC{;(S8=R)a0RTowABheEmYOUJ888D1
zGvGV`BZ@MR2xP#H+b{#p_A;V1L(7?5`nmoo_2K$Gg*lWdhTF*0t4^jqH?~auSLc$o
zwJ1Qhq2}Q{B=7oqniBX$Byw}f3CLt~Ny<^7f1+pgVBBI6kR~FLIl0Qw%PJR)jO68C
z3TJ8u?@0DRIWpE{3u??K9J3*YIaGYs$i%1ABv=y;y#Q|p?yksIZ7I{7yYt`Z_vkpd
z9jQkj;;%dS>-+rmCH`8;Uw87?5BTdY{`w(*-OXP=;;%3B*TejE4}U$vU-$CYqx^Lr
zfBl%h?&q(^`0FeD^%MSj0KXcu*lMy<|EmZF{)<;k<_^ip9K&s7t_z&%#Yv)lfK_*l
z6#BU+b0;Tl=Fs_ZP!F)Y=5bKpg!&pP<?SWmh(68p^{lRK<f(J`N$kMHF6LBFREDS0
z1hRZ8PwuTJrZ9O5Y#pW^ni<(Tg?o*eU(6R~$nP~~|9{nZacGVg47cIMWXFpe#^%L;
z&nEc>Y6qKypRsI`X`uW6+9r89&<$#nkczQwk}OYo<r~q=tv1QbSr`E&S*uOr@T*Od
z^m2c&)?927;>&CjrVVWpwm@K$NP{uks%#P_EVM}`NckK;Sa3LgFx*CdraSpL5w%=J
zU;eN8B5PF;m3|ZT9BcfLLFQXX<i?MFWLow3@m<u@<~=L|;|Gxh<3~yP$Vlt&v_ssu
z!qj7pAIukzAIwoOeh}P#{7^fyY&@mYB;+Z>ZFoA{@${MhKk-!9^=(vnES}1pG7ln=
z<LMgX;_0@t1D>)7@RUdbo;uz!GUBP*pTpE+@s#;uo-#)PPYE82r@KLpD#p{pb3A3Z
zx4uEiZ(`B)OxYQ@j_?%st=8~kcwGr$QwZl<Jm*+wD^*YN=ds-m!Sp*IPx5fD|0?rn
za`7XyO@C<E_TMFXvFFzVes?~KK+g5~9a;dw>pi1`ez%b{I?~c!nvbtL>mB7;$UHdm
zMB>9uc+9gF^0>KLl!t3%^-j%`m7#sA!`lCdT>CTJrcZ4kEk3((0_wX8J^3HEdE_AA
z_s|-#%|kg!9|G9fcf4Pva6P8roc_Zh8wIs)Dhu(!=kxF2^QdgT=j4N>S)Zg`<z#?0
z3E7Q&g?1J5i(SPGMRpY~pv1V$aq-9;zZq`B??sN^Ppz8YBkkJd|H#JGrMd5;b`ihR
zm4MK$r4DGz>uu+F-3WE1cQPDdAlSWvR#lcq=;z~ZEsiOSKO6^Le`E0uUdR{b6TUEE
z5nrmtmpA43!f+eDEOvZ(4=S;We)!+v%MVbym@hvBWR-k*$e3V!dDcMSi=cIUaR_sK
zVTvNYF!fk`VLsst6BhBM%lL9sjxP+i;mg*JFI{V_k}v-~J5u)M{Rq_@%jS?o4<nJY
zIkrVj%#MUVyIAKfM?JkAsdEjM<4giB1S>GWyDY@}G2p!bM_OC_!x`Q&*WDyp>wLu1
z0K;KvQd!9@f6;^n{;4UA6(GIwGt#dJD#2z9rI$J-TDv3OqP081!#PcE?as0l%xNmg
zo6!cpRi6xt&GriIQ)&{R1^R7^>&OjKgonG#-QLCQ8Y#=@Zlw6O-v?i~SBM0fn@5Rg
z*(*eF!AgSa-G!(_xAm8!bNz*3KKQPe;_fV6ggbe4573!7-`j({Ei#ZFH^#YD-#LUQ
zE?EtT-8#TBNWi3|+g<F~t(VHfWh+i$7=Q^kY~6?dOZaMNUqyC!OzXrY<uZAn)>U7l
zFIZBT2G^=vRCo+~#pfr8JcK)t9)F@Acb>w6n=p-c({=UrxMhV>UuXIVTCjeKM~)Mw
zRYl$l<h|M6rfCzCzKLQy*AB<)H$dK-A@40lUQHh*@-=xw<>qML^v4WNX*^3Amv$5x
zcZ(lOfA`9(uiE-YOz2>;{hqjk2CZ;8{*y=F#DCta!GDCmg#U!Ei{=gC`vA5UU?<`K
z4E*Llj>%Z-%IgldC(muvW4riSM5Z!WA>4N-H4$6=Lg2~i3gTIslviG!@8EEtO=)a6
z7nMH)fBYH!po3ePPDM<Ih_<STj}gNQ8HP|r<mgj9(JOtRN$lEfNm=ImAUxC)6rRBM
zVc81x#J;HiM8(gt6+h|D@Dm>5r~Cx?En5M8_3=$o{FELyc2<+CQEuy60%_HWUwH8*
z))E+zTSj2HNQ<Tp(_$Hc5xKN18fjZs5Evo7BFYf0AgH|2hd5d4L0k8joGxOx&Dgz{
zD5lws%9^VjyRSzX(Rqz_`_cZ5HE^k{8oiI9?vZgN)8F(b0PB#htKnQ)(A99wD~qF#
zBavSce|<Ri?%%EsZ$|xfOm~A(Z{utO!6p-GDpERE$T>T=iz&4<>G#}Eoa?W8#n)@c
zzclGsd0b%+y$*ymCeO1z-VyY1qeW%g+3}=4vKLoVnP+2~y?7*OpQ3PL$;M>d>PUcg
zK9ZCjB_Q1G-#s4f9Np?@dE9X9Z*}C}T?`!gb$-$)wke4cUfSra<ZyJ37Gb0S&h`t3
zXyM1(P)?uqi#O-`1;f3#w9<DNa<#Oay=C|y=@*MiBb!5+Y2WM`KG1cR#c2C>6OinP
z=JfQZsEO{yXzN4yG}-7c$@A%zcT<%Y1RC$=p+0U7MmT*d{7Q4xJ4Wxt;|nfrN!GWf
zS>4}~t2@KJ^^L=8?z&6EZ*(<$aEuyqZRf3^V>)n~{UXLgPp5lpu7O7Dt-9-ZC!kp|
z39q_`+J6Rmllq1li&yGsm-3q2D=;pkKbOe9q%nUj$auDSI=Y^Y7$N|3WoyZ9zbI2#
zyK(M1L)(*y9lTRapw{!i%nF`!MJikLgPJE?Zo~5e$Gc7a>LFA+QAhE?svzyYa`GVP
zz{@h$Zq9D&S;C2tyN`Go8xM=^e3fEimo4GbJu(mf>qoFDALU}z6DY5Ks0Dw);OnYG
zhjSA^soGuRQxNGd0WCH8cfl0>N=Kf<Be%He2^&Fr8_UqzdIwUyxADCP{B4Bp0;#3P
z;O_1xW^@)kYXhT5*Zij>*WQ-x9eFPZ4fSBhg5HjxSeP)l<1Z@}TV&YU)1b>ml=TET
ztLFz%M5&Z(6sww05kq<q)e-1^*3|94Ey+Dl1J(zQ4f_CJ=_DXC(vK417bD%zx7`_X
zQWD9MgOiL1?qrWNICxcT%2r!~D7Dt1eE=b2L^Rx&nk)usTWtwO<kGTeZI=))b|Ww%
zN}DqyL|@X5m}%`rT@PHgzlGs8cEnqq;<yr$)J`=5H+9E<$2apUR5vmo(q97-p8QTF
ziAt45lD=r%WQvHtPWKX(gBSY0m`}zsCd~U;Dx6T@U!!Mj^g3CY{|%Cj@=s$vV8QLU
zPcnjk@|RBi)*^D3PW_G%f@-rE)$bX>KY3J7F@k^c5l>r=Tp7<Wf`9Tk{=f(+e22L3
zKQe-U@;Uy85&V;nc-A6vh5yMSa<^(dXA!wuwVr2$6rMx%0wee*U-+LbBA4Sui^vuJ
z7mLUh{#T30-5&inL|~3LAvqLtN0EnpOdkG$xW+py_!5I>S@53>UT49V8GO)!|6=ed
z3%<f&=Q>`}US)7?3nl{yZfn5_48F;NB?eEmV41;dEm&dj8y4(f@F@#+GT5`OFSp9z
z0t<FAxVHtn89dQ~Jq&)-g1rphX2FRJK5D^9aqQ$cb~OYsM$zW1l#^t2=r+AiYYHOt
zSD*cwieE|N??ioZ6&qL^A79V??CoqUp6`A)9`V1ba^K?cH@i7dcgbBolCkk~pJE6D
zLT7dO>D4hJkFuaqR<(QRAYT6UA1;aQ<V!kveXG+zEvwUQ{&!>F4IH#>ou2h6TI)o9
z`I0_7XeHI^SxH~_zZ*v{C@$%c-{Yhlo4s*@PtjTunf>1>i9+W}8l|i>dKcpAHF8gx
zr@-wAWc5Sfy9s3e5cpXF$&wKGG=Z#>15yB`3@I%HN|#`1Ay7I7OACS0Jy==@lup9Z
z6ezwW`mw&+!8_k5nC@=2GfSA>;ZV5rnF(UhVZ25fl2&{-8_#~tqRk*p;_%4j|D9^!
zOxF@R^@2E-FtN@{Op-36V}_McbVr=NuPbxemNGo8`c~C!v0dC-RVTwHvAXEp({s$W
zd3$Kv&=w@1x4ua@A>!TM^d}6TBGyfRW4#R{>qbpxI(7ZtXX<f3C&I$JY@naP)~)F8
ze*W&z-_!VevWu850r&dYfCM@<*-Qk`PUYkx;EvYqok2Z8uMwZpc;xG)(DCVyB<rQJ
zLWRHFLT(%uTB4H#LQ#2jz3x@g2wCM>0Yqpk&ki6$AZX)Q#z~6X=TBrqyGDECqIjYn
zE1m@B;wy6hyx3rK?AlYN6I+Y*k+;%V^406%JscKs^?I{#mACwuU22lnygfD*G_MiL
z&8e+&GuPzi9eKGSpq<>DwraT<$GxlV_$oJ>td1IaJ6A8%ngs|%68tE%O_@R3i|OLF
zs3fzUEutgiY^2a%bMR{(2FIjvIJ$tU=?542U&n3iehr_43a?nh5<k4DPqO`D|LY0=
zOB2tv#Jg|llia?Q|F!?t?w2NB6N!^i5;IEMWRxX2H77t?D5Jy}0%?hiGN%KwR*n0&
zh2|xW5cmRt#1R75-3~zFP@wvAs5{rBOb9VfXPp2^Fnts1PL?=?tD<{`@58}pmqc_1
zb>}?6!!*UZlQna?lO?q1PSuO~{IOmXT5%OSJp#3}TjhH#lW!Jbb3W=t0@}&<xns-s
zqnRp9=dpfH*{#LjP7AKh-(Cx@gMjF|CfcP{*UgdxGjJY^t?RNI(6!V^>q*&>))NXM
zttVuNKBM0VD_h*#$qESTa(a#kb9yS$b3{K@JPXUkSCXYDSM=O0({n6eu7H=$%Th(z
z5xpoo;t9L6$QO0n+QM7M`-@t6zmD;KD9?KW+VTG4v3alO(LRnuTsh<TxD#k8+>`X&
zxqh!2JQuo8<uG(QbBnHvnqgbtdi->x^YIZG*&Fym8S&$tE+0rH$9aV?zpWfVh_Z8Z
z8c)P@9OZlfL}YxYJUE{^(G|go#=$$}?w{OwHsTW&5`nq6nM<vu=;AMey|XcJCSIL&
zEa!2hy_K$y)P5{TYY2#a#rucW6&{bAs0>EsaaxIiHr|}eg}1XCCxZ>`yg56-zM=D?
zQoB-_oIUMZR!S<KhRCNvBBOR&$?j5Wl3oWd9JiQH+KmYVLBBoU7W!P_21w=GLM@;{
zKy+Lz318OJHaRJ569(F}$+hEX6YF#H!#?*Z<dm9avgO_&B#}{DEYdd!N$OZ_!F<vd
zOc=C9w)jv^>xeS`udj7&gmq=0O<ivoM_t3`lH~3gDG;(oyJJ^;Yf@&DU|l*IMuA+n
z)px83*LB<4=TMw2*>>VZ5t_8P>*~jL;@kI0=YL~f*FNQBIm+4qWwpq`mw+~1fTROG
z^<9#3r`W7`EpHk6%0hfk)7F4{6P{IBgIKUJax6rSq>kl1_p;xH48zZlCr^4hRe@kd
z3y$-JH%j~R4T(W*U)B)4So;?Pt#{ksB2AmU|DyAjy5x5{n$01#V_WLG2!(p{vQSB~
zo=}n`K0LxJoRJ!UR_%v)xSRcr8C)AGe4)aL!NDuZp{U!23MZ0mO>mb|lK^EbHA%K6
zNVr=Qyh0djFTHuz%C%xY@{hdHH?s`oTteCRt0_vKQ;(h5>rSLjB%h^RJ@jX+{<*VP
za#0@VN$ti3)dCwKpXr7BDItphDIOPUk28K_#Ot`A?-*<(?J=@E<TV4WyuJh3?OE+z
zpf7i%zU-*o1vq3TJRB)xRfHCdaV*mK<#Ym5MEqK$d?EP}d}D<Zhl2<0o3$kINlOxe
zZ|JP~nZ31rxrVhH<_NcdS6P2cH$h@s%9@Dy;-#z}a2X>uoQ~+R_|KaW_rQO?aD^Ld
zlT+}YH)LLl|4XjLpHfvHL{B$G0ZTp~LN+7hN(WiNwZqK`!Qd=QjhEw!pmZ@H_4g5p
z*u5{4n_Cd}cCML8k|hit#w0(5#hh-*;9d-Vk85X38Qj)_TQRs1gDZ%BYX;{vF8EgI
zL|v_uS4G5oAMQWWS6G%l&HYDHbrB7#R@H8Q_<H*}y2psEG8b*PIsVgb<3IL)>X%Ja
z=0-x9W1v;$?h9oO`6nctt2i5$&6ruoA|2V7<m8ME8_AQ~tIg((;M=HO%tnsjo2vY=
zp(D6U&lZp1xFd)9h)o~Cw^ulMPy{D4BKXdlo?MCGZp@&JI(R9WhBnzu=+sV`ZiCq1
zeTT_ee7bEGCHx5Ewi_dE*%)!#j}f=S7;!s}5x3JAaXXI@w@Vb)k=%p2Z_c&}&rx^w
zV`-9&RQoZNSE+LVVYZA9&qSE5;lrzAJ)AAz!?O_2TKn*9#IvS8JO}Ztoe!^pFl*$)
za}j1Oe0a@n07$w5)HtqDq3eyQl<TUTE8!d=nM~^%<MQmJ>~&m61=G&Eppm_S9qlRD
z6{vOILi>5K_P=+B{f~h*_R~*<jIr(K7W+v{B;9I1ZK3^$;Bc7r_7maGe$rvqz2E8w
z*|F>==C!`?anz6h8h88x3;(hnxf|j~`KOV+t+hL0{1d!cum@rM6Tn_)u+#1@x%=z)
zG}tu;+sj~|G}zumbra1RA>;K3Di5dwmnaY38}fjGRvq}OoDM7}CnA4nL;1O4tqZ#a
z(|u5mS^&68973`kghY%*f3dyZWyec}6|Pf^eUVLGM0e0s07)Hpn@!i>(e?E##YMEj
zE0V#+d>l=tPGlD2(`u-L$a1O4f+)}8<lz`GJ&yBqyS!@Oxp@}zI(SFIJF;_j7t3rl
z2binX91wkY9B^!@ygAu;L(dUIy%<eLmcif#xv;YFIQ4Rd`fHzusXhD$VN|^|($tI?
z7wL0nX!ws3hhXh_{Bpsh8g<hBKve|Tp8(LqHVN8`;HbUUMw+GCzkD3$#7zd|T}fhg
zii9@hMo6FN+$>8E+9ZQ)KIyGbp^9WaQ7W35d8tpo9oS3#Jxfj_IyWJa_Hdh}u-%9D
z5jP0<?LI7-ClRnsjdlkOoj0J2`qmaafWd`kq#VfLT#G%3!POX?MT_QO2Hj-FQ!wKA
z!#T~;w_vZ2zk|K@U1m81S$vzaA8w_*b}ZAm4g;<I@VQ(+EG4f)e#)@79VcUnh#Mra
z8|c^JY=%|DY=%{XIm{~Y;cwQ34}Y@~rOBQ$Kd(u3{Abok?j4-CBDk|Jh&+P3^eilb
z!$M`BWZ@Cq;bAj5ct`Rc)KmIZJcgE<q^|Z7+J!@CsY#-I5PNh;iw|P`f+YALRxwzz
z25r+>smWs90H$N0n+H|pomtTroDZUnXJtcQf2AWH`DoX_4K!~J-g@46gTB61fi(|}
zXxsV*Xbc|;Iz$=5vKGJ_32-~e7T!~6`DS~^c0DM&pL8MU*hXZGdznvB&0u?w7|ynA
z{Zk|iS^;^y9Nek>lmtb5a&Xe+;MHUZ`C9MeXI8WscBF-SsL;C^5j9+?Npz~)!n9y5
zBcim*o=NqjJF_dc)xMN!CABXxAa;f8mS|_}N@ZYp0+c3i-x$j;hj!3CR<!v&Fa4Xr
zwwn+Ot|B1V0a}(5BDH7Gl<AQm8WWzf(-soMQ^NhV-%=Aua9(5n1imuM?TNvJ=S6m3
zIdBmvWM&C3GOj)85t;AghuW{0awHo-_;xU4UZB})DSS=1GSlnUXk24T$5(x?#=ZNS
z!wVM!7)hX0)0?&w(wFpue?gKd{pg!P81mNYb(HneHvz91339sZC_plPZ>Rho4f)ML
z8#}UVeEimSaPv2k;Mzg`H_N2VCJBlBHw36*c{(V_{5OO<|IKD7KiJdlP0PIhrqEwY
zI>f&~e1VU$wdLeY^U+9UEhpp7F@X4S=k*ZR?X~UR7q%S(ZQ5?q_}WhWZ#xKX=YN}w
zoYH~^mPWUj3Da=+bPT(dS|8wW+k}2@p}LX^sb2rM@q<y056T}mPB5+Uhx@{1ewz7Z
zm`~b`34?Z%etk94hy5Czm;Eq(E7F#l{M*wRnGoK5*b5o4RTw>492;*#%K94_+yN7y
z%q37;f;y%WyG@)JcjWfhR<qbO8Ke!TiKjG5%i;~&s*mY=*iqV6mCQjPc6bJ|Neg5x
zIiNKt3pOy_x25x2NX2OEdbqP?NvLbfax&AmCHl9v2cxBzTYF!DG&_MFuNU#ejk<+L
zoU(<^KM;0N@T84s-idmrTK_9$*)hFV(pZA}Dlkxj*{QRV-o;j1mre9`(1E!_h*jUn
zc?Tk5W9yxONd0w<VrP~4_lGjiKpUB#jnc+3KB&y^63YA>&y&z8NxET$36&kGBh7fT
ztK@Gok!xR-b0`1I6~UeS6ODuG_}jYwo+w+!Us~6Uh{sevnJ+b2o;QRtC`<Fu?20bw
zOCN+R>=wv^drGFKb0m|6J(A8G|1m`Y_fHug_m|SAcmha}^@PqEHA_0gu&KJAG0BMl
z$#_UTx4ZKE)R5;4wBh+W<KTJL(aJ&&m?}kvaFXTW#$&fm#VSO+RDIcGo(S%Ic|>kJ
z9!8y7c}$ebV_XI7`9&TxBI0p9S`lTD-eF_;N==s7hR-~cRiraVkfqe*U+7Gjsxs|b
z4d1!$f4yFk6E*3(kVdVdHON2-idEEaL3INwx<DZWRuS4%`}7{lU$^?CHXj4RUnhEj
z%~u}>e^2oGtkj=MwKBSc;c7tR%2I&<URHQT;l_KXd!>O2bT3=M@i^AK+OCWab#Iyb
z!lJn!Mv!0^*}IY6uflLfm|b12&X)Hep6}af8@^84kcJC{NZXKsHhpB%akQb;+sQl&
zboDFrlaSz6KM8ZS`bh?{^@eLd+zKIbz#09XQU~3<*ERZHWbB2+;Y1Xe-!*!&gl9Ky
zfTk%05_L`Rpu`dV!&{(cE0}jce=?gZ;{cSgmz2SI)EU}THjiSsO>1rCTI(3RCE9NF
zzr~8vJrqq8?^WCKZJ_4TQ%F##XCz5Q;nwC@w&C2GajwmEEcq<oBrY|H#K8+~P39Au
zi3tOnDO?Xv5f#ovhOeaIBv9oEeH(kLT%8%p6$6oPV=0Z8WztC5I<ER`UoZKa#5%MC
zlAXh5&epsMuMTa8h}u%*$C|gk=i?3Qv3$17D{TPB@vm|29{Q?WtCdiPQPxcF6*wGq
z*atLZNrwK0CDPjZJ{>0Ye+QtazJ{CB!`WQIX)~c`VyUaP2k5eC`%l|U+ufP3wUQ0?
z$mZ?z?d%(u%_hjo?nkNgIa&RCvBd7mV>@tlojLsS|BnXu^XI|X<h9*|H0S`mTXH|P
zb$MtTKzm9}HiGVw>#bs%gFZABf+Ntf?%Yf2dn8rg55$a{mDJWo!%XU~4!wvLo!?#7
zZ&L3|s>^qQdt#D-94@yd-1lRyVD7IxXHjL@;tUIdd3AJ~0Skhm{-G*104}FIOsscz
zx*ymAE&5;*@Vr6rlxweJg{W`=n~k;cYw$gQaiK3sYNo|uCxa^vmEJ#bln=oi?wM3y
zt6MKwV7b#O*+|>xM@w7~aR_g5`0*1nx{D6@CH1w@p5<wseVyT(gjK144aC#%u3R6y
zFnShnvt;2>dKQrP8PoTEAnEUiQ&{MhedIzQHkauQ#<;xL*8&#S)TFaZT5V_o8tveo
zq~1fHC7A}fcQ4<3qs=|Uozw7cUSH>+(lR62c7J~^QTOFNpt^?qlK$h{nsW<!U9VUF
z5#xvFqj(=rUcgt89F*flYo(Ta0LhB#br3G+(0Y+O(<=3~aR>Lo{Miw(rbCs3yIB?~
zgh7wsnvIHbh`i{+H67TU(Ubfv2@RyKD6ea(r6<Y(PIqf_oV(MrE}0<f(7PrZy-Svi
zVGhkrKK{kH?G9$$OSOF=qQlz<a>_nAAC*2t;)Th>yD+{JuO)sGBj51W2n|VR_X~6!
z%jXs5al(B#8s9DFF)bT4T*H}MSy-k2*qu+Di#5Il0+@h74)Zwplpn<4shjkvERP}8
z9EQ{Pfwwr+zk;8R^i+P}UOtWAO8R~YcBH4vw=?~Ke5>gh^6g5`#Fu@O>vTI#NRmTQ
zXK#P?_h33Fx~xlVo8?Dy3}kT;*lj`r?GSc6nOv1g2IkkBfH+bWr{-29YCt6|iqm-{
zYY>660z}aTMaT*QYZ|9#5g$eSNUh^2-7rNR!27-fR9lfGwoaU$sAOw88%#|)KJQAg
zo5fkMHVh5j{+gg*gF>N_$K3buMv)=si#eD=q{@)-`yu`?iKk8TAt*KDKUbUxXt!VW
zKw#>v_cs=8AMI%j&u~P3G%`&}_CAN-s4YVFL~v)LP;4T&n+KCOMR4*UhAV!GT?BXd
z+0YUEovO#!$`Rb9XRA7RHJJxFJ%aZw`I%O!$@)3_wbW##(2}voo3k-SM6<DAFBWSo
zRu`-2hJsR)^#Ur4MS(+{4pm0Ps4`+$X~V#p0t326hygBGMzq7gW-tt_J1~gshd8jN
z!l)R>@P&}$X&v>XuVawoRS9i%xX75gORN18m%y<t!`DzBdg#zL$S|qCj}EOERiT&N
zyiK~uVqT_10A*hMbGYGpTD7mbpfef3ST@5!R|mAKuWLa^vU(2&I6o3!XCrZUUpMr;
z-zb!nhNk+`r}fmg!aYkebb!=eD}Q3&#0B#J(DEnsO_K64shBpoZ?cxu3%TjhG3Cn`
zQ+jkviOceP^K?vDGdZlO<3K67BH8VCIzF6{8JXz^(W<c3wnW3I%KH!iP?EmyINvm(
zPA1FA>1fj<q@4%S4>N!BEd15=K%D6>HHlPEri{Qa%g@O6__bh$29`50bTmrEGz!-l
zKz=uJ=_G2+Dg8sokfyDXZXy=ni2<+ZVGO8EL0eA3IW$?2p>Ej+^c*SlG)a!G`C~1=
zb}Tf<e1}#|%l70g-xekHxRQV$i#^1BAaK7)agV2x+7+Q{rOHLr(`Rnf>-^;~lyTJf
z%aDfDg4S^bNyE6Ih~tE{n3cr3?2B@a9)CGn#2STl8NLKfYsi6@cEl0*9y5OYK|R)U
zg&5r`1bt2j$eN%q)@3`C_2#H7h){d(8e>(2ILgT}Mxh&4+H0X(+vT;9EMw#jD2M;N
z%~9%CqvmV~EsUCT_^G7l^3#!igdf;8=gGGtJzu_^=|}OE{#j1y(06Y^8+d&5i3cW(
z?rwmIBBl%rDTp>30ZM!QoIOK=3bL3{LrM$cVMSa4>5v)}L|ciX<TuF56qAD0Ey$GA
zOK3M|p0Fu0^Mtm|`k0*-)ttKA*(z+ez*ad{WXIVmCxKkiZrUHIPmYs#+A1FoZ55op
zU^sXGj(@*)2zY3z9A9jy<a8=I5{>`PPGPf0aAy~=xg+@TD*u#}2=3CeDI>VEJJ@^?
z+@)s=Id~P56L*hVHq?_|vpYznc7$-4hTXx4c$m&s$XElhJ4mvP`J@x5TI~)-#Hcc2
zSP8>G%7LNP?qEcWL2U-?r0J^+hU4G`NEwZT7Xr{a4if6xC>{qt#{A8T@HZF-iB!iy
zMnK2$W8)wLZN@>1Y8eL^GmdeP<YeREDUeH!gUlR^gN5YTILO4=ILNW%ttxL03w*bt
zZws-gXmIRcY8wX`=o-ET<OJ$GKX!}<e{Sqx7LFZ)|Fw)At}H)x6xM}f2h(+~V(f6Z
z#?dYuJD7SrBtJBIF<*rFIFgTE!e1Bj*QNY*34eWpzb@skuk+U@@C#xq<IQFG^55u3
z7;_oZoX206^Vj+Obp?NYl)pa7Ul;J#mHc%fe_h32cktKM{B<XPUBh2@@z=HdbvJ)~
z3cngxLg(q`&rdUge;TLR{?N}DEZZ}B9bkj!`oYT&hSvj%!SDutD(Q_(^NOW$3lBP?
zX-c=RlV+7>@<&8vQY`stFK~YPHj!Va^FP$8^WQG<)cGID>3oLU==?LC&VOKBI-fL0
zy4TG$S=|_}b4t?h;FV+n>L7a#R=2aI#3ve+2;^8Pb6h=q0Sp|Muav;aDE~6EKd|?2
zLVBn8RKBGpKbt|N^NPKf-VA7~P9%nycAei6M+AR|>JMTu+Bnv})7t&~T)Q*errj@e
z?Velf@LmDW^Hkc=@th(dC9A#4gDN**Ztca(?IiXOLF%K-=+5JQ2vV0)ZbAJVs#kEC
z-hv(drerbDu_1xiye;UpjR|miVdR?9co7m596xaz5z@~AUA%XN1)y&*0&^7geYkZP
zMn!Gz_FFKmgLlfC-LkHm4X4a!V>=V80uOG<!_ZFn@bw_x4ZLv5aRx4i^v!wUl5?%M
zB8MMUIpa$|4?vz~CUUfuWoz3BDkn^<gDDqla0MO#*s;xdp==}zcRYLnacGm<_~}T$
zh!6czWqJQR+_&o2E|pc1%Wn-A!6yP`9@r1w)A6OZl)CAaY{n&iUDKre4w?L3kdt4A
z+sN<bPJZX@Q0Udl@s)%|e06$*<VJ93<B>oIugV-&_?=l|#3y=#2#oQ}rHs!Rb&MFk
zp_ubJ)@&~thI1Rg#HBh$#Nc*hZ`Cn(WKbEh(=P#_V^<{8%pKLy)t&hrye#K}O6vb7
z8VnQ^6N#3wa1YRTqVQ?tB4rYo3u~T%HXORaap;I*4$0f&*CUOs4R4JyLRqu-L(c^U
zcPPHHpga@)4xRYj2}&{6-NjEOy&E4{BfAoK{?qsM>X}L<zzv}?X(KHr|1im0<X>iK
zB$e_X`CW-D;**=75M=~+^9>?#@Io0SK9Nx(Fd1d8RvCqtk`e7>^ck<>@z(C-O6@Li
zO*!yoWC927;ir<`%TGsoA3vCS-;b}#V@2*j09&%TyC9O)&GBK=bpS!h^@q;_*GZ5^
zPgwE#1IdeKw%PIkhK#_YFY6DiMV#8E>Qb{PPUq;Xs<NA&e%>is?CB@nm_2J>r!Ccx
zzU0Q$FQ7fOt4Uwudi=2VwU32;jR9Sc=PECiy1!-rR_SU9)**8;#RiCE$IX#h)d=on
ziuH`(P6k=e2=3CeUJhPOE(YDQr#u@MS-y!L3vCrW42+D3r<s|iB}F2|B*A8^EElL+
z=e&%FQOOu9{z&?`xhHG6wC%!9V$f|N9k~0memK|EWjtP_xBue}f!bbhmXfbSd(#8G
z3;d@;cjBrx?uVq~gc+Y$*FQ7-ExTqvUTVaSZt_OgW#=SYAFMv*aQ^%i(CtTh@i#pH
z00bt-PeNUL$Mff}F@N)`_#4chiB#v$jKHLcADcfj&}RN@Q7!Xl#*AbBOmedM^F0tx
z&Yzh%m_HYiXY*$!E}TC*EPkF?h(*PW^Jk{E`7;B>^XI^aIez@>IsBZ53hFVY&f$)n
zuY(NXZ8=#F@)(VIvTT8-L-laX3VV%jfZ(OfVfur6B}Y_0Tpa2L23q#g)nw=K1EL^i
zH%4x0zq83??OlSq$udpW)<v1_92ntfUl1q<zZjGrX9xZ{cUXkv?-o2@IE;8+d$(3;
z<PwnB!=-De-wG^WufV<u`os=y*<PiO!+!&X*!C*vAKwHdy3|&ZxO<i)GTeKmk*UC~
zp4;d=i*b=|b89wC?BIoaub59X6B7n|ud*q5dH5tQx_=At7#+XOPe=M7K5ARvfHwLo
zXz*j0+1B!?8FT5-($hI`h@D^Ie$5^6zkXc(L}z)A9FD%N5}%#a)Yo8HW>U{C{He{R
zG?9da2Vm54$&z|oJxhjbv9F-@^*nZ5oGdb{zJQhCyl^GBCoQGp8*Tdc2=D0&xKu^d
z_TMqw#$tR(q_n^BV6nyMb)mD-*+3EBu2B1xb&lZgRe5Hu9Xz-fA{(oS&y7{VS}(B)
zmzlkFgX0axyjf}yeFw>45q+1RO8Py1I?{*mQJ&Ke$bXhCa>;0BXHT+K6_0nx$P7zR
zx?8)J>+^SlJ+m!Nmiju|;;~lVG>tc($nl2ZHoSS%@#dwmdE@#HD-!WQ<)z7HiQsN7
z!b(MO$742}gIAKx(Qe|u$?gVYIl>(x7XJ+~$+ck28uUu!^*)VL!uI(^+&*U_U25%f
zS+0E;?yVmmUX=+A_6?vI{-v~!JM)VR=ViL<l{scCP<YuH;DgW$hkqqGW;Yh?7|mdV
z%m3puzu!lNq9bN236Of}JYrPnZZciemhV$IlRJ2Hu9xXmpYvQVL*cnz=5p#CHq3)2
zx2vnT{{Ybt_aE|8Nq@voNBS^7m;gM2ujq_QLSNB!fvyvKy%#6<d-N#3x+E1_X9!;g
z-8N9`pxR;~xl=1J0OxUQO=}MEGmxHKwC)=c3gc|@eu_}+<zz)DCr`z4LLK*hlatGH
za>8(%e)K!xdVk}TnCqF}Et(UuK_XtBs=Q=VL~z$%Sm6ln`WNdP!QFlRtgnMt<rbQp
zpM&M2fAQoXi&V>c_<3%mEj3w~4m*LnV*pc0M#M&VX3vun>9H)@+4I2#Z*2R$(YCQo
z#J5gHC<!X3xUy=dir=F^B1cS|M?k`m#~%X@d3=nYj`Sz^h#Zz>4Ik*+=wD{{qhf7G
z%A6pI^snHI^shrN`h{|Fn#si#Ik{lCja)qE<YMKx<bs4o{5)Odg5*YU$A1zX!JWL2
zbO$fguPjHnMZ}_CiAnS;vj+P0Qqv6O^l?O?^?%AwNBT2<pbdVGFMJ-A<V$Fy<ru58
z9PT{CZ!r6k%me<uv5oqChaXYy>s}X`WCsh@`Zfm3OWZ|eS;nI*BUErp#>F(yNTJWD
zH=MO5+yVTNDyZL*bMy~Ln~!`_nXLXW2BJOlJPSMgcVTX}XTBrZ9r<(jPq5Xz{gJIu
zuu{SS5-A*DJGL4kz(@P24`22jXma8kddj?b8qa$i-5Van9LdD)`Ys_0ir~8UwaIb?
z9!_PR0B{iJriUNKUd7r3beZU&Xn%iM6hSKKGK;)_AcPC;C7BDI!8R@H{0IA3*WJn6
zo+Uj;*@+T#Hm&11#+2kt>u*<v{cU1tIm5k6&OjQSdO&?(#K3j~&O?S@6|TI!G;*Jc
z2;>7%3=Fd(z4d)cBUdX%aqS?I!QqlbZdw{~8c93>h-7fMB9Z-#Q$cxfh9s}w-MRvs
z#kIA*Y5hU%$ArsdDI1sx61t;#7N-Iq3i6N!ZW5E!3<M?!Born{7S&(-0hng!Y+iJh
z;H&kbCPo{}`S2>s!FD@z(AIMLrBO2ZS2-11PU#VgLki1eq@4Z&RfZn<B|d8Bl#{Q5
zj<Z3B*ByR_B=aK(e$s>gZ^r*6=kpJ*`0*AtTf?p!S<r=B*atT3(+fkyDa+F8gS;?A
zf-Ds`4m=1x<}W!@X4ZL7xMfeT(CjBxEHXsb+bHeq1)B2#olB`t&e`kSohJ>U^3Cz&
z9BFsXrLIzGw7C?+ZN`(yP7W8Lz%k^|`SD1#<F(o!4$ek!@OF1bFl&nyz#X)Vh^&B8
zljyV$1{MRi$TA{I8{8Su@Vv&j{wt)zWy;^@K=Et*F1U_BCP|XcFHFgydP%KqO8=|M
zxNGx));2%a+T3XXYjcKM+FTzyo#ER2=&{?}jme}jYICdsQE!t{2QTzHFrSPFOc;#7
zB2PT~_7S7~nw-2a+~(}t9HD)7BexzL%|@=yI1%2y`y0^Vt)}!z1fpYa5?fJtHU_!%
zRz^l`;PfJ~jMWCrCvCulK^uhH<F|-{_V^t>gDsTnjq#GiiHRokeeyhMLnj~W#`3WU
zZG67ON4~9V(YQsvt+kO`d|Tds;p)!9i|S5-$ErK?N!^*SP2GQwDAfHaeA?ArlK8qy
zLSOffhIOyUb*J5Pfy9q|N`*`99tK+No()8(LcJf{BTWK|>Q7q6sz38d{h2VRf97{{
zlYyrZ51sJ`ek$o7@fpnAHF26}G>s(f(4>^ra&jT+8_q>c<%<)NCAcOWp|01_dKspi
z&a<Wi0JjvUQbaV9kkX==1Zhm_aFx6KI$70pZWUcTK9UZ$w2mJahWy$z<`>70izJ@o
z$ETHLrpp*^(PjGb$Hv0C{>Bw!>oVu>VM9c`bUKceE`qa45!}s3STP5$Chq|4xqTKa
z$JUdGyl~`UL_C^g^G}v6(!-)!=bx?qXF7<||3PBU6m_~i3y91ql?NXSd9YQ?0~~%!
zK5jhtOvnSC-65d2zD4L%f+I$`u%&QecH@bd3z1e1b)L{!NtHOSZ`9w_WL#03GqHmg
zjyKFFEyjdFe+#Dpe?nBC_08-TIOX(%XoHKb4Xz8@0J{hn?ybMI$Vgu%EwFcK#NCCY
zMmht-+e;Me@WtBoyphh}@D38$-<Z2g8~Z1^JCJma_#VttSEP9fXm)qyMe%Az6BO)e
z;bLr)FmVUU6vfZSoSn<a%+3v4?>WSTt>-64dH75>Y0AS_Zv&qd!qxV9JL+_a@!|R$
z9~kbf?-`0B<~8yX(4NwscsA9wlJbFpVU6m~n+|@;BX$W5@k^!LCaL#WFnA2X<RM7f
z((H4rcyOfyyVhk&I}cyp=u=+|^ZfVdkwZ`8&!qa!*wel*C>#2T1R1*tgPY;cr26`*
z<R{hVHjaK3SA6b{bCoA+X|?Bx<ORv)?<EWFl8k8d@^Cr`_(WkHj#^b6IPCFCpn3RT
zuemx*LZ?^qC)F1^$|u#=!LN0M{MC!8wzD;~W5w5BF3X;{+K*8k>B(wm(HG!kkM+r9
zFWmU`JYq09zQ9jM`e%Fw@q)$l>9qqu1LpGCsOna;3NoM^j+HmyTeO~~ha#EJ&({9e
z>schTbv=tzx2$JLjr@2k%U(=|^{f-15mYt<{jEN7XYU=1s#`ni`KZgR&)ksfGYq#G
zLk|QVo@cnJoet8umK*!nK#_iS>shQw1b6FMtd4^hu4fUS_a|lJAF+uxXZBV%67?Q!
zyvwD&BR6Vg)y89>)y6wQDw)}M<>W2MAKFZAmOSD#2as(D3&;8VxI8^jy8x1#z6gr^
zAggC`{{l!-pAEyxMY>F~H(4SFH!Mvr*WRSE8jgg5tdcSj*bMp9w$}ZuO~yuT>flW7
z;MMG{?&$sjW^J)L=pbiAY;|O7i^SV%YzSR?ugewM-ZzEq%|M&k+VRrpvm0;u<CyFD
zo#F~XF`2&`uL*w)jomT1GP$F6EYPGcfi{@Q|Kz8VzRXWY`Y(Rqw0%Xs9qFqY9(lbE
zwdn+04_E52AnqWm$QjZTai;1ETpRAk<sbbM`zNujI52N{5y^lS;uaemIz6thLr-yb
z;>v;%CmM2AbWZ?eFyI+cJH^Rknm9!|F{#%blxItO`g#bR#IvQEmS;<Q`+Bi62ajLy
z#Ak<|_&g6MK0EZpCy$DD^-c7*2y{-vY0(9flF@&lj?*SDxfx{g=Fn-Y^{uu5YY`nv
z@|60#z9~v_U((lSBv0*|%EEeakQMQVzypOVCHniO6qZ$;Hmz^kf*xO1edq3J)BC0q
z@OLS^zFF78fziwGyFB!JpjyxaCe)4tn_#m~o6$FeN&luvyGQ@3Ka#%5gL+<dUb6f`
ze}}=3l7+Z@gKf@zPkiJ4law*H$*HHlQ13zE6(}o!AN#6L$0yt3goeZzkH(!=d15_8
zNX@>}<~3}*r(NffAh*Y<JK1sve}6(b;kyV|qHOOyC=V^9S6WfdFS+|zWI{z*%)#X{
z9SUa*R|P?7U2-KW>9ElD%QpGJ+57H9?--cWEuthgVmE0W*l-^167C+^&q*{zxYX^u
zbrk>lmO-q@yN_k3fNStx*c6I2yQWA77JWrU?*U@Z@%PHmQ@nIv+)0t&`^kDo`pEg;
zSnmk#^c3qI!CiXNT?8k^MQ{@5;ML?+G^3oA&sHBumy8x9L{=YIvdzF)oa(|oVF9rP
z(c-yl&6p<IS6UB!f6$wfAiRzqs7NmmLjd<ih>b6d3sJ*s$W-l7`vei{;N~>e-E?wr
z6#n)BSzBDe-lePDE7;?7f5!^;)7hGU`a;K+lI)Yeiv7!MXAE=G)OH@)2;x56K<^Se
zfk(1YH(iKez(w^pp3T__&vMgEH9BWkqLhZ`&C39Y9TTk^6KedX68K9OX=^gOZY-DM
z+O%wSY@CfW?tDp>Mu_7{WkDr29_J5NOFakD4$>0fOe+L5`PViXGLYY7h?ZFov{=-d
z;W_1AjP;DE+H-$WE=P}Rq}(Qp)diy7Mr~Kva?(ttfwU75idOw{a=gxJBUoLrZOGH*
z3owS86^qH6<jCuW!t0pswI170W#HP3MmSuWBnh;t!=<-zd`7O|UlpCQ8B%<Q;dHSI
zq~UbYudxXn?d0d%pAuT=_qkck3iJCg+-AQ0UJ=v6`S!^Y)n>lklt}E|LKO?w8>0C(
zNgeU_pr2pS?sW6*C|>8=1V!_0+*(hVt_J4j+KkBNJFZRW8~?Pm$t}4yVYrR8b(+*|
z71oxv`(7x6|NK~ozM3NU!ty|Ug4;6F1=?V5b@Nk6d-&-{d-;LAHBr7D=_L7frjzmY
zI);8E{(FtMb?1DW0yI)f;T-N|;QvT;rmO8(&3fd<<Wo>psaOs!Yci~<gFDls>O}xu
z4pRbu8IUZ$k=`OKY#>;BoDxWts_G*Za4!99s9kADg<~+mOv2d-lsz}rv-0lk3i+8I
zn^{lOrJTs$t!E3#zzFWfV3HNVoiCL2kKk_JM^;C0m!4IM;0`~Dbnt3&1L%=G_t}_D
zdS%Qefih;ZWE-<do{rhMahMVD{3V+;k`}>9V%?xwYLXHi$wE{ZcNr0*k}GJ%bD`r6
zeG{LNzNqW^AA#gZr2wb?;{J&6&MP|$wB6ls<ot;PV|ipbn7D9q+3$Z9Ma!#DdK-^@
zAE};aD)h9~K#lgHa&iLj&IsgtwF!+s+*vxYwmw`#wa4(M@qPw(Mb@6q{#irY622Y&
z^j7CxQN?>yJ=J*=x{~CT5|k;#7F&@zhx@pRgr$gUqI2fZ_Q){&O@qo9tM|cOXZq)J
zIsL<MZ++jA)XMAwR&n?o(LakzzM|@T<E~#9HTJR{+jAS#d#{q%03_5Gf}t3jgPQ~`
zXHi4n2hqLUFsv|^F*HM9iM%zyxdinnuJZv4HC0<=-(kil>LIR~0-A}f9jl?8yM}Nd
zXpgkEI_IPeo|C}EfyvUXl9_M74?lNzzAO?eq7sgYQvmcl&YvSQUxT;}m{R>vm_Ta%
z{c6i&T&L+ne748udg0f|t;#GUhqs!6RzJvv!lcX(68RfgXw;X#sC$)Jn1dJIwaR?n
zhm&~|n5)%wlkLq^12&zCWDx&p{8ZBE{B)!<_`yKakFUsOCHXd5yKq02-0V**19n@u
z+f9W|R=kyph1v5e+zhqQc5u;+47o<Xf&8}Q{s%okq|tIahrby9Ey+c<vo74;skiBV
zl^9&LM2FCxxIy{%`H+7MwDRxLLjJiuQLI+PzZ(T_lLSX_r_)JU1iwkslRO9SkU4p7
z4;UNU^E=b%EM2rOixZ7b{9XbwxghpvM&oUx63;^>p9Kxs`O<U_QoE^yo@N{XK&KXR
zk{!2sM%?bK$!58kxm4Jhnaya{<N(Xvnl<6)>aA&)s1#6zA?<Po(^*L7?v~*lKQ}AS
zoV=jVMf0eugimXhf>N<YAyXBN@?8)zpncHskc3A(xlwsSA|v=SI#(i94qi$YgRWaN
z{cONtxPva7FDf<Jj54Lt<NqRsOakS|kFX%rRBHe@c&yoQ1Lshktk++@I+Yld!#8QT
z_W3#C*Pqau(6p+uB(WsKoucYT>8-D?H*PNHjkXg}Eb+K2_i<E<%(w_`hC6rFhw}rw
zK9uJbyKuHmuhVq*hOU!rdZ72+=-Q^92Xemg8-Yq%MaOCOv0Ig2w}pL-f!02DeM=wX
z-1PI>t|WWt?-&o3V<Bd?l@aX~W13+;?JCiszjrQTpyk%Y$BzS)rO*#;;{f;jq|Bg=
zs&AiB#RRMN1Nv+f@$ujl$55`fd_ib+ZE<Vd7W*OoHi_q)>x<ePI_Kg#F9GfDXuL%l
zroS<Lx5C+z+Dx=P&(gLc@lG~X#+}|Fxei`UI2XySpEI9Xf=t|E3DT3zhywFXCZeyH
z<a!VOGi=Ry$l}|tCXlrRqPrFpvNj;f8})gAQR*^sdnh*yw3&r{QQBygZvbg~+^+3J
zvZ8i!a1vJpCy5STcwY$di6$lj(ZtNrW>I_{M1}ReL+g7-SYHO()c5Z3)mQJ|{*u<0
zMe5TwUk2jr{%ykDn~A>w+ShddHuJhRDJNfmOoexTSfBb9rC?no^|qDzXtw+SGC)&p
zin$o<E!YisklGz^;?j@3FG6QCW_9lM5Wakut_N&M9bOy<?B)PJpTMNP$a<?BaFnO=
zB!eAcBlcR5MfY3s?Bt!whcAVEV4w{j?i&XmbjkDqq{Nabb;ZUgC)7PQe|ZCXxVy`s
zEbRrQ#fri-W7Sk%REF<Tp0ZIRS-o4~%oV}EtZ<@n@M`j2(2+ZnO?;*Uh@?;lFe1_c
zr6v*U#3Y#R@w^8kqO`&8O_a~};JhoE&-s1H7)HT%{}dO6XnkNy>O1NKKXA!GX0j9_
z7&S?O*GTvR@mLRXY1!oYJ<9VtL!L7rJYS|ZiF#xi82;uscrNu?2e=FQ{K%3C8J}4t
zmA|&>PYmUP6=eEImk~+CZzl&#?BHdQJ9kc(>A@~Eus;38uy6^N!H{dr=fXO-<JpWo
zP@m6Z)y!*o+=(cC7h@#&Fb|vxFA5ZY+<-hXoo)bhj8<b@o&XyJ2m($1lLz-I5AF(i
zz(AXR_t1EGz&9mA*+Q*pox$C@*z*A0k9YjS<SdK%;HXtwA~ibo-LU(#AF)E}pylCZ
zy!%doD%X2Kb@px;;qKiqj(p>KHw+Gj<bExOr7POI1+9PQmT;%D9}%=;zjNDey;`f0
zyWyDpXGGj<vzY|Twwc8Fu(xFF2hH>mUXSlrK)aU_8v|s%SVvZ~1e%+oLoWbCrD*k6
zoag=>Zb-l)BiOP<;`V7w><YGd!L`z*TSqno0$Eb)s@;#4NEb4!`y`!xVc?S6PZ?y4
z&doodGRT(JzJd8X18rpR;c>{|VqA)X{W3pBQn|`T<bBVaOq%{b+xoc^uHMF#2EuGz
zny(^lh9QA9<!qfTkoQY6Wuy<@M4wEl$>xsWUsX9HE(Z_JA7ws1;uG732>c{8i)MC-
zCM|yMDQ-QTWvXoKje3Xr&}2g<>>DAg$%aVFB0#)#!26<tqv|3%8zVm93Yeb;>5+Ot
z<PQ52MYzeiI0YJ$xI%mEYbp!0luQ;FXd??h8;2~I&UW@V>5O>c_REsy2<~`C5{*a8
z(3avK$e2KU!UQ7lJj%K)v$wK_di^lqD$?uP0bATF;;`QY*m4SAyVa(MFikIv-3$=1
zd#LBXuI+kH*sct;Y1b!TOS?MXI7zd1!p?-2H)n%&UZ(Ypk~J0U;5A$ZWj#DJlkIT&
zz8ERon8tGep{$pO-i`-h(W1IKIi+zkI(Fl)?A^~fSM=u0&GB$K@_s|xiGzvB9|OI3
zpm4-_Kg1@f9S6L_PfI&33wL17bjQq(q^)}eyqCjIjiWJH{%VeP=nK-s@?|mD+Z=e`
zg}Q`sk(|y@UBXsy@aQZ#;aV5i92jF5b~XmK#}b=3B)ng0LUJbdhVWlw%I;_;dHkF&
zPd2u-;1UMkVZkjKJkNql8NAJcTQT^U1-EAKWeaY@;JiJ2LEAF8lLfb9@OTR@WAI!H
zZqMLt7Tkfs$1S)cgURbW=A9UvZ^4}z+|z=)Fxar*t_)sk!QB{qz=FFo_>2YjU~uZ5
zzM$7JxYUAsGI+EF_hRrY3+~O}=Pmep2D3Nk_dzhaUSMAWyzTZ)mDT%0S!JM2pMHKE
zVhCNSbJt##DVC>p(B)7&+1!<IX9v+ikGbo>!4tcBtK)e)ig`^=-wHYV7Rt&76StjE
zMw<PQ6kEo&^8RP+BI1@LNV6{URMknkKa%P8p4z4~Zr;E!-{_gt?GG*M5#oinhhxpR
zwf(*lwjTp++V3ypXg{5E{v9b-HRpVsJpYqZL98d{oU8}NM3S#`>RiK(LrfI)dpB+|
zR|J1hc}Fx3Ubq*P`228{jb_9qqZzY%6<w@$4?v2rJ-?&v`9Rp7476#_e~qI(@w}KB
z8FVqGS(z%Q-_^PjtaAD_6qv~=;Z9DwAQ`VoPMKHQFC1zP%+>jOTIa8Zb!MPVol78M
zRd1rU)Hy3Nsx!ewbte3OTW98VGE+{rK;I0<QnMQmBPR|*Qk#duO61L0>O@KpMwDAS
zpzZOHwh=jFV=4n}+Ne5?HVVDWBm_GTSZJ^Vrz`}bQwiK`z;ksBWgb^g?PDwH(#EUy
z8N5U87|!`>na}(*OpFR)vJ^cEO0ct6F!%=(HO|xiA9Y^>AXinaedqSR%yQF{?pc!Q
zNnk=Voyo>FiR`;<vdT;l5`ypmg@ztLr0oduL`4=cW7J53qNva1xjt0%J$FG|*aQ_2
z5fxO_r>MAx|NE-Wx%c*#4Eq27`~Sf7J@+hCb*fI)sk7ey1V6ss?w$p)che|ZNKd{2
znXJi^sWkrxhJWSMeB>zM4;vyA=9B4Ar}|m|z_8dv$$<YfM(xoM^%6$ur_-B{QHL(;
zZD&B&oXw4rz-#-UdsMbx4a=4<9c0@x2if|vGIozlX^@qfFJ@g$e8U_8E8H+gzz9{8
z#yJAUKi@e5EXz3es?8x68}Kkf@o?rcn2TV%!NW1}oaQ1pW@}o9Bp+<si(^HA^)Jl_
zL$PKDw~n>3ulPI>k?O0qK{FuCtw_jy#MEoqQ4P%<!tAfPeY+5iHB3Li*N8g&X6=2b
zv$e%W>!<m7F<kO9ZLSL{$(inTz>ArQL!F5E=-7eiu+2ta_~5c~3{6WFN>_4a|8!(`
z%CH@XcrPcI&tQZDSE4YTP3C28f;)64J`&6o->+@%YvDG>mkw<%|9sk<8OxBYhBmiE
zWlri$e9Sr8$|!smfs$eA(y%WX7Sh+y2#9=Y9o3-iKVSKDzCT9?hU<aIT4vpsb*99a
zSsEGfZ;+TlohFoV=2?gd>-hu9^E<;l=Sv5kFPH<*H(=iHV)P_va{LY+_S6^2GG{z|
zZH-VLtqaMqy3mQK7p2aQi_Ey5SsP?#WXZA(@y2f=u!eY(pTJFg+xvHjM?53~mh~n=
zlKXd9G_>%9_F?Vhca(p3h55%9;U85*eOh~C$&xwn@8eb<F;o8%3^wbp26ild^I_)h
zO8`^967S=e1(`Kp1mBzVQ<ct7Vchqi(1~wQbMrBb1gwPPEX3dL_}dGA2jP#4m>l4r
zjlYZW2gW(<v)+Qgcj52D`1=h0zJ$MT;O{&5`vLx*#2;K<2Mfv$zNP7;@t4Ej0{l(#
zt8kIh2Vny;lglN14;{qGT|)7NP<%$h@0ws9?vjs`-bAKN{!YTP5`Id;3iA;OE6jUB
z@w~kxQtFlbpOWxrB>X`Me^|n|gz|5au)=wrgl`u|c4I_VR5RsEBc*LDRepJ-^o%5(
z6)7#1n6;78MG`n6Qra#_M@C8!i8&xrdRAigj+8zpfr&`zjgqu$r1V+|3|E(QVJ$j1
z*-%}+(lHYmp?ijxsE@;T(9ph(kHhw0;zQrcMh_zGr^aOI156&>_xF&t->-+;FJCg{
z74D^b`RzA3Ghryb;(&%#^M=#W;2L!|gXe0}Djx_Jbcl~QT#rF(@SN(i7$mus2hq6G
z^PK7_Td@o9TyFluOnutUSLhx99rKty02~A=IMKfo0Pnj>|2KU4x%$tyPN%&0H1*iw
zX)Zm-a~j~I>HGbo*#wd<kC{ES_|mVrDhoXzMy}Xtx8PU||9;EipFPI&K)cTyWAgcC
zs;@c2)90)_NVYsU;X%TUbjLND@RcfS+5lt4B{A%nL%Qn}P~O}}#qtroPlq+IGIE`6
zKTo7I8L(U6b5DfG)vd9-6rx;@hsL(`eWee2C$jqe)EZ2D)!!vCrk|3STM;vuo}~S-
z{&C|G<-<})q1j>`XtH=-oa;I-#vjcU=lHJ1-{kf9aTA47ADQ=Vz@2=Di4ni#J&d7E
zV;;G;@HWJhukc^r%h#9rukYjQOZ?aO^YvK&_22lqKVMgYSM?9@bva+lwA&x#>p$j>
zKf7JdE$Ld`_q2_F({JNgN8w9{KKccwh3`mH4@V!(&N&(@?T_r}oWtjoMPyNxQ>;$m
zz+cqyl<8xc!^mIb&G+mn+II1T(GYLW+fqOc@ush)m>S|QP}@ggwTq|J+Qn0R?cyoN
zcJUNwL%f-Dp=3>b)R{u_`M$`cMiJ{+A?9G=@(@>I!lQQ_h<D;RKEa%3u%I&*IMsrK
zahS^D+*(w8;fL(qHBskdz#-#=U}qwEF8&FbEdB|(YG-=jo|2iRV<=9J8^}WQhG7F4
zXWsCAQnJgu4Y@Tk$-E7_HL}LMEpTgOh<RJ+*2o6)HlkHBZ^1+o=x*?JIg*yKi0h9<
z@U`afIkE9;W^O=Jl*^}Q_J)DDax2gjuH1&-fh%vp?|7)WzQ}K`Pr%A@vtIo}$bt!h
z5AzYL|2qqS2G{8UEf0&FBK40jQ6#87Q8?|RO=$x`xur?<Wy@Xtm6L$kw1Gz0ADdhG
zQ#zIZ_}t2$+Nt~}=2m{XQ~6KMt^8@7%Kt}G`7m#9Z%X67J|mOTdH}4fvrtto;q)`x
zq=#XDssXmzA-!vLhFzzTRb0*sKEig;kI$pYyv{+P&)nnOba^4}r?cOwN^P-|JSqJc
ze0R$AHT1hlY3XSktB#lX{dbO|x1&yv5`LhoY?7j@Y?Pv_Y?k3sJ{x4|EYwg(`D}ys
z73#_+WnZDMY$5g)3QK|8S7<EdXJ4VR6o-9<&Qb#Q6-rB{nb&^RivGGNK!07@aerN!
zV}D&*RexO?M}J*p++P=Q_SXqSryolDq6+`;97M#Sr~L!)E*Qp`bppbze;Rmv-(id~
zpFzw(x_pFn6J&`i>?^1zhM5TT!rx*qd<RO%OoZ*0Kg)=AlVB4cP`kl>wvSPs?xo)j
z_qlv&-Dmq!VSwETO}oSW%kWh~b<&DNg?gAMlGI}iBc@1t%+?qoY@AyhV*RCa02bY{
z+3;ZA)W4=5_CuksMh2O7uI>MEjVGHL;t$gPlbB6>)HxM!%>Emq4(7bjjWMF#+#2IM
z&#g6dW3a(dnQLuYS0~M)8zeH+eUY}(g{(HaFCsE;;m+mx_ATK#{?7qqc<$pzD&u>?
zGUiJMzp5gF-tnH;u=_6S8Uaq7<9|Zs!)RqM8&$Bb!FV&re>TuPuXPQU71{ENSUPv5
zOSKJ!dGO699{gB&a9@}Qd=VZ5YjT*s;L8jl?rfby#tIy(;A{}*-icDKIuPOzZ+%HK
zmSDQyR*yqE|K(>c0jev%inM|TzlPv|2Jb|0P=j|NIHbX^BRH(VyAfQV!EYc4p;Ir}
zx9Hrn8BcO<-Vnv~6OjHB<;VR#KRBM`Tc`2ls|-hWGM?l(>79W8Q^0Srbuv!+76`?1
z$G7!y4<6yYIwgM<Mwdb*o4s*ICTLm0DIe@F-C+4*FT4F0d%aH8u{?JE%3iNf5p2{;
z20&qR!i|{is7}(t-~W)-C9!b3NJ+!ZMSc;J2!lu3bdP1IT@Y&9c42&O0`}VlZJx1V
z1ZLu6&dU(rwC9#^ZBJVxkTz>MjJDl8?%~%=7{NCz_%PaL3h%O|EZI&QZM^BXM3(oW
zq~C8z%zcOn%QLk1N|v_oM>;ppu^n=4?MZEi5BTj6V?MrguucCuSG^=3%@~eEHt^TP
zlhlTIBM*}3^Zh`;X|n5tCw83xtX=orsv3*$c-{E{<Otj6r<4cZ3G;w29e8l<+;|X`
zZ%Y15VAqIJ?JySJhG~a!?L`8&>LXt5u-wR2x*o9G8RPr$!KyMZV_{#nA9(V6IcumO
zX)y`1K#<0&voW*-^r!^{7)|z(v<TnBcKka{y!yHF>cKFt_|kz_H_nw;oMZWg@`@<6
zV%%UB^jVBIwfiY1INR0kyMFDO>c+Ayb$hU>Zcl679tziuFCFT(>G{-6<y9lfMxiZ`
zcEI?ZNUmeuSXSzGdyByr=k_6_`$j^X+wUSKWCMPw_5N<S-hAm$@3+pO-r@Ci!5^(F
zQY#nZS29g#xADfWWM&iJ_Wnwi6C1#c;T03w%qrSaTbp?qD6fAHC46?=#wEk=ON^N(
z>}5yvu*8`4EQxspF=|(b<Qu58t3zhJ3mf_Bk0L#6SAV5E{a%=-eCfc`t#jb1udlyW
zJz+%}cxToaS)GP>GY7^>wToxf8sZOAe~MKy@iFH_@Ko$@@SPsw7a0(tj6I1#*0Bh(
z)iM)ct7U$&rPY3cLiqtQV_}MCj0!7z?D3+jz-!Er)E`4CY@zmH|E;|Kewf#M>A>sT
z=D=(Dkm>u85pGJjEelmqMeoaFh023z?f6JqeLn7E`51IqEZ52`mTF}da7LVq0Hf_#
zR`zTB5CyU4?O;1{4Q~Jm4_amF_;F-z7_|O~5p4&pAMyG98|C-IVSe+a1HV5s2Y#bo
zI&S%`@{*NMJ4v57=mQvU>?ED)o%I2_uj3ho$+`w(Pn`W=gd(|Ekk~0y#+$Jx?Zce*
zTX0{;?-UPN*no!-ibpp=T0D$5cytq_KM`cNLCS3H1NNW>d2~Q)`yo%PAIjYWB){}=
zwq4oRK`i<j-pJ7~zU9q$JKe_-lV#lBYaO2eP}_nd#&@;To{(kCIURKVA;??#BaSS)
zwI8FH1nqw6O!YNf$TF9>wuLH%EH3LOqpdk|uLN-|1TI6@Pj*aK!g)9HK1;endoDt|
zDoBA$1K2tRB;)g-80zc_-LQLIz-v}W@;A&hyEW1w6-6ny`{7cUb6{#~DKpW<6=S(n
z<q0>Su};Fm??fDaCrEP-K*NULpCUf&>;6$>a_OUC-Q`OM-Tm|&bT>SVlevfhr|R^d
zv>h;7)quu1&}qgSoqq2ebXw=1%$S~Kjcs+EcVc~z|Ej-ao05I!Pa=IIf2t4s5R1Qm
zz*N2_JjDe5G$;JbPpJH&p~TPqgjY5u{K8MTx-sEtKcVlqNErDqnLtF%$baQ0{HT%K
zUo(LeG?(~qKcT6_Z<xSh)uBe@zx5M#ZA^H^Pgv2I@H-|DUNflQ`w2~;{@^DxfqE7R
z=tsJo1mu*8aNb752b-buCNh^(a7%B9VDIDBgqb(F0~chXq+1$y`AsJmYxuZs6EP9j
zy!?qTQGFSIsI&z6u4EAnF;zn><W%=X1vmZ$!HvINfRr!NSn9mNAn3YQ##W`TA{JIL
z883YWA$T2u&2eRqK|k+|+DO=LB?^)*xsC%dmZ+@7-ZZ}i>&ERcH_)#NRYVK%Yw!UN
zcy|JZh{#7u4cr-QchM~1Q<q%iaH*fCayBm}`aJk0Sq`oqhstRqXAQ?M!~suyZ{|wC
z7`rz*gzD~t0$0Wck+#?=eaqH8A~yR^G0G%g??G}tjcs^ttsBAkO|X49pIz(43+{qq
z)O}msS|0=Yj#mxv8(vZ#euR9_D?aK#Gq*>(QxhLmTNIJ)JE$tA`gYk9-d>hqCEN9%
z0HJl_H1D_bUC?T}yc4fGdg9@zn7n&U@AHE4tayDs-xrLc;W(xHP~&>OIik=UF(47b
zxB4K%`T8&)^Xm)vDAae=$mRN2!AEH|TP8MR)%*F{U(fLoDLqOiyQS~w<3WA=ln={~
z3Gm|2VkfVM|0Od79!7={!SA~{t}yW_f0WBHd<1vGI?i9TET&yTWyzWymUW$1pzL4O
zKC^acy)kEgrhGO;&1z=d8mrlz!tLHvS+pejhalXM<3?P<9Kzo&_$!a&zmi+}8S7Op
zx}~2>AYblxOTUm{#w|T90T&-?Qf(srq~UKuL+LRjr(Jnu;>ClPr4z-q;w#`2RJ!qH
zBU|^cx$#A_1-Z}NBbz9$T$M-^S8wM{UYLSJQ!YJ1j1U*ASDxo4iYul|zm&Lqy@WVj
zi}@93_<Ji2iX*F!Zhhn+XVRIA#fybKMia&A9>dAvVSD6L#mPN9FIqf)kBk=^eG?$c
zr?YbWaCkQ;`7W`_m&@YCl`MD=3r@4(5-E5R3l^tMg$r_Xa-UQBez*olxo+u4h^UW&
zc6>$i2MFUpJ?~XsnqfUth?lGH@)~qYKauh^>R4r0Xd81;s@nFV4)-5%yv&<#B-0pG
zayP=S36>he)@4gNrH2WSxyir627MNbFI_JTHSw;LIy1y$^w}1VR$+;t&|iXTMbRKV
z(#yNb*xrR+G}0jyQ|}e`3CLTi4BJl?WD*wGVoUHNdS>q+Te6!IgU{G?1{d|23#y&b
zM;Z^@c^!4O0mpW>hw@q{&kJ~%uktk7-F;as+AVQP-xel3<|Id-!}dYBSQ)I**klGw
zAgqxMiBWDYT(`c?SHu$0$dup%RK7*b*`l{<5feFGEUr7N5W(+;!t}bdDH)lTlDupi
zw_t-IS|{AMU2rll#4G!n9w2;9+VY4rkNf<-Bf@=EPK|fQ;frn~8(ht>es1A#|JMyT
zU@Y29L~s}s(m!$TSJO&A1d}9*e)`Gu&$5EMCzdJi55|_qoStZMQ^IWQ?r~!A<TljK
zi{UG>*v74)Y_cZ-CP9xT?sXCxmr3-*x4YaCp70VApTzWM58TN7wjjM&KpCjT#8XJz
zl`El%O@*l&uOydn^SGBfN+F#b6cIGIe|+LT-2Ghyym0O)wv^9Kg>nl5+)F<3kYJCr
zV#lrIz~0T;jyfp-n3|0yW~ZmRBMDg4ZK=YB?htZQAKY9%aeogOfHh!{5Fy&aRAB>4
zhN@?)-{bX6d=EZV()l^8a~Jt*I=cJG{9>Q<sJRqq9Oq|ut-;_m>u_{ZiNeiJ8J<ik
zk-ymiHK-6!CyIUG9_jxE3gW&NaRZpe&oQdKI&WH^_#raAh%j!-fu5x=plBPg@!oYT
z2q~0e-`eC9&_cd~Et?c<eO}+hH=0TCJa6K?Zs{IsoB9_6Q@OZ1DD{9TF7|3D1`1XY
zZQ6$#t}SkKpLo)((Jx3O@7o&G!i%AvxWIkl%gzGvC35}w9QrKB>-X|reyii<a|N$Z
zn7S{AS1*d(1Kz;I<3M);2oivskc8Zua`VfBS`Kf8=}lWr*=dvoocwk-H|PycJnHr5
zz4`E-=(QveYNBSy8=82JgY6<!#~s$%4FlcrPI;-V65IU(Zvig9@P?I#xnZXa+3VXh
z-fUKO4hy}76JLp^wj{jahPua5n-Onh;x;FxP`Xo6!=hK5xH{iGc^wqiDURk6`CJkd
zticYmEs0HD5)~QsM$vraJ(o1`RMJJ>B0nA;gWp;_;#%x2p7<<G8NIL67Pm&Hi%<Gm
zsVxBJCA_2;FFm2srrVYB65E=n+r`^u%{k^A(J<`F)94IvNt)+KixeTIN8fo(7sQhU
zgtcfTZgHUWIDpm@h;U0k4q6lT-o)nT;(63j+c{lD)nwQXYJwPWH8n6A6OSTaFI=;P
zaI!TI&Bx>L661j5cnL~M8^0H)H3GhPaa9fqmyp-#9F~FD5WM)N9B!9poxRL#F6(+(
zm3{Z*Cn*LmYl_3XmNz*09Bgl>SHf#Ux8!-IU&`@g27b@vdAUBnZ}R$f+BwmNQaf%0
zGU>sj%PMH^v@X|U`X#N3_G(^tVT0GRKG*Gd-70D?v&GBKqS4^H2y6C$<W%B}Mh-Rt
z%`rXO?Mx2Pzf3_byX4yl@R)iKgRd5(<SOq1)o^u+j_CZ{KmiVRiY$iCz{m0i3f|z_
zsoVf=6K3|@ur~~^$Qu|i(ca*|S`<;SunG5JbJb48g3V4MmIbr9g|4?y#WG^Vvd|QV
zM<HTa+$fgCO=4MW#e!BG63gP;qChN*<|LL~y<IzrrPxj^BM?h*eQw0@usw?!=q=dd
zEu>h+ys@xY5RDun7Rf=egaxp~Te9XFY#jCmOx3ZGj03cIe$%ELrnjg;UO~Ig-8}qv
zls7PSa(RLtBeg<HiGsK_87N7#SJ-MGPD6m+0L^8|D^1*`rD&Ka>D|5E$+z!Og`LS?
z(5GkzmxyeUvR4j@pdC$b%8e_TO1L+^DNL=>cXF6EKi^iA&cY7Ilkp@iJb&ZK0SOHt
zG$^4#goY4u@S9Bzq9RMZr4x6T=lSK(NzoX{88tUI;Z02ZB%b%i(cOr}SmmvnThm--
zn&z_E+;Z1ju1#~r<W_LS@s=C;EJxEk8Wv;E#-_PvQ`6itw@1(h_n1=~+{@c*;=S!n
z!^(DTa0S}n%JsPwj<>?J!DU;#<!pm{dwZ`rDliR*Mh<C%l7nrqjPI80Gx_*md4jZy
zhgY57IP=^t@p~QTb?&^kyC%FiHgC_E@rPs1IcOsh=^uD#NJiAS2RgqE!=MSYk}_8O
z+!{l+O)w0nYa1ID!!o0x8ThM?4}DL}Xnfg1!9{kOTbmLZpBFvKM5*JrGiY>2Cq9G0
z2$7Tz0b5l$___&Q11A&WiCM+6EpD7sMMM%$?m(~VkM>~nq2G)BsR|9Z?E~g)eHng%
zcU&L4^C6Y2FJ-XCA*BpP2RSv=FyZl}s9`yU;q6lr#F&KZ6dpL;uXnBrIMHw+Ast`+
zIAsSC2)z!MiQ^)zDhb)7SS^K&G8EQ`8f?d0)c%gUkyBW1jT0}kN|e5cv}8I)(ndLH
zA;U8enXfZJkP{ZNPTQhdRmK*UMe>+GIMdR>3J6fCi6L7ifd+LFNJh;XUny~b?O-p4
zTY5;mj8b^I$Di+cJ2>!d89&up__Oq7{|Iw%`4{NKx!0+B3!Mx8K{}&6M}^9BoF~$9
zYZR9qr!R2a0fk)9wo}sPFv-~z)`1O5D3X>XuR~(Rv&q$;HhIE=UxoaB(`+MnOz9lh
zS@43XMeuTBxK;E#AZ$f1Xr*x((cgFGeRYY<*H@CHA+4p(XgOsJWK6wHg?T?@#JM1l
zsg$Y_#CFc9t?~sb&8DTjpw28I6=1+A@8+Xuma9=ygBj{3bAa!{^L}kl+K|I?g4zx@
z%1L##eDO|%wDbUGn2UrKDtyB)o#qop8N|jq`0f9HGp`JmPQ3C>6L{sy(bM1ad|*DZ
zVklBft(cFMJdPArV7imfVoD|uVP;@DFh|6=2<#4KAR|tBRK^yOwP`o5lh4ARxXu*Q
zMq8P1t_3GQJ$#%1V}?=Oy8krhkJ9n^0?928L=w@d`284C^LS1s!I3De`NTt*;xN-Y
zptsAxrwN>25>EbnGnb<4Co%_yrG9?!$F8YJ9478}6xR-3Yh2@cz@ey@Sr0e_L4Q5q
zFub@mrpkK2;SA`ztOqbbOeX`K*8>vH4<ne<lRg?NDcVQplA}@ZU-+6!g~DlmnQSp;
z8+fiM;zehd#`z1AJ+fgNHp!U*F<8mbI_EGRn7jh;F}<D7cuDm9UWz~Id~y3Wd<w0+
z-tp32bpAFwSoM+#FUqNwZj45|XLCKA4nT;1g|lY2@t4D!l-DzhAB~*_E)4W09+aFt
zm_Tf#MCPhE#qs9EDC?-+ET%W;n*K?>*)9%i;1<qi@dGMm4N21(cyIIaxm-TiU%-Ga
z>CKzX^_S0gym^HU9G@lNLGep+Xr62FwmdIn<uKo*1m<Qz9_G+Fc*5~fFK2j^V<q}S
zc{tZWDE-8NzZ`0t%gux5HBi1u;`+g2PzYwUP&k;+4drvg7?dIB;B0P~6b^zyjLt|Q
zXDo!mAxq(qPvMZI5OWozaL7<NL<)zMLdnAk3rivK41vNSs9hmf6bc8u;cb|lmx(2e
z#gkq-6(7rGwt4tJ757rf+4DyoIGPu(^HM24Jas{VN$T`6K|?FDLAaa_a!jp9^NBaK
znD{oxXf&T&l)&6b(i@%4Ez)KqZ_;c=(QHOppG8_9ytCFaEy89q>McUEN#I`A9OpQm
z`TKLv#iiYATfu-YXe*eoVADMjNMmSdam>-75yxjSOByq*!%`k&%q18Y<V`&4LS?4C
z*nL~QSPWP&lH+#{F&ojYv0~&l@lG9&U>ruCA3&5#ScB;7$XU5q!HW%?h6xl#c(Hcc
zhtb-^J-{$Nx$$rC+i|~DF;)7TdW!TDc_M!|U^nZ42g6LL>#6I2v^C~k*7?NT1k*fq
z+MDn?;1NylN6I^w{nR|ai0||3r|^-lzgQoq@=@%O9Ao!Bi#J&!t-plv!IIt!`PyGU
zN*_n-<5)Z*#e*w{aN#dfT&n?0iYH{DrMRkoJaR~n0zV+`6jOaJJk0Ir>&bb%VE6id
zgjFg?iIS_22p_cT5%wX@`@kbdDju1V$LVRe#%iE5QIGf>xM+-sOYZ{z*sZaCSh}0i
zipuNgb^wFqVH}szN8K(yY6C}%_o^ucEsKk@01GK_B{bX&UTBRvC&7Z<iRB0o^8%E>
zEi?F~543uWw#}`HM1|18&FB^J^`@E#U83$Y?sI~DMg|jOtbwd~eow=4mUUWgF+xx0
z@V3UQ@HhE8!d8^h-6(F6n9xy}Qs&&Zb#e<D!`!mYE!QMAFa2)?I7hVb_I!4dO+(X#
zo99;a|GivF|9xA_rtL*TI$+wUv@cga7%o1JTcg@Sr`+-)x8z8HLS0n3b{bO5GGOTd
zxLl^}k>D6@4cN9u%fh6s)`o@2CTJvwvC{4xYa~jBl$b%lf^G$;&;fJ}01=gW{St?l
z2QWQfKbeo>xuvueD`F~xIzDCI^Yv-G$(Z42(DZ(#iE3chXXn@1fZ=bER`Iv6@WQ*2
zrqXfI{_XIpCVuRiS#H8!TkM~%Q`u-UqRtlqSI3vCUlm!?okBXKPwZT_<x`ez88Gp<
z!wfHH3WaWIzS6(aR^%WXn6`l>HgJ*+*d&Ei$_R+s{(uT;;qxkmLMbJ2ZjEe`K@S5?
znd{eiO@ttNm`QzU-RFxcp~)8u7E#p(4zqzt8#vwsWEI|owZ4X)Qc|JQzP=b><MciA
znOM4fAQzDqJ6M&3CB=ZV$B85p@WWs+VUxIKB_XUy(qHG4%>(GNH)P;*NJ1Jn5e0KC
zA0NMhBM3GVG>e1uaiBifR#-oN8)hAz3DQtL4kBlU;=oxr6DAETe!q4r&SO!0+V=`b
ziWx>W)CG`RBiNB?h3?h}R*WD6fWTBVZ_HKQruTq2SRtM_>O^1YI9*&nx&Hqw?h)}`
zfc{oPc(gdGR82>?j<8{UxE_%ysR#L@Yuf>>%N%zkqRj)kqh~&m4Q*m10&c0tX4)2F
z`kG@#nj^v`#sM978cE9p^4yBJb3_W#rcA=?sd+Baa5RHu$gHe#q8Gzfo#d88v6m}(
zaKqVmd0Dg$c-s>{L5q>NY;pmj;9pOC)2$t+LP6Kf<;1|P)0EM>P%C7{YT?p^Gmz_Z
z$|sqWDRiSq;d)2H8Dt797@>`R6#X+&xa5&=hL}<`DeF-Yq|p6NIKxbdIScT>$E~rT
zA*FL8@FORmAUC}cZ{caVB9`E%xh^(}RcNe{NEP5*LUeSZ;8#x3mmT$r%i&~t*}}9A
zFtGkNaStM5D+}I2uWy;>Ei5d{dVSu)>4DQ_1t(8`7njC`KuyDCRun)9H7u`o5?&17
z<-@8W$4wl$aJ{74i38m9mIT&ivD#@~$oD43b8X~v-a?^z8q1%!%N43R;*Cyo{bM1Q
z7P#oqhjD<FF1Ll{yam@^iH4V(x8QorPjzv?m7ctpo(n|Xi{VxhI}ChzdR!xi4?Xc@
z&=5QiEkU*+gc|}~=}<$Ef?V792AUI>9>MzwV)0@s4t4ms)PeP{VWePR(5fj4#KZ8K
z;?^AF-Z%zJ8pBjWCRS^)_F$WxV8a^7#FJj%0yH?RMXde^kU9CW+^VtM%CX#vvE1^p
z+%l{~#JaJF<<^b?hSZyLdw3J^{1$JIP3KOXi^OH|f_+)$Esqb_m*w7y_@I4R;jN4h
z*_V~xs`#*dS%r06VG356&0dE+y*(%1<Uvm+wt7&FW%wQNmg9HOTY=vpZzX<*y;TtR
zY2ZP3`S5_ay}<NcFqBQ+D5Amwg17gP&_i!8l6z89{rB<qnYh1|fJtw1;zQ2pb6?-`
zf?R4o_-0_f*-JsTtG(4+KFlTGoJ(QBhQ{BhvhZ|`w+1k=W}TYC^f-pgH(tp`^8ye5
z9i=(3io`LAhj|AKx-uGx@foTzjxWxmu~=reDcef!zTUnQcWG<JplZL#Z(xWBl80%3
z2+YeC`%8b3;Z-B4`+NIOJdE+6ApiqoOvL66@D5nB7$Ev{UVm<0KV}m8)LQ2b^bQP+
zl9w5EP_yM2Q_G%9nH|d=<Q)`bv709j#<m5lsUDn4VR<|dHx=b@@9>GABKZu6kUU9k
z${m849PeN+x+!-UuCKu`R;^6bJ1lpoiRZ&R6zgJ#c!$YQCwGK*#KZ&M!Flg6Y@y%)
z4};GJWEmhk(mQhEtqrQ(pU+Odg{>a@8M^bi9#De)49P92O<oVo!3(_?a^C{qb3G=$
z8-R}Tj`HKXu?(stq6O2wAMG7I@ma5@*be~5c*g|nzzh+RkM)iXqFk>(xrJit_Ij|i
zAE*D()Siy>j$3m&O_JTT^CA#=gyX#^mA{#DUYHaXZ!m=oG+uP-rrhz~@v!Jf=VqD^
z`=YX+<^=DAiEjlIOWcXxi4*@0s7qPurrb&1N!*%fU9v_Otf}b9-pLbRN6~d!^c3%u
zrCd~umM5FZda?K79YAfN^HlHDiO+>tD}+vYQxlsVchKuIJ$kX%%V-cZ93Y6X<<F-)
z4AnG?O%TDfH$CzFz^e?z$40W&TRU+(n#CK~EFc=};5p45_D=KBtdp-24-9C8cbaLR
zFh!?HO970RcrTfFl;18M7;MNjoeOfgxzoMVG5O*<w*eV!MQ3<tpsJ1fy3Sj-<~%fo
ze6E+B!#hb~W9P8mThGqn21#h!Ih^U8+1NSI>R`}<9z<+X?<U{)Z1VbBBWJZjK{K#c
zdxN)O;?t&2?KM2<g*`fJatb7S5R_`_OTCu{?SFhDe0S^=*cTdG%E|zsG@y@e>x;*n
zEc&_>eXeL^nzP~q;1BoDqNbR#7pWsvRwH?94q6^(X)ql{bBz`Ci6>0rbS^siF_Z{$
zWFyI`^yIaSi^D_b9zcS<3K4FN(>a(ti{aJ@Y_gJ9Og}I-k;F<celiJ^hnFMsxZFI4
z!6Qa9L8jOgCe@}&c~piIa1)<4NnQ*)8nH={gE!*Egf#J{{t>*`YqvwZ+zi+WFLxmU
z?@hv!=UHFOTkjArcj>jk>()*H2i@9<_+6QFYbW7JUyfUnz`ilGncU=s*h*qW3aNP*
ztl<AH*(|ib-cP6Jh-93MLGfxMpvWxdz*v!pKBBYROd!4uXSE7beO)rT>~mvyo9>G^
zF*tr0IDcOEe6Il~(rjxHhy|m6OyH%XeO+<R&|!8It37FqSz~=}97UN2qrsRHVKS^9
zNS1Lz!imB0&JfP%&#=mH{ms~@NUtti#-_iFmz_CvZyqAV{w+ukjTZ8kjA*bF*CX)%
zkS(z#Qhx@AQ6w0x|IP+u_1`ndwFnkYOkT&83@>3okWmz@zlLCPVq2L&su3m>g9vH_
zie@iiLd{`D+e=Ot`&VI>yqMN*oub~`aWNg8^3tVV(a;WJ<l+TdR1y?T{sD>$WzZ=%
z3dKv#dg-ac)TV~WRJ%x^n!;4LW-obEAQT_Vg1oWr%p?xD0KvcF2ixwTKv?f!>)99v
z95<!C=rqUVru{5k1B)?V8wIr6hBP8+n@iH0zb&c!&BpbaE@KB0TZ=5102ziSB7iiS
zY+>>en7I%^9KkgclxQW0qd5{Zr1%rFen=xymY|e3v@Iq0rn^<}(-}jMj_*j2O#nd)
zgdpJ!S5J_-pI_&BCS-9M6@j}7tE5#5K^mFd1dU52(KfLM6zxD7i<b<Vrk4uZrkBRt
za#QpC6{G|^j15rJtFW1Sx*X+OE`|n$K_S*2N_}inSXP-%C6EO_<tX2<sTZp=UL0m0
zJ3uv4GCq}@#<&Ix49JHR^aX6a4Ftu)1T~SPxv`fzRDn1a{(bdoQw1#(50z-BauWvG
zuqE4J*PO!@4pg6W2XBLOmld19UD7(JjE)B3n1*@S34`o(8M6;YcR2GGpBk9bcl6ba
zC`_FWP1*{@K+nUD1TLqnb57ie!rY$CWr;Y(oqi52SnQwD9*fJM-&2@a?GDe3Z-N_5
z9HZ~-m1zPriltLHA0S|*pTN>q6Ig{Q<_ptWH0!R5(PX+#OYf!YV)lWDaPw+JoXOX5
z%07>s=xGk6<8jVu+WN>;j6&ri>f;7Imsc8UH427d{et?<wbVyVjW%Hnou+RiHN$9s
zQx4q?OM8it4PMf0`-j2uyrUH7$zBrcUOoXzt3u{x@lRr5eRseU3Uq9yrA?G>>GF$*
z=;C(SuPGq~rRx|=*8u4<6k$Zjt-pkCc5;QNo5r}2tT*YiZ6pw72RU(DlPqzjLs(GQ
zG=+JpxdGRzZ&R^E<6&GOv0!L6@i?uYGw2o8LKO=*bRw--nZ{l5KS9*sX`JIqPhJgS
zqmP8y&BLi0LlBGV36J~g_=_2`g7v0o7-6&yGwe3m3R5E+u-Q$7s0HypZ6fmF)I1Yl
ztGRLhtt=hZgHRPPH6~6qsKiVZ+YqM2)*Q(ZS3W)YfK0%E;A}oKc?YRa;`q)Kb|{ks
ztOz^KsIyLfwJ>b$Y8g8CIi7p&htI9cVe_n%z}hx8`yvJw4A#^e0g2pmydQek5f3}k
z=cy%R5^UR44%fG~_m{Y-9v$uBq|g8lH%Xys{mGmJ6Z6opXC0GmYgW-M$5z#w<I0UF
zXVX@H6VMDe)YQ<L+f@-@0nU%}cAd_R<#S7Tz+j1@$YB+D%v-`kN~7DKgWYg*oa5p-
zkYfQ;9DrRDQ?t2JLUZMIR~zM(yxq5XC9z+ey~-muZI@TlW(bb~8A4U@#$f3<d-Z;A
z3~Sel5)vay%wz?g59bX>(Q8|!8rhJv0^nYbR?cwO?LDTpeqA%zvtV_KwMfiDhcTa-
zxQXp$nYV1|LAHJ|kDD<y(^705(okW#Y>f6c4>`heGKMEqxmI4Ivdg{YYc7YxP#;{!
zrb^7pgh5%6x2x9*Z^gu&fn^IRz)ElBnnBF>aKBpAxfkN^W*?Q$<g?KJhQ%hX8~ck*
z^vWlG1RZ%Jn~dyGhLg2)7f1GBCTH)<B$+>(9M#R1GGvQlG7_12b`++FJr3;hja<g(
zXvj;vFcIvw!|ZmO3_|(3`;e%s#wN=q%yz_;zOdDXpRr~=*yh)*hjoKb$`yFcxK{cn
z^jO+I)ww8z{kzhCm9RY;o_l)@#OMG$bg5smpr^|UgrtHiC>+xdDjY5#a-<8kE;8+f
zJ2AMRgjJomq?HHl0qJlx$m(yQ2uovepWbZH#%0a$Yw)*wrEbEs2zooiVE74}vWcXc
zCl<^)cyn{{$xSE|A>U<GWCF%t?*sr04FH_@4*=i@+o!<$2LN!G?E~O6{PV2>#^C{g
z8~*_S9IX2k9M=JWdT3m&V+-xXPWn|os0cu*;fu_ohoJ?G&gM9kslwwax^5hU;e<ha
z@<I5J&$sFv75eCA0bobyIOq$|$%gso*;wGb1n9<gf{x?=0No#9Q=V__I0p1<2b;3P
z+QCr@p?iH>beKb+7{P8hI`}xbd7tj<QqmB>20}j*_tDL_@6&y*&PXAEG3pS$Y@~KX
zc__BRiJNH+I7e&l=d``K*;)7RUJat2g}>y4m-Mm2v@it^UbmUDZMks#r(`st`;g48
zQ}#UWXct^#O{4pvjd3aNZD!+In$!MisqqSNK@s*#!mP0!4#d~Wa#x+pKDvM4n~3kD
zjS&w|&(yi4Kg(_*S^nf)1Ue`VJ-8m&aAMBGD4o3}kIVfK^~4M&vbG$W({)sIcu@0+
zC*X9g1&aYsHg$<A**+ELiqJ*HlbgCRr=llkrn0!$o-y&H7sc{GCZ&qQan7S)c4{lW
z{?x@0E^Yz9mN*zQkQ{R+v6B{jma#pQZ1unCtE6L~sYf2Mt?hJ~R!L!+r?;?dRe8NG
z(|Gax*5JUHRz0u%GE~UxJ4*4KjIWx=8X6`^Tk@NeQH}XY66ZRpMjYMaZF=A|(2MP!
zlP?z!6)zSjs&Z}%Ttv2^gwBT4o!hCjg_AGPpEWmOsIQEGf~<Z|6C<Rn7e-Ja$cXv>
zR~Vsupnf&+p)h#?`CxhAC0bcv-K_@Rx?a4_6;t$`x^H?3^$Z=e-6M^4y{7%uQD-sY
z?0h5d`io<^#caZWPG%D6ICg(vD)A>W2N>Fq9fF$x4B4yHE-tihyA^-yo^RaA`2=?|
z!3mKo9LAT>!#Km}YnOaaMe60&7<rD?j<!YbOA4h)5{gGmaoI1lH)s|6qvf%kB621U
zNy$FNv>JgpPUOR`5&X!8ji=)gpFLAy;EoxnuGpTjd+$Sv-Z8^G!XMXJ2KeXU-T`;%
z?xSDby5K7Ai0{W`rTBbPI)3KpCfKgEX*efnrImSzTke*B6d%9CuXUvUIvj?_Udh+<
z5v#v}4}8h%T6xCmZ^V-~^%*8b>en%$zkYplJR=a#WRQlsyR!esQ-6xldYweF`hl2p
z5pF5ic$wIFmaDvXIld%t4es`-JjJQw<kDpIcF8s1)|xV`$Eh-NVFG0^23&QvJGVw0
z6X^5(0_F6^ap0JF4FHGb2AT1`x0W*R0~KZ1aRRDr#fvFKJS_8Lxxc6p&-=q=w%Ic0
z2MjCyIfiOI1f{6o0JywF%;%*<1Z~OC#8|;hyu5GOv@yn)p6v3;5+1XC%_EN^uAJYB
z7P95tBA5Q0H-W{`8Nn}(Vj&x=P%Ivo-_j!hlEqaq;~bLRi1^ABH{Q9mH~C?eq2eFn
z!(@CZGKP6c`u0*@3ZPg+y0(Fw&?k3HVPSzd;(A5X48|;(gi;yn$K3x?n|!*`Ly!r{
zi(#O?NDB6f`RfF(d=IsMr#R56qW#_FUJD3k1=8JRC#8FVk3&6<rF<hhpp#e5;lBSc
zC5CCZJnPheWL%gfZ=$2h!!VC{v6S!-SMBgZtvYLFg5-{AAq`Dsc-ZQd!ke!=XLRKw
zIQ}Z|umd1cUw|mL#srY@Q6!nYeo<#B>Uf}*V<vQ0*f^M}ew;V|n41E%Sgi6nloKuE
zcy{;3a#HA*J1TS{KY=ha51QJKuLmB%!JRXHz8{J2B`~cgW|IJ)`vtMq?#zcALmILW
zbn?<i-~{7mW|o0lBZza#XGAZ309IS?2In%de5`Ed(jdpaPV|!dkR_X}T#E_GiAaAr
zldQZE!I|x_2;FY7@&>+;mekDcC^&P8UmB*c2s|`}qw<W^7vYJ%E+#hjgK5zT(pT9R
zP}~~Ha%)nkCPiv2F!L>dRN;iGwU~LM^<D5Vc6<TqzD;2=(ZFPenOO^gHWgbXIQ&OH
z+dp$07#rwfD6Qb`AT3lbY}a>HlE#!I$V2<LeYL$XT2R?|>3?yFRS@sWg;k+=y2LCe
zF0ppiXz;%ATY@C;U^hNu^%5S|=3sWietUqK8t@t$$x;pR#zqp1#BT{<+8vR=G|oq?
zj!iux)}?srdSwsr{grq3Kzk&UK+rxcoF*kZq!F6EsFQNy_sj~E6OPU?sYbw+52ZL<
z;W=A;YHsv*_(q`7JLajpAE{}yB)-`1(T%^zDkl;MqyF{?>?h8PGQ35@L|%Uf!(z}5
zcT2AppC<2?euK-)X#hymo}dX{I%uk3(Jwu4{&YHCdYBp9{P~r`X}{v<nIbr8aR{!y
zgIgrmKG7B};yZaX0d(X0qh<_5DtC&FIo!TSW0kwq>JTUQ!15nlgJsB#$8vqF(8o%B
ztkTCG`q)z+d+B3ueeA<WzCNjs)%sYYj~DRKU*A_B`{`qUeH@^V1NqR_*Wk|_#Q13a
zU_8R@&$K6|ip0gQ<D2lZ!S`d)AddhFxAQ}g3<QVr5v$|-o$c^2lfbb0wHQae!BLiK
zh&Sz@U?hGVf;x$klfC%rUt<RZW&Ck=Gb-xyGLd*bQTcj*qeOjOJe*XW2z(6WVZ3{y
zmB*2J3GAKgT%#hS439uM9!Kiqh59&3A4lus7=0Y8kK^?5B0lo<<MnZZK2FrfNqqFz
zPu9mN`gk!P^XsST+Y}#0c-ofBpb3k7=&y@?Q>K>j^Eq^oUf$E{V{b|6&v14`Ey7KB
z8UV-FqQVT+UX@^H8EUr?=P<w@Q2jj(S)j2=Co=P;yc53yXKxV0sR%v`=VLcbouO3z
ze9>AQb|}<Y2vf!Crknx&k}O~W6Kqv}ff~Mq@AK=Y^U+^FLm%t(v0fi%>SF^R#(qLB
z38w}cu{jyC#%>)X>O@HOGMJ3gMs~W0CtMSMLpYv@(05ip9YhKYEpb1FBg9q{LTW-s
zO~|N`ikX|{+n$H*gEn$dcoos=NXrcDr%jVOc1RO+9nyq|4rxMKhcqELlty29h;&BO
zqrkC<{yOX9lovQNG?{EKE5slsDp%oMQ(f_uS)T|-Y-a4qbIb5b^40sn!DuymJea-+
zMbx4<*vqqkLhL02k;;#JdnxZ|cTY$R9i-BIykyUTp@3r;bq6Xx;JX~}+qd*u%GAM!
zT%to$M(HDN>DQzemi`&B^z_%*c85hCV&{j%&Oa*EDunF36fk;X%tRJ<ttBh-B&#v}
zVN>=}&<|5~HXpJ2IjokoSEk=*l5m{7;@zyqUP;LsODvokIj!_4z7eH@vE_}uWe!OQ
zqx}~|0`0kc#Omka!G2q9u))hTgV&YssAKwx_LG^3@%qa!)WG0_pyHJeN>^w6+Xh?C
z`~oNJKb((9;C~q(vHHvTfLnM0o}?ot_!g+GkgPQ(VV+ZR)>v%jY%EE%z`c-=qV)<N
zvHC@P0Pe+jw!oFFH6{VB<gBsS%!L;29o90Sf36Zzv_8W}tbPd}fP1MtWA)4MBzzqg
z7`mlMO-j_50azq|jiqNWeQ6y{%9Y~*nbW|eq3dqX)n0*2X-wa2&(#@p7<V}W;_6I1
z!hV%!aWDpQ7Lre;pF#i?3}w@44G&bFqDZI!Z$l%`Jl3o6m=9pQ^QhcO&T}g+E;=08
zRqjXy%$V~ZfH@+(&l~KRA<fl^J)%O-XQC6a$jI7qS0w9hk8cM2nV$h_>F4-af<3Qi
zIJiH^DU^O8sLZ{VQU_MXT%kDe16$FI98Tii<x~Q941fozk<)T<Y^KEjHx)J{3hUM*
z9=khbRj6Aw{a~hW;%#ohP!`W|+7Ba7G)mNoqq5A=PHY#vo-gDRv0o3{TbyWyh_7T~
z&=2VMOpD+_oAgM91M&*4lf{S=w<}eq5W4M3j=S9&0VS^EOGF<s($>44k#!nbF%x$;
zbUf;80F|9^)V`F0_ZmWkD|<R2lDs>>_Ej*2ZS0l6H%hsh(I5QfWiYY&Y39h%Tx4iv
zHc~ubc_LC=Aye+y{-|zsHOMw3{qX{)`Y7Utq^8xs(NN=S5orabT!=`Tx#rr{SplVk
zecK{!Uy;&Qv>nmn<}@6i3Z?O$Q})e^Sx!3^INEzb5HnBXCzI&ys;)T!WbB5w()TE!
z<M87os>dMKgrjZZVkWMH)dlqKBXQ}Z1a<bYo^GdlJj$nL?gp?clJ-nmmvjEhoSqj#
z%H%7yBANOWvtgo}()xCg*58<>^AWoUkEBV>e00dLDLlS>HCt`8z7dacd<7(0x=njC
z&_f$~q3bxiDh%d?sb<d1#xG`Z=x*be@Y{`#H{b#h*<QjG)PyrLz=|erIB!^Exh!g9
zBl*oatQc<2#UcZnbMeUFW~d{!JZ;A2W-k^mY)&A^vrF;#z~)4OVeCbS4<a4s|I?HI
z)dj+^dvi9I!FEkt8;FBKJv@v*HI|E(eo%yOhfN5@KJH*ZR9vH=@x?uni%}*Q&RZ2%
z^W0XD3k%4_LMyCN3#{Q*P-D%YqS(1-D#Z&%H{*but(cb?kaxtI>Uo*Lsm)&cLcEf$
z!B!#`wGdHU)=EXTnTl9(O)IQ?E3DC0SU929$Q;&)B#WRL>p*cy9Z*Zu&9Bvv)(XBj
zDu&ZI15;f4D$c{g4;HG{?12TDDDD`&C5np`Zix<f@mr#UUg8$9H8JO^{|jxe=%G=4
zyQNW?x^jDV3^fbn#l4x0b>$hg1o8xR<zD1O5iBh|#`cKz?Ii>f;^G<yAlMv=k|H1*
z2V~5bC_+NEEPx9JirdEd@E~tn)`y42W8-{yXg#*9fhWz=R?jw1Te)y`wQ{C;O3l#v
zEij)DG=GcKCj_cw<9tG(OSY_EF({^u^Wi}=ZCM{4)ZE7T@Sx|mtiod>o0fe?x~ZPc
zY!TP}Xk)a#YGbsnYGYJ{gGf(wXpUkF_m4WxSQ}gT`9@pl`3tkY)eCGP*JpQR3nN3D
zbIHi?=3FYWU~?`VS-2TzE5i2C+QyJw#7^TOs3mrl$A^vmgl&v3F!nR;W#S8wo+;#d
zCJ)E16xh$6*<3Gg^TDRlm>7~K`?+hgiAWW5+#wHRnN*XCZS}=5+_#cJR9d5WnLF)N
zgGtR4hf$EZOu>wog2l#G_n;u|ye*EmS|A+o6IiAo?fOa-q!Bk5aT2k(D+&^pvFoI3
zHxNOL#`=@4r6@?cOu-m(@eUW}G6hN3-Y7^|rXcB>1QEn&h+t>s^;#p?EA~(<LND!}
znu1<v3k^9ofcL^GsARm}VH*8D8b?aU>s=u4+6hobUhhJf%N}+Dq<A-w*CdsZR;es*
zmC8V?RJvQGvZ_@oFwM<U!S(*lohI)fB3&V=ENqnusc(`B&J;9BWu#RoyR-^rvQ;Sg
zc0vjICY6PXMPwmHOl6^Bfh??8!eUUtKnxI+_G2oT5fzN|V;RTmK|hAQ6w;4j1H+mR
zVk3Mz!x0_wlD9;Mz0@ty1z!4==t3`J`?fRxhinP@yPnB&T8sc2HTY*b1oF@H1#HWv
zha>;k0kBzvf74=c!p(TvH0*$Xw8U)K0sp4iwjp<G$)S~!sR+Sq9L$}UAtCs@gthKC
zCgJhKgmjHbYw@9&B!d2uiHosqGA>a>o3#00GKeEZmC`t>KHvdS5v|hVMe`(%SP|-?
zaeg<QDMDXtKA1D9d=Uy`;Q>5xB#O`&jf17I-M)_(H&@v%9=dGvnVv9Jgfd%ru(iaI
zDMFhyE<?2@4lzJhQX(|p09i?i(0l_V#H!H509iQ&Enh@{9L4~NkZ3X$bBt;#S!gpY
zHNKQ!G%eM>lwdVA4n$Zf!JJ!ozLa3kZ9ZR0Fz6PZFC|!Xjmyx8sFZxCCL|^FH8!6w
zC3H3xo-ZZzHX0X_lJ8)Jq=bIZ=JTb5j?lvMrG%bP<E)fuB&KO3a4s6tE!^j{<_$0t
z4StCAK~!wwe@I`h0@J=+g{6JDifJKKFY`RijrcCxu{mc+8{g#%jlRnw^<B7u(0VC>
z@4|giHn!b3uAT1^8QGk}gg|O@t~*jpZ_f2ZikZ#1-bgXKIoB5{c5lvkkz&v0+`LG!
zcQbZrJs(#`JJJQP<g_y4;&|Ek2;Q?^cN{pUFv{qO11-&UZycDXu*<D44&+nte7rdD
z>v+@i=EXsV4mjs|xU!yod=8hdPo9anU3g6S*<2yT-vJni0qSw!I?yv=7uzu6OpT!F
zvkNpGB^{IH)L}&V4paAt2U-z>yYD$x==OSHK|m~`dNiun^DrI&wTSA|C|qg}-wR|S
zYMw^ryzb%>P(@hAq3K4!9H?SJ<Is2j&t9J34Gq13wGSvIEJJAyl&%C3q|^|BLukc$
zAc8eCM9}vtfCyI65P@6lG0eu098so1bhH+Mu0}^|i1r+rLVngBG!%&P{VbZ{CZ8<_
z3)v@>8XBNh#oa*zt7vFo6<+`vSVcoaFL*<yk~gM4-MnQZDxeIvawyjivRKZLMb57P
z4TNsE<pI?0pp>8trQN9Xa?rp^8yawYuebm-u!@ETx{`gMfmJj#;J_++u0COnsSjO!
z50f4`?8HYn5ESEH2)xTe;9V91@3J5sjrcDG*mYG2uK<HiZ!!z0=z~=;yh1U>Fm(gr
zG{aO6gfk3NLlDj~OeI0Mn;y{sT~{g!B6=i(^iAP#Gdj&eu@^p4p3Z9y4B5R^LD+{k
zDhS$ei-r_iG^B_fuFWd4yj4Y(wyMZTtBUlss>ou{)ubYmtt!Ii*{C8zts1gdtA>oX
zYRK-b8d7Z05cIw+Dzdy)MV7Uy2<|j#RuK}>q#{dORb;S5MP!J?T8DIG1?XzhkzHDK
zWY1O|p{;1rkz%WkjJ4`We>)u!)qoL3%M;a5EeV``RSj{0R5j4jkXKYgwM0}y+*4Hz
z)e=<=_8(}{q8dg`L^X_>h-w%$fok|_64nZ%D9{RMj*caaqV%bv$Y27OnC3B<!0ul;
zAclj1Yu@zdxeq3y=ss@2Wt(0%e$!qLeluP#esKX6e$fNqx5t}@U)Xs&_BaR|aQ{E>
z1&X+hYVutzy)P}Kc)h;#%}|Ag(Kx`Az8R`e`o;mK^o{RJ!)TmdN}modZ6u{XE#8Al
zf7%*JNT1%E7)eNf+8Rknf7%+!K>E|xOa{`Qwq`Pr{xmnG2Oc$iA1_C@z89U2@j82{
zY^;-q@saT`J!%_i??zv1JW;u+nYH8u_B{1OW7IdIO%<VM)?-Dd#0n;0dwVo4L5*YO
zGU)&MtQU)Ji51JBY^%o)+hpPS9zTqeh39+xuudB1k05gJNDL0KQ^GvV{TP~|G_2b^
z@Bju%%l6VziBQm68k%{fP&aArMyG1%>!xWZ|2%jJhCcRQfCnaGENN)zrEw?!azz+*
z#gU_RC;u|A>Kc^+3a|jYDZ;F497a!MRUcUDlbiy{U@3TwPS21WqlG8Q(h+Le(4Yc6
zp@ruUD$o^b9Iw|lLqGI|8fOO;s4hA~jq3&uR2RH~_hD%61<j~h4_JWiQ1f}987x4b
zP(**IaXHY8>dsSd!we-=seEt4YEm$iRHafoDoW*h8&;D<seErkWacYX;BAmV>uvao
zBudrfZTM;w)~rTvLv+ZWkPfL3Tsf_4NQL0bS)TYR1ZPg;LMjArPUAu<1b0s3a1oYO
zA^39|7g8bK-z2mC8TMMLLhyfWoE<d70k+_L4f0!KXv_>3So4K62tKgJg)|6Gu*QWn
z2wt$pg)|6mu*QWn2*U;&=W7tg4HllSLH=w<NP{qP(0qXgap<6NAr->dLE}Oy<Xftc
z3Sso1`9dm$!Iq8lXHWbY8ab-Ww#wm_W(#Q$##<T}Xb^f#jS4A{&y|n@VaTQVLJEX2
zm&REIV(&f8-rJ1w*?%90{`+~2^6dy;wMa(yGK^LI!7x^PAq-<xb1;lmwZSk}?57>Z
zs=k<EEY(|vu~3n@P8K|0cVdZKdI@%H>mElOHN!x8H_kEir)NHgD?&?$jPerSYL#p1
z@`3Ah$c^*5iOTKRrje+83cvB0<GJaZ8~&Hgd<<*PSN?`e(Oi2z$il0>@<an6J##cJ
zp0$9#VWVeu2KbW%{96JBOny7^zwj(6t<@7xid<Cen|V97i&x(hga@ww4)(Q-<*UCB
z;%*%)R7Xzsv)}6HIVu#1JmDhM%YwA(`-AZ4M?u5PA*fGg=JohZlnw>IvdQYh$P@6Z
zJDExfzmg$-nGKA~W<JG=J);$C<k?lH_&j?@h-VMj=$-QH4ubxj&$F;Ru6VHz`=Jo*
zZ`$ac!v0Uf{=E;oQ64j=`V6i<7=(RZ?=$76Qy%AqUi~~<Ly^c6E>gWONULV1eORNs
zAHc{1$D;yy9ELn|mB$xYu|KqvM|Q2xvtt0=w&62u^iFy9WrBXT1JA}z^XpN4YY_JN
zk$Q=rPM#eSdiC?XIuwaK;Ud+~25Hs52jS7*1U!2~m}du^K6jpdjTQT2JDx2$!{^yo
zLOi?NM(>noUnl54b>P{$bv{q3PXu9~A7`)k)5){<g<kzUPlqCrCtReu{7k=m^_4+*
zv=7@2OgoF?hF@Rrzl=O{ZD-$P#s1umXLoP#d3F$>+jh3#tT6B$8R2^f`Y%4u!g{~U
zOMTcIL$EKk(L0sL{e=D3wy^(pwh#M`5bWd5nJe87687KP!an<4ANG=-fG3}_(L1I4
zdxZV>wy^g)&xgH#2=?o2^iE+vLfG5e!j7Hq!@f2I`&1jfQ`nCY_H%7vKWTxaXKoF_
zo_yI{`TZlpc5tnp_Nk5i|F1(J@0>HppAcjhK{obfm%ZHQL!vj3-(5C(r+j#dfZY(S
zfp77O3w+qc5bUqp=$*p;1z|_p!oK`MANI>au<y3fJB9r#!j86u{q~9v`|1$vr)~63
zVgH7(V<FgK|LvX-$U81Fn05;CcLW(H$VT~n>|&qRpM?NNs&fVWECDAv(7I<|&?Npc
zXOMp;$fTt;T=&<6;Qe-Ht|b1A@KP3D(7pyP_3QqQ5a9D|^iG-j908|0)cvUt$eS*k
zE3NKc0GVl}b@FnbR=Dwg-*K&t-YKmy0?u}z_1F-|l~>G_)+9l8x6*p~t9)9|2?4&_
zM(>o?3<39ap!L-uklw53N^1{6_A0Fr=M4Bp{O1-&Wy^cL4=HwsxLe~}zIf8j8Y&cz
zG@*gwK_)a<+{1*1@U0suFr2>`X8>4qr1U6O4D}45o|Q0XI+!TCp~KsJJ)(}*=ivd}
zY&cuNB*|~%4IJi`_^LZ_{a3M1xt=Ewv%}pj4WP2lIPR>D)FeTEOSrW-t{Ee>0`k}S
z!(5V_&!2ybh6)VjCDkpI76>fxiszQ{cz#IEeM*_a=Hlc_iwB&)?gF7^ivfiXFB5HH
z^CI&23%Dv{UF1S$D^6}$&#7*K#q+!7EJ`RhA`e`LV_^|f?}&2<qITzaFoMHFMT_D_
zRy&hO93wbbYW*p43$mgPl7XH7KELi1Iq&D9TkL@M%6|y&l{?1!YJ)fC{1kY{b)BD#
z$9JgY)5wD&z)S*HRFVz(&GRo@cT2*sFu%Dt`cjF&wGPT9zD3T@;uOZ9lT2VGJ)1}+
zZ%HCw76&MBWf$+N#?An2<i)P(iAM}rte>M~adZP#)e%^4Wo^L<8_B43i2==k&w1FU
zf$iX4JaQp6(HUsi4(!GKBHQI&BAoBQDLz(>vksK8w&mOOToI`^GL1T?BmG#mqv7ip
zLXKlNj5UaMcHNzLp+i4#W#pn;#|GTeFk;j5ob7pDPg)tpA%t7U2CL(eJmi)ZwkDU(
z!xncrsPv3GlSg`e0GNH<h|~x98dbF)Vi@19$K!_caOR1Ps=fekr~vo(9|t<+A2dnw
z%5UkvsY&u4sSP7{oj=IJlCJ!!vgteVM{4}76hMzNel7SaucD_Kj#P%22E8LJ>$klX
z$d8YJPq^^zY7&BL3IvBzEQd9q61Xy8iIf(w`HJYQ0p-NvxT#X}Yw79I-@(UB1b4e?
zf<`Aw8xf5`4-SW#m?^E8KuuJNL;-NTeR@q5O-0XKy&GilI!4e&*4FxZp!y~}4`EZ+
zQIxLSPrHbN?IXxc=Ab>1viQi_(j!Q^g_Bae>`znKh;f|efe>I#h*Ta%Zk|LMbs{Oz
zb+&vjdW@#0HlKNlgU^^!6(YVWe24T#oC87c`?XDymwMTtP{CVZEq=pb;(uIgP^gRu
zk0Z)!-U#EL?_LN%u;C+o;2H!zcnyL)aSZ~Va+;CZB6@ev_~BrIyyG<Eb7Z{A+;vU`
zea6l+-F!W)Mj#cZ#5PhRp3+vH2y|;i5}&zvcW`(6Zj#Cvo0FuNa4FBz=nYq7EJmvI
zIlPmkt~_B}E!k_774g(#-XF9J)B8n*S2@-Fp@K6f?SjL-IQQrCVHXqzA9m#<Rv+U7
zd{}~~)St=W`pdgt|0hv1#@HIOn5_pv*)X9u)+sEC-H-|rN_@oXyYm4O#^s5t4Db|E
zm>woY-hEPdevA5sO9$AlnP{mZ1WO5V)%F9g^r9YqeZr5DdrB%lUd$#{IbkJ^(7hAF
z!=)@FC0|I++~JE1#TaR!lIF(xh24dvNJagY;lcK-HrB|FX~xECyvPi<4%ql%^x?Cp
z*M!!K`SlVZ-Vub;gz?fAw5mGugD5^Cl?Qm#)^Q#i&p6fS%iW6-GbdB*I9|3V-je!;
zlT^2&MWpnNc8Ua6s>rEuX7<|^EI1TRaOMI;=Aw`F;TEy#FHy*gX(`-d-^B|ToOw=h
zrPK3iK#}kPPS3yF@UeO>%W+=fj9umQ@r+iOIm>|*%vp(t?@JlpFsU7HR@iu+w;b<s
zoMq$<4}!CVaHljyrZA(4d_CsH;fy5Xm0v^U%3b}LNH(#wCvoXsU>n*3wiV)V9WD~W
zcP#@j$wcXc0F-sgCx@de<UP&T#wBP;m6fms6AQd(^_RCf7wH?0S5%k1*Sz7bJa+83
z+$A|8o!HE)ad-?DfZ&t!pb&?V<pvw)u@(3RlL*X<D}Qm$M?~fs3F0e4A~es)kRZr8
zBQ-+npLyQ`E3p(LmNpVg8;S8irpm0#`N~(FK9w254?2A+GlYMta^eZtMTIVr8TIR8
zNcsRAg|l7r#*<Ke+@kPPG>>$=`np$jU8GU5%FhrbN5wNZtGkMFNJMA;j%wHU;7hE&
zCm&Grz2q6I?=8=GeII!y>XY(J)>q@Hb~fVRe6#$s_$}yY1JIcVfje6H0hHj9O^|Ns
z0lWt~qZmW!p(G_DYKVv#BI1?^`qMn`ZQ3VEpE(0fL2u>xS2nS-y%&!6yKKTSEl7w}
zYG}tMo>esQapxdt&T`T5(!uDo(!xl$MjXOlEdBWWb!#Lv;4w@TSzLQH#9@j=;8I~9
zMrP?K2xv~^tx%Ula9+8aUknsXiOSExrCgSF5&JZ{m-gXS<?PISn1IR#q@X9smd=JQ
z;O?;|aH-0lpaAAXty`mfE02NsRFKNg5t#WUiNW1hFf8N+QSkP}Ybi_x7m24T-y;FI
zxr$l5Ua`a2)rwmTxZf8algBNiSU%kN)&k%k4eJar_H!VMkXU&U;<yV$bI281UT)@a
z#^U_3;z73W6Ad<|&s+}4dGX3?@PIosU&!KK-3-vjY^7t`iJ&IGV0(H?7w#PSFe{hn
z=OytJA*;jPyu5*&tnurDrObirUKzoK-3eupxjl=8yu4NrZWqgV1*I$LBujq*mvbp2
ze+pXKn3t+NNy_0rP<22#wq7K}i-0w_Y88?OaNc^L;og@u$O+^60z9m*5^BGU?$Cat
z&KT_KYTVTn(zSgFEmq%;4`}ZG@{H9FkY~Jppga@xgZSLILE0kIq@C6eM#x06VAy8h
zBcq5h)}lr*U@7i6!G%{+B2oDTYF<AC2~PP6aGBYwy<Nt<!f4~e!je-XL%EMOnU8*}
z$;?I>WZ&l@M2E8D6!pWeb1yQ5o<UHkn)w|>Lc}DYfRVwKsNBreux6FV(H6uH9L8M(
zUjxrpNMAIEn#QvI&?Qq_?3PKczDD(dZ01ERq7S&$omn7#`XxBSMtz`OLm$%6hjfcR
zU{lLd=tEld0jeC<hi=t}H1&aakd6A#ovN-nfviB^h|X?B3y-O<O9${}n;Bg80xk7=
z!vzdylKJEf=jlBk%BsqbsVUKZe88i|RzXd{?V6$~4Yh=V8%>EeXbKB?o>m>-A`yz`
zsiwr7glbCM@S06cH6^Z^f-6heRB<gb&Lya##8gpokB#Q~o$9?8yBB%=Gk*XBuE@=I
zs;jDapRey;4hnOS_%`S-A(&h7^KSgXlsNQZC@UNP2^0Sru=Up=-}+FXhx#4HM@(p|
zAI>n8=LmVm>PN~mUVkB;;^i`P*vpl7-^)E1-Pv(6rZHm!+z*j-E<)e2QvE|_w|*~S
zS`U?^NdI7OL6nGBp&eJcV4d-?8eA;EPsI80r6_DadKOZc&nIU-0AINDBI35W>Y>t5
zLVoZ<N;6(c=g=ETahzTam$w<uCIDWxn2VKH!{$z*AGr-b_^OG`at^Z0i<d4zCOj_1
z;}U#>+m)`!bU7%<TO20->#@8SyL1VQ<H+z*Y@DmCMZEK93DX<pnct#qOS=~u&m!sp
zB<GTo)H^RJ*e}^1m~*%yF;zJNRi(9+>?A|lnU|{3Y>N5P`yJVj%4c0IhfNkQ6Kcxw
z!u9Z<u>S#xVw7ua2(aLp$}7O;TPx3SAV?}$l{FV)sE*ns+tmid8lpD(b-;C)UREn`
z2l|^Fmi&B#-IXn23|VE?y#SwW3tmMQpLrMhMU}V4*p|eWtKspk5@>Ng>m1(I#c4)_
z_wIW8JvRK8u05Bz5>MZ82<b9Lj#Pe5Nw}5g@QCMe;ekJxX1;#pgAD069fjM0U<gYG
zMvP;1g<G13Fc3xRM}Z9J*3o>#>c`-ra|JI$`Bgd|s4+H=dC54xNmXNs%F|#kX71z;
zEsTeTuELo3{b*JEE;6(8g98E$-)zPQLUD&QBA52KrBl!x^o}Vy9h|4zHs5R<!I&=U
zydHS>Xu*3DAP{V9g{Oi1DtHZyDR;$iI|*ru;P%hgf-HP?nP02tt$8hEC6y>%3A$sV
zuHrWp@wpU?rJ~M{K$CvQAgH{(mp6%9C?~&!448Cc9pj^4z>5&j!*2|bMrU#>;^Lz}
zWQttM&E9hi$&z`R-;43NIwf&aTCn^t=3^oH2?BieB9yZ@5H45j+ps>AIMVR8-hdn6
zM5V~O5XWaj_~B<w!L_fr;*}S~{Z&3(%Bzj_gYLXf3XKOJW<i4)hvBR|%%EHOJ|DuL
z7o%R!qOG~39JlKH;t8m?ZDv>;;49{N`MBXcZHe(B+5xO(eCFSz;Y8}kvrN8zA|FVd
zuAhVu`VX$#T>~87*7nTUQCz?SE~80Caf$JT_`01R*;RT0;Gw|;`TQv2m!gKEV!k9(
ze_*R17XpiU$s$w=36>^-C=;xtDT<Le=7#j{J)v3Bg(zJ3E(}n*II||TO5BviwY8<w
zpaa@Qqx13I*v@$&64ssfB3^{gb(uOT(CKtEQ$7Syf=KEgNyPo?kf6B18lTEwDzp#x
ze-ZOo8o1#W#uL%$?(*I;tx0!o;uDRqVhylj23Bl}rFavr%4H1Cf1_NAc@aD;eLzq=
zZyBr?#4dJAzl9NX#$kchgA}nqr+`vepi}vX)nAN<!q$155nXd(v_Hl}*XHc0{WJ@g
zE~g=kS5MdsKl2D!fYLPlOw2uf3~rMUmF21eK_q3$!1$apTi_-lc}$cJOv^R4^^=L7
zbES)cW3K>*TNC<fOrN=94EQ2&kEAZRD$uXX6pN#6L>%;qW-b%g*Zd3WimByz>0AWr
z(~2YJ^g&zpRvau?dHE72j`Q1cYYiOE)t?0n2-r`f(^puwJM2>5z_P`B6#J$Riy;%e
zsS*6q(c0a-mseFUdKEZAX5@OxhgPTG5xnhPy^JOsT}1qf>c@lN8<8i3@w!LQ4VL}@
zo@!Q;bRmktdF?59y<uK@J(0?1>8g5@dqX`<=2swd<#e#@lCJ|;x;pf3=c3ZJAS#oH
zR|XIto%sXq46EGAAwZ(?Zai=c?@Bx_xz=^u?qp>J!*4{Gj*xJJ1ZWI;kcx*9M5>bH
zIN}wU#;=@(9}bcwE74=)@Y~QvX3j#E9I&Q=wR8<)I9@1tm{O5J$g`v%QaTzXaB3Wz
z%Hd|9Tm2)Vb7}Zqf+%0P2;gV7Ch&6*;8Y$!E8tM#hV$^%r1TBvO-Yl(Cio0ogFNF^
zk+4S_Vdl91W-pDjpoq<o^B`1DbpCEgai6BP0Xwp6x3ZHMShfhiR`$5v*?Bqs)|n^Y
z%jXxar$dG1rAX;KG`d^U<yWwopO#GudENTJwMY3>KB@R4_=tlI57^=<Ek0IovE$i5
zny|nl06SXUNt?mtN2pZ{O3gV~O!7I$%QaAiND~v&j}2m?^%*qAL}h=fF?BgH(*<!{
z5vNVi`_H<Z`FUrMV+ZQlQp8V&_;fCE8_83haA_ws_5=tj&{(;0`n=LB5s6kBtFINU
z)%kwTH~muk8AglEsfGscrz6shRQ7-uUq8by7nM7FS1TRsn5D)<y=A>WTRsg}Wil3*
zWa7ckCe;~8RaO8_I)3R3boNw6)jjb`_*z-cN%Qie_@(=qM9zI8k*}3QB{8Zuv)j4w
z)k-%pwa~qu=p&VbN%xrutBq}-djqr7m>8y83c58W3f&B(DhK=@pqrSCjgL6DK@Mxk
z&xp*hrK9r5z|F-9uPoznAsCZV_<(jafgd@`qP7$Iz7#XZUTjsQQ0|(aOO#J@z;Y@(
zZ`c$2%Fm*FNul9$GdM=Dbe<bemM(#=Ot2I_2wNUA>GF|Bq$h0pd`*ur6TUsEyu=(j
zXnuw=C>QXlTK4*VE<agD&zTqNW1Jyta^3hM3$ETr?|y%1lzTR+kACnhKJxXK^5NDP
zS@}C{7pK|k=irt7OVl|5xaf1i%1Q~h#uB_(QHsVR*qb3RBpEA#yhwU6aubA>fj`C^
zrAs(-XHc58xR~=X!2dPjPu_x%gP8}Sx#2u5qYJ5At<+e7&d<;gI+j-zrUSl53^FYj
z_$R~+|3pb_Ae6p|Ti$1<l%hC3DonpdJ}Hcq*%!;otommAk!a-)p{o#vJJ%m6!t2Y>
zu+in|iXmXo|2iAb7qBf>M_=Rbo=tB&1D9xLs;@!R%-hf#RR0ttR@YwbXN)Ii?o6>y
zOIAOJ*kChlJW*ZzuQnod;NS|h!7Kj-L~FYW<G%#?&8dJL<9{f~7{WjKT8oZn6M%o4
z9}&V|C;oHW;{Ofu&k6sD*Z3Jj_&<r*hWZb^&PIgrUrGGuwZ;E(<Zr_NB%+l6uYA3q
zSp8iP4&lGx4HliL|I>a%2>;c@e|}s1`(5j!u>5b2|5HK65dM{KY{LH$KO%(x8sdLh
zTl`(u%@Kbs$QZ)^2gEk;f984{5yJll;(vKt{9i@>CjK9JgXRBI2${s{`8WFE5dL2w
zwgLYoZ?X{~{MQlx1wQ_ybC$1vUqgN$|2pd5=(~|v7#OK8xXDkdR)a9G|IldPU5IVK
zzWB{HB82@$V!u$Z^Gpt=zKrf)g4`W&-yI}XM>qM|LbxwOY#4Wc_=M4$iL#;<Zp3+S
z04%++vA#=YeLU4y1>q3R`w`m_=Ua&Lq5$Waem$4I#Rr@oz3@55IluG=n751^4Jr&2
z%hlHeIjWBb;SlQmH}3%T+lcyNU%qj<FIMgA%_!Hz<IjVzVye15NU5%WtDg%ve_+J>
zCB%lSTP?lKMuf!s4kEAGddHp9{CZ!3>=yTst+T=YXpmOj|LuOh5cYQ>HjKSNz}tv)
zMv(F@<p5`Viw`Tkpb6)>L0a|hARNNE^c_3E`7YwT#NbRifqdVLQnsF>M{W<~doNf4
z`JPmre#)^qs(%V{hva+C%{##S9%8;UB;TOE-$6Nx+vo9rQ^LDekK5{}RqqPIq52-Y
zZ3kH2N355%;qezx%Hs5SY;dl*#ZRk#G6;uoE_>$=aDIR|U*Y5Ae2})|522LBSxj5O
z8l+3!<tJ9(8H7Vfhi=^g(hn2q<wQzb5y<szC}eSt#zT7Bhp~8JusB&QzT3}H{r4ao
zlI!aC>;UmciTIViT*J8ULOCDzvQV4CE*-Y1Om*FDevaz)ARNNI^}Rd5{R!f}!p9w#
zxi{tYzVGuPr;Eo}UjGXa7Z0ueE=a6?;QfBa5U<btw;iCpooH*Vyk77DA5?nuq7bhy
z()ylKeIUqDee(zX+@boO@Sz<b{tOYnDpcQfe%tE%un#Rgx_-Ane?P)1UtWDGNUwhB
z-~GIyDsTPB4lsX?nCrxhiLECv0+&g;tCR;_vJcvP<BM^!_A@iJH%76tWkdYs^L$!g
z^-&*xy87+lB~$%Q@KRm!F+W%J@*oU~={T28no#fgZX|_G?98!nV$C7lFOurl`231F
z&zFXaKOWHV<sjTl!~9Qlrr|53;p(<Dd=AB|el+r7<dc3%^~zBAi6Goe!=eAtnT9(_
z!@vF$G-PfM=(!*WH`8zrk~+!aZqo4Dwlr-1ln=eBJtRNvr&O;9g?|}@n`t=XGo5Mp
z7HPQVpP=EeI|6z>6@;5<*!{DeX}Fg(ysj+`eV_B8H}PRpkW$V6r=P3(_8{C$!-D_n
zOv3}D;r0In4ZD0kpy9nixS59CztEY6he*R4+S0J%i$3%wK0FYlR4@CIpQ}3fWk1|Z
z!{?CHsZD;LG+g^n&=C2mkGJ~XAlyvD3%}NxhDS-m8{5+GraOJ;O?)`%E<dH3|9TMq
zeh_Y^Vawf}Y4{;&xbB~zVbM1O8h#Rln`wC8w>s1C1ZlXwEe*@=@u4^IVdcGkN_Efs
zg77}~`{8C9);!RehM$s#8~zCz4tmhXTRrq4Kio{i5#Q}h!_P>=jUgIp=r{M3d8XsO
zk7BP!zn8AQ-Uc((FWF$W`Zor7eMNWmxQ9*NTvVo{a<O;<Gx^w=C%xx2fWkv8)z>p0
zi^w4~?CrokKg^brp=d6Nnam`vyLg&Zy-BFz+!yv}w$ilSqRdn$A2Hao)hdHZ(^qV4
zE^6HTPE>8Tg?3EUuSwNSZF%*RKVm&ec{O5#nd*8Q%mx>AbXRY+u{+^a<0T#)dG%XT
z_2xFb3ej}QqlQ75>g_g|t^SEY<<(I?Fd25rtLvC^=MwxqsoLc8D(U<NGTcwv)waJ{
zUTr*`vnLDHUB(u=>g=CPlFyp|`8!DPrJPVx#wy<H*qE^^sp&cr%<S`iqM$MBCv%p~
z{E@7fB`esL1O58RpDiD%zp(YrRQI*9*{Xk0Nq6-I8|yPBOjOC&uLn+<lXU(<lHTIC
znSiE1Hr4n1#gLb&K5K*7s(-;rclAgs$DPpBc=<`kcKmnJwAs)UZZBW>o8^<Xm%*UD
zoMDrE5~}~>ccgS~FOAowbZjpU1~ON^wY9z6zTNVn`li48vU$b^vsM2hmG0`vHm}c^
z_U)zdl9i6KiIAkXwUN!=p0hNmY=#5bTw{}b5~}~>cd>MqP2;sJ9c2?IBi`OBn^kU?
zwf~PgCYY%n*JXm)s()cicl8T4)@Mw6*)(3}(or@klC-6bY~B*FG_}~-c{a%>q5405
z=SyeVG+zJGQ8rmJ;vKEB>5W@HRIiEpvPs2!+4vX3bXTvlu|8wk%ck+tn2xgPB}q3M
z*@SKX3sXK#PQs_@%Ql#;?($N<Z@wmJGVFw=#>-|p(ln1WZEZu-JGy<Eu1Nbdy*6Wl
z@b}L4X?jz3ZZtJsQqz&9`J`!^p(*ZM0AFE$@fEJ<^=bOF4Q8tTtu@)|vo^MSKuu3B
zTD-WJiYIU(zs$;WduO%rJ{z7G@#4skRIgLl&zH>%kcwM`3a+_^>DaT+r=x0vnW}%o
zO}6?`8@od~8t=a8M8`1cxYeg4DQC5mA18Z09b0TLQ}u7d$yOh?u>l>USA(4cgCoil
zE<_1W8t=;KM9T<ixvecNOXm5syxayeRsZ&!Z1v+dcBiy7-mTM#mPMrH10h<@u<b;~
z9A+`JKU+N`XDACH<`UiDf`v^?XuN@^6XIQo_#=v#^W8i<r}Fru#gwk5`wh}e)xVV|
zTU~EscS=g*ojsjM*^Q)pGQ<P!x)NHH2i4mx!c5h_zz43u{JC<Z@p_+5WQ>!H&yWo2
z$wiii>RlF3y1Fdy^TWUGCtIDhu_1nZ5ygwWO)A@X6;LNSCP>GBwbJnyizZ!NU-0Sh
zZwAU%zh+~1Mn~hdL7nJWK{~!@={Vi;Lpt7|UA}q1O2H0DqoY4(<&SEreB;GJosjN9
zq+jvdLfqkg`EXlE4*FI1FB-~LUt?oKRc}j0<1Iv;sMwoS+$mJBEv)xx;NUK(`-Y*`
zx^pdRbQ^w}s^555Q76Q!iTG~ic~W*BYTX<09z5KNcNmKl!wZYqCS%ZerBNre`x5Q9
zOns9<UuE>~L5nX_^)EQeR?l5vsqnk0(GFBJ-hb4IiUUZ+{UO<RYIA2Uw3vf7_jWGQ
zoZ7_n#!Heq;XRmmzZ=5a+~!t{7<`zPx!m{**=nR{sR-)dmWpd_8J&vh&{H2qDjxP_
zz;&s1vfp>qVh!s4zi4|4FsY7h@4I$)(=$ERG78hkz~DLz5(or$34;t0+=6Qwmqr7@
zT|;mUL4yPc?ydoXOCZ6WAmLl}uU%_6oO9p%zW4d=JU90&e*3>xt&&~4w)Ebg)AP<T
zvFU?8>HB|u?b3f$`--yM%Umw6Q_Q{}oRRC!FJTJl)+A16ky7{nB8z{0N7H|mMHQLF
z4ekT_9Y57yU9-!RnaUcHS6;JQl*u%MyJd?vO?i!Fh5pBXUQP}sXDZm<?O$K+^j|LB
zs>@^^sbu8!jg(x%uTb}^TzuLL?)IBDWiCaonv(w}mswKx-(Pe}lDRzoPq{R|Mgexv
zuS$Zt-PUGsw>H;JDs#D~|M8!5*-p-AmrghSuX3p^b9o|j`S=#*3nV9>m332}na>7F
zh+lHy_GM9e3J~Oh`~?XeUk&_DJ(GHl5L@WC2SM3#&_jaVQ{~b(JxkZBT-s1SWuz}o
z3(=!Mo_u){^Cc$G1G%y!xlZse3KW?J(6hz#zdz2jh)lJ<>DIQ>*WIOJddXnX>!wv?
zs#8n2;+=S!KU0M|mCDk#4D|0!(+!cSbcfE(rI`LKB9&41hxs`jPWs0iBT?RzrD;W+
zrT=!)Bh8ek_^OZ)AzuhFnKn>uL{oZ^iHH6-o;0+-3i-{&?exus3=aDGG%@+qcqZCT
z|A%*;&}MO&{*(VE8U59v){y_ALx$*=#Sm>?(z}2}cKR-{vLflH&X=AV^wr?`ue2_i
zSP}ZMw_SW->l#}w@>N@BQ#@t;%+@&8l_skaN*fukt=+tJIax7fWQV2gYlv*I77->^
zoifD8=8_d|tyqvqb)Vj@Ok0CQciN(?W^8%<7L&!YmE{Mm%gxNiEIYHJYn9F}o>#Dl
zzq`u%e&bYDkSIWwDs50Dr3({%(+Y9XA~VfB(gMpa(#$qY-|ia>vEc{V&Zn;%qGNjb
zL#t<h3v=sS+L~s9WLc+a>nmCoOXd-uw=#rB{wK!VrXGhioqm}ottjzlLyHK2Rf#?&
zt*qINH2bHUvh1Q#XO%&i=tSAemb8ny%wkOzCTg;E;kasXyU5*7*CQ|WmTZkMv5l-P
zCuEc}WXVxt7oEsbBWLk0LtH`s9-L>0YcyoTM7B5;FHB_5tgSuKhDc9a?PA7j-5PtX
zy0ng@Q*EDZlOcxok}Xt)#-3`w^Heuw9iWy}){2Rm#ZpVE7GL4gQBKfERPp{`D`tr9
z-+r_7)}PFr?ZQJn*l)TlH=j>Ou1f8!B3lM&s|@?DWy{OsKF1B6bCIb!N;}pye514P
z;Wf;Wlh5pZyV#q}VvdcoY_;m9M@g!@dTYHtI{Rt=s1~=2Rd0paA5Ca^pmM%{SNrCt
zdX*_D+de<nXf)Ma>C(2-Rzdn%v1+v{r*%Er_t(tFr4<cTEJ$=U_fWg2K_ghr0@)2c
zAM_rheJ51Z9vw}OFj2Ii#T-r9v+1qF%)Kl~jAtuP9kmbIMUPOmzlDhjYt=pzCJvle
z7JXHn_vyhI^j^Dz`c3Y?cF`wVjk+}AE{&l`+UxD2Zy3$#JLSIG{DRJOEVZO+mxjD2
z|3&>K+a-;d<W(62iMuqOW#n`se`||)O!Z4A^1TzV?4o-y<?)pmOQTrLyT4Fm8O0-#
zbLss&ORTc&qERV5?jM;}l;}^V7ivG3ACH$-Ix#d+mzMRaVU||Dy&BnJA}#Hwa*q!a
zz1eDDT0vqV^`OjoyV1|gDxH|nO2^w$K*b9ZF)frXNW@c()ckju#*eD+!&=HCNPJ_q
zfn5xwGGyI?L{av5lTr7=BevdB8>lFaY37ox79@(0uVU`Ws{MjQLvxe_iCuSf25+b8
ztg7+W3|v~F@oH<BIL<RoG1?c@cuwR|{OXZm?h9kS)LW;}Xi&PZa;iR}V}RL%cF~zK
zRa?i>OrxwNG_T9K&MppQwU~R}Z{{co6Ax(Ys(ErTd&EuGz7Lrdx~NN=b6A*JrD9zJ
z&gBdCXl;&SdWMdUzbco_d`#)MOS4h)^*()q+E0z=hXpLA73tPnFSXUyXTjPx?;<^`
zY~84tbHC27M19?UCuuy&Sw;SJYl{D&|0mZO2Cag|`wihZXoylwdeZ}GiqsMrgr9y8
zc8rcnlK4bDtZiK4HXTWxzE>nO1#^kFVHOa>Xh6S?l#w58H$*s{w)yB;+*}~B7d2@}
z<;|lkDyCIL&^sHefMg$>LcSt}ON5@)UXAE1SVms;R+DD*T(d!?ADCn@%W5WCLzC%T
zil!|{932Z~K092kXcaHx$k|<zhUC)=<h#q-tG$>F())}i9mN8W3Y<?@u@WQ=JqW4d
zbQ9}97Ee+6G^F=H9Rj(|ar%feVi1+yJX%K{D6T@&jaE-8!-3)t)V(s-bflmGLVu^;
zXs_?Y19<JYrO6oa93;2dstv^iVWC;xC0?>-vhacw`9pin5V=5pXU!Z@(vZFL=%FE&
z(io(-iHN!&C+J_A)C0MY!@{J#VPtTLMzm*0%~J9rLZy$OeOVG8k%l1km@F4QkZw#?
z(wLL|e%7PCwumLrJT%MliLGK8NE!CpCVoWemCe$}hy(PF8#y+{)7Vg@9}oxO)jNvD
zGmWzjo&(|t$X6zLN8}{P18RAx@ll*JhU~BYr7fa0wZ0@5K(=N|Ax?{*G-YVkR+@t%
z+%k_^?pHdBNg~8S5o3{YwzJnkk;Wq1r`9Y3nj*$Qkrr`^_Ep43Ug_X<kM=JW`LHNJ
zo$8{aTnZ^+k^5i~nss*kBKNo>qO|OIk(|LW$uUtDnqTM#(MnUo=m663mDaQ|z5!{?
zUf&sgK>GfrBd;}vp!920j*4^Gpq~&^>0MZJ-53qBl*v<LENZ&HlPc?|2)0ZCx!XY#
zw`B=PCMGeKjUZ(^YE7Kw7)ozX^Pws|yX7u4$+Sv&Q_(_ouV{IP78^)$ey0`wQ6hG$
zZ25R9U6D$ba9Y#4MCSIIRJLTK(=nImV`?%ORV)e6Orv#|^ol1^z$!=hkJMk1WHzc=
zKC{ZccoJy=@rkOI&*7D9mhLsGS;~S4j{K#iBI2Z*X^4Ni81(LeBuiCj@@!DVN90S8
z-^yE{@rhcNI#xNNj@?rl>RroMAlqq1l5r$y2(PvrC)v^nq{Mk0xxS?ta{eiY5Cdr}
z`a~m38)!T`4JO?{KJ3t>siiMScGk483_zR`11zRjYs(;Lim>Ku%V>~^*L0k=mWjwY
zgQ=lMt1Z((hMO8mX2EMFXV}j21Blb~YHGB%EJ5jwsC_<*m3w7-%Tj1Qduy1agJlK!
z-S*B9ep(6mL`TbNc-^GEQj?7!U)|7}PL^LlBIpW&(sZ_LN91mmH0fg5iJaq2B1Biq
zNoY3G`Hu4HYPpCJRgxojx7<TM2Uz2?JcHMlW?8EZpCy$|j@6*<I!+IZ%O=Na5mU3t
z=wZnSO?J+wrzICO@up^n(bMud$d^MbB5svzpI(--AU(P&(opoaR0hd+-!L_OEnk8B
zoLZBCmewGPZfP>e(goz{08K_%dV_SlqseH?Fp&B4HJM=<M>z}8JB`j~mgRe!+?)Kg
z7sw39h{cv4$V-TlEw$HT%Y0}K&<as%?i<T3KO%B^nvF*clzqCwvI?#7<8i|zt1RoG
zDYPktYy!DXYjNeZ+Oh@YGdf?Bq?l#3Wg8J8e)>{t)>`&KQ=Q|ix12^kvnXfjwc7Ht
z<s3Bi=<G+5Y(y>~pXr>>2FoRA-g4<1EH@D6HpkguxdqK2GmcMew%h~xmPW72d8_3K
z$SxY;itMsDQ^~R6zLrA5Q^{7f(Htc;W5f|lRcMyen*o&95lc0YsdV0=$PG&$x>)BD
z#T)53e_H5S0V4gmtb3Np&`f3W*zyZBx36fg$Cf=HFQ(8npl60?X?bZmmP*c$x9BJ=
ziBG(;oFR=6Ni+^6xf}k<avoj_>E$z$G^82)&s1_Ru$ggu;+^FwG<#?rq2j!^{0(AI
z?<f*z_1I<33*KlFY>l?d(jRc?!PYd;e90LGThrO+Q9iSG7~(@4nOTT69-6CvDB>fM
z*)Ci4TN;N_li6@tbCN~~Inzo~n@DcEAasq|M-rcKTZ<x&oO>myXSl5;Kzh@hpf#lt
z`AZrJ&FTC<v*EQ?0=YzI6Pi?^TF^DZ_lo$0*IEsv42=z`@rkt7+8}vZliu10b$`v8
zIP2Gl96VcjjS+Fye(+lSk!Bz?duaT~$U7|Y*0CUm%?u@(popniO=L3Se4v(B`NUhN
zK{J_JOp?`>%+?>E`G(8NY@H9{r500OS*>e{xWsRhEhfohJqWVzBXSyTc&xYb8fN6N
zUO-t-&3wj){MJVx-KOi(^IM;ytXf=pe(MX67EB6QKfr4yd9AZp#B)nQdf}Dq_hBYk
zO(X!M1NDy91c7Y*h=hV1`6!MHq$ah7^pbJH1LRmeLbF;D{nt<wv_^p}zpIE(6t-pu
zc|Mf(7Si}cQER~fxnIntSFkEl%vuVO$58J`GDZ})mVsBTH9B%}Yk82J9Qg}tJ&==T
z={`})+5%)cYf4)?psZVFS^2CLt(`!gbLkbWodakm5Cy3XRX)|}%_6d1<GA!BYY&h?
z8&xeDikj9wAii&Py=qwpfm|=C>J?$FZT%Kxm6>5fQO7zO<eXW0gf-bZiRvyy?cH=u
z@Jrb~$=1opZ~(2173ppL5a6eLe$Qoy&3)yb(%<R~l;pz|VUmH?NRaPoiL5k!YdVlo
z$yzhW>H|4V$8@C`Y@H7>B()|(touQH*)$nyeFieTiYCLXu?|^!KiZ#FoZ;3gAcqoD
zNNteybyG-PkkfPvL3=d?dB>55TU$8f*hqYCh&pt|!Y77XJJ4+hI#akrcNReC7yBT~
z8f(pW)?SWz)Ps+IR~jKkS^I+={fG<%*=Tx6%^(nAMwVm<BJVQ2d_;yi<VctsZ4oW{
z$$UmzM<T<Qc?>3VKyu_$WVLm+bvL~7n`Awaeb7A2t2J}2r=fXilC9Qx)=SVVp=<A|
ztR>dR&|Eah9_tcoaFERB5R>KBTtTwMuC&lzYpm5kE=8-dPFOct`+|H)*WYC1Geia=
zPF<6nCo&Y8?k!U^)1c{Vl53>-AxO6K>J=)o5Sy&agJka%8>~y;WL*KTEvCjNc32;&
zoSE#jK0#Rzj~e0-{pS<Atk0n7bxe`h)?L<@DC?!E5u|wyO_Pr_e}fcSm=fn5NGu&e
zROCHYBUrXryW=|YUaK9%%5nBv13?Vd9JGdj6kyFkYZyr2N5mB@Tce~|I-MO`J<yE)
zNTW#NM<fE8rweq32d&Y;vIm>d5k%#D#F`G8x$Je)nis^vH9ci508)-Mr>%uSQh!8>
z1j`H?^)<xyxdvIMt)GL8{)iNZS4ETfNb?2AO}aB6y?o-FwM?+=WnUgcEZ8B$dh2Ct
z6%Y^YDU$faHESJ^wqIF5_E>LQ+kj-EktsFjt#_;gLA<$joIBPLAcvZ1&0p4uAZuCk
zmz6#NN~Le2y<e5}z`6+Jb^~43GwTMBrp<Mn7uKU7^Eu}iR{Gp0#mUDxzqVcjnZh~$
zV|@ZrgL9^L!G%b#qMQ%CM-*ff=VP_Sf-K;C95#BbBzfKCdIj6cfIQ?l!8ZDoCTY%b
zoG@E5h@0~Xx3vYC&Gm}3`9XScoJbpeyprO~<Tx?5Ng$g!pLDi`An_b0&b9@lBDYVR
zjXqOJac*;*c-t|Mtej7F+jWqa94DvkJ;*T5C#Q`*3`ud8ahyCh7szqWr+_UEB$4A3
zvV8{9n)4}SqfbCm94q%%5nC0ITAWXDTVs$2?ynLyA4pw}Q^H1{d!#teIiJ$D5g^4m
zP6gXckW?I}l5GvhPOeua8-3c5;_T-*Rc(7f-g3RF+s=S==6cnz-2*AXwWwix4zhwv
zuW7T>-65BFZ<e*yTFXYCdL**Kj6-{utpLalvtC<?&?g&7)5*;FnzgR2Do9t(u&yl`
zq%UXKz}61r1ef)djXuvvaRzW%jcn6F)^J&kZ1kB$(lp_+n%Gu@)aQCNvHb#an(Niv
zb_}E*m({{X-&UkJb}p-x?L9~=m(|J^K+h|<#6i}4ZHojs&YG`n^tnUQ^yhrq+H!+*
z=X~1Q3WL1meA?TpfE3|49c=VzLyB{U%j#t74RVDwoow`pLeh-pvbxwNfK=tOy4Yrc
zZ0EAN*;av6;<|UY(RT?c&MR|HxMua)u7HGaSw0(mVvsbya6Ub4FG0TNvU=J`K>t^i
z)&O!o++*!+ivU@`W%aSqcLhn4#BuuB%7C=yIQ?wZK<;qP18vPgzUDZ78+}iZ;zV+s
z!L|t?IXLIRHu^LmY0k4|sBIaDpUWC*TL<FgoQK=?gG}bKzO~W!04Yvsjx*Bs5@aZs
zHB!Dsl{EReFGktIKnC!bA7zUH8OLLOtSvW4PA+SljlSncaV~IQOt3WsxyqUeHu^Ll
zX~u9qQ*1tvNtDm%+449z#YW%SBTXFDR1%+<ZW{?QkXlueJ=WQ_*&wATXGzXm=h)VP
zG^hJEwk<Nw92<ReT$V*~B=L!PwtXO(sKq4NV_jtX9b^{8k>tE}sqHDquT2fHZJYF3
zYWn~(xsWEyZ807h`8mZ=n)S9kbXUS9M$r|Iwaeu3eS<BpN3K8y{-(($TYhL9`xMD$
z-)t)ka&fOFzu3xw6lcvgTN2`|p_QkKywlbcn(_O!*Dl*PAk~=cwGBjutLtm8eYVli
z?7E*q#(RtmF42O{5M|^s;*f0`h=<NbB`Ib<WSi-ctDW6uhJrNTgFO9HX(X8sGO4}=
zUXm;Xsq~T85|Gd7Dwd2aH7h|n?MaEV3Zyz+dDEJmAkC(xXcYN9Pl{#_G+%f8lr&r;
zIL={cKEIPfj)R=qkP`V6$Qv33y7bd%jR~`qMz+R9Xg1JQBdxg%5^ypl&Q*{KA8Gyo
z$#^|Q^Cw6Nv%h3(+yi-fAVu>Sq!nG?&}BUZxw|n%^Bg4nbP9O^GV`+(@;CZ@x7lJo
zD(fxkRdbrs6tf?({R5K4?DvvHjBq)6XWvsAx^rZ+h077%*BqHXaoiRaF7NMTqcJv!
zuJ8E7Nt+j51HvuhPr9FU!hX_L30@wmg(Ol_1)3)H6uCs2YT<s0Jgkq_T(Gr<=9EX1
z>$V;secXziuwS?J0ttLB%*fYmeL#lMy#Q6#E!!xN7MB#cWWQyb1oD*nOKD!()_|lo
z%Q|6yW!nleZ?@LFvTX;c(?XM|RJ%~G%X9@x#feF^7n;UBwI)rf!_aKcrb)(BM?gxq
zQ{<?~n(6|)+JtFMwp90_DVJW89H}0HJnW*&%9ZLBh`idPO3$0>J;)ZicB)81DqDo?
z!Te4gCoxrUgzUknP)!QZ_d6tc_O&L3Q-y+bD6CtxNGcEFq}{1WiB#!8u4mF-B~zsb
z`JHP~-5v)rmr0U6BgmT&?N!^JiC&aX*Yv7r(%2pk&9tk!tY-FtAbl=t(!yQ{<TID{
zYGp4RA?K*Y^c0P(JKZO;e}-DjF~{K!dpmn^keuc?++*)#FNru^&2e~uNPTE#nPcn>
zk>=3&%<*&0-qqd;nnLDixl805B0|(WsPpMz?~Quh;(GP64+N>WOKJ9s{`LuobLg0^
zSAY8?ke^#A&Cq~>_UZ5%P+3PFXkQ*Nm&*FCmagd#`)Xu3)%5a-A@()!`isuH)kqj>
z-vknOS(9(=+dx{p(526|p9V?jugA|~`yJ%dlk-__zX!6(Y-hT|Vt<d)gL#boXtzen
zQCF77*iZIUAlb_4$ZPC&kZ9gh*4qO>+Ber39<c|44CV22)*b{>akbVwvxk6u$s_8u
zJq)C#Piq1KoRM;bj~$^&SU@<)gU7n=&VXomW#%}ZfHWXE=st*Q!-xPcNO*T0Cn_Kv
zNWpHJ<PAs<Qn<Dzg#$8xjLECX=K&c(=y!x><oW@bk&makZl4ALSwVi|eYs&kE_jJ=
zv{&PRgh+Wk{M%8QGz-WNucADj+Xj>Y`GQApyMRh`ozNv*=KMqVMgx+d`98lceP}>C
z5O<U&lLC5z<e{4wsx>AD^ab&D*P5vTgOOp)@me!2;9F>(bDU`b-y!F6xwY4<fC=!L
z!L2$!U>3X<aZMKo%tp?Ic;8tXumGBX-MXx$0gFIta@|)3ECWgAx~~pcr^<S(`*dBv
zHfYAu5nt77bHJ}4Iq4pdB0B;Oz-wKwE^Al7VQ8|`x<zSr2ONo%^Uor4wxK5r0#1Q6
zG+RTG)9^Y;M^EK-G~g^W^Jxtr2|Ym`a0Mj4IY&uy9i*38FG+5I%rK9Yk~~NIylJiC
z9I;Cx$NU0w&pi`(HsB?^_KekKT?$AQC37CbaV`Y}fLt_ZHX$wrxT9p87N(bvhzI1u
zQ`KTa18)RGfqZL{^Y)tou~BjcxJD}iRntEMa)4w%smLw+^MKOu3Ol99=)mUzRiFuZ
ztG%8Fd<o4tGxF@f7XiIMnsQk$0|tVmF(Z!-{3l>EYBArO!|6K}0pp>`POCVXPiEsE
zdM&if@cKJl);|Fgp-F4bY)dK5E|95bRZW)$ehAo$$XTl@FKWEN{UEOAN+ZcJc*W9r
zgQ~j-ybN;QEPaAu54@!`X21J{J@7Wj8g6Gt;9rP5#$3tJb9aFckn?vu&pQI2!^=3K
z^63y*G_XLl?9&_5)##;ncn1~&Ib`lTk`#@WeVXN&%J96sXkamrmE5Y811p0R;{K{0
zSUXy_*dy-K>VXXrxu3az2~j<;2}o-mQPl&xM$6geHjhk6Wa+JVWL6LC4zKh)GV276
zgx3_)%O~mtj)CTlnU4^411EwM=doHha5hMN^C&Deb3k0?EFsAcD7^vKy>8%KkY~B{
z{@x;R4QiU1$42YGpF!3~Xie+DZOE`zd)4wsMeD#_h~wiv{W|a@y!LaPj)A{H^Ojcy
z-vl;{k*#`_kCi<Fo5jfX`EH{gKRpARgM4+$5T)r!RiEe`*a{>UwT2@70y~4GWil|Z
zC&=$KHk4*a;9w9ZYla1m0I9}gMBo^Z@?6%az$qY?InLO???JX)(~-vq&X19!ZiPwc
zS1*A}p^4=<lLLPQdBt&725ti>M0HXb?g%^r63<>o0#AY*<FbAayiG)i_N=)a_!l(y
zIr5Fbmmq&`Fhu=I@~q@Zppja(s%@ht&jPI=dG2WPBG3*}fyv9jkkqnwO3+;o73W=G
zRO-1@dJQv<5bpwGQp>tO{zGXbNsTz2?x%RA1?kyakxP~jftf&>Z_*l@BL_%{o0>Qr
zi692&<8TzD`-v`*w}jS&IEq3uvbT;L?I;D(mm{ZfQ~>#+IJF!7N6!N|s!|*wI@3(6
zNKQv%(g=}{HMtxu;gyj|VMiy_w2DdS`znqe(7eoU5x-$%mT>e2$wPaSB<CGv90Ngy
z(es&-+#=!!IZNmGl5`0w>lg`=oz71sS!%D~m;iD$pCU2#ijK)39l5N^j#(hv6O`t@
zqo(6WkTOhaIo5&<r}c)6>=U&eo0W#kN_K2dEqnP9msQuX6Pjb}RnM^xWF(i~#Bmhl
zoLQDFsD<MkNPQ+P9lwKY;5e-u*FlDx?c)<|9Djm1IiHS>=g8+c=hNBo8k(hM<oKZO
z4qF;Io^vz##t{NCjpO(nks!HfT_@`vWAEXJ0r7I_JsoL59-46q1od%b2I<12uOkP@
zBeNDu?fo2i)5sRv%oz@F6oBRpm806(?<fK?%8XMnXsDw!h?~hUM>&wT+&;q{6+yP;
z)N#IZ)Bw3@juxL7>!=6P+ayhcCO8^`Ok=N!j>aIXm`rjs1)2SuVP-hR(E{WMYo<C{
zgLGyx&CwR*2KW0+M<<XC+|IKdT|r85JI`_S00}b5(4cvaJ|IU|3bXVDj)5R|d+U4_
zIfj5#tF7z4#4!ToK0T|YT6LLYG)N-dLzJXT&<e*mkR&EQIwphs&9zwRm<rOEb6(|`
z0V2%4h_SD6%mHa==KN#OddDJ=Q#@LJajZ%s&p6__FLpaNLNkHMUdJzK<a~ItBt6p<
zCfBt49owL(Z4w`mogm$q9B}LdDZEd4#oG@!4ucF~%|XX$kl7!R^B}E1B9}pSGCAb9
zk%p4Mv++j~<qUAhafb*!k6qm&BsnUMIUd1l-Xulnx|V~!@l2XPx?ZQePCG2Il4PK(
zmx`Qqq>7dMU=pp>6*=b!gr)#{op*$QbYriJ4kx^h&=Ev={qFF9EZR%I9(pC`=Sz-A
zkg?PnirjFd2N}+q`;J7AYo;dN{?t(%<Pm#4bCd!3p2-JCGRPE;6BE=qR`%CxlL(P9
zs5dlY*eheuaF8FF6bSkrqzlLSJZL${R3<fp_J9mzQa9)b$a*G?gMI_4d(9BJyU4n?
z2)YWg^Oz<rgKot7shv;1)udI>ZRA|e^rGL*1*P)JTC6p_Bnj}!-s#AZ+XOj4&T!<m
zL7^b`n6wXafjDUOzWu4pr(;mKSN3~h%2|<aLFu4*wN-0+24w-+LT8am(?2KyWImG-
zLB&9(G8q$89%KiTDM2+requ5$s6NOGCO-sy4Kk3)(x9#&-xSuRuMX-5a;}=rd4JFd
zklUQ|sh}w!0Zh&X%>fCfHSG?1g8itt9<&7H4<>hlegRp~R%`wWIt&uSng>CbK(_p4
zhzZ!^9tS<3AC}NlRbN|7@;vAXG^=QhBsHsp?ZIzB&YI*iyFK^=$ihE$9DA@et?Y}N
zwDwbx1A^^oWiPj7O<-^kNSk|F;|LCg*K76)33fr#kG)*Mkst%u%M%<6lFXXa!P!B!
zGD#bp4`dyCr3+33DbAX>;6fnpxHU2c7XdlRBy(^nkijNd7@Q-x0?5*ji2Oa2OH5&}
z9Kn@9&Tv_|gR2vveVN-iZ*U#uWoEeEo<F!DNFtNO;8q|pOo{||1gXZPXz({6!?|~g
z1@{NZ#`$~^JOpGs=TkCxIEcNC?)M78qd<lQ(Vaee4$mhl1WyLJ!K6X(VvxN|x&?0n
z>1vXNA%lYtr<EhBzeC3v9DD?t<AIt?488!ehU3f$ehBgf$5|2_kWRL0DfU_t9GFf<
zZefyQAsd6!Kr_lDTSI;g&IGdcBa#CovzbqA(&Pte%BAlL{tRRslS9F!K)hV~h2W|n
zsaf+NxE;tWuIZED&O~VS&R#Eqeb5YKVhI@vQjJMa$aIj!Ogtg;L1u7SQ6cL<p0Xx=
z$S)wbx%3<%dq93;k~`!$$R;KQL#~2YIZok_KS1PDcB<b$4|xhwm^EcX-hjLc(3(mi
z7P<rC5;<8@J;V)CpGlpN3?P4V>5W42g5=_|nuQbqS;m@HAw@tOO!|b>2C2rRe@KJ$
za<<9OWKc+RXs&SSLqpnv{K+{F3+W7!hP@_*3<gOu^H~@&D`ZM~ImXVI<Oq?e=?76+
zrK5G-XNAm!*JzHjFk~~xY%YC8$X+7!<w4f`9C93y7jWc5Ay+{<v*u99EyVeU<Gc#_
z2PD)aw?f{9q{<*${;pZCtwaJr*09&RkPwj1N*SUzt@M2Kfx0M=%}hc=GZGQvOD3Ms
zd>ITvCxYoI+<x-jdfL!Z@Os+8BEByn<75o2o<X+8hfbOl3T+8Zch(dQ{RWybOsa>D
zf+l}Q<>d-(5c)mHJX7Ne{VH@J$W4yiFmyTM9AnZt^bj=rIC78B8z5n3<iOB@p-(_!
zm`n_{#K{&*&2g56Mu3EN*0oq3>IJFGUMoW5L0Xt)1%|E-{Q@K-Ykmn$0;$ECy`k+v
z1~WMoIsoK0lPjTPKq_;bze4AN7$(UO`Z9Da$VJo38~Q5r7m&>+$v|Wm$Plv@8A4x&
z9s&t9Yw8WPgq;OhXGZo3OV~A#d|Y>1*j*w*9Hw!odO0xcImijlIdxcYM%jkN*efn9
zT}Ff4VwmI&ON6F4J!ue2|Ira7tRl!@CRM_!f|SmvHPymufV5`Kz_4VHN=*D=4L}x{
zWOV4Du*M*7STiK78OS!1Ob;Cz)*2*#U5mK<lUy+l4{HmO;djF%lft@#<fVL+W^P!2
zkacgg=I5|MAeKK<$QY27bRIXOkc_-3YywD*KMa#>4Vwm%jmgfiSs-!A7V-HDxqs~q
z`vIiKYQrR#!&ZQ_qI{I*TG(ok#Qnk~H^bI~lxK1`Y!gU*CilX&W|aGBc3PRMI1j?M
zXOwehpX>DN`AFG2kHW5GG%~ov-!l{`5cW9i8v4{jXW~+GSv(HAnQ<PCjfS@rp*QFd
zkt5;fb#xB`abASo0(o>pY2Jmt4SNJ~@3bN@VQ<5pfo!4HkY4XXt<HBK)9I?3B)P&;
zIc=F_hM#lfR8Bic8&gBS=y5tS$<imY#^VeIIb)XY6X8w|$Z0M;!WjWF(=6R5BAn46
z`Om7-eIm*k3sQq4$2il1{9s1T73Otj0olrtz0RB<eay(Y!s49yK?dK{kuy6#r&`dw
zN~>JeVqZ8bWs)slXqF;lL@8&@OtQbC=tsFqQ_5K<lWh49^qWUXgedE5j>y>uX-!#Y
zOOUVL>b@xFYy;A&gD$J0vm@eEr1!$8IF+5<GR>uUFJ7gP?(o{NR>!IA>;W>utb3cV
zTF%iReYoy*obx~$nRRay*4(+42tD1kLzmvxc?z03H#KSRJcriU!L2dKc@wSijX4f8
z8>5}i;B~aE_8RScNnUhZey7Pe=R1)4Jf6ongW~1b@R(!OCnh*UKpt@E6P>Pj8K+Vw
z6(@r+$r%|hTcd&*hpv!2W1wkrSC=)}nHq6ylN31-Hp7_#nv$%U>C6btorzlWgEI#-
zy;(EQnFx)S<1BU-fo4lbozD_yacKVjR`tbnvD8@-#KCcvI?I5JG0XCa<<1I-6UUkr
z&MMFx;(S&)lR)l|RO9Efu+`4mARj&=^+EED(50_-Hb(mlG9wGI#@QlXj@5Xx7Cs^^
z;kCu1TkL12e1{R;XXILJbbf<42k$725F4F6p}B4nACX=l3+W2E+6%Th`+>COn(lB8
z0U5z%9e2(}-RpCoo^&pT=8Ic8&MD_IB6Jm<_KT&J40@ZwX(zpMjxsz<EiXw1<A!r9
z$T-%#a2`ZWr_!&LrN$>-J5NK?mda9Iubt;WN>x#siq3zW58@3f?9Jy&b6I?FK0+M7
zscGr7xgM#~={H9zvd#4rWY1_7$L0)hy#fgyqe(FR^j+q>+SKH7hPdn?yO=m#VVPy`
z%;h*vmm8Y5Ox&(CAb&9NxH5p`=CUGP*+A}^IY&67T=X74s@I=fuNYVU%=4&Kr<rl+
z*Y-qYhHts1@vcOWWNx3#u7V(StEzfMIJ3Emf{f>~vb&0b6xprX(B{nHDhaZLH91}7
zP}5K|j!z`GszQ^cnu_cb`CVTk=f1^sU*vby0P!%XBnjo5f%9o%k|j)9xavaln@PTL
zwsAEDIXhbSP8(MX5HGi3J6Ai9Gxc;Wy1IIR?B~e+U4uaWGRX+%aMx&%pSY&OUE@J=
zbG;_G7JxLM<ChvgQ(VhXuVGxTsjeTP$u?GHIN7;M66(RNtXbt+3(cB2D$Zo*T1iOL
zf;DSh8==X;J-Epv@6DVmIybpC!7CekZFX&jS5dC%0h0`1a>TU*nnPUEqpm$5CAp@@
zTn9kD;hLUw9Y<NSxU5sIlhCx`IA@5+ky(|FO|4c^b;McMS!f2+@m&(H>#XY>$Ywgm
zNkYH+ab3(TkIO6RNF>Q~=S9~wjIk@Gmrq=D-Go;t9aEIoW!D{$E8Q$+<Ud@m5vTi1
zr5Pjcy5w8_Tw+Z#MZB)NE^8LKpH2-`UOsvz!Inj8nqJY7AGuONbF_r^dg2O(=G|?r
zdE#<rkvU)GoZq>;&@}j2*Yuq$JxEs0*>Gn8IY7^$sn!T^=SEqP6?8s<?mW=^OjprW
zO#|I|K}tmG(jD#sAkDk$x`(>UWRYjkP4=nMeIm?V8Ja_88{Tz>xvPQHAEhHZ-L*lM
ze5;AaT@OU8S8?t-)4IO}`QB^|n=74r97q_ge^iF)-7`UIj?;1C+$%uBORAi0u1xN$
zAeq@Kv-=^)%?MqutnLpW<8EnE)SWS_?42a8X<2s>5I0?UQ>B-4mjvnkP?PfRIv^{U
zRB*QgDf5@sRCIUADqAe(ohFss-J$8prB`;3gk~q5m8i0k+>=2zvsX>`Y<T5wuQc&S
zP4@zjN8yH;RNSDIO)d8#kcn>ulf@vn3=5OxAZ4frl~--|8j$9xbe!7mpF!5p=+&Cd
zAVuiu2t~efZv%0}Xia1H9+0rTTGQBl0AvcSMU_`$_YshjHeFU@_X&{vTzX^o8IUu3
zQoPQC%%_p5<6HuH{R_SM^RXcgI2*gKXO(+gTUrUr-#O474fmhW9DYFW?Ez`!ew<bA
zO`+2i$!xTC{|&G9G)pK=Yxg^N8MIE2B;NSiZDf;?x3*N|ysNF-2{NCatCX4@MBE@V
zDx_%AWRr8$xHF2-ld<mjY;ugnbW~)nyPZ38Hkr@H>542f+PSkL&a~UA7Ux~<+&K`Z
zG{<T0E&`3Wk}CbYtG&A@G*@XBmH7zK!CeJqy)(UhM5@B;g_-ktS7&z}cui!lZtmvr
zDntFQTBDo0B}o09DxZ4pvF=tNnK|-UcWaP;%(^#pk9W5PIdxa%bHp{?-3jEl*@mOt
zliWQ)j+$Q6-ILvYL0o?*uNe1K_i&I!T-H?gD3B$zLX#QJbx(7T1=(S?*is_nL3Y!8
zC^a$e>F#MDbvVv+_Y9E1l~qmGyJxs(gFK;Y@5*bYdm+eMvweJGrh73+G_4q==74*a
zdl|?w*35FRq*Wh{L)uTJ#%s)RuLJp^gCfE+&%FU&UCdTJ?^@{I1`=FRX?D1mxQ~Er
zDzC|M_a%^g{S`UyTH(G4^2I4VT7Ggr0&&ujNS1!ywc7m#<hWV)9j>3<A=%|P^jNiK
zgWCymwwx|&qdP-(Ip(k4Rpf|klRFzUd&_Fg7Iz+yicGe;3xTxTts`%9mje0C?DsRS
zU)@zf&au}HcTJGVhqc#EcSDd%=GeI8+UxEL@(cIiUbhcqqd5}djeYK3AT_ua``kl7
zZkS`^zH7gG49IzNZ1i&<a8CyLnj;@{&j6Wej*aK8L+;ri#(kAxKlfqxB9OpyiqLN~
z+{@8owdqQ-YWbt?mC(E?qsR{TQTG~<tmgO;?qlxFAb)Vq$K2aM=$%?-oD=T7AU(Oo
zPP)&6^r)yKpK@OU8Ow1_yKiNe^N-!E7yU}!{Q#uXO*L91c?j}79WP|gDI~xwOOi*~
z<#^uQL6s#uXWWlb)_Ze=pKzUXzl7!r?}O*uZ$PH<{`H$%<nU9RGG-jFao%muA;)3;
z%PKOhzT6Iw8M!RN+f>f0m)s#BVZ$}K?v4g|nnsfwZZF8Om$bK$mrvYsX98(3k5+<+
zbIY9_q|HK2{&45XVHiR*4_0w#h2|~*O*}o(p}g+9i-A1IqrD!u%YwXQ&0}}v9CA;|
zy+dhy;-$L*G%M(LZ7R+ycO#JM^qVzB-nd(Vv>U2&-r;)dZihHuUeIygySsr@jn^5z
zclUr-v)P7t-B7kq2~RJOKMrY9#^VP$cu|vbp6@_vT%$Xb@T%Y$4^p*}CY3zXKw8s%
zI;E-NnFDf}+E9_|p2Z-mshuV9iMpP3Ab%IIn3{T?UqJjvwO4)5PLQd^w5Flw7{~@%
zYpKYMJ->l0r;(sYGtX@h>))ER@Z1BrF+!C-+1=9f45Tl;^FevF^gIX2`?K;I;cn%5
z3(|tlfTX4kk$*sjFVT^^cq}>PIK0<e$LZ#AfaKuFy**Bly+V8S^P~njPcwij-S5c+
za`C=y)ghjoAQS)5WSFNANP`dBYrLmCNUwWZGr?0Gq#TVX6?w9!F34N@g@_{4JuN{-
zHPM<mp0*%c=<OCtGtbjCr(Ah%rZFbTWcO0f0BBqf6lv)G+2aQ}#l7>ZXDCPr?aM08
z4$o+i&fH?VJX1i5(KRBaIp~=KvL#HHe%P}Jr5~beM5^>7o@LPZXdhHw$2}`R9$nRC
zo%E~)`Hof~Qq$0V+OrX4E!X{$XEVr*C>`gDXAel-0A2bu&tZ^%j%dww&q<JMOEtOS
z`5hz^omZ-SZh3BjY@+K?iu~dE3#3h9t-0fQ3{r+mzw3DcvSEtWJolu^B}dd;9^tP&
zK_D@99a)4&gM3f3u`0_5PY;sjw$k{7H9QN*qC1)dhbMqU^wn`9!;6DdzOOYg;T1s&
zaGdnv@~z1((bc9h^og9|EkVM#7P-P(gAAwnN9I#IJa2dpkQ{?`<h<d%Kz@zYHBAWj
zgWUQ{Yifm0CL%<wce-A6!e{1^Gh}BovQG>O-wdzT=Ke0pHfRdbTqjHSiDBV8p;^+;
z5Wh~BbKQ*a-5}ZN%vX`w;YV`G5x#`HB=L#);pd=fPS?5}ho#rD@bic~jx>_^#LDpN
z&`i6lHEY9ff{dX5ue>&d{{<33?=MzlbNCaK^$o|_68;*R1vFZe=GX8yAQidv9pRST
zvgJoqG(;k`$`04=a7S*L^ZK6*QJ&8Cd}2?y6J!&U{oyh2l5fJ4nxkTWcxsU3A@rvD
zRrCyy>p*xmkTo<%DRMkKFG%?{^uB9oPKFl*`IY{q$Zz2#Kw8kgtjLA%azyCOi*y{k
z;FEWbZid%FJ}0TBiu@7YD7Wmvp>~T%OCy->Ge$H)oM_5Uk{vEvL^F_PSrn<~aYeKN
zc|~t?R~lDDTaXJ6mBuGxBD#P~i`QPMBYYsMXk?DuAzLhUL@&xmh$)nzBtDTQVi@wt
zomrE#5#!;N;h7;GJ(c;Ch?od+kmglIN<~ZusYq8i6)7Dt8>DVmi%H5x%mbNB?V~gm
zB9?;`Wl|+#9mtV$T2n1zGe`(s%}`!7BDRCnTdFll5&J-v)4EP-s(NZg909qqPHSpK
zoCNuOmx@!>Qzzm)NC6sADsr8Oiy*1!E}kOwBCdm!qBV&k4I=J<*y#6PiZqOP0FslQ
zXjP<H#2b+8tZ5PP0j+wST2*R%qE$qyJaY8*;99(h2mrawb$=b<0eO-~M}8BL8e}i^
zpejp5W(4_=S8D<z^Ma)3zHmj#w^+EuZmwx~WJ!=2bi7b;Qb$$>`GV>`s~^1w&y^vv
zP98Zj{aGv^^bA8}18DZAHbf!p1$iPHf=r>6gChAO+kwdURVq>_vO7qR;ac-qWM4!+
zOsyd`KJj^^ADVAzv?#B#k%K`Va9QOeM}k=B*TGWL#$7RTJV-XWeyF^vM@|G;OGidU
zYDCTe2?*4hq{z7-D`-S1O|8f!AbwhpDbgTv9mt`pnly~u0&*i#lg5#|LE3YM%_5J2
zEaF<Uj{FTZO{O-?-$Tv-9U`yik$c<?+T+S%PUseSlZZ=XC5<BAMBYQ3^Yja>*Q@1z
z`hBEaC%eQhdS-jbZb{}wJ_RYi)-cKZ$k!;VG_|VK(A%dY-$T>Er8EuQyCXk<lx?HP
zQ1{_TOI{gy_K*}}%Padmg!0*3L*{%q(hg#w$h+3a$fqI$L5h<m2=zJ>8H6}TX)TeR
z*1kJjcOyeU!qaQ=XQUfs8*A=I#(-3%-*zdlhmq+(e6=)r6qyZV)-+9?M&<?iljFRM
z{0yYd0>g~+CbASr&Z(MsqN;#=Tip;}uafgvcvKCL$6ie$qmn@yenZc<%$1s$sKy{y
zs?jqZAZemnq3*+|H6)?8Q%1Fi=1;l;tTb7oI)dz-uf1|c^@P`bn)wsZhPk8qgS4kM
zd`Z79qkAq<1M|wU(T&DN_t~<Y>DPnMY$Gp4sz;4N<jS<FoI>XYJ6z+U<nM6lJvm1V
zlT3)33^IWBN~M_?H3OtldQB!r%>`-An(0w1Kqk_8it?HnwGLz&li5+5LHfq(ICG-5
zgX{^ih}=bFi_MMNkDN~*q-UFn(ECZEjzSYZPLUn1B~iyg#vagQS=2d@$ssz<im1yV
zyP5nLbrYoMA?>v?>Q9gbR0~!5>Zm6mX$x!3ny6PGU(s4!Y1T*mgA9+@Rax{_lc-er
zWE*-8Yp*>~0U#?m^1i505Id9oQSxg}E+N}cMLrmn1|*oqm?DRx;z0h+uF27;Y)V7x
zaHTmOl^5i5w<af}3WCVKP@2<GpM(6v?R++>EXe!4y7co=RY7voNKjtCN69ZN(K`}p
z<)Fx=s0JWU#%ppVsu@T(Iu<C+^{6)a29Z|`jqp}m<T$(;)d^%4krvBjpT3Ujl24A+
zsx(#=aYc7SoWk@A8cAsXitY{4gpQtyq>dg0uW~uGS8Vh!Xo|2`hUifs7jtT__~^+X
zN2v{)d?q7jjs70wD%D+)?9mHBD!<m6oYBic4p!16SM(~7AUa+sue{M4LFQ-Bn*7n*
zK_WIO;uFQAkAS?7&|VdyFQ7H*QESLJ^bYpuE6|juW1NayBl;T1FnU5jk($weflTCD
z)Q)}(vTUl>G>Co+vVrDI<<&4+B*-2dN;8`xO``)rGIN~f(V-w8=-!Rew2Y1fsWw`Z
z_R+B*^LlF1DLNC#`>{H5*XW!e`RF*P;`EG81S#@F)oX;icXVNp;#m!`i=M98;p!V*
z6y$3<LsX=HbV(3-HA51g7!X|!WE0)VQksF$bwD1TR&jh{M087#FIY1=x)aDk)=Y}-
zlORXt=Vn<xF)ey9$Sdj#Ro3k2q41i<ah6372RX-aevBRqB3GU&pH<NlK?<JL`K*ba
z0di`w)~t)34HC_o4bclg<myz#*&MwDq!yRHHF_1ub}oHq^cIk-x3t&Z=$#;Py{h8u
zi{1y4hUPj&4n!XXnYl=l!_j9!{-9Y)X^ux<0U64glhL<9er0kl`VmMvS`8|%i_xz@
z7SsK1MXp4D0NG1(f+AO=L-WgV*kpv(T#t?b`G@8frMVd$3$lXCx*Z({^0ut@x)YrZ
zq!VlYjLr+vkM<N5=RtH4kcV8aN6{rg_OaLF=n5c}kLuE&MArhz@=}xM(Tzalx>rSh
z8Ql`3Klg<trYlGymlY7x8$_;+l~-VlA4FbZP{bKC8l>#knz&*nfn4OWJTWss#&TKF
zG4nuv=6+8bvjiktQ$sYv8CklRpFrZ8TEx#Q<y@B`=4X&FCYfTkfaIb3-AWT5vmK;p
zTkVxKW<SW!^ga-!$sThI#GXcb<%~H4BG>9llQ-rP$SqoVDw03u7RY5f5-CzJ=5Btu
z4{o46P7-==bIc=X3UG!=F;76gZ=xgDjClbvj!B)E_aI%^D>=rJD96}cn%PuYbz=fR
zYOtn$Oc+Q#I>IVVqnId=FX_xhk)|<T5Z_Q;ddry1An&;JK{2^NexbQedNp(pipdL7
zkgip#IJ0B&gG6r7k-v}m9Apw59i+x5evGLO63^|tDW)aJ7jz_2akj>EPL#*W9dza*
z$z`!E<{M~+(;Zc%*=v$O8sUl@jp+kTGp_rIn4uu^nVgRK4&*l1>rBizkkPC;8#4){
zS{q%jb1~CEO0(vC%=aLD=oqI;zZ|m&WB_Zf#{39!p6h-iW*x{H*4&QSlqknWQ(CWX
z>?2nWf5dDf4gHFX)(Q3M$rgJRvz=Ol-bG2{N0B!%2N5UwbNZqc{jSL;-o_jTad)6E
zJrOx7?5U4}<nE|RV(Qn4^6tsi{`9pfcr{9$sequu`ZlEk>CY#cq|QN~FcG5UDn%}f
z!D(_9NF~Quaha9Wd`rYiq&KbA<zGYh=rp-N<XNr!qc=IH$qg^L-cV$0nnY*{()}Gp
z#-;fTW!3*e#knjdq$vsV;;zzM7PC##yr<U8Gf8@SCy)HQEcTk@w~|_O#w6K$Y4XA(
zr8$l#mdc`9<T$M~J`rn@&gJDZu(B3uW6MGFE1jn(k}<XtokO_9PFfWx5+7Ry<PeiA
zu{A+bS}c2PGFqcnF*u36B6sXph}@~2Dm{adJGN1Q0E!$Qr}N1Z+Z39zPn8$FgFUtx
z;@qIsh5Yl;_k>!5q}ips_KNbc?LZdL`JmF2kL`fS|InIEkqWV$pxL%ld)1HajIy$E
zKJ{a}f|OjRy&A-Jrw<F!dpu}7t2hl~ebDq`uNJWb3&>Y!7VM-nE~91aV3gJA5uB**
zEn|nmtKl6*d_+cobY}8(>}W+c>ayC!jt6PXq*Lrfkg-g<#ZCsPa8rBrjGc<UNXfZ(
z>`aWYgT<8Qvgi}LsK5})IqP2SHGqhfYPxN=BE@3-u}eXQGZ`Pd0%Qi0)v-UJrU$kw
zuY8`zv1>pY{i4Z}*!3U}%r?yDc^bPBWXxu*c^3N%NaJ5Mc^<nBB$PETVt0TXW%4q1
zH%K)muVVLs<mS>}#~uV}#G1cjk0>wJyoo&yQk==#*i#_iv)8-Wvmlq5ypKH(GJtdb
zC-!%cm8|&?dj+HuYlQbYNN&~`-diB=nOMAcK*q9{)%zDnTF%hseE>3tHL1Lhm4@Tk
zz0W`%FbVL!1nJKt(EB$?aV8G$JCIN=E6Do+q$6vBy_SM<hV00i5N|4w_uR{&-awFT
z>=ot>1{up<PH$L2IU{A6toq$2TwZrUIotg3n<j2=I5h9;X%g;@0x3cF9ONHe$M$9f
z8A&t0{L5gZ^=1S4fu4Pme{^Nin+xPBYchHBfplP!)ms1=o@1|E-p@d`Fv;sJ2CqJ!
z>3s5gOM(RL(4?rhJjl`3niTU^1gXhomGxEz`O}<9;*HAQ8X#xsh$jEML~4R$H@!wg
zSMw%=lr)LUsOGJQ4DYqoUe&w}3d+4Zn(ph#zX)e-ZxeXsHc3qCy543WRwnhltw2th
z?L5@kz}vncT`m`S%c*(wviQo|5t@ZuuSO=>!lbFU3p923DAU5*9mL;WWthQe;q8H(
zCvQ_EpXY0DACSB}leF>n2N}wwt=A87hrQZ)hk!I^O?&Tfkc~__ct?V4V6Tqe(IAVM
zbn=b^Dal@)y%RyEFzMo*0+N&WxUSymAVWA#H}5QvbnMmLI|rmYlW)B9K#Fl3pLZe1
zIgZoAy96YOy?T0=gDhs!%exZ9!Et(fSA(Qs(#N|F<TXd`>)ilSjWzwen?Yu7(S6b1
zyA}ODknWAjzsq8PcRPA;$0VhpJBCE$3{acB277mceAuev4Ds#(xz3uQ-u)msIiF$P
zLm+k8Yq<9)NGaBQ>pcOofHfn$r$IWhW~BEV$QNAJcisyif3nvo?<J7_Oh$XJg4E?W
zW4t#&4s)Eb-rFFNtQqIM3$leZ<GuGlj&Z9_@IC}N$Yo9RJ^=~i9-QQT4l;-5!^z%P
zAniEv6z?05pE&YV?|YD6*=w3t6q0@MioK?LtswufW`@@e(vkC->2-jFvDYkb2*_sE
z%=S7#CNcTm>jCM*UUR&WAOWoT!5af|g>#<ojRpCRy%u@Xf&9vv<=!~u#W}C?#)D+#
z$m_jXK_0T#W^WFV3at6nn;YaG*6j4=13AW#_jnUQqS<S|w-87k&hU`82*^YBI_fP3
zQkcC?c}sw#W3S)5r9m#R=AyS8$WI*SvbQ403ii6;tx`zNv?+Vs9dGqd$UP#mms5_O
zk4(~^BR}>gL9?I7>Jx8mkSbmEp8M2Ww@^6!<3*g>yEhvzy!AlR7WtH1jQo_G`utPU
zvC*ewh$>2?L|&BbQ_V#Bije$E(a;6pPso_4PsvO3Y$C<0)4zEwrzhX!Uy5c+-A~Dw
zDxVUo?Nbs*Us{xZDRGkPeM&~fd`fav{gk}?H?scU+OYP&wOGNdpT>Dp`%}`Y_^0HL
zoS%{fnLi~f0zM^0BR(Z`OAmi3b+4S|Q}So@r=-chwezfht9zDz=^eTDyLw$!-Y4WZ
zG(_G}7LkW`21C5aLr-nM`kNZ)Gg$NJ%bKZZG#R4oK>8IgSWVMP^8fg~Ft_eIX^4{8
zx;uhm!J{%=f00&_f81F5#b+fM<p5nzC<k3>TESF;b%U-6RfF}2t#0Er`-^f(!qzP_
z>HAQyekWERR_*5oeLGZU|BCjVX0Te7w3w_LS;}`HS*@_OIeUmYI!YK>N*6%;fQs_<
zJ7Jd5g)FtTEj_8JN=rk1s4V&}o@k56vnE<hYZWo&@he%X+<T36rq(6~eFaqJTrrc5
zT$?PVTb@R<4P+^{Cs?x+WGS|5hGs{}QY`&K&2o^X*sQ6VEhbB`biFjoPL^UBx@i_i
zmSS(IKU6L4!*ol!$x>TG=x&hO+NYz%Y^xz;shW#Dx^*37Db|ag#8V!F-qLpq(FVO}
zzgJdz8f#`t*41q~m^_s4XtGqf2WUD~QAV(DF7`b`Tb0K(vXsaE)ta3qOR-XZy1t7H
zE<|dpKC?ucztz?ZY!x48&^K0Pzom@gVmEYt706PNFVTu#`3`KZEVqd7PuJPV*Dd6`
zRQtfnPS>0Vl9fp$?VvmTu)gR^-?1bsPF(c}(VzC7II%FDw(c@pX|e=S=p21dfjsCp
zZySY}0L%Hc-fNf8IlxrJOaFwPB7yY-J&7<E))Km7y$DunYF+uPjv*RXqOaM)`jErG
z-W?|vT%&K2LU%rm0V_d7{$G`Ah?ERuxoZ*S$$MR+HuOA>oFn2yor=0#sgqw_rtiZs
zD|FEiTfthHR)TnRM%6q{^m7X{=f)d!8@z3;+h8%B@yRww_OFdlHA?mmo1m@Hjg&6g
z-<Pe%4K%woQ0um_HFbjCI?}Y_#Cy74Cg;fnakZr(c2a2x;vzk>y$@D_Xl>o2`W{9-
zj?;)Z0V{k6{h|++*dxS6SU+|*%-#=eZxL6C#fkB5L)?P(51p+mtJ!^eGb}t-QM`w+
z{?GAJJY)vX{+~Tw!z0aa|8>rWI8OIG-a}XO0?qnX*_U#R+hIMU9t?stY`r1EU~Tze
znC&u)-WH)+==x>)K0LN&eq@MfSclk}c9f!0i_-|BQLK(p{nD$^X^6#K?mc=wS;dp(
zsxg!@+Vjv1r?&ph9w}L+qw%La!nw4)Bk1{b<l?3~%c|cR(%c?LEKaPPVu&o*TBEei
zrJVdXSl&eX@-VDiKkJ&m=QbEi9;(&49ns_2II68PE!CbvUu|V}$n;I}*G{k6AVDme
zXNa6sMxr<$pvI6}?5j`5Z#w=a`SXrb<21?t;wNpDq2sD-za)R-IocY!Oj`wc>zqNF
z)%a0cKbTPxMA#epMLLz6AkI{x=ds92^0%fDt0KFCwbkp4_D#j?`{kNV;xaPPQ&!6N
zD%~ki*4Sy<>dID2wg$2F6<bZ{*r<GWkJQ!#E-m$3&F(MI)&aKOvUQEE06MO!c>A~|
zPqMXyt-OP^t|Djfc8O+zOSM&uYgu8sW{0>J?iJ9j_OiO(nwFMtDuY$Y+B!`~cEv8U
zwQ!(jtGO>Pa|Tb@y3N)R&gvPnFURXBb<BELMHxCq6{Y^Qic)l!QkH8KXN#!4(JG#s
zIa|f=^c0%f`mUs^hgA&Npsn>TLzF<2yL3%VSzW)>ThkZR)|#R^%D6_FRiLNL<i2ke
zX;_!om)`G;cpvr&(@IrYd!%CB7>+lL<NZVnaFyxrZL~GGj`n@ZQHK4kTEi+HvF<oq
z_o!SIWj*_jW9vOf>Ci$)cALi!tJuR^kF&Mqp03AiwhXqq?G~au>RX4cu56W|6@Y3D
z*N=v%0$n-t2xb+_sQpx?=aO~5-K8E>EMH1n)zrG<ytO(<$;(!U*V;EDv+LyXCCYVN
z)MF^WIocCMFKT<4Rf6ceQ&~y=|Gj-Rj`z#Lyf388W+UnBMAkgX|MM7aZDH#L?+fL4
zUv+c5>gHZ%73u%dy}y7*(=?hBRh!1qIg_%!j<uNm(O|PMt*Z1ym+GSvuMGM&G4+YC
zcF-Odd7PFdor<#UGaV&mUl?^oZ;jcntz{W?&n%{%sf+&DQC}SmtYR^ZrUvK*-5>v(
zz3_O2$|}kKt9jm-<ZroBv%mS6(w<piZt+~~o0I4E(>$XOHG9k8UZ67sb0pI98dOW!
zy7XK%pUrkWsLG{hLCrBv$L%Vr#SPJ(o&uKbOz%vl*+R}u^s5ZEwsX9P9B(eO8zxKg
zryN7|@vW9$AHiz*^%1O=UmwA0`SlU3mOtePmU1Nd-`hWa<CZKoS@(yvkhbP$(pKwO
zZON~F$`(rUN7=Qtcd53X7SvV`_Vuu@GemFwKkrBKxS&RR@2B+i8^*5eH@T9ric`n+
z$UaIloYGz9xqXj|o>auh{=K1^;gbA%_W9o&<JFq0T$21#%zZFH<f1!8YOY&P=ZMPc
zVa@^xB1a#!Cnt!uH0spWOeRb6KQ`A_hWNs-q8MTY9qH6~mS;-J%0Xv$%5wA8;(nz|
z@=qV5R)Wd?YUbJ^*`MEBX(ju=VW!uA$$q^KOZMw^Sh8QQ!;*OvC-W#y=24u?qd1vI
zaWc>C$$q^KOZMw^Sh8QQ!;<}a9hU6Z>#$_MUWX<7^*SuspRx{1S>2?pX;RiXDQlXP
zb&g)$)bcM}rbbwz_=)ykdAv*%<Jf9Qt=k5yI$P~b%PKC?e6NnMy=c_Qwx_FWF?uA{
zp))=;CQq6xfF%F_Jkun<UWcXRT+6RlWVQTyby&-v)?6Ld^6S-MqS#~Rmnb%|b%L$N
zbo`ZTsak%$+N|ZDV9w8pV(XtY3)0p^v5Ku8R3lm6MA5_?u~rdowwhJ!C!M+1nr&qh
zOJ`cJVzh}oE%g2oX|617;wh~ZWEpgR=u)K-Tcys~|0llNep0^l)D}H4Bd=v7`H$0c
zZ8EF>6fY$M+eaCA3MpTk*g{d{^#ig_>a(%`e<C}2eH!`WqedTdbSClsmc;uT9Xa_p
zsE-;+yuT&+Q_kuBw~iWiF@k0!*>84XHCH!w(TA99XS?W1mYk{W;w_yAD4m;iPt0=z
zySPJ^(p{kQMtQ}{DsIQo6;kX`_sQx8OP(*N$Zu)pSI2-iWc8%2#z#G)`zT(FDWh7~
zzzCDRDdQlHdo@n%rLn87k?H<OVf6ex^}NiAu2$3BuB>;Ii?VuVvY6-lhnlKdCi$J^
z)z&0`o^r~H6W`K#Pd~~u$-gp5)gw;SJx^b=Bo-&`)KpAmI-FR%$nZ+<3%5(EGo^T8
zGnrNRcB!_vidlt~uT{*wW{B^|*D5;xAGRilvb4vK`<F6OA}5HhW*I5EIPt6^eNlzl
zp^#WYXD7<4OII%^Q<OqNS~JLs6Th6I_wvAU(o?wd+E*s=lAa1x)-dW1d2J+4tZQr$
zbI77=H*sp7j1%YS*eG?>E_A$9I@yEj>P(X%^tEJoyjeq6I$^C#XAvu5-Jz}OO3WzQ
zx|X-fc!oGtMqiV;NVCdDY&B?gxD}Q>husP5H2s=;AFRRib$<-IL)WFi($brMWLAc_
zN@qLDvU+umTomsFZH*Hn7aHO$tj$XdaS_(+5kg#r@5bjkawx4(<d~$l`k8HDh%06E
zeV6NNgt!HdokP^MQbRNwPv3<Clh*|0^;oJ6Z@u!EuK!`{CAJO}w}@w8&PZ*^tX_kC
zZqt3)r>H8UkjUiJRzb>5j`2cbV`XhMqo+F+D@b=+l=WR5ZFRM3YdG!qYU}&}ZMn}0
zw3=H4(K=i9s#_GL<A-d?1TojCuaMsPpvH?KBJZjrNwWXUVQtkot}KJEJs9GCEVTq`
zBxcYRG+5(#kE;8HDlJhgqyCkp#fgJf-IpmITfQ`eg<8ZAQ4~)_Nn!f@%@9wn&~J&M
zn@=l%5Loh>pzN6hvF|O_i&&x<u}alEQ4Cn1tv~p<dYP@J8R%D#$hinHHQEiD`IU99
zg}yF2jIIwUHgcY}s<KBUd)#M_8SF9J^hox<Zmz~(vj4Ve(F{sgB~|1y8FWjYqhG+O
zG5#}Oi!A=P&SlRDeH^sW)jV~#V9RN3%|4~Ai;t)^(Lxsu9q$gaZ;xu-T;6KuT;AJs
zR_odFX4Nc+YN_^~&QH}oV-r5w2W8GSah$Gd$gMW9mG)IxH=9^NbB^pSn+S|oQEXxv
z%^Px@+C&Drf~)G$oBBigCW^{r#gfN=?$!U)mvzj(j1yVtE}0w=abgtRJ(Oj{iOS8?
z_2)S816?0i`|qXzb<{9KhTTGBpwi-aKQF*{5DEx=2cdx2l}7C;1w<B_OXLh!K<K*)
zaiSZ=Q?sa?Z8IZYg=b0^CkB+zY!mGjO4p8<vM%+anTz7Z2^(AIOX+qAoN5s{C|;7k
ze0tSFN&dg{>t4{l)V`*#A+&FtNSUvu)l*j?=o)ozeGFYeGyiaED?_yGL-(VR^N%~I
zUSt&#D|vpQMWi{aoS<tmYJS<x*7vL%W$Nfmi6f_!cAxJH1@nBW%l-JCP0HOH-Oe9x
zO<~(otM*F}hu9hrqFG9m6swN8mF}O@nXs%!lD{II9V;t;l(y2)aZs|4%Pk+K`Z9rg
z-z_R!Q0t)tv7ap2e(~Z3-4`lCR)PqADa03KCGu!WWZ#s?aY7y&OOcLxpRP-lht<WL
zpAF%sBb_?d{`xJQbJEsi|F2;x(>U=NUE!-itdM9;cM9u}We9nkZU8GKN=xGEs5X|5
z-Ll*!h*yE?EB8D)TkN7nShBy?Rn2Og(^dk_K1$c0jw#CepZlh?K}wq@@E)b=(US7Z
z#O;y^^=%7wklq#036`u!cd`;i&XN|<3s$zm`V721T|Jj;)+B#Bvij531W}KUAM!jZ
zLHtO2nOq^$OhfaypSBhfi<YT7M1{l;0ouC5><szJJ7<N&v;k^sg2-d8+-O{-Rqc}G
zAKXw|#mqCqB!7uwiY18E=~a{j@!cqGJs}SnIYG1;t*xr$t61~zw6%hwD7J-t<L=PY
ztEgK^nww<ZlKhrzs^60Q_v`3+<C<yFo3P9_pwa4AIx3mYO=Yhd;zBLWobk#kBwm=;
z>k_zK5`=CSy7y$ZOOpR5xgSw3N&YW#=oZ)cCHZg8)?5EytweFcOY;>)P87A{l@%|Z
zUDDPCI+Bc{t?}aY=c@PPMVDQwt&;uE&1=oc{)g1lYV6*oT$J^c)(pyOH%MF8*yH^;
z%@z$-R=l`kmTMC~tQKNCm1`4~Y5!H$*E`kNu!$cZXe$lPiLwl0bRTC5JbE2B#7wf1
z{Ih93m0ROQ7TSMh|Hg|#YqeEonnnCTI(iO*=5aYrll&u1k2rC>pX#GHVWIo+GD@5{
zY>vb@F`C*+MV3((l5d>IZbpt1^7@r5El$X*R?<rLXEU#MC;RiUmCLkfW}K|YhA!6-
zf6$s*jyeNTmQfiIqS11Cc7d$SqI^C>tcNv^?tjP@$}CDyY0CPJj+aXJ!&r69OC`$D
z9wm>B38EnN!e;VF5EaN$du@HT+OyT4EP16e$?sW8BaGT0QB0w=t-8L^obFW1t?{BT
z&C0Ue6w4+i{$z-4#BAd2mwL3Hrg$<+yr^hqA1`K8zwL%^h}oC%;-BlfS5u-4Dz4*Q
zze#UzB#%Nu$4d~)C_hz?(PXLF=O&Fw#m<o>b4g?mmETd6t6MT&?9Oiyr@=m~pd&sk
z4~;)HayHYLRMy&XHLt~s#x&>1krOZI4dCY1DKtuyZkoC87viyz<X^J*<B@Zjd=o{d
z`SiXHST4GTBCP~5hOT@{E6G10lfb>FB>&;s$|@xK(JEY)kr`t{>OL-`&BBk%_~VnU
z%@=*V^&V~g?=pB_P-oDpskS;$e)5jkf0xVCf2r@||6ytWAA9c|E>*F#kJjuN5G6;+
zu-uy{3d4p$vVcTMLl_Anpdg~C<Qx`3C4+(_K@e1ufC7RFB0&)&qNs?7SwTfW5wqO4
zySi%4mMw>KzVrQl&vWnH`=9rzPSw@b)z#I#dJdJoxSlV{(DR=zqP3~mEt-DB{pQ&O
zU2JQ6Gf48c|ERTpCBMHi^yu70w6UeN^y5({wYYzNkD|06UYgOI%ysC-4C5Bb@~^ez
z{C59U-!9J}ze_KojpA+w#Qo4U(#!MvmU)k6X6R9_e`u|}FKx8fHvUyVhGeKY|3B26
zJg1APu04N|nmsCmtO{pnBkmWk!*e<_PUHRqH;I4nNn1uNp%SPi?th%2X3x^nbmcVb
zTUkpZaLPW&%M}<!sRwMLsU^+YA+B$3hWf6wWwU3fuZpEr#|UzLH66;lzSlF%fa<nv
z-V742WodOYv{B#E{7a+_kwG%2jWX17oh^~bP)l=5>wc-!a?D9Gxt2{C_-k!T{E|Ti
z?JaGSlRYd=gzJkWNv(N?5}j;`lWnA38Mn+O^koJPy4kW7GxW{84<7fUDskyYG6z*M
zaL~t=*qNc0ewHR>u^z$KGb5NeSK~8qHNci#m!XZJpy9M?7`~{ssQwd-lGm~iGH~GA
zeCMy1|H-VqJHtrdlc8qJC}(M+Bx`cqKYz{3%!<Ny#E!tM&Yty*jGq{#MQ+~{rO({H
z2W6dqAEh+sF(&+<;4MuBFNhO56r-oJ63qZDMm1u1MctzExrNry(aMrJEj8_ywWq4g
z!B5y}a_r`+_XX`jP{G89Jj##vkrtpnMoWNjvv)V|-*CfLqw#X8l^mg`huO2lc^PV1
zj<VJ0Hdof8Q<otgZtIhLT=Ns!+EYMTG)j_%mL<do?xQDDF{MdVBc%BvGzuQ0@%19q
zqXT=T5qi}{M7T$WE01QD;~qsQJU4~5fEJ+}N2bs=iw?V3c!b`~&K`G!@I{TQxwN9%
zsmx!5YTzt?C&~uV3Xg6_1jxiFJlYP#ai7KTC-)#9PCRgCz0abG(*+fTXa0tz^=g`8
zZ?mM)H9xW)k5Iss;q-0f`#bmVTbk4yp<fXPHvVpeiv1-0eWL`&ZX&dGKgTB{^d^wu
zK0=QuEokkS(k?6w=|_Yz%B8;LpoO+8+#_0x2$e}q_}`r7J8}ts^7De~zA5NV>}NRN
zSloGM)KAffQbLO>>ZxcaV(VOj-V(Hasgzia8NjJ4ux>G`sU>=TEU9A@)tD!=@fbla
zv2=m(cbDcXr`(r&K=Q?>3VQ5UY3-Ac(8?7Rw7im_I~GdKLplp>L?c0KdosfKA|LDh
zS$7{K;s4c(wKL&wjj;|T{FvLX;;zBZlG;nr<`l^nJu9jEAs1t>;{FgsNDaa{Oii%|
z-Jlyxn}!}S+KE)QCB|+XfnFv2L5RY#tX_u=Gblz+_#yffscAH8Pzrrz(P`p-q^Y*2
z(H(zs+#7qu+*~$|mKEVRYcefu0MD6(zj%X4sAD&gbEiiHRh+`Sq|wc}q`s8F9KVm!
zo65m6ZkDCd2QT9k#`5=?qHOEg(qM0j`&>r$3BTbkX`|;Nkz@k92_u(;-?P7<Z8Zgz
z*3{g+g!ZSV=I$r7NN+*@-Ga{CDX68UZqd|F?vm7xwdP)$`i_<@t7R8z>JBaYtd?!6
zsWY|gVdb=@_G5t7_qLWOqiFB#!qwV41U;^_sY<&=Y2PbtY9A?a_ici1S6XYOl~dYA
zrIqX}C2m#ptEOJ7w0D#?O=+KLk1F0OwLGu1h|=aOt&P$aG>{UL8w%>LwC+kPp|mHJ
zR=&QJ7^;XAwNmtcJ<0d5(t4@pELPN1(O5+l6g{hGypH)u)q`d_3OQ6ly)<7Z%~wwI
zeXFBTUi0PCe4p$1uGD-vb$)ETMS4_9b?s*zk8LX5ld4zuYl&aAA8%`kd0L{0wsBfZ
zJgIF=Qm&dQR~5Cy+gjpwEpe@uh-itAw8SFqc}O{ZO(ir-CHb<JSf^;1qW85&*J-;8
zRFY3=FN-NJy|s-Y+VhVURnT_dxlZK#Tq8lbt`#(0Q|D{yZAxpcw02tJTh+g-mG-jI
zHfY%)n%be6wDv_*(6Oe1hAS<q`F1Joh|>C1l@iok&}^lpDs7X}KG0d#;VLN+(jJXg
zT6v|dP})GHy`r>1%5zxxdq`<lDs8vY+9@rE_G7Wqwkxfr^1MK4<&`#AX%VG0Q#s#w
zwe+oVV?pmKElu-XqqOpx?-`{X*8YC4{ryhMj@EpQdr2GB?h+JHP2AT<Xn$#a`Lyi)
zs_mC52MaYdZM~FTsG1Y0B(%Lsiz@90rFBzU6Sc9EmDa6^)N-P-pwE<pfl8~c`Cd}m
zuS%OzMao{G<GWF5EtGaxX*X#b-)k?YDXo~cu~lhJm6l!GeMo5smDWq!SgW+!N}Hgx
zd`hdObD^@1Z(gNkRoe3^zl|!tuax$o(%ySWq|sc_vx+JyYSLBmZRjGXoYH11EeB!>
z>_LswvL_YYtjO20$F*!vrM;@O1zIAzqKM|ZQ}g9ht=n2xIGCvDxT3YX{x(-MN>LF-
z1BOa14-FC2QfWh#Rz_)Uly*dESrt92=yT0CS7|$xcGKPB%Rh;|0ZVf8Ug2QZwc?py
zdO*C__qvJyoC+VE{q{<V3S2KVPf^ziQg(=<S&9m4+4@@IYKM5=&AZvcwTVu{&yG;`
z+>Ce^!yNROC2g!YBK?@&NlwxO-}}ltq(?vhBqct7M$o$J#QT4%gzP`e8v!OFl17I*
z<7I5?>F4Ug5s@?-7cl&#QD!A%H=B9teS<^vyDe*85FmUlUyWAb3s7^9Cylx})WNU4
zmd7KIMu=u&AC(0q@a^<3a%b!V)MrL8jm8a;n&m|Tk5aKuz6>Qi8s@&T@@NcpEV*qh
z^*8Z7inOG7#P2zIERk;#@4P&Eq8abE;{M+G%oSqm3j}?*NKX3euVaL-LLu=2wq22i
zN8@&dsEDOa#|gRF1>&n!Xjn<hOZ7Je?ZBQm&C*&<6SM^5#`&_g$FGgs)P?9#Rf{?)
ziYlt3XgNyMu=yq{t?L}VgB$nvIK7YiSGu!zoaTNMqB^!jVO#`gV9{-Hj*=ios^}3Q
zzB6{>THfK}ej-kh&3NF%(xJFNZJ|i0?`%dPT7gt^KLWS@o?wJMJ7ym5lZAtXKM$wt
ztnC97RlY=M50(@yu7%T5&UeY%LMy2GMrppm7%iUh%TokB-BHkLr8OBPv=l}272T_-
zmZB1h`lx-rR#62_&7o+Fq9U4aMptQf`a^=wss(PT`N}A2R73KWZzU+dqE}x<{2Aks
z@Sjt(t_|OUOZX?o^Npi~p9_&n&UaT2LEoQ|vd0iVFsU(mK+FCa5}UKkeesa+pSewF
z{cyU@a$fbkaMf<0(3T-$!>N-N32m67pYurS7T5#MR}y!q7~O+tBcm|5V)Rx~p?$10
zW7jx!?){SQmQun?OPsxP>U-MS4n^h$HmA;4?oH1PEk<b#Bz4s)LDgDI>dVUWW=)+~
zNOW?1VL{)u6f~@YppHcZT?bjQK3733oKdPG^W8hs7GsQDJ}uE8yQF@p@x&)J-vQ_W
zmv{lA#i)8iX>E|!azIxI(>Km{m)0DsEw%K)%H&cZ9Y)!&7xXl45HoFLK}Kox^D#j|
zys6*I5<M!~PGs6sd1<PVz{F9h?+!)5obEb6#y8s&g1W92lwWDrYQD2>ok{q&Xuc~n
zUklBbMQLp@Q&=~uC~Xxi9Mc|Ev`A3}t)+ybW{T=5YOOUNeMIWJUAc;DzU5kT5YaT_
z!5o}<Qcww{RmK=`>W&tIZo|khtqw+pQS}}o-GW%0dE6>x6O^i2JS2~lNY5vzJ!~x3
z(p71Fl-5&Al+x4>lr}|CQ%!wIY40knrqbTYE3K7L+B~Is+HNaN4QVY)ly<k$o>JOY
zrOi>aMr&TFw26wo*3_%jO8u2xtWN=)A{j}h(eWO<>ZZ}WRua|S3LR(P=T>(^GT~RA
zC}j`nXiadV6{Bm);BF7RhZr@+7%^&#F=BKx#)#2%n%dLRJX(kdy%{4<zjBGtTZq*+
z!5SZ-Er?E=*Nx(STQ@7(`<-XAoZI`atr7IQqR$+{y{orE)Yf_m!-vUNI7byt!#Pez
zo7zax2u0t%C>~i8Me7xPz7+RLZQ1V?<pZbYlq^Kzq2MO;d$?C>^BE7y$N;}W1rLhR
zYoPIcZ{tB38HDJOc7mEaT9`)Q+`y!U=|n2aDonq?vos?Zrku{(4Abehl6nu;1rzNK
zQ#;&dW>itp<W@q<?M@`Z6j#)|1HM)Ur(rs>jnAIK^xk$sPs8pSo^b>0z7*<(zTspb
zhiFrebL39MiVb2NicssNeCG+iRBgHcw-;x}=A1J^-Ve+R+H`#j(JQWR7<tzZyunhE
z_W}6A1-fB+6r$>mXYh)1D~|35JEf1F5*x8Y(RPQ@Xdq<3Gr)M}21V)U6t?$K8Vp@C
z^`%koC-DlD?PcNPxMge6vyjFhpa?a3B}Bt53eI+d)6E~D5o2tsa2lb{Dy7f_(C{T|
zM6AWTm<w#B_9<<L(z>Zv6>})=A91^^xc`+y>Ga_^<~f}{amb?>?l7CZnnz9ItQ)v}
z=wzBk`>=AFcGIZe7A~9cU%(2>ye#e{bE}5)=F%uQZ8=m$%I<WY7N5YFQ|UA^CoqhD
z{7NKwRMF;RTyt`LeH;gAbP78b)-cgJuGyRkbIptvU=;3yB-5yvLlJ6<o#u4V!n9yy
z3f*sI|J%LHLByWY&a<?JvvEppQN0E!w9KOCA*;uL5`H1blw~kfSJOU<d}oK!DEAnC
zgCvdK8!F$Hj?I@sYixaAAAqs5=*9{uWL{&7P!9KvPK0jDpF*20?TxAUJuQoVzn5oJ
zdeU9u)HUqorqdW`gsBC0wv{#to*UC@ua$gXwG`SHnr}b_q0LZQn<7GsoP*`IvoSO7
zFMOVyS&yDWkFJJ|h|qEL$h<!1(Z<C*%L0@<`hiY93*Xkvtu(4qRW$4;w;xQSRHwzs
zWtXcSq&d{VKY=kaHmrkx=`umT!VWR5`v5`JFw#sTtQw5|oFQlu#++#(%{NNRwoqDu
znUe374T5eMFKDCIe4WzXf~Db_AImN1;KPD)Jjn>FS9#f$zpKdnin`gUhw1me*wI?e
zk-H0cx8n}1E}$jv;~Rb)ay#|w5kKHP`|>wr_uk|<x!wC{%zb0^B2*IVpt<7^p-NY!
z&>OZ5xfKynTl}x?E(Es;mU_IV;O+uedo#Nu^v6!Q*{}_JA*PMPY-IE>yb(rA8%pZ>
zRNSbrymWzOWpuu$far|Qw+rj;wLN*&h>)DeN9g?77@_m^Ie8|3iFNRO%axfuM=Toe
zZ0yD7yB^W9Pf<2Zy<xe&vbC67C2X%u&EHy@Sg8nof>qb(P=rcjEi)03R4R2Jk6<`y
z+yXmv;ngab$^G1#7op0qr>AVYCBWZL7H!MRx0NCk!|KPY_^o=6M=VJ4%2~<fOVj&4
zxQYK3`)0{A*__~;+eK{U8J$17)97ieBt|!4H2g9i!5B@#-39X!LX2|O=KC};isa^-
z?&-9^t>@|V+zOUZI{k&&{Tq6eM&+>Q<ooTzuV-&0;je;juz%3{FaC-ojW*uEsmbeV
zBUt%!s0Ch&)6+C6^eILKah{0%itbX2<Q`O%K4{DG`+L4z8S?R$wuTmbkruR(St{S%
zGIzlO{(=$#&7<>q=KAtyXw9Rwu&0GV^XLS2cg8Y!_&$IUbPt}d8U2Lc$oZ@Zze`wF
z&OsW#$_op}tLcgsf;`>bwbC8mk>28=h}QzIZy(;qL64GUaHZ3=5S1G%B{o5uOdBD(
zrIz^5CXQ}+<`}I*ZvF7661-e4QSTIM6TYqgUi!AKu9S^*71Y(eu@$1n+H%?dGd=%z
z`-WFqE~-ZfznJr65`GRHx28I7vo4d-YT8^-rvifBuPSJSMlVN~6WTOI3tibLJp>QM
ze8<94Gjq$MYx466f=B1DJ7!OH>0RQpW;Xi4m>1X4udnE-7QAZU&7_*52g6ifdb`;j
zqChu{bPX@~HPDT$&w;LabSxX|A8sYS$gg4s^C*~GQJScI``?mjNPYR_S+NACMrQ2^
z(S@`m`EFzF1WO2aT<hcapY7}pXp3+Y)zISpr_c?Kg+G5tqT<UH1vB)7C-Y<QD?EEV
z{q8eF@-A42YV_gp@W|g9qAUK^Zt1W2n>~;21uBQs5Ou;FtYq{3IYMq`rlM@rrbe4c
zyY2L@Y2CM2|JXM1sNS_)=Cpao!O-IVZ?IveZ*e~-{53`oVKp%JAntE=$fG@%^8MI=
zE05O0n`29OdV!#-k4hW8)jBS9vhpa9ZqQ59w^)Y0VfEI&<@lca7A4Q|7p178HywXb
z`a(GssU`D##?1ha`l{6nWaZD0UG(`phv;Q^pk{@Q(vsEOw<xX0YRccCm6#>8>dMtI
z<?7C2oX?~3cgsu;_!ABSuJ9JJO0CIQk)+5EU%j2zhDYz}dL(6&$LI{=7G@9Ok+c>f
zsn4U|hI7w7DhgfWu{5t*)VAXx``UzG(d}y!el3UMek+W=(UK^QhBk58m#Xsa4)3)n
zN<YM}vf}M57deJ4d6MmmM?W_gBsK?8uuejgFA4b#64RPTH^W1|*77G`CVDhvk=#}f
zW}f*9n@bp88ru?r@CD;{VxMnxD7g)@o^#omh^sIXuf?NzV}%y<Bj7&hk>Rw(zs0H4
z9M-Q3!z4WlTUnW}2E*!agsD0FFuo;!v=F{#v#phb<u~sJ@R!tPH|y!w{X8-m^YL3R
zT#M<4X@m21P^mEr`Wy7pybi+>%4|H0#5-r;ifjHmEvPw=Wc6n`GR9+m(?3WOuYX)3
zw$8l2W_ZEt^OzNEvrl79HV88Swv+XA=|?=LaqjF^M32mu<0chvF3c75YXd=t)47+Z
zS&@tk^bu<XmmRP_c^+|Vk`HguxM+Y!#c+ae;sThf*fVilV1h;n0$QMdop8^W<s8Uf
z{7#Qn9p#>T)X&8jVO3DV#I9N5w^;cJr^z(YY`i?8{(%`cQzB$%GNUwK=J`?QS$cHl
zjEsH_+)_5{uSc~`h)%|Dl6fip$V>O(?IPB-HP;H7r1`F`E@d;*h(8|@jmVF^3)eCk
zvNtH<uZDFr5=!_D<_fwGkp!mA(bQ!q%d~umZ!r2sQM+|a<DT<N9D$qz+2`)ey5ZTK
zjj@=?-jX??ye$LmVqYRpqg8K1qpWU}L%hzsKb|~)&6h9yHH?fKybP?NT*BO);kUB_
zT2PA_BQ6`HW>!M-A?~m1QCmgR6!oquvqHX~!CT|aI7Shrt}YcGBla%*9n0Y^GNXcT
zYGmz!uj1Ate7RgjYJLGdV%;^X6@PmZfo0(Hg@C^%%GD@E!iz`3X)-TDV=wYfJ6Zu(
zL8`>z@D3?<fjrM^AvVV-=uyCPRCh}9{Sn?Rdr$UO(o4J#mx+W%?#ByjmY1)vN)G!Q
zSA7piEkSFq&l2mCnI!8v-z-FbWD%YN{sQhNI&Ti=E;yOzzU9m-qh(f8rk!fY?+6Fq
zR^c3?9ij$UHSnUV_I!J3wpZ9s<K_ydhEN})VBD_P(VFN`W}_9NuIpH@@EZfEGDCl@
z&M5BRon27*qKxqNgxk|a>C`NteeZ4vMd?F_LiRf^qn*iG7wCbER)~xq{C&&=i5~+8
zoEm(6X8dfXiTv2-`nwhnhL36NQ1W~`UoJR((b4aq--wBx2AUoBuba*Fc~tx*nR)lT
z%m|VAheeWs4h6lu^dWv1EJQDMlQCbjQP4P?8FG(u=nisOR_S>M9sNa$ma86YP}B$9
z^XfcQQE7|^*L-r6w035R(EQOt3pDoM*P)=qOIQQAwJV_;1_km9^e;qB++Hn^T4wn?
z`{obV@(j*DxaOcW;~AOn)bS1mW}`uI{{!d?f3^QRd=)b*pr=^hIA5vaG77=`H7}!#
zw)P-1ntb1wJTJxWhA3E%f-w*HJKuH&G6?#cJOl3BE#nbbIMdn$%isB}#r?MsP2oLf
zuZoO9WZvXpSp{?J!u<%iH+srtKSPw5QLa)#Gv99BXL$)q3`d-ctxp@QgIr>%q9C6s
zJKdI*xrIH`9;vzSdg*x?tU_GN`8>1K?nf;ib#lAUxG(kLH3MDW0{I2C1kwnsUix%-
zOGPYo+&AZ(EK_sNX;2W8!JgB3svfO@eP;XeO=<WCwr^(~^5{;SDVctF^i)mhTfjlU
zRlw<m_39Oj0{cTfaTmg%%vZXJ<)pQ<upnkG;7dK++F-N^Q7}fIqzO6{6ZD7X+oJit
z(tICkzAv<9^9ByrXWqbJWZuAG6w(N37R01kRv&5EJb5JFLt1u<mfhxBOS4*H%Hm$`
zXKaBZWH>OkE@EHdVHClRh0z{F{TPjh)EG5@)EJrlFQY}ycH%W5XZaI;yB6F=!aty~
z$S=!^<u_XVkR55`vl`vFa4ZPFf&|Z(^?8pXqjgO4&<5A?95`jv4xBQohI4U)!X*A=
znC^QSUpj+>Fn#S1B8aMCFY9X1Zy)<Kc#Fn)uW6L-;w5QR3TM$K8k(GX41O4&jHY8v
zW)zft^8kCpX*Bh1MtGrABi2E@PWEcZ<MwaxS?93@ZtrhYPvISBmGPS@7)xWHqqH-J
zphPi2i{O{AZSVOgj{;u)f^9b%5%-HAAEPnOf5EJ9>%K>3PMflxzNFLM@34wXwD;58
zo}|5hm7*#x75jBa?J>wX-M;*~1}LCm#len>^;z~{!9FEQ*N)@eQ&e9`i;}#O7NyH;
zq}aECg15c6<_)%uK$6B5a~qqN3Oc_v$PIJG#L{4cG=>tq1Zei0CNhE33>U!&IOTRX
z+tds7i1R)Bw|uFv-ppTj-25?Lwuk6V_%G%}2b!fZ^B@K=NN2#|OT-=o{goYkaPETF
z;z{hY8IK*PIZF9{<{1^Gvu6d3z^Sh}VGAsE!oRr(k5R&ZqPw824h8u<`#OT@2hO9Q
zv5bT(KBMATpG2bL{%7zb%)E^I_rOZ=Ts09sj+Dy|GD-`eP5jbSM~z<2M7-0qQB7ZV
zt46imPQ8Oa8>fsWHDV(Kdu)GYWx}h)h)Wr}ffpji3o4?sCj|S)Go`$<%5nd=v#fD{
zpR=rS|8-|s@!ooEvA{C7AbZ%ReRc%D$IgcBxY-9VGW!5VUtS?7@O;HH4}4{uT(}+3
zzv8}jPMPt2b?!gr=6;l<Z&BI?+s@Wv1S}?_da#)PH+z1u{f+zocSa_ezkk>6MoDxd
zxfZd&u<dGX^E*vM6wKLik8W{eiPvD=SO&H@h-$#f>WUcb#`-7Nt_AJlZX;%y8EL$F
zKU&aVKk?{?$jngIh^zxdH?V1Qv;|H}U{wkU?ZwiJlG_M481FdvPud*^eKvD7U8Rw(
z(nwcn;BXqV(eRv3vug=@wzZ%uItaSGi=b|99ZaW2x+2Qn6fe$VS7~exewPw4WR}&N
zE_#G-XH?EVx)@{JKYx5PucfNi+)ZmX^>G_%@MO5%=P@rCb%ewj1vbKXP;XfKVk|m)
zv`4WnylrXXGlXbeBZ+wRgAN%<dSq_h^BJzO&xY1scjc@@rZv0~+K%sPM5#u3mPV9z
zp)A|Zz1V#+stW7qka`~V)cVX;>+=U9BCJ<a+!#gaX*WhuD(1!rbHR;Kl)j(BRz5jO
za?W`zh(AG3OW4?m(R)Uv5Y>3!%3w5h`DP6W(LFdrGbk@Tk9{7a8=Zfemp+5UIo~)v
zi@xE!opp$A%qHGuV@2EHp_scVI5AiB?Gn5LYiauz3kt?4*uTlhgf#xgw>yql?q&50
z_V##9yeju7*s%nom7FhFE8cc7b9hVrWVE(oPV;EJHB3;xv4TQV1?A8Z8?;309P%ZX
ziGZ`lnllkbzu?T8S2eSWn>GUPH90;M?Ak7Ko>s`7y8ZX+OSVI@H;vMRPIICpzifzG
zj^B{|M$w~C4czR4>^&PxV_(JWCBL$?LAo~x=HOb)JU)GxtH_M>w<r;%GmAubpVU*C
zy3VqO=yRM>aDUB75=*VeHbG`b&$Qqz`TD4tWty3l54bY2KV@~OB*y3`pt%2u+tEj<
zF3zk?yHV;=TR0GVk6%N;w>->M56mM*T@Hv}d=8q;9<tc>Koe23^CvTteexO=Sgzn4
z=R%eX^Wzlz#ZeL)7E&9A^Lb~(qO{QMim<PMoLN>Ty2Z2GoWn8-<agLvZ~TG?{42J4
z8?maHd{NrsP%yWkIZ>X2QM%+)u^Sm{>27Uj!-~95j#3kcE?f)FLobRKc*BT9b3cMH
z4`gcekJo^}zP$O7+}betIGP+-q#&QH8d0k0R>UaPA0yJZ;y1AjS1JlDO=dpzukd7y
zC5+O~h={OF{B)FXKM}Lh#1CNgTx%iPr54zX(eGA^2W63bPh2KwY7s%V!++*l0%?2>
zo_X|7IONgYi0)H1W2w*IVPu{vCxyYdC6^6a6RRB3He%FTJ&L&MON#TQs!^Gzn7?Xt
z(nSX&dR7VhgO$XLZ`f+FnS(&kVxEnG6_7a?qT-M<TZ;kkmKYtu`fE_~49%x|oELSS
z?xO4T!@5p4gw(jTVz4C{J&$U7a@Jlwp7wqtM2-#5_%#LRBjGC&R~EnHgmyXgS@6fG
zJobK$hIS1K>;`-RXqdSrir@alZj3poqMp&)>KWaxo{_X0_vO?Vzpdk<3vs`av$1i%
zCZbj>p=I#68C|ay_-3`h9rsG=`Svg2U)h3r#y7^!d%*8Smz91rS|w=xN<rdpVAtzP
z#Qk5ig!rOyAHf9|Z{OWrEYi$2g2vVolowJna=|Zt!y7U3^JvjeY@0kX5kun-;iZ0P
z7$f89Gcv1M7CRS2i=#HOa~WuHA5MWAk4ca{k4$ytIRa0gY2QHhjLKn(FshbK(3Q@1
z#{H#QqOtb(H!bm=mKd%jHfV{x=oi=A7;<6M<x)YXwZuDG!mA*u6<}Yu#Jf({;{KeN
z(5h*wSf98bjDqX~;{LO%rNr(fg7zzlt`S;&MQtAu+IxyVU&OTJbue329>EYjhuO$F
z-WIcw(OfsaIPt`q%(Smy85ljIZ{o{Z7P0qkObjJr$I{rpi2YS7rb*N^qI<-Do+(CZ
zydts{_zs*hDw9{x`LhDAgd<jEZaXAL?z(_`!wY^Tp(wA(!To0_fu8mSRy0l50J(#K
zTa$Q8fGzqoM8?eCg-=G8SaiOxjMoqs@^|X^B}bg_njS@|%IosG^+5@<B62MOFH3QY
zf&H8zD9fm(#^EM*7G6Hy#VAUb!N1}=cinKKjM2HuLVN6-&{7bGGq+w~kyKw~KZ84H
zIPGJNou%__iO!i1m3B&Lk1B1KqlIXVTXB;26%Q2?-$$$?zK4VTW10FuygCP`P{DbM
zc<Ua$<MucnnSFpM5%(WgpKF_X$aCOHvksY)V6!^M{eo_V;8R9!H#j9Tr-w`n&R3UU
zPr_XNQ_beQEcpab?f@Zzf!WRV8SmPlFpYx5`8OE*DH8uBOpCF1=6rH<K1|=h(=s$f
zor^N^^v;P#CYo$gJu2nabB}Iwkwwq`z5%D2TX2k?bf<G((!J)PPFA?V>H3RbWnV3N
zWllZJZZ@jzCZopi;EhGcj`<q449PyQ@#;-#geH{d`XcmUX&#vfy#ksUqX<pH$s?m8
zIEyjb9-(v1WCXv73(9O1E_WwH_%*VU?1zQvH$*wj$b{)nNR81TSTjZ^5d&a!FV-?f
z8xaFwRJennPF)y<>?oLi;1{>9VP4Yh_!=61h2C+Wtcmw-;E}=YJ68hxE!D7Xs+~sS
zW@NB8)lm?Q2x`V29z9}xHa%iwdc?@|h>>ZR?X$ES_e*8tRQ&d>u2z$DwQ8U<`EAWN
zSo5vbe7nJ=X(R3@boF~q^X=DsC3N)@xiI(a=NRr88SWVw?im^G*~$y|Q4;Q>B-}?y
zxQ~)>A0^=)U*tNjq9oi$Nw|-aa33Y%9x-^weUyazDBa?EiCxj<+;i+#JwdOzUZzoP
z{RUweZZ?>kE6L;bYZfl?uSPJlaSP;kv9(-S5B^8>VWzN#nVG`K%#?rDy8pe_%)I1w
zi}Vn5VfmTab5Z(-UjCCN#{KPXXM?wf;LVwQpgAp$`$c0y3wr+Vw`-)!92n^`GX4E0
zuGkKlIg_k)|NHGmt^Lc`ZomQdI5pXJdUS`gj`$5v#B+>|#rx)p<|}$g(NaY#6s=UW
zR#8(o^Y9Co9oZ^h?3w?C^TqY1Y+P^3#(lW~8~5b~EWWu|CBFe0ZWE&X*t>W%*X@Py
z8?U~^hHrQ4An)GU-p{L;LWNNRzxw8oM}x6Wm$bFW-H*U)3HGKT`(+*5$vkHz@+lUR
zS1V2(4UIJ@YVR)aXvu1d-%G{H$&sS$*v&HfD^1XM&}TynMis9pz?0!fhlvw1GI2si
z;%UKe*V|9xTfpZ+{J_)~tcbySiC+hXB+Z;oKEn{NG)i%|sv#N=d&-=elT1d&Gh$>;
zG8uheP0%yYM5aC4O3;Azj67-x?m4yKTK3KGE;bID*uD(be!N*)yw|G`m*=>^Pp$b^
z-tkVtLaqh(a~28Ofc>wj8GZ>ypOK0CnD6)T8;|%J!F-L6U)in5JC@|L{PXigsXx9O
zGw0$_e6`9bMlCwYclk@#NNSH-k~$kJJAd(iR#P`<>drcn+DdEwOH-%aAgR^0Y?`LF
zD=evnwd^OF`f^K2-KAyk*VJ}cIhm{5HMOCpRw=@%F{<kN7Neosk33o;#g%{^LWG&$
z_8JwIn%8T-yEPv@CHY<}C;74{_d7ISe$DqmbK#|)@-k6*xzUx4(Q=j5b*|kQ^;HR#
z(|iY2E^leR?kbHDN~`N+kcG@IKANu}LW+`ay31)n7OHT03Z+`RA-6?5Jxhq#U4q#Y
zNAzo=2t7McUR8MkF+om!Znz*bSD7ZiHxaR?|4gflSOKHjh!rqO1*eSUzC}cT_aSo*
z%nc1LAv<AwCElO!GDYZl<!_5}b!eEh_V02P_s>0y^~l<nxawM8jHP+6CGMBNK8jP9
zY3e4-4^FMEsV6mcEXJHuKh>HGYHDMQKBrdFvIjKvIp_hW=F-#&n%Wo|!KtUT=5$R>
zg>IPC%w;O_V=dv|My+0r*G7B;gVP7z1(tmTIt6J2cV}=;Jc55s6;|Grz^yP>0<YyS
zlM<qJ7cLQ_jT6|4#^}U&L60d4YwGh#tEIFeir#gpxWV-jj}g|(&*b-4gZ_#RC4V~?
zd?_VgrG#j<)?)7K8T~`-tCXNZN_#?S*O!sht7-@`s~?v&J6y9?T)18QIwo|jJZ5N&
z7C>_tb%&N1<Z0hL5)SZcr{e(QhE?4B0-Z<M;de3;X?S)`HoV~bt<$0NQeVYdVNx^u
zeNG;IqX${D_Cx%|^dsS4lLy~ofGfP?h1tmHvw}j~`zj;6D3T9%5RflSO;_TZU7!&C
zitlX9_c$RMRSj?ISTsVB+?mDxT+5!=OjPG@WhEci^1U4+QwyW{d*v+fK}Cn%sdR|;
zAb4%!2buG?;ZwYRVOyhm=W`mgD?G>O6wb1EbvdNy3q^hVOKMzEH-`ebB>Zj9vF-*4
ztvjCa5)tIr1YAYzFSeSmlQQSNg7SP<R+esZzMh+~^S6B~ulepoK9<@_mDRyV<rj@j
z>J3)9!b>2(bZT~%{h=5Q*}>e$=q`uw@}?qRQ{Po|;&~~tSZOaRI-;r5l=ictmUvH<
zB|c42R8c=gBNUZV)J4&9MK8ppzSkT|rOoLa15G74mkiU<FY(F<<j1!}I|4=N9(UIO
zF@<v+NljJjld4|>rjq<dvqy6-V;hTKl8TCDnDaYP7u4s`D5Y)Fx8(}G&H5ar$UE>8
zZN94A@wyWbV)Ywg?=1>u**BOycUfA|{2}_$j^H181$9I!)296*(chrvYjSeWgVu1<
z6KxE#_2tFfH>(Ev4i1J}+IRKkzD52s@_XvXm4m~WZ#>UOHW#$}fXvV<l$YO?zYdNT
zaDev(99JHZYr~@>u3hYkTt7lI`8BCoG&V{FP=ce~pZv%uM$bJX`d1>ipvtgrtXEI9
z5Y#nYQ00Px2G<g_7-vshVp2yzcfiMFnh)=g(Ne@-8TC=rQqcxjE>4Asb?707!ZZfG
zG|~7lJylT93*`if?9)_FSv!rE;McQraea`a>syqDyS_!~3fDK>t;MQlIEd0ukTc7w
zQZ7NAQv}JcvPWq<{7I89?(eTET3q}v*Mj$WeEEj*%KALFJZrhwqnQ7j?1=;P1=a;~
zV!~r?=2nOX&*bmual2(A*BqkqSY5{0)B?lAKASto6KsEt7IWD}D8YK#T~Qq;Nz`x@
z-?rFVOxfucJ%I06?*CgYPu`A~9&PF+NHyPmVh{gD$mYX~9VlDe(hPbC`I2wtEUU+3
zgkK(W<A#?8U|G%TlHAKiL!}?*_m{t^UWO7OT90;({K8ZYa()c7FqL$6JWQATf>R@#
zuL5i*%Xwule%0F}k#m^LySnS``f<(MA=+STIktyrvqj^^u!V!xITWJySlRh>X}BWE
z2T8ho!CZyc2mYS5ycoIcu&Cy6>E)Gf-0+r#vj-m4RLk&c53y_Cp*7Qw5H(htGYhNp
z9$Vjs__~2p@4_m?D_B2=JSyNg_2_&VB!BBW@Dg7A!2Qn>We@D`54Xt)+Zvo2am;+c
zDb{wZ$B^1S%gZxI#pZNRl@k6I)_dF*(bOkLNb1*G^Yw#SOG318ti%+0+|Ck@(Wle6
zmME2W{CV`_9Xz)}WX`<)nX833)#4aMbNHf+f*u9De1el39^XG8XSM>Jdkb0&PMJ3G
z7NI?@w3$i^?&J@H42)&K8}`0%8pZiOxAEj~;bkc#X*?O+MB61JUBA6Z_opL*3b*Bc
z#QiTFjrT5ZK=#RA>2Fw53@zc`i|<?+8Lx`bk0lu4tlYhXinm$r7YUiMG!kMT{cY63
zzvRux><t*1+gS$jT^EDU(!26iK=~JO4rXaZfR5OFshA7K4uxrDZ{E!YWyAJ9A=f8u
zgzZZl8Qbvak2<*Zhx$BfP>1zCx#uHmak~jW6>FK{AmI-P3;F_!3e!3i6*LHYM5eu@
z`L<$RU|LVC3yi8`&2tFSG03AYN5dWiVaI^$4y;#&{*>9XteCv-^Y(ro)nE_dQS+N6
zlC==uaB$i8a|-G)1n&>onvcL*d}~n~c%>XWTys#yXfjSwP9Zf}1}|b1jD!;YPSniE
z>`53si@UXq8Y*odzWHX_Rj}=h>LW(MXg+*pMmM8fMz5hqjJiE7v_FPOiGtWSa%wrP
zrF~f`aT-1xr(SzZP?o%c-h_5?>MTT88SOxH)u7~F4(iErN%$o&2aSXh{?p@xR$gfX
z;9GF&HDd(*GEY!KQ^#t3-C)PLL_hcpj80-N$*429VzdlgF$&cdRJDzu865;Y)KySh
zoWO92N+CftvoV6zQ#}Yq+Qb=53G8>CmDBYgUp?3>)`&s4wZS?RlrVA8pHSAbH%-hu
z^2of1!RQd;0*uVfU`8eez{tdm7}Z$LyLXS;tPu1Iq?-$?ecZqL2iDkxzx#LA$%KEs
z)6Rt75+iN6!Wb<SR2z3Sn0Ch}Obe5-wuTnAaTTNYVf~6OOqCHs=F~jLrIys}(r$gs
zL9Xu!jFv&Lr7dyW!S=TVd|O@{+kYpiiw5GIPo&}t{Z4pe&?31>nLG-cb8yXw!NVJ4
zIR_&X%*$Y|nsqvIsj2x#SU7HXIra;eS=us1iyDYMFg?$MRFB%<#A}a79ojJpC;5r8
z5+~09^ZV+iY{DOhv0(JTZ{*O2b%pjZ#+Oqc#LCHNw3cYOQ&PW!AIqub;cYT%1e?RC
z=2k&xi%4phqJk!$m0D(FW#SUKU<DZUx=m<L!KY^0L97dmo_bhPzX(Zc(dz}B#IDWc
z<DS<C-w8j2+f)T@&ws*1GAKFq9n@FUrgq#%4$a4k$g~1)3EKJrqg0)F$<qB59;49`
zXf{?2M#a%fMhh_G85L|Jv_-oFU7`6#CM4fztTS9<-1UNTYT1uE3ayXk%jfbX>*V>m
z>yhZVN7FD<jMgE}h5IF?AcIspx5@x{)YIuz+P~1NtYt#PCCY8)*~2@QinbPGUyL8&
z(dn5oKPF-oV*h2fTaUujAKG3SCBn3|FMBs(+67b%G(;s`z7UNCs%dHFY-|}U8h$ya
zmH0?+;q?&qmR?7`ddP=2j(!qf{)Is-aZh)AA?lA+$m|i>Vj2$ElW7E$@Uu8SC*i+@
zwSw(N$x>pGaylD<TcY@qhEsd*XS;zHy|xiGv-Q=3b!-KMFI8~9%B@`k@5XqCAqvJQ
zunY}v5m_xQjB+;L7T7E2ZDPK)v-RDI+x|CL)Ju^>T@wDI52VnINKN=9;YBhUej_>b
z94s(%VAhK6Hs8gTka5H7D^B7pwO*(t+0QA{8Fz0ie}Q$B*MIQNCnRKMs7FUI&+oEj
z2g3pnwy5tE_Fp{Os`gplABs|0%zgIY0~;Gy(IyF&Uzk3F%{I0@Oy2^HK+Rz~h}JkR
zP#N(JMzL#!_J*du<Pi4L;A*VpN=6WI6}QXxsQ)g}F!O%)M4K-d{h-8Lth%N(tgGjh
zP53*yi4Lt&)Lz%EbF)PMK34RaqDK@JY9RR{iYmfiW9@8ozof<$U8$(ydQSDIAjWO7
z?T3sTUULD>$PeF~V68AOJ_REfr9W!m*R*VEW-FaJYvUOZl$E#zPIz_Y6pg^G*jHs8
zT%pKl$qd_u%vz7Gf#ovoGBP$SnA6y?U_IhB{=dOhl%~L^VT<|PSlqNgYdE2Nn6)_J
z_uVJb9k_+tP5578&12c;QETy#T8ja*rNr&dZY2CmVRyO2;<%un9SVMN89mk=-vadn
ze{o}u?`NDXPWXp5^6oR?A9M)z6c&l?&^g#iezR+m+ueDz0{c*NGc!!jpJMBSufI{2
zb$1(doKX;~nwUx1kCrm`_>Bx$QDeEnG#_(tGEl-#hu6%#ymODBT+IZ1+*FWRS2^F>
z*97J3DX4*Zj45A<#2dnA<r2B!6);+*wBy%FYVXE^{%j;@gmQ3$<~sm>xt4;MyNvc}
z>it^FAw|a(ZEGSW9@G-`-w{q@I{M>YVH)pOO&i$py@%g!u=;#2QrYtNh2}6i;-nk1
z?=CDszPNv&1GnbUrI?L#t)*$^YKhSgxG}vP`8>)<TbY4|xCr>;Hs)^P`a)VFD2rK(
zm6P*5?&2zlkh%yx_7F~sLzL4=*Q2_w=Hy;(!TdEdDrzHb_k!o(S1{5jOHCd@&uXGs
zt?<<}d^ode#HeKve9>mn0niKz&IqEE|0lfDX5}~VONnUq2ij<9m7&>NEi&&c8i^x1
z-#x|Bf?j%L_DtNanG3vLUT8c#x&&j+HbP1ST=8gax9x7cRJ^Ys-wSU@8>=R9YTU1a
zyEA4t!9CiAvYvgb<YkMbERXN&mNpb~nqT?KIMN6HAvKV0FbYiLew;6Z%z7E3Pt@Ap
zhZsET#{PY5F>%`BP#THdK%C3j4S1gF56SmY>`|D};+I+(nLQ^X^HM9L!o^bPJ)6%&
znV4o?$@tLHihscQlF!u5i)bcdjW=Refp6sFQ+TGeeuPu;ox_iE{?SxVtIQpL6Q%R0
z6?Q;IhoCQ2FdrfY$?F_AcYa0Adj?M;`qH)``S6lwbKE7fG<n|<t0``%nSC<+4RCK{
z&+kB{+t!SpGJnSNHLZng6wJJsitqq#G0e6c7|)V#Cz$Uq4S((ZY=zm^i%~5glNzJk
zSalig{!nNGjtDBBhu?9<Z%Qeu;t+h5oUErYdKHLkIRO9EpoBjrkEG53;?!sEk^25Z
zY=mjK&_hNO5J6*9DP0g16qK#9)KUm?=6tv1m(=n&%V*l<Wdt43)TWB^X}*x=JBgSK
zmwmXlps%&W{fg4H>=jz}H!Ztb%kI?@2NbPT^n;=uh+lEL8?|rkG_{1bmP1=xtf}=h
z^(svrt*Jc`q2ii9cH@EDUKkaoHB;0_(KJOzFPE~XG0V6_HfTGeg1aTP(Ev$pKSojy
zB7VyGnj<2|sGFvaQ=WGzr*A<!Ip5R`T%SiDe#~X@)d#%NFRVqEyECx-C}F&ZRP`fL
z>0Vd?o`Z{#`y{j-r$$)>rR0{HOJ?U2RF7W9j6Y-ZJ%Rlozi@h0#gMfYytg+NB$eVj
zVV`VkKOV;I3rjN*8&e{c?%B*%C6#I-F7=m9HD@B>%S>v`d)WG<(x#Frw9fX!q_W-k
z9XrTuHs5yGdo!m~=_K07WodO+i(Pwh09Gqoc3MxdYkP3&kstXy+JQEhd*f3ZTZdmx
z1ux6MA7WKSVcUT4EzcahHDqfxKAhn%;eQREnmw5+SVI}5Dmn`5!?aGY*^ItHEsV;4
zB(&jugf`uIBlyiGS4)&;U>)T5pUq7oUP<INSonX}N!b<ZBlT3;5cQzORporC_AJYA
zkZL3OC0SO8o26PbvUCcSx9CgQc9!H-=s)X=L<|%D`oDzxdmwSH&qOqN%w=^+wf325
zJ<pOIw^Zu`v;6j+lUkbnA!s0^&Jt=-UHs0jA)&pd=;>F4me72yu|hB};vpjvgOdwG
z!*A~5|0?tiw~+oMH!IGK5-ll(h$eG-1hu4F8SF%BECYWfqJy@q#DNq3GWcA~Y2<z3
zzB1wh%t5vVh}PO#8e`7vh5m(U<mZxV<^rca)?L~?d`Q;XI&M5X`Uq#Z#sl!^o4SJ1
z-57baY!Ukh9!=7GqMh(#ACcASee9X)f|nRwg|(4U9Yw1f3N18GkPq9$`AXg*sOLL^
z#y1l5td>1EUTAk<JWN@9>svs^=pNW1meq9Km5)+%Qx}os7vm(~^NQwa^k|Ah_)ZDY
zZlgnZ6%%vIAdj*>7@~$2mB!ACHO!o>aJ#2*lFn%P-HcLcDC}BOlt`rqFy_XJ!sZMY
z+w>yxvF|hJb+La%)3|2d$(c6d{#3+nj7JOK(MzG0pv7nvM%o~cHoPdd_}D(4NBGJh
zFI(0S{rNtlgkM1SVE+?aa=rz@i{<lK6Y(oCPVe#c<F$O20RC@cgkN`rW#t{Iob-Dn
zmIfXfVmB;}rI0$WDQhs}8TH3biAO<DSm$}zMtaTM3ah;jldJ(@GIL=&WFMw0ii00W
z4ZnAXQ#?i`o29tax>#|{ZHKU~3t_t3tq@^dA(GqeT9W4$TGRTLxs@b2pPAFlUuIlo
zD=oa#RTK|%f5WuDxU5XZzvneHe+_8A9sQ#?aW^{2GU#fNta<-483a7b3d@o-D{OMj
zL2Gv9{G0q_U1iyub)RL=s4zy_SSkE=rn8A*5=+SOaU(VO{BAwR35*-d5Q)@a6`a)Y
zeX^5%h`#<+B8H|P|4q3BZDhTPPjo`6FL-;x=?m`uI<Ly3UG9!eX1+jJPl&>H$85X|
z>^?D5*ysAoS%w(pIU)YqN#}jVXaMFL=j*Cy9?s91R{3f1|874f`MM~ogt@@^rhP1E
zTQ4cw9&+Z?x3#{pSRt4ehIAQiLxhx(4<Ct956yQN>jKmE!v|rM13P9$Wnsq|6;QN4
zm*l(s5kcE(OTKQ1jc|!_y(IOS2L#>g+VHF%un%_>D~Yi=tQ&l5<84Qa*>8QhzADRv
z)5+@unXi61^~_>H`4OvP+HiQ5jLi4bjOu8KD`0P!))zhqqmFr{?8orZn3m;LL3hrP
z)ap7$M_|!8-}CSu82yEqIipV$-MCX|Q`ZT)?F(tw!%EC07OI?g!5?B;n@y7XPDs#p
z&9_|hjaS;z*;2O0XhDtK`WB_VMPdEX`xt#wAccBhcE@O!qPG;~fo(Ub9?2NN-+)ip
z8#LUAf=|QacJ)4a<yt%s?6wg{;uw!aA#hjiQ@jmkt%Z48{dUxX_gSZihq6dVVU+fA
zzM@yOm%q*x8LR;pETQfyp-XjC7wN9e+(Y4f#g<5kA-cPJc$|!C*;$hB%W;Cv-&<j)
zuCx0&hp-pI=-+K+RS_I88iXG4intZ2gKcUR=!=O=cyt-YoOf9#pe0;lCbWcOWGgY2
zh8Clv3xt<_@aDK53v@2*Ld=|Lo8fOT@}3q{4!*6Sd2}OA1xHv8%-I<4b~atldnR}V
z*!zvOtv&sNNa(oM7sgm}%~`N3Vzm5aM(zEF)7f8Z@6U5PjQ0L4M+@TAVQL7gG7)Wr
zX>A|ggN4cbVu)EkJlgXT*XPk!kFk#wqYcVSx17@MwqlacM--d;_THbk?T?xh{#mR-
z?BTuX{LX*_j>Anxz9=2SI&I_}_gmw{j!}~+mrb*8fp8@M<umLR;LHXQ8|L&|cz6bN
z@ZZeMUStRVw4yCYH5_#CcRJ)zAn{L6a5TzOe+cnic=|KIl}BSIvL^EHIB{#!o&pC}
zUu0Fo*B6k`1GYp69&!z=N6Gb_P)P<giwA)Fj)-ir)^$f~D{ReXc5@r%cM!PUPcc8(
zuakB!9K%BhXP{_FFyE$jlySSaxuE)kBwr<+mz_1=t(tE=`o_BUhtA|CTB78wk{ZOc
z24GaVM3WrS+95@^D*8pyP(|5P!{#ZiywYMy+o$MWMTIqALTSeoUH+SJ)dD^t^S2JO
zk<q0Oi1j%H&xmQ}YXnB-3k62zs|80>WWH%&+JF}XnXe$2X1;<j2)++EFm@<LnYFt^
z+r4ltJ}foYC(%&cnMKWJUmNU&{*{&lqjg6f;j}_NLHm`KU1{}8O6o^>1yxttbfp#3
zvMUue*L>rYR#$7@tYxp%d~r?frnDQhY(Y)krD%ZWyIfHtEip$?Z!IxG(K6*=o925>
zQ!6X&70vgvq9raLq8gdR=FF|<`PN1(p3GA7s4DEZ*_}kF$D?@52dNRF7diHYZ!K{`
zWOjGSd$nNamGX$}yv!cLd`sc!ooJ8DjcF4f;@hOgg7EL0F}k6zSW$C7f>*@g*C!3l
z_|zVmD3jR*dejS^8<#D<9PjXf)3AQWf}IU+74sTue(8$K8X8-!@E)R-w&y!g*AqZ_
zY4K$e;ahM@*1VuZhmOKug_^uJA||jBzub$mA*!>HXp61yW<(pg4RdSFw43lxV-(E#
zkxo<J6Ycy+y^LOpRx8?}D5j`i3z_?WJRvsXoW_9<BgV*cdS^As_l}mmUr|d%BNTnU
zSnG2r;eVbcKG%(ix|o_1epf`^O+R8(Ky69U9nx-jrCqJGbBeMky2-81F`8b2%O?EG
zhshbn`L-$HS3s<V+ch_XxtIN_3o^HgnRY_gfRf;nX%FaGN1b$`<tfN0;cxCBJu=_f
zaEUz_OGfQC3Cg9YC{Fr0HHSk9zk3g<<!SY<A5vd5nn$Gj%bhYZ<_it3r5wBwM(uFt
zlhH`6WiGyJW7^d^Ml}ZrEsw4mHM2@BO+$iyb8|XI-5m$GGZB&))X?IRZ%qkCxCg4K
zMcp1OMpf!bzSi&rnU}Sye{~dXxlvL(X}+KO3+=*d%FnJx_+7U(BFRrw&h0VFxZS&T
z6v`<2#*J3O9}NGLwd6ZrN*sh2$z?0+zU(ge&rGX+v!FW>cQmwwU+re$V2;k!Dm|r^
z)prS+@TH7a6J4=KIZ4K7nCf`S>(a)TxWmHj?$?od*I8xkvSv%_@l%3+?JKQS!(AaR
z`vgu#868%Xj$Ibhe#VUeM(^qlvbdIwC~D}|Y5ZEa?)=*;?Q*3(SXSzLL3!S-Jio6z
zA9I{0d~c(SLPLxP^D@Kj5)yvZLM&axF;&<4)s}qS6*W^-PEkEYS387rjUT18!_{Ow
zUR2aYEm9ptUDXaXbO_%f&z2P;h-1nMmb}u5MaPcU?T_$lL5fbnw>5jF7}anzylR0+
zInxfgR8M27UQ$eTF!ngSTKxix&S)^KBcq)81syCYsO$|AnazwB^E=;W6~bD6guV65
zxhm@N#b|}ghu=C!?8}TBzSgcNk;?C2hj=}gcp`p52zRZRChH)+0z<r$X&Va)>gh2`
zjs%|Bgg0gE%2{EstfqBb8~9DUp+Y+bi)q%-5Y=+2nRyQ}n(~y4{#-@DYPuHQ18ZX7
zy>5O^Xx$aPgPjfM3*rKw>Y6e}YrYHP%Mw}uE7b(MC4A$K9SiT6O_Y-(;A87cv|Gjq
zZwR#%-{MGXLBY;TZgKIw8{;i`RQfjFcYE~KDDgqcxgA=2zXp6Wwt90m$UM44&yMfJ
zJuU9h0=4MJi%7mLodu;|BWSmaBH~p&SmmA8r&(42u^NjCHb|jY8D&eM{Xhx7DLgmc
zPj|=3Bct}Hg;Cr01eJPAPQS*$vYJ$UwSbsvTPwfT*kSO=t+`RbJ%1+$bA_2wlx2mN
zRk4p^|LOqd44-)gI=KT^VfxzozH5}?_OPq*RVe$DzQ*83JNbFE`{58Bv^|oTv_~I+
zd*cI#byUM7XVzf~M%8%D%zZ`NHT}TWV&d7ncQ)~CMh#uN$=nA#_kwowE;`Q;;dG{x
z23}c$*JpYequpw`4(pC@iqeMZN?bxwCx?>vTXLT!M$O?>v2J{ao1TpBR&S|Dx@gXc
z0)l=oCuohLXLK*VQ)zE1?POIc(O+w6nh;tg+@a@o3!fEU?$^2cj`nSl&d|n+rf4tw
zsF(5m-BL?8t>s&l)va1KucFFYOB=1_J*{P!*0M->@wM!gif-3hx@s+-X)QUNmy6gx
zbe{V=N#%UC$~nb(rT9V@@f@SEu#t%WnX@dMn4H0#XscntPDIwDu>Bs#*vS|T$}TeK
zmq*a&I`^-GEnyBSDN0e)MNukR<a{k~`pT%fFSNxI1=WG)%c*l)32ky|p{;mYXs@mo
zw6>S5*pq({S_*E^u?;&rNoX&Ol3GrxoR6!<Rvsd$OEq7oVL}_DsJ+U5dJq*-t=q1$
zAFn%tx>#4)a$WhMSgzXeu9<eQp`aJv6>Ih^JVs7^MA2%8Vzj@l$gi<Rfci|8UY5cd
z!162EM$l~a9b5e>w4YS}=Bcight#<2Bg>@cmmd^#4?Jm3eQ%7^l5MV_+_MDTjyr*z
zuK{i%FzUTjQjdKhwUmY@<LX1t8GWgHh(&)&YIa?5YG~gIL5sOWvj+sdQHK#CpK~O#
z{ptJ^X9?E=9ktpXh4;YLJ4n40du*o7LD|o3J`*`UW|2gWaoYhagjp+aC(HE+x2>I*
z>(M>XcB6H8g?1#z(LK6-9%~|Epja0;-u@#H+vjTV^v#Wr7|kCq{TPkt0{88mk3=p#
zHFYvpKTaKYg`i6g396#`Hf<Ez0HtkvUuYAQc9WKEt+e}hOTKHAHd<+qDQ$}5)T2PU
z!!H*}9{7=M4t`Y}vzF!3ZiRR#^)UJ@jlh#x&=PjZ$}i^~Dem^uIjrYQ+m9Uq->H<9
z4)-Sqr_fipEruJqXoFYrk1KK;F?wd1^yB%@M3U20CqHj0a!#NYmg$|-1=SiP=!qtR
zKEkTY`F=ahH7EQluHf07?2CT#s(71!!iJr|_`)Mt4vT9M%>dsPRhq^qM!m6L;F|l@
z5>D?|KXJ$&=|@SmIXMsu;u1sWNr~w?8++(}KdyRUVjf(=d;`tML`fLUfMzpVqHEO0
zY9k(3iy2qcSM&X>E8;*+Eum<l=6hW0o35!f6xBlnjX5}rJsqPUZri0B(~>=p^Y8S=
zXj_W(h_vS1JEgul>M7(@^riAQT=#T^HT8H$DSMwr#@2Kd+6gVYL(8UW*)v*pwwB$b
zWq;PP`?PEoEgMqwke1z{WgkB!z5Gu7gU=PU!yOxz-*&a_V_p`Xv#DHK*B07+*bh31
z>zX_p{sGf!;QL=j-85g8ib5-^Xe%OoobLwZ`6l&Hepe6WF<m8ZFDNC}t7b>^jAf;!
z_R<x$tn%DLZzShYp6}=)Ts2glUskS`D0*B`W99T~<u9S_wovZxSDqIsrzd*LD9q9l
zEgh#GO<f$KUog*uh&7*2^X_xD+pFOlk?y<(B%j!sRJMAOiWhCLi#Geg5Di7D+0O)J
zv7d80L%e>3HQuacnbC0Cr#nc=$9rs3B1UIal1DVoRYT)kLw8Dl>)tGAh>LS!Z|~->
zN009l%m3XgoX;b32aWG2?K>^0=MZn=Rd)&ODaYU=@J;`;Qmd&J-R%51U#T;AWgPw}
z-oXI6#G+JK!W<Ue1Z$huqGqp#s1Q($Jbcr@I(a0w@O*l<pi?@J2<r^ztG!-QH)%ZV
zQ$@8jGWOSHQsT%uDUqsWvnyIvj5+XV{e9=}C1>hh(t9mL#Vq%)YCp_KbB{z1JeqL5
ztf2*wTH2Nf*3femC3SsH=E|eO*p0F5W4VOZEU(Zq(}<!-Wr<&{$do8!TkHP1)UsAN
zIFl+Rc27*9ipYmITeC0?u@<0@t;XIL;#m=*M-{EaYQ?QBdQoJx-|0(?4u35p*lVGn
ztn&r^Fi+52c*s10e=4odD4~6=v^GkcKR{BeDT?Z<`;G27J1MQ8+K9YbqKT#+(fw*j
z^Zlm#)lqK0n(&{QED@F|mk0+Vbq(FDtK@{{qG9RPBwr~lk*c)ZN;{w>8V{5bt%eJ_
zd90v<Qw9B^{fKD3(weW5)>2JVn``P3EqhG&M-Qv_`lnkf()BAG{6-|c05Es0(n+EQ
zsrDNf<GH0$aC_UlrOY(*nj|Ch?kc0;D<Rph;!L;&%POj^MYXjk-H3ivhE7JQ7y7{{
zpQGXH`D(legOz$xyh!1N-;gxzCjYW<ifavTJUNNuo47nOE6gn<jyIVI5PSMTM9!RA
zvbLLB7S-&Gx@k4e%PlIfT&!b5%mvdfZt|86Q9YZQ6_&7(MRMmU`3^?V#_W0$I}Bn_
zd$AK~X3NU?D!zf9l47F)_+ogH+_J5sNbX=H`?k^szE*N=B;UQ1Ht<rnyFH7WBCZX*
z+~8`)>82uSgHLmfTw?U(IMMq@)v~U`-il}Uj<JH4Agac+`Pf%5+J~JSqxSc*j^oww
zRUv9+dv3nZ<B>5hLbkKCM=IbOe2ZGC)V3+=HAC)Vr_~pkmh8zfWc*Sm%5r3Oc3!@#
z>(O7>Wtkhq3IBsxvh(j$NzgZrmK={Q`JiasxzeH=!MQ<Q*G9sB@sz{`u0Jj4sgZ(K
zDKhW5aWpiD{>pa=xRW&uZwc7`{)ScZ?-Aw)vBtB;c7sLgY4gblCj1HGrL|`^2->n%
z&<cm}^#FFq%t6p@&W}Z(pTPQS+Q5BQth%?NjTk+$A!HHOcehSMhp^Ui>|f4K_^vqL
z)(m!m^0plACt+`IO5i^JK-q)Iy?VUJ`Z(WPN`8UWylcuHnY?R?6&HJ^JHS=4-XFql
zvA?CYeN(=Tyf6n_(Ap4NB6#ohKX1)^$0s^|4rdsw<L4knMpqXUR1Mn6wEz4B8hdBV
z53a?$2gRtKqQ5o@t#v19H$NikoNqg<s6ol{`(=oXM_HV{n%iUWUT3i0<7-MyErV3^
z-fQ4B2lqU1`_suFWbb~Aw9*Y|JBLaeW4p^K&vjbj1x+1;R8uzDc7E+f%cHBSi4I+O
ze5FJvsYDjloS<*-tLC&(%{lS~(KyS!+&;nEBAZ1T<|_!+$ws9);t!vHUx+5z5&>8J
zVd4J%BBZ?K=-GY66x+)Jh)~V^TUqnk?;K0(Izn0t-j&RTvkqg6lSk0Jy|}=Z2=Ym5
zh?%{O*$r)k-~A`qeNTuMBe#h#<AoRK%Mx2w&SH3X!gDn^*&FBdz@x?YvE9W>Ozvi3
zh%U#@fvtBQ^<xWNDYSx(S?_VL9y-MNL{=WjTa$Pp5it+8dcwU&W?fhg{%}?a+sU#Q
zPQ&)KOH*I+3z+ARj7R>!6n8JuoGuw1$M2EmWvdsZ_tOOJj|pm5n^CeRW;_MudzKeE
z1;uY!LF@S3>Sc#ueg8od`Ay>is)@Z7Nq>{a+`MOL-p35lzk906U*4Nt2i|X4Co_Ka
zZP4+*S%zA$Agm?jpd~A<mKYz2N8wS-lqW1r#uB@Ue<<;k%@>p~FEFqjZw|j{i%q>3
zdbQo6gwuPE28~XkU7&f?0{vw)LurA()~qkQSDVkgW5Yhf)9^fAvo!O*D3=|Ne4M)K
z2l3{NMzGfx_;n3%#>Y2m>mS8SJhqljkIMc{A_Vvyju%Bs()14QUo}OG8)EllWaZft
z9Yz(v0e?L@4J)kKdBv#GcCp!Y6(x|5ZFa|ypoWU}zzgEkvyTW`w@7LkjM>Pk>F{G2
z9oKl%`-O!T!WlECu0W)g(G@48mX>-_xNEGWE>pj55v0o{UQ@rWDRxgx+c{Hso?lw>
z)kqiGMCB@>o?tMR!ENS=$3(jE0w`-oA;=e?y=rq_zf$Z=FoMM)XCD0m^~8sp4|~94
zzEb_kuVBp%+ctjaCSU!^eZmmQsN&0}TY0w=vcGn1>{Y^Fw_H4}%Wx;3Pl(=7T4AMa
zQ(7FO#rgigi4LP-n)<BLPAaXI*0NA($28xEN-L}R&MlFeYdkC{RZ$^D8x~7yn+bwO
zV^_{xeW-1`yFzH&wZt@S_YIdXq&_Boi2)}y#y%(f805_LJ>FSRbG<|G0rGI_5sU((
z-Peg{z6~ctOk2NIQjf!OF>Tj+L7QKb)UmLgoO+v<&Gxm>di*MAG9n_Julz)*Wq_tm
z`%3cN2QB7&dkzY%$mK%2WSXG6-;>m;IQ!%hH{}=92YPR4_$m*#u6RfF%1pjjAESER
zxoiw}nUP0rSIhn*@cy%QmXovoVYzkit7>s*qTHVS2xG}Mr_X(YR-;EuyIE1I5i+;B
zEoV!J_m*9|A(D3SvY%@guRytW@$J5A7i)=Y7o+dm#Y;)9-4IE;A(D2n?{n>jNZQ3Z
zy#>FDW#^#LoG&aYI8SzR72W)0AJfP$`JKRa7@1w*EaCr-2qdF24+`4ROi-gnf?CcJ
zRMpX9)CIL1N4qh~{!_@I%BY2Ddr=Fcjwr$C7SzJ%X_tx@aj|}IWFkNln!*yIX1ogy
zIrH8$SU*0%-jrhsM;_*U!M;0ll$oqdYlatmHKW!nJLVDJO?kGM=u2+cQ@(+77Z67<
z9#xvDg{@=H`htQ;uSw-Q{w9@?No6EfIY#Yv%4+b@XM$>KO#fAl!wpWC)Mgs1uY*~_
zD@jlIVT@`P5;RC@EtPh;w&v@Z%>hN#HT7YoopdNUE|uB2)u8;`Zo>Z~Dl@snY?<dv
z)yC#P%#COK62#mX)mbg5l9p(!v{s6Sui|_$s#{E6-wXF++l1enJ;m+fwg~(yQ#1Cj
z2V}3?_8Osmh3FQi#t`xU-s)O9td#k-FGQ7`y}~bp!vnn+GbKdtz#=jF`lO&f@L!nL
z8@CSlCBP{+%5T@SL;R0v=2f%d5mU=Gi1Rc0V<fn>v{u@W=6A@O+WkKgo@ass!ztdo
zp2a<n`*$ev6+NivHbr9;J>U?23&)e5&mF_{g{Xz16^d?Dw6uieYtl#LTnYVP`7P4a
z(JJvT5CP)U-7ba_qPa?2t|iQ`51FqTJNTm(avL4|0g4K(6WXPU>LO-tYVP1yQIziV
zB}4~a6{%gUM(n}3F{l4~y746LfU}lVO^B8}13hKk*b2nIHrG-0CC6Nm_-SYz=j(k!
z#;qu{m3jWQopApxM#k)(umgv-bE;@gh;p}=65DhxY}WDZujsg&wRi<eHSucPfG`|j
zzMW-#4pSw}8Pi63X#V{~KZ2k1(55-qF<TUi6a8t?C7p><a+uV*t%O#mF3}~HwloV-
z4vRL9Aj)ge&e4Ki?oL$5()#oi)Vn58F-tqrji|ImA7+yh-}R7uHExpDA|r{)*nDdT
z3oorAL=`RVk2Z*-TXd5rT-|z&)G}(Ep!wj6d46G_@cboW@GOH*d`ZoZzE!jJt%74>
z-b+gl)t@e@*S8m0EkV0nHtP`KDw}d}HBLfm+FH_J9l4eVrb#WgUPe^Urq+Hyc!}LW
z)X35nUMf6~#`v)OP{8%~x59$%E`xVrZHd-M<uR(%PDbzqTH`hvV|<x|8W<y%!84E$
zm-q}L!>MzpiX`b48IM|ngoFOzs+DamKV-#P(idaIGS~~bFsG-hNouVtq_y4E5#zRH
zXQMS9t*4-2Ty`F6;j&9m3u{vpl4SimhFW-}H)1TgM>pRr+<%@TXd&9*zWo5%a~nM%
z7_NB&G>5hGKnJNgFKT8EdO$8LgDb!Rw>twP!|h($N!sXCR8pT-+O3!sEXgn0islqV
zFS+LDz#nta6XU_C4DvC0>T)T&Yld(zUfY-nIkP728!Ixchnl&y8t5CN+*)%@$c0P%
z2z$ys8j6|1a@hbSy1|aZfe_yAWt1**nFWpDQEi1e&HTM{z4Z4k=n%J73-gF;&IJy5
zR5xKJbLus7gjNUhoN3!3A+Gs#j4IFlH|hvi;g-_cRMf(<zqGW>_$wg|9=EBG8e5CJ
z;DBp>AN^&Wyc1)|v@g|4J(OL_o`eU*sVjAUoWw}8Rrwer&7*Y)5@HSxhowYOXdU<W
zTg(8iWh+L8WqK{NolCq0E7jA=bPMX^d085==bn#6yIl4=XgkxULRL&W3T@(AZh-Ex
z?5{#=x7zw1!C3ORrK*<9gmihNOQV-u%W7CrrY%LgJOkb@CG|ajCD9$WzI_;9=KeTF
zmD~NZv!LFvYb^2pYW3a%_bh{h$j4SHf&OwWCt-(}zwb!O_Jv%yA5}4y%-@Z$D%{$y
zsE;{4u5IkEAp9-rA>*+Ssr@a_g;J$#0gTZQOKXmvb1j`QyP3alFk0N&acBv1FlB^r
zItX$eY0E}*EOWvR@jU-xl(f+s<2%mgy8$xg`o2iWxTQgU+-`T2W%T@1;oxKRm)p%d
zNTjhBGUa@Q%SwH9(8eU&#(4CcC7Gj~%#Smejoj{Gw83Z_IN)`9iq8Gr=*JXW%N`OA
zwiFRN*%Nby%eI8(Fq*FD7VyWju_m}@xm-G4c%FwD#avCmnDe-m?IN`-Rf}{9WY781
zF}~c!;Pyf*4h`efb{LtNmeax=C0`+oFZXCn4QV4g<}_QCDyW(3%LZw%{Mti8O#2X{
zI>*-c0%jDi8Z*#y=JYG{h*4N)-iy<uY~I3xd>!9eup2Cm-!Xf*Y!&pJTWi`~w4^S0
zVV(!Jlv#Ek>>AIR=AdzjMp%!SzmDL5Q|m%^Sx<LDE<9&effuGt){%Y{GoCpZhgrt;
zb%kE>obHdBxx`kCFI%n`Fj~yjDR9cG<Y|l%OD*3RspX)K)_zEwYraZn@-NUt*4<}&
z%FH_e{@89j4SnGfdwR&Ic7}wQtD{Kek={OB&^0RYzc4afOMmdkZTvnI=Qwr*e@n-y
zj77%=imc9sq?YNZnYD8lEDg7@P;2QqN9N^F%uAN@n(Kwrfv^!Qp=`*<wG>2I?#Egk
z-(C-hOmmHpHeP`(UT(R19I|4Yo%05f^Bt;TMKK=SZa&n)C<}Dblt_-))E|rAQiFew
zw*xDZL+uv`y6bmFVY;a!d-`Fz3wtZWeVA@n+E!mu&6nOL73W)%ab5vV@ylzaa7qE>
zkvT=-n|mkg^4qhx7mm|3b7q~))jrI|r%(dl`eKY2^=Tn!6MDq7pH~VR4GY4w`moB3
z$`uuaOL~r$Krc;da%*qH#%{5#4IU=w`XPcAI$Cmx7troDTjGIgg4)d&^lN`Xb7~3N
z4(rGz49|>)fM-Sp774lmvxjL7AOl8;=7K7~nlY{M!-Cc+2lEw~o^!sfH3fA;&zbfN
ztO}z_+HThYLR$tM=hXV+1--sjQ2m91Dl0EFF*2^^0)pPdn!>aqs|2-B2{p#t=hRzZ
zBN$!n>Pwch8HJrz&c$a5GNZ*bZ?PaVZcHoosGy;%1%0<((A`>MxR&@CGoH(uk!I9N
zQEhN)XvthPo=5bO<!UZ!W|UKDFFYu;1By;6TCXT)F3Gn<X`7b`t&P@KTT|Q5mDIZw
zy`<<fMIE)oKt-gegrcchVx^+ZIi!u*nr{ZQn0raeRjCd_E1|TCiUvaVT;g-BrMgSa
zn)Hjob70M0wURtlPEb>56Vujo5|j(Jm}z?p2r_RIFwMM8z{tE!z^F|}K?TBsZp1v|
z)Pc}(Mz>-V7#&j%Qk8?O+U|YY?!%hz39WCd(q2;9S5>9vK3aCJay47?Em|S@#$z@b
zUXmp=8yd0SO6YDy_bBS4XtbgxiaIH(>JVNY-iMcSFELhm9irzZvJ<v(>Vs$_O!8f2
z*uE2JBG&j-y3!o6PJYYLM7Fs^a6@gw6>`qr9}y+~lA6#Gquj5E<^T2&uN4vc_yc}d
zJVM1k<5eR<>v10XAflHM8o3|89s}gjA*7n$01eahPAN1!t3hi<;#}9FiZk&WJT~=)
zt5WC<OMBs&5Pe{KR6fFyu`nfYmSEPNFl8^vD^8demk^ZmKIRX<raD99lJ5aQ^BZs!
z3^HgXXwn&?dA2owHlo57tw+9P7KH|+&|?-Q^5YlTfY7hoB&s&#Bkr$9TM>sd>!nA(
z=j50FJsN{^7hWabhlGyWeylixUyQT$4MWervgp6l^MAj;JM(dm!W8r}54hiHN1<XV
za0=v+;eL<pxw-RcyhEJV9+XJx&Q$I>-k=-8Wf2c-BVRG)FUhsw<R9N88EJ&5`a(fr
zj2la62D}IJYb_pa9}%L;R$po(8fr8fzw)VfS8LP{Q3+@xzBJ1uwfx;FR>N>F17~tv
zbF>NT3*IG8$QYg3hTl6zkN#D@rF(H>#>(JKO&;?Lm%!ULkX0ostAjX8EoqV52WER<
zeiZ^Qs4OM=92$}E>%vQ8v;;o2L1}atx={k{rqR>5p<z(mk7i|Ei~BF+6jV=XuPd#c
z(mqgHccp!$w0=taQE4NTMzE(wpX2_$O1oTXbCi~*w9NRsy13NxLaLz5c&@GaUe|n?
z^`n{Q`$Y3)*0+wD?}X;dtiLyFzTY%oW-_>2^IeiA{m4u%TQpxS&6k<1_GrGQn(t!e
zS0W}HEW|3wW3;=qpfVi<U96ldYJHDuefzb(s#@R0jz<lxZ<E${MC+@s^<C_^U8nW!
z)cTHVeJ!=Viyhy%*7t_i_m|e!S?jx4J-A8hJFN9(ck%nUf2-DavHEg{*7vp6S6J&C
zr1f2_UJcj!&S-sQv_9X}$G<9m4A$rWNB@ZoaL@EIS=HnnfBq8AtU_`B%9*&uid8M{
z7hfbOwvG|b-#TMegOv}_7TnO_HP6saU_3lJh1(eqSzj-NlR{oY<M=+F_vb&ICR^5{
zb$$7CIQdt~hmXPUNZVQ#Dq5~+(@iP#Gg9%3p*ZLK!=hJQYKVp@dPGYc#rhV4kKox7
zHQ`x$n$M$?nommb@7eGdedb=cS#?9y;}@c=s3kcy@MtB~vz}#k+uFF@WPi;ZH>O{M
zx0%hfyLBSuXML_5in5&MUpV(DtSEk#e?dHzCgFVFcsQv^WsUb*(6(`%*1SdQ%dY5m
zoWr)Y?WSnW5Bwn<oT(df{)^PdGBt0V;?@9aF*h&ZBdJWMC<<g{eo>o$dwEL_)&qPg
z5NEF??tfQBP}iuS58Mf_N0Y%HzpVP{UiN+P%lGQ3_H~|WgnF$2ACOu^f73BS=2vxV
zTMd(6j}22<e0geq8Ipgo)%?<$NB3RHk*s7-W+r-G)XLBFobS4<A0yf+FBJ1w@^=pB
zr{dO6P38(d55|Z+>8HkqsFbbwNoZ#p(Em4VQ}Vviyh>dGJx};gKFJ7gF^t1)33!qJ
z-;l<Cr<ZYm|7e*rA9Z6C)O_)&DS5@edaZ<@>CT7CyuSapl=z=W?SHTA{|V{-Pq_c@
z@|SEG>SO)5+FFLr^HLl#uj3n9a=ymc$EVwTbrjuNf@y)qW`<z-d-F^Q)6LflDz}gI
z-m|~Ez7Te(S!u%Gy@k(xhn9gtG}=<eQ`wghB|zIDI_oIiU&HT^f`Ym|WTo-6$WNgr
zpk$$Dj`BfgtbL$lqeH2jr*#*mTt=^#Wy)B5YnTTx2bIT~Wa_Eaom<aIy&R=DC~Z(r
zPI~=n&hrSOSElBCRHZUgUT~BGG~7|DzRGzD(ZML^Y3nG3=~y+UoOB!(rMd8~P3zSi
zhsEhSc-e*$ag>rY*HY%uim!<}q4m;~r?$y6k9@4LJwZvO8yzK70KY{HN*P*ZDdTC7
zYrQNLuFo}3ag_2@;99O{C*m!4p;SexV=4Dj5!5phl&k2FrHrR<;X958<!ajAz?2$K
zSy0auP^!@Dj?(EJ+-U}-Dotw0d5XJURHMR8nKHpq@S1Hiru1@@YbXz5L+06IzbJev
zpjy<-QpVF!yoY6Uqc*iflmpt5Z6%_CS6ND5rl|hZrb(6()Ki<bTS`z*9lRxE>balh
zz-MX@A*w?gEoGwCQ-`)&%A9P=cjJ2>^s5d<CYVxlvK=XeUkFCrqYf2wlw+VQwRzGk
zWnQ+u9a89VQ0h``O9?c*E?s9S_ZQxJf?KakT`YxLUu#SCPb#$$lzOxviLxD(Yw4FH
z%5G2^PyzUgGMiojr6FC%lx*E|hX@mjn$U1Z$v51Lu%SG`6xxgk*!z}p#N`=1iRIjc
zasZieuXip)Z=>cWRLN0#EWvltpfsf?9c3=^d<jZ(>U0m6dK2-_??GunIqo%-d+A5y
z`302gshOiZeOM@ynUZbkCiuZN&pu1}Ds&r8F0oZYsZ*}hjux2xxlBEyC!3o0(hq3s
z%@9#b+UF=0j*;zqEBb%fy8pngrvDG%=l*)%``-KgX8MehVVF$9FbrWBhA>R6Of7~G
zMng!NX2NLe$E;czg`$`Y`%tW!85Utu#Ah@KqhXi~-{<R`*LmNoef#J8`98ePx##yi
z_rCAF+b(6BL8&O_e6i01vOKciBgp3haa2I4RWB5IQc4BYYXD+$MfQU-m7sc2EpkPV
zlv1HvBUem*h+_OQUo2{+lnY(vi$yk`GYFRX5>d&b%bX|brTAsWMYsId5}Wm)>Qnrn
zz@l5smy$hjXS`AfUpn!G`@d!L8+daN_3~qOU^ku|6z3e*6bJN^L;fXuqPLHLjEtA3
z4R;_b(av#k-rkJo7K1U)0-S+DNHI#Ml5!$qe3`MQAx9>D43hs^oG)<IaT;QLS=lON
z%;<Q`Ts&QxgBV}#=qJU8q0j#nLvkr(jOdgtuVy8kFD?^#4^!r)Vll3F#v-Obv`d*T
z*5MmiS3xcpjksE;^?9H1_|gnytPnGm9L+LL<gif8ZHOrpl~VjwVmz-%rSTPMyr|_=
z33vc>DpHLXb$E7w*0J`mDei|{Av&d$iY}a`s~}g2;yDykD!#+r^m&l0g*R8ptB6@7
zB~wbdn2&d~o`PH>@>vGp-GUX631V^}hEiQC+Nvp^azQaKL9Xjpi|d8)D8=||-SuLC
z6xFJ)Bh~dHO^T}fn~;g(oPex{+$bh0@fK`UD^jtjR3Z+g@68~lSZtTlBI@v->lP^v
z?vLYXrg$3`i$p2vSYOGQ+<6q!5<UcL__vUo#RL{TdT$mplo)#S-Yl9}^ys}sYzPRA
z-djWt?$%JwdY(=a6Ik>-og^w)Qm~5dK&nY%Im>l%X=BlId6MX6(Q|o{NLnC|Wo$w(
ze}exxNo2C<xid-RD+zz{mukaFVj9aCNJ8g=Nn$Cd%HK<!3nqy!jxjO2f0ZRntd++K
z=fovLi4prjtpJlm5zD$RA^w!9Qc)kYhB14%DOY10o#o@d@lF3Q9leg_wYW4%X*Rkc
z2F_u~c@gE)EMCK#4IZRK)JSPDHqOBJnWd~^(Q879*rFtUb|?`k_!WiLUcJ)ZDk@m!
zpQX->w~EBYGRDxW&8_0FfF$8qw}~7n&Bk5WHSGhrU35#S5^FHK4}?q>*DRrY)TkQ<
zxl>FFNCsqz*rY`0GT$xcJSkIok9J`1gP6O;a+W#RBPnT?;-B^I7RgUhD!*P+MX?mM
zCS)O>siKdC)&$Du9x?f8N>wUoO~{e5R7$gPZZghqkZGbxO1XFnk`E~r9V~lWYL&o-
zWGUsNVkn>KB5#=zilJ4atluhepLjsV_^ZTyqE<?&SoFCeXzy~L*ueR;L#~08i*A;4
zj!{RyUnD-Gjzuw)YKGXtLNRpo2l^fTL6P*VOeI%|8<FZkv0REj#vT$KQd$h%I}eHE
z<&>%=J~kc_!vaEMqeA3J@yEu)qFcqp*Mvtz;tH8hSg!z&h;)|k_g81?M?{{ENx>UO
z$oUabA*EDo`a_-L9ucX}sq(yx-nmQ0w6dItmZ$UJOwq&AP@-n{Op*D#N~KqcnId0F
ze3h6fidpn3F;moVD!od~6!f(d8g+X2HB<Dl==oJClIvBBo?n$>P=h-9Gw<TM5GAY>
zWm1~MFJFWI4?Bk{(IrLAo$07ol?cB?sgyhjnI$r$;Hm_BNLoebiY^r+a^qsZOsV`n
zohwqMl*eb>Tv4bbzVn<b%2-<P&K~WW=8B~(EAaa>m2j?TmC_<~z2=I}M!$r#x0x$;
z1Y}Ps;=dGADsDhc=b{$XBAsOkWFh2Hv5KV?@+722q`XS0nvEpLGg308l#62_D<Shl
zK1(Lv2BdTMd@(r?L&sVmdS9b_$_2&Hyr>n2uOjj1pj>z%&5mAa7m6$y(`-D4ebj%E
z&qA?XN{gX)R*Qtan(}Ee^zLhsNRhJ5(0i>#B8y}6Uh6TQmHwH!PL#?R)yrsRQ77i8
zRPpos<Dx;zY;oXW_-;DN^SIc;a@t>bjs~(=)VxmRsS@Y?EyM?qCH+=_Ck1_*GFbN~
zMO#1VX;%5z15L3B`8+97-z1qW5;qC)7366#fo0`=czYGHRBT{58rKfLK%NmjEX8M=
z;twgi?){z@SF}*hs_ry?o)@<(5goW%S2Ba;xCTQ+5)H(>&2socA?V7bUTkK$7gqta
zCwW2q$nq1e0!UU0>n(XKF_}}nD3VyV;(SVb>;_TDQauU3fgt=P(Z=!#R-^$q`paT_
zKn6oz5sBE5(-@<egCYMFbEK4tb=aXD4tZ5Hsu(XB?Q<ezwb&q~N;IH-vZN%xE%TA<
zbNT=wUKhgxvIYO~4Ur{9?JCbfswUAO#ov9c5uGf0_q9eu-=Uma!ukqmjmTorS3qmT
z1QxyfS|g^h=-t;EQKQ7rS3qk-DpoYgS??j&h-@YCJ>(iOg+=cn*NTdOQ17f2y_`=P
zT0R%`S|<jz$(#+nVy_d&vglpPI*}U?IukXEiBkMC(VHTDy~;<Q(ON{V6n}+m5hWa>
zul`y@dqC*w54-L6WIpkg|1HtUqF4S_VZ2W<{&;Q`2Plb;=T>nN%jr$Hf<#SQMJ~%5
zSi=h-Z;R_#^q7A~+{2<r_`6~biyq-^VmXT*z3WBN23a0)dMd7&kn?-u2$qfOgqQ$%
zU!26U&vaaWKsJbr19Cg$BQcSMM)*CDjbcVX?uUFL>H{(hvRN$sKps6l=06p0D2ZRE
zd@BB@B;G!sia%KN?EX}QKUB5YiG2c%me0g~EJva|BwNHWEHBPA#e5w7b8%rno`iIW
zTLSVTq*GL~oQ!iy6XY9_gS&e)mvtL%7xgT<eZCcM1*8S3y2R#yP>bylzXs$3$j>6$
zu5zX}{0#D|NDIhT$ZsMyAU{HS#Re&*;vVc|euMlW27OHVsI`TDMgK$ON-2-GbDy|I
zNxYr=#QjR*?c67pu;?+?C%$IUE&rGJl|_%bzeU1ERSP}p{t^4L=yg>XN3!U3)iAPI
zbgP<1Jxc-3AT$mwqlM)V7Tee&1$Sl7HbfXJyJK8Mmwf0Q-4`KaN<gSD!p0*3p}vS3
z&jf_}Vs~Q=OA^NX9>{rs(H@Y!A$uBGINRw}omT!qMnOPm<=@*V3ka?J`xqIUDV4wS
zCmZ=v{NBMJmj7BDeRs~6@x8dujiaX+H>p(d9z4LfBOr;$;Q*s7AYX-rIMApJNC+{h
zM!ghucV!rIPBn&qN{9FFvmI=tey&8{bsS<0ms0LMi?0IFy_6wF9?NRTG010#QOGh8
zN1(m>A;x5u2OuXP<`AQdWiO6Ni^otqQB0aq%Q5=gbg0q5()os3ArCd0SoGOysIiG<
zC+^_UnmN?yWYK56!;C(b`WMyC;V>ig1=X}1yCmFK#?glvdj*8fu!kFmu`K@w_j(a?
zgfX0DA%xD|M;fD97SyYJjx??f2<4M*Ol5iKKvU*(lu^lY7liUT+NhUODlS3J7vNY&
z8zcTlC9D$1?!bLP$T5bxWAC3+GK`yKjOx=u#AFzCQp&wo>6#I8tkKBw7G$E7W|qHx
z#626xamJS{d*E1;rF64A0il@VjaUbjr`&s)V~#hHrTF6~(`aMS<L3mUQ;J{a6O7(~
z(6LT1R(&b(uO)u3`$VH%O1U?Fy}Gw^qVW^U6bQBIiH7)!Qk8qx^4*n_j6p0@AvCp4
zGIChTafL`%{lkqymTCz7rZC)?$kK%wOr!T?qm0Gik$JLF$uh4C?~`H{oMNnCc@A<9
zYH^COiiJidU6Gw?w6oC2q}}PMMhD9tSjP@W39}4utE$C4$cOGEXBh{xR6uAw%rY`q
zCQMgXwWk>uu}p%{(N8l9Sw7(Tb-FQ`<!i3R=|&lgo)>2rwJdsGoM9|w`4f9lsztWZ
z#Ny_dvKHA!8%rwJ;!LB5<;ynJUuPP7bgFvogiwE-X{4~+k3Dud%6yiQ$x;ickdn>v
zIadDJkh6^fmfs=sq|o0gr_rL<%p9X_JIQSE3V!3LL(Dlwx0EW8f3GQ?ft+U~eM>P_
z!aUCuFF-~Z87wd0=&wS~H}Y6QW#})+1;#8XYLERv3{R#ROQmcx^!j|Uk@+3vtVTG+
zTw+XAA|9Ko?(*ds6;k}`<-C4#InU?_<g*?}&oiccPdWSZ;!<OdlyWcSbTytYHI}nv
zLTEf+YBaJOjNh7RJdZRsupA4am3E}Dg=HY_5z&3fQN|xE2SKP7qYMw@kLFjxOX@eN
zd?STr9|&E4<r~9TKEo9m{cbhd$Y$x{YqZfuE=v(gNN12S#sro-Aan*9W0bIDw+VTN
z;WC3pKOOxt$e#FLml-uIZ*fe4QP0xJF$Kmdmia~MZqMb$W|mhVG!8E}wrg3hjx`n!
z4yt2)2BBk(HKHtaT(5CPD$7e;uW?4Y6n`8R8r?f&KJhd4cw=Wk=uAD{aJu~%I#XZ4
zBf<aGqsT~-G1Vdm`@?p$Pmz)H6Q!yW51>E4fLv{?lA=c4cE|*yonzMTi}eR`tx@x{
zN_F?ccy1ALov~etN=2jPdZRZWbmcqI@P6@2NIBnNq)4d}^X@kVHb~+|qa+YRsctgL
zq*RN`@mo?DF~!Cb7P_-N0CKa@%0hR)Np3N^q*RF+e+e-dGRfHW&OnJ#|0|WJTKtH6
z%LgH*#MmB?!yvaADZlwK$3P|<`7E0Zj4{ZaMhVM%$cJQ#(Huy15@f2;7mza`(~OMY
zDd#FN0Ou4s`n|@CfY8y)j4c77oXd^$UOyG(Ji{mp2<7~su}Mm`yodJce}t$ovj0%E
zpsUF95c9AxCm<I=9x*xtG8$54WbE`)jf2cG$^vo?WUkR3kQ*S?M(Uq_s#_uRjEaEV
z1(|R3u+Z6@o{m^(4C+&<NTwrZkx>+o3P_zXL&|JHF|#3$8_NSR^C3?d8v^n;WU<i`
zkfo3%Mi#~d^?Mn9^>_jDlrbeBjgX~AV?f@3JY)2*tSrKnI%K(#{I|;I)njo#6Y`uf
zA|M|_>WwJ@`5dy+SRRnCAq~csfcyY?*@*t5avq8~^arHT$PS44AN*xCV@g0Gkk^fd
zfFwcI7+q4T#C@0G&bCYUI@9F-rCMD01$Os{X)z`S<WNYfQ6CU0^E*ZlOKXbioi-y6
zqo3Mv99rWjq<YV=O(hg_0_1(8h~;cP)(6JYfY7l%GP(jn$NJbv$GL=ZUO!lkjZcgj
z0iltwiRZF^hjX*h!7-xL6sIHS%|>rP&V_tx<l8Fe<It*?K(_SD=YPg<JpD~){1dR+
zT!EPX8T1ww$+vh|;`x{mUmCqEw++LphM2F63_O)fF?m?AZiQ^^mvbit;9rZg|148X
zL5weSAM#!)BV<0+;t@PmPW|<@F_GneEZ_9Y`CEhD;M4mAIv0Fv)JUlkAG@?a6yiIh
zUdn9IgD<9yw@BJqe#2_ff|xGDMl{u8#-sRc2j%&}NM;#&EAG!jel#)yQY~dfKo&xF
z7)1ej3es(~vYd<6;(5qVMn^zilF}QHRgj;JL_Fn9<w+cgw+d0hUyO8?e=b$hW1P=I
zPddGcRKFUd0@4Qg%_w47iFx`F<ac8R%X2J$7|V6cNYy@n8XH)avHWH9upEn(U^DXh
zr(a(Pa}PYJja5DVJd!YnNtrFq$FaUZDq&8LQZ25+Sfxsv=5m&ekgpMAnOy<-2q#C|
z%t)Y|tHo)Y$}#g<@;Ft<oE#8J<(f4tUrbZS^2}8%-4Hrf*xV8jN|j)$bEQAOB4!`Q
zlwj<4AytH9{OhlXc>vbsVBI6;Fe%f;X#<7m{(n>LZZ=~552o7POvGM92(>q+I}E#<
zbxOpam#91TyPMOnOGJ#Y@NAfhNyLtVq^>|cf4IBZz>=^Wcd&5u-OYTg9yFpp+JOI?
zg!?jPrIhI+j9n_l>}jUKDW5;FYo^=q1I<>J&fg7j2F|Ag%@KR5n4b_ssRo<$92=!N
zA`R;XW^S@+W2R~OX%8XxH|cAIB==pft|C*+VwNXvr>8ZsBAX2?PvUAI0mnVi>|~jK
zqA8xh%uO}x2dRAizDLz`h?%;#lF?PB*aNACn5~!(bgU}0#z07#nTYFBl6tfpwb)Rz
zj%C7yT8gp5qnO{H*Am@N$+O63f8;aN%wt)MW6_@WaB~UE)(t`&dl;@Z%^^4kP(H<+
z>PVAzoFt_zN1GJ~C^;SPC{THhHG2+H@-5nj@;TP5Jw(afh#@)7OvIW?`E;I(I}niL
z&0$9>c@JY_2uhe~jtIz+kdw>_EdSjPDIh1C-RUY-8`j=4AZM5}j#6^T=c?bc&0dxh
z@cahl3^`iGbYTrY7jm{)kfCHO>PN>q*UZe6BKPWfkP&9160r@(x*T$$S#*L*b;vq=
zSp{;DX`?<=uN4?kS3@o_Q&{$zZORdqXXdgzag}=NW0YCUGUh^c^ik$%BPbt#{TXfE
zEXAKqqs@Djh!Ez^4LH_lvzdj;GX+v;o;CX4<+;)v!SWk==YGT#nPKdAgU6a^rb?ME
zHgl^^G;3JKqE)G#Z!p_fK1F{~-ETAtuTaOjk=wA??7L2hfx1&W-(qgKUWtbiQa-nu
z**7TZzEbtzZRSH#{1xeTvrdZN8n>HGQcA_XD9=3PbGunGN#(N$^Q#_mui3-0Y7Kr3
zgWPZC+)6RC#oin7o<5|~ERj+w+UwQKoohaP8^!oXuQur~L<HNX+AO%8q*~C|<>|a!
z-ES4GHYdp#)n8xZSk>kdDSj;$nCX*MdFY<O)Z>L%U=~T4E=FQa=tinqGY4<}(}>!J
z5k<1l^ros*tAEEi5VFWz!tyaz3)*iy-mg51%`Gy<Kl)<xX&gh>lzu~8Y&Ha>W`+<;
z%;tdLMz?s%OrA!mTD;p@)Yb7aGo7UsYeFUd<1#awWzK<G@>%M0G2gNJEi)&w)K+Uz
zW3|Ow2Kfyu?J{$kiV=&E53R<}m@`V{(Z%~X)}M%3!6Upy%)CUUdfu$%nCDT#6L740
z^Lds$%r9D_UNm24`3Nf$t?DnDTcnhWQ#q!=Ty?K(A5n=hMyVRiUMVf&PPDU<g6T3w
zt`gLS4d#S^gwbLznY~i{7JJ2vmdRRpy2V~GQ&@D1y<%pt=oWj$%wf?j_KL21yv5=Y
zZ?Q(RK&6Ve*lRjfyv0_V#T=ts>~-^h_o;T)Ew(0}O1Ib=^GA-+t+Cd$%T=mLXjMAr
zt~IlyREhD|;w+8USZj`#qUIO1*gErufKZDyo6`a^2-0GnalhZrG%{Pw+<?%?e8=pP
zvMoL`*PGr9O0_NC&g;!&7TwP4&2%Y#pRVVcZWFrh>&+q+6W)yLZmQRMa|+8h5IV+s
zvz&9*{q<g4bbtAxNBDbYB_Cb4{QG9cga2;B4|P8A9`r?z`F3-nN)`TfikeLyn-wh8
zx8a<NS@3Z@A3d8sHkZp7zjrp7>!tX;v)SAn5bB*z&8~n@?`$#edFbE0^MzRv5bB){
zvsa4WJ6p|Y#lL%JtC_;0duOXTT#Da2Tg@UVrD8JA!L4SiiZS#&-D)OdU8eh@dM<A@
z_kTpSs_xURX1bDipKdjCSahFm)h*`fKJAQ)?o(fMpT<S#KK)v!iud65xac1I&dlSZ
z>mK~xEMd_-_`NwtNqlyHZ@xTJ)l1LHAI)|t<$})3G*)+*-2pieeX+xg(lU+TwkU>n
zU)^R}Kn_97Pi6rNoy{rc7qgOu_5hS~kJ-jTXLBWeEOf>{9QpK^=~e1jw6CLlelte|
zgpT#QIUyh!kUz|_fSd^V(`;m+9UA5Hx7o#_cY6Prsk79vXs1W{{A1>`&`yuaV^|eZ
zri<UQ)EaJC8)j3g>7ot0IXYih)}3=yKD3LYbv|UxQxd;(8?x%9R113kncgr8S?w(6
zT&~_Za;;vL2+r*k<5|P!QqEPvVF_DZQmREYr%JGf<NQavixn&pt5Qmp*#9v6l7m`A
ztxk@)@IsaIZdTf(D(7=pcDHuDQ<`YasG%5t4klVlSoE1F(Q0JTb1>0*SBgIe6D@V7
z_E*S6YuDA!7d=ya(K98{+QK>OnX-q@Cq7e>;-Y8DUUAXu*g$K<JgS#}ojcgdm*UrS
zur-lI*L1KojYZdVu(d#nU(>-{)0X(TV6Z-Vd`<90*VGqX)40Ufgne{A@tW=z7hTg7
zYdM!k*Yp5u|M^tY7K3C9{#UAXgc6}wfP?$B#t<u8#`vrH5G!A$ik~YFu_m+V_Bq6=
zVbSe#h}FoV*TX}sO)R?ZhgiR|=(-<bISXW&<GZFbYabT98mC#qSoFRw%{q@ox5iMb
zfJKj%!>lPRdcSdmHIGHN*b&yVEV_M;iub9OqvN7e9b>&FQ~6f`$63t*p?%A7)+Wwb
zAN_bMsaDlgm+*M2K#8#zmPh(;Ct9<l_&J|s)dqy_`<-Mx9T55rXt=eq6#qf^zX6?M
zHOQE1v2B{VV|I$w$&yoqD_X1)r&`g4bj)gTIGzl;5RzqOuw03&{(Q*kR$f5HL$a+o
zETfRmL`aUcfn_-Ixeaozb@U>Y^9^-)<{fgrb+QyyuZJKPS~p1XXVXPiC5vvKi>x*l
z-G+Hq=rPLK&nM41PKuw;NGqR3_t!}44i?>~qpe+kYa3(j`dix=YuDe}F0-lwM<0xG
zTyE8?oWpnE_lLtF<E&PeJq}gB(T}q__~`oSzHwF}+6D78{siDSt5`~@e7E9V{I^1D
zt`t?%xoENR)>8qgg<NU1De<O6)UmF%I$4f8$dqr9Ty6ESnB&xMnpay%kJHh&8T9<v
zQ^@CPoYm-Gi_>4G;w`P^GA2!?QssFOa*dU*#JlKaJeLZYU==Ho?{-nn6RZv?c<%wv
zuQo~PeZud-w;<PA*^8xk`)<N743O)r0wrSPG57^j%7`U0Mm&h}d<MDR8ulbfskpOM
z$hB^w^#aRSoXu&b++b~BnZj~oznOBA)h%PHMQS$w`Zuz?$%;NjIV)L!xm;|eu?)f)
zpMJ@jWMv10e!D5LCIsXwl<;<|G9ceW?yy#|e2*)7%I9utOF%xtUD>HtPe6V{s(Y;D
zr>Q(;q6@z+(te}Vnjl5>g^~s-+YBn<-$+$zO<Shg=kYyIx_yMW&sr{Jn?XmXm~t!q
zSryY$qppP?w2Gu`GtM{@_l)<#Z-`cOg^D@70M}@cnO4bjeyU{19Ba80Ri1+&k6PVI
z#BOQ$>I`I_mH#}YDi?3z&AVeDwbqDwDRS3DsUEi~mBdpmwt87~s;Bz(;ImfO3zSc_
zD9lkk_^jov^o4qGxiySM_u%tZPC%#!>#fNFp&oqEstpMB;7isj7TtsYwR!?VJ@~3M
z>_v5SilH8S%{o_#e|KfIl`qBb)794Q4Ss7-pRTrYr1*Wh+M?$PXn!~#eL53&meyEp
z9HaYmt+nYTit&4}#p-=o$;U^j>+V)7`ic^24eE<ltC(dC$E>%?SSV+TS>JER_@Q-n
zqbyJScaRU`D~TS5zUUHejK}CPMqlWse=UwK;g-1Q68fS`_+>msm+(ugP?o1!=w9At
ztqKVB={Hsf3#Fnt_^mbkzf_BAK|(R#S%m?iKJBs^144cJL%-J8VQrK#elPE^zLMh4
z(;e0UuhOxU(DTMStPCX{oiFHpnQm)@6#r?T?tWvw+bWSU)#9h0@a!0Rr`u{}S#9BO
z+CqM^dRfe$)vq}}TS>3|yT5+6(xg<21AfN)-$?bdHI0S7lrR#~V{K=dhFt;uX7`&V
zR;d;vDMZZg)}VmU^HIH4It#tyb1h>2;1=`u;XC`)Yo}E&Q*ASnzrs_WXsMmnTT=X1
z{r^(6bE-*`)f+}TdC#`Z&~Jb2w7yX>;aBk$E_x$=r`6LhXR+Gv9eQGOr<E?nFVCOW
z`GFXkr+->S0ijfXT5VEVjJ<Jgx&^-_^;sP(xkc(((7&wA*XdX-#u%(0l+WK*4huc8
z@E-o--`3SE)i{S=hM0e>DN4e}U#+g+4ZD_Obc-2w6UV%cFMrYnw_$g%>`Yg8Tn$^i
zA&(xu6FsP6QdkOb_gl%yN{l@Z$Gv&f!mx8$Zsb~+_EJvu-)mH>S~iM_e=Ux#yDz%#
zc05Mc-HD5?dt73=79kxI)3xwL*CH;CF0(JX%&z^WEVDl=J^O2}7nS*;un?YYHT}DH
z66_QfUBU!Ai$(WN#I9Eo@12;vLCTlLUtg;69J9A`D(bIi(5f*Tk8n_n#oIY%rzi>Q
zn(k(2u;`lZX6LZz{@TqhV9|ZCn_a^4(CO+qz1{3NItEjKp4{8bPFkx*Lcz`Wtw2f!
z%T*9+jos~HDeBjXV$9_|>=_)RXVU<CDa!$PZ{l{u46rw`e1tFa(u^BmcPlaUJRM-?
ztW$N@^K^inrzA}4p-MGHN~yPSrp{+&DUC6IB^h9=I}B>ZQJH<wV=PIJA4m6~FS-Z!
z)G;wVzXsZy<k9^e9H?U)-Gc+;N7th+9ups{gY0gum+rwqI-i*CL0@za`l5T#m;Z7P
z4zlg$fA`=ZU7oP+!M*ud&CXA_M?}56kG-!<rDnm8*h?ha=_()j#1ySR``Q<<==Ryq
zE>z;__DQj)ag1(_6uXXN^yp2on^<&BQ|t~FT~qvhoi}AIJYCZiJB3BpG{w%6(kyf>
zQtVwv!U4MOa_v1H3#%`BBpj$)K0XqB(KS6t$HYg%!CGX$)49nPdgg?Vb#VOXN8$I=
zC-)L!h)xwB32Anrs#kpNO^e6q_DPH9qeql4BeT_W1&78{={6i{mvGKBmrqH+um3t9
zITENmhjA)35-8?y`(c?%jfA@~bC0m=R6g;MaHRb@i*BEEdxMhrNI2T=<`{h@I@(Tb
zk$oz3`y6ejEAjN$IL6Lp(RDw@E@sj7I>xS)qWYc6d`!Q7&(JlEpL2cD=bdBYF?u8%
zr`s?-5`57$JzmGeN5TnO;v*q0@w1gLx~3=C^{QU+e)nT^-F?w@KOtUbJraD;XS5UT
zbuwqwgY-QANp`zBR=fv?+ds4DdYx?BZ>brl=klp`suFxzUY)H@wX-=!pM_7gi&%8M
zPPNNebS+M`m$2wsoNBL;qDokXF?OomuEe{kM_rX<*}W|5c2|3wEIYZCN{F|I4$zV%
zrBtlH+!PNXpDepbioaVv&0eQc$?M8lh&j#f2ngL5J>BjO2;Hwc!xnGTvD7`Zc}SIQ
zPn1&b>93KTY0qI<^ohFLbEe&-M7YK3?#h{VC&#qm-3q!Rbf!J%9aW2iw_yi|UG<sv
z2$suUQ2Vhn?P*HHGyCHiSRDOKyY5|?D*mp0j@=|>y0@Oc<B?-`NNEY{H|ulkJ|#xO
z4E(JE<db8kwNXAT@(pzQuE;rdjuii`)pP7ZDfq<)Wu`kP=h!!~OhyUm`JZ#`sVw@9
zx%2GGfYAGK7ufGgX)!2<-l4n5{yZS`#$2B5tylG;drdE+grn@#fV=@2ZLgBjBJWVW
z3n{R-1Y{#*tlg(l#eZ`dZzt19i?6LZ5i{P-4+!=974{7Qp?<&8E|XFvUd8>1?~$s=
z-mYT2ceB)}yUI>{UzPcmv(<gJtL!-}w>^O?B&52^-lW9)a4N1Fq;zu(^{E(0F%v&f
z`RF%@ueKjhB5UCy=4$)Vfb0R8U_Tj<{UF!dTcnhVD^MQlubb?hEEl7ibc|v<`XT*a
zeBt3qtmsH}v%N%$db>PBN^?NYfRxzXAE^>Pw6`HHhTLu!v`djCyc}|;Jux6fkh|=(
zjWWjjd@)J~nPO+LY`I^Eo23-8+~#0^C}kSUs<_lC5lbyo+%038SRUU~$=!Ab%S?`$
zYKu=)nW>%Wt%Q5*L7SDlz7o4c<TK4qXVEP`%|2g=tk;7wrZ6CLA!T;)rz)RD9P25_
zgZ7;)%TOMYhwL(zC0NHOy25^h<xi|*BoEs)Ebm|)BYDJrf~DmQHNR%s%UND}LC7}>
zEA2)Wnkg%AtSY-_i!6^U^D4+3JNI)b-t70)Roh&<gyj^><#mXeYtLb!zw;o!$YC#M
zIS(;!%NY9p3$3*Dju@?4bM0Oh{kGR!JNXM0vjQc2U#1$)qF1)Lb}`GS67}{yj?SXj
z%(-@xlK7fA*Y0G|y))Og|EG>M?rA(NE{~Ng#lH_Q*WUH{)w%YrclGDmyWZ8GYwvnj
zzuL~}pkw(t*Vt)WNvcHz?^k|?qu1DVol2a2@k}>lo?Y@a$!z(R40>*PzFo(1SsuP@
zfv1KR*c~h<bmCcTq^h-XV@{@`Z+-j(S!idl(Dy({7TFV6o`dX!JjOLuXHU9UP-oAV
zF-m9!sI!*`#2SRVsdkeR&%skD_<>0*wl}fRw^``juElmY%Vr3@+qKy4W6`VM5<BS|
zDs#EF5$hrSuO;?=O5`}C@;n*e5$%<%-ZAv0el+eRqddOQn;nB7%lh@;GCNb|++qyG
zQw00Tm`&f(F-rx>A&_VKwZ?Pyur7*eF=z!i9x>1Li>bGhf1sFZu`l}K48+vi7f4ZU
zI0Ev5T_U9=Jn>?+CwbAXV3`V`^e@_tN{nMqQ8jI_H?f=rq1{)5?fpox%_0e3J{gIe
zU$XP0w8*zw=&JT*yNpGD1LtMCM~XiVU$!%MP(Jt)3%(ae_t}u@ClXa=de80^`>}w~
z8LiQ-56I;>`hV?oj3l&Ac)@P!ec{*a5lZ5}K)q)7vFKl^R@uo|(Wq7RtXyT!3CL#D
zVwGL?o66b43Q4<*)%Fr8rSh9ISK;WZ?GBblad+hg$m@3U?<!~A%Wv3AdP$mPzu$_O
zrhYxR&W`>`G5#!AXYUmdng#3Z0|G+7jW*lq0hx}RTkIkw-mDAph7sf)dx{i)5BW~N
z>x*~dBm7%DsX{v<U&`^jC*3i7Hy)#BfiE-*=HXcH+DUz??lcQ%B&@fGvFOpezF*zn
zw;N4_2I~I4{dPd8?(f^51%&Fp!R`sj6FB;Z_GI)E`qaz#LG55S+N-2sm&>iO(Qaos
zW2)N!Y_z*rrhg~IbI50-ZQHUu-UnE@8>A$&(EGXcO}UMBh7!3-yeea6D2dO4&31zn
zzvVaE!?7Enb@fZ+{1#Gewi`oA-ueeMfP7{TbCq1T5B@*M=XL?h$njX8Az#>aEI*)k
zzK8tJZf1EFd+nbf9k%VMd_<Wkc0#_iGgunYp~l{L>&M<8rAiEGz&Zx$w4?Y1i%R(T
zx!5g3zP9UG?)z4Vy&>D|Wa?VX++POcJMxfk?HVbw#cmP&El<ez_R^@zr)zJlNRV#3
zJ*Fi2bW>am>9KRMhoEDnRG4BMq}QI1sASz0xUUY`Y3J{u<SO*iZIHk0^Z`otz6$Rg
zLH@Cm|D$9o_ARp@mNOwq$pMfjAg<Gg|3zgUdJR@bNP?4wC#C4<l=I7wh=bQ6r2J5X
zx49uPr<Y~)C_}VCc6aIqshEc#pF#fPWbUn`2P@=vkb%wy7W$smuaLc+U7ttV$LW(X
z{(88NQ#Y9MX)$i4lA>kzaXN7=q-A%=eoh9?Ky<#Kn0+8A{c=9g>69`4N^+o+zAvS!
z63O4=EQ3@BI?qcf7w$qK=nKQCP7}-TwMq_l+NG4rn4^$th?BFQIy%LWq&amg_aUE?
zAVZy!{Z-5$$k~u#PHKu0s|eTbkRzOCmZmH5mH;H($-v%`>Q(=^%I9dOlcf}LIbt%L
zf&)39pYiTL<T$5}C6Oi5nQ)MbDYzVW^$~NTQ^&FaBkL~6a3?uc#SHuz-w}kI;<T|W
zM|oyLPIs~nRx$HfvYi^1Vw7hAV$O2BAu6VjCC4db`5j+8T7sB!oo<#v*ugG`jBw^0
zqEfvz4ewt<E^vy|lx$my(Fn<P`dB_@x!5T@RK>iD@~lKmo-+tvEvFWnf?u~uMmZaf
zP%?CxYQr&3-H{|^q8Is4I~O>4=_+Ob`hrr8b@Go^G8*~N(Z@UWEYCrxzpiw0k5Msn
zEXwC9r-_APD4%Pb=3`aNb)3(2PUdk+T(0{>r$S1VXq}Hyjr04BPWJH>Q!d)Ej%8tY
zag&pnspOMZCB@DbmQyi$X{_GtOu%~%RQK+)@cT24ev4BfrCf|gjDi0)$+1sT`3!@s
zMNEm)DWyt0dABLw&%M<dhWD0fUfh7bpf`4JcS=|;tHbxDkm?Snp5@4uD&{VyTS~bY
zwq5N!?{>VCDIfnEn|C|4Qt&muxrX=v`P}V9u{uzU{vzU3ClUJ|s>N2U>YEUAkF$a0
zd#q<)K}wy>EETf~V{ASC=X9rwWfXGWj+ip1_%xNX-fP|G?0Q{rpVM>(#i%ubc5&s-
zglw5Ad>_6KK<D@SooOr!A+!g$->G1EaD$4O;VfZ!8bUEMoO+fIKT<IdIIS$-Ln!6}
zr=6vgV;*$6SQc^2gHA8Y*bh}c4>^fvsuJD}p?n^4l3DU`W~3c{g_FTD9zr|(3MWg6
zF$yD;zDDw}Q^;}+gzEmV<DDgQHjY3q(f3;(afY*;4cUQKeZ(nd8Tbe8Ga;Xu&JvcP
z5Xxt!lXkYsXYCMNzhehm=`3M+4njM|DrZoRin;H7{I-motDI~Wy+@kmOq7DJIP#8q
zmb3I6RrkT`Rcp+4nplp4P;1O~+E^aLxstAc<~W@!FF<G(%yGJv7;hS?gmax5oYyf9
zjn7a6y2h_|nplp;3?O;b+0IgdR8)%^$2(7@dMz$#O2Ro@!Wt)wW3J^A);J?re#VUX
z3w598l(D$n&hwl`mM^gCP&?0eHtAFlYUlY**$8#?cWo83z*)l5389z;PA2{eC)H~j
z$J9FcEb}?0*6CvDLGRG97CO-jR4NavGUc<-X;cz^bEIn3Ma~A63HPY)8ZC0VS%!{P
zcQ_Y0-i0!s@Cgv=okdO(ODoPlbgajm43>G*)m@0koDnSdAZMC`k2w=rX7#F3_n7kl
z%hM1l;bTq>%iOW1+^^O-^(=J|3p1h4StUiy_XNn}PHL{IX&>&PQOr_jIE#a8Pm*QM
z2qp0^mp<c6<QQ68UiuH-LUM**r1H_D_gN>8h29FM{qwVqxR_$pFRC;SpLO;K2whVz
zcaoKeq!j#BN*sN;lc~hZhEQv)a0)o45c4AyF)N%oEY~CEaL98`vy^hrgJeLScfOS3
z@2sA8dZf%2|HEGNL>ZGeib^<JY`hD9g$lCLnKoL<(p&JnDC8xlVT_Vt58{h2kXM|v
zLM28-<+IwEJYGo{F%uEf<WydvWZ)bjZilROQm#@mvl?p{q}5r<awyJ~)sT0btg9)e
zN)%yt`Z%P`*))M<j(8M1z1JZhJ0;hvd>)-F#D|d2oGHahreH7H3F&Y~+^pn0$ghx2
zXT&W^jzoE!WSldc$t(*{(>)+vPTwRI^B3xs3i;XT!gutjeFUDZBl*?Ya;uWns0FoH
zuVde?Bsx#U{OMG(Y=Tf5{_UjTnH9=sC(ihkj|fd>X~!Ot#0n+dp<*6*Or;8i3Rw=Q
z!*v{DyigCz_gungX!xBf)sKT!KD&p?Sc(o(G9c8(G7~jD3Hj_9>SI}gHl(8u3~j$l
z<#Q0)=XA*6(BvsfUO-KAA^U}vOjB~=R3WZ|92`o!SIO7t!CN6|A^Mt<Y%$cGu5Jzw
zO=Fo;iRTj$b5v;8tALD9w~X<}YDTCGs{`fpYMv0YkSZfIu}le#gvTM7p|bmx+?Z&J
zm5`G|B{P)Ve-id%kW)i#EMFXl(SlidT4>4xD(2f%C1-@TXu&(huOZc$q2vcu%z>Ee
zZ$Zuu<>A^)kIWAt=k%+^MWJDjP>fn_x)5_wXmUV$AeV%;1VrFI<H%6{Oqt4?c`g28
z9M0yWL&YrfuTWpVA03*(QqZTa=tqa@Sc>mcSK^~XjZ#X*`#8&BaYH_KrOLSxf*-TQ
zm{6(||4MvJs7J-f>v#G}&zMj`m0ybll<=~DNfPApP_l~g=&2974=^s2A;sU<jSEd=
z(f67PLn}*Bh`<x<g`o-=Q!OrDit&Y<3quV7ITCVJXj4E=fm|2LpG76~N6Ss2x_MHB
z{tEF;q4%ZuPmkOj+AKx&4z<tCp&tW6JL+3Pe*}c?vrP&m&i7m6d>p+bR3DJBkUK&-
z3n->kzJ*OPHPkAlT<CA_PY-pm(AQ{bRi7S;*2<g($<0VLJv1yJlObiH+<@Ezxi8cv
zrBu+joy#HRp`?YB&upQ;?K~q?A;tf;^8=xkizvo#jR!-kr1-7zVCb!YP-{FC`Y<5W
z8Wo|>146CwaHu;Vm5^DXv^rI<^*Ec;sH+a0$#VG3YGhW2@&d95sU8g#O1V#tLwZuB
zCY1HK%IBVgabFoR^Fk8>@*HG-sDkAb?Ca@ijRm24C0@bJD%FC}rhrhY+E5?Mp-4qv
zR$LfLd4i5rB@TQ5UvWmv!cdkJb?$y0vM97vifS=BcRwCl9gw#X^LS{3lx8FMB;3V<
zEDqHyp`4qI%OG1IPllSMl#3&<S*29VLffBFHO;^b{uc6VDCJotMRT#2K>FpO2`qb8
zD_Ie$l~OA5e#i5qNcCK(Y`IM34L4Q2o(nBiA};$G{~h@}7uv!?f8*dcq<TIyVTC%@
zaftZ~QXi^(PDu@}2Q9?C5NfJday!ZsfvgPWyr3i%<)Obw-VjPzspKKV(7no6LisN$
zslaI3A2E%gMwZty)UNW?&;}*(Crn-qb#u(dVR$|Psa_4OT21-P7MHEUQz4MmA@Mp%
zl{mctchw;4LN`hAd#5#2qeT9ua1ml!L(MF|+>ZMMQaV`LCM$V6)W_0t8df93yb~Jq
z1|6$fG+v~>V)Sk(Cm`1#rmf$(;Jtop-Fu;uCY4Vy*1BS(dM~u3*_S&Y?}wTKQU>`T
zH0(`^QT3wVJ=;U42c!})AOB0{K|TrPsTfax({giYq7;99-W*!OqSxn7X;9-|i*w&s
z*xQr{@o8vn;8^r@=%=BN0`dfo^;xJ-N|pHFEPPiV^1slaRw}cS21rM!;cX?$a9&*l
z=?wM0L*l=mvMsdhJ5bv~yS@YUO-Q|U=&$_WhKk;$d{q0;8!O+2iUaa4j`dxrOo{mT
zO!aJGSEzP9r79Jf<@hT(i0KNov&>@oA=JY{f7jy+#QYe_dQYXIzbUW{vLjT%Qe2F`
z<OS&twX<A-ne;p4r%(?|J$5qxKz<Hoy|40_kJg~~Zhi?>d_+<u$_~R{Z`mLBghLyY
z#GktVHI&+}V*38V)0&9+HPj_#ws5gWPKNY`ayP1&`XfzoDCDnxBU891e?l>;#pvA}
z;pQlj@7>5}fZf`FP%oQqeIOO>6GHBqfE<Toxo)Qt@7X(WHxUwce`GoGE8HpF4d20W
zds$w=P9Mh>5!c>C<?%;C)NPgG_j1(Tb!<f4UB^bOU(D|PViMh5cOV1Y^v$xx;_W=Z
zt&vhKwvRRi{iVkNZeu_$fc(du@hPRM7MqU4*EAtX?$UsagY4yw_)Nv@gD<zyUsxFA
zmPqmIwRgYr?Cs`#rBW@$Gd}d!6ZUrNm3S)#n&KMdJlJjHn3vzeS6HNU1>`o!KCbxT
z-$ze&)1*|1SEicsm+O7qi7eN);LaRU?bok7`@88oC?CJf`@3Gxze~8kTcjjj!W4HJ
z$9!-Tb}7g?#jOhn{Yrj-oAUd=OL(B0!!qthQ_MuFgWM99p9`@^fE?`B2IMiwkbY%O
zbDKD(1T%LTV$$4>fUJZZ>WW@<^g_hE3K{CAvh4N+u2vz3x!D1E7c$J<z><blq8)O$
z+Z~Y4AxF3cf2f@4Ns4WdBi$(h*#Sv+qdQg1Sme_SIm#Ut5F-WOc6JL`79*bo$T4mM
z%jlbh_zxt*Z4XE?<XE>SAO}N^bCdp5$NDG@f729lygMZz$3rsRoIXD$3vz;+^cP8$
zXvS9g9LR}oG0P(_<EbIYaCg@yF-~@Oz2kbayX%t}r}XQuEVn`B9G`<(?z9lS_){g`
zz&*yxaI7r1k!5fRz5@d}-R)yJn<d-La#gAYcv663&T^Zi%oa;=#-}^&Iqr6rds)tL
z6Fo{*ExtyoYmw?)H$5P?K+bb}S(3iPejhTz9TZlnNbZH4?+!{JnJo^&-sS<w1#V_Q
z=vk2q-3BRDA`vkpxo(#ff8TPE`&&S0A9ayyL?~w!L%;c6+%HvLzf^hsQeEoq`rG;_
zch}$6N4dNHww~Xwzs9(UvONBpFviW@O|`~>t8t$ebsysv2V@@PGB<mGiqY#~fjg09
zD)x1Ch`HRYW1;!}ETqtF4akd-@%?IXWxrZn*{>Ew{c3Tw+a+`MYjL$(Igm<NC7!-T
zji0OCc9vy44kx(LL8=yC{EeLwM$~m~221rP*qNe)*Sq-vp>Js3;7$(62aucGnt*%(
zndIi}t#YPw_qUMS-I9RxLhf`|4OTG)*e5s#VAXcF1Y{4$J#O<psus)6#(4lz>UOd`
zzXDIML#Df4vWl6QuEybg{o1G8%~CP(Sy}ET9;#BU+=_J$`INi$QmTbMTRr6VDv6&9
zD%_-@s?6zosqa)&xcMw!?5^Ztx0YqhzDgc(J6Hx?i&=?%?@TxKFqKaOdWWRaEo2!!
z%oHc1JXP+rfSd!F<2JJtqE#<}JnD7^WISZPYY$U7Q%o^rk((ZnyC8LLK|t<@EOsXc
zWH#g}H}x2mPgWQyAkVnj0eKqotXmt9=OD}7t_+o`1S5*}2`k(r`dAOf;bo7S;zh(f
z*ROZ#-C7w_Erw$cxf(I`Zc{+sguLK(2IM`+O1F(ZZi2OL`Apmqg1qQ<1>`HpOK$W;
zKc)-viaSh7l}z<J<iG9+j(G+7m<Qt5N4Gd210YTP%KWA~hhub^-*g)TLS=4ow*({w
z`Ml*$$x^Lx>rFUsLt5Q#ma8D?khk68r>U5Yc+!BrY1!uHEAdut#$7<fw7JC`bK5z%
z!zZOpO0_sM!IbmjJ-3^Mo*z3OF&o_I>8dqI@*p3$(^xKfTZjV4NA5x?{u<uyt_%p>
zYif7j56Bfr^|9M2rNtP6e6EFTbd59USS`k75K8rlyGKCiduW^7R3+k`$?CbC&2Dx;
z=&LxJ-L`<xH*h|6Psx@!iyYLHa^B)zpu`}d@2Y+77IMs*op{z5<>_$CIOg|D)v-F<
zR+e0}Aq}n$w@Zq@igxtd6?F956?F956@1xmRo~igRo~igRqyOK#<sbsXHrf5@@#WE
z@<{wOYMVR!QYrB@>Kiv-iI|T)(j?UV8+UR*ra-p4$s=XX;y%QXeCtk>QZ0`75Nj&r
zJGUYr6_D@UuFKWY_3ZBISLPqwq_HyR_)7bOn>$XW%K8XTVj!O%+~R=LLVk2B3ssCh
zpYCv9k>ZcTZg)*UXfM(2wgrUt5<m58`Ct0A{4f1lzNg=@e(QIv-})Wv_kOAV=$Gn`
zeyMi$OV!seRbRhUfAy=^KmF?UPrrHzZ&RRs=-VQu*Q-R_hkH$QKhyFu##77t?~GVp
zA<Kwn{5FVGmRH8|Iqosi^VpWRl;tK9U#FBY_7y6hOOn;!Y_+^pDgIj<mN%SZ*5a!F
zaC!71mLpLZB^64<Qk3u&ne%cM{nyYeuT2Vm9Vk)1Wm{hDmGbB!1y5V7mZ`c~^pp8G
zdXb9J_o!`eIg5T?)bZM+_;;2ZFYzi$<v#}!@(!1xM&>#kE99LM5W1h>de<qDPr$u{
z7|$yYNIN9Kdm<oTLSkN1Kz@Sk;eEz(9a_~s2v_3Xb}9IZ$liFm4KmQfM@y&&<=@~N
z3>oaD1Y{^=KQBKZl<FXFhLZSS&Kly?DUo-rPe#lTZ$m(`A%}R;Yvr-Li@3jrdKpT@
z=n?7;`A{#P<=qRkOyN}e$^4;S9mhQVDgL$<T5PDdg{2PnwJyN14)c1X_<eDhmv!C0
z`(l_^Bn5vfp$um<q#EWel~N@}&k&*za)h_*Q};)C!>^}&{B`vxZ`Z58qr6?O{*Ll?
zz4|-a%a-}5k#Hl9mEm0)5IQ#<>s=KP`rY9;Z?Y8sy{+TDZWSY*z;6mPD>J=}iK?CT
zn_QV*5zA=;_f~PwA=9f+B8*#2aVw6V>2-5V@_uR#W_p8epnUu}nCYcUDfje@%k+ws
z2tB_ty(Loo`IYGv+$hTvpI@0?D~q0AnO@pWs?3kRr=D*)!OKw+|5fM&Zwrf_aVL6z
zu;k&c;}q25L~r+Ebu5zUkdwSLmP=4~`ny6WdlLde&zPO!-NJGQ>P|D|RBwuuQjvsK
zeHfDEb>E_LruS1GgJgTrNxnQOB`qK;A!mDKO5!u+Ja2&#IaBCH^LgItfUHHT^St*0
zLL*^>_eDTxB%JScOYuj-1zvWEYD4`l!-d{NC1T=P>VEHqUN4Jo!wbDZw^Ay9rd;S1
zu;}~Yx!x2hYL$2!CCue{;h$kI_L6U-eEeV5F77vXF80!7j6ZiS_UyYTmH#(VFZOa+
z^x6CpuZ)HMYU&3#dY-pRiMRVd>aV6=+OIs9dY{V}Rl-k^>Qb*;iI|1i{Uv0imo!DS
z*wH-ZM|v4j{4qb$8=+!ke|;lU6>=&)zeaf#N<;yl^+tL19HY;Aqr7&GspYfYC@=kP
zb##5!8|CFn@sB>ro1kLUuYoxFDDRGd(0I=GDg#1ikkMYB68TobuShk<OPWf@@_TuV
zm(QYm`7-ZTDXPW(M5@cY@_?ABcwW?7s>Hk2R&Q60_1akOU8J5_8tZkj&^OQMIkd6f
zQTNE2%335KpRr!Hl6YT?^Cqy+)8N>Oi*a6)5>Nk~>v3KuOA6*7J?}TpOP;3M@NnKa
zjPr&|@!N2mm#1RlGj5z$D8(O#<GgA2Q$AH<3x3<8uTPKjYNgB;2hYa$=TYWDZ<Q1^
z;|4*-dk@a=>qWcDBCjSO^j^|c-kT5kF*KL2@!A7IR~!?(jEB|HhvJQc6y$upcj_a4
zszV_+dbt5fhZK980&)VR#H*X>r#cOCo0nE4MU>$;O?n&m4sV2%DzWi*+}*?#;vHTm
z$I$mc&PA%bya}@?RjD`!<+%hh#Y>#6^2z*M#oX;pnWJRoHTa%6Vy1evO1u;Z_4_?u
z>RgJc7H{CXiCXm@Z?cpsvFZ|xFQl60C0EOQyyqa4YPvT;%50H6RrSSmuU$&1cyzQH
zV`W~SN+syIT>2J4nV0-1<%4?#kSme%eO?L6a$!n&!0VP$E@N&$%){P@8cJ0vzWhdr
z638Q7$^uy)DO9gYubt(yCfsL&RC!x!DaM~ov%Iv0DxXZW*!_r^?bS&s7mH9S%4d$}
zEmEoUjGOC~NGTPMtX1zy&-FG*Dfb5AH(zRvxn9a+syz3EP&(u@*BdTnx*(YisrHsg
zDHZgWRpvozylHhR)hQEA@dRXnS1V<@AfcFrUhWez#(Q<Bx`wUuRw<EBL{pjTye%yB
zL^R3cULVUpU#NOL;bkvY$LhcnofNa!YnM_g%Jx?=OT5-46jLR3ABeBMVI(~1r9P?T
zrJ=Y|K&q#_IV=M{#a~o`JnilFl!{q=n<?IaJmV!xDHoqjF~ysZXT3pBtC%r}`2e!Q
z>shK~1f&B}@3k&dvSgkqeugx7HOrMGWB)^cqo>hpT%ly^Ts)uY;>%`U7t1NwBhXA)
z<z+mtVs=#FZV#Tuc->2^C&7Ei$d&qQjW=0Jm00@?zIKC{HD2KhDpfs>z89p~D|=B%
z4I~xvj_19sWQvPBIgt0g2~x@h9gAA^Bd_=siYXUV9-7PTULVVaDOxfbRm@C`1Qk=y
z@)BmHk_{|7(T15gR=ZdKUrJRiW+T<9kdM7KDW&39jCs13@`;!7swyD~wZ<lI!YXwv
z5-Q=RUd3vXQt?5iDb7JYpLt2ID|zHs>@gu*yvZytuzc=ql7hdOmaF>W3$OVNb*!Ji
z!fypg)!`*Isbf(L<@1%-A*D(jx>bmgkgZ<R8kH&p84KCwd23aw?>W_WFMpjB?=0LO
zqyGBVE0$6vvT*Hi6;gfcr8TQmBvh{-ydEi4;+88_-GB6w-&8U5*KIyQKHXj>%ct1E
zD#?>lDk!EHId^+?Z&51$sk5KFRZ`036Sj@Gul18R;$4cV5__JB^&6>v_R3f;Jr;Mh
zA-{T}O~n*J$|1jbxl*ddbu7Po6;jH@UKgv?xYuixQYsc;%u}ECdU@+rEruY5)|NlK
zEiCkQ1J!+}m;1hoS&LuaNdELTZBVj5Qc+*@dD$N*39<a;HL(1Bk&5}-OZ<>xO2r12
zf4mAQ_^VhLbq^yS5w<^~m}+q#tx*swJp5xNKOciP&>^94A<Gz~S^;sxxf@l?JY3l{
zLK4EAQmRB1eo<TtiH4Iup_nT1Bj>YQIQdg0_aN0fh}k{7oMkJQCn;R<xr#XltJY_T
z85sVQr5o3$UqS|jdswRO#z=uAhjYJBsc2RI1G0a(lEpzj_!Ge5fbg!@l?R4L|4*ih
z-}^c+Tqb3<ID0sr)J3WT!>ugCkPpd0;XxggYPR?Wt7rlwHC)4T#Yj9I0XaCF{iTXI
z<4=5;0g~45=!b^eWlXg=^?E!(ftW+XC0i*~waC8{XBn)J!@_+mv`-j<n8U-vI#mqK
z6q2LD1yZU+&ZVX}8gguS4$Ju~aP0*-Azbt|rK%F^a9%zaa!SAQoEolGG4a+oHM~?x
zwV<P4h*YPByI5Yqoux65Gr}Xbsq&Cq2{}95$bvt$CvJd@2;-xOvR)*V>cVg?%VY@U
zd`Y+_Ah$wBg}YgXWaGLLGB%vIUFAbk0l6aF%#wk8sv*~e6Tek4B$Vp9a1qN9kVTLi
z!%GA5H00)R56el&nM!zDIP*J|4++)l&TtvasmO=wbx*i4Ae8Ff@b@hA9R5m3dAKhi
zuR$INr+%+;&Pl<uV~~f!!&%m1M7<5E2<Nff*M#?OArFU_1Y{#*W*9Hc%2s^?E&o5r
ztZ-pKzJbgQH?e$IkF^joFKqvyQk}65YY(J0Jeg&8tR&_kXrpi&3q8wEsp`V1KdMwT
zzru)F94-zBwd#}M4J>b>Jc)=|8cy4xQjrXTJR2@!nd4$cLY@zAV0m<zk{80s-73|I
z*J9ov=EZPfK#qaD5^iMq6DO3@Ag_l9{iITD>A+ZpycsSC$Y{vh;iW9QqX$Xe5BIUW
zixOT1`8Yh|XO&L}*36qApN884ay#VnaMCY+%rwZC;rxI+2>Ci($8zY2_!<f1`*2@C
zsv$eVg*_@Cim8M2gqs5LEaZ=H>aQxM6ZN9<h=c-`U$}%;LTy0kSfPZDfKUk&5>kFs
z`A{k<;cf{<EGOc;)CfsRSjuudmw9l4{kuv<LS^1Bp@?M|QZ+*kN@xzmP%Y9DQhNPV
zRExtC%2+7XdytHT?JTsjqM341LggPS70G9aIVB-yr;^Xn%iADlB-8|C2jr}TK9);f
z!xuLp=OtwQsZx<RX;@zpDp;OJFaHNJGNCIV$&fJ#`F$$Y^;mm{K*lB11%y&vk<iWZ
zCSvGVS0`ltrBad5v93#~WZ4Jn2K^Pcn-h8hay;bLgrdJys+mZ28syG|`hZZXyA$kx
zRLoSw(0ngV$O*_fh$%~$!*UdkMJ0S7VN*b;UJoav3R|ucwaAC+H7g-MAe3ruLM6+^
zSQGLf^AfsPp2V!Y9I_x`*R$usgd}|Alg?Ijb|^y3!h|vwTGdJF5<FAI(As+=WO2ge
zfZPUoGC{}>cvg!st*9mBnS{kGw2D3ic`o5~mX|SpW<%-|Hn7ktx&X2=VLJ=0qIFV)
z{19lhI0(O2su+CBP?q@_<fCHJS@zFFS!Ajb7FsjuFX1*OG_bfxwGuI}CiJk-D*7s9
zRYIYoa*iTqEo5~<8;f37Ur!h$KNeao-;tu6n-V4l<Q=41o6yWcD`Y#QB_YvOITxc|
zpF-YBC}g2ElVVyEYFOUon70$!S!fld-Nicz$zhcbNe5D`PpC;yav1m5M+r3%Uw%N$
z#)QVGl9iZ)J0V*Vrr?93)bD$uRlP%T6_Ajzo09ht^B>6egm#v-kYq?#Lc#7T=6jCm
zPT0b-2gVP@^dw{_su)_s4~Fz6RIt#RKqH|qA%B31AvqE;e<zHPpV_PyG~Z8vn2}Wh
zIRoNEM#v9uRtuV^6cdSTV4?Yy3)wA_wU^47Bp;F(X=R~#aRnqPk|IC6iEq51m#>5D
z8M&Q>X38y)y&}8Ll!1{7j?pt^U?fR?X0ux8nKC%iz@lf$zLDX3tMZW0OxZuu&7x;Y
zYUJg?Dn`$gw8$nFJuikvx>@ur7#fN0!>M@84~^uq=rNxjsbtY3{OCv@iyqI%L`Ed5
zd}yCQ<N4S~T|j6&A0O#u(c}4~NcO%el^(srBU4!PSUovn@2_I?Sj~zwrzp{5^{hzO
z0lv^!JtvZRkP<ysFN~z7D$!$gWTcNpkJZZ}%MVsDdaRC%WDHTF$Lf`l1{OV5uZbid
zqGI$|y*^UJqQ~k@k#_kB&1!k~fX3?0k;%hUDm_+jjo|Z`ayF6BSe+cHXVGJIY9#jv
z6{E*$X=GDCXsk|;OgU1;=&^c#<U<xcGH3J~nGZy|I7W}m2O=}lRX%!TRz$LoQldxZ
z%t%K-Xk=DJ>W)@1dSq5d9ymsc9+~qa^(=Y~uZ^^_=&`ye(!rwF@I{ec7Cm|wMUpa9
z&Uy`B6dA^%*YHJ=VirA~mqhAW^cwzDq?<*L@THN0V^z+24PO>%Wzl2)naCjd0Z)Go
zUmlql5E}E(MVeXkm|q!5lpp!57J3bTF;d8)XF)@xhDER8FGbo}^t^aEQX@a$SuOOu
z_-~}{BvocTFW!iB5BG)U#oEY(Q<Ug=(Hfa@suDdf-j9@IDbe$yJ(7Bw5<M?AMV7PZ
zd9fuj>~s~QXF*4#ghkJS&Pd&vDn_r^+algMO7txFF0v#bGz)%+6rZbN^ep%#GVDAh
zdKUZ^X$=U?g5JoC5h_N{g1$%xi(aw+iX4BwiqZ4p?|$>*pGY3Z=y~x^#JfPHBB53_
zqdhEorg+iT3snpW#YCdrxk~ih*(18-B423k{3kl?VkLU+42o7<qD0S~<mf6EJyZ6J
zwzKGYv0t=Xr{Yz8zi39D%16(F)MyEd9`i$@9V~i;9}-Q!RHf3Z`k~RXfY1m(EV_k7
zkMJX-X(LrCJ)YB}g)DmX9u+OhS223@W<(ptDAA+$#OSaBU#JaFj&8VIi5|UYM5E)B
zq<ksFWc2&F(d8`3X!&~}BcjEHDu%B0XqR$fbmDj=dW7dildn*sM|gg835y=#1<}+i
zRg50th0%#DdW086CtRaq^a#H?y8L=2dW2sWEu82Jjqn?yBW_TlNBE>@%8g3&2)`}b
z9uOMglcV)FsTe)Nr$j@=O7wWXJG$!*WNI{xWAu2Q8to1UwR35-_hyxk9?$njx8LFm
z#XK0zEK#Dzb7fTA>I;qMS<zk=J)R$p9&)>i(c^hRbPS6=7c7iUX3-=3v1lcWJ{LR|
zUCN@z{A1B(7JV*wEV_k7p9>y~rc72x*R$ZsXd#O}7d#!UW6|?sSu}cwN~O;Q&qOD)
z=$Z0tw3S8AloiqBJ5?$YnkmmmOIY+wc`@3=qR#~l(Zst{Dm`~zisrEBbHU5eG8R3X
zUWvBety1aP^lG$lni4&mnxf)fU#JJyMK?@WqG!|F(Tw|)=-IR(x}8POrVpdd<tj$c
zrjMf?_bbt}>C<TC3?+IteGwh>fD%2MzKYhc=-IR_+QFh{(|6I<M^q|3o4TU-3~79i
zM7#IyXlp=dHvJOaFjvLs+4M)WsalDiO?}ZBkNQHh>F?;Y8YOx*nXyeQ`g~!<j-01r
z^!&18yUs5sb}`53@$AG(SoG+1V-+lVth%wKEP5QevF$8+)P-Yt^VQMyXi11IVbNnF
z66;{mWsdeMVJw!pK;@&yPb}8OqFX+(U#bDI8*5c6U9SPLS{7Zeq*w!su2)iQ1B<R#
zQY>+y%1760uh<k8U9W+$HWpp4K{0QUN~P<ycfS%2jumo@uGipL(qk%>uGhZ(QtcnB
z<``YC{bL(gbiEFUb+PDr9T4;CRL;6y2gGt%biEFWHL&P<rN->XRVrPtgJW4Nx?V&2
zmGF>Q4ab~_2N-5xtR50edP3#%#%Fk53zF6^)uFKmWQ_lm#i6kkQq;TT^N{M$SgVwl
z@a6mq_+hc_EPs}&U+4~tB`v07wS>3f=!=o+u-Gt`#_!Y@w+@SqU|Ba7Z@S5tA|>(f
zYaJGAV$r|94~un6QRR6asfNY8CF)o@=fh*elo%ajP4N<94v&pc63_YYSS5?j`3SrZ
zL;qT0y3D@loPE)C_eIy;mwu@nT^>J1*Zqjt3RxaiuSg=EV~jPa62{y4$k-+peXJv6
zU0e(OMY1Df=}*emkbkESw@O5MELTdk*m@-HHK8@qW5q0AV<fDB92Hy6l9H}sj*hjl
z%s>xP%rUX;EO+63qE<*oY|B$>L_GxA2sth`<7p+eW0ag2Yh=0UDpPDn%qg*-Se7BC
z2a**NOI0e8zaeMDmb1K5g?IMxti#!{>}4wEf+AB4gq#yAkuqCca)LV6xv{cmC}y@;
zk6%=&JQu{KJnKseQe7OIxSXU)#vBb98C$+W#oW&IDv0Ghr{vPROfdp6V`Bx+`!Sb8
z#>Xbst9&TcjgTUqP5$$B*TmXhpqOegV<5iVg_vt%JEW*5?(UU>0Q_r-B^;&Z&ICOU
z9okDgfEZt1E->YjD%Zvat)!e=jI;2o{w%~?7t3a$_NkFFB_K;66Jrf51srozY(qdO
z=4L*6v-37a%L|YamN%Ul=)qU|Ni*d3Sg*{d*~ok!zkxvRilx7(O1SoB^$g5iu^g5?
zm*D<9Vy48Fu%tr1hD?nmHmFoITDl>nv0GRs7va|o$i1<$fEaitV7hLx*dci5XgA3H
zv5J>uKH+CD!fE}vKemKr+08;E$(U6v@7%7Xon^!t^(4mqu`ZU$KWMRERyof`y=Z>j
zA4`_fY)n9_4wgCRvfOgADa$+~Rv3^25c5E+TjgWW%smWJ5u5Oe%sIYBJsg|CqSvTL
z;=MBt?Q=9zJrZkIF~-EZ@K!6NGS<bC%zaTA%V|`tdOAvYx{Mk4Dv270wAxg~(xkKq
zJ;r9m3Z*m)eXQBB4k>DcpNo9v#<~MC3Q`lxf6dSNI>^G<#DLrhc|6uErCI1P_H+y%
zYNqil^k{iHmZ>BhTdbb5S{ln$;^|&q8k@kP=g!jD49-W-ou#qmQr;AL^e&6F282fM
z^4NAxrAJ+TtY$Tp2W#eFv?$8_LTr_kD$#%uRSRi|UGchK)2ASfv1wBLHe3~JV4)dD
z^J{f1^9@Snw`x-?rHQ0eJUs{Zevr@F*mf!FtQ$w+w@S#mSpFJ{X$e=&S6|>+7h5Vt
z^~LKlrZph%K;DXN56BkC`k1$t@=>Y2gM1Y0l%ht$-;mE@x$9I3b?<DA)kyJsXKSpP
zWAuFQjCHFRPxnP<%xjiq7P>DwW0_L?zW6$p7ZB=;?XeP-D&EUou?i{W-g~ub=g<{f
zqC`B1okJyl((H=0am-#(9n;Bj;67UVSjrF5lJur*4ew%nwTzy#>WU3xISAhbQ-bEg
zzZQpf`2UjFi+$=Hmah2vqw5|Q`8VdMPkkAS-(_h1`9Y_WU%R9jU+DQUk{{zSUw(t{
z-#~W6<-!z|Pj_5sze+j#LQjVLTRx9VwybGOSU<zr9V=p~L<y-?yJOQ>W-rrHr^NUu
z#}otbykmE)m1Q~0FR^ZxCddJZ`7M^zB1eKTpQSgJ$?_GRXFD7*J7W`B7V)wEj8!O!
zuZMremU9fPnHfmc7u(J;dWHNe=Dnpxo&J*Q|FQP|fnCk-|NnVTv9X@d^ZPu{F-rB)
zuvi+x^a?{S{jdl_NDX^2j26Q%T1lqYViJa7X=NA<VZ7#LW*DZ1urf@-A`FY+b3Go{
zb)Cnv_Wk4i$G1OkUDx&aaXrrcdYs2OJI_Cdr6UQy694C*eea*ca;42(+CSkQ_h^Xx
z=dksX;FXdC<gZ~plHd+asGk;{)P`;G+So0cha{QT#%|FfBD^+si&jdqD4CUQw`d*3
z5vMC6%ezIpiSTL}63u)Q+Y;~X2%90%0wTOxhDK|MaCUZ&4tWc`I6EoPW+J?zQlkSz
zcts71PI?=?cts71mJs2b4vTgY;he^zi`&tQSDg`EM}$|M5iNR8*uWcQunxs2jA#{+
z@4wQt=`hb`wDf&p(-L_J%By%^)QL6`c@qA*Q@qdSMF)tS31^jp#G{$((d&kvkoeJj
zBK(eP5M4)P`AmEhb?@j#BJ1G#5^?s4)^uW=V_=>|>-$DGN}}Ez9ud_)5H_u{cAp1*
z-Y+@{Nx17C8O@gj*UyDuGctPEhr$a<5s)#_97*u)^lO0}7%i5hHGH#rY_y69UzKB{
zjYRmW92@OKqVcseHrhvoSLWEL{gLc*xH88^Gl=lY92?D%1peCeXn11^`ZG4#jW+Tb
zy~x)g(e#Znj>ao9Gnz+)S7v6km<X@TanU9syfP1sZY07h^RQ^u#~7Jc=7eY?5nh=`
zM%#$+$~-bU<P-Gbm3d@z1QA}DM@O59u-Y6G9r7u9@mif2okWD!>cnW7B#V+Sfx0Yq
zdK057h;SvE7;PZJb!TF<oe0;RiP1hHTz4i$)4H&AzH6Hpory%Qs5@Zh{~4_(8&<YS
z(Jo1<w4Pt!&2+Gt6fNH*;$ZE55XiC7dnG}Qst0mHv_q1G+I_Ht6{>zRe91`sYZ>|q
zj0=grS;SeS4ToJy6taABG*gn+l)nzfy8z|2*U9j#TiQ&PHZ3W2v=cr#T0~xFJcT>z
zlcSYH{?)*wfym>ZGwC4mK}fa}sR>E)XL80;-U`VGB#}NKqJo?pol4|an4edGOo>)W
zvM{-cyrx9!iEIf;3z5jL?A0YnOXQy);;)%ci4N(Otw&A)B4%t#G@Hmq_!f$ojVaM;
zNnYDckk@7F$)5|amPjVd>bpRuMsp-tl$-_kDI(7FXd#ge?_=cY(Q+i(n;$djlB6|q
z0nDn1JUu%43+&HKm{mbei54OWYh`Y<f^5VZ`vh!eL|eX;UZF;v8qMfI!nN|$XgiXy
zR-Q_$rFE$I>of62G?UkdZ3WE~qc|<J5%o*lwJ9PrL6DiDjkuP@jGZ3srMB*Zzc~0D
zdU$$h^XZpRT*2mykO(E&3N~j%CwzrtKW7p~J~Ns}#DRBHg;!qmN=eiyR$lZ*N$?Ae
z;!4Sj-jP7Wl`<<@gK^~V*@=-}5S_IJ=Z9OL6D^ZOU2$`x|4ASs&c)FhNnTIp`6-Mx
zOVXn86;~J?_!=Yg{1ishw+e#Q;YWybS#&}I5q&O-UM`8cx{IS_lC)@iRbCsdm84bU
z>*CsI7ZJ|Rb<x@1W9vN6*GFgmgoI}mNFNfO)zWCsFGx6FrP1DgL0TeT!=CL)nE4x`
z$vcpA!YQ91H%8NmjQ$aAZi-GO@-e*OFKo)91w`gWlC-~Iq&G*aBx%)nwJeP4zhmUu
zC*c=U!DeB!n#g~F$UFLICy}4u(lmW6-1QI2*Wy9>s)%;}AtQ&`Sr)DRQ;=4TuefE=
z>c5ci6?bPe?QbNU!Mmc9kwm_`4o;|`^{VJ-ZK#M7`3-it`$#e*B8bZJ-BCM%h%B#&
z7E7YCTpeAQU^5!xJRGf(MCJXF=sHPSliwm`dn7t5NwlTb;Um!&Nm^w!7gyyY(aFiO
zhZ?VhN26`<6Dnftyb>Ob_6<YAxu^}V%H8YX4gliRMh}V!8ypu%g0?bxYyvq5`utdQ
zW&#-pWL2~_frwLxHBrrwap2oGSeqV?&LSe7Z3(q`JX%AfYzEfl$D_?e)?SBy`SN&l
zs)=#h=(M>$S|iELS{>QcN4HC|O#AILc&7{c^F*}75?(iJ-@)6e6M;M#ZIEP<#`~zJ
zqP@1TS*9hgfxjmPo2R1Ljv~{5tc_MmvPkZc&I0m6v`><owXNU5-ziE`<f2y}j7xYm
zMLUQ*^bnH&MYB9%vq)PH6|Del+M*SbERz{50`gY0C4pQI<h|$sk(bYab2uO$MziDC
zmJ9pY+kk9}E|z3bazif8;TO?bviYkUPEf(-i)fmUt@EyOOLVFv@JmDRrgt^iY>Ac<
z5q~pM3*?(<J&^-p9o7Tsjb;WI=h@rf3lBhkjBZUs@(QTBAbruP!;x69GZ*By=!%g@
z#LoORAiqc3i3l|oHUrU&f1ph}*t7%rJ6a;iGR=a&W!L~D600H71Amv)4P^IN)BeH>
zGU&rw)j;-&4G?LCQ3#^PCXYdzt#P=21>(edh^&SANrGL`-m#2ywE2x}_KTGfIqQ3<
zabPnh)+NazZ4BI-i&2b?6&`?n&Vw_D0BjD4Z6_l3w8G}lSjmAHd2gtLqroOC)<)!0
zPzVuuLM;0rw7Fq4)MfCR7%NI3Yar9d$6AQIu%D(K3|=`gJp;XtI~u)Ch~*>@;dOGX
zfyn0*&}&L;E0J3G3aDsnYAkIm#t}q#&4{%Sap7-jL=R7m^(T<=K=NYc2cuWtff)Jh
zSQC*>BIm@?4iPqsG;!A^W@A>YD^n14|8-t$0Eyf!9|@7qkCl%@8{RF?j&(@_ds=u0
zSX_g%W7?r;!@Hf?u?9)hK4Et3tnspS`FF>YAoA>3p(L#l*18K~OLnoD6RY0EW^SyB
zh*+y9L7aT}TA29PGIR*^MUabPyFLXjh{dx+>n$4F6vUQDg1RccJa7rcX&uUuFNsy{
z;#C+cJxs=ltjI(?ynIlcD`M5srZwe?Ct<$^{kbC6NaT7T;-vkGSTm8$r=Us{#WoVz
z3Pk99QS1vzR1dF=4M+mt>4MhJhR9dO(hnE?S+0$*g<Tbpt75Z=%oqdDE`ZFV*-&xj
z$L>Euc&Y5nkJU+nHpSpIKek;GHDlMr7EcgfD$cdBsstkb5cb+wy(G%(`dG=4IAfiM
zz@7yn-w^9U66WHjL34O>Z1z#oE3~<Jkj;YF)?I8C46<1mD?EDVI12~a+!|ZFi_NVu
z`xxx=)#EYCw+-@I63dV_D$7e^IYc<iOJcc1<{pD9;r3Vok*k1+m2i8kn8-V{Gp~qM
z5cvp*c<NCRTP}&3`8#5bk}TJD!1K7pFspaOIwy)gFW2^kZ_ic&SsI%>3CT(D6z^Uj
zm9g$)k!%C6<1Bc-6)QguNh)}q4CJm@$MHzgK(TAV>+YDIgXD)t;qQciERRh{AdNuo
zi4_tNGba9`c}1)ufxHYh_r}_YR6hxS^$X<wSmy~CS*+FdKpu+aO%`OCcI35irVj5d
zKN2fTAmVS6Yh!gpx_^c5lY!S`gRb|wSO?mKe=%1V8}Tm@S*^^v*g8pW)-Hpwe*<yW
z#Na2%Wb5Yu`5nkpgYy1N?EERxCXD<{tWXkM3CXa^pNW+d5i21k2`ZAx;M!QFv{C(8
zJE*N^WAKA$JN5b5K{n5`Y7P7NaX7t$wiMX{MC|KAGW5P@@Nf2?kKHIEV}JGmuXV8o
zNm?Up^I~lFG|_r%3P*k^Rzid$zZ9#Gq$RQmp7f1@I4{MvN`jHIfV>h*pN?@-Uci(8
z*JG22JPCK%;^hDJSRRpyaON(a%e)>dB2olT8IUX{(z6$P)e!j_e&qz?tRwO%{LQsE
zS$aLzA&HuKXzLW5RelNsZAqe@!n_`<L=rwDYmL<*37?*{#+r%nDPL=>i{kKenbugJ
zB<i`$8!<gsw2nkPmw78TRuZMg@5XW@!N1=Te<AX2tei+1{AGtA@5efbh|@yx_ZOWp
zeTIm<Ts{>NfBEuZY$lPj;Vf6!d=#r9B5It7^Kq<+NH#_8iY1?lal~DT@cJy4O+@Sl
z1^GPILu9~(ukS#Xzl;@~hF)T?C2YQmRS`J{_G2@_=Ihv2BI3?YwEk^OpNU?xsP%2J
z$wb6`lZdlDwpfy7T15^19mh|x9wOht9f$bKj-LnBxW3q=(?w)8t9`LbNpK~Id!oMB
zR|!Py0e*@7E(xAyoC|&aC6;=Ih|`+PXTrb6GKlcG@vpI|NWxR%Ut>i?`0nP{SS5M!
z^NU|&bwqgm{2FT^FMe9_YixiBp9%jKOFvWgNB)JrxX1r3Hk*jZsUZEa6-4;FcSo#?
zh{&n9qyIgYoQHAvy!ZE577;$V{XLdXgimgNkCmN;UVOg#d#ombh$lyX#F~-FJ>*=N
z!-3cU+3+6n&)EKFi#RGff5r}#1hXSfY5t5&N+9C?UDJ0xr5U1^NE>yxo}yPvqVB{~
z^zL)9&wMAor=C6=3EzqDsaFx<Gnu{g4kCPSzLy@qKzJ!7*-NjGL_KZaORtqgDal@X
z3zAStQuQt*p^~KPeMERAr0V({>>(>js-7;1Qj%eMP6821qU#q(qGr|BFOx*gs;!qM
z5HYLXpjq8pZ<ID_R!8U?B~i0FLQlJB=ULrPj~DDbtNZEYM0i$5>di!WR!8c||K534
zN9vW5s97DU*GZygb)?>gB%IYzdN-1AR!8amM0i$5>GmZ%&*~^WLlQNsqxH!NM9k_K
z{X$99tRAG7N}}}nAibFg>+`{S`lX_+<?^IL=-4>Dkch~s(C6`bJrUODEWMWq>+|8d
zU5Ig5pO4f_iLgFr>kUL$pC{@Sm!TKy^CW#E5!UD9^Z_EQ&pCST<><xwe3D*9g!TDk
zy@Lqr^E7?ez0E0l{0b3A&Dbe=fh0<MPtjjaAVPa{_4Se{?akGDBvINsLmyHkBDW^9
z_Ri2pBMG&4hCZ1HYwrxbfV^0HXXs@_cx}wktI3PCcZS|cgthln9e!L@v>s~jsrm#W
zti7k{MMPM8XX=eaSbI;`yNR&&p01}}g^^i%PuH`Fu=bv=7tKQ(*51?g$^;^`_YA!O
ziPYXpKzq;Bd&!2iH&1tqMI4o#Jbk1jN+t62%mgA-;+#P$alT$4ZInvn>lKnHmB`mS
zuE9RD_FkyRuS3Gxd!b%VgjM1qy_pEB#6^1Y^}<VO??rm0BuXVN((5EqDshqCh9p#p
zi}h|Kp-Nn=_Y>ijaItQeVh>q+FV-_8Q7TcOPfj30B`(!3ltj(y6?&;8N+qt)n~AVW
zT&1VqAlgzYF<&nv!YXl%UQdKoqD1c{!YXl{Zr_M;SS4=IONp>bl<5sbSS4=J({4g9
zR*7=GfC#I^BE5nLtHffxn+U7K?Ydruaabjm>a&TkN-P_s5_jo!(nihLU3$MHN+s^n
zr`;?ftGrj~b0kqJQKc74qEzB;y^08{#NB!$l29e?);AJimAG5)CofisyLJ5*(Ryq6
z=GEPL29ofp{oQ&#5mt%idL<DtKVm<&TyG=7DshhvKUFLu%kQcQn-zKv5mt$N^&%py
z68GxWL|7&6)!T`%O5Cg0F2u;J68GvY2}G#GeR>ZPsS;O$O5CrHScG1z64m<2lBn!d
z>t{%!RH9nXPar}i9vY+)kLuOZMyW)d-Ykhyi8_7A5^SASVzoZC0tu_cYJD9MR*5xw
z9}!lGHG1|P!b`1|HF|?2N+s6lZIURJSfg)65~{@GI{d(~%sami`M4e@!Yc8&o`ocQ
z2k&uxsw7G!>h*#IB2?ljeW4_3R@ds)k|>o}t9KJ&m3U5{{2$RDr4ldb6+~DiUeeo%
zuu3%Psg>x(D)EY*MTAx2RlS-Bt3-?5L4;MJRnK0AaabkV^u<J2CEn8OiLgqv>)M^@
z#VYZho=JpNV!d8QgjM2$K`QZ)-X?9-jD4iX?-G%fN_?bWmO#W_VxxYGBuXVV>Q#~`
zmH1e1B*H53vEGR!REdxEej=<AAM5cd(Ryq6w$I0UCJ|m6AL~<*gevi|UQUEn;uF1r
z2&=>=`c@*W5})cL?v`zZD$%9q6JeFuq*oGQmDr>=5n+|sr1uhGmDr@$+=G!>B{u2J
z2}G#GX1yDUREZK$iO=-373jq((XF2-iONp5eySu&CA#(52}G#GmxEN|Ykh^ZQ7X}^
zH%X#YqF2|dv2|97ZTi3iNLVGd=>-oWVU_q^uO-4N@x9(FiBgI0_2P$wmr{xE^$JOp
zN_?-^BMDXF2fYPJxR>}r?;^r0;Rn5+;_zPL2VJibZ7G%5u4g0=p%Opq|B^(_>TmjN
zNt8<brq>W*mH1sxepp0SD)Fa2nFy=I-}+)AtP+~hMub%&$=FVWRbr@-_XtL2l}I)!
zh_FiRY1p-B!zz(#tRuoI5jDDquuAAg=1TNpm9UIFBCHawQAdPT!Z)@`qE3YNHl{u%
z;w;nnL@3SJ^{!+eqXBKgliPiaA*+O!Qj&d)vl56<l6{TKB~ePUuTdt6Qj+0D4G~t7
z;YKr(P)UXxJw#YZh8sibMC(dPh8t-_c>N4FCLjrwWVlg8gq383QB8!EWQ5U4gq37J
zBXzZGD^!w^MlKOnl2Jw}5mu5>Mja7Wl2OJ+BCI5%jOH~MnU!Re(Vakql8iRQkDkLw
zrIOqPO7agQ8%g-a)c(drlBhMmzj2i$N=f!N$`XiBk^_ugPlU!A>!giRl0%IyNtBWt
zYK(Xa`^-u*-Y9q)2`kBXqmu|LNtU5MgEp)rSw@~DN=dSec1e_yWEnl=#eaX1Weiy>
z<Ah3bn30AgRFcDtEF!!T4l{C*g!_%di~>oNk{oW7ClH||M;Z@HqGt6NW1S>QNsciF
zh_I4OGV&Wm50#P}Z`2WCB{{*^N`#f<L?iuK^kOBMY~&JQC7EKZBf?5D-RLF4N|I~j
zJ%@2vNlrCtiLjE)G}?%;lAK|rJ&#_jBxe~@iLjE)GOCHNlAJ$CB`z>}q>Y-f3ycZt
zL}aBB7Z`UW5TO!tj7KC<Dlx}sltih-T%(f+tHfNR4@syJbB*{5qOI2Ot(dvS1SH{p
zW3G`)gxAJgqmaD#>|(A_ON3P--{>I1Dv@s_zld$IN?d46BEn}E7a8S5SS2nt8i=q;
zTx@g^VU@VpNPP(-vr1fSWW0=oRpMe}Y61}|QD77zkt(qWRN~)89og`H;}T=NBq}?X
z7=4l`mAJ$h@``8+iBO5l2C2lAMz*w3Dsi<jTN0%bR~xmjVxL(ht}$v}L&7R?jgi`d
zgjJ%%m`sFKqQt0_M5#oH5r18HDU~QOG9^*_jS?dlNvIOn8U;u~mAKX@Bf=};TBDlc
z@P6Z3qfrv264x0W2}G#G4aPP})U4iY3~3cTR4Q?^kwb)4qTHw_BG#BV;k?!8CBiCk
zo00Jb#$lCMViXc#m8dYPh_Fih#~2{ODsiWg*@kggC8~_=Zz5rpSZ>t4g@jdNh0#ug
zRpLHl#M@}YD)E3ZnFy;yjj@6VtHh(mMoH9uW2KSXF5;;D#$$t&WR=l|HsO9_m67(2
z@KQ>$%D6It2qmdA7D=L%q|R6&iBgi)#yTRbB&&^$NJ1r9Z440M{l;n|?OoBj+Hb5j
zvWW2dS#9JZ3HKYTjm1P*N!A#RL|94I7`;STNgg*wzbD%Y_Z#&_0TEV`CyXj0tRznu
z%|uv9o-no(VI={t4vfr7@`TZtK!lP!X>=lyN^%D%$y0{@K6<f|G#J^EEYq^#d8PPL
zUxQIk<ZbwCxGL~^+DKn7yq0O7J*;Vu0a<6%6UkeRU;TaA=qK_C{M}6>*t}}gZjfGK
z-dl_YNt8yl7|jVpXw(~nH0o`mU)m^*>M+teaTNT%afdPcBP6U*?;CX=BVmnt->^SH
z!Wy;S$R)xWwcc1EiPEU`M(U@+OKH@4W3(hnqt+WaNJ5R;V9Y`iYSad!m<X@24Mru!
zVU5~g)JdW=s?%smAVQ-)GCr3?Y1F4iza&bdJ~gttM4y*ytWledS|Y4bpBr0=utt4p
zq;Enm)~Ft%fCy{U7Ne2~Yt%PJKM~fbUL#{O#$k>6-dI6|HEO%jLxeTzCnNbY^kR+b
zGiDKCjrz@~Ai^5;yU|62HR{hn`t!Fjx?4n6GxoPpB8k$Uzm0bih|nL+{6Z3?KbqMm
ziPE2lX@4#vtEVs#GYd(mKM^yJ2<uP8EFmvGUyYcRM0jmP%zE<TolL~+A;S8TWa?kY
z*2AYTN#<lCtUtS%Wkh%<GsJ8m!um7R+)jk`XQ-L>B}Qib8EQ@?!um7RO#KRNSbv6^
z83{z_&+g__BvOA~0ZrJ$Tue5sKgs4ZlBnz?o3BWsR3h1IPar}i_A+<9--($+wut^H
zm9WipNz_ipHVePOKC?<VX2EwzSS1{@lL)JXYwEpd!z$sLd6FoVaLsN>luEc}KY8)}
zj%&uZ$vB}(cxEP&P$fKbG7(-0o|%s%yx;N6Qc09b#LX26M5x5x=ChKhSsiY+OQKX_
zxS9IB=#Nr~k!BtdR*8R@D~Pa4j4?M7VU<WX<3C^=R*3`6NkmvB#+nsGSS2#eW+JQ-
zhnjgmVjNb9EOXXRNLVEfH_M2yN=z_2iLgo>Z4MA&m6&K|{)};0C5|<VBvCt=<IT~1
z!ba_6a?D*%PEIgCK%20lonQ|6MR+MCIl(+Dfe0lz(Y#y|r6ebsWs)c*ImxUc!aJFh
z%w{B^lAL7r5Md=b$sF>lXkG1OPBPPo@cKE)oPZ?U$(&>s5n&~nY*rKDoy=sjlL#xx
zzs%I%WLx1*=43OM2rJ1Hvy=!c$rQ7W2rJ1Hb0ZN}k|}0OKSpLHnPT=N5TPVf%^^Fa
zjZ~7?K}n{WlaPcbC)3SKBvEUAx_PxEN=c@h<q1S6$&5ita=O_hZIqInZFWndl;mu4
z^q<&gR+4kf!oQKQlAL31B*IEE%d|DIBGlg;%`#_6qLgHo*&~Tkl3C^ed9jkrGSeb5
zPN*d3npsFfB{|oeN`zO!xn=>9P)W`;%Op`sa-Lb8K!lQ9V7?%Un$-)<4oQ@fTxi-!
zqCZMW3d~X>tR$D3%|uv9E;CbiLoZg6%gtOOtRzKd2@%$fd1eC<){XgQ*HDbZx^azJ
zzdI7vjcd(LBCH$No9TO?4eQ2@=1d~28#kM^L|8Y<&8?Cs-B@InB#SsoH*OuI8;i~4
z6loLc#$t1pBuY0Hn@=YYVSSs~CW+FG+srOWlx{3B2Z*q4EHTse6yB|&ZY(h;5n<g}
zV$Mbqo~0}?ONj7lSz=a^7w<rpnC(PZH*Plvh_G(lZf5O;t+Q@an1w`m2XcqmNQ8A`
zso6t>bz`Y%r(zt|jiu&fBCH!r&5gs*hIM19*`Gj!Zv4lLN2QI_jdswDN;3~hs2j`7
z1(K*0zRdiOBuY1ynKcPS=tk8b-B@96lr~B?9xw+aQM&PfIorfOvu-?SHrhy7Hy$)c
zI7nDG9x`VU5i=Hrr{oWrwUQ{^c*x9fg_qKehs+#F)P2fBW<HWoH)_mMB%yB9m{ml0
zCDfP=6o>CqYRooClx{q1_9PIY8?|P{6a7)MT4%;3QMyrQmJ(r=c--tF!Yc8E8IOxN
z@a=ticlSv%hX|`ggIP#~Rbs7KON3S8Su@keIE^DT`L68qW;GF3iFIZR5mt#8&3J%b
ztP(Gqvx%@KG@F%@RB2uGF7f}&HX`Hb9pKjoX~G-k@6txi&l{$_w`fag!W-tl6Nvb~
zHnU6;r3r0jl_W|N-ZUGDuqM1|b|MKi;Z3uj2y4QdW;{)_p!O1Pnwdm+CA?`)MH22M
z-ZaaJuqM1^HWFb?c+2c1!kX~5IeH)2R=AgFHw%fdCcI--6Jbqw$80CUn(&UP?Tc|(
z6W%e4iLfTTV^$>)p$YGrjYy;>YyeGo&+H=`zANc4hYuH#RdzbegCtR!&|zjL5TOYh
z25G`aX0fzUn$TsgkVI)hm)SoON5Pt~$;|l&64r!GW&;t{gw19z5!QswX4d|~3$L$F
zU|gHcDMZrXt#Uy=H?Jll@+E$yqQ_iJL|k#=S0T2T^+d!x3!AUaqA?g*WKhKU##})}
z?C=HYHJgcuD^7U*U}mPHS3mq6Ob^)nXciI?`4Toio6ST-mIe96>>)B1A`9}HnR)=m
z5m)7R5NC%un@9n?8{Y?Hz$}pjuR+nDKh4<(3a=_{9sFhV??5!`!h?{At5QTBV(q%a
z-`y&cHtHJO-Fi2H2>(5-FD1cia5wl1v^}goNz^$&vSnuoTXj_?TUkiLYcSc$Bf{5U
zvQ<J}d@_)1RTANAFxjdlFRshURu>Vz22-r$v9k5>WFW;FO@yz(J*`<p_<JdPStUgH
zdnr+?mk8Hx!%96EBlC4?S|f<?b!u8uiSYMQOsjwhe=o(h+KKS@Qe11uAsCsjZqLdj
z!dJIv%|epG-%IhVA|m{~6wfLr!rx2rtQAD~dnuk(PlUgh;#ti|!mnF+R(Apsx)Hau
zOxZ)J8!3=?-^xZ3?j-^%UlLW918ch^sxAjs@;DqR@8<(69Z6V)_qHYx;k@r{%_J|b
z!h2hVlBg=2W-U%2q6!bU>L?C>)oqm3gd~M$Y?ReOWD$MqY?ReQgy(RS)lY=yaFmsL
zs2oKK&*3O*xFkv;M_HK(L@4C`)~;V3IM6DPHcBB6u_`cf_?>}6tN}^XcLolzvd7~b
z@(J)ER_5VISVc3fk|U6?ie_4+M<QX(9B1`PqVhG)DmhBnsC<pHDkV|-sBu;Uk}zL~
zT5Uu)Ux!*<<i+_q)asK&<!ij9A1&HKBJy>(l_^PUGUw|kD+fuKucNFyBAl<ItU@B3
zucNFoBAl<ItSa^zh2N$-%339f%GXiWx&$Kfb<CiA9cyiuHY#5yT6VUa)i7TtTIG_c
ze4S{uppD!)i0?U^Xf^#4bHVvK$r^Gj63*92R`T&kIA4>kt0hr2ZnAX`5w3Altac(?
z<EC3ZM7YM~TFE&gGXAoms0A~ub|PHkPP6)maE&{|N;?6)xW=7jts`=A3f8!DtmG5X
zhHKopRuvJhapzl2M7YLXVD%8;8aLOPa1zGh8h4R3Taqem8dOFd^ygx$gNWF9imF#&
z4V)~zRMorG+G{Eju6kDts(M#i<D`w+?ObV1l?2y@_#3e+tp^f_h<KItj3lZKUS+jN
zqUzv0tA_~x)!001$TZ=t?oa1g=|s2=&a);X3GYwmS+j}o^)=5bAuq0j^Q;CUTnCG-
zE+V`aEw=iJa2=d)WlqQba2>qbno5N0;I&pW5w3%!RyPr@gEv@xM7R##V2wBhBXb?R
z!OAAWb?_#uh6vZeo2`vRxDMW84avngTnBHlGLeLJ@D?kF2&?)n)+{2d3Ab29L|7AU
zvC4_ChTmeXKoZu$TdZ{nMAX3r)<z_<4!W=o%Po5b_K^3_3$1KPl&&tc+9XlBy3pz-
zFRp_NE$vhpC)CwNR-6dueUX)kBs|4hWKEVt>FTXkegYA?y2L7{IIOEntrbW@U0rH5
z5Mf<iYPAsIIb3ROB*JsJ)aqp~($%Hb-;yX@U25s4iE$wjy1HzTuHJ1;mNrUP@3RUe
zQQzCS&+3vy>FRw}+Dx2zu7mek`k6>rSMRs-@{q8u-fzu18wu-bwbd?(%2&0OcaE@8
z`Kq>xBvEy++Nwkn{$0QWRvp=J)qB8dmPBReL8~i)i0nLU4Nx3@&wQn2&yqb1>)=W&
z9Z8t4mDVI8oUfJEOd_1Gl~w@}&euw-l)WflE3N-XqVl!Us!1RsUv-1>Rc~#SHY#6F
zTLTz5tb<Qmh3AS<sC+$b)k~u8{+_mKW@9cmU(Z-uFF?ZiddBLVi-hyFc2FH$Yn`1h
zZ14<L)Pm;*)xj66YO>)v_>$F3gzxp5tm+Ff4%fj~tQI0%2Vb>%iEtfku{K_WUI(9t
zb+FY+yBG=A!8WUo2-m^4tac(?2ivVaB3uXGwI&x}9Ik`!TLqG+I=J5IB*JxYgVlSf
z@KSZ~L#wM03D?0-2GzkXEA292qv~Lnl_d$T4N(WXtc3|gSZ}iKlSI|QO;)`mst#_p
z+KF%-+-&tC3GW9tTl(c9o_gnPvz3V?tb?1a$wXKWH(RsGi|gQKYXuRmgP&O~M7R!q
zW_1(cI@oQ+ufW#14t{QB5#c)6W7QGiI{3BKMuh9&R;!B$*TJn;auG)6I=IyuO@!;<
zx7K1JTnBrtW+Ge%w^_YJxDIZ!;#bPZVIACNWf0*yxXsET!kVzn$|J&>u+1tY!gX+)
zRfZ(2gWIf{1S0C-_f|6!SqJxlI{1S%KsH<lw_BsH5<OJ9y4|XhMCs~wt6mbNtJ|%1
zvf*!E|7i7~O;{O!v<8UqO8C*T=ixlF_Wo#PNTRg&Cu?#75!(BURe)Zh((bTIk%UUS
z!>S^}O1s0VBf_(~!)hYJv%16TU@ubI9oCnUD5c$D^(7FYv;%{bR<kpT#kiEx4z+V7
zQI&D1-7JYx+M%{KA7_Ir<50Wj8YHZ=yW9G;NLXoixBIR`!b-b`oqxR`Dua92+a*yM
z+`~>TMK9jT>|v)P3G<a~Pa?wkO1AUJi}RIi7fGV>m10*U5RtD`yPo3kPDZzzk%alu
z?Tth@U%K5(g!84_+6}VLDV#6ewu$gnpxa|4QTfvC2?<2x%d&U9qxbA0X`}L$W>;b4
zurj9ELv9qUt9+%|Ig+T#m}XD78E2LAwU1qP3lh%PK6ZII63*AYcAq3FU;Em{3x$o!
z*S>azB<hOW*RDqr=4-g!LWJ`*-0mVT&ew3ePZE`{5w^Zaw1q_EYm}WSiMpd7W9J|V
z^EJkvMTGM;#x5el`5I%F6XAS~u~)DcU0-AD$0bqu8e=yl5RtC~2j%NvyHDDve2ur`
zx5`-!^EKXHEQ!k3c)Ja4!aMr$_PQmQ3(i-T-E%t<&R3S*aR(C4*I_oFQH$$T>{|}A
zCoL5=Y9}+nt|G#B^heu`M0h82jJ=Tv?_?(0HUGglypx$^w-Mo;%<=YiBD|A1(XOdP
zuZI0_Co|dJN`!YZC)*{<(1v$1Q|)RZypx%3w-Di-Os*Zj6TNsRbDEtgiQ37`v|ET&
zZNgLZ)9v)TgqJ$mKGSZiLUMXD{N6Fl*xB~acO&7w&3X2&C)=~_5zB=Qt_`u1nQdR0
zK*axDU@wwH?PM;nS4g6EGIQ*8M0h7N$KHq}+{w(b2Z-<;{Tw^(9?^n&x-`emBEr|#
z9D6E~@afVVyPOE`WaiopM0h7N*KQ}mJDGfY$O_q(#ygn{?GZ$HCsSZo5#gQ8rFJ6`
z-pLf&ZA5q{Q)u@Q;hjvOt>24n@lNJ)yO;>?WQy#1BD|Bi(%wjfcQRMnL++Dt!kx^O
zcAN<BWUjO`iLfSIY3C4OO}Ns|Bf=VfrCo?5+{s*NS0oUzlex;SM<RDJqhTjA&)!Nl
zypt)m_4`E+m97@s)siS(Ew&paQMy`ecOnUOb-vw8g!4Y%9#V~S$htb;PLo9G>ecpy
z1R`|xT00ND!hOpPb|I2bS8uS(iLkETV6Py;b9jSYPlV_22D_QPNLO#LH%Ov%^#;2q
zfe2kK8>Fk{cG?4CTuN7OvnNTS_AR&B4U#Bbz0KZ^HleQGX7|+K{IISru`?b)!n(S|
z&a6ekx_Y}^BZ<n_?RLgW><@qM>vlUw5|yvp?R+F*zAEfeBAl-ZyNbLxUln$}Br0Eb
z*lh_!<g3!&N^yAKQe_Vy3G-ED+mFdnq;S5f>~tcWuPQs62<NNH&SfvkSCu_i5|yti
zyEuV}eBCoBU-#Sf(njU0#_qt#VI8coC#@1aRQam0%Op|zmKwWw4d#OL^|0OaI1<j+
z!*=r%NH|}Q461{V*qKiX8&wBa4yuE7b|u+x9b98K65%@dxLy4e#^E~ngxx}f>tKW3
zON8s-TDz?Qy~O(x;_2<Pw*52`u7l6pb<ZH-I{1R!PK4{=OLiX-u7fYzlh>jb*TH7H
zKoV64U$qB_a2@=gJ-bnOsXEwVYtJF!I{1d2{5%q_gKrP2gYVcgr46nPQ3v0#S0)hQ
z|E~R_B&rU+Yqv|H>fn2JFA=VT@7byAgtt1`e$UP%!gcUHI~PfKNB^E(K!mTa_v|wA
z;ye2H>~%!A4tCf*M7R!i*xC!&I@iJX?FmG<4z9On65%@df!#)g>)=LvD-o`PAKL>&
zxDI}7r@x48aUJ~F&LP5e@Kd{v2-m?)b~h2OgPZNtmoN_3!OivrBw-!gY)>V^b#Swt
zPlPpLvt2@jHDR+|L4@nzX1fMSSO+)T%?U)*!O!e&B(e@31a+|6PHVy*avl8K&XGjv
z>gRToB&rU6Zg-Lw-w%Fn_mK_X(SKp5zAPh$XQyA-qmhIs+h5q(k|<sM(#}gDLRYug
zB@~CxPQSG)iLlasYu6$PmG)b^i3lt0w{`~+p4D&d9wI!e-`f4`MN0dvz1J&Z6iR8o
zwbK%aP}*&Sl=eq^rnFH?`>S0diK>jh+FK=2O8cvw{$I=m-_ieSC;tx#EA4M~-fKu$
zX@9dPypDvGw%@LkL}jqw&S(`jDuexYjwGrw_S^YL!pgYAE+xWO?hd<(ytp#%u<IpJ
z8T{RDOCTbHf7)9q4(BW43?K>f6>;o0<S4?*7;(~xaK0i=HWAKO#K~nZ%2&jhD~ZZi
z#3@c7B40zCUGM0VoqB1b@-@uqz{p``9Og`F6FpS<8s?NqqAKGsr|50W1?Ma3RJSAH
zd_|q|cad<uV$QC2h%u*6+NjECI=kK>I?l}ZL>&AIsCci*b4rMCWsEyz9caUqF>vaL
zaAn-b=^(<DafGw(ee|k21uNr7XUKXaTp33@O&gGKW!&HCCc>35-AV358?KB8I<tsy
zWgP32OQI^{!H)fb@T$_dG9KcT5aHABaZdarwBgE_<xJR!ge&6&XV*K#qnvVSgKI-n
z#-p4M5{U3W+WA%zRT+<V1|(6HG22P|SlFs}pR%27B;g%mwlkXuSH^6ojJ){Wr)*~h
z5x%~%od)va%9!nJCBl{Q7{~rZwjRFwbc~Zpge&7jr+^4o#(z5HM7S~@=kycd%6Nhk
z{}dy0WjxWzAi|aLL?@33SH=^aVj^4_Cp#O7aAiE%(Yr7*SH>w$HW99jQ=9@MVP%}+
zloH{}IK`<V!kRF}sVBmkFvV#m!j*A~(}^Ukj8mMx1R^TqRL9;Vdnha8p->s8Ik`x}
zcb}#^C6Xvzo$mBWqI7k-le!s4%9U}tlOaiq#+C6DCkJgpr9H)&MTA$vDNZrPVWmCA
zsgOh|ZLU+7K!nns=Cn~9R@yV2E+nDSp6T=v;mUZXll+<Na|+Muna&6zJga9qSwwhN
z&vZ_bL@Di=PF?~LN_+Mor9IE7lr~Cf=Q@oTIaJ!Y&ggE@AEmT&oqS1@(#~~qzQlQE
zrOkJ$dXTWv<~zk(kg(ET=<vHVd=_`1(<5z^(iS*VzZPEjO$_no%%x5d5xxhx%&8*6
zN_)9exfQ)wX^Wh7L|AF(Io(89X|Hxhe2ZSwb5UtaoO~jzwAVSA-=PgFZK;z-gq8M2
zr;G?IZJE<agq3!I(<g~i+H$A9S437yyU@wlhJ=;&Rws2k5`N2ciDUnWgq3#bAf>Hz
zPLVe1Ib)?$Ac@l6O6P?HA|ftx-jzgY?=q)b5~aO&I@(XdR%!2@&Ilx-_TK5_5Mk}T
z)5#|<*4{gvQX+iC-RV@37i;gGPCF6S-n*QBB79eJmt+4d`=hb;Ryk9Nu=d{V6cAzU
zUEy>QVeP%&86d*iTkYt57@4)V+Q}xu+FR}95n=6p&}kyV+FRrF5n=6p*ctH)MrQ4O
z*qMqX)ZT}k*+f`-A9hNJuu44aR1jg6c-W~S!Yc8w(}*P0-iMve1R}Ke5vLD{)ZQaO
zdmnW&f5jg1T}iEzCyCPDTBk!2rM<PzR`O!)t#y)r6LFOGu5?C7(i&>-N@oHQUI{Cm
zTqNOr%1Wm|5~aP5IpqmNXzyyLmg2DXKH;oG5^C=gP6rXz-Y1+MB0Q^4IQ>L;R-bTE
z`{iteZ=ycojF3cW?-NdD0ukEVFi3kFodRj2wD$$40wago`+_qdiPGK|oa`N#3%)CP
z!AToH!rJ?yQ}`zm*4`JLsedD3?S08<l0;?jC1;Yhhs+M2*S+NANuusbUUEv1g!yW6
zDv5Bunw&cF;#%3{G)toL^|I5IKt#TpodJr&`D$_Wi0Dsin6DNmoe1Zv#mOeZ`D$@;
ziEzGJoP748yOI{CL=u&+7H4q+5&3#!P`=)Fnx&1(SBKMsk;8m-I5U$(pH;p(oGM9F
zt?Y2hhstq<zfktR)37@d&e!|Siex05uk}uHiXiGu)b-9RB5CwD5g$0W5fKV0YUM_!
zi3r!qPn>QdTq{3yHtva$xmIp+w7rmUt?YKviEyp_(kV_wo7waR&R0$o5w4YAJ6ngL
z4cE$V96gGJYvp&&1R`83w>cF=xK?g=Y9&#%@<*pJCgP}C`IA$mBjH-v=d=+KcO{cR
z$9{7(6K%Lw{xPUl{^?{(8(bUWuH;YWjszmEqQ9I+BvF;|FQ-uwRT=+wI*IUk-QP|h
zlCU!V?Zhq7AN2;#-_8Ui;d$NPPA(C?zW#O!$croE-%bq?u8f-7PJ}C?=58gzl`-Ou
zu(5Tnj7e@b5w46w-3B6D8I#=(B3v0$+#Vua8B<){!N^=0Q``(9Tp9OrD~WJr9OkwW
z;mR0w`-pI5jJhLS89A(sQ8$YSSH`G2l?ZD>)SXR)H6iL26XD7jbr&NED`V8HOCX{$
z#@sd}vNE0wD@u2VcsNq7jE0*biPBZWt(8PoM#F6)FRqM++eJ2fS7N$-XcH=}>88eI
zTj2?w>5fJcRz}m!mP9G7<>n<2p|q}BLUCAW1GfT6sI-AwON5m+aMuyxSq<EFB0Q^s
z+s$62w1NAxBuZ%mcZe@WfkY_nKJKpPKl{1a(ncxm{_bo^)Op?hZiggFY4>;a0CT~W
zaesGv8WOIIW86vmB4MQ+<Bk}Cgq1ekt&~J%Fx|EH6E-S?>28K3sxqd#Q;~%EI>5~*
z!dLDAZYg<jWjw&Gl0@a}K(`@*h<uH8J17q4Yn<DIB+S=1cYp}zYn-c(l;aBTBFDL-
ziEzHgxf6)+RWQz-B8ke^ICoY85&6m*l&=YHm9$a$I>udxk;BS(jGI16^hf3E7`H$Y
zRT+<Q^Y+JFaK0wG<ztX=z9zbb2O!~m{nPD|L{-Lrx~T^W8~jbl8E~B*=jIS8f#0$b
zWU^Z>iMrFA?luzP>N&&RN`$NDX>RI4BC`5Bj+t(H1`@8GXSlgUxO$%DmJs3UIm;~>
zi(W^;uNI1@UFW$?M7Vm+b_)+i8?K&n+)5%`J@eglM7Vlh<fa~iUR*u@?Pf`$o@8C(
zHf9Q&Dvc}SWp4L4BwQJ<bay?ko9F6>3LAA7InT|I1XqiwmGj&i5{Rgk#qOPws9IU<
z)=Hvk<$Sk=2-nK_ZV!^MR?c^m$BWigt(@<sBMEEee0LHNzT)P)dE~{la=u$hglpy1
zZW9r%l~=nPiEypF#?`a1b*_~qZUzyqmDjs9M7UPo=r$AKT6vS(NrY?VO|EtrM&??1
zlbc3_Yvs*u84<3P3*2=?xK@_CJw&)xmb?1lGICfe%iYmLxK@_C*+f{?%iUZetP<sJ
zJ`q-la<>FYSS!oj6$wPt%7yMaB(heX2Upx8w~uVNR^IBS9U*$Cl=fD)N)n~Cx4QL`
zD5bsCZ6_P9m5bdTv<bC$u{%J7SHfb~o`Cbr+Pm1zkVI+kZSLd*BDA-{EkLjEt&d8#
z6iKMPm2MRg*4|3DjtI|crQ1Y=XSLGpU@xkbm2QtDN_#8az62t)_pU+OdykuOq!^dd
z-fA~j5>+d!-DXLY_Ex*vQ8*i1E34h^Y$U9`54f2Vk+AkY;Odi*u=YOamPw*A_@KL8
z5|zOR-Q;7@i+4K@y6H&5d_Ck&BEtE4$ju`!&eub3kt8Z#HEu-$5&3%5t*1C#D_6PA
zNWy%rayJs;e64bOiEzGFx!Q5E&*9sut6ZB1Uj?h&bV-yRu5$AvQ5jt279<dn!8L<2
z_@rASZBz!=x-F8Z46b#vju-t=8C>fYOQNdhS~u@RoM+Bpqg#3s63$?wJNsWqID^l+
z9g?UFKI`V4ENoN;pLL5QQP<$JZY7fN%O20Ubx6XTKIb+Q;ha9_c2OM8>2q$MBr2!R
zyZRK-Iueo77u~UvsCj<H&5;BvzW6=6SKM+U;$B#gSKSUGLg&R-Qd?Yos)($9r?1tW
zNrb=k@rGMPL@2+A^QPNGL{xJ@+TG-77)Q*Zi2R<LO{D#6{O!E=-InQS!`}$n;I^HD
zL@2-T`oQfaB5JqzoxYFUNx5hvDv@aG6SsiKENXp|TTMh{S;XmfyChNH2>QaUoFU?<
zZv=fgsG9e<$DS%}!fyoixJ8oSN)Xk&$9+A4h-&_o`-vo2&BgEZedYE_qE3LfxT&X!
z$f~|?aWjyF)qIPaON7sax41>*#b?4>+{HwA{cLe-$&0J`7PpHCSM#sk<e9Sd@Oj+V
z?j#~y&9}NGM7UCa<2DiDO8u?7l?YerZ(aLzjLbFnTQ`RY*W7R2t~1bvzX$TIJCHy`
zW&F-fJ5$=o%6K7E#$GoMN%(AQn|q5SYRzwRmrA0vWt&@_K!mnzcX$0tVV~P6ZIrg`
zaQh`uy0OE}J_q~Ey79YPel8N$jo;nvMEH9kf4CXvp$#j^A8xTEN=g23wey9IQj$O1
zxFkwR{%|KC36*5P%|#L_$$(oxgjd3VTTXFUNe0|%NtBZO>8?v4LP<3514-1Z4)L~1
zqLgHa7oRQqjQ0iN8r;L1N`#eUPp_1SXkGlGT&lN@2rJ1jub&7jNz5B@0Y+veF};~Y
zSV<gjF%ec0&(r6i*U#|uU;N^y@0Ac?CE44nCc;XxkGGu&E6E5iJ{RM#l8o|lh_I6E
z?-fe|zatNKNrkX7)4et#w-7nNo0%`-EYs%0Z-8D5zYBbzS4ZSCA_sZ9-aBM?Sr<yL
zP;D~2d`XnrWOy$m5TQ0>y>}&1YBSdBmPDz|!Jc-Jh^*A+U~dGHP;CzOa)_|n9PH(j
z7pu*|UMUe?V+VUH$cxqHV6TG+tIZ+a01>`-IK<1kSoSA;0+s0%68ZdVP5v&`IIn>S
ztIeTa7ZFyQL%rkzjKgYks5gNKtIeTa|G&|O)#gwyeu*MNZN_^OkVv(;3UZp|6_X9`
z!w>Twltf(@hk4DCD787v>qsC%Z6<iTs!g_+e5q(%sm-xoh9s?8-{+7|@H*DZBf>k+
z<GiNJvCphO$9u_FAYuJE-YX`;`jg`|5@G$x@dhMmiPSy`zlaVa&GAZ$WPc+61yT;=
zM6a31&u?kk5=k~*C2W>!`}Dx726B?uFA0wQejxwy4xT4$ZjS%m3wul;Q@mUxng_py
zEyz@_Op-;~NFZx~O!GR3h><=GWV)AJEaEJZ?^?eI<P<NPh#19dKytl&B4R}euUxM@
zfe5b|-Z~;eTZGN2UVj1+Hm7-`=VM!9)d`!KUO@s8Hm7@4MDEQ^l6^kIYbJ6IT<>p!
z&6!?r0=aB-M9cHyS7YSypGD-aKcD4g6Zv^F{vPyMUNMqn4|4tnjQK3DipYzg#E0!B
zNF$L5%oy6VOVX;{cOsm7Nw16&(N=4Cr+JoFPJ~zQ*<PI_%e9f$N3;&;^V!~{YlRn*
zPk_ww))5gs{2IvlUiI~8^APO5`hd*w(o2zi0l(6|`#AWzg;#e2lJBld(qcd^@tTQz
z1tbpSQZIfZ+6XcnNTD|&f$R_DGH)i4fBY2D4gzwymwFR=t-U@;I}FH`-eMw`p9$YV
z0W!~<RfaZ#oCKuU+b&6!ws0GK@eY0`{Tgr5&1f@!IpiE{O1!jNkW7Q$QqKo+qgP6#
z0!R^%GOvlq^*~C2+~O51K(AL}?6(3b_a-ewax46n`u#wb3{v$9uU^_H-Kg*~Zxvp6
z?c_l2E4;}G<S~e|)T>33{P3%q7LCEX`d$-}pZA0B4NB4}Nx8h@9Ee!yZ6zChB>uYk
zGEZA9+EQy{nU^U^xm+z*?i11O^m56DSIb>qktEo|2I$XSUJcqLKmQkK6hy4@n#t>%
z(~`93!KTXVC*mH8>v_2szYSYIZal2#gJ89J6NsEa<Q^}NNEG%62f6TTgI-Aj`7cDi
z-`hy!jg%zqbs*K=tR)y(kn!O4kXJ_Jr`d3q06nbr+7pQIs`YYir`Z6Tu}(x=<;^A1
zeM*uh>gj6lDoJqc?}FEAuUwJ^+DFTATx+~)^a^KVjn_nRc<gJuE+RbAHQoRbo{h)7
zSOxZn=dj+JN<_?t82gi6H4z^BQ=WZ?8ig3?GhSW-5hH!ZD<#6?de(bZ5?n1}q|bWI
zlHf=`0Iz4g<fSrlIIicsbR-)0@HwxL2#<7~S3!iwwa!~dgvb7Z*GYu4{GvDWKR5~=
z>C0Xt5gzF)-h@iD;Vi%ERW93k?5&=5ry^qPtzLBk5m|oI%f1V3csAblU;^M@>o8u=
zAsNaeRfI?S4tovdaVf%Me>b$@alPjiVCxYcdxzIZM2xEo`n)0Z;<0ynoe4Hyg3U)>
zUjh+p{*%y)*ZgPR<SIGRh#(^JXFJ)5`RVow5^Ti$eCgFC5Yg6GURweYZEX$X@EmR<
zty3#%o7XSBl-6zYlJ6G%!8O(kk+*p{lC*|v?0fGVB;gwS-YX))Gr!#{C&Dwo-RmI2
zGykL4LxgAkCvV7d%sbEO&t3@;p0QuOh6Ez!=T~n%5gzFduSXIb#m``~!?W*^k;75^
z?qwkfNAbH?NQ6f*;FS^KQ4DxhM0gZ`dUZs26n}Xg2}CI5-(Kp9oyV0F&q*L6Uqj<%
zM0lio#%mIY80ntzP9i+gVeuYG?$UnCjcC7v&9Jz3uV@R22Ff0bk0x^4Ot@bJV#Rm8
zm+|5!NE@6np*CJTPm%?)T7e&sDzr%+c?RlgJYJ7P&S45fj>o$sX^FfBRYnj$K0r2S
zElH9(AH?(S6FqE+oEDPpKLAKLGY{gwClDR}FNhD_u57-5FNN(Lzh1^secmU&Fo6iK
zed3h~M0o8R7f}+GWCW8?Nfem`BX|R>M}{`14k90%6OlDe*$71vWB*6!mAe_9s{`3T
zB*I3lGeyMCOSCm6wAt_MByAtC2}!7a>7fm)pCY_^4`iER$Co8(m5{=a3>AIeA0jKl
zE9zkO8hXNH%-7CD=ub$({$z$;+#f}_KZk}kd^IV;SJU{=hOefqort)a4hspZ@r0d-
zxKfVXi3o+v-ie4S?w=vyD=udzBGh<iA|ju#lZ}{-$vY9z*2y~&(blw(@I0Ry5;0?$
zkc*HEyW+AW?Fb;Jg*HbdCuv8*{Y6N^nLi`631EjN){i1xGj=7%j({)78i_Wa4Trk~
zxE#+6<A~W1<2pMe+~-+L!q!6)UOS59*|6t_QJlwKL%SgAi9pV0GOY0oT$yv244rZ(
zuDXy6yC(}r5t5<5!paoap(1=W&E+^@5A&G}eFyG`#QZ42v!Mvj#)Y95&qhH=cs4E>
zq(7Go(w|EP>CdGcXINk-X?rGV+GR|J{?;AQ&Vq4;BpgLZ!g*GNM{z|MheuHq5|N9K
zVC?fkB64v)w514-t2ned1Qb{3h9ZZ3ugN%y1VFkVa!7{F`*%dU5F*bH<E%OzM;elF
zTp<a^rO5U%a3>0Jt_kCa>%9m_Nl3WQH-zNiw>3Ggoyqm!btBt^Gk-IaaOM@cx++Oq
z0A3*p`+Q62#agGx^YvH@%0ru0BDaP_tSE6UFA2$(Yw+s6BVL_Qt(HLRmGNFA$>(1S
zcYZ+bj1RdVE>~?)@|M$aJ>NNK9o{);9o{);9o`jB!#J|Oi;91DeE$R@s^{JDaS23J
z&*kxFZifHR)E;t0e3G<jjfmM;0X<w1uR@YC@(Wxo_s1JCj<zr)?QAm>ulM`oy<~Gm
zNQP94k+!DPUX&!S-21~BJNLjO?O|wZXHo~GdMBF(AP??D)&Z#r$;tyT&ZF@(+17Gx
z8mzIeEV%cKPfj2k;5uCyFD7!^9%%Deyf%Rdn^o~nB1cf1y7=}4@+!2xI-c`@%%Gfk
zaUb`1{2@uU$T<}E=JoLgBq@Bq^JKh(Z1}o(GOj-;;%tfVb@5a@p9o(Ujg&7u<r7(M
zjL(xccWGS}n)W92r!js@0_gzqT)c|N>}>e`b09Co8xzQ8ATP!{iTn@Zd<CQ_{#ye1
z4#>-K_aV{4yEI|*6OjMLvlGbgK>iocPaqMfVXwtk5IGI*VLtr_+#$wW63CvS&c*u@
zhymoyczO-C^&Ye(YGHePN&*=H<ehka0vQA3y?9vyIRwc1cwGWH9LR=v7m<_TMC6}9
zK8z<njBN>W0+5g5SqWq+kdNaR6KPtC^V}7`I)R9J-W*>{<T9G)&*OCoM9lLS@irol
zKpZj8J@M}nh?wWE;(I=V{Sh`|p1+P~CJ-^t-^TM2h?wW^;uS<@(>#A4Uzb3{JpT~i
znn1)n{}@ku6x$MBrvvGW=O&QZKz78dh&%=T5xE$MKc7HEF8+*nBoL8{zvI0LMC2mL
zw`;L25l7@=H-B;h`8SZ={W2mmDLZ@l^$A2|C)MAWKty(;e(Fk$EWC<=7(Ogi_}4l#
z3wGT%0df6F(ne{W=l@HR*2uCJI8g)}&)@Y<D)3K}HtMb<@aH6uJHadPizR7^v@MKi
z_X645uO{*skQyNS_#Kj<uGRq=?spM69-jU`1!RQ39ZAZv3OEgtB>6EhuGW;XcQ6@2
zWa?RX#yG;yLK69HpCoNNoG6a)yUFIB+u5t1Y_5RFFUiPqdSHHL4oT9UJs_g(=Z{_`
z+lmzZg1d|T{1c%KXgzY^t+*@L&(9{Ci$_H?@qZ)z6Ny~$nI`w5qx@VVv!FlU57V^K
zej|~mp4GG)VE_D&FgwHhH0^)TpZ!B}Ic!ndB<UotwC6PKkEpQOibVTjDg0)Iv>9C|
z`>Z|p2K-W|B;4oJ>G1t$N%E!5GVMe7m6%=&?!WvpN$_6ybFdlX$5-P#J72?<1mple
zlgNEksSofc6Ipm@lJ=vtp*b9u-i5h1z@JSvoUa4?5=ma$Z8~I7%=`g<IoZT1%Ln?^
zWOFiQ=Rm)XY(4=mu{I9!o5|(}Aiqh{PBtf=g!{1!zlX@_K(4YhEyLfABr*|pDSv_2
zSif(L7^ylV%H)|JwkQprB*X4Jldb}FrGz#^li{3J+(~5)x|+uM+T$WJdJTg(<NUZJ
zEs+e^uR1`+`+1V!Rj@CREN*@1G80dL5A$c&%Unb*-4|90*c|5HOk@?<WB@tbuR@aY
z-=A?$dxT#{HibaM-uMW=gUD(iqE;T^Zzr+|NTw+WVEETM^wuIc$A-ug!ZmMN*q<Xq
zn{*(e^&>-@9n{04LYsqOJ&VXkhuU%}k?hds-!O-whsXH#6FAbXLvj5a<EInpSOzmD
zZAAY>4|&Z`4CC;cpBVOM@AozBDCnUg^&e<j4v^zQo5SGQgqV$-L0Qi6Pm--Gt;_Mx
zNFYM%a{K~GT2fwV!kIt8FD3H&OH3+}M6yVcPM|)wglcnwzfRheYpgaW_#G6diB#(Z
ze=8BzF^Kb|n6Z|~Pdnhg9L9Bm|8GffMV$)dB!3=}^XZD4?3WR_2=q+M>c9M_i9|vD
zo&xnd*>5LuIH;ev1DfJ*B=Q;Q*i^sjDa_ZAbmdO-^#&xlpoedO*EGM0$f=-*XF-3a
z`SGXGrkG}9nxFa%l6OE4g|bZxbNUUe@N=ct2(r24*d%SPBoH3{wGL&?oaSed&3CYR
z|1E7M6Zs1w3#FYFu0s<}2E^4g-7i3!P(@GitBCN5I>qm#IQ`R-v@5{t6#pk8;=Vv!
zxu^I8M4pCw&-p-d!%+xw6OdE=_*xukE078xr-wFzh_iq^KZ|T0em|nE1TrhM5#&iA
z=lZ#1bIc~RIX|=!MA*y@$s3E3H1T9@&Y%@OH?%q0#`F2P{v{YW<=@4y3x+uPgOn}b
zFOfFOwd<hfHA|cJXT`XdYp-9MB*}$?+PcV3eGYBd>momg2zy;T$g99#AZ_p(d>z^<
z@K+{~yJ6NY39scD7obKJhGY&9v3d*rHtE$G`EdoR&1HT!kw0c(eZOo_>zDcc(q_5V
z3%?L_;}LM0;g5S>j6!L`<^H4uBK826`|}gX95BDaZ$P5m_KYUaqptER*U31^?hbsC
zKHslHqAjn1yUfL!Hs9A@kT%*=t(x`@jQtwFn#dw}Z|6fG*ZZSiM4NXSHMs*R^{Wzy
z@VdcoNFbYl-0W{8(g|Z1>bJl@^CcN4ykB167fRBa!aZEzS0G8g8u}wnP8RqzMA{$@
zl13s`^vrhw=R%u#3b(arvD`-`H{{}b1q=K(^oqO&aeAPK3w*YzUXC{9Az2ONS2*P>
z_q8U`=hldrAK|soAAv;9m^g)4<mVBY2j?wsfc0%0M|%(2`UB!9@}JW%^6mZ#iu}+M
z&^qj)EBv>JJPP9yE9wq^Ges6eWO=E-oyZ1gOPoV4^HX0IJzTE6`LU*b3q8DZ&>FkT
z&yY5_qJ99IyZl*_v_{s>OVWM=QsoyDIUy%W`%98aBq?GJ#klVF>xsN_FP=Ky?YEIv
z{9CNTcl(Q9!Tu}`;F-)}5pB7j`(Hs?BG*w{_xM*yqIN|0_~nvd52N69k6$ZEYf6`f
zSJQod6OrP0lGO0~{7xddf5JS2s^91LB8hN+?(_3sRs9Jd^8NmZ{|SO^?GNMuKVOp8
zlu_`Ofv6x4`K3fo_2H=zoJ&09S0Raf3?u`*9`ZYga9a=gBVJQ&9SSxzet{%a+I<lD
zXdn;!)sm>zAN9K>QLV4^`-vO_RYtVF($`x=<km>%l}XyM5ND-7l?b=K(yx?cxh7`*
zB(QnRZ<j>1zG~3gSWN``Bd*iczV^DBpInHu+RvAyHKlYfoS(=2QX)S<PQ}bW?pGlR
zXZ~?tZ^hYI3jN80IQ4#=B-oayXixgxZ{WCGsBz*dc*^f5ayYy>lMh}EenA`BG!uE&
z*WVPRC35%YpnPESqMt+LkS&^43gi{Pipbc7Nm@COX1{~TWY|aD0pwLb{Vj|$YzC|g
zAg%sXB9FkE)sF&c^A{7*puRr|q}|^jiCVqy4Vu;W{2pnuTzdrG<arLf2HSKD^7_9K
z<89Grypt07>hQ-Wke8sX4*xPq)Smx+zl2EkdvNy$HtYS{i3}8@lB{PHjf@Pi#%=Id
zkd1X5oHK#f2ET#Ghf^c+3Cjk*jmQbp@coSq{zfF>$y=wN+Kw6I=P8|jHW6{Q@dk{d
z)4z}ipT>9kw-Dje_z(PABK%BYqyLY0FfyOled14&q$QFLn%M?@{$$WRZ~i|K=oI{G
z9s1^}cy_uu+{rvMh-}M%dtqox*&GLNl+A&zeGz(H2Umf}*H?ax>>*wSo51TUfAPC=
z6v=!)__beyMB}rRul;@^d~&kYU(q4FS|T0rzVX)(=R3ch$ah4(_qF%Y=5*Lu`~)^X
z`f(z^Ujdp4<R^a;k%l59zxV}2o_PUw%V5**R}z^=Hh=i*h};M#IlCVY_qu*Bkv-vL
zKnJ1)_Ihmn3FuD%Bq^9o<XrL^8k7>bX;0WKgUud66_GcSnbZ?$YGu++BnJICNP6`W
zc|9bl8?f~^U=(PRN#u^uCYQ(=uXE%gA~V9aDu^5a;~FR1swJ{tXwyujLOgktHV1Z!
z)|IX%2jd5kV-kqC*Gmp2OVX<G8Bt15NQCb}Qi8M(a9s0#(zJ=tR!Wdf<Xa+p2D6Bq
zOk}U1g2;b~qy|kyRsazvLc@YCNwCi+K;&UT)rX?3)^KI&K|K<U&n5KW14-0Kjo`Bc
zBF1F|c<$E{`Nn`Jj}X}m$$Nvyc|h`ZvWdVw8hZ80$Ssje;JL$j(q_m<ayG&lGlO(V
zTH*IW@y^Z+))C=3G=qYTJI|pRR1o1gw1NgAJcoABO@!yr3G|OK4$q+*jFm*qp&Mi;
zkbLN~9~6JG^Q`U@R3Op#E@_{jpKSOpY2QHqRCuYnvv06M5;gPt2CEW?xEtL!SSLwq
z<eiI?v|?y|c#z(OeYWPn?jFd9ppeK&APa$v3@Rj1Rc3UsRuX&;@*l7n9eg8+sxtcr
zeMGp*j0y5L$&p65%8Uu_B*IlDJ*XzaRVF=1-i%&cWzvH}B3xzCgD;STRptOD5w0?d
zaFsbA*iLb{${Y|Be}-*wl{qks!&PQ%FhDk3Wey3-x^WJ_J|0#5kih;N$pBPFu`@p;
zI75;J+NqZ(Y4^a4Wd;{XqVhE^C`up?g3Y*~PLkFX>nglE9v?IldC|hV$nn8OB;j6b
ze4u|JTF1TLDu|O6oFECdH4#oC4i9oAX^l*Sr~hlg=7^yAOX2m}ZeRSOY5xUsWY9_E
zYanj{$qwqi#c@?sCTSl6nHY2s8K{Hb@&z&}sOUu-aTeDL<hWoRk=@|jxDUwjLFzWN
zc^~$)e*nn|@`=oV^A<r)3~GtES0!mfj(|5qg0%0^s~b*5gw4r8E)j8783miEK`oJQ
zpg+Q9dXV!IdWlm<L2`p4BH}z;kW+(dBIm%#k`Hla2HPd6(tH^E0yCnW5fuF_;^0*<
z3T*O%P9$3TTD)gGJLpG}+zmBOoQIzs=zY>F**_WgHfIOvM9dqKw1Xhd*})_tS{Mf!
zf`6?;XTY8|6W*vlJIIqZc)BYxcwVqrl9tFC_&Wu0QgMFJCdpmehvl$#Ao2x4>Mx@8
zDs3K+BZ15fW)tz@gysYw7YB=pl)-FF15yw)5E(uSPK<#3JJ=`*j{O`Umj?E)IIbUt
z;a$LGK?V|S8tk>i`RZlCOd>~|o1|R;UY7-9`=yu0*Ur2k4~aYnC<L2%!LS{|=C$3@
z;VwYjw_g*aA=zsb&0$H9P2|BP_=Ke-ID^QOK*TwJNic`voDJuhf?OLE5xEHBTnBAk
z7t|A(2ya>34CMMC^LK20GT4Y6T4_)yNo$1nex*S@5#IZi2E9ah?^hah{w3nHMtJX6
z7F7R@g!g_6f^JD(+wJgo@q~Oqpliu;>^IIu-B=Lh6B+wZL|Y6!EDwq$xmmjhez98g
za8b}j!~`PFpBDx3h=_Bub}g(Qu@_wuBqt#`5y(=Avoz3l6J(iY!K%9l$elr&B$(v~
zfK&yyAki*`oQk%V2P=>y?+(f)?gEwv4P<jToVOt9B69Zk@C+Z~EDvT55p6Bd=9DMN
z_qtaE6-2&)Hxr)(n|p(*p=k3@h$Gs%H~5CgMOWZR?+yATxmjBS9^wx1-XOj^j%(r!
zw7D->Or)P8-xmzo18oif8}UT!z95~*tuPyn5bOS+FBxqrC{9g~lY(S2wEha%)C8SG
zx*+l!KpqYz?1?rbV1>U6<dL9Gl4aV$e7FjLtPIlj5;n`U2Z3w`@>ozR$pY=RZny&g
zvMT5!viEvTo;B44>r#c+g78XN9lR}xsu!z+o&+K^VRg_iNo&e4|HLzyHGw`%#A!`Q
zo|Gid-q!?aNaP;iTWJ09ASWtpUfb;@(7IoNJQ3s(X$BIR0QcQNk11?gB0|H50eL2v
zU?F(~G~5QVHkeIhG-&v6AkPMiiM#=deIStMg9aiWfIc4v<b`0Wi*dvW`7uCV3^o!G
z&v#A&(i9|nX!97<om?QV1S8@|^wntdY7h^Qh$lY6>$M<<h&YWG<n^G4$lE_^+AJV%
z1ougTYkn?}wxC`Tb-lkCv=ia${mr142w(4S1|@ro*46d?PB0`5319CWfh~zTo$Cnj
zdAEAf_x}HHBuloX_J{vpktYqZ$=#)ggT2-d>f!pJh`jiueSNT%2%ofX2-5cvv$0&W
zK}p2PWapqb9|XD523NS)HGL3NNYa|}_*Q(H^I=enB;4(M7&KC3anf}OWbmV4YeJlP
zKsE+N`(iG{`PlV9J`H*#!9CJKAe(}M;n+hyJKa2}ho1$Dcd_|wkWKghiPY^9XRz1j
zL0f{2I5qk_7$D*v0&f)o`C?F8Uj`W?b{@r-gKT<&<D?DF^HLalPcTc8)|B<L;p7d@
zv9|=pL~e&GS5)&YK?Ra<=C=g(lHeTP4RO8>Hb{bz9|W>B=%qN1!Y)pn4SpL8*-z#o
zC2ij%EjcDg8j>(FkdZhFk<&Ve^WC6P^agKB8@va38f<!lUP%@uUjr5Y|B-e6@m<Z|
z1HW5~jitq;cJKTBzW06a``(qs)Q}8|m6Z?;^D&I}VHAZ)h_;$q8aB-=!Z1w25KTs_
z-qs>2O@`4TeWKA~zJ;mpIj?hG_rBNmkB4XHbzbLnUg!1WzJ9$ofX%-p#h9pPLF^Wo
z*AdZ~>~u*6lT{~DpZQx-9+M!<3d&&$@>|jzCjH@Slt?uZ<vyN){Fc<l<N>IeRbbC=
zNhy}dU3rqpzNFcLc=yq|lImCn@8@Ew{YhI`M&3vJJ!y|1RSKTe{Rm`!PpS<GAG)_7
zyOSCPsZcgU*_%P8J1N0N8LtO8ko1HgR6CnN=0MU*5o9}%gGmj7cxw)SC$%$?-^+jV
z*Lt%e&x-t=l;U7s;iy3{$HrBNzmxI>p}aak^FK+25#)bBdfcym`Hg=lsg(7|FZx4C
zHALJm`a?-!LA)>eLrICr<PB-zp`?64JbMl$)e1uW{C>#&a8k}NOtrqB+)<5ItC`^X
zGe%24wVsKbi}q7Hh#V_to-yh{CUWK(qec%W&2r}1UyWzd0nu_IXg*3E%;X^hR?EPi
zqt#?4r>v#fV4OOK$%ZCLwlKLD#$}u%#i^rDro7tTrG26}bq|xXVQz!5dW_ncLNaq;
z^o%_V_At~HBZ%AvGB_I?pdL7dh@9ySQsYk*<XAb=8>CuHuHH^(k_V~jMEc3O-ypSs
z$&I|iIY@0{BKPA4sapgoR?KwjTL!60D&|$841pfvc(8Dgn#SbW%i$gjkQ3BwLDu*C
z&)YOV9ITcK(j50L?6G2f4OVNIbiyb@q(P7cvGsS;cgkRO3(IV}OUmqF(mq)d<utSh
z&dS0mChYwNt3#NKy^p?b2CJz|hPot+$!u8trc`-Mns^s@usWMb2zJd#rd$weDOjh2
z)r66lJCOjCeXyD#NON2g?5*2CPEvD-xP9hHYK<V&8>fKG5Va#h5AJOZRjpA}uEKco
zhN`ABxwi)*1$LKIHJeD(F;R5GT2;%L$lWDX?G%LaIvw)T)XX&0?Cmc3)Y*biDRA{E
zpw<b}99MD}`U9wGU2P)bmO@u&o{oA*^SPkeP~*=)QlS)s&Bh6^9;L$n!e4X$5<dT9
zsTo3Mchp$uMK6R@A@#_am90(@GGxzWkg?SwL7L+}xrgqg4_B+1EUJ>Ep2_8K2mCO6
z>ke02nB26SPC5-&JBYZY7_JUE(<{aGkk`p-wjeZG6#z+5>jhb$$ao&5wlfJl9<AI9
zGNV*|H0oIpE8}^TI+}@$=TYipCNfq>sRc|9!#6&jC>x~~F_CdNO08xh<8YK(Pel1m
zqjQX-`uK2^x`$-M*E*hS8l~o)g%&o)RbE69b-Fs639eA#{^{vzIT81U{^@E56FJ76
zp+=7pdR!l#q3VKAB+LbGoT*+Y$b6*|&ZU$B8Lb|<hIW>k!>Lxnx%bCF<}CF&L8#uJ
z0&=$6BuH~q+=yu96(HxTMQ3B~-dK5_S|bRh!qt`Y)b}FDn~-X(+7dxl1Ibjo1qsLf
z56+!p-<zezri*g9<5!lN%tW3S%~G?O$P=4cYB>`*qD@fwtgJicPEgx~OgL&BkGT`n
z*mE#1vbhE9nWzqlAe(_)#Cp87_lsR3*VQjpM~hTp*XE1WYXoUl<XNnX)j}rn<kcl=
z8xy(Geu<iLE|p!D;u5t`5YOgI`o!3!YK@SgQs7GIrD_N1aaVUIt4E(FG>a4dcq4AI
zn#@GrOS()Q$3(8~UZ!5bM6T{$t`;zntGidI-Av>P)m3U{2If_v<TNYF*Wkme)SHO7
zFV$SFmIy*N53?Zd)n$S-$Gv<kjVaftE1B$ni~5ag`jq_|byI|%4#?{owL=h^x9kIw
zr{<kcWtY3;H>o8|<SzNmYDy-_$X)X3>Xvax!thZ}JJ)x(y{Oz(EOd$NSMPR->{n;0
z+IXQkZZYhe9|n8wQPY?Vbjc(^$Q%8~pv<JK-Znp=HZqYmKd2s@*xTm$YUd=fc{7~P
z9140$)lC-@sZ5AgOdyY_-Avw_NM{Bfb8VLXDR+s?tHLGHKUFS~JE~8+1m}l%V*FW`
z$P?qwNism5825-gf$Wh<S5u$h68AKwN91WtkH}uaBk~NnM}{w?^Winpp8oQD`13B2
z=fhuciR^7&bcsA4Uh5Lsa$j<Zob!7`o)7nkJp28Unsy1+7ez0g^nO{*5TrR)p4qNb
zrwBsPax&Cuomw72P6x7F{XBx;O4sXZ{G}8vxPNgz$h@Hrnk-^NS<Z9gH`NRxv6JDf
z$OMpiQ_T@%{V{=J=vM@p$uhIn!dkZ=rL5<2SmnD$kP~w#>TZFygEN`8)X7YeU>#{H
z$h@u2VR9?n@<Z~DTAfR&9tD|Ofvi-Un3RAF&h*|@+pi;;6Cp1mfZ?yX|Iuf_DN0E7
zuIu>(ChtiyK%SOg<q~;X-Xrp~yho(xJtAY(Bl2v#N90L(kH~ZH9+BtXUD98kdv9<p
zl&2a#P>;SI%TD!<W&c1uK7zpD31pHW%~8@Djp}qJ(i<PDiz8Cq2Oj%Ktsxmjo>yP1
zb}*5r)7PmDd6;{%BG00)Q*&;hx|sAG?0bTq^=h3UWFcy9R;?Q;mHcMhsOB({=jT6B
zi<rps^Pi~YQ$?y+d0PHcHB3a2_I#=)<oCAcQ#GH7JR84BZDS%&!hfcw{g+b7bMK$4
zGnvS<@tf63Ch{cw7Ig~~c@loBnsO8B3CCS<7JW%=RWpf1T?l*Yl~DGr>Ks8Tl(Qd<
zR-OU!g}RK1@&dd!17w@JQIINS<|0^E2GXkj$RuR}v;ZL6Rpn;Pt4dh|GL1mm)D$N7
zgG?C6*J=)vDv-GkX5HVYl}s)NnNLCHTXhAK2`tmDwlV1sGFw6BJGF~Rs2;w^fPAk`
zDxloc;pF-EKz695OrC(<E?iaXQ0Gh|nYF{Cm0cjSQ*CE*@71t_0OUtCemcqYK(zb?
z<R^7BlPp+&?teC{hN-ieEPxprl3&yYCg{~fAit{CZKUTY__Ff>`AscivI@SkZ6N#9
zXPImOaw?FnJ~M~k)p{Z0&0v35GjB)D&5Aq?{<~VkM4tWrQ|)3RPkR5Q#?PQs@?7^n
zYO)~VsO(g@R|~oStEMwq1oQ9<fE?!59UhQ;7tQ(mX^=Jih5O%o6TC(SGX1n|B9*t+
z9iz2#Uh>3vjCPPTD>7AoO`D1Kgkz=VqqI{6@%oLUw9$f8Da}ytIgr;;+NDg|7g8L?
zY6VON0l5KWj?v1Qn57hl$7&5segQqVfK0r$hshyGg>g7Q)9;}AdLCqEg3NJR36u9(
zW}w!<Bn#GQ?*W+vt%J#QAaj5W(k9<YdTNh_o6$gy*QPVs*^eUgc&&~}53FWjWS*ey
zDx_2|f}VwtDp8BMo5)BYC^J|~Ve<PHc-0Mdu20fRnUv&4D-+?XY^YYpWZl$gr2_P*
z+Ce7YzzNBxf%vo`vq<wYNc9qsfHsNAHc0gb5JQW<hh+9ast<rz+GHlzLQ81@;%FsI
zeu0*<4ahL9o(Z;;9Y9Xjx&&FGU`y!&a;mmxHfe4K%}P3aX=*)8dSI_D4oI4obuY<W
z3l<Ina)wsGq>9_lXswh<e`s+k$eg9kz8_OnD7oOVWFYBUtsqs(vDZZ_rvf=wTgPN3
zXg(82hW14S84Kim?MEgrbE_Pubu$?Oc})VD3$^neAPe6GkL3WFs7+=v7-TT7i?t(H
zDlXN^gpAjgFV(6aL_HMq`H<>TtzM93cZ|!{x|ql@<qEA~E~fIvxGS{WA|i53xl&uf
zM2;y}X{~~UqvSZ4qglnhbH7Hb6$I8`VQ!3Pck{G1CUP9SK~v^YUUD3~K|4sq9S3jJ
z(&m$lwE0G@l!+XdZ`3-NNSmi>IVF@z+MKVgWFp7G|7tx<<T!Yfra#2?K-A$Kv75E&
zOyoFNptUfOJyL<TOOUYJBi*9KE<inAk92FF9_d!@{hHnTdbet?EW;TM)ga#epQdR-
zPnB}+Rz+!qR(YFt7Ly%UMT^n%c5O0~&%UM6bEbAPlcssJn|!DC0Fxh~AH)6SyR;=t
za)I0l(Nd@_XOdPzdS+=&Og7Ai9tmV-YhN*WjB~$F`;Ey1ockQD|3WN#m68pqN+8vP
zn#x3hmF-7?6lte1nZg#%)3TTxof9oa{Q25UCVzrv9PvxEY9@=p=4#OMkk-Vc0c=K@
z1==1azeDcNgUmuLp_J@d1vcYcqEs8r<R#X;NXujL5TvSuR1a&VOwI(G-vY8&t7q~T
z*o?dOWm+4PWSCtbc|=ndQC<(T%%fT|lUpHo9339h@|om7?l?;+*XA&3fm^hzA+HLp
zlF7HAhsX*hF_0ILFq1pM8*4<W9wwKAH&FBATH?cG&$m#n+#uZJ(9)Pp1F`{9Rch0j
zBtc0x19?KLWpW$mUZph(QlTsX3%>%HDy^GkF644Osp*R;uhXGiIJ2tOMl-2JZ$PT0
z+GHkc!Db{+X$4Hi0r?Kd(^@T)6QLBSXPMT><ZZC|A{ecn(GtoiuXG?kL8@o9NlbnM
z|NIK%Ijxk*XwJQ+PcQnsRwHDn#o=!9^V*6C@+atdK?@7g9QVvJnzz(y?GZAVs#fbh
zLgpp6b<5t*Bl4`{%dU((>*x`A*6|frMxJ%_h&=1)5qZ|pBQp0oSC8y_Uv-K60`iFL
zjh9QA0rIQlHA(u*-q<7Z4zEXK|LhUjKd*50$UD5RyF~Wb9+Ca?8?KD(!{2m?{Bo&x
ziR`i8(&8V%XrWsE7wYsatw)gNxEp!z<~=R(QIvrjE2*>=_nwwQB<jINc)<u}P48)&
zn7jvTO~;-CC&sk=$1qhm>LGY91<x9-(@L3?!U_c5!d|a^C<x__->_kAQv|`0F|2h)
zkfEUYV{KEpuqR5cP_<}E1rfPIwNabSM6OVMuEjr2GV)t^o2E07-@>ij3OswhbUh~T
zID16iarTJ3<GkHXC2yp9MBZ`sh`i(cjhjl|ac<W}2@A=dlcBx0YZ(y)*LJ?wGL~Su
zNCww-cCw!E0J(1S1C#Xw<+_a|;Q?~p<_E2y67__mu7&j$+?)78t7CEuthZoW-lfs&
z1mUQ+f2H-7pR^8^nVv*Dvp;EhPmrE5)$siV^|f0oXEGT^X{_a+rG@?F8qv>MJImnN
zOO)BGWmb`%@0%2{=et*%&P1+Ib!uHqw(y!&r<VRCrCRKg#%d%FDR@>5_i8(}mZeCF
zl~<EtrVJK#ak+|>n}A^M`?W1kk<3n)40)Q!;I(ucWxuvUkdLFRzvxbAx3-B%aFrrn
zRqECXmtm@KRO`F6zkEPbo*{B3*n@c;)HX4>g)Ka&<vxotA4jcUNqO~Xna@$GoS)%D
z8T{K}t(3_vu=a(wV-#OZ4azjf$v3b1`O=6)op}$P?(64U#$*wYc98DpD|}w0iaHcW
zYZo!TS|%ev25)7?_&S*E1A=)S?Mr@vQk@8!p14zdj4zkTHcoYnuTl^?^M)lI;M*e!
zoNUBZz5%|B7pYuN-$2oFoUfY6%@@##%|X6aCQm_0LlBuK_@>uVsw$4dL|+Y)eJ<%>
zk_!Y^9TR=AFHx%U21S_}f_U{^CrERYJYzQ4cZ(n&N6Fpx!M@of6ZgheIu9_|SIK&+
zAXd+S_!;c$WOAs2;%BH&e;M<7LfH=c)MG(rs4t7jt=GU=Y#>R#IZQr&k-m;KUnP^%
z;f;mMK*s0W#pH)cu$uuS;Im#K&FyNmQUE0A3p2@plHLKt^rh61%nA)=RzNIYK9jwW
zssxDbJIG`ytjazHWSFn?RZ8_QtU@dWa<cD}*O7Sr&j{aF5d{06Q+*%+e{k0N28ywf
zE|IsnJtA*&k8)+?ZElYwgC5-3_Xx`1crnViD<b#j!NN3O^&4nmvm(dtbYCMAId-S}
zdYH&@`5a&Oo0Lk9=I8iU)C=N%Tb=7`BjT=bp6k2gElMRv>hpYZS5c138NN9zBS+z}
zzWTR0FaB;i-`DgG5jhH9;ImdD2}hN~n0pJ%MKADeVln~NwHlzLnZCaTp}N3$9_QL4
z%Rb(xy-S*9*~j~GnaGk}=sU<nmLkiS^&X{?rI_Hmorx^PL|+*bIhVM|w}pu;#Ux+s
zDk_Dvd6I9mAl@3<#lG20<Qm#!-wGyj4K3T(#zd~6UFqv)BEKthd|CtLCD+id_O&rt
z2rFi5!DH9@XvK^?hW*dAzHT8?rF;T@-XLU_y^ngTlo)7nUjoVV9l4$`)s0o0G2$B?
z9+7W!<hwHRjgJ4iM845+lS|I{lg5IZT_X2|3tS@K=(xota;MlM@{JCU$TvDXBH!rn
zh}>WHh<u~NBXZx$Bl3+7kH|MVJR;xdxYe~;zP~ZecjQjiG~deABI?|otlNAW1o3*C
z+k7z}pbQc0ZD#n+k03bPxzkr92;Is00c!9r--V4LHr$=8Lf=dx?oL*ruT&6kC#%p`
z!!mM4ROoA9J#v;(=sUQUG|L&$EMMt5L84^Y@9`zBC-N4IRyfAZ_Kjxp8qBPa-0PbZ
zCYh&sx9dJ%S~HQ6oa%mG>;@t;Ar-#uGsl<8WDBJF8A|$qFNet?AoyC;gT8VmQ-EO1
z&-LYeLVD(cW+G)w4#FsmbAY+N1}1o}yBww$MQ#nA2WLF+ER9PBbS|L%cbD{k2kHSe
zyJWx<Fe4&8yM$)i!R!K?i+q`%qCL$~Qu91tHIX=}d7iJ0Wu)eLzO+puRh-m3&$Uo~
z$9V)-?D0jH`L2vy!+*#n*#F>*E~UK)zUZ>pCGtg=$9fTbt)<*0*hjqt<ndkvWtO-^
z_F7N4MBYrSl4O9qnfRn6{pB4)kI3^j)xO!n8<h%L_!oF}sc(%S)KZjlVfDb*8bRWL
zJnPH;41Gv4Dv%d_dj#>;Az$%np9?>`<7u5QgNYnL>U?{c$Wi81U)pAo${jtI`?83*
zJ9Nu^bGDFX`Q^LZ9lzvA^je?sbcL^BE2WYn(d)k0FNnyI=nda=CUPWt)3-$sZw>ZM
zpKlwcqOvDL+28i13(_2SZavH+fV}I=W)kE#Ki~CDXVTLGyEL#u^{%f(kSZkrCzM`;
zw*0Pd8I$vY;2PR0Uzo|MKyY2F!Pm*;I41A=l3UT9Dkb+T+NE0Ule<*60l{6W4}4iH
z^O;F|6Cd^&n?CX_VVRpj^B5?_N4^zI9tV;Mq{-LH<bEI*16k|SzogtR2XY0Fb$v9i
z_bm}J)N-!{nf1O}L7Lt7WWv5M6ZxJ@*w@BHz9$p*9V7y`#i*AE`;OaAH7MuUVV`_G
zM!qoP5&52sN921lVV}-=@I4v)PWjlE!9>0u(;_vyug7>qz8>?5?=DUyUxxYA_Yf2L
zGR)_`8bK(2^1&OMeX(t#6z(d-c3(0RxeD=>ua=2ig=qJse2uBXQT2`R3re78r*9^c
zmtR+ug+PAx)d*6hbmS^Z6UcS?!V#n#WPbJSVe(u$$^7Pv|Ay)m3CisAr7{^bjAXie
z*%1U~_WNctdFdod^}BBwlYg%w@`ta9$^Ed3gQ>cGyO`92g}7_>r%(Boa!2w6$o!vA
zXYvr(gE9wv=@A5F4*GJL97raazkIVJ2+I8Jt7ftoEJX5;ZzYo-!9pZGzE&nTfQ3l@
z_3dF|-vWIhkVC%McCyff|2z-murDQopp4?5#3X4j$wc{QMi7*V_CLbpODJg_kbeH^
z2vQHEzyCQVOQ7tyOBL&<S8b~lBn=>QjQ>5B=?}GoG6VcyM-Y@5=<jB-6w2NN<aodN
z9hCw}3y?&A7L)zp4U{>_|5OA)nW6qxCNsc4D5Lo^z9&6MP{!}CX7a-|@D2(P!~Zsu
z)4*mVrvFnW-zO6Z`FAmS7+&>98OPrpLB0ku%s+ew<+Wfkyr%*r#Xli}pv)=$=}c|~
zJwE_B&A%*y>;*E)zlBK%^q|Zc{+<YeGNb(|9hBFHP&>Fnezt!mlkt!Wd*gKf9wx0&
zQY7d26LwOnjgSg=2hR1UGr5UVo#)SI(hmskZfE$*nY;|Cx*_+m{>BLM50LZytxWC%
zA4Z=CJ+eRc2g(ac9FTGTR3@FtBy*v^FoK{=mVX74BB=KSAQSyP5#%Hw7x^=PB+YFQ
z2`F>1zc7NJ%q9LhCei0ZodcQd?_n~v0`?+-T<*`<MS756eP#O#n6!Y$E`*uWmHtX5
z7L)?XRsJR>TcH$4a{L`k?uR->%~$)ipGfn6fH**|@#iqv3p*^SK(6)Ajv!|Nx!zyT
z#Fzs+*Ff_8TOtU0^+tcpZqi&a4$iXynd;AH5`fo4k>vYpn8Y6iv!)Q-!SH|2<XX7(
zGZAEN_Wv6}vVq*<AM!uaeDzScy96tk)BOcZmbs*qN$L<OQ^#bAOIn!BgMFgwK=X8e
zH<N=bbGyH259RejA=m;kxBDBIEQeHg0h#IVVsiSU@J#^ZE`R*bl<JQ!sn@#Oe+rW;
z;Y`IskeTJrVzLxS1(4bPnM`H@!F%iX`m33o4&*72xzFFm<O#6w1t9nPSN=kIH2`@X
z$b<fjy+p2qRijlviu|daL}DuyWi60-{*_Fu`O(T|APfB+f-F&xd;?^$zw}p3wM2Ot
z-b}+610M5-nS2aq<9CBhg}?MSlIiJGls|wx;qPK{9jp=k1LR46);^NiTo9$iWWe0m
zpV&nt0N?n>0a@lRW%3iqU|!GqC+#Ph=V5Jd2*}j<%LS=Y>R{!~1oEOk=694KG8{;)
zKb6USATtWcOa2xnEkMoz@`}Hk$p=6(fz<hv{~$fzfyXWZvfMwL$-ukecQ$~$=I;~)
zem5r`UM~Q$!XNG?3y*^rrSgHi;m`b&^c?+Uw73&m@1M!!EBG$B9c13}Hwps3C3<(X
zayO8-{qg^YsVbEJ9u4&=NU9)JN*mlM!B-RC@wYHpG>gbef9t=LR|43KGVl5~#lSW^
zcw^+9MBeik9ZO_6w5EBWd6mERI3fdh2HW6oV)8PR_x<fm-e<Dfe~`&t(7qOdo)7$+
z29ln4${-4WeCY3Dk`6L?uo||;f8@GNlfO0rQ+ek=n*51_kkBj+-=b{tmkZJy_wCJe
zTW6iWj>$BLy01Wboxh2Qd$(epUpt=c!TXg<!JhSfa{t)BOvq4PFM-U*e*FYY)f{)`
zA^2_>2777#(M*<KMR{%TPZoqyy$-21_zPG@zP-QEzl@0cKL1Al@I;|GN}kpK)IWyF
zjsU%OxXC|>iTw4A&Hj2O^4B*u`;$*3J@WMa7XN5Lij@=L=I<)7XN!M2lPy2P8^9ys
z9HYNM5V9H90k-+SjUekF)i!^RAkFR_gjRpzV9E=>-|<%lTKz3d&_dL_-CuhW$)JV!
zTP<JtmkmJ@j#^X>@7ROpZ~QGxKDifk0BQH{6~wdWd;f7mF%=QC=X-yuAf7!t{8>a?
zukP^oFp>7`^vA2c?fJpqr1iGvC%@t&GI=xn0{L(_$LJrzWc5zS8FK%he>xLs^Uwar
z1o2{ZufIkR&%(X_1|qJ7d;Ph7vPW9@tG^`B+rr=cZF+Be_H(Ry{@L&E5;9(1`~9&7
z>5;Xw-@lTH%<B(-XRvo(-F-A4@F!X*LwW6ivLEoL2;$}Sm%oUJTdu$S$Aw6<jOTy+
zekL-Wd;F<P&>n23hy7(tWIP}Cr`e=O#<LQ*KoGJA+m{l^B^fs|qXXrfN|rr3pgX<o
zi3y}Kk@oZtWHOQV#0GkpNPA)f<;lJ6i3`*aadVFgG_Z`!JuZ+tj8aL@9~+o7oQP}}
z@d4`nygD5iSa~wa5W#yu0|PNBB30akb?_YrMNbHvL_~Q0cko6+z!GG)AU!~i52Tzz
zdHuYUZt$HLn0+deVr4u0l1}Vc*hdS%|H5DM0I7MfB;uEJP;+mBnumBYtXU0&h34H+
z@|S(oK)WDRiUi0@4NOk;%B2Ab1o8y&A}SatCE`X@Fc3SEY@W6s#%<`et-wu8-h}<Q
zcCg+K6bjNDC4WW83Dl)g*<~Ci2VzbqBI|uvppc1-v6MjU86+bkAtkVKG!YpIDFN$j
zBJx*_Mg-CYDOP@XUQzH4)QG?}OnwG}?+lz8SjJ@ZAoyiADEn!F`gGLedF=E+iy-8&
z(?I6*K=L^#Lj>F4=)h<}JdceD<PmW_HYN~%E~YA0q{q_xc<kK3N+IKU?7ToYgUTg6
zmJvuCOGJ8XY+yDM>9Nc}4-@IJ%z&0jsiem;1Kk&rJ>!ScZ$*s@SXm?^eK<alE=Yy)
z@M~~e1?KAG1EVLP49wZKz?UC*V|*Zw$;GfneF2aQ`?Q^`z(YdD>y5Jlm7J>b3;0ri
zR9S(h2y!KmiGd#l@%(&g;Liwxv3gnH=!s|#$=nPiJK&EXcLBL7FfxJ^1Gy$}Q3NRm
za(&>s2(k>w)IgyibVK$vAO(RT7YYBkeannM1`)TGXY{GlI|4%|kym96-WeFiMAqP4
zfwP&&8k`lF#6;HMtU%@^q(|1^tUeKbPhj?CC{wJ+c)mAKayi*7dy)qNPZAL}V^8ux
zuU-p#lDUC8DZ@R<ygqe0FK|%Ecy&52a9|4NMRkEa<h;O1*&bN~KAayI5kWQrc_@%0
zh}U)&28xKdUR@YC?g~)~cRsc#;AbLz_;4VViS*bbfl4OQV~+$nuOvOv&yNOr1flsD
z?ukDdNW03j8Qc3~fl5I<3m*@B8X<!{z~g~7l5uUW>=Ox9firV@m*UC5g-m2AssmRu
zkrqB3C}1MX^>kpDAjQf6=xK3&_;jG-YSJuA`gEZ2KVB)eK`E96S_Ro1C4XP<*}%aF
z8PxM!AodzB)whu9xj=>>UaIE<`4KXh>V?2v5#&cm^+G`Y>dN}-X)JiL7s1!dYXc=B
zRdZApoOr?U;-x@k1i@1=F9+gtJ$o>sUJc|5vO7v@ULI(OAgKAZK;pHSYPYL-MZk(6
zsQL9kgCNDqffm}us}J-rnP8At>jMSXp`K#p(KdP)y*^OI<OH3{^;Tdxlg>OMZwDF$
zsZ#8X@a8#q;~j20-c6Ht-H{sW;t!DVh%DE8t_%_^*D9Atk2UlnSg!X2@z;AE>jBM;
zfjmK)U5|YfsE;71c}+mc!&F{fGzA7m5Y)Ujpb1i}oCWoTBphfFgmyGyVEt=Dpo>x|
z*Ff2^PCpG~-5@jzf_ZHU)G(2y_$-idBgr5^&7TJfnAo5P&u?rEloE-$lQn-4I4B79
zHsUKO5IYt15W$$=7PugS91j+L8JJB($r=yqxInfCDw*V832U@Kz6#VcxqOQvNLyeN
zll|}wn+!5v2NLo{UP?h1>~;ZZ4`eg><pV_-3#21Z%>+wvF_0ho^rAln-Xj_JcL#n7
zbP3|s*H3{r{)>4LK_Bi8e8fch@PC0V5d?j>Cvfm4OhvVm4Y}_P%)D6;<tvEZJRrXX
zHr+x5y^22U3TU?q5<BsKa3cX^x&mo}6f0v+k5+CIWHu88ZoXhG{}E^sq(X^>Q-b$^
zOn2aW(j&_CAdvqHDAQ1Lvl|<K1#%(?mh108Jrh~3e*)HYN+n~XCoqYLjE%#A8G?9`
zpy+cW2u6aUzYsw%5~B4+B8v7~l(Gm&KfR5~N#DUL2ap(j@@<$qX?_;S(R%#tNQ#xg
z@O6yd7@(Ii`3P19kR<3iGf1XqHuVW7=rv4Es)gI`Ad{%KGP%5lWQOSRGbxq)jntv~
zBqsZz=X)Pg4b`<fNoK$tXpulvy^+c0Vrn}9eU~7+<KBVMYy;RD)Rnt1)$S;)_s<|z
zP~TrjM7E}o-Xln{(o(M|+d;<G)9$9cW<$I94v3={G5Kf_)H`S&rf*@A1>`4?8LrpQ
z!c^X@;1s>94{5pwWtJ$Y8Rw9v=zAi_KG1WjZp|i{)0V&+fIw39ynBhr7#pP@`HgnE
zUL<6^+)vkM--oHF2BR*3*}GnNKN8PBWAsWQu7AepSr4F0u_Ei@9KDpuDNtYd{>C}F
z@}SV;_DJXHHG&i?U6(+ef`2mf&zQV(F{K)-cQJYIL8{XW^oF^fg$ZEcIK8lla{nA6
z3ftF2y@tsv@TD05nTzziVv)OB%NOf&h`6P=SWlbZ+rr6uz93$?F4LbE#Pir?I%Eic
z%>!ioxTL>~ACJiR$<{v*ddSZ<Sa^lLF@mH5$<ez6X^z_luWqITfmhy2(8A`pwW$=V
zxw=jyYR_yswV11qX0mBFos-GcCksM(q2^pYPml^lhZm*(Iv#pA{l^Fy^x;(fKm@@a
zGGC8>2y?Ge&VK}UG(gYIdS(Q{e(Y8~KZ4*blIeO86X)S*(bwIkuVC^zlnYbM&^wtl
zFu6m|U4VI!&1lbEdT9hfdkXaiLC7A|bB~_2(6bP8zgN#^atW+aPXwFq(<>v$r9kf2
z!x7{PAanFT1@UTmu0E*Lv*%innX9J|iM<bQ0$v9_PO+XT$P(o!Xs393xLChK5Sq!{
z4rHD_FM`YhQlc+ALeD~dC6j%yth8hh>{jTT1o7UTTd2n@LVHTYn>@v!r&Lc9q*)oZ
zhfaep(x(ejq0FB_E98sxrGk)GGgII$mHtWunRqgsNz&hqAf=%BG5xa$QUzp*-Vs4w
z0#dCXj35m_p3zGe3y;MffYk#$yHcyyFp;k_)#?pQ2D~U`wlMj-T9Q3XK3_)Vs@0V;
z(!BR6Nro_a22P882D#Vjse*VOtJMnxf!{tmAzIl6GB4>XSw?#7Wxa>=h*9_(ka<}j
z_=s2UyMWZ`7LnL1-y{oP)6)g<@_J1#6ohJLKcrfr*RqVv>vg?FkP2lv^jZf&=5>AA
zqh4N^`<r@61i{?j(rW~1j++4E4tjN^-ay2CooS`sB?#pnlL@nBU4INUd$IAJo+$`L
z!m%Lpo?b#knX-}kjRw7rNbEeA&*RA0pf|A|^x@|)O=!>$3PO1u4|?9$Q_6eiwOY>+
zgz_2+GOP93L`2&$fi&vnf>28tCP?iOG9T%Uf_Q%ZNbjapqU@(Zsx`V*(L47h{Te|i
z_t7BJq)&?==K~4r%P3WxjHr$JN+y>-M=`ch-^64gyq|#H*r@MfQnXZ(9wzelsW<A0
zkE1=5JGQTlx)nh#hTJ#l<wV?;vPG|BBHP6ly@`ozJ6rTNCK&VAf}SmUmmr>hw&=-A
zFn6k*sUWjeFBHU!gfH|Jf{=x`g3K3s2N5^ITlIsSO4fU;o?7W?E`(HH>Un~Anz!pE
zf>4Ct4>H^J9zndk+Vr$1gnwdXJb$B462vRTH+qR6REmY5=UaUx%gEN$uD6jM(Q+}K
z+x0yW1jmc-_0%fNt2t`QMvCyAdNz?b8R0wi=}crT@6=0(xb17F-Y5w5B#%N~Kj>X7
zBklQ7*PayR681a+GC%64M35JN?A9|P$lE}E(OZec9y$fuI_%x-(>s}9y&nhhvrmty
zCXZocVh^xS*O-{xXYSL}h`4QepPns<=hc0BnIKe(Fy!8)ce0Eu#eO|=saJ|mL1w>x
zLj?H}$RGL~BC#t{qLm#${?sd(44N1%#;-s16@pOf{z=I6M3CQr9Mp53qH@W7#((sg
zOmKun&Hw17Or++2^cq3Da{Z&X2}03w08;hnu}`CBFEantQv{i>+<OZAJ{rjUs}~5e
zM9Dl1k^>awkiL@138zLYM~{Q^TKcGEsK=WXD8@`dD4r8QMlnhvND`1}qcMV5Kw^xp
z2y!ZrqYdjBD*Hc+s7{YD(gpF#b&OFc2$gFLq&n89Wf@st@kWav)Z$Kp_=z`0JS#Md
zI2;S91{fI;<RTygjX4qI3Lt}wl@TNlNTSh6Bo=!ljKh<RnCDQlXW>akx*%lXG)OhX
zn9efN!l6dFAmp(-L1w5?M?{PTbAYHulOQyYnkUGwf>8V{0-_m84S5V>15^2pA%b}J
z_>IYekUbS36EKQcM%tqrt4NRV56*~mBOF1hAyv>we4g@>GntT)!bJAQAtRHC96>@x
zt{|R0A)`_dvgbw6Y#SXcBkggFgcrQ}S`IRfkx9hujfWYzf_R#T8I^*N=9Q3YxDjR<
zsrh7M59tvlMa?H0+KW^!+4qhx(gg7|k1(bSLYhB-RHqorSVn3-)o3C;Li0M1In~$^
zK{f$7%{WLz)be&9ql|=F%3ZeQQAV;L@QVh};@XAGd_lP10Fq`r5kY<ha)z;z^<X5R
z=F!F`CQ|cgW0xSF=F!G^FL{2(arrD`as>Gk^rRb&MBH&X!)Rq9$K?#8lgX=hP|M9Q
zVqT_l;keu%R?RXDO%Ttk8Ai4s<ke$AW~@=eGSaK(8*QXVc=dRYIp0Ws#j_dvmQ16D
zh#MQ@jfMyrOf}v}sOz07%P1h?j=2+!q6nE6`oR~pQ5``v&@;)X=Tz|z(v0X5qlL+E
zSPH`#(IrL)lMu|z@g4F@jDt+}!OjSggjdlX&l{H*1x#ewFEv&OLVHO;$o*2|%;jDw
zaMfsvktIl#ass?-Gy-I<H1e6;4CG88IYyBn%~9vV>J#qKUv1P7iMtBU>ERyq)kXu$
z%-~b^R~v0i&VNa!`cn|<wW>$LNkSv>HDQlZ@CJWn8!1e#a7iYS*iT3C*Se8QMAYed
zU}3IN$TB~%OrB8|A%kDOc}5KpcQn7jXo!%()s-8JEi5yWZ_Q6N_AvPc&UItiry9x%
z&xhh0-$;)j;v3&+B%-7}M(YVT8{bFBV5*yqUn2;nDligXCvV7^)imP_BBG=dprq4`
z%m^|C$ZbZ<8<?s&t`JrR@_@`VG$#EPOOnQ9#=>ajCLuFP5UPvmf;6zq?QmBSW$rY#
z9FgiyV^2h?SwiNlH$86@0hwiF5s8)a`TLDLCKo6)!@u8{&E$U*=rzdujl~gq7K5Jq
zjTI~-M~Asam`Nr4k|4H}xkfvavW#dki<@h7N9cJH^z<fmKuV0ndSP?yRG#}SGE$g~
z0t?><nMKAVCesS(#r{P`J`qtDYlKW;1Ze@X*a#C*WVAeH>|s6FuWkdG#|-5y&tqQ;
zG9iNCJFXQ*E)nI-`(T$3$m2#Kky!an^te&RL~4HAsEyEr7CvsQj38)XrLl{MBHL-T
z(Q|~JY9sM&&qCBwZKM!U4$q}{e#*!sB1R%C*HcDrL@JE%r;G<82uAqR#<B>4-xtps
zZ$uFM-Q*f0OeFS_F%&JeMtg(|rm8g(-=P}Z+)aJL%SH+jQ9D0^Jue&iEQ7Cw{|cne
zn8PIDSGosOXH-U{`a{UnvrIC)f`#7&D~uK<GM-l$9fEj$?+PP%CEDZ7jbAsi1)(|Q
z*)St|-KZCYTHImC>kXseT`Gl)-nWb*CMxItmQgK;m)BcHHxt><zip(vhkCpj_1i{<
zAe7fJ7s7c_qnk*qEZ1ryeih{|=VPl4i-{bUR~zX}Uaz5Xd9{(vWG1|Ji2hk^OlNWj
z{H`mJ5<xthR~tDEz5Vlnu}P2$WjxHUZLshI<Jk9wJ)#D2SLh=nNe~*p@E40dGEzuJ
z83tohmk(Adj7%o7r(I)Am!y)$oi#=!lkKGxy=#mnCdr>knNB8hy?2dq;%d(xoYSr`
zQi;UM9%-$S#YBEZt~K%^Qk@FrT5A-sj9h<SZ&Wk+BZqQdZ$NS3uUVY4!uzl;8IXTS
zQAWVOg<Y9fGT>AZoTT)~Sa_QSe~G)<s27^)+!yNEV1$XpNj)t_JIhEtEr$L9mK5HN
zXFZ=7NA7WaYS7-gr}<MOhf=wkHyJZokJP-$Sb2oz&--ZJY#iI@`FS*WY_oB81o;wn
zG`1R(1fd&_c*^t(V+E5dVZ_IGX<Cig4^dCEaz2wUjVva|!RsF<4~CT!qmIdjxM*b*
zkgtuEA5kj#_VxFDO4?!ctP%ckOS;oYY!W0&mUO3)#YFn>$37+9Wi*nEt7jMI)hy0$
zV14Z}T7^urtNAA*W38~zt)2h%(Y(hf5i(xw>@muTxOx3-)Uk}T`DY_`9hE}bytj|$
zP9uY4Ts@tA{L^XVupX)TSEK9*&HMUj?lLwB8L!vsGL#myr$V_1Vt(sDSW7XIHzHZ0
zjQtmWdlATfW0xQmO3X>oN*j>hjl@q#CZP>}TNp^Uk;CNehv0@akUxzkCL<5SS__Z^
zee5}4>=ZK8XX3m12aMkZX?B0t{-8_b&BT9<9+r`}4*xOCPtl%cMcz6*WTX*sZ(JTW
zvY1o`Y5sHA$Ymn$U>-JRGLg3_56j$R<!wrj$lH{MWkf0RR;Ch^rPz#jD`3CdBl7NK
zbg)F^MP)x9+F-w6WdxZBq<^qgklk@fiS!HXvB6FvQ3pC;E)TPm*x;m1SoW$|jr|-O
zoGJ*N2SBgJ28#sQ?Y?gl7px`{^$MIsg~J$1T=3l^QpE*ZSY{lYUBP+yF~L0%1pC8d
zf{CAD?p`V4gP9TJ3Mj>K!CXPSQX~WmiMXXm2)-tWXLCZZg;U8lc?JbLIF+<{Q1IU)
zQVj|we2(_)jymO2MY$gQb9^v0g4_?}gy4;Wkj-O{gA=yFLYA3T2{&j!=A>XX$q28G
zNq`lhV0}a?>>-B)<2Q@4E3qHbuQm@2T7poYfPLoBU<VQRB%vCN-6AZEyP$}^<J6!=
zBns!DILB6l=}f+ab6+-4HF!G{d0H$GtQVwMNro6hnLsdWD{3xQj$>j5y9J?=qRmcl
z`WGnE93^c|4wf*Hr>2vGMcagoYxD469TC^U;lYoY+~`0L0TDht_$8C3qv?FY$-zBL
z<XCV@Ft(L)mt(<c!O=|QSa3%09wxG+ql2|ff*;cN;OJlr6FKgT4z@FqW7Ao|<S!|&
z{7KQu$58e$!LkT~Bhfj*qBfK%R`4~p>mgRp4>o*5q$->0VtlZZ$#&SM#_#U&!K1%L
z8Lt-|A50L0{Co@O86PYl;>Jc+ut*RuHnM`T?WkwB>*tBVbS5%3CI%-HaXmjVSinTa
z#>C(<K^C}?a7nQAJJh_ujfBgCcYZJOijrQvGFT&s7aLawV|Sp8H=17+%wi(FniI@t
zBJ1?(;6Wy`PIH5kcak1ir#A%ieiZhIc_zl;)L@$+-bu^+V9YL&%8ktYpvFYDi~L|Z
z6B(=d!P1{FRk6~vfzI;X6x_oE>lEj-Hw7o`Ce5<!HwCi=DHgwRd7_Ys{~yW7c)mH9
z!9>P$L9mdCEc>)zH4|C(+k?B9$g<xR%=?)%%jms3Sjj|2@7=*&Or)P@1yg>Za^YDl
zoJZXgOxsK3R%iuxK#biNoGpk~gL8r<5o9*VJP_O?i09|I!GuoKv)lFa++eaG&2Eg%
z4W=`Zex4hw-q*Vn#lcNXq|L>_#4eJN<(e1FV<NpeKiI-VdbK2&wV%o*Yj9z(Q;_B;
z>F0&P%->0~^z*~Pc0r1j%b~Bs@6*SEd4HhH?kMT`is148N2z4JFA3^`c=f&{n0SD4
z5B~?gxuF-W3>Gjc&x3UxAWsIHm?S-^2$^NU15DnBRJe-uTyWq)(lZ}Yod;i<&j(YO
ztcE@uN6(jnT}(b1OYeQX6iodKQ+YM`Qm~$g+i$!aY!SrkH(n0b|Bb1<exokf#zgiT
zb-_*|Zk^TzWBw7TqGZ2O7u?!IMEYk%ut$($<;nlT$|Q{MD}v+yMHx653zLL-5K(Ug
z;eX+;d4SyQdP|c2a!m1vj31B4w)~EpO2&pqWNfT-Wn?6*a*2$D)h?0szQ!f8#jSOT
zj7*Qn=w0W^NN=nUPUo^`zON|I@hj_twSsu{6%N)%5bXIs4wfE5k2SmJ!#4!OhXrx_
z`HjI&B5v($48|+Rh*Z*t8-o@T>7R|kG$ztNp9Hf6DON6+t0=gV^I5Pfn)FDIZ4D;$
zBO*Q48q5%6fr2BW_#z7y9gQ-@3dRP;{P#gEmI(HuxQ_H=aD^bvZu{CD>|`SSyeAkR
zM|nv<?+NNmq@RBdrZbU#{>6>4C*cbbW9*k;i;#iyb?I=@2gt9%b;qD)Z_M2n+$D%t
z7yE)4$D+&vx9xNVa|H3)PFL_C5w|XW59;xlYPUNd`#qRO#I2p*gV{{F99Rzq|NI`D
z$ppQM9{VG>N01WbW0pA>EE^y+yDjdoU^f$4_J4!v$Ds_|6@t6l7-Rni>8rn3`2^0c
z;P`bYSSDnsq~+j^L&1`Pn97^QDdsXFZn+dQ%rdeK0y!R2g`?K&h8Ia8TB6OS6G)G2
zmHo_CCbCZZnX!o^BWtjqIhl#9<rs4r6B(=h%?>6qR*y2%Pb57uGULoLCNeVPO=U32
z$hJJloI8Yw^w<eznIPdP{Pj9q^E|<<XL2c=$Hp_{iKaFbQ-z~0;CmA%nmJ4s0m1R&
zL^C&uWKc8C0ZuYgR3ZbRpGVC@%u+!rl}&%sdly5^O-xE)Jse*`NHTkvJogm5`8fi1
zc+CtA^;9ZLCr2wA;l`ZLEM>CpdswxF8Vs0Cf>51ezhRg|e3;6MUein!#EV|jjPaw4
z*Yk(W(M)8|A2KHqaice6<};B!f5@B?5PIC%;4rgD5U({2Guw%{t!cQ~O{v@%8*XYk
z*&}lwZl)4(b02O_W+HPRZq8#O>+}?JB@-E|r<f%MYA#lSu#WTs_$Sq@Wg@?KMw(d`
z$;j`WGfc%n;+0~InJb9bQqDFDnaI4(Hgl6Pl{ZH^$1GtY%XN-fO~ftNIc5VBS*~-;
z>xKzEu2;vJRf13rVnmHK>zEY489cn1c)oe$x?iSw>~PfMrOGrlCa1$W8PqebPpa`|
zmXN7XqUzzjbMV@Dvqg|4N+a}9_`3Uevy;hH>F`?{LMGv4%xj4<aA34jBgkkbYarF%
z(6fy<Cr6MvsEZ5D+z4_ito=<eiy}xp$V@cLnEVIwY5+3Hd^3Wq0dld~$mDp)eFKn7
z%^iYNDM&sCGTH28nSJo43bvig%^@jdGm^z%bGF$NL6!iy(p)xzWNvyvQSO8n19Hrk
z2!g4uHoKWz{~waM#<WhMR7g-J*UV<J7uxdl)F|aTvo3<%4l>u9JxuO^y{%{m_B73c
zQ%Mh!-9V<AtxRMOaFaPHm1K}?hjJB|B@v_p$aHg81VMXdm?KZ~QfYRSa)+50L9pzF
zW}1!T#u5cJe{(AA4|257X$1VYd(B5hDsMc!*8~iIv>uKz<`EgI_w|vP;}RK}517k@
zW-odlG`pEdJ#)?6kywgi<s7(4ilbg}pLm{UZW1z{o_S_X8m599yW9%q_eoV^CZA3+
z*t)S4C1%-~y;D8ZC)EP;p3x}d^&1P!M<NKWkS{b}j3C%!FEZ;R$S*(^n+a!$yxbo0
zQF8<lF&o5D_E9s7iTu6D$ILt?^4{oUW)l;6Td>?LA48>(BjXbDuCs~AUi1mGMi6gI
zdBQx%GP19G(kx5wZQ)Y0iHYp%mYS_Z+`ew9*~vuqbxX}J&*`1}Gv)z77AT*?HxYXN
z8FS#dDC2qcS<{Xn=+)=Ub0Wx}K%O@zMUX>4YR#}9-l$h+?j+)Rwa)BeBE9;mnRp&q
zD82fsS;$0sb-6hygJh&vUpEJi?Om=n%`t*_rFhev96>M=>P`K8k;<+2x6KSeD%?51
z+h!?~_WS5JJ64+Ql*%o|yXNc*D0f+k_snu8vJ~%`T})&tR+&wiy-Ts$EF0Im6pdyB
z5!b>-bF&~+E^LF1W*4WzXu(+h&@3C@+n$fiS|&30kIa}0Nk&?@)=Xt0y}Hh<XCh-Y
zZ1xCJtlZg5t2AMAP8RAZR`7-q-l++j`UE6oA)f8|*sK<W`UEj&HG7D-<!Uh#C-%0v
z#Y|x$Eo?E1n8;FWG|#$-a{qznhnvjlOt2R{CM!z$+^iMETVdE{=1ro!WVyaHHw!{G
z4~A4<nmZzh56E`&Ag7XkZZmT(7JA%Ld~KExiIS1<wfQU)S&FaCH<-v$d}B5-k)Hp~
zR4(al;SMuF5V8=*f*odoAQj4CIJ<(sEVjc8b1G?JhdKMw-WKjO%Za!a?lfx!f%}86
z!+AGYJ=kd$PR3NlO7l8+e;&&IquDJ;g;-(07s>XR=U#>~6=H<}-|qXx%x9vkSCrEr
z)vsoQAh27i(`s{<nSVKzOO}1VSvrM?EPJ<kNj4E#JO5`E3PNSaTgLxqwhH3S{SKHt
zM50#T4rj5T6&x@VuRuM`ZaY0-&b*R{tet~qDHCboL9?2PwD2!;1rupukGcFR(jzTA
zWVQ-Yq1*)R;%q4UA+vuD%8<>tb{b_3jUd>IMq48y2=+)ZR(b@%vFRwQMG&tSjk7w4
zxaEqoV*Z19?RM+*7)xU!%XN%3hlwoLu~zmqluDNCIP0NYBC=cwR=prz)FoKEA_$f%
z!OFOnQpu<rWNi_oSULMKSi^@e*5j?2*9#f9r6gK)L|mH_twtu&=0vNFiM07dYjPgy
zp%o8o1w*Wue9B#xVu-ctCL*#FNtSgpk_u(waCiX&YA4A$TM(~Ynss3W!Cp(VW((rQ
znBNK$ac%ZnZA@g@{nn%c%&Xar`G8f;M3zFgw%kH8XfvKsG_BdUdIVSSOluhvS&EP~
zWE#qZqdw}OzBgn|XR@ms;tT#QWLeWurc!wn=DnlfOuubq2|^{sawS{WN015Njp5cD
zLA)3{*=i-?#@NYL{%xq)i?I}|n2EG7#VThaYcR#CVIs>u!dl5h)>o?4Du}m2HPXtz
zLwLiDmNaV)5!dr+Ryh;t`7~?totUavd4i+vbZg69LXZ1pccwMDkchPKOe=pD5ozIQ
z>s3L#*f`s2i6E1~V`p0l_h708v1f+i1xFy~TFFeFbxDRG&5GOsKi6tvBH!;l*D9Kg
zdWw}Lu-}WjRAa3+CZEHIhU?E`t(tp<g^JuaA8TdYM?~(MXIhm++<o(LRudDsZ$8fI
zWFq&?$653W@$Oi;Z|)JfZ|)JfZ$8da?x)=4`^Mv~tC`51^zl-&`wFo~<W72)RUlH4
zpQnNkCs?JVC+eBos1KiH)i7Dez4|1pf%B3+oMgq!A$z2sFSRB!ksiC$s%9cRcDc2M
zi0iQ_Ru>cLu_;!<1447G^w<<Dm5KD&6l*dQ>9Hx+ZA_%crdSUUabJYaww5rF9?Q0B
znaHyT+17d{(qmUz+XNwx%><8KWp$HGl-3Bp`2yrWR{Vp)=BTAEv52^5GyY@EWFkFw
zt<}gxdhA*&W-fVEdMwXMC*peS1}m3|^w<s79469ZH(1M<NRQoMH8PPNyTSUJiS*bF
z*3U#-kKJe;W+FXyqm@uZ7D|uZXr0PLdMw{MPZ09heDKeItvr&6x@If1I3NYqY$k8G
zq@4B07%Q;anMjXKvyzJ`cj>Wd)=VbSW4Bv%L|l)}uv(Z%kIk_5Fp(acVa3i9n%!18
z!%Ai%JvPG{$3%K;hIIuI*JCrSX-uTYW?FNYNRQ35o@OFFcBl24Amp(s@XuXVm}JCQ
zkP0)ayRG#3!os*2+)ig%*+inwjHO>tnq~c3f--a>5l8BKt;B}}QO3Y4sn3Gud#%|_
z@((D=i$LzPVi%B1y+Nz!4_MVqj)GntzfT{qw1p&tH`uU;e9)R%N@O&gsDBOgJZP<0
zMC63>XysiX^Q_FpNUFr!8u&`;L)IQaytR~4>)|q#p|YdRrB<aNbiM^g*ix%Tkg&2I
zzP94P8;h*zk6@~>G6hbRqdgB>9|_{=dDv<Z#MASz)yk=)p2b%BqrLT%S@#G+Gg!>4
z%qnFv8NO~3fIMOyxeob=^>#5B5#jkqtPYWCzH%76x(2-Qh!uVe^O~=$SPO5!0C~*X
zBZ%jX3aeWXFZT*7rW{i>N6FkD@00uE*3~S7<MLOa`Ejd|N$$yXZ~cirsh+UHLZ(7F
z?#yVV15!O<#Z+KkOB7v+R(=LjWyLQcvU4xo#yA1qA?>4QnUy1CyizQ)$^@ZrPxRq3
ztC5K;#WU8BO4MATbU_XN33)wZ<ue%ow*a<Uu;S4tuNSNbNoL5ZU*SGY47{^sJuHY<
z?=M(OBM5%EykM;mguIIWdC^jyAg`jwqTrPO%T{(35%d_|R({2rBS<)EsRpw}K@ygt
zOgL%|kXT6diZzo-qD3;xt&XQjX465ES#I?(sReQpq<Y<ITZS?f${$zIZ!WxT#XN(g
zQoNEe3}oK1G(jqq2Vh+k-@<**%4C^G;R_MpG+1So2;!B!!K#cP381mTY7xY%i}$UA
z&thJ?-H2Lkbv;KmPu>h);c()4wG~@~WQp>2o1&zFJ*%xWCaF+6=K%S@suaZ2+-TJ@
zk+u9`pBntoI`Mhbyg>XaG1kS0Rw@(pJl^ta>XWL;nj>Vqyqc_COk`eb`=nZHeepu?
zyw+Nsf)p#yz)i04P>QgX^)kv7D+}SS{bfK}th!f;tiDH4a)E5JVpkA36Lz<60<zhf
z{ss}{L0D^nSpCB45@dmbrNA3%t$pliwMN%tDylDx%vLK`5Q<Ff=fAXi1SwXohr3HN
zA+POL`CF7%0i3GB9<t3!eH%%$I~KHAlZm)vL7O$<o!)tUYh7^!X}4}Tf_!Hc2||8G
zd%m~AMBKb~SVz7gxx;GbRB|NRY1!{$?p}TEvPLtJ_4Sk0_&&;1D9;}SqY#wzC##Lg
z_Pe5$hk)#{vR9ML-OwXdLI3khAFuAUo+cT$PuOd%>_e!3_FBqbEAs==oCYyi0eS7U
zS_Pre>M0<<S@n%5Q>9G%0me!o`z`GwN_8pxX5!H>IQ?PetRXT4^lXcUH~Ov5nvi&T
z{b~Im2%QhdlQS+6<2!z>AGErJOtJDBtm)y-?B7=7TGZ35Tsu5kc^*>zW3@$)Iv_ok
zvd)vK2Xe?79YGp^D4{|oFAXC-{X$O*;>BT1C@e^^^1<EF%5o@a|4_zy)J*n#2NuSL
zCN+C`p*_ch3L^;Gb8M(4f}lMELLCtV?HL%dHjo}^&+(y2f_V0v5XuvTa>wyKF%;9%
zJNLwp9ziho6GO8j2<CoLs3U@4?n6Ua8++%jg_a58)t4{yS_Hv%>I=0A0_$}!k9r6E
z;}5ldf_l9AGDFKg?QNkIYKS0cVJOrQLC``cG-Q*P3N0KK%4Q<{lM=dL5O4l7B2>vl
z&VNn`H3(9rY=#v@934&x<$i{mtCUHPL<@3is9lf>CHY!dAA+yn)R6Ky%6MfT8Hy(&
z`e$4>9vLcOV#1h<H)uwMj-3CD3dL_0r4aFqBmSsR4inkl(?XqFP$nGpC$#r9;KQ^&
zdd>({Z$%kzE^$Uk`2q>G%8iifjF2u!g)*Q3&I|xa4~3bmOM>4Kg?Z-rA!VD;ql|<b
zVcS7wTqvQH$eBQP0GSXfV}h&Joj@)Lg_+=aiT^<Fe|e~r$)owOx(PB<`q-Qu8uBG+
zu7mZT!yuC#N@r3GJJ<bT=kdx=K9jvFk*h-0OmhDVtqo*yLTyZ5>mZq{LuuPlbFtF7
z7;YI)1e-!f_G7uBwr^2}Mi4wlog2z%7sOr3xh|B$MDAN%7n)AQ-M6|fRK!H?TU{5D
z?^VjRrW-@C-;q7n@yh>=p)4kOO!7n3Op@WW;c;N|O`(<_DHWbQKyq`a>t`fhEf<95
z{33`VeOM5xVIqBaYp8{Z^x?En4-@Ib>7n$!q(}PjwotVoo)2&D<HMPu^!=F1^Wn@;
z84=fqcZO=2NFUxAYT#62cLmbl8QR1|`tZ&^KAaWG{vGowR-_MSg({gyAI=W#Vj_Kb
zU#Rf_rIJ3pKUCHuO6rb!b3!Zs6~y)7oKPDR>B9#@${~`GKAam$W0J>lSQN@<BE4E1
zs%0X*IxnOgCVOOL&hO*ZheEY6$M*8-L!oXWu2&a^;`<93_e9ykkWR#n%!Q#eCeo`5
z`*?M6s8PsxUR@mOVIsZyNNCbgm>1mwz&Ly?q{kDHUM&xG4npEZW<@CTcqCpASrN+a
zLmCC4*$%eBiqMb~FqOBuyCjs#M8?mOP$m)g%-a$!*KT+1^vTdlmXR^`WT-_D8j0|W
z{>jjgL@I^+qOT6sGr_$8{C<Brls}kcFrx5H!eyauCRlbPHKCG|P{u2JZ76k!AaI`z
zdVc8HYD3vfHZXZPG@HqYx8Thl2kx<kQif8h;Y?l+buckcQiROgp_(L;(V46Y<*7sl
z!7aaIM!{=Qp=u`c;XLi{Fs6JIYGKk2{rrhggKI;Uk5aYohw&dsI8-f2v9bWl?gz3V
zR1`uPIRAVlyuS{5Hiq&YB4=Ji<g-xaFeF|rZw>7d#Oo8bhLVS)jJG$jEtJ7T*6FrT
zHW4>^w}lFr$mreHCwjjMwFw!|^IwJXPsY3|T+e?MDrF))|8-~u6Y2SHLwPBbN_xH{
zlsJNj^!!huRwmN(zl17JAsOlUeW6WEr04gCdITv}_U6JjH|&vhhxAi1Rk3)1Hw1qE
zzfcB~OG7Z}1acsh$K<p#i5v`-Fu@ue4l;j*GEXBtSc6D<LJdr04IU2Fo<%aU2BYlq
zvx&$W>~C*52Z>jMakhRg60g4E?9ohQeZ|?6h`99?XXi1&l>uzaads^eS%b&gM~;jG
z?c>kGyu2D5Xpa-bvuB{4-G`J2;>FlNdk+z}ha6-p8B_{s^B_Bsh}&-r>SND|b|uTm
ze&a;DPLTEeWS?-N-F+EqUf&P<1Z)?B?aa%GV4r{_$*vS+iSix%!zid7zum)R7t|mU
z!_J?Asg}T5E+Uq_Ns#$Ud<(3#Kp*AU;cS$duN>MyWVpTR3QBbV?$M6{JtOQcCewhN
z4<ywdeI?3xUL9#$S0VAdI?^r@q&Zfeu^%bDA#SYT_wq=)nq<UD4ZJlr(q19R`e^Bm
zk@l8c)Vw}gdSjHGcP$a=jWg{oL5fAWCV+)!+mo(GnPO2cBpLP_dA%(hXEzAqSvbz_
z5F{Ks8sZD>8E1DBQQqK_%;W5nZ$Ld^CHZSwl^th~W+HcZ$JsA488L&-5nb3P_bhv}
zkRgx3*PxPRw+rIgGr^9zk@AwcPq4F?$lNE`)0xQJC-lkvBD+V(EKx2S1b6yjPCLnN
zxCu3TH={4L>u(mst*^`M79wu#TxPd3kuC1BK6QG9{Y(Ms@gm_0yG{_VHC<u1-XijH
zThmo`Cy}UCE8zYCc>gN9aGH>bYG(2uJN-5!#mcpFz^fp0tzE|CZXo!(9@p6`1gTKk
z;Q#Q~{qpQiK|FhIum{|Zdc5ep!A=&WIqLW_SRo$<ryuPMCbGA=!7d}>+C0^+Wg>fk
zsdfXWlC68Hy@`qR*i`8;cP??Woje2WsT5xmQy^Avwu|mSvPAh6Rur!Ra*KWBm)-5Q
zUf8=7x7#^)Bk>~Yb~|}C63_E9?CJL*DOL(zgSTWr^Bs21{Y0wgLe4<$vU46F;^Wum
z@3vP6((LwZciSlslFX^_t%tLed+ll_Co*}!j+sj`%i)FUesJ!z*v??`J)Atp9$=oG
z!{l?9%w&SQ_Lyp(y@d&$MMpB<jxQq3jjXxE&SKI5t2Ee}9<s}sOg^7h=N8zh#gyt|
zmuz9u%BdFEiStONg~>wuDkkMB=_$2uX7Y$jW;6L2PV>$HAC}tseA3enFG9}(vdFGx
z@+RCZ#j-E9+e%1gg-eDkK;n&zi|te*?l`#Ep3E{b>K6BjsKxeFA>&2(V!J{RFE$q2
z4T5+x;WB#*5wTW)BW#&%Ekt{EyRGt3d&?psvQ<{to636ITxstj;_9iiS3V+SqB3CY
z!hW^N?qqVgORPsp23rdD09AcreyN>Mjxt`kmfEu`1W~?+)q^?U=cV=|f_UxyX?ukr
zUMqOoE_z(#<+kN#>}n>`tIyagh`64A#%^LF+wwDgJpa6{EkVu2;vCw1u;+QZh=~L1
zKX{_-MSF53$t;D|jVH=pvKyYDQsA96JW;mXKJrA_3Ol9>WvawmI=G(srky27g_r~2
zN=3arlL^iNki2DA3sS7?fy9f!p118Vlf58=<XyXqQ(=q4uZadb;YqS*2b0xysvyP6
z-|!Fkb<=1UF!>ksAo<X);Z!jW<^GY~$mC<VoPzeOvD=uOelP5XLGDd<H|xm*|5O86
zXU8wa+>6CZ7q*mjcH2`(ymqn9?jqvG*gCuPX-bup4CmruT{LXB3(_1V?>B|*Da(W&
zx9{C(=P{ADqBh!d1o7hM6MK^&#fr4>6T9o#-WGmh&wjqQg`e2vL|h9$v6EluZQ&++
zjv$_eo9sWB$hDoVw(=s`EG^t>Yl2iLvUa|((*^NtZnckGk7~8cSdSdhTJ1I>ZY$Vs
zcQKKzV7nbtOS#JtZM!{$iEIVi`?P{@>_Q<^to+^quh2lue`7zx<m5QIAJ=ZzGZ}LW
zwTm70keA3mA9B0cX|H&h2)^OJ3}R!q-Si5P;`^h;`z`;oC)E+TkI5dpfXO=e(tHt8
z{cLwECmCE7!B+W;o$wkGuP5oWZ9&L~%R#2ozA}QW0<zD3R1oS(HURm<UMUE@SMVi}
z1NO|<DKDI_BKgPG-X!u)EbQk3Ic#SOLgOj+bx}?`6InYkPD(wdYL1fiew0(jM8@;c
zPS#sO#;w74=XxS;gvUEG1)=Y5Tyuzb=Db7p6v8cRY+nPM#+5`GpclOsZd(j+^4>$@
zMbvT5M}l}BJI-kp#2Z15b2<g_dfMY0{vwO}4*C_mp_brS4Z>!3EEwcWXClXfLC#7h
zax56+)UT#gIN$gge3<AYen8~aglOeXnC+eDbTfHj72Gfaub$-WYDAd|<+mo-BZ5>z
zoR>dD;*~4Od9M%Y6vXRolAM^2L|*P{Sdue@h&wtYIVntJ4JJ9IOk_*Zq&M8!(VZS4
z<JFGtq_4reij~v(ThDL`n~11PLQeZyA}7D4i254l<gX(VfSu5Pp`^o|W7ZQn3AUTD
zPE(vTCeQkajBxUqoDOZU|3$Dj;VclutL0SZ$etwCSuSL}T26IV5^>{jq_c^M>`6vC
z9h^$`BqN<}CelA6`}pS!CofE;z?OR~Sa^oh^f3}I_tAY)jd3P73mMm*F-`#!Y0nsE
z4iUEo$2jFoq&;ICWdr3t7sf#xyU%q}n8@|I3}?tEBqP`BGMyvm>RFEV8OnHG&2mNy
z;*}!H$^N{z%@dvJMBLfeL?^sO$hhA`7dwU9D0lfyG}#F=k>5m@IX?>G#rzZ}rnR>{
zQyfhY&z>pHOd_riuW(9PM)pWoIH_NfJ+eo-(iyy+h#bGJagqh0^Uv7-T+_!txy~UW
z<M{_}Jbs0GJezYJO%ShD<~nIiWS!<ZSw!4A&2@5_$X1!_bTW~(d|jXTxzW+vFn7=9
z8=bPRiO5xmsZPo_MC2;O&CVt!IFG_;ndWpe!I2utZI1RWrII7#3}-46IWpeilnUZ`
zqtJO)5YHQhPQ4(WHwv8=Cej;)PCF6T8->n6Cej;)PHsEe<9*r9>f??3oN^)KdE-7O
z;rrg+xZi1FBE2!!nYn{x&>JT}%boA6V1nL2@{qHK33_8FkcCca2c<%9=s*@ZHwxl;
zqpVMlROVC)8P6MK&I%^d8)Z%t5!V}KPCFCnjWQ=?XK!yj+Q%D@JIjQO=Z(jmv>$tW
zV~JC@i-`2bla95Uh>VS=om?g|HlA@RnaJ39&S_&JW8-<}nE#<3&l|N)h9DFhcn6`@
z$q~eB%P%=$B5qrL#pz-hx!&@MlkhWYZg%^Y<<57%An`Q6?!@jT8R@Y%oRvge&Gk+z
z%Sg@jPX4dGHNWGe?n45neFAU>A8PqMr+`T&tWhIb<<u~lmPe$)*}~)+xFe4;?>kBt
z>Dl%Jk=0HrlS^Qo0A)UK@|Y~Bg4g^;z?X|t&jj~0M}W+SP8X9yb7)^?jgzsTG(Wf;
z)=ojD$thzp_E}ofTj%Uy@?J5m1g>||{-9LvxWxLC2##N4K+k$-!Cy$cwj6e<BM7ct
zgq@gwP{ymlkDWXsuAetJvzf>U-{6#SDmlV#aO#-IzHURGc>dJM>>&%~zUQY-_P<2r
z4&7%?D--Pf&WBQLc5)7p3`RJTEl!6ZUSw`{a+G*1g=_OxXC@K%n`o=k&P1*ZY;$^;
z$l2gFM~f1A#Of2ymbW>VM<elkxZNob#LH{DQ$)ngYrE6MMCR4zB=jTAGOso#l?i$b
z^J;U71SwW-`VC&@ws0?P3zNH;v^&Se^tR_a#}dS=!S9?(CNlROP74#6`wpjvN##A!
z$^`K04kxcaS@;hSocI3VG%!I6(VidsjHkPt@}op5*YmraIwGz&b~)`#q&>Tx9wySB
z-HvuN<u1LkyH8#}JJW^Cd}T1qMW=wxKRfRV;?+*46OJGl;hj!eENPZK$*)d!9FlOH
zTzlW=6bRzg={~2Pi2F^n&(V(&siNcxd6$zfi1$t1<)j`<dC57+pH7w_;V8L^{--mY
ziCjhh(-|F4n&le)0ViLOB}(ofT17wTGz>(UCCZt#@Tx6*;r!!#BM8jid3WGnr<+Lz
ztfrPj;s15A6EIb=g5(<T*uT#IlXd=qT}|%;Kbw_zDpoBe#ZtcA`@Z*m?|t8UWhoS^
zM$s^=Oh&^n48t(lYOPhnR%^l}3d1NF7DH)f5=KK5hFL3NDM_E<`#k44=iXcGpU=mu
z=XuU^o^#G~e%y2Kdjlu_*!g$Vznu8}=igC@{dg_BHf2hZATk3mWhxPGj$=xuATk3m
z<?v@@aY{jd@@E_5DBNYoDLDg(+zDUL%>)m7D20L~!iEt^Pi2`P55kkjYk?fC)Cuya
zAR(nikO;&E=l5Ppd;(d%1?Kk~f%I0A1^EnqW92jre&0e_CJ5f?x*cSWQ??57`f+e~
z9!P&BZXnqi1$!AJ$18`gx`!x9T*i;;5T%h5zh@3nS~+QCn?>D+C@G0(8J_PzX2X;1
z6P5Zf5zKW+PF4<_fyB2nLZMxf|8;^9O59kK@mp|&l10R8!Bdq2L1YV_s+0>YnZr+2
zYB=fe&fZTwq6JmO8i!@kn{Fvb!!L*{X`Ij*5fV+w=cJf@0xkHg2G8}BRzWri5>>{X
ziFS(FY=|?;oTgL@a<3p`l+alua}q=zWzJLz1Q{a81ZAHfIdJ<LWhN@QXOmX8Am=H&
z1$lKe$y}ghjwhMbf?TAu36e0DWG+>*CXh_LAk&prK_*TknJbl)b4X@_AXh8(f~-g*
znQN7#b4jLJkQ<a*L6*Kqry@5i<C96|A&)?C;IFZV>@7DdlE~h2i$`Q{xm{`HcKm*L
zm(s?G-#6}3S|(yyey+<`It7t^BVXwz;*IWnC4Lgu^7=;p5q+aTDdaLm496GlK?;;^
zp(Xb+vz62ov;*I=fUi=Z%p7GiC-D6`==1o*x%i0jRjLd>AGQ2?l`3a);*X0`C6yDu
zUZqO5AhKSiN&ykCUZqO8AaZsnRXPQcd2HbkHGN2#F@<V@_Y-iZ`H)g6h&)SqSh1#(
zj66$OqO@@0*WwW+>jIRaTHtK;h>~<662HBcDP_};%;jg)MN{C5NJ=v&v@gJ?R8J^*
zsZ>_a>F{M-Aj_3*PW)&*sVEn5%ihV-lgc<EUNoLOqNYzOX+lOu<4I-c#pDl?h2YOh
zWj!ZL_!;a(xVQ6+vf>hyS;BBPF$&0Yij{_>g1rMbEf<5<3rd<GtGkH2q!e)CKb2mi
zRC40y%r#2fRcOc0nXf2$HxQAd;I$)i<~pVB9+dHW%R0rq4@rl&N?E6@AmZiBx0HH8
zWdC_f*(|hVG~QCi7myt}<G-uq2qN?9yGkJ^{yy$q#VtZDx`&2&e!bE-hls32qmouk
z<b~rIdlVwpthn=u9KDOi&L*W?kV|ia3<@*aW~EDzXF(Ln$4WveX`KW2PLX_~Bny(U
zn#iY0rXbVc4G5HJQHllm95ObN&y*E{%z^xj<a4D#kW(NVBiW*C6(kpOFOpVepCD6&
zoiCKE1?11ya90FnzEoNT*_cG%QT$4gCl#^KfAAZ3Un?grL@j^pY*&&v@q74oC6$QR
zrrVYHMX1#n^B{~<ykq~JQeK9{U$eC-&pk*)w&2godO_sr)6YuPLn!0-pAMyt6Th!^
zD4RKHWU{OdWoP-JTAj*1PJFFSrB4OQ`1e3Ml|&-mTl}5M)r$|cvrD=02(pS3KN`D~
z20>)+-KDe;@y7curCku2{dOtimS9=_Db4O9azdA~hRgUT$z6(DiCX?i@*bs55Sjh{
zR8Cv!*Wwe{@BFQ#a?;_AxPwYQ$?&hJZ8#I&fKbXw#%t4q3adgp9p0&ax8e#ScN5)8
zHYX+QgfaAtzFVmj<X9jdfc`&9t<b`;jQg*Dlr~O^*nt^Dm|C`s>a|;tqtx=pkof(u
zr`pa5^$o07Pxa3L>4dxJN2{@q`*pv50<2Ee_y8#a(nrlB;?+G~E#t(GPrO=3#EV9}
z8mc}t8vWH|L1Z-gtA&Edn)X-gIPq&bP#wDb(3%cb4}Zt!MAcnEGSm7oHVS+mrjC0G
zNmYn#h8b!s+yqlE6=X1wiE;2ld1@vne#A~umvQ1p>=gCG09gUKZiE{5G+HK^8X%{t
zsYJZ^j8d~X@#8Z}Ehpl|XOx<<67BfCMOE_!k?~R08bM@yRCOySetdLw>ngMZ-?G5g
zgXiX^n*I!uBG%(x>Mc<<4U;Yq*;`yS>p3EG;91fuP>a)5TD|-4=Z;ZZxJ(5b3%@t|
z#2N4lWonlot?(?R9<<I-<7%k%bK%M31|VbAh#+r+%*Q~^RMQ06{uN_i06AN&73BOs
zVptoHbJPPwyc^@mYGW;0u3{(0!23NX!*7kL2L#zD-us)VDld^tF%bOyf=OzsAos!z
z82lZC$!Z>v&@2Da?-!(~<(yCpc0%bXYV*q!jnMt@UKfz_)Y8>RNCwwG=c{$EAo1ID
zin^JTrWpC9h$(8pT9hf~Uqix?d!gDX2(}=8uks>wXdSoXeSh^5wed9~GS6SCPJNxo
z5LlsLPPkOf5@h>Dk`xFczg%&t+Qvx{!`n4@1Lrc;eFN<jv0X4*A-P=b6hz+1Nmn!K
zNe1uspv(+)=sF_fo@VTKh{hFah9GGxiCn2}7UUL?L9MIQgf~g60A!G4su`Sg#GJes
z?xhTX8)a&qAXw8moK$c^??J;v%&t+N3y{B{^lQ}3oD{PdXdNW8)VQ~>EdM(~S!%W*
zvMsJvQyWmGgq=N&PA0R}M>%Qoo;+r&>pAI&kx|W7K?VLc9-Z(5<L%{>OD=(X#E@TZ
z^klG2(dU~4@xP_)ksh)IeImbe;u9I4o28u|GCnt}t=z*3HU!?~yc06^Eo%JRyk6dK
z{oJA^yyFvG^8<O;C;vjkZdJQD@q2Hs8d{Gs9Wm0wTy>}*vPb2rWrE14-lk@5K&>K%
z?T*iv^VIEvynQ>7J5~EVl6kTmZoEu|?-r^Vf-Dnf%lE0<1(DzBDp0NWNo$g5ui0uD
zC;oT3W~&W?$dOX0mNt>r9YwU?DOB4zsbF{B6wCTS=|!sk0m@Xcr(qPF0A#M3&57Uc
z^V9-CWLwNrD+Q5lF;D%zncMMlREc_k6FTw0$d||#^uDS+Uy>fu@_e=WL$u?6-)6pA
zw+V^w&jL?Nw$1{zS;)w`FHnbmL|W3r1?pBoWD71-(>9ZgY{5lp(#J^X9Sy!iRQI(K
z*$kHxa4q_<s(e8NTM$Ww+A7HT@Wwa(`r#6F<d-D#9%x}^t5T~21htl_?SkM<R3wk7
z316X>Kj&7fabF|xSDw}CiJVaG#qm|Gh67|cv|zQGOj=CF=Lt1k5IMe{P|F07k$+NM
z#fe|~lj?es@oxM+seZ+YU;2}3M}R0$`jaaAhWqT5zCuk9M3%Ke)j9FYTA_|3!v1e8
zeWP`Sx?7O(u)nxJ4DY$9ncL8^U-}C5)&RkoXob2mKuqxGDRnC+MLa_yd0Nfb&OP*2
zuq)MKBHnmksV)~p_Lh}uoglKetWp~Vkx_k4-Ny<1YI7#sM1ZoMSI2zI%kuK-OX^fX
zWL|wq&E|yevtcb>QriUiXCH&Pnz5JF%<s@nF*^gEZQ-}dSF35?6Zs9|gWsxJt8V9{
zh@Ci?a&MiQ`~%5k!RZ2O)v5b9DPk_z!JhesI_XE0DPrfrd+XSv)~VToEUhFv>(pjW
zDj2@QayHa!o!TkL32>hz9<0Bm=KqX#D%dAA@U;yf4eA;}Zn~Vv+iGqH$>a<2j%w{7
zVuPJ_6K(*iX`D29Gvfv|M-VxdH>d@q<z<`q)M`%rx$-^rvjCY0KEJ2NcVbyIS0dS{
zc5>p+m5u7uohZ}cty|t#4{+komCb6}E|l@-%4W5JletXJjLj<h1!dqZn=>h@o76N;
z<}#cs@i$vHspW#mxpK3b@jGf&uvl0lOa%`&tNDV=Nhk8Dx=fHA&{%`u&gAE6vml8u
z10&g@9uTBK$h4}7U1T{2&H+&73pIrkKd*i%^QxDhJ>t#OK9POiCvtRem3F+DdaIgA
zrF-r5wR#UH{#gE6eI-CHfx3UK?&gF>E|PE5yggV8f2Q81mJ#tr?lyIWAaZ<dQ|kng
zK5tV~{@`}JQTeU9TM#+kzg3g>l8hYh->JJfnaeIHpeMXPs44qUW-k9t0h}*>RN0@T
zC8P0^I#>|ddw)_-<HXN??dnCG_|a%rZw-(cQ1^DVoD+%$lAl$!AItJ*hYocx5ij?4
zs5&PbV`b0mP*(^d*KD2Y51haWa2wpXhjW{qYUnR+naPOlR&xcBGwg3_8z=Cq8RG8B
zZ))5D)S}t*YVfd2O%w#rmXYjL#|wfd$w>CA>6~ngm80Nqb>x3kx{Tr9>Nr7U4F6WA
zbK*zrpn7+JWP{~{>M~9!Vo3g{h8R4s3Ph}1O(fz)tXp+C@gvr)<_jVt_OH56Xvz5e
zr>4hn%ig<7G2v!T;G3TiAAI%~6W%QdKDW9R{5dKdibbsoe)f)}XLzI_7#}3P!s7(_
z^-&^y!fBlN5j!rN(T7Tx5j!rNCy0#Lap6i%{9YFyj_-?F6hr)4LVS2UCr#eW*e{$(
z#2a7z!uJazM@ql&gM!GB(m%XH5E-9=;dcd*{bx|PMG!eo2Zg&h@kjTdaOha{(9cnW
z!b1g-YnwsgGX#<T3<{qwi1cT0I71NW&xzp&1(E&?3oqxy?@`0TYmXo;0dg0#&aiM7
zC)CG~oD|MHj<<!kYC1WbPsHnECx^>8@%z}xVHS^C8)Ic38y-G<RGtz}<}&d6r?9%f
zThph8YXy<D7!@Ac5A77Ot&h=Z^QiE6LB8!xBTfyc3xaO};26}yd4k}ZfJn@6nIOAQ
zBVvbZ0(R~PnbX3p0Xs;>hU5BE>1YSZgs>|J+CefooFxce8bfkHxLlB};17~Z!s`Xe
z6n3VEy9D_~*tsg4IDjH1^TxH|>XVT)F*ypZ4c7@GN5Qq>&p7d0`MU7$0Wu#-zb+h~
zNVUK{HInPYWt{k#HaonEh}Wjs;d)N|Hq8#}!^uP0rZ*nZrZ<Iixs2bYw}d+dk!_kA
z&N_wsk!_kAE)_(!>Fwbag2*<#Gu$AEY}5R3t01yX?+bScGWQH><=NrT2=ZA*wJ2P8
zE)qYgMd4+F$fy>D>xp=MeonYW$jEUzC*017ANe`q*krU!<ROUjobX6aXfz?28*b#p
zk7{u^X(D+jqgrxAROg2axQrjwg<*XX)j~$KEZoeAKT^uVy9JR^eJC6^8MTU-jA}(V
zQ4kr`%5ah(GOCY+(*!{~*q<K@7Y6JgSrJ|nu!H2;aGM}<q|}DvQ>b(~Qr3pY2_i>I
zeK<!DIa1yUR|_IXN@I94C;oh~DZJ)ViiR91o5Ib4$Tr;+?j+*1=|^F98EMHj{V1Hk
ziQlFlh3x=Y3ibLZoW=>YDU!|MK9{2%zfC_57YZWV^wT5Sv?bigW&AeX5?+>0{>V1{
zB0P0E62DEq2<HkS+w`k&sUWgVzX`7rM7HU-;RZouo3@3w3L;0!PvI_3{HS(>+wUcR
zWK=uC-Ga!dc7#v34`uv_?FgS9Ak`3`9pQ9NC}K!D!>ye7`DbT%HxV!Y><qI4wCqQ9
zXE<398P#9H#hmyt+#Nn3h>YQH;mrHdP6hvB60Sgg3l|6?*Cczwm4e{94rTU*>p1bF
z@mIKJ?xE56E4*G18I8Zf-*Vzd<3RX-0kRS-9|#XEMmrP@B!7n+IPs%#Fx*PSi^jol
zCntV14u<u46dxIl?r;t#el-3Gvl8-IM&rM587F?d{tKrrL>bznVcq`==Lmv(G$gTF
znIO1F!}r>HXbpnk9t}xPZMPsBh0M`f!XmPK2kg;MCZvt$#LvCGv~)pa40~yJl9so(
zI!1el6F;iQXte?I0(f|gwwV)(Dw5t>P8qMeH{Sbb#YDWQ_R*Gc;zzZQwp|bz)nm1x
z4^j-}D&;tBgCH`h{j@Glir5!>=!Bu4mi`cG`El;2t*W4C{0(bojA}n^yCAbgoD;Oc
zi%CYtaF8}$5E;Y4S`H_E3{TLC1(7j4L3@g{yciDA-sHrO;SjAcKwbfVhG;Eh$BWpB
zS|<@NVkc_dg2-r`s1+`u_{eAs)8Z?M$h<L3Qv{J74%1RNsbHJn^Z>sqd6HJciSOab
z+8Y6ar$#4h9|TA}_?)P<a^jDj;aWElZ&f*5OI(WnG;)HcSR=GGocJ*ubwqqd9TJ~+
zL2H!OOj=%i6s=9zku!**?Gr@CN71UQ4vkM((;qoBK4C3c5E-Aamc<E01M9A7zXnJX
z_@irmmT^0tKM^g7h}T{bEmaWdPedF4=%N0YT0JL4tTi!)pU#<D&f_Rk!9Fd6yBkoJ
zrPT`Z9*{4AxY}+`{1_%_an-(MeBzU&t>VOQ<uO_(Cw?oRq5TygSkp5OY31*stg%|?
zi9>5TPP2%3tvpUkCBn}t$H4jFSz4YT9dMTz$po#I6Tc@UYb`{$RtJ=oq7^QuTFBme
zfwqhj^0^CSF3>tT@ppF9H1|o=@}ICw)20d{_i@v-3_;{RE>+7FM7GW)+8ct%(R8WS
zEQs7!UaI}f3HgI3rI%`PE3kAT2f)M2wM0%j_=ym<MY@(Eh^*IiEt811JD#r93mMs;
zr)ygUk)==9{^W$doBAJ=HC^lR6xCh&JVQ$mMAm(VHc}8-_bap{L1f)$YU!N#JNiuR
z(WlXJ1-lZ?X?tD(&l$CPK^i`Swt^GjSy~Gxel)Jt&RXe5<5<wTUd!Z!W(OqM+CEMy
zSaxrClM=`cTJkEYg^bTlT81EURNkc3a#9j<9C|XFqcsZhDm)*<r?)v;I}v_U4&#%f
zr9Fd|i`YqnV%cx-e{a^3pCxiR)(iga7H!INNJ_l(mRqztIDzl4o&w)u90^YYwQ4~+
z;EO;wQgXFgL4JZAG}^gMYZN5%8Qto<P5XtD5+>W?Hmzq3m4yUP(QnrjL1bIpsSSOe
zJdA~Jy^e(V+^ucr#BZJZwA>fC9q;MnecJi}iGbF9TEdHD2lt*x3bbra{EU6SR!GFl
zTK8*}g2=YGU#k^Fw#EHgYk*+gXKU%TSeC#3nXSdYgv6iU3$;u^<orHI>+>>s7z;-5
zz5cmck{}Ko+aW2|vIN=FgT5g!Pb&}v_cHiZfl{qnkUxdYBCSpkeC-Nl9@1Jk@mB>E
z+C^)zbn3lWiwf=D0C6E=71}CJ{A{yWYarsCVlCEM1d-!(vDVH>k#~l_SgU;%%krNN
zRBE9*B63tN)s}Hm#Qwe)eg$O`JlE68U!(Xex`xPOTIuUV{>dX!trfmOWXu1k*Dcrb
z*AbEX?&Vs|TSV|wHW8jvFV|QD5!n_`X?+Bd&+(tu(m3&-3qP&Z2qLr1DsAf9Xve>M
zuu97kMD~_dS~n+t?|nwgdk3|G#9fcXZwrvwz-8DNShJ0Vws=OX7v$2bXx;LX*2xKJ
zO$M2lwe0t}KVDv4trZgS+H18|DTo|#tF?APWW8R|$~K~%BKFY+8r`pGU7S>~xcA^~
zZ@B;SidNc49xj1r;>~Bl_qw%4PKp>lZO0z<x;FJg?oW)&0IzG+oD{KRuB4|qZ)n{@
zM)rg^G;0%;E}zlAsdWjm7uIZWy@$Q2C4EGeWv_cvn<|JLxo>J&g2=XbQ_J3rS~P>;
z{nWR#eS&=SJG@uY7oN3gX&;l!@ENh}LWpXEcKG`a?`Ts$K^eNGjCS79)(A3KWaD?W
z?Si14VIcGF5q8#V^`D|0|L)UzZL1)+!hUcDl)gdh7No~YcwPx)qo%Zw)~iY^y9r3s
z5tf^^G?MYw;mumymP37R*2W1Ueg06(7DW2|;SrWMX`P4J*`y`5l4WV<BW<c6(#}Um
z*x9V@<}%cK?|@ot){?&9c9_)qM62PXh%JCS75Glpr`lGM;Wykc@-15Ymxq@AnKoV!
zY3DPoos$YS3EJX5DC_eh{Mo9-ZACl2KU=j_PMSP_zR}im;`_5rqx)?B$lb2(BQ5UX
z5-4lCmhd%sh__5v0%_B9K@RkfWov-^q?HO%cwsDm*Q`Tp=cF;_hA`}m`@(64mhcVQ
zDPp<srX-OXPMTughWF!$4Bkd%Jq2Vw%-uV*N<qGcZy=*g=Mg@4YJUnD^soW^>C}d8
z_kI2p$gf(GAX(ru+S#Mk3nG2qqa}QcTE5SJXvv)TKL4Rra?%vDU3mD17XKZUHAmE9
zuU06C^m(t=&WS%#_G)q8qZX{AV5EEx9_~A$P4{aG$#|n+zt+e}6?+4o0qp>-{aTwK
zi(X=EKajt*Zb9x^4ZmM-A>54Ba@(-1DwYOqF$74gUN6Wb74}0wdg@(*41>8l2}nqf
z|ADkrxOtAGuWku434ZYbOYg52a#F!kq1{ntpx!OWecyt2ATvbI{E=!JhPT+xgO$@s
z`r#QVQ9ryNCh9A=7Uif5z;dEqA0RV;jL=&IIq^gIrV*5Ns^04-EQ|Vc7RV_2pa8iA
zh^CJx5*lzj+|cO<&p7mSLEaUsQ&Z0+!mfuK^_a0uy;P7Bo}wIX>MMxwRUAGwGxa)7
z$Y%>ix21Oz@xHwu)f3v$!zS-L|55$RpM9Uvj;rtH#J6*ru5@rM&(3H)g@|WowEhk!
zRQG$KrepL^1EdJZSiLhq76Ca+uiHVE+n{A|9e%F9nMlmv-@<oiLFQbY?IfQMwlek<
zC%Xk10AFLP0g|kD?jjlE3%I4iN$W2}+F-`V5jRn<*-az@TCai3L_O_SBG-V{J3uDs
zr~QV+UtOf=w{SxBI$wj`i(U{Q&7d_!U-mn<)9bIND3eUn*9g)V<{d13n%*qP0vK^b
z4)2H4^foTzmp)A|=t9d>`j=4FG+o(4Wu?6j-z<WEOVh^-a%=)wPSeu`Sq1N{V_9i>
zt{~;0{07t_O|KDTFN`lDZJbb9JE5#JJ^7DA%eq|85ajvW$nxcSo*-l33=QpEuD`$u
z+4&RfT&_1BW@oy-U693a?;AawuJ7Zdis4}>{+`QpJ#jCVUd7tLLnK$|Qw6~s{tsBb
zQqL7+>HYMZFEjNrLFUb3tPOJb)q0&EI(Ue`3v;dBD#!;=3zW&$y99YB2~J7jc4Lm7
zu@6hHVBY{a1xTJ=!$}nz4(DE{0l7zS5u_5|d;xN=en60wpfwK2eR|=aq888(@mHPZ
z=naCbfc0SxkWziOAb(v=WT8H8KWY7z6~k@^nKC^?kXndXK9Gm>Hcl$oIrC!KVjxv|
z!e6BI1jsxAWSKsVlL~e*{1#h1kf-#k0^~g)EA_kp*#zVneUTvLupUFL=k&(|1ht;m
z*8~V^y{K;$B(DM9<^l4O-Wed@0$Hv96CghWc|}h+KylszE8z^-GrubGv;U52ovxFN
zHxt$A=Ws&ztnkK5ou0-?N6crp(l0u_rr*X1^+Q}yzoy?8An}}(1jvuQVAZVyhQFpB
z=fMr_-@wCqeQ`hr%UY*D9UxYJSW)YB0dnOaSR3nUe`CE$*eP#Q4sX!&h=j^Y7)y<Z
zwXt3%$Z$yV5s+@s*9fh`;j!#5D7`^%7Bc&vfw`2EHX(C?8_Vv7vKsXGgH+ay9vLsl
zTA1~425Hc*B;xJ*8}#b~<gAm?P97&k{P(twN`)^@=u^AN@>h_b<AJQ#Ylv_=7>)Pz
zh5*56Y}7OU;aXlz8}&RvWKA3OWr9pT9&QC63*W)h8;LMk_eOoYAToxHy7DjiBkSI%
zHwz-`-grb!8;_`Iqn`aA+1U*9B%aB<uiq}n4RG^wAdn`#fRiFN>j79tK;1vk3)r#n
zFU6dU0<uZhW090_G6u*edUk-E3#3JVf`}LSE&6i-f|1{%uMH54YODTUfM8U=&|3op
z``DL9tYp5@Gmk=l{2Amc{R2*D6rkm=^sfR0EpOF#1PEIGT0cO9y_-p+=^MQuj%tbo
ze_!Ssy^Bal_RMX1s0Yc&UbpRtmDM&~5i;1LE`<1O)7KO6depc2X90p9ey492T3C8I
zXnlW#<?r?Mo>aPQ)9>{xL9hj}b=vgO0GSEoM}6qgs72WZ%lcVg#Yu_xt9%{$t3*5x
zJM@hKf?7ND)&Rj6cIv4i?oa4RG2VCT*@9$>@xD_pBjWY>o%$*vBcr-gZxAwRJ!!n}
z)OQOa<Gk~TKDP6SKDJZu(+mBf(R~BdeU~2Jn<9p7aTkzZ^_&1H1oFGSo`_fXKlIiB
z!Mg9&bNd`x(|vlWAhM?W^jbmg6ytrLzLkhq_kDVoAhM?W^zy#kvNv}2=`{g@V`rbf
zfe4fB{-^$tAaX44*SB&~6k5D6hAo16{iTPFrD({}4dghV;OIW6*T?hHz0v)zzAr#<
zbhC)s?@$kqiX;UHdU#YMgGlJHpW$2(wBjOpf;0emgp)!dtSKFKk+34_5vdK3<sj2D
z@}nTHgUoY4LXiUj@(PgN5w}12{1n;&a%`krkZnL3fy74|1bGN@-RD3CMp6c#*84Fp
zZi3$u2Qnm5E=XTEC;0=&Nf9LhW&GTd7|9uUI7vGmNf8_LFU+?C7)y*4b269pZ-kqV
zU}t!wRgj@uU@v$Ptga&QgHUTO`{6&*8WG7AqzAl_@Dcpm$VdYxOW5oE;Wi>@of?TB
z%u8n(Ff$GWGAeTTiaH$Wf|Dt^e#SLGIC3yRa19WS^yu<sa1EeE)^N*|Gfx4_k;r=i
z5(Z*LwgiX`#E!(Bfc}uySRkiGN;zp{KSC|A^wT5FBojL2N1E|Zk90}`zk`W0_34q&
z5N?Ov>XAeup;hqP7Pw0~J(45{?jj?cqzdvzGQ0=PNw%;fv&89$;cw&7NRq)rNt$}#
zFQVdDP7*RrJuuV44`;A3k^9JwmjT8^$~b9?`6mZf(=dac5qUunY3Gbcqaf1G*vJn7
zJ5!+av5`Fiaxsu`kv=D4-F?evMUn)Omd}c02qG<?9m(T_B9FB=J5qL-o$-+u53@5q
z(sG!c36V}t8e>l0P3PegylBXpdZaH#9#?TbVUsCh9_f*G0L~$yUK1kYhhn|x&CM*B
z9nOi|%ZWcPpBpI;kXfLW9C<E4a)3;V)Cb6&KvE(f1_;*u{K(e<@&L$8i5xx5@0kmL
zTo6eL5S*>1MQVuf42gX#HPS+aT?A{<C7_iW={$*g=EFz9yD*@Y8qrTCQX|Mkkz7HZ
z8b~r1N9u@#e)*F6{3Vg?g8c6|Is>^R!V<Zi(6Lv=vPYq;OCo~>k@Mgs5sL_u{rQqe
zDkoL&y~0@bB-d&gj&`cp3@H6YAeTm3PC?>lt?7~NoKWO(R8EiV2@uTK(<4WZpn5&<
z8LWcA&WuQ6fGmW%Ul|!2ARmCt)seIS`3y)_<kkSe)AsC0S%54BJ2ywx1jufXxg+v%
zfOG@NkL(GMz8AwYjL5MgeGi8LnHw1uAO?^Hk>mh53&=x}D+T#(2edhm%19X}MeP31
z;B8bOOC$9{23G|)0jZ9(21p)|CnANTsC1Nh0LY5S3PB!%wpak<>BuHd{K&72d`U81
zCRrKT5g>~}YgOd$0KxwJY$T-cvbfgcAoE<LS>?p*tItQe1lh9}#suspo{z+b$wS$D
zpO55fL}c%MK2k4;?7c5Um`*aX_r4fO;iQONbUHnAsg2Z=Oi1?L+DMDgN`&5vtJB&@
zZUpU6&wK`au8qVSM6hSp0a+bs<fMX~a31^)9gw=n4kF$@_qE7gPW-<5T0}LuhddhC
zS6_={67kkQuSaea<n6Ozeh15MMDhb<azEJBMp^}tJ$zkcM}S}tZ-{gU2=?CfkwF&4
z2eq*Gz8`S|1bgO3k&6NZduB`Ih5*5l@@1qTKyajd9jOQq90lJ-Y6ArO^N*1a0|fi?
zjz~KvMeH{4XDg6jBPU1E!;P^K_?pcwAbTU@IH5h-ZSao#zDRn2>;aiSBl!XHKOlca
zmIX)%o}3+w)CI@@Apb;i94xDdRl&RMxR!`9>IKo@yah?Dp|~hBm+z^EgVs?-CMQK~
z>>`+RfrN~~qsh*v@a2;+KzbP~IH_QZZi!*zfgEFmPDhyv77t`9kUoYk$lo_Zo&(a?
zxSojDe~vTqjv&=z(M}0_7*0X22Cd_a?f|(FNW5|QI;x+cj6*H|Os1c4dVpX*>}TY0
z@_x)1EtcH|cKRF5f?Nna`~e^XjbAt^VPTjro`wE%yur>Se<r}VKr+Y}EXZ9#X0TBw
z$Tg5#O2N(vM&end)eJqnYZ$Co4f<Z(#-n7r4>87bnI+8n2;P?ktrLyR0C@z+P@|9&
zKSvES%Fag16>Rz6@D?e^3^N*tcu`F>@+P6oTsB3na*Y~6Zh`f44QLHF+5}07h4Bt#
zgfVn7X^j?IBaKu+E^LQ0B#=4Ps23yzWCM`@Gg<`c+aJE-17wuZmO^&g`w>x%<nxG3
z6f&Ao!wF=q^C1I(R>Vj>A7zT*myw8=#&%BTvetRj6QV}^6tdF-Gxc`RvXAHquCcfp
z&rAG_<Qmlhf_>gKo(m9MQJ-eiPDRV4g<1V{qbWezp{yk1s{q*z<P4*mNaz<>C*V@-
zOe5g}ZYT8GO|<en)6j{qjzU^vpJ}9UvLrNn3H&lR*g4ZEAi{b+3s0yxsSc2sG<XtW
ztmmYH%NzsbY{R+`%c^28z{%ufc+X|LkrE)&fJ`v51epnu9{^hC8p<@%x?7NBW49o~
z^J3XhkeO&?r;^NQK_(gPoWSp7!RS5}WF{M-i%@0>8-IKZivpQq=z?r}6;3mNOg*A?
zE-<d(GITDw6g<4Z$m7I67oBFT<iu~mX-0j3OaRN%jD4Im#?0FfzxV_s)u_D~{b`Dk
z=b{%Gn>q3ATx_%l2->;WNW28K8e^UYI~M`D#7N<!h|L8u14x=NKJ8G;ml>IyP%ZG8
z)aAx)Bm>`6g=eR5cRAfC5(M`JcpGZE0R_QdQxACpoMEgjLgK%Tn_(;=%c0|8oMu7k
z8O9TWT=fv#2LN)V@s1#$%%!Y8(`e?TBL-JHw}Z@8M$)C|a|P=ScQ<AOx!P#Dj1w<Q
z%raUzq0&o1W|on7Ij<@E0DA9YAlDw@;dRD(E;Bb&0;N9+Bm6pJlOUr7x!!0MM1}14
zSzpGojh_U$3BHi_I9R^H=;Flp`9>q<3iA21Qg~AvWO9rWBA(AT8<m{Ew?ko1{UXTR
zY*c5U7S*C2NUqVyNfE1?4|i99<Qb_~qD&E+29{fa++~yqvU5H>VF8kFR0=W=;=B{c
zJx0b%(&`ChKac`r6(@7qARz2gh^&!*70NVu5qsc>h!q;|a+$fI4{xNClR{&+AYI_k
z1Xv9g8Ez)8Md;vWIGKZ}&N0Sw;>TyM@ee2dTrkh*b2ZoEYpq`3&pe}<6Zp0d<nRGN
z<{Jk{hE;>lLx7YT&DR|2^8#ZhCltdGAhXaoC}d>sU1ao`MOw0lKV%FQMD1jJ*Z;7Q
zC&(WIV%aB<h95S*=fod_<wj?K;5kycF(?ZylMK$V6~>4F34=e2jj5b8@gD91sWeJC
zA)n9Sq*}<}YIy>XrAFSh+~*ivEfbk~9g%+r!joh!bNCosYGiSlxgq5)$a7rg7D40~
ztTOTikz?=?qnH!Fy_Om2*JD|Jdp%}kaY8;{2$ml+N;zrj)fdXb-FmfAL&WP*K(hV#
z;Azhj#+w0xr#&l-j{*cwd!9D72FO?-&lv5TY>btsE6*9x8xFNxW1JfxX!*q>EWdPw
z<uyhc*YYi|HCB<G(A&_T@zm&5V}l@{0>N|sSB(}<nwacAb%uK*ZyhH4Pu&sy=QRUV
z;jgKO%yq9BYq=IhH65b*hOw0h)8V`h=jC-q+)ccuA-xptS%J(tW2hkO#Oe1s!xiLC
zar(W^NEhTmaVEUZDCT4?`xWlnWOF+$B*ULX+y>-LV{i^H%X_l+mglp~t8W>(B*RB8
zX2=FZxtTo7xD9d-*m>JXCc^f?xhRr%i~=EZx;STh*QgdUg>X{(3an(_H5vkB4rsk=
zbaCRxdA*Tx3zh{pTE#eBe?*)&cs^sC7lEA(#;aV5;`}I(Mq_<|tOU|z47n98lg!IN
zJ~UE@u+2kZ#|Gp5W04{KobZW}#$`&_wF9A+p!JE7E67YZe|{gxr$(6|_X*Ns)Ce*N
zZen}_GM^cp0rEAFEk=AU`cuR%1g&-;Ul^sFkcVABzA~zBLz$A$KM9bHAZu+i>IA`c
z9o~W2W^5K@JIoiiL5|vHv<reK_IMt(&FFJG+4)lRsBOkbLEaEOYMYTFNR8-G+l)LS
ztW!J}-e#;3GV;01HltY(`Ltr2v0D)Nv|^hv_zo)lt{(IhW}A^ANP|aK5MiYQX;f}A
z8U^_^hR)Eo8S!^=J8ThX;mF-)jOPTtdr%JhCfLhtGp62)GDU1h7KH0E7|%woAT2u?
zI~vHh#%4j(+*nrT!q+K{+yb)vov`zRQ5zsVU>^L@=oI9URj~5|J3krhekyC)NZ6lo
zvRjbuqu?9TKz=sH&qkRlwgr4Xm6IAl3SdVT1+v3vcmQSmY`oKG=7jno?!<Q*Lkqcw
z-l*JVv=U+WeGcn%u=9)2r-;jh<QUv-=tNi@l!aq(w=p$9CV|#&qmUEob){qA9KfjL
zq{&+`{$^|yM9#Ut8$;*#{@{A`55wZbU*+yKQaJJJwa+-f3H+8Zw8b<ieV-9m?AyWJ
z&EH0Rfb@diaL}mb1omGeV)-cOHnx^<Ew<_&NxB5N_(mEj-9~6W$-I6v?SQ(CL_wy3
zo#{||w^7MS5j*!MS|@ZH&4OIwk+@Q{1FLQ*3rAD8(IrSW5PZv~+sIl#GPl7R8)g18
z(iS0UVt06?QIOS5a8dzU{~48KBy%r(KMGG%W6fGlD%fE7((Fv|FxFi0Aj(ir!1(kq
z2S4PKY>??`))HZpUx(d1NQcaJL2iVaqUB>u_hGKZmV(c>gVr%-?{Xq{0YRDG=3q|z
zcJFPrFGiUr?|E(?GjR!$B9<?F?ql|-B+|STR&nreAS1|Au)n}v?XhMGCw@;j&aC5P
z3B%tIxd;3?&iskAcn`;##+%)o_%ZBfx=YC)8N+^NH76x3C5!S#f>|fXEcm5P+}$LY
zTLT2=_d#Z-Aa{?0^(>S=*es|*%O&j2DR550$y<+7S+aEoo2^7*<SF`K6I9@@sRy>#
zLtKl_fBe&)6U?~B&<@pfDaf2)x}5lJI>gKhkmVqAqPZeKYJdzgM?TIy<ngHkGTh7z
zkavNMH2YMeOc8q&cIx;wzftCPLH>FT&KE&OF+<Bq<^s48gSRzwvsjSoOxhtv%;o^W
z7#im0CsE7q8&NZE1reDOZ1XHmHXd~&e4FkIDC;zHh9FIs()&B3%~C-|!21R0;pyi0
zoRqM4AoAaUR+71klewJy0A!4L)Kgei30pWRmi+=`oEb03TchC_E08nIGdXGEH^s0&
zpJh%JGV<Muv&?)UBir;W^C?a!`yB*3XPNb+#c!F$Tn?uhW{a>R+x_e#+Wl<vA1>p!
z`*^eG)7)p?Ug*zwb0`spZzaI&1f*DyJsRbW31&5sP(Qfei<xACStn%VTM`q@_lR)I
z=<@`#J3x*GpU*LqR$}S!290>8Imt}rq{({*G|4O!ME2fEW*sLbA$iksve_!gUr*7k
z#mVMALFE0+$!5YTUenNdYott+i09#Cb8>+6hTTMpnaPRo;dy30C%%X0nKgn)56?5}
z$xi69)l}B`=2jwJS?8M*pYbC<2%<5?%;%)3*Lt|EioYB>%`6w>@;o>f1es}OjUd_i
zFkf)8o(RvzIJ&2q-JBG$sdrMwPBq<Uv8*CC2eh!2Q_UPs=6U|4ns;+T<J|$v7nySd
z<V+x!m=AM8{Ri9hQgeNPpw?yPPXU5j>1H=4ehg=r3D2QFehg=r$%4oj&M*s!^oq%%
z8}(P1%LM5Q%PL$|USY1`q>`n=PHQrhb%hzK@uP|!W|$`h2)5~!rpt-%&rEYFC%!*3
z%>qHBKQqlTBE4jrUS&Sd2}KOcy2|`2K=3YcrWtx3{qf71WhQdsmo>{w<)kDed+#hW
zR}k65XPM=K$lg24d`Z}m9?mkil8o1;S>|s6f_1;vjC<iwf37o!a#G^;)$7c0ocJDI
zXXXeZ%eu}i;Dj>LG>H85X0@=h5bmbpY;}WKM}(a=j#k1qm|q@d=LVUh`pOJ&qxmao
zd9}FFWH0hIW%!JKI+S&jIhYeaAKqlHBAF1{!Hkq+HVATV9OQUd$>f-=g8b4=yV@Lc
z9}#x+KXi*S$Lv>oX#dGE&*r4b8(%k@X`J|_-(oHcXyM#_tJz9~$+OB_bN^v>a?L(3
z9a`3HW>$b;d);oXA;L2)-lM+5Z05xG=MJ-rlO^24s~|pkX8g-&+4t}+bKq*ftQ$b)
zZZnNY=;=O`!wbwDK`w_ZaTmxGn8lKa{8M073leF9Q-6qRfmz3i?@xhgt?^68jC8+j
z<sNt!s{ky|_K2M0W}AmUlbUU22JGPYnr*hd;@4sh*m=Mlzm^m4N%0&rT@dNv95YuC
zywQR6nq!s{VKs0H@gOHFIPq&S$5dYRYk{TDHJv)Y^d+EGY-V%P)JyJR=bMFs$g<{}
z%LKU=e(fE5=6rJvk(kGOz;3=ANvn|AQVd@u1<Uiz-9qL!IG4a(<b3ny*RXWo!};a|
zocOI=YA)o2G7@^Yz<lH|tuph4fDG2_L349}B<paC!0aLtQf5-_EjQy|r#P35m&D@4
z&uryp3MYQvC^z#3k$I!stR_3&=&mr+-|(Y~IdicYUw>#>OU?0uWD0+lnwf$e^EAz{
zOU*(-j$bLs3PCRPWa<UE&XZ{oWWeQAucc-uCw{$_nrt0KUaqW`nwB84UQ5j^PN*$#
zUr=R^e$%fP?qwb^GXmsUXq{!|f&f_!<S}zSCr!Nydef+U!rUr|Tmw8|b`go$^%7;R
zC(QV_cv<WlIM>2a`Gl!(($ouYlo3f6<R5X`{DhfH#LH|?m<bJN$L~?gP4{iT7VE&n
zC(R`RvI)p4vxP|L9vEM^CV9c^6l4<Iv%)_Ag2~<?52ep9n2AI}ucgEJ2iHmxWaZRY
z_9G{$LMy$VYWjkiEr=W!FPP4|XxSeZFPIZK@oVv-naT-`3#>)0d3AtbEnYG64zu%y
zS$deAdb6<6k47hGtut2zNG#N3gV_=w#{>D$9QQug@^aMYW||-}_kM2X2qLrA=Vmbx
zR@p*(#?Q^}CbA>*^XF#52ZD(F{JE(U;U`p4DE)IYS&%(PQzrS`Y!@USZoDLMnQlSK
zJd)5%mKTZH6D)J$$N6*fkq=R(f*EyiBM<CsG1mz4HrPo4@`c&ONfG-C?BL4tOLP1t
z)S{K=MIiH~naxQ_XbqeeW&rudEF{9toJr>--<Zn;nS8M%YXoU{gZjodW~(4LDsc>c
zW5#dhwcyzX$u@H&5x#@I2FluQCVq-CMQlIRBAb&8PN=us4y4VzDM0Q8@{?K2Nd>D1
zt@%K9nDv}A_1f&lvPvMk%vM3<T(HaRA`;VnEw#li^OP3fLo92T84Zxffc$Eva6)CR
z1kz;|a?%v@*mCI0K>jeR1xbM?^LS$ahuIOZgL(cBa}Ou}xY%okKJ!aQnSJIt0kRe>
z|7m6u@kaLnvrrH@au1lxh_K_tI6Yvl5i)XSJYY6+;`g5eX3FP>mj1W-P=Mgx^PpKv
zgymgN5&NI{2`9dt|C#LpEv!YidCL~x@;gwAf6PK6Y*bP#+`x`u|C-A<@$LL;?&O4e
z=EorOpSeFkz626u4Q@rtO}((MwgHK=EFv+oAI4cJg2;XtXDMHBE$?|j534{B`Rt~r
z^)e^a>#(o(wAPbM44(FMKv_pyabNlM!kQj!4G9oD#R^$TMA(Jm{lQ+=EKdBI_Od__
z{+fEo)z>lBT>(32`53E`h<C!!+o}_m<z3m{R;wUOZ=l;6y{(J3`X25EpL<)G0kRiJ
zAFG`RzjcrIwT`utzvfz;{10S~v+6l1Vpqe85%WerEA1PU>4=d&_p{#Qgd#>VjRAtu
z=x2QzAb3-yzqO4M8U^@^XbIMCPW(H`1Fb&W$e-i4&~If9v~)r6?7bYi=0K~72+u8j
z!OlSI*8oWXa=dloc0U?Jfeg0J3XuN;GQ`RbkSLI0)?y-T#P^Iv!9b$5JV3^Q%y8=!
zL4Lo2F(f0bMnSgR7t1CBIn`?AWG)*Hb}j@m${PGF)e9}B0|{GcoD{LI?xUxQnzcrd
zxRtP@1sUDiEeNjOZv<jkaX*qBBzFOcT8ROIE$CR|IPu%-G%MjJKN{G_PP6*7a}vU5
zc7<SPv}F-t`%_}sS;xT1n>AI)6j-z(O0seUkxvkktTI8~d6Zfw$*L80R>H~K8L*Q|
zvJQV!AjvxXO@Soq@HYj<Seu3A&Smgr6nOu3tkq7$TfvUC4nIvDXZ;tDnGf|EXASz<
zuX`nsv#pB*WEGHetsEjDxdxbMl?gJWB$mAlG83&;f?T^0Zk=(`z=`P3(B~&w&73S@
zx5GN>O)j%fkoWG4WgCG^vT{4npCznz4}4n!$Yg8i4&TG?flRT+2grUPmsr^Wa_kJ4
zt*y!c83p7zYiOr$=WHOiTFC)21IRsAUVz*Mq}Ynv$+g(fd9kbl$V1kN0kRCp!<HK$
zPXnp25_b7otASKn`vlo}Haxinvdl{Og=Fpk@;)br=Z$67;dx`(5qaZLYc1LF+Wm2>
zg@||NP;GSyB2O5qt@zzkx;$a1wk#qcJeR=TU$vDcWMp2gw(<m#d9~VFTLjG&xRqCJ
zm5~hh2T#bWtreWWS_@Cnp{7q*alcaOI8MI=@|0B`AU^|n*6Q<{FY_mm7p){t{E_>z
zl}9pO-Cq{|_`Pnm^>9E2=dab)GXa99B5SOABCOx!SQdK)th%l7d#LoyK#qY+L9bZp
zf;7X({U1Eje8no`#9z0(Vm%cgA+WR7S}(M|f&7e_?NuxF53(%3u2W}~a#F;e7I(~E
zvvvrwV+p+v^12n;>uaIUuUnY`f=?OVu<8ZDx!^b`{Y`5h5pU$aWhLz6cD&P-w=7o>
zxsQ9xN|Pj?&L!Tm@`!k+-)~uu2_n}LZ&|B}@U}P}N^h_>1;|N2-nQC_@Vt5|kasNh
zC)Eq{Dw21tp+rJ5udcU}1d(}ly_F`2%&Y4~yZgUTw%*F+GF9yN*BQGPPN>#fje`6u
z$Og;akEK%!>QMT7Rx&3|{7etuFlw~2I4NP+=SPD~qg5=(m<-0r`_?K!;^8-p&H|Yx
zYdt4(*%Hv21mpwjzyU0)h+XpmoP`7V&`SQB*PTZ!9mpoDjEL7>A6u&gk$caNtp-8x
zOy*cv?R{*ua#F=Uh1L5ku=BCC{UBQQ-@gCEf-cKT$8W{pnxw^Q>Gn&%3A9?Q+JAkL
z4`hqg$O*;g0U)i`$p27=NEwi?tW^PmJ^ULh6my&>^C-w{vkC)bHIN^yHcm>sy=S|{
zVo|FkggZOTKkZhcAo7H&-6|x)z88C|cB@X1`}WakYP*$l6xxAXf@eY>gtFSLyg0Hf
z=dTW{j0ltaoepb_kQoiP>2Mv@VX+>h)#j0*g2;VShc!-+{;+Dm^Mnp7jR<oerq%(=
zJ;|R<&|dF>KOI)w(cCi2*b8@!VGXduDi&l2?1hQMg-B)utd>6ntsPdOAm_rDaa(|N
zTAhOAL+}0?$WAM#7iq=9-EXwB%Q_%Pyhp5KxJ*d)s9jbH5pQ(wvT_BHqkETC-G?l{
z053&ie15Sq`XZ@f_dX0e4k-N>D?dPf1@fC!$w>vf{)SlA4P=j%dMs(Z0b0E>U}tCL
z1js-j`>j$=D%iK6buy3xR{U|k7M69;(gOs``o~J)gtV|M7Ht(W=%EUBj*4c*`*x7@
zh`Rle_|Mjlj!xx-dN}?r^3l;ul3{yb<em+rSG0?hBKFgLuoi_ZaZEI20NN?>MsDwD
zHW4-rPM=aht9P_i5X>YO0qGNM7>HU$>^SJpGl2AsHV@+du&r>4a}AJVqltsLWu7H4
z^Y@EJIUx`4KOWw9h$aVQaE==gjXwdknqt0$o2a-#ONhDwk^`0#qBVki4=2FbTLwm(
z1(7F;1EXDn$eu7Tnl%J1SFs@rV%Z&F=lG~~B9X-TL<UD|I9bA6n28<$nIX~boKSu)
z1#)6^A1Aa+!g>vh_898d6l-x(bZCI!+e0Tu+lhFyLt->;7}xUd?IcD=5@A!1rFtbs
zQvw7>Q(`nLKo)~P!=r@(@)(d2(b|)^Wri`ti2Yx5<jF){hBeztAfuw21t~r;mi>G>
z+z^O%3L;~uM&lDnOU6)*mUB|Yt^qqQfSqu(&v2BfVhaS(qYF5pR(>61jOeNWSr5dD
zhDLJByl>#zI4P<J2(FFCN7DiX*T&~X3j+k##+O8EIH9t>0LvNC?Ex8FEngRnJJl}>
zSIfCkH$ZT;d|xz!6SDIg*qIkC=cIzw!A{|rE8&bRn*4ughscRQmPWfdp`Ks@c|59*
z^2?eA<k@Hjkx)h%<>$508bM@!UK?!|<VUgFS{vOb$lrI-3Gmuzg2F9(<8*D*6-1s1
zuZ^Y&BF~Z5M)L%b`<=DXGC@*B4qqFs7364<!`DVPa{|9C2B%NCP>Z$ER*mX@29SIp
zb<rf9`@>c*ie(FdycJCs<a$_LAZdu^3o->(7mI<s9j)YKE_(^I9s}}DwAes9MGR+|
zl|a@<n>ndqg$3|M93bySGfgT>_RROArGm(w`F^xDiZWGf$&awc1g)khvx)ozJ9;D^
zMRh^iU`PKUke29FPL{9=(Ao~<i)g1qT3eyryMSzqDlU==Rx<+bd;$43ns6GCUZWvn
z!HH^nG)<63$cGUiyQ6KKRI&5A;9drhz0tVQWO)k22g&}ZB8Ua?Nd@wEG?|knY%*xg
z1kxSNI-Ru8&dorWT`UONK@w}P5(Mq!1BtWOb3%6J0_kZhW60;DRoM9f>1D^CfyB?o
zeeFa}DAzp>GRN9UocOse-cAV+%ys?j&ar5xgl8Mf*!}JJaYU|ywZt=Er@!qAa`Cy8
z+4|dQ0ht%MOtT<wimX1s?i56}`v5!sOtLK7eSp1{lPdNxXsrc133kp|C__Er9U#Zs
z31<_@0e?ONa-!WS$T@-xv#%SEGJc*v*`CdbU-#km!vTVIKgC`ZAeiSz*f|rphhCl^
zX_pBicL5{qS|VPaA8EG)2<G{b_U-_|Jb$VkI)_{4TA1fY+3vYSFwPjmuw5(2$nnrm
zfoOJmGReq1uiJTo$f!o_YC&XFBlggVs8z+bLRN1FJBGbXkpBd+?17U|hWZblKG}9S
zK)OK7v6BMiFCeb{04MMb_A}`ma<pB;iNB&AZ8r-dpUaH4J0%g%Wk%bf$yBf3VU1J{
z!(z0p2qJf^qwO+5<c{@pyO9%r$C_l1NI^SAOzv36*ynIU-;u`oeT<zJAh=^a!>$!X
zo?f15cM3cCYZ?EF^_jMN9$CHuRu{OxINQ$Wq=Y4a!!cLE9A^(cpK5`mH;{Ae>;M@6
zB-vgQAj5!6vIkG$THaoGvYjM|+$l`9(}}PhakML$Z08CYxlfsFR|*;VL~OEMCu9b~
zsXj(^vfVCZ@Y&W#D1EXWno2(7vn?VzCq-=OZ_o$1%v2#G?{%lx-Gazomtv2+fb7U#
zmttpeQp8q3?sdV=dG-oUU@r`<{Q7Az?0mbGwD`(l9LP+utqaM{wg(_KKrXPy2grp$
zrrGNSkv-vJdmkr$Pq@Usa2ne2dqSE$OOSeTzL91Za^m-mOYQOi!M<^sy<d>eAwJWg
z^y&6-spMgYATw-5klqi%ohFdE!p;%|-)^`bNQS-jV$xa!b-$UDK9~69ZXh%5@&K6&
zB-5@BkcWX>V{hfekLoNtA&qLf51#%n1DPy4U69)@fLR#Gb#}2JvOj0rErQ7Ye4{<!
zQncgmL2j}WIiZ~S3fQ^H9vdL*faKWeMEF_CdLTF3c|`abHIiHGav>wnQf{?t1(8|w
zR=Zgcd6sgk-7f4b{tKRxgPmLLgMvJKkjQOz{ACow=LW#I0GT`N{}beIILqAv<WBoc
zL9T-PB;NqZw=WUI6y#p}20=c7@zn-01@;4i>^&itbpn}fKO)G^K|~7e)q-3;gvcEG
z13_Ny8_RwNtzx@Pkk1<7D~>=)?1an7XCx<`4{yxbQw7-#wfG;%EVSzc=?(jCtb3Wg
zNs!U7COIk-PJr#71bKNm+>C%{3XAQ7f}9Fx1-(ILseODpmDOhfJnscN%WPc`?3p;;
zAF~$_;bRcbWFE7h;DqLafnet`dyUY_f*v&t$m4e0bh3OokpBZxZ6^wX&k!R(p0Ha4
zsoxLZ+5xiM9y)`x#y8RZsO9!lL8>A0n4^~4*@C<#a@}%!l^_YwUU*w$x!oej`5s|c
zkmaq=Ua!HbXt}Km@*%Vrk#s>$gZ3g)EXdQ)UU+h{++HKd25238QoP*WF32xH$iw&y
zDk}rD&f@iI6yyhZ&t)PfaaVE~Z{@JuP83A;`Q`RFPUf<2=g>`q<#rko-WK>|7NS8~
z3?n}UEI(;C2(o7+ygdwLh20*ogHLZ)*xj7?Z(yykt7oD={##m4*;|Rk9Ca#u-v#VE
zWhY$4W%yf=vw*C$Z{vhA0QQZQ_Sz!&AF;9`Qp#nj*e*CLxPfbhGSN;I+b_r}+Y)3C
zgIjwb^Nigh$OO1scn^?g?aZr5Yc;%8Hy22a?OsC!zk;<8$n$oCATB)LsQ~hVy<L!7
zAB<&q_r2DRpM_dW*mZ;9z6qR)ylju>q>9}Gqy}Wx*ja)MgjF|^SM5?k{({}a>p)(&
zR|z|JgH|Jub#~5m<j=XU!52P(ylvM6$ag^2+ijdwu$Xah%N<CgtzVB?6>L=)b}lgM
zePHKtQpFC!doK7bi)Ope4dgR^6Kp?deQ4(iQV+M7{sXefUM2{(a0tGXy4ik{6KWlt
zJwLVoB*NtE`I#MeBU&!u1ZU4JcCjFG_WaVW=fs~qzq0$^gj)XWxz!#eh@3sQ+R2>w
zv**`#ZGhnH`Hh{BL#4}^@mo7p5IHk`cSMi+&YpTRYE`jKcf)BA)bu;MUXUqs;kO%r
zd~e6!LNfRUE%uEzJ429h&^Jy6nIG(GL5_oe#}nzF?BrWftAhPH8qO_1rrlmg#Cr$4
z^9X-B?ae|fauK{+09u`Pd@kBq!j72;s}vx+>`XygVBd}3M%Zna3Gz0y*M%VSo82bJ
zrSY-seaQ8{+kI{$JL3iEvXeNWHoY9Q_Solh;=jMM*Pb4b!CNtV?QBjeSVK`PyBf6i
z+ZBh&{AE8GAULNSwCjklJ7GS>%+_tU3Oj{h=c6-V$7**4w6Lsy?EeA;=UnC_+>W&<
z3AHSx93JbqMA#!x%j?0PSSOv6B320`2gp&*K~DVjMh_?M4zyFrPU;2kH-StKX9gz}
z4J^H<b3=gOjMmF3B;uW=^mddyvU82F)7zQJiEpQmb8~>8o#UKhBBA$VX_o2dv~g0w
z<hObIIaBWBHRbsk{ps(_2oRj{2RgY#LOEhi8RWbjkU_0M&gKBY*?fr8&I#RO%7?n2
z<gB`jqI&!RYMtRuGZA(_WJsKwhC6Y0a~b%x6}s0n+({GU))3tY8t&9`LbbSIESxbq
zyGVxD0`Hie;`|*Tg;4tcIeqfU@)Iz3<6Nma8JzfiOm*gwj2DftQyC!G$0AORup?(r
z(`i1;j_K?PXkmOT=f40!JC2iZ5BYO1tOl{Kp60lmR5EPkh2ZmPPCm(a{)~1?0tDA}
zW1MPXN8T<T>vRU}V6PkNoOCZQ%d<1i(E|i~%h}F&B3^Hq;8b%0Unl~9w!pL62~K-J
z3+r``vo}C+H8{};-ADD3_mL($8JtjiEe3xkJF`i~^XELLEI@FTJJnf1B=r7e^bBa4
zvtE#_>uGH>&1nm0;a+%}vpYa=Et=}wQsCDeR|OY4g`8BdFCiy93jU-yZJhY`x-WAM
z2y){DD*ZAi{(iL66f*;E0DcAk?=nZ>#2@dMIZ2$9cu#yTbFu^EYlz`x&Kf~h!8aSx
z&gD)!Cmr5<{g*p&v$3oW@BY~34*VzlHT76Ak-n~+?vy`_#DBLd-AU(KRjl=ISl2+k
z(w!DgC`;4=neKEEVJAT8NM<-AAK>v}N5Ov~xx&dI!goM*Kr)<iA%jnokzDE23K_Wr
zn(1s7M6L#BI=eaPh#C4LoCblfGo8b~H8j&X{98jaox{I1bd}Sq5Iv-t;<?t<&QKzu
zTkeYG->baFi_b3*pLgIEflvD0N_W*}c{1`w*(}H9c9yVrFNXUGXTzN8Jje+}49m)L
zmIuf(_!`2s&f5Wkz3zIam6IZN`lML)7Q`ppX)Z#a=d$mAg%uN!o18v#kZe3^ACOI)
z=z?ti8CG9Fa-6AxEI1!p8OY5}4ksn-3(@YkIB~^jX9>IWRhqkRaViCovw5ylIFDrX
z_uy@Buyeb!RglPJI5!58=ggkZJ>+8$*S&W;rJOXe$Kdy-FdN_Ptl*@IT?-@S9Ei`|
zPM=cLf?o`QmEJ#KC*Mioq=U(xd5?(m#-s7%q~|qo|3{F<9&PabguX!T^~kB>cKUrz
z2DdYpZ5J~4Ir)MN7cvD-IVXOfFL0_ksba(0;hkErT;Q|?$VotEJIM?DnqqrB;N%4e
z_Lf4YnUju~M{c6tQsi`UQWCm#3!H9(og$~3lctzj*bm~!EpieTqUA;=Yf<F5g2<W{
zIXRs8QJv%ULs`}wX9<__d)*voh0wxxOK%?lJ;^zC5tc<V*j~lX-~hqfkHyZ20Kwaj
z^Bjv4ijM}hnD2}%qZY)7*+5F2Mo#D+EKEdfp|hQnCU4{}a=JMwVgJG{9URMxoP-C_
zPE#+8&p5EN$k7GC+kKcN7CEV$l(5;!lsC$p93tK>@<FFqXvw_sptFh-KdKKp`a=|F
z8Px}!7EX#-6Pyv91EoLY{Kv^WCNsdpPW;2%L$5!Vdy&V{GzGNE9gE9Qd@kZ-WVs)o
zbRZQ@as?7UK1-YoPW<>(It85g@u_qwNv4;KMx|3PWMnj!I;}*!XjD17g_ev)mD6W2
zuSLxLu&4e4`f8Pv$_e$%Yrw-QCz}&LVpUF;ATnZAPURA`<45cfr;(F+?An{??#eRf
z(Mn!ZFNVvUT2B1l`{)rdeAM}n%lN(bQD=LAV9tEZQJ11+lEE=p?TqJSE*l3=ce9}u
zPdIA?84cO^Rv^or!Yb67%X-2nxEsg{M|lKEQ;clEr=65Xkrc5qIK#$!aZfu1oWPsf
zBKNLz8aY|Q%q=kb!Olu&=wqlw?LHsKGtSfisQ~hvvxF1MHp_t2IO_sr1&|k<E>0Sm
zjPpxQ%HwF+Z;O|mVoo}GefT7;C0=%_IVoW?p{BU@d)cWI<UR3>^<}47kUGfN_<IU3
zI|s;4%%@+#$pMu9vXfiQqv7@NHL`X3%CbDtLu#!ND+fQ5taa+R9U`xQ<+aXwPUysJ
z9gsR_D<>UZ<X?9V2qH88>rUbm=nvWHoeXCVjvgS`?)A>;0fO0PopVlrU^af!N#$f?
zteipKavtTxUjsBaF9x(2>`&izKIf##>%HrpPC?`vV1vV!Q^e#NV1siECq-=CT6+I|
zgQIg&%#vOw@}BdoAWPsWFs=$VI`x8-!nbrV8#g-rp7iTZ<U~&BnH|=&(NQ?@>-D~q
z#fiU$Y;y8Asba6fs$c^|zR77L8TJCK!#4r>z{yzQmxWPncCHT)eA4%!Gdn;&2dz!c
zf&jrdf8<ni(!}J9w%MuU#9y;*cDhK*%lw<2&{J4Cd?i)f*xc+Ca^lx(v!guidx#PH
z*clff*j}GFX++q8TWHSx%*hXsufgZfoK*pWHvm6(-sXgQW*f+CaauU>=k8XgOAy&J
zTaTDwTb*$$(ZeSG^#+__zi?_fsbUxY2KU0i@|R94C;mwJ%K0upFos__I|BsQ&s&{+
z0n!C_zINCuEX$A2H%<*Fe!FjT>NugYFk;)B<^aKnZFj!o#IO7JP8TQssBClMpTV*^
zVr1Rh9G4TS*I(dIo0GxG5?)g_3r?1td7St){mFSaK(MAiIgbSh)~nrlmJ{;l7_jrR
zQ^$#4(;ZI6v*?ds(@rOw6ThaNPC<ZRO?NtrIq_?{+gZhlU(;WmMnPmve|2^Q>|n<J
z)!7>$n6ZC%*mLL)m5!tG4<~^W-{-wfeGSS`>HVQz`<#{lIT6TTP8TO7Ar0mf%;5)}
z(DOX<UY<YbBogs5_CY6C5b1NbQ_qQC({87QlO`s=C-aX}_X1k>zd6I){1<%>afW4X
zGm+4b=g=$@>$Y*?YsI<+wPZ(Hj&=2yxE=N*tne|D^l;Y;g6j=j<@R)EzKk+{3-)wx
z;)Hx23DM~3F64xwiocTF%Y7t3uq}GKs{#buqOUu6HCiSuoOj~g8cvGXQILDv;gr0;
z+h+}z;d3{}d4M}o5c!>f0q!^=q116y_W^F2kdd?J05>l{bntnAyOk5a-4opSSFkL9
zHXrC_3nEwe$GfXIfiEw?{>uS7$Gcf;QH$0RV}T5Iy8`4KASbv<ulhB`nejxoHb5})
z!`%7+!Jc`NyQI$7!ZCQVyNVNk50dC^7vu++9k9I;UHvuGYU=ej>{IX=P@<bG$RK#z
zn@9^Me%%w@%-2!NU$+c*%LI{Yo8fLNCr#|($+SZ}#Z7qwwU)3PC~GRz^c43~PW;|7
z!tLaQ;*$n4BV4^6wTN5+WTczN3H1bw#{apU0fM`mQSRV%yk1`EifeJ=x0m8(bK=)a
zb(=Y%vaW@)!fu~8{nB%QXs#6?cL34dd`^6S4EI$|Xg0@nrs=kjOz0zsD)vmv{e=_1
zbjuCBg=P63M%{6O$R1_88JzfQY}+m7WC?p4;(R~&W4m8*;z!kSyEvhG%>x<7bsPM8
zl>u?xdpV(6V2>K@Rs{%tapH8hHb5})Nv`rX+9~nAK{3Xi$cbOCF>X31e!b3c%LS43
z8tbm%glbU*{)~0cdIv50wHW74<%B%MIc1!C@4LKoelD>bw9a&w2FS}mCb%t}`2I|C
zt@Wto_uk2FjUcl3PIi?IRImSjhq)9+Q;IuYkU?FrvVhW4+^K>Lh1C~+bLKoZOAreP
ze!urTH&+mOHh8{UD#+avXvKKG+bYOQ@CyQ1))aTQARB;SSyS8tf+T}w{0*b2Zv1=X
z;S3<}LQSW-LpiBnDZjx=5Xc2?h9GytDS8W#Y3_W|;t|6Y(M9euBK*_{_qi9l^_(<$
zr!*J4+c}~B^9|U!*d4hMODFOJkW1VgPN;Qo3|{Is1jrdsugl!6oX}i={pWJGi)2Di
z!m}hiM@n}?jl5nA&!~x{y^o}bos~+zZj<hIaRR?e47<_0;Z#4}Rhmd^<56@+Xu6yI
z0cov(3|bH0>6-4=2=YFZ^$Yks!%b}FGNDEA<^qn&E8S!w-YWM>_i9f3{&S_9$BEyc
zXS%h5$o_nlyO|S;&ps&YDmVT^EQ`qhfMmLtapLEVYuxMr!5GeRmvQ1}(JXfj$#@=S
zxgT@ldzj_6apHS;t$X|?EZyG|UFRwRg6pX3-BeC0Sj$E5^eGG8=X5{iWC@$!%vfI_
zIqp7A=5m5__pNT_M`)R327%0NZVe|?(^G)tx#KtcbytDh>6UQf*Zpp{niIdK`ECQr
zcs0#;zvjfRX}-Ig6Mrn<<M#O&%kt}fkDJU1`Qt$8_qwG4at4t5+)p_1{kh-$K0vT7
zX1lusBpI|GaL0dwW%)iAx#^sgcs>`ocXHzUT;!H=;`=<utr0}#pE+(DCspjyWVlz*
z7rrp#j{MY*;rUQ{v6~$r7Xg{)Zs3G!fjNA>+ZG_0!%N+S7PRBnbb(t=#LM9e-8F(N
z2-7dLE_6TP#IMCdw~Z6O7K>c=*`bkN<R)?A&sJsbrJPXdxbv07KQSwFZ{jk3Sr57e
zhgp8eT_%VeaSyvMa^lYy54-i8P`h6N@p;(o4v=erl)LAAerPlnyO#tAw)+w{GeEH2
zE8RLy{C2N$H<OIl?p5wiPW)O_x!s)jJ@XOQ-9l};Bbi!xnOi0Zp19^fS&zD10dfbB
z$K3c<-)Hpj|M@!m_%5ga@n4(Kdm5&urlvcK(W>En-Cq<fmPV@<i}kTIOoq`=EEa2~
z8&+0Es}@5ktSq0E(J(VCEe)f^Fg2P=O|9C8-|OaF?{iJx$FG0n+3URS&dqhMbDeYE
zCH_nzJg&|KnU(%Jmhr9mn7@{;_O}qJ4eAA7y5@t-YJZm?z30LnD<Gx*_^(m39G}<t
zvxv-7zTXX*0GXHl4IZ)rNSQz58!R<X+4~5beS`1julZxXB|S<htbyP>^L2kQ5t)tG
z{TqnL_OsSsFNoU<*7`%5P>*as>-<qfmMFvX;Tt22TI>A9f;|5j=WxCMkRac~SKuDd
z4L0~QzehbhyLc6Re$(GcM7EZ<{Gq#1M)r%h{1G04GwQef1Bu8e%KdRf_<pT7LGwoc
zRYW+4l|VN8lZePQhj;xMg1B#X@A@l<uyuT+f7f44WFC#i*q8t7AJxoReH2Dx9D6JM
z(>-Jx*xKq}>>+U=^S-}akni9*`7-Pu`_MmWkJR%il=|48O(akG1pW_uWv#z}NNte&
zO`+D`=^>bnPyI1JpdOaNSxTKhnF#l|9iZzof3b&r1LSl64@6|1>-`5k1l#j=f0u_~
zkNeV}^ds2{%;y{Y8ARkr+u)y1MAlA&znF;ZaXbADM3yTvU=D!e>R0}f7Szlu9xY&N
zm%oOH9HScjJ3ItqZ}hi%2(ILO?T`8i^>8VioqprbBO?9z*6;fnWn`;s@<$Mn_1@&a
z)I;#O{GI<AB66*=*`FeayH>f!pCyR9R=LOjG!brxIMdtXFD4>aMSk#C3gWiIAN<Wk
zI2*q~Hh%Dj{DMC7`p;n?Kl+Cgk@@+_Z+Hmi=O=%nhhTnw_Al@d%+D|WVj}Dzt_ZdI
z!&}jo%-CLk5fPcOeg0A+GGqJv?|KMktj+%=5t*_5{#HTUjJ5l_1aULg?(h98T9+AX
z_eT?v8T-Q@FNmA5Km7b{RDNgt!w*W}PwnaMo9`d~3@RnZu|NE|MC9oAhrg5v_nj`t
z^B?|J4>|1)*hA&NbT4|yvE%&tkl*nT>^pz@Gl|G&(_w!e5t-G){$ef_cv>CtR}zsu
z<%s_P%g~zwuE})xPk0Ef$sG0f*eCtLG3vNKl8Cf*!oPtC$8{D&angUtLn455`HeQI
z2jlwNpFu=M@sGcmWdc6`<Nuq8wDpfa{5RAiqfpdqiOBX7q^1#Je+Gc{Ahpaxh5`vz
z+lg?VF{>eJ((lqke3v<0eT)dV7WDZHwTNZlyFI^y^iV4Wc_ToYiOf^*9b_cf>Y;}0
zC(VI3piniZoykwZ{00=N776kel)`tSP_>@Oyg)WW)!&H7Y=o*^L}WJ3RQ-Q&e%x78
zPc@l{Y?(dPOd^~g9X#x*mV3xmK*H3cL}WWWTMa)T^Me^XM;%Q>)?m1rLPYu#u0Bgd
z`h2dsfe2eq09(D(_=BjK$pj$1)dfVP_4CwHBGOhLwVGuD`RSwXAtG({Q4bN3eXy?@
zeu(qq&OrLA2}IcXRInbY)_X`Akn`2wh)93>t6d&~*@#kO|3uBw!wb}SBJ%llfjXUt
z^zZ^Tn~2QV0Cj^PZVe7pK`m-N-Tlfbi91F~;*LlI)z3%|w_aQm9;hB-qU3-!T(cUi
zMjl3==PAz`{B}G<%_1UKn}?{Kg1EQD4^@pLTxvO-G{N=5q3WGPWPXOK4|oX9b}mwL
zh<qIE?r*tREfK`s-x8y4AtHO+C2Bp9c}hV)p0`}8CUj7q1N)IKRWq0<Q9tv}qG4)*
zka5484^!6?k(nQ+hW&+lq^($W5D{r>xLQJ_HehSGTE!$_YlPY?WL#S#)Gi{@)(AE2
zsI-N3F;bmP<m1znF`UE8)IuUPLD{gY3Tx*wwT1|172DY5Y7-OR6gUTss~K0QolKO-
zCwSbrLd`vfwzxgdgw}h7TIwO$KvXrP6J=QQV?Z=@HW6OWTo1D*TTMKUGE0=4*}=-Q
zAmganMEIs+T%o#BT_gzJRLrDI5WIPtNtGZcie1tuNC-sn0%*QcZ6_kvqpnnEpO8_k
zB$;9lc^$|owTlQxf$L+V)!3617v1uW)~{CMiAc>?tEogdKW~AatJNG2sRS}cZDBq1
zWZVWMUXATS%`!jNs>MX|eFtE!{uewiu2ahe3Hy$Jh5S0Tj)=5=o!UucxiT;acDWD4
zQd$4wNFP<;3+Fko>ZrB}lGmgtKLZ)3rv1$_9|Q4^gOg=y4HMtSzhQqg$c$GDp92R)
zo#G6CygKwBEXDcx45ApXj`k3&<r~yROz56BT;aS?EfeI)CYUKhsT<WQA~K2_)%_kl
z-;qoh{fYwHLd_G^GA6z+Ux(W`KxUF!CCHvq);vjV6y&NkE@>wsZB0@)&BM4j^BC78
zH7y8x!xH8FkuWPCkD3da1a`SkQA<xl8JXuPYMmf%4sTLB1#$CyvpOh*OSyHCqQ)}`
z<aw%^A!P9Vy&dA3s)n78r8xE@KyFcocnGc%-`b7fn^damXBpqq5C!(-X=<_{HMjFO
z#A#}_Adg<c>&Da6MMPwNrm1BtLv1yBIPAt$%RS@-`12n%_6+IaX?McPq?+m@;`@69
zywSoM(CunA6J_#eyc6|ywTOtcb-S7p%K5?A&jLNSt0hEaz0XizIaAtN77yq3)J+}|
z0j2IzKk|^5LFOLyD-YQO<bJiyL!zNnw%X9MyU%mfHbHRwIUDwf&ryA0EHh~}-vc~H
z9VEzwF#g~j+H+KcNg&cWYLbw70e&Au16y;{Y(c_-I7Ai+ay5`^h?EhL`I)2o&tmIX
zUkM}w4FmqvoIZY-OSqrPw~0AwA(x^W>_<_Qc*u>Q=TWuBL$FSB)V&^Z6UaQSb}~`+
zUCnpK=BiO=vp;)hz&$yjIaf^=q;)5^v0Sx;h>Rjvtza4QXEd~rT=f$VNdsH+)So<L
zCXlDpkaO4;{whQS*eXz?h)B%^>LivS&9qjj&hijkyLd*;^N`m-&qDR~aMUcv-sjXp
zB0Ppa1l9}H1|s>sJXj;bacqg&CWza2mZ-|Ps7Ly<M2#b|T)|&I&H+73)I<-t1!7;S
zW(e{qd{G@Y2(*ilR@UIM|ARDBDfw2iOs(pJ*4gK$z}7M~vTygemaCaWxHl~TnHSVN
zCcbrWXCub-qFN$|vII^<^+i%aM8@@^+A4^<clSj#JQ8h5e_mAMh_F9JVCzLS$wO8F
zS)o2hg#E#BtVAvK5Y)I*eb+-?g;J~31|mGO!e>FL8h<{@)`sGpP8h`+HC2#4FdJf$
zEeO`v+n{HSx`;{OE7cmcfe8D&nPdw4p=KskKwehgB*H$|0x45>c*u4juc{qPd<Wr4
zjkaD>!}^nl0b8%B(L`8tBgqta$ZjC7t80nKmbp$1i$XnY{a28ALyczQTL5o}2Z3x*
z9YN-v?vi98vIaM(c|_RyUsS4%h_v;lns|Y<)dezdsp(97I3K~Rma92TlyBgAJ=`x^
zu9gUyb9%x)&%2OR5Rul))m9>GJ&a^793XA=2C`9&CnEi+P^(zRcMP8IgFt4p+9*iO
zEdG7Q&1$<K{ot8{UT#)H29jpwF|m(&vl>lA`m<S0CBpt(M4EFvBo4@b)n+2npGq}q
zFlnaS&u})lMfD5v-8T5v4W+iIiGpBDxROY^AX|I0&s)?SK~}>a57tv8$bc3_8AGKu
z2-5p>7$u0*2ogM>=Z9O=W<j>Yyw?YFwk>K05gF+gb<Gf&=L2WKe#mZQ0%+c<R(fP`
zo$Wm}>OxuSCXlI8bD7X7^=UxfSIY#s1x~}=3FHH{Mvxzu@~>=vptcg>JZF+jbTn#~
zS>2{SM}%AWERd;I*LetzS|6%aOq5>-1}l$(%*SdA5gF;nsxlNc%XNv5)odbceIAu6
z@{ol<K2aks!czP#3CEUNwVDX~vk2P!r)tE-G8;>wRGs>mhpYzjg}Tl|aBXM1y4^$8
zfy|ex5<_~FnC<*L-KoYf@qPO}v|Nzcsg4%p+6w-Two}a@A|u_YMqJW8QYb})BYltb
zq<P3EKz6CEL}cb0)x1k(T=<6gwYuIzaCPn*wVsKxP0S&`RXdpY9-7X-aqz7gHH`gn
zR}a2b7YX7%FTPbHVo`=YtOtL-RsA0F4Uq5DY$DRb@6{F}`MyH<<?Ey2a37J{$waYE
z3s&|(soiSiaEd}%{XE~xw_7!s_}o!qx0)mf_CXvacB>hplsii7RttoTd&l^0b*&)S
zmk&~@Izjfsn^r4XZxdt?Jjt2(Ms&}{Zgn&fj{SEkRYpWc+N_q0q$p@6^C!scQ7eeZ
zdjC<4iz6A|3oVNB8~F31njlCKtY$DtBf_>$f}S5$xHUGA`QQxLpQ&!;Qe-O($j@q{
zhx7*Wi`qs+df2Kum!Y28AQST3A7p-2)0hOFalfj$g1Ghms~Ube`AoL(Z@;QhMA*Y2
zpl7e@ct|XeHgz=-Y5g~~+@t3TkojG$W1<vY8LZeq_N&oXkcR<(_N$H{u0Q+LN+R65
zamKh`tzqKZ3p=!NKHsi3|EpBH`nRVP_KS8k)Gy<@2CV;~4k9AQp95+-5jjUXpf(ZV
z*vCPs18S#-Oa^jDouW$3w*dK5%_1VRaYSuk8D9>3)5PB??oiv91b!i?Lshiy+2~OH
zL^$@1utL|NHhKt3A5|~VrS%zL{g@g@gnga~q*E;<B3tHhwVX=@zO@}!8$6{RfKtcR
zLmu)NkdtbXfwp8^UFsep?BSCj^FOtViSI)NzQzMlv<Q<t^!WzCJvsf6#0v6=7)2E=
zo{02N(b@%ZTY{ohSY%xp1E)Whk>+q42}imbNQf5aA?tvgp*>H8J;ZMuJ+$>6g7d>r
zt&)jvBGe47XP&7w2r{P&ZZZa$GqpBPsdCVKre-*3UHaTpOBKZRxu<rB2>f=Z@VTd!
zc%}6Dzo6$FEz?6j1ahwSIT7|5e-o#d)=5NW{yZ)FD%2x?HLQ<TB#8T)cYU-9LGbMu
zdrBXzk%;uUj}|sc`cnti`)IKq@)eLsZ7mUL{d~<BP1b3Y_zq<HY0r4bPeA%>MIM4@
z5TZ2y)l^E^0y`GkK;{B1SrC6G%!aOoQ{mcdK`sV@_dgHNN|*$0o*bZ65s^_0&>C5W
z{P_qX9iX*)$U(3*Pz$+6`iw1MuomSZ*uO5++K6zAItHbNYO~{Ie*Ok>kycD3-{+pG
ziP6dhaa&7_R!2mREiqcwSkyC5$%A)uJoy`=9lDlDFx=9Ize|3J=3K|5uMW4h0g2TL
z1Q`G_zPsUjlGY+fhz)P_K;pFM1TJ;!1o-_2AXjKr<B-Vw__a1799LhE@oS0KqYRS)
zKvZoe5pH#(p}ur2&qHEB#?VTM$d+Jgoh+ji{R6&$jHN}5?{3}F96{WEVQJ+=q#jEP
zy8%nFbshBBTC#_rKUZn#MA+wekQt@rdB}}GuGZ?fl+T1WV|+WlMr#q|$YcDxxJC=R
zk!<;Tz@3fQFRs!2L}bRU(He-bttp`S8ZB{x^bkjYF<KcB8AZI7ktAhOq10F{+e2mm
zxmH`mBycBlf>!2{!4WAzEBBClpwu|6&O>Ga8LzbnJ+*mo^EQw~ty7SVK|DK6)WRon
zr1!iIt2iVRLqtZJs6|eaKI4o!QLCHGr8-`KdxT(4a)Z_)hz9?TBjgQQCllooc#G@>
z{qzPcd<vG5ns3l@h;R<`!8+*iki|f5)RddBl+0n0wv-6Bgcm?&qPBqvy{)4^leHQ_
za&F@{vdLPrAoZ|9jx)x|S_cv7&txs>X0*lrtO3oFwJZ-=4`hngNQA9#0&<h)o7&yO
zRIQ6hzVG9!_$$mbE#elG$@hH)bDKhV#7)y;1$h_zWfCvQ9f4A*g5;$K)3b7#mMzFY
z@vNMtEg~YLn5LBp;`XL#+M!#?!@yH!n#Qv@&MN-fbS*Iz|10M<w`)<;kZ?AtA=2Bm
zf1kyhp*=t{tY_5)u$HS85RoI>9a@)1&!?d04lV6JsF`z!E$U9K-9x?vnY*-355e0z
z@7A2#u+%)I40by=fy_PHA|m-dA3O{2ojOx16XeJ-msAmv`N`CbG>TOD;sESY0X>=8
zAtLP0??CR=f~HFkw?k{WU+d)|he756Eslt6nX|MKBAl@<kjd7XiPVPvRRlM_%!FO9
zS_hM$bKqC4Ly08aj<%$S4{5nXSWh^~w0cNiAP;LHGo*)ufy~yDh)92OG$oy6e7C_`
zLM+J4)glGSfiVHsf97g&g7lirs~K~(1VNVEA51-Eu9ikbdN@~WBqD9i)h6B{{lS&M
z$F<u%<Z`h7gqA~u<8pw^(<)iU7g^8iQBP_Og498Nuuh-U+K5Q&Pioek(iXO#C$;e&
zf@>g8X(=9p>m+$v*j-pk>Y0B^FPN`IlZ@;I`C2>?ZX39InXjdK2x=_Qa*4=nJfpP|
z;Yi0oqzkm@46+`2PYq{&q2>sZQ^#wJ3$<h>f%lz-S{@PBb3N!;sD<2(dZevIS_zSS
zUp8bN*AEwK6@s*W>ymmRGWNx%^yS5(FLR{Wm!H)VW}+>&J`t=xrxg%knG_&}TC0cP
zQ+TO%$V0IF^IF(F-F+_7s)^+L9uZHFWm=OU1K~b2d@e834lz-hVcv&3UY2Q*nW!gU
zF|LEJYH-iXGOdD$jBA-T=w6hO<Igg!kqAd|JNUdz>+q0FATMai_mO6rAL4IZ7Hcg;
zWS(ErlI|xNpZgn^E3^zj+~2`mq2&^h{;bfdh_LlpU~7doC=2yS%_Ukf5zZ>kjaO=~
zcnIDtze=kjA~mnpq8?y>a77XCjbE)fMA+7&U~9FO>LGbR)@U7EiXz2zt(Ub6AC$4T
zK@Gm5nI3{GW@TCulfX*Xt6ByT>CdZL0g>g(tI(Ghf~{AzQbF<rc}?pivV`7hi$Lae
zZS*X(&OVm_S*xXa$ZJ5}&{h-S{JaTdy;kKR_)h(%)=WfZ^=&O7oAcwoQ<rOLOz3WB
zJY`d^<q4UXN}d&zYb8WvT;*Cl5%v)8F)7z#A41J+3uk&8wM9hO!w*1alU7QkHgsV*
z&oe8uN<p54H(zYw6<Pz6K!2~$!XK8|r~^F}+Py?%T${CABDF#7aGrVx$h@mH5n=1!
z5INu>dw~2`QyxLhGOkK3k_gB3E67x84-t{JwrKf8STpL`s+F*wpgZ(nr5(t7S_hLr
z6z^$avt<-VNG8@p{s-iJEt81+2K0f}ItNS1o0GR`zDJpi+03)JZQ39~+?Doinjwh0
z8oy0T62x8Q+ooj*(j$u3^tNfag3N>U23+OarWFfv67EmHwZUy#xgdYO4x>Kwf^Axz
zAi-kAew)@JNJ4;g3gWKeZ_~mb>z?^-S_~1+Dn7rqX{Ahj*A3uEtF=l&YK4c@T7w|2
z=4x$FPIt}Knn8r?G~^ywd)HDt<ZK`xX_Z7|=0Dcb9`By{8ZA!{H}f@Gi6CyCYqSbM
z+&tH4^@6yosWn=wAns~vjn>5^u-;pvWj;aH1M9stS}7Bs8)=PJNkq2Z8m)l{M|vK_
zRiho^QZ%yR4vJbWA(u20!5y2QYBfZ-)Icazr;VP+*4?vapJ@exxO+H1)4GUA>z`>6
zPhu(gl=)1HCBk)j5orEQi}#Q?AYW)H9)k70U5kGT^{_t%$b6~g5vdJ5U5EEqAUm`Y
zLAK8cra9yet%6CQ$L-Jt=TQ_CDei&Up<T%Ymc^ib!QQ7G+I4~~gZ<HXYh;5qQIKu0
z&W5WZJGEN{IS+cuSg`(;c87-~0@<Zy3$hqmCdxEwk9!Epe61}Oq&MtUL(Si4F9<Sp
zEu1ug-t?_jCdh}-<|jj`ChfNQ-J@vI<}*>QsfH&$$vo$hX!zO#b^4uF=^<$#vs>FK
zh#Pyewp$Q4_C4CKf?(`DLC+7`K|wI~yFky6+HpZJQY0<fY5C-#axwIGoFo0Doh8V&
z3xbu93t{bDixlMRHT;$H7cKs2S<Cl<o?o<d519?*SM3!d+<x#Kf3H^VAy0tJKJ9%E
zc?QUD+UFkfJdpibI}tgCAJ94q$Y<X%xHS>qjt^>K&oFUU1`cY`g1GAd2Q`O?Z1V@T
zA6O>P#tv#7OcXb(2erQiaa+_O&9{Ivb^^YzVB7dp>nq4e_`-tZuoml)!4`Ey(>yXr
zI<(P(yaT&yu<!h(J>(&!AahiE+C$a@Ij$9Z$h$zgwBm*A59+A_qUb*h;@044db=Q{
z;wx2%K4LMI3dA0wU(Y1aze4n6LELPduK!06HydZ@8G>LN!`OT1k9Y`1>eJ^5f~^i^
zLiIuqL76l4mjrS9S5Li65VvK9>2C>=D%$E<dZi$4A3R&H5yXxC9NqUU=f~}p;rhS#
z4TkG)Jcly!Eh${DBEsX?PVg{XZ}yPgKziv>g))af1L>{j5|M4SkKWEQzPH4f&{q#x
zLZt$$VSV*zLEJe&Up-zB_es=OPZz{};`i0_1aY7Eef2Uy+$Vlty+#oCiQiXm6~z7W
z*jMio1fPSrj?`C=Sjri5zdZKU{X}Hn>8oc7Qho{CIt6bo;Lr0i8#rR0uNQjALCDYf
zdcB7n2hv|}W#YRORzz^s=mNb<5ZqOTyD=}&BZ}Ccxj^vS#07dR5qbCZ1$v4ghvD|T
zFG)`sk>$#M_!1G62`l7!n;^KC?@S;Ab>A}7%(WZ=WU#)7h^)aOdew3n7ru92sMmQ&
ze<&5L&wfG5;M&ebdPK1#`2HTF5Au+qQ0fxB!9#G3XqcY)B9&75!P)JL!L#A|A|}4O
zj_|kR;ra$4Q&9kK3GgO0TyG#EYiERB^%Cm|pBk);1Y0BYtQAb&0zDd#k$RyZa{^?8
zAj<-zj>tR(OI=B&(n?Uz66N(=xECEroL;~ruoLw%{h?KCt7QV;t9F@QC`kXOU={;!
zc9-c*9<mdNU-z%3Qa<<h0(3o@iGnvv<L(h%e}qY3)YA20BFlZH@O}9y8)Y^M@(z%(
zAut^3RYYX(HuRLWXp8H80z_fxvpu9W5^}A7Mnvv;v-J)S!4ccmE8ZZV$scS9j$Y>>
zQ-NHim#&vG*fy@#D?H>*kQt-T*dS%_Z`bOxJ!BThT&F+lA$Zg5IDNH;JO(o3^^G2q
z2joV*hR8hSr*9NxF_4LR%A3;G3qU684Q~@sjy%Y}Kzg%&NRXdrxg@NdWstlArEb<s
ziO5!$qBm`18EkbMKqf_R+ayT^kX!VO3M5OEpWrvtro-;XTlH!|s{PP5pnpx%2W@7V
zB<Q*CL8<@fS%RoXS>`sqi^x3X>`P&$2Qq1T#DCcqt`au@N!QaVk;pmioq8UTJmr1Z
z!QKQicj_AixfAvXy#>-4@FfcW)Sm8+Y<G+2g=`7;=rvS|=Qe2L9(|{Ww1DPJy^D!5
zRh(S7PmkWh9=azN?mI>EeR}m)l#y-qKHXP^gxl&~(0rf%G!eG`2ax;qVj^<X%F;)?
zPqwIK;@=+7ukw%%DD|M8!o;^M2Yw$ONVc9O$bev%6fjZlgt=D8y(km*0qT?Wo~@@4
zVGnzfOcfF7&qMmoZPK4!AoH;9t0v-m1*~5LBu5`4NWVJ%N|mD<g5d8L;YwhRo+L;!
z5cD}m&k!U9X4JT<mZRqivP=yYGQ~us&pG<0c_1oQJn(6iqgQ{3{>aSd=-D43;kaVS
z!zLm!uDN>r$1<)fK<07%9uFA<<Vn4Vi7$Q=?1ca_U*8}I{x&Y|j+n342(ofKKlSG8
z&4Tnxfp0QYs)LA(V*V-ZXTF|N(>;p$dJ_?jB9-)He<FQ`N2QXlw|NNu+tYenEy?(X
zf5f|{3-lyG1^~f47wFl7G<^uaX+orgi1e^PuOh<MXMptrebA?<S?2H=eFYJ2&oe=0
zfnLMJr@~qLSwI%+&4MJ}#e2FI>s^BMhZ|7wo91FYstz?v>x=bdB5ZvQ>8T_ltv{=u
zB*NBlo&PyK>@$j;`VOv;7wXYWeD8e1Yu!tAN07!>c}}uaPbMO*FFmD=E!EeOjBH~|
z^-dz}VJ>*MR8Rd}TF0l%^Sb{FNuCCoB0bSV(C6j)G!MZq*DvT<Onez%@Rx{Uy?}}G
z-~aKK>tel>i1fKwkElmm?9WoLRjh9y!ui40@}hp!L(uw5x^Fvq=o_|!TgwVPMv&b-
z`TOY#JxP#P;7NpEYF6l3M5Of<dLa?E{vudkp%3~}`cn#|L{B2ZHTVXQRr+)y>>*08
z)@Kvh8|0o1EY*vNNL!_+)J~~hNiuNP&~>l^3YtsxLEodkCCby#!ruo{rf2PDe?ma!
zyWX(6tJitRry#RVZ}pHbfxMwdHnW~j;Mw#IkPUk59wx`&<i`p)E%=tckV#-3web`W
zH|j5t3`dG*3^(d)iPZWYuI0>c((44NOXV5$CcRCNq9HEv{eaeMedS5~%LtqF7(q&w
zyJV~&>wp}EyM{LDQ<y03>GF5<djv_Iz-JZT(Q^dZ0oG4Ksdw}hf;=~w^=#HR2;$zt
z_pV+qh<oC4i~gG+uYk|^%OhL#lY;EJ7~Z)-bCn+UBSyj5*aKO8Utdc^_U>x^Pz%a%
zi~1d8KGc(bqEf#5VUCS^n?KSs1o`-!U_o*PSwGk%#YANL`ABzumYV+r%^&F{M5OhP
z^%F$cLtNFb(Ib9g>+Z;3tH&}?8vfu@NVR%A5oxPdpG}0L=mcA}dJ_?8>r=hwucVnq
zt$#qKPETMG*bTm2PZQ+LJ75pPeXw4q&laTqsbK1r+x0?0hVJFli`(_Jg50_h_C`^u
zYC+uf%<Xy;5$W@Gy=t$_&j2bFwGWB(`Aa>W2<K-g$n4N_nE1XJ9juIiZwfp0B0;`-
z9Cq75JKL#mAR=w;)Ri`AYb5B|sjnp>ZGELj|1R^Rfy^#_5tBfEn)Nb4-261_Rf1%Q
z{50#0g1B$%&3d~aSAopO;B&JcvY%}EMuzabrCE;>WXl-NVYBWR#LaWFo+!wh8~KZ2
zvz{)9o9AXdhlq^5Szp_Zww5T3BjJk&%pRKc_XKfI3+~a|nFPj`7Jc*q&X{{DvqjGk
z#62zelU^){ds^^ky;>0WwBRp#E0e%!!B*XOkTqkeDUj#ZQ`TGdo-(rS)l;aHd@}Am
zWp1-q?|Yac4Mee5k0ZkUVj9@mt8XL1EefBW`}77T$|Wb@od9Io^bSGp0}t_C<~Kd^
z2x^|EWCFPtWPaDXh{!y*>k%E@t+(r|h_J0kpj5kF?ICFW4?X-ZEX6W7mpGuO5MiGm
zhf;_14J_lkAAZvfpNxO%HG;S&x&G9fiAaC`)Z>nJ_vcUjaU%K3Z_D9#JxEW9hs+0C
zhxK|7L4P{*PC-8VgMX>vs2+Yy`iyhqqxvNtvKaIn)yH~B5s+j0bPvI=uAO==5sq{P
z$Q;+JJu;Y|6Z#<!!QIX$_0gTu`pZzNORw;dH-P-D*LX+;5XHFdxGeP{kkgDT52*)o
zhGCpQnc5&f{2nXL7|%2^1i@e8#<j0AjRHX~iR1I9XBuTh<|$V@u;&E6JDh2ZK1q54
zUn_bV|9+e3X{3;h?3F!@OhLvx7OZ>-{WQ!d7Q}u$SXpVo@A(?<3gY(MbBs17fi~aE
zsQ(+S%X7ZHj1EEEp4;1q{)c7Uo*Q8#3gY(M^NcJefu7sP`1d)@K1LDA$X?mUs1Jrm
zuXvt*4_WPF#GZykj<kJ^`9!$Q<0-93qm)VDlvY2ZQV{n{RzIVGh-~5g3?&3L%f8&t
zNb!)Lz<Pfpn~9>o4*eKNlu=AX>WMNcJ*BYKMHzigmzobjsSAuaCO$`;&KqbX2ofF3
zw`C4A(uhdS1C3%L+`><Qo`J@<MC4k*Amb<2L(k=)`{4_Up`0PDqdylKnM{-=5XIRb
z6K&)%37im#HcA9>*J-1T3Q@{kr;RomiAWEljj$eQi#?1W&51-ftNnotHOh&|8jLYA
zeB@!^$#{v8D~P+ce2Gykh`Y9YiBT>H?%%+3c9$4+M5I5L82(VyyhPb@Mz9hC)-N$y
ziLi$wfm~_~Ium82Kf{cBiO5kj)+k`&+kXzf-Hb3w1qp`xMRApQgi%RES|4GA_oTR}
zE{eyZOtObyU0h~VGw~f;!+XdtH(CU7ca>jmC}EtR{V%yPF+`-T%Z)rD9G3=hU2e1z
zk#SvN+;o=o=Sq<A8;h6(;?j+BL2h}N*9vr_Q4ow2SIBiE@@&*2t?Nbt5ot>|))3(w
z;#|})s)?|N*MoJ-7<3ND<=V0hgNbtR9iE-qMhX#W%Ql{7nZWz9Z9Gpzev!Y@C?~?U
zCW5W2jPP)__2gI{X-64xM5N|Xu(1(kxKs+18U+hNNMu~2jq}eXJ!E|o)Zo>I<{`I1
zsWC<p6CdtZ$Gs3^jSNA~tl+nRu|_TtX??8mHW3-c*i$0C)~F&G_V8}7m0(2m>h9q<
z<2fRn`7DsR-l%5c`{zB_$qeKMqlt-fe=^@Lc!SX;WXkU3r_~KcL~qnAJ-orlBf{2m
zNlzOQnV%btt0QE7@aF9aMmm##t%*h+6Q65qqESXf+L~xI5@B0UgRO~1_<2(Evp^;p
zF&=`wDcPuJ;`<g>jfz2LiqR^_Yp}++ibxj`X={oR+XpqXtum4+B*HmF%{LiO^_A8!
zuA7ZlJp|twryB2j$a>I|YJBA(?*d6P+L#2gF~jghlIB1*W*9MoM8PftoH@)ek_3q~
z`JH-(kt;|z5M0xnVXP%0;{rYBqh|R$onee7BIBB2yz3#=;9<Jaz{IzEzoL8&<W8ea
zkT_UTY#^faL(S6GoyM(1STpA5P9v9yY#SLyGZD`7H=yTk!|Bhl>u`=0Bb{laGEshi
zlShD=Mh+2aYvw64hndC(l97?lH0mxy&1`EA*qUjydB{E>na0J@WS#ml?u)zE@O#Js
zkh$MTCnBSG(1;jHv4>WO9lx`TSV7#Ka<hzhCP6LmTcWsAZkCZDWbO!%QbFA3*DRxw
zNnoZo%ZR>6MsX7SnPto*!g<F1huKE1hv1!-4;f`dq|c8SAs17mzJm+7Ma?#1nFR7Y
z+ejiJ^E}%qC&D=l&VoJC##u2kV>nlzV;CM13Nmwy6c53^lVgNk!q(kYh`C0zAPXK6
zyQU3CkdNU818mQ8jbtLypSecVrKm^N@?0a62z%HEtj{$TdB`9jPZ;$?IAdpC2j?`5
zLBnJe=wX2o8Ot8JdsCk=;skN`raogN2$CjNfS)na1i`D^u=PG;%ogPC3tUnt$Um@t
z#xiRKsU6^wYC%rBnR~%AMiUVk`!hz?aP*KPy%^$p#@I!K<HEXFV1$m4ag6|(1xB2Q
zV5H9)zL6ZMTNlq6g9LHw;yJ?*q-Qcet)4TI1X&7A4p*_BGct%s4}rv?W?4JW85Km>
zL!9?MXYBHjtH8r0Mu&%>heby6W$a-A?7P7C(`81cAS>YO8}_DUMxG$w!@LgXe#?v!
zBGR8_hH^RT;f#$3TgwcG2>UY$$Z{i_i0mmPM%EQ<9Zx-Dq$`aAL7s+R{YG0WjZ#65
z!fHH@kSmQ!L42pVG7W-6p68M_L9T{XKGvi7(U$airBP0Vea-+6R~l!j<PVKe_XAmF
zBzg#D>{TOK>+bVwMy4Piz5}frO1);}38ILMy=IgM;+|Z1&8QHh@m`+ky=K%4vRljs
zUo%<-i3;fHA|j)B&Df+%pK&+%Yeu7opwDZKID>t5=e_HUBthJH?>Zxkh}699l#zd(
zQA#qh)vYtqP1MXed=_F~XXJTEF_87fJ|f%_Rs-2!gj-ljwuEvck4U~UAAW)KZIIb$
zlrZr<5FiyoCU+K(S{sdeA>;0N*=V#1nF821h;RKHjV>YMzFTcHB5cY=;Es-shF_3D
zqxc-hMkA4l?@Tz~geN;T8tFu2el{8nL^$@%<ntj9*#_htW3ofGs72KRsW5Vg$k;25
zE|&4Rqr?^?;z}yzyEc)(7;Z6Q1=(_=OX3A_*DALdsYIlQTa1+~L)LNB+G1?+kdv?j
zaEr0iL+~W&R-@fRaL0I+k#-gO!;yXiQM_-|5RvCbKQNjF!PQ-SNBh9&AR_(wz=#|r
zvw<!11EZ0N?>w-BUqZJT?Sg#r7>^0tjF8csjs79L;=0X<A|f?!JEg5|GwMi2w$*LM
zqN`;TdmxH!#s&}B2joK|{2J-u0U#e42}ERl)fmMr<9q&rV5JjeJ~7G#Sr7p$SVZcG
zNDn_TqQ^+<ArD}wcn>)n$fw3yBHUBX15#(S5RukDH~jIOjf0TqfgtmRktoP%aDVtv
zBI!h=^)HNn-y!gY@$WkX>WykD#kD*P^lUd;JVXVu!-yX%^Wy+%Fmi}U55F?%S;jYJ
zX0UQ2w6R@At00#T;JadW8C^uAhr5iFYh`|}1<kvRP9mHQTy<<TVy=_cai{LrMhX%3
z`35NUjWL@@ZP4$~Q}8bLCZmE$sQZT4WVA5}%>9~-*aT_)X3*1QBznknAm1D1MA#p^
zfpE9cMMTEF$4D7R9{N5C<F$()j4VMWozFe@2cv+9jQt0rk_bnU0k(cHnmpt|AT5S{
zy^MVhke`g19<m6?UL%)?^yhaYXFU7kK4JG8MS?7N8cvZw?d&%;2(o7koF;&tyWgl0
z<o;kD{q`Hpf=rI$8r*Mm5Rp-Uo<y`Id)$7biU`M50v>`M4|xs9AI7K~WL&s!`GAq=
zA#Z}rK_icdjO$OMiDi6ui!tG_aY&GRSHTGqD0SHI-H4i{hlh=HBJ9umB$MYMp91MH
z_7UM)#y0ks(cvLqg3M7Pb^>aa{&X7IMDpoWFRnryHx>!<?vFf=I&PE^k^USvI*G79
zO`!R>5t)RVnfwgor12OL_UAVsT}FY290BsT(L_Z06J#0_DXW1s#$Yo^5cjUCU^9bB
z;5is<76=*lsTXXP5|KU!o57PvGd)ujcz*~s{T_m&dJi*fvWx<6N%NVp9&!PYGtELG
z`M#a7?*d1Op5|IX&blU8i3XXTX0;%AMgv=BPqRr7Jfp$nkRZcF%j{|TlF_>Kxu;o5
zgtK}nYxWR7kh9DSr^vW$AZMFNL}XUaHIr^4nZVj<FEc}ss}&d>;rn1OGgpv5VLvv`
z9D13>f<%eYua{X)M0(iEoOd&7mVKv}`R^5bAg9Ru``bh>^BBu0*B^#41HMG`GNV$u
zYmPAErXrDF86wOSLENtl=b2f8xL+Cin8kv)Um5zERZIe386wSp`x9xlkc^Bg(kz?C
z)^Vq90^}K1S^k5BTR66#^G$<@%uhcviDi85igZ6SLy*rq;Fss`g<Ct!Tq0b{6F_r6
zb34mWTg7#f{^lVfvQ95B6K^Byfp_x(W)>44t_b1YrvYXW5$VqWvxW%Ux(RFzFwaes
zQQ%s^Kr@Djv^B^~W0`=h!Daywsd?}z^*-2aAQ_p%!REiuwhuP>Y&+)=&w30oof+tl
z+#z|P`4AD7nFc;zXcqiSCi)baXmi8AWQLyN;ZU=IWTc1xmrQy(`t$#n$vZ_R`%Wyy
zc}@qPhnhQxa8_}L<V9u+5snMLja_VZ5~&R}mhw)*7&H7X&W3wSSd1A*gf-s-nq$l&
zBC@_NG0(XhOR?q$LFQ7^Poy^Vb2tl({e8HZD98&yazSRena-t@0r2jbPo$k?0`raG
zX6{TG*J6@sB_gelFsI)mtrvmJNHd3sY%Q0W%}fIRTxNDK3HlR8n^jQiGBYt#>cL%J
zmzkL!g8PjxH^1``d<y%`4kDbNS3!?zrre8q*h73T(99Ad(jVQdAd>IP=?U+7P)au&
zStit;%e_fABkn^zwV_ksTQ-i6x|tw|yBAb9bBM6@O{AxVh|G^+-gLi=YYWJjW&x4f
zP~2OH`xqT_tsw5+LdUEV#NAuym~Bh~wd0tBvQRTyuLjMIndc#&0=d#GBO?77WhOqz
zaV-|#`bV4Tf*ga>aJZv&w3#EweULx&aI{%OgxlCo&^+3#V3~kFW6T?8p=Q~4#+aEz
z*u!QhHO6cpBK?Uszs;8U`2}Rgn*Z~V13(hY=!e+naZnfN&v?@jBpT*X=<|3pS&(0V
zV4ELrW(pFc!)?B>BXPW$$0Xo0lzJF7vxmpQ)_Aj$i1aYgY@RJWRN$@t1~YaJ`4iAH
z$qajxJ#=2-`ST<*S`fF#O)?!OL3i|pb8YY}m}C|Svh4_;iI`;i9%DUIHgo1DnS+SP
ztb)v3lwqHHgFlnZ8ARA;9Bn3>*+k@MlWZ;`QXBfnwVbgjW*L(}6jRI^BCNR|Xr5xm
zJdU<xHf}PDh_Gh-ig&Zw#w4&ZFx6C^z*2BCa3a6mOf{p4$UZpLOd-Oy27|4sW|N2D
zTFEV@FIQT}zMN`4NQABb3^Uki=2ISWIh6X3S;B;Rw+$rCY-FNb2=AWwwv}ea&qK}9
zpEPqV5%%Y5D%D0r#y;KL{3OLiPwIny*cWIv5vdJzZ$zA7cCn12>A}h|keOjdJ%y!~
zD7#^<l>nM&m<|zXJ>ASA!qz8)OuAW4L|VVY49%0)ZvmM*%@`)WC!n?993aC?6r>K;
zMe)mQhM7)8+R8ZP$(Uglk&J9(P-;HfVt;N2TN!2<5$Vs}=H`6q&)pz1(>&xM*+4Q)
z=V_Fgr);`B2<D!Oa=$s72%kyE)$c5`SdfoC=M}Rovz&?2ego`Y2R&J4osil5GOTkG
zX(1xx$}-0nNPqf)tt>N(i1hhEvz`dY^&IG#WrjV2rD}r?FXA4TZN>`HZ=p*PnFM-D
z_9;2cHgiZu=J5ZL={iN`-*eGyvtS|mBlqoOn<av{yL28hw+iC!(s|fyXA;<@Gslcy
zgnH!sd5)PWh&z9N)GQIioj*Tj)(GOxpL5JMCV~0$+*4woYlbZ*p99wCnlVe+I?kV$
zL!RfFi-^d&c-;Jx2=`^&E%t;N`aG6mvJy(=n$b)GyAhr=9YJQ5z+D$0^Q4(fM7D${
z%?cu1%WslQ-y*3QS81LyV>|?B!g;2_gnqFR`_6nbiHOuZ-^?Jwnkzu_e6!x82j2_w
z&2h`5E!6z9d7Fp42c-(k941PhSpQjImN4->4Kp2lS}iauh)C-TOy6>u)f&*Vz>Fs%
zv%1iXe4)GbMdnZs!4Z40dAWz6KhK$?J>&}@OUyhbfl<B4EMXGxxyY;%GOo`>W+M^l
zbCG#ZG5RC>MUk09gmd^U*eWtxh;Y4Q4wsorUzAax&&$nq9)cbgn{`Zlcfu%v-v?Ki
z;V)6CfQKv0bS8nUt}t_mNDo(-4Mf<VA3*a8)4xJmM}JDpjUMtV$gDK$m?*d!-wtGz
z8C}BGZ$A$2aNzSQvxtbawaRQG!nTf3sl=7tZLKyx^N<rDQ);#_AzMM&aOaHatm<xS
zjk$q{w6(@mR-+8t@=>XDBC@r-Y#t=SnLh_)UNKKEmHzYrQf5YZ$N(U(n#oMapG$$f
zZk7w;#{RlFXbtL-{=9Bx6JdWYqf$*oq(5uTl$WJ-e8R3X7kLQYY59iP&O})YU)Jym
zyWWg{rMs>5r;JhS%~X<+?Qp$WLWKP>z@PP|QYNiqy>BpAc?gbCZ<-rC1n=N_%WP-j
zE6d}rljUZ}tE9)bppNfMD>tKv$ZV9G_puDkB~Wv@nd2e2Gj^j{<00tJJ7(HzsF{5p
z1wL1pHAM1#J3iyJ+|6dQAb1NFejD9vb`X))H=7BsOFh?up3UY4BC;;tHDlMxY}^1c
z|25M*1nZ*GtY)HA{t2^1klA7mT8E{itu3ZOgndpWnGzz>)>bp>4QXoz$h>DJc?jC7
zGRv7Lhr)uDdqC!WGkkq_Tko4OMA+7YB(sQ!wDo~``37lg4#;dXM|;RqKt42!nE3F%
zTwE!wF*gWu7<LV9FNEJ0G3y0cTEROgYRnEIGWHrX`AxLN{uF}d8ncp!^yd>Z_butq
z3m{W#R(J@;{;3)9HpwV!;M?(Pkf}4XiAY;@W)Ts#^%}`^5|Oq(GwaHwtv5mDbF+<!
z?`f#Ptw6S$%0`m$Ed^3dBvOz*uyeSUNE{JqeY@F4gss<;OyVZgBdvdF{!WBPn_VEY
z!|e2s?}0R!aqqD8NieFn0{O~J5JZFd;qOG!h)C;SozmaGGOI{N_V=&M)C$zh9v&h+
z)kLI+yUc{mWSx5DF_39AbD8*F5?>;|F^dJkFA>-hzA-C_NPoUD+la8Opoid#kD2&x
z_iTJ?M*LUW@_|f~ncyK<@86kgnJ9DN8%H?Ed~f<Hv6Qs+y%|G<ZS^IYMMPv=yUk0t
zNLvFyrr9(+WGIk5W)>6Q*<Zja4v-(s0ztNly7<v7B_gf=Xm$}{>nfE>+uA+S7V~c+
zvfh6(!`_qrI8f?mGoFbr9cDyW@2zI4Anxp<)yyU$t+$#DMA-VZpr_T0u9BK@_Vufo
z;vqQq+iMnh$PG|xpIONyFxzP}+nFeb;Y|wP8QaW3@1tgEz0FJ_!q$^PPn%gmL}vas
z)A>O9gEN`m%|#w^E0k(Co0tTwA21Iw30Oa1hHvX`{eU@|2wT4c^c*nDh)C-P&6sLw
z9iJ(O%-KwQFTwK!_tG3T3kAuCd%Ey>aoAi-L`HhpY$C$8GQrki)A<lJOIt_GY9d_A
zXsg2v|A?&nhJaSIb<~UzWTmim)ErGj+B#}x5n)@iz}8W-k%+W)%zW@;85cgAI?Y@U
zc@#<=H$V3f>`f=lCJ)I6nJzP@hV;-(2A^Mlo6Ul_Gnv25#7|I0dib|lN`yTu1U*oS
zi1hFuv+7gn;R_(6SRr+iyawbntBi?q&bh(LJ3!8`LOx@Eh5*@0B%O&*2l64293s-6
zGpyLpu@w9BDajNPk^c0s#(p8Ke+e=^E7?PufShSnc*tHLXIZ1`sg&=!dal86D@BkO
zp`RWBnQ$wMiL&RyVC6WGW+KwVa4UYh^iYAFL*dp|BHUVV*T=b5y@&JwnRBf!CcfkF
z_3dmRy{w2YQIFKz%Nk9DV~-%25+WS?gS{1{w{`9g89UCSBCH`EG7jDy&a?bPYC~^?
zvje!^+s8^2WC)P{pt+Bg&Lpr7(8p@@=t0eWtf~fSYcQ1RYsK%Bv5x@K&&nkNcXbBw
zJ8XZeSdixfq+AfZLje8hZ`BczvG=#Kzml3&(A?i@A|mTO%9^@M`h&gl0&6xC-@F>0
zuMV^d1^GbC7zbKwiAY-@^Bg2zk>^SVT1_M)pRoUzOxxFJ-7B+c9_nEavEBz-N#Fik
zChdEU3s)+7jD=GzRvweUD#Rdbt&qX<gAT+#$Z8YBUAq`;h3#fN?)t_MD^3txmly-3
zF0_(7<OU!^t#TsVGLwN^WQ8}Q9wu1Ju~r3>z!{C<R-+*9ZvhOqIs{qw0PpG?Zbj@t
zJu<7qtqdaEdNaV*aI3&W9t1MdY9k`+G|r0up}U^TtWE#Q>Sb0o$;ixKW|jPirIst0
z)j6Q~GOL<NAgh;KtwIK~`XtC)Zbi3nDL02#SP6n)4xa%Tzm?%3&jZn{S|XgWmw@P2
z7ZDkSZRP!hn)7|zuHe;6$0`xz*c#55V^s;_X4SEp1#z?LSY1S9Rvjz;XZ9IATnpA6
zE8Rmj0lCWhhzNVQ1;{9?!9zX<a<w(+7xIv1gIMqJRt^*2x!3b)<*`<gAP2{}WP>2D
z2S^PO>ET#wU@K~t*%)gj5aE{40M@UyULnFB;=O#=Srs0FeR-T!Poy>!zhvPPcD&Up
z2;N?WJKV-wT}%R_)_7~!uidSWw^E6)^>4v?qE+c3KLEMGY9dk_ig$wH7nTXuAwk^T
zeG@F-UeqijonYxiWTX?U1R`v!4KycNuMpu#4+5EJRk5C+YoCO7d?1so@O|AiPqJc&
zNX?V1wM1C+-%x6@)#f3mKLY1LEMFVyVO!?_xyec<QX7h=%P#;j)yfoP$~qV!h~zN|
z3WfFOONg{H31oGuW&GAXt5dBaBJ58bl)A;*MTD*EKyI~u^^j|T{KpFUogxj*fj17^
zZ#><K669gnPci{yrdxhNjz<J5Q-~xo3HUSJDkdWHGu`sFqh|K!Rw#A5l|aPv{ldx=
z#I4gAR-PcUuHtpJ8CHoP?(J|htO`M%g)elsgXS4ly&&#+y%|=kApP>;i!-#<8CI7d
zC!XTFf@fF}e{k#r^IQ@uh<gHkh852w5a|pnl}XT$#qgzqtmg=V_f_5xB;6_&<VlEP
zHjq243PJEL!FfRLv>F823Q;Toa+lRE2;K^aG8vZd0C^bn3!K<}9?0ERv>-n4xdg~e
zYqTIE1i8mb6$Ebud=+Fet=WR~-J?*Q-fP7lM9uS*)273!63E;up1Isw@LBnQ^)Sl>
zMx+O<0wP?eTcOm0)-Oc3)Q3Q3SzSbGgO1G$rq-KnB^{zD0y)e+<@ug%Wsr<~f@E7^
ze_|=N^%-c+wi1cRHujKJM})06fXu^Ii-&v*<dJUVCm?gIPLin&#j`N`fjnk~A0`h&
zZ-TecLYO{3X2l9JANI&FNfZQsffUEO$E<WFfw&&C))HZ#|0K=*kDzAuuoFm*73(4Y
z0GVrzCQ=)^2u4w~^|+NPh&!%6ZY^RGu=TiAM?_}hajU39X6y_&9rT3NNQAAQ1tiys
z{fi^LQuMEUD_)Sd10+?DDU11>c)pb_$oZqVSLR!b1PPzcd-e0JGC^*EC~%*7zE#B}
z;B&q;`Y2lGR(B!zlW%1)3AC|itWF}F!x12}!15nspYeu#yzP0Rl_*H-w=PL%60o(<
zY9YdURM4}~ayrR6*}^Zpi>&vFaDE(+S=^1_`}?!jmmV4XRlet}RwDcy#4n+RR`hZ9
z(5<gR%V84mr_fqMMAlcK)j)(j90S&uSg|KqPw!>C(|f5E&m`!`pkU>CkXdSNU=q;0
z)Y?r%YF=uEokTsXc_Ng0-pcTh6d*-bJ`s-nb|A~G5)Z+BmBm&Ck=oGJa25u?dc0)S
z3lb-4`6a8BNx+|%tcb4ed49>NA;SJ-f~^(SULtJ$VIV6l<$oMI&Mq*ktE@;t+^nv$
z;+O<%t+JAd$k<m|%HJ~fxuAKqmFgjRKuWDgiLmu&fxK*$5UCAKd?Z*|0pwMyLXexp
zm*Q8gdO_TC6R%pWOalJAYNh=nW5-$Ct5ydQj(rVie$ASoz+o&gCaeYWx^<U_Yyz^*
z$|X`8I-{EBKkKbxK@#7G+kil3y;UxV`;1#})iDY9v))PwLR*|4Z1d}_Mk4IbN1$he
zH8NQGgCqZ&)_4#33}oK4W_U;gkhiQHBC;2hTSbCY!Wm~AA<L}|OalItTMa~HeU)30
zr=fNBrwKG~w6clRhL*r!h;zS9)*>bWJ)5i@L|6|DnIO|F^vqOYH4*f@V_g)2n&mU4
z!WvD4ZS4h_3Tq7!ZV6alo2?xlg7-PRYqc>6+~-hfDW_A$eC~Y?l~yDXITx+8t|P)8
z;%~NAS}9zL#vlA$*DY2S5%%W~@Mo)4&U%8z^$1ovfV^jgoPoBa=J%{9BJ4BXw%VQG
zt*up--y?&z-nYs<1pWEI>d}LuAb(DRt!-8mk$K8B(Xfko4y?#qWh~=Mh4CO1$cI)t
z6Z+*@Bp+EmAL&tENQYGuARk+GOai~@R%0cHvW)v%v^7??Anxzg)>uV?xOcPEScPYD
zsS|M8t3PP2vC0KGAMUgqOr%wi^M=D4Es$C(yr+yy1M;a=Mntx{9acve%5df<flPxH
zah4>hK)$lFiSX_boEz`5776lp8N7*3K~g5jy@UBw-7c$2kioFS3&+e|R-+*9Nw-~A
zyC8jD<6E9~Ss`bW&%RN9S5K56cxoPZ2<)=_g4`02NhBiM#x862IUI$(5azrP1$Y=v
znyHp&0%^4Bm<0B0e{HoeQ9crJeQjl(OQn=ti0gJ}KVMt*f?O`*`r3-?#WEK`+rdb`
zwu%M09^!fcY<+EY3UUMZ%zDy$bEzRPj$vG1Tjhex49G-ANS_}eJsCt~4equ|&qEom
z!NnlcY*l;63qXFbqWX}YK%_rfenH$C{LxAj#I3;}t#m==LKLe&&yQA)Aa3paXcY<K
z*3OUC20`4~`O&H&B5Ma^`pUSlE`GEcm;^j*vD%mf>Y~M(9Z97Eb<tuq3i1+oSO$7p
zEdTi|<L0@=Diy@dbBon3h@0n@Q|93<*2I3OM~<2QmrTJaGI9N7TyKy+$sU5^>d#gY
z5w5Qakom=`@Q@FH{Az_qk)A*{_F6H56o{wrUTd@<U83*owNi-4Jnyv%Stiit_gbx@
zlzZxDpVcLZt9hRlaRKM>+}FAF?z3Wvu+N`>hx@Do52**zX00V6TjuXp$^e-STshfq
zWibitEc(ML5X8N|<qxZrh>YS7tJ9+gTgx9-^gzy!dk@S3%VDByOAA&qpr0PFGMP~9
z-$1E@)*=tVx;SjL6XCdi0huFK!l3S&JFGN8N^#W$dUuC4TaaXN6HA9xNJRSFVRf)f
zAoCqo{NV1I|FTjAaW(&CWiwIk2F)17Use$j_V9P`@Tm1W%aG<jfgH0sJ){#zr!{&A
z+LCo~!fGeNYYsSupR__QM48&qbkVy{T2X?WF2>c9mY+#rzH!o8PK2Mi!H=SzMi1!)
z<R2?Knj$3+G0&&jEkrnqAs`cCD??F+Ni2{v?9oKzQ>KTVB8WRi^{}%9amT10c7Y&n
z6g})xLEI>M*p)<N?ewryFJkNXbhrYn_psZEa9r5N&a}fXrYHh^u%{ivBrqcNv?~R1
zpAJ3kh!`rR><}YTPdi(XeqvPbX@AFr@-rH&_q5xIaDCzIG|V1!iOkP+Aaj<TL!>se
z9@bZH1ah`r#3WEVXWKQNQpqHvTuS}~>f#)GgoohGIpOwr55b#rdfDkr0ypPG*g1l@
zD^wA75fPcy2>WA?o?F3sgx%&L*b@5MrNd-gcY#c#UF{(c0O@B(#gfmy_u=~&J{kMl
zenC>;w<PdvSARQEkR<qeG8;<ux6_G8fBM_yEJLwBPBP6Ng8mG!o#E1-g&;G~PW6yw
zKnB~DL}bexVmAnKXFjYxfy@xQO_1Yalo(<wBRGnCp5c{&A$BAY>ERGNl?eBOmq|~K
zhim{6ZJ#re^iULd3*S(CkcZ$cd>7e%CO*7p;2kJ+v7IQ$LAcp$3z2jp()z{rYLA|6
zB-7|2n4e*G9$q*r`sogkiM7i-<U1fEY~?bJ)P1Imv?B#6{Ry7QAT!dA6QmP%T4J4!
zv=anzGd9vr6XXv#<%eJ2M%uH9NS{aA%H=W}dr5PuhoH}w+f_t3t4BcQ3On+O?jHK>
zI6=OIm97&Y<F^w8asBbzX@a;l=(lGRk^cDYEi6N|qrkazzuiJaj=hFm=9f7P2N~0D
zB_j1$wxgm<ZRn1#_(osLP8DQ-mqL4PEjwF~XJKUk&$U_hB0+j=Qs}+Fvdf6@IEJmo
zvNwAOuH@MECmzxl{Bi6(9x?#PmEH8<uTWhjh#aFv*_~91^E?zvjkaSo8R<wM*VrvY
z@_pCAsw}<>kFh%iaog$`J66Y1`M#f^ziUuxjGZG$Z@9D3AyOpB1+W6lq?L%w;TSu}
zAU#wU*HEb_55cxE)@~=lJ|}|AwRV^(eZC1uf}KGGevcLQI^qo><Lq2P+*?G(*~LVp
z^>KD@OIpW0C*$lm4?*kW?KC26eHz$Gv~xY=E+9AB&0NZdr(<!xF~RN-1lKokMR9^1
zW}_`>eS+-}Va@k}o(c9!BHR+tdXio1AvhnKXtyx&Y4EKdzhq6eI|b?aC$H{Kw!@w7
zwkF%7h_GhVGugh`L(tX~JC_Li^APxRlU?c|PXI}=n~BthhCobceX89dNa!%OKGhDp
zvb*)EwoOD@pK4DgB75Aeb`BA?o)5NC?Gg_u1o9udnMiGDdpv(byv^<qBzz59zs(N2
zs=M{uY?}yM$9+V%*|&Mf3!r(ry~sl_8|ilJDAdFLl!440cA|&81>`P!EfM*Y$*`*h
zIZHfKGVCTn+%YP{J|u`cMrGK((cOK{uycvX{AAeWMA)CrVEt~p!9%tIxyQcZYShD#
z)&j}26PfsM<-Y;QeRjGauJ!xu93rx1-e<4(=)n=`KD)|8a74Pln+%RNS#~4Iu!rA(
ztq1IkYseqpoX>cKe9$fs#2s56wCjmT>krz$u?&p~dqB^F_6ZMZ1v1O-HAY6dA4s-+
zsfQc}@{oOvha3m;a5v59^CNaD$*|8#4$MpJMlKbYL(Z{h$9Ionj$JH>+v?`nF=J6?
zo-+Jpn3;l}Id%dO8P}us9YnZx!a?RyJI_OK58hmRiHG2P>~Xu&L$GDev$L*6TkP`%
zpyx@u&_gZ;l4rLQ;qe)t-Sh2`>o^K`J~rQu66C~1JRh5H`-w=O=i9kN*wzTpJm0P+
zB3ov@eOUr&ruv!&Yo1TrS9*vFr3&m6BDJAcW(CvT;0x?5LGUIGye)izUBDzTH(p>L
zBEr^3fu03+;y7vRS|AJUDkAd~d@q;^q|i<tk23R=9ntW6FF=ay1}5Yo=5U$amdM#~
z=ReDB<pw71T~*8NNI~4U_2qV)AnsFUxt$<L8;rg9+*xj?3F6*WwcMUfL}qol{nU+U
zORiKbw=0Nnqz{76%k78><PZ6bZ#OU429rR`EVh%FC?#;e7Oqeg+u4G+>j1@ei6D3i
zfMp_*NHgt`W>P80M6qI4Y)4L%)^P+VwlDDz906YJCWF1{B|DyEIEpzC#R|KLO9e)N
z61!6ncLXT0jY()r=BLC?A;NlcK~ITYMTGm#(?C|*k&~r|D}lUX=XeO#@;W;&nPdVP
zd&4dfq#5=MyaT1)uqy;{Z})n`t{22z^L)c@6~w*W>kYe05chVkH|&ThY|Fjf>kT`W
zh>Q#L5aGDCkoAz8WE7ag4R)%B;4g>1X*Ut!QXfO9x9sGb+1Bc@eDdyXyHpVD-MH8K
zZ95_bWu*1D?N}n5L+qz-+oOrdzFck>5Mf)NgRPBr9qS2oZ}s0~w+J!>+WStB*<^Pz
z3H01ewmntG^)1O{5s|juwG(bZ8Md_#Wd3Ux5UCA4JB4S<m3AqSeBX(UigEyCD(y-^
z+&gtE?FK;}gSYGsl4)Z-0e>p(<Xh1eTgTp1X?GD}>nEVp7CSMOG8VAD)lL`0wZ7HP
z5d^Idh5FiR7cmJc6xO%e-w@$E2f;b{t@b_-2?g?=9WqV&gKf3SUPOfb2?v???F}B%
z56CvVok(raov_<yFpz3H{6FM#Aku1kI1#oULox|OWadAzi;1wU%R%O2yV64(AfMQg
zx1r{I-~CVX?7h~G6J#vp51%Qub^;OE#%k>~M5L`+yOjvr8Uva?wMVCMp3`&SyD*SC
zJ4F!tdqt2eK^_mt6fg-yT4z@ik+$mWMj~u02{eCZ$4w_&L0>?|ZU*wXoyR1g=X1M+
zh}84Boq9W#Vm<$XQeW8rCBj*~14zAH;~|+qw%Z{yI4<q(U}X-F20Ka++^z8h5x*c=
zaQ=Nhkwhi|e;VvYBJ2;YEH&6k>C&HtP->^Wfe8Dv6v$V0vxnf`j9qrv9qdnj6x?JC
zGL3e$AoqiZ=ue~VFbP<1v~!5aY&6=9L^vBSLaDFqxI0lZTQ3Fjjh#cJHfYsh7{h=x
z*{y<{fam)=M2x%0pMb3<yOfBu)nun+$Vj(BsqgG}h_I~>fqZY*c*qw(n(e5&IZ}5g
zSc~l!#Qk-W7CTXpOMig7zMxc#oz5iSPm5heMEcWW_n9dp{Rv9_WE&pxJCI-ObRwLe
zqd@lB)kJDT$KS|3WuM(7i0k1#`;Z{5@ZAc3KV_foyQh18_Swlqq(A%YDk5y_e_*T4
zj?CoPkDC1M`I{ZbBoNnc_A(-zL)^vvo4wXU@P2^b?N%bJIplFz`M1;WWzBt{wG_gK
z>UKL<kkf(u2Bq5VVnJrZ?QppFyWK8l60qKG|9eMtyWLJQa{kk9KXE_Wl956wBJ593
z@aGS^ok(raN$AUX3gCb}I;(re4%jI~q@DwI0}<BK3-lbchdqF$I2-2!Ib<6iG6=|@
z_G}`xp+`jRbl8Q0Jk-X!4Lj_$f{c!U+cuz7hh5Di5POFm_F(t8I_yD2*q<w))L-^v
zMA#n-$Wgn9NNrFAM0yR7V|E*pfaYViGON4hV|D}));tbMb=vn6k(!U&1w^Fg6LvF`
zfaVi+2N9XW6Sk3!wpeo#Xg+B_PlPq&smv~Wy@%im!~g6WBDJAgprzni!9RAhAmw7M
z;2*n#Nx=F)cEUs5<NC*rcvxD$8LTT#7LnRew|56Q1%jLf?GVShAg7c`&_7qgZ(I`b
zJ%V~_g9_l+Gyem6f}AWS0qa3dJrTLfE6C|$5_oqAaSCQjf9?Q1r#r1gYC~6C#eMJ$
zr%Mq0m5NM|Im3yVL)HVf&Tuk`NLyz(B}@XgLY*!mocRYq&za86kD?yV{2U-Xoh%Q@
z2Xc;6Or$n+NHVWu_jbw!aYu>XPMsillRSQ1>g}`$g5QO46|1+?$t2)&Z^wB|#=abE
z^>$t$!mS0LRuN7O5%v)8AU)4%C9*`>3oT(Kl<MoOolDuE{n)r;>U^hK5cjL%`A!p)
zfc5j8E+U+b*Fn$u4*!Y=+rs@n{hZ{-yXU!|^Y8n$`Z@o;U#q{9DN5mQlH$!dQBDaF
zw)Ga+igKzvq!P#gC+Z1V7dVR>=oER#Hjo+QY+&NciQ~OtgPnRobjUo$KG<m&1b3>`
zLaD({crIyHZiAIBBtx87B66;Ep%YI;_R|ZU(s@{lecleGqMegOI6sX*hB{|Gi85U3
zM<6jyERovK>(=qky<twgAnp#XVNR+b&!_NBS;L%cK_;HY-*<*Niv;=RD((ftoH9Z7
zKFRwfhB;M&)C5SQAo1`<hO^3HPP-tF?R81WQ|NPT=-2>>5+nxhV#2X^nB!*>H0oto
z!zNP9B+!0_IVpLlX9?{bZYP-nCV?9{MmTQ}kr^A|R1uLGyUb}OQX4cKVm}6Y{7$DJ
zZCAng^aR|m<wVRUpMyFe(oi6pV|d89Ky)Wrkex!taAtc*Kaeq<B0+9~{GcAosq_%k
zV>^w4yaf3{8OQ1L5R|#niO6Svl7-Awj^QCFGs;O8<Z8(3g+N9-S%TaMS&ap9wNvOJ
zDv)cOat|2=WQ<c!WQp>_Mp&B%67RHn$V4Dxo%pBOAKce{E0AlQqyi*zJiOM)WfB+<
z$2k$tpbWS0=}_u=Cz%M>R|b&r&T<c#17w0z<{|k&COH*EYC}KU3}*{~Bs=wjOoiLV
z3W>A|a(Ef<3Ql&qm;^<^J<|A0Np{i}P!xeSmh4mzk!>v5X(b~2>CH|j5sqRx*h+CG
zFGM{Y#Y!MkolGLNL7Q@6Cp?f_oN6WkTemn(L|F3%l4<jhZ8IP?r;7;NdIw}uos>o7
zb13dj#hZnuIkTArG*5F1iO3n+G^d>i>)8r=ra57YWnI(&xy{KW!cpLOnC3)2E91hw
zj?<kH9`Xg0y4@M?A-jO2J6TNVw*}F|yPQHnCSC{QGxWH-oV9}74J{MDu-xTT6Okk2
zT@L)93%000`?<?0BEnJp0JbumLquRNDD*FU4&Lqf3OPTYf6L?H-OeCEQdY6`yB&i`
zAY*qsc|@eGyPaYpZ0lFBHPh+fQbDW!gqbpsdz{22XlseG8fJPOM2d;XC^DULB2sgv
zQ$vI`{|%+?bp|aZpMz?kwVa*{EA~z{lYoc!Ig5x$J@+}KL|9K4l)B&P5_(<-e?n)%
zs=kx-JZTQ-$#OD?NIh9jF%j0&8}vNj93jFj0ejqoPFN9V)$MWFPP8CykIQx(CIMU7
zP9_m)E8A%&!nXQ>t%sb1Wvm%zgM)!Q?4$|e&b}UYW(#r*?jpe52oF1jf~<uVGbU>V
zQD8ogzheKeQ_Upc&%@4u<!DR#^RSabg#Eb~tp7juz60K_qWFJKx$nJ53xbFcAws09
zh;;6WG${&5Z&Cun4-k|hB}hvkp@UQjh!7AJ5Rin9AiXJyg%Uaeq$nT=ND<^eyWjcV
zy=Tum@7|XL75{mk&-?7%+1Z)d+1cIMdJbq_;UOsd=M^%#c~cu?IfWe9oZ=yO4%tq5
zxtmG{HD5KzNyh!4X5SfQ%^%cU&qD(DgPM1H2)KV)DIeS%F~R3bvei>rOCg6eM;m0b
zFQ>A;hdgBv_ezGFNgdK$=gcy%Lz<^~Na&3ZY2FT;#GPN=ROyUqzS;)aRv}}X+nfdN
zg{}?mrjR3=M;pZT^ZO`dTyupVIvnVyM}LiL?&Tq&T;rPKJOt$$t+~cGpKQx@m_m+h
zzU?7*CfBL09;J|@n(LiiF2zyJc<y;rb0?1zdbXpQL(g%!!b@UDHAfhPFNq!9T-_ji
zN$i;B-hi|`hvS<UdPsOl?D*#I4Z@eiPH4)xj@J)_w?t2DE@lwk#{GVCJwRHwO;55?
z1dW~4oIF;^m>oJDp49xd&lSqmU#>$dIBRX?dgYU4q^{DemODCU0Y~0ARSa^0hm4hX
zb$0-~hE5DMxU~K}sX6>S2RT(<(YiQM>*D0*HU>FaAwN*asm%!<a;Nay!KXKeo$qpu
zmESI_GbH_WdUK*d-ueb1Xa5*D&umRdegPo+FGL7sKI~kS;`CN27Q8x!tn?%y>lvNH
zwVwm`2?p7Acm3|RGC93@xj~k@KxDZkwdR_8`~=)bP1X~(TCOviM;qjWo#D@)(fqwZ
z=D8TT&S<`5ko`W1FR)K&=063UIsT=0IF!zW=1xBYWQ0PTJm)sIxfqZ~UKE2Id^sQ&
zn10S}zB&nzG5Zi_=oNtM*@9eakfTQv=h-WPbL^pnjJgVt16nvkuLk767S8bo*->8>
za&~iW6ZUhb@Vn9zn{RlWJB8njp4e<&<LKNe{L=J~Te<k9>7TS9{EGBXn;Rlm>wDQ3
zHFq)yzn6VcbF@MDz3hvc#~Xy-%f6^N(I9940N=~Lh`jpvy=+2GmOtJCo4>eurOy>?
z{^I8FYh5W$lOy!o)04EmE^f|pgM*+|I%~PCId2<eg3kPZ(QMv`vh!QmlbSDh$XMB5
zZPnHC<mNgz1BYMhp4=SgAxFxWbzc-XQw)cCp4@!iLqgk`+?@9oM`x_C?M!a&We~QV
z$<0-71<s}?lJeOG+5auwm(X%eZvM+4Yz5aehu?-=Y$?|^&o;<2mx-L8iCo)U=XT)i
zuI<9v#`Voj4brFcTnG7O^QQ*+jJ6Ax>xSl)208O%=v#i(?EM|+Jgwt}EBmjSiy36|
z-BVdZ->LXjbJgDi=l)A{wxN()nx`3L^a!;yEyeB4#|-kWLLAOr%~$V7t{s$)qx|dU
zX^#T3khP{?H}`rBkUdU?etz9t?{PqWaH+n%F}Lm@G>1<G<TEMg+}pg|AV0HG+}k|*
zS%(u^!M)A14Z>D%AMH@s3jWZ%+;G?m{@8p9kX9>rp!tSD*a{wK_WjxO>SHT-pgGJS
zYy}TAmo^An!2{&pY6TB8*Yr4HlzFhZnTH%92OomEc(6IjAP*_zE-m4M&4UecV+(Sc
zL4K_eSMLutCmQ5fgFMuH+C#!<HKi%fxl)`ev#+mvDO!V5nk#z<zUuf#g*<F4Ie<9I
zPc(OH!*Oo_KG_`G25~R-J=HwhLynYt{w02GXKGWPcf5|2Mb!6kD_v8Y%Nm65Oipd?
z3P|fk#Hr1*JOtcV(;3Iq=2dMFcYfpP=G}nwop&3)!S_t_DG#|*7T0xSr?F?6@&at*
z?{lT{J1xdD&DA~RNZDH3j<d{Xo1;ABxn$VWdNR~Q#sH`9xYf1)8RBpzS}u2c=uy?r
zv(5ZPUoL;+$wB_yT*n|g>&nto3VE)1fkCcQTXl3^Xx;*dpCvi&FEpQOgFL6XUTD7I
zA<qrD#&q~%bI!jwUe6^jZj#D1U(`K?=28Z^MqA|_3i)euCxhH+kXM>#dI)T6s*c~U
zH7{#}yrz&hoA-JMyup{1`@7A3|BCv$SiKY(tFzYTWq^2@k6742?lzn~^gBL1ijx$t
zddR8L+pDLuJ!ICG9Gz2T-Iw*mw1+Hakjak$CoNX<5OAMganfQN4>_{0p}E{_G%xlw
z$gL{xNh(ra9B+_6C>=m1dkCy$VWpE7_Z!Y?J)qNDykw9>&qukpvwDmCWz^t9Q?Odt
zTMY9M(D|Iw=`Gd-jy$S$x{5+(DMlIO;DdBMMj^8n2ODIG`*cM_A+r?|46@E}-PK=0
z&!QLezT$X+va9#mi=_aObtl6AnZ4Mf4d;yIb#1vg#6#{Bj%Y)R6AZ#$YtCY#hlHMF
z?qa3C1zxV_pS#%9Lyqj*c~^K%^Avj+WKV^-);&)#+91ux(RMyroMezS72<F{S)An|
zD8)@X>FM<12E#dZ5_C9!alb*_{oJk8*POq2$slg-=`=rok-r)wbd={Wh5{mUJg)cA
zR@4>XVq_c6rmEFX7hm^~=aP-4iYz@s*My6mJS3ETq2g_$Gxyk3c2kR4sQACBy~-ir
zEL?oyHDB-Ep1+}#7cN%ykUNE19Z_uQAxB7aDP1*DoJEU^+H$!XT&%dI0(lP*ar3VO
zb&qhdV%*<7FL^@S%`Qr3v0|b@p49&EI|^C6xWOP>eLa=^6tYAy#ULXV(D|Z5mMq>d
zh@1(WrHY}igYxPI`CPG-L5|k<9FEjnpD*_Ekg;;{g4))%*AwH#*&c!#JX$6EVsWX5
z1RGnXxX~cg#+QowJOn!YzEWPkh<(wOiodi`b`K}4RJ_#&`Nj&mnp!M)maFX}yq;Yj
z-Yn*R!&`!1|JZh<uALS;1LAAvEaf$_80R5Vhn%oE_C{AL&ITkIaSAMIwc>We*-I_X
z_57<9kG0YHvC>(scrT)}W-<4hj{DRWoi&R!0U1I%YZlvh2+Dr<a=N}+jPsD^l7Fm|
z%ImA?s%vp&8_p%lYu)0p2xt9b)_?f=^5wc#aW*KL9unwmQtay?W91<ASKTXNn--TK
zmn@>a*7~dK$>BoYa&*SZ2!m`<-0va5!nZ2^R)OSi2k!3X?^eaGZIBPv(>2dx3LrAa
z*HXDdCHzJ)>K&g;R?&0jzf;Jz#lZ$y`?SPEwksyIK^|0`?Te+~MK1RmiOaQPv7SLz
z`Ym#Ov)I)j4?HIxXQyJEL0sFJs=0P9&hrqw?zPKT9YhPRf4B86wvDzXh3wLT%x;j~
zit9kf>)GM#Ufk^=x24SW?PAUMorJfg%(bWGLc4Ie_Ac)K065I`-C}sIRnnGgzY4Dd
zij(?)!(0azXAdpsI;ePYUI)Rb=X#PuiZ?vucKO<p`WnBkm>p8A_$h}Ie6~aS$+f1(
zY0q_X7r7=@a(!#Q&b&r@oOWJ!bdl@+O0Lh$-<j9a9;cnxyIth!8|Emt=i1Ce2G-$D
zm0X|ybY}^h9;cnxF<s=EP|3C90-bs7<#F11-PlF0dn>s<wP0sni+P-OUi)>CYg{GQ
zAG*l(R3+EvhIf{*>2ca6Jf@3W6Dqm>+(oW8D!EqtOlJw#^f>Jjp4>&QiIrS0caiJ8
zO0IPm>MY@w9;aQxpLCJy%1W-cyU3L<?Br?ZwULJm+$u*^a$V3xuFEUA-smEijEE&%
z-$MqLaGOf5iCyHnq>}5ME^_sKHkNQb4;fg(Ei1Wx(nYQ-E4kjT<jNOu^1$D4k1!ol
z>;*{Q`T81(^Y9NXj&8$oUwc2am}oeBw`WXotwG%0sLM5`_<dV0H!_YXUIs*-Qs4M_
z^$Nxmb1mw*dx*msTQmXj-`1I+WB1r%JA;hZImj!TYix0}L5|uFKIGxW<pw!fA@04V
z!wXr=Q|`NO6y}vj6pI<;VTCxHBZ|?0$X&X^>3rF7#U6`8o}1s)`|-+ad@;^L!uR9G
z7cT?H`y_9BoTZisrI5pQKczUb4dN&tU0h<2)rRX#RB?_eHeAx>8Y>Uz8d|orzC%^W
zQlRs9mC!*>EY<_W^O{q0eZM%!LxP8YT5+5~=;5DUOf(4BMJE*5=Nx5tL?e{Wgko+F
zd2R@A-kn)2YY@?wlXZzh&MejjB-!+Bk*zn<n+wIJZFH7YI%gFJc}S4woZ>ixP@Z#(
z9~p%5oL@ZTA+Wktl+O7@&*z<lfzHp0c??227Z!^dgmivhT;m}q*9J=G=f&?mB$VsY
z;st}ST$dK|1;^{TR=F-M?)Q*D=d$7@;I#B}d66&ea}6P#%Zp)vwCG%39R0<h=Pgy9
zNk!i>0kW4ut}BiQr0>Baaa!!A;!1<;ukQe#yrG^~FYYzS4K2vCfXEpa=nkIJxvBW#
za)I*c3c0md50F0Izqq~Fw+-h<igSB$;qtx|$wO*~$8Dx3w2RAEbP&|VWX1Vi@sfvx
zy12i1&mgRe2a4HOa=Gpl*2R=!xQC3D(eq&~Zc1_cDh}slIqi8pou!ng6jwevheDv|
zrPU>Wq<G2Wg!SG>i&>j47jS;Bxt=JN@{q9qHMO|FAlxgNTC7;OTw~=<)t{R)K3jZt
zq=TSbj@Prr(jF3I{&TT%8;*QJ*ZqpMBb*nCEj=X2{6cYqhm4hXZUL_siw(c*cm)Yx
zEUq;OC48~ibX8w2`O}?PvwF$qJ9jpoI$zglwWKc<<2_Dz1NoKWMC9^4z|)HJN^!Y|
z94X7{Jg&Kht^^i$d&r$aI<FN=tp<7K{fo$nn`>WIZ0#W^#g<#?ncHFy!(pyBi<3NL
ztStUx-Pu=OZxxrU;pmK&c@*-FLf$FHtqI8OTj=?5U8{VzxZgwW6!Q9KG3!@+NxjU;
z5qie87~vsz_PH~Y%jqiC2Sw9EP&@9#%Lm0a9`aoBfW9R5wH>wB9Ql|*__azI`9@nV
z_nwuEoO><DE96Q>p5`HUCd`$Lyu@%8oKx5QRGwtysI^gwKj=-tz1P;>b|m(@A&(o0
z8Y6$;aiFm|HCJQgy&e+UMeoR^)^T*gT2tT1mkh#oG0Vt!hB(W}71wpSf*&=@$csEA
z_yGOoy0(&Q@vk~M1Ls=N<CJ)Hk?Yz@uEoFB1uu_N;?+g2Yb&`HU#|;Z9;d{si(J=M
zaxJ=kXI{&CoOWJkb&>1BO0L;A=*(-F$7$zvOc%K(RC4uvy)&=5Jx)8XgSyCdbS2l{
zy2$ljCD(2nc9w9o$7z@F$u4reRLQl;MxA+$@;L3h?(QPj{gqs+ZQPmHh90M#*Nt7|
zy0?;R*-bk0TGivU^SZQ)TsKs5ExKvU>q{Pj9@2gPVwRC>dPvxPo3+yW%{p>dj}zpX
zb>!m_<^FQLRLQl&W@UN$%e9xsY3KFlE^@t5$+g?&oq3J+IPJV%?jqNFm0Wvo(V5p6
zkJHZU%`S4~TRO_^xeoM@FoN`_!=o#?-tQvUtXsvr#(K!WyiTg*YHZzE8*_V{_HrH5
zMXm{zT(f<nGp}JDr=8cyUF4cr$+hS<op~+maoTy^*hQ{;E4en=wll9$9;cnxi(TY;
zyOQgT?K<<4?Hx`#ucJI<VB0vYl574^op~+haoTx}*r9W-r9Do2u4}r;b$cb(%{zAH
zb+5;1=e5Z<JLekZaoTfjvs33>yLz1VTz~5#*L#&*N9^30*GV3yo!2M-uXC;u9;ZFm
zkGjZpNhQ~3cj?S)S&!4sYf=}vZm#4icJ0h-J&)7Q>*_9Y-CoJH+HReBZRl~@dEMPb
zuKO#wHvCp+UfXz_c3xAu$n|U`*ZRA6!OP>c^ZHX4xt^-zT5pfeytec>?YwU5BG>OL
zxz_!57rZ=9JFi>1$o2b5uC>3@nb)Qsr=8bLUF5pAlItsbcEQWzwDbC77rCCQ<l1hp
z&b;>UIPJXtQppw1@n;?R503*6c0Qfs&pNViZ^!Go<h!G>wmjR&&l<$7TDz5j*+wo4
z$dK!|!%FFFBi)&r({FYwy{W9K=L-6ZKcF{ET>A6dy7WxO>FP;;crl&7C&2sWb}rOg
zga;%4du}OBayjPHE^Nq=dS0^|dNKX!jbFGX<a%4*?sMh3O-}|nIS|+Ta3{6LJL_qI
zBcP`{4s~HBPwFbAqxX`o&;2{fcm6uy!|)D0HRSltsb>sbIIsS@dKiBt;<M?gSO?#2
z2gLW+8!#??C4C{=$$!c?4YZza-?NOjfSx#Uczdk?c&fi09ft4eX)YH(L*I014_|)-
zaq^4l)a6@P-w1JZ))<cb3|BY?e3;Jgy`jLn^;_kT<z;x0-d%Qdcd&Y1&C^R|^oEXZ
zCcm5jzK?pl)pcs4_e=fig3HH{aE2@EI-pC3JbH@7>LHGwt0zVs-bg*I*dDSR)F0*h
z`8B{hNMCky_>cH@q_>HDJJR=%o>H*Z!W3P{cIj6?fsl0Ka*#jE!I0&ML#8u~(@Br@
z63a`wqdcq!=0m7oZSwY&$?|3|2fL3{XnDww<zPO_!;p9kH}U-s>m!8kzXrN!pIT4L
zpx)HM_x$EN0^txJSL@cVu{k-m{J_%PcA@G!j$i-2gJ*KfagJUtJLy`j>*pSM+QD^i
z&e|W_1MQh1+J)X0Hv7IrPdU4MpvN#Zy1JKj8sxs^TP{px4?V%=__N=kULG(zzE5v+
zIeOGT`7*4tx7aQ>x*2k@94r^<Fr@rzFADtcS--&cfcnYgaD5}f$yEpMRDQ}qz6`&y
zfTOG5qMzS|nLKt5`1B9YWtCz5r(dxE^t}JwNN2g~<egFQPUZfE+fUH)&E@Sh)H~~=
zPA_$Kc9?!Y$JGPF6|MiBQRV5D4(&6>C%lth>e>VQpXdLEdVJIR0ffO1dQo3TaC#s<
z`|)nW&!x!EkmKXkm-i26`U!et)$t|&I)0R^6JA~Z>4lU3a@RR~NoAD2BI4v`$a1is
z23)_=?#I2%+PS`WcRKXJ`e6LSE*IsmtAF?rVO+RoCnskrk9-gHvzMM2apgT&&o#Sn
zk@0}XapEzZA^SVpGs6$OpRIS-BE5bz<9ZLmmxEy{>*>jQ*AH)d81(k<PJiC~<T78%
z7l%6UF?{O(W<3|}>bq0??|QPmy<LEx-hJ4#z1-6uf6Mz9I^VGVihQOQj{IqhF3ZdI
zJ=pkH^&V5Z-lmlf_)`D+CZg2`=38kizLcJEa{9mQ5XU!b`AggDO)dv#|Ae@n8TWAY
ztF3)=oIlw6E2(_&jAnD~J&HfPF6uMZ$87HapZ&{t{dT6y&;E@e;q#q}bjlTnlxx!S
zj&7J&)W!Ec4D^^j*5d5<KtGiS^_^HJ*Cl^PIhKAMA^D%`4pnJ-xA1@J4J0QY>_3yw
zc)oe7z2E#-P1f|st)F8Y^_bZ@K`syK`47jJ>36;8^66LB^xmq=f0qw4`JE4|crW;I
zR^{;X(a_&;JUZ3eMHsIDSNrku>HP_JmP7e)9>2Su(R1-}w`!nr++^jLX!vaJ=+`nC
zb2a2Y*Y|h&y2RHJC*I1w|I38wb#Ufm_=uh^bo|%QyI)S8J-+F}Ourz7dMd-KcrQGu
z=sGW1!{aw(C7-`X<~+GQf5^AH(H~k$PX+dx$+tEs%R@OYJPZ2zsg;xZCY<%a_!6&y
z4&r+1>S-rus6V#z7=IJ1rysiGQ>up*c5`%cdDpMQG~^ynr$-+4@m?W)+CSo%#QX<K
z7xemC^vS0j>O1ykcYv#oR&FnMRj=jzwAWOI`*xLCf0tW-)-b*G*m_>C^=Ez7u7=1F
zmpXnQlaXUwIE(!JAXiWN?Md&KrLwgjuQOTC`*XSBH(KS|O5f~q_43{m8mPXJFBj;m
zA*hEQtA}3Gf1lAA(xOwRU({FN*R*xXNAygX<2%~hZ6-tKb#mmg*(aU+4f%tux1pWt
zxm5F`8J7EzOxD;1<(|*z(jWQzFC1O{@{|wRzT$W$zr6%_^rPwD#{Lb~lTw+@k4Jh_
z*4BgeyA^umded4a568tDF9Usq>2&j}laKsZ9<CQ4415`<Ju;5|hwEX~S5-eOcby!A
z)f43%qAT96z7Pg^8K=CAQ{HmCUf#NTs*|^_e6gO{4<HP3vp+!pnzs5^%8fAKGtU0M
z91rDUzsz*@_c0%iLmW2?Ykv<e2R(Ni{(W1ApGsYR+QVS=TZccR>46XX+t8noPhI`j
z$yWy_J=#Yd9{aJnbmphO$@Pp8XQLlE`qlnI^=I@xziU58r{5OGbv*EXOz`7~e{P8`
z>FKy&aM}~vTj(e5i2SCw-(>qF-n5n*>o5AXD(@$R^&IMx^ZZ|rf*u$@U||=}gmC)J
zN10#8eTFTjK(9={@DRl5HxrLxdEOc3!}K$|OV?Y!`eu=<H_rE{KhVjebmB4WK0p1m
z?)aoOKgwh+^LLq#@*+&-R=<Ct{+i#v$Ys9~S{xn6uU+1SK~BuK0=<b(xpJrS=rSlj
z$068DCa<nghTrVt^#5~tbBL?gMhmZw9`FWFue<sS<tx`)fKy-8Um5Q|SHF~tdZ&JA
zcd>rE#p|w|aeImN5bU~JzTM)*^~(Nju<+OY{+8ZX$zZ2LZQhObn^bOp1NM*o_^{rH
z`A{NT`1ws3kJvu1|0C$JU*q~I_w^a)J~ig$VVya~i{s2sIOgwZYyQCbd`zG4av0Vx
zuGkL!?u?>GKGYZEb#k#>3}ZaPx$eU_L%_K%#4wbP>8v;A8<<ahz0~Dny~On&<8OZi
z^v!+ecPGJa7@|Gs_egB~eq=s}pUQXMad??<9}N34`W*wKcbw6Q_iO0ibPF${{c`RP
z5{~l;sVu)2$}xP3YcGsvGM`@`)0dP-J9!C@;{opxo9{7X`5BJU*W=xIH2!(e`}Dm1
z#WOk9^iamrb=kLFzFe|l$anbKF0QZsyT?Z~1bv>%$Yhlq>2>hc{5onX-}L!)-_+=>
z{WIjdZ!+l8--tu*Ghm-r=cWD}NG8|#{q9_D@gdJe)TKA%32z@g@|fAlJsHY3`4b4Q
zc?0syHWcy4^fgIW-Y3=oeCniu%YU7fC-!G)=NDXH^z9rA_v_=3_8NyV-B0LyT~0pQ
zE5o1JzWOh{KcjxF4|DnQswhw4*B=rg-isbT6TtQSjQK&xuk#_pXL!Ju9Gz5O8v;G@
z-D0H0?Oej4Uq+mI=J^JMsl2lq^g%zAan?8C<O?||Pu7w%)(htkl>fCS9G^_i_v<FP
z+;KGI`tef=R{eor+R_j6{lu?V=^H@Ne(OAbU!L$(5ZCiJre}^*;F}uXti_l7pvS<U
z<y`9*?Q$`l_O0i=z6$vlI@y(r`UrSSjzIb;woWw3)}2TAxZaiZ@l+V+I6=Haf9~k!
z^0;3wYP8N>)Zu}TzANnYk_yf#WtK0OC2SuB_Mk5yn_i*c)bz%6cU`yl{)V2vOHhvI
zyd0_AIG2lOf_>M#WtU86zwl2lM=sPO;`-LG*J~!Hodx~!JXOr^8RN(LfV}z^o#}BG
z-+$+_*kssmoc<Yq{vek{EuHmEdQ-mV%Ax1=?3}_XR$k~M6UeJCr<LHkUu*G6rk8c+
z2c4t1{_o?u4`AUl_q%fHJksKS_UC9qye@rTn-4Pm9j|x2vupW3<M);IyFy04cOldh
z(=YSuwfe=Lq2Paoo%f34z)R)ZwyzSWA3Z1XzvJm-GS>nwp3AL9kNhbQ`7_RR%ENTV
z$^S<?Kz`&)h4K5xpnW~*!%*Hjea>a_KIY|9JGJ%GIymK<fBCZhNI%Z^Enokk9yZ+)
z_D4Dk+qlJYGQExt^AQhWDF1KlydlqnFho9mXFdi0GiOCeJ7m3~zI0v2^wMn{=N5uL
zIiKZ!#_D~%#b32J>yviK{Z00-9G|)k_p|v8&vz8wkJR!mih8>FK9rZ|?_#=-So>UN
zF5od-@ORFB)&Kk(;5~jE)$b7HpnIi-!;DW%m+|lW{VClC_4|#wpJ@IX<|Pf8&-ed5
za<%vGdWGi+=X@Oe8NR14!#R1rHyq(j)(+z^?qAt&a-2l}m&xazLb=LtT|e{VBKv(^
zpD=kbZZxc4?U7H9gB*4Iz&917>(?{AeFlGTY46A6a?%NoPQ&{99=X{365@|v1AIR3
z{l2tyo|b$$PN3h;ZCq;z==T`?UK`i?WErowAuT@0ALPQgn9EAOA8E)}k8=EjT(N#I
z&g4S<oMQfGJdRO5)<>uGm=EaZ@|w*9n9lN}UUQSTp%T0L?XhxH>oulByP*7}Pk8_K
zlC|uhj9=w<(#HMSTPFR(tNCy6^P60rUj+70=9g9ULb>b8L;HmuSpQYNb$Wsvxj?Rv
zkM;44_xp15pF+DqJ@#6=($_}3f0LS@L%%-wXA^w8iT$%i%b%hjcV54EL9UiQ%&+8p
z0(uPd4*ESzXL-JD?G^kQt@cB_I3MGqe7@lK#&Omo@nd>y=YZ=vt@jH<JBM67*1mhK
zefPEGJ9jr{FR8wz47>U24$cl!J5QIj;K%uU8dW&g*?Df6^V)rSK`)MT9<=0v;B)W1
zF3jYBO&xwNFX>w!uD>I_8HG3TLbR{=JUP!}^PUFR9dN!l6`a%6b#i|mJQtL!A;%w&
z^5Oh<XS`?pc+we<=g#Bv`#dNAj?M4mbMn($j)BXo=YDKmgCXmeet%ua^Olc|Mt$c#
z%w&qqm!WT6$9!6=UHjzId_C!T@gC@Rd?}t8o}P=a^LBCm-OS(V6k@#5`!^;0R31JZ
zd;w2oX@71^=fi%ytK$E3DC}yxJyAZCBb;~Rx*O~}lP~Pz=;v0BhLxkIbxu?K`S@_2
z9Q0V;Mhg#m)Yo*pKJ~ng>2v*mLXQYjx!3f{_JsDP=Qz%T+>Aq?Sqo16AWY5fIWG@!
zw&!w~3fgU`FWkcj`+vZ%$D5?{E_WvT9Mf;SZozdC?gt{&?}Xiqa!p+e^*F5|=L56q
z3+zsgoklu&GFi~Zhp+7F=<9i+kGU|E)8V`RYt@6mAN7a)p`X)zgej1-TfNP466hhM
z-m2?m^sDRiRR?GLMZJZ4AR8V4ITL>mCKbks|4V-kj`;dcweQzMoa^EH7#-sCUPFwJ
zxUQqvJuj{^BMk5tZ2ri5YYcxi$?0ET-uLSsiNx{8Ej|AQ$`!|Xui;Vi-^+T}m;Y<v
zI3K6uxSiJ^{W^UEPxqJn`o4ar$=gjTyQHY+I8MDVoqA))`sg+e`ds&8sOxBUUZGCz
zI(Vo0e8ks>_M=v>*WHMELKy0`j()6<Sbr?{19mTLPv0(SkEt+TPS^f!L#OY&b<PxY
zh+j=-e)OlAa6D$d7`~{!*XQ~P_J71<9APTIvUBNiob`l#1n#F~<{zn_=l!OJ`AzE2
zT6?5EI)z`d{Tq%?@V|oIVmR?R&K<A>>@|jCJW=^9oq9k%eNEr=LOLAJsUO0bKZeKj
z!Jl*~f9QvxmvEnC$7^7JJeNcNkmF%IKCWf>O#hADM`ip{yLU=C0iS-qcE1`q>95ir
z_dCngL)N-){DJm?&hFOKH{xA?_^A2YJm*rji-5=UeJ$UcFQK1|;Y?qDDWq@e?+@x1
z?<|gUM|y5^CCI_^6Flcx*UszUwClK^K{*qN;p`6?vb>CQT@7K{x_@8Ce@4OU_;UY~
z`-Pkb&_DRqQK(14&pz74)7E}OIiAVtw%-}Ui{Y+5^4j!1O9x(~g*V3NaUKJISnoU9
z`qT3JqMk8+(qGO6^z?fXHR;ITX!VbrPsQ|EzoYg8AIxjB)_q>YgMaz%DB$gPr3-a`
zQ2jTjuQ*>^uiW3{emq0=6MwLKym37}cZZT!J_u9UU;*@tJ1NY;8J=kHI(=|l=s&$)
zkIY9qVi?O!d*VL!M)N^F-lJywn9q-+`ckKzE8saB)&u=x+9T=SWAkj>_f1>(eJRfu
zSB75Zv~U@(&s5%SIyo}=-YSrXek{&Gq_U&!vvIuvVR$cq{Zkzr>y`A^^*q8D$A|Ii
zI1l;4xSja%S--ZZ-&%2UQs42tBg)<9_m_fy&hw8vk3#<Q9SV9VzkavT?k7;6v-@=Q
zE5`tDZXeh4dcMEc?+SHDr##57UyiYSl!qbt0WZjn^6IP7zTBx?^+zqf+B4(OLskQ?
z$D>>f@ji*JGg$j#IOS>ZW7w{5Hy_(|f2SAyYK+%UV*NPZJK_0Z_V2vkM110Df93bp
za~W#$Hl8C#f53dXY+&adP+zG$yCV3{zL^VCc|iZ2JUmxUxyt&_TK6yr=ld)>e+~A}
zaw0vmddp2e4FO({Ojs5CVtmlc4X@F{BR~2JWjx-y(thl6$U(cOy|Z4*bizGA-V>r7
zGo-$l&iwzf_Y(-mx%bc?^bZgGZn1ed^>nw7hxWnz-}U`UDo0rV@`~+Wv0quu-?!nt
z#7r7?uZs2=heK_DiS*-i!t26+Y=Hg;{Z=O5G=FR2f`GGK?YJQ77w|*|PS>}cmq5LN
zZ`#_|gnoiuZr<zgf?dOY8p3nzXm7lKr{}dyKHgJgI_7hk-T%nt>EV!<>F^VEUD~gE
zC4xBbp|c%!3R7z@D#wZ_AIrmghOB?yHvwF~rRVK9^q;W%yw(1?O~2mHS2MeJT+KhH
z?>F>5-l0xDJ<l=5>7gO#_<LQUeDHtk<%!c#o?Korz1F2eFO3d(`u!%`Z!PO9Z|OBo
zkM$L&_xk!^duzztKHg*c?X9KzpDq{eq^>+j*ZpU+w;1ogQ-0QO9J2io9_%mH1L9f5
zjtGZ7>g|#K1@1$U5A8pdWj03t5bKlq2#@6|+iNHX<%-(};RDMX=zxA459997%x|K6
zl&8-Af!`~iitGpdtnOp_{vo&iwqfIY=XTSnJu)5bkoP!yYVCMh@uA;pe?z_VTs-wf
zIO`)$r#=A>{VVe`o%#k|efh`_c9`2e*-*bsr#!%GRPe~ROow~}J>pTmGQIkGr5v$7
zI>9M-oR4zMC_R!M%k}TlJIl{<mi1ZH`-fFOarw(~)YmKXb?P^e-e~m`$d}5Ce!Q>F
z6HpJCrL&#Xk5g>l&}UU|tXJTDbjI)h)pB*JC#2WcH`43JXQrcFRr_z+ZJiwD{INZS
zIP=q<QD0Siu7k(<Y4>IR4SC4c3*djJ^41EN*Wg`+T;BKb;D5w)<2d=yzUs!&a=8M1
z<YPPzga1>PzkmKQow_*JcQRqWLq7e}Z5UoprT<~QOe>x8`bQ?<-+7)ud3X2zmY$Qg
z`9)nnNjb}QLHz`M{HN0E^apretM?gWm(})GN4J0dP>)G#zRdb5>z#P9z5~2FzSG~H
z>+Br-gCATj2jyfqquXiFOPxJHpSjJSXSU0-eTDUja=p>M2cKS74<D6w8MmjhzJeXs
z!Q=dFH-J;0)88KJ_{8=OyiV<t?TF=z!x`OftMsYQI{S&s1-zN#YuT=-SJr2JJFe67
zN2Q&jzv_PcWIK%QXyEoi{RO=amQGzeE!W%h_XmTO3wmI=7|!T+9_+Br-s1ZBZ*A9c
zJwooPeGrcMO?4e%Mvb%NQ?{c}kDb!%>f@u*{=2P@X=@kNdL1mCSU%=2*Vpv7`#L_T
z|KRrmZ>Ar>dWiKC_dC-&&yMS*+#aj#bY_3y_OI&fv)UeG{jy#Gr=LwdhcM0;$5BrK
zpMFOFVg2|P_pkr$eEzfw_7C^ERjWbI*}U%GVM%50?Qt&Pj4crok8$EN&V3WU0~5y|
z_wNAc{am|;{+;t3ztr~sGdcLjF3$bCM3|2EjzT)$9RmH-&LbppygxS?-qXT9R~<Z;
z75?G)h4T!2SBd8wI`JQDdeh2B`9E*vU&x1<4D+GBOX2bKKCut=o}mvDiS<{GXL7ck
zQztyJ`vKJV&9kLi-c-)}j0-b4aaI?GcY6l5bGD0M_vf7myD0lL-Qs1^fBwwsF>j?0
zds@X*Ie)e@<mWlba$MhYwD)sZe;3>PGYDh5$mL?Y?*=-F42-YuUEf`95C5`v%deXa
z^6|dl;*;C;l1Pk)^kDZqAJjiQm%VOr^cr&6%b-g<yzd;&&%|{4Pj48#o)$gow_N|7
z>bY7^)H}|zv7K{Yp63wt=9hn;A(P+u_Zf0I-oKOBIlYs7v7YC)?=(;z_9Hki5c-*c
z)2sR-e*fiYSbx^jI`=g={9db{zE=HAZ~hrozqGG`L!M9JIgfB&6!jP21NR$=92=e6
zW&5L@u^rGZ7^mG6KBMF%olbIdyyy6UaV=|oAK)`{yZ$1T>lZ}7K{@NfI{X;UahQ7Q
zWH;nTJhqP*j`1V3W1fqpJ_ZiEw+GSzfA&A|cv5c{>nx4_5n;?Xj3;&J@E;njaR=`g
z=ywti!Z^9o7>qyr`1{NHJu~wk7{>Y^V&}S9E{41h!8pS@xj0VNrN?rUFa4Rie1oMs
zu$+m^C_dCX`7xy4XrFaq**-HFd!K7(xg6`mM80*oi|aiHi{F2li_bXuX%7r3Kl`)(
z^)%!7gFgG+5VGIg#Gj{4WU~232xI?9$76r~J`sF3NAJ^af_A|3=ldBQwpY%>a4tEQ
zEBrms(0-YY{*m)EeTT=NWA16;qyI|fHh(WXd<P`v6VKygI)lY0-;e*J-G57MpPl1Y
zSXbfs>rQ-7Ue0fOTj#dpe9QQ8A(t)v`HF_z@5hH8+0MtS`M!Fav)fF*<UW+E_WiDZ
z|BU*q-V?+*(OiD<w8O8a^IUy=zmV{_UG><xY|O(Na-y9Jp&l`=WUcw$VBs8>IDe_j
zALGUHV;&gpd63?;;=SeXF?6O!eM7!ROAmE?U*5>IuZG=6>8ZshUDRV|e3l<}UB!>>
zFm6{T_<HVXeUB&BH}6FN9_l;BBcDS(y>L&0^}+N`{lxqJy|8Zk72?HVXxIJsM=?I*
zgU#0ozenD9quk$=<K!FWN7PsBZ*aU}KOe^d58tVp-uSiVZ^id?&>tkxd|bc7VD-lF
zkLwk&9JBiVDV2XsML!j%gTB5mYyDW9KD}|AM-BJ&;_}h2f*l5ZzO}BaM}0qY3)E*F
z9^sHP=!tw0rt(?8UK7@*z)#=1@qT44Sl_8j=lA4z->7q(>nUaV^c@NBFL8Y(xA|>D
zUjLr!uL6JG*Wo%0_139A$d7ixcM}OmsOJ#9ezVs1>@dF%^4(_R;8;Iy>btc5UC<sm
z!>=>+w)!vH4f-3lFU~i*UzcKk6|e6%ZJxmMb_1^m2mYKl*3pgOb#%!;rq?Nse!RNg
zKCR^=KZa#}2fvj5aU90|8^-@SKe-M*_<3I}$BeQU+Bft-fAYUy?%3{FpR}|8-|hVW
zce|cxA8s71o)2d`nQ0$RKVf{OUS{?m@SkSd$4vVesQ+MlVK~!XX4=a@_A=8xX4=O<
z_Q8IH;f%5u(i!g8rBivRM~8j&iyrY|E|1RP;thGvhdt8g=jZ&Mb0W+Kyv*?Qy)%#3
zXwCci4hr89!uMtKRyyf$ADG{npE>_RyC~Ot)h|Om2KaybIs@&FVLX42<Ns^x3UPh0
zerNjE&fdd45$c6@!Z5avI6l)}`s+6azivtW(=HjO{dS7aT%W|gLTsNiYJHOR5U=+V
zUap@RSN~<Y;aw&2?Y7>DAJb!b;&H4TXL&w4>(VSQ%g1uFef_)EWyz2H5vHy8ktiqA
z>*D45NTvUJXFb*XCuM!`oJq)6=0kX=dXLYO5x)*jx|FjT=Xs#I@nuG}>yN76`|p;U
zc3HNcL}=gttL>@W9%!%C_3W}<X11$;w|#z8`-7S7s=OXm*WNHb&TLmR+m*8yy%*!}
zvxW2MAC}+$@7DLs{-D44^vrRW_Yq?IKs)Gkj_1Gs9L>yj=Ioy9aUb6NFdkpyc_;nY
z7?1Fo<1p5l{@wOE)4v^fT<B!SoTm~G;mmf1@g$tLq#sotXa4_LpDC9+ocE>u{Qt7f
z!FCesW9GPkeu(4YO#ch_I?DY>=lNM|SG2d8?abL%SYO<6^|HM|Pczp+X8K>wE~dSm
zvHkHrA^Nj$e;0Pfd%0o!?-u`my&Y4390xcq&TOyfzh;h$(>5;7sCiy&pZ}@xm2$-V
z8IRNJ;{ES;hjl^H>$cw^K11+jKga#+`mk<a`lC87QSa=}sF!Z_S=L|moJveL=Ewe%
z@R&d2ae7_+!?G93NqHED9RL0HQ}=#M-McUNUTfNV&j;_Gg!o}Ms~e*0mRvXZyuJIw
z__T(ozwmv~_`9*VU(Nf?`YxltZ=DM7S>t;wiCpT>SEq8!>`u<CbuXLurcdzuNSU1C
zzv~k2Z{vN2p4RudNFVpTd9R!6>WTbuZ|H#`@xe#G%Wm)J5YBgE&|f6-*)L+eK>n=t
zzFGOceE5DW-)V#Vyl)=lt-DuVmY@0x`s00e+^5gw(u3T1-jGxLdt*KFiofs9^7Ea(
z#PpsD_5S9AD9`5}a$zF)PIvfTHt#FXW$y;cIl$-rc79)(A-?;W+IK%QdDY%i0Xz|=
z-|XR;#QDnb+~_nSI(n|k@_)&{!;u(X+QOr}q|Y#xf7;|qg!E&2<in8V9WomJ)_+PL
zv79@Y-WbMum{xiF&ll<oda0||diwy~P`?A~wKKn0KL&drtX^n$as9^dI{To$8Fr`l
zxIA@ws?%#V|0zE}JAT-|M^Sx8iSO-no4)+!&?ox^hHt)x{uW^>BhCh19Xzg&3s!=h
z)GymR=`&npylY>I8}(0d{);`mywy(}bt>qOws*eb{H!O2-PKoJ{RH?&rJYc}<@Oi%
z+o4>nC$^7rzC`X>9r`BS*baE#3FBoVhx{J)L;P6(<i~fCV}3Dx+FvY39bJ~=rB67y
z6JZ$J$-w!m?J~D_T_@T5yX*PynFYOmVQ$#-rE8S+1wPgGTn8`fBa^NB9WMhM-xp71
zqP6E(e|*0%hEuOUf7;boDhF(e@$RMnLphdP7W!NAK$M4ZgsJTLrT)^h7M%E?pGbG1
ze%IaJN3QFS2U~COcT?f_&dYIqU&y}e%XEZ%moR*vzMPM6(hYP@9uEB>tftrTDf7*Q
zbm*`DXZf=n_2sTB*MC}m>UDqfKcUxLZt?N(ZXxm5uKCX5jFz8v@h6jKq;KE3*=Iw3
z>)}buUdwV3PWudYLOkRrJQwh32>2xO&{43@Yi(Y)<N>Z7XR`V}XwPe$hV)ZrN4uYT
zwd)@eIs4NNo(kZJAb%o99FKe}9|gRz3nTvhC)@KS^88hZFT4ThKWhET<;x)c-4l?H
z^m@OKIN$Tyd`A~g<;JC482a768ohCEIQpq9_$kn1KS4RqUI6rN{&+b(*&FfA=R&x|
zg1|#R%yBZ2znl#CsBgM3mC4>O$^`vtF7wRaUwR_c=ig^>^i$b?dGMiJEcZ9ILjJ{a
zljlvuXITL8<*gnlAM<1Wr|;|gd3Yl1uK~~G9~*$q?S0_C!Z9w?_r@Z8q-TQkyp@mh
z%Q9VkhuG5z{1|6QzR;7t`)Yn<93F5c<a%&h$Qj44-2vr4*uDob-rhm(|2@k@Fiz_`
zyWT&{B=$4tA25FzPut<8kb`*SOMLbZ^tXwRxb~BlANb)tKgRo~lbF1z%r+MMY4_}Z
zI_2kj(Eh&NCUWO@p*OBe#rB*f&^y{oCP%yvzQlul={nE>ptI>5E<Kfv<}2gXr4xV5
zKFCkHF+S7Z8w&a#-?xk(%R#%}+TI0z_gv&d{!G^L{aSANY_#e>#`{AJ9{diK!Ou%F
zLB3p8_3Jf>#nV=te#*vvK9kDFeLt58>MJ+@BFJ&wjjBe~BkUy+#(_^iB5$R~ax>q{
z*3a^t0qSMceyAUY)HlN5hmsEJCCt<L&cShaIXN>q$%p!Vkc~jMfBVg4${eV-{?ijV
z*!QbxYrU$|IK+B?%lnyOd>R<eaY^58w0u+Sz0f${^ujq_l5QL){}|3VLyiv^zx2Ip
zKaN#H@_`<+mL56&O)s7P>F09OzNmNh=MVeu=_GRX<$#ypXAbXuvOoH(&!5U0>j58p
zbX|Ko?UeapuVEbGe2@JN%f)s8zeB&zv!%1wRPNjzcKh;YoP4Q#@o^Vst?{Z1PlWNC
zPAcaEJ*LN@?%Rwj<Nv$kr_jIha-_2Cn_5iu>n42_<z_#|cwK)){Xu@M*K0usdee7k
zH$^>9^88YP|DxXs^8RDq(ktvZk@d~5f!|2KDv?)gJm5H7j#vBFJ^gs!BNuE2{;1c~
z{M1ZN_usS0<tv_UA}ibY!EyFm$06Ulw<EmF();hvI`?;FKPNRmQSH8i|JaEi<kxqN
z{km9nykPxZcNNM(`=^~#kF-C;6M4q^?@9hWaP5D5|CyS7RQ1jAqr9$=SUGil!2B=P
z$Du}-;hgrpB8Idp*2j+@bMjAX`(*n|h5kL;?PaT#+ac#8NDukwXEPu5RgUXB`0GQ@
zWq6>|e?F!s*5A~x=XM%bKk5Cl&>yp3jKc-}cMZ7j66Q7ZyY{p3e({aVcEf&@{pZTF
zB7Mad(eByaCwu{LhG!by`=gw`Q)${fEv9$3_YYG!(dIdEI`+L%;rF-Bw0?{s_q!Or
z|Ado6@t=e|<#;B0ABOs$!_PZ7KTCyij=xXciu@Q?Q(>Ix$NwIDpqI?{v*>@+_b&_n
z4to2O|Bji?7w!U|zgT-^eUL8O8R776Guhs^uUsy({+8+NchGO9_Wg`7o^gH_>lyVG
z^xP?ZNt<89ct7;(8L6=TIqzmWyz*RE{_w6g){S$yel+wF(}SOz%G=&w$YlK2UH$2I
z^!$9jVfEG{8~OU|m0^CI(eKOod2iZU|K+)om_FC7;m@S<O`F#;zT}IpelqjZ6T$qH
zq3+8*4Y_G2NY5(pZ{GttNY7j87#D-Tx5#a<2hwAl>j1RB<@bUePwP56{Ij(6U64P{
z;`pXEf2JL$@>@S1X7WoP=H^#7B=(;N#_N$QUx1!Ita;nJ(L9jthVzWr4mmEya*zFv
z(`!Ta^kI*cH<1rZ?z-`Q=Ve@d1U+M)C6&wkd4X^q=EIVU`ia*E0oU*I91A<0-gUq2
z_JrMW{71hR&La@c@Nn<9C&K;?`U~rej5DO4&UVj`en#E8;vU{l3*#m8q5W~4F_Sr#
zLOYDt74tu$Tv#{DgzKDj`KedhDaTv(n_Qoy9Q03!$9`Z@8{c*~AMNc5Kdz>-iOt&>
z-^S)|h$q63cueQ|FGIq2%295vL&Wnyj5A@r&wZ-j%!7R8co;wH;4I$`Cm}z}&2wth
zOL?6#tbY<-x6aA*c)gS3CHEg6xde7k{80xxc{1B4)%PGRo&Fc|Gfw?uJ(zkA>%y!D
zhQ#B#G3$XL{Vj%_>V<fqm&zk+LZ3V*#q)Md=XXjOKfu=OiT}=O&<E3T?kbZC{FBfV
z;dS;gJhBha%>;1n%O*lQfqpVuR}bm56Us?@iQ|Nq*XMP-vvp6xsW+Z)qrJuUNBV#V
zyN>awuLl-~UPzB{=sn~IfA)*?7eYS-Idj>;?=LiDc^~S2U5EXSZu_Y^`qSHQ#qERZ
zS(sO*t$h`?2eu!qUx)Uy$ZW8~GG0hO@96gQuuegGsjY7^J}~`M=>HP`McYT}pFic8
zaUtbnxmiBW$5<Z9N%`1s%;=Ew4urbyWBXx*(@xkAG9;XK+G+gbxX1Rwb_zPFz%R}O
z?LU`U{r-MKj`Q=9uznB!A?)8_AE?nf-x&Lo+~+If^~hs>zT7KU**e&0n~z~XmVPwD
zRN!CgISKDyet3Q*^}}#l_b&(QpOx3Q!oJ_4Ht(f<K%ZHweaHUXo%S8myLWc&wtl_q
z^~KPx`}d>6x=MMUPxo`9`8M)rwr>>nUr0C3zlW`VFulAl7}i(z^Xmv<Ka%U2gN1_+
z^~v?bpue(Sx!)4jSC{kaX^E}JrnVj%)&)ra{RZ^C?eoy<wWnKX=LI<bWP4k2J(r%z
zxSN5;_Q(+Sm$v-Nay*k?+d2&4Tn{GwcNPZSZtal!#hj;C{B6%KxAh!dKk)v0k6?W3
zwehpBGJbaIm)Oo&?yGGbjeZEvCB*$)oqta{%ujz4{^^YKYdQXsew{ztst<pDB={wS
zA9o!57>?h7Co-+)8!+EXTl1!F>!0()BhB99eud)^#}V3nUC8?3x-r*_|M5EJSD62%
zvc>1%N3-0hr~lq_8Qi}sx09-08LwBx?Fs8zxvh&eTI*Ud9_b8=^u%_>c0s$R-s5>M
z)9d_JuG<~N^)`R5k$#t+bF}`3ej4NShe$v6*E!FnzxU@!sDIM=!8M4J4%Ua`^B>{d
z7T2dRu2j!`z#gmk+*f70>u&u@{gdY)--oqc6#Glx^ZQe|9Js4%7Y$kOamT+$#(H?K
z9OTcr^~o&em-T<{LdP*X_w(NpvVC*^p)L-2!+ec#)GPfAmhYpFM|<Ts*eO1#aCQ;O
z&3LRI!bz9$4;v5k=|6^$_vIjm?w|W|1b>g^M!Wv-;oRq8zZJ(R57X;HoOcc9z2Z3O
zbXzX2^DvC_qy2>XXB>E;eXzeRpF2%uV_VlKrw4yF9+&Bd5TE`S`)|hCe<QBv5mtp?
zL;FKK=!tlje7Ec;U+MR$GQs+CF8ki&`oD%0%K;DRsikL@o>$Tj^ygl6pV{XR>G66i
z=Dn$qFZhM^Fn+&y`IXxJ6n#hB<hj(#o7%cs)`D}KxyYv{f{=J&UW;;Og84u=-^24m
znD3{pbEUKSb3ut9tiriI06$IVD}KK(G5TEhN@S?5`!M7_ALk9z8gk!ps(lZcah^|p
z(cr(?)zxPzhkp(AN;{$6*xq*h7x1px0(ckN{s8y!xW3GFZstQ6&h2sj$a7BI7ver9
z+uJ--!6&9$KCh8Ve1C`c42ZYE-Og@xU(|<*%qY5l+Z+1e_o!n&gOz)*__$BV^`h!M
zr*8E>qv~<6^3!fuUsw+h_cL%Vj_X@V>pNB5;?p1FdfHNcT`QMOHb(!^e|lAqaX)qW
zHn2<DZ?}4;|Mb`|kbjHaU_XrWp8b4&y-)9*d%rSot>?w^_Fs+<Pkxr0^~SI)7w;*j
z^3I+Zch2?egt>gpm!~0D_;V)#uYWq3;m3G-U*6_J<l8@=kS|V;^V2>cUtW<f&R<uK
z75#VAGx=Zv*WcuVayP6TJtlW=i+<c*sNZR|r%v|MZM$K8Ak=f8Q(SoxTbE8{uG<lh
z<?mK*p2KDRQUBfAGxfxIB=}b6nQWh2hxy&+X!pF|dC0nGfBnM~^JhYM>c@~Dp|0op
zd11JpLA@2;&(U>D3p?d|((a8g-=xjJ=k({Do>O_v-+M^}@gNWUqeME<fAb}j6XziZ
zpTDlWpEvm+S0?9N<M`zAtm&EZF{GUIqvQ2vmUCCzw`BQAZ)HzEksa1@d=mM--51@>
z?(5QC=ks!9Ejegs*~;jTkRIgx`3=x>oDcG(@-I7I&2lhgdFu4T@%i(wIC=H_u9u7F
zG18WNE2d5^zL$};-b>*;jr6xR`=j2sD?pd}p<E0pUnhOn=^1h-!g638H|Ujc>J{~o
zTR9t6Px?-rm3#A3P)_Q3eyc~wo7#Sto;$O9DzpRmqp^N+!F|X?4zu%So37*Zq3307
z|LWlV!H@5(?0A{0=e%`3jC#R2noM?I*Wriy0sl~5$^&}};|t2Kc4_B2ZhRPWVBb#9
z&0OZ<x!md3ixS~^f4n0T`qe*ekNVut_HpBSr+q`uv?tv!_j+u!^h|xl@<UIlT<qmb
zgyo6*ZTkQ0SBLp_qxYY!opj=lawLLK&*v@W%GFt~b#hZq=r^@<ds(Zz{ljy4*S~+l
zdWrK@(^+4~c|V2u7^b!lo3-{~$(Q?ToY$1$%+HYfXx+vGUjOpN^ul{fZ2z>QxWDE3
z6VBHdF0c^nxBs}#<INx7JeB8`FYxE!!uvmO`SCT5XR`QY*aP1o0v_SHz%Q=LmkZiW
zqa)s#e%-YpJDxl+zcRfZLB8HrzPOxRSEqi;@p}E>owHPUevEO_DaY&Su)kc}+Hovj
zT(5C`#`r^isLfORO`L1a<V4$F<a})4^oIQ4Q1qLuPt<QFas8L!xv<=^JY{`W--Rmc
zDUmoH(~I?0j%O|T<9vLtkM;@wneTdq^WT8y!uPoP&&Tve%dd?2-QxFg!@AU>U&Z*v
zdf@&h>N9KUFNPyuRc~cFi4YItQQD%%IMYd=^KsT&3@3hEF1B}sfe+)%M|!lAm=EE^
zkNL!Q&-|V2pLQGDE9;&8QOs|!b{gl8<z<}ZV;IZNIMW%j9MlumEkZw9hUbIs-^eF!
zZ;Ug&w-@~h)@${g^_hsjc9si+U2c3J#u?l<=e$0bdoDzO&2+x&62r^!L>@Q|^ss)Y
z-%t1Vzv|$;2N32%d*25+c~2VSc>VZ`euVj}^Uq_BMf;uKpDReD9M9xPd&lDNBZ0>_
z?EvrLg#LI-?W3Lk22R)a{%qXk{ypuO{nUj|pdJ9%by<J!K)+|;;koSQ`7~q?f6qnh
z&*sUU@X+4Ez4CHgzf14^-(2=I|BC4-kM1)sgYps1b((TKlZTBC)?t`W-}xGY{GIBJ
z{@D}e*D_xAuX2gg-*^Ld$#cIezl``s+oAqYj?CUM%55AC_I~lIkdN&baXokB^T&Al
zPJxH(zKRcXLHll)|I{PzpXchaSLXV$3;X0~n>VqaVgH1CXPF#&o5Q2N5*zP1js-iP
zV=I)4^}=}o-n|O@fzzALdHJ7L1wYQK;&-m-S2LtMm@mZdJ;wVC+&>EMIdY!CcM+$z
z9MhYBz9UdCV(V%{e3(jV{nwTsAbq}vT$l>uShrXICpw?UcYo^OTsPzWk@)-u^~~`&
zzE8mOTP*jRejP&Z%~}}0Z$~=uIW5MSk0ICX5Qcu0axov@E32~`+6mulL%oN0_~P_8
zhq(6Hefq$B^_;G~S3~|hFGIfI7wk92$Gd~M058}t;^Dmu(q%~c<jeO9`-fNC2j8Fh
zj_+qP`PU(?ed@iCt=rpaDhn@zc-&rNJ|C9eX%7s^cSiLKb@ls-Uk3^OU|er;J#?yP
z;19l@dH*q{&-Yj`-%nca6m$Qa>rQdKQErCNXJ<R^q;HlFc)^Yl59=3<vtOp3vEI*f
z7NNax{jR*OQMKo-{JX@dt*eIh`Z7F`a=iL3L7hF&?%3W?j?j;k?L*%eIoP!uJ^$?c
zn^2y(KDyO^OsC9`<sH0zt!?i`Vx2dv0~1~+Z>$g6)75@GPTxngeq}D(-$ehy_EfFs
zm>&DZ*q&m%I=kx@Z}S7;*PU<jvK+CU63(!$eji^2^my-hV0#Mspk39KhvRu%uGkKL
z_8It}!|s6njkkOIaXn%kC~3Xl#BzatkgMG80vvpUUB`0Ol_S<G@1J1a5!R36{$b-^
zYI9P*mivP2FIZmq!Az%pg*f+FP#>w_-m>cG9O#MjlDHhPep#QL@M5|gZzp>@3wmU|
zqkV_|B&HvyQ;wKVoG+H2dOFtM&klMjCP2STFNg8>9C)ugz*&z7+vwVS4fFy&<5*V+
z^ahRxJbr&6mb09{4xjVkklvd2o`v=^uzZ=!?ay!Ia)Qls%lP5Dfn|8$2RWw|FOhER
zFUDKO&c#&fJF0)$7u!pD{+7yfc0P~kh-X5)a(k-UJNuisKOnts{m!^uz%Syy9mBLG
z7wJFe{o1TrjuJd?<(t0p1UaZT_FpJJ^%LgpXvg(_8Oj~z2U}Wwl;sTbWa^uAW4#l8
zn5UDr_HWAcC}$mA!s(CddpS0)f_`q_S7^wO?EFJ42kIy2tN(J<%MsI?aw6I@%W?Re
zuAk#RbRu6m9^*CS%S^tie~I)^K92w37sf&Qt3R}I(;lhcG9CJD)p3vKOeptY^PhYd
z%87c{a{2W?>Xl(X?czgi*TKHI9>;S7gDu~@Ls7nSKkdR`Z`^mU(_6fc8`}%@#D1Ic
zovdA)VESRblFy5aIzOU&yNvmg&Yu4Khn^d^b0D4c!uw_$+xs_9+PiRd>q2#K`j?&7
zi^%W7Z@YGr$*FcfxQ=cee6ajR`1yDy=i9uzj&2=%u>Ah-53W8lx!#8#-ul~x{(M<D
z-%C3v+edgu8g`k;=DWdfUHmo3dB(dcuG$~h#Su^C2LGO2CfE3Li@EH#An*>~5B(nZ
zT~4(3dVc=2OAqht15eMdMBm|v<CGiw-eG@}amr0Roafi^;Y`>O*BKXE!Nt{2^5^}l
z>GA#-^N}w0zXE^abAN<#uz#)NLwd~5eKnjzukN=I&V5zn3+ElMkJJ#pbIk7`5FhP4
z+*ieZe7Mhp_0`aSF8m1UaTYs|M0q=vhv_TM1-qgC%KLelEauN|gnJy*mYzue`C|R?
z9kftB*roP^e*Z8YAH%rGdW=KrBR-E^*RF_<b7jHqe&_E4YP)(B?TvA+zt^>wI{4al
zehuk-2RxC*J)Ga42<?yGxhT_1WLdlC!0%UZ{hjf_e*c2{<2m@f&3|FPd9WYf)c-L*
zf_!Ee-({VC!~3|TKdt3B;$qi6Qd<|z<d~Hl{p$MIQZ|1hzv(T{-F7~T{V+r5F_oLP
zMLCH_yL)Ui*cZQp@}2V`KgyBWK3;D3U>deh*dvsGdhtmI?;C3WY4wkFBJxe_{liqQ
zo6X6m{lqXA=C-cdF!|#5mG#{tPmg|eA`2XWetz8Q2zfu~iVdy*FRdGJ-W)>uk68au
z-3@Xbr+i+H=c~C7rQeb8=SV~Nza}5Y!GE_N2U|~+vy;E`Rlo0@>UW5o{bbU&hYNH0
zy^kl-DII)L;r+BYe$OtBo_^P33)fC{T(|X~Kl*bl4f(u}>%E-+5FX3Nd#}HETE$d(
zp@(o!73I_YW$!m+vaZQZ_$CpY^~HV+ehTNo^jGTFEivAPbkbwL*NI+S4{`iIrSER}
zc3UreKNxgFKZo*$IP2-7Qh$T3Z`v94Hm&V>g=1m=H(Ps6x5T(RSojAG&}sPZ$Y#QO
zJM%UHAMV2dKghomANC>H9y$KQ9}V-g=`H7t`#=ti+nN06P#4#Chkf}QEqS}ei`O5}
zeiPxjsDaaY-(2ry+xR`$`k&tK($Ri6t{vm|Vfj6(!TSmKnZHiD^ZWiWloR_mRlgGJ
zs8xQHYpC6CjN_g9!&}BUI}ZKt^#@{{<9-?9A$`6mo$EV4u=^Se34h1V4aVU^hdDm%
zhxpxfy_aL_Vbfc0o$Q3?KjukL{t?q?U*yAe;kxx;?5~IQV63-?a}DMF_xk;Q$V<J&
zA@x|d4^)NoyduZJay+IV$H}j1m$BW|?cV}#`t!%~vtGLO3(E2)LVpMK6xQR(hx>wc
z>-};4-v9k}dk=a%{{+A(FYRcu|89ZaOS5?s*N6Lu=aug~|8QwXH<L5`JFB_8_66`c
z<yHl^wRfJ2;QnV>4|<=(&u4RC`j710YPO&L@$2fdZatgxxX>OjE(ASMKdevoFXeU<
z)-}<u>GwTsUH>Pxu8)0l{l5A?(C){pE?hqp(~rv)`<?8+JK=Ro=Xrasli=PV=er?{
z?QYuSO<U)a2b(|UAD0XE9{lo7>C@Z4Q~w<AI4<{JuBzR^e(UY7e>!0t?A9IztCv{M
zah(3$@xEUO{S@bAQw=^-e%HSB9gsnu&yDpR$Gg=(&%e>mxjq;7SLk1>`|^axblCsJ
z?Th$zaIU*{8@_JumBi~*Zyn;skHpsH^nSJZO$^yCZ!te^uy)vK9gT7^Bz@{P{*F5J
z(k&jpBmXPA55s)admVkw<DmcQcv6>dQ(LFSca-$~czbV(^P`wQ>Bn|N|0?!720Oos
z?Vaa5VmadS#NVr@U-Pc5PcsDlFs{e#X#>B`mdXp}_i&tNzNh@WS>F@!<9gOwAO45I
zk)FvbA9r@Dev!x1{h$u%wA;A-#Ql7ybk6T+FP-qI@3P+=#%cNmXt$Z|Kj?SZo<=*I
zneOxu)<<w&{eMS4Gs-UG_S?xW`MrlzZ680zkH^));>YsD{aH+(dgz4LDgEa);}Yco
zAN{_K-De|T#yio!=uONk?(t!DABgixjB~s%!2VGEOS@OOhTk8qhf}V&UIyD=vE1GE
zSLDlnds^31+3yYeB>J&ut$$Aac{-MR#)n)t#d(TE>eg3dy~N{atapyT(0`c60xyv`
ze;kkbb+R+oLnpjW={z49^B-aDBra#Cd4G&g|BHNhUN(Nu3-L^Dm<RLmGM>Jl;@_Ff
zTj`XSeqUTp@*ONZKHt&leKh(farsuVa{w&I5!Rnj?z;BYNx%2myOg9~r|&vA--YMB
z2YxpT?@xqtk8B^f2dwvsZ+87!V&9|Gdwl-9P*wvcUSfFFIM0VL+-H#X*1w+Ob3L5*
zhwqNU&t|_8)-MU?_e{B7-G4mL<2yF|9yvqkpZvqRL7m)ue+vCaIEPJoSJ^ob#=E0W
z{@fqpesm`Hd;dDO?>#l_oN~Y~+fTh-c`oK4e?CV0Qy=PmEsIk>bJ+QZxO_~nD-Y)%
zr&#{-zLVC2y%WLviFi*Xyh}qk^WmIzB8+37E9~cE9VHRURVOd&Ym&WF#;{X4VtVCx
zCXf4bQMvra+5`DKIvnkf_kQAgRD^RLLArH#fb01%fB&EF;ZiT1!c<<deI4qFcFC|#
z4|VqcyszI>p0s+Ve=zX9mUusd?YbILAKcfXoN*ZAbt(t#i{ZffU_X$w-kYO82!A*1
zGsJRGA3QHNr_~$kPtQ%8pFUXlVCDUH$yHYl%Dc9m6R)cu_8YOhT>pyw0^*|{s{JqR
z1pH=PJ+fX0XXhNZV*9Vc2VNi0ciH{=T~F(r(oB3eAL07J^y`QAO8a5>QM02uJN;iN
z-%Puov35ULeg3c5(Tr**@wint9u5{hSUtyb)Rk{wc-0>Re(<x|FEXs_A7`{Yu|8t@
zOs5~tkp6y*UyfJ(d6ut?7xX~-b$CpNAD9a6$8#MqZ+$1dQ~LClYinEID3>GC^U|27
z#PE1t6Q?6zZu6f;YyJa2Pv-@GpR8_v8qR%`>FT?8ejcUsUYk#Gy@BQDIt=eycIy}7
zy$8M5;NRQIgzE?6``r3fDyR97=h^f-F2<kxxePgPd*1Hr#BxzSuG?_E3GqY*EBAYU
zcKv+(j!Z6}v-_d6JBE}e)@xn+WV<ehRljuL{-S$)%E@(I&TAnb?S=k&uoLp%*x!3(
z|D^ZBYU11nhaSQ_jqNek5A}B5rqK6VUw2_9pIF6(xm>xt3mdY}2p9Iq2!B3Fzw<DM
zi}%U>em$J>>pMC&---F~e(J-+v2MDS-?vWX<NiKOc%QtJJ}58kZ43WC3ct4+?$IqW
z9(=fNxWoBQ-c)|~0~hK#Qz@Rwf&QJr0Oz}?<U@LKocE@1{w)#Wp&qL8Ab%<cU+U!0
z_Yr-V%NQRv<QyON$oW1D_rmJv<DL@VIn3-k7P-BnnFznPi2fvN!FkUR-&fRk>7RyP
z_8g6Hx%m;s^f8amjZdRRk9;`K2frZ4F8;i>-uIgobXhNF`FA)&y&zv$7sLJ4@Qys>
z$!uLLw|iODbd<09-OK*z2RT_@zMB){V?B<18?E)jI=nCV^48;V{V~pu^SQaa?Au#I
z9{269TFx?F_`VRwA(n^tfWarWi^RU)!tZYed!T*eo?w{A_Ycoyk@GOFk`MPi%Ig)?
zd#s)CesYJio3v%8<#=Xxo=E@js=dzp0PJu*3pW`BxySf;DvZbXplOf&!*e-oDEb}B
zG0)tNPbQc6`{#N-bv74o$SnT;V2~H{kW4oA_u2#e=~W<Ce7`%6v;9&o);GsD!YR+!
zKI`Pr@pJ_jYP<CJo>RHr%bB&-S(uOaz#rZl`F1fm<8<)N<qQ7Yd{~!&K6<U+=xg;G
zz}I*39(U!;EMIQ**f4zEmoYh~UJiLX@qORl@9Hr+<Qw0=&Wx_MXJ77ymAj|auiW9s
zxl~rRbGiR#c6hK4`L1m$x1Ei8V!fZ_)Ajq`zW#HofBjyP*L#og?KL~o?^*8!yMf(>
zcM+zK-VnLL?1%l!_Vzsy#&5L!d&aTfANrYY@p0}u72-2a`izr4{X>=;`*+-b(|4Aa
zgFZRlzI-L>o#EO)LptxJ|9X_uUn=)J=<xJ?e*dm#B7}e4zU#2V6`;eA`5*P~A0=}8
zS5Xh=+P(Lf9^tR}dzYEq?$4{|a*Dk_$8_>5$1~x5Yw~^R8py+t<@%|~d8qk$gpb<<
z^08d2TDgeNkmY%Occ-UR7PWVH8UMMDXDvAVd-Z=J{g5x^C0~@UUe7Te%N^4vUCK-S
zQ_h$V;TMf}daLT6>C}HYUe!PCa5no668yJRR=5-O^4MtT59b&%x$L*FyBNOMuK^!^
zEbLIMUY<Gt`FHW}q-S!Me-}NMN5AFp8uDeIo=6>D^UGyClq;3hj&X23hxrM8OIiDI
z*kK|}|EA58PIw6ApgtJ#9Sw%C-&A_v2L5^8p0z#sd%jr<&U2>-Lp#OzQ~!R$8v8>(
z-Qw{(ET})8PfFxL|J|cRF8(LvM5zAs7eSxtoJU|DqIT`?ukqYKA}fCb_{(gM`eOXJ
zw^3h=GkuEnKMZ3y^D&(v=f81y-()AhzSHn=$ievC1?qJUtyecb=f3_EVLRcw_pn!e
z-^SW?4ByMc^Gf=1$2h*#e1zBKEA!L$<9+|wkjHHN7?^*<@Ovuw<co6D(<NS6zIwW`
zyubA0K|`*yaiNpE!0)NxQx3{oN0)f9yfNK3pGW;up0E7I#WNW=U$1QR4_A*I-xB%w
zP}nW{T|J*P9CX<aGtPI_WBX>Db{pGwY`=`Z>-}chv7Y-idmy}jdv3JwUVZ>_(!Mzk
z%x&KzU`YM2Uisa|7>@o;{cP)h<8;95?TqxxbUND^>3-)gt~~mE2_GgB^N;BQzo&vv
z`-#gzc$rS%!*t41*G^-+I=P8g=GTxqxoN+h@b|WR>FnP*PSZ}y@k}oMHtd9O*n6<^
z{^5BmAN9zP_#=F~Asym3%x_HOIJ2W2%)fit_s2Y+l(gna@A-55sa(AP+9kht@Z9@|
z)4soA?ewkN96W1%Z+k(TPc7!(r%Gfq8yA+b`0N%^Z?IE+&(Qo4jN_a)Wb&zVps%}a
z{C~vz#i@LEF*mLxvdzCB7ySdw=egdL2-<flkD5PR7e8oS&^y%hLj1{o{7QxC{H`j-
z;j}d_)%pFmehc!mT>Zzh*0|5{p5Y(t{yXy_Ooje)tmg-pM>(ci$oD25w{y<l^6$s0
z-)8d!>Yw3~Uv~1UCuZ-8-(>wW=PwNVho^G))2I*PJzJpsJO@%<HxBD3^k3uftN#7Z
z@E#o3Yv>2TuM7Sj;W3>!9@FLbD(d`2@>$f*VV>gs*1Y9Uj`n_WD!;Jrp)>y7qfs9d
zyq~Y{shNJ^KkK_LK3{-u<>@9Zc&GBj<)EDOf9V&K4ny8=uB#8$7r#@psQ2>|nK%;V
zL8$Mn`SzjTZ@K{W9P63!PI6MNZvE<R@#uedi{C9C>9Ty(Q(VpkMxs5jK0f<>=#S-P
z$a(kke}f+5ko4K_uH@%)ncU{z@znJo-w&s9{Ar+Hj%TvTCqS3*760hsnH=W*$XpIF
zfAZi3f%nq}=pa35r6ZrtQw$IM^nRH2-%JM|eNV~HyHbJNnT<!eeBas$%m3m<;EV5q
zg>@UGXTtBza9@J`)uDcVkjmrlq2D>^6h|kOmrZ`gf3hgbbAj0@$H7?7{JstCzpj1k
z(+hg+=l*W@DVFs2DO6s+&Zg%|{d#wJ$A$emLS1KC7<9O=#P@CaK4Bf4<39T7(2oM1
z2-6QR`aD;TeGUEo=zh>Q%NeI*+(_hT^MhwKzokwd!sGL=fGZuF@6xX>hpD{Rggjhl
zLY(`D`VQEd&{O~EIv@6Ol1^sdTT0{z+aCwLR3`iPNp+pw`}=t-{b^e_p+4%$!}iYf
zxW0H^G!C)OtNw^Dr@o^<&Xp%?mFv8<P(IerpKaWy-Y6I0b?e4_CxiKj&-L>dPQT=5
zJ3}7WMK0&~{w35K>6Gz#-$3_2cY^%g;>B_>U!9yRFZTnwEhqI&`gMHk(z&i1=i|N_
z;RsV9ob(==4gC@HnhDn1a{0Pnmutv*_oLq`(@BK+ftL#Wo~-4U5ubSUi$?Z3epzds
zXj<`jo`vhzF`X$-JGu4V@a5o#eU)G@>^I8(c=+xh<;8a#b-%>FyBG4aTt8UP*;OiM
z?E^kj{Cq1H<ZH;MuXS=H660<1l7s8HQjgy-{GJwmT%I`phsEd0Sz!;T*I*B@kA|G@
z*VB4rq7QrJb>A-gTI1iDCm=uQWM)UX*;T{(^&aVMIJ{}k4>@{Gjy{uPNJ|dt@8`Z>
z5A%h`7eYV4dDbS|q24y#*oEP{?tim+D91yd%enK9uHN+inQtGuua~-f`aNGyCl$~M
z?SSwnmvwxDKB2cn08dRnnU$k6y~oah+}saCJnWCrKI0H}s^2m9c9+%K+X*kYa#rnq
zxfP*5>X&-te2noGygq{-s89Nd)GOs%(cYUT-PI2OpSXR#b|Um0kIx*(-+T>nBh>GC
zo(=rHyuBvYP8p{1srA8!dg1y3<4Dh1>%xQsFN}}(&I>*WQ+e3V=fv@IJzhv>{QDlR
z-zBwt^gDO@G3c^CBAosN&L0GSq6`my2lYd}@||#ob$Vm{kpE>*IC(NbKhAZG)Xw8%
zg7?DnRyxlOjkNEIl7D;Xc2>Ti>yW9^U4B*Uv;1~8)XVDMbo|tB^7HIWU?;iNV?&_d
z9=X8#O}%oy5Bpm6)ouQ(XLokfYjpaI&XBI@tmx~n$K>f1(CagLLyX?Xx~2!a=rKCe
zE*JXk87CL%p}f6T-aeCah?VzaR^C~<E-&e#+@19YJ4^(jzV~4B1;$|y`aK744*{<X
z&s+KG?4NcT`}fO##o4Fcv-0!0T(->7PTBsLj`1P4^Qw)Gc%aj0%@1OF+>c|s<h+Ob
z{gn5!cE6bOQTpc$iI0%)Qgc3&$Zu_34Ez&$%-SR8pX@gnvY*0zWc{AC_j^)dzgzAf
zwO_LSvfTeEpV83cZhrqv*Dt+)mD&1!B2RCLbozHJ5Bn#SH}p@$N0`cAeSRH>tvu*Y
z)j#llLMC?@oO+A%-S5-&+>PHi(Q`A}U%B&|?5~KA^sEIx{&%i_(erlRzhb|cSbvtt
zQZ`>_I`vNZ(C_Jc=qI84gd<-SJ}`b_{&(8qPkJ1O%ke7x!SapeW<0hNj`y@Det#kk
zd5<37o5<v-Tb+Ir;rh(Qt7H6N`+z^o@i395t#h)T<2c*V3bQ*pYR9)g@1#$<oPP}S
z=a3RXn94<?fM1Sh(lEQHJPcv)ZSwhjcYV*_%c=54@hkniP^n;iO>Eo^<1qY`+}c?~
z;9rFC1pZ5(yz0l*L^w`ze4o~Fwp0FY$JshM(>l)9(L?_e^n&rBe*Eu52YT*2es$6}
z$3yg+GmhT0j@xzRrkv2@jFXe}pwI68i&#$7r_Ni=52(|78Ly}17Z4x)Qf7W`ZtbmM
zer}KTqrK*r_L*PQ*&mu#x@boqGk<FqE8nawe+&9ct=)(D&g4~Hzr^*Iuug$~xJPDP
z(WUpwafhP+>UP}b_)EV8@}&a*BKQ^YxVEM54>S3d4|6%zucI_t<={BfE#BHj@6rzR
zVm#Pc!}#~K_#f=|L-d@Q?R)KJehvCpJ%?d@nBRTxC{=&J&98OW&(?JkiSwb|RQqS-
z@3s7Wt^AyKLLZ!0=YsF6H|+cBJ$BwV@WnWlnmy8f6X^s;xvKbtqr7?!eSG^kOFl9E
z5J&zvp0(_ha>aapX#4x)*8o3+daugH`FLFBxJrB5!p8gcY&`vuy}RDYuGX}CTUj~d
z_^SV5|6n=ao`ZkDIQ^F=z6O0EOyyYbPlx+6^q(1aniq_@+Vu;mylDO^?2-O!`0geA
zhY-j7o&HJS{~J5U&wU}<6aC=FMuQ*ccU-R~-*P<MyJ2|-4#T{M?>%4~NLu3s*S}dF
z$_M{9l&7wI#9z^`o9Q~nQ1q*ek6j=2Q>RzXQ|jhjTwgr$Ev**ye;Ggg-Ew@gooiwG
zgZ_Ja+JEf={)FFU=fUdYYYd0{On+p)a{f;7>ur9;{Pdd{pL%;)?pNn7^ZRF%zQo%O
zU++<T;KE$aU$TrJualAw?5eunN<SR+!}B@SFiz*X=KQvPzKfk>WxvFbb{yL^=RM^x
zwRhq;Ukv9=FfONZ$TqIrA)V{G9Je_xcY>q8t<nKp_rv`-7v6o^-Ir6(i`n^L-a{<I
z^?Q)FqCR+j80+!jJkgx~9XE~#^iy<Qd^49XloxtSWxM}#_7>WCtjBVHkVrWm@(tWC
z=>GFBonEW`1N(#A_H`CL(%~h-5b$trjd*j|ID&m^-9PaDRW970=YBi&(Oo>;2jzPD
z^`5SNN6POvCxZQr>b?Z`0qfEUXFtOJgYbBtgK*-NL-j*#|C-}6@$2XikN0^y;j`c3
z{&XjN_CuZUR<7w^0M~l<{f@3PTE9d7+y?>u%=U%C{!*NNiU0mU(%PTxBp3TZ?)P`X
z=lH;N`%d`m=Lf5Qt{-)x&wl?l|J~SB#`=3<_4Z17@wml(C+s(ceZIIKj^pf)*>7_l
zhxNCc`6Udw&dIQDy_kLs>9SpNy@>uT&qp$y=Ky#PlJ`m<wR0A6$a9m($Mdn_+~t!#
zUn)Pg^EIHW?<RP7)`C-i+z+2*=U^`N>)X6{$1oL~&tzQRg|mK!<z>EjzpqYT%!e?Q
zw@-#YG5!Y#sc(j)&-yCor(Dxcr|ujp?Pbyu7|+)G6UGPXKaMZx*LxGwS1M&WgM5Uu
zei(-y^xW9Fj-P(FMdy=loMHKCFRYI^PI{Z&;^YkHde(gqbhw|*cU@@*OWC^=<VSm;
zUGv-)<syILQy&bc><)g}DX34<n{zVYLu_4!c67DvFOwca=IbN}?<f7;e~(rBQ!8(5
zk8J0p&p5+w`H?>JAxz~Fd%vT9`XPO=d|0ofTW2T0ON8|Q;P0oVa{3ic@0qY(Xt#v3
zJh43yUU#mH=f2r*LH||%iS<&H+K--hvwA1rIL`9I-oiOL!l@V9JMH;TzWoF}u>D-s
zbb8=-*4S?_4E@|-+X?AYe#(b1(51aIWIomx^KpES^V5H0I`feZ;iOZSpL96ykLjF#
zEBcRD?cDD^e|B-*5AmU%i}L-y-uu4_cy;OMKXt#%@M1ocw^PXW#qnUR`CY%F=eCwZ
ze?mL0D>wZghAcPZJlD$cmHW6S>;U?)+;x0duMFdSo%%7XTZMOy*zcl!=)SYvJ7s%e
zocV~yalKB?*0|Q?xX<#G!&I(Xuz&p!ua19Q-z-P0uXy~Ro!8MN-*Py3Iq8qwWar0u
zzO=A;AH#p{jq+3e;r3m$TNejBjvrw9j>`#psr-FcjF;p~x@?au7t2pN2*bKN&j0fK
zK_c7PyU`pE*<Z(Y#Q0VFIXUX=jo<wZ^f9lZ-=g31_Uk>22Rf8{;IO{GMEN_{C&y*-
zVVoiL)~P)*Kl>NvM;OL);+50GyUO$nrj;-0BdpgC>9d`1d}RJ^{RZOK@r(J?;j@2b
zNP8aR#}B=yWAlh^>CyffvYgCcCr7va9os$WGbDZTqu;~%+|h0rRDZk9PvU%!^TBvt
z$MZ8B-^i~H9`j$q{2laDRey$hiO;L!d~_~n`guk}=Jn%hBJ|TazQ%SydOYu5m%i^k
zPA{npdl>y8>GJ$6<&EQ9zg#=YH_`6xyfo3#%VdM|`lDO-T>{<<;5#TG&hk94IQriS
zUjSXg`CSBrsi0hX-f0}l$8r&$apLoS0PkP)56=bf*6Vuy(vE+4cMSQuO>ea18<<YO
zgI$F8dxrS)&U!Az?r*XEFwT28vNH5UyCNL#pzE1VyLa>(yLWWF-8&-QC(d{JOQeh+
z$1^GC5B5oYzx!9vfqY?I<WrlJ>yh=s@qD3^+taJ_^YXfUSSRQDE$LAXgrR?Sr&?Y4
z=0B*NPiUX)Z%F6t%;9Oj=+DU$FO)Z(1L+IQ0=ndTm$i#azU$KU-6dPEAl+Cl=41MJ
ze@;CSh8)LOPi&`gKAuDGR-fee%PpV}gsGjU&t&|SfTKT1TXDV%gRqLv@=>3$oVWXT
zwe-IE4()oY);Hyg^Z)oMRjby^l=&bZ)5(|XA?(LCI2CxL$MsR-*U5RYf1f0gTdzWX
z>|^Qq$aC8HR^`S%1n;K@d*OQXL*GNW8LrlB*8}aWN|*9Ksy6J(|GnWZpMDSi5y->&
z{_K~!xZ0h+7oq*sjswd}xu`FO)a$g;Wk1CC)X?t+eRR_Q)^9`ZIK0RAgL<ALK|18+
zdPG=fV>#$YGtP3I<j2{d=gYj_61izxM>myQ{rVXFYdyd0)2ndcC-PT+KQ*N9zAoyO
zbjdd^H|1jg#Cm49u|Ic_$_KvR%49)Xj|N=dn>D_)`!b(IP|l$D$NV^{c5LG%?hEOA
zil$G5sSrNK-XEhpW%@yXOn=?mV=6z{eqg&Rc6R#F?<)HH;+g!_x3^rD^>(fI-p<lw
zJ;yWN?vs;#CwnZn??m3W`zQ=4Kj}T=@7JaBXa5~1{XTURU%>3}^R|xPb2{uJjt`I0
z87Cj|Er(%z+TX^LQ+&N-veIbBN8h{J6Lv&848MCX^ouZ+`9=Vb^ojRte?CUv&#{pD
z`Ni!{zj{CKZqUi>UKaC_4nxAx?<Cg$u)j*=m@`nHOW8T0IAng%3wA^L7q5!^8*NuE
zFVmTy_o^Az(c?J+h8*YMx9U3uew^0*TO0rC=&(QM`Lj4qxhN;wTimZQeJ@*YkHfn3
zI=RS~VJEyeo%2BMGm`&YE5N>=I1u%~IOktwe(I-~pTPU~X#a^UGz@mdaKikEGhARD
z(0|VQ7k<x-{tMTo)?O6(I`JXhmFyjjD;5C#xZEt~ynY-_1fkylvwo3r_Ir#YJrlyI
zhq&B*!y#{BVI05dbjbCM1sq-~FL}M_eF*a_1_#e&71MK^kL73BNq?Q{=`hnPL)IJV
z*Xj8d|1L->zw-I@``>o2h5C!@oBPbH|2WS2n__-c9beL?d{3+aeKWp@KWC-yPMH5r
zcqcr_8@>;K^Gtf4&eP*OR^Qd#&hg8nSPJ&Qa>j6$vr{=J7yG?(Jd=qwKaa~*jt9Jz
z%>EIkt^Dw-Q(<~J9`X~OT#RxOpZ*x&iTUZNl=1Qwzp_44+58shi|?Pu?@e(Y#CZ|>
zCHe(V&h6S)X5Tps{x9W4dLnzQ<M`-%yc?oDk`C*M^+Ndwzh^4sqaEI5{uu3z@g=<f
zt?y9z^C@ARB;GYXUn)!c@i&u?`Ef|!!S?3@8*<{!j!%#LY`OM+EckKT`1`cHcbCZ(
z{v1~>OL@Om-@WQLJ;?FwElOT(VC1a`Ssu!_`Z&i|-=X&B6ZQRe8<%6e+wMSqgsD9D
zld^tDZ_IBTJe6HOKsw?{D^9v^&4To6{X1SkUZe+qiS@<sz0D!-)_z{d{rX&B7d$_x
z^8}Bl-^K8FxjcMXSzgLPe!$cGMxX1Z2&?<6v`^X(>?@Vo#)1#wb?cLLaOS(q`mJI9
ze2n_dc2Ayq<~unI3FrB}sV}3x;`E!%A3yX6r^ig@^WRa-<+w>s?uM{`jPuRo>s#CR
zVJKgm{<60Z{oaG8&vgYIxBPw0hHUTo^$7a2UgO&*Qztn&hqU-&{fz5{gI`x%#P3h0
zGRfZ4U_Dbm!@U2h_s2@1?z8&+mqb>27v&@V7`q?I^(WGc^RwOnPg~~=AG7lpb9*|v
zE@dI<kPpvUKkL`e!g+4M13kv!r|Lb*Wn4WbQqEToN4{_#lIItwcdj>beUjfbV1JMP
zG5-E6$3xazh{xrO*V9;jybl%ny|euSe=5t^xJo*gdOtF}gF?TIbchGPQ}11#@9HxX
zj;F+9ocM(ET`jyb8rEmIp3LuP5Wg<}k_Uh<=@1|92Bxk1lgz)cm6!ENe5Nxbob|Dj
z`Q>q(c$fzU`-$lc^ZKd2a~$LG`x-C#bHSm%e)Cq>ep4Cg$H7p4o${CI>AB6#(C+$&
z=d!q+Gm6s*XL<3ycPdSLhl2P!E{JwQJj#c#I#1>N5AU7w+;M96qpS8rdU%gU-|;)%
zl}FD@*n12yU-r}I?gu-0)!)a8^%urL(l5`SGuhXV*SWmy-}Tr11;6g!BeVJQp1pFv
zf4{R&7TKcz^2c&4wW*Uw-&ual)oYN4ei7v;$Mv1Fp8n}iI01UN+}~fwWG&x*bGbWn
z`1&5&CtRra0Hg7ZeE81I8&^P2i|-5hnx3D2$7g>R?~xb2?dbH%%8?vgpX_#Ba)Q54
zpx^hhb$#?Nx!^s}pbyAbwHxYl_y0%R`v+D%{{R2abIx{ls#Qz-arUd0RxM4YrY4hZ
zty;BMKM)OD4YRFn)ldwRPzpm>3`@fz450{%uo&_Z!mt>Y*D&nGc=h6YyROIebdGuV
z@p^y1pYI>H-5<~Ec|ETmkL$<tdj8n+WJ`HlPnPo9*JXA;u;)Abd9i)|xaM=Jf#2==
z+wl*VU*l3$Z`SppDxbeEUs$@t5A!JX#kcdf^>F!}Vy^Q}HrL&ME}!rJ?Ctwcb~=B)
zZ~0fhy%Vg;&+nb<^_s6-_VK;%-`oA-`D;0h`Mq<Bs!xEm#i=yVs)~{N$$qZC^?sMx
z&+ikN{eLe1U&~c#zBeJteP46^{&&aO_ebpeq#u0x-?fkQJD#_g=ShFwcKxLv+ULom
zGE{wCmfVL3u;ji(pq24o*7I<FE})O7b_vnzBbRkUuXeZ3J2D^q_53gU55FF;*O4+$
z^8XX&JYf6x&-;D-!oJUIt9^Z7tJH`8FEP)BY_-Gf^bhEDAlE-yUDmN?9y(mSKIS}f
zviVNtfAn)u=IPs{zsdETZ~WTj@15S?U3W=*-~4Zvce7cKUR|i##bpir)BO>jf22H4
z>jd3jT~@Nb-^Y8>x}3i7A5DMmT|V&#*Ub^quipMq<riR;JgGF$nrpt7WFI&AHWkiw
zrcpcGF1I}|*64ZB=bzs7ymk-CkdFObQTzVt4ZYr1w$q(DQT+a$x!=?~-&=HfdB4w$
zr{4S9UQ^|ETK}0X<^S`x%i5>cNBmCRakAes=d;9hvTc{cPS;*X|9@RK+x^B)U)H4#
z^Ziu*zqD5Jx8vFKwyk!!ef&@QJmfIn=XP2(e|m1?>o?UVp1n@Bw?%!&{dvFZkMw%y
zYsa&{pZMqP!ymUyuZQjDUcU0JIZXH;-+?_z`h)%b?$TexPj>s*{@A0}AAFbAXz%?E
z=J}(j)4E^Zzj0Wddn7$k-*Xi^T{|6H?eJ#vJ#<@p@Bckm%57`!{qp>m|GUxeD>%&a
zV0)YANV=c<#+99~e7D?T+1fkZq1~!JTu*7`ewtaY_KtV986TofD@%`?zvlOdJ|ElX
z+rRF=L7$%;maV<>8K&<aIV@49^_t1Icf5;CKNa=$OFQ1GS<+6nhMD;Ge%n9xy!5-7
zA9`>1j{iu1@t4>9e{Jvm69&lstU=PAz4zPe$lm?)aN)g=kJ9Nnt+85NmYvVx!h0Wo
zPK%W9A>)rfZ@aAS;Zp9yh1=;3)Zb<FwXYps5Gcn_GHUzzTK(MFY1M0W{pEhAeY_q2
z4)fgdEi>-^Zhaxg|8@P=`}eTrdVuRmeP71+dv5l7b$0%TOV8flyFB(f=Wxf#??v_g
zPHKQ9<@3#NhdX}MOyyVJ9?;75=%2Rvu7`OK!7iVzlAgW(;yys4j0^j`YH#<BZ<oVf
zxA)$E`9Nvs-r>EEllzMNKe2v)!DWS-^J(wnGE93v8mG$VvfTQ*knbfOCcO9Y_qR&D
zvfmSJ-%m2EBkXpupCj1Y_VeJ0=6jg7US{6Ml=!~)sl^Wghq*4}{XxC{_KgR-d>b01
zJfgn;7q++WHose8pEvE_6WcUej<eIT+i~_}70&<DXyyN`uUG95V8x%L!UL@#`D)v3
zoo|lsT@O2*-s#%m_WDbHkIP{#NR)Q|T7RFVcR&5>cJKDz7p{(XS|^(F*!NZJ?LX)1
zTkqPx%k@8((-*JPJYSLa_I)3|_i?v28Ncc0FAnSJ=O~u)quI9WZI|aQ{eF<|dBR!M
z;)mYp+T+Jo`*=HE@B5wheMh@L+VSo80ByDR+s_&7aC^S6=bzqc=l9hZ=|8e<|1N{m
z{H~wN%Fy?l0?hj-fmYf%(r+%+?<EFV^1BcoYo&Ql(XNk_*XMt`{PDfUwfqi*FTbbm
zSLF$?Bz=CjO8ejaU#D;9-*cg~<4E&9fgS#co?ret|J(cRa`rC2y}$Q;UprjhEAy?p
zoAmuAuEVvz{@VY0A7|&gVw1FoDCh59e(mkAuZ+L!cz?Iw&eyJA@B1aakGIpck85pL
z<H2F|9tU>$?RYYO`rZ@my=}iQD({=PEc^Mcef;6dSFZoh$7zL{`{weyD!u*t*Y>s3
zv(Hm@dF|^P`?-t!9*fgjxKgzP=OLX>faTHmh5kMt`MsCFD<AKb>G!yuR=9pY%4OB|
zlYSp*?nnRG4}ZO1X5TkEoXUB^=Lh?|VXr6cb^f38@x{0OW54fjzwh*S@$KX6c$wyT
zUxc}?2{G&5a5L}N@$B~L-5<lI%6VZ|uW@Y0@7<o#Ud$)v`(X0>i+|T1f30`#a`n!~
zeqLhd^M7s!`*%(Ld$rrkR{6aYr`3DB*uSH4xczoL4ma=hZZG@3YSl9FyS;74draS-
zcUtoN#AU9F1I%?}pk@C~iu`_<)7*!2nf(D)in$)L)h?f1Pka0C{ArhGj9!;HExF(C
zvgCe$fVtlvXzusB|G3}(zm0E~$L?=-|2*9La=$(-^Y@>R<99dB`^BU5`1bv-O}&{<
zd&jr`ug$LK471LifBv7-mwEWF=h<tnmG(PL&trd`w|e*I-ueICcGd+deb%#Deb2j|
zH23>@pC9b|bXS_=dZ*v;gR0lz?(6&3_vvQ+Y_Ioa+hv{fiOio1%<uKs>D%|CBtGvy
z>+4ykxn6Kt@rQXo#rFF;{Tzee2{+}o!|n7Bw=M5MI4t{ph^soN9_N!e`hBF{?cuPt
z9On7o;lf|h^QglT<-W}SIG_6d&rzNq+3&&pHUIy1{ck@f{Y^h-WgV@b^9Go8n#20L
z{kFgC{$XEV+Rwl3ZF@ej<J-@{Y?bi8_ItZs?DrDv|J$?G-fyRyW7dPR?&o^)4C&X0
z3qPEn4j2D$;r9GtUw?L(>(ImLG3NTyR(T)CVcw7VtJ?oha)()OhneRUpPTEevrM?h
zgdeV6z5Qi>7tj7ZqA-0QKfpR_viR+P-tVyf9RA<;OZ)zTJ??F_+wbrCfgNAeX|0+r
z^XH$pUDm2z*ClrPz3Xpp+xmC$?ESs#|98iint4K$`(cNfHxAcsz3cs@c`t8^ejfDK
z@qe{R|Nqu=iPOygwXf3uXUOlX>GusBR_|^5{}k>2zx>2}??(QAm-lk?yy&tHT_W?l
z{C|9)HSTh??Y1hl23a@g|I1_^HSaqf?!CGH?fZB3^}2kIlJ{}+`)@qo)cFON{Q1AI
zBI#H5|Nr(KC)<O~ydL$nn*Z(ZN4QM+?c;gB)0F?u{@{6|Io|&N$w6jY{KW4Mo97Rc
z%sjSI->2YvGM}mZ_&*He|4{vYhs(14-1~l~olZ@r8pnLEKr7#Y)yjMEAu2ucGwt|)
z+rKB6dRQ~XZ}$C+vrkpqPOJ0|RW6rRq_=tRq)LScS}t?k^XB{~&$%6zt$%#))6Adt
zc)UQbH~7D?KdJA&r+m+z?>m|I#O?R3p1oN7(=<`#@B5DO;lgFyIj!E$-R<`$54Ycb
zF8}{Fo_$>7H{#C^j}$-J+bKb^9i^Y6GQRdpyiY%n@EF~HT-GD{|I7lcOWu<G63+j>
z>2Ut<$AsIzH*fbl`+JV|d)U2y=TE+;;k4F$f*a|l_BgZkH$Bdr*0&)lUzhp)JKyuw
zV?XvUFW(c={f6&!n01Nd7hu`nkxiK+@!!|=bC`I4eP8!+^Stz%;Syi&Bk_MNr>J&!
zSQCdx_`r>_J;!KmtZd(`&xgEM`o6@o`|;oT!~R}pgX!l-Opx@>((k)CEKz&@aQyMR
zZq4UPJ|C@A>a^NVQ^&ciZOIaT*^K`=T%NP?e`5N*UcNs*O~vE8qNmAmx9V`t(>n<!
z-M@?X+bfcfYm($|zb`E5@_Prp(*0<!O4nh1uir0nTECg^QTE=x{~;-lJ^t+Vq1{jH
z_hHZ6Ao1k-*lF!KPRfyCo(tLcFYNzUw%1QjR;qY>FXR%X4y!R&>apivl3wra|2F<N
z!{qq?zvI`M^JQ<p3_L^fxBb*x^UQT;S6`{`x#oOTq0b-o{cL+&+W!|}|88i2WsmpX
z`tSvkp4_+P|7G?2FMP*BE8qRsYJbnwVZNL6*KzoSeqYh?$L|u_-&=ZHAMZ=|zfI4c
z*CZX^@m>GRa@qI8^7MB|9hUw3yoU?7^Ob(;vgCK-Ie%TH`hTDmtkrD=>ic6smP@P0
znqz)P+dlq^7gc=U@e-f&pN{YTBmST7Py4>FyE;YMMe^l)zIq<C-yip-`+qK%@BX&@
zKdSHdgzfZf|30Ma6<|qw@g0BdXZL^I{{Kmp@_zW4s<-dEx`#WT$nPBRJM?+#IG5!#
z^Znu0DSz&_POD_G9QVdnrTorbm+0a0li#EFeGl3GJplW=&i1_2JDz-R+4sHm0)4;4
zmrn2P@62_Ht@iPDf0Os&T-L@h;wNbbyL~xdR>}NkKeyhh*E>$@0dw7Ff1g<D=^K}J
zy=A>@k9&u;+5BIJ`u<FiRRw_#59&etSP51H#8~l=V8sy@&%Stc1Udp8iH<}^S*wY$
z#v0A`Xtw8C*^UL)3P&!SWmP)PwPGFTS+`o}qlLT;P-ulgtm6Xo0<_2)24N8ED7Mam
zTdfkpN(d_<tkjBxFo<=Ob9^~=Id&cS+z0Jey{p}-fm+uWR-Nlh^dQ>@(XZi<)#3UN
z@YprL>4*;qhJi5Hkrfc?$cC(dYaF@m>l_Q*_c~U)w>S#jk2tE`jgD+jqhp2VF-NZF
zaYr8P^*rII@N6UONk=`b@I2+%>3N#)?T&8P>)GK5?(>Wz1Xg&SbF_N)I2L%`a%_h}
z_lJ(qJ|AI!g#EcAJLoG2bmn;aIlX-bI#;-la4zr+cCPS*p<d@+Po%TL6Xh&`3eQky
zxo0%{#ySh#<Jdo*?GuSJnSCcYd!WLT;SA`LNt|r<&vCAH&vll#=fQk96;31UbXb6W
zhO@BGLgyOyLbh|!T=Z->hwwZ!9~L<)+>4>WS=Z-WxB!;GQs=%t%b@};a^|`#;VQTR
zZh_mK1@0R34)ji_#l8!@8@&fMLp|IF_rn%=7#@YkoK1Znhi&jAJOxj~GtMgav(EMI
zozD60=bSa}=doXKZg4j_Yu&q?Iqnyoas6IGUq)YnSF!h?uQ{vTuVKHA-GaUWZ^B#7
ztbTi)+5PsR@1pO)`?SG+_I-eU2p>T!d<>t!r_crm;4}Cf+Toxx&;5-v%l#ev0NwB}
z_!)j--y!%9cAzWE9puV!d!P^WgJ9?n10mE^=MF=|Ap+a$%5+C!N4cuq(GY_@1RY9v
z9QH6c5{45up70UaBViOI5H=c)!X88XL>LRl5HE?a@sJG1!30Qw<Jp&ro=CjOa1x}u
z3ZdD`Kr_%O=oB;)%|xf8)6pz63!Q<^K(o==aE7ZM3f*VILQS)k%l@;m&qmKd&q4ED
z+3v+q0O!FHSAo0KmFF&li(Tsn+~CS}SG!UNRJ*bV+=SkQ-i+Ri-oySnS4aO%Q15CP
za6dG_Bk&wyueve^HpA=C0&l>Z@F}!Gk8A(He?wrv{((sW9fOVyh;>X1XbYK$odPGY
zor<1_PDaxL0-$41I%Ed4LC2sh_RZv&nb;=>bcLLZ&I#xVnS;(F{yg-2_MeZIu)hQ?
zV}BW19?&^x1-dq%eb5HD4<3LAVHdm#`{85w3_jO%4hj!!9~2A6K`NXD1#k&m232qs
z)IcrNK?7`oN1zdQ!1K@yUkAoIeh92{{}xyk6yz><d!UcIwohN^2Py8H0VhBzoaAmD
zFw5N)GRxgDDBIl=l8w%GKkPW)9qZWTzLo#(v#j4c9h`kFOWn3mwi}H!c3*U~vDNK}
zWBu&o{p@r<dxoDq$Im{)&(1e?7<z$U_)<T6rJucv0@`KUW9%sQzwH;UmREM1UyL0`
zoJdZ`DqNNS3}dT&)$2HR{Kx#_sO5dkXS~PdcdYWsLHLYoJY`=A_OUBnmQ}ri{|ivz
z*qJvuwV#xI37(xu_*(3nuVZb1t<t%JYd;l#BjNXRzh?@zN@pYKsB&(?zVLGXrxSY%
z_8z{4ITKqw61lC;VJ*Z~uj|=m*g>47+)q%)DtiyVNulgr*mrR~dOfx(vu&$5|KxW&
zRT=u2bZ#+r)HP147JCrkixT-A80-&-e<%MB+<<)mdjgr;<^N%@(|UyPgM^=anbUg0
z9Q)2{o>5`{LYZF}@33CQb_Dq9{utZKc-H(nx{+g*ANFFayn3FttoO0knzE^XdFsQl
z_wcOmGh<)2ihG0DktR)bdqt&l!snKyUImSW<Zq;o8?i6p|5sGo4I}<JE1j0QTvu(;
zz;|Cxz@9@n5B+Lc>BfGG_wm&&4%<J<pT~1-!`1vR1mSP9J&(exzGRpGBEr*&bLQic
z*9>gcMwNtrK)ew=ySduL=|dS*nky;uCng;gXC(g*PZaA6j<x%V%4<4ts@b9X#$x)0
z@~0}B?JMQah5S!|y8O=P*wxWa>rHGGo-);;{j7YV%A@k#K{^LFNEuXoyU&j%&NEyK
z_QfB{UQVA>`5p^Z#)m5YMCzi-a6I95KfHkOtu#a=$EwQ#J6ze5*Ym&jgrDITu59-L
zDUXidPP)X&_lvWXG*vp2O?V97>rk&KsQ4c~;IP!sIVrm+RD7=Nx!j|fNBEWISk*>L
zO`2yAeiPy6GLF<7uo2tt8!Js5)lZZ?mI~@N!oH99M%2IBT#3DmwYa*Cq4F9}URN3W
zQp#{0wn~30;cATh!uButU!{{y_!8y^Rh~`QA)EL<Ec;a-aPfagP1uhS9-qltpS0Iv
zpHgF4uM)288>jQTv?k7A;=E(R5A@;pw6Rs1L5x9_rkX2;^3C~f6^FF!wou_eY;;<K
z$y0@^aiqrDW7s|1!$I^IS@jC_C(cF!8gm@hamId>@Z+%$5HFhXsC=dDAUe6~4?3KV
z!(n<{sBx4}d{xJP^DJ1!S9#gx*+H3=eLnkD`1gD85%#WL;cdBmW75R=gmNk$?&%e$
zh;OQ2YT|^xMBgG#I@>CJ?SE{$F5k1yF2gX=d4v06%AZ#fuKKx3|0cgU8~yAZe)c9m
zo1*`b<}N>5jX^svHO6iGZ9n^fpS{J;R(=cM9=NKDvS0axcl1$Z|H3n*ThR|Fe`GUr
zH1+}GlY32^8yUO}#$Lsoul%6uWuIRT_KJUXlEZq`#Gh@>L8@PkIZyiP_t?Rt^AvHE
zPwey^fl@DrDQ74H<vEj1b(+{JzMZD>Ve=#6XH}Q`xF4o`KEsq}w>dV(%$b8oe-L9t
z#fda|sXn8QJ>pD<^){;fe2{bBerz>Qer@K}e9|2DgJpe6SUUF4+=J8ohxlzr^6fDb
zZr4k-kqYl5T(yy1PG#RfBiniP;iRGJtMdJcd0VBa?8w(7j%w4vj0+V<*+(#5Z2MEn
z`6KCXp*+7Nh;LQ9+j(um?&8}2SK`d@tFMZ)f_gbPZjK4}V4s1#nK^%ev7hJthcN6b
ziQkX&uid6)_*vO1{2=$vV@#Y_2Cu4@_9y*K)kWDuP2Z#1)<vAxMiGA(_ED!gtweKd
z%smckys>}3+h@nnPbR5w%C`D9hxWa)Kb_Bae@ytL96J;HAZgm;LY<2zGEbgK_yLE6
z=V3btx8tlOokgrkmYZYMIz*lCR63)nyPAvCEf+h!vQOdJM>@x;Ic@nUnXgp1niK5!
zD$YXU%rM95@xr!BN7;K!xLSYOwhFiB*uD%@mHtJq$ocwM;;XSaQHA4Awa!_BJ&5pK
zoJ3X{dtsf!x&m9x&xQRQ`uw|zd@EVk1qIQcvHRh-0oZn3Ci&Uv*jtFRq>6Wh{K8Mh
zR^{2u^QcAG%0J3i7h#VkFZ(>6Zpyi?4?e=S*AL3hUFxvzHsR|sc-DeFgK*`O&#+Y;
zRh-FOFxWn^!|ik;DTCb>wyokQpWHc@_xbyY{gF9e%puJj7ILahmHi+$hSd3VsmWLQ
zT=_wzNfe!q-Hs~FK>lCmy8etueDdZ84(mp275+Hq?hVFPYsHP&J4j#+bN)TpcKK-v
z9X^`xQ$0%f1>|L?uk7!6{;BG#$~KBI&NOT7A+J3_JeyYOVE@ED>sPSf#<u&<T2p3~
zzHO`W+xFYUSGL_}-u8=c+bX_oe@py>1O!AltbbvvIzHIyu>NiAe(#8V6Y2c1&cRlG
za1LOMV?W|&7hd7C`kC+*##ZUy%339qaJ4?UmU$o%Tjizdb*u^hH)ARtdo6L)T4kEC
z)%xUQW1n)StY-$1?{y(gy{<Tbe-c@TxM)<>hwozzGky^1lds)pls*3xSwDPFoD`m4
zsX62q<6GrV6=wteT(yNNTTPb3+C(~Pu2k*&fJ&2aRrjsNR&lob#d%+abNoBh<$Gf{
zv-Z$w5?;%kX|IL0VE<&|yhWUU8~et25<bWHNA=Yi)Yq<ynk&@$GwBHWF!pBp%+ad+
z#6Nze*s8tMm{rFrTdk}8ZB<`8{1(!&*Nt~#+j9{~>v=}ytIDZ-uIwp%gTfv=Dor)U
z&t?4DW8c1h8BMr-y{Y2-nk0Tu_9bMle4^syG7l?Tg@+yOu$Ga&3g5xEtJHPGv0$fp
z0rszqomIq9;dcC8*s5%*47T4?9aWm@+T=mvD|-hCs`*D9tJ+b`tID>^rrKIvH$6#w
z<xe%=K7$=e`L^G|JQnH;Z{sAVjy;Vy%2&!hmVR|#xU6wic~l!6WZ&6lPIi!=3RiyX
z<7caRM$M}g(UQIzQ)-@3^-|Zu$`8sOG+O5NKG^m=KM30{b05l_MPzl&YnT7=kur~6
z%{-~*F}2oLWl(XHz1LhXAHcqji>!`Olo`8l4}CvD?2|rlSb@eaz1J6Bx!GsGeVfld
zqtRzy^QhP}aFR+tigdmw{d?2!o3StDn$fl=UMKNY96K*%+j%Mbu{vLzihF(bFjF1}
zeo%G9#nvGHjQ^0ipS+Y$j^P6EVr&&>FW+~&4EuP>rs7v&t8%WSoY!Kj{-*lg&e8M%
zmDpKM>(`@bJCnX@_hE#qW7Robg<run?{Q;fOl|*_YgcSFFa65-dM5TJ(p2$PA5iUX
zU#E{I9W~E<!(cwvq^bLfN%K|W+w+?`N2@Wbj-52lXQyGSIIDkfSeH+vzS#D9M$M}~
z&>8LPK{c;#nCBbsx6Y?7rd}#v+g8<{ValWI(Zo^5+I>uoqt^*nW5>=*`AvoA6fx%f
z%3%9SrEj0tRGMneNqmvt8^s>Rv1%M0zeMV_B!aPvt=jHt=K0JD-}Pzo#f*0nh%(oz
zD&IHo;hBWzl9uwbx|UJ)z*)Qxb*b1tW%0k?#(tCQ!L8WJZ)*K>?-i2%xs>5x6>DSC
zx7QCdjDP-lHGPC|m43|{Df6>AzO{t9MppgmSjwa3Ml~m>bXFdcb%?UxcX2&lP2EUS
zT`xCtt*(5f`oMWy?ASgm#<u4)wdPUbs%+QX$=aB7j%IF2xm)Z`-g}vhollzgZE;xB
zjjh&)*~b3;7Vd8tdtI{Jhf(n_3le)RY0kXQVO>d_LF9El<K<do_Y06Rt2R<=-THf^
z4_|2J78PIh$t88ZV=u&3Ww!4TsXl4<`L_wT*M!Qp*NSV6t=32?T&-u++^+Jq*Jdh?
zYHNzC*F5%GRK-!}g`2l<jw3JCMk>xm{sb_HZr>@kx5jDRW$Y2yo3S?$N5xmyhFh>p
zX}cXJj)&{7ChX(cr{eq*+wKEuo*zvgZo~g7FAq;tPk+I(`dW!rF6yxkInLE;Ig7Lg
zILowpoE2Jwoh!A5I4{>4>by#;*SSV(jPrV}aju)SCb@3cn(V68n&R4|HPv;$)-=~c
zS~FdeZkDT2Z)dwCy&RXMpKHSNOn89_FLXVr<CnOkoaJVJh1tKt99L<y%Isfl_OCI=
zuXjm(s!hBNCSHw+S8K{!=XyrxSMPd3YlCaI)~&8RS{q$&YTf2~N9%UieyuxQA8Tzg
z_1tapX*T(^n0)q{@O>tHzX@-3iT~S-w!1#l>2<ii(%Nb2(dFvY+ug43we}eQ9&-Jp
zx2=GGYYhmnnpAsx0s^%L2lUk%5-?C}s0lw55GwHkrCovprCmY-rCmY;r5(M2;+L2}
z@k?Bw_$5A2{E`qTen~XxB$;%QO*$!o(vGQt(hg~XkviYZz#&?*0*7nO4wQb96Da+t
z-lW%H(%Wj%Yc%EBX3DkQlxwFcSCc8%Zd0yilTM3CXRk?TpDEXVQ?6E1t~OJyc2lkn
zQ?5=^t^~LA>qNKo%Otn>FWD{rOL2?;Qr%MTG`G|{({09qiJxua=a~5O-Qw>BZt-`n
zTl}5p7JnDG#ovW)@pp+yr`)7dVbWP)@~t%aR=LIBtKH)7HE!|udQ+ZixA=R5J3+TY
zjr(Y=weE3R>)aEyHoK+2w3vMNntb<}eD|C3x0>>|new-r@^_f>cbf8dnS8rV`9gw}
zUk6x;L8&^wq#)zhAmi5{Grt6x`Nf2128qA3O#E!4IcEQSvwuO5v`21`v`3zaS7725
zns_B9{qi7bhl(I+hZRB64wXUD4pl+Y4y$#!J=U5a8Gq}8WIR>}$@tq4B;&CrNXB7p
zkodpZ9M@uw+iQ;7XO7!%j%zi?wFSxeZ8yhvn0TE*GJkXh$-L1WB=d&HW9D_wbnVY%
zPqx-<qj@HLwb6Qy^y>zrTRr0cMvwS^n@9Y--6MY7=@CCRd8A!-oA}Kpev65}*CXw<
z&m;ca?-75tdc>b?9`R?pNBo)8N0oPgwV=-&t+{;)b-4@r$a!mPU+JHXeWiaU^)vmX
zpOn)Ze5sBf6I`W_uMNIhYhCaLt@Xj1wKfDdYV8Pq0cF1IFX;sLmvln<OMOH8OMSil
zWgNxymvIzl;>Vl#2_}A`iJxTRC+qlqt-Sspl21RYK&!`EZ;q=rx}m@HpPK&CZoB)-
ze9_!r=9!lM%HRF0?*5<abb9)CYPAMPx&cN#MuUxp7!B3xv62QDe+`g&rVNmJrVcRk
z)c`YJ4Uqa~4Uqa~50HLaZuYM>;SDC8ttOpDoz4KOd%(Z6UsnuN>G!eL4^-{m$EqGE
z?OvzDJ=RvUziFWACw;8lMw<s-yi2vqezU*Rgm)S39$2aO2ZTua-VixH#%Nr~m3n`Y
z*`H~`v$T4w1tz@2gqItw2)RZdx5n(RHQ{yUxJDDc+k`h8Z3$VYk83siJ56|3i1d4F
zkd!lYkd)J_)ng^-aF3NdsG8&ZS!siA)tWizZk=BCAo2fvt^KUrK@aHtd4n4D{t~ml
z!tAdcv_tQ&8uX&xzuxTMV6@i6s~_~bj@O{`^H_~$|8}##Y0y5sfA^q|bvi9(|30(7
zb<mf3f7_t%^!^SL-ZiL4hj*LuTSrLwJzD!&AxAh~RP_u!Leh;f`{T|2L>=CbI~RS4
z=dn`F{!F6_ju1Z<9-;i&$12h4u_}*H{kD&_=7_-@M?X74ji&%>`w?EY1FW4#M4^FJ
z>);rzZG(qsZ66$`wPWy+S~~~FYwa35Qfv3%1g$-TkJ5T*aH3W#bgb5Z&?K#%&~aLW
zLzA_Jgig>J8k(Zj8#+mAOlYdsxX{U3<3rQ5CWK~aO$^P{niM)sYjS9o)|AkhT2n)_
zwWfuhtTi(<M{8E-T&>xm^R?!Lo~Ctv=mM<^LeJEi8=8xHtin*42TDR^9w-l0e)U)t
zp)wDw2$gxDGBi?;<El_;$JL=S53C7Q^K2kr2o-<UoAg_Z?ls~2%=UhrZ=iKZZ+o~z
zlKcb0B!5qs<R2U+`G<r_{-I%#zc)<sj|r3f<HBTqj1QCZPePciUlPOQ{E!qT=ZEAl
zS-+%&ovrJg8Ybttv@n@xGsEP(nH47I&FnClhjYTz`NLz)4_mB{TM$;LH8*UD*1WJ~
zS_{H1)>;@=skJ2RO0DH#*J!N>Tc>qJShd#5uv@iOh25cbb=W;x*M!w;T_3hZYjxNo
zS~r9}p|vJ#yVlyU=d{*^y{NT5>{YD|VJ%v>hP|z|G3-69+rmE5x;?B->&~z*v^Ir(
zt#x<UcUqgny0x~1{i1bm*l$|*g{l9UVjd3jXl)JaueB}g2(9g55n4OKVzhRK4b$2c
zHd1SM*ch!nVM$sKg&n8W3ZJAkAp9h)p72bq!QnHshJ>H2H8gylR&V$Mtuf(eX^jhC
zq%}VLe60!LC0Y~1mugK4zesCx_@!D?!mG5VhF`5UE&MvInc+8T%?jV3H9LHx)|~LW
zwayRUtaU-S`evWU$_;;5YhL){S_{IT)>;_8Q)@~1F0JL^uV}3Ze_iW}@V#0q!{60f
z75<^t)#0CNT@&7}b$$3jt<~Y*YTXe2qt=@69<8<E|Iu0(?%b`)Qy(6rwIMuM>(=l=
zS{uW|wQdWK*1A1BPV3I_5n7wVkJ7q3{1~mx;mKNC!jIRwH+-_zec@BI?hnt>+8RDv
zYg_nSt?l8bYwZZn)!G@JueB>&)@$A2=jrX9@M5ip!ppT<5f^F=h`2<nC*lgN!4a#q
zhD5B@8X9qfR&T^DT4N$=w8ll;r8Pd{Uabic4`@w{*s3)t;xVns5l?ANiFj6PYDAOP
zw1}6rW=6cGH7nvRt=SR#wB|&7pml!4Ct4Roe6BS&qC;z5#5Y<CB7V?X81b{#l88fE
z%Oe~wtM;jgaBE!=(NAk-M2Oa^h%l|IBcimfi5RMNeMG$0>WI-=H$;rpS`#r|Yi&e|
z*1Cujwbn;uXl;m?u61ifw${doIa;?xoThbq#6qn*Bl5I1MVza3cSMoa=7=(_EfE!3
z_eQMLx-a5#t@|Uc(%KraMr&Kd^;+8_Zr0inal6*eh+3^(5u3DjN8GQqC*mQkhawua
zTHYtM26&&*>hZpyHQ2jbYlwG`)==-8TD{(Pw8nV%YmM`MtTo>InbrjFS6UOjom!K;
z-)l|w{-ia<`){qOUh5UrE@|FCt(o4wTC=<ZwPt%mwdQyuwa)hr(YnApTx+g3L2I7(
zXsrd_aas$#6SbCjQ?-_R)3sK3r)gc`ou#$Xo1?YLd#cve-ZQnX@t&h~y|+MXwf6$8
z8@#1jYrM;~)_PZHt@B={wce}l-FmDB@3mUDde>`h^xmX(oA)-Y+r4*c-RZ5<+T^`Y
z>u&FZTARI(YHjgu)4JEYL+d{8^IG?NU((v@ZPwc6eM4)z_a9n2yzgu6^tNj4@*dFI
z?fp_~kN2Ni4|%(^T9N<K8W8!bR!`*bT7x6iJyMSq64^&<XygE`-pIjPV<Np;<092N
zA08_{@<^=-k)yOGMkZ=aiab_pa^wW9DUq_?NR5>BMp~p=Zv<MIk+Octij?(HcBEP#
z1zI^~d%oFT5P1UW1X{U~YCRcf<wc&Tw+kXq(pnfP>&TMGbiG|3IYnzl<W#MzO+IUM
zx?KO6@>J{c1X>%+@imdM4y}!pb!c7WbbWk%<P6kfwMELhC?-nQHE~h12=8mfN9AZu
zh&n^ZE02=(O+}Pi2lcgTq891>wNb@rpw$>9_1zXF_1$i^cbe^{D5>x6DDh9T+25k~
zd#t@t;?I3i;?Mn2vVLoglJ#3#l$5hQO4e^3QL=vPj2f=jRb5fCe(R2s^;=Jrtlthr
z$@<NTmi1dewA9lRE$g@7Xj#97L`(fbqh<Z(jh6LWOth@u;-af`KJn4AeoKg!^H5^6
zIu8x7lA<f{!vHHe`WCGz(T{6QjebLGT6Blj%;>?~`yXIsMW<@bjy?lrT^KF(Ul1+z
z&yAM)=S55X3!<g|h0#*~l4z-ad9>8OB3kOdB3kNS87=j%GP*ii{IJIOVZHG~weiCS
z<A)mKhg#!@I^&0W<A(<0hpomBjnT4>-4-qD*qza`er<}b()DVNR^u<wYKfM1-y1Fc
zWM8!Oll{@sFIuBz9JHBu?IvD_iPsr@HR%OfUD4NS?T%inwI_O=)<e<PYqesc^mq!0
zk@4e+k^UbXBmF-lM)C`dk#XRSk$hufq<nEPQoi^YDPMw#pJ?JG#mG2Kj*)SiW#VU>
z_&H{KzTW1(K#a6&Zj7{RUW~MBL5#F(VT`nENsP2>d5pAcMU1rTiWq6v${1<asu*e4
z)iI_$W29fNkCA>|9V7jELyYw6ni%QVwK3AK>tdu|*T+b|Zitb7y){Pqbz_Wa&lqXX
z?J;s)veVR~$<$-FsYkQfZZX??O}+M+dhOTs;yT&*rOo)M-T1Xb`_*H0nsmBMI^8Cn
z9+S=?;~y(l{1Xr>{_(_$e}ZGhKOwQ=pU_zGk2hBQ6BBFZw^;E{e608<Ay)j87%Tos
ziWUDP$BKVaV#PnHvErY!Sn*G0toSD@R{WD4EB!tvwo+f`%#W4pwgs^_(l1%($I5vq
zFIJt00<D5r)!#hUidg9%m9f%4s$!*oY>id(F!xbnrC)3_@wS_IJ7ZP<3AEM>k$$^=
zi1gd)A<}O*3{m~uW3>#CboUOCboULB^!5)CKei4LKei1~ehjqQhiuT}sAI@&y4;?j
zQoi7!l1|7_NvGU|SD5e>L(RN1RNaqqTk&x<9PhRg;_lR%7<aeUq_|C5ljG{Oro=s<
zH8t)*t!Z%&Yt4*n)S4Cdgx2i1r?lq8?a(?uZl~4-aW81ijeAjRUfj!C3*wr!7MgOD
zm~xcsas*oYhpF?b$I3ZUu0!V^`8x3#uSf3HntSBCTJw(lP;0@FpK2{UvR!M*kq5PI
zGskZ?$L}=9H<{yio8z0!@h#@~z2<mpxa1!&T=Mq}m;8f=Oa39lCI8UjlD~Jj<R3F!
z@{b$-tu9CW@E^4%4DUe$t)$`q(c5cG`s+>l)h7K7CjA<deyvHr&ZJ*&(r?h|_qFy9
z|DE*uT1oMqJxY_~2caG-C0>2QgZpanL$wBvkns>QLdIq22pL}qBjoxjZ-n%tf)Ub>
zIz~$W>KrNaVAn`Fu6v}6+n$kf{GpLD4y{pg|07_OTo)c1CHt!q;&uM36Gm(8Oi<x{
ztPP{bvfa<B89g2iw7N&9YV8?4S;xygO7hD)O64DDRURe%zv?LI|4m0p`dMQF_4z-0
z%yg|eW8}HOzA-Y6I>$)7E)%cY#OoQ8rt>*8M&=byqQnbMl=_AwPSyKE6K85|Ni^d%
z(Tvwb8RuPzr?8*$C#v(D#|k}q4%>aKq@z#Mntb#^ttm&Vd8dz+dUT%NPCNQs)MFJK
zZTw;4*O>UVCVriXUvJ{?Hu3kF`1?)#RujL?#BVq81I9|d;>L<UbIkS%qq|Lb>sV>m
zHWQw3jKtq(G%HEAw<Sq>`;){UZ6@41PQtT|mXDL?85QG-bUmxb$?;oFc%$C#V{Oy>
z`&iq@mFal<#z}kbA1CeEI!@ZN&7|8t&h*c5(k`7wyT(=M<GZ!?vwFs@)Z2;UrJPCQ
zr9USdO)=rAM$=4qrqL`Do^3S8gwHqI3ykKP@I0dhMhlIWn0VzzD@^zbvt2oUl`d!1
zc)5;WJ^os~y=MG+t?S2&U#pF7Fj_NS{8Vews~a!<wtl?$xncZG`uMHmZ`0a1UdG?H
z@p3-s8ZYhBZQ}QgSM9|5H~CH-KRa2@*K3j`z4giO>F{c^y}@WrvXrmZ#IH-1^LTx-
z+!ty{miJNio9&Kd$#?&8a$Kv?Lq@$5Wc?L0LC$}16J)&*KS9p>31)xdgh)N!lO{-g
zk|)SIBE{@aHQ{OI_{<5iuE?4o`EE7ZJVEBKjtNq((23%=tcfbTk5xGFBkIlbhly=k
z%O`%JwPNDe+8-+>$~vN9qN&$JnFm`Zs`~e{+9rOd<AtP1dxfS*zxJj`zm7BE@g_XM
zgeRs*e@#k}c1=!^bW>7fel19m{0dW~KC4s2-!&;_U1+wOjP6d6_H0g(cI?r|53s5x
z^-#V6*6K;WzOHorq~Enxo9&uOj<-~Jt=X=h<a$SKH%toTA5aEZjg$In-Db9TP6|Gt
z!kf%?^P~aasO^?XA^%bH-R={lUd<=SxNJE=#`E42RJ#wbvQxu|H^9m<T9=xox9d|c
z*2jmQDDNjFO&0AwN$PK<NxA`PlCCFB(hW|N{uGi{FUO~C(OO{Q6`FV@CSG}(_`4!a
z`qzpyIgeDPNq?+Llku=RP5RxMH1X^DH0h@;rW|`s`uj}!`%U_-CjB;(e!EG(!=&G7
z((f|qcboKkO!|k?WS+LtrN0NH%Xsso%Q`tYUCw7A=`vnI)8+oHH(l=E#-z*r+qiV;
zM+xcTuf%lmS5mt8D>+^KnqtyTHR+}q%{1v}rOWuqPM39fPP#h(aowE$i1zb>^e43D
zrptACUb@^LE=ZUA!-eT`f4C%F?hluz%l+Ysbh$sgB7M6)es{XGLvy;cbBihWUQ^zE
zCcphAyw%jF+r;llm;056(w~#^WJrDUGNir*8Pe{B8Pe`08IoUlhO~P{hP3yJ3~BGm
z3~BGG3~7(m8RD-s8RC!i8RC!X47o1ZkRjJ4H5oEKYcu4!q%K3QOX@S^x}+gP=98@%
zmY&}lGvqy!Z5gs2*`A@seW2Bp@gnsIw0396eW;cUx!%~DVXosd<a%R&hPjT<*sbf`
zks<!;%#e2PGJfbbe&{iNIAr`_O%Xo?Oc6hLrbzz}o+ADTnIirOog)75P7!~^Op*SX
zJw@`VH`*{o{JwRH_`A`hw{42}Z~GK=zHnJxQ(mFG{G!a1Jz9IFw4ej5LsQ<;+X0!f
z-;*i(gEM7+NT%BFv1&7=o^_cf|4hlZAye|%nknO@F;m9NwoDl>+cVAlnQ88qWQyN+
zXUcrroGIsrmQ0zC_h!nx8$VUXS<Y0+Z~j!tZ^2ZlXYN$-Ti#U3zhJ7Fzo*LivBbnH
zH^)_IWj>zTrt4ij^($SkW|Mx4iMMyE^xu8v`2AC*|F%w*c55^FwojFI>M;3t8ts}Y
ze&{yZGgbU?XsY<bnkM}@V4C!2&ot@J!PBHahfEWHg-#QHd8bK#j+rL?Ic}Qt=lE&T
zj}xXz|45uB^-r26{!5-Fe#n`o-aGAU1yBE0*SmZA&ssyXj`&Tre_YnFsK?qcL)y1y
zhWNX7hWNW~hWMj?hWNc<hWKOa4Dm<f3~7gLGo=4+pCNu}HtDsP^!A$c_L=nd&&bjF
z_Lz8wOuW#UQV#D-DM!pqDM#E)DM$QFDM!LgDM#W=DM!*w8BfVGO}{Y57ntJ<_3;C&
zx|yfyeD}>1|LmVB{%V~m{%e~l{i)rg(_!-KH0gAibh~HD`O-5>${RdO${R9Em6!XZ
zvnq5x*|SVL%#wWO&ysu=%#wU^XPNTOl6n>B<9W}(q*pRa<ukwvJ^2=$Uh~P~hnABi
zzr81`->mWQTDO!V;1m^3{8KjTaPKLSU!o4@J*HD6ezMt4(c1&84Rf{<e}L6G=WVU+
zbAHn5nH&APPH%3i)|9ztX`MfJmDZZM4`{8Q`wy-A=l(})*W5(QL3+XS7HVBT?>enD
z^LA*ho!6#y`@BI86|ZxCD(bP~PL+DZpDOiBI91v|@l>gI(y5Vp9#1}1+CBJm@o&iK
z;@{BIrM}+N#lJD9i+|%z7yrheF6kwlF6q}SQ1J#>Z42{t{^e&${uO7*{uO6Q{Av@v
z!GzbC@Y=JaTy<wj`nyfMW)rW)#M^7)Rp(3k8}d#5`I3HZzDXxv(y7mvdN$-sJ-6md
z|8C5e`fSTL<1Jst+s=GBUo_>*e6TxT&KJ%3vYu(lm-YJIeDTY^e3_^A=ga)mnlJNH
zTfWRs?fEi4b>z$Z)R`~yQ&+ysPu=-4KlS9x{1mWA+QG9(+97z6v_r@u$uD$~l-s*V
z>KC&}>K(U8{1CrL##6!~xgVIgNWF(oe_bT^U6L2A(Cw45=u+MOsf%RYpSDP@12Pv~
zruSzpTBS96k@}4@?t3j-uXX;So3t)iB=>J}7u}|}^A_EywO~=5*1|>iX)Rgwpw^y6
z(q4y5IjzM~?tsP8UY^BLpWwyPULlL6y*d{^s*mqlY~DX#EdJ|RY|>jS^|lHmen5e|
z-{L7S>G4zIs{A1Z(jFBBrau-){*?uif0c>9x<K+@W71n+ApNDKK>V<`V24g`UxD<4
z{RL8vR+D~Pf%K#H0{K6M;3C-{QY86?7D>L|BFQ()?9Vp)bIktvX8(dBsYh;+lq;`D
z>RC`E<ti+a{!mgR{kX!Ux5A`XY0|4Q>8&yQ*PH#-X8#7WzsBTOYx1iz`PG~J8ccp$
zO@56<Qr~SwGH$jP$++2BB;%&3NXE_XBJo#qk@Vx1A{jS(i)7sFE0S@uzew7twMfQI
zTak>L_9AKbjv^U1okcQkx{74nbQj5ay{Aad>xYUg-M_73Ill)K%X-OEEaNG-_<89U
z#V={~7E3$D6iYkB6-ztC7fU-O6iYiK7E3!M6-zrL7fU;&6iYj#7E3#%6^maoi^VTl
z#p0LjV)4s-livc9U#`h7&*WEN@+&m?m6-g>O@0+7zZE9GN|Rre$#1pEZ;i=seX+Dd
zb+NR=hGJ=lnqp~(+G1&kx?*XE`eJE^hGJ=lt;Ny~jm6Rq+lr+fwiin~>@1dcXeyR=
z*j+5`&|EC-&|=zQuW5(<rv9y_{%xlI?WX=6rv9C#{#~a2-KPFMrv8Ua{jC!5cR-2w
z+fyR`4lWUYhm=VDLrbLo-V&*QOo`M#u0-k|Un2ESD3SUnmPq}RN~HeDB~t&C5~+V`
ziPS%>MCzYeBK6NMk^YoZBK>K8iS(xhCDNaAOQb*Ll}LXoD3ShDSfct<pw+n~Mn9MA
zS|Zm?-Ai)y^B=2J>Jd;X<@c1z`+LEq@_t@Osgy6YRIUfSrILP3X|wL<aivn;_)_Wr
z38nIWR${66E2&i8?@KO~`lgi1cu6&yX5wd-zM<30DiwcaoAh%`y7NoL4+~6rb4%s_
zmhwu)-vy=eK4PIsr=;{BI=%8zd4H^;RL0SYQh6V-vQ*wftTORdm&&+aQ!3+keW|oZ
zb*Z%XhEh2X)RaoUs5SZ4nflk4O22F{>1{22U+3RgYSsm%@;rLG$#<vmN0Z5Cx5=m3
z#BV8;_bvCD?R_S{{pPq<<Da(DR-I3~@mq%}UuUVjZ`o!1(p@V3vB$LMA=A!QnY3F#
zne-n|*&VuH1eck9UMBtsEjys|@s`Q^axrD5pO;C0h%b}=olqv%i-{(FQkm2vxlG1y
zN}2St)H2i0O}xx9X`iez=~vlhGQZ}ONk5uz(pgX@?U`F9?UiTJD=_6OER%LEG4&`n
z^{Ob7_fc1rNx!Ky`Bs^HR-1I!n0(fkNk6VGlm58D99LuF)td6xnR3^gdN-6wJ8vzM
zanx95<~Nhic2mEd+F$*w?D8-1Yd<Te{5!4l%X_q+lb4$DvQ*YnsY@MB{%71OU#iA0
z|NppD<^yY)%m-D=<p1|pFB3nmH`~=_yJnf2<GEk3Oy-TcWioHnFO&Yc)$DIH`?s0>
z+s*!_W%3^4ZWG?TOy-xCWpcjSXZG(m`&-TaHnYFO?C&)DyUhM>v;WXCdC%5bF7v5p
zxoiiU?a<}@bosr@L$t=3?Rc}DxI9dUCoPxvDpQt6>Fw0z(m&IdOF1)_oAajGpJVpV
zH~SZu{dvoW>f;NR$7?My+vR3^#q!ZQymGntv&y8idb!LG>&^aZvwwrxUt{*yEtmGI
zUoP#}VB$3{SI@6K);6<$yWT(6Quo;ThQ=C)rR>45$=K1@O~xLMy~o&Nus<;Nct86D
zKYNN_{8`wan)vhl;w<#D7i0fy;uK>KTPx*Rjy)E82FkxtTWz=U+Y)~EX6&nA{06?E
zjIIM!Z)M+N?3a4kDt-m=s{;6rn2EE;Eyo-r{o!0(tK;7!&J<&RhrQO=p?nXduAjtN
zLD{DCx2$K0KagXu^0Qy^vxg7%#hJqYn5*<7iN82f>@nDRF}^gbhKl_N>DL+iAa;|V
zofq$mV~r47#fkH?>qh$Gq>b{$$@8<-$3InhR9<OE`Ni?G*BU#Ux^FRdDfWz`CH^hg
z7a02u?A^y(`Wum|EvinCIAPa0tTyb2$V>H~v=e=Ho}XRiXV>}Jd6RwdtNiTvG+$mX
zO_RJ9<Im4e7JCi0D_`t7?9~On_?s{CwaZmk`0OcH`s^9l%0EH3JFJ7o9)|t-Dqo!8
z*ZAzk*ZS<ues&$5Q>BxFADaB^mu~dM|J={+LkCvzGs)|vTCuO@11zIAiJeFI=zGP!
z5Ie6y?8T%%WsBI)Qs2dX_Q6I8KSUhYW4?T6V5_|9NoUXFzBqfH5c_2nzRedt<0+rL
z_GzDe(9d4H!<YVAY?Z#sw+;JsY}GerJmU-B;%7H8pj7-S;$OAXH<qV7=Sy=7wu;lC
z>i)dgj}pJi&#p7}`-Io+^5u1qbDcUiqK5Lk<SS3xM-o0{9p8v(6??<Yj45NEN%+B!
zCHzE=?emG)OR%kWv9BObe21@(75Lfpes;UR-RX-T|BcVSfOCN=XEo_>=`XhO;gv^-
zy`8dc^0RmO*$4b=$6#OlVSaYHpPlb#Zwm9p-{of?@UtD^zBt4D>~udn-_O3%&rXl=
z9h>iGU+HIW^0RmO*$4b=N31WMVSaYHpIw(MaXz43+WhTFzVNDavHP!QUYalV3~a|u
z^34?0SBLr8>2FA!_woNOKRcZdnW^?t;p*Efx{uvL8>NYT47MX(>{GDY^29D7uef}%
z*J9@x`(EriKRa%b#CcQ2@v}E=knrWCdEid5H>kX7#eN2Rn6W>{PB(Ti=e4+QiSx6{
zE6t_LoN_&LRJzYjJ6Y@{gr}Y2`eXdo<w$r9;nr5MRhiTL?7E@=ou(>tlb>BxEa5vi
zHm@Y$k2Kr-?5ZWcaI4g3S6$~zv(C?sTjvW;^Ruh&mhcbBtKh+aKh8~ck4pF<!mFMW
zd(;h-{{^wteA2c{?8Pel6|pyCH#Pg>)V(YAZWaES*ugiF=2w1ke)HK)0fE{l#}TI~
zQ0yY?IJej;-=-j6xaIMMw+#?`9r5!*d~w<aiLKJC3k&?ipH-uM@vS6ZoV*;dA0mF$
zX}<W@=@R|{;ce&o!qd)^@LyE=D}CW{t0jC8=ccA=UwE6Jtv>K#&-roKYFs1{KkZ(z
zbFt$#i>=Oad0WNap~4>(`!f~a*lJu>`Pp@TcGWgt{Pw2;|7h#D=OkQ}vu?N8XOfQ9
zBKB3-X~uq7rElyHvD=LO8+QFyzBKC++<(-oYP4I|YY1cCI!bKi!?+1ztMa#{h^@+C
zrHP$M{5)e{h+UWAi=US1iyuGT{YPEuXZq~C9AEsn^Tk&EC%)JhC)3X^@UsIh^~I^b
z!)IsK`q?k}?D*q?{wPEH1fN|n(P!^Y@!0_<_}M4<>`Xs<b-FJ+ex}bZ;G>o-KlD0b
z_vJo2{t7>PozLD~?Xy|kaO7QXb!BT=cca1RJ*fJkRUOKLoUaJ+wL|n?)QfILW6*kZ
z2znnHhu)8}*tQ-(6VL`U5#53&p%0=d=tF2Kx)n`BA4W6LN6;+vQ8XKEMDx(c&<gZ%
zbOrhZT8VB$tI#J=9-3KCscrOWlnL9~j{c7BQ2U*H$y@D5pH<rdmbFuDqtB^rk7Yft
zl#0Kgl!`XF=aBkh7)-!fz|^c$z5{(2-hlz6I0OpeCb%0ug${7w-Z)5yRWO{~a-a~H
zrmaf28rH)ta3^d6^)0kr@IHJBU&7b$Z*b96OnFu?#KX~W9Av>FD1}R)4GzMO@E-_t
z%eUhq&@qq-vtb@AhihOx+zd5v7i@+t@EE)S|Ag=1XZRfk2U*ssPz0551Ka|4!o9E+
zo`UD$AMgou!uR0B;{zZJVqrL(2=n1=I1g@z2jB^K1wMy=!oT1UIQsD2Z5RdVFdb&Y
zLMVona1-1Po8cjN8eW1u@E&{(-$6G7^yQrZh=7qW1!loHunew%Yv4B643EJ<_zeR3
zacv7>5Dmpp0oTCw@H(`^ci?829RWjN6ikQNa2lKgMX($$gVnGeHb5=Z!$a@{?0_bC
z72bq*p$$5q3wj`c>+8NS7-C=qjD@LiGMowL!BSWS4X_<vhyBn2Q3Gfnm<XprE?fZ1
zp%PZXM%V;T!L#rh?1#^w19~7}pk;-^Xvl<ID1aik2yTZu=z{)?#55>{3aEjt@Ckek
zKS9hOzF!72AP43{E-Z#JSOHaVE!+%`!*lQ=d<tKK>j>Vvgn<wNLt!LLgfy52*>E~6
zf#q-&Y=$lHC^W&_@Hu=9-S8_onLdwzI2Z%tU=qxP`H%-Ca51cb8{lrZ4;rBf_P|GQ
z0KS6XpfA(07ly(JI1#eoWGI6xpdKECMtBN#LMwa*Kf^@6_jw{rff;ZLEPyJw9&Uz>
zPzMjdm*C}|%s4m!GGGSGfz|L3yaapUd-xTc5zJAr0M3S8&<t<FJ~#w@m}v(?6pVzi
zkO_0)9M}L)!d~ctz)0#16JQRkg0-+2o`-j#1Ac{oD8?6zhuLsC6hJwwgL_~b?1qn^
z6Z%KfuV5@34^!Y2I1?^_m9P#r!!ytV``}~v9DW4{r^mh!4ntrZ91l}qHsnGvEQ8Bo
z9oz-=&<Ib%tI!Hxz(3)HSmMGai08DM4yVILcm!UA9yop|b%HnHAoPjDuW&NtK{;Fs
zH$g3Ig*}isj5v@774S5?3VY!T_#Va`$+sAx7?#6IxCu5wJv72j*bARPJA4gc!|^F>
zfkt>4{sG^@*m&;szzp~ef=4ia!Y~*G$G{x87aHIhcoEv*cZeLx+yrA`BAf)%AqUQY
zXW(Uc6ZXLmV2$D&3Q-UTM?(r^!fcoa4bTWX;01UY_CYIr2H$}vfpZuPgYj@Yq{DQW
z182gya5HR#I%t4L;2CIwH{m^Kh2J4)G<^^vVJM7;bT}F2!9sW$-iA-$TgW~N8@>i>
z4CfaJg<&uTCczZQfn2x%%AgURf}QXdybE7KCwLN>4<QZ`;W$_d7sKVS8m@<1;6Zo-
zcEcX{41Rz^(C28*H82ZKg?uQ2%i(IMhTGsCXn?2S1^5?u#xj0jG)#usa5@yi)o>$h
zfI8R$+n^P`2In!{vxjg<fFzg%GochNf-1NL9)w3>8@vSvAUFx%!9pm9Rd6%h13Tb-
zXoGHW97~(QFgOab;VdYE3RnZxa5p>#&9EQ7hQM*0V_-hy!ue1RH^A+%2_Ax0=mF1o
z=3y8K3t$nH!R4?Du7!0_4Gr)V?1Vk=HoONPLkIi-zkxfMwIRg7NH_+LhYZMq99RH(
zummoG%i$`hhCAVY*aj~`3+#iB;CuKD`X5L7FbdKj2lAi<*1$%15T1tjpaXsd&jfr5
z6W}D63G?Ah$b$=D8C(jt!u{|l?0^>d6uyMuiSz+D4X%PaU>CH*z!c^v7z!ic7)XWb
za0;9UC9nc6hqbU3o`aX*b$AcHfI|>{Jbez1ffFDL=0Xu%19!qU_#OsMV*Lx#AqR4y
z5UzylpboacQ}7(T25-a1@HPAkLQi0v!WftcGvH#l944o7Ec^?OI+6B+m9P#rLJN2%
zGk?NKa5|L2C6IIy^E!0GfHZsqNiYef!6|SiTm)6H9&U%t@F+Y5&%>+mHtdHs=!B8!
z91FL>J#arf47=b>co*8?d+34RAuxk64HIDs%!YZ84`px#+ynQ+!>|qBhwmU{3gZS6
z;3Sv_*FqiafDfP(T$$7rLLnNaK_y%Zcf-T*5BLDSf!`o%D*lH=7!N6s22&v$=D`BU
zgG*r#^g!S=_CY1Af_2aUKf#FUv?pZ4rLYHn0B06+Dhz}eD1wdfJOs~Ro`y`A4yQmK
z6vM@^7TyQ<Oy*R$80ugfJO}+|(Y7!f?u6IiEqE7>%%*?B>2MC552bJ+RKj&|E8GQ-
z!VAz0t?(6O&L%EA3oY<Id=EdvktcJWgi2Tocf)JY2Az;_3TqFT0<+<4I1iS>6>tYU
z3NJ!P4($umARFevneZ??3wz*waL%FMLkL8|kuVvi!$K&7&F~z23SYo?@FRrGrG4N;
zm<wmZC2&2|!jte3d<Q>+Yaa6}#6SWZ0~28~WWroH2bREvPzhJV^>7bth6mwMcoJTK
zm*I8z0NS7fzJ+e^%x6A>p^yOMARTgGA)E&#unbnh6|fqvhr8i^co<%R4sf1I|AtX;
zG^D_ZkO{LP7nZ>dPz#U3)9@0!3H#t<_#8UnNB9MPhrrY5cQ6PdAQpzhQ7{ftU@}aD
zIdCTAK`E?+YvE?7g)PtsJK+;ZJ)QWF59P2Du7=0pX=sAi;XP=DFQ5|w7cdTB1}uQ{
zp&VAgl~4n9@DS{P_uv5h6TXMvq2C$IArK1_;WD@#>fjal3cA5MllB5H41@8I0}CJ@
zE`W<*E!02*JObO`IcR}*;8XY>JPVn>U?_}$V_+hj1hZfPoCBA^9q=?f2cJL(^v~rx
z?=TfkhJ}z1=fe_cfPL^G`~dyVqTFy4oCwokHk=M;LlKn2#jpz2!R>G#JPyyoOYkmy
z1fRioa0r6V=K2|;U?hx#6JZ+6h4WzvTntaaEAR>Y1iypl9QqYR!Y~*O6W}DshBII>
zl))vi4sM0b@CY<PGrSES!at!K{tZES_!)-6C`g7AVGb;Ya##iHVIwralh6eF;1lS8
z@8CZWn9uwTu`nFQ!wgskD`6u%3Qxi7@Gg7;U&1#Kyoj+5W8ru>31-4vSOizXde{JW
zzyt6wJOMl5MR)_=g-@Xaeu2Qn)Dz-h42*{pAPW{iF;qe|Y=o`w9J~P^LKhqYPXXsF
z@Ioxa!|{*>r@+~8E|kJma5LNq55VKF6ZXKD5O6O24wB$pD2I#TN_YtV0l&kM=iv{S
z0`s5@*2A6fAUp@}!;diFe98s!a4clP8Bhh+z%6he?1b0hGx#U`2#26wA$<)ZAr6j)
z;~@=Z!92)?MNkN3a0#r3+u&}fhlk(^cmZC4&){2dT)=rB2EcGgf@yFHoC(EH0awEf
za2wRY!|*sf3(fE*ybo<~5PpDv13zYN^@R|Kgd<@LB*Td?1!h7Xl)(zP60U=4*a-K+
zL$D2=ftTTR*asiM0qBGupa-mC`UMOEFB}PDAqA#DHq3`yI1kF;LRbaY!yWJ-JPyyo
z$M6dTlrWD$6ikE}Fb8tsTv!6@;TE_Ho`NQL6F!8m;8%!RLVtj<FdgQ=8E^@#g*%`Q
z9)u@gC+vo|;WPLN9Ho>6B47lhz;u`m^WaR#hx4Eqmck`)72E||;1$>lA3!^N1Ksc&
z^ew}G5CbFNXh?xHm<jVB7fN6STm!d2J#2&Lp#|Q9kDwj8!767?fx+N~I5-L>K?cl*
z0$2vC;TG5o55o)aF?7Li5Wkdu1XExcTn$a|0UUrXa4o}65Cz9T2F!#D;BI&a)Nl5<
zmg7q}7LJDum<{t`5xflV!DsL_{0NQ;>H(u*2Am3KK_T1#HE<t10?)uJ@G*Q2|Aha*
z#0!}dU@n{m%b^mkg=gVKcpE;2FX3DG8A2{%JV7EP!$~k7&W1uLgKObdxC^$ztI!U8
zE~eaY6r2QeARmfhC0q+P!#4O3+97HM^@I~)8k`A>pb##EYPcQh;YnzMz3?9V2q7y;
z1I9rroCcS{&2S&Q2(QCC&;kDf=OwfqjEB=<F_gk8SO+)51JDTDp#?sK4scw`u@DcF
zVG7KE95@S}fM?(n=z#A*J^l*@FPsRoVLmK`#jp&nf^~2YY=Ot&1$Z6)0UyCP@G}g!
zjQd0o2MLe_Cqgb1K?PL8D!2)1U=ut9P4EeH!NAM$9gK$YFbx*Mc~A@$Pzg7~R(Kp<
zfY;yyH~?S4H}E6;27Rxf4?r{=3lm^6WWsEi2WP+%sD!n!5gOnz*a@#d3w#V;LO1*h
z0ac_AgCGJ%z!*3I(jf;<gY#httb#SL5$=Ke;30Snw!<!X752jW@G}HniEm*zjD=*F
z1dHH&D2Iz+72E>%z<ux-ybK>fJNy9dRb1D=XgC|rgXM5JTn~3ZJv<1z;dS^BzJ%YP
z?^W~}7!Jq4RG16rz*4vvE`!zZ8oUQzz_;L9O}=mjEP|zQHPpf5up8cn&tc5f%oi{X
zX2WH06|99Dp$6*ULD&Jipc&qWcK8*X*RZyPk&p;EuoSk#^Uw;`wX8!S3dX`zm<6Z8
zLbwKQgxg>Tyauh%4&Oo#xYw}81}_{5$3PC81<T+nsDnr0RrnOXhhM>3%NzwmApwqs
zX)qs_z;d`2K87zL@H*x~7y;8@9$Wwy!wqmJJOMjl5Bvi@fgbn`BG=J(U<zczJU9c+
zg(Xl0*T9WX1DoIhcmj69%kU5Q1x{PfTnbgN25x`{;4yd}K7?=JCpZK_*VAucETq6R
zSO6Ema<~LGLLEE^ufu!rF?<2v!B610fwZ7M42EbJ2BY9;m;f1&1@mDc<iirU2r6L}
zRKvUQ9sC6SZ{&It;vfl9Ap_2VbD<b2;BvSIZiBnve%K06!cN!+AHx^$4g3V2YRUtr
z!a~T0^I-{8!3}U1Y=KANMR*5(gMK$rE*J)*U>r<_3t%a%f!km^G{GCt0pCH;&CDGz
z3dTVyoC1rW1a5}S@EE)Vd*Nqr-@=>@CqOye0C&SfunYbH2cQdrH_(4!JWPQ(unIOn
z6SRQyR?>qZFcoG&8C(R{!Od_FG{Vd9F@)SkTflh8f`zaYR>4j1Ff_rt@CEz`ze4cs
zj7K;UM#FeG2hN3+uoiBEI@kuUz#H&Bd<tK}H}Eg;)Q}d$zz7%*lVKK|4d=oVsDMhi
z3f9Au@I1T;-@s4s8yvBbv|t1z!UUKKb0HTlgv(()+yQm)06Ydepb1`w_u)(E0oNV)
z3L;??B*P>~gK3ZlMQ|xx3pc?gcnF?=9q<CY3j5(p=!9P&<WA;B7z0^w8sx%qxCQQj
z```(92io8ubU_dN4nehyEf@;p;CPr0^WiM`f7rVhD4XiX|Nr~)-sjB4%$eIU=FFHe
zX3or*nR6x~Nl0Q`LI_E6OGxesA-U(C+>($aBqStBZV3qqNkT{nNp1=GJ@?-2^ZtJO
z&#zVM-|w@2zqP*0dOf_?K4<U!-h03IeeXH#Ne}WYnMkISMPv=xOm>ok<P`at{7zi6
zSSLstDMRie_mR4!F=<V@l4r>CWE7c5W{}s(TjX8x0og#dl0D=g`H|cpVmA9b5=)Xv
zI>{w1$W!DQGL_6CZ<3|teX@b<AYYO1$Z2wcTqo)rw)Z54B$Eu1OUjdb$pfS=X+fSK
zJxPBuf{Y`J$$GM#>?Plj@5woGm1wWCzLN}+OUjdbNexn;G$oIbC&>$BESW@Rkk`rE
z<UO*EY$dzN*W?KKf&4^n5o0d%pQI2!$s^@RHBys2M4FMu$&=(6@;n(wW{@|?QnHeK
zOtzA}<X57+!F(shNeU@Va!5IHFR4lDlSfHA(uF)r29n`q40(yXLgtVKWC>YCHj=Gm
zC;5teOOBHt$yMT-$M%DGNokT#?j}`9A*oNAkd~w^=|sAbXURx1o=hfl$b7PdtR<h3
zFUVKq2>F4WBbUkVM7+tdFG(b&NEQi_@}vr>O&%fbNDtDFOeQnQLb8GEB>Tws<TCk<
zX!F^Bkm4kTlqPqOLeiFWCf!M2GK{=TUL|jkx5;YqIoU_PA*adD<SMyEBHv;kOj1ZL
zxs%i+jmaaV4e3PskfCH8d4;@5-XSZ=hh!7^f_zPWAU}~?L@Z#wkR*~r3P=S~mDDB=
zk!GY7=}fwlzGMV>mCPlp$U3r%d_|6tGvpT%zL0rCGD#KkAZbFLB7MjpGJ`B2E6BIx
zEYTNHCsK)2C-q1R@&xHmULdcMd1Mh;N4AhJ$=Bou@)NmCej^cYvu_|JNGXy-Dv>&*
zF=;{GC0ogE@+~<{u9Dx0Yccy*l1eg3SyG8qBX!ARqyy<jhLdq*3VEF@A{)qF@(npo
zPLrR>uO#Xn>P6B>HYrOgk?N!lX+&C(C&<&J7wJb{AQQ=SGK<V3i^&S|G1)?PlD*^*
zIYE9Rw}`QX=^+WkM@o|%atFDaR3){@gQPKegtQ?~lBY>8@*EjOCX(r7K3PmwkTqmI
z*-CbkugMYe135=76MZS|gT#^~l1_5S9pr9ONa~aJqzma!hLdsRWio@jK^Bu0WG&f8
zz9r|#Wm0Sz(?`mXvZNBZpVT1@NpsScbS6E?Kr)<+Bd?OVWC2-8J|drx9b^wVNRE+n
z<TANQBHm?MNIEGX6-iA}pR^?HNf*+a3?ZY*bTWr5Agjn`vV(j}j+4{mCvuhCB-(Pu
zL*hs&l0$;zE>e}$A`M70@;K>0Mw97eK3PmwkTql**+UMHqvS{OGr3J%@6kp`Ns>(h
zqyni-YLGgl328~%lFp<j=}!ieQDiEaMdp*mWI0()J|(-zKJpDYPEM1b$Tf1CM6F;y
zK~jmI1js$4I;le%kv60g=|-L*&y$g49C?|{BJ;@-vWl!DTgXmwi2O({k=w+*l5vvK
z<PK7k)FTg*Hsndtjf^2v$?Ie>d7o?~pOdf1F>;DrAXkX8ig`(*NdieB86=OCBb7;Y
zQirr4ZAnMci#$hOAS1~HGKI_{^T;ByjI1W>$QH7L>?PljljIz^M6MI%eU7(D3@JfM
zkt|Y{R3z0%O;VpUAuUM<(v9>d!^t=@g}g=<lMl%z@;UjMd`EsHzmQ*vx|(&I#F9i(
zl4Ow}sX%IwdZamNMLLkKq&FEr%y$wek?CX>nMW3r6=V}Je@p!!IYv&A3*;J6K44l&
z9PyD-B!}EZs*+ly0ck}#kshQUd4Y@~6UlTkhb$#4$tPqdIY5q*ljJP9MAS7*Cy6B`
zNGXy-s*swb328~pcPYD&o}@n+LMD>gWC>Y8J|tVnPI8ExBA3W-ME#I9N{SO736Mv~
zRPqLSn;ar1$xo!+TG|j9N*0mh<O2DX#D7FPCwGx*q>wZqEl6wf6zN6!k)dQXnMmFy
zTgXoG75SE2AvZ|OI<~c>E_sA>Cf&&ZGJ;GbZ;%b-H&XC1%bv6$ok=g!kGxIRl8s~+
zIZA#ak?UD+h_0A#glLLO5sI5qIR8An8WE$!@~<RsgQO{5B}+->rRWqTmo9hmCP+ED
zmRB;B3W{H;%%@fPw1HAxX`$S&Jg(GG+Vhr27o||?t<+ZfDRq=VN+V^c(pVX;H0458
zGv!649T$|IRK_Tsl(9-@Ws>rgGKD@~Q=V4lDqWRDN;hSh(w!B)hq6ZLsjOFeDW5R3
ztx6wdm(o}HLg}yUW2i@!=augm@^RjIKcS3NPBPRV80r~iqH<1oNx8z1Z!zTC%2Y+D
zGZaI8RS8pPD-r5^B~o3aM5}Kr9(AP>!|D}FlQ4f`FkaoP_|#97WOb`jQr)JMR<|n|
z>P{t7-KF@|-Ab0ahhNP8Qps2MDFy2HN_q99Qc3+mxko*v+^e2es;Xy{YU+>5ed;;o
ze)T7%u6jYKul}qwP%kRY)L)dA>LulI^|I1Qy{bH`URV06H<bST$%*IGV(LKEqYhT%
z)ECqQb*So9hpWZav1$o*g6dOWR#VieYO4B*T1tIQEv?Q`Gu3%&mim^OqrR=?s!P;-
zb-5Z;SE_fYAE<Y#Yt{1Vdi5@KlX|!Msd|sPUA<S`sa93LQ14UssrRb~)SBucwU+w5
zTBx2=YpXx0b=0eBJ@r@hK~>f2tKnJ$HBxJ+#%qmKuhv*i)tabT+QVv&)>OSiYo^|*
zHCOM^TB!GGkE%7bmTG<NF}0!AN^P#SR$FLo)OK21^(n2L`n1+weMak`KC3;c4%RxV
zqqNTIXzeNWWvz?)s`fN5WOh~G)Viy0X+6|sT2FPg)=OQZ^;S1(ebmj`v+CzsUv;0>
zPyI^kuO88!Q@_&&swcGP)l=FF>W|t`^(SqFdQlsxUeZRXm$etwE81xFsy0Twrj1p9
z)yApUwF&BP+9dUcHbuRuO;dl@UQusruku0^fA>s(P1W?-s?c9o4SlZa(&wpe{Y^DY
ze@hM57pf8Z+iIk~M2*sysxkU|YOKCO_3A6tlKT5<s{VnRrhlkr=<C%?eS_-PH>r90
zW;LLHqTZozQSa2Zspa+E>RtLiwW5ANy<0!1R?-itmG#5wz4}qLs(xI(Uq7MN(7#t}
z>OZKp^owet{+n7`zoFLEZ>bOJiq=?HwWhkJwb6C0tuD0ox=VXPcWa&WaIKqOOzWY0
zw4Qp5)=T$l&*&wzXLX;}Ur*Ma(@ScD^i*wxp0175Gqe}=Ol`EDt&P!hw6S`=Hck&{
z<Mje<f_{fKQLms)(kp4x^lI94{XXp#y}CA2zh9fBKcLOg3$@qv+S**bp7y5RKwG3g
zq%GDPX-o9R+ETrVwoHFmdslC&E!UfA@9E9875XFEO1*`)N`F*)UvH_c)*sV8&>z><
z=&iL6^)}jCy{-0<-c4Jl_tZYtdu!|UXS5A^A8n)lthPyiPWwb3pl#6yYFqU|+AjTh
zZMQyH`$B&~+oKQBzSM_md-Y-3*ZOenTYZFfSRbh!(MM_D=`U*E>!Y<F^fB5QeXRDQ
zK2AHUkJrxW6SVXCMD1t&CGDa<N&7{AS-Y%H)~@PPwBPip+6{f0c2l3ODdH7P6*DwV
z%+_=<M{|kSwJ<SPixh8Y(PEw!E8f)N#C$D5yrp@?0<E}Ms3nR;S_$#C<`avx6!DIh
zDwb-QVwsjD-qmu%a;=PbPs<f6wLGy(%NOr!0kK*OiZxn+_)se^)@pZ&by`L7v39rE
zpj8qZwR^-S?Ow52t0J~&)x@XTePXLtU2M~8i0#?~;xnzL*r64Q&$ZfOr&d?&(jF8C
zv<Bj9t)V!mH4@)wjm06YiTGA~SRB@xiX&Pxaa3zAzSABN$FvsWxb~<xp|up>YmbSO
zS}XB`_Jla4brz?!ZsLsATU^(k5jV9y!mU3m!t{P3Tz^hP>H|eF{dp0kzaTvNP!XdK
z7qR*X5vPw5@%oD*K_4x=`WR7MA14y^38I8PQ6%Xv37`J5NY*Ed6n%<F)u)LxeYz;6
z&k*VQOi@~&B{K9mB2#}|`1QFWOP?pQ_4y)4Um(ip3q`KJNaX2@MZW%y2<l5jfxcAS
zp}#B2>F<g1`btqje_!0Ce;_LAABwy6wW5-~PTZq^EGp~k#l8AQQAOV@s_LJJYWfy&
zpT1R8*SCrL_3fgD{+W0{-yv%1pNm@hPEn}u61DZ+qK^KBsH^W0_4F^rgZf@kU*9Jh
z==()O{VVa1en2$RzZQ-4gQAK4jd)l;B%12qie~y@(Of?w9?_4A7W#MMQT>=`sUH`Q
z=_f=h{iJwY|3S3YPl>MjY0*vpQFPbOiXQqo(NjM!dh0)nXY?zgkN&F|p#LTY>9+*$
z3L2wy)flY{V~p-L#_D0l1U=lCqDLE3^%!Hi?lorVC5+j+&v;W$Hr~=xjfHw?W2x>p
zmgzahdwLmTrJif7(u2l_`W?nv{a$0UUd8xSuWD@7s~Ow$2aN4{En|mX$M{@-(AcRr
zFm~yUjotdg#vZ+?u~%<qe5JQA4(N{>-|CMWhxN9`QN4rlo!-efruQ(8>(3b9>-~(A
z`t!zVeXwysA7cEX4>zvqBaEB+NaL11#!$pqLx>4RxR_)_h^a=Dm|;YV*9?!CZ^VkX
zj5x8-ND%KCUa`_h6l;wnvEIlK8;wk{$?%KKMwa-*$QE0SeDSFf6kCk~vE3*ub{OTv
zE~BE@ZB!Ot7*)hR<391VQC%D~nuu?Vrs7+pnK*1T7e|a1;ydF}am;8bjvKASDWjb@
zV{{N_jc3F;<9Ttx7%VOtL&POxsJLtl6W5L5;x}W2xM_?Ow~SHZw(+9ST%(2V8Y5h;
zvBK>dC!$^Bg~v5P#JVPmIM>S}!8KVFcTEvVuBpQ3nkG_Q(?zQ56_M_mDRNz}iG0^A
z5pc~G<y~)xyIgOIimtcB-L3_qvTLEJ;#wr`bG<F9yWSBsTuVeP*HTf}wM;zddRH`b
ztq@IJD@AkHD)ETxeesxUjd<Mkp=jg!NVIdU6HmB47Eii1h>os}qO<E0(Z#hz^mTnI
zo^x#zLtHz=FxPG|(zQpt<oZ&)?Aj|PyY`7GuCK*Z*FiDebx6!|9Tsz4N5q@1qhf*U
zm{{aGF5Y(iAeOjJiT7Nm#VXes@xJRv@saDS_}Fz$Y;#={+g(@04%apDx$C;v<@!y0
z;kqHdblntRxo(NCUB8P%uG`{>OEHeRRO36BZX9<B<9nB3oOHR2Q!cl0))i))cSRUK
zxgw2UT*Zt_t|;TGE86(o<uNpOjA6KAjYxN#5$8@Y65L*+guA$r;!ZSD-AP8e+h=6B
zQw+bmq>=4THFDf(My|V*QQ%HD%DPJ%<=h#@UG7YyvOCMD=FTzhbC)shci(B$aF;V4
zaF;h~xhoij?z@b7?uteO_uWP#cO|2#`yS&FcV(l6`(C4^yNdCcyQ<O3eV@_V{eaQV
zUCU_iE;Ks0Ya36x>lhu~b&byMhm0=nMn+fn!$x;^GozQgxzWen!szR6Y4mqLW(;t*
zG6uOHH=cL5HU_)f7(?9cjA8Ef#&Gu&#z=PuW0d<zW3;=YG0y#zF~Qx%nCR|myzK5~
zOm=rSrn`F>uey60uep00v)#`aue<vg^W6Q7CGO{p<?aE-3im)`jeC%>*8RM(&OO-p
z*!_aB!9B#-<Q{5laSt=LxrZB{xknm1+%FnC-J^}&?lH#K?y<%}_c-G__eA5E`z7Oh
z_ax&7_shm<_hjRYdx~++J=OThJ<Yi2o^D)qzhYc-&oF*<ziRyEo@v~2zh<amvkX0K
zwh<OK$0!!|x)BpL*YJkDVI+plGm^sIG?K&S8zsZuGSb2p7#U#;4S(1oBRlMEBR6cZ
z5eR$7C<t3(R0vyY+!eOWxI64!qgvQ<qk7nTMvbr)Mq$`0qi)#y#)DxW7!AYL7>&c$
z8V`qkWHb+3XFMAAvC%SYqw#pyCq~<_Ek^sWPmK;?TaAuk+l($@JB+SjpBp{Gb{PZ0
z_88BHeQ691+iMIBJ7A0m``Q>4cF-6XcEp$vcFdR<cHEc}cG{Q`cE)%$>_=l}*e}NH
zuq(!#u&c%!VK<EVVK<EhVQ$ykVPUR!!pgaphLv|M3#;H-9(K2DWmsj``(gLGJ_xJg
z`Y^1jYh73!*T-QSUF*X*J3h|Ur(r6mz;A6*6~9%AO;nXUtK@2`DP^rvdylHzWtGbG
z<8O*sr5A=f{q|d_D)(63`tuhx?C;5LBVtwMKI_xV2b@yP4XRSh>UR1YRjFr{z8I(}
z4_T#cUpqstRa{jb{?n&LjpL44+<~yZHy~6hYP^STIYTZy;FNMla7JnM+d5R5`5jkq
ztZqAf>K`RJUOBc~Y0ebgSxQy9SbY>Vjt@Jke@vU4FNc$zewUYYro0p{`1iDiBF85C
zC~B@1HI;Hs&giZ36o|Qe<&cXiZS1V^q=@;w@dvr)V3qC;m5Lg#tku_tRb{BvhxdZ2
zjIv4}hDtB&RF&~ow`uokf3%I7%r$%NP7RIYn{!-)v%Y7x2zyz23!SzWbDldD)~DIS
zwLiXhCe*L2OYz#;AN}Tp`u+WLrv@uu)RbA)P;RiK=UJtD?|14_Nq3fDb~#O1WPO^p
z%4yj@huZic`mpC!>(9C8VSVp(sI>M8?T_g_y3_e|O{m}JK6Sc%{+QDuUMcOAnm1LI
zW!CV-bf@%h_i^?#*Kn+H6g9T%1D)}{`mFXxUH-ZT|Mu{Ts?}fD;NR(Euj;h5m-3y`
z;uxpYJwsDgSaWSt8)y0UeP319Slu4_T2<CtC9_|9TetmjP1#~~tJ2YF_nT%o>-q0@
zILrL`Nlv#mUpZ}K9evpS{&gR6$bWZu9cwr(yK1CU8qkx!@@Cak*15(sP1$92%XrDD
zi#cs}t>#X2y8YWVC~9~`&6lF4qo{uWdhVK2zVA=VNY2Tk#w*A1*GuM~_ghpS>n}Td
zQ*VsZhQ3dCN^%eJMrdDlc$oIb-Z|kE_dl#@8?fAIYYS5~<)GC~?s0<mJHz|sc~v=T
zeR^!3%5#F|-r&1YT(!1Jiw#Y=XqCPRm8S1@T5L1Md(HZ^oN(5FhIG4Sbu+iw_A!Ip
zQh&fbBYn6z4q4O2eVo0OoTBy%_<MWS_rgP4E_2Um@1tbxhc<TR)$(ZVkA3J`-C1kj
zYp5z7YbeJrI{SUuZSV8WJed9?caf~`ojjr{$yUkSYouGHxuLE6;xC*jzp&RSy%8!6
z`O@iDlfPPL*R(=tZ*a4nQ_}}S-M(n%bQ?L?IRdEixU<~CGo5|j+o9z<jPKd|o^`*f
zf9w(8VVh&uzIG{RtJ0HFwpIJd?Bngd?!I=;(Nde6&fIurgfo>Nv7fg0*yg%#Pr13K
z1gxQ$rMs+B^%~B6Zml^bxqirf{I340QpM_HHb<K^tkU5pojJb6rzy3qZbg+g98{GC
zfBICm`_`Xuzs>se7<I9?yK|_^qgJ=BDNbwuG<4KgF0`h|qoAgtZnAaCaWv!Jf!$6A
zhSnZAl$pDnB`t?1+hhff=Gt0yxhvGK9I~vltZ7%_tUV)VJIi-DC3}xu)X`?y&{SrI
z_A}R-IDI6u&9?jfIM>;;*UfXfwcX@wBW@3Iy8ZYq_Y<u;Z)07s``t=Q?E0r}MSZWR
z;T1KMqP~}0)~UfgT(0bGjqU4DUDoyD4w%*L!+uWbk&Vu=*}U^k>4@1nt!>Ugp5w8%
ze{y(o98+I))(_cDe(%I<&XoI#Ii;**r!*$RDXrugFMAwSUU5pRLu-^AvRoch+|E*+
zzQ`#R)rYM8Kkv8O6lWg%-RUUL(a2zH?!FV6e<OK5!JgwSc#6O-Ej#9v4u(pbL#6Yf
z(uPp!$56?*s`7lf%J%+lmao0#I<UuCd(N@9vb)KW9G>iE9_!i5cg#{%8D|ae3fuNS
zcYC&q^XZ`z+#j~SXZA7KDqUTyDz93lA1T@6Evj488fU4#$2_o?bhjw(<y-xle<{Z<
zosM)qJ?nEyPu}Bf;pDQEEljoz*$!me`0Ex?)KLBt<M?-K`aeUVg@m?n|8_h0e{t^0
zb}wsR)Ee;5w`)bsXSwB<TgNf%-|VfxUvKY=+9LfY#_|959FlEZ&Z~cWDg3`Zhva;b
z^XlK8L;s0!{LfP0dB4!nVNqL)|8sLlwj8;n|ECT8*X1GSi=0>g_8j^@w|xH-wf|3y
z<A3JRe{GZh*=@vsV)_0j#_@mC*-lYcSjt{?t`Mx+$n`brY_Sw~dF)a`=zdS#+s@Uu
ze_qN8T`?@G-@+H1b8Pu(K@Uw?VAVx-lcf)uIejcF@0?G|Pg4_|EB>-u^X{s$<WIvZ
z>U)no=Uo4r9;&l>CD6Xc*y~~EYNNa+D915%oT{v_#?gU0%XaCZ7S7T7lCe&=q*L6B
zvA!p-HqN?JQ`TGE^1pTZkVEMc8uBj;d5b-cLT4(?tCu^hZksPTS0*-n<dnAaJhXkj
zupv|fS(o|GsJuCEUg;Qc-DwB1^v~~Q$!i|+p2IJSGuN~v=Nk9Zx0oB&wXZrJRXJeQ
zAcDKs_B|WfEvJ_=mFE2|`+Gd1_(#8T-phGVR7p;y?BgiU2G~=6-0R$Py|z_V4q0_s
zT-Rw=6$WX_F{|5sE1av6H=~@o+!^}b*)h)Y&3#Z+PFa1V+~>5@erI^P-s<*a8|PkS
zpn)@AK42>CxgoFH4q$27SBmzr^zG8gP-(5#8FE%<r@e&7I^Bw@OYg6oHDJvv&efh{
z8P1T8b2r1TpF)eU$M)SrPU*3RPEBjFe%R|m$xvxveW#nwJwyA`nxRr)w5FW5ru?O1
z&N$5bm-do=k*m)3l$+N|?W<OMra2{f&2kuTs@X#>s?M^0*{RODP*h!hZs63wT;}%l
zo*m)LKiM|6M><pf;RnumXRt<HvX^S8^w(>=T$A5@PE)R1{bq3O`nEkcxFT#YZr-Z;
z4{Q$#D>=*De9FR}a#@nw4cTq(YtHv%Nq+CiP}^M_+5-ReRLU*zd!Z|-a(I7tUfsbx
zKD!;vV0&e6*NW;U*LXROci-jLCapOxx8uFGJ6GfX`L=FKC+CiP|9Z|E(C~LviM7VD
zqPf#ewyS@qRG&K`_LR%gUk~}Ozc-5O*~P6ox4hG7_kUe7@3o~^eSE>yczbK{0ei60
zRySG7`r3JNrP~|MIxW|3d1RD4!}(NR=L(<c?2pz2G$qFxvU#1~-bR?$`R!6Q?z+hu
z1Vc5jOL8dYw#5G4*w7u+;cTVsZgRgbYbxs}>ulDg{NJdH9EZGLVGgCYweHL9n!FeD
zZoa16V-49`mtVWG_Kk9>n)CF}pH>{>%mcHg_K?l*-4~h%c1cc=oDMl(ikhe9P-^|D
zE=6^dLzeT(y!&M@8FOAe_`jW3vz~XBN6_Vz%Dl>Zf7X;=qD9!HmNlKd+U|1Bl0FkE
z^&6upjjeIG$2z6nqcr6at6Q&;PDyr?%e;`|5_{>Nt>f$i<Q#hCh*PUK*o)g!)G>4q
ztrh(~ZjGaR=xD^8Lr+-UWNVV$iYhe@-FG>6*_k$TfBBR(l)UrKw&{NEmD@FtwU@OT
z5c*Vpuc#%n{B>u^JQG?Q`wVb~ET>$yPPv|ka~x}LcRT&=oCo~>Daoy^e4<P~WmeQv
zQu1isynAimsh0Z``KjzC?{drasHk&|zx(OG{k@{<@^`!a^Sa1B{_RrXC#urJYO#Am
zrGLJB|L^QWo`)7yl5_I!F1P>0_hhZ^4LzqIyZv?P@7AxVp%m5cKmXqO(6(6iThx&M
zZZ|m;S^B&E7WF+j6j}Pa-}~$3QPfcW?QZ{0or|iK9C8Xzo;_=A4`jESp>4M8_CF=w
zNDm#!$RqB*o-gKg3;XCW5IXZJYTL9i-8rHt>R3ST?Wb>X_UCa4&hf#*G^aEr^aRPZ
z&=VxG4|%Lt<s!cdX&u|jPd8U~j$d9HY5sjj^IX>-dVcMm1*-C#)k=!`v|e#ddBOTr
zes4o)C<BWaN>QIq2@S=3l5M0lybULL+Qur)=DME!q^CR|l-Kpl`D}k$z!9ijGP~K+
zAwpN*<TG*?cqZEZ-fgaF*~=)SHBUqSX*y&dVI1|@?-9s8?&dm|J(SP7I9F_jPS*Il
zmFE2OeWog}S*7+9oO7@*hdJXNL&+X*gHS0@&3SgZ`w>-n!|HeEQ_j<smqX8snr|K~
zv_8#$)|twp#vwm_eW!Cwc*l$UEeWgNb)jX{KeUV{g_eT(JmyO4d-B;!UaJ4&Y}TA|
zyY}))UOBJ62@QE|Xvpt`hWyt{zo_SdWev=wy3VSV`P8_5Mj)5DTvLi#kK}o%>_eVW
zeX`%V>SsPJyxAJZi;Qi%Rg!%eyoX^Q-^Vg-_B@cE%HhdwvM#cIe_faD_o~Y7KaJNM
zo;|&V!nw8?6?*>EoEvtn-r~xg{k`4Pe!n#oIYo6ob<Wk~(vscGxoh_!Kb74&-|y7G
zJl8m64OyPW$a5Sy<+9roq4S>T(D{syGhw^VjYHj@3Uy0t?#yR7JoCD;J#BJ|%&mZZ
z_Q{`)_~X;@y`1G%_ngyh-y{5%wN>W@4{FLOt0bpV&NVqVikg4Fh35TAwj1ZIp?pzZ
zQ!ZI0Ij>|5<ap)S%zm$j`mo!xxxU@Dy2-0_vfaxo^ygkt71u~}`yy*<o`)8*y1hSE
zQ{t?WY%j8vm@UVCnpyTMr(DicIpt=pN?61D>sra-$+;_^@|II>&Of^bvNg$m?_oP>
zUoHDSRFd<wc<3&V9Ea?;sQR@T_x~N<4_rsG$8n2or@eN|p%m3#<lJq2$$5spq}zEi
zy{PfZ>6LR*&Rsdj<#^?MNxIvqpE>W-{>Hp7ss{U}I$LTvjuI|syRkCLS(AOgI@c%V
zr}CYF$sL{V$tk)}-B}0C`eprZ>v!N;?T@>7)w!Dyu)b%O%2}nq?)R@hHHT8k8p>C5
zoVv(TLFjD>*-fwEeD7hlto9ZpC3KZt-f7*<R@81Aa(kNmv--!;P5G0~_Fm3|EgUo0
z$3BnqseRP)VNK_#U?Rs1e;(fWTxUz&m~F9r^dS2<sX6_=7aEG38*+P4RJRt%PRlX(
zICfpkJ&s*6ulm^~^9rtA3Zsu|)|@o=M|QVP+nu*oW4KytcavuX=GtiQ^UQ0x_A$sS
z3st42HI!qoJKgS|>y%`_V+)+Qv8|oc>dY%`_WYCAUS-Lw{r~<d?98c}QqLN10;NV)
zsV1f7R>>T4E2}iAgY(?~>CoK_bNSlOo-gOf$etoumt9AlB`qd7Z)wOW_i+Rz`)F^C
z!+f{YE=|x?rL)y-h~bp3M?2$)kJOaz)~7d^SADFKe3v$rw$a8q_BPiyd)}Mx$PNgN
zV~ABU?}*vQw&t59_V-GE$KMRIKJCc1X}ndEZy?Jzv<^|z$=0WJ>DS)>_HXO#YgcoH
zbcXe*td%)7Su1<(k?+!)?~cr|`Y_*Awo5aqi~V-B`IfU?dT*68w(mkmhg%d?nQ!&`
zU*0AP)vsx2Z*Sg%wCAqbvh6y{tJw0WO0FMr-Ix7d;Qe#^jhkx&oVp|qbV_my_Zjb>
zFScs6it*a>syk;u%dKv|@{G0J?Vc!STVl=)yW8y6&hq$z`ziKZ+gjCGFTbkdl;nHc
zokO4I(oXHUkx|Ndx2o8$9JgEJy>`thU7w;VtF3P4+w<$JlKIZO-6qZV=<T+#y1VvA
z4cdL~v_JEWFMD{ic*n`^<H$B=?wap>+ill;quwqJ2u*JWN1OKilgD-P_|I&0_8aDM
z`Q~#+)}9Bm-*x8w6qdO?6gkHWX&ZJcmhD-#aoN^Nq&O|?CEnDt+uDD5Gn?&@{T8-t
z_wvnqxdznZzOy|x^L;;iDDu;yYE@KSifZ?ADB%@3hp?8+p8nb&ODl>gw_Ay9VX|Ev
zqE_3jK4cB#-1z77ps4j%zWHZv|Lm>z^3XAjJjPtjT5DewTF3ga+p1M*_DptZ0p0dn
z-BM{e_S*P+GpD_LN6G%)V;h`(*^CO>AKhy67c~!A{hG%^b~~NR9a+0BsgH1sZhcyI
zle32?N6Fqxe!I~*maoKnpQo(vy~z=ZT?2V%WeZnH?3R6czSFXw-r=kP1)+CKk48G{
z?*gs{*nP+=+wu;Fyz5cay$<tTTDvuw@6y^O^IclIB&X6`s&=>Ktmo&g+M93H+T%6f
zRkc4g->SW2eJWd%`R3nstDE^Qt$ih?sNtFK!`j1>E$6?#L2Iwm`#B!6$05fn-<y@=
zmHTe<7b@%_%e|!hw5a{t)X-ishqh+#<BMvOayp7ylg+J)y}y)K9LzW6|GYPl`vCK9
zsof%EABlaPwr2Kgw>8=A4bH6X`kDKRN3H#DbZEcYV;z5&)m~bhY1%_J&pGYVAzG&~
z$~+r;oAo2oD#=glHg(pIluFLAkDrp=?vI}3FLhddlxM9-v`Wp>oFRV@+K$WZsd;v1
z*Hq4zOJkjJ$hI~iv~C^cOxPY<QQK^JR({dr%(bp1osu5!ls-#!O1{upc~N6af7of`
zZ-48w=W!#PmNSQ=8@u*LT+ULJOMi~f>1JL<wC9WYp0&O7-|;%7hgrAmZnEDaD^#VV
zHUC6t$Z|jUbysJZAAQ!D8>K?ulSdS?4ZX<U%gwNcS5%Ab%2hghA1dd;V-Gspuw6X2
zWVbN64$7kub4|9}Zc-;_TeqE~5qsTF<Lua8L+AI@lrmNgCM2jzfmL!<*OUrY$sMLC
zm90`CR|l(GCHW?>Y{j1zbGCZs^Lloz<Xn4?=W`0Je$6+A?eUs#Ios3r-`^d!KQ-SN
zu5a}r_eXn<I!jf~D|s9%=hacR%63iDm<LU)p_uznd&uUoqg|5k9m|@^ccn!ir+)J3
zJGmXo2^|4^f0@6=Ypu2BI%prWK0MjkGwtG-#y$p_NvVZZ7un6c%GBEGR&9{eZ;NTp
zc;%kX+zZ)zrlR&jlR{g}8yo@Hd&FKWbGwgr49_m*Fi-7IPf@aKmCw<GeFS>nJZHJd
znzmTw3}rwqr(f9;U!*14cmK`l=wMBUIVbITFpPff(&wy=vPIZivrj*B){kv(@b?9*
ze&yVi+ta?UaUI0^R31l+<;d5rv#g8k_Eddm$g<nQ&@t--jw9?=x0h$U?EQ>+RBCT6
zCUbOcZ<VjIjlIv>J{K?@cAdvwWXM)srcoMXm3%xYG0ZA8W4xoS(mhPuM5{FWzqNaN
zcySybOtn7!IMhcc)?~Y1S!X$IvNSu&sq>gZXZxHLI^&xg>Q<R&K4)6vsQ0<k$1KJ%
z*XnkQ^<#lmYHT=dEsN3;tJ?tfO!gd~9x9nfRrXvP5jvLN6q;*txydb@JZF-3gXH(*
zJ*vO%Lq79#sg85Ju~?R9b@mc8+lIZZGq)CY%a+?j^EhXPHEk^x@r<=qdVwWlZwcRE
zd$8W>b}NCWimj4t#d0VksygjTZjsipZtbx8kVh2eH9Y&=Ad*&RpOcggmE;kRxrg0j
z_4_C-!oGGh`T?h8UMsMt=%q4FH#wEnLv>jZDzzBzoP(9D=F~Kyt+PLRoT1otG0(j0
zGZFL5%Pz^Q-Etg>Q=NT9dgv^=d}t^|_3=<&O*vpq(GQ`uTb|L6;uzgtG7oW_bJ+Tx
zoL6#qmubcJl)wIx(??N9edcwk6V_1VxwzbpZ+TNy&RL%h3+=@#gpN?;9^3bpbCmlK
z*VgU5y?GpFZ?C$By2&BSQc>fW#qfTy#{18QH!d{S5*9eMl4Fyf%B`b3K9${M>CMnF
z$kSXqw5O=3Pvtni4As755mR2&^!{}pUwqGBUbp6kJW`NrlzFGnu9f*WX6$`(54I}5
zTYbn{Jw^Mo?{1pc(d}c*5v*l)zvdB{c+osAzQlPzgjJILzIjYlVytf7HqO}OP%d(O
zU~kuCA3w1+7PtD4-;-n8`=xWXXx{6vx05eNI>%R$99^ea{l3RO*>1(Me&)T@($=Sm
z{Pn3EtJIo1t#+xXBT(~7pgq0jnqsfN_k_+lJ?w?-afF5T0a1BQx00M|*jvYW3!QFq
zD&_s!qNdW^`UI`|$tfSi)mnQiC8tdePkt)LChr}~<@<Y<vwY2WIPCLF^N8`!XPWXD
zU9Jmq4xMAl?RB-NV{}=UqH1d1MJ{hm+dn^omsiitDYEzH@;v!KM~)P%A>SFgx{ykX
zxX<b)&j%;7R@C~-?*&Gh?b&=f)ovSg`a5m6(?Fh{wfe304Zl`nm4=48-P4(;U9E2B
z-sKUiG@s+T$E}k24vgJLZ@y=LD))o(%s+TURi3c=7{xJzy_U)EC2^(0zC!R@=={>h
z@a(pcLdm`gJCO4Q`-mbe)JOl*&R+Kc_O(x0<5(AJyPHC7SJow#q1bhv6WY_6=leaZ
ze$6K|?E1;NnCHayp55Gz+iQ>9yT~nOQTMXUeaf@ekn3@zU=Ky^w{AY-9LqnUJKL+X
zp;}!V>g+Z4g-R`GYj*u+{os_Ehe{7{v~JIXy6<y5X^nRtNBYC8Qp7Z8k8SRg?ITcg
zzSyNch3X&u_UHK7-ZIE#w2M8vUHkpBo$nPj4s&>;t+B~@dLwj(_72x9?X9w4Y1w~u
ztsN!%XlY8Qn>?=j=hw9Uc_07f2>Daztq=LP^voqV(V8Op*8$~|Q$5c+bMn*D&QaC=
zZ=I6I?R*-;w$47YIrp`57PGyRbBFS!!_L*g^UIx2%@$_AKVvRIyWfYJIcr6g^3L~)
z>NY6C=|i?tbD7I?t0~qLE#-{VUdt}CFSAQ>4<VmD`n%oavoq$CF!s|==3mCMOY#`W
zT%+vg9-P0fs41lsUD5bO5%V`mviU_4RmnlFB=EZ={KZ`*67N)^uspw0!ZiebrG$HE
zN<2QuFO_IYeI*eaC`s6m-z{O<_|+1&9{gsB#_xxu<8w*|4&c{IG-WX3;hcvtXvz>J
z4~HrN9HtcDaK@=Aqxi)WjbAOPfMb-3I992Ia~Qv-yslKiHA*%7P^pe<l^XbwQWH1v
zJ1Cm6nO{NCl<m}1<JU{-;~r|KDPQu-D4L?GP0*z_MYq}<!_*cSuC~Mo)qMUxQf-Y<
zYFms|+hd;E0jsGUv6<Q#+o)ZbV{K7W+NoVBw@2O+P`gv^fINw%_N3eqHGYGnH|5UA
z7DMerxeIDaKeaFA{>Z#i`%@l(nlg}|@MepG%pY|S<>9C)Bh<l^M<Vk|9YXm<WE-Fk
zqdW$gW9kUX<B(RVj-osPHD#hY8edY!(q$6z1e-dZ@?_MMDe6SZQ&Cf<sgo#AN1jhp
zCsUq*n)0eT6=$l`>GB$Kp2TmxsLE_)8L2ZVzmBvvbr$7!QB#)l6PK#;9`ZJ%I+yZF
z)Ra}~Jj(AQcRl!>7*+WIS-$E5${!-jm*0+2m5)$U)~Smre~fIw)FqTRpr&k8mr>q?
zEPZu3<xh~BYb$VuwhCX>R^v=<4ZfzW<vX*GC+M_w__nql7i$~w9c?o%(aigeOOf$v
zTk&IUJFeGu;3jP+pKeA?`9#}|TeLlN`4l;y)b`@%+J4-p9l-tCLHtTPgx_k1`Q~BN
zlq1?vJgOa|%Xg?L-)krEq;?Wr`YCklXE01Zi;?<yET&)J`%$PV@%lwf&@Z7^zk((7
zYnY^8=Q}>slnng_X6m=luiwTjogbc2vUUDba*#DwH?WcJ#^!oBKB7lr3q1-S*FD%y
zkHtlLJg(EdxJ^&Q&-5hRp(o?#dP&@=r{NcRI_}pq@GISq2lQ+_s+YkNdLDkS2k@j`
zfIsME@swT;PwN%%j9!r%{)n1#POpUL^~(5@UIj1e)$kX+I{wOI8=7)cuZg$xLi}B?
zgSYj1sEGQgiiW6(MhsI&=Bj9d5uzzZiso2Mw7@9Q5~D>c^orJ)B-)}+w8v!80aHas
zOcR|MS}A1SiY}NVx?&m89dkubyi@eX@}dt`5Pk73!S4_$6~zF&TMWXgVldt(hG2Cu
z4DS~su!b0gHN|MGCB|Z*7>^CaL~O_-2P`!)85@hK*n~gY%r;8Qz~*8mJ|$*hS1|_%
zh`BgW%)>!qK0YrN;7ei=P7;gpWw8V&i)A=PEXS#01x^#IaJpEHuZT4`L#)Nu#5!Cm
z*5fj<k-70Mvet{ul;1<v8nK1)2Be*ct@wr5j^BtKcv|elGh#RXDE8o4u@}#Y{dis+
zzy`)ahR_gctHvS9jgYA}4pVM|?01Z#l$#=Rz&J*^Int7i6O>z^rgSh)QhpLOrK53*
zawpW3ZpImW&Nzz$jPp3qxWK1_khx@B#KFcTe8ISaLyT*DIuzMH8`mihN4BxX4Sd<S
zg<Fl=xXn;C_D2RkE~I>B82Gv2#yv(jUNs`|nh}M+8Xgp`Sd4bXW4g<$smcScM6Bsb
z!dk9mx;J-~#5S%peBYIh-?%dHSC=14xU(_IT?T#bJWO^6FvVSfsqV6v<}Qcj-4(E+
zyCUA>u7vg6mGMD$6>Q+Hh7Y-`V^enxZ0oLx9o>cajJpo@bJxQG?)o^$-4F-68{ueo
z6CC4iieuf)aiY5gzT|F+liaOvfx9)n?QV-}-0g9_y91tacf_9Iov~MV7wjG06`u+3
zj(x&=V*l{oI4HaiJ|Er}2Z#5^7s3bNknlk`EPODI2p@tY!-wJP;Un<9@KLxTd^D~M
zAB(HP$K(6q6LEF;B>W(JGJYOD6?cYD$6ew4a*=W<d?tP$J_}EW&%ra{bMb8WJUkaZ
zAJ2y`z@New;f3(Ucrknl{t~_nZ-y_&Tj4A4_wZHdiCB#>5o<6uVl5U#tiwAZ)??X-
zjaWWnGggS$f;A(yVy%enSQxPbYe($FIuX0ENyHv(8nG9fMeN7s5eM**h=bT7;t)O>
zaTr@h9L2{Yj$!MF6WAu=Bt98&3Oh!e!JZLkaY)2@d^6$#&X2f=n<Fma&4??s$y>;@
zL|mhM8#N^{@;c=bNIQ(YLD`42!^m5dQ;;c&yiK_Ra%>r?a`*1uNFDEsWK~hBN4oKW
z$Z)I~8Hu$bqp&d2gS8`Lu})+>){XRHgUCc|7@33*MJ8jH$ddSUWEyslOvfIP88|l5
zkK-b<aeQPMoE@2mb0P!ydSn5vi7bmBMwY{MkrnXc$clI{vJ!q1Ss4#SR>8}W)$mGW
zb^JB5240V>i3!CD(Oawz7B5y03yRgpJBl^La>W{9`C?75VKIJpOnInSb8J+s1wLJ@
zC3Y>=3VRf5jXjIC#c{>j<M?77a6++;xS&{PTv)6NE-uy;-znA|w-)P(+luwZ?Zx`w
z_r?0+$zuKSbg=<=rr011j~a{-QA02?Y8YlljX;0YD9ni(jb)<7;sa6Rv1ZgntQ9p0
z+eS^sc2QHYL)3J9GHM16iJFN+qh{f-s5v+*YA()>nul|v=HnYt3vgZ3BK$aNF|LnV
zf(N3O;nz{i@lezX{5EP8hDWc)i0CyK6}=Xtqt{`{==GQyy%E!*H)E;jEtnp?70X0#
z$K2>07>wSD1<||lj_5sDHhM4K8NDCNMIXSsqYq-G=tEdN`Y_%feH3d&AH%}v6IeU?
zB-V*Og>|FPV7=(G_)zqDY!rO~yGCEcZqb*pXY>{96@3kdL|@0D(Km2d^er47eH%wa
ztAZsPt>c7f17D7I<K*aYoDv<0Q=_ABTC@kJN5|r8(eXGd+Kcm}6LC>=622XsjEkd7
z;ycl4xFk9qmquscvS>f9jLybY(PeN?bRK>g9l-t31^88TSv(nC4u6QQfTyA>;_2v0
zcqY0s{t{gUFGW|wYthy5*XSB}J-R0T7F~!pqU+$z=z6Gn>Z9gqh!LJf80l$(9#2z@
z@ifO+PYaCmw8VH%D@^dT#w1T$^m*E2X-@~t@N~p%PiM^Wbip#7u9)lTj(MJ*nD6P0
zWj%fHPETKK;OUPIJp-_@XAm~=490ezA=utC44?3fzz&{K_@rkvcJqwI?w;}3+cOcL
z@l3)#p2_&EXDasfOviqn892x@6QB3Y!jYaiILb2@$9m@BIL~|>?^%EoJd1FmXEDCy
zS%OnN%W#@!Ilkvvfh#<#@O{r}T<uwdpL*8fR?j-z=2?&1Jsa^e&t}}~*@6c=Tk&hp
zc0B0Wf!}y`;vvs&{MNGv4}13FanF7{;W>b3JqPie=MetvIgA%QNAVZWF}&nCftNie
z@rvgZ{^mJ@H#}!CG3Gp$h`E5tF&8l<<`U+`T*3U9YZ!>Rj=`84SP*jy?~b{Rm10z`
zT2zVAu_`}Y#kqEj8}Ew=$LcYWcz;Y37RK<~R!Z%dSnLoJk59&Uv2#o!J{6OM{bQ2x
zxtNkTASMk5#-!t*m<${l<Hu1k**G?)433M*!|^czoDfrh6JyHaOEKkeYD@*37E=*t
z$5g^OF_m#%Oci`HrW($Vsg7^O)W8KXHF04~AufrjgG*!T;b$@RaYsx;+!fOZcgHlr
zBQZ_!XiRhbE~W(@i)o3+V_M<anAUhMrY-&)(;hFzbiiL?I^w06&UiVd3toxoioeBl
z#~U#{QIGA7BDN2P#rDPU*!~z1I{+hN2Vt?;!59@g1mj|dVSMZeyd!oLmW>^a<zvTU
zh1l`<K<q@U89NDU#ZJb;*r`}Mb~-kSoq>&GXJWJ1S=c;w4n7h)7hA;6!$)K1W6RhD
z*d}%nwvAnkonx2aQ?bjiTkLY|9=ig2#IC}gv8%CH>>BJHyB7P$uEXbI*W=LGjW{fJ
zGY*g4f^%ZG;_I>7abD~Wd^2_@u8-Y~8)En1#@M}hBz8X@jXi+JV-Mnq*h3f>cNpX2
zj$%UGF}x%01eT3EiRI!>;oWg(urTf{Hi<irZQ?FqpSX+oLfj>MIqnM1io1pj;;!S{
zaW`;T+%4P`cN;&6Q+dW{M;t#os_c$4a8H~Y_r-<d;kZaV8W)9U;yidZE*5`@i^nT*
zUc4EXh_~XB&=sGIVeus~B0ddE#HVAE_zZkF-j7Y=v$1)68SE6Fhn?dC_*8rWc8M>G
zPsf+TZt)ecM|?%>6<^7vD!q~IUVLSIA-)Pujjx8&;;ZAU@ilN}d`(;zUx<6+>)<!>
z_3%)9ef&1QAs&uzgh%6>;Ia6o4EZ?H!sDCcFYzt#*Z7urJ-!wG7T+3wk8g{&<J+T=
z&;eZu9WgqgGkOxbU?8C@R!!)R?Gt+9vkASiUqT;zF`+L`N$8JL69(Wr34?G+!eCsQ
zFa(z+48t`EBXE7fDBO@Rni_6I_L2!>@m#`qx|~N^h<769cqd^Q?_>;kr()1M9m{!V
zV0rIMtl*u6cX{VvMekg^+dB`Ndgn8=X2|}?y8zpJ7hxCgVtm@W1iN~dVK?t`?CxEG
zJ-n;1r*}2>@~*+&-nICQcOCZeuE&1fjX2P|83%c{;4tr29P8bV<Ged?ymu!~@b1Pb
z-aR<gyBDW<_v3W$0er=K5NCJ~;VkcAob5e|?|6^ldhZF`?mda0c~9Yf?-~5cdltX<
zp2w5k3;2WgB3|)c!W-Tzc+-0gZ+WkyyZ8+ZD}D>Zi{HkG;;NhNRdIffS1DGUlV>HW
zxErI3hjYE(gB&>&kHoa%QJ7QQgSCstV*TRrIIOrAClpV_Pl_kur^S=;%i`v{Sx1Ve
z;nCvhc&&H_{#x9R*NbOkd}0~QO3cIRi2>}DSb+T!%VPh;a`;?g1ss!D5yvG~!ikBM
zaZ+LxoRwG&7baH6_Y!O1io}|@GO-XhC)UAF66@iX#QL}`u_10xY{b-khP<0nq6t1;
zqA9j7(Hx&B(E^_=(Gq)>XodYtw8o(&+Tx2P+T(;09dKHSjyS7CXPj4}3ob0t6_=Ih
zjvGq!#6u-|<H-_z@TU@e@mh)gSS4uyHcJ|WPbLk<o=HRS*`#4OAZY{+Od5qRCymBw
zNn>$((s+C$X(G-`nuKpAO~(02Q}L~&>9`<i1};pRiA$4a;i{xLxHf4nZb+Jko08_^
zwxk8PJ!uhsmb4gmBrU<ula}G`q~-WU(hA&@v<kmWT8#&i*5Ki!wfKF~Iy{-Q9?vCh
z#Pdm;@u#FMcp+&kUQODL*OGSNZ%I4xM$&G)nY0JPe0wq0w;zl94q%e+Ag1{aVJY8X
zO!pndEZ;HA^PRx5zLR*T?-btUJA)N{XR)&HJl^ZOfK_}Kv8wM9KH$58g}!T8*LNN3
z`EKBYzFSz|cN?4fRG#N->C>^5&%iD|^9j$Vec{;E7m3|{QP{)h!QQ@De8v}#eSBW*
z>r2Fbz9j7LOU8k|k~qkhhR^%bai}i?NBaCY%9o8}ePwWhFApdC0yx!IfYW_t@fBY=
zeAQP0XZkAQ>%K}j*H;<e@>RhFzG}G8R~;AmYT(<xnz-0kh#&as;2K{&T<fckANd;M
z$G%3m$=3w8`kLZCUvvE0*8-3DTH<kEE4=J$jaPha@v5&qUh{RpUws|JxZjQJHGG{>
zP40qva#xH<?v7E(JuxA<H<n25gGtGKv2=2OyeoMCR!km*4<rx9N0NtNujFCaJ9z~5
zPacJ1l1Jm~$zySD@_2kFc_MC2o`l<yC*!W<skl3NI)0Np0}mz7#Ke?YSSn=>rl-us
z+?07(E@eL6o3a3Fr!2xIDU0#3lqJ|HWf}HKS&lEHtiUlTt8jYCYMhg@1{bER#YHLW
z@ZFU4xIASezL&BYSEOvgl_^`9ORJFMqLl5pDP;$4PT7f{r0m8mDSP<Nr^s5CvKRNJ
z?8kj62XKGNLHsJ^5Z^g~97m-b#_v;(;>na__(RGGJe6{i@0>=~zLZl~v*a19SMn^r
zR`NW~DtQ5ymb{3|N?yW^C9mM7lGkuo$?Leg<PAJs@)n*cc^j2fHJs&}%8#}y5vg2Y
zRU%W}n4B7pnW>TJPmRL-R1cO*jm1i-@mM3(iw~qGVu#cu?3kL2T~bS8_tZ4(pPG)(
zrDouyR6o9&nvHL!mcjX{dAKe$fS;rmgfp*F%ToR#wH)qAt$@c;E8_9gN_Zx<GX9ua
z1uvym!yBp9QBSLZBCRIIr4?d)S{+PJtB0l2>SNiohIm(6BdnX&1nZ?W#fQ_H<D+RU
zuya~V?48yMpGj+t!_wN~@U-^$T3QF3mDUkIOzVtm)4JfNX<cz^T6f%^))T)<>y1a#
z`rr>~eeqOUfBZdd02-wRVOXib7+z`!MwJ?d(WORUVyRJ>U1~JmQEDvnq%5*Fl^T!r
zOHIT^r6ytbQj@V?si`=w)O4IxY6iYpY9_v0Y8HN5Y7U+(H5V_JnukXEeDtO-z?Aew
zn4P{DtEVr)M(NA2OZsvglD-08N?(QZ(pTfk^fmZ#`da)XeI0(Dz8(*zZ^UEioAF%w
z7QB_d6@O3Pj-JvxuvF=tcz5aDIJxv5oKku(&M3VfXO%vHZ<IcWOG+QYrKJz!veHL!
zMd@R>vh)dDRr(~pU-}fTE`0{qls=0emOhVbOJBfsr7z;gr7z*>(pT_I>1%kl^mV*a
z`UYMteG9LZzKt;%D$gU7%Fr=A!@!ITHwH4oF_;mF1sPFzSB3|xWW+|ON>!xgWW;03
z3@^6INW{l8lCX6~GWO0WiO*!D;oyvP9G;PZBQpFrG9w#DWt74B8F~0tMgZT*D8TC(
zW%0L+a(FYN0%P=LR>b7YN|=&a88b4gU}k1D^k-Jbtjro%KC>oP$SlOWGV9=jnf0)K
zW_@gs*^ps2&TNE_XEvcrYvhO}vnh7WY>u5WTVUtRme@VB752<*jl(nB;)u-lI5M*X
zj>_zaFJ^Ye(V1OvOlDUcm)RZ1XZFMinZ0phW*>YhvoFre?2kWX4!|p!=JO!eGY8|%
z%prIya~S@fIRbBIjzY~p8V&zg4D*l2aQ{S%@K3@7|71+`PsI}c>6qf5focAkSlT}e
zGyQYW@1KiV{&|?|pO1O|1z6x;gm?NE<6ZtGSkb=>@Afap`~54h(7y_6`&VNf{~E08
zUyF_X>#&J`JwEK;h%Nk^@lpR4Z0X;Mt^C`ugMSA;>EDSR{k!pL{~qk>-;3S+`?0(K
z0QT@7#Gd{`*vo$yd;5>#bN*vEz<&at_n*YU{!=*Ie+EbR&*CWmd3@1-0jKyc;#B`7
zoaVoRulTRw4F7eU?Z1I<`fuSf|80ENuST*S`E~rr&&@XFW4{|e^M~UBe<WV_N8t^>
z2XFdg@s{6w_gc&HVpvuphG!*VL{>7E$|{NJS!tM&m5x=iGO%ivAFE|$<9%6Wux3^s
z7G?#oc2)t_$tsIYv&vz!tP0pXt0K0`s)X&cD&rGbRj^Z5HGC?oI(Esbflp`E#I9L|
z*f*;Vj>)Qrv$N{soUDfUVOAqto7DtA%4&-1vYO+^SuJpVR!iKF)e1LewZ=_ZZE<r}
zd;BG<176DNh<bKs6xm(S$nJ^>+1=5b-4heDdt*{|AFQ0+7pr9V$Ew)_uv+#Y?3g_m
zJ7o{SCE3GpW%daCAbS*klsy_ZWRJxI+2iqO_C)+HdlH_^o{T?aPsPjG)A4Hd47`>-
z6K`eD!nB+@SdcRp@5q^lcjnB;aybjITFxS@p0gP5&sl;G<SfI-a+YJeoE5k%XBEDi
zvl>_DtidfgYjI!BI^3VL9#7|N#LGFGQ7N;9=Y&<HZIszcSx4ql8T0Q-8_2bYGCL@{
zk(N_tC*^Qt?v>e%$z}FntulMDu*`mJQ|18fEOQWdl{tjF%N)j=Wsc(SWsaeidjdu7
zNsP!ng|WG3FfR8j#^;{Lgxm}0&Ao`e+)G$0_X?)xUc>C%>zJ2&1M_ol;T^fRv23nd
zjQN(UW93`}@5^;#_1tj0KQ|H!bEB|Pt_K_E#$uD)czih5i_LNqv3YJ1K9ZY^kLH%d
zcDZTTJ~tgZ<z`^_TtD{6&Bg(_WpH3_9*)cn;HcaJd@;8yPRK2XQ*tZd)ZB{rYHlTb
zEw?hx&8>oO<W|FZxz%w|ZVh}pw<a#mEyQ<n>)?{ydbl*VJ}%2`i0|e$!sWS5@Uz^e
zxFfeY?#pd~-{iK$!?~^SNN#KVF1IZn%WaRxb35RP+>UrAw=@2j+XZjtc12fScZ|>L
zi3xeV(VN!?OXl^()V%(foi_k;@&;j<yunyLZwTI-Hw>%fjld>(qwwLp(bzO^EIyVu
z9^2$i#I|{puwC9{?2tDVpUj(%UGrvOx4fCyJ#QBF$(w`E=FP>vdGoMe-hAwzw*a5Z
zTZE(Y7UP(_CHQjQGMtgO9AC{_fiv?~;cI!T@r}GSI4^H4F3Veo@8+$?m3bR+Ro-U&
zIByHC&)bUI^0wplydC&O-cI~3Z#N##+k>a__TuTh{rGF%0lc1f5P!=%gg5dI<ITLI
zcq{K1{+@RNZ|9vvCI1wv`DakeKZ|<)d35DpKzIH{49mZSQTbOeI{zAa@~>k|{tb-H
zzlCx6x6zxg^4D!L@^#G2=OGN`fqXaC%n!#}`H}ckeiU}e_u$j{vDh^~9=qjxv3q_Z
z_Q+4dp83hxE59W6&QHVV^3!oZeg=-o_v7^ZY<xApOq8n3MCMg~9&XPM;O_ha{35?B
z?#VBQU*=c9z4;Y!Uw$S0Hor0+&aZ+;@~h#|{Ob5aehoa8UlUK~7vlN+I`~t5J-m=#
zAFt#$#H;y@@OFL^Gy+Z06=;s`KnwH*T4Hjb6{ZAQW63~UObxWB&S}V&B+vo#1069C
z=!|y;y5QY`u2?D19q$SB#L9u*cyFK&RtfaQ`vd*4MqmKe4h+INfx%ceFa+xbhT(&O
z5m-Mk3L6AQW5d8$d?+v;8wDofqk&2IbYL=e4NS#}f$2CkFaxIrX5#F?ESwXVgKq`q
z;)1|DToRa%O9KmVSzr;q8(56*2bSRKz%pDLSdJeBR^Yn8D%=!Ujhh2&@RPt=+#Xnm
zy94WSe_$hi71)f216%NDU@M*sY{wr1JMe5^CteQh#w&q6cr~yWuLbtw&A<V?6*!1m
z@DLUY9>%EPQS=0lVNCD@77w1plEG7$8a#t(!LyhZJdfGI3z!qUh-HG8FgJJw^Mcnf
zKX@Gj!5dgEcnix1Z)1g^8qKj{P{(_N2385Wv1%|JYXl?lfnXHY40^CuFcu4g@mM?P
z#rnZSY!FPshQVZfC|D931=Fx`Fddr&Gq8EkkB<biv2Cynwh!iEhhP9Z1q-lSuq<{D
zmct&w3fMDP5&H!zVgF!d92l&EgM!uY`CxS%8LWY$f;Dk`un;E%>)^CtJ)9n_kF$df
z@y%c(oF8n0?*yCTl3;UO8f<~ff-UjgU@QC}*c#Ua+v0{`d)yf8fZKu{aeJ^c?g)0l
zJ;AQ{Ww1N$4fe!+!QQw(*ar^<`{K93{&+Yz0FML*;g7+=_;YXwUJMSytHBZIDHw$b
z1*6ehFcwn^#$#r|MD!O-!mNVHm|ZXx^9rV8e!&b36wJgs3ua-tf;m{eU@qQUFb}H~
z%*Uz)3$R+jBCJ`k7;6<Q!8!%YutC9cY*MfSA1+vhEelp-+k!RNsbDR3E?9@X3f5!q
zf{oaxU^9*>*n*P^w&KeL+i`lq4xC-E6W=P>jSCC*;Ie|fxV&IL?kzZg`w9-?HwB0A
ze^K@(aFShhq5n;0ro$2+0`WnW5k#s5G$ePwbs>Ov?Jjz$ny%{E2$a>`H8aKZmagi|
zObD9>0SO=)MK%!#DgyeHD5Cg~M{on5&nN!fP#+ROB#1x|5zznlcbBSL-PN7gpFY1j
z+dcQ*bI<bI&tKp0H^494@OQv}zTs2AFW&HJ;J@GS55RBS@LAwDZ}=SWO7-)=BkC7`
z4^zJge7O20;A7OU03WM<75F&yYrw~=Uk6UB-vC~xeha9p{|PkID;~iLrXB&hDyn$O
zv(>AB$JK`dm(+&?PpRJqe4hFUU|W48a7}$Qu&aIt@T~e6;03h=TvxvnxT}5_@P+E*
zfiF^@0DQ6fMBppbY2a(sCjoy<eG2e(>h}YGTzx9=4eAZRH>w)&O{xKWn`!~yt~$V<
zS6$#Qs80vJPkjdPZuMEf-%>r`2h{-h+iC>-usQ?$Uuq5b5p@oDkGcT-s9Fd9u6i8!
zdukK-`|2|A57d*uKU7Zx|3Q5Y@H6UjfuB{|z<*Rbz%Qt)z<*Y|z^|z1fcL9C;8)cP
zz<*UYfL~L$fd8i64E&bb2mXh;3p}P>1Wsv}fe+JO0DP48Lg1sd7Xu%wy%bo|ei-<8
z?Pb94)?N;Lg7!+_leAX>pRBza_!RB6KvjDkP}6<_XlXwQe1`UV;4`&10Ozzf0T;Em
z08eXg1)kB~27He84&Y7NJAu#DejfNd?OnjO_HN)0YVQShv|k2xwO;}5Xzv5|wO<1c
zwD$vdwGRMq(S8efQTuJ+CGA7N7ib>_{;2j5;H$Kc0`Jg%5BOT`4}d?WeGK?h+8+U5
zul+IbjoP08->Us7@MpC@1HMiBbKqUtUjpB${Wb92+TQ@*qx~K5z1pXMcWa*p{+jj=
zz+cxs3w*!!IpA+-p9g+W`vUMD?Tf%a)V>7#nD!OmpJ-nN{$K5Dz(3W#4*W~)8^FKP
zz6Jbi?LUE^)ULoM&EIQBfS=Zm0Y9f*1^g%Np}@~;4+q|-eH-u#+9QBp)*cD`iuP#W
z{hIi*`KtC9;5W1q@SECq0>7nw7w|u{#{;j@p8$M_{zTwI^=aV4^d|uyu0I9%Nd5bP
zkJ6tCe5`&0u%v6i$LR*}@wx?^)*ayY>Mrm){prA`>dye0`m=zR?g4E*06KaEe1<*)
ze5PIlhWZ>Z(ieb>dL3BTj{_Te6L?x*2A<JR0-vLw26pu409W+q0(*KJ_<X$syr8cF
z*Yz%NLq7-H)O*0begXJGeFOL+eG7QIelzf8dLQ^B`Y!P0`bFR?^vl3k>MsEPsQyCW
zkLfQ4zD|EB@Tc@22EJZ@8Su^e%YkpvUkUsf{Z+uX>aPaALw_ysF8y`Dcj`X@{8jxY
zf$!5_4}8D=2H<b#ZvuWme+%#<`dfkb=x+mlRDTEXWBNORAJ=~#_!s)SfPbmK8~9iH
zdx8H?|7GB(^j`t~z5YJnXY^kKeqMh+@IL(mz%S^(1^l}H+rWR<KLq@S{$b$5jgJ7Y
zHa-gccH{Sek2L-O_*mm(z>@Jt!0$Hx82AL^Pk`TJ{3-B>#-9P7V*EMq`;5N?+Qwf4
z9pi6+Rpak~&oVv*`~l<BK+pIGpl^H@7#N=ehQ{ZCk?{p!Y<v+oV|)oXYkUP*GrkJ!
z8D9fF-}pN4g7FRDMdMq*ml*#Ee5r8-J{Nw-I0F0;;~4Pe##O*q7;^sB8;yqp-(-9n
z@U6xpfIn+I68JXb(ZIJG-vNAw@fhH{j1uq{jqe2hp7CA4FB^{se#LkK@P6Zoz^@w9
zz<)KK^vEleuK~g3%%=b!XMR8M@#a&3-)-Iie1fS_=X-$cQ>Fp5Obhrl(*fRSx|BWx
z$T&B}XM|@y16Vho1#Fle@VFTOn`Q)TnKQs;vj$u-=eTwi$S!6s5bpxv+n9CWdGk21
zXEuSaG?#&|GEV|uZJq|c)_e}|QPy*T*H~@fcUT=@$y%kIG7t*F>Jq;e$lF=xh(8X<
zoV9wu>#Ykw*V+I+&DsJ!!@3#xOsfy{tzBSXT?B^KW#EkU0^qv!Lf~`k7eDg(%I{pI
zDeKCYfv-98tFfhAHT9_8&rDx6bxrSQf&abt_UVUAmC1R?)V1V1Wa@F`d<g>bm!=fu
z8xK>IS6;0suOqyH@HWDION#R87U@kzdHoCU2=g*Uc|3Ni*S=0sZhyU^eCh3q@<#k(
z{{CHx^1t7$C`<2Gl<Ef*<&$bfX_xK?{$S~-R#7^oqk2VIDP03xEnQ<&l(o_|PDSaK
zOyJp43wW+H0G==14eXWf2R^@4saBK=rFr0bX&tyxdJk~3^d7gOY?bZ@ZkLWet%3yp
z=#3R+r*u28U%LGVD$1aA4{*11)T<zwKN?k(i=_(iQt3M2<<fPvigIh|y5kij_9pPQ
zlDS+_URat3zNpj!zPPjod`W5TbVYe->E1IH<%df50e`r3-}5TU?WLpbit@5j1^6SS
z0r2IeyMeDL-4A?a>Hbbd`O(t-s}<!{rEdc7C|$i)QC?lT7WkTy34CqoM&OT?ZaiO6
zURRn2{&=Yc{E5;hfOnSe2mWNq>{ZYpcn|RPr4Issx^xfl4W*;cuPARUT?2em>6*=o
z^5)Wwz_*k>2>hASJ;1k?j&4<ypDk5@Z!1-{D`+27b}DEe+z7m@G!J}d=_cUMm2SGF
zg7(2Dfxl3?_F_eOSLsIJFP3h+R8iht3W4t_%>&<Cn!j8@H(~w-73G&pHv#`g>89H%
z%CD5xfxlY14fwv&ZMRpHyGyqNf30*6@YhR6Ush4xUkZW0QECA{P`U~Do28q6q=I(C
zO|PjaA1ti{f4g)W@PC%>0Dh?Sap3QiKK@e`<-?^<0RLC%6K||2A1TehsiNFdx&!#p
z(tCivTlygI_e$Rc{(kA3Z?2#jarIj&XhvKE{8;Hm;Kxhzz&|Ptfd9L6JMfQ7cLM)U
z=^o&pl<s+31ucoAZ?7nSS~~iUit>rlJn+v->%jl7bSLo7OLqbPqIB(D73D8W*8%^k
zblp2E%3qh}fuAhh1pJ%QI`D5xcLV>f^g-bND}C_iD$1uy9|!(@=@Y<Dm+l4LTe|lb
zE9hU``|gVJnbK|Vttg)@-46W6(w)H1mF@!mQ|WHt=S%kh?<?K&OBHl9j{b559gVAj
zUo71Y{Fl-lz%P~Vcz;Fta_P;$uaw^Wp^9>U>Du3^C|@nz1pL?1oxrb^?!2d>{9EbH
zk5-hgm+t)C3OXHk1HVza`wuJVbbJu_t<u#Wt0@0by84eR%72z_2P);efLE071zuUc
zA9$pE|Np5dN6YvBMMXJQzW<XIWvYDL-&B;V$|mq3<-36oE#LjO73E=N^HUY&;brr4
z73J#kjlgd!&jbHk`3~SC%6ELBqI`S#6TnB7?*%@peD4=4%A?Eo{!2x<ru<Fdca*RG
zQU&djYk`j`U;Fin^4RjVS4^X6QUR9BYryX;-wwRCeEUPEmG3Iw34C1n&L>QxhjQoi
zG<qoa0H09)1n_&x_X3|-{wA<ezWRHomFe=;Po73U<r?6V%GUv(T)q+bl=3|A`^q-~
zzrTD3@VfFRfKM&o54^s7|8>*K4dwfvI<2VXqt{QP)p89`FJGfiD@M5jG|LrxTCvKN
zr%j{h5(1ra3s^0$1Ksla)2EfEmG1;Ty?ht&#`0akG@37W1D{#GCY)BDRW^Y?P&T7!
z#VecfwBnaTU{G!W!}1z1Di45h`7Yp0`L3C1Wwv}buvWgiHjTc_$ANR@`Dag~FS8C@
zDBlKLEPoPMFMku*C?B1hR*si%11^<s2R6%h0$b%f=cm!ExeIurTv?b_PL{6&o+_Kb
z)8%>KnerO&IpwwGY2~K!0QlVU;PkZeyz=e9cKP<_PAflHz6aPThtHc<R?4>lSIc(*
z*UERSOe@{;)vMFW+49xrrj>K$t1nC|=gZdud*v4J`Q<x-7s}UcPov8d0yoNQz|Hd7
zU>c2{_W-xc@3}Os++4m7xKsWnuwTCR@-*5#*8z9SCh(T>ZNQ7=JAjwUZw6j2-vzw2
zeAf%7l^2xndi6B=K6e9OSpGQhMdgpbW?Ff1`99!F%2&U3T6t;t=u2>2k^G4di}dfV
z|C`2-<{A7(A5xUh{N^ZQZ`qUa7@hy^E&KY-qqd7>i?n$g=a}Yy#WK0yRo%(gNm&Gr
zk^dF1lQ#clc2p*HB=wlD3B>JelKSGmN@^P*zfVufMAP>($6V#J$8J&n@z_P>bI0DO
z{1f5x$KIjbNBF|AcPal&_#)w7j{TzYrDMOPe3|f-V;@oOKlb~|SC9P}7Jh$*ecydp
z_x=7AUqANAEB^i1-(K;JV}F0eH;>(W#kUCmLHN&OpTSZ8m#?^DO1bh%!jY+~t~@&R
zuq%&Y;Wss9U3t~i%9Rh9TD|h2Qx~p$7~$cBtEbkl{I;q0UisgqK6>RNrtBl%PIx5Y
zQG`cN{lJlH2;V{Y?}Wz?9!n?@%7pJETub;a!s7^!Cww>I354$<Jdsc#OcTDB@Fc>M
z2~Qz>AL086*AbpdxSntWK_zGeonTDebi^cB1e@SYz351F>Lo|qsh1sj+SHF8dHU2H
zM{XoMW9p}lJag)&k35U;0|amCEl2#R-#HRY{o9d{5KaC2k$CDGM`j4Kgxb{Ok3M_q
zhNE*+Pd_?8^^BtngvF`a(fZUYjy4F#2}^_~p+#6GoFJSeoFbeioFP1ia1-IVgy#|3
zgdZey2rGnD!WyAVI6L*>qvxi6_vrbl`;PVq&nH|UtP?f}n}jXGHsNN%4xvvN5OxW-
zOnvp}MZzV*Wx}n57Z7eEypZrB!ixznA-t6ELxdkD+)j8I;YSEBC%l62O2Us4UPZWr
z@M^+q2(Kml7~yq<A1C|-;ZDL&5`K#C`YG$!Pfy)=><v@lu{RRlH1)T~-aPg9$KEn^
z@3EgDyp`~?gtrmiPIw35F2XwrKS%g^!Y>fsMfgR+y9w_hyqEAxgkL8755lhyewFY(
z!rg>lBm6qy{e<5je1Pzqgx?~3knr1t|4H}|;dclho;nA1uHY5o*7quSkoYR`iwV3g
zfmd8nKEnLG;x$iJl;<9~>G_KC!XsaLiK6@jmhZ`5u+V7hs;Vlw<{6P1gnHF<B0bjh
zD2fcnF<sA%bk#Op)3Yp%iuIjy*ZW($o2!?DPJgi8z256@YS*8#qz$`j8J->(y6*d4
zX!(9vt=fUDdIlMO5Jxl~Q?bzoG`oXn>ui0KXuF$5ntuJ1*48vlRie$+oy*&U-qvOm
z%xv`shB=lw%<?=VFr(O4J=5{DsvQP_Y6Y%lt6FU6R@K)clccItZC{P6mKSJ-Z&l-J
zHH_jotj3`oMXGC=M%8z#F%`GBF6wQ5m!ig*wjr^Gfaub8cc-_}-5hk*CB1rnck=?j
zVQap53%@&^wcaIu+wJC{Gw7{)J3F1rwawn3b$Pqn?A_XZhNjbKtr0DR2C>D?Kz<Ic
zPGQrVZ+iS{j%NFI;CO26$Ep*Cp|2WIWNTsQ`KqQHuF6|d(X#v?2uwq(nucnsVW^q9
z6ZocU`Fb3hwi}qC8B$R`yAnmAANZCY*p4mzVZ~M)y1ME{RZpiSr)ql;(T6=Gg^e~K
zXzS)-_3T4SDQv8Co98=PdnwS{V@Xqzk{kGeMAy1~py~3t49y8NGl*SPHRH$*{A$&y
z>b!yN8;oApuvEoxbUGq7tGdUS^upMxMzI<gnrC}eKQeg5xav`{wdB?2qosEGg&04|
z>_%sGskhx-2qm@D?=*YoHammeo$krr;QXj03Z!5>ueH<Zt#@}umBQY+ZhtUJ@0?w=
zG|glr=>XdAt+iLyI~Th8ilq7*dY?wy7r9e=XJakP>!!0}EPJ+dOK08M?)3XoiD4x_
zb{P3i?3h)pYB{ED>b~k%b<=kPwdxzT9k{mc8B{!Y{88v=rstZmQB|#oS>@S*s>ZHI
zdsUZ#<@u4XTOkz}2x{oirfF8=D7GxG8mXaY8=hZ{jW`afq2U=!FGmKc#mb;-wh0eX
z^R&nae8*!dnxPi~wb(aQ?x{FI96NlQfa&U1HPzJ|R|`U4mrgUJs?8{+Vsok0XfH0$
z&$nk6yrA8j^|W@L?L|#ZueO7Q@v^|R49m7PHMFd%;X2GOSJfOp3LVv~M!v<g(tKA{
zm~)=*S2f4*nG6mO;<>S>+fJwkbP5ZfZ`;gF#quIUj~z>AvN>L$$G&50TD592QuWwy
ztB&uoo~laBBCAKbZ5gp0SdnG9mg`#)QI#(B;y~40`hXs_+&K0;-K7Hp&tt9fSwQ_b
zjBFY=W6Pr#tbmS+W7X3v+tFhhR~@%XzdKIA7hnn3d1gicNrigK%nU<YMOvfGGwm4I
zs&Z~2Y^ur}p-Bj9L5ub6q^fi;4R$)K17hd8gZ3%v)>~eyR$pwZ?LtB$5qAx}m^YR%
ziX~<-VHFd0G2xJ?pFP{}4i>x`H&oU;8!KxaKFIp^d48C48~n7+cL)5`R>&bNv;k{8
zxvHF3l?y!r1-lyz^uEB}CMz}5>wNF*pwHF4&0AFE61BRQ=^6H!B{mxEl55Iz&eQ58
z_DD_9e66YmcEkWxT|2bc=k(Z$SWg&2zQa`01J9(Q<9a%~j6)^e3mvcOvNk)KuR3gm
ztWc^GTZ|n|Ss<_(YNI<VGxcUm9zjVLjBKCN4w<JcBTDR9z7|wj<n^kfI#ouo<_4M!
zt<ZOL*AM-w<x-JJSoOldW;gb$W*F%Pt3{wima1!d=&{Czy5&)^L1+?c{nmQ_1d()G
zl;<Tez8R7kT^f*`Y=xS_{D^oO&-IPat}>}Lu!*Xtx-1-~#suR5b#ABxrmx#}WLKF`
zYN&>EXvl)hGHqy)?}Kq@RUU{Q4J;Oei0PnPOnp`|k5$R6f@8>f;YOAd1u+$y1ok#f
zQQ7z%=2*l;)lI7!%A7WA&t&yuZK1znJ8}#j){A1#RVlZf$oC@Ec72o0mJh}nR<#{p
zlO<EWY6y}P@?BNhiesCHc05leoENyhZ8*Le$5d<**cAD^CJDk)cWrmIYio*5d)3g5
zb+u}RvCDd>u^%y=HINq8%PMo+^c*T`hHA0A#)fUVI;*xVj~<3`?3<eFv+lAo2UKKv
z4rA3cf@+l&gJmZG*>Zf_Q+;2x4erEqMO3s|f&4&sJ&l`rk!84SiHv9#6Gi}iqf;go
zUDZ=9Q`gxrRW>M=6xWPgCy2Pnjp+%WUeH}WUTlX|!}M98Lf53vRDNPsY8E^rjx<?H
z!8n*Vp+QfF3@pv6T7l`R)xh_xs>gC3vD9g_5>%;}Z^5#DE1mUoY>DUDgJmivSxhs{
zb5xe?ST!um46CwKhkneYWXpG5FXkP6UN&URvliNB6q+i?XB;z89gF*@ZdIlGVl|=<
zmB!B2YPa7HcGi<bce}IGU1Ze@x;q1M9ADQpjYqZuMy2JbUhK25nr7^2DjzPUUqGSg
zG~IPf2du-@h=mp(%VyBCfv`oGk!NUuqefJW=?YZ~7=a)#%mv+uy=v73)7A}xCBk5b
zW!dHxJda-=yfm;>)|;s6xUuECY%q*kE@1aEg9x7fN)$9YJDm;UgF-xxSypDWWaZ|k
zu`~8^v-@&te9_q`m`ktVC+MuN?yh$R-33iqUGIVT5@|Lx#Rs?9+}_$+Z-Brq71NBQ
zv9zV>V`<GDPwTolR?d_jOY4?RdOmIf8y8mlR+Hbk04O__#*W1k5yqaVRZR0lV`-jf
zEX@;*rFo*UG*2{^=7~tl4w?4T31)e3b!V%;bv79^t?tIQ^cnfJwd1S(#)aOc<3aN>
zRKq3mR!?ffO_fI%az~lzZgzLLgsAMYbDLWi*Sl-yx{S@Ov+>pr`4=YSon~Db?Z$-!
z1k|VmN@kRRm>DI&I!6hMM6FqO*|Lh+V+n^6W@O82FEzdPEn3?WL~EEC1tHnR9I4i5
zHnY6(EkmhAo4Xsl_sV+r2N}f4-mWDmw~zsJUh=cCW_g=wbh+O-myig`Za@8<?exzl
zwTiT2*zY9kMcT-CN)Y;C;RtI_@07p{ZBOFq2Ao6_ltWWwF>3dv<(1X;_DVO6kD=;G
zDLG?^dXkyoE39#Xukd~=e0~D>iUzW;wO7wdq<_{hvgk(NOk-ZyY%kQqsI9dZ`@7Tv
z{pojQb`q7)*@4{bZFe>YwKc}(?Cj;0ogT3oqfh3{>iO<QHyvCJp<uZr{i&@joIA_Q
z>;g90=XgPeT90Bvv%A`0@?7Adx~to1jJ%fRXldRcjV1M5J+GI<q#nyzRxgc7o@VEH
zX)LK%&GYmmChai^v-Z+hl4sd@UJ{dQP1Virk;antj64sjn9`N?tyO+{+sTLDUD@dL
z<(l1<&F&zL7Y8P@a|6PSiMq881aSoO0&%2)O-(t`-RZ-S;H%L{Hf^_dVwfSqr=Slf
zXHR6AFywE&EW8tCOP+4n;XA_)Cnhg$=~|YT#^fb6L-GQ>wYdVVpH`GFlU9^3ljecM
z>BLrc@&%jaFE4Q=)|YRa#FAz;BQ2G$mzECFSW;@|d3?RRUNz6->t%VGo9Cr5u9YvE
zwzr+eB#)()ywS6z={`@C#**tSd#n!2Z{AK4lR8j$<Pnqckd_Y8So?gpv(_c6eRgYW
zAQ71mymf;8r!#`DzqQHUChKw@Te&>w2JpDZ%n$@`FxU~CKvUNGfYq(d0oSA}MD`&-
zWNwlAGQnJ(=*7-9-!+K_dSer^-XJ$#YVZ<y%{0n-v7N?}Ps+d@mM769*RUjagN0Y=
z5rlGKAl?i}TGt)@Vitw-lSehj&ZFR*dDO5aDx^iU-aHr1LT{*-((ag%UkN)~yW9R2
zv5Q+f7kZoL=DL?z90WkH=!cRcdJ&Oh#3^hFMq47us-8yEon*9WNb#bd)bi)+!CbR;
zCQ4FGD9)(up9T!`TC+=06xW)wNsYM(tamQ0JQqPLCT%SxKTGxHMb^*Z%_TB<yGW}P
zwg|}>?FW(??g)~|Hv@@}wgXA+-4L?8y<380kC;CDF3gxglP)e4b=KAvw$`N5rL7(L
zf&U{v2eWl3Tp4V#H`g|{w{`|hA4x~SC<(tLC;Rk_?9+wpliXwi6<=6uZ_Au2W-*lW
z%#=CG2msT8BLIB|g(i&w)^<8)2ko<G*Uon#=?;5j3gP7{3j|P3<v5`!VFK4D&z{8f
zp$xK2SAv~YU`mt`;iY8K5~C+;o42sYOX31ytqW?mzIO8#aTbcsCVaSoB)m14d;E5?
zU&!Ab7$xNRQM<L(UaoCQV!oJYZKauhf2KP~qf4w$%e|y(t$(7k-pf-bcY1?vRuY`=
zu3pIEkXf2$z{NJ;RzcWWkU-Tcj3?KF=JR664#+-}z9Dor`@Qxhw@vhr;h<T(4mD4~
z5kxsGicCk113z-3P=|92vnz7!z^iILba!mKFi)wNw0+8L6BSM-L=IeFCrKEVZl{UG
zTC+9GhIQwrUpuK-`1(ou;3uTj5Mms<&4Bx6nx0{W29M*$fy?XL7Q92%aa^lP#X$F~
z2847FTCNvDhDD}f=&%q1PYnYPs#b&3s4J|oz6GTU$3KXm`y*YqoGR?^K-VGr4LFP*
z)cWY{s;uPls>$2siP1YHIfZvh(hS13To!aTy6fw`j>KE=fp;Y0b^G!o{8~v-3zkV3
znQ$rsSdLZ4j-g&v6}bhR?$C+67?Ki(iQ;*V>lnxZ0%-S$&#u9ObRE@K`2wM8!5M)a
zNW}tmD~T}zkmATT9Yhgux48u2j?HbLXsb>bxNvV_A=nU~0aJxwn??+`UARLb<4hP|
zp~jb}8gP&_Xn7N6F+)aKAkgQUBVWna;QdCL<HTVIv(+<HH`d@a2#3Iqs2G?gpCLj7
zp&DToCaA5!K84DM*KE-T0bC%MMFlEXFHpIRbGD}SZjH?ynakE@!=DRdRtv&v*6Bor
zteV-^1GD>bYJ3DCfoYcYs@)`#P-OB2b6S|?y}QF2u|TB;GaTBKb`m_B+EArBR4HYI
z+L{P87?e<pq)w!*@l#v#JP{f2?1EJE&h}P?WTfvVl9GJ!oz?TbTe>Zlss5m|v7NNB
zm%8LJmZG4JM6Xdl$@>$Aq@{Gp#_sy5?1lD`lPq@=^47PuF6?eMwk~qrX@<dw+$<!t
zb|Ik`6Gky%784eUVV4dO>2_ReG!fxZm_K;J*y!?g`-Q^cb4bl$!ja431jq&iuY695
z+Y4TEu03BrNur49OEMUdhw@RzQY(Bz0`wVsU`}umU1b#@j1gUY;*98G8%$(4<Fr@W
z>&Y&|m9p9B3KCPd@bS~pa$)VPE|eHw?>seoI$G2z1tU4g8^IWggbagmNXU%8o}Lmi
zTm~USn_Rf5D_iVOXL{TE1S#%z2Qu+`|5hnYuxeY~k+Gi8e#8X77P2ENg^tMbpc%3l
zR6%kD0;pjgv_O`Z#FCc5*V7F|ww(6r*2eY@Jh<*!d-Z&W67cYK=-EM*%#e8YuoQ`>
zIoX)c3YSI1t7+%*X%jR)xjc&v(Ri8Y37;=V<7uGJg=1(ub9t9hDKwR!@^Vdv%1dsB
zzh@N$L(eLt(Fh(QGr1O$y_!eB)p=Ni!MpwTPWR?r=C0)Q2!g#cxNa6OL^_ygQo<Zh
zVhg+L2p-bKOMVH7jF~o9wn&T+bC$<We*lKgG#22%QTJ>gE}>_5vB}Df9EjZlj-#uG
zX5i@X8DXI!e=r1{H)M79T;z8y%wpHHU@;@^LL8-saL^qWp;T-HFr}4hRj-PaRrBFa
z2AZSlNUBWu*uLkm@fy{jYQQWvP%!u5da_YyhK_(Qv|V;4wi{Od$ndy33p~4qfsnxv
z!n!BoPQN#34t7`;+i;%b(FBNSfoi&>0V&=lDGK<JrP=_?Fo+Vs@BpB3{J^IU+1d=`
zjL7!kz59{IwpBI3ZEPgLCYk^-xTm7Q*EKD8;x5ug3n34JO2b8Vhd7Rls)+9r6#>OC
zRT$lt6=@;jbOg!)B6SbOFe05m^GvwGY|gaUlvY(efUR!8E)GyTKoQ*!MVbkEWjhvZ
zT{zT8{R|}tEWhd_PtY7Hz;w0)x(I$h5^5x>d^%foLpy(WBA}1mo%L?#mM)8|HrOJ|
z)?rPnybdA{u8(+QJwQYVyV;_*oxnhB0+oIUE@&tSRU^|i_{6^EivSbEgMQ&#1&pRD
zADrK+M@3CV>B2T##)V@$jtADH!>vZp6T)-=6R_RLrQ(T&M$n#X60?z^R#n|V1`um8
zVlc-<G_86_0vI2G<5WXNj&CSF`X5!a8|0-Cml?heTA;$<NAek3Ab<{Im?5knTtcd<
zA$WBWXz4K`3kS^;2h0MQfP=b91i}~av|NRBPPY+)BPR_(2@Rw@W;H-2z~@jSWWRC9
zgs20mv91Sh1an=`7$i`Bh-wScEbcFO5A%cOBJK}<7llMdJb0skofvGojKy)hYnIO~
zI7T{f!7+>!$1s#dvKpkoAq;Q`QUt*rjGSU+hKHR&=Y*l0GL+K{htY;yNN8<tEYjFQ
z-dKX!GP)GJeUz|B9J2Kq!g`erx^T%@!jbD^z}Qa9a9!bT2<)bYvdV9FZEOrH=MCts
zv8#-Xz}_(S(9>zgI5ACLZ<CG{N(qj6#-}rs9l9UXOg_Tc`fn)5o6x>okuUdBC0p(#
zH(Tzr3bMv$71C(4IZuWx;=GG2(|k69tjk7WU1ngU>oRZGy=-8R0+#DQii9klcC4eH
zWcp~Y7%aRl!cNv*$UD_c)-?29Ori(VMN%5YRn1_90MBMFF~S+zmX27BRUc^=(nHfT
zkq^o$Zz@$wMf(R47{eLKTPy-c$Oc<SbdAtXcfttqlV)NSgYc7u(@@d;fbc?iB~n&q
zDEkJgQ=$-JMpSGPSfvkpOjbd2NF(M6l!{p4^AcC24p{;<A~#LI4N5Yb%Zu%22e7}T
z#)vnRmhE8<C7C1cP+BM92_@0RrL>idE0pB1|0chl#p^<IAx{-;H*_!}h#Iy!)qzq(
ztZLXu4S9rvzX<D|!s?E?k&4)z{lP(TgSAmZcaC)u>7AupF{&O?u^{Y(Ct6IxzkxqO
z=OSIn;|b?1PbB;_sgd#1B%13Jq3u*nuHMUFlS&z<Y<Q_eCUe8mDg|zsWDNOVk{I#4
zB(<04mF103)AJq4hT@eUT{Dq@qpZcCwNY6SVP@o^#sU)IR*@5<Z^RaMSbtO4B!Cvs
z?_lL7$U$eVzTE-WB9SmrhN+y_LP3Gol2;S{3h^PYg?Q7DrU3_kaGQ-_IJWad!Xd~L
zBMw25Q{WIJX(n2TY9ty&mKCxSMhq~+F`@WDj?krw8BC$cO%8qr3Ks}XLKQUxa4iJh
zmaUp}AUX~nih^)XSZQF8fE7mUpbF?<0Iw)^ZB!nuQ1Fxxxj#EI93Bf6kl~vMu@Ac~
zg$slR;Wz=}($Ful=@5rqkp5Wm6Vw-B;V!l$UhCI4yZr8~EP(MN&+|L|G%e(CqFR^b
zEF+Om%V5uK_4~b*^~+ht2w|4ice>C4Nz-S#J6jSNqDE|bI;astJYn5siBY-e-KFI>
zQz_or+VFelq!<nj8Lh3cWK)C&%iEx+eF{e@5+j};i4o6_L}8?n8gliB4@VmDjUoRc
zkvfnA_b+8=<QeIEg7M0wTiciUL9GLgS{OZ|hn8S?=!$u8>sY!$Q&Hv>#Wm-!kBFc}
zbavWM!n2V;B(^7Ot=V?qEkyJ4HLoqCv?yN6l2fSsU#S}<^5O^AtcZ*sux2V(o_pYm
z>1#Eh{~xeTdH)Ah@j+GE*Pp@(d=OoENVP&Q9#U)6)dy4>>$?N$?CG`xYK`^S0d<C*
zbwK&p(<J(vd&XJeqwFmnyZ_$8;f?ne?E5lfBYg%f(LGOa;7FfPxA2V)YgV3o@<5-^
z=7Xyl&OW$$59+pKU*&;bWZ2V(ReVsDq+3GNMfT6tJ>9~~KG=Gl&8^J`ZgAhA$cO8m
z8%w?7csQh5;R_#7Yitx8P$#+J@S7b_src;=sPaHfjD7I~+8CQ}2h<sU=L5>eKJkHd
zMql^fDx(iOsZOTKpG{@?Y0K`Fq0188iycc|h8>S;k~bMUPOB8KW62oFiX}C~l_inO
ziX}e6n<X_^@3*&i&Wa|HB=@4xS>9eWTCzu?V@ZKj%MTiwFqu%wv{52A!pI9S;xLig
z!EuUQC`=VTnMXw=UYd=8036sVq@9Nfrlkd_4BIx^05;qkuu<JLN1Dm|bfPJ=K_20+
zIAILqOZ07hcx=L}furKUD?;Z{m}p?84!kn-HA(44q>H{fk{t{*gqlP%R1=k73|ACy
z3DEE(Sp@iQ-Xi*&eyz1H7p0FpdnGZ)XrAw&DMsbqAgNr;mC9*0%pM!{X4LRwh+P<6
z9@_Du@SoU|*tSQ%pjQeu7+_lCq0&nUI-DrTqExG*@M;Oi%0_b<u9H*@ki9~BL(;pL
z3|Mf9K;liuihMz&v3-Ey1^*RnnGl*53bn9d(bhmm9MxJpub{3$m%AYuC@5os6PZ}8
zP&0HP=HZ0ta8+a2d8(LCz#Zgf9%MafDr%Snf!$-hCI8U=a3^7fp<oOps|A=Iz_Ftu
zl!P+N;|lMI;Q|KR5TYSrFb#)!&R{Z?)1dJq?ouJ4wF?PMbw<^UVgl~PsKhEJ>|(-^
zL@J`0t<B7mnnA-mlinnV`^e^s`Mbg+6LwaaQsbo{(PplnMFnOO!)To8!^`XSl)0Zp
zg_&b2yPN&a*=~lZ*Baz(cTfRHVu?&10%PWq35SPP;qcIV^+os*;gT1(+QF>Hzpf&5
zn?EgD+Zjm`obT|jtBtMo%W3v`BrL@Y9|IDH*%%<s_xaL@&8tXaJzGbZ3sVSN6J*;o
z7&BPa2yJ8X(VmCR>j$X9!}~F!(9=Q)IMn>97`j+O*)VHi?=u3U0B)#_7CEL)9+qD$
z2&@kb(u{{rBw?=e$k5+`siVe@DT{@1kP6F{QD=sjk_d|z?R>-5EoDK1L9n>UkDa(0
znpGAVhP%rw!U7A{E~F)ty}XiUyS4=%+`uX(a%l)|YGm56#`C}^c2patag68zwk#Ft
z2NU@`4CNrADa-{`bjBU5_#kCbtBx?(LXu!9I%?1!q6bI#@fM9l*u=#!rddYdu|$b!
zQ$)oPv4`%f0kLN(9t<rFRRB~dL}eXDFAN9d*e<3K8ZQdN9%D7fI)vnwMig6v7v^C*
zD3i~lk8I@OSY7Gd-i1@{>K0aJzNPSSe7YizFk3QpmXw4VXWdm1v-7W-FzvL!Lfc$}
z{Pt`|6Ela{M|OcQ+(vaCf{srT`&ei|)<a-h3E3vwc66#yUuvZ|4htU^a_xmMEe0`2
zw#h@P>~A5rvm3TD#2ut{R?=ZX-h6_u?JXQ$l_22qM6z4TZ@Mu`3}!onn-Yt~h_Q%b
zH>1jHws^zQ+EYlNay%;0iwShfMkQu3VHFd0G2xIH<5M$SR(KS`#=@GFZrUgy%ceZG
z0ZU#gg(?m(sb}R&5N{(Y0fo&z)srgb$T}ywQ`8+_sOSXP#=v~J%A&Gd9X2dA%|2w%
zQpom(iKiw~D7Jf%grW4Jv3+Ac!H{E16Dt}j&J)o7RhA?SS!yH-EHzT839Oy*SE_?8
z^5%Q}fxmn9EJ`kRfiWT_LuDuuIX8}Ifk#4W$Ri;><dG0hM4$4TX&Y(mm6AxfZArq$
z`U1la%z3faL*!;-gC~+H*3Aer8Mx^N>l;@c%uAyXt3-IVhQma|JQ)2U#FVTIn6fZ^
zUAXnwd+4TVD@<F&O~R)`_Xv#``O(<H4GX*iLlY6i`92j7z8xb#Nq3RSOqjh}i_oT%
zt{G0YeVft#E5^u<2T@<z9-{RRqJBzC{a3CSBP<@o9Ui!C>CN%?oWRbKj!Y{aKssk^
zue{!<lMij|AR2a0Yb>6VY1sYsMx@RdiM_Al1d?-Kozbi2WYeB1!?!%3d?E$6r;Xyf
z9oS5|H6?q;0d>-m1l-3HlwD}gJ*9GyG#_@=0d)(Vby(HOqv(J(N1c0klMk-m@Jk%l
z*!b+s2j&6KS74?c*5>$pJfzLhL_DO@*nm0wwi9N=gf|&OI}U4b-}sSnHle}2L+6lc
zg;8@rt+4@fK%L}<!_Rv_C0_G^syvwT;Ws+qHfbk4P_3~caX?ECrj6l}cR(9^SB?o^
zYwYtM(9E!7a_(<&4Ie(|-oiayvA1}v5B3&5K%+E0aS_Y-i}~Xv1LMC?w=f*XCc>U(
z$HwGg6_fi9JMXZX#nE|Ky$98pR2p{RVXcjQg2O64=+=e<^03y5qw)djP1vht4Db0M
z($8b!wtO5<s8`(74yjfc3J2608wCf{86N-#R4RV^1F8%^`yu7SZ*)MNv5$Q~od?s#
z@Dm@<M)B(&TxIlOC)FA8n`J7`1_Dz*GD)mI$#aa9q_lAA6h_kE_j8d%3d$jg(nngB
zYJ(6TX@jH%C;{fVX>?p0gtC<1E#GBmxGR_JWrL6M(n*;b?@I1S@kUZ36&p$AY9&OQ
ziL#AkW;!+!l`fOt<gq0(nX8^wDR9*#W5iXL)R3z#iJYr0@ex;DQU$KMB=>UFv%E2)
z9tON*=cXDGA92_vl{`G|d5CVO^tzvzmb&`Zj%1GAB-H}%XZd3{DimP?A~i%IhM$A!
zL<(b+AK?w-|3HTW<ix0s#s=Dm*l)OM9HPO5j~W~!C>CU^t>Fhm{1aeT0ed?_Lp2bd
z7ItzdcEJI+oaC<ZW8;JX#|@DiL^dq%0G|}XhBh@UFyM1zk`jh!pdR*k6b5KqYP4b?
zRluE+i`ps*vbt+mP25)De+zRIc<EF`-!(*U0ggKKd1A_ha|0|}Z5%crZ@}FK4y>qn
zaBrX>Hev(hiG&T1Cq_y)NlroOCP^RMG!18CwOtQ<Ox<VZqs1&!*731S6>mzoozR4j
z=zAvJ=AmwiI};T9@m7Mz26&aYKvK~9L%UU+|G*rub-qfZMiyGrc&Wgs3RPmn4wg^n
zhz?+Y{SCYYGz9Sk0sB=R8KqN$3t(bkBt*rffDfmm7mR=bZE6?SKL~yJtR}uoP}jv9
z2s-RYR1oCA^}#|1%PAPHIP^f!5FztG9Tq<!Dk{r~0*U8S5lwGA*&rN23(&D}ZGj@K
zExOxoZ0l(2qOql7f<#5e7w$DsK*WIvc4)XkL3a+WD{8_9zE~Itp31cfI^a$fpCt@W
zj|ZYn-wRBJFiN#_Q3ykru|P!+HzOGC;O8m8;20JT3XCwTu^z&)3%e3}VW>97tgS3D
z4Fa77qfk~EGyqeFM1_RbE+kM!8dWnS5uw&q%ruJ$l$J)-?P9_qF~%@tQCQ(w2zzA+
ztPz<E!NwiCq3STcQ9V~pz7vYkIH!rxn#P%oT6NH&7N>QN@Iy5x=gm6`%wSWxA69%U
zURK~|8#bmD=y{`sjT$;EVZ><;+M0&gZ{fuSZE`sB3?BzReuz63l&zx>4?1Y@Q*nWi
zsn65As#@gY&&x$d6=6?iA+$rWAMP2BZcG!d7OZMVK^L;BB6&jR6CYh@Rr66;Dh!zC
zc%-uMpM@_H3<t8NiHHv)bV^MgEkyXF%Y*r7D&hDD`6QZYNTu*FXN&I{1RE?$ijAZI
z&ObJLp%b8p8iZIFAQM0ihl4A;CLz*f#PJRUTnn0r!7wY+;h{$`GJRwr7%Rf#3*pG2
zw~iFdqB4OcMbzz4>K3~}OwzGdgE`OIhN~8YkT%+Hu4+396PDSBBoZSx7BD#b=ue^O
zk2Rg=!PwWt;SFlz3Z?;gA;R+*uJ`b76XIx)S%sVgQ5)h61PO?4xUIsNH#HUq)>4tx
z;GoFCjf{!M8`0h34wwd@X2%QhC^3Rl2W7|z^>znVCQAh7eqn&^0BY(c;twjaSX2=m
z3WE}FL-?9<0=g9mB)WUN1~vmSKpbvOe~R0sDoK_V>;;j{;<HAlNu4k5qu6RxsTg1)
z!800k8|#oP{b(Uuo-6=fvY?5(BCHV={D&DhbJMZ4Mm&RyNaQ(4meC&;DTOAErRWnX
zGFtIa!!m-2CKH$LXPzV0WT<1sh-^srZB!2(yvq?)u`Cq>1J%d(k!$1pNSvXG$22nt
z@SPQV3=TX=;#iV3q>4QSHU@}e8Jl#naItYv$(qL}cNF}pv5=93`D+KvF)l!w#oWMh
z!Loha7QwNViWq!WF@x9Gn7E~9GWG+Me?ufgn8~08i~}p|9~9Oc3tI}DC-EV~ha#eD
zR&m5ec48L7yWxK+U^+Pnj`>!Mdn_68f+Q|4+0Vj|br(Ssz8b~rm!tSd`LMEyZ4^6E
zeAZPT0W)h}V7VA1FyiBY9X{mNOnd}KNXSim%$bn|kDet&)Hsm@;oA{qa+$K6#Dkwb
zI*cy}znTe*017EIOmD}**u}@Ol@TCARFZq(5HZGqQiPZems|l>95QBj9y0MT$tZA?
zS%+2DNhC5%>(LThNNDXsLN6waV!|vYtYX40CL9uDORK}u%0m!FB0O1PI%^_W;nBuL
zCS;%+Nmn4sV01Azac73GoOKdbK4TNlY)pCF^D)v@t$GN0!9K6>NsuqfPRN%>6M&_W
zy&6Ae3^^Q2;&%`CZc=fU8DAY@>zV6Fat?47DRuG1F>(w^Mv(@P#u6GpB1Mmw<LN{W
z$9G9w8%R+`lZ<q2B{N55C7yejk?7FJOp>2@nMvYy;&3LbzJ)`YVf8#APHBd5JCA0l
zu~Z*JjY+4fx3<~ZlF~M25H*|y@Wfa@XBoXD1`?cP9Oylj+KES24gW?44cM4wi3ijw
zrbEnlOmwi`j=ez4%s@Iob6L))h?zJD1qRZfrOYEL;;%0fFJ|n1NUU*j%0@y(^e6(f
zU(iHHA%z7C(`%%#7%H(iu#E|(g=RVxu@qveA$Mj%qj4)zZ1G*k8isR9Jhg(^_$+yc
z4KmTvABwW_M1sR6iNtU|&mLj3X<280kIh2{Fon5vjc7r-MrtTsBR-U_5jWA|i7>7Q
zv13U@T82YC>_lX7@WD}KU-UdIvE`W)+YKDXCeJUX8(BQD+>rRe_%($r@gYc}VX~~D
zn*#oV30DXbC@SY6o_rDNSHVLvC5xpvz*@XIBr%C%&uF0&59;88jI!EeYv$vXF~$?H
z%U+51Ul-G{Dh~VDsl|XD%P>~BDjw|A2z?sNSkcSDIHt-T%l^ZL&L)RLSmdLjhQl`3
z2bscCCkrxYH}3v$(FRsQm$~>Kl{El^9q~F4L)friVM+-O%&uXhy?_z}!yZdMjgg6Y
zJTK|GkWeT-f!*S@05=LahQzHL9vC^3M?)0?3lYH(@u|wAgBtK5Fh#*Ijm}}`f(lb&
zB$w>-x`QJ)tnCngU?zx!67mh#%q~tFaB{~}vIjyQn(R0R9f8NmD8j-&#tJj!RXtEQ
za0txpsEF1T9jG&7WNicM2O$+*BNQ!g9*F@4ni*^$JR?IpLZC?lI9TQlaheQqLVcD*
zG&D@|wWyjHvMsk_mPMAaMpaCs2EFa|%S4;3e3KN-b8;&{^ER!rk52_{+#VH=v6jY*
zgc~GRj|-KC4UaL4#;-h(Ave13zQ<y<I_R;+i}pR%{^H>ikBY{2!{Gv6SiU7MUA)uz
zo*KF^^fp(w*1CDBAh2i6#92&taDHoTd2p7&j2VGA#airMY~VZ?bK*3A0Vl*Lf{8tZ
z<TuXmV2F`ifi~1`8pDH$SR!Jq+wE*5WeuTsFz?>!iXpOG+~gH@k}|et@s5Ip-7V-+
zQJm!N%0nb71XX2yo#kW;Q|az}_v|2#FZIryCy}paV~ZIZXIEZS40rOEPUFKhuCT;$
zhovoPw}X@J>IC!m%!#?Xzeo)A_va>F&ujf&e_=2X@8_-}w&lH*UHte-Dq7ParClZ1
z#aToeJ$PB99tPMb?7?qg%3@%Q;sA6aR(k9&ELYG*5JaqvE<`$7SFSA0Og|=_rlD5^
z{{$k?LnF|~!MTbKl8f3Ax>b;gEMTD9=#-hBAE2OQi9>8S1o#AI=29`n12Nj6RWbj@
zoiQl3II<OOGn5`6Ua*voQ9^Y24&ugCnnsrlpChbH;^7mGGALEZ5$M_oq7aXzXjwvI
z<W~?u#}Psi{M(mJm=ro#*jKZ7VoC^ACC+ihL<#ba%HYJb3C)HLuBeV-CXHP+6qsj+
zKJ)}0JW(B`b6M5!IgiQ~^)wZ$a>xX%6Y*Vw;vA}V;`JNn%Fux>XQNdOHfBf(IuDI9
zO{gXZPp1~nQ+YOsCzg1d{($VkF}#7AC9ZSP0;R)T18fj0VK``zF`&+@;fgrVhYBJB
zp@*Y;m_Y18DoBVh>mXj)&9IdQO92x_F^y5dONh3gjaDlUiG3hMCVHZ=6NzJTG-X3{
zWCNZ-<r!F0(GG<fgEM#hxI*(l1A^K@okLEB5j-a08Sp)LW%vo`q48ni@9=qWJ<WcK
z(^ed$1}Zxx+y_?yiAB>4Q)&$=2?m4(O^nhCtQ%Bh#LvGcKEq>InLTL8pK?==Q0~xX
zKbzH9?DKv_ANg*g0|jLI^PplT>nb;5y|ugEeWr3_b{%e~)^SgWe@yY;65<@Ox88rI
zf~6_rk}ieE215W%Tqc7Muke=GL9yFM??%%-c3P-wv;c8S&TeGjp_}g}ep@5oL=zdM
zXE+tGrf>)hvyM^6G(aO4b|`c#V;6wgVWRv88-!nla|DDuMW+Y08muRqJ~L21WXwyG
z@JS)1nP&>P156AzK_79)gmN(MZhhPwX|V}?hLdHXifwL<uW@lVV8V05J9xx~4c`nN
zNbI5`h-x5yoILy<L*7Gdpg7G37rX^34>kcjLjyG=oEbA`QMbf#E(Uy%qi9{aXf9&O
z%YDSs3p^OgQS_+6P)*PaPtjRFaI1rEH<OND!-Xy?rQjT5?uSmMaEERB4plAYIFmvb
zuSihncs#(HaB_c?yx~ruBTYwn@WBD7F{9(j?chEz@j`gIU>Tx*3Y$(`;_BGH(!*HZ
z<7J4&4JH>{PP9lJ7#DmuW<2Klp`a$VU8Uj@{`S^j`3Tn?D1LYNX>MSY&2N3>`Q6n)
z?lXt{{yMp}epa*AmtiDML)I^o#S$T`EF9M}2l0vo{>D@iqf+oVR4Mta%;1pT3E=QB
z>6!lU;!w$i#~^xeXmZ*ZqT-JMXHk3`rG_fKa;gP@u&zRRRQaTIAgW;~oZ=jUc@K{O
zMS6$@-Y)hO)M8m9S%<(8ae*Y~5`a$P_W@7Ol!G$D7?p}6M>yVO94XhWgfbjfD2fFq
zl^5iJlZr>W1$#?}_|>F>Aqus(Fh!saEFP2P?Y;KEs}gDCNbt7zx*Q`bs<+~i0R`Ah
zH>jxIb$BIt>BDQt%|w#;K(!uRrR1d^sHwsy97>%Nv^6!yEWTZWKOR_V_(>0}k-y#H
z?Gz=Yhcs2t>^iVkbEzS!iF;7>!i!DB$oIZ|GC%;iZpDz8C^VGcY1j#qDy4Tjv`RkO
zhN$|)hk1Y|M$>N6QyhA+6b@&~q^r|+IJAnq!=V)pEzEmzOrXBE7sf`?q{l1{qDke+
zHyus-NmXd#fhtUzI|*%77#TD(?D641-COB_YmB||f$bDu`>;x*7dx<4{vC!Raqlyy
zBLP^P7n3R#HxcRRy>;?C4Le~{rSxuxR@paq_TDJ@=nv4u=wnTKibF4!!m*(}>Hd4B
z#@;IX=FZ*<hu$FX$+5Y!w}r8hH0dRagJ@ED(v71LG^xtIxwH2nh8-y=&z_yMFsqtK
zHTIN_KG43xVWay>#@=~C=}0GZQsL-b_m$>7p3D-6rNmRy*b}D%7no0z18WuM$;3+e
z&4%weu~vG+!|RMql>=KDb@jw5#g%Phg~OjgN{6F);`Qm99A0N^!c1)C@aywF9Zs2v
zZH$ed18R)M(8LPzGKCFgVx0$5qcA&UxJ^Jpld-tBZ1^qq7L2{x{=(5)O(+{pjJ<{F
zrvv7rK38R(NLuVGEWG5tveBp<D;mDwzTDve7%SN`xW>xH2Gv-}!EF`3?eL0xb5&a2
zGH%6Z79c>E7Zc)>^DUCz5%-|EmSz&qvWJ><Sp{A%EtZH3TKR2l2@Fu5i<VAss9bZo
z(U^}GqQ#as-wwT2QWnhD$e2);+#(gFt#R61J0*vq`kR=al8Un5?cEhmSuIeIq=er{
zeQ#*EjSoqDdIfTr;uccVQ>*8TWw>1$D_I>&tq%{BDPA+yUa_Fi7*CS7L^L@)hTiE8
zcDEO|mhhtuyLgagjFKmJI@`P3;z-lW1-yA;%y+Rz-}G+r6b+f52(8pOhI@zmG?ArS
z@PeTJ;ql?F4>1KYKMp#?b{cM|$w6;0(PGYnLIVJC2%2he58(pJ*>jpNsx+D*JXaI#
zG|{}^ye19PZ)AueXIG&zgUS-3eK-fOU||0^I4Fei#(_WhZ4`bHG(9XKoEoDQ7E;l}
ziWRN603MCl)uNAJ!NoLD1&WBH)q;)y+y|Z!9xcwikrlxcL6HMLhr+O;2uTY{bO^^N
zHK~Z<E8;3qw-bdvl#5{Upj?Kn8}1chN})f4ZUGgMdvRP4htXlwj<D230|nj#zA)kX
zVatYgV1PKvho^xzY`BF~LKT6N6g@PygfA0fCyPMJMMVTQ6cyn*!zoqKkl_^~(YZlH
z&S6mzM(Yl2VN8NK@YCl!BrN=SE_g|DG#6|*9C*V4g^!I>01Ish5tll?V&FXhZ8v20
zHod|Pah?XV1THvVERmC8Gmq?z(*==4;-Z>|#ycczGkPB841EfpNmM5S%o*`iiV-ya
z&*2_o4$L5cjRp@JZ6l6dViq7~3>gG`E<fcs!2rVhr<v#^ih>+6SbP>}D5>!!FjPkG
z2DK*_{|UaI4(avYN}IE(w(!t?euE<$w=SOT_0O|7aO=b({7^X;8if0*u~du`!sC@>
z6?%XwdzMT={Dd&u-_CHAoLuDriVG{^=z#@+9KTUoZS0ZvSK9Yh`>RZNtNoS6c7z<`
z9e<v&x5`^UBLI%9u=-JkgguF4b2y)JlxT#)h-jpWx5kLk0S_97x&d-ymI)**4))q|
zm>1$}ltZxaWIkh?t<)RQVq>Pk3UKH^k@A`P15}c7HY8u!-W@d0<EnC@>9c$$$L}m@
zZSqC`CD|N&97g*IzmyrDYz%VMia+8ja=+|g!~J_fv8=FsvrG6RucrRUscEtP*gjA!
zC^VGyh3q_j<~dznWNaVEGV*=EXYEgxds+K^R2K40!B;lBm&lRDpLa#;QFK5I*voW3
zGAFb~IkFFZMmVha<bYw19zdWV=;5RU7JNC5)Q5u(8{ELfFV~<@#rlR42R<4D1(AY}
z(?L}BVCo`t;jA_!LY!gjz~V<cnoR&d^?HE&0XeKw&gA6GL{>l~Zm_vo6XDXMrig|e
zK06#La{eCT2v$}WE1WN|hFCs|&!}YuNUZSQhIa#eE(Z#708b8TMgNiU0Y4rQgC5|R
zK!cZ#lmNw0{6m<5g02awiReh+(wLPPU2iUDk1^2BMKmVP4DjP%1<1xw??fpeV)4Sq
zAYuXZ0eP@0D#WbfC=a5=g#HT)tLV8P)Igstl#}r|=niQXUJyhbgoBZh3m}#ZSXj}d
zU?1QWIU^bcE5v6AqtI?c-%kX3ycv%kpn<@LK|>0y8a(l`kHG6ktGOyixw1Q<oX3-}
zzv3er;SE}PxQ>W$VuCM3wg6-u;(n0b6vYK``#{Ccxt(s8lU<dy^8zOxsC2y_;EzTe
z{>qafyAe-_Xvwj{^L9Q03bc6ej>E?a(zPFXsJQS=8O8|l#$DbGHNipTM}@L{NJhTW
zNIa*MQ_+Q>iL>p5iVzY&DkLHeR1?N?bCMPGsGpYLOE{^Y;p~SmBedJ;xBHg~-BsC<
z+P$@IM{dVlOAa-Z>BG=MYK(pot|S?EIJ`mjX^1Sxv_ON<RYb;$)Hete6z`Fopa3FD
zu%bU%HPK5!K84%_0UKKFU?ieAN}nqDHx+-^NNR056`>l9Vkpn{Dko@&RXpd<B8A%j
ztrj|i^Vdfc3Q|N=idcHlwgurpl*THH7C3kem;p!Niqup*IO98niU>ZLbAo3ekwGaF
zMJ+_RXl$Z5DbiF8Egu$cnP0dzLirDAj#%rX3@LJTRKHXlqoi)XHIBbzJXF!k6c<W5
zgSU!0D56x<dRSZ#KB8#P8Kj~N94O6Npe%T&=7Pk-HE!OwcDif9*2YS2li#HP=kgmY
z-uv=~<>I@($B{4nuGC)MUPJjoVrff>ZAr12VFnn->IEr52V-V^Yo)U;36|7Rf|9tm
znHFRx-8N}BJ@slBBQn}Wf>h#`?I64wN+8@~xNj7eboPeP7~5G7l#OD=u}z^^P-r1}
z+#)5AW#l_RkoZkzL?Xk)IjLx#p@sks4@!*;4-F)6Uj{MTFA7{*s4%!0e3%}H(gRqm
z2=b9eTC7HR5l3-=WfT>t5CJ%6UUQ~Bf^-D7vIo#SW-rLs#i0`Ds=;BO)sPcJg?L~=
zMW)M=4dw~<&pD{#Wr<VQQGmvP0srLrWMfb$xVTc-FTmGv7>tW~+-sl|jj9&|mNyZX
z>|oKzSn*P$aOx>z3Ce>FNaUvYlHycc5NOncLGZZ(L^h)00tZ^n*XwiMtfWwVV;2EQ
z;m}Z*V|h%Z*f_j!STaS%D5x-cTU4wy0CfQfY(tp<tl2n_VndSS<1x;$(V}B<mQ6z3
z@i4gzKU7d7246-8StQON#9--6Hq`XkYB?1EL<o$Z<y3q`V;O)$9yz^*Z3T4>&?dT*
zT}?c0pqGKPoQfP8iyRgr0?GiyoTXhw-5?OMhcj-)Ulr%ITLE7Y;~^Tw#RmJ0#PL>w
z9Gp#>J&N5LN5OdB2>Cczg`j?o5<E{WNADt0M&nXQ32{Qi`SupiL`B?ypam*gFdP$v
z{sg{u@tno+=NtmW83}BkkXd{v1$`6DQ!vnp<UAT^#40|?Afz}sz~*3J)*Bp!sZpq$
zY5Ng}8Z{db3yQ4Z1tLGLp|?4kW@WVfD63vy3fs^2g1TSx7Uew0T3n-Q>vRL`-fP1o
zNHflG(8+u&T9W2l_4G#$KuffJIRf&8H(!H+kQ9&d^#k&a1M;<YuoO*bWm2v&tb3*%
zM)7>%vbpFqQu_H|In7L7W|98k>2~^^c6VD&p4{oIx7W_Mm!gCh5-Mx`{sARtL3F#f
z-r8xeZS+U=gQV*)EIc`UX*#-9qa)6cBbowBUCzIptI=iM!7#p)XG)D`caxI<vnr!R
zf0*6INUu%{977>LYaG+mA9(9YB0r)81(l=<?V-emqMfifvP{<8eR&u5R>}+kvr9T?
zj1}7R1j!Li7|G+(u{6h|Bu5TPSv!3=i4OW59E|l=FBjSwJr@s@wY4u#`lQzH?{;^V
zX@+haC3?f`q~mrI)r+iFbCl|jqDf;R`eEmA{?lb2q)Coc&Yh=8@{}9*y6X}<oBhf~
z^}+e>PO96{y1d<`bZcLZ)MH=W=nbTAvTD3pV|QnJ3pZ`)2=F`XqaZxlSxV%t?8^!9
zC3nl7TFIlQFTB~qZ8#Us3_Byw8Ff#dll4)alveVt$@92qZ&u!Ad6nHfBG>z!bIDT+
zgt;I;lFbk##=uD<JRDjuX`G>&M#Apd4yv|kBJN#EBZY@*?5;3K=(Oy@(c|tdNk8hI
z+)nZgnI<`BEpM)#mq*Pb3@(}$RZ?=nbyo*6nMPUiAamUd6kbRmLxXtsaw#7rOD}Zf
zHOI0>BX@5JH#oR3wW`>ANfWQ*Og`?m(d@3HQPf=<W%c*vP${p!xW&-AJWBV6CGs8^
zb>KuWIR%!s`SRl#XulSUm%9D!?0sd#E_H9tQc|!b%T$)GulBc#d0TtZoSHPOpRNMO
zcR?tbV0jCoFqI@`x`W|272VuA0}Koiq?LP(?!#N<_fBR#iLE>$@0qNvauRq}OP-(T
zPWN0e*jaCLRAQDBpcf1}n-(XtJc}puJBvs8p-BpzndR}IS!^}En86}0#kh++W)>B^
zl$`7wwe;PybTsJm*264mY?w%1fnh^cu_AK4!Ti>0XFbgsPVzL_Pk+)E$tH4ElFpGd
zA&-C}vTOvS46lEAV`D7$LUL2Nf6&?Ptn}7<19^(oVnRw6I~$yS<n5xQ4S!LpZ0^fJ
zgECjFpBIFr*<veSXh(|)E+Rh*QERr&J1%iX>Zx|aYc@}UeJD6gZMMNClZ4zY%+UQI
z7E5Qd{!K#qM^)%hkUw}MFjwGvVQmAp>S7gviJ6#0qil+bD~1ek-lNQI8xam`1WyII
z#_o^<g23@`YACjCoHBxLAu5xwD!|nh%v<5+Vzvdx7ZMV41R?5iim77_n4Y&3WAh#<
zm=U8B4ObZ*VNi6iUjyR=R9jJ;g)ZQj6|^@|1jNJ<laWvyx5>GY7;T7uR<ZWuaj}lY
z6wbnITZ<G6!w?WX4+}xmnZ?u&R2`lM6ac4!V0DDLGqxI$5@8dFoB*6uj;Y`|KvB_G
zhMVCFb&OF2_OS426fFEukc2RW;e_%kW_>)dgOVm>0;XvwsEU;b71NWwA_YMK9F|yo
zSmGZOraZ*79PbH2icli4ILDo=m3OQyZwKRxrbGu^Z1pkQL=Bk7fjQ=)V<-|5?1AZ6
zI#Ntlpq3ppgnbnqTj&gqcS0u`rC?+rJU<ojE^4QIDFXsa#|&KT^+A;pvbb=0K<h>8
zmWM^>7*$e~9?=!Br5|9AU}=i$JQMp`;VeNoSF?xZ7fVKrNzj~R{8*4@A-0r|L+Fr0
zkHAO;p9imZsR%P4HwGwQ;|CYba;$(c%faI=7Lt%S(B#|&YD`HFT9qSL{WM{lg@k5j
ziDVS<)nFEir(y^~%)$^KFydf?pdb%p3ip7K((sm;ODQ5NUS1VAgK$r9r-~B;G=Sl>
zp<l}>sJsFE6tTKRnbZy$j*uNHUj`F=*lZTOJ4{!J!Ysss3PpR|FhH9`!g7MqlOG->
zRAa#D?p!ZkM`67oSF)gw#B>SS3H%ByI-x1C4~7vJ@p+i<T%JG_a2Y?)v{=h>9ky%G
zH%tzLgRYo70fPs(%<<TJEkw<xH^aagN+$)4k51uwZ!yizh?lW!IYDtLsZd*lJeiNY
z6OoRG1b;qKMmfg596raMI@Z1%C(D7K!ur%$Znb@uDd?c$_stUN_stUN_a%`Cb{FB`
z$)cB>fte&y(qZ0PfcM+x47=JQubq$+d1BZHvz&KPZ-;ei%tt4p`8G~|ql7$Tn`y9q
zEz$E{v)FAxwA6xV3m}N3GqYYR=4Rv)wrtXOAxkl?T0K^5xnwNUpOne58%fQSip&yZ
z(MaNsCCd?ND2w{b&C_`<w10AJcESZnWBCpsr)g&$k#$aEss8LJXw^>emdmjmv@P7N
zwm08EOEXE%q(8@-;%=6Q2<Fm^>`CMbI25RLN=#&6!mkj~x1>+j7DEP566YZTOjqfM
zr6rH2mGYquG#_xpy=3+wdekve!wdq(35FxW+7ED2g2)cjIhX}(I<Wo~+>qnVfIW#R
ziM>DC-C~Z9c{p^vnDk+@i^+->E99U;kC`5FL>MzPiyc1F-70n{n1{er!gd??42q9I
z9;V|kuHj<90l=D+hrwh;WisQR7&Ztz2P(4G!$alhTdWe8b4VX}2$<}M7T}L#nl48R
zq7n|z)Wpp%oOPa+%@K13c87rGP?<+eiS0Tk0Am=baGIbT<&32`nb>(_w1~(6qeE6$
z)b?ew!Dj*$Vb5UhqQl;1H=<z|M<4KMd0}+<Sy%jsErheD6!up{4w(M27bJ@rtR~o|
zursk|#`F=38n_`;j79PR4^`a8$U%+xWq|PkN6SVlo*aBtz%OxQh4b&Qw#WMn8xIz<
z;wT}pV3ETL5n77{K71da7GcPX@SVFLUqI*~KCE4&@QBrMe}V2i%v)sj*q~N<aTrw~
z2#6h6^5FmTeG!O@lNubv!1sc4rC{14r*gs8hSf|%I1wO;MFAE}2pzBi#r^>s9hi79
zb>aNSnEX^3Lp%w>5u8n9CyA9m9f`FA2Je{sU?wk)YB=UAK(fsU^BDxN{lIV#Zj1Cr
zzP2*k>7VDvX14&7z_<tFPGrqGf+ZXlU?&9TgWLqe9yaobhGj!!`(;6AkFEx|Xb17Z
z*a{02WJp}fKt_E*K{`@pKf|O2F9l*fjO7A-3qryZV~)w@gnWsLY*cWp81sA+EU(y4
zF<W4p<Oz{)fH8@M6wZN$#+Ng(vbL48m*->5{_^uyQ|rB`9<yl1%H~2V<~ZeByCkzI
zxU(J?#BZZ~P(WU7-kT|Imz?ty*JhNu7d1rB3GHr;C2wIS)>w$b+TvJI`;anp4Gy{R
z&{DqdA(tLn%4k01(t}HJWPR{;2;mPd6cPQNQgMMj?5<j~jujFo<K_LAW;kORtZ6!u
z$3m4Pr#;L$1<$!qih~y%@aGwc%k4Zt^U1Y&S_+*!(ei^ldL~+`%LbCC7lq3_{J?p9
z!JDbc{<S1uUP#XDr!k|<Z0-UR9BU?m7uuXjm;sEY;kcU_37=<1!snU7Xq4JxN<lNq
z`R=8egk8SiwSw7X|4L)2{7vL?!k%c%B_g_^R4&V-Fr6i{UUODCm%#ejv;FQMiJp|)
zFlul(mN-8n(OmH6=krACWIcxYD{j(GCK2J|3OiT`w9|`0JDy)o5`qH2x*VqCWg5u~
zK?%}mvhTNXJ~h*#O*%V|7rQmj6O0Gua<<=Q7m3&aSt*!QE3YRT`h=`_$(s?)w7gna
zn-Law){fALvxP51zh+k5^p{^#8nZQC(Q5{^TFTN%VykizXLM<GeRr+9w!BnJoeea)
zJFxL!x=0SpudPjqbhBy@*_ab|`;xbv*DPjY>D$G~cy%B(R%-i2i-}RLnBQIx3!nzx
zmi&xHRgII@5*>o{QJ-CSEs2i}r)SGB4R<#-E;seL!l@L>QnSqwr*gbF&hBarSo%Z~
zPJN1$DNx{9>`c2pmyRyz6gh`n3Ba3|l2|ipCBKM>li!4|kGkOTG%4CM=&fWrh7!w;
zq*vOslAlIDH<~7MqiHg?_g&_cMHDCIlJ9d$omVaqB5htly08q+S6@sHuUM=vFff&9
ze#T>DD=ke%Fp-37LFL-B7eg<aXA;Eig=m2R0-Bu8vSBKj)Qx(hF6Uy*(+GHAf}1C*
zuPK(!fFF8HIXPQfns3zW^PK3tKIjBX^NHMaog?2R-tKL#_2A<VBq1k)@9ylteUjAr
z`bs#zb*{I%Od>NdpM`TFOO0f;f(9$gJl_b>Nh^H|8lQ*3e`|MsZx5wUnkpOt_bO!J
z1|WHreM(D-`Ab$frtnlO*r%dYEF4o#Di%z9m_+^Hpob|Ijy+7VVBf<O3&$QNFBnsd
zz(XlYuB}Gf1Cs%yie{2KtR~m(ua@Ud*4>y{*gu;yMS<&sT}0v=*Ha}KT?wAClqVp;
z+Ifx))P=oYmIoUXy(z(Bx)|lFQ<$ZPixU~kvNrK6EvAAI5<><d@x5ynS^JhO@^}SS
z!agx+DdQrNqN!0Lad0Hd8U<mEl~>pSviv4<YnVt0V<C#$P-rofl~hS{nMN%V_2rfj
z&smCD0&z97i0>4nbkb2tD&5l-yxL;cpI%!kEH^}|*!C9lY_1+AmZB4N$Xr<|hIvVg
zl3J`sb5VVfU4ZRNXm57MCRNE`sqmKP<&BEDi3GKnRbaX_qNQe?Rj1ZWZijOMueH1s
zWdhUe8N#R~v?{kqm-ysf%Zqc1^^=S6QJPXaYOC$V#6=B96>~hiqZg9m0Iraf^M4CT
zIhnPPl*1(oN%6;6NQzG$lII8;^2>MT!)>iKZ{F?fbkmH+`5xm#Kyqwo;?`nO<V>01
zW^wPJT@+k~SJ~d)*}Bx*fR!HhZt02W!oN%-myxn<Twkm2pEH>b&7`8`fpDFB-M(Bn
z;{7Cij{^H5O`mB;OG}IOz0bvknU)lOc?|fzCzrfN#?UI}ur3sn90;3K%r8z7B0Mi#
zo<zAW`At7-(BS)KJ~oI;*M^ORz(_}KVc6msD$U~*rg=oiSxV5$VWKdIhk40XHB2Rp
zlwm3v;G@)19rNGuJb3^?z7XC^q#>IP!f&2&ySs@hDBev9Xi%-O2MZ!2S!np(yPlA>
zZ#^MzxKt2_dP7uzP)hO>OlM9a0G`5MUf_3$jKNmD*-+-QAM{9;)1GW7YmEdiZ*urm
zmL(^kbK~^q;%4WpB)UQ{E_Tli<MOoI4RI!u*z5;eoBcs&b5LjlHxOH!?9&Yy#*HDu
zn0><I6TV)Smwmk~HTJ=>yzCR@^)-yWWo286vYb7s;z!GB?D=TNlTK*N98bpAab+!y
z;GJTldz=oxMNrP;iuA_uLT?b?0v}!IY!7pfOTQf7*Dr<k@_sok{c>E91$uFL!H<>{
z4{qb>h5E9vBNySCDJ_ujr6PGPkBy??qHr83;RJfBifsv;Nm*&JDUmr_=TcEANuy}1
zEXTumE+|TBok?)Gyc+GulATpOMJqvTX@p!ZjgZSF#qTf4&Xl^J6C5(tO=${Zn5_0$
ziI5vvv>62)C#244g&hHsrO8H^s5DO~kSkn$LIGFcB6e~CjtnOk;HY6j0r!9>a6o}&
zPblE#tpAe>V82Z)kT*wXJMWzY9ZBB20c&$&K?|2ZlM6VmX<~u&)x?4pb|;ey=)}nd
zbmHU!I&pFVPE{usNbgQAfS)qC01S9?0r=y@0{I>j3KsMRO`Vw7?eabJ3Ev~>_Q?fw
z;^YGQYH|TxvacW*I)mDK_gG)pm(|#t(>fV>Dbqa>;WkAHdFUk)<?~TOw2u|+b3uce
zh%<zXkR|;2EFv5R7&Ib9qU!0zEGEnyGFpp~pmCs=iK101QfMX!X)aDqBns3VJ(Tb%
z7}y>NpD^{a3S;bqERR*MExTrOwq8e;kz5xoG+L*#IO=tQFi9d&Ut5+3%$Amd9HAX7
zx9V}+%skU8^Ps>>-h6X>(+wA!dv;yPNq7$u*}Lyb-oA}jGKaheNzkKBWwAZO>ei5m
z+&S%>W;73GS|=rR7N)EGCO={rC`qA%gI4lF?UN#oN%}O6jovybU>DEJ`D&who+&#*
zlAAK3pn~|Oi?o>bWTTE)E>9%Uln|P&FVw+{A~u@@?HdWPlCMmz-v>1X)i@#1#%>l}
zs-JA8K1Z=w^tn0T9?!6BLs@E(@yhAVGDefq^fAsfQ`$$l*yesY<D#itWcY658;~)U
z<9J?6Xb8~4c32BqBFTeElE!OmWNd^jdE#{2<0qjq+Kl44s8y6WB^#g&jq&Vk9_%m3
zH@~bT;viDm%g%JDEi~q9L9Hd@OPQ}P&a~%i3q(^I4CZEA*n?SSK1>_)kXNnf6kN2V
zGO8i${g^$@C9fq~88S^WNn>_Zj%<)GyL&259N|jd3{zG3bfc_jF{m|WqopL5ZovSF
z2b0+(Y92g+5}bzP#EeJWmUNxS4wIoN{DIT~jf~K-RMF8*Hhc?J6U*Z4%53*$`9*wr
zoR(vJvg7$NpS*IUE3CxqHIrdFN=jWxiR82}2EpW*@Vv%+J(xq-D_De#azXJ%1;S0(
zSJD!X1^aS^N3kzc=xpg_bX#TG@PtkJuU!l9T&~d3kivON7^z9NG?GLT&e#$amm)^V
zVw2&(C|qDh@pVV~11U8wiv<HAq3q>1V_~(FHEmfrt}iQVg!=MmYAh@9?)v)7fKu%Q
zHBMw~>Dr0xWLY9JUDUdu3W?&j@d9)JF-&SZ8!*mx`iUyu32{N+*=Vfq_LD0Hz}<eA
zahN#DBDI$4EfGUqPc)c_3BxXibBCXPwwj=s=A=`3i8q<4!@W)z0ky@rp4M1ByK+Lo
zEAR<rb!Al^Zh&6i)*4TBLg}4QHj=DF`7-hG#*MeAdUmD0J4mieez{bblqZxW@1!z6
zb5fZ*sWf4xk2>broz<<CUS|{HT6EmjPRgD3XQI%xy1P#2oK(*DPO^fXRIt%JiSNBr
ziqAJx76s(POV$_`oMDy>tU_KgqzY*nOoil<7uHUt{oHTN5fvtFvfiCi7B00(^EBO4
z;ukL=h<ZHMsnHvq;#B61-StzT|EGloTMJGX2T)_#CrcL7Vy+~U6;8N0vi?ZMo=L=t
zR*O#;7%-sz4CxsvjxodF(k_RK^%Kpx(_?%SIKPbV`r^E_F$=e80iE?ENkkfHNC8S3
z-qLBzSx+agd|F=lbo$CXal3hj?Sk$7jC`jv$}QqNwB1$~SK9R08ghZQ0^vC5k`%d5
zYU$ola;@Q+4h)qJTlIy_t&5xO)lPDg`Oe15nv|@kks3BnaP|8w`4s~wcIw{XB$L8J
z1yMQIQNk^hU%MO+u5|u?#?G|6jT~p&`a^F{;&i9GKYB}|$zo6J^z<`dbhMOhjkR@^
zWGDUW-|Ggzr6i?i&aqVhxE9GGK>!378-BUy<xp;7nuAa4zvhd@m=9_Ccst%*wWtr4
zB(UH6@e=sB^l~^}jrZ@g;Z#^RW^L1NF;jIKIsm9t>6N}z!CVerz@HOX(kae8@{e1k
z!@QJ7GoA5!yh0!51Yv<M`*3~qlGtA0uhsI%0KQ<y88IWxOffUfj4`W}h}h^_qGdd-
zS{QF%-JQ+X#BAptzCA)?p0Tv9XtQZ*W(0%@{_IvZcQlUfRu3rL13^K<t+Mn92dpge
z?fQHvW6y+-=&1zXvVFhVj+dK=D+WR|MqH+C_i)dOTjVd<^)J?SQdwm7sT6&b*pJm5
z<W$t}_72zgn>`8{?@^{%V{b{KWaKOJDW8wG1^M7FJ_byo^$C23eS%UY)9`+X+fPSE
zb1#D!INbf%tnRlDw31gw>joto;t>p_sNr&a?{p-X0oh=gbZ*t$c_>kD_ek44oG85{
zZk1~VnYUkqzBJ4AlV{05Fp_#*y=2HZ0p|GJNaV}NLn^xFw46ukqe;Gua-hp`Sf-jb
zC9v|};?n<i{c#RG@}XsG^gX;Elh6*1*PWeuX=xol2(VlasG-TcY4GvU9)$8TKM3iL
zCrFA>^UiTByYu5A?#|;NLAU>Qoy>_f>tOyqTQ3dNH)g=xA5<FUU9*yG+vs1o;^A_+
z*}^c_<oDx_Mbs?zkA(VoI1-?)DtTXzlexbY^>xKM6ej&q_LLFS_DSQJ_9^<*QWcqi
zISx?p#<{0vhR`q^Tn|@wYs*q+)%i$e8=gqA1y8U>wbzA7y4^ag2|K~jM;2$u_lN!y
zMUfhnma}Jkw~6*;{4AUIgx<Dj&kWJ<XL2(5o~49{25)u~YM0`}(kBd+R00)0PZSoF
zlK^U}6oJl?hwp?^H!^Zp;1<0dKc}$AC~TSf^LLKr+<67OA8SHl<|^7uN_oqbhH6L4
z@n!?7Ihv_a>M`gPLR05Cp^0HMqWYBUM7`h{s~n8QM337C{c;wG-^UB7rd>fj7}D_-
zzj8LgsloR1MCk^%;|c7_Uw2!clL>3TF1f(UZ#rSkZczzr1G5msQ&mV{p62A&Dg=&H
z*hSOn;VpDN=VV<wBLC4<CZ6);_$lFjsP6t~h~*c57$nE>4!nt{?)4x}s`L3>U1wpb
z&Q%C?&LPyY3JHulmk7U|T=g;)mNKnE$TWwLO%)OtnTq)DkMqeP_fwQy|He<t;2-w8
z?D%ek+9pSUEluvQ{V)%dwmP7m^v)OmnP3Vs8C-AZVg5ff)9Lu}bkeO`+LWH2ZzpzM
znP|=SBYIuA-*A7|lfh_uSb#B`m*eRm47xa_^ct>8PL1t((QS9K^%Tuu`~(Ts!3?`r
zOUSuV^rNwRx?qpPx4trt;JwJ(9(J~yFJ?wx+V3!>)bsb{W}0x#zk-(ufQ>f7X585w
z0cYc`F~aO2gITVlX`!{yOoBO3eyjCrYJl^8BIPKlY+LoL@C-e3491c@SPJRWEJ8|R
zFCJ4MAMHx?n2!^B^VrOdK3z29*0Q;qR3C~_CeuC2?V?ivU8)C1t+09$wBFf+##m3a
zotxdV#wbADkmpDd7zKXlPKeK6f?&=0O^0k=>AFkKD$Yhs>@*$IS$=^L^Uul%xi3e$
z^K!6x)b9c7p9b#fgrPOd*Z*(<i4lA@5?p2@VRVo<acxK7>d@6z#7|snb4dHSM|<|f
z&^X;O-}W;gR|5ESONeH&S@T+@oR7Qh&jLzyHK`bZ>INLu4a{23K7)Qj%{eJy!0A0x
z2<|Z~#!Z7;2B7|%YqlyxfAf8s-n>uq7d&BgyKTAaq&XJ)dOy^zW1_5bYw4@eh7)P8
zPDW!}Ge*;1D6f7bJZ^F#rr!k8OHya3<bRi83h$Qt@#<V?)W6Loh07H?HiFNm(<5Wl
z=00{XFD?mP%$H|y>dlYh!9)Cbl!sZ6;xOwpoa~)x%JQZ023FDK{weJIVZ6F;s!%34
zPjwKI_~QK(92?)-#8l-nwMe6>FS(tHed7PDX)CT#wLxUXY<`@~oPw*6V+qQnQf5n^
zWRP>*Ny;@co5|7ayABF6q{l0MmF)A5qxZn8c!t%;`Ff#)ukf<n3)_Au(c}D^PFFIY
zgI&C5<ILVN78YbCutb3lyHg2KoM7^lI*i*JWVgBEyk^9wZN(Q-5hKxBHOe+kYrtT+
znKOkW|7Lbv>FjV>>fW-X`9;4MU(Vi*eDN3=RiYmQ?yGgt3B118O^Sv2=2eZ#muXKi
zpv{wk=bwJQQvuPIH{XH3>{b#V(NmpJi7__Frv~@#Yo(>S=lraiXFW#zPx<fkZ_PHE
zjb=@kF?=6X*rY-|;9wSaQPi9qzIhi6XR?W`&%e)f4uKa;N8o327f=xPCvlqJ&zH|6
z!Xg(I4Ok5T{0BGy-2sVN92#2;4zPm8LG0N;!D=wICF#?6QO($E=mhi3MvHIKXB;`6
zY2~a@8_DLXpd3>6L~IH7PcK`I4~d(D^b|sJgyCO1E0kC7;p{siWZ221W88iZe7=X1
zvL8X43x5seINt8y0p4<6+AB@#i+=>8=>wuN5i0MN+(v=MN0hYV=u`PDIIZ2MA+g``
zGKa*Hnc7j`r->2B{Lg8PDOB4(0?wEV9a0}b$i5<gEtm9KaX#7_-Cs0Qa^FN6UK^;h
zEhB*5*qkRgou+^|5`D#9dm!-=k3ZJD(TtCbNlt)Oa=g-PZI)67Oula$<U){kD{WQP
zrtGqfG8$LNSaC!?eGv3%{4FMO$EniC_4?6~(ISI_#+D+yXR!S<)N12)#kUWwvi!QT
z2Quo>$2Is}yZkg}Vlw0(*LX%U!>3o*<L?WF7t+Zg>2)G;nU+W2#M2h-XS~~uHe|wJ
znGM$Zxto7OHa?*hr!yEM4z$nzIqm*Az3ISNSh?3|2C$ylLpbwQK`s*J7KjNWp}>ph
zD(<T@<h;rS`P}U~vQw;1FnxMyO3Nz{nw73YXg{!y`V0pJ{Bh2-gdweCD}Rs<*$@IV
zi^AObgj`<TALotma4_Q_2Yfw~J_5x+n5`3jyRHyQ?qewyhG+EQ_I>j$QJToFXLgr$
z{66TZ<KX-|TLCeFM$%{R*s_3|OuSfUDV<U*So{{2mKPF%!MZj8xe+MUwWnqx;Wp|G
zQu8oyJ3Tb$P+E-d??Faef6~4qlTE^%8e1_Nv=f{*$zh7s?1!Oe_;P5!?+2gW-C^=+
z3t-AmMZn(NGnaLVHo1R3pebJRkTImgzNN@hDuk1Q=EtFQzl(^EN7+t3QTF)0`J$`X
zQnuSko@9IUqyWGW)qL9F)(mH>v>B5#oj<xuxXUC9&Y9idx`_OBCC1E@hJ)MZ`Lx;B
z8Xj_)whG%(lC)g$Eq1nxL-jZqPvv2c6?`R3y%`-RaZrZqGYX@R^VK5))#;;>Yig<R
z5sC@5iA&u(yizEZS$oRcn_%X~r?ntW>Iv4&F2+)PU>o6@y*#F>a=99#{Ze~vN333$
z5^oWfC8{beJJRXayDZTa`zZZLTzh#m6n18#UDR1fkFiIVE@O}6--2GrWvq1${@Q)I
zUawD44ko0NXBke65V~eEDR2J6KtFYIB$ZbRUcr)fb!Nlvfb6kPv+h7{MU2Hx>27L8
z!$By+A#@N2K}&W8l6Br7#YB1IujIvbJ9_d0#@enOgfqLAMQVzpF4WrmcX8(bCA^99
zc6@CpU=iSGC@tUW24lELHy@zj(VbI9FpSBq3=(d5d&L_~+eMdQMr=Yfl9|Ns=Izo(
z=;F?Jw=_EjB2O)^UMjASbjpL_+@Z;%YsTLr7GKVMOL+;uU7x{FoVM-wJ72$8L@^ct
za9!B7nJse{vjXVRc3u-Mm%I?Si^;S(;&_{*gPb)?IwW$BK-cYE+Vw#D%2erFAdv2H
zzCniwhw^<Q{WD3WeAeUNzBV%vBw&&NFXyU-i6-K*C)4BThErMaq<0GmS0=*?y=}+$
z@{{G?a}Hs*9h=r2>n;LR&#0b1;8HniWy}5-_Im==w#N9X!4oCJ%gfca<qlCKJ4{X~
zf>ex$WNLH}6~Spq=dTUF!3;SMk3Bh4AIm=oq~6EUP<46aWR&_g+1+aD%DB*`>Vq+j
zvSQT@F_C~Xy7!c;y0>4(IO$~KmGE(xy>`w}>vwDlP<^<HsjI^{xt82}YT(tFIq>{4
zmP*X>U76&ut0*j?R?CR6JYV4GEPWP%Or18Go984ZJ~j<iq<G1k%I1dj>QKMJDy4Ja
z)UQImuK3)=sBG}YcM2y?-?^e0Ud9e|au`5@Pf0T_O}b#%&3FM3`PfieP=&`Q)8Dkw
z<+{p`VDHtvU0w;^+w7G9*Cz6%hrh18zls9c8$ZA<Y`qk1T?=-DV<t0Eh%X3NbsQ?a
zm#?J~iRs~x=r7|l!p`bX%iH|mm>l#mSvVq=3O@Q#4X)MBSNtqlDCD|{I7=W!)^PPO
z=hN70po2hfo&&OHc)I!?Te!W<js%Pk<7SIY&U{Z%<FPtX9ous)@Wutt4|+Y{G)UhQ
z>fJwhNAD=~KAyS3wVOzK(t)#aY+Uj8sOcBZ<ayk}_40+$1X3-_6(rnq_nC<vVC9eP
zGwU5_^X*}bViU;bf9({RDUC2yCg|(^q;aw4r5Hxco$Xg=*~+N5lS>jot|I0#%Cx`B
z)MS}tY0_3NhgzBgYA;RN3-;3-P*FX+WyxRo<P%cL-h`BB>TT^P;Dy;MBp`R+=`AyP
zJ8zzv;hiZ;h(#-;Sv^a5P_4%tmSXjVi?$;jxQsJRa(|JR_19-{l?x8lD(?#MktmVc
zL%UvCIK89^1uj9czuG=O5L@N1=H!7xH9eI)J$r^lB2H>cBM}g7>G94CTm-Qd)C1Wv
zJ4`{!&&JA(ua>tpPm&6thjuxJS?G(};RZBPeKN6G!s^zmXtZU*H2+j+jCz)videpe
zLZ`}F)C)mXj?EG>bxwPkKhmg`Zxtd-7ik1C_Ns8U5I)6TNa~$bJ0iJQPXzoi_Hf#-
zhv$4t5^^s{S~jS&vMX;O41qL8F@iSw(LQ>cz29*Tk&j+<sCqDcs#gRiKcfDMqIf+7
zF>}mt&!U4AXWvC2xdZpKmJ6f4LKbU_R1j#)|0DkjFI;3}AExitGHV$`#gzETZu35x
z<j0|sR2@%O<y!k7E%k^@4+AUa#ACDnV8;8nMxoI<C46(*OCl-=larG7K8?}Ti!+&z
zp7@C2X})bQcWkC%+t>Qxlp8Y({~iBZ{<$sw-HxYT2iS(zLi2M54<y>AmozB`n#ZY5
z*%X8WO&Re6Uj?<ZSrw`iSp~IIRRy)PR0Xy3PzAMvNCmayM+HUy^`*{PM~xyhog*rd
z?etJab-t<~oT(}Z=co$8*{OnXUaBCRUvk6-wOtio0y$IWh??6W)8sq&&Sln(V?(W~
z+dxdd7WD4z$uht^(FYEf@O=fFIbQ6Aglgz-!nZDT+DpeqSKC7wIC&A;8Ws$BPo)65
zeU3<Q02`04_r!TB8_d=TaYVXD)1E9xU^<r=kRuFmz+nLINtcL&5S{tdzneIM?Aif#
z>*o&`MKImSZqVVWQLKpv54*eVXd=4_levVP<vmVL2XMKT>m^UIv3j=6RFBwi2#iHk
z;AD5F2Ml5}X5U1P>($EDaKfy&&>0Gr`jo8>`vcoS21sp<?a;#Efk@T&C}NCxo9V;0
zn>6rALO=0pw`-hY;5CDlkc!_lkll>P(kC|O7Aa;wBr!9GA&F&)5cW}6H_<HYcX@0Y
z#0Bid*U!kYw`=aFNW|58dl0}~J)=haha}(pXasyDsas#4i4&6ne-B6F_SOQJc95er
zj<DFr0%|W-nO!?h?#(v`TT6`$eSkI<JLd-=>@@;n$qwj3Qt^Og$l@`x^I$RZ5~Z^K
zMG&84+Ls&#y2#+i;a%)#4pXX8V8tma%3;IT!==9M5yo}wrPsTx0$(L<gh`(B-dV)}
zv#7lu`(h8ULRrtW1lm%fU6KcBnL9#e2|Gf4x26<1eezA28jGQbM+5T3h8xCzz#T`s
z#SCHARG12mEy3W<w*~|3s-&4<e9v~%#z6A(7BShWkz~?2eKar>9%Mbg+g@;lz^IZ6
zb+>DS-!A4G15BmCn;8<h8cZH%-xIXOyu%S4nb&TJZ%tLwcM~8FvqX5$w}-3;O;JQ4
zg?;4xc!5Qcfr-NoPz~|N`C5foXCTmDH5CCH&I<d#{g@Sjn1Q|HFos8*>0|`kEyt1&
z(y=A`*;MRxSbo`5myyLJgWCdzUuEWbWPk7{IgafWGKNYm!&E547wdB*N@6PDEizT_
zzDbpE_1IS9b~qicKed1z{}#a%WG}zL^)+E!69Z<rx?YT@jgN+p&E58D)%0lQl%pn^
z|Bk~biGqB@GSoO2nyl%Dq1RAc!vFQaYTOx-)r+8^lnUn$YZMTE8YbYWldv`4{E4>j
ztELH}IG1POaQ4sbS0+!9ldp#hbBwfZk%P2P3Q#MVcEkF~q2-7jvn9%EL`^Peg%IY#
zR%?*}pbPT8W@zploS0!&wJ`>88Ta+W8T3pfmp#gO_GI~=Gu>|6?^kzhR#673NULqL
zWS<Z3Aq`>F<945hrn?_0AMLnBAF|46EyHe`@ofcHJL2mPUv!MbiqoQ+5pVT^D?e}J
zLepBmPg6W89a@(2e#}EEE6`p%ZFgfsS`urV+(^c)Hu0v;sQg=H1ePJg(Ipk-<M=Px
zz~mSochfO4kjU4Kjxt&`k*4tBiub%h;O9N{S=O7y1j*5*KhyxsS95OmR3tdS3Zqq0
zK(ZPssWfqFC!=JTE7T~t)M!`5+~K9()5N^#$U9l(M+F=R1%((Y36-5ln~F*36Di#4
zEZ6oPZDm<4zc7!}-s@dU6~$j=WO(T!?FdsN^eJXc)hC^+<n^hnolG1aX_Fv5(54rt
z?-C8e7_k<0?7SwdpS}*l->tUy9J^}22LUUm%NdhjH%B`;klP?0s$IoY{NF81Z8P}p
z4+V;6-^tYrWO3{XmfA+6k;au+!@{pIx8iOoMWr5DDI+zA83<X3CItyYS?mpGTI2wY
zf!0)QyKW6@GDQ5&m{jCQYp%2Vg$<FuQ)J=s3St|=kXVquM&wCrJ7j5LI)`I`y%Q&2
z9}H8(w;8)`mN^b1C~9q_O&@iYiG{q!ba*@AQUk*<9I3FLj?Tgvy|v!XXh?UnBF_ka
zEEk{k8ovK<d94xjp;V~GKC3Y?M_N+14}oa*c5pfV<^W&2OT09r!|PYvf6&!1*j!#R
z5sg=PAF_OLY4{1RS(j!$;bMKGFRjp(esv$%r|~_k2_7Bkpi7p=MIkVg-mVM!@20IV
ztV<#t5?|J^Tf97?+`hA?D&#L~s7WCzd}G=J3%XOXF{TSXo-YvF1KLT&fIrRAUC4-s
zvEjCOTfw%6GdoF!3~gBvvBxtEzH{XehLjG73E_~^XBbb5!Yg9wVh$}6NooR=F4HZ%
zql=plLhMY^L9kntEK=+)iik?jtUOi3A@-48Nq?tB4t8kEEB5p>Vo#l4MA&KwbvHJ+
znVp%s&WLv$Ge5m=bZq6C-2k(@&R%MYx<P$z6p7MV1nw7&Z5WtNOv{>i1*fVDZ%!T^
z=@OuwDlY_w**!=j>A^CoAfzPBh(6McC`*$pU>=l-ig7@E7YE4dh-f(u;`tV{%FT8(
z=&5q{<dosZR7IRlBJRBBaCb;ztzi=^W>3nB`cPjA)AIGBu=`{LgNvmUKO4r_e!>l7
zd;*doONyn9#R6eP-<Uat@(P-!IiJB!Q9bz3!&D^+iRu`!hVGNg30)ROo%AYsQpf>~
zWxgLtMWsrdvB}8D*Om4h8I}F7oz@o@ivT1z!IboOwwt<k=U7-yid7Bc>v+=RVb(X6
zDLu|tZOxg=RG=q263CltgZIO5?;riz_AljWd%pu}smA*TamfWf0#X921bkRXof0_}
ze;ATmBSp0$6B6kXN*7-9mVDWX;`KI-)4#?o`sy6QYE&X&LA_WcR1-*omkHQ=r$mkl
zcu(5frjXLyJ#u<e>)T$4*i&|2DLu0^LJ=SCd#$GBW|srY5?;k-n;FMFZ)KXbO*uvJ
zKMH2%?u?Pn37Et8C{>fDT=(iH0|)e)KM3`)p8`{Rl%DU0BNb#JQrpCk=?Cw)I$05r
z$SvdbcQ!+W2SONKri;9w4X>S`9g>A;Th8{);Z~PB0mBUsS2ayOYpaiDfF^UF6x)>j
zX#I2^38x2pne9<L8YMhv7Ej-Cl-j37v3(-d+e_-vuDi#*{PrlzI@r_Pw40hp)_as<
zMXJfHj+;U*({+jdmDEvguq8UA-m@TvkqrB~{cK}qKMd#&qH>xMnfi1~t?N>mCi*D0
z>Gb@;<Tp5YgTp9Mo5O&|s^_}pNfWa%teReEL@?rEpP{)aSu=f~*4mg<Q?M$!&`CmF
zwtUnb9=K4qTP|8Ar-&pu+YNqMH0}`zu0M`jz^Qgx9HYT;uh-S)9x;Om#vbQH@W+9c
z%Qtr~PQ{gq-+5tX;e!hb{n8+C!3;Am08(S3ZtE(FiDlSAl{kD`1v%&J;%c`kgwqKY
z65h9kXqH4sP7B4N#fzjx39cZPCu3%8`;^?IOvej2LF4-jJe~cAU71Hg*zN$_GO-ZC
zzdnI^1Z<}P$aYHHA;%&uz~-0$!}>1NoZH69Nc?O%VXj`y5dQ83Pya4ZQfO1QdRA_k
zJTpC-QzUNsD+*F~`+du{6=H?+I7kW1S5f4lJx~r~_gP^Wx_z__m`B~r{ka^W15o!l
z%13ibcO#^5JO;ia`2BPs8MdnR<_r*-v<hbDSP*gb*`EliQ+DNF;5aQJXXySWsJ|aL
zNV%66TbMd)eM`gc{ch=JG_1J!9{$h^r82o<ynlx2Jg==}2)4bn%#1ZDC>(~b)P*#}
z%5By7izW^+CYg1MccSZ?SHHd)al5VfL;JRhaOzmRuhJ2wnADJ_o1+uccl!Id^$ea8
zp!Yw0LJDH#vyo>mF>_w+-%Eg-{}uf6I+T=!BvB=D#X?{`l`^zP!zO$BFdF9qz4;ls
zG_i)nw5;i)-D*AAVzg=jY)O`Dhr$j|(Ip_PP}_i3_z)!v_oiAhx-CYh7bIKUdrl)L
z8+kF{fs1_yP8SJsX*Wi^n!dUR5B86^;J51nv#~sD&^@g@D#8QYVYQCTYlOjH1r1GH
z?%LhC>Vnk7ojDCSAYxvf>|TQarAIW41`-vd&9uB}fi)G9Hb}ZYHYkh&VQQ|R)ZTEu
zFbABWdL$`iz8809QIRJeighuH;ydC^IJjkJcqN4z^xM`*Fer`L_l#7ik=nHV%M^6h
zq?Z2=x+Y{(Kt{#NW6haQ%N}dPwIa@CVdxV7`4)&p??$r1T~Kef-vhe90#|x4r;sNr
zRo9)3+Y;prl}}UQEG5gD_7-WQ$7a5ptk2fp9Q$%N<!&XN3mIsGZ-9pJ`Kf{F(1<w{
z&VdGKPw#QY_R#51145BR^O_uy`Dtc!WosR4*u~PRnm?MWmX~^x%-X`Raq$sXrCWFq
zqBmA4^?-#j6wr@lRBfHpe4&*MX%i3wC#B575F=;-G{8-fPO*u_RnV3#qfyy6$oh4k
zOqTm3X5>gi;H3)~y0h;b8M2JJxj*k|j$8w5w=6J-3B`IUfh0?y*$ZEo0hlG46;RdD
z6{fYNEP~vWQWdIg)hszgSN^0}<Ek<`I>rZ;BHBEka3pV-2f|TAsCZ0=@6F3$g6Vel
zn-)p$M=@@PmNM0Rb3kP3@yriG(r%&mCjA@_(uAU>Pq!sV7b{nZ$32XudB*@)dEGMv
znRUPx77JO`2;bLo?J2Opx?QKY%=WY{8ZxrEZZn9FUv<=}hBl?(+cZ!895mbnRqf~F
z(;_{G3rRDXGm2Z!8Th%`!tQMvoRc`WX;jo$_Eb)>i(Na#7#Q2u2BGy$ZeSOy&Jyb7
zHC-r!TQS~_vOZQA_Q5FtcAJy!e_3md7i?Nfauzga17*3OBQR0JV^oUuQ5tb{$$P4g
zZjUjzV_r){?pshbPrI&JP8N=+&TlcRWp!{u%vC)a>N7rc)U%e})qV+62B8wQ(5b6O
z4OW;=0dd^NlP+pRp_eRf5eEB`z{}ZO$A&%4Y1`bW+B?pIP1i`@v9}$qM6qeb!PsCK
znQO7eTPHuz3=XNVn;p{^={V_N&p&?q_U5$~7-&q@0pT)$&v{|m{+sO#6lWqIW_L$|
z&)0WsG}rBZoKJr~ReAK1`%9Z-nl6q!yXC0!YA9HYmJ}CXw^IXA=-E?YzJ*~&qBtVx
zl$gf4Q#hSeVdUZbqggcPByfJRoibcYR*lc9Fl8SS8;i@=P@^Gwu^_%xm>ot*E`-_O
ztij&JDNF|yrsKKVi8XS&=Mne_zI|fjnhB~%&g>(uRgBLzN{mpg6m*o4-nq^{p|@-D
zgGuhji<}1yWiU;YX|ztj>B$>cYCsD_apY1c`YWd_C;W_5j`8If#zdwh%;$Mw>jgx`
z?O;+bfX4n|ie5x|u!m3Cr$|$26{)kg4k|%)0eeBDN*&sZe@Ohyl9b<=E<e44MKA(A
zUJx=gqHewNGjjhL&z*Fhc0^dFGu?OWoFl-FKKNSO3vlx)3`*WDu_Kv(vz*bR*QgDa
zns6ZD5I_FnW~t8zBNThyGv49sq4ZBGBT@PE1#WDjO@v1<p+cV|pA2;rIRNfcoCVlM
z77Gp^n~|sIxb36<-ENzkTNh1wBq{p)6s&GIPF2T=GC2aIHyI<S_~W-XC$xJyA;k_~
zAx#`L3v?@*h6`-8M$g*zYz?l>cM~j$bQ6dkzuP)+b?0!ar~<JqGmA25@V|c^cA}{{
z9Wqs>NZLz(WIcBqQG+P*v|S?QA*gAMq=d+-Q*Z*2*cj;#PUm#vlb4rV7^6J7kNhOV
z36dAE58e261SBtHIUZifGMpfD;1tyN=h#u_7zt901ZM|kIR!q00!B>7-!DJE{w)Z%
z%{ZVTj$Q)%W1B%wkW%XlZj#HZAR;Xeh*>S5p}cPetQRg(O-t3_`_-CAC-wt$i;5EQ
zoEbVWn?({rah3-&Y6P1q`VMtl!k^j4Wej26bA?L8`yY%KBktwm-I#MVfqj|(2kBUo
z(9dwf5yD>ID=aT(0e@aMkIgz`n1V{Ed84gJ%C9hmiNYOCu!w=B&aX(~BVYgaQ$<P5
zU6Ism73xh_5pe2NVcvYuQmGjlX6SZ>`<;xXB0tXWAJ~N0o0Gmq;Zm_et^(gO0wZeU
zDVYC9_W3RJHMr_i%C~{ZPYn`JY=CL1u?Y&+AsmJ9<^Nl>;GrI*zC-!|#pIX>O8^ni
zAQRxk8WMBiY(*L*7S2yQ=ZgTs_wEAp5r5*a-B@yo0cWBE5}iff$@?m0kDG(x0X&`(
zVV8~J9`88IC#Wns4SJM5L_3VZyv4y+&V6IhzTV7;#RA5)NggxFl|4!i)27<UHdVn=
z8e)sW=Y%aYBwjPe&WpNHI(Qgc`*S$cE@J%76EIc^!pT`F3@WXdC3?sDe>7lvoLU5M
zxlF7Fc3xndMzRo{9My6>#T&K}?ETX29j-jcR3N_;hp{6qjJ<3ma~Za;gKNSt&}e4r
zQsEeGpOcM+!N51ugwRArWWmSZp`9wtnSSa#Y?%P{$5lJ`65?sq&Ph@|cxR8rnc$Xs
zBs}kSEfnz{hk^}k5}*!XzMij)EP-ah%u>VFPmOvr)5w_jQYFmRGMhdX2~rKgKE?rr
zl@6$b%_EzIgPpBs-w|fzw9+ydA{BxGm*+Cr>kMwD1y=J&x`bho3a*AyMO{`f{huN$
zt#3D**_8=?EDz){Y&&}-rspZAg|T--38!*&PQ75ffl;k8yNPVvgW~q1wRbRhv(r<o
zeI-GdZ<h@JoD`lgoqV*(Mq?0PGZi&lsMjP^8zoijBWjY^(_XH&2e&dM3si#{k|w@P
zz(q?^(^&+DFh?+4Z)b$Z=DR(4h1MZW+?wG=TeVS4z8X%U^LDy_#iIlIvO~D7gbHzJ
z92y;F%E1j=U_B)VWd9086K?cmf8*{M>~Ky3y8yCdJ*9YHr5%ey7#PcCkenrb5^1U*
z^<m!WN#9eD5jz0i^9@|cKA?k?=71G9&onaALOg9UXNQNPI|%dXfG@IY^=Kp~*UeK$
z%=)*8mUV27lP!PYt)x!JUNKUzTXcv~TNT?$#9adL2~r3)5L<oF@=(J^?(vw%5M&*Y
z?RXaU5c7>D_k&;?b=k{dRH|eZ1irMAzAnyTy|yavm<CM5u{PHzV$<N4R_H7jdJ`nn
zxaE_^;H?|b#yy=0dq~Tnc}r1jX&&?Wp-j~#)6c(mZ((W`5mEy0f@CuR&Epa7i~A&G
z>}pM?S8kP*$tC=Ve0Y@zF1$?k#f8qk!i2P@%=NrXUR+|N-B#7Zhk=EnPie>AELY8z
zn1bqku1q;HmS{fezdoQaoyyNkiLxx9TK^eW4$MY{DD6$oZ&M>GQqwHTB6J=(j@&xz
zk@Bp!Pru(>tz76;C3neR$&iNMC%HJVMBz&*hz3B;?p8+81x>Avx}p%h6MLk|cIDI(
ztIK&_<L^ns3Yn4)8YKOSsc!1-%mHetqXE>Ls~e66g{A}f2irHqlpMN5u_Tjl6|E&*
z^78LL2xl*q7l)FH-G4r}T&RkBglv^&kFDZ5y+FV)h-O5eaK+=APbq)l6eALv+*OC1
zlBtM;5i1y}!O9<VLzD;}L7!%|+b{|eMC!&S&@fF#nZq&4*>1b#9$zJvY+_GLg5M$w
z*%zM#{R~xO1NZLSjYX~W(~KN>_d=&f<}{Xs;Ree`H9~Et%W}IL+QK3oZmcl|60IGN
zCZeLUImLkWd5&_LW1dL#o4?5W`ayxa?cJ|Bopt@t3T?;FSGcGv1kT7-n9n2?;R56E
zN11GC1*quepu57!w~ry$s0c_mDr{4VM`ng}QDGae;Fo-8@L%l4kg4blq040|0`?t-
z=|m3mvU%SboYx3du7fz<<k>OER&QxlU)|Gw#IAyk?Ffom3CMF${*Y66B51kDvG7ss
zyBWUK0<!sp-&}4og?^n+bpkX~_%M5TI(t(`$gsZOjKGDpbM6A@Hnd?BKEXZtv@j4O
zXK_n--V7EJlH>_eHn^ZW?S6rLZFCr;AEUV~f(9FA^twkYw;<^QzVM@G>^F?0PkE2T
zURH<GQVe_<(EAn{#w~8}<uJCB_D@^DN9<G-7ESC*a4G|vX1}mG=L>^0N5Pr|_HKKG
zA1n6`uoL%DV1U(D6gtEV&W-vcR|`4f<;r2c-UOmrvS8%sIhqbgNw;kTdZZwljClF*
zIcMQ2caKDy)G>JLmU%g6&xo>HLyX%f2wfdy&5=}_Ios0Eo;B)Rrm<dSpqMSnKJ9kB
zPf`7=HN<D@Di?`B>u}mq?}jtPn#wDmW~cmhKy|V$RF(aN)-RGCRz;?-v8Jiozn^6O
zxDGPD`)G*jel$S4G%e0d3w2Jm*FHkOnRW9zp7P}&Q%%xjTI1)-O^qrAYg0{9!(Ve)
zzosqs2@K19k`DOSX_Sv-4K<AqsfQc8+;yy%e1~;Jwm;d#zowIZFQ$s=vm4p)^nkp_
zm+1SeGmqLFNP)u3(jndVl)Ws{UbQCf&6ILEn0#5)Gbp0K9txLdH+Q(@B}NOg`AoA0
zwh;lPL5hjCeRm4witbV675%_Xx{EXYB!`O|F_jOLUcD`tZ0IAv<rP&TDP>Bc3d5p2
z1^CyGY*UWm(8HR`z2pjmDmy-pr}|NirlY=cVV_)8XS{9h&$sOYR}t1}nLe!(p?w~2
zxRt|Ng43Ej*)=qS?eHmmy)NXCX^^>BW>y1|k7b8^ENWe{vl>qHuHPe~TxZ{R)~=t;
zaL!}8FxlZ$V&u_E8xaPlPU6&!tWOhSRzZQ;2WE#c*hq#`5RbRqCz#2yy+usl9&f>U
z_Ajy?ffbWrJYZX=*=Ba$0{&3r2fJKMCKEw{<|tjxfv`(WblprN#z(&F;uFa&l<9n8
z60;5OGUe+8ubTZ-5|n2e8VQ^<O_<9UizRML=J#Z8qhq`>btG2F{?xV(kvO026B<Qh
z!q%NgsmA+s*ta7woo&964@{k5>^a4RaH@sI<c1z4eRSDlM-^6lfK)`9;8@%=#p&XO
z#JhV5+2co*$xw$9>S_!-(@XS8>@jd9vqx(;HGzRuqtmJkhdXNsD*fr7J8TUHOMhg8
z8n@=l%hy16hMSA@LXtcvSz&9EbvBoV!@NSv7#<;Wu=*X@S{PW+5+z73r3z-cWp)kW
z%?17oxm+CDFR{`$hX51DHo26GX0pSrwvLtCn$!!VhC?YfN^}}&kK!3fab05VO#mf;
zclv$a$vm~tU_;DU=vD@qg?z=8QTl)ih1#5r?+cz2wkUSFtKhK&xm6V2U6+kiQzam!
zk<{{cm|k|Qhk;2#WwN!yVAOO|F0avUw*&^0?MkddwoYveZhao|8o6{+o0m}Q$=c~#
z3G&fkHR624_?tmp2~RJ^H_vWudl;Z2NjBY;p!1J6Ho0gkU#RRZ#!GVrTxj>qbjE8j
zxC%9usZ8*TSpvd**yvl_bILlagpTvzW1LP&i=>OIfN?dG{Fa|`HJi{2ws8T@ozmI9
z&;n5p+B1&y7(By2PM9$IA{^8T$>tyyWb>s#Y^Sv37(8Fu0}ns!R1I_o$piMh9mkW6
z6iku98k(wbe1!({TBC`Glli?pbII%;=d&FXNF|K8Ku-V99TR+RgT5iXhs|;<-N%FZ
zv6Iat+g9aX7J1Qes%qsB4pULRMOr(>*h^PY{<JEo`%P(l#zdug>%yiiTTUG6h~d!n
z2kdN0a7LDiN|>>0F0m>xX*)+?RWiVIG;@SfZQmQHswCZ+&3Y*gDK!Zulq7u0u*I2z
zSZxs*<nbt_39=h6g+qx~ciO)8s5bP&Vm3#m^VoQLGSx<(y2*Ycr#>nvkq7W=@9$We
zmV<Y2qOXcQ(#B<W9<Ji>D*=!66q$;`<mkbZ1aMPANgxM^1=DzYhhHzwNOccR*5KMB
z(Sju$SyseUX(&NG8G=a%Fk%{ak3kGkv}0r=EvF+&thRD&IS)YlvCHIGwIu6P;Gx}n
zbdCVCU{j$J&<ItSN>X2X*d3yxg27z}T|9cousx#Yr<}h7EPD=Q?_cJ~*J)l%L=Ylw
z-Gjt}JET$^k|J0i|M;5&xZ-10by%qx(;D@e_D=Roe6cNeR(LFIpm1@LFk@8ZkCIIH
zHdG^ZSp-d`cl@>u%<9~+k&?{m3HDA>eGbh5POuN*!Th45+XLh{+J|E0rO}q{u+s1&
zp8Nq0IP-Chug4Fs&Si-&^cH8873%IPODN7CtI%8AKh`J?AS?9Rd|T$U*H}(fp||*i
ztWmr`R;X(ArPS)$JYVLl<X*E1Rh=tTb*@l(udGpCp+<Ry8s!yg6fc$)syC`pbFrCg
zr5CJ2vHPk}y>CX7$IX(~JZ@&xUht$sd4(FK&NWIU1O4MSPqYk+4c}>4=Uy&w1&3!6
zk6@0NFswaI_qNF_W#(bHPfi>9ipq!<c6C?LOu<#*#4$z$4zLxYR0a9itq7}9;3-BU
zD;aZp`Ane+gh9i!$H``36kyUurV8Wz)4_DgHxuk+frqI?eDPUpoa2`>C*JI(4cuxt
znp%8(#n}^+s+ZqT4&1f>uM_LvzGy&Qbzo*zGZRz~f4{*V-CExOt+WQ%eR2lTR{xsM
zwhuHDEEft*;zP?YJeCvHaxBOxLIPQugG4Rn4(D5;EX14qt*%<ixEVjCtO{aFtdZfo
zOKkQRQ}mhCjNV~q?4Y*V2Ib;V*%%@C>4f50)ai&LbT-D~I9KN)n4vk_Pa&H3EQ%^_
z+d;!<6g$m|g%{@p@YUiC6*F$3aprmbtSwC;Y5gu33}T%@L71lt;+87~r}&|6_3BZs
z>^8$fn&gbt(-^kSmpin!)KubsuJG_1RKI2N=bhbLNKA{RROk!WhS*o7rT#uG^>{F|
z5LPtTjv1!rWyfgnl<QtO>a7xa8;^`=$pFmV1E3U_{TN*hYi2rz`Fk6v_V+hT@x0Ue
zv<h2Wb6Dg#M;yF^{)G#aH7Z=N=K`h|AAhrua@8Uidl<!5M%&34s=BbMW|-lhP`-c!
zDwfLu62*7_3FB20h$$p8V$-H15}|vP$0+f@DCOMTo4x3JMtgA??#%SA|6>x>xK4(R
ztNTk+9w;qzm59AG@=-tDrGSvP3CwQj<Dfkx#s<bs0OE1^sx&~HU@V0N*+_Mw_lm<d
zyIBObeM)EWll?OKb};Eo{m73n2H@$!(67eXWHe!VwIMDIE&iocu~+TonA@rG<n6n6
z3;D=2QV|&2kaeVEC?B@U)%<Y`ZpXV*?mPO|=P~6o3t_jkoVTz+I5RO~L{NBQ%xjn#
z6=O0MuM+G-v!+C(5?}-K<?V`82EH;d8MJ@tVd8@S)uZ$=h4+FD`O!cr-W51qgo-<#
zA_CS4B0o2zwZfK~99{k!l)`4E_!>swkNm4kB%zz4oxMXcpCBxnT!-pW!~-jWIAA@s
zkymff@G`iwjT#?~Bvpg&uef1n@SPjaDN;Y@`q6eo&xw9G;WgD0UUY2$H;4-V#z3`5
z{upB@A@mHBKO<{06~G9(L#e6X?Q&y5y4Gi~vR_SW!jS#i1A9X~nTzz;>1Y0=-)H?W
zplFH)+fyoSzkmHD_+rk_XwA=DKWqIYP4a1ruWTG4F)>3Wu^y9-+TY1u?)`Xiclf#6
z36k@6d51bYOuKZ`f*X0c@`EM+a!s55!B4|KAC7G<<x=j$YW>WOQh1eZsY?-G|6SO7
z7Eba!66LSM95ocU(aDAcVpyLEMcD9vFedG7F1zyS`~!IZD-_M8yzBPUmVO&gX(M?H
z*F&Q~&$)h<`azDzrp{1*urfoY=i;H|7J|kJxr{ktviP20O-}U$$9iX^h5c&$DT3be
z>X|(GZ||l*zk2o4=+(;;e%`zs-5crU&p(Y`zx?II(bqqp;A|nIKP&WCb`n)+K`qp>
zv#d_w?LBwTS%sav{OQ*b`-Q5oH?MvQ)Cw!8XZQ2#H&tP;GHP}A?6~8))SW`>1O>J1
zEP+L~!U}4Y{pHQC<h0~p#tX<Gn9&z{m@R`FyJBJkZe9T_0&{|%x*?P~Ac3+Q`}KzF
zPw<(T=*Z4K5z`EQ1uW)rqiB7?*=~EXj0;R7KhP{}3tZwoKAgaoo<>Za(wY=d0K#rP
z^cCbI$|7h^$G*eF#p$rJ=-KM37dxLi=H+?;Otfy;JX|TYMph*P6scGtFk#{XR5XbW
zuHA+iOjCi0nJ^g(%VwxOIdU%qv!8y(R7!+O&;JpR9wwtTp@s=i-Y$qj{p?Ar47U6q
zeA2<fT(_(H7Z>e>hNFFNu77>`(lK%28AC@|kfDLUdAy~?o+$%032TDd8}+E!HdJW#
z9iy;+Z1_2-(%E!#|AIDR4q|6<ueGgz_E0ORg`07s!i6CTF~dRKoe~zR0|Z<519%z@
z3ta`RyGuEnWT4!);>2=gp0u3Aq#l9t%AokHbo^q8qKDp0QWn-g!!b6?Fs2DCz}ydY
zj|9h`6q`~}KiNG9g|n$J;-moO9;4R080NJ2B@itC1bV`e(J-+3Sj90+Q#4kHaGoIw
zrSu7#Uhp#qpA^m6{FH@{buDe8jQRiLH)Ja-T2DXNs(;}n=+UV?!LeOWB;17<h<+@8
zQbtHzSf3hJNy((ZV(z;mQP1{Md6CpJ#ZMrm`s9=dsnkBzOYPJ4y`9*2s@<RHg^M$k
zFmit3dO@|v@aF2(%U36FW?Ua(J6oFVgbO1aCiItIU%i?Aln9z5e@RHEk0oN>PNoUu
zbrOh0lw{ip)v_)vK*EQ{;Q4MR(KeAG8e8N12X}G>Jc@k)+6j(2wK7EILKE!_bk)FP
z!7jd>zP;rd3w(`_CJ}?T`0bb9-ppR{eVBtN=UvPcKa;-RzU6RZgljlwM6a2V?b<uX
zTw7$Sz66^TGexhOk*jgTQN75U(amg$ZBM4``ltqu-whfm^gVmM#l@a3*o43V<L;K1
z->x@UzuG-)_KAz{jgtem`SvmIGU0u?c;kJV-dw5)<<raHfG9C_FV@m}(+1V-12=Zg
zGy!UYU?Tc(E#^GocWblYR*<hpDL|z&%*RL_2(t}dS8y7pAXp8icyXj7w0<vQXQmt&
zCcfVfFPYW)mMF#0E>Y|PNz*|k%Cq~}wD-_q>>Js0Du4HP9EY|B^kX|(j_m}OZo<&n
zNsFe}x{|LRrJ?^b%*vW!q*Wflnq3_WpU6z9G>n$pH?sW}G7LL#!CFl;b-(#30^RaB
zqv)TQ=Iuz&@bu@1Lv97(5L^zZVt>VExJ0ioy$flwm3S5OHWGaOG7N|zE-3>n6JkBD
zJ%w}Y;O3zwgd`<ma4(&UlmZvmZH7aqUCKn?L4>**%sw|MXIR}L;1YXiFH&-n0A2i+
z5nK?l4ocD%Br~V!QK~ix(}9w@Pf*MF=&)`Qn!G?%WK$v{5=$kjJ=}9n$v69U2$FhP
zPLTX{IF@4toHZP%4H#cBaBFP7I%A(wOmxLgc2_JxW&|D&$hq{Q>qSr*Q>a<kM<&i6
z27<}C*Qsi)v*jj;ykbFSyXD63qM{MTr(MK($G06Wn=<WE_U#gPESpTbAbCbqGxv<s
zBgJ8cOpCnpDTW-N^nA-40E}9&boFpj_VBKbY=PDj`XH|`79z6YE>jx*UenZvHO^%a
zHA)-R=wwY}jB!#RQE2M!wjgTK91??CvQdv}V$!-QXZ9IJ=%hyc!h4U47q|u&VfG5R
zJ`9MWe&<#K7_>~m4T?F-i5RqZ=c#7qtxglu@)KT(1h6)zDHshNgl8OM=&4oBOoo70
zoVn|6@G_@><{K`81jM|4!NCHdNQ1lVn-3vDKIJgzkm}iahj6=qrg<Qf2ed-cI%BG?
ztAMwT*c%&J8yf=-xcGCIjcQ{N0zw0?;6h}%bAh48+ID4leF_Ap9nS$CWT#C5s~OV}
zM+-X=vbbV4BJi&fyf8-{ZL49nOwOqz&cHAVqfGtY?3Ua_gZ#*Ty3qp*g6^0YoN@4l
zhsN>cW*v|wN5?SI$e`^poy^CK#zr=J5$)PpEypC7?Gctvmuu9Bk70^V+;Ctu2xy&T
zp6-}jmN?W{o%{<$InUXY!9BN2u|^8SjaU;PGTVR_^6-jFBagyf;VD4fny}!Clt3AJ
zjWWSk1U~rC3yo$E$j`chG}BoQ1FoYQYP+M$jsSyh1U)<qmKW?AtwklC)ShOr%uts}
z_jewqrng7}^0|FYZAR@~eQFeKQ4M%V0GmxX)dnFPWg*3~&5<E?bkd-&Tp+gc7+zvn
z!CGK3zcCcIz}fP~2oK{rw$gi-XkxVp?@$b7cVb52<Hgo9M=*t@1t_(KZ}5#qo9^L0
z{aFwKS9@9ph~^w=8`i&s@g+Ydn2N+uN|a4Xqa)Xe)Ad~3a?9r+qhN5_AZNjoq@3m(
zi2<}np$Njq3k$ZlX&vSuY^Je=)OoiDS~d*^m%bQ|vsg)D42Idnpzt0aF*kfq|JZ>c
z;g@Zm1z(tBO&d-woi=-yfe!586y2iS%>Ah`lg(eWj}sy5%}g9!uxt_JH)>c$pXSqc
z-L3C*Ec%IqQ1pt?D@jYH*^8$LSL;bHz%tJib{c*Jz%rv=Ib@nLP;RjBei4X8qe&`E
z;Xc4%$Wu0bf)BVVIDuwE0^iPkB6P)8*M-Op%K)vnJ=t`aUzS0BedK>8veNdPh%qR*
zR?&uqt}QgO+uPYiGwJTfk?l1lhIIhblWl+pb2`(RPZMem98fcPaE{Jf%20{kbC{aS
zsM`rA-H5!we~g~j>*o_wp4%94h}n7M5E7mMM$gi)%fOF))mNC-S8q(SC{>B0?(EoC
zz`u*&+=62K+RNeB$e<K)JlqzJA1CLFyN#UG?E&hQ0@RuW6D(s#jqob2zNI^zS4zaE
zeZs7SIaA?Qh|Hvs4U)2|m;g89?+Zk|8B36AB5?#d7=P&$fb5}3a92RaK0Egm5Z>V;
zSNHCu2{Q=t<P;!GF>k`<iA?SczHOpgOGX^>R#gJ~^u0nnYg0)^uu~)(4Fbn9O<)sf
z$WQ`fCpvA!=LA0NDr8<GT6`mt`VKv|#%fU1g?$Q3ausgd)`)96_kcIuV?cH{i{{?I
zw^++1ShrIId6j_B=wMkOV}l6glL&}YI05|`&xctXP`L5)h6)-Bfmztvt~zMQ8FeXT
zV9CD(qQz;rn$V_ROH9V;sEB=&A?rvx?J7?n5v&%3M-NQ;fC|%UR?t-eO$t!ZDT?EQ
zO>%b19G4X-_h_k#qAfraO{ZarelOo5L80UJD7=*$P(%!utp?&8GY4pxfQ;92dx;1o
zDTdhV>6|rvCgYHxV=KZOQ}Fpy1fUTJh?)g7owyldpo>0=c8APIa!ky!kmJ;t8l;3_
zB7ZrPY&_zE7laBI<T1xF&UE2#X{>3$l8DDuUI^mhISax)UUHLD6Yip=6OHNcDZ%WT
z=-$yh6X=H&M%PApdJ}QC*4%MZ_(eC)B&wfb#btQ(@H7@u7Bkn2<~Y1@hMDMKy|IqZ
z6bAJHjS}gp12U53e%dY-iRh)%!X)=v?bboI)@QI1w#;4NSX-R7J!bZ+H@VgoomY2f
z^OjJCPeByQx{w1|2Qpl-Hzq0Irfa2_%+ZgGY2R<C8w?p5-#x6t>8p7%dDm)v0r~;T
z+%+?U-DHlmxJ0o81@#nj{3*tagN$lEx0n3%IA<5EAO1Vm`@x4Ld8M@=R-8|poLNOt
zf8!Nutxy~$WcWi%R<y-ep3x@b1p9r2T0KQ^uL%jGy^NYKEhUB>9Ustxhe|9{m7lKQ
za%s2oEpc~qZ9-pu8vh4fsIEjsZY!Of9&7$>!oR^_=he%XkGfty!>T6NjrpN*0a>{L
z{OP+W9sjt%xO$Y92CdBX;{ewa-Ik|P-#$0v#{s9)9AJbxur<0k&1p&iAe`;KPV>`j
zs9c$O7ZXwBkuxL8n0w4q*t~!;F1h<&LRJWIF=4{t1XIvmN<b}MzO*H8@XsCQJL2OU
zMc)=<!SQ5*@tOTOv;IIHMfr5rd?QHVZb_?`XZphy0SU<Us}otaIrZ}VfN1_GUPlyG
z{Sw*PC%v?(B1%BYMItCveI=k2T2pfl(vO>fnJF$;iI0>O_#lKWayDhcq9k2&c`MVV
z!TtNwoA)s40yzfj&^yg4Q-@*O9AM^fz`4{!6w~W4^Qi;A$;@?iqPq#j%Y&nsPdL!c
z?;VKmUV9KHJY?wWO5?_<p1J4d6d99tn0VMrL@u9b2`5Ms;Sl3uw{cLHz_bqXuG*4>
znZMJ-eM&dx9Ej5xXktek8E^eLgk^My`Bq{UM`$5QsT`Tr2op&OX=;RMw4^N4Jee=#
z4vRxEF*}Q+Q@B}?L#cSJnvEv*-Xgd<&hcrOB}A}z+W^J41ZdKg>*sd<p<xzi_|dn=
zIVqUz#{u>h^VK5@Yx_9RXyynh@_@nQ{yBk5ZgbLPtOqPy*9@<pe$q(~c##&b$#jfi
z7G{urcLpJ7K>lqY%?*eYiiEMMYKg+nnUglckYsYS!3bReIjf;_%SfI`s{!NCvp*s;
z)haTyc!m6?CVw2A;!F-H0d2A7W)I$pe^!5HE_NDl`Mjj@@&Z+uo(ugjfb@W|(>lkt
zwqq<Xg3ejM<&l4|%#d0bXGtkQOGbs_Gbx2k6ELEK$$~?~WXcS+WP3Jfrt&T`@1%Xr
zM9-TKdq0vyz@F~i+Y@&G-vb*~uo4?TKVDQ+czU$DHRT>w&-}hfl2XOw9@pamoAt&9
z@9|J`RdYN@ouv*sR@$b#gend@p;qw*kbEo%F1rY%^GL(r5fC`YESF)eN_2C^)#n+h
zzd!`unXUrac<L6in(UL*k$_MC{GDCPess)GSYGz>fElc_Bs7<5_iuT)WUle<n#p7L
zZgY8pZ3~nTqE8<Zvhi&fhC{Nu=Qdj=F7>vxqlw~-rE!Q=-T~i@Tu5j`RGGpUK>H=X
zV^WG<qVmJj{X+AD%ai2xLrOi2rk%_utvfvW^r?JMl{lWXkXY;^5auhibAxd4o6sdb
zk+Pm{P;|y`VYL?A%B)|kGiY^MPJ1tK&a5x)hZkl@EKU%0lKTQbZJR{ox-%0WcA3UU
z?*|suka{n?=*>EhPb8BW7L;aZcA!~;WDFb*CRu0Jn5v>K)meLLXhQP|^NBdtkK;+R
z7$CEFbjSw_?y8N>)k=iIr7&wxfwB)pIF=Q!h6O294O6Qt`w6FL-sw~5CnFfE&7cx{
z(T`!SM*AdjP<_ginj{x<Jzi0~82;e~&gyoDUj|-Kb|W8gEyTpwAUzNuF`P@TnO2-+
zihc*jaw_B?+cL$Utr<QH*^l$Z;4SC(1`jOSFl_?w)~LiBv;~JNO6<DfOPGO0SeT@X
zhMmT6!OgP;?+V!TuPN?40;8sPM{$tRV$rjV5Rat|c7-;U_h(KmKbfK|I_m3ctm~=<
zx7|jbj}WGs6^U46j7iw*Z~&Dj12Vbg5c<Uq)(Oh?`4&q|tN~(g1kk5?m{v)^*pkqE
zv>E2H_|fD?TMGHXcKM`1Xh7}BcWh4@)}GS;6VZB{Ap$>c_>}7aR|<&HheAAoH?b3a
z;d;A!*%y3&p$KABEuyvp25FQI86d65R9%l1qi6Lr`b1529VIh4@;W}4?OGHmzV=8&
z>IG+n0N-V1ic;^9HYsN}!@5S-ivb`#)U^M4n750K2wbiR*SbRP%N63!H90uC{Sf?P
zpbkV<qttp!`jfL4WIdiF5L1T)4&Ad|LiHpu+oeeL5hZMbeWhVjDs$;jh%z%8#v6x6
zeM8MQrSVf1Ohqh16&VqDrigPVkYlj1AzXV*%g=lXQ4v_4REW2sYLtlcQW^76)y8Y{
zoTENnY{zWxZLsUfVAms??-=8>7;KX{PvG_`r*v}JWLfBlsirDnX3pt8sW?I+O4{M2
zWDID5TYN3@umRT%F;<h-Togu~9&e@5K-ZZfq2tT`#%0qZT=Qh8+UnphSd2V#u?{h;
zr&|N3{#e#A&rg{Q!jo7{KTbVAh1Z%-zo(30G+__2;e^PmLlToe+GxVGACS)s!4faH
zW1w^oXqkMQ(T*53yJH)U5sqsL6)v2~jZYgzuZ0|_V5E*$5{~i&<ZUgQFK^q$fNyP~
zQ^V%b4*l(8bF-UjlZC{2u;l;SVleu!9E@(4>X?w8{aXUD@zPp1z_i(E<mAo7afDwm
zdQDLmk>K?LVoMtk-)lffH8RYNb2{Tciy*i4$|&~0HW{bjaJLYVjoFfqLCF(?CcA_H
zd)i;ulcZ8mG5k|56#|zBgW1(xVDlaZ2NrZb)s()2A47Y_wE@~Kc^h4`&Pu=%Xlzm$
z)j`mQ6QJ2Esa<0ZYuNtI<-G{TQ&T}o!8ET$ithI!tYfrwO$4_YjZmLTQrfvLaSOyO
z@S0hkVS+r7y^pG~)NJG68Pk{vQXw<Tbo7<n|0JUv#ZG-xneK>8<?2{EUaMVt<a-}8
zaiI|3rm-Als!1(l&iO`a4w3})5!(k%u0x&R4BGkGzvr8in)2@&v1>;fjy;tWW?|na
z-8T5XDlz&uA=V+9lX^H-Ej7-kBMCt0u<8&dzaNINBuFb$N9QGM!_DeY>P4&7=)4M2
zv$!N9+Qp83Slb+s|J|eTvNm|^lim->7q;qq-w)KBNT2DdQJ)Zc5hQQz5ttWxcyvvV
zMrAMsLBNGWqFFD5ch@V?Q^&|XnmVaRpjRZk=+ox+J)Ab^;j&li5yXJ?2v`GSf8;|I
zE300ZJ`X=d>t7bjVGsXzRH;vO9wU8Py#&0zePH`Ud?@!w>$=qV<~6g#s9-M}kZxja
z6Y^IOJFl(g9a)B7Xq(H|jYVjMQ59-0|D~Ti7>Tt5kN#K$nQ6@-T~8M=n(q;48N(sM
zs8Yb}wCOmWbv_Lk=L;Fe^MYV+9G~<?L?0F6DfPA0b1(E@wG5j!?aaCt?^0nDoM8&i
zFa-<l6`Zbf8I_Rz(vL)`>h<GvdMAZ;%kHPqGy(TkOE}FB&GJx7QM|YguU^2aX@j~a
z>h4R{iE{DYu5FiMio1Kbr*rV-MwaBxrE${NWD!FFwoXdAB7vk)@(z<l(>Ec`eXUuA
zkxpRJ`yH0W^E#K01@0j4ha^|=hXGm>_9An2c|Y}S!=)@JMsBltl9k`bm}v@u;o8Gt
zN_v6$q*$Sz>Zp!gC0c0rtYMdSrpT?Lq~Ph{EaxS*Z7aimN}ta}2a6)1a=N}TkKTnC
zU(^A8vmX(2sHVz{x8v((-;IGAPU3onXj(TlNFnFubB)@5aHvm`zmOvtP~H)$*oMQx
zx<k^exhs{ihG;7SnZHNcn`2-WhYegt#bxwx4C6{5P5wa#w4#+~c6cig)kI8u4prn$
zg{vyPqMhr_FW`2EC4KSX&z`BDkV=-e*bgjCvLAxso>>N#GI+aw&Sv`8CsEkdd`3GR
zko$xfUVWnXcAxf8w||oNl{)FPS~ZN>pFFb26rv=_J%SoGt>{R8s+dQq45Xv<e6w9I
z4`t5iXK@t+-3yY~?FT`ufyYuPGd^fD$F3{NKsrXI<&Tm5eT|nr7M!l0ITog*&Q1I%
zRA2g$8uCKN$jy<c)8<k8fzl0ekTCl6Y`1vywW`FJniI}~^WxdT9~HVD&y#!1HKMRI
zI`(4a-A6A*c6LyxHoZwyTu2%dhyV&fo9Kd-W-ByG_m(Uqx)C`;!9OG0DVQ?hW%`7?
zGW0@Xj!Y{=FD$PcJ*qM<d%RKxFV>6qSXaOX;$l9*rEqG~>^)gxMii1qLi{o>HWR4o
zO7O*eiExb{+GY6Yi!(D|Gy4iM=YK3@7a^|l9W2dVP#|_x*hGwR4W*qd?Gf~rJ%T>L
z9>FbbQU*izNxk4s63i58T%w8aO))jb`3zgts14c^I5^|@uG*k^@e-N^0j{MWym%GQ
z<!C{e+6`)fX!AB|y)?w$uU~89uH%*039zRa<V3iT_BA0HzG$>g8=10Up~7S`MU)+o
z!AOgBaI3Mqg{&kLIw{sQB3Xm)R1L|)b$VDrKa?QaL8Ja%4t_sj0ay;6{2@s-3^i-e
z@cf!z#S#glg{=WF`HY0clSD6PuyJcP0-QzbmUtxTp;WwwGhTZ*dGzr6J$%XWmMZsU
zBPK=VsIQQXaKvqZm`o2wqe&exu#x0Jua$AdHhn2!rX}TRw6Qs0GHw;yEZIk*L-(h`
zCD?(aC6~u+)bVR~BU;YF*nUU~mhmi&V;jnsS?H4Y@6o2BDU&C!&2`u8xK8oAW71Av
zwS|Vnu!p0giP+=eN|GRc5mLwjIlmK=DsZw=%5iYL&8-YYf#pVrhl~q&{Kfy(3due4
z9&;UdGFstdqciUE(|9EX;Tghk&QVz|C=&jUyMk~wd`n-*bxe)Qd&<0dkJe&Ipoxjm
zv<+sf!Dz}1F5mDprpc1*P`+qlAM_j}4A67b%=N$^%BZ}UNw;%aouRdOoqmxI>rvUS
zA!xv?O%uMwYF6@%t`k&xNTz@}<6xp6boDZHc7HSimiKou)HRC%J!dky)sWF+qo0+m
zT;)Mlk1!9#@ZC^$&Z3%7MZnH58ElHx*Mq^O#{`$*dQvAn{?gAa|LS9XQwY((ZszD^
zd5-S+5m%*W5eQ2#e5(`M-nmHv?<BUvr+m52oo8vihh<@XphzB+i%e@AGK2kQJ&{%A
z0PQOBnE=g-MN~9+8>4Ysl|88&C&gubiMmgMWUCc6e~TGnJd7$5q>)IEXMCCh_*_s5
zFmYZ!k-$EVyA>0PUL(x+7`w<rh0E|o&vz`-^e87Mh1r52K%XA{Z$vF3GN?UWC`86L
zs6Bx~HN^9`PPm_RGO*>ylL0ykWq_7!10LwTt(9&2qRNCz^nJ6g0kh7)475i8rau(0
z)X$1K>3P>KKcO?ytEkSQr!WQX;BvXyGKnadq2qS4vgriZqBdV$td~NtzTXDObSVnQ
z{rKHeTVI(0z<|;97$965CIK-4wgS~Z%%9Q^oz58f=q)in<w+AXsEct|f3}-Gu(hB`
zR1Hj1nU(LhT_Pn9_buO{qF4qjq)3J;0t`k65&er35yL-hyYcFo8=_a(IZBqBFxIe7
z90OS|cFWZu%mNVz4X10SD*c$5D%MZ%mF-M7Vrr&=o7WdMYBZ{J)X3fqPR5<j9*RPw
z|9Ww$^UoIBE;uQuR_v@$(D}0x#M<+N5SRS?Adt`C2O%me81h>Lr2B>aD9B6uQ7Faz
zC`d~J+fd%4ycGIwG(7UdTxhD7D{-|v6*>uzk-a|0LKy7F$mugX|7(0-a#yKwG@}qH
z@_^>$9gr#Pfc8noH6=F{0SC~x=P$t&_BWwk?B7JV#L{BNi2j=>!ASf~4Bp~zLa|6$
zV0HAvH@HNLz3a9#u*P<IGwab71DiDJ)s;0KeOQy!c{Q#);7@PbZ9ks_n&)*uCcguk
zaZWI$UzsL1XnfJ>88=>4RPH^09DL6_#_8Z4`eG`(pIBAK{SZdVbjyspC*1yLKN^kk
zKg9Ca`X3_lqW?oI>yjiu>v`$zs<)?`{#%^ry8jkU-TB|*Se;lU`@+Dz`utsZ)aCD@
zs2+b8-fI{0?V?Q!%gFIoIUZxLO^!#ZTjY2Q)rDhG7*cWww^#lVs+V~rfO3vd9}e>+
zVktyr8>Vycm3qI#VA%eB1h3KG$I)`3S>cDJs2)d#vu}-imH8iHd5!*uh&09j5X;7j
zxtY)$0C&`@4|)r{RUCxG*f<`jF>ySkzVE8Z^JqCpdm59jI6UkP5j4UjZ*M=|B>Fv5
zRSm212^aTT<K~PY1%j{@=Tu!CgFW^!a=LXVrTtoN=}IK(hjE<*BZ&eNRik-#o5Gi7
zLy<5_?%~gvMdz&al5bIfrpPRKW*C-mg~Kgt51vTWXOCi$e1l#^`nr0=Nv1A;HNK5c
zYL*?z8qfFT9KT#)(3xUw_6f?{=l>K1X_Ev%38gxH0`J==a2Orq;64rRH(&LZa_V~d
zs$l<Uv~Lc3l#k=@rR1=Jce$!vqQuOXGV?b1&mI9I@*IPTf1GtG{-S_vh#PU~`0&-m
zp(zIMmB3QBL|J-O6H44Z!QZz}o0@<uCD}yJkDj8#yg4$eQH|>&7JPFMAYnv}Uhj0e
zNxMatPM3(Ptfe(qM3I^b9?;5ta;Xfu+6yyVmVmK2Ol0imtY;&VzPC!tz=84}iaiYK
z5*ZBCk^E!nQLdR@(JJ+5W|3G^$W4|5d!!nrqBTl?*XT6NA+!VHtCRgQ_day-l9k{@
z`#pa_l4Cb3A-cp7vbw`UL+LjYdNJGnViuUJ;;h?KtoAsWWvT3Nm0KEreQLUtqEB^0
z+CGi@dw1hSpZ0m($2qZ)chxF0^jLkOy_AUz%DYW_$;4l$*IQO*E6UP8c=@EItM<a^
zi#>|OTr_OTtYgrA4AVlJtQg-J$1Wnnv>tyPQjv!$yO>>a-5i`GK3JQl+(g1=T})L)
z)mL(AwtG3EHhLW2PU#j2=rvO5Yl&AX4B0l@?22G^<vw2a1Q52us>#p{Fj?+qu-`&C
z9GF@c_cY9W__y@sVYCV^UD1;GpJ~fkchAZvSQGvCLP8zTqu~N$*WvWK&cWj$PpgUC
zR@o=0-6V<>%c*jEA5Q9*I)b-*O_2o2t#wl-E`}L%Jgkm)g9*Au2==a}JiiUCrfAN7
zMs<MbWWJd*rs_cY$dqG02z>kj{W~h+6|B*b92v@P*IF0D;T|kqYs$Q;v#$QKSsveT
zmT`F<>}L@4cvH@r>4N3hnw3&Cl=>IlN(`@+O6`6aiddrr$DE>==L~8~b9IMAGLm2H
z0;u|rS&`A>+2>Oks1WWGQLoNoRr!YFqdy=~MlXs+45OU&i@x#P+deAMn7!18W;z`|
zQpR!@l$-V92`kg_jC=9sQ~1WH9*+(Ydv`9=m`sM@2?cht=6|<XPY`sv4?3Gzuw_Dd
z5`=Y)sG_HKUS{C;zthM%?xRL*GZZbu7ZitU217)03C8}5l?+yAh||hUWfSpGp%N@&
zOkYtr`Ye0yl7gnLuxSY>Un7c3gnn^rsJ&XU2*NBYPvCOy>#v~Kql*(NVc{i0(nUqn
zbQ7_waRK9C?6ukfF$5d{b3!4-Qo<fg77K5&HMSNT7TbVKgZ<R`o_st`Q)rsa(ZsO8
zT2ia&T9-6YqE-f93$1wHie<v->`BLnGETd>Wo@P?JzEwIL#G_!8nGd+DKh%R^anAY
zN*rDlxH<&F@XJw7;prc+Y^rI9oy-A@Vl`|ROYE|MAS~P<imAg|`LE&&fVaYgj8CKv
zg<gabx%4VOBK%(*gDT~v8L?2rIWc09UDH^FeA?bKWvsSXK3?6SxxKH#WM}*BSb!|T
z7ga>bi)|q;`F`f8(-f0#6eWe2r5c4)y~uH5_^K^|>M2H1$46F(RW=7<8cSb!m3E=S
zi6zYxzD5pb3Pl=}kLD?((0G5WhWDwd+0?2fE=rk#zzQc*_(GJ0uo;FH5~hX)@n*|*
z4JClHf2v)aVq%PzAkJYOBa?z}>sSbtkm_(g;igJX^DLUORFqt))-iJI81gbw62vZ~
zS2h23N*p`Em_9P<T|(r}tYA6<qb^nVnAf_7vzaNK`qPeF6;jlSu16Y=8l{BPIYnD=
z$3)Ic!II!JA2XeyDf07#;zLR#nAw8Rcm>fsBC%Jhnk<3Upv;#NR3&m6Erk*lhHtN;
zC8AjgNmEzi`=Ggkg}6i5Tj-I5jxIE9lh%01>oljZ4wVqI5#gMpo4Qs3-qVW|UQ#sq
z9b~rr+o=gA`HC)@d}*wtIfdt~1Dv_8De5{ceM~qtnR$Poq?mS=vW{mbDr>^5szx_i
zf5Y@+-D1)bmS+RpNc@Zg3~rk+)0dmLsm12_6!x<nsK<9j8Nh=toMHTQ!HpP}tQ%KB
zBztv~N<oM8PZvjsWRYsLpEVcf9n0h>@#n*s$~oSrmve5L>P1GdpcU$(iP7chb@rsn
zLa1)g&X<`?URmecoweQekfiH)Mq_SdvNXsA-~gqi4oDf5QBo0Mj1K7U>Jb%jVKWcn
zwRw9Tk#tto3U2*j)#tF|%$ZjF{S{bTfgeEjql<$t@R#d=6{z96ftT2Bc@z2Wu6H_2
z8hi%Y(V{ut!iKU_c-R&tu<L$%NruyDM@Etb;#+*+HdlPnoXtWUF@NI3)qSHrh0}dr
zna7!j`JJ>f$n>hS#vFHZIp3iDe7k<P_D&k#e_mtr(sCIFzzAnLJWNQ+EmZ=oV23-S
zz;?ZUeY;jc*E~4XCX*{LN6x<YP^a^2Mp~Xs5r7y)h)SJ=1Pwq^moc9E*8aNb318;1
zWU}SZHS*|yn9G2qf#q><-ayO#i{W&<Rxjvr5Ccu-!;8yv?i`zWo3I>kQM0yW^7N5F
zjfvB9qjr9n|N4Vr3NV1-N3B}SiAc#b9MBCNzG#q2<k(`&65drX({Z{z(&A=EuAZYz
zl*n1bncbbiI&NoxDiN(`xF&eqM667ZMUxtlRZGXmcY&UBek8%MW;c0(uQ(%1i_zPZ
z0}$aw*+{(amxi-f)Cp4>dt%;TPnkueI5=D}aN`eB#j;^kzRw!HM~2YK%8E?&PO5Lp
zD8qM&Xr~SBv_m9V*|Tr2lk-AICHc1DMV@P@?Xe?>u^LiK3u^YHq(%%)hl>D>qAf6J
zoib+0nxt1Ee<I&iX~zeY5H4EIO2cSL@*OYjalTKg44XEGp_{!7`~|+$5}RCDZa$;X
zU%C_yM=u&*M*0^Q#O;xYRmY%LYn0Hpa`a%jz&c=4<=S?hd)xeJrCiD5t3mMpE;wO3
zzhHkFWUO6^h-ly@Oc7KBMK+51QX+94dz9o8GUP~>$hB2gfqQkq<GiBieR~AjybA72
z(`9L4zZ<ov^L$1kan3e>s77HK>Pw?A<T)avvfZz&TYGXQsC}u_z?yJB&JhV!eqY;0
zT221sv@kW-9xvB5Sg>5v8dnoB;K!TJ9N-|%H{Q(R@(CTK(+-#TH9L|bauYws8TTqH
z1!(n*Z>t|jem@M8)c8k<j?$_0@#2X+-qdxn*Vv<p89InnCrZZ<tbvg7-rnk-#+dbL
z*abXpOK%ad>qOF05h%aR)=Y4rm$k@zOw!&Oyp1P|C??v?Q!b8a-C%Jq31-4bpxPWZ
zPNn*!lLBHEJQl<Ra5PC;I+G5{%JqD5FBC)lDs+!X^NNycvZ>(5c$+ClLy>gNeSNA#
z(@q*sE#%9?dhoc;niN+>m>x0NCfB62OuBlm7p*3RLheE8$mDk*5O$}8u7cBe0@&zB
zZ7fe*W^sJTqZk+CyJFUk!E=j?T)Q~vM3(E8de|9wOK)RcYw)~V57?3(X6HG{BGHU8
zaXiFEkt~Cb(wO6Y&&K{>Hb2}{Oy$?jV6k35^0*O~$@Abgz|8<o^bVKRce97)<fqps
zBa2in1T^%Q-(LOZQS6eyUZS9ovn8^70{0RHttzR+D%S^=+U4s5OI_aR`oO(xgH~l*
zVp(168o~W+xkj*LYxf53WgE0A+Y+l>C%Bi$s%*4;#o$Kv%bNjraDN(a;#e$t0k}Z!
z^xNRCGJ|lg<7Fq}<+&}p0&g(bZvN<_|Cdo8gUB)zRfsHDFh`$CHIid-`<$+YQk>17
z+(*2^+-Acyl&Cv-GLs<|;b!zPM|yS635p*qPRQaOQ3wVFhO;ThL+<McOG&jC%}EQA
zf;kjif(!DQB^WKEL}f@(Qw%HaHRTw=4)#7P@2@L+VD}*G_wJeBDep0w&j8v5zp%W_
zB|2Tjj$q85NH4>wO+0mTlh)v7(eT^ZzXZhqY!}%bBO(TVx9+wlzrOnE7u=S~;RK}n
zLlVosbEOu+TnQR<uuHKU{bU!8ENt+w8Q^k(J<kqx0C%sRvz7b{tJ?>NH@I}SQKDz3
zpYh}7a0>7lWl1IrZjn+iN!5ATO*8k0?KR5m)qNpslZ||e9{0H_1{_bxM#~X<_(Qs{
z<b`g08rlfryWXK0sSwX>dfSktjY?+|U7{cGyUb$JX~9Ph7?n0qwH=1foWil{rd#v-
zq&s_bwm?@AGSymUh%u2h1M3GR>R~(il=vc_lY4<N<e=mKpogqQ5l$Y493@(Gi7yZ1
zAE#P^A$|})ZMQEh3Y~Ug0IcXY1J=q9YjX5Qh~yC`G9GOEX&};#nc5!CZpp<D1mdS*
zK2^#HhlF-_)M1G_m|+#+5a%*Bx{iSRZ)Q72w(ZgIu)#V28d{vdv^ZECd0BF)stMQL
zUz&xeb*Dpbb<&GlGMYuUA04n@c;GS~w6;V4xE?>^ZIaqwwTLU6sIlQ{UB}s4)hL=8
zVnkG3{cfi}=A&-<#40A|-taT%RX77vV79a(HT+-xdAPV0QeIK^NvsBcGA92-tin|o
zi`k!tGs&NWsvrIwcn|z(jiYY|4sLL<bCrIR2(VNMjP164H;SuvKt#iJ4!HZ_x%>$0
zZjQ5bj7tVS(8BKDV4YQAU(j$Fvv4f%nm^e<0e+&Hs|~ru-rnIP>Q4?@C>!a7?-?S%
zmIymIz|d{ty6;aWhnvlxgOUC}w2W??8nv`XD~5_q3yx*SEs>h>xo&H02k%xpWM}~9
zs&;V3d8F-E4sEo6*Si44o2I>xh25_0f!-O_6qf`N9SJTUJOXU3bKoCw-ntNgK$~Ba
zWWArYI&0Z#j_>gEVFEG(&^qF=tHX>Rj?bF(^KLl-#0Q75tAR#i?_fcjAW>nC7|>QV
zkz<9j15pFlWNa{cxcmWZ9&lh7d9lEcx1;SIRU1Qz=)6WOMe<8t2qw4lFt46mghphw
z9B)(ziUG@q=TLvw62f~N51?I+L{~-{k}-An3L&c=t_{I{C6XBQyE5s8PWK7&<y|N5
zYQ*Ycrx?{;!lY5f1r2LZ)d&Z~<$f$n%KcXTWHkZlZ3&H%3PDXxDTP1@1)1h-l`y1H
zQ9n_bc{ma6W)wl@L*FMUrc`=1twpri9-bKci`C?UZ#%bv4?O%A+PGFuZtLl{RO>h;
zlLEroplSilh<`l{Lz?(qx?bYyE~2sm1;pxVBI*>-ECaF(_~HU(Km_FPZW+72N`swJ
zP$dQ=rB;Be^@E4D{s=)9Q#lSrxgf5^mCC6v+6<T{e8iW4&+m>03@>F>vH9+fK5~3p
z9FGTiKBt@c@!;iga&xqpq3(Uoh3a5bpMV8Ok6`yi=lI+w-3y)7nZa9{xGcvWx)dto
z;wdy(BvX5f=?eaca@g=k0lx7x9epTS%|W2JHJNNC8hr`tkub3+5-#gguhg^VwQ!$y
zaMV3zqPvt$+1Oxmz(Ku4&!aC9id-<5m35nfLbO`AlN5kNgn2b&G>J%Q*XZ*;yn1if
zDq*!Wz5V%@S2cdkPN&9iPhP+7;jiBG@snSB_%%wsI{q~~o*KVptJuR&UiWa-?@Lv`
z>z_|v)%fizE}*W$RsR}S{cHU8)vMP%ocHPByiX73eR}w--+H*-uMWRPS=qyR-yY7E
zuEzEL8UNRKGgpOw&oA`pL=9H(X1bw49&<QSD_*$9H>9ueEic%^dBGme3)c9C7wY3b
zzp3#p74G45SjMw+)a%zLFWXehLZ$AR%3#yG^l&=2#<z5C#?Mc-tI1ClfeiHWIf7;Q
z>LlZ(ShUbbs5DfjTG~FoWu(;MYRDc=L-ueQvWGKLGG6LJ^Jc0_t??3zQPhi7<0TeD
zqZex*XROuX>bi`VT<EIp(XKi|r6rG0X~`p0-s}jKH#tJ3=9y|8{pz<@PpMM2F`|r2
zI6v8}CNzI0SPb&WgtzUcMlDMQY7X}V6~SV>{<*}kGEROuc}}%3!t0km^$D+jdDADH
zy!^FKc>Sgj=y03RPO1r46Ic&tg6iQ+NIjehsKV_Vs&M;eDtz;b!C&Dvta~`axQ8=r
zD}19tl<?d&iIBS{5pvfQ0-vp#J`r-$CqmBjb+k&(G!b&9g%Fu0Le4Z1%mDV}=bvBw
z7MU79=*yfK*`OZN2uG0XAhe0dcG-EkjVOQohWIfH0)i;k&&%Pw|Fn5<SjCfEES$g_
z2lou%gW7c%9Ys`obP+pk5fLsZqfI<RMiCWG?tIGi;VBx{6tjjG;;;llJLQ0Tg%ws=
zg^=8@YO|>bcq7(U<IPX#FN^>;=|GB^aIQ5@U=vaFq9)HkFy+t50$rr?UB+|bsA6($
z33U5C#i~ZPQe(7b_(nnU&e>*<<up51rpZyi9E%Wm?UxXG)dm|^TBAl^G_#;h*tI^U
zaAh%G1g2;yQn}VxhbV&Tn+H326_j_$s1`Alo9<&28DU9-RVYh0nv8Js-4O6-V%OzW
zJ`~{R!imCx3k4fK2(*$17Q_{5HvG8Qb@5yaFkTr=jdw`pCY1e%OT<w7G%k{GO((e=
z2}VS?pW+j~gtpk~wD{bn&F1$B)&1HTnH2Cs+H6npemO=mtF(4CaXXOHcD&hk53DzS
zuC0(>y*&9TXt6yyPk2to+~13GdU+GLMp`c@$=!oEodmE*fEQ9+HbyuNBgdS9DO>H~
z0=2DOz}m_M=vhgC9|Ro4Yv5+wBe>q6mnIMuV>`{j<IvcAgU%CymChs9!EU}*Q=VmL
zl@h1(Wu6@AyPY<3jImwJgCoI%%=JAuw{+m_>(1Yv+15BH!y57TN=;pdTumoE)O7&o
zcRlL6t3Hlstxj|^@1eueS9Pq^)W<`IdtO$vBkFy6>BBm6d5}nx3{TB6(GGQ&9@1-y
ziwA1T2VBtBINn=p^aI=D8uy}5NYzBfX^oz5d*~%XqN=i!3ijOWY+>|yoHTUIgTI{r
z<ke2S-osLp_lTabN75u?2H=s4mZtzy7DLXo<Z1-8<zS=J7_9-x$xnb1P-9{d7>iPc
zA@nav(X$6~etL5|V(p7p6vm?Fn7%z(MPDGZV(Y(?i}u!>GW995Ubs@3p^CK3x9dyP
z_Kr#{fE}_UX0%{4do}_x45Os#q-6<15`2`d(pZa1#I8mzRwdxiWNb9Zk`OB~iA8Kl
zGk*@565Nl@Y@0}BprhCUu|^ccgm)PY?nHeY>W&<AFSSL+o>Fdl3twI&xxu}y*{D|(
z$ctHpb1q$)$+Rj~A<C-Xh*e;}6{`U9Lzq|*#4*a!&z4xL)MF2`V%kL&jySZ!6rRs7
zRP=YU5h`wdtB|NTsy{n(`-8;C$V&M`R*+kFdu}SL632&(qm2luZ>nfg!c{155X?_$
z8*_@q>Ru?S6Z-Z&N;$|_Vs`m(W1+z*xSddyo^lUpzq?Ur6-(v9x5fF#k|SUI-tos0
zCS`H5WhzwV6z3ZYQEzVF$U%sr6M8`Bdpw|R{E%eH)@R7<{7J_3RJeMrm_iTeDzzWe
z2X39#YUV~whf%|-X)oYd?04o{w5k)^o_@02?tQY#&#IArkShCwAQ`yHru=(9#bd8o
zz~-eD4^-I66dIfE?Hu(ZQ%l-tT%K1%oQX9vEI_}Ue5|PdwqZWw%bIWdAu=HSc=F{3
zar+^~P?T9|QYE=qqlIf&BPv=xnO4!lI<=w<;R-6$<obP*9cSv^{PcK?{OcaI+$;J~
zJWX3=O`lg79bRERB-5G4(!x&H9@1@WN(kOPtMtp!vINl#NosDMp6Dq_*pJbY)IG(+
zDvtZXiGRQO#C?}QIDXUP3}^IOZ&ou5^hMC6QLyZ|I#|;3=yAs!-(%}huATA|edLe;
zv<If*MIVa+g1I8Zp}3Cyp^i=Wx(UEsj#~61aJ<1wrswSjpMJ1k$|>)LIZH~htZDZ=
z)7-idl$2BnWUDL_sidVoXP=I@zZWXT=p7dUD*W<XRy(hMdiBzVa_cU3ZRg4wyZ-H$
z-`>nlB4`-T%k$4)0;FL$&eDZdvf8PKgu{2rndLafG0dltf%ZoMYEKm4#hTs@cvitu
z)dxAQ*YTRh+~<gGZ6cO!Z2~s;=~M;Nq&gLKP7w;2=72)k=4j9^Fdy7&qw7qHo}r|v
z8~;Sq)X=^T2a)FL;j~x}C$qP@Z8f69q6Xxz%uO7D@9x_F*F~MQQo$|TyXsd4VhTdb
zx!}aP@O;NgkS^Xci55|o$BU~t%p-EdyIp_XD2t(t%PcRtZQCR)apulCCn_(IK+b>L
zfft!BaOGLR`GSY9>{pG!K$Ige*IfGFpk+G}&ifRq)`<L46}^7fK3S!Ulj>zdbmhbc
zCvO|QAhwXJSD4$SV+rZtN>mFy?~enOG+9BE_<IyuWRGIktJ$8wY7;4yS-SX$O-IS^
zkSHz*Pk6ewsKkWGsU5q&Gt$O2Zh@hNMulG$=KHV`8W3FSfxUPH(Ts^*!WcP->21Qk
zQ2nc6Y0MH##)iqb;l51od5wfDh&>2Z6JQI%eCrHfB%%+FP<fwTEQVtb_s)^^mZ~(i
zu1Xj=vZh6lbx=aoN~YPhRC>3x>_luL>`_J=FXFcSE^{Rx=~^o~U5^GY{NS@%tS$#s
z>?E;CnV176wEoPOm8jW`eQJUtRG+X%s0mCy)YVPa1{kQibyDD%!!y!LIM<03M4w6T
zU~~!Em|KY|ZrtBmVq8y_1yLp00~Uf$-!-KOXPBc(M4thBBuRDe#|yP{yoK38v57>I
zkQ&^$f>VwQO4JQw;NU%cCXpSX%QHM$Wok746DC$m&M?Zct@okTnYDAd2*|&fKo|%m
zf($zXdzRcSOtpHxZOu><*|S2itB6A467zwt4`PR83`?N)xDp=*8g3pEie;&sN_kX!
z;e_awO-I7KpJ?0&g27=$pgViGCAu#OHWjRTaQx1TGQ_SuOO$DZ{PA1Jc$p&9HM|10
z)CJMEWX@t`>f0v=FG-`+A=8{s$A%!ampeL?Ki`0s=J^n|=3}$9c0>41*&`NJ9@8%$
z-4e{!p8$EEFdRb)jmWml#StNY1&2W_E>H9Iu5u>TL?R}j!|2n4yw%i9#F0oX@}<Gt
z1Pewi0W)1f1+!JdkP!#9O;-vDh|wGnwN=4^DgV5+s_0e|&(cqjYPB#2$DJxMHAa_a
z#nN-Z{hZ9=?dHvm37Q970U3}!Y-NftNGqw%M(2DYihsfXC6YKn%lp5?qf!5-c=~Y6
zx!ixx?|+IXO-a0u8gz&)zC`XARtA8=MQo%~-C3MPAYGx?45!DeL}X472kH=Z-Y5vr
z5HR@#sq>KA^~d!yh0CM~_X>PHvJPdMVLG!f``UuNqJ5gPZZ}xfdmQFaX~G;~ijiTQ
zDY~!-S|PQpDZXtgG1@A&ck=I&<Kd-iAX#iixJJnQ$5SY?XMFaBa^IS#f0v_+Yp^&~
zzZuPzIhe^74|V%tdQs6VqCVz~q~U2H(-eh?&sNvVb6Zy^F;R>`w#W=L7S0mBg=bG#
zDo+wn^-j*cM@V_52=0I+*U|O7DbV%22`g)%v)GAFr4slU#ctGKOZWsXV*O(+RS=*1
zYRU|0GaRBME~9Z=%HSF|$IlVA9OEd`5^J}Nqou%L(0-rGncmIzJJ-wSFziK%@fNFi
z*!OmN*|q>non-dQOP!z<Ko`h6He<Z}f8yS*x6UKU^L&JYA$SbKFbu;m45Q>NcwBC`
zWRtXPt7~fwilijAM2RI*w!6Ir;_&d0VvC1|#Y5`F-HleG(P%Upi@jLv#e9IpV6d2r
zy%@~ZUJdqp?e8Cv@nk+PhoWp(b-AdM8Tp<W85tQ78PCpW3!EnJeo9JF(!^z^SbSc1
z)g25fd;PuJEeV7Y=T3sw;*RW*2}@ESnWc6M29g0rvr#8!UhU*z?f;}9VrW7|3OSsn
zx@i~AP)zvW2bV}@1&>hrZab$voeHT;6Y7GQIZ0re39H=g52qXe6h*OK#OOjKtO_;5
z>8diyxUvayL&6qNS4U&Si?WG4^Ti9PeW?s?y-0pkgjb#6DIm7T5vLWPRp(p^Na76Y
zTR<m+WJDd{j)|*_YP8b%d2@wKkk1lWkJ%Q>qr(X}X;Gdo!5L~Om@K#hIKs)jKtVgW
z9@nY0cQ<%T^VT)J5`_^FU7>{{GefjIgJXP+)>TOQ!&R~`$yEMDR^3Gsd7x*qJN+t0
z;kq?dek*N&8#mva0%2+1a&wa1(8>#NBdK!-&Z*Q{U;K2TZlv51M>{xZ!u@OOdXrIn
z5jbD%a|OCpl-Kx1N<G8|w9(O=B0&)smJG0aoEw8@U~%Ctf%chEpXi#sE4@FlFzIk^
zv_2~@W)q0^W~Fv+Qn@G0^fwFj-e|ykptV>8#v3X#Ee5ZX^_#f@zjIxdv@knqzV3H#
zo^R$h`Ph2q@^Z!BEX+!AvXXP^<yvdDn~A))F|4n<l9RRb9~@%TBUgN*ot_*z_0G<5
zdS-b)o9`n%$*qD+g;XWO<=F>~U<TOi&cmx`P@<F>(Ad;YMjMGW-fL6!q&GKsPlg7P
z_Eo~G$02vr-0G?y5gG8!_-NRMY3hrwwdKr9I<6<Y6lj-lLf(cRBmbBbjn{Z=d|<Bj
zM4ueWQM*Iq)W;b%w&XXxsH*q$IZu*cH-WXNxd}F$GjANZd_H8FdBX;;R&O<v;mlf^
z#YV5%PAqbJ6trW0M!olzHrBP<a{*&1{B2zccE}%!e7q;DXAUx$BfdO$?Y&Hf>V_95
zdWP1z{tSAY^z|7MV(-MB=7gHZ&Y+sfE<iPNone{b&amZMHui2S2R8@kIy&&Xcrcc`
z1Y~N*hn>{IT&Tfk=k_@FJEiE?^#fRGh=o5b$=M+z{SwV@AY7AT{&~Dq6T4je_Rj8{
zIn2zUwY?6AT=T75VxR!Gptl}%Kq6K3{aoKi(>;i770Xx4-HJ4^Cs#M*V-jANd2A)k
zWf%Ibl&c%PNrh~(C;+G0*MeS#BW)<fl0~7m(6LB@)VcUK4|0RIhr{HRNrN_Sp@_TS
zH|J+Hbz(Io*EzW+VZ2n8FOr<{&3rl)?_dy=!K0@|1a_3E)MW|6_#|h-M&Q}p!e>`O
zy9|VQiN$Zg+*Ggus*yOCBv&JgBXmyRt5M*JFx0M7j@1@yB6@vIZh;XY7u%sLmeARs
zDt&?mHU+sY)=e%=c0EG>%>RboR@cCd+P86J8{=jsmAEprT6EL*T~=*Q#9za{PIlyc
zGC}R-Q!kKpZ^Or&pyu5u6-Kz$g6uRi9NHHwtS1Zs%#$f>DtzN$A5$kwJ3V}e{2zx=
zrUgmBUOY=_!(%DlYRyP4aTcAyfr5!#Q|^s1!ri68(O`T306U5VwXc}@mWXwq@YS_r
z7<g?HU}CCRh6W5{t418ZnuojuP9;QM;DhW5T@#o@Fa0T9s8~EPoXwOyI+XTJUAsEj
zh8_Ffs`Ct0Q}l5ffyX{dtRD6Q^TjuD|34kEZHCADFgQL7eQ*$<llLk4mt7IYdk>Tm
z>^&jE26udPPRG;+**WFghuCjc+o!wh{OBU9UttuCoix|{E33AFG<wx!=szfhiJ7O5
zApwLv$b10&aHN0v>zKWmZw*al;}e<T<U+K~wQqcJ({kZR(F2-jx^BQn>35)dZeV*}
zJw@b`#08`8=BGv|ZsTwS(a)Y<rA~Ii8YSrKD;?ld5)hwqmMl)?K!7&mBUAT~YglcP
zd#9k78im<aLI`NBV%qK60V%~yDV40aSyV<uz8G#z`JkseZ@F<NHE^E*t7>~3ZTI2+
z)3s^E%Mrb~Pq9-6;xve-&#UWGUM^TS?wk$>(~1?nzRz#!SCW4(;vj~KF<?I&**g>m
zupgzWpL%RynNE>;j1Er7{)9h#fZrM%>>?oMQU7Bc&453rvU<`Q>;qLha_gY6*w5<D
z?}p6e4&F`n73!?MbLdw%H>P1Avb;aoJH!%%F9>w=i)dcaVc$(MsP_adipBO1$*2(L
z|277b%=`A==tt5v3?O};ZH)-i`v~rVTQv)UXxI|DVk|LQbO?BiPHKoqo0-tb3GOBL
zgI1OcV;OaUk_3926H8Z5{I+7zt>glt1bG=tMgybHPV66$Qol%45ry24O{!spALf#T
zprR6NPYyV^yYblui>)l>2(7coxOlf2FtKCA)iV^ue09*}Ou`1s$T@@?R=z$kL?z%L
zINU~jn&7JAKDs!nN4c3ovR!z#v40c^W)(&IT+g^z>zoD=>2@nVzL(xABx4Gkv8|0T
z%Ofl51=%vsOrOk5xhXB8%chF@U@@)UWqYzDkE+wkY}2Qx4?MarYbwC?+a-@up9j$N
zc|dnQcNy!>TWzAHnn2_6*Gq`5sf1Dyv>6*biRk{}6U%{By*_b{bca&`S5uF1D)R>}
zWYvH_=<Yu59bL@5fpLSfnCH$bSbd#v@LsXhNeHDo$(jQhYbBxew1V&|JUVs-&<J-N
z*3B|{WV)d`iA8`#njGq!x+i?_6cA+Z*nD*4R@3t#0KwYEjqeH{oLx^|8LxoB_RMHT
zzBQ;>k!NMNGabl7+ZDDT_Cj(1e1$3UDvFFlT<<LGFdnYXvR0c`x3(8CbKXNWt=LQ=
zW~s}g?bAJkzIz}kncaH!u7%-aVF?A@@t^Gj{{;uuAbNOeR-)7_eCGFnul<gQYQ=Hx
zeLxytP2A4Fbw0SUkNP-6r;!Z8-~q+H_HE0OLg*fnBO1;TKd9>XsXWVA=A^vEGSQT{
zRnQz+g^&YtL;E!*F}mkpxis5hrq#GI4j-5o`5nc0LqI7JnvhW&0G+Upw$^1FAP%_(
zspIJ+t6_{cZJ8Pb6>5V-2u+WeI#hq<4vJHkqpCW56kXR>9yU&)Fttf2IHx#{`U(*1
zD0=`6mY_)iR=<%Rvw$Xftu|1RpieQwP((iHcm&gjB&MzbUKtK+CRxqsaFd7k2KTH4
zhSA7~LriC_mDs^xJ67Gpd~f<0N$CX7IsClMaS3d4?EdcXi!T<w%mA_DIVOw7Ta74^
zj2wqg$Pw}~9XZYspCjh7Do2Bj$`G|%la~yZwRDcjyGM@E_l5bdJ`)1Ui$*)a#M;dS
z6y18CGdRe3%~JTd0H9qfQb$FkAqdHN@)u?@OhTO#-JG<1(&Zl)aj~a4)i2;V?kskW
zC;P|@s6`$Hs4#b~b&)x_zPe}7#&<`@IYtk21hI3DXi<Z?D!|JVKAd@yvzZW6{&6!X
z+pcGrvq?FwO@*(S4A_IX76e5CYOXpqi)K?7EOP-LX8KcRFTT73`v(0l6WNX8=}IR<
zW%A(}X*G`4M_@j_IG9|8u?#<jH+RuVu^hw42A~rOq+wDleI<y{E~hyZxd(RC%@&)-
z)a&q&hbFPe8h02h6Vj%1*Vd<qTGr5wBDuBCqO8e~SYbU>r*N>z#cf|w2ezb-M|nxr
z&Lg87sb{N(GWA8+Z7Li;54;%YCKk2<<D{1I&@)JI>6@l#$Cw|F(?T6^4|pEs1S+HM
z5YLl19r!<ZR(}o;K6)}{sGjaDeO)VP%Pq^Jhc=ntU3>cZ{02f}&8)q4m84IT>?71`
zbhEPY1A0R?_C?&Z-6hZr;!1#7<);!{6nD(@JH?M=h}Uz9q@!SkFKO{?KRzgMcXEe|
zFt{kUxYk8~8jvBF+$cedS?oobX@R00NU{Gs%k{yY2RJ}I;8u1VvAHla?P=WRVLVA&
z$0(%+P2uhuFqQOFfBM2s**P7an4pBmiLjnJV%v)-?{<w<m8UzC4_WpU0x?oZV@bg&
zavZPp2GTURV=K`%OYmxfE4G+%5=jCK-;o^O#jOQ#4BfWsG{1Ja_o|&X2EZ{cVs`r{
zn~K09n-bR=3x$rfy4*84SQ^PWLjO~#4zt0f(4+=e^6F4mx{%~V)7^2&J9_x+iplIU
z-R<Ct3tJlXu{4c1tAz+oA8%-Y5yN$0vO#KOqOMx7&`1ypnCt_ILpz}nXUQA!((9_E
zC5WbXko0KNxD-Z=o;~cfFXplj;`UksoA=r>C2q7OEUM;%@r|k(L?b>d3u)%-AsPy>
z6CUnwBU0E|Tq;r+;fxecl)eHqdv~PIHejLBuBktPkLLAc-xFHLA~Z0g(84pvjy?^T
zisFJ7YL?fRoE?br8JkpQqyH=BNyMKAl}TKU_$U~=v{A2W=@<|QbIqS*PYP1UzB<G?
z!1?&Akk-f_91dorp3Y2RAbn;Dh-CWg5!k7^Y!vOLJBYDu+))cWFES-Au`IVT-7PX`
zcA(@1WV;bVVbWY=$?6J_M$v?vHlw9^iy?ARII$ngeB@7Bg(T2qQzJlWwu+?Hz#8<`
z^(2WvID4}Dm1#DOWO@kq($wqW!=eAOMTEnP_-T|E7ZyK4&T_D;JYhfmGAtpIod}+y
zi3&RFkf605qeQU;0duy%V|-a6i-Tm7@8Ga@#6xj_s4K)argHF%ChF4d)uV{Aa3hoB
zwIs}wgCz;wZv|3&iU!Yl<q_FQA;aXnf-%rB>tIaRJg|T0zu4zb7v}NWV)N$$+lX-#
zu42aPNfNI`*zcryxjaW}4IL;xDvHV7ON1pM!v#!4-Dyn3n7RlKab+pf|A>pZ@tXO}
z(&99=>}cST#DIE)8TWt*1wF_F*NKadF<%w`y?Q9$JvIrHsloSbG3s)4o}G!@4%hi}
zWdE@P<&V{BbMDB)k4Dct;QoLt{glDZZ(GoY?Lk=zuWjBiEYa?Ae9MqMur?(Y*jZ=K
z$7lx07BR(=hjbm_n90J+CAezUHcnCP)m*+=R;?z;V`<O0$J7r_#aZvzwPMPv(=X=B
z_|3I4CWpZ?Pu?tn@GNB%`Pky&vn03CQ|(;&;vsUx60md%-#0EHcTvZe@x!9{;Fxpw
znDcTA$(e*$d>0De%kx_>RF4^veE;(?)M3PX@*D3S>C@}_{9d&^z!A9%s-W(&QynIm
zcg;O&cO$kOnL(m)oQgj=9PB!ue}K_Nv93G~m)ghN+PA^tOqD$^W|_MM1-0Soo$I7Z
zxam4<`ZTgzY15}gM6S{&yhi;2_0|cT5GR=(q%xs`Lq>(f(>&AbNvn5<$I=$Jw&32;
z?^s;Ob>l!e#RO^491VlLk;5Qfd@awzNMA_yFtyZS=CTg&T1|Wj1?lMNHZ+|Mh;u*#
zDN&%n=^w7E7LlCQ!t6*f!=SxIHLns#`gN-bO6z98VCkui7j&{4lwejGUk`gvJ=|f^
z(_Kyv9<1Q348{Uk4oz2%4cTszg=L6IRe1n)bY$82V1)<tD(qAab_|S}3g3dpgT55W
z2AQT`CR2`W*tg@OlV^7z&0Il6QXhy+BMR+#{mw@`r<H7;?+ms_2MUx=-z{~<yLU?~
z9=%(9Jf*r@+d8V2khk~;W~X{G7D1o$h(S~1KEr72Bel+;uJJr@AB8GvTMs=M?4P8d
z^f6HU$TE1ELX1DuY6%irwG<tDRoty0z;`8mW>VJucQgI!0~Pj}(RHq{hwzcgB%poW
zqJW_&H6eDo%`WMABIu*y9@KJg;zoe||8RoacRR&Em+R<O0qXiCq)pzYOqr6BoIj|J
zlr5coXs#FWWO%xLC}-|d5@z8W@<C&<R;LPq!jK2Zx{(I^1tbz-VckzHpw0%p@Dzrw
z&oEge=?Sbl#Lb{=+HMHf%wdP>FP=s9XGns52{3yr(CaL@3oI+8vxU=wRtnZ;&;<_C
z7Mw12;YIhliMeatv}sQhNrq%HuCj65=S$~Tf`mI=Xkv4_39#g?3W|=G_1enj*$;*y
zy@M;(#W7l6$tjDc4s^4tUVn2})G_Qp#<hUCthMNCZ+f2R-sF9I$%qimbpnQOMGSkD
z12YPf^DA~G$}+T7D;|?iOn^dUFrLrDTa@!Kf=YqxOM3lq9Kb;vpj`IQDRS6Dr-)eX
z5blVJh)0;s62apfO#NBWE7(Y;Q;j$~V&neix`ggrcy27s&tF~GcsAaicy#W|FRw)u
z!-WW@xs0eaglvSDp6vAqJmp|!I_i0`DUF9&;#aU;v2<NEEMRnr0-~~9bjC-}os`3_
z;RUxMl4MCH4^k^PL7v3DSc0sgEMPRzLdv47P;2|$8b<e4r+S;%C2Xd9<8s<f5m4s_
z-;y$40MKj&*SE2mb*ojiqYahJRp9{rnY=3o&FUo;+8M!sU>4(5Xg1NMfiDR_w;>HV
z4pqnz<<2y%35UO#l@tQTXk#R42`6~;=wS*RrAPRz*F>)M68KOyY8tN(QPk7p>`0Ad
zD*p_gE=LFoiIArteD32E96b#fTB{T^hS?wIi)|iJSfgC!YMi!ZnB_R=s5aB7vv6}Y
z^9()c8oBgRcM7J*_n_BUL`T_^T52P`odw6SC^_CQ)4?CNrGQNJrPql?1ED=HK&)%p
zNcA~mqJ-Wo>0oJR(8ScY866<)3?Km9(3x47cD@V~HgtWJjL%HX<2W<h^sE-B13L(=
z&V9|3$b$BzB>#Seh!o4gzKpq#$th2Jo*rpW1#&z(Dr1zbS2Xeck+H;tRuV5VhL2jX
zjnUws1u82Ky?|dP`r7Ev!DqCJ&hLQ|_4bZRH2$XhJ}zF)5En(c?G&+Tpc4i!_0%MS
zLPyw)%eUasBpj#5U{TtrZP?>ho}^81Tes;IR*Ztjs43Z^h!r3;hsf0T58>2(pE6}@
zC}8ZRkBqqlmn#bk47sopM}VTAkfTFx9^;G+b^PfV@G$*OnHxm36Z_uZGRF*3T+}5x
zJamtQ;|+*rv54x7Dx&tR$Ss0#)s;)dE-ye-U2ls5tor>6WCd^v1wP3B4}A0?Pb~6*
zc0JG#H5M6VJP4nVH04Et4WNi)tZbL-1}K|SN?@?cN5YF_&4^R~0yuVZ(@n7R1!`$0
zVo|^j=MFUSvPHfI(^|kayX`ueoepf;&ZPMVuZpTDR>a26i58Fs+giZsLMN{?twkm^
zm!5gFppFFHG{=Q5eB1>YI@lAEqV8jVR8m0Tc8vEcK%<Ph9Wy0t8hmp!Q%2J|K_iFT
zgT0^L+g;ol!$aF{5)0S?E)5O~+JSAf3k&PBop(f5n0q(JcpbxXI>+{NFcFb#Z_~r0
z)utpkw5y+GhwA&D32nrT?WeCb2BdHmaMVd;%-r-*6D%hSf9o`+f$X4Eqp!6jP<GX3
zqgYVjdxu!hPGoH2u&qf8piHZnc^^a$7}W@}eh~z7?~a~CZ0k5xw<Z<b-U!Lz_0y9R
zwST<1K0y|UxLv;wky_bBUlFl$b!2c-2gj?2N=}~T6+{Yzz=!~%5B)sVKR@UnW&>Mt
zJ!3REmIqv0a!^M+psblu^AfGN2Cu^#vwTaZNEyw7LRwSa#(PKWObdd>DEV)-`u4rm
zRN5^JUCzVj2$A?moMRz26pL(D(Fp=!FQa46hY9`3(veC&8X-L6oZ)YuztnSMGR*ix
zx0z}6;QBHKw&vp))>-awPS7s%WF~=@Z?ypN*+*6@W$F9eqqXPeEKzrux1_k+w?r#0
zDNeDPE!*0|n43<<2ch{y^zQB!J&1&<mPa3M<hu^X)9U{I@S)sPfo%m;>!NQCTA!o?
zk8c4|aWiISN$G&+EP>ka5e7I>|M;1eUpyX9jw258Mv%iVK9UAfr@|enRNnr6D$xL+
zJaq>)OsFeq%!$6lgnLPe<UMkM=<m4fb9Sn0zM>s4JW>ZX?m&*rO>a?~<OZo?@g4rq
zFnh$6rlSkHzSM=u?D5NmYrpGBvUeRlaJJNHx1yVCU0AJ9=_al6rHC%{_Wra7isSNb
zR%EYTpq`j_p-ac(-7eJBHC?c{lrGdI=Fp#>r14P~C@EzZDxG8(iX@;5bh0to?Rc8T
z9uFl_w?O)SZ8zcWNl$LR4BE|kZ~sXb=q{<pV-DPt!k4olv{*yw0gMR~l0)}8uwgsX
zQCWg*AswGem9=zW(*89v4c*x;jOBE~RY?yRdQR}9>F`s)PSXe`%Z!LhbmV^H0#ZvQ
zn_x4h8`&K(Z);ARS`P(b^LH2S%5-+8AXcdV;7FLu<Q%sIB`vEYNCj9L%p!_6#Uh50
zbot^LUyE2VG#at*W*4yO{+{SZ0bxOqzI1^}($GqPeCTuYMfqhu7@6C|e^(=p<7FA%
zT`#gUKV)P^6NPulsk@UjrD+$;qXW~FHd4~{aa2C@uEvcRgKWh2ICP3GHJ*Y?zgDCL
zTJUBU8&{roWZ#wC9&!D5wRCS;3+;TJ*Z%Mrc84w(73w1&MRYoz=dL3i1zg#XTQa(L
zJ=d+5vB)r$6j?67isV2go3Rp}@G14XNI5DzZtCgaln=+3$;YF_7M4H|whLYKFNnj4
zbH^@n`%7QhKo&q@Qf8~Ael1h?q(yaMR8a={(g$WaWyf1&Ok%`5Yq4xa9xX=8iKtUG
z>D!BZ5SY2IKI7AqJG%uG9}<nYd>s_YxJ@Wxu_(Uyh*go26v@cu;z4@>-EkSJV@}7>
zK*jf2ip(*-TKrO^A(bJy0PJleFwEjuZ{cWiWS?E?Nm{<u$*mpJ0Tv=&uXE$kD2aSM
zKE5--e7NX|)Cb2$Z7A#61|75ta>KXFVo?{w0Mnc<yz^bsn%p)7O+kxWGN}M-!2S8B
zdWD^ZSW%!PB58HF>J|MBqyQay)6H>7Z;JUZ=}$2?CcQ}@*{qg)x6DdSs5dLQ?ct=i
z@l_)`A?J%JqD!Ocy}>BE<%NV!%h(<J=zTG1y7bt^qk!qvP5P{C0bO;WZUIR>O9rw<
z!s=+Mm#3Wqn@>iAM-nRA-L{hqns#7Av#%}chMpENS}J1ujTp1R?K@N-v4QrF5Vz<J
zLs5=~i&!>wG9WavNYu@;)|_~q=_D^QVQ|9EDFD8e3P7!K@hUXqMQVY`1vEL{sSmE?
zbtlJ@%bgnF7+Ta2_10vwNaM)2lN7Wppq%P`P^Ps995l5jsczX1h-M=+-3O-aUNDXK
z!K3xQw8ow~t8}wtjbhCt<~G%{bnG65>S=$}m_gCGuxlwM7J7>SgDXG*n|49t>=Roe
z-^JynMSmA$C#(7X#B6#gVBl&8#+!zz*`G%y^(eyABD`-JcSKYpuHL(oty9c&*Ln9b
zH6GIMA&RkEtPy{@WS5ji+#0MC?dddp$%K*}i9oteBtoJr4GB>JpH&o797K~UDJw6;
zaIz-U10MH9<HCcM#kLKh18doDdr6s(>+WPlazs<;*5h?z89g=gaZl1kD+yJ2Jl!(~
zrqW)SO4nj+Du<eo3&845O~OpPR<mlD;gif=!x=h{;&^=IlF&*Wm7?jH)=^$Zs52!c
z<83AMWlpdpTCbk$pYS*d>Br}vea4Lrg$BJ^kI?#~K?L<B2<gaE9$n0N34xhD$Y3vO
zb|Ohrhotgka1fBAMl2OwkqJlSFnf-O3{o3HUCfsG{0mo4$nBI)+ZSCxS0ld>4ILe<
zIQ%~k?HL3bEhJ7!E3sssvys|sa3V#Pj0B)b6D)QE7}|#>G-(x@K&%SNlB40)k>Xpv
z5<(=m7{V2yVO3go_YUgvf^<oX2-0VaCL^|u7ejmhCzFjjs7*OIW^$A4!>W#aIGiy}
zoUaC=HAvT3j$QOh3qf%sMorr5*iu;Hun4awmevFZyw##LqXyn^<w8vZu@P~K1hTE0
zUnGM)NUo9!Xw!QV^6Z1;NXZJglu)%CrCMmQuDO5}H3!t}9_tNLR3ZGMjsn7fi`X=`
zc6)@cxkt(14FlQx4<|e<0`KI~K}iL`UL+z~Fb9*?`?~Q2(nNB(M9VTt5ZK()2-ArK
zo#?|KNKsFB`PU4}Hzy18vgEJsa2>vDA&tTU$a{|m7Q)_Ya=cxq%DPZxxYT%n79z+r
zM(`-5n&q?=;P^5R2z5;;fcS!}e__C@9Pk++9yF+WHZles5qrq8*O6@*H`X!NZP!sW
z7x4~4)mYwXR0CzR$_;9vqx5}W<sI=wT7LA{LBC_~&FZ1YIHuJ|iZYlYrUp_1I_kZX
zhbdyu2bL#Kyb6mwz!?ygyLGe$HRUV#KEZ*@;}NYGkoxTxS@l%Qv~3;KnrvCn+*4Rc
zQ{%9)|DgPkk&!#DaL^O~u{GV=De5{X!rLBsVjzeapW4z1t+DN>8?vyqM;{g$@`Bp}
zwjn(IulJAU(G#+C%HF|pxtM7un|qlIG%qtb3O?a_&$nx>@v%)%#Gv2IT5aoBq?n-6
zeD17ZTqH$h^}8h$FW47ZL{!`SZ_BD6LIch?X*;k4VUj5VekX!K$4uQ>t?wV<%jZD;
zz8!FD@OUIgRW*P@u74;Yb$A%%66Dst8ge^o3y!z!N2npw;UW2;vFP#02A${v)m}T}
zb{nAT$S8?ZtHL%&ySB_iDL(~DAgj{_I;}3V<+73;7X!)VTM4dKDYM#2+VMBViTr^+
zri!ntQ!_`=A!w`A1GN)!TIscngvx&d$12Ka5@ghyl5Ekovr$sn(x$oJS~6=2M8#6u
zwt);N()XBAuVFawUlQ#e=rP-IMS?q!aR9>)k1~<DOjgxpm&EmH$o9gc)w5O_EZUw|
zIb?Ju__tB=Ooeae_6}H2xICpX<P4Vir8D=QO>?JaJ%)nXo?d!P6J)IjRqOrepySZg
zdUOK@t1g6fYh+3R$e=@LU2dMxrrD!im|DF*us2>)c~Kict>jjyhYwD70k?`W)j|a6
zXE06rW}_7kKRb1NCnab-Fo?i~RkF+Qo!A1o3*4N=SRgs~)I$@y&47)Eke0~-LTNcH
z16!zRJpFu2fz2oAQP&SnK}k6T!+p`IA_ryUq>QLrk;~i#=-Z6X0y0kJxwlN7EFMk{
zpN;tfO*N=PDlUo$P>Yp<EQH=;r<n3^4%kcb1oHPk4G?20bHv1I`4V@M%9hRq5-42@
zx_NIpCbcSnZ=F2pX0}0g!NX1ukcy;+jjp8dgF|^CJWMf0IJ9T=IbKHTSW3|BsL>Qn
zJx(#TT?ErOwx&MggOkTxdw8HK*JJl5PgsM810GF5nVck<ymEQ)Y+5~*<kCWm$HxNT
zB2qtUozu_E;*KRevB(~Lrv;AEFU+UK>77xhTFRmm-b}6w2$_nQTB!GMeW$S6>b=|o
z>!A03P_}$d9DV46A-8Zhn7V%0h1GJ~r5_80;b7~L#<{$*u_bAr$HrSf@D^z9q`EcF
z-vWQ1^LLfMFZlbCzpqa45w*Rruy~@^F!sxJjo2#RR6eQj8>J_z%QBoH9f-#3HyFJe
z=MJOGj0KhQEzf(d+p9VD2gy%baoSo|g(Oj31c7E?3NgzCu96=ob@+26Knj;6ECdPj
zO5xbJm8A6aWWRqAmR(B4KCK>t(KuA(pSuG_yv08pTigj`HF12hJtCz3`@NG-jo7ym
zQ;geD3dKE^dwqhakS_Hp8t-?~3(z7Z9{&}f#$7l0DV6_9ro$wqiA6Mw9D4uskR;;k
zG7?#Nibz%N6B(uE#N+Cf<QqN_OdZEhj=Edlls3q4l}gYcPk%W~b_`ZWN|Yb46l4)2
zL_Oul1g$^=0IS-FBT8??P4t~=<J}$l!W04DG2KoP42R6uXo}v<7N7}Y(~`nw-I>Dj
z;hKWmIq2q`i;JN2$z(V=NI5iPwc~48D)3{J<455VTS$b^!r$!T4AbNThDd&@CV(C?
z*OCOA7{;E`Qr(CGFg$&XXT(U*YKXr``E>jg(Qy%G4(dxUcv$oz&{5A%d%)1o08>ZG
zkdE&ZQ`b{)>oA9X+V1R3L!4UF4*JSXk{_5U3^P}Q69_9lHyk#v7ZKzkin$eLX3bJj
zGmJ|OcKUP`9tV;t(j;R81J)rLVBxuttW0)!<D<mFQ;-uZK-e3ho`q!yNOFw#tb}<k
zuHW5k4WM{Db{*oHYRAY@SJ0YGukZ{e%B5{cU#nI9^WYE$ghS8l{fT#cX(*El1#hdk
zF0>}WP=trW`a!VrP``S}qu<r#ElK{(N@DA)YrMwNHzpYK)}q@7DAOJol}@Hm=m|Wk
z#i2~-09hSfpsxFT^my*+wa@FS>QvR^>|hOYrm&7GM}1`0(4&UFLhT$ygOC-jG3IVc
za7Ec=b(}3H16w6+9AjyP<}D9IP<Ke5_AOgVuseevc>QHTrnI&}QxaHAI-h!*o^Xj*
zWD98@RYG>^v)#bPu#kSr#!Lb#zl|x?t=kk@;`Xm!=fVkqCL{fX=-4lY_!CNxYG_Lq
zk?SUJqj>qHp#&_x6_g+%0jo)HXH=yw?%y+xB#so{63p2WLrU4WPp>1-uKSe0Ml*{R
zYUE2WghVNXb`6GKvI4$)=RG%DLJf9+{7c`bt=!i`15~2|qpsE5mbsn}c$-e5e~Ua-
z3ogs}IK@P+-D;U<@zT2_xN%1*47yQkinK7&8ZYqCI};pND&yUTjKOFnkTYdXP_d*U
zRC}&$vKkTVBl>E>>glJJBcC#@Ydz~3%qGtfP&h|$h%H9Cu3%b+G|o+ZNByK4$FG(R
zPw31Z_>h339$4@I7+5zmr@8OI=~D;h-k&<)!*-p?xMAzWJF8h49bZ4So{PF6H^qEt
z)4T^e=|b({({BtRmbQ9TAs#vVRIk&M<X`Wp6HF819@r9qv&}4&8o-zWaM9n1BlT)z
z7|lwMZ#x)im1>va39Wr0u36IxmmVytrVktSj~g*aN+TZKqlGad>Uwa<jGKTM+?HqC
zn)*Z?9gkWNQsA_4HlZ&iD7@oOGP&OpNupDaaG?dnnm;%hx_I7&(kYCVRmZVe93&9r
zU9N2-Gb`YyzQ_{mm*DmE+#H`Y>xyb{eZ?k%FEOP+wTr(C5uvS#$8qKlx29{vozX6%
zv8V;@B59!mrC8L?)2*qlnBC)Br}dTEgtc1P-+LGp-nXz{O)bc5a1+qx=55=k1})>u
zQzGsJ(jFP?e(UKh6LW%Sd|OvSzHXuF?ati<X+7=RxGnIK&v6sF->6M%1tWcWQZ_Me
z#l_gA)~ADm6VrNdpy*=9dC12pb?HDz!~H^W8*~!eS0|GiWU_n9Ezr^dH!B4ga{BQj
zcEjTmM+q+1Jlp(=hD(<$k1@CjH%r($4)+&HtGrc8xwiImI6hN+?-*W$8hFWUzo=|a
zw(vR2+k|JBl~NK?m=9R{;<8Z?rpY6^Ox0kH{}F7t$7RK{C^LIx*A97tBGf~L^4kI9
z^}th)GYu^W6VZYoYH-v}Rk&G>aNPlJm6PLzKUd^hytn5|>AFZ%j95Q<%w2yl{XWlk
z`S7LSyq&7UP|N`H{n7c)#n!+C$~~q969uqvA^;YCu)S};xV%4l$afI<*aKH=N#^-I
zIrd-B=A?SW<WF{j)5d?Ov7Q@Xnka_7`>;qlSIix(?3f%Vp3tmyYS7pc>_ft;gNgOJ
z6k)v{o=gXaPZUA4E9S%_sSC!;t{iOaE#HEp{Vd5wRS7o0S3kS@c|i8q&k^3(o;=MF
zBoi=bZXGIB$bB6gx_n1=GYp8x7}0CmOl(F)INVZ5G=on`U=)}Dt41#)qPwLI=@gf>
zlK5artdpHsN--%b&og>5nv6`A8Yzu0tE7;I>>WDxpGRMOzH|ul%*Vy~F+LE2R&DQN
zmttU4Z5EPWEgZWCGzE246bMIi+}=rjJUHG*)dfHszX15#9i0Xsv~qAQ+W`qdOeo!s
zfB2KWL2?9~WrM<ZMa@(4hIz-ovdX3IM;F#=_gAprTkTO#Q$zX+?EvLm1TY!xqIZ_p
zk0cTRZ!&0Dgk=rrZzn6h(Un3Xh=mAD_U0?`Ofh9~;lT?saeLY@+lm+D10T+nPq(o%
zzX+Z>M}6nYr;VJ7__x1PMBn~SL2~2>3U?^h@FYXhR?C2sy5!J$YV%*;<aD3Z%?IMW
z(*TxV7E~tg3!9>itxP@2RM8LfKAf{2hbE`OJ4$jFH4~L<^(;@xa~KomTT7<5%&?k0
zQsS(%PReR4rwWUnV*A}m!JfQ7Y23=nm|KvQB?`A-V=iQpw2pelkU_!9W=K6ys?5;k
zhb&5tPRG}{jSa9rGAS?*cZQpD3v;DX+hA9}?7-INuFc=>Lg(i{?}J|bq6a$n#b@`s
zHC&ya>w(f*50ut=pbKC1LFcc2(UW&>{;M{0ZGN4+-*kJX{?2#iW^Qhw1Djvy!sfo{
z!sfr~!sf1ZVV{3?t<eUY>*LY<)vI$&u$FIrp$Yr085LDrS!z_~Z}^)qC>iG}wi&Iw
zm@&^tNiH-RHQ$&YH{(Z*=y&6TWI0j&_2%F-!l+JMDUsC^rD27itTkK4w~6ffB1vab
zVb>sphEqO@VLEMi4&8Dr8^4R(77h)-7jO5ECmxm%iOZ@PZ(Aa}r4gsg%ab9W+Ez`{
zb7B~EASR}UUdLAqev%>+n_Lff#qpRe2+~&s)i$*mHmp;9dEn4Jb6T1@zQ-}!h`3Ot
z1|>?~g1Tg;&ZJ6`5pWGdk^C4MQ^!Zq0}ugKf}g;M9u*YVm4bSDB9N|ODO0*siK0g^
zv0<<mGI>!-v?JcYU@p3en0lz?j5<x6A>$r{P`(N92i<i#LIvJX+as15rW#pDmqHX3
zbzpKF-_CWoHr<Od=2)wUTg9*yeCz;MLEb@4kXVfp28uM|*d$I6aDZRj-Q{J-i^8K4
z+}%Isj^z+>9c|De#U32(EFL0{Ou3E^iWmy^B1UG8RTQz28Ida<0O}}bM-iiJ5zF0#
zpR7xG1%HV8tVkVWc_Lw$dZ$TpN!gwK-I3gK$s{R6Y7LkRuo@thHi^9zdMxWh3(=7M
z`qNaK2d@@3$lpMpJTri_ehq+2)fyl*qKm<uk>*q!l6uH3r3GO~k$8G^xaCiswjNsM
z>7%WE^Cful%puU@bq<Z&b7or<CutG&Lo}yyZWO7T92sSl)1rv3+fiGW)tObKZgOOl
zQI3Tos$SjCy;`?3x2{SoK#{u1>0d<E=OVhv`Bz36LK$TUWt1V5QO>#|su7h@JICu@
zX@F&_o!oV*##^Vx30|k#c<1Y=4X}(dgfdE>%P5^p(R}WDUG`{I7Gi!VC5<!-U7wzw
zuW@WT$PmtoCaJ*2vqLw*Hf|fjgsK5=8>$?dlp~<MyzmY6^;S#uTa39PN)QN(^c0qw
zF0d))c~dz(o%Ued2{^DFpx$*1-mGJ?($ZbMZ6jyL!puZH(&#P4HG%&p52W_`)6`Ub
zR(N)#@Ig+0?;*?OZYS_X#r7<1_iCq}H~9XSCR3B+`XP@a8Plt$G?ixj7ZItg?+>1M
z)O=uXTDB=m<>v7=CFun$6(Pldtf3kh?2RH?GvWxwa4zn7Si~~ATO?iQ<I#u;kr+(Z
zF+n6?EzdK5e)isgs=9XARJ{l|45B47GY;f7oO?VzH-9Z2QWYMW&Oh>i6rm<A@o4SF
z#iR7Wm6Ao4;lop$>srlftahm5Af0+G(6|++(iUW&Q_<deq&l?j`gWkHz!R(uP}>r+
zSVv@f>>;;#_V6}#e04t;F-l`H{1cNYqB=~|mE!d54j=2~5JgFX0xW?KdSIp$OX&lz
zno=Aoh6~!o_a{V7_$DqtdYN*BICW>~WPimTdrWrk?Q$NEaPw1f(9;&*_ru(<l6&6k
z)1B)};y<bl|5>|X?1-?|z&x!<JWG{cjzu&-2*=*<8YIK=BNUW2-`<9Eo}qu)K+Ku?
zY9Xzg!?<#L0My*^5T6G2z}SD>Ns5PUhEbYWExU|4!cQH9FKxACpBR))8sTl()~7I>
zpSRCLBMS`45H_<mm)~I^@OWYUwpgG<dm12RZlo*YJt>~8#IO;QAN7G|Ba$IIb;W58
z{lgX_w}}Oeh7BiDs;z$t3yo@3qt&L_Y(fTMePHSL%?!(e;#<tZ1a7tlfFli<T9EoL
zWs%}91;Y$iIwsktF5SN)w%BS?DGX68i~}$G)u=2m7&-~HhzPUW=H@A%*8nWlW;jQ6
zJE_w&F3VI)YSPE%tCQ`iC1@_dba$Q9%xbZdZL`Cz{JJ7mSo7_-m52=mx<A;Tjuvt4
zfiM)a1_;D~$8aJJY}NF)IDO}Csu=eTyXV<244eIK?4to0$sib22A{T8z^+$j<%`E9
z{|dt9#N)j3K&z!p$*~a%89ZQ{JWJ<=KH7}jWPo@E3710<o8=fBWP-aD=pQJvdHifc
zzxz`?i3#Q4)~+In3-E}vF4Ycy%O*OPuBTclf;>s$YpgqK_d)1wnZIzK<C7N3c7L$#
z9>+(=7T+--FACO{7v?{6nvTyU#bE+dJiT+BOVN#og9zTdx3MYHm96>D=H?@J3ER3_
z!zq>{Ys-;+V{IYVTLj_u5`1}ja{A@fFCt1kuzo3RZ8?XoCYX00elW!wo!rWBD$0>G
z=J~Huq1E)Oy^?~%?G!kOfb&bYP?o0@ZGjX#&OyT&9>_%!LIKxN2SAO~L?)H5$xMo;
zCxnTcNI-`0Xq3WyoO%uNq4iD>t}46xd#A?{mxwXK+d0Tx5l$w`MBh@JO~VGUt&kut
z^erJzu)>J)<GtOKPXvssFjOZ2Zt5#T=yDF88LuakckF`1ELsrOBZd6&PKt<-AvA&W
zvRp38jM&}Ng9v{6aR2z=Xfla7?4K1d?-D7z2}l}Dwd|v=1x0CIrPs7Af#88xd3=^y
zGu%pK*1_bHlvRu897zHgg>FC?c_ThC1}0@EF@-qupwt=6`bngb0FbI8Myb@R#7U-H
zJV8sLZ@6acK1-1uAC~%>Ob}&;8$k}c2(IyYcixPSYJgB$lsB1=N4~f?^dyC}xhJVK
zzmJ-dVzMVUW9)$ryPb&^qss7JX(nL-j5oNU<tgEF_DNSCqNxPU&n3FG$RsHp49i#_
z)#l4Fuw(e{im+yt(=DQOyNGezMM5zc>f+f$Bv3;2HG!}_MHcO*#1}>>RTtqjiFlJb
znE1j+N-<sd3i8fBRJJ<i4b{=wX1jnWJ7fTSs)6*GQ+S=H^tZTF=@TY(So0x)5Z{7F
zF}bW4C{l_y0U&!L!>VP&kT(-T&QJqtdiJpzpc*8s`jWPVO9M{>q^Hk%PiAqaU3JvW
zYD4xaji2SBNpVKzMKJ(v>pg>W#2=QQxG`Xf(FS1Yi*+^-{cnScRk19nbjLieitHxP
zvWVvLfy8$^GSo8AxD`KbCi|h}Mw+??TNwu~%ZSOoU}->S*DdICvxGd{ZJ-ROwhKF7
zgT+?Ufa*+X%#939n07>6<fI6vxv`=$?5s0shUx|qGN%Rt>n)maI+EPqv&DSO_GHE4
zW-n@?j?UXmk>oN@UqTw0m;jzn(t_$h|1fG)#|sc-B0~&zjU6_fq}{bW#8^rr9A@&7
zCv4eG4yC8w0Aj9yPvgM2Y1}Eh+Dq$Hct_;Q2U*eO6PF5h$(T_fx%lHw8KD`YJqg1J
z{A^;TVrC@klP3{7ox_gFhN<7JZT-7F9O_3FPlU1f=lAH5{uQchVheVlh(7abN&06C
z8lc~FA5_pJ77F;Oq|gugN3RlK4YnqPxghi0PN9LmcV;13QdwZ*6sKm`5e=Rx1C#}o
zONwAFq4TRw!t6<(Npt?(gX+15)N9GGkqBF+qar-m3AvM}xhK!+_Q`}V=cz^v<YabX
zmHREiBdSo#%Sa%Q4m+ISViYe|%Di@;u_~~!nF2zH6qNCp(v~%W3Ro*C4EjNYPf~2+
z8P?Gy#7iR1am5_*6>?*Hz?+kl?PUMx;8_iTcR;y-xy?{dv-DVri;0I(!odE>?4(-b
zX^;g#aQjVek)_%4l~+LbIfFQ7#bJd70IadWFbJ4<NES?JxVVl@__zt82TO;zwIH<B
zf><57h}v@#$5h9T3qev$YkLFDwN;Peqz)SeOz_>v5D%|S%wk21?~#?A#a4JdUPqL4
zT_Up@a(x7knxm_jRz%5R4w>T6s$+2Wt4=b}W|n7wQ5iviiOt%xIwvO?NLBkmF*uK<
zJ1{7h7DPVl`8m`-9IBG}h6P+z+rruU8KX%qS1T#NMH(?R*cM5CmPRZj!ek3jHYf>*
zUli(?*jK8SfORK%*D^phy94WawJ^GKDp~H@X@%Ao_Zz3x_;d!X!$E2F?6lf`>~t!9
z(W#n5VE7Q7;bY0Q9vfj-aR0HCynZh-fj!<P&CSlnDPP!4c69jM5_lbHfmQuG1=uzE
zA&Y+gpntUa^!tPUIX>Kh4WqK@#&G($+CQPW$&>jf8qMaD?hw{cA6-F!tcur0IJenR
zM2Da(L=fxLW;B51q6>1O16|<thsPXL%1`AIHf-3l00D%Zuz+UTMid<^-`y~i<WznG
zj5}6NI&VJ1YUfe{9`h%(ymzpZx*-Q95mX92izou82=4Zb&`vNM##WD>*c3B$UO86H
zcPAc9mH~=lM92XY?}!MA*la$T2na4%T6(Q&UG%fwf+!`~DG30tS;S<f*#PYFY;w!x
z!C2c;_wp_Hy&DG>y7g@Pcz-A22(KVwThPDbU8N&TGxru#MOfVGX!@i&VbS8&eDi5F
z-g?SvJ=NRCBMiWwVk3=Y=^3VyPg&{YzP^s<Lq^Az3A<C8SbDsH%gsQ7td36Xd$}pP
zzw@+u%Db(n6{igUB9?tx9dD;=;jNJ(HJ_oVkVn5-L`o1cnmxd^x<!tM9#DEv)|{^i
zQ6BTC;u%g&r(xBMSC+(bOTEw0vW-!rD!*yB+<kV7H6@X*2a#iW;A97@RweG}IZp~7
z6ycMD1QbOhSjIREQxy4@DtXA?`YvOAT5a%&j>;4j3T*H<PIGjhuhJ8%C&}Z-1~q%d
zU6P?5`e9e&#hbv?e>z;13`pU+><5bnzD8t0{QMs&WvsuQDVzS-Ly(Ld0Z|MNDcHc(
zd9`Q%vUf}KTqQ7%mXt;ykj=8C$+fxy`l@H?IlbBz5Nx3fThDy`<zi3=u}#dqM}ucZ
zI3A!zn)||dW|x1K08tjjziOqYxW03Xa>)~Uueo0bnTXWiNHnts?4U;ufM9z-C>mc<
zj=aq{Uwcd+#nurVdEkuA49?DF2jVe1-HIg=%bC^0;&iybpFw)F+W;s}PKLeAksGM}
z5UKgceZ8fj^JS7{m0%~yCFDBdsnOuD1SMBCB}mhZmx0y86Z>p%3{j$W^TDB;E4K!_
zBSzvXucW*1Y)$0()WayDix$@^By<kZxugC?dM)vwDfDguj$geg@vs`nu?>kBkUnot
zxNI^6eK9%8U<o4KG#`Nrh&tg?kAT2}y0uTPoLVAP`I8_@7dZzzBkbXUJQGyw_it<+
zjP?e@XBEVM>*#nlq9R);-Rvt1why@3X{0r5P$v58L!*)@i1m94;Tq4Bcha-Nzxl2*
zsaT5Z%f<VV__zp9!<&CPx&Dv}z?iZiDZ;fjg@PqaQNG)8_$<PQ5BJe<X25<MaFqKd
zg3QW1s~Eip#*0Ts;vIx=-v8?p0w!j9970b6v4QP(Z2vlAXR;=Xn=BZCgGC@v_PedB
zRylbG2lFr<DY&2@zD4vyPV@e0(;xt^P4&Z5E%^ht7ln#oH{oG<Bu>GD96ZTEQBTi`
zn#h~*$7%ItM8Nv6=5nI=*ng&GZ-u9nEfl0Q!=frx7_+3_q&TdV#Hz{0qCPsr26?Yj
zK1SDwuVPqP)FOP4NnHVh;SQ_HoUv&el6#TL7p_dLr@0{Q%ein}LW_)gI0FnlWx`Mb
z)$1~@(QAX^jJ&Q%^1?E%nsX{O_+_JjrESYrsVhlrUj`V9hWnX12YiH?A{UTkzMUcU
zQf82=P;;FAEKNXolQwcy$|-tY)ByO!RV$e@X#!S`9%2B^%d-p~bwN5aat5S|IYJ*c
z>={c2Vb_RYB*%~VE^LmCSp>g-W!P~SlmwnRk9vF06(&4N$#9nl^rg_XI-5q&mnW%U
z8a1jV_L_VV)a8v(c7PguCu18>c0-b`W}R$bR}*J2oOv7Mir$=s+f0re)p!LB)V_vO
z(a+I9PhS->J9i7|t8cOO!DZL>3sCo?0j0v6W#2?JUOr@{oP_!cfNJ3Cg;Yf$=EVHZ
zDGc4J!{70Q2#XZUBbCL~4Q#o_qj^5tpsXcGj8OuM+3^fG>Q_Feyg2DsBwZepU`UX9
z<0#_q(W1A4XmwE<%jh?vi3((3A_Ey<bRb8WBZ(X`px)30D0XxP*?qMr72PU8>RsNG
zxoF;$872>pF$}~7aD*~=;ZDV6b95K44Rxw^Y>uV<nE@c2-YOm!dGe0T*|^0OIhH4#
zJGO}+(!6S2cuFfOq-h==%cQIT#MleaUUIZrfY>|Dn6AwQWa~+8LKi-rS*gXQtkRa9
zdrnU8QwtQy(;}xlz-SP0qUCs;Q3WK9m;lvhP5{F1we8v(xa4w-h;zO*0Y){M#goX9
zs%hq0oqmfCC-v2AF9N~AS9wTKlpP&GEzy0p?8Fj8A(ep{-N9vwf=&AxLG}&Ks;EY+
z{XjN>TkaQ}WEAQ3mMmaYV)8S5_R?~Z@Zj(XFGC9eIg6OFl8=+0BsIRry7RWzDOKta
z*A^+1n?NB51)9J|Z9v^uJE3>Jr7vp5d!<l5M%<2im-mzRj+KHV?xmCC1DJC638a<;
zKSjc*U+<}Fp%mZe%B<J-3Xkj1(leOQA+$1z<OT(q>YrtEXrmC5qaS8PKh7aIPADz~
zV93YpeqBfWM9GQMI)!OcQQdv?E1|Z2)p_T$Et<^ol#(XY3qeLKU4}e@oa&!Z93!G1
z0t}9a51}}87dj9??brw(rHp>QaNMcXjs2(k@sp23<`EH5<`ne7q{!5hca>+Ve^jG>
zSEqwVe6ecq=zs_;xHG*;cB{LmF~Llhv)9G7ETyEIcQ;{}Z*Wm*Qdrw$CRmXx>7A>g
z46L^Fb+=s|UuMasAohX?$wqtHVBpF43L`Wh^jDU&#qgfZ3u<2(^a-Q!_JQ9#o{~*(
z?rR`EYq!ujk*w*ufn^Dk!g?wuUziCq>nMwB0)0zkd2?hJ7f86pHETxs@Z{X(={I*a
zPU8Gjn`TfTvFf8FbY|L7$J7xQ4%N}P22#n+>3D2&z-%NG;|k~^E?wihqGq3pE3G%Z
zYzyfURRTI-zjl>FXwG=jD;bEzb@3xSTXKnz{G9hEA9EA4CtUu@2}eo(*jPpH>>uK^
zt^kzU`vQ#IAQwvFR`zWH41@RvPz$w_3oagWEk0JeEz?@Q46j2RxQ;Oln{;hM$ZN3T
z;XZuYKDn-+PI;+6oh}K(CIGa-5$?)$w2ZBQ$mY~6)7>{e%$%H1QMrkU0%*-OAZ)<~
z^DGHY<Ys#Pc+gIFUZG4LFBz^y?ot`kNLWs;Nm0@?;Et+war$f94iX)()i%H{5N)W=
z|6E8h8)BRele#`gtQ$Z@12tn_1L~0mL`#|kSWd|`+d~9A&IHfR3wM1*4Cz*vGr&U|
zd<)!tFJnH2oFk{p5YA&-zJf|Q5dB>yQ>m_o4Tr-(CVVG&I8pw`Wwq%`xMJ^-pn1Mw
z1Z=0>g0_r~QwmLb$S2#C84g*ThU25#I*K*!)5GzA?*!<c;DA*fdLCrM)Zs?~%v;Da
zS&wD=9+L>gTSOr12J-+-W6$rDqcj;250K6A1qPNO1yqR%5(G7Ns*Z)rs2V`8>hNR9
zFH~l7w8aZ<Vjf;SM1JTo%^J;Y?^{~)^T5yKluerq0$yZNw^Dv}j6I`+IVg7>l^cze
zLZ9yGy}JBJ>F7k<k|N*o>Ju{oxtxhAq{ykYue=y2V`{IZpRHQDS;(j4ukjfRqb0RM
zD1!%~Bg!CE?jpYobID$gTb|>6?&^$0dk5O#k<Ew4pjjQQ4MP?;IXn(fG3Yvk>T~cn
zp1-5nh!eGa!pg>k4`HqypX}6G@RlY0h&g7ECnP(HZKz;fOl0u{52qCQJsviR_!~#5
zT*7W54Jfj(VrBHGNE*kRJ!=oQ26bFs5b6jul+kICw0H_q)){%vBB#7tv{66Zv#LcM
zuo7pY#i)2F`89;6wo@Kur8z^Ey4Y+kJf>BG510RF7U_VisE5Ucu>B40c{1sDDB1+h
zHy$A3;eX{&Dh+9yu^Xc%eb65H6fi(f#fOhe*N0u8gy&sorVyU?OdR*qtpj}f(OFpo
zYz@HPAK=C0cOyl-ySFC@NKbyK?k!#4I^_3<A1eO$%BAXYRek%g!l0)*s{W$-l>eUC
ze^;uV>T-2ZO{%?WzZzCos>5nTu21>hC4RX&=6Bz69g{L3Gy-<H!bflQh<q2GtXH?I
zrD~)4RW(=5SC=gR0lB7xe_j0<bskyDZ&G--dRl#4{oRa|zpEDM&p~fJe^!_Kv#R=X
zom}b>o{!0`e-$6n`%C;iH0Y3jj}4+xD80IPpS~_uDEEj(i4mi@L|M;$g>dA*M9Ks>
zUxlbXvYLj(4+#yZ@sONe-z7$g5d<}A9xpLBqv{!Bzwp`$JvgS!aaCP?KndJ`llRCV
zyc@KZJ@+N+&mn7}{$C=;F8@}qZ&Q<UPN}c@#pUY4h3fggtXC`58p+Yoa=J&=xbo>9
z+VCT+;pM46E7!S~;p%yoq21SN^+sBbpFF*<d{%v4RlnS%zOhZwrRpxfPneneOyHPh
zI;^TUHBY}b#Jg1eR+IWx8}hWOUcFR(LK>lqBT)7)*g7Nqo8WW6S3vcps#?=RKH_ge
zOF{yNU#iw=@0dUJMN4+fqFqXe66m#WYc?d8a<HT~&p#V#XC|s$T%x!CEA{=D-W}1G
zF?9z%(XS68>?GsUgoG#bnP*`9Rqx@{9&|mlv79nmjR*ZUh+Mt3(MhY`yiJa0)i>ln
zU>mR<KRV}j|Ls|L7X4K3wb4WlykFX)dsX#mp5c;E?2}uor?oh=?Jt6`Q&nGg`>r}q
z$)i=oO*<`}GKK?2Bl4=1_I0)LZ)`O3R_|S>1(BHOm)73rt9tbYX(CS5Ya7)qNYiC-
z?*cV=c)q$?eNn_0s;|KKoPO1a>xFkC{~Q>(PwfvAVY={sq<BrUQoY_;soqK}^>Q1}
z9x@WXFT^;tzI(P7-j^|>6YefM@vZxmdz(`)e9+(Hz8uY7_vL8zyvQ-v?){G8j8<1i
zNY4m5C5DtZvZF>gcb*c$M;#PuVTTerMlOLn!j64Wp5I^RSNrMMFe@-SQ}=C44=V1l
zb5rYuvv!f!)o!_Z{$KjLB(kP%;i8#;53I|3Y=pcCg@m3*Lq4`MPuuTG^?LOmIJ^c7
zSY#XHLM!Dbv~Q9htfoQQa7VP_C#BAHk(p@y3pRsJ+v_5v&;N7ZzU?1Zo>AYEF{2*)
zJ1YDmuEX0}_igrrvl3zt*#GZ3)ESC(rezz}O7yaN|12h>dUubUo@0%gb|@+8I<2aA
zyp|?Y!io0IL0!UgtgsYE&}{!zuSWcx==6I>z0~sU+tkPTTD^k}d1|#$$Gf@iR&U;H
z#;KbTM;*<y>b*QBwLj)R(dZqG>X+N}>@c;xN=h(O>+}#x^Kl6iI%<A}VjVu@qEm<J
z;+NF|R93%VKwqniUscx>e|4_<45k(igU~!FpIPXt=LUAosB!h`JSm^6<g1?(va;_F
z>#_MN-my7#=B|1_&r(n7hYo8qgx^!6=;^fjy;kOoc~Ebw2eap)pJl(q9O=JbvzeS}
zzXTsCh~mz;Yu$yrqNEKReNT{n-lTe4tJx{>{_GNr?rqIbr_Af$(mS2QA8Q8KM?HBy
zj@FiK-JMbI<IJj0ya!_Og<sn78bOzbYxXD7Z^I$pZuO%`D@G8|`;@ppqXcO^C2n#7
zxH)6YQ7d_RN?xa}?HO&61`Wuw7d0(XW-y}+X`jZ--UpXOXLQ|iE^3`Q6gMQEcnnOZ
zVf9HjpXRrlllh&~Ma@^UTdKEqqhgLB(f<{8rnvV7jln2XPkL`T_6z0aXO<(qw;Z>E
z-gbb$wP%z^*S+hE`6--Qm2iHNct+>9brIcB%kLkj84$nf&~>A{x=&Oe=5Sf=QuViB
z?G0MFRQ)|vp<73JmQ^2@vA%ldjaE{V(WvJ9<sMY8NR&{$A8VHPSCPj~Ce_fP;U78;
zS6WG>ZX{ZrDEV7r7lw>%&bZuT&0q({$`mkB>2^McHS>J|oqp7+Pq21bhc(My15esz
z1#6a_2l9C<pTpYu#NjvVb6&lf&w1S@>?&={HQGHPJ_r7n`7$hzL$HOOvJPwJ`+}Th
z|5R46b{h_Bmc7=K&tYZ0d2+Sea9Fbq!LGIXqSft|6|7m-Pv+)09M;Ttwfd6rHS;;l
z^1Z2ZU3hyJ8fW|R%{ZxQ2t1QGCfy4!K@mM4yXB(evHyxvIai@y&AWbuZ~p7)!Yjo!
zXVpc=AN^{+{P&vu3WpTexT}kfE7e6GUj?5tZ}s~)s`p|HJ-o+zF`AyV_xpG4I(2I`
zoiq4`QTuHe&h>*b)_ebbM`ucxZ?E3&!bES5$ertyuuZopKZB}7RdPBCY0{b!it1Az
zMK|RRR9ZK&ph8Y5tFHsz*Z-2g6nECWyH&puMeepHnSkh<t}xZ>jhLMS-4eIRE$P%P
z@b9~H9(8m1dDH{vJlf{k<?@RGv%;COrW;{!KDuN{t|Jamm@PSn=hG-%vho;s$U4fo
zH-79RpV?ez%v@_me-rRaJ?#Xye%5R@M-jD$l&5<BpEl^G1`-$O7Y{&#UaU6xZ-uSB
z$+2{g-@l*^vD}wTtm2Ys-9N`nho(Z;{zJQ}w<j!5<~I2b$o~YU)sN?9_Zv(9u8^gf
zo|fH^qM5SD0!aw5k9cJf6w_h4%0|={Zsx3BS<`XN7VV^b(!T-ofu2Q~l@Y%s+6%Eq
zWyG%m`BfR~6N}Ift7n;dgoF~fcs&isLURNXnB@F3>gDpOu`gFbFxP23;G%e^s@~WI
zZO0~c&?c>}dRtmsv8tDPHt3}Wp%L0Uo2{AA)_7uD0&yWsoi5AD;n#;os$Eh#WnS~G
za*u<iy7(W#H7*lxIc&*rN`gjM=r{f&tD41=)jK|pPJM57AirG!H*{ehfXzP3SGcli
zdr8<Uc3VuQv<hOl`9``OS}x$M-non*(*L{8j<^Y4-DPwaUJEFCh!1kO%<~;0OI?D=
z{Z`JQU9~LO`(0R3;<vhp9VBuyre6}9#>G90%p{%|T90GqP4GJB!V0m|I(R3H@e*~2
zs7c7?+9AoLB+RuHT{uq(<=(FTh7ziwy7-6?huem;x{s+@s~=jQj04{L%cLAx4NXCe
z_e^V{T9p@l(c5AzZh{XRtl9!cgG3P3Z|<hCNL;wYSTGZ#%p|R+x7buX=&;hxt-fAj
zJ{@C~PwUUaSX%SmX_h1cm(a(FyYNDqEGa)wmAt9_vO!Ivdtzm(t8IwLxCBm`ZBaXk
zG+kSGnG#;tg-@Ki-UpMeR}YNNYAh>YpQ!B({+5gaudoy5nTxCZ&4Wi*m;;!cn>ua|
z>s9q0tIcED_LX%?DyBfIDqWkeyZS4!iH)aI_f@osFRt6!p$F9BN21mBX}?k@R(9X!
zLAa>iFqhY6<qupHE(uFi=G1yEsi+iI%^6vMNv*yY25UW??kMEDcS;RXd<5=mx5Roo
z?yB|}NtsI})z@}=b84^EhdBwnK9zXrdvNsk{I>sdMl9;|8EfYe<<&S`WN?>$jSYv6
zeYLFqZW%#V8A0sh<#bkif4cdFzY-D%Lzf9@zs>58N{f{cE2p_XPkxP}q!BObkBiQN
z9yo60{&bnQOYDrcN+sv-j<@eTJ3D`09pK%^O}GTanmg?+#}waH|DmcDn>k+;lWJP0
zue0z6a9`CcA2Zuh&H647g-+_)*ZvH90spTWtK}w3-^UGv+I16Zvq3$v^YXbM{MQMi
z(ozTL{L|R9n<95LYOYl59??;qnVJcw-MQXim7|WP!nf}dQLSjN2c-<1ig+VGzx=Ed
z|KqzlTJYZ|lssmC|JYhI5~utcPjxjEl72q8ekbU8o|)#Tq$cR4<d>I>|B4gFaYwY+
z*C*3E!_Mdb+=u$whD~i^5Y#0)?2L>UeGzdraEGuTMq#{>7f0*`ZaGX#xe1|}a#VO7
zQR)hWH9Flb?-QlLOY<8VQ7x*Qb!bcb#PuEd)O`j)3x+ec*6a<tS*zC6s<TCB5j5FE
z_|5Ko`DM}2ztO9=<GP~5TdcM9@`3UT;l-9XVaQBCpluLrkBb5K16u5cww{-htXDZ;
zT^8CzM2D7EE7q)ugw~Tz8SlqqI~=w4-b#b0H_B)fU7U)(E6v)u?0pj%J7BidU$JHV
z^HzP_-(y!}#vx|)V#Q$>miGg<T(jreuQgc18<OO_6{%tulUDuW8X=gOS6zQjuGc-3
zq(*hjWJM{KBt<Ef^kHv_Npq%q*<?E$^evdlsTwesSypd0nOA!8vHCS%eM_C2ST*=~
zbRE!0|B80vvR%F1m($B%J$Lzb&gzqxk8||ko&LPlr{zqZqn`I>=g)O%9bTrcZvLpt
zSMmIH_2rMc90$%{S6}|>!~S_(v`b)(#UIa}rCB+<bI_l&Z-o6h`}*I?d9}G8g!|{1
zpATMCs%q6M>Fvwc+bz|s*Z1Yi*4tOA>g<k0dEW8gXd~9X>fHsYOr2J)Xfv(3hRw9*
zsx{N*>RBwPqv@wTU#FkH?8C#NY@J^AwVU4TZ#TW!=OX>%HqDG4HsJ^YK5atsNSpA_
z5ZzoucyQrz6Q1*{^=2Bif7yhbo%=F0{WJc<T5Vxgxh7n_s>{6YZ2UdWV_4VU`MK_w
zKyhpN8rT&sNC+Y=vTD$IE}qQUNpXK-n~$+ADQhgRmDOAyv+aTro&CC0W>JoWHy0M$
zwqo9QvFu^TC#GFOnGk;bff1-KzZ_H_c1v_Gbk*;~rKt}k7p054gdLgv@8?j&gJxk!
zvMyW`CzYA(((0_6JFZOq^?!hY)xT{p-RHl1^;hK0=<br)^7Guqn#^9+%W~>IcD~8d
z#CRVju%EST@1qT-8yEG41}-Di;_p|!psOsyuO-L-x+{Njw!b~${c}*gCfTH0vsJ5o
z%icst)#~z`_W0aNJTZ+cKNV4p1$|rn@tc~^Hp#Bu&8yYC{Z<!!2CFa2d%H{2+-BZo
zf|4lu=F-T;&|WfvaN)IFu6kSZDk;88MZNWEDI~;8J*gY?RWh&<tYjF1WSxaZ^gZ^5
z)%#-D`)ao_|AHL9_&v;XY~$+fC8V%-_)ny=W>G)<4tZqAx3z`5<#PLfgk=1q0=EaY
z0VT(a8$NR0kGs;)88_%(_QTha2(7|ES6?pKT*m7J$ucB0D6u*u3Nbc~_`>gWRS|ZU
z#Ku=XWaWW%{WvUQqIq`n<tfJ8<(fC~Hwdb=JY(ky=YCwvwt^q%Vk)_*dZfKl9wL_G
zl|KhsUA$ENFZ!L+Jo&ZC<tJ@(yV#Z5*ZQk|aflT9BV<OJ7p<^_2@(T@^w#lQW<QdC
zYX?b|l(Ai9W%UY%e3~Wt+6SUrI`UK^Us5wxRc}U)&2-FEzm$=t(;OWQl7Rbe(P+?4
zyshzhPh|Y4@{Hl_tPxdPE<M&^+00v~yzRmT9l1sRk2C|iw(jzu+Lq8mS72A@N;_(O
zcvlyD<?)#)YWP?+XgA7y(?{%jf-t8K%2R!)oaGUwe3EoOqP4*2>RLOOM&x@_I8l}n
zZ4ouqx`4Gel}~4p*2Z<YWe)8mt)k{QFh=`9$1QKOs9E%idKTI}kOEsX(yUD@A~r!|
zuD)!Sk@(2*MnbPoTV*w0!o}*7cDZiv>bzIQ?v#&JV%F6Y(c_@-!amK3+Nf-W%UPGe
zK^P=Gw#zVOqg`DVR5c1?oMvCLb4`2ES6#w3rJ(7oSG~-gF|5dWFHGcwWfIf5yjVL-
z>$$_+i~Z7G91`!FYq4>T)%5db^i%kz711pJh<aAe?$_DtSNG<({k=J7>1${Ap^FQ3
zyL0{Ro>5{^whlTWMCWGbD@CCtzOyf0o8!d%j6XC;?+7P$nSbB$+J#1$-%-DM;I9Z?
zy<#~3R!{mb5UBnFdxCTZx>(pB<w*SMk5RU1&8dYr8LfJ}sH@&{F`%g1J-bHey`$S|
zRIfYjbS$o3`3_#?!rPhFi+9w{Vz1m(3%YLjYlMu?17^<mx<3RHr3nqG)<oq)XiYt@
z<N3GV|J5rtGv8|l%6+Ik;#`hvjlE`3H0?sw==8()iAt-*zW!DFKdo-9VVo<PdA(Mg
z(b8Wv&jHaKf8h})r}W1%NS0-Z@F(h154DnNsifgiLv^#{el#<F8Ptkut@nU5uZU4w
ziKQP@7ashyx$t>*OC9YKwL0L{ZSW9H9?RECyUDqFw^0#Q9WaZIq2-GC>Fl`;D|+h{
zraIOC(e*y?{V;;x-DlscCz&^&#qWqFyCzEcb%N+ur<_jdhgcB!eB@fIUwjWO5C^1u
zS_!o!%oV**@3nSZ;x9_TfMDVyoy~2l5be)=&9-@2X~MGB$xYmJBD7D#u5zjR`sHiU
zSVg^u;=F!DFP!hz9K?BCeXSJ`7p?ga{tI8iUMkPCXol#TINlPc-Dad+sykX?o!g-J
z{n|L)UMn2!BdwEjLF${UR#aX+5CybVSk?TM(7tsj`z<P<J<-HBX!}OAsa|SFd8?wM
z(!`3kWjY+<i(T^hTQYG9&9$V?-*<cG*z0o@+^XZF^RwcT!VvPTRiXCb&s%$Uy)-MD
zFXzD|i;3Mn>y{>3q|+wUY?|ff4W2rGvx$~`(NZ!d>r~I!6|>Zt(Qmy!FSk~H^YRnh
z>4l!4IR_~mq)$tmiI$W#XDc<Ww|2Bz*Z%0cXIJmvvs#<CDp}p>=2kt~q>eUDm)NDT
zYF=H)D17oeZnWt)K2hClJ>@5_pY=<Yq7zwrc$I%Oi`A02*|;P6{Y3n-b1pv5qIg<2
zudR($A0RUAuUj*k<ym=lV)b+~mh&0AiuwLBW<&lR0<PS7w~0Cl=e$?qqmU##%D5=1
zJ*{-lc9pKyNNbbr!+fq(yYTiBk~i^b$`dC?U}ChTd2n$ieSGrMabGjxoSXXDHy2Jx
zGS@}Be>H1&<wwt5V*y`7oq@s|&5dwinOKyf=D&}WrhHR#suKMo@t0{UR=#&W$Fo}Z
z+m&|a&(#((m)qSwWDM=@31L@%|Cl%AVrypE)8(=36k2o%luH#P0clF4&Ze4H1J-?_
zQnA-1=@7r)XKiHpmsWZtYA@3&qgpBX*|J4hbcK5W;ipc*l5^57@tZu-MS2nvoJ+<t
zI6viioL30EpS9O7eA+h}(J}4d%)4q%gkjaSzWl;-&6#*3Z+9u}gAMxY@|o&u?Z%Le
zI=#_q>6W8C5F-fc<W~LuJkI9*<|^gYtEN<;<d)R>i_Y@u`v>GIB_**-`&L~0v&}a-
z-N-a0Q&F9--IGRr*1bnK6<FpcN*+D;!u^=DHigJkRXvTHk4CDs@KZ;(f}Qk``~iIq
zK4w(s(4N%!1@=Av-~TjC`BmcBm^j~1I>=qbBgE9kJ5YyARDAY8V&Y`Lt_|UbXrQ;2
zDULEnL2BJ-ZtUh3{c)35Ej8KmF5{;0mE^=1Iv+;r*CsiRZNu^fF<TV%Ud)U7?q+j&
z(Y*%M>4@he4MsY-4|**>eW~71AHo=%_P#C2L=YRFB_VO{i#9-)iJVEAr+4Z5%am!d
z@%h;7>x<7zb5<D3^M74uFNxZ_L@+Eh`#YH@<@^KdUqDePO_a+njc<MaPyaq$Y2Xru
ztJ08bbNdmf?mG+8CL=CV(p)RgERvMjAx)Wx3bVc>lG!HRfl23Skvbmq(VP%UyK=x8
zsF&*5^M45>+@Y&(C?G1Qjd_XZbA4JoCqllVVsojqbGv$Z<BlX|O{D83{FGH&=CSMf
zzxk0KbSlq|t}kKxH+!yveVf&2tXp?&+jFR0^3Ogif9j^o4Nf<{^<HF@>K}f408RAt
z71BLJw|zs$w~shd<Va`T_N3$mNR%cb8SQg6tgCY$gd;BHb_7?SW5v%;B^cdl+*?J+
zN*^~FnM+Ac@H%dduC3)3=#GbhHa=RF6Vix0J8vZ&x+LruK3z{^zh2LXYRWT_b>h;9
zSD#8BzSioYa;xS`=)J}3xt7ehtT(*=$WdK%1JUZW@BoN>|M~wAHin4R&n}TivESWm
zglLUUwYUoEYN}_9cNvh_-IeNhJQQ+E(G?(1=$H$3y0*p5&be4x^~dH7k!-M++N!QD
z4(gK!woIES)-Q`K)&6X|>uWQ?Ha*|!!Dt@~tmzaQNo`h+pewFz_v9~Rw(z}k4X)nL
zEsHIlMG=Bx#Iw1wl(?;<w8$4$`}$k<F_(;!xWCQngT9*b$PYOwR+t6NgOEFDVAR^=
zHTv6NV{JLv=ua<6jPsXn=ik?c2!b%L<gBRw`9Ck&?i2H<E^6u(R^~iyO)AvfpN`Uw
z`2H&G{AY*jm(`7b^>GS6%cD!P^d~;Nc&O{=O1(R7ZZIKn`P9~5<uHwDi(E|-be}r3
zkEGzyUNLhVv!9Q0ebXIv+3xy4#A=iE3SrSAOCr8S_+&Y(z75h#;a8InE1p@s@*jAx
z#yfGLfLB>oDEb<*MRohYBw9jehele+9hE~HJl5KgJf^O1aIpnLzak^ZjBDTkCz-g)
z@=V|)yLQ%u<vP88S#wK$zb_|GCreD8ZyP^xe5udwZ{T}_*&Mbf-Y*|{c6Avj+tfa3
zpU8f~{hCpau&~RdC$XB(|80?JZodQ4#3^fRSq&kShdPJ47lI$(H5b`Bi~oOa+WG_+
z(YMwj(IP(mgt|*rx(8&w2sN)`PQKb#Lsoh44U-|MNz|@`w7+ke*Y%^tXJ324u~_=Y
zOKfcE1VsO|h2b)OcbAZ43p&h%=i;|qvXgIIv({D<D4dYBkfarUg@}zV3abM`{q>8B
z*W1+R1TD^53dW5!W|K_$yFuAhX>U6A>F85mg)mPEe_*a)&E4j-nesoAD!4}O=;Rvc
z&~a;gE(vr<yY(ye6~4QpG&Wg~URV-I%*3iBRZgf%skyI?_TC{qi*a4JmUmc5zs^x|
zaTe+R2E5iC+Ub$T-zDFd#F+e2Bw3ft(0e+8mQ9)wWTaNw^Fc3!SHha+s9nk(_h;d%
zu)}#^Nxn06$|G&k5>|hIlTuwO-ed?u9}#O+QaSC^d=JQUST$r_A}!r+)46^U<1AZ@
z+}AF%dkOE~(49pVBJN(d`uGl-fkkFC@7Pb-e|ik&LM*L?u&2VaL)UUMm<8W6v+lQy
z;djk7lLp;aTpW*+Pwf)XclD%P!x<yFw`Apl1UuKHIh9`6u|qXyit~b*x!vqx^hW+W
z%C$LH-@b3wb@pfjM`xc-aody=<my|wbrU6!)?c(zH1mWJYwX!#Sq}s?le4H|Q}02&
zkF?`dm(x0x6!xeE#|A&}WMQd`PDpw))t}u~2Mhn!pTszK+vYd=*I(=5mg~M#MOX7p
zSu|YKT_=$CWX9&^j$@qPFWY)*WKB96691PSom$pDpzdj|JNM0L+RxXX^Jsoz(&qj;
zW0&?-7@#X}d6hb1Mr4Ji*^{kCKONG1<^J~XVp@9sPk{<z^+Zye8@Ihxa+SJIIO7oJ
z0KqC~v#N6<(&yS*&;RdPozN)U4P@3}zibzRUW-<^Wkz4OwY#I!PQP56;#jDa(SU>x
zOXO^GoWZ^QF(#2Vuimx3`z-m&I=%26<Ge+)?f(gTM*i^GQqo=D<Jz6>=cHLC&#bpZ
z%a3AZN*nl>-A&C_oh$5V>u*;R3I=AM55@ZEmY>1y_hB{-D|Y$X@;T7iX;63d{WL3T
zd;VYB$NOw{q<{N5JEQHdh4KY<Ly(Yoh|w%}?5uib58n?d7I`fu-uM3Ono3miL932n
zx)M9`PTRqZ;+WpO<5IA;s<V2}*?ny*NdrXqWQ?tvt9OSmGQBAu%D_=`A+{hN=1UwX
z>ZLX$3QwLcNb06>sXiTAKtI+9HFvq(J?iQj_*B2_pNm`cQRJa|Lu1N{-s(LeLAZ3g
zk;dX%sQOT2llhNJ9@WEd2}>BTL&^Xmf5?ajvqrqK(!;FjkO;YFY#Xh3$W_Du$8m2;
zgnNCpl&cuE=(nlf2vQ*O=`19;bK1uA*tA}cMCvl0*1StK?P3VW-K?t4#6XO?ua|Hj
z6Me0tMymM*FUCKm)v`5>Q3OQV%v1X4{d`etT4QJDb%l^@P5lx^{nU{$qiCvMRQt=0
zfLbwa(1k#&@#E*6dcH2}`4RnCl|!SApQ9&>&6<8hUlwI9y;}F>N7S&|tRb!=WliV7
zXXf=4eN3tPh5r5=TG`zLCc}T#-9d3_e$7X3&^I#1So}5bm6y<ZS;!t^mUwQ^%j&a4
z0mA8co*{Z5?oC*&i%z&7yKq~QGhIU3#@4}jiyDhQbOi^_n8!0KOt@BGR9Ez(ZKu$w
z>D!;HreF+perQeP5nEsF@&Bq{;LG~iXT(-*uWMeM1rM4h`tIyzA1~a;sLVc{I~T00
zItSZ~r&dT5C}@0>D_{(mft^*V|9tDz^89}|2U^MzLpe07ia0KW5F)5AH(B|paJFY?
zH`bVVXH=qv^GrWe@%+E9&<UNlUfe^vqv$f+tU5R@e}XWpfmxS^HpXg|b$xLCq@OW<
zzAn?Fz`7E1a?Nync%72Eln+^FuglALeQwS36S3>BTtK^IbEEwmldGP)B~)`1I!9c{
zJ4@uR6OrDptx!XWp=Z_Tz34|Nt8FVv3$OE>PT`u`c11B3^;C~5#j|O*=*-uw>+BY4
z3L9!WlxZJ-<Z~O>ra)xp65_#s$=&F>t_!19OQG_*-sCN8Oy6%XlbO3IOS$NA_6+Nu
zPzrxLg2q31-MN<%(YaVuTTG%hH}}gM?k8f>Km44dnbq5p18a#^CoezZz-+(d3o`_1
z)7lwA%fJ6qj5n`NYqVRU6j^XC0xc^8$5D;sC$8oner)~Pn?Gtk;V}Kc(7s$|bj}SQ
zwp0YMgZ0q5>|?dmT>qD^0siYBL|xkJpU>KU`qU?;?wkG09ro7)&HN(?n_c7hud@yv
zAAnHDMR!dCt4+~8C`(ycNZR7)@FfbSSoP{4)ig?|p%WQ12^T~w>y#Pyli4}ENIP4d
z8M*pun00QK1Em{-rjRU4STeg4G{3*KvsocpIE~&#J?H7!Pu{!F|KH|T&<f7diuI%7
z&nJe8DT)c4O<<kvXVQMZ+CYj~J?z$eE-}?FR}IgFa3ZdLsR_d(TK|Vqj~ZS_;+hl7
z>F7GEXH7JoJ!0($i8dPA?C1Y-zTt<mT)fz9ll(rbx$=&g`91NO`7t09fl{uV(7Zb&
ztI5jF=AA*Prpalm@~H2_W_{v5G<5fa>gYi(9I%(IHgoB2BrZlhs7w5&sc?=Pn0lax
zdBO8(2Z~FQBEEhMw(8fLax{UcfnGz)t)+7EnCn#zSL4&~+T*L1yW~&BE%#di#-?;L
zF-OF<D$e-C(Q;?p&Z+!-?J$D982KNAM#ULQJJ0{KPkQK^HKCd^-;2?St|hb&IS%JO
zrmWO_MLj=uFm!a%+=wqazB9`nZJ)jKg;2`j!bjS>DuJRdOl$U^wyt8g`0p=3<uU*2
zu)KuH+$ESF|F8PZ63Efra4y7YJFV5#XO|7&^s9RN&#B3m#&yMJck%748g=>9)giR9
zT~;ZtinrmOj&$*5d^2Am9We_{Eq@>TG<!BXB9oSdg0{YIXFu43M7%_eEq42-S^;!=
z{PoH?h5RbnB!NaE{`Q8gql?_NPC+1l8Z%MusF{TQ(I3BU-%%nS|C<vJnUl#Lx;q_m
zVjvT+tmA3l>l{g){J2aeZ|#>E3f=j>dwyhOmT^UBE}S^{Y2j*pZGW*98i_BG&SiJW
zV%ue7iPRu>hlI7L`J~eLRI-0r#K8G^?i*H{oc=EUlsb(#z!jXQSNW85W~jfH^yr<E
z$lhhubY|nq|2J~wfA$Ta$>bJg7gW~Ujadl(duBgc8(gG8r?%Gb#nQHtW62~?bqGIg
zHCy-Tm#g17it<){jur<oBf%@2cQoDgoiV28|FX{TWGXUSW#^l(+g;rm{nbrLW5fkG
z({}y|5>@zTC!e!*d4G~_Z0Twt6Yp>)reQxr$I_$;{fAq3irR<71-|Y5W97jwuD$wL
zv`jR{x$DK5w576f#sM$<c1`?Q)JSheB@NX&<WVg3?y~Ck8o6a)n+?(>!IjQMviq#Z
zob4!4&Y@&cP(A;@N&+*RT>5qDMVG048$g$F*Yt{4>k_QyWh*XiO|k?AZ!KAeMK*QO
z^5aVr>MzKD+9iVeTO84>-6eSY$eFeIc`h4ln@+k}RqEu)x<u_$xgF3DMKqdqltQJK
z=n8s3vC68iyh`-b`Vy<Ml-?QQmW=iHf6PUxzHiTkOQ*6-H)c-y6zw)4Scuxh4>;%0
z>$K+Y-R;%Clg1K8zuyw2Ei345mn?bf=k2rsLtZGt|9`~pjsyP3-uKE=sE?_933Pn^
zU;b2`3bLcl^;!P(5u`lBn!o?F$bJ`5mEuzyNLx9mRR7bM{^M&F-SFI@LTj_zvpQ}|
z`|sPeE)vkG+i|rYy!5pB(Gd?XsO#Hh_H^?qr?dBEm!nhf^Z)1Psrc;8Icw!!eh5s(
z)+PfFw-q81{rB~k!#tO3xa#8{7eQ?owK@eoi&xRmem==s`e@*T?oBapDI|^OBV7%t
z<40%LT1zMIz0CMEaW4=YJ$jk?bb9$Mw0#rTDJG6Hvlziu3I)>5>G?nTAiZ0{FI|Fl
zcj%XG_=a$8g5+CqWJ<m$DVJ){)msLpv!rBV*wqE^4jB4U1MVV_o44kxfzv@vN)svV
ziv8?mCbzpwo2`pkmRKPSU;WL;jFxY{Ov^!d+JcFfoh{W9M|ueB12MEEwC)m%gj=3?
zsTJt)UthM<xv}#<zH*BfabRwi)Rn`itNLKDa9yYwEWW1N^$jMd(<9XOs?WZa^vz9)
z$6^^}2I5R(KDlSHzGZ!^)ARq<$Ki%}G~d30LY2j5ciJT{8g~=9XO|Gl_Fp^N^X%mO
z|LfP$%^LM=KU?8#cy`y^+g?n-%MGe~>2473=l|{J8iq@Tf_=+Els{6pUk+(r4nu!V
z<jFE7aQz)2qqebMrD6=#JGyJH8}}=HjQmGyhgGk8zi&f*@bme)a)m%m-ZyhhxZ@{E
zP%S^s9M&|i^$j6GhJTuHv(YEX>?L+-qJ{UsPKK*ZCkB3sc$w7(6^))+sgGutiXCJ5
zK32XcslN1yKrQEQA8@MV=MOrEHFr8&N<Y<_$L4c;Z%5u{^f=@zJ}@P}?sNRNz&BAo
zPv2@5L^-OD&zJLa9(?#m0pqh*=|hI+EYBwo-)WYwKS1`YZVz;|_I`g(FBj-#`y*A+
zizb{88D31E8GA!VP=2{xy;bg!gmE8<+bvZB{j|RNI&N#R+2i1e8*$qxHJ+o0mhq&5
zr!uADKUxo{a{2MKWcxzuaQD8i8)J1-y%ZLe>+aYf;dk_*`wd;4>JkgNaHD#){-ob;
zx-E-iYh#j>C?a?g2i9d57lE`79iJbup6!`%S`((}hMRA9DLn6`SNiJpqsd2buDZuw
zcTj|2C0r5ZysQpb39;O~yxW&@)SBJ4uj$+;_ku3G;wvG~|1n%F&9SXAo1n)0MUN)Y
z8Dce_PhGh&P@|HidZ$Dl#jv^a2604gGp#dRW;A+t<s?=j6@T-D+lSY*gpw08ov#Mj
zsosjv3bkwDAhkC)Syaj6bVt*KX!&!W{j75~Hlu(LLHYC9SH0;AU(}qeJ)+IFs8!NH
z*Y&uzPS&^0%@Vz+ekD@xHn=L~1kn4h-m1?P-=`BqmdAYZo{vH3KoGl5?BaFz5H+W9
zYHr=qHxpcU{S%1bYhwtCAh(a<i&gO>L2K6Eb4Rn1tX$v&2;tGuOX=evF8a~x`U=F+
z=9de%$`PXaQ)TNJA8IZc9?iRQOO7HO$>h#*zZuWlLs4Dvd9Zb?0#~bVz{E}FM}`h7
zeBZTtdmS%c*UeUcDMLT%|E$#|>IlDI8`M*Md9P?&n=Zbx7h@7JZhGjl9=_EjI@Oyo
z&w>5b>+<y_Ph<M6-u2k!6klNXEYb6&>cXpwmXA+>yd`Es8tTjR&iiuVozHO))cm5Y
zYOLN=eYeTE%4~|jUwB0y6N`^l#0dQDqnzYwu4k=$54pQI;21x`HcPw8S1WL?OW3P-
zW~|Tqet2sAde(^#Rju&iQS03If$z?GeNbXXUy16XJ8rH%k$l6ihZ7hLIkMNa-)T|{
z-!5xb%BS^ONq2PPbS<cYt^IFblso9@myD}}+kdzVOzY65lwm{X+J^46q$#fGtHF0;
z9G>w$tNN?;PFt~WbzHmqsVoS2iJIT)!OGi`A-6xKp_%ssU6>?16eekP<Ffz~FzaN|
z=}=SBm#Qnfn&_?T!!}zQtWoTFTiai?*H(<HsB}Jf^{K!9U1T+UEW9h(U$+r#zNfI9
zZ#3z_1>4UX>}RJJ3pibD_t|%RAIoDkz8jc#mE9I5batV5OIX)}U398by(#K>k6m~J
zN+RY~tf=T#&@b&8n8Azp*`+YvuX{Oh3w*h|j$JF#($~7v2xC0eCtZA*N!M{k7WaOA
z4o{Lmr$cd(n6(NQJ`feucgt_pU+N8({Wj1WI2TfmGt#YwHT*+<GpmMIR9YW+TBSbC
z+Y0d&=JAg4N_XL7qK)dc2tk`I>}`A4Td6+CdT$9IU3V>JP-E8ED}2-iMen0(Tw>|X
z%n^V2qWXVbu*^P7vXiMk_O<?$vFWV(6dbxuXoJsf=@XI5{I|-r@FwSQ<Sg@4zv_d&
zxFnaZo|3}qMw@l-{2VP?Zsn|NyT@v29CyL^S$URb=XuX5R(C$Q!2K%HazEzUZG0Sg
z+Vk1T`9b9Tl%8r9*V}ca-6c0p;v%Xdt}*7gx0T~Q2i2>atlkQBS8w}%_kEh{^Zj1O
zKh<@2fxj>KQ&?AA{mwxLzT)@GI&K&AHzgiZ{dEnOyBB7^+%H(YD*r{Q9p4adNq8YH
z?P{*UXb@L=I41Ru&>J4Q!7S;8bM@h@He7(9{!<Efw&JqmG9L87zs&BG?K+sf8LeFI
z%l~q@=NQdhW<=tFM%|yxuDg@>SABV-=0vr7>uctzInOieOZ5KC`aDlv-{M*Q6UXaZ
zyXIAI(DnIS?{!_n*L^kk%$=+J)w9aaYQ6fnuT*o+yr<QfBb@(<BRp66FVE_08+TP>
zx@DX(GcQ{zW~PasMOzDfeeA>kqRemm%0x?L5B*Guaa}g*ci}gErMo+{w`?!Y$wlKi
z%fF!K;*5O9_qKj!&tFjXg*|^k`7?X&T-=ZA`3uXwpyw|vztp$hmzn9SoFM01x8A+{
zQZ<~b7cW?YbM)c`HJqatFPzU8_Tq&#yc#0y>a7UrhA_v8hx7Kg1Ew_!=!L5R&9LAW
zG8fh1HDA}Ma}~<AKwTG%CxByI5Wld-i6Sn1mGC)g`b5$hQTB7>HHASR|FckiMnA44
z?uQ%FyX_lQ)Ly+Mj^1U7E|HMDPqzndTXr`{Vcg$~KdD{~DtF;xqH}LvHqKQysSW<S
zQ(ahT?gUqFym$wQ|2=Olv+?izwVZ`Nty<n#LK<+CB)!~1e!s?DP<K$5_qsW)Bq(m#
zsT;0R;(nC%@mcMWrL9uQ<=T-ruQu<+KcS{~zcVbD2QOQ9i+{ZQE#1|tQWv4=y1oID
zE`h``xU4Ibj!*(Ow|19+`@}@*5<&<jqj3#hVibKBHw4@gxJq~^Q|kBzZV2{V1YQn3
z#J3XjyTIB-H~KWvC75XmZCt$GER_Z8>RE2n%^Lj6yIE7~-wl<pOV?OG##KuC8BO)C
zY2^wFs5bq0#C!4T60G+I5V=irA#p5jseXv%RXJS@+e^!(cuf~y%~TUz)K?dDyP)3%
zgJ;)AZMQR$^<Bb4-4T6l&rdmz)kSSoh=u*?BIB13k;i#R=7qOCe%0pe(*&*FiCj&1
zH@A+#zTAReKqD&ldj;HE2Ah0Uy3j8mY;CA-<2F=;n7nV5^*XG2(|auDJ&mjZvHld0
z1r7&BUqF1M0TB!D{f(Lh@m}eQD}ANw4Ivy~OMuoD;r9v9`Y=L%@=IZ2(tplv^x#h3
zaozn?y&9<!^hm5FG3YaPzwZl)<}c$`>a*(as|#FcbsT)l6-oY@tB<7(pR;Rm)`<)9
z8Gn8u*F_vm`sBPh&!6{m)%#}qV6EP5L+akX(@sfi)dSa|Qgz^IC0|oLe)+HJFc{qs
zRn)D%c8j@8Em=6#@@j}6sy8I?k-B7sU&M1Y3!$&7I}1VWZwi0^(yr-Rg*&z@7x|T#
zS{Pov8VrN>s}vA^h;CALgW9#L{*t^)gsY2ER4pQy+e9!Y#nXz33bh}CQN7TcmN5SP
zzH(Z3qYrOv(ocznR5R=Y@oyPhEyR8G8+P|PJ*nP`kgnev38Lj!zk|YB?_S%a*Eb2@
zXEh`$3YJXl)#rw17vAr}Gy+*W%z?3*shiX*RU~uvX5^0YnISCdd^d7s*kz7SR^yzO
z8Hn88xMgih<zuw85f@D@(_s<ci+D+=65h;66Ai51jB-xPX!)&x6tnksz&w{zyXyTW
zv`M$CP8p-yGs{?NtBh03c1_++^=h<Uu`gUzjGD0y<67`Nr)oE$L9zywD%utQ&`+G*
z@!awQiGt%y>rzwB#b0?HVx**Y>aDAuLvcLIu<sY@QC<f3@_8g$r?VvYH)j1pJ#wi>
z18Xn5)6SXBnI5>EHXV36b2{*}50e_#XV2BH8+Kukm=zVsJ1)ZVbg}vgjyp!}Oi`F9
z<#`P9mZ!Q{Db<~7a#&H*``x@nDuREtBjwFKcF>phmugHUL(tjG6TSNX*}J!2yQ(~2
z>~jm15J3nbgh~h@>_*5%Xk%<+T!cd-voVz07z5iBU0tdmE{39k;$o^PI%*wPUrx@E
zj+E0nYDIa<(|I_`L!R;!MNun{Q6BP_<SFm@edc$KJuhpneKDr0)3vp=_g-txF~|7b
zZ{spEUJum-f)TXOjv>%;+T-~?rF*9A+S6ro#zp$A7sgKxJs$Y^H^$FT;b(1LDGQWd
z58UJB{d+ucU$sSfO!Yu?w(A~VzP{qh#l7wxc<ee9YiaBQKVPxr)MKrnduV=rBx}d#
z_wvlB#l6kvu6nz_eIK=Xuw7ewy7$XxRvhJzO*xL9thIQqEI)T{@?543nvSMqu=d=p
z7a9r>E4c4%UUT*RzV@B{;^DU{0${bgH<^VJZI8e6kn~~e;c0^2tW~U9_sCv%%hNp6
zqCAC^#CzhrGi6u0dTZWz8pC7=OTZt3a2hS`Uaj?XHr$qduSvW0wR6kIgJxpf<bBQ=
z$*c6lp~<cI4Y{cad`l;~(PT7;Ophwg6h?LDlN$d<`G6bsUuNpb+{yIfxgLx5OvQ;C
zo~b*t(tRR<ls}^9yCsxW%a*^UWfop7w``g;?lbatkUp1Nj{7`UTrwrJJo*^Ub46Wc
zkL8w2eJ+o_)aR__YO1TXjFid|7a@3TDuF}mF=ktf(`Q40eTLOO5X|7+2ZFTT4}w{r
z_q1tlv0+!=BCq|oRpELQeG*Nkz7cI~va%}R?fbmE=+>W4=CjB1+u_(8{yY~R?~B8M
z`q&4L1N5;kE~l4qX|g)T1Bc5NubyZcGndyqF`l0F=2JFyPOmnGDX>s`HNxW5@*wNe
zDYJs;*(D8%_6!rA(U8PxO`f(^lQ)|n^K=$DEk3<C?bN2c4mR>8D(>_2iu3zFy~i~1
z9#rFXGts+<_dZnf^sQ3uU?XqBd!MKGq1y2D{#4r}F>`&<=W6nJk=}z;&-G^X<Z8Nl
z)0k8JS$}R5wWfMBdhXH9`qZM%w)|rgOs(B6_KQm(qN8hVXYoiZOxn&WG^+{uO;Ai*
z@4~WZ!It{ped74kg8ihTE%D!A`?gjs8m*@hDlTu$s5))2s&uS8al>am&MGUP`Ri#<
zyEWo{#_Q`K`;OOV`}>a9x0-RSK{c&Q$Prq+ImhzNs(hGH5GzI-TFW_Ar+xPIrCDU!
zC^zkM+;XozSGCUr^to!ef%`*+rQ0Au*H+c`uWA>}RK`%D#jIniGLMMzdYxaDERLr#
z8*Qh(Y>p=m-pgJQ#jKagty-3{BR83Ruc+|eq5X}@qPn#O#-Yftsh};<U5+MNme_D_
z+8KzqYMaCOxlqRDhxyfltd`=BuQq9FOEjBZSjD4{tn*|tF}%tt<>2FGhOL*aNkxA5
z>b<jw`V%uT(>XIUg=Xf)3#6}B25la%&BVP@vn6H@-`uT5|E8kj)SWji0Pfye-<)Bt
z(>$WZv~9-Ewwf$MkG~&koKrZnZJ_(Pw&U4H-@$3-$n<iy<zzox>$%mqTO}OK>sxfX
zpM4(?_wsg^`GJ0c?sMxLXd5D0o27ZNzL)!WjNjC9XmHxq);*Set*t7YU9IZJA5|MP
zw&1<%7x0gtYjfPw=gfbls$eEt4r1mPeMcicK<3Zv#^G5W+x1t6YUK24)1}qb$MrC8
zJ6)1~DYHX;ujl4tJ=k>e^ltStJ#RhS?!?DU$DQA8wtM|qo@mqE)TlSzO{IEvx2yxZ
zI=#wfxH^Tg?U8loLPdRPvsKkN-}9|I(Xc!{dpcQT+iAHqYBwD_QOa(+N7CP%nil?m
zqdPu~H|?jj*sA3_s&6f7nBp{pYSwnz;|#J#({H#rZP~`|9-EH6+-eLV?j97vbxGI+
z;d;v@2sgJHAdG|^48kR8T!wI|<vN6WwHhFdlphSjC5>2yaH-`wgnPBxIzEl*#EDZV
zyIBjd++Ho>^=B=9Xbw9Y<}6J&r%XHN`_o%1bKDn7`&X@MZN~6zrD3(5VYoKa{fApW
zQ^{UE`PlN^Ss!Z<ulBg_UT+w->-pbCY-2P`R;@;Mc>4TSZLvg=_I%S&bJY2KsyskX
zv(@^N(>1rSx^n-}x?S5Ejnw)~>#dq|TOVna2W{{Mt0!wlZvDw-!P+{W^wi)O*6~cQ
zZ}KdA!^jqNBN%<3(QzY;+72-Kwglt&`WQyn4?@RSg8{~TKNyT@+hEMMbr`4D2N-kx
zATY)r3^3;V!C*|=24lXh!#KS@z?kcE7@MxN>sE3^4!Vchy$0R*-tf6S*;;q26=-y1
zXf?><^!nDrLz~vqpiu+#gSQ{rH$7|8J=_^$fZSWhV5?>;$1%Vd)~(e>zjb{}Z{6`>
zq&duKv9%k6<a=v1JU74|sUPliBgp3W_JT~?y&=<L44LnnA#1X}1ljt%&5)(-UXZ25
z09n3ohO9~W5@hT5Hba)SdqI{K17!KW0NEo`PtH$|C8~RD{r<X4c8?7hwK3M8Tk5N|
z9-a?YEsq?pm1=o#lfbEFy;gp|S*LZ`o!*_x&-m^-565@c>Db?0#o7Zzi9t?H)~Hx5
zQp@-ItnA#b{O-~6+&T>#z4mzOo>N_xWuH~WxvM>4{a((t$%gyxzP255cU9r4hOzs-
zVuoxM7_Pisd4FE6w(8}=d;@tlEsxK;`MTzdZWMRqyv`D|LiKvtYI*a!UH5D<>uh;e
zi8xum?EnTVvfE(<(<4fbcU!e86BMn&p&zsHwZ`l0xKE=wx95xMtF0VwPwv!}9Qv|#
zZvBvlR9vhuPrfcg|EPMgy7i-a14*qYSbS=I6FuxlC;V(5e5{-nG=07w`6S%iaVgW)
z3JuOixmum@__*~z--VXXt5q}{+xq>bN{Ke}HRav*^l2Pv6(T(Ow6A^*XC^K7@dLH1
z?uof%ty5L)tf$5KdE0di2Pqu!;TPZ|GkNVV`GEUR>xy;Ic^y-@?J%7I7gF5LA#Ylx
zwl_ZhqB|8SY_*>OCQ=Pz)Xy4ul<7Vp{R4F5ayWr(eqPf$?bYDyj+pl1s(l9y3pL1E
z!T9`=1g=xKJvHFo)BCa&-Qz<aTDvAsOZB~Vi2J@C&n}EqK&^{GM>veFMc?x5oXaYl
z(}P;Z^iS_&OEBfYxNRNEbZU;%9EKTp-&vL&tMTppuoprPR=h`A@<LSCQh8N9Y}^^n
zaecR}rTSoZ^3Urp{mzaOmWTE7$^a5~sW?D#jb}dMYJJbCpzRz-Tt8Ds=^U%<++QoH
z{m%hQR-Hzx?V<UmdMTaTZo5aaWs9xPOIU{5v1?A-@=Ag;^_yC7_})|ekbV4ksgK8C
zH?BQ5`D!nH>1(ntxT>nIHL7HX&0JIHpO<^jtF>DXWgWw-)x$vDf7RpFowT#U(ND$*
z|K6(|49EKM!j-|IcBiwa$?-BaW38Wn#_#EAw^IDvYt{0z;<a8p(X0gdh<!{=IXsQE
zpdF>V^_DBOzV<|F(Xp;1Cw7Q^3I);XSO>3K+5PBi^=(|UZiisO5gop+Sp3cUWZkm^
zxnmO}g?4n2x9*jLOIwq($UVC-lDE6s5#Ze&1zSlD3bBm?wL<%Wr&FxwJnhc4KC)TP
zsHwCs)!fMrUUqlo%@V(?b$7!^q3fS?&lf~B%XE((nw)g^llYt{w^P@9?RjKs@AG`~
zEp?b%9q^VKE&s-P6eWMSK3>nK2T%fZ+C>7(i$A<H!Y&Q(Z<;@vML0k2pB((C4wzYo
z<wV^%S-+>d+L3m4{@kENIYf!=$i~D*p{*~k6)i~$i|%DFtlK&ku9D83e(r<ivAX@;
zYELp)nm1Q{+Y$IqRmXWsvhR-FL@0vuTm5;Zb4@5oy5l!p_vNK}4*x%>CwSS|)kqhu
zf{|GlGD!mi)ho4{{YS-bdjJL+kdGW`#NXs)NN|jP;8SgEy`N7_gd0sNj(z-kwV#i+
zu5(K^!(Kom_}gBK7;6C1=Brs1QrSItrSN2p+Y#c8FQf+iV{6W?q2l{>9^yX&StlNC
zOtnxIVLaw4QeqK6y;!ZCRn!KXiw8&3`pV|Wgf{wgueEO~=-ODpwrbhn0M)>VC{>I?
z3+BD^GvYB!t#%JxsxihcWWch!<BLiWHs6<W5ah3VN0-2l8R;&78kNTVwy9e$6U>=r
z1a(6XcOrZloQrde8a<jakEusl;F>^gz;WyD5l(ePZ=+X1dI~?sP~sjj0o!^Y)?JRk
zQZ$&3ML!fD;EIY49GFAZT|rs+NBsm4Q{E2K-JlH37zzdh9G(?o^kRMQaHTi0ZydaL
z{Rr%v6NqaZ`df|g*1>xeA|9~UO9$`umxcLz1tqtzK!KmNo|v5|Zn$-<&VyW*v}Vlq
z>G_nN$5JxL&^jEI?5^p|$MyU^{9AiwJjR@sadh3opOh0?m%%@&Yh~O|eNu}f*6%)5
z*OCBz(g&u`_l~>TKa%frjnkWP++XT1_sj8bhe8RXU_7Rn@5jnzC@!Fc;4NHa%~+*A
zr22st-6P&5;Yzb0=`;56%d!dw8R<;*y60Humhrt&&n5igu3}Nx1XMWNb*Gn~iU&xN
zF@C1#dgseU=W=^rzPu4{mW1zMb(-ybue36W4BBx+ph$^Daw3II&qKc#d*852&0k-w
zC-j-t%@5?My=ViTgnH2s@;A0pAZ_*{oEyTgu3qiAiN8yDl7vA5w3tFWc&)MAtY~_6
zo{WNY?vYq>9$AQ0d^kPUtVZp~r*A?O{BPE`p19arNmk+gdG{C97mJ<bW0Q56j9ce<
zyjC3R?x=9~IdHFUnLJQGI~OZ_O2U~ihmTq3@|ardG>$iF-fG<sF3HHCb=^Hu!j@du
zQPFvI*zfOeck|!D_cuj{4=PL^b2zs1z2aPZ?MXW~a!P+vGQ@J^aFb3qJsKj66bqDD
zzN&3q?^QqV^j0qLyfcEQ+kUND#lw!DZ<7VA3~BqO{vIm|leLs&Bh^Oe?jD}>hV=a;
zzC6;igI$?o9Y~V0FU3yAYW;WT2H!9Q`Y8^KW6~tiXS)Boyhcq~-SJ6{KRlT@Df-qZ
zIgYx1Ue;2S>)Brvt|;?CZwb4#ByIm*eyops!x1zUeRiL*i_x766;ZGZE$ENjzg{@&
zTSS%wu*L6EhtMozzul)~zwQf=AJ!t@6ay^zb#i&nt^3;OU$^luI2&~MarWq8erf~X
zg^N|JI$uj^ZR&NzfufbqFV{l0vsLbWsqQ-t;Mw{)TP@DiuStq?_4^V(HiO|}JwN@?
zyCVUfs`jU=Z1ik>GU;=nAFVdc&w4m47G(*q4i+VTW*jlJd_mdZ{Yq}LT=>oUKlqoK
zzpKRyo7;A8Ih0_E<EC%${c(*0*JlcUpHRT&$y|G}uD^(mZybhmOKs0r@54{=_Knju
zitXAK>%Lr{z2xG>g5rFQ{p0%dOwSqH$$wn!{5@TFpYDHcvG#;Epnkgk9}aU8wB2KG
zVYM+MF)$|+CJo8m?Z*7@@?aA7pz^TZ_PfH5H~AqI=L?qZjTeh{wz68*OUrCBK36=t
zSpRX36rmlu(oHV~ak8n_wC&~k8!b!g!*I@Xrd?^dZTC*QBN^oQY<;$ci!|2>u-{Q;
z=a`ok98#0RjWY#Vixf9&@_O6u-A4I?{dWw|Gc}g+*h;*5xvn@=1og=^4#11utTXfv
zIl_K$3>3qivo+pfDMlAB7wiY2*m~RViq8Q5GNxs<-X+Cn3c{y)DJ1hGpCx&!mq;{6
z>5Fxh9?$|Fiie>KFV`Jff)AEC;1vF_yD!$~!{fmBg{wcVQJ&fDk9E}}ZMAgVvdn%F
zz<1>OepEWVg~Q2%TDbML-LDVs@#db8M-egL$C;iV=;xp*e&FTe*@dFw`MP$#D2sb2
z`f`1f=YF3*1C>b_?|e92iqsuUmzLUoSNsO}4@RYnMNyJUuTcHR{r~M=YeXP)iQjM}
zlcUw*`{|UZ;i>vPUo;X;#Jcf9{Es_li*q#4$%N<X2SmoYbsTvZ{fj3PL-9-TiK0^H
zVTwu4l^pp!Q?13Tw?1N{;#`9F{$BRvP(CY?a4=n5YFjyS1N7GZGmaPPM=(Y)ky)rF
zAV=aC>j#4g0JXKs({*N<AuWWzD+q@Ld@SiWeOUV!Sw5(ylKW}f1%#(UanN*Nc<OK@
zD7Sd?x8l0(f{liWE-;bS%F9G*v=DPe`1B(7)XDjLpC?6inCbgdb%o|&c%m4e2!t$8
zPjs6Yh?`h|eW{?Ey?-)*5DM@w)o%<xC(k7aFu7^2A&d^f7zp@%LHNEIach!yP;Do9
z)3)8sf7+X(-}l|I>Se4!hL=B0AtJf|L^8!iG&hkOKau?6VzK?%V*ZcoJI_Qm$)IfX
zOo_<px+`8Fxdh{xx+}uV3D4>kmZ|EUXVXt|A3iLVjcARYc`0!S-Qii%I~k8R6l1z7
z;}SW#ZnWP47bJcF6i7lX<rkqXaG>NW3;j|NNVqGp<Hpa|4=|~&Q1{vD2g*@zZt{Hf
z`#V5k%J})W?<z=#)x0b#o@&#k+;FLF_uIP!y>m4F@V=J@BSp)`cnn^Kn9)lSnLJ2M
z;N|*H;AmHbRgFoUNjK@cJ2CrAx?W^Zv{%f?_!Dcw?N0iCx&A*@-;6|yi8xJ8je_FH
z1m(gq2VPE%Qq)L~`9m3+OoJlui{eD~MYcx!`8&=>&4c3USqPM@F_je0S7qj(i&R|b
zf#lj5Ify`!fyEd`R5_3hAjJqOr9wteCZa<cp)(dB29i6&DE7o%o?1@`gB=t_9H^gv
zHl+CdtK{J_0P=Zy=I1wArlq#s<%3tduhmG{wz1k%8xU2x*V}c^lXo>0qCs0lj2DXi
zVoh4d3lj!H!yj`|d~u(<_fNaZoAdGUsWKYzq&k^YLf=}j4*KEn%30OZdq;AK1>*8}
zbM_!veEErfY>Lrr2$#t@vJ|3dPV}XMgB744g3)A>Rdwi}W?fQW(r;8Gu9Q^~4YO8g
z!7j#9u^{_F4y!0ErOUiZ5-=9*u$*N#55n1LyY3?Tv)AlmOoHHpF?gn6VlEnY=oaZ=
zEyY8uXYz5qXiF9nw*@z0Jj2lf`Df}ruA<R1^@$-;P0N85dSOoX`XLdbyx9C?JS?+u
zc$Uifs~27gZ)3>#2(^mTm>ev^uE)#39xkak#UJ2BU||Z$D6SYqj)X4S39EPywJR|y
zTu7?_`s4i$f)PrPu&1j>c(ux<#9V}0a&$-?NAH73!nB=Pf&Hl8I773;;l$3#A88UT
zBOi3AkCv-fzL*B0B_1S>#vNJ$ci2a+RC`$gfv<RiR?toPr{_IebnSa(%R~U82!#oM
zQ`0hrcp^Sqj6vp%P4d_zl9RE)%D<Nrt6n4D2k{~)k{Bn}g%o8BE|NZ&Iju~&dPOhR
z64lJlpa>m;y9}HD>5pp_p(MWIz+oNx$gb%}Y*bQSy&jxfWRZoI9{7u2=tio^92q8g
zhm|yT>L8LfZP#5VM>H;eA~kv%Mc$<-VlG-C%0o?bKr<Mlhx$8Pg?I9_@Ksi*B|BE-
zfqoRUO7#&h;-%n9`bethQ+$v-;RDMd+@ak<CK0XtFm)EzM^HpMeKHDu9qvcpY$=_G
z87*gJ!DUSR;sx0NJ~g96Uq!76_(Zv2i~SK#^FcI+#X>i-h8nQZJMYEU(Ng1*gj8*N
zN$n{X|3-UwY>=Qg%gV~4o#$vF*{7{6B8U=kvxPK2K_~t6G`eY3b>~~47+W2kPRtJ{
zn!t+FA6S_q<)zvBnw>tB&5YgMUy|qTx?h`zy0sr%04Z5xm3#^wscN7m$)xYJfNZdf
z<qy6!A|B%iUeE{Li4Kzo(#5{e5ilpXXFt&^6&U{`Wr^8hdFdLhi+99%vPq7>V&ub1
zd!vuBafm%*h1evzixOhNRBl?85nsW=t5hU*XnxY}4fDXeaW2}7+jZZ9;#PmiXjaS6
zGaASr;by!JOF|pi9%G1v=|0^#EPj%_gWxx9*WLUF3_OT?+pkRmVrGE&acP1gOcfpx
zQ>K{cFl<TB2`vN56kxA!JxFX!{3tnN(fLQQG~bUt>>xjlTI^b;C*rT;*9}He=mf7y
z_StuKDg`qhR!?T>fk_(KC7OV5+A6N~ARRmq*o#sOA>|=v$;G8aOss&B+rkeNW74P~
z5n|ARE>(fZVa1=D9E<fVq1+Y!dAsiB|AmU*{||49m$5;y-KgJU8v2v@JQk>}E{kVD
zo_L$Y{G>%csTs$ABXQZuoBua8WAr=_SE(7<P0-=0ZZMw&M-&7aNrEC&M2dmJ721=f
za1=c4T*FHSos%;XFvH;pECF|w!_*fcWbTtn2!S~`VQ?m7BbuHfpj;i2^(fuC1wNc*
zLrVfl5TTV=8~Vvo02fXI9Kw`Z+`u=-x)XB(E^?6P;b%0BkKxr0XZer|x%ac|^LE{D
zk0%U290|V9*7z!2#BVl{Y#~hy6RBi1$gXLM1PSCZK@StDCHI&#J0YrTu`bx>dBFjR
zChMf0mFCp7#I%T0Sz;u*J!bEASrAbTsbdh6SyK;wK^6dcp44}0k^(57j;PQV3CRnS
zmytNVAqWytJ~EitmY-%xsHgj4CNk`*c!h+oqzDi2EMYKh#y#mD&qrwlIT7%L!3N`W
zfY0x-7BRI#1fd$+LIS9X@(ZrJ%I%Q~=uyNZ&Fl>TeUGm|goJ;TQYxb#HZ7_PJ#fX1
zn(T@*j4T*As!nken!p5+ks@i5v@uWzTAzb8bz|Kwl!cltNl4T0A`x>X+`F%SdYqMw
zl}A0F2m$J|t0EH2&pnz(Gk9TslP6&0a41P4G0_^Q`18!ec`5}!iJ<-?75H!)sDPmK
zQ7A<q2pQ3dZB^~!tWwJYHh>|;JkWvL0K%Nmhhs!}s{<~Exl#bXUcY4Zrv?5-^Il7_
zH@7W>Bf>n^_y5BN$;~mJdJ?Jvfm0MMBxu2y+kJ%yU_Ys*k1P$%%xp}7@Ll7Bh%>z<
zQJJR`%o~nTNi>}Zx`kF$D^>l<65lw;oWyqRYWS+(k%w4RY>$xjk-b}YXWK3tJC^LU
zvYWN-uWEZ}r$;Z;=AL20#!dwkHmllj;tYe23K>%&u4da-wvP?l#>N9?V_!SRqiz4R
z_0GoHUsfMZC9&VzmL8|}*cjr9O;$JRd}A9~);Cq!hG~P2lL6{f$+v7Ba%zS13v9S-
zTfE2DJ!4DKfc~(lW(oT4%h&qWm+P-R`XK(RdV1Il<irBDZ@YHo+d|__kdmmt>y(PN
zF~z2qhSe~>ZBtHxXlDR)mwiSh+o5c4`mjFRY-a0b+n})-o^0mJR-5j;Gg*FAu;EX(
zuc6rV{D26+nQ9qomZCmkyIamrvVqUY*@m}pUiKs7Q?$Kx5ck5<ek;z&O?}}%RWO1r
zSl3G|yW_U{4c8a?yJzy|-k*Cun+(6G|2Yw)Z5V84W8p>4+IV-h%{*r*In%*L?t!k8
zzE9;mhn%EgGt#e%iXT=_*`jKTRy%OONnhRhoScDDgK`<eTcEXU?}4Tf!^uqD<-?6L
zK>Jel%^TQa^=a|>@j3~_*3ggoYqjO^<QSg;Do>E)oG(Gr@VL9%^{YLO-8(*yw+4}*
z5Brv1*C}Sxt!L|-_6HdC(<nF`)zEEc16ZJC1=jUD5;vT-k~1y_<JmnD?Ra;!0c@u*
zvPl;Hdh9N~(tm6AB+}is*bW@BHPFVt4OF>r4yiW?qjz!qx$zsfr?ej5890Bu-}vn<
za^23sxZXBKH@o?I;W(W7_G0M_>Aw-~|7_UuH`ui)uY8-I@7}fzvK66Ha|$_6rR3@%
zTM})~bB@T@wbgROhpQ+IDtdv6*}ykGPpzF()ci!-j@j&)URlCkk1lT7sN3ERpmoj-
z!E4q7KR)W8Z$71aXMNM<JB4}lj@8K7Z|^KT%Z4`j(DQIA&>+_pNnEQNH|nUErpjNH
zp(TLC5~;?=w>0<J_KA;OLE9rc3_1lJTV5*VzSh6|*e*@49DJgVRe8S$jrzW`0yqc5
zb&nxoh{{o8+XvNVY6iR7HR~v%cY3HX*r_5~aTVR8@NksNx5b*~xa_g@Vp(ETCgTzK
z4o`mGM=W1en~<z~B7IEHx`;3gJ%th7qeRxRJ<f1>w|59@Z63y!cWOi;2PV!jj<w9)
zBMqMo_xoeirnC)RHncynd_DB~%YuYJ78N$O3kST0ckg!79rfL#=!?P*!}_%F{i6QQ
z-0B0<XVB!`Qd67*H5GrSU?YjDK?UW5jTipEQ@>4VyN7b8ae8v^v9W3f^B6>QZ&DGr
z?d$}m$)Q3Fgb^ql!_hs#Fra--qG2qfC6tm3kpjwFLBPY>lG(57e<(19Hv56Usxh)p
z7``icJRbRo8$drW(ZgLxpIA07aAw%Rv<vg;P5jq~fYA96VBI|!?@@P}PJC3K<ML^h
zR`joXVQ(o#5B)Mwc&NAWaf98t{hp7D`(@7q)awtVdwec0UsSK3R2w_Jo4x9(e=-<-
zQBudKCm;h4siFO36AZ$d?%ua5;JsYGSL@i=*J|f^y`=h%av1l1Q!VgMZ*>IJ-JXP3
z9VYq8cKsiY#>#PMg59)eK^)B8JK0N6_KuH(Fo&#;`yqK>l>F4*`$vUq%{2<k$zXbj
zOjMgkUR+5d*&2suaZ+9F-%k)usuSuB&bT=)K}v(uC{76J?ir8XoqDaV3r$g()BmUs
zcQ#?$&9EAJ?;f7w>yCrC5*T%L#2ZZJR`Jyyiwag=F*-QVERH&omJ?1I^zD3rSaoCM
zlq9ktCFt&RZ6cA|Cwdx;uQ{--op&)F^=kE|-J7#MwtCH3x6R|zXu1c+nsKecb1!&?
zqe;8Vfo8a}8J6wx-d>_G=o`3(C%0Z0Xx1RfNl4q(4z0I)Uq!|nJgr@{ZvTL6b#l<d
z?BA!AI`V)&DIW2HyS%&k58K5&*{z|N^VVc6+Een0Vi?G297Y*)SdO@<Ihpr+wejvD
znQIenhGgoH+YvPtUH@z|L@l7%bm#}744E-Fn#m$qTXzq+dsnCEEeUn^$UxY{s?)r&
zd%TJ3rl1N9`!hk$pIDi=mWy7l5x=cd2-`6fO$4Sf@z$e)uja&>ILrc)=h1&KbkiON
zI&TQ?s%$flR;S`|p&*z=y;rW4oG@0Z9!z#KrtP>5nJA+{X$HD4MbK4wdALd0`bd?*
zJTX^s_{H2CHOG6bLZnM?6=#k3azFMbeZJCQ6T`<ajVm640Z%wd86C(*nX&uVsnS(V
zVBke}f5zs>cXNtIjGlrTW1pG|1Lcj^0@-m73->piy;;lL?{+Mcu*V6VLnw2-bSc_H
zZ@W{$-`J4}a-E<hT$t)v_h7QaW|Yw~xlVVdF}^G(GsdW^6SrIV!kw$wa8@V=Z|*I@
zJW6+Uwkd~L#{ACDs%=f`S58X@Yo4q6^~t==)1z;y&+VRRpy8h4WGy<}XexhF;|K+u
za_!UCRi$=_9^Q_!$h%0TtKF5Rahz*f#ON;dL@MOt<YUnUpBgL$yy7fT9z9ce$ho?!
zqjT;RZ0EdB!AEyucs}|IgILbcH^=654|(o``iTa-IvSz7GpSp5*GsD;uDjE5adi@C
zoqX?Yi^pn8;>o(w-8)Y5=HH7ullw*W`&y4l3+sv5m1<MmZlULi!aARqoZ_+aD(Wp?
zS0I;G<c2l{r>%#_GS}MdI;lrV4!O-SbB$WgBKQ2)B{kitE8Sa#@wLKO$moCC{ZWk=
zsr<ILPlDe+Dr`<wYZN+LQe&Qtc1ydr#~NP&2yevFCR`b;_t-yXr1-?9d!C|;TYvXY
z^9h~#caw(JWn{U53CA;4_%)%CNyw~}%}Fq3r%d^op~_k<GpnYh%@dd-aMh%v`__21
z2{#kpRs@(J&Dw1fmsSjB?PF%L@~jya6XBVSFq@k>Sv}-8lag7TX{OA2gRE>b8<dqK
zW_>dyn)x(y!{*BTS~X-&LmLJmuuyq(8rF21gU%u+l*zbeEX=@}A2FGVGUnr4H6dfk
zhUrs%m}ECUmw9VTJOZ<6R=;32P25&hW<9ZWPx^$pIcW2NC~T@0b<H`U0G?%{Hmjb9
zkQFk<vEs?PL320oM`0_hGFy(f)(dKBF@fIA9c9^yX;E}Ev1HOz8@$bk`mjVMtMiN$
z%3I6h8`_6DxM_OSRs29fGy`*%AVkK7)v6%P@)=8YvU1wWE|Y1#lK|3@$#OGOqztEF
zXL{E<B6C%yfqnM`{LI#&BZ`tzfALf+x&Tw~X9iWDsIM2(<>XmA)IdRcVMaDfwP-?S
zWJ!&w;jA0>m#&z%jb7+8{gG#D67(Hf>n-bo&97OU;kqY`V%4#^U>I>xa3ZIsud@ao
zY-A8;@ig;lsFIbYFbIcmzziQcplRz*@1P*FG$SiZEmR|+q%Dg|z~@tz`QZWHq9@!f
zb0dlHw1!VhQfW+_%lbUDM>R4A;<-JVfA9Xy*8I}^`;iGdGGRw1?8t=uE=?G7mW>it
zW@LRH7tiT)12mEgwnT&*WUR9)nrRmxWf58eCHHe(n3Cm=0y0Z|gcC8N*$kCni=pP=
zxJRKvHcT1WYA&Xoqs>;w1OeGfDku<MapIPF2ss1+MzRiyn-L<xKqz4uT*3#=HAjaq
z^9h9FP#E(TfPscl*9RCm^{k9RBkq}t;^wT4(>ANi<~Du&z5BOEE}#gNIPfTnr3Ob)
z>`@f^`;KCdTmYMN>n?!n;_d`4$vL<>*=KeRwhS`+3OQDpv!^&E8Jt|gQcL-1)_u#v
z;=;H_4l>K0<uM$htce?vFSWc;<|x-Tx{Qf)liPqoewo}9x4FgSW1!~tvz%X!BX8nL
zxl6gE{3m(7d|NF=HYI!JPUS{2OgM41;LO6#EH@ScaL!uG(&WLGUHg$`Cxfy$Sx#=;
z=El*9+f`@D;$2vS0M+EbM(6BpF#t<)Xql!Fl3{Bnn31ibnJn4&R6DX<8YT3a>{JM$
z+Jh%DMBxJ*IeC4`c!eXVfO}|z-gu<yvG-5+?~g)&p0ULDC<HhP0geh;{~QWgM<Kvb
z2yhev+<FM03L#KZj8;d<#EiN}wsZ@A)Cz<+!WX;SG9e^LOes0j4yLVCUbOQgj1*R=
zQwVtkf0@=&R}qp4W&~s=LxgogAHgJujIP|TOrFY(0=E&>T8yov4lco-@4_gxl+;KB
zkjm*oCxMf2%y^k#(mp{f$_YPR*SnC=ro#l6De((4Q-&8D`<w!Nrsqt~fE@ME1HS4%
zVgytKXZDLG_!77#m=w;MpfH^v*iDrOwEFiWfQ6Z|e<rp}Ob8y)Ak!I{Mu3rkJYloI
zvW0rM1#@tNrs1uMg~pi((wpzX#7tlqPwfZ~1-&rBM|94Z_?~GRaw7=Mw3oV^{!k&4
zB|=Z~B}~u0TCjqMTo}dvN#h7{Q702UWJ9WeGq`ISN##t<3g`3(N>WBPjR;cIKvmOT
zpfnb&P+K?+8r;FJRPKewD1)}RoK(Z~DLU!PzQo9rXH%g=3vlBw%7Q-WPIiYGy}@iR
zFba`*{M8b*K|wz7hNP=ff>@$On#nBO$QfLG0-=N@=?@yCH_c0GMJrHCDiT>puizw6
zsFZ3VoHHFN5!m~u`wvGcKoRe#3V1Y^eKeP?HWZV6R0aJ1_e9W974Q$c3V4(P9Hjsf
zv!fK?4=)9f;7VVlQhwUnMzaKxL1~@OQYNW{R77fTo<WKwwUof3oRnPxBc+tev>A*X
z@RDRjA}C#RIFdw0k}P48SV`fMMEfRDieF73K$0Tul`u(_r0K2jAcd0Bfh99YRvYG^
zFe#aYCuyxjQ+lYVkWrNnjFeM3^^r0Fe5Gi{kg$VJ3g;JXq<&ID>6~O%A}sw(s%ZqJ
zkff3RN-N<gnM6}K>c^59D|pdV!kSV<W^2HX@^F@NCsogyOtVK4`po~J4t&FltR+Pw
zskHX^A$^Cl6|Kqy$~tgOaUt`5c|J)dUh5Z~Gj9hTJWE*u9%zwNKcyQfs<}M(S~*4<
zi!(`iCBYKjlpFAk455XBg*h~kDu$qIW&%MAh7>$V0m;Jyc;PiFDEWYy<Vn>dO;Txh
z^@>|0kc^NmG)qAN#%+acRy*UKvPMo@(+8N0<kwZS)Q?e(5-1~gfg?qljEv7IgR!-E
zZVpbLDXEb$l*sDT;HMa&L_(&d`bt}oGS7N4Gl`^#K4j+8*rZlDCt6F#Q5r|!k3OJK
zcp;TEH$}L;3jlSv&_lz9khY)orCMTdr(5^_)mrqP-H>f@zfCIHuRd(PvfIzH{qeow
z;1k=+Z0oR%W4iII-%wM#@GQk&KfvQgzqM+-#bf;T<)MF@gR<jrtM+x<0Amw@tv2=-
zzg~1uH2SLOY2WwyeH!!h9`|X`ncV;Uwd&Kx9J|(SahUF=&*rFXL(6VY8wT<gavN=I
zE6A2Pw6Je-*oe>$J{bD0EhUdmH!Cc*`DD8=9=495v+X5du`}0pCmR{szUJ}nS>xNn
zH0;xNEX}L6jba(P?qA>fSaubI;nV6He}-d4mbNuz{B{<Ctw|p^3gd~FC$N&Z@vd69
zqpH&hx|2(7zo~m|yV#`le>25w-0q-s9CPl}VW|4TrJ{;$CfUW`IM=jrXT`<wcBr-m
zs^6G+JP>Yf-`)Hlr|8);Lj-q<B@vj<R&2>G$Y0e~>fv0H?CHsFK>MzaSKGEr?`k2M
zlWr~*Q*(Zc^JPx0&WE84S8HF-*Q0yGmg0!&lik+NGJN*#MA4?brw0n<zU}4fFm^MR
zHk>y>e2_i|yw@pb|5L-KyS}Wr+2}kL6kE>UFQFb3xE;)pQ;OWNQGM8n3DeNIyZOH^
zlkJrP<m>Vmw#3o6cIv=D#OZM`heQ2B4Zm(zn)I!YN*vZ%-hI0a`<p8w4zLc-@6GT7
zGv}|DM;-)YSzvF|=r@16Ou(^Wo=QY^qtRF<)GoQfl(tRyb}UYJh9Y@(c5}-)lZ}KP
zujBRpahU>}<Yr8d?;<(-D9r|iZ4xnt;<n4gMQS)~4aN*xN!!NsoN)1%{k8aRW|J`t
zD{P*x4e95>YHQ*8c_MplFK=5Fck0Qu^|-rmqBJ;Xv@iv?uu-u#Kxfly;s)EJyX(Uy
z)lHjRiQCuRH}w}Twu|yegv;jBGxc|RVg`eRb_{G{o$iM*wmXFl!{2N}cV|xJ=$>7V
z19$3K=b(sGa?a2CR`S|tetCcRKde!Sd>~JZ@S}p;w%v1e^<;nN@owwpe>%vZPxi<Q
zm4^MM$7+x1e0OS`Fb`lCHKGVi?HU*M&XL=6n$&tQ-d#-4+0I<BGkI#(hw}ll1NJYA
zO~xEEzk6tWCYBw@qvLBH+G7WJe+<qz@cv0XYya*#d%A~+)P{Q(T7WY>L1G-<k9TlW
zsM(1H4^qMpm&TnPS#zv{{tYcJj>l_h!?6-}L7}td8mI8@qx#Mgqn7hDm<P{vPmE2)
z@`(;@hxvCE*k=lcU4gwbM}Kq|_g8}F`}5<>(2FpfHj%Rq$wZ7+SLfB?*Xi98Lb}Id
z=6H$W$R@P>yq<@@r@I%HypuRA=MIp5v?O82`s9n!4JN}$0^+squ159lxu%DW>ddIa
zRdOH}F9wR?w8vw0kdU)CDka$dX?=2UIN+<LNlU$q&!yb$<Hk!B37eT8PLF61>3cBU
z;2RPb{xv5kv~y6J^bAJqSV>V_g2b~WVFmZQw`<HCpS6yEcPS%;?_=6EOTdK<RA%1i
zc!VF_8$(ZH`t9G(M%Z4lvf?&CcD40$o8Y=jf3MYv9Nqb5DGti>6|J80znx>r`Lr`u
zzUn1mpm7_iooHGz@!Ubj9O(LO$s@h%?i0KTJ?O&wb!y7GR!#X$tLXc>WbCa~OTDa9
zzxw!m3eoqjQNOqy;|-LZmQA|9ex>qQ=TTVwr40K!wH7bnYdbkp*s09XP7oQq*4XY0
z7Pok@GlzZ??^8}Wm{nNnb6pY+(c`JBC6O>4EahN(*F(ncIDMI({Gy)G%2{94IW%a*
z0?W?3N1DgERGhrpmu9WOI$2(7r+&9~mWq&XR}cKzPW9_7s_{7?<A`O0?R@U#dj2;B
z0sGp{gKfDPzbg8`*~A-stWQSlo?kyCuz8#oX|+gm-Sc$sw`=iXo9tMl$rO$;-3FUA
zrEVQy_vKr~u@8EFU9V&PLMeWid`6dGex>I?JAEfnRZ3o{k}{+bTP-OO%932~&BHp~
zyH4T3r*OkDilO^F{&p_ddb^>X)P4Eu-!*3Uzg;{R@qAh%r+D4H-+XNIBsVIt0k<;h
zAaOZ?J25~o9^|8?ZiDQNWvt@4I)Jh9O%&AKc(a$&m+ETMobTOszk9pJ+-Se=bi`!&
z$rltMa>^9RBXM+!UN6P9N#<jZ^xfUflH~dB<5mojAhXXoFn=#zHSZaV6kbiCX#5&;
zsk<L1;@!cb#N9nl-=yVE%#W`8Rkczplzzh~l_O6~&!MWbo*uyU_B8%_w!89LJ?r$q
z*o@dGxzE?tBcGA$Q!MoDgnzAq5eOY``FZu$D!<)xmufs#9L;&xb|zj9ykuM2v7Gu(
z834{z%)j~HF)G7(ix~#v#^=EzLJHc=gf>Il0;_c=lGJ2K)j8K8C~B$1hXuAOM+@M)
zoB#3q257KFB-6VA)DmPPO+uP&VCQ@8z5iNK5U<G!+UEe#Skr;JgWcGle2vq)M-#tu
za4sgBY(+D6SWL3c?HfI;Ulo=mfj57f9hO2Y>8trv3z{=KY7RMXE3&BE{IYp;bIoQ_
z&6ZjPU@qE^dGV|(Q28-~ZB9G8M9tcpo6eR5v$JMd%~f~jUn~*>cdUYgxi!zbQ=pQR
z7QFZKF!zKZulD5cwy7P3P<+LdD1~#f6^Y#8a(#Bx;!>~O^S9DRgQ+{!1cb{l9=YZ`
z0t*$*L2RmY6(rtK=J6cWbl@QT*A0o3Uf}6&l864J;w$UsY5X)pGiVqyNk8HL^Wu>L
z#TWIf%yFjsMYpy6WqoQ!l<`rB3H6#m!wnN9u2P8@svlK9Uhz@2y*ujQ!wYJF3DKOf
zI)*6yIL<G|ZOZBN_C-;o4rILXO|N(`K)G>$j*X;3gX4t@Gq^sM5$4C~ua6CbIurSh
zI{WzZTOD`ltu0HVPpOld?0ZFPhC=W&r}11G{$y2R>hAc9f>>D$pT{BbOI2FJ+x4WN
z`vpTVre!+{b_n>V1=TVCBTt#>rA;|^c!1m?m3eVMcSnWMkB%X@Tz9@5tu~;^l^UGh
z9BR{;X(_VT_P4M02ae7?%={?I@z_l>(L}(IqZ6Z<bg_rzj&gSe@#iH+neL&x3G?Y@
z3Q$GuD%K5cntw|uJ*<uBJ~<ea-bawr`#<kXZEVBgA%C}CrEzH{1HY-Bn!{O27zbZF
zSkrEM-V15jtCs}{yYu6+tEImyt9-Sd|FB*glkklnx8`I#dL*Me;h0vgmSw{uYe*K_
z-TeEVVhrZ!YVgYIk0a%{gC+(dDsj5FG80bo{D)F7-q^k*G!?ynd~prjO{_~!aLXgr
z$+!c)uaA^^MYwtaz&hau#;jW1{M*BjZFu~)673DPBh#omJ%J@u;WDmc%-q`1YuBd7
zQO8qMIQ`M#dyM@Q-wd+N223N`L<>SB!E^Tm<+^U?&5C)H)jz5BbYtqjlE}31pKVZv
z9^#Ir61_g9f6HRlB8BOZtxY4*X31J~Ct9Cbui|N`Nwb;Pd(r<@rJ&RM-K9;>H4!%A
zI2De9;oa10b@!Q2V<{yP?CEgIzCOm@YI)4=bPK9CwO<?IT<d8}lZ!Jr)@blIcUS~z
zF`8wKLR-ro?P0ap(KX8>?TyS*Lie3?mK~6m;JR;lr3J5+5@vU$z&A@1^L9mjTRdp-
zqD7n*Oj^(>^vyA}_U&4RY1}L#w1CpW-Yi|slHx2jwLCV<e6yHU5Do{6FTr9#sinkl
z6S!NlYH@6q&04<L7IGTH5>L-&A*uzB7UX6@rX{M`m1>tMx>%Zu0$G}D=W6yq3i2(q
zv_lsB*-vcwr>86vl`>?3CF)tonPs`|XNNGVStx4>uIDT>wV>V-XV=gw`(Dvg-`U@3
z8K?2H9Ms}WONoQ6c9y_OY}y+yan-U;xK!%#@LnR*-TV5k$o4M{xc80e_aA&vM$Ea+
zvvzg;jsE(q{as&H2qR?c9?pLbj|rN!JHDR^bPuGWn$*kkV>Q*S6T+P2eQlkVTvo{b
zRT%<lQJ>x4pQlk2=T8<rwqCJpiN|5ahNpQ#J&aehBsk*N7|#~SBz1S9HokRt|5?%5
z>yXY?9r(|yr7*YEZ`6H<6S=!@j3SIrx@4X&em>z9e?6ogb4Q_a%M5uY25D-XVKv2R
zH-G<RT7jCrxr+H3V<&|&N_?^rTOBV|7bY2w$-iNweH=z5dv~2Gs`QlUU*kgVLhF6r
zU3Ym}i{MnIvjq(b5z#W9EnVv_fNE@l*TZ78a#iY-qE8Y5i|wy;-CLX+y1;+n#1K_Y
zX+JCtIbZG56PpVn92J0<lkI8K_kZ$I^?qR5Je*26y!Aazu)9-%d0x#ChKyxRC8uBP
zdbzcSzcr4a8+xW6^EpKlBPj?y5}bS~wLg8e=kGx=sVC|*e4~PvJm<}X_;su(k2Z0%
zSrt$zOHVU)(%MH<d~sK6w+o`7dewpxe9O{u<A6A267!-j_C<lD_L0&l)rv<~whO+t
zJZs=L+RtmYu@4RRXveEHUMmtF@3t=HYHKrodC)-daljEuh|kUMShiFt`x{1%lqP8-
zea(s`1et0?IOO>@ato=pYo>9hr>ZRme^$i|t!_<MRz2MON8!OsMW8`Urv|50SD3<v
z#)rjB#xiBQu>pe6slMg>YBN2UN^ybC__XNFI3JZj{)%YUq~A~^MxK2P&>n&rL}!9|
zZm<5cL~=n{OPpVciFx+YjPT>CMPpZ9IlvsJ6x&w_z5~lvW1qWJFLE9mw#FfbU@Tmx
z>wBB<?aD+`4W>~$COYf!Qd?=}vcaCQmigOVPTIB(!+PzjxnbNM3|g-GzL!a9FpT#i
zbQdqwQ>1TNL5*8$vNfnDgO$b7L%>jm;;q*A)NxH|6uJ(S60|h>%pEVe_sY;1!D+9}
z0B~DzFX?$oleTauy<Ds1CLB;RhizPYcyJZ%re<S2W?^`DWK}=i&Hv@KdgNGNn)7%B
z9Ab%@L?mW?qTZ>;TitW5)-$$~d!mE}4Uv53U&rwX0tLYVaBJ0KvwvKlpsbBKP2?Ef
z3>_F+Eukl83HsE!HSg0DifYY^t=*bxF2@fGPZr587Xy1Af7W|p!FjE)^lqHs-)b>~
zfDOg+?g=9e5#vy_T%Ta-o()tjnjEtdU7DIMJbAoPVeEq^Dso3{YPwT?Q}1)>|NHKn
z?}^6!@9&?U(|Da)(^!jOp;9kc2a1HitCZ3`5L5rldV28v-MOU*ZQm&I0lku@Nnc-{
zSh<tw7$=IN%mDd3QHEpvNi7CABH8OP`+CuLt6aj>f}tXu?_k(l56gy~EP##{(Kv9y
z#!}|lD#|_FV8)oa!5;cPKKmg&=+dt$Pkg0*WxRz|MN~NLJvx`_THwee7ifkkpVYoy
za7_!?H+I*5z^!}hFujEu!G2Srs&}dP(w_FZ#tI$|1#?D8%r%eC`reC1!M%Ha?$Fm|
zh72tg1MA&I7x#af^UicoEN19S>Y82c-WVe2A+T77!v@31uOKZ>BYm0xWr^cL%28BC
zai#e7eqBq!jf@TUJG1+l$H(JVTpT;HOi~o(e>ivz6_lq}J$H|{$<uwU%kjbX(e5E+
z*maL<?-t*$&qlkKini7dG>_J>ZsTOKajS4xYS&$6DO*H7w-xNwCf<(&kJX&~^RE<T
zY%QO!gFBEG-F>n&G|z8+*+Mb0({h*i*&#1@vc_rcHU%ToO&o3F6&IVV9Pj*W{T#i9
zzT+LHT0iv|jsCBcRG}>S%jtW8Gog%$-mM4M+k{KJ&QDf2cbCSY&bsV_FBOm$)JD5s
z>b2`)PbF<?UBM5>YyND(HmP^E0;a!T7b>h-XFD^zX~2+t-6*zzX#LL2TwZBRn~ytH
z@2qNQy(*Rs3N9m{%r%Q&3mNTw{<esp0`ZdY5#*_f7>6d)gu4{}vxD`CN-?y<{B^Pq
zE_ritXw2vu?exJ$YeuS`cz*qfPm1woN9Humj_@YzH)NqNtUtZ(^p+?F*Lwc``ST~c
zt^4NJy7RY^i&pRV?UdwwvAa>D`hI1OQ^JJ9%4he)dOuAnYypnKhK^eg?DQ_d7$;W>
zT9EwwQhmP_BQf-LY}Z8Udt@YDS!%P)m&WULZ7%w~{nHvjpwr+cqiv-1C#L!jrtEJ^
zFceDT`_^slw@LHXm34U6v6l14HFI;Z11&USAuKKKq1?ILPkJnwZ<tPd9%sJoxmS9J
zli6@1*5bochbx%Pt2|Q|rcZ(IP|}PG9!u4*e6^*7LN*qV9uIhDHZBGFR!F^6JsYv@
zua^pQ8wrtHDPMn5X70(VF%=PWhvUAs?rP6=uPC0k$%erVe$&$j73Z4uull6iblVu>
z?%8QS1D^Ber?$Gnx#y=(HptdT9?ITNm#uoT$F4iEwBl_2+3v39ZMq*07IW}5rCrC<
zQ<L6>KKiBT3ft@V2G~rTp$+;=SWVpx$sF5@B1<8+@N?^%pH^s_ci2z$Hz}UK(_O9e
z5qQdQrzMbkjoBdV?s&CU&AqmQE>e{d$>w-&|J7>qeEse|xxMt1X;gS8gm0dz)r49f
zRz^AtW_jdIPc;m?x5taSjWw>oHvNiq$s~qEdb;R5x|wx#u{E!C-RG@fG$a+R^0-sp
z>q7CCUNvl{s|MLwRpOV+YI)Z>N|_8cmAGuXw(fJ%PJV^27i;B|s`7ZdYV!*XtCH8d
zoK|FIX?I^fWyPtrq}_$9MGec4Z*<3N)cMoLDh-d6wiK&LQG8|f{?1P-05{3J4D(+0
z_9r#o2SuG1ckS7N<-IZVKdoU-sTo}Z<+PAMHd0Dxld7~O9Q;XfS&{42dPW@AXx4o`
zj7bv2R0D@2?L&;$xZ6hhFRS&u=ds1k*kc*&cCJ*~b1M|gbEoTR7)(6Y56%?i-KnX^
zfFsG~3+8^XF9|#@P8j>4!OD(TpcdaxzF1Mh;171HPm8`H(_??v_xrGwqOlM2ajUO>
zsr-1<z4{Kl@ugqI``~*cIL1(P7vC<3k|7)`85={JZ4>zIKG;xe$pdyz9E>78mS^?E
znptT(P|mka9=3b*N<lH6H4>ls-aKp3=lC3kHTqr(4#sZs*mSvRuE?R?8>C?F^Vf^a
z@AdFpFYf7mcybMfM~<y1$$l+x`Hh|GDYD0J4AO#9)+(iVNk7TaSRPV}mx^cF`m3&|
z_X7=@3E!XFu6AvzbgCI_13rsvvqUiy1C3T&4~}D%iPwKcoZd97?UMj`*43?h`gzHX
zeJ@_F<qu<d9ys(>LHR}XZmoJ7EtX@RWi_i^eQ!@~VmLqL1nMrW*J{0VXP5eDMSFZf
zhhd=z`gIpB7iHGh<+Z00$(<_v9c_QAe#ga^J|BHzr|d9VW+gsb79F*cFAD*(9i&Pd
zSLf2Pp3w~PY51GG!NM$lwqcRjYwKLQo-&iW<fK90TF-F)*{wp6GUqp?i}c<h3~huJ
zJon98bf@Q6_J!_Zlj!Et@LdTTW`i%|9q{An`a3O?^<1fC0&SK~KW!0GE4jVi_c&eE
zJ+~(%mG{v{lVBn$RP0`uU&(CjM?EDDK>Gtsge^-zci$SdAK30E9rD+5HK%5FS7`70
zTr5uUBU$DE(!m0-4Q*8Z)d?(US`>I<ZVz!|ss+3Hch4A}?!wZO)657zjl7}1=a#m(
zWzU0YBaqB9uibU3Z{4blPjjuAd|#N$<~jt4S{h#b&JaNrJ)fKQe<;0u>u0^4;mM{J
zC#whAv}9YVBQ8vRulY{)-WKNU*MM79ARkMcO#L>?p++%TX!Y!C^_^@qiZq*&MNotF
zU+aJO$xS)oP>ScZLJ`v>-N`m)rZR>x7V)Uejt%~_VB~$k8L!8Bkd<-W(j61X-TCoU
zWxG1qs7)|;SIK%7TcP`BE6T7nsXZ-?hI)a7d`uQr-m+(C8GYkR^9=3!p(O0Hw~A^_
zj=+c_DkPhDB$gR0ZS$7V=Tl{ol7Throy^oG*xvVkjE_sBH7y%U!*?3#<R-k9M(RGg
zRB(-BxYp{R-g=mD%bC0vtG~fRG){H5?1$%*VS`q#xc|a>i$lplEld{Y4%2eoWAiIA
z6n12cTle<nDMfPM@`G_?bD(}7-((5atj!ZV`vI4GoNU(aK=$R4_t!LjvcTisi)DLW
zsnJt`={}!+f4!(li!AxPT=GBO*(OTlgVCtz$~5*J*Lrbs$Osc*muLBMKHhjE({~$@
zMOzs0`RRy<jD#-HgEn=$URNHh{d|<MWqq>yFKSQ9O9dZZq~_S&bFnH>*ZPS0TDNtl
zZx>eoUtIm)Uj2Wm+q&naNo(J#^%c;KZNN@lf3IxaZ#Kwr+cCE^k-ByN`V?w+Vg1@6
zDR}e$VAjSZG(f(%0#b37BTRx$^aOqFB()oT8u~|7{u-0+kNPzDkBW2%Xx+ot-T2yt
z$+s6L-?k^;UfTT@@=p5-k^iUy%&q6H^=j3E$fba4x;A1+ZM%DZ(oYn{?QHGL&Gtdf
zwO(3a+KltckZvCgy7k0x1m)${M*^*R$hwql?}u?5?03Vs1>G}@-<S*jL8<7_O3QlJ
zoYDE=&Y_&p&t5GF<TwR`!VJ@7ple2BPRUK{kw|@ZdSrb@_u!?Oa_4#((Vbhz-j=+q
z9?|<~YV>aF8FH_C=(RFa*3kP4CgmTd|5sgiY4g298iu#WRNBk5&PO~sf@c~qGqhWO
z{bE^>oZ>v?&H9$`6glBYqa8%RI4eC5hW(JEpSxIelKx2<VHh3zyewcg!C&a_r|8{M
zp6*?N<4(12lUhRX0lFva?#0>U;j!XYJ0s@RdXg0!FNhe2rFC}73&P{<$uX*+mb+f+
zBQiXD{-IavsR4^gP*DNZGR61e>a^g|!l71->s{vKV<(zKeSC_G1SrW=cdyXvdeQiL
z{Vyr~8R;H7#&!F!Db$<xv}PynY6)C-zI{5R+~0B%Ws~li;u)zLX>M%~&Gkdst;ZX0
zNLiM-qfyeRVfy<=-=Q1`E~SMTytiz<^p|(1-tInAdY{4ho%m!jVAfyHC)W?frw30}
zIoZx#r7p|0T1wMBz9}(SOE(??N%KdI?<vnnp1UW8CzABER8sM6RsuM;sco|e^lF}j
zbhTFer*(a5QyTp1YgKC^`f3|zyuE1dOHDOwDt=5Cuyi{t-fiyljU+6a@M?vIOx%yl
z^C<|o*ru(gEzkZOD95p~h&aBCy^MFjL6Zz0cYjf>ZN9o*t!_P0pZByTx%bUmbT7=W
z98#)xx3nKh7k=I*R;Eu4NtG#*r8MwVdB>dCM-wax&`L~`>8_e$d6?bjL9-mIjTBAj
zURctgVR_LIEwtyxo~!u!#);CS=5_NTnk89ICX@*v(=#R=Td_FauAQZ}_4s(n*)$DL
zg5C<N-D687ZiU56_N5Tp%_im&1JK&;v%RJx#E3>}x}3@T=9dS$n2b?6SSrq%WNd!F
z*3XU+TXx$6>83NAn70?OKPnao%htg|z>@`H9BZBTbZ_QTfo5$?w{5n;Sz$w^oZ7cz
z>Ljt5pFpzbs?~M{l}KZDEfwzWqr>zelpE&jLRL((PmPiGyJ4IQ+M!%RJmyDLAWl6g
z?D#&%GQGcbeA>hQE!M}_I=@pPtHT)%X&Sbh^BK4t?DsPE!i<Jttz>%^C-)Bjmg{_7
z@f{ztouypkEmuExs(xnO(VzC|*5!h)Nmr|WuD6()wWd<-xi*)f4p;{3mctV@r-cOg
z=6||0BifShQLj-cpfGAO@{UZgvO2`lH50rd$zgf+(ATgGsAbFXgKS+&@jgXS+tN17
zWfkj{7;Dq}>n38EwaZXXBI&o5+H4X>rXlAs44yetIAdHZe!h1snspf4>7`M!lrTs4
z%>`c%ZL!J?$GJUxt-iN|{`PKNzUP7U@oJg%h4rh4RMdN~^?bH{R^6=Y^Z8p*I@s_x
zgDg$BQsa#8cc-S`2j8<nQO>m}ZQzqQG`pp~UYY5()2Yc>_uSG`%H9k*Co()akK?+l
zZMpSfTp8$>mxbT1{#y02yEwqN9yuIz8F+W!pH;=eWZABhyut#=!*3KWCyGLJUDZQe
zBhyGEGC10?g&3T2G;ZtEQryA`OzFLg)uX4%;7-rsKHcvt941<}ewZBh#g#QV*8NHK
zcfNM*{I?O})aJ25km$c4v9bK)>b{w#AFUOPm_{w~b}HtuS@1+D3V+tO>N9I$30*5Z
zS-td36`GAXR-%-Mgp+}(dAUHxw6p}F>knQTKg(d6^#zOPC#@^7yjp(XVv*?eV&g!h
z?u522T^!DKXo;ioz|uW1+>=<Xu0D6QK7Uk2b0vQ1j2E<6k0SV^cu&@NpVZYGh4GU`
zudGxPh<A7S+#f~s(5Y%=v+z!}n!$Gp4bhalp^EE5Y}QZo<6xie@%`{=YTezf<*Pl9
zx?ejZP4fF~ABIzR1`5BV4%Rksak)0kF1L~%*ygiQ99xr#)^3`Zc%x+FXL#09@T4l;
z<9pv9oNM>MaB3rk;aY3mO})eEvr?chR!a1jb+x<u#ftw(-`Q@f|Ljns;j=e{=DMS=
zo?U%*&{rLge)r|kvp%<H^EuD@+@AHhJ^On9tTk&}cl(^R>g}^NZ26owYUZ=I(AKzL
zwiUnw#*G(^!lVNAKI=I~8U!Uusc#h@Mdi(qB-qF(O~2c!faWwDgVl~T0NK;E?yAj=
z<rNM^$w%A#TDt-#+v!Ev8EtFNHW_v6Ud|^4_)qG|t#{^5p1i>zX<7;mq$?E6Cs5{-
zH@o^241Eg58LdKu`{VW^`Ky-&JVqDB)`U*6hV7KQUQe$sujBH9qv+3j)qV&A=?tx5
z2iOpLbZm7Fci-QJQ;z5T(M5gWeopbeUd0g*mt8tPr<Uu(^h#_)^0KkB>+afh{tvV@
zx#N8eU6p>{D(g`DGfoeBJauphdz)^zJqq+EpU>jv=-7f}Hk;x5c}dS7m!|!qHk>BV
zZEHiD3+s+21#eQH9&;9C`0Ld($r)L%6p!}LsHy~aVX5b)CDVNv?J7*zdBJJrD7DWp
zyEFpHsoH1gwG3#l)mYwQ?Xu>JFUbjvP2xf!1)8i<JsbxvmzV2S9OyrPyu@ExG2XY*
zC^|0lkXo&B5PE1im4K;iclQiC4vX`3#_xE9W?NFkL=hgERPUARrm&fGh&B7Ky6)Xe
z1y^hxDIp{Lgq|Wb<29s1G%!BUEs{Gxd$D?KtAWZwTpI4QfNKeA7#KI+UQ9EcB(9z=
zjC+a|z+JG$mo~b)no^h`)4ka5Zf8ox=?PEiqs1yik-JGgznwMEV{UhM?$nOX+QD=8
zwHhh$UU$`b(_=bFkcJ(6=%~f(6(bBUJxbajVqs?zD~M7mLAp~+^<IBEY0{5(`;oeL
zSed-UKo#mIHHsC2nV7-BVNK3Jd(|Zn43XC|uWRwb_O0|EI<_=(t6x73r^rb{bcKF#
zRzm$qZu#a{E)-r`=FH>7yLk9f(H^a6v9*YMbGrNOZ})rIxYy0++)^{woS!hp>&t~9
zPuG9H&JHDpd9A!tN4=Qc0sT(+%!VsR{d1FE^X{eR+x1t-!hL%Yx{`?i$?^UcFuz!L
zICQ5GI9t`r-Jh+$PAm1Cvr(-ya1y9io^TeZ^F^J5YP*UnM)1l3z1!raPp=%%BIkm7
ziNM*q>b_sS!O!dLoha%w&=>31#x;1l>P7SLc7|)H;Jj6*vckcO>a|3<y??qNfUo<T
zt-YI>o;qU0;TeHVm`VT~Mf-9w&w)T;oFjJ~@T!eUDj(~L!*v{j>sVdK(mEDb9_KT$
zFiA*+pRRTe;k{T-ITV%(5D@}IJX|-O>PU_K_}l&MkqGppyxqF^`xXIKgdJiPSp-{_
zi6Bdul#swV)tGgAsjjj(><23(tz^++S-b*;eIb(0gLVQl>qD%a5bdcv!8#j}C31wM
zx2EZjRdQxBYX=%CCE;U%o!89z#b!IVS~BYVWI|1iTrp36u0~}UosY~g*_7*qWoqGM
zWUqJOBX|r}*7SxGmiPYY{_aQxibS{H9UZB_?^6Zri5E6edy2r1C$OM`ybgu&Ul2sq
zg%{2>5Jpk09I<Zyd%_~eZc}SdQ#FSp@jdZd&1f(x@pG=|?b%Y|i}i`p=3sWAljF`o
zXDlPQ#+!jxQ0BX%;d4+rb0jchPWVTo3eWgFbr@k1ShQxOvf$BQVdLHgppH}jH%BJm
z$OM##{mb%#M<&3EXzzBw*}MUQ$;nILL`X4WisFn$ViK==^VS7%1%t(eh&yunrB<R2
z=If=pD-)FEF*(c@gT@#!SPY@a<$T|gku$c4iIH*)N!}fyg)zlbdJ)6uTO0(oyw@Vv
zy#qo{D+)^CSq>`ZN-8m!Nf<NL(gA(TiWx#?Q(VP}Cc}lFcWuZt<%J@rv-Mow;t~8)
zo|lM7K4QAh*XP8R=!6zYQQ!|F#u^<sniki|#W@dj1%tSaa}c@tFP;OHh%Uxl6q~#m
zO+>ZQ(!9b?uAe6*MI2tTe;h%(&_G1EuM7CMM=qd<bQA?1xqyFJQQ(ma_(OI9G9V5@
zj=-_Y5|nE>L*F<(4w8%Inz--0<cf>pa8%*AIRyzXe@an-3zVHG#By8dlhfhQWHcO7
z9AJ8iyLLxKFGULODTQ3l-DrLkY~ud8Wp`3;=FIaM{OW-+FK#+{j{HaVq@<G<QpNRi
zx7;xJVWP0o+^nn+PN0K@Y*2v+c5*AYr|itJzT9J^hm>SU7FaoZum}rK%@tW@f-Qw5
zp_G6~=%Jh>$WZhV<Oq6Dj>GmUu4I3>At+I9N@*WV+_>7QD_|F7r0jzef;I(q)mFVJ
z*ehJ&sVeH;Ki$7S3IU2lM<Kvb2yhev9A$z3QnJ9K5I{)rha3V3j51N0qIYJpgc>R&
zLMGvi5KmwwBokgF=*x9Mols0zp|+!LBg9dg5ipr;O3f(6W&xPcBQ*|n3@ZYJO9C+!
z4YdlvN)Fx^o~rx^hw?sDVWN;N^%#MWFh)QH0#Iw4FirJIP?dSSJSl9$ck2{XY=l)q
zunALetE0Fo>`dq;xXL;OA*2A(nhBLAtptc_H3<!caj;JKr_Lro69&QzPUw<qmX_*U
zs!oDsHJ;22>enQ8Dr}}3d=`YF6^v=H;1S;hlL<M&u6EQ`QwUCllvyW%ZdwaBh5u?<
zV94|U=n@tRN#TyOxRYs+@VSN8=l~~>36*g`^3Wzx^lcSNYEqFPp>5_K^Ili94h_*;
zeT#g7hzz)sDGPlC6aAwZjKySR03Y!Kj$}90M7U@z9FBbGk+iAT;Xg=eL8MDxpu+Ve
z4C<rg8Hdz2!9un(TZ|4uXA+E7(iieWW>HZ~&k6DKF5gg-+%y>I3hGHw#F%8&h#+H~
zk~aBIenW%IIm2IF5<ZbQSheH<21$0*8A$})BlUEYM1U2=Q(N381^5p~DL~Jjqva69
z?qAAs2(BU7_#f(A@KF_z`TRqj2s%muj#7Z56yPWYI7$KjFjD{tkmOl<CtZ-XNI4}u
zQVI!)<j>;Lq$moYQXI*+nFI-kg&R_wq<WGHNvSfK1Xd!HQUF^kc9h(i3zEj0!%zaq
z!Ui)b5-w?#6w88!q}!6ZEcurN>Xpw{ke0q!5Gw(-Si~oZSeA@Pd90T+uC|#;fol@)
zB)F3CBw_GQ5g=>-Bu|!jC~`=%6)A!z*w{{R!bH-VpSBDo$uxSwPUav@goVO{B+;1C
zM}-#f`Kw>^P@s_RqYhk^15iFmbruf8%Ay%mL^<@-PAaMQ%m5`#mjH(jdQ34yG9C_O
z@e7(rJJHN1eV~omBq^i0L3m_wvlJYC(Jm0+brRC>GyH%9j3Q-{ShG$>#8c2KFJ<mc
z4@u+|agzKhs=&`P=zw-sLE?#IIYkj^x8xTDDZY?hoYn@+<SB9^+RvVV&?$5QUlMMZ
z;gzJ^{21=yriDk*ga!v*k^Rh)1}k`hETx8&wD3*pZ3M*t8iqS`jdmFaEtE7+RWZ#1
zZ`kP-Z%LpM6AI%C$xK?0I^=@>xQ50o8vXN)^kvCaiaxmI6DaAQ=lA>R{$>k_b*c)X
zV=Ocbfk%7{K`Q?tpGB$&ft*w_%U+QbLHteSh0s9-VIsyVVNtv&ttn$DU?ud`J`gEN
zq#l;#ugI;og1y)vxX-w$yMY7qvMLQb^vu{XOj&5FVgn+|q)J51m?X)Pr(tTU)zb`A
z#Eo#oAb@}g5?;dz%&K*$fXs}F-cX6yNAXcL^(Cf(Vx{VYQhrpQm}+<3VK}G`a}*e|
zw}Fs@F2W8MPoM%?Fx4PPT?>Z!jFX<p<T*o-Diul*c_LII;0t1h3?Y>6ST97x6hmpp
z#zL4B`XRfl1tHQ)Y&z>gG_W?Lp=q=V0TlN1%KFgReCC%B0|7ArSrC%ti_Q=xMZlEp
z5EC=>kfnUery(1$z+wVL<giYEm_p2>YXpH+z<3x%0OH{YY(y>k%?e`;Z;(<QB?-YJ
z;6$O>W=dp4u!4_=$<j%X!6V+5$n!L4!48KHM2&b633it9p#T`zvlPEE7eism#sm}o
z1%^D79zo@P1cmCfQY<`Sc&-k11E*ezD*G5u7U5~$BAyv!;0<3$O#BlY3J2>EY6t4y
zl~55W0w5d-1Kf@!KuSnsr$L*kjFV5upyHdMqEpdWEYmZm3y2ozASgnIDM44?Sv*1u
z7~@oIGmqg4@)9<1LQoF`)bpIB@ew#K8+6FTI%=6BLsqyF<AhrvXu=)UV5`DrYC&kT
zMS%vUdaSQ#FcI(+ON4G1>mC+T1%XhAug6@2HT*$GKw+a_80v{F<Q6D&L{ZxWTb^XW
z2~+F?O2CW|#}D{~(I`c<B6_i(p-mRQL^SaU)xbglsi^0T0Uk~s-=ef}WDE<c!`i$H
zCz=2b#zH9+ii1a|1Xtwi<+^7iGJ_sq#fQiRVb&*F#oAJbRLUb0B$6ct0aZ)*Wz@jK
zAK^C06U4=mlY#`uC`BGKr(#503k}hax*LH(ah)BGoP(MV5gvp}F|W)6T_K4m7kP`*
zM}G!Le{_J1GOJ{Q@{&H%mC!a4lTeI7L~Syo7gB{&@x2T)DMv>X)hE@ad;Bjy=el0p
zH4dtwA_+we(88B#?oB{c3t0^oiyd|VPxnB8BAZXtqXh9CiNYwNp$#0LgAr^aHe+T)
zHBJyI0}#d%Ll%%_#l(oQ>v6PTiRiG)%ut+vEU(Bk3K#oJ9jGtGO86n}k1$g>_77RW
z<UY6w53iN}DP!Q(BZ6Tj0RbB!i%$*AvFK3+>Oi<XLye=Zlur*l1WybXibhz4BKpC!
zEaPVynvc!IoYBGu#xy|#J08)-6`5H~g}9z-ftlUM(Pj*pN+Rq#e4Ei>a?uO@DL1-P
zFyG*v=vU8CZk&wz>pfF;$*jUL*y9R}s6_%N&%%d#MT%e#M*K`(mS6`4Q3FyHaRqZS
zCx#M5sDwy{bf95W1SR#y*Sd}}To;;?Pck7QA$=4kE-HB|uMBHZfl(5Oh6ZE}rg(}%
zR0|y7(sMXU#bWql9LWrm?m82a`-v)0JJAddGKe_EWJaw)C{{5F4Gq^QK8|F34mmjZ
z&ZxmH8bZ2poKc8Ya@0%*sI^OA-F?X%#aP7o&}&$dx<Jejktlz)B_C)kj(`XK!&Usk
z(a@Ge;S?xv$J1Jr(E%!!vqK5I07=+1OaO}9VK&hwL<CibvGT$s#DKWxphv-=MvVDO
zZ3rE&5%DFE@t4{|1lh4P{WBGeQ%si@Q3DJ{+Qb<AqD%#mC{z=hWEa{X0%0epSu0^w
zB%zp05YeE*EHMJZ5LIA}tki=b5+zXpstEF76c*~i75EZOeP9D)#E4KMBo8F<DGYL=
z5YI?n!4GGO!3c_^_#PrhT^Qx`gZjAQKI~y*3>4%E86Hm%S1ux|9dQc%2ozHYg7|a>
zkno|b>qHv-XaFyYO}xO77!MtdNKVie6lezy!ia+U4%K52a6w<pC#j2Bz(v%E5L2*7
zj@F5YNe=fQJ|*yYr45L|OxR<Xz#d1ZZxFa2e4{?hTB50#4^MJU+Q(^f5w5{1a!c75
zM>2uZ_|24|zTQFVez+9%bPuoTLDY^mFp7z?m7rpLJQYJ8GehFSOWJ@sNu_WMm&hlh
z4r0cE7K0zH6RD7Dc;mg#$@WRB=S5&-s7^uryDg+arW7XP!=p$+l>qBLWQ&3$3Q{06
z+en#+CMAxA_aCE@ED(GG1!2P@p-*8U13-}Dd5wj@JS*5@f7w6d5l@Om`~~@xhqoZK
zdVp>`uo1x&713*q0RmA@CIS<QIY_Xa8DbRtH3Ez<m0-r_#&a`W*iD!{js29CRp&XF
zkBAfnit&O?i*Wc2LcrK+oq!!Q@FQl%Wlq5YW1<u>NUf0|FiF}_4T{1XQ!UTL15gP@
z#aJMRAxL>Z!T@4)RE>b6JH{bi>DSYYQ&bVukrpjs6P1mFp!oP?)CBFkQ;W4+Njeh+
z7h9nr-ox87ctrMKrYCTVQ6gtCex!=rH1p^w>Jc}E-lA3T!;fi}cu;x$ftcZU1qI@p
zlZWepK}1i+EmWsiTB9m1#9fJmQI6I~z4X;$Dk(+`m)>BD&)UKaMPW?7jer+qgVENK
zJi;L6HBk;(4i|loF3~LpkUP~g&T&nQY8*2fF+DJ16zPqzlE9%5BhcOaEpbn%sc8#b
z;#F7)4`)!{w28{_ipih&BZ}PsC4RAfQFZ9?RsbNZ{1W>`aQXsB^nCMQastF)O(()}
z76G7S7u^|cmIpN=M^HoaIMX;mP65>n&V-U;l0x<X$Hd}K%rY>Ok|z4kvp5CG&^s~+
zxx`rEDA{22qj!lA108$9J(CaC0wgeGpt)SXFv25k$O{*NYzYU*2;ORsxY`+;geTE;
z2UA3Wv6l2Y0ayYA62k_N1G1-2Fq1vM9AYdKYO!}D9n<v*bJ{NOiJc&gcoRCpitmVa
z(e*fM<IreUo7GCNMLJo&SciBdEu%v)fh9hXW*WpYptm-xiwpy7AWj$xOEgA#dXoT*
ztx17IU#K4Uh=OPaX0(Ktp4ky%OhXek8W)97BrZKcBwZ#QynufB8g>%i+&#sihwK&n
zDI1M60y*$aaH@}3ORZ>y5y77TPoJo-7xW^}v6wi`=NTnIF!)FgOvn_^#>asw<u4XB
zdZEws7kh(po<wWCftcnsU#l0;@l`yLaoHlDK}sq~7(VR%)4dHIXX_p2^t+t)n|ItV
zpM{rm5_3SkQ|P=dWP0YHa~H>Fo;sm#ev)18JFRqhy+wn!`&s+6eY;_Q-x-hJC+ypG
zLg6QMYUhXjTROMvJj6Hpm-Z~5KiE#2%t^G)_;VVeQwhDeWO^>)0XXx{_k~@s=x+Y!
zOLgSn(wio|OQ#{@a8AHqDS`DyHb>azjQ`=N>l}jU@JpiO2u}xP5(USWI@U0UloCOr
z^Ox1aQIp8ySW|~V=7>(DbM;51GJjm^^2hz*;oZ%DIt-}oEgz`vY{d_IslHPB_Pa&^
z(HaW>^I=fPk(s|saCZvOfQwM|MunUI`(XgyMDyRL(ELw_LE!f+9)GjNV~HE$<;85`
zV7@|zBnsohc(Ih_<5l=85iXCy|MERNl$?n-<CBsP^1ytP41)L5pFBZC#Ge}@Yavn#
z7cY1sv4N4}>qI8WLBJHxmuN`jpJ<L(mo+7)NwyjfEtZre8BM&BXi4<qNwF1w%um8Y
zG^?c;htJnXqLEO9FZY~SGewb<eq^nBNo>pa#)G>qLKGMJ5yQcrhvLgcH_3<5%$@jh
z-^3n9O5HG}uuv!ww!30abV}TpoK##Yi!!oN;GQ_h=%OaQRFMC-TZjR{)MSKhf=@(F
z$_(9vI7xmJ8p|mJFLDKC13)Bblimp`0ZnKyB4UQQ#2~?25}t(Af+&I`NCsHaCVi*A
z1cer4rU;R+4{0$&fGZpn7D-?Q-$WJ}0z*P@@PaNCKti67Fo|Ts$go9llzt+3ff`17
zNLrutQo@0$2{u#s0EMeUT9hJE1UX`j*_eZ_gilJ7kl83n6IAYm&5|D2N#ms>XafR}
z5VRH^gI2)mY5XH9k}jexRE(g2N75n~#~}(FRU~vMOMHkqxKNM+$TO3=2{b7x-swZa
z1TR+zZ9;Y_1ga1;MnOMlo-o?AB;I5Ue{oE*l3<i!31v}P|6nkd(A7ABrv<<0!}#EM
z!#q4j1sqOQH55+zMLD!4535-|`i@lcOnEz0bfXdRN2rKnGExGUT%Jud1jdA%7y)r&
zPf)R$1%$Bd1{;uo*sxe~ANhd0sc{*dNFjhs)w7tdHx`1>AW3W@C5nxe55j?lv!3#^
z2stP)97Y67&J&?v5s(if2~EaKzDCJqpYkE_AT_oanRpvbeoL|SiLB`8f2wBsj+$od
zh$V52p-G`P?9g-YOnyQXcmsw99y|qVp&o1qjBCke;RP#(h~<U9r{&kl?d0)<2d^0-
zbYwErN@Kh6CjJT@MujJ8!%CF^)wQA`1Rih5hr2M+0`Ji&{)BOKhx!tDHa}HO<LiNW
zP&dNEs75#l59){x@Q4!l&;RHPXV6{GK1YU`1?q-3purvdqr@OYrT8EU%(PNbu%t4e
zKT5}#;2o(<wv4(=L;Mw)A)Ta-G?RLc1i$bC58OqK)N1jW$3qP~q=24_;fuqd9kdH?
zJ%!rvW%|$^J$QOp#<<1=qY`}M=NPegZd^kpQ23$vdWE$y$_v)<+O>x02ehd>B?B7g
zp3}T*$T|he^+v*nhWA0_Ws{=Puj>^^_1=Z^&Yzc@wAY4>&+2cduIIdVXS9D&&wX2O
zM(HlS*{3S)y@AQ1zpazoKd=70x5Fv!k{aJ+&)#t3o3zRO_U4Q3lb`l&Kd!4ova|lY
zd!7vp(>|nA?KRcj(*fTxEW2Y(p!R~~dCLPsee)moBf$LCA_Kz)BIMN-dBsXz5iyXd
zWs76vmO$P`?lu#0&#`X)<M)I9lt|KH?_)VI3C<@$T$dhiANaIn&|A9(^6!%F+c7pv
zh~F+|wznbdjy#dbv)@S~|6`DEa+7z$C)J1iSh1tf%S1V>OfCVvi{5RP$vwxq`QLwE
z1ei-@$~a@G+!L_vFX~+#?9yC{+6#O0VqNdMQ36sZYVTz64mWQ-+Im9aX#PA_AM1Wz
z{=}P_GRiNyt&<<s8)(1m+vm+=Ure4IzeKy1CO<O08_|dmC}?$$q$g#m;jJ^H`+u|b
zVVUmpWzace!N%$SyFg49BP2UhS3WF<_HKQ9zrK0lhu70SUB8~>{!bUu!UitXJ?#Zk
zPt`YJ;`RFbVfFu1wUZI(U0BC8%dbA@TN}~6537}=_iSDNas3K}z5V&U`ul!;1Fcv4
zm|-&h`}OVF{uyDy`}Ksdgu8vO9}`ZZ^=GQ}hpUkVEMR`7e-@rkRgdTDS8nrR|9icE
zS`hGF^(MeMQ@sn`K?s6p`>{SO{PgvH^@b8KHMZ~yja+}XuD#peH`0gon_jep0|?=U
zR%m84fr%glCLj}L$z6m^o<Z>s>zg-&pQ-VT4)-(tmEa0y0hbUTv>((bL7~v|{c792
zAvA5N0y@ihjEz2CPWE1XlUks$aO>Urg|GZq8@S+*{&1!vR1iO1O~r873-I@<Qvg5^
z`Is<7f-W{_iPTAeiN?Ftp_Z5*G?5YV7$%~8zXw6TiHwOAvOpqje%u2qk|An(#V)O|
zG=Bjf;Uu<5ocqW?2#k|?7bM17OocchbqArsV0dF?`T#E+36T~b^sTSglMN#bM_kk)
zAfOKfA}$f9aY6%WEK!hpV-)Hn4M%B8C7KP}2(mV80w~Z#bT0Pwo#0Vy@Di@;{kX=$
zD>&(!vPKPXhB&6ahV=vq@4$wql-`r?N_rK<Bx9+V$in5;LgR$U+x4JOKdX&|-NI!_
z4{(y8rZm`6DLnvNT7oPu7YL~XNR}i)(x3$H(g>sJH;GlIMWH33LFObKa(G0;E~%Fk
zN4h0xgKjeVOuMF~Dgh=)9$+U)l`KferBg{NjKm5_UO)wEX)U@KPlA$lLDJ-;Y4E*J
zzuHK3GIQSSfc~W!`bQ<S)F(XLlk#FRmKoLfG+V0VyDAHe;4a;fFs9fCXQH9Ez#x^C
zWYPFQg1YF7U-}D`GO_JhK0ta21|liJ!)ZKoMXC*B6*2v0B3=p&D-(_ET+9WorVxOl
zehDp%Bvd#oHTEAZB&x=SDGVjbWGM+)3Mse|UxT(drdM_g#xRv~2By@RGLg+@YMWXe
zUMC@K$!nAjM<Z+Gmn5c2ru3nAww|Pe0A%3|1q2I@CFukuDu4(5!706!p5mEL@t&xw
z-X#r12NZ%Y$&8e^OSYxt;0e{p0cau-c!tgl4*HVaq~FY_EAB|SMF$E1s17T4$u=1Z
zuObstd3>rw_e)X%7EeX{NHnUe(3!9%#nS1FfXa#^V8M0LmQ)@z#@D;CL50r)Pw}U(
zw7Eq|Fa&916Nw`iMHn$bw^&FuWBFYpUdV$8grJFXtEW)Y)Jp)LRU68jVFJ&Ay-~_2
z1Ve%~K@fY8lLDmXp4twz04-92NR5tKAfu}U1||_U3_y%rV+OGTHW-VvvGEZ-=7PGw
znjl2@h#3M?#LPaR4r7ruUQ8kCc!oG5I(krJMkOMYK3xX|h~diwq!LDWqgHxj^3Vqd
z@)_kl+k7>nKxhdBDg|z^r(}zk#*T>veM}yDQ9&~rso$kGLzEeE&?H(&rHc`Ck5R|J
zm}S>+nj)i4%DY?)WdtW2C`nW_h6D@*Jn;G!$wN1zMRn1eq=8UR#9UPmROk$D(#be7
z6k1T)nD5XX9rWobJoY!R=*zd1uR#MlDug4U7s=2kLqnp#<!Q2m?rE*^W*mI;1D?Q&
zm#~k6iMwSCxC<~dcnqC(kz^rdWDqsugmH(#&T18q8JX$UFWP#_FY4-<DL`9LF~6=F
zo$2s|=NO7Oj(T&8kMY*PLl%sUWu%C)P(<4=0pu4c6VZn{KLCV?G@Iof5D*hnu$7Oa
zG%1{7O~eT65LOS^7dsidg``@#3Tb8rQ<xAivVeq!hbA)m*Ot9zSH(rtjUpqW>sU-Y
z*+YzlJ(1;^!4~g{HB<}ai~x^|QiL$%Be+;?WTeG<mN?gW7@zb?tU?dgU0dI&nr~=G
zyr@#Vj&I^Xf@Wl6qayLbRP@$EA}J$MJ^sXxXQDhjFMpF*36BCLZii0jl87^$VUA*u
z^v}zp6L?8NR6Kqb)@TDm;>-|(-UuiSQ=@xMuMJD;#J6!fQ~+#fj*j4FDnJze!8@)f
zX4jK3mf(&OM5vhr<!ew!;mK0sT)2XgvVkZr0-rsVSfxGBG>{PTZzSVJ3-Ffo!8@&E
zeo!Hm0H%pdY0osm0`KD_a1Pf&h-wUu*n_iRh)^b6M1vSP5*tM)-Q)>YWZ4LwHG&bt
zX$FG4#}KxtpB&RkoFTFP(`)09K~&{XnF%eK67U;=Y^B#28Jb5!xn53&HpYmdKOF%x
zgNiRGNyqToGm(ErU5pDKJo7w<Pj2F@Ngt>qyPk|$jzl+O9i!?ld8aS>0afNdWA;!8
z*GO!lM0cZw3?@m$6+G8cC={7atZg*Vk@3J3Hx5QPq7JxGTRZ%~9o7VFw1P~s2ka~T
zMWv*{f*)E-&rlF#EKcJN2x){wm5ktYLIm-t(bAHAVH35CJ!d^=HI0E8#~s}wA*6s~
zt+?~%Z<$hv5HIRM3`7}Fj-O3D!zcod5XLZKHqZzHfsTv7YzCcKjmRgiAUKpAn#QDH
zM6kS2TtAoubO~%wkflOlcxw~e%dv)6v@xCuWix2J4ozTPxKcbx7-8VZInKvY;jJ($
z{jd@4K|Pj;e9#J<V#(s_6NW*L<RufK=}4h<GMeZE846A;h)+0YbVQ~@AuX$r7726c
zW;_)MqIozNyP+Q*K<LNHpk4fwFp=CKv!|1Dc#6y=C;&so@C?~Usf1hc<t!|XW<y~f
zn#W%A)L@DBBxjEu(L0I6Ei%a#qN_gnI(_0I`Qv**2Yce<yI;Bt*63yE=q|6v+mV5Y
zADa~)7K_nrD-8id^GM_(;)ZLU53S-=!UNWw-7^N96A6F|{^;qKJw(}Hiw^XWRgEpB
z4lFiNhYP`{AoP%KCcr1N>`qh!7D<Xooc@Khq#_<lKSp7-o2r3{q_6?7WT{zfikp~&
z&20XH%<#bQ#mVrSq=%kp%r1q;vF&7-{G)|?C>%N07B9#=sUiiWCy|0UBrzk3yO#)!
zeu0Qxf*Z*qomn1%Bcw#HbSegf)My_};c7%sN8i{)GLAZE317y`6SN*55|D!q^r%j=
z6Q>0hzK(%IndHqltTh=W!*Iuu_-)X$#o`a+kw|~Z7+cSN#Nv>GRC93B=jZ?lL<^h_
zP2mj(9MA*lBW=8q&ukX%C0;>)VZ9gzeDPX*2Wg|Nu8<CWYE73C!H^CTr6=|W*I7W6
zMR~BtV(|Rhcs}uy*plqvE31JLeq2EzUXW#`*Y5L#!5KZsJPg^$crE>tpj!2F=STGl
z`I?~V|JS><Pkd6-J)hS^{ijtb{h(G7U+-Ti|9M^euzE0y{Ab!9s9p8<_(A$RQ`0`(
z&rB%&rY4c*6JeR2Ra*ae1=W+)>R7>+_BU#ox2gG03*O-+?wMjbZ5hGM|M#PMxUH=p
z&rD@HTq7M`>gS#|cb8VzYB-Cs-|ttK|Em69FYqm<{;>X9Y@Idy)}DV+Ki7+(ZMw8A
z)(%Q-VK$<gZTM=pmotSL!}U~MY15oA$hDJI$+lm>oLz(It9}m8{($T_c(U8N^5=b@
zpVz$LIup#~nOh9h`;&a@;}@$fh_jyItNQ$L;r?;;la(H5(C{;l*KlrF-l)4-yzYth
z=dBd6_`JLMA0O}0y0%No`KE|Zi`Qh7gd)Jj>JU3Nfi|Ah1RC}sr{x?U7ZJ00Vl!AJ
zLpyKQQ&?^KGz&wtpDqAFP%G}CZVmre_2Vh5YQ6ueu3&T_dMS8bEU70Z+NI}+Wu9##
zribP6x_d5{1$d{#<DKrUuDkC~OJ^^1my0g%)Zf}jar6IqeMR#&{FR<$*Xpl1-~IWI
z%oqZA)25KS-p>d({z7oP#>Z^&l>%eCZ>9aQV%NvLNy#j)1p^=TJ(1>L_N0qEnhDyQ
zq4sb@@7nsIEJg5CvFjA_$0Yo!JJB;>So9L@CAq<;bmdfAGl6vjHNr~bV=NNPAXfix
zTrZ{(2Wyqu3X;qinhkHVzl31~A-aI!Usb==<ApH<u^hxHbKqG`GPVVC%2f|9=*u%G
zjT)cq!odc?|Jxqk2pI}lq2=D!Ah=|nvr#KMduU{X3+9m?&@`OaF)V6cTA~hlF}vAl
z(>A%dj<$h{WTfS1U^>0jQ?MD+xowB3C$3)Vu9o1hbLU{=uTkYJ?{KDmg+@=+f6iOz
zC*1Mv$<_a7>eJc!{c+db)!^x#Jq$DxZd`n;r}o@5d|tNyFN#(%DoZ#`dU+frrp6@_
zMaJ>I@wYpU16JCRqSxz}p-Y>rc<D|o_4Vt5=hJHY{?OAS)1HPFt9~ATvo;o8=uQ=v
z1d*p|G)8KtXvs>Md5?^AcYa=<YW?7YbewB%9;Eri?uTzyP$HB{QulVjO?SFS@<e2p
zFZ!z<*WKr?pze*b5Ii)EX{NVHd+5+;uvyxze(dgT7@R9CD(JcM&BE{Pu6t*@^zcSc
z&Ch#l5gU?qH<t<mYbw94X9k%USI|Q7#IK67R^}v>iQ}S??yx=GFShIXI2l||>#-J-
zk1y&vYZ|9#eIwq!*N+@ah~qSx&U+dyZgg9h$M%Hwdv?&?<)_9Q&**aeMEBfYeQkGd
zcCXfm8=ie+UEhb^O5+b@ImyCDML$@gU2o0L4*iYSkTzTwpE<GrGlG-u@jy>1$y-(i
zHhCKQsFn}AdaNLt+pb>5o=dzI*%4&Kj|_1Z4&&pg;^9{{j_rbYR-yF++tst6DRv{H
zclYy<Q|ar@uIu<W)f@lJdbbs0V=LVqZ`ST=-`~1ScmI03p8Zw*h#;-Byk0yI)ajMC
z;#a<@|I_&3YDMHPRV%^Thr4ZCywOI5=U9IdEM{w?e#?G*I~_kZp0t0ol7VFiZo|m;
z@6@j0gko0bNuReS*CcPxbXyk&Nx)fN96#BMCWRz+lkVbitSUNxP;u8QWfv<=JIO!s
zO1zWLPp|$<%LfnUZrQB^w$@KApE_V`zOx{?GPg@73%`WPY%Lyd#&2qyj@L@X3u~>n
ztCw{<cB<>njz^A8u=~Tt*gq?5lqPnn&)BQ2yJC~->Bq-UliWGnX<0CxUe}%QBphwN
zWaM*q#(mqsEB$?`;J8r#zp3wJ9c6x1e!%A@3$fnEswL?<T{@pnXS%JAm-^&s58p3)
z%;QSC`Ju6PmVbDk4{ezxkF_2Pw)i=IaHo1=d+FpW^>>ISQT@sO+Se5okcz9-wlw!K
zdCI4&d_xq@|E<Mn6I(n;RijqyVd=;d`)k>5+mo<nF=f=O={%Ou`>~?_#iD(8{$Q=Q
zdwO2)d;YjScaKUz_oiXfoMt`w2X=r@XHC%#UBN?#d?#^3+|^+3{m4q@Hucta*^3)w
zM`&&=6xi73&3_l6Yn@W)n0CU0%~HW^-(Tvu1zlX)$1Cua2&PHWI6T-0%Fo8)KPT0-
z3O9EOmN<-G_XJE3Fz&lK(y7tedK)I=)DYQ;V+7%HVfk%|Lpz}1&HA45$j9|bcy_7&
zCIC&Ux^lxe|A*I#XMh?<qW}sgPb_lyL_HzjR<+_KlrX-k;aUHk{xkXdw0o`YeAY*h
zq#`};^s>>ihybqo5-@|d-nLFH%T{C8lpqzsT$&Ss^gum6U!eti`L#g*ZNa8Z{M!3<
zHGOvz%Q$Ca8y|l2`oZ+rgTw-9e=r7K>%~rPa9{>L+VYt_GMVS*_CX}Y$A3~Iwd^E<
zgdWKgR<(vx7H|_Z>M>+TP4L#*pWNgL7o)(3o2Og6Te0_0Q<&!f#qn+SYlsU|xN4Cp
zwTDwofp&>Xaa%O`S$`%(cXldAG-0e*gV*?KSB1K(ks5{HcmzIjJ!fJJV#T!@N0H<6
zDGHCz!o!`?oeSmRU$6f$6!UChTuQuA9Ep<Wl#3;K3@xUHZ0qLVAAGo_4v=UVntf?@
zh-(~I9TlM!w3nRo)+gTw6my4`P;~2??>g47EoC^=C2o*v5!07TY`9jmNEz{TxApV!
zyn&D}rk2S$Rw|C&2VwdW7q<R-NI{zCOYkvG_6F`mw5RFku@X0xXo0B^3uGyNj)R@C
z$HL(%vi)N0>82?IA^o^FtSB)q7zKYp4h5u`OE6XM4^D%ulhs!7@Orm(^Z&foM+Wma
zY-mE*)?@kBfl%PBBKox&de{fV<~3jOP2az;AzC_s7?P~_9)AL<#M<NDVpZ9c7JHs7
zGV9~rLgs(_`D#`x=#bu)l(t7SO_Xq>O4+}tAzBLBS^(=pU5y)Sr4>L)GMh{eXunqB
zE%Y0W+aXcrB-*tQV{f9CAvsL*R_D)jM-$no3N?7G&(xq7Rv)X%`PB-U{<N>u0a!kM
zvD#g$PcPT+#ZsXY-PV`44#i$|e6^76|Bt-8i`DBo@5H{(q3J_e5@jAmBWpxP6l9en
z$cjW!l*rMjHbqe~A<Lpf$&SYk0*a&*!||tNdvp=ZAyd1tJ4PidMlnd!PJkGg0g{Up
z@Wr4F8l%lcF9yg(2gm^FWiAS&KnLgm9TWxn{MP@h^X~WKobw(^NoG({=l$4wt!F(S
z|L0?^z4m?!z%hx}S2_rfOlLh7WnXrG3q-qxc51detj4OCSZ`<0c60=c{eoDgaJ!EP
zGkkdh;FW*8vkddjaARgZTgpAxP{}o4F5`Z-CS+yY-*|uH?`+^C=-FFlQ)Pqc%6CnL
z!E54~-RmZPxj5iVEY|%kmg8le#&!W^*!V9#h=IFbOdMR=k*=g=pP^gSnhzhJt2V!0
zV%IwF7kb6peRjL+Lp{CCS1sGrmd`J$y=D{Cc+#@C>TEO1;}h<t*9y`HmFaXeJZvH~
zJG)O(o|tH2=Hbry3agELZgSawdKMM)Ms`(nl598rgmSLHS-&y)8(-6#POK=oUOG>q
z@$u9m3Q{^8^s5@%_P(j-)!_?!1+?0igLJ;Oh4p@@9=^C6{Yi<{orT<RySV4XVTX<1
z>tb9SrQCUVi*zweA0p{_Qsj>dh3>(6TyAbbttrNTy&TEK+_0ww*Aj6V(>O_SJtquz
zED~b4t1B-?mU&Y{t-QJ2nMHIKM_)3I*A9+Vj16@Y`EhlZN@L|%A9DiIWCrydNjE1?
z7n$7zdHN!s>S0m`t3oE)!S%PQzdABN$@rO))nw@0LsgUJpS`!wwOnwtCPmNHpGC*>
z_35*9=9&8TLcOPgey%?Ceh&>RXM_W>`&;#w<qW*`naVsD(|N{nLhtLMJ}3H0qa&D-
zW)GBV5jR|nDfMtAFom-k^H+QtFUajQgOcmBfg(tjU$PK)wsA<$uhcOMb}c~M`sr$K
zKGwe7d!Y*9r|Z(!`6_dc)<w{B!x!q^kr(U8^R+y9p=ILFReF$}7q+R(39*MZuU7kW
zbwP64D#N~~>e%Os6Ppb-*PZT}*lLlLSMHviSMsrSN5IMvJMnxwTJQJO>v!74g;QDT
zzf}e7u5RNEC+TL4eYUia;j9ub7Xj!!l{d={pPaP=iwi=$cwCol)4wfDjO}O!2SJ(n
zO-kIw{bQ~11+w9bPmiR6YZ0bnD3wLl{&;L;!)q2MZ0NGDugAQxG=;jgXm&W42cBlB
zXMX*Y?Q$VI5$#0N-?Z-+wa<5y@v-?OvdK(3T<6lkLv;bjr6|#oT@n+NC(7zJ<NWf)
zD!&&m*ey3w7R&pEupLHv;q}sWpLOMuD4iz3;Yn2Qx_^7qrs8R`fJhQFwM(#t$IEr*
zjq;PPm9B%u;o;9U?I^HNo7GC5&FT_Nc6<%Dbt<{cIecLjq1`(ctxYf1&tmKi54$)8
zHzJ$|V=ThjWE<n~AWjw)KAApuk8hZs^NU4!rk9)Z=t<n-(ZP6M)Ps<0J!&oHE^92{
z<T$S9GuPNNJivDnD~8W6?s2Z7<+G(F*-Tu)-Qpq*s$CX|fAwfEJbbbG%oe?8H|eoI
z#M%Cqj6K{sUUDCvT-5vd;>9I11>rZUA75TT>BOSGyY;ckKod~G3Q!Wcrej=R<fw>n
z$D%&Ny}S1NigD;w0ZT&`)HC9=oo02P^(=7&kJIZSebgB%T-uv;Z(xKM<44&JI4@P^
znPP}@x%3{(FZP3#CviN^F|@Q?|KW*c`_eP-`SsKcpA?PxO%Rn>jlXUIsN(^mtD4ZK
z)WfhcJlRn(iJ#q@WiRm#g-m<&=(|!2Md#s*UdFXoj}<){C*LKq^$myJgVOfi%I=>n
z?t1Q@Z6$ikoTf}7^ZZ)(a7NsiovO`_*`vU;EyKg`;MdBBTpD2Y$yU&XqaAs;svLXm
zAFev+>s9xRFT)HEK3wr9nob7Tp>5k<Gt0NyROAvL!t<D;;ge(3PTHFNEQ;OZ^<J@f
zr8YOs>uM|kI-+7U)8hA;oyLR-99zEV)}I^orR^#3DcpB7Ei1>Y$Bf79m><t%YNGqp
zm<zbYb2fkMraNok>@lufBW-!Y+3haLP3964j;8U~{ckw2INm|Ah@J{>EKiMlESFF-
z6B^HD##cGS`$dQx)`HC8j)gdWa;&TP5)WjlZsi`|VnH>)n=LA>JTPk;8%`G0Jo6hK
zCbVsh6J3TU79kdQ<A>{YUrB$LuZNdrxp?1|*xALLkUy5m9)ixxqVa||79nji|In9S
z$5-vL;HD;}kyKg}EAYMVR1X^IHAUI{(v6Q3|96{6s+Pqg*x>Z*HRp3NlP#9m!28s!
zMaVNhhgh6n-D4DfCP>Gr&5vWe4+|sQBvN+kOhwfv&n<|GbZyQ)iNsmFo6b<v8|@QS
zCOsBQI5l={)Sr*Yvm;Hi*KD*M-duz;^>3H7uetZl{1dsx+sYPG$%=+7(APE|DQ;Kx
z{qit;H4$Qx>1{^f<=Y`O%hAqHc*~qv9G<OOveF{*$q&N|(`!b#C<vL>A>OF$aiL|c
zY(9U!A?4*Q4bbp-MQqskp6R>Ls-T)5oC^wQS*cfcV7miwyce$@6>`F&GM8B6q&6;*
zy71+svut!rO{%eJM*f=EXj>I$>yX9uQ&ccKb+&9cU8O9FH}lnLt0z9W$lJ)?5sR1E
z&6}wjTmJ{oHucJTJp#DG{bq|qZ&f7B4hN_jZtA(y_V~VTxLq&QdmUoKo2r^ekAE=c
z6ZLHtPc_bM)A$?~>U6PJZ|d~qBCW*!i?YjRuY1oHkKMDa?51Amt2nji;k!IEHT?Xh
z(_WVVY_>;TEa`fTdA>fY|LsXw93T4Z2wLcy+t?mj_0j|B%`uLZ7F`6wM~@fT^~P2!
z56;go9;)#;ih4`N>)B{!4R@DoyK$s)t?*lIMl{(iVLjM*lj>`@H?6Inq=L&u?@^0~
zW^+^YJ6>BHwZ8eYwR)6I3&ZX6+z%(_kJ;YPH+fC8FrwM!6;@Ig)?;<mVPcmabjFdi
z$BvGL#Zi7Sm2IN@t}%BWD?7#9ADt}#%-(nKw-<Z2VW;bHVxzy27<_x;r`hDzO4Mcz
z-aTfz3Qv_LTJ`o+scv*1>TqUJJdTHVdgGKf-+FP~J>j9p>b{XY6e_7Lyh)EgxRi>+
z-ZLInJr-6#^CP7q5W}U~K69%6xAxVaR`=gd1K+J{AF%HFVa)}eyI7-6uj!35n5gwi
zwXoJOvAZ7&%hjd6rExfs^{f6!c+o*jGm_{xSw%oAw}%e5Pd-0W$N1WCS_WC1ad*Bn
zJbZCBPIaxsk!Cl*_NtA}k5;vg&u5x0%tPO*6^v{~Y<cy$S=#fJ_@oXD#d+NP{b9J-
zJ~~erdAU}YW@+xB;(ss|W>)CNx$V)){L`BXR_>o2$E|l-^|@6lhs6|MD4m>~rC6JE
z7vGXMdu@RAuhv)(l`eBNcID2+eTTNnJzgVpJC*Gli>%i;uG=g<UBk}}_Oi3z+~N9+
z>w=z>;dac$?eZ9)-P?I?h^JO;(rY)Ijyc^KXY;Fajr%jRR$0#a*;>{pyp-o9<@sHC
zkYk=J;yE9l`{BtIo~GgXU!Db`jc0r1xgegI;aMn?zj;KeLBu7Iw9l@4^ud3Qi8{k=
zu43}xT$dm2nw78n+i+K3&m8YnYBbt4m-!0Ph*t_jR(c*PPBH;;G(TP_o_woNCZ?@i
zf-lu%ydpQ`Wh;@HqH3;Jd@5t}QLDxio+j5twvlvhuI{Sv%SB;&oo$=mb(2-rFs!c8
zpNO3*mj2AyaqmoDQ64TS59F`y`=~=nK3;`Wx4zNj?Yb9*CpS4vDy)?!`n93SvCtF6
z@H2^SlPa<DOKs%IHKlRCzAbfD>$8>}p0Y`j=BBTa^c@$*gg^25vHJ7)eR|1Snt8<h
z*qM7xY&fPoytJGi&8pqZG{MH0%D8%7`QmaEbA7zew_Yo2@{X+9Z%eyw1@1R6O>+8p
zbdhm#yXP2v!}HTC5VQh!lPgoRXoa1LhNtSKvo}U-jOpQ%W*#K%H;Ik8?K7?9;Pb^v
zD)j72YO!uD)P|Y~_Uotd;`!S@rzyAI`|hjSYx;Pv^v={+U#s|ju3l+K?UYP4ygFVx
zgGKd>Hq&dGsd4gblyJ;OuJQ8aj@d8Pe(1)_Ctt1p<LoibSM0EZCeF{c&$awKVn(GU
z62#N8;v>fOBa@g?v(V@FA|Dz%NYys<jn|Q8V_LMAeH7hCw={ijHdpK=qSC6Bw|Y*X
za${@=Q{72Pl2Uk)2@`~Sz@7w;zgOT;z#OedIk_{~L%ELD{lNW677w@29_Q!I-TFDw
zw^Q!^^^NP98pi4)=bqsj`HWK9rj7{^67;jp%4Plz`Q9@3EGCKDNYsya3b~iHQ;CkI
zzm1`2`_gV4ND^5CGy!Pt@Wt((`w>UWc8JNM@i?e-m+US!4qA<N-IX`KrK8LLbXoLU
ziyZ#T=h|ZEybh=B84%A0f@o-a%y^)hyT{8~r*}><#_QagXiOgBG~6j=+Qc!PHiidh
z1Nx$k4Eg<<;mmm3*({|#uF0t4A&wur^@-(huaawaKk``HLt8X55ubf-$f8nYxI~+O
ztp!d^q<erDV)+9U^rryr8g`$U#F5xPJ^E_45*byoLX1ebs~=;z&BXpnT@n|D>yq7z
z?izK!NY~}D`j*9qK6QS(JqPMoX>Qz8yICF{8CJfsc-oB<mSfGYwbD7oq+=|XDSr^#
zIT;7|r)zQGm1;Y_#bM>iMVMODazP1ut3<7MYg%}2;<J--Qpy-Vpib$R()@UFGU*Y`
z)8}xr2VH)qxU8+5wJZGPTH2^jFFaj^;fr<LBUnFMec#s@4=lnuG%2NFhy`d;aq`*X
zz?M?awXqTPnHoLQ!=r6OBD_s|+)&H5kU7+S^nFr|<D}{yFFk)wKNB6c9c~@B7&iXf
z&$b5Jhv(_KF)AFB_@yF$u>>*4V5rRE7&4C!o2;Emh$@?LM(_K^`|VHyDW!a?L;|;!
zCfs;#GVhKPBMry#w`}WFRk)!dvrrF683!Zbw1Z}`iidsQsfQlSjvB|{(n&kcZ>Ft#
z->$ice=pQOSNA?$|Lpj5UH(hMKOBbJpQ|&k3=dW~c%)LD*I_NkhPBP_`>NeNJ5j0`
z*8WEA(6L&fLho3?$iJ0`cIr3R`p8bLhkI1Px$<+h0BrXfY}f<Mdc(P~{JnsJH5!R_
zr>pz<b%P3h_bqZH6d(ntYY+4tnQb~YxxIe4ZF>CS&T)D)Z^;92hKI+;yW6AKTL>cw
z)i@jujla2NZ+LKwn+df(OL%cqPz*QWQ3x3B+71cB1KXXMv(TLovH&ynQ=^5Pn<r=e
z?C9yjg_WD(%p#rgt)<sX>cMN%zGgk`nerc$S?5B%(^+<#1r^Qbjy+vRvwAUIcJr6)
zzi#awTr|S`HR;y&iA8NcSK~-o@yA^43|IWE^}ExqWpbY_&dnwgeTF-7tqkw9_Gsa{
z9<j6FXg$<t!O;^_M?KT_^c;nLbecjxI!nPSTzI%#+<c=reXTh1)Y<KhqC4Lf-SJV+
z<^FDy&C$0u>3WLqgzogwPIvm~G+h`wHAlD0Mw64#`q62+{pc)R&wHNm8$H<f|Jdkg
zIP(a>uJwt;Ry5~1%kO@Diyqo4U7un0Y^9_U)x`8k2AVE|8lL9vs+f)o{K9i}l`{}4
zJ}CfQxA=Ps{1;!T_>!`&ud?^mpR7htuFXzgdFqp>naNqLuJ-$*Tbz2b@2l%^y6+qf
zXTMw;GtMI49nKyrKKuBS@-sO+t8F}Jaq+%+Z+pv?eF{VZ{>JNEf9;VscMJ@7o3fgy
zP96*?nt9stu&>av=CNC4vG(4-7hd)~R)5~Ld%XUtoZfe;{zN~MZm-p^UaMEVR{MIb
z*7aKL>$Q5+YxTKrJ048k^Qf=km^R_X6Q}XyabKNlKKe^W-Bz9&b1f6{ych3tyO$T?
z$U2OgOR@KM;@NpuKa}n!D$}dBv6Fqy6O2qMoY^Ii;o&ny8!lz|XWF|x40iI$U&es=
zJVvUXwR?ZpLVpn2$&%XN6ZPlm=<NY$OSCG>oS5Y%`=9Ka=+n$hrY2LL;fXVaP17pc
zP~^YeJS<BGa#H7dELUAwtLsYBHArgV;i-9glie4=?4;75iGKDOPab}9Y=?Pi;%(gz
zCe<_Ehlk}ynecMUN`2KZS+(y7<vVAqU5)kd18w3bMv?zB&7<VA*`7y-r;5+v#d&_F
zx$XBr^<|f{MR9iT(A63z{yRLd`22<9pf8DJ?R~gAkHT@al;>+f6Ykv`?##K*mKFPz
zh89t86DKD%y>=eH_;T??OC5*9o$Al|Yi7gUu?u}zX3F}i@zr1X1%L%-?mtsA0<n_>
z6YQKV{q_laP2BFdSln8@Om1+!qmDLx@R~`#7mHSQ3}@OG{~7LCthrA&%@w8F$TV5=
z9quNzs~n>DvzxL+AH)3@>bv?I&#8+)U!Ni3N}X~2{%a+%-?3Pzi}Rmv^ge*dv7i=<
zz42!Wse9ts{)Nj2Ixco@_r;3JmRfslznJ21TULvMkT+{yb-6I(PSDI)+N|OD?jw$`
z=GVxF+&3p)^y9<BW~%B$w&@QaWuI5dPQmolm=8_k+2aTyWj^CJ^q-t<-Dk+TR(WMJ
z>e!i)y%DX~KYp=non=^&`&)&*$%5wj!ozI*>euWh)ricXdY&vH_POwG9Ms&iD)$T3
z|4fYpd&wbvxr)b+{CVmQg7|08I@9y#tVB#N1Fx)YM(ev(9urSdw{0yIpLcFA6<uZo
z^hN`6PAois&+MYC{9MU9U)?pk?Em{B-Q8MP$PN9DBr}rXsXjLf|Fb!~N91FLIC@m|
ziI>M(E?(I~?@P7PGSj==<v6dyZucIQn&&)W-N*vr`6lh_W$WC9<_=a79sO~wjN3Pc
zm0DuU+%E{op210_OE0n_|4t;@iT-f@g=%M<)HaJ~PAZ%oDZRKDKVA0j!QpE6s4-Lw
zOq^M^2Ygg~sda>SZt^!hqVQ&|uE<#5s)*vXEruT3u5Gf~R=az8yNji#9;tfntjKt>
zpPwDG+q6gRtK-qzejIk<->T5Wx?z8-bz9x6?p;(3rbbR}y;Ga2&Ud9#weqfQs=nW~
zO;!K9wy8RO*EThC*tJccSL`Hv%~iI2{IB0R%DluZ#LS^Ib?<Eb?R)>TXJ@!8mC$sq
zXjedY<al#tvTK_fVdE#t4U=SLmNH}#JjV|kN%5X*41$EhOc0QAB(`zee)Y9e_5g<S
z)xyn}y^!buU~ym_PE40kJvnseetDDEap)Ru?P0kE?%Q*DyiW-nTUq;TT}?ex*FVn}
z&y$4ap?68>ljp-m@fVBV>1FapyWOgp>nnW%oTbP9oSx}z;#Vu+xpiIw5om{}X2(~Q
zPSSm!mdq#pHu}w9DLSS~wTL;lv2Z%QnP3QNS@y^>{woy#gp{FeiSJj5Bu!H;wp0XX
zf+~Uc#Ry>;B|QYVqr>M4tZo7K09ggV{DdP5Cp~e7YCT4(&j?ek+{nO>*1+4xy3F$I
zWwBO4*|P9LW*){i=&MrZbJ@5ejp=u8Pcai<WlsCdCLgW;o3ilxQ##pSDY%$TM(KTC
zw@AXO?LGiQpJ-$5(a?v)A?pcNU918Qx4kvR_i!jXXU|mN@g#}@bnX6e!E$&W)W#b;
z#&@4gR-GpmrhVLtK{z~-T}{*XxO1-Vyp#JNpuh}QKwCMK)e|8Lg}ORYKcT}#LP^!b
z+OYxj<Vu*_pV{KdmInOlnXM$l?Oi81(pIwOj#bv0Io7TK%pI$Bm$_q=UFVKfHk~_G
zS#R!GWx2Uy^E_L-ooy$-%^xd^&(O2lHh-)#`CPks9oWq}+s;qU?3}%mPj_DHN}G~k
z$F;7sDw%f7t6DA7X16K`oq4;trZBIAdHwmBwBezhW7VYgZjtFoW{-(@S2k0-*<f2C
zxvk@tFBcD6$j*vtjW%<nv^jHx|BtDZ2By9j(x$$bR8!vzu~Xj*tyAAiTT>(Yg~Zt-
zHRep4`Cc{dRGYTWJaeRYnL5(2Id#O&>z$F3pGw-j&2DHyXE!uyvzw=AQ#`jdZ*{Kg
zF4n~RO8Km&+RFQs%*`85s&LVAJ%|m|w64dw5+HVD3tfNLu0}nv*ItFMef2AD`(CWS
zS8DD5#hPyo`_I-Y&#>QCmf<d2MHHU4jbyV%_8JcR&Q%+~P&}-?nyhncHoy4o+Uj}R
z#iI3c^*K}5;j3+3-#=f)jx8Ts#}0WGsEsqBf3a2;J?qUA;IbjaX1C(ym|1Gpy~evO
zJR5hs(lXq;UAtb?4)-dF`!Dk?S`i{sjd=ToR;GQs=*v&;EFbQ+Zifq5Y-Z#;`v~eO
zo0pVvb;Z2aMEmts*D9=so~^U8q33Op%5|@ARMebr`Es?81yjPx%fqcH^&R<ES?5A=
z;#$bnMtL-DZF@`IX2j9)JH|2?5vAc?w=f$?k*U-@yV*PU0KHwiE?%iKCN}P6O%Xm`
zu^#r-hMaw0ufMkn6(k<^UoL9He){qRMEvH51IAZphFfD*dt|gTB{K6T)s$uTUnwbv
zHIMnXKI~ds_R6#({C1l*)exSWwz+0?h&0hOd%aoMdZV?#3Egb2MQ@9(84k9^*4Buv
zMaNdRnsHM8m%U1g(n;OrNgvbLGPUX0ni=`dK7!Sr*NR@pmf8v8O|Rar&##w`7GrC^
zr3^KTt>~v?%jVc%Yi8U#Gr76iMjY`|`vE307%|wgPCdq!>d%Z~f-T>su{DK}x<9u+
zQD=H$#=>e>T=vP<aBr^kW);}D{7fZk8b^1-zAx33&kRDYo_~f^Uu&El3k`e4S3a5d
zMbkp-Lac~0KLO=izss;&aplEhH8y;_Sv9bE8~vEgWO=|O8mgzaz2Vj5@!00fDA$UQ
zRbE)RDZ6=osiKYOHeSixUWT!jB5|%2MpxtYtv-p3r$#cntnRB7H0T?TH$V4_jk@fu
zMw-fYttOv3;x4V>E|uFPfBKXhI2@Tj<LqX|xK#nmxQ-RAtz106CTG>ITCC+tt#4H)
z9Pewj)7tB@#p6T~x{5^8JXK9qlpZT7<YTp6vh}H|1vaIq^Hps;zxeuN*IC~%Y37t&
zWIXC<8?(>;)3&aL7R5rq7j~j34vOEd35d6g=t6;&<?cC_Dd28?oo#%byX`ADhbJ??
z$s&xN;qYROn5B`7`)1|*g}+)e^&CM@<cOa8{b_VApJhc?<Rir^75`k1jBeb`BTG5s
zn3!nvd0)$-QomZ;f9NpRAVkB;HFx!UD@ZV&OAmMTyRqiZ9GW|_Mdg*!?;G_me&)*B
z+>txnv-m<up69n_WASkFxpwT8dXnpK+nA@yo41WQsqgo_II_X{k^*+enW*q`$j>fk
zvC?eZ5f({ghVD9YUmxei7Gbk&b+Ovex(HYN@Ata}!+o8D9a`Sg+pwQ_H$&+TRiGcb
zoX{^G>iYI8b<OwG?D2bZ-51CG8rMwEBcH2r;5hdu&78gC>88)wqpy^Y9-kfS$a5vJ
zdu!EdmuJu3V;nlRCIwM5G!K!$Q}DB7STf!FT(d|j5$H>f8nxKc)w$Ahj|0h@S6Jru
zbDQfVeaCRw;C|O<c#CXkIhM~PPGzT6i&YP>@;JV4+wu-$Cy&S4t$*D(ai%oUZ=IP`
zQWxu(vHQAVVPg$8ircxTc#UI(W$Es{!+t-PKD>a($qFF9&2E*%qRDdV;#epen?3ng
zd&?G5vnr)p886N*MXi1Y_=DrEBKAUhH_BbnyMN4|-B5{U(^pi7_A|BP%sp)p_Eu|T
z&yZSMjrDe`SElPNm{|G3Zgoefy-@ftyT}#$^JP`ny^ZzOc9dUTj&k=Lo~L^HMnnHM
zx1;*`_e0fQ8+F?PJ-oQMav0ZFJs)~b`<ulrYdJqp(H)1&^0_mmW~2LOX?0voR<O$R
z?#T{sHc`#X4;LyPS_x~rM0Ys<mP%@y^Hwf)>hJva{awX-Y={0izf*rJe%qhVUH{wj
zm-9RIx94&D^LZXZJAcO_{SNzTR&r>%hOFxFrmdQH^HbHPo1bzvb+2QokB3|Pr}ksv
zRT0*jP`%blW4+dDTfL?>tyRLRdE1`Q_MRHJ?F((+i++1o!*;%MJ6^BEi(37Xlbk5~
zX1|y?-mX794AtZKeX&Jwvl=T4vweo+vvZ*TwC&i-B|7sW^@16qnxn0&95E}AbHCN9
z!MCbb8lAm;!ZX{oEAvgB(notQjkNcYqTbt8;`Sc7p)JSL{!toi=X?9oV*4IFwzd5F
z-q!Eids(Wzhn^L@d=EWqg83eLo~x1XMem7OKV1}==VQ;X@t?oni(+S+I(wOzX?hk(
zloBa@$AM;>3uV8Wn_05Cl)<i62+0-H?^Zxzw#5_g2?!>4vSq1he2Hmz=*=x|Qr1Xq
zxg40wNJ>8a+*vrB7*B|1&-bbRg(@(Ax!PZ-i)XJ^3I!jq>06miZ)~fd{H}31%mcf(
z+H}w*TAEBPM>CfKml<8l0^pLP7bG9tU83+=dR@A0Nwsv_;&$n_<zl<oiT2CEmT0v*
zEofM-Rk`{uBcfG-V2M_{b03s0L#skd+pxbquAONqVX1b@q17h%<y)49mq06;%i%g(
z@Ry}oHd%7?@|7i8x_q;o?77ghEY0O)N3*cFB%jO4j^^^R7kZZ*z0%*3Eepj<M2Kj9
zxoDEMrKzRqmadj=yIfSoLt6-4lJ28$_3-Y|I&|aLduv~wxHSFEEO%l#esYsg+75f}
zQ+C>OpTf+^z4KP+*>kT}0PcyuEJ^Q8CVk32dmg7G+H;@1>Kkw6AA26B{A5YI1wVV0
zpAYO+7JW*VJ)vMLhu%Q1^64AsRhrmyugBCyd$JL^s?VNBYFo2zpx2G*y-;)mW8Iis
zm9uVOti8q}dT*Iw&ttV5aRa?>1Wz`p>|GmentcNt-Uv3@6#fRrDs1dO(UwlyBz=F|
zoU`9;(?h+QU+yKdY|irb+-EtPSiVUG@3qyQOGrH1>&C`f&i=DwRYbl44wtk4>{!cX
znBJ>tZ;6aFX<vHVQ~T1`p4ykL_SC+#w5Rr^pQ)Ruw_7X8lD)+}7rQ2p54U7&J*8bF
zYPWIs%W^J3xG-$luRly+F_q!YZx@yEWr-|O4`-KI#hKhU;G)7Thr`@seHSi(Z?oK4
z*4^ez*>RgQWwC9}l&-fqQ(0x3GnF~EHZn{v#kSk_w>kHy*tPAsqPex5A~emI6GfT_
zY<mZZ#n#EDqFiL$+zc^yv9IfSys4+5q|N!v9_BY@sMbbXIO=ESY}KD$ha8T$*y(bN
z)jq3&x%}f{OmEgjac93-3(mNEtMoeCx^Ef?o!KA0>6es-TU~Ut;S8POh}FgE$A5pW
zaJ~6^+FOy`gHL+ywn;NLF1fVaV{_gMS9|VLh}(0Y!s4F#u*zO}(`T=|=~KMjAI!nQ
zWX+X^Xb#oZsx7%!m0a(S)$zO+m+gCv+}?{?d$0J{-pkk8d-=haXQRuarS)UA3OsuU
z)0x88l|qtr>G8Vu{6)K5LSC8s3C~3%xfEhO{bW)06QEYfU1)WgL~Io+XD>4j?WW#w
zgj__~MHtU=J6jh=`a@0TC>`5Q=hnJC3Ok#YhF#mS4r{O;D|oNSa#Osz&TM|FbDN*o
zCf+^Vw=);*(M^ZqD^@eIQ9hfI^qin2EA)8~N!j{lQANE~HQL-Qf}w(25A!Zw*EZ{=
z_6|`&UET{(ZC!?(k*V{6FSq1G2Cuy@3DKx{ep6`Inaxjy$Ok^#Z2V?f-Q}>!4W>ON
ziI43T#fN8Gih;AS>ea%^=Fd3RkIzC*Hok~cXKQnb3+{cx$mGVF7K87Jr1O&HX3OCw
zvyUcMeTpQG`9z|8Dh+LZqWRvgG{3dR&0j-DH1x0Ap!&8OK51`ptE?dh1BIshLdW=h
zJDqbuD=IbanMrQ4HP+@io1AP;>kkOXW=pq$<$6`NICQ@gGunf2+Iu179$U%ek-ohp
z_0Ok^t}UL!$&8Sjnp~Ld8(_D)p^Elbo*Hj$&CPR@dqU^0bE%;Eorty7<Alqs#&Ppq
z-}W=#t8e9N_HJ7(&DY4+E=2z7xVGwT`!<DaBfnG+TC-ioLqEF2ldLC7q1~^-sRV8N
zVT<DOg?Ww^kJzuqeWs$<#ky4>5ir;CNb3ABhgUxCZ!?}8+YZk%um@vpVtA=`h439b
ze?pI>h0IoOFOCwkZCm@Lc&Mm3S0{DfnU<-z-S*b$*_O?Fm!w-9EJ>H_#l`XEY>?JX
z6MO8j_c2O_J&sXvsZ~t7*^?KM+FxN{&wWakJ@+YT_S|Rh^0XRjkK?r4#rE81@A5oW
zxnfzr=ow~rOKw&dOZr9S_&dH^5!ughf1_-#;%^TRY%wY^!Nwy9SI3^NTA`u+=3dtp
zUba3L4z@m*KDIs=_wDm$jM@6!+dJOd`#f%69B#F*s-u0Tg+6YOJ2~FzINs^_-0Aq-
z>1^t%(e%0V<8!CubEo5Tr{nXOj;eu99IuLL>vQGZTl;bE<8LLy=v<9{+qh-5tw+nz
zy2s?T_nY$`>HB9~_s_-kZT&M^`qF5%Y40UTdoL;4dr8pVi~IIooVRziZ>&{ZY<}u|
z^zm{&V{eYp`0%;-ShKdM&&km{K74oHJAS<5$2)$!<L6{?O$Xkq-{+T``J8R_ks8RB
z%ug4tz2`QS=`BZ_^PEdJLU+-I^lfKSb3eViXufl-s@vSQmKx3cXIqM|F30nWCAnL7
zCXb%kk?L3XO7&uCH$N|8k5pf!n656jmErPoqrI;&-uU3g_*`LdTUmbf)k4{BGumU@
zXlPu8&X3S)?AoTdsB(X^)&pK>D@8WTtD<u&L8{luJmFaF4C7U&x8cB=)AZ9#@G(Z|
zo5RXimzB|NE%})xs{lCaGeQ-xZTsdKW+6D-M&f%(vpt=<spa@?Ei(4#*2S;9e+gbH
zZCgK?P~C?AJ&ol?gshh=_964-*B8dHpu^6=c|R|7yto`XwvQ7t82IvDG&qrJ(R_aw
zneKG^z^~UW!Iw+!Y=x(R;f3WSI=i6v0!%Nti9Xbpi}}qW^}s^hpKlR;bJg|5Wp$@#
ze~`=Kc-_XhDPxpQUfqjM5^db<liB~3w%vJwZeH38zteWw#wTj7pOwe{gHU}{J@IOh
z&4wj!%ShktWt-0YO@FsVe|;@rnX7o&XQdie<5=BamcOo_Jz!`_{ddYsAm;9`kGyGo
z&7m;#`Q<RwN8`QI6gpC8BE}b&L(%SZ7g(@1&?h=9(&}(=*^w8;&TSA}8k}vtg`e9e
z=eCYr-762h=b7@9H){1;zMRwt+i-RJuaz%b!JD)kmb~d`68RIOcZtgNIKnRfxP8y>
z!(EHdi&1;kMCeDNMb&%r;W>WNetUj8y<y4xJkigM)uD~cn|t+EdidgUes-a%A614M
z)>KVdSIq70le%ff*ABUgm|mXMR-@JP?RJW|(J?QY)MFD2EguyYS1mmvEyyjKv3JWF
zOKQcfX;ybHPt^tEIJ97_Lp@4tjkaX9-YrfyZXa|HNY^i`_#yY%D^ktg$ME>ZT<f`d
z^zQj~-T#NH%i$zEj`^CeP&<AW=w<<@^Zg44Uti99ch}gg4z|(YebJ0ZE^Md!Vad$W
zc`|=GQ`B-}b{;%^bvp~*m0NWuKV6whrLF}0Dj##j(=5O}K;uWejBn1LosFsR&F}3b
z5wBfec)b45>bIhorkAX+_iFbA+4F8!o2*v#t4>z-e6F>Zx(P2UI&GzC^zFpdxmuNJ
z`!clkBg0vXOW#^SYWp%4oonl0+n#M}(CvEXqQ0)_HLiB(U#mvjo^4lSx8=IlqqaR)
zvhToEw764?Xmqz0JCA}!@wfvYTGVRV4lP)z*5!6-QMTQs#m<~=?i1XBh88=IqQ%am
zsKv|LJB*UG>tW+}bNT3rw#4lhZY*_YlYs5mU}0mVV}3>3V#%qtXris(ozc_6q@(W0
z^wXf)c;Z`rY1@LQ#d7a9&-k?yzsa2o{QA0d2f!}a`)!fa?OVCZ2hE<r2<PfDwy}U+
z`&BXTQESehDrQbL7O@@{t-_wFf4*y57Wkmq`yjPv$(RM}edBk!^6hjbn;l^^U=Nwq
zWCNcniL_%pZJ5bQw0#$Ll`{+JV;nl{{j}H5Ri#H;Z|%@V<5bgEv<)s`gAd>;oNxRN
zG{7B#F8(;-bh^5<@<bi69RpbdF;iH>9)x-&1k&B47{^Wo%zG}?INA{(Ou}a{svRs6
z^8;m$5Htqr28jNGvgjY99c2_j5UnuVf54uI-0%Zt?t|4_g`SPyp=9AA*ITHQnfOzV
zla+k@&uapSqgpX4*#!zT;-OI5{Srb06K&x!XCRx#m=V=n_o3m?sw@!Zf&h|ZDdgY_
z{(3A*aEJp0%%IDRAkUPL=o{o20!jrEOgm4Y#5*mzD-n>`&c`Wn(6-HQ{7&r4W7wY7
za?OW_>foURx??uZfhEVhVk|K%dv1uSM@)<+LA3J;DkBWm=r_HM5{4sSQbB3%gJX^k
zKwkJ@o-mV8MH@6jc-jPogd|GHr7z)#i3!#&seO>l8UBOQTm|8}21w7K*6@dWMiBW(
zA-(}?P>@6wv^Wy?PX?t2a1S;CJsFmvf+C25#yF7?^ht21JI16lK!ARfpcviZ<a3*)
z{L4in5PGQ20nYJyN}eS}&-AhJ`$B#GdL276tlU7ar*Ej&*<t0$y>s}>H97t@eBN;1
z;&$#=fS#)fw<n`^J<V_PH1Qp-e<dbN^rvQk@22;i@fnCIn4W1EJ>JdOvO$2KbeVYP
z2%|Hw-o6I{Ud21q7+fzt&8cw1{K@Bemuv8l<cBx0hG0Gcm~fWJE&YN_{^b!Up%O4B
zFv?`wfex5~pdNxGnNiVFMkKG6I51kW1&$pFjqn}dcY29yMinGbLyN2^B#e_FI>7@Q
zq|8h?VKi}0+#@5WiJk-ac&!mQlVdcfevA$iF@3{*tdX>!r)W)zxEhNX&nR@8Y}U^@
zPG|HYov;U;X&rlb?<oeqS|-xdah$$li)M&Z0CgimiPB@3A$kgokdHc<mk`K;XVOMM
zs~;vL)=n{oC2~{~AZTHv0F6>{gG!YwJb}El$wuVu&2`dH5W+-)8O!BNu$0iB%n!fO
z8pa71mgv|wti;z?6rIjo{K`l;ftX1(9It~Ww4(~IJ>VKuKRy{Rp}w4@`eaj_P$oH}
zOdf|0o>(@)p7iKAhZCRCgBv)~HhEd!-~rkpA>PP?Vn9lF#%umDsdK2%t~g;7e~Ai=
z89cHCed3q7jfG-*kdQP`7Yb|@`ZNW%p%dFWOHZATBrpJ?KWF0~r~?T-u@Y_MT%-?L
z&|y72QAC;i0iV%n37Wv3ZE9u#Y`zeKS}D|Uln^jPaS;^@0v4c9K7)26<Ot(1TU<IJ
zFzV)MF*P+aKv!RiDPZj3IpC&5$~G#h;MM~|R7O}n6Lm#l;XH7l>;MOC%1C>BGX*L*
z6(FKCN{W#jH+G;HXGmno2vI#<kXdi=6kvQ0oQxx?<Onz#liYg8_?(w1`d9%>xYp0e
zd1nuN(t&?*$MiK0O=uBKby-;q2%Pti74V5dEPx`Jx?7PTdgo4n*0mm-IOmggtO_*=
z*(`0W=pfM%eggVd7&Db7@ls5rYtW5VC?`~)=zGNCqw$BBgaQEyE$jo2BSCjSrcIQW
z*hEE46qc!h=wLcr|8m?G(x4;}JT~hRVOsad8{5DR5<x=Hs5cxX$i@OaT%iyr)Q|Pq
zi^o9#anW^*Zt+Bfgc~%BpD;&x`b9CU693JycoQyiCiXRALQ`->O-7_}662Uep`F^7
z_0gsklH&m;1)7)#$4uZ@j-$$0@q?Jui1Z0{T2sH#^cEfy#&BVT;2B3u8+|5W0ZBZV
zX>pYRnGxy0d8WlV-Jyrq@QHW+k50zt7tYaw(b>{BeSr_h(N46aElEL+PQo)y_h6fN
znsJSsmZYlXQ$aU|WqiU@1|`LmgmMOO;(ADjoxmb$)`I|@1p@`o36+dR9mMj^6+3iM
z*AJr<7cT=l;A2)TjgJ!s;9C^N6uuG8d*Bri8HvKuCgTC9@liG&`jhZWcHep;VbTsn
zh6~83I^1+O!8dLJAr1?mIg7UhLL&#<0-!!dig8ISkad1zN}R@}jLa@L#Ca(A9IZrW
zq(?VWCAbCzftTYG&CxaO&=Y#xrUM-aanqq1TjD>_(s77@9k#?1{Tqh{0?5SC?mm`>
ze}{rJCX68n2#***08<7@@qj#IAPGJOB2Y4i{sz>xgNB(f6h&zdlwe6MT~NoI0W3Ti
zVYB>T0lFqf(2NMOa732qB-(=)497lLMJnudZ6>Vg%|3?ZKLk(Dpp-2ffh=ON1QqcW
zqf%M$6aR$GxOB81o{da&XY>s>Q8jw;L0rdjEM?qqgGOj3@ZcH0DB?@MV4n<H(n=7Z
zh1QG&Q;>yfWYx-duhD8ifIkLBjW&Fb2gRGUO3+NuBLOYYRJ@bs9iurKLWK{b=Q|1z
zPKNN9pd9WKY}p(<a2FKQ9Z1nSSx`rZRmfpP+R1nAND$o9iC*}L1@n!b0_$3|IlgE~
z1n=7}*zB=~<&V9Mv9;uK#NJlVigZnPvP5#Rj=WXZs9cBtPP=Yw_ucgV+O~XByCSm7
z*S?HzF7;fA$&NHvMWJ{&<Qn_s@m`=?bM-n8Y@h$ZgXvv(_7b?pZOO|M2=W_*!`ay#
z0KHwmzHSfS8(Tl5?$Nt`EV@6sxykp?ER9R8&980kaG7d-&$o->cu#e7XE$Y|c6F@n
z?3Z#Ep~tNLTJ0QmZQkxF@A+~0e)Zoq_^;M6R+{`^MIH=qv5%hmE+;<*J8iZ8JCc1T
zL-x*i6n?+YuyMC-zjKYA9}A)9xqj_RX6{jOl{WVUx(=HAZfbq?_$)_fi&7p#ogD^q
zG#~7bbnce!cPSn#oMg{<q&Zf1bIwx7ubq-v3Psy^c6FzZ_UJXK=N_6n-+M|+x1n))
z%l>|RdRp7i_m#HSCZkRET@Q0(ZQr)>HurPfY0uX@@ZB9y3nY4e5l3&=0_z*46F>R0
zsQ>(r6*LYm&hEw<@89ZotH$4Ura#j79%#N&9P^1hgJK7nf8}gzm-~P{@V`GOKaVhW
zFLFoHi_PQwbW!%|@W4g8F|~_iE6>epbni6cVY8^l!_iu(76WEE8fomIom!C0Bg6B+
z=KA@`Id9vkcjN2HW#pTGK11s}_j|Omh+RYdsl$uVHj-_w|9ty-kBnW~`1K(F>HUI>
z5IRqDk;NOmxo9%qH={42Fr1my<X(EW@lVg@kZE}mefkej$-UxREb&}@_QTl8$ZyuY
z;13ikveR~QpSU~lQOVu;(cP7b*2AU6{gaa(E`+&LzPGXCf6pVFU&dBFJCkCOjw9==
zo?jSVs`^2O)Grp|U2oLSjo6XrXnqK-^}oB<Eqo*R>UtaQj*h4EM|3*WT@v}kuHS6@
z<;T>r>+j8Bcy4kJ)9kaHPBfjT|MVSa^1I!6GVFJYvLC?tM^!<pY`;_0<%N=Hi@$bP
zxII&9?CjxE?W&h$VOdvgD;L+Y{?e^g_&figqn&qEt?l>|qT1B@?yhZ$vt8TNuCZO)
z)Q*8&+f)UzYn!Um+fy^Pt79U2X=sU7rK2TUm6n!hReD;YRcUI8R;8;YT9vluo{*rL
z>lK~%&Hao^wJSN7YFCmj)vjb+s$EIDRJ&#6Erje!k5`uUmugpfx%(ScDSmnC`B~yx
zd*a6Z7uvaJD=ygCo88>~tQgjwQ*%|^5#93qlGFmJ%MuCA7d#<Eyzf8h<R_qBsVdOV
zfIe5p#mPJ?u8%3JT&*^KR;lKJU(W8~JmG6HOVR2(TX9JYn}6oW?5xFDx$o1RlHp5c
z$&X6R`)T}6OtGe6>8Sr0M?Pf^>A6GsR9fBqY`#7mdbZ@e(E2`Jyq0aYp3a9}qGzaQ
zkEvA&->qphTb`KwzQfUauG2p(t)XW==DAT{DIJ)xWl!|gI#xefdb;-^tqL@m$J2q*
zy3b}jk;Rh?RPu7w@YJ$BRS9#wpYN3~Jjh~d-hS8W(HcvA07-su6xWyAH^;T@-{q~L
z?q)Q@$UT}Ds~tJ&_ygu&<GEYz?U<j<4tLQIy~ubM>(!hL2gB)?>)kI~<cG7Ozsv+f
ztv|JJ{8X-^wex-DUc2w%Io!gJpQZAnk7!>RR?bdVF^pyG@$XoS=h2-`o=Mc72~?HP
zmlx4^tIa2IIi``mL3L)}^sHtwC+DS~C@gs*k2RrB)T{Lm8Ct9u?%8Ri+Me<h?=&Lm
z;?b-_V;w`rj-2K*cKD|XD(Z*6P(NGe-wXBcnff>EE1LH{U6SbG2k#!P*+=dO5oJ)W
ze%JO}aC@|-jDPe0o~d!I3ZJR>N9y%lIppbjKVHsvs@^TVJzk$5t23PSTodfk3PYCv
zELJ{KM<1*2mIhDMx5w)5iE8(Fdp}$6Xl2>^T(vs8Ihr<S8$G>h3Hv2WypPn8M>eTs
zxfUf0gccWt2}^%jfPbX=pRLv>icd?amUEwJ-}SI4{ymD#`sTCs>n8|Ue<Yf9PHgFL
zwjH%T`9yv8^Lzw6+1fo`pPsGHo->z~OUKXDv2*pV=EDLyR7eRdPfbtM5j}>NPS=y~
zE)^%I$|rp~S(f)Kyw|GzYbDZag#*>3?^z#xq&`1dEg!9xkJKNdJX#pEdVHzw+P++^
zPZx#9>rcNEb<{fYl^WH$?(s(Ja(zBtXO36TesS|sQ9D`fqU;lOrXu?TR&@D@pWeM%
zy-?3J4=ePS+Nh`N%<$ktb;b%Tz2b)kXfym@ZZt&tlf%k`StZU|@1<&;t5b|;En9?o
zz5d~RIKCVQ__k(Tm0|T*h7S^6DQ-*3jh}+Ui833!=Bft-T7c$xQ8Fx1;ORO8cexV!
zcp3b$1_b8q7=OBG5&cvHiBJ6!$FtQc=;l2E7}HwvwtP*+pmU;VLh#u}-LHxdFXa+}
zV}K+woUI<l+|47<e7Y#23VO_BlW!CJu@aHao~}dO=~NMiY^-1{YxG`o)k2%7DPjie
z$nyja&GDedm5zv|kG1wEidlA|1fc;E66B}|B{=0%CyU<Gjf3GO%H)-KH5>B{cPENh
zUY3ixOtiZ)s``lF+!-TJH%-$gOR+aQh<LH>v+alhAE_f;2LsR4ciM-UL^ZB20C<14
zs6mi6K2tDO^?tTmiDl0=I#ec<=u172nBK#s*UIfEk?M`g{T%WAavcGC&hvU5fz6a=
z!iC`B0*PSqSe<u9I5=6Kb3u(u4wp_84JLlQz6lx(LanFj_!FCbwP767Stimdm)Iaw
zm=R18NO0jC&Kw_(lUQGzCxp-=Ui3ay$F9^jM#Nk7IPp+BE9AhbfRslHo~)4{tC9Q~
zx<DDPadf2~x~0F71dpqA&SzYZ_iBwVum;{VQd9fWd*v+DDu0~D+4B4eGnY$#q2^Da
z{h5NCpaEDCn@qvqq(P~cDS#3jD25@Qu5aL&2rH|ctg}+6<g1sfVA8LoDT4vgvvtgO
z{uGY{vP5u3Nn!*XKXyx@=u<ja3Vz}N3MU(1AY1jzON^KD0QBSe94I3y3i!EXo6O2t
zn1r{7Tc1H1e?n1HOfF;-j>r-zjBt3KCwuc&g5@lA@YjABu=}fuMWiJ}S91oB_dZ%w
zu;!egWkhNrK9j%>5tu<8B;rOOzA14DQfZZo_`%!oP1uu|c_rlXI`|WHWep-z?&Uhe
zmtd4{N~SzLo{_ZtTJ=z<O65<~tD{g4y}kAszRB}>#Fe6fcUbcW@2J7PX`~0i@Oedr
z{@Ny?OSsH_wecgG@Kv6Tny4Vf3*PiRoK9@P4+=r|rTWAZwV+wYPq%UCLC7!9ev)UO
zY97qfN#z^<$Qo}yU348YDv#BwCKOMyAA2iQlrglxnu$rI)e}Xf5Zs74Y%!d<F^<uA
zqG*-hp1Co;6?OCp;D1S(K$FcDPZx0lO9RPhK2bSH@_B8EAgeLA=pgM=C}qpqNl1JU
zbT|yi0;f?#195>#Bp9`)ta_%6%wLmyILp&@mM7~0mU?hEk;fnS8(*?Q-4PXoxT5Fr
zI$B~@t~Lteru0s#3@;>;aPg+EG4R3}&(!Ow`u=!*5-L^WqSmJ32t`0ed016^U;~>J
z2mSIRW)YBM)k?=}NO@0i)CP`ZI9N((4f}#%T5Dwt)`vfs#;%d{q%1K39Y&*mf}t40
zK)mt!FB(+A)N&-%Dx?@p3+k2`u7TRsI`w$Hb5l0u_8M_kZW2;Ljx~<Bt?v497cMDe
zV1u9uB+hZpD2QtjJfRR9$E$z2$;LIs8j0mtF~s0Hf~B}7%S%qOY!Xv~I<`*M+35Ca
zwNb_s1NgugfYlTjOf^I_eoUic65S4Gj3f?=X6(R!@RIzk4se#Q<0u<XL_`sU1&6Z_
zwd1jc+9H)vVluevPc1AX(xBwW8bod~pQyzPDDj!RDhQ@gsZglQ-%X<(eiQ51m<d!=
z!}<3siK+`<!+Ct&xI9VAEVH?w06nsOjG|OcJ<g$0c?Z1e1-Mb(CY_}wi2+mZivcO3
zMTTA}@N3^vS1`Y6hr%$kN6GL^xr3z3?0h~`9g0=gh%nqt#NhT_(Fy~J9W72MPMB+C
zreW?0>mp2QC#}(8CJrjb3@<sK0v<THx8huYahwaF8OUaAfyI(YqAOVvAI0RFb7rN+
zNsM8S0(2EFSpY+nAgEFOxe}A75mdRQeWvJQh{{D@^SmSq(L{A4DPV@bX+@zTk+4B!
zi6+KY`QU((nV9J2ks=P&IZnCGX~*2*PGS;z$Riaf{ctVvN-+4Pa-1@eP~&xYi5c~^
zC_#z7Q<Wu<R7?t5D#tG+lQ~-8o0<ACztmOJ|7+h%)@1jr!3YbfRiRP95?F|IymeBz
zB^@XN<s!j@fC4)9ArsQ$2MNWoCj2B{noKYo0fH^4XC!Km&_W?G&Q=?_k4dN>r$m7*
zS&bk<CbP=lnQc=LaPSQ@838Y7Q=dP%(kH-Sd@@K(B%oA5idOWbG|C2#BrAy!I4GQ|
zeW#=70t|v<Is!wzeLh>%_#DWA>9b{6X2T(0K@V4G8G#L=2hzwYB<4r>B(Hz`4;Os!
zOl|$VgJF@<2@ytwt7LlTOd~jRlw+!IK#nPA2u%qAm_bD_=rsVQI6fmmXCl8sha!w3
zADjMQC#uw%e^3qIkwlq+@}o5MK~S1`1z0j_N;$?$#X%nU1|gouq^SC%W@e?@R5CbX
zI35+#>kHP5%$zYIfSIiTTWSyhO1wcSbp<$yDMDGMV9^pSGfgk{d?pLMMyCvqLww>}
zf0`ggyk0>jBdW0QOvju|iIO^;-tm+y9>2$>2$)dIdBrb1KwGplKDt@s%J`fLVA)Aa
zP7Ge;U>W0yJo(H*^vqUJLVAui{6@za7wN9Z>BOl-)Qm!gv_Korl7`}(`@j+VfIfuK
zP2wqtlYw373#u|BtxKA1%`Q>aD2b}k4TqpzAtzeiUCx?%Z_1N$n>B+KX;>)2DQfsl
zxy?msn8w+cJaEcxES||aABlcdwmihQ_!v9z5EK7ptdWqK3fd@obN<xT0u9SRTGb>Q
zKk5d;rly<)J6Ry3^wb7PRm>7MM=0evw*g2lBM`*V61(F%=rKO`VJcC`XoT+xFaTW4
z{4!!M60lNO7cg@WI+wSl5(66)UTBC92>Ly`VUVSGhe*RJVjN7GbSYcdlxMMfS|(aT
zgS5iect-rMLixrYM&E`P)aaz=QNz(Mc0egp7)~LYCwqZ~iHz{o;RC?fOI~6Jwn~2H
z4p;_BwoEt{{*p<;Hj3I=6$TZyBgpU)#-#-IlIs%ymk$eqQ@|IFw-i8IU_&^c_!2;1
z!?(m=v4EBx^I0wBo7Q<}8@f(5(?3xFEn<q0lp&&`LezL0|CA4iB)v+mN%Pd@n~Owp
z2~UwNm@GL!go?-WFIh=E&IDeJ&N>z0<HvkXdyiJwM1Uqv$GH&%D9y0QJ=vd%AVOCa
zwC^e^wqV0dq=_Mo(RIXwBmqf1fDTFuRP@<cI|&W*5+bn_0|`=aqIE4AwGf&_qX1CP
z?H(wZkEzf#0vVV>03SB~Ra}4-QZryyHUL|iPj&3oP}o&B2uX+lr0;SM?63`WP+STw
z)HoNhouwX%<MjfS)|nev`Imu3M6JYGqoN%b5&>dewGS+%<P#k@ZWI(3Sw=O}ZWO7y
zi*U|Tc~_9b$``Q5lHx>>#@6vfp9z3@j0Y1eoRTW8VMu|FUxOpzV28p}k-|o%4p4+P
zOEEwyU=cmaPoaapzM={f2&ED;r^s?GtT58q66fD_duu?OAfLiDEK3d82RIgDr&M@~
z?o?8Jwnhz@QbQV^Scc@;QcpbIXS7n=@zG#}5WHR*qT0k0xZ|}Z-chaCA;!Q{jDR<_
zABWXbG-8YdY)GJnC|LL$UW%(^nT@KAmCBbv5*vEu%Z=e0(h>roi{wT!id43#NbIr<
zkyCE@CKezpivSW-VA^*@8V92s!IHx{&w?qNF%J=$%P|NS;c|Lv!`>W<6DXmmof2U%
z_@X-fwNJsO*i2cdk8g2sEtwvUg61APsWe;}4V6u?;UYvZAUY!<YV%(i17s7$S+P$8
zwWSaal!#5!5*;@Y(438<5S2(M5lOY6;-y$3vq&&X$XExqu*{LP(pR40GH5u)JVs##
z21C!786k5nW=Y;)?V6%pyFYG|5+xQ*@^hLHNl_T0#a?J~oD{&AL=uFFZg38W(Iivw
zi>jpHpvUl-^D09K$C-vD#}E`nV^WFHU{UxqE_ZQM!p_tr%EAEzGK_h6GEQ947&w3)
zXA;(pr$Xc$$$=u5NJJiiU4`O^1kDV=ZL%sJfFs6D#>@IcyoUD30nvN}4-h(1JR!J=
zp$Nv25F(&}>nubdr0Bu|;$n<YZ8oBBrs+MYQ&wsYY==%<4?9@!t{CW*1tUThw_z^W
zGYSKVj|?Cxp^^fz#}eXE4W-7#K*+JUEDnQUGj#OjRNMiBs6`&V@#QGwIx<}QY4AyZ
zbj@26U9bT&a3+~bt3=@zT8b>R4bv1U%EWb9lBmgU+%#br;-q7gMKz3e7ls@T7^f31
z<vIV928;kJKH)(+=M~DuT=vHkb!4RqB|JbQi5S&baERl$GQZ&g)J}3|6c}7P{D_1U
z#jBt?ixK1#PJn_rlqNg}J(`dfgas02;nI2Kj7Z39$>oS7Apim<ia;YG0FD@%YVzsw
z50c_7nqf+bDCv?e89dP?R-kq80YU{0*;4M}u_$)KW5;O>z=^nr0eGSYPRt_|qCjE>
zEbJghWx;KxHOc+ZN3n)YRFy7-k5KeUq~{A+oTC^Ko>x#JWiwj>oOUuY_!*O^49WaS
zixeZDpovES;Y|{(K2XmbsahCY+k_RAWEK4!Wd=QBFh>+iq6Dn~7Gp6W@5Mv(MQ=vn
z*SuLk&GZ|WzB8dnLb^bhy!cFrR8KLv@RvwbYaiFo#XqSV_EXMKAbWFeHipvpPSTuU
zMkMF6TAFYLZ&5u#GDl%3Y88f(9KE6z(<V#tEC}qGM5a>az<xlHT!LF>hd=yM3;&7|
zi6|6<6(CVJ36k*j0-cmxyd%*)nL&@#BjA8Ta+3xhfhsuRo^Mb&Qzs_)9uR?QmIL{q
zpqzQI8VRp_kVhqg@lBK@e83XtvKo@bgUrPEA(;|(Qz~$cj7T25(1(BVSA08<=VY{`
zp3DGfimkz@PhM2_91+AsBw9n6^=JbRqP2GTbPNq;tg&c~jG{$!NE3<c2>|Sc9_+Bb
z(P#)S=y9NwQCq-FPUClco*9xSMF?JrA+N9>4@fD)_^JD|ETXp_VgdhTMlAcLAGP=F
zomvm1{PAs|LQUI@g;qwg^dhEEgcv04Fb73(BSxS?AQFSR_XemU2!22YZOSJL_XA9j
z2#`e#VLNq0Vg{PIz7xL|hB*p170iJsX)!U9gNuq17rp_K_L3&TrE$QBg9HTR#usBI
z4aoATpTUsPgaI;;hf~rl_oFAeL4o!XJ)_}FD&iunlO$;*R>eQtO3lELWat|SU?HUg
zXodfP+1Spo#pXpnxRS4!!Y83KqA?uP%5`!%ak7+0RGum>U>%lu5Ob-Jwep>b06>Zn
zLBtG-VoaXtH8UxymjqH8r9O#A^EXfv9gHJEFj2BOae<XTf&zn5tnrKhTFjmV1g^={
z;(&g&nsUg#b$1ZB$DrNScl#&WUUoa;?SyZ~F890N-Q{QR{Nyh7qwPYsdnA0y{Rz2e
zyx)b;?+|#q&bs4Z{{9LV`dujZTfn(PGL*hv$8%3d?(BP`ot@n2|BV{eeFEcO9j~4D
z4~;3=^KU~$r!#%$d$s<eCmy)hBX=MAe6;@Z41uqgcBb!3!N0q2F0`@xT`A}5Se|@v
zv1H7cbq~vv<2$NzN5Rpu$Hmh9<lX~gP42Xh)_!SN`Q)O$Dejl*{}7(W&z*Rocs{==
z8!dF5Gz(v{XL~RI;GdOVFYLjk;FWD2wx9JaUMgqjYgy{skO`%tJI@dl6Zn)Pa;M;=
zwE)3e5<p~G=lqi!c$ZeZ67CZ~edEn39Mu>+XxOt{(>fsEPX8{~2)N=`DID$X;kB2G
zH``Y5XQRp!_4#zYzgC}UB{>zhwywNZt!b10TrOJCWi&ZlC7HTNn@gK?Uu*KJjL?@_
zY#MyMC>!;)M*q@gFB*Eij*!H5nQU^g9p?4MH*M{-D-`{dt1KfbvTCjk=xgpFg8D3K
z<{HCZbx&`$<!0Lu4cQn;i>xj|inmwV-<773;Sz1p=9M~Yd(vx-yUX?MwL0pK3>v;%
zG_**$d#R4aMrdEIqvG<V`iFZc%a$PMjPBXRSsMab^lG(37fRWl)>*HoW7~*W`*Quk
zvGG}591^{4VIm8=+7eCoq!!nWMWfOqJHgeJ`pjqOMlFQ4Bk?6Ry;AK_h~!ni?-}<t
zN%7DtMGZGJpZiE~0z32%Tku($xkT?QZmSb3(4%c+{J`cbn2!fTZIDePauXkR{z`o_
zDqFGHmG-VMC>aX(yqIisP204=X6C-ojj~vRSK4qqeqxh3i=C=JI;Pib0)t(+XBiiH
zFE<{1W=(!+13Vu>(`Mht>NCouA|w7#zf_+SwaCo7*>8B;*0jC+8@EsVNUVSWymVW`
zH$?D1bp}bD6NzmW9yZ=}2&k9?fW2$PEdy`rkAgukwJ^tEb^+DDR9=)pJfeZGVW~;W
z1amZ%Hu^d4PYdu&h<<;{7%P#xEc!QA-lTm6=C=Wg+t_iKU5Xqth8I#OjYFDfMLXn;
znSqJ1-QB>!y@H}%U_pnH9$f){k`+fUcdo1aTo^ZK2t0OpgAeV7BcV$<2%<?Lc6$qA
zOo}SUVnt&}m%a%#BzA9!??9Sc&N!UVKD;F8IRp4CB0w00<KWOA&5)HG+yehvq&?d~
zi)2-$*`5JCwiTTx{gJ~s(I3|rMsWk98SiqFm-c9l4Y@Z8Trhma=}4V@pMpk$B!{8<
z1by1#_B1FlaAV;q<6SPg!UCrk>=N)2%nLouhWMh>xLC?;`j^zrI`Ao^h4<I$7)=Td
z{Db8$l@zf(%e`LTaPJQ%(n^xCyLCvHl7S5qxZoFFBtcy8O#H)Au;Xa_O}M+-TDez%
z#N?yF3Uhn5;n=VEe-DbR26fT}Ehs$j!>;rIb0URTIvU;<IkeN7B?V4WNVR-VT9Xj*
zOg26VF|3-FJj^%YUy5R1p2SNbRG}mhND6SmGb#|54Mi$3j2)8z_$=hG8f^N52_6R{
zw1!7X24#Lh>!Jm1k~+w9JlyMvKk`8UK3rP3Qe#6qo#8=5xLQZV8Cpb3OrRa-$t_YR
z4#mHtF+FRG_awmO(`-PTJwN;1jTVGJR5e1)R0y;j0YIq+yeOS|IATob;_|}ZQ(_m$
zhWca`pX33uLqs$S!$E(t6ZT0BHMEk{CjKcwe5Xs=XGh0+j$&2Fm!O^34tu+3DD}gv
z)^_?ntHGVWSKzP@KZO_>m8(?EUzC}OMBbykNVyZ+2hW*6@rq=pWH3>ijJ!h`<`XmW
zI+S{mlqjJL_+Eg|v68d|A5|+@D-Hn6%&p@=kVIH*%t%QyR1Cg^(6?7b+G(S%ViLxU
zsKiJ*?3I-in(~6fx(fnTZsw>U!jw`_YFq6=N9r-Eke<0ytya96Fu0Sw`Z>#E6q4n;
zq!;TW0BIr2jK#SEO;JsG1E{WZ0HY8FlGajGTds=WNKgmiXIm?4MvkRNmIP_H=2J!0
zDrSJ`!k>U=t=D-Ad6ucH7)dhW%i@=nBMWa9EuX1Rxz>_zHJ|+gi{J$Jz0fiS-s6US
z$Cm^|!n4)GF^(xQ8_|MXF3F*1S<fzE(m4NgQ3@=3VMj76V^*O^jx(B|<Ag3c!2#&{
zT$lJt1Fi!s^UoTUBFH#!fQoB>xTJMsTd}I=#}rkcvqYE+<+;L!>m0YX4T<=r_jC1G
zPzi0V(YH$dY#n8LRD(oIgx1Shg^qLOj^@tRXRX;fazT-G@LUl{qSlWzEZMD<k_4)0
z3`HozEktAmFVag&#^EXW)klP;i7eZ)XKfqWgKkNUQ|~0eZ?wrWteCJ`=qjp^mGphK
z&OnYOT=D-*d$mpp*{rVY$fYRp#QJ2eEQkj2Br<ef`Mt4Ha?*kRXw#WXR?zOM1FkI6
z(u4I?ZGDC+oVX-Sw{)DVq!y8_rpC7Mah?QEtjw12;uI(NjTgfSZ!<=&h~Srgq!*)!
zfMOg8vv&ek>5`9-0q5C4aHfu19TqLJUx5W7dH59+V|`ZV>-s7i@YK--xpdCjx$u{W
zLtC&Q0$NPB;GcD9a)!DKs$v`Ipo)jX6<$fGkBA4q5Md^a3NI5OL<=qSB|$v5yrXyz
zu9Y!oTfcY<?TJ@pV>SNd2z!OcAX&^IFI}VTY_wNf8ZSZR-u~&&`nVTm>5CrOpRXsr
z(V20qRp5i3Srf<b3jypS6Xl`>G;0NE{KZ+^NwHabm$}5i-Zvg<1h#cm5)D2}7yQJ?
z5Mx|N#3h`e#H;vNkKoYEige^6R3?~glGPBLicPHCQBAW!8$5_dK^BWb8Si&SUlV^C
z(1xbyG4X*{XN$P+astiqH{P^N#HUMi`2^dCKF#dSwkf3PNnT=2+CyCyXBW~sBbHc+
zVj&)@1;56vcmHygh4uV%af}|sVSW<bu~y`yQ{%B+F0iq{aLI^~LmZMRp&WnWH?*bn
zjYrZlUK5WJU&IAo8MJE6R*9xngS53SJ|^n0TKe)<-_Q{E>6LyHRm2sOMzJ%p<DQ@6
z-3Y$nF8On~B(v`2pE!qOF@^*tDRhNmWR@9Wm_FGemt6H?2VNpNh;;hppR<lTmTSf8
zBi1_CUgi1z&5;}xohs5@if;wAVh&v-#v4zJiHGt;wi1ghJU|g&=XpF%#7f2zZ)u44
zmbKe@J1@xw6%h;WXqk_z3ZX!p)}Ea3gs*rz>_9QOMPO&ymLK9)lr{=IurFU00oY45
z!u!M!8WwHkfANk)JWLg-vdLN}4Emh$@k-Mu)+k>M;=~~K(~CAlJM_G2O`BO}Af0xx
zF}#tM)HH}w9I-Wh=#%WNkI~>zOEr-EBf{ibsHp5HN!deGOZ}zhf-*Xk<r95*q|s$&
z_)j$_nvwNPTUgjzWSMTAI#z_ERT?09uAahcFd+`g@3A6HR1Nxe;s*O=@(%5(J!pz9
zSy6;Zq|&ZuD9BIMMAzCu5f3IWI^>I=`Q$SViD8y;&=K*}Ml8ps?7~8<22+khCmYE2
z&S(MiiF&xD^H>tkEX$VAhcB8)9B1V$h~Wn<k&LH71Wg$)6n%&A;6oLsEf0`0&y{Rs
zXH9ybbsCC~%NU{sE}#HaF`{t%_Ff~`ILeWT&S4W}Rb4V7OyN`om<YgPyj?4vHoP4h
z!4Ch9bwnr`o%}G)iu94FMjmwNB{4+ZA@i_PYG<RsRAQDM`Ud&l>t>&~#Sn2wY|XjE
zV19!Ru9IiPdiWJ3NE2j`ObiUyq-PIfup{|UN$f@|d{>NZi=WyjiojbcEm{z_SxU8x
zdzAyq(9Dl$2Ab74+M_DELqKq5bojxg7U)2tZ&j_m?Z}P(<0<@@58xv8G&v%vPf#F#
z^Q+Y4(WsH*xzQOL`bYb8=yPI$&+yDQ`y5!b&YZ~TY3+#f==rRF{|u98(}RU>pR(kI
zuB_mU<2=@UQB)!y3-|dWy(SYtV_G>Yy2jQr3@*hkk%>R?JDH&7sBMvyJ&eW5DjFFw
zk(@Tgr(|%R#A8^SWs?)5Te*v+d4p<!_Hf2CQh~@+_%MoGS2GJsRl=y@IR^od*NAC!
z)&&EM879F92_ObVLBt;uqmvZJNr8~TmC`A}ftuTMK&eOqY`6JAr0kOScm@rMp-9SO
zhNFK7i)Q3ro<sn#m)25Gc1`dI!=yKz8-a$=jo-=S5T#AoWa9@&;Fr@xRVGyeVoV^|
zlFC0$&iNQs(8ikZ$EY;I`RGdcF-U??bVWOKN-W7%I1!|=3E)jLB2{u7j>8BX$jr2n
zyv29pQ6d@iF`@HOHuFJ9GGoxCMf!*%1Q3nrUTu+As-R^NXV~~j@Zt~|g+(OkA?nPv
zC!LpRlOUhcE5l?`A#5^-5gezv?gWB%N+KdVTg&2sFy9d&<iykyfM+&9$r{r|_H!W!
zFFktFP4c7YL|Z&pAD$NP%}iT%5%1{`4f;2$QP(l649uK~JmB5fOQFakG7$YKrm_Hq
z4W4GYKz9(sb0i;0jD{i7kntb^TN}tr(qRj@P0^E-)EPpPctD~b#1gE^M(lAzj2YY@
zTv(jYAW>W-<THTDD>*`+$#MbWK@kLrc;YeascINlTee9bR!BIZ#Z<&}49yrL9MgNa
z&(HAAYcwUBWc9%u;eD6|5APTat`qST+n8Z7mV><{S(+9bv73NIakQ)WswBSgGvFm}
z{+N$rC&p;1Bi)Gm!iJ&1U(OW0oe?^c2lWVR%%3WrO=OFN-?)qZ+)B7%!_4*2ibIK=
z#!1G*p>x`TPqD51;?ps_rht*O4(4LKa+U0$z|a8(7R3d@mJ_0rDZk?;5dt}AaT~{y
zoIu3U6lFXiQ(Z2Zbe3W+`c?wPb(4p9#IW%%0UajQeB6d^=>`#c#BQo`2qr+BiVOK9
zo~nFh>8w!zS!!$AqEAs*Uhzszl#@A?YJvyIC;SEn{v-j)^9s|cROM%$M6sLrPFhMt
z<8S~0^DLpM5W{r9A!O4YRydaP5<Q#Iv7m)jDv1>ZF$z%(5`(EZcgi6QV<yEkyaNm2
z#SHmOd=WkLU>j`zF_sNN7qmz7$N&H%0f(cEuI`K0r2Xh$d)UWHDnX(Gg82c>CF|rJ
zPBVOL3QoiTKERQ+Bq1OKSt%7~2^9o{ayCY9lYMdt<Z-)9&5+R?BMJ^fI2KsN#E1y-
zY><-NL@zkjFB7?h!@z}VdP$f9Rl3dc0uG3(C;_!Zl!QaEi5CdU_~7g{`KEnrCwtLy
z;)8)<GWC1PmCW5RqxjIru=JHVsIVGaAWo}<QE_ok5KEn5HtG`=MKM;7UvXGK!9_BL
zHb&5fuR%PoqQ<JXH~uwja-hGdSB}R%*q{c%lGk7z)c8iqcF{#-a!!QfQ#2pjuvs!I
zh{-~{5Mm_yf8#(BZ0ac8;1kez3pO&_qMhhFS^)rkQ?avwwkZt_0LvVaoAVZqF6^?k
zu+X!qq;8~?-oOc>ypk~J;YP;cA2Nqb6ruSguEa2Ysx`h?tVAP>s1a!Rtg#pm7$HP&
z+&N2>!d$Y1+Llmyh$XVEK?#XM7ekPsO=nW^pr$~eVWTHYBn+o|iXW<JjE7HPS6gcv
zmq_x%sk69CfgyMNZ}BBjD|Sk1qNz?ObG8(td<S&l-2lEP@B$JR6mp^;dK45Wsb*va
zR>ne@NL`SOC8qIee#H-Ah+m0)u)vepBv%*!FurUIstq1+LB+hZ0`*HMpv7#wkD|0;
zC~6P5@tavD)#BYKkrS=1o4QW9pOnkf6+&SZ7rA;OMu{yVb<#fS_Td_j^ob%eCWC>C
zAPAMt(1hs*s5s7E+?aOB$I)dck9Ux^IC*@_m{~89=jqy*0)nxkKep5^0Uk_QFmyJb
zevJv0j*u$UaVK$wD<cOMCLs*UxspjmnB;VBE0pHd*_4VxEn`wxLJ4LRHUvvWg>kK!
zpU|Ps%|S_c_~4CG7r<&i75Fe$Dn7{+EE$!-7&9rJ%q9akVj$tld63T3fl;?q$*nmy
zTZmf8KAF@6CoC&1vN<fkuK2|h_=fpM0txR*#8sdROVHrYDDfbkE0_pDuprU$2&EQ0
zinH>Wq+gZ7rJyNZFSlmJmBAAqBO)9zdn%peLxv(axG<p51Q>YdjY%bY8v(L$ARP&O
zBt)CXgAO3bx$qtsRt%`?LJ6P>9X_TVjgwMqVB(P?3OI^83DC?Y>CwF4t-WIa82@A`
zR{^Jw&^hlVBVCC!(QsC{dXd8_TtO>#7BRDWC1kU!(JJcXDc2Z;Cvea_D-ZEIVHF|)
zB$EMX<x|27wFwHC7VMZH>6Y<<DCrQ)h@!OOXL1=|7qHDW7!;E-6!EgqfO5(m;X;TN
zRE*>`0B5GZZe!Pkxh^wOH`zG`!%=<A$>j1bm;#D;Lu2t{E%8hPbi+MTT&7L}wk=bb
z5y>ryjH0EkLQwY@M^gVKrn9HvFa--t05^gnW_^Zgk(mJ!)3qZE#bPhBD0rsulycC6
z7NHn|XJZy`$vMfXa3*^-M13<$bIAe80AR(hiO+k4VN)+7si0&UU=pWzpVg({H?R?V
zC^eW*;X-A6tBikxBZ@i<m@JPH56&bmVU~G-n#3$YO2+qy^Gp|+ohIom)j|9^;1rOv
zK<OwaO2|&lLI-q_LXUm{gLG&)j!JAhe3Pco>sZJdB<s*L7gBwQ&wwXVsibHfmN+iR
zIZN9jyqL!QIBE(yZY>t!a`P$IsZM)<O}QKZV1QY5Ac$eHkC7BW6lU<$rUIZaNfp#4
zC^0K2Qz7R07sXNn=q7#S9F_$x6o7+q&}JGr5s2}_zW|97MUlOVF#iyush>pp{Y`_X
za{f2*#~|bdVkS%l50KItIhm4cD-uDATci?T6D~v(bdMTCW{wM1Y8GewGcEs1<P&re
zF=UJaRS*q9az-*YuXdDalKn)Slu;0=tuRgLn4{D{MBs}Np@@hK6fZ&x3Yiu(fJxNy
zm(m6`b#ihjwZ!Xk+_y>MkoQHWpqMnZOBv`hC!t$~4RNy&D0~<m@a3z7Le58cny0xW
zY}FOi$V%`+pU|ieiqbXA3#G|-7_)x!K3M>A_KD%?hc+EGkD~LeXR=_{Br<!URoZSW
z#E;~2{4p@!Ncu=HgRm6fLJ~!jI3{O$-lZH&nPPYzodN|G)y$O7+)55;PH2PZ(!yT5
zfG-osMPxTq$f{wgEkiQ^L?+Iry1^E+VLkDg1J#xNJpY<+fLRJ$(V(ZV3`8rDf?^Q?
zIDQv>h$CVYZ!~mF6X4RR;7$XnkI2p?w2H~ZB0VuDGO<Bo6|HGc+XM~DxQI_#Y{IXR
zVaz-LRouWVgF8xm5a9sAcwYb!`~CyKqbm*9cpOcWjJ{!o3_=6_2{hX9AT=HxK~u_U
z1_cPd%jl3NJ_;Jb5D#TvfDuPiX2WRKc#DOAfkSg!WK>gBmn>?C46O=E290sEj?XMi
ztHSa*ut|{MEX;(0Hmd$U{{|VtrnF@|W|3u+FsXu(i2(f&-q!#F1>lN%Qju942x|>w
zsmnk_v;_opTV_QmJ*h_$c68YIy{y1xN+Xac5290I1mjerEHXKV^d9jtB~+mC5~@%H
z3gtpE9}7NH!%G+FWx~TYETa62dc>AQ58|^f)PLYC3ful9d^+<9nAl5+5K#jzR*Z0R
z5Rv2|!of=~*^5OmqW(m@Xh5#Xj7ZK6yZ{X;=1QW=Y{%RM)|m)El$hEA5EJqRFv=2*
zJf0+->=x9ExnjFx;yul#J(v5vTrCJIf;GYdPK*tSLYI;vMxh^qq;yE;PhQ5L{tT8-
znII>WB}~cWdL|5_r+V)~Wkyb~U7G|PuAP&2I6wkFbZ{^km;a00<Ytn<p65dmPZtq5
zgg5}7sik<otfvB{&s+xaP2{HYw8)Yi)91SgEaFfKP@tJ8%n7N@*(iXe5;!<9n^PSC
zsXpVv;xOB&6U1(c#BU}xsWZSyjlune9$Y4%$RHw`<MCIN746gtx(Q-}%YX3x(!dDo
z;6SHzqTXU3-{daH<zghH!@m5|ZJTuoT36jA7mG}CxGF}iLYJ8@z!1wM_sYguEJ~gc
z05a8OHy&6Ud;`WL6Ol4SBw!(G5Jc6eTpxoxf`e*fP6qS*1o(i$(aff@MA8e7Kq89<
z$v{Fdc%+C@o{3mYE=-6$QIdj!vk0>k>THV7Bu2d`gHP&1891TX1O~2yKWR79ENTZ)
zEy=`1gcN}0b_}8ys$>!~MG&sb9cYEyq_`Y5ey#-5NH-}Cv#c!w@?@%lWFqrX3*!7(
zxD}wXQ0N>5^2O9PFhY=oV}j~sk{o8FIZBb2sE6+}on920V8!0BAwI(vPhvz7+6c8x
z@2^{gNnXhmE(IVarN7i1;%RK0RRkDg2?DBhS-od`>ZK~mlt>HA8$VY>keCI4H}RDJ
z(6=*U3k}3`_(&FiWpyp2KJkgoR0|BvYZ9kGosDS>(16l+i8aoU89b)|W1}YBfF8&=
z3M*U*GVm$x;<%E-#{al;gG_m0F+n-`CJ6-y6o+(*yfB%ih0Hi*pM+4t6Oz`T9B5=l
zJ_yFC&N8nBT1w^hj)NFw2*|)3Ar;}RjLDD0#B3};gGsOu%6T|^>Hzkk4en)N+6{7(
zR5@qD4kPoCL^4*@1G-_I4Y3U>1Y^1A(;2}@sNs9?&O)ex6Wh{$VlUMjMQ>tKpyD(o
z1shYax?O3RD9)?+k|XjZvt$N@Lt!RMS=0=s6bB0;Iu91BX@q*YflwUt;MJc{$e_;C
zm45;j2_v0;SteyrSpSdSn_bQ+Zx%CY3Rr~=7V{p=sFg?#4ZzKcv=mRw{8oKJi{dH2
z;|jqg?`A`mh8$WJ3!RVU=~u{sm}odLlzrG6O*WQGMPVU{^9WY#z4?nt%*GpK79oJA
zNfkP94T(M37CDiSllT-td3(YYb^#W{LJ(tXXGnBFEM>R81OqLK@J^A*WN`zdfFH#u
z^CBiE#jz2iu%sBAQxC6C6^(c1QCue6aR8w*>JZC0UZOULGljEUL$5e+PfhfY^pyb3
zSY*Pj*n=MqgyRHi?h^2aDtR)y(XKnwaBYQX;;qC^nO+$rm9_keb$*!{HO7TJ48j0!
zXRP$ZaLyA~#9<B|h@zMjRHTQ`6e5yA4fP6_G6z&KOH`iOkMEE#!^3j$gk#Z2ZgZ3>
zNEErG1M!S;B6#R4(<tw6T?KGT!At;2N*q~*$Sex4K`&h78&eQBg_3|rbV!!vV34S2
z^yv~aE2&e`D0T#EGccv@inPTh@l+rOH~tF~ng6Jd_^%kx0^E_cGFSJB^TlQ4A+VN&
z*@U}l&6@NtYGsmX1hj+!Il>=i2>=;BhXVKJs?dkOOgVi@ft>iyeK<Y`rvh;i|H-2G
zrfOLOg5e84rGo$1Smx=#&Ur)<N)ZVZR-#Cj53&fBf(l+>i%SMQsgV*{hwHW3Bn!wo
zB?rWwG!LHg2<v1yOoi4X1*owovIf>#pvDTD1_``2B~;2PqX?=(Y^E2!gCvjEUj+dh
zCKPys4xcfeD#e&A%!!g5@RD}o1C`(nSNgz<G=lr?YWk~sQq7XtN>1VkhoP=4_CR|I
zMED}HK#Wg)MM|hcH_}UKvLu8iqpGF-<26EZcimpUsEU{t4<?l9O-s?NJ`gKI^ELGt
zzr-WE(T(#w07pDYohhBs1YS{>hgAc5p#w^y?*H%OVbxdSp=jnG`?5kJ7kzRrRg);0
z^*CvmC1go9fR*5vo%sN2tjWr-#|khD%`7Rvb7Vz9CL{Vl6HAKBdK))(G#B8DkOUVA
z`o>Ot7E#4d5!A@~1tU1+jY%G;JL7xG5u;UomSA8Ia97Yt(DDz~xt_emapKfqZSsw6
zIVv@m;uCwxV;Ba$l#&3Rq9f%c=T4a*?U?W+i=m;G%F-yMaA1ngdW!^+)e0dX^$<|w
zofArF)I&*v3C{2;FbPNcJKE=LOe#PqAUGQp#@Q?prZQBMavnV``EeY}jakL#vMH1S
z2q+j(@d7$RR}!aV<n-FF?`K-3ceG>j6FAW!pa_xRMFNRT>C?^c6GH|<G)7YP6IMw`
zdx8$R!()<ZUxv#BfrgDboYtN*u&I!jc{2S7r@*8L#7ib3sZVRCzzz1SO``R~?X*G8
z@Cp2Vae@4h6A(j%5G&Lbw=Z!Al`fZaJPQ>;MV5!~3cWB$>%pFS*eEg~d_#<Iy|WZ(
z86$2g?Sv|X58p;lA`rNfVc8Obl8lrjK_N`>BjGw}kk>fE>tHPulqyQ8xG29QEsQ6S
zROBk%#Ya&~d(<T}9t!K|;WUZNh%h{yrVE-?VkJzmeUiB}s$3GJP)%y2`zoND*6B?k
z$&5!3+Fk2B3yyJO99EO&htpY<z+3ng2{Jh`ia;pEDGRdzp+Mjr(YjBWLBcG`@zD69
z5k(GZ9{()pND`s=B3wd|IH$zn*{~7q;EivxwfDN9dWNitS}Y6^B8$+=XUs~`V^Jk%
zj<R_Qt-{$ET*kLamg)?DnaAOlMT0S%p~0KkRji5?meD$V=tsM($p&o8pK(lT<%S<Q
zhpx##CG+?npXYIzW%GRKLj!89I({!sm8okO?NtnypsJLw+)cm{%9()5Bo;0NS}3H3
zjB5}y^-dO|4NcL)5x@ti3|@j<0xJ}VrIj(M5a0zG6(zcW*v${-RO2Y8P>pdNz0sm5
z`IYjF;5&CknKZZ;U}R*$OHYBBYlRDeAr6_8lyw}72GJCNNE*hm)6jcT0C~clzz1p^
z50_k%(+Gc=G;$KvFliIkRSbBc6V9$)EC}vdOM(wLXC011BoHRB0ek`?cM_sDx0O<3
zFV(?=x9Gwba|S{a0kBDh%uRHylW}vNKR8QB*$7+!hB?5)XFa24M&?~v)?^53V`yj<
zPpFM~AQ<fM2bNUjyG4!KyFhDdeFTD<3`Z>1#||Or7#<+VL>@7gfCsKZTu5Ormh-9i
zp<97lkmRljHW13O{+3y=26;`m3V(Qo*{r>09>@?;y<jYCGXsAl1MENxjH;0n3MoE|
zW>Bnn(XY=vMFD?ag{BWc3sEi<Sw>H|VPlRVb2BqW36l8DJTMu@-rPizc)(7H8j#PY
z*jXe?i6_=+A(;s1w53Ig;tnsKEzYDY1HmLLIs#W<6t&<?62~Acp_YO`1Qp!`WFzr#
z^o-yW-HU*UYfu-civ!U)%tEX&GtY?x!n&B2IS9Wuex=>|@23Cyzx?XgKKe(`{rCUP
zfA|0V$<zPSJHv;LuB;r`cXU|UUmp$~^7WvX)%{0TR}LQhu%jFQe*e*7ed8z9?BM=k
zSikmj->>~?d;MQNJnTDI|9yB^S-<wL58kx4|H%HEZdyIEf2|0tUpsl=fwf;)-?+B^
z&Y!KW-?F;C@xAqp9~@YJ_n)u7`&;$@k!rnqV0E=l{HTT;4qf}p14sAOz=y8=?`_Z@
zv_bxl_WEy&vDJgO4j-ykTKxM%*Z$vj;x~%319kF1ak1~<;lqbNbaXhfpF~IYuYYu9
z^^W!HH?92Qu=#di-$z#V-}=!yxpip&uyRm`)e_|B+WLV5_$sc8t#{Y2|JGrA7n9+W
zq}T5_*hYTf0I?r9bp5WIh7#i11NFZ{8$YccA6r{LvY&8U|E*tblI|Z2)C9fd(Der>
zdHwqR`_@)gOOVz5Yx`DL53H|!v?*q*@9OH`UAwjM)YZ7U{^|8k9jvAsKf=uQ<Mea*
z@wH!^<^I6>4?j_@esXaA$Dh#rpN434FLP{CsF4qUWbH!-53X<g?)t{>eP}2k99k<S
z{EPLCKV0AVqxFrSt#ACx#_F}-Xm1;Tn75yX|EKcpkFc`wGuA)2e*Ij|y>QFght@a#
zxDosLY8_kO_&IE?Uq62!-F{YYrN7_k4S!y2tlqtLh`z3^9{R6-drJ=`t*-^dL)Tx`
zx!$1i`nfVVD-LD#vX0jSYaa@<4y>(~wd?=YUmR{3_BUVx=Yd0OAC9*Ebp73bw*Jol
zd}RNJKf0pf{*SDzzw;-zuC0CKBkLRgs;pS!HjMxDV5#aOYe)ALNDdshXYJ6z_3wXd
zb@kwCDR=#chYxP@y1wymbSYDptvS=-k2OiJ|4QC2<?ZUtYx`?}YoXty`EoPnSKIk(
zf2`|)rldpHzv<Ya>)*~>v%;b4*KRqwf8`(?9lHL#{h|7!w0O6<z~OxPN#6cx-hMZ4
zzvpfJ`cI8=%Pl$fFY@+BdHY$xvPFb_?fbRA^tOJzA>q*VKi)SCE3i`bsKaM&D(tRr
z{M-7!xyR1~g9;dHW%7Ubp?duo_qhJ2^?%u9{k;p+S|5J=zaGfj!L|0S>{yL|{0FzK
z9XPW7<9~jj{t5vHR&QIo`M{CG2M*N7vdNLdcdXq~Uyl@_tz-4MXskL`Bv;pe^FoPm
z_@iqdX%Jff{;xIfUR^6l9<D=m^1z3x-Rhld<sX00Mk|tSfHnjWt-tq))z;%^HN1Ik
z?ZEoAf@Ybvv{4`Tt*?FL;O3##^>_Zf{{AXw4&J=BZ~eWGM$q>8WBGh_tthUp|L{}m
zKRmVm-cbM7mtR=_;Vp%_)%73z-|Ij4KXdF4^7e@m<j+c$`oBWcPyUDXAAhE__VM+1
z{-S;Q;bFeL{=-)qnsb^)gyRGC;ii)IoxiF9KYr8NhgVCy^^cc4_+0-uvwZx+g@B61
zw0`Z5+t+R(-TJjp0RG48Z{tTd7ln_nU%RW0-cf<(Kxy>D>+k$uM~dH~?@ix#{`{`B
z65%iOXm9U+DGbCHDmZKP-ap{J*KR5u9jG^le)B>*;kAwwOAt_2Y&dxLOAgex3JEtg
zve)jydcAJ^Wc}UWu8>yrkF0%!I^Oy7^&kJiCZioY^|g`zwAb%{jO{;F0&cz^`0!Bv
z`O#HCKK!4o{hhL81(NmmK3#&9AU|0(#Cy*aGi=-b+cZ4Ktk#Fi%}dMqvU*E}&3FD}
z{rmr<^toDrqC`1xp#0pyGVW^m%IfOj!-on*@BM@NA3^EnM-1^PJUvrKKD_p!8vVeQ
z;Xc(3_o;5UPfeSt1S%TL^r=nhZ>`Vo{24|4_#dr5gZeWcUAxI}&9dvyY_@-9vwd@y
zjUN>*8as4#?YHg%_TOK>#-C{Wy<b>=g}$%-{@-zCe0a5;sTfcvYlz<`%7q&3k+r|O
zrP4Y)qtz{)Qgx$nuzCG^zrc6tpggXW_ZLmR)%8sTymz5MSCOGkA1===la;~7)(YJg
zPf7z9wiH=Wp@P(fa{86^3wNy@?D|lm)baZJ%}Q2Hkry@<b61Ut__cqwiMIknbkKD4
z`(EGqi(89Jt(<)4FK$~~Yt~->?NgN--ubIr*KV#P(f^ZLfBc#8|1C!}@A&Og%@FVY
zcDdQ%!)v%LXKy1NX<_va`uP5T243-xjUUOI6=q;={Zr!1kH55j?fw!Y5jfa7Oyr}b
z-1T?AR6UOrX3M1z{_$sk_WS?j|6}j%gRH#L1Haps3-{6ut>zU-Akh-cpc$-TW)K1i
z&0rfzXpB?x4z^{7xHM(iqggYtJc~VeSL0PO-Oz3t#7BPvv$9v-Wp=SGdvR79vkALl
z6DFmkP>QWmQY58Kv{kB#k|<@i3RhHFWhcMi^PKl~H)1rJfAUeQ+qchq-t+OC=j%M@
zIUnzP75wmh&3?P~yMxsZ3sgJqv`gFDOsRH+<t5e>zm7uQ4_UWE@8mPoA3er6iq)X;
ziZoQA2v&T~1fr`G(X`J~t8Z&BwTm<d^p?QQGMW(j%h2)QYEss$c0Szxr1q$MqSTb;
zAA9Ac6$1rO_{`mNvm!A;d^&S#Z_T>Xy=2+p_{fT>hT+8Ym)j47jgVSDp$cJb1fVS<
zM|?FoSk@qNQuAQS<U3fg{92h0!-(h>RKkqb*f{c`zdzpoM70N}*fLR>-Ul=kU9F1?
z?F#*ny(*z~BbbvxoVS-T&!iC>!5j_t4=%#1s~fV%PM(VaCHO1mq3VoLjfL?yNq2;%
zwc%Cww)=v7OV21446lQ7m|gP2Wre~e2vM#O@!IS~j~FOP#T7G?zom?xT>6>}_=^xi
z6QvwP&FqhZOdP`Y_cjN6z3*!d_C>KijGo%jK}L(H56c|syet}A<fSvH2Qk<?*xSp+
zVUmA3PmK0)r9@mQLJvVbvWx&h5pxSN=%JA%&A}xR5iuf>)4ZeIKd7SSzr@rvf`D)g
zN>YhOb=Ux^6a_kN2vjJ*P6UvJw_gqY3;NQc4g*kgk%Q|ZtU>>xMV-c?wah5`B^MRh
z7PF0Qq=b##h5-Hr4p=|c@G;Ta;WfzI0sJ<4^Y9ajJ(N8Lzv1<nxn6I1=r6fJN&b>q
zNQcSP!T+5Io+^<rF+Z;7(BHve8Ij|*vM482i(-~X+Tdam7cXLrW4w&<4?2|w`rEq<
z*BN4^w~7A|QkQ2%5ftQ-CGhliMovEpcVGzvpXEc^6kh3UEIy%7W;M|mZu;>ADZj*l
zmo&_47Mp7>(p62}#^rGrnUwBpFU@MiBQKlhuGzFnE~RL>+|^#aAh9G{{?7KQXxU&f
zLM}DYwV3>Mz@Qg>w?(rE*R}77sPXctV|j%~0jKxN?MG|a$bTidC^3KWt?Sm;8W=U|
zBvdXdl$5I7AGyG4ra#<a;)=#>TXFC&x3oW3H)bKr%)@XF<h<Bt+Z%y@(`R13QSr{C
zkVWq&+td)S8Ht2F;QIV(x3_NtXfJ#tm49)0U;%ozIUu10_Was)T%KqBka$od<L_$^
z4ld!Z#yiYb=u$QGc3m0G9I#Xr0>8JTp(Q$Rix)3u9x}MZJiw`h;jMK#OePpkLhi+Z
z3stL;)SwQp<ZBt>QO!K;q<6O7-(J>1Mp$tEv3A&jj&`BrB(k$eZK79VBl?}SbV6HM
z1F*X81$BwEaYtDoInqm~3lufBEu&QIS!}=zw%OaeV)$o5D1fCihhsVPJ=Sg#JuNi-
zn$F84*?!y`7KG_AL&~sYW*D7ts)r^Z0z~k2hIg-OFUKQW<DiD&C>~Z68~$nhBJgk=
z8OHxS(+N|B*HkBj!;Hacvy`Jz0W)Xy;@24n^_3<+P)!2Dpj1-XWIlfz;*oKLW`!6i
zng)oBBo(*NT1}c?9`(ub(^-yzCZQS5NT(N1YUq2oL^0H0)u^{9tQ(@tL3#-eK9ID?
zX>N7SbTc67jPc<W+#(!#H8dmdU1+h018BH?;6xw%O0dEyO<L_$7}B*XhJQtKw>GTu
zR}{Ikam+n7pJ}QJ^++}RwH2xA)WvnN<@9BC1>h@=`%GbQIHz95MGYUL8om<q(R0)W
z1}hz6dTNvU2Gc<Q)W)d&=AEoN4dadtzg^9)<{OM6kP19K3hs`AZ>+;jm^#O8HH!;8
z{AM_l)$k2dhTnjT5=eaN9J$`#gJU_o3ZwyYVuzdtdNs4Tn%PRiR%vDlMc%w^c;cGj
z>^j4t5td$JObw3)hX`SU6xEv5!Ryt*x1z>VbhT=DJ<3zftP}mn`bj1vbNqOzns~OF
zU^$XW-YfW@#QY|i)rq~-J@J(E02`#Mp>u+sddYD3HN(kFc|}j5-(mC9&PdjPYUnl1
zrrR{jObdVNZSY1!kiJYuTc@y^JnOK=Iw}Ec6d{1&vw2ywy^U53$*P0!how^C;b5PR
z*_X4kHR#fD=r?1hz=e5mb!bWd159ZTLVC+2$*K-6s}63Y27YjLNG6wx*7VK^4-IZ8
z1$UzAWF4oH8h5b6H&BZUH_lRG4z{IzPk5?!etlf<+NoT;lnG>wUdJ>(>(W@@YBE)2
z=_FVM&xc-@3>a<~>8!mI<pS*hY#Eitj}sTWn>Eg?W5p1iM1y7V)OF(3^v>W5OHSjc
zh%W6lNXbd=@O|r%l&n1~heWx{i(n$D4;Jnr%bU3;17BXiz`{S3;^4AhWeOn&1n%4!
z&oS`lc4u{Ps~Iq1G**Om(mRpiX$$O(8abb@M__yD!41$$o&t>M!Ht;pe(Zj<w==>$
zpKfb#Y!S#{D9rn;$o!p2L{JETJ?LIA8>0I$@l4vsG-)B%sXbvE8k!7wg<FFqUsWbi
z&=W$6&TvM{aS);M58s))1ym>;I<vK{x`K;>jzUz8NrYsOAbyjIqf60F^kD!-L?ueV
zBseI5km4DlcVRX5uuu?-hrpfK7c{A(_qK0?d(eG!Ws{3)m#b<)wxi`zX|&P-vYZ4B
zf32)=(B#mF4U4&m4X?T*=RLX30JYh{ScqR%4bkcRM$=NafqKJdH@7RZVv#QLL*VzN
zVzVNqej}0@)){Oidbm(-#$kUKhr3vz0D;rgWAgSA9-ULKa1ZWa!7I5Fhy+JrQ{}o$
zGL3Y3$n=-qfgXVIeMy=Ek2&DAPiU(o1;&sEUSj7>XrM@{3>1+kXEhBGkAg#R>>Rkl
z$5jlmFhVn|Sqr1?#5l)8x*c&jXJsal+|^fN!)I@IWy;LCe8dHT7RQAs;qX};h<OG3
z@zY8nM*~X5W%%sCf?_1Di`knKvH0so7@?6O|Ezj2d+TO9q}I0@6kMPrOMiwL5KZZE
z^<|>1I?*%Lcz?GxEMXSZb}q$gGqV?VIu@<K=*3V$8d}9a(+I)Er(EN5N6j+sk_SOO
z*e&2fOqrqrlZS8uaX6fy27A_1vzk1g`in~uBfNUV>`q(h5*u0r?j0N#j5+4XC7tCa
z@xdXPX_Av3D;H#~pMW012`s1%4z6oK+=ARPi6IA5!{toam7&vULy|#K*H-B7sG`_D
z%cuLZh8oqu9cxRCShq<aL*Xc;m9w+<uS5nK6OBehG!rpW?Wzuj4>bAim)o1F$xET&
zllvKOU!t|rnPdwC1w?2m?O)(;cNd}_PKYSdm6b4>&Bqv%wbgJzOH|fbUkMr*D7V{N
zV$1DZ+?)xxBu4k82~t0SwF+||t1$MEj!p>QOrY7J;WlO^nkk8P2&gQ*<dWu7k53(D
zP=Fi8X&Gq+`j&{KVkyW`O6F-*6C5pdZ3dYp7Xxx|=UPk}b}JOT7$35=g?v_F4dCiQ
z`5e4GxQo<B+lVlRGFkz9zu<)V2<ziuF@R`wBph-Nt`v1_b*!lcPD(TlCC0prV`p4q
z%)~tm0LIQVx3%xqR7rkhv4SfqG)FDgZyhWR!s?4L#hT5X?LmuAj#R_%Q9SD&mpbh%
zsDNDhQ#cEx#ckAd<C&iKJMAw@71CEMF_0-gTuqy1sON^gR9dEs*l2PaS|Oeim_IL3
zu`4DUfD@7x1?y_{a47Z%ch*BiSV}p2pXlRRoV_b7A-X*hkc1{rwA%M-Mf5CC)r04&
zgHZi`DddGE^yQha4n{>L5)Ble@v-^o_CRJ%UJ1m_hgNAQMJLZ2bw?u_!G9(Low^M%
zM#>}u8qH`Ry$A5B7`(tJvvM_z30Er$pb6c&@@~T%iox;H?nEQ7?KFS2y*<4Id4yX9
zkhq7pS`&MChyYo1^P(il-GnTXT(*yNGlK8y>8+EOl4MjK#mLdzlpu~#woseh7g?#X
zUDd3HVfh&h$GyO-RnM9QK+!&x51V584^Tc>Lq}jx1YBIh)G5-HO2DoF%TWIHmcX=Q
z&e!SiAKb9BeRnvzs2=TTFJcZM7t^$LZ<AvfRkWYZ${`Lc%fV%zYu~Z3zb))=!PD$*
zQs6l0yuk5LES@TB?C;+RqN96VN*-l{P?P6==G6P)YQlOa-YiMGpTUk6CD@w)puU7#
zXl|<9-tOzSB0HykqB%DUhQGo9=lvP|;qgm`lkeZpF%&EU{qx{c{o(n*Bjlv9y%8`2
z#u<8R3^LOjhhA(yZi(r&Oe9b$MvH2CSv5Hhs*ITF8rU+}O})iT?7IK#>0JkCSj%ea
zz33>}()5mOLE%iZ@5d}qmvKGF^jD`4$n)SlhZ8j+)Q=8+;B=7LEb?_QXUI*_bE~&S
zWlC|mn{6iYVS#B;EEwY5Ph#~f7$F3C1qA{<!O7<!5c5#>8v>&+7_ySi;5v{Fo-vlO
z;bQ=^-DY#>AGV)lsFW4g2^dYM*Ex9@KATCI3~S&Z44rsc0nNC}3K(TThq@d|lAXHt
zyaJn~&p<6WPQ5KyZ$bk;nAfdtBsrRuA|vJW9@3&wx8BBCGiCup4Xj3==d=jAgGz$;
zsJmk^nc5fObI=XegNxT=MME86n4NQaS*SsRLjeaD?`eMuZd6BiRMQ)|46v1dqnf$_
zcb}}Lw~}(cI{FHijT{xhoo7MjDhnPL$)_*I4nEuaAlTi(7lG-GS{4d}p4|mxHb!?+
zmhB2I(&X@N8$O7p9%{whN3q<~zMb6u#8M5m3?<>LVq1e4r#A{&7h;mBY@RQ$-?HmC
zyqm!#_HcIN{Pi!@%uL>(uKd6<IEjvdIPA~UBp6|lW9aza_NNu@@Opj2DpvZ~slnw<
zWDy=;hR9$F!^QmX(Pil2)!^7hcPi=OgNtxM!+B^oIHSbJfdYQXG#XuT>Xj9z&bu}$
zN0#TUZLyXj&&VWA6~IFDcd8fP=azI`%wb04c00KmyqQAfV%2GsT~RhiXk_$B80P|K
zxxu8aIQ8m^Qx{g8y2zrBsT0$RYIN^Y?T0DOR@^8P@LkpDI46Q$CI9H9>cw?-WkoQ$
z*NdNia3{M-sf%0;S-KVQ1^QY2akbKZ7o@%lXxdtFDooqxJ{)cE;+8K<M+#+hUn=nM
zZv;{+S+`v={M#`NJj&#FSxk!AR9(4<mEGo&j-`&SbfBoSqsF(QMkobptMZPnjH0ig
zezdYO79NJai?*y7rtt8$L~!_9eCs_gz{l)yIL?)Q*K;3-ma>N4-@mrGB+eIB!^18s
zQ-_0jYh7|?0nN)=mz7$sa>lm!=yv8PF|(;gw@1UHyO+0@hD6l;oB_eJpl0;>Pqgoe
zrDx3IC>`ZipI{YTKWN%7cuG}A_va`z`ZNbDLSI7=C<Tz7wn^{93dKx!RQZwhstb6r
zp=aJR?MJA~KtUZk>^lCj2Gc9Ew}tgs9l5WPiXsa@IQ6I8c2hIr+8{B3vN_25BWKtc
z6rnL7uVvE>9gCS-dQeCAtJ$J(^w?M0pRW7*^j1v(mdT#SDGQDp0b)0Iu>guyv=>gk
z%>M?unEeqoI4WRm6UU7(f7q_Poj6VI&^S|-+LUM|V(gn-X2nT&JLkSf-mfMHsEdVQ
zCp3m(+WnB`F}IUjJpk3kV4T(Eu#}*3=&D_#i%TSXazt+-3=3IK8KE{w<$M(@qrC&Y
z3jSam+<>h|uz~zDoWjDmJNRaI+rYt3-Qtf4eC+frXIo~u+tZwQ?V!@jmoKkX2>JJW
ziUD@Gtd~y6=*Z4CXF-(o2;oQkplltbt{OX)U2*ENSdYHUG7mEhED0%mNr_HzXlESE
z;`GL$-LS=r<qz%f=oG$pc<s0um$at`Z|Fx1ukpZ#{(!StLrln!lL$`}#X%F|Zu%UO
z%U@(cG~^t^{0o@qxIGu6?iET3Gftv}59?}dv~`{8fl96&=gss}0atB^yaDzqILYH7
zH%167|Ke(z^F}eU#70Gzy6s8bcDG0RSLf7Yj=02Pc#W=dP!@FQ!(h0AHWrSRgxzE4
z_!rv@M>s9xq*T*PUvMC<CMk3X2}EoT@B}FAe44^I9a<ZJ@njCUU{Os!&xlFcAdbn4
z$72|o8RQS44sViAW;k_|Po}RMpk=}IfvB{TN=Byl0*PHI4prw?tI6(qlmFTFz3lRp
zzU3vlLC005{=T@SP{g>pE7<3*Ae+Fz5CDDw;lSd>tJ*6_sNr*(A-WR-UR`1(8?qF3
ze|vy`wq7aG&t6$4_V?L|9b^j(R>sj3PMNvy%xMm>ByDZ`b`z2U%ZOZ%K!I>8y>mx%
zX?LgGs!%H3j=knDbwBsh?e&SO`GK<=xfY7nfXDot&vJGxNi411+3xkghjqA=U2(Bc
zt4(I#*5U&4uuyHTlA;*yDCV+Xl*XPc%f_XG?<YM4AiTMnsC__5pfuqq-pjr_sv;C~
zQQK}y*%a%2onEs8b+aP^YuE>FvuAr3{kX1Uu4H-Te}&F}sX%=`_qXpVEr@NFjD2sS
z$+X0u+k0X~&+2nHWd+lkpKpJXq9IoxB?FTK!T9;W0^yY`<A-zzvkm0KvM0wh`uG#M
z0aPORNRCHEOk@CKGqsOW+^lKe*+Jxee5_)+QE~>`cbj5DH^+jVzCLnMn?ACdOK%67
zrwxJv1OAs`$dPm;#j(tqVN57VjPwXRn*gL<RlKv_QwxC<;Vl(zfFl8*X4RS$8^WM6
zU!rqxtSDN|vkk-po-jR^w3yz~VfR_hOWXhzEVP`giQ*he$kqeHOrtM)EE+WBOms!p
zt|>7O)?Mv8z}r&?7`*65_LJx-Tahet^jN48g3VErv^7Bqaik+SXAseg*k8wmV{@Lc
zSFEX1H)db)CJrCu0SvepxFNQcAFu;KAFaylR`QPyGKh%*h&F{!b?Vw?))a#xLUSVZ
zjd{A7Toa5nnj96r?dA&PSyO(M9$p~T=Yz7Qw!=QgU4VN4Wdj4vr9-{g*q8#jsfD}^
zlg4o$iY`^#lJDekW@#|2lfsUp=bUy!i8(gXN2IUsPVDgD(m^&J41$md<S;ckKjsNJ
z=Q&HWrvN5UM1kxwg6ne&&-z$2G!I#mPE=9kIzOO^4U(unEDhtDXlVtbj;NP9pz2D#
zRY;2d2P}G6^hj{&>kCMf%WITdY`5&QH`9I;jb0f@(yqE1=BxvQP)qp%gBWpY<c!(^
zCjdFym7f4q-^I<+M9FMfzz6DEURJelCrpdMeIfxuw#MN@TVun*8hip)_ckG;znR(B
zx4M1Dd{|b9GJWVxT_zId?h^(lkm~%tyW4AS0x}1Ob1dC*QFC5GLV}as5`Fiy*M1Px
z95fEW%$1Gm^HUOD&BZLZzJ2d40nWi>n+yHp551wEW*iy8NqKpej;elDhvHa7315!U
zb=-dBFgsmG&Jp1`0ZL!34xPuMT&+f)wDMKdg2kmJq>@q{x(Mj2ROWJ?SPY!!P2&_e
z)h<)zvKV;b8I0(DS3}Q5>S{Pxhpyho`gPQ|;-Ray7ypdqG{`5K{$zVOcy_9h&3wCM
zx@Gatgk%{a6yf^=N_`q%pxdDEsUVgXFQInss>ixI?9X)uv8q5rGob)<$omw#_{6EQ
zr#keGH8CTmM9lz6TJsYQ5p&gRgA^!IMM(E^ba4SX$!HoQk~AQW0IU0Xia8JN$yKX{
zM;=^9Jk?0UDUCTSL5^&21txED&P&__vWOywM>7?LM|PQiT&9C2??^ReWOqO~Ps<~X
zPq4`Zz8>9zNRff;7zpE5WI`=21Bh=I+e7CaZX{P-H2EbwUKPk<$t-t3vsSr)02T0e
z@;(aAMdLQkl~9T`8Mz*cG}6$s2ddRCGfngwIL>)=m+!1c7P97jFFX5MkWz95<!0B-
zd6%8h+?;4*mv^x7_<;;k%nQbe)%<THN(KBG)XAHlNgO@k&jPs2Xj61^?tY9NX)**?
zK!*Hof^Amx?$-bx47ySsx)O2J=w0IA6~qu<@TKPE=-P_Pvn996ZY3}#YoLAEE^yiD
zqd1|BaWCqZmvCB~3kZ;R)v}RKoG4$^gDweLE{f8%&X>C=a5d5i0C6>FI3Fs)c2pc-
zcdI*+DG2DRZgd^GsyCoF<@K||w4M3iz@nQVx%ti2{6m+A{%QNmpkcA@SL~yaxg_!w
zf(iAtTl_;Jb=kRgDJ+i`BqRVx??Rf3b(2aVE@mdPi2RNA=Yx@HhDCe<DWy1<5B~<t
z4=GX*s!?n<e}dzC0!<--&dtq!7_eq@D_cSHs(+-)?AqNkM{B|tAvH$;w+2GqJly6f
zR!%VsUy`S6MkpM<-fwZp`XPK<Sm4bsY8O!Jn`?!&x`lv6xn`~78pPb1iY`bj@WN7e
zYSco1Nq=juwqx4dosGnQFd!&wc7|SM!>FtKf}O{yZj08mYWG`i7Nm7EKNwL}=cj&X
zbqn(Wm0MIHiM(&NKU=iGVz<J0L38ur+!X(?ay8C@%;leA*DmB5Ch12~_HLWfwVo}0
zIazwmoP4^acoqY%z)vjdI5ogAkChST!VVIi1UFA}*cpuD`Q9;X5RX$%)+VKMH$G5r
z_!us*F+_MMn?GygvvVcJb2x0I_LBeZ0FUi3Q}Tg;0g^?5_1P#=;?#{p?5?A<I_7zJ
zDGGrWtqy=gl<18TW(f!a$m%p7X@5qgbO;hj=Ak%VJPRa2q)8O<#L@y%5trtJ?fX7*
zO%&gnERt@XUnfA>sI5|BeuEGajIm;TI!u3^aKG!?GT1TRd3Sp*(h15MG@_TXRF=uN
z0ob#s3DF)svl$y9%o%7fIr$S1TR>s?n}ha-@aQwFwNRmOh!_m&hS8?*vf1)rMes^t
zDxutVImC00EIqK}&n6Cq*=_?O9qKBzuf}ton3({_{k?j9=i$?cZINyu+a->84(ht`
zYEU|1op2Q~I$4L(SydJRfxa`+@pM5x+{Gon??k^|=aK*>((howOI)a#4dy!EdDaIC
zR9Q_f2SMxd(Mm~Xd8tkoOyK-rn~mLhQv<69O$kxz@*~=OrE|5`9%rAjd&tBOG32`1
z^^%C=pm9%albalLy^~diq|O3<Oy|RuoR|z{5pJz@N4$<g0Kjq$Hz9=+z6VGtz>&?#
z=FRt~mo&0jG$RyY|HatWg74mJOA9r!Ib|UZ*py;P=e(J~%(@h)MmFbTdI9kc$C0=2
zwmU5cK{ieYgxl|sI4WxfTjXz0TP|9F(-szg3x<#Qj4EG>+u&QNGH-F3l$89+8l^B0
zUK^1*;chfHS!kotaHxy1n6tcteFEqnAu|Wi!`$P7jT4^otRmJd792boX<965kk2$3
z9&p|@-RXrP;4c46`#u$M<e8hk;eD5hcC<0SYPT$yIHu};#OHJERr8@O1Oh5`Go_A4
zM!EoMOvb8_1>c20Vo7NZmu}gcG1*x3rhw`K5s8wPNMLptTw)=~MF>uy%|V|Zo6oH0
ztC0oYF7&|e11OfVH=|fHt7I<(BAz9qFv}&br5qo=Z9Y~D<KkFDy_xWW)lJklYp$QJ
zMizV*V)Fr#O4*x9s<~dWyFjF-q$M?TD^x7_uvV_}qCwEeFv2V=>6*{;bJfU#Zx{Bh
zd0xuij9|^3lD!a!SeA^!bNc#14lleDzh;+(7pjp3--W<Gz`|1YW(;c<mh3JNkt=D5
z9P5NU*;+pEZV8^tV)u1exhk_~I&NUd{87ZUmMnjis2fbZbM%nc>5}qVHL~E_#p2e?
zE@f{frDk@?UI;{bN=9Kei%4_md@v>{wYFZXMizV*g8l%jOWB+8t65#LyFf&(q$O&&
zJT;@cS1d*_yUVk8s*wfXF1TCstdzYOr<!Ladm#`JD;b4n?A*=g)O;SjSB)(AE(G-f
z9+k2`2%nO@5QzAcjDnBDk{bi8<3HKn;8^gxotwTjzPDscUHWD;KI>$84%h-1U{O~q
zSl~Mh_6?%yi@Y!l#*(~eB>MUWxVSPOCni{dXHVO^L4&?N`p}?zb}acjc(N0BnQd61
z)PJOKB)Gnd5<1H6cwY9L?M<^prY$%P%y%#pPq#Np#JmzEXTjyB{6bO;ui;1t>*fmN
z`pC~b;G*+`z6tUP&fw0g@Pi89GJOuI1<Rp&0@|8j<v`yW_bdDq=H`uIEW9@EFAL%y
zAZLD?+0<jMwcLVr^Gn_`K8L9fQiDlnAhvVFBGBS&T`lo}KF$}I!H1$cvljkLS*ZI6
zX!0P!K-OOXL8F_=1ASj?Ka|Q-m-`W}?A~TwO#IwVO#ooyBdBBkiL=K}QYx|d$2^s5
zy_3W+!0aeXtLS}f%2ER^=%I4DL4PPOJo*IFC=>9)!yQ1=+f0)eeu`oK-RsrD??QWV
zv(c%`-rU=Z5v;Qp0<pW7W{Pm>&>|hqgKjWGV7YXDj<aUy%_wKM7kn3jycw^$EKQ9z
zZbr_--Jy!nx_42WLp+?lDywHixpnSRgCf#xGr)Fp@ajifc8F2--`%qw<#8xrGyRCj
zsFQ=c?cIC$@+K9Qf#WcH9G`LigoPP(HWTK@Livs9f@wggzXATiHcusFsXDz|fJm!V
z*AJsZP>l}oyj@+VhEFMxT_311=VC6O6$e{^z7rPE8w}zOy_JVnT0D8iK67g=XP9e1
zaG0W2wm27_mJZ~NcfUM&%h8jV+jR-d!Z)Rwh{=~TOi<m8tKk%C2NI@a`D!5Md!2f|
z$JEUO*v{|Zf|I+|B6>dKwx2r3{e8}Lm?vAXAY>*yVRjarlXmRm;9yJ^(NOSsi!{XS
zxkP-iJlN#Q{c<LOPLQ1w`-mS&&X0ZWfU~iY?!*6VGWlMFR!p5;kT^Q7-ealCn@8k0
zpWI-Uon6==3+|{*8!qQ?VvvrWM;lD{J{#fEyN)$60Mj_~qG?_c!J$LO_jZi$?6%{j
zljK2wp6W<Q`S1<<1N(A^Zy-Qk_0n!GsmAsL8r>M%8wFoB9BX;ZWeiM!AM{DN8+(Tj
zRAU>OT+|oAsNk{JH@u!j9`2Q^PxYD0zZce;JQb4b6<RvC*Lm@RQTO8l8QVQP5aBWq
zTMS}x^A1G$lEzq!2tFXkq3?Cpwc?d&+RtEQ%)F;|td6!=Mw#L*RO6RCFvr8595!U?
z2r2QR2F@_@Lbd9!_dK2><4jq@!6;Fo`}v4P)b;rZxWI-OWjPqhDM4XS1%_C;IxM!F
zOWntll&}lkSiF`iw1~LNa+G-&D?oB}cqPjf)v32^;0RCuo#6o|Ih<%w^2l~due;j~
zIFflM=YGD5A!FdD2s0^?A@}HhisqkK=^0rhRnymHi51$DAVR(u@Q>wto~JyFn#EzW
zc!5Q&3S&=2(NK%AI37Conkh#%8^-B!4y#9e94fJ5oGK4Zx)>EBJaWCHJ<s@-EutfI
z6wn#n5#=^W5&SrM0s4o|;E^HV!#k?63uI7gUv>DoCU<18&cf~JK3~%|y07RYm1ayX
zPmhl7^E~R<26_u>>U#DV9Dk=ee2iWI29<AWJ^WHNc0QjK_)2?=B@T~+(W&bwMap>W
zLa;X!*qAj@<xFJzxc)>l@ZbCD$Urm<q{9a?X%HuhH&y^<Y+rOJ%Vic9*hX$_MMohs
zkb0z6hgn#P7mI+>;m&7pu|N~miymA$u^gL`uTWp0awA(Qm|%w2=;PA5y_No^-y{_l
zIy|l5eVL0>d^BPSucHlcr`|=N1auDW`EG6BZ>Qxn7udYe3pCp!BPf?DU!}r@HGGpn
zY4|=mKB+M7g+PvzO?Ecm2ne!S5-wb}BKVG7;ETo}2}<PEr<0f4Hi;r*UO>0p;US5F
zFK_`Kus2;D9+Safe|>HH4#4uUK|khY5Va^5LeJG{4VO$g6;=|Rio(90#h12l2mI_d
zuBF?5oMHN;y9)L`3MTA1#d?CZyHG4J(R75lNwuQkR3<T{(m-4@5KmGOzlB~}!)kOb
zcO_VB&zzcc?(^*w->b$z;Q%Z|^D$=eVBG5J$THxg>O;qQWwE7{n}1sT_klbI(Vg;c
zuaM}vhrnm?VPd85PjlK@DI9(c`5-<J^)Yi5j#J5zH@LVwDay++p(PZIJoszzcY#Os
z8}Lw{<nRq0D}1KIH*oe<vB<=YU51io&nihg9*8Lu;Onx%cN7l29vT#E3AKOS@W^{A
z6E8>g_|}{QP>r!Yun6KE+rvu3n`J&WWfxG$V?56=bS6&Q6to$)OeKi1Y3%s{tW|gv
z)ZjX{+6Kow*$os&Le-Knl7Wdgp%Ign$In+UzEF*Ag2$nAR6MdShIl%oud#w}X`Umy
zSbh7^T3=ujU6wM{k!wtPg8iH@m(2?^QFe1Zex4nC>=G-I0etLI#dmHv@p-nV6@Dte
z{bU0t7(*U`jy=Y11Ghv#T*U2@>|FTq-VealVQ<r}P|Cxr;;jD?06>Zk<AK6_?L*fP
z2k#CTj$VoQ)i1Q~$CPM_;;*?Ro|YYZ9=j0j87#1~z6vhCp8>Tw<EVz^=Lea{)2r{K
zbA=(RPUG<L2~ylqSy~<5kL(;*(hah24RQp&ZEqag=!<8@VAcU11qjQ<69IhD$mn|D
z=pz8bkB}F7k+yy;H%H+MQVP%D$aU2tJ=7!D;{{er$XJ5%dgA~12zjs{ZGMp_y5ixh
z(UtM$->_0qQHEUCISYm72JOd%9RXi;(dS55C5e&LxHOH91kazNDdflTO1l7COK`xO
zcn5eqMiZlUnsgt_j>9pv6Lx41GiU8PFg+3DfiPYo4&{ORu{qSQ&Y@2J(TywdZv;Q5
zMkI>S(M>rIL7h53(OygcN!G}OI*PaNBR-*FnYJ)bT?7ZMgXnVX5XaLu@FA`b$aHYA
z>0OZ?<@wF7P*Lo#M-XPZq9hlz)5AJ^Ij>^_<$k3y(8RLoa+pI)dF&B>M(P;5RbvBn
zk(Cr#DXl(7mPew{*XV05(L{&yMUV_GcHHP^5aAMo{ViuC+4t00>Nt>$zMsp+zN}1Z
zg!wrTJK<OZ@#h&nxs#~TtY<aA>ea5PCr9g2lym5Hw#Mxg1az{Pfw+7fy+zRWF^n=L
zNb(&^V+Z1KHZ>N-+eZd_Y~;cfpEDm`56Yp9C2fuO435@i2=~U9e9SY*J0awZGmEr1
z%$y`lD0zf$UUvfs#2|d76_X4LIq_zUP!V_xBIL)NhsV>x`^Myi7aj8GE4rfz)jmwi
z^p@<t^d6~?{u7YvezeOq$HmpL_a$KT1?|K#d84dIMbFW|!NnWf_bv`|rYj%-M}9xN
z8&De-(J*GZx=WZI1LZ@8^i>S}Ii9QFwe^Aw1+)^+_w;HEV%ouM&{66L92(=La1l!r
zL6YW(2mF@Zlg~Gdt){b3ZlMJnT+EZ>bG>B@qgi?jWQR9Dy2HL7-8B=A>bD~@+OMZ3
zM|Q@m3A8t2RUO&MDN6?uI^x_Y#qg9Pl(NKYwP;`)9e_zL!vqdPqz8AMXybyix(&C}
z&uw~afwK?UrKp~xvJjjfhg2ww8=@+^Sc;<N8^(Bk>zWgZ@oUr~)C9-;4`(OD$}~}~
zlNkOr13ui!*}JXKSm<^1eVvGS%FGJ78BC#h{4EYZkq6xyG+M)JP%i~JSH>;sB4YF|
zc@TCeaPU+xwD=bTe_D(eQNSFFK~PrL@0*@@+ToX8S{sp7NK<Xz7htTTntB4uBD_+n
z8#f&daS)LcQHl9&Cle>8eF;-`nkBJ#A`Qo586e1wejW9XEW=>%Xpo*AKm%$zfq0+1
zrG%Hc#xo@_Be@V&nJRz}R?OMNk?paj=7=4yeQ^B<^biC5iJPUM=&PxHj)&JCya_g}
z#NbOYS)N<iB0IlPX%JrADpTO4cO2TYfllSKq@`ksjIf?)(p5B+$W|VGys1Qe${^ON
zgcsI`C2_8oy*P=9B{phCPds!P4J~;8m~NgRZ)$p^q2iX7qiGI=XUPTaUv<Rv%X*k?
zH#fOvzQ^_$hBpQT)-&0|fe5gxUW{>Eu5!=DpQCzRevXtZEWB81Km>k~UlBvCnlTt_
z9}~P*6*E#OdNNZ54{o;S9)D6hmshgG<R@5CXeMR^K}T@Z11<69gmF1HEoy7xKuh!x
zv7?Q2pndd*$7t%_6R|pPaPeInsj*W<a`LPUK+amTmIG3b3pD97EH)RVDoz1V*M$1t
zM<bnwf`UcZ2LSx1+Uv88ZVOp~(B~)X8y%w~&#TEbZLv2Ts7F!pxI@VYbY}noPz2_%
z<;GG2iF`nh*@A@~40zQ=80cVZ*iX@f!6YQJsS{o!3x+M?NqamC&A>73AP1;ib&9?n
z%Ns||>YP+u%+((~at@@itX>1)kynDkb1XsVZ{^4>vmg_$)od`<>mfd$MJ=E>c^`Ez
z(PuCW7l9vgb4w@WM<u{I^I(l03{#?!mjysdE2mKX(w`LGyfy<N*Q<DsHIMFNpF+5n
z6}6=tespOR{mwsMcjZcBeMcdqy|Pq1?CEu`FZwP;g$B&x-{EHnBWbrCs#D7%v35>M
zthOp5buXApG+ukXR4~;M7H=ZU)c6Fa-jBTNBt*nH5)ndV94YVBS??3E%F$(}AGJ)}
zu8v!#!~ub~mz2oLI-+5YGHZ!M6<*k2hh(vE5l_wc4fJp(|DMJ@m@nSu;5*>-s(nj`
zzFSn?m@o)2T#>S=1{T);=+-R252MtP9d*QqqN7<Jnr>Ay7i{{;NZ1>Yo+KZHs-t_e
z*wZR#yfdKGi>b))6DsS`bKx@B^OC0XQMrXEc#w^k6}<_Z@px~yqM%UBrz6JP$zuK~
ze2tIKaH?c+^<Egbl{^U_!zz==V`4gb8b?>Wd9@L+=n|BTj$K@yym4^%tqn(5hdz3&
zc={@N423AmdLQe-nvP;!L65JhmqFl5w^$i3w&70rp-|-097kz&s6~OeUb2X5=mM6s
z^2D~_sYVNtjor%Te9JO@5cFuTAQ;{eKqQA$stMPof*}F+9`JE_n~un0N3cL<#)mrE
z2+GT3F>H2Ru#_f&!6=IG5jevqjvCJ*yLnSMDapvnB83>dmE<2SVQfrK`zdf7@Vn$i
zG*pt4+(@wxE-A(1aB(nDW#X0ARQK1-d}Nl_F!OeXR1AP>x}1&qvdKF^Ok!zbA-VY!
zJL{)p22Vx8z2hV_$?VXdSb~g6A*ILzpIBlw!j2Y-0KY^_bxLgl5ZlubDqRu@U{27?
zOF%<GFFM6B@?}|yT)V5^?Bjj$_$xb1VbZu~*O^`3_)s{W9WIYba_rYVYS__SI*_MN
z-2bI2mqifAX~>=d9!l*Q;N*dz+3W$bh;cAD64<y0QM1rDvhrrp;NVin8=r(7Aa!j#
zixlWBC>u55Qq2LFBkky+JS&`2aY+RwbrUkxY|?NsvmTNP&usJsSQAfXyQ3Akr|o)F
z;6ta+PxQv3iRieoAWQ*Lt*ET46!mIfvYLcrPla53H$f~AMBnBRx1Usi`3DTtWZeAa
zk)6-7s{NR3G)pnDF-w#FnnsKo9t|Lc!K}|wr8@d5={#W%WN=gTe4PUvJq8H!!n&0V
z1Sgl=+RBj#$k`cb11K?`WgmfJwND(d!|;$@oTK~jQ_7g<IR@&)VD32|*cL+P>E#t*
zBc-WFj(X^l^id{i(U6CXtWS!wxtu-^F7^$fFJ8!{Fg=&im9DQkxOs<5>(#-Inh`@1
zT<5+=uCoAOl7P9~=Rq9vZJO4UJQwb~_hTvF98*IPy35Yp*~I9|&$Zb%%s&}IflxM;
zzgtak-uO-(Y)B1_h{<1Q-|O5<*7BdZ#OKu~ja45h6e%N#0jrt5vY@n1EV3vZItvCk
zd2H7nUB}z0d{Gvy7o@mc71SszRXB)@&XcZS$28<BH8%N7BFyH;$zthI*vuks=IGJw
zjHDFb#Y1(xQv6Lu<HTZ)_H1RVN5n<X3w_HA#K3YnUh*Q1RIb$Ourc)`SL)?G6|3gJ
z0V%&FDa8;1uiKe_b|YDPh+l<Twg3iwA3qG@+|Q_vJ`HlQVn!z_MnQbT@i-7ie2NKx
zwqI@Yp6`QiI`QoyGsm26Qa-v|kR>&Akj*GQ)T~v3MzTg%L6xA38!@Hk!Gn04k3HNq
z46BCmqPX*bVdfG2o<I^k#|hp#maj2kL4bysy}6{un}%31woCd12RhyF>swsw_6HR>
znqYl9r+>K4{MhEAm>Y!R$4n!<gYM4s=+pGHRMMiVQBooRk#KAXRWzS*8&wSZ7&nF2
zqff_@fQE|_v3yx}OnB_ro&!)a?7kQtz%k+wO9dTwom{>a{we84IE~{clYVF@zbGWf
znG+NxB_R)xV6kY}r3$>hSHnQZWT8HL#M>LB)DbZDX?2wr@zU09XvVe&+nXRD#z2b5
zd0x#?K6pgkj|>abNZHV~{d90&DUlx<sEsWpF}9AySW<Mr#(8d^pJrXkc)FSyWkC$X
z3|f>`7LH=XN#GqpzNn)Bc5nttJoWD|XtLyTNX>}SEV2X;2HSk_41XD5G4%Q-3f^&T
z*8ESj%j+#tF}RDN#gT<y__60;UB*fF-Qmp6LdtoGp%duTV6%+gi8nj<M+Ni9+`zBB
z_=r4sh>Jne%BxZ=MS|}xatwBq;xQR2L6l>v9}DF2JZBR*gx8zzT~l-pW*%5%7-o7L
zg&7t@75S}D-_E8_l_wv4E-JHZKjpNTr4oTVoe1ZliCceXmdYLsDu_In04XW4^rd+v
zVARb;C>M*Mg>&2D!7c^~X(?LH`zg~h^81suiOh%`w0?S(r=u3rUVo%1nFkKW1g1JE
zRyGCI-B29gDq{%^CH^<AAv?@KgS%vfBk2l^`UY$%Q{6(xxuCEzyv#&slZNuWI*Nn>
z)T;e3@8Z2T6mq>+G1}z^nY#>x^}sI)S=f}dqrv%^nUYx)2@3=p<iVY>ra%l#!H`e%
z5wtrLg*t0|7esY*OhHkp``>JS$}`i+@G#$5sFbmI3X&fqAT7VicJO3xJos!vFkkIn
zmW4#LTZ4!;NFl(&=;VsUMGV;?M{LGFH~yUNy~O{1MXN(*S^jW%i=ObaNbcFxe?`Zf
zdn%GBt@?ekedkSGEzs<iklDqpq|V~vAo3!?qx;np8|E_*0L389VHrJNj&rX(`YDF-
zh$n3`^m62%6t4N^nBLpVYmg`vL`!KohbMFr?QSAQ6ol%jBtp(4Fe4_WdY3^EJ)d_g
z1=9twIHr6QVVSY8g{pHI<lrjDt^_s##buQ+fAcJm2Zwmzw9{F+xY=kn8iV=Zr}#)3
zuy7GYKL5Kh7S4OyrB42~5I?%+jE-Mu1*Lon^62;{eS3w<BlhQuGGt0gPi;PWR`I$5
z5v3QLnQ)hvF*9HoXHF8_(q`hR2H5!^Z;HnR2csMP94<P6fFbr_I*o%4U55dRr)410
zCq$8?6WtWAQbIMuLBYYo?+E1}P~jpk2N0QFkD3ci15+7oYJO-oA{g9oPGW(v<Rx?K
zuG{SRo)Q%u%MF<qL%|6^C8pREObkSh^w7IFi;Y!uSPVpQdDnDrN<$${afgWc`p9&L
zWsRUX2-ezb85cYIF&UKO>rO0egIotzCt&!SuPDN@IB7%VFGd&8K;Nf@PNZPMz>ydH
zQ|o=qDEf1(6PR)j2hQbB5p+oxAXLUaOT4#}5tn!SQAl89sY*Hd)iYqw@-MrWP}%bj
zm@a+Pz#Y?)u6QJp0|BVu<YuNB!Bg_s;$)A=?IOyFLUf2VvF;S`qw%?30>2n!ec+i!
z0<CC+MnMriItX{fONqtw6p^{&HuRd|an8vCfDJ=A7=_UOY~C;?`4D4GiCX0V5M!@}
zt>K?jYxTso0{C&3P;<?J!G~6GIC*-dPi^kA6u96sa2f2ArPlKkHd!MlvIGod&KUhr
zyxA8P&kPoroYdQ*j})-JRzJ^xNFo}VL>HU4a3Ea%q7wW_XCoMF2Ng|z208^=sMtvN
z(JhP2O$$^vD{N;OBG4;ArtS#!?WSiUFCg`d>)a=kck#oDHi7(N$WMkwgS)8_S&?f-
zB*)6`@jVfb6RXGLh0VvGv3~^XlIPDcLtv_Y`YI-<SsmYxug^@V{PIMoX|p}h)6-La
z*8TKVT=sD9IPSpH$e1L7<&B*4$rRnT;G+5>zPRLp2uGUOcjhgW8|E-hr(Kq3TKAf3
zUv3cO%1l6bexBK)@#SF}9TG%>B^i9-9DB0C7d(FR;zg(5hxWvC&BbR>bu{b#1_wVF
zUb_+{wV3=^^N3A8=KBGl?OoY!%(OUoj{|f3RgAf9P~-)7598gsQEh8?TakTE=Ehg&
zeG58W1nS7u+$wjcHa0*r-Q7^TH+L*fM6}%Eq?B9oV&#)=n1|htzq+O@E@>RAiF3Sy
zRr91^l=;LtW()Bsf%A5Bz~8nr8n^j60PgY|X_VnylLrX%)}tZyc<OuT%z^UbZ_FLy
zlG6(oZ%Sp?O={Sz#yWF#pPn>VtY$a(0|UGi{lt^iiO}T}Z>R>dyFi?`rLTJehl<zf
zvQ+3x<@sK=^z1Gm)Gw#^?84CNBpiIJI(Q)tH_ucjt{6Ya0njtm@pnaYbUP8sILO=P
z?rc*{0Mht1_HT*3$N%MO;+<;zy3OCmfb3FaX$(x_E&B_=554|*j?+zS^~>qF@hc@V
z%3Ew-x2FLfEQr?#+9v1>y)G`Zn*tr_za0+F?vOwz9k%7+`|hH*+U%Q2x5N$)NaP77
zSTJy>l#IVsoj5?EDTzqpGW0qehobkbF#JeV;CCgUp5|=vr`r68K$pGnmX?&q9DDcL
z;)~N=+$Crpb7fL>g17nxgHNoT$KXBL1cF2-$9@2h_6qw}JPKp*j^T-TG~-0LY16B#
z6LC)Z1WV5j|2~N@`J}tGyj40zOCn6Kd?EB+%r;9mvCrl-WcDl)KJf;#P7C{qpX05j
zdENiI#XbEi4n45q(6$wa9>EJ)RGrxE!3kU-R*&F`Kb10jk)=XfQJg1u{|Fj76bA}V
z?BM-){0^ep;g{dc;QMay>K#gBE6H8QRK+rpJ9{3v+yDT*H7_Tg`Vwc|1A;HiFXf8h
z&ntdeFE}HoZzxlB{O#)Cb!b6O;EG<vU~uAH-t><;tIDY$a4FWYPH?bl_&z-3pe%kb
zW34bt*^7EB0VfFrB3jA8V>OI+IRP^izcqB?nd-#TB+@XML$CWHxdmx~QyfbkzoDq|
zcR7^kX?}2IMJj4iN{@@aV}Id@GvMMkJmmE2EY<sl@7%g1_Y)p&&oXPN-H0f^zT(T-
z<A<H_Da1H<HH-TSzAAq9#Xz5UEPMe?#QbrU$tR8FSv`OGg6bQB)4b(d)RXaHnl2!C
zf1QlLLq$M5_?B<wSG*p0qHq|LK#pa@0K;!7eN9ss1-$X6H+Rn~8|6G>O@~X9VMW%E
zVkt5yKDyDHezw=}+g{hGs}<3;fv6!b?ep^!zPKF4p#6F2drJBt2;>Ke=m(eU)=&Tr
zq=PeLhtQ@5yqy}TW}jUpWR5YSl(VbV|5<-4#%$DQc3niiUJZZU9}uidbxZp2AzXSn
zOxRgo<|4CWoSF`*Fb+n7wfnGuSs0UxzJ<a3h4#Is@uL_|SF=NcVT4Od?5{hG?so9E
zFT~SD{D_k%SF`&qKkAA*<EAEj^kuI8mJ7VW6i8g7njO0by-kkKzEquf&5E<nV%E+D
zukLfapB<}Cyb`Itw}0||RbqN$K53xT;Y%Fa>oylWdPAI#?$0qV8b7+9bJQra$$oP@
z7&`9o8i{c4#DP0>up}_*%(6HjIcL=#Z!`$cB2!kY<!Tqq=uS>xN);(54zLIt6CZ!m
z(#<*ufXO0W%+H7qaA<jAalF=8ZA)0R*%5v(E1M7-$m{Zb_N+83fOjb%5?LVHO`1gG
zm>Yc2@@uqApP@?p%<qZUM8o07A&VIWuW$!K>9bdrL8x*3LeYt<p<QdLZe(~>0KHap
z=EU1Vo4rt-U<`cA!V#woynM@(Ah7L1VcVzRKI4@Z{W95MpwZ<pz|rYuFZ!cEPq!b?
z<b)CCM?*#s%k*{<m{@8~j)xsZ;~0EYcM~Iua>aPaFWZJ0ptAstZ0W;PtE6x1J#pp;
zc8qiUGsY=$C&%^JNaZlSYT-j#jzY5xRM9mqu0~J6op1cCFefwZhM-;#gR_@{){8;T
ziFbUbCIeQK4{~cGrYY+h$P?EJvuifTkSmrkL(%8H+eKG#Ls#4`_fs1scZ4;B6mZTI
zd9k__vjb?zADt#6zZP(n!;(3Junddh4&8iEll~PaITyP!Kv`|Y$$d2J&sO=v6Y*n9
zG4h^lxL3`gYVy~$`4x2{46`R2{6AaT1B>cRhYU9!@MBJ*%URil2G?Te&@RiXOd|1(
zPvVoGWKP_(;v{oc!krP~dML`1J{t&BLfVTsvn*t73#j9Ylh08mi!pn4$0@Qv$JWV?
zn!9wdBLko)EXd+kM^^N~lLvgPD+{PXyV{?CF55q?3ZI-Nj&F4m1(drH={B7R%n!xS
zg<1T{CMNHDd?9q&Sp<m57+&FYaxdnmv`G&4z}<_GGIzR53-WRAH(}UzoEQ*bAQDV@
z$*l(_Av6HdEU=0yAL4wY$k_;AfqL=q2Q!PHSVu6H2YF9ksZNGf2o8$oYZ?KvV=}zr
zBvztDBCuhww|6?rwq<T;*Bsl`njq420EoC2;=}FXW>A8N)8iLe+NZw<N=<$lY(1td
zRlYj2maH@DumVt3omou;<`XA5d>2lUPRFlQ1BDdwU0()=C~-W*8=Y)?yYca@k#fl{
zsZhtOlb6CMpNt1xQ04068`a6n4ExMmkOXD$M#C-1+x$7E@h1xe$1-LF+p$SIIp`4!
zRp7zTh4a&N_qQwiOEtch3$O;O@uz@CU!)m4N)t9jLKsdBB~BL3v)auMchUi3A;t%X
z$2SE2yy}?Vn=0gUF$!CCy1%_@#Yy(aSyRUqClxm7lq+R;o6JsHkU{)di>h~WmzmYc
z7idqG60iYAvT0P}O^vsC$2jN8ABUz~jNK$Swrkjt*KTs^5F9)o$hv_`2fb{N_4npL
zj|cv2Y##etl^7J3r_qV$cu=Mtz2}AM<l5@wR!8LEw2VKwiM2Ur^+z|&Z75s08fHP-
z2VRJ110g<Q^MvtKDVIsyu=c{wx?44TPS3~>-iJec5)Oqc@)Wt8PN>FVgyMV(pmFsn
zjB!Y0lf<&)+hq-+_LeJ0^z)7qnd0GD^5xF>_D}I7WT`DYe|!w#`pbm^$FKKxd^_~Y
z2YwnX$Pbf;BsaM_szgWkI+0M>vp|R#>84aOZ7b&tLhh9DCz7InkRS&)Mp*o@gBMU0
zei06vbKH~YCmSl}$piEPi0FQyCaev3s@U7Xn!zp+_lDhMX~qajt(rzDmfG-JJs%J(
zA|XUs!<JI#32W^r^5O0T65POpo{9OA8OTTB$)%lh2;dpo$h_pCGa`8sT4s79hv#w^
z^ZU#E>?uMX-?f>ouam)Cb`OpY#3Is;G`4AKs*@u|lx^@nT=c#6Ji4h=AO8%$=z8)3
zeMqj+wTNkaAUVcQZ@aY}UJzFFp>4?iBy+X#tyDb8OGj4Mx<2Gqh8n-lV>9Ue$?bNd
zXkXU~)jzozRN2s=`(hJ;M_cUU0nxTXGvN|Hj(iK14I8ohlb+Jn07_tpcMK7UZ8ijA
zyJKJ;-|ZV1q>MI#Ol^sr&doV(i4>8@A!0m&*sH)F0l-RsV%Y>5psGqbzMJ=RU|W)}
z0RzSL0go-pB9(3IgUSY4$1;`J^Cebm;BMin7VZv8ecTw??!h3`HWNcltA&O+)M@<5
zdHTA$tFKSa>FaK!NX@Q-KKTI!eUe6QrJ%UwHGZsUQH}ORC({>dC^-u?)JHJ*nZyg_
zNi>I9{&mqpjL-VG7w$mFZTP-C2#*eE#yn1X@WN*}3!^Wf8=!KAf?7pA`JTGtkPSc-
zIzT?<npZdxbyMWT%P$j(<IGbGpaD^yJexKa_#DRJ^+2{1>W?}R2XimfdWmE&kVFCp
z=uzcqf9Y6dqC_l>QaSTkL1Joj7Bt!a9mG4SVG=D>tMOx{?bpZ@$ZOU3MYdA4(|oMK
zfGbL`b=JD895IpJ$Jwy_u{BqP;2a#GUEE6B#p8XB-}K}5g17jq7s3%nU0J)g*Bsry
zk)JA(nH?X)Q@Q0O{m|jfrtK0SZw=a8iIRH~a`?O228MoO{Mw~YO+~MwxXUc`UO*`g
ze~ZiZnaqW~r^DQi_AC$~f(TA*5baWYVmk45E6#qmff-@(c8U5Y8=R?vv>RotY4fTK
z{XBlV5Zicigx`7S?O!_3gR>S#<HM;3FSj8y8M4*8P!nKCfSXnR45FKw{>FOP3eAKM
z=7(DLBIx4ukG~zRsS3zXtBT-~Sm3=DlQy<PZdwMp95aCNOAH&#sIatLjU#j4xB?hP
zUFLm^>(2TRG>#dIe%H9a97-MG#5v;=tj+r@2ds_~6W3XdmGvyx#EgjyXG9(*vs4yk
zqVD3q(vfK`sHQeQ2W1DU@<BZk6h}1sCX@sJ&FH4X_XQGfkycHdb~Q{Dd=~^<E}?ul
z4PYLL*|V?5dO`6A*a2qvipg>Oz&&-W7Tp{+z={NUV-BRJFf8KS(-3w<{aE^rbEWVw
z`s1ZQ?!9ONKX!(1)W{~{mrHm94TQ^bIkK#KqNp1F6SR%>qIYz;kia{z%e50H^Aik^
z*EqP&SsW^vSJk{$RB%_87g?D*&XdZmTt5UVr5nL8))V7){2I5m6%3l-T@M}`3{!eZ
z+dr``T!QbJGI848$csp#=Fp7FijSrQxz>&fzXR!uG-&x6k_hG4T;~O!B8eCIER!L_
z{K&TwMc=UAHmQsyjNdU+pl^k~MC3N#Ly-wyVooa;+##nss77(HIiBeRtL#ifz=Lw=
zTEHUN-h;-#Qpv9-_QrAdpai}GC{8r{v$I3TYwerhKqA|g(NigtdsCju_i(bFLUc@i
zCotas6z446Gvusgz*XhROc^}W1^NsdwEVCwnSsbN0w%%!p8}eAHu%MOkey)S*(k`=
zpDT=?cs4=q>lWA-1@>i+2qoD^F_wAu`8<+hVKo^FR2Eg^IU>=<SVB6`g>=B=;h%+b
zJQ#&k=u!N}>(Uj&e+G6u_Ry#fJ=*bCW&e!S))KD#h--&S%)<VR1&|oJX$#I%1k!w9
zg1RWgis64mk|R|BdSZElq@_49hklx@py5DK(uwE0C_Nt;&xi1X>kdZoBt9mCD9-Z4
z&;qdyMU9~v)JPZ9NMww}k&hrR$scp&DmwYZSd<v6tB!Z8jz<QoTU=>y8vZf0W9|xV
zEN+DK27Io$nrvzEn4>W;POIhLD{8_GTfj}(%7=llWsKkcf<qnzRwc>@e!*AM8LUty
zA(ekF4)nR1t|Fp^R7^_FcJVzM_%iHMI7n@BSU1-Dqsygp5~D`98)`!8E?MAR?!vnq
z@GjSkxzf$J5*b(OjQH6gcv($c4U~p|mPP##F$XAXX|o2$N?V*o4mO65GI6zr@kST;
z8v*={^1Q(WVCVJD?8w+=hp%b^ixN8RkP&yxmcv%Wu=t)v=c-bUY;Gf&5o>-jw;B!P
zin7xaCfzV&LDT(t459W42}RC8C=Cn&W+ZS($fC<qL-?UvM<ai$nh#gy5OK^yJ2b=e
ziD@UYS&EBB)X5?5QjO*&UZYSzUmZMQILHUr<6u99fV=@PL&te@vhdiDp4`qC$mg)}
zc#v$e)(Hi(O&XkPa^qSm#6h@tp+;$EW3(1e{!ea|#L3Npe(~3AU8jJmN$w659pj1;
zMv#fS;UbvoI@ndK$vu=$I`(9Vr}8db<%t8Cwil&i1uS+ssq=Iec_uTT0ab@c1(4@N
zCSMiR@pnN88uyk&7ckkd$x8bY;^c0e?aAHv`1B}#s%mmK6?Uh9S>8l>Cb5V`{U;jC
za(O=mj{iQ1QW8OLEoU52YwVXGI&gw1Bpe8wr&i~y>sE@(6u)MzUOdk{AEr1fcWaL}
zqJK=j5Db4IYD``e(NrgG71c&iBi!xD)AVsKbd^GcDKyTDmJ$Um6cxscV6;#u@aarF
zt;|sfpD&N}mk><6)zXd-6<@L+<%=$(#LJnSKQBDVwvtqzwJWlWJb4)w^8P4!6EuZY
z33C*#H#$z~bEu&$0tuu${de(HnxiJ?=iuz11|V*E4uRbgw;J&|;}<tQC_2bmCkvXq
zM1&i9Bq>>;bjnv;tD8KRoI5usT@-)vTtD0ndgZqNLDTu9>3o`u$ycR@p=2IkE=IXG
z0{>d<91+E&gF{#VpJC*K06hwfzP>50?DW{(4BrTXA^&1FdMO*dqz0!dQJqs^h5Z66
zB6uy>fKOBIuQ-Z8<9S-3L;E6y!fy72#emxcel?q#4rQ4b6C<W&nfFHIP3%j3yOw?>
zq+pfP_o^n}E)03c5kD<Y>S#jX#0Za%z}4Imu@lAvhzK>eNKylDWa%441K%rMie)HV
zW|p-iWv`^@;A^@tw=jiCfJdKV`;m2>=yfq<x{sN#rdral;!JAulxN!jHst{>FVXJQ
zvXUAH`KqZ_rVhYdj3Cnl#QYi+f(=u<wQW<YX=1fQBr;X3j0wP7DbSU5(P41m9k9uv
zDU2qzK_3P;DO=!}u01WsyQzUWgE9Gx8B?3G*e1}!J7kns9h<&ZA#6PhXp_fc2E!}{
z<Wvz}aFd#Xdc6xGqM1;3IqPwsIF!?jfy~$ustjuZEz_#0U9@GV<z*pguxob+PFd(o
z<aTlGr8Atwf=LuYjk)u;+d|nW4lLUv75MN--D7e97_AsKdt&+y?NZDlqPRIG$AZTM
zs}>W}iRK=5-Imv=+)yrovb~!swen5J@~xaKj!%<if@*3n7NXxIh+?gl8)!`?5;E2S
z#m7fnMh=L>Ygi@Ak%*HR&^0j~>EqW{<+H)Ch%}SKwA{<n)%nDTT(r|o^Ij_(v|9R&
zwu$<>Fn3K~A4OQvT!dFgn>aS^&RCT-yK49e^0a(WnS8{{O5!ySDO0FFJwZ#C2aDa%
zhPG#Nu$(%^N-V0#hBL#4Lh&Z~_^jhD$;HBkqCKN$QR_v_bAa_+Xy??JB_>8<44OJX
ztud)Po4}sWGC7D%y-@m`??!TCK|cXv)x)elR#)d`lcIa9IBrwNezE;UI2GFAe3}(_
z#PwQG@1lH+-ra~`S+t0M=1E59f0(_{&T}TJy)YRZ5(t3lFli(i(K)!8Ooplb8d*3V
z;>ZqXw+|jW%uT&isC&6w&q7q3A-3)4nZe7KWpDBlfhC*H1)EM`Ixt>SuZX=H6Vj!_
zYb&%9EV*a|)kFcF;Gm`)SzAppRB{X<Vx{%V<$6_5jA?7O7~a#HICJy5tt~K;F_+73
zGW90x0F5`}RkzpE<G7xPzLWBNH}BrfHjqP{1T1FYnpG817(y)k)b+4Fs8m*aFAN=I
zVJkA_{mhvzMtQnb?u*MiJ>YDtnqJAFf|X{8U|=%ck*Cv*0OO%FZ40L8k_=00<+00P
z{PifBCVhHcX<=hP26Kyr0iRB*I=wj?*qWfXmh#&Zlbv9)Q=>j#Mp<%~f>IU*!&WrA
zCo^-edisUDd#V7<mrG1Po2k!c!{bpede`*6%-NSYu@yf3eB|%Xoc(rMa5|8hmWj_7
z@Gmev1YbhX>84E&WtpJ>IT>$~m>$Wrky39gR4yt-TWKJsk0lm+v#=-o9R=x>Xc3BP
zQ4i(QC8kSPm_Az|o`c1%M`Q<^)+@2tm5^KM#hSEe?oCeq3|7-`$I#(=qE>49?W}S&
zhvexi*bY*!s2>w&8NSN&VLE)172k1@gb?%R1-&VeGBucvSsN(4$)nHO5BQhLlNZBm
z@GVW01t1f084NT1ZRXjxg%+T5vY`7(PvTf0ICU%>0PMX37D-w8opQy6uyapeuXRve
zUGbe~EX9TX;(Nj!%A+2wXZ;%v&9Q*k1^HfP&G-s?@r|xRZgk`6_vGwM%Na?I^tB0^
zDP3-6b@bJG4eyO;2VKtVy3qca4b6)GOxjqkIw5#YGaG~6nT<j3<TdD>yjCMOv$+&n
zmxb0Ph^-}cL#A%X)a{wdySc*^+mWd|OLM!*b$6+|KkH_9n0d0K>Jx%fs_M+1Qs*gi
zwNT-<gwdlAI%3(Uvz@)3h>Ri=4S1yT1?ys7IkPX~*^6g#IyrM7(z2h=JX@ODR}gtF
zfj^hPbL5=K{yww6ls!<crQ6Pw(Q;;}q>rS1ni-29mKOVhnx4+Q@hiv*VN4!~W+yom
zgJ`Dr#NG6sKs5XROm^m(=R;gGFUf(IC>H8CGoHP9COiJjbV#43Ts#oS<kQ6h(k0|)
zPCRE$CzUVJtGfr;In@yFz18bFx;8L)C5ychpk~hJ-TAz`;56B?GZ!-bLZ)BLyNiV-
zrE|_)&fLqH`&wao+J>1cF4yq9P^ohz%U%f_t{Tqro;kep8BRkJKz)MAna|7{QSi-7
z%Nfs%-Lslu#R6+_xtb}x<jvBqAcT}v$_!}cozl0<D#XmYWfG&!=(6s5*11toc+Vkb
zu$mnJ-mEj%%zi&fct4QOGhJGx%$<!HO*I?i&TL1+Sd4R2o~?_Ou@%^vzOr0bm+RW3
zW_EQ@GrL-0W{;U&4ZdiIr|EM2YC^Y~4SOIFnOz--t<G7c4)+Xc)R9{;6gfKDrFgg$
zTN?9xOXZ>J*b18E-A?6TAbywQ3mTSMH=71xb^{JS-mb#~ZD@Ic*u8;n62`Arvm?QR
zSf+cgn>y(WpD4hY%sOgWCvT+sFvEMHg6{z1O^mE2Ukrk>P06uMc~>A=J-XKHj?CVX
z*}L;@SN7hCck=eh!ew0mv=h()IW5)f-tdQmvTF9MbY-n)veZ>6iW9fR&djD~FdM`8
z>~mT8xh$NkO0)Y*3$X<-doEf_w|w?M7EFsUn=bq8%L(L#M0<9~<&0`}NFjuqG@E+`
zlc|Kc+&}BO0JEA#Co7K>BFD=0ST-~s=#K+#JQJp~_;lW-`ItSOcQ0k$OU{g_@iOg)
zae^(Hqa2PW#=6ncy=KpqHeV^%^LC}sv2wt@n67ZJyM5=?bWJ(fKmMMJpsJ8@kuaJ_
zTp&Hs%7vKOONr8@I{9+Rel2NuA-K)<3|-M#bk@C67|G;{1+?f|_KD2&(KDvMvzJ+k
zn#~@OR%Z5%QvF)O4%DjIVtZz<XKzhAGW%ARdE549-i@%7f4e|=r&yTxv@q{cIfjba
zcN2_DpweCJ?CiS<@2$k~dVvwIXGb=4vB)^pP+0ca+UTB2n{+BW&Z*MMDJ|Myb!s4M
z6@zrD7^G7x3u^q(N;UfyMeT-VjU#ImQ+2AiC#TlQQQOVz4F#P|<+?cm(twQuP==h^
zs$b`XhuuwPuHhkSlTK|8BCspPVxHQb6*fn;b=k&_WZ0?gNy_$2-BnuL4MH%m#;<hx
zQ+w#%JSpl_83uSo%4JdQRCp&)d?O&v-bjdh3&f|(H7&uZU77oANiFWisojaq?i|-H
zL+^~l#qHz)Zo@MOI()A;zmxEsebPB%b!uP2++QerHeo$Wci_Dj-VC}kIv9r%2&Ir@
zH=XDs>_aVzPxMpdMVdc5v&dJbSz99-@5yL3?{9AiD5kR&MM3i7GbjjR-Gm+O?Y5U6
z()rZeU7n4YpCIt4+b!ecmmMC}jb<^o0d}*$-W(s6gX0NofY@Y&bC*Pj(6u~UrHDhH
z+rZy!e{CKC2@OI59zPb8kP@b#yPqZbX)YOH!K=#-9<55MvmE@G`^;76l_%NI9CM-=
zbV>ChUKCm*!ga9v&i+CWcw4YQ+TPw`u|PGs7f@0%HR7cvmpaAG3^uOgc7T<T+z0nv
zDyut-QW61YUa+>kTG5$nwGd5d#vy5u3t;HpDeO5~%+nETn`==fmd(~`)Y*C3#WH5-
z>KiI)zNj5{k)O!qQD!qvFLUM8a~`LcF~Q_OODqc<!D6zW${~Z;75<snNj}5&C%epN
z;(7GI2&_1U(CDG1pXFptkAoNH7@}>S7i4dZHnxTX^u22M_eeqfOY@PU>fjS*AAQw_
z)_r#iJoPc^)Fj>$F+XuGV_o~Mn=|6!>u$|_28iFQn%v5Cnx~wY|BXE5OMxRH-bK{s
zON;zfH@q<P(?^(n+B=xxLku@KZ_!^Knc>6|&yR49inD^QkX-Zl8B2}%Kuw*?D~x>R
z#G_K9$2jo>4A+isSjA_)M)$#xc!DXe^-VQ<kvADfwVNu;D_gOHlyxZ%COp{jY3AG*
z9cQpM5|1pT6IY#nj|OR*aq+}Eo*D=xj0iDgvxpN?9IKQ0CoewW$;u7o!6qLx=85Dy
ze4K}7V^;|OffKrMjMJl#^iU4x<{Mpz1|S|iVm|F!#yjY$@0Nh?yafQ8VaJ&_p+OFt
zd`Wcupf0GEXpvC<U|A-1Gv`Tg4PI^3=w{Zk?fm)gJpGGnw!U?wbN(lP`P(c0+ukp<
z8tWR3PNUJ&@Y5PH*lDoNV8DRfMyqAOyFnT)OST$A1n(>&_*dU2IKPTusTtqr)4DB+
z7*L|o`ZuQiUk2|R{A+{%)8Kw{f79SQfNrfYRv9#Dq_xE09&c|q7&H*i);$J4ZjG1e
zel7kfY|u97HRv-~X0V)~_kqUe8k_ll7zoyT2Ey+6Y@_~rtnozSry4)q_$v(#=hcay
zCGoE`c9GQLuhCiwp#D9LUvGT1@y*7z#?Ln%Sa`dov8>L0ps}UV|K-O1#@8C(px`$f
z&o%B6g$Mb6ps}^Yws76jc&O2V6)+Jo`~shD#G9d^&EWn2=AYsoY90T181P>qpVrh}
z1pi#Yf1jK{{rkj9<olR73E-0{XhK9xEoHvl=uk60nKB3G`|V8mcDL~NZ!;xe8i|UX
z|M74B#XtE!2voLj_q2KjdN{S%v$AJZ&mBGY^la?;v7Y;TKGU<Q=d(SZ>-l`o=AH+7
zw)8yMv!mxrJwMg6r{|Y?p6&TY&tL1=-}9S2zt!{2o?qm33(ZzP2({4SM(YlPI}KJF
ztTBM-M(b{a&l_wuc)(zb!Gi`{4YnCPWbm-Tc7sO@zF_dE!D9xG8|*T8!r)5=BL=@~
zFlunvV9el%!GB`#pBh{=_$LPc)ZjlexMc9p4E}S2|H9z1!S@Vi4Ne)HHaKJO9fQAR
zaMa*MgJTBA4Ne%GG#EFSFqkx$GMF})G3dEO&@@<NARev721^Xu1|5T?2E7J-2FnbV
z8}u98W-wr|!k{v^-C(7`DuX)=?lf3!u*P6hgW$6UpEJ12w7U(~8VnlTV{os*I)n8F
zpD_4hgJ6fjj~o1i!A~0en!!GUuN(aP2ET6boWXAxykziu2ET9cw+&u4_ydE#WAJwk
z&Ki8z;O`myeS=S4BG_PXpTVaLK5ekk;KvN^H~5UfCWFr!e9qwW2Ad5YFxX;nu0imJ
z27hGm#|Ez${E5Mz8vFx;^9Fxr@E;lcLxWch{*l3dZ1Cp>7YzQf!Go6wwi;|Rc*x*k
zgY5>77<|Ftiw56s5d4<0ZyFph_-%u~Ztyn@o;UcG!S5LSO@kK<{sV*m(BRt!Lk7bJ
z2MrDxj2Qf`!KlGugE50621gBEG&p8(+~9=4NrQ2N34=+4DT8T)8G~7aQwFCE&KP{h
z;BOhcWbk_izi;rj4PG|*1B1U~@OKT)8hqE_?-~4kgL4LdXz)h{e{ArI!JioXslh)m
zX#66<xhn*JXz)h{e{ArI!JioXsX+rCw|Wek28#^jduy@5fWZob%HVc`l?JN_dKUF8
z?pe~av**#C$9nGUS>0;v#K2y9qo?7gGxUdxGJ-kfL(0y$Z#3@tDkIm|V-!2kSl9Tg
z#J|D+Hyis%d$w`UH@W;)<F7~f!R)(!qwy=0Jy5bO{8fs7jg-57oy)fX`L)LL43obC
z*lz;(uW`M9VVh4h9&PN2g5QYR-=g?|Qgq`1qR&xt9iy`FMDN$Qv*B#^>%^XGteq?P
zRd6@yIVxEAYmHAm(b(H~s_}C)^f=cq6Z<U0CFEZQ`fm~6PuGPhJ$*gPdY1R}_uST6
z>+M55Pd6J4yp<*|PFvJy;$83-q$Q1Jo4Gw}6}%Ct(d=t*Y`VF;(d=(DZ)-FM8m%i2
zAek#$3?4MtYOu}VA%lkvwi`TRfHZn8c6y6UI*p->bs8nsY79`!Z>z;v=6?^jjekjr
z`25SB!##Jm8c4ZyFA1&P1U>J!o;5zir}b?<txJ4bKgp-{kH7Ws@3+=H{1^XaYY#;_
zpSbJ&Kl~r={^xhMzTQKHU$WNE7~5#f>DU*(43B;dZ{{&1_}j4ctH|PU*sSnn^yd&^
z`b~O4KTqm!A*-))Z4C<P%(o8yQtJ=?xBvbdtv4^;eX{l6{j*>FuRGr@pM$tzD#4d<
zgC3=YM+kRueXy~e>n{AKM`-Io{=P(tWxmA!cEZQ;(w-pp5UCG`r}Y4L5A(N;+%Hk%
zadLzx{4Lz;n>`-zwov9F{vRf^jfctEMIEn?aBq$6l;0ICZzp_=98(@FIBfxv<u=Fv
zE@15<{|VaJR$ARoohPD};UlC!9uUQMJNLV2V;3pbe4Lhd@oy^+MVk0L#Qj6$N#zq@
zw>4_Wk;h6s;ckyMw?*m}LZLiPX}PgITHQv8M@W(8{1a=be}a+^1$22XpXHf3dajSh
z-4<%@qV2~iAr7{X9D0<v@{oEtqg2H8!6>nn>o)4xvaQHXVcEhHq;C!=59)4hX&j>1
zE|ODh0=43U{BHr+!!#qw619c6LVqAqw-P=Ue-iL$Afg~eQ{)~G#8n)Hk*cPERRtlc
zT$YgpYsn=4WtGBwnB2z#Gf9*TiMFmnP1RGm9wFCS3U)Jii_2!}Z3fzQO3EB@Q0Zh!
zD*6^`$}kl`tmVXZYT9aw=HW;cPAXqw{Wy0*c$j}%lp2*nd{p<OHnA{OrIl0L2o+DN
zwgMLy`KkgwMD7#h%7@3uvDPl&si+SGeYUE&AEewC;&N|0|EXF}kRuIp)!NEWydI*g
z>irnkR2Cs`iB_akoK#EIPQ{b6s*oK(yyT$#*vg-fgsO&ESLvu7wc0&S3F$E9K|;Br
zvS}EEqpVa?)1@Z6hHY*mPyWjd|1>ViS-C8Haj-3AWIKtEI-%Aof4iI#uPIjpH9YE<
zT*{6khvk)BMr{+9#~LG)6_(nj88Fv2vXfax?UzsX6S2!KC$BXDnnhbsF3C;hAl+)c
zCQ>Pjr+rEtRtj=Jt<h*bN{ZYySH6mcJh3N<uUaEz2`#0i=~O#XSLCKG*hj5xC)ad8
zz%_MTER?rYsaKo1OP$at$UXH_oyj(pu5AcO4yK07X{BPzYPYRDNX&jMOt~r_y*?U$
z!p>frZKqbMt!Zb}279K`5OUJ#U}3LGyP@5Y4hIRjCHK;1<iH{CG{g2*<!AdjbUB<n
z94YF~1He;vl(juqt+%f}PAS`ybJ8R)rNdUGQ%*?L7VhP`rR*W<yHM2+bEU`<%3eO@
zkfLog$KI>HYxXtRIb;e!>#&v3cC%-s1f|2?C?BLF`+!%6E@3Gd`7UJRsl)am^-|f0
zjnYwm_F*xUOF0bLTeYl-jj3`(c=kDMiLy&u?eHOYwG26AsWWP)TBkOv_4Y{Rr7V<z
zxpE`zf^v39l^e=XUAJD^J#Ct83)8_%debIJua-}~%MS;8sZ85yAJvL!dF+SwH*HuB
z-bzg_iG_b^noy<MHXdw@Ml7w*twZ%uDE1unLu(~`t&vtHM?3q0dX}1Fzmr?q8@VX|
z<*;0{FQ`}A(bQ_Olp9Lgo~4G`AGO_5tG+5}wMITmtGz)Bm*cngNIRj_ZB;p_sSiYo
zt=pG{?r4!56skPa7NlKMj`B_}i@i9@+0;|D)7~JRrq+&(y)n6<R%#!l!Q6DFq)pD+
zFO`+$bwji=ma(6!E2gLwjtT03TA*&J2gb!l8RqDfBd8keXeZ}u`)kh-XM3LdBpvF#
z^^{I+zidsbB}bL5RH|cAu2qtYNsS|tG>MN|p5v%}E_K>kSwoGmMXkEFD!m@9g_^0Q
zGNvRguT-=Sa>2W_AP<wDwpfbfp(*w!bw0J%J}BPmfEFn2jlER8ltTMn@+$kWlv>yJ
z<#)Qc>Y8`rkbZ!AD_m{2cB9rqZAsck`J1*-uBXImj>*xKuqoOldwcpVa^JB;U3K&n
zJKM4a)0Cq!vKM%-ZPE^<vu;mNHfn~g=7{4MXTCk(ev!J9qmTV^3#}`M91rDVjuVc&
zS{T!nX-Y#&r4^N<Vyh<0@wBd%lHcO41=DY~PpMJ$SR*ECj$BY?>48b1ZEOF;P%k&f
zBTLw(nj{pZCu}u9+#L5TX}XqD3!*Ks2g(h(E60?fTA4hOVx?^F5VkhR9w^V$C^?w+
zMEbP2_UjxYY*mVte$uZTwVZ0J{8w&{0@<tNlf1~DDg9C;Zt@|0$<$~qpPD0I#X((E
zGt^nHYO+|V%PC3wZ(1pNVt>}U%LDtMvbUz=huWUDR*A^F<bi$R)>eHkm8sCS#@G)n
z_VF<A@i6f5F!1p(@bNJ4|DR#Nfy+TcC&9s8H$ewEC(AimbC7hHb$D{H%?Yl<l!H!A
z;2c(SDx@=&Zc9#`9I9%V4m=KOx-<?-IS3}C9J0;PnRQrl;^YF6uCoKYt@)?Bnl6At
zvpG5%y0~>*{B?zOy&S4_cXaE-U$;vvau9X+cgS@p7JmnAUCVl?)#22!%xR57zZ5&j
z>(Dxc+d{hOwkJhGNQYDhLtGv3#YNXZu9+e}Itscgrt8+|gv&=^<kVJ2N5@CbIcPfx
zPxnu0=$JUr=VVHp9JHM_m?G}doldWl3LQ76G)^>xmeUMf2%*mn__vN7`=KR1_5eQi
z06z8rKK1}U_5eQi0CJ3U-22!A`2V&CpkI_rgt_RI%XoSkE|Tam>80r5=~wBI>0Rh4
z<&ucrk{+U-mY$D(kv@?Ng6Sc;*qO^l`YZZs>3QTbM=qtipk~Y(xiGHgxXi0pluP7#
zLwc1iy}Kls%f@;;`i;53A_ih@+4RzKu~dC@sVi&hwdwhZi+xoco%1!NR6kF@(^S3A
z^xX8VTrScp)$6mQ{-}#{;;r|q$EIhf7bn%}{khbpf2J2GWzr;HazV?IE^)c=r2p+Q
zk3ONibpcf0R%~-KLk}>QkMtn*BlR7XoBl_7oZ{~CQN4VvZ|WjyE=(&=OY3dw{kxnc
z4!JxicIg$$dudm)N+*{=Q_i(_Egz&w+Vzx`fHR4D5mneO`{%M$YLI@joRsEV^3yMu
zR{8A`S1#?Vg;MI0p7Ib@QX+hLCdDqUsRPQzGSaB-=7OTMSXyt`?Ez;emT=afuP$cd
zE+5n`VTqMe&-sFSqdtpmZb_;~wrFYjASHQzKwnxM<eH^&6ViHm__-C7+*EIB9PBG{
z&lyUdR>(PmnCZXgtjVkTn>@$`cj>nuN>6H>R7rt7KnilM<5Hs<Vc%2h?W1ahxXSTd
zUc9yEU#E@-o%P+Vu2PnZkIL)gtsrN4+2icLx$yt-R*=2H{%If5*5zXK$6G-kZv{Dq
zYN69|f4mj+|HM|%$7_K9wyyzxJOlW62JrC=;NR96fb$>c&d%<fE$ELq<J4PqM&W$K
zxt|9Ka)#m&24^_VmfS~hzTwdgXE-_2b57x$G>;Hk#`&|5wYAQ1oo%`k<SgDDjGX7&
zzB4N4Th6MSVR@t>XWROWdBiG@$+%u2ROi;tkem@Y?+~&yI1}{Hh%+9KgV?TRb05XF
za^9WuTj%0A2b1nx191K&e(v^2rT6Z*IE$BW;^yj!cuI*gp8Ts1qU2m!e#s4IgU(x}
z!gUGfh_>nM(RCK_GZb#Ft2mFBZ_Z7f4a>jeq4PeaBUR3!<)WMuU&}d@6ngIe<SgC!
zZ}K4zGCEIorkE1Q<1g~WS*JWRCJcGwUXn9L_vNG`TXqI6e{<bI43u@wNAsvk%0n8Y
zD7DNvtb0zjs7%G))g?<Lgq+8_hLdw&*HeUU9r+;dJOrgooGa&=h_h}f5`$cOQFoQJ
zWyD#1O1*Jk&sngPN@Max{Bpi6W%VI#cgK{j()8$2_JkS_Wu@-RCFznX=}PX3L9S>i
zH)r0q;97t^OzGIRTB>y9MIPGmUahsa<*`9!D=b%-<gjv4GjmoichpAvk7@GQH4WE~
zawSOqs%N?8qs)zorTx$PKkSd^PwBcoPvdjM%EkwrwH|r+?vc3r9B@s2h|s5xw>Lgl
zKZtCSaUVza>arZ!5K`X@deaYT!4<YFtS(w*bEEa&wEn!&`qxj6_O!m{!$E)5;2Q@2
zhM;GtXI=AG8_ffa=5IF!ei`b&%mdaxPxvI1FHwDduCc_v{Bt~%Rvt!+=cX4@s6^G?
zdp?L-oh4Ntn!TmbdJUAKjC9n@*hbucnegC;XK!irikGFgHd_BPPgix;@$8v@8$O8H
z&0=}rqZE4ZqZHcKSoh)0J@~^4Z22h7Jp54#J<_=U!*MZJjnp!K<e~`Zqd`qQr|geX
z9MS(M#gX}sQhZzEQ$M`8WBcZhRxCT3;YVPfa4j18_=D7318$)^Y6P_W7Pc<^#J5B6
zIN^}NPJ?v@JjIB@8#E1i40urh!A^s9t(Qkh`?)Vs_xs=fpT6H(Ph#s62KO0kF!;2=
zXAC}N@M8qD)o9rDBSL(rj_hpxuRRnxL|W^AG5B{3{=(pHGtL<NyWW10M>1PW_>nXM
zex+bZli&O}HO<ZF$f70H6a4=)|3Ab3&+`8Z{QrCWe}(^F;s0y=f1Ur|;Qu$NH1w|w
z{*t@Z!h4lq{1SJYjNCBqb<_6}OzkkXf6<b`CIxnSbHL=4273s`-yj%XZ*bPM4FnU@
z1d~r1JnfH@@Czl?l($pjKegFlE8r|U{C~6e_JMH?UHtfLUN<jI)0L94VM|C#^hI9;
zLE5IIL>n3uLDOX0gfxj{Qz`XG+BDsyX|maDHdR3p1VvF4MGzD%K~V%n5d=k11mDl+
z%)Oh`<M;gj`~LN9H*?RNIdkUBnKNfz?!9x}0POg4AhI$WKn8&7b);dHYeq8|!{F3V
zobK1Y4zk2B8W$863OJ0g0)SIHSy1&rP?(+9eZWN$=w~p<U=M@640bbUK~Mw5B?J>#
z&Y+4x0)px`LR|=2I~a5_$VAXmK!^!7eQX8l#M8qlc{b%RV2L#>tbGFlFNy1@YQF<P
zbuEI{jfB=BSP{*Ds$4-<E2tg3zX~V=fp<HCb~0E&&MQ!)Z3QK*-w+fw0#_e%`iNP{
z>^@Shj3ZRQppZcs0~Z7G^)-g@xTT=5DC%=1^RMh+uz^7jg4#?5icyxgau0(6p=R>R
zO;B05M0*jf%_6Q>;=36a5&8)gfRJrcTg-q$)}nA*EsLw&$Y3jj?F?8_?Er&81goNv
zHHv_pK_Y`G4AK~6F<>#Pav2meVEtCrGH7Jb!C)hU%?v2_s_hK=80=xNlfga&bs<4v
zA(X!^mZ}K>YK?>V3<gwCBe_?<z^Dg-o5i{dg2HHgZqlzNpL#-WlDhXJs2fDE+DgXK
zjT(g=Tcj?FG>Hi6qe)Z7z(?GCLXrxF9#OM4D4ZeKOU%mD<qWDBG$L?sVZchcseJcN
z2IRMn#5Jr&J%wo?-P%nE>Z*u~V-U}PB<^ko3m8y7_f`hk2v)~3ppf;1>h~gWQ@;9r
z2pUotRg4N`2eg{ehK)?<WI#IiAOn`Wb^`+>;0z%^b;StkS!6>91FEDU6TzD02x`~|
z>pKwCl@Vgy>Rg0anFhg;b3-%(R;IzuAeBKDgZT*RatU=KSi^)hOjwhNR!I=sT(bc2
zwJg1n)NA4qRBt1W{OgFT??<p^3xWoz+(bed45}G)u{JdGHByI0MrpbYQxMdVeVx>c
zP(v-vf&MH(oKxdwAlIc?!{S2my1h90#$6;?*UN-m%u<D5Z4Z3S+C6}ps0DupgJcG^
z3^Ez8o@*&;69uffl~6H*Gz9)lga!z)$R-z|LIxzMiz7swrw>7EETb&fzYamuHU`-U
z>R4g_7Djgw+DZr&wl&8?zGh}?o=+&90qF3tRpJyO7SwEIK<S%VTC=DFpSwnln|&ne
zV9?26qaaZ<zN$>pXa<=GZlJJhK#dO|6UXX#QW;EPfU;~J^i4YT<}3!3yg8TbJc$G;
zb#pg^G6rr29!bt2xC?=25J8Kb!9)gWOl~P8NOBKpS{emOL0XuxrHjF41m0LexrE{w
zq%oL6oQu!`1{BK6Y##Bf_&5&Y8xgd|lP$hM1M&ePI~Zspmf+pWU?+nf20jELnRhp!
zRy%RM#BD=RQ$!q#sToD6kpatZbt7o0CFCMRb+m3k(9W)bQ|K9&;yr+TRtAbVCitQm
zgfNg)^70iks6yanA-?$x`Vh1*TT3Uo`t}2CW4;#3-_pw{g=;Hhu$%#<Y0G9%z<><f
zsu_@L+ZG1Q=BEg4<kH4M+V&#wB_r^&;I;um6uNDYP#gjeNm}|D%_2lG{KATy{VdJj
z#ek*xH!!d>C}Tj;{0k6xcC#WlX%ulc16Iku2SJ-ay8*SQFiMj4i3}VJG8mwwQR^kB
zCbWwISdUr{*+#ARFj&W6GXn@SYJCTTtqdUfsP(AusP!ml)cQUKkYLpMZU!y}+Zb$M
zu${ps2D=$lG1$nUm%#voEevWA+^7hl3ZvHh7(nn*>-RC}WH1Q9+Z+rM5p5@zc5-gt
z%z#|lDPMax1LU=>j76|68o_E0aO+Y5c_$LL6G6)q1WhQ?Rztd`6b4xg3K^hUwx$Kh
zc0)3t78HrEqcOS;!TMYV3&L=ipxw4iU#_z{a7aE*q_bKbp%xs9h?6JrMMr*B=MEfM
zf-hfG-+?pM@I{JPOEA6wiXYD3R2JsJ=RUxw`eoz#hH-s66d%~D{sBZ5Op`J9x5e`u
zMD$cS#;`RTv!+lY(god`ZFPiL@D&sseuuBcc{gHa3_^U$AsZ2(671;DT@e5@D$Jn>
zg*xyVKQan37{MnX#g4!xfddo?wloxiFotPCfceoImTO!vvm~RMPT=6ZV<>{B4|8zD
zQTH7Z$ARZN!WBM(lWj{kuGv<``Jv_rs0*S)mT=@vw0U|dL86XS?;u}%Yn9QO(YlKK
zyg2bFshc{(xrFAmM=Iy(rc9n)LerYYh!IMyTXIF@F=SmcI!2N+8P;h<*L6t7x^*~h
z#yEAF#n{qKMO9J4bc&P?arG57lz1x@W=q!+XJ|of8920(@_JoTvYVthA2M5zt#Of#
zU??MwO~#aLs!Og~7Y5SnB4>PLke8ZHo`qw<3JjGGQ_z7oOD^~@AkHZF;cIVMv@^6s
z3=udx8&If1QzeX2JfIR$R2Xx5GN5p}0n&ktbigKbBIN*B9qkClwKW!uVC<+qz6THP
z-dwXOyrNWZmRP1;LKqO(Lj4vCKBt2^@@qM0DFRwQI0aG);}w#yFo4yfkCoXlG3yA}
zHY6j6KS*K3uo@EX*+R?H=RMsKOa-WUXB)hEHFyK8me!7Eb+R$mNp)B(zC078C9|cQ
zd~E5oURqnVD5%;aMJ7t5#w{0od5o2WHb~lOsHGa;LS3ix_-HE`k`W;~wt?4|nof~N
z32m!lM7j>^A=Za3)0&NTObCJsl`f()902-GIzFbzPfetod8#|v)YY}<cy2%<d(AlE
zjjy*L6TSzKPA<6C#S7490{B3!kf6Fkf-4dDybb=#H8>$yuJl~Q<M33uMkL@%o)&z}
zEnM+y&NzXSF{B}eLt7;lAu*grE3qhv@q0T8^7B7y2x?xyj+e-UNM3MCD~WhmYg8CZ
z4FxSOIF(mqK$al54@yKnln7r@4VEj5XB@1oI5LW>P5z-&aoH?Bn5AlfR91YAcZkg3
zDZH`L4}%6#1_}W$WMdV9AV(m?gT<&|M2+8yK52~)Z8hU!sOxG%s1puW9VeEsO<JaU
z8*o^R>&`ib5q`x=E-*e5NRYleR+4dQFq6mPhd46tkW0;M9F>KEAO!BfPW8kj#2^7O
z2V*Za62n9!kK46|!I>q5StD@P6fS5oBCH8vp$;B|8!oA+E_xFWsdeC#_?kGu3lQbN
z0sBPYA1Xi?9flY3W*4l9vjd>{#i0?Ud&I>!!odx?#t(S(TAZKW56C*oK~6@BpbmE6
z!{-{Q^{m4f2fmkW{71$(2M;$k5xfE!s|*^%1rdo+IRU#f_@}kK2aV3!<40LBLZRP7
zR(vsBbQ>2Gp`+jyg6ai9D^LSeMBA1KIPrkwAZQ!kFAWzX03R9w`2j%PcHm>eIIB?r
zD|9VIAcj7R&uQ)8pGLkw$S9J-8pbnxTNtw8%Yb7HUz-Wp?Y0_TAZd$OPYWVI@e{GQ
z&L*yAHX=}irmM-KBq9?fVe6o%aNsyFM>>X3sGCOdZ2KKN*_t)PH_SvcHOp}gwz79Y
zo5BYml*Nyb<AN|!sv_Sk1q1`fB6FN+xio3iB|!_?1wlvE<mm{9V7Rgl5xd2$W1LFB
zMfHlaCr|$9Uh(}oe2)iXQ_Xg$C<-oI0CYDFST);`ijO}FT0kUdj$IU`wF^9{rS@de
zRiC8QY!}_v>_!>7KtlM9<iI0n9haP$G336JWyzQ{Jc_+UST$0yDTj}@vkv|YxisZS
zfqNJ>?PBP6Ac2lrP&sG|jO6jQ^q81fN0<qMN)rktS@#7B7QU?;nZ31xVa+y%UTW9Y
zx=~a=8ash-w-~=^*mZ^CgfK+4W*RNSAr#hTjbZVL*b3yYX0)&yq{3HV;Iu*!1QIdK
ztblEeiGr?IBnx#K83DN>O)Ig}94S|%8GR}y9BgoYH7853L{B%H2iy!^qGXnvjqOKh
zfJLu}MiX<=QPUX(!C;tciIb#s3A3f4%se;`koiduduPTKlnYh~fHiN;wnGh=(NJ2<
zgD}ezCyZf~b4N|IGTSa%>BQJLQb9(rN#|AxE+_$0U;$%PC_E)#81z`Q7fy#<k!~PX
zq(`d|DK{H^bw4@++Z3jYK}Ac$dSD=uDaAUZj0C;S3kXw;P6&cHY5|O0(~p24HJwJ@
zY^g-Hncsu_C<6IwkrRTTs{;kYM;1i2m^w-oaa>1R5kz|=BSDN8O~#T@MwA0YMpR%C
zN(w<1ezwSLWY2&>%lQr(N%8>}3i5ye(jy7cmytk5XNL^Zg2Fh;|Crwy5M$ckbYc~O
ziZKrml7&MPKJ`ei2+h+&V8Yuay}-MPE{(Yng@KMnc~V_kGQQ_v7h=hSj-+RDD=<OD
zRLqE^+b}q>p}?695AnIufoW$*FUSCZILu6DaNdCk3?XbKTQ<Bo$fD5&rqG%Q#wqNP
zL)AbEJGP3beMJVQoZfW@Asq>@5k19DLwY1y1-6on1cJOGZdVav9xKvp=`;eNuh|bV
zkOgc|+yN<LFtIm^Hq6x;i}N7C%rK#JTedc_p?DNcP%4mawFyh~#xyIX;c5+oCF&M!
zwc;!7nhuiHz@uYKw51Or;W0bMsBm36#X@H^WB@2y%0{(l;-N!b1ab5YQ(G(8orWCI
ziZl%75;ZCbHB!Zi$i+@z`XDL{E`;bYI0zdW7Fa9H)Rq_)7G)ST=nzmnbBxsx_@c%&
zMPlNF#-ear>mbJwegqGx==wm!{A<*g9E*8IjOL7+SY!qSmK(!SVnedVL~C=*!)2W=
zk*hc^b%t1o0k-7Q0CAqbED8XK5BCm&zp?H?3Z`ff9}|vX;pIz)0MXz@@o~a`Fl`z4
zZ)B{&gprXdL{OG^WyYu;c)}{G2iKeg!0dYHYvV*^<c>wuNX5@na+tM(FM2Oml3ZL$
zOq_F}beUp9;uXa_wN<)$F#RipgXm~6UosfB4o0E*31aDs5eL;k?<+Eau^boe&^St_
zBd^J{!^85TaS<}(s*8_}k&0Kh;NBEVXZvMhz#%iaqCaJdSh)rw(LngolQPNLn-T*{
zw8X?>hY5e1qNQSxI~X$!+Gt&FLNL+{7X@pO_F2)#O4V^~O)hm=veuS(4EzBRdRi~j
zczn>npu;C@NuG^eECC9U0D64<l&dI?ly!wh?Fyl5(AF%$76y_Cr1OfpEs?x&wwkLn
zFsi1KK!b^Ch%+#CaoB}2X_g7iMg!BZaa4_9KvQ!aldA8){Sy<|WB|S?06?je1Yi;Y
zCP8vch-6h#eFu>64;X*2_~2w#2G+V%v+k+7?wMvBGgt+`jhP(^ud6cARWa}yPzW_|
z>ZHohNfqbT_%>Y`h^Zce(oP`(96T-~z*?<bmDS~fmZ4{tZcZ{rgq}qDmrXC%(8Wxs
z4*)0gs2c!w|GLe{g$4mr8m{C6jNyP?6A%Y%DG4?U3`8(uEQBH>%Fe>v28hFq3DcrI
z-8653Ne{K)EAcceJ2GKWXV=!1OVMcpbX}q}e6J154<gW+q!@h01w9JtA`#RWKym@1
zk*GYJvF^@>i<9mg@NfplRs{(-1E3n~_fw5n;^MY}QZ{VafLlF2rwkgz#OQIs(g;Ru
z4dWnMzX84mkzj`!L6+K^37{>ZR#y^RSvtPKjBn7L3?D(nV7)S3w)R$H&WZ>&m9RGn
z6be|GF5Q1+tZikS%nSv>G<PJOphP$rv}TG+Hscy43|eJczY<Qq8a$DJjJB0n5<z!*
z<aNNjhsWWMSh6oiuhY_@5sKx@p*gVx{IY2bz8uatu|cEPHogK~iBv6ktSNYF<|r1)
z=GKKmmr_qVDg?YCipXU~K%#{xgr~NxOvH!jpj6rC)A%ys5UV50^+om{ecVWd^wr47
z!C1GGuaRwtUd(MUtft|(xjSO)7Z89tCC+S^+^phsjH`J7%!psO0DA9-YjbQd7)yJU
z$Sq#0!`M2BfKBK;NP+m+d$t5&lFyGGfiG6jHLJKV7XY>&8Od3>xwk^~!o;v=6veu;
zX#5V?eZl$+oyknn04G1gFgQwF_J6o{fXd1aRKy5Of{5V%2y{+t9~f{rzPiAF5Exug
zH<nB}Y2Vz`$1Ic^PNF?VsYSRUAmu0BfLetU9~A=vvcaYnFOl>D?fA}5Av8<})xHy0
zG%?9o4n&oT0)v8$I?I$3^~PMqz<`o!hHfG-*-^0nVg3pX857ZPfmVYe5JWJD;trjK
zyKRg_afZvCxP%BY(NIDJDg)TcC<aJDBNEFjRwn8sP!I$WL=Dvd)gsUcg>O;`4~9Y*
zWfBt5goK!ZB}I}4;!G6X0>`nE7`mAV?kPfU>YqfIvEo7+0a%9MnHw!cu_QOtge;8m
zf&>u}Q4xw);F*E7mV5~?4(wtfN&loSV1OSGuyv^+RTideEm&%R^)c9M<uFAuNN&kM
zl$ilnDpXe-*l0s*LIG;*k40J8SWvLQ)+mq|5YWhK%1J$foz^4y;tw^_I+7X*N=US>
z3@IQ1$wiHXn8#=;4d^7GP@2gDs-+2X3zz1PI<j=#9Mp9{3@{W0=yGYu29a#}hA4$c
z8W5mbVY;a)H^^iwIGoLna(Iox6`C}NU<!aFWL8>-{vm?GjR+bpYA8lM8!<M$G?oBF
zvXOArkiia>0wewhSA!)8Af2F*#Xv$nNJq<(YZT-H3z{1lLN&rfQaj-yNY%mWz`qKF
zkrQK`?C-4PC<-@&y9u&Q4mEGmuAu|pLBIo0@TUCJUauDsz&eyM3DHf6O25WqR@~`E
zUls^~Ny1Db27q4ip9F+cKf*Csx&}(>#XQK2g~rl32V}rQSwjfh%6`fv&bb#i6Ku5;
z`ScAM*BZuQXk~{CA3dO9b=&*IrRzeu(*wRDKsI(_p^Z%@3K@EWVmWLgoe|bXXlfNS
zXsb;`3icu3ZgE9aiUDnJI5mkY7fHNg3|rYF%zGv5(Q@@hAg@jbf(j>FkQ<WLW`Yso
zaM)5vwiZ**GR%k!H+mwXQIvGF18a9lK}3E`;}F2UL;kQKDhB_;AtbM+k{}#rKA;vn
z0Q^RQA1g6b=m^1>xPu&4;W3<I2sb1FcZ3Xqh?IuVsZ<FtY%!>yM{I<pX;URM(jj+F
z0!3)bZQOsS^uSx8B>|{csU|j3Xz46MlW&hej~2uxu7<^CnHn?-YyvS-U{Omo^q7sR
zh3%ER2D4s~8Lca=1Oaq2ZPGL{;W8>0$b}~kwUzCbyt@qx-6VZ4k`p7|B;s%v2^3*`
zgozid2f_#lEJifI>e^P~<E-J*od?7z8zdY@G{_8a;=&7T6f6>$NO)b`w-WEG5g;-6
zV?7SG<P4WVgCr1!GH}7Dj5sqQLbp5w>Jl(vqE{pVC`=e~o3JFIfyfqE*r8Cv@n8;y
zkrrQZG>l*XDq`cA-4(je){W8&$AkvoL@TMa+G-OyRRVynqwQrA9E9{Gw8bWCINDt7
z1H-b|M<f8QC&^GaWecZ?WI&b^!4giC@?i%GSSCOb{g@;%l`(iUn1^^IEB0n=D|ho(
z7mKVR_<|kkM?^vhS&1d>HoU@aX}$h{pgH1iC<}hpc<vMm2=3YZ(?8A?Fy*3C*Mo#u
zOaxSfnlI3oDt&S53-A9TtxI3F=*zZIGz=LP%n)m`VHo&tjBos}Gwjlretp?5msMyr
zNMYVG<=jZb;`9I`Pz2&=)hJFMM9L_gD^5lyBa)(V8TwM7FI+<e*;e`VrBiG}*l5I7
z8E|D10@fP0Q(yK<xmxBr6$z`YQ}|(|hD)zgAmUT7G?O~91l?t_$pk69AcVE^LP!I8
zz>s8OnH}p0G_tJlt$>J@NUVnOK}0-7$RhL)QyMD_C4`y8r_m^2b1<r{`qBft51~TY
z)*-l8s0#sxjtXqH!fg{0%Z(-bSjMpJ3VM7s5i*JC(Z8E;T`Wx8v_Nd+Y5`Cv#o}|o
z>;XDGL<|uNd*j)ZH4f?qddfxH;qD;3jO<4ks$zpdN$7}3<dThd<T>Rhx>2wD>OAPi
zcp^!h4Yx;ho-S#NI339qr-}7KZiGYb6Pi5g3WTf>>8zpbs1Eg3wo4hT3XR$b`H(;u
z&+|Jhp`mgsmNP}%rFU@mP;SX$3)C*njg<|FaiN<vgoXh0pSa*gt6XUYvSC8!2qxU$
zM0LWsNfgWrmjk!}X+*HoOA0KANP!DFD+@3>tHd!kg*fas@R_o#2<77jSP)4jT#QWU
zJJPqL7@$GKL^Ep?XWqhtmKBVSiZsEY69P7q5re;hmy?ZLJa~-<w~ag0?p!!?%p{GQ
zA!Bvhxkc~wAym=oebPvHDjN~^RtaV9<Sr9<zE18J(^=7Hb4xDn!+<<Q66-_6aJXkh
z>}o2PYkIlQy4r;%6Ee59nAL_1Rhn@$Yy$1cJ9E5&h=(sAFjmQ-I?sOW^hmqAtAux~
zgwYaGCaJYdngF>Ix#0oZpg{<Tfj<anBPLzF76}|?@UWB6lNFv{$8BX%k{Am_qOK_^
z9+k&M3=BpHxj>1p7o!XCQFw9p`YEl}G&GV0wMTt1tg=1i-Y<LV>S#0x@KQrNOY{{A
zaV(Koh=dAq^?)F;!HP$=pbIdN+zy=^Hjm2Dn5~#?a(A-M6NHB_Knpz3kXDc*NC;5s
zBCUbFP%AgUab<RN8FI3+F1k5Zr->f6a3*Lj^R2qKVom{JSTV!Ca>Tw^nwT2YZF6S|
z4um$hBnz~SNG8`$lw=lBC&snLA+U!Et}7HhySJiNnB_oGQWOd5rMcam0`HZXubGTC
zLuPE&Zb4DJn2`8At-iWKF(MSe3eXHhoi3KaMnc1M;8g*<r2rxEMfiTahk&~}f|f|6
z7#KlU0CX?VovpoJn78)}^Y(syBQg|RXo28i6;O0X4*MvR6)Iz8R{P*@pwq@MY>9;7
z4&zw-;2mf+=s$9;8AI2KPY@#?pOy$iC{`)6+0|LBg&VI{&>OprZdxtGxVMQuMOx0W
ztdSxE71sz$W&%ZM-y7lJ*NufGnxTC!e!5C~=`|5U2Y`V<GF-6FG!~vWDAH8hzJS^W
zhpUYd&1KL~88Fd9VC)dsZzyt5>j-pk$IwdqpmA@F0Nx4#JA9pfP`IvclrGXET?8La
zg!E?Z^tSctZAfA@*&!5E+>f}Bpf~EL6;|^RQYuPDE40);GzLQPvU1g<n7dE2&c#b9
zQn-6}0I^%!>P~Pn`Mb-|3=!;E^5hO1kI$EJouV75e!tl9ev0L$n-Cz{1n3K-Q&mA>
zG3<wW2<PloD7iBqi#a2oo`J5|yLD5#Ww#dI%<!~zwUMZh8=u17Vyq|8J=ShQ=ZD7e
zmJAJ)Jq<TQ<fb`6yhg*A)U!U`tY<wQZ-8?N#bX^<Gr@$`IPkOLISwp3hoa*5-Q5Qn
z*gA~$_!Y8i!^pIW(GTJFFSZ=n#!%aeKGC5l5D~561yqq+c9!e53yc*uU19YLLSS50
zyQnG2%Bpa%!3#ZHa>A|G!`miea3V?lUi@Ib&>?RPk;saMfiZJ1764aq*0gfmO&^OP
zA2miubx4*lL@*{{PKf&xWC-=532^_SeqR(cjoV!q8Nph?)$P+Tgkz%#xd0%RmPex+
zPituit^yxq#~-@29+Xf@T`p>iSBiK)N`w`kfND}mv=cif2T2ZFgz>hJ6_4d{)(c-~
z#}5$O6U!D8YDfVy+LGQB=3aws<t80zNI|5*4#SX|@hj@dLp5u#<JLbgsF{$V0^I%9
z2(UBiD&Jm*QZaj#8nP@voHK*9rh_?gf19c|sJQF{6_#7Th)SXWn&lWUmSxpDFsw;S
zlNG$J){Jd+kI{~7AL`2Hjy0jxaa8^49<4X3PdZYp0j$Pt%CRBXJTgpxtXQ%;R$o_h
z83Q#U1}6IIjy2-wE{0{UrC{t0b%k`MBOI73>R}p!nq!*o4X{<2>Y#Peyzr2CNfZ*p
z=+KBV*P#AkWgDal;OWLn2rh-}-RRAf9~m$yAutAj5TYm4jHL>pCP1_U4US=ZAhY#g
zZrd=28*{kbuuH8)_K}8-__43mWsES(0!~^^m)wAR)grRnm@URy9cV{LWvB7g<4Gj=
zE3#+H&{s%N+NE%3OeewhaAw58nzMZtiQ(I5wR$`s0#>*cJyvVKKAn26$AcES=$&y~
zFH_AP`H6c88i9IgWmESuaB)_Ij$vUC#0P)j3te&%PfurpCl~eL!7Exx43dvgGA_@x
zLMqgcotVZ*-o$9H4Gi;uB`ILiOh=5Vh#6^QhnT?)6v9omCCHW|j<AJo?L!hP>)B=4
zwO}Gpv`IvN1M6j<q;GR!Y6QtRHe2O>Y<-BdhN(<G-XiuP%9M5y>!=xnN4oi}C{P9@
zWbQ<{T?@wY*Z`Im;HN=MPzZ_+qE%pa$X);&lUXl?gNZ?2gAN4<ivC0!FBS(-5PFDM
zFgk-<HgXULPN%T{a>T$N8cr07TbS(Uc>BhRA0V{<7KqLa_0jOr3cJ6I)Qk~B#25~#
zc$<%QkLzmj&-JO)n4VO#<suwlR9B3G^khWFSuwJDV(5ivpCE(B;~ybx57L=R)(m77
z2$U<Z$BcF|@`O7Ga{fY1k<J>#5z2tE*bzly9T!0Ib~h`H3+vA&uCLPcd~V2u$qH;u
zR>r_BMKDPw3})<r@})m&e!}A*b|aIL81zJ4Ej~G7Lf$NTH`ZUSHEsGSwwgApv@KTV
zGQ94@8eItLH^A|s&KL;m%J8PECa-f*A@$mQ;0iy1A+igl!pm_HLzp8{kePt>39`a`
zu<a(5g)+erC{l@+D#Ij8`Xt+)kMwC}atPi6X;EIc_+4B5R?b5j%7SFNf^wkdGU}g8
zA;VN5ytD`#OryZh*y&&$&?MQQK~CJI6&lE)J9}MKq*%AOeVHIZnMMgZT4hEdKDa~8
zXugIra1i?t$nb+@@I0&v*JLvL06m=%QPL(d!w^%c-%E{iDncWYDTzGN1!zFpKx`3a
zsAp|~nDxKzCe#m#PaQ@9uzrwQuIGH4yrpoW_sUQv5Fe_LROwziJEmEJ+OO+s)iFJ{
zhwKfqW^ahrqBlfKaszgx<c<W)#@O5kgxRGz`DM3ikSBQ?;&l$}7r-ouHdw^6!)Osq
zRGcQ|i#Z_OWaFkT?kSL|5kWj~7l4WQ$uPsolN5kClyrN(I|E3DDmzCPymo}SmIe$h
zG$hI>>Y(WGMaXJ&BTA{+0c!EFwPILUgFOJ6ERuD#dIK4HhcXapWFS^oE=4j>v8f_l
zs+dMYs-fRhO*Mu2bp3RLG^7UfXON_6O8wjm`DK}$;e0tlXGx{_Sen6GJVOxT|7a&!
z**47A{4^I<Hj7KG$VlDiq_fe{H^|~6ocaQ!dse{KF|%w)mevypFXxLS$r9?C%Vd+;
zsCBwiOu+<#+X#W-qGWUcK1peSwwhUh4nT|nf-GxhS!q;!IE+#XfJGZpxMe9R;4Kj5
zMLJKzM(M&RhNV)?Mwy3ULZXZO?~s!TVEOPdxN?I=vxk<tsa!sqqgxuAv_^^YkU1(!
zw}U^D(HEhY(OsDN*Pv1KOa|J<vfjkQc`3RcdYK@s<0K}#m%z%FBX0=ESPmk-fkCX1
z2TyKjr^wq%rppzJf&dVi-GH*l>`wq7qo8sKCO?>h1;-GG%xmI7h9sRrhT?YvUJj#q
zP?S6ngDj2G_?XM$F~>TwtGf9CR3V0sKm;RYm9$h<0EHdCT0zyaV7TDI5C<Mip@Mjm
zTx^Y3K#&3Q&>c(bVYSBL+=O93RI036p%}CrZ*7@7^q>rQ9%K310FR5iK{P%7R`kKi
z5Wsv#FenW}26R>^b%*hLQ_zp3gK^0P>w_(`AXpS$u!<CrqlU&3(nz$g*pJMxNKYXt
z4`%rI(G&4$Qxqrw>lucz63^qYN>b}ULm@_XV1hr~cVRYW#6Pw_p4;HPz`%_oRDoFF
z<zWQqrDiJHE&_BIOKD9q_5(uEnh?gybrhQcL?)8YEXboQ*hlA96ZXwH)`g;#*iJA)
zJUE87VcCY&utDYRJs1|Ieqz&{1n@N{qzQePgM6{?4v`|Teat&W%&#wclMzqV)-8bL
zhzBzxINO55Cs*J4hc?iffHpWyur(B0F~0y{+<?Kez*M(L1&JXJD?~Yv12ME9s?HSv
zjgMETz(`>a<|}k$h_?zU9sx8lxPwx%@YxS!!J}0U+$Kg4sc#&^j!;dxxhp1vCPD%F
zc^1x;a6b+^Pf>WT2c^JvC=|>tgH6OMi^CIgC<ZpjL2;AVG65WV6HbNVJ$Kq_4D1u2
zM#<n~!4V@;W8{_&zSg)zYl{LJKW2dP@SY>CFey#Rks0|pmg9nPRNNXgg1#@e`G9qZ
z<WanNh!}TyaY;sXX^=XW0ur{dj$uf{n}_mGBRHfXPrANj=u4))Wa&$`zU1f&$1G&v
zrVB0$X!dd=hJf64(Fq0SW)|C%dX$}O<S3T(hRvL?LEDDtWihZ|oPJ{daaUH@YHlul
zsftooxrNROXw-7k1?`6^K!KQhVaUKX3a|25EVr>J0tSo)hsc98m?LmQhCg@`{)Uat
z@IS_G8<yS@!Q5KRjP`xtv`~^IuPoCwIfZE0g2ExhFn?w|6=}LRB#q)j1BSyR?}X5Q
z(hPT-E3@N<(KDm`#FOiYvCa~)(KR?7gLTQ!E07p6dOu!QfUV*|<+VK{;XyQ{W#>?^
zcDvT>c8T=rNH3>tYx!)XjFti&Fn<oBW@N^O9tkr3L2-g2tXn`H9b;;+U5W1oJp6|?
zqWW#Rre+$k7;QNnI0X0Uhi4#bCQHK}z)Dl0v*67ohV~e|r9x^$$RRFR+QRsZwm1~;
z{`?yW$Rogo@`;@h(%YjPpmb7IAgRho!U~Ow!wZEqW2w%joecdMXf@l~0UXf-**VKJ
zB1FqZEzx{XMk0K+7;e_nLqeU5iG=~laMWZaD=EM=loUgDP4;1>=m;q^B=fcww={IW
zZs>mP_2N0*V(W3@g$x4O{Dsn&n^I%AjRzs)`NP|j!(uqtfe(jyvzQkToyS6U@C3wt
z4Je~-K5rS=>NdpCk2dY(YdcLCOJT4WA^e?)a0CFg(QR>{0^;)i4~2u_;>ZPXz*`0)
zbIq+HRn4vN*cKcrf&{5VQyR68HmezHOdgxkpfxdIK>iGYYQ_Q*)eT6PCQ{|#NH<&4
z06Qds99wm*{z=D@N*fS%e)L2bDvOC>htfLHZ;={tB<Z;Enkh*SAb=8ah!cLp-$NC|
zFb=~Bgo7YN2Ti+Wbqc}!a6Ot83J`@r{xoUxoESiS&06Y|hUdMZE?A*%^Cs+PY29%D
zhu%wDA1JDK(D&%5sR%?lAfoX+`$I7nB*gG(IM#hg0xeoUOO(vm#xS@NF=VOOnKW!2
zOGcDUCE_Bvn$jp{iyPhy>^Ny-1A!f1-V_mpwSg3v8PI36mB0{3pwybNGB{`H4hgB{
zRbbXX9JTOo(J%M-w;-LCh_^IjII_rN{jgosFd;_UZK1x@#z?hr=7VRSs13&J;f+gn
z3**Hu$VW@2oIF%jO2T}Cdczw~T6zGUUSg2Hy4FxBD`{v1kL5ETP5_ZTUVnk{_JwZT
znz7v0bRc&T04)bmP!-B3luJVyYl4o2{)mMVw5L0#Q2UF~-^38GS*!>3I=K_zccUJG
zUg-jr40L`#+j!DU6Wlwdf8qiB)x%&nxdGp_k*$qRs)?vAM%X#ocY)OcRDl)b<mAar
zG32Nc0x>vtO@FPfl`L4Qb;PUJ&i-{^BGhQGCRwO9Z8K`sP^RahbVF$GUdT@X=F_x|
zmf_!OT85SfqrN@}1x8U<jr}mJas|}A3NqN5_UOK|2dGHYt7$jiI7|<KdXc2D{w<n=
zlmfTY)CdlAhmgwV_2?}v|5lWZEp6JJRJEJ-+|<vX-!TL?;ps*c5Bx5(4!bzf;y?Y2
zGG0}J`Qo)fV=IguMXUjbv(dPk`B)H&zzJ<EsJTFN+KlB3(&RQ1J!bU|q|3}fph&$h
zt6`4nnt=WSFJ3nn2H_?G3=T(E!0MXg=ox`E7B{wLOo90bNOOozS5kbesKp%OF>*>A
z6KFgD-JFh7<b*0+!Y$G=k`{n4+2iV>SrLQM07-=u3|y+h=T32RMVJ*wayt}f(Fq9_
zj96hHCd(r3i^EdEqnPg|HOpYooWYR;dG$CbfZic#c0o3rU?=l6dOSf`4UF&?18sJV
z;cX-q!`!xJpZww3?dJLV8DJv`>lxw>bwpr3{IBHl<V-Ur-gxr187p9^pSTgpip?^%
zLI*cFq?R2bg%6EGA@QIY$5W>A_EHee*<;oDwhLyQMnv*;%EAao@NxFSw2d@IT-fAh
zt&O(arlmnwqMCY5HT9Y@^ok6i!iiPQu^garf#St=^N<d03z?c=ize8@!AVNu9;cMa
zTM7mU2;Gho04P)dh={#7uF+8|y@c_kq72H8hg{(IjNt}424`3;emoh)*4!_PTPOl|
zr1hI;C>Ig>GsGzeP8Y=4f~<!pRl+IKNxETa1mLgHnH0Q3v%+1{G3KAXd+1Rykby53
z7Vx*C?+~^xjw#e=ban$D?}!ZGafHrL!T}j@pVQ26=&%g5tYKLWb3_GrA?W~i|I9Xw
zqcnv_IuZm#Ms^24x=87lW(0|%iYy7?@mPH;3@H+Ww$^WO49_RQw8e}frtdL``Y{yW
zDw*xt0_f{exg2d*o<uDSFF3Z5vs)Cf6(>N_UGi;c<I0&G<JiALLfw2QTY5FRBU&(A
z`v#ZMuXURW=Vrl?s<|7DrfZt2Bl3EHnZov!pO6465pGn-V_;Y`$~>SZ0UMMs1{^ZU
z(U#{>p<{{Zq+)82!+8|#2){x^18H_d=-17(2or__H?a0$={Z^vWl#idkM%7^xioXn
z6bb;{dZs`(aEYENG6vMm$Ldein2NXDz!PVt;g`z%C{;U73=XImdLIOjfhy5DxN=hp
z#5x=1C-|YCu_fHd8pmB*&lEtk@K8KOfsQ%cj0I<!>pyJrfHdB-gFx&R+SYhR!vP4`
z+YvPC;eGQT9n0Z}{<m~g*yv%X9sOVsp79pPpcgfCjI<@s6m3(uicRq<bL58P80qOS
zZsf-y4UjbxKP*JxfVQC0LnyA@1tk>_Dk)KLqI}{|wSy^x5Q8gN#A4itO$f!()Ig)c
z2c*OqLc^O;VrJp%|1hdd=?>sI6r(m{Fmcpr?BS`AY<W#O1Y)1iWPrPgylJhw5~sA{
z*zi0Z-5$L&LTv|GHV=O3Qfb0NdXNh0WSt{R=fK;__;IZU%kgLf@}R2$f>4E!4o!pk
zvL{tz*iAr8v88zIA))vJ4tj=VlaPKITH=UdMeDKG^9s#KK_1R%;5y{~r-%K9y$~!p
zMfK$9a!r^eviA_rfdhL`%{~mJBVaPdh^-69^u?n$z~q7m_bf4}N{DWT0hYHxfWodL
zLO8uJUK2D@hq5f76nwde2di-K!qA1$7!~9cNv6Oe0u=#CpaMfC8E`!vyZ|o>YNYJV
z+c5r0bSno%oS>=al%7KLbmW~6FMvm%pfY$CT&O&a*n$gs))pE@Lz#4DHl=`2C+$kZ
znC%1~5DTT11=2$KLN8qqeS0)VL=DP@JM8IJ#ASk6w*iG%m2@X;vVnhdEu^7UQzCd}
zI;R%20A=Fr&V}jV2pTBJ0HT**drh7W!BrMk%+ZX+xn9>d?*bG`?;nI2DemGxBe)e#
z1mEoeS}UE?CF2}9wv>oug?>;F^+%>2JPMT%F3lnbHDbzcrGxbB!em?Y-6N*cgJXaR
zv~-!kW&m3LmK;tl+1YmCqy<KVGldjmZP~zPMyfddJ{+3MCmgW6vP%KGB{E=_)B&an
zdasn*jl=30ZRr=PeVS@tfNDScK}$b3QE<U3lJ>ugtH~gCKPj>W*>#aEO5O%QPwJLg
zAOW3IpVNkT58~`<gVIP297PaLy+TV;7diHmEv;jkY9g}fc#q^t<2Dv-tc8GnTmn~?
z2;YXh(vMJt%vjOd$V=U!WT;LI87D?cO<Qs)dN{O&BP40zww47tVL_ly1@fdzOF@tn
zSrEujU}PxN8SpHJ!KpAI)Le#O$ARmyZE_bBOAm>o_PeAyEpBO(U8n`k1{VJU6ed!*
zG*cIuqCPOM7=27bOO;N+Q5!6dnRXzv^c>X9=tES4@Tu0+)ua|gtw!M32HFAkH8t9;
z(bym{=sX(X2_SqLfjXdEWaKK7iq#k1ofa&n#&oYJU-mJXPN~qHTQ+d)(G`d9LStbJ
zldIV#ow|rl79kDYMa{5LHk&O@Kug@CiP3QkiMMOS_5h++BXA2}Bo-Zt4tDB<odL>S
z8iAHFc=c(7^d+{D7adP0d98NYzUN+&`SZq7NF0r!`;s?SvP1{6L<=`>Yyc5!7ah_1
z+#2$syGpmz&**yNxjUj!-gpY_P1I9eZ;F-b<#VKx(~CYZAOtCPu{zvP@=k&7@iU*e
zFyq>#dy`p^H%&rWnRrvA=~nj2%89q6Jbl6(Ts&Af883l)=wFeM{Q;ZcJrc__s)Bn~
zT~h6=KrOQZNyd@BV%pwpt&MD<<EZZ4C`QqWn@ou0=;RzGYu%s|xWq@fgkb&<+kK+4
zeS*%lN5iIU-UYJVmMgVeAQA<-vUh=aMDJ!vlnowlj<6UI32KVu;@L;n=$#MKWg@VY
ztI*ItCMQ@ydozV~aiFrrx_BJyiZh&z8yo_0*$e+Bu#~$|a+U>hmgx$kmWGA7P!fu0
zjU#!hcpoo%J)6BXjqkuvoaH*#a>*rH+!Zdvj2FIz0*Y(K@p2~DTDy_HPN(An-M18q
zG@byN$8KdoJSbQbXyekoAE$Gf?A96T?!fW#sGQWSgF87q9s|Q8J55J`x<f0kMG1aG
z0KY-kLVCPZtJ9QHJN%ki5CWWJ)SwR+qAs1Qi)^^3io-6cWVjKXzEP)dWV%u5E?wy^
zZ6jT}e~2)f0>W(4s@`lg^j7H<-mM%rppcE)b$NG6RkupGQ^eV-i`z;@x=*5Hw=nMx
zFz>eWt#0T9!=`rtiz7DTHeDh-7mL92GJG%wjnakXl(-bk9^_^>j`A9#S;JB2j@PSg
z8T;92ZJba;e%i5l#j$Z!jZ<&T6Q9x0ECXYZ;VyRRviImqzrO6%lE7Gv-n=hRfqj}{
zzpm_H06%D_q&U^ARfWq)-YSiZj$oKdt1_5kaxWgBHAE0NmK~)~?pCW|@zG*(t<m9P
z$*m!h7;PkmP@~wvHrc|75)mIj#A}2-fUp|{_u9NZ-H5&NPC~0g>rUU6L=TgmAk*L0
zSc!Ny>&twd<dTw70*q4(#!%B%v&FqTwQUiHmf(s)Mu=Y7C?wcw*H3I}5Kc`pNDME^
zND*m)BGL?h!ZW*VExEe!uomrOMKJT~6Z_bOV^t+%W+0>Ckh#%dY~{nO=-8ku?YlTq
zV@{8==OWNxGzmE;l84<vw<46}wzcL2B6yW2hb7~PJIqtD-Ut9FMs8wY9srQrz1RjA
ztCM9JC=&w|p3MybUfHUiUAUnl&H}^`fr}d4s=?FK4o)j$WT_JqEC#SZH&AP%D513x
z7A&5zQB1$JQHToc@-j^80(R{dm#wuCA~Xu!0wE~Y!(*$P3gsd9wNg1VE|hMDEww@q
zFHF;{va`DQ(1o6^x4HzoTqoArvD{;);u-yt;MNI^+7uh5Rm8fm7mou1SvNRHJmv)-
zi8<4JWWuttTh<|-Zg>SOEo7fd8xLm~!WRyd(rnO|PCW-{g(LNekrkkAr3M?M1_eS4
zH%aN*GjX3t5F71>WB-tOm=nCArVf0Rim<l}EFcC_!^AnYZbi+-DH#t}ik(P*Xx%34
zdhE0aWYC_`&owjda%e^LN+R!-ix8Yibc@2-Jh_PICAZ*d38d5s!n+UIxt49+s~dT*
z?f~#!yCl8e=pGn**gd4~GE%h;7%4b<9h(pPKn-i-1-!KO_G=2%hnApS(x4>yl)h*O
zB^^T4?~8^iIl1s)h+$b?4;lJmHF=y?w9ksqoG{fVG(IIX@vsp-)Q6=B?=x{SpdqNP
zbuT`LBC_w5e9@A_A;#lNHoLShSqm)E8g=od=%ObEl8_4iXh7eTK*lMWC{>%jP)NJG
zr6r&MSfkdBFWoL1m#_rf)`VQVCCi^klwp^n6OicRO?jp;#0+(x$StnfC+<V&vvq;K
z<s@TkONaF>7x8ie;^hS7lF2SaliZl#u^KQ-Jt6WH82a_te9}XG9w}9ZSYKg)tk57U
z#;0V2pjg5x;Z_zP!+eWoi^JXE57~+?U7m{+LR%G}#k7l}EDs=-2WJ01(7RAGaFKcU
zu(;%@4&=caO!|onU$>z|-bNt^OwD|?ngIS+FQ|R!nnu;#I!V+hjb<uT79psE57ShU
zM2{do?Q&SHMj7OM^QACPfTPE-7_6-*yJ$eW6<?<|mo8&K6hG+Orjgq*e_;>kvibV(
zF`hl5+CJ%=zCFUE*ASJAHGaF`cTx^~enldfb$|^HCzqIBX8GWZmA*O1K}0)r-){69
z-u8yS_ih~myCmZt-3%0^wUI*@oM@k<^lNbk^ab-7w%=YBU_~R~12Fpb7Cr<+9qqG6
zatLfq<DX#m+v(J-2D>(;Jv?SnHs5}&0Re6Jycj25zWr1LBH-2*B89eL9wP1Sv$e=%
zv1O;E+I6bKPC>XL*ed8mJ68zkC_|`ZO^Gf}huW4bCE>y{CK^bGMmhwEelC=W;o>yg
z60tRjYPBVD9iRylg)mifPS=+VeaW;N*~&C&nUH3gSj>S?(KZfM__&g3s#s0y@snTo
zfbW*n95YX@&XX(H`P$;za%^pdwzlP>up9{sC0s64xkepaqP#X2%92!<gqpwU2wW&r
zG8LKy7V83w1zT*e!qzW3dRu|5O*1KwRHOf+1fvBo(u?-0BpF?vxzNwFMYS!r3%*)k
zYSCPx+cH^Wk+cR6<R%D>+m6SPp?I$gmXU31s}>bWIwB$>zXL<N(Uq%~Y?v*O5Bzak
zmDrd-(0PaHr`xJfgeam)SF}SidJM_Mt+X`?&L`d8o2#?#gblJkvhCLC8g$5|L7zw3
zwvk;!k~iuZ6oz5*C!;s|Pur#d(Iz|Roo!nntYq3ED?P>yE?eLyjL}@!u>ZAf4J2c&
zWK^}qXI2iiHMn(a345g1w)F&ZZL^1K!``lIFOH>cyC&OCGErMwugxC~wRMZ8dKvno
zb&hV4wpV<L)z-Gt*4C$sck77cklxzXC#2%F@M$oZhOG^owQ|7-WdMAfj0u<{7(knB
zs1l=0;#`v^Q=WprUKZwmS`u@9)25?Xh0z3k$)X(&{X0!ae-*%|dq2Dz>HK<K(x%&W
zKo8xpSo|>Bis=H7B?t;N%hc1Kwta@t^h-VWBL;i)$4YEat8|bm6#?4qV8k}`V`7XZ
zmeS)$>kkoHe+coSOF!o|AQ!z`g~n=hCQL5%o#8gF6GhpBLJ)0KC`5Z*zY?sTSNY>K
zlX$TTKm4ai8n1;gGR9NK{&-jr0c^MHO&dSEDIbpGB&S<w2+O-7{#u(yCNPke4^Cm4
z!<mfKGEr*D>Ls#NtNFZ;XRp*MQzl88fnVl9Ls?S-SyQA7`m-d9p8rZwQbJmQEKS!d
zL+ddkpht)-O(?3!(nL8%b&V&LShUPKhKX`u+^@M}cAz_^A6^(IAEG`|;eA?(y;6qW
z7W3;!fs98Oj4-Y6%S^=|m}2=0b<OnKBEXBBQmx`ZLB*P;P|$&Cm%mJ-3q&bhTG(o8
zo;(JG81ooISeGW&{?or<m_Dj>$_8Q3QecC7YpJ#QwU*$jX`tRgT|1c|`U4X&f3@WG
z4vGkR<CTrCTfR0>c&%1lU=rqcYwmhc=MPM!{2omR_hpFf(<2>fG^Chyfz)-Hyd!|<
z(7nT71~rIGWzrm&jY&6yt7l)wfWZq!I9}H2i$^Fs?PA%~z4Sn6bEwt20_AjR`8OKH
zWf<#0|0X?)f)0#sKxOcWVNCSdZy3c7CBkpXO2EHav)ZCBTeauGgKey@^eO2Nx|ayn
zZ`Zm&6G;`fNK1DIWYaF+-=mwxrJEHEx}2urUm(@orn4>=1{$^99u9TzV~ScIazDu5
z8(`ZD9n!7!h!^v_!A%N=wHR%+Q&(Y^=DlAE>N9ffmDp~h9rkGNw#U{sfDbi_5HkI3
z8z9`Kvl<@UuVekjEWy7YG7M-@_UnuIZ2y2U4!UjadiemAw_~Bc+cbsUR!%eI#TQN~
z<iYaxOp#0baX<Vx{S+KHF6~NRLbS~7nIbbdl5Yy-Y)=t7t36y4*N%-YC<qtkh8yNZ
z``z|9Lk+tH87~@Y>yd~Z7S7cy8kOE&nhOnu=0`#D5j$JEUcbWY8Us&zq8NUAz(KaB
zXelu<c3|4GQ`~&}L}PHq62q(aX~~iixv8ZGGTM9l6j-?d@U3ZLu&CB4*cdZN))_#1
ziV4I<Xj)X%q#lrMv;klu6o!uhYDBa(QL3A2$7AT=KM}RU$cDz;uN7+`^ccyAWO7KR
zG*iW?TE)2F`L*_RNz~q+4WsR_owIK)INDS6jtJD$o-Cx=^|xn(0FM_!!4Q!bV?NiO
zV>FZW%=Y=Z33K&DyY%)9VN{^i-KOUhnEdEvUwffu0JEYgwDpKmif!$fuHgJ10z*js
z@x%5)VOR!{*!$YC<wGMXz{U~2*d@n|B;buV9v2_XkA`7Sp8xqKk-XZ76T9`RqXrU-
zLH@%l*b&&n*Y}zD{*@ii3}UlU%Z*nO`7F1b{T^8CQr|wA_xj3sn0@<Bwxk@qO?~q1
zI@z+3SG#1Z5r<XUYBO!MibmItcSz*|lnF2a=RbJl;#LqNQf?iui{=IwzDmmHD{#@a
zwk}$ZPa*=_mNM7EJx_dDUiJ(5l%W84kKZb@KOO{zoP3;=Z*EEiecZNg3SeOjBL*8F
z<W40k*sxh-!M9H#8D2@lk;<%`ZEcy}a$C2HcU-^~uRw{8AOSzZfDXc+WNuQ@No!&Q
zXrXLM!Do;ID6wO7;-;)a_*_;K-uN8;2tFoK;?jw)w!z)YI|IP-?Mwew4i<PQ8Q&A2
za7}$N@)|)C-uD~MMD}Na#54Ir<tk+GY=@%|Wi?}!ZumX@`V^kw;By%bWe|`WlQQ@s
zqWP#Oo^!%su0d8iMnW#35{=td)osDaDh3Zq;9IN`{u}~09!P6wvVw6SgqlMD+Zi~J
z62ugIYLp?<(czhtPO!!;VFE*Z&H-T}gAB&2*8#+~0>GM1f|`*c0<%$~M}vK&Kw}u<
zBXGpd1{S4T>~=))Sv7(p9yW8C-Y4N6hWPRrLcfC{z8S{UZ49wGAZ8=O710ukyep&v
z_$C)=2CT`@GR9nAm;f<C*GEx<L#-5#Azr!%F}~CQv~6XkBuIU6hBXs5NZ2c3kA#~v
zX^+12>dS6P>emr1MIljmq6Q(3Jw#Y9yl}E1VF~f6d%*5QXhal=Q`<-_+H-Fay8S}Y
zEuo7c&Z}Y`kqDothuFfTu8img3G4R~#sLe&h<b3i0b#p@sS;*MIA6kK2~!x>%wmY6
zI!V7#;Q9Crjx;V__5s$jiy>ZpLb$e{VN)6?L<)Z)<8^TiF}q{hHa3I2I)Er1WR@^p
z!YvXq3m&aP$Op(7)=J3Q@@XxGof1OVcwnhtO2RpgEJNzznIbKmXq8KjzH|#2K0Zw{
zQ3zhP0qms&HgCLy$r7eXI7LEH0`A;{2KV2Ycc0)FNVr+TYzcE1Vvm>HL{az*Ip9{i
zU??}XS|r>lp^sq;YislNGHew|aJz=E@Nabsjnu!@CHM`3DPV~2j5Du?AvW6?Du%6l
z1&)?5M8f3~YD(ehD;7+Zgd(|5_+xLDeCA8ohY(wq5{f)+!VUX*plOp_ZG{30f9x+2
zpDm$C*j6pDl+q@g@rhm1^fL5|gl(D|%fdzjLtnC_N{!kEX)dy|6=bc1SrTd{!qzXv
z`MU%!h59!LY-fnI4vTY3SSH~X!HdBD<${q4`u7XGhao1m3^isqVN4;3K~I<YnxH01
z=#Vgjt}6zeH^ORBR>gmZTa-oR1RZ=~d0yF^(vn$K`OY#|QE5p|VR`A*6&BEiTSzz3
zq9Q97l^<VGw7A4su2iUC53wlQ%+j)D<wc7NU5@AOb~sL$IO#;C##vP2#Dd9Frsd~P
zJU(@D{?y~AOqz7!@e5CIPCNdDyvdWNrA}Koc~SmErJ_;5#PR$;NvYWub?EpxvvSTT
z&s*ZWy0rYtlnb2Y6_DoCrBlXFgPbvOfuxM0in8LoWphAjV;)B!#R1x>7B%tw3a4YK
z&hK#LU0GDJ*pcVRaF)+qc!e|HHM_uB;woBH<Scg-l~lN#c?C+HY*AC^l)4-xPG^C$
zz)`fwai$Zs&2u>&l@&l-UF0fs<dryP&x027T$Sa{GxG9XrRB?%I?kewVS#}R|AY2O
zi%KAE()4oYtg9;Xijy2moUX!BlxRwFtVJD75(96D|1ZKTWw)q9bjhyFyo$n^r3KC*
zKI1KF924_P!MVJW!v3#XBw5svB3Y^E=#rw60%z5wNsfwTC9b@xA-0JYb%fB($Xh(!
z<ti^)Sm|<}?Oaxo<R~jIEpwK;ppvl`Wf!8ErIjVFp_Cyur&!dqnR&&<0j<r0;*-ZY
zN=wjE^PKrm@OgP91*J<QOI}I-u$q}7oauDUM%|b=VV=`P4nqZ81e-a}Sy7ge=gM>B
z7w1(}IEpG9C8dty(vrn!`Eut~l||*qkyqiM9E&PT@@f5f#YL`VB+XlzS5%z0u-HkN
zT!p|07o{d!)c9;?`SE3?MI|n%cS%{fvx24?PyqA{jtiYAWJ&2#C(Mi0r9x)SoLO1E
z)H(i)^3o+UiWbi<aXBfBt8}QD95Bq{0*ABMxddifp_FMeX5QH)i;7Ap<dD8iLrBU-
zJ<)p#hE%RpyhR-(jWI8;cvxEu8Lrt=#BP)FiWirb!`hdCM;?2li=95%qK+aHlh!cH
zr2N9X@=IVQ0rO3_s8dKd-0aLQSmJP2l@%A|7r7isi_1$Z%h1QAA0|2S$`@C%zDiB8
zs0qVM5~+sr{kwQ(r!mE2rqW6jQ{Y@!x%hyZI4tTg@;A)ORN_z#OoF5X^)*Bgu<i@;
ziYuK%sve>+#YvhC<>k?={%1!RUR_sVo{K)q2@4#iuZk0{%qUvytZ)r)l+!Kh<OA{=
zu5MVqq{<5Cyu!Rm!&ERNrdiWD&MH^-;xg?W(Fp^Md8S3pU;(be|NjR4Uj>=glQgs3
zDeA~6TJo=o`)A`1S<du|l1Z~l@=FV(OTt`+q%^Ame=w^ARs@ZgmJhGS5g1%p4fqOI
zQNF`;8V>F1lsev`l9_H=k6G%!4H-(A+>&xiGm5m&C|@?L2XJI0w<O3jy}0=NiafMi
zl8m=wh#%&*h6`y9BeSYp&JwzlxkUvPj@d?y=!Z;G{qNqGmoH;ChPeaOq<t03oLjzl
z{0#Ww{ADxqDqO|R@#njW;OL5+72{{m9e+kqG3<1n3yrg6h&kn-nOBy#(4ah{v>YN0
zt0*QAQXvwWIvtig-=gNR?BSl^>cXP@Lc_e1;HRABGm2bU&XUEh!a&Xxy2Hhl@ICO3
z%wArOLEGVE<6|U0P{5&b^>~?FG0c297oh|>3oAGjU?6nLa9}EO$b?cXDv6YV(S5q<
z1p`_iB0kEZ4nKhSUuaAtnTY|h;$PB_wkQXABpJhPX;Hzy47L+3>NryUmtiK&tCV3H
z1MkpmW|)mFDJ_S&mpSv{Uh~cDN|}-;RaBOhm6p4l1(%B-#^4?3^MO{KT~V4-jxiAP
zsA0+UIkT#YFm2+PT)GIuby8tb0j5-rd2`N~m*iNOmw#nJDJC2Fc_k&7QE?coEXF_!
ze>`5PK<}6}Gb3{tUsGX8MFp2T^U)4D%gW#)0%8S3M|xT1LX0A)`#)$*M=*ct#FMCa
zR-QAs0F!{$XBSMLKFd{sVzNuYYT4|JVMPVJl|ePLbjgw;7e}Xml=n|UT930ls}zNz
z{|@7Lj75!=);2iKg+na|HH92TmTpm#=PiS3myCzKmR6SMqkra<mKIlxN9V-6rC4fQ
zU?$F}EGkA93ZEjgXiTXw={ftHqWtpGiqb`{@fQ?TV1_x*RasC}I(}9`5xgQ8IbAOF
zqKXV>g-9Df%mcRA30L4WCbFgF)=2@*rfQQeo?GcEt8{5+F--PA`&~S{<loXGEGh(}
zA^giIi;AA(gh^vq!Ahe<sS_>ggyCi`L%!MXVa3J8oWUo}&95k9Kb{9SUP+H?P6U&3
ziYsOo7omZ&%S&CQ`K6dv2in{;xapYZXPXlmOsfvHsL?ERy0c<d$>O4tVP<0THM?C=
ziTKs=vnm!1@wHl15SK^F9P9(L;bEqS8A8#pNhvEjeJT37gG(G%N~%hG<!Z(lkT6p%
z!B|z!^hKrRP+4HcF_$j$-)0=9$VoFx7s<lp--u4Ks3}tAMVLW4=g&khEl6>otIk0w
zkn|cS1|-b79cEHMi3jGq=>I#XnH0!5#-ifRlWFkDm}g&|x2(dkD6hD}IW(_LnuoHB
zv&%6hsK|n28P;}(S=7O1=Ao&3B^G2##aYzI3;#LKHWxif(iID4mSPAoyX`-{KAe$h
z)w4^`ZvzY9fV&<hBZfF>ODs)FOA3ZN#6XeL3$Ca{-!0(W2HgX#_it?wa6y3)=HI9$
zSk$p>sU)anDO?zQ-T$OF*9ceulvg;1G7ZyZV1YLmOZFnHVN1)iO+Pv$f>N7d(yzVp
z{nK3Kx8Se%zdVxZe$GRWa+aq!mQ<jx78fl{aa>@m*$uam;+R=k%(e2VCC*A$d0ugf
zBT!^c>6OlsQx~3iV&2sJsnaH%G<k}1V(Ljp{dZwlKtiErnQ&ja*FiG;%buRWA7%c3
za!>rfs&A@4G2)ercx98IORB1giK@z$sLq?0G4H)QCO6L*W1ri(B;?1u!%p8xdzyK2
zZdv&ixpaONWqJ9|-29_*3t)||ykgm2l8u$);dW(Jn2WhlZq>9Yxfxu<<qqvZjV~)$
zs0z!<=gug}a~78tI_F^_pRuew-?gx^^u%tZrsD4*l;^?UdsV;njQQ}9Z<D|JbJ<xN
zcHQ*ie@<L^+|qeX3$qH`8EgKy?U3~s{k;0&xd-LVTCz5x=DHJ}YEJ*A?y+m5_O^{Z
zGWW_kD{|g(w!XIDA$!FI-Ens{{?KQueC3E!p5F7uj8k_`yglvFV@jWidH;-}@C%cE
zOt^8YZ)WiRQ7`@C`Tn#o!=8V8!nQ?+ziaLP`lIUezWcTIp7M=T&$;4Q|DkVQb@Axg
zuCs6Hy(}cYbKtq%(@RF4`|9?@mItzL-B)(f4a-knb<~#4*9-<tyX5He+b11=>F?`4
zYw+G5`ti8f#l=s&{FeIS^-pf@O36Ria{ByF>+c?sI_0o?C;z?a$;{}>AAfMi_!oZq
z;LOkO=(sxaPDkNi*FSsTmuQ^t@%OXYZ$d1xfu|HkWWcz!XTep4Kv%>GKs@Py3;_XY
zm`EDLNy9Y!kzSGzFptnO8)=yj#5xblz(3L%<w}%1n4tfV33-Hue940Wep(LVw9L$6
zl!tOiL;fN+i6tL-3aDii*s|}g>~p6(=l$o9&gTzJy3Bv_y;r_^%1yI=IO6yD_ip?w
zxb^Ibzn|||y5yJpwl8gQ2W1`o^XKml&OP?kcVC#AQGLw9+nXPG@Z#AYJ#pCLqrZ+>
zH|wwNPcEHM8T5SCUR%u>?YFOe>$exLY`*-<U~fm;=q1;D^UQe{z2Elq%Hwys#=bRw
zchR`nFK^3edanM8%BE#i`{ti^<qeNt^<mN{b02-$ecvH_9UB+D{MyNzulx9{`20gB
zt@!-h$qU-&T|aAK!PUDTyz>6qCu=s?|FRzE`z^C@e%Y))$25ObyxMo|{>RR%c<ZQp
z&kp*u{D|fYKRf^4V;6ms9RAQF&jn9-;o9|eCtB}#D|z*g6Q8-`p`(JYcp~WF6}jKO
zZa=PJ*=Fxu;Xm&Esp!*N=e)mfhcoo)x5K6^JmQTz|7z$NKkud~Kb^nfwuVnm2>s=o
z%FdMoCq*sz{+{%!ZV9`rB=+2=#y0$R+J|AM`cDhJ|HChyI^&$2wU4y)TpD^+*v`_B
z?9qQOSocTbn5VvKe<ywB_WJj3zIt*0jHfo$uW^Tuxg_<=ZQp&cY<c9Fx6T;()$-cI
zU*6C5sjgcYaoo3=CyXlFc=*NTbBbgB{^QS8sTYjA|Lwz1J^rMmX(Qh&h|IlnY~dw2
zZ`?R-{K<)tiyw@>@XL{{-}&F%d}GVahjqU&x4O@9Ti(@Y7hP;S^k94I6Oo^8IQH}I
zBX`eCJM54ITf~T{m^Clm_v52oj~{>d-P_`R7_;ia%J8fQZus!Y@2+3)=k1nbZuzzR
z=dHPmPI)2YkN-@$WahY~YmR!c@6~Sy3m@I{L;jXYeXqQmzbbY{`;qAfy*SEIdsgCg
ztDZb{|C_&^FzWtsw=Q|<<_TvfJT&pAzPj@UMm+mj@6`_<Tzp*F<2T&x%lv)RR|Q9&
zIoR0KwfFQxH(Zyp>w?Li?~j~4=cU!DZ#?_nE4TgCxHD?nx}R%azw?@plJ9t|>6rKL
zd#3aBlW*FSQso_yefjnqulUay3v<>U^xQAIw)A^W`t`E$&p+_<ic71XzNNQydC}X)
z-(7mN?cvuq-f+sc`0MV9?Z_|bKjq15KRBi;V#h`C`%2b7W*L~fzH4P$iSvuUzxdBR
zTVJ=19o_%M_g~)l-V>$MUOVfSh@D?=TK>+s&W9eDbox<~j=jS-@x|K~bx)nM^+eZ-
zSMD72^lsXH*RIi%L)M-3!@&E$PT!FobA8J%6An4&owZB9-*nE*d(O$(?hpBR&l`_?
zcJmeP!?IG2*z&CN-0RP{?CX%58mC@rS?#L$J!<;+KNcrk{O|{Fp689dVDeY*oO#fa
zck>$8-x__*iTmT4E;=Z!{+qj#zI!e2<*AR^KmYcVGapR5=FN{U>iDtZ^z-9hTNeM)
ziO*F0y5sA4f8KM+<)@a$eVp+@UDX3W)x1*JbK2vHQ&LiIPrv-Rgy+i-{`BbRt!cB@
zB#&sD{&$z<s*|E0{>Zv{Psgqcp7j*GTAO$636GY&U7YL6+;ZWJ-k>+1nLPQ8-}}y5
zxcbPh!)l%%oPU1TyFcH5c-H8Tn`n>XGzj1y{mx&1>wh@fO${2bc_EGYkNJo{vFXdj
zKO8*ii8l|b-V`$X!E1JOrk$|$<AkgCJ8U~Aj=kl^ORK-XDZXWU-IocS_qabvKJWK^
zhrIpXLx<gvxz&5t4~M<$m_B1>#;h~W%$$AJ*;(hznVWs?dGm74zu?087hRmUFu%aL
zXmMfD6;~E7DJd<xs=UHgx%BF)W!Frcbi(8*Q>UGndeU(dD1#{zVN-s>|LfnMMxse?
z>cJc~W^c~yUC?#Y;N)F*-E!ulS0;?Cy<k!O^QSyq^nU-Jj<0gA_}SIB@wnF}ycBuT
zVDc5G)=mxk;j+um>o{V~k6%~DJvi>#Yv1~G<Q~t|n;(4k<&#fbu<(P3=N{cRv+kM?
zCf#tj|L4djA|E<0;)=H?PP-%Zne^LluKDTRKbC)X(ux}={JnZg)69&XkG^^}=UU$h
zcRqL2so!O_Ma}sA`8n3{w=PP4FY%$Jm)tgc$(lEgF5mx4L0#dxgLii3Zoky|sJFN*
zGyBhPAAkR{(PvzE*V>zEJ-hBzja%P}{B_U#&@B(o3hPZdy!n;WM+QCnz*E7NgBq?p
zxn<P!xr_V0ZvXN1*Y<AyqQbw?b>x@#O<ncrZzuNKD?ctd^M^yPN*MP-ed%KhWA2H6
z`mn(ZPCNU>H<vlqf6)C`)sBnz9r0n;WOw*WlOD9iUX)ZlaQT9BufKcDBWH~`{_|^Y
zX??ll`whEKIp_Xkf8Mn1n<vv&&buM+kmExB^TgHf9P>$0T>klEqp!Q+k5{ahkNM=d
zqn0~sA86d$HtOjUp1bgj{lk$H|B3h)s_?aFxEB1~U^L)U>H_t(`cd7ceo!0Lv1*fQ
zRd1*cb(os0{#3ncBCPyT)u*mgAFC78+3HvIs+y&4RFl+`YOK0gO;@+5Pt<$rEOm~$
zS-r0|s6v&Zo>xiga#gLSsngVV>JQbX4po1t*Ho99qV84)slDn>b-LQ6qE(ejR1c`5
z)OqSzwOAdZepZVxFZ)vUt8leNEl`>23w5}fr+!ji)v3x=BW_QQRwb$qMqI0YSNqiU
zszJ?AW7IF|1GPiNskJH_CvrWZ(o~q5qXyK&YN{HgZdGp8q>fWQb%T0LU8P*=Ewx8I
zqfS;IDZh$QTUDg`R$Z+I)rsm#6|9!2dbLo!sNPlG>P@v=U7^;fBh~Hd5*4a0#f-L6
zy{+=pXDVJbtMk>l>OOUZic*)URqAu~oVrlut5?*isu=5z7u0rDhWTcTx=4*sXDWx<
zrsk^oYBzkzr|Mvps(MtZIz^3CPIZQQTKz{IudY=q)Nd+XJ)#m+h1##aQOBs4)N0kP
zj#fG9L6xlTQR~!A>JH4Sm#AyhP8F+aREGLq%~tQI`_*{$p<1eP)dY2yva6R>gep?&
z)k^ic8mCTDkE^d#mik-GRQD=tNR%ZwR7C{EL`IJY3m>U)c1_5L(CCQp;E_0BIwmGs
zMMeaThzbw2jtma7goKBx5m8~5py0^pks&b=I2R;(WJG9W6ee>c!mKgDR(ugOWJF9<
zv?Y9Gq>2c|u`p2)mgwN{kP#|uq%}r`M8#Nx!!40P5n&@y&K)o2=hyCEzWj#ouD*Kh
zFV|i>;_n}SeCnMmuYB;M($buk7hcF-FmYmVki~NMYl|0OcfoPTjrsDgzZO37?z>-{
zbML+D2bM0K)%?mUHyyEJMSA_qFR%Xny6Z-N|NHOXJao}TFE^ceX4D^h_YO?I@4m$k
z@7($4<+t7T^{fXTc;={%j$h|>cKY{}mtS&YclUFZk3DAp<j+6vKee^>imYRfxwv@R
zwCVpj{q&%pfBkjt%I({83#UxkckUf`OnKw;&#k}x@I&jTS6x+c@2*|*7EYRU`mv)&
zM_WTe&TD(=CFdDO9d+4F&p)3$F+Tp*6aD^?k)ffFOjy4@A|^b1TB6N%<6+g+r+)nD
zr^oF0=9{89Nl81df9RoGzOJl1%oY)GbHd7%uK6h`<EI>Y=<(AIJM5vpl9KN>UwrW&
zmu%SZOXqp#owM|mQ}P~r=bhKCd-&mN&l@-Hv=2Y~?5fKqOlUu-w)W>c=glj8{Eav0
z(^H=P_S*&N4#yFn4GwNw_TYoxK6=R|Pw%|qiZj-}`s#a&pMLu6@{>;b$amIRJJ)4p
z^>3O#|EyK7zkcPDy}if2@cs9n&%NiKgTMXbj~D7@&U|<MIp>_eX!2y=s8y?8Z<sYJ
z_N(813kwMfs`=~s>-TQR&d#VxOMBwzTW<O6?5?h#Zaeqfzb?J~_U`KR^oG#p=KD_f
zdbf_f>88xG)YOn4e*XF6{H<G`z53BdD<63O{rnkY$4+#_#vc0l-+#ya`O{BJo_X`l
ztePD=;^L#Dryg_AK@*-I82IGr%P+reYJ2;3cSgoZ;}1FH!q%RiAJ4z*t`&p-`Olfx
zoO<fUZ3P8iK5^-#$DJ@{OxqU~6&t!2ELb<Drsj>C=gz(U_P)MF8Al%ZpPXZlz4sK4
zXJwSz{Yv8*XN-I4yYJq*a?6&q<hZzHcYXBHr&}+(EaBj&sHOLP@WCk`?B0Dr!3ihK
zah-hf;c=0XA9!caj*JcqE6z+z+_NP&_tIOQd#>cEx8C}G=EjY8_AFf3by7=9=cKl_
z6W`jiXU&hxmYwkSmtW3Yvu)c&B`2Qv*!xSCG+NfKEqL(lx8LlTGiUegyYJq-tGM|0
zjTc-H{?opFN5B5{*AKknbT;j~=9;h0y#N0ASgZBz(kGs9@2#pTJ?rSB%X7z%PfWGj
zf4K0@J722Uy!qVr7hgQ;)&BnFw|@9xN59K8_Ov68_|Sj$*?oCWJykbi&6-ss8yY;j
z%gSafKkc-hs~&mep6!bk?eb)1hK2<PTYmlJ7n?mM=Jx0E@-Dw(>eS!vzwpA|qQ@U^
zIi#*`{teGQn{;wQ!sAId-<<m1C!ZYj&HnulAGdDZ<ReFodh*SpqO!Z+d#^scsp+oC
zKHsCq-+1GZX@?)~9ld(B<K?fun!Wn9*Z#ie{PU}_lasHx<KvH;gBu(7Uv%rO)e-ge
zha5U$#QV-?o|*LS7hk+sJ7dO{-onD?S4^M2Y1|DrTz&EJ$B#OE<j7aA-Lz@2D<|ij
zB~Lzia>~I6-+06&GtOy!`L5tE?+J=7nLd5aWBae_nD)`(^_w$JIp>3(_513Nd)0em
zn5XECwa2}2N6&<58=sqc(YamkbzVPW=QBZH9{$?79j?Fc3!WYP@fqzWebhGMwHseb
zn%??G^Mff<{~mY2(d#$eRs8V{M?ZS$zUSY*JL{yUzdq`b%0pkWjk;m-_K}OCI^*w8
zO;xGWr>p4)AFK{ux>PNF?>+TiYpZHqus|*N@kjMzdATZo?m6|`z4xkn*RNOWD=SrH
zSeOdC@IrOrh7D>%ON(mx^;h-lBaf&@UVd4<eA{j6w#G))_~x7HO^-);e)&cH5+1I?
z@48Ffm6W8CnwnJ8Ll3EkX3ti$Kl(_0G;^k!nVYL}-+foT`_fD5rPEGRr~Ul1`nkDT
zH7{PQ79VkhIwC$^#g~+*k_R484@{V#CVcv-`gGMQwQ9r&HDca8HE-`;wYQ@~bvT{M
z`SsW8>)UTvx8Hxi`ah(-2|QKb|Npzq^OT`vCPQSNsSJ@hWF|62=E$5m2_+;lWlp9-
znKBQV$4rSbXDT5fg!|s=^ZEYo_ul*XJ?`VT&f|5?UTd$l-fOMB)_d*aJe~6@Ee%Qg
z_6_+K6odrv@*=zr4v0fu9+JnygYbxnA!50?NN#H@(i#?qglT9X8p6Ve@WBCcU}J;W
z7#bpm2?<DoloTRGK!6a$$0PCN<OsR9H{v}uhK$L}Bl0~xNYC0Dvc|!IaD4fKe6g@V
zEKZ+BPRqz3GSbqBbVvviQc;0aOiUmX!^6mMVj_~bw1g}@cz`^>#6&Q^enq|#5+a1>
z&LQU*7!Zb%5~Re%1#yXrLZZUMk#P9-d{SCkg!cY@<o=Z_$Q2?YgeX5B$tNa8h<$tz
z9|{VDA}|mMWMxHI7Z;I5BO}CUW(JuVA4kS7TtF^#bRZokP9P`X{Xe$5JL0aZi|7gn
zAOZmaNI+Q`QpUvvAMENOdN*$(H?_17t@?VTeqaC@c=rx@Cn$&rc6TG)+}sHF%a_PY
zGBSj$s|)G6bql!#chE;dLWq!^9b$(Myr88e+$umga|SsBp7{O#KC)k3ja09$BCCpu
zh+=Rs5`6nMa@)xXaS9DZLetZc^zYx1@2aYZYD){!!pDd3H8mkk@RtpYg#~1RogHCU
zRz{SQl8~ggZ;`ie-XL%8+(GW_?jpN=eMnzJ1JW=xg-p4+BCco8B4>MhkzPkf#F3H`
zp|rL}tW#2u6e}yl>e(~oSz{y8sHTRfRaPRE&z~dDBO;K9>(`O%rKL#e$&<**pFfeG
zwY5m?&=4|o`7(03zaQxr7e~a+%n&mrB}D1T6XeO>9<ulQH}c!W1TlH~6nT1hh#VRl
zBgREVNYVN8$a!^jL>&tY!4efkL^n5)O*S@!t*Q#CGBrg^?d=i!$B&W6BO}NN3k$-c
zpnxc7Ya`liZAhEHKjJSbiAdhPi`@P63Hek|fE4)oA%0$7h?l-Tq7T1tgF{D$(B<SH
zIn>k$wTK8J!pMj)($gdKzkVUVu3km1GBYF0R8$Dn@-nhqSBKPn{)~K{pGW31Gm*^c
zX=FMw5{cZ{KsH84kx^e?#J8pfshOKY=453NSxrqu(+T#Xf8Nvl_xm68n(AEDzly%X
zWxoZ}^c-A@H!!4)U}7FzfB`JG6<BJopv!Eqyd2<iE5a~8hfBW-)oa4EW`OQLh9wpT
z%eNT1=Lbug36}Xq=<+8RW;2-9M6eWdVJIYFm_}gOOu-F(gdsMDq0)v+>j+Ec0l1%J
zm|FX=OiExnyTdZ(fu+9=Qz{gu!xT){ZWtmFaATe@)tq3d<im7)57QqThKLH5vJ|+S
zNmw=%Fnxu<Wu$`p&;d9111{+yT>5^Pjx8`uzA%-~z*1cTH)syi+zu{H0l2#i7}iXf
z?v}8Wbm3Ak!Vpixl(PocK#q<RxSniqksdJYkua4Pz;zJ7CHV|X_&!|byD(LI!7awX
za<~nyaT})SGnmc|a4D~XTN#5T+W}Lf4VFwWxB?fL(v&cjt>E%5gA08DOD7$sYb{Ls
zv#=a?!5#9$QZ56x<PB~a7u>)iEDKj~H^bnv3&D+qgFA@=H|_>Y=`Bo~UodTp!2OBA
z(&mQgdmg68222N8SOP;ZJ!-%uUxMjI4a@!|OhqqnpF!ZtLco=N0~gK-uI>xC-+M6K
zMZpyj!}cKuZg35@jW}>uv@p$Cz;%&=%en$C`36kOI#>=>;L@YP<$Z-E+y`z*0G8o(
zaKEkKGEalsngRFH1xro|T-OC~1sE`8M`0Q0gKO3RS5E?N*#=y054dt(aBC-E>NCSK
zE(JG{1WQmIwy9=tZ2_=saA3Jtf(sLbC4LgNmJi_04Z%HIz;dF4<wFndj10Cs8rWJ+
zf%{~IWvKw$(rehp%3({31-FI|TSXo$``_RiwZJV7z;g8m_Ynau;3>EQ6W9{s!4)3C
zRyPPP^BuS>W!MULz}-)PJHP@rJPuod47iXdu*F>imyZc9PZhQqVc6Pi!BuR6`woQd
zY!+Nr3Tz`B;CjSi>yU=6Cjs1+8o1<oaF2Z8?tNfeeF)p2Gi;%cV2j*>t)&9Cs{?TR
zMzFOcf~&Cy7j_w3Z#B43cG#liVLQ$O_q7LGFdn#iJ#f3<Vap+e?N<fd{!Q5aCBVJp
zz*fKoF7^&=;ho@$o4`fPfouE;TXH*WqiHFd;~V@v=|6)X|8Qv=2~?KJ`}EruH+#vd
z@Au%GTFSZRn*BJn9hq^P>RX3{H!}H$<4B+S%wlD_n$4GZee11%I)6{njj^o%q}GlZ
zW&vU4bd{{cIsx0T&%FrIfz!VqwHCgfC3@VJ;1+8vZY5W2v(M?;^{LREMefK=HMj5l
zo98wH_`)ix>s!fOA9@L&MwvBt2u?30L@Sxz_hfB6-25D4fkVD|=UXflS<S1Gms^j+
zN67B|(n?v<s5HE*?4e>ouM@kiDVqJgZ7_Jg1`{uFb=4o|%zgysa>6}I4}qdpH_nqm
zqPz?wEe?;Gqi=uZxP)yLy{2neFa6nA=<2mJw#(Oq`gICoYzLl+Xlo2Moykqh{ob$5
ztQo);Mo7j=X{|hs{X|l-ukv@;t(<f3KK3kPMY0VV-<;UsFMJ(pjr+}~VeOXbvqRle
z%Bi2<QkuLZpkDPDUZ>VhY$wI-{Yvz!QtDK!?Zc7z@0(Y({7$_;3c2#-F@<SomSfRd
z^~~>KrvA1%rS<njxK$o9c{9*{-u)W-qS^+3+x_7{mb7)WHme{0jQ;Y~@Tgbh@1nYI
zzBv8pTLXs|wnTxVbZ?o2S1#=&$v1jCnwNNdmxJO2hub7*bBUbpKW~*Ci+;|u_m<|A
z=8N+uOCwJ)VWxH_@{bqNEU8i!2H{++F}A*4i6eb|`-g{KeHI3L{)2!kh&w->&c`KJ
zEW;1<0#`gO<Hwu>FCZ>PM;u0_Z%146E}XrQuKp`#RAar*IlNf-=sIVJ5(a*V48Abc
zeEII_WZ6TK0|&{8b0XR7m#)6Xcw-r`7-?*wXOo`h(n4@<=rOOc;=OzBN-Fu2?LVs1
zvW1(<`mHQ=Yn^*!OYW9%ygBI5eIotv!_oaT`z`%8o}Wo1Pnvmooe3NWrgjn=u8v7D
zPUq4Rl?_jHr{>EWwJs|bCnh})6a0v`6mKbZdna>`?v%0v1EDYVtid;?k<-lE_6oL_
zJ=RP5yS`E{c;lVDsmZii#rU4JZ}g%ot8`}z--{*#0e&VKzm}rQ-K1Lum<MrH6aDE#
z=6oNSgh!=Tlr44>b5`!!KX8^G%lmZgcBT94hzttVtBkkbY~NS0?d<-7A5QUPD5bQ0
z9yf_N>r6^O;A-&;1+lM_D+D(tN!ON!HW(etqJ5Sx`FFm}<|1|v{qQ5pMgOUVQbOpR
zXSmlZ7UoQR$zAHbR|TwgsqOK67fBYr52QTEQ2nmPb0wmx{bH`Z{m(;@Y9q=Mn7^^a
zxqc-zsCNhy6N|bAN&4PAxgO#BV!%#RKJ9CM(?(M8cU~?}pNDn6OrM{NpEM2H%O^O0
zNk{Wzrr(qf@q<0DZpZN2PakENmFV*QVr3hrKE2<S#~AQ8yd$B>@Y^#K>xSTF>*6mq
z$=h>_3as2%YA?35K0LpFjV~!t?43Ff{`qags&98<r^cOrnf$K0CFJ?J{A`WeD{>w&
z#Oq3@y+QOoW83(N_oq2?_F73>=<F`J3iVJ}ojJl4`Xca1OkOY{``ol3sf6o>=S#wb
zYf<rH&z+hCevbYcoLQukd4JR~GogXlyz=(Ayl@8>L*_1yli{KC%W{#L^`|_Uog&u>
z@`y*-6)Swty!Ud)*le5lq%qhvIZVZ;`jwHe{^LS<T_MILpPgF)+y}BaoRPdgC!1K+
zvl}1bVcfTB`gvM=@(ZDGa@|#_ngCI2{{jPVJ1-&iS6DQ6uOKJpyk9btXD$9<F0&_o
zA@^)Sj$-AM<1`nSgJxpg!`Fj%pE)ZyUa#Z`jFQuMsIOH0=)$RmhL=QR3g$G|1D%*j
zFLrfPNah&M);2P{zI;;3ZK(IdmTq2GdnyCRg>a!FzjIHj*{qvmJgek`l+NgVIhihz
zrSGX!Kb^r_Xls_jr6G7w6P?Nvrf`Fj>KS&2Us+sxERPu7xsb6b%6+}drC09c&r;!4
zcQaC5pS<==@sdSE(fY{7ex43uVn#oPz4CPP&B1V9FpDMr32p<qq1xrhFFlvS*eR%T
zrrUB3TNPr-Ec<WV7!W4OOl3(|j>^$x>9BGtGQ0S$n8eFX>VaGS+Wjf!J6Ga9d<naF
zx&ljY4ts>QW1nTNE4RVC=#5tLiI$4=fR&qOz3ruUpU}q8mpF>YH;<fOzCii%E%y}P
z$g5EAjK&jN=6s#xmUG!*7i#;oC23Ngaft4f_YQD7`x6Tr1dctmTryfLiHczP@#t(o
z!SnZL5kyas4!3+Jvhjh`t;dc$^exTuYwX1iMm<mTv2|G|ZZi-jpM3XmH=_dE{QQMi
zS;Yry?-HJrnc#Ko%nj2sP_?(Fis(IJk)Wybwm+lw>n8Qa>$A0(@q4v<t8_SQ<3GMQ
z`uOR@eJbIaDR^~O?R&-r6{!#LH|5SbOqGiV@}6L?EBsyh&XnAcDEL+kcleI@XR?`V
zGLhQlT^d(S*tJ9N-%C3`D^f=r9CB8+``dX_7n2P4u8TAB)R^QIMYBfy?|pX3w0d^u
zImgA#{X;iMjGsO>J7ilJikWd5RSwd>Q#C52<;)@)(pM>#tg5zs#+REjXotq`;e*w+
zI6dk<^`8x&#o6nU)J!Mh)f)MO?J^IB9#;_A#3ZYp-hcfz=dv9w@$H-ADuD$Nv%%Lh
zO7D^-+gLyNsgU4*^oH||M@7^%3x}Tg`meQbnKf-gjBa>@unD^0^ebL;4WBnQplH@j
zO1EfOUdfX+e^<TI+tm1D*+pHE-tL68%66*UEix01HR(@7X^{pkTjr!ro_YK#AG%(~
zKa1Ymo^dQXXRDm8?iVOLyNEv#Uv}vxM(wrLZ$&zKLgobN4Xd-6Q_l?6@4gLNwW`Xk
zI4xOkHYv0dy(v)|5n-XSAzUX;+c@5ayA@z&IiIwGpM8Fg?MlywZXerAnaZ>YRM{hH
zorkI?sWNR&WvuW{gl4!X=Mkt{gy$s|BWGicY%r|2l4i__H#^R+dGiU;jto$JBkLc;
z>)LT+&Kn4zl{+ZO#fclAb6Dyfs&_yCoL5{~Ay8d*xO}{YwA$$ftt9@(@73ug{SzuW
z#I{#3QZHPSds}C1Z$)~p_oIJx_-&UJ%XXs0iR2%mQJ>YXJ&YP&pVbMjvPsOu?^u~V
z9Z{^##TN3oK&M_Lu7O2LdQR;U4X)%$vUAJQ+Q;6QU$2~4gR*mETL@AErttEf<o1~P
zndH7<VCB!SOV*7HzUgxIb)QsdqmG_f#9`z@1AA?xWmy9sYrnEf5&QkP{QMgebvldt
zE{om=w#!zc`9w`TB9E5oGM7l)gH(R|<98%A%tvKlP-J@e3<WlF7>{cvF)c;(a>cKv
z3m-Iycvm?oVqZ@TV`r7_c-L94-^5!GWvSU}wq;OH$U58L96K0q(tf3}<;R&M)A#Zj
zfh4_0oX&UFBR}QgHYwibXJh;s#zrH`5wWuHq(oTwM_T}Ou{)3W{B3qS<+1$b2uzwy
zhBZqmiP`%vJhz{3>L`o3Tam{zN7;EQ;tlUrXzg+vv5D@8-FMzsZ|uwQFW{wi%uB%P
zHa#S1EyVlqoBtgPLCyM9gm?Yybz#kDg-*)L9#I20JoiT4D$6~={*)3;&=Iz{>VI1}
zxdjK2lh-~;V4vHuNjmC=M1*)UbJg$U=RdO*YVa^I8Ac9t-Wbl6bQ7|Y-KBaR&4l0Y
zHbkj<zQ;yz`(gckdff2n&hV#mmgc^X`jzfp?Wou<YCi92*C=xpGx~~#;F$H?Es1d>
zT^q)Ae1fLuECSk<H%%NfBKbou_TmYwrMbEXbKL(lEGvxnk^fSFT(cRmBNst<?AYV2
zZGn7zoXvpvx}*I{mt~vg#G-kZ#&5Svxy#IJ#}h^3PrS<97yF>bTe!zg_VxE>4qI%(
z>;>XLc9mk~xLSltOw}cL3Hd=KaY=SJyII#a)j;!B?e3!7xYUqwb7;m-T^zl@(t1Bp
zqYmo2)xy@Nf#vPS)y0$B6;i26QtacHI`#n<Zm2|Y=&pF>Xq$|j)CxBp{NU+GsnC&!
zjm?tzr7H6A=_)(JRr3Us)~9qy-&QD%;?8bV9$@T6J;LAGu1HRAP?s*8GgTF3z**26
zo5|QvcNqG*s<3rNbh)H1x~9J0@<Wy`f2WGzX1RoJ4woy=SxMz829w;nr}X#u`#nZU
z;5{z*W%zsuLA2pBv|#w)7lQyI@WVjxjATRFb5Jn|4cY*d1OQNS8h{ch07|3*C}9Gi
zqzHf#H2_MO0VsJ1KuI_NC0hWLXaZ2u3P1@5043!BluQCp!VW-*A^;_(0F<-<P!bG4
zNfZDj4gi#30Z>8>KuH4tCGh~13<FSN2tbJn040wADDeQG<R<_nNdS~^0#H&9K*>4)
zC7l42_ybU41whFc07{+$P+|!{Nhts&H2{<x0#LFGK*=otN}>TMc>+MmRRBr~0Vr_;
zpkxk!5*q+YUIS3V4?sy603|~Jln4M&!UjMICIBU?0F*=mQ1SwRl1%_gt^iPS1Ar1-
z07~8iQ1T9d5)lAOvH&Q-0iYxYfD$4AN@M{jF$18a4uF!20F)#EQ1Tgo5)A-KVgV>|
z1)u~QfD&^6N@xKn83mvu0)P@*07^;#D8U1uWD$T89{@@+0VweUpyU?-CFu1a0H8z&
zfD%RkN*n<wIRK!941kgg0F;OUP(lbm$xQ%CQUEA913(Ee03~q%l#~HbLI*%e5CA0>
z0F)R5P(lwt$t(aRjR2IK2cYBx041aVl>7jogcpDkDga6h04OO2pyWFMCD{O!>;O=5
z4S*5_07^^%D0u)tNjCr`6#$e}0Z{S*fD(BCN+<y+2?e0!9snhS0F=A}prjpu5(WTD
zJ^@fd0ziou03|#Cl;i_YLIFUD5&$K60F-0^P@)e&2`d04_W>yR2tdh007?=8D9Ht&
z<T(H(;{cS%08nxcfD$bLO6&nB(FLGn8-S7+0801(C<y_eBprYfI{->t04V7PpriwU
z5^?}amH;T30HCB7fD&f_O1=S5au<M-1prD404QMrpkxhzl4<}-Q~@Yi0ifh8040I|
zlyC!3(gr|@XqHW*I{+oW0VtUUphOsek_`Y#<NzoM1fb+3041IPlw1O!qz8bKc>qe%
z04Pxhpri?alFI;;JOiKv1Avk}07~`&D0u@w$zuRYmH{Yn0-z)rfD&;4N{j#~`3gWu
z9{?ql0F=xCP~r<fNh$y(dH|H10-)qJ03|vAlw1d(WD0;1ZvaZV04RA2K#2qZCCvbo
z&;U?U3qT1M03}BNlt=<lf)7B+7yu>K0F>MTpkxGq5@i5N1^_70f;oo+LfwJEKgST!
z`Fl(OuO|Pb!(Y&}{~n`dP<ZmVEPy6@e~;zh)%2fqSwLL>9;5t;;XmmBW$6ArW`Wmh
z|D-b`@HzXRI#HKp{7*Xk$FKh1<6wAg{3qS~KlMYE|F%E)|7brgr2pIgQ~zl{9;E-<
ze%$}G-vZMAZNK?{>PK0cf7=h8`KSGYkp6G`1^&~1)DQpLe&YYMzX{SCLC51}4&#mi
z-%5guhb`VGDb>HVHze-WTu8^;YMf?Ua!p=5TT_-ZWT-x+HtE?TiV^DDWDNoIyrXyC
zA?*%y4=WX8GFj?NonMzZi`nxRDjWDXKdBw`%x>#wR=M&07nzR#WYlE_!rLQl8UyMR
zHIiqwE?4I-al{v4&zaS)kL+b8YxCOAK3ub6{T`NF)f~~d&3EQf0T$!)oPi&y)fSC+
zHSCvDw5Y#CkD6Fl?`Cmu%}7bT2#e2GTej3&8(QOUAK$sUW9Nb`V??;;MV&t%gb`M9
z|K$QfO5B%=(#8id%TGUuq<yShKd1eG2UDtOB*8z|A7k`l|9dW8f4_eAbf%Q5A1~d?
zMvc|C!i`;v&Q32pr=311Dp5+=i(8F)H?-7aAkB5wX5<$aAEi$$#&vH!bB|R8(uAFd
zW<ztsPB_%nPCvuhEi$p{)~#`<)4sN38N{6bcAE1kH=a~}ijxf87K;_*zD?>D?dB&A
zu8+bVTL*fjAtL%%HRr1%DZI3~etjftw$<(_y#DxQkM_wWjYppZBrFY|iO23T$2G_J
zuJqlxxNqIZqAgUf=@l?nk$3sR*%mvUN#&pgN^5fbS6OFXJAFRjy=P~`f=57jIr+`!
zMn&uXNk_w19nAEfcj`@KqYUW+F$Q~T=E@ub?6W>A9vMj~5Q<(L=`E|x>sxWF3ANsP
zb;2e}$>n^5)qKienkm07omca#TUJ-Lqew{I4Jb_(U1{8YnfmJ#<9Ex-_RN-DvA;Yh
z5?V}+!G&Ei!yuIyUzT2ltDNE77a}d=5>m)4s>W~{;}@qJXQ?^0#V47#MIIlinmTqx
zkr~PG3^kuV?aEFe{?2NqjDQaM>FxLJwJj7F{p|%ynJV{VPAAuC4tGzE4@is?j&Qd~
zV%dttw)qL}MrrbtPFEVG?MT&ZT{@y2`H`ylk@Fnu(+2L}3)HT^W69X5pQKpCecAh(
zTG3}@o!9(6ulj@;UQ-3JJ<i+>twD169IS3q=Wo-}6NxnS8HwuF%icml@l5GckB6pt
zL^6gLf4D}-xf9Yo6v<X&cCBw66Y^|{N*A5t<4;Oaav@q^*q9^J9asMnJ2uYP?_=5L
z5^%BCrt}mI4#T;F*1_n|B-Z_HgH5(AHcz2kLD9T8%-$Y-%i#5*@~<AoPsM1Qdu|Vg
zKekMm98h^1Oc$f2PNm=GTG!sTKuF~)ggY>!n0)6)%YjZoCqkBIIorTqvprZRieq=e
zl@$~FwO@aC1y8DHZ{tM@ouN5d8uPkBiS?IC?5WHW)t-HqcUm)xz0A!$n6Dgm-y4fs
ziY(bJ@C_)~RlnA(O#3i$A9LQm1!H&S>!{tY;h2ocYq`Aa1TyIh_{~BVS1L_rz53>+
zq74?@TBK0_i24N7-@@l?;E&-6JwAT^^Ys7r`470{<1#1y=0m?60rhRD{{*)N)X<-L
ziQpCWVc?2@9zuZh`NO@F!YgWn41@-?6^EjiN=iw|GIGR@`D|8!)bva=VdSc!X`&y3
z$d2k7dQU2`OKoLO9U+x$oTq7g^|J!<SFE<oPZ}QhIUXAPpY8oWKes}U(R2U(`cE3_
zztMBqKr|5m3G@rds%@aB-XJW%Q+WdwRSF!|E|6EeKypO_tECPE6Cdms@j!Pm0!bwS
zd=Y#L4sc+YNCuEv8;CiuUMGO2@&(>&8Ca|fu&X5imF0j`15suL#1So!Q?G!C+5&Ej
z1{kU=ppPnmZXyHPD-MVyI-tYKfDKy#(kvEer7GCx-U3B-59lyCptGjI#~UI+z>?Vj
zT{Q+|m?&^pjX*UC!|2}ts!0+0^#pb=C*Yw{fO&cf1lMaIuu6b8n?RV68DOVIf%N(e
z<drJWRPsQ1r2#*t0(@965Kx>zci{m)H3@u`Ezn#Mz_$qi%M}IeS2R#o9YBhG0)omE
zb|FC^&~5=oW&wm-I$U8MAhNW8)Y1hCivtKbEJPOgHZ>rwZUaO24){4~V88Z(P%8wA
z?IP@x&w&%e2HGtZI5lnH$=2b$gb&bY0YGCt1PW~y=Fb|iXl}rlxd4fl3H;g+aBG%8
zpM?SAwFLB=7tF_cpy4!uoNEOpPYgJ)e&FMBfygTY0?qN5urmNstQ`2XI$-XkU<TsA
zZp;mQ85+<zfzD%e4$Fe%K*}H$5L{e9z~DTH03-{N11W=4K+p&T1B4GE0Lg;nK*}H$
z5KIUJ0|Y;nhY*0^r{WMfkTOUG1Q!#*0O5lOK(Zh?kTOUG1jC77fbc;CAX$(cNExI8
zf+>Jtfbc;CAX$(cNExI8f`LIWK=>d6kSs_JqzqC4{UQFbq5s&>e{4h+BnMIkselkn
z_~!r+K8OG$3z7pVgH%8WIh+UKg9t#fAUTjSNCgD60rVfvg9t#fAUTjSNCkuh!Fdoq
zhyWxDk^?D&R6s}woCo292tcwRIgm0)1%$-Fc@RE`03-{N11W=4K*(b_55fl#fMh{(
zAZ3sWNJ~iz9Ry?-6UGS~6%OjGAdtd0NfBUUlA&}T9w9Nt?V|tZ=i+F-zqeBuRsin#
z0l4P{;NBeo_kIAl=K$cI3xIpA0PYC@xQ7AYo-KfTJOJ(;0=V}9z`a5M_dEgI>jH2u
z1i-yc0QdX>+}i_i&j`RhB>?x<0o;2D;NCERdszVP6$7}J3gBK2fO~EL?ll6qR|(+W
z0f2jP0Pb-BxF-hSo(zC{I{@zW0JtXt;NEip_r3tQw*lauD}Z}r0PYC_xJM1(9yWk`
z?Evnv0l3!!;NB?!_Ywfy!vSzF8NfX}0QXJ+xEBQA-YkH7Ujf|X1aR*)fO{SQ?hydE
zcNf6Da{%t025^rKz&&RG_lyDD%K&iiDu8>^0Pc+fxc3IYy|V!B%>lT_58z%XfO|Rs
z?!5<a4;|B00QZ>9Wto2ixK|3`o(X_^_5kj61GrZY;GQIad#V8LsROuY2;g2nfO`V~
z?yUj1R{-GNK7f0d0Nm36a8DS(y?X%eDFV2+3*a8mn3#b8?r8zIcOJmKbO87A0Nm3C
za4#FcJ=w+}*=PXw9s{`d48T1J0Qa^4+^Yp}uL8imaRB#N0Nf)7aPJ7fy-fi31_9jb
z1#piTz&%O;_r3wRcOAgJrvUCL0JwJ&z`b_>?!5qTF95*33jpp}1Gr}j;2tf2d$$4H
zGY4=l7{EPE0QWutxW@|M9yfq{F#zs`1Gsk?z`gGP?o|P}M+M;CB!GKn0PYb1xHkdd
z9^C9q3jw$%1>hbbfO{$c?%@KscLu<{YXI&w1GqN?;9e1cdzJw1#R9k&58&QBfO|dw
z?kxhi*8$+3IDmUj0PaNrxHkge-W34%@&Vj)1aMCuz`dUU?yUg0cLTsZUjX-B0l0?`
z;9fO=d)@%<u>-ir2jCt(fP1+B?v(+!*9PF;5`cT30o-#3aE}SVJv9LL>Hyq(0N`FE
zfP1$9+`9<iUO9k!HURD^1Gt9;;NCWXd!zvFSpc{v3gDgrfO~HN+zSJ6uL;0C1_1Zc
z0Nk4aaPJp@dx-$<Q2@AS2jJdE0QVjNxc3CWy%YfV7y;b758&Q1fO~xa?&$%z#|7Zt
z6o7jV0o=<3a4!PDJrV%-8UWl|0B}zpz`dIQ?#ThTmjvJ*FMxYw0Pd9lxTg!?UJZbI
zGyv{3!6woP>P0sb2*+=-;LR2RE*5-YA_g8IHYph~LV|;Z2aqr!8G?g}OH71Kf<cOn
zi%En<f=^5azbc0ZUmFR|h6DqP0Kp`}Cd0?UCBnfVz$YO?NU<@oi17$<u?R_sVLt-?
zm;f7}j1(7x1d{-g5qx5795O5-QX)b!9E6w@9~Tpg00WN%n;-rO1HI4r{|bEk|GWR7
zIPNPvf%`nZ&jXKpd|!#)3!?Xh=)Q{H6QcKl=)E5~hzbO6jp4okL6|{YAOVmBNEU>8
zWOL9hP!K2s)Cige{S%bn0NtN8LFnHO5H4o4N~ExUGB*gv<*Eet7v<OUo0}1Gi}Xj4
z-V;nmGm&({7Fg+vwwT3s!fL*Zjsnu2SAU8n?!Bj$u4r*DYu`^)OkKq%!-e0*BqGMb
zCLx6Hf=9b>e1Cwp8@*RXBk27yISBqW|KI%|rF|&=X2O7s<RIYjjtijo*5n|HzlAZN
z0&)<=--<AxGI9{b-%2r{Vsa40Ujt}q^g#haZ#FPM<RA(ViWy;m$Uzi;8-W20AqP?X
zZ4hc1EsZ`9XdHZdE0l-W--cp9W641je;bVf4JQXt{OthRWz;fS8ht>s(I%tKM4N^-
z2W<js7Bz)dk5-9RgBC@zqgl{o^zb-9|Dim@(E||lAId`<O$0&zp*+NoM+)sN+G5n|
zp8}8q*&vP<1VR6yJjBsTK+u0E5AowsMn?+mE!yHg2GG*z1087881x^CK^!#-g8st`
z#L)&Ek22(hSG31yt5M5nY4m|M4!s2EutWc$>f_-=hw%7<p^b)u=#ZepaNGg3)u?5(
zH2OfhfHoVNh&Byv4%&p{3yhjWO`z4HRY5T{JDLSeJ}wO}P#)swAfN{z=s%Q42LU}m
zuP%CpAdY4@?k(D4)GEY5=mVWJ=)j?cq5n`G9W=BcoB^R%7`;kprRZp(Jw{uN8bC{<
z4|JeWV^H9D!l8qX8ivB?6oB%78i9^9I$CIt(FUQG(bDJxI)@HFI^^guLwRTp2pvXr
z=+H((L3BvaVL0vp+G^A?S{i+zT|k?SHWh6i+9b3YVD`9^s0p-Mv?{d2Xc06UY8j29
z0i6IKS$O$3p#Jo~eJb?nI50tg-@+oDhOhzQ@Nd94{PSR%W|}75Al<;2hQ|iR2Gb$a
zAt^jCnBYN*K{|aneYgRSzu7S$I}>Cl{hJ*FvL6@tn;iqP9~Zc!eg*v#;XljkpXU7k
zel<|2ng3$=fA1gdi$DGytv~K#a(N=F;_qtvDa`aw+D57;d77X6tjV^VcOCA%MKhyv
zzH#hY%FBB?nZ6yo)9>AK&%K-T^sX!;kS3K=pL`v|{`><L1t7kU*RGs+=HD$!KBAeX
zk+0V_aOc$1A+ZHz{orV?p47LqMOFONIez03j6^u2RL+h8HV36&%!|#0?{}`7I?04b
zweK)2e_IVY%h{ilr$r`yhD#uR@S=(A-8XgyOnCH>waj1p9u<BU%(}hXC3SkAr0H<)
zhf7_;=Sx>B@Hb!8(?$q!l&q*(hlV(8`7~f$_pqX4yKs~H#!~F|5vAdV5@BHLi$x1#
z+{+5`*clU&VY&qmMOYsEB6hchH$zz1*f==25bz+t_dg#8g1>?AzXH*J1>*l9ko*q;
zom>B#K=!{3=z2VHf|8O70yPAhzv1NHaO%GT?SF;S|3jer9|HaVGBErv11$Z(|Gt+(
z*M%P3_?UvM&>J8K((pd=0!Zoa`^jP1eF37QjCB6qZw|f>*=6`;SQv*ikW|?(Smr97
z>HVC=!wuziHQ_O`ShF4p1BufaR?dSKEz}G)i_MRYhFM*tZ*mz81U7c~upP~6UH2N2
zZMmc$#y@pB$1j|>ZZK<fx-*kj*-_-aQ>6tznJ(*$P(8N;jc$R|BYoBZxuL8M*$Eqd
z$<P=4M;gfF;9K4znI})jnx3jwDtKOfA^x*`t@>P*(R=L=tLr;1Ouhuh12^x4@NIpI
z(QPbY6*YQP8_4gZmStU|MXq8q$Q%5nK897eGM!p_nPUD?nW@N;nryS;fy`6EmwW@;
z?`{PD)_d7iI`WFQDATEOI7^E-rRj$(Yq*4_Gx3Lp`5d<_6HR^wb$wc$)K=X&mA8j>
zmrEiGD@s2bQno9$-m@}|Bcm9J)G>&|mb9N1zp(ITTbKK~zqeF*hNtD!?_64YW_jO{
z;oY;br|7oLINfS&gS84`$zvqG;*_^N>~0SwGycHMNu_$<A?|%vao8Yt?4W*u`K5>t
zBp%n~Inv(5b%wg0;(dcSQq|1fK3`j(;UjLTTbQP39r8d(CZzwAS8iXH5g+m$d%^oK
zLW`hKrg{6i5RQyQa7U|^-KcT5XQzA8a6ieZu8|NtiS289?G)54k(6nRq64wxN?|c%
zKhxx9U&vXC3C90q#KD#}D2Or*QXN3<>YnEoLZ*7H8y@8vRP%_pdB_bFYk3GYz1Si$
zjxB7^b>N^P;`z|2UKrAws&M1S{?2CWy}~CGdUR*zh6`lsa{6bpS9mcsnA3{b>pI@(
zO|2xR)s4IsJTd3^a)f*G?4@`v#rl_aWUgamo!SN44&DWfGTN*uFSHAK6o$Ch<&5vV
z-1i&8iN~djo&P4cAk<Pee3KQchtRy!DL|snvDBf#d;gYw=SM7(Ny(|<aVzp^>z`su
zV_ZYV2|Y@0TF7cV_UW_}MSJ!&?fV~;*Ag<#s2;X9kbfh5L1-XZ#IJxYqf;7g!RISE
z?bFR^5H0sLHEOhoKEZE@`&qXK2Eoy@w)Gn(?PIbNAAP(?zYVV_D7g#Km!@@}`CO+<
zAF!)Hv0h4gX7J#RM}nSsQFbw>->}B@4($Yw82tt6n&<1-ScV(tu)9{oPh(6JG(@Rh
ztQO5U;t(a!xYP2{S)kU2<9Q<cj<WtUeY2wht5xFu*H(TribS_Iv{pvkxbpA4sADR=
zrOY<GNp$~(kA^gFqTICn;_3i#6^RmudT{Ws5B3^L*UX6hjA+^3C%Vx|O#B?&(h0j;
z$i~R;oR;c(_wsaXowK5TGBLB{C)ZZ^z-62#;V5BY2ES0Q^le0!-`z#K)0dQcFnwBg
zviyIh$*0oXkylyoG)BmxKR4V6zD9_RgNu)Wg-1e63V%l<BEuoWhF^Jte+9+E#Udsp
z#K$8eCMAIH<iH|=cZP)cB-n&_#0VKCJ}Cw+4rIf^!^I{dAjTxbz(+{QNU(75a51q-
z2*?mZ3>+eSQerF;Qfv%71cwld7~a8P62L#P5)$B`Zy|B<NJ-!ajb3TKdc`0$^wA}!
zMcP+DvXR&3-LAHLj^nAo<g(=TM{WIkxs~+Em1TrKm~5Ks+bSAdTiwKBG)4Dr%KBcm
z_IFM+3vr`jW2TDv;$@t*{EqwLs6@EFq3^JNVc5Nd`9WUhAo3u1vxYtpI0g?$jxfVB
zGeRE345@GouV@|+9RJDrpFEI`=7q9w=1(|2`db&2KhFE-9GVwBI<D)u{^Js8Ueq4)
zZ#{qQp?T4Ccre2e<U`v6c_9R$PiWiF=f7pq_}@C1{~p6R$N(YeZ{9!YXg!bu=a^3&
zXZVZ7c_J8)7X$sPF$lgF^!S}Hns$6IiKgMp{!ROH{3nk*r2ox>zNJ3S1Nk6ez&$7i
zK6)N>d=7p6a}I&}k8Ppp$H(vj^`LeBv5BTb-oI@@ZU6Z`HZ<)|**|HJ?Vq}j)6qD3
zUjDc&8ar;&UmIv0$89)n^Ph8QJN~u{HO&lS0U_AX91t^z1%w1a9K;M_0l~*42nL85
z!~#OEA^P?Ty$&oO1RLTYW)KSq9dis2j6alzcqqg{%pevJ1Wd4x$qWMfm|!0h>|=s`
zOt6oM1VJ3c3<CR@U>_6gV}gB5un*%!4&}+AJUNsnhw=~yfqf_s@gRtUz&@0Rcqqg{
zU?0ju96@BkzAV_61^eiq)n&oHEZCO?`?6qP7VOJ{eOa(C3-)EfzAV_61^cpKAIg(M
zd2%RE4&@;Z0{c)N;z1Axfqf_s@lc3^z&@0RI9xZdFAw(R!M;4$mk0auU|$~W%Y%J+
zurCkx<-xu@*p~<U@?c*c?8}3FC{GUM$)P+sl!rJ7>_d5o2SFSJ_Mtq)Lm>_V`%s=-
zo&Xy@;{(xx(2&R<DIcpK?%KcKSpIyXeA%Q~Uvh(D!zd?2=JALbePLn&-WZ0--4pfq
z1kbei6YIH~*1H{+P6oZe{gmRqk<!#;moguwRKM2ttck2AllY9wxn<shP<Pc&`6buJ
z!*@NeYF|urY7@-s;KV9v4>W4nB${qhihVJnZPkTqd-g2VJ;F*(2^KoO-%jT=C`lxA
zbZ-;hs3ElX<m+q>zIV>;apqD(mYU7!yju^{nzOYX+i8~`zdwVUG<r{z^yjS%dvcnl
z99n!waYl77WzO>25|KB=^pdItV^=i0QcX5p_-=j=iH5IIeC|!<-4Tk9+5T|vs6OVa
zqgKvN_HO+TZ`U?kxEL-V4-gubL2IB5Gy*|_B@@TEK6fF}?^oG#*39x4J0hwG^Yi*6
zrc9E2-Ivuxo>X>DycGJlRZPu1e`^JQ<Dt?;+uR!;lA<^Z13dQMJ;rtB4Qr#AqLB_H
z*$Dmm8GGeMF7`H`%bTg`buzL?s@m1H7k+(Tea<MJL&{C4`TK0>n`?Ot7nf$~>8eA1
zMSmh$(z$D<rPzBCZ(<lpet!xhc=P#ce}>49uKVHI0gFUp+V9>-P>C?^_C&<|d}=UF
z#bET~nato(Z)^NL*6|Cv!rVAX2f<7>o_EM5<QBy4<LNw-WA|dE-h0hQb2;$(?BPdB
z#}lvflvkV=AD`6yR2&`gzOCWJM=ZLnyL5X6rGg(Tx#tr&i#CeB4*ve|B3rh#cAwCR
zQlI=Du~YKrnF#L!cOPzVcG01f#z;H@)7cjTt8FW9B;@LDrG0g+Zy<bp&9Yf@Yv6fS
zcFYMPhdJFwp14EHBcspT{zZ8dilXA8!=LutV$DLkJ~2NNGUxdfdWzq+cjjE1&pGQe
z?_XvSJm6UTNNc~`G(fDCua;u(ZM=C&-AW7#lazJL=BujGou=l3ly7sVZ`&JUhEDt1
zaD+Vn))niiKWtn6(nI+g^%I6EnP8K|1H=ip*S+$$GnaO;!V4xPk#IA<R~Cz}GS2NJ
zPcOadotLe@v3*LrhUn?CHSLt}S2brh%crzw@et`-F9g=MXvPFD*XLqWmzM`sIjW5X
zw8WjXPVise_F84RbK7B;PY~D2>*uD+l5)h=SHFH`hyD04p<_k<TYd3U7tQCkt9x~{
z*N`FmVQbUqu$%U$82is@Ka+Z8t}oGS86ftd^pn@hqS2gleX{#)JjbhQx6=o9zZl=n
zd!QHD(=MZ;SSTl;)AY8a&WKQ{+K^T#uI2J|q7vSFUrNM=cv6^S(>Ky?_-mRwpXom5
zJsX+)w*4JdM+Ns*&mA|4`r?nAN*ZriFo;Rw1DKRv-qMG!?^d~KY#~4Va?3aVZBWwm
z{VRHNue7Ez`?>W;_z$Ew630fPiN`b^|Ll-Dsp@f|E2;l{Lu_%;9i>CwrkK%fSDn=-
zw{DtoT|0d@Cj(!cuyd$2=*GZF@t8oez#j)ylr_7wm$<Yv=v?YbPskocXVZDoOEb;R
zz7wD(i99F%!mjU9giT-hA;pzbUs!Bz*9A>HuprVfcraRh*5BlCf&HRIO|VQXUM+bl
zJ>FB^A_AYU_3Z{9TBSv!zO*b^L~lO!#`t==nLZ_Te{HyM=gChFf43y8iw^NwR@2!6
zsTr!t4^*F(kr5yxmG&}?ksJmYKN?ft%Qvj@KKp*bE#KUyLxoIOj!ynQrrYbbR58S_
zF|C!5T|~57rRd7q*jbFVD`&KRR!siv`f|A^a>wd%qE+D`zqg{V>ET<yXwl17SFCr&
zOps3A2I||s^7I_+ECufdPHH{Uj&oFgEZH*rA#3`uyDaLn={e?64?hb>lew|@<_TIJ
zEX*OhH|9ce^PjHYl<y<g-~Rme^Cs@P@=Q6yV9p~Km0tdZ-zCg~-%AYHV(HG|XK$UV
zI(heX|6p$FDaO>ij)?+$gHsN~b9+fA@>fhN7CFfS)qHsNznVxZ1Pab$=MG333Gv=j
z`yI%<|J~u$i2G1`@avES0gtklCz%9u)i~*8ly`Pp9@<Kt{lzbzpXhhwNnS#ucILb7
z1si&UhF_T^bKebZNti0%PWpbNsOZcxaJ&;fQd~KsndlJuD#r5Qc~jA(`qYynDdpDp
zCXqPe=d0zL9BHg%U3OkOU#*I|;zZ(t6@)*-Ajt5vlMN>=cGR!u4A(cs&JeZ*qq`;s
z@k!zDNMzIYZc@7`c3%v6&ySBABAs|J-klf5hJV(-Al#!0OQAQNWBPp^*UnZf-8Ouv
zEtzgJKdHL@kj0O|x9>~phqLD`Z<G=>Cd4S*WUIz{{_OrnO5r0M!<^D@Y_&a%vNae}
zhRGMGuIJrcx|NZ}_QPKwd_(gth4tyO8zWShG`Ft03sZh4FyoTxzd#zVL(uV77c<Vt
zX<Q&eHtC1-eM&nWnJ0Srq4&G<yC%&tGnRQoIa#RA?)zRjViI5X<YLw2)cPrj`5?@U
zVO<KZrYV86$rY!gfsK##<~@Ad!IJWzN5k2!3BfgSGm%5(dR5pDG6!a*?5+!sy!=+C
ze61^!Muk?|{oq|<y+|;I7yHW`-SbQLeHP!&2#-^d&u~#@*|Vm#5_6hgKkejkUB%UF
zt=N2DXDOxOg2K*=u=bZB$**r)C}I<s)d@A*_|_V}?vS#5sE51B?bTV)Cb=y)E;^pR
zyynD0y>N%Vo!FX!Q}3Go6R~%3lHOjIEgxa6*qym(+_zb{J9uJ<EXtG7z3u8~-`y$&
zjH~x#vQ3PMnx7e8Y7tIYIQ{M5A%4!otf$OB6By6uoC&}D;=6M$zlFFlY5(qxQgsK_
z{lW}f`hrUiK9(CU%^HDZDXY4Vda4~Sveyi*9aZLPKFcbJuVv?ZD6uj5;Q45n?s|o1
ztLleI(;!8j+B$)th{qbsw~B+$PauM6<4#8xmBM?b(p#e51XP`jx_VFIgnUJ*>>%m*
zkNjP=kxzSl3JU?}FOf2zpj2-6meTC_onGU4?~EH$@A`bdgcy#y-8c0s--!JxUhu36
z^?ljY;4h+3U*Wj)Ubwr~FrZx>dpT$Ax5&phA?@o5x?gbhtUFB!=lunv<tDX^W<T4V
ze)CWwj4(t`B(IEj`Lt^&V?KF|>s^)7%Jm%$AJ?aig?!wjq}QSfo;L2WBJde1dLK}V
zZ!*r<HNO0{n?Jbmh948Zz2_x9#Q_@ED^*b*_ul<h^P7%+Y-@*+CC`nYV?IQU<LNHe
z<F3K>Ip~Jbk6cAOm+bP${Ac{9HRqmPCc9PsVe@dsjgXBe(PG4mjHVnzFuDAs!->%(
z!)xUh%@c$#y7WG0(S7Ld)nD+zzQt0SQhBF0ZD6e<VqXBWt=G!<@X6SoL(SJhJPT%w
zAQq}n8=pu9*R>Vpw_R)1y$t?J&WV#*Myic2W2O#WIlaM~ymX~-e^Uvn`Fo#({*Ms)
zze2L`2Yh%yz(yGn^oSfylSPxzV@QW{kOt?-;TT@w7+w+dX86xJG=`QrE)DgdbwQaw
zd5<$4KcQ)||K>fe_n1q8`j6}Vr_MiRq5eO1j@xov?zsG)Hlk&~-f_zz-*G$t$pfj!
zeL#((=b#;E{b>F_I_?vi3!8jFMz8N_i{JozIc^DtNi|K!E$6cfFH`bNE)98^US+Z;
z+Ph$IOO)KXF#h*R?tN05Z8fW>X}&_9TMytnEuXzqQ{HKrctw17<47>pMt-ZKwYx<5
z6TK>SyiL`w^HY{*BSf17mhorbmiT#|wpf3onJI=rL;nMZBPva|=a7}Qa`b_J%yWq+
z_~NO<ScZ?XO^IsHyR4-4m>7RKx-IQ==GAK7D(fU!K-J*4d%<0$g}P>MEpV2ie=RaR
z%n-%6f7<M&XHVaa(FtyT!@FA{FUo@qWbVwb@<o2SNVZsyD|+o?=Xabdjtms_cgfww
zj0oOh<(f{W2bBe%Cs*|%_Q$NSJE!B*G4dfOMzRdoU73b)nBcmZ7RM>+(cYy*%#@$a
z&vpYV&Oag49Y}3G$rKT&mRFnmBdYQZ!v!}!P3c8f=K^mMTi1-F1!1ZXJWJhqx*wtZ
zWP@d#!c&RY(maP|KdG$ye$`K)HFuo2tMmZx_2v84{V%(tjM#dG?v1yvo5bfZmS28G
zCwnP#xr*gm&By1D59l5dk@`HO?67=($0?a;n(y~UWn9$>gI~{{tPqVIa(z`_k&XO%
zLsg%ROI2wpJjszan&HHQ2vNnK-9>^zjbnv%eqnFBV)?42I3BHCs5kdnALTdq%BLXa
z6z!yWIiuAbac~{$3E%9>>AqQ0{`WRqF`Frca;NByE|DBQoRo}9-yw>8*TJcjK(F(v
zpbb;;DrFgY(WY5y%5$MYd6m5^O`a3lUo4GjWIoI-c#bQ}wZC|6J^w{k`SEz@)6q+>
z+=jwV&){UbNwZ1h%BjR+N9Nq{p6q15S5bx;)Sp{az4AG{u0pH%_EW+*;X1RLqtNCn
z_R;5*rZOG~(Z_34I<9fcMG11d-Sv@wog&e2)Vp)r5%ZkHE}=S}F_zRBA~O3(rnvCy
z=f8}*v_$FzBqTm)lU&F<-EMTGaQ1Q9rM~Ikv$DNoK4&J0vzEucc4Vb5(GqheZuZw)
z{;4+~%6d`f&85p)PagG>@Q*PsIleyOf~)N$-|A3oAi0>~(j;r#$B2KYu%T7+0<E;X
z#>uI0>xIBEY{Oe?REeZ*A0++m6^RG4<lUQ55V~Dz`-{RQLgt#?nXR=s1Kj@Y5v#KU
zo<9mtn=!uixMGvd%Qfglo>&)w8EsDa)Bm6;=45`{L4~;9`ROcL$pG>b1>O!x0_Edj
zxXvMSX?i8O<M)m6^>_HMw1~?cY33N}I29=yy@~fQ{2j18(teHLxnHBI#{<Ves{P%f
z&#{FZUmI@6=GeBbCEOIg=EpcAnB0|5EnFHVH(xW~kbG0xXM*Gr^WF=djIvwWyLh+n
zNcqmQ-pr<|ANlt1qe3a$Tb0%Cf}h@0X*{@fa_H~|XF5x`If3twjZe{gZ&C<ye+%*w
z#r8O@dS}18N+uHgvD&PmM@y62CXgaz#9`{=!LU|x-xCfGX2tzlcAkdcDoi#!?`%IC
z3Az1dKBIEJruo#c(<Q9fH*UX9DmpXWWGc3+wYry45mxiPI_Kgrm0dZ$`al;(VrLLR
zch{35YYFk>+hZ-d&0W>Jjje|q7o|z+y+7nnYQ6o=%xg=Atr+wAj`&K+7jyQqZn09r
z&HZyH#PL!wEHnAJD2d}7mej<*@acY~@4=U%%ZeO~)@dS49g||Upi8G>f9bB!EQb3`
zeP?-y&3Co+X42v|OTE`aPO+e{>-_?$#$V}1adx7nKV5yV#G~=+n@ID)owVyKr+P0K
zdV8HI7@=11%e@np6k%ul?CFd;>PykEk<cd0^3(d8D}_Uoot|HLad_Zmm&ff*Px&sA
z9VTeppe22mHzKx69sg=0|LVCHRi9`lSPJ~L^PhY_wTJCGXc%<=<qze|Q%3I$w#U!X
ze7?5lxNoi9<R0=vf4Xgga{s-3x_LkOM;CvMg8Ywl5;7H7jT~Ehi|H38lc?_Fw%53G
zU#+ST!LyojX(sH&S{;%aW^265Ts*l~Gt+g2O`fDN!TH0ryl#nmUk%SVld@yJ!!fnT
zq!g)D%5jsYV0!VPc+OI$Cv+$3X>hwjCgX3Xx34-9s3rSfvux53#7A9uBxv>J@x>nf
z_&z0a|IaB}#uC}Zi{%+-gGGIKZduLU-(0|uUDnYz^_V{KbNA>u*76+>;-#2#=gUt_
zybHKTy@@BxIAlR=UsW7^Rgxtv`16;Kv#g`(g9X354qd%Psq*UByVf(KRZqfirrj`2
zH2)SzxfodctSL=F;9UPtxzEG0&uNx@UrpOHf6CJvpB<o&HDRDs+Kss`@Vc_?YTdV8
zHIadfmj-XNoisftHEaB?$$HAbS}pYPvQZk|=jS;MkMxsubDUgnlD1{*pUL|0uIyYu
zeQk!ifM@A_f3Z!W-0xCy(l)lW4s+B=cGoXUtz2A}eTiQ(-NMC7Uuwdrio<>Lio$>i
zmqleO4)xh<Ca0qsX57^=T6`@Ue;BpUzu#Ees$5fiA)}_=ZRIc(k$O4w^s@{5JZd2V
zVslw*qzl{bKSxeo;oZOM@NkPlWQy?myyxZWOg07&CU55V0R_RrDVB95bUU;<UJS27
zllihqI^G}N(hhkngHNDG`ociZ3Zv*OHp5+QMZ3-ygw?~?95-(~QmNz)|E0Z65qZI9
z+qu*KLoY8j&sGxWTBpE$-;(w3%8zgBlB{NJu(m%P;2+wMx0sn-x98HZRUNE<=-%mf
z5R|N<S!{bN!1c|<`)~O%A#rZ+HALcG&xMa>ld(Uf7U2wnI~8WQ6+k&#O!&(tFDCrl
z5J(b)hB|m{1@-@ppK-HQwzL@NS(9YT-@KOFZLM~6b=0o+VOdO-)ScBx$pIdJ#nSgi
zWEZ{;d)zqmv|XljPa<vKPugL8H`D+7T-pGWtI4&1UkfyQX9$A4?y~3Q@ZAfTR_U;B
z!i~-hyKLetcjrUavJjEYwP4#E@$o`Wo13Te5>9Tb#m8FRBKowop|(&NwP~r`dav$g
zvgNg-c!LkWbNxfQBi7&A6*~>tl-#|b?4Ir@nwj*Ft@K;1U(~I4f<>4w#73uT`3LeU
z(!^iA`J%l?`+&&*M5Jtaf2wgbGk&=@aqa52aMsW{;V*;No4khFoBPbjOtmUbdVgcM
zFLt-FS^e!xY@+TmQ|5>K5gA-2_s)A72pw(v&_x+ujH9@ew*5_}^ORIj`cNa;-ItqN
z9E2F(bA4##elD$%lS?i86KD3Co?BKv!SJ0<Rq}Qy%fycc9fAv4x&6djWxa_?W2v=e
z*LU^l@gDF-E~VOg7~8pe1=ccFXSnjMx4JD*%NOoi<$Bj#pJYud<)f;8!cNxrmLyce
z=BX9w)sVy$d`x>rEdF(e`b-6uz-tqhR`2P%#eJ>m1=V;SP2UwFO(;xJy4BCPIQcd#
z-{Ib}<CgFJhf3uKqZZf0<qxYmBrFs3F+S7r<^Q_)*nq|Im!|@S{L$0jU(YG(<BR$~
z(?9WIx}-Bk-4UaEpH~Z?O;I`b#U7R~Z{fSP28jpGKdUFbh7W$#*ZHL2b$nGXk|KU~
ze+j2Fb-mj#vWVP%k8_2XLAGhpJc7$kRFyH<<@8a)``dW??_$ykpPBQY*1D7+F4Hzm
z^L*#(<MFCDx%2cXk<$|AJkC&RQh$@aZJqaA=8cM;!I=%7_Er)F>Is_<k1OTV=6v42
z7z#|XI88k@&PK)AXeN>omLr+(bVqwcq6|xx+-v>Rjn7%Hp2slwU=o_DrbgHfhBx2f
zBAl`zi+fN)pvXMDe1-e$J)2kwJt6r#;noJcvvRlFG;}R_0$$@y$6G35>o`WnXzMKF
z{xo*6U~6)a=4WdAqIdNZ!JQU`n}?;s?`<V#DHhk;CBx5V?ON0B+)t6E#Z#MTc`32{
z^J~kl(iI}&OW_Vfo+Bc9W0()V8fTDS*8U+Bvenzdyja>?PZB!ggwL>7f;+jCAuTLI
zqN{fAPM}Fwt!?tGJn3igcaiwHW5KJJKIXrXZY#~cVOFQ%%3_!Ky?k-i!gjmx_DIK$
z;F;65*)#Xrm_~Rz$+3se<C<a0mYj=zE5#MF^W(K+<Jai(LzylVnxiKR=F{>wjBZck
zHukzd9KGT_E-&3aLd)&kqIip*rtHLhCziO?`4DRH-`kQZaxrs7e$uRAEE}x>`!q#7
z*iT9t8v?E-iz|NEy%}7Q%_rk`yUTm9`eW6iaLplqvj}%~K1towVUJbt{H@&Q&Szwe
z9?ie!4pm!g(|)Lx%6Vg;n)Ulb^Ha^?R3A@{`!T6JPZKmxRj1^dc{227Zp2OKry4=*
zhk~5vC$>|_4qOH=jo0*O4cb3B&on9GFk_Z<Q`bcEiC6TBOL6)X55ebKhAYY(wtgR7
zoxZd;sEn{^9=%@pjAgzgb=iUQJX3pEvF07m*o?QsqTUxXZw{vuV_m0sSb@Q8NYgpU
zKvi@`=d*wGg+$$}CwpXW6<BkWVLo~i(b+uNd^vs8)9fO4kiQ|8i@VmB4Y$W37bX-p
ziS$!2RSnH8KmC?@Vfbo)N&Thc6*J?^o+_q3J?DHio!23+eBF2P>6G?&)TuC=#2$U!
zOyt5&_uXIn@sjfaZoL`d!^5XttNmj;KPhn@dF?#lX~AGWC!nEs?d0#zkE5>h<6I7G
zz47bJ&(~RW0-GygB%?LoDsL93dthUTl0_#SJ70ME)-xcYA;`B;&UOm7o)yQn38zsY
ziG-{8#(6u_*=q++sgrwz+vsy>tJ2zkxygmb=ZAX6RSM~TGVG5zBh@7K#AvNUXp@pB
z=$huLpX4j~cOg-Qb8BPtd+%k=YQz_P`QcCJ8?(eVW?yk>{roQ#R*egryFO#jy0P3j
z#>6=Jc_*i486%i-E^$jyI?_E$N_5#1`+1@F^2^~y_CyY?DbbpHP8Wj<K4~Vrd;TRr
zr$p|n5<blXk7`+*VuhMT>G{(+PfywooPAd{_qIO$dre$YFpKWfZ||d$UkN$~#C|?!
zu-W&kcy|0loRx&mC-D=^SxTbcu{tL&v1KpBCg;7=|LrraZSYAs=rzWjiOPBFt%MUN
ze2uj4p4#yc=Ig7w8t*g_E#S_;R`ZPUBkRyXoEyniuge0&77B#3?87T%gR|ccJ#d4V
zzaI#6Q5s_?sdlYc2wdT~Pj#re_?&j*&g;7!=RSpOzcK2!rZFk@X7nqd$a~!qWxda#
z&mhugGIcWcVx_4|x&6A|^?_5Il)Z$3><4Mwt)2@V8V1P)ReWDwNaAIGJWqB}FHAS!
z&f|ht%18S5c^|!Gzu{3Y*D-Ol>qzRK)TKq0-NPs?yL5M1pq|o>{)KZq0lD_eE23q*
z)fMHXI2r6$y6Wr{W?ad-g0B`+|KK5w>P}R2ue8eJ7EF;bvihBK);aRc+A~#N^^9zL
zhdIH91=6qa7e*R%sS{dav$ncZ)*hwOoVv_)<yq}bQwnDH{=HMz?^oAdoUN$(z54!@
z_1wk}F}#w)iijJ1XFrDOxoM7XXZ>HKy#-iSOBd)*cXxLRNQZO^NJ@za2oh4#tw<vc
z0tyI{A|RqPh=_EEGy>8H0@5KNsQlOVoOAEF-*=z?eV%(qf2=iY)}FoJT{G{zd-ke#
z=heJpK4IudRD50Onw<1LMj{D6{<>ob9w}X=bEnsk=EV8(CECEU*qxVBMEGX7{Thb>
z*CnjZdfCK+$J1BdrC2vnU@nTrbYH3M^?CETbupx$e$dLAYs4e!m;Y9Z>XX!Ty66jK
zAFHE>7K82I4|sB?nPphq7#oMs9)BkKrjf8P-zdi4xj(q%7^0$ZDR9vGcOXmWc3O6{
z@l~v!o&h_><>H=<x&t<5pBg1F=5~ZSGSjdLZU#-y&>ZZH=ie2q&BK&fyPj4-xsChz
z{96=?>dbZ3w4LgY;f-hg?F*qwQ^S=PaAjKe(tq3?Tq&9+R7SnAv%0Kwp3jMO60#UV
z(!m_Kokd;R6*&4#$n<w`++2pP!kV9BN=m@p+*6JlJ>-kwC><|3#q}p{TCX1)2~*s%
z(K04vC3Ud4-frLHHE1K(BKBqA!TrfGR=(Tjq1MdU!MBbtMF=rT$Xwf4er79ZmEA8r
zE`GU*UI0Bbhu{#EyCyIqGhluxFaE%#F-<6f#IjV9^S7JZcV?OMe5bQ`7VmhqB<_NR
z&tlTux{i9$Kj+tU<fBoDb`or_i^of;#oDWcF#gJ7g!!^jMWQyGYh+=%5g8!~WHkz-
zzZda%28yy4xeeN$e|l$>zC3F@-f8P@zoCO4;fGpMmtV>?9YJxscA;Knm(|L2=xc<~
zu94?=H!Q<^x<X_1nW^^{w`y1DO&rpkKZMJSxC%_84sJFMjXpP*3#r2`_Is^eSR*>#
zbNA9CzAu&-hD0~5-L^t)RaRO2$t`QLY-r}#@)@Fsxo*E%E7lCTJ5|rdDPU|VIpS%+
z@Mt7JJBF|ettMXM#_wnJ&bbxO1}RGzFog&TZ00?p`vm9SeCzEZFg)MJr&eQK66Z0h
zk>$0?<y}?Uz9+!w8fAc?e-LTU)P*W`@QA-aNFS$In4CD(iaO$l*Yympd{uMX%~HP}
zgXf~>{Yun)c?F*v@4<jPD^B)jeQOPcKD!C$wz8u_TVF1*kh_+}oIi(GmRCr+SwiY|
z`(<<@sC7=Zg_k*S?r&)J@xPLBiiq|<PCBx(*!D6x4xBch6>Jrz%2#na5;EF6tv;Oy
zru-NXxnnwKFl_ltaGG{NBq{KRlhBF$F50Ij!kNUU%54=JOT}24iCqNjQw=;qVIe&S
zb2A>5H%EKuV{xoHTbkE;3$1kyOPWq$-gxH4Ft!@^&afEW&y!7J3~?(|OhN(QWVoNN
zpI3A>e71Jfs6tT~IIoxCnZYqTno`L~UpyA9r}cf7#gLRI88uTmT1-`++Mc`NN?t7A
z)zqadd6lk-$6;sO4&9*4&q+XQi(8y(ggNY@t2yr3e#&$o@4Dq-iYY~~p6SE8j^Rch
zOKx*%SkXqVztoB!vyuw`vA|9kdtb^$b7TdNz$&7O(Mx<%y{mF&-9-Ckb?7_!iZUYh
z2TfA8r<Jw4)diMG%9m+=20EkTy^E>Piz#|)YpJAG$R3Vv{zk?^-t*Cf%DtgG_nGGB
zv35FKTrL$^dAK*f_rmmj5Wcs`u7<R4$WScuwE`VLMnjRg8OUHWGA9EW*hD5yumD1U
zB47oC04)HraLE5f1$?kDJAexa0^9&OP=NB+Iz&L`0Ji~AARCYc1OX%op$NlVPEnXY
zDh@L`C1GyJB@`uiEI|cD6-5o^ZI**iHBbw@2aruf67pO&q9Y(WVnaSVq9ZXokbUs)
zXSb1ZB=3;$LB~r=_rjO~SG5rnEi)VXWjTQ>hT-I~^`AHc4&Rvy5~6Kg%^}^FH?|z6
zlC^iYI8amkxRz#uGe9RjvN&HW<x2GR`;Vw^dgGDogCd#26tA{>G)9H;Q<N%cI`}<2
zRVjZ-Hs5@a6+KxNlYMHn-gJwA<9W&EZI<bKJhLxvh}|dIyPIT_hxtUskM%t_ZhLOs
z1aI3$%d@z6#<TO*s`QH|c1J$g7@DHXpWh5Ace^B`B)aLNc221)^g9-O2`uhPCC0;A
z;d@-j@Y;zi;?inG*zxbD56nZw=W2?6hV1mcb@pvE3-ZT*v{de$AtPaXXJ+?$sWx@+
z!-n2#^b6L7aAK4KmB<MK>G|IY2d7<#;NSnlS#ZMs*Z;`wMd5=TD-K8^I~Y>wTUB~G
zcy9ck<AT^$;JNaD;-<hZ|C0n@eF}ie-|I!*kzozk0m!*QNP<U=f`LX)gh_!*MTU<~
zi%pD0M^1psBg({aQG$_Mgr7x_Pl!vBRZM_an4N(c7D1_JY{hVu3B&!&r9wF4i$U(}
z+(})f6Gexqug=u4g~LU>+sigS9xG_wr^RQRMIb&J)h~>fmni%0ot~8YG^uuX*N_I&
zLaJKnF9W5Q<&-z+E5>fLJx(|Ai8C?ik)U-7=9_eVPMBpwN@8}KLXk0`&|)Si@NTYq
zzrCgRLLGa?wX!eSi3#}+FC|+&l5OFRi<@0ZGB_&=`?_KqWqO0JdFS$aql8syeQ1zF
zb%cOmxv0=~={i;UGYfo|yyQC~W8CfsL%&TbW;L}uK5NrUbe~}zx3jU-3_Oza`M?t*
zy`TH^?CA2_hO@or0q5V3<QG*o&c8nCZ(0)=3flB@j}mLSqb@|Ng(3IKr1Mf4Rv0$}
zy$XA$9Lhycmevb{PZP=fL-eTfpA*niz3pcv--tzhcBF+FG=zimp}&^^yDZ(mqR!-=
zV=|@3T*8>o^lYlLON)V9?F#8Fw6h`m_m^`mac)?e4F@q^v$vWtv=PeE851zmB*dpx
zZKRr1Oz$ds$uezQ^5YkGk?z7uzE(y4`=8}jZ#m=G>rx(nsS@NXkIj&9NmL>c3_l{=
zesEw>nyISj@bsxYU-E^!>uIZuH4FMEKFcv&65r%yj<;l-D-Pm)J&uj_MNYry9Q?ky
z+tjtT71So&CqEc9e%==z)$mCyD`0r*o%9S$G@aaDAaK0?tN%{ObfT4Hm!7T2W1PUq
zxZeBb<*{BH6<U5Kgcy2@B%NAP5>c0v_|%nS@1mH?*|(Z5D~1^xTBuyjkzwTI<(gsL
zMakt?XSC!|)}fU+)SndL_svqsayFCU8mB~m*f)l)v6YT@zH35snny~a^KOVDEi09l
zJ<5QQ$V71Ojn?*|)t&N_33r#DBP@Jh?Bv#0n&?Y6@Ua|r>fUlspgvz2oeU|Ob9-t#
z<<!sKF+2371>-2czk0)}_kM!>yWZsUHzajUHN|B?6$NL~uP9f}UVLn6D84%zP}pT9
zk>wF|oLh3ECWZO3&tp0&k?3;#gLrR&iqLi;kI2mASc{7ZTGx-uaEuh|diB*-5_R{_
z^seyD5~ydl^sBH2h24E@r4p=n8O8JDMyu~H{3wSjRO&9NLKxN@0-bi>w6aJoP0T1C
zxYN=I-I-(%m&-*9W3j}#fyIcwNk2n;^?9n~%3A|bg{P$Q(IG?92}9`|()}hZOB<8|
zMn_}30bHe>12PV+)Qo%|^HA1%iuB9J$#h&s`kV#l@A+;|xAx^P`HowyzTRbDr`h_l
z&G@cp_eGxVcdsb!A01gMzi@vw#56AiB;4+j4jGz0i})1R^yJp#pq#fA@~H&n=joLs
z6|b=fJ<8_!M4mfH92DHKuW6dP3qS5#NYvIS9#_5zkj(KqaFtzInf3qJ|8_4k%Wp|k
za;NLI>s-R%OcQ+$ILLy7KRE1x!xA`jfkOf~(1QaiO9)CR3%th+2tfgmJZPv0EMPzq
z*bqVy{umJ7zkU9cBYzNo#EPW9mJMNndJ!G5fc~cxku3kSF2sfk{Ac~J$RFE3%l%Ui
z>YrtyUKXeaTtbmNNMs!-EQo~qK!*IW|D&ToLi7;$izN8V0)HVN?WDjlic=VQF_xBG
z)yo~7O$ztfkZ>+<#_2_z7#H2m6;>WKKk^}|L3^WS7lLnM^}H`zX7%s&)_#gmpvG0N
z{rrh4h5jrc2B{U<2BdL7ngk306ZmIdX!@Ysug@R;*Lg<&v<aNze=P^@C|_aWJ>c-~
zb_KEh|0QId{{~tAzd@?`H^_GV8)O^*4P^hML8x>Tm`5r{5;6}66AR}5;Ns%p;o~FI
zdXT9*$lM%ciVaMt`;-2fMMes9X8ua#e<x)A%)b*dm*(H;pLsR^$baV7{3HKkn$3S@
z|6|(Ce`Ws<({SkiPt$NJ@`$c*({Fe9FAJ7q(WnR(Pn^kRqUiA9&$sG@aD?-n!%jtq
z9f^zVOh~OjC(sRy0zxf+^$U4Gasw0q(m%{a`Kw>(3=(PoF9AsZ@F{@w5#<1+p9rVO
zUwuU>9u`oMek@2u78FI$6+wcI^lksvA&bHSI#?9{_>v%wU;_i#;V&e_209B;grfMD
z{-=&Vbs=?v57?pXuVwz$!Hg{P*ZRQsuVoScKXv?BAEF~Zh%d4}WPAT?n<8Y8`Vk5B
zLI&B6KXoCC{LivKc9cKc_s9Il7ySOLgT)c{cQ6o&oXn7}%ogwmtg&JqqoSbv0+4r?
zAnBWXpq46cb?rr5pJ{e3+K!6nuH`}V#hMLP+u8P2TS*@AFE-DqpE$Z0*qSWnRJIkN
zNzn3Y<N7F)U(b`5rdfWHVWeR9RQbmEa+347!f_^c_DKGr(Av(5lz>jF1?O%Q%d9rn
zhI>TUw=f&ak4$I^&JMV}JB{)bH0iSW?oQ4T;=vA4U-Aqv4YTVdvGrdtL}1ICznTl)
zR1HdO*r&QCIVD{|NT9!q!OXCGUX6lAcS!K6%DYz9G%%d=9V_n45Auh@M}npIywpX~
zP}L9FLce~Mo|$Ts6!Wd^DV{xea@kt7ln8x@SiZYwQ;EsvS!Tb~7eS(Rnf$jQBEr@3
zG*WR!x;Ss{=%EuTyS>N2J4z;N;19T$&f!@RVDdWVbrZASlQ|Nc)X!wE;;Jty49+ln
zk{NS&IA2_urPF`VACXI=ZW>5Eh2!1yB)2I(Nb8&QX5i*2W8}2G3a-sayKRR$4Z{x3
zXG#%C8I@V8#x@QWoqV#Z9d;McP}1~gm!-*bPUby~b%jaB{a%J<(URWWGZDvd?k=2=
zp&^yUE#kPowUV@ddbXF&|GqKDRhE*;U2Q3<((T(io+VLK^#yq|hE-<2Q!F{%H#2s;
z#Eh$%<1z9foIUmi{=M24ovKN)8;K~p{MWyv8Or`F`YwRSRIGcvFUQ9yLCkfD)+(Tl
z7N?lqppK0E*!6e$hCOrp`XjZbrSP7+&xa+0D|yc2QFmrV+KbFwnj=|F?a(sH9Eghs
zwq+g(PL~JmT!;{Ky}?t*O6hKm&FiB+yGcTsYb{jrk^J#H>kX#gV(5c5=r5AZy=pHN
zxNGC*<b0x-d(qbv^>MqH|CUvmd0Dn=#6i_-ra0RVyYFb<II`#IzcsTHF>_F?uDKxl
z>06HQaRX}$Exu7!X5P&Q_cM<ll?2J%dJ-*p;wP|_elvB8G?dJNiZ@!EXq<VaJAZ!e
zab}~be^JEYH5*Sh`t$bitjCwz=r-`G`;CMy8ZK*mPT~=6y0f#tVY+_aC1$<F^V>`I
z-u7pTD;7)jwrdm?B+3iq@+@^<w$;|lUKCR5xl9k~^_?nzSMIKT>$Jltqi2W7+OL!o
zz%<#d6B*^CuC=UxD^zYj|JLATu7n$T;n6<}>$+RpIVgiuy!#ySV<Xfft5Qr*-rvA|
zszF=sU3rTFg(!^uLV~jC`k^s_{P%K3Yj*|qlwD6zrTeJ~dz&}Mr)Ah&u1n6{v+~~V
zE8dS(bQSR%hzP-co}+(4YdpELCZ7J;`bDv0X&V+n=g%?>vzZV0Ar}Kxb0Wml+A(i`
z`qi7mL^L|>HQgU=OcF44^R}YO?Ik<0j?PIbd5@eE9yyltJA13F@|0KPDw6nemsXC;
z!>3DBZelt6xLo&`fAENUcM|u`0b^gU4*%<bh4f!;T56Z%XAAXe>YflWzo%T(97*j;
z@yxLvwmIGYPW!3c^x50|nf-7{<>f$;?2lzvl3X#kFRp$udrZa7*Jfu=+*GQrB&PAR
z-YL4sFzUyRX{o#IOl+bYJQCeiGKqeThZMOu##!3Gt<0xrF82qqRw&TNoNq)pN<W<#
zb-%4xJ7*#Eu+pCt^(%@)MqVe{b8i9s0^jQ9fp@RI#R@ZQ?q#OEIN}oAS&J7(9}7Oi
zY_&{gkqbLs$0NLdqEFX>eXT+E)>6+)16z`z&*TJTyjR~0j(a798ntZcsuo{}<Xri1
zFU}+cY5S2T2^&D(QAP;BByotrhyw5MLV-78p}^a&P*6AlUVslk#w3vTMg~CI9~D3y
z&;;}VL*PHZw<7J=9l!$!2EqZPQxpe00@4AbO)CV7f&U!OXa(E9+sk>#F9BbHZ@><K
z%pEubP~rZL4G;pv03|>R&;y)+C?E-30w9nIiWYDcxB*xI*1*5#C)|a6Fc1m+J3eM1
z<o|h>@4uh(YX$p1?>_l=KWP>08^8hZ?{)|u+9F1P9YB5uM-p_W{>cB_PiJ8M1z`W(
zt|7;X3_y+<(l#4I*>&IsfTV%98!793<gMSN$E!w?sZW$CO=|2IqE$N0B^nQ}-A)ib
zvNg^5&i2BG7_D;tj+f3ou8YSw7OL{O6g{tuNG6-;oE;C|iI$xXXF2FnJ$ksUZIgK8
zqbzNHsOH_zZjx3XR{1o3Jy!dvL`E3!H70(EMQEnp<w~tW`q(W2tY<~xH!n=}qTDYq
zeoy)-dyoiE?rKmf{qGKS+$j8{r%u>!Dl%w9JhXOX-1C+d&)Z8^{C~t<4q=j7Y$#bE
zVE1L@<iOl>P2+hIu~w+(HyZiHU_VShP|(}3+WPe+@wtBH%$Mb!{If$3nk}DiVsxR4
zolRe_YeU^N+bXta4UXmRZsDECPbNYsfRh_``TsUqp8WS1%s>5ZME>d3{%@8<>O(*d
z7Xq@o5s<@zfLv1uNdNwyK0b1dA>)h)xPOBO5&^mP5RfrQ1mrqI`1^6ui91dUmmNwg
zVx_BhweZ)vRlYJ&IU7~?;xs3hZiu(-U8?HFvX|U%ZhhgXW-Xe+!vBP)-A%>-bz^qG
zEVazgF^x!!T>eOkhua{JFMrb*Bd*{iDZQgA-!Dq>EBObut3~~Lqqj`Sec67y)Z@&}
zCrrmuU&-kqW3srN@fh7X)P(5z7P{!8fScQl6aHm!-dnG?4ds6b<fh!Y5FgNZQZjky
zJa{S5v6A-a3&ull!Pm2oxNV~sLb5Mxu0OgFHko8T;DOd9o%wm8<A<*hby0ifW#!xg
zeP&8}xy#qP`PMN%<z#3D&kUN`iybSo^BSI2S_>&f5#hA3c6;Cb^_Z$ZHA<^e!XrhP
z`vJXYzD=x)>gW|Bhv#eJPwc6l=wI45t^4pM_TqQlxv$SY<0!0IsuW8;4tDu+>6R{e
zwD*yKEL}jDEER7!-ma^{L%WS%%J<C@YiC0Pw6|ZF6Rz!<`HSt-y1&cVTAH=seEBiE
zR3tV=-^5;bidO9d4;y2(HgWXzS6tKMlBXHzgmnGqHM<T!MARZV^=xs8^E~G`EU7<9
zpHg0~vbbmD@}1>A@%dSZyvON_5ih<$75|!B^RFb<soxEzxDCIgC;hc>TcCToxbe#9
zsb;x_vr=_j358}ARbdmwkIh&t{b5SQpG->|jQ75<7i?wu#4qdl^Bd4p{F=GX;J|fn
z&s|@)>44I-^~2+p;?Noyt>+`+N56u8^PUrgR6J|^)PDMzX*lzcsnmwcMM*_b>>+I{
zx)J8S<CaeOaoIS1o#x}G{SM^Q>#OhDd+g3GROH485AUs>E*dP+Ft$Fww`0bBX(~`}
zyJX?;Z9WtJlR->>$%i)*--lRxNC}60m7VUBKKXn<CT^7Ss}EXN)7dVof`Iy?!o;Y0
z*E9j#i)pM09I}n!m*(E9NwBR}(l4XE`E7fC?K26XjgnvQN8N;4HtN218G={Y9-Dy$
zXO!{JuJ--T<P+t-6ZX=M0`<M+L?Fhy#ZD{QwAZ4?0X`jtN-n(@Zy!WlHh8`f+$Q#5
z$>-P5jxEhA6>JQvoGl%Soj0kxiD#i^w+Jfb)uhPG#g(x&{2g<)pHmDd4{8hu2xE;i
zzhrp(Ek(U?JnSwu-2>*k3=~f<USVh@Y@jmnD`wu$Xw_`MD*D`mN>h5T+^g-rMxt1y
zs`T9qCc-MErMH8H#${ICc>BI;=sYVCUe<vzcZMI(n;KXw?*x4zu5Xt6(6G`UPD{!-
zbl;YpAc7sf4_uH4BvFXjJ5Xe<oAJO<9lkc^(;)87E;ePVro!^`fgS1dnIW#S-qG7x
z3DlfK+tKFue92R_7o-AL-GqNne)jCh=8EYnIlau(VIz2`Oy$>9R)5KjOfYhpF(@xf
zltZYotE4A-ZD0Z$)9Tf07P_vm?IhBW39cB`f@`~`&m?$Oi+;Y-)=GLiz=xgBap&Ml
z^Igp#W5@ceZ?9!bYl|`8<(!gDJBQzRq1Cd686fjAiNZ^nwe>1bXheAOuL@%q{n2Y*
zt>yIkoHEZn(PzHcCK61^f75)kViF#;`;!>|?S+YT3@7*7*U4+2Q3p$W!f;#cSt7Xh
zIsr{c??i-6`rXf-%QQF-KO7yigx+{AzrHD4;5NpIEoSJQrX#9365D2fNzwF>HTOyJ
z!FaR4<KIQ$H6I<!gcq;T`$P^U4hw#jLmT=%U%tX}^9GTYc3GwCHvv&Pj4r#oha>}q
z6SDl{C3llZ7AL((@(Z!cTs}2FBr7L$PHzzrSFu0XA6pox;_@@T2)E2XiB~^s&i5Hw
zUt3^K+?e3fvgL6E|F)f$*K3md{Y_DZt_mOeRwI7apnkfUY-jGZHn`IEop|a!xy0Jh
zsxbcp8Pbgln8pQhi-ODf8ci4Ly}xCpKW$JlX~J`@Lt|Sha;kZ7{<fonYg4rwy@>mU
zO!9N}mCT>Xs1Cu|33SEMS4z_FtxH-hZjsIE_7Ki8avF7#FF8L7((a75;Ir4Ta(t+h
z@&-5aqi0CP)qB02x316C_Da^#mZLX>ZVH86`J8@O^~}QLX6FkW{PA#4)RAD3JsZmd
z|D1;z<%Y~YzK^fIankcM#JkP<jYH$k7$t+;uQxX}rq0r=k5VLWpptsch?~ik`Wd-@
zADv4e><_Ib!fTOOzS)I48U5C{@nv(mCJ9x1RjNrZUOlTXjS}aV&hOVVzq8`kT26m*
z!!<w5&Yv*Oy?WAKbJ??0T<TrHgE50h{q}S+8VehveHog_nVmNFfK-Byu0O1Ew~}U_
z7N%+#_8H;5xQ;(>X`UvPOLvF=<!aE2$-K9(CU|x_aS8I?UwAKgEUVY0Jz4E<TB&n{
z&T`W0+A`nGQ5+T(;-Dasi<QPObhY1!_hWl!i}@=)OUyb{8^*RT?zdWK*`!#wBV;%l
zoFa&lcSlClr~|p(ei{(R>3oZqebgoI^GN9T3GM>E4o^w|{|&p2d3BXfl2<Z{zTiZ^
ze^tBQX!0?+WklhL)R6Yc`9fayt;O=!%a1s<(QKNkzvJAV|FB^c#7=zcy;T?~1Ibh6
z)Ty!A_#wR@+?`FUi`TLQ<C$wZXoBy>x}T4Jn}0SfBz<?cBKXN3mg4uER-M^n=bK5c
z9wO>kcbG+=+B!vjJo{m*>V5lbLc9<^Z=UCm3Xhn{dTRv^b-HnT?w&Ey$c>#s^<l;4
zI)=w{WDUohH>+Pf6;X9p)TQ)I#k!_j=PP%$1n<X4_Y?Jl$ZTvs)r)aijxQtSp1!%y
z`|tiPa)PsnWbyahZN${GtUIy0TqHd9UESySYF%ZR{j<A~gr{+DGo13xTuLK*12%Ae
zydusNc>Z0zK+-aw$(!4vKPb|-iG>C)1i$m7rr;R0YR0a4l`G9HgZ_@a#!83bd)8iU
z<qx0X2Q;NeJJ0UgzWCVB;z5HKW2N{+Ij&kH>*$#-!Kk+QoPfmC$5O!?_nO#e9#_*v
zzHoSp+fKfqAyF)BJyNCfQ;D~e5iNFE%e{WetbfI0E8??VK=HG;V$|bqQX*=eWm2E+
z2&`4s_*t*3vzo6l;10T%<y)M;Yw#QhPJUV9&zAnnqURc6nwzte_VTmkd1k#EnOCK9
znmo2X#9zCG$IsYO!595mMqifH;_2OoT`ImMq)hDv1Fe~b?7cS2GrlGFJEN$MaX&p?
z@G7l&Kw&EVG{}VT_4lrs>k1bLYGzr7A4Qy?NnFv8$dH>|9Q_(?|BP-`?Z@H6qN@8w
zG(ItmE&AT3_Nh0p;_YZiN^%O(FE<h380pEqm%Q2)fi7@?DQeSSUu5Q3;ab4Y5~1}v
z0?ZFWEIO<N?NlLrBD;1E+&SoHA2&NTSTBZVZa<nn!Tj)<g68Ki?<(QPw<APh-4w(s
z`c@M*#L`dm)+#>A6c{O7)A3bIeCKDq*y=NUNsC#}>t5j@*`2m|X2Dj;vb`bmOSdaE
zOp2A?OHyuOxY#KQQ7}@aZ(%ohmQCGu36fpYZG3P_z1ez(f!-JJdS3o=lLsc2f){t}
zw+Cbl<No>OHGYZT?+tOyCc7BkYI}o86=G$YrTXRUr_zs!CoM@tcb2tE2PRK*H*m1x
z_Eie+icxD0Ig@3vWjn53d64pCA!nsS`5r30Ny-wDr@6NDRA!;PWv;81xZI@Kcf&$w
zP7ZqQ<b~g>7T+FlhT{&geG#G{ZVBOyNabOQ%4@0a+UK31eJ1LS<K`kTRxZaZmRMAE
z_DTV7J6w1+xx;JwikMS=WvxK{i}@sWODv2Fr61j#9rDGs?z%jB{@wLGyOY5vU8M6H
z23k7tx$&`#PsRuLU+sU@vFi0)3@t5ed(Mzy7+8Mwk>DKFQIE;_3r?ZWRy<5k84W0<
zvDHo)mfZC5@7nV18E4a6FS-Bf$z}+uB?$qhV%+9E45c4&v|shvCkQ_pi;c$aqy*o-
zv)EjWo$k0w_=a=oYoLv5!9z+cv&(TTG*mmJb!DNY_44!Iaa&#nt;J%$WnyNxtcyo~
zSZ`%g;jNZ1O5B{d-img-b-Q1REPO%hW}|uY?}0YIj-?TLZE+Wk0YVbmb}HLyi+B#N
zTgAgU>s%XO!*;59pQ59^+V2bd$&(w!ZLyoZ_M(KR!khc_C7p^?X}xd`v-)7q#gwIn
zA$n7+9el+sTK}e7C(7@;J<gIdG0-oQY{)RrO`6rJ2g*An4?lWtqnwms7-8djp&Mti
zZ-Tb{t^qgJt90H8d)11Kd+~N(@Cfd&g!GtHVDF7k#N#Up@wc;iOb<+bVqOf4^(Kn_
zCN({m_nfk8#weAfoc5#f5jEX6e9g*t4Zm;BCT!uwyyg-5`raw9yyo!vjq&?z>Acaq
zCILSTszr?L*GMk?9+;Z9HYBn}?ajqF=pMLuGx)Z3?XC0O2b?2ZgXZZruVsv)h<C0g
z?e~%FC@~2}UwQLZoXgWdXIE8pwK3t<lV8#HqmI~0_HW*b&83x9XT8`<NTDVVF_I<i
z+|9EsqRy{;*E}Y?S9_Saeo){M+-`i-qZ#=?anoW~)lqlv{-os9!x@{)V?R|z4G4d|
z-2baL0I?vh9wuIQZMrEE`C{*)*dSGc`K9SQ?<6Y7>V;=l^nA$El3fG>i|5}8@tI1$
z>{*R@s&?9sOXMueYWJl(2J=;i!`RJWKQk{)nk;@s6Wd=O7JG9A(a|WU9K*TNBsgwI
zN5s6AVWJ3={HEp3A^fQ}TXbZU&h5(d#QV>w7gS<?Jg-<HiY>b&{&e_DH|6UO`-YUn
zD!#Hjw5}an5jLq`HssKM#Idx8$y)v*zw$;qyg}61+2La4oV%?=hhd=PaIUz|^#ink
zq7T*qPrim3q)TIDlZA6>xCj68@6UE5|8}vHG2vwp(fJ!5m8W_By57b{N}>kUAESf%
z8VAX*(38DWCDm>G#o4c^1M`66S^9kCee?X;8o7@Y)~n7i_OHdXE#1De9Qs>Mjs8}#
z+@qD&G+S!Tb90Aq{-RBtpXsFh2S*MUQ{Ihp@F|dXK2i1Os}jD)I=oePpfPS%+w4=G
zbJ1B~>}JiR9`$LN6xrkDG2Nls=HJ^jD=9c(JNP0Kd6%zVcvw^-!=nCJK4<0R#xaL3
z?jSjbROPPUF>3GG^)J7JrWtUxJe|02s{3rC9-h2=7`3UxCYyEr_j+q)5^BVqmzSm)
zmK!p>>u=m+^{~9Y@VZ4`mRtJS1y>m(g-sRwLw7x|TdeYl;il)<YSSrcEw{JZ=5yEI
zd*+??XAj0YkiL<~aGFdGrF+y(*(LM2FYrT%6^}H(Xt#dQn(j9>v8c$o@u8bekB=Cp
zK0Ve8E&ukZP(G(lu)tl>md`Zd$Pq8tXS=O8QMrMCFX82q<`paUJ`w`_A5k~9573e}
zsy;8Oa*m9qkze9{F+OA-oWIah?pknM)D>UbhL*&RbCwz!nk#tYa#Gi)&c<KSBiZLa
z)n~3BTziP=$ESIYed!_><F(EwUq#tW&%EkRl)p4p%?>_Z(709a$EjT`H~G9H(+%}n
zz=qO&idM<g3lDu?$9*S;cOPM4V4}c#s0mT=anSLx&@l*ziO{eKap0{-xTvTE_$cr?
zTueMd3><h{5*jKd5dj`H3L(5*7Xufa7zc#_2bT~H4<8#H3lm<&3vbyWMn}UW!bio!
zz$U;Y#6m~GB1R>`MT0l-V&LOpVx!_=;Sl4aU=W~V;$jn`5$!O~SFcgpkNnVB%(L)V
zp4CW<yf11l8}!tZq1?ezT%mM=KWqzq+-I_$Tr|}Hy;;m~JwJ6#a*vImxhZ04_#!fP
zf{c?OV;np{0N?^fH82jr0Eh<{#CY+7v99Z=C?|v%DBpMqP?~}`P-qnwB5xn^iJrd~
zuunDV8gvUzxIosMRhExqHOD-~!?N1MjYh?5tAo;hN)r~hr%&2f#c#eUQnmj`LTe8D
zLDf;y&Ae}+O8o?^`it-ObiahQJ5<K3F8`XW2ryUq6~~0Cuc@P?(k#WeE&EU*yEvuU
zJ{{+K`F7)Aa}*hE-+CQNn-$mcJ3F61W)9oZ8I3Ue^6K^|D{`Ka`APhJhCAZTF@7Wi
z->RyUUZ7zziMQZiICQ28J15&9b<|j*^3fSRm%gh@e_Q3I<ib&Q_{&hu0efZ9dZpC(
z7Ng0bXcy@|UY;g($wp3fz7ePAOw8kfr;X+W*n5(yw=!4js3u30qsboQxwaH7-p=tR
zr^ET_d3<TOQccqIhv_`+pviH2vrwaJ3kN+bHg9yBTClKXFKK6D)3?h_QWU2vT~|!k
z8ZS5LmdEKQUB0Qp>n}sYv6tJ(81|j`==B|4{&m}wC91e9Mk(!jStwia&&&MXdY?S0
zFT!$ljjSq#$S%=Q;mzMLaEMHr_l#vEzOGvA=T}F*ojaCA|7|UL%bSWv8(r3$;Lemw
z=Zk>y#bsHvp53cv2PYZ1&$y^~`6joQ1f>|CywM}@zb5kb?&mJ~(&v7z=5cm?-9iRq
zaf-uy_3|xN{s~xbz8gsv2K5MiM<Xxp5sAO^rg?R2L*Qv#GuBx^0FEKss^6eb+_Quo
zQq!LB1vh`^gy+;YW_icvr=loR78UOk_et8{9EP;5=LPz{!KoPeTu7}v8j#>Yhvp>O
z^~CBIDfg0oh)M}gCRWE*u-p#coiN{s4PDN`1P%L7y%I{gt2`g@tlI`lHRa~tEH$nq
z+^n;G{VHYUQ@1oOW=T#ED&M}l0t9QLVw(Liu|WBtp;G^oUM^o)quH%n0jN&d^eq=l
zV>KuhSE(lW%`g?&o{XeEc`vZ^M(qJ6(~O~*D{tnw+qsKolx8ji_STpAVP(&TSNG>=
z=}hD?<K4<B8C-7JYquGBT;Ri5zr?$dx?3?r{c3;A^en9)N84o3!2Wl5Mkr>-#dgC>
zz84+GQE^)HMv16a^PkV}FGr5ZJ7!!?_MRo;(>C$-(eoF*WTD3{l5fEvBA2#!*p8aY
zr6q`#+kO9jrYy!IJ<E4zrwT;n$G+cF?Rnh>nB|()n7YKuYDepT@Ex~^VbI^M_0*Ls
zOfg1HWvdM?85z7?|H{f)ih@S2y-6sjB~NM}i|SX_Rh#zY(Wj;>Cjmz4;|&a@*1yuf
zU-w&oYIsdx(DaE(xsC3cKmEna_fJCXC;~zcz8g<HJP;~S6i><+9-&#PYtlbeVBJ-e
zd-blRUAxUxvq~cAs{3eVMEJlK@zhkpgYJNW{Wbc9G%Yue<ic33NA6+#o7LPcUza1V
ziLVp9Qexk6PF15VV%;Lr(`B?vc^3t90Pk%u56BD6+_db(r+dD5>BA>=3%SpzX5&{)
zTy)|HpV*&$tPt=f<73&ajL4kV?rRgf?~8e-zEpUa8e;;!Cs@zXlQM`9XHyx{?6dt=
z9jt1v4SdLfvsPmD(^3D$P+m}e%&l~z8%&QD&TU6XI#4tUkA0?N(O0H$6=u^On1`eF
zUr84Ax_xx;H2D1&gRDue9?345(8q3C<jpo0zXcS>=ejl}@*e)E6Z}<k-9H1%Y4x&4
z;}~a|a&$q$sVDXu<CE=|coLcy9Au^To+<K--hJDv(n`5h{@t%TBnRFm1_RD$$PhA&
zBZEZyGn@=>GJ^up|2BX`>|g+2#0EOfpJl=RXJMp{zv}v{>`yu3k5v1o;E#^@B6a-n
z{j<tH>;7v!h#OMySNWf6ku2i;_cDKN#~;5xc4Qm=Y!_1PU)u)CpKbqBfRz35`D<Gd
z{f`}~^Urn(R<!@VGxOii$vkBLvn79?-31k*v!FmU6cmWSf&x)v{u--Cew&g2o&zJm
zA%L_yZoosp0I&j@fGi*pC<Ku4_`3k|n-}tX*a9#Cv;oL~lNRtBxCT%Het;x^{5F*f
z>;hMSDZmuy1$Y5u+`kgY1Dt_K;2mHAAiw2&2l@bc0QoK9Hn0qE14=*~Pz(eCkAO)4
z`Tc7fxCht+vj8=q4j|7Le*gr4_W(9f4j^&T!U0jh20#wi3%~>D0cZhD;4^@9sF#2n
zKs4|KfTkLrO-4bf0KNglz$YLCXa@QLF+c-22Lgd);3mKVH~@6OE1(820#X4sz!um8
zpeyj_cP>ScI6ynF2}}d|Kms5KqytDA1o!}7APg7>=z&_`HQ)s318TqlAO!3H3V<<C
z0IUOcKqDXsv;cDe1Mmyb0a5@T01Jo(s(=-M2w(<o0b@W3@EG_3bOM~fbsz%p1TF#E
zfF<A$NCEM{Fi-@10jz;)fECCFm;e=^8~6!e09S!b;0{0toC5Q}eSiay0m^^@fD}jq
zbb)$c1CRwmfi&P4cmt3F{J<!%3b+Ct06Jg-r~<)2DR2RJ3$y};zzl#7JOx|;VZa+W
z0xknDff#@SSOlm5X}}S{1>Au;U<lX(J_5=>2Jj5v0nC9DAPV>^3bQY=yZ@gO8Z3=`
zKI9rf5(Yu<{WspO{PXriS)>7?&(DLM8V*fI8C9Ross>XDQ=jgg;d~@LTt%VB96@O`
z^O|I<zt9(IBPGpo^fK^Qvt#gT!Ad_%_b!!&W=BZt;YUTPNGXky3d%m3xRvv{7uu+J
z8aH25kzxF#$l(04Go+MIqo{jUm&oy(p)mn1t5gXC&zP>yE~#<#`&Ca)>Y_&zn^>)Q
z8Aa(Y-dyT*`W>KSb9}I`81mY|B!^%t?okbCwAsdD#R~2N6OV<7;@`Zw0$=TIP+Er3
zFcV*PcpUnrUXa8j*cXqyhSqG&)|;n19#TL)KXRkiyCsv=Ve>2N*qZE_Vf9vdPj7Gu
zPiW>NIg}sF=9!~Xzwys?3D&VWuqyQgU-&w{(ZhVyo$Os)QgNPdywg^Y{gqpw4#ppx
zR+v%j=IwDiiJFXO=Z&%Ec%OJNJ@korP0jGITf`ylBqrn=D&coyb%S2nI`k^l9)cIU
z2Tk83UOwRRmj22&S&gdcokMqDVB2=8a=M>Hvllhwy+gyV11`eVE#=gRwjzu=$=fzm
zb%**(_Uiks5+4$$F<r?YhVT8B42(V-J6;{{4La+d|7jyM7jsxQrNq1W$bOlN*4CuH
zbI0hY-ZWtd)hI<HxUaF5*!cXbrVviu+EDEcvx^fC7G0gn2JEHT`VaWJenjHrsLS^`
z5Tm-_u&gl_%sIvl`&~OaIBG{bZJ)ZYsQ;<DPX{NJx{+w2;*)<h9>Lkw&n8n7bIWfz
zluYnHqzxNiBX<3|xX@f1VV%o?XWF85oR%2Py<}~CH#Y=rrk&Ey0dvCH#kN`}S+#Jt
z#y-||ujTcp`;JF~-!%0kbA+74>-fDQLn0MV9%`b!+V$00lfikypv;4nrlH!P?dnCs
zi`&|Dvp4R0c2tm?wH|o_so%v#KKg3Un&cPM6GgI(^i)A4$>rGve3xI3Twl(;t~RPh
zKDGb(fl=4A?vLdIH;p^g>*V)vyNeiY!n|&(eh)XHPIv0+k49^D_Z;l6J{YlZ4X{dO
zDGJF_oBm?ej4Iq#YA#%~v9GMl=1FPJz)$aabZ|aGr>n>rFF2tq@~i%~Vj?*^rhikR
zx$8LbOgLML54E$7ziZ`&X`~*m>H|g%g}bkQ|MWet^?Q%T9&h6F{l$ff%QsPZaQTi8
zrQ{@-O9*1Gyf$cA{bcWrBQsBO74uQagc*JLC#Iu-<s+AfP#+e%(}5w==HqBC2aGER
zCr8BY!P$9vWtR<kT)vqXZuu?-3%zt6;dPKKC6<W1@Oz2+c6vPri*xDWBhLQu_e|#w
z{Hn%2%~-j6PwW<cFlxTprol!PYxp4amhv~-S~%{tXw6$hKF0TNO_iMcT3%K&ti+j9
zzcaS_4Vnf_Xp=Fa?ZJdT1}5BVG2xyCp=AID01Y4m@Blgh3!nms044y5uto~t0<-|~
zj}jmR7y)#E9KZ+Y0eE*YwA+{{TmOC-;lK6Z@7+XH+b=pdufB}>{hkBY=u%Es_saVR
zy`$>#qO^gjy|^i5odRL}l341F;XGF`F~q6Wv<qaf97IQ%=txtHrQU>_+#SFJx!L_m
zw5TFzbX{8A^bVri^XRr13q)cGp*z|hI6Wth46Q+JjI}@Ba69QNKlgmni|cPE7>mhD
zyvRYe8>S|nI+gf1Y5JYS&_Eiw`N*E)<!~wc*<V8MvEpu3bAHKSi+)IQ-&Lc%u#QPt
z+L_1bG*YgSF944+E7$Ua?%2z(2VTY3UYnNae_tQ>)_e8s)9On38vle(;06``;q|_o
z71^a%^MVPE+^9P=Hz!q?1)lldt^fE|-t5e(GD^lE-{pld@6+_E2g%mWGe4Ui4faba
z+!!{z6d|ira7UfuLXL&W{%DyhY077ImWwep_ZqnTGM9>OU)h@L6#h*^XcHgOa_o-n
z3^)EE0BO$_QKA0_`$Y&40KS1u0?Lqf@iXMdK<@{=3;dA%h&<c#6>R%ptA+eH$XUoE
z&*JDoSqJEM0C_+Y$`V0N0h7pjfEs`b*ad80nGx_w0=)!$7C?$Z-WBY_pd<5(N+E9t
zvJlE`fH#PQyf8>hkgq|WfiLph(-$BV{JFud2X<t;+<?bm+Xj$+0rH&FOR)VpA3!4Y
zhl6wk`2x5JI?^wH26aq;oB{t@kfk7BLHPsFk<S$fAfJ~E@{J&oXOikc{{i-QkVgkS
z0c@-w-vjBOI{{Nr<_YpUNCU9j0-*pa*pPli0U!$cB%lL!RA2{unIWGKW#*7?2AvWl
z((g@%vM>PIC#GN{0(l?uMxf__MEXG(p!<RT0_0baN#H{P@)nfwf~^qbEyzCsy$H%m
zKsN@Eb=X6G3CfXUI1M(WpNKqnhU^Dg;1z(ZcLD65z>f5jkjJ`^&)W>T57@W>3CQyR
z17K?aUV}~#gg_bc+!+!>D-Ae;y41n$2lRoi0=`Zlk?lqLMUTPm2;c(9z7PWHLC=FS
zWza_eJ<vJ8W(6`6mg@!EOUTEAd=Byh@E+{)fHi=eyLnKC^utI&j|3e#*VzF}D31fX
z1%T`$8<1jPj|Z&54+G>Au#rKTD&&#RhOFNcbYEZvNC4=d{1hZ|J|gEj(ud83Wf4D0
zkU@~o0w3g=?H7>e2VESbF4(Vu{u*Qma0(#jDGXksd<4j$Y!zfMEQg#Yh`$v`q%Vv-
zBi97jLms*2k?p$&_C=7$xre-e208zp0?21a`j&N|JA?lMEXND1LLTX84uD<(Am`C0
z*u=nw9QO?%3_$v?$n}VPE>rN~1bqfrg0geSCxN^Od0o(vYXrGILLvVa$N>El$QY0w
zP=>6l5B!2aE<+x9?obVM<Xj~HJqPq%u-gO3{RQzw?i<LtxDRka`3cA^u%`mKKrHYY
zY)wEFl;?m<25tdgfM_U3mO-vF<lIA!*$7A_uq%S@2q4Gm2=e#AUJUvHtg`{~$nkUo
zTN~tMK@S0t`zErTQeZ>QTV%cM0P@`pd2X^5V1)8^$Ww#72xXNZk$QQd47pcb1Ej##
zi!29ZgB`gSnSitei5xE%Kn8SVT-gug803-rR5<8DVABMU^T!&ogWLi89!P0m0_ye!
ziCmj`Ks@*$*C%p+L$2{Luq_~UgPemrvb->WoPTJD9rPNINX!!huw4WB26zUxBglI|
zIdZKb*Z(%yko&R>fZUI%K(c^63nX%_27*2Tc3IH%!54X!RU9NA&;=m%hd`MEzz%s#
zC?^0p0Fo0J29RTe?C(clN3NYAU>-<;ydB6G0J*<>16sik1@c^=TLH*@57`DL0NIXF
z$kPC=fE?s2z=sy}2#`}Ck@Lz4?5-e@dJ(%f=#n5uKvn_BeFSOWB0)#ilMa3lAWr}i
z6SxaDqzpMPY{8D4U(H}gz6+m#Jp=R#&|3lI96+vTT(I{+UIfSn8*==S^~^yTvV14x
ze}j)5fL!+mU^fGhV^sq3KKKaXNJ%a9@T{>C3h)<1aXo7vB>p%uz%)}GE?Q9$E!9w%
zB>2)wk;Uq&8l_QtH+F}jDu$|!o}i137N3Km7QJbEJ9^74Wi~5ObWx$oNbwq0Twb2M
z5SF|zZEOpL54fL=wv!J%3?)rQf^wl@VPTLEFfdfa%QlH%Nr<Uv;cF}n3T}o(<3w9&
z^Sk6l^OTTdQ&Y5bV04gSQBmx6h<$HsLu*k|!&F^tWnCEQq8bw=R*)4Yl#>lhB#KXt
zrpaKz;o(u%CDPvSlK3t{BrlsE$@y%r_tFU}AtAx&AoI*n56vVyJ|EAm%UrgeSET*f
zvAH?ei3R!hT7`E#l||f@mC+Q3Iw;1Jlu#90T2NZNR7Blv)VXc*;`v{O$KgjGbW48E
zPY`$+5`q#!PRz{E_5rVlg@B*GAofCu5Qdo8NE_J@IzB$mmw}6$i@m&SS9KW8lOrh7
zNN{Lqc6+2w4ArTP3KB2Agwa2o)=tb0a&&T%)_%f|VNqBSl`)qZ4h9u|dg#dAYi&hs
z5k?gj+Upem9u|uiee22vhssdlis4q$Ar=%CmeFqNF*LZ)*wENmP%tnstTcEWJd}jp
z(Xp{HM*HX|A0{wnKa8QxuvTKVs!Eh^`qIU<d{vXybhw{!=Bg5@esTy&^3X?ynUq+%
zjKXmCyuvuXlA#uoq0ms&5OiW<0u^;^RWdv}nx%I3g@up&o1qDW@zqHRO({`SX<k|~
z{`%Ss<^^GFdHJENc{VESR_y5PEJ`|r+ATdeJt>Jy*~#$?*&=w-QYbJFj*aLde^sn>
z!!6y5E~!b(*#=kWO!wPFc2mO0k`LNNca=18HQY6%{98T}d?dxBq&Vo4IdNAMa`#XZ
z_x93LxF?J$E(R}6B|%3=N3l}nu(j3^aB1tp>Tp*T^B(S`9IJ>BtNHTb!Wt?rE{^AA
z32#zdTAKX<`Jal45MCIKjAWsOWuY=bt_c+r6J!5_^a%t(L)mQ++GWGLz+<4xWS$?x
zTVimT%1A{8T`@EgGlB$zf+92qH##+rKBFQ;sA92`b6HUXN5ez&l7H$0>a^XDvOmd)
zm>9ys&_Y;ISy@8j3F67|>1ho0n9aS^CB5}kDU7PZL@G!L85vkHIXP7Hh_&I;Ls7nr
zrMlQJu&J*>V``vGroYt3x8|uUe{bXi-DGPoZqHu7+)p7CA)$wnlxfy#oVG#)va(fC
z5;Y4Q9Lv>lG7aw9viH!4hzRr*N%VzrFG;asadC*Ci3o*6U_@AJ@;ao3lP8N}ONuRZ
zb1$=CaB$>Ba6D`8!|yRvA=gL4!@~)GfE_X1OFOBkO`shfjvf-8L>%8XK=e@*Uq(v#
z3Z6#w1IZe=75tC%pYKJ0+r$4z|1LwmmO;R08l(_zBPbXECV&MX<3~6EE`SFhV`0d+
z95Fx&kOR~JJ%EfCvIBeo(q<#=oC;tF*Z^KYI8X?*14{tfzc(22HuwDQ?mN463ZdTS
z`#n+S`ys41==8e!ZuwZj>+ENqE%m=rxg->hKZ+H7-Se0fro`xGZ>M>T`2?FR<jV$k
zl@D$>KOMcRS)PH+cs1{mV1(f?$`;Gd${S97&6lodn+^``yf{<Q5sg&)fflSUn_F_V
zP%$axsnlUp-4rXy`N2p(0r}?5bXDq(;`?&87PMYgp?WiH7m}kdZ#PiPS>i)bUTHi{
zEDrOw(U-R#K3Wb~?UB5b@JYAS#pL_CUEnL6Mt{zW49{!2)@Hq#wcf?Wy35zvYoH$y
zS&LtL6V=L?vv`t0>i9V^EsN>Fw*h0G`S|=8!uKo64oaB<#1%$wsn}leOdzo}`t5eu
zk@y;dGCG?`jE$!0m{26nhE%P_0TOG2b_lZ$iMNrZNBjC2#N40>y)%Wx-B3nDFGON*
zG`qR0A@MijtCn?<7#v?}&Oae>INW0H?jx}{Dj!qHAn`cF$+|g_m>g+bj)O>Cj*%;S
zIY?}dB~CplBtA#&r}#J|Mu%PYOFtw|hYuRxbtG0t`0{gCBwokZnbJEXW=E|dX*d$M
zqio)O8;RXPB2puO#P3jGJ<C91cq|j`G$V05+LB7-kXRm^#dxVmJP)@p^aUiQhr25g
z9un8%r{KtCB(?`vFPAwI-(%}ShZz#%W4`*)QzXvEoXzVvB-Tesm7gpU?_=fFmO2vi
zLq<G|0*U)!i@v9g#Qs1PQf@-xe>_Y-8A4)!2sImFA#p%x40gtmSRf>&cE(6NkP9px
z*N~VX4a09mkhmZ{Ln94HY!JgTrK?DMkj#z5c_c<iiAL5U5+}sQthW=1719^0w1mV9
z@mjL+Lt=&$HdKuxaYKGq?N}hOL#za;Rgm~0o@KlFNDPt9OSW`K91$KS8+Ig?$hUW4
zb4WZ9%7CsaB&G<Tq3043S0vk-YkfeT`vZ0xOde>68fMy9=pPT7TK6Az-450ZI&5^K
z_Iz=B7wdUOPeEsp4c;rlAI%sU3Z(Sv4CLbY9`q4G80?3B(>$ph-HLb1K8Q3m_fq0D
z=g4Xkl4N(>W>l$DmhWpG>(st*-|lBNZ}9ca({brCx4xUyrs`MXX;oe3j1}TBOGtZY
zv1%U+*BsiZxVn#5KGr*y7**+uV|p4HA$R&QGPca@*Uv|7neV%Q5Zh?Y<$q!>xT6*)
z<GWMcAK89<@8r5di0nh*o6TPLs#rBDMD1TLWzd{7aB1JRe%~Y1+VQCOj5veNmxLuM
z@5Ku$R95AKYgXbPjj#xOWsj7TgX}-5O$&sfk7+$N``#qyCcD#~x8~5~b?!Kl@~-#+
z+ZHO?7d+mi(8#rZvAOyzOzYX=ZPd?(;(4?p+^6Hc10TKD=-fUT9fn^t=MY}cT)vxU
zVJzl;+`MY?a)fI@N*A-}8V%L2VF_=8XF)_x`?+%rQcjaML<szZZ}}X580rc5^7+-1
zifM1Gu7@N$7HayIR|_takp4u=@LYB=WIvUyJ3MY8=tO6x?tkEr@AWQW|MP1l-k_&4
zdS*59mI{g<x9KH*Z%26C!d@L+YLL?yA>RMNBTdKcn^WU+uj#(I$wqhT{#Wm3aq4<G
zhch$=edVQk-(3l;x~DP(LNmLFo?dpH!HV<O-DLGyKe791jGvgpdR!#re7C5{PGOVJ
zvVO18QFCba+Irg3w03glk>dKwFlrUW>=hoRu$GFq=Zs13Z7}xr8(#LM%KVsETZ_7<
zo>&*Jqmamza*2MnwNG#ymn`4x-m6~m>9Pzt!NZ%s_)HwhZ-;ytkZ@USrKHX}IN7SY
z&xrb)up($QZE7kO-*>b9?gQ0VhKuu$BKoRHYU;hz3oz%)L}dN%Mv}=~C36^ZuTQjF
zSsHnB>9(PRZI#EDYdWT!=@Gq2-7ynri*!M!Z^cWam7dQRN>auJ&iS`zS@aLp4~FPG
z;qSS^Qui*LKG;v$=bb2{bo7X)Qj$}dmO!B8=SK{0oy(@a*9j;5T0J*UW|qn#WwU(|
zuE~$49C7xlWl0*{rVHms9#?cK2F`1qXWfRebYcw4<rXC?e%q`bui|r3IIoxoci2q!
z8^3_NChx}NRB50j)}svW>bq;P`4kb$;!acZuElBkVYE+!oZq{wJu^OK7|ZTdUhm!d
z@HL>-jfg?qr7-4wncLiQ=+!Z59U7s|-SZSvj0nmNrKi@HCV2D>2pOCrO9*H-{rCDw
zPZCi*FrR$fIh4Ow@KA9C-o?dE`I<KQ4bzVueQ&Yrej^FkSLhdo$*q2VWi)xyl3FTY
z#w_@dj<(=N-HZ{{My7Kt?wo-9@1-zerV0Dl2^_Oe_2pONgU^*>h`)-eZC=-ScYAgP
zP4Lr^MdJ&Hg(9CT=Sy4~Z6~uYqY1Guxwt)hcsbrE%9h}sIXTz6=HV-%lu78R#MO>Z
z-nZsPd=6VaWicwj7s<Yj{o}Ptn87Jdp~JVq@v$8BN>zT-Uz`nZt7j~m9{Ofc+5Of?
zwqEZR-46_9er`jO`W#oxLF$vb(AFL8jDa>A#?PTHlk>S3((EswW63bx4gdA|Y$L|X
z{w|A;*Gl4byqlUo@hG0CVvC7fuk$D>;XiA8s}}2)!QAFqt)KUdPD=VU^JIA;yOGP=
zs5pFCZt8+s$DRbv@ZWnOy~FR(0(f3aN;!{fl^&8cey9q-3yIbyl))iU(KoKzeuGVv
zCNbYxm3(`kco<`*hI8+noWoj=jK4FTZ;$IGkKpsG>^M=YUnMgIZBlnu=%slLDzL@f
zv+=II65?N7;G}q^WMw+qq5X8C+FNbT%%M{;gsm}!fjfSthyZ`r)hzpH?*UnJ)XYL<
zuyD?SfY>IBBB_O@RzHoxeZ?$C9?DNnW2J>N9F8#o`xJ~w7wAu7>Ux}ivtIuCq%$c#
zmA~%A#NcStiq$K3u;ed3ARoH9@}+}l^zHPWz{<T>A7Xx{zg(QAWs<G_h-*vp|B-jy
z@l=L?`;nEs$;@7v$<7D~nI#h0BeKcNCLzg6k(m(^GNWWGdnJ**M|M(?_r7u7&-uK+
zzkYwe-%sCM=X);qxu5$y=kdLs^PKCfnKv(QN3<4&7pV3)dk*dDTebVQ=q3NPcNmdL
z#JoSLr}Qv7PAu9qJyASng^4Y{K=TF7kgz#t{oGfn*G_tr&#&jEV=1mxU#m~G9w<DA
z-<Ws3;Z!khJ)5{AX2(Uo_NgZ_ji2KOzB&pTw@NpqvENJ*(K}SnwYz=ZQgf*kU%@p&
z)L}~8OU}H`3|#y|q11K?>l@`Y!>6A%4mJf;^6{uwTT*r@>f+`oxp^KEyZVvx>PFFO
z(k~RRbdc0{$~vE8Rr;h#|7A)3l?JsXhxPBBv$8s^%!P}Dv2x5!H5>lTW{rJ6wzka%
zUSEEv9)!&zsg_XvFR^Hdm6~tkh0&6i%dc&#Gf6v{8!6{%!av~Mwla8&Ew4oIK7d`N
z?%ogHogNwi@~8Kxe3rs!@UE7pkKEwW47>X@_6mh+T*&0wyKAj%%Djr_-4$hvt{5u6
ziZU)GXE!O|dwJE;Yh#y&oh)Z8;Ga3m-v)>5RIbk2s~%bGy&opsFd{SFXBj+VX4Tjh
zt9E$O9J6d=E#*%1ZgySS#Cfvfii>2)X)4~1U@ku<!=0bTIIE<Fy*(kN6)c`cJf`&`
z3#0xR>XNQvdFeq6O%KS<-{|>~cbSNe*md}3#Dt8`^B8G?bANxddGAYg6R#^ipv_(q
z=hyVz?ZPv`nz-<1>8_pDZ?;Sc=fR@N%mROGd=1v<SHI|us#VNCR|q5vnI;{~5C!YJ
zG<4)8VAaq2H`T1L;ugY~%yTn3L1(bW^3#i+0Bzo?!3r(IoFs3V?x5=*PtRfT&wd%s
zRel;S<i8(yu0KQ9t->>{Qop=6DUeagR<dVfdi!s?kVw;`y2&xm$J5GMsxLSMO3mB*
zM&CKPcIVb;^sO~0OkXM?dFitwi0N_k<sRTmKH#}>E0FNq7>w8t6qCGk)!Z?^K2+SH
z-fSdy%Guo>Hl@*eA{l)1N|lzLcCmlJ<PVl==N}dVai_oixz@3I=&@Su=(F{*+BX}+
z!Xl^j{{7HBPtWITzP{1BTU$hjckg}}a&jsiZ)wqu6%x`m#lXNkWn+`yeeRr}-oJme
z3tzvQR}>b`Yj}7hueP^ejtLG<J^T5ye1xB0_@6(2sMZY(R^DE@^7-+`2EpH=qSZ@-
zgEnPZSqCP?#mkppy!gnLo&D>&tLxL*`g+5Zs;b6&2L}vO@$qkDI63Xq#l&ve%gJ5x
z|MlzC&(2P*kP8=#?&Rd`=*-Ps=-b>p{oBPQetLM=tx#C_x;Yh<94{6Y;pw)vYl&=Z
zR?1CH#;Iq{a0@+snkkNrO@g1CTp@@HE@UMq7h?|$Orf8imYG;t;q2n#vekV1wkzP?
zz4T=~JbLnwkTga<KKGk+bOIOX>G{PR9p8Sxb!)9WBjc~(wQIZC($X3pLqld&Wo6xd
zJUqVFW@co^1O;7;Lqn4&u3!I|+t+soUe190_`%n}%xo&Zzkhb7wDgm=q2Z58JG;8U
zjt=GMy1H*Rl9E?l)zrol)YS){-MqP2($k|B*4ulxc72_<rJ!I=>+fIcABu`C4>UBs
zCX0yNunr4LAiI3IC-V1i(xp?UaIgXbg8pf1Z)9A&sN|KNUc>R~)y!2Lo$aibFaO<^
zm#+_uiHXFHiz|{#O?}TIA)(^@^C#Bk`}Y$Tm6Z*iBO~{USy(I-NJ)j54-e_)wzr87
z`uiO|c6F%-5fW0Kp`Z}uTwN7xGBKH|OG?TTRZ{AFNJAqj(A=yapO?3F!{0x6Uq<GN
zkEP}7Pq%L`)X>tNJMZR}IB#m2Q6Ciaj8;plFYWvHfS0VS)=Ip*{<=?|6iPpQ7($?|
z-2P~7ji;@;df+Z4<wfrCaqm21<LUPV1dP<9qaH<*lhUK-&+A!ANol&{<1<mJs*c9t
z;NTOov)ii}8O>HVHr`Gj7;yaX`t`b^xp{7LZ0sw^#Kdgj*;(-cZ||tBg@yB9K7CS*
z5*Igcba1E|iH?4R@#TwUsitQCi~RgaReSsLVLiP+uXlEEx0jbWdaSI9+kJc<@4R`l
zbmjEvGo&>&U!1(W9&T`OIH?H;xEe7quuJ6TZt9npx4E^p>Le{LvUQA&-OqG)f3bM>
zEQ{>bt7A_;eE4n_74?89GBS+B+4;$&tgOQQii&0zYwLne6_w#9n3&i&ySo^_h>6J=
z%*<Xkii(=p>FfV~^X^@*?SlugGz|?mpEELYNu{N|<C>b1__nu4vGVL$**P*Y5msB<
z+Wv3fobw+)j=)Vw$P-CPspMy3V!aq19!Isb#QeFtTQ&T~jl%+NZZGYL37?!tk76)0
zGxrQ4A_DP<h-m0OejKrypBMhBpwJq6=T3F+rAtl0&!3m@@bi1#A|WATDk<sk)z#g9
zRa-mcKus;h_n&Y5{+E@L^91OA2k^C!Z&S92b@0+7IWEv^cC1f=s8#gYnP02+iuc4h
z|4<~TZ1qM7h3ZbQ(HhDaY`@70w!jDx_@<L`KX)akj+$`Btp1VIPd7def?CapyVvc?
zH>c)5T%O*kwC+sA)Ei`A`uex&am7;4$C_nN$zqYu<}N|rctz}8zlY~q-f1X-b|aIq
z;0KQL+x|<w8DzqZTu+#HO%I<Ml@_MGxJGXhkG~!prn<(j6(fBm+(CIr*4C1@yF+k4
z3ESs&z!$o!#Cf;4Ddl(`UQ|C-JyJq*<7}j#ep|GARdc$lKNTzaP2A@f9JR;qSiK+J
z`}FFZ{P%z7v)f5oHU@5!AWo@b3Tnm;llQh;cSe2xeo`BlzkAtl@#@g|;RA7(%_$+0
zJ^JuJIC91{Zww=m_o)sIrNn`^`@dv_;!;*T;d}YkO<gz6T}(%!<io9fQ}d_x3cpD2
zb8|hSNPN-8t}N}`J`>hK)*D})8^U~;?%C9d>2&&|{KC0uZ^DA$OH#}4W|Om%{6~Cf
ztP?UBWj4mk2wd|R*88r@#)xp5ta|XO20dJ3X{KBG)*|`5t4KHs;|$x_Sxx@mDq34s
zkG+g;(nilc)3*u0wk)=&{P(l!Vovwc9i>SPMOz+$*Hi|t@Y5WxOk5DP>-o<5xjrRg
z@JAte7SXlZQ-b+l&6vuyv347&IUeZUz^jW5+2UPU`sn-O!qezy?`$9O$UMA*BT1%C
zoS`QlNA<q!yVD+LP2C6KzfJ!F&8B?L_d7FZUS9o1ce{KTFXzT%agTf(QW`O<(nNCu
z_m|p&S3mW}bPZm7K+edvzH^;cbUwg%$Xkb%@)whuLdqpK{syDmtVw|Z?%L09?D}pA
zJqi8&_GXWNOGnZywf&zGhqKq76KP_`HfmUUrjIqNMkcdM<mrdC-S=DAt$NL+JU$`)
zHSHY17m9luu9d0u7;;K;;Rm>zg$ZYt_oaeOuysd~s2LT)cCQHhLs`S1HJ9lTzUqoj
z$5(fYOj}Q5om%{<mAzfxt;oT^B0^Gp<%hLJd;uvLIdU2o4+kH7IW+jz=u^ZP@XXxt
zdxG#iBl!OF(QWXb14#HD9K1Hbm~iRW{nCO{tFIKNF|R7T9@zgvG-KH1Di!d1H$DZ!
zAwKqO|Do6Ou4$e?=g*mL_nJa@<L;ifEOovai?t^EP<eh8(*=9x^|I0Rm#3?3FSXon
z9*>UIT~H_7A^JYClZF4MP9yJ(Qx&OQVc#vb%FfoqX+eD!Ggk_xxKvuFM=EsfxX8%P
z@6T7;E?ryPo&U*MdBtFP)cZ+T+@rM5En#Q0u0C+eXYzRb)vuxA+9L(A#|;)j;#_xn
zY#m$5Q)E8lRxVd~5PJ{@`zd@6*l2xWWI3rI!tRwJ@e#{UAob#fyC$u~1g0yIja#qZ
z>$;i@6Wh;ejb;b28n~qYAnCUKV?#T7+3MY1{IvrD)4Z*(OWvO}Y2z{CR8Bo8tAD{S
zef@Vfg-0TleaQ7Eo4%s^kv$Hh`Xu5$KFf7yte?EoZl`g<6jf7jPr@&=OJV1jIVHHX
zGu6(3gF7neiOrk6`l5V$*iBGEN3Krq19xqS;>{m_E{B}`NM<Ax#9*6g^0jhyBl7w4
zqVVi9Ya*mdpG%h)IWPWZeN}&sl(a&ce4bEvorzMnbj$#GXSI(zKiMMxfNHYmWfSK!
zT+N3EqAhHRL`3n(xn#|I(H5d#QkCU<_QT}WrKY3$eM*}J>}2isH{P~)$tB#SOETqF
z#+o6Yb{v;^V?{H`yUl9;?{vtO3W6KAd9!|GMCY&P=MgnOpw8223cdf}g~Ls3vg_Pg
z2VrZ6-#yli`8a$3c4G8DiReh!s=4>=5ARRQgn3F?iiu*1l7yR|*|=Z!<>Anh?F#Aq
zOLVHo;ZxQu<Nem}a{r;oxbF{H$um}t4({GOA}+TjXtND1@8zq!%cZ|>^ZLM-_Wm>B
zQ!?0Bo7wEgHHN^4=2aPPx=?XSSZG`sGw*eqZBo8mV7hlB;X-#z+_!|nc5oe-${i<S
zPa*bL3kJ*9Q}a2W9M6sUiBNHHhtoS>#Z<UE!sme35!4_qQ{u$XW*w|}dg{hoot3sg
z;dAe!>YoZ$$4%6Lud%8BbjL^!TZZ95C)SOayKhbAvOgA<ch{8RM}=NGe_N@*E$c#A
z(D1ES8&7lJ+kfG%uv*<^SG%_JL_lYX@YVp%jnuEHn%+s>t$(m1I7CuNWes^~nLBke
z+@h}J@0Ivpy6}68ou`@J;kut_ykyj2C1WGqD~XTPrhc1$o3H$wvGEuyAYppC5*2TL
z_}=HUcSB4<QFI>B92rm5v$HX=bmUxb9?zPceikNN^vhghW!Y%`^2?Rg?$D?2jo)_v
zWHJ9$MK~?8I~yNdh%>?WGMjHLhmZNzv(lKz&MTn=JueNOB`IC=NT)&AGfSzzyy9%T
zT`ODjl|XXTuKGs%)j5m6EA|IcK8#~&)(fXw({$JhRQs~1^obKTV?tdn`_ZtfV_Z6K
zQnA)3;3$=8WK3e#^z)u?98aLw>`+r-Iz^G7e2;qm=53-+6FGG%-=bvwf60B&AIQkL
zyz73JL!d7!I3vjTTH1lNs?VK(?k9u-Ez(Ifb?+A&P2BP3-h;p0LuDiLwVvV%6^<Kk
z{28qKhI<M$M9+F<?iW*^Q{yJ%Kg$^L$3|;^a|A!G<96e!n+|7YBP*fVo5(7?0n%5K
zPf5ZT1kXw&-x9i^x%9)l=nEHRwAkVtN58OgahtPml9kq1$?>-ld(Rd7rgT3F$+0C}
z%>6cS?`iU@-xs#EZaC{c)YDRP@35mTdNcdBK)ubGT!Y8SGPZZ4Pgwp=1aGzeU4lBZ
zTerTgCvR=pE|Gr_TueXwN8vn>f^+Ni5EfR79MwO2>g@)3)xYE0T^fA4cr!*_VIeFn
z<(G2JmA+SrewM2oc$~XOb3xva#gNAUui7>2k@Wh=i{H23?e9_IJi^%SlA`N+O-ax1
zR*P)842DvVEG80@y=<rsru)e3imyn_G9gKX=U<g-+<P(o!;Z01w!Z(!u2$+^&S1!t
zDdWhM$Iod(o5J5dI8#PX{$2LpdI#aN&Wr!rFb`7BJgIP+{jRT`tbA}@+^T5veg^W(
z-{2wR%R5S~2D@g4gXJZH9%nqUp7*{nq{^+)mQgppcW0t}m^DC?WoakzwZQd{W4w46
zAIkA0-<;RJ@VG?$r$$J$E3?9@ROUaw*#4!ZFxsXCM89c%*sqLb=w&;_-lFasM$s;c
z5irb>6X{DqB468G_Z0W0^*I5q@sdW4OPu6lZ~rnCeK_Tby>xZ&_2b%_LElz-OG)9I
zvFwv#fs_2-qkh~;-_Z-YXiBEDKKe_n|5qSWf22V(SJGD#e4D4IBQrYkSMU^L)H*W7
zoJp?g6$gDtruE88epi2O>66?iru4*jL2BNf+S-pcBrLFFirb~UY<$eM<;rnAJ6C_I
z7AmPdTl202yRP&jQp%pb!TJ{&pYAdf)Z-{c@PGZJ`!F+@Pw}Erne~j#miReRvoW@J
zj9j6^-du%x#T-<JB~u}F`KtabgI4$d4lbxTEKH8xO{4jCIXrmc^o0-C$CB-qS@D@!
z^%y7}XV$c<9?{<p3=m(unV!=&SA4OtRLkypz;y4%J>0*34+iKW9y*S@&G&NHR~M(P
zNRcO2UvBvFWm9Ou)^&|vO|e$ukMQqRn+~rRAEnQ`VoGnjzu@{SW-)ZFK=UvDYY`Le
z@TtzM=Uq9AwL<(%f$pl;pE!hnA=BrNevJ7(mirRjSrzNKV8(^%p{nzqs#5lt?u9?i
zEWY_yMr55@-W*Q+aVRrrNjW5aZh=|lI{^)eP_9p&*ALV1h80?Tz7+P<Em=YHy-HS#
zsU@F)dspP2i`@_*@Xh|Br;)BslWC`H!x8*e@brow_Rs3;CRcU{8dN%^R&R3+J`@rs
z{egdmLow#5jv2-;J~kN|icY75^j^(3ZqKeaU%GPjz)C#+8<CtL{WW<@-=`(}f`p+F
z`28MilV8uIoOhOb^O7@cT$Js@i%ZXi?;DbR{P%|_r65cTHwn}EotVns!N`_ZSeN!^
z2wLl0!=0~w7dvFCydL^P<oj8Q0ZW<-vNKAjCA%aF9qBhoZdIFk;-3|@B(CYf`<b98
z-Fw-!I@CE#=;E6s)(>UHSJZCYbrLkH*_v|JI_uH=!QHs|hl^6{L=SawJ)^o8={&a_
z*~KBAcAsK{R~|H%e(<k-dHI})#pJd0w*M>D-=TxE6q8SL>}M|WDW*z2+hFdqxM%R)
z607-cntfv5+|Mtz?6uFtuuPVcmDaPZM?S57Ze4zx^XYWrP@uGSy(lYTGbW4Gqnh{z
ziI}wa%D3Cr82WDMh|^*S50K=nKDaYCJskVlTR)mqyc9>F9otqq-Fdw|kUB(rMN6We
zo_*Wy@@idS&{VP8(9K65zqK#u3bG&2b`k|`lAXeDRV1m^c>jdaBO}#L=}aOohQ8cp
z$H&YH*D13It?_d~>~31Gu2*xJT|GOYIA2<F=e4Aff<)&TmSORaUw>8gGq+I+sXf3H
zHu_WOYQbJW>E2SKSwUp#xcw3n%iZdVB-^~p`wgl_yvrNmOIP0A<Q@LtS$<|h-FMQ-
z{>e%OUJ}7K(?HIPr``N9e_tX7%A|Vf>TIiuD)(PQoYRZ#k6r1`snVnoi{NPTEZCZb
zX&Y#XHP7$w%+{#76VD{}__jAbm3{f3FTn4~(5+!ovyf}#1M2jrGXH4&QQ`={S1T2J
zhKhvp-Kz2!W$Xi{yUA8E$)vPj3;E<4#qJF9<NTxe`n}=rTRoiI-lqvq#=LJau!^dd
zX1;gmU;nIS%$D)Plla~4ox6sT2OZ6WJGtx2lSB*W!|2W)vSK9^42>IC+y0h|*?NP^
z>=^J*B0oslyjLnOv&biEjosSURPWQ+VsNDpFB7*@%cH#Lj6ausI8xfmgw9z`x?eKX
zJ@v-_Fv`N@^d2_hi{j5$-zZ1@jubNJe%N%QGe5c|rj*#hrtRs4z?!c_3sVIbw?CF=
zIi5ddUfbbvhB=(%)R%7Zs(jr%qg1_%i+;nl)S>BamBwD7W|8NZ+)M0h2o$b#H!PbP
z@^3QOhLHafeeGc~+Wqfa)m^?2I#KnQ(yskrZ0aWRdhfGU>UrjGiV8ROan^$w0&}MH
z**dl^pUJXG)!4XgVoj-Y^8uGT|AG9+kr3f3IT^_env$8gKD=z~-&XPjJ=}lu@5_8t
z;K|D8I3=r$$u)g%)V{ak7U2|U**t%4V({aq3kpS!7G>LR@8$@bXeAi+Ct5nb^0=nx
zt||9TTOIH|C%5D-(R-q~z85tuBu~MFRb_+sWrTN3pdR=3Qsj=>x%kj4-&=kE&O2FC
z@7}0-oy<0bTm9k3RXTZWi{glZSH>zbrR7D;jr7@MTRchC=cVuQFrP2Gdei@T0K-Uk
zyzm{y$3f|z>nm>^X3p3IOn<4R?h@(eSi6v#^DRqPI_%BfGjC(kjz9Rn95}LT-#r(&
z?d^3*M9Ici@$p8m^~3Jn2N?an7iwR|ZLHj2jNUZ=^YuNGehXRe*KbARhaXB^W(Np%
z{w+Ta6tpkM4*aw$>^Enev9GidkWKP4vErvr)8{cd*5B7e94tMSfmAw*+`7j<snef?
zb@FW%xLxK^7VsOD{78NS{|o1su>SC<m&#p!`_pwjJSiknH^pv8vAp)``cu@;NA*6j
zZTeyC%MiP`028Z`cTG(ZjC}MN9cjz?g6Z0O6}UY_37nsY7X8~DrHkqOE5!;q*qsfY
z;Xbe}qZ^n|_4+%l!yDhJe_#EOE0Q>u!t$F-E>)X#jx1-ycMru2`!4o-J{F<Z47Aj?
z-ZMunQErcfTfb9lxWlDi`$^!={n3Y{=5{{Uf8TR{nALb{`=+vwfX3<Ixl!s^GrR@P
z5R7rZSBpuuFFfh$zkky9doA;#=|}x5uZ&C){M@9dvTL*FUNtN|RHInF>n_KYd{9%@
z$(@CD{}GPnx8*`@e^#&3YZ1VB3F~jkqaC9Uk+Tj|lQgEnqB40~<q}F^HxE_kBd<O3
z_`9zWw@y`YK`%~#g~6Kefp>C?5p8_A?2|s0WSx;0{6=*Z*g*;Bp9z=@KI&GZ9eqJA
zk)<B3I4JqAu07u=<<cX9bv)CzK~#@(Vs}^i#?PwEr)lImXht4T^gMPd(fv8~8H3Sy
zSan7dk3om?Q*n{a+C8C{&vq5xYOD$bx81ro^1Olj{$O<6BEzV7$Zo{TF_!x+;@w@Q
zx)-&_ld!MH|B}-!*ix{|r#E-=_i??wnR*%bdieQi&)JDalC(@cKh_sr<pYeZ^cU=&
zVFrZH{n%-x%6^-cARo_dnm~qQUP7k1cxxfh!fCU2sM2*I%Ax1!m)Iw9+7pv$va5+U
zi{~kCo>SraeZSnHag9>e?$d7l>*%~LT9=hdLej1XjM-lkF{h;77sb7}HqhTllkxU$
zv{CO~ArZ5<=dY}kn7j)ZXW3#>UCL(~stg4$D%4%RJ@@e7-wmc;j%(Wn=P<9|DUiZF
zY+fp}T3wk-mTcnnG|W@jOL7bfzpAD(`IeuUY;1g3ro)q5Bqx2v`!%7?hqj-wyf?gA
zM32A4`)j*+%q?ANVb+uc_2l7IYLjs(KPh^S2nF_w-)>Y*65)jg;wur1zU?mcJr|jr
zi~B;CSmJwJ$5~!eS2HD@5Vl*R@cJNHkUAhYL1u#U4H%$^K@P4BK0FL)lK0!^pBMKx
zOp9O3=5X>Xs)!lW{&acr8toxjp5c!NqIb=Dz7a4k{f&`#<S3jJ_qlaSxPBM+Y3jv(
z>ZzZn2nemT|K3#@-u`*-bTii>gSpy($sd;vc|Y?fStHce1rF1pt8A*GCh28OxGggG
zLszk<FJj#hyLF0|;I)Q*+Q(N3wRKC=QGtJ6YPES@d-1NK(^qmM@%=Y1cFv+v!nyM^
z{@&-~$-A}M3i0v;R#tgv_WE?6@4g#qq`OgF^YKx{?a|0Fn!g^&VHE*_Vh?UE(nofQ
zZN|u5+BKS~s?8xG8z9r@r2Mibi2sf*pz8;z&|=UR1(Uhk3z?NH(hWD%#@7NVHGi92
z|GCBF@$ig8c>|$zERWTw$<+JCAeUQ7iyZvAIbWw40)kwwl3zFKXt^f9$o*oyF89}O
z$Ddm)egdv(^LgKcQiy1}=@ZHsu!B>GMZT(DG#7MX`u^*;!XKkq7E_X%r~seG9m<s?
z7<3`e9<v!nJSOT<zmn+lR_kV1T)v{N2)1iQ<D;DI_0Xm2FA9%bm`+`w=f@y8<Nn6Z
zJXfEbVt58;pZ4&d!+krA)EZH%9}i+^)CWI5ye5z_&t|0^5zmTa#P5k&&tyyRZwDhP
z)*$#t<cE>HIvc}ht5TZk`A<Iv1aA<PPL1phCUe=^2^@YI_#W|Kq3?Rm*>iLPL1)@C
zR)(Gw{gosZzVKGDg^tVX9pA(+Eb3F~XLM{C*mI5V7cX~Gh~E37ss1TFXUp=INxBNt
zIX`w4^(%#EzFLmT<8y6g=IwaDSxMmy8F8a>WiY?v{UGTA7MoC3zl4fT*skk=xK;5+
zjnZ8y*;6=-Zexz!O%KCt4qrQW{)&HPJ(2&Tf=9D|(B5v@nex1zM2Olg;zyU7aJy<m
z^#tE`oWuX-b-LHS9E(I+iLm<C8qVDBPaY~~S)`whuaQSI-NZA%i2B$id9`nne#e!W
z$5(Rv&J;zwe0_NO%l0b|mpF@R!)#uJ5>jejAKtEFym9!2DBI|EpK^PK(}jQGZOo=!
z`hT0KdK{`kyJuN4_cIR0W%x0kn)*gxwd9NBDN<-nrYznd{V;s*^lSGJ-{n^Qvh&oJ
zlZRO>H00jWw&B_2|G;_Ay<N+0|7+_sUo7Vr^H%G!IIm{o>5CsEwVdR*z1|&&+(}J~
zc~mdH<DFJQBdJCDsQ#_fq>RDH)xOe8UJr*#QYp@_IliS8l>K(kIy|BLW_>uVr?^4z
zJu_t)uh&aY@WSm6G5v!#1FB_3U)A4E;CxpRY4w}>@;Y;g|1-BlIbjtY2Lh2B)t5TX
z>C)%V^Lk@Zw^GasTV#+81O`2hk(biuXfo5;UjO2p_~AFJb+2mlRidnK9uK1krSwIG
zujjBd$4*!d+?k3I#Q(W~N58|L*}zVcQbOJ=W023+sXFp8S6^1|g3;OFD7{x=T7A07
zmv$8=C+-)&-&6b?#%Z^Fj&bR0`N!{b%-E^k<6}N=9SY}%-dt3=dwG$5_jBwUUkjZ#
z_g~+smd!pt!+O24jjT5=|6MHQ#s2m-GE9MI6*0qupC`F3Upu$#-ynI~Xc+NzJ$m(t
ztb&J)YudQK_J-4P<0GGq%RMrsMrRXrO*7P99E_J3{w2K`-<te>Ci9>13TEJUwX0)}
z{Y0gUd#BI1vnGdeS2Y+@D)G>0yQRP99_aj_sepsewR?_1WakHO(t}sl__LnRv4;eL
z)OdxoIj(qO=4C`jj`^k#C;9AAwRpAAndUFE3FQ|3b(1QXsY;qFU=n^_d3@3q96xu;
zvCLC9iG^=ijw<E4#IwfXKBY4#UL|_Uo?9K2lx-v?dQSqM_8bGBX;*MXV%8-;E>6pa
z@80KK6g<)k5;7YydnY)h15+ueg%&RjHtW1;n6N5R`a>~H(LZ?k{T9LNZ&WSHadvfV
z5<N0;r!~H+E?D<+v0!4SwpnNxAC3nI;`*`Qz~J@I{_*jZ;HFdQ^J3nlN0NhP$_j~c
zFF)1xPITZf<|I7L`_8eD=~ubJTymkn!PWwsq$bb)*O$QT&Dmeeq=}j{63zQtmeTA&
zY4JTA{J6?*)}u8yoNm6{KFy~m)l+uQBIm32g9Z8SE1#Kpf;S(Gz1&j_x3zn1>>Z_d
zo3)nlECyyErZMHO0dldQ7gvddM((Ab+5XHd{$kWQv3k_)u09iM?U>llS@~<bt_7b8
zAL>j?E4|V$`zG=4>@>~h?1E#v;=!tacEnY)m+fihtyAY0F8muTeNL~)=N@7=)EH7s
zE!D%Y^h6cw)m(wehnMOej9i?*NpH%jS2f4BW?kC5-0N^(OW5Kc?EziD(u-%&Z2G@H
zJzm4Pej67rkNA&D!71JS8|8IuPcG{HQSp$w)?QdQVYN2(ewfuS+<xZrWZ1T}MyISB
zm06i>Z5_Ab0kcifGAZx(ITzy6?#il3ahr9e&JWQg<k^p@<gS@@SMs;Gzj(HIJK@}O
zgOwC@Cr`Zgb-u_@@Fz3+?uVB`5w|-^Wv;BaXQ-t#X8motOViCkb%y)JtVDC~7MaMM
zvsIyWUuy<TQUd?X-Rg7P_xxvUPgc?;_UR_xwJV{qJg1dS4c<9F$--zL%&j3Nzi#_*
z$o)PRq0}AKk^WYECR?2=EA#HEqi&y{WA7Y9hWI=`J6$f)rFLs0=|a8MXJyl@#~po(
zafS1ndJ@(@+jK=V-uM<fPsx6}KhN9f+ke;0ImAbjG`TG9$+O2-g~~n^zCA@?5$^i*
zBbDQRCGL=oA-ab-*u4=`kg#V!PTtRh*A{ET+aMq&1*v<2;q}7svmuZVuPufFInGDu
z7z>?Xcztp`NH`Yc!)ujcK)xviARuOj00iV`KmY>PQ2}w_$qk6*PcY<9f<%oEuZ@NQ
zIX92cF+RG88r+8bCm`Xq&u~8QT4)%M?{$QZvBU|6{9cf-kAi$MkT4+s&JjAs+$R|F
zOVH|&2Lt|mc!Z9z$_a-24UpO(;rQ?xZy1md*Bb`Jlpvvh1jO+AY}EYWHQg{^-Teq1
z;|nJkj{gZHYW}DTq#)n&gaa}A35NVvXm#}Ygre1z(D;i0qvj9Cf&qU*{{$EiGaRAg
z^?wF1+%~wqa64c?4*Z-P42Ultp=16qz^MHVUegW(a^UB1U_i`wgpT>uCm7ZV(eNWQ
ztbT&w_U?g1%^wqu10NFx90#<`|GWM#0Y<Gq8^ACi$Mpyu<MSsNj^7Ltwf^ureHf5$
zeuR!O>j{SZY_vLP+m8bBgVC_U35NVxkf`~?HH88Bw~o*;raQrqp8yiI{)%WEA2cj=
zf+2qpBwPzPHU&r+aD2NXbc}gVFyxn`)zM$?k!W=_H2x02sQJUsH^6}7>m8wEObu{7
zNLYt~T7Qw_n@4pIG%R+4;e0wlqShbv2OW-MeZqm5^8`cwYqUE0@#FzoT^WtP3NUK^
z@b_WBF^!MVF=jf!@ctJdQR{Dk#(|$7g#mw8_6QyC&))$?tv~!c2Mow@JVM7<-~_|*
z-=o!u(ePt5ta*YVe;=eN$fJD+?f4JZ3<i8GGLWd_PYA%M`Jf;FT|gZM<O?66<M}rN
zj9MS`{lV;n1Nkgy{4BKk$#jm!3_`14LgP;Zj2a*P`7%J`LoEygZf_h&)c%8h{P%_g
z5O6+{N9dT}4=`K{xIS<lU_g%T5jw^^Cm4?Z7Of6%!+`vVBXo>aPcXcH3nXg(SZEx$
z-Z0?rQh|gVh~Z~*Q1eGW{@(-l!GIjmBXm6fc7RdyM?d~sop2zZ1C3vRR!4t5hN0Cj
zqw$vkM$I3N1q1$spWlW7G2;<Bo=-BssQn*q2Mox8pT~v)G5q`|47ffcAg_Uh>yLi?
zhu2NOfPDTVbj+_g!LW|Lz0qiO4K)5AfKl_uMB|{(jRMr+^8v?f0*P9GHh^Kky4w*t
z#v&&e&c78TYW>lV{}yO`)Hslzi&n=(!y#x`@dQKuJV@01k6y#zHk^+kNEi^KjvJ8w
z6eMc>QR6_4FGv^=qh1$~KLirB{%{>&K+fGGbc|8^A>>!0)zP;%3ax(i1VjEVNYwn%
z_cwhsK78KmLBhv{fm(mmI>Wl>(LKi;@e>Tk?*@rlfAr(O4H};djsFI%j=rAZX!R>-
z{5614^M{WI1J1|f2pwb8aT4C21`@UY7HFIRG%R<5A%7esYW-2qBOKr9gafhQ35NVS
zv^x6s#-P=;(D?rVHU)XKttSUuI40aC7!Z?!gmZ@24J2wlsO^GvXOJ);7CJ)5ug3;}
z;aG5d^y9xNxD5mHnIQlH=bw3mj_W7zh!cobmp{RfKLrvsKF&!Uj(HOepE<#h9}5z-
z|Dg7B$oD$oKrC^BA-@kKYX2cSsYA{kG|YX1A-@!@4tX%(&xc3o7^|FM$lnBsnm_vS
zAFekH_`8%KQOBPdfKl^Dz3w2#9V85hFC3xc_52JlYX0cQL(3Bm<g=sk^U><)^9e<(
zE1~h107lIpjs*k$G&(}ZnBfG&?R^dsZX4Vm;C8@({QF1f7+*ZWkpB%NYJY>r0T_^P
ze}s-P-wB5NcW8A&H2eq+tDj)V{|yo~e@rwEd`uYdvB*K9*8e5IsP$(97zX6H9-(7=
z{shDETR@`LAN_b}j>cz2<L98&Pod#pG^~Kep92^*|D)G1xDDrX>x2U_-3f;CNd$>n
zf5nqJ<oKXrsS^zOUqHgOfMZjDgaP?>N9Y*yo?ytYK&zv_-XqcKYH0kQ0HfxQe*D)%
z<5L4%4-!5u4AlCI9N#>ud!S*l6Ab6m1roLX=*L5AG(IO9zX+|4emr@AR#!&j{{R>@
zfB1MX;5?0w&@pB@!SMc6kf`;yK;!tMVc8Q5`C}ka>yLi?cSPe0pz%MT)rryYV>GOZ
z#y<eq6y(vqgK>NZoIhMM7!Z?zym5j<z)#eC(2xHvpbi7_g^$qj@uvx3)cT<B4`wGE
z$Y(+0zeKB_Oy_9KAhh}=H2w_0sPWOCF9S3_EgC-_VATGDe*E`F<4dCP2LOg^0oMnv
z0}ME4+aq+0c}_5VzRJ+*@HPy{k2pfdSoH+M`?o=&=8t~7h3gFi{w@_r$btC3?f*N#
z@1W+7e*Curbr^6=jw5vZd=;KxSVw<7hN0Cjqw!Y&M$I4o4h;D7_7OV9j3*dwZwg4%
z{turA7?AIGgpRSy35NVpkf{9){rK;I#^*=l*P_+Yw>KKCu7Sq?3ovT_m}ngIxlw>R
zYX67(GrSM(4{RV|!1=o!p<^s^g5mtzK%&+k{rGQz#z&0<`FUt{Of(#Vh80gR<S&3k
z%^%JQ2Aq%K5jw{7Cm8aRK%&+kH4fzao^T+RKEaUx6(nl?;X1&8oV!Qp7@s@AkY9yX
zN8jEkwE9&v{x5)0^GDy`^wIb<0M~<rj|&5}{-||^b<d-Fjyd8d7|y2$Bx?Q9kN-Ak
zd@eM8F<KpcJ;TxJSJ3$D0Hfv)9}fnckI4}_#;D^YygwZzYW*$HI00x_?gT^r1W45S
zqn<}NzS9W@V!;y(`5)2hBxpDW4QriX$Ug+hj8&F8zEpX3-M239S(aP>sIQiq{-YvG
zMJ%1LKH^h<4t==&Eh<UoGeu4Cm^W9v6;rVfN~@AAEzVkQPpC1mn*>mDcU5O;$s>xN
znOU0%g$M=?w8V4jzajjLRKAq#bYvQ9HahJj>Q4?`{+ZD7n^<Dg{rg8j*nXP+Gz$g|
zFtWTJ_|I5&ac?L2H3rv0fXP~QznQ`WPGm}2Eyr@a>%?JbH^xJkpIBFiWTZKrvXIb0
z|M?Yv-3)aHrJqCF_7jDwoIl$#-ZVTC5sUYi(>7!F9GH@*B*P@ucCCF&yeFVNSvc+)
zy&A-nq_1qFHHGMke2x)jwtZg9csd8G=@9#jsK$(uOhBvkr`-Hb!`sVFt0S>aap{7r
z%ISW}v67D+KIUjOE0UcGNmN|XWa+IAVLnB8rc#b6e(%iuO=@mgM-@)z$gfciv!3qv
zCvhq`@cFk-Md5h|)h^GnNt1I+6ph<bx4ToB(}zz~$uqG0PNU256{kc#MKWPw%9G*s
z&l-IAqSrU`#bZ%R{$;G-_@eKPyxC=BwQ-Ixx3*m4@PppMYg>^q(Gr?fE;fCfl266Y
zW1BwdF$7uNr8T28zSj}vc&Z+^&hy6k#?>9U2>#C>4LPJ&d#mUItJtL-qSr0jnD=w6
zn*zBdUSOZ^#*ftfT+sG4bM^cmI;>mf)Qo&jFl=;v?xp<l926EV;fx)1>J(FsB4|^w
zoB!s0Yff)P-R{((zv8uWj~Kz6z~4kOUG5K7utt7h)#cMn?403C4REh2|HWI#tkJZ7
z|1O?@Zq_9l(TvKuT?H8y&if2}BtIL?eve$U+7oW<w<V$A$O@ny{<L)lEB7fKQpia~
z#9}0DvFeI%eDJSE_1kIhGY>uxMdvw_2@_hT$bKc2?W`PV|MIZu4dE1q(67TtSNqKA
zWf#Zo<g<c(9X&Lm;|+J~a9<B+Ds||Qq(n76l*DKkY$@#$t}Dmk_8Okfeo20Q&d;gR
z|KKLF#MIk(Sj65!@_eVIfGjD|ml5e-m<!%@dq(<H$P8gg<Zn7;$t<D@eZmuvR2wi_
zmR8LB<1>#{_Oub-wou-pTtRPay;0->U)o^4?kwShF8m={S`!S+SX|Ftsf=-By;oin
zdNbp7MjI^QGxwr&a9YaNn{ulAE7yiS>)7UaE>ks5tlJ9y^_eez+w8n!xH7rz@vL)*
zP<d8TB5dTWU`RNvjT_Rwrxcr?#&ee^u~AU9u+BQp*3qV7WNaWs5Zix(!I@)pO~;si
zp8fi+{mi}{Rwp&4EQ`{EUW4ydXL+o=6%U3wy(NP$?RK4u*J#qO4DO%MB;=X%xqJQH
z#ed99Vg5Hno|SB@Qn;2K4m7lc$@TlM<D>d4l-@wyM)?sP{GX2n8Uh09JB{I?q!07h
z+YWla!C<Wi?+t=v0m%fC86+dfF3{lgfc%1LbTF|=$V6@&(h0ae&D^69HJOr78Fov|
z{&flmpNZAFVD5s^thm7nr(NAQ=O=~p!q<Od5mH`M>eTAHQ$67Lwo84`CVx^|<Ewe@
z=IJxsUJpak-u2%7@I4^tSy{L0s7G=|v;J>VA?*zUMlRdhA+wkNXwUhD#}%y#y2QU(
zVm8hAOD(0@?@-lvd*Qs^A1b*^O~%tQS3b+v8~)&PfAJB#!(H>m^7T5ee{kyi37^Li
zfhm;@Hy7EgikCT@N<S&K=<c6ovB=rM#iQr<d|uL_+<v)7ZQMKRLF}s;S%p@eZDMk<
zTWdVN(T`#x!xHkgh-f6Qj@=JU$~s_Rw=ZwIwu|xqeDe_;Tr3O>Y>d<J@0Tb@*muC*
z57n21fE^P0o<eU(7+=9p=rKEUa$5xKhvFb5Pj=V<>$HrhC!Nwa7kw(<x)rDkim$iU
z1#2zkTtC!ha2nYB!!<|B$bV<N@u6PHLBo7mAQ%(=O@(^V9^^2{LXfaOOa=+(1$Eqe
zknnGHE65~}aISVB2SLI>y*$t{ss>*}h_kaZ5*!?i@bU2>tE;O>Sy>sv#l?lx*ViL+
zb92b->?{%%7KZ5S>m#C~qR8^{GW2*u-n@B(T)K1#VPj)M*4NjOyLay*@$vD<<;#~5
zT3T8pCnpDCVPOFuKL3Fb6B8p^T3U#vrY6G3$cR{3Ss`(8ama@cACLzR9w61#)ktx1
zF%lCKgWSJ=A6Z#hLC&5%i*$E)BeJrxz#>fu`TqSoVq#)~7#kZSEiEkw0RaI*M@NU`
z=H?<(Q&Whfq$JYb-j00v@&&na<qC59_H9H)Mh5xz?Hd9O;BMWzg$xZ1Av!ubh@PGv
zVsCGcXlQ64QBhF{5fKrRoSckUTU#T4|NccfJ3En*k`jcUpC55|cSp#{$&qvC&LPaq
z%*e*Z22xsDiiC!SBF~>cM<ymF5OsBRq@$w)X>4pnE?l^P`1|`K9v&VDHa0fm;NXB%
zRaGJR`T2;jurSis*N4#1&_EAA<m=b32qh&Ya`Wa*L`q5uF*7qm#>dAIdU|?<jEoFn
zU|>MbpFfX~kdPoRUc5l4si~3c*RLaI&YVHEwzd#fR#xQSzki65k`mI>(}TQy`xa?x
zYC<Y1Di9wZA0#$57GY;+hu(w8;^HFm>eVa6)YKH&-`_`UZEX>4ZEd8WpaALZ?L{&&
zG7vvMKO{3V6N!k3K+Mg}k))&~L|0cAF*Gzpn3$N5#Kc5oa&i*xREVXeCDPyD4{Z8K
zk>=*+qn%AfMFn~J@+I=?*DvJWy?e;$=qM5y8Hqq6zxnxjWMpIn!NbEt<mBX#v9U2E
zAt3<?4-ZF-jEs<wkPu)bdJ5_4>O$1i)Q~4no**J3B8Z!t8)9Q)gY53^BHP>BNNQ>-
z5)cr8eEj$knVz0Tu3fu^q@<)E!^6V}CnqQJ>C-1fTwEM!ZEZ!QrKORepdjSw)2E1&
zlM{0F>Q#h-f&!_lt3xa-ED!+!0c2@u3Gw#!M)LCVkVlUmA?fMqh@+z;^8WpM<niOj
z2oDbr^7H3U<oEC2NM&UuA}A<`92^`V<>lpwfq?<y<>iGud-e>$!NEc7?Cg+*g#|=e
zSs8J0aY1ToYLLOfL4<>Y11T&lL=+ShkcST+B3W5kNOW{G0$eE&S65dA7Z(?K_wF5X
z<HikSZ*LD-TU$e3zkZG2<KrV@Vq%D@sw%?E%ZuE(a|gM2@ggE2A%SdeZX(&)*@(Qn
zJi^V*jSLJ7Ailo7NNsH`^7->;L{U)@X=rFbsHmurnVA`+sHh0p+1WunJw1`Owl*X%
zFc3*gORMEG52z>@BntZXHn<}r^Yj@Py+zeiq|M`^Ije!>)wUyo_d2ui#4yeH4<^U3
z6`vG+nkv>$Q6JWMqaAh;e|Gx?C)@SUAxX-m&n<;Lzc3DYeK0PGWR=*vbB?!V;MaSn
z39Pw9S&j#}1TmZJ#9!shdi-&yk~J7!j-HRZNyfEf(5q=jWBB?Ix8BNozpcwd;r4>m
z1s@@95;u(Bef_jcvF~pExa3gYl=ji$&sh=ED-jz{=}h8f#IJsP)j+>18C6Bd-2Kq8
z(*1EXHP2S~&lTsHzc<obmDDc#P2V-Lx6XgG7D|!Fl=|I9rAA;ryYPMj!m_?x*Y2uy
z?U`I7rLVMZ4me&Hf-E~ZZeyIn!a0pkNK8UTK}ADL&p;$ZJ-vT8R{LROB`-11QnYF>
z!jqo7VIHAoC$3oJ!!GH`CnFO~oWp;<u<G9TAf6#!ftM_3#zShIzjS|WOuTeFd7Q6_
z5TD1HwoV=|Ba}pny|zcZuYAK>v;5#k8rJPhDuO%0L@Kw&Yoio?q*@CvuC^^C#>mmr
zPPh_@1m4q8z)kqm<!5B!P*-TlB42<%h*8$ww{YqWqyF`*U}2xtu~+1`MG6iU6`g1X
zmH)c1J|UMFOit)7vb|DmK5Y2(M(=j8P10X$O@eBwj4OtWPLl`f)y<C^9bFgo_q}{9
zm2N+H9{(lE6qA_Qe%Iu?<V%F$_ExdQoAX0a{)CT6omI65YOyAs@$l{tK8xLPNVz`d
zpQaKPi-YUmaZ_O3UApv8@LK2TEB#$u{tSjJE7{Zin-?W~%4yGdXemgVhKVkW)1=Oe
zu5kJ87Jsh(StHhE(~MV28qwhUk#TB|t_$aMtFw!)h%x^y)$u``-d0P#*82BlM7=T>
zVq%;X=)ZW9m}_x<?5}1|t7@RK<j7Ihocp?G8YC{8)0OCzL-iu;VbbM!lQ!Qb!W!Js
z!j~R6Oew4Zz5=1bU(-3*U3cpCs`pJowi<RE5=(zR-QU1JP^b7;BIBSvy-c2>#j!=T
z<>bbe#ob(<?ycI(u}9H%Aw0;e`I)27^1fr=efw}RO597jo0MzgbzH?udY7`*GM<0>
zb#cCCHO>LUW^5&xnrdQA;Z?b5&A~n2Cz~XgGt6m?!|c*Fl2g@kx$C+@;V#lWTa^ly
z=hHj0sXDMO)0IT~&2G-otA&1_Sg3Ix=}^Fb<JaY5xTwE-OYX}fjUHz1!R+pAp+4`w
zD-SMw?-~%fE*<7svA-_v6^_#ax`Mf#>N}eLWuIEI(gKO@uf#|uXz@}ICsrvk_^k<k
zpb%rtYR4Hn7e65$5zOA)w6guWYL`lX%<ICslbOxdY==sNanQ9Vg(R1Zt=J>Wvjav1
zX61bsLo*&PO)W*-+<!8#Za9EDmY}CH`gZQC1O|qy{`+xaHws}(LoNT<gc`w%+QH;b
zmTLWM_Y$9aPR95&{AOV>^m$qx-lrkO$umKyQ<HvwC+LR-S&@~2@3NySLKi0_Pv+?`
zf|!jFs$nXhEh?EXG_`E{k@jkSg*CE&p*urtA>&=H<qf>^VWhyfs;wP+fuBTQC*oW%
z-h@4!?T4*d@&Xcu%i%s*yOXpkBT`x(o9gEnJc;y5yKF*3h(t;LNEmFVNh;v_J{Ob0
z3ney_%~$gsHVq++%0J5|p-Ps+;jvWJM~QQlorCyFhzDVCblS~617;$oTI=j!{E<DO
z*iEc@O~)Eb9nR-OYzs_*MQ^n+?yN0`WW9|}`x&)-8R!93kXj&Nv;t$IJzz|<28@Yz
zfick`FeVxT#zf=5m?#z)6PW^IqEo<_s2dm)=>cP+1z=260gQ<>fHBc3FeZut#zbd<
zF;N6CCi(-6iPnKJ(OY0l^cWZu{RPHEmw+)*889X?0mej^fiV#qFebVVjEQD}F;NOI
zCb|cViKc)tkqj^<QU}IF_Q06P9~cw;1ja-mz?kR`FecK;$=T@x#zen?G0`+ICMpER
zMCQPlh!+?Wod(84iNKgh85k3#0%IZ}U`!+qjEV4pF_9oJCL#vLMC`zrh#nXdO#ow}
zE?`Wg35<yXfHBcBFeV}g#zc(3nCK=jCb|HOiNt_0(RW}>R1S=Z41qCGHZUgg0LDaB
zz?jGn7!zFs#zbSln8+9y6Hx$TqFi81^bQyk!L@7v#zgYKm}mwV6L|w;qDo*)Gzg4|
zqJc4y4KOBh1;#`Pz?kS6FeWMi#zbMjn5Y&Q6SV+iA}wG{^aB_ZJpjf;$-tP%8W<Ci
z0b`;_U`(_GjES&-G0{I@Oq2nPiM)U@5eG0Px(bYmvVbwsZD33k2#krafiaOBFeYLF
z#zfA*m}nCi6IlRbB2QpUR1A!X6o4@iGcYEa1I9!Lz?kSGFeVBD#zbd;F%c&)CTar4
zM0LQJNE8?oJp{%?0>GFk9vBnd0LDc7z?jGf7!!R0#zZy1nCLt(CYlGvMD@U!h!z+V
zr2%82m%x}v2^bUU0%Ia+U`#{+jENorW1==-Omr6*6LAA$qC8+s^d1-!Q3GS5B4A83
z3XF*?fiaOgFeah|#zb+zn1~P<6R7}WqH17Fln#uEJ^*7PMPN+S42+2+fiaOVFeVxR
z#zb4dnCJ^ICW->aM2^6iXapD&VE|*IQeaH<0vHpi0%M|KU`+HH7!z#+W1=2lOw<mH
ziFSZ7(G_4!L<)?FoPaUW1~4X41I9!~z?et^7!&COV<I<TOq2wSi8_EWQ6?}ZS_H;K
zvcQ<=DKI871I9!|z?g^x7!yqbW1{=On8*bf6LkV(q9?$Z2nQGw{Q|~B48WME5f~HM
z0b`;!z?jGu7!%O|W1{E4m`Dm36LA4!qHn;MXayJ(odd>1tiYJ49~cwm17jjwU`!+e
zjEVSxG0{a}Ohg5Yi9Q2kqHthLQ~->Lw1F{E4lpLd1ja-Lz?cXR7!%O}V<IbHO!O5P
z6NLg}qF!K36by`scz`j{EnrN<1dNG%ficl5U`*ryjEVSwF%fKkVOtMdb|@`iYYJrz
zY%`$*fUOslCQu&1b`Z)D*seo40%aC#4WVR!QUuB@*dD_cAGW5jJ%lYYZ2LiLcGU7i
zSpa1XY$0KL2c-&ZEuj>G5(&18P)0zR1Y2V$pJ0m*+ez5w!ZsF494H;2G=Y)_N(9(;
z!ge0ErLfI~ttylZQ2xO-9JaTxWrVFNY(-&v4J8tkE>LzsDF|f}Z1tfGg3<*_EGRRe
z<bV=O9<-)Vn!#2Zw*9c3hiyA-m!Y(PvJ$qmP>w+93EN#L5n!thWe$`eP)@)$9ZDD|
z5n-zfr5TiEP;Nm930q_+g<x9@WeJojP!2*#3*{k{k5I}&nFL#R*n-10AIeZDKcIAl
ztud6cP{Ke-17#YNicki_)*nh8D3M@`4kZ$lzOa3VZ8nq?Py#_|03{Zb39wCvk`cDx
zP%c4P0wpn&kWgO1fD#8vRVbgKtcEfXw(C$zKp6yO9F(3=PQtbxN)adpp<ITN0ZK?H
zeV~kjQX9%wD6^n!hO!$<5h#J6M1+zF%4R4Tpge*S7RpvA5ux0Has*0NDAl0sg)$V%
zCMc<(EQE3j$}}i5p!9@t9?E<u<)Ac&5(-LtD950Dhf)nnUntk1q=s@6%2Ozxp$vwn
z5TG=IvK7iMDCMAJgfbb*KX|$UN^B^D;VA_uiJ=UGrz7C$1SkukbcHeqN=Ycipp=HP
z9-dl&vK7i&D9_+24k&@3jDoTU%3dh<prnLy2%ffpry-yOg)$4uBPe;HG=x$No|b^8
z5a8(qpbt)yGRp_ji`fqsY9tF9zqe>j615vF^ZT>j5)0nX0Xjk-q``@vD5-Q9J^mNR
zu6pthwi0hE*~s!9w&Y62G%vcbDmDdkb)C^M=l^9yEPc?PLPX;Ih*aI30sry+1l%@b
z%1jo0ZO#0^Z|jzqdM>UBQ1H}Txb-H|OoaU1jaO9IyO=nt6&!ffguD{_%sX=dUxm+E
zI~}?{*mx=Eg}m>aF4<Hl7cw!$TFse>T44Mb>N_8_H$L1?(|z^IkgYxK^JI*&u+rZK
zjp9q6GJa@9+;RBA85@4{!{=w;@6~(!w7KiQa;>A!Fr8pjK926s>)9!nvsTebX^Bs6
zS2Yyt{yjA*S}Ubd#3!S7nqDp5uCUr?%Wp*PpKRT7fl_O)n2PgLPxk8*+acWNFEeEi
zWGOqo7_%5mHF4TJyuJ6I-)o9GH<gJC-cJVW6a^M59%L$9G!Qo~p63iRB{uwNK>sJd
zL7DDPjQah|%hUN^Z}5y7=(Jlk7K?U!;E!TomLbdcZ(9x`!hc;Ex%c?m;f$}r^{liE
zy)Kp4WfMe-PP0ZkKDlMh#=X;jhkLp;H$<P8kvjd9ZKWN05j@07V9Pw=j<0+`BmaXm
z>~ZIweO|kx)JOJDL#oa}bT?(#&9W>SYAatyVV&<(@@tHI`K^$2r@-)VEZ}M|)~j2p
z4n+y+kNCCna;Ih%$3@A*ehtPC%UeARxOy=1F`E~Q`9Ayo^L;cenT~j2)^uX!*0x{#
zuvy5Pa{Rb{^+;vMKl_pp#9H6Q(6V7U8ew+W{9Z(6({5h<Ob7Pla>_eK#xA2nl4lD4
z@^q_9(yvCl*x3#GK03%@?R-VjC;VadTw*BYz!eGh4wIxm;2S%XZ!-OOpn^qE#pFHO
z#T{_T?dLQ>Nu%dpAj{<^iAKnZ^Y-D`U7zfsZ$lDk+TEw}0xS`dl@%N(Q;!~;PDcF0
z2U$^D-)7Al&wRcubZc1Gg!Ozlqv4f*6`gmeE428TYtDWB_Rc#uN0C34h#~a)VmA3l
zl>&e12}Z%KE5uA*Zg>^=^MqUL3RQ=xeP;d4k^;OqnCCL76S1r$SyxPHtE-8>{G(>z
zaKzx;6KbkYcJYu+wBn@t;hZRzn;<-ND*SV4Ldb@@_LR}vCyxwjoOczH2!g28yzL(q
z?=Nu}5NW#K8Mb$^5u$hdy69PgA8RJqd~3AU%+7`?Y~!!2PW+dpkhH6=2|Ll2ct+2r
z!WRz+#qYHalwP>aLG)f^R`mNMJ;eou>Vn>4|EO|pUaZrig)f!Xnv<UQKBr+;^-T`G
zq|{P{8zRk_Yj1b3lPGv^uJtsZJdJDI+PB0!-Kt1lnFLqC8^08?Pm_DmYKjQ+#hR}z
z-;d7M!YjLNE%>16#&+rT+ccy&AGqW$$yeL|Q#SZRI1wj4DHmg0Eg+68^qiS`U$nqe
zmp3LHI&QS4G$$Lrd5NChD{^6@Kf_D?a}GCdr6;$*B}u;A&&AuuoS7{+9Cn1Bjql03
zr@nu2sFV^nv{CDQt~*cN|1s#owHUvMZK~CMODB>~6oye|b?feovRsr^!QWrgq|#ze
zev}{EGn-t{k6RKixaEmuYkuv|Z#@}hsomNrOUEolDmjdeXP?r-)BS~Bb$Vh@Wpk-_
zs)#VQ^9d@_Q)D=$$DCyx9~#TMl5xt~wCycJr)8md|3Ke9hwJ0`6ptN}$Ih6VtNaa^
zG9!QA{!4zSxYplI@J3PV?+RN)2djhRuZtK&Vz#W4gZ-z(jKkEu&i2+|OW-R1ye2{6
zGbJKX*%pcIt}>yP8ENz4ZCp)P(I5M^^hLr8X(FfbG*eC9u^F7@St{N%;Z!5p4ZPsU
z5SsFqSL)+hQF(04D+$`^rh(SWd+QVWTLpZ(1a}cZueEzl>)t!&`P2~%gST?Xt`GhT
zebUdfHII}~`!;SWxYx5ibN4uV&h)x_<I7c#s~=*i-&yQDdt^6Xw0ZIKd&;Dc%MP+E
zVGqf!XmD-#(LC1Sk<+elODVs5_jl8sAZpS#CG8f{Pi2THM>B8eUEPm18mDv=-HiCv
zFruSbd`I@qH<GK-samf-_x;YeCN~)?7Wg=PO4)JPSlgxdIWe8fMbdap!nanZZwcJl
zm_57yS1)D4m~`fL^s>(xZ?@8dLYEi53w2Ye?*!N`_lPXlud-yeVV}A7HQT`T{u{lO
zpHC&e--{`giLoen9Jo{%Eh?G*+LfR__Rn}#9KWjh!KE8_4K)OQFOIi5_%GKr7wXH2
zc0bV@8M4)P3#F7)$W>#*PbJ#p4%Gg=OSM(zlSMmItwDD|hwMd>F!s%L-yGJ9o+1yP
z;?n80T^6fLWltNS_<ct`*DHnJYGnOFlXO5nm--IP-Faqma}NT)uH*<s&!@pQKPKA^
z*S7b)KOtiG(&Z~1;wmJQdvPAN_z0K032|aMEAc?BeIA2DD80}8!lCtF>4P!$`^>H@
z)2q`1mH$)To5w@-zyHHCV}`NsrHHXb*_Vot86iRlQK_s&*|L;MHFia4-;1<prP8kK
zk|agDO1oAnm7?6wv-JJEKi}`?ci+GJ@%!Wc<31jj=e*`RuXCO2oH_Hlo^xI^&+k*8
zaNk|M;<0^KeeRC(t*?%`Ufe2nbN-aP(@A4f8WJ|DDh8-;3~n_{J1M1hQT&2m((c>x
zD>ptaTdnYNLv-VDn}=g6KR`tOPR%}@Ki|_l6dM9O^+INQznG{tI`ul!xJm5o_0=yF
zM~Hvyzvj$n`gz~gJai!E#mAjDg?m0n$?xz<Rq@xkv*^cH5%1C;Q%-z)eNOr2u2mgR
z8t*+Cc}bro2z=$ZecGeBx*b!_nhqX0Z;&HDXRK!Xm`l0h-%f8~y;XX5reGH9vA^b~
z6${QBD=evg6EMJ>dO6*FLHin;3t!!y?l;;q#^q?9xqAKJbi;s)Tk^h&oSJig_2tXA
zn$u6D1=ToITq@u3@W7((c^B*tFP^Y~ZG7tfbTij$0X`Y(z7<=uT*h9RADQ27)VXi7
zL8k47WAcX8D@wmeZ$Fu%ePx2D>MyP^MdX#QM^jszMu&gvst?BteJ4&7eV}J+z^K{>
zxtNj@tExqKAEV7#jamG|kt_8NrLSH7&Gh=b<qgZ;ykGXxG2+bI%1(}KMMBAQ8ULJ^
z<dOG^zIR`~adB6+Nl92u<*kKVbMMXHGWWUWQQNv#ua1Pu6&9|Gba6bbvhC7Z^+_kP
z!(LQ$+N?4AdAV%FolEmNi=0B6!#C|5{YO9RgZD1`Am$wPbFN;+qWqU0C$BI0@hUE=
z>Z5^Q&leR1LCN@8aa=K}>yAO&Jd>0>-pJ^e%1nMR<3_mGJfC~(b!)ctNW_2EHgD26
z5SkEcT~tSCfvLiDVbmf7@L@cd9E_NCLKF)`^?;Rx06vTd`+x5y@1Nm5S=HaVgg_!R
zVZ^e3-{FR7*F+wylD&QWO}pOg7scJLQ^xv9Wm(@_cU~b@|Hj(58Sy`>JQLpj@E>-}
zt9tjjDT{;Z6DLP$Y+Tye%FEk6&yo2}J$r7jq1&ib<v#7Z@18CAy!y{WTQQ%78N05t
z(lNE-`OI0{4r~Zxi^_SZZRMJMI?5?qR;1z_J-DXh>QL`ZhxPpt65;u0f7kUSySMBy
zHLjHO9eME5Xrap{^Oc9}PiWcAKk}V1=knApn~LGNdzX~!?9dH;^nUrIz|$wkd}$7d
zxnF9M^i*j;(KYAPhnJQ{TN)>R+${4da}i&2r}zki=}(+WetFlPxm9@K>x3HVivoG8
z6<6BsM2>F?QB5mw>X4lLIsW7RTC3NKf1jPW*~`)GdEz2<`B{w>_YbU%D=GcOd9am#
zt#DgGr-GT`l!e<*G_C&WIcH03-)U>jhr2TO*z{KQh<<uCk0;k+>pOM&CYfse?=yn-
zy^#H|TPJ<hos{<~_ij8+9(q(P-nJwo>C&i?Cgp$bT856hJ$7ca$I>_X!8iA|>U|St
zT|GF^pM5mM{;3N?X~*T+><uj4aCaZ6FJsDvM+r>dZuI+cEMj#1%I4*hiYAEEjE|hp
z9d@X)p<U~oqO*Coe~v-wscB(qN7e@z?+jG+PH@m>#(b5&VkcpwvA|-)in;He<X%6V
zx9+%W+RKY|%D1}K44%AjMr_&nXR3Iq>B97gmmC&CPm|DgD~1sZp~okHxe+f%EYGms
zd)RM!{ac>4%njQAdOcBV;X8DlLqq?4ZUgb!0|8-yqltj~kqbVH__qbz@&9%KZ~Q-6
zz{CGPT@K^89*3Q#k1uiL2yJ3H%z#zGY*ao&z;J}hy%%QI`4TfDLEPB5kuS%TXDTt3
znS7>z>Bw|qdNIA3zDy{avY9xJ9JU-=o~^`IX7kwswj<k#?Zx(H`?CG8X(oq_BP_>}
z=O}TMIed<Q<H&L1cyYWrz8pUUX3DYUIQYmwUQS6)S&lC!kaLuClJk=Dmh+YK!)`I<
z+43BDIS^STd1ZONyg=Sj-bvm|-do;R-VZy?RAMV}l;o7;L0^@X_(}pLM<pjEFC}j!
zUnM`J#8hT0bCl(j<&~B2;Q(J*pzNsZr0k{at?aAphlH7YHlM?n<ID4v_{#XmMZkCD
zJMq2v-h5xa9}Wjoz!q=>asqjQl0aF&#|IaV0w;l&z+2!e@Wa7kLeY=oDCa2esN|^Z
z$afUrV-hDvFGp`jUq?S2N~ROriQ^>aB=4l;r0m3Z5;!@6kb60KJNY{K;XpIJ*j^kj
zIWKuHB`;+!zL&tu(aQ-G+uO_6%MYi4>CN`$c*}Xqdn<V>d-J^o-j3c*-d^}{#n;;p
zCyD9H_T~7>`O5n$`6~PJeFeUbzD~YgzTTklemI3pKeivoPtH%?PsvZ&kMAe&bM$la
z^YZid^TmfT+T%X&NcN~4{hUTo`T}CJWI51B<jROhN=b`Jh)Rje%5a$?5-c&cv?xQ8
zBh8hO5)%=ZU~+K7PnIDmBQD9}$U^B-T1r%cEy5L%;fRZJ8PXDxVp1%oESoDUD#;X=
z;z)~#NibwsY;j2`hKQ&bhs~9dWlFHni^Gy+h)aveh)Kw@nOsa>B>!k2CSnlt8S$Tb
zH~_>)3JgRf7Xrxn7(n{1;@{eT#~W&GYTduj5&iztdj;`+@pmEC1*QHkJvMnfCg#iz
zhY@q2U7_JXXgLt;5%G!3i+GD7=DiaAi20b(FrptZXI&F!1{1)7VX3eh7?D#djERjf
zu@NRV!o*3z5n(X#r57f~V5SO;2Q!87VL=$R=?OO*(T~vVEQS%w7~{#;_T5im+Ku-u
z{?IF`7;=d7wfbs8-nNYf4=UZ$n$>su+y3t88n(b8R%Pw*R|;3A)!%)%=ZS04z_<KM
zCZCocj##!{`IMObrdqi*l3MdLg{$Z6m{n-5H*QkPo2nmMMTSP0o_0BK=GMKr8^#`+
zair1nyw&Y3`&XV_GPvmZu0-}{r`>Tg!xm@rvS!~5e{EFCQVr5Qexm%scQxnWNK5`I
zS-&YI+K;`<Ce{W1Y`xg<ZnU9~bWEmxhIsqa8-0RQkLe3LCp1OX9Q~#9Yz0^9^2w>m
zIh%7|gmy>2y?*D94P%t`m!5Mn^8?ym9$XsV|31l0!pzaDqTr*($Vc1PS?rZhS5m|=
zB(z}({as>VONg_ixeOV+8l}W!IU+Ln8E;W(SqYX1m&p+0h;z71X$cWFOGZ{oOq3xm
zDJG36bX>gn*`iW-g^P$vi7`2{(p+puh9M%!VoORe#8^ye5m7EjTuN3(T9VBa!KK5H
zkP#E*vZR=@P;3{IV2iUv5R)rKPm2;|a8-E3{``G?5wF32F2rj}1Evcb12cdTOUug}
z6Awq6a^mjx&FGd~T^5?=TyxqtoqhX{OjGSR-wlTbp055fVcI8;&p}cfES3+;cqQ^~
zx{bnsSmCALK1Zddj#!&4YxVuz?y;w(3j98}T<`kv=kBTc-Dl2z_}Zt{{HT+^Ylp95
zz*G75*0nR9KCypM_f~7NLQ_qVbo8%))I|rx9)Epya@l6RrR?gl4vD!ZA8e{UI<(j5
z!+Fp3Nk*mp$NG{Z40=vRR;_q;b-7EK$@hAxIjb6X30s%A*Sy?Na9@7GpO1Dr54Nue
z@y<Q_wC=!E?dU3_(aIV-3(r)BxN+Xi_v~JHWcsX|&qum2TiXVFimqH!3VmJ8jrb_1
zSE_tt*q_PY<06a9Hn4A$ySHqOT3h+1`oihKaos5vUximw0=_&6_qt>*crs0M`qPbl
zg_Gxg-u$`i_M8xFZg$!H+<}p{W`aujQ{KH2@#_-~eCk-`uyTs-l^5SXx!V{|ZjpR%
znH-YVr1K{E@e7e%KUZcwSZlsi|4aGg=T0NeC_Uf${zs0ioBza3`*&>nbv7p}bJ+EW
z-ue+ezvRor!#;WKKRT`Y&hW1*4>wk9^G%ttJYU7ZQ#f$xtmKUbo0|r;wu(!wkGvZ{
zxy?|~;)CijliqbM?Y)N{iR!A4toyQP&g*;Mc>Nl~PF<M0S2m{JOVl`nX_~QT)cZw?
zJLZ}l%}cU49Imx&-*2Ut_U7Wf>T#d1>0McTD6Y9?e}atNqBjTKR5q<@Qpy_|bDw`b
zamm$RbysBLH!qwTdU)9Q2|wr7j##f)u*d%0ERT;)-&R;%^xERe>eez2ki7h6LRj!~
zpRP4~{az2Q)91XHeq1<iyW0!xSq;(R$J<7J>w*Mh*35&+9P7rDDK6rRgYRu&1u1Jz
zyngrjtrL5fzEXb6JlDB&p}l7L@uLTeFT|V^Zrgd&F-vFN-Z=rI=QoUZn*00r<zqYl
zTxk4Uzij&zLFkQlOZ@oU;aZ1!Ci&*y|FBrh+m5ZV;JWw4+GPP{i;tysNQ}SsFp#}G
z`On84?0kzdt5c&t#k*dM%DP<0O1=F4;GAIj;fA?wzc-t|lc-7vVq5k*3>GAf*(m<i
z^6<@-lTMycGf2;ocM;RR82H*f+o82bXXL}T<r;VWWo#{X{=9qf*6B1S+cjz{lB&0E
zn8-gb?QJkM_|fN@ZA$_x@?PIjVM<TBSrM3-?;?BmfyMQ&(&}4I+><F%I_j4{v1ZML
z5Pgy14jV!??Yb46oBn>H&Bv8J^VYbUO`Z1o{Pmlib>SvqtK3B&hR$*yJITOqij?MI
z{@3=|W;26}{cj~!%#ZIL_0V$WvDr(0ESC>|5#tzGK5RjIOjCpFC|+RB!JSS~mO0C<
zI2VQ<U$|HwFQ>S@%=?hKvujoH>@Ky+rDN_)f20@mGV@1yUb278Mbl{C6EkGP#qP~A
z-TcKQIIS`J+Tw<RZ;oq@9%y#_GV_i8omDyKR~oin>Rfm6<T~>!Q<ab8c7NFTc4x5q
z@N<gYdoF(wKdm-L-|Yx9@l*3=Go^w|&GWamDQ2YBxva_gd8*y(+~9?0YU{QyEVZ8H
zobXaAKSyI&_SPloGqxvJ3A8`m8+(&At@!ilGm2L;-z;!4cow^UD2a3HoGEK$%7LBD
zbDIXYNgWs6^N{!BO^H?C$xHjpf))ndzPD;q;-sxRhN@Mp=l2=v<S&T$ddO?ujSkoS
z73mKwv(IesOHwV1P<<C|%(Amxy+}jBY4*Iqqlx4E#u&X_EPY?ZGg|K3@28C;^7gJM
zRpnkv6+c!|yz0>}qv7+9D>PraI)=-fKRIsMu6aW%mX6*?49n!Ad{6Y+{v|r^W1m`y
znRIx>&pZ3rD*V&*b0s$4?6N9{CcO5qIWw5?EC0wAUA=_B_iwH1$LUr*lvL$S^B9|L
z_$+HVcT#KazR2x<Zo77$GamSL%J9M28G?nJE&HxKIq-VoETQh0($VE5TB*v%$J@+q
z@<~rRKb%>pe$q7ZmHpI-8V#2<$KU+;Y($sJ#liKuqf$SNnmXOXedTONPVb4%$e@R%
zV_xhwjc@rD5ch5MqM0Gp9ozQau@*V5)!OgDnzHqQ+DzXSDk4W33UhngX4I{|9s2!F
z%$afP_XONmTYk6QdyDBf<Al*SG#C6-I5vKyqn%pb?a0+)VZocmy1IGKi|tGpWwiEw
zgmhn=M6BSLdb7;wilCL-GA-_lhqsr0Hx+f=YA3lgync(swU#|8rOe|E&t>*KDT$Mr
zduGSWqD5h8#k(B#FErWm$hl(cL%k>8?{#E<Y;m?dFkz0$`LPGD&wkd^sk_(beaWAn
zF}rG7Gw!QyED1Z*Czp~cIrFxOg>|AZdgQ(tveG@vE)^xb(pK->TqG5!{BlCarbbW0
zsP*O??e8Ar<rX+ZrC)t&{y3(ma=W?xXp!BqD_$+U(LaCYu;;T4PK?W2-CwBiy!N!2
zh}ZfmJ>KPwGgPIu3T2!l_1j0Bh}GLO#$@t7AKSbQp>2Cq-}e7Wi~GU<ILUBXY~>@L
zC$}fu;k$>Ns-1VDsyj*Ix8T6->cbvk3cqc;h6<*=I20SX`6X|3RKel%+`istwGR$H
zmeoFTt3bc;)^54BtC@GQ6Fu9Ot=%WNxMZjQCg%vx^j|5f1y--byd)m&pEAlmOv3r|
zjwqhOl*^Vs9_tqyX`hQ1o#L3fak?C<C9CU;zrmWyb+3$621ae{FaKHG{C1Xc%M_h8
zi){Au*qQQ=f8L#>v-a$jS8j9eHjS94o8c!~WFI<>zraRg?3Ab_XV)FnTy?Et$JMnz
zJ{%Fs89VyaDZNSazp&eL2cZdn6?UDjXG$T)oRONz>43O*8^pqWA*QSbA?0Hb;MRed
zav%h?`4DPWfuOb;M3}uGW<3Z&<|YVn2SJEh9|GVYEo>f-!P^B9>@Gt58RFwj5T;gw
znD~AOg6Bc_n7FZ-3?b|D5LT9h2zMKVyFWm*I}XCrc@T8Ag|K)j1jtPxu-pmJ>^=yJ
zCqi)g1H`a5L7<rnk#Ap!c?UuWI{?Dxl@ORFxTOw+m(?I@9tYv@Z4e~Ktz)?s2wV3;
z@cKT)mkl8n{t^PsaS$69LWFr6M5fyy>Yb66CE5fL=%64z&kF+2MG)oghCs9wgv%=+
z0=)~O+U^jNu7F5$00gw_A%L9>(d_*YX_te@^)U#ucR&m~C|ICb4H5PVh+>1=F})x(
zodQAeJP3Gmao1c8qUGBl3{Je6s6Z&2jl0HP5Qy%Buz43m)dwL$od^+aLx`g5Kpeds
z0@yhaK9_><bSXr_iy-<P1tIT3h)ugg@H+y+(<u<9<`UxD5SgxoNcabcxc5TXyB-4P
z8R^+#N)Xf@gdleq#Jf8oCU2-EW9$O4cNGYXvmpY{gNSwn1mwd)oJSLr4f-H@UI=mU
z90;FF;m&Y5#OG5Wl-&k_@??m%J3^d%6NJcLLYP|zBG|+|++z@B?}WfRAxMtf`=*u<
z!afF}bxR1#D?wD82cdK;h}-u;M1DVn=)rk8?hwKjLh!sBLhTvC4E837ds{+mya}S&
zEfB`Gg#dRPMAhZM+3O*8p94|wM2M32L!kUVM7#ST=)MW!?g0>17eWlY9zykl5O8;a
zpt%(Uy2BtGPs|r+sk<rL0m1h3<vCVT5LeHGSUumtfyIMpdg1z1`6!6p--l@Xeh7A3
zLPWk7V)QN$9IuAheN?EY2_bNAs3~nk%%7-)n7b{6?JLXkY^xy>Ukc&*^AJ~ehv>bp
zx0A9J#JoEp>>dF@_!Nkz6GH6wA$soufp1@koF_t{yr@XX`v4(wM+axoij$e+^tB}o
z!XP-_4{`J^2)>_(5Pdns=66A?JrDxv{hzN{zl4B%IYiA(Axhs3vGpj3um?i${3XQ6
zdm*OY0ulQhVGdVGL3EfEgx>=oa^BHauM`yGprx-VK86ipdQ%G#i|(!_eHDnM<1-je
zG6dBNAw(YmaeIA;v2TMIy(D<vD3~_Q_q@FO4*9GSgx8H6zJJR^y}8$IjxPGFvD@kB
zv0nij-Cl_J@l1bxKfWY-eNM{~-ES=SLC;tB?lp|PE*w41vEWQdiR+V-vli%HRNdzE
zPUhL1Kh>-{lO%;y_ui6q&RZK7wf}r0QZR3`@`hdStD=`b+&q1zQOA|^_JBmqF|J*a
zj``P`7ADoMN$$&EwrG36q{n&}7N5QH%yW2e&hh!zc*iPMwoX(DeL6Mm)kw3Tt=<++
zAwH|SPKGVbxU}em+Mm>-O+UE?0dX!7BMO{;XK#8Eb#D5Ke(j?P?a$-gSpF|G3dYX&
zJ1TbSy}pRanc5v$4J!_`PvCwr)z3bqU3K6hOJrf-$6;v(Yj3J;IJB&y_p8{K;%Sl3
zZ-hVWyCcfEqH)VIWNrPyKf5iBeTw#d^)u(JeU`NU`+IB2^bbe)K|P{#7w`4H93%I0
zlIB{wEssS{Jf6gH_IQ2y%zEE-oW=EXV%ee{LqT53IwQ6XY`uH=ZOa<|<fRK9?73Xt
z?T{n3CfDlCh}n;pHGP^=oFefy#X<I3e+K!}0O{hwEEjWwkH^&I<EBN;iXZqbGc-ds
z(@Nd$#2vlyM%G~xvJW&P0uSEWIoo%l&UoXKQW6VfH~PQ1UGZtl9@U-eJ%!Z``+_@p
zk+YV%4O3GXDe-*c#aGouV<+2cb&XO`9gYuPq>q2ey?VjuY-y8{`r%Cf&m-K+lEf~3
z+Wz==$?BlJKbWH{1LMCnIL^1RoIS8=N$%t^o!7M+BhG#t3_btybMrm3PC19rOuph)
zEnY^W{L0L!I{mjV*~y>yX&!xbOtIUjJtki}Pnmv@&YIq~wB|*W!RcY!564~jCBMl<
zYs%ZO`qII?kwv}s_h+m$?9s9)yqfJgt>%H%tv`9q`^InUki2>DTdMwn<xfUGJeR-U
z{&>|(!->14y^=TVTsW^K#CMf*?e}$x-G%qh&o#FG@hz>c?8@Fb!j#CijfZ3J7@fYU
zt6<Y~Z2KWOm6b8wyFynyvbiLFV{~#~%uE&LhaKli(>-^Dzup|P>d4S*u4d)U*FDPJ
z4=%ph**Z0Le8;=J;&;cCr<9rPKV>%7UfZ<sz^3YP`{qwboK|^oFs-?~tFTSk;?Vu6
zpV`}f2tGWNS$)IHWcd2;>y~)j^_bjK?%Q(2<LS#S>=%1(ol$jPm~+0yP-C@oxHo(E
z+;?-BdE*j(WhWXBND5}1UNCC<hDWz8-pb8TjJ`W1Z^ymh<r9jf@@Mudt$D9#`>FM?
z-netY*FHW|du6+P%E_6#Za=m6`;xFsMX9wa;p&8UK0j{Ep7;BR(o?(GtYpVWsm*0y
zCtZlBH?-2RoL5`Ij~_OwPO9>`Zmzzqt6)fa^J42#<`b^e>0S3LUKWPUs0m(iJtOXp
z`PoF5s6dCd^ZwKKR>gi@QCWJVcjV>P_-*R#g_@@ehwn5E6mGKjJwH&XdeSWBhU!7-
z7v>8)-n~~DnRX<jRb_U|KBH~UyY-KzMN(Ds|N1{Znj-Jr{6*qz=buKDCI2+yGq8Ue
z@p;%k4Nda*h2n?@SgcI-d8kzw)@EZgN63paCz_Ad8mS<`vavAGo;2QgwE8d^QM++Q
zx}%h(IkuLDI%-N%Y*j@`5gz&`!Kz@ya!}Ij*0D2Bw>^sgZF27E$hMDV&(3dIHF}{_
zVamnrs|`O-*<P&kBWnHW=U<rIVT1XZ_j!?_k<<Jam;4FXzshc7UqRw#>43BO@c}n-
z7k`?noHlB|?}{@sXVqHYG2NvY^kuAe`K^ZD%piT0WrF4&t4HU{JD26ls7wsXmDv+D
zX{~yB%~IuidTwTyADWaU2L%TCebx1Qz3Hgmk&taJ{(PnG(1q5`erM&5j<pPIsc7vM
z$d_gL7H@nTpCYgH>Gasj*w8r*hYh})sU!}Y6xgc1F?*-Q#k*yJH+7;?eax3H&DyNL
z&85Jm?1I}O)$XeLjhg!NTg2}NuRp9g5OgfX#a#FS(<L){P9|l(WoeJ@%ux-0pE_xc
zcEhnP?O$V~Wvw0h($gFzjoG}6{Zo6JBIoYZ*y9k<sJSER?f2kaQVV)>+K=8Y@?IEW
z;(K5JknENc3-6;*l07jmZI&x~_1awAHg;gusPNClOPFQWlV&#0&yks&HX`d&Ud7&6
zr@8|fE3eGWwYi@Z+m*np$=vHWl7Dbv&5V#E?bAe;+K-Qa`bX7{wbMc8UfTp01&Oxy
zce0OmR)2QA7VjgrLUp_F{<03;A5Xf!kM#QU!p42s*~?u~TQ7=Mv(I`SuBi{&%dg!N
zI5$*h;fS)>frv9cQIp=EvQ~`!Fx^JOdobE?v*}Jpr_>hl%X7=vZ7;6;o@((#OkZ~X
zX*c5${-xKeWfPm6tmjGIel*a2;d1pdKMC`ok&TSvyUXGY`G0ixE@&yy80dd{AirPB
z{L#~4Nw&(1f`2!udzl=a&N=?;jGcK<w)StA6=ptZPZ^Ug`3LSP%8P9_o{>HBQRMKa
z-%B0t)D5lDZ!}+UEWyt+uUv0-WK%%%r8y--&x+)G&u_E)C3iku^LNyl!Kt&`Zy7Cn
z>9Zr;ssC)HYyR!RtpjckzdU|svFiGMf#N_&cjL>}ht0emru)+IfA*|utI+st;PLR$
z=56Z>Pb|(q{;ufG#zk$n^4q#}ua=q2w#`4cDJg&8`S*e_1BEXN=W}w@dZi1C<{tM{
zt1F0D|M}*v<29wHRkTb@mJXM>^2aFYU9ko$SGJ|-Rd-_SnY&+)sce6~rnSqnwBlTs
z;_p<O`jiKy$8XQyH*Xkc>1Lr)Ld(XbN+UJHdB<O8{W`Psn}hGwo8xv5NR{1qU$kb@
zigs1OUDs9WCyZot8FNoB=3Qb$Xq9!H_un}_Oh^5Kc<-q7p?*gWKApK{a!vATpIHy~
z&0fiCxbTX#L}YaO;hUR7B1SaH3#KMaYc`s4dg@`N71J5ss>)-0cG&yN-hJ7)vvSG)
zAOl9?>(n!`7r7d5Rs9!z*z!gBf%I6-aLC{Oyzs`DV>uKyBeP+SQMpfX!QR8$r(EPN
z6w8cZq5>C}X2`NRTp0;5Q4xqF;G<a%3%47j#3e*UxGWBXEiNk|A|@p*D#Mf%5oItr
z(h^)rmbe&JVRNM=8Eg)dB`zW*BPuH)CM7P(<l?@Cn20Dxf*~s{fx8>hGAxFy2!tT<
zQL-5BbV;yeWu!!zlG5TL+=y9rZ-4MpH>r(w|86-Za?=l<vfxJtYl-oqzRC#3zK+E@
z+>V8PJd1N3=O&j0GrWwyTdO-e>1<8()Kuc<<W`Lu-0V@d{>+y4$9-{5CPni<h*wr+
zZoMqh7JY0rJM+5PX}$Mb1lGU(UQf||xI?1(sBW^Ce%~0j&%-Q3iGk>|Z$p$iBN&k`
z_x4xIM0{FTtheuvy=UI>>~7JnyfbI-_AO6QZ$0v1-h}q;CCRN0V;Awq?fJvIkoon&
z(R<dPa;GWS{P=Zk)C`qqH?#RAqfc#p@h<UK%tZ6avmgI>BZwH_B{xs|CNZ$}^q>33
zX7HW#HoIJ$IMK&1dtEy3+~Gxk+%|7%t6Wg(7qCOQICRY67K=yEw$GS4_TW!lGkdjF
zeREUH#uT!;`+vuo=&=KpF9}~5>T_I_Yc^{|H@>u2ta0hglD+!r+D|cA4YpwavMK!G
zF*$SId(Sh!RlW00K~3eCuyOJN%j6ZhLA%BVm2~$%RgDVOsI5?t*<=2Ub<1;pnR4o_
z=B~}!i=J(mWDz2%W21H9$|sq9r!u!oUwoY>75_y4$37#cWQDfho6c<x;jRqp{nqj(
zw#3!<m&?j*z2Cd*)Ynb=DhQn-kvL?${b)?=#0kIq`+_<ZO8XzbFLr;Xx?Orv%p*C!
z6^#=N7ew21gzK@p+d8jGkNI3O#Aw+dYkfxYqip2B-WBtAt$frfd2@YH$z0_JIVOsi
zbdJyVu3ENf#rwN9OHLbGPgpinzGdt4(Ly6L<Gw@39U^QD7B;rHCn>0XHcp=4ps?_b
z_l9$?FBOY=g$}r>$SoTA>tnP0{mZ&`*Xo`<pE=CIF-uWFBIbkCgR$?9-kG+bENotB
z*2A2)RagGhy$tggR_@NK{?XgNB00z-NF>NP{r9bM4Xf|$6HZH82FKsCSmcnt_^5hs
zwm?`uZ!W|3iht2kofF-cw>vod1sexc74!v6+xPqN7ptDczS_%cvg>}%_esn@-Q@Qr
zsp7(eLFeGn@0Vvh9hJLGW?{zj&GXjh&x~=7^RM8o_q&tl{)Bby*)horZJe}AE+M7z
zdk!ZiogK0IoOtKqu3~Yc`4-OR^(>89-Fa7f#dV9ePnG)<GisFGg^^G9ACQ#&l2sh}
zIYK}E;knK~qSpR9Tb~zCUwy-qIal86SGwq-`ZKH|y|&lVdU^dj1X=b=Mcsqy&WM%<
z>n|VP+m-dL`ba<!BV=W#>AgL#<wM_DX>WR5>ti{rwsyv+>zAIKtt>2FIrx6bsF|(e
zFFCO}%oH~}iFj+Blnp8K;$LK4*zFNtF}r5u;Q2l6$$q{c&m0)!wx`(Lua`aUF}KG{
zz5jLa$p=cA`)n1xquyM-6I(y+*^JhzvEwH+H9od9-*HbNEp$WvFPQ~hj3E9Y5V3F&
zvHc)ob3w!wfrvSQhy{R%iGYax0uhS_5nBQx<_;ou4@B%bh?paYSP6(2zR!136+}!1
zM64P_ED1!c7es6;h}cgMv3Ve3yFkR2gNV%p5laUV(*zNV1QBZj5nBTywhTmU5{TGh
z5HU{>vEv|O$3Vm;f{0B85i<i3vj7oW4I;J_MC=5JSP_Vr0f<-xh}drsu_zF+eh{&C
z5HS{rSOJLGQ4leG5V2Yiu@xX<ToAEr5U~RwVhcgU(m=%2K*TCQ#J+%tJqHo%0};Cd
zA{GK7_6J1F2Sm&dMC=)e*n1GM4<KSaAYyw##N<H4)`EzMf{1ZI#4dw~tpgF810vP|
zBBl%?HUJ{_7DQ|^h}a$wF$WN_ToAF@AYz|D#3Vq(WI@E#LBxo9FbhQNBZycWh*&&`
z*bs=A6^Pg!5HV{Iu?HYx2SLPqLBxzf#1?>vy#W#10wT5^M63Zsj0Ym-1|l{RMC>An
z*jNy;E)cQdAY#%WVpl=LN<qX9gNTg)5fcLudki8L1R^#XMC==gm<@>7DiE<TAYzRm
zVuK)JpFzYrLBuja#I!)f<Uz!AK*a1o#LPj&ib2FoK*UTz#HNFYy#Ns#1|oI=M9c+5
zEDS^}4@Ar!M9dIGtPn(O8i?2}5V3tAVv-<YsUTucK*aJv#Hv8Vc7up*01;~e5pxC+
zQv?w^4<hyhM63)%Ob8;j5k$-gL`(rhY&(e9N)WM75V1=jV#y$4Dj;I#K*V-{h{b@2
zy#^7x2_n`FBDNDmY&?jVIEYvZh}bC*F>MgBO(0_PLBuLS#F|0G+CaqagNSVd5qk(C
z<^>}59YpLdh*&v@m<Na$8$|33h*%DYm<EWLH;C9f5V3I}Vu>JP0uZrLAY!*c#Abkq
zO#u-L1`(425mN#Yvjq{;0};ChBK8VI>?DZTQxLHP5V2Meu?ZkzH$cRWfQZF{h&=)k
z`wAjf4<cp>BE|<1s{;|!1rc)v5!(zR#sm>N4I=guM63oxECWRBEQnYjh?qZ!*c%X}
z_pq-7QNj{wTFV-ZAD5t;)RXl8ht2=%`3I5zslz{dfBff7<Nx{CUJCR1@?h?;7MLOI
z7%U3*0j37q1q+0A!faucuoT!Jj0H=BIlyXRTCjbv5ZH4V)Uffp+g$vP6_;@vW)3?A
zi-&!INx;^^rox(GV_`>N3t{hIBVjvWvtSQl6JZx&%VED@xKYl?f;qz)VWVLOVe?_H
zVZ&fsU^8HMVdG(EVM}1&VKT6M*fdxx%ouh876bbPQ-|$=&4oRIO@dv4t%Ci5;pRW)
zW^gf2gNykYT+G|xGKyiruxBuN*m{^Z>=w)nb`rK2_8BG)TLW{2U4xB*9fn21-oi$}
zw!>z^9>A<&7hua^KVckLCd>)e0MmsXfQ7?e!IWW}VScbXuyL?6uq4<wm^5r1%ma1<
zW&}G9i-vuKje_ll&4E3J*}*QuR>FS66p?`<Q=G98xDn_B^Z~X5+kqB93*c$sX<z~{
z0r(a86^J=K3{3oC<N|YnZa_ESb>MZN0nh+=6nGT42)GFN9{3)p3RDH|1nvaR2F?aP
z0zLxT0BwMmfR}(PfGdClzyY8bPz;z2%mz*YP61v8UIpp_^?-+fhky%!3xIEcZ-B#r
z!+~3YTY>&Sf8agfJ>Uf31mHQ~Ip9*@Qs58Z51=ei7FYl*0D1yFfj5CSfhIr`U>UFs
z7z>OA_5gc;8bA%;Uf^EfJm5UwQ{YpeJ<uLl1*`(D2CfDU0f&IZ>?1ym2MdD9!MtFm
zus9eO<^t1)MZi>G0Wd3AGK>v#gz3P-U`jAwm?bO`CW0-b!zRP(VA`+}SSaiT?4NH*
z|9mSWp8w~ZtG_<tv!lOrrX=zB@0_W>bFJ2lDJ{<AWTZ9@>$qK~*w*f-<m)9pN=-h`
z@K_N?S4Y!hRG{}{5&mSZii(_!x|)JO-pjkicCfcuqN#SWc2Fo+U!R8wdwd3u$6GgQ
z*LvLT>Z;Z1dfvossumlrq?oC@zqmj)FCAaw6LGUiPRPX_FA+sK#ae~7+pWeQp7TxP
z;_{^OgtGRw7CHK*MJ#hu^Bbc&Z#9nZ`{HPs7}sL>p(|5)(|SosuE><(zCP}1fnIK^
z0Y2;ODo-+*n9il6!;?}|lbdW2myn~ft&sS#WQ$Zwb**{tmun;L-;y#k<XzQ!`NF|G
zE<RmEn4YV;ZDWmm+pR3ojI?XwO*MR8P!M0v%PU>GsN}jq_X}xhDQ4FAic|UOyEb^r
zx=+rYP;q+d$bjjMqV=^dR>^T$qxbJ)Daa`lm>er<Q0}-T&<qN$6REDtu&gK-F!=%p
z1+VEIb}5V3N#~_vVk$#cLrrnbh;8^L9_Fl#P?2ZjJCc(Xy?m}t==)lu+4by(-QZ{E
z@rm)WCWg4%rK2r0EiccN%t@D#kz(Z<l$NAv744g592JtTSh&$c+Fjr}CL-9~HYE;s
zyO<IZTvma7<>{LyA70d1^nPvN)YoK-Wu&u}l;m0`4SsRd2@7gf@4PKzY^dcX=`vYj
zq>6&5D4WI9<Y~GYM1(qz4hvzi7_5eIeV@}53OB5k$Vnr<2bpeBetO!Zl=y17wzjDg
zljEm|IZn<RwrN9y?#pMQqjj`|_}1b&qhrN4H9Ff<HH(UgFSLqHu(ZfGKDJMEyrnru
zSxKIy#na+iS((;b_Vs4#?JsfSI11dQ-1(_YVd}Lp-On=E8N%%0n>KRBS(;s!Y^rOO
zX{nX6wKWx(#VuxHb}GIoR<}kxC)H_O;^ONz{a>3$-oM>s)!&<;w5iZ_M1Xf1OPE&A
zuCKmnKls&E+(jU6ZDlq^FD$g0QC)pgwx#as@Q(HztMlcuvQi@XGI?nZEWU$?HcvZM
zzHq&}VN}p{)%)!kI{S;*mX@Y9X1$+XxGwx!R&}kXNmQt`9qxD;8EWzwe186<%2P79
z<CSMySzg1eu30-4cf2N^KQ&Fp-N8xO*IUxY%A!TBv&}_6BFNJ|B_U63S7DRN{kEwR
zE)LGae5X&DkeDFk6&2ku`tZzI)X^bxT*XOA1AT2L-LT;1iTz*dw7Xucu|AKxUF9bW
zG<I#ArXD!`nsxu@#?ddIr<s?ZVw#znHIMCn?qL)a?5PpxQ?K)~tJ<`;_l9&!O%69l
zC^}3@L1Lnnxr<7GSG`h4n}b$Ri1-+NO?-eNB4S}`(WKwqC8?^S$l<V=uGYzmh4`w(
z)UgpE61d~FcI37V#QO&EUh&WOkAJrR`#d_r_xCyCF$+d4{MsJOQu?J^WmouK?3!Hn
z(CVNmZZG$acWl(iD{O8(QT6lWm3PeppS(ug>^>p()LS%1W`hgocyIbT+h=#=;x_DE
zDJOqnWtdpU%NM8S>U-MpO3N;Er9JtTJ9<Hp@v``|>QnZ92G4i6Y}(q>QE5L{;nU!d
z=5N*6X&)Q>Ht_fPE3nc>P8(X?b@7dJ+H@Hu|NN>S2^Kl2d-J-d4IVsjChgj}QPrhk
zwR`=|JjEBxv%mbM=Eo3!aNRkLn%j%=cfMLNxyr75yIbR<Gq0=Hg>K)S>ZjJUwK&Fz
zIaPmZPQ&8Zx)#OS$>%>$7K^f7Bc49*@kd#&?$su%R#)GvTJ6PR?--cXc6-Vp;}PD&
zCRN3i2^H%Cj7_)AtFKFmXI02br1h+pJ^p)3-ifh>b6j`4%|D;>(5t9VFQd@^n7V64
z>@wxf>1jJxUhY{rGydRxe(7<x(>EuP#5un>b(6YBCaw3ZjhwMT@U}<W__N62FVcEJ
zXJ0O1C5HdrbSiV%hU<@(q%BEZ%38O+tbflBmuXL<g9~Ibc0W&FX_C?OO3E_r?4>O(
zCo47{wKeV0FZ0~CvurPZtfX@TPu)W+=g5SNEuCXlcDB#Z`;=0c%fGF0=0!^No8pT3
zujU57t=rA(w|#MIQ;?u!*9{rxC4n~E-Z4^>?{*maPx<}eW7LmbTBVnd9ABw0O>FJt
z!s@LWYagj{udFKCsN8IIVaT?8YkzgE-G@^n*LllWg$=A|iOA8DeUQp@Rp=OcHD_V}
zs>e#t_brJK*?*y6^PCO8hOFJ*p0K_s**>)2X5)`v+F7pAzbb7<I3<PXE$<6VE6Tkb
ze9J-oRv-I#>xPn53g^~2$i*LyPb;mD+aURBr9xBjY<<tZ5ZeRqs>hk#=5!B?S>urQ
zbg;r_;aShwH7jL~YH&49sAS1SbAJ!6(I5IL-{KZ|B5<L$NAnYfhCF-2KSpi0w*>U`
zKb(H^<$~GDoAX?zx=NLvy-=A}5a_h1ea(bTK@$&OV|?(LzSz;#En9+LnQ%{Sfo00~
zRf}2U{oZ>HnY8Vz530IdEn?ph-BaOpD{qQej!F!}&;HfE%8u6;h6&mGEUf&uE?CLC
zXICKm#9~E%yoG1W(K!t{OUe(T#A2-2bUTUR-=A~o=N_iRnxO+>4qdF!OoIoH;v-eJ
zetKfEFUH^mcV2Yx^0Ecl*IwOzuW_@ssV8``?y=9c)@d#0-8C27N`G}SWK!q3*2{9M
ztpX)}+Bx>hHb%z;xlZ&Aa;eetAGP+afz|MewK`Xx@nj!vDbvkxig;y{zI~;Wbdc9Z
z6aA3WmgzkCQ4fmNMH`r@8-y`tneNJYT{(SifQagyo{K+reRL4W2b%3~m}H(l-nr)~
zv%#WR&8Pis`h;<x=Jg~^tZMvTvj11c@0Oo`%Ku0$wVVHV>F$TWBPzaL-*zwDQD*J@
zgY~LniNaTw9rsq<b^OqAtfs)Xzo2-b@9>z>#BT-ehLyk$!HD;xzsmp~5brg_GKj}S
zO_P9sOJTW0gIG-UF^ij8h;@mliFx9(Fk;@XJ!~~>h%l@`Y-9*43}J;KtT2QXhOh!T
zAs*}CgrM$YFfxgaVY!T(ZZ)v0#LYJ>_$fwmhB$^eF5Y6BFkDEZG|0lxa}z^uD~8Z?
z3_m$26AFkD14D%qhP10Fl^ij|cw+b^${0744t03TcEDS;2!@7CymgCXxDcX*s>QIG
zjgqVmLslw=L?(uAQItAT7>e>R%!*=2cf-(s6T?6bhBSASPdO;L#4s$@V^|Qy&|8lo
ztrkPC6H1L5lz5FOvt)_k4MSo+%B38XZ(Iyz(@<_T5)(U6u4Q8QxrQ=G8pHcd3}sCi
zt|U<^IHMGpiV{T(rHU+u%o>zb#IWjsVW%FYj{rk&HOjEb7>1{ye9S``lZ!IvDoTZQ
zC>ew(g=A4SHlrkyB8E{6y=;_$wJ7Z*Q3|%AEVzbp(*r|%2Fgt?hWjRzd{a<X<fD}0
zqP%H9=_rDs?*_`ZEDW1#F#O*{x#fYOxduZe6QxW8%9ynn;-+FqO+~3!gVL0Na^NaT
z9il8@u`%fg!?g=a4FQHpF_Z$=QM#@}nYISyoB%_9K8D{$lo_rlMQ@<w6=2vDVwi8i
zkhvD6VmeB*T$D%EC}&bpV#uOInu7950>gP7O4b&Xf9p`16`*X&LfPwvveg}>TpG%y
zRFut=QHqG5oby1L+=NmyA7w)xhH(j$Us5R7WKd$PMcFqEB|!no&#5S9Yf+-5q0Fm8
zx#Nmb)CFa33rZ~x%A@NjqxmS6oKS*zqNF0e0EBBmL<A+EBT5GkQB2rEIqis&wE?AS
z21<%%l#t>mJ)KdOilba?MY+RAY0E+hUybs59ZCicN|a`l*-Vri)x;zjlqb_b8P=e*
zaRx1z4C;`Ha+8fxZ4FB6T$Haul!*-}r(95OxT3_%23=?Yb&x^HmWI-kiE=*=C5a@;
z8Bdf)Q$RT!QR<|Dc1Y`Dk{!x!PvROwx#Wzp=>|$07nIcwD9^8>ES-i@uo<QMHI&Xb
zh~H8HJ;+2k<%IH43Z;7%N~C&XVjaq4ca+gGDDU|w55-Zsih^FS*qCgEGTId-bvnvc
zG0=mnpb>18gBd7AucJJljM7>HrF1qZ#5I(y?w}6opfLp~Q(IB;Nus=)3Tlu|>?g6%
zZxak5*`mIGLO$eEPcUf|(wIskgTZ4E3zJ46jj1#;__Uu!A&sdtqAT$&QX)QyLK;(P
zWbkP}jfhXKhxjBSKHZ-}#Hai;B0lA(5%DQMjYMqX8?J~?qL4<!C)<cm`DrBbC)OwO
zClK)|KaGe_`DrBbC$~={kw4X+LTmuD8>svV6w>Wf8j1X={uC1VQ~fDKe7Zk{h)?-x
zB=V>F(|)>*<4-=1kmQ66CXGTG5uci<!KaWs{}?-n{24&<`~!*ni8guu2|wK?&p+Yk
z(|#I>{HgvFVhuT}KZQcNok}B-Kk28D$e-#@A>z~hDMWnAPa}~()t~m$Z6bf-d1B!L
znKTM%M11mj#Hai;68RJBljoo8&!hWONaRoYX(aL|w@)LHKh>W?gpnitGzw`<rIE;=
z>Q5n&Kh>W?B7dqsg+%_OpGG2osz2?g+vNGD^Cwsk6FWj6;**H@Bog_Pej17Vi8guu
zfrwAGsq3HUPqnG*AAUaVr;*5?>Q5mWxE{&)Bns(vDvgLw`DsLavW@s8B0lA(5%DQM
zjYR&`{!@tfl%Gb#$Ms0%PaxuxZNw)L@hLxzh)?-xB=V>FQ%K}bw2Ax)B=RTyG!prf
zei|7J2ChRYe*%ScJC#Pnr~EV`KG`PnC)OwOr}|S!<WIB_pYkJ5(oZ9iKk26t8^HBQ
zpMRi`ZX-VVJmOP+8WEptljk4n6Zup9DJ1eI+T{5s{CwI^BauJpr;)*6;5wwwKTt@w
zQ)xte%1<NWlWp?+6WeFte3JbsB=V=@lZg0~pGG2oIzHvc7PwS=5)q$7#3vE)DL;*f
zPx)yi@~8S!NaRnn$@5R_AD{NqNaRoYX=ETzIzEX)x}8cR;!}Pa5ua?6=bzX<@}=X`
z{i!y2{;BwMf9iQ6e>y&i*Z{FGnKTM%M0{dlB0h;s8WEptljom&+vJgLCWAsEe=JNQ
ze*%g831rep<WIEm{zD@E;d&(FlPILysWc)!<);zx$u@cZiR~kQsy~H@Px)y?e7ZmF
zr`zQFKiQvw>ygTzK*T58h)*JsKk28D$e(Bv`4fovl%Gb#r~EV$`BVKVB=V>FQ^-J`
zq@PA1jj1#e`BVKVB=V>FQ;7I<e+m(w^3zD<PxYt$benwtC-)zFz^2bX5b?=2;*&_^
zPx@&j@+aEl`3E9C<);zxDL;)w{#1VoiTtVl6f%$}>8DXhV=9eA{#1VoiTtVl6e2#|
zpF+f^{4^5zQ~hZ_-6qdJx&I7YkM#KmB0kwhd=iQLNk5H5{zRKR|73q2<!4Yx<WKr(
zB=V>F(|)>5y#9&j5eC;G_4+4JNVijIB=V>FQ%K}bw29Y0fehqH`e{Ub%1<MaKh>W?
z9DmABBjRJhFYMANq!ID4u;}X_em>PE@+Y1r&p+X3@W?iG{j;$DRGYf~iT<>oMj?$v
z{^a(NCmo+eA>B@;k;tF)(@5k`$0w1<pXyH`kw59D5%DQMjfhYAX~a(8dZh9v5b?=2
z;**H@l%GZ-e_}oI{L}eU{dwf`ME<0oMk0UGPa}~()t^Fy!SzYTCs9bZQ)wjfr}|S!
z<WKddkjS6vPa%;%>8Fv%pXyKh={9x!vzUmF>ybYHK*T58h)*JsKk28D$e(DF=O2jp
zl%GZ-f6`AQ;?w;p6w+<-{FD6|xIU@;2^1o4sy~H9{-mEqB7f3PBauJpr;*5?>Q5o!
z)BPz#e7ZmFXE1Ob(&wLwPqtI(=ZXADKaE8GM4LSSKq7ytKZQj8q@PB_r~A`>x=mgG
zM1KaZNBaCz@yT{7{XCIB>8Fv%pWHr;ME+EN3W@wlKaGe__ow}In>_!B_xCeO0*U*t
z6F&Xt-;gBoWHESb78mcP#DYPEc+BGR@R)d>hv)Ga3yV18<RbzJ9~$(!Xj6}|4%TOr
zeaU{rV{)6=F8MsM9bzHY`3GV@$ZgTvCbkbRxm|KytWU<E;{I#@=>4Mh^Y1pv7}UNK
zv57eJe*E1Qu}|1uP`t+$(Gl{`)Kb@_96Dl`vs`w|`aWr{Ty4$lidT<+v`D^twIgq>
zc%#~g25#1j=<E!uZ};xyT;KlW%;OU$AG=wZnweWzjvGJ0$~rhCG%S2Rk<kCY78V0<
zyu_Ii5+8JX0RjJ5@F^WyR{!C7VkIH*@81?`{fPhJBDMk@9})Z>aFH&<5cqd76tTp^
z8JM#&5C5GoN6ClbiWwNw(00XtXFMjB%j}*%e@i23Yg7v#v6Bm4VC25iO%fc*=Vma1
zG1JKzvw5O0BgYl9issYmeL4)HmoL1*cs2q4V9b|@gg1uXOgTFbFJvb6DG_T$;`s&t
zVM`I@I{1Pn{bz}pSEks)Nc3c4)<rC4@<bzc47QR$Z&~XfzBn@eGGrS}u1Bwec}|j8
z>+haBVhah3P;x)w{%t>#kWoBl4JBX?7a&SFTEt?Ci}zpsXOPbm>-^2n6f>><8u2?f
zlW=E)Ngkm@a@`p0Pt-s5>OaLX#+u16VsXJtGbU!Sg<~&>o<!zxm?cFVxdoWHl8ANw
z=W{&Fwc_E=9Q$I1xjGEYKO>IYzqUi2p)hPW8rzM>{G-1|k%6N_?6W5wgE&J(<iE#^
zXc0%A_}<a~JVyWA_wnSh_QG~zF^47z$2svIng8eh*evGQ5Xbo6`~CML{r4CXNE~M?
zvX1~+B#=3UV2_vK2>d_wYbnuXy!-p&$98%yRoU7nM@R9NgvTdD#>UubnHigE@xo(5
zW5b|XXQ$=o>uhAD#Y;#GjtL8nij4`k(^?jupk+TvT0&aFHaH<6JUS$584sI?NwCvO
zijSF?5E>C49h_hk9T^%Qn-Duc(I_-FdSY-wwDA%%EnakROyvCVgv1&DjE9Z!c>lFA
z*Rb%I#K^>D|F%!Yro?{51V>{BJeCRK;-Vr$gA=jG#=&uMS|-#M662E+5?y2F$Nq2b
zkGU4v53v)%LzChWlWyag`0&L^*w64VulUF%kx}6b!V~^Cw`%cst2`|K+Ky8)Vi0@m
z9=;?ziWf!vx6=wvaE)0KyC^(fi<cBB2n`KSz+s#p9F-7GCq-_=<Uj1q-(5HPw|%!Y
Y`LBb36>LrZo}s^j)Wi$!|8V)g01~Mb{Qv*}

literal 0
HcmV?d00001

diff --git a/bin/x64/Debug/ufr-signer.exe.config b/bin/x64/Debug/ufr-signer.exe.config
new file mode 100644
index 0000000..8324aa6
--- /dev/null
+++ b/bin/x64/Debug/ufr-signer.exe.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" />
+    </startup>
+</configuration>
\ No newline at end of file
diff --git a/bin/x64/Release/ufr-signer.exe b/bin/x64/Release/ufr-signer.exe
new file mode 100644
index 0000000000000000000000000000000000000000..cfe5318ccf5eba1f12fc9eafe1eb0c40c9a08f98
GIT binary patch
literal 2176512
zcmeFad7NBjl|Ov@-l|($Z<X#;b$61kN+99VRozLtS+cMsAdAQ*2y`ceEbLLa;Z{IR
zS#7{&R0IhkN(5BgMpV>M$9=<P932%9*MXKn2M`eV`OS<B{J!6F?%G`m%#6P8`^TG4
z`rh-L=RD^*&w0*sp7lO;%7*I=%P@=-{+@ZpFg}Af|E-hf{vW#$-Cg-yxADo`cNc%A
z<K*uye$geDHmW;3_hN7BORMK^z3eh~XLZ|!Rqu++s+V3?ecowjR$uB~aN$^2SN=es
z_36hM#s#l4jjwP0_EeDDZ;d5J!CYY&V~Y*L4zPGv1zy*|7hzN7W-uh%jWodXpJ{A)
zZCH|Zg2JO$foc#AF%g2$mc_;w(n(Z2^yrfnV__We--WA&abhgZ*v<=Iz7yd)Mj=1q
zr0jk<0y3btjCl?3d>}+N$S4J0fp_fRy0FkO<UT;kU>a%T<oEX&JCE-*IuJ(P*k5^~
zVmPz%-v<jpA7(lW3?pwk6(k-pjJ_2q<6=L7X}VBV-UII)&LTkWFdv}IyHz|Kh@W?t
z;9)lVP^H7}0Rn?GRr2AX7`!$H9~r_U<6edtK>GZ$k-im{aS-xHo<-}rOVg9rUXDP%
zRH$X`OzM_Qd9skXEWLgF_m-V@mm&#-UI3XNM*<YP*jNT!-u5<wr3*#?e@xH;*k7>S
zgYhn}`wFNVklyahx+pX-cLHO(HNaVx&93w}>Ik@_cy#65F~ZCFfO+S=o(`~F321b{
zD+Bgkg-5B<>x=`p?18NmMpTk>Cz$9EJo>Wpvd*Cl9mY_qm?|wF^{zp}7}1-WD6RKZ
zAf3ZOmE@}|iz!iUEKy&|7jPAlG*<IrI)+`yxOu#GZciEJ(vrJ^@HW7G>2ee(rri?`
zM#+DjG3-7&24`wLMZ4^vBsJPot<Nsnr9GnyiuQGv7E{9;SNzLtf=n?3f;0$5A2yo<
zsNkaQ9Klk2pDOwR9xkdqu$Yrckl81}OvOElX%m{A$!F?z#yuJl_m3Fsp;rDw9>$v?
z=y&ipA22Mk10oCly}&()zdXYHM_X|b3E!!<!iw;INZDvDfX_31bAh7OT8;rd0yGY1
z9UhG_8yZ`IM_(HHTMyLT@J^<43@MJqqdwr%H=aind}ZFbJVF0qGeN($nBGa0`>r9d
zz5|t!PheO*odM?kq#>qj)sIl5K!n$JBv_sea-!T7^HA|0n!~(ZT#(JIxOayc)-DNh
zBg0sMS0T5#c|@3ivtVNU2D}@g?_@1Ma1TnQ#y-!8noJ>6T7G~u82dRilZ>>IT30q^
z!<|_eXgPb`r8eyM;aXQN7T1+STq<|n=woWT*?n53*`(>__8C7jzn$e8uvfq1fnza7
zVN+B13+#0P%;^I#$`tC;w47^34ZDTtl-cCdec=eI{9QT2UNkwpu@Fa!^*x!izFlT>
zF;bP?<6(Gl;!l8s`zk(IANdU0^2$Y~T_P~$Aa6Tg>x#GfJlnjD*vyJY%_dxQYTr$I
z)ooI3k-Q?>Z<C_6%;u6vw3uu=N$5TX*-B4$#PCw;dtwMB{51&YVxMS>eVkY)htkE^
zxSs^p{VgB=BVE9W??)H$j6U_h%Lq>H*)uwW_OT)VzbX;>u9P=}*4Va+ofBY7erGRL
zELm>+-)GsG&B`$2x#fB$3;I8*Fm&Ae)g!w2ptZe-nN)-FK5KjKgx$XuZFdj;g7!RP
zHZc-OxfrLR1rqdr3Dv^(tLq0E&nNGbqNtRGKIa7pWBijcmVyuenN4^Kv|_j$pT~1#
zR|?oAbAE8$oScW<Q$prFrgJI+B1bY|8<9(~gx*MypSAkN4$6(LGUXjYED8+SS&kk{
z*((M;YgjULydjLySO{ax7Q)2$q~aVH+mnuC;#z*TviibM=l{d9CX+o|e!l4ckLBkp
zhWV{}x7d=@$q}>aB%wd**tak$*9VC$`8G&&0J8=Im^B!{|D9ThNtsmVvsv6RfyF^O
z%vnqWW-R}-=W|a(x$8%3kL5QYCo3HQO)*xox#h*A!Y|9nH?^};ZU-p0pqT6n{lrY6
znT&`m2f{z5*^if7?9t68I#xV6EpktXU}KBTSg5737`CT$jI0eLq^|TV?~eE9wa!Er
z8nMmW$D!9}&hl5nn}4XA@DCFNgMaWp^0xtR{=Ec$)A+mI|6@<izYoX$J_ne8-}3)3
ztuh|=|NewG|59lE{9DzDhuIuLNGF1;{)|{f49LK2)ng%IND)5`5epT;j5LW(ELVLx
zL{th&^1cYurI@!wm>$Jk6=KSQs5O-7poT8g&;kveqoG9_dcKA#ISsDygLw_s{9vaB
z7y7|&4R-m#UI_*j&iS;Hp&^#UHsJ3~<J`brnlzVs$A~5sTS283Q2?mZz`WbQ%*WV-
zzZU*jIWzcs3V#bha0LF&#ou=Py%B#Oz~86vcQ5`p1p?d9sLE>}14a>AL-E*3?^@2K
zG`gaCjK>eI{csqq)ftbi%v*bH7+on!`Qz~m)?OAyOBolg-4r6!7~<rW{<TMi(L!ID
zzqTG?Dt&V@7+%{IMr%zb_?6dUxEvI&P2uxvzZb=8)hE&quDvsgPZYn>M*7aRyCZ5f
z+XT0TW9R#NRul9iD{9XP(&4dHK53#<6}7koX>|<t$J(w`R6U&co(!$n@Jst!BMDYW
z4gjsJkYE)7J{Bt^MW&WXaK^0y^jAo*g2FYD*()R`(?N5EWc5c;{KkinAnU%6gdYHi
z6_s7&c6l9-2Wxn|o<pw34>D}0$aRVfu}<M!he=Rh;5g4fT1=|X#H&86Wkc{q2==A@
zU|Nb=D|jzL=8dxug^3XTYCN}xnA;DK$3Ew8wLb55Fi6fx_caLY=tc32HO5nib<Bt3
z?%+J`4`|P5<ErP*Y_z(N^&X>I&W2>!Xq_SJFEe}@$+GQM8KAB8NOJczi7EGLEFBr8
zgnry}sE$l+qL^_f0q(pE63JXrCXl(E<lz2!5E^)bk1t?mGTKv2l_#+Zl5wYyWc2GZ
z^NX1)(4}?sWsBK*rkHg%0DnKJRL?G}!rh3+c)|O9Ox3hE)X4#e(X3>7B+4$BzhWsV
z?H0MFFl)wA<V<trFean|?R!Sb`D)Q#@kqcYISnZk?TqlrfDa($Q>b-iV)K2hChQr_
zAeMa8O!htbX}e4nEq|{1HEh7IB-lf2U1arF5aU}v24Hzv59-Smb5UF9%NO&{xiw(w
zFFssaLm}B33fdYlJdld;yQR6UA(7o*xH-t09PHS5IsVq+?=$%0oGAE*<xt}e5IlfC
z;+II9(KTNT(2Cxg6q??-c;p-BLSY3v<DdhyXF6q3#n}Yh4AxS#-5JKvkkN?|P6yYG
z&jY_4+Z}-X(v-WI3g3c9-ZtH>#M$mP;?BpTkV!Qzz}vl$5gGR)zTAt6xdacZ)VLI{
z#&$g5;$Dnb*2OR>4`;|Z8dhhyrdVve6mRlJQ_D-nw)b*K@45&VmS#%s4gfpf1QFfK
z0a>nxC&!7F@F)a4mMRPHO+jM6{25zWxDBLpcj94YoO#fQu6sWSJ$8aeId7TGb!dPS
zFBbP+$auGr6Lgc$c;6)G5L90?vD$1N2ja4O1sMwLTnW&9Ss2cUE7A$vU@HykRcT~a
z%6qAF<X(yI%pQj^tPDDl-1v9=HQ}39{Rj_8wVqPdH4}ZxeBXJ41t$zU@mCefn#a2}
z(XmLh?yZ1*;a(BS6(we?@e>bd;tMqKG0bu8+#IpEp5Le2$B0Y{S&a$Mzi$D^Ypwvl
zK-p1b5nx?=(cM=*7b*5CqxDq7b%6KBYqkz+TYTykWsGVxKD}V=m!$RsadW-`YD<DT
z%V7dTmDGBHVTDX&OjY!Zi{VAA>R}hMKR1kb9e=gMR0p~Oi46oX0zWjQ%={4C)jF`&
zkX`T3wO>39)=rtzWq9nsADWo&KT^gQ0P~;O#0V!fIu40Xpu`88&6DufXJk4FyJL#l
ziJG!JaWs;i$fPL4?4-|TK;$%YxGw`{ZR8V`lLBd|eHjCv_L|oihc6MImNxoOrY^Ma
z6o=Fc@}^~%QqDB$745$dV~tlMz8mpo$-M5;fsKv@<>$?%gd;?u@hYU~%r;(rFveb7
z=dCq<hp`s-KFZg^n_+*bY&UMjnsDQJAi3TBJz`^Vnb~o<VydwRl<w7dWZkR4Uj5O{
zkf#Uol(y%soj0NoCHHDXszIv$Au?U+Yw)T*3VFA0EYvWU%0fG46FxOn%DE3=&%(}a
zpUm5t@t#?{vObl*uDjHIEjTUhDy{hZOg>wOG%{Y<*MJT3bu5IP7**q(mj&BGma+TQ
zhK%3F%_jQRl>0jH904uI&2Pq=|1`=c_!|(oug7B!wmj7y?_;%`=%-TdFHy?+eD4tW
zQ*S38rOG<pL7Z9Qy@tql337#xM4N*tz=Tdlw%Groy`UKwS6xLDp{!|RH!2tCVoc%g
z8$hmYp9AuG!Mg)&gYhv<T<T>m*;6sHBLlK%?{oF%L?>&57>snEXJg~?jmTv5u&j4_
z7+9J0wuFIt*4q&V4$6AF!@!c7<6VzXzE<<@koN)Jx8%LRdsyCmUMj=*g0}>3EkdcR
z8#Ynn7Gnh#YSN-fSEDBUP7FH>t1@UzW-}_&>ENcbm52TcWja@6u6euUeSmk1ycc+1
zl6Rl?pu7v7nGMS1kMdxrc^STA2EZMloXbV`oXbV<oXb_}oO>3YjmI&X?@M_shEnQ)
zHd2XuSB?$3(Zk|HeTPI@+0K7qXR@Vc$!96!J_y592hSnA^zJmYA^eTw?=<|?He*eL
zy-1Wvi;cH-MgmWdsrWUfGpiGqo=_tfnN>7MLpJ*rQ}8Z|WNcSe^<#WLy9gPER;;6n
zGR8+OHnG~7iAeF^Q6xOP^cDjNB92QmaVde9qL8V!_>#6~_ZpN?bu~CK*?1E|OU<Y4
zK}gWJ76BK%w_pZ{fh)<o*Ar8A_xKUes@=GO5pUrGP80mt&~>TtfsaAk3HKN}K6=R@
zCUhus{84*vv|lgP)+u3L+{P*GW3w~puOYjE0|@dLjrUW=*MY~lK3t1<J1W~hukmjL
z9cUp~i$G6-o<^omZw1=936Cn=xUqfZd~YN-XR3ag8fI*`qoa|=+nBl^%;KXHC072<
z+evW*9_`L7?5j%&`t3XK)INlL#$B_@_d|%euku~J@ACDvDW6(<qI4(1TC{Y~F-pg<
zjx?0`e^WXr8XXG%efYy#zFk(m&un%gk2>a~d`p*$ZEN)YGPkjf4fGTEXEyc%*P=O_
zjdu{lXa(Rc1hG5~@K%B^5b!pFblW}_O%<SE(R_krs6l}5B<<+}zKbA6N<lIhRzLuK
z0F;a|ECDDPA0E-J5>T>O9T8L_g3*XzEW$32uqz@g`d4Hj%us%SQnrZ*dq{*mG{PPx
zph&h<z<0Ai%OYCL;sU;C7y;jdBkV|oMLP*->jDbjs(`nX@8SqtBA^I)fPf<UfdWc0
zxG^vjRliU`QS~ALCE0L<g&zwfTOgn$TPUDZ0L%yk!uNOq-$QZEh-goZz*7Vic{yx0
z8v@d<eWgBMK#`Zu-{*U@fRZsfsUX?92wWe5$3)<<0!o3NC!p|U@8<JeBcK%i$cXl+
z2)j1I9wFd+S+;ou#h1J9L)dK6_<fMZ?}IdGAEc4`AdS=qD-lQo@v*E^A7nlGAhqm+
z)Upp!F+Rw$DCnqAY@Ar-f4@k`0M}>(VgGhERwSH*m0TlirL)r6_#l$HcZBJ^={$Vk
zhr)2l{cs3ZuS^+6)ikkK_7SGKGmI&@9~GFIb3VqnmxbX0_v0b#%Pd+|IYif55>ar3
z9jcU6xW5aNml~fS?@xvZ@5V@4avD^EPlW{4%P8`r9Z8W%T5|tBr1I`0n<WyaY*^P<
zJ&T|!9etmx(#5cJgLAR;h;y-Yjxp?T<&3!U$#ghgJ|et-ips}u6>DxrWlLQBM3;T_
z6E3-*4$I*^9F>dmm)*}u9N~qPqvF{U<!evXON94yls&_h!z*3!yonp|^A`G2A=D!^
z6Y7xxr-i(IyI|NG0WoyGaD8d8`lNvx`YZ`PClX5Pb(J-75s6D!fN(j6S$-%?RPCXL
zN^vPkHt0*qnhCT(cwuEYo&`|}EfC>th_Ya~GM>}|aX|wR`kj#$Sm&V@7>H|u;r(hs
zQm?BF#YGfcK5i(&=5>*b47X7O(Sf0`sfA)myHg`S9eCeFV_0_DbFu8d=VIBF$FReG
z8&(HHo(UT#!h2UFI>Tz?C&g=!=s?2?e_AS>;#O}$<F53?RYY{cP>Arp5M?9j&`%hZ
z74d9{9`X%ElH4CvB*SI*^I^7_J=mNQd;u8ui-M+_2HY=&aM}HG2+MX%C4cQA4AhpE
zJiF7_ar@G;*Ddb>uO#n5Z&=<#-ZFVF@K(rsp|?ifi@fK_d)PZw-j$p;Nx=O|m`~;W
zN^e{hl*!u$BEN|+TzO?>e!SSk1?_{C8nh3>!<D``JEFYZ5j%z}XC<2hae-41`rAma
z&Xv|teS(TlR2b2fgiRCUeLc!Z63(qLq65Q_B)?4N71S8xP-E#?HO5{t-d!;qbXU@Y
zYO6RLXy2w|Sn2MyLx^FekB_jkIx!M@Yr4YfU^vld5z)TSVocfZvxLnVWTR@OfMIhM
zX;tu5!25#7u&a~U;p!Fa9%JJG(k7ZI5#D8y*bHkky(Df(L@)H)58<FIlH{+6#HCn)
zkr5t7GmK?VRKf`p;oTl(&v50Sq}2(o=w~hoJ`-ig5{LR>Ant`3-me#y)Q1M65%pxm
zmEEsOyAuZAjKtHpyTZ8YAiJdXaZL%!dA_tXq)<AsDy_Xy;QiW*VaM8Hm$${PXp3Fh
z7R#y7+}tMGVh?GHJ+v+Mu(ntkAZs&;m95&AmXn^jk{y`DE=rE3$TZOf5aHb)RT9Hu
z!qo+{28WCZdI4eM52%EL-5oYMR!?BXgsVJLRs9W|Tilo#lQ3o?ym7M8K?}o`V$zre
z*XNsuBsek3mj)2GUxxQ<za*&g>{0dcS;8?Up(WvUY9t)P!S<uDxdt4Pqbs5-{l2U;
z!$2p5RVUw{l`UfuIw8WlAj+2E%Dkjb1Q#@LNw6!@2@O4LLJY(e#PEI<L;_XNcV<Z{
zd=nj$Fxwr8%5b0|;WJ^)){rm>8ao?bpdrH5-y_TF+h^s=n1qIi@NSB-Ww>%+QbU64
z@oPd7d^pk&n|G)o2I3lGc)uDVfoP~Q9XD>G6ZS(y;1-1`zF!OsUE{70x2UkXNWxXo
zTEayVUFr2pLpKy?jd1loD6Dc`To$4eDkH+XJIbHoN^eqSg6oQ9;yoOxj9xBO83S>Z
zF}z=uk)Zl3in$>!rZDY}58s8;6Oo(@2NoqvE}COe%ET9&Za2^kVb#sLc&0=rbVGz^
z_JnoA@NC@(t`N(_8)5<-anP%Wx?v!$8;19*8xp8)j);pXOcSk5I8`G#84h$KOy=rF
zm~{GLOE;sv=`tksdyyFSpte}2E%xBH*par_T3c*Ai49IEQ=Uqp^76PYh)ayYi0}@J
zRKaldemal0(Rq9X?aE(}5q9~Q27+;zu(&9yM5?6Zeoa~=;o#$kh3g0A&d5oC1*61#
zP8sMZNEqA@$;WU|RZ92uFr(_X*)A5vg(eA(p?)-^@#J$0wKmpLVB&-!$IIf%A}(Ry
zM0j71gpow0WZM^9;4US>{gG;D0dbRNc)uo1g37^_MqDi767EsB{4x@Y;Xp@(t8=?o
zqC+=G3k>u?7<xD-o*{7wJrLnN6=f)iX6Zq2fe(}f{k>s3r*+5m!0>+cKmzFD%(z&B
zOSEfYvyj<*NGhD+KoNx7C_<QY`v$`16)1u*6mfVwN8%ESAi_H&%1{!`QiR|Fho=d6
z5L8W&O*gIxhWD!o5<n3Xaj^uKP=v5KIg*RvKoNx7C_<P74z3Cse^GTY!M_!C#;}k+
zjtyK6Dd2Jj;?fb9FjpeH3nJkdu71)$)18brU7~{tKjFaL5cXcq<f=jn7*v|V$BVRt
zQGtn7F2N-<MT~b-B#cm8R4K+KAud=BAY6985$521a<(M8m_s@&4dlb6fp1C@>ManK
zFa$g_t}Nmb$|A!1StOq%x;!Z#alsOt(En#7lg6n`gdtO5mQ0)o1u_xVo_<MOETR*J
zPlR`1F>GlJ&+h4o3)Cj`$B-UEV0(entgxeJAl?WV-ftryfp+wXWmaLDs9oW7Vk9QR
zK|2s8b31w^(GFt}<e`)d_-*2a1hq}Xuvmm^gB@;*<$l>*4h!017bdaEwNK`s=+KGq
zE{clGaGSMHq63>D9JDSLt<Bme(FwaG!rL8XBkA5{pb;n5K8dabg9b?xTl{1=SV|)d
z+w2K#Qx`v})9S}MaNh49#BLZ47DEXKi=l)|?zci3T^L;)ER4P%f^uQ>bMhYWz9;WN
z?;&{)dH*Kw1zvt0=@xp!@?PYP%X`>6Ufx(3-Jn3;yG((CceMhY-c1U0d3Pw#?R`ms
z9`9ZSdcB7gD0=^?z&x+Jk2zNQyd?_sdxt47-#bZxl6Rg0WzSP!z<ZqngWg^RhP*o!
zSm52Iz(Vgw3M}#-Q()M8T7il;uU|5)ddmp7UkTMVd!1L*9iLSY;jKX`zlUXb_QJ2=
za(<V}0P3|ftk-{(%-AXdpF?=of-q6u$x${8SB^~%v?Q6Ii_o7(dUY>sUV)hq4$MTF
z-5HReQVdMvN~!>+F)eSXR^Ef&b@CqaZj$!`?>2ca^xiM;Mc$qA9`^oT-Y|_XDUkQR
zsX)Q|o&ufTj}++gW)$f59#){ods2a3@81acRY5UP6(eyMOq};Lh<wcp&8#JN;({f2
z!cctIEXC8s1d1m-Tp5k$LX<Z&Kg@;U*(>qH1s$`{$5!I$tJ<u@6P;X%C&oK0%19E<
z^&dnBeTXE9t;91NxDUc8ZFgAOFN&G<0v%t8XE<1iC+z!k3>X4$9K#;n7P}^iowX9r
z<lc*-Vlmu);hiyq{=&PYx`e6Jd?`=Z?}%_8kmA5{136>ZQ`=%sX^TCfE%wB=*yp#!
zo|ME6SN|DKKW;*lEYTwo;k_}^3B$TZ`UWPAO)(i$2~3NDpjQ$Ww?_)1B0>d8;JC__
zaUqD41IF&RL(O@giDZ!YTngP)J}v;!W%oN_lCt|xA&jr-bW}in<FnBBOAG_fcLDla
z&<t1aw7@vA!$owW|0KfuQ6!M06Z=nWq7hvgj%Dn{%tV;_n}>wa0MH&2n}@W5P*w)2
znE%d_jp&4IM0ig{vPrtRvJqWb<jW>$>ZQ<x84emJVaSHAAR!xVF>pnME4z{t2jaY!
zkmZL&)k1S*a_B3#z(Ft&jLjwS^^rUp_xX?!<e5K99=3u&9))3c7^@Pl9G8@hIPbPd
zHlbObludB+ef=;H$R>%u5Xq)-DjVT8vau}&vJoDxJU?#kL?y=OM0j71<YRdDF$=*3
zYa@~%*237#!xqLse1OjIeh281`nbySxQxUFi@3tz{zyEHyGztfxGGIEv2aUtC0OpJ
zYYwFoKm7qodm8ZmusVia*A~0JE%unU*kjvbpVt<9ToOB6c~M*o6f4o#i17Xxse)l0
zufHnpnTQVBn(*+qk0g1v9JV`ZAZ+jqs59!1%RqEO1|qz($wXV4q?_B|i4L8Sq?t};
z95i^w!HCf*CmKBKAuwXX)gKt}MTx}%qP@>Wk_Z_;C`&diqAS7lg@K@HN&1;cDvi^o
zMHo``&ytFE5J*M1a&}TA;=ET3gvt?`S#C&hfg55VkVg{7+>pkpJcQfGLkkS#QCQs&
z;mYEqY{YptN3sdcEH@;$zzs1F$R>$nZb;))Ho|RWV><|BBV4`Nm|cTJd!L9zVz_ch
zvibxUZ0<>ddzfH}v|)w=Ln7Qp3^u$#48pU#AyEl$NQC!5Boo7xzT|X5aDg|J1iy=9
zVw(>A4Fhp+$nbu>p`>1%^oGO*-cT6)pGZ87yGyh|xH_7GmJ{BP=+GN-NE%8f<5Ts9
zM*{DA!x;9cw%E08u}37a$)yMKObqmh@Ct)rOJP`D*~xKNMszU9BODC!C~h!mBOFZH
zq!<{P<p+W}8?RvGoQ>bS1al@*&7Lz6=N%piBs8<;Oo9t$tJF<kScGTIj)?M}AMs;&
z_UuTK`JKMdZzR2%HkBNdkZ@2!Q9et!ASfX}rjioMdq6&+x_#-Od_8sh(job9DkwQq
zSKrKrm^h<FwD+n=ScWU7C(mdJE+{-JJ19KiS#xrtygd;=hO1XG+r;5bN$HnglDsD>
z|2!lKJ0}LJe`gxTqIlm#toP$67oqy64)HP{frk9eD53-ZukiPzxk&O1Fa1=FGhA8c
zem{(aH?i0O+)ZBh5Dmhwti$8<^^JQGcF-y1&9ZYJUsZgOZBz##q!_UCLn0k*U1Y7T
z%SUvDh-xpBtqYR5KVmZPcPN!39c<b8v0yre0zn}bsI|9re!@uqE1;hW+zr+xSK-nu
z*!`K1pj!(`2>a-s7+MccDHp;%NhL-?*hepop$YrwY79--M-Rr(gncw;wt?WB#KmEs
zL`O3!6=5H(o<Y%s6<u<O8NrvDXA!rMf$$pJ1E9eX{XpeR#PS0bz7rp)@VnXfLe>1|
ze@*Zr(D)y2kg5O4!`Tsd4nhCCJc)xwLb!5KvPUM)JDl~ZLn)y-J=sKv3kC~9e@bWv
zQmp-UCKM671}o!@hB)uVQKmvO;{LN31_N?nCV9Yy=%59$tY!CpAtwy}Q*r*pc~?dJ
zg=SZ!9QW$P1zug~uZ;@DaL}bwnFD@agsX2tO(e4;+Iwr1oshkTWQiP!4pzG)$p@nx
z8TNBDo6O#MfTdfqpSEr`naG(TogUk{7Fo`1_oPa+d$La;sM-XAm8^(C=jY__eHNms
zFBtND!9AhyYU8HEc0IDec@VFX^DlTd;0A5yA)<#(=NEk6IXwy9qr=`Wko@j6Y+CMR
zb$?0nf5l@r<ArEsXnG1TlJ1uG(DVikIuDc6*^Lo$e+2MO8+>+4?5Ua$KJPjQcjvS=
zGQ|x(4#-21Bqg7XH(rAH#)gn+0q(d!*J{8^7M0#|wt+f7Q;-kf8%2C@zRNUi;bFPE
z5!aRxc<481wvp>G3aG)3i;@B~Hify~8Hk%sHO|A=>5Z%Lg=}}qd9nlW+bH4Ykd}9O
zbnp%VerJzwrdc+38=~`ey=c2P19Ja}yMo-$Lei1>(9VA8-$DA<Av<>qG9Kyo=@+%-
z-)XzIke+uD390bjC+%L+`fSIo#$gCHPQ(LwEWjON#~_b>lp*E507%}KJ!)t6;xqdr
z5FDCVn01c?;M|4_mn`?=c-B+pu9@PDwQR<aOSN&M&ct_1BRTL>T@M(8D-Daf=6xrd
zz<)mYm-3~qTA!8M>oZQ-<;i@mJlU1QZQT=(*fMx2lsa)SQSBhBm<s6TXR=GnlbwPI
zCAr<ddML%T_hyhabdWMG!Mnuzu%s}&37aJ%%lY_-dG8hX;l_e`ied*0DE%)p*D|8B
z)K%(B*B0ZFA)m50n?v4RMC>HR?Zq^1Ji>>~O!brO$m{%y-wF-Y=i!@QF$0F2Rmd8Z
zv)9LMAw@Z$V90%GjO?a3St%B9FC*#kY7`s%h$nH!!p^mjhc}IDJ*JE-+IKm!Mal4l
zww$!RxR0W-;zBHKS#d%U>@aYyb(HcC{2g@a$4W7)NO3+QV>pMz^-MYcz-uF7Hio*}
zUod$Gf$eO=r{aZ~^s-WZ=6usx2~;PqTquuKYZDf~U$&i#@o;~IvUO#0r5vtj_!hoW
zuFbdjVKY8b&*0wkV#-HnoD0FwbS9YapV2@^Q{bG_49wDqJ;J*hcrRi1ZAO~5$Pj+-
zApHdthj-^4jPL;TWtkIZdBnN`<34i~DXpD^Foa@V+FGMj6^9K{y}x4MJnIUKP9%Y8
z?Ih^HVc8?0%X6<oYi^xOmv?30SE9DpI2sK}V`;Z<hb)6qcT8}_cW9;fP?mw647kq&
zd7k$-3hF~Z;TvbRS7|WmS}6k)4H{M!%_T5YTvIjii>$OQ7<a1FXV(tS6zzbvjO#dH
z;Z!bgvF3%w$$Q(G{O+9GExQdeO51XdMM3|Xt?IAumyTCOI&b6^2<usI^dFYoi83^+
z9?px^1C)LoJ>cQ`jv8mYNe#gJTm_y!jkKoYm`7;@F;`0r>(ddWkBZf-;vtXP=z^Gy
zW<wh#1RJF}*z%O-OdBQ2-ItA?5R^4#Y({<ZpKqMr;swSI%Ug}7Tu;`5-%gp{akH@J
z3HIVySnvXEa~5_BuzIiQ^N`O%l%w$&+D@U?ZCAR+avA#`_i==mS?&{fEzJ{YSMp;i
zyR`fPyELB7xW7h3{pSdq{UdUDAn!Rg4Y&&f{awIsA)FD#b(WiO1V<x8F*URj?h1m~
zOY@^YtsRIc%BoR|5u%J5>dV;flN2XPaE~v*!J4(RgZEDHmcgZ0(EE-Syqi(v#&3{n
zm-u7$#_UrMf_%fYBi=BhNt}P9BYz5y{7hHD`!Nz`8a9V9FuveB`GEnWi@s{VJe~=7
z<Q6`69$yLND8TgGUiy<rj`{nLqYwAOthO+8W?4|&Bavg{w=AydPVfqvUhg=d6#qNH
zUvWKd3d9AvJNZU?8RWeo)1&i^RK~3UhAQ!FoHYh1*pD?{gEoj;28iShLX8Jdyb<$?
z*OJX?=1#sb7`Y4glyv3l!#Vf+fO78L^1KJn#!@PltZE(oeW~fOdAv(d*k;`aNDyZ`
zO}3|+JNcGN25$m|Tr2oC02sO5t}m=RF!TYu8lS~&l98;qIq*}&#<_loTn{zncMSS6
z(--$+)cmC)ZdPF7a6ck{n*lHWdO_oxfw)0QuR-F~qv)SZxn+@;C%XTM9K4&MTDcQv
z_3L3zz&-^mYT={AFNUe_0#0s2JU<VcbSLqYd+Gaf?o<fpE9>NPl)gf-P%7q}OJE7b
zLZw>FE2wOzJIWCErWH^|=k(JhsIW6u<U-@}uxbK1)&SrQjeR}E9=Q|}uU{jK*OU7C
zjlO=1SK~A&qH!c1eO<L~pGD&+3Hya;Y(hx#+<7<}S6}xu&eNodT`@7b-6|SiV@56H
zt<>8apc!)~!M@&NuZy|!EDiO#CjjR@2@CHl7K_(is>+yG>g%tSit~#7#Uk#!Do+*r
zr}o@Z>_@lP58OQTdk^{iVyfwz{x7PgFDBExm}<PoQ8O6aplTd=+I-{pY!Z-=?PwJ5
zDylK1m(Zu=w>soU8A_eCd8U<}v_+6C<X{h;&5S>$<66sjG14wZT1$VIh0X^}YXZtB
zuRICY{P7oBuHen5^&|Yy^!2bo9pW8q+WybBtOG^ase#y8$M$zT9xe3iSfAJqs~Ev3
zpVgGcaEg9AWn7AU;g2xCAys{I?IeXTj>Ql#Rlq>HMF2mn0;YNU3g%E>YVYLRJr}rv
ziL!=Dns1bWvQU2RF(4g(52roS@4>fAd8fC6xy2h8Ij`!B%hx}$#>7>Ne}IOa%P4#l
zbQu&s{1EsYK)s>W)D{K4%X0sSRHMD#kw7V4eOL1WWH(witrh{ZUv*QGBGzzqEV0(u
z{I>BJBa4p4=9FtJr|RvTnM|_m@0>Z_YT&Ya6i&K8{!U2>*cI@ShXb9dtQgB<l8frM
zJ7<PWTYjC#L9HNIaH}-2EM0dNiqk&i0^{-@>O7bIB=vY8%I_?JN#ci)(8c`;iP*(a
zXXq1uof$dCYfv@l7wz5DH^;EQfjb4!+h7i@3yIqm;ACc;YP^&F;O2cszdIRyyxAld
zcQ2c`Oht9Rh7|x~so0l9--2kUg2o_s%VBU^>&|3xF&oY6c4-wFJ@Kmy$2yXVuAfU9
z|B3=Y54=bB5%66`zJf%3U4-0C@0~0sXZBp-phXp--1}hd&i7f8i$OFqui$+GWEtn*
zs9jlSFih{yiIkYRT$a^@{{+Es#}=pJyc6%bONTe)-1`uk!sWunbR{>QDyC~@C3o$|
zQAI5{Um1fRWHt#FF)1zLCuR0jcSB-8n<|yf=Wi}OZQX*OP?8aNF+K5vS_Xzg`kDT|
zjMp=4?7+_-Me<?%fWZ}S`#b0mV;<UThhdyxTyw9{PZ)N~(nDR&|3Q&>b(TG{x2MB&
zUk%9lci>9n{S3b*3_oq+r&KUr4bn_A4RWAO!9?U=GR4ZOcLL<nyj+)Kj0GIyiW@A@
zMw2-%uX-<w=r2pscaxs=OTpb2BXR^5B!QQZQl`T}^h+5X1a`z}h3mpNM&wFhwv*rE
zw4i{+PA0%iTe9;Q{W=(j^E9TLbJ1$dcf_fAA9Wp5_$YmNLp6qnK{+Jfj<{@sF^Rz~
zRIF@Rr@Y<&Ko#vYVcD|S!?7XigJaC1>3tkZjGOc*2Fj3DjCurSs4d?e1=v{|%<ARN
z>?ttE7U9()Wc3Q?pU?DX^#*6yGH!6z)$jW=ed(E=KHK{SEzfSuWAzl%^f|CQ(-<?B
zp2;O7{wo`2y~OCD-92eG*`Vqx_3i$EdO6S!+=sxZU47=6XI?cDLj|j4<EFQ`f>rQ6
zv^xY24FhU}S0X2e<+o;+-7os_7$W#Z=PVg3JGJ%M+}^&FAUW_u*|@+ZzXzo{5FDq#
z;#d`jX|)2fP=()r8vksDt3IJ&4svGVhouIsc%AZ=a_2|1oWQ!o)TAB3FLMndTz}vi
zLf+;IgtD_WlSfhcBdqhIK@XJ|O-#M*c^%GwBEoE<FG!8@7CMpWSHQKl1BLrn86&@X
zW;=fd`hK&?h~VzWlrb`<cUbbyv0e+;@`1O^&+^mX24TVWo=>em$!y$Lp(5O;0A_TK
zWP7iOB6l<Lzv7V}j3Td^6Zz99k{;+yN5NQ<$#c~(WBQ~v6sseOtLJ2JX%xwIr6lj0
zqsYHuB+KU)%H-XhcBk$AV?dKFRr;M*qbH7&RWQq_9bV~&H55}*&eLGfm$tqC2ou4l
zr{|<9;)7&fmY$*!-8I`{x^k=E0I!{M-w2Cw2gs7s4=lCkG3@aUUhFGm8IY4e$~E_W
znH(k+*C2(=8Sq;<_Uh%}f&n#Q87#|mwJ&FTX9g?~yNj{UfQ|Ro0K2T1nLfNP7&0RB
zob-vJyJf3B2HOL{M3P`P+Y0M_*{U}y!Fw^y(?KVeTXQ?lfuCs@%LA&~OTgp(Ns_H3
zF(Z=agXAM^NKz5WGESv9hzLya9YG-=bf3)CDAUYA`zG{08YICYHU?WX0;-n!UUT!)
z&pe|(U_{4MfA09f_soOn)3yZ-js1ev$Sr^ndtoyp+f3a38+rUcVs5Mv^jB%)4Nwo3
zYT?jBnz#l08H#k?0X`U}ejbwPpe{x%KXQO|l0Wd;Mp;w9jpM&Uz%F4W+C_)&hn*S*
zdhTP0+4(;Ff}dKn`&)#;`rsvC{bqQhUGO82%QDW!8}kyZQ?QS-bO(YSN8FI)ihIY|
ze--Thr#mwEo4~JWIvvPx#IE<C3ea_4aVRRW|7i;=G>PEZ!MbM)1K5<AYQ2OG=wZcL
z?yuM(aH*a^;}s~r&{-~~JsLqkBP6A+3pOG17-a6puX37Aa%Qi>x2zM3!8;eDe&9?C
z-kVwGG&?M_NhYM_dlqdW1KJ;kw05TP2=aF5tvhGBF~Eb9%I9>w27~Qjz2?O)Ho9pS
z7-LZYj6#LEtWm9ooXa6+u)bW3`F9fAl0;OAtpiDC%Tu*m(mFB?j*-*gGauewO51Jw
z#ih633apf?&#n|V;5vB;$@<?`-t?^X42r+n{P8lB#dO}wR)Eno70<)XwyYVy5cxts
zuzOO~PpF|A6ne9XNt(_d354@U&TQ*l2|h}y>2#j>`EZ^%?3Zi$rC<`y6O-xtM}{pi
zqSy@agA_2DFy6r+``BNC-wM_ltl_!L7k40AnJ*H+7+uO%YOzS1FA}Ts#kujAFN#hu
zUnF^~e4H;*ot-lqk}NSZJhAP3aeUT%@qLndVK85Oj|98Ayafl~mfuE>ts(3CHkmKV
znqx3uT#54Q&?zxrq{@Q%;tRn?=Zn<)$YqwyOQW?3=U>@yZ$*ljl0TLVew;z-9P<%g
z4g8#SemSxn&0$VQpw??P`L@O~KE`OPp@qJNU|AnQ#<OS7+MZ7|4sw%oXY4Mu(*=v7
zx`6B~1KOo=2x!CkrU#ke*&d)1K{K^m4GJk?ai?`|5-?UmG68ArWO+E#BLLU^k4$$3
z;F)=O?^3AT);V84>o4#@UB(M0b<T%TDRXrn1lIu_l}h+$%w;~BC7i(m>{(+!!S9PC
znl6sp>Qy+ChOh=<;NQBtRUe08pgoVB-KQawc6O3jN+6xxXBaW7uM0_h$wZPKItb}v
z3f|jjN0O&c5o#pt>%IcM&$X}nDrkegZur2kuY=DKNvIf(!zJ)93>@zV9-@k5T8MpE
ziT(vJoWz9ziEjKYhJw1rZyD&x>6?p<uW|v$C%qr(OkNjg7i1LISzG4MxxN9<W;R)!
znZ|bz--Si&dyq2cewWn#1nl1S6EM~t>%_#a!uaVr*Wwuo&Vvr4-Kn5a?s>_*P+RT)
zoDXyF#P#>g-`4!CtZTC_IGNTlTRPX5nmI@X!kCzYq0ukT^!vZ*gE<psglRbsb$|az
z5mO0YrUB!)O)3+82q%KrcSl?JA_|7(920|u(n^zxqy1G8Uyo!KqiAP@ferTcsSO4-
z_jA@9oGV)tC*)E^VmPm3HOlG|XxWJ5<OakH=Uc0gZ_pn@&Tzg(9=39#X@*vUrkiJa
z&XLZ+90`5;tU1yy*qIC;P4}}XZgP$kn+DM&k`s|TqLiOUWSdFO&mxL1%t?N8Fx@cS
zyBPT-L=ERLYzgss%rbjlGnsU4wa#SH{!GS>&18@alVW@BTqe!A3=D#EnXmX&5c(O+
zW%$E!@wp6s;9KW1^K37_)Yn)r?DkERixPd=9Hu8Sqv0<d$&AJWFCUg=jXwM^do-EB
z4|LIpXHRCb)2qU{$^kaEI@Z(5`FrJ!KhsKLv(;4(p@NIq=_A4fqqesOLe5Dg?l-RJ
zRUgo#M}|okATQYobi814<QKCxjXc)1A^g)Ud1_~Y@c8FKShu09_7kCeG!gRipE(rM
zp?#1?)1iPEgM29{riD5wIvbNBlXpkTGH3lHET0U(;`$1;O0l3*()nmmeVsNoj$}?4
zaww=L`3Zg=te}faUBxcAk}h>6{!}acP4@SqzUSlbv!={VIDYH^X!M}{!EYFA@kUni
zkN)OJKx<Hgz8U^A)QOedy6(tx1$lv;-5a^OjQTnp`OxKLSn$tftj&HL{=ryFUei*g
z7!LBF15b46ikejF%TTk0nR%Vw=`fOPtWVDPW2$bWbfEUh+rt3?JT>}s=byl_^$L2f
z+mlhL*2_qdZoPaqA?3ONavdRMBo){A%;}?OA|jzZnlYP9hoY;TT>c7<htw(=lwS{X
z^%4wEdEgY6ZZts$|19UZ`f-X&{qADph)sHi3$9iKhEHW7+^h~IW{o8zs+}93GnPQ7
zE5u>v!){nG8Mb8UhL4Kn#fc?#a2IR>bv?`fzCZ9LrgJxR8*kXQ_p>PS9z?crvE9o8
z_s!2R6Uk#DbY@qtNAB5Zbp|uSDVYE25uk1Fn1GAlXmYVNnp74|MLZh(rFt}RI10zs
zXyAAwx0Y`2)>6}}L&ty>7Tfs^)^!`t1Ri8r?aX3I4TIfSy<&Si0?~?kV$2cKkOo?V
zLrCqzf7p@#SQa#7@gVz1upbYinp*Q{w5p=x2E+KXvAfwZ%J#j)Eb(+arwej26=Qi!
z^HVa94(E8gfJw~pe!_D9l*u?D<a)+mX`Xum_en8N!94dT%nq}NC~vOs9EbMFIl9>-
z6_0MUNG&0qv$Dx*7%xWVvA@$IV9VxKj3K70pHN){`<wSCgAXt$^Nv3uU#v_#=eg4~
z@{{>00n9X{OeGP6^HpMXzB)G^^HnJu=Bu;H#`!AM(lztqB+LG;nW;9jv96h8{n=Qs
zzxg9cJ!&>t>7!ZQ=B(Lv<Nu(;?liMJ<P7$myJE8x9yj&(y)H0b{fN==RSu8gDPR3)
zat?Pi^wVZOOPvPu*}Z5aI-jMDfie9JHZP2ItW)>rAVrt5QAYX&JMsdZwS(e2Dj3VN
zp-a=XCOU%+mak!y?+@?qX+ONr(13M(ztEUCO~=w`6Yhh^d1Q%MR)DjxaQ8B78|&jT
z&ch-eWhi9onT&WFutuZO{oK~;Sv)v$z8hDelNdS1s&`Jm0YOXp#btV43-LS`jIwj>
z4`ug+#-F%dsLO@ZJHjIdRohw40|gU&a2W192FbnKp;zYwc%l(MMFA%|wEtafJKUbq
zqYL_@t&-#`vy$j|p8fncAQS&hzaH6|%Ek8X1O3SK2v&?k)ct~bMI808pstLg{wS!I
z#Zl%#<n{76s#j2t!s&+WhXwUW95pVeU&T?!3+g{`S|m)kfhbc8G$zM`c2n`RW1h8m
zFl89W(pHyY33vA!5u?yGtSinjcfSeHG$Xv1fYtORRKJDEmEvw{gZnUX+mm!ZYJ+=%
zxECks2AsJ#oHN-my)#L-r48<t#9f}G`*0iFw}|tSbpPH4*MBhR8c8~wznX)?V0ed`
zWu%wawZVO?4en=caHyO){KklToZWDg#|3S0Xa+l`pGeYup$%?^xL+sf`fGD>IJduJ
zdN~_Vl<%o+a2FAGGmJP!cQtW)lepW6dq)!YIpS_f;(kP2CYkT=+u*wEpzBQ1jS<(C
z#GOi9cM^x4`W@3fN!)eBJ%a`mE5~Qr;2tFo`_6H?(&${=sY#qPCMgzIVWuT0(nmoN
zJPL};QBcH<f>JY4P%0n_iteMJs67gb#-pGVItohJBuF<Goh!^w(=~XsdHkfdg9QLv
zRYlhqkrkAT%^*`*7$c)QjL15bj4dNusm93YA|tXcC1YdBRaV5v=r$uVoWm61*nqI}
zxh^8aNuue?(2`9#8)-F;MHgR|XJaLLkCDGOoe?;|UPHW^>EZ(Ge7)!ga57D|K1WRH
z3DtL6#>vt%pl@I`n(lq5(R#*|?{`Kl<<}tsS<0_$`XONm=d03SRu!Jw963hvbZunW
z_%av<e)=Tj^*r{C*dw?aHl^obE%`0He7fFims9D+t9j;-zlB%JA}mmMN|t%?v&1Ew
zs@LDCbbkSok(2yEZ(|vH?$)&^0{ZA!;7)9jVa>O+qSw0~8F~*f*WaOA#hw<aEjf$o
z9)#5RoKaEk!3>=g5DX&Zj?6{X6KT*~bxpp8G9JP*Dl`2uV>x1H%6ac8WUrHU>D%>?
zW3*<B^|~_0^jx2$uJ{k*`RiFTmh&4}Y3n+`GsR`z*ceK)0}sD6W|J|N^IH<VnF%C+
zvq{)>C|xjj$Qa%8jUw~GVYYs5!rLSK{Xk}8r5aB|{|**~kbr&bWsm`5^q@TM1Kc2e
z3#wh1YA)^y@W*cF4B{}z<6O2gBb%(*64tq7lU2jA$!cPx6|%|bmMeaB*mOUF^bU4p
z@hyl2OZYx#XqSMs?m-PXs5r4DjxmQJ*YT9gnFlgCeVL!>-c|5!f>JUK{Mclk$HV<`
zE`G1I+vq?!FzE!`qi4l2Ds-^KYCCdlGuqTbFA?T*Cg`O;gY$5Es9ei^H)l|H^6^$a
z2GAB;Z<!r+V;FS<qGr1C-lLGtR_TIz?=n^$r}A8BHpyLie~@Wqg_+;Ml_$Ai8^wMk
zh#k2)j=qCv?j*;)aZ0575D4_M4NO`n6xV|(H&liCwvBV}#<&yp9cA`0B*I8`y?!@W
zKpPz1VCzvmIh)5bLJPCGOfEQ%my4ao3y%Lx%w#d34vxijQ^j(WF3$@1cQi@=C|w~8
z&pt}m%QPI%QbzvcxwwdY<pMoNCn#C4&;_RO2wjxZ@&$T?&Lt{F8lIk$vfqwkbI31&
z_cFjk3}KXihye?3{=QBa<I28{M9BI#^lO|L>6Coq>isanGAM^zJZw3dv>Z&;BMaCa
z5w>D({J;zCi>DXV6Y}(ehNWT6bai@P1A}bik36c7IL$B*Vg@@r@zV^tW_5@$w$12b
z`v}U*ytup+<^FMMKzst`g~s!v@`!97MJ#0D!Rl*!;I_DY*e3^2dBVDZZG!L=DrxZH
zpz?wjrmsuboAA<!CoF3Olf#e)j{)%)wBbTla-Al}lXjTP=a-3{sQ?q-&B)eCS-*YZ
zE{e#64<ysIG8X2!8H11h@;fPM_+_Fd8vi*?DMb4oFMw>pzQ;mP2j|SF7hARSD6$Xj
zMD{(dG#fX=Z?$d&QP4xJB;u`XY3G@ZFkm)G<KBo!b~%i<^jo=cqRtCY=ORMBxpEJW
zlWO;MXaY44uE<?A7qyxw*rO$DE+``VmbZg%(6`(Kc&1bP7VVl~?nL_C%G*dQBAQLY
z?qR|aM$=1f(yw%~UkRiZPb4Ry-9tz^<_)e0zP~s_ORm%MRN8$j31%a2B2s#(gW1a1
zOHtsUm%<XF@2AtocOU`AGO#02=-ZHT6uXdAsE>L(Q0`hh6zd)V5Ejecs-S%rK9)(g
zEe%WCihjVmD>vZ(e7B98LSkK+{(^Td_;K&-te#E!GoMC&$2<CD0Go$BeQ9q!v{Ov$
zQ5kL$s$Q=$R()2_g$8DIGYh4weT@@Qiq>8rXjWmsY?4OJ3ga5aTkc69rIAUfA>*1;
z=AtmkutzQmsQ9T)N@&yW3mJp%M$^Y)x>F4?x-<5f^i0Oc+7OnjjZ@gB;OwqKdHpe<
z?2n+2*`!DK3bn)hy{-8$Q+&M1JhQw`#Q!9WD<JM^;5viD8P|eOt|4Dy`FpQ-g?q1w
z)41VyVANQ2lKMLnUuYe(HQE=(m_qw|t92{#4BEy!0JHz*xXW(jIJ$r_66-gPTSzQo
znoYv)^QFk~wjpOlVB)Nrq}?CoBZGDT^~Z_iJDISBNDPKY{H{om(n8h-ErenRE#wGk
zA;I@3r%L-!V+aReA}Bt=1?69A2zL~7{gQ8kK}%$|K1y2Ri=ZD>n0ppgb=#odsw}js
z)a^?LbO3mJ<9d`+)_8SoH)sU6k)PiP&IW_lJAq&$2m@x5G};LEHxXb$e<E-WB|(D`
zlsm-`8jKQ1gV{J2wJDM2yf}f5{<jiEzl**^{=x6wPU-zI{ks6q%v<LD7-nq6CI&Dt
zM)?NzZl(}X%qC%Xl5FGlCEqWc>eE=x3s4L0781?EZ6=OmJ&tXwY>U@j%CD*9^R7Jl
z?Il)rPkqqN4sU$(<#6XqPbe?S4sV*m2Nv7z-E!|4vh&5;1Ac<X@FpAp%-G`GM(p9t
zRO5SSn)KvU{v0zGWX#OtL@|pFk|)gkD1Q+*m3CezcFnT|Soh;kqZiXwu%lP<7Omv>
zxD$Bt8iU|d6y4w}m{uy|oPzW--SGEEAwH|e@&jEiG3FhjXA`Aeoyn}&^RUW-cJ(63
zpY00c0Dpd@HWRfg){k$3K^q{6kCHa9O-P7!&j<LIYJX=@I(*jiO}>}F%>ID@N|SQF
zMF>rZtD>#Hr8o+Hkf5|C_(+biv7aFS_D5=3&G#T(ix0r>CCmrl_Yvj;FwQilT6_S;
zwtuR{2VmyexQl{F?pBlXD1wmo7eB#_?R3AtI0ZH8_ZL^>Vq-DpU&nDazWtH3d<(#Q
z>ho<E;{wzKLpscsND9YD7!M*DibYadMj~fKG8Bts5fN!hf!z<H0Pb0!)9()`xt`lu
zfw2e+rlF%S<H2ItX<V&54^Sbq`Y9+lqr1+JVMC#FCbtat3_S1%&{_8hV7g3EiGK`e
zD@L!pgy6&+FC6#-;`=hCzHDuzm?>g!`cWcq^rPOdsc`T^7IV^N40`e1D87lp=dndh
z-p0Qdd?AIKB9`OCef=ZFv`QbzyAs*uOE{!}><WH%7(Zh;UhFJ(?R6hvcHPBpX2(>;
z?l8MNvg<;2IIB?Xl<W!!;Tu}bE|2WwlysRVp>&M%W25_DjU300!)9ZXny*wR%~$M;
z^HeHc5CQ<fS`&l-K(M9+Apj7pbU_FJ&(8X><oFmoyQN2-*PtxUOPK2#6S$p#q-}6e
zFE%NQSV+u*woSYvnV57;%(uS+#x;vgsM#07mZiz%t@;_3f7WbF2RohFEAGI`N<D{7
zFRohFN_KXqg*~-MOu_quoNvz*^?(_^?#3Kx16<ktG9IQ*O{3RXbCOYHBR<}&cbe|i
zka6cS#9$g8-q+*4oQ1sua$-$m7vT>n{7S+fW;vim#)}pOK*31lTmcevmX-jLj%8+=
zSy93Ua?r1EJ!yHH_6$M8xfOF^d*(ado|$WXzUFSbaGSRKZpfgf%S;%_x9z?w9$7{i
z8ZV=?Ys~qrJ3$b-I+5w`Art>4BB760QwJX*x#hl=uq3tIzajil#pBx(yY(@JuOa+#
zg|8+2cM4xm_!A1>K=_ji-$?jV3gc&Q?G^-KUT-J-X@%cG_%jOMO8B!1zmxFi0JCgY
zAwb<zRz11LYT@NeB0j5-qK{l@Ri0kn>zxHZ>Rn4``a9UnF0?R-1r-Y=6)gY|ESVq#
zKo%^XgM&s|^8}>C%z~vAS^==^#J8Nd5y-6~GfGKKIPVEq5D?`sii(-VohWjro`kyq
zKu}qN5C8~jOb`Mff4((;LSg>Y<}57{#Z0JNVIcqzqG9?V0bnB>$K7ih#u>C>xyUA1
z5uozz>0{yGo%f?mYL!&%{IMmrdmVkgRzv0K2|F`?tgAGF!$%}oE*%n8POIlTZuQi>
zbT<UFyLly;DSuW+9gA_-0)uaBPuB_(x6)NRaL#EOIr4@@ul#5hy~zW46hsf1jNUiX
zpVK2|I2?l`X14khtwf&ZWo6p#Rmi98ehh;Z&7XByUunB<0=^Gt73)jcB@JmM7cq>)
zcUE|jIOu}#Vef-l)2nZQLhb4G>=S=U2I#(oGN-*FCwYBX0iy}{3p$;}yneh-ouPX|
zkRNDv)t32X{d=B;#DtM)aGvgVxc0DPD$L*#j44>*C=Ls^D{Zl$rJ{+|H`~*Pgp#2z
z6Un+%vcCgcHA$(EzV4;&r<fC$f%|&gPlj;syzXL;E^n^r1l+5z);JB9E{kv5-3<-I
zMj13&>YZ;}?!JlZod#=9k0*_dMoWHt+s^x7gfV_J;5sUXZ$I)uiuow@0cD~$j=oEM
zr?KMuIwv-bYdXfi*wK%gVn2ef2ULs^3tu#0fsj4Re}F~smF>96?IVurWVJWCo@zw>
ze+7In@4y}quZ{|j;jsnypWX3Fs^~H(=Rj;}wLTA_bv!tU^e>YB1C>m)5RAxbAxwoB
zzf&FXJ5`+4J_ju8{22aEkaU^feLmQ>`_#U3v2oyW+IPNAy9zE>+#C)+;ao+mFHkJF
zExuKbr{z1)rQSzDtH(f>dVc_{G+uGspOXY}^MO!U-IMf3*HGE`=TC1f_oI-%^+jZY
z&f(*PzohUd2!C1OPZ9o#!k;GmRfWGu`0EOPp77Tc{u<$bQ24Wi?^5`ygukiqmkECZ
zFnnX<BM8t(QV#Kv0sui_1R(&_L5Wly?1n^BL@_Z16j}j*pp=3T00@d92myegyn+w_
z2o^>V0w6z1ILo2?LN{3up%nm$Sz<v5p#B`iH_j4&4l@r&AuLV(NG+bUa$Ft=^TOu`
zF6tYHdFPoqZO!BJ@yT~_o{6Ps&IWuWO<Gh@-)PHs4KjRJl$dB=rnUfwgkjNnxgrl2
zkBMikW5{mLRQ>bAqxa+Vum2$d2JmprS#`}t-vv{Xqxe993Pe|+$G6+L)9@fSeJWGc
z=M{a({a6OOq$@>a;Uh7GG=~1FzhLW0Z{dyMe7&n!P<Keqg&7;um(H0TnNeKTORKB%
z+AfDSR~N?Ac)gU7v*cP4@oZT^=t-jE!+n_kuo_2goOvEV|IsB!KK<&Zm+;+ICtQpF
zJ^kf|b8~RSx!O@(*I_S_Ifa95qCBhJK|SYnD%?pF+FRPdMmfLdlzr(zG)VuRCfWTi
zUyGikV`-_f{8qOMDR9xu!1978WWNWmT}#V*y#v^+F~Q5%OWtb0rni}x#fWcgfS|jq
zoenI^y#sK*w6~D)u44Qf5kGox#(N<?=Fz}d#`{nhGm-IlyiQ|Q)lRhU&e10vgH+CU
zz^Qh!eRppXv&O!=n8Y~t-8AZ0s(pxPH$DKKa$fia(C0bShnQ&|r(MNJ3s%O(4dD6F
zlJ^}5X}Q>t%j<eo5fJv9{Jynl%Sb|QDO6k4wG|V41mmmKuX6HrA2QS<|6h~6C62A2
z69X**`?}lE$mH5T|0DXri6c$v@no!kV|rscd6qkm#5DABPE&f)#<#eu7H)-h&Kzb&
zeNlq&8?y+pplnTWL0K+q;AW7{Q4Ir!EW<m->W~w~g`5{t&aWq!<arm$SzzMdH6mXQ
z<6cG77XRU{GFhvmcl<7N;7IWq`d%0c^}`#TocqvIYyY<r={H3A{*Ya`l#+D$nR3Bv
zF<<FT{JKHYmaXux9LQhJ88F9tnWL~DH=`rf=-8(Z3kE;Vk3mDsp-GIa=f41LXCvhC
zJK)tvA`E%SRo3V^IxDQg2*L0@9gmC%ai_z1cULwy`!)$haHsD$7(8aOGGpYdQQ%Sx
zw-xY-_^Z7fY~%t8>O#Bu+N*q=T)-*{@gpwsBX%|+i~Ad{qszdcc1n=qT;gP~tPzI<
z5erZpQInryf%gO2N>l{hbN&rILvp;a<|!QG4!0!|pM)i@=0!cPKSWEq2qlB#G93J&
z5r_Xe0gVHPb#|iwm_BZUY4I{nvu;^3hP9jrS!;9A|I!})5YcpybgZy>u5B&@?{jHu
z*Ik;ovDP~VH;zkgyY2E+K4aQ@EPKz^Ed_h@HyPe}GdHVWw9o37MDxr!$AalN|6bfa
z3f{_^xq)|?K6-z&Z?WvRJXczZ{9I{owCo$7EA3k?`>jb@TID8`t+KI!t@nK1ysloi
z&C*`|!lzuQ4cOkFU^+7RGc!J3ZUu(A#~-pQoAioD|05sj;Gm#Bq=s23xQ!RrJXJej
z2pbBllC1?OaB04@{4sxjJ&{I^&KGLEQ3}hRjM6+RX`V|yH~tUuiPAjxeBSy$$R|n@
z<g*5PJCAmj(A#3uzNs_RME26Hg(y&|UVyN#${#~5VuJ}jzAg_ip~C0J=ZBg2e2MFN
zm?GT-q54OxdKT>q6_1axbtG$+tP)VpG(3qFPnXhkv6&Z|5IMy#_8d%RpSk^ktudJ!
z*XaiQwprrcxoGNiE-*J-lK|^{vLxqlk~B9w2bvq(&{(_&JoE##EbiQc1zWe^)ZQQ2
z_U-VyYfE>i%#vNQAcou@BMO4U3g|YYo-G-(<@ZasMd+IFocpKSDs-QERyvGUkneqP
z-238};eBn!`J_uZCT6vHTgrnSsZ5D#we&kuDG^N$WzsYkB+^jkXHRosA`Rt#_B0nI
z(y%Q1NOOZ_PAx4hUueo5P~M;6$1DMLzfH!)(q_`U8%fHHGoNKC?$VNV%LqzK=jE5b
zgz{^tZR-~CL7EODD~`#_*J6PLLvZWXFdY#EGoJ3&SUT!U(ot1NcUzcFbr(-}o1gAT
z$cZr>(q(kzbi~59fqq*=-CTF6N-MQX<CBJ|_2!4zZKBT7Mg#9l$O~6yvYGS7XE}RR
z#l3cWc|8%%x@K^BbfJhtQAONC6WuzEG~++biemKE=?t#kEoSy|^QMF=r;9jHDS0c%
zdy&v-aOo{G{$qUE!~9v6EkRj+%l0j05eWRHETQE;OIe;<{gwUtL*2&e;o0jiO84KZ
zzbKv7pUpeXc;_a4eE&!Z-R-4?jA*g5md~PRgtqg0Zppy46iUmV%*y^Z(`=uehKh-$
zx$(9r&9Et#p(1VCSckMPMp{cydDNk~ve&Z?!OHrfc<9PHu@m@w-&8}lOBrmx0Xc;~
zznQaNzY)A%LOCp%5a)4$a}l%gg14HSq&1oN{N)Y|<Sls)Y+N}wy~)C6l<7VWY|1IZ
zpP24@0CR+Pkdoo9Ng!}}fzGqXJF}WWX@!{`k)ekCROk3TJ{#d(p3-EdBitw-{DS;5
zof5La?Vne%m>&;|X}NtE;*?e%ZI#@9&Ixh!F<)P4RqAeu5zCiZmC?#(w~Rn<hgDe~
z!nlXj831<Y1hhWV7zDU$dSBU?&Jg0ouju{WFQv|$e!5ZzKmDnf;%(o2DK1b1;U=6H
zcNd1tQF)7)9H$6)kioPr#Os2se)s|nZ`&$kU`}U8hMZx(aKxOa>h&zV%*Ev{22SNJ
zll&{7%H#I@{yZ+k3g>vaoRK~mg~GyFRk$@4^M&9N|9t@8GKX3VUM_eE31++KS8>&M
zkH3D2X~cmb4VEo`)pprZ=5{9TvBU%gD*%Qu)L820v&?@V#5d00Vm6U?ah@&;;2a$#
zbB{*8eAgI0Y5E_r_+naBFk9!==b}dEqQ>T;aH|?Ka@T{mEEtSzR|!@iVmGsJhN0fw
z-v*@q(=-+%%N@{%1;<(I<4<bfL&i6PK^=n-v0JpC@kji7o>Ioapue1T0e|~R=$y%V
z?2MV&<E%t3w}wd`w;Px@(S+b9Q@r2R@ceX0AEkSXGXXMqi^)QUSv{_IGSL?bz1X|7
zX<tG!qlTYM_6R-_bY20u%@Ra&4`J5hif|8&2VP0VALASbT!K^(0jUOrROHwDLeSR~
z<#tkB`Rp7H2GiexCO3>Mt6Z>sH$fDZ{^|)#5q5$$HENZ&k65@r625P9-m3JT@56;v
zShO>`@w4yqF}=*lt7dkmI=fTZsovD83lVFl(r~1`)}AVo8=JRJ<}>zW;s3|}rSy=k
z^iFl+al~7&SdgtRYOmQWda=&YU)a^(u@X1sGd@u0PL+;ai<Fs4?>2i2`l*cZeAF8M
zRr1%uU12ojeGPt_KXLa9c@KC$=wNuz`ws~Zc|C_RyudqH-V42><-N$eSl+|lRr1CU
zuS>$+KZ1>c`NL`abkPq1PxDcde~sE9IQ1=v^3c%mP&tMe7+O&29gbrLhZa_<m1-O{
zG&EG{t@IAW(k&PU24r#ELg1>qQAl~jV-^ipsv2WJ5Am2V0;j``s*y^@R&q!uF&YhT
z?<Wp?)T^je{4*PGf%|H~8R96FfN+8V2<MkFE4?y)ZNcHC%<7S*VO+~GMhmVf2-Eqr
z;2weljn!R{M^nK!gT*clz%e6mss`Ya(YWcyz708Koo2vn_5!=1g<cp3&CvPciT*WJ
zo+{mnnH*NsiL*<$>Qv5;8-LW4N-~@1D^h!#uOGr8Ep#8LB>HcNM(;5T{RX1ZpUgtP
zk!W;WDYMi<56BlfW4_P<;zEysrG*x{z*MG%ZkcHGqkLhIpgzkqLLE0ny-n((l{G;o
zi0Q`|&P!O7-lTqf0wSg#j|ikHn$($3K*Th>qR*k!!pbG{$D&%w9B$#{ENbIK)UE0m
zZrr#6{u5g4F+~!4V1uv6Dh3M1_^;UOm?A@lQPO)<hR2`4iAvy^b(VNJK3VA-e?r+*
zxu{vb)ig^>yIN~NlxwYK-V$CbVYqd_Z%i4jpst&=pVW={RC!yWwh<=@(6gnMABf8|
z8G+1i^dY=yTFyx*i~fL<g}rMbibsuB6$#~P+-;d&GXv&6>y@|o@is1^XP;t8|9K_*
zPitVq4S6$#C&pak^X$w-XWH76PVEUk;VHuxSq4{uUk3X51*?1mXE%%b(nEcAZZuzg
zBUz>g`)n&!o*dXvo}3SRUG;TfbDb89m8cuK_{&pEG2=-u&t!9JZ$~UI0bdTY_qF?G
znJJ!FOkFa0$(gnDvh~qyW(+6PlF?;EDy~xXQxH`f!}pf?71%&0d1XmF3inb7^1v7p
z1;`e1qn(lPwRzdxM0TMRq-JaBq@|^fIusW+tKQPIBVF%M3s7rr=3vOq3s6ZoYbp)B
zNgIx#n_|Q6^&qLt%h&u;PveT8l)Xn3gbN_Bd}<Fa|0Q_PiUyJUh6R%gCWj^`#jN}}
zYD&iRvi54p>fzJ^=S9pKp2COHLsLV7gT*fbI~G5l*Puj7>C)pr2LW5BRi1KAjfwzn
z5=6mS|6Hbgw)#h{qet0Ktz&=})H*gjDV1|3a)fD2!8Ar6tL@0v@%uMpedg@wKKkNV
z671IwP7O#gYHOwH7nl_s+6;LLftC|TS}OCBQI*2fB300T#|{pl9b9Ljm1QBi*(~6h
zmboBQD1pfqUur8UV<@l{rB@oRod^}yOGLLR-W%uNqau9g(A|sX+dgLa{CmNK{m8TN
zAmzTeD35fwrVp0@k6_;*gUikQ#X27pmFYUg$3vOvbSu57sg={v0v$2jnBXu|+oGPi
zz4S`GPq8$5_yQ1Mq^mr6j{O4VsR-meH7S0d7tOTK-KX@)AUEw9`*8Bl98e=Ms~lxa
zKMMK9CQWAwmRUBN>`W#r`N=?l-16c5r!f~v2PAcyHjV+;m($PsHnR%s%qDw<fen*Z
ztX7(dnDV3*DyE6~hM#6K1*|5A6_Ja@FQwRg!7t|DYNvvXJrKzFLgVi3P{QdnoK9+w
zly{QeIhIVlm*rfCvd@ZOX4PjZm^qAIpo5Kpl^a!*VVFx(#tBUh6Q=n6U<LgYJt4Zy
z8@4alKK%^g8@EqxxO6hFz3A}x{r2GbNJ;s8m26y&E7%4$F6VBTD9LPM>IC<IJu22)
zTKXaM=fx6^5K*Mn_o5o(%0-5gdxp1F4UDfh&yFZh`m>)c$X6RNm75LF1&U_l5Cj$y
z>6vOT7HwtrbeXw8VHz|2G}7g6<W6TDzkP&XB1UMcVB(ub-?_q>iyo0wO-ghSB(bM6
zngly$eiHaRmgwj)xEVD^%?k5)UIlkUU{=!Ju|_O*h2NK?x{F9mD?qK?fD&-Af6@5k
zwIT)pAsTxkK+BMN{E>Dkq=e&-nAyz0`75k4eh2a1Ru`BC{_JDOQ~Dik-@Oy3`AVGa
zv7UR&P7K{p=X4yy<EK0u-@rEnu7C|+r?mk_7)_~XpntqNA^Y&kW1cOG{rN09rJAGC
zmR44tja9OccbU!xn3g|IP2(=`)FsXfiAi1L17@=i1;SRtX+V$sCz>+bRcX03zlLT-
zIMLoLXET#4PDkoZ8$|BEGr9V^r%`^+GsLI!!t5Lf7EG<o1rQnp2lwR_`1oWC*-3CT
zty|I(SbY<i_}OUmWH3FDd4WiVH3by}=MBXvWX5ZLn#`2WA2NO_=UmB$qBhr|HOLlU
z+>z*%s0spO>gaRXEK0M}tT_&7oK>=hp6-|(H=4DExU)Mj!gqOOaKtl9<!$Lvt5oYK
zPx_7@qgH35D2o2&Pbeb&HT?@`RHc<Tm&-;lFoECQoD_j&Mk8Z6Q^t9w!p_NvMKT$@
zO)i=g=f+vVpaifSwIZL%*X-1S$)$ySYG~44(PPaY!#)j05$7Ro&CS>o2b$$MB1*S3
z{VT9?&LQ0i=D-}9*hsXD&MF*#mM7uUoKq;c`U3UK!bm4cX>4wbNoqS!8&5*toG+P8
zor|(^r?fJsx^kln6&%IboH3&)GH0$`t1$L4a`Pv0x$;!kDjJ*;YP3El{mOh$Vrk_;
zEMatI<P;34u<GhZPqhS&^P5s53Yr7cP5HLZS#zE>!3nc0xcK82Sf-%h6-mDwc7Xi_
zfu}CPyc&C#qyMO3NsqPg+35wf-}EqhGM~hRT`c<uT6PC~8$;T%gK|)PlR5W4P&s+j
z4ukfjwh;*oj-L#)YKi@;-+9SA8xdt;xByRC6^{{y{oGcwiG}ynW=$eYr3RK`Kov^2
zrVr~*e*gM7dYWCdf8QS{^#O68ps0jnxB;nD{=xBA?pLybpsSrF8S6z$<kuDQr>+B4
z;UGo|-Fb}c)_6$CP>0*=I8;hq*;6`v)!I<ATLA;ZQhI7&tc$;*eLnQAD;Uj1zz!aL
z1q>L{>rjRk2dkHuDd%j^77)ieQl#(9gurZa$>qrJidB<j@aV4+R?6~}=AxW2B9jdE
zSATzHEroJ*W<|2>nk{s$3HesNQwyNVpcX=B&j5)3Vs=?O94qH@*(G!i9g6A`GG<nv
z^IvT{g>^vhr&E|P2XMYM=oDmJd8LIjg8yy1|K0yr?B1_YS(O7!+ieZAng*nT?fR8w
zlPh*=sLL-=HMVUdC-1L~ELbtB(dDs4e%qK>pv*MasVY8RGgfB&j5XK6qmO0F@|z0f
zI1(#fVfVm_ogAF%3=9yhj<VxL(!tq{kI3>=Xb%hyOa&#Ux$@W5rH$pXEB;^gMktU9
z3wa3S)@+bLjINhz)dYps)|FY^YH!gOsYN%r(po<&*<Q+1e#f9K2A5z4<D^7uK~B_k
z(2~^ubKJEir_9SL*M1VM`uS66Zz{xr`xPQs6yDdkY*rJLISoc({9O!;JGl0Y4uF-3
zKAWn;0+8>Q*}3}e9Q`*I_tZm0X#NIalZ)DY7{s#Q=tF-^BH0zdr?l#8FjJd^=K9cI
z(~~i{ho|eAo7r^m9LIF({Cv?L3a>;u>JRIj7+Nq1?l_*@Q_QcsTx>bOfM+qcZc~KY
z<7cpE-H8zri=mxC1bXXr7*iUVfk~Nw`t%?v_#_y@fqWg;RQDPAf&E3kaX*n0JNCtM
z;_Q9K9I?-sCHsuY;`@iAD`){y5yfm~YO1T4mB3U1=VMmZ@Ub3U7k-feA4)Gj%ICC?
zisJCVDrPqO1BRu&9mVuYEU#e{w`K|>nj)%^6}G~{x5^6glh@R6dbs3Vg#LVF453Po
za{*x}i1S3&8|S#Cyw%@228|;%f5KYWi@ns+@=Q73ow~3$)txSnAKZ;!xm<BTdU&GJ
zox*2vgLw9=z)#JO_aL|;-;IMH>27-fCn=sDvCP)7U}f5^PRIjZts>u8UE-UAw-(J8
z4U{i5P+G0oonAEA8YBclzJ-v3TM+UELJsZ_V(cKSd2nNk!$F_Xzy{gpZb?V2ymk9Y
z23E>L5i+bQcc&LlN*;$P559(c9<o@Xt1&|xTAVy06A}z;Y{|;ipawUz4rN@b#mSS|
zZMQhyGSm0Ay7{)8i$h)8@*6nV6De9tOWT*`TkD}ByM;}*l&^YgpmiM8R+9Bnyz=DH
zqz+LT2#YoqF`BB3;0H%9Z)Ff`Ep48Fgr)8MrIL$Ev|Gn3pB^%B5QiBLP_~|hJPmcv
ze`b@3D<fn0)J~ww$1qGLRNV{LG{&mLUC*M5{+8&hza_ftR~-kbFz2lN7uQKG<E!AS
z_T(E9EToGTl1-P!Q)#u2#17sy*nATNcJm02^;%6T1;<Rw?jIpEd=!<N8aqEwb0Ym;
zcn2^oHR!hw+knBz{5Xwur&JxH_$m`KSG8MBYCBa*N2<rR22X^?$KosD<|Ch-Puo+4
z6#O)8)jv^)<|3}$)@hv|_Z;RxWuGQ7#lRxjCYWryIa79D!)?|ry#BMyJ+hbRzMwrg
zwenUTY~gv<kHBDX%&?dmS^-ro7xgrcVl^(dnrraJ;zU!XhR{Q3ViWzTA=LLYwoy_;
zd&U3Iedy|lk6+~D|BOYC7UytglV*(-`<9ruUnA>yG7TTi(ZdW+4Q-no-iEG}hEvAO
z2yvUs=XYiYSDJ&Jne4)CTY^=abf!|>Qpi*)_`hiii#dLqGBeH@Y&X)A;`ijVmT?5-
zQpIan=3F?&CAfVwL)j{+<Mu5sPx)m#7~k(xdW_0dD+4KeMNAp7LdUc<pv3h#n(>*S
z`0M~iOR3fOh3#9~@>+JK^ScrahmB3XT)|X;8@mR-)hOYww$MyDn;>jgZ62Vl0%ZYh
zBa|B$OXUV93Z^g?|C6hyasv}ZzigSXY`OBpX{qu=)^yH7${IecE0tvBCp9=x;RSba
zH*_n-bm>-nQ7At)qi%Zq;e@(!Axqc`T9*1i9<h2(^&*-F3-O;)9sHu#Ka*w2Jr5{0
zel=ZBJ8XbR0lblL178f=t#bu@J;93!>V;0#2QmKFbX$l`Yag^#;MO+2QZ1ZEqFX<U
zFWh7LQt*&=lQDK9-&e8S)N@=8x(F2SG@B$G!j1a^ELgTofrS$oh*1j5eHl0e3`?!^
z$hXwm%oq0J^Q{X2*{$;#ZZhwB#e$-eeFV-lFt?2K71;C68z1a4C=cp!EgEc>8Wjhk
zWQ_L0Y#;%d^JjtnFMD4CCRbJE|N6bE_iF3veqG&F-JPWZq{FkTx|8lW&<TNrU6CEc
z?jR&2fD)7kRS9a^YQw66fMMbmA!^)l-^N{VnGw-ZL`M{{Rop<_w{c{||L=FseXpvQ
zAZi@{-+a^G*Y)mx&pr3td(S=h+;i~+I$WcOU@QIPL<LR;!C9IhGs<RA-S^lGT6sDC
zq5o)o6#ow<py370|5Kpr|2st9p2baRkl(BEKQ@gY;3HY=v@6Hho;E8bjRa@Y;3R^P
z#w8-HkWOqF*JU)_AmC7376j0SP>q=8d21oz={%H%Qdqm0FjHLpH)d0d$1yXEUhgg1
zfYXW6h6b1-oC0nZ&;cnIG*Q}pF}}Crf9wD-bza}*Yzn)$6moekN`lwLrmiI2JoYF!
zGNq?N%6wsN52Y<AWXv}U8#ie`<7b`VTEK~3X6Hh8dY7NZKW<+Z{VaZ*a2ukd`s{^T
z!L3xDGBDVE8usGWuyR@go!Z-=1*LQAA3N>+gV6u!-YG8`z0SKZQUKiGsjO@GY&^Mc
z8u{h@-ALP1(l`s9QXI%p8b;?(-kv0ZP^z9-RB7u~)aS9MgvR3jAy{`c^-nm&IJ8zm
z2ElPfgB6cs-1+Y6k0ST%VSuiG+(Y-Tu6h5oA0uCJoxxe*2nIdAF21ljCcFeDM$WH(
zQdRlW?l{zKT#Rvqa1n9grud)T<wDiMlRosl)fYV?V!x>S+7@ZwosQuD`5C92AH9x5
zwidhz=Io~tSWF}3MJqDyg3aQ>iE~Wg*+cg8D3*;VYaG|=#=+fAkjyZR^9%L=<$2rH
zwT%Ileq5U8noW<NEAH`gShI6}&K-T&E9Wu)mGhVYi;Z!_+x?2$*O8F_5wp31Idvpq
zu_p-<=W|G->GZu_nC<t(^QXjP8^lg1XEu+Ie!OzvpDUoaM~j7i+*j>MG7ZH=2ol~v
zP^5wOr0@`v<PMzhYRu$(WybBa6Xidy?7;qt*o?Y)f6UHN2P}{d&^DoK+3Y!8zUIYP
zjScX-GL_5z=X=T>y<Ra?+|@%yN0=x<S#g&)wGKeLyEcsXL8opP8nLg~-tk?94!@(^
zxf})_n`^Ol!#ut3ckCH^fHISga@Vkj-~2?SZ4u1C(eLzOXPqtN{~_q`+s8*=)Y1k&
zuUPQgfrdgJ59(?2{B{gAC2O3#k!~}vVV57D)5R;Y#LLQOz|P(BO|!_&shzREXBAd9
zjHS^`BB*r&U1R2qb}(N=@*Y1=6}bG+k8HnP2ISb8lmlzO_v|qYQ>Xd*=G$ey1;4Xc
zPVe#k;zA5KX}gX)(GQd<tz_mjQ*o#7`&~YSr#cF+iALc(Ll7f#zl=g<<~qU1`9&zN
zvSPn0b`^@dl&v%D+}~2A)C6ufyd2FM=(J1NIYhj#ETzpo!+vA!WeMe6Pac2F{|!1%
z7t_Cm?NByH*_7e^!bw5vgaDTIPoI|e6aQR(bpOC}ZnT-iu$B#HcY|bxttDhKNoxtd
zl*LhllhMUUc{4d<i%28Ff+X&&VZs1;J?mMJdtJf2lWVc1G8;R-EzI2?j|Rw?QagwK
z6m-9I^FM-J7LQo4#HAADM^-wZKWx?*<W4mBflmaV*t79#_NPI#Kh-U;!kcnMq6S@a
zZdB7M)RdM$mPFZ-7hT20If9EloI<tk4QMy@SqPfppea37@Bc^eI$ndwwNtWFPYiyd
z><hCsaQEd9%>-k(A+=*2+E6Z-;A{J$U~)B3lqxo!&o(;uG_K}1aZlqKev^%B`GMU1
zh4M`{UL;?)@nU|v8&mjDUYoWq!tVP@^m9>f@Fo+o_b=efeKyX1Wb+SM05|^y82l&x
z$VfS6_wVTL-^1=-gM5#>fAj@GD`fnP?EblhhG@=uKlqIoL*VoXcEWE*-~c25r>88d
zEp1s(!T;D!{Fp<Mwg16PZaK5|3vf7Tkpxf#Kv<wmFQR~iiUNECc_a(KRzQRSI55$U
zw<iTflY*d0!Ox^%XHsx8Nz7o<d@iQYPG`SiAqkta$<i<c;9xJLv&Oy$wgU_)p=s>E
z58Q-C`UGym)OZ2IOWL`UOq8iS4>z$P5^*ZW|80nX@>Qr(5u6<1LPJ7!R6g&@6_Q3S
z0tIslMzE<`%uCw|cl1hok}##Go{3*&$g<dlk&bwMgDeSBHv_O2GoD?!6f~%e2W(p7
z3gp3}N9q{67mGfwkZq_gvs2}c4UH=q*OInDf3K!}o1|U00hd2gia4(i3b_IT${iP^
zja?(DmTZ8nKZEZ&84K*9SYe{}!WMqV*-x0XCkgjIzKif?C*WxIQA51K4x9Zka7+4+
z=#G>h(H-eu>8|g83*9{iVO@pRVuvb3$lZUc{O1U(O3^_~Mz{a3CL>~}g^a{IgNzmk
z=BRDWxQRl#lJy~sB~LI;%c#ZCUyNbp!bHCMzd46vwP4)JAzdOU$a)-02y%ad6Tg|l
zqnWGIdHk!;UtROi{+ebT6;;uMMgeFbALdgAT}bb|1!iWkQbw2qvjpV~9mF{5mbp(x
z^y&|A$<Vca><z!iuJ!-Wij{B%X6;F?EB6?bM#y^3e^RiwXrv1(8O4LR5df1WNnkzs
zw@{T*u~Omi{vs4?RX81$(6GOW(}{)&j^y`WQIGDoqHyrV^Wsx*`g0X#hI~pHP8Sa0
zIK8|lEN3ABhcKN<IE3qjSs6Gt14*MfI5?yDsfh~R41^mUtMit#tB?_1C9w<d0#qUQ
zo4|~dKqWkj_Gx0J;6~g|Qn(#TkHPLhz+UdgvjYh~vmukjHT4{}7Jcgr9gq_38fYI{
z?L&2{!|*)Jqdrg+z>v|MV&TyJ=>S&(f`oQ>AwBk0@VooWnZ`=B>TqzyX)r<UniEgF
zlh;a9>XY*mX|h<XE{&T0;s$j{gR&bkd9(;tR+=pWW3Z3r2vEPoBrZVxrB$X!zcjZU
zsBA_%aQc-4a&QdRz7|%&v0Ol^g_jyqetx1ja!Ri_Mvk9}*vOYBn)5qviTsN8$QQ->
zx!#FFZtUYIJ&uYTsa~~C1bqn1!g>7WP4XLCfXO4dE^K&0qB#0<;{}L#G9o>4A%0MU
zfq6L_lb;wlIIcs8A@W5~fhIso->fW)BO*sCZD2|ZO!&=nYZl?;pYWoER8WmG%v%8@
z^N_FQhQ2XICBrB!o1!G@=S($zPU_(&59$6`70J_Nh7NYM|8Rw>g%mTbq%(F0SnGVM
z7BfR;3}Xifge3bm`?*n^6I4L8eVY;Du@;zXXQyKp_H%ukWY}Ow#}j7AHj}co%j4+}
z+1uq)W^>2cfk(U1?hYwj+1?>fO7?fqKN7Gv{aLUF+E>@1)wxf)k8w2LFviUopa<KF
z#y_yFr9mJ)-pKp|0Rhtev<RF>VLQK^S#!r9NDwlS|09T?IJjvZ5elbK=r<&2H<>mG
zd|EJ^JO<=6q*`42(8iM_nsD-+C_}DMEo!_KP80fWI=e%va}@DX(IoxYc*@raLj*(C
z!a(ZXxwQKue@5NU#DP~~=}?-=LfO*BwqLx9N0ZR79Kmg=U=jr_qb^>e@h;Y=fDOpU
zKxS9kx=XTauRjZ^rBdYF&YVWi#kJ1Cn#;Rh4itzaGw~q0S;PYrP9V0o%a3&89|x^O
z&?Fn1OC6gB+?3!@s|ZYr^#lAvrN{aV{*S=Abpif=j{ga)a(Cf>H4^^_{}17Rj1Hrq
z1p8u%3?zVD>A~W*sB)Ad9S&`rfQ5t{^f_n)%V1CK9LP0p14NV+EFOM>!dPzCE~z~n
z?a4HJLE{}rI<^w38m2MK+P``6xbYH~BeM%R;81hQI-`)EfdSWmlIeefKJ<8+L;TKd
zh-#!kVkTH7V2d|-P)0qcIvb!T&kN8w00@d}8-^gDWf4l2W5>mC_Wq@CvJ|C;eL-99
z-Lz#12;fhbY-qe45NpkSe@#ULlUl%IAqRGWSlyps`f0qSzW%>geT!Kg6a{Biw_yKQ
zcZqa<T#XsWM2JYZ6|D=UUfkrA?u}`j29ZRSN5hLk<DxPtgd`J^8(xB8pK)=vwRmQB
zDNFN=Ex;NGtMoJtJFIl9v?xUwnBE4MWOmbHWUi@pnKE+%;n-Io7txT#e+{bs8j^z)
zMknFNJqU@Mzk%k;nZH+s^AlY;yZ`H(MRnTQ?BL?dFEZUr61-^6wECQRC!qWPE9&;L
z5<-b8;GjfI5M1kS!I$^1i`YXs)uPr=&6}FoeG5guT(uHQTO##oRjWnR9|tiH&D2<w
z;o+4`8JxbkaT_ho4k=A!liozMgpr^VFt2zi28CwT$&zbw!g>U7UOks5Q1lSYa{F+f
zW{U=4%P7)i4Yz2W@*^0kT&<!xor_PdGNSbD?VNfK{HdKQU0PhIU<`5U^LADf(9=%z
zrzUbV!6X)Os)<zp=$&XhH5?%^YUO)zVnnZ_M;{7SO6GtRR&U}=a^bj!XKRqb8x{Z(
z1(wFM6GqHL!+V`-kA_r{F`h@1IcoaD%YZ;Uc2m0H130c}kaWz`WVL?Lc^&ALiS3qw
zKK<@sla(Gk>p*Y?*N`3x=_JnvK8rX9lCbezH_^h_zzL=CGqF{s^iZ@lp-Ok3rYi1A
zuEZ9<*s~{}Di-$?!Tc6?6+Au_2vu^H<0p3wVZVXQ+`M;;Jme>_zrb#S4+a*zaz`N%
zCr#`c%EUE1>?gP@NsQo(qu`-j-`i6{5uhr(9(aHc#R^kCHdF1?Y6rus^|Y6e1bdjo
z=r`hIiCxWPCTGI54q6>&+LLzy*ivzzkla%$q<f)DwN%5fse`JYRF&QZt5L~Fvnoai
z%>{i0Mx1~?#TpV-7v*s-%QF3>sfIc*L}Z7b*b`%uW~h>*cWTnqu1?siVWuJgN$f#^
zJ?*}CK><a5PC^lc#}xBpu(1HmAOXtVl^Mg?t;KiC{jBfdg~XJf<xV~Cdn@psV#W5o
zLcWBpT^1-11P;*r#>f#KekWi%m>WVrzkIlI0PJ)PpfV{K`eWFo?iwjUlB@x+DMAdR
z5I;Zq)u=P_`3&?Zpxp9W@RGP<^haob6WTPx2MU=z_(qt{kDr;YUZ8CRF+oA(PPWTW
z-ea64-@9iI<U42x?dxpj^*JW#<qI=XDpXb`pu`+y&Eupi3ip!`2KCA2x#EH<{mdS=
z8aO$8no?RRNfCic(#cV%zDWH`?!Zj5r*csqlJZ^o#PVSiE`GH{k|=Ma4H8prFJrg|
zP4C)M!6k1gCGVR26T8Zt<K=bZ&D6<e`g~$y7YLcXL0ZnTvD#9o_M3vJc-(9Y#8@(V
zfb?l(EJ;3$Fi33t<av}kK^+>@?k6`4{ltWoq|i+eZ>1_l+CUJD7P2kjNSWGTx?<PL
zZ$j)gky-r(;3<05Gj+tPAVa{TIj}phlGlhH5&eT4ZQzUUf?X~IFT})yr*xD$VTQL{
zC>OfBlZia$5r*26|Ayb-s)*~!=aaS9MXOe&&n-VPoJ<sV4Rs*=mr;26j~Ug$&xs8T
z(3Nj5S%Q7dtm=|QwK_I+2kMymB!18b5G2l1^$;RZ%@fFZ<@4#<sxiZ?Rl42se-C#c
z=mk-bRNq=*(n%DjKE*md%{sh%a{fBdIMi{x0yVNWs_WxX!IeR@ccqWI{xb?fT}=p{
zuqsv~1p<nLm)KOLa*7M~p#D#w>b=S0)b0G5ePhz%F}&JzBDRN~65Wju+&iit${wKk
zNKWPr4rRMf-6UJP+@T(hqBs>NA?-TY`Cgv0TS`*<k1W$I?h!LS&gjo!v(QY)UJ;hA
zVehuw3G@CrhO(AaaSs<)X!8GDXA|6~V1-3odBoKu3~s`OK$-o@of4?)lVefh$G;^O
zHpv3)z}<^uEeztNywL<-5o=)(P35u)PQ|H7DRJ<5aWHA8yx62ZEe>X%$H703%O({J
z_SY^(cMZNbdR?vYQ-nec@H2jrji2)aEstNwH`#!+mJ2R*e{iQn{+4jwmP?NVcV8UW
z`5+RO*O=fx#dSV}V70ySC|sgUC-x%C9rc%BaP9ap<0a9b;3}3EM-dOh+dXB0wZPz9
zq=|omu)!;Bo!UC55{MMHy=e3J&O!0pJ4G&%1&G&j{7uqeCi;nXGAG$otP|p9dm&d5
zHye!}7dIQsMKQ~l93j+L0YC0f+#0{%*fH{BFnuEkb|zQicNc9B7H?G#8HTYp0Zp0$
zY(&9z2YlF+f(1DFK?*)ZoEQPm0GGTC3{`Z-`M3thtI{-uxZ>QX>K5B#SXq5HJ(_~3
zG7S~TwB)<FK=H>af|)_V>GAby>(Hw%K=^72hlErr*H{TNyp337U3)Sl8hHJ&P4Bg&
zDy|+QMj+f={dwe!pqY5)8BtJa+ywT*ilhllw50R1keB1ZwBm}_vB{OoqKr4=Ip_5e
zq9|Mjws3}P5U>vXmI9p`9*$a=+7g9snGn~_TVM`NZ98gmMIu%ZAZKW=ISx$?U9V?E
zBcO{HJ|<m|@N+#l%quovU?JfMf*S1TVteIqHx27xRq({p{{v!m6g>*4CAIIR(TY8e
zm>f+PZ>gl1f#g9xC!HF-z4FX`=k=4lqmY+@%M@+}mkjoR2Xd7<Kwz|E3d{Jn7-T@&
z#a{QoYHL47y*wd?R2>1Xcl0KzPm-iez}f8;*c45NPsZ@$5}Ph9|3!*gS!_~i7x;B?
z%m9-OM0G?6)ZF*LB&lSN@=%G(AcTmLgE3EV27~|``-%fAC5;oT;!J>+*Pa<S)L?O^
zX?S91faYdO<M-U6NR<p2HSRM93Mq_FWE9BFQCtg@gu8c5zliPj1xwVHJ=oyf1k~U(
zLFqKu37^jCu5})U_KQG2#;P%H@RoA0(Vp^X<ml${(xzt)WQ~d2j*$mJF{8E+z|G)y
zaBr0!fNcf`_ZGCgN}fM}{U7(4N+!<8UC|n{81<2lD8k-YX#-5|l{R<6rsAdytP$e2
zesRTvxKt+dvt!*Zvoma6FER_l*W+23bMHJ00;k+q6Y!65YEHTcrdj5JySw8Vz74@k
z5NDZ~y>W(kA~rGi#W6IL7{l}OIM`)yv~GPm4)zc{i2Iidi@__1bT|{niMH`B_|c|~
zcKs0~XkeO$5$TP*E-6N&^YoY0-9dMNxh{iCzMb?;GC6eBU~<M?Hkc_6W^n9L+@iQn
zTKAc<lVWO$X`KeQ)Fz*7lhvIRF|)euNmkmR?x+S7RRdEh6VOCQHA<XAI=O;gT~K=t
z7Ge#bq?rVLuTI`hGokAcDn%?m2sgc@23A&-u$D9vp~YrOl_Cf)9=-v@-jZU~De&VV
z0x2at45<e<;nFh;b7&4zTqP+6>u1v9Z7<<prOdymjs1GV9x}ki?qfD`PAiHde{nO#
zqMf#z$XazGo2~8JtIdx)GyE;PT?4~Ez>UKacCx(rSc&K=cmral7cQIbvx7G>kzg#S
zXnOX+{dR!sRd_|AZJ}mLr7Y)Ij1`OwE1R|Y7`lv4d%OjiWNg}eD@Fbc-TEk}m2Po~
zHKyAhx+A*9iz6T_CQpP9p*X-Vc_*2}P$vV5hC0<vAtu+mq?O0+gZ-FP!+?x-46V|g
zFtkc{($Fd0LPSGP!(D%PhG3(Tfvt7mk~KnL-HzeXk>NE!iWwJi5ycg_AE9{(6Aq$S
zVAO^#xWk{IRUlo4S8+$>5pLPsY8m9SpmviC5GifW01?P=rFJDQk4Xylf0DUp_+59^
z6F?K#kH?87I1UKD(#Z+x(Jt1my$&OS-B2t^tMFh<4@#8~qu?>PS|*?YTYH61suqI}
zv%gpKp2P>?3O+(FdY$vuby5E}C(y<M)DTTp3+a|lPYiidG%j<AplqlkF-glOLtY|$
z5GA6f#$u+{XgovRSR~#?A3u}&%d!o5Fd*tWbqjgu-1@N=82N4!|G-~Ill(qlj6f)9
z)jAh9tB<DGzXX`cGQot6+UsB&3C?QUAgF~dShB)zYxgXMMLq-#@?m;$^w-y5MuW{g
zq4{+)X`XOJG*5R#^K?fvPq)(idRS+GXXtbVz7=r_h&@T%V#~)5o;7J9`?wS#d-{qx
zAW99E3FBS(9m0rUl(s?0pOVCupx>ZRG73h^h**gcvD_5l)!vMeQAyU`fluvyGD@U!
z86^i`AlA(?B5g6FL{h9n)n=5m_%TZU6CxChk~nYzmOfz_63J(d0twm4AtXsD1CBiu
z1nW?^n{*{Z;frtuU#6Gifcz8xT4`)4az*1{fbPdV4i0AO<~Ud;-o}CW7}nt{QN1T<
zwU47-(3BKgYDjTP+bj}>Fz_4EHY%75;Mb==#YvJ4zK$Br0<mC)%{SHL&kpZH#PmVS
zrk8-Mnb8iv!K9O{ELvXZzJG8Z>&g-q^aq7P7B#|G#m#YorHdQhDpcQ3Q8bnciTMMo
z=~k>@d?c)Ip&Xv0Xgn;1A-`D@m?7d{=+?*^FEUF5Yvf&ZM)fP{ni`vn{-|38nM%s}
z$dp-?+i4|Jf`G@uq+q$(Gm-U*BN!>t6#^k%&Q>NzO5hY$Jbbk<ITAp+UNzWU{Xw71
zt5ZBCjDz5j2}2x+m0S_^ibtpyxZ%3_M<N@4$_p|&;sxnWnAMi<h!>>$FUBQWsQCz0
zJQuVCaW42P@Y#a4s0&+>I~S8{W?`}lKRHB>N97R3WjMrTkiG>!251-s<qju!m`+&&
z#dW1!zXBnRV+1Ag3r!aXrpYb{pU<Qh+Pbt+M?{@?`>ny4skt%XBqBh-EQcWRD+fs?
zXZQkU+%h);w-=`vg_REA{)$dmD=T*-f?u0pY%auktzADBL26-4R$JSFiQ`1YPFxV4
z&%}UO7GZ^$PC$GyW46zU37?5@0L)Z`Yfi>QcoB2XAGL*1LW5bej%f*EV}@3zN$D^S
zY3{_yOu!n%*fz(Icrw`8jT`~<+K6G`T4uue!2BuQ@zJiCY2EQ<m_OpwEv0HYEm7~v
zVVPj@FuTi-CLNe01PI~>2{^Xg=zgBUZZ7Xd>Csx==i|rJMkg&J6ACq4rZOCyt(v_F
zXMv2H9I=xb=pBIb!&?KaNY#K$F*z2q6j8?`$`->~wj7nhY(5h=O>DIWJBhe)l1kNu
zPzt9EwnV<r(CSt;t6OJKHF$?WR))v(>Hyvqk2%;p&JG?$5Fgic@Ma$_M<T?6iy>_q
zg7z(d*s*{w%){V~zds>IW;(TO+F3Sjfjw^SJ@C$+b1L>8NQy^8Eax=1ImbT(e(;=l
z!yeYaGQ<t65!XHoPC<5=Sx6?9yZz*ry>u!)5gv|I!4deOoT3QTJGBKrf&>tNw^Lr8
z_N1)kd9OU24%Z^>KrX%FBQC6lvtJzRFw}WH>ntyqhYxA^W;_HpmdWBd#{=;mtyaVK
z!{EQ-Aq|zIz}9x-bb#fod(3hUj>{qbszp!mIE1H+cOYN0sG{ua4n){X1cz)KpO#F!
zjy%hQW3g-#rFgc}?B_ho?~QN@_X5S~%>GEA=D(~zc-{eZ<XQdk`DTCMfz-s<O-SV~
zX0Jf2dH7r$Bcmg<a|%g=|I)<DML16$*0&``d_Sp(L?-r9<=EC-!pR3mvR@%+W54p1
zNSt?;i-YOXaA#cRqitYhfRfY(SkxLU<#<ZWS4$wIHr<XxZ|JFOzvBpR&6!vs+{KT!
zr8bfkdJ@Q;tk7z3H*`mP<OQI`<!BYpdJ>sL5)XEF+u={Zq2^LO!|jedOqzm3&l`Pk
zI=#$Ith68P$3v2d3D7viI^YzoB?nq*?yq50pVAyw2iav@9o<oNLO=b;Mg9i0WfDB#
zalD=3QOGF=Jnrbv!LQ2e(kkwt`hkeLu+D+iC6j?>L>urEP&)Zre#75z-yeC7X2QsG
zOsfYIR5RvS#vGyrIN@>houIzfElpI8NM=@>)QRx;8JV9%A0~Ce!Ydivdc+VAr>&9F
zj<{YnA8%U*2XLev0lQ^SA=aGWK>D$S(c3c&)=t7T8r<wKqi>6%OG)r#y!p*Uctu5%
z(O?>^?+-EQby3o6?MtBT`jb)Zb{o$vqDwYNodn_p0)x$4z)cGIhD6{o2#Gj%vH!p~
z`^{}AW|ATvqBNWFUm+pi=<Y^3oU!@!7oZp<362B^Zg>R?<vdcF8SiXygQJjQnMq=Z
zAXrDh$@48idetwg6akYv4ugtPW!5W=;!zc-ttUr+sBd8&jI?|UvjxUV+QAFA%33wS
z#e2Iee#Ch#VI74$7~!pXid(XkC5|_d+Oj-b^Hu|6s{qY*FSTVni*w4<oYHc|6?c2Y
zUHBAY>?}LzLI&(vPGWy18YkmJwPAXdz9t!DNG;8#3M>Z!mLy=&lo2suejEV}FbCQ%
zl}ma%e%DCT%K+wNibFFdcJGn#<q{rJ7~nYt!GPyfd<YM{1|9|(c#4F_#1aP5tUbvD
zk&lcQ^Ey(2i4!;L`X0I(b)AL;sOxlmKwgvd@+<z!v1BtKI1_c1%kVK+eCx-F3)?yZ
zxOgdW;o!02(x9^qYbc&kh8e}JbO9jdceRu@Kv?b4LR>A1K{)gt#Va4k9X>?z!_GGV
z7mt^T&tem=jX}kWH~=+Rinzv^bSE26#fRWBieCovE8!U%+i+>8GnB0zL<;!@D!`a(
z;2{l3CtuS0NodDT=~D)UCju_mOjzUA4p@L?e>qp(<;Fv%Kvrg`bPmZ%f+gCM<vE9q
zR|*f#ZY1E{Iwl<p)-<h~QFiSaD9aHZA|ox#)_)9ma+PPK%d4dzG7vp0J5uQoyh|qh
z8Ge>ko}4aX?I4pOp*;Agji50K6|_cr1sW`JP^40xK@;NY1#EBCPXRFDZ&?)V(?pFM
zXs>3{ZZL#~^$hPw5BYBGP?mW-(y9C-75)_N{&T9?+DSwm=bP=0mkO7_5nPHw>(W0z
zw9D({>D<QCQFs&IFKfm3dPYs%1+${U2Q|)ypZ&ye@EQq=7lQs7IO=u6rx9KvSzf(j
z%JKCJ@d{nW3C9^_BdR#^Y~$+%G`Y%HDjbJHh^`&ybEigS)Lze4u{1n%aat6L2TG(|
zyag3bAm7j()7`0U1LXgB)C4XdT#w-Uv15>QsCoi<Z@j2?yzlJ(^?0dp0J=WV%2|gS
z?@Y0N91|S-o9nJ^9bz4`U8Y#@qPF#Rgzw@Q3C~6$m~5qq!G-X+txc*KADfh|9HDPG
zOOwFJ6H_T|*GXuN21x6|raz@kJQ)c*ZP-WVdGcBFhNrL?R~i=J!hjpW^$fV>Eo$2u
zvQBu8z6s4a9+;9j-U%*75*(mqD#t+yqz|(@-i2QdRVGq^=fJ;HpRm-B8!uXUzt*XK
z43<+-H;~Kpc)=dlO7K$h`!QOjnKI^_+A5B`1AvQ=?TI605Y3K+sT4eu9Gu34vL=el
zgg%Q65_uX!gVmsUtXT=Mt;)61miA<@0&$(>Jc=(mlWEWwvYv9CWjQbuJR=nz#U4X>
z0rYHyN02Y_%q*XyWxnzq>z|NT*OCpug{<|#@7r*HB~!s;k_>}&L;SisT`+olKui6=
z*LMbg$Dt?e*WDLI=YS2Sw#$b%&gED5dOgyUvUJuDYQzX&Oj<W!_wzE~AlY}0+CawL
zNbV6GKW(J-IXL6@T-xD@trg=+sDUokdwzNC24xiEu>MWy{_{7^2~YQK@)HZ^iGY=h
zs0=^dC->G9-uT)YdF5jr!1N`>m3210W0*@U2k{2Vf!@u?jW<Cz@dL##MU$VL36$?P
z{X~$ghD;oLDqCAhr891OA=RwJPxWtR)37s0^-7iA<EfH;;~R#0My)WN(ZAlUI{ny2
zj1Qjclru2H3{~f>Q%(=NPI(Eo2Q&qQK1*9Tg|}XgKEtjDY&x_8yKM)D;S)Q9ZRpo3
z6*h5?4;ENf{0J6fe7weq7YJaj(f5MqAVI+$`xHu2>OwGe8r_{c!3?w{nH`IJPmd7`
zWwFPIZFjwmsg3E4LX4x?+FRr0B###kHhDm$@<927*S{&%+w{UPblSw>!A<O{X4Jzf
z*Ya^xSUSl=nHmk<iQhi??Ui35<#}kcm`xenR7qlm#NkkKIoboA2;yt#C#s{Bw$5zg
z)sY1VsO?3KK&L*@J`=sg72hk)Lhp7(F9~%f0wsTpVof$*iU`g7P7$Gc-zoNu?wQ!0
ziR{F_aIF;yt^>ujqFS0H=#E^yil!EXHBm3~A@KVO&}~HdD-Tr^B!C#1>XJLLvc_bR
zJS^rqW>5+A4sh1O0lN}9+?>`DJF!60k=zNUnvQ&8Ctg-fZ}b!M6^9|4j)~4m_hUke
ziLQ4rDwBH1S}1KNN2Nk|D9+?gD4>D8+UR>5{nUK5fHB+TyUlvw-UKzPh`M3$VBsd@
zRMN-Wa82Uu0C6@cZs<XnqKcW|O>D0dz8aK9)+{8Feuc$nyPeQ^ej^faZg(wk;AT$-
zb9V>@|9&1m*pZDl=<uMuAR!u!WqK*hb1|VLFGj)GT<k%08QhFyHsNz<lk77n|G8W{
za8<JQxfl=#%OpQVr%cb=A0yA@)>nX#Fi(^{f!2AdgEp^L2m`2EBW{nt29$@9n}<Q!
z&SY{Rs^Of8oGHXfq*^j2Q_PV<j%4+~nN>$d*94BFV!~}f@C5+*F%i5O3BW(h#4iJZ
zU&y-^zjO$G>3|(Q{3?D~y!wG(4F-O1G5BTb$Ae$ZsP#4RD?kVgF@EQ%PSC^(1;4Cu
zKKyD8ieDBI;a4-x!Edwb7{5~Tcte|HSh1^6t+Ha*z$L5`&J~1rV}SA`WzZF66HsZZ
zpAK#;Gj$=6#$EL*ktmWu9H+s|>`27m5mCaV`cV#f9Pss09unfc*|S^AWM(&fRZFRo
zN8cwW3@QVjoy`q*w`4iQR4ajl!}S{ww}T)X9`bc4Q+YfbZp`8F7zS&Z_-*C!=qHb7
zPcpuIr1_q=6GK))jxyg(amdjoWOE#Hj0rhE4ms9@To8vGXF@LAdCTC}s0*(A<Q0+T
zT7!_Z@{t0s;Uiyyma@+h)+)47<c66_#c_ASPKUM$i+hvfVo|vMV;Du@X2HOWeks|z
ze(+qIJdaJD2WFjyUAvX%Nm_eQ{wvWR#T;_9L$?^(mpg--P=7TgikOKNKY{9T<#O(U
zxrs|J&*FNOCK>v%HWC43b`oHApr!k`61FZ#{+eh(0^icV$um<omE2L^==CY-@1*sS
z7*=H?+AG}zS7-DVkfDG`!Syvr-UOxtKsHkj{ctAa5;GI}$CF|HR?O3gwa>#6pBl{c
zDzBNejy3(tcYZ5}a_aELr*Hy?`Cw=NX7=SR8d!>hB~bV*_Anong6QvG*~ci0wDNp>
zUxhX&d(Y0`EaeghuT|jD<g9+dZ|A)7dCT)sZg~aX4#8`;9qK!80zv@>q>!SAVK)iA
z9-l(Od&ciMy;7VJDCrrFH<Pe%h$68&dZP=&1al~T2b)D07huj9!*@4eRQc!>4i@pE
zgG?4O1x@#6YtH~Vcp(H}8IhWJbsUyuwi^Md%HLh9&}a1mhi%6-i!hVbpQ}eECDwEM
zUtJH2K!X-QzV*a;+GA$1$6ZH9kGACyZHp7lcW>r=M+^=A%ns`C=-w;ZsP;~jhcIi&
zzEplO4NsIe++vr9b(5;wQ5+i>k>tfJ3c?}z0`3CN^Lp@wjum9C49#>|j~0RXHW5ZC
zUD?(elcvL(g3*OU@OyMkad~I0bT|}!o{gXSFUcr%Sizy_DM^EZ#51v^6H@6dXJcKr
zt%Xrt8n}K&%JKRc$UHb4{3kp9?Zog2OWx~QR;g6S1|qYARS$~Xhd6&4V0OY@q|H=1
zAm4!lk94az4zd?`haQ^tU6DQIQdKvlf+r(?@vH?0s{Dm=B)0F>#DOWV+mz>cVFzj+
z!rj&BMW)d2M}@YhtB{9@G^;e2ipyPcu$H^nt|t>{1HQNtD&NESB_7U4eYc>#+6#y~
zn54x)fmEGU;Zk)quJN)((hEjfx!A4!cBOTx`sT(PvDAHT`JC`!WW{2>1fRkFsY{5r
z;ra(jOwSf~?JCwQ#~{P?k1$-)w8(T{%><E5H)JN91@S9j;;bluE{)r`6d_7oa;|xd
z>6baNQAg#Q9rbBcYf$>*2&HrTsn_ZsRea+3iM7EB2_8GZsSNvVrK#_)DBj2uJ*)o!
zEg$V;`5}yK%gLBj7AELB*+jYUVE+L7@^Zi>$tg3%VY%jI0!7dfCPYN45HUoh!vuaa
z@A_5`Z0EPs`*iyLTpPdmXHdA$HlD-MFE_n(ne-vg1sb(xcV1#oG6KzYkl3DNl%t~y
z9EHRQsx&4%*FZ0M6l>@k&i7A_XhMoG1FRekFfGXolgLjNqSFpHz-b8M8}ktc%2Qcz
z&Z-<5_Z=%10X7C)_+21|1MgveFElL)iPNYd8wu~?;!ECx!q_=%o}7PxjvcX|bEeFR
z43}bqgMc8DU59F=U&ko-Nvu63jZhSs!8kpSjF{_&!oSE`cC^BONCYC$F!-j(N8%g8
zzPknYCMuzW;4B<=ZbjAc1Yd^-%?W>shQH*gY#ZiyN6yJ^WqX2OA%c=lCKRY$fx3R4
z;6vjz56_>Jx0V_-M~se9oJ3()#wdzT1&XNHIMJijZBqzIGjW|-jZ_TN&QeHmv{xM_
zSzN}bTi*oOa2PDv8LkP#l!6@oft}2=#{{QWEOx&}08XN|5f{KLzldaN%pu}yj$wM0
zY(NC!+02BICmOC2BO^45ks%a$IPT*-=hG9{D?Li+4lvMl;tS|5H_-9xgwRJ4=)~8A
zj@}qL@o>Fk;hOCNQ?Eo_*y@R3l^B6F&LnsPnyL!Oa||H-I^kD|OrS}8O+e_40TGV?
zg7%B&KbR}>e67_J!6C^6jwUzqT-JO7sECfRGK6jGlZd1^s5&=jC=NQ#spg=$@C2M&
zeb_@TUgG7R^khS~{WmNE{SOrF;8+y;l1X^>4wOXMXzxHTUWr5~n3UR^vC;+40Pgk<
z;Bv+Bb3%h>60ckA;0MrxLB~B0z@j@32Oy2@Yyn;#ttSEie-eSG52{nf2UxgHaV+hT
z@u!7^8K(Fr7Qy1Cmu7130vK-aJ9Mv}2WBP2YYE}JK?Vx<cES60odB=6D^?fmeYLH(
zCs|fFhEiM5f_YqmS21{$Ki3Z8XCv^&Wvdyt5^=c2sv)c4se&bxXnHh5cbwp`)&%rO
zl{lG=N?6mHfS&L{v>Clbe0%||cn$F3*ug14nvnlcXYF3#Kt$Q~cOZ0o0>-j~)8MKu
z#tcVClyK1zNXX`ELOVE%sm@MT$JH5LS4CoyXa={$^#JpNgk?isCJl+oIY-K|c9?R^
zs`JHpRviU2coXWegH!Q)<3+={+Ut?OUtuu(-)8HOSH)|RVDF)W(QJ$j@sMh$DMZ5Q
ze$?TtNM{w3JiktOJpcz5k)HnGHq?ZLOxh=;buRj?F^MSpg6{*Rjpx&M1cW%rkaY#;
zGLP;Dhk)nT63=z!!|K&QS~robUj}dec|;PKDcBZgxLMtsMTHw#)Naj&@>{YgQ^0Hy
zQ$T&2?qHKt&T+`QMUc<<)DZX{@T9U-g=FdzzLlt74MI%RM}U%U1A<I3RAgYmT5bJm
zK$%HaQ_1=<02<cca8;TJfVh|~ck73ufcgon7blU@y?DuyUNl6#Nd+rnc!&gB)C3w*
zkL->H_r#0n3lQ&wN26E_0d>@$hXNZr5P{jr4EKu=6kN!P7$jr98KmR>5a3`h$Gr~t
zwJ0((y)0WRuf+yehPGFK9ZJ}qlc1CYr8G$R1R3v^mCsuRj&T%c<qxn59QzpW1T;Jf
zg@!v;;zy=IS?`h7dOhoHNpb~}4B6d-q8R~vH#0LP3+n<U7di-IEa{!VwC*#+&VUyl
ziqMtcF*}OeS~Fj1ik%%+Ux5ga?xY|M@Q@FI?yU6&!WBFlt<JcszKaMqoP;Oqgs0<E
zU94X(d<A^rgBZe~pL2k(`r8q(-43=eRkwai!`a%K<2Wbe!1Ti1_zk{=qh92EB#!mM
zS0UU9Wx^TJawpbB<+@=5u~VPx21cJU!kvlu?~44nfuVc~<$XNPQMFUcoKU8x)%x|q
zT__`zvJbBLM@D5En9~O4l~DVL<2cf#CuEx7v(??*K@G*o6V^%Nz9**5t4X_w#x?xl
z@e6+V_yxZ~0uP$je~BreaV7k)cQMIt=>`af?17?F|2legZ}=<DM@L}Qy$X@e#s)u_
zE@bW8hVL8EKT#gonnrB>Xl9g>K{qTj{7)289Km%sQ@94#cOqf^iRgH(M(e2dw<Ke2
z_39I&6s~4@K50efo%&nAJp|7o0sss3SH6lbOc&s;U}x=(z}phbj^=#_M*dMAo|TYa
zVj(;eS#h{Qxb50QNFUT05^TdSW)9+yGv!-RO?V^1!mIf6qJvPY&qeuWbbfBSy}jlg
zWnG%qq3EURN6OG0#W`uOmJM0rJCQTkiXR&uEb*C^s=7@MkawMPL?JodQE+Q7K%r0^
zk}>Zm2ipQP&N{{#yu@lh){O6KuCYcNRCTdFWMw{ObugT3=HW>BW{w?40Z2&I$*N~3
z=hmy0W~bY8Ql*(vs7@?<54=WVrH8dnGAvVU{&s+g1l<2@!8m=3j8h{xdXXTQzu`4V
zJM|%s3o|%BjW(IVIVmZ2AVv6wr5xZgp_hi2)OwBvdm}#K#A+wO9~=st>9U}UwUK@-
zgBXXxkFAhQ*o_xAtG*Tmi`X!i3OB)Rr@||UcImid(L?o{(1yl!l7soen*c>~P(xw^
z9q}X3!^LndJNv`S(KC2PH4%OcuHx?CRru70K%R~3k-c)NJ=rWKo(tO3m<T?M2575i
zlz2N!Ov1K7_!%wnwJdQsDsh_U+O7}_J{Mu_RayYvRj&CW>+@%{6>-jCW9no>I6(*u
z*P<!0hwX|zFQo_UJ(2H(R{}9j-&HewSI`F<AU$1zK7K3vc#=&Gmjgs6+y#0K&Uevu
zCU^wF@nkx3Ow?u*JBrv<P{6~Pyc9xzcu566<jb9K2WNLfCfCoGIeaz~KLtN{8g>&>
z=j3^w3Khk6hieetzp`K4hr=E00WXjW--F+3qSQ{CO?o8Z;RNvC*(=b<Hof8mZ%6<H
zMPhg}+~E|;S7bWjtAI14e@>i!`g|&ONS9Q*;ox{Se(j>#r;!$F?Z1-<4a1239z&IJ
zj|O(Zs|_57&=wK4Z`OGr|Hu=8FY}j1AMl@YEcSV8IPQ*$9@WQWF3=dJ#krle0NxKF
z95ljCCnd<p<1|JtD3Q!_9k~{*7J0_)NPipqx~K6Hq{rt5{oKe;Bptq)o<!rH`AIf*
z@q@Kxr+nSU%kfPJQuE0w%&Ui|U>xDJM+AWxt9FcQU7BbTQ2o^){H%;Uul`XEg4b|y
zSi|WReRw#&DPcaR7q-`)3Urydwved3ipWbShHbZg9FjI(hT5b1C1+cQz1(V7yukf>
ztAn_}9=q`hrlRAOk%P^Z5H?sGY_d3RiX1Pc17jj>y$85`8}OuDf-ucZR#n*x;a4+c
zLRoZi1(;P9U0jj2Cs}lH<Z0d1YLM6w@bz@a3R-Zxp)I7T8NqBC;dS#BDb0-tIy3?n
zbzrqGRSz(?WxJt@L6~WGnP1`lbKUKRal&Sp43u!mD1_Z64S*FC<x-H4+=>arTSo~=
zo2+-CW4sjLCnB7Xd#U>IsIic&zXSvY>pscwVJ!Ht=o6lS$ZETf#Kd)YAL8jDzQb=C
zkI>PikkO=2(Ik7%o+Jf@H%lU2K)4C@GxhTkR0?m!Z=GvUAv--($ko10D#)2})?Pd4
zczD~5H(xu0-n@GKEax;`OH*ynyP~Z_#}eExZIkuWvfzGATL;qFocqR*9%l&PL(Tg3
zDgx+)C!y70FQ97dM!<9_Q@a86=zOgTysrg-+hwn3S?yL~iB&ofRbwN~62g<2U-r2e
zkrHwuLdXTPyutN$u#@=9>9>9iJlO0-xlds3Xk#w9pTZDMr5xcBaw^Ni9$P%8z{6d7
z?1?tvQHf7xes2273`(jvWTqIP87E?Zs5W6r0X?IMW1cbgVvJl0+)cfRJOIJn@oGd*
z4faIdTj+gW?7fxV%VX~zdY=<}UqkP6WAAI}eXtM}^*VZg6npp5`%vtCJ-z=`j1s>A
z-g4%KOVA+$#VPtA@R=fT5co_HDu{Td2+rPt{wcz-cVNL30oXgRaEdkW9auEQD)$a7
zo?=~l2g>Ow*0NW&i#y&3Cy#5pU2k`8ioTSQ_tHokWCEi<#QBb6eaOt@^-nrjwcd}P
z9dANnDI|Cwy>F(MM<_eq61(0C*A%@?)RsGiT@o3*M#X3@ch8QBQC?m+J1RzhdCBak
zxGTylW=F-{QeHPZD(<4W5XRj#7s9yf=7JG-<BTXlNla+9uP(#+7ex<K5)tE~cK^(X
z7!$Q0&WwohQ2Wiyh!_hs``{UM#5kzo9J96ZizD)%UHR5HVpips#SybAuf-9wDzC>8
zvnr3#Ut2sAsu=mT(U}o3>TAc%jEE6mTOUP;j1Ct_Ea=z!LbN!ZB$t`>R{aFifH(C8
z0(KG>=J5Ae7;<ADK&ZJWaBb4Eg~tvL2aDZad45`%dG11~J`(;6Ib@q9LKWe<C;$+~
zm|OJVjrg&{ov2S(Q83D_JNkb=K4S5pfUBc#x_4Qv=SflUvf5>_J1qyntEqc2-JRBZ
z2rwE3_R`anTfL>QdYvRN7ZqkC5PrE0i-iTr^3&dE<;ZJ@`#n~UbH8n^wXVNQ?<CmP
zQtPu1H}5BqHGT)zneYYRJ^LW7cn3jKt-`5eIgx!I5x6F7VpPTvK7c@t=KLx`d88;k
zIcg%pmT><f8=oq<XK(5~T_|k??kcWNJ`rCEN8S==na(Y%JsSHknd^SzH0z1iSUK)7
zc`n@xcrktYGQ4a#pxMgll=qlzT=0F9%t5vsrU0PRPXIu&BARd>cD#|2cC1&@jlm}D
zB_KQ>a;G=}4uXupyw^V!O^Y+4Zki{G^CWWJh$uOpli8D^f`Ijck-d!xVt+#YSh6G>
z-*+;eETK3M@Qx@z97o{&>jquQ3IH!Wv%Cki|4!h+2`^2ud$uh_rw^U9z^pB`m!siW
zTkd9Xa1=HKVJBLSRi^f1iRrt0$E=wC+V2<>U}v4F-wV*UTkck7cfx0*ionAUw(IRR
z_bFtBzs?k%?3aP(a}lPQx^te0wV~YfP4pE;(>QA1nnpq3)^<SVMZM|pRM1a&41Nlp
zEJ1}7OdVIo@Wd$C$;|HXRY(Y<jM$+`<u)o0??InHMv<-EgWCM8g5blj9bY!}vBMg@
z!%u}g>49?WIVVOC$@IXNjTEjNj7jGdDBjm8v|}sm^KL`%VKfQn`}Xt_BoOtCuTA&(
zIUSR*uZ%I7H)9fs4notIXmuY)W{;nkFWpd|J^3#5UDdBW0D#n^fTw8ChH*gOlTM0&
zr5>4%<#Vj=%dB>eU(34NI`CIkhmPfyZNulaQ6&b0{MFXaUaW4?1kT#5cLC*j*u3I#
zT@|v_WcW$6Dj@?@{kOy4GhE2)X<2C^88T!9X_@c0XwkCnO#NdB%R&mZo?ZV-c&bO{
z6ZJdc$a$$`_)$38(HDu@O8`2yLZbhKyK6r|L^^y}et(MJ`Zw@XNPg=s0*u?Pzk(O}
zyxIfIXY{6&0w8ukf^17qr)n3Uj8rKt9kZ<I+utL!{!~D^9buReGI;dxVBgH*(y1Vb
z;J2u12u~jS8SFKsb1_NaK}7A^yU}H4x`l~NbZu6<7V?jrU3<YPs5d9|HrPkFSv>?D
zV{ntes|&;9=q9Ue9UHa5%5KrVp=Mipuhnq}y9T@8&O4(%`;GO)K>Nvpw!!b#wiVfz
z?6dcvgm=p@;W!@9VZ2m^@2s&a+<om{0H&%;GBybhMt>ssByvNEF1Q0<?6dAh+lzAk
zyp{N9PbY%g5rfYs@Im^I^W%7l;3Mk)7(R*ao}dliLIORMto@WYNY;OdqPDxdP_M-X
zA4L+9shOXzwsJ4kc5b(YT<q}aNKwB6kkvnd%&_%!J_2x=b3x<XoX4cQ8}Fgh2~I+k
zoe0li3e0^>fIBcf&?-OYR5bNw%+9>DDdAxHnM)?;!A;IkN=oW%!@-V(Ntx6Qutnz$
zxP>e-VCBxXD}jdUQfDi_xcVj)DL8JkP%YrX8SQ9og36$uj<(Ah1fou4<g{X-_7y<u
zN+0R5#DE<v0c9Fb4F)ERUKG&50T=!^N7{f}>ltOn1LCwHvkl%Ov(`XuCG*Lk9H<@L
z;(ki(R&M>h#2etEZ1lC52j0uJ%k12{91Ek}LJX8hx|ve81eMt%C|TrjyO2pC$*CC_
z!e;l~6k+wuh}Mji1hyBQkz7mbSotBZ%37pC(L=!oaw+x>crMKy+X1+2jMQd59&7}I
zzhO;yW>bf7rn1D(H0Nch47bk|kYuTl!nB;xv3oDZZbqlu8DrN^4PnhN8g{JlVzewW
zZ?3?tty9TW;4F>U=|PP4%ElDt`xrQFWf6}KjM;vBGrW*@G5xn72TjOp*DxKc0$SR!
z8nyfFTG{9)@b(*@41_e8YE~;>uHi-29O>h|%Nn|0R2;2M(Pm%yh|hvb8t-GjLI5s=
z5a2y0aC<y+KylXl*vBFtNCbn_{c$xF-EziLZRn|=ob3&4gL0pZ#pY=soqEc{xDp!6
zZe@5l1a2)?88$33Yp5+e9klmj@WRFVuR)XTUa=0*lba48ly$>rp+V*b?OoHS&wGQm
zCR8e?P3^9dFFn<Ql;Z@qp&V&zw&K^8qBdj7Q-GW9!yI%v0zr}-5-Q!0DBBB~$iY0c
z5cCD!clC>uuch4MOZQuS<Qa#jI5O(DgDDWb#*09U@0WQ&@2p?N=>WVVbcJNn%)0Uc
z6T=SEZo?&oL1k*%Bi^R6*sT7`bk#9zPQW|uEX*u2_m#kAN`ZR4UFF(O0Sq6I@%ed9
z1YE!}mBmKi%-e>krLEdwd&1X-UqX_mYUh2?!GDWtXE#Vm=3?8*S%Zh@+5Q6D(b)kS
z`4`k<h^Gv)sGik4gM$E_)TLu#A`3Ny_^eE0ye9DnUj`U@WCnZ2urap$9>_g;m=@ea
znslVA16Hx>Iy7(UCTzdD>mPt%C)cbIvq7>ll%7=$`ZpeYE%ngEFSlMTP_Fz;Nu-YT
zJ*YSZaV$RF;;A1w%yrA2dMWA!JHm=1$T)2ZWYr7gXolOk`m@nd^|e@B3Y?27{j{D<
zY=BE7FyT5xMV8B3A-EUQ%O>s(s%R>AEVqF|>q(9#%r}@>aaoy^tXKUtLiaJ{wl!zB
z$$kvW7^~8a0+2;{A2fli53;XRKFw`YX1YCFbI-szeBEXFy3fOM&Oe;D3vU?Z{gCu?
zJYps9sgIFY&+HP`L7<TjOTApQv5#1W0WoyUoP7j?=iNux!3Zz`an+pdgDlRFIc;U$
zdHDE5tp)(mS!OF?n7e;LV6>Hx2`U<NNesGVbAf;e8{30)_*D)N<=T_FJbVMoLvp^I
zG^|-oz8{#cF4V6ap%~{yBnW{-7;`3@&6ulh(}dMmi}<=XSd}m7+|4-|ycq9)!2Wg2
zekX+eR;4wv-w9d!dxpD`X4q)}xo_l(nD6hQNnqw$nD3`{=aR~O3)5XZQxGRicXzv&
zN`wy}3mNjHGUUlW!;rh*!X(H`)Dc6Ts@=*m4XdpTIiw6oAPo6ubnBH?hCFQ;axc6~
zH(M<Xxfgy8Vc5$pY+cRqq>az*1UpN(aI=zsv$>LEl>`@_GhBF%`?B^1yMes72kZd7
zWW8aZK+dPmveFwOzWY)uI~loev(oR2c<|3zo!^N1D%tjg;fM!6&id1_Iu@b1^n3~c
zu>TGkbch9kDY~x2U14k-eg=@KArw3nbomPmaI&Kx09<5O<x6=g))DzL+~8^?j#$4d
zBexyghqA&yqKtAzHQ)zo?{3C&?-YI(!%$cdS@figX5xFAiMhFwqH53uHgzfMh$i9W
zRCKdF>++;Uo77mJxRZl|f{WC(*WpKZ5z5n>V{j~fT=j<XwGSdew^OYD2(@fagy$k}
z&K)o`+nlajNVI*rzfkf^dMa6R%(?o6mXJn~zmy_-Gyn?$Zld0B6qdSzTP*Z~b8`J&
z8SZ=iUQGPGey>ky^@A}fPW=Qp55LU0_dv`zcps`;;v~FSzXl+JBf}9nrf?ZZ^#X&^
zT0k}to(gX@NihTKE@Tqn=_VwnAvx$~n2>f2X-`Xk6gvG*9JzKX!`cDIKa+FKS9;Rn
z=a8fRMlj2Tj&yhzJcazUU+Aly@-z&mKF72doATgyz~wT;_1E6Vxc(^4E1-8c`xd(V
zuIfR4SL@C#d>yt?z}~v?869#SlNbDgvd)PL9#z+w@r9Uci{ZCW6+%RY@q_LHE{m{V
zX&GSb02|U#Jg7uYKVEhV-FV3guRP(gs?Ol`C>!^<ArN_)ab+oq!866LV67>}rGgJO
z-PmjIh0i<ec1(bNceT&&7HMK>Wk>B^fg9UMp(JDtUTzAdc&9yhO<YVmc$10A1n*#I
zh8493@1z^@8N5*(yo+uarAVU6H?*XAV@sMhM`?n$z{RwF@K%QT>b@;<2XBK5pgzF9
zT;MNQ1)dCc>trWM|J2Ip7$^KXs15-~&JH+gcEIto0}h`Zux56^F|z{>ogMH`vjf)7
z2&fnd+5)z3fnNyTF6|=G8iLh94%|asp7hyOSXf&%0UBJ0EZQ>>eMa^pifiuWV^A5t
zJ9sxUu`}>wL?(ET_#(9R_&uxsjcDspw81|cZ9TKm)-yE=Z9P-7(AG0G3vE49v(VNv
zH4AM$Q?t<4Gc^lsJySE$21wV<i^m>qYQgUb-iyZK^0PFZ^qLLc$L8auu_B&YD^@$x
zei5kPY*6PqF<84EXzh-%is?<{@<&?-oNx6X2(M+WZCidxo3FZ(JK8eWwfQf`n6<1w
zIuP7-(Y+c%W1P=H;44cLt<H(ptWfJ``k@c;FI<f%o3Jfh_L9GuX`q>whnYGUmjigZ
zh`~SFm8|yXu_{wqBr^mIbabpoiV(8}j0#A>P_+0Ufq|k0p^$poEVM;rAa+1C6qw7x
zyQTId0pa04zp@hG>=>&g^YbhD@%@PLf7pCK%I^cZl}%!)y^1hgN*K8Cem3@D;bj&8
z#u5OSWW=_aE2kY$>SzZdb(GHFy1dok!>r3~XGd%0+?99cx_oq$Qp=sSYCo=pn6j8@
z)c-Mz4|D&k8#)r*?J5SxKE)1xL)25){jHZHCD^yks279M+$R;;`7Y1|6wk;RR1ctC
zN#PN=FyQ5R^^gK{m1DcJl_SA`G2x+L&iGxfb!ezARM`I*u?o&%m?&4VyR*~YGW@`i
zf^F<n_)3&Gooq)C0OUeab-h&=LwMp1b)>7g+P?!%!v~5DP|*|Ywz`(7KA>f7w+7!}
zB_WRnZNJk>f6z*j{z;>!p`{-OPH@zMN~%xNuh|EW8fEySkQn<+S)<HhG1auHU0zAo
zEpC&Y;P=3vQHuXJkS4}Jo7gY>gp@yy#(~{*<-#V^?5R@;HR^4YiGof==q1e7pe-j9
z&0~q;ZrrJp>C=`3iZH$J#=RQ!l^}b02H+3BgOe=TZyow{?$uOYN?3H?*W9bs>}tuL
z`Z!2e&&x7K8Wh?0;U3~b<O9nFdbxzXcaB}V3Z<&Kx1;PuV(qQdiY>)LlHVgKV&ksI
z14+v&ISmw<$+Fr%vj{Bw?so22KMtQt&jF;un6gfr(6hoTXCY??S_tG&!V<#Pr0hYt
z=iCT5?*N>_U1ebQ52-|kl!a!TvLcirQISecQ{M?B3G>Diq(=ZjS`lTgp?zVx+tVEz
zMg_J3kqtIu(|w6mSgE?8w$){gouG0aj&CSvTAu_QiSR1+H2~=zbccE&qRcs-@{?fp
zvL20${R~lw@P$Z+ZOwmkve5oK17&=Q{pp0;5xHBp8qf`753F&*Nqh};77TTQaBbY>
zl~N4({U8#}v|bT4a+w3I@{vus%uBHfd>Zu?GmgDm3eHwm7^JaaNDE(pDsfgyf-jab
zsboS=Iw8FRQ6jFAGKjm=U40CSiwhd7z}He%yU<%&3Y79z;bh3_E+o1O*xbm{9OO`7
zFbIi*r~qebC!K>SC}Z|`N$FKQI5yFZx5%{l!RyeQP=e}!64b3stS2Sgr7j$#>}6-m
zxv;dLjG)&eDEI?#j>CoCLVN8YW@}d(K&is1;<Zy)(o%j5PrX$OeyW9c;JvScmzI7m
zq_wJ+c2(C&Z`-Y?@^NSZn_Id!$itTparO_D%iWRW7IHmSz4|UZ;$U>0cUV0yi}sT5
zwK_i)xgWAR|I6y&`pkJ9^OyCRs1HSksU10X4I*0bKeI2NkrMDzN`&@ql~CJwOssO8
zlitne^B^GOo1Qwyks3tnfTTE-Pr}kx@CcCD=_IQ#V5|Z%&_22Q(L2Q!MsfMSRKx(W
zY1yTsH(&<W47~w8!{StEby}}@vyLgYZ6PS+U(vR1Xw!iw)<b-e5(i($g_!#L5QYh_
zy>{%m@fv_5rT+q8A?95i^~1P&LYB51==9$aq|@h6SIP+?Au--n5KfX5z3?7{RS)u}
zR)HZ?a{M{TQO}`nMJ>^aXzuTO;g^x4;C8ukgMaxtOd4x|hu<JqG5kHGWkbNCcuVS~
zyq2-O>cykH;$1A>>I&rV#$#d<7Cwah;d{}VikB>k1DCQ`p{V|c??#N7mms$*M`yH`
zTHRMGt#E#P6PgCbm~%?J%Mv~jA~xIzkO|Y>N*7l4PxYbswm0bTJ?f`p@tr>ll!rH9
z>iz-h->!MFKb5>o^-ENK3uQs3c0WEC&Ibt>rn9|VlraYruWl(y4l{Kf2rYkymE}53
zI>27i`YhWJJ_F=e8it|uU$gB{C5@e>iJ=ooCwC(P@7FaUpZYpA=DrWC1sxF6X1MZP
zL-3!9@wOfI$5o9nJH0Gd`!2$b<Y}IgLdaI!K`<FAe>>0`INr)B|12_~cDjl48v*Z~
zfLGTf<+!qy4Q4bR07B2DY~GF6*}R?GcVVzN24J-t{ZH|Nk==hUR>y%58cPz+!U6gH
znDpG*Q#XPnU7aD#MEt6F1)Gta3nukGZ7Z-2cye?;vA{aU$gXUhRb2es=GfbVHhd0k
zkjV@TLJ#K6>M8nFEp%LiI@C)=s^<apVt0pBJ=b-X`sXVC-~hcHa2h5}uSsDQ{B&g%
z3>zT>SnFfXi#kNHg%d$cH%62IS)Hv#Aw(wV@8bsE`;`e$dU=Ai;22$($-Ddvu-`@e
zza42Z(hFH<8(D{Hzvn0q0sU~*`zY=fWLI*Yqf9VSZ+mVsa6oLl7V=8~7g2?BY<bsF
zmhIgr1%`FB>>NVVs3iOdLNT>`44<iwfy;8S7IdJn0o5CLs<VyBs!!15?X?Rw0XwZM
zU+vWh(K{bPrCJ-59GDVFxB`SYJ59_(xz^faBbhvGabphse2fd}O{$h9WcpLA64At_
zNNr!k8VuXtolQ)QMKd9%f2cFVNH<1Ncszc%?s~OvGlS8e=*}f%$1GDPgkY&E{zV}=
zhqUS1Q#K>5p##^ewtG|OIvAX<$2^DIis6Tdw^VqCqVH4uc;RR8Q7k&PU{U(BT~;}W
z(8`f?w;L$sBc*{0Ov4@%)_V42bX5EGeF%8d#GCAmU8_70?HLZSmYfx>x6iN^T&Zr`
zy4R{YD!W~8tLj-(9w7I@<qU=6{|kT3_$P_}e=+`TzI9+>!SwA_*TRKcr{V9h<jVHq
zv*<<B;g|!?cQNicjByfpW;$HN0exaRT#RpU9DZc7XkjRH!dSSnpWKDc7{MVVDc+>i
zeN>a7z%=oBnJ_4VeL1=+-Y2AerE%H-d=A3D2v{93FuSRAya{w8OPAqduK-D?0=DWO
z9icRoHes<W*G`keCBtasxDdG{Vph#4C6xw+kvD>hm&uzKp6u^uz_4)!48kTVJFVRG
z;eQJVGaz_{+*>&ZIDpAdU$*pS&Vy<wXA0TYb0X_GKc2`eZ;nPAL!Jdh1x+0{%-o+r
zo|f&kS^IKUzF+5Cyx3taJ2~nLwds$24Ec?7Q8$mYvD*p0icySn?*whe%3r+;Rqf#H
zSnImLx^xG3qcYj3p8O}^U9jVJ{4U&a2Y$=hNTF~LscD_yDEao*&XsRp?YZ*pukDfV
zg4+A#yRbGb-$k`Y<-53+zmWOM>Dr(=GPP6b*zrl!0s`au@c<yao4BM-I!u7z1WXX)
z17uPDlOWLtjDxt!Z9zc>SCTcGge0F^|El@QzCWj{K9;x*ATC+=W$waq9e#}6Md1Kh
z%2e=sEcC^ZF(-T%(8niyt4omx$0!ny6X2`i)Kts6$Qh85u_ZGu6feu=D>3&Otw7Gn
zxF(}4gvd)U=b#WPz#T{OTQ>B_p7r_WSt7?ASk6{l%x-vA8XlP*<9rG}hGq6Fh}I!T
z?zn@yHsy5V61Cb#YOky?%n$h@nfzc>9nBR)mvT6#NY>sB#F|A3Vj#m8-5K*mT$%86
zvNkF;l!OkD$5U$M)0S9Wu!{t+Y#UqOH76;L^9Q5-^(l0_aelh#{7lpNuTAH_(J6W^
zYWD>q4kII3368$B9QqbcNT)5oe0xXzrHM>s0gj?pFit;u*AFRNM7qW0-!0)b8eXGE
z6;4nB&4`!KIYBSIsEaZy*7+6S(ZSZnk^R;XrZHA30llD@Oa(lx&=nPGvI#HfCJnYh
z?j+>!Kn<@8U0Od8f!n3b!=f^kKViXI&XW1c$<{89vzrpJ8zXGjqnxkCeXRYPt<((P
z3x#bvJcBDjlS|}gKj#cVQgI>{excr@wQ@YXZ0LfGfE``Duq@3;M+tG%l+vKoEROl#
z3@dysutvC^4Y>Y;IMep!6GOH$h(XQzoIxGs5tklWyl1VssDil8C8-z+&0fhHaIn6x
zI8*aSOn>P+PG6gYlar%+yD?INHRujS#Yoh`AVNjSpyCpYEhv`&7j7_u^kyV{*VKBO
zv^RlU(iS+C$JgE-(>p9WXQxo`5DGR0eoyD@Z7A>SbK3CqdHXe3fG!o4du_}iQDcUp
z#w;|AaWL6pyhF1u6)ZuWGT=>%?l%D3665j7fZ-dDvrWd@)K=C2lT+xka#X%4ciNQ8
z-H=7uU9?wA1mDEmQ^gxoN{!(3#bLUa_(%$!-$z((ya@JDhh3o{8ubVcL_Gt=-I;;X
z?(9JC?p)vQcAFOlgM$!3zPq#=HpF)a>*&QkABV(=-rd1kcyTIrBtE5;rnorrD5iD2
zbRZ5rV;g|V2`s4}fG7cvbe^;hLR&T~Tp71_{SB9)PqR+ZE4pIoI8pT60dZmCXZrJz
z9=h>t2drSanqEJ-W;Vx7nF2JbT|cn<UQ9<NV*nawKQ0tn3kHfF*60+}{L{Ed<|p<F
z-gctC`y=>f)HbVRN}o=~Du(l`o!}C8Zh)=L79WEy+<4C|xNV6=b7$TpAw${pODI!C
z+@w4Dj(q_KxG2MY629Led@WOH$xMM9A6Xl7=@WqS=3M$+eM@90ZRX;(!P@uZ*^y<g
ziOQTkw;nKW!MG{%%xG>llk2^}og-s<dLOV6;{sbS3$`0u;d)D4a0Hi>w=cM67MiX7
zBF^3dSJFBU?fZ7rrx*>rXH!d2`x7r9MYN{@In&RuI9oXovls@%PRQ8Vzf|jP`Xa4f
zck~+=JRFj`{yA8=EbBY0509V7b2a9*nM}g?aS-8%7OLu^Dz|+|3Bn?=Tbu1_D-Q>k
zK~6c;17S1HB3jes@fH>Xh(|mIB)mP|r$C+GMV)x6P+#C%j%?Kww)pE%P6q0V?+0}Z
z6wAZ6hV2N+I<rG^sT(iCy^s|^jk+e<dw_#czO>T~M5M=e*S^w*Bf$}@-_;(Zk}zK9
z7mY!xaz;4e{gTg`cNiRbhhjF(VxgDiKc-o>XQ-eJ^`y~SQOpv2aV{CJxG17S85_p}
z2U5>$dYQknG)9W(d1h<d<AMy~d@<_Fd)qAX+P)KY-C@_EmdEJXC75ER)D+aPxZF}%
zjbH5A#G7d8p9A8a<fd-E)aYqb+WhfOv$R!j24qbV8%;zoM-L?05FZKIJRZ>2aIKI|
zNjF<$V6egPJ!V0FHbE22<+H(bq6R-6^cfgoPii0NiP1NIX+k&u*T<NHV?_P$>|^Xg
z`M#Lpp(4Kj;>Y4~Pmb8aV<Wcki8Faza)mMsG7)oM=_2E+fu6~3*u~Enw(bV<XO0yD
zp2y4ouA9aGYWZoy?^O=4BRJwc!2BHlhlKZrJ=EEA+VF*sF`+@-O-AIZ1CcG7(^@C7
zo@f$VMU|Z>g_*eIhH(_uGFep{%_(5n>?r`J#X7;PdMD5n4ei!Cu{)YOJDDLKPd;0t
zoN>seD5P2WlEkc4+RQ(P#z~tqENt0D6Hag3CNprTbt@CN@@bEsr#h4idA9bk*-H?4
zs=v?P40H=~m8kabvNsz>!L56<|D!kX0DpISdtCbhA+?yHnrC0|XiS8hqlPf}z@Pa}
zFor(Ow2Z%@Y{Zw$<wi;W35!Sj-$Pz|z&zO)@xX5FNn3DmGz9iE>-7w0Ts(Xby%M=P
ztbsM{8Scc}amYrGyyuv4=ae#Q(Bg?neGl4XR*%W7yj+5JM|JNhrl`OZPaNwZ2$Pn`
z61hZ-;-6n`<uAlPts;MpA~i>ZAHh-}f?;=3=p{m;=D|Qvkw^{J6GqC8f*zCSuKDsD
z!bnq6ESAWkhR-9l7c65m@%dN6E<!>B`+$LiGQ>HsS0!=|>_wA@62>`sMj1ID>=Z(J
z!NH6s?3;n%?}HZ9wv=O3pH9|QEjS(GHfVl`)Qu*>@GPa8C!zTPytk=7kza^~sn+PN
z7eQpILOC<#+~$U;4lj(4p+>4YahLH%oKUtEl3g&Zhd425z@tLb|4Aeq!2j#<&n*PM
z7vTRI{EzXB*)~Lg{9BP<Dh(E(bq$h6Ws316h#B$A8PCwlxs0dKbVht1;~9#3rHChS
z%!psfc!pLMGoIuyBYqL%8EPcxt2?2*GI-qVPEy*pWe<#|SWXMkx5LkMs?U6h1Z?g=
z^nz_^UF2p<A~&Iq+=MW46B?~ANnHr*2b?>kV>7M{IlQRV9C8bgVi*4Z$$ZgKeC?P+
z&Yl#yb#=@wWJ?(!F(LssF^~_r4F*UI1<@^nTUEm8XA;Ip5)qV}%ui$t10;qdtC^e9
z!C*0yFov=y$65yHl4uj&ob0z<JgE35+-S!mKI#~uO$~W?5}V)eI6%ao&%^7+t$A==
zMumIWOT$T-n{5J0gFO*$mnx=wJhLJaDjp|xxSs9p#3SU8Cdt_!B1a$QHF3R7Nm#B#
zKK=o}#7J-~i?=6<Kyi;7#K#^sJ@yb)v4<oOdq^9xheIOvkRoCaNku(^8{0Yxu>6oT
zLeT*f{6wOktpqwT<Wk!x->G)GDUp%}KZJ+{Z_ks-eF%dZPv+=Z!QB+Ruzgr>tRJzw
zZIFgQYlyEa)5R<7Y_Mte@o4s{4-*frwB2Apg7<2$ke?7?Ai+E}Kx*Q{mR||3J_lh!
zQu3=|n-NCr=#ba2QxHZZ=`^8XhapT>7Wvh%gAqoQ>2TMu0>X$nogySmWj-ordXVkK
zgZ6k8y6WK2fX6x1a8o@u%DEJ+naUw5alz%DUSJQF87n2dzzk_UggC*IfEKaCm@+q&
zznf-pMj-O3(%=KL>e24$Pw2PHkzPt@Ux_#j#}@#P@1!TJ>wrP@nlB<G66|7FR4{Ln
z%5<+>HpJYSOr(U`d-mvk-~{A}NvKO5j%Go+bu!t9<C#um!a0_d+DA!pE>CsV`{$G+
zG^70Wk7KxC(iKL_P3eXl7eUiTWmP1{;K@K!?R3I$fWWFW_)P=l2w9g|0MlrJ7HRfh
z4`DqdU!}NkYiGqRQlhCI<kl{U!(e@o^b{^Zbv2)5NySP_O#0l`q$IPsNl9o-dUb13
z2F^`NT4T~(tw|X;Hz`TAy40<`wk4?{-4lqVCa`Ypwm6NBLJ`po&2A`1>D+oaLB;83
zv{qu~AcmtiPCui`5;G?~hj5&JM!O|uPI^uQnto2>WyYM{c#s<ACp*4hVV4?TMiKaY
zjUQvRFgzPLGb`^s5`G|f<i_1i=hvIgZ_=r&^!-iex0=rBrt{ly@<s{k6x&JSK)_d`
z0C6DTt5JYB5bz&SfH)99fTav^AmB?;fH-hl`-=!rqa&hcg!3KiVa`!Q+1d>w5ZC?!
zWW3#+a(34409k1GFBxu{#4@63Yk?6IgH?d~Cojw}7CNR7shYXzTk~p@gXO~+KdnO^
zyg~KJVKwny<fXQUy25Q_=di5XgO|fXirw8{JXT(fK*!q}!v1TM_pW#jXHT+!U=o0z
zAw3Jrs2MD=wRSSv48v-EOJ_ROwX+*^2>{dvv6#oxAZ<^Nb?}-<KVI*L{FHTx+MG~}
zQ#~rG%NR=7`a&Ylo+K@K;dh~aYP9Nf@`?>5%+SV<@YiDvu5H$L0^0U7)Ms=qrARYT
z_L*stmGLe^vmUchfBP}t&*`!T%=<s<9X=XBV4apic*lhIa_cAIC$f_x<7z49Q~sgf
zsL2vea3DG1d30}7_vv(>q3%=ZK26<c(*0C*pG@~D>gFZhaD%$fqWfv;=G9ZNzk~7#
zj1F37@;d;w!5`b1{4U-6f%`tX`2+Vi@Tqp`w@F}7Dr_(Y2{^t*J-#6$-I?Sl*8mys
z&LqdWTJMoj?@V%-Yk&-RXOdHZ2FPUKOmg&VKr{~!G#SI<z!)an5+DvNa+s^01$_P-
z{S3tiLt2C>W+tjSDz{-NvWLpGpJ5o^O?LpEPR*yuidXkB!0^<c=yZG`8m6FnNQgv3
z7)<U`&T>+?(s$7sJ6Y)sZ^FRzEu*4WDKv!0h(a*q#8{$PRi>6AIpY!W(lBvg_)8aH
z{PNrE0$jYioFvye?3rQ^6M}qEZj5<M=G6D*ycXf7IS<G988P_btTnW>w)$e=hwdhR
zl;7b}J_AXgofk>XKId8z;py-*6i)yz?smqr|G1l)2_KWh@bwz_I0<29z8dh&0OLE4
z0frP5!LW373`0zd`-Xu@_6rPB&^$22)UGhh*H1DGq6sqUCm3{$`-$$qsh^~VdHM+y
z`8^^4{q+F8YG?<64>FKO4aI@jA2OC!6-mTDV(bx`MOgbHUYbFo@5hN~^Pj033}Tia
z@XG?lA#>zufQNs|Z8&&`Ocx9SQo&p4It=N<jZs308>1|aS6NvKUX*SSEIaQu2$7xl
z6x_3*@_aQXM`=?uEMdQ%W$EoOK&vOmFGf0a4D}b^3|PPl_;S}Y0}U1|DtP2jn`=C^
z`$3k*J#`n(Hq~uV!Cg$YveYa(FGbU^=s2|pkVod8khN(Jv;KT_zV#=nx%QKJD}$a8
z>WORyt+iI*+6VE7ef9Nh4Q&Ta!4LLD*F^2(mhS0p=}&E*_PE@%0uw<znH99$(ikZ|
zmvRNUSWS5u%d`XU=;<A$7Q;rwtB!|tR^?)avH3RFL#P7;Q4C%}m@mXWpCL|oGg0&(
z5K?YzNRpE^V(Q0;l_a=sd1L(sq{2($v$AZcv#{_+mU#J`SPeLDqajx2t$z^Gy}_fF
z{AmYX{9xW4tVZY|X^moY^()}8JJX_`AJmXT^tpe5&WW@)SEZ5G4WEa&RoB|oE@d+D
zx0}lYM#mfKd9!r9VL!vGz=i}>lXja68`y4AZ&gfa{6KS-*4>0YZ5m@Lz-kQdV(F7i
zVyBg&UA^v?hWVCMWTz>ztOydf)do~#MDd%rUXZD6c^1?}qx*t!E``&ihg~JL7RCE1
z^+VXU-*Rw3<47-~tU3$~k2>3N(a<!uYffWLOlcjIT9IC^$8@w@k10UbQn~?;Qpu%+
zqTVf$3ikrmT<x`l)m&GEjkhuMo8@Qy_SQQzO*G_N(A5Eybi^ph>-M<?C3&-JZYG+6
z0o37l%)-Im$XuMCz44;8+aT<OB}(9=vjW{MK-IZh4GF>eU9yt*JJG2y>cGUK-^Ob*
z8*4vAYxF{uq5#X@+nzl$Nbdpo#X^@9>ib<Y3++Ooush=WrqFClq1`!WYX)c*+X{Lw
z?@PFiz)K~C+WD6NlZEJ_`ZjcFwTL^LsqiaEg2TT%5pOPgg_oOHh+!BDFb@oyvCm~}
zwsvV8#Bu*bbc|(Ng&x&q<_qA*ek-~s@?02Ai0tNn)b9O?Ew)iP2VVs;`Zc;#t*#BU
z+`h}mLW7&Y6FFCGgI2wix0dI|Zg^!h4&<3U+^Wm)kb`u9JBU6meBBM$d@$f@EJFm;
zJOZJhn#T!9<JFG26luID4er;vVuC{P#w!`PkLMRswbwFTDoO__701NXWwb@{PTt<)
zA^?M?hegAV{7fNJ!U$W%Lb9NYaFtY^4OeUBxmwp{C=_d+vF2e;K|cl!bYtWcMhT&;
z-L5PuF0^gzF65!F&WBCJVogWwW){&A7m+V?77Ko51qjaHUFb^qU8dHqsMbQwt|3by
z&f<fXeEfBSmhQy*LWT{m0(G2d`3IsAmUXVxb*bgw$d1L4RQD^R@NZgOKh<y>x4EB`
zj_foIv}IScnY^d9b!~2wyzFP_L|MOy`?<B7yR)ts7*V{l4{>2CSK9$lW2AelUW@!5
z?9nC0UJMsH3r}J|7fw{grQ-*R>V7(Ir4*8-7LWG!ci8l}x5Wq%(Am87oUff;hbfQ<
zH=3aJR&>60b8CV~%`7cS<!iU_<O7hYE`7IEI5@f&b)q$Rx#ErM^tZ8YU?zQRdhc#`
zXWjH}2PGzIUjqOzLScv|y=oT<ORl;Rzry|(l4)HHQaVkx*oM@jK)D7^i@Ln<4I|7j
z%cB^eAVXVh0!Bd7Lr3ridAj8)cotCPYG-W)6fx<-$}X(VWP>y)8w%>imw^x0C%ETY
zy_GkbdwgSYat2)+5mtLbD%VR#or&-(00&B{qUl_Dy0#4$&1ImaDvMAsC^b{)Km$57
z6RwKG$!3^Zhwj^Fm0EgUO3x?p-b%__^J-2jGRv&uZT}dL8{sk4ZROh0g2zrpSm&(U
z^Q(rKrLzTVFcXu)g{wkWu}~PpagBx9yU@IMRp^FAnk#@WZC}sWT};xWO)UCFwJ(|V
zi(+50P=f8l;<gI_%c|EgVR0+n(v5`@EOVi-*#1GG54N-Wbmb#+TIlynet*-pK-DQB
zL!T~$w4L3z4d-udG>F<V_w)`Ord<FVOE4HlBnyj^g0~y9N6B0QTL|Am;Stf`-Ea!W
zfR+dq405$BV8VeFEKE&2A6WZq+~S8_ZbK)#=$oHTk_8tiEG(*=1o~REyRf)eC}XBu
z?3Y{cxWr!~CLo4<-$k+|a`RrUWBPs>6_@?8zxe;r_9k$071jRu&F!9EXY2G#&yr+j
zvP`&4_e?gHNgxmiAdBoGB*-EP2qG8mov>s`6Ba>`1Q7*6P>g~Pl+7plP*G4&a0L-~
z3XB4xxFCoqpaTEz_nf<T56}1f|ME%CtvYpTuR3+=)TvXF@zVQBbC_IdPG!+88T)DU
zz1$kwt&~j~Fqq4_l;>5-^Q*H;^Gfr>{7Q4}4IJh3k@Wo1{L(y4`WG;G*EM47f}J-1
z4dPeEkB9nX+Lf*vd<zY?_~p$dfrF}<AhMvihH*K5;N|sl5x#`4z^Ed9!BfC7`0)rF
z1N`IocH_%`#J>S}IA}KdKpcEHWd_hcGyaC6L^xcWgk)+R9tV3mC<9b_aY7UDnmDHM
z7`MqN<0iHbcBL}8f46y&dV*^!!l~x`vqM@t%*YLA|0cGtabAKx^wO{7VH^jH#+N`{
zlnu#`&UIF<^L<(%<qth;IA)K$n|5!2Lq3F!Y8+w=tqb3|y9<z4P-ooE46oh#e0`g<
z@U-AMTBe2*s`YGwv6S7#??U~`21Pau8Xo$sk6;jtP|aB)j<#zAJWn7yi!QuE$%IC8
z;)mhfWP-3T<cGFaaXX9IhsncwyDd4O4q7)e;IZTm9{TuI)J^X*;zpHp8x0hpxwFnS
zsGEQ5SSBs(dxDb6)ie_Yw{F917SKub1t3JuIftK)$li_ataqzZ4eGW^TK-OF{5}-U
zTWrw$CT#cPt`(2nYCT+Sln%gdl{m()1h(Nm0tv8JXrO!u1xC5vgF;MT+hY!^gwwhU
zSY<p71{AT74?FP{k&jk$ct}88Si>HsG+AslK1lpxB-2u{B39Hi@2LT-Uw5)v-j)KE
zO@2;qoASjTC0Yzx<*le-Gb%6~xG!yygjOCdA;st@b<_q+9h*;>v$Rm^sQ(EY$;)8*
zZ_OFrkcADFPOMOAFQ%?e?VuKTnjo*l;zlfTq=cg#B{JDh`%%~XaO?<cFd_m!$F}g;
z8Kb?+=c~6itOI>M<2K_AYevThW%|Rt{S43ciOT0+lku-2r=tJP{KN$_AhCe*%2!aI
zT-(%WVG6cTL{K^vm`4E5jK#n+@Z&5!6V}hQv3Moi<9B*!gd#N$Uem}M3m56#LCOH%
z37o&{-17ts{;i`fl(ZH0MZCP1{*QU%dZ=?)n0?oX+)1C!(KKED83PCQ#y^n1Sd=Ps
zq{RNnOhZ0Piq6GI&)bltajQCw@mIlwl%lqcV^oqCAhUrdczC^zCcv%&5)B>0me*x)
zj<!50TtYhCo`%Jj_MCM!5ulC>BLJVIlaH~b>|^1q&4hu&wABJ9t|eW=K!hBRZ_ijQ
zE!R}bg_#8@9h&^>9A>^B7WTgzDJ_!u1mc+}lJzmB2c_SX^<}tV?J<q}Sk@ilMzJ#1
zSKw^V*tcVL3@ppHX9kO6CZ(M>U@1I7UQaVGOq|-zuslFX9z99Be)*(bzr3D77M;%Z
zenaBs?Ax)V|C{NZ6r|TvoJzI&w^?gFUNr`b%UaO^m!j~?*MM=zj+(jk7?8Wjc))sz
zo;x4i_f7n;1j@S0_xNb?@}DvuL7By%pzb^Vift|pHMBTCMb5ru2LpCfa>zoKt`(CA
z@W#ITpJ>WfkxFq>lC9Zzi7zX6|I1k+p1l3<6Hi=7-oJt^;$kzTaA3c)rTo>Uf;_F5
z%eS{!*CHnv`JYN*D!`KdVeA1uld@<gUZ_NVs54&dV3liM2_TL_Mo$E@p3-~ld}B@D
zkLR{n>^`+Q&#?3!nXB~UHI{L#Gwz=JGYfyZy4;!gL<<N5ztfZr$CsJ)ehJ1_=j>Zi
zI=zqGF|)%t_$-J&PXk#iw>uZX4O^Aem2mEZyZ!>mq(;43lnA`FUaAFqLqSDzgRL?~
zJxD9wIDQ=Q6&-ukx1&>yv{CNy>EBjHezEU<hfz4vcb{kUU#ql<w_E%E<imez9KU>q
z&@ArDuqiNJ$GDhI4v|{Jbvm(8<*n<q>{P>DSxZ}P`G=5LuG}KJhGjjQrP=cQ_<1NZ
zmV~_QPDMG)+qOoScr0tY{~Uq9j29NUG}noRx-6k<e7hY8f)QqjML3=cvdBPi#0b<~
z6g@#cXyBv!!>UEMtv0!G&q#i5{9bU5{%%L47;Ww8%1%GWl))O9hOkn0U>((Q?6rg_
z%BF&LOV7rjgs_6!##(<5Ryf)RZVQW`M$qzzC#%c1O6@BSMP^}|<HsPESh6MEUzNh`
z%JQ9n(^a0?RW3*N$I^`DGP<J2S+)VAt;gRWW0%EO5@4<P{iR+lF!ylfzAkKp`XXDo
zeng(-T+7I_{K%Sne`0qBdyf5)t=-J2B{0qU0wd1$BO)uQ<0aV3^y+>J8x1U>b5xd7
zp?P1SjxfFon`u#dt3M;%#hyxyrd6~Il}HQBLkkG+1;!xSzA$S#69UUFHJvs9?||&Y
z(7<ph-vu={wlE8~;-es$<BtG<4qo{q&ZO+sa{QuQ+&g{+k-bKfUdHYz*2`zWe;#{%
zP>iENtFk;)JrdilXgYJN3$aZKhsr$ck~Sg|Oj4#x^JIet7M>3{&DBPG2#q$kNu!m9
zn0{%fvglf`eODZ*VufZ+?C&TS!z3=41eI&e!5Ne<zxw=)uCM!Ys^?~OzUsT@nw?8b
zvF~ackIXn@U$Yy{fc@0|sb%M;Ja;yA<8A6D|BbdW-au2yyex<%r6PD`8az@SIo}d7
zAp~=HVnGN?hVyB$QKXOmdhap8RHhh1`U7ZW)-&US$AN@%7=$#lMK}i$T*y+je;otQ
zGeXq6=>(K?xPr^XJ((?@y|c10dy!Gu9ekN#9Ak8PcJNtl?lB>Y@b7a=9?LfZNMlBO
z_{NMZT^3;z<x*tjZv{q&S{hN>oZ{KRJ}O%q$L$$!<xD%LBgB7mifR#WRSz5@DW6+5
z$_ss2@^(gfFW<e!$RFd=aL4F8SKVtN$SI}4erGmDq<FL!nK7UMz!vamJ6>N3Ir(C?
zMJ=axv^mEhX5LJDB4f0FT3%POakQ41+6O)M6(E39+6fa#7Bmoj4;yTQ1nMKt8rTv9
zW}H_U6TF(HowBLsQCpr0@@Q{q!Bf-#PA#AyLf(v~U8qr5L&R5~eTEF$OCamn>T6GX
zcKWuRwP_BjI9ze|JV(sF@JhLJw7C1)@#tv3a}7P#`>-Z-`N;_Xz6xyvc0E7G==dUs
zI&NHat~BO+(|4~m=6uU{pYG3}j~Lz88w=(kOOB<h*}OsfCS|)c{2Y_*wmA=?EP0<^
zW^1sJAapui-OJaOw+<!Yrm2^A!7+-5Br4Xfw0^{=YwbH>2&*-hUeuB+XQqaxW`lfZ
zoyF&(jROHM`bntpEor_$fbt1n7?sQJW^6xch+Sva;gkPn9gYa<uy^x1^ep?oSK?-^
zM6)`KpB2{O%cui(lioN__5-bHhy4IGt8C8wAXq+dy=~4GG+v}fPRZIAA&C2(+ARFB
zci`CM!Akl(8OfdqI%{7{H1tz#CHhKwF<XVHf1&wutpdlEAjdl)KA_SiPa&bavxx}>
zS$eiSyNo$Y{JFiqQCQ=Tx3i7;TYMRM+SnKMOif!)+9ua}(gK^DC3Kx1JxhQ|;&2$@
zrL{$P+)3^XsC*?HBODi4y9{t%)3hmVm}_1<XOp}p;(3*`dV*GQeu@CK1?l`VaC+}P
zhk1Tm8PG`Q>AQFp7;$WO-u1x<afA6rEjP<~2+9eD@Bds*?8<+JD&RD~GcWT?tlurd
zZnb&aP@kGI%}ldAZOTVrW4tF*f8LXd{71Cpn2#*;dl4Ttikp<V#gi3`_@-H@&j-5w
zE9^6-x^Yv7G&m<@G9V*5xNt+C@6uo)*#Ck^TY2p~+vr+sbW_%P!8GlhP1n-euzRPp
z<#T4O1qRb##F_Mx<^DLnkOeg<H@66JdWW;uHs@9pB^c_t+S;5?@7{)~CEU>}@})kx
zqs)4=hK)j!=JEU`>&&<?O6aihrOgAa{cSpq8))58M)yQGe~z5C-F+pH1+jK-(RRn7
z+$G35Je1Qsf7ar+_^%Nf9H5crLKtX3V-;=g$)eK6>sVp(LEDM&3*x=eIVpYaqutr{
zLrlbb<)EuL4ozFku~*RX%lTfW;w?W2PDldS)wM(%;lv=b9zP$Mx2Jt8y(dyQ9ZK)9
zgW&rlkhgN{q8pc8;0w=AvelAD$I3aHXOzPwkA(dOY^rCXmm(8v<o$D6?Ap<d=nsnZ
zmVOx9t+sqS<l8$tU{}2tO|v+{ifY-g1Q2p^&&CbFLZ49b2&-8x?Jc!KaB&Q(6MNyD
zqj+_>m9O8`u*vhDzY~TXQby&q+uC6{8hdatM2r_YP(&Q?VACi?e4tchQjn7_`civK
zar{WMtZp(paGX4TgEXR?DD(JAHn54~D{V+TArds?+SnmfwmK56Zn;|{bcYe}%4Y}8
ziJ~q1qiO1%JVKHUtapwr?YuvCv>m#Q>8y@nZyIhtaGEBWmV44T$YNWMYU5P=#_7~C
z{ea)Zz0$<JSC{)L<$g4AAGUuY29_qqfmpPOXZfl0qlx=V++%u8+>0j03pv`vG$-fT
znEk9VaE~6(n2<h<Y^CSurt!xa+t1g%2hVIEzce8IE}5{m1KYigXBb82Q<ycLZc<u#
z`3De5PXnSRoFQbMeUUFk>1s`$hfq_b#kl|&{<Z?v_2iAbqBHB_AYNOlzS>{;^jPP+
z2=rxRun=vA;bIgz>%9BJBwC)}7^V0d{3^=<*IsmXy~OwOP@hK!0A3vc{XId(DEImM
zfP;+ku|BVGvC;ks-+hzOai_N@z=?wFomx{hkY7Aj`zFZ9$U!Z>kSPKrUB{wg6a(56
zS%M4HQQ%`TA^#+6J<sDqayXjm>NH7!lY9i%N-SXVPwhE!gQxZ!NrYx?<SIFPBTo?i
z-y3kG0FL{j7UMdU2=7*49Xnjs>-zqvqACP%Zq$ZMfoP?F4@PexU%1<MQ}}8^BnF?{
zX|c~B4d_MpwN|^l6QQ#)4$=4-`wld|cdhH!Q=U3NRC`dDk&<&WGRVljSlK0SFWYC7
zYufjwp6~HE74^s&7M2Lu6T-<F_f^Yh!)w;}V_mS)Wmfza6pcrJd_6|%!d-1ahPo&0
zl{X-0Ry8T?l>ia;7Dd>L$3U=m&(zL<xEC+gBb~UoR}-SFck5Jxtk=ZL#_23nB&=_v
zoRIX!g}hmRSVHScguHiQxi314H)G}$W#+W;ct$0`t8mbRGdJRmZs@`j$Wgn<a_}0F
z0CQTms|2`RrywN2t<5FC(PHySw|I$Bq7E%lhhHMh-&W@W6f$@rLQ6QdIvbG-Lp&9c
z3wJuVuvVQ3xv*BwlM9R4bgzcs*nI(b){_f+kk)03oi~t{4i)WW>2_!r*Z1_t0JPOk
zywpeX-lG$Fkm#Wq#wsJfmrp-zqj0A0zR1}7VSf+uPh)8I3=jV`<D_F%W<>gYBf6qp
z#@}iF@Gn%W-kl-JQDIBOJ_tjxR&icHF|rZ8do>QPtIm&nh4;uEn3O%yJk2&UFKLce
zoWnnY#{XZWDeDh-M7}?|{c6?I<qIL(U#V`M+ii_Hb&xis#D=_mD2hMTUvM5lUKxD`
zq9`8k0Tn+@M3c8Jzscn3hHX>I57<s;!rv+F<e*NKg2&|V=<z}y16phSO!OJ_4bDY=
zmAw5`DA?uXfgEAcM)}gs_t+qEx@`9N_iw+^{J4^bs&g(2Iv)9xHk(GfvFAJWjPfN@
zHY>G3{Z=j;?N(RMWr%xG5ZAP!1&7yLiq7~)qv^3;Lr51grjpBdAZZ6zUUw|gl<<8(
z&Ur7VczckHQG`uq?m-y$N)V@+h>IuOX+^ha+WR9P8^>3f+J^AmA%*V1AjH5iO@LL#
z3wfC;ZY_bmEoH8@HzOFwwN2jd%sM~aM;2irQvNf`rIyVnEWIbItaQ;i>vF$#ULMO?
zlJ{##V2xk$C9It1%Y4W;heN7@pD#``1Kk2&PFd7^i{9fQ1u#cA#xLb#`L6z$pKnSI
z{XuBGV~N)4e&AJwiDTcDz1Nt)-h$o532lbYI-iO$Au0ttmCs2Eq7_g8!RmDWj>Joy
zl0Qf&QWH7EjbJfbRn`nGCNS|OW#aQSGmra1)F<%yj$Mqofz0tvW9~0}`mpzm&b2d2
zJaadVSu+klP5C#<9QQ)MmO0kLg$ULV{Zr_S^(xlLO8fvi1$!om1L&tQvfknVI^!Qe
ze~lwBo$BgJw`ZFkKYNVOOlrW!kDt@t@$&+#p3<!|$$@<xPAy~n*qNu-a_mgU$I$3J
zc24`p&Z+j6w14ajw;nqyx5Z=U7XR3pZyEB~IeD}jFlMdT+sV=Hn~|ekkFQ#7OwHAE
zJMRTDUhBO5;}||KqD}eO=U>3#;M&xS`uVedUg9Th{Q%jLR`D+EK5Sk5^Y5b+od<$s
z$do=6_>h_;n%W@Ar0gMNwLwx&Yd$Sr%1oF0YyJz<eIZCGo^DF6X(OxGiSUw^UmpF^
zjJ(8Cnw3`wFDu-!VVQW>hK1sn1>%=AA9*x2+JSPv3^zW1B?y%1HRLgY<H=bXkh0_=
z!TDhB6a|-h7{mG#CYIk$H=`~PFPG&0OTqm;k|<{7mb!Pf#k=C78P|5qI=fuqU7Asl
zJjUkVgK^e{fh@43;RRObWSuVr!In^ZoXWy<$Di<bp*hKF)PVGGfFz(;2GTjWsVT>=
z)=TJcjETRo{ySj+MEz(gfunxxw*h>+IA_;E!sEX(E*Kg4tCj?Ct%#At{=;!2c;A3J
z#Bxw>&B8OZ)?*xDdvLn}MlXa&9%%!V$LK~LruAJQue$;YIK!hQ=XKP_6mCd2MR>~A
zx(f&eGnKKv4M%afCu`p}Q?#UbzHfgWZd{AJ17R8Wd@!Op_j`CmTl*|+JeM(y)#x*6
zgpIGD!0LK6aJ?3|{tlO{J{$i5SDnbtNn7Dk^bS{IR31r*JH)L84Y*>ufG;xO*d{R^
zoi5-~AUBQiN5;6mNm9MmGyym<Kcx;Gophw6M>m0;McAovye~F^-A|Yk$9uI2tZQrF
zxpBPRn!qqdPN|;~$Ge~j?6xMbUo?SX2iK6^PuQHzTI~WN|B<|K*p1(40vjXj4{^Nr
zHi1nM_Iw-<I*tu6TpK#Y`E8SK+;6&o<Cw}-e26G4>A8em9fy62uusNeUnA_AIP6iv
zvNL1pwbuY^jl;$WYm3A7Bdk3RJDISKIP9e+d2A-$o0V9;#ZNTCo+BQ#*P`{Uj5fmd
zi^Di!!=83HE40BFAk)C%;E%vK<Q)$52#mwq;h>JdIFua@;0TQMa9E=VjAeFM`Vbb*
zWQQ|85)hCPhr}Zi5R46nLnRE5E_2v<5g5D7X^&+oUFM9%VeB$zzc`Ft=A0ad)i6|&
zO;;r>Q5FtIhXXTG77j;;15;rnrS;?4bl5UQVPnj9TXekQ33-*_NKt29yfP9)uMEP_
zE8{Qp%FqkFi;%oXO*JW*IAN&Fnb0f4G4#r)6YmHrQ~zcOYXFy#LY+&5LxPnV?6Q82
z)l3V2W(=*UXry7;!PybC(_(0?ibk@Q8yt$DogPDLQ#4Y#{NUmU+8Hsla$507{Yo%r
z7$Sn}v9@se+Z!8JvNURW>vIJ0sd#ZPY-T(R>wd;K4Qn$0X%b{7PZ{&sN%Cte(Sgcb
z^0C`}L!Z42i*T*ec{e}`huVH&eLIw^5P-+qFJiz0j35Cfm}2+!eq3$=Zvg)ISIUgC
z47L^_Qifj!`TYM}hFIp5O`eLpE96O1_LC_0#N{}Q+ORu@bBjEfS}@bl&33<lw%o8A
zpecI_STN;5kG@)!wSNatt^%XoHZ(1;E2rP8!mI*BAHQd!9|xyn-wc=g6Li6bJrEaM
zlBRJhlC~ZNCo{60X<ARARjg;&G`v(ka~6ERrf)wpWlpkK_RCECS!q1VG09W)u>4_(
z3Mu<9KpK{Ez#NiSF7->fv{culROTcLWB(MzvR_0b*|=w~;>P`Dlxe-n>#_IbzrFWX
z8RQM=+HiW^wrDAyUHuZ#oc$5S0vpM@k!$Fl3paIA$y*+PxVwTMGwly?l4WWuG8%iS
zX=8oPD03iEjiHRSXbfdp#y<?Ro<migEenw(^(gUhE1|-7!mgFcw;$zS{X?jSsiKjL
z^E2R&)H%5W&=UgUL=Hf|5fCSB0D4(KoS*^71l=B~b20{?P60g!E+7C62<W#_&{6^Y
zE(+R1K(Ap@2_mi~NEvBP<X^C7Icp#H9Z&d<C+S$B%rz#^6uojL`&+a?ukh83{qN6V
zwT-VlZ$|YPdCv+@WmYo65@VFKIb)y`c^BuIh4n&$afnXAdApf)&qWu>B&zNxL@Of-
zoV5Wn>v=^z6SL10va6^iga(v2G6h><UO74iA(xQx_#PvFl8#60+k)vR^Cp~SG{PX$
zjdHy$Xs14Dr)Myf5b{q@d&qoIg+lcdm060ZN<07{mMZ1?8O(=#93%R{lX-B3VH`29
z;yi``C2xo^fppffQi$<9W6(W)49_adhnfgJF>h2>*JYgb5tU0GX-;Zsx#QA4Ve+8)
z9z1ALQWm1xP)|@XV+^8JFP7?i(C#DH{K`B!Sf>$sWan+rc{r+uw*Nw!hIxZdg}xa=
zp;+!C%n+y7q$WM-4Jm$FHl*=E5$k`(<gCApKNaim9JV`|)<5vYShn7jVT^H{GWLMn
z2yYR>-t7-Tdn9+5b$Sp8@)CJ^IfNXj*Gdp8+=aax9!P6MIL4QFnqGokLEH=uEO5NN
zE8LZxAbd1RczAVZhGZ#?krt(facyqkWozQ#Ru1F(on=>}n_uAa<|81CTzaXc{#nvb
zp<S~}*@?qY5P78zcCy%pcv5yH+7oI)E%na@n9ypQ*dCZ|C_lw<E4ER6&SnpA<!fVk
zc`L^{7t^bp&q1;wNtf^-I@5+NEp`z^k)jDbVrDnAu-W}FG;BQls-CmbMq>rlpM^GV
zsm;VXoU-PirD2~jZNKjKL&mr_4b27i16KUcu<B@c*bEE#2lww-v>=%HCq8_oOI|+6
z*ssI8{2FAS&SCpW0H{l2XGBwK*q$OFWB(E#RkXpqfv>_Nts%99#$St&c<A_M)0I-r
z>O={VM3zZF;lO$l(wWia>CISaZVvh-8mY&R<l#o~dc1zI$I)`yaQ30-NJxp;XsWiF
zwZDQg)i3q?YxzbD%w$1BPRsoSt8+E}lna$|ar|w-=CxqxCP3WEq{=W80f}vxVhz&Q
zWX0R7I|Ainex|jtbgk-PS>IwJ9TlAIe+Mq~b%%W~96ByaXdvFJT7Ex=c6(Sb)wJmx
z-$b~l3&5G;?ts;mm*4Fj;i&&U$P$;wN~$njeU~5lyC8Iq3D`=+u<l3RaPI^+?lZiB
zkpuMrFSX|a{JsD`2Sg8F#u*AD!~S?3_MIw-hGho`qGx*ABt?kIp_x%CK!4;GNJ7m?
zQXjA1NPV>5CP{t7nU^D#a_9K7Y=5u19W9WW<JPT|Tlix48aCXg@h39qy4){d)Rwxe
z&r=NCEu^Ph=_>bhL3N=l6<rQ1dWPp#5;SZ44uWP)LxN^|_wa=TK?~laKj$#c9FP7`
zS$%ed0L=^iLV*U90?mq0pa289?LvZPM@Ud-X&@v)(EaZz&5n?rJVHr!$~`EwbimHq
z0kfKQK({;r?JmPaDfgASOBHvB1FhejWb2DI2yb4PlbkrUolWftDt(L|2knn-5l>0h
zpa$Uva=%b0k9+~lm`WeFDfQImKrdwoR9RyUd9jAPSf$<?2p`8lsTUwpK7SZ>V0hp>
zquDST*#&oHOf>oTFet9Wmv@G{@#R0lhaeB;ym=1aDEuo3d=+tS0WI|5=aL{U{-jS3
zwH_&ZM-*k^<4A7gYe@taR}pHRQS>g@^{I@kPoi_hQ1mX?n36T|I+Se=XtAz_-XvIo
z9A&f@tG(U<BDoXTUvhRt@uZbKZ7moQYp_+MC9xx^_*R^liasvO;Wyd_!t1P@9Z#{T
z6(`YCFtM**u!Dc5dW5lfle+gXtrUiiFeJ);oU0Ylx{fBACN+YWi^$s_jk*tb>rk}W
z!&aU66q+6Hhwh-HJf(~gYXKW~F#JT~kX4{yR%a^AL)6$}Gx8ziHR$EVHuMful;|u+
zdl#zPBsfI!dr|;<E^3!jCZNM(9mQZl>(tpEmv^tv<wcY}v?!jr^y+pVFB95IpC)}Z
zqVA<X=y4FE_e|lfLz%{r9J)qwl!;S!+BEu&RcrmeIm1}}bz>%iWdCpu#`#cVJEtrY
z^%85HDJuhKA+!82pvody9LEVC`jl12>Xy!n)|0%UE-KM0up-N3mNS-bV?#jAPWu5k
zun$lYqF#3!j%JQGX-x79D?W>o<>f+O8P`V6B~b>?1VzN#aVEZk>K~d!$m2rm<Unvh
z!VUh8L?47n=#+OCj9tz3L<%emGgAc{#}sRoJXTs<3(3fZh*A-XTk{w4BBGv_-T>;-
z%rp(uVEzi$Xd&KO9E09tp=x#&pmW1>JJEjI#9X1E*bY<AC0sc5u2B=ZrR3d)R?MZp
z%+Yd!_7!jKmfL5fZULTYeA75`ww|q$e>)L4{1+!3l#=Wb8MPrHf!f7d1f(J=5_;4o
zBO4Z?Nl3M+($Y2|)lVxw$vu49;KlV8tXz%xZVB>*JPxdY3WlK9T6Dh5ATPT}k#JGL
zDq`Gt6wxn(OzRfBway~J#`^*-RtpaHIm*I<5yGWMEVttbf7zo-FP=pi=QfUG;g%z0
z8UhHIwbb(LfUFiqiII#!5D&`-dKer_*+e<)cd-z)BN~VgbXYLP$(5%BM`wC29OTGg
zD<8;2w5Cnd&yIFwa7gwBJ5dkGq(M1WNF#T{m;cfaa#YD~(^`!&S%Yq#H3Q8yl75hD
zQzWE<5YFsc5f094E;cX#Pw_)LV_<VA^qOlq^Woj$(H!m(du==K8lOJ0lNSfR&;S`K
z#P$uBm~#90?VuN!0Ww2no#`0t67%`x&K9iXr%N+17MR;$NrkDn(VjYaN*Mks$@r3U
z#d5hizfRV)42sS@XS&omge$RzkMsyeV!0faNNyIs%Hi3I)+u*a5BJQ>sAZW7xZ#TZ
z3M2KDD#}sGzHkY!M;Dd4d}C_8o4D;BhBmE8LU7@%)Z=~{d-5&rNBGx%2?vy(-Ivj8
zKsUOTw}J*NnA={Dxot>Ja%5s1?k~XtHKtfnKJITQ;piS_sY5z09FNv(EP7vKIVBns
z?rTUBZxVWSp;GgoSne+OGpK~S0{psH6SWk#VzshZ?M*6^QA2TmK>VWYaI)?OR^bk?
z*sWd{x4}9SJ2=uG>Adup`zFv}SZ|UN1FRV=h6sg%yTeU}(z(f@)NhvhrA5lK>YvA`
z0Dmha18P+n_f%HtT4pmllK&jwOg|n5VBcpz#{&%KG>(Tke%l4(VIUX}gAFbHKaPin
z<bv_gKh1cU6&Vk!{OWQA(~&R)BR^j6`XvlT!cb%R(mt|m2C*fP(J-fBG-UmpczA-z
zESm^t`mvGZS3w3KZHtqExr&5aurljqp`NFm?!i_pLLBYac}@FuexzR);F@i;Ur&zB
z^WoC4He5Kl_l0SrVeRUL2o-rw7`mvmz;7GBAxpzSS1)XAN;Ua3deL-KzahDxtLIMB
z)rroTubs1?N#}U26YZSK-l}uBs6|+)_Hk$u2c08a6jmwWqP7axuCfJA%+h|K#COGi
zV~Nn-@t}!Ww{@g<Mi4XFJBP-4r&_8eduO}SNJINqgZ8&dRq45DyWzU&x*^f1TWh0^
zG&HI=#>vwmsb=&KmwPV*g|SEgap7;YTZkacUj$STyy<p5rHn|kL|9W(luW6nNcWI9
zjf(82G^!+!)U%xL-SkgcZFsS{l;7fB1*kbmsp@Ff*$E48wZ)lz5Y9$^&&&&&Y$41U
zb}`bmxBKfXc+@c=!*ViG8WRGHQWZqTR$e6FPzGOG<fb8X^YGj!SR!!H?my^&9F4`O
z6;kdQs6FoB<WlZt%2f4!%{c&)ci81#Fdz7GkNrOUV8%b#PZPczzk30DJpqRualv1e
z*q5IVIF8edzR13u>D&hYB))h9ES5elml>x4A68&u@cp18^j_e9315GI&vbCe!o863
zdIV1XcMM_k!T(TX{S7cl1ry@ajP)%zi>7riJ`<m!J`=7y;yet;GoK<SMINoicn9Jx
zAn&9nT157gpDLpK<iY<2Rzo$QQgTpc&A>8@!#o~%rEy1E@*2jOqNfT)Eht$272*1Z
z96G}k5&H(1=k*@77&*qAlz>TrO%@R1iU58gPCo=TLYLr(ix}p}$)>8t(IBPBdS#H=
z9AwH5W{lsXPQz@E1m>^^g&`ZJSU2*N6SslIj7USXVQRWIbF3FcdW_qRfo!-fnMN71
zMoN@Lnk=o76M=F*Re?e##l+>7Bt~R3x5#MrqR41&o$AA_-aRmlurnP(>nne)g8rP0
z^RTF>xSl)hZ=CWiqi-I(W$?wPVtg)SJAf0Wq{NdO_=n(UAaRBN8R@S#*IjBFW^Gq<
zg5N@Y6sL+AyAP-0_8|Uv&LKG6L(ut33aFWou@@2u?Uan0N63h|4l}{5?Q2f(TdY&t
zB5QxU50QR?Kc4f!(D@LY?l9(am}u61jKFB38<^+;<^;d!j4KdsZ^0kW`PtC<c}Bex
z-O-k_uY@}vrkk^GVPG`fFCe|;|A8?hsv=>pnCrgC9QQIO_?26r*P)_d1aHvKXY})V
z{rrc1Zq(0B`uPGr?gBIlUd!IWoM2WWYhXh4BQT)RyG%yh&Hi|iAxaVM(`(<0S!4=*
z%?UciHo-qoFWM%s{{)A9Qx-m0DYE|#pK}#@-?|vRTzeZp{{#p_;#LCXEZl?DXFz+%
zy<#z9w$|UkK``#3u!Er%&XjVj%OqMA7aZT`C$j_@{t@Zn^SpkTJ$x_d=S6(n{gH^f
zk}0*p{IV9n-AVjG%CLb{m$d5z3>WykoN-v;kE)Nc)~E$)O()M4?CnvgcwO4<-2k)y
z#0G%Ux%UnljquLIQCBA}ymSn2KA~q#Y37>Ct||Fun_+5q+0$Nn(hgnjm28Mo{dG1(
zDI7siSQoBcy2ANBCXs0^!C|CMP}u-4G+{8Cr&rwj>%I7`Fb~uA1E^skW8IgevYtLc
zNM&*SXx#&>;&4T2YTEuj;)-^u#UqQP9&Hh0DXK>+er)vRizefKd;njIw0<2KS%@Za
zLs>C0f+tc!98#<2cNi|m;Y{Cqf@ni4bNFb?i^J4566KZ+?fl?5fDR(@Jln=PwY5ik
z_FWRto^>C@LR2f66a3msuu524v7O9y2cbx{tU19iyg2hU@u1HHzxLr^<p9Icx>*}@
z4xDeCQZOgzv&qgCpL_!qgX!jLp&F8;mFBuGjkOA)h((`$hs5Ht-zKqeh#9A_=DG`5
z&YexM#3#puqEZBN;&^CrYj#Yj#W@H`O0O5HXFDe`ebD;jk+vw`6ssqi>+;OJ%W>yO
z=9G2X(CEn&tNWSjAhu%Ixmqy#<bGJOy3||;19lAC=Rk=^pBGkfZUTOE#O;g5S)a+e
zhp>@6dm4usr4x*vZy-s-*ld(OZS>p&H`n{^&@Uqm{X)sv(@0lW2uke!7Wm?F6jOV!
zE7F6!z-h4)yKo=VYdOnnIm%U~<-lXk%z7=CjkFxhC_;6kd8Jg>qc!K`KIN0Ij8lOd
zpv43&!n7Mr4OGp+PLbC5Tlt=BI+wS0M48IzUTZ$ENWGmEh~w;sKkoi$D^EPy;v5G^
zPM&Sc%khpi7lR>!0*Vhl`km6eGM{lT$f&XnMce~^q7@Uen3ZL}H7CoROr_;K+)Rm{
z;elCYn-*Y^Ytwa67B~o}?XAhk;=2_Wzz0aST4sCu<BGc)t11|54V7gJ7G(0a1zgY9
zrzv>8eq0dd;<jaY778sc5&l?IP9Mq15~rsD`IKly9$4KeC&XT$qis2%zX8e_Xq*G9
zvz$7<kx}P-m(3`AL&k1L^<{X158-{?-BIlt+h>y00oPS0NjubMP70}*B%zQ|Q<$2i
z;X(-HL5CkB?X0_>jB6z6@ivCB-F8MB(w+gfu*+J+5w{b_Bvw&a@Y&Ew%A<7do9G`{
zdq)2pg)q{&t`WS_1h?}tl2%=?oSCu4nTCcGv(^aYt*yDC-Y-9Y<hFa|hCZ^@M`mw3
zD>t-j%d6cxJc?o{XooxD9OpHn+|bzDc3r!}a}spnug+Y%11{77$^>?JidbOE;a}3S
z<h*UWb3+d-Ja}SkSM`tWKMoZb1P<P^?WVEb+|VyxK56p~n<akn$~Rsc+im<e@MMLo
z$jXhuixeLcVC$#7`LN<L0x{2lNjjpK=M#w2VgN^c%u#0?qE<jiJq2y_ePT5r>#PlM
z-dUZ<3e8c3{j0}jowI__Rn>Q99g<NEU0!`#RtTGVmsZEoqD$GL_%89j+j`$+-gkTN
zyN&nVj$h||<e}XV;d0rRDPsW&J%+wa*=x{$%Fy43!C$~riudD-8N;dYX)O68OFg8Y
zF;T?hI#k0KBASvMqI=;yNH0wF6rJ0UZ#F{vtBANh<J|{D{$-<wytJPV_J<|+XNc^j
z^NasOI$NPUOM?2i)TDc>q6A~Vy<N-V)zO7cP^^wigEX~`KDxw9c<NuRW6n4h`-Nqa
z4(CcGB~wOjLg~E0saipw+O(mmgf}*&Pl|H<3v+0PA(BY2+p2TD)2;)#>OdtVZ6AO@
zd=4ZI&qut|tH-9gyu&NnDx%rbwMhAioX~2O>zs@p5UMTXthUaa<W$EJHTyb{pnce7
z3bGf#EjC(;&gLL2C-gl`s%O)ek>GG;uy(Btky2q8hdQiHIoqQS>mrn~oU721ACC28
z87Ued4-_C2GeR_V$nTL6+Af|Ix1wY5-X`hG#Yk?&IHq^Tc@E`J|0epE-_5@k8*=&e
zaE`+s9iB}Qn~#HeTw?tv%PqqYru*k}-_TmY@!vwY@YxC<8S3EdV?g*UMcG<EBl@Z8
zr>37#eBA3XQ_6+$eZ!1rBi}tg6XxsLxjcs27;U9uubRCSZ+ofO7x8wKiv6LtRGby@
zw23VzaMZL6hGP?c+#g{#Q0`Pvr~4><1>g4sefe?p4qC)IgL{FJ?gdKrx$x<RK%Q6$
z_d=qLhy6*(K8F#YO;hU;GyV@#JTL{)Ao|OYavfDF$X>}>G>7?A_m2#kVT`75#2|Mn
z5m`UtaO#>m7=CixnpM}-YUg8UEM@ndzNP*$$lJCq6#p4zXnncc`5LjDDg1>TaR@`g
zIs@JAb*`MJ`uZQcpvt58VWjKjXMFh&cixOKaB#a~Uc$+Bm7f5<8t_5*b-!;Kq%GTE
z{+iZaLzw-UQCP{Hk6jjACFh?gNc1L~>`i7EZ$q4I5$C}_fXCE>xNh)E*VBuQ*c%l(
zr1%RT{9_!2UTCAfQK3Uo)PBWPNE4!}Qo8pYrn7L1zhJbP&UU`1)|U!%G_A6q<vXU1
zF$YI&2Q5{|RF>`>#RA3WGrtk!bXX)42d?(2AecpZ$5dr1g_Ck;Pvq)VeJ_%WC{J<z
z`9|uUXjk&a*sqX3F15_W)o*JDpk{Z6h)!gLg~+$s>70QiTdRG}N99|RELwE&k}TTO
zP*vI8kAyyyL@az4<2Ua8R^jXas(Uy$ATg+2Za!gP$=(Bc{0Q6C5Fp|I<`b+s#!z*M
za|^MmTRV5lcdm24eEXb7<=a>k-vnVEY@|Gp3<ffL2^(n3aGwY0&#4JQYYi%$2BEfA
za`3lgd&jWRfrj(hq#7;5CI~bod@0$8vK_g<{VBfBpuba6Vf4JbtS}efMfk16Z%_Qt
z$|BWt@ZEr)a34b(;VL>)D0`uL`q16t`=j_y7~*IzI)4}6;T|SyU#RXoxT+`(P^j+e
z1#pi5Js2;E+-K=q=!LOq3f100t0=8hsJ1b_Lctrl?*d5}Hm%MwDsLYN4`fuW@QAYe
zyRjT_T$@G}rQ4qKE9DNOd93#$WNJ3}{}V9o)^T>$TGcZ_&w7qDmCK3kh1myS6zrio
z^6o-EfyfTKpDgUT!48{VFt)w?3>i7J8Xk?%xBF)Kjvn73K`0;ZU0jMUmLKrnj5|8V
zoMck6St-g&j%y&;4d{;16TstCoQaMWP4`zQ+6H<Ql<|(gr5uyY5Mq92=Oz0nSeRC)
z7Y&ZL*ZpK^eFzuU0K_gtIC<K8#g^SL-fk?d>pgwGn+pp!@~{2^bu)RkwXuY>>n{f0
zne<XgTSLqAz7%-7=>1FJ?WUK?+=^U*mok`?j6P;0%*w{uM3X;Dc~y(qI&~CQSQ8C^
zY{Cn;E*^mGtQT;%9{{ZcNy9n-O{e*h20o2BVOk@gZ3Riw(<B0!hYA=>b>p)3(?~*@
ziMFisobRbYWHt{eWu5fryl{ZlD5%{BjUr0F??Lzx8on?BI+h@3DIliv4#F`h3+{_3
z<@)Ws3)0p>L7C6`*UEgFp8*TN#*qrtN-4KK7o+Nv$kRPi%fc3F5_+5z>!ZzzwN_e6
z%N8<i+NPJ_++#V$wf5m0^r5;2;Ck?R5VXkpMX#)1ba?C6pW-O=%KAlzhw?%kh2GYg
z<{K3{6s695>*ql@uEXa0sD%z23AlK=fXk){a9&0NPCON-aD5|etO;zlMp*s)Afxvo
zG*Yw=PZ#jf=>k3&1bj4})FsmeTs~dE1wp`9;z@0qF5qL+1USE7rT-R7#p%DH0j8o3
znc8vW`Uiaa;OvHIkrrAQWO-aXzzPCRiw6t`0T;vrwh98ShzD#P1aQR)Gk0zPo=Cbv
zSpB@9q_@RWIX?*aZY;ogl&NGsA4|CxUT2RuY%O8O#9=2jft}R^wuP{t#^Q$LI}zaE
zMWs`mG5m>CD<JNP0B0?c>v80IP}O*Va}$w&97jGoK#m7Ee<$*eH%5!$oCR+J7A`c2
z0Ow1M$j%dl4crt>G+dez0nU-YbFPRZ2Mbps!1*DO%`e1K4wkh<fU_O&oQW8+b6XSG
zi-e7RF`B4zBD_i1O@uuc$6Ii7Bka9|{RjSpUF-awu(4ZWuv6f5z8r`BjWFZZ7+x2=
z30VCfIDJt<I}%4en#d=|VD*!Nxpi7R-~-bIoIG8?PlJG)Vo5oVGGF61ui$b&Z6~ao
zSk&d5wI3ngIjgMvorWwJX1JC?D>Ib=n5&it<_*S?F@cE6OTbT%9oIe81>pbi)|liG
zO6rxnXv~93#5Ek>b<)6|GlnwhDx4F(qEIbkD;5Bivp}(iGP;8A2@Y6Y$IpiAKL_w<
zf(QDhvnyj!?7kd_2!`qGO+Q%U%yKe3rp#T<s?*(@@w#zM*!>};bEeEyKk&swVDBch
zAPuE+I&r7Mxw^&L21(aC-R-Bt=6oVHr;1`Pr%2RIChxq%FDUHKIq&j4wd2jfyq_~?
z5Yyrep_z8h0B(^u!fC0UqZ(p$8Od9QXFDe&l`X?_oG;6F!1+7Beu=MU8%8Q0h@BRx
z*hy{;LN`5Ixw_mULj+r^7VINb=aVn};SjXkVuXxMsYSQG<Y-`Dy=S4b>h>m#T`9Bs
zd^7>KVdS@Q<|KlFrTF?=F&wIiF{BgloxpD+elQI!iqu>1<?j~!?!@n2{C<KTgq_B-
z_`QhVKk<VAl13^;7=a6U{^r?O4fj6y9gH8;hmB+L8-E}ExNMTvahFbrEpRk5emvbj
z6fjZU--z=-I&<jp)^Xmtbo<50ca3F8wT@FyM}|b}_%NLlKxiAs?M%ZxU2tLT!EmpH
z6M3ZQ{*1a`LAl*6g7QZ?e<IGO==4hT2;Ce!t@7NXYoeg7<CN>WC2>+b<qnDSMmpan
zPRi!pHE_0#L(kE0Pk|G8Ur6`m#HgO_UM1ht-S5cPcJGt#@k89@x(|wH?GVKTo@Zax
zLDi5|?lXch?*3Z7i`_ItJWwjw%FU`{z-@)2wOW~GRHSQtc(SMmrp*q(s8P*#?9I;R
zyvD=VJ>^_iIp0+-0I7GUhfyY&m@hiF1h`ok+r@#qJl3w07_TXJRQCYrRUj!SGdKX)
zQscpZkH(!p5$+IB?wEeicI-Zc#^Rv;C4Oy@Umx834ST;O`0~fWyr1_w3Sa&{;Qgp=
z#UBK_^5YEw{;o^>*o9xh@2mLTjo&y&d!?Kkr%1!Sk3x_9_;>04zPf49E$>#)(rx3M
zA$fP6xH)6;uF3t+d;yRO<&}skV50yw1sGK)?_L-B-kW#76#CwYr@lhpo_Ti}6Rqy-
zJ|@MeZs$Isj?o^xS#G&csc+EzjXI_o1k!osBFDi_6hA}cO|3cWa4a)?5xcSoW~-~v
zxPYF7$l7=jGwkuv-Uov%RH>x>N<ei+51+o?y&YAAQDXVACrkJZ;I|KchvIh}elC6+
z@ng?ijUOBQNBGHcS57Eq>o{pl&K<<k0ZBC^OSm#wS&H|%Q7RGf?F2em%?;%28!>v<
zmZ9}hc9#LWb^I$5^D%MX1UH(;PxO-#v|1D0ES`6&=N$3aj8r`%hu7iWh4yf7lECWm
zZ=H8n4vOjbO4OA(_lM%xMhiCB2^)PgzvNH0oGZneZh}rfH43#I@K9ON+2udUTA*m_
z@s!&T=joDu%u4Ma*f}i#=ffdR!QGy7J6BtZ*l2~7DBB2(qUUiN+x-E?$q15xN!y!%
z#qfg!Ti0rsPS3l$6VRNRKzH)(Xf*u$Gy1z9-y#TC55AP85`IHk;dkR3g`bi!jQ0cM
z@oWfR>#<0p*&M8a-1D1;x0ID|=cdcd*bs>qtTS0x6DPMlhrz0+98fKNrdwqMxG*jM
z%wQ4ZFeu{3(a4g_!H=nKjUU4(qvV&rZSmV7;@<^sO33%ckBjCS{Cr%}n`7~NKYpj;
zcRGIO;<pLEPvFNj!N>g^+~e2dk1T>CvgVD*ayKF?-H0r5BeK4Y$kH|<OWBC5RwJ@d
zjmWw*B1_VUtVScU5RJ$hG$QNFh^#Urvc`<a3NsR}FL0uhWOacP{i04;Sw>`C8Id)_
z>+?&<XE;B{fU>p^q(&l3`vl@*Irii*gMl1oh;o=05i25xp;zQEbl5{kXknc(>K6n%
zwc#)Oy8sEeFbEip2Ye_9_}Ri}4Ce`Wo!v4~n5YZuz9Amq(6EXFIi0s@kt}I>MUmqH
z&dWqTI*v@6EQ%ZtaA=Ih!T64*OlvKQ91n14rp4J9N2VPYMUDqJ+oB<yed4XLK0uBK
zIPW3ynQ`RF068AuTt;NthtVyZv<7X*Xffge&gY3t%P|pTT9r}ccz|;kk!e#Vf=qie
ziX0Dc9wzed@F#*yOEij1Gc=Kavx3UJ9*?mh2<W&Y7NZ^n%#8<}9Rw_k2W$)ic8>>~
z69gO@1aRCt9K|}QdAwa07zc1&#&Zbc*cF37S|h>Z5Y-VI;&CL_WnhLd4!F9EzYxZ8
zRhMBF!Z>`yDo`X3j*_|znh=kJp)O-1gt1NQ(!?Q*%~_Y$4Pk7_x-@JEV<Xn3O+y&l
zuP)6Q!q{|mX~_`Au~wI%7s5EC>N3JY7)MTB22u#)0IAD(A?#n-lXIXq*^{$3;(KyJ
z;(PLAyghl!fC(C7NAAfz89x(kkntNKMa(M8L`vA2+npOTa!K5zfiB9y;3|9%!0%}M
zxUQUr-#Pe2H)l7)|6llh2frWV_jCMyjo-`ok^2HCKr1TL^yJB|u`7Q2<Hwb8d@cUC
z>&Q$#c_N%czd|JUX7Mvf7Yp_8P5%)7c;S#f7(*LFKLr4~qA0%Xzn+$)WdHSNadMj|
zd~w^8uQ9I$U~Ai+{1cr!iSrpc4;Cjc>$o2fCs{(_p4*=MHl5^~+n)R?on)HZp8O)6
z<e1x@{0yCBm)oAa0#2>d_r-q!{RWF5{;4xH@EZ)AI!Qy+bCgz1JqKyM)U*50MrQDs
z#2ME(>Z!T|ILK(5n(uBS-&uOxd;&&yHhJ8F<FDWiT=K-vqfq3TQgD-JS}Ut!!@0+i
zrp56#oT{W?D(!x7WY)1V{&=QEZl(st#<cH4fE*aZTu#M)0KSD{axaKwYBZcv{eeex
z>p4x}`IzB*_7DXr)1E|#SQ>#IaF2Z!eJ3$Pp7Ty1zm**ClN$iXvl>;;X-?JwaG!z(
zN1?}@Je!_tv#=v=PHv32&+*+E_s2jjA{e(N6*cQp{{xWoLJ0LkT63aQfznj8G$%{-
z<=pvjlm}aZ|A*y~MmQfOvOs1biQ{>9LG0!4jC@hr5BjBLy`eL#l_^%Bk4u%bOcvk^
zeK6dxiyk!1MG^PK5%-59?n`{P=<P%sLrUeaRP{=<AklKDTHMp-I`FMHn>Hu-wcgK2
z<~qxR@oU+HIcH+zI(OoaYIfqT_340HlMICCjHu_#z#}~2L1>#*XcMT6bfaHp%mlZ`
zOAexkzk$tUsv_`ghVaTmMj8)#4eOE81~yW4rXQxU*q&^3j&*Ll-#UH9<;9FJE+M>}
zp%6AbA-t!d5O#o{V`FI;!pj^P=`_Eb>?nrten)1KDfl7mHiq!ZM?8d`_*V6xc9)ij
z?Zh;w=oPOA^}6Eqpo&+#9#jEqUJvSlHLnL%!{Vj&>p^X?ct}`}7I~8gD->uCFIp5}
z$T78yTQYo?bUHubK$`Ite;}oVHWf3KYzhc#@DpX0?8ui~sKphAogz@J&2V0F4@cvr
zaBcVq{<xPh*t9>25BGO1h66b`|LMu^T&%e2nisg{!zHRTJ^tI9qey*=buNaPD4NXn
z;VTIr?vWEy2z={2qlCa$4tF8&t@HR30^j<D{AzrvrUdbi_u}(lmGOC$$@n}2W_+HK
zGX7?MH9nPDg7}wv@p=Br_&o7sd>$1uJ`YnF|Kt2>e5$_$_2N;42mcn53g8bhUB&+c
zoV{Ls<#>ekwZrsMUyX$Gl!W1@gyFNI;XEv1_^Dy|GK2^D@|@AjcW1yYa5q&g26dJC
z{bKNxmC5i>mDT1MDyz*SQ!hG?M*IA3+6QR?Uk*r#&l6N15Bdc`^>|pybZ_QY^W_0k
zkPeTWm=2Gbm=2GYJiK?ui~E7N_e^+$O7ei!i*;Tcjrv4EVR%5x!rT%ThDWY`xE#H*
zFg#!NlH*}kkPVNwJox4DY(5kB-Wd0OJ?{Mhyndebhozx=>O9->(tae4{%qX)O5FQq
z+&k;PVtu@Q+<Qpedu-ghF77=$?!7$j<<?3E)A^jk+*L)q+)(+=Rv(i-6*Ni(f~sHS
zb;qJGoPvNL-o?^Q5|4ZS0RG_+&h32wza)fnCm+B!g>Y`#BgN#lJmTdxE8^u2E8^wm
zD&pn7D&pl<DdOcWDJZ~_u!7g36$AL<5Kf&VA1*paTdecguC#}($%>b%%syJ3+E5-E
zRg!$ToFaN~(MyskFVU%n<fGN8Gv%Qjkd5WSn~8oeIX9xjoD}!)tA+X{oRLDk0B?Xk
z<4#5I=2y|N^9XWv76tIZRXzSGA4$;`>l{>g@PGiwaj!sO_6NItY$_(QM5Mc*84l?w
zXq7{{2NEs%8axvu0pXe88Y$8o=LGo<IA_XtFz;NXj)FsCvSoO%=#YBA(JFd~aI`rj
z5OB21u{InX4renQoet+Q93_WS5{{V;=Lj5Shf@iTE{BuItHgC!A%hdu>m_TnD!)?m
zp}P@2;Mb9Ar>rB_HrA1A0_#W}O4jjVi9gFBrC}XOGkEUF8SbU`t7v||_40c?%#T~J
z!B#&*E`rREixxBFBEt;1XfQ)kZ8j>&Ff*L>HGbzfOXNG?kRYPQd55GBj)FtV1V_;!
znejUkc?KQ4Kci~hDFhAL=2%Ix$005A!y(-a;*qE++~Y$RqNb;S?@1LZ#cE$Bdv$A_
z3`fqqWD=Z<SUt@499GPN$65N67iTHr>;m4nPIkpKMJN-APiRg=qZ%}Qd@?zW@d<s)
z_$MNNNC8UDBx<XQ&;=<AZqJAig(Yx47z9S4mnEPn*i^0dWph`zNeX&%QX}Mg4r|Tf
zSOWE4t5p@bNO-CZu+$(4_O&NJgh`1e1D}@`2|7drkga?WP-w7MoNHN><i0v%Z9;f4
z+r4bbEPs3v5#tN`&ArZ@;_kzJxPIqbbXzBquY3`a)@MY8SWhmqSr;b*U|_?`hA=TG
zb09$YC$u3(vhHO(7xBw{aiq-mqU<M2nJ@6m{8ZC2hiact+icZrh5B9$`8Ys*3X;nt
zRJN#PGwz7OgdTcmOBF<#=pDbh;|d}f^g$O96toQs^slsyUq9$v27PiQ>i7S;PqHKD
z%7ik-Ecd9{J>q#=&~4Xqj?om@$5<*_BL6rYxDS}NuF!&VuZUZR@=tdL3oy9r@`ucU
zN|al^?#qWIfQzOE^uz<mE@;5E@c=HT8n9P9fQ&}d800WC;HY>EvKSh0dOUzUh6Y?3
z4<M7F0iTZr$Z&SP6^H!@Ugwu_*eiskz7cH$8TL+h3>Hy8j0ZSd1JBtdhU^?g*kl}b
z6=7e9!@fh<>v7o1yBcAaHi11(*kABR=@vWBDSZ>LL-8j9<9hB~8He3UydT72T#TLP
z<FMC>SNc{gJ+k&rH4a-2ud`1aMi$<APaJkC@y?6GxWYM~jKjE&J9ork_c3k)_84Km
zjpMyZ*qpm#WnKwy2nz_-)!{t(GFHOXSQmWxHJh_Rew}sJAR*EDs+BxX8FNui;-SIL
zHAO?mv$BSWhpORRIy9t^oh9h4)m*k;T{)3!x>PWOn)?aNLa16%PDtG)3g=k%;i67f
zRyfCV48Bm|9McMKle5&pRc^P2oEgbMw8^|2II#Vc1n%X)!5xEpIdCxhIS@b0fkRqD
zX37aJLZ~$2R<r<|84}E<;SlyymwKJ5NF2rr_tfVk1xEupp8ZHvB67W=a!kkIUQs!&
zeK?h#e0+}W7~I3>`1awVKj)>-F&=|^_#EdxoO)7z`W)*qxQEa2u5f4^YLz&&eb5aG
z;>h+vA0o)P6kXRKPhTq}y+K~S-n2Nthf`weXgFQL#VPwSip{SL$9*U_e<UV1|L?fm
zoYBlMUW@SoaEAP+>&h@@i@Fw)43UfW_dAYCoIZyv{~d{w#Q!%WP7?p$kT^;FCK4xs
zH<36A{4FF-68;tvCkcNGiIapkkvIuFlsJj^e<5)ad`g^r36;}S;sgnmN|qEqvWb>;
za*HMKe?j6Tc%j5eyrINNyiFud0uLol;(ZH=lZ3y8#7V-NNSp*7N}R+SN}R+SN}R+S
zN}R;|77`~34<%0G4JA(E4JA(E4JA(E4JA(E4JA(E<$hE}1>y}QPU7YA8VL<0P7)eQ
zoai0s_qP(d@9z=LirWbelVERbT@T#B&cT9@?eC;jYS8QLsQcs!qijHA!#m59BFy%7
z+H<@O@PIE8$m@1rlGpuE$_Vz5Bs-0JKtkVg57=biO0qT0zIAO~vPo{#_E35&hmqDz
zB&bWxh-W7+81`T!ki0lgU}aB)E7noH^&1ddc6C>Qx;O6XB0IA@?8~?p<0x?Yy_uk#
zt0<fkx_$`sBUpk*n8JJMSmBq@`XWn@vhi(~=keW*e9-@@j9tZybvsh&Uba<6WFwO6
zXn)3$F->lUJ4hLZ!rHW_!&e=O)%`OfMAD+-MbejW++zO~e~K{XE>fZ(=v4;&LxTD;
zA}-RP*0eQ~K|KuOtJb%oEpz(pQMQ&#W#!uLh|{!*QD?o6x!Ab$Tl!W}a3$~-Z5;OB
zO~8{q-~Xy@v}Ld>A44guTbW$6x-(M))@=Zau+9AoijQE@Jgrxo7wo>KAz_yWA!UX%
zuNWRDlf=bJm*|2}!-D7JdJKgla=Fo(!A_G?AhOd`Z@AM$Jhnlt6%PE<)xL^2>Z%2<
zQMl?1aQ=!ea60bsIdOq)4X?902CHuj_Hgk4=LjNS7)M?oAjboo+ll;m9C<Q8jt4j`
z-v;s`{LzgPi&j4?K#m7EYlwVa9C<^491qZITQ|p$oyVC#0>%qmN!X0<G{EZNm9Ins
za^-6gVuV$2j$i@_7%zV%VdpjC)x+yzi3DyZ^0#6c)&Jb<Z@YgK4|pjEXuCIBwEACy
zfPLcuF9!je;sJjR0v?J7{4EIRzAu`GT(@)9#9?wlF9G{7P!f2NOM3}q-q&;PiYF=;
z`4X__nP?mq-rP<EICH)W<U{c%(s{h)lZ1V|37%ZvOT>Ms30}wd8q$kg=}RPVFp)Rm
zPozM+ew2j$pb4H_{Y%8n-rpE^_eNOcieMrE-ez(xLX1d(<l0~Y_8le~hlO|G69IBH
z%6UDWs9Y~hz_xt=iN;~!P5MND+%|OL(?G8wCSY<6F#+TKDknZu9J!j9fXUUw1dMmG
zoPA?c!;$NX37A}0Ou%@L%h?o<D_0m3urXduj88wk)|i0tMx&FMjdIm70s8<O_A>m5
z^y)oLV9yiQ^Zgj!zVIetl=C=e$MHTxyf`eP0v!)<zC+~S#uI4!K?6*+Pvru20(lvc
z55=EIjW#sGR8>_HNFaZf$UllDpt_%e91n0_A@bZGMsri8P(h9dIQsz4Sr<nR)sEu<
z&ZmidPYhXZ^*PVPVZ7nzZ2hBX3FNk)V+Szu0<!Kqcf?^_-ktm6Fs|ZBJTBHr7}w+^
zj7x74##J&2<ARoiaY2i$YEouW{v?bPJqaW2Ou|UMk}#5`B#cxg2_sQR!rCx7lQ2%=
zB#aX_3FG8U!Z;C=FiylIjFT=2<D5ytI1Q38j_f3i12_reI8DMh9Fs5($0Ury(Rn03
zhBzFPFb>BEj9jU(l67Gq<)}|!9BXyq6GIrsnzDl-jAN}XTwe&|SW^ZqgmJ7XFBQT#
zu9U$DVH{V=AA~TDD_x>P7{`^ak|B)aN*B2h#&M-<R0w0gMRe(<zU;S%F1^6mZxLO3
zfwA8rI_LspzeRM=1;&1h=%5RX^IW-lmPPbs&%mBxckU~79xmbGUOwf100(k~>N`!P
z3Iff!69U}D)UNkYj}>Uu)K2wKX|1S$Yh=%&xAinPVunnfu(n%ZyeKpB71@%gbU!?W
z?Sy67Qk`XvYPxsf{yAZ)>#qAA<R^Rgrpe&Gctr|ZCmGRW1F;&4$9fQt`=<XnK56B@
z6Q6YT--*vTHC=quU_B_in6CaEk*NAkQ7B)yi+kQJru9{Pu@z6tTQVc2b*Jxt0Vd`k
zm~fxr*O#1B($;qv(f31=BL3qdPfMpN`c`$55cDWtvDT0gh-SRxq(54W??F2UH>#(p
zPZzGFSK2aK;(0A%;eXgpVWZt@oA@h_qPF3rwHt%0Sluckbr~IOv7SN|hV5VDZ>#+*
z{(6{VPpgPK?uxmb`v3Zfj`drK@dx>P0quadNWsOfAKqa7JriL~1YkW6FHD@b)Wzz_
zbDTz<xTP7$KFT>*6^|J7=X-4SUl6Gk-<O%zozPKjOKE`s`zv6hdEBS}FdADdk`p3W
z18d9qNVm#u{H`pl34a-=xS~&<15dBfIvC7C=a#=0X9A@h42p}2tM&K{JUVg!VF*;K
zY3cD*@MoOjk0IX>(+T%OGbNdaTz2sDDHk%zT+57~Q!2>mf=El`kKHcWkN*}2-5F)2
z<Cu4&sbiRT2`1N4JB~@soEYZif+_n!!R$rulp`yW)_eS9L6VK1Aa#34gO=Aa<8K!X
z*>DL)KQJgf71g7`RelX1W<(8S8x%*|h#G`wc&-d+vf~NRC>4@Ig=minn(Sc&tp}MB
zZO{sF{!?&7t`OkdO`KIB&ZUAQA_3woKO25OsR-Kp1Z_Cz*XvN`hJL*c_eO$#h51nO
zE`A>rr|H)YNm#ZUQpPzY5A$y15bLdH(R~@+gh)vrf!{}N=-U4h<kdlWF_Rk0Yevi4
zno)s~*HWz_mW{U5v67^Sg903B@klf6A~?cQd$nnurrte*DU5a;v!UJ;*=CgeCg$=d
z;V*f~Hq@K3GtL^n-nDl(bkfs9kxqipR>W*lgsxIsveH#IqcS%^I1UJj8dncO(SqD|
z_dLO&xtx5L+mnUBBaA+oX_pH<AVqk;!0wQ_o~=N$%DNn^1+6pQ&qcyl(fKYtw57KL
z>M62zu|zJU3XcuQiZi4ugVIw{Uz@~N@T|iaKVwNUShr0hg>HBn?K#c57pdF4WZjB#
z>Yo)$m~s*e!EVs-qwoZyZ*)$CB#w4woNyj}Q2OgawjfQ*P>O!7@4+4SyXY3nIG~ad
z_;ELc@Fyei+amD4MBv|zz)9iME_hL>ou=OfjkT&UN+kOs3kAl2?X(u<e4FrhK{4<E
zx)bC*YNkd~>pqL8Dr$qN34SSiJ{JcO(t#QK9O?(qwB|@^;u-|o$HF~qZN^E4`yPVv
zI<34>8rYvDWF}18h8Ah1EIH$CAf$V;EMklvHYvHR7PFzf_tCAg^~-qwmh0zef3|)K
zrMcp1%c@B<Sy^{A#h$wuAI2*yyql7f`zSdvF`Tn`6D4Pl$Y0(o$=SR^lCuNr!Xw%G
z8GhQeBccoW2#xZ74Fj)DGnt@K;k<npAbew?mWPFCF4ff;l`>xC`#Rux`y2S%1*`U-
zLaTr`5Ocz~UUf5%d$RIMjT)<8)sWLWQLb_}l9fiz+J_<lY`|goxO3PC!))wqXt}?3
zU?i5NEA~-fF#%Q+bQaN+KP(Ry#BM)6G|7(-t@*2+<Gf~<7dyvD9XETl!Iyu513YAK
z+?~k+@d4OXaNzy*qP;5|6Eq8Dje*-Qw^qwOP##I&hY?!6o}#H_dn4Nr)|xemJ~2dH
zqCZH<&9aiP6n!8f<8zRH4%W{*^m7P4?jP9FcoV+V?xwY2_!x||^70SGi!N5N-B0kP
z6w<1z;IJm>gEbMH7^QyVTffk<(w@jVc6x0tY<UC^)s#vy5~RKKg_)UEJom0fpl8bK
zHF$fSRrK=Ex@6^T7VZ7jk@k!fs_gaSamcgW)l=%yhksi^R^)~v9+za9-PNq8W3#xT
z8p=bY*`SMJ^clARQ#ubHB&noN=3wBvA0-oW(U_h%Ys6_DpZL@#5qt>Er1}s|><QmG
zbug(z2+k!l#(8PO*h}X0uYme*%;`bXeu|mVaDHngCx-KL5ySb}`nJK?{CSfO#&nhV
zy%-&KKmTwR;_V9SF*Hc6kj3*A)_=2Y@>Uyy<*lSrfJeT0X5gcd_j2H))gb_24?9z9
z_Z*r!jS&F=yB;z(YBdbzA;zO=Zx}ekbICy}ZKc*yn~)CoP7Yo?#G=;Q#VYr80J;CE
z^dh88i;^Rz+^*G>u~_cNdPd7(!APq1FVLFKNCG<fJC)XSMrh4Qg4RGEtX{>99396X
zJZx$ygGYEuU3^~_ghwACvV`!!(zz0zvJ#$hgz(JNyl2Xl+8E)vJKniUc)BnvJi^lz
zk_#m~-5@+3FeE(Pru{U^C><fEtmO(!oC{g0xJR>7j$x;9wn@4kHKISHMx8>9ylCA@
zjk;~2M%}hhqi#E-M!lt;Qm@;Vq((mu>N6q56GGJIHR1N0^Ziq;3!VD{GF0jp0#Kec
zI3ydk@@(HRr&1n5WoMU$O0xzBOGA7dYN+S1@(=)X@Ho`7mGWGK&neAC_|B!d44;ee
zxd6;&c&RT!{su||e02oxwDNJRp3-c+4_%rgU;BnU+GkJ++n^WGl@^K8v@>-8M5;E=
ztD2Cr`H8B{*QzZjE%4vG8m^QV;?1k!(!$aLee-G|i@gxVUPu_<yz0S|p}eb&r%8np
z?je+L?t{>|v;GEFLFu9QuF&FC$IhwN-Jv>w+w19${<OF$>p2iTvA58wWtg75%gmk;
zT=<2vZwX(S(nkcWT|hQ)k$W-V;#TATN>1d-vJ<VpqAd1p_)~eqth_NpWl3o<nZ6Iw
zPYeG5T1ch=PgUo#KF0vl+hiCr$}r@FUua9^P4~;3`D15~fswO5M%i3{eG%MhFK9W+
z{dSgHxN>Nu@U0lP6;X<*+T5)5b5J$A9p0?<3pg{vnOjc~+D53B&lD>T&2$XrnLXAN
zDI@aXy#`tl!rKeJ&TYn-L`y5@xpf8>?zu})7+w0>M#_2|DWI~rr0_J;az2Pip6E}M
zYW|FlTEA3EXiDKm_BO?MO^-yiB-U}JSjwq{ATwqEn(6IiRxCVRS-^9P=*sknrj*i@
z@E#a}DZ7vD82I|tXa5li488g0n`a+|JxIzp1oe9t_717uMU_-#QKxecit0R!KkgOC
zVSQyJHQcl2sL>uX60?vwF?HhF!NK>OfI$-`SjeP~C}y&2Qax)9t1NxiYwMJZ1?G`X
zEyiydxNPS&X7CbQA)Q)-mjjj*Qed^OM2?4fNfxuIrGL$)7yUUK)?pUwu#;E6bc;Qk
z{=H56dDO}J1R~d$pyr2b-|1U4?BjkR9f2N6<+6ceGCh|ajlaF}x9_r}@jRPU<mADj
zV?5W<BfqeA2H&xf1JTVOE9uOQ9E<bOYW%m#a~!bBx(eBEWcE5vUujni)jU}WxVo0X
zRj1dvVk<QC?hpBgR02Dx5mtX+pv93uJ{)nKQ{xF-*a)ki5G0U5ew4Z09#7zljj;NO
zK>`WnUJD6)BonK`ADKWLR)2qxKs><t9*diR9nD0ckLDd#O1ppnC1Lf6AkhT!Q%p1g
z`yvy-E<Bp(S&gvzsX?L%<TsgU0`@8s_)R>~`x{|(CrC7bJm;s43E&B^Q=D`*R?@CU
zSlta0O(5^UL=&(zgxUC`2f)&%A8dr_9#f8K6Ud)zM0S98igRN;(T9kafW6iP*7tBD
z-UUo=2Lwb4c|7qFu*;jkzS;zK8`FC-o?iZEjj(N-z}7T@{etP8jetn`zCgSL?6D@W
ze>8!CQsA8Ykyv{B!kdJh*#vfN6WBMH-gn~ZL8_31)&Ce+^-3VWm&nh?6BuiR)&CGA
zkU;LLB7y9qu^LS=fjF%Ge2_pqz}Xsc<-w*%6YtUlwx$W}c)}*}CldF{Ca^o2z#b>;
zFY&m=#~NYto4|Mx&{=|jNWS~AAri2C7&ieswh3%q6WE1KVB0mx<CBeeb-Zzu*4t-^
z%<mxbL--RZ_zO*7ZU5bfH@^w&I2I_8-VTj;^{cpf5+aj8UPI({_!BA6<xOC>H-UYx
z3G7@JD3RVT8}aH_2L(zXzfR=7pT`QcJ-kWSAx&WKZvy)i3zSIjyhgnGCxZedkUvA@
zyYMH{LXS6rz19TQ@r%Z|Ut@t1>21}BSHC7GPy%^(BEK7dA_dye1V$?Y&b#8P+Ev6$
zz;0~<dx?ci;C-(N-lI+Mo^8adXM+h5Pqh9*K$hYGPU>-#V12ywbDF@GH-W8b0&A}|
zrZ?G$S8okUn#lZGB3~0P&{vzl9&Q5rOB2`_3zSH&`-uivy)7tE0(pBPe=}a71Dn7;
z&;+)r32Z+WD3RW+jd=C;pg;-ahlu>Ec!B=V1eSfW5pSy|u#;J!M0$HQ;?+BX0ws{&
zPvj5dPh_Ut-URkoBdq>nFfbDd(4vOJ`{a>CX<Z`;+sx9(@#=2|SEAzqV%0-L9g##|
zXQ^oWBLaJliN;}d122**Z4U#u<&lk!Ze>LEM_}BJ=<XzhafhKBju6HTg6<(g82NkM
z0)#NK=gPr{Fml|=fQK+L$I3s4F!H;~{)RB}u}K(t(IkvKW)eo8FbN~CmxPf8Q;sam
zmt2)HSs{#!lJZR<jO)2B?;(toODS9kBk@pL62drtbvlPIP9dF9A&jF~2XzSJc+ue#
z!r0x~`-E{1Y>Le>Ip4&|LjP?P)pNriyn(@8NE4f$92!wgr?EOAahslhrxZlwGwZO;
z_Vb9|SK=#PcxR&_k5Lm3smoSK@2(WZ5V7?SCYW)yEcAst1A%ZyV4-kFQS09<ai^~`
zBC%{QGNPl9j0DN!mxcPt*re%0m_-#>i8!hi3I_5}bdUUXm*8A0I30dnswQ>Y1NuMv
zGu^~pp0}<WZAqxYLaRF;$^l*O^Sx3z5g*7Ic+uqny88!(a~f)dqDv#7K3q2Y9zL}U
ze7Nk_J-ECe=A|QBZV$dGf-k#f4^Hh0KONZ&d+;ws;Ieo1;NOnGWw+wN7ewH)3Gv{x
zQR=5JdkYUvgQY%P_6P#+ls6zmmB)HW8$<TJ$w2pE4U~=Tbb+!<jRr~^crj%g8V!_&
z@B(H37!8!x@B(Fn7!8yr@d9Pb;sxR<Up!{OdLFB#C3(<(?Q|tjI?D?b);k(gO6vu#
z1K%5qDW&xSg(Z!~l+t>E!X8EgrL<n4@QGgF>B-WPaQS&kV6?Qt{zPL&ODn8MG%#9P
zVGE*x(bCEi9Sw|@R+idmpo}fADuYvDX)j?_qNQD)42+ic&}3k=wCj?A(b8U?42+gm
z)^M-1pJ9P$G}!&Pjs#hYy}%2Tfwu?Amcr@K<9<`4KA8+PF~Wk->@WRh@Zz$Kg3y%+
zRZ;l|0%|I-GL{GxmBS##KExUYxo*u>mh6^OKQRt#%i`>FC0we3lg{R|B5%)YTon{Z
zwc4cQIBa;8rFITMk_~rM*LsUVgK7w9ZOWLB6Osc!YgJ0S4OW~7{~WiBPcKvg-l))F
z4`C@=SSOyCn^c~MW(1T$k^tI~Y#KlVkxc_==}`k{6Ecz%O*}RYpl!#d0lfRJ0lXa_
zCgmK9#*rKIAxx|uD)Q+FjRepHp$1&&2LvmXi9??e-p7URk%32m{4)}1m5BC@zMW}=
z?djRoW;?d!ch4a<^ylQwhc0~i-UDwx^PLB-toz_sJ=FaH^(xX+>)k9&W598$yR$mp
z=f0|rquh_fss)1HsqarMQs16xp~Um8kXIaB&sP%*(57e)wdVM$#;R>NfUasbfJ$8O
z^$zZUapfKQ4)I#4tzJ`(C>+7&QI^d^n@2f1#O6_+t`kk`S*VlX>}FeXIw||zSpGL`
z2RHc%zFW%{fW>gwNhVY*Ko_Rkiq02Ms;s*^62YVQz|peETeWRG<2%NS@I@pjN6K>4
z)^iy26*Q%rsX%iM3*kd<A!;v9`FvhxN2GfY`%+`vif|m>@nCS%Pti}bCf1wHL48Qh
z1RrFAmmt9{zA>?7PiHYeH1cf-rS+%T%yF$b$@<#wVU7?>W-O;ESVo(lgbTt?)<~ls
z$MmF)QpP#>9?bbV50nFs;Y!-?0|JiSPR!b)C~#|ab<REv^K=5|cxGEhEN16Lr^EU@
zdcgiG=kU}39=?4ZEeq-)O<QhJZ;N_!HjFSAM(>#F%B>qlBlE#}Jba(ghwrr?EEL8V
zG5S^;9qb2jA7pggg$6V6px6HIH#o3`r{jwy?~u7N4^>0cnxJo+aN}8;7O&r+X>$Ng
z5TvcDI7@#m=V=@tqe$Zrq~UD!E8~=u=<b;olXGvJfp+~q{>XUQ1;Ne6%fNu%ALrY{
z`ywr<aboTcAOVZq=Wr!u|BAL$BExSO1RR!Go)!};bAf698qVTWxz$;RTyk>soYNMQ
za{6O)eB3C{L!0=0$QOroteM6F<c-}zDP{8bIkoQFs4`D<asDj*nbBUQnp-dien-!7
zs4lvF!}gp&)-wQMHZA82!tSCW#61t?)!-A&NydRv{40pm<?fEzuEPM+G8%-=4}+X|
z5T4iGBMdyw4}=;~drLF~bAQ7)3q{?ai!mw=WnJwj(Qp%&V?@d<C|FP$s=9whvlKNY
zuxdu3oT+Y$F(#w;FQAj<Y_?|;hw*R)ig0@(`z`iMh=XUFbIupg1JGWV(ThkjUcWun
zUCQWy&EpZFEOg+Z{#bazoMb!M=c7ql+?km8u#d+>{z;b9y$KVjwW}><Poa=Gp*-cn
zu>CvuN`*=ZwzF*vZx3Qs(FgYLSsffkoA%9cxj(_gYn!T+i_TLlRZ#{;si=j^ST6D{
zr@P86>DtNZ&9xK5+Lv1^WjvE!YW3@h=k%@?gZHX^b$rdQbEysb5O{D8rh=9|i0Rwz
z3_pde+BJ`IhjTE!9bS91O8v?$Ip{n=EAdFw(5;{p7=$xcVE`J-jot(GeQVR$+Sv8|
zMmM2`alNtYZ;cAaF5hR^{-7D&+=lzzGdjM3u?od9DvxzpOPSsUDQwd=AZtC>Mi_>}
z8_>?6e%WGT97Bw+M=@G7px>HcxT9m4SZ@+bx67#wJ8%%8MAS#9;(M6PR}TA>dn7t9
zvg0&ypUA}#V#Zp96g4I&FH^8jM%87^DT&1rAYhx|A#@uT1%aH>06CQq>X6}zOqf{8
zb2C)(^ZYVl2h`)w^)ZxtO=Pa$8=32p>7TZu`SQRi+Eqb`7--AX|9&KY&&djSPL@0+
z^><H#)7_TMiZwNDoP_+>vfaWKNLlZ}Do_|!H9zaUAbrJ@eK}y(@%RH}+CXbc0^7{2
zXiw$kZ(4Eyw*l2xr{!skxE3Aj-ns#9!KZ--AFShOMX>U(WRGI_xM{SzwHHfCpBeas
z57-lBK3w`*83wz+@bgfy4NPEatl-?b(l{k!?}VWs%Ygd=T<ePh&L+VlGiD<}BV&~N
zj2^yWA@0RS&)#rzUBOuQ_zos-Ux18cwUotV391-bO#Hf)%ZBhCr<s#sq{kVP!^LMn
zFa*QUClG3_fI^x-rguTUcux{MM~L(!kbK7D#~3RK#^Z7XyQiVuVvI*Dn<-{<4yXoM
zkp0-iSD4lz_)=xa%j!bl*!T0#1yqCM)?no1=2+hc779#$_jHu^2$a|7J*3o<)DM6J
z2IO#`0l~|1|1$&9kzhbPj^o~d<7g?hfPl9I9EbMfBBO6lpKi@HR=qpqF?L4zl*b6F
zYaN7&|8Kbsj)`%kMP4Ip6eGrVFx|IeJ9L~Bje)I|=YaN3&|JKOM;_!j<e@x>l(*=d
zfU)N8hLqPsp&Ca=Nxmc;CS)ftgCoqzfk6Ksm=i5im$CA|fH#p8g*Q3KoZJbcKh@>#
z6)y5VFdYTTSRk*y4SDtclsk?wy<un0%(jB_J=7tiwtYCx{rS?-q3uBCfT-LdY*<AH
z$5zJpHfH6K99scfP|yM?TaX4@kk&EvGTDNbjK5rBeC!=%3o^<UWV~fC9kK;!Wec)=
zW)RGT#}=?K8IKoWdEB3KEO(I`SiS&-GAD_FrRkNhb5b&6glTMTPuEJho-~-F^RVU#
z16j=hATAKeg7cndKqL!FBnw)st}^ri+3e+Fj;~l2JsvY>KjSkK<s2fnDmT%pky|x#
zDqQ!<`Ig!lEt_i-VY8LnD&=<Y6K#G2wUpYY;V0U`PvEK47LT9kP=3N=Aj+M}Pjq?>
znJ?u^ZPHHechN#^czzQg_ddGu2;=$qx_e*@qCaQ69UX62M(-+rp7t8Mt_}H%>VrOi
z@jGKd+YFD_SUqF=^**lw_eIKUjG0~dXC1+m$H;edSx3{&`NKJS6vj-P0Wnh6slb5R
zn`pQ*W^rofLgzE+2Hi9$qmuR3sScxifiaWo!rmSe&3T|K2@G-hZ1yeyhD+CREJLt#
ziBI>iw0|b^!i%SC*Tra^4NPIGx8OXFf<)G?jGF~(xt{HYy^ps}^^*SrS!W!36Jpyh
zV-1vLh3mRW-9_VQ(kDgP3=~f()czdY^_3K0kRhop&e+#80kS&EQXT=X@Pfsu{#K{w
z*NJ_M;*a?4GvAoADxeoqp5$KU-RuKzFY`czzaer)%jfT9G(L(&+Q53e58q=DKRr4#
z<$eSO>vBKL;=P9roR+OoZB=?gw@CIvK!po|8L>8JACw%=e*(5%>YH`9AZn|olZ&L|
ztOKSJR&C=2M*C8wM_40mW<^;THYf5=WnufF^y=ClF87`kR3Z<6tIhz28jE_amqPC;
zjGB!}81)METrb3<{$UbE^+7%B3-PFCn1oRyP|yEDJZcUmVN~+dGr<s#%7952_4f3f
zFvO#NUlK-DJUu%M@u;$wgi&uw&+tOL_cnon@9@t5LOd#R>6u^%qZ*Z-|AjEBTP0!C
z3eq#d5RckONf?!NR1+t}qrQwP!-Oy@Rp@zQ2%|zq64s8xU_E0D@x}-fm4OhpA7OH8
zAHq&1Ob*UN*k;1yh&qJ*R~*LSD8o!tX~mR(U10wodv5|K*HPS$kKR4kYDc4eZx3ll
zK30r(X0_5R24N1FGl?M(h~c*@$CfNF1_`7gD|0Fm3P~WBoj6&UAe=RbBS69(AQuTa
zfN(p8a0Wv#r@0|_{y+2keyh6Qdow#L+5Q`24t?yM_o}bzs_N?Qs_K4>S6!lT<zNg!
zU7{f6V2mJLqR`}E3;<oCfaG9|-&~?F<X{ZHTq5IhFvi6#k;yq2gYA~c&>W26Z%bre
z4mOLpfh9682V<br5*d|)F;;1bjLN|n(6U5E<zNgQSsDVtaxk)DX<ILhtXO(<FN~~M
zI@AjzE0(TFVWI#ekmjGD501&JM5|=4!uae}c%HoqyR%nzzni^Eh*<V20a|>WerxJI
zruNaR0C78pzWB78@etm$Bm3g%>qH*XTojI+!x@3*vfzK7pzm})f(F{5bNG4K3QRlM
z;$r$CQoneh5C09Z$To71MU~v8^0#{(6}D_SVeJyg3jyKw<5^U#S*gdd6s)!U?GCcm
zN<xpdRv<ZREo}jrtyWU+tgTiGTU+gO4W`DZ_VdK_(RT7b{9^RysK7X9U4&WU3eLSv
zu|>$Pxg=*6g1)VD*=(H;pR^Uwa>!kCkL55o_iw+C&b2TjNPCPYI2Y|L=H}QNb8{>+
z1(H=Q2jBofYBT`lAB=usrF}8`^Bnss1~BjNZD9D}w-Pf+20QuN{WCz+HjYh;K>i#M
zZd(2#_l_0uD>$p-;2&ZevV6IPO2+udvw76d-|j!5He;cnZO19x2mQkVeXM09{U)Si
z%l0h%$SD_jO6FkUdp1DLKV|V3kX?s=pMPz&9|l~}zRpzi5kT5;?nROhzlx%~k(O0y
z?w^s1vU)8m!!Ieu7>l5AYk+UT1Fyz~S7T)`F%?f<eFV$0sT&WDV`;Dx9mf|cCJbzM
z1{<}odu6b(ag*<bV`<rO3;R$8o3OArE4#_UzMSRTY+*}TK3oT^_`NI3*C<-xr*pv4
zn92E_9I$MGZ^{8H7WlJSJB_LZ;!v_BL}SPTAD9EKw?LdGOmhxfU@Zr%S>RbY;06nP
zV-BUd1wJ#EbE5@5Ethk|0-u`$#uoTzIbdRe*XDqu7Wj!AaLfXqoNImD0&mIXoUp*l
zayd6y;M;RKH(TJtaych0@V+@<!vd>0;1&xU$pO!@z-A73wgvut4tS0QZqEVFwZOm5
z;W=f2=jC#4wZMJ3ocFT8-_8M>7WnvF@$)S3{kfde7Wj%Buw{Wb_npd8+X9_joii4A
zRSvk#0&#{qEk0|3Kb-?^x4>V>0e4v7**Rdx0zZ~RY0d(_k^|n`0$-m4o^OE<$<=uu
z3&gi)Q#|i$fpfW>J1y|#xt#a2Kz!vkEq;Lo-al9T{ucP2T+Rnr;Inc$A83K+=70~f
zz=!96yDSi2$u+GXe*%<#Ec)j7Zh8DgDAD7W;IUD=`XiXjj{gFlx6m$oHIt@p{3%=G
z@qI`+{8?D2k9YB8_3uQQ{xm@2V^Zzm7ea9#zZ8ID{1YF2M)vqjKC+cq(oQA#hO4{>
z!J+1NQSMZb%$I^g0=s7afzIdTDLHxkGFx)=<ncZBdF<rzz4p0LI(htZyo~CR(Bn^H
z0{<l4PZ6Of<8jiY?PnVQn6v|UY?MsmQ<%s<jk=b6DxZf<>OrRRPh(h94-r7p;t(yh
z{_+2VXMF2xhXC=tuP9!wCUvh>Ey4w~yt`WSVD7=~711^OJ6}7-++lG=zTsu6>AVw0
zxykutVe%48j>kyw!#8j;<o8T}3v;wjd*6uA6+fh@u7LdZ6XR0L6A}WQS>Fqm+usi8
zr>Z;g(Wf(`@aX7Oc*K2Q0t#j#$1@OQ4Hl#u0`LOo2(x1D=8yRdt1W0t;k{96zK9rd
z9pM)CI)%cMxQ-Zrqbm_KShV<Gz@p_O7cJi8_L4WcZG$(tZA)u67_qGd>TbJV>(QG_
zNm+PUIY#zXTR$Zba;|cWOslre-&|_c%fhe9F><QfI(th22$UMbWnon17+F+pm6zty
zCgZy2B+`2~?rsDUjhVTvidr(4#|>Q|*~mZKqoa(|e6wRNETJr04>yF(7vlkEl<~Ly
zF&r|LUUmjiT?8K&9(dtAUHO{xfv*EwQC}$GM!1hG3YyomYWPlNT+~USGAJaZxv2H{
zT5<HieK#yU8(peJ>U$Al*8HUV1+b#-x9(pnPBPEiSLYeCd6JrsYphHGT%S<vepCwA
zd|XZPGJS-@v=-#CebD1@e%E$#_9>*pg+vxNk|^4Wa;4@UA@LAZ1?1;|{4Dr7hr3yD
z7Xt&VM)%p4;~M;<3Y1ZmVNo$yw7goS?mMWGlBnWpKPK>E6+Kxi-V8!Mc@5d~d&JK5
zu6<JcfZs)a!(`8&FL~vbr{B|?4c+kCCyi|Tb{KSO&N1qrT+=vZT!}<W!p!TnHsB_j
zDN2VM;-`G=l{a0F0p9sa%SS?dJ^myMQ+4m!E#E_P+rEnT-w_S_Q_1{Ik8_G~5km`M
zgn=EHxW_Mjb<E(KapTrH6<RaSUX052qpz+vUve|VeJ8xO{av6P$Y7rau4D7#mmunQ
zVf@l+amE?1M#-#6jAXReJ$Mo0dJxt_82J6keY}ywsfCL0p1rtTCt0W#<Lw*dq6~kf
z1|?Gu#?g7d272MPJ+${O+@V3egX=x;giK<nm2c`aS5h8%g?+%A{|4%Zk&fpkJIYJz
zzG(G>J2Pk;Ibu~_MWy{o$8~WZkPKU)lV7+2ZQ(0^gY{87TVA>s+mh4Zy(kTC8DEh@
zXG(#vzl<^aOvv(Nu-jdzgt6hPFgj{9_AK7C2OQShxCSDdWXN()y%n?XQ`W+D6u3T#
zxc(tpe2&pzP~)5e+|jwMjz21A*xQw3oEJr2Tcu;1FLScni@zeC!?&7jjuwFVzMJZv
zuboS~RYYgfmzuX1Z$YwPWf`xldTOSC_~^5MgqL(41->QCzXAbg9-Kf)ou|@W^M6OS
zOc(jx74+@$i_>iFb<@yk^CFPaiEH*J3!V4uyc{|RXYW<R%!W?$<CHK5EEhfSSo}Vf
zbY%9D%fIFLK&3SqIl=NF4%3D5@}c?piWA_m6zyM$8e0~@z}cIl_E->iMl`{omCRR*
z7Z=-KGW9!!$Dw}yQv`T(mp-|I(6$-<MYR94KE<<DgxV3u=2wZRs|a`H#c`!)&6hJp
z=TK0iaFF<$KBEV-Wf#6Us=sops1F$SBNYTj;jXv2APVE<g-Q@FN4NR738PwUCrC=>
z%?RiG)t$n`*s2EI|HkiC+)Q&N5;jkvVN8jFJK|Ji38&{9pr;Fm1P`im+)OHYW&)YU
zOrN0^R6#a5V+e*VvvMez-f!RFiV78NZgOa+5p^V!1bU|rw|N*5rc=!uAPj<k6)F<F
zS->Si(%l8>tFU!R4a#N~nlZ!$T{UlEnRj{Ce1SkG)qFreD{aBAMOW5M58_$BR=l!a
zEFx1>EACl|+I+@;%U7;gm4>D|D@idCdej4Cf$`&$q!ngvx}D^u`3hy5tbO2am-{T7
zBV6{5%>A@&yzV$n7VZ8K{>a*`)sFd5*o}r%;d1j;NSZIn{A2mv`Bz7CYlY$;xe#r1
z$&(UfcX7+(@ox_<vDh+)e|v(_MSZ|JdTM-ee#?6N+k@xHMM4_G{Auh0MCy8s!PkZ2
z?jZ8bbC+jAH<=$^*ZNvx3xMuIvaq`ZFmBdp{;?qF#Iu{jsVD9U=VIiX8eYe;0Te;0
z<s)PJ)?oUB&Jil5k-2j)eTn33G=$KOHD8UIsQF~|DtReyZsEbe=V{uv#^@qq8On{(
zW88g&*UnGl<4Fn{&OnodlqOSvJOtNHKf$!O17n7)NN_hyOrBlEtxod|Xn*=ITE2s>
z795POZ57v9Zhs3s00i0x5a0Izp|i93dS<77W<>BW0zZ^MmIcRK0Oi|Tp)e3aID%n~
z`G2^uT=uyh7<QH`VYDp@qx(uK+v)s^x$oF7JREiLpJJ-w-#I`3wtY(9+7qTXO1;?V
z3u3h!y<*F#hx-FuC|g(pe(6Slio<ug5rC}e+J<wq?}gkOxS=O~!!G4PM^H4uJ6Tir
zlEBp`tOPKy>OowO;6<-_Smxorlx?+O;tH!<Fw)|r7Bse8%6Vf2vw!mzR#L1X?|i-7
zY9=y>r{ZL#9-{eh0T*&rR52Aj1P8{oO7j?WQVp6+$2*GpouR<3!M`mi#+_d<Z?~fE
ztr)4Iwzjq^Sc^<i#m_m#Y4-G+jV*W!D7bi4q2>Hh^R|!i?=155^!(RBJhq2kVqr5E
z^A@n>WD$iK=XW0hWwAawi)(3t&X<5dt(+`?6i_$v+L~etI{rmTs|6;}K(Ko#p$=v#
zEw{gmR|G7Ju8Q!wb3G<AB~dk+*<8$4o7zP;kp9SZo<-Hm+y@?}9LngL!RNuVb%BD6
zigvqy0*u<*o#spN>vs89u1-o8x?je#QM)Q%+rm)hC^(%}(z1yH!-(Tp+uQ8~Mg-r8
zDpWrbFUTM8x@s_9qhe$*^~{U}#s&~1Y75wT3PlaJkLke^XV-{zDEL;Ku!(asK{dcA
zAVvoBC=$$D>mt|?6lN6nsn#R=JA=6n`xlvqn(P7MSg^;<^$$x9QTl0Jm^=-D{nWd@
zpU!?7e>;_mjU8q^fz&pK)kgCzXh1GGr+#}FI?4UJHojF6gO(LspmU&tF?2^29xN+7
zSSDQd^|nCg(+TvE#z#FPqc_$;Bo(+vB%sNK-_s8F2PIJO?~oXl%AqEILv`9k1}9rL
zSR~v1_O#vqFJEq9`;#4Z!m`<u1xaRu(1JL|c%@mx^y)XP8Muius9_2j(F$_H{xx7{
zgekY<vdbcwA8?<NnO~)YAd5xAV2EjG*{&%%PB<Mtk!K&`=3kO5)RA6+@oB=lcss8h
z6N=#usP2Cu%S<JZ^|E?#6lIOyAO~Er#&}(>Uv(Tl19f5j4<FQPi2Q=F;WTf9GUM$2
z7)MP!%gs+Cy<&_)vS~aI+rVW82K$%ddMhd47@mc&^Geg2FY}ePIdCO%qi#$)uay}I
z2g`zKm|ncNDUZN|eLDwA{8=eJC0vCydI@%<e*3~;O92bM*$Mo@JTg0sU*yG>ywi#r
z!!2*JwQjr~x{bxzaxDy{1CW`p(OD=%zt5MQO4PWm`=4mG8Wm+I);-}}V@qVDcem{4
zqwZ&rNjfIWTP&PJ;iwgh#to6a_E%~cvz&*q=7t{iyBsJpAI4*#kN=2AFN&M*XLYcI
zAPeJHX6}c12$5A#s8jV)aSn{B6@_W5^R^`s6|!La{UNsD<@kY5rMgxA{S4^#T-wug
zM7Z&RK>~GP<j|gS0MQRs+Je!AWx{Y<*WNy1y8tI{q*L3uCxFw{yuw()-3iAmPZo*%
zNt+2ab#Kg+x7#H3N~%BN*$66|tLkZyH@9%<Y04Vq8KKF4U=jSXE_Xwr`EL9Qvy_76
zrCZV#`&+`o(8$t@@cV4aQrwiGkuT+%Ii%z?{|0q8--SPAeBF4q8YTz0zTB4_SlCkz
z<$k^j5_aq|=u{gQ);&lN4Na~U6=5Iv%k5Aur2_fi$1O_G`G86dC=w|}Dv`zWT;NHa
z%C*<{o@5^uxT8+68_U*Jzp{p7Y}irFe_($6fGKgn7Fqkj=#QU6`R9NxLeP@TUKky2
zwJ7|IcXZIZH=`ritFQwns~8Mn$)>{og`G-#Qo1P}F1J4D1&@soR~KWuDziNB^b4F2
zDJR|lInkk~Vr^%772zH=Yd2~-RmQh@Q`o}EL^-_9@tT|tN@iy!Lu*<M1^Snp=H+D1
zOgX@TmG?3$<`CCQWI&eMQQ&p|o>0}R0c}wQEFyugT8m3UAWT~mYUnHL`zC$!x^F^Z
zd_qD+305?(h;4SwJ4R<hae4c<lOmUsT)D~0fs3=)IpuUehH_pQHQ$HddYB;0@+{b!
z@JWZ-P_l3mA*B>8o8c6I5?+br<R^4GEjB;El2Al3c89g17(e!KaW;7cmUN|L4j+Qx
zjj>$e;bLK~-L5!UuOv7i@_%yK%d*#~m9CwyuaE1)tpv9u_uy8k4Wn&bZCqR5xdm6w
zYDGQhp&4xzQJoOqdUbiKUL2WwQCzPLs;`DDxD&ZnW_?!vUjRAzC5}@WlO?4mwrjJn
zKEUXg?6}-6FDg!iW#7M|_r73(MX0<1Jm38sz+eW6XI~+~Fz#|tVw0rOJ-gBIL?aCs
zV1;mPqH8qy*G0z#g$c|tNAt4K*b?k6dxGKUd?<HyRuF^0HvRT`CzPqf6MZm@iPTyx
zRNqntu%gH0rF({9EaQhUM`8yiCXL##m@jQNlkG)U_SvI5HW}%vVactl_?pO9Em+?E
z4enVeVVK_}vOq+l=AXh*if`c%8)U<)6;+yxQS&3fHK}iC&0t#E!2cm^lJ69<;q_!L
z?}w2W8Rl^l?}l2~`G8`E&45TAZUKkn!CY=6526Oi!==QOydq+OtB|}ZJ~R>mbcHrj
zA4=-$A%0nzs)}C);#ZIB8zC-UZKwy^+D2f2>w0T-hzk-;eQ6%SQkyQ-)>Hh}L;T7j
zej|hG8$p(l+DNV1xy8pfRcvd`o6z0XRMb8@t_{Unee-pI#hu|CMD}e7#$(RD^j663
zG0JYd4F3u33uQ6cP3#Nj6L<cSQ56KJiN;yjHF~gOk!2;=4ii_HhmC27y=iL~WFnZY
zV&%RMTwR3Cx^*^|7Nb!S9RnB}wGX2D6_ljq2=*d$2Ik9s*wf+(lT2ev=P$W0o2o~^
zVQxcz$yUj!Mav}`{BMeiBP-GLWdJ2t3>U;;;v{?8-*()|eYnzC)?)8O-=539iS-d%
zxMZQS^EiNRw0x*qoZ9V#FhQ1_FxbC>&GTXjgA;Y%y9kfU@}b?>lsK|rSw4iNM$JE%
z?1RBF%MRB~1I8R+k5ZUXX5XFWH@S4V(}~ams^7m7M)PH~fzAE{pN%Du8!sP%Nhpto
zDKYGX#_%Zx=Px#PPrvXqpnsg>`kMWvAfbjq@6fe{GW?DUQzcmzRpJBHsC_@_F*?*L
zM(hz6OlYg-&CBEbJPtJBrMQ2k2<+$=HT}Rs7i-SA14jlDgLwPP9n6RNO>4wkW35JG
zGD79#*R0p<HULxB6A^RXd?$E4RTi@|4}@}U{5;_P%fKCY0r!P+>r#iig-Yb@20L6n
zAKD!qGP1A;VH<^+vDJh{)UEkQgZqg#W9}aPWWMI@hl>NKgZe&jhmMM8KkUSWYY%2`
zh@IFqBcUYEG6n>npztQlm(K$}P-DPnZX-U89WQ(FvL7$=N_YzEG^x5=R@|z^5K;kF
z9~=V4Y!AmTh%;tJ*jx^#n9~%q2sDX**m_vegH;o`u*SwHu=yhj6$?p!!qKchHJZZb
zZ6z2ds09|D*|#}RF{aP^E3CY@^KU^@Sk&t!w^m#}M4d()VccQuC13;tilWOC4hG%z
z_*TGrqKiZ{RjWvQ>jmj5>m6?WY_06ohKXwh<@AZgq+XVFIJXKns(1wURbaNdHsnHe
zwc&X7b+syaTSX^q*8R}7NX8N%e!zV(Ae=Z_8S-ahaLUhd&2I|VoWzX-u~HfSd6?sV
zB^?WMb#Slh#>FYJ(6CP#R}QC?Z@#ikn0h9*JtA~dwiyNrn@QM6bpZvjk8#ils~Pu}
z0gM}m@CoB;C1M4}8LWhBU?8|r7bXw2T3EY)9YbJ;!{wBay@E%Oy#lgpUar1)j-^)I
z{vnkHuooR)&$1AX-QYu|wx0M83j?v-vo#fSHPu8AYQrK9%As28F}12&tFe*|tWKWl
zsIJcHHV8SK8dgWP!dkw<4OEo1x~Z@RG_iz=XaA&Dp+r<b9ovh%MBIFvkqA#D!plj7
zw@M<YpLoXfS0NA1A@>mW9tV9acn(z}42Wt_M2}&2-?B(uho|U1UJ$`_d{AV`Exa9N
ze~r4ynS%|7t4QcInmBajz9(JCt2qxQjl3nVNe{ktplr_>@tR`%+X`<}-tNcT6|<h(
z9;)GNI!ZUbb{VBpZ^;;e6xzHIWns3;P`f<2+!}4r2hst@S__NWp4$3~6qk+ggXC}#
z%+r=J8LJ+TmtpFkp+v&ZO3z@~?7W*FV*5!L>ly+PuWARvJS0y~H08|_L-hXRfe-gl
zrpMTCH@=iQQDx_;J9hZQ=_-Xq=+Dqd-2GqtEy27jP+9YWgNtGUip2!f{yZ;-klboE
z)&Bnq+Iv2E8E+rKo#y4GOVZ|K2V_vCbI?(uY;zA-1JZ%rl}PSKKL98Ab9)O$`(>3p
zts76L>?V7Xxd>)GuGwMhxng*oi?3@;$$Po=SsI8Mi|*l<AX(&0?{0VjaElMnI%VvP
zm=mx?-?A^->mInY&;Ru4U_Xk2jy}%<7k-^(ZIBVB{#hSNB<EYe+zNMt_!gYdO??Y=
zBPMvKZ=sq5j=B~wl@-;ISLEar@2F#*Ro4Lw<TW1_^42EQh=m_?v@ZQ&xW_gSMtE@-
zz(52i0kj~N*7SzNokyEDQQ5{fz||ayt-b-giEjX}#y3DbwvXVC?3i+R@3;(T!1;lx
zmTm#88Q~T%S`%&oECQG`I$IM2#4W%zT+|vT0DTc}0D3~0S#e4&u=!tz2`8F?|5@;n
zUBB#|{K5x7@86*OsBE9cwr@7t$=og-o$)f(O*=YaGG_-}sCLJwZEWJ!5fiPL5u}b>
z6XBJ2EX5>-F)77;>V^jRQVX&1-00_g1lB8XGt+gr_2>q_um^p^T@*DpjX-f5TM+Bk
z*m8+gG%$gP_0$Y}ZAAZ)bD^1pgNc2JxWJuFSelr{>WD;K?70{VKE{pTA8n}~GWH0U
zF)<8Ege6zQ++e(8T8v8F1raI5+UggPd)}GSUk_=cib-og@eoTr3T0mn96Lebk5R{O
zvELJmCGK0e%c+DjaTKVQts)9Ywz4~^J+Q@SY=PAK*cNe_zh{xgkM<~Xo1JkLdsA-M
zu<l#I`Z}!z`%2jjwXjveY)A*U$rpy)F42n0`u471qY2kHs(>8?LfiQua?(7oEcsT9
zpXqF1^V`51=pt4VqF;7`FxltsT|u_R;dRi^Q>A$Ji>{f+h<&DO+a^xonsoY-h=_O=
zmV+lY>3%Z0P>JZu*w^hL$S5B4Z4Jyn)ba6l19ImXUBE;QfmBcPHmCu4a_7aVEcVi%
zunc@oU@r0|79E6lk@B)FsRYip^8;t08exMnjO_{jD=sW!L67kZeGtrk6<x#XzYLWW
zuh<2?GyAQu{RrVrfL$E!%fZ0j>Vl38G{7%R=Oiy(fh2cIW+(sz^=<!Wxbgy_@ZyTt
z__hPTX8}L%No28DZq?<t;)2eL5NOm9!S)O?JKMkDI`C2_QZ^{S=Tx|wGL<JP=XOSy
zyavCWaYH&Q_A+tkRHZpwMEcB6Twy0!cjAf)r4vzN^>k#wB`b2>y0ozc>KYC=9ZtzY
z1OkytLF<7~cM7lhh^MLh%e37sf^KnV0%>M|+APbui{E=OY%=0>jc5P5ci2F;km+Kt
zWvtCL>?df1y;2z_L!pOkBYoMj%Hu-uz&yw%u{^u3*k293?H?_+$27AI<Pq*(T=Pb@
zeMx23qy4||JFH*zEoTaSg8S^_nT%@kwlt1M%<=;iC)|Km%fz#R3)67R!(43^T*2;8
z=%+rDX3pgWJ>eB%;Ifx%r<_)e;p&tHC*p$R<~NBEKNBMlEQ2_w!tZj7D%Qj93@+<o
zeBtylMt4uU9ENrXsh^5NNS-8?O)_J2DPPNov$3ng9ZM}7J|bMnj6EepeF|pno36J{
zlZ)9iR&BYLQM`o7cCc2I>~a;MM^e0a)Ahy4#j09f&;M!)-1#zepJ8E-$v1i>6qVnG
zO_rva5TQ+wI>jPP8w+z-gn2ANgpmjqueDe}mHO>5mAqEX)D$peGnf=TD^|JlznDwG
zEK|`}NxPo+sUhb1+hm2V`QC)R;I)(?1T(v%+a}z}ZAlB7zO-%FMKE)D>7`uCNr<lE
zF%v9(1t2SG!P0m6hNabzrU%P2>w7)EUos;Miy4#q@U56`jQ?q5t{66Ex?crkE0CxH
ziAf-F>CO>g20ZRR3n>9A_rDn=-boi=P%&%jXnC~x5(HXxzrn(-xDVXe()<oOO2Zh$
zLS>}$shw{}eO##Ss_KHCT2susbzd$ffmS#VYaRVUV{y-<Hu3Ll0;7M@cn~ogO+sDp
zXZt_F93)5UO<q9<zB>oFK~03MO<YukdOz7A$TwI(%rXnbXLjBTSi!V!x&U)sV>sWp
zWL3hXR$<J3wtFAnNivy^VeKg$gLi9;7g^Ea<u+fMQf%j&koPQ*g8!cD9=HV7kOTE{
zg3mDGi;DPC5q8%VOtjcU*GfCSj!UWj9W~UeN~R$gn2Pusop_AaWBa^5Ihk)lDYia7
z$u%(YsmJvFgAl0=Sy~N~Rzvt^qTJ<1S|PwjXqDPSJ`;AgfEgmcPT?GMLE;i5G8-|1
zPGh?YlL(>L`6iZt!Vs>l^xihyX;gEto!wt@_Lp(OFBz2;(Nr9)OeLXRV216p6T9lP
zz>0>Cg;63?cr>l6viCaif!VFjS-^$=j?Yz{E1UlYT1lMUwDUxLQJpM7=F`tZk<LcP
z9vGP|%9Hbvlh|6Zqzw_BaYm+{ktW^OVoQ8H>i<2_nJUoO4ViH#R!nzK1*;vA2Aygu
zA(pA-sQp!3Dl&;U(Mi0h^}hX0-ZKIa-0Trdz~7bo=eQ5P1Z@aSxd;5ubSr0c@$9e$
z1iBJ;z)zQ9C7fFXGa64Zu!AmH2o{!+iBVQpBzy3|GxcHDAoE#_CSy_iXR^B_LbGEH
z42;lB?(PUptb*=vgeK_E`H?ZzcLRN9i%Rx**6g+7JjFal@88`-yZlZOjk5dGpdJ5-
z{o?*#PR%8*gaWkFH4^vi)^st;$b;KB!Zdov6>CNFzwMYieVt+s(Phe+>wG2a{EvR*
zZg1)TVQIB#aF4i`dQ8T8ZqXG?(O-iF@q%4Ba$$`B_8~Z38Vbw~8Zzc)@!$x>`$dxL
zThOh~!B_2umyY0d=>%clCX9C&y)4b)T{APh^fu-YnB+iEPxBkRNi&QLo^AnA@rB=~
zzFPViGB-V>@VcGt*W0GN1WkRF6}exrO{qh8bS`K<5?3=#<4cPFg`Urpj~&5+uK6f|
zm7HVG!J7smIFcgIm9YCC$c#IM%uJ1=9y^DCg=C5Ffm__Z$X#jBeJk?OL!cGO{Ir8{
zk<tK{073UX%z_<|W?`to1%Cy~*Kqxkyu2PSF($aE4$oe>bsyv;j#)v?*Y=Zov9&p0
z&&+xjg0CKNrnPdh^UhjvX0a#3lw|0yFvDa9-dogA%II*0E;WCal(W_!Z`Z9b6f1@C
z6~&Z2PSaQR$$WVV9bE3`-|*5Hc%@8K**Fao8LDO&$eH1e@U3-jFVg}nv>2-z06|`N
zns%l0F@!}4zE1(ZC;ISRx-YO*(aQ;qE=W4VOOIq<m__B>3Lo*#Wyg&Ilq-ZMXgDX1
zEx3Zn^lv)t4NmtfNK86KQ+l?t^ed>*)hf+e<q254(hs=h`CA@Ug|APKW=d?MEFa6^
z=%wwMaO~1{Gn}}zeNMRf()MK7C|}wh4I9-<+Z)10?b0@8^!lakAZ#R;&H%?PU%&B~
zJFv0_ilbmd3QkGE^Q2%)3pOtQz&V2p&Pu`arQrRg-~*-LL$%<`t_{G(0q8e=N{al9
z6nTsk`FSn!zP-Es!9^CN$mLSxiBjZATIBNY{&#V3k*7$JgHq%drO0!&$fa+(S3I!D
zmS2HbT-u%pxBP}YYzVh75c$$}G28+xOF@f2^Xt#pI=J`?ZSg;}#kt{=;(wGD|HH!{
z+BLZNYi;p2+v0Dr#s4NP{-W{bp25Zc))uE@o_*i)Zd?4rwm5_H?b_`+$p4UsD_f|&
zN<mIz6cM>bz14=`#O0*Y!j7N%%4RjGUQ%u)xpIs~#73hM`JE4mjS}B?g)G02<4nHH
zfeqtX5BN>s5|{OOSw(-U4&xw;7_NxED&xoTiaqa9GXk_Ie=p}wYy>gzJjJ!Rhi?hu
zKsj|Kd-vAm3_#6mR!{&j9Nr<>jd<bV$5E?=<L>Sq*Dk${!&t8ramVIIFY#n9n(F>M
z^3?sQ?#1}U*Q+1T*8oSz5ICAF)WS=k;}JIFK%*w}%@SG=q9IL|0y0GTLeC16jsWX9
z#fw9yZ$gq%n)VfwrHm{17@#kXjVzV^W7(OxJ09NCkY-`r(wa36u1-UQs-n6tcs>}B
z>q@P9?3e6JDLoOEi(d$pRg4xQ)^&q#Rp&j#^VEhilw`itSCOGMHflaPLMh9E5oH78
zu5v}`NygU#FsN3X@04>qs#Qk0yR6zXyVaea$CLy)_9WKy4<KK0X&fe8jq1f6>SGR;
zH{j92wQx;NM);O4Y?X*Vfoz7ITLPS(K`;U?L;OcvgNVa0-S^;kD~5*Dc>#X$xmhc-
z9s;{UF(DyJ2e-2a3uVWRLJ?P2#g&15MX&SuB$97On=zKgZPK<3&u4Hgjve7-!A;k@
zlXPXpJ0jV9#k04_o(<dB0xT#sXX5<z&gizHGq%llCa`hB41<kV$r-z>4Zvlb(k8Ed
z7dE|9H$KK*QGg8|#_32HL?;k<QoL*?a2k`h`8pn9@xu3l8`#v*b~F>fU+?h94k&fY
zE4NTN9Dg=gFXq$ZTrP=A@HmIOoU}Yn!I*xpqdP*x%1w>$+l!M|xEGNxqj;H{GcO5V
z9*^xOQ>Jf2k?)xV1P-D6_q2$X$H}d%JPvp9Ma$#J7t0Gj4gx<p4~8>dmv2E01uDR)
z$$gh!&I02Aeyi{;1&$lwD1a6GlboXlm;iV-{s}NqV6u2fPM95Fu(M;I8R8^uQ<1-z
zJmJYQG+y}L_YO(%#;~arIGshD2H|xU@fw8NS;US1`tdu9`0-y3N7r-C;vqQx+j9c~
zROg*!F$b}@!Z~AbMMno!1WqAA8}4fwL>!Fln%!H29wPgGp@Eh3^`skQAI78$MHw%h
zcPo}q55^x|?;v3p6UuJv+0YZfwgZNf_B-$c|5vgS<3lAU7^jOkuV{nY97h5U>q*g)
zQ;fXk7$7*zAthnLm7)?ciFLd9C1G8|0zO$dF~gWgKD58WRbul3lx*+B8a`}36^~ns
z(A$wb;)s((aE1L%zBSh*tB`WoC%_FV&&35Cro#CfxJdmCfntknME8ErgaysPmcchT
zL&jXWpZ5<ftps;Cp@3o~!tuww_&X|p$K~&&`~~s%B6ww=sHN($=VEvk<(zgg4x7z7
z4#A*;-w_q@$Y{^S0b(xL)0y|vctgE823eu)M)`vifRiLdF>tgGsV-cVZ*Q9KJUnfk
zehxONRn+34B<t8Z?Zv*tdDB-YKA>l#t*4u|;FKToa9ri*m{n{}ZhWHsb^K{g07QQ$
z(y<tLlw?3aA9U^oKKb81cgVX4pHLt2rY<6$Y=8dZ){uQCALcLSb?_H8f10I5D~FxG
z)A8ZR1<vd<jL=1lAPK`oeB++>cW~$HVY&T<gcP4l6F6f}YT^jS;gvse$ix2#Q1rv#
zpvE)Gffc9oIYhaTrVldX&-3H?6Nr(4KMqeeGp>nE08S2|3O=Urb{R9!=zQ~mz}cLm
z^2I(uy~A4o(#r6dmXd^Ag-FZSi4_$}qSgm#t(3ESTl`{!U7XdHSj>_X2Cs@YYO!Mf
z9%#$o!Ty!lKZ^+JU|lo#&FI_6=<BaR<WEZ|5z6`n&d*udHbVA8kO<x7&-{=-gxfrX
zQ~GE-WVm&siAnMb59#d>BCQ5;3>L}7+r=|pN1W%Gsc<0I(n`<BH&5;#mU_uIt+bbO
zwzAXk?!hT;BAa)puY>q^n(^Tc9v^;zzTk{+XZP_91B)E&<JKq5*gD(b?;i4e@D?M;
zX2kRX`NDF%XZ&!?lV;2h5^Iq>C)zqfP|l1H%B5S_l9dCs(N0Ebj)%myLK!|Q%ex9E
z(k!u6Z{z&th?7}$kzc5zEDrzI99hSe5P4}b@NPhX@%JC-<P^Nvf5s{B@T40U&CW35
zi^GxZ@MP!nJSa`vwq^Oxb%PVg=>_2meI3ZZp;hwWr#~U@fz$a8j{Z5Fk84?1zEi-q
zyxY~5EB8h+zh7#NyIwHACU&12k#+7kaFe-*C+dfQhZmgCJ|G${p8bZ}XuJZ?uEB4I
zZ@SQE5_fRufnI-SM{sxy&Z*}(;@g)AlfhmImbLIvxMCw&!I%&O4A$9FeCA(i5*1pW
zhhN%PT&$5fu}s4XiiUB-AM+U95*ok~oRCllq)R!yACqU}9pVixoB&Nv-~jx+Q6!A+
zgY`5fUH0JfJiF?Od>Ec38PBi=zc}PhS-qc~FR;79GwMW>{~YpcKI2(?Fv~t+%4ThW
zXSbs*e2>kv1)h!NdDf5JEogyf`Zgm!d4`EPA+K<=8KSmN<ofY#gA2dNl;&mnz^rvF
z^4MS2={wksoxmF8VVJ8{kUhr9fO&_4fv4sp2sOm|qSC4;_b9L|RXp>0Cos(U(!>YP
zq>{7v7R*axFmIEC`JVbdrS<tTcfS<8Mckl!sO%rYRxb#>;t2%I56O?rE5&SHDW;kV
z%Z#b2)5+$Qt?1XOv@YEB5qc3Sf`W^z(!x#@&gRY+%v|Ibc<#5aj31#jlw!Z4v^7)m
zGoly$!ue~J(^5JO4yxdz(lmJM7xtr$m!<du+k=O8gPNQuxZL5B#T$v34VlWNho<J1
z9e|G#&O)PEp?1XqU@WJirClq74kE8Onj|6!Axww}3WvD@mdGmtD1(0CUci&%1Nmdh
zEK1-nqKFXjC1o@cCZ7Eq0a~WN4WCg*r)h(_!L%`|ZIF-yTluWE!m%3&|I%{W7Y1W3
z`rZ@8_JAH)>^^H?&=Em_XEjZ^&AC3I>OG4?o}U(Gs4&U#DGP+)vb@z9pa}wjPLzkB
z=GSWYGqz#0$+BDznzkFJuQFu9HCz8g+B)Z$1m#7KV?B+w-N0K(+4fC*aDzOv^vApv
zTORKNf(XzP9wSuT>3orZULGUA%q5n``+$>_0TrbTd2Gt`w?Q7Ct_{m$w6Up|$E#W)
zkI@S0<>TvBg~H1@PE5J$Ky8%`l-sqq_XgpyV25(MOu0-pq+BK&`;;9$y)v?~*drS#
zcUGTl>@$pz!jKJV)XD}Mwz6gLmGal=cmZmAwEQl_NdoEK@&NY97TVvOm#smF8`(<x
zY-I~&&sil~1F^TVrG004gS(Umt*vaXfxVU|_T<$P%D;lT0wMPZeW>8%r-W3UIK-nW
zIElM3RmJqa51~3|Egsyvq7Yb;7Y`yv@?bfNw||g<TAL9b=`}CIoC1#y&q3{Lw(zpm
zx|E#G%>nkaCs0-Mu}m<u`{mW`dx8MeBQbzJ6ddOBNTk3XJl;h-&UVo_(wln}6+8+u
z?OtR)!R;?5L!$FIgO14V4&Y<v7sowu2%md`O@Ol!HruMn`C!$&OfqigU$Qykq51M$
zPiqZQ7@LXRKE6x?DEAf6{(P}@ajF<b-!b8No%gdw>JIK7Ua4~qmTuYpdI6=){^1G}
zsgM2je&H$mkd-;7cmIHbln}dtNDF_$#`o*~{3zB8c7MK*+n-|rX!qx+Dchd|ZujTs
zgPuM6bFEAI?H*!fX|JU=yy^a2DwH>+3F}Pv=l9WC?fzWql>Ip>G<y%$Ci`<%WcGNh
zL-yweE7J6VpwFG@pYHDrBB+CPabC%2-3YiXrwwF*MiAh!ib=V16x^R@W!r)B1?6Rf
zz5p_De~wB9GVDfS7;)hKJl7w{)<BMN_bVi}3lY-B*i?FW#{Ie0r#v$i4&+)|=^6Q^
z`*W$+?9W$m&Q^9B-f@3^XZt#cfBoZ&Y!m)Lgw`5g+@EKBJDaM6j52JKMcu05^+_3<
zp6nSFe-x0xkjc8)pZD;Bb84O!tHw{ZKTieI?$1+Nvrslhbbp>34^wFyYLDxa9ynCE
zM^CF4x#xQ9k2r4_+bTDfV;~&9UOW^9*!hJEqx+iY(87xSS?F|bNrJr3r-t%e6Jg$q
z+#t65mVaY^DbttXmv#y4Gr0LYgsFqeXxoiNKrz%^{7-0R&~Ziq#s7qkTGbjjV}Rm+
zLdR05p1Jd64qVliw|0Y6GHbNzt=+V@X8UXO6}ApzKh5{m9oScQU|-$-zWVabK=yUW
z!;x=nCn2}0=GmdV71qI7cBYyAOQz{bdY8Kw55`y}1RgR};U{Jq|4N->S(?mge&P4>
zyzNDS7@?}uVM4?ti&bN*5h8w)Wo^71peb2;(7V#bk>3+5ZUW(2aYrFcEAAMCXJz_6
zOu6m`rd)T!G`{RWpTYFxsG6Q8)y+t_n4(^Tjke!>0j8`e+-V_SXC3mJCuO1G`Hsu=
zuz3}EcMGHV<#-rl;5YXOeU=`MX`2T-f8@E&4X*38265c{6zZWZNCRl%PE`YFwj2lC
z+Jl<E1VnO{AV)1h2;o&r5Wb;HLy}m6Y@M$<Q=Lcq>tuBF4GwOV=J6i*AM<s(@@4g2
z+fw7XdtCO1MyAz<CE8YK+oN3xG{U_;+y}2^RiX~jHcb9au##XO3~T88z%rkuQ6_J{
zp~1`AZ_rk1zZvgj_M1uIBm27ey5vBX`MNaosAgupBPK8O9h_E!>+8+4sv6+u7h3BI
zg;#?H)Q33fiS;G5U4_c68Xv%+9KaDqk40~=8>hlN+(N*GI;MWcf8fd?f#Upr4>S_!
zXdkpF(6JoU8|O<>4|cAgKWHz6lMW5?vehWqjW`80hTw8XKGs6C0_W8tqXH4*#|)}Z
zBm=Ha=*<u@gDMrtfV11Z8H&uHnnf~<<uf2@T;I_MBNE4V?S>ms_shEt-Bj7h!WFbr
z6;@GgrSubhl%pVrDtgjOFQFn+c>BX@N-_nw_ofInnF6G<6as)X0Hi9zA6e<JFSK=W
zYi34WX0_zi=RWF$y9u@g*5|$~kz}zXW|jdoCfE{LpL4Yk&`;){5i*N>eil7=&1vM5
z(W8H=vIE~Q+yM{`9NeJn*v<v=h$|^@yEtVBoWyB5W-wi21`xhC17*idNOfjFzj`xJ
zc5Jtp0c_~W-~l!+la`c6AJb%{K%#IsWqjAe&{c3t_F4a9`g$grVxKWxaJ*pZ#Bt`V
z*QBQ5X`s(ptES%s+m7pVUzQ%8N-YEW&XR_wl4VuznZb5npR;BJgJB+iHdN>sDo|(o
zg_omme+-^ut>!=<i9r<G<|t<z<qjsZjxsa@`YH&EyQ6ump0#_j&B-QpS4^acQb6p$
z?jp09<p%4@CUzJ0QqU8&teU?Y*T^8B_EW0M&F-K(ZYU$ZzX5!W9T)fpp<<lF7IkFE
zGMxynY0O1BF=M*HP@W(?6kpu7sVFktU?xv#I+vkB$HVyjlZ=kob_o?#y!zH>+$tFY
z4ql@b2QSae!VC&9M;fy(<2jYQecOT6!$@cE+Atj4q-ha(Gxh}S(m2|(9zN;ko~#|E
z|60wklSnh-(X#}-y=^@LZM`<5DegDmG&HbRrXiUdQsxNyIj20=L)<f38<E;~T=iRc
z{r-n>#L%g(Kn!W&b-;u3b1ANj)hm;@f~HpCA=!$Ux`td{_cc|o@~m%dNX=~)hC5Xj
zp$~@+;zE{q`@3;jQ++-29l|9kXD#kUU=S|SS&<u44kmkWlL>|dJ_W#mf#HLtKsh{E
zb#a9`?smX6ON~W*l!Fs9#xr+J^?(Zq1aFSxFXD3$rGvR210ID&^Mx?TP>QkqyK!F-
zuT0lk@C$Lpa)8wo-H8*2^ztCY)AN2I+_t_6ppvwR!*2xPj^|pD&0uYSX2$Z(Xtg-z
zCe1{+Qkho~@h~-;MU;P9RfMAB`JyENCh~wX0Go0Eck_u_8MPgpuezHRE^9x(@D9r(
zSp#HTat)g>$U*lZ4?&v3sQEmnGH5Ta{&p3wD1E)$lC2gNYchZ3IYyDpp`P(fHei^i
zM5kjZB&xfQbF403_>8=hom(A>V*)+x<DchmBJeaEBrf^p?hp^zfqY?bk!a*W;3JX9
zfjocne9B9{Xc~09+7D>|$lDKS{L0KA)_y=}W^l6h142ht3&2cf?FWRKJvE@b5QX!}
zG3bM|t=xVVxjB>Csf6|9Hq|E8PI!{a`9r0^q*_HPshmBO<0jRr@DvxdWmsHj!l1rc
z;AR0ua-F9Mg9KRM7J^9`1!%$`6&9#In3R!$CJd5df!cye{j}(%JDZjE@mZRT?rc$-
z1~hAxjY+G3W(~3(X%Nu<w)_I`Tu%EcDqRg4#4JyBRqRT8Nz2h(sjUVLNy|}OX-!Lk
z_BNd|bM)pNzO;iihV}3~<0~97gH@tntk(!Oju-}O1fz_y?CV#Ry$&Wcluhup9{5nK
z0c|uZ`v@nFSDXa@kK+HactzI_Ug0X#x5|zMS`4%!S&q|s0@{=QTw)m76AIds{)A?B
zBnLADX9+^b(^*pE`mP?-{@q|lOL6iBAO@UB>osU&<&yn{TpD|#mCIh*Sh?(_jg?D6
zGupVlwDAisGqm}E*xekLD|?+JWF0v^pR&$zsqIzgBTfBIe&H>7UgmTfviv}8bbVdn
zE4sq2r9C=0eQYf=o;wa6txQi&sQK>fMoAykUibPwd)+&F?REMp@|4-)#@Dpht!;~Y
z3F=5~aj)vPoAK87l{IW}uEciq+RZd3%L^t3Mr7sfX2A6h+0BsuF0-3W<m_g>cCO48
zmgVvJovy+gpc@C-xnz~<VK<Fyk+^nE*Q>C0`B(*WiOR(*zE;OotcQ==^+0Lu^1abM
zDD5-8hYy4F<mCz!;PD*To8U`Q4|l!;j074H?j7T@7pq|`Xc5nDcJz@v;*!P{SxjMh
zh72@hz$HQrT4x3rGI}%6kb%n_(+t?m_hz6WBh;Ow)PSvgZwBCu9A-1mHek!ha^QVJ
z-_bS~-xIrbX7(Gzb_v~eizIuYRdzD7+Efmxy)5H_u6T0fO8LMP^tPA2!V9LLo4qN*
z52m1hy(!8QCZS_l5&`HL0OSo1>!hYM97xBf3o;%tt7Vct=Ln=+BG|G?pZl`(m|YP3
zCSAzL%vy?KZL_RmmO;EC+%ij_b1f0j&#ozDm#jT;ug9A9;B1`WlYTots=|6tve?on
zEW!%It;jpg#>TjqnvH$HI7M;4DUX>k5+htKy%W36rbWuvz4lf^liMr9q|U9DI`>4I
ztD#d)P(mXpJ?3$kl_)GqDkC^)244q5MzJA7G2O$wAN_wL^zA*`hUa>elR6GH!4Lp@
z9y+XoBeuTW5&(8{W9xf0`gISo^}!ZMjA;urn9Eac?E-wcr+hAce;~HNc4-3oy~ken
zeX<Lpox9C0xT>xH|8_xCd8h4y6RBNrr&Hkl-_|ZTUSHoR)rTG4!oN^oF9xTY%gd{$
z>ce7gs#(LJ!f@9y4TCip2G<+I;084eZm@>I4M^WWgV&FNVNi{YIs2fR8o4v8S77-&
zB&I)JI9{d=vg}R*#M{F8X^<*GRZK~h0E<4X)>hdT)eMPS@A76ye$a#OWgNVwVG-|G
zyRZ#ZX{tV>RT8(Or{+kt&kg}FnX`7ejp7NIh1GD`D5kb9zwlHmL)LC-rN}j61dRj3
zCF1#vAgSTfNKyvvl_fD;_Q;YLE_<Zu$I@`QmW;_JyAEeEtdjk5=J}HZT5%X4X<St2
zxNS||cTU#MY&)gAWhT>9;)rJs3(s%hD2J6gc}wL^Z7SCO#+}$|Go!Vs(6W}<`mDW)
zP-AbRebd;R2+eGL)}}(Jv8jmljdSGnm?P8nb2bX(<?82dvAgE&5vE<c4l#Io1=__d
zo_D8BmgX?hZ-E<uegeumqnC%@FMBPU7d&9a?dKt5!BX1X%{E-!$0`R&9*jU;hz+vu
zZX96W9q+a8PGmOPC-mEBo$<_0`<v+V55`XGz%fVX9F2ezJ&R7-NMAJwuOF=aHbvMQ
zfHiSmgO+!LT{lGyQr%BWzraYIA6T4aUMZcy-piRHF9_7DAJ5A{POttD*na!0*?dLs
z`Z{^t>CMCL1X#N={pfteCu2bw_qoZ$eU53I=h=;l0c^?#etx3Qko?tNL$bbdpO@K@
zC)TthXL&~NMBL{)z{}Lu{J}e7YgYU9pt#STIzQB3=jr1<c{Xvd{d&_G?bo2u9kO2|
z|6OLk-juUnpE2%p?96eW`TBb8;aS|LsYdJpi1{qM`Ly<M>UG@Z!Wc7J#Z6cp0wG})
z#~A2|r6Uv{z3YL}5*xrO-V3D_Hh@*U7b+Im09NrnurIkMa$s*0Uy^#X^K;-luq)z&
z1VB%|fK6k0WbCl`I29giMc~9w<H#k)B^t|dB1$Y;%mDLoZw4C6BV#OQ23V1MGtgKb
z84D~kzyRBuLF|u_8e<UqP{U(?4xe=xyBc%A9-GyH_f7f^?6_&%v@6cpXTNOtc6)4*
z>Vz{qRJ(e{MP1S6D63JC;0{v;ghQH?0kME41*GU>AAKEC9ca*(B%C!i#Vm;c^xkmz
zKfz(OG76vZ6$Eh3a$50MPU>@xh=}X~uL-uy*5|$~Jtp@evkc%j!It6r+*b=YPPk>c
zKKJMGC68q~^Yn0?fPS{GBilKDZU@g#@4L#zDn3ED^S^Xt{BXIE=-)uZrFfHst8_FO
zPX&Xu#M^~9+mLZX#@7Xkr4AC_)-LX+O}lVc*!LhqLc7Nq+TGFdLOSwRT5-qyusVAT
zO;y^IYDV%>veAbqL)4PhNMf1+rwAE8o>7;#(vrGrSN=E1+MoWY*!f+L0~8<cgcox+
zZ2qvN>xdP9KyG0R=b!Nhya)aNA@T>nU%(#GUtoGBPf)lTTb#xY{{a03o9-rm0ou9S
z`~`h&-I18zO{s1FJFv^XC9~~M)HgIL^}18rK->NXvB_?9YjxW8>tfsAXl?rn!)JSG
z+usP={sv>)=a;Pz^gCj0`y)ul6|X<B?SJ2G`zB_&-^8zOgq)>cO}jJ>)YsEwe@LvS
z{QCD0-3vqb1PfsLQOjCwn6P0Od)L$DfXl~W^zV&cmXO=pdUZLZE{65$a<DE2q>IY|
zU;2>d@Lr({Vi@1Iv`zKLL7&;<fX{PQ(S@8n7=9)|N;!zzD4(d+tXHCJtiw9jV0)|b
zZ~YQ>1h{4hK(oOwu@N2!6?pYam{E{Hd&hzJC3?nz_$7Kq!cY7XbVnKA*WK%vxP#+F
zq7Uoq)zQ#DRsbzQMp6+TFj`i5I_}Ex(id-j`+O!GH91d-x>hi5q%*mZgZDCgD`xD-
zn;AXUu4(P!cdu{7+BInrH+Id`9_|<Z0_&#~ubger_&)9dK9{@+&|qa(f@we0)@}Q7
z5An&+#7*MkV<YOW$y2{yChlHe4KWhbGFx{_OTX~CoJ{Dx?e2@iKb;Rp?I|h`;@=q{
z2WkBN=m7uDM6Z8mQ|8}+O)eL|-&5Aa?~nGz?~i3=uN>qXawanW&`Utidy;?1!PzaI
z-=ZsFQ*P^V244YprdA&?IzD&y1vN3%p2LvT?Cgt4wI?wol@=X6k6}{n*%wKrEk`B6
zq*_m&q;lt^vS3oJ97rlR(t5hdq;ASPM9AmAAH<J)tY0kUmN$T9VoOe7CrRZir^Dx!
zW5VduF;7{SW?PGk%%-MUVfI?=WHz<eNw&54%4{ZNP9IZ2%qx89g0%sl#9EwY6>33|
zMtfK;V|$G;_yhARrd)*v?jM8iGxB*)KU=~vnB!W{z~cx^)699~|ILrPyqw<i&!F_k
zB+-?gpN;^ID+K7H!|QI3tJ2*B>A<O$&GuBwQ2tblQ|!HkW+UEl`MkY_MqeTGnV)gf
zn!d=j&$N6Nyh{Cy|J&~qyt8LoHlNWa2wd-wPZ0U<GN0h)oKLXVhnJmc$@2IG`hwni
zJA8PYYwH0l*`avyaFCXlt1$dM&SKxqjVgpDeNcMxLU{7h*l)>8PhJR5UN2NUc_BP`
zePH@~LY#Ez11lPva$s*WU+_7$ot~QCOHK_|4{kqeWjgqZ#=%#TM_4#kWQ#^)N3Bc;
zAMOPfTQ@VnkJX!j4!)vs@G%1%KD`;};42z`4>Q24)tf;ad`08!VGcOA`f|{XQPf$Z
z&Kz)K^yQF_7?V45z>|^X!24!>2mW+iZr=58FuIFBV-_|*^8AkYGjug#BtY~YoGDfY
zICBlSSqI!=3h39%F_8tPfN;GjA`eUf#d=dzCYaQJ76VrUP%fAR8ugVD*<ccglO+)V
z>Ht6)nShL_g973WwTLemWwOGoR#@~oM`V>2f~~mdb6=Jo7ok~q^kwNem1EW%eOW*O
z)^3GHpZoLlxCo`5L2|>gR&ew=R}TUGqVs8rj;zz>L9E;3^Uw4}3_tt04#OWcKRaE-
zFnWr+UDO3V@x}$41`ObUP{in4m_C^d(x#4jj34#SZ{Bq?Jz}By8;=<p-`Vj=igzr<
zf0RAmhW<Hm76<$)4yZ^g3ygSYJkX(^apGNu6KXHs1UkO$$IUnCdejc}2tLecH~f_F
z@2R>FA7*Y*jA#n+VS0sYu-5AFVItlK_uuFCCin`Uf=tjgHo75C_%qjNy37uFyq}=#
zc)#2LLr`{pJ*4r6pe)ESq{bmAzY`%3y}}#&aN{<4H;q-;T<0z#z@mk4{2@GtC2ybD
zz4|f&EL;d*bsYg#E`;L`>&YQaW7=+FPIwM;Zi;sgGG+j8+B3e=hyM@wZm2Vz7dw-G
z80nNI`j3rN$x|u<_XPj(=DW#%jCSre|8ZYicf^0ZIrSg^J^W{Xmido2)khjb_1LM6
z(0@E4zO%%w#q=M?;y+HT|5#zQMEu7I{Kq54e>|%G<5BBB9>r>W^e6t~yWwou9rTMq
zbKNce;~xKY=0-LLl={8N>cY-BmDM9h<5YbEUBQRMpEX~v*J|`^*W3m!H>=elVe|Ek
zwK`#SoX*?8y#hYd4R3P(YA$<#ZUc89*#WxR2K9EQ-t7(Q?Y7=+q>Hz^RztIB3h(P#
zzFtF<rs*>tue&|Y?pmGhZ{y@v$KFOlDmk~F+o+zXZRC)`{bG%(b%=9rDSKu-%bpJR
zi`fzFnjsBM4S#q7&$kX>^@p2Lok4rYwfMt(#<lpvdq(z8{NX?GhjT=%jvu*e#y@PA
z)Bx(z?$-f;R*;+y#Q|D?7LVK*`u^&HGaq}ry)Jy}gPh|&)d<q#Tz~Lhg{$9a1$oQ#
zf>(G6)|}QCeNXW9TVDfxre=jN-d^kPOL5KF<bPQF|1`5(f1knG?y*cC)!%3Pc+Zaw
z;EskITi~vypJlQq%gfh2A#Q+(3dY$EGL^6Q=ElMgODuufYgMwyfYg<h#z<(afZP+f
zX+WI8rrtP%%~`C#GuDa~a5iP}0&fM)QhzSC+N-zQ_8fNaX4{^_CN#4O*mKx~W`+TK
z4x7+yn{8u-2+cOxR(}whSqL25zQ8C=LO1tpK&e;$Bj1OdUO{eJk$%YI2ppGINxd1s
z^k{RByHm#L&3PJFKK?Mq8KkWC*5vntVCzd|HqUS6wus5;7|%3y1c-e6XvHA(hzonF
zHf`zY0J&LX{O9a}x$%FO-ffv1|2gwuZv5vggsD(K>#rXFUox`)BNM~W!$YV%@G!6R
zsPiV*8UsHr@eO@6;wxy>N2+(-{tyUvGlXnqTE60Azty8BxA_$xoZmhh*YxU#dnWVe
zwP*W6Bp%uuBB8Ie4`(qFo7aqy$nxm7eD2tHdJ2$<G>+n2;Bgmxr>CdRss1`oe_s1M
zjLY8h+FQN{(CI$a13G2j>H(eZP<#gR-(~R`lezeeGoINtAND!jw|esR^~QT-XSTEN
z1K~To@csY!?T+{0+Nd7N`9;kA_BK&o5*lZxCe0P1geHAZdio<oeWWJ=B`>}F5u!eN
zq2l3>5cSaqrguL=)JGqf*18BMx%<GOfH&vB-Xvd=dTA%`U_@WaP7TLh>J`}haH*D8
zD;fWOSsq~kT#+lYXbY@W7z|P}-hF03Fhg$!27{DLFbFdsrlB_jgF#9r7=#%R+R&Q;
z9S7L>^_c?^4t+To3{o<|Aj|=$eqRphh`Lki%mE*0Uk>SsaYQo*9MM@0yie*oddM)C
z$z3<4KL2MJnYlCmXkA|#8Im<sPKtCfmE#o;n+gYYDb<%E(!><dxR>oBQA`1Gds9@Z
zm;|c!C5dD)3FPcc66s<R=-8K(;s*j|Nz4lh0zgUI1xZUoO3DZ+;gJz5am;E(PM>p(
zP?;mx3Y|XpW$6hikxv;9kUN&Nf~U`YwSYK;ThY_!{yaS)CDPO&>0?<de)`;BkDjHs
z0?0f)5=cP52>!W<Aau81I1Y;5{y4QvZ^a1kd4P`lAHN_l#wXzvvc!UM_acF0pn4W2
zh8#E}U*tt_CK)_PlQ9}Kcx-alUok2o()bj7OY2U@kLC3NdGiFzn;-YEE5j=t7s?GY
zMpAY#I#Dilw(K%vCe09;SeBG)rwrFLj^JUS^<VrXmc>RL@S9!M&bnA~J*uX95iu{t
z-H2;JOoH9vB42K!gz!KU^YT(GI`3&QFCkSQ!(e*1vtrBXzh~fwBn~E|#b)<lGo8#0
zMaXpzALMIqj4#n?wj@vKP8abfoLiZ0tTpnKPv?4$>E@`2Jmu3lt1?|@SJt09BJ%x?
zk3s#EOtx<%RGw1&?g{ZTlXp}64BENd;%EBWx+C#3lWF|SAH(1Nms$MG=K5%3xIX68
zMj1adD!%q{w>HN3nK6l<8MpB>3agDv{LDDwXGTr@%!J0zOxXCD32a~{=<NT=-OBLr
z^7iBJ*WJoLiJ!R(;%9opdeShOp0J)Qn#LTr?+>cc$evtmjXLyc->r`@{N<2%y65Y0
zZ6gDIHoA==z+w@Oq!tqv!^J<sjbC-ZH5779a&3g$NnXosf{;cu2q+Eu8POo1H0WnU
zgMe(%56Vjr(8e0jK+|~N!204EP%x<UU$K2x#Q@b}Mg^JJAB_q~2pP)71h|d$Cu#{0
zkvO6CSv-JW_`g<f$sQhYLRNFRMs;CELYxr3t7(*%#t9kil|g&;m&6J6=r4&A>d|07
zi4*!soY0R_oY41G--%DRKBB=r{W=fOAq>-0)eO*j+@9wYg1JNJZqj>w7ro!r5l_^B
zxj3g(2MSqooyPlmL`E4sC~sC1>UjeCHf=1<JvTPW`ZgK;VK#$l?1#oSq<zTwx=s9%
zjcq`Q{2d7<)q1uim3yQ+_kGa(mC&YUdq;xQoZXRNQteS~Nj+W6RNjea%Gw<~%IY^#
zy#iw!EDe6BW2(48Cc787Nk)HH@!KopW%iyMZ$<p2Bbfms<(FUhVxC`OLcizV>2kU_
zEVYHItdeV~J3j4mE=Ft1fEcaKy)jyoS&Ww0d(v;Y_LMbu!QeZv`ER-Az61OG)5Ui=
zn-SwB-?AL!%;vW&c_sOTdb0T~%YP^o*2z7enGagOPr0@adeHse7sAGq`k)_mNBqT3
z;f#J(^O48Ze%8!~ntcZ{cgIdM&l5vee19QN*WC9Pz>~0W3Nrjx-2b~?^JZL0;B0a?
zd5uc*GkEso>3zJY02gF?o8sns@jPD+yv7FP3H7zq<dx|a`CD~1IdK#>Zvw>K<i<sP
zylq{4+q$~fyb<8KAK^}1X$xOSpBZZ4E9<Dcc@Sx>ihY~L+kB}p%BGqvylfSo1%)Nx
z`*y*%`DK8CE|C2Sp3oeg6j?WRGi2QcPF?gNn?rM}U{#HZQeS{`3MeetNc$*l+Lvo4
z))q3}h>uiUGeLpdYz1z}2wXlcLhp{aWAgTnyu8id#qwq@U^tz;Wp^~><Zb5wc|)9L
zUfyzXnycjP-spxi=}vl$;pX{x_T=d-c8>Bk88^4!S>$aLc|v_HH5u|zk-t@EQsk`(
zh&w6r#z!k}Tk&k<jcuvC4O8AGt-P5xBX3(EZ=-9;+l8nC=mOaX;|a~-Ns)!TWyrdX
zQKa-Dn?rMJlUPySSYOZ>hP){@khd)XN}Kj?Uj1zajnGl0mX|li^g#9|ok@w`DO%y%
zpbvT3n>@q!5eDiy_}f!mw+O6z;%!bB8{-rj7_UCQG4I6JB?q=S@pMvZm7O3{WQ}6y
zTM5tdJB8TfjR$9uIb=KX$oIg1dVuUr_R1cr{=EH|IM3ZaI>lwVJ-qbrTMJKHdK>;6
z{&t~IdJgcKbb@6kNEVj24==s1Hx=K|#LDxU{hfa~_I$VCIftJGG8}#y{)k?33XekF
zi~(}Gufey8OHTJI_=$IT!RYMp()nLSQ;)$PZ7LX>-RyLE-%B|h-4=vn+oD!Q>YYCJ
z0@Ob39R5|-e9h>A=D#DCyd7t|V|jpNeS*`x1?W5O(O)NC-qGJ+1s&%IU%Ss`HT%rV
zalAN3nBM(mJno*J)CA^Ep#(}5=nr{vKm7i+=-W9bnRcK4`9i@d1v6lz77nzbF9V16
z1}z$BZ3Ion)5lEfI5b=`?eGy}XWS_Smrp<1cA)vKb%o&QZxa2BoFn|zzt`*sM~EXq
zk_jXi+|I@C-{f%nLJl`(4z$S4s5dQ-`(=XZ3v8Q5e~Znb%ks<qvQFq)%!k_FTXS_X
zQy^Kp(mCKnP?!Bd1Kl@+s?Fad$yb~%sh#ZD<OmOr?O{G4QptHb@;e)Eb3q(i=(kyD
z+7!A?*C&4APk_tc5|?((Z4W{E+-vsFQ3{jU^3p+y(|6GFa{wp>$+jRE-8KXnj!(Mr
z$?h{ts8OGt<fNONY+l1Q04ayvpGRUPxElAIJJn(wo=WO|Ya?c5+^+ARZ2m4Xo~j|<
zgWrb^I$w&q?*QcK^>qcO?$x~Z`l4I&nkNBkF0;;}+k8>_!q|vk2Ht;1yrm)Na;b9I
z37-B<v{;GSXGPslp+tMkaRpJ&m!Iwu@X|Vitj%)RZjK7BQ?YYuD)CN@Ui}f&GZnjd
z^G}62RIrNio7bhtJVP<C?Mv#3G*x8i9N_x*z|~b;ouK<y$S_l0^1hbR*X_O@F!0Cq
zHa35ckCeZla23k_1Il_=LxW&c#EyINR9tRt2yokavT)LI!}*il|3HCLxW|90>~+2f
zaM^EHnBk<aNqFl15Asx6XS*T1F6H^EQ#@Js9Jqc@Mw$m-0G5YJ7;pci<3^`&Z;n&g
zi}v3sxW80&4*A-B6Y44lqJ}C_ykmP1cmE5?ZO17m)fN=bGmvYz5EK<0g^ti2CpPD+
z#i;WcS5;TX38%yERmeMi!0A32zca&24+Bw__L4H9GabEyg>lL6%JExKa6GBEg5Sd^
zT^%<(^uV>^si{%$ax6Mk_b@AW-vFE&MU$cCjh&Q+k+J5D+UL=lm)PgAng<yta;K)o
z!&6fed_Og{iCIofZDy%cQ<JRdRNZ&|=9V%R0zt?RzFf1v9<^riVUXzBsmAEO#-=Ok
z#l|N2Esf)9q}_-&p@B2RH@V9vyU#)!C>GHH7R9sgu7&J#Q1}%3{BEJWDEiwV!semm
zcFB(6b-w<(@Tj@Mj^<XN(Yy^~wt2(4LaB@de^5fj36th|$XoRyeW-g=Gf}ad0M-KI
z#@HP{m??sE0t@jVz<}BK#B5B$#s88`V9X}KD0G`=Gqo7``cOi55otiW)Jn}i06(;!
z{O0jL-obvFPO*>uT}IEmW)m$t&2#Y=t2q3vqH~eyT%`T*q$9okWhU*KX2v&;SNGO-
zEDBA>KqKjtbWc0RwZO;FulJx|-ZlG&{A>0LL!cZ*3yA!df^u9*7OFe>1;rw=b=<h+
zdBtm=RQHN3!gqWyngAbd_<Lsp+@4cuJq3~mEqN|<<S9@9!sEpq*J-VDaYGf!8zxtr
zl%auqetQa=A;|~*i+p~|8S)VD7$CN$m}SI3E`?F|>5xXC1u+)E#F$-x0)N1z_&5l1
zL^g-Ws9$&iFn=${B`1ihaqGysa&UD8Y8<*B*CtF<<GR<n1j_tm-3OMnRD`d`BW1Ym
zLqze+B~2eE>j89<gQECYw#e!!CA3og6b9lvCySu-k`PPX>y12lg?9j__Yo&c>$f7Q
z1PsezvQPASCC1l%>OrgHxtNWD?%$#D?gJ^TA?P=SdhuBljP~pWW8O|zVdp(w_x_YA
zuloS}w2MwLYQC7wvwqHabr1IuA=In24PRM0Suf$vr0#1t%F7@@k@W+D4%p}NDSH=B
z*!e)si)6Bc{`Cr28x-De>6`4EQW8%oiBk&iq^S$^*vILV*n`j~>ml_^Xm!T*coc&3
z>+L7&5kF}ZWr>j{M&w2)+(4=@WxyEY*Q3Bu24@u$R|Z?Xj7!NdtU1_7w^~^rA#xb<
zp=bc`FThKrFDd_aJp{6qu@Jh?EAU%9A3(q35{5+?>}qMJ%rJr~K{wIau=8auML3Er
zw>ddgA_^YX+4!XVi%?aBXk6&zJ-CeOBxnyTbZ`-!0HX^%X+Hqi%P1-1{-~3PTrI`7
zLHwd?w-sv@)e0dVM7dR=$nXh*bnv9NT7@0ZIhupu0za=cj)A$OLLJIsMVvqj8CO*Z
zHL$A%@dNhoyF18NO!F0|FPgmi2nN&CjsHA`73oe4^4yAYnJdaG9p}i4@ZcOdDSuy#
zzlWc2Z%E-177^W7f(lbQr<Ru%(}l+LGq^(O{?Qt#Tz|xpI=$P$%IT%Zhsl*ce)rY*
zYuCk_LDUaYE~Rx@xRru-<OGKUuwwdf%)hY<o6K}!0_%wTBmak(-|hZ6s&TQs3pT84
z{tqT9_sH9TI+kohk=OOn)2k5N1YNeVdUGjk2SF3}kCy(WI9*sbjG<L17tWn6lu#Y&
zbqg2b_r}xLJ2T{tH*p3an5rCQOA-2y5X@4(_Gw%9^!ZvhW$@u_1pk0DS3Pr%JMDI_
z#8VsV8A=&mufXf@I^@`mhwiu7weBU^<CFOK3TC|z?6z22Z|uI2Z;)|c?r8ca!5tX=
zCBRPi&+xZeY<tCtxsf3cJIFuaYUq>cYG~Tmb)YZO0X0qadcF%SI1dF2Re#Qqhq>7A
z?nA>fF%+mDcYguTr@{zor^1XYcHsG)cSSSnrh^y(ma^ugO56;+uv`!E=_dSl67qSn
zyU6koS8Bx|>fFrDjEEq9Pk^9&zs~%=(ER>^`K5$TKf{HNR3dI0Uiuun)cm?#;9-Lz
zlo1L*=edPTLGznH7Z*$9do$m+xCOxsSHbKRd7z@duw!`XAxP46Stw#hzt#1Ed2Bwg
z=+_MhT3hPPC7W!&^HD3u3&LUYSoUJF>6A^DD}QxAbw8*3r(ld>Z~CZ-*nYhwOH3bi
z`xcY$PyZU~mo@+NH*^Ol+qqn&@;<4%)m(J~PIs}OGDo_Or}KgLhbcR`f#e*a4w$Jp
zPWO+2(NVrBtdf`Yh<#Ui_X<<zW%7O%?0+9Yof~0VcnK=lJU@9!*^RHQL=TTp1SXb3
z30e5*NdAAwyuTK|{C_9LZUM|mK=r>S)hpkyJl5e-+WFteh8)<bAkQWw=ki3!o@(MI
z;o%jo3a~YS()=4>Q3|?02LZg`?I<go1Kp9Ln$d8#RCK7fqO201kMpL+02@!NX<p7M
zTZePS|6#4-VZJy{@#rQe+I-tOU_bQD9_$@n3~DNmm!6Eo=(m3nWN!Wkh<5lS)Xj6E
z_GqB$1H-zvw5W&XL7>*W0e_~iaodx2k2K;MnW3Sj`vwpP(-QXe>X*F)RQYGhfhuVb
z>%WoBh}L)U7|5p12o(X{|HYqjh_Us4AfdzzyB<jFCg@ohcK?eR9BeOD<70e!{>F{X
zcLOYIlHF*N{~WjZ_kh7J^oNu*w^>FdM_2glY}|PGSNV2>yeV==sVp1^>pqk^N{xYa
z=uv76XUIQFjp2+R6@_sDn;i1c=zG{G+M+(bNLpRht~aPjUmHXH+KzA933}RjjdMg$
zKO#trGE-IN91*mR5UIn0!}HvSa{$0hnf~vY=N7D1F_j?e;x9W*YY^XM4FwBSt|9ku
z6{L~9zJK`F_$VYE@(w?rFX(Gg?iNIQoG&@|Y&)uR!|2>qIt9%<RTE^!C<UVn565ad
z#f(_CF5(1!848Qu(y83-?&$#}GM&Ka;p#MzWj*C~Ie95c;H{V^9_<}|9e{ZKGOKwT
z{untth!**eI=k>KD_7pk*?zmcG?@a%bXAkME7+W`G@nZDdhYh}(xcNXzK7RC>FY$U
zgtsy^=C4eR+meq^F=>7T)#$)^p4*<V180Noh*g)}=5Q$zi~P<5&yRA<==!E)#!gvD
zT!|*OdC{i1*`RwH>TQpOW=M%@576bAjfclLpu?d1pU4q(IjlHf%o2&RdJ1iPEH^GU
z!dxQN4Vj@Rqp)>A$Ez4;Oag5=J>!?PSDdK%3H)MhaNlBXuok=jMyO)W&CtX)Y!o-m
zm5K(dR)i;3**D^|;mxt-%J;iJ4t!n35=$ND*rgO-j@63N5H_Rcb=)ZtR`;T^TlW(z
z8Ma})L9K%ghx|enswqhcgO!9lV0~iN5JhZqd}(OL*$4{|3x|>i`ioSWIf3nEx^Dag
z>3HNNz-Ff1JKqTm^Ih|t4bUij%TIJ##;zMHg~@51>u%N2-QMoV_-;3K%y<7UT5eD1
znnuy6m=~r@bCAo}#4=R=ajhJyn)(bgaNKU_OXGoyrlgY2J?SXPR4BPL-7ma4E06T%
zKcimg*Hh>j?Cvk)kAL*#{DEeBh5Uv_vqh@esCjRIkRE*{QoWwh=+CUjnsPcf9A&I!
zLvP6Qd&Zsvy{yVwHTRIRURCNQRn@?kYuU^0QoK1INRvZmo-mDl(m5ieI3kodB7`_1
zWLQggf0m4SklT*jWSi%1;vz4eeuAU6;oxwG+Z3nC<q{P)E2lSMa3k*FHWeQCNdDoM
z@X_k+m+}SWN%QH)IfB>>ToFV~^$rq=Gcyru{xT6YsLJI|o7VaN513#Yo_>&ltHEy_
zDs^QTW2eB;-2HcA+z+Itz*HmS30uG{V;@ZNk#9~R0pC8!@kM_dbQFhT3G1_R=ytx%
zWr?7tD<4_QVy*3TsRg-{%&nPq>%+gg^0gfk$HfI&O=GzGZT54w)BO%Ia($@@&0%cM
zWbOZ0;3M;%%$ud4vA6S3Cum%_(ETzs4;_Ic2j(^$y9~q&x?jMn)BP&z3^wnX8B=hw
z&m_EwMLy2djUcG23ly&@v#-dlQ+SA#+hz%U^4oP|pz4%-R~K8I;iYRZ8!bIJb>m?`
z{t=qTfP58y{G+cXC&5wq9bdW$**X0)lTQCg<ID8#>92D{3TgpY1>h_+uj>Nv#Vzav
zUQZXj$4aGN-It*!@DOUfTnNqtqN5>bf{)Z{DmhI{&9tS{WZIf$(((OB;Pa^zAK0JC
z>9Qw3zWjy5q5DxFRgL5aEBG8%vYIEKy7$T|<~(^_PrX`gNvkc}dZj+t9i{f7kb$+6
zhV6&yuiCL@&&R~Wkz{DZ$7J7*2CRq%my{(UAtE__h@yrJMXV1q%EI14USJ@Kluw}}
z-Hc4{)l@;GeNIm~QwIx6i^^tapfs3TvU))u>Q~C?zohi<rPGv9CZ&H*+c4GllO6SW
zGT)!RKEuvRBm}P-dSBQ>?@n<5xi=Rr1_P*#dU6yk=4kz#o)kj|64{Ij(jh2ZfTiuH
zNe7*vBS&X#$C=jRs;MyTeH??Zc^1@)sW(wq6y$~NkBU0Uh7~^X(bK$ex)v&|`yR-V
zV9{&<AJfvPRCvFafiXrfq~<ZHIaja_k7tx)D{ZH+fr{uT0^+kB??Iqe%(W+;-8|m;
z+Ihko)@2F|Zh6oY<x#Dit3wkKL9V3O*ipjXWr%P^rs=3H?4C_2=bwtnLnUOGsD&tA
zb_|I$$QlvmQ!JiD0A$NLd$UuksGvrfMCMVzz!O5e1sTI)a|_y>iec1BPS&w?hb@y`
zj5N=9zMn|!o{Kb<lbWCP<$^0|S;c}_N?kCIw~f;mxiZP=B*xylc7M4H`vn~N#u<T$
z7CkFTZDnCW#jVO)UG*_gqj~vl6aevT2oG@VBT!L$6ri3m#&^P^JeA=pkkJZ{i2P=>
zs5nKX4@}#cc9H>7Z9S&u)lrF-MbUIjpQgg96PXIV{t7GB_>2Yl19pKd`404;eTQ1C
z<f}>QVe5RNOtO?ug9{2NbFqIh-=Yt8yvsV^;dxDrFM2B|%{dWEn^jX`+^Je&B5iP5
zS=Tpd86`o_^trkWf;^RXLn>gdG&H=<)q%qx(7tpwmZh^zox49HI*O~DsYYXd;)>Fg
z*4W&MIKr|kKb4@l18-HjK1T2m6q`%<fuSEg<YXtz=bpnWTn5?vEbEkMZ>H{=!9~y2
z@VcE3rs>T(b7+XS4q}syGhsQex_4YAq8y5(VWe_0%?3`jHS30=E9#ybbw7jBb-y@+
zuOFK_h#j|^7%OB2C?G>0?A!jXoxcq}Aqb(-*h7=CDZyo!3)`|;$gu*v&F8hHR2nK?
zOycTJzqq3qz#^@<pgDL^4C&3(j}xRiQw^_c4O!}#EQScGh;9kmv62e$E~24aTa}TS
zEt#CDESV-!2~+9Adete6Bk#XbCLN9CL9~pGT?)F>kbEqYwGmZ@qT(VLPy(jKGz^K7
z<TBZ5h5%lUdVR4Upz4An>(U{=y%Ae6*$i~>K?)(Z3mf=<^{!0)na!~Ok2#}9U(1zB
zqPCORTRHlAytj5?OW7$eJ?PukKI6yO?_HI?I%8VSSZPoW!7s4X44DeB@O>TY9rDEt
zbo32)kv$N$!A;p4y-D%48R5H2wz*@ibp|0%@W6`Mlsv-U?wd&pte55G_4$`K<X_&I
ze-YEu_|hwZJ6GOBOZd?R%|6F*^7QY5co+xri}k?kvR+=rq>?K?<=_ZO70Taj<)tm(
zv9t-K(op`+)q^9XU?_i^jP^p6*QI$mM%}_3+P+1`sPyD(z&C9rl-|YNzXnjzb)>G~
z@HTb}LL!tEn4!d9AVE{l#+p<1Y&WgWrrnU*^NHQ}rln=S+J)&ub)sMR9pL%-6i<Vq
z)KK<>DDv!Qk62pv)cpa}RmGYnL%B;3oSVTmuNcl@vSa6~FyU*Du_Dan{UFlvfTH#i
zG;|8<f!h~2p2Q?pLaY>bvD2^2=U4jVA>EImO08upm8XMO)tkSB`o1`@ueq+4d(i2A
z0;Ma1dK}DQI%Cf&QBgbAON9Q8MT*kjxk(3Ws*D2K0Vt^q)cttc1LusrrSVm(ew~pO
z4wRWq=7mFOW<Az|tUg)jx_F;<I7}$&(_2;Y;$`f^Mc&{^nU!Emig=O(k7eM|Wztji
z-IvH8qwi!WX{=_@eIy&wdH129JO3#XuAnkErx>_`#~fxvHt5P<8B>hz<j`^DZ}(PK
zC()fUo<v1TMVD*ICIc-mS3dt5+QKX17_lXw7qzu6#ysc+6LZ0_H?rG~PH(hbmf?DT
zctGsT|5f~M!T<L*@2!qCjEASD$Bd1fD-rxZ3eac{q_)~q@VbB3s*a0jA#$5P3;bcj
zdknh)#dr%<ynFObKnA9RH}l6o`ltMXE$=Pz>mPk9esw+S6t)2yu>okr(A$7Hy0kgJ
zSVzEP^Y;N4zY;A?2`x%=N_Q`2v*0<~Bd7V>#!Sy&p%6%G^U`^pzR-P5!_VdTb;Pfo
zy-6A>CHAbG=uaPT<IYA%Gy8DO{#gumKDj4hb%D(Ig%<kp6&Zt?1F^jrU3{JngpgR7
z@GTDGpm_{b3R$(JKh9B4c6sSOr0&nq>@Iqq>pHa)JsxO+EaSn%w%BQ2iMN>{r@0ru
z2naETTb0QRP)1}#av@j|_BK<Ra>9304)LpE3??WPO(afmk!`o|c+_(%`(sMygsF@q
z`~Nw3rhv81a@?uz6M+!o1!!M`ZB4WqV(=n`FFiT!-D@<S)M?UlqxqaBoi=LEbDB@W
zvpVJ;r+lEHk$l)F4h~RGWayOAq78$m*4W<YbRUbd;^J=7rOKyd`X)m(lWldwN)*%Z
zYk>d%WA9DCBs<G`@tQhS=hUgCyU$clRqxeVdUDdstVx)JEW;Ld#6X}YC^OUPfEi61
zW&$p;hk<)94=zNOq*08C1}}OAqD15Yg^MDhqAVgHB6?X}KtN>=ko<qY-}{}dx_UD4
z%ER^fJI{2TZ(rW;{g&VRehbEufsw47NtxLK#Yj|zb9dC*kHAZ`td>3o0)3ve%*zs~
z@q&nnpN5ZWH3R&#tejYoirJw};D)$GY}t&ehZl!y;gKag-eqcb3VF+I-@|sU@bJ=A
zwMFc;RIdOgd1MHiZ#IA7A{T|U$nOBg{x9vwy$dgbVPW}Os5TV9fTGx_g`HJMfPDsm
zwC{t9xy4a9vVXu)J3!nD&oBYyXa6joQRT2{%$IimSs14pt_2pY=QhC=N|gg%FS_Pv
z0}e`&4zt^^)TbN!mRG_iA?}xmTx<Ks?*=E$pZFX?LU<aleIACLXb0&5zavX;F?A(h
zt;rSA-zh)yQSZa1VfjfMY#s8J>-YV&-#gzWur`YXF*q2@tvv^+C1V%AUqF4m4$db0
z<p&@?eKT2HJ2lGn1*p!rMY!%^&+Evx&hCHFh(jk&+ZN}~#wG^ti=E%s(GYP;W4M#I
z$4{b<QxXqVZG<JAtEHDA-!GER*2jacj&OjtIVM88B*KO;H@wC311wLM6#zRN{k7-9
zdC41F*f##b+k;Nng|~*IaNZhrjq#drt=)3{vWrL%)R{nVY^q7Z*I-f72&V+13Z?RF
z__aR(BVjf74VW?DO3NMJOiNaqpESR<LkwS`1$E-wTS3czNp)ju0xq!mT)Nzp0tKe>
zprW#=kp_xE4shHVB<=MpkrGDD(qnUf2mTu@$-u`QJ{tO#Zic~>de|)&XuN9URGqEI
zT6oD;PT2Hk+sB(wH@m?T`|CnW;~_9GjX6sRo9rx|M&L|{-msx?p>h0o(=pI;HjSWV
zSThYGcF$Ez`S47)6N@9Xr(N2{H@isFPW(Sewii44z5o`Ej#d0&iT^d`qf-qzqMu@f
zCt-+OhM_FlYXiglaj(07WWwmUAN#&;V?f|HZmL4V@O<NsVIu$zmLxovZ4*=B7>SJS
z##itlmnZ1+Y{aHDV#^fu9NXBY*ea{$VpDO0Ee-&bYRH7&10D?6A}S3KnyVU`i9?bU
z%y<;o48?qH!x~hxrnI&uu~a})s*~C^HYQDK5|?ghOvPJDZ8WzX3u$9xoVK|Zdt2*j
zcHa4EhE~*EYH(Mm5?tU0oYoRH!&;j!YzuL#%#h_htf07(H3?c_(1bk}w$<7r(TD}b
zvsYHZZZur1sU1w1M^bIX*2~A19CkV*_eOg=qKYB$C9c5JR3l~>MOyTUw#y#1l~*|$
zUAqMhVj1s1&O0nP?y`ZAw8C3mLkN98Q|sd4D~sPA^KsuzH(5nSW0;PgjfC8GilnEE
zr^K6x#*Jo^qwQWadC5D`?9q5MA#T6;O|bENhMMUt?(dW7?C7k75@!#l#97w!&Z$M`
zSi#T5bm@$9(Yeu_5(>?4XLPpF;9RSjdA6qzZpvKFHsb8G?5Cr%+B4DQVi=v%?j1M}
z%o)v~8Y1k>fiCTni*-mY&x@+<c;PJg8S!l?17{12>L^Z(>T=oDK0i8tu~uu(hwX)h
z9vl_R#+mj!><sP7yb#St=UH(UqlG9o<5IMk5N2sGVHS-ryP{nPs@!+OIB&*1(UK8j
zw}zc^v?s>}Q_-G;981yeXu+C(I$9(xz;qc2qVr|7^1^o}THIfWcC~xK#Qxbbti82c
z+1vLfa3Y%Fag@DxwPzPvDeKI@>PJ)2bTpgiq1<rEG3a?-sr0Y8F^Fqhtu$<a!GczU
z1Lj?AT(v<6qYnq6RxKTEo&!d^4GlMm<l6W<(7}%l;*jx!1Ah+Tb5oAdCouAGGmMQZ
z<uFIEYQnD~ZeT6s65*D-fx`+X81X{Q*WOD_D%u({8r7CYp!2Y8Bi3M;agZh1L<O|T
z0!o&pdNNThYzx}BNpuNwkj-2RSokqQyOE4XZHTX%YcFGqwA{p1j#{~j4B--OS=;RM
z!<O|3#uamnup`_?GsGrKmECBQOJX~U5W1me0g9o>qPEKzLO9U4@vlAV<GQWwDG!Ve
z9zJ$p3=)w#t}flEYn8%IL#_zg<LF}C&extmx1rk7o$fR>$|Ir<O0z>zFh1^R&q7Z-
zE9&u^P6Z-rd$JsLtzt%`sRJ(ow>aiFtBkRT%+a2VI*YAn5*bru)t+3q8b-C;6Z*2V
zqMnVCan}Pv@w0mrap^`18m~+)Y?qsj7A{$ov}<A1VpGwik}IQcW+V1A`;8KTw>8Pw
z+RIT&OLzw0j)5`acF<LO$>`qm(c5NH>i3G&@2+hi&U~%|f((?=zX%=Y-`EE|&iOyi
zKyDeDEeX;|S&KKf-D#2At!(Y4wL!4h3??2rh2##*;m0i%Y>j}W0+$F-BWVi2CJ240
z<Wdjcj?vV*dQyaWc!|@oSTF+?0p*%%9*UYG4LX!k;vzr^VAq$HlNvBE|GNz(JV%J$
zi1mO)bAvZUb>d)KJ-E<Gpt_~a>*dYJtADe+tr+cQ4IPk$a4Q5?H>_e=kf<2}18Nr4
z@~+%bLpZ=-i!5ic_P7GH`*LwiEK)rgByB}zREI#Tbl}_gNfu~UtyVe+)<naB10mPh
zj?|zpdqYA7R}+p#1856*skmLF#o;ZtrcUNXE_&I3iL+ao>GX|}iyC0|HYMZM%352C
zn6{>JMR2XkJJ$yg)6Qvv8M$J07OioA29k`gfR=;s9ClYFd|sZ%ayjMkGnj#FoI<;D
zBEl4-l@VasKENAWS7KLECb<)ZIpi%p9mgdfmF&P>M0;JqhQr^&WoaWwKSj#6D_r-|
zgohBQpyj;VTEMVd9d%|DnoD~e(FqQ`8_D!dn63$=%(rnaOa_m1O5rOD700?Zu5cx+
zuGdOtlJ-z24p<tGLdW&k4**9o06S1N_cWD=^&A`(1OM9!P+{FvgXOiR0IhbdD`F(C
zgHBGB>Rqu9`rT}XKZv?L4}ZUjKZ4~0zkwelBHkNzQxg~4$pi=ZS8=Q4z%85ejFY2r
zRJGY(<-^%gpx|^2tro`62k=VQLshJY!a~g4sCzb~YSM}TI*U?HNpcDIJ!=l&4=`S0
z<wOBtWyQJ*+r`$=Lq=BV-5^UTeYH4d7#BO(7A&6Yq$#$r((G!i>ZtN!<}xTuHgX{k
z;(6|w{2KGJah4Odn-G?uza^J1ma#pW78Z5{`;_^`E<H}^*qFol(zjW27&0QU5WN};
zH7xYR?hq3pud43I_`2%FUWK##I3}|+?03tMl3Ev-YuqK7Qc!}9vh)pw&B+-6Sgk)|
z08vMA;(>HkXxyB13LecfKJd$wDWvS(4%`wEL!lbUO*$?)ZjO;VR%;vw>8r?Y-e@<x
zC2w?rOR-#^!OUU30OtaY4(J5cb~14QMy4#);u5=A;3>}C>zFIPnYM)uM^3`hnA2Jc
zyH|b(g=uNBpqymt;5$I5ge;H=W-C^W@e6KIRteD?YnSXm4hW**K!+lYJXK9LSe!Zn
zG@{z#d8jPIxluh4ez?KJ4I9;k{Yi4zYh&rQFs+){Bm#DBO6dm)6_&Uy>BLZwWPoZ{
zB=`ZJun)Pm!pYFZr(ti%{wvdJ5ut0qy&MJ=KEL=yazj>+O3j&Y+R-p|t0>d4T39U=
zC8>u-5TCt9{URv62j6?ef6szzUQR!`EA*#!J^H|}ityx4uqBs6iA3Eh?`dDYW$1Vy
zfb@d=Yn^n>#MtSi!z9uggGScjtYVzQNg^;YKWJy{3?(~bF0ge8x2-sZP*iiA<#O=i
z>yfnUgFLGvy}>5^15O<HQ~PmcNWMzS&a$#<xv4wAY`du{UVKa$5ergU@U1@j2@4iQ
zPr;)Ck`aGA&GkdMzr=0fSx!8KeOGLHTLU=~@-*m8IHrq5l$s!!yt!w~g?E!?N*r4p
z<tbzd<OcQjo?7XxD9VE>|M`f(11QNK%TKq3A5P2fNedd<=ZtD#LCFi$pJsJ1`)MoT
zgpj|?7WteLLcR)?fkMd2Vh0zBTm)}#v5DL`4al04PX0Vog47Xb1@5G=Pf#g0n^T^J
zYJXef7zMv|D8<NGPcCp47JlqlOEtH~Dc9y<%!Yy1l)rx}?G6xd+W?^B$;9}r&^5XE
zx?H*vdFnik*f+&AP{D{XAeLrXl5;iN?Xa1NwsnivJO&}An+Utf!?$2*_njOMr$=uo
zQ!UKMR<))>N5Nt{=sxrfC{Zx=&=wfsz-34&;m}09ie0hl%Us%2lWy(gr(KMo34oH^
zHjyeOqEl>1vhILSZeXyLtR)6`M0`YF4HeGpMiPwm+_UM{3*r)2z;u#rqdpvz+JJlP
z>*!QN7|#Xvhoe?|B*bmt!%H13)0#FI@jh;6jNFh7ac865uC+&_?FiXUMrz*7?FQ{p
z#BW=XDcl@2V<+ku1-byl14+@bnE>Jj1l3qLhSEUziDhWhCB6W_hFN$BGKd`rC3-^&
z0ZZ4Bs)ULG^)r4nW&t2Pa7Z0uN2b<IQiJfJJss_+AwWa(8X)=v!ZH!a*2Y{yZD9AQ
zLD*eKG#s*p7{jXNnieN4c`Z;fkj<vNf0k>7v(r{M2VxGj!nt94E;_rtGddTvor9~$
zFc<Aij5{G`Rmk&d?Kql+Q1d*5j1%c=9G#ySA?}QJTK(q{z*e>G1&9_^$}Yr`gId8V
zaq;WH>!#kC(`mn^bcOBRDBK>%C-*4fnmSl}Z?sn}hY#B$nUXo=SpJKN;B>-|7JWO|
z%#&()UXAwF5GvzsGe;&Xg%7*33(&?11)kKf6Jxs$+=jBET3SX>avK}f_Q5!3#{JR0
zXulcHs4VkHPL#g@<ZVP3Bs9Gs+7BNV5^l3-6P1_yg4#>b1?^pEwgv>guGw~>z|m4V
z#_vj&hhm!C?8GrPD18UR%6+-9DIJmAD4UEQMOkZYairGWb*MJ=&<0k52i}N8tk(yk
zm<_;A%wR)DenbI)t=M5dw~*7&m2Va|gk<ZOWI;Mtl!De!@kFDC{s~!*ElTIyAk~JL
zl<xpqE8!Ll7)d-n5dcdw*Lg7}HIkvksZU_XT2q~Jgfa$e9Ar2gjimIA3iNda-=6lm
zHpV3NoY80$h20J-n;3=N-rfPH5DsJ^IJDc)+e*^eRoG-af>*aa24xJxVH6W1xG{z@
zQS~SA`1n>lZmJ51O<96*H_9Q^@%E%e!T2=g02t58cdxzl7s=e1-Nb2P@fieRMHaVX
ze6k_XsM>=>a}48@jic70J!uY9PzxH(sM^pH$Z^72VH#pjmA-`maMHOgJPxkRY3X5b
z?dnjd8%L86F=_&7xFhAZ0F~OIj3H`O`bk<ohSlk`sU{0eRp<)p3wT$vbbqcdr1SJ9
zA&{1~$%@09cN&P=)WI8&L@L{KlO1@Sl|)m!#Rr!0oQxA;pB5G=!(c(K$ube?JBW#i
z+KJ<+fzT*{#R<6utWIk(ft&CQOz(?wZO7x_UQwnPnAdiN#^Eh$x|J?alItecz!apY
zmAdE+G610zRuj${JlNWb2V2IyZmu3d_cNVCk|`Aq!z!W$<lGxs$+j2u2YnqbPf9Q?
z$Fy(Z3oMZ8u(_%i`gg0MblC+>5@po56N2c08tSv~_dj!gPlXv*ACwOKGJdRcw*ucC
zNFFd^IiVkMLx54uW}=h<Q^AqO;$)CRKx?Z3=>;iYKnfxu0$VXnFhOW1`Um&)mdKa>
z4lZt3e+T!cWw$uW`aavmhbx7vxIkh*_HkRVay5(NVUIimV@ovmvT2Q6DPiMFX`AT#
zX*l9O6t`O+yJH^r73_}r3H;dZ81q<aVfS`c4sY!X*bHCC&2qT&#qYd)iI@L1y3K%R
zC~+=33ySNyAnly_!5Xed!o#mVZazXc*nJ#V5&1JKxX&yKUXG3d-oNn(q!><07*+Ru
z!itT<7)&AZ?_9W?@p+3?FOABps}NszhbeyY?B2eQC(#iTdtsPFrL+6(s6P0sEQncV
z{Y4wxW0+jk%2TI-u4>gbBh+x;m%6ssbcXzs#nA!P%|S26_9N08du{IFB98fak_I2e
zc<l1?kgjgU<5>;vYDEDShj8Nsw;ydRehm+<%%`>rZC+>37j@p-6O?>GnielQ(;hnI
zik+l$^$lD(^Lc-2C5V3qC0MpPd#W?zdA-Y*r&b?07R!zMT}waCyzn9oGYZPr^JK2q
zn{D78-_>SqY096$XR$GJ@_(b&wU;k11Ty(AZ!Mfvn^`5{7hAnCIYt%u<08}~Y%2(t
zA?Nf<bI6DE@x(dUK`55R^^%U3p4}lx4t8>xYUz&=#}f~~5!FQD?D#3RHZw9PvC){(
zZmMR7H(gERYJi==44w<>U2%BzgS@0}38Iq4W*2t{@Dem!qIG+65UI2K!!t<Xn$Y%R
z@p`t}!Z2j@+?4Y2+mq|j!hQdYyDq?z7g(lIxY4dpw;K!N*a)K}>oZZqGQ1u4a~<MJ
zrnCD~xTXxTq7b($cBATvUqWZHy{UUprwZ!SJ6Jtb?;Jz#!u6(JZF!@`->{0JuLMW#
z41Lz2!OQn*m3@B~NLI}K{uXyAjoh=yl`0|+4T_Bu7#|Oqcct_&#K!>Yc=VQ~$a?%-
zr+e(q6R#&PcgrzJt(ya(V2j@j%UtK@I4;aRp?mD;)fNotuuZSV_k~EW(z}BER-IaH
zums?l9Y(FdbIlyTgQ@p9*5bFp6*o+@U4sV8E~oJ5)yC6R-Q(3?=kr)wBUln4sru2Y
z^OQr~Kcu=3NN1?hTsUWogjRziE}<1P!J)Y(xW%P&De8<qgYyE8Cvl%u1*g}o3b$Op
zw}n%TqMJr)bH)a9V|Swi<>RwRhi!pdq;MIEpVYik^_Mq}UaecBQ2NiR@8rYs4hMgk
zF*Yphofg)2VdE@a@KrHgi@R|&N#Ec1w@BYBktaEB@J1`8+$iH-D@WSk=+$N9nAwuD
zeV7~jZ6MSbSS@kSsc2J~TE$ZfU<JthTV>zHt)f*kOF&LPdUdsTFgQeBAMvV-*j<i0
zW$U@{H@Ym~WhBHfez<c?7Y%FNoo0Q}pOB^H*gd9{o2p37!XgaoIeWUWF4GzcN#1@m
z!fFggev1v9WAZu`wI1%&KEF)Io;mvBVhqT`uvhx%RPL_Mjg*$&&;A#bh5^BRjc30N
z#^?A9^`%ZDflgG(<G`mM?5%mtGQM>T!0cC;UF}=-gJq5Em_{qz{g>1nMX)<$xO;4W
zIh>Dtjjqt94Tti?csA0B{{*?=8~Kp?y`LQsv$!Q0^hR`Ki>KZuRxC1hx?sMob))(n
zmPm)fBi!i8v3aZ=Ej$vs_=tl4<+*nKjwtFLUc#Gfc(#320dddkTan4m1;*p`s|b0>
zKJo9fBoXFxB+wh#_hw#;Xt_2pR$}C&!-U1R>S1%At5mBu+#c#3Xm4M5dbizPxCD#O
z_C~awymS3rG=%r&CRX{`fmLd|%N%Rb=&itnwP?q!xDfIWn0I?@8GG>BQDxunM=elf
zCVmUc8f~9B1nJfG&hB4D4xNQ-I_>Vl0p!r#z)MbP4r7+XICAJJ{V_{_JWaog^eLsP
z?0aX_!A*>XOghK}vaZhVUy*at8sZJyZCDEai#HxLZ;U&x6?b&N98W>3ZQnp6Z-*SR
zeZ6r+dt#N%E*qa9998RqEyx|6wDnvtY%s*$`sMcM!vDsesAVz+8uZtq7VcT@E{v-6
z{X_PdQTN}8Ciiiha(C%d#im8u`lU7W``UM*ZLuAz*zY^hj<nx*T)*$+`u#*39ll-b
z9c+g)=;LAU;6AL&yN4iWfCwgt8g5vCelMzD0|5;7O<&U<f`l4pYgcTfz?oc*FOUS^
z0by=ynU*drV<OE6=>`|j1O8nQkG)|Si|o%JwERZk2z9@8`^XJq5yY%mtHpoAPFiV?
zB_mG+v4xF1-S+sx42F#g{>Gvv#vc4e<2F{{J;Y`1J&Wr5KJH43_1E?e#5EA9MA5`X
z)MhtsPj(<jsX(whd406~F!x9<QV>0X63^Va4AXSf)G!}SVJ1S@`mQ$JmKg<PP#Oz=
zfEO0wi_2E`-9<S!%<U-LH-$_N?moYF5Ca|=5E8Da&11<chq)6NMTbDk2Al({*d#%^
zfXOb4Mvq}aS(-wS;b^qGdaD_3C1^7C!g5o7w<^FPe7f+B-$`nXVu8{g?e2LigU~rQ
zu2f5BV;;*eO^oegn0PusCwLp@1Bl-6JHd%Jz@RxCy3qg7ap=H<pQEfW|H)>k|2IdW
ztX-?6iwb;DWPt$euzRu`s7q?un&7fdkjWIPr5#*9VV&qSjAWlWmRU(Q8tdMLFd@b|
z0D<MHYwHz%ceyfOnOdoKSGtFU@fxrNhnfp@fcB9x2BSkw{OtbMAt373PzAv0Rvhf@
z?!i^$IL#Q2!CHliymxR}umlnYD8>$9zlSA<T(}jYyLSQO$06v*aXD=bOR@OFDBc2=
zfyicVq`cfYb|*acd?~6;tzfA0_l_{6&yatKkP%MFRrfaVya8SQ0xmeuv9JSS;&;Qc
z2p`@M8GjHKOR>89Q|dF7(q7b=>s|)_WBLP~u{MnbfV!bdaI3#8cZg8t01iJ7n#pb$
z$1klQJ~0jeRDA(}uCh#k4_HuPsqq29xOR^}lxFVl`KX|lt#Uam0Y}Z!=GL)c4USk}
zm%VD3#&zp-?p|YgD?=3&6xY5tu)oFghpNG?%hmW@$i$Ttx@6xRuqLjRc%G5*s#7aj
z%+a!kJeE;sOCbJ87XLGupPbzoa|O~_M>^gRYP>wMP2g<=_s-)gS);PSMTkX6^WH(g
z-T3WD7To5l=My1vO??Du)it*|Jcczj?qF&dGea=2uw=*~?5=L4a)8S9@joEFJDpgd
zLg9zGgu%Y|*YMmIj#9Z1(%74r?J3CXI<~VwvaR2ReXqqe?8L}8S1O#BoGV@E1RRY&
zMv8QBLJMYfn&cGPClS!~9^&(-e|PF~%k{ZDC_|8psJl{MIH&Aw;2ue^Wj)A9;2a!5
zlCplt=$+hOJX9S&q+R@2+mv`XcF28sLB+zkt{p#)nqwP*dd~mJnLm}8B`F%Jz8s^&
zXXuLPq_uDzXbnu-CeRh5$A60u4)9j?{iB7oJGl|9R6dKp_;>1X`TE)W@9&ik$A5<y
zN6Nh&t9gg+3Y_K(PGc)agoQ6gbn^Jgw?f2J?!Dmft#va_uhP<R?nA4$9>aUqz4?_u
z-yJJQd>W3NzWkpUSpI8NXp|pi?3GaHPa;^k*J1%vyUILKa6*~Oz4HoA<8->9;531n
z8UE#3faCYc-^=PI<Fu>IIV));wr+z@52!<>^va|TSsR>u8?!+ju%tM=am1{>kcE>A
zYUJFur*5c{bDK=vP$%bhZt8|gIk%<MZ8CMcD0Q1+<yjZdF_E|6<zB~67*ao*ug%{x
ztXJZl9{jiPL~ra6E?Y-|?`O08y_#i&iKlio3r3HelbU5u!3k9uDS6#Jzv*@McFNYX
zByrWCgEU64tx0*$Az!u8?~-`4$fraWlx@Z}(`?pEh*K#&F^Th*EY2%W$}+QRNxZT*
zvT~$uZV>A_M`s^fmA4qVn6_WK4o%g_V;BF#3J=9&&mL7YF>j}6c$)0zPP`75rd#rP
zb2eF;Ys)R@DQRS=c4f@n731U17Yy`w;9ZWFLMenNka+I_9?|iW5Zyc4LE?u;b^xw%
zNV*H@Djs^c6)*-ehFf_U5cgO`;h|d(@hY&+?(?GNbujTU2nZ=ChiKeE|4s3roa2KZ
z@OrgN0eZOKLm9FBhEIL%O)M{z(MymFE7&}i8_WsnXzaRqwR43=&c%a)@7F^^x7Wvh
zlm;Lp%==yFh9yYl8Q{R7WfZd2t{->|009rIlLmGZh4|qLw5_czvb!&B`Y{Ql&-dpb
zuphIjC)hAiW3WMY({SLyIODB{Agvc>^H-O`=W{JyZKDN@cTFP*ug6huGjT>ZY9eTV
z-$#S_D=nxnL{1Lu>0<U~eh&7JfB7G9D%`@G#$qh~6|l{TtMSvoHC>t~{S9-)W?DSN
zRc`^0?%p08e+g7mVSErSYhT3Vz7so*^;JTh-G3O^F>o8xehGErzu6KP^`$SSp!x%k
zop4WBoMIoCJq2%Lwh#Pt^0>t*4(}G{X2to%)Q4RyALs7Whhya|H!y0lpZmbgX+9k3
zEHx-1QG!ROKGd1yw0gf!>qWS`f`&Ei)y!0We~@_6u$JtvG~E*4C#dK`CcACxSzyXV
zY}(>JOFLqRX;x3FtbGMefOUJY$L=N=aT3km9|J$x8V1|cqU7#@Tngw~-d(s0Q+IcP
zHO|AKU%s-ngq8TVZmWyF!-uW#|J8nIuSne`1x2v$!`Lu}J2c|2B0uA`Uj@;JkdLK5
z7jMJGw=QjeZ{v95tI6#eIL31?3+x54hcI(%--fNZb{~FQez@E{6h5O}Q4P77IJ^e9
z9y-Ec;bBnNpoe0~A1+Lz3$C<lIJ024rBSGH1m4i*J1xxLVV^c0S+S?D(z6P{?{AH&
z^ZPtqa<Hd7IX}glK;FrAz#T~IGQi;v69*YCDeqXP!F02lTkW2j=W$=c+MA*LMH^v{
zAqk1igW9gKj3)~hhs)0^<Earm=W!Fi^Cxh3hv-!;eHHYAeAw;HuXjC)4RBA;$#;<#
z-hedYG6HiGJ}DC}hLDs7m;OGY`68|dQh6YiXAc4aAK_&=-j)qb73hRNyxs;DdLE*u
zk861QKE*>?ylo;-Jl#vc16X%q-3KaPiiiOo?{PvEs<hhmg-ML5l<RWHtZ6ITU9@#q
zmN6XHgMFXC0EyUm(rEWPu!)z+V+Z7SkTZ@J+>ei|S8eTXdd=@Tz5#wX#j4J~)3}H?
zD2tSMq3uoZJpK)G47A#K8_-+-Ba*+e{%%I#I8f0BfDzK~X8Jj<ej8F>aub$wQtOm&
zW=v@Q(|4F~^JAm?YTQ;s4|{CMnf2mQ-3##K(yNf%JWRNIj#bg4d{BanO~fJF5zkhV
z|53a@Mj|NQpWtKb!Aj}XXs9Ud574cZZ)T{q24Z3fUcQ-uWvj$9Z0JBdkL{Se2%qme
z=>e(7gXi&D3M5e@*RpAB*}<2IxUrON%cDmXi-fn`AOzPSz^fFjrCN9x5xih;t3WPy
zHyTKH?b~?Dy|w)3Y1c(XZ_rfMUQa^K9<O|@^qk7ia=<)34`Yl8rG9)Brer6<YY?uo
z_H;Z7v~~?&24b4k5;4Pe)ct|RoP~u79)n0noMyLn2txqI8XrBE8z%4aYcxKeMh8*f
z%aI4^bKQ2BU*uyH#6<zuA|UpUa1_iBl`Y6S@Qe*Mj8<-)10ma0BV*ggngZ{Y1vvh1
zZzl2n2@<u%9R_n~h24J^+W1DyKAO)f9f%vAsiPMzWBMR=m02)p*I0NbSBdh;GvroV
zz`jTpQB}lyhRDm_8AI#5Eto$WIP{g|Jn{LZnC5nnmOUQN;Rv&~1MHH$z*qO&<7IPt
zIjW(Dq?&lIvWH+`r?i|9vVaUIUiWfr5h<a3tYXzD;ya3<i1tPm_|8!VV?b?erR#Hm
z+WlnH`q!{U1E)u*{ifnbcQLLU?PADbD2xR-m?qOQk2*(9ykmt=D}BxiqMN9}@do1y
zQn(gRMN%B>7<%E#V&R5d;czg-3O5oBxx!)7A0kUiY-2ss8FuNQargWV?nasM^za*p
z`afkC<xnpJ9Nv>S$N+~wOB`fS8~hQ-)j=EBySQjwyqokK^n&BBO}m1<m5U7v?`QO~
zT?Sg#-Ia4{HJpgLR*MqsR=*dm*aWS(i2?nbgZ9HgZ|e%!OapePF3j`VS?e6#g>5_d
z*cx`ukWnxetl(y%J8~V{x_7wmtx2G+3j-lURM{KCIbPt%1FbguPDT5%x~$XKempnG
z5oo?Vwy#?5jo{YD-(clFlUB~|-W*tOx0%S*+X9xKfxBxsXw<u9&1&enO*|Ors>?^9
ze#mo`iz@q3a~6N$sdVEd?7Zxg4-3~0b4$l!x`!w{+_}%w?h`m+9e{%}ojnlgK@bRH
z@*brs34~FSm9HJS12;59*wM#Mv-cK^0a0~th(MwQcb#yo;;j;6Y1>+0$sOJOJN0tX
zzimWzXE#~Ch+Se84_-~9pfwfQIaTSzM-mTn0$rR2lLupmxikSTS)SP6jB4YD$MyrO
zT*uypV3<Y`3~E>g!w2toGFV{2>es;yukQhcEbqrC(>)3@P{N8}uvcN%7(dtcdo%lY
zfWkp<Mzn0yoT2I4_LXpAC93y^4<Gs9?VLi6T(So^#J$JoUv>_Ua*AM)e_00>P%YeB
z!^N@l;1Hu(rSvTD(70&E3q!&5@7sduyNB>*BUi`?)8p~hb1@o{trxoiM8CLIA>;86
z-mdps`GzY22pY9}I~kVz`Z45*$Ce$xp5^$pQl0_3{!2f*=8I)bnzZJY9C_UUj{N?A
z2S?83SQ5OL@#F_@&$HvpbL{9ydy5-Gfa40|hm99&zXqDkKhut;lu!OSC~m97Ig-NG
zntT?MYfXOVPfXKeU-{&F5i~xJ7S5StpkozF6Uf;p%fEFW1|~cUj@^d){>2~T-mPls
zy$Ca@_T}V(U=_WN*{EUw<kafd`tolDYm>-8eRDgOCiWI(0Cr!Sf_q?Z8e-~!_MaED
zaYbLlegUl8;mCD5)4dBlVHw>9BOpriDbB@Xh+SE{kT2d^#IS?qsCFM9a@{?jiwQ^z
zQ9Zi&Y4o_Y3B+@y4BeU&bz<Fc7hGv7s~Z-kMN$GIcRLURX$;`#g}UiQMocVA;mHqx
zm{>}nj<;NoOFA#T0LcNR#EYta*xe6xX~#}W+@%|8YMgN)Nq{S#s2;__V2pvfc6-8I
z2R?&>Ir3q&<D`t`cNAR0&2Wfis~?X3MoWAM1uyw^c>D3sV4ZL=A+ayi(K~nrk6hc<
zXAV7so^5(Amg#FhfHbsM(=III%^gVj8F0172l%=p23U7y6r&T2+K5aAdR;&k`;iG*
zajVl3UMcS2WFlG=6|gZFRnYndFAm>@t#kW6i(#u4)(#;ZK2V6Ny2iaKu-9@S#96`&
z(Xtnm+s%c=sEPFo<S^mxv!bRWaTASCISN#(N#nQB_zZ=IsUeV2%Uh!cYIzJGY<KFi
zpa;QzM2<)Gaz{#0X}h>=O~V{f7|mW=hM5Nc80=CyWp@jkOUKh&3P`eaJpMXR4*6@!
z$s^WN*#diIM`bz1(X*ofr?`6Ph|^Dz(=_(^r5{6DGtBdOJPx_kIDP=>x>xFSz!AI7
z*;8-&61=hgB>)AU(5V}?tfr=Cw{Yh@UNHh*So;`Tw~F>a=d1Maz%ku*jymv9{sl7D
z&;m3a?*U(9Oz=yTCG}7SJn$2oyr+W8o~tK+3m@o{CgQUZzcEy;O!P*M#b3oh75MQy
z+?pPqX5PyrG=}5Z&C+bz_f%T9U*4FGlj^e@mBm`+dBYgOmd?Y@x&<b4;v#l0Ot`hR
z3t>X1Wg)>zgp&)+%1sQub^*Ma(Br(6R01mn3u738z=*~vqSRfOl(EAY&KP1o=?=yd
z|H@a(F${%VP2k9b7Gk*e`(>KNFCcTT-9eV;stx;>_Ta=~cpVm?SkVIwV<C!J8oh(i
z#ifTK4Qb(K$K7wlYGp5<=S|YU!gSa1*OEh687@vg$S)VCGLR>|(&IpPyfOi~3c(G?
zMdZ-%n}!8&WeRB4!icm3(vXUqOMz$XZDm~OAQ%(w`DB7YYT_wRcLSWQbW?y(_we2d
z7fVQ7$>Q1&f}uu;^v}YRzb^eu&ZL^+z9RxORE>KiDm4g)tm|XBa8G(G?O&p9fXE->
z2ZF0dqOEjj>%^B3cm2bxx%wanvvbHJH#6wk;}8xLkh498jlcGA{6anJ+#Z{{0nIDU
zm2kle5;8v;X2?i_5CbW%f9F7KCaukNF*}Y0gm{(Rc{`JNe-u$DnEntrYOWLUx`@cX
zi*02kwzbJYl$o+1lh@((#6&X3B<ntgbTtfagW&SEzL<aNqP~PH7~CU5|CUngBSx*i
z;-|X)QGRfT?_cX%UH_QA{`%kO8?1jEUzUln_+>PH8INDa<CpRHWjuZr4`t{2>L>8!
zzw*hyg|EH4$fv$u00OT6A2^lE-Q#Zox5hu^;hH&aaL&Kn)jfXi0KW~!>mI-K8~JGV
zoS2U7*^6Rh_R!bFiN_-^z~3=@L~BANVL6%o{4QC=p8#|xeu!bEYCLg@Mt9fci5Jpx
zP51c8LY}8ssre1AWS)l?5SB(O<G1y`^AJ3=@d<duFNWJ9AoD6CzlWhFF(e?=^liOw
zKV-IY@{<g;3vP?;lb?e5mh1Jwx(G3M&TmZM!p2LLuxAN-`Gh@77<4Xcum7Do&-C9A
zzV0jdxStE&l-ZAOXVPv?sVLqW<8^Ms{>#Qhx#Pu;Q|4ub_f)a^1hyJHM$TwUjvpO-
znO}U8*<r;O|11os>kp=Ny#)?uUf1WB<DW)^MWDuC#&=%1qx!!9%TD%Tuk<S9`6est
zjrDT(wi_GevD<EJmd9_qu~nY9?M9sBpTuvqJcVDsJdIzj6|rBRSPw!)bW?wsx*TZs
zv4{rHTh_=)8|Bf<kVXOyEw{Xmf5RPt56#7L15dHua7T@L?d7I7R=eR2Y>9xm<&B3h
z!+3)iKa-Ufzb~VVuR$3Xt}5S%H)wCWF<7oEH6{je?%6o4aode>>mmnp^H2#mjAag}
z5X%e4@zn7KsP>j#hdHyXHAjy2e*7xX$oGu&Y9G6Udvh3To`s=`i(_`Dn&0zJP|bix
zNpW)Rb*$8jdT88Ae1vX&Jo+PQnOBQto&xjI=xLag?Z>^)>sSYY*KX_{TjnB1G`LoD
zVS~cW(FJa7TsSzo&;fKAI|j0pNfzUYVw#8kooOB_r1=Pxlm8}O`fjZ0=05O~sTPL4
zdd9gvD_wK37bmVK(y;8$^Ix-fCA`J1J2$m&$UFI2_@r;N{XPbi!W(VzGU&ek_l*5G
z_bNsFlOV4-LCaIe%!bKaA@KSHzv?;|tIYBegr0x6S#YH+Y<!t7@x6n-6URrs3C-Fr
zD~l8i*00Y+y~Q`o631(px_8qU)<H7*@zp4uf8rQ<gS<FCAiN(xJqrYXw*3R9do+u3
zM&Yk1hUeLXtlTzq<%_L%YLYq>;%-%kAILIL9kvR0xG$Vn;`y(>vLrdH7)Cv#3$Dg4
zovU>TDP8x~lDH5&W+U<n8MQr*n#If~z?X%WV>1}5#YbSP1+~nzRhtOq8sc>xhOI$B
zi_6C4hMTQmqHBPaCYI=sS}_H#*I}ebi1lz49=>^CRD_Wp*zOA8hP|~cNW>G0<{WSx
z+B=Lbrb@}(v8PZ_e8(?DJ@{HxRI_SRH%)e0`$;5Ie2dYT&3Ks6=AUKk2^u+0>`cS}
z+ITy`X6;k#N%QX35>3~A7mRR~Ve7xQLftw?I=ee;((}IDeV}^}x!6pu=&&=S;vaWW
zkIe3}4w>D3hB9YY$e0!9dhI;0S@AdkYSRwXYVDeRLi?Zv?94dMdo8v@RUT6AiWyo9
zkAkAC6;)-8T1NXC0$?Kq83wzI)i${x&Tc6nitKhdHa8P2ZVxQ&;hKF%a1f)8oz%W1
zIO5tDr$I(6WHfAP<bo*85lbK%k+)TcyNhv{H)e0fUhwVQ+8u2-Yh)9A7j~QJ-Tl(Z
zJtZObI!94k`CDq(cn_CR%Ra=3j5d<rVb;;Pm^~C3jDi!n_=tAQA?)*M8r6&()x~l+
zE3rN5sCHI2Gb5gJRAEOgEUpf5&QaH*$k)tBCy1ZHT!X}y%bh5)xMNXcX(AdkI=Ut^
zn-zH|^L50|`F4|=n8xmEkLwcVXxtqVej)NOSwg_~C`vnXe4M+(;V>9j3<s!gN4FD=
zzD`8T3s>mmIJ0GBuGpt)AK$gQpKFM$<J%4Cj!$cIOA)Rst2th*DTd<;AR=q_YCBAw
zLQNkKTSLX}T6J#Dnk=*?^MQ4J7rw3_6H$Gv6F-g3T346}h_4|LiVxALV$lL?0i6Dc
z8o8D>Go(z;QEfTU(XooIjj#r6=9=HkNZdJ!|D7ZHU@l~61!*}Vw#@5Vv><LyG@GNA
z^I}rCHx#<8gaKN2ZEE*&=^*9_{yXzKT8#&ELo0_icLTvI+#O1|xsv?i0+EXt$lWJ{
z<Kh$s+6`vJ@ird1D7>l9*l1HZO@^;>p8N+4PZ{2O1**CJPjD*d-siTrlFQR3+%eqe
zu-z^!PclfjHMV;R`^JPaBcx*vm>igQ3hDlpK`_YU@#9z0m_WK)Y1wu1s|b6F5t4~S
zf%+yA7GE-K&LijL`rjGNBWGj2OXd-plX-;ZWFDb8H;>4g%_Fk<@&5wLV;=c+erom!
z?bAPx+>Z)r9+4rNM`*>Q@Hx~6<Fn=wIW^<Y(uwnk3*zjRg1tD8C~eFm`eyTp5*V>O
z0-HzVG;Dcr9&tgG2j-ES)vA-sBmZpWOy&_;qxg-e|03rR8Il`2`sWeW(Nat15oMRn
zBeG&1`3GiV^T<6MQ#6mfhNjW@pXgUV@nwA6Ji@YC-8xoo&LeVE=|(NA%_FK;H|J|+
z%_D!$lsS(m?myBNS=?kEQEb;9V-`$Bws}Opj*>awbQsw@kBH&XIl15c4VXvb93S`3
zBV@QO<`H^j^9XG%BQu_vQ=yDJ=4K1atSK<ITfvQlK8Al$+BZsbjahL)0<jBDOC`g9
zpfHwhZ8EB27O2@QP_x)oqaQRpQE2oMpPQLFQgc*04Rj1F0qq5~a@KQE%uEH5IjS+7
zBeWN}kiMnUa0F?X*B8;o?uC(Y%t)kzD}@Wd1W|P8oszkrk<0~I+x^GQ1rKtVR}qRb
zz0a{P{2}K9%Jklg;;;WRoG8=#?}Y)pDAW7M06#bG$M>Guxc`gD3*$Zuz;U0sVl1aM
z9rxeNAU5v5kH%!&e?Ki0<rT6zrKIkru;VUt{iSwg;<g?8Cn_hufHdQ~IpVY?XVGg;
zRpKSsB$KL0ros8n#3VC}*{SqGMBU%3S5AJBkuPE7b5DK=W(fHBF#+G=2!oh&e3{a`
zdoq#uwLRtUZO-4z@-LToPM=t_9KRk3)O|*R*e@$|Q)Zm;WBQ!KHp%=Z^D;k1^hAOB
z<d!l&PD2n2`7wt}NQ&M-iW;7M6p4X<q~n|5`+r3Z$OLVK_u@Z7TJx$32=oqE9R1&h
zyk5upL-JRr;IBcsU$Z<znIPH$LP6XH16?VFPX02sRzR-Su6hu<-*5+j?(C{OA$tmz
zv0vFdan(lN6LP59axL-1LDIY@WK!XBn0R87WZn}(Nk|m|v|Yjz1#bur?<VEmhaH{b
ztg_dMe~(0a;Knb=0j)j!`0a=bIiPC}jPp4;U?Ge(ndE?qWA;oAxWeWml{21yj%fbw
zoH($LqbUw7aP)<WagW$b^1%nLmGRIc#X;CB;3RFYNhNLM&R*R)-<~?NmrXm@D^dX*
zJJw(U+?U~#3gA9~VW230`*k$R`d1h`6~J-DWlos@P9Y#w<5zr25t}T(h0qkh(b9?E
z0GkuQ$@g9Koj5-GEeYUM78Ae~<X+4XQV+)PZkoX)E2AI(PZZ8S@fPw;LH?Et@5jHE
z1p+P4DBU+^QO+p*Zxq9)@;8-39kozwCx2sg{J0P|Cs!-f;q_Sts>4>{ezPxJPX3ma
zC83_l-$Xs53%C29&vlT<3;7!d9LnF=hLXQA5z60~59Mzxyw)I+zx@_$l)uq6knD{v
zl)ce~vNvpEi0Ovy95B(9_i9&qBM`XB-Ihr7fQXI4w^>Ns<U_ffQ41&=7@Q}<&Bp+_
z;s6O?X;V}AB0l=3Jg~Tj61j&hVlD!3H5L{MMIik;R+D16(0GYrIda+Bdr*!(v7C5N
z^ied3<;1immZN89G8M~l7ClAp1Wjq`?L$*sC}_T@mWZe3bL-GE!c#10f~ROs@D$An
zo}xL2r)16Wl&lX1PqCW9Q!-?DidNt$GDm`^<kYlQAf9qT)L7VIQm_~Cl+p&C(l^6X
zN?^qDaCk~i!<Gl}lnbIffTwa+TP`PfioHB1my`8O@f7Q5sU>(y*=2Z2R^Tc2+^z5w
zCp_RO_CSZHSXQfB$I4ASB}bKR)WRB`QoXu4Uo#6&y^bjpPbn_vK;S9mli(@EcI`1{
z!Bk|!Q}T6`%=xBE@y&SZ{m3IPms`m3aX+3S!)<}5=#}9q+7div)UMhGaycuah-Gdz
z46tDmxg3MEGr62%*x2B>f^s<#R&qJ>#~{IJ1p@@-a@MK|FblOt!F8*W%PD+aK_>HZ
zIW{YhT3#-vmJX~1OfJXB*3u2D3gvQgRDlLMI#w~coN{mGqL^87Ii;hbJ4edpvczqe
zYeO!lL|W$c+bFi=a&!y}UQB8Wxm?!n-!m+xA{4P0<yaXOt2MD;`8u44#V*HEBNL_-
zvDnK7_&F^0se;$mGPsX`RKQ{^0I?Wzb#gVsVury&lqkhuby|SI@Q6gNWT%wG01WmG
z)-AzcFU9%!N_-Y3FoyxC1LnUiFxWR4*<rAIVFm`{Cy&9*d20-|DSt1^e@hIOMQWa;
z`HV3b13zdCMgh{9V6X>EjZGMgrORWmp!6`%{uhD4X4x`juJ=3fo6$UVIry->g{zHp
z`JWL6h?;Q{Y6=J`5yW}xnZ-fgr^7;yET_dn43oz~v~PihjQ3W>dqpf%;H(S_InLS|
z3vEe^!C2^)6!b7+iiO^rI<tKfEcDB%D~mB03*85w6bt<{x?>RweHye_r=+S63&|<N
zLb3w>@S9>GSrRNnO92bX*I}WLAzus`D$CYbh%vmIC~#Che*6g(&O~hku@J-i@u#vt
z;+5Q91cx^^rAq-}n(i5dm)uSwKa|7nL6rXA@CO^JP;7^VtaydEn=y_BqJ-KN$nkr+
z?;=+RUozEvxJ_7yWl5-KScsBsH*VYpEVL*r#9U8@g+7N!#6m2*Rw8)&TbbirUFL`b
zYI4NUyUY=YXdFwB&m$%zy)ZEiA);vjA~_o%qPqd2aeyFsaQ{{=B_g6BAR_r;GZ&1C
z1dSxl>hyqw<YVwiJ^_!#^e)FDM?SE?D4!bf5$^pm4?IFtH}^U(V(sBU3iIF<^bPZA
zU|H!LGdIX}of{6Kxo}gd8{Tu;GHw8L0WF|4A-*X<YZzk@ppo_0s+>BXpMQ5=y}`4-
z$7ld(>PZIB*p@kfCUqCR6M&|9xeuUm^^onG_%D5z+c!Z{w*O1t^`AxGrA4O3OWQZG
zbQ*lduC)a|qgRH{Xxj>(kv}j(adgb%Gujh;CKk%@nPRx1Qymy1QYDsxO8CtDF-UQ$
zbNEc-RhZ#3sVE&jQ+OM?3iym+`tX^eIfa+uGe%b7opMV1Cgi9BnUbo{(WyoapDFjI
z4Md7!X5llXqoO-U;<GIA&@^ViXG)}HUSCA9h0o~dbY;$qNo|48vUdNT;WHJ1_>5;7
z`LBGkgi|dUK6?a4*!41;2JDAO-a7sjDAv{;7W+m4C~b|!B97b>%8XcyIbdPMyi>i{
zB7+zvdnApCUhGk{0FzzwodPCf+<9TLKh}!8GHH4-5AN|t;k4MAn*GygD@?|#*y2Pl
z){tJTSvgr@WQWPBFawkElVUOiG3Nx6O=Ws9<?o%`lz)OEwARn`Vjo5k@t&CJ#j;3E
zCE&+jfcId%*i>FG#)w`_3e=~z)Qf$9-qefz9SqQmokNP+IzF!#`viQc7yEZp1DNdN
zNP~Oj{}tbPRRsk494tFIZ|5)>Tc*sabmC9JyRN1pCi@I*z+?|ZO<^)6f;gW&vpC@Q
z0wy!M`0+m?I`mVHEJaLK2xFuZCQ}@<_hB;DHsienlZoH7UHx3gLXNW>Cd)X>VKOzd
z(@#ARF^ZUM%Bh^zQ<W3Bq}O!LSEkP7_GE+jy(uOmgAc}JA$(Fy_BM3KA|{&wTdmg_
zJJnCU5413+43jAYFd4t%7wV^E`4~b|KSfI?{wvs=eoDSyqVL4<=6%9sD$4*&#vGxa
zVhr!5otPA5^y5hs&Ofn>oL|sS<-+^%bQVawlEYZJaD{Zw%c2zYQ(J|fErw6^QwpyR
zQ%K%nGFHcr3vqLpESHxbpPgmk_&vpBg>Z9y;c}QPD@#H>!(^hK@!Cx(CS%cn$=LC!
zpJE$IKgC3-pJG15WGsA4M`AKM5|gElt=f1P?}RH=RCL85JZ%rBn{5xLtG0*F0FcSq
z02$pgKqe0XvNUa}s78Ro<Y$0PkqnTX13)Gp17z|sKz1b-IPx(-CLaN^UK=<}K9D}c
zC?A7lqrg(~F-Rt##zg8!sAX=1UluTPn=`^V$fXtn<oZjJmO8P9@h>44IeYCOYTgIA
z#P`;l7!8n19mOCQJv&pWPK-0?DS9W6OVe&2<l=%rbA{=|cIDQpXQUHjK@*)A&52Ho
z=0qn(b518FYo-&E)sHz4V~-&@2zw0m3GLIr$B@;OPE3YOCq^rDVkB##6O&WZT7)_=
z7ep;Yomk#p)QQoDm`mSGC#DD^mWR`c$!XZ~piayMQ6A8V<*ZhnL?_0PC8raUHL?ko
zdkk%+-D0mg>u9MZIx%IJ>BMA(PK=|4(}{6$V0#Szgr?E>T>90;b51A5vRd6bR&MIV
z<fzh(T3FMGsb1ZjubHJ2JBuk(C#JZZccByG=z>enZLhjwyY?8fU@Efd#N_KJne#o3
zPV7-g9BiyL2=^H7&hc@-PK*q<1?HkxhPh~K8JV%iP=zw`n41kxSyNz-p%vUn$UTOl
zv~QGldkhuChRdn^9z(W<rCXaS?lDw5RgHeO$B=1QCZT1?J%(~rI}LOUECJhNs6y0p
zQOvA8hDt|`;T*ZgFiYGfSzNboIXBGfe3U-7$B@BYDO><1xWyjBtnI#MxJgAQ>a`lA
zak|Iw6pFvzf)n*x^H`#6rPun|0e%ikeX-!RHI{k;@&cA(0f?oTE3g!;DVDmPK@3a1
zkj4Z{y@(cIsVCo`FX1UA^$H@Q9G1dq;UT1HSc>N^8J9Fj^;&~5)G#AC3^f8XFcd#|
z3}wy^L%pI8L$$qpzFv}VUY}LKPFW$Fig?D@i4h+(c6uhMU~8b$Vy6d7g-zIrrORU{
zuk<90Ti7}maXVq1+X)-oPT16TLToCmb5mg%=nY4Wu^_^+Vjd)J2iRwblW^Q;h*QS8
zaOMVyo3X`^?$~08v&eAwx)DwhLk=wu9}nJPj1GBwM2$yY)5teMB<%v#c=Xl99xuf9
zagC+BwW`K5&=%X9$Oo!%bEJzsnfE~Yyx;~x@Ech!Y^To3Ra-<xI;)(P*ouP~-dI#e
z$hy^_wg^Z(E+%t$av*0}TV9X3fx5!Zv3hy&QsB_rZY<x(lg{oeFwaQia;-sUq%B-_
zO!`c-JuMb>Y<5~K$}o8>N_&Pyb!J*v6n*zu<l1-l@*uR(H8T+Ex~759jeZb1kb=ZL
z#q-WMwwyad9r**#P~)g|;TZK|I90ahlB}RV&EgsAEz{(Y>Fj8>rD>G`Exl6GXA_Kk
zC<VjpZz)EeO`X|~d!d8QKb(SOl4&qVZo?-9$@gHKErR4jXo>Yv#x8<nIb|SOR^VcO
zQ;;l60+MMdfMoePkX$ZpqvBF!5l9|{O&P(vX&#FhW#h+BL)rWjKTKX3gpnEEkC(GR
zT2F1p$eYq#$)cQ5Ii67r--nSkZ0CzDaGKPi5O*_1wmSS^mVxT9Rk$O4;WlAp4bqN!
zDuz+d#+0`r?Y$hY6<|w@tVLZD2${JNDYFVZLwyuq?%|}pHWA1k)SUlJpMP(pFF<d$
zKg7ZQ5SJ$o${KJyL7IV8gFut)v9^v9^Z`vZvazQFnqoEsn)J*8O)f7^(K`W}T9fnv
zO|GCa-QK?3`uvP=Cd--NOqvs%NppfTY0lwHSu>m|>x03Wtfg?K3>nU(6*!a4ncz%0
zHPw<j%jSZxWqG@o=!ht?7jdT22F}zs!<kB8#PV=BQ%=K{263hfqBMasb5?^93C?8i
z%;8K~&lG2}j+R=2GnHM2Gi3$NWRKelXC9_sT`cEtCd+Dd>sYyoGv%n#japd4nW|Se
z=WAx+%pYLN#F>iA`4Kpi<6DX|6}xJgj9D-h*>I+O9VK(Vr@@&oLgER|<eBLGIX>>k
znPj*va3;MnoJm`PGmY9+`(W>-6;Z@8H`{y3hDmgL43gV>sTeiIa9ly%o(L=5p7}%c
z#p%H5_N-MCz#7JCGN;>9_`3KG?};Uc;_3<m1e@P`sc1I1VE+QoL^HCrw3(&GlcNeW
z(9yAq>GqU+)6!8CGfTIpbX0WbNZnqRcxbEu-JTL@nb#_6E!`d+!-5x++CsONwfpxB
zqpAo+-QEsTH^r#GhvKhy;WR+EH#y*}^DGt-8I0W;kNy<W1s-K)#G}jsYY$peJo>8)
zVtDjzG$wfT?X&=oZWOXQrKF_W`!YmPIP*4Ty1g-^8E@mgRITaRS59oD+Z)R3_FB^I
z4OLE#GqS^_6EFjp@{{6H1Tp7Cw>O>X_LRSOa#Q|W==SbMsp~!?;mlhWsVTD`cTj`D
zy1nVVZjTYYm=vf_Z>ih+Hod9at0GaX^nZ~Q-HcBI_)@p`@1_RuX@!J`Zf_jlc~u1j
zYQv)SdQP{;mMOC;oj8PdT}?&ZUJEv0u?M22bbCq!afZ$;j$6m^-b?LqGrIV3gy_)i
zIkFV-R3VI!PIyXj%%0&Xojqf1Gu}&dd*U~z+beLEgH;)484|fi&HNOx_5%{5*p|r_
z${$UU2)U#;<N(U`DQ+RRr?}-KX=oO2Fm9QFPl{V=+qU)LmJRUL`YdCoxaC`@fH`Hj
zMInG&_!YxYxhIPU(owlbOD8VD=9GK#9i#8W@nz(Tu|s9qj9Zu?bbE~8-LwmnqKtn0
zN|en%@mg|z0k`DB`|)jAAn{5Lx8%YV(!Dc_Qot=+h5z|t_!PG&ygE!Fd52qA9X~F_
z&Eb(;UVi-QECa{yscx?j?w9()<#0<@mV|nSTSPtMwLizY<pSXr77e(C9iO^AHlcKT
zOoX~U=0n87!Uxpr(SdqBI>Zdcy_R(3Udz-Gsy)0d8s7nTJAIb<KxU4!s^*0!O{$87
zQ)W1FhL`Wn9g$#U9J~7o7q6HHZ`G4~sGXK=DE5>Gwr9eaWx~ytIALa<rrT3$rrX0U
z<K{zAc-`^|_yAMysZiM|L9JcPrvU`e?2STACm%fL45LzOj;D^98y<Ca0W-IW)UB4r
zofFj}Ub2MCFk}Hzi0=bQ7ZJ*sJ!+opp@q^&TLv7RCzNB4S$hk})(7R(pRAKIedr9;
z{|w5}voq~<hA-Bvev017Ky+O?w6G`%z|$n(2k^N3K>sv7;)S_&@fqPe7CymuG$;6u
z<^<o-oWpmrX82B4KjxqhJtCPCdPIFf`}FG(S#{w%88UoFt0Q%S@8sm#oq9wUM0`Me
zm$w)39et=r)HlO-iZEhK;P9QChK;v~?_3b&0eqLUT6Ge9$5AYY?_`Z^GN&HVX7w%f
zi0rzST7vJCU54*u1-|3R<nSFABBn?DDrgKn;_dXSi)9_YV_B_k9V<8Sog7uVQ44GM
zPW9^Me9bI;_X|v!_)c*-#{=JSBunv~V!QSjvtTN+;XC;{O6Gh|gYVvs#1ni+J>o?<
zKJLeNWVkKx9lbJqM_bFt3_YR>W#ln8(<5e00X?D>+(<}0q9~0!R7nA+M^q3S4yW^a
zM24|+YuMSIzpF&Ct42T5BQg!kB(yB4N0g)5X`o|Z378&Hg{bGEm|1#6rK84hj?^P&
ziQ9xuJ)#n6nAfkM^f^5uy<90=04BJF9x-dX?-@o@5sG@mvq<9<qkRX(Uq1&<)FVD0
ztDy{l70<{0;{ZRWN4%z-kG3^#dl&KoZesz6+n6iXUbLpT?UM{*xa~d~6Wn$`Ex>Jm
zUdZZ{l9C=Vhufe>JQryiZUaL3TgENu5eMV7IYx4LZ70mYYy9N#nmH$W#6G+RT}3Wm
zFUdErM=ap9EO1j1&lsmM;)BL%A0ZWrYkQ*BO*rkrQehKLW9jlZ%`5#F#;u2N+@i{`
zE{$QM+-pje*y8;pP%Q?_-D7wUj|xWU;_yxmt}KBr(1$V+x5-PHSi#$lFyC;a7F)A=
zrdry>Dm|c0#QnrL@8Ue9L6pZ>(SsVq%Ces(hBaIghkC>6a-djP<mHp2=FnfR$qO6E
z^Ip)7`pcnwAb!gEK;eV}^X6shKl!v?PPeGyFYb;|a9r=Zsr<SO8Ln1%D<hKe#v|Oe
zj0+8{mWu%D6N$!=D0d4U^h$Vfp>#3YK>Eff;ZA0$98uL&<7l@J7d4J>E8faX2M`eY
z+w@Lm#yg{86!nh<EbPUOJx`05877aHY0vPo^pC>J=<|O^Zhv<#50ndCIs?kCOJ9hk
z11=ix2g+O0llNO^cQ_Yyg=Y`eKNb{)RAie%(p_y$GKSM-Yt5Y)ue?$*kD`wA%=1X@
zbjBsyX&zQv=8@<pljZgQNSD{_$0^SDConc1z!RdUI6m|m4*vg0>P#{Y#`)*NC&l@f
zd;K{7FVIr!^Nd}@`Etr|zN~=u{H8cxmIUY1Qo#B0bvXYP<cqmRW!VzvGlF;1J}i!u
z4HOM1n}6cd<fTD4pW&gu$pUSG^EajYu`J3UoWCjjUlzmn;e1U8`C{(?FXIJ7D_$Y)
zW}I(<KAdH+1<to{AMFdb3Fm9@cR8yVMm?K%ei&(A!g)XePKWbZ9-B-%s7q7J$Ce*|
z9nMSP=zMKXR1bjlzXhkoFX1ss6|E+~%Dt<hWlR{#23`9q!u7#Wky%AiEWl8)hrv*K
zrZ7}Asgxd%??X|36{oIWJT)2Liz4EA*ICFVX!N_dBJ1#qAOAJ7gtQ`N3+P?f>3tvf
zdxxEegd5a9dZiVl%YQ?a%8&&g^2^Rt_3)@RQy8ia;ZH1CO@mdd%5tdU4OJ`@ykI2b
z4pk7GR2iz4T^gGIgVNKG*QIO+i=D3y>TwBVyR1jWs$;cjE!6GR`FoKd-W8i`b#{NT
z><8xf4LG_QzH|O#9%g@**qe(#jt_ESDJs>nidCsvNvA7Lb5n``3f_iss-=@C+hr+@
zT~UnGL8p6%Oig55tHj?#G}#j<gZH2CNMxwe^L}r&21ByYCRJMOimf87>d2mz&<fL?
zx5sF3>ClmVZ|}HO=_&F<B4N;Sv`@mo#j|K?GKR}Z(+6{}HaRnqG0>dI7-&vp3^eCt
z46<f223a4BjDdVD8G{U&jDc3j7}!#Yj6qJ=4NfP@7+er%uN3S>8H3V>j6vT_#-Id7
zEDtARkkhc`K^cP!qC6mD$XV6WxCYzq)#eDAlQGD8rZNWB(Narf49YH(F~|xT14p5)
zWDMk4$QU>`I2i-WYIW;axhZ3iqe?ewVNJ%MdUbQYW|oZMLrj@62F2wX2Qmiblk8Pi
zY}X!R7EDDp8H0QsC3C)~kueBdq2KYm6m`f~<oLK>#z2PKLdHO^OvXT4(lL$NRr^4P
zY(*5Y%*}MjY?wrc%pf@(vSQdE@3?|GWD!<6Wb=oJl_Q_iAzP~^!irGCOmcsZ!q>%j
zcos6#A+uQ_y~yj3)zX2rfa#DK*;=|`RpI?Ta#Vo^IyzP{9kOz7=AxKcI%K7zqB}?G
zkh8>XUgP~eN~C389A~9Nrej#}Vp3b^kh6CGp2;UvgrW|4fz(aq69-yY9xlOYfDU=k
zec7+aLN60xY%PoMkuGEr%#5-K=73S3)>Ia87K4~9;$j*TS;Qr@Ko+sPlF#atlDeCi
zT8|sG@wk!hP2Ghw?QNsh%q*TFgKf~AJtKJ?^00KsBbAf88Tk^-RJb>F56qBB@RQ0U
z5X77l9r8@3LstIY$xZohp+jDP7`5&*5_HH}q^8V%{3v)2)*;X2b;yk9i30VREp^B{
znH6=&7r+3tHb#nWmQ7p)U+R$m-PC|=Vjt3=4*9Y8&Z{aQ(8FQb*>^saEmLMyI`IK`
z*VR<iAzum`bjS}xP3e%82;y9JW^pv;ma}(^j4pnB5YeGSc4R4H;zAfBoiMTDm_5V9
z(jl|9iz)9VI%M&i(;*i)%R%FevkWZWqh@wG<Od=~u`QD$pSPyil3daoaUk*wsWZ7f
zy~^j36kD=*gR$iW@JX@dJ?M|cy{~QX)%t~uonp&#K@4-su%$u(Tk<Q0p$=J=JqS%5
zGA*5W2{xxgmhYqKJ8`^R6}D7aHe*X>2puvbcsE^yNl`{W9zogs6X%fg3)nIj-jBCu
zfy6609da&QA>FAgN&#DL6@EuCe2Og<ULB^8yu+5Pjvp7|=CEZhFF)>P8907Vb;yNq
z6Mf-w*fJ|iLOsKlqMq^Ei&7mjiw11Tj!zvjn@~DrCPE!D^Pvuzg^%e-Ju)4sM@}7e
zK6DbUJReF|o)6`PJ#>q7VGmuQ{D8IuS0S4_pHj=x&?TlgmT7)=iK!ylC8ixHkCmFO
ze$uQZ-duzNS)O)CH1nh`c^L~Gd73U+X__v15ej7am@Zj9(k1gk9(go)`cv+vN$x_M
zD-Y8o%cnV&I^xY&3*Dq9nE?Z*B363=GMrCB^R#HwxS5cfe7<%e0{1~~^#bc!j0VW9
zUSp7(o}HQWv?%A(Q}j*{m?q&q1jgk7`j6qSgSmC<8R>Xg%mjbYoZv5-6Z}PU4u8p-
z;V)VJn1eEOyyPb6c=ZYG)34)YC569a$nY1fASQ{L;4e8j>JxvtAZj7%c=Prm{-O_c
zy!vMNOA$sa4~M_xG;A$Q{N;iu58$ty)vA-=FOD)f{3UB-lPz_;HtTMo<7FK!wFG}D
zy9|HH3jD>9!{IM36imlEP19&RPQSW1&fzbX)#}!<aua{aQKcKTu!g@>uWruQ%)(zC
zrcC^$xSWH5zc|vQI$p(g?J;J-RAj?n@^zHV`JM)UU4q0-{$cM?JS@k@{rHOvw*~&9
zSBAf6YZ;lL<5i)IJmzLP-mEF0<F$et38~{1rG2Bc)A1^Z4V^Q29WPtM(yigJd|t<^
zcB&fvOvlSKER)c(q>fjPYNvsYfhAx%UKOIAi(+Q!c$JPC!#PsNn<Z`&E_J+0q+wn&
zD1A=HOD|Un7k~+Fq2tZk?t6xzRD`0A_af3b#Zb>f@z)Q)i8|g{tX49BRMhdlW`Lj5
z@$U5V(YD4_4?|wSRV)B;6>|lyqBX@;&twq8RnMm}!Bsy>3vku{Dr9v^NlC|>!&T7n
zUW_yiR{=p>!?^G1Wgx0c*wDN0A=5o9WG`V*p{SwWh-{UZ%iNvwujs=|(D&rh^(<Yk
z&$4@T3OFeX+*HIf#z~C$pmEYuSj%@3C<+>#VI4Q2Am*K+Ag-S(r60%o>ERrApn!#n
z7TQ;+XrZpfX-^#R#A#2cYcUOCKQAAa?G54MmqB7YE$dGmJ5=|f<iyz_s3>dUGF6>?
zLUtLu*zlg>GA2A+;Lc~{F|sb>^}SY9JJcSAZg(Uak#4tfC>n+abp&TGN1)#vp?;Ho
zJS>Xznunqxd3TH6RPxrBqn7-}ihk7dHt>3EG`#F0j~4?_+uLLSAL}WlFi{LZoo|Z)
z>hhf|`a<m+4O#ju_*BssDs8>Bi?r*9P<{rPE(Do^b{JK};}=h5v%2;DJMc~Pv={#Z
zEUBtCcQ}-Ky#5Dt;Wk)ROBHWU$B1~SINT=EM`v;O5gjHo2h>ff;i=3?I(mefPMsVm
z9@u4sS<}7I1<dNjVq?`e_bx{vOhsYxxR!A;Tq|9#a4q`&Gf2K0t?vuaW}W<eb@GjV
z=sLK_D6?0(73IqGy8l5sS14;m^KwRW9z{m#8O?df8e1UXmJyvBBTPw5s!JzaEZ={S
z-ucYS#}l;u<ztyuzTZuN{<Bj=&!Hv-`Y%bHIUo;4^q0XWMf8h7KcasU+IszR#x5dy
zIc11mR)BbZQ$#OIg6L@}AbR;aME{e>7qgbiB1CT(Gkv?43w&UDM)7XC1Pd)0{rK@H
zoqys8`Ed}YXLvt;Virh!U^AxQl<w2BD1$KlrtnWLhVR4lntJlZc9`CZSBSeA(_5gc
zvJ6~5?#J{N?&`j9n=rkmB1b*L^rD{8`*)GHoo8igTVi@GJb9j#xe?j33OvvHG<<oU
zm3E$IrJd(l<&X2M1%IArEd=PzI)^01-jRNXXF7*D%LDR*1Plkp1;oPSkG12-x(^Gp
zPM&e7!@}Y>!@~5;VPUR;PSHET!p~=VeOQ>wyc7#RB8MT)2n(~A2^OX~!NN2rSeWJ<
z7M3-`!m>UXEX+y@3(JsUVOoKO*_;U$mQzzLCtaiq!j{x|*1Wxlh3P{qtZ#;e6=B5k
za9CJQ!<GlJunVF*fQ55bgE|QoX79{lVOh@<3$u=vT7rd@U515a1r}zH+X@SF{QxY?
zp5w4E%W8G&Sh<OX<*3q)T3Exvs#iDXYi42L?`O)y!ivi|7+6^OB)Uk&u39Ez7EDDp
zEG%C~$(-+Lu<(x}j|2--7x~B>ANONnGTatem|htcrY*t3M(wJ7po_F3idg1m(l|Cu
zqKjmZoGwx^YKq~wg1Sf%R=P;@hlq~Tfzw4=t0tg2)RHgJMJjw<d^eNVMY36evh%t~
zwX}^b?mR0aTT3^rD%3^FQ3V?4=vc*ck;=W9i(+Q!B9)Gc?i{I$%n}cc6`+e$A}#Ye
zgknn<Nyo6@#iX{-MP}{(J;Tu|LJ>z_LF%SB`i&_5`orKv9Q|sn5w^n7KUmxB=Wz6F
znD^QmN1sGqz|kxKaWr$qiiFk_N57gu3`gHXV}hf9n-<{cPZzQ}rKDbKSF+4tU7Xy!
zx}%4yKp&2T4IyJey}<-DujlSw8q4b^yV6gNRZc!4jd$+JN5TyKBtNNs5<$$_=_l`E
z{_&;C-qXde$ll9m?^*U-=j=lnc(!u(6b6EFd;qcPz9LQcntm?QP_HSQZ>XMyXFDz-
z{u<vz?A+EpywpV29WQ>IAOXyZ;ps}=I?CY3kCBh+?Ulw{-o3GSFY~3g@~K$%fjmD)
z^4x+H;)C#63=ug#0n@xI1u94wvQz8z7T)y|uI`NpSVscZ+XbxK0@kAjtali&#yvm;
z*1)~(K%g5anmeOwg5Cttq0l!$E1)!>Ixsj*4PCxOpbhXXpnV8HyB4*U3qX4qH!lrD
z*}*a}Ij}ap2cYaK{0;$Y(|Z8W2F7g=Y14Z%%tl$Oz}U+XVZOp_M%q3zCzx+4z-F*r
z!^Uj-H{`z=ZetHN_GdfqBGjf(!(T=XE83?$;>{G0xWpYb_yVXa@m|>H4?#!`$wSZ(
z4OxhKUkC_E;Ey*hO-|8k6#Tgp+_3)3(!OO_Gr{_c*KPsyxglFvyqf}VUJM1v2f%oC
z@z8)>*~IzUsGXtC#Riyl(l(5D9-#k~OWpoH;Kx_93wYKAgz*z>k@gc8#=40RyyBQW
zL-0@HK!BSV*n`lgUPZFJyQe`$ZhgavQ%YyU$%X1+9L~_ErImi5`go=1pgvn*dkUHi
zeHX~gd&q!pGcpg_woPnrC_P7L3@K$Jw2cGBybHM9@+PuAle~-Dxh-$HZOYpy#BuaW
z)SLg(+oq1CK%C=#Z_Fv;pOk9cIjr|0=e(9Wb0{AS+aC>|6t=&%-VfV<2F<(v7{<P;
z9M|jE6xwTQTs6lGxGT&hpxw<hX@H&2tXFW9g*u*oo%mwdsE*J4kJEqR_}7p>CQFsc
z!FS1ac7g_+Ph8$W@Jz_N>2fR&W%T2hprHPV+pUul!%q&3<HtXp3rHHDLE5j(MLE;*
zytF?~GAAZ=uvsi$1&8KYH9zi)zjb|X$z^o9dcV97&MVFK(MRP;sA-5^)Fh3bjA{H)
zT+fTx=pnuucu6L<E%o%SVi>5zAegoFZMko|0yxe>5a_dZ1p2SQmq4F(><y<kmHDzx
zhVrHwpZ0JPYjuV<9X_4#2I;U%1CADJ%wh$hWfJzL%%O&z=1R7AX))beyBhX>4BCIC
zT@7JU+ST50>PT65;(Au<$}Iyf=)u$xn*|cbnLufxdaM_SR*N43T2bX57^hOoKptMZ
z8v*7|=AOh!I+7=fE8hGu>lh|yP)`DBKfkTyA9V}NQ|vg2pg}9kK0(79nGM>VdiTG<
z`sT_UMmr-}0}GqT8fZ>r4KydR2AXrS23a#%gRH)rblO2;s3ly2MVZ*9-LHRVg(Y*4
zA(J`K3Yh~*oX8yH)U;-x{@n#pTT%a>w-;p&^r6f_-%RG92qTt<lR3y~*z%yv!39ws
zkU8Y6Nre)r14om@Z960bEvVhiEsAVmI^Ju-O>5L(3st;vlu;@XKq&7_03j;`5F8+!
z0D|jaq`hMfdiZm|iuiC@0}%wfx)VXL=vLK^Rf8f3IkJ?|sD(8VgsR!i`I;Fbh?*AN
z5J6xYO#D-fNNI$U;W8Z32xXZ_Bb1P9sWA(t@|!e5zK+H@-_uAVej9n%KEbbI?0R&L
z&--N&WXLUK5%kJr5wvB4S<-^l!~lte71Q;0Ya5eEu(cAI1Ow${5{hFZgyR~@Bt&V+
zB+MT&2~KcMCPB)e8To>aS~0X%bhm6NMqQkVK)Ef_Y-+d^<PvIr8;zV?g3+z{8&)C8
zCFH0=4Rmz;V{!@Q-^@iZv*Z#=M-A&7DVN9+4~;1xmrx=t^STY?mRy34VZn<@Z6TL1
z4&Ye#J(EkQ2t~QXV@cgqF7bI3fBo@rqFiFMkryx&_4~c%W<MvFm~Z91ww6o$F7kq0
zf(4*lg1KVapf#0Ce276zF7eMaCUS`{&;q%{g+uwQPAMtSw^Di{<`m-fOpRX#YF_sE
zQ}<`@M;E-XYv286Q?LI7WUEPSvF*biKNN#e67p~ziYNaLo2Tq<*CcJpAC&ZfRK31b
zy}ndY8m7wi%$!^M%!Zf*oqVDf`MCsYuu3+N&X?1O^Bl?~P^mg93NS^9M1#q8SA$-6
z^+;OgR0eUDMghqnJ^&&DFTIDfyrqZZMjGG4UX;inB4wYGK?J31(>!ODXK$nza%c1R
zA!B6N2>f2Sy4(mz_n0bEm>sq4OKKPBf}oBrF63cWAaHcKD$P%IWa{O33F%tf9Uhc?
zIY%|j=Obk!dzw7x#pKlwQ(T(R#gG4jWbuqF3X|f}zA#2Q;ZnshdxlHNhg@S<O9>wm
zj<U7Lh5%ZAXSXrieiF(tP{wSGe@?OfWe|DAK&szeIU-7lyoW`vuylSBo`4v0t9XOi
zH7dPX@P!wY!OQU@NWtKmWyc@267`XiZ+Y?2EE;2UR{)C<<w{1GW0aK?&W)sSj@@T4
zoO=@c^KS(>*SK%w_`%_RIQMQ)d;R+uJB4$RSkxRdIHxd|fK6|vNxTZUmRJ)wN54Fr
zOZ*+2dl~Y_7^5-?&K2;MWehCGRJ@xWj_FlKKYkZ^;>1VTQ;cs?ELVu*$A6Ryc!p`e
zFBe5)L5lwhX&1`#C;f3!Ea&2=3lyR_EXS((abNr#mMi4x$A6m3sDS1A!u@$6Tn@|S
z%ac&ku$-t#8a)-fXS!JyuFi3eBN4D1OevPLgc?2jHvQQEBV`c37a0T3Fn<Kk;~Aw-
zJi~Te`$q&Q;u*&pp79fL5b%sR!|;q)3E3rhhLg)F`X_isGg2R(;ryB4nUAA@kIAj`
z&Ir%2unC@_Il(hDCwPYD9G;Oi!!xpi7;d?j7%+dB3kG;I^y3*;Sa?Q;4A0OCJVO#E
zct%c5v5|DBE(qC5I@G+qh-c_SJfm-hXB1(?@^E-YPQ#W5@r(<iJb-6%)}%rSo?(y5
zX;EqIMH!Td9tg@9GZ~Q*D5GpMC}X9FMgb*ctZQ&^c!fo?s&uTF#4B>-IO5FFj>J*L
zbs>w6qn4^68&$Y#=_rbsg=|y?Ztu_gM;1E)G>Tuf0*zTRie`XDzK+N_-_rmZt-*NC
z^BY)9JvPVZ{dk59xdon~SB7V3YbA{dp`o=vH8B9sSSej^H*do;Y_bH;Fi;N9D2|N~
zj%$c#L_y&h^9P<$<6x^Hj3f+LCc!g1;q+&0ItOSJrJjUJ0L@Mum|!SG%n;2^<fW*A
zwT2!0WCF$^4XYC&jT}|3fsT&F4AQ6s&0G{S3(_bZHLY_bq{$KwtssCjN~C38??=G}
zY3LXhyqMG$kjC-A_YBV{|EE<t<<5rJ**JP<rCaW9cwLz0UpvUPGFBej@WvQ&yga_)
zjWguKJ;v`IJ9?+b=y%Rz(ed9g9n5v&Z=>qcz1@X5>T%-npMlS!e_{m}nEXV%4oh9X
zyuIN*5(?jM@;g_wjt6mR$V83w4$M0!2MQfb`|{=;4~pFz>I>hS>JM?CFNCKIwLbAm
z9hCR+C~y1%mXI39GIGai|68mP*D#)RGMmFx5a_E4M48+Q(s=^w-PwRnVWR=^H9@#m
z5cY;w!rs`*(W8x8*xS1r_Ttr}M<G#!drj{3pa%Dv+yMyouC^<9ktC`dg^)B{A+dwA
z?$^I<rNeisOjYSwUqejeb(c4wq20UMD0@Hmu2N~++!KO1#yfg7{rqB7)Tdf{B+80=
z?O4{hjcTL3`qt-m+;|vQ)?mGi*H!$p5Uj*}4<BiI9Tf87m7}#u6{t3i@;-DGJi)aN
z_nhYFgIga+LN6hqXxK+*3*#Y>kq}{QU+U&`tSN*Zl&;w`^ni_~8#i<hJG%S{%JM{O
z2UM#**SmPtpI$lYsBr(b!}ZLFp3p!aXa)#WD+FpL6i0-{)JsX$)?5&FVvjYeg=1zo
z8q|)46EcV0jS$@h2i7_p5KE75wEb{mBdVeikG6wwawGC(tW`Qx7n7Fggi$cPinC?=
zXc>cHXcf=OFVKc}=X*O=N#APe-Kf)(P^TFcr0#dUJN+@gyU|^_(;xTIPmkW|PvA@Y
zq(341ls_)}v_D0A`G!X4Sj!Kl4{x+9y*=1Yj%zorIJ|lTPUpeR55`yV8DBZ-2U9dn
ztsHGeIB~~7E36fa*D=CTNM(EBp}BUov*-81@>!+Y$n3#WrEQ13>6P9U*B+ihhzbt6
zWK_PhQtd)Z3mS)@@tyNeLwf-TZ#TyC#$=lRd(%;Qi*0Z1p9F&Ho}?SS=k6Uje)lFg
z^mX*S^{X%hXPZ(v#+XwEh7<yuQu&R43ITY`R2B|T)N9egLG5to*nM8=dnbJ-j^9fd
zG}L>p$sW#4_*|ozMfGla6eeS(;>TY>q5Kmy@QC^a_h*WqbK(8?Ygr)pb9{NgbT!f?
z=~i@?%=eMUm2Ev&ghnMRPBk+&HM*hsaZd|!hgyao4aaC&OuQWIqKf4JB(QcbpzYe%
z@N=4aXb`t3t{zw7`{aS;$`z}jvQVRPKQaX(NsGd3gjtX<NtCpiMVh3c*WC?8mCYlL
z@@||@=wkb3H`DtYNYXWm%DGjz?_}YIdZ8}UWz(*m%jSH3PQl}{H#T|^8Re?k=e{-J
zg3eg{1u1sewpHB$hipsb-gA3lrxSmeLWA<?=!pxE?D|u|d=emz<i&GE0pe8y{G0&s
zWd$!MKs=1+%GZA$Kjo?QU%+R6;>1o?;cRbef4Mu~p$L)r&d+!!e0rGJ@Io3BvEfCu
z?80V&YA2S*i)qFsN3Vh&xiWg+wkrO1HI9Gn%cbX>__q>f`2LNttR9ABjq8ua_xs5g
z@iP&<UXBmr1MK!Jd~jTN?LN?Cu^h|?{@RyeG|o#`yDfK2tX2!xz7FqZElHQ>gFef7
z%+gH~>dadXYZavL>-WBG9Vo5227d;y=2a>Sb6+eMu;$uR;D++Cm<?}@pJrgi>(=ax
zGTwti%zM~h3~!fJs~jJJt@CP3-D|8}JB67zkX%{&4x+S!8crEwB^?Dzc<l_X>|k(0
z2Q(wj>RHG-jt_@Gm~{liS!VNX;F4%(#BJ13C|Y6HQ6s9EaVQ#cWsO>{utgP=RpH{-
zlO5NtMJeajuEB3(?HMfbc9g9RkknRcfoR<xjYikLiDKfzrU~@xue}Lo%XByzw!9|%
zXxLx-9eR8VKjrw@Nc4o5CmIb9it$wwXO6bZ2{yK>b8L_JC!YzXRTpSS2YB=X)nXBJ
zgsEY)*a7fdGh>JN(2QqPmKKr|;c*4{QX}dnH0?$m_^^;smo1{=mPweAsEa$00tAkd
zmcp5;;b<hqe9>L5y6QLJ`Jfa5>pdmMXF04V?s9CEu#<6YKhL)-QDq5QbQO4E8}!|<
z!%A{2Yzy1qZngw2ysV&f0C*O#90l!K&DyPMRdOs6f^F2>&|2YEt!3#$i_1jGlO)$d
zISP5QY$*(q;_#Zy>KaKD)h(BXKJ6wPaLVhY{|Y{v0|ytW!!aQ!-46OZHAkPcA0}$k
za-lOia;dwjTY78O;abMjqzXIPQp;H0%lFRBoii|wLI)6MfqrI4dnJfN$~q>CjPH{^
zM|sd!NcV;dW%ce0%vYmpYbA0}6K^mY)3w03Ml8!P*Jqoq&w6XmN1S;#&P2``4c6SM
z!J0}7onCy+%esuklT1hCB8FC928NDCtYl*3C~c~dLQ}Dwz7HMnYZ_y1yaXQ?M_W3$
z@!VRZX)TATUEGkQT`MGg`nmB5m^{{>=H|xt6(+gj+}MmZ&zo*;d|bh6>$&lAPE?o@
znVp*opGc=<Dtr<xZYq>VpCFTE74|5X{%fB5|Lr^{&iH?1p0l!iSLZo(ivPUxoKfhz
zHqRM#{%fAo`2Qa=&sl?g7v?!N)puu}Q_?3-FI=5}-|77`;cI2048hI>#jw}(iD5m;
zY9);Q2*4<WvCp(A3H{S6y$18Q$z%T(o~b<c{jk(y{!$)$1Q95YeFnc{LA-)5_j=ME
zO!%@>;wpdajV$;>^<50WL!5;WbIO1sTqW3hSYHI3-9SbrV@c(Nf58$`9(x@NRf&I4
zK~yL1MG(#}grPk4=`NjW>E{sUbtdC1$YVjpb_MIb-eoKJxk6%DJV&$|Rl2Jb&_xwU
zIFB}g04U#V`5^*^3Re%p@zoHa!lNO>P@Ib(&D!`X&>jS~ko8p|=fzzt{F#BQ3zAz%
z%ML(J>W$T=k5PC_nZRWzo5^m+D7zgmh;ETWfCK`>HwkVc)MYvl>5eV?mJ-JozjOoA
zdOhl?woC-Ntg$4z4IdI+T(!S)q&e4tWOp^l33cxT+nC&!p;~iY2DtO&AuNPEwUpO!
zdDo6!?RA|wJbHD4zmv9_jQ6Rr{P@{yD{oL+6~j>Qo3vHAwA;03F^p?-34WEX@jxc{
zy$aPuMcD|b2^xk{VAA*K>Ds<L3HdBut`2&OXrXd9=#4^_4XT42l);A+Xg!EX=`bGl
zE?q?nLK+IEk^hgqFM*S*s?x8#_v*dcdZ|>Ws`qM^4v*^UEFB05VNn!N91&5l8-y%G
zAW`zPJD}25h|8#h5(P=C7!r+&3*(IIIN*+s+qfVuIO;HtGwurN%&0Ru`2W6h?pvz5
zJA^-JjlW5t>)qwtbI(2Z-0hsZpdPJWc#qw@&+030MQySU(y1>)r*Hw+G6~&3w#QPX
zA8MXEQmOR?w_3+;qpoCF-stBUk5>U^+Mthy4xt+~BFAoK-h_iYp6d|SW-L(RslJtH
z+Hjj671mfCV)0h?FGrm~?@)BR#p!w*p|qx?r=gf0=Blw*BD~6`4A=mLgj3lhl3dDS
z1q0aZ#-iIVFz_M){e$X<b{Xy&1Ps7Y%|Zj78%A=3Z^UvjR{`e`wUNpUo{)layuAq3
zHC>27e^%;He;=Hk#r9$z!QC^g1kq@3)a!@g>(M}}wKqapf!((oMPE?_Ll{tuS%5Uq
zWJox^iEuzwHWwE|+e<Awz!t+>3cb*MR5k-=5hY+`ahUwz7v#tnjZ(hV&d@QWjzk_n
zS}ayagr>!UX>oC}VB(jU_$4NO1(P_4362CN(1TJCQ>j=IO#G52eu;@+V&YdYiG!F*
zursvN!q8DH3M<9J&{<r(QT(*$!Nvgm`1axpX2aD-Ht%!%%~3ykH)Q<K*&gPyGr%5k
z)WO&z&|<SRP0+S=0NX@CZ4-YR8zI;zLL)>S_BS-ZeYNZ7vO?Is=t!>eJJ6eL+gH1^
zN7~Ww-RDHRx7at<eifQ3%Au(O`%Sn>YUssa7OWL7$I`R;Qp^ePvvCm<pJUGANPn$C
zv9&@VV4&dF|2C+gJwiMjylJhVr^#9&vA<w!@8s8zZ>?9TKtGtUE68ZCiS6xApr)G1
z@D@C~>#1k4vT1*d>=g-kyagWvNq=_`cx9dt;&oC_LprrrFk9FwA`)P)h}`MeS<sO{
z3>HsE_Am_aBRo@s1!n^=SP1FpgXg1NCN>6&eYNgMRU1VsEeTTcnm>&c8<7!=6jAmx
zQZVyul=mzfMS^>nzHlb=kUYL91`;06SDy7TT&|~<8x$)AIT*YgF)daK7SLAl`5Fb}
z{Gs1kmZ|%4kFip4{KEM>`DcmfboUI#R*KgFZR6=cL@UMpO)8aUP0R_4=hehq+Y~jw
zCgyq;0h$<QN8`j+`qen`dOAam%q{d7jf_OJXk<vU$nz0>%>P+^jL5}dqK{Ep7E~W2
zO#=PfpQ+tJIkaH<80F3peaxZL$7qEufIdd5YGL#-VH-K%c=v9M9gR!Pc=z$9fvb7E
zb4&A%cYo0oHUD_GpW~E{Z||Wq9N*qc55_@~5sq^L&@#@E)+6KG|84ua$i-nY&M7Sm
zI?hSc`12j-ltT+P&M9|}jB|%>oYM+hfN@T$YGKAXLH+B8Z&z^opc=KIhD(|f?$R;F
zPJIw7#D}yad<xKR#q&SSFYE;$!`Ex^yV&5}6yM^960rrKHNdU*wL-K6xYZ|z5VjC8
zpKalDB-HUgfsfem6MMZQ+X7)|TlkOwalQP{;Kh69vn_~znHy&ZphSh{9eUR4G4gw?
z8W!NCT6YNM1^~%#KX!z-(I|m5IDQCdN76V|rornG@KWi^GysxcrYXQYF#z)fQe>GR
zEATK>034w(RS*~#X#h5#L0}0-P;oee+Egl7sn_Q2Xc{VLq7dDqhtkP5bM&+6)Cuq<
zY!$$f+-FWh1(0~aVQdpg6boaY*obM7*6KsqC!&4nT9>Z>kF0JxtZvZ<g*FU72}ARQ
zRySZ0`_hvzMr_19A$V1cV)MkwG*5KTum*H{y6|&7_<8#QWk+liC(-->+e8*dgk^NY
zHnA9WI!rgr5`7d0aGnMUNC^e1L|-2qqu4esd3|V3yTme}TnrVeTRjQZ2q;rk<NSx~
zQtLx&1l_Z(5zCkhQql%-67z3L8`&V3xYY*nc`)ACAn2Ua2EmAjvOy3gX@d~|VPS(f
zDQSZs3t%Up_MYL94MM^bHi*?=X2J$R?<2NBn7nC&SpCRs5QbWof|zJppk0LDKZXtB
zv#4v8<9DOY93mS;kDPy4elYfi1K1eC^AE9&fxHTB3@4$TqG|B#hLc(e+TWn<eb%7|
z^bT?*ykCTRb|3D7N0&X@`miRlKCtIIfc1f<epnxF!t%4(`tT8OvayMYo2?HL6k8v}
z3xfl{k@Z15q4j~DChLR58tcP-$QRZJQeno@=v;%*h!fi0{$$!8=yd%%L6|#rH!FHB
z9lip6I0gdhx$GLV@N(V};Z2^GASCP$5ecwAMDBF#EXZge=7*016;%HGB+L(-Fu?pE
zl#`~}`g)~ZCPX2a&>o+WXr(1VN?!7(`Qaas5zG%!_B1~*^K6Ke{1^gX5@#fm+;(-Y
z^-w(iC{P-P36JM1&nIKJTz@S$Aod4xF!&i_TI>%}Eh<gM{_wu*Xn$aMll_5b=lIVO
z;pyogi0u#m3$%^RNPwp(qkZ9x-8|i3P4m+*+dY4KkV=>PNoViWSRNnfScsaohA%N#
zbukap8R}yGK##FCNJNVchV&hFIvB{p|MfEtZ=yIok~0pv!8<xpup~O&V0QY8Fgyaq
z%d0@(!#~(C4;c%pbCD*1z6<BqLGy))J^KrDrlI-Zf;nd5VGF(-TmT1fW`f5|nkvF<
z=*LQ_^&mtxqnr12A7TzC6U=6Q#f;tf+%=D_^4uSf9sM|&lMnZ-7qj7}bzuT|&{&j8
zJuSh5!|mJxFKv^eBn~T>a{ysP;$Q-nmgZmrj}#>jCg7lgGQ3jE&wVh#1fxQ53}RM=
z<n>HKLC+*$TaP)O5a!n*A;~iddZq&BfaJ(Tr;EKn@d=xbriy?ZE{yIZl=Y;IfD@Xg
zF=<H$#-z(-OsY(t+cnz`pu<yT@-1`3nc?bxnxf{n5qQXp;}o+q<5QVI;rLXc$Ba)B
z(K0@f*28XmI&uc@k9r1A<l+$wRfqBnp3<_Q<CQcC=^u*dtN-lI;3<a|%toNxIbtI?
zbT$I5um!LYNL4M&I2X2&bZQc#8~@F*_8P_5(YSK%wO3{Gyd|>-J~O!8))Y1W;8x|}
zgu#t@n89rsgTldWIXz}@lZckVjRb~!(GRD+Uf2u%e|`OR8%636uD|9!T`od#n2c;n
z%Yu$<(jLHA_6fhncRaBU`BSXLP$_0DmOS#Wj5xr8tmP0nj>zaCa$SN&>lUuWa<f-r
zh6&`si;k?t^fHQYiG~U>Yq8lCvQP`MM14F7GI?mviYs#3A<qVG{(B^LZKvPDWk@)g
zvadEd=NUSicb$p(yAEXlPSTw&BMfz{?9kNyy$Vs$Il5tZaz1}~j_%O_r~Uge{KEcy
z3cj>|C;ha4H~ITp{MABh08ZpJrKqlG4cHI{;GHKS8GS_JZnNV^CC}2GO~M@iv=}Bj
zOV<QLd-oavBJbabvcLbpHp_n8ca^~bARMT}**V;*40k(>!nm^^t}&R8aOe(~No}Gv
zJB{eHL<2U>*fwa>8JU9-9FdMhirpKL1su97c{E&mIDLd`)AV2+Z%UJcb^Gj|EROK#
zU0JI^tJ<r3c(x8VEhn!<L)w-@b-;l`bv@&*U|`>>clMaO+~j;*c$)42_oKm-BcQxN
z4KhTFd>gDeyvfbW;Din=>^O4;M~27vGS#CP)Qy6!VQJyZRI4ma4}4X%-zM%=)4Fl}
z$FutEu=?hzV}+spTB{E*3Hx;u9u)(zUkhIK$M$RG#mf$^?yZ3tyq(2Ubt_RaTCO`_
zW<Hv3Sgr?Q5fk$?EZ3tbFi&@-t0yv+=4+g>bE``wEYCA`IE7U0-HfV+xpAM>56AI1
zaW^0*?pQxOPr@^g$@6x+YY!q~Y}vdh&&GMim9TK5&Xb|tUiD~@hN?)0_GGFh5IKqr
z)#i8s#+C_;uf2Nbnts^E&q5v8o_uhI%`4B~8s*2aUMe$QWyYzfr+dcho^iU>(=+4s
z%s4&b=_`zMIT>@7(#cdNW;R}c-$JIm;zz&-EE|Cnm^Q|!a3*Ub&;iLtgJqx%Sh69O
zY&WrFD-&(miekZGE?{Chv^${V&2(uXC5n<eET{jl4a8v6b56KL1{c$5Vc2T%l(tZe
zuo)Z*L~34Lgp-Lmr`zNVQ~U)^PvpVDK=^w@e@^{<ksp!%nbNDMY<&;)c!=z}O?TMg
zMA@+iW8qDnD1*Bor^^ZlJYCkIr_0{#q{C8$H{C(xP(ECB7ezq&c=;oEQrkb*X*2X0
zcCXxiXZJ&Vr30G(Y}qHkELeAckF`~^b@ya&wDC+Xp(5)p$0H4jt-AsN>n^|kN&sM)
zr5+AwJX^+?ChM+%K8~@ylaDKlb(d5?pO`oUCL^FGwzp5vw##I$e-hio)Dv0VP4>|Q
zyz8%xfq?j+@N#^M@Fs1$%oeuYhy>VnBX>G>7JT-CV%t3xs9;a!M}}}cTE@W<wq2o|
zG$m}IO|;8kAA$+(v2C}NmINtz$)C2}GmsH%yHWPE?K1Ohh?M*o0$&og-2?>~&Sh5c
zP&{4-l!jr#<N3<-s2Hxj+98%*@-Nte@D|H1i)X9w)F>Y34^^iIOwE^jo9@5cfjs%o
z8lvb_JCax6Js+4GR{<9fmu-T8&G)wFXXl7Bx`t(yWU~2n4bNmLple`uH26M&el_@B
zOJ}Han5M_*93-Me=RledN1ekFo%$bDr!Jy#m}nl9mIc*3NUJ~}_h)*(OgXe*I(6j^
z$BHBO+PR11z8|fy1<<KWRk5B9y{;l`Bk9zE#=ILbel!9z=H1*hcr_m|`=2@D%$T>K
z`{2gB7jvw_n8)nQSa%bH!m;i(^q8?uB3i~e(t2d9<E^fk5dPo2!&OA%Fd6HVmIWQ_
zq*eU+j&;hR1sm&>J4eR4LuWtM3R{4&PO55Q#=5YLq*G6p)!m`e%R2*5B-*$yDyf8j
zGlwCrh3`UM52=HHE1-Fo-5dEG_M5y=y}u2?yxNY@cw2<gyqHeBcw2<g)Z9yIzAbVf
z`0A_#C$}W1Zf`+pOO9rLe026G(!Jl#>>YnUJ_csCex5MY&+ic+>O;Q(zI<>FeW=`Z
zr}v#vKQB63sPL#(rCy$DRs2Bt3@xENN&yvgDNQv#AgIPCfGYs1$7j6g@exlwKI798
zFN%Cbiy|MfROB;OblZA@4Y7qR!b%yc@-tM4<B8d74k}k1J);s|6|#%u_!-YmtVOvJ
zx_qQfDDzwN_&}q2{3H^j=NYue0p&%sl^*<iC!szcdO5u!FM1k<YW?KXD7>Q^$FX={
zTSkv%4R6{2Hf4r+SWC4{CAa5>X+F(z_hsQ>j*?d{W!AhD6yid)%+39mQMn2S-q<K{
zgJ!7Qg$-1m;JAQc3FV>&BUWDJ*sxLJyCdaeTH{g6O#nSf0DaHnf?}pJ4*f1Pyt}rX
z9^ko`BCH3L!033L*K++Ibz;%ky3nTZE~GFCb<Q};{^a_Ep>0A%7j-j-Z9?#96A;@(
z!XMiv!n1Xdsl?g3mw=lGVW*0173*kUsCa#_2jJ|Lm@0D6*@_7Rriu>AuiO$yD@7M&
z{Wya0kR5J}bk)Am562)I5)V>Z18^K;-fg)M^c>hu@dr=s6zev7xKh#>BqR`Kiq#+s
zVx0_ynZhWQdHEpQ{=9aIcaqnh&rf8h_-lGXJB4^cJB4^cI|V%t%T8fXHQOl|c<AgD
z#MW%5U`S}E5ceUqQ@jJ%RgTlCkD?wI$WF0(emlkd=g<1p2=VFJMhJ*bs}W+|X1T4D
zmv*vGU5Bz9;5?c!NTA!x+5PTS=49G{o=oe+F*V$aH@}VI$3PAn#iy}8ZMISD1veX$
zT!uE=C?qJhQHU3234S9Rg?K_61wBnR3W+r~ip4!*qaYP?+9(KXZ(mOv1)Z+{29V`W
zy@ypjm!4mNZjFI}crF{oEW9#%2=OLu6oiD0A|e4cipZUgoe3Mon~*!~0{kRw6zra1
zqY%nT(`=o-(k`=~5KL%~Z4|AvBuI&E6t^KG*eIgxX`^7~*%0acHVWa2nf`>ln2*kV
zKxryMcsw86TVlBO>N#SgApe3dBD}>$A=#@W85_m7ZaBu&e2a}@EAr$&Ylxy#Jtt|S
zxDS{c+fi*efObjvFo`*UmN=1SG&6NbU~I%tYeer>|G#iKWXqF0Una${L;NkjYKQn2
zIz!#ecO~AMX4avOMgUrLG^9`asl)62fwPY6f!srpdL(-waW$@aTxZs~FA;@Dpp!X7
z$Iq0E1y#pLLtr20rAnB`ADZ)Li8pjGZ?AXinKN?+%pK`KJdY-svr)J)BRYJBCwCHO
zowWQ$=Zz%~4xiy3a5?jY2XpYaQ`6xy>;M|&lR4q@J=h=t%*+UZ^3kVt!sm3%L9X~{
znwL157QLsU3?hH71%D3bH+6V*w3HJoobUx5dA>?c;F;1UPNyA$XLHbS%(FS>xS-b9
z0%%(ja(d`(3t=6nQ&SwM@NcfM>em<x8rSGp)p}UEGP%ELY*J%`8MgX+XAfID=6FZ$
zM`loB9%j(`4THi#>$mh6gMvh~3|1si=AnnzSaoE-{#tHteMDnb%X#U!_v?#HJc3c{
zP@Y6nS{8KZlI8%$vTr_o_v<So7Hq%1VFGz@WWRp+sGB)EJ@<Znt&oM<ub-%oLqAR_
za_Xi22zG%?Cq@&lKfjAM_K<dg9H40zNb@`FH+f+fC?J@20Y<|vz-Zb9#0xb)qiGkA
z)U*p62%dI<rUWh7Ro6X4`scQ!w}l=l>uj4rCrNXB4<8v@6L;7}b_K%FX0S+rSU=wa
z&mNA=pcvW=meU3x)`I1{3XJ=Nt3`y#_J2T$-2gypF(3?~U4cpS3;<xnb^sW$8UTc_
zh#+RDH3%X013<_b06+i|;lP@$E^o3R&~^YTf^4x5EeO|{3+(2yAuMmTAw)WJk4Ta>
zgb)q-Z#Q)X=GNF_w}3VTy!(zv;a5`U+_7nc+7mj+KG`r@^19W8P_7=gceql0-riEC
zT*|I_8|o3d`z$R8IdRZ}z{fyyW+O80voIC}ge5Hq5{%f$f`Isl8>lmhN6j<=#1;gc
zH6mUDCNcCzCI$e6CI(n8VBg3VGcYlnOA~`<i@?rnVgS$QurVyAsB22qdCXyBAPj8`
zD(Zq~8F(b`MTNEs!J|z^Yzzs1Y-8X%<$PWUQU_}g4h=-_3-Otchh=9tMePi|Q0T8w
zI|ENdoIoec3<XxXyf;KMLnqA)VsxOH0Y(RxF97ivgv<AUJYMmrW`_Rop1%t~&qLT5
zI@Hc^%4QE|FG7m~17T-avzaGUl7TQYoB#r`6+U|7XkI%*2l?&!{6uz!B0Zs<K|G<I
zK|G<Ifu4tDXE3Om?F<Y&ban<}Yqm2mB(yV#`;gih+JRkVIi31C>hW;2Gi0r!hB7ab
z|JU2So2sW@w!RNt@f_xdj#=i1Q{+Ld@XfFVwm&=o2EzU@gXL_q{lNy88_(yewb}k4
zL9zWoys$s;8`&Sk6WSl>X|g{^tg%0Q5BcH-JW?^I{eiId_Gi%kKqua>2U+e^nIbTk
z4qt(+7zl{xvOmniE3=dkZ_@riNZ21D5@3Ib-09evus^uS9Xfx067~m9Hei1c%ICH}
zDD5)K3c-Z-*#6K;OM;Zx{*XsTus=lE)BeEBvmw&??GM5gGm#2;G25=7bUHw3DnfWX
zA6zzu>mAz5dR}eWSCfUo7@}HC5JG_plQBU&__xnmq?MmAL4Yr5dB+d<px2@J2=1gA
z;xWM9m`3d#lo{gpbLeyCHbb01s<B0ssA-PqqF>DskEJuz?3_uD(d<Y>i)M%Pi3}f3
z_b?o>L9AU!8-&QgBhco&3W8p25BH0=;SjsLU%muSq#MP1xwxcQ*3kJ)Axg%ADsn{n
z4_6z6mj6#{gHQ$?u|Wja<j@a>TAo5=HEOm&XpJp^4I&|@PeS85w0ALtb(~IJ4BY&8
zXzpT&_k22o*5Hhd*F^C=;{onxz$=ZtdP~ETU^>Gs4Ht0m0X>`xa1O1ypeG|Tx~JhU
z;K}*?<r(g$Apvzk=ktr(6(;bd@`rxDcT7LEJra-ij+^3#B{`Kt0$we)z-xSjzIsec
z`s!H+PB3%>iqMh<ujPWIu#Axo=!q;9?{&C@1Uvpy6^ML@_Kh~dPzQ9b0CCPS2A#&8
z2f1$)HB-u90gp|M_^IKreuk@5{H`?DJjm|HOtp;H2{Kr>^0x!;4qzuF7OhC-Nh*1E
z7jCA4Qpe+#Nly~-Azr!PK_5eKnZ}hgcsCb0;WR(eKp}+pAGj)JMy{lBC8GkYs7#ZV
zG_r<<n`xj-N;6Gb(r{7D>jy|&9t&>l-OO@FDqgkaPN`xR`}m5w_%+WWaBu298;kQH
zs4hHt##!cUW2h+IpW4g2CV(liKXn+m_$~s@m4gK6m3qhBru1&=ok-7nCPXg7&8ZLf
z?dEWYYW&o*dC9r?spsCrQ_m%5xLe<P-hpYKEpi-bVp`sMw!5SA?6QdCIwh2?YBqZK
zc|8TtHUdcb>qgnAb7_I0W<~^%cvj2}V+2_=GlEwIJJ!s|?$6#C)}ZYEq%4z{4@;IU
zJXT!F%9RyssZptT15nS5(TN)?+M)iy3&EnFSwj7cXkDnE>8BjYR!{0@@GJ);k$}|C
z)F{i)*{Oa8syw;+!x}_Wz&#&X?2F!qY$05yQ*|RU#QWFGT_dyKDUUC-_`@Pq;H=$D
znF@6^41@w_420vdm1HP1I3p;+lIGA}JP^Xd@ZkuP|K-@H^K{fx-wk{-I;S7@kxxgB
zLa)P5Rd2s2sD3Ad2j*GZqTk7Mt4H)ZnO^mXekaqfp57U+cP2Ba9=+hAjaO3Oh6`wW
z5ukTdm`f_q9nbJpXkK^0$DuvwdgPVp46d$_5Nx2J{-=niglBMT%3?u03~JDK5Gnc|
z2|{0m$5PO$@gTM2f!C<z9t_-bi(X1#u=${Xx4#X%gYC8&41IN`T2QwK-l_{))=afi
z+)g=D#yiPX1Y~FS!JR?Q!x<E17)U^O8(v;++n4E?$*>gdnQDFp7~$-|wYD96>ADk7
zKRDgR;=W@0#!TN#h7V@r`R9!pjDMMG8^GHUQW`FnSW0;DU^Zw)SXZ%YV`&LqZ(g!5
zGXT~y91m|J=OSXu&S0^;kBF)rNY#m;O0lxB)a?uuyZ05l`D`|CJ3(9*Q-Van+N-&+
zTKbB;8;6U18;d;~OZ|8qx_=+uz%Fkr4HO5EV2RRF8Y~WOELHJjbd?NH8id#-^hizc
zwvi#Hzc_>^r7woe7@7MtWd6|Uxp3RZiurfZx?Vr8^?=0Bzn``mzUKf%S1Qvv^r)Sw
zMeFSWQFIN8qN^C*^1*h<OFqzu)^6rVq3y^?4WmqHtY^x(kxt8<vE9lhx!S|6jOX0m
zv7gz4n6#Mvw6#mMnGN6lk3CQ{tyz@H?PO1UfSt8{7^<P!x~8vHvvnTW+PIF1Bh40P
zIT{pewgdv2Eq?v;0DzUfdN@tu?H`P3(rgLn`HbzIybJk4vqdVT4ioo($jnNU+uOHL
zx5b36|3vl?Q=3`qO}ecFyz4(H1_J*$ZbWZJB;cCx%A733>!ik!PT!Vhw$N=wBtW+n
zxzn+;U`8al0puyj9~vcoWDwRHKsb$pcIzQ%mr0}o8QLF*?|HNl2@8_6BuL4d{CNY&
zI5L8EE6SeQEoPn#^PYA8N0KXM8X3YSbXEx{*MBk)nu-uQ=YzX2hRgNU+N%Z8ZIOk+
zPDHinw#aQ;CFoqr$oWIJuNpCxU+#;p0Fg0nEAr((O9ZHI0A1_Xk;byRx~6Uf>c$I!
z?4T4|-+>$+-2U1Zkz^>gh?<J6P4uf`>n1uw#nx-+3C}>&-J;kceGqw+<M7(EbVRqc
zpt>!Qkw3j|OUYPJ-Ig=}%J<>8zgEltr`2sKgO2F74o<hFHMRh{t%RH&dfir7$I1P*
zoa{7@Rqw!9(0H+qRkQck2K~vgscC<$HIR&&|B|XVaInFk#XQVl^-czbgVpWyn88XS
zS_Uf;DD$(!Ypgo5zxI!`zgA@85sX@ga(}JTvY<nkGzXcR9nSk}l@SZJzt%9}$o|@-
z<>i3;YqdfaYJY8_J`VjjrO2u8JjC~5%Q}rZTcg8hcVNJP76Y~z(O^{D#(rMA^C68g
zHs6rmhwDuH)j)GGmU%GHd?*~3?9^9~$0b}N`<Eatvd@gelk@qTm)`<3kRL%R-lqLA
zeqoLIdwhADcGAz=w4406O}oj@+q5+xBM6}E!n@SOScT!I85GxQHwSEJ2^jh~sBa0&
z*n(Hrh>87(6D$#JGoNH;j(;aUGBzh{GfgnG&AeZLSidJ=_Hl6gb1mo<_3mEYPGENA
z;(7wFdKwH5xVp;g#tud(AOYkclt9>S3s(#z+js$nOG2Q&EO|7{08VcSiNPcp!P25V
z_h{JxnAmY5C`m*hhc+V*FSii}cAG?oOaYKK=yx?5CYnSvfe~GRO1-CPw=WdwRHB>v
zLc}J6cT<aLh+I*uD~t3Va3{4IHKn$hezDE;ByBS-cZUEa>@)pppAihIn|I?nc)0g~
zhgO;R%JA9uhCm^xX!~047%B02@TN;fT(qd@g7K2atHp7R3Ut%3jOpFtbcx*!+>s5}
zw3+eN3dHyDY7t{ZLjcsvOx24p>@Rib%T!kpkT-9)@eOkE^#cGtSA1q(8QFf?BHPbD
zP{3^?;7zulW*FLjM8KPDKg}?vp@{8A@M^<}Z9i-qi%>6@vJWZG%(j`d+;<~(OJnPy
zXy>FQ<fYLREa=%wZDIpju&Y48L%f!}PmDl5j6ix3x>$j56?%?_8yJP~E+Nb~*ip@g
zgFzx(cw)Q2i_+V8F+RfZLLYBRZ>#W%^lF>jhOTn@*O2x1JhUA*VNLq~zIG(EF%bc*
zNp*@(S8QZra36w>qmc}c!zaP}5p*=oW!$R|ov@QS8Fa5lJr1btNk6nb-35t)?TMdq
zVWa~((itb?e+pjQRa3|ejQt#st-~iWnNIx+@N58{LB-=%?0s%GEJBq{``jMberyb4
zz4+4K2Wt}j{V*cYKY-W6;V<Xc>;@Lgn<-?j0&h!cH_JQ4vpuvPpd=-?y1FDC-s$T%
zU)9zc>);#&J6CLoXP1jZ#YImyzoSF;cwvWEUhxSh?Zvy}W8Uz}4sSf(n(tQEfq$?c
zZ@j>(jOV?9(>KHL%zNpb)KXA6ubrVEc7|#JT}5bUnE$Gd*P{)=ps*V&)8?(Re+Rxc
zUdjb%WKiI+tU<9sK_Fm5;MadT0BBGU565*H6zFL(C`jz3jP0HLSL6$W0;yoR5_*4`
z32172dq8^v)4BfpK$ko9Io5iUJs|<_`X7jaz^8-4%UMN)H)&5`w$R~6B*2~!xzn+;
zP}Lqx><M=O8Fcvk$TUXn2^{)iPk0F0WxAt4hW6N=&`L{!l)TBG_JofjBiIw7>}gM6
z=GidsS@whk_b^qF*-r?YuoEPpT>pbWXc#7R&IkA57_PngG%+TSf5G<=-eOE(@obfz
zizpxG5B>1U(@f2m2O?tv`~I!Slm9G{o$Aw)n`D0t%#D`=*Fo75em93wX6{Y0KP1Ia
z%Mdkf37?@~Z3(}jGgQy~mY(qVGu<uf8PbO?3vzjQ>1U4E5*E~!ATsg@v@(ZipRAIx
zpb8mj0F>{;(Uzd)|I^wMltD*q2?u9O&>C9+TS7uk550~itmC9Df%BZ^v8ug@vFdsq
zt7h90K0lZ=7&O@uZmlMx=C>uJkO2oR=3xe_4hDsTRVO`Wu#$+D!HNW$HQ(WMrsIe$
z;g4iX5Se%cqt>CcB`7TmI&?{Mkh$66Y)eo^ESN39FyV+T;h=2^S|JN%OGwnmp&zFd
zIoDJN()(wj_vifwLueaD?@(@c+SBehblc-I4jhq<AUpPbf%Rk9L4`GY$P-C6UZ8e`
z?ASje&4FoHEHpT&0fRR(LsW7jIh%$GW2DHA{jvrX#T8gX!s>7|M=<ID{sZaM=CB1Z
zk<DQ<JUO4gdHF3^8UI+M$++^tc@X+&d8qOWbHUQ2A7B#R*BtJ(_;ENP1jtANTvp*K
zrYeq>G@-1X(j4Hm2Dn4-M_F2c<_L3Pl^}7dTZzt#JcA{sO~PkE9RDZ*5j{z$*Y%rV
zXp`tOc+#nVN8TH$cg1#N=uwL^dAE@9psd0nhqe4!&7YN<H|C&q<%Pz2{sDIw%dYrB
zwX>8Sd6ZR5&*bf5dT?USwEGZ`4Y_lr$HSo$P^YD<x#f4ddAl-CdTb@1oi~mZ;qH)i
z@*-!3?;kqQ$`%~}LR|?8_t}Hy{&5`fFmH*Ti1MlpVNh%c>ykEvVWgLQn40#3!SV3*
zNkM?Ll<Sw{y9qoK2{Y1GE|l9w9%E&Oq0CgRK5QjPAC!+p2QP`Ds6(4J?1MSRfyTd>
zJ_^WEPzC;B{f2$GQll-~J9dYaF(_QOx9B3#J`Z1j@AG!tfVrOv0(I}*tVrq}mH>;~
zhoN=t`ZbD!9g2g<LyOEP46&#<048yFcM~2JE79N!UiHTse7RR+aE5XMF`?k_5C_Mc
z8fM9tfmcJX27#)}h0eN~#g17#sgo<`2TIP!O0T+j9C~t?0xv6XMI*fcw-PVKm(3l(
zJjhkej{80E;xX9?*t(qZiqE^dwg|=o9B#R{ycNe7E@sMVM_Y9b<np{q$sHNPrHwP-
zI(59m+4Uu_cQbx7KwI=K!Y=z_<|1f%D-(V%vAf;l(Dfp6?6cKQr#x8R>W>p8Wt(zZ
zUVb}JXGfk=F6Bm6SjF57kA4``c|lzu>b#&X0Ci3g;~ExR=8^;A&lj`hm2K6<N$go*
z$03sP^0yoPH*c-o48B!|Vg-12VWb;9S*CKCsJWpxcQaIUXS$(4uMUm<TX}1~+_vTx
zB(-o5228pNFNE?4RdxN$#ym9O=zMT3yaW3MNrpmP<4UdvT{i<^)Pr3KZlmaijj0cc
zZoFjrIowP$;$zeNebWzo<Tv<Pj~9HQ5idHna6op}<8TLWv}aLz$G+;Mv!QAn*UcBb
zyvTPod-|micLzN}B35;1PO2Bg&#Mau^L|>}RLu%YhVKrdo%U=L2iR%94hLeO7=QLq
zt73crRo>Xe#F1j0V}}OCigAH}E}UQgN&rwXE*=g(RE*Qpq!^djt&HuR{4nx`Vw_aS
z*cI)Em(fZS+uN_EUYyBXY1Qu3au6qNy9Ydxww-`?{eDCnAjCK6#S?H%cx7x0@h0z(
zV7AbUM<hTm9=X%8vmhghXvK$+J2cV!NH?fjaSlGviVNkc6P=rO8H7VHp*_AsqLr2e
zDS64CTJd3I1g&_KJ+<P@JR2e<KZXq7?8<V>s%dX+xNS!3kQWJkcY=4WKM0gb9?u7N
zObpjv&52%|{0p9d@D{x|i)X9wTu$-0aOexiKF!p88NK4q7p2^d`d;x?(9eICh)#DO
zjxt4i?4J(IjaLKLLFvW60SP>~J@!u|#ZWO2HTB}7^s8R{5;{Xw!=>~XRf9yds2WJ0
zw&^2!@x$z$v4y-pLPX&aXc!KWUR=poQ00O&fWuWUuI2yJ>cy2oNA%(crx({6TL8Uy
zLQW68z9FpRbZV0hRdbG2S7R(_+@xbwi(Y)kYY^NpS62V`QL{&>xvs3foMQ{dD55lD
z(=`kV$EN4f^U=y=|1n8?GL-FPev)bMJB+?Ewb^+y@tCnp5VeeDr2lXn%N~yj<@sE@
z`<FwxRk!S#9jMEyS;12fmb3gz@yXi(KLt-OFR5ho>zPYUY%7>Vbj|YD<I`sO8}Pvk
znT{PWpp>=)6N1Uz;q_+b8#z6CB=0e_+;QFI7CUxO9?aG9A`XvWJlh5O9{znub5pUP
z!<n=h5X=7h7x<1R<f>Jgj2MODqheDC#ilK*B7)`TXcmty@B*ljMHwufozcV_4S0xw
zZzhDVB<Pz7SUwu$V1YNgA{I<bF2!frUjTi@(-LKm+LUK$N8a4947Jkqq=|)1rA^xy
zOZ>km=4hKHx05X`<XGI$O!?ely+I3$Yjt4Fu2*J3TLBK4cP04YvkT^GtuP|-+5$G+
znrpYP)6hIYp%~kWZKgB89bFFsQQfnfM=BGHipbBdh=tOQNA+;%$10U@?zg)Z^38wN
zj@@YK{wGm-Ik)^i^z)6^vhiD$$<vQb4j#?#INvo#oEgK;98M-Prd$qs`c_bP<MnXY
zdZ(`An9?f*a42K0wPoTB-ieomxb)gX5M6q`pU!Z2`v5%`RVF{%l+{j_r8Z;P(C$*;
zx}1UC)dx>1IXhm*LM~$!L-YGOCjNZ2lW>DjY>ifMH8BAPpzhl7dV-#e;Cg$tQ+$s9
zEULe1GlQ1xpTY!Pwj#EZh;2ozYyRWG+kM=->W?7ToGb7>ZUVj_Zr48(@k`Cv>ZF(s
z+sUv8cz0#}XnxQt+x|I{yCv{YR1)7Hl--Y$V8C;oPrWAd^OrK3y6_X=Kw)oWVeev5
zS0mtHi+YXaj{zJF!hbxzHOU*LKLehnp`L0p`iW<-pBUV|4SMtJ?rqqAoZGz(`;YUx
zx3ytw@9u5T09V`a!Or@2e6SC{10U!z$1_<z&j{@qRb|+yFRH<!SJ^a<Yo2rCr2=n#
z9xoQgOWe2GUTg<TwiVmPi|KIyBiVSV-7Xi~ui9H|uMS-%5EX%NCt`p~Ge9>03KLA(
z-5k*)DZPoz1n@Jyr#Ze?^Uh2Nasu==1M~qPKc11aea%t*ySJer5zYP0u>*=ZkGnS{
z@jz4bRknW<YmjyPan$iz@VmS<XRUobJl3{6UbEc24ZO%fqkPp~=*KV1xplmB2~Hra
z5{20)xi^8J?l=f#mXtkFP<@qaqoe@qjlyh{3;}&{0Lp^^JfmmwLt{`x15wZcTS%y@
zPspq5KMIlsHN1!`iWchOXTzvSiymIms6W=jpG8@xoU*CEp1j+pO??B}OQKC5FU{u`
zX<<)+`+y`%8>8vJfw>F?v9fhMhYj{23&3(qSZ>8Ex4`nsR`A@4d2WH{NQ$r~rdz^v
zD`vVSOt)gDTf%fJX1WEYD<*PX<fECsiG!n$w6xMknhy<q#3c0HIe5dT<)zrs@TJ(D
z?31gVCipXv9-IAd?bnu{!?fG3SM1=&7z@f{?e>m6hzZ^;zRt-fENxX}zY=xbxRt3R
zMfR}}0}YB5*#ZIGHNVoyQIRd46@aE9o1U^i3SZ^HMN#b8jP0F#1M<ZvCA7#WrTs7U
z*&?gVGN(A~?U+fa)Aj!f)VWi8wJoa-wH4m=Ul9XI8_@mZt#D0vcgIOW{r3UkcQwQF
zuCf?jhnOVUOVBdhunbLU=PSdj;|!z>^TEBQ1<p<l&ZZ^IS;$cCDZeK$_8iZ#M`|nQ
zN==T!cFjtxQ`OCi$isfde0T{WiI>2F*PZcihA#u{c@)}~>CQ@M*2_w$2X%gb(UGvC
z15;%T%XvJ`t)w-Mha%DvS#)?t0!Owq0@hAf!n2suV=gbG6nQjEq0<=uylS<m)Zke)
znb{UKdzhkz!WayMaFSGno;Ft~&OB+J8O(M=$T&UHg@Ix6j6AE56PjEY=#B@wMy;+|
zF{5ne1<(}V;N8f!MSsr*Vr!dWvfAa^9AK|Al3yP5e=0hBozCrKYYDXrGLLJ~E^yYV
z`u;nxp2yv7bFb&^RdcRDL|*f{1QT~b*ZSga(*?Y^F&Q!Idi6$&diBB}g3^?*KY|}@
zn&2m^AHM9yMGWR9`FbfUg~t@dQAgXznZ<0Wt(X>Xu}y0_1AsOKEf$pj2@t7H94ZWx
zh~L#rFx#mw_7rzVM!%gSk1ghK!J4ZHI*l~p=Cw|REOuxf2@t{AsR)Xl60OB47CW#Q
zD*Eg_iWywc)`{DR7pu3ZQ@;xQItMhXzVQ0jY^j8M(@K)RV(Th0q)W5UmX^TVQCy<l
zu3?`&0y5}=+;dV|Trv#U0lK<ma#PHS$d$^)#l^CePRpilq%(m+Y?s1Tc!jcZqM}J8
zR^7nk`LANGUeUyIUQsM++U{b0w71x;sZEusPf2c%V-2$tv6UNsiHX;6x!AqG)Z-S*
z#Y(ZqC`vwnJalgCrGAY5>57CLC-eu@CyBu2XDJc5e3qz4lOVn}WwWE7w0>Mu>u#bV
z;%-Kl+(u3_!=uF_dK)8)8A)NJ0#k6U_H-#51!ZNpLa&3122HIF4{McWwaU2Yb`5+^
zKnC&3O4+{<;{|#X&RGYGUQZd=Cm7^tGEZwD57hZYO{=?@3j?Jt=L|HWf`z<+Efx~h
zuWleWfg=AV&<O(tc~%K&GfZq#B(DY8qdi6S8E%;<qJkQrScn9mZU3x#w^EP77{-5=
z^i|JCeL|(!qMD34G0`=u<^kH1Chf?V!c?K)s1{Q@x!|{GJld5dN#MHv1)4q9^?NzL
ziPrVM0{M+MB8cnyJ1~cdO`*-}`csaZ9cR|{A8U%zb^T!S72w`*W&dI1Ry*46U1e2j
zWi0VY3zzsL0Fx(rqb2^g39C!||DZEm;{PW-XY6<rV13TLb_$Yf!^QnlN26p>?>YXx
z0AE_WK3>%?<zoKLOf8FffP7Oxt_@f5OYI~E+h73yxb_I=b7uWMQV`g1wH_xN{h?dC
zZLY;S>DI;i(m}f%E!GdXR{s)<{GxEJK3@T5t<9NL^V-}^U50X8$^K_xcMjK2W0~kb
z742|owFJnM!OqI2Jl1Um9JQ`)cJVhcp3m?e-|N=nAgWg_U1a;CNHAWo2Qqs#=A^E<
zIYzmAEb@Cc^bf#^v&)-^aYJ5?u3xtv+K&XnoIT*~)tGq@9%y|iEHZV(_m5=msyYv|
zhID+wB-e-Z$Lqs$qV*v};_D(3=O-432>gZw?ub@~^9c&;lJCxkYr<-2YxANjH(*u#
z6T!u;IhX6TApq~(#uZn*Qof4w9w+t81RjxEtT6$XSYe_XEB>iKwhhRjaba$N7>w7T
zg=z=1Fj0oov<NCVD&vxEwIhO-d}q<$k|pU6vyA8u*L13E*fKx;EzBVOAv2VIa$+|9
zVTLXAGus6HTWZmg5*wz>ZKG@n(UNj&6wF>=?j_}05fd#b&+uE9l%InnG~UM4%}YuN
zikFn)#VV5DXh|uaa7jr|(~?qR&64tF<cnTWXfaDl(Km#Bkc{`3Su>5jeJ9tHbh`eh
zL7qGH&-jh@NX2Wp5a_cp5M*qwHR3G1_rysK3jQCP;ak>}(i0}hHfu^PLsQz>Yefb6
zVw{1LVLrIKTi|A`DW$74+|xCsa8LQN9dou5WKGFj545IaK3r3hcn^K3&j9R7lmMwN
zZpLC@*3HI&SW)(1CiE4A7jb>OBQatX>ct9Dg4582O0cdavE^06Wi83<WGz|kzyw#|
zb;idCKFf{eBrfIF7<k~67>_H<>M5AZNg6IQl`2gA@mM#mWyom^4JkQIlcpB7`n+OZ
zV`RprF?lR&3d2%5S@d9$BOVuDE(hzGVnKznSlDqJIElrNkTE}CmuwfKWCstRC@srP
zkxy-0X1OU%MVFh5jFy`(m8r!}Mu+;QZ%2wHk`gXLWv0=x2;~&1cCKCFBJ+Rg#z^^e
zPT;uT`Jb>Z-IAEkM>a928g#BFPh>P%#zf}BbtwxM&+6&J%2ek2bcg0INfH~I)qB8o
zsj)P2S=xogB-w%bNvop`YeuX~v*I(=ggQq>7|^h4Vi2h*E>npKNmR6&mZg#hmZkEI
zm!*=RQ{}?bWvK*pC=M=54T#{xvNYk<HBGoIWe1d4mWuZwmZge7SEg)u>JL|@l4HCw
z6)#q%>{sSnnSPmZIT2*DG9|fMyt0zcm8k>@fn5r#D^n?2B@wG`S($!;n7J~Qw49w_
zWy*f2#Fc3eR;G+Fm8KqLp)O1Xwc%wlHeYOCKWcZ4SjAGQ$HI;1J;CpZw6{B6vJO{@
zz57djx^C?=iwBu$n|^f^-%pC&YSu0au3MWoO<0xSLF5qb3wbos^56f@+NUg-jA?jA
z7e6o<Cs#;lXbNSvYCOy(l9rO=*(IQHE8DW{4+-9nK1&)}&K5DRTW)RYJ1AG)8SV0<
zE?_E@uU5aKfg%d()Y>q?6fRGBk`{a3Go|0)_K}=hxkY;gZ?wy;SlD4A-Y%)B;rxD+
z&P#n0W6`rDUDQY9jE0N-1$q_Tjv~nm+F^xi0wWtnRvoi)H}d58Rg@RTCZ7VXtt73K
zW90c-6b41633WyI6cWRY!LEZ}5pN2|Y4C;#h8(uOVn)M@Iz7So15JX;yF?peuv1<G
zr2)+u=xNKyp~0B=Tq23Of!qX2!#07LFi?=E6;ED!9Z?gbspSQi>50@MrR^#e?D~n&
zg-Wx;cqed%0QG2-RJVy2R;W}#2a$`~U4B2>T_IE#h#;P9*}?Z=%CM(Wi_wB^viyI8
z_S7ja&riM|)4{1<!H2bO<L&4PET{1fd}=!s2(rjfjk2d1rSV%W@o3Pp{N#@!M74YD
zX3VyNuHxt=*i67gGf}p0fjR>raKW2Fv?f-{cQvJ#<g;KdRhZzLEoq@+4qRm5JLJJ!
zn10%l;%_h}&m!p?5s(r#u9R&ulm&6TMtrmhiKfwVYZ2cY;cG!OZv<;H$&|~Ra?tvc
zWkxL|Dv_&3oTJp5@E-x8*z~vtxC;Hi4(^|*2t7H=<Q3Q<?}AP;aLn@g4ens#(DN~R
zpn4Gr;yl+$<<YlnW8WfyqXkntLl8MAtB3-N4T@Np4~rMDD)I(YOmfRBLR6w8o&vdI
zvRksM$J=oUs1AMv#G?gQphY%vZotftF{!!%Xa5$pdELP;kpoZc1SPy2fgJ-9TTD-s
z+;S;1g1hxH)fKlEapVURU34{L_wzVT8AcZF6F~nGbRpfX;o+NNdhFk`Q+Nw1hx@Ij
zF2Hwq@-u5w&kpWK)=P)6Q%D>_3D>Ze+^t7mWBh{N%D(zV=xB2=ij++oaaBB6oO*{+
z=L(Im5|(S{hP*+vMsCC)K)laE9e#(pk?HrNxcVzXnGZugfN%*Z*wb|DuY^=YGTW@m
zs!lH>+{-EtN2=Bm31h{CVfo3a<HOz~8ke7f`~#HB9uBgo+`R3`x8SJ160{*S%z;fY
z8}K(5<=`d4T5{lcx&iX^Z1OGWVlrDkE;^vsN3=MVWgX5E1jXc8K@rf{mdQ`S@`4P$
zZFWY!SSbw)5v8<KS%v8+q=GczKwDlsB#CA?g$iS_2nwAZ(or@7fy5JEo+8MObTL$r
zNvOnUag?o$6;E1)v;)}7V?D*pj(4(V#JfE0l=35$3eLPOE@ov<u11X6h(O8&XdhC_
zE?-6DInTHPX?vC+Z5Ptso<zzhyil%sRH<6LU7ql9wKcU21ff50Qdgobp95aEJALEb
z7q_RO6v3UQ6WtT(@qnF1-u6UnhTGBZ;4e5C@nc6Kd+uSkJv|{2c%%r<%0%#61lQY(
zPTV}%2HVrx_wkJMAnJFL^@~chS}GC8FF~3pbMaEx;0mXD^oZ^Dj^FSZH0nH0gsO~V
zfg_S#O0Rh>ih#3=n(=vFMp%jVn^sYmK4izc$fCPIns}v4yJC-*d39wKjBe%N_lUuv
z$riFRZ6l7CDenO?r=q3w&~PX|o)jNRC_dUxl?;pwOQkfg-~$(;9&7D5w4tchIN)pq
z$niZX91aYYi*8xZa2DCe2DfsxsBND2bWTZ|;Pf*11%A-$vELkZmgGnJO>ZcDiBrjs
z<R>498jFX+-ZIf1wJRfwmRwO=YSoQP`tNPPy?yTbaO$1H&YYzZl!xM)1;|P5<|~Df
z;V!mx$7>t$JSllw)=e<p%jM-RLVN7q?i;=)mM#~w7jM6m%TAq-yst*y(Cse)o=m^y
zQ>z*Q#$vea9|e)fNxpXQI}|yOX|ET260U+!hiR_}rHZB}^(^?E6z_bzM)>w^uxvCx
zxv>`ZXIAh=a?z3ryKq#*BJcS_$j=Hsh**CZ&Vt)B?oG4}XO$Av^D4Y>22&KW<rHK;
zqyzsOk8no3Y#<pG8|?=qMI5Sv;)Z-Fra7&1_e;B+0^QFgUxXM(=)fkLaeE>^>?s`u
zbVwQeXY$QdGEF4V$GlvjpiRgka2%%jJ7NA=X78Y4IL3f|a%R-3_gm5$dzY6i;ZM%(
z=5Xf17}H&wd{@Ly%Bh!n7t%csbhm>^?dkF@X+uSBq+om;UUKb@U6E?7+>*Bt;W>7D
z+V3OZks|gLGVPAvi{LiP&B|~m6)lapTSbLAa7LDu{veJ<cp?SzXa!)mq#Yq>X20|}
ze4j6}!hQbRAE30Vj112$BZc5wkdZdq^{&7RXE}c<2*sWNtc85IP>*W&xwaXn;PR`0
zu>F4gV*ceHAHrV+8m1%o;Jv`V{kI?lV!E9~(T#4<-nFGN(Kd1d+m@YuHH%U|2Ew+N
zi^4Lyv=z2DvdEI-$g)3Lv1E}7C!#-_DX)ZjQNhi)?xZe9zx)E`eGvV!TRqwtA4#KU
zc1+)l?p6i}?Vr(2bK+5Q%IKjnF-m2%gI@bqx-lN;{6wTNEe)1O#4|>BzPRY76CHKQ
z8-aCLJ8j;Sj2?GSh1$vTatyTiV$6ebvc5Fij;LEyPAF$kOKFHqh!}z%dn5_P*3b;a
z5J07oO?giieNqv-b+l|kZQDpk93YvPNOlFN2)ue$N@o+@yv2S$IS~BvLEN1n{Zl&i
zM6ja)p4)YA$NRvrk@SxD;FH7g`^tD_^9@qpUfJ4@fI?5($YL*B*^IVui-^qrY&UK<
z$ei>OT_k$JyCE;pn*VvIPyW-9nB?u`oI<A>;^o9)#|F-+#rxOrnyVdma=^r?@RwlD
zI;<0ODUvjp{lh&w2rE+*6VfN1WXOQzn+VzYZloE!A%piqhAWjDIHC`iD|>*g$9R_P
z8SZ94Ul>p^0Rz1;L=PZ#l1UFq9;Zyr<RwB3d2z_j_Z}MZmVi7~W$nUnecj+Z9jk6i
zq13yTI#a7Ar66{&3LQYbbMpJ>PA7{a7^1K%BzLVN;iH|CD-krgJ_^S|{_hm!2Z<8P
zF?#tGKP*XH{R8UnO|X2~A9Yb4C~sH4G+vFk{)y~=PP3*7XUi|vAf*+HQXPQ*EACO1
zz}(`LkDESnwMomLL=qbV>I+E~j<<+<;SS~p%N4)D^ZS5wmvi-7tdv!6bGGvvysS6n
zc3KL7g~K#q!UQj%XSIn7Ufkq+34NfDm~AH=Tt`3q?R4r?(0HBnTft@!m2=Vgb&a_0
z4Ol2G!c((eIk+6*c$af!CF3qHWh4TxYi7$CxiKS~H*LmEacx6fEZLiGNtu$RaoWAB
zW~JxGk6Ve$!PbY&0Sh`qJTLnRc1i(A|4QV!lk}H^%Ya3w!=O+Ow!xS8(DIj;JPAb+
zGG$L_&g4wL?WUe;(l^r#YGZ6^u%tW!Uf?1kr8Vzat|vL*=H&UaI5{Lbcp>QxYw9oQ
zftXPUAZB;6+97=(Hq}pma4X`NKs@`Bo;T9-11oqAQ%gJ~VJ|%iXnPbCFRF}7!5bd}
zMyuSA47hILe3*AyXr9(I<9BTt%TK<F;`j#Ox>f^$l8K-x9hcOuy{F5_%>}^0e_FdO
z+>=!4@euRMBxc(&xD`n1!{n3JT)Ju>)qKk<yd9rF{v+L5G)-96$ly&Zv#_DYZRY9V
zN(3ymf@k6b9iEh`-WR3OLi(>k3k-QNsC7`gXPyT6aq`U$-T{Ql$d53f-1sOytQ^J%
zZ)0|BOLmI-`WI3b?Z(FtrHvOy05Wdaa!su<A!_aIOd8^0E(Q<JkFb8A2V_>`!`3u&
z-nHeDoI6ol8U~|}NvAd%SOozinL;Xz4pf+igcw$>hAKyqjRPTS=BII;Yss`+3RMPM
zZzo}8koM=)Uw~FG)s8XzYVZ*<%8PRHlb>6MPD!-6P$LDKP_Ufom-1eDWe2+!PZ;9w
zLR=X-F=dtVaH1`pUHMGPugHOLT34KzCZ0(TMXrq(jIgA$6P>n`9q+V8h77EYSzLQM
zGcN2MFQi>UxPXZ2XT{f>vr30eg%yjY!cR-(9zC0oC<jAI#<X9Kp)Z20N&`cSkp7Nb
z7}4G`>O%_|c5r>B-^Us|?DumcrujvEDfJ<<`+w7y<|L;)#*s&v!6nhJhGRg+f?kb1
zH!cwJ64@q)n=o6i)(83L+t%8bkso#RInpZM$@+V6(PUp8JLp~s4|z$5$)_-c)!S5O
zM%<+~mKsl(MER}_>ps|{+4Fvfg<jN&1qJfovL)r=liF(%>Sx!Mu(Q#c61x5xY0+-&
z)H1-=*$3OfGZ3b#%`{j&t692egTt62AP${{UB>c7x;hLY;z2aWPpMZYbwY&K^oWWX
zm+1j@dux+-MOIs}U!~}zPxC{3(y!(mq5%a>9S4{jQ5X~TY{9~{VHG%}j?ha>hNKr8
zr|5RawZ1VTkCmmD-N`P$w%3}v4ux)fic%iUm-eCZqWRKYgzKGL_U_cPu_efEe3I2m
zpMR8vA&mW%CHzqNAUGx_?;?uFV-&a+{V1^qFF`(Apu3wUg3+{F?V70JXB-R`06RDX
z;28KgcJdr3|22<zVk`PKF-z|voz3nag`EvrtFr8e5rn~vI!eX3j{#nh38m|WpbJY^
z9q38DTL$-oI|fnNhP3k5;BiPl@09W%kcuM=zrjygA@fZs34v<-8DVlZj&n*~3}djB
znBeD#*i*YctrLZK&~VUSB_Jv~PH3I8EIL0(3pTJ=v*A4Iejs#f*D}6bOP5zJjv_@w
z7@Y>`Qhez;YFh#8sxunz%>*DU;sYdqnT4a0I*qBFVLRg%#MMjB4zNm)5^%E8_$&&q
z(|+t9O?q)tQ|IK_qgX$@0zbO0fTVqnY{isKzSoE-To_Jw(a#DxJGhy|T!RMwdpH`O
zW*#tV!#yxQcyZ%1#G&(sM^T{g&zfe+`btGy!GLu;a}{9?(N2BWW!J@=r+x=ql8Y70
zFt2m0X~|`pxc%<{5JdW~Wz^9yg1wH8rC^=^db;j2%O|vn6?;PJov6USOcwa_K!`Qi
zKjOo3)61{%`?rKyaPFvC?4j#dWX-Q{jgZ4<FGGpUipRen=TaJ95ZvniBHii6mxv#A
z$|#9IW`T?9Vjy9nzzhRHiKIBo8uhdff$3~D`T$G}6Co!t<f1slUyY_?1t+or%?`%q
z?Ht%v_LndVw0$>q66#3WXWfNNRhGBuG`m}byT+jL?u%5?{kITz8DS9hx5CX+#q5tB
zEj5k0)&|zNn<bVNCwUdG2X)$6S=Kq(299ZjENdZtUnYCd1Mr)eM$)U((f3-@#9QX<
zkD<nEKH(rIAUBE(x~Vmwi~VGKIvoxZk7rfMY5)(;_lDWIh?Z`fGn}Pz!D@Qd_gFEK
zzYK7zaeM0EW%ul{E7m=GYNuf!6`xZXr+=AMzHxAqRk?A)SGd)TZo4v0A86p%STua@
zHNA#g_K!g&pfLe&wR^K5u6FX<Z4L6%L%h3?kH#`1jd!}o6~gI}yahk+rer<#qIyhy
zVa4bVOCE*>o_`}hQ1p`J?na{_2~IC&Xi{b*9s40H$mJXH^b*Qa?cB7%>PA^MSUopx
zsA0Q+M6h5IWp|HDq}_v(3eO!mV;AND`>yRDhb;Em$YYV@!M^r~rjH1DG8pq@MCiTH
z!abZgnS3;S)>U?|&<VmMRH;TV2-gVmH!S~PbNNRF-<;*2LHU`TGuT{ytuL-u<ea>}
zltlDOIda=@uc*5%EGzHb6BsR}g;KVHp>F2j$#S5?#i`9ap@4}LP_9J4;A5?ep8|#|
zL0zbTiFk=`Uimsn%1-%Gv?^OFLp>^0B41%PjHhfFDT8o{<gty%{B4o1wUWo2{H1)6
zgt_EPO9I&vIqIQUseFaSvM5_BWDqWiW;y5J<vL_Br+hil91ZfmgcmMD8e5>-ov|P2
z9Ek5jy%9EaN6ri5&eRdu-<lH0lTw(hjNwE^GtU$9`)J|Eg^*5vHJmE3y}}2`FJxAn
zMvx&cWRT3A=aJvX2);S_OZjDXbIb1#(wKHwk?W%|OBL{T!aLd)<=$ya?siaFKN<LP
z5O%UDDeHDBA?u8UE)mo>gUww(X90SatZQ9{bLd3<v_MP!V7z}WkkpQ@o;P(@8S|Sl
zYihg;wzzW{3Z>Ic_+kk83PuG?j;gs;S;xNsfJ=EeD8W1Sk6>D@n=|$LV#{%ZCn4!*
zrn+1ab4t;;hiEW0#_;@9X3)E1vxgADlTKZa?~Ad<?83y4kU<_9`OAT_4mwBhZG08M
zu74B4u^yPF&tHLXE0_Q}|00CfA8&QvFfHotYGv<mrP{r>@io9%J<=0G84fjf_nyYr
zn=lc=e-e@dD`Wig=mve8NZ+Ma@HF7JgOis?k<Kzj8q`5qigqtjiQ}7eNV|Rv%ENzl
z{dCK&wgu+_2OK$dOf!XlF-dMmV>lm<#y1c&k_AjY1YRPJ+L&F3(aU5T+PYps-O)7j
z1IzI&=`w7znfe*<)TS2mH>^{(ZPZWd>8K-1vptXXWZdV&jm<%<V&yw@mH&!@)|OrO
zPbBeXPI#E-6~OVA%v0tcz5W?Q;s*bKfn9jZ{R_|KJjR_W^q@4~5{&%yFGtaXUIbdx
z;y)d8tAyVRdKhOnzRe^~<2(3pnnqZD8O(1O{?GJNpu~ZQ`@#TmAmCrZ0C6DTyJ3Jh
zP(SI^XHlM)qC8H$7elB2y$UL~bMjWspMJx+jLx5et)Lynd=6NWcY{fM3eYuVu&`}&
z>X~de(vHJ2BrFgc9QGE#GzA#Z1c(b}s*HppnF%EV?2xJZNKbhGm&m`E?q;BXk|y3U
zUF0GPp~Z9-n{Z0Yqba@{JR8K=MJMf_gsP}5^U2noth9tZ<X_<hOTWiZ?OVBSe3{73
zzah}}UyBAm9Ndgw$PtuS1a<w@L<v4wsrvx`a>CmUNg(YKM=aPf*WQjuO>*)b;$(h#
zuQG9FH@v(KncY9t9{kSdXB_{|F@J<>H-B`8=@?I3^wT|ZtmPjEGPHP>?<d^HNAAhX
zVx~#y>cz=-AjtK94gTta3F0JCOF733ifBK<4pclANx@Eh(fmvg*@aa?7!<Zh6N26@
z3>mZG@lAsbJJp+sFz!_UU8_X;3XW0i`=F8iF9b^$H=JwG&2H#2c0;TSt|{1#?NQgC
zU?WEdf3)r1jGYumLl|)K+&_ljjOSm1=sI@~RK{~I6bfVCEK8gDKC@-x`2ig}Y$&~h
zTR@pL&46H?B(Gj*XulkQKSVeP<45|~#{Eo56hESabln8H_zz(}Mwq=8S`v8tw}Xhr
zPY?q4e!723_cVXYW6&1RagRTQJmaAPpzkE;&otRe*5l758Gq|blu!}BrbJI>q6ajQ
zbf>?7+sOO`$oVVsH+Vx_RCed})3o&H4Ox6w`uIAnX7mo{8^6NGtA(+`9lQq`MO4jT
z0Q{WGy%^u?rEQT`e*(1UfJ>;FCOyF(<e#^K*WtrE_n(l--i&<=!dz@-_zjl0^;O;|
z%=R)ij2>4+Bx&%+fvetKMALj4UG3QWFkDJE{sVEvbWJulp-&n6+feL;o|8e(D@c$3
zdSuAC*HP9qYt8j;^#6;QVYi2O<8Yzzp9sv<qM6t~MQDI0ow^fv_|KYVW!8tRU^np9
zVQFFh{sp86rFty_{oSaCu!=|3;eQvM8&W0e8<PY955rz3saWTA?0%Uc_7LG-i6Zyv
zST{<BGHwpH4(h)INQjkg8OF6mi5x7FcST+)^~3T)+3D(t8Mf}`u~M=!W2LywSjm=a
zO|v0|W991d)*V-6pkz4?G9^vp*NDa0=q{|d--p6r84G7R_yFBY;SN3+x$cno$?S@-
zYo{z(Jj<axuby?ro5}lX`9$AZ3vCFTxpmy>VL|zLrVR(*oBclieu}>}FGoVFIyiAA
zS6Z*Y-*E_dsJ|Nl$L)Q$;*Yt#1Al*uzYpN=L-_jy{;-W8^+o)B6@OOslyzT`?^)}<
zjPIJolIw*h4p`N**L_lA&RfS+R`tSl4-i5rzi8ciC2;e)cguI%#F;J}yYcr1{JjZ(
zZ^Pfa@b^Cat)b{mz7o8tP2MKIUy$FQ$Zz{fhA)%fi{y8Q{O*z856kb*<hN^#kf+G+
zX8C=&{O*<CJLUIl^7{+<Ew3W{8u{HUzb}&Cz4H5U`Td#v4xT{BGvxP0^85Gl`#t&X
zJQ1;X_TDfcb5hIy7%CgPzb1zezJIvedgXHvfqfa1$1=dblC!NzYzuO&ZcgYXeWssW
zBfqV<?m7ruJ9N5+PF2)r-D!xfD#RK+aK|ST{8KS|Xv~Vo+=*eFehK`3>`}RFLnpSX
zbnB;AKZE+IcFMOh4i(Q(%1NdCFHyR2@crK~)>@dy+A>qZ<{P$`#xcabD~uH{W-G^%
z%5-CxpGspXVb~_psgFPyE|YmI1MB(8$AU3N<vA^>rkQA*)?}iFF82ycg3{yu7eEQu
z4JP7vGi}uXOOj*zk3g#t#}j%+P;@3y2z57sm4#l~f0AHIhaw6|kP?xVj6{)8CMR_P
zzWj&u3|_e=6qd<XQY3~e&MUc~fv`;8CILMPsG%Y;k%b~Az!6h{=8;Zq*DO+)2RIYy
z<)`);d7S*bW`Xc1lb>iNX%o;pdF<*?GSyz8*|!r>esT<vVFkpww>#tL?WFLSA2_Kg
z<j*xTj3_N-+(hKV6+6oQz-81*;FwB0_JqoahT7vQI8qI`Heu>EHYVZmrD6GJ<^O_*
zng0PYhFVxmR{mEZXfRhn<i1YfN8Xg(627udmIgqJDOSwi0D#Q1)i$rP&7zH#thj|h
zoloJ$G=xztg1mg$K?-t+1qb3!<~nWai^#lj91&w&<u~|Bg5F_MXNf3?iT@zlF=k5y
z$Hj%^fQ6-|T}_RDiCEKCkC~l5-IN*@szA#>lgMM#T7q&CeWe`S3*_Y+hyDOm>y?jI
zYG^iIJBil~$aQM-4UwQaxSIt#&4gea7XK!bk5tGo^xx%*Mx1Pw$1+ysK?_D<C_1nO
zi@g_B?zd3fjX|O@Le@c<@n1x~)S9N>z9n?Q0J}`Xb`edg5A(xUgZ3L_{y|u9^B8ox
zn3gFVCxpY9>@Ac1=i{);PmbdzN1lrKFJ!(Hx9RTM(lb7;&(LtH_jS+zHs)2h=<`?j
zxB*sNID3O54(VVV&h0jK|JnZUWnCFy2AmuH{(Vb|>8nw(i?{`}jw6A=MF{^+O>NT`
zr>fVAx>wrF%R%cdnLBoH8jHEojv5P$>ubsgC{O(dlIH!RQG&t<o*3&zpnnv8N^(H{
ziaOR%N_lW5#LWw6IUTz<6Ik%w0QJAsh8?RT6&#z-faDB9w=;CV?(0OTK#u)OcItjI
z81+e}1^*2++p{QJ?X0q(k?5U5o2e-*L+Sv<NHWS#y0MIequ*sHzYOMA!ck7vje`ly
ztE6rSRnIE)uF)*+alIc*9KqU{F}D8)_!I}G&w>jeC!pkt5OZ@uEaX>~XAt=dq<~a2
zI|+^JU4mG1g^{HhtvB?SRxAQ-IMbtS%<kIKjrz}MUEXtFS4OLnJCb?VvQ(w#{}b|p
zOfXB8iNXl3QBFw2?+{~<{BUk0wMG4yx22w!8hfW~V}$#j)W8Gk<~j$>JoReu%J%ap
zcFuG_tj<ns=GD+WVLiHIKkdT#`JW@(I+<}Ik`zR4+HAiE9u+0*1m>lE4DgS}Pf0FL
z*c*uvN=P}vM+E6>UM4&B8w$pqrg=KP4J8J2ICr9vPFg3SrK%3cZY&4mAr0t-rP}Fb
z^^1R|q7F@+pX_2nwW12Z_TF^Ll0MCnJ7aYHKolw$)->JNM76445lMo$0<{T7>NvD5
zeW&b3X<N#_%Bqs34TvT8uV02m;z*`CrmJw*oBCfC^jd6@&e>O!o~{S&+T=JWoqR!5
z&X^Cm1RrjS;?XKrf>Q8d%#@#A@<IIM10BAk&QI=7@PXmme}`?Xh7T)I|H=oV2>C!a
z`LI|KNdh}q&LvT}z(P8f|5$vR%b&IU6##55wS#hmrDpDPm0IvU9{BjrNP_<}unU54
zKN-|B28*%?0vfe8KbozVtwG#4ej*_`3FL!0Yw#gc=;c@Zz}*MBx&QMf=_44c<(|6u
z1T+DKlRh{<f@4b3-p<7~TsK&cD)qF{{_wt{Cylm{siO@_i-ltO>A+z6;K9_uIx%UY
zTy|<R@_S99ooT@$!La={;2uUF6N-vGN8j9OdHx2#;bN0HI^^%UnW;ANnR65j?x~wa
zE@i-zHVY+-(S1RHPDZh-L%C`p-|b%1?OlX35gGqfATQ(4jyts(TaIx6&>fF`Y4r_z
z<NkwCIG|N~P?tttPrR9BaVAs8V9QEl9Wt`ic?ww_<e&wp<FXYTLU2l1tLQaOB}mb2
zoQCfRG$V+?O?V8^7*ArXX`-qWvDuBmQ`dpSV6w{2nuyCqbo9g!N7Tx8wQ~aea8uM9
z?Iu4A7R+CXBq)Pnx%PCmQ}@hb{AMPyT?w1ho=fc5vX>6}0avhaU1=Gf9(Zsh#A{EZ
zCzrW#v={n?$Y+N60IUSCa$KXxTIfX9Bs0!>f_sd;C<|l`Jv!3TAy#)~cw5&0XYd`h
z*rmOR?%1Q!iFgT(Gb}=LF<O%hfga9PEkp+uAkEoMm#Zw|rXT1?yAdjLd+trczPe(y
zpc7l1A@u(neZ3m`Ud8q8@Y#-c<Hmc=7xhxLF!m$0^SPq*Wj@tMg=x8IDctW<t`3Pr
z!P@>?6v50ZPe*>Q1+S)F(9faA4!%l)T&IlrQP2mfEV2NMR5wF=B@{t)xc;r&>w@;>
z$biQDovr@q=rZtht8ALO7Z{~Iu%AjJUgq@ygWGXS6*kt^JMA57!M<{})18nAz}vD{
zTFTQFl}C8txP$%!;E6TO1{4$^%XntdA4bE$4zj!`|FIvx+9Any5_9c*OXj`HGS*P)
z!c<Bx<O`Sc6*0dw*1Ko|-Rj-|ceqUl7Y$qrZ-YNp#hxad|5)T^QrOdk)(}ZYZ7zXp
z%O<a3pD5$spfxqjT3$ApT^okI)DmRDr@)KJ%Mfe{D)IYAVIG6ovO;{C)uNGf`ncaJ
z2TQF+(rRQP=^U?Jt`T<dnJ7lx&>ct;R6+3BIL`QtOwcx^_AM5oeySzK_kYYO#|pF{
zmVd{Gphe&DVf<8A1Se1;lz>FIui+-Y;B&|h9XlDs-L~S#y~N|N2x=)lAJG%gsWNpg
zXu+Luu(gqvAd9-5{ww4f3Kt7uJ9x5KievlFfHdZf;7MFMiu1}aBMF!pci#`({Ac;+
zKwP;X30O0-AhCmAAq*#5K8US^8m^-rpzioUw5uvS=khWn)NqBm8fT-ddY3izq@y7w
z&jRUCy<COQ$VtxC&}mEDL=;!nxW37^0gvOa#45l)8`Ymc36a`LG*080_;4tt7wyDK
zu?^#iLGVa2nkGQ-7U3oX?BF)I!FuLj$8*OWK#%z|<AS#$%Jn-LB5fFxLiy*2zVj})
zsSW){^QAld>wp_mZ8-^hGQQM`yb^zJ#@{#acMSfP<L?suZNVS)p?`zFJMrgKuUPhI
zr+VeGYu4NiuVtr$$FXg|THBcp9vwQXoxx*6_h9Tq@R?z7wGf<T+(U87p+w4|I3<I_
zltYP>$n%T{VP|l5j4%vlN)sGBMx)cg<HI!R;G8h*33P-*{PlQE>0AVu-*oUadi3K=
z-OH&QL7pNY@;es@p8r@(tQP|GNdn4WCq4BAB4Frw63X8&^df{lSwi{iq`RlS7y_R!
z!Tb$@cLDgR5-PurlBu6+x6+Ahn!=}kfR>1DIaY9iq?F%g>dRAKL60FY7YdC0HesoD
zD)!!~TLu8yJM{y8u=DgUkYH+wp4?GSHR-vK9#|6zW`N&m;-AQr5)U-u5j4xDPQpY;
zQT9$@%MCi>sn_76L6H4La;6c|n6gEOPSdD^zdZgH<F5yQL-@nV@tO`8H61HzYQ3-Z
z$;eUb*H0(|*lqC_=t<CE{U`E^u|YS4oQv^^s>tEHKNVihX8NVw$c5vi*;DZ3ZjQ__
z0(T+&X#5?Izg)|g)H1yF%dqf|rRc?9@;h=I=G2#fXEl5;HQ)8-yFtFeMt;KboQ$c{
zS7DCnn(Ctj#NIN!J4~!KE&D`d|A#frtr%0+Jw*KT7!TDMkx!jN$zk6{iwpl*{`0{-
zZX%ESXlI^2It{3=L_K+Wo<2H#_3h|~N43vQ&)4T}LnnzoH{d7Tcs4%ldg<lpE3wlI
z-A-h-e+lVERlg>zYB5vy?zpBM3C^u9HZ^`<RO2k;Hk426TkK*{eIrb4)TiM)gg<^)
z;16@0Wk<W!;>4Mud@`1`n#CV9?7<bRF&z90uGAXbs-G>%iqy4ZENjhqFPN+aLJGE9
znD2AUcT&E=6hEP?oeOCaV|DOM1gpTcghf)PM(x-(Y)#W>8B5(f@uAc)TBS}N|LgLv
zCLzkBUxBOqXZas}2pP<t9Ik*VgYi6JJ{h!CkJHueV0}G`#FNjAF^GIZCpL94gsO2h
zgly!@^wrp?ghQ#;)VXLb8n_~@GYSO0DhfQHSWgp~9oz)Gm{vRo9*FoPKk3F4KkZIq
zJH8Zk27?cMnBPAhJa`?~RnttOq~nkuky+D(x2BmIyYGQGcV9J((!ke9U@l)h&zt%r
z=)9Kfm2*7g?Ww1xa<76?0y#>~Y!~Pq<)3J`c3uP2JLG3S8k4TQ)&JHO|Jz&qx3~EJ
zrp5oB7XSMrKl&rd!k?xzV7Cbu@?hC>L5u33F-uFmUU<SV(O6)^wyPS8zd>E`9B<G-
z^14$g+&AE=>f*lpims?G+Ol=1Bt>;muHk@~>W&MkrDLkM_^9nHJ01(fJFw7p<Tuzs
zWVpUM_<ITCuY^IjUO|8CEX%-5{v$3PD&c)<*3?Z%)VLNTTK-Z@_8QZ4E@`}g1^K)w
zSJx~6TL7$SLfc|ob%G1I^56>R`Ao}tdMbEui|~L!GDi=#VY&e=_wdxQ$QWmKrzL7B
zJk~VH@PZrR_JZT^i=oFq8-tu?W=)f*dxBRJwzf^d(VF(LWvC|6mPklv@G2(fT9Nk=
zyg_J?)U-^JXjh01(o~1v0`ZbX8Wap9f!niUQlJ*x31m3$DU`mDh=G&19~a`5><oRF
zPYaSIu8j8vrzsZH`txTm^g^SR+9UMFyp72O=lUjpjsn|$Cm1=IUx$NpTn{P(@TwV?
zpCJjR9Imj`l_d~XnI|EQf>YOa0rJDX0kmDA8k%-~^>`K50wf~9J7zf}!LVhB&W$|N
zm7@_{=-gCr^Ijd*CxRQcV+$IHfyb!avcI6dCy^(v3X?ps*yO>hIdUx}b2V#HlkfKr
zn6ICzo*m{ptE?~}FyHXJ*6hM|CbE^Kr^)k22h8)hRDV=fOLU93N_`4{FE+W*I@7!2
ziL>+UPUP7nJ0|b%hIuD+o0c|EquV?#b?g&j-6qdJ&ypt?VREBAc&$!_C6+W-TQPR$
zO<i&V)|!v8A?=v9T*qF+Y#`uV>xGmdSr4PVH^4-U6FczXz(6m*;(w|7*`ye52XBJd
zYMkxUM51j;?TvfEC+ths0R+aC{p>5$cmajL)N9!EI8A<!X@fj#N?qzcq~j`mcSIFw
zd~@WRx<)#kO5-I^5KL`A!SbHnSk{N$#+rUH$a1It6A+E%2!W>S=NN>%X?lVyF|PYH
zklDB%No^DQJpkj5Q$pC)^3+E_PQjZdzTn>wg|7RUZ175?s`q7szrt6pv+3}%jTL}_
zBCxR%-xSZ)z5!`V>HAK>!+##G><d1Hyn|a1Sj2gMyghK9c&;sZv8Q@oF&rp^t;p^>
z*qDa#@&qsfdwB{UOLf&Tyomd&sr;FU68C+nGS&!-EWkYaKlN<vX=qAcKwfCc`|v^k
zlTQ6TCYNs{Ka~NpFIU~p)K>w7VQW~6dMkVdXU8+ZnBXqBJv<qFFTcS*;kRw%A}9Db
z90t*|z)9StoeQ^jn;q*;SMUh{S#~zqasrCJAD$9kB+dKppbM`Ne;Z#9w}U2eXM-yN
z+_UUfb#$-tHLp^eW#i4#w<8IzW)`X<%x^^?j6G)Ws26;VK<@ObK)(Mzxb5jRsFbzu
z1sCCF1qCzUu5Rd|W(oI*NEQErRrE<oK?#`rAmmI7=>=a$aF;)dD)%3awpD7kylPkQ
zO@!is-}lC8?ma-74kRgdnBsmbN@Gt`c!KAEkA{%{03puQ{{jN~5vf6Y`Xs>YsxL+z
z(bY9|17%mFPHROOR>e(Q5o6v41Yw=wdPSD8D|i4!4=ef?a5qjtusyB6(low=+`C|f
zkgBNWS9M1S-vWds4CE>XxWkdDf-eIeCRFUX)YX}1mm4P|!XPNG>WUD&DW=H8783N{
z7RQc+$iD{U2DEJzxM8H}jRML_v8PWb5&zBhd=6^HP-oJ#ufpY+l)qi|&d|maOA6Bm
zpGOXc@4o^+xKq4d!iMs{Lu9Gbt5%AgQe~P^{fS`SslqbJ_iJR~qu}o<p=Hrg$Awb-
z$}VW$%023d;h#?b14O#m!@cv14N^%`3M)VoeiIZ$47e8_2*F+^biFF>5;p?$4Tg9i
zot0MfR5%;2WN)S&nADD6hn&nI;F9g6QhN1cxx#pcdbZP30zrbd<ku<fUB#|ZY~r6H
zf0m4N;zr`G;8u8oFM>LG^=e75huvYBZ&pcvUc%v?VkOu^D!V;g+uv;pEKTb`%_PHS
zqCJj1y^b6`uBlRcS9L^k@MfTo+rAQgz;>IB+ih0btruuZWK&xEQuGn_)YT`@^#3fB
z&ws8suVPW3Cr+Lj2%Zlor2Se6+0Kw@ab8X53*fY;S5pESa0b`lM}`I4H1zAiDD8**
zWniu};;_mN&=YXp%{BTi%<1H`KCTA{X1Yk~3pt3>9)p>B>P_h5O?>cu5QMk3R^t<!
zAvLdIFSrVA2Fl@ML4+LBD8Qu3a~fs+Ky}Vpn{1<kOp~;Ff1(T+4Lw-mszWPXg~_`9
z|DbH*QKu990Qj&t`5``yRlorEkLf;<?rHuGE&2ntIr8We2h*+x7unMU6yuF-=*I3J
zHp=z&GB_AVrMak~x9*!@nt3F}Xap%i5v0PozKzUmb0qi#A%wrKY)nz2>IGC0sq<H$
zM25qv8=zJ&t^;kjZtyKM1OxUBtz7igI@sJq7IdiyC>IeU75xfILYD{tb@6uU41?R2
zE(TR*&OkW2#Ulp>u=%+D?@@IPc0jn0PsB<4Z|Rc00a7q;puCJk_}C!>pBW@0e6DXn
zf*Pkqm`H~ucT4Su92vM_e-IqY4g1~r<RwSb?*ttETSopJm!l6dfgLcwKtQ5%Y_Ql8
z{}AYUa}xguc!ZZ2r6?Sy@E|-wAk&uUz}}LC{ZC{W!m`+I@D-Fe9MgVD>Cz6Gzi#kV
z1dtz`Q~nyWr?&!^vQf__nKI%C2n&hnnvE`&6Airb<H>e_#w*yVdQ$oZM_)4<H<e6>
z5RD0biagCoy{kTC+D^AdCR&jHZJ1?87L^;Epm?$w0pm1fI-^G!1~c`(j9&#Yqos@?
zdK-!_rx{S4X08Q?|3LsL4VmC)$ljB!MQFDa?W`PDh!ZGaHuyQ|^!#PudxJfe_FMHW
zrvGx${AGEFYYk5{n=;-?4K}t4WTf3L8`Nfk%kSBOk;68%lIx^vDH35#m>azdJLh!g
z1}?-$zkyL%7LuA#q6@%8vVOE(X{-e`MeTe15s()e;Z1`GxlOR(epbJ<R^GMCa^M{i
zne^390M}&3cQZ=5sy%CbyWzu@3Bx{2c1-v!2**W~nZ{pIgtLv8;!{koy$Rxq839k@
z$Sasj%;>;#8!=PyMqcAarUU3Z0NS{T9wmfF)KE$9XJg~UlrVBi=hg5)QYZkUc)X+!
zK%>A)p<t5@qi~UL^_WB)hegb}P`zv|*#37vC^v1=5Vwkz`ZDHKEi_(^FV_;Cv=@vm
zI%E5yB`A}$#Xfx5pGAFw%p0%^6h+Y9McXXx2)D)U&|ePxInCddS*7W7c*g2&Q5(ao
zfdZT7s}D{Pz^O@`;3uHC<~hNs_{L0RUT*3c!0~qAs2+`dzJ37=!9}{`9_}fsjJH|4
zwqQ%D?i|534Bl?5m*a7J?Y*E1-+PK^LfkQccha3KBX&RxEzD8r;Uy*62?+}KY*^Cw
zBHRDR-J8J4SylPpmFKCht(T<fPE}_i)et%sUEN9O00tt93ohuOqGAUW5CkM54|WHa
zlof&tjtkK^ZiBetEDG+sqoWMtzKf2I3mHXcT*h(V#`XRF&biN1Pj@;j%K!bm@4u6$
z?tbsN=bpQtb8aD;|AAWR3U-fy9jXqy)2~_A&kf&$&2e@q+*2RHR(X%27rR$t7#?Ed
zSMKWkCF(pKU+!~u%ywln6&e<iy|mJ4Pp#r)Dng!N_D~g>?#H#GwK0(*3U3gO!@K~K
zM#+Y%es3`blfbl+3el;pW8)WL8%VmD!{SVEEU+gv*2S~U<~iqq^5lb{Ahf6Mk~o5f
zwNMghs4SdWTk@pr{ij!;8dm-r(fM){rl0X@++Mg=A<v)F_+g4X)fOldQEP@K^5u)s
zVuP{-U(_<OA%t>^=<r3qjAcD}Yh(w*-K)Sub~5`+If};k(S4Te9R=5m^N%^2ynjiv
zZxCV?4Gwb)G#=6^=}GJ;g=ns?aCg>D*Hh1-zM+!z6DdK=Qq!Wq_rIlBDjv0La;P+Y
z_o2RNuB}vz<y1fFh)}3=;r<Q=!{o7)t_KDTnB?({q?7gjtsfSFnIBr;@!P4m1C``F
zVwdjm9zrXYa;Wb_-P3pg`i8~)G3Y@hW7gJMsk(in4_2M(Eb7c1Og*6`La%zlEgR?t
zmY;YE1xb0LvAy4*X>WxQEIFTY+Z)qZ8xIY!8nYAqsi))d5&(ez?E>N(7m`P`>Yvm`
zZS3SV!RKrux)mW0VR!Gv`Ic}xyo9>xFYwUsC0f>=&y%CreZGvo?$t6He;n!ljV!e4
ze?nyQ*N@UeUm~B;?n`Av9l5$M%h_Kp`*`7GG+`Juvw0+&7vrltN5xFuL^iOS|8b<V
zPu?CQXMK@;uZub=VyZNM9#z{#QOeoUHfCc7MG@2|)yKq3qdzah0o%xlq`_lgZV6e%
zQxl9Fe@ogF{%d4!y_vJQ@jY*d3k(>qkWW3Wzk`ym`Q&q>j#6<!<d&|=nM^Y@$J<py
zRXkMtjZ{182+zq@tj)pg$$kc5qpQhWWUFT`@^J@5UW4Ah_p+wqDwOlRz9{)9Q7oV4
z;B3Fd>i1q;-c$}s?m&quJGI7Y7<E*)qlRcgL&0d*YF~oEkN11XXP^QbAJ4Si@<>Xk
zGzT|D`(G($uOX%bcrhtqW3>NyFt=%bP=Am#AESpxkORJ3&Vfivt1R(I->6<I&k?~E
zNLCavQfg0-PkjqFS%%eyqRD3My#*#nImG=x-FM4?vRu;|Rq>Jqcr!q=;Q21bRNpN>
zLU(eh(K=M2ESG!})_2QS@J=ais-D^iw|TJdmiG`&UP3#DD3k~9ZkEABJ_s7NC*P#8
zSVm<9eovw7#L{Lys_&L3=1Q5aMZ*;+NQB)(lCC3!s2B3-n(y6wTlJ%y#<px7uGaUl
z*r_)5jWCL-8|n$*<Y#oh;r_8LLs9Z66+7TV^YFklat)uw=aygn!7Hc^JN39*zKgRy
zGT7e0yFi21R1FS<yh{y0rs_J@Z-)m_M?J{<Y?ME9^DS@5WiyS`tx*mMWujKQ3gamo
z)VHd{XXc|a>R8l8bVY)ghf=~qK$el({$;y{Ym@hcS6_ePUV^8(@J>Fa0_i<org=eU
z0&j%An~j<ftZGeX-C5MI<=kc+{!Xh~b9Bq;qy1?-2|=iS{cWVKz5iPR4yQF-u_y{7
zL8||)aqR#ysi?{a&M#24sBGOiVhhbHiFhy?0mBOf!=YIzgHiL$xx2GaNIs)9)(n$7
zvWUxV{Cpv4LXhu;G_UI~i?=Qsi$_OWpCga`@rL~<&4OqaBnx-9wE_&7@!{ZSBg~OS
zPlA3(=igkAXIr@|kLgNOA9eVA<hjR!VpJmrP_0jyz6#AFJ%8a}dsy*=IuSZ2=})0T
zR|Lj-B)+!PC|(;iSC;ByjwGAUZy?>9Xt$`N>BU5|>PMYXr>AG`=HN`zvw_6rTd9ws
zJVYW{mAVZT3uBjH2?jiFZxk8sVHdzEPx@%;upLju1{s}ZHpRte|E!NV#U`rT(L%ul
zeH3y6o_x4(7Wa0OnHugJtoqvbCgA28d03d!1T@W>qbP?)aCXvRwZ^jrs6=a`wj}k*
zO-z7ogZB-<0<_sc&aO~Hi39o{3?l<j8Uv}Vo(5x{jW90TP;#|l9JZzEDr2xMSJ$+D
z&3cU_Je+A>l{ys_vD)g|8n#+jzuZPCh;Qv!dFeUL&F96gmnyf$_ABYvP@}M<yH3_d
z_jTrDckadRtK^u!f~>l)mbIf_?j~t`Si#(xd>oerYmui2;?l9`A;PD!2tGfb4SwGO
zep#59{8!Xbq0?hg>lR8%Vdw~;#1=DA=kKtilw-ClOF1siUwAYt;mG2IB_`XHZ!3AJ
zbt}dON$l#Be8LXVV;U)(yx3theWg@*HE_Ju=u_n*&tDI<*KK|4KS(@U8~<J`cC@Iq
zA1C*MeLR`Ee@E02W^Aq<^f|V=sq7k507_vfjx8r2Cyl1X`pkMXXN5!`!n4GlsP#=O
zQ~!Wy!#A+>x3Bds-})A=%=0Q;KzW~BU%2o&u*un&7!{5I_O}7MbPXByDvrH&JsLI8
zqt0tpsd6-b$<c-?gDUwjxoh>M_HmZq<KwY2$Itx%2Y2dOT0`mX`d*lRk1P^NvU3R3
z!}%?$okB#NzbACVhTFa{_C4=#p}9G|JLQ~|{NHZ4Hxjgbp09%qzmUI`J8*c^k0~Yp
zB;=H*+ALC3p$Mu|nc9bTWkK2W`-oCDim;}K32Qgcy%W~@FG5HlyQhx3vQtUvOMW1e
z%sYUgUfa47D+~E%b+)yF<wAeCIWRkbzT%VMVo*TC{RgqGb*tL7JX<~CJ5&VU`m8U4
zI3{h5ZZvJ=BV3e~PS$>da5Q3R)x;`=sYh_fv-fy0L8)`*Ar9tnc@Y-0a+zL-?wtAe
zQkfCfKdM29#-c^6A-qV|SEUeu2B_ryL~Nrk(FlOHmU&>lIt5zEl3;Pl1`n=OPy<Ho
zx3B0!L}cI|w`w6JNkQe*`cGxQtUfWtCeeu1y@hLypK;+hRoUhX>m?r{04*<TXb5%b
zl5e|y&$i1ttf_bLAluB$d_^><v-Ha_A5T89b>XQCW9zzz?$}_->s`93<bfNFm|EsG
zT0hr$LvoS4SKIJdFRwLE1tYGYaHstqW4gOtY{IzL?Hph9e|fJCAEOS<f$bb2AlDMc
ze+Osp#XPZ6u59;3H<zS5zWg0xSE|zKj21Poi}*5F*C1okH#@%r0C}oR;ByITFxw3o
zM+g#x^%|5+0FvWndG)zLkRk?d4ys}Zemq{@Z<iJBO*!vUzshr#)C1##dX;sk>0-S<
z<BPg=3ATsEB<IB5ZwCs8Z%p|-mKBaCe;XI_`KQbrmj4Gvsg<8O9)y`A&3A39Hy)fs
zzB;Rk4`WHsAL7z6Ynw^95nm6{Y-WEiGo}feC-0acgm>=nXzVCm+&t-=^Ujf`AT+vZ
zy~0^q;W%)xAg>j37qLE@yD~dKN^^$$D3|l5M?$9gjL+@LmBO)|k%8iCQDcYsqm9O+
zmkkQ@%QEn!Y%rBS(!VQrm@TS%TBNyCALDVu-RNFV)RYZ_=~PZ*{4xvm(i!?EFyF2E
z!HMyl>~v~LzKpu_Wn2n{h%e)Q993p~8Bc_+y7$Kis&c*zIdXg%e(2sY-*bozUxw@%
zUj}>=$xmqQL3k{RI5^EP9*ZC2H(U%n7IN(3K}BP@kOLlzzQBy=JQl3F8263GVo#y}
zc`1(t_E)Do7TB*(c`Wu6PQLK~9*dunG5xl$a3j<8dxRSYJMdTt?7(B;7nvORsP{E=
zky)`mmHaPR^e!^F@cktoBh`g`42BCGr;gM(95?<7nKu!&JjRi_GiiwbA?^s-$;IG}
zYq~?Kewz*XG=}^A9(KZGT%u-pxbWKXUn@f_031DA9y=7{5yY@#a#^N1c2;D&`EMVU
zrc_Y!d8O=_Ra(F_Px+<yfG)kA*JClW!09B6JNlj45CDHXg=#a1x+?K~{9MQwDmUve
zTd0zu{4c5m-PhNcF*yYHAQe9Kv=sa&2z;aiC_%qd=X={2E0TK|?*O8)y_IxYBPB?5
zohH^8bNozzz{fF|@o_j0f(7<?5Sl}F2^tzCV>4LL`p&8mn*Vp?8$#P$0SWP=$)$kq
zAZ8dBH$eNIPCl?^!0Qn*_;oIW!*W&ZDL#y1V?#)OMa+=FiW~v{7VjPb@{}U(5nU;W
zAch0)OJFaMm*Xg9FEC2U_-7#B-;;c5CHMZuBQwG?(!4faN`8a4XF2CA0Ltn>?i!e)
zQtp~^;I4TX5vQn`m2{cN1C4sa!^tlM=ON|Q8AF9~3@iXkXP)CPNH6~_(;U|gSGcFD
zJT7WwCgBQK_PFza5F#@PSGcm<T)X((n+3=3dgtB;o{JN{j2eVP@Fl}1*{5aUeT92P
z1)aGq7-Q@>9hMoZ#|1(T{m${c;D$C`J9wj}_c20~-O`ke7od!MFGVtK%gA#9l<j^$
z6mucPK&lTS@zS@IS+?nIWhk8`jNMj-YqpTxMP$dg@>gV+-ByMK;UW&Dd{W9#E&HM+
z3{Q{4tNUP5#hr)pJN1CLBUkQ9kpTj(f~n11o-4$Z1BMh?%;#(IZ++Ho8*N=%>gWOw
zmWQR&wO&eJ^q}J;1sCkDv(N4U<IY12uG8#SWl{6q6=29Ve+{Vk(<?k+4UyBUKpP<^
zEW2qM-m+Ss3s>hThy09T!Q1{|H-Y7F<znmQ9l)-?Fw&%F)16uJ?2R6Au`7?j;+0MS
zHXN;w!F@L3w;sSoqx(qW`Up`>zG`?9X+m(cmi3dkpkud#-0Pzj*oG;4b3{6;-e>f#
zK{h=x>)lq0%y<{d^l%RN^;gBzaSoQ9-;_Zk8=kACn6s~%<6bJZ2g}9@;OtF+t%}x@
zpU`cSC!#*1^<^YXb)&3G-Q0Q*^@Djvq7+=SyoAonaU?8-xVgsM;^(3J2X~E>np=1T
z-UJ_PjbZ1E?ZPwPQds7EoY>!57&zSa)N$eE?DhVMdZsli89zdgdna60H^=>^kE)6r
zV<CHm`)w#0E5TrOY^JZ;IEO|IiZJ5p*jc64S~ZZmZOK>!G*oC`5%NbNYN@qGQPdUT
zJ2&P4Ct;y_!f>ToH}1%{ch&6-Mc$pu$+_Ue?LJ1B5VmnOB#$9zxUb@zw>D;Zl;pfz
z8kL@$ZytiR#}34E6OFFAx|g5p=+em}-T?&;I~&r{yaS>|A1(s#fGRR|XsFQZpw|s4
z=n6?53mA6qdf;8T)<LD@>m<1YcjYRV`*7uUo|993hOXpv^+0gW9-=35a)VaiY@lV@
zVNd4Je$e{HY4nZvLo*)9kM(ryQ`>(W$9_s!_C>Lnfy=wx3)W*fcX8&a7{S?mNTnyF
zv#dqN{EdvH>tXD7D-7xU$NY~eG(@-J`9Bqp59DD;K0)sLkK<@a*$2*Nm8gf#awYBx
zAZ7pr=4U!fTK<X^z4BKa(JOz&jF+Ec=ab|P<{D_78cVfKZJc`<yOTX%0*1*Gn`3)^
zq`F?P=cjVJf~wVNRK~$&g@>zR{6(jf^~+b`8{*SVwzwb0`8M#iC+9vw){}Fev)`}S
z@3-vt$M*XN`|UqLaTY5bT+W<&dkPHC9RDW8M4Ja(g+U7DHGv<YwU#^(A6rEMbKCjJ
zRIm(*&4Z1bna8^6T2{nUAYC~Vo;d67^CRSCw0$8(>Mt#1wHI=}3d!q$sc~>RE;^W5
zG50nFek+3jg&wd<{M1sMm;-A$U~#3pLPlSASU~!@#JQB`XZwnRUPZb_)KNSRXQhZK
zbrk(L!kt|4cogGLj5^BD4rMsiD61zXYtV-s9`FHB@kYi4_>BtxEIKtjpn%ybm?0vv
zF|&XEvZGnnM3vS(xrD8hlLY5rbsAoQis?;ieGRDGdNBvx+tDxvQ^|ZoSabr+sOl={
zu`g<_J*pnrAT>jCMjS1q&DoHO3Nb%QMTG*k@HP*}2&Ofy_af(+)DGmGg`uXEQ>M8u
zba&kPh2ctmneaurmNfjfhH3lAlta}@u4T1X!lS%|M~9r{R0-zxc6uMU`=Ir41xi7e
zOgk`Z@UX3G%W6N$*-lYh!l{NL1RjS&Ic)3cb1Ip1NMIt!vYGizsfS;;UL2Hg#U`xc
z@J#2lfeF4|wz|nMlEL(ZvE8G&<Pq=-A9I)=q8`RZf;`F~SmB!asJnB1-BZdoSnX-i
zYW*#`q;hKHs-{G%8kDhd)n|EVI;<ZB*SKe6`nOtFvUZSk%amy2(v-hp+)kIe7Xdu2
z`Zx^XT23jxlezAEy(}tQP~69qa5Q<0b3$G~6W)es_hSgeHt7MYu<qgw9(C9#nv6_x
zV@t`^UgzEjh<a~PT843=Y<a(9GER=c7Pa)d9lSWhFmJjQrFsw3Xwq@G87S<0^^WAh
z+f#o;<sBJtBNA_H#FzhpQ$P-L<DIg!bm?tUjHky_u-d57vHeo4ou|cio<@;{Xw}AA
zWH{J(Qu`^fNkT6krQ2hMnn{0nAdi43o;!visdY~k7?1yf3|;lFZX7kxE35XXp>8r=
z3mGRXTp@EOWJ%K?+RWO{`^QNnexA;2o&U^!qjl%S=hntGQkKqbu4ui6fvAz3%x`Ow
z8=n4BaqfO(TXreG8Np>V`c(4L-*|z;q`3!c997^RwfXom`JI#b>3xOqNPbD?CuQg3
zvHY&c{Pa%5_@AJkxff)967L!RgZy5b`H6EE;<HCA;?{ix(}_WQ0mOQ-LQh?Nwf0IA
zpFcN~Xm`3e7MT6q-JWJ}nReI}Ou;e%3be1(9D|Xfl-yt0r^nf^%G3y`lu<7F4^Ss?
z55~A2aHpogN!}jdb_h82aq%BI969;+#c*hf7aUcI%s(&>h_yklF1L|~>XX*xA^9xc
z9)#GbgrGuQ1)+H@=0Q^3DrDtlJVWz4nQyvJRVugcGV2xGjdeS+HoALcq+-dJ$x-Y+
zQAS^PPKIgZ?(UQo$!d)5<z}CMqO$H{pZpP0fa0U-KG|c*=srbuzioY*tR4OOZEG}M
zI2ksohpUnh{*?s4Clq&Op%59StQh`A_mL5No`F?~cFU9yab~$9^-+yPXWe-$)aFTY
z{|wP`%qgy%<YsFXSQ#l$0ijkF7+^Qt31PRNIG{&4I}&<`*IrF@^k7W=ITF24B#=6W
zO#?v+3k`z?1S~Nf!=br2OibY&^?HqZy~sPZyQLeMhhk@5YSvnhGZGOdrkio2)nsDY
zF<#&*;?i?$AlR{SV><K@ET$sX*Fxn~9nz9z5hHEvyiSNg64tD@E>`2|jQSna>0c-t
zIew8%Yo+pH;;1uB+btre#0%kpi)jgXj!)r9nVcXQ!69}dWJa;I8`8eN1Z;s1Yk;=R
zK^Jj1Ac!i-Il#(&pNPBc`~)TXKCc~$H+UcL-vs=9MVqoggSrdv!puY8Y$?<t<)9Br
zoKjjCz*nm{j)k;A)t{0Q-Cz(l9XU3RReMW@YO;-?I%-{%Wg#+et}{fEWyXCG_RV_g
z)!-XuhxD(&2Tv~v;NFNis8RF6#bI3qry64^1`ek!1FR3gsGG={4U*N3hE|Z+r$lHl
zB5>=P7#m0XWUl3KFxkLy-Gf}4`@I(rh0YjCPLp%gpis}juw<>_;Nf1gm@mX?6u3eN
z4}2jofvmw5ctA7;d7B9qv`OGLfQ)5BV~VqE$fj{2HEm!z&)sx!i)gGH76II@VUKn=
zrv3uywwXtbZvhXL)5<)whYWmOgM-eu!1P=gT<3Q7jXk(7bhO%;m|Ii9@vH2C0I6Kj
ze3AcBj%4&UA5|^}_T;(96qTW=!A#e>2j_rfOjT70Da({_flNsk$b5D%jY%JO8efvh
z3fE1TOv(1iygHbBWnPa?2W5<*d@+<AhH}G@w1H0-dA9PudU>kQjA8e0h@yPWwDC#v
zpX(QsU-D9WddRHr!djb1uEU61Cqbjh>oRNbvAtbvd|OYFj<VK?M#^TeUY3hh@wFtI
ze+NIU6Y!XSGCd-viS|mIsV3TYXnA5>_rUsMRj1f}NdQ?+fo|@XvN4pUWvTn;{#glK
ze}wt(ycDXiz2Lp6pX*;$2C4p4*`>k4bFtX1;~}vL_4eMyyGysH3zrOEd3~(YYkjX3
zQikKV)>f_ixMb<+rR}KNPl~2dODo`d3R-)W&S}s7gDUhB)&e|u*nMfJx|!5Rd^69$
z{4isWZ^Z08n^!=dK_Mo_Gth3Qnv4<h94uFprxDb;iXV6pvl>=Q$rX479mk(pTF3G2
zY}eBJ`?12^A8ZFGhNp{x?;{!;ZP%1nyqe#Cx!6yt8vAag)*hfa5ZZL$4O&@Cwlj0E
zW<FJ!e>#aKFO6Fhm@s0-{$7ii{^M3mL-6=)x{7)ksD!9qE~C%o!mp7Xr8s{Zu$-ET
zBZ5;BnTj|0QFq6!f3j`3;-q$k$98Q3Uux#>b4Ahg_<q#z@jj(&>6baj#O&NPP%2mE
zpR1~9P4YnSr@svHSCA!;Un?U({z}<_{8eTK&sUox$h^PC9Odq7F?s5$qZHEPATy{6
zy$SAY#p+nj76QA6`B+vR%cG+l=JyFYP@x1el|-hplc{7fl~AUVO3S4Z>tMxgF3Do2
z&Aty3gR=g-uCcv=!;rA%B#xY(sMnrd5NCnEX|D(ZIxFT*Qq-OoedZr15_J7zfJ9C~
zWNzVCdt1Hj6<=PZgJ?|@@05)>RpQQ({cc%aN?v6y{n|#A7pxS{vyhPmor^wB^9e(X
zd4_{Hm7^0y8-MI9Dm{^!zm`1M;l%S-u#|BX9a>Yw1+gc5O#S-m!?jooDoc|W;Bt+0
z^B1Aa6&{QE^Q9YT2M*pPn*Rso*VE~Kz1RK*8GYS1s`BJ3UZ)!{KQ21#$anV}_^I13
zs{?6mb$@@Npyy8hjUYdG^9U%O{dc@Jglt}K+35EUX2a@D<-=ARvJt2VC?+qYq7bMm
zP$|v7jb1Xj+nzdZ-JPDiM@86M$L<vPlc)JEc7E3=GgYy5gHXX9!`v`aoBO)n-u6wT
zNqf+nWk(3XUVM3rGCQ&1o8J2Px*K_U9v0Kq8EiZKow2B+1g&=osu#u0fgq+gy&_89
zNU2=EgprEU&L)-3k5OR@IA;q9&hz`_mA+rrX+-+9wOM|<;7{kAp3Xf3+scnRf^_~m
zL6Pm?-x+G%3Y+A&sxqgp4LkVts{wl}t27QGk>b)mI&Qt247zVqyx&Hxzr$~$^?tmj
zHbouzPBmDZDI0etuU7Q8n_It3BJ*K2Bs$-g)iJ-1&ec(CtA4)r3T?#SC2*tU-TAsg
zpLtvzB%cMi`anMYg<&)9@J1a$IsZCgsW<-rGk&qX#0dX>HEOoHAH-)eYHoJRnNdek
zTxoB@sM5M0ldw*-cA|kNN-m(&IkkL<Xi@SJ0l*s55=lQVEn<$KlJ~^m3JQ-j-W3Zw
zL4%)#XUWpOB@g<R^y$*K<cc~fiS>>QdY5bVRfuWmB|tUEdG|OB)3PnQ0PC;Z(^ztE
zw}AJ1$yottATvM_=QB0aPih|9+}!#oIM}18%}1rK58%o@t#~6&2IGH`FN3h0GR;j-
zb#>s4mZ>oXH`=?N%HHY|HeY_525?<^y>&}8#QWytGKAb<d8jnDaj@N3U5nOrKZa*}
zv^l^V;cm~CI?M?lArQUc-H&394HeHsG5aiUak^Iafr-jc(UfQpVwvqZd8EVL6A}vG
zh>s^KOYmG~&XPIHIi@04!G1S}-jA!uV)qj=P`Ca`GyA%q!bA;wxjIte1ik3d`a-n6
z5Upg<s<85+u$_Tfb@P21y4yR-xiMT`H`I6LaCQEvEU%LeYEpT^o`CvrWpMzn((;Tw
zVF(Z^r|r^lS2jHopS1ZvuxbC?D~3ItkSxw%&^%lj+jwOAJYK2CkN0fc5_W?z1$zdj
z#k+m)SZnEZ+g-o;NVUBdxuu}t++z+`rRN-}qgly`r>STDokeqC1{o^$5A`t@sHWV*
zP&rNt1YI>?fxaQ<)GBf1hFY=Hbz9h^Dgs=AF*$qzIvpvELU=;MncN}I?*eV;WlE80
z7?d2CitH1kA*^P5DA-;Vb#L>#(*5=ijMQK=toe1Sm;?4++#>@MI2I3Tq44{{w!1I0
z`+wp5;n23>96jrw1*p6Z`;JH>t&P|7z-HLez9h1U)(oD)>dV1E4i`B@+)jfSJuYex
z&vs#hc#gBQOF%cxBYF$XlY840j8|_9<4&dJ4C8VyfpK{sfbr4Wz_{c4w}oxTIKH)}
z(jHgiZS$bI<~1@LOxHa0@<oC*V0}rZk58Yb4L_BQPYf=fA&k>gylsf=eipZ1Qbrxw
z?WU4h_rEobeom2N*Lc1Ud-wDFj185}<Y33Nyh9mg()Nmr@O3eH1Cv6Z{m#y!BHe~9
zc*0}eC18ZI`17~0!`ArasR;w8AukKlU>355nS3a`L(zwAHs>yx+l!uB>m^&QM#>I=
zJ1Xs?%asWa4nt$P5}f2V5rFkUvr-Apfr=C|r2J_<R34*)L}59qc7<d{&M(L)c5lWQ
zE)7@gMFmERJ`|_vVTzGjdkc{*4QVY=(G&G~qAVuzlWBU;seBu7(7qmQ@{BXCI*he)
z*?GaK(8^P6t)_^EZ4#-N<Uhb|e+<Q|MW$GuZpW^Mn}Pv<yC#H3Zy#va+%%sCzD6&l
z!p9+uPun=VbiPqX1Y|UbJO~4wGM+B#%@5Q=SIJuMP?+Z-A+G7mf1#osA7oBvD#_g$
zPo^jBI&rwTy>u2+MTlMjeCquTje@)lG+bl$8$tS_j4a12qcC0CDh9)jk9Xe4rMd=4
z3%RFn0Y+H78?d^8hsju1@By!*!~OpBh44AtUkCH>YwczR$DEZ=%1DJVO5TXNyZ=xh
z0ikNsj_R-?NWMt{BLl+&me24&m}}5Ug_T4SHXTu36M)YwdGocIWNGoJ?+#Z+hT5wg
zFd_}<OKt$J4Z~3T$Phl|nQw*`%nBYxWUA~1FCSj+1uyRvj8#R6Rw@N_+7>=zZ7MQK
zX+@;yw4#lS(Fg1Wv!V>H!cD$EM?)t4(|f}tYx*gge)}Np&Zc6eud_pDC+NuzfPlWs
z+mRTyB?;&2DmNgmjO4J|reeAwxY#9=@TN&<%JD$@qna`1_h>7rCc}Y5PPMe12gj;y
zMm$wa4OX4?-+(|~s?n@now-Hto>Xamqs+LByiW3UQ5d7PX>)>QVmq34Jp4h!r82Hz
z2#`E$vm^a|!~NL<H(({J!*Gr2hk^53q5{;SATT_TR_I(~2G42*5EH{;d8ReC%VvC*
zw&86-#>&R_ef?#>V{gpzcwAkbNi^&aUoid^H$#z?*}kKS^?~*gr3wlc;Hw?(6KVDB
zD?jGub8n_jeWjW2SCH?Vit0eCVI4X0VLDT(O2ol5Ue)G-neReOVa+pKWU=F8L1Yid
zX+IbzKZM^<N;qx-WyMS`PWvG7pM4Ja<LS6LJ{jvlVv!HZQ67tM&^c2-FT)+cZucT>
zGtKr3&?LnMY<YhvtF&zXN*3@D7rsJ%pSS$b{K>v194>bLjXLl;=u6}k6!3QC7n#D%
zZkwk^c}<RA*SyJKa#-f&8aKbJ*cQdbJ5ULaPfon!xfa1P^&siqj5_0%kHtM5kJ$8X
zB8xX(a=n{qQI+0JWb%fhQuj#3E_WwoBr(<Ee)K4F6t%;<K5E679KnA@rHyv~-Horh
z@ijNTj-h#6g~}96Ha-^%%S(mA7pyPOkn7a(vF#5#DuU-_Q<+ZQNm#35n#)7shnZ_I
zxcUT2Y!ABMj|M)Q?@-1Fnf<{n`{EBTSfY4kgAdWB1Hu*mOT>}+GR&KZvvoU;$l$B7
z|0$MMZJBo`T2!LZ<WItJu_X;!-6<+jG?iPt%ct5gy~qqo9N8)zgDdJ7&OAhVwrFc1
zC^0=-hRBZpT3RXF>PZnqs|^K{DMYJvf2v&Bvjurrpouu4>8dRPG;2Ij79&)rIk=Ix
zeulPe_S~9-TaalzR)FU+ThtJS`o$SFPJRLCqS2PAI%D2SMtI3%gr8)Yny+Imes8DY
zs3Q_vq&74VYx2Kjll)kDxz)rVwp&i)YWgTyV;PDD_a675n6f$Z!4Z^riijr{139*3
z5Y%iUp*7lp;r{Hih-9g6>wiKGj;K|evX(bYuHM8_L5*tSJ9G+fKGF2rO-$kzB(<BN
zIo9P7bRN|*jhTT8eukUAh`dH}xGLGKT5R4c?5JB!LsOQYF^ZoO1yWH^@+FcERFJ#w
z#fV%&rAbch;9p6k4Ku2kHqAsKJl^dPB}Iia`-AJ(xP0J7{7??h*d$cEsglQ1BoNu~
zWl^d*t(l(4a+p3?4xxpYYV69?MHN@1c}~T3Xfh-T3<RJ|hbAmy)37+HaOX5HwU@JU
zwPRw}qe)amWK54HuRyY-m0o0IZjrN%tf~W{sv@f>(I}JaYfT?-vd%W<k42;>W2xCb
z=}wV_TCZrjz?>X%1+Fz{vhr3hadNrC%UZiJPghO_3;`*FgyX5`N)1ID>9C~2ose7#
z%R8xPF!*K?S2?f_T?iKA1j<}APUHq1?~z=WgVtQq=8&gN%U7RhN=Pbcf$OXfPJYd)
zKQ^^z(JF71&?8Kzt^;nrMgxfi>TFJljFVWp593ywig1V}t%sgCXgzc}%X1hgZnk))
zmyo5CsgUU%CyTj4(`E7q@>#_F;V4b|DOO7s$n1C`fr0cW+ES9`BZbW5H^jps^=u9a
z4(Vrea&3<Lvxue#k@bVFr+h}WVQirYf~WTZ&h#LL!45r$QAb1F6g}IfV{;|ahMMU?
z)R^m!GS+w)7Dp-QK}6wpDd<52Ty-nk6s3|yS*<iRl}!JkKcWiVZ6urWBK?OBWZCo|
zQXvy@VCfD*^*hC}k<6an0oHTJ&^5V|s=59{_AJi2%X(oGQCV>>)PLyn#|9E1d+quU
zU5mcX&Cq`s9<TI*EGt)mD!KT>S;ZW!OshSKq(%DNQY<T)$uKw=47&oHG0tYM85+<g
zt{2mmTZY(And>FESiJ<KX{<KyYw!-EW6605Y_KYu7R2gt(nnTx9f(rWxT4frsQ%Dt
zWw>TK5ZzJj35U2xgxaP}$=zsj=S#2xsy$7J(24+`?yu$*A=)}5gbY*{=s{G!uITPk
z4PP}ah@m7S61Tf5-%KB(duB=zbv6_gu3C1lk1tzE6<HTYg$Cvq>3hxP^Uvfej=h3w
z+KrND<Mi|Tw=u(h$<~IxX0=t(cfg_dDPJW?0WX(_;-{tKhT{$IZza>e8}8`6XTVRU
z9%6k$v#Kjkbx9T|*-H2?vP#!rrd3znB=z_nfn6i`y;CQ8vrZlBJt;>C-lyn>ikYJc
z?<8q)p*+*pD-v%QD$o&ZLV|29Z6<pnB_>yalyW89aw~3+pa-kS-Z=z45gzRU8PCw@
z3*ds^gG^7aoKvmfEkzv$?Q|B?yt0@cuVNZ~y*`!jytKgJ2*&$`Y4NS3t><kl_8@EH
z72d|aTnL(cL)62gm8}sC-Cqkg?(@InzOnmFo0s&Pd=K}A$i2U1-ujJ`pUB_d%96V=
z|8&ufp3YLLx;uSaW{+z9Lu_jY2I!PVVqfv>){q?Af}(pXNqrytHemlZqrLCo*GpxO
zzSKbKw|U$s(b-PaQH)Y+8}{yZv3gk4QD(L<nP}ac@f`B9G&(-wl&+)gS>26ry@coU
z+*3yIL}+>6D2;DVkT7^C*QzgJXkc5wEKpKy{i|4bCgzt7{;bg2{NF)JT)fQR2g!@p
zE*t|KhIXjGRNH;qGJY{-m6FxKh#Gq4sMiq-J%}cSmwbn#3Q!Rw@K`cFg;3)z>VA*Z
z(%mA{xS5h8g%6=-^41uf{HFr0VO*N%^QyZ+EpH`PJgw?(1W%@O+e2T1sXy(zcL8m@
zYWpcw++%zbe7fG0sRh_#v%Q}6x2nc{k3afkj<N9AlR5h5&fk=6!}}cOIVP>A*<`IK
z8vkVa`%c_^cfLjQ^JG}IF%qoO&-E{uUopIUj4fG=@cLz?IqAnru?s*lc1Z-XAC*9o
zg6s-U`)dQub`Tcxf~W5VZWXk1H`k%Ji}L-o!RE$lkTzS_x(DRf-rzZfmUsm%K~rvY
zSWt!t+!l{|t4F9l&fj-bVd$hn?Qooh!b1z2_7rNTV%Hch{IfOUeqD8~@u)<#v_@OV
zet!y9cdp{A*sD0n9&!~kigQlgW)I3_vE#zYr2lu})6@5`Y4oczoI6H?g7=~1^}K~`
z6BfvE@*AMjVb64_ybs+&zOo-ALH?^WPwvg?CSSt^*vw}pZ%yfe)=m%DFCU?yObkPo
z?tjsClZ%HSsq|C;n&xPng#$|5IzAmxdi2(#rnGOg0MYpf)$^v{g$>MrVO;7l09qFn
z-?mCb8J3x$!`@6kW}BhWOCi>o&DGip5E)m*YU4QPeNE#|Os+38`Xw!5aFBYxK-H~#
zD8;djsP!C1nfX@|CxulKeg<o6k~kBMgmOx?-QTBFB66C|v$eY=J!rDxaceWN{862S
z{zqm0KF^2_?Oxv!+bWOqEDpeD1j?xKbsaR$7R6bKlFz9X5nPC<e%X7mO_n`Ha8avD
z2jbwWRgsBUR|#_==b=LT6#BEsG-PTllF&<Dy0N`(_kUB@$=&~BzdyF$pW5%w^*aip
zM5mfJ)vr*hv?40KxOFTbO8t#%Qi9@sP`5fEmui2}_`5JqxJU;Q&679ph?+B-kB#(}
zA%|;)D~Yw#7d5B1J(VzGZ+jx<)=SN?b@R%oxn<iq?${>Hpj#hqj^nnSYUat?q#$AI
zNpg(uqlC>nqvk0}cAsr6i*d@fam6^)92dFDP>#!egvL{LebM-{@!Woj2JnyK)~5@b
z#a|khnp^+X5?`;f?;nl-ZI;QE`0IN{?py4ax}$NW-v$G1Ve33U(fAE=Uuaf6W#eOj
z7$WlD*85q6m);1*UrDTJ{KNciJ~0~qpv*PVxWwtVH7%CBwvA%lDxURd{9onf1*wo~
z+yCO;`YV2-@fY4m>Z7Car(t@-eH?#%pA28>_PE<r%+`P6heo)OY~N&7!L{u=tXp4g
z?l*m!Y#&eE@ZbE<X#8agf4T*|3hVY$M4%^z?_^AUchudc*4I<OM&MRK8>iY+E^xW|
z5bk6VxZJop2w)!4#^(_EAc{GH=~IN!`-3P_e~~ji`{43DHg!{XkDU40e(n9esUxD~
z?-(kkR>y80;%;}PPxRF%&$CyeC*tHmhii~JjbDGG`Mmi)-or&L@ccfqNn#vHQ7`0*
zRqZ%>+C;LM1&PhGiFmP#&V+rGJoN(gQW1^0x|lqbVKnJQ)cOAdsh9C+TditdpZ?NV
z@=uI?Ou%7_Shi6xc`KgvnbC5|os1SG_v^jy5c$2reaQE#HZO{G+y-4T7rgxo@>+$i
z5wVirR)!j^S21?^V0~<4hze4!lH2}kH4cBfIWQ^i(QrNYRqieJ`~cf-{j}QPZI8yb
zxohu3zz-Fm9}m!QH}~pO3HXr$^y2{<0q3qeoq(SxKtCR!L2>Ty&nDn!3eb-S*f=Q}
zl@oyHYpQ?TXt28cRXTajKSOtF_XD0<JUv)KUK%wwT4A>POMUgeu(B*A-^PpK7W(Te
z9M#LK-j}8w;!>`ccn}wlo~Ox+wiHJFW?XL+Err?Z!CsS`T&Zvg`F<T3W0=kzL{pcs
zF;xIEHOi|)kW7@^A9#D-mDr9f+snpk>^w^L)Lgqfzy2^C=k~MYc>vMN^A~6m>eEGF
za$h`>Z>ma6L+{t}jkU(JAXc%v-`5|jo4-y?e3|AbBArSKm=c?{FxNgzIY`%_Jo|&^
z!!u9or`o(vX)TBJlFnj$l6{17($uvmPJb@W86M}nXsV=1w#VupwQ2%rE`oo&?z>}I
z#67-(b*|03mam4SZ>YV|iT3(SvwO6lo!`}Q^p{b`QO>L5D5u&ug6askN^R;6MP=QO
zO1B;jj9Q=W{sq()HMU<v8}=3MOS!kG+}0xrmlW6NWU2LlarLw5fl_Pzq}lK-ClAG5
zPENPqhuQDL?e`J<&i^-^aMCm1Tc=e5z825*XHm*hbA5wpQ-9I;D{f@wd8y4ISIhcT
zvo6EB{S@N{#cf(G{|}mF^1i+A|1=EBKN_F2dJBusxt;HMgx{I(_VU|$6&Xh3*WAdQ
z_B3ynjXT>rqwzN~6KXy1MnZfIaT+o6Uo`%D;`q8~BVqbBhfntQMpswhsX09><iBWq
zG|Zzbvw8H`2r<ssr@uPXTu1A>5%S)PQ)LL=KaU`@{nn3Qy=Q?r5|y~37ax8()|8yB
zF~3`fzxL4Cb!YKhD!nnKSMgN;hsLzzVKw?go#!x~SA}HJnAkcS+U;+1Z227dpeV$B
z;4Z(6xMI6chQ-HwF7eX*Qu?=|YP=kxbJHNb(};aW(wbOv&^IZUR{|J?bJ}!@b>Kgx
zLhy$0si){WJm;sd_7Sl|RvfFfIdC_)i;Wt5t6>%fAK8#lni|!hR9bYd&Ffk>Q9IMc
ztpdI!T*6R5?=H5^r(*H^Aa$(m=TYWO>06Uj*7@TKg?ioh(pnpglV1Cw`R%MuSgM>M
zBT8m5YRMz{EjjAXn?F)ZmN=UK1;r$7Em@|tWFfuw*lo;P1xK-UArOQG3_IOO$Erek
zUu!1;zBGBR)-aY%=gr?H-Abm)K9sMwH^76jHm<yQu-ZDDd1-2(YNH}NF*Ueo;NYmx
zKr{PC`&p#$6xl3!_P3{EKa2b|EV@&*W+Qm7j7{T)pM<h)cki4G6zrF^V!5w1PcH2;
zAYP6olFvn0Qu>hj9bk-Gm*C4`i8h_h@l722zYkk~xqeis9BqoqnMwi3%<fNG=P4Vl
zZFHNGZba8`dM`at|4E+3pr?f0J~u(yauw$Jjwg8QV{CM>htn=4pQ05%VWk&akH@D!
z?-(drA%h-mgzGgyI}#Wx=RXF;jFfows%j)6Mkbi4xHFpn0S!7*xkY2Cclnl=Cbb#p
zrVI*YVj82jRvgBEhqAA&9O+*<GB7c=Wi<2SJ%JE9Ae$hChbOfmav@}lEDr##2<GtE
z#t~En*I@M-LW|(={4GG-miFM9-XzGp|3eiyBpyCwc)8bP1nY>U@S5yDx#;RTc+ar4
zegW7KKB^ps2xp|SKkIiRE1R2!R|an0O7>m=ZBcj*n9(<Yo&L7$j0m;Fv7cCHeHFbh
zJ6gYl9OBj-Su@fkRYn|_3L`LXor8DLj?W1U>s!5~#~dGPpHlcQ(U^5(^w!wOaA?D|
z<&=_lQ0wFheu|d;))x{#402r$-T8gmFL{RIJ)NKaF;8078Nv1!PngyeSFpo{!>TQZ
zgsjVr7Z+OzptVoNf6bO7(sZeRc`QUIuS#Rq=RU0E&(GK%?V4*PskM~6(*V4T+)By2
zGCO0_|3G6l<~jo6<VQAG2~*s!W_H7qhUS2$mquv=h9fN=JvQw@t~SUuz<|G^oeYAK
zLUZlam*SYH&mBHexJ)XTjx}>^?o=~Z%^{qF|LVCpGuO;rW#-zsYs@@!?#*Vdo4d)(
zW_9k%ZmG@vz%BiAe{{>h+##dNt2sEg!7W2`zZy25<#V+|%(7x`om+<IX54bf+<o0L
zGIyq1M&~Yd%gVW@yQMz&Qnxhbu6N7W+y~vVYHlY8r_j}NFLukCxp&I4M{7nQ&_ya*
zSAfRJJ9Og!)ru90@wl(>kC?i1Sn7`9*IJZze#396^*D0x{@y%vXc%>r$z6Zbpj>bB
zra^7L7nr{b%;Ee}mm3T388|ub!Cq-Sfe3>YABDt<t=k7!VA&o~8kgvP|FD}_yv52O
zZ}$(d#x8jQ;Ru1%vGrIIv@YhS`v>v?p;|L+0ydrZ_D**X_0!#rlBpP6`ZV_z_DhRy
ziu?lOw`6?hFEBK|JOMcLm)&19SNPgbi=X9uGPPon$%TdAQwSlbpPqk#YGsa5t}@KB
z=)%JAi#)2RLvl9%D-`rDFqA|W7%~@KV2m!fz>s|N^?;DOzZmVEIN!nh3!!P@{e{Y%
zZqvjH+NotpucZ!hQK2LrKe+=J6-(Vyj9uKjr_kare@~&4QARC8d1?y%ZPvf2M6$kk
zJZ@+^y>~dsy+x0*bG<TsZq3$M_a+~1Fw=ap`-^<9h^<$^r{Yq{p_`WvAnGOVFw{N=
zyTjOc7*u{JRPM_gEs@hNUGOe(hoKw~a)<FdTIIkyjE_bg1x&XV-eHIcqmFuG@;m03
z*j9BmYGv0MIpVT;<QO3QzKtbHW_KCF2#hKk>@1sp3Q^7+?l0={Tx<voU0=uyMTd(G
zrB{gZ_1sz)(5<qI4QeI2Jm9qCDHPAi&J;So>^&77j*NuEksHV$J26Q;-<Wxx7B%Y@
zv-Re@U&H<0lKGM2@{r?OGtbi^j~BPzmiZBJWr+Cpyys}}TmVn%nTN;0iCgc;QlA#B
z35nmC`JEcAHow-pGB43x@9bwJcdqju;w*LclaKRW#aZcdTt1)WxqRNgAfHj_z|NT(
zxhNm-Y!<?@G8f^W4^qx(F3!Q=&Bs{?Zw5;}m(2$qT)~osugQgfs2ASDTRwyLDT0O?
zo2Pnl@)iE41#z-+R_DsO(W9(37MID@tvAW-c{a)0#xM2_p*x3**HW^Qb$J-1SPYvI
zNRv59;km7}&+Mf&*l#Ot#dry>WTnb%wD8<+Z;#2Yq2tJR3v%IeJ#ha(W5B}re$F@1
zs#CnbOiV=;f13C<wl9d!Mt+!sjb0(yvBvi~e@yGCvi|$vWj$+gS&IL|gU7E@-4r$?
z14dg?Ow4Uz+`5rPPO-HQCjx7KWDKIp9W&F=(KPf=A=FID)B53~nE#`4Q*9cI<G#=|
zxmjI;_vE9O5mvnX{xO%&E2Hr}B<;p{@jg+vh}mAw6`}jAGmqFgdYe&k{)1Gw8!5es
zvB8PI68>^aH9)WwAXsqJQ6%1d=D?ZpSPoNE(Cxz(r0ZU&5qE@8`LX-|BUE7Fs=8p5
zsW7A0Vxa?|*Qt&jRnAxs+3ZWIYGRtFz1kc~8;!!gQa9n&VtJiC3^QFV>E)LRMrvfL
z*l>+)x0hiYE`J8b6)Ff$4$G0lGq*=*y%MI2<lEM9bY?I8mE)TC^RiIPK!VCSmjg5~
zY#`2*+^R-JgvD*hp`kiT1r3#vhZW+jFc=CZ2I`x>lZEX|zAWT9?!Jn(WOBm7^{l5m
zYjOvNEsmqjQLG0_gs#^Aa?HZX+}xMgceMUd2lhSn6D1<BMl8Eg!Jtp|*_!T08U5%1
zc&Te==@$kDh*Bv>Yoq<esk6QDQ(?upV)BlX+(EK*IFN?PG$PFAaS>;Wd3Oz2d&y2(
z7;l?~9K?oJ>6I0`;Nfy)N({_W*T6*5#GGY!`WPmD0rl+|{3~>72#m>MVqUxyW3*E;
zJ#vp%n_1wr9&wtWMNC2qt_G!8(3(Siux+@EZ$EL%^&k_chcOjo0&@0_dfD{IU2J&^
z&I9t6r$JLAWnP@DwB53vHK8$sB<d)#0a7+Gu>ltoV}K4aVuHIIz=m^eqUZuei~+^M
zL%@apqWb)28BMx}l2<h5_I0uc|EBDER&aw^x_6i1;|3%>|4?=DaryOiB~WDRt|xoe
ze@WhTFKGU&f^Dnvck6MoG76YiN3I+Qv4e1p^ZawN`ZGFH+(30Di#_$oDESjcasDIx
z?s`%@y-JVtO^^vVOIh3N$sZI|<K!dKdJt>9Vx4N3kTpiDMw+(wnBzK5fTH@`eJ<l+
zN3%P(_XQv+i_PtvB%J)UN6VEbWgzZDmDb>!yg4hzEJsjYDv=^oCrjoBtb+Lgn7%g=
zvuEc844d_t<DK=>TnD}(oeK=FNgLQD*B*H)1H~4y%I)klPiA}2PK!V(P?MP{P?IC@
zo9<BUM@@JM!+2jujpG%USUxet0gd#M7>O}d8ip99Q<0{6S8T(R?~Xd6zo{dTH3@B!
z=g}P!3Qb}L5rF;Di+~;;&ieGH`O4(XI->66-=V9hBjOHLL+qmjsxzybd^cRLDdne)
zeW*2wXePkIi>UKAQE>Ng^Ak7lac@?E#-e@vi)5X@{Ad+t?6;RtM(fEv_Y-g@PwBZY
zll!UWHu<bwy`Y^6>h#=~%l$NS8}oY?Yw{$1T)ZyFn(V;LUoAKVq4P6`2u~C)ToCH#
zkpBL%Q|LGB+*JEm{Y`;KePwsr81hN%KV}|4#?Cju+MGgsb~h!#$E~m9Co+s{rnF}>
zxr7CZ$*e!*cCZ?Qa`7q_PadtBS-ri!0J!y|V7ylA^`g7GRaQ*-&VP=0EM?56WRHpJ
za6gxBw!FP;AoaFw>O*~nj{)^hsMpqaVOed<1TH@6tLyg8XsUA)C7OErZ(wz0b}+X5
zt0(Csm(j_kP&Sr%66cT0+RGYA1XSgzhv43@!Rd>$eAYu#-fgCj;6O@8U5Q#>Jl42t
zxFNt~J!!k@Pjp11(({Q^O>U-o@#^H?WK@zbVdzaQIBa2s=Nwj8T78d`P)F+g9a`7w
zzN-xa)C0!q$ybOnQQuc<?1KlOocxyZJj@c0ZThmWYvaNNq}7<hD)><`lEwZeFatuk
zSMvb^4SL?UtbsP8Th+RkH&?Eetqx~V2V^F!t0%vwWLr@8&AdiRcti&VgU!c%c8LNA
zg}%n76YEAf8aJn=L_-=Jk$Zg{L+<>Kb%vc0R{z|W<Y~gNq)L2r$nu_g4}$WU%hr=C
zz_5H6j{TWf-qO^234cY|Kh=82@E<3S2KfCaYMK0DAfJ2q6PI09O8%%y@IXTIA?8sw
zk1|g-1dob&WN$VIx64|p6+C@Ig_Tnr7nps0Vfd7A0zPzfVeD}1f*~QW2SakU=p@>I
zPFCA&0^5JmuD=X2pM>VWLw$Ck6Yyw3#aqkk3(KYhjO&l+!Mpyr9=z*MP2ue`-q;?z
zwn|CPU5K|mi}5Cp1$dLkZQ$*YLwax=a<?8Fhir8?)R)D0_b9Em!hCVuEAg0nGa2{D
zMN6BhM=QqNu+>U-d#4Vg78&7dvt4M|rnp{Dmear5o9u;mTN5n`fo+i&mKzq0XFyj(
zeU0raVsy>l4SF-$e;8;mdV^SqTK1@AMJ-#@6E0G>eRo`+DaK<*t(lvgTXtFOhbZv&
z)#i5KPStBNKM81Cmp>d(RoA}NJ%$)q-1XSHCg^PN&~ihnUhB2K62kch0L8o8rCA57
zRGzJs`gme<hfjCxil492UBtYjInVdar&6~5!mQXoH$9(43#jJ+&KGXU*BE)YXPtjN
zK=e9nM#4^ezGi;~d9sJ1@7c_c(EEY;_Rsx6p5Fa!X&5Kpr-=3$YkctbVoS+4@!Swp
z8Lyc|fI`bigQmPmD%%EW+H|Byf##Gi4CnQ1f7461X4ADPY8Zvi-<j1p=~rIYWnhnA
zo&|ya$byXsk^x2hWESz7UPM5!#cBWC*pssQsqt1Q$?h!4D-;@9L`!0;5gf=V%4VLt
zFkD$YOQ$Gb_H}_yGEJWBMNlToG1-IUA0Z~+q({>Tk=@(-9<+;{soA=(cPQi&njUn}
z>kOH!q~@<uDiIgtJ?uRk4KJ3DEkMQu+D{pI#;oBc>SNbVG~#P(PNeo;xQ`-w?R?UC
zAl4NQ+1z`3T;pmlKfQInAiqY)&$CijwmHV<xSwe)GhH^3<`v7r{lq<j@S>*U=}kFF
zM&5bSal+J^ax$)7`DU=(x*s-%{39#2{-132XVPdthxS-zxip%uGmZ$b_TG}Op}yGl
zz6rF@HP56J>)#vGy5&H!<w1>9doP}U7E8YgPp<AA3Ol3ea$pm2Yetzm2-*YQll*?J
zdCes6sJXrH*Y2~o_~79v?|vf9*6!OqhtWR~z>zR-xiw8zk}SI?t&EC_hVPn~ylphO
zP#|we$6U3E_6&mmnUq&-T?aC2Fnt_W^6dzB@GeHUf`fepZY=i&Ns`IE4xS$?Wn)Ct
zeC*sWz_{c2?8sEfM)t@@Z`*8b>pD0@6V35-E$6y!VCk>7)>8rFU@WU9wr99oz;m2@
zLvV8WkHJdvBw}=*!;Wfyzr+E2v-6EqZ*I9Ty2eC@Y;CNzMbjX6g`ZX)+97!jctxU~
z$zquhmhCk!A^tC{El#nfdnSZ5!!40>(ncn79GDaB=AgfQlrt&9Gbmo$!E(iBhy-r%
zTJM}P_*Rn`?*;mH|D|l@La>Ejs@&FUa#>i;;gR@p)-EomI{$H+H~A$HZdj1zm&=n^
z*`e?R3h$4CKqk<ZFVhuuyB223)4uGnn7=aolz_~19oO2&=LB{+nDYw3msi^vlWL$?
zfzxr>meI1EF_$BIVTgBNen$~OYWIWb+r+$~$|CtpVEl%S6A>IA_dPv*mpCq*L;1g^
zd_TmF4S@c3t85a(J6EvMnMgiCHJ#VO-&RgOiAQ)0$AyGHzkj%V`2<TeUV2CSvK5!s
z_V+-Q(#Bxn=zFGb7e|G1(YOo2`Tr277LR`fU{3fGKXG%L^Xk8m3NQ7=O~fC{#C$dp
z4)(?4*Aip<De8B~OKRQ!7n{(g&WuH)cgR$^cjnv5MzRo(ufI`%Uk%`U`84_ex#n9)
zyZC#3&M$9Y9Pj_{?mri2cXc}9F~##zrpmi3zc}#0s)Jm38((a)B->A^69=+e@>`Gp
z9r+HHzI~YSU8gtWIL0!TLUZtXhrdDYN3*}yl<D%tW~F$Y=RF!ze?4B0@IFtTgEwxD
zZCu2|aXeGDbc$~?v#)y(GfUkQ%q(|LG_%q@2{XGuU*6-+5Vz5hjDoq9-9q_h1$OVR
z)OKd_9$=&?hdKRFk;(ClY~7PpNJqasF|t@-)BOi+Tjhgl8>SLPc2|&r9NK~&V?m#T
zWPxy_!h*E)y|A{YL&C8w>j5Sw1!-09sN#XS;y$v5hgCHvu_iA3MsuM{<1X(VdEP-@
zmHU$6LS7a5BwM(}$emLHmArS}00xr>2v7GDAkFau<Ym>yNRy=UvRXswZnw|&LoOrR
z9Fl<SSde}a%@hk=;{31b5!=!rG=s?x4{br9Q<B;`Bj`!G-Wvb_ONI$s8@aGsvovE{
zSl0EB=iDXz&RxRkr(qOb0zLkTQ^;oW@KisNuXTR`Otvl$%^r0`p~<mSpQ}}Kc;hE`
z$18+x#fpeT?_w$VA19>UQ!sb*+l#>JQHy~b^H`~SH4C<kmewsK3DHgvj1}$lYJB9v
zc<LolNA=1xpNM|aB+Ivqg(Oi&%^9~IB_JQ5C~A{0Q~%#;y<<%xfq!)q9)3BXD)YYZ
zJ$N0OE|SZIp?8d&NUj<%g=lQcRN6)zL28goFkh9a9?)JX(W|l5X?(TH2JQsJZbypk
zibKvJW7JW%=cMt4tZco8zP{I;6519t2B=vOZn{6UtF6}USn4%9e>&?q9@z^GrHFZZ
zc7tF6-Z@40myx&rvX(qN>Zr-IcQxuY*Fy2)jDCqL3@EPJ&|M2TcCzY&RBJTXkj<;F
z$!lSFUo2l2v%6`~li1YVv61pYl&kfa#u+h%Yn-`*qsplyT{x=9XNgfo-ae{4OjPwi
zoCl05zGrS0hNe@wfj^tC@j}{JloEARQXu%h!s`3I*hEmg&-Vzb>I7A5mwP=yxG6a`
zS@K;`M`o{EyPNX|3x4y`GJ4yo^F&W1&n5DBcBO#~o`vNl?t;MGr6zE9fViKcrvi9p
zKRv!&qxBTem1;0&7m~hpxQn*@z1s3%GI`5gCa;l-<DvY{B=2hNMm$}aKVp;~(jIUL
zJ(J9<#Z#jk;J=bVx^;i{Wb;4dr@uWIC1(OwY5r<C%eqdHfL?iW<NWp}v9=&W2I6&A
zd^s@v0hpSb!||8t6)7c8rsr|;M6YG<Dh7vM%KmaAjx3rBJZ>d7cDVH1WE<9juz4LU
z_MY2nqa)Zlv3M>Yk}8K#+dGY&RG5Tk^3}W<xrTGt590qvjSW^lay|jL0WY;;z*S5o
z|Db_YnLmbtC+Y`)<=baLHE1tMm8S+v_Iji%%sR7VZ)8^M`%LQooX3>xrOaw0b)P%Y
zIRD&<F}~I3pW8U6vHil4Vtu5qy$028{NFcRyzrcgndh8~CfYtJ4jt}mZl3v%DwXrP
z9Z_gM*w38q#e+=`gIKjb`vsVtyl>AVDDXTn^U3M)d?WbKU(AW>)KfU0`w3fB2>&$l
z;w158dHIoE+?C$}dOYj?hSUN*o=;S_f3RZPU1O@pQ$9I8o>GkB1w|bTI)`L_a1%UE
zhxXi~p3KUgm~zg&nR3pDsEpC>L)|#tjfZ213rBg%6xepgFwTDWPwFG5NNd8|*}1ZU
zF;n*2`YNoh^Wg>JpRvgA=v*FO=Z13YoAB^MTLel6dE#Z;yX5^IeqaRHqspc_N1r9f
zf%+s3^yFd!^O_Pft#PVYatWbb!$Ze@ds^cd7A?jO#Sn_5uS=$MD=Mz3acm#q4i8E`
z5A6i&Fjn3(cGZclkFzpWsVvs=DIHr=t3p|irz~;CASK7d{0v-?E9DF&evv#m5-CU3
z<k<>zO@LnD)Xo&*CkSF|&5nMj&I(6wI;M!sE0O*_hPoaDPFf2kaGif4=F=^a9S6Gp
zKZ}v+|BGDfUzA*>cuT9SoLr>FFKyLzTUL9$gTBp6l|@iwnd$t?B5Q$M-GWlBqX4m4
z-9&4seMaqBcL$cKCev=3?6%xoW#xgn^<=w5#QL^Aou7l{Ze`XsogT_bDc~!#NBe{v
zdf6YO5Ev!-@(X>bVgi^R$pT&9W>+8<lPe8USEqRZq-f0<kCMM8%7WTmVQE}1<q~Ox
ztbr{Tgz5}z;z=B3kpnMPog0+px<XgIF=Ir38IhA`s*J>RUIqn?uKTj5Z+C&3*R*n4
z=jmKfXT<DX#Ih4NkKFRe`~mR29FbG7v<S7e(mHQmR=rC$Zw_BU3u#tq8=H1ep8i7n
z1X22+U$@sLvGK2j1>1r~Tpw|3{7^tK?O&}2Fs=H8U|l^<zDg||H*u1H7v_+3ANO|}
z6HT>mdQVbH)UujGHD~^_0E@web-n2nHb1Rzy-X_y*F{+}F&EyA`!$8xq2d&$^;v%_
zw~hs>sG|Y8+|yn<p#8S-q|7tMV;8Bp5-C$5W%{G2tERV`TMr@&gh^FG@*;pl55!A=
zpjt^@iVG48w>tX=ca0RATTmq?c2#bWnKRd_B8L_BzNN6t@42zRwJ>lvK|14j5hF9t
zB!dg-&8+#%<4XB5MSMY`HdSmHwx0_XS-Kv|feKRlmAuq`R2e%fZmm_zOj8%vGdWnz
z3H?SaOV=oTBjJ$VMylk@Nrs@HlI{&usQV(#o~C}&)d70jmXdQx;`YUw@RG+^kT6~D
zJ~ub{3Yg@)TsoDWoNpcqvjvO`yq1H4Nr$ATtk1^$O#5Wf4pUlfa!BvmQnohhol$3z
z_Q|P3L)BhK)i$KyZxR@fB@?67Vj*3t_)s4wUng=<f|?tv!Zngdavi?jlBUGBE8=r<
zb0TtbyghBcnl5wtfNw*aZ_pSU#vS^0PABAGb_@5r{4LyqIQ1;fGRQi;CbPbJ7}U#I
zHg|*BNyO?b_9T5Li|uC}(tgAf-@{`b$<dlz073_=p$BOZo+@}vxn}L^teTvWExxKj
zFQw+tMp%gbhJ;m9`-;Hy5s)lIC(1H)cc#`c9H>beHI#fIRxZ0mQe`Knb!DzCgLYQf
zy{uCYkaMb?H3P|s_E{OxCKr(xLxm`{l8Uk~h+Q$|qsY_zgqSEB`H|oVfIJSnGy54K
zPCeiNWvVP;V40fQOp47EVb8UN6mlEk+qF=S(oJS2AVHmTYVAQ1w_ZvOJ>TPAN|Od^
z^nzYbSWXWrS*RCyY+mzSqyRNQcfAscGo9!&MCSoH%WVzM_D<6_yrSSL*+VcRxoUwv
z)Lyt48v|6P^KxMyvEkWR2A5Wb>Z;Ed(4W6iseN}~U26`p-TN`9ufwwTb2W!=><+;?
zd0uk>ws5~Xj*Wi81@U=4@YiRu8Q_7`D9E!#g;O-7^B3NFWEb=FY!^d@jhQmP&GDmF
z%)JzU5B#ZZagh3j<-Gd{p|{vQ1H<RL$n@sKn(w3r;*e#n-x5FSD26oM%S`@;&e2{r
zI<UW1p3+sE?)U5+XYI?PLa}hzM4=|QBzvfSTRb2?6@2jY!z+8~rJJJffb<3rCrJiR
z;Fyp-4^n#XM_aUd`5i%ir6u!YMZE~5v_7L_p8h7JwR-BhRYf*ch4v8o56@CN&YuP?
zPP*dBp9#<RWk+gHCyIaaIz`!^-XSo-y#|l&BY_&e?O7RI6>K-NuY0D<`HRsP(S0;l
z=N~+c()4$bJS^?}ywaTQ*(GmR5swOvcgk^YaJ)l~$0+NbP^n;%P^ruyRC-@`^_HF~
zo#=eS&*>Grx4ON9=V@n=XyJL9A)+JyJ0cz$&Hy$QhEDJ^w9kga!<8E=i$#5rNY-{P
z$t#6Dk8+rw`glzYep=B($8gp$WOalke<Cy-0auj4<)GH%B~QXizfkPteVk1O>wC>A
zw3h7oS(EyPN#zALpQzB|{#p$f&g|rolko=iI;1mJhrvqKRjRtd8PLZ$X~I({2X!}s
zXSrh9WGg1AVW&;JOvRHi>C1;Ig$=1`$mbNr)XSDlGjrL`c6DAwKQB}a4;cuEj_8FZ
zql%#gdS;Pwcp)_!EKi-3ihFDLRZI$UaqqW6U@+LiL~G*Ss8e53+`F1wO-|M1`TWkm
z2lP3)cC14<eqTjS5Li$~$?kbCagBB<Gi!lr@;tm-&l35c10eecMoMU)DESgN>Zlue
z^aC6A@g#z<{aooyg>|1Q4DcRN^v5)n8Z_!y|LUk`CYO*PeXBUbm&fptbuX=C`eg0{
zUaP`u4%FCQEY5*it2H-efF3+Qhp$jrx2{kVd>UU*CjXafuV(Z+4U3^yR47QE0GPVj
zand%gC*x(hG8SpGN%KDXXwUmr>G!qXcn#>k6Z(C7l1t|cYsKzkW%P9~z|e`5d}XF?
z1xo~Xz?Kwo>pc|bBDmQe&Caiz134kd_Yw&i)l>6Vqb*||(t2_|II%Pf<Oh+a`8k8~
zgh^zlGJRi*##i4cc84lySTf%3=knyhI~3sk(81sx%E5c1!%O~xPji~x(*ob`vl%;x
zawg|%LFuZwlgFA}%gFSOROuf``VXqj7uK&~^+VN(6wTbG-ZV*I!?UC(6e{!Q;Xutr
z3l%vvq{c2(dz=_`WF{Mkp@a5QgZl{FQR^hoC?0W(GJ#hbUz~%+N~wAl3#))r?clt1
z+;-L*#`9R;9Ic!z)%WF-89OEG9p#zw;>FjJzyg$C$&~oi)R#>5$)(PK_#%=-L*?!z
zGK<~E$>{4|jIrb^fd4PN_LqN^Z|ZJ(k8g*7s&*gmuo;L&1CjT;7$fcJ(yGTIwnbY|
z6QZCwW27=vo?5rg$M`DhhN}L49}gp>R#dkucV071e#nFob%Y0=Fg2H{QWq#LY^S+g
zc-482%i0NrJP{T0h?6hVxO$&5OOw5#sX|!Q4E6EC?vJb>#eo1!81tJ<m+W>F$)q*O
z#A1nuvTAH0E`OJmXHa^1QAgE3m;l~TpVgjuNlC1<N`QcON%ihny`20TU}L(lpz2sQ
zy&<ASOA%!ER8Gvhw?pNjib?O$cWz-_%w!X!_q6UR7S;ticErQ5?b537wU+#aK4F?m
z2Y*yO+n>tkTR_s=vC8Mx1AM-HfX{ah@cGXJeE#bIpYI;v^Sy;WXrL2=8v+Z<=)Pv(
zVGaclk_BMT1^g)&@TU-fivLS3`iaqDFv|0nB{w-=W6Pbq@9y)pF-wkPX11L+#rg{*
zKL9d<AA6ACA1e58uAT11pfm|De01&PX>qjf{F}`uj@+Ew6(duYc^(jaAqf?JEy4h^
zN{wY~HoEy*?u(=5SeEd%^4P09i0XNS+{napTV=VS3bfhk<u=~4-mx<Fs|+#-Wsu$h
z4dqfuD0g*Q?iwrC`fpE05-7Izir(C_{w1(k8AY3OuoeU<g#<_`BS7lV3sQ$3NCWhM
z8lYdBLVu`1e<ou4H@p6+II80?fe3`_#ksDNivxXsw#auTABDaeTVLfuKyp%2gUF4b
zcHJfflIaWhF5&`61b>Bq9tdp6{(#5it_4A!oDCPRP5x2AntyeJ7Rnezm$w6(<^Dg!
zSq#UEf#auwV+;wCEarD7FC3$^Go8QHvjL1{nvkEA5Ano6F*e(Z6#61f{i9FKt}NN?
z=S0EkCT`+9Vd5>`fj+`T2|SAQq61AYsXt1}L%8h~<w}HhK+EY`QxjO4`C%C@wG?qk
z<=@<@MgU`Y*V`|)<}$SQW_&|`h$Fr!TMv*)I*~Azf={@=2@~G5W;mbrv+CEzN<pMM
zLPJ22cx9F%$q%)RtFvM@*_E3o4~gP^X?h)Vt8F}%|H9>-MqYPb>0Fi_@xFEE!IdyO
zv0~Z2bFIBvq<hrjbe<fM#WZ<y#d)Q5=bc+VcM`6JeYnz0@Jy|q-!bI(l!N5w*$z~C
z*^ZsZ6)E|WP37E6rHy)Db1chTL22&!f-a@f!r7X%&aLI32vvCe)^;#JlSfJBxjv6I
z(|D-=RK$4ItXU3>8x@34llf_E@~3SkBWGk_`E(N8NYXEge%uI_3Tp*5pkT??-iy;k
zAz?4U+1`0uCzBl%k>VH{GZl$e+(guB0IK}7s$JkGrGKi1Nx7u$uesXbc4&G1VXy?7
zOFt2>HO)xT%#Tx86}MmO$*VhT{`69W#Z^JC>cvF^+&*D{U+W~Mv3xnVL1!RIk!LbW
zgUk#+cZ5DQ#vBi91A;Bph75-0;}-L1jUTX|Nq*+p|9d^TjO<bCFlsU}xAyeHWyufj
zCQNZRujNRP8TGmp?aWVgX}y`282=tu_dCwIn7sfzjg0TAJJe~mvDuR5JyA}HS@cq7
z=%cA;Ix8EON0^$=W~T5!pDR4<+Q}cSZmnn3n5aMhi6Gr27$zEd$5`I6D(9Fyc5H0^
zTFPskM#XTgTHtErTxUlxn#Hz7OETdFX*JS%?i_GC2yR_6ZQ}FjPAs;zveKxnasvDO
zcT=DKmIN?(<+gn!+A`X!Dm<LCuUy?{MLF=p%niB%f=_4Wn^j(}t)lmF<_nyNO3%7z
z?Ah$qMr$r<Fm(uQMa%?wmP)5bf8)-^&^T-zrNXzgcdA@;cEpC>p)~<=ZI}nc26P5o
z_=Z_@la8^3=k}jlgs-5_JGMC5e})}rz0^9I@N|c%ejF8aPMYpf57f;~l4F#_wve22
zL<Jq@4~brxnAY|trX&Kb4bHF4GG5qID9o&wJA()w%Z{VRJT%OMu2VBIX^>j`NEb)h
z$xIXV$I~Na)2>b-*QpRYWi1zz*FqFQ`s8z|^hr(}1VZ<-+y@tqd1g-r<P2b54$R^0
zyb^bodJZ`2AEmLg`pZVGMgT}fQ4GwN)4WpbU}V}#Id5}nZ~~b5q7KA`m)HIUcoARH
zWg82DFUfh>rcO&SGnvPXUnx7s+LjfLBu}s<+P^-a=CeznCgqLSSl~E%XyMprr#LDW
zw&TA-?b=(`!y5H~T`6l+v2}Mk2=b||;~@yHzfFYxQV_)}rTuZK%*pq0qP|KC&LcGL
zTMrwI%hlF4++ydlKB;+Md(b%KR}A@;&>d{)EnZ(?H|94qud?Ks9XqQQRxEA|MD;SH
zNgSAaS=wx`1eb3b2i+JcHjK%yTyz-xJg`C+Hju=JHU<+~_S!UjXgoNbGNJX&d|N>4
z?D$AvvHr?}wYQ?Fm$a5OAmX|vHp0vm=8j6???^W+oSOQj8tSFb=ioEhfi9*Z7?i@D
zfxf*LS7saAD`yRslE)KZXd8h=v*+lm^T6WvlB+{{0&y6d>dB>8HVhZx?yWNpCFbw!
zdL9L_dXEB|W@Wf^W<@1oZZ}C-19X@*p<WiR&Rl2f-Q$4wp2B&ugIBGRm>;;hjx6oo
zGQvjvd3x!pJhi&q+S4ZVi%d`TeepSBPYN$lc^miHS>+){OCl0P;iPGyzm&{b@70@l
z*61mtW3>#w^NFIJs66)qC=Tb{<<uDd_rNqlUfz^7Z$t7j<du6z;c!d(64Dq9g|YK@
z&$I6z?z?8B%zKo)P@f*7`yNEc?B%#lquGgjxf;&VQ7S`QnqR3}uclUeeD)Kh;nB*9
zu;#pqrQ*!XX${^Xmue@$3cZ|(Ihw0~M^~lOBRm#n2oM?!0d2-Iv4ivnj?YS5Zk?=(
zmpnyz?gp@dOz4+*SBdA|D&^*8$Bg%-SKU$ER92lC=nA6G;ihz#;ik_oA%=Ml9uCex
zSF41Z(1*0{w)L7bTSc(W+YmBg#8FEU!$S!X{j}|)g2rwA@t}jfhNN@b3f~alDBo(n
zalZBu^U-0TZGN}?UTwdxvER4b?@juh`xwZa`?*Fmn~j9SWd-eLBs&^$A?AF*_fiWu
zuP`mDIdT_q^p}T2FsOX#C!OItk*|IKc;^FA-Zmerym;s7vR~o$hsnOz?GKmzwQhfe
z?C)^<BW3?r*%!llMg&Ka*q4z}y&v$|xF*GX1M$w!aYHaa(F==P_fZXQjZC$IaCQiv
z@YNojTiyW&59P;kuzGUM<lN&I`Ux+02KT%FdX$so-Fq1$CU^6S4!=*b-zVEIf-l@X
z9)Nqzna>BNmDW#w2CK*vhsDvtclG>Py@ARi{`-nEh%e8*eAgJ<fA5ODnlhF59vj?0
zRWbFTyvRDfhw@DBr+M-q3e4NS+Jb|sopMlBgPi-S!UemXXG(D1pLBKLjHmA7!mB(%
zkeif^Y*;{Won4yNTi>5x)C*Jbzb`Qr2N~H~Vd_|)fA1SLHddptjeV&1bK#<o;?uyV
zjL*hO`w+izHg&?`4tnk-YPGLtEvY@(X5ef9XS2q1$?ATMHu!7V)cagqZQipodvohI
z%NY17)$77$|C{B>6C1u%k9=ukbAjZVY~Ry*2-Jk0jyfJ9`t%#Xez31bn7({?>bI0x
zYF;GH!pChXjZI38Z>s!(EJTYRD`DX;8h^`;2=9I$xYQLtf*0@96`sfUa=v|he-rF-
zr{7tBrd|0hl}GA#XHCJGevih!)c1J&m-^J4im$MIx?Q-J`tB@jcXj*})_h%3zq`7u
zG`~IIVyRCwAsR@_zdiR$h`ZEx0saz>|4Ypj4z=kE_-@a=RQt+rsk+LKSKH_&+fR{1
z@W1kXitlguUc&b}zPs8_d8ePsNI#X8ereeUGha#EH}W0KTwI4VAJs+Uz{mJL|9|QC
zcIx$BzJr<XBJBNq|EJA^m7n^*3>f}_FEy{h{sz9(O#M?c^-s;k{#(`PQBKT!AMS&F
zQBKT!Iq}x<EjCZW?~Z(n)1~hA35QOun`|zhY_5Q@eX@DcWV1Ti9G+|*g7TTk=Hn)t
z1Cz~>$>!i>b9Az~l8Ma!jZGqsKGd7lG^c&w;B(p)aiO43<3rvqclxE_a-W^^KR0JT
zKWBejuxlJl^T^v%zdLI_jr=qoUdbnz1dCu$*(y_I+?Ib@zkIrb#lN$#-PQ3`pFEst
z{q71p9t_rl;X-)Ne`<sLr}oHy2g@hLzv`k-ZI`y6+EDe?r#k9O%S_8k%SioGGYwD8
zG+t`n7CcMgI6tTTJ>7WmcLRQlzt`ip_<I|Ei@)peTl{?hznl0z#CI@zT3!lEnr~X>
z?S;RYyl?N*-1dLtcYC;b5B1jfn()0GQ{OAXr(<Y+>AK_g@_Q$7^=W;f?|tDrn19+X
zi{V)8UYvfhJB2GXx86v>`8n;GxOel-^F5pIO1{hZp34_4n$t87jfZa(Q{T~d@LNwj
zed(6$Q0)5JGfZ8FY9d>uIckkfT}*FGX-sU)TQ;9HY}Q*j*<^2qJqRIa9((b@=P|8o
z&*9S;khiB}g3L7h&f1k<nomBD)bGxk%Hz-d9z)utzJuj=XJNam<1Ynk>UUR{mF9Oa
zT-;Uu>HPGUn!<zTy*p#3xVs}}eja-n-S7Vk-`@g<#?^zF=@@%3b8#KgeB__n({cCz
zHZ!f?!OVl<?5_4dSox{{U0vQ*O~(0o>_XfJ`=Z=Drt|2fzI0x?J#(qF@@v=X9374^
zi>+QTKOvK3e^F2IUz95T`!orc`l3|v-#-%JU|*C|{P*)^DEGVzKHdi@+?nsrmbvv8
z6cA2PA7R$@H|nGad9K3CaQ`J=`kb>aLhfp6`*ZUX_21U_=jMB`bX#9cfp=xEsF2?s
z`3~AEO2&FSx%)AaQ<)r#S`X$lAGY90p4LsRZWH@IrRl!oA2FY=d*IeXb@so%vZ2v`
zi>g*ywf&Tpm|||yrv<6LV;6lXIE(#tkuE=_Q5@OReA-9HfmNs`Uf?*e3b`Y&3b`Y&
z3YnuZ$y+a}OiQ&|sGI_O!>Lj0VE`WI_>rw%3B`@+zG=GD+CT(e-4cruY=b%GBWJtd
zY2=`uR17J`1cC-$kEVjB2UFKCx$4+Zb`_<cPF0lVG@^2c==>H(6t+Gp<+q3n=L3uW
z>UKA?=LuX@*ROsz!0)-#tm0JLlbDrry=8kY!|F1o6Q6%o%C)rTi8<e=WWICww*HC=
z?$Hgn-(k*raj6XHR6R~coMp!?;}jy6o$}MTR(cpeenD8AYM@)JIl6Jh+*t~FZ5Dz+
z#!hla5aV(cf~1d}GR^&4cN>>SswhqY)0Mij0#BmSOY+KSbdWzUF3I4!9XM)&IW9aB
zm{;lE&Gfjzh?>(P&^ksfhvb^E{232WW8)$1HG%tTP0H`m9Chv3{khk{%kz&?>)YMZ
z*^BV90)~Lbj2<&zz{K>9tlq`xs>wsIh}x?G*SPDEy#1=Mv#Oio4eUIb>VTc6U<fO6
z$~5;G;aQ(z_o<2%cXuiDs;DDp@?qEv<_;sTs3ZU6Q@C4)L1%PO;pJjr-mN?9xZ5GT
zcsa@~qN$PMPMOKG;W62H6_>*3{VKX8o`U&6%CulKY752}@Nm{HxUAe4MxTo^-zd2R
z<ao(E>+@++@$9kz7AGH*>%`zf2uMs6!eg=UAYfXpzSR*(lyie}42sgNR^r$&Vn?1*
z9te~eKZO@nN<Kq4diLtqlpEKyo}dPjUXC-!cTJWrkT!SU(R}09rR0KmijWAKj51C>
zODO~U`*<yVe?h!kK6cC$4t;Q;Ph$t-P6q8KRkOWgS5vhJ#aQ$AIkHgVRpg>u=3j`j
z_22MXYRnYR$2Lrw2wEM6F=ppBlGVnp{u1Nd1dKw-W_g~6XL4W9sMJ{O2gkF&^)&x|
z!0tW`pe3&LZ815;?p!^0%*zXx8DGpZC~qxz8AXNJ34sDeodPD3s~~}z5yFb7c=<D-
z3L4}}A<h~;D(;kDw@VT2X3?(AiSVg>glDA@q9~q1)L!5uuLm&Z2}JFA`$j<S7LeBd
zIwU*P+DW-4H}PyJj6a{ppiSfCa$+OPqcAHw`3fNjnrGRjWt6LNay^mTNPR016@e-w
zc>{hS`VCmcA@v2afE_dW9A@$fUJx%QH}MPq37S{_6<Y=FuH?&DlGo`+HZgF9Xz0E7
z<{9pzVTViNfr?EJ%<a{qn0%kC>POY!NPMeoo8jN=%RKvXo(>2?zE*lDxyaMZ0w#sm
zt1tr3fLDp9lT{r!5FKG^i{uv77S<XMqK=_%_^8&NS26jX4-?iVYiN@`Xp&(Hq!MY}
zS;qWTYZU9H`B&k=!*x^rMR-fT$$&6fG*Qbu5$*x?IU+RY>bZyTw3^d>v2Z8o@VQQh
zhhCARL-}>Dq!iJio^gc^FUUubpG63CC=eFV;U1`=`*gu+b-sl<uQNJSuBL|*I@GJ_
zMu%NuLx&36sj`y_T?IPKvK1Z5k*7m*M;#U7beQZG2||yS%;*uRy^_7wjzHdTc)vb5
zUq7?@`3VoYr!5crsAy;E!^7o_Mp5O3SC2+hvY>%2?#nYmEs9Y4u1j&hjU{_?VO_1J
zH7}$wbExOgm>H#;7^QAPs?BXP&}_sSNf^OT{RIJbLE;28KtJiZKv9NIt7gEVnkN|s
zhbD?%ZSAG5QsI|eNX@4x0_(%Dip_9pC$#z=MSve~>Z0ND?kj{*??JN>f$t@d1Xl>V
zmEp?Ny^&}9BYxAz<9nvEskYY-m*4|d#7goj8P%j@Wi=+Lq&oTvvMMImDcu(hfQ3!r
z)k}Md`g{wT83&K_lXYj(Ip$v}WO$b;ZCYLiOX@w_lkdsDJh^)Qca%8!s~9GfGHJDx
zt>wN(@RNUgCA^xCQuJUZ{|jJrv}4!pXz@yWX^)UFxq9wz*IK92nd&_0u4I0XrydeU
z_CtMSmm*<}?cHaRrW6MFc7J5u*F1}tAGDV}L*?8?C$n&y%f3VThk*|kK|W#Eky{-F
z;W51LjsJ(ZHvy2Vs`AE*_v*dcx;tHT^QzNHx|*fqqpCYecMAk$i3o}y2q;c>A|xRZ
zNmL4|0fFMR5fyPE*dX{3W6-$bHjd-IFXIfO;}#cG1cgyl7H7m|Tt@i+e&^i#-mB_P
z2s8e_uOW5cJ@?*o&pr3tbI;wU%lYZKon>qvVjTf8`SXgeEOS~!B8?84w%F((Hv}bZ
ztuNb;hSRu~Rh%mbU!4|<Gjki5(N{oqiqQY8jOz{_rp_xY)Se1f)tff*(Q-k>HP(wF
z3MLwaPqCsypQrOZxf9`#|7Cflv|ZU*EM6Iro+xJXNmKLMLcCN6%E`vp?P;fw*OF!P
z*~Wtaw*hfNH)gPDg~HvW6{15dqX|hn6cxm_mNZ6;X&{QCku)FE3<jGYh0;~MqWc{w
ze=s{<g__yB7`_^z^Td$AeTd<;2;P?%N;qw*Z05I+!$U>Ckqq<<pJ&ftY)ZycvEmcu
zs`q@6r&7fgafAr6**dK_YIknD)ch|Zc{9wrtNJO7-pt|4a7?8jQtPxx{mk!(u?}!!
z6hG8mja5i+Y0T#|8>w<sr_i`iIeTA0Iu@SgZj3W!+}EIfR8XaMO*$_Y%UHv+{CA@K
zhsEWG?K`=xqx>WY-CN87XmA#}%W$Au8(6-r)EzRKOUo#hRbuJ&QXwV_wntiCqVQpY
zK+$JYqDDT&dOy|q_2pP-O0#xt1+`M_Ajplb1Jf~7dJP=gx2-|h`M2cyi(r+H1kDD@
zj_%KCF>>QAVCwFXf#w-oGl1e|PNtQC)9#VM=3z%5Zn%{L$&T^TYZ1-p)cqVUy_`Is
zH(vT|40RfBgf3IEFkadP!Z=<cJ;``Ud~M^Ur=e`4oMUN`B*^vwFHh=L3X>i$5s-|R
z$N{}p>TS#oa~odfO5ht2Ss^~i$|X+>pYDVwz7jUdL#wY`h96P?UAZ8i-@XOlY5bFu
z1Njmz9lIMFNxM0e>b@r<=R53JYE3ia9in3?DT$1wlG=Vf2t;ka4i1OBbkjp#2Dc4)
zp$po^yw@Yb6RX3=AM@^%I%L+VF)t}g>QH=f9r7-n*MjHEh36y*b@<H`&!t%DIwT;e
zLuRF8-s&3Ra%m*k(fGAAUUhN4tU8SI2h)uam>1alzXp|{o?Kt{p0b!(m~AcMs-NF+
zJTH6gZ5^C+d8W)dAe}D+ollDC>=;Aulg^4;9j*?`Pyt#sFrQubbayvTzvh683!1Uh
zlG30f<LKJX$4z7wpO)!1av-^g91J%9;}bH5-5)#W2H_HCG%(#_?HmHLm%S0H4=leP
zWW=Ld!lLa6MhA1VhToeGCrrb|&iOL<5`r%&JIAM;;~P82r=4TYGIZEE%%pK7=t3uR
zEF9C*kTfx5x^Y*hz}4#hQND2;VgdLRM&{_wgv*FEYm67CMZA}?7>$z<5#32VG)Tu^
zu)pv!OE4bzUzf)WZYLILhSok$Mz}U4HOxiLv#_&R%~h+#5X*8Vc8%~u%WH9`Eu176
z))Bddx5pE9aWE{*VI4M}!C*v-xyeC4#t7t=fifdQ20x9V^QfIrkt12r8^CVdf<h-b
za24ISAaoAU+KT4nE3BRt8M+5NKb&pLjc#JH786%wlfBbo5`APrM-a=VhSsS?ot3+p
zaN^vDV5K!{N5n423*Qah)QxEo5v7SdzR0%jf}o(yA?lf<mudcpg4QxA1<9#13nh)1
zaHWF@SDqKskf8D6_**-eBup=(PyD8IddSQoW`XxVJEg#!Q?n@cMqB0oA#E^9ILCJo
z>bfR+lvOQFKB-ZhDu2%7m7%S`ta!W#s+Az~G8imL>HS<mDlu1>LO;8G%f!3!AReUv
z%7%lZV7!d$e}o2AFHXMpcv+{b_HSKvt21&hjP%n_hEBZ<_fQxMloRPgYYnk9O~(iP
zPLPhPi+mWc^&T)*&YwIVc=%`AYxEX`z-rhjj-308-pX$;dKa7?UT8SXNyzAJ@Yb^7
zH^8sa-sUDW*XFC(W`BdO@+v1AejNcCX$5ZD@PhCI0MtMuQL7<x6XJ)@Kzz<AxtU4S
zdmZ&|jE=)}Fb-Q=rrO^Jg@j4iD{$~f#^$?#roJ_M**gIrJ>4DaZT=%^c-!-Ez*lI<
zUdkZU<?Eou<PDJ`ZlHfHJkf1P>$Ld0eT&m#!Bz}6bFT#TkC1wOaRiy!u8?^-EwaY-
z#q`7k!CQeyWHZ{$P^U#Fmec6%l7vhWcHvoUr$rbu6b{g4fm|~4=?eZ6g%!O6-g<4{
zaR*XyoyNz=R^cC){YItTyc1ZE(+cz^72d<p<L2hFxjFcYauEZ<CLh9cAYzS%H_1v6
z+n%4f19dPaIHa_4Zj;t(5$z)>;!3<<)mGd-T;haTQ=EN8ylMPX?dXRe26bhx=yO$R
z+B{bw4B0rAt(5BP88Bc2aGOXv-Ud$nkyk2YrRLM(8Y<fmO4*7^^W_LB`*MOm`~#{`
zN3R1|l%Vjcd9Ao`yOl17Fe?q7rhZ^NDI-4s2|okO-9cZjUh&I0b9fndgvr@uFp&d(
zSdEkS`GE<nzHI%Tvw5pQ7rN9DUScp;S&`F=3?5b|2L(fp;0m+KqfYd0WaR)!Ico($
zg@COSIJB9f1EJrtR6I_LauSHeiXQQH;_;*R(!q6S@1vWG-VaCCFt`_=^V3d?5yzmz
zC?ARg1CT-eg3J+IgdrC3!*_QgCfRRnbI3<Fa}sdz&)_;7w*tA@xyDCOD7h5Kz6_1&
z-E<}sKg4U%cs^awS>v8_a4%AHz$cA@rmGW3{z?_pjeaQKr1W@qRC%JX{)qfRDq*LT
zadZ$bc?egW7P(?0@|$hN&zz1)!xbXul5ctdL4X}V=oMup!<(VCTXW&3S${&Uo(SjK
zocfhe)E7%GYjz6PE?(nN=ZqFq_jJ_<wEbK8q?*xJV>F@K0!ap`W7rzO9;P0k*_P-U
zw?e<wHl${nV;UpvkhaQnALh6i0q3iC#&jD19=2i{X~KCFryV>6RNA`b*mjbSG#nt8
zmec36>EJ4MNo?B>=FHj}P#G<5@~(o(V?HXSSaVC24{Re^8^1Cw8f9l4i;8LZ07^`z
z3~k00D{Uba6Jp_QO;{DZCNPx2dZQ9-6Ge@nlBE*MITelrX{)Xj*@~49)?(9Q6~F|M
zwunnr8vh7^y62GPnEbu_ok*!6uHG$EYW|!$&&<V9e4*0VzJY-4yUWUXzqEdHl_7g0
z)ftdjT*HuvER0y%u0}W|4%&*))}d|oCBI8;3Q99rq#dcGsGG1HWL!yrG_j9M;Y-Ar
zQb@j(af^azWtiysX?7#ieSW1c7hoX*D>3E59A@~+g{e98SWvvU6ofO_j5m3&lhZoD
zY^-!Pxv`~I7Z^p7QWjW?5!oK)V|dh|ChQ+j2V)0W&6CnNNDyOTe95CyD<^B(hh++5
znF7b(u&bzoYL{mNyj}^R%VJ#LOLxGf3}zR*xa8*#3|(zPS7~T9)Zpqc-9eLjiAlXw
zQ!is`-o5x!$QjI~vbp>NvK7l&N%yYceidbGLli1r#`{#PwRov$qEb3lOwLwB;G+hK
z7Zw{GX@p?>NOupIM##E}ciAXC*_CHH|GQkE2`sj0$xH0i&yt_)Cr+{bgk7lr7(!sD
zeiV)u+oT_7^vAPFB@$mH4Z_cXD>O-oMNQJbdsS?bicNJR@*M}SjY;UVnD0VH;3oiw
zOwmb<z)up`Vuor2^7T%_Xn9DUVgy=y?o$Y<AG~0c#m3}g6sPeoB%Ah{-c@*&^zEN!
zP>T_^Zy86M)-QUv0%^QOUSG_ZfYUmJQ>^g#dXJl*%jRhzmh`~-<gc;gOUGlkLn}>)
zK9j<yY(hLp_60;*UtO~i(_JqG?`H0Tp1jJKan(iZt6l9OxCK9L;_bgFh_aDm3z&j7
zBy9?2=bM5-7mB&a&(D#n;>OXUmJ=%EL4HC0Xa**=f~lqHU{$GkTT-fEt~$JaYz*&~
ze1^<M1hv;Fr9Os=bfFIEm_D*zhx*vx$gt!-N4$RYc{)N%2U2ahHj7B>ocU=5t3_D5
zU(>4HruA(FU?q$&5h9TScPFHcNMQ5P(Y5`jqe}T_Y`d>O+B$7J%~(Zj;)f<Xt5_7J
zXHh~<op>Lf;jppu1dS3DepxgW%OW-(KNQv<NdXNXTV#>gcfu>DMPAv6{AL-v%vT|^
zlOnTmjbb1aU{6BQ8jl%5XR6K7he?Dm##K<>Zkp02tg&K4<D6=5D(S#}B&99FoYfX-
zN2(!vb_U%rB*~Jgp|!aw-1sTlWLl=4##d-iS+onxx9Wy&yy(ZASqqRl;siu=XMF@$
zZ$Kc4tTT#2C0f2R9gLraUtHtUuNcby@TXDroR0;x?2rA@V6IG?VNL~?Hz_QrmS9&g
zUu!=VHtac@7J$I2#RWoDftncVSmP>CaZZbaMv&TtGUEEn$6>eQbv$S>RzJFWRmh1>
zy5}fZQr_KfKs=2TTT-8ALpGKa1*HhvNo1&B+8b_JN|ae11GTSG%eHH>82mq0W2oW1
zs4*LoR$~i{X!ohaOzVnAGu@)qxVS+fqCSgDfZ{@#9rFQHw$*1ME{rxF$4WO>A>7B!
zZ24(pK(His2qM;6zP=pe)^dI-9xvxPURK!Ls2Fc%Lj%Xo-znqXMayZ7T=zqtwyZuC
zYLd(gL0?fbFD986ZRW)($-Gc5!g4H@i<)`i31+S>N8aL56)HOFOAwP3qO|z>s+Ux-
zVKjPn%_g7eTcS2&6Xltw1zkxOaH5WVhxWtS4EJ2|FI<j2xg*V?CuJ@k{<jJ2A?GIM
zhKpI8k>-Q|$J>D?`HVT)4m?wUtJ{Ga1c=GSG|r0!h)v{a;5Gps(GEQABh2XNcHor)
zT+<F5zxDvcJSq(gKaA@#Yinn}h9Wy+jmcG$?_}v}XQ#ng6qWnvSA_ot=5J#HTtO^P
z(7GcdGQ8*)%VOq7Y{RFTpsd&5lT{F|tj%h~@Vksczb8q;AJBg`!$&Z_FhIe>=Vx%=
zxkmdTqpf8$fVOY3V2OC5fK%}l(39=&@j{6qw%hemn`nR5ru`O6o{hdv$BVu}2XEMX
zQ@lDAyGLQ_`HpzJ=)2<b3Crkv{A}@ewCMEs(Vh6hGrQ)NckwzyJs!FiV$utXq8~63
zF8u!yTw24-P_5zJ%QI$zmUBPU6-Uq(){W3+vy_>i?RD(L?6;8|_GCPHO25-$+043q
z_OjbKXWNs#ly2iqm`Ig9)H1`Ho>{F-N8gvk{6%9R&1>PZz-y<fg{hUL=E)EwowbE2
z!+44H{X_V;M}YiH)|bU+r=T!nK)(!=FwXEZAB5d-r1URR3oYS|{L*G80qDq?|Fks_
z=ovj)nLdVoNsCLy>*K^NemWh96ayEW6{*;f_?9}CxaiTDcRW^Sh@F*kS}dCWk}Sc-
zISru?lga3KHP;2=#j$kuP$s7mR0c!%Gl)0G1(<3fj=WLmInn20Ib*0kd7p;b?q4?P
zTU=a@V0}zitLr!I!PF=^xOQ?(UP?z>7|TLwL^-5QNFX@E^wwNZUwAj$q0U{u34Q)i
zPpIxhC==VEgF<wkx(}e8aLi*Xbu0L?14$AhFvx0;7c*KvG%%K;%JlyqJjTVkFo{T0
zVNM>NNRcO3sdi9dWM^P{@?RGuJ`TrJc4ui-%^a?xX2jJBtx2bjnxw~fW*}0VVp4lk
zGof@O{o}Qb&K4%ZW!tFAO`I2JN40So5UwbFijs%xh&7D2lwz2n9;x8=$~M;&o2Rrb
zzR6GSEk%Xnl3eC4=+O4L8)|WB{^_|JQNbJ})t|w6m4Anjt6olKZx|&#dqaObd&9{a
zB3>(vOKP6eHUzDk_<#+x(>6~Sy-W@Xex0_FPdjaczBIZE8KEcpF&vg#-{|4qU#G<&
zSvM=9NQ@vGInax6$+a@^08S!E6kT$?3$qZM=lF%`E5-KNb}y36@<)uI*<bSB)aSt{
zP#A5X*<ZB7o=(`W+F>+{<UYkzT3SVNyJ8APqe$*rOu=Xq&GP2O6pSX(Ebn1V!A4;G
z%wCI|8&j|`!d~4D`|fhUc*CQ_t6lE6QWiI{gD!mmj<tjjQQe&Z`(pNUWw7p*HJp!m
zn6O(Md18KM5|7A7cY`&tRq+#gve7+o*t^rKz5DIxI?eK{@Hlne>8FVF#P)tY{{Fq+
zi4c>t)c!qEll0BvvwbsY(swejMg+MbN!W<=N%r?<6emTA2RrCK35YvMKm0v%#5kQ<
z>RL^*j}I%vnbjhX#EZ$Ru~+XeUcr~z$A<w7GwQ<m&7k{k-m=A6Z1j%#TwXTs)zl9q
zJBu&&DgzjgA%^+H%f6<29hly8c7AcngG*$&jxt#Gv5;8KP0eA1PiG_6M$2Xu5?CgF
zB3s89D~~AXq#15TTIKA-{bhM}DyX&XA6#;JCeL|m7(v2G>Kj~k+M=Y4IW8s*`Q^@J
zc@Ob}Pcr@N0&}qsAsQs?K{&}=?62W_+__kZw8LpJsS2f@$0J7BeA+zjCon;;;0m=)
z+5UmTu5+Jf8l8Z1Rx}->hmpu>F)0o^(xXfD<~v!h{}0A<T67X)@jnS{{FT^YGLoJ|
zEX8NV65JAMg<FtOPtN0WFNPC7hUC~fEBt5?Bf3R8#%7W2(zr@nVBwz;87fc+C2`;}
zG+^V4_<<<L;CTOwANFG0CuP??%U4Ld5MtN}kcjM*VaMcZn=xm$&;}SwLAW;+k(aB-
z#)@aQ&bAOALi+gWIIYD@<rM=dmQ7C+jv-uP6HZiLv@?g9GEP9#pVxUNOg`aa^M@3c
z0~wz}rS8<dwr|4c(QKopQe#6cA_CnJdj;4{pR(3(d=lJ~Y3IqTU#gF!_^9l~F7Eay
zoE(>WQ#_aj7B*vEO{kOxoUSn^FBQj@q<cVd)_EW!`*4%3x4!{JXb_LUfwFFiw?&^j
zbKR3g!e%h3UaW*!?DVc}S5?jH>2IJG`cLjbK_~iK#qv9YMZ7Kg+?m%C%Y-9X!W@w#
zM;L$4_>f_`*yhHjqx1M@fuGz9oefs@Hs6Gtns+ig*(`(2LRpXFsedO(cEJGTP2$vA
z9&40EW}(-;^KcBkKAw@%*+!s8JJ7ci@tKTg{{#w<IM&e7UkIpdjsDmf@Mjb7UvTC9
z1I$Zgj$z%W-_3Qyeq@Z=AfC4Gg8*-Ptd@1dw{s64)3;`M-hMAQ`~Igm@frz5GVBEc
z@?Z(Zk5h1;(m^+7ox=kW2Mq4cVt>ftn3-jP*+pnb(B*Qw2Z4F)9O=S-Sn~=-VPemM
z<$C7nS}yjHnC;0#)CFyfaa!auwsUNq5`Oz(x}ap3)>}67>^QyCVg+a#e#L1>SsTMm
zMF^a@G-b88_1rPMi&7Tsq^%0vlsWU(8y>A$gFC357DXf37lDV|1fsnvS0{P;nQ>gR
z9;vi?nN`3y41BJRn6bC1>NLKE1n31_?Am!0ZKo^1#mh2i$mOxK&z-p2uRW5qvD2@!
zZ7e&0hOiOd=52&YLqNOxZ{+K!O&<Lf-&(g0%aJ*@qi!*M_b8*cn8<A`M!^@XuVn`(
za=0IO1|JWPmAymAY4(g>D4&!;o@+a<gH8<Pq1s7mWo4+;IxQ9sJro`EP)mUdBBVYk
z6<z?OG-9@hK!i#9>F$Dr7Up*5y@~g>6<2g3+ui01wY;}D{o#GsH4nBPP#{|)hmIFL
zMvR!<%D@W-vwe<%?&CY?c3Mn^6(Mom#?OGOJx3TYrmYVhlJIzcaQ%G0aAh+%8M6Rg
zF6bJofGJXv7K_yw01G1qI4%CVSX5#88ZQMrSUIfF{syj)Kogi3V|hoxY`NBNvTfaq
z-vCW?@k^oLQ@R+6pQPY624up1)RjG3^ZB|z^b4hJR9TviI9h2sQV&H2VV&9ivonlq
zB{ETtEYQz9KkWo(mL9y}eE=dy9z3-V?lVPyq$xD+atM)63^jg99`YqwAn%q$ZV|83
zBCxRsiUIE?wIo%GDQ4b)p3|E-l+=D>uPLxCC6(ljNP>xDNwc51+?eEY<jk$`xY_Vc
zaB3gZ@{0Bv`PRxos8zm{6ctJI@aG_DQHh_zF|-TLN!||VJvb*A6!khNrzNpl6489)
zPL`~`Mmaa-`g2p}TanF=1ItcvB<U=KSWRk}Zb?oG%W=h+i7F<GJrRA_G>CUswr@FM
zJ+>&r_;AC+q2?P$lFdd{HIAld3Fbili1M7kb}rac9XvY7u59<}I}naslC14_LTq~h
zT})_b?DTJ{Af`N)=DE0FDU6&H(&P!yLQ<&WqzSBydCG;DBGWGUHRE8(0&S>}`Psus
zyXKu<{G)XgfT3}d>7~bu%5>bu?GR{@o#;RSsJ!VK$L`BZN9*fM*AIZmm6y2}P4x=e
z4J`t(fqe2<r^U?WN|vqTcqqah=Bev&4XSQ*UGt;pC5JQ6w#n{_ru&+>=QL?E+cGxo
zHk-C;(xPWrFfFaj)<MX6Y#gj)VWm@#2+{yfoRSy9f)%A^nfb~*0L0FgU|kXY+?5(J
zW(`>oG~Nf!EeCEE)oBS^B*XA{lnrprDG61$L=RjLr!2z!iGJvuq~;Nx02DGO?oYe|
z)IhhJ*wZ+9GJetDo}MI!+&n^17S<unKDwZ%_P`V7sTD&mL9#ZmHsZ+}hTKPtw?G%U
ze%7D!d@Qi;v~7R#K`khZIKys{GkwF5`U|8~ri=B!_00@NWol0;cQ)35vDtu+O5P7$
zF`DBOPmemd)BEzob{Jr-WuwJ(yr@Eo5}RSoJez^hX*1A$Vm8C$;o3i&!IgV@=Hnv$
zn42K|ji*3pf|cMefsJD+h4PsWZ?_0+-+SCs6TPt*I)nE0UhRQXO$Nsy17j4#efBAU
z)vk$E%^(PYq|h;4^b&mH0a@+7`y+|qMgnCQyp#zzKkH}W`<+?@jvdmbs|b?E5FH7H
zv4GCOt>A(YG)m17r50>0B3A`Av{w4>nPWhuH}h1|%Kk7bchj@XN|z^g2992zPK_WV
zSC|;#TBgEy_MRBplWlw(`4Kqt+Bhmq(1TeFH#&q)Hae7!7mbL|QZf}CMnC$sY2b|x
zrzbocpBN3}!D}x(UC9&rc>fvK5Et{d@g=y`h!+~+6t%ZI%<(oY2W2L@@Ht3?o|qYn
zTH{`KW}nPTEoVk~)%Z{1H)h8L)}k*w0|?kuLwHyZo~+S66?vnr=?E!>UI4NOD$Wtx
zMEPC8d7X8@rDw`mEA``XBJM1rmk1snf>RZWaaO*tcDk^tV7}@H6#6i|>H~_c#<LiI
zi7G6t1ql<M!qq2ulJ-m>@&kD`O=9@yZSY>2>9A0(!Z+*&5Ls5vx}iUhS;D$~l;4-T
zmW_@&P<2#K*2jElqNXN(srk7aM`peWy;R}psS@@E;*`u((aqs0PJd`KPRdM=l!BGN
zs$qVTA|gE!HZM9Y$_DEQl5{5}NxC8B|914LCyH$o^H{KFht_os<)-lTCtjiR*ZKNT
zShrKaL%ipZ&4v7+e7HejNR>L=so`y)5he$vVrZRty%$#lNLAv{jk=s8ws91apRFMU
z-l@m`b}Qm3xUU5dv}tyjM#d|3h48t^n>)hGIXqeCuPVjg^#gqDl<}}#oI&NH)LT5|
zyq2rGB+4IJJ2mkxLq~zz%Trl$D-ci@f-*MT2!iZ@9?azHaUfY`ubl4`z7sV_QX097
z3F{=X#8^sXse?$SnfQo#8_mzW61;p`N8KppC2ryH*LA6HuZ^O!E%30<VW`3$Y_9Ux
zij-@VLfl;JJWhV%&K&wh2%6AXyT$c_sjNQfjWxuqKI!cZOvzNL>n)zb%xMjq{@BiW
zwoi1Qm$@49H7qt8b<pT>PK#}Sb{T%eUYo7r3-?c*k9r+_zF1uXTF~k;iHG9E!>Pn-
zvdt2-U}6tDOtRs#kxxHvKN~&Ffms!6HS7j~x1*(EBZ|Zj5k(ABHt}NeT7^MVbqEBe
zd8WWR9@2!AZr`$s*9Ss=lsRjs>pV%0%L!K+q$$m%k$5+pSb!KQ3l=j!RN?%PEX1rE
z-?aeAz(@Yln4*iQs0nm#Qf^dY<K57e%{zAEMPSUr701d3@~(Fo2rkQgujw^#1K99;
zAcB)__2Qb1XH$;irM`nq9rJ9b^lvSxV_Xk!ScLa4gYfy(7Va{C$b40M@S3oE<1IYd
z!?FkI`G<{3!4$T+Pt6TuS}e1E&rU!p3R!kO-(a5`{%;0UHf@lw0fYg#6k!7h<2Y^o
zfC*cSFaVbzY%#+AlVOWZ*dW3H97Nb4!hXuIK@+wFVE`^h*b;<&fniHb*iwW6IDoLF
z2;0W6r6z0{!T_wCFO&_1H=x+HKMW(vwu`n=+z-YlJoumTE5nj)6#n511{vEZw#}nn
zhXqbNUFL72HUw|n43`)9r|ZadfM@yBlr3`G5FoNHo9Q&*Of2dO)tv#dRgSYAodFj!
z#X<qHWp1GW**5ou1u~bdbL}axL5>8^+aQP3?EiTN6!TShTlBk-%%a4_JgZ#b(s&<c
z8XCv(hi^FR#yUyoXMP9wB<RM(_K*{wGIzhORKcT-@hm<LMP}=>PJWMEQ|X8jv!8g@
z+I(U~$b1<$ncH>jwoNqJau!_!%n7t<ZoxO+x(h&`R|wEIF}$n`4KysQLd_k26~@)s
zp>s!%AHpv-E2Br@Drks>&$+$=esMy`$L6EW<=jx&=QgDCA?D=*4iK4@QDivzZGHdr
zUX-7I6=`ZCL1pK*QLs4?vN8CEMYLAnOT}j;zGnHO;`51iVUPe3pM?TMd=?6jI$tP2
zq-3E05x6U0Yo;VoG8chs4^Z33lQTpovo93e9@B;E(Z1S@Xiu!=Y`eAWMypU<n8)LE
zve5(`VL@uAf(TYL$)NB;pv5!bY6$aY&mP<YIna|;Qy9iC@j;U_cDNCdyPSOVWF~F#
z7b8aVs-pUX0@nL9K>AVWXClD-PmCZsf~jE?9|;%BViG~5mz^lbDqB!bPe<8Bn-~3A
zR_M6t?)WWilw-tgvm3-WOEF+atG(Y=5G=jl`k1UK(5xiOzWo6hZ=@F{N*qNkp)`bv
zv^+4OUj(E$7^mqV`CH&OK0ka3J?*Rk6D5aSdj`2+@lKqLBQ}mJ7$u*^<+R8sf#{*J
zZl1$rA;l^oqs7CQ>I>KgNDr5J3ybv|3%iQ7V6id=drG<~TgRsXO?gQSXo}5z1KRHQ
zc!t&ucruO2K{#FYO3uY|z;igEG&O}+u=7*7Jv(zln{ifYdZa5@d9RP7Jvkg<LSVi<
z=vQi&&!KIryo*E*8i|}`BbV#0$R9{1M0BzHgoU#Z1h$@^sDOel_Df6PYM)PePLyrY
z!IIgFQHOqQRz*3bM@6(Tw<QbuTF%>m=M=W<MC^+kIjk!|+C{f@xdHBmw)VKWC<T^T
zd%p6#bNws_+x;bbXkiQ)P#0_E@{?8FDL@_OFVr=3b$~OO5~=K~IOm1IA|Up`@7(x%
zv3Ab7eg|lky**Y3Z9qBqM+Y4X7D4$ON5_kvLMOZwY4@dQ+{X9NAqoegqnW~K(J@Sk
zjv=VUUvsHUE^GiJ^~mu6azl6!UJQskiuLe{e5x+Z%42*e3eKAdVS-mj(%(Ur7E0V`
zV05t9c4r)dyNB>Cm;W-kR&NrlWCo2NAkuP+i<Iww4w|V!!7+u>V8#@=%=4iSpPAB!
ztAX9>Lw@f?ACfP#M=@@!4`;w2(T6z<4ah$$bd)}u?>bD(EyO77T|Lu=?2TD%MKK;8
zHP#YgOsXFud^-I;@qSF+nqcg{T8ULq&HM>v(S{@O=$1!QR!9_CLJdeaJ=~*>;mF*C
z&RbDf<N1wtL4&TOKqtDAQa)c-UXWNOtb$>&Ojuc{Un~aqhgTts+Kutt-cu2Twz7s!
zHad|GX1-2f0!%?NlrG_PEu7K0e#2uAijg)Z_X)Bbc3gtN>xvwDjTM8~aD(X{3`aN(
zgwJa4kbKrdfe)x>N%K=M%+q4^2>iPI?uV}e;n<ItdA*&Y^RYWXN6y<26uyQ9lk*y3
z;)gzQGMo$bK$na8X>7`S9T7Q|nm>fKsqDnV0oSECxjY@df;e#26+Znw4__z+ns#^{
z!{EM}F7SF8?2(guRf3{h!o6iqZqCUKP0c-e0M4Ln&<j=Ep{dFHb$-&zoPqeKqCEw2
z;?V7`ug3JwoKr}p5r4JUA}Qr1)F~vOE)iei{gR(spI=|Q2sCZNHZeDRJquQ9o)mMa
zhTTHg0I->%SuJ;4FzB&;>s1^ZkOxCB?5>G1U`l_C$0O^5PTrlGn|(Se9#cE$a#!%0
zmb^^q4Ncsa!{OJOO!!xOC%zG2C>%(BGPdGgj|TU_RW{<nm%+{a9gyD&e=F-TeYbIs
z>i$8*WnFPC0rR2$TzEZ7rE3YGZ{k5S7G9df!%ZXp6#u2;W+#4CyGTZkYPf&vE%EaV
zECVL5!I7JQI{XVYZZ>*`5pi)ZavJYO*cgU4yWz@KyPCpaIbxIT71)s*-i#m~^$8~w
z#VJ66w)9MciC#7u@ly_2w$rFj9lkQ|Ue?0q#G*gOoo0S`E0JC9w3y13-|zqo#@MTb
zM*u(8J&1$6B!8UnNB}WA!uX>-=uP<1_!Zh0Sc>9}`NMBT+?pef?0*pz&>w_&zk*T@
z(J<d+23zu*5rD%;{o&gf<3xq_cou-Z4u_$LHR#D=Zd+o(M?2*R^cDP5#lkIX8y>=i
zOPCJ8wMp=Om?9-UECT%zoAGcj)5ieQXupwYdVihl@5YVUZgQQSUcH7_9v)%}K_w}?
z(IHRjMsIDy^BKonj|j8)QLWL#jc&*cA=fbEpOO%7bXAWRhu*=^W4FiYzzu8xS_42D
z>W^YlB}FBoe27sVh!bMD;55_&<mp*-yy$c~(5TNA*Ne^+*N@H+Hy51+mqNl+beW7U
z)6r!-x=c@(>FG*3@Y~AOvr=+(bxN)p?`2g!pc%N5P2-o~_9(VMGA~zt6?C9x>q_P#
zeGod6$11oYcZz~?rU;D4X;KkHk{%1<iB2UOz7aHlGiQ_brvu<g)3FegMndAUoSrI6
zlqyU3A(jPggwb93Rl?aur2PckRmo7v-wAgh!A8+R*as(nytDGxtS*s7Csmmfi?KGv
z*1mw;J;GX+WFmKN;~j`MiY6o<noMq$)LW*>V958-4Q;6$=!(EH0~dw>Mf4o9<UD{a
zOVV&KM#60!pONAV-XBSH$H#$+d|_-?eiz~kL)-ZBv81tH4N~p?(#D@aJ|9|N5<M45
zAj{{F%BMRmdXrF!p@dlao}HraWoi08OZr}`v0X_s30WgHSAOMAn?%+)=22NA`r?6^
z@cqz)njpL%x882VZgiX#_$JUw^TwGeqs5;`N<o*nFb1q@{yPH~*V21tieB8eo$&LY
z3_ls$ZSi;ibTMN}6W~YO1YliIyB-w&3(<Z!Hoev&5}3P=ju$<j4iv??;(F0}a9I+@
zqRVJ>Eu8V`XMAhheS;aOPN1#9zod%W^|9zkX#-xHc1ELI4~(E|1065gNC$MC&wP*{
zL+LV@F2m_cc%qNaO7Zp;Y2JR9G(sN{k1M~iJ|aq25Xbt6*j>p(K#-9eHK_`+MwU)b
zDN&}w?t#|%B64C!^wbAzM})#{GUSR2{#aQ!J4G)aXNmjeACg|QEhcc~H)&fUC!%v0
zYTDLUkU(|LIZ^|e3@&hQQ#40GZ%}qS70s$41bmBBCvU2x6iP`Hido49AD~NY5mOos
zX3bqd5p6aF6*np8b5iBxyC!ite}Y6TC*!;FyHGh9+Ez|j#E|U!n0QYjYkN^AFF<NY
z)&+FD=!I~oRS0d@DvUsxk{Ai?&rQ*OZHo5BFPJ^_3)8vsOZ`H;uKey*zc4|fUzot?
z7a2zg@52X(+_d5T@Im^F+;Bage@VIj_<JjA?KThF*bz^*VLc4IHl=Z+3z4&vl?MZ&
zt^D?)7tukxd$G7)_-p9BXbU`K4CB*fT)K=*myt0pYcZar5Sx*9=Q%0fy*kaiN3=j}
z2d7JEIA1~huKYGWgXc0vacYEFx$@h1G2Sqs{lHvZ`HkBv32=oB+g|TiY$7z(5sbu%
zNPHW`OC%{T5vUg@_hG&95ew1rs^Q(}C5S-lJ#;Xt$%el}IGXiEgn|JQ3RnF1U;s|j
zoJ!!nw^;78F61&$wE*1k03eDk1_E&X65=5*o@RNmHx#c;)n6Kg&?R_)u4%|3c9JLP
z;R-y~J$tPi+7WD%Oy<gO(k9KA0QL?;g=IP>*vOW^3`Q||N7tSCJ?q$@k;fIV#Wk#9
z7sYG?;Z7h9hP*!R_6b%7%@3k%j+_8gzKPMJW8Nw7<#~`L+EFPMgqN<uXv7~o-U(OW
z$%ax6=Fd-oMdL{NT;nVpO3XFRmfz>d?{nq%9Q@9(VPW9%$Wr^@z!kgrv_M5(JK|FV
z*>}iO1I-?B^}&|iBTJgg>EFhJU})B4DyTpob&B&d@~R8Ef<FN{rC{|N5;G^7VUk%)
z+Iit05za=L3eTp)nSSALRHopu{m9>?+8H06i1llc6rnB|+m+v>E*}MYbZw|hhMKy3
z3_$iHPIAW?C`|foN8ftrZ61q4rN%stsF7Y=pm1SPhFKdr!c%NoM51;po6wzDHl;Fg
z!!9<DOUbJnG2N2zDitX^FOp^0ULt{Of-%wU_i-Pf85irT8fIMFXZXhWuB1}^Lz_S0
z8$;Xp#vyH3L0W4WUd9q2UvV+MKNw*g-&f&^g2DKnFis&^tMPJ^M%;wfsZ<?bpRVI2
zOpiKdd{=(=&u(OVu^aiJ+7C^EU26~y5$AnL7t?OWCBtec!IvU6y4Ne{c+r(`SYSfw
z5=>X%vF@2pm1TRnEQd1Rdo;N#NK{@AQB1DjQ_vzs>I!OHzY=gsg4t?~XiQ_IG53vX
zpA8^~dG^^=hDvdvYizq(o1*iEG@YUF+-)%do*HDXGQOpJNPS4V61WUn!=*?-3Lx*6
zg0%S*wG0K~#`)u6^H@ILkj{Th^2f7_Nao7#Lisb)$fxEn0~onJpYs#R0Oo4uF2Xwr
z#32p>aB?a#G)XAxQ2e0H&8z{Bo)6kO_3^7!ANMw|W$PDBEn3)bya6G8V@`f=#P7_}
zEI~@@XPFsi6?IxGT#fLEKoIgWLx{uyA>#jA(jn7Q{oygBiFN<P#xaki_4_s@`Q>!H
z=o&h(r(R)7z)&^^2GeCYT?tR*4lnY=^?p;j-q(;qjAMw$m0zuQ*hNI?%CCZ8ixRsl
zzXH;643nBB!X(=8HLiZkSkBFyiaO>W2Q^PdwywDn;b5J<l07A>`dxJY2uwYDfmyFV
zu=ZsDB()DE@k->h0Nx}1CV0U=!T$%gt~9AJbt3XQ#fP424%8*nDxmIFq)t+&33@`Q
zL4#ni+mqesS|Ek&zM8lb=yeKx4WURQp>P?QehX(b;g^#+8Fhg7#meqww}>Q+9_>pq
zO*~omC9$HIT;>Z3MKrm{Z%KagD=P9!&ehCPr#7x;uJXCjxtckLxNoS4Zzj@jL&NzZ
z3F$G%HZajn-RLOcwMc~Wz7CEzn)SAi6>y{7>*1^OISUy`(1&42x1;YLN7ut&L-Wv3
z@u4MhTIx*7dCjTxyEEo9=<nB03^bUP4m7|rX2{V8kt+}$;!;mjJ2BMqcECX34RpNd
z4RFYDLg^ArSKy~|@+6!B5p2A3CP>`mWb=&%EN)W6Zv+_G++;%OC0_CGNP5)c@baH!
zU@{JkZf11oSTEE576QAhBuO@y@VWgD%hT7fBK{urc9j=Q<Z)(6!Lo)WU`IFO3uc}^
zV-7H=xF*JNFuh6sTwasq_!qJQUTb(~Fx-Nu#6UNNf!-7b8W8>AR;HJJ>;}jV#~Mk|
zZ;54x*6k-^pKBiO)VBmhWg+~h43~}c-q;d-Z8IzHtTkQ=OVgj}MoztMeX;N9i)b<p
zinon#w8>EQZvu&^lmA1<i*AL(Dj}3E!E^;KH1iBH{}P(NO>{DLBh9~weM)mX#g&^<
zS?^$;+33wC4|<uG_<v1vk#mSW*@1H_lcna)IAu?^$~CcH#{kg1lc*q%Zy^p;l&qdy
zLPi521L;a2R^Y5Pxr>Rs=r)t~ttJ}5jBfo5NB3Ky++Plq%xAZx@uIhxxZ<L55k7M$
zM2-mPk%@``8wtW~q~?BQ8yWSyH(Iu#7TzxS%u(idz>~$vM!HzoiRF?0lr$j+Cc}A3
z*_Od(kPM@l!>XN0JBr?ks9^THm;#e0Ge5<d+VB<1p^)!%kYWji%g71kuVLs1H5U|K
zw`RPX_}u6{a7Zh?F|EKrKQS^qrQ>gh7gW60gj$ziu8m^TzAO>0;$GjOwRLY8TSPPA
z90{O-=8b5u=OuwRGLY61*Ia@7eZ-|&itDVbEdhZTac?wHk%OEzgraypt3nT?WTW>R
z+Qi*$cq@;EV=4DTNlZ8T0AeD;51It@vdH2;-+{Eq9Jm|(J>!9l519z`GotuuQ>{RI
z!c$S`$KIP*G!pE~FDK8K$d_Mhu&7Ox%*_*BGIz%K4YBcSe|F?5jmmn=0c3AR4?l_@
zbBKQS9~kdrFnQZ1HjiZt<%sF$u9a4gcCXEc@+D~EDeG&QMAd*k%CoAs`G4AT)3-?j
z1l+*@Ng-yCJ2vPgH2%3g5R*o`P?6DxK`EN+Kf)pR=%p)u<;7D$BkurrFOwSzWhGZ%
zbaz6&_C7h{%WE*2*w})8<82fZ!IQ97blsDH?=@W8mCS^jCY}zS1Swhmb{Yq@Q=6-9
zIpE@I@64@W=Qc7{c$dxWvb?LfUU(aF%i`T~!+`LE@b_e8*|qr`Ko#K01VVFD4Dg#X
zOmbxm$TeR_z+4Q-H{VXc2P^=h`4O@VlJ`+@z35}&`q9V5%|)LOHy?cxE_uoLbQzy6
z<I`n)x{Oa(;w#TTh_Y=U&&^!H`(p|A8@CH%nOGQm^eYh;V|#%TmDa!|rUpXRgM!X8
z^%U~D9R;1{H{LA?Nt=RJ`;GSqh-4}V75pv%u_OvQ&~Lm?KqOi~F!q)94YpoFQmXYE
zl00oVj#6amT1YY9q{PM{3HF<L+izy7-`G|;mUE3oW7@`n&99-JvNEUVYFk9VCA*cw
z4<RMyghZ=D#eNBNlj-7~r*5D-h`Bpl76!3oDd9t%@beX3?b=&F@7@CXI|C9s?#rME
z()CY<FzXVGNn%U)KT9k%V83Fb62`KKA4+;GCmm7!05|#<1`ReJ23t@)Xn$^|4)^tX
z9yL3?r&#Z&iN$!0htPZR*@h{cXn`WHOi%pG&0<$dZI*pV{D9GjT72%UP)&D10bGR)
z>hMVYyP4&{&vi}2%1#&EtaL7lwO+tnPm;mJZ|pkWsw551$l^dfPsEOUILkl!Tl@$P
z9D7dk1a^NK_X&h&fdbU$7qY^=J5UZRFC_=XKTCKJeGZQF(04)%!mm*l$P12jmeN*q
zqt7Eof6?6f)~}CmjmTSDMe_u<)3}6rwU~$B_$+WZEoO@~TAmqH{yLeXffKeg+HQ-v
zV)qp;tjEXpE$3pw_#j-_4$o*QhECOR&o(dL*GN+q5Ba!vJW2X#rWW3NnP-|bK~Xce
zNGF#nsp`joM~(v(4Pz9F4Sb}xgnQM5T{#yu4}840@%wNuLz%n)HsZfN1s0HYV~z7s
z@S@{2HpAs<??v1)lWRU$hsxa!7_Xeyaw+y{Jk&V;B1)W8jO17lTMXL@r4A)PcHRh$
zQ(cBguQ1)~W($zb`ml-XVsO{v<)=(U&u0uDF<?4rrmMc!o|O(mOi6J?KMTyaOn5KD
zUkvY*4iO>jU^CT)Q}vANPac&W@Yl+i2Zu~34^q|{2S<9ZYAXSxf=8}OF^@$wQ^jt4
z9ul-1oBvbAcC$HCnv!C#Z?zd8+7?j@sHeJY7PwnXDLR2I^UcWostnL4`8K|Q9C@u7
znS=YQ^q}QEIZgIs+%>6ZtiPTac_fnqJ2HdK)6U|9@oXzxUrXx^v}J#OTXr)iBHl*!
zU8*yRkc-NMPumklVbXvHy6TG=1<$<uZ7o|i+vUdpJqNY&YE>(e|1*HsoTG<c$p+&G
z;kefHTxC5jR)<ad7=rhd>cb}64lsz#br8!kv5lRdq7_8qzPNf8hhHhpc^4lb?>_-Y
z8^g)B=wDT#-jL`!w)Zq&Fm=pGW7v!s?8H?8kahYO(5~NC?K;?eGqI7Lcn_!O&IQ$_
z@WR@spsQHNi2zV(uMt@F8vvmi5igs0Ad54fXt#1*=C-eb3_ZH@wfO7b@HO*A9uoUH
zzGfNFd@*key^yzY@>X?)-Le4e{e*38kN5orU=I=YqV{+L;e6OC!Y*x(w_yR;)r4Kr
z9`F4N!0sTd*&gqY3&8phN4%N#cqc6Y+d$aG?eVT%0QR8;U_V*_21|Axz7>Q$$eUUd
z-fvz2b}eBKwa5F+0<e1sd$>Jbe|<jeNWxYg*p}}Z3&1WQ>{j0Ln$UL*VLRGky9j%8
zJM2@0?QDmApRinezK<*b>lsD7uJ(8<2<vW#ok3VnJM1FD7PZ5+6ZTlpR*p|B0Q)6j
znMzx{U~E3@jCPnbCMnjp(Y9vAE7T`mAw2O4&52jYO}tVwiB~Eh@e1z~udqGw3da+#
z6gu%r*~D8z%_R5g7H6p%nv{9J+8;iEu0yN*%C=}FjmBn>t1eANySy!0mqugD$XAC`
z(Rhh)l4-X_V`C{)SEZuyUg0EKUsmI>0hP1WHAzIVgPhD)pp*G0cM3Z?WbvE4Ww<uW
zV#c5!3y4LELH7%Y<j0`j35cY|AO||FCf6Oupk4v-Hs%<_M=EM^8FLKc^~^Q7i#Z1I
zcIMjbpCF7eXe~ib1Kf}8%Ii=b^sVURuftA)qCeW4r9#({+}I1822_Ht>PeOchq11<
z0+lw&ABKg$L>)GhM-5Dh5*vo3IM@$sA#An=6tS-tE=!Uxp!hPT0!2imWWo04=8E2o
zbP!I1&r*z*jYq~%yt29G%$%o%VE^_ksTI@<8w3vNqHW;Do0)5XwB{<h1EgwQMOSf*
zPw=5bbL7tFnv=*v?L^74;UoK*&jTR`dB?zm&iWh3r8YS8A^5I3L!aOz2vc5-`(Pen
zK+qC@<6io7BKc7;N%~@rN#06+>qKDqAOeW=TO>UjeVdLK?V*EH2@fGO`X)Rah>6So
zm$uN4FxJ9F{s;>HiUAfZbEX*`<W;$XMEo<HHEjG8bkw_Th<N=OX9*}83?C+8$w2Ts
z%-Egz59a$_ldrg#FlE?`$7IQX_j`<kFuIL@XL&&z=lv^i^<0jR6mpp!P6mrj4p(iz
zLlEb!^LUYs?gX;9^xtO=c06ms+(@9{iMZR<4Sxlyg&QLQF3=}MEcr|qNluFR17bHt
z{2`G8jkqWV!)6w>7x71ogF2;)dyi6O95!V%_XOc4fvhcKTl9oocM;dA?xi<D=5QrD
zb1N`6o#Tl2klA7RPZ7b4JENcQ8<$GM(OKOecLMJ21l$7vOGh+XFMj44(7cIb)7HI!
zQu63#FMB)Yf<~W`y_D`q<K^IF2`9TWKN!-VrtvSMvmAKKtOEo~bvCX+WZXOvE=5VQ
zct=+9Q~YKOi%}_a0iMYn77wpYCt-Tq!)<`8GC(Z|n1gNHqa+Ej*F={IhR7`Qy^P<#
zHpJjUa?+$eLl~~wRu~<?_$0GI{(h-No?Ct~_~AhYVNa8_X5Hy_k||>yoTV95<o1Fs
z4hH27Bwo*_sV45Wg%&EXVOd6LaAUd{VCaG#@G>t)zFTpwXK(q^z&GTRF5$FhBAgKX
zyqIkXGKrst(%h2gL=1I5RybeWCCW$yB^UAAv{yH?0rc?CnRywO)S?FvW<DR}r<KTm
zr)Ty){HhTC3|~4iBES{Z=AB@je9N3v^IwjJmd7PTMU@_kBXNi>{Ac91S?5W94p{cG
z%PE9MW-p~%!qYdi*v1vzk05+U{QiZ0Uybjfb<r>3%Qaf?6zfknB0Q-gj1%u7#G1Na
z6FM!Di?^{gX<j53Bc0}<Z?;m&j>C_B#cW#4cogcC?)ELqCNSxspVe-RIbRT`aT<qH
z6d}(nnacC05gN<0fJL66M#x#WaUx_9D<SGb$ASAOicqU9GFwA&RU2x$`4u9%9^z`k
zOk8ue#Fu%uCUvMJZTti9K*))vaWcNQlpH_EVb)*;NHm1*Fod!ZC<VdR#wm!b>5PXv
z>c}p%De^gd6nkimp5k39Y%?YwOcfWmxKl{ZS{y9^DN|quN<StnWE!)%Y;&g|z4Q&5
zpcfM>l0ZbNSU<%0F)8$0GFfH=4NM=0gxbpDadauva`vma4EDWcULbmnm4_9N@=hd`
zOQdYI6|0LdPmvp3IanFWt>x7feK}nGKY?BDaoj|-yYc~s>C14zi>A+4%$qu_&6zvF
z&TgEMWr>{@v&_%D40=%J?6Q4ckH>e`8G7{B$t_dDKABr8XPeg}N14iENtDsyO5j|c
z5YU$geyIUm|0L~wdHs-rTSkK~W1bw9x4i62^eG$@_skdGi^uA@c%~=5ox;YHxYfza
zPT_?^Q73rq7nevG)c7FYR4{VoL>S+-5&_^+`|1%KRohqf%rBsegX}<&7A0b`WiugK
z9?hw*tB#k>nV{Si>@0WTdAY7K8XqCJT;yl_$pvI<*zm0s8;WE@k(XO}*=frM_=}bg
zMd3p_Je9hH6`CHL#xIw&whWmixzQd%_jwAE$SW_%qMrXO7<PfkCFMp7IJ9==prtg5
zRB{?T(O&Hp=`T6qIK*JICuiS(s;<HNkFn2}6ZZqt1M8NpUwr<abWjyr2~|JgbppsO
z!V~~GwjomQURR|Xmp@>ZtT3I|TU__-%nxmn)3Nzr)z5u>*h9|C3pq!_kjE~9RiLa7
z0ydn%wAjkU5ISB+!;|*-)DJwGUO(9vq#7W%B-uE;1S9_DwKgX0JTyyraV(Yn=s{o-
zKcI%_#HakJMn%H~TgR8H78B*iW*3KT>C54{&7ho<s{vT2Q`O#cd56g8;&K-E+H^yS
zkOq5s4G!Qwj2Sjh;$x{#&-d4^H8@4n8N#6Ml%V<n!4#}~;ZA@%HV>)xZes_jHtwn5
z9RK1T^fw4{aC=1bpZrKKDm>H)c(@brYXI1T5{KwwKl1|M7X9x={{g7!1y4vDa-fu`
z<wmaQk`GSO%Nx6lRY7l%6Z<GO=8i>O%Px54Wp0(krf|txySV>=tm8ok1P`s1zFxX{
zl1CU#Hxd+^ZchP1Yq}l7Z`!<m=1ZX8*k4RG&;FtbB>|qy^l}M64KpPLZ&4r>ibU3!
zCJd8pF_a|EH4D_AGZvdU2rcL)?$MNrJjOy~w0fDNDhILQq#`7zI8fsl21<doJYW3V
zmuEjIrNy{!Lid+3Qk-2XCSa}Mu*#4rF{PrRRy51)%6kVWI^>*7XYOVH1`}>9?_Tz0
znslY+pQsphb;qo#spLnG01@m`Is<xtV<c-hW^oO;9hpymqH9*P>zQWWn$-zyD;{X-
z>`Bo?bmd6M(UlA(O3SO?van-fF0`ygJ7h8ReY~c%{w;B-=dEcSgcYqRUXch}GLh<q
zR<@3RC(6>k;`DfnTT%jOLRpgWwG6(HpIY!by&b1Uo4;TduY@VOcC4w@F@M$Hw<Fx!
zvY7OXZv&rRDE%T=z-+t!02wCZF0Cb9FEfi(&|T6;!W7_Q=h0uFxTV**teIru(|%0h
zV?Nz{DThoc<O}}v+)lX<LLsy)eDq$>UyM-Bn){S-Sr203!CiYvnqr^)fo6T#7e&z3
zL%W6RZkH0+2%zN*&&;yja$FJwy`(E-t8WJVS|Z#`CF%AH8EzU<Ystq8(?hUke196(
zj)F)-xm+NPx29<pf&iAA)Us4Qj9SxzNhirMmZX=WOw;K49n`e6!3*K?&-P<dGtuwa
zdfl0ESToTdv?UXyW5Yiwfbi5kL4RBj`d@^)Vpd1L#Wyzbwdgi}048dGbMh`bq(T)*
z9848RoF8j<0y?vqWss{2bxip?q&H*AaUD~37i36TbP770e3ZEs8fG~8XZQ*-oGjH(
zG#%;6_Kvhak|a(mE)>R+Oeg(j2}8+egG#ID#$b^Nhgys>RYzqc-1!UhPW%vR;>?LL
zh(^eWcu5?C4}$Yh!-SYCjtJ6+Ui3~Q`teu{e&aih$e0SA${<ijCO@P&Hcn0Pisu7#
z9QIel8a)6zl_P#>o_Om9-!a0Na+<A59q(aNQc~1OzwXJLtd2{Qgf_O`yM+5k55aph
z$OFsCBokM_NS3*|jXwV2GBVyIs!_IYnfMM?N-N=MDf-_O(=TFh4-2R@^F!!#ERp}W
z6o#Az|LB-mAa@j;Va@>4i6@5=TH`|U-Pd`A1a4&%#bNXybYT1dHaf6TPbZbIfP}B5
z<{X8>j75pd6{C}94fhton4q{vBs_)1f=wDemq=+du}!jX(=gtMQy*XyykW=Ti9aP#
zr}P#b4{FWWS|^}wY>Lz2!5WZ)o=+KLh98z`Y&@ecfwsa6O8A^=hPT-ft28=I#w&U6
z23gB-F%up(;=oS1g}bX&R>NnKd}TIupQ6*4fz+nWfzt)ds%_XG6EK|+VB(Fh(X0$5
z20Cq;2qj`68Z{4d$CMJM(QNwg91x75+!V^ILpfZ>L#eY7bX>=|Yi&EES(t~Si%ikN
zCQu5gymvG4UL<8ZXG_T9F<gD5rN&J*HV0hsqYdiZY1FqPdroO1WA6{E%%+u@7O5PY
zQf68R;Y<tlwwL*ll@+OG2&z;%ItOVSz6<G2TFLe;Yu=CeoRMHlXkM4pxyVCJ6|Uhc
zWR!J}ogb8Gn@IRyA8V_dlzLbgLt5&_kV~Q*O<pOEq6{pe(4ULTdAKR3v<40uMX|v2
zmxmp-DQLop`{dom<&N7Q{vGJoaoWj9&p)#+Bi$P=uUabenN{6+*EyM)#g@1O(e+{S
z+l}yi02go$fWxUkdbQvB9GQr1CbG|*;95_$7xn68zKS`kE!tPPOx+)K(WyjPIQ=El
zcWrFzyGpk2$|H_;T^!F=hbI=5byM6b+!=@)Tr15xka0P6Bbe!y5V|h%B(+YR9&7r#
z!_$3T3DhtPr`ju#rGvY4C+r$dm^yE@y&Sf(S7G%K-&7ruG4ZOse+iJ>sE<{G3R?6@
zNrKT+omLKkqbI7HlN$y`pUg&gRU8eE1u+h~db)n&1zg*?3v-YdOr&DvBBJu~E`>&k
zB=#ugF3IVN&c}f)rKtdzhTv%#e50X?V`raOc?xReP_JNt14tc98jJ?|{yCw~;w(xU
zQi0pfx+b5bg#u;<z|jz+8VRc|s_d+v3@J`h#<8|S9t~pJgqn8i&{ka5J0uT0m}I!Y
z^hJmo7p$8^Sc-bmo<(U-KRrQokT`e~$G8=`N{?;<?Ioc4XjGO6(SasjAKezELb^PD
zpn!DH<!xY7y2fcyg!xPeT|K*`(jhg#w$`T4h?@G0@-O;K1c~~LAEM9rVfC3yoh$PN
z(1q!=qDL8XrRq^h1U-uB9_mmx^Bj}T2`?h!TEdDJIRO=jmum3A^&H_1s$lYP0ELkf
zQ@L$8hqqu5yV}dgVDO>+0s2+bClfzL+RtsvgKI`fKBb)GlY2t>$PIDc#CtTqmm@#^
zDKWv;BM(-3Q6a4I_`X05kEDvFl)?BIiY8(qMMDA>K729Rf@f6lt&oeROe%tq0rr>*
zW~W7Ivl-A9A%BmB%Rb8Tm(5?RNchXT68`c7>}N1WTqPd8*o>T^5xF+tWnKt8@_v%k
z6E>Y;HXHhb%OG|^4(85@ios++9Z%+JCS7?ESlG}eld??O!YX1$$jKT;6QA;xmm85M
z|6EjRVrJk$BM`}#7dI+vhz=*6E~HNdHjl={OwnU8kcyBlSW5ZRHm~0r4SCRhI~IC>
zEA_sS#kPE;6t+dss!{|g1FUYFN1LT&;&E@ZpA-Vyo%tw$P{n%;w`ftM<x9Pzmer%b
ztm~(}2Xv|o1mla5I%x-O!XmN)!N8DOV^BQ8{}%SJNKjkVmu;O|wz&_Sk>*dGMvXeQ
z)S2nxn2{a@8MW(C?MfWZ);4_c5<4{BZv?ZbI>}J7GMHh6umH#sk8$uN9IZY2W5vmo
zxVsrxOd@D0>9ti=+hH{XhcN}a-;Lt4F17!lPUBFFZd)a*I4n0IoCcv-z}SuD0P7w6
zp6ae2o5IN1YSs;BsZ)^^5AOTD8yz0Hode&NvPEBr0u*E{#4l}s+00id!1&W5$<$oj
zAqdO<FZB*A4b{I$T=+-O?_x>SST;$kp@oB1v#-8H?bj1gCb6@_m!PzG4^Qg_o6YTw
zs9IgxBF9`8Z>*@cRtXR_O=&dt@Y6f-K>__0n0;OBvTatSjJ=Yg#6eM`Ac@OEt4ZNJ
z6gYLRu|9|iF%b4B%)JsuWPVPPiPG`CiTi42qYY{cp{?OI@(}Rac^KW{>>$a&lbi{h
z`tZHL{UVtsV`mImIFYiTV@W(C23TcU`sqp$iP>>i7vaGj`)Qutu|YjaP)|otcM{ay
z5!96gbs;Eea@u;BY5X=zu7-(Y*6tWgH|f=JxHl%bc~AT)_2FdVd8JCU45{q&QnZvF
zGe^9H-!1+QVGGG&yRGfnwt6y<B+$mXxDzl40GB6-TKbyzfwwOvZ%y7oG{iJPRE1-V
z;+LvXj3=&>Ju%D*w;mtQtuT_U{9-dVE?2j^Vz4y>R|qjQAMBLP=jzi~6F;kiV+t{j
zS&i}I6`0E*4zdD6dhH4fMi%ty$YLuv5sxg$9^t8<c?HJ#?28T47F<(d^r`u4Dy)Oi
zXMhD#8Il*?Is*_?l7D9E(SceNZ}?JBscbW#K?RY8fRLfX2jFkYL~1c$I4cl|lK@s?
znUbJjyay@yg;A=+Q9Oo_@CvpQji8`G1?`pE)Vc?Wp0^-GUT{H3Bu3;cE;B(~^I;S-
zX`ltSvD+eOJY(xig`hD|2EaYTM3o&AMXFL(QSO(=UaAA<ZyknEK6cUiE%Gu<wfB7Z
zAIq%A!!3A3W(Ynkz0x-)Ypm<1YTL7T*T|LU1+sYR$dyNrvUvW;<--D5&&88Rv+m%E
zyt{No)*Zs@*lsill4{M%<A#K>@L+fy*sAt9_vP@<YycWZZ1Xw6&p}Bax76i?nU?yb
z<XaozXeZ$CPC%^_Q11kcbplp&0#<ecRuPa5uazRf=E`PrXcI3%TQ`I1EoPHZP9}e6
z4@3M_72_F!XQHSc45UlVvA4$>$LvXxVwvcNBKo>WN^W*3v5a<K(y2y|9ObAY(OpTB
z9<MSXqE4hs^8Sb^O+4<Z<4}83k~yATLbx(k*%pNWC>}f3ZL#clYQ<?0nGDqU0STmo
zf!cO51$sm>m#3EAf-K_AN-<4TmGp4$BSj$Dv?M;v{>Y{!$O&!Q0ob%xLg!#tMXFq|
zP;Zavhw&F9CtL51L!1^F0uou(aOh*Jqnu(hgSHl~1heLYa0eBDeru9>DP|8rMAOJb
zd;~L(;W$t-<YM?{AOVv|QJgPD&uTbOo8*=z-H^3v2ICM6x)=$Q)FgGvEE(yf6LxKI
z{@R<k3w^;dr$yv>6GM}wH|oWlnfRV1N~qCvhNv2@^Ea3ZZI}vNpfZbD`-RCX*0=D<
zA=ELmiC4SaGS=eSSGy8?-`P85MhHciaa0b~6DPx&%dt0dZyS|I+uk<rvNU_!B+Q6Z
zfNo4=>Q)!;E}_lBJZi>qWlvHwJ_@L^+2GC$>;yU8c+ECA3aSKQ8(fP`g$E^>l>$`~
zrg5`N3W%Ac059F&ATq`@M<2%SG*zH;gGb$F;T@p;^;~A))chMIHj5mKGIf%vHm|$R
zi_c->;o|R`5EX-gggxCIyz5ElHPwp;n^t{^RRvii&bX@Zx`=q^rqXMZgl)%SiLELj
z!-%p@a|L}~{Sev4#I0Qv-?E357ZC%G%P#g&5oOQBcZ~=-E$SS!PH8?e)!(=kg#o#Q
zOx4Usy8U;s%Ct7q*wY+JF=QQIoyynE%^-$jkHaIof2ZtE+~H-9e-#8M=qto5OB#!?
ztRO5ybLqntIA!DGv8-6H3d@R?WkpOamy7ZUX1NGV#WHMe@?qjmR-kaC*9-bYM@YSu
z;ub4Jl!S;9l9tMl&d0Ae=C6psVNp%$v)VC;gN-;E{V}iBggEI%_*|r5!V{KhWKz@R
zoE?5X4YF>QLee!pZQJP#*lor?&`vC@-7Br-!qe${&X(z`xST)OhkTamgDh*#usUZZ
z@#FQtxamy%K<95>Z1RUv+XSUNr~;c?NE@f*Y$B#%zM^f{Ume2d2di$y_#wUbR&<I{
zI*EQUdvC)VsU3uKJSxHZ(23FIn8ehkLw%RcT!M1&&-6z!dNvhgz9}Vv`4+0vaQ6Ak
zJl@Sq^%r~gWep%t&f$F%ZUg#u<^gEaqKjJ<n=e4sH+~K8@_Luw{OvFB0;BjaqqC}n
z;n)B^RvcVE2MZ7@!fbWbig6sAT5(MMB)_>ONqVH;yd?33e)G!2H|RHCp7@Z-Yhs`F
zs+H-1@U7ULT*98knRD<F2p!>v@!1&WKs(py!}s9CPjN%4Q0EJLApA#w_tdT$+(vU?
zXd5lHVZOb-jrLx3%{E$kGG<EM-)nceAA_*A0p^nvKy-BSt>)Mfoq!_&pan%Vww=H}
z(!F|>=qP}VWq3+@*#%03`Ix<W>Os>~nC#HwL=nC5{yj5bgsC_O&gmkLj2oG?eGfW(
zH)N1jAAvf0{4!$4R-b@ni#m=Yhwo%$%0y1?HRgOQHv*g8N?Zxnx!Cxgu5U7D*|(D|
z0$A$ty6OkvV8RF<7sTr#aEfz+b*G=3_=WPr%b*XDajMf=4XVbThK1Jmu&IQ%^H)g4
zgK7vuk;zYMnu!M^K&HYIC{qzXFsj2lC>n9WFpaMWG4-6oAeZT+oW9&~0CF;%ah`U<
z-Jqat+8IOTo>V}>19a>fol`jP5b~M0_I;<tN*;waB6H)al=9dGCt<tn!?(mx5AZGx
zIg?(jFHw4hgGQg(2i|#C1CgQY`jL*?zQh9H&oPe(MJF?3JMs7QwCCCMh^X@}s=u=O
z<USxB$H~HH-#d9hj_&OI1Dct}k~@Gn5A{q0+dG6PI18tdSbA@eNS(@FV;uN^V?A-$
zU4h4vBs@R{hYd$u2rOL{*l#1Y3M|S<{fjqXaA7g#Z(7GA63;Tx#bo1IaLhpO0v+ga
z+p_Ha>2mNPXGzu|627_lha07;Yp{aq4{rl*tf2bI3aX#5z^<V3@W~09oJ**s`hrWS
zU7&=Spavv%vV_WwLU$!)w>9((Mm7toL@x`fs$WilH$Rrs8wb1a0CaT`_6;t3m*rn>
z6gN4LgBZl>1MuXVYdrnYN$~M8?zSUXv1pu#P)&~Ks_>2WCXNwP^@X2@SVvD|)bJ1-
z(Ttudsq~j%iO~2xI}4n?`5<DC44vCOw5~5(7#na}6h=--Q4a0uQT-WsV3afB8aUU7
z$#?y%OpWwq@#Lt+FXMU90#9s|3qu9II=Y#!j$(X;cSo^`Ht{($=4X<eAUai?t<h=5
zeHLBI;nUNeGw4xr@J0+gmZ~`VnG%C_DC1~;fHib5j{XQ+xya$?Av2di4oxma90bJX
zYG{&a{1fwxN}Dx0h?jT$>LLc&){JfXfXr1-SYLu`pu=AP%Jtm9&x(`ljrk!9;A7{Q
zd@xdxdbKsj81d#nE>n<`woDi~E>=jjw=k72%;jPK(%P3%<In^y#<&JA<1jZ2hv?eH
zThc8;2%D#E?UtP8Ofwsutlf&ta&d|uvUbal1=nuVX=Uw}G0oboBucN{+PyPQOIk>a
zH7%=({E$^eejr~4L$$-$`ZOzt^XF^8NMoBG)t26_$SMx3$npdBa61mO==v4lax+H)
zm#lHN*c_b}3n6syL+IcK=wPr}-E4dYl*sBPb(X$k#{N|Hshp@$4JNycso1cL$qzIL
zgUv2u3PxE`F!Kwaf*1<!A(}Qg7u;_uW$Y})tQFF>T8JK!*fnHY8;w+()HKp3CA6|@
zrc=nKU>tUSQWxPDP)1;+&S-p&--0|i{v%+Rk&i>tC^bP#n-_BmzbvVwR}wS=h~-=~
zn`xtVnNIQLB_bExSe#_tQ$w+QssV;}O6u5tQKF=g9z&V}M9nF!(p^ar(9#$hTPGTo
z+C|eUlU0wiVVUUK%8X(#1hNnq3`&bS0@FyEG`03?5^;t}!z7`NS7IAy7V*mAdiD@<
zAjt_Dp9Pb1Tsf4l+A;1ZR25YePsWN2Wiw}@%J^4bffo#g*yOk2AYNs<k%uE!nWZ#7
zhBAyOQC9wwda%4@V@g}3U4yrz%2++Xn_7sCXC1NSf?t04MG)8c6n{j5RG;hk?mm+)
zS)bPfk-{eQEXwdij!Y*YI-Oau3(&0imCDN0t;%|;ve|bU2{Mi~*ycqg0AgkrBc<xb
zplLd3k_N>M0+JwAcc707Pnw`<#~)w?;7=91uH~v7B&MP^y~ZcmWE7u%@4E}cBV)+M
zrlNG}_ktau(k~Ho`Bvq2pFN@KAl?<mKh4fH99CUH0t`S~55Z^v;#dxAuS}3c1xrM?
zt$@q@#I}#ctAAet1JZrws}ZG=n_hfA?1N2vFd^#KE^u72=yuj&SOq&>SQWhoz+QMn
z`m&`+@D9GMIObN@)NoP+k1|r>=PH|VyVTb8qmQr;$z~2iyh{+T+RLrBeRx>03(qB2
z&d<RJ$uHYnLC=jRlZ(O1pXVh0GQ?*;QC(DIY&#FZefgLM;T?1<f2HM0-A``EozFwb
z<$TyV{7`#bb;sGAfai1qo(lkNXW}rjbPH(V8s|QiGl|zOXG$I|h0I^hBs^KpOk&yP
zOhQnf8X%e}S<d_#YD<QtB+f2pZdY2>zP|yw3h$gDxbr|6VNxDH!?h{$7VVSJ1=ltu
zVE)>saJEIJfkv{*XzbMTAffY?2Z@f$gTijfRlk9SATCreid`NQ%r<sg1dV4@J(F;)
z-0;khm13P?jVuqc4J<H6u@*S&(%U+I<Eb+^DlUK537F~xOanl1AsWsN(ABEA6;%<>
z4G7p?$8av<#Ao`xk2<wy`o72SPr(3xK4Lg6<_-oiPvaO<*koghC2f0$kx>lbh<+cU
zN~~5?rF@dlLM!hKO+;1GQJ}4;5(2_BphHympeRbFl~YXHky%-pV*t(h45}m3WV=$9
zFDQqsiv`x$l|c+V{_QBaGD*=4O!K^<o5g%Q!w06r?}C<*;!ZAAN&N}D!e|w|+sZ{@
zjfz#WR8$cR%Y0I9M17!y*MtS0ldNDx$YK?INpf@Sf&@(LS$z^#Kb#h69^0TyiEA~5
z7)xAOpCE;Kkd`M}ymOmRkeV$Jg7o{4(}W3AA~CCfEUZYtYrZCcy_Ll9DUcj?rr1$Y
zh!O+iz(}BBCzmalRKS+W`h@b{3pdbhxmFOa6<EB&)Es<C0nO^0a&3VEYG&vk{LHD4
zoteLh>_Adrt0#gnFzu5UTz@kKrcmq@IcbYn(TI>C6V=EM#B6UIr|gKZ7(|d6$qX{&
zTluj^c9aXN&r4)y{oWBnc80YOd6Al(9`-0C;$wHu2+lhf;Oy%E>J**(_bEDHTDNed
zk4th+p-qNx%I|RnsGZ}5j;2}8?u&_7d|QE)BX4Ssd;eH-Wp7}*ESv<?DdQ-;5v$Zf
zoRs~J1<G!uYA^l6c|dRbhxPo%`;Tz6f7s9o*w_g;9{~0bL}Tq0&UL`{H}(XUc6*!u
zfX+g%vzLiJ?8N6*Dcwm<6q+esxx_b=_i*zu>F7y`OszG~c{h5S<c=8R$gqKRW*eRO
zZ1U;c_#w>~Ac028O)rQ-&5qFnm3C~6;BE??7;EsD7<)UGN_)G1Wd3qO1A1P-(%V7L
z`x&lnU54^%0G{qdD)bxVl{FtQ>Vh0`Kt|}i<thR(NBd(<i>o!&Se(E{1R}HMA*OY^
z@@MBq@3ryp&Yb3E)_BN1<ZK8~W*S>UXqFxo&jo}Jqkz#S#MU}<GRL6|m!k~fFA#zu
z-`4RO-sD7t@Hg0>S#oLW=CD=q5d`N(#BnQ|dJjO%RrleYzz4{&81rUgzCg1<XF{(g
z(Rj#<HuEWPUy3~Cft~ANwH-j)d1cVG3|km-6`9OiKe{MCjCl7h(>cA3xPfB2yAZ7W
ziJ!~wl5R+nPy8z$)Ha6yNT3FN?f5~#3O_Jx+f_Sb;QD_;E+fIg@bhomZIIpYFzf}c
zVSiH)j_?b#xtRkI$~~pYSRx3=5Naaw6M7oNBi?PW`!y%rYwU-ii59r>srVT0G|amw
z1rl#n5|5u6kN2w*pCeVI94wCb!ac`ukNJKE@vflE1veL+%FQKb;N~u8@y*@X1%So-
zfa~KqE|Jf=<^0Wkg`lrke_<IM-Grs&Lgjp{YGXrjY5hhV4DxdFfkVQ1`S8oRf_&r<
z|NNm%ePH?KJU%yc=PR3Y{OH2)$L9w|HJi&_!yx9~^&7Fit*hKPX>^laZXZ11s>dFC
z%)xCcyPQhd+vN<D{aw!Da&DLKuZ5&nN;z&pIc_NhTf2g-EJb}S_L<xwMX5in>{U<L
zgn3*KlzVv)xE^wVY2Ec3yK~hONMl|oI>Atsw-qc@VZ3H$?>}x2Xb()h%?a|iIhDd~
z<a;*5ab83C{zpji&?eN-4V1`{(|l99=f>kUiRXrY(unT-h`_~pydjHoDEu?xCMaiL
zhz8+T2R7fl@wsLUR*mDj;a?azM%x~lw4R8#7n4@jeSjL+#kwd#48THoa~lj`0Dyrs
zU@-uT6M*F1jt}$FX?$)cKDQH}+lkN1tOI>l8QH83ySVo`@Lf*G@A4r%>(B2plnN{l
zVhvQu?Sv}L?NHX)0{LVY$Oi|!+S7KSsT6USb|)11WEXcpRW_cB@^Czf(ZAKixEWps
z>X_U9pMo$wJMs6m%W>O)XGi~77A0B_GX=eFu=0K*8z;s2W8xS?PdU8LNr)%pWqzN>
zi#1kU-2l?(RE(6n75WCOZ-BnV*0-2)`Y!Y=!OcvyD_cPgGR3a!0J!NQ_O9$=s2>+G
zcj1M`;0DpN&vJuXHlBk#jIRP;ZAJKV$oDoj0V$s=Z^2UM8EuCLZ4riRD)l4K8A4RR
zlJF-y+=nyhL*b!ZU1B_q<m;M}>QM3vy8%pJhAw4Hy00N87nZP>-r&up@Jg?Sop^DV
z_6^&mQP;AcYEhnrFqyu@A%j(z!6O0asuN75oc5Qdi_{o7B@Q(<Qgp}f7QJ^N%-*X7
z=T_jrEdc0fihL5D-a0M?*aFwp(~KyvtELixc;Oen=+c1UdU9pAf$Rvh6N>%A+d#N7
zb$4}5u|8@e`Xf_2^yML@2hG1jjl_Yu-F{^gERdDo3c4_?IjsU^e4K{ncN9_yxnOGH
z<?N2|u^0>D;cBh2x7+I5!o=qaBU9Z4?W;e4k={rbPPU<BQW|ve9i_>~rIAwL8jDF2
zwKBb<?5C+fKM?*Ql{L)c+-}@$v587QSarwhqtF3SZ=Mf!MBusUt05TARGhgTZf<Tz
zmv5U!o=wBIO(V~y;oGK>XVdU))5x=Fh!uj;eAtgo2(cl4i89Sf9lsbg#yTF>I;NL(
z{35vX>X<;hG>u=Z%h?L1x6<wnVh(BS$~^y&srx~xdO@*cFI8^>ld88kD=AKQ<&B^S
zaXW_cy9c}LD-EqXP`|0TJaF6=8v?PrP}$U7sI2@tER+G%=yNJq*ga9xm%WZ!&6lyP
z#f%t|v%+NosN$(|ez#rT#h$)Tlu<P4=6fgJ&FzUJeO`4K5{B<_On_+0b`}D)Z8JmI
z3V4K#H2@K76LeTMM#L-ug>rE>45>}r9vH0p=hdS|#y;0BW7S2a)wcnpm~&teB(1t=
z{r_CpVoVjmHH<A8ne~I4{^tnw#erkjq5!e{o`JW!WS{QP+JSZbVZakeZLqAuII(Af
zK?Zf@X>j?c8%KD^ywv<G#!hw%$IL-!sZoP6?nM{V;ZgHT_>rE+ehC3VbP*ixhhuyh
zht<w@!ew&ckD!XH@1I~aNDSys#4aEW?62`mIiPs79KTp<#pILZD}IcU2(}Aynw7#Z
z0%khdHN+2GfS~rq-vjUSfw%K55+#r0L7uN-lIfC{8{f>8MJb5D?4>%7LxY#&TOv8W
zHd0lBEgC~>+jUBJ+d$1XzD|im;FS?NO8dtR?S_{^tkYrzj4kJipwOvE<Q*2K%<*a&
ze)tpju${{1ez8$1HdS_gabzF-*UDgFSdltpH5Dy2yUSFUI%YZ22#6_?&K6S!Peobz
z7au>l95_YJF5^d9&YGQonNGl^0EnI9%ic?l3C-m5Ic=Nru$u$V!6P!JFNU}tE~pIz
zfz$Rby?S6nO(Zkv9UtmCOyrw1+o@$NfzYcn5qhT{OVYUnLYTIJwmb6(UU2SN0_LxQ
z2)9~f1PEmD?IcEWXC9&R)<B4kYaqhH7Jd2+ECi811nL@yOt5Oqwm^+z<}4T;?+6-J
zGG1UVSQU0ijboN3MX+mVg`RMSw4zmo9ZnV24$OuE#5=56uV24ahiy{vG4kWh(_x|+
zb%N}rpb6<`hJZf0iXJ@A)}re{tzFFzJem!saR_2)nkxtmqATH0w@K)*k{7Omt03sM
zDuK{#L^EHvF+JW2$FJ%($zA+lIOz%+hXTQJla)pVHB2YEjUPt0`I(QR%-nM_Pq)Ry
zV{QhdG0}9Fmmj~7ja7;wu)I_mHW}=Nj48eq#Kc~n`YliWcCd*~ObNkLr8W(BS9?CO
zh7(*<%0<x5@!&4F)Xyo7V;-8dp*l{e)gp+FBMQ-R{Gg7*Qh?N5s$5oc?WI`DZGlOD
zV?=6CibAScZ$_1Ay-Gzwm5~rslGdHxIj+nxlv4xXTBo=V4krkZ{`LKBvf0_c;_M7H
z`_S6)WzD~!*R|fx?TH4y;voINzD!(j{GQHU`V}Bk)aEPsp;1+Yw{-$u-U)aa0YP*P
z911y6X$LNKmCcO6<$Ae;$<D`JFqbr5<^;IItl#Zhgba+m!zY6?B>+%_Y;{T98|Dgs
zmk&tAZlB9{EclD8Y(q5uxtH<2n$h!=L}O5(m5_duP4p_3MT($sR2@Oqc2Hk<1SpBF
zWmLRS4Mzd5##g=19qn!21pcO{z{97oQqjE0U5p7mv7OXzA=~iIIexWmOHGI$d6W4z
zZ{@H?MZQcYZJQsDZ?{OTSi6Nu61znzRPb55<#A|ew_6yQO&~>UTdNkkCCMXh)g%IT
z3mvsv*rs_0z7Zi~w@C3O3(DwHeQ4&Zn7cPz5Te6706^m;`%73nLd#}u_H11)eXNc&
zV)FfNTg8mn!DcN73&hGYZJPCGY7cGNq@t6UC#2I*E}hk2^Cyr3ynSnSa?G4L457J>
zv0U^Qufd1d8rjU%C^z@A82LQIm3x)siX(`<mCV;OC0fDBl)cx%gQf)13C3i-p8riQ
z$s-sA{Rws!|5wu3TatZCQsa$riPJb6bWt{iB95Kyo*kaEOWilm=wpEs9t#4R2j6bi
zNbEg!#Eb-j4bu5qcs<;RLl-=djNQgGvND0#fTe-d=h@5!Y@qlf-$_V%>)t*y4o{M*
z(Sotmh9}sO%Yr$<R>{UtkZqj9(*CF&+;|>i3O~3%f3HjeeWY~@T-XheQ^sseNn#c>
z1=xDt7HsUPcCYLK;y4<%w~02xvu`rh0h^oYcrD2YuZx-vpNiE1O`w-<OXWzuUWV$9
z`C^M+8Yd31CONE2eXm827-!v{=-lbOlIG$j0&W7F#nL$6(^Eq6F%%Pd6o|}eA4Oj9
zFP8FW4M9A&lNprq8~DLd-}U^!d-QO$TX{n#V6GEzV<+Gy0MfP*^EGV-_scQQifKBh
zg9wE<Euw);h|@R=0n2O6r$Kt%a2)fBvd*Ui*1_i60cJ}ev8HVvk33XQzY#z@c#mJ`
z>3)=jpF#L6ieC^Vp$MTzR5L$BHA_Fl3tkr-Q<C(?1t5)MN~RIrd@9=lGf|k)%?sq4
zQpX3vKoyeOH1GrMm|_jgte}DE)V>6|StqhbmUR)HE)7envPA%xC=m=3*%tiFp@u)$
zG=&?Ceb>ivVGlQ@%U*KMTcbp*bli0!@!x{@{L?a7esbpE(_p^2>(^vtit0%2N{)Wp
z>eP5`gbIaiglcu#QBmrkPEuUfw<>yD^-^EwDyg7Vu$pyOVTJh?p)%hp4!q$;C9iSe
zK84W84A)Vmg@tE<-SNXlZgewf!ts||;8>YI8T7mibBwOO&NJbrUgs&MPLnt-Ca%EZ
zW@>-tN}Ne)tixPPt(kkTHT*8pSdD4Gb+CCd!gSetxuzUi$Fu&#<u=wc`SHdFH80n@
zfu1E8gWLU$Hni~qL@wS_l2douKft2J0$Z;#w6`}?!Ww`BTam~c7Z5jss9QPz&OhA2
zvJ+vB@J2Mo$hU4<jA~kqEyU3-25G-Kr0V3&gqZIg{0^d9;fSp@34A5a%|gWv!}>id
zX2Q_*Sd)~M=w3hP<ObJ<8&C_n)I2o#5UAoD!}UnNjp@S+*d$W9xR<?)7Ugm7rF3yA
z%=KcMkUSl|`i<>?jGl!}5d26w_HZpwMQ<UAMuk<JRKK4JZhjf$&Qn%+wzT>_XshC&
z+D_af%rRZ||6}i603<7_`{CZ(-S_r$cJB7j-7`DWJs^Xfnb~ETRa~BnFH~X@C5Sz{
z;Os05`Pe8;W)>fGdR&b$iGKwb84_0<bwxDziZ6UCz7UNMvhn>u1T+e2)EFg(!1w!|
zQ&snN&+Njk=>Ll!1KYRiRMn|dr%s)!I`vBO2!;@V<0CWN4n|MC-yb?p{6pKZF+o71
zSo#!D&4D)f^@76c1qVD0t4Rjf?|@IibA1Ll;DFn(&S`*E2gJjE!v;9Ky*XCTZ_n3{
z*ii^F+qBMo*<*eQX-^CLabj?&DK3uY>Nu%VLgo0$?3ImYfN8V2yg8%tL)k=Do%%NP
z4bFwnA~2u}sp-c0S8}kqCw_^Fm#hNdE>ZEY0XVuu#Y;w)sPOs~9Gk<9DZF<D3pV1y
z_9$MW0&R**R4A|M#1#0>u^VJ7=^mr;%N!T71H~9^wa?)h_JP>J8T*gBDDc#um)Z1f
zimTVA>>_-Jb%}JNMhO>V5(V8L_u6bClUc|*9lV!PqIqpbYHSA&a?t7&GMb?XEH`EV
zHH|}~BL=gUSu!1Xk=fApE6~RAMvt8U9VFvT=hFVEG$pWektQc#d+V<jM99Yp2BC|G
z$`6fvK2b&TZOSh4qb?4MexSh>dgWB<8jTS(KHOZ}@WpPTU606up-1FL`>WTR`k~!a
z3fapo+D#d~MsrxK&<}c@N%<@Tt6PVrlc^yyJE2+{;%gkjW=n=OHjp}_PF0`%3ChGj
zJ7(*=jxmz0Pr;nf*{ALs>3%)kUYj4)ve!lcug#cEg})I_?x7;0)+dp4?gS_&?Mxsp
z1e^A<9_wV%UNr7!5jUpxa+vM#if`t~O-W3M>o;0AA)5NUHfbogJ_884Dbm0u2FVh*
zoxsv#@C4J!2#w&iNh_i=3)AOIsRU3zzHu?zheXmi^>Yk}v|NJb?oDn4Pw3l4Ukf+g
z_?<Vv>$Um2YcG1Xu3VN=uf$@85|v9amzQI{1~@q;Wl7l`Gvj3I(<nZ>WAULoCL-zU
z_G{H*%)+2}K`hHi<m8F55-8oRL6l>8Dusw>NG7~ZA;JtklAT>8!4m?koOsqsy{QHk
zh|j1Ii*V3u6D0YYDmRtc#isGSh7^j7r9tYvI~vN*KAZ1|bKH(`Y3R0Xq|81JKRI>R
z`00_&ZJ@CWwH}A06ryWh5@_(YEPrM6(QA`SUUEbd@0{f49uM*FUIu$J%7|sKxA4OW
z(Oc<=+u7dK3;0I@%AM=*L2rLKdwU%teFrqWK*l3&kgdaqbtN4YBJVf4yv@iWt1S$i
z&=F%aRK$pd7b(jD;{J`JnR0D@2mE<2Q&U&xZ6qS-yd9s36M4?Ky0LMfXqkGyNhQ(q
zbL-z?xnPE@kYn<p5*R|bF*JH74YjYKZl#Y*((z5S&PRTDZ8AsgWx`nTLmJ7%$X*sj
zMZ2O$CS`Qozb%|-#lWhza3+du;Zik%(b>WeK!(`DnYhOm&gkreB7#@4g-7|g9!hXE
zRVqX#eO>`)Y~c~nUYnApws66s43J))D8v>{hgt6vC)fK9P!29FFplC?{wqprH9t_o
z`7<yN;tQ-4rPgEUF~zo}KOL}R#-I`?HWFi{2nI%`Q7lZ?#}=Rf9-d)IkrO|WVNS^w
z)`(#adlR+SdMBc}v)wn)qf?53&O6{4|M~sIi`mov(g`}wtVm+&pdF|e&ewSUmcYqL
z(?<K}ZbpKbfq3~$4!do|T8;L6>RVkalKBH)!ep!U8_#Fq8!x8r;#l;V=v!Zi{9vn*
zdCtWyp~?S<)MNn0$P&QYTp%{GoCJeT4tM_Xn@`r{TS(Rm;wXA}!0o>Kk~5umkw<=g
zXh$%-ecNbKVDBa@s1IP*XaT_cZeYas5SXd=?a0>G5V-lL0A5dEwzdPvRwrgU@1@sk
zGyU2vo%gAa3E_Lc`j`T~52%j`;QJtb!q0WtB(D<27W$3Y>+u(u$;pOT4Xohi!+O7{
zGjjt1t00BFsa8MmM&WW(irD!OkrIHp1DVkIum#i%;3F1LFBr&20U5u-u(mw+6EIXg
zGM(1J&z$!*sO{}uo3d7x!{OqpH2#XUrgMlbrv0L?daBp{7-C|BQPFF>h}B!}5P-2R
z4~x<{t=r&fX~8Q&04P{TK7N4dp8+&Y$_;Ne{l?!W6N$fKzhUw?c0(KiuL~l6Y@p4`
z!$ojozsuFw`63r%VN2ni8eiq*B1ko}SE;!OgM9i_b}qu50rVLOx`@{%e;j@lq@6R*
zYIf)a^b`05_0jGAHi(sonS>II&`;unm)vo(5&{;55{%GK;gdyZW*a0e3MCk!H!`%g
z16k2!%e--o2^s~{aSN%22{CPocjIr!bRo-YQ`7_iPD`F`ilT)`K5dGsg(xzLvO@T3
zp`xag3(TT+c{$Ya%oKGzGesR`#;daxHJeNqYL}No9nVZr$1_vZQD!`dqNv&ax=_2k
z9O`&xiaMT|qK-1-1!Ibujkyc8%gdpTXQrs*nJMZhGh7uCrk*8IFeAc+m#|WhsU|oT
zrfmS_ibrZBz{lwt8^G$tts+!zxJ1MY0~^4c!whZ}VF2>T*Z?6wixXxL`mD8Ex};iz
zn5<)@nI(@AC_4LHIQ#V?>TI<6xdA8(a{(e-V)-~|cToaXYKY+=7)^`O*b>jQ6cS)^
zHnb>187%R{t3qz#nUu<A21`6sX!=b&lTvGy!H5^*1R*A-Nh<`16bQzZd85o*3-d7|
zmC~jIg2rKVoQuk{K1%68QA77g{iT}))&!0XC>&ad<RN}BEAXtsaT7C%0i0SOH7zfu
z)OS>-xy$te$iJype+Hs5vn{TxLVpHF696-GOTPY0Mqq|#lBYkD6`0|V<mb<@i$P*x
zg=q;yR3F;D4F*~ELKji|q?p4yv{>~431p9iK<t!cHuVBRiM!q>q3oUzie*v(u0bd>
zsYxJvs*9SCX)F$K?MCEzl=2L5h8dx$&@AMbP;7Gq6dj+$g@)bHgrEH$0XpEo6(*Qx
z1qs?#<&1>(Q@qN-E05)*ggB_$AvOGxW`0>(Ul=+*<Xx1!XbTSGREHXW$KLR4XOQ?b
zV!`-*6F%d&4ZREoW*p?1dor5GK8_O^EZZFRjaBEqxGDiC%rlIw&<1u~=hW8mbkN6r
zTsoQ>!|}9d084D>rOT|aJ784QKX+|+AnyKboX+9EXGoA=Q_pAVY3-2?oHlEB4~*CT
zB7$l=k{8uCZQs_R2cmQ{K3oXt(Baq6v$w9$o}B<Q2Dk%s{x$SKIhU^AJp+Me*t$Q2
z*$KDCH#J|uCu#i}@C8%1PYeUU$&(k@MET0nOM2>74~s*R@wlQK++LV?ghN^MvKibo
zv|W*8&WC%4p<8LpN+C>kH%**&pzK^R*_0$dJS)^wQbW>*p!ZUV%TZqb8HBh$h6Uzj
z4IsgCPD>W|dF_8ev_TNe=*^uGpOs#({dvIUF6^DN9lDVL1*7!}>DT|6koM>BJF8Lg
z`GWYgK2P;pmm?zD2^V5(DnoA0@3kohM_zLN{Ke-#t2IB{5p-Ug0&(QCT01V9oonrw
z?GQb(mAJEW=U;UGpFQuHju?qMfBvrLZQpVJuGtPV=VG+fZCN;nAs-8=c|Tg&L_QIS
z%kB7qPZCPq8zkB+w47dB3reg?CBzKv)k|=L@{45*$QV$lBo^XERzY17tDML>ha<^M
zwpj@3#m1FjNj{4^P3R~F{%k&*nJxPDQ32#KL9^gzaZg4)v{8>RQ8S3@&laIq1W>SN
z1d>y)!EIGSWT5=YXl-SMBP@F=Q39>6;(idEz@U`+Nfpo>clViH6{-1O9f|h&Wzdab
zwgI;3oxj@!NZHeg)A8k>Qz-kbLSg*Yy@+qNS$63a3H+Z}piwWv&u0SP-?0C_<gHu@
zf~key+{8)7_A)ZR_Yqwt&c+h_t!wa;n<&ry02C}++woiP#Pkj`zsJ4Z&ip(nlHa-y
zWN?p_qse)^qY!euh9p}7eXtKQ9(QGA=!ely{jDs$qQCzHa{|l@!b*PAH!yvKV0{fq
zy!O}SSKVKQTd$Yj(=^|XgxkosO62e0w;8w?0<<w0=CyC>jv+uBgJE9#+ubn)Xk#!;
z35(^Tz;8&<SMZB7XI{I@ixn_N!s<&rpwjG#DFDP}mOXK+y>SJAxGX?V+`-<s0zh1{
zgK@n!$sA&|{T(`O@nT#?L+s_eg^=&24p5$`t`wFbej=)vYS`bQPY<mOZm!*X-+fq4
zTUeo%F*1TA&+NhIo804h+@8vo%xpByY?!(6FQ)_#FfF4FC*ft~ZZrX*+x#5Z6zT&q
zZO`G5$foO%{|bcRd3i&b`HJXaTxRhr4|+Lamh$#kMp$|rI?i&K$O0_7gEJTh^X+xm
z^?}WQ#B&sUlgTc~wO$Ve2_NjWpZaLxV!Z4(ApN_ScqK~rccLd=5B-2)$V<_-W5bZ7
ztmVTV%aiG9=25p=f%@m}=#Fnr)px#$B6w~7a_17i*bO;_^G50vRv*_tck(}V<z_5M
zoo_L<5Uu@#pEw;#;3e!I%G$(7<**iQD;;tRCW=1gl+Q<DIINKvQ+Hye^SLWjA4cdZ
zS4r+AI(H?RvQdoG8}9?FkBr_hA;p~94cWeQ1sbf-Hd9$}XGI!plm|hs+YkzHkL^zC
zK9kr94s0h+y|yr1>ZY*|q9Vg(880(B$H!C?{8F{>OLfFARhX~(0w>F)KG;sdbxdaH
zf<afC`RLS7Bwrs@n@HS>bLcCuM74yin|RB@#clBxb-(Ruc0UbH8ZFijSd<6q1#I|%
z`T!e#pdP??{mk!W4}cMwvXpY6ys(giE2v=Q9ze$26Oco$iD88sZ4vjy@(~65iXP4=
za$2ybbq!S*8+Ll?$K%&}jT14Kf>rywAOts$Vpet=T)4{i4t&yh%PZZv9WE|WGJs$4
zBQK8OxYn%u=NO8cqS{2%`Vsa<U`9e5ldx-k4`20NcHvacYrF+Ctn-dAF(6-zAd5G2
z_<J~ZNhe+a+<FE;a6{=4H-|faP4v)J+YXRLMzffF9PFw#U(Li=R~4urvc+w_WBx(2
zBV=HN3?^OekKf|8zYq8%-kL<qXPD<T-ik5^lQeK0Chk()JM=qnZ&Gz`TK4}wmij?B
z*m?&RICK7F(#H;Wr+u*%MvE6@aBWp)T8hZYR^`|%7WbL`L>_O`!vcbEzV|@TIw))M
zCTLv`q*UGFD`#3Cg1?xZ^s|?(^9G7pk&hF>PtKLK2KidK<tNBsb+KZ}-uEhns5nN@
zm&YZF);Z_HF+5OEf~WPE7?#$%4}{|ajo$hN>TnVh6jDrPm2rEYAZp<XDhVMu8lw4f
zt`y}v`EVt;^#SJ8OR7P25`|l^HYPmUHa1goFu*3oErxOfw`l_Z1{mc32mGWvKg5U9
zPA|XW7n!&1%xg1+l}F^msFQ2(1|uqhZb+6as>@j1OFSI(Yg=JDX(Kif4mVGMk4)t6
zm(_nCZBz1`T$2`r%%6Gbo&uY*RLhG^Oo))g5(I`itre75@+8w)eDRRa&hyx~=SA^o
zk7o#G9+G7X1Bl%C8S3ldsUQ`eVkRQ7Q>`a-C4M4(5yS69k-+e~_(^wugbx`_FTdia
zj*0lq1TlUyrsX%?<o8!04L<cpoZn1m`7MbIzv%|QzanYCZ)R!vO*iu*La%Lew)~cu
z;J3sQ1SXE-x8!O0Egs8n@mPL~$MRb|mf!Rw9lz=8;kU%L{Fc}ezcq0WzkduI;P+4X
zNq7DoAM%-Ae#PI-ZzhQGn=viF=_bE#TZ!LHXZbCO48Q3HzrSnw%`7dy>1JL;=(TOm
zmfsQ+{FYdPz{GL<mOL%L#bfy`9?Ng>SbmGg@|&KB-}LqHTVh*&OYDf>nppT9nK^$7
z9N_oQ@X@}&OPmcI@PA~U@G9C9Mw7ev#W9f9EG7n>pEHHu+D`X>Fj?}Fy^Oauxr<*e
z4bQlE0~%%SB^dncW)#$-$&CFc3YK^&^SbQ9^mGdMLEplN@@zwTCo~VE%Fds>e<TLA
z_aS-$qlUhBSag1{vsu|W9qinCAz1IC%kZ=~WL9LoHj9a6*T%zWJr*CHt-J5O8M*Lh
z6L+p^Vz15OVf~&Tx2K3`k$T7|HkO)G9fI+AJbsaYpRNR1vqKC=v&&h`(6s-Sqt>!p
zej-PxZmI}VgZA?E=6+rve`Xl08^F8}vX#K{5f_q_cw96g*A8Sh{~-tYT4L@;@-M_f
zuo|C66Di!)!Rv%Ni9ATGuTjq`cw}6jc6Tb{ZB_vBR^N_AbxMv{x89*6zUCrk<BT%O
zM@o`hIR~$1nu{=6Dj4(Vqy;u*J!u{><ZP#&wYvbrdFG5uF8Wth3KQ$G=cw^>&O8L1
zS)85i_mX%TF9xe11H{f$xth{H^?9(FDC!|_z?_^~N@JptTuRcj*uN^MVl~E}x=P1n
z9pulyg<omSkj}D{OEzpQ+#P`h8VmZbcn}I43;K0D2!)OX{ZfOZko7f^iMFMroMU>K
z$~QLgU@!3rWwC8mv$gHGnqgZJ<rvHRQ(if5?UF-Nw;Rrw`*5<eXUQ((`kJYa+ws~E
z<l-{m9X2<PE&PHsEG~^z#8rW-Dy}MAgW?*5Ye-x}aIF>B+Qp?@xv&YkCV`3TbN%dM
zDdodJvIvngJV&*aQWadEaXjoDxMU-$rO-zuNkqJa90yD7VPNQ2?F|{9q^-o(AlA~b
zF15sba7$OVij}e9sTXMxPusi;Vr?D^$@_RYnRleg@XqYr6D}(<yT3*x5lxU4ZD4_s
z^9=ZOIrx;O_~rUiDO|3Shq94f8k_Dwxs4byn5Eo+ZQfmlK^bun88^{6iDeT6G#4x1
zXR%&pi<eL0inAsBRGL06ELsd^3#q|HSfFu>A_{zL8>4V3#Nup$H<E0~dYL%(0Jw`8
zFWUu^919@?-8?VxSuC^J9E-@T+RQS~!DeO&Ma|CUP*PaFxtm1Q$L10ki}o3aeFg7*
zhv1cL!#S18R8($qXey0+s$i^n31D+yVZhHY&bl;x*}9A>)BdE__yt&DF15jiaJh93
zxI_|hs?3MT1r;CS7F2zRWPlsH7MHwq<3GtkrP?o-8^3}#R<T-rhL0NSvJ0!zP)jVP
z1yrUNC83;56N$hk8{Y8+@!e_jC_@&QsPP|Bj`e<n2|7fx($JKWbqGnsewf(^W&2B@
z7deZ)lLeFcFJGN7&(QF+#}mQLTggoU3pe?`O>#YWi_27UmqHq4-4CxvU94b<ltNv=
zl#JBd84%UQ{LheW3e|A8W{+`XGQm5w`DgUO%`^6#%5EwK(*ca#{3Qpb&Jq=-3gl+&
zxzvL#yQwwfA$PbmRGjgU3tSrN&3MRPxinOp7`Zj>Be8tQ2}gBg?3+sLQ<4+df_e`+
zu+EJs)N``+KX8vUu|4(E^tbuTIT*k7BX9_}UX_q>1L`BFzYA1d|3@aUfBj?E+NImq
zf{j?Z9lZhBx|Q3T1UNXlI|2^P?I%!HSairDb(~B*5^;2HM_SZsj3sWk{nm3ZYw#PF
z;gpk#G#KEoyA4aXFNS0C>pa}rcsU9tEZ9Q_=Zi_V9t6f*38*P9+BUNo*_iQa@sicn
z56|5R;_9bK0ff-lEv16fle^(bryddl>z0$)_&=oYdvb;5u1hg$>-cCdMwWTr@axbI
z3xPB|hP19geB2A^wZ+HkY6YlBXy{f3Uw{5xh!FVmZ^38&*r<FwTk>-Df2}tXgFkt+
zUp)^UKx+Oq0g~a0-~Yy!_b4?UmdCDu^wb@pKfW-N#EM|DbuH2qGLwA^&wxLJi_gA?
z$ber1crm*!NVfKgOX9cgA|{N}TGzpWT!H{Ehc-gYskzBO@ds0PhMDm{PPSf;gcwRQ
zed{xbKfZq6M?rS8%$P|gl`9$gIN#{u3E>e>#P>jWvIR!0ERtfto#Q9n$uk4+h-2ZC
z@ZAGmd2NZ)mMCq;XoMhbth_f@*$a;2C40iw09NobffRmV{<SCx$3J@4!4<><o%|&X
zY<U7m&X!%dv+<uO>OL{jVu@htPKu$Vxe)#2E10G-jSCCUE8_034JT!)srlC;0e0*P
z=cO82uLlIHp_SGL;h6kpvU=)~NE{fzi39LVd@55mNpZF2CN4Y#3#&miu5D|52gzFR
z#}9`N>!#3Woy$J0y8hwSFxY|)E`yhqlv2qHeOQ=jF7!$AE6**Z7mA9BmyTv9j>BH6
z?3H-zG9Bj5<-?VexK<Q5gPylB3>FHAsYo`>qx-Y_2tyYB({{im_%6F}^E6@vB0QPX
zPNut>s<b`=LQhyv-wHgi;e7~CR*&lslGSMo`!yE2RH(C?e*$+^>SC<yLk9)>l<!H|
zyYg(VFGnJr6DKYNq~wa*6A8@+%Ksmr(^&V-VEp65%B0;a<igo#A-l<#g{RX+ZVAg8
z{gi6*e*7Z#JFh$2bxz4$yV>$XhEW&s+~buZe+0E|fIwj}=w^Jpwm>N2jSBGP{ni%&
z_FMmg-=I+i$e;ff-TwSn@KFswoV1IK5~pdDxrKh<_T*O@Y*LDeI|14J{i$1n@nf*P
z+B8Wi@NTAn4QPG=3(t*V<b_pav&!CC!!YDQTgs#H<zKQfhDcc7D!dCF=c?;bVChj|
z7p*Y!WTzyb#={Y<GeCE$a|A!>P8lDIuL?=#A8ebNu5}a2W)inPL$@SOw*HxJ!H{fy
zj&7nsSN2)Dt8}-SrOeBw@P3|p3V7BHRyY@OE^h6(m?ZxIKZfKebYs<PGrQ5(f+U<E
z{ShPmoC64pB9lmL95az_Wh9$|lSrgE>fOC5K!HPRB3%%RMCQumyS7EqVt#%#!=HrS
z?ouAMB45@8UTc)K;<b+A2Xzr7R%7zCh<dlHtLB?G--7wVp2*@?rlnMPmQDS&tvYeX
zq=7VCa;BbW`Gw2dYm>v;?P?r|;W5bF$7^GDDKyh)0HVQ}F$v}s#RJ%51`V?ZeFD!z
z+KYp;ILh(8Y}vkcwi^t@J80Q@$xh7St7PY2O~r-o%4@T}TOXi$xCqT(FBhjGlU$*h
zHr)#p<r4Nf8JJQM21;pAhQ`8eSYe^kgt>gnG=602NI<C&VxP*?jVq@_Oi7uNbko>E
z9`h=WbZ<d$7qZYkhS`fK^VY{%65KSXT7{jb_MlLq(pa@BHa?P10lTtJ9^*l~qV(i{
z>qzjoR3soQLJQA-7xF&;1^kR#O*@*vf$Pn`g#O#~MEpQDl8IBm7xr_>DCbn`oyb3z
zjI>~0oIzUDgP#<IP{;^jmE&&DXdCqtcS5wU5}idsfx6-W!rB&)%(i0W2!<h*vS6zd
zxZqsObS1VEH5MtOBRTA)6nU{+6G|1Q8HF^+zH*DB7YDaPnK-}Rl##1cO9AXfBw|Y`
zL)mD6?uB!qsY}>+0E<B1#GjhF##NI&nU_|F#q7o-!qq|r#y1=VY4xoRbK&Z+Pa*7>
zQK3bMPciHZnx#IZJMK-UhAj`GxILnPdXFkZMFCP67ln&Ma554Fn1HC;%2QLG4{`M|
zucg0rG^L_H?4KMWH0;mtMQeu4-{$1QV~~-ehcSLAaj`3OB`FFso4-gAYT}3I;nE^`
zDg)`nn;=hr4;e^B<fm1h=61XXyP2`)!O!!dSTvVrrCHSjqlG@cOh~Y_n4p|7QN)|U
zT_}UoeQBJuj)bJht7(r{wUW$aRYFuH_&9M$_M=Iw4F3~+<tfa_$L%m<GyxSm^|68R
zot_xeruy-Pp>9LQtDlBf$yZ@{>1^BzkNKe58SN2M>@?GezG%sDnP{Q#Y)f^No$s<@
ztcO>eCf4A-W<JJ>=P#}f*5TzSdD-bs^qzCiT}oWs7zeAzU#z_+M+3J-Q`KZ+6|J^|
zs3*bgCssj5|AFoFlE0;W_vqv<erX5(75lZdhza*E=^lc6lN`jB=^HNI{dW+yVJIuJ
zt@V@H(Oco?m+<wI6K7<l6zj*cqr2HV;hRO5v3`7F!@|SY@IdXxh2sbKomdzb|HBs6
z$#?C-qXb@B*d*Wl+_O>1^H=x@|I(nb9tAAmu%Hl^X+3p3;b&TB%I}}b?^*KuH2lur
zWhu84&|#LS&EIu-Z~j(b?9iifmXbU0Un#nV#cllr$)Rv`vQbcnrk1%4hHIR~v{Vpo
z4SaPS`xPDPWTrmvwbp@JuPxYq3~WIQGi)C!iqubHg3HQ4+o5;9AGM<pOaKHD0HPx;
z7n7*wSI1)t#CI`E8&=7l#z%0>**F8&2I0Moz-t@>hG0*l$kY>1MSEG!)_=2z^ZyN^
z{1yrHS{Yz!!PJfOnXP*OnJjs&Uz2q83Y8cL2*?*oWHR+q4m3wVobu97G?B-vkcXLL
zGN@GsZZNct4_?d0??Bma9f|M!Ymh^J4CR)1Zl;9`9L(%<9I-O~{1_w4?2|LC8jxaS
zSLY|)8I|1GW*&jOb)F?L+7hA7@ZNcrz|1^regw$fIQeR67kk()ikK|Y(K(Vis4Zi`
ztDqt_AVp3M8h-0Icv>g%hZ0knKIRzgK9wY->FuED)goI2i9G}pcX2Zz-V;9=pF;h#
z5=N0|FyINW6tk@#64}&U*^Cjd?`CzPo0|G+Alc!BLhBTyg~?S_6r@P-P60Ui2h_sO
zJAXPO#sQB7Ksg%v!TjSH9Lzt)0m<g0Krq;h@jKakG?}3D+4rD9FQH7l6oTN^kI<q<
z6T1_Mt$fI1>W9fus>BW7oj77ygbMCRK+p1TC@rIW2T!j|ej}w5p4{kr{t&mc$y_#H
zk!e*SQ%)*iUq$Xy!IK?*sU>-xBA9p*#&(saz)P8IIn0y+&~Xxu6Ki||5n|w3-t>&0
zE2~?V<kDvx%t5z`hbn?A>*29)r%soQ)wVjf7b*xR{a%U6;2q@CGBw?FEh;J-`d8Nb
zx0Z6uiL>!iK2r|!Wt$V<u+Sn9h!8^ohXm^~VPB<*pS?lrD?shbR94hVy}$KMKx7oK
zkFn6%_l3Es&+DL~P%f>W7zqoRaP{7Lf4F)})azqtxf;<|W89FN`gW$A33Ge*NzX}A
z&FBV0Qy97TN-r7~mInZ5&fw(0P3Xd)qgZa;4euld9@-bnkOXjxkEP(yK-vJ&p7K3(
z=?o3~qZIq3h+#kBdqrq9jH-0qhz1JEWr6+3ShTKYJn`2k#`G9!<JbxZ$>qKK(iqZJ
z_U_A+_lga|4OGL_=BI)b2S<CPP3C=8hOyDa$#8YcPI-xD>aOIGh{yH_5k==4k5Xyw
zqzLbv`e7=H^zBr2=hn%u!sv{mK#tR2N-vXRwbA_c#rVkOVtmcP#d!3=7vs?fF2<w3
z1u-7|JrLuMLX=h#V}VnKe-8P4&4a0j)s&SR$PW|-ibg4;Uy8Ic&O2h?g>+Pn6EVi=
zU*(tg<`sqp6~PMiN2^lg(+O6CqgNL_fd_?hV%~#_go4QJMGwXR%z)UuSI~p@J)qO3
zKBIaNb1hugiCG06AEF}6#}y&$giwT-_S8?C`WEuX$;;D>DjdBJE4-pJ!$6fFj`Kwz
z8IG$;jnp4+=C|rE8!0m!WedWrmdMVhB>gEPFdKx0D5k0|sM}tZ*N~!GEWN>#*>pJz
zy#}LVn2l+_?8J*zhyACm{|8lvbqj$gEy{q?XmJ@hX$2W@utNRFm<*`)J0ub4(jis^
zMpqVr(F2LVs1<?H-!~DEF+KP6d<$d#n9U`JIV+_X>nR+OYUd@x%0edUZ_CHsnsHN?
z3|3q?%`F=FW`{g^L)MJ<xD4<*=$S6b@Y)<0R!(~n2#EEMwDh_Dln2Q<isUklOpVv)
z>A>80{SkPFkq1_xOswKK2Dj@9sBtpH3YW`X&-tHNLZM{}KGsOQOwc$LfyE3)Y)C!-
zM2=Wb#1AG_lI@Q%6y@=Y$b;F%!DxV4#?U~)6&eU?oD!o!%%UsOfT;6Nax^Sh^Y#3n
zVO6v<hN5E%Dpy|}1Gk-Tz5p!S2Yx0m`Fl(+V9&lA1?@VoK{#eiPXp#j7<-AxZ=J<_
z&cjb@C$LZ8Sfga%x6TGkgBy<p)e?*e{L=yMJe)L?JAc5B*CrKW7V9+Nvh;9YkFI|b
zVJgZaxz1)1rHn#x`H@hNj6e!V@rt_Evp{4lN6dPp80FSQ2slPdqU&0?%r23Zy}?4J
z<h3<A{*j++UJpT#jSOC!Q7liqHj9Bx0W6ovP<Ya2u>t4Dks{geZ#`4!(rA)g34$p_
z2y9)5aMG1d+yuI~-$^sYfo^V*(#*DCuiEE&sM3&g*I}pc<4_H0lsGESxv*T4$}ZTn
zFZXT0_(nnkTxTzn7gQ7zW|~rMer7tS_uQYLh!s&+QtUT7Xi_|1^ocZ1L*psIAG3JJ
zcopN?X+^d(PU?)bPQpzdc!}ds<kv%1Z+<mIvhf%!OC(#Xu}T0N)5-6(%`>@+p)?@<
zKa{x%rp9(aVpJIm5(Vgx<0<pY_XB!uW~a;Ux)((@q%(Dk8{nWs7~!}-W9xr1IIEbw
zHuFIx^J7hGlBeEotb3J-1?F72(v8QdV9O-3E!h3Wui6Cpij>J^>(nc4l=QLZJg7P1
zsaeh2yj&p$l-GiBo%NtZbgiFwGX^8qfKOhVKry;Oj>Jv#2&72d^WZbYM%=sLZk!3e
z6th9&sr-tTFR9s-8zD;*!(l2Lmh^owPF8i;k_t;0D3!ueRvsg(Zk_s?b(IE?CY=oj
zdefxC0i+oS2Q=o?H>igdosYqubUD-Y4bx*)G+|WOQ$SEDh<h^SotRQ$4PR2}q6KET
zFwMsSu#Mvy?^3Z|wMZ}ygGHPJ#b{{7QC`NZSbrgknnToF>jzv=y_1&o-c%T`*;Jp!
z5R#FJw{^Wk&a@{yj{~_pY~>Qj&eY$0ejJ7=Z_KuC$9%Hn!X%}TMQt3#oeD>kOO=T;
zvtcD-XsH^8VO9F-(x53W*8P=bYr-|*ASTr8mbJW6oUesPglqI2xUhnXsDu@*h>h21
zt*<GUh9;hXSVOUl)@HlB!@#{3<sQ}{ux28KM250_v?d$^@}Y3Z)biWQrE<A6f+ept
zA=ot%;f|w-=$uSfO67_Ea0FOJ!V!bz<6-$kE}0Wawe<s(Y*_(M{DKL`(3*po<q_U$
zBjgSc;iWc$8R7Tx@Wem25i$qBa0VijL1e#?=lN%&iN*ZcFr04#qy{v+_^Nv%sOxxV
z@t@-R2DV{oRr17O4tF_1qA+I(S}>933Q1oAE6vv5Lz@<T*!gh9RxW5wQ)s_&%Rq3+
z7z_~H_A<$)f_t2D-$K8{dyYL=ddE*m3?LgB1O5TN*D^oN3cEt8{=zz_kHBmUQF)Qw
zA>PJ2{PFGe^TjwecJue$elErr9h6L5417HMR6k9W^4QIbF4nP#HM$$&60&;(ymK!{
zKd}2axNs<{e}N!ese&kagi`?6mGOO$RT9qvkpz2!{d%ZSyohkS?8o7I1ssdiPo7@`
zevH+RZrz2VA2YVV99lmSw*#i?xvA`GuYnz0$b0TT{w;B_UenR|B_O@AlZ`D<MhZop
zHU0}-A>YJ}pmM7;=tw870UhkGc;TXK@Y5}Q@bzx+tIk~o2B2S)ty_|@j#Z+Kem5dQ
zY@;8ZIe<pseWdj#9vk3OX-;_cCkjjR@N&TzYs@)3B#6~3>7t_jlo%y6o{nNf8zslr
zVsFqO`qwv#%$2~l`pN4@=YEP@y%xQ?sjT)steHIuc+F6%+`^WgT>a>cWpB_r^WLy=
z;=+=Xkznq*_%VAHD%I90NTD@>fk6&K*DJc?;Azt#jnz06QFFJ{j+y%!qB!UikSvDN
z$7V=8I(yt&iRCMysrOq#W$@4StW5yvu1XJ;KL^x!Wm5}RuVZHuPOeQ0agD9)0Fzn2
z(PYQNi`QBtm2Fe+2!BDMe@~)z6dM=nISszOiF`w4RM#KPPyhOnxpR;o+)B@aqesS|
zC?jKStW|Q@fB6?gglm#vBmh{A&)NROM8?BPV`aL0_5AaZJ)f3=?be@o7Vd@GQ^XH$
zhbDE{O1%e`d}##P>JD5*u}4mo7|77}Fg3JeTMsx)Rkw%f;pK2VZ*0<s{-7Qwn7S-z
zVZxDXJd(XofU6&1`Jhl#rXh6LHxXjPLPmH;9+4-L;K@IVEWMj`2>bV$_);?KW$@-E
zumf)8jrRdtSIQe~+&T>%>MOVbp?>LxHTYdWRlx5F#~p>=M;|*pcNCI@DwEP$=5_&~
zB4&3N0R7bav041xWG?o8z=#8oGFKW7AEnMuoUhs@%)eq!!8$9=SL`WTPZb`FgG48V
z`9b>9L8iJrJ9OT*{mSPoSzLAAFf|O;n!qrRP1YD;gu&FJa?#!e2!lTVw=`vNDsA4w
zHm1%Lw3OFKVQ>357qlylG@Z)V*MYy+k*{sWik6>qNp1Q(hAHXWpTj0mjBNRFBU=sm
zyoT`86=KJ@N$_byGC9F-5&8qG*_d9*Z7a#_G_2c`qb7U3>y}uBxw169i3iLB?qzMQ
zwsfZw70^wcjBOYF9?o;jpk?KfxQM)Q9cJ4)heKy2aquul|0<1`Of@ws#@%vPBCfuf
z-;Hil<t&vrCXN^HoM8((jt}>s_fu(2bf%!jep+U4Fyi7~;WbvPjwj>I^yN|NmV2f*
z!EN||9`chnGNfgiTO6?IfV&5#?fvYScUll{A*k)hA-p=BpLn>RHZS4K@Lfe4pV5P+
ziK=g49{XkTBuH$BWdq}R)HjKcI?m}Q&;3dT+?AD#_9>ylHvSlw<)CIKF*}hOp8OL{
zYrGe#57eq->lQ%@#gd&EmfaXk#a$UHALs6IH!MO_H-38}C~E>0EoLJk7G<Lnw{kYv
z&61lK##mWX*)MNBxZ1wh&dpXXn<6p=K(}R-QfM&PnPHj?*5pzeEb^&23UQ@0CdsTp
zDJC6TY0#lV!-GmGze%U!tn^5Fy*B;GgeM@(kuHG*W&&8jrmcsYSkQXtXIF}4_i5qA
zB5-r#7qO3L;s`8Ran6E&T3+3ZgT*Qo_;#-84bpanU4N|VE!gOD0i@Ke-+>-eV;jH5
zT~!;$pmhV7sZo(E*cM=o`E-Iffo-#0k(jsYKx5wy{ZsG8P&F7oTiXUE^?w#?9NaUE
zQD>~}R#Fln)_CoiOSbP=+clWHs!3p5Fn0fH3ue0Y!2Rb|FKGK+mVsAIOO`l4V%o8x
zb+DUO?EIwCL_<CS{7{`j)8ZWPdu_sE`ceTZhP`T%QC0pCqRqfmGDEDItmG$-QY>-t
ziO0~<vWURcm$^S6CGW;LJ%~&kRT#d!1bvteJ?Cz8U83&dY+SU0zU18n-8_f7jH4V8
zlmKc!yE0O%2P4f&I-e4+bEy}o)#bPWJQ!}L;GG8kxd;eO{q+_+c@R8SQ`>#Mmw*|(
z`ax@34W%ct&b&51tuMpMA?>_#61*}N{}{?cy^Y;FbGLG=pu<95?!Y9vvr3Oj)1NM*
zQJSOEg1Jph<<{4L`4~?<e9A+erb$(D6Xz&86T^lc2oa_;!^9Fa%|231z^6FQG_u2N
zF_8H>#(J>HPrX+AJwNesl;<tdFSrt;MMB;ATk~oFD+Io(cAhCzITs@<4eCq-Q^~)g
zG(6Y#*g+gMgBcoo69SCo?50+nHigms%rG-~2RO@ipz16GyLsc;)J?c~f=Br<L5JBU
zIPQIVPeX5C|C|+M_W*spL|rbC9Qz!wukS|hB+d2p47U=5J#?}2MD<ZUKy$p;xC*Qo
zYdoKVCG%kncjb@6biT<GyQ|us#>Lw-`_J@747b!*&v$!QcX@}5Z}cAEX5v~epkC;K
zXnlK$^AAD~9`SCx0F-+p&Q;Gx&ehI2v`2E*$hEkqUWoZH5KUe%gD0;VAG8exZOBVJ
z12nt<`w5emTmy^a<T1%z{L*CmHyDxadNa+Cr$Vv-crgH-&2Uff*`O#yH_kD@YcpzV
zBlwP-UKHiTy7m&Y$m^{l-;9PvdlO^GB8o}*T4Z6i*j1+aC<n2cB`UST6*IB}YVvlo
zWF^M0ubAa2dL}=U8Q-70<T{pyJGJQOoDMYO-ooSXQCZPVTJ;_CuVkSlm^5Y+n8+sH
zCNvVLc2=~7>Q<b?nJ)N)TZ=qtgpx||UZh6b!v@~g-=eZG9-*~ToY)u+E0LJ|UI%-X
zZh)Ek4y<dsw};J8fd2ZT0B=AnwA&BclS`>%i!sC#Z;(i`x$synZwDpJ+CqQfu_RMY
zLSfxG=2KHA4VRdyWU<9ttY&J@#Fn5mte2l)AU5j=8JSbFv|tutU;7T>*wO>*r#M$j
zQ6zRhCO24KdkxA>2jYMdY(!ce_RqfoK(&0Kp1H@3=d#}pUg`m@g~x!>4Qm!o!zU$s
zaT>o`h4rdc<y;c?s|r79$~GsEQetq_0!bx*1L7c&UWI&&Y4=8K4@$*Kt%h1*iO9mW
zJQggp@V;~Ytu+R&7dg`v=@Fvjhja5QcR!ji{^({MVbE^UFP6;R%wTjCwgGAIZpszT
zs9=5|k3zjvG!AWksl;=T=Rbi5X|aysb;M*}%HPt!8ATtvDKK!u*{iG^$t=*Ob27#{
zB4D_kZh{=feF2vtE?AwCbG_NAJ2N;WeFDcs0Un?tqLP2hK=ox$!kl=l9N@H3W?$n9
zfU(8F+6BvrGq$N+aPRzUF&&*}Z##yks9Kzc;-PPu)<rLcjf3`d;%3nP4$@v9-GbS^
zp7%B1f-l~peoCp-%hD(?_W)p=t?x0F(E%L=!fB@bFSN{EjIl3FVeXl3T+Twt7P~M=
zO?};Lq03B6qW`J)PcP!mV{D{AhZbh{V%*+%IpfEY;`BIMP-^On$j?h^j<+0*0XB<1
zWVjKg<nYy4HG|uFvxY6>YAc;gJpavdbQ1EBPMnLfUcxb@*l?zkW!yZ<333^S=>V#n
zSE%--wiG8Ok{(WKk(yd6+4##k?%6D-0~0xeOPi+ipud^RR;IBfal^l)%N~avg3I>v
zBghN9;2eQ_xck$-=PzRa3=WwunH}6e!ox67UuCbg7A6)s_sl-bOAI3IJE@;|$gkiB
zdmDQ|iwrC<QN%TDcwz?Uqj%suUvioUrMHbg!yA1*{$?uM@v<HMW=3|@*KV2BvGgeL
z$z95$oAEbOMVuS(H<R<nDm!L#es#yJzjnv0jC0o^?!|gHDy}8I68Yk!e9%~=BZsB&
zs|<wfkWi%8GDmOhEj$5j#nbyE_Nd3+F@aanwkgEjM!|Q}EUap-qTu6d+k~D8F!5dB
z1#GOiv%7x^KcgGc{s_CddtB#(=7cLshMS$IGUqmbu>+H`$TQ@{Ojb{}?~`NR8h+fJ
z!O-;M5rx&1m`j1>=6f5a?wg(kfO)`zvscRJl6lAi*MOJzV#nc<dC;Qd!(R>kCHt@i
z24m&DgJG~#!A$?0Fi<`={sF98coIm%>7?mBvm*Lg+`|A77xZlZxO#zJVu#jE&jL5R
zL{9xY%VAzdP}>tu_1tkwoBkOKhnCo!5Sw$vVrMGQ<sGruRSSHDh}fbKTLhqAo~S7G
zWh$Vj4}bv$tOlSGu10aN>oiuFuzwauJo+o!0ndfuEcU}zfIGK@X>M*7dtxgfHNS*I
zAo<x+AyWm`!V<cZ!fdGsUnMLqp<5}=BF8Gy^)2z(%WP>ie1phtu(W2=uTdxWmuI*J
zh@(v5WqEC`@UplzTX?bD=JE~KU`H$qYqJ&r3w!^$B4xa=k}_W2a7~rC<9P!RFSW#o
z7hC`=d$<NBTr30D3!DFkD^|<dZWvxKbQK=nc;VrV7am>~e$%Tk0J8Feqf5Y0a`G}D
z@-pD$<p`0NBO-ahhGt+XNAgk;d8tJ5QWbfr0#H=}8Wg!01YlSJLn0bOkf`BmX=KwI
zS<6Fl$r_$5tqq4ES;Ju|TsvDrKQJO>h67<~wlqL*B^+47TIaxQ=?HqO;Soz=IXq&v
zgze8GLSk5!Mh8?CBB=l_)m>Q%t6^ofR8>GFtS(`_wK`iGR6sQxTndN6!P(M~0tUmO
zrEmntn6aK&@7w$oj-r;+YbdSvbx{g$oKkq>l)_79V#m{|AF>1G)VdQZrP{<qCamo(
z!Aw626I4AM<-f(o-$RQmg`?;iN5j#fsqcq1IBOxcTu|#x{WDI{anAKLu=K~g4@B;H
z#d(nO+)iYW>V2FTFMrET^~uI7fw*%f^=Gp4bos0c7M=*lL|Qbq9C_<B0l+P^*Y3kD
zw9MxM<ikI&&7>Ibf4~((o}S=Ukn;2dhD~^h;;spJFT)6sYjCeaj$WI2;r>TO(0Dyy
z69wzLhB1(`u@4SB4e)a&lXrCf6sh2`&+43|Ui+xd)70yp)Hxe|ByKYmFvxQQZKiRL
z6nJf>ajz42Z6=8xCqP-#iL9SUyqkRy4(%&0T!k`=Z5hOb`%q?K!zUJ8mNJV2Kg56=
zQ=qib4{SnZB$8ofjANR;xrH+jXl|rk6i>!>k&9?G(z6OU>-xz>+v5s63~;@ZcCm}5
zpC&O_@E~SvY(<^SC}w#YNxWT{fx%t~)s1=u%qSa<=o7QK&{i>{YqK<Tp*|4i%yOE+
zs*-O?6es!sm~nBG%h3!#l&s~Lh4Vce4^#0x!t~1IW6$u)xg3D$d8OZ6C~a7S)dQ1P
z7i$j4bv!DwtU@VLid$FJO@$ta?Lct=y3@;XQ$|<dI~ICYraOHg+<2SUrm%u2tPio}
zNd{umn^XUTs}vrR{a!Zx_GKS>N_4lCdmW8Oa*yFS4*XK5$7G%Zatn=g0f*$XR52Y<
zy(X2tL|t=nGEck;ic~=yZ6xc87J}Xp6>f>qrenx;x*$RuNxGobydo)Atl)1)dIE#h
zUI=cyPSRssh@?D*H<ED03-Rtqj{>FI)i0>PA7bZVTS>f+n3g``5956VJu5YQ!dL1f
z2wy?pY9AqiRu$6YSRC~}1h1&A7?54w=(UfKz&Pd=`ZdXL1$AO_T&7O6ooHwr^$Hyu
zBdyd&XqL+`M}0)ZaobiF7c|G^`cU92^$`*fNnyNW&MP+8M@UpBfe(=DXr#-EAbo^V
z6z5IU#(Qu_Ehp;rC3)1;9o^DLXkZs^*Uo!zN3Ev^chue;Zqr9pPRX-#s9;FMjNFh&
zb6uJD4~e@SA(BgnEbbh=%D~=A`W~wvExTh1F%olCh@23>SZKxY;Jw01idJ)8xm$?D
z`+m9wr6NwQDUj1D@!lqq?4EwX(4w+!x!{C5#)U|*<9H*fUa4P5CU&EL;NK_@lghg0
z*v(mYy&jEZ@sNw0wVI`?>qT#4Hy`g3&~&5;ZloFb=0~^?4$R{ryB#VDh|JSQLC4|Q
z0I$W=OKgB|q=PoVHyH>ju_2)=*#Ng7XJ-QxPprDOEeNEmwk#|zT8Cu=+{v8V{5_Zr
zkm0{m8z4E=xDG!H=OF9<<u*W9nBSod@L+kutoK{80UkWp-?0s_hnU|-8(>t#2h9e^
zM)zB@0rt@QJFx-&BMP*#4Uk&R*#LR><e}LB-wec^KL-xj058TzZHbYMk3olK<9in{
zdTrto8y^ug-UFD}_{4WTW6;L;ZaBJZe9uJWn2qmQ>a{k$i`46Ed@cBC<6|mk<71kb
zjgM(!Ha;flvGKhF>pqc<kGPDDkC=>&k64V2j~F5w-$=KO?_31B0qry3iRMDH3p4P?
z2C}mY+W-&))1pkXVaa29XUSvwXu_lE<I^)mz@ZM(>s*ZKoxP6fWAjHv5Dmi?H9cpH
zNUt+4rVqOc5KR*`eQfNh={YY%`e<II)=t5cvU3O_C9=JlvP2_ILraVqdEte9Qf+ZT
zFt~vl;**=pxgj<+Wk*3VI6K;k?1&rCOoec$s|+bBhAw`@tYwCVXryRM!9lHM32kCB
zFqz)`rEZ%TIn;&v|97&&SqVplZdRf`CnsY3kqD8b=$u4=l>BHmBC5k6FvENGIiZQr
zMU5baj$`|15+bU{Am~Ep8bpLHnqbG!QH-L=ho~+^XX<>9`kX-^LKg{C3>{@EnsbQe
zgRZA7>g`s4si4sobqGq#N+)blPM4`=WHv6J+oiSH@jL|mJOH|s*$x1VE>VjU(>q<p
z^p0~Td3Wn&dZSBJmodH5WlSG$AIv_gMIdByt3FhhF@2=Vh#;;^iJ(iD5rNUAkuHlk
zVP$l2VMSKNjH#9wqesAu{DRQpEJ1?7Rr~?DA+{f@%LIedWrD%A6N@2|Lra4xkXUt=
z^CNUk!(xa;&thP!h;&)yly6$w4beIEwIWY`zr{mrDqFz>D;awh#OI`38nl3VwU+=R
z{Xh%5YA+42>PCD{Od@oV+^c>td072`*3(h#r2$>&oXkY%BB_a?i*zewr=!|S&^hg;
z$gM_*&_yB?Ll@~*w5^V6FYYBAhM9zaajQsVFQJx?heY-gX1;>GgwyP}RV1>Pu(OSa
z%sYDthXwJFm%9*-FybM&kkP!Yz=2ylB(lD+Rm4N^gpx_aCK3<%GZ#Wt6c5?qD4<R{
zL|cxRsDYodpR3k*AI8_%^gEk}$cV?E4I1wU5ZlCL&p`LyFGd%;k3^x}=K}^})8o06
z<$J&8K&7+$h$ki$+ZF`UWA{<mZ*2FulsUKgdoa5X!+)oCAM&yBVf-xYLe~Gw?LMwB
zzeBsv!Sej=*?kV4>+jg^(?iVfqunPe;)7=QVWa!4*?oHG{hio-K7<0TZ1<s7`wi?q
z9|7V{8#rM1*^N)H-G@PkX7{-f7`--eiQR_?8aDwZb|3M5hB0XO`7|6|cAvjQ<e1&3
zqh4$GSx~RD`#c|h+I^VH*?pKMX7^#5nB9j-dh9-LO~>s%#AWP0#ANI~#A56|#1Pqi
zcqwjde+&CFH!`Bf%~fPzL`XCm)^QPGGGQ^}Gj6tMd=QK=o4N#x9lHsFSg$%Oy=rU%
z72)K_Z5c|PQ3;kf%E&t8$m|_l3K=V*)JYbD?IdfD5Y;{Y)#P@MQbc96n?NSDTJUJz
zr8Xo%Zfr=3JX+&+1jlAx5&8o%Hm{5`Q!#_oO@kt&E3qNAUn@p5SX)q}W_D(fF6Tqc
z))b?Z^MGabB@?#gyp4=c5v9H3ZAsO$tQuo4?NKsdn%;bJw>^ppACln*ONMFNdhp~|
zc43K<d=TZAI<6zC_Cb_iYRir&Y(?57QHLwP)Vm$g`k33$=JjT)yH%KJ^Ew0tZd(9s
zUQUmzrDs0g2I%S0kOcKAa>Al*SE?D<Z5ur<!B*+g)2$c?S*FJc?A4HhQuVk5$5D3o
zHj+u#gll%eWYeu`1f}Y64Ugk=#xhYg43ErZs=hRz6;MWcJmP9(CDE+9Ix_+FT1f=h
zs~s(4^I9UO$0c&Ntwi%#i4VQn(XzInNSz*63YJsaYcVl7t-uM<;~E_2ZDe?J%*76y
z?p{(-_3Srk2&KYa%qmZLthL24u4`zT-7=~l65E*vB(`GLQ|5P7*$U0}fk<pja|_Z3
zMPg%`TaZ2|5*yRpDnebw?;ay*Q67NA#xytWeNU#b4}WUz;$>R#{ZZ^M;~|l~kNK@&
z@1uDIH@VL5g}QA#0;e|hT%wnFx@LnrOmD|&PjBJx5K&IHcK#1sasNwu{4eYAUnc&S
z;8)XM4j1Q2UgEJP4?S;#(>6a{@w82{^Kzm{MaOVEdkFB_{4~A{(s8=xj1RB6SZs3f
zH@z7FbFgy|rswG~p_z*xuc^gO*R+`p&&Kn(a^ovNJHe~k>G>)=weeqjZ5G}<63%i*
z?}PJsaF*P?49<taS#<Lz_+pb~PAA$ZGw;a78CRZEy$H91kRh;OM{k1vD{@nC^d@)=
zCQl%nH^CSF28pLW3mYD>h>yVsc^mvPrQ=!LUWaoz3xCDjwP0nbWjT_&@FE4Xka6%|
zE0`sXgI}y*mNyQ5p@OA=3zPuC&10#{p8&@ppFE!dU;YF*lV^IK02gdiANBZLF~b{Q
zBF_vLn3Fu1EIgqPuO({{Z9LYalvd(7pTuLCZ9KZ8c+MyB$OIdY?kJw~Nj!2z;%VDb
z8F&xRM5P)J$1!tUh=n6rbm4t%D-Ah35I@N$xMLM>U*L{`^Z{;p9$rP^bGQvaicP^_
zXg;6-KMdG?IFJ#Ykt`mR4ku4JaXm1KruigzraFy7vm0(U)Nl#!Ky)M%uQqyMh1Z!W
zL0y)8XY;4r#zUglnJK#Qkmz-0N^d+QdYzd9T<_marb&d|)OS+oYI8RwXxaJkrh#m?
zC(3uAg>!7}C*EMnlg86K&15;%T=aP2JXwLOKI-xK`HpQ%=?X&$)6i;nD2~-PlZ0vL
zV0Y*sLkZJR<`H3LmXi1467fq$Z~|GHSm8v<G*K)rEu&fTJs{1J?*VC+@*a?8DepmP
zHq?=3rA}xjRzovUL^Qvni_c2cs2uJW#??>jX0;M#A_zaD2vTaL%|sBEMiHdo$`%uW
z`9)bA4$mF^lKa8vm)s9Vzi|Fw^b7OvkN!jAe=0Eq{(lkYWqB9GM4w;V?gh!_o@P#N
zT^O4B2?rA#v#dqDH2OT;ce^Gz=uhL~uKibgwH^JquLL(e4Ncvt`sf7oN!LR!dgVoF
zHM6;eSE1?o`xo&L!>j44?br`vQD)(4dN6oW-(K-m#phKPrA=YW0KvijMZD2KEEs(v
zHatW`<COY{i3UIVysGJCGTGVLv%JB`m#H<rjt+*<>Y@nOVbM0YC~fwzXe&q5fQm}w
zi)gcLnRj;Z&&9F~ovAdw!D5`{S!}9*DvR4#GJ{j~%Amk352VZ}yThP)<q}T~5{dVs
z&T2Ba%jumFxRs0B?F;%T;!-c(%Z!U+2WSCYKZD=VlimUfH}N`IJS+SP)B^6uEH}Ob
z@^IHjYRI^%shV*Ors@Ub9P-!t!~RHltb`jM((&J=O&<l;L%;;04AQkJT-~7A5Bo!l
z7cBWB{#tzS7zC-CxbQc|ilUngMp8J`FL_z)`MJwDMwN@&c<t>GxVZw?j4k5d5IS*O
zY=JY-^h|v}Sa>DqDL1|gR`DtsTzMFnn#0X8i?e6h>tlwdzNc}AB(B$HIZnU}eTn1=
zk0amPR}m5BS4--wU{++DRljPTgP4IV)mQr%X)PlDP~)4(xL&h<)QSKQAzK!w#;dQ%
z3JRvFm$JlxTWP)a-$yvaFX2_i5dlVHm~g2xX<@`lAQaMB4IKKxKqw3hg*8JE{mf0N
zs;>@u2<*=~ymefp%R*Wd5CtjJQ4TQN_%@4;8zz-k%7$^{iFmj+;^A<_!;x+tqV~Vl
z&BOr(C=(fGn7Euq$HcNGaXhQ__%+<%K|w4J>ko^VSRakJSU<9xjgVF$QkbH(X8ow>
z7>&y-I^ttNaX3B>HE!u*qt?whuXn|T6nu^vBA-!_H&+=!<TE1jH4)?F34d{@vb)a7
zYQNT^2=j`9sB%|7%B7gJDe!DD#m<QTY9IcXaMkFKi}FzpaJ0c-MahU~&H9b3DY}~0
z4KdfVS~ud(v2HX<9an=wR*!S(8<K%$kBdfZJ>!ZI>#Sy?wvu66sbx%Cv8^`(46EdC
zWDM$uA;ErVf*vt^SnE5+aFHP=w8&ooj^SmS!1A+Uq|h?lh<U_t({voeYX*bk&(Vq@
zVz>&na<dvSd@$m7IbwIEo7*bDrmojV+^!!RvAaGQ@w>jRhvB1!8dn4T3UCZBE5p%`
zaW3&z2)h|O9qYCK0TqI~OZ}lOP1AoU$moBqF&}+^8CZQ@lNi}B-2jm&#C8l3MBA86
zr2>ANsG}$j>WqDljU-avzZ^8s1tO}U#xhjZu1JDvcsXb^2C}0RBb_L#5@JUx3SaBs
zcBG^5VF$M(D20zWcy*EU<y&0=2kFPOIf9f4!OD6BsSv`&b%L-gZ|d&uhw2Uky;$8D
z9k*Nzj_!&iV$fI)nv8+|H;BRaz4|t_d9p;F4v{-ls$RXI0c;kY4wF05!o=J<e!Ve?
z=I6fThJ`RiMi$V<?G(^T=L)2U@pI@SG=9>)$h(aB=d~FG+vg;LtnCw*3B`?{U3Uw~
z=y0-N44!uYy*x0Fw(vc=Igi^dm=g&@{MgMC&KkoZY2321-i2@$77uxz+ndQ*Sv=&C
zE)6GT@sMY`G@QJFmWOOC*775Ej2@ek+5u>B5+jBS6&uAN&GG$&vr&kJ;b1lju`nFW
zM)8o11=V3KaNy(vuyH-8HkQ+|eTza-OQ{8N|M;oi!nJ5n$vu_EFWJbQe?<L{kzg;m
zU&Hr^JtviT4f-|OX_Do|R5^|5DRxNjZ~PZ96fz!dG>yCA#;uj~($doS75u!i5~dqw
z$mQexT<70bNLCh872?QCNU(oTG3(J*Blv)WUco_}#32BrSERsE%+?zJjzC;lIa@I9
z%xn>Mk)HqxSkiVDSizN;85nYscEEsmObtkNF;)Fdi!->G8vJb+#|~+_ietw!t~l%u
z{DidyC2hE^G+1&>u`N2O2h;~_L5^cmn55W(9K(c3V3xyRZ9!)}D7K*2Qb1@6`UPr5
zZ9(dyEl6Er3sUC;vIRXbOtb}QOtA&2v)2|x>WnSuH^E9<kfs+~kT_ur66}Xy3-W@6
zH-MmW<JaKT{TYKy<ROXdwV79!HE16(sU?F>V-2FyScB+{S%Y2&?@;5X$XTsH^kZ%y
z05xRL>9qxJj0ED2S%Y35;gC6@gjW?u1Q->7VlvhsMl{wSI*m1m&X_fb-kKqZ(?RA|
zc79kfVgwpX3zNjHLE<0KG-AaNz;NT|EVfvK$Q5M+CduN7cxbFagc@rQoiS^W!S=Im
zCJr<NpiHFGFmXAJ!Xqt~Byl{eDGKK=i{Ice)*#8;ScAlEtU=<AS%bu1H8fd14mm&g
z7^87{MT<2^a1=C+<Ks}{Kf2hc6>@*pATJ|AUlTdD<{<L*0Sd2JCxo7Utwym<tSE^p
zcxn!k6q7au%o79{`4@9gOuEE6Aqk8ui*-T(M;i>}BLPM}#X2DoRM=EljX8*ztvN{C
z#vCN>m^nz&HzWf^Zp=Z18*>ny#vDZFU}T+;#HRU*IY<D*D*9rb5aAZ=hbHL}!-uuP
zV+`+>TBr{Jh&hP)mu&*W?|Q?C9nC>3zLE2Y;im04hSv-R%kTQpiXmdSO17di<{)A=
z<{&zaIf%}fIf(SB1e<1M%t698V-6CxF$ak|W)2ensG)}DAOZ9%z%jh63};{dzAk&h
zHOSuDg0%l=3&`1mSY2JVAWtF~$<SUP4l*4>9Heaw`znap>d*hCLb4#Cxv(4=`cn2u
z-SGyxVdUpfV>!BNcQnajcm>#~!h|?G#4{>b%sC|5j`9?)W+B4uphw|q79!jZlN7FI
zA;Q%x^q-=O1+Os+MG$KiiXhG`L=enEtiu4yFKJy1g*}g$9;(Bbm{25YD~QC=D^!1D
z1=!^OGLgU--AkNi>?+P&M2WZNBDP{@E+TuZxrnl3cITBluYu<QSdH$X{8lu!?gNkP
zMMQBZ_9BiSoxSLPfY{oL?xp*)D;SA5R8_N%?pwUunRPfR<Tk|bBdKmfe5Y3r<w=sx
zI}t_?SCl*NqG#dl`0ZRzr<%*aKi;eT$A*u_cy{F6GhzGkTDe-npSu=LbCLIR@p6Q&
zwBqE}yNM-cSnIrp0I$tYYc*2By0-DXxVT&LNGG=8%l7NF`Vg4Yi0kkkh2(PNKjNxx
zKG|w5Zhn`+&5!RkWX_g<t$yaDwzpPDH+99E`xA-xah{ELnexZxy@h{55-B$x8^K1x
zReXGeUp$W(OblQhI2qa}7xDH1R*VU{>_V&qmm5`J4Tj`X!e$6{qyzN048eWUZwB(9
zUc3_b7Q98AtLc2JI16;XO`LrWT7%0kH!4UTrX{&wW*}4hRU6H((8aX=pmhcH9Gr!W
zKcuNObAN>4l6sgfX6>)FY5XC&l*lZccxgj&PHE19Q4`l0tf}jHmz>m^f)QBE`Y1Xv
zcx?(*MbRMEG9*Hl6hO!#2~s?)$1!C!BETe-Ojn}bmCYm_G)ci;lT_F*NgcCdtdx?O
zv_mE>>cgaU^%Y~eREW@CXB{q~zF6I0JU<06QM^V9ii%TsF0@L~g&g62!~}s6IV6ir
zl!Sq+{=ij#;Hp39E)jQxKpvSmqp4l>2d?@9SN(yjekolk9i}0~Or6!#kpKjd00fZ$
z1Wo`%4&@QIE(utxctEA_Ggbs)oe_VjAdy1iGj%bnNl{cyDtsV|g1R&p@-3)K{gAEN
z%1qi3S9nbum0bwdq)wuRi6&)DQ-VdBQaGf!vUwSTT?+`v-=&8%f$s!CrK499)K#D;
zCBoNu`*V8GS4AnhAl@qLIjI!Ns3vxz;76k1N1^~F6p2wiuZdAnn%K#L(yZ;+$wFKS
z)eD-`3WI7(X{FjQG_4Z`pQs<w255{2&<1tYh143_x?)O26qPhgsUXn?RBonS*88+!
zlJO?3>k)btny3S5nA(}tSDUo9OE5jMG;60oW4bA(h3fq#t?d$w%8|5@8WxFEwL)d~
zkVe3^Qt%;GQ*n*J(dS`|4Y1GxX<*{R86HHb4{L-FB|oe|0+T;9PFPVhutE=KoDkK>
zVGR|c<cBd@h!P*pfPtwW8Z+FVhB&-2LsT<|H*AQdKa7z>EcM|G9+><gEpb3CaX90L
zSdARc5F(cRa7Gca<cBqoV0x}OrxGW_M)H2zEtZ{ctLnJ`&kr(<BRKODqp2K8!}dwt
zXvgzuHP}BMD4z2D;^Dh)yvIN3@m+Dyxg8H;noSV7g*S2#=&lf1TzHfC?NM?J4E~V-
zdm4Okdf__y^=L0ob*k+t$^#d?9cmuaJ$W>{^59i-!q+H|=|j(>*^|d?S02;WzO^5D
zeSmeBOXZV=RIyS@ZQ@CdOfH)b3L#EXJ|0%71gzMJI{vY$563<6G#^I;X+8;4IGV|R
zHB4REScAHpElzA&F|ee8YgY^$kU-GKN7}JeLF?eDPr#dl>2elF?J_**#{F@<<<pq|
z+X^|&LY7Z?a=d)EBvXS;bBo|oGF5Hjgq2Due3hn$O*GEyIeA|i|Av>mQUkCd2Tvb2
ztq*%`ykymSu@%Ql4qD$fm6v4VI}iZ=sa;ne*|^r(b=kJ!As=@kY-RC~i{0iwHn(_4
z-G#8>#Y66O*f<4?hy0}r;RGul@+%j@X;D06%H_k!5e|dW%3Lq(rqPvp%}e}|7B%73
zH>hd){RpB*Ow%8rXY>Zd(ZCNzehL2&{bmp7hv{x)AhR$pZ>D*<v>`}biF=4Yh_*NS
z%ICdsOK$XacYXb$e7#hthef`6y_x5Nux3O&xW#Ep=r^%FCTPM2&8!S4vy{m;q2dbm
z#87SOb72~-0tT~sb?Srl)8tW=Qi|_Ux5oIAGi=9LOeINtk~$2Aw#Z>*XF;w_eHZ65
zHvJS2=7yQ-mfDt5R-+HQrA8(mK|2=OvTz7RS<|4gLz@xSc10g{(Q!)ICV=oYq?wx}
zLtRPMx+K*o2?Vqujo&1R7W|m!kV`TcC4m&HrZGvPwL>NubV+aw#S%8uLs+y-$Rt&l
zWNnmWZ4Y75iX)R$T$14^$#4&0BVENWyCfq~k`YH3>!#9tsCLNQF24PLqISGCl?9GA
zZPCV1UexiHg+f6~BdPYlp~eM1)B}gA7x=J&Q~N~NM|kqbf-LH_aiGO3$BJxBixdZk
z+*{d&&A~nQ-6!i&mq53DXvJ}z+!M$f3<`QhAe}|s)?P|+w1+3_8%ILjLFsUqCnG*|
z*0CX9s7vfPSHS^bh-PTcRL~opsrU_PIO@Tm;SaD619b2_^8$|I<Uy!%J3tF%g$72y
z^yBsr6Cz4Z!kmul$9kU$6@4b5PM!6y>Pz8r5LQhfx=Vtc>gvY@ix|xgZ*F4@FkF~e
zfMgY2imXckmn8<*H!8lY%MLE1J^NQ#Qt{rqDF$3d9pgR`TSjVkl46y6e-h{P3K=}Q
zeJLpEOP7;Ned$UHKh-pTaB|(<G4M#ow@ojADAn`+^#5({Jy*DA$jN}5|I0jl&H;H?
z^BNcPex5CJ@8ha=`z3`$>ZM%#ZTu3QINE12@h~t|-YaXr6oK`E(SnqdvwSS=f59CE
z8DH<2IAxi$MdwD6lP7bzd2~INw09xDx#5r6C2cvJ>>*UsmK!aEC$Vpdx#4B+Q_xU(
zm5gLw92EcfRZ6KsaYYWIHjYChR3{!(KLM%6kMfd@ztGY>5&11E9mnp;1jn2QF5eoP
zvn%#lGUoRam7a7qVtFjL<eT#UIpXjyIr(&!zkmHmHyh4=fNU6&VkgIlV_Gw+Da^5^
zud1w(`N(A$RehK`RWkMG2eCQfQXH5E1;*o5&z;QA{R8sXO$*q-ox?8eJa%9gurs@u
z99qO^ZtY?zog7{)`N@&RQjn}ImNLnDcCnOA)^m%cT(X{DEaj8+!eXhAtQQwc#bmv2
zvDBBWuU;&z_DcPmF2FPnYPXpS3;ry2Z*@=|r9zkq3%E)Y!@|rgR!aq#a?xrl#2PV?
zf-v38hsD6*Du&sx*eqqkbeMIx(k`08)fLO&N@p<EErfj_!O+zg=EA;aDHr--&f)T1
zG=r-vmciv`!=PCVSAztDYjv0pS2s&}41V(tSKy)<TwSpYt^oTUz^~O2zgB}T;L4$l
z5nX8)&Ebm0vSq}9fAFgi@v8v3!23MP7}4dsXa-kTEL+A5%2)`C5x<J4NAMo-SUm<V
zn!(i-%a##6H~7^T@v9H@2;Ku8tH+d!W^i@IGPqJ<e|5UlANH3|xdIpOVZSb9xw(Wr
zm5^tAs~N~NzJpoFHNHb(3c?M?+As|PhhsSOA>?q3U}MV&9knn6VTYrh4I%4Uappn@
zd`_JC5K^BPXCZ{>7sOc%A^$~j_JwE!ed1glu4a2^T3f*<pbs98w(0IC`w|+V*+e9p
zd_*J0HV@@|G~DX?HT?9i&(DqDU>hxV8hs3%ran-a_pymRxa>l?4a-XgjVD4Oc0S_5
zu`MH0&baXMy{j@B<)erqS!_H?F%>Z~%9gV(YF6XjfOzBB#6*-G@eIw~v`;oM(FVf%
zmL|D}Ng|+QcqZw55;f03?nl!cG23K8CO2qeoJB4-o+SEQh{G0a<7KvfnPWW$PoTpg
z<iPPsYZSjWj{fcpB(!#he+SLOs0%RiM#S{yABDjABi4d(ABR76$u(ZWn=Gex@jKS~
zo1ui?@3mfxPj14WztzWAt8wxPX1iDC6U5UdwiB)dcFfJWEv@q@0MI@0(|Qhg0zPU?
zLgt?jjGa%yHJ-ZU^~~~|BpCRnsG?K52$m>F$(XGdFbz{%zzYG8vz&$ohFx}HZGHdT
zy+Abgy0a4(&;Ja)`lWiN^K^`xKEkpKvB>V|kJ<W43(dGe46IXe@*5|EGkJ&!B&;dH
z1t0ss0gwnmIiq13y-n`5hQP-nBreOY<{1vVC!rNnj0z$lj<Fx`%7#IWfQuX0LA2H)
z!Z9K24^T82#N2qRvhlJDLljSGDPcg&;+DfSh6-A6p#(F7(1dAxg{B*)qBtc~2rFUX
z)A*4(D8YP4(ko%mB4OoHmR1acpfI!iXXwd-9_WS;rQUc;sCN?iiN6F-Kk9hO4%U^L
z6?!9m-&~XMFIAkvp<LQOcd|Tp55oLt=w+jI)0fwDWu;E5sX(3?B9mZP6Kt|f^BvQ^
zlaV49<MN0WUYj<I&l<j!Yr>&y4V;s3t<aUF)ld_wNmhwsOviZ#rOpo8@(yH?cet$(
zyu+`h!q>)v4TkA5&X{PBsWJ87Y>X1<p)P{PDX2y8^${Ppd__%A7oFsE(M_njWEtb2
z)=l8M*QVcVe+Iwh)@J}Y#wj3y`3Ai|ej)~sl=)QS+p9!jaPK56TZuX9I8#bqQPmI2
zF$QMX7&*P?YPqBep;LGI;|t#W!jWjBl4X5B*wSGxW`F53H0!aOZ*$f|3L<n=`=9y!
zhU+0-gz_!xA-Yd)i?WwwLvuHXQYIfx1HJrHjNsIl$f^6&$r@YlsHB?Zx{05-39@|y
zWV=3Uc8P9!8IJL;%GdQ<C>JM=UibnC&+fri&@3#0gFE&td=7vxH8OL>O!?mA)tLJg
zv-M3=Uxn#$(|?k%$qej>+hHus)>nt=X*y+(X$IAcJ6muYQ+6rLE|p8UiS=P_;fq9<
z-Xpgb)rXJGWx^cBE_<$?$g8V9j7kV|uuP)2t`ARru0CAKBW1oj<tC=gyOeZk$~;n{
za|el^E0+orPs%LZ%p41Q_Dl|dqRTlo8ard*^8&nb+gUceUTtcW%(5t90XQ*AfSvRm
z&Su)b*~6TyTq;gn?1#lGOMUpoytuR)->`2qk+>%@GrS$H8&)S0Gxgl|ZQ*K#)^j`P
z7WgnO{F8)C0!!*ly?`|J%`-gF$^?WBF+O11mcnASS;8QtKDzNGY$vJ2UtxIuG1Teu
zH8p=|M=(3O8h<l|AcNP3GDF+31_g6J!1vt;q6`>W;VJ6s4u5uZBmQOzeg^&wUQNj3
zz%8KnCGJCHh1LkIY!B-79ozCgFkOc~8;DFQSVKclu3X%7Cd4hM4{r}ZKTiB+hqjcP
zSK><luY&a%6bI9jFtzYy`f5Aq-zI>6mEisu<X;3*wUB_Q!0K5nJ1u<8BGbfQ>BaV?
zW!Uz2W5c9{Tp8XDei<@h{CE(^^hqYHEDsKuu)xperSa7^zwzGt?n4D^4=O9y0fKx4
z<*+!(s+QVQ2|(@T{3@YZ(+WjR=XjQyRV{L%RZY3bqw)Y&DN-<`=pc7?PN35HS9{s@
zY-l%s$Z1CEk$P1$&)ChUx<wT>L?|HL`M=$PsfMtNUBSmWFtrC3Rup`*!_6j+6%1Ww
zI?sVAI1YTB15*MV_`e*Og6F{h>cEsB2Y#yqQ*IsjRtKg4I`D#{n=<dfA8@fLy&TI0
ziT84~6o2U5G4o$LR<>Qs3vJ|mV-*YgSOlwD*wbxZ`^E+>?3f5PWMOAUu(cL;MTBqI
z!k!n!8?ms<UA)c@LHROT2ctBO)}OjGV~*DMM=(e0Q=+tv)_bCOj@GwCFh^@Uf;n0X
z4qxX^(mG`LI+}ol8UgxVl&%to|0sf2<M7u-@WD9zCI|1_b)dXXbM%aL<yDH{U3on^
zf_LS0f`fN{#JuFBOLBBKWM}=_q)@fKgfHX?GtJy5Fj_DMy3QSppIrDlK3hBAp~q|U
z^RiDSFu(bh0{Fo+^|UPu-+*hYaH{if2MPND!YISZ#0SCIkE1WrQO^mN!;5Lz_YvMR
z7Z%i8FcfC)LeG}KlpruAz*kG~TvviIiL$YzK^yaPx5a{3s|+F^x`G6cO$3faiA<Jj
zOqLas<?zIqxA0vM*7+WOCaT`TZO((UHn&?3j?F74Zv_OLWNbW^hr15ec5Z<iqbbag
z=)$t7WAi@I;R?qf^A;pzdaZ(Q!-eUHf|M^>3!uCIleQ*#2OVQJo&XbR40Qpx2+uVB
z7(+hi`4f5?Pr>iRU<%We=K|3RLs6+GomYMqJUj#Ux5jW|dhd#m2Wsb0v1wCk%9m4)
z#-6O9T8L()xwHASIAmiv>2uEc9!#N=0j(W$O*||K6M@E)=>nEGm<Lbi@~d+gzj2ln
z=4t#58q<-dD@3Tl96=HiyRrAa2{Q5tncF#*cb6+F7RJI!@Rsp}zH%uwL38Jks~~9n
z?={hu5@s`XJMxnj6y@q=lw5&hTI$FF;@+si0ZV2=ObQXFy)j%WciEG^h&oexHSnY>
z0KhU%5mYq6r$Zx;q$-hJ{Qpg<Tt6A3$S+@2O8XU`7KqBURIra(SY<j)zh=|hFvO9y
zi&IdHH0EoS9QQb|_<m&?3=mfrBP^`(bQIUGVsS%xGj)^NiqeT0;NqV)6U?RdvrU<~
zl-Ifd>AH^P8PHu5Sn0S-=AP7L?j?XT5#PN8@Tc%-eAR_Kb4a?mw#Leq##+XOIE{0e
ztmrjFi2cSEc(G(R21%p_nfks9VMI+#YuRJD9-`|VE8^DV%-|U&gR`05W-vXLD{r{V
zYZxHotbjWu^JCJDHB4wPQtq2(o%FA2K1~)ERl=rj9sgsmaUKyhw#x4eehJ$qzH{Vv
z2Vvj^=bwLq?<djzs+i1UWSqlCl$`3gE%{{QF(_ogmp%u#_W08DGT03m_|uK+(U7y{
z44l3QOQxI@rYgUWH2enL{Ygu5WxEoLjHd2PHr}hM0JPjsIcIyyDfFij>+yvSfnKEa
zCHK;HV3-sbCi%ftvrkhKg0y!qNz0BAYvNNV`w;~r4=id?Ia%8xB`&2v{3$++2W);@
z&s~?|3M%p#4pUev$HG40=hn6~vwnbIYpc+VzA05xoBAlsJ|+wH50>}8asHZZoQgxp
zKSjH;v<DOs1&qs;<z}yVeO>0a4<y}mS9N`T{CIRw9G^C3DSY&C1gJjB;WI(YjnWTD
z%VbTI(je@q<(;L}NPgl`<>E+TVr|w7(;1(PP6m53dm7t;ZFYY#Q{fW^$9^|VWiLWC
zVB)$RbI+hMjSDx9{gf$Nn0igTsaz|%>~Y9<JMxu#(I1hj%v3g}{p9TaoDSb+_9rXb
z_xG>TF-$JG@J&!X3qY!J-u`}1q)M8~)F<^EFy~s@RyS4PG+BFXjzP=Njl$)tFab;?
zcFw$H&qW$ii9#?lL`ZE1!nlo35>{iu2;T`y1jA{M&<KO^2#NbHn!%nyM!=0*y;-wS
zG7p$FMkUUujS~?eaTsZ)-jFyA8z-Vf;~>&ZeS^f=VB<u@m^g|1X6l<H&Zh0#;&rh3
z+w4+A4;_ea98a&zH-<zckCNOt-xwTGJIXS5^NkTAQW2q-Z{1n1%(reLR_0qbB`fo-
zo0td2x1qT;pTbp=$9ru~B2;0IUtd3MH;2Hr-JB|nj;u-~c2j2Sx!oK;*ZX#J<Xm5~
zn`7qj%gm(&$@wRvA$5KNm^aY*F+a)L*3M5EXK3zdX7hba8~z=Bvoce+D>D+g&6F4(
z($o4Qw(z+#kVt1aQooPE%;D40zKI0={62<DKaZ6JX2j);&$&d^iUDtJZpmSIF^sJ{
z8qchgBvTo?j3UXaIxQ+@aC5jutZtP)sd1DCU6R5YhXqe_VS`y#w_=;->DH|ZA1kde
zNp_>)PRkYytGQ#i?4c=vBt&<u9$HS*>#pb4%U?r~&?WXFD7P}`>2}eMP{yN_n#_K6
zBrQzDVq&@VRB#ZBGnHoJk<^1(+G&r3Db~hsUM|L#C&1dD+cUfWOlz7Av9>VvRfoQZ
z5mnf1ABm#mE7LJz2&l#ZHWMKVk;QcDPu-X)qsu!;OmhWzu=!pz>SY|TSW8&_DNIZu
z*Fua4@Z3hwY@L^!HKtxj!PKWSrtf|s<mo0SPY|8E??;}}TQrBQR+^-`u?OzABSsmD
z(K0E(8qxz2qwJ=8AV$6X?m-70Tc+8sFfRzR(<(UFFPx{~U{-JB)Cx{6%!}Zd>J4)g
z9Ir<Lmo=p-s_s#sDlAO*$PhuX`n36JW!n0i`lKTm1EK>)$84MnS;6Le?oW`4B1pv;
zrh^L-76WLh7eT^SYNryWOMMglAzFUlo^AWFRMLld*lU3BsUL;`gzK0ap{!(yQ5O5P
zc+-u0xrQ|~cRE6KOy?zDg?f7d=ILgU`xss1#uPx7xp%#c>&-ud>H&ZY-kqPrjR9*a
z79uO)5&)I^AB^j@nWP0%p5MY2d%tyEfTX_wEIC=#z)M~Z%<CRDcQz?i<B}x0<Z{BX
zNb2C@FZ9~PIti&Dipq3t>o~B`J<_ag-Qpq?yP&byC?nUwu0rSX8EJzg51DNGwAJaF
z#k!2w`U~hXJc@0yVg^{6JuW}@Y{q?+uG)5&4s;P9luw?Mu5K+>lBxffy*H1K^Q!K~
z$ImnKJhMo$CbDNnk~O0&a-L}9ZJfnf?U0oOvXNy*#*t(@PGTSvWG5k+j3Q_Yg_3|0
z+XZ7B2yFsM3tgdfWi5dMH3m}FKq*NnOW1ds{J!6F?z7C|V1BgkAMa~@?0N1z_ug~v
zJ@?#m_j6M__M^;nRMm;IsuFD{3pkK)=dQKEqHiHmHc`hSt0Qi={!v2W^~dmW>mR^x
z{VDwPtotGg0dxt$OA8aiR9Aj0o!Q$-{tmeA+>}pdAgPh92J3Lg{lH4Gt^XGs6JLjF
zPS*bn&fMzHMXPTVIfHCVw&YBdTZd)l02IlmRi6dxR7+*klIwwtesGY8d-jEm*~~pR
z*5qbDwug{xkMCDKX~$lGI^v%UU<KLOfvf%H%K4uo=h2XhgOFdeh1};ar_TSfEo3$b
z`BhuUbpf{jZVUNQkml*OkT7r0w1qqrq>1rh;&Sxr^NZk`eIF!gjwSJK1;b_!(97(r
z_i=ieXZ1cwFEgs%r|4zw)cX^9nI-i;O)vAI-kwL{72+f`e$gDsTi!TwV%Kd>WG}KL
zBh8;7O{=}5y{Lnap{>Mkc@Tm$aZP+DziFp_H)=nFB{xZU&y84BTmmwt3A^4?P%(ne
zso#T`6IIKy)fq7`K8Nfye*&5~=(3OK2N5f>zUxIIV72js4|iE@gdW=r!v5U!Y>^sH
zV2BrO`&Q=a*Y0s^blv2hN3M#BFA+Np_%hTLcJrq|$mQ%&l=X6CMax>${cqj+hqakW
z@8w9pUuIavwcpltmPG7NfroE0#%*4vA)j+F(J@tBP*17f8QLQLq0LnT8g+^aDh8m{
zu;rmJ?CtvTHeest0Q&>rWlm{{0WJxE)3}3ZfQ0~fGd3&@aM|YSSShnPQ(C$e`?==+
zl@t3q@}6SfkdU&a;|aV~z*0ivktq|;&-Ij#<r+2Ch-@6%z6)WP#&S2*>@!xL;QB*y
zu=4p4Tr<kykc4Ar6B-kduoKR4X(G4!iE@p1kW36GjDaaIwOz6D1TPb<8o@Ca*hVd^
z#Tl0gUe^P@WEdM0YaS5Ft@@I0qiV2%XA5x{(8S3&eeu48_X_0Hr3)pZd;Gyj<EZ21
zC>{EaL6H6?5N{Fg@vE&7@6||Rm5!3{j5WA*X8c;15i{Tc1I8Zx%=mU378HM?lvg-x
z&@p*cgMJ@Q2Jt(CAbzVbmTmJYsbyb>&(>+<->Ux2)8n{-VWTbk?|&L!a0^fNKdQJu
zig;E_Jn?nLI|g_AFw~#IVd>Flpn<2xms@ttyBnF2@oO^nGswctvThXzLJ5I9(>=;f
zmJ_!rCC9%VW4wdjJ-~ru{Uq#w6;ZE{Qi%6TmitPK95iB&0lx-d1A`gw@>VTrgbLZ<
z1XRQqQW0;I%By@T8qufn2SP<)pn^=WT$s(g7VswBF4kUP?;4!>7a2b!05j(>n;-Qx
z0&Fa&0LMq!f@KxiP398cF^*f<;`64#<nBVz9h{nEHBVnDTBFoo`8-y#hlXSnil%j(
zlPqj0R)b^?k|h_4$sn1uEvrHJJvXjO;0f@`$DJZ{g`z0+_m(G|l#{|kq~7nLEKX{q
zw!7-!kPQI8OJ2a;4^XPQU-pznxfXQF#~l$M<$F%*SF!{!ghZ<#0_MKPQjLt;vEJ)|
zcfY^0A&Dzr;~hgpA%`&|HBrpXK@-KW4Ql<p;3)WQ#cqepeVly|j#tWgNKWGE&{K~r
zw(;}OV;ZBjoQxQn3~~IPMNdQ4(YZTKGT!oDj~teVXFmcukxi_~(MXsvbP;p>ajU@^
zU6Iu+Ta6@q-pQEbs#Aj(ATW%UuMSR$1o(Z(M&zGsYgU8UXvl8?lxI5(`6a>~1FED%
zXvq%?ig?+eFX2>i3KM;XcOMYU9NZ`Cf{Du4d6Jc-86UU(u<=h?!co0A%GMP1vj(t@
z&FOfPg$X)+%J<J9-=7fq?m>`h1T=E-#Nx5o*<VG0tVSAv&R|W$cVnn50P*@jEJ_P7
z5MA+=(tdanZS*b3cM6)1-x>628K8xgeS@|NWuQ1pJ$@>Xl1QVn90;W%KK~}Nuk;K!
zqU4~TpbUMu{}8+gv%n>DX!z@%l=2a4SU!&11=3PLuE+>9D53bm65<&`Eh4VQhGirr
zEF~mbN~tM>Qj(y?3(Be9&VnkuOG!;YXHkWg>Nr+wzB>90Hk+rK^tdXw4vr<qVxJT_
z=ml6tKG>o#Zk|0K{#c;%8hsk2e^q97Dgq8to`I8s6gP|+2*c@gAC>47A6n{f1-nhg
zwtV!XtIjugAOs{SD^^O|;8CcbLgvaEuKR*kvPm!0OjbWC*6Bb=_d-dhB1)R{QwzmZ
zplwA%mPRX|r@}h{le8A)Oyt@40#3{Z34A4pG@mN<Lj_)oxgK=!0G?k=PzMk2mIn?U
zW~C9pF`%shE{q)zMs=NaM>N>QfI}Kf*2RdUN*vVPxF>>_DltmJIBGP8@|^NUC~8!p
ziV+kwny#<E9fBzY5im~<V=wUyXos?h#{tx643-!w-vqbFCMe}cP`4@{zg91k6W#SP
zL%Ql^scY|z$N}{7dqL`udU-Lk1HH^jq+VvOtwuk5MlaK;!PLu)CVH6;&3_^m>Sbc1
zUfv5Vzm;Cz2Lx?;nWYiEtYM;;Q4^|{*+8L}13#<8*UM4@H9q@zaQL_PUs{-A=3A|^
zrauS8<^T&iG<$nsSJsJzb0Y>~NIL~&hch=~be$Xh2~ZcuH`@^K&7<79n4;Z>1=Ua(
zuf`L2oc`dxIONbixDSlxS)OyCPWgvJ?{iCmDqibfR9=A$h|i|4WXC7R=9VCEs-IRQ
zuu)~#;&#Q(l^5l!{flf3<DQEfy8!*uzd|ozqF`Z8@($!F4M(9W&J3Iw%@f)K=Q4G|
zyn(y!VPt|61!s(tiCx|!ObLUw#$V02N+y#GVR%kPvejeZ5OXwPuZzX`0qp9{^tdUE
z7Q-}x7Za!uA091kNt;RH@|2GlCtuSkJSKy4?lU;J9LFI~j01V{xw!rkoC~(vvn(^0
zhmrRP%_@Q5fPh140tPn(EG5uVGd4Iwu<m319awV!JT0B5^I2?jm-<(Ym}8R}JICWS
z0M_tdl!)8E2t(7XleBCY1rT=cmvLyZ@~vWT`9-Obsb#B*9CeP=c9rg$Dy23%sb#fY
zBU`4Gq5I3{FwWXiTbxo~OC&)7B^lso4OeA+V&(Nx4m)-Y%E5cnc43uekLS}WVjGR9
zZR#zrvQry-?9`_IMc4<QtZH6x*>SDqjHm34Jt=!ruj>RMn7^+5MBc4wyz%jz?K^cX
z@$VsvpAx<e#0~GT{|mtkEBu|5vWWj(@MqfmcoQuU5XSFCe}EOvv4J=ay!*~%=yXG;
zvp)~f-pBUkqeurX%&ZNbmK1H&{zq~bArQ$ZrT~F3zYxM4<m`VXkGs6zn0eX6_%?eY
zX~n%iWn-|6!}~M(u9id0^Hcz%JgGHL^)>!(fA_JOgV%~T^ZX>51^LuJi^X9bSr0Mx
zW4}pkt1sRhWU70x;51Bp@#Zo?+Z^GiFTV2)nD{h{jKi@y42{PQLjIPdmt=T-o&oh5
z<~Td1@q<B<05-ynu{iUYtiK=m!?2aPmAqoa_J`~UWS<}!Q0vFmD08#oTq~JK6*pGB
zzX4YU66Qu27i#iYlfgYBOiDO{!QRY1-zZFC?bovjrrNO;)H7w=RAydwzL68RO#tC~
z6>f(XH-?C@%|dcHEZi_a64qzrv=rg!g6c1UFO9oknod!hLQWDVSipk0^-oJOx|!_X
z0w3>yVJsVgSPj-wuKqd1SsqVRX)|F=fw)m7n<eU#yFchQzaMZ*&raNqI{5UV>mUct
z2erTq3QMm6OSAESr!6(2TgB-FJ1uh91&3X57%t(kX;I{`BS@4F>mFhM*3RW5xST9*
zjL^avQf48aO@Y&$Y);g-fD^qbk>LSM{0#52>0Es~LU<)cfw+mBsow;U?6pQj$`l}*
z=|v)3-O5Op!Mz2|NN2qnxr^2t9{Y~e5-)+_a##f7q_oPoG=*_NJhmKP-Z_m+&XIA-
zyDjprZaE)V{~+s`iH5Nkv;}ECgSxXC(v}-+Z1q1v3?IN|SAP%y;A52fAH(f<{a8E)
z7uZBs$b*)y_inU}GE`|i;d<|ZyXSG7;^Cpx`>>4oC2VXg!dTjhofJFz>R1M3k!LG*
z3clZweK#(EuNa=qe7t3V7g>$ag>i1laSg-!Cn_i@_qjxdKdZ5v*~wep`w)gv?=kRt
z$6=YGc|2TJLw^}*0Y`-pflki-Y|j1Y5uLIdxOBbZ1b{d${s-Xu4adb-{F>bK#htzc
zCgagOIq@pxyIaQ0O2@+((oTUxauUl!?hG5i2PZa%cKBJ=rQKwZ)i|2j@3-bg@zwD*
zA<CClI5~wymLW}p$|u0VeX|5QT09Vk6QF{Hhpa7vn`4NOP0)3mxSGe}gLx9Uh%plW
z4Nhq@=(TaQ!yh(*2o}HudtnPsC7zDj+3ySiKhHosF;_xz$*P>->&2$^=zDKJWxvS+
zLo43`jvfofZr+btk*p0>z6aP&tS@fGm~1>7PnzWjCtpDqz(Qj*x*NhNl<BTsDT6hk
zSNWum4XI(`!o&xf-8!VxSWmk0<*1ent?Uxoh05<6dCNB`E;8oF-AL5MW2_6SLH^)F
zhH(!-IG3yn+i<h%M<Tc+ncAJkB%AlP&cl3&GuPM<{;$FR3-Q1FLLd<)%WtW7^NjGk
zd~OST*;WHy(E`T3B#oVG0b{D6@Bk_~8J!0~v<v)B?XGIo3R|E$83Fg6f<+l-33AL*
zR>v|}X=ml8fKS+n3A~BvRL6Rx&`Dim6(+7<gfWq?zpew%_-FfOykN2b+cA-MBx%dw
z%J7-RLYuF!6>)ugX0&$@KC(z_2Q5Ba-@4NF&85*MLik!G4I;Go$fYZ7-xQmo3dq1{
zLWJn>Zd^}9WZ$fq;tJ@%utJ3DvfV>O928ej1!Q1*AwqOyx8&G2yG0WX5h}u$fF=xI
zrHI%!x<)e&5i(@V_%>Awh0Qut6E&oh?MsUDY-b|u!<*+R>(DwcqSn!VhI=6Yrg~-^
zf#%3WuO68&W&yB5{Z<at%7|b!811wVA(_=6VCMq}!X7H_bfFV*>lQkQyPw0g*a?K@
zde+^IsBTivhkOR9dQ<iHa-SZk7z2|;?^tv|4;b%WJwzZ!bmlf;qkkZg$JlH`HsRFo
z1daOJm>BCqsrp~gg$o3NX0KDf4Z*luTfd#rc;>(y^g-L^c3U=H`CCyGn#uLoQ(XU1
z3p4>$!P3-UhO|5&k*|##h+yMk4*;t{d?-GN-x}J9gl9DNqb+<+`ei1;pzBrOzklwo
z{t;-td=;lLK1HZGjX@@_Sdy?L6oc9mKH(2)gYyzlfQ*G>_fGv|z>!(E4s_(C9rR>S
zHDEWZ1}YdAlX)->Lk;qgOSWO92rpA1=V(BHY|SS2`W%K+Dz_~m>vH8S%kCaQm5=3S
zA3{cPBd<#&u>kPESYh_d5@qnvQDEZnlf*I{<Ut540`CS0n2zsZodx3uc)7Z_6t|o1
zLNaqiD4X2w{Wuf>vzCZMD3s6jKf|de3f?EcxB7PwEyIOk*41U;5NsP^4Aoh^{!mOp
zC~TNggt0{66jzQnc`#b4al|x-Gm9KsCt_~{ZXKUV#T|`))T%#<EUeC86tB)T6SHp$
zN+A&_A0`5w5R@=N-rn(M<USvl4_YCQ*hDkM!!}XBFUL}pj1(P*wz(dH#pN3Q>v{;s
zV!F@&dB|;$jkE4U2~;N2n%zu}H-hfD(LvjA{p0%OE0WmU!R{SKFG;jS<a)pXs0W9v
z>?8t`H6JJ**xqp_2G~GTa*jr9PgHx$nb{u(tYEUr+s!y0^90(%Na;vCfrp^P4gv{j
z|6|8qkDPu1c^4Iu7M+5;mSH+4qKbrF8PN&02u9_r*!jQMPK6Caw*IAcj6rxl2zFBU
zNJ8oqD-zWJ0TmsUmgO9S_fO2hr}2;Z&ylT0>+;=eBJK*^qP#HxTMG~L^~k>(eQm|g
zL%CYU*eeirh?Ql#c_NYJ1x?$C`>}vmx^@h-Q0Sz`G4cU~c8-xt{o$q_uHL{KxdKE|
zI(xvSoX-(EXAf}y8{NOK8Z2ZE2Fz&d5F-nE^Y&2GTd<2!?;xxXso%8Ce&{zH%aeII
zbG0A1=!IUy+Mq#BKp`-)XkrY8wifqeh<UlD^E>RhRY=3<A2HgIx{(}uUqJ2+#QS2z
z{rQOdOK{8h5qs4SA3jzg6PkB4#fX@AREWH!Xv{n+q}|jb+v*wrbG$KCWi=>@*x6!D
z8N~oj5IDCIKf;<)KN+dn(lF(imd%XZ+gbZ-7ztzDxz&#xKGOeDK4M!>ZJ!5&v%%fl
zFr?fz6&>6ac4I_J$RKRX4Pqp_AJ;VZhhwxH!)Fl6htm%Wlj^NR?Ds(bUonRUPEdta
z0z44!eVM|B^G@QJnZXLLKPO@qLN_K&N7=6N$6W}s9KsmFC9nK$=H?LS{5Bwux`*h-
zAF!dY^Skpx7sZ2l>)pe~GYIR}yERAq$KR<DOQmScQcKj57GwYT`DlhXAYun5<;U+)
z%ct{{D)VsR*nx@Q;369)4)NrhC($u9`zmTf%KQc3mFfeAU|h9;5PuIS-=eGXp{hdD
zUktrujvwf;gM8&XdEGm}F{#)W(QnACNwyF0SYVuw1=0ev*&GUvf}m4c`viV^k`jN_
zDHvqAIIp!UJ$DMS1nYANZqFoknfaGV4=W-7_c;4CS>+%O{SI#Fku-YyI$2Yz;v@0v
zrogQ&Q$b20l&m@XjRS|nobsqo&Pl?sMi4jaV96RMt=UuMR(%nM78)3($x7TX4EDK&
ztUI|&eqlBQC-Z{!ZOq@-KA!SrlJ~;C#PO@$JPoCa-|`TK{1c<`o&3VymoDNs_4_a+
z@}7jOHcw?u`L|Rehahnd$;DmP;$$S+>_=OBFx>_mntd#=^}{h4|Evb_qMip2g!No(
zspn!?&sKw(4Q{1Ag?t6KQojpN5r@^(t_QZ{j7av&D+gO}T9ESfeoWhM<Ngb($MCd>
z?ZRcg2RAk2!@h?hL%ye)p>g?08W_<r`--^j5Nt9sO)dyQy~N9RTB)S7ZK~=zQ<#Xe
zys-0M&3oTLj&Wz%O(D!lg<+_;YC%GKENt~4G?ffPVX>t;D4`k4Nx2A3x?w1cuvCX7
zG@V7>xmr=`KZ^!(u{1!^4leQSs`g?jo4%CzdNARlkCtk7RWle}(&vgVU0Q+@0bPoK
z25`tCU}*j<MZiAbvlJl_Edq8*IW{YKzg-a~(4M*!!FiS<p!0v0BH+&TvlPLJ76FTA
zY^$XWVx|~cDpyS%+=p+znksG)SD~7e?_f1)AVXDGAj4JHK$cY<fs9mf>{hm}MV=q~
zKP=CsGw@EtJR7c4%7~m%1luLBmbUO{n*>vS+r_tr-RM%E1XK9iWxs~K?9yThX1i%^
zHZ`m{4$0dOrHM0WDmW^wwRBXHYniB&*LtEYpw?URFnNBql87K4x+EgShc1aUfkT%B
ztp_DZpd=LUCBI!s`Ujk6Es4nEp-UpdeCU!$OE`2%(1=hH2PI*TbOx<S|BngzO{3V<
z^ex!T1Q!+956k?)jy(ZU<h>yDW9tF6c6<*?b%)r*JRN?s_B9e-7n0jS8xW*7hx#pa
zAbK;1Ky!feitYw2&m;w_!H*v8JSzg=+0Nz}1T+XnkGS#@v1Mt_z{E`;vpI31Z`n{V
zG)P*L`Q|o5L~3r6G_~(`V&4N#zRbS6L0srNBepQP6HweVfxF!J)Zo!o0XLU8xX;GT
zZMBezwE<YKQ)`Mn$$KWSufQxMg*w&_AiVy%0c?-_g#8qfU<9E%2ADu&lQJ;hify{M
z2J7S<Wf!UtZJE<^KQjoi8mt$wC5c<242nS7O>Z(Pj`Rt`)xu>O+Xq-B3vf&hV3&(N
zZ13_gLB?2ZG)DEZPUV1KAKacZ`G=Mu<FSj2xscYDS$6=)hcLcEQ8+D7l9w#8DVfC)
z7>s#%gOV2f%tgE`;#Iz8HCT6ZXX8h$bVBV&IdF$b%g~E5V9zyDhCWjU+>`_IK2rvB
zt&SVkl}~1qviJ2|==;Zmx_=g%o!GDp2yB`d6^oq_P^azA)?6DN=N!qiZm44b1UV9x
z@GPE}g?bHW$crfS;hH4=`8GW<QpQ3a7!!%QvGQS`qc8`WE-#@qM6wf=7BPrOZaxuh
zClE<vdlR>jO%1Aj&14amHW@0JLlf=Rd^8707>E-DTI)4V5e{q!^LFPr_mCrn!}2SA
zSm1;uKHRZYJFosV&sHhkSor|u+P4#$P?KU5cCK(~kO~&?F&^}$ZzmLo6uh6Jy`fb{
z?1VxRk<tt|!K9Hj<=IOyV5W$+1W2{c9(NL~xM1hjUsFX=EhpwKFcu3L4<y^451bA?
z%Dri;@f;L0YJ-%1t8or~+ij2v%+I>oAf>7>Hb{MgqLSV>D9R+}EO!@!qHHtcKQMEQ
zqPYpLC*m(;LaV`#_Y8=P&)$ymM;6KaDaPbOfsN-qDAQ}%H&~7Hk&YY5fJ`;%0qi_}
zBxJ#ATmX+BPIpT%8bcV_cQe+)zNpXHhs9%!7)A$f^+<ew&Ny>W`Y$&|TSkv_Z6N+^
zr|Z}K5u*Lp#ehVI`SRVJ#c=oO-nY%|Za-R>FaWg`$Q<@xe-*c2Xow`ND`cMMAGlWj
z6`gZRb>_4ta!q1VLfrK}7d{c!CW&H!7uu1oBnHX4Da;s^Z_>1gEbTg`VQ93}Le({F
zHU*}MR}-cm*RMCM05IE_?QhbhT_Ili)A5xu@R%ndTx!y#+fq;Sx%3asPQS~@n8iDD
zv9F>`2i}f(vxhyhbiBS8+Yu8-$9EFM;}E+!GGJ2wXhaI{3Y5=0z!MeGBujNx%^f#6
zK_Ss{vmfmy=os%jpP6}u)!;W+rOogK3A0L@rdxRL#Fk^s@bAbciaJ;w+Gs8XVp`;3
z)Hbxy*n!3AH-CZ)=q9=KQ@zqZF~yaUPgw=4!LsD5lY*pq5ewGfZ*J~l{PMV8c~l|n
zOc{bRcC}q|&x0#mkI)e4_|ITt#rLd94#GE?DQ93;n<?qxegx*xSchS^v&o=j6BgX@
zT}fOF8uWTlTs6SkgEQwA{!0LCaYuqMd*E9@ih2{K#~A8>;wFq$AY0N`Ream`P4JF)
zBEe3t56CrHZWnGy%EELA%VXA@hxr9O^E2ZLHH}+HPBOOZ%s8!3PA+wmLb<u-!<K_l
zv$vRJT)43AO?Pn5vpp}7EI`UxAtZ0u4YD8r+flth;o$7A$vU%Ba|Mbsy<*%azv^Rt
zXl_?6%!1}WFQ6bV*UFlTztV?q4gYcNFMx053ZQ}G`rj99e|4>8fn=I5^BFm#t)0la
z3N7o5--A=y=8QI{x;!~;;|eKVgK!l%{k?j0%jN(6o_PwK96*_;a7CNyW%Lit-pBLh
z#}wu+g?CbPt|hj)zSgD9uE@=fe5y;Q;<seGc_py;4Vnb}23-K3*%TQbG{qqTO;a4C
zn`eNyrvD$>4kb_dT2;Oq@BV8n<H4|mQ(l7>sj$}(Huk)*Rc<euAT&+bVya#hZJLj=
zX);%AnoQZeoLOw}H#c_$e(yI;lMpsd{pM?X=3W3u^?v^-tcC<llhN+Ev88D$2u*W)
zPi}jpab9bXvT+Lb_#SDT+r43M0Il=>Y|3w)62jIQ2AS5W*bmV<-z@9Ie}J~R)3nVI
zpjL9ZJ<>LXdsQ!l=l4Y0C+TT?Gzg}U_Spi>SCK+G8)d2AK8sAs_Gw7a9|#xM7u)m2
zb{feJ+A3?vv{jZ<+Ug#()n!0s+Ny!?L0cuXt*tUNw@2ElW=G4C7f_dcJ%}7!f;9Qs
z_Nf~wHnw=ThtL|qXvgg_w|0+-CMx~8hdOu=cWraq(?S+z!OBY=EP%QgIOtewdo^vW
zh5aYx-;Uu(fvoRi#U9UhC3p)1H!^V8U5>D^l~%qn{s9<UVvZ%B#f|d>AN`{7@4RL+
z+dL)t=%sgFbQcev%~NvG&fhBSd}!`!c>Q*MDriOaRdcg1?bf={lfDp%+V)b92jBg%
z@l__zR{dB&F&L~OJ_hLT2ReUiqSczB6J4?<_CP6|K)gmNcmWM3c5c`|OBtvaSeA{;
z(d&w<ny)ED`)+_`o8WkA3yB#xu<ReI40O1`Zoy})LSgP2V4bWMs@i+AC|aQ0Tn%o&
z_a>YwLci?2Cjp7}-V6y;gnC+3go3*C-hz?}LLH{}9tSfH(R+tMMn5R(L+FS7qG!(o
zKe^5iR(lgtYiI>zQ&qgU-=N;Yqyl(GR>B7jpw|>0-F*f#c#=df&$ocfFO!i7Zc4l8
zW+!pQGMgCon8|@es*n<xgBKqRjF;$UFbu@Rj&W$JlgJ9$IL8JstTWSt6VM3>gz5Mo
zkVAwX$4w_QsU9ge*Yc(I&bm{VJq3-{Czqqseqsf24Z2516)QkjwU%-~{7Gst`pE);
zq<jc@KuFk}(B7TcWxq8~J91d-@!1iSqm~w@S!PyNr;@#HkCTDr{*dK!8<F=eY>&Wk
z`6tRwtYMPTWt6N(`0mqYRbY9PRm8xw)EMujkmY$<(hNkP777NIOl8pa+p_mwh~8C{
zuNwCSp`PgpKxT~98VQ=YBNElJ=w+TWe<5T)mzMgaT3*tsmIJN)4Jx@`ua_w%(94gN
zM(0UZXhSa(Tv{?ujiSRbY7iZcQCkepvx;aX^*=B#vTR+J-9#8@>Nw1--A(~$)@sMv
z)@r8_gmD&MGty^;t|bB+W|nl>R>IATLlOkrkEBu0;YpnOLpTjT`%@@t4?D{+j?6y#
zaq#E47=u|2l7%AA9`qHtCdHB?G0D=GLB`jC(%6l13X`ic_>l=}raVj#RxSC#aVclA
zY{RL6vgYdI49mi{gZo?@UBMn9T{yFX;V)cRP8%{W7ByH37fG=)lc){V>fgj`O_=&F
zQSxpQr!8g4iAS!uoK|@fQ(r$c<(l=jl!F&bBvjA7Ik7v?X1^YkwZ)!WOUVij$~AjB
z8KL)Vv<${hQn>I(yKceKu<#iRYQik8e<x+dQ}_mD2z%lZ1FKH>XO_%hBY;~T%;diZ
zXVeZ4rNM@)*@{d3K7CzVbwZ+iC(aOcKoqT8iTdkk@D0^)^loENXx9&t!uPsEDbQLl
z3!a#Ny5(gq*3VdZm?^@t3pU&rX80P1x$!c%_A6N!0GoYPfHH;GAN?l<KIU&=G`FI*
z{Z`SOfd_q-6}uI3`2_3AZf*gr>$zRCIM!<x$C{g&*z8)Ip{)Q%2Km|+jUVwjt$#pX
zBDXXwSE)O7R+zrPB}gh(gE^5FqwQo3Wamkd9cHJcog`px4CZ1JxMcrbmQ{|pV#%2W
z^H<q3#a2I-P#G*Y>ouNm7P95X^BV*6fi}o&)!&W=jAQt30dLUvu6r%Mc)kmj9zo&a
zHv1%Wy@JeAs+2~|K0X2z%bnCDUh&g|$0uYHFh>_8$T~IOexFOLkBQ<|h$u#+keS4a
zPh&sCEYBv3LP-g5A%XpabJmN|9m~PMWgBX62KEVF6tq3^uchrp__zMkL7VeSpc^xo
zD`<g48hhHf*~^yb$1sfay;Z0l-))w}g&T+;@Dzi>^e`Cu5EzQKx^4kqHB8vbSXe%q
zMCTV}Ef%sTahrd@;dJtZtb@i7#K^h<FO%dY-emz7wRt!zKCLo_=lXJWsTJC@RCcDw
zTM{$eH5QlhXYfe3-xuf3xEwxHasG9;(1@TrK5I|p=WYPEOM`RQ<71n7NOfU6H-3{n
zk(0oDXV?{XuF@xgqaOh$Y)NoFfEh)1gF+(Fo(iHxfL{rKaB$7@Y<&5L;qDIRC%0#&
zNeBEp>CeMY2mH6tUx1$u_;00u5PmvzE)tJ%&h;kDxv&z0DO(zgEo&0a(wnBzJh*%l
zBI2|Qrg+m<qYlrM%#}AV1Ng($AVYM)+kkP7A?#B&K&9@JH$ce(`_7Yq$ISU~GVNF=
zZu6MP7Mbl~dg)L52;4lKc8j=;qxr%zpI?UOOKvnj!W8d0%#E_eWKluN8IwT;wPa60
zQU36K<^P1v%55L(9qSp(U_~V^N92|NI1LlYEv=)FL>m;tLQ-jiq8udD22En5pYTpa
z{xRbBPQ!O5>(1bXQ8WLQ=;Q>0HJWRpC1=FI3Yamq-9*EI1-uid(UK-wVg^%$R%|%Q
zkWHFs2@_4|wnoFOp(rX!YheA)aYEiQe0H_+lPYYf78(0|Hy-lB!~Yf!p=Ir*<t5T8
zVH`wuX^bRM5k~@@)<9^MNTAyqh<9EifyvfDt+%sGy`8~&BkRvpN76f;4o%`$j@F?j
zaXphH=_g5aOQQ9uNs@k&gr5Yr>pH1u-D;AApTzN#xZRSp*Yj0}RnKnhBwVZf2HQ#x
z788n-y+d=`AmBUx2HO_{@ww~Z#v3oN#4^l<cek9y_PRSHD~k{K10EBr^7Yi{TOi1*
zk4niA#+ApZf8}U-Woq<&2w6Fl8vQE2xs+_JtURi`WGG!89>&`X%hKh65uD&Grg1&s
zK6Zy<Xcc|ROOb~PW?9Rs&70vY_d|nG$rU#m2-ZuvCxHGxn;hDN{~P@a{0rWDQ4W7m
z9|f#@5!*$0A@d4uIiH0QsE=yn-fY^ev;s{!oAUk^DNWtO>b=I>BpU51-z4-<<sY)>
z^9NEqjhjt5XB<TP07_<)8w{Gu$;!R!kc}93l-B@xCg=SfaF1OucO&8vkgpDHLRTCi
z8MPlgRQVV-je|rlLLxb3$~exl)z8V}IKo=K%Xchr^=5kvcJ&yn?1jxqf}zUi{Id#9
z<<WKTLVe_6q8Atz3x>tnz7PXE5e$n_R=f>N491G@Q039wK!3RmV*NvH#p)kyFHk?y
z<JIG#%7Nj5EGZr(6pzYgLyGW3C?16rM`e#9#VnlJEY5O(;s7gfNqYq@2`g|(b|6B0
zdq)K>0kS38C9J>!I0vKx2b@()y42q8PT2a@Xk9SMP_abPy$jKV%^cdd39BP}TU*3Z
z^Ip|j^{<><N89nXG>X&bQ3JNLi__mOP9AqU{Q#Wneu^KfG}@#fSxawfvOBltUX0(|
z-sa21^Ah#kj?cPJOLR}8AB{m0U$=`zQstwm;E_~smQ<^wsgNv^st`>D4^x%5Tcvd^
zNuG%&8H^@@N0OXkl{T27Y>%KHipGUU;$~)_2y_6ZLev4AkJxfH92t&vY@C*06(eG{
z^?X!Ga~8>v`ZlJXJ^C|UwsnSP8vw(Cq%_vTMvRr>vY$&DR)YvI=eZkk{6$_rX3O#9
z02p4J!J6Zx$b;1&^@%<xEh6(S2Mjl(jqeJ^;D*~}5|#BVd2nLi1bwdG#Ia^Vi#}<8
zRHZ|tHkgc&+F&wBYJ+j`Qp~LTT^7y^Mq7~Ukga8K+ATafSnU?B<1-z+b_-`VBE!NB
zH$zgT{Ul=3LAf!syiBvNIh8Rc7EA=8j@jBkB-;iON*wNC%_SU%u6+pgY{#~NRzlW?
zb9=q@r~y2>G;WDn_Re92SPeEZ?`*ogbNOpK8dJ6^RMS^Jai}C1jk7Dz6h=SX5YUVU
zT65b;$Pi@<P@>wE)R--wvgMt}jC4=H2^}uk9K^*rLzQc`FNQ+lA0DV+hmMUE_VLmM
z%d~RrfE`@Q;Dkx6keZOOAcQljXqr?I!hS3oa+ANtG0#$!{H2eRg9PluhRyqgYT$9~
zfa{0imT4DQp$lx#ht2r}9~c|*VbuWNJQZd;xxWgN1mqqGVF9@}gs_0zEdlC~+*g8l
z^Hj;$jlu~KT*juHT>;+98fW7U1ljTWX4GKkN~f%DK7#Wg%?6@jxl@j*-brjwZDD{e
zc?ulsHAGq80)*&|)U%Zy>am}I?tjVJ4G}_*eIn3f8kJUOu0w2WXEDYte*)sCK8#fA
z-${Q@vi=|ziF#9~z5)Ts`di?^$dDG{u@w;*hPN8bke9`cZ!YbnaH*0PXZ7YPJiM^V
z%g4+vmgKGnRSYG~%}baOlS`H+9^TpY)7QU&726fZ&)T2$HL#*k3>nx06pY5J9=E=Y
z9Jt8ZaRa_hQq<lUO;GCNN_@WwzL+W)(8Xq5U493OoG!cZo#L<>O{9iV@IOSUrP|P)
z%oCx4nse%Y1A?1(!OcowlAuP!BQ>IH0Vjj@En=HkFozXDtP|LO@TOQH<s@9wbSXYZ
z%cMBY3UH8Qnh*CeAN98)7skn2(yQ{kIn4bgi6LNC1#T`YFOCPUTO~h1gf#RP5j%1%
zHltPJNDT%|W#$8>a@~?L&c8z}SW<c+fK#l-*I`-v4qu{QPDFO|75rEY`b5I?6^7q|
zcl-{k!B9S_K)*bxpibWBZx0q&BqrOzImnmjc|j09lh9;tWYsdbd_NY=gFG>S_X@&z
zY|n97|Cr}_J$W$zH6-~v&Z@JXGrS_cD(~uoox_&{0MUm8lEQYu@do7SThcaJW@&j7
z*tDQWn%!9aAyi>{tp0X<GGq03;L|f!e;A+M`Xl%qpjdtdRmq#!_}H%a{O1qQ2KB)P
zeV#$9&$P0H++&6rUgfunO~`s;8-JzM_+8{>1$J1Z715(0qrWKW1O}2W9+C8~`Dt4e
zPKd$Bqsm8gfiK?R4eq>}`oe*q+R#Rra-Vw@2syj=(`2K%^Hur^##a#Epz#gDhuqEm
z9uj#kMU`l~w_?u)UjD&&qgvW|Eeqv)?iSAmski1m^vIT#om-Qz^HW&4{RfJRKL24i
zUxNsWH!im4zb*QN2A|W;iean16Le=6KW6rvB5Uvd!u$l+=B@e;#9O&;$e3Bsbm#$R
zPeoD~RnQ2=#KPe06rpM<K{BEX_&v!Lp4E6Aa>P5{Liu)|vJP9VC2su=P%2lFYHE6k
zl?(^VCd^O!pFvtJZ2e_OiEEl9Amb*S5sux2antNg|F-C6h(CED++LY?W-r+uyIDbc
zyqrgn#ZE$8&Rhxqy}N)B9Gye@9nWB89&P*&nEj)m1IYS%gCy&>@>c*FZY)AEYQBn5
zU6U^DV^09$y67=hYSCPF<$;nb9iVLxT1o}rE4A*N*jtfKbwdmPegnJLR>GUt;(Q<|
z4o<dQbm$`aW~D^Pq~Hs3&Q{GzwU$l>nu*F^j9&q>0SvOdIpNLi_!S-Q#B!}=_Y0dF
zOYe95bBvFea@wcvh6_s}rT&#8{EV*j>;39~GSaF-E^*lY6kpD7gz6m*+o7SCRtVdo
zfh<-C+oO$b2UbCT$U75u0&JZ0N8>i}G799KbjDd$kT}>h6UkDb)nNPd?i7ij6BY+f
z1tzV>L~J?MvHk&VP)p|Q7{n6G9oU9KF^$J6@Mg&yP)Jk09PW7McV}?-xd&ICdtn6#
zI(2yWKmvAq1{~Pq8F205?t!FTO6?v<;cbN718KXI**%bf0fXHGJ$9*g_du^*>f1fg
zXO|Z59$0J*^smFaMHpG&&8F&z*F<h-us?)-LZ@0v89#5108+)}IE{eAaDY@{GFkjs
zeZtCAkUWJ&9RR}gFv1E*kQ_H&00>fJ^woz2EGJ0c#|tItAUSMu01%|c#tb5d#0S!;
z?BZ<3Pu-ivP;7CK7zST6fP|?tjEvn-KkoyJT_@!yh6UNM*gYxOll6<->!d=GpwFS8
zpNd;WghYvAa}_1>Q-h<3AEnBBKVVycA_E2k5~4`bt{;jOpup>H1cez-qYkj#6`<(h
zT3WQ|y<j6iA&Nf6k8*x-w!cv03RmvTU;Oto&*1eG+QQl&hj9{^bJ~w%evmbM2UCzY
ze1~xN9A>Qc$A_~C2p$~EV5kyCqxQ!~U{4VSq4vj%*(8JzjuPHKq9oFp&O#8=;)I<;
z$|RvZS%_qhIPnk{rIS#+wM7x76Ki*r(<<)jn>Ra3qqaF(G70tadNeD17W8v3KB`+c
z`1-|aFbb8b#C2Abp|2TTKy)}O3IH*wfaq{aqf@!3ZS1{qE_5+)>DwGcg-hmw(yl6T
z@i-@jXfv*4$Bm!`h-lpa?GJGLgnj+&_~)R&PQwfY+lgmEH_UU`F#BR3I{*9h-V=CV
z4e$6I2A_N3Xk9(}eKg$W8yP+{`!8ahnl_z3ioAbE#%v72aQ4rD%U>6IHX|y$4es3y
zoLJ1kc8oYNoF(0fH8|n1+~ryWk@9qQ;KJ!I*Lyv6NCpSBapnVdNIqL$Ra)E|O_2&x
z@Yq?HB9*W8rgEzu<N8vr>U#G85#7bABkoea-v_=A<$4O`g4KH35kMw$CW|oK!ffLT
zy7wA<d+~iWzPL(}6aY5Qk_y2Ryj#B2q2&RK+G_3%C{5PgUGrXt1p6fbYvO3OPR$Ri
zYFO4SY{HPq^<ImZxcJaU3I-38-X9<cC%4*(`dbiS%<nqmefEvxLpXiD<;L;lHqJld
zVbp25a3UR#qw3iG7?d^KyX<yS6}y!qYj9GP^P@!ctm+bW(uonLCXe7^MM?VRBF;ns
zC+7tl@a5m!E|lGW?`Cc{Jw@Feo!UJ!w}*ZlW!KFG0RB(_g#dtd;>60p!+Qq_7AKv!
z5gQ;lQtRDIK45N0_X6D2?WNJp$?e$uorbkINY@N%cxFZz3y*RbgL#B-nUP6aBbgY;
zza5)r=JBU%IsXh%7&`zXxN#2#$kOvHR5T<Jgs_Cskeh-KmNgo3M-ak7o00d}frI|y
z$vmY7WA`2RA*0@j`0-_wj|F^}GTN^)ihUeD6@8Q=dm%RV#AtrV9YXC5@h(s0Nq1<|
zib88}vbYL;U4B2dn7+ZLE92Wyu7<*rEJc4HUc`~5Q_%b1U$M3ezr(d%eBEGBKR5(C
zBZu3tZ(FR*;QISpkxAI!#4Z9aaraj~=wKttoM$NFB>!m?dHx4Feu$4>BIGxM(FyVC
z!4oG{c|V#=4hi%4U%>ytUEVuD5kRZ)7BGt@ORUCQ)rGTG52y<_XWm8^QV${3F#a#Y
z|B+qZLy{VoeNAc@V>79j1*u2E)J3E!rTCNPPiB|*$ASPSQ4E3-_UH_T62^)q110D;
zKL@2AChg@<AAc6_^4=y$N;nSWW5G&}j|F$Vd@PG2So)bZ%b%n8GqB71bH#$^ID9NP
z&*x*opx?(b5W%v9X_xYcY%S$?dGAszI7sJXfe}C-3)t*q0iS~su_{V~{2_Zw!@Imc
zRV=6i9}DWh#{zcySitW93#+6w!XIIC33l%l3#!7$g1YdrfagAzQUuE=5gg5*WB7Bd
zFCnGT5X;damSaLJ$40Om$FyVoS<av1eMu=D7h=Kch@Y3`A(rDKSUjdZfj{H?Df{A5
z!UWYX(Fq}z@eoTnf@OkfSMX;ge^v$ZG7(}~5n@>xVp$czvYKhv@TbC`wSl~>4za8W
zv0y#J=kD4FmJ^xwB>tStpHl*PIWfd?Qi$c`5X&hMEbEx|RQ{aCpVI?*Sr=kCHN<jS
zh~@MMmNS_4O#Yn3pY?&foDpI<GsJRMh-G~Q%Lb-Bn?KLt&pCm-YzVQO9b$P-h~=CJ
zmUEf*JpP=|p9=zcIXA>|UWn!V5X%J-EEh8EbNO=-e=ZK><-!olb3-hcRQq*waRkfr
znD+Vnxr9HL2J-T}5X<vJESH2>E{$NhjA<|D&lUW6K_D-eg;*{Rv0M>ic|iorl}vjT
zf3D`wHG#Zb8DhCA#Bz0r<(deVD$}yVC{6NbV<0a$R^YcIOrQPMI2mHu7{T&FrrpG!
zYxy%3$jb{uEVxSPW4SiOG8Mrx&9pQ8+036UfxJwISY|>jn?o#HB3QOE?REUw#-Hm0
zdD$9bxh}-AEyQwt1j`Lfdn13g^XEl@yxb6CxiQ4DJ;d^&2$mN!?MwJ`6MyP~yu3KX
z@{$k>)@6OEt4FZh%(O4%&n$m-1oDFQFTajn8e*9ZvFwOo*~zrG@aI<k+!n~o&JfEj
zA(mT1EVo6lyo_mY=g%GdX$11}vJlJdA(lHrER6`3JDIl0pE>^A70An-A(m!{WiG^W
zSBOQ9L?HR-%Q3Fvm-|Ni{tmxp^dgZ0q!Km2D+vPBlFVSws_pktj0O3Jk*o~+n&dV-
zLsj)sp5etri-W=@>ki&hkMXnn#dPa_d~&-q4-j8^^YAjU@fP4^V&ffzmuY8Y^kR8`
ziN4z48EVBd+=^#eE1r=64~J4Mc#5rfFz{;05XN9FIl^$v&k~1qEvPW)YAGAWU#+<M
z+HfrnaB+ayimSg3SGEn;QEj*e0$d!>wBlOQhHGgXF4jqe>lmT=W#ka66&GuWm2YYY
zBeK>qvR<ONSTS0K9Q3u~Vl72+v6>>nfFW8du2O)D!_Zb-qiwj3Zo_p<8?IvmTpSp;
z;ySJk*H{~_<!!i*4{&veSIKL`bwV4i@ituL09U7cO|;=!(S~bf8?IFWu1@({-G*yT
z8?H(luC)QKPWd{q4cAF+xK3`vbxMG%Q@+-<;X1Vq*J*9IP7iQ(%GVifxXx_Dbygd$
z^#QI<`P$Hi>+CjM&uPPTPJpXZzRqpKbzU2;^V@J;5a8;RuM697J+}?lMQyk)4sdnK
z*YnzNJ--dtC2hDa4RCeJ*JW+EE^otiMH{Xc1h_io>&iA<SGD1~x((Mg0j^H@s<z>(
zwc+B@UQ~Z=3~+VI*9+TlZEC}HZ5yts09U7cO}F8iX~VU-4cC?cSEqb!ZNqh48?J3_
zxULUyb;{QbZMbf1!?nE)*NXyNo$~eKHe4@h!*x>|u6ls0Q@(C)!}ZcOT(fPsb_BRO
z<!fgfu3Or0-P(rhwg6YBe7&p<*X?b%?r6i+2yk`E*PU&+nr*n|+Hl<!;1c<g0hW#p
zO+U*8$x|>u)3KKh7fqLoAPnXrfii|PZ2^H8+C>6oU}-vb1ahFqP^_aSV&7YA#)^i@
zJiNQixN$}Yj#2u-AabTDqev4b<bx6Aj1DPHm{1RgmorT>zLY_!j36}MnnCX`*ug6Y
z6hZ0ET|q{Krf>?w@E{A+04DAnpyE|*26`8uLe=}LD0aoBsTu73Su~Ub-qOpu(!RYb
z?K`^CZX71<cXrU;*_HM!U1{IimG*6iN&8PaXy4qG_Dj3cp6yC|$6?ZbxP$hKyV8D1
zSK2pqrCmQv+HdcmeM48;H+H4Hy({e(9VYDuJ7{n1O8dI5w6}Goef?q5{-X}s(_LxL
zbfvwyEA1_ZNxQRszpyLqO<ieU+m-gzVbbnw->@3)E4hen!PbMX-XgkXvMcS4he^A$
zeP7v?_ElYJU)`1VHHS&NvwdIImG<RbX<yNm_6rV^c4zy3URT=B?@IfUuCy;bOxm68
z`@*iYpWBu8MO|rMe3-O5+xNL$X`k1X_W50DUvQYTJKOh$uC&kYO8YroX`geLv^(4P
z8C_|g*_HNLU1_gBOxm68dtF!Br*@@%T36bqA13Y2_I+Yk+9!3TeR5aYryM5j&i1{!
zEA2I1X;-?^UVE6dJKOg}SK2GO(q7q>_Nv3A-PyjquC!0+N_)I3?ebyL?rh)3b)`Ml
zmG<(kw2wbb+MVrtv@7kSyV5?UEA3+slXhqOUe=ZNNLSj$uCz;sNxQRs7rN3O>`Hs6
zEA8RKq}|!Rmvp7Qv@7jgSK9f*q}|!R`@7Q4cBOq(SK0%INxQRs_jIM*+m&`-SK5mY
zlXge@rufLbQRl&CdY9@-I^C6Y<}gWjG;c~z2WbkAnFoghMYe~IIVhXM;Y>lLY0Emh
z77l_Ft^<TaR7g&A4Im_r1`(bA3rU$UqfJET{zc2%i&+5H0OIm8D^~&3ZqACMXD2?t
z=w_?F58<;9{$p?}6wj2WgY*6SIp>bvD6RiBqBl8d#+krvKrlWu_a^%EoY?gwfIlr2
z&*2ODj&tOarseLaLc)uq4U+bsx2eAyRQ=~|>hFQa5M{Y&L*sUw5wmgRE1ke8!MF=M
za_~(hwKD9uGc|+PWfG}rQ)ROI;ihKrgstUn%f?Oh;)T9#TK#(7Djuu)xVPakoEbdZ
z?zq!4J&7dHA-UAQ(-(KAaJ<<{>H<eLK4s9^$tiOv2y~^2bh!ezx@HU+=Kpd-BW`a)
z{%vO(R%(G$vByCY6tOzQ$_Lq$n*@GhbCaa1D1##K${4~a!hRX91%BH911h|&MPA@$
z890Pe2p*J)>=B-%V8O|PDQHsyS-06n+aM&En!(jIoH=$BKP|{*kvZXlssF8@g%=^S
z_O>+1WfIO5PECRkGlaV71u8m`bKIMo0%n|&G|WMbWfNvIJvEI&h`8h0IcZ~Si(cV|
zW=>>!JLusgzn0C}ma!A49gvBqShYA_u9R(edH~G=r0`NB@{C76alBgTrnU{B=A_LF
zrRf2h6v?7?r5z$wa*EzaIpeV#K{q9~%E8ja6tX^@0RdE$JJl;p6xz%(Y7%GS0@_nP
zZKWt>6zWsR29C&qS3(y>oyKzkAj{(Wb@`%z?sOcc6j7NO8+A#6?29K^c{mfNWriax
zG}w$<BQbpW<SD6VUD70xsC4>apv;Wuc~RD@l$SDuN|?$dKo%77JS#ZGEXKDD;JiO+
zQZNkP71`7PEI*>oA)G=|iz!97VfqExq1!YYsn?qgJ@9lIH~XffO`|>aCLn}yG!I`y
zZAfPp%Yw`*$bdA;$?PZy0yW?wHtHbhHx(m|EI7`0Fd?#QYM1SiZ{$f?rOi{TK#XU4
z##|IOiNca~eZbEzq-;!GsAL}NMZt*??UljPIK_`27svLQ0UX~4aVa+oV2JzeS?f3v
zoAJwzHiVK>74)#^abBW8MWTL%-`X(1Z#$a^icaE`#sL?nHA9-rjKvC1p@oD^R?h2A
zf!@FJ&d4^F6*QqArd7wG$@|42V#t?p9>zVDB+Dh`VJn7M84ZY*B?MF3aHZ8~E0rU^
zY|szXrxc=uGY#35YLzxaLU2Ggz)~LCD<qcf6}&YK7OZFar-Sw)v?!F?UdUg+z3f2Q
zL_eUhKo|MUWNQJ|IF%*pEvPmq0xhRwLxDt<gjS#shS)$wh=!1=%qDS4M@7zvF*C&S
zCgg5C`=*2)pPEL)vE$QIIKym8(ih*>gWByyFTwOl+RwA_4xdp0kafzL<j8Ooaz!sh
zhcs|?k?E#<>DBYsuR@t`0ZomAs~$X?YmTH2iU)^MiN%=#`xS*d;|y+QADNd3s)AA@
z>XEXAl<A!r)*xYhsG^B=Wb;fZr=eOCY*S&L2t)V-$di&b%>c=eN8%ecfu^8B4msv`
zM1qiKhULYBJfj@QyteujN@CdO3`zvkjerlNsXgN{rT%#twXlvp1%A!450N{8uzY?i
zhBY0}X+*4Q;ATMcVPpU{Nz`)igHg{zQP10>o_D~5!`hpz1{1iBJ2Y8JZ!#7w_FE06
z6ew=>Md3su@Iot`_yj%}h0}-&ZiQ6dhymIYytKhGUV$?5Pl@2p#sQSkzq9cyZw#`S
zu-YNV=IieR|CYmQhx$H1AC2;}e%T+g-;etz{L?U>0N7M!?vI&EEwa69=3Z!00img}
zyab^I2nfx9MJ0$s8-Y=`vz!D%M?lvXH{)J~-@Y@8{C*e@4f4Ig;PFAeUI^QwgauC(
z^4&r_Vn|r<uwfN17UIc6!h&ZItHz9bc`J?3AD@DOL>S$L3Ua)ELa8&*YB;o>ug>6M
zL7aH!@pUn(S*(19CYX+ejb1cyi4jTVM>dZu6k*NBoR=?D{tz8qPM@=b3)WN3V|f0P
zcZ22;yrJM(ykYZD-m>87yb(U8hYDeRTnFA$@0eOh2lW!vhtJeVefZ3e)Q4Y1E%ia^
z)%rkP#Dlu%`CqDwQb``XFqM(SD53{faPZES_kL6cEEF47XTWfpDQ>HbWU2>7?WHmz
zsr<<Q%aw7HUi)}AE>(;jcy(~UgKc8`G`(4kt7d;m@6hZ|<%$*R&yqVdE%w^`ztBY|
zK@a^ElHyV_F|?U&|2UW<ZNCOt;GflCEY8XP89|-zUq6c)AeF#w`zMLm(wj7&p!*BF
zDaEI$o9|+7%&XVUKNF9>dENYT@t7B{n|}eHjPo!riG7b_kGLQ}o5hAVQOQdu<#UsA
z%Y??ihoClzzUn5cGw$$Kt3mwL8Q5=j7)AnB+~AyX7)AmJ%ZM$~(&*avh;`~?f!Mq#
zLZ@jfxbbp`JdBQ>^4)*Ni!0@G4^5+n$<(3pR!eLC@!nz{)`)*iKJG+55@@rf%cNJC
z|0k4Tjz4&si??#--`5U!e>>m<0N~Q~$~i`LoKkkve!&1|3Qop%oME^a(QyVh?U&12
zhDzm8)QKJYd*p+E*6`gQ0@>z2Bd!ruySTCWL3*tQKk$7>ef((b4-<gvAB5l{o&rAt
zk1b7M<x%)rFn)IozHxjj<qLt05v&F&?Rfi%5Tr-p8gGR^atQc41NiJT8i_7lu+RHB
z%J6;2R{WNC!5+cHP<$u9WA(p-*$8=6C|&=1I5Xvy#*%P<w2xnsDd%S0FLr5lOL~^{
zIuqBxoP}~><>>4d#8Z#HI`&@p_0=)89U$BgR^XL4JhzPTEhYwdC-{qKKlhtXBn}%H
zl_%VZvtSVc_qCVJeiT?r{pKCBlUpzr1lbtO@hXb3yjxUPuVp7w-a)p@S?Gt4f|2nF
z*NS_e1}Fhn!ut#Zb-m^fz$2Km<b83ivY;@mKPCOk*1{Zp%+Rmi@rB_}4dcxzTuPLx
zb8UCe{TR=&8r?lJc<4fmof1do%YN<B=iIM8+$Yj1Cy+)0`4!W>I&S71jDN^iVdd~_
z=1YriE@*B}fU||Q6q+22$pSN-dDxLPPDr5y?lB>IW=sICBx!*0qZE>K&;8?@XHNwI
zBi@rj(t`n^^mtKWhHtx&H`*oR_?#`Fir430Kij(>0w|_bd^idK_=n%*!_hi%fr^d9
z8Qg-!n5x#AQ^ajzMOFDK<X&2l{CZzNZ7m0@Q5r(s!7Y0*L~yI#mk?mAc`*x>ub3RN
z4g36yvUv}NeV3weX4n_hcr<&^HAW7ig|QkGqY2zXW4naqlLyh}XmrSUAA(nt>9{Nr
z`y=p&y38(CEpWit9<X89M~t}LB!k24Q*GWNjP<rg;G0P8AiRsz4jSzQd7YruogiL_
z<#_2OCcijR#TxSsCt&G;`LzOjYsIaBv(z7P7b5P_h}(;}S4Z6I;KpkJHZ5tw9w4rt
z^VOO7j6bejiu}BZc04d4cNl9cUQL!*$nenY0;&=Dc4AMbI`4y`07H1^AiNXG{uFmY
zYZ*7U`kS~zZf=8WpS}OcZBYLX4%7hWpSVkk+licE!i6h{oUy_+qEk@bC6#N6M{a|H
zDJ3Ygw~;^KO6kaL&_Gy9$4B^b<Thx?ms28qIdU5`<jVySz8tv?8uI0u2w#re1`YXg
zeS|MZZi9w=xh=w%|7UK4axUk@qW3{%HHIBC)@jU&imrpp>3s?100*JGCLn$eeK7Oj
z);{kZ(u<{edU^Gbv5l9v4LK$<US2jNr6c!2VU?qWQ83Wa!YSD5@LAP)-{r`CP#W%N
z<=2t>pe^kXRy<ne>&Si3);q#S?t{|wM{658av!v{4IQ};N_!!GKXl|iC`K-@7}Ba&
z|Bv4XZM(YZad%3`UTQYPG-<5+VlWp8d^wg0{k$U(_dz3p^BO1vIRtW`$55;rcHRdy
zw>M=ZXiic@=?8;Ib9%{y3He||X^vf(Frgj}FU|QCZHvlnEtE>)k^7+B|Keb~bmTs$
zOg0QRj@$>8xt8I^k^7)B)im5Vav${B@40v0CpmH-G^$&U+y{;7mLvB;qq^nDeb8su
zEuHtpj@$>0>Xsw-L8H3m$bHbLZaH!v^x1XG|Fic&Wy2<NjnmBLx!IyaUcL4itO3Xt
zj@hCy_d#|3FMBx>pchM9=KkAoPWuNq7ir0XOufPIU6P3Szt`sfew+UX^vlCg1woM3
zPewmH<hTx}=3;XnL%duz9(jef*U6>!yE!Z6{SfEZ^pe2-B>g`M{gN)<mM)KU`L=ZQ
zN77jh76gYY^Sj*qE*vLI=6CT389z8ShC3E4ST>%_?ZQ8VyEzGW@X>G<6i3VRyO0Fo
zK-8L^1xI*p7m^UarY9Pv_fK*PC)YoX=W*q{pdEVwn8Cl`j>%hbf~(_>3C?Ri1^m(b
zw#}aqU^V!`%hVg2KMwugx4<!+2KzZrgXwurpN=NLfxpz3g9CqfXrSfBExeKIwj}Id
zxAnda#Qt?#?>q3|l?<3@W+o>1YAYQ|9c3C=os7K%M|pn;nHo}Q&`(A`Jyyw6Df=Pw
z-e3vxt1`2vGHd31EMY@9C|M6+xq&{u#e7b-uQ)ld*vaA&N_MgLOXOw0s~$81@!}?l
zpsZ#4YPkN`w+rFByzerm|3I_GsQe{gX}%%bKWgD`5_f4G?<qv%t-8@g_`~xc;>QyP
zyk$}<Y{l(5Uh2ag539l4<7u18EKh^A!SYp{e@fvtL@B=&Vql(lE-k6t3kkuU)BG;n
zAt~${NG1n&;qsUqeO8|Q2v~Ci*>%U*I4+qT8|WPy=ouTx4B#>pOEoyfm!HoAdt-bH
z8D}bE??d~&5dYWx7tT>z4I;>93zI7Qrp2WrEe^Lzy&t2PGrJ)Fer%q(Wm_=uGi~vI
z(jH$9Z6giahiRQXZE1emk!BGxh%{_7CQWZ!nxAQ!bw$K9QChQ}(yR}pyJj@yNk#`U
zCbTt6DNnLA(9@N8$`j%Py<O=hTj=Jqtqe*&E8S!Z-CVY{&`F<eSQ*i(GbL%|f~&b{
zW8SZ+R8y|joV%LyHcW?6-6mhH9Co#&ZP*S&5KP`$IpZp4+OQcB@n1ey)q3z(qFUwL
z!wlL2@2}!8gD3=Tsp$Cl%#cwM3d6uF0~nUcsW=pdE|oXh*h7XuSW)OL^45{N?qRez
zJVN?&B*0Bk*ZTz>xI~Vt?+|U#32~ee9*FO%&h#YnTa%^I=4ssb*qkbrwoYdgg{(8#
z5fPUbeT*rC5!ZFQU`#uCocskw9I4;zJ_|;?K31sWT{5@SzyA4nN1E0Mm^s+9z}mm}
zE0!1c>j;813*AT%pkV{7S?C6W0C8WBF=5TZY#b1(XOo@S=C1q(p$>k7QU||5sFU9y
z)LT0K*%*!s#%-L$RWGo-H<{lImXp&h?9))x!&cP8X5QRxXE<&bcg2`-@|(f(LtsQb
zY(+h6o<0=AjU|sL!viZGQHBQ=JfaK_t#=rP^S!N)KsWLZvt^4G0GFi=gR|25z)fj4
zy*Rc5s|x685_lp9_omU)xVVlO^dopVP5O~PH2uhJs7IIm$o0~XaO9+o+-Yfnan(K8
zW(xZYw=IV14;%;zyN6_36jcg{67~kEwkX=tacO<sXOS&c5v_SKdeC$Rt+_Co&2$B=
z<c*#(9YHHyqjgL-&`QsAoJud>O3zVE+LfN8dQs`+TIo5e<#2l<<ajr}C%WkTZgru2
zYRy}si<XZoY*$MyDdARTCAui}xWbq?tUsmPTDn9R9UfQMF4Sx`$@@K4Y&B$%?|Q{~
ziKqwq^?Oh-dTnT^@;%3%N#i}Z04}e-5ia-BE;VUwjL&rb04=%M8J!1wYK5IECq|zS
z`I*r$H0P~O-oPJ36kdAAvuH^S*k_<EH_s%Cn{j7+{31KQ1uxtxg1=(K@muY}7P}Ay
znFv;Ca%LPa2ix8ckZ-1i^ZRrLAlz@03($yGG}#<qi3iUjZa@1nc6WH6Nd9zOkSiDj
zleCV_VOzcsU;+#^L7<Gw3L)M|2uEKC@u@IG?u>NMiAD)XY3?KFcx$g~4h$W?WI|`Q
zApP`?zkxBKu>(g1@11czh#AW*e<SzO?bsfa_|<Ypk8cKJzVb*g0f_I^XN2poz$HDs
znxC2dWe}`y{>tmUFsM*}IU+TG0qj<TzZ1C2!S6jc<}0|iq|VV8#@Lu-T>N-2@o?oL
zVDpzuXf@;`k?XNhb4SjJoeyDp4aXO`=Fb^Vr^&cswW#?s_;I5PFLlx7;MTU>r<53#
zZ$h+R2CNLS8j@7puCjKaYP-0qvuUAf{EEFL3M?HkwMh|0Wzy{HgeCXM?K>%KWgeGT
z@92_;l%I!q3OwqX2R{m@KFoyicM@Fal8J15pImvBT&!<!K$2_z6j+R`KaG0-5qOGQ
z#NnK@FW#3(gmcnddflfHtxN8$22uG%=wzRt$B^?Tj``$$mcy)s#);rFJde`wW3dhm
ziY{eN?n73I$VY!rN(@UQeTk~PZ0zD`V-b+V`sH8=E`S|M=01#qe--wH{x=Jc8D>Y}
zyD-F$_3VXryBFSeW)7mg-=*!{iG2ZW>BmRf(r?+8as!EV^WB?9Hem#`3adbeQZGRy
z7)%lw@BxQc*I8$uZ@EI-_s&TBhQ&E_N?ev&fSMieD;0F!kcb_Jy1$=yjf3ae--a08
z1-M<S%RtC(<Q?wsw+3={$G6+#xQHuno9pw~>cI_pzSEg5Em6N?UdWcWww>H=h30nG
zumVC@!5KEN;Q%)1;4NVdhQp6J<lw1b16>?IOBrXGfi4SyJ<f;$j)cHor)Yr15ZH(N
z_&(MYz*w478q3V1-v_NBDN*wo<d$}3SiEMeH{w}Dk1WALwOa6i<@aej`wi?z*u;{T
z^lkPd23U(cD;C<1AQe_#FM@s}`w^rP*pFCB#HdcrOPA0MN#^~9t@!dzb#5#pm!w&A
zyznY#(!@>ypEY%cDo;oRTqGkq986Ui(H)$^i_Wf^i+~m*cY?4|W{U)i?uBWb520M~
z80}vDwe&$kqQ&+^c_pnnz|6#qi^)3)C3hQB6R<Ba!>K<h5SY<7iAO7+corKIho)63
z^^{lAyhIybwJXt<0~nOZ*Lsq<RiErm%Qq=vH<QTSIMxLDt-tvw*4I}|W8+nJ2^PNF
zu`BUi13tuW`6Jp%7>MuWxBe=OsCGUASGw%R)uHKd|9d|WV$k&#4!U|k0o@co^@m*m
z(gfJe6h7dy6<Y@UShs{dD#^_KNQ<tA!4nQ@q_A<Ea@G;=Es=PZGp;eOwMQ_3I}b$(
zOjKq_2St)EUY8TZT#86|C129K(TJQ~13mN;_CXEibfj9`csB=g$P-b(azO$^00xzM
ztEK*pum$9l*Jbfkdu`1SuvTG8uU2zl{vlPPQ>+%0F_IyOZ^+k@0-_V<-|%?t2N6(6
zP1f)<^m=EE>9AO{vAQsjgzcI+2b8i&)!IW_7lt+)NNMrZ!ZgMUeB3#k+~=?F0N2{T
zB^JDqU3(ofK6Zh7aOU6@gyn1c3oOf!7F=OD^0ne7tcRf2z}4lI6(?ts2~8|nm!`HH
zoC1OXK93qR@acnBlnYKShjELailG4Ku^c8fij^ytJW;E^6;;Ohof~@xc>Gi0G3y*$
zldyCiEi>e7Pu|(_W=KqLYA%jg^$);3m!Rt#=o2OqDVWMwqmq@Xe+z*y?i24874wEo
z6p1f_{vFwP{VBvv8%}_Y%T{J)pA5oV_@r$A)X<hW7jzj^s2PJ?LtDT_RzOZF#L4^c
zppF1Cl?2v8O27peAWD|6(*)UMX9~b1$v_I09`m&Y*p<{QOpIp}D~7?-Hh6~7Ab^?K
zW4;=cFj)YZY?5LHAz1Z#NEs@K(pM{}FmvT6UCzPaU>a|Zrzf#C2FqCcvT3YTrnBiR
zOpH{%X1V!VlQN%mRR`OFjo4EEcJIgF;yf#6nQ^mf@bI+A+=06TV@4F<0K7K<lcBJ2
zWbc?eI_50#j$;d?+BeRXaE>LsF>RRC#}`Ac_~+Z2X)Xo^E79!ZCtm+BDpzPXdjW{o
zKL&pvwya>1FxQ7kO#M*+Fjrw{uKrPYmQyVd2^Ar~st7LwBW2WqLeo~pnV|V{jJ1va
zTdMjGrYh>Mq<-s1LhOa@_^M+(ip$r6b~8%~z(HJN_^PfGdPdhV#>8U0ab3{t-E-q)
z4N9+j8l(3ljp)6WR8Vjdq6%&zP;e`JJ~}ZEZSQAjdkM=s0nn$d+3hUxYrzqPK<5Ve
zsH*N$?Ukq{M0K$pBx?Cu9<v-_Cx(gq(m05IC7RVBZvxPlz#zO^pMz{c7JYEdTZK$O
zqiVw5@-io7G)WQ*(h99DK!M4G5h>R`?&cgAh>21PG7!ZaL=g%!tdoaT9Upl%PNe>h
ztRHtR%+auFoE$Kz!s6KDE#TSDMPD&6&{sxmSS7-zjFWS<cr_#!CcqnVGhcl=4tuvg
zF@*U}yi#k*!_1;jNtW}l25K^!f?i-|jWseqE;5Uqa+5HMOn8bFL`6A}Dv!EZpQ~8r
z^#g>hS@3lLK%`&$c`%8J;b@JKO)ms_&8DjhEA2c~tkDrZlC_^k%7H{!$bn3G*v)1Z
za!+H5fv~3+O-;nJ8T2k0P|9R8r1ZE1<!evFns8zv|Ma5V(~D>gRW07Za4f8PP8<dE
zML%1FvB|xGZbMr1B*JW(O-*E7C^5ros44a>pGCVtQ-kdtm0hbr4H4=GY&%m$!EToc
zp{9V9sZ`Qi3EnG^RZNAUzGM!zmm+@GC=duD`8Mh2KtvSAcka1yW93~E(idNK(Qktp
zVkCHU7~zZ`Gq(hV$t{d8SBJF^WlqG(DDzF|lxN@0raWq)f6L$f=j{A*&P1;>`*ncp
zYtU<!7v=ZO6UF!|tfkE%I0AK=6VGa}pgG70`+rRYD=z8BKk)104HGrggC>C1B`s=Q
zepTx}#f)>Vhw|vU-!D*yM&}-_Iv3hQb?#Cmb9Dsz%0(Q39%b||1L8XcrpSFY?9|ty
zHk$>6W9*sd$50O%Z*v);4e}(n1{PkJ=@kQ3gE%pQNdLP(sFZ%eiVX+4TuNbdIZ>~m
zUM{6;x|ZD*&**Q7mylSr#MKbLYVGx?0``On?+m(Fzo^RCDC!qF`&7Wz^v|A#?96Uu
zp1u#J-C+vDO!!jIvQCUTx%|F7*3cbYB-F(}NEP+>+HaOm*77-Z?DnLcTw!0n2je+x
z3bEAnZ$o8cgp*vD__oYq{B+;(dw|@&)}BGL5mBDVH}gM(?=8rG4pyvk3x%2KG|WEP
z`D!f#ddFDFh2GRye#<m|3-UXJUniBH%GahbrK$EL-O3jn3*8RWEKFnYhS>N;Z2TfN
zmiQ5QoA#Mb?4zLfOVQWl0&4GOa!SU3zFe3gr>W;5t$5)b2B9io<VhJCkdgo(TLm}}
zksDE4SpRp*P!trO9&nBV<eiCHf_|Y}aLVwyJjR0|*c*m6(Xd)|A+>FaDlj#Lv82Cj
zqJfo9B~}07L1)89mg`qiE@ED~QU&HL5g2Jqk*?`b*<}&D(~x8pIs#@oQ?}4CH-uAm
zzPzY#u*c1zMv_uISd{lRAT|fr(BJqirJs&Rl=G7TYeR+Ye9dP!bYV7b6gDh2qx`vS
z!dKV{Emu7D9F*(7QLd%f?}0?Dh*KiaB{;dK<5Lq>GVR*vBgCg`W6Jqyom@k+to?+`
zR=0F~vsHgv3VPe#aaIO){HicLR-eSr_$%j*Mp>=;kI`I~Ti!TyWPfaKgfP2qqoy@4
zcI-Ulg@4ibbEAl7TM}=sM0Z@=0iI%rM{#PnkMm^Udo$!;)7BFpmv&Y-JFr)dw(Do6
z1Bv5jj5_gk*qz{?w;WlYXU5gVRO({J)Wz(2$1olXJ-Zs!G55V;z|KQW&VDi*yLoQS
z671)GpRn@@`w3yo3Hw0+OCJT;7-2sQU`4{#68572Rw3*}!hRgU&L`|l!hRCKCJ8%<
zu%8C7n+Q9Zu%896R}gkQVLuOGdk8y=uwMkQhY34{uwMqSe<W-jVZRDs2MIfxu>THV
zPZD+vVNVCJUl3L%?3n=8HvrfKVOXdzygG)kB4LXH*vW*I2(tp%MTB{T*#YcY!d4I#
z4`8!|tt2cFz+Oq%D#DxqwwJKggt-CiorH}NmJDDYAnXLfQUUBS!o~?p2e5Avb}C_+
z0QNLtrxDf@z>Zo1*y)7z1~7=q&2wiE))&Cer<lDY2iW2OHc1$H;9Wp5+eR;opx#+}
znJe|q(M#g$eGR>&q24|8lI`k!fL?M)z3-%#g;ww1(#x``_n+xy5!8E-UP`BWAE%c>
zsNQeVOIcIzPw1tXsn_}scqw7x)js|hw9BWVzqIX3dzMDN^R;mdPn-!CN@yHPXbBVo
z*Rn?Z_-wM)A)-#si9(2AyAIgK&lhE65@FD{XndupsvZAig97opvE`Vr@XspV4XrUe
zmMcmxG<M(>{`~uavAhp^e+Vo1uxtD+*$2i3ec194Hsr&u2w}rM?A{RHG9Pw(7;nUf
zy)KB?Jdtb|GI<@1A@?S~PXuws@=^G=L%41woA_@H;e*lmj|TAONu;F<<F<Dxgi?4G
zk8$%~=H_;zj3`b1SaxHAZvMc%f^Po6y^?PJz`Y6|?<vewnsfoM8Xs&rkoQfxu?Y;L
zqI5YL=<JpF56F_UhM*Js5|XY#q$YphuF%aNxYy#NH0Uz*9K)u&<oQTFzZ5ND>_FFg
zwnY+F_S>WLkgSzS_`$ceI3a}t)2wDJpY@?tn{6hEy=H|aCq}gDOZ{5yr9Q242@0#X
zd>o8)YRsaEnAV7;4Ph*`?J7cGi71K8wu(UIaTSK#UQFy&iVp4z@@Xwm0kcFZC3#b%
zVQ6+9`KK;Q#O{!mAB&X-xP+Fk_FD^H4Pu_i*ZT1y1jT70p2)5K_e5^ZmF3ll<Xwqi
zOnoTjh>n?&$e;MPS49}Hmdj9JFs{`f>53nC|4U>uA@3GVV9cW_6SY$Bs(!2z5Y41y
zJ&hAQ;#D7J5;?QJlo0-6b&2^XZlC0IqtsLL&W3#gvo7YuzJ_u>1DzYzMLKlCK6p9j
zBvsWs;Q9`kOZbefd<CZ;&gZ(&TC5B0#b}rer)vR^Y!oL`)p!-lF8eTQ-J1#_`}}dR
zR$}FYGV3o^-i>2Q(_kbHfzIHAHQ(|E?hTX;UT1GMVb*i7APdg|o=4$lhRgH5S$c!?
zU;L>+vGR9@pBt#t<J|MNL>WLpSeM=lKupC#^w2#w^2}5Tk*JGYsawopq;4~qrbsnn
z@cDSiEZoOPl#j){#IVa`II$O?y+!Y@F-Y~Z6Y%a+I5El6vV^DLAS`Ba%072*)(O_w
z=#iBxY*O&_sVUuO{L&UHAHr$?HL8k)KCF-|Pvo#@wG7X%7^KO)*%X$ibpm1*tcsPd
zgbQLsQTbRZ#fcSLbj?OmI&>w{yP6dv09jw)dlb~0|Non0Zo4Y!oa$$-5m~KL#^WA@
zRDjOlxYEqr@XHE7m7=Zcnzra~Nsl^Xjbbia6|9bpCLrox60Ke0*Su6Jwsj>;TS?wD
zRMi1%fnWAY)8%nU!=UZ%Me*75IYXQF(zmdnO97@v9+!@&SUJe_`d-Hyu@`UF?R%E?
zf>T#JBWrP3imWd6uT7LPz2!J%9|V>r-BeYBHVO6?<X=OK9)go@E7flqst+nZ?AQk6
z`*Ezb=Q5yoVjOe&wF%drIhcX!M$ptjJHPp0|040MP1~a*XcIF4#PeGY_FD$qqg)3}
z#C9UVBD5D3YV5%Dl&{6?v*_Iic^=7>PejWf=`EKaWOfp5-fD0Z;=<*<5YjSp5byuw
zYnX<v`Z5+PabgMEAuy4=>QQ8^7b&=}wV>y9ik0sg%_4I6M$nJPjt6}sV}rJ{*WW$E
zU75+aG<nIc&wujWiA^Gn#Wt?}!-r4;a$<w)0E2fP)ZhJh(Z$(w^bfx$f4JX4iVhZY
zwqs9bGQNGLv~KfE^?sYNy!A-n_b-yO_lPdBW2?fv9c|f;cP*QT?M>=uqkcBwWAeyx
zPUSJ?u`}(|;iWBFJ1#*?;;>?iLElC>?VV@a7$8G)%0TQAGcMB=+U6;sI{r$3tk$3x
zgDQ6P5`+wIBgTWa1VJA%MoxWZi2(zrbpST`1NW(P^GEogZv$%kV^TCP#*_9(hqOOQ
zX=qCe6e9H(v(!1oYYASqK!X}(bYp*tGV%;7IyD??N%z}1Y#|fd#QEh7npZ;*_X4Vd
zDTzLi2F0-zr%{L2<`AcYVma<4Du17FYNcOIIn@jf7$RX+^5hJ`QoLJvifj0hGIb*X
z9A5-><~h-lcPmEy(UiWMp@W;#IvDb<N2#$QmJ^3&amDws6ZR5vqka=><6aA@k*R#{
zX!bQXs1>$89Q)ZIdbk8SamaxV{n>H#Ie45%>i7XUr#Mu3N@OM;`yt};kH=j^22Ljt
z-*ZOPb7s_Y7Cqih<gK|r3g1A_j@ycWpA&_jM~^Cv=J^uPfA_m7a~DKC7e<pjH|n`4
z>bW@Tc^*AF^O)^<6zko;L*nNW+F%y)IG#k`j@M#ivHo^$KX|`Go<g4DvF~c}|L-Wj
zty7u9E4vl@`2SsHe>E$0X!c%?+51YPTE9F;rMgHY(`uXzQ4n23hv*_YtOkQIS;Q?x
zaeBWCY{s4Q=IO~bC8pJQ4x&;o@vD7oBKF6Imok1|@a{kYjH~)BGe2O;i7lKTls9n@
zMQTv3N>oQvhoT$gjoADooOEbLe8^3jpCHESH+0R4nMy$R^^BR0XP_c3v>I%qqA6{R
zD5Bn?E4nibFZFjo3WSJqDOUbU6Dx0=*y*MY(C4DeZ2jnX7i>Jg!HIwwUp#3S?Odr~
z_P7}-hhy|b@!R8jOk1{hYzbPiv~C_>#;)QcXx7X9x~QAFz`Tsw#rr+hUW2-&gpn3O
zxqJ1SzZWO^2`KoELElm830#Zsow?!7CV}F~l@^<f607aK5)>$JZtO{nof7PWQEgP1
zxzebKDT=j0J(jDFVYytxtp=5uLckx4WU0@PT}E^;d}1(1`^qPrqx&+aDvadaDdnP?
z1Y3zd=gk3>&#b#296&7M@R|VeIVEhq(Vt3kP)422K^gGML<@Mo3cN~AlE_a}GKaa`
zu}YFt2O_~Xzebh)et!xP2bO>9k~_DEO-bet4#}bRLF*@Rf|Zk`qd=FX@a{rZ{W(#o
zr}7O>gFu;KS+GREpiIWf6lkA6<x$EZ7S5ggl$alpc-BQqLE*C4JmDo*_mF2E3~0>+
z#tuB}Q#!Nq4Nc^8SaF$gkc@Y9d`*$l28o%q)nLczZNNZL`gLjp)ja6eHPGl3tHF*`
zJ=n1HUM?}2UF?O3lt^DiZKiXZ_mB|&I3A$>@wJlHe~>$l2Mi(om@$G8O8o>dN<*G&
zBkE{@5Bl)Iy#ZYEtXU6Wts0H==bq2}3C_Y^m2kEZJGLJAmoXfNCMy(=YmRL}_2}8G
zs#C>ekCfcx!F|c%7XN)Cf}p4$B`!zqG$nM-d901&kp(<|g?9x<W6xk>L$5(MeZ!k|
z)QyuP8!Mk}pGyqclG1YSEpFjsGq~C9+-uq#PDmrk<CtacxDC~#bWcP(cVw)6j*hiu
zjByyl4kubuIrV{wbI=Hmhz+WN(t{v=f*?^QrurOd0YOltI*>~FV-U90EP{h7R*LkZ
zc7kfs2nE)47$G7927?HLMu=2A0;4^eBb}}GnvV3E+GTDw!^^P)&+`|s=P4^H<96&m
zk#LSlH|Uu35(EaGOQW94qMpm6o-3lB7eqZ*Mm<-lr+GEMGKxg6L3*VPvP1(P6B{4v
zJ`sBo`D4FX!i0nAYLsK_OOvFV(@wCo!KtnNw!%v5F_lDz%DANsE0<Xfp(=h81F;=p
zIMjn=wjsq7l-?Vt6fA)_(4cQruM}M)>{SR8&Q<ZFas6}=Fw;cAR)fs&-o*6c%;8e@
z2F-}K04Qb@)H?~;OJ=ojNmh6z+0k_vt3kZJo6Lhek!sGzB?UH%Hj3{d;Buw?oXhs(
z2+xsBQk!Is($LcQxEv*BXa+I=Ki=L1PLiV7AMdT|u0G~$X106oo&{zpXLezC5L^xc
z<x*4>6yMCQusgf!0xQrkv!c@WIO2g9AlHb9tl}+-H!9+VJ`_(_QB?Tx@Zy2;zzg-E
z!teWy$g0Y|TmQ#=K2wz$84(#785xn8l~v8Y2f5rrAUgy=xrIOxtWrKt<<ou%DsnvO
zAZac8U4P$`zQ**Qc4&S!;|Y$;C8?UVM^|+sdppoNyLFr!<(1tiDAJ8azd9BYvficM
z?S0`Z&@pCSX-uk!Y2ANKoykcDJ2Y&9W>sG8<x2DVS0qamj>4=H=D~Sr;iv;HuPc&0
zzx-HIe@|;nem5_-Gvh7JQo3v0!Up4(@w0Ub%mcWt8aMzT%n+_TwmHNc1aQ0>I0WE8
zHE<Zf-fG~;HSSn7Z1fs87r}74Yj=gPheTzOu<NUV6!t0AKnlC68c1OWtAP|YTMdM;
zg>*F#(gw$(p_GYym9&Re<5RWM)j&!+Sq-GLdshP~?NBw4((Y9aq_ml8Af&ZAW@4a9
z+QX{xDeZyPKuSAR4WzXDR0ApPa5a$9_EiHZZAUc_(po(;F<2$-;nnz*_NmoCO1q{S
zNNM-222$FQY9OWUuLe@u&T1f}wR&b^s7l(WSL0LKgQ|g)c5O9~(oR$ZDeY)AkkYQK
z22$FtY9OSwdS+s{O4=i;@hR=W)j&$Se>ITOuC4}B+M1D0X|18I!<o`{SCd0pt7j%g
zs-!)#8lTcWtr|#a52yxG+Wo45l(tX}q_oyhkEHFX#)Pz1&rFPZyC-tX8F$nx@JA2b
z5w9RWggERK<i`>5f}Q+eB3{3fA5k2@{yFjTp8VEg4(Agm@}MvD7zPErJSQ9qU4})W
z)9}D+dCH`aF<c61Wiv)L17wpA*yI8>D+4zD0h_*n&0YbUtg<QelFuOd6aqeD0Uxwb
zT2w$2rAY;}QQA~MBc)M=LBnT&e1^zpzktu`fX_t0XWxL&J^`P-13s$^pK<aTCZ7WW
zKKloJ)&_jm1bn6fJ~+Lq@;t@x@yTa|e4ZBYIXK{RP{8M@0iOc{KGOl8^@h(n@EIkW
zBLg-^1Z<ujusJ+nb6CLU(16V$hRp`Bk#!Nz(U>(=pBp@Olud|}Wert0YWl%oesZzF
zb*m;{d;q@8X{GC5g&Vduo`zWwr)P`*feW6yNU4GZ#lcjY<u;jC*D?J~o3_x=f_U;T
zl%`@LR4I+)Cj57ZaEfNCOvs&cJvVkL+Qm6OlxoJBc?lgqaSuIXtP}!=75>aSe@dRk
zN1(Xy^p2@~xR}*~B;fkEYZ_1G*Zm?`@2oX-<uZjMJEm5JRPksnEQ}-i1MX4UxSW?3
zIrRxO-h0o_CTF>UCz~wZ^dq`n{T0@${3~?I(TNF65oK*PamVMvLp&4t5O`Ar90-AD
zN5H`l_*euS3V|0zz~K=1;RrYq0#^hp!0RVQL*T9mb1Vc7MVN(j2z_USTF8XZ&s)%r
z5PC)kU7`&d_!3u4V;5ttiW6Pqa!QI%2q*6NT8JK;l2Uj_B#1dBrSMG=e9-3er-;vx
z4IhZ`hi&*DBK#2>J`&-N+VC%h_)DB#V+;KK+yb9=7B_M@y%mOzj~+xB49Uw0lXcxV
zY=Y-Wj56@hFy~)_QaHwOO!js265CJM{Mb#Rt)Vt|2h}dI8r1r2Q|l(X)-V&)3Pv9!
zqk{wW6GLU$0a;R56BhJ`w(;U3o-Uu{rE)uWWB>A~JU%M5c`IJb!<QmA<2{%)_#)V)
zqWb6Ncj5pwe${vGl;rplxUd-C?%LC_1`oc@!;@~=<Q$#8MII;@2BtrX=1coe0(P2p
z4(dk~u^;K-EcJD)JKr@molT@?z!}iw@TtS8;Zrxxpfs1<m``n-89ucyK9JlvD9LQR
z!~Ej>;PmYt)IUCsG3S4rjlI=bJPpmnORto-ycua{{A;LM_cyjM9~_?h!oN!J2@-IP
zz5s^&b4#oME>LcoGy6GiiFKh!ZkjVic#u1XvNA77Z)KVnq_;863)0(}<^}1OGR@26
z#`%ZQ`;K5*zu&!DA%ojsfO+*dIrrLJ-oKeL>+2YjJRk8Q!1ce3LZ^6>Tt7v`8}YW`
z`n1D$*S|z)Gu(p_Dk!QidV~OM4+MZ-xQ5>-8iI~w1g#s=BM|#fy5skwWdFStzW>ma
z?@IsGoNw!O#*gwqpWiy`f04q?{{t<bf61?dmqu8R8{=6R{<*pJ-L6m^AU`R+25(Ie
z_1V}Uy#O!Gh_>ziLT~8it@MzdeaUG@<W%oDQMnOgHor}JM%$N&y$^Nroe)PlaC9^3
zTaN0J-UH|X3&cJi+=ks^RTRhEe|T$0Qi<g3x*SxUn(@DacBYbeVFa-C4^M4Kdb5et
ztp5b|EW3!H=H#Vy%P>8YNu_7-ZVb+~7(){dxlAfC{Q<`t+$zoCn2*O^26;Kxi07x{
z@lm{jGx-~6b1N>vD>#&|bvyEWqZ-Zu?U2zV&Bu?udz*36Pn8j$3F}S7vKX5gjQdJ-
zbHpkiXpcPi;I(VR0fz`Y;ep*UYD-QoXg^U!*o&6|BXy5#!`mOs!h7KH3lGHYry~+?
zORCq>y3_t~cup{PN_uRjD>wv~oW3iSTR)ZGnW9(A@0{gp-yF@!I;7de=DAa}SjEcE
zj%+h{t7wDxTLOmvHOlCJl~+YnLo!n5#k$mvyx1E+gtI=-56Aji(A@&M#7>-A$nETy
zI>V8{zjmM@S1I4=C1?FxVCrXLFJJpb4W3S87TtqSNNhWECN;P%*!*NcYE}eGrgqMB
zB)#b?gR#2-GI6e>!jEj@w(EGMUNFy7ZQ^^Ay?E7H7~HEu@`W(t7%9ZaHWex79|Qes
z9Zu{x)M4hnhby{&D-|Y`{x_oJH>2c#hDp!A4QZXV4orV_@(A-|^X^O0kK4DP68eTX
zw*PM6@66|xo#Ev<r;y>LhnIfr=s5XhXM~v!UV3?1xr}c*4lFyP%yjaS<t4X_&pHk+
zJ7dgr@v;{$`Q^DTXK2|eq?zmHrH_|^<vGSq|Lc%38=r$s<&2qR6R?kAJ5$J1<a#P{
z{Z=le{5-PDTX1K@&J;Q-a=jI~l~yjT?2=?RV8NYHJ5%Va$Ym>XcB3$$q`4{b8?@2J
z>`bAnBDYsX&Tf^b?9ya6RDqSQ$aPob`YLjEvm|bh8=K4X`8b|oEiax5`}D39$#<(Y
z4Nm_?)@Gjp?z?C^Se`q1*vW2ZgdM#b7a9caIrcg3-83iM`(Zh|odFsSa`-TG7w=s(
z3f%i>FSzGvfw=d;a&|jIv=-z*wUYOhu(93F7|jv6UYPA}XBeip+Zm+M0k#)y689|a
z7WWPq>uzV1#*JLY+pTlF8zBE2&m!V$O7BG4!DMS@*~#;|!x`XhGlzgcCA-5JR47J(
zKqb4w8B!<)fIua?L)mSn{R>pM?@)G|Vf|9>?G`{1N&!*|ZNM#!M&p)^@6INMXYgKi
zqA+;mY5Kviz@ipkf_`zA=T6~t_(qJP$%7qt*YS9O;mag!(f=rbOT_YTV2b@X{%tgK
ziPOKy+sx_r9mqI^7wBYgff=3rne$Pn6H>f`{2ypR;g*OToZk~d*Z&?VQ7Pwy-@=`L
ziin9Had4VX$<*t*r8595^MXm;nN0J7^iHOELHcD(^MdqQO!I>D*-Z0-^f^rPf^?B-
zUXVVQX<m>%k7-_zo@bgDw?s8SJh^EunwRb(8ZSC$cplnAAFYi+ETiOdriTf64kK+b
zjg%-Y&GzqvW)P*N)RC6*91k0-`f_7<rYV2s@XYr?V4ve5<(k9g91praE(|eoRc-14
z9Zl;29Z{nxH5DO{E5^F7)~&-lKw+GC1|&Iz-=p*QP;QZzrv{~4I?UlgN+^d6m{3*l
z@L<ya5%d0CxCU)|KKO~=aCSf>!(BR8HG(}FJjA4M{ICh<I)SJ-1d$W{oBq+8nW<`@
ztP6Nc4>~3G7W8ufLhEky5VJCSVgega2L_@&uFYD7fyTeW`Zd57p`^Kmr*EH88LRL%
zYp*RU>q7T>!%#&lbjNp_RF4bK!?EDSUWqq{IymPOeHMCg8vX>u;@2B!dD-;9?6UuJ
z(WK@_XO}U()pVf;g+D`K1nEWb?%-n&h3BvTq$A@5eZ<j$86XD+<~|$~P%ei9Kkdk&
zfCwUEfuDop5RmT%<2w->o{8xJz9AF$e~PO3ZZAG1|6|s=_;R3SQ=vd9egYd=oMTC6
zlbAgwJ^yYXddZak6B6)%3ufiygH!+6L@PG<!ZuD_WbySQ;RAljfDz8+q=ZoloLce0
z!S2LNhX_u2$j}QI;d4kyVU$dzTk(mb`7;@jT=+l}5Y03#jvo?W%h=lH>Vaa?qNBJr
zOI50Dx>DdMie_V*^MPjgbt%YAX;h=ir4xEqF4ENIY@nDV0u00^8_}n7>41`zi#D`5
z8|cNuo8yq0Y^Y7;f-eohEO0Gkj{Mv|@eNQlNpD7-w_0X$M%}j>Xlh0sxY}uYMqRj?
zD|$e^xLPebRvoz-FYHBqx!N$SP~3T?yD0SP`Q+7(yV=<h-#mxS5u}iCnYq9z?7P(|
zjBMZH6vmL)d;1nlRtJ&V4=EN;Bi+s7{gK#9it|W4g~c14!jW4Y`~ZZ5Gy2XL3rDxl
zO`hfy)&ivuaB_M&;Uj?KfE}YR_OUelPTY|Rw$+w6ye9WJg>||s^Gakf*U`)ccIMU0
zXvp>-g7PPS@~;uO{;x^J_<TNm6aU;2t3v>ko93bb_$ri@d2ve=1ZZ;8T!dC48ZT~%
zA_7frnv2lNMB@dUb`zh)M}bj4W!Z)MR{0JBx$~tT@|xWPZ^ne2abZc))6Hd-0w1+{
z5H`jF|6w#MNdJ$fDS<C(X_`}#X5d{HbIOGJ!w;P>-t9#FuVh@$Nn14@Q6Et}Vh)GD
z7>_8Dp1Tp5%(<IDCP85vv7G_OODR&hYt8#4%#jNk&OL~uQLoM?$O-b3wah1&kog1?
zh+2FBtbRjP9-ZR`eQM(SZ_z?~4nbaP4wX5?Q@N8xhPgl=4frPty>j@XR}NqFn)d`R
z^DB9WbBBbqN!QA3Y@z2eE|w2aMI_BO$KoQ2@TkBupF_j3$de7mWqR7K&^!G-ZPOBT
z^k1+IaG6vi#b><nF=ZYUW~bo&0_IGH2P|dr4F-4S_*wC1U<cO_2H#AQ>Up$vqA!k5
zMrF+J5@qy2>bmJW;caD??o|C+Nnx+)n>q3R74!*v(f3_C5zpOS&o=M7$gny`H^=!l
z!^9mg3P(2^JGqksx`dMQ>ydT*?KINjPI8>DEOPyqvds1W#6lS#o1p{#0k}iTN=sl;
z<^^-v*D}ou(ibw#3(~J+nisdkIx#5arnzWPzJX}GU{J2rLCHDGX{b+aQv`NOL=oF$
z!gJ&1>68l#GfDhHk{cfga{MJFH$E6<^%s{&EVD3uz2qk4E7K@}sE~zjcjY;o&%Dm$
zdT{V&`<d5GUJ_5Zd#;V+t5WzjIuipk{1!S>gGlk|tN6APMO)C9e<s!Ch`KN-{F~;e
zEBUPulc&DqcS1~FbSA$MA^_<ncnXeLH}>K{FFrfZ8DFu_v8QWKjKBGY??0*?G5*B8
zH(#y&Fn<1vrhBCu;5yiP^)6JZmy-{jVj9Mr_=VL7Ozw`v<}H)cOd%0x24A9_OX&C9
zZ^Rz(t7Hwr?uUnDYcStqBQW2i>|I#PGc5lD0%FD}y?*7)p#OK|Gx%K)PF$?A{FO7K
zQih++z>g#)?XrO@X9^us$Pb;RF!Qkp2T|B3h4?0Wb&W$!Y8-A-<4Cg_N1N3+)}+Ql
zx=EFVOtU%*9nC5&bT+HCt68nxO>6C`sr8=~-8ufwS6#TVs#7fts9!OLE4tRgfVvc;
zkgn)p3x$m{I9(O}Y~jFqT8M()ZXpVLr=={=Wh+@=tu17Mb+wWO#?Vq0bX_Z1FgRMs
z0%L9^3rw%2EHIS1vOG~~F7N%_&(5hb7Yl>NAQ;9N0#{(6(4rKj(jizVVlRq=A8$kb
zfnTt2*hkG};c#pv4EwQ_Fzloj!q9kI2t(6UE;>x=Xod#fN*G#i3t?z6Erg*xv=D|?
z)k+weOr<ayBC)2DIfVulEU9Exp|J%^HJMjvh`~~gktPUfc*cZJnlsR3<GJv65yQCl
zYtEkj2z!tis`IBVnLnLi=1(%$kvY<BoFl!1yldu2QBgQYisNgujpj&KfJvDb%!RIG
znir(6VwxAEmzn0pEwN6_k>sYiXpVF>(Rjfe>8{nXaN+zt+Itd#OT@r5<1p+!U58l*
zv$FTZgzi1*tcSF-!8}6HFag3h>xftAIS@ge{0cp}>+~&LEs<R^76kK#Lih9|2DRHg
z8<Qoa;$-RU>!4~`W1LVq7b;O9knw4d(Gj)COh~g-icEwwD|(T6kmTE#2Z^?I9wf@v
zd64K@=Rsr%qhUjJ9%Q#i8=&(bvtr*exf;uLH@<_DAjh4HV<GK2@f}!yoA&)J9gE#0
zYe!ZN)v;pChgd1*L#(h%HYqw`Dwqwi!rWCe<F9=G&bwz8--(>xfs*7*22-DuZ(-$u
z_2SQe>%p1DYXU59rVDeRq>VKItb5KK-*;y5T>%!JL1X&m*;s?XdgKRR{`$<~wE<QN
zpSR~M&8l$-SfA*5^<&ND8V1(nZ5JKiT&@vd^&PkF!_DOy1=fnIj{9eGxyFF?)2o-x
zY%Ujm<N)IT^_aId7YskQFf;zCO;0}AT(Uw3(7tl_OWxdEv_dD)_RhZjWi4du0@@Yl
zU5$n|>&!wo&@MUpRUd32TMy7yr9S)YI<j>|W<~?rIx+T_nZ<VpogSE(g~g6K>N7`u
zZD#Sh04p#v3ro~-(#F$P&n)f^&;mQN&}i8o{nkwn%`CnrzzXcl!lDJ8+IzrHnhPc!
z^}_yRoEDN%8Lxfdy+3U(8EyO9fB(^cH<wIo=z;J5VpR*#*iS!6KJ6RLMdPTusO!gn
zZY~+E`+xd39@|1PT2SJlUwx#xWON6Ad*7q~Xf7Cs-Orrj>CFWb+kVS)CoireS$AY+
z?9FE$@;JuRdxJg?%*?`KD_{GU^DdfMygtAR%*?_PGuwOa-Dl4%zAr!v%*;lk{yR7P
z2E*z70a{>Z78(b@F~9xF`<qKf%lOC-?|V*j$*8g|&-oGtQ&Yj{T+Y4at6ym@Sb?2+
z+v2<Y=8|zVJ-*+2f7@I#TG<=cJ$hGj$vDgtqi>405R5+bkUQ@BS#!a}GJf;Udmd;m
z8Gg(L*7)k{3(ZBN&A#--ANyt<(Rv~?qcV=!`zaVq9|*cUFf$8_-SmzpCy$<4{9u3;
zn3;toe)dEATzSLH;)epXz|1T(TJ|CDxdMaf!vR)cWfqnw;~TS^UfNtTcGKnG>%6pu
zWHg}ipC83&Y9<*i`_5Be|Ayw0am+n`@x#UDf=Msk|G=6jnoC9l>OXqL`<e?Tmi^vr
z>cr-fam-z~_`<)okc=_-pg$h^<>r#ne!jHl?#ULC(X=o7(HnnPDH-O;oVa1>A(Ka)
zzhUVi^GBV=Vd)`LNS)1L>0!+xxw3F!q~X47x2!9kW7ZYH`d~%uY%>oYUE-Xt(7D8U
zKq0%tSz95u#A(^^6616sy~IFV=w4!=E%Yxjk`67=w-!2<=sXL(OY}j7{1Tnt$P&jx
zA+tn-FZ3+YYzixvXt8{;{#Q8e=i-yqXYpj=?~&o*%a5>d+9~l~{3bpj5oY+i7dYG@
zC2sLs%pGBJ<{S3-l?^S8%g<hfl>F{}n7NIaq4^6@DY<==^}HUHpBd!b;xlnNj=WjM
z?@Z$WdWI*}1oySTod~}Kus0NZ$(gK}g}I$Y{2+N|@&sq$H9#v9rtP$Lxj!kuy1U#`
z6t3V_v-4ywpOD{ZVmC$m+#ds*GA~%GeVl1tkiL;=UXcC-)4aGPvc?)tZkmhMaGxR?
zFVM@_er644?{kY>PKhY8&&|ZYz0XbJ%6)Eu@VJ24=Vo=$KDXq8eQrJztJ%Y*7O-%e
zg1#_js0UfOnLKqNOE;4jeaPBP0Bx+@M9aE%6D8}~O?0elH?qXqjqT928)XjGqN;RR
zyNzMFwgtP@tFe6@PjKb76|dOH4}cv2;b-vsh~1vQKl>eHK?~NI0^P}~DPA8G%dSOD
z@pMpp?=8cZHevp!BhEd$wm4+I@14(kNo{e+{DHS#|AMd>YwKieb0^O5^PEhH%EJ$t
zX}?T#Vc|)|P4p#r=z@xy=u6_f1<pCh2Sup4+?Ci_KM;~<oUF$JRbl?hLbrf{PGo+)
zpXdWu;?plg2S?$8<vZbnR~9-2j^EF<xDQ=9T!;Dam1FgIk6bxgkM-!4*bQWrm8{3=
z3yw|PLRUTR*v|`^R4F=k)=ir#E5J75h%l<uOra|fvr;pK?m*5e)f9S6b1T`8g3VKF
z^ge_-39V8)DjidJrR?aYE`e9_W?MVza37(F_1O0qVX8z&ulCeq-&t37m{Mn5?&uO_
zQ^kHb5T{al*jPQ`p<vZmwQkUVs)Q=`un?7}l06#L;U83^dFrf7;MM%Q(I>>OVm}0N
z2(IK#`|Ga9zK4w!HkEb*DNVICUE5QKKa^9C{V43C4s&!#UFIXENma6UVYre@mBmBB
zo%Og68x2$`1_MXgRC0%{cK8R^a)-h?1zxRpRNJium6~Bs^+-Ww1!%0|SBeh>D|R*i
zPWA`|s*-;Qx+J)gJBFY^uVfE%GE!Fd>nM~^hdI2#NImY|rqW90!v?uZ^pX0!VH>JR
zJS9!@XN=T0)7>75_H;PeB;g8Ge?@p-(jjsZhXCoy#or1%;RqMQMj{2_T@~Eb;nwn(
zNKuEqy4yPZ87u0rr@O7?&R9{8Iel#%-V!WonM;(bWv-#34tt4mb=XU&sAVti_K;f5
zi^C$kO7r4w1zxFnh6;i!6)*0#4tIu%I?Tn{)?u!(qL#h5+dAwSD(bKoXIqawV?`}@
z#<@DoB~sMkE^)37cL^1>+%d>7RyWjWo(_x9D!qeykHRbUE|G%xm5QgYt>q1UjnrdK
zS1WZ^^42&}%bdfbvkrR+6T+u*w2HH>!(ZY=9rhCC2(R=85-94hXOOGI9nNrA;FX#Y
zSNpUY=5$wtR;itSR=|~-kvKtkC2#SwwY;gX?t0wC(bi!vQKFVTJ#8KC5+j65rP{^S
z*5R&EqLw|oyR%LOj1qO&Yly4IpK(Ii^N6%g^m)!1YcWpsaUK<$7P4^C3BNakjS5*k
z>FOXg!xOBshRP;&No&?p_y!;zo-zPrQ+Rl4z5u8YEU4t+=>&R(&pGwkX^-r2oM`qq
zWCb0aFZ%)*)jm6wqi0eSuDp*jJQMORWaYa1GhkBY1?%h2GR+IppJSRAq;F!H7o<PW
zG%s$6m0%4nH_b(B@GlaL7p%dj>#e~>LZ?I&S%Wk2Z?C~gT)74ph_wc1b<rAJa`qa0
zGnInB@EjR6f;ITD&>Z@mI*~QF$x|<~1~+-?2CuSr&IAOaAc$lDx+uqw$nad*9O{wt
zcJ{e4=>c7nO9$whT=cJNa#8>I?|-r98=`$I&)Gy>p0hd8@|?L~d7cQLpL(&EjK^XZ
z%6T$YCTmz$C2Lq#WY(~(NY}8^*Aso|z7!69$%@l|HuQl<tE?g?hnk)RKsGglDHS%x
zeC9CI%Yp#-Ha5;*z=sGnj+CdIl)>)Ak{I}2%0}i{v>ru{<21a3U)z%$YXLscZEPM+
z>y&aFooD5NAgDza*4YZ?INdTV*!=oqHek(KYTJnO9%Cv;8%@MXl~F}*-9jF3ODl34
zEyS4}%<HMVwps{BID<6_@!M!4{9xEMZL|`>Ancsh?L_FD8ELzn@a#r~?X{EV>QsyE
zv=e7x8gyn-C*l6{pfO|JJn19bK!zkegJ7NrEGyyQbso<1Z4%5*3{B9rcn2fxqzzFQ
zmIfe8rfnLY;gM<rk^}=y(vYx9P=Uy%!N4;#Y7=<zgz^Nkp+;G2WGgD7O&BV*47|((
z)&UXftknSzaH()+Ft(!v9$cy*YOMsGHxm*amx!J%bwEo|8Xa<N>3~Pcq#mVdLj#!L
z7?SqQfCubU0opxyVWpK7@Nk-v7#G=&26%SPCTdFsJb9)>>M`5V0gr|XjTy)_R$#pS
z3DM{Y4?H$^h!#b7inWEeut>xP<ZP^VPGg^85rv0XTR2FIgbvc2yEHx8$W2;A;qlX8
zU^noU7Ks>}w8v<zQDm@a!n3C)UbdwJI%RE;R@BIOTJ_N9h-fC#HVpX|jkp{oGXA5r
z4#E?}f!f;8L3kFp&?-jS!i5KW+tvXipHYIk&~}s%oxRopht)&n?8n5B=SG8vrXvq1
z0v$APAQp*;rZh&hMjpf>qU|V+c28pmVi9p<3z4d=k^itLXgXSr(Ljy=s8xXsZ6Pv#
zx3vmrIa-aGSGA!58QDtIDwJ9ck~l9^ZR<dWwndU{LkF}RmCfj_wGL!p+tsw813F$I
zQODbs5y;3^+0=B}FatVXB{3G-h6*^cm8L-`HA{!*M1zM$9UO|5)kY%+V$p~hD3Qw6
z*o)d!;i+@gTq7@Pkx<uCj~Y%x|6!4cs#Uh;%O{&AI`!RRjbRbd-2P=9uv3*t?Vt@E
zuum)6(<qo)veD@XjqwK6KD5>h=ydGX;1%Qg>qx5>`dy*X{%p?(!qfiE*OXQ@;;U6Q
zGqBsx0KJ>g7|Us`0r3SwVrJFV8Ze6yTQb^>JUI^{Pb2?f5m7RsQOO$n4~vFoqxCd*
z9~KG6wUQWD(8zsQG&CEbX&yu@3UTd1Vy2;OD1c^Tk+h`%8P(bx9o3B-s4W|(A4=0A
zkXl3>)k<T$Zi66Vk%-|4O^fB2MZ-aDH>W)%a9(W-*M<@}u5FTrfz%R?URP+$*l9xr
z9MwY7Kn1}rlr<}$P0OK_ma|ZcNbEqVv`-s3P@9H!pfn~TH1Z!d5p}IZI^=5Rp~i<=
zG}LuPJ=GqhjuvQdb~TNis8x|zoKiL4&9P|MsX}7Lb~`#?uiDkLp#!=dB{8~gLkDy_
zLZimho(kxCg{b*t!qR~FDj{iK1$5R{Eo~@(-py)E!#HXQMrR--jdo?jO)YCZM#FjN
z{If3z_7)p^5Q~Vy36W~Lk^itLXf{G&bk-<}SR@?SDp`X`s0pMN39Uv+jMX#>BNmNJ
z3v8mcG$0ELp;EhPLj@exc0CPUs3jcj#;T>!mX<{!V_K_eu^zLCXgNxw-mpCta9G<l
zwV?y?yLL_OD1qZzXiQLO5J#-`$ihOaF<!SFL*TkXh}1@Fln_4Du(qpd*C+n-g&%3P
zA8wJ*4wS^m*2slgG_(VuF)C;<4Yepl(^`!gK8-x6MMO;tO{<x>MI#0$M5?w%k<=og
zxv6Moa@2+fq)U~^%);8x0ee(vjM~~z0lki0P2(tHHHd!4ZcrOKpx;%J7Ly698gW%h
zWcswV4(O_d#5mqIR3N@hXjE-&sX%s)gs6TX4WErzPcmsbDpn)cVIw0_n{I3rJZx;t
zyMis#2L8gr#wc#J^0KgDB8GL1i>TL1j9rzxjYh&Mf~U1@G!nyAmE9;VSVF@Nj0H4u
zg%&afsM)4(tA*_Q=3&s{&FNG7{Rn3nJdtkQjTnYT?1qoBY(e<6R>x6$t;GD_;8*pe
z9#`QreREuePxUd!LvYhm9gdvjz_t?(u*lH@M;`IZ0Twx5;FNeYKo79+2m_uF>e&!;
z+MqAP11x;{pUvO^i}?ziLV^P<M`ANBd`G8O&aXV*oL`Z1C`0qd@jOU$jO81wsOA#@
za*Rca!ecC_kh6YA>{1@qz+d$K$d|yS%nQz_+`=?3NPn4WUXcC@)4U-4Ri=4C`fE({
zg7nv!<^}0nndZeUQ4*YWk(=hCvo7Bx8ZSKGVZUc0;yWc4$r%?W{_Qg^B(6N;A`t70
z3#*IHxJb@E<8ryGEIQ*tZQ+c|4AhD<F4UKtaWQ%7OwPENJoTn$TnvE90{~}S41gL0
zpg#mqjQ|XU0MTW<Fk%3DEQUWk%5yO|n^Jo&MtW4w#Yl(hxftnBJr^V0Io><{qVu&k
z$FIKm-Y2v(#~=Ov4R6-I96$ZoeO5?U;@}MRrUz%Jqv+rab8>Jde2e8J+*sDPST@o4
z!nasXH3j-S2(PJB7M~Ur%LZIc@#dgdmPs|mA#>S+s3{Ja%hq^JamZYr*#^bXE#G7L
zeE1#<6^pl6s8qbeLWSb&jEoR$l*;J9rxn<v__Q7Sk>3(!_u<ie@b(GyB`21*pgqx{
zYJ%m|FTr3IyxT&!oLClkbl#kBIrU3;bRe8yo>#7A&coJqc=Nn+9oBNzx|X#ZSFYua
z`6_&O9qyR;Atct}kJ%7HLv00^Rg4I@QZoorM$AghARZz1*W=Ig*2+FOaZc4x38zD0
z(HT=hl?&nMr{Kgn3q%V7k4}OTF8xP%bP`nfh#G47OaIkjuS%%HpFLQIJ(W<)ojq8O
zIW<s+w{&4GbFsZz=GuXE*o*DeVJ{sh?7d_L-#0SvT&Xrk{W&PDvTJ$Zn$RknM~{yw
zywc_&XP3Y$ZJu&=)Zs2C-RrUEX>oy9vPZLe>apix@mkqo2c62L$}Hu$cpdg~)}8Q5
z>0u!Cgoj-kA*<NSIsH29(YGp3^qvJ3FG|>fTC2=n*brW2_M!xVSDHPK`x9Jg^`eA2
z+}VM3n2QSPFxMWeWiLvo!=4>jhrOtv9((p+Eq7X99p=)1b-0W5)!{B3DBM%&PJCa`
zvU(`9!`}+6Rhm7U+a>U7!{>2*;#)8OuoHRUo#0B#q37+c$6j7E5H^*z1O1q4D-9nl
z>#4&Z4XekVZyMBL4pXShoUa<xk)3Dt39ix%%(Al{cfKScl~zg)kE3iVjUEeOgoc-b
zeWlft3!zmuFYOn2rOiwC5ngHZR6s3n*y>0<=4^i*-r9M!%o!It>#&!;6F!w;N;FW1
zzjR(5_F{U3S87IjuMT@!ULEf6(8B`9uj6F#A}{7Tw%tRa9sV{{Qq{XK*iM00+dUfH
ztp!#63vqj-pwjdquHsi#03|7QHGg?yf&$eHtg$-W(K?t<t^BYDBW2~d;`<VHn8ON3
z>T&1W61B|vu7@zG<jvPq>hMPQswOK9Ulg#trgzDN&?>v<yDkE*G<)ei!Yj>QT3^eX
z2HRbayEMNJd+EDc_H2J0?$UF@rPA(20d=@*-_^3`c<ZcF0sF2Fd%EZzEvQruhPf)O
zi{HKPqe`6;mj?Jshb+Bxg@EsJ$m&ZM3jAKXtiW`=fE@;1RO_+<dkeCx*3|>H9%Nyy
ziwM3LBWr72OYmFnTvG&VGJQXWA)@mA7(#;Wg%_bGqxWO7vcK>Gv%er41Vi%=@!Q7T
z1>f3ZxP!IS-(!%XaF3xV?6Fo##6A?Pm&0!{-v%yaUa&XtEv9)v`rAzNg7oc7^Mdqu
znC1oP?=sB`(%)m67o@+>G%ra1fN5Tk{vp%6xFt%6y$88zF4}vzlW4qD?>$JfoDz#<
z?}3Sbd+&k7m3t2YvGyKVU9|TgIeYKnvw<#y?=(}3*n60Vx?yqDqwGDHJas914<=82
z>fVC^P^r52U;xyt?mZX))vJ3C20$GHfV~F;prQd74*{a>cwt`y(A^0ids%Mm>Uw(<
zVhOr8A%>uP6JiItHz8)A@9c;b=r)BIfo@ZX4d^z7n1F6mhy{%IjIBLf3;?5p+SVNl
zYBt)jU`}={xbKAD2s7{ZP%y0RDHPWB6o_kkN`puuR*5sHVv$(mQwFT@SwGkKtQ=lI
z><{PGgO_5?M@Qk+2v*3w&<_9Q07M7am_r@Gi$4}Ncd5G-JA6t&?C8ZG3z-|fJ&GJY
zARsd0VsO~N!sb3}r(j2q21F3+#UBeDyX(V(9X=Kj<mkm83m2Q^V=71ZOh}OHHW7Q;
zql(<Rh1e@cFeb0)Q95(=TgZKQRdrh}L{#9;Gx@dAMg)bhYuacfB4gM&t=ox-9QNYd
zZ70H<QDJ-S#NNHpVms}`6PpH|8NBpz0W@Z;n~ykU=gg3V&p+4}dC^8+{IN(7M1!{~
zOxK3b2uKvY_+!!V5vRV0VMxNqAtb?UHhA&JqTv%;rBR!R9v6sg){8$D5pBXysbz!@
z4TLCq@yDX!gHf%>490epz+*`jM6H#;r`AHE<1%_$(pU$y6s6H2*Om_W@KNefnl>~b
z&mM)OeKX*rR8@fSj;$5Ir@TsHTx1(oz+qcK)RqePXjp4fkJ*k6tQUXSA<-ELu^jwd
zF?PiQkN*lFm=Q$NHm|V=Sp#QbQP2*AqJ_t>NW>0=Mmwmn->`_NZhax8xs$X=MB7T!
zBIa2{v^S+OgS)i~#NdR+gpx+_&#H!fs@3Q)ZA%Aq%u1ydHFBU<J@h+TkJ?Vduy4_b
z+p&d<&YICEqUdkY(Df=wiwJ4a&{Zi-t2k*9iNhAEwspYhXDU+LX-5h42r8UWT(upT
zH(y>A4IY|~zVgsKlvpGpTJUOxjJQT##3G{YD2>`qV<%z}abycob3bZP&~&sKqk%?|
z#G;X*EkwrmHt?es2`xvfX%S5=8X4J2)GD0XRE+gP)wT{~Xj>%Jel&cS*s6w>qp}&j
zwbp?QY`dB^tbmSJNYwGRWdt&^RW>!9Mxn%N4jr$On8DMA8E|APP2F%RyVJq916~;o
zAR4y5U17)?IZ}&8OhJiMzQ&%^rlKhbm1?h%C$&hZZ=q1*Y3M^N5>dCx)_fUd)9^I0
z(zNiT77<NOY5oNruw#`-ZJ`YvuwN_M(`fBs$wtQ`G{z%T`%!E%@)Hsk1s#vwnue<_
zi-x{eXtY1uGXl;>g{b-3(yB)MwaV5ao?1loa6)4&r?m#eA6SyrXuzCXwki=%rLR}C
z@S_$HB{Q#AF!(g~Ar=kIM(b(rLM#%FYb7z`x{(X9XlOP<(>#z^6f!dq5;GNT<U}nR
znvF%$mI7o{Yjbo|H*%s@Jz_UX(;}E!L>$#hV?1wzKw^=I;RsEOWtm08L2WmuJtc4@
zV++@Y5;(4Hl7_+55{_P1Xw2AYLj@ewLQ+=+;Zve;SE?%3>FW<_sEyr-MI`nRyfndK
z)X0(AG@Ozujfo76JgH4Yohy+Jy+-qLi-tO{sHag#wP<K}b~Wv3fol_`QvcJ27TCE$
zV#atoI$-bG)wH1lx*sJmx^6=UbU#9)M%11PtQUdWwFAyW{zVngX$y&Qa}C0Y)uHrq
zR%2?SNw7a_k<cj!NuyobaFfego6&HBS0<Xr6N`w#nO8GN)5wol6f_(2k_9Omx)F<n
zK}#j8J0T4}?_-hBYLvuSO`~vP(TJP3i5mM-n~HWLRNA9$sDQ)TuBROx&~B_+q66Pl
zVzkj|3&t_6)wGyXSVXiOrO`;&o(edu?V8%qf%sj!rgoITaV<0^I5dbSR(oWDq170#
z+m0b{Tnmx9wrVAWPi(^%f~+lE+PA)<(cF_-B(w)5F)}uCr4|kC!Mvg&!>EBDu_#32
zT1|@unngs73r(w;xkV$>7$H*iHHsw`3C&JLGn1t@G$388L}pgjh7Q=XLSrnbQ82M&
zqxZ3^X&g-~BKjY@L2c-O{#Qv_Oe(Bu#APXw>C@Iapvx8#6Svz?fh<pird2?-WusRR
zBDI}r6@;(KSWo|GIx1Ep7h)sB^O|mKv?Q^y`OwW6N&~-PVPg~rPYWA43=113VpvzZ
zis+MY7COeR%H2jIVHLqs+%_7C;cDg;t(yotFc#283o$^=^Ubze$eqOI;m}eCmwxT{
zBb;UMq`Gw*F$|5^4IgpYg6IoD^r!8$k`HEe+*S9aQ{qtooX?S?3VI>{XL;nbf*uUO
zJWfxp==lJi<&jehdQ1S(P|vUEX#pJ9k;4mmXaHq$enHO;@Mw>mVbCK4JlZ4Y81y6o
zcDgFgGU$s$JWWvfB9S@JAYZ~g2MW;Ni_vf4?j>h^PBLeG<e&~-B6`8a@?)Vt1*_@<
zK6X)fz-LLg@_f(Bf-@=M`JNwvNtqX%zqyNPUXcDV)4U-46Q+4V`fjFqaZ9WpXLRJI
zx#*0}&xpngzJ+^?SLZiHMfegia3p3w^P8f~%5RD?VgIJ+M;$@6e@UGTaQa4m4pfCG
z^x$_wc_t_x+ZeP{&)$^SK-9C3{4OY4C?{_;%SOt<8_lwvI3k1Z+G<|fDzE%VKK!h$
zyuZWWIpv>Yf7e#Dsb^$FnR-S>bg5@#M3s6*hTL)3h3z$()EhK;1%HNUnm-j9-;Cdy
z$1lzBeHJfv3_hgW2fHZr_IXp!RrIVkID1u)9GksrE=U);?MyE+Jm^B*aVnMHiqByd
zwr{yE>*evWAbc721=BY=qAi@Iq3}2?L&0&RhC<`a3<d6s=lT-4zSM@y3Vd5P?hSAC
z3d7sC@b^A1f~nz|s8o=c0Mi717fYT8;XAd-!r0d2!1gU2>1=#>E54o!BK|CC6QV8;
zG#+R&sr2yHG$~MFvKdJy7>|KFh)`u}cx#GOsM2dj)sY5K8Z`Jl)#0s4lB7V>j3ko+
zNeU#L!Dp?9j(p^aC!fsqrR!+sP4zS*dzDQz(}bvzW}1*R(M%JnMw)3tVreD~8%Sr<
zfo3vwH1p<qnvq3x6U{UsYNVMaBuzBagsPEdnvhtUF>jIvn(3&cnYt?e$=A1j2QRxe
z98FD#8fm5pNfXU9p=zX=CM1?-I$$#$*$&kVj!M#@B1ns0RkwslE3Q?&69TPxS9MZ|
z(c)m$S25VvI@v<6x>x+Z-fI{fgKy9GOT0bV#9N7*h_^>+y!~&8Q5|pXqA=cGN|th-
zw)UOf{{oXTFNmf0GtCRqzhIgdq<_gYFG&B2X<m^2HPgHx{TrrvLHYrvd2vgW5iwbA
znu}ucgGA#6G5H0I$=!t!i7EDPeM=)t#IoWtvl5q?sEW%3*>RZ+qPQ%%C@x>1;WBt1
zw?svRahaO1;xd(C#bxTlj?2^u@^}?j<23bxJl@3BJavOSUc|NHwzk)eMRM%K54Stx
zKfNyTb?ue$<d0u{uy)FL{{Ni2PWxp1klF6PYL|?!@A%r2+9TuHl{05(hm3#d(*NDA
z{W1Rj=Rf`x=?(;TYR7bk-h#lcvHVqTEVfc(d3x#u#lUB_rT?<&f!VA4Yhg=4esuOK
z#8#>lpT6!v;k(px8VI8M%yn7ga0^GS|D+@OMI@(Y5y`1hL~?2pk(>(T8Cfchr(mft
zo|UB`^(7JBbA6c&Cpd`k_(=%=8dSw+09ns}2Wwq?2x!?<C=gQkgmoHo;I3@a^WO;^
zhW4w8ivklNy|gewV8wUD8}q@NC|I*{h9Zo>Fd1;d0bF>8R5p<kP7<RVGfE^eNAD1+
zDG@n(0jGrF6i*5#&R!Zbiu3GhM#L6I&;x`st%DvY6Mht(T4J*sGJ<ljz=59P+A`Is
z^664GDKHjov(*h5K|9zE@gOwiQH3fSGaE^wr-Y5Pxgj4Y2aCA`WF{X`r?Tl#X*_h4
zu+bJb<OAJc1B6pE@}V-7O~z>1M7yygZ~W(zPr|2j<in?nCsYH4PZwXPb_$;^-cZdI
zK3)8wS}lFLxI{HxF2lqtstt2JCyr4~nX59Ibmd?S0>Jssz;*}IxGheh3yHq1TjrcX
z4yg=M_`%Q-B!^hqfy7EF9o+7WvhXx#6tF=S?uA4*3kSE)P3~|CS>$_I(1%2qP-Rep
zXmbgaBR*HxcR7hSFEsH+;>K1JZYJ*d<X|lBZ@?;GiDQj#c9>}MCpJgl?C?KAhVzw0
zVIaDmg<SX5#-ZPVN0}GIkB6D&1?m4`nir%WVVW1DA7z>sq<_yeFG&A^X<m^2Bh$RN
zC5nhRBsa}Pap=!P;{|bOOTD$Bw68=AD+VzuF^Gw(7(|dAgUBF?L6VDN&|9iv5S0+d
zAZo#iK~#hlgQyET22me&45Ci#7(~5TF-R1IJl@B!V$%5J^=A1foe4W-bBylv76uK@
zQ^Gap_~{R%cWNJwzv0HyzocC_KL4k44%Z$WKlHKZe?U8M{52<cpQQaa{<bp`@6zrY
zzu{-ED`@YH4}SmtP11QVPg!TKsESQgBV&`^8Jli|c?EfmO<E?g>EkFwv@(!7v59&|
zY@)^yo2Y5TCTbY5iHc=xqCy#)s7S^p8dn&b_Hgxy*d*@#22{8B7>YF}Nwt+R2`=tq
zl*tN4;?EmWMo|b}O-ZBZLl54NG73A4H%c0X8~DbClu?|K0HdT~d_fZ$QAUA9)FFgX
zKtTf<5r%<8lp%Cc1flqi2*b!hRR~=aGDP@Bgkh+FB809cMy$pv8Zm+v0%tB>N(}|R
zT>O;U3u1(LDm5F#2=P^FJ&Y0JuGEMaBgA8=Eip!j(^8XSjG$>%j=dm8EH{Y)+@9GH
z-#j-n`N3w9M0auKu!{psgn{?M5Oths9LP%?c#(+%;<oF>0opgn{qJDXI=MGK1oT}d
zhUU-J+59^A`gpX*=l_s%+tSNG1phWAdtYZsW^Be}&z3AF(OP_t<}qp3d{OgwUrh7o
zYTh^b;vJ}=uuk7i#Ls2RpW_qitm2&d)OUaByJZUCtm3?S@+sGBEmH(%73bC)SIk~k
zrU=d|&aZ#^@Bu5!l)zcF9&_x|S08wKnF2VgIM2T5gwI}5X8q18&b7Pt@4Tmco@6=S
z9(~s5jxWz6OYMF}v>UAH21K`~7~Ou48iRjxV#f#aj>q6g*6rnt-w(+CLyqM4-)jnx
zC6w%+0tD0G10845c^kjcH2*gI^0@yO{5<&lOMZ<XKK}z!7fdUie+w%=7=3dy68^_o
z9ee6VCN|E01(Z%{8w3?j!esI|XJEkp5|xI2`YaI{vrmIGFM)^aj_0Nm-SN@&z4PAz
z^?dAspvpwPJ6<Sk-kP7?JfNv9neO<&Oh<BTdf3Tdd>&+-$a#CN&E@@@!8SQI+u@CE
z%b*%>PtyM!Yl6DIOo@l)moyYZH}Tk81Ks?8Z$l+^B7)+&z{c2%$Zx2yv7_qSSnBp$
z{v=UQZS1fQedqNO3Dw4?{&wXP5)IYH{&4W<W{HSuV|QNoz{e#js*M%SI$}y9quSWZ
zzWj{8OLSBld)2DNK8cWljeVoS#s<a4{-esq+}N3+9yw%Pv7_nU`2lpHWjgNIscU-Y
z53K@<@g3MZKVJ!V+_6pN|Amg=AbA_x=-&ZZ92tv~=NPAe*%%8I(JkK3uHHKTS+EMI
zEc+W%7#tGq?nj}_w*OER|4vp_3cQHnHEY13H&J+@Hz)|*iYXWf3PS&43dVzi(9xIz
zKPU*T#T2Xy3PQ6n1shC(=tW^_L#K!B6F=pY9;c$jfSl6bnHKADO8;P5OvfqxlWDOV
zr}PBVVl+<aNv6eOoKmbCX)zb4w1R1|73kEBy#;=Rf6l6ppEda6TaW(O4~<v6&MB@M
z@3?i$c*RRjUBBt>7k~Gi#w)()iZ49A`vt#^8Lzl&zoSz>|LYBZHeT`O+uwD`Q@;P6
zBaB!4!N9Li>wfj>n~hhz_x1PObjumXJ|R*#g%|qYhYdJ|XPNsm%zdr7A7t+9&3)S3
z50JZC*uMTC2iHv)r+Wg>sl6)z%h<4t!UCkJ^(bGzsuflT5CRfMU5>`BGW!OG&K@bV
zZ;)n>l-V~(vq#G88>HDIW%doy?2$7225I(4nSFyad!)?1nY=uaTVHVa^vI1T{5>%1
z#L)U~2f3k{#L%ojXfKJ_1p1ABcqrjN0Y{&i+G}jko88y}Cpv?lEh}u^zUNvmKRc1h
z9q<6%>3795a4b2oH-UCYe8Y_R1{su|T=(yozYW82VbqCv7dW2Jz~p#pjM8dPjZs?d
zsWD2cJvByYwWr1?t@hLyrPZDqqqN#nW0Y3kgpdZ2B&5M4t&rCJ-*rP8vHiQ*B8Idd
zBcUN}<NQ$|sEK4pAhbBePoXKrdq{Kw@`>WTNUnB@Hvyc$TD7zty|6ZoCGt=Z^%DM<
zrI7eakBC>ik1V7Q5Xm$aCKwA7bz)(6Jl~x#!LZPyNkqfMP|IkT%&o_-c_k}F38Y1T
z{*+SO=lH)u=euh==FdV9Uidvje%vko=Uy>yeaHNBp^Sw;66UyNhqe|kyEL=k4qZGd
zQP?RFT>K{Rub;@zj~}$+-0LR>oD#9dHi|R8eqwNbU&8$}_~;K_Sy&vbq;BzBpq)Iz
z<e=7XGp|1TAn0ceY}C|3sU-SieZ^|MT=8~*R(m<9SGf9%5Y|*MZK%FOenI9oX3o)8
zqf-|C3N4hA;N|rDk5VIBgR&B#3x5mBWiNdY@(hdJZ&JG_jwhJKe~=n_eTaA9af}^@
zJO2W0&EEutLQjs8JOR{DNdxmgToFUzpeg*PRj8Un8(3eFC2Wvn$OA?!8MpYPUF7U-
z7bTg4nn^|LO)-CHkT0g0rOZ>tr~9j&n77meY?(O902{jao9y*FUNdC2aQw$mp_ac#
z+NtFq3AT8w^82mwr8@MStp@zhs-nj<Rq7uz^>3-7XF2N+%Dd~7v;Ls`tM&M!{-FH4
zI`o_?2jwrXpr4#yq?(+uO_;;@e}P8C?&C#Q?A<N&ZgsXmw{G<OUMI2T0g}lGjAO2p
zoBt-v!<s>xp%=%@C`(Lt;f?~#wU=plecp?A1G2F9K>+8G<!3F6YF4h;38qmraX7jE
zrD;G1l;aJ!^Uo=f$dzkxA27lEYA<q^tN-T}U@LjI)F)tG6)btT)GuIO{YQx{dAGDu
zz`Xj8qu#RQ-BM1#yegO}Y!j_@`X}8rDff~yolDN#KZDD~PxWFB!f?*b0V<=~<>2CQ
z6yM;)4u<?AG8SJVW6@``J!$-b-A;)L^W=(%H1ePokwg*jLd4)O3e~9dsFOr9&`rNK
zy<gkZuWjfrQ)YL~K5p^TLox4?GYh>3bj&Z3zwwjBPXX@7Fq|BJ1+Rs5ew>2~e5re!
zafyvm?xF|tC=S43W&FJ{);i?cIdzg(oB{9yT#|LUX|bhZ0=T<ec%Qy_dM&>&AyQ3E
zqzmf~z}|Z{zR-v6D?SFo)l)s(@3sJ55u0n7wI6blMF)IDxzZe*nPAW4iZcLf+E2z}
zQ%=f4WP|aI5#9nsrUg;@A|AUPZ5l(HbR0-eI6mD}G#a!8U_OkBXeDd2-kNSq5dO5n
z7}?Y_9Y;vVHpwto^$YHrE(g1=Vr4E>I;6cfwsGe|7R~ne;zdfNJ!|&QbxaksJ;`f2
z(VBiBq>3v8v}7LPQ_C+obNVM3OSEzog@!$Oxg!RTN?BlT!B%h3p_gM+v1fG@#dG+6
zi{ck2P?6&&*z0i3GRBJg0)~l$<P6$=1f8rPMBs0SR)i>2qHoB#*FrW)<$ZD32wh%S
zCEU1Gq4b3p`y~3JfWA;fj2?_;n)(dvH1iPb^j!#n7pQdFt58=b)g>K$O_!4vb)_S9
z;W1FBu>et*^b)#J#@I}L*4xyP>x)lKK@$Ywk;%qcnN;#48}Xg4K=4!Qeg>jvvEAJV
zNOJlP$7hIABKSuyb|qvVhwNh-<y|l5-wXeyjf7WVbm?#kM_Ow4au|e3)wt+3S)^LK
z<6{tPY*S~hYwD=6?s$4E5D8U}9oU;pFUJ!A&PWAQgUFl8yqp$b_m7haJa_C$r>1Wa
z`F29SRglj-u~-^sA7!RijSn9Cy;pTCGV3KhPS=u!ac`EB=q=ab3{nOg`_n%!^ma}?
zB~=(dwQKw>@4o1QzPJ$JtBh$<;CRn?+K`CC3r9`wkv?@|N1<N+Ib-_Bei#)wg<j2!
zNah&Lj7i2kP$@8De=3V}_h%}re~VZ61g4v&t#h2C4L`R;sW4QmTj07&lo3VNEf`F0
zX%uB;Ua(nn8Vr<vzANDG#B$)jH+1gqI@Rn$?2sjeAIjjy&JWt8=hak%@nUXi;X0Kk
zKmNr}_dnZY2FCAx=DvB883ePp{M=-Q#&20y{D{d6kAHN-`kcv(j6d&@i+^P@qvI!b
z|NWEKVOv$irXJ$4YeN~%q<kvFRc<^NJh`V{@&F9kfB^uoZK==pi7^O3bV`qqAwt6Q
z0E7$^5}pVkWQ365On_89N=Wq+8O9&Zsf#P1Pd%TAVJrqD-QZmZcf&U2XQXMGf$d@+
z<{Y#NT`p~X8}132mlGL}sE)F^KxdU)gm!AADUMWI=$`($!BP(Ly))L~;Y8%Nv!Q<x
zwx$pVB-yqh$aOB;R!DDk3wa!`a|>CddT=<;_2!auVzV}04@$Fwmq#jHftQRW5OMc`
z?cvnG6c#lcT=+_g$bjcD*O_O)DJbZdIJTIc+GTLkIJVfA$!74h6c_OC!=oUfP8YgR
z)S2xZ-J0zz459>&g|q}pGbnhf6sFTS+nDW`^9SfUyKn$faYg`+4n-U@{l;8h_td^l
zi9<e%>5pJ_2W+~BW{BPm&)c2thGY3jV4vuI+E4x}2*||1Rd`y(#NbsBjESME_{55-
z;j8$}im8#S_|%H2(X05}s%Hbgs^%3sabmI`ZR*YT;z5PDw`|W<Gkw`?7VXVSd-uxj
zmF=DD>%-bK<qx7&>6vUFo~ViBKt{xnM?J%AaB?QQ7s{kHWYnMPN}_L*?AuPSBa_8v
z4)I&=eOqzqLdA$Kj5+;&9@L03J!o-Hwx`g0<mM-zd=h=MvP#liHWx~|5*6gLc}SWU
zNe8k6+1y;;ph!BTk`4xv0y&U$#7H_2NJ>US?MXTmNV*b|uFS4193_&fa&wpRK=j0O
zytx-CAa4N405D(xsQ@r&0O<fQWB}QC02vM-i2yPZK*EYf0|;v}Zf+UThg<LEDfBzi
zpJRG0)3Snb`~#qe$!l6*x&C^h4bAVMs~3Ob#Xc4K6XEBS_6J)T`%K_lhodu>jXw#b
z%{vPlwz~0=D7$Ve4iOJWd7t^AC_m2pV3Z$Vejv*CGM^9gI5I((ZE8Db%Wjp$DN!(d
zpAXZzNyrbKtN|eKhg|2YKNQ_KB^HYOOn8{Z3B)O}7+ktA)|t%t`;eJannWhQbEeF@
z@ljjBlYdiv*r&M6-xr9Gv)4)FXM0`cw`RXYZrv}Yun&nd;4B|w`54QU<(Ofa7+ZHw
zT|S_HNb2)q4{3EVkUj-cxN~LRklPQp#l4x9f-|)vmKXO4L51FJ0d#J0-v~TzfhQvH
zx(Ga5CU;cg<F**#jD;vRzkv`sXV>mq;7HEGh6p@UCVx{+e52$7+q2qDS<r4<B;`j)
z&_Yu)L3P?K;M#TzxT4)gAnMq(n>aP?7Q)(g3%Iu30<LJc=|kSoZr<v&o3fzYwn*A;
zLaN$LP@Q%QxVGH_u4uOrh?1Ii6Q`!#LRi~w0oS%$z!mK#e`C97H*?zVMC^96zokPu
zcPZW2#B((_y1eQG=5KEH6out0FmlUt20l;$&o9py_+SNmVA*h4-hn6;G99Ww8Vs2Z
zSHOotrXv;bVZ(F?O!M1ArlS=|BO%l3HU^Sbw=B>>g{0NZ44Plv%z$Zi%arLrrKHu(
z4476oGhkZXvQ_*!82%0n+OGZT#{PzW-4}B;by%3!&?qpgp}}>+6zITn%fmbU)#`GY
z&ojSYlpkQ;kMe_6_(N6r!&UerRrsSJzW<bnYi@b8qLw`KmQ(}GTT%^H;SW{e4_D!j
zRN;??_?1!=(iPR@mkF?1KOg{0ut5P>k_}ap3|EtkRFjO_BpjDsg~LtG+HMFZVZ>kL
z%A5yaDUX>g`z@W@xmy<InngtYZ_NMWvFDf=7Eg@MxCj7yu8k)~kXk3HVWfOX4Iwoy
zsX?R$BsG9kucY!b?wBOpJ=ac7Y89jIZWtQZ&j+B6vaEd=tOvJdoV*0*sic#WgvREz
zf56_>8g{x&7$zTg{IzNVY%~w9XpUAYOF)xndv(1h0GU)32BdD6^~&=iCmaA8tXA<y
zljPTu$j(`H(Jwyzjn95y`S%st%LLl<pgq}?h_q+sGuSr6te-QJWbRtCNoJ-j4?4M>
zIz7Siya3q)fBHtqG$HHr({z0<69$#blR>CG>d8nHi98*QT76D)!G3@zb3f^CPv=Nx
zs-(FHjWa8mgyHETd%~VO1?LmS`A|V7suOqQgFXEv#x}d;Gr?~D5~nnF$pv8vXEk=o
z;UPCpT2vRA*auMED_|Rn$qn3zJN_Q>IIx1p(o-w52UTVduFO8IGP|KNdq`#W(8}y#
z$QH&gz6s(iJss&qUJ8Y=cjq!2euv&$q+s5a9e8ifKNvmRnKFs4baD>+%_i5Ez?tf~
zK5vnNd&!A3R$kdSj<ov+foS(48-SzeVSxd&Av|&zzzvuU!fGunFkm(eXS2fs17-ug
zpgwRiU^dhX<w#B#FdOV8Be;Ua<fUhh%wRF7edfhhqtEyp9A}|*Npm=;dGJ`)I!8)I
zl~;ZSGiKrQOe=k~l|IHwA8VzLV_FwVCDxF`Ak1erybt;x!(;Z1h*Sitc9YAi0O#M6
zn?<h}ivj4#*yg!KDm6I}z_2m`j2cZ28kj7W<`${W<j~CWI9Z(oBq}mFEPy9tI{}~y
zlOqIxga9fpISK$-0HCg-kU8QMD(zNBR$w~|>$c9tcNYAubBUdW@vU>+$PD0yTrY0k
z&M{n*JF($HpUFKuSs!J*ozeq4r&HeeC^SEp(S1ZG26fBd|9}19`p46c4b88ABbK6k
z_BkEM=^u>}?Cj!6Ej!v<#;FKy79Rny*wNVZZyf(H<Q)GHGGT0RW&fIufIB@3WKM||
zgMCll;JL1lrz|unz<3K`tOPLLLKv+IFy2BKtqU;TLKv+KFy2BKtqm~V3{2X`_{e@h
z%kT(=6xhb0AZVQbbhIOg3raYBkK-T7HU`b96`lPXkG-Ca#-HP2>3oi{9IVtG7c1*9
zkEOcfV(A?MuvT|mtj$9J7VD0S#d`?AYTa?Mx(@+Zt~)N4{{aB&b;rf-K#=EiR!`2h
zn0AiHd6vQkv~ad?<mPQgIG%06w*1)i{ptsju|3%9Tg|<`%#^R1gKk7c%i0OZsx3@(
z>`t0tF*bcyzH<WtUo6+PVJGZa`-bxqlQMI1ahl2}otquqylgK|v2tLKrUP7hQiGcp
zTx$hYjZ05pa0dj}S{+s6(nA>BLBX{aY}L5*90qqtaIM8yH7=cs!5tRd-e~DvjZ1%H
za7Tz6t^BwMs89nvkwG0LYOoTWJ4NPxV@F=f^VC8ETdy20dJaTj;i`!KHHB3Xo>gsl
zeb`s{@SD(P<IAScvhkoJ80pj&vhhZ}7GZ0*ap>R~m*}Ck-y&@7IK^(%a}l<7onklY
zy9ir5Pq7>IUWBdPr`V19FT&OiRO|*l7$IvHDsojH2G0S<j@)H;BXJ|o#ctGxVVNVY
z`3K)YPfTG(&T*JcgdHpV6Bwo(uGz%$+}tVI1ol%gVHumgbMgW8aZZUoS)Qmefkzzb
zqxGupnEQK&i&uXJy*ho{vG8lJ6rUOR@%(JZ)OyV%FBgBZS*BFU%V+R<Uy3J@#p5Sa
zT6o60lORdv4*2fmPO}Sl6u3vbd9n+~`12OjHP5+-e+&@7hEieeN)a(VQ;Cz8a%M7d
zyqt*HvIozP>$X6kh4J-6vM^zVin#U<RRG{T>OtkK3r{T(FJ$nD9we^CWAu@f3$sYp
zoxwUG=ivc5<65ACJ-T23{q(QpAk@>SLB_>I>|xOFCu@YwTqAfo1JW4}YUaQ+)p{a^
zk;dEti9BhN^qOZ!R-l;xOTj&{4!|m7suo#J0vIN=YLOLMQDh>l7SXH#vu>fZmbn6h
zIa37Nabjno-H*F?9`*9~J27X?Dt8y}9XN;aMjR3;pFs5$FG6zH8&^OtIGVq3zh??u
zg?TS8g9N7o=K1Vi&zN|-2rC~Cau^41#pOYeJqszZ*=M6(ANpSC9F2JsPKgycB^EDS
z2E<|p;9>_Z8OJNG$9Vu@SiF%;o((LoxQ@U@)KdH$fb4(HZ*Il?GPVcu+)8=$ydZMl
z33IN<qO}zt<hhfM`JYF!ixkD{!8GFv?~de}y_1Uwq4DA;lbCd^?@xM~{T;Fjo9>uD
z^tVCtVRtIy?I`a|DK0BogM&E4dN!t67ofeO7`DkP5;ax)39er8R$Rp{o$!2~>7Op`
zAL)_a6>c5PyQ=x;P@hhTH`V-ek;0pd5ky*8{3xm#of+E{=<of|-}!hxsfbX_M?-mC
z(e{K<9{JT%p1?(U|F-T#=twIQ4fKbjD*g*Ff?c^TTuUp!*~kbK*MfJmfPQiqZF@P}
zCh&~6h@l?$^2G<C19#y%qKOS*1jyg~AJO)u=b@qVFMk-R6OmeEc9ALnB-Fk1e3q72
z`U0i|?<AryyU3K{oy^k3M}YT2rUdUrL}7N3DaAX5rLX-1@LtT6;Qa?tm|bK_@n%^1
z`p1Ab%aq`4Bnq>OOex+bmR|IC;Jt(?!8?^G%q}vec&D-SEv|F!(q^UvZwpbFU1Un}
z=2&`h5Ae1!C3xG2!t5ebinpCvDrf1XOtJY(J8+qQdjYhkGj+u(q|RV!c^{<CL~4-*
zi-avQ>z_;&??h_;L882jso(8~)LBeDGKJLHNG-Bpk+4N(mFyg(=C`Z?N|C8;>ySE^
zsU1&6>O7<tS+GdhBC|?1&n#tLT40JYFYUr*{vndRoG@O-e-VQNdm-gJpQYCx0~No5
zrM!&yVe+P>uVm@&6Hxjpmhv)wY*=~$ORql}r6rc~GX9FN^wli=z-cHgvy_+dw}+*R
z$WFecu48cAU2mcPeGO4C=y@+<o5w3Y%*%Vy;h?9_oI_Li=k9tdh$aNlrZFz^;SG-Q
zT*WK`g26~3S$stXmu<LA6nEeXH+Re-A@U3he~&6#2)ks2<-M-3lodNxv8PC!j%3Y1
zmWaqm`@v8EulOh$ZBRs9^|Fsp6?C;7(w=0UR>Tgi(~8?1f0k|s&heM;j#&|AJFz9+
z;4J!U(F&YJzmScB%=AB-aG!+iIFvU72ADh%$$uN-DfU*FUO4S3cv%eFvRhETa2YN*
z>p&K%;@1)Gk~nwB*$s9;2~6kGmz-Jr1`1Z^(+lsGpuw0vhI(W#qpIKig-OOV&)<c6
z<IcE_mh(FBpImfGycb`_KCWv%XqOke5cN$-pX>%HniUdtB!z6kD;7f*rhm=~Rf}jT
z1ZRm+N%CwYmBuTci?qKTs;D%u`$GC+WMDd%`wQe*Lp>MS#Tie6Tz+O?Q-?&7Wbrpp
zRi`6kp=<EsKVwZikxM7U3jDXjP;ve}jkh3Z<t9In?zYRZ<(S1}0H|1XU4wPPHJHiA
z2d?SE!PvmsQ({|C04nQCx<y)EHYpK4E}7!{P@)!y&uTQHOgmz}S$l4PgFA_AI-9Yk
z3wZB0<6pu-2J?I=wAI2qUypu;dA@<&TxFZvK#fi$MqryvhqieJ$^+XZeT{7r*vK~b
z32ieplE|_u4U}(myb-J*=0&_E%9ruh9WP&w`{avpj{J+zsayO4u6SKwC*(p~yx0k-
zgMXO+2t|opa1zyj9WcsoB@-MLWBN^!E(!aRWCT|xW92uqu*9p(#S*b+DO>Utj{Y0S
z<1NY~s!3^_5)1qbiSjl<@rz7f%yfxYoP@XJbBq*hoBw)X>Rg0li}Tr9RR6U=LO%)f
z5?dwa;7B{fw%}B>WzyuRWu8G~Bg9DIWGHN^$oZ@`PL0>3IX4v@c(E4-IuOOI=~c=#
zIC91&!6hDX7@XkM@JSa`sNYtK;`(o-IxYc~Q{t8FO+?>V2>G+j;{Q;@ze0Q3Tgr~2
z_!oh_D>KwJX;{*wfaNE1fiFHjYzL9qj-VbQq8%SQyg@sJ`I{*F+kxqnc*U6_w|oV&
z@$!|tCCXRv)}1IX%ROFx2k!WCNu|xg$?O6rV_!wcB=ge}k)4t-ERmn-Yp3{1*85JD
zqMulW=}MwXmpOv(lmtgOh%t*jC`UmnUqc=xURCdwZIhR)wtY3RoC<LSB!p_)?-CUM
zRTS)6rc1oiwyPWAl&A}}?I%=vrzGT&oKA`SYa3P7oN8Mk5&Mwsp{-B^^x>&b5Bsn}
zny3wmDyC@J%DX`x+KO%SK|MsU>KQvCtf#WsS`o2LMKsFtb&}_m?TAP3!;9Q(N5G#r
z)wXD>mF@J!7IzCzUb!qPqZ(JP3!jH`6#H^w7aN<O|1RW}sk^@j#HH&&HUER7DqtTV
z?9QVrU>_!oYmWK5j(5&g+8YSt`oe<UNEp`=7VJ}maosTg^N{wlfZ^%2I}!Ka0y&t3
zla{3D1<$<n-8y;MPxp14L@t3z58uFZ3Wv&@d58$PZft5OFnHt6k+&TJ81{UEq`r`s
z_jJO<IptGP&p3RnJoj;BwlJ_sUpbWt10H_Kl)=@7D4k?SGT~<($b5<G$biCPd=aO=
zbxDl*@BL_{x<MCj@St7YasSP1B<f<HABOu{&Y8j$cm|)zd@C@p_mWEn;zljUJ0j*?
z!h9;6>&0U)1)qDc?^TCSLiu%e8^-ua@`!ONmkR38P%Rpbs^jnL;$<3nc`=Vyb#!*A
zvY&`L_pdK|P-laxBK~-XBj6rPUB&<V;Qcb$U+jT;Gw3(>fI(OKzQfBUT>xhBFB^bK
zJek`F$NM?h5ghMLyd}z?r&XO?>1d0WQ1y&2<gY%KcutA5!PEf3lsw>B2^GINxj*}^
z-@lynmj^FimcKySc=?OGCCWGRhH1%{aL20wC6@BeV%}NKyObXqGP#9d&eu0UrUPXD
ze72rXC|-f;%3nq~HovZ9`YW2gis`RvdYS33kq1~CUdb32k1($+-l|E=#_>YUeV@dB
zle|!q*og)bQF@`nTZN~kPXaxL*J!&x73^Jk$(=L#owLcEo6f|vAVk-7M_xWayMbpG
zv<$z(4u;rQ<jok=z{L;%Giv;PJAjx=<2{vC_y)?td05<BzwmZk`@FnC$^!C-{WwF$
zPq+hp&EEJpt|`ld1z|$Ca5Jfke*~_DF@Rr%2S&ud0&U?k(D=V2djtix1wZwk4Gmu)
zff*)}>vL(mrJEGfiYIwaHHmYoQyD@N0yPf=%*K7{$iK;B0nrg(;q}g(JTd6qg=b;!
zvix;aNgwafkJanrTY(Vt@i#Oref&)l;>|xYDBcR*>NmXDcJ>$gH&QZLEPf>mHN76o
zI;cAjrI1&(QbhAG0rGT8tidZ%Hw$=I)syw5mZ7z>sKl$cZhY~V<n$ic8pl*TvG5+e
zGbdZX{(A|e|NJy$;-9wNo$q}XqQehR8lV3Q7RZuJ%x`(vB)jADZ+IQvc_&79Vt(DV
z1|Gizp>7RmgZC86->0N7tBXI2MQ`~B$U$(q!2^7bkE#>JkAqA3P9i3XH!{6P)1P4a
zM@(a6{!s3T@*TV{{wJ>GdvW2&kvsibDmDVMo`!A}xOf{drgQV#ArZbhj*O2<V@CIG
zF)5OIO62H&m393XsY>wI2>ywJMZ%KEQzE8+D+}+gEhN4c{*;9!CDh84T!@5;iiMA!
z3#N#28`z?cYpIl*NF$A@q3Up?#iE#iu~tP=FS+n(utt9;V|SvjEj@h;#n97@b@k*H
zKf{LJMG4*FXPN$)ra#B@&yjYEHzA3=_Rr&nH49a(Wd8R6aY{t;zb(nyc99$A`K(2o
z<bS6DCfQ&eUX8g(`PCfIF51D*a6d4zgKwi8?HhV_Jv$Kl5f%r)RO+Ls(5g#myte2Y
zkP}@+d-lJMG@7p6%uY)B-vkIAIBGF|bMQX_!{(0#OT)3rFsU{I1n@;lZuKW$x%~n-
zs4q#z?m#=A8nyFwZRcO>H-h6NXy>*Q>Z(G;(iTRR<7+$J;?1bKd=J>T#V;Wl_VgE#
zF+EK)!3v3h@8jb6x8qvTUZ+G3=td&h9ll8MwHvtyK%b;>UIhOR3eks;*B4w+NRK|8
zeoo!Cg}r2Y455i2_#rtm(=Xo1mQ>9aA4Uci1f|secPVqfdWwGa4E>@JXORL1Mo1gH
zv{L@>q8RdjtiEtz6CwX!>Z7QQ$S^ELeS?qtgRzQ=H#X=;{2xNdjI+oZE!*)HZULOJ
zEG_ScLp)3Yq~h<XY;S#TUB%h5{k1-d4)`yFe}x$cfMyU_cr)qI2ukl3zd|;5lB!?b
zYkyf>U%&dDesMX@B866c|1!74fKbRR(cu^Rm*@`)V@n)71%HWVQJ7w0{}c{iqE-sW
zEs<KMhB^OZsEc}WW51+Q@E63vFyi6K&&4L-CFVc<wjlP!54{f9?&2fhCR;DMgkSt0
z<{#AOl5c-r5DydbxJsTjuH3&rVUY<ee_+S_T@f-g!Cf2WZFt2_40ySP{^HFjM!?-a
z1fuN$@Wc>^>Gl7CIGF6-$6KQOU$`-D63RQlybD~{2bYKz@I3w;uqpH|yc0FepZ9_&
z{f#J{U!eY$?gy9o+fI&9Zhvu<KI}ijv_by`(T~^^g6E$x7p1=$r42ggFtP@AV^<m3
zf<Ch5D&IQYOj{E3KMazXtK1!?6Z207X{hB_U<$STnzuyxH@tBbdhuN_fbs*#cEcw1
z9?Vv{v2@k)|7JN}Rn)sFry9wXce3T3eAQpOv3()?R<4bNtziX!#7Zzocr%=IUKZiA
znh2jc;44t(QHp<3W8M7m?V<hdcZN|DbnqZJK?e`<7PjrT$f0Sx<%$z9W442syc4yy
zJ;aUVV-E5u(8%}VU}9bV9ZFH>!(;@8%<?XI+MgTaH*o0tWgt1x@XBCML>BERufXE~
ztcQ1;e=sMR#e;BNxCT}{d9tgUQwiOolBNITp$4cs0h6oIdR;t9Jznf&-0uzKvBqu2
z>rRS59r2`6bjDNo$WpiGe+z@6Yd~yeBA3FXK8X(mNS)#+T&ei_$vxOW<jMo4=KmNZ
z-PpL(d)(X;{!aw%zZ6fIv<*8<Q|T43Q*jddQ+F!x0p-YFpyY<A1o}$we2wfyW54AZ
zeC{xRO-I~|#O+L|<KhvC{DIGa4wzbb;L{S=B8hwvfot~(8k|UJnWauWP=V^NKQk2U
zgWNyS=KmD*+I*$Na~VF)3sim~W|`~Ru-yFbLGR3O+zE4C1&C?mBL-pZ`r(Vu!Lni^
zH~%P5pkf!Fg_=M5WlRq`*G~-1f9sGKJ_&_0lL77i&f27_Pxt~G-T|FpZI|t4U)}*#
zXS$OMr;p%CsJF0<>#Chd<GT%b_s5%<zZl&8p8;#a(VMHcxc^fE6MDl|kz~6y@4q|j
zx<yyI+jaasz<1~0MSeeGQu=rD8W%pOI{|G`97gi)R1ir%4qT%Heo?H)L7cn`7~C(U
znY+bTLrV%e5yxb)gCJXGt_m-oArqpzYl#GOiNg=!+=J5GkZ!g$Ve<1@CISj-z8h8@
z)Qs=0a{plR#j?Y;#PBFPaZ4PxSf%Qjb+`N|vsg6q?mq&B!!P(J?}IzP1NuTHR$~q8
zzlbU7;GanN4^R^3o(OX?Ze95n=Ruqw2NnDUjNRfp)`MyW7d%<qgj)v|@Grr={8tov
z#nX^foM9iSaa<O*gEi*zL`W@cz{fwZ7nk;*4`}%@z`$TL8T?JtTgZWQ<;N8;$HM<b
znyn)&Xq|AxS4`zzd?VKX#Vy$Kpg$yE-YGM7$x7tSuNY}+;aOlwFu5w2DFvevQWYQC
zPgwbJ$SEpJFoEymU=FwmYvqHXn?&&{^i-dRUp4YSEDy4gDjp9+?C8Xk+2mfS;&I4j
z@IwYD<}cDDi$4O%!fRk{6WR2_)AvQ@SuV;lE*@!a1u`CGPC01HYdLJoP()`ot)qZj
zNL}}>?dzDo?kwlrY{vro@`Aq3`5!RbX|i4OPcYl1SsXKqP3a~RBJyE9XxRW5<7))Z
z&34O&jCOqn`)+s(KOXEnWqYt4bvQA%K|0-ax^Jwncm4%ugKw{?COdyQvsul8mwdzM
zhWl1#yI+pDx1tXp5?GVW?p54~>h4{<HqYL_3X1PbEMAXHKh|UKMT5NlY@$Eizi<kQ
zq<leaGPdHmFhu;Fe}1gz3z$_%`VFz38-w(fv7Td5Pb~Jm*!aT%9O=KudOijmCw5D0
zcIAqdq#MSb+#$F>4Sj}32IvZ&nqU*X;^pj)zvEK80vC)B&;J7kMaO+zo%4Ip!jv{J
zNuRf(m)vlUVKUZ5nXpHcTlf>&=l_}GNa8Bze;YV%Tz?qd<K)XLP!IM-a<~<Gi|;}^
zcO8yB!iDWfmHz=-!#6)^ai=3+e1w~JhoaXrAQA8xMEhriwiEdwWrKR0;=UYXXQL{t
zDT$VpG1lo|#Vlj&?|^YEu#BUHcWbotty>X;MZ}&db1Nx)6NXa8Ta$z|90dKO7B08p
zE2N-aJL>q4qrs~K5znIJGG<w<NIFV6*GR~_BZp8Yr6)<g6(1^vGS*-ON()~G@(f;L
zAkbTLOk}bhQzI$SRadwznidVIQF_JapzRZ#Yk%$}#g=3Qmsy9_q;blwKZYt;zhl>b
zwyB@M{}<|K9r!FOuJjvaH%P>pfGs9tUxdC74gCk7eHibd&Z85)Bej<+uA?s=se_;Q
zh(<7eg^lMXV0}7*@%mLbf|GSea7st8vFN_Ej^MNz!R9Mu9KoKBV0<A3BRHcY*m3bq
zD10Mo1uRX*0v{&CPK=G86O28i%fZ+?A~ySum>GNcmMKQ*VQ8<r@D5tGCk~+a1dPio
zK8b5Czi>4QI+FeVHuS~9(HI0$oRne&59)4hDz)$dluUW4h4%x!3$voXff~O@mkTt(
z&3E}d7$FB#ywWeCHl?yDv?--+N*D1+#7o8nIVHmJ(^ulGltEnO!-faD(f8mGb@2G_
zq(jFE_Jla}Y$9^y*#usNi!b<ybbV>K>x{bVjB%VD>aHX2E$-TQ?`&Fhi-&SfY$mo(
zNp(m~KlWJU2Oo>C2>sw=eJjKd^0^wj1g@nW9~Wacl7?qeYH1QxE>X}ip*W0WoKPIj
zL^zE|1v!~UNRDd^z7P9!j{9H^;X#RJ4so6gI<L5ZdpQZXSKNhUhgW<#Zu}_Rdsvb}
ziL<b#V%Cr#%qyPH^0cO3fwX#{i~?TC!VaX>2dt3uXAmd0_~w=Hf1D^Rb)tCj?P0cy
z*>{B5Zf4&UW_y^uG|cugyBub-$VTeus!)gIqKVpGL}g5JVmt?a1ocxQQ0Gl=W=r12
z3#VGU5VD-&7_4;R3z!sS@a007V8?y^o%18-gu%&^8N<CAqej@u$yoZpSQq1?gLLkw
z7{2WHuhmI+uEEXJ?D{LDYQ#mWYAY_Ti)9YgIuS3Vm6%IO!(=Wc^}F)S_DHl@r$8$g
z_Mln#jG|0^($Wq+Y_)J9qfj&p>bS3`564&0XpAkH_{cC#%ABEd@qL(5z%RTJI@4K%
zXdQJ1G5f#+b-obA?3IBnGfqzq!(LAT{!!8&HNpB4_Q++pOjxluQ@n=Yarj_Q<1jmE
z;jiE)^M|XWF0%9#iye2I>WSfDCCvd7e|0*v%eX&8fglUVC(nF712ToalPwkJROLH!
zmfM_v5H-u0HBqCWt1lHN*O^istKTy&7~fljDB|L@SMUL-g>@Ksj9HH8=9$!ujAb6M
z8!4iW;KXMhwC=)lVKjVa;bh!(lJia|s7!6%H`Fn|8Wc(Gyw3S8$e2(hK2Pj+I94z=
z1Z#~Ij*oSnfG&g`k-u0+G|CFpQn+@JoaoGrosIj^p{!8yAf?ms^%)3+-nt1l_?pk-
z7W$eYV5N%h1t?m$;DH0d>4n4T&f^Y$luV{o1AwBXUjTM_7->$Dh{-7y@75FxCB!BM
z1>wqr6uR<YDqMN6SXUl0PbeX79)ouDXa0qi#;jRs<oPKy&T$uB$EElu!(~T5)*T<h
z!o1m%<KJFoKwr@mrF-f*m5YpYI79h=u*UdUvo!{Mz_sX-zIZ=pOHW7h*Wkl;yvqlZ
zi@(CWwRjRR7TyCJ#aiS#u0_%^edL$T7Cyl;u2UA&qI4bN#O8Me@fYdW1#=#xFAvrs
zx5o+(25_YR8q9^h7@Nsfu0xJRpSH0M@dH27Y8}G$4W<mSTE5kBygtjoM@~#suWQzb
zCt@srEBGJBF%_<B#-UWK0BT(2m!Q1zC<{xx7QceLy{=K{R{`alRv#et81Rxq#s5p)
zm%zzYRD0jKxBK=!Nl#C@XC@>QmPxMDGm~Xlk^qq)AR-{BU<QzcgvE@Q3*8fzv^|7<
zkA%eq14{IPqVg0`7JX0LMMXA6pTMvQB8Z5%FZlic=hR(#GNAbUe!uUV-}J4jQ`@QS
z)TvXas;-B9taVWX-jAMX8Gi*EFZs#n+YT^}C;D;3(Tt5ap#$-CjrdQsu91XV*C@S6
zi)#dyk82bu#GOEmYZL<i4QmAEfjjl^l{LbSfn_IJM(xJ-FbA=q+kvK2uC{dvbr-(j
z|KIgP2J45#W^QYH4eN&i(7`vN?}c+92klgIAcT2HJ~rK<`>;x1ap{o4(jldbD2yQ+
zuPI_}z=a8*;nE?c%OOZ_uyn}8mkv{}85A|>$jjOWYX>%OeC@EptQ{&KQLPjj!Vsm+
zu3f~Fj$n0m=Dd@Ajr6#f?QfGc#M`VLPl?tLfBkDf!z}Bsxo8dX*PefA4Y3=W@}FNr
zNbp6r>d(mf;dtBI0Sr@<Ge)>ZV1;mKlV;1{5DR!ATh6fUkA6@e1}BOQ4S#2tI^meR
zwN>9}9>#x5xLpv=RaGi~*KOkLN8O&z&idUL<KEt;e=@(<A)Pldzi!Dd>Gv=l$KOtp
z^Ji|8lF%JT?m0Su{nbAbsX6{T@vXlw2%PJ0Mx0z~{LD^}5z$%l4+I2D(1U4UFXb47
z^$!YDPWitBcR82kaxJ{+U|nxp#frBhstr3R3H2rZ&?fTs4RLp5zv9inA>j{W<{zA1
zyB_>j?OyV1FCxVaNrB@5px+SQb5a1W?|{5fx57R8JHmmK)v=Q}5`G`eWTHNwQnR^m
zOlkt*TZe$_fyh5O(3uoD5;jdJT>CWo{-M>ZC~X0hI8<}e$`JZy%RT%DA#P{Z8J~x4
zpqm=I>HU_VitHjdu>`q2HqK@rkx$Q|9B_Viybm7f%L}+59e3l@JBLt`Y5{xujNsjb
zoU;?o+zDZ>b<VS`w;g6Vl;v@bTZ~lrC&|f$Jbm|`9NrJa#K+G@!|CdAE}iFuPU1O!
zPPicKr}N^_S*7#x&^bWoiJ^0l&i91QAv)KE&iQoSA37J%`I#`^g>;@D`Yxh#Q|KI~
z^QzFfGo60u+=b4QLg%h@o*X)Nqw|5#xtLBIMmEJ?LMOVGaV~{Z^x=Ycoa%?7Gj3c4
zurOX5Umx1`VoW;6S%q`%M1|`m`h1T;Jy?5lHcsKedYm!_YgC#omXu_~JZkA{t&`-r
zhjD>1`P%hcTVPCiGK`5vu>R5U6M||t`)qD)DF#lzWBTn}V0<w8EqJ5@P<m1*ZpRJg
zU5{LOZX%1$=ZL+Z3qtLKMJv;zeUR&{nMmU;NW<~$6#MIR?Al0b#?8(f@N1cjH9hFN
zkl)H5S7yg@G|S3N%IoOm{_Buo-(b0RB7AYT4iM9TLJn%@0V=@$`=t#WKY`{z@N1_E
zZi4XH19=ERW#7ZV;1J+0RGqgFbc4ZrJ@{<zphZ|`xoMnMM!o3GW&Ymq7@lzJ>p(#?
z{>g|>Ike*+g78^){k2IP%kQ+^F<KJ!B?xKgp}YRWfgdf2`kc7mHT1*l1!J@%yng23
zuD_m8Tx>i>OQL>g6ax<k`L~dqB)xZ#hC)c7Zf^yhHwBZE|0mSiSRQNB=5q86B+Z?+
z=H9d?n{R-DF<@J$Y3oq-16eC8V=5$Hw<F87|3;k}IU>&MWmV@h;gdlXTIoH{$pT1B
z%Fp#*f`{hk`oD$Uza70qbEbU9k@Ju22)J|s=z#g4fvrhuYE7hU4|i~9A2xlDn=0k9
z%7(DUX2|*?gyT*d%M|Rid7Q>LCrb%?YWb7V>3eG1(TD_F`yd9^;|-cBIqE+Gv{#&J
zU{e)@T9PMJO2-xa9BU&^46kJ-k*dRf2mw`xH!@Xl#B}=qjo954-1<al{VPoCVA~%>
z#6HJc?x3S_>x`H(cnr7w>D<-!PexGOeL&ZSxJzTJPmqScjtFr~vR}WI?TJ3^cC>ka
zMjhgo1EhkT`khb<MlZI~By1v^8i4lRU$mk*R&6U`VVfq4WGwTf6JByT5Mi7Az<v<z
z{J{QZ+WCR~VA}bih{)_UiHvoexKSxN4ty_xR9x20-Dc>NDB>H+OC*7?V{3i}1zXTj
zamle5h=OD^2%2vtZm${^<>WXxk_E<JFnqLxQzmaqb@=Z_c9QWxAC{J^oCu_{P|77`
zOIc8+EJZ@CWyJlsZ@>W|^cZ)^BJa1c-J~9u-U_FZCKG8LBkhR<bJa0j1$Y|)!lEI{
z`TbxDA=F@*2P=4~9Ct&&+F3t4q#o79>Yet_XL{!a8`1GcVGxlUo)eHh#A2E?#yJz6
zW{H9Q1S~O<X2->?Ux!Sj`LzTnme79N+QHhm)#`-Py2)<5g}7~Jj~@UN15R*1k*GX}
z4$!2phCvfH4tb@pzhqeYY8Zw+bc(R=VY<&VEPXXh*a*^ktT5e($GW_=9yu^sdo<bE
zNoQypkr(KfYrO$H*xT7=^;3`wrcfz=v<a4rta-=(I9mbRmsxBA?GtPQ-N6m*RJdg*
z^@8=>1q}OZB&xfI=};Dx@~?)MIbLD5j6VMgTSmIkSV)V&h&S&`3As-?h8-@ulnl-$
z6q99t0lF4+YchJuBj1H52xdpw;uN!n&~qKQG>ZxXX#HVCtBef)C<>Y|8=mR<mGJYz
zLFx8s{jttnK}AGYGR_R2U|S2VL(dBK;`A=}!%)9Tkgjt;y1eZ{F*lgn?#zMhKwWqV
ze7F@Rlk@<#{wRJ=)}BBFtWZV#-kDE$P8b$9O9o-xJi?}GLp6jo(q65mf}8P2(SI^B
zrc>#R&jDCJ4j&;g|DZJJ`ywN*STh${(=Zk=eZ9e&d9>Px#?M4g+Q>0Lr5;&Vz8wzR
zdk{^|vndhC@qSF$5ulXgZ$lU->Awg-(t97lt4Tl~qq{v(pN<lCc6uM4I{fA^{Nq!E
zADx^&)sws{80WlL9#~!#kxRQ<|0Ip1W;S)?tHQ`8!`Bk|1B}c<2c@I7ohjSY*?lOC
z5oQ<0xY=$<{W^`?ScQ$-<$H&Gzl3jReK|xI!SWUJK_<qVXiR8{iV7XH#`cQBg5fQD
z*D~js&;`c^mUTG#Yc%Y$krivfGmw@44sZf?W1LnY1{n~8jEZ%H7~rmdbF50*8++Q5
zh(Sm!;1weV85IJN7-Uoklq=>yp>s;1oz9or2GhELt+sVy-e9>53X3;_ItN(niTBb<
z`4Ed@-rpMq)=?ehjeQy1)WIb74Sgr}C>3g>97{%{r_^4%h|YGipFFMheLANZ=k%IY
zhtsI(Ab*OnmX6`H+ba~J6SLcUnJ3>K8$cQ85CTx>B!O#&eh5g1Ar26*CkGbFHeRWi
z80bzEi?WG_!QWByh(m{>1o)Z2L3Ei)$u#H(#p@*((;MdNqKlImMty^npp+WF2GTuH
z4hfaUskORrE~w466&&<K)}dzvGOce|yZ$+lzr&shWLmIywN1NSXawx@+NOOOb{j8Q
zT(OVJ;w|gCw(O@=?zPk&e>Vz-fpHDH-SKv(<8Q`T6h5OYKz}2B43QztAfIJ;uaD7-
zZ;%@I$LXGnL_D#PFHczeV_tg)=e30D1v$+XNTpSN?ww3hcsSv*Xl{<sTK}p8=n=Fw
z=;x0iRJOV%r9$;H!EXqu4jB*ZY8-}em`R=jCVUEp>3~4Xif(S;)IhHP3k32Hml4EF
z5bZu>sDcvJu*nTxVX|J2tn=yE7HA<eurRILpxnF6=r-sdm@jltSVTUDmy*I(p%Lf*
z1zspMeFi$z^#25yh?t<-A!#+=0q=>KrF8AB>_};U89I=xPSG1=_UT{F4G;Xi1HZT7
zcO!nd=hNbP7=|orsCPoyG1t`G3kS0(6<9|pV$34A5Ei`tH53~(Cuwye&I-0w<4C}l
zVqk!U{S=T??orwXq=&T{y%LzO?vxgiQ%HeHq+dokz^ie0oM@;@C8w37{BWW(trP{b
zEGSAsDGHWtg5hbv5O*majz$xWFtVi>8Pcq{l8*R?&8@ARrdA8r<N6F?1`=$$!D{4o
z-z2^hO)Q#IC3o;z)N)p9IUB2GqpV^Z7L?VXmC?^Rm}79k(aL{XR^6&UZOvr;VoF$v
zkkk)jZP|h^IMSm4RA!Xk8mJ$ESG{6j;YR7Lff)FhsRF+fKxIeit$}pEn(Bii(uPOF
zXP~Vgns~IK?@0}xf;#j*3oM(&E`XjILYeYJAzM2M9ndv>PUSAst)XS1o&#%GbO&&5
z+d4w>lTI(nrnLEgMjn`)q_Z50_L1o!SDj(D9oRb{8R@Lwfi2mrSrI%rQPdRyh8M<^
zs8GhnimDi>9LTojS=;Y#6_GvW*rfGdm`4JS`ps;CI%!k3&+#9D>H43+7g|;?JNZ87
z+k6@>;ndUqw_z=$2l6RFHzRB5KDYL16yE;?gFTE-0Qe*UKgGucxRLIM@G<%uvL^ry
zSL>(%kE|k+b5s8H4E#lWQi4rB4QvXKWTzr@GJ+1S85$_01s`mda&eEfk&9=Y5!Zpu
z5fm_XppnJQk>Cw5q@;*IK|nkA1~H{YyN^(2G&Gz;ss9ItD_jGIp|i)*s?_(m$a=h3
zg_FGhHN`QkCN(|Yg)~HWilrC1!eZ3XFGb!(t|eRL4N9<#QBsG!QSZAfmePx-CX7~I
zK0N>;DLtZJWeX{*cdoYo-k5`u%CdT2VkQR=5OA^HmkA<wOOUXfNntrPEIB}Uv@(<$
zN0`IaKtEuVg^`uy4o9pwJL!FmnZyyfb6Z5d`bvmM*r{`qIFeh871i9(?^D(w>hhf&
zf9(mWH{fNs%liIcrZ588$mkOF{UTPASJDV47!p(OF5)IE=r?J@EHAu4!s8I(EU(U_
z_Z_;2SZSSV=REIPCt|WV8hB6+`!x(7mBTvzJ{bDgg?SJlg^Sp=9gGupapIoYv0y6(
z6zc?5dZ0B)zG#YF&xCNHs?kF(G-ao~?*lmr8u7~D-q^R5J55)IFkOV5t(1v0Gcqz0
z#}3u&^3=>*cY%vE6IY9RsA^Dn)buLh;xq1i7IWod&WQYC%17i?bdNPT=yX;g76}!Q
zI6`Efw1kd`z2bXO3bHR8h(2j2^z45?SPCo!9~?;34?ts@aqtmq_n#_Xc!%9!#SP%C
zZWh_`f9PNftWq0b)ynmwfd@Gql|57UYbE=SBVAxzy1PuR=sHBejb`&)YH+}0fxD8z
zL?w>$Q{WCHPD<u{%56xSdtt7UJUG&%*Wj)AfpmM)71r5^FVT-|tAc)X48oQnb1dVT
zROQQ20%g`oFz}}9zNkI6A~jLh?*#$Gz;H1+Mho8B!^sRv5{46%e04kH>VgaJv=~=6
zT-k{^NQA3|!JE;z3FS(_s(~v>DWQQb_)OJ5&=tVIa<eQjSacXH6oW)17bW@BD<p~3
zO_JDD@6p85gEK`7&Rj;+j!BtII`3{Y`9P{$167P7gz_P?thf5w=C<`QtM_YaXZ?{U
z`~vn$9qI5{ynd_Q{SF9+WQixDKK~rDQlZ?C^^u#HWoYi*Q_$QpH*NyDyW29QyUcGn
z^5gvP;K&@S1)CqOGkkppRus~ugIWI3DQ0=}Mi76I8E34%Ax$4guiW}DyQ<w^<1sAn
z9#l!cGYEOU*zolD{`59;8~d*IImh}1nPU9Ol(um#>vJxq#*L$}jng^46Snxq&*#pT
zY`_U@hbdqKg!OYjFbX$@Xyd21!cHdalvY@cuv1%Mb;3?-g}sZg^YDq~v6iq&_>B^F
zL2I~o6E+FI6gDU)!}5ep!nr`$B%Ip`n}qW;!Y1L2ZSZaK_z;RUIghIeo0P|g37eG1
z7Q!aw@yilm&)^fQm*)ukc`NLB!hX>T`+FI%Kj9OLYhfyh!PpsU`?%IgvAPo2A%sPB
zC9qY5Mdc9KNrXk^5ZFe-qH+lA;kkfCZ6vU#37eG1ZwZ@}hdmFlNqI~sY*HS7y9KcK
zq7t>dlE<_!0M=}UZBN*ED{PpsGg@JD*V`wJZ)}AvCG5;r*b&4fs%Oc!kGMqrSzv>N
zMg3V|KV*5M{w%QBOfPD4fh{5|YIA|@M_AbAI__<`R}Ig`gZ`1X89#|*MGn1|!14g%
z&4+e`KP)N|bA%9RNS)=5!weF!0Jv&u-8l0yJISrSkm9ROj|f$tHS95^NXAN`k+G7V
z8}6EdyKrNOLNA?%cLS|D8+2Q!RMr_NxaCVu2hDb5CUv{Tkx)lP97)+nR7n4R&H%Or
zM8T8NCGh(P=!|Iu+n*(w1c*2}D!&$x$Y|Cg@71K?oj$5gHx{zh`DW(GVBw2-odqj*
z$;{|_MT+CEMRm&6ODgO%v&UUi%pMbkLhWF59dqVJXuYhb3)b#t4M$pi<dIfk2TTK;
zR}O%C4RMP0I<nO{vB?Z5u~v<u5H{Q&#oS<U_{kJFAXA-R^47p&onIgTVQY9ECI+;o
zm!|CNbj*xwTAn(rZ=eG_444x9^Doj@-$>b+4r)18aUz{Ep2hhdI%Oz}a~+*BipA;E
zDFaxXC($Y6K%6JjDMLz}H9BQPh_g<o3<hzI(JA9Voa^Zf6*e}WLMKVJYVVv%CuawB
zo<^sP5s7;`oqr?A6z2vyUk;rOI7QcG4(b7GHQcq!VA=5t;DL3iOpoW&t|SOyad(x=
zT7$IYH)x)X+^dLXe-@pbmo&e#>Ex88&U5JGY^2U}>EuMD&hy~ZDV<rWjfkl2LfAxr
zxbdP8b}?+@oS|wYy|rCFh&!mB1Xkmmp=u<(F&Jm48cA;q#u=(c(i?+S2_t!r!N^6_
zNbYLW+JZdDZA^ykNEk_AEF8HFO)rZ3E)cOANop({xr52+kvo{29=U_b>5+TUI*9Th
z_o8(W!N|R69Yip4FIoo?jQvUTI3yL6m#wOKL@+k3<`KczzM4k_V<T%G5sY1Uay`F<
zt~oj1-x4P68^!${VbZ=4?DvF8`$n)o5GL&#!G1-Uv~N`27sB)+*ssHImx0h}zj`qY
z7s1$B$A?fD>BZ7%qJa~QTWRT-$FtyVCc`$9-{A<H?7?ANW0tW5!ckp&;kG~lOmGRu
zckM&l#XV}*BZ0}V9}*TN!11Qjyr97@s#%JM%=O~Iu@LhJ37vG-n1^sk5`#4!^9aeR
zG;PcyB(T!HF^`bcN+ZWSLZT}z9rFkYY>ga9%p)YVHL@WwkC5or$cw~0LegC$a};^h
z>{C#G5sXwyI#(sQmV(UaR*fK@?8%`gxze~NyL9MD_B8Ivz8!j!PmO!BlZT#USdAx%
z<v8aE*$WvLCy8{-Ng^F{l1Rs#B+@Y_iL^R}_{tP1>B(FnFqtPM(Fi7!rKB9eWX6=_
zBbZE^k_Ta;gN8Mz%uO;W#WVnMu-nGcvHv_Nlq2It<Rb&P-GgWD`W?MY5qtu5c&JN#
zEclOcHiJp008tmx$-AnbMrVInT8=z|E$7KOFOG9yO_4YGnq84D_(<qEt`@!AY7UZ@
zpJNt+tfN{^XRfB4$oNfz+N8WGhTAI_{VcVCi)7UWn2Bo?RCf}|S<r{9-UcphHg2~-
zq9T{S1@PmMk8a&02F4Rc<L4bQz5je#)b0uym0(meV<JKU1|mY~8t&#@_g)p;p6II7
z6J!rXGh6f`7N9!^dJ#s1e_g2513?T#DX!Vzsf{D7s$XKmAIW&%#ix`)I_cVtOvmhS
z6;u6sMq;+L#}U>v@`JWD-C9!*_FXQpdbV2A4hNiie@ju$6Jq5|+c-%0E7Ye|oA;Qt
zZH{t4k@=bIB7M{jtGj9yUNzkpB;ARrO7hR9%QJfK0>1T6Szw)lMtS{|jY7?ufs%ur
z5Xu+*8xSL`{6y{fN3HNosHyzh!^&^bs6w|1`^`?T59+jFy?KS!DeLhlgjq|xei+AV
zD2|r{0lXmc(+CkT_RpX?3}bK5_-=?s%O;=fp>bDo#scN@ZL44{eWT*APM2qc!NM)P
z+!SM$V{1P6Z;mbK#;^YrUYr=%(HWzuYW}%e$ElEU{ssc54dY~avvOapv;G_eS#l-H
z2EB9AqJ;=CkP{M@UHpi^Nq`hSUARLb4cWzaiYF;i;7K;ocz#SgNs<Cj@{7jvJn<xL
zQqRIT8AtW3o><!_#MD{O2U`Y~>BBAlpYd>oOt{`f#4<fjhC5qbI!-#7&;=^DNV4wW
z+}a0Ysa(la(&J>;v(;S9J}syU7njeEzYiRnWbVunebYap6N|QF%z0M0BE1xe*w{_E
z69lz>2&Bx-O@L5yjXpHReYBe19u5^t2~zb@p@ZG10Gxp@&VlyD8KYTO&4p_A<HlSp
zuM%8A{++1oXM2BzS$9GR=_J>~qv(&epC$Zqs7_=j=1n?Fdpt^N#&MxWhv|nPluAP^
ztG(Tl^WaF%YM-g+YQ^s9SjXZ1Jy8bPpjt)?JefcD6W<-u6?@<yJGMB^Rd+N4gAz+@
zWBTY~W>tK`Krl+pX!y}o;?7b6SIZ=8Z+jeL*eI5j+*%)<X4kct5IV?LYUl5(>s8{7
zHL~b*h<#MYa)9rN{}|s+gYOqYe1C$uPpQg3f$t@#;~2iT(D{$?{VFnT#WyMUqrHdt
zh8OjO0_5%DL?_f8N*k>q71=*LRi(<=R?d+kNA9q^rGcFK|5AP;YS}hF>crH~N4HJ-
z7vhT^?w=dh_wTFH$w<@qX3skIaW4hQ15RiE6@IS&XM9CAU;hqzeM~j{eKIzimvJE0
zMDNdT5GJZDc$9*p@OUx+Py~DuB*aLZHZ%N13W8t>BBi$=-KK!!K`?e5>oVZv6Q>6K
zMKpqoOFjU(sjAT|a8xc8$;)!$o2q|=0+T(EGRMQ7Fw-iV8vkGzd9kCSD~${Z{mg>+
zW>ne|rcmM=+>!<is_4jpcfXzTnf+KNtp&V%>H-Sb6j1CeUm4{)Ny<l1eI63e+ISwR
zgtR&M8RnY^b27pNMFrQB9oQ3>WP}CTwidGD>qfPJ`~9Q@x)lb&Ll}9U*u6iXh3cCi
zV2a}4D!^FHCH|$FBlE`EH#Ns|27X6aaX7ZHJ*XVE<*#6+;n)IAN8VJxF0Z<97dT%A
zkW+{sV6bt7zX}%YOue5*gAQ*tQf+>a{@muLhtywEc!?V8&p!@F@U!DrN*soaY402e
zn%{>b4NS_M)&D&*b<2FV;SaD$pMaE)7~qKzd{gxwp<wklq0WRS;Dc**wq@;39BT6B
zLyR{tUCxL_GTeT<_F(AQF@6&!!``K`mnO#$;mre48uuVYm}l!SX>CL=7*5L>vmCb3
z<oFfbJY<%u&UEKcA_zB6ndLC+J_cH-3`k1X6L#%;w+1Qa<Um;f|H>Bwcq~Vp<}*3+
zpjx3?O$Ryhq*|dmQ&0OLM;=uxAjkI8gB&xOa&5m5GBmyn6}FKzukz(RQJOK<mE%8z
zN=$giqV>>hA7bs+SF<TU2P?Eo;ESzaI$ZxgIOI|Ye<ecb+?cdZLR#yYR)ewqhl4<f
zb~6FzaZ2GbUe0deiCM>I(?S~ziKMiJ{|JCw|AcEOyivdlm=F_sWste(1oNZZ@Mh-6
zjNu<~*6NVxJntbZ_3i<7!4D&I>5E%vLC5!YLYHV>6M(O!1-MgR;WErfr$l|!ZqQTS
z7e$v7J0Bp;r#uh1)opaS!bB&QDx;|4V%qyX2k-kpYd46pD07w)k1wT-T;>wq9DuiO
z;Px&=z`m5cw3qNLUQ4kRiTfYJhq~{Qtz^_$zX>_jYpA<YA}#Ov!CRg}C97zHN<#Hf
zq?4cUpvHC^amvPU!c}?s4S?lhus}f{kJ11osOQTVF;6q#KsFJ@)P4@yt^`H+@cKNc
z)3E|oe<Htl2lRTV@vcA#$2iTF3dO>t*{#$*k)K=p01(jefV(g_vB7Aa+3Js><KPCq
zf`0{O#}b~vnW7p8W)!DOd5uwDhhhg|wJh4z4rLwVf)}~<<Kw8=;&lId7#haA7~Zpw
zEES7Ic?qx7q3~jdcLRJ%rSYp#$XI&5(x+nSm1$F{GkTPwIIY-O-ve!Dj#K1?O<8(B
z9*ck`Kwgy#W)x>&MLa`S#8Cgm`)w(CuA=@FYNEbBqW3Q+<B31&Otj-i{T?uFqQ?ot
zIvT$<_<^UI68<9tr#t{wYj3pI446<Aw{U<DCul^qT-H;#;?_DAq3F*)@+8dfRE}-$
z1T+eGlE=u6a70Hm)%Bks@B#2P^-dyfs12(ypb>W>ozrA|Jx}s5h_Kn}8D{?mdcjam
z!<yFH9no__exQT5Cme;0{{*`QSB~4KF^PSb(KkU>K*#s!5VeI508;JA_)ju0wX6LR
z#8z6h1%9@ZPWj6KO4O?u!OG$4_R!K(s1@F6ZhLDHQ^*O97ddoN^$ceH4My)XZ*96-
z*QqF$_1Vv=?)Bv$roTk~&}lK$^dsy<38ADo82M3CALJ?CiFl`@J`#QoNI{B(_sLvu
z5UBOn_r^De_W|JnHMibWIw~~mlgeC5_!$I*wypmlTR{q&@`jkwdAOtmz1h!Wdo$s8
zBbYYQ1Oj>w!l!?z_NE5LCGSPufc8#U*8r~#Z10G4C$h<0-y~`_aH!p2;r!>=0z8bS
zdw`!q9?+J@Lx}#(uu6eSNmoZ~QVA7DY&IptOuzNDfZ)iD4B3>=!RpFbb>!{A*+=Hn
zGDvYhmP`@sQ^a)<Oz4{eSJtdxk=66UedUBqG11(TGqX*Q0Cmw%L;OZmR@n~jM^W^|
zl6MrSt`r*#p(*XND6KcZ=CN^0fj1vExnXhvEWDERRVOSg=zfOE4i-q5zvS)@+^z7Y
zX#RTBis0@Xz)#Ti9LM1sf$MuYe%A91ZfMYTz89k7Jt3mkdklhixLd9{h`jNf=t4m|
zC6jCajhGC%$Y^e54|Rm%Ha|wY-5|)vg~o34KVU;;b3Hi^`STCcstHCzh=K$oi9Z@B
zDTxoxW~Z!DkCmrRH0R@wYjSA2q;(b2YO*}a6WR^tCB!8+ejTiMdpzJ84C%ES%yCNc
zi_;oJdcZTtb9yn>NmI;T=#+&j!V{PJa=J3O-%B=kUqIv5-w04Zzlev@FUR6r4CCx8
zj{jSP3rG0%2-CtZy#!y7$$gN{K(FiX3)ABzz+fZDL!}~;R2??n-$E3iMDN&84*;#>
zo%MY4HuXH$I_fN~XFZ&6RL9&}w#jq((u=7Np0qARInIziPt5(_A!{8tX!wv>^Omx&
zq=a3|r(4*ybTp)7C>3xp=O6X@As`X-dYp(GrPG{<3-5WftQ{@y&A~W;9kSk=WX^(p
ztu+l#9%E*L{WNRZM_}ie0KZ{94;=~g<=ufWZd}vO9W82ZKpDA=p$QFDpEpW#kt1&Z
zLAsCz)7ly4M%Ih>VayiZ)A(S${C*gC`8@-r>R*7vIR>Ch0RmOdQ1~ezU3*Z^{!I2~
zd)O}bLnaAb4G897*A!h}(tQZAai&)ic6}!AwQ)7sp$WS_llQjbgJ&usi`q!r&1U(o
z_nkC9fx_Tni%-&M(Bb$SFgNRzMxEVGZ(meL|N8?Wo}6XWXn3(uk1Ik$R#FJc|2p7*
zmh=mz=p~VW-C!0F5Qr%t#LBw$0{S#0hALBVnl~bp=y8K>v(A<@2=a>vhKbGB6OnRP
z3$B{uIpaK5Gs-f83hT^|JqHnQci>KJip=V#hea|fw|7r{RHSw_x>G9JLg*KOY;(kb
zMh3KlwcCi!+oWm#E_^96tAGBV#rHdt@g?9N;tN5m)HCVmr&-~&d?v8mM2pbXFQ5(1
zVLvo$?N7nSZqVO92$OtnoPd;&)Rf!@B1_#tT*+K*(~D&&bT}1#(rz&Mbo~rW&IO#_
zos#kj<t!zl#RPK_&1tMCl&%I#it+!%T02}(*bSBf9B-n&0R5zX0Q;2T8;N57S)jDL
z0vJ--{{%EfX(2Rj5ajQ|m_pkqr#V;ppLj5~$75ll=q2ZpO_bf>qg1bN@?4*jg>p(N
zOX*)lPA3ZumpBDyY!e1|O0Fm(Uz(9B!uqTXt|wa9PNtN&h!48lT-uggtZh@ewl#DR
zD@j?~2Af_&mvnE>vOfOtfG)!Rd8LbxDF#<{9L~WG1$}c>$2;ikr$WA7;sJt?(EB@{
zu8-kCx<0+(!kdok^!0uVz0kr>0^msT9sgkT6+aKa*cPlasqY`;c4TXAN731uaK~#%
z7>)Q@G@{<H!4<k(Btj4f6Y26^Xj7rf8jf^1MxsfO|9Kj{5^0^su>l%g0gb*nqS2DN
zt9b~GUi`0<?XzONG$fLoTd@-OJWGc2cQpMvD>-CyxR*i}fF?upKEH5AHZwTuBz~Wt
z_-}KcA88xu`uQ>zn3dzNM_yn{YB1`*$4B-jp9baGX5X_Q`y%Aom=0M~tR2bsya!D!
z=aA&`-Rwk1uI7$|_Nq|fFieKnk*2Jjf1RCH2h(61E`b~C3h?Q-0GB~@Kq>y1ptSy4
z%;p0{UTy=6-0<IIFb%971M$hPlXtm*WfGmP<`)@CCZRyNeIK))yaf%5(-+4BVenN9
zXU+uf4U7tz!A=9z3AL{vGG)9;@H>=YuF)C1C0r4<Y+43Fq%R;**0Js_bXkYIOXn4k
zW$z@83HY(>JHg~#WtyW=0w5Zg8KKkZr$K4Qh%Zz$F&LPvoInm7BC;}LVTV^qE9GiP
znMh3de+N%<p&2jaX}%bZ7vYlr6`qEKsqCFDHN^TsACbRspxn+@O*C(#k!*gMMuXph
zY2bP8ptH02B^dp-obYM^MfbS0rXtb!I4h%<B~h6_Z)G~5kInz0huHo*w0%WvT&oWN
z!;4T42_E3aLV6><^?kU#aTnNU(GbNF(e=(ksrnLrgN0+f89_W<Ur>2845$4gVI3l+
z2cz2{4g;BlQ>jbs;89Zm261^U5gC|g+&NQhdh(VN!B>LRH!xoulRAwi_wd1=S{KWB
zk=-As`87ns6&LVtewEfl^DZ%Pa;o_Q*c|^{;^_KK7+k%K!wgn0i~%;7ng^6IaP=bI
zX7xhvmeq>_wq3m(0GgqzM9>r-;cb4MNI>nH_HU~FBHF*D_6uqMhT1QHU1s6tcL+!}
zzfA*8`(2o<Q>8zzv({Xq>md+RmW)J|Wu-~PNP}4$lMcSno7j-{(u`4Oq}@t;#eW;x
zd%4~C9wOq@+c?W<PFWG8N<!S^VlFHXbD<f}r8N)n-6oH%c7xT#b6wwuIatKnjR1Z3
zfgtthM?lsg1Ku43BtQcaq#i_s^%+BvGVy0o=1ZjiT!t=#)l9xDTzvgH_AsF|IcUpr
zBkLfpBl!wJe(`09Ww`tEaKV_r3|@V5DN1GTTw(tU)kDp#6e0UBr;ths*~G*+o9bkD
z66f4HaWSavZASL>EI()Cqg2~mQE|gWr@5h`MUJOSh^5DgpwFD!YYBjx7g#3rAJIcU
z)OzPlO3x_)-FlDO*O__;F=utxwtFj-`JP3gLAyCWfuFE0MSYFm$(r>pByzlZAS;0I
zL|oY9ruEsr`RHWAl5epB(Sd%z4y2Mf)ytBz3Vm`|LAp%5kMc|d;_Puo5U0=InI{{_
zUW~7!%7+Q@^;ifVdyo*`F%)_y`utr83D1F*lK!qOfcq;$x!U}VK_2yyUT!RcssCXY
z1z<}c;<^F8!D8R7ZQpD=$yCRstd3_;9p3i96{q-FOE_BhEI<X&KaOBrOQ#mU3!$4F
zHr1tegM%DiVy5H(nVb`>0>p+uxt%iuoN!*4&zwnIQ6@VRUV$>1ExWR{M*;Faj2yVz
zGB{I7#Ndc&-a~7Dic%Bmfjfe}byko8u0Vmpo{db;Jv)Mp5vDXIsOkJUfwwI?x3zHq
zG+Ue*9W=-fys@?=3|P#r-%ZnAdu|Z9n3Ws9N)RBiK5*%Zh+D~}0*7CO;cV}HEK$Cg
zALuRSW5e<f=%Ho2?|s5~L6Ww|0nM$NfstY%7F6C5X|L`STvr|rU>(1BO8n6<5rmP`
zk`G`*!@PAgtvC%E8q<u5AKuLNAM4;ELmCO~C{0{JHL)Ogz>EXg`v6gyK5@EfX2|f^
z+?o3IfNL|)u)Ql72)9BN%f%x0gP%aM8IAA%40gm{g6mdJJRePMu3IUUYSQv0b0JJ;
z?OXKijNR_gX)b1&&T&rx4zy4{fqPWIXJIE~=eBoTtoNeW)}8jk7i~`G_`|!ir#MD7
z1^c;<d4CD^E1j9QV=7<ftjCjK_F&S%#M)o!|EW{n+`9lHr{e;&zzbxQ@dzPh<_-jv
zeKM!wjr&b&5o8|*kwLF(+UdY#Q$$n3L6kLG-lD*EnylL75>Efk7)}&_^P>Bt|0R5R
zg#P`gKWKNl+#w)I*oJhZ%caC4A4l=<;)sMIRr0Pvv_bJA@16Ejh)*f}Bj|ikSvu8K
zg>^w<UhSm^v5!rSQ|8Z>@6*TM*jh<#r^Lh?YGWv(Te}2bp#)mm4cOhiA0RA|xtAJK
zD(butP*<U?x<y!0Sob_;wdvj#?2lXJPm9bD_CHu<u0O7IS}yo~{Hj1;ZhKo$I52<S
zl`utrU`LekeKOzCi<-R-9=lkCDjNsK2M&e%k{TQ{IN1lvToTp|h<90Ro*d}I=@*$1
zb?B9AZ$%jrwWIKj6<G%?4pHNh40IkwKoc>FTz63!N>rD1_NUAKZvh$$hoYHFhsw1t
zN~&LOO|>jHjmmCXf352x=KCdlWBFn&<>2NL%i2twMfs$5AA^u0QfAr7rhgyGoujn*
zIe2LsMY^#SD>KK+Q#Y1pdftMxE@xU&Ct2K{)^hj^LO-&VuFUG_eqtw62f+-!srs4t
zD(Td*ueS=a|GU-%(!L@}+xAJhD3VRd>9%||ei2@@O<jnc6T|uNoxoG9K(`v>vFB1U
zI^~~?Uvp)Sf0Lk@<KHbjLU<3I5KKMkFA7fPR=QU$rQVeHibXZ+$UUuv>va3o9AV}h
zDQk&+P!C*-nYHh|fSV<gkqX~KNP}NTIU+FBY)`wvu&7^p$wF6n6^`dCr%G?~TADS6
zwKUVhTAFEXvz8X%|6(mo%mUt>TJynLx^?}`TwY=QOdNInEQPeOrsn#Yj;Ytr+osjJ
zevWn!?lZVi76QJ-x=Q*Yp^pD}2kwXJ$ktX~41%Uokl%v(ZV1YP;M6zm;G97Ikn|-M
zANvucj8mr&$Wf+G*Z7gR{eEHu`Xi>$AMRt~SDdpEmP=2@sNDDf0`)G>R;Q2C=DNMh
zNABO^R#s%)-Xj)1*LzH^S`wdBs`r?Y-kufrZ;{)Gdp9h6rguT!c&5|63r2c(hG)96
zBA@PEvhW#+)LZRcwnc68dtbi={WEDn2i#f@9PlnIxP<djBlR253>%WYdk)W+u+HW=
ze@CE|S#c$dE7zXva=TWide*E`?`ymI+Y^YihlvyfhsqR6lH8ncPgYtZAca)V>U39_
zLZ$ze;tISyvANKmEKg3P(wYcTO>eh46JS-QbfDthgkd0a1^4gyhs#NR1ib9-OB<;7
z=7VBy{+LGnHwfJP39XgpPie@Ksrjf_I~-0a%^%W{5O3V!V|)LJICCMRV500tlq2}y
z0p8Dkhlk<;=0zCsq#6?d4s3_pEj+h(a2PjMWK+G_p=7GJAa`DLaPN`%_`d`R?8}zt
z|0KQSA*5Zq2gecXhoPAYnElIqDTYZc*#f^z@1Xx2g3n#N2`(m;c6+nKP6bzNU{45u
zAp&+k8@>P}T>v)lgS-nv3mJAG<Ih0~asvm*P1c8gUbeF6?RX~~x!@#-h}$w{|Equ_
z!cd9v+cWNcnlo^!c7#a=*(WBKW{;Iv)!`mbP^Ykvb2Sf<q?H$v<7Adb+P01j#fr3R
z522sh4ca~OFwI8@tu!Bok>(hqo95%jWJuj-c@xV00igv<Su(0DklU^z_lTSY;sxM6
zF4U&zfl;O+KO(VJ#vJq;hacn86K$<$hLWh#SYc2%bB11Udox4NYTu(A@KwT~5}#sq
zN}^1YIvv}FFAPm%D`6S(7!X6Gj463_mEB+s4D8MBv}Y?OgToc{PE$|P^D9ku8t$ow
z)z24Vm_oHoJWv*sL(0Hyw@HXwo}WUVtXwHSY2<w1`a#rd0+*1l$W=RS?~9yy(ldq%
z4)jA;WYeHysYTCBWD0I#*v@RgGX{x~K;OW&=Imf)$oKIsB;G-El+-21W7h%<ga3hL
z$?E~Py<3p3bUXB{!d`zuzP9%Th3&c5m2}z~Xo_!x<J|i+LhDd(FaxX-x4$G{@KG-2
zWlPBNl}g)sr>|B(#Q<inMqM+lE(3s*1jGLwlE!LaO_ZJt-hQ?So{eC&&fw61l3ZBp
z9NAB65wS4*Ocb@Os05TsP>$98jD9%S_-u$7{kDxA7FJHncbgImrL(2rIrL*mG<BuW
z#)HEC#tt&Dz1<-7i>R9x@%PL^37rl!24G`j$NV-J;9OW0xa%E`uz&cbf7lI4yC+#*
zh|Aqu({D)>5?Abm-O6-LpPHlTqr)=&w4^_|e?2^P|Jv0WSgrl*0IhgA<zjmo5OdN6
zS9HY}IaaYp=HaYUzB1>Q$Dc$-sjfA>uV1-&OQJHeF9by#k=7jiSX+yEM#!ybxSrJ#
z&h6^mbBo)JPxakS<x1R|8hEEMS(+dMN_UwU5_lN`7o4sup)?=H$V`fn=~`V(Y!{@`
zEvXa}lBTT+9#{cqgZYOT@-LX=o<eEN?Dlh7E6rzV1e)YO6PP!Ty0*Wiy}|GJ6a2h{
zj~r(W(&nBV|6WVldJJK5+Ik*g#?-lONDM-cfp|FnQ7oEq7>@XfSghz^l>+5f-GOb>
z<v9eM3n;JyJuf<F*(~fVn~fj!(|8_{^qMAr^zXp02fylKIqaLQ?kA^}v(;sCI5}J0
zRn8)3t3z_iKU<wE2cxsq*>d7ITP@dqjM42}axeH^<vT^Fp!3=IuTV-4`eIq{+vxRn
zZI?^Io(fdGP6OiVRcStluxP(u(kM570RtN&WdW=FVG#=QA(`hGbl^n0!RB>*=#gT8
zGTy*04yF+}7#k#sM4oU5q^d`Q_s%il85fKNBRdE>jWIDjgfR^!j$&dr*sqo>0l9X1
z_gYzg8TTDJ=%m@I7+q_!SP6EG?8}h^v90ww^P2{f^<SN5*WQ4_H=jo`)jqp+T<GYs
zYZr!&oL##naM<H7Ah6wFl<{BlBh?wzS=5=O!wt-_rDspsfxK_A0VIaM24&7y_fpCD
ze;kG>s?gzhbwK5wLn;zTLS8#S16}YN3;m!uz<c1Bno)+iEmVeSS)$sCt+abtM`hz_
z6ry{0Z*2*?A%j<d-j|78xyb<Fke-2oyVr5sS(Dacs(0E-yuB7nvBA;q2)#7v*pd+A
zU<P11#gt>%cnkvF8{Mz%z{}gHvTR{*gw;BTOGv$MGVe}lnUH>zg^H37O30f9%Cj(8
z@^I4ew#8rYt9=IT7whwasZ65imn<<Dk?Cs;W(ujevs(dOIFAS<S6&;>saq>4Rte)T
zA~_vCS{${H|0V>-0t?Rm?r6yV)wWan*ixJ|Qtz-sp`KXYE@X{;Mw|m*3c3lbIaFe#
znCk%Qdh@ULIh1xI>1pp?GR^eeyEc5DiBrw^cX7aVBRg*Gs|?C6U0X8KI%y+&bnS7%
zSPX>`^V;7CBX!2k*!nv`S1=oo(ZoLMchOeV_cBYC-!arhcH{Rj@w!a8NsHb11HpEK
zzRIgex!xccV?0Xm!D$+Rx_IY;LLoe(mFH7u4ou6;P2it?4UY|uN%8(ICW8u}{=iJW
z7dlCDzFYqUDs=-^`66QUen1qtM&~`q+HZ)};7;h+Ax2H+g~x~N8EWI=EyA75Xix|S
zB%x6NXwP86CAkUs%(PX)k^5D`XFAq}AU0Q%MoPJ};HIz;aAh@)5mb8}3nc{FRVt=8
z87|ohR9)nf(|EkQP>%S_hxU4YF&R<-9)+<0%bBncSWaoMk=d(@?h1*qBEJ|d&fx69
zWZA>uy<My0uIXerLr-BpL)WVO;&TwaQm7P@y}c{(zdB!C?{=>&rHE$Nnp`opZvr7m
zTXXo$!jJ7+-B(MHuf9<&vsbIRDqr12ZA3$A2Q2WaAds;j)HGbin5(S}D=J-nxh=DD
zAZcR>IL*$a>u<%$W9f&bL~36WliB#q#cv3|UGZCn-+uTVj34BZGFFa<iFw&N1;26p
z&cpBh_}yxLn_ymx-}U&VdiNNS!d(SN{I~c+06<G^xDP!H<{`$s%$T<ub6;bgY0P&R
z^Ack|&mM~Sw;K0SWA0+iJB@jtF~4EVRmQx{n0wIVm7hbj)INebOI`BQRz~0eZR0p|
zdbB<?UH>uZuKx_aavMEIJMR0I(M}Viogr|&qHuE@lTU_Y65@(KVqo-N`zoGxqEac3
zdXF#>%7xaT_W1WIQIa#(E!@pcl!JKo9E>Zg`DbK>(Mv;!T=P!^^iFU7g=V?=R~Y>^
zZnrHbHM^@{B@ZMY1S7poT4w_%$W<Uu<@v`c%Na*0skt|Z!=|-d-x3RmCo0Egfg~N6
z0cqf((PtIVI~$vBFNS^E#uUZ?99LR6QwHGUSR@AgbLQNM@96w?yTQ74?iXgM-<k83
zIRG!%#rTg*Z!-bREH=7QBd*X0t+CZ5#KACPl6G&`nwHR*B3s<ETb%|K)}Lej2w0NN
z3Y7z$WW``IsCX0XV4YH3i6ztpaGkEztFm}!#df<_nKarHg3RcG4%;<ZwkKkKAY-Eo
zdTqC2B0$3<L?#SqyIqlYR2E1N!*Wa&4Mf;kwF=7Onjh|+4LcJK?mWzn3#>UOuZGD#
z2iiAwgZ*t({Ixo@%vgNVLmu?1E-)4S7$Rw72M9`IhB4TuB}S05<~JYFbnar3+VzLQ
zPHUY?6&pP8kjDxc0Ist|*B}qPT3iVBWHbq?BMWxq<SL^{07(zTk-eC?CN<sumKfRA
z2(Cm(xGSdHNq1zrV=%1F4}zgmn4bnyJHx6iieLZ>z7xiq5|vX-?@D8@?ol?6>D)Rp
z&NIHc&VMZC4<18SvB%q8$|aQ@bfPVN73cmfelK~=>up`8_mv&?A9}IxZ0YOLklkTO
z^at0X%#VMzDoQifViRkD#_IKGc00XuX!e*?XPQ*E(^O|ULH;{9w*PBlj0?S!We^r6
zoOVLdqxTQP{%FgZ@x$OV9EubRZt80F4y1^Sp68|qN49dDN1K|NG%EWy+1_(VH5OE@
zX1WkA98aowobj;fNuhD`Wu!_$sF<yD$<s(n=MtP(cnc?`1ME3JNZe{Q-RbDXqM*q>
zny?N;-AVtp8}vf0tUg8pm9y1F=zj!OR%<kI%t3^<l{g%seslhE;CXEtL$)$zFZwQV
zVl<RI%CmpM_I|_?I`zGPPcub4j6EH*XJYm&6L}(xw>*r8Q$n;$yrkMC9&S(<4~f`Q
zJLr8lXajU-LO*vpO!D%!_W-cSP9*1cX8GD`u&0CjnUXu8WZ!anF8wMd-9C&L;s}*_
zyTOdM_I23}=CZX9s$0xqtN#lm#r7rG-<#D82V;c}#ta>dqz*j!6t9dNJopThfk_zz
z_S$gY6}pFvCaeTe5r^O<^TXSMI)J7FkkxLaGBF6eyCK^=3^k_uaoA<Qht1`dH#hT0
z6Lf!bvmlnP&CPaNygU-Iy#mX96BXJ!=&oq+qy~l-;5K2=J(wc92@|BrF#Qjrf0v0@
zw+bUPSYT&RogGk0hBs3a%0ziO&%$jHnFs@B-PtP8BTF3oY99_u$G)#|u8}xQFYC^l
zBF;-u9I6qs-ni?eg;iULused*^Sa?wO%fhfY)(VcrlWgoiY9gsd6GgKyOQwzEZFF4
zQpN}T9AofC5$O#H2_HcJ`Tnr4tb>wrR`^;eBa;=imaOAe(B731o$eY$NXAXhNom(X
ziwKr51sSR1r110L9m6%%Kw6jQ!@1f!FALXGT`QzZLBpjhwP|hFh|hIks=OU`GhJ+H
z#`?Jsf+9;hsqYKypD!!NE&D#Bg?(Qf()Vu)nno#42SNpurxdey5|JpZ3_=NOh>C<Y
z)JDR-Cc1*r$izZgz|=wqlT*i5r#mD+3@_w|VTJrKoS`~VjY%!efY0Pw6d3ZQsi~tK
zUkfc{ol0abP4LjE_aZ5R(<~!F%!hZw)vPdM^b^9UvPySMW%aE{LV}A&#s4`|g4lv{
z5>nd9#1>QLqdIVu{h`*mt`7l~UV%x}rN>-=Fy~^gj5a9ia8fjT=I-z>%q)pTuKIA1
zt2V5#)v{{coM#+xwMR7P89bN`OCxSn9aHvphwz8gR2)1DgOj@5%DvosaUkPqdI+jD
zgd)=+^s|3&h*Q;V3J*fTYUJwXQyerRS+RRNwNS4^M8v0|@v(pkf}eYKTM*p5z6<1M
zHW`*RFL5BD&{vk2F{*~Zvevq;5%xy?>O4sD(uze;J*IYMt(bkJU<HDqlR?E0s(xnq
zpbjf0aeG)0$NvQ=S$Y2S+E)Qnj~9W{1~j(BLgk8iIZ8>3e<Q-b%YTx{7|5>xQD$ot
zjTrgE5qXh!!R<Wq7j#Tzi>gS~G=6g+W*>~%hiJDO^I>RVM|&5qUe%;~5_rMXU~g*h
zoT<TBY)zFmdgK&fbkA*}>kLe>Z7u+!{ZE^6cQ>`jTG~WY3Yu(688QD#q1y4FNu}CW
z)|hAn)(m?(L(ya;nhdRLt)#UUwfhmw9U`W{8B<Cja;bnlw;Rls47#R97G2XJyR9i3
zrW!&#rt3e21YjrjW-9MdHr0#`NI0HEXJMCmG3-+4ISUmj$_UnC<Kd&6&kQlrHeZPV
zXt-4{;_XTIBrw}^3NYJq3NYJq3NYJq3NYJqTQJ*m8z|aSV5U8fA)*a_v5Fkp(d`=Q
zg>YPVQ7F+{h2H_jq`P{wUAdH_AL|{N)qHZbTbrwqLcc<CYUHud(ts%qgCn5vz)?DK
z$DT=|*0wpA&ygF)+Ws(QouKvJ-IOYKv=oV^6d<{2t>h(WVEuq2T|~%Dx>w7Yv8}Q~
zK&VAev#T)$nyd(#OoOHrf_bw4UAImD(}>!C(3u!J=vYiaJ<9oN2RxZn`f4F2qAsNn
zAn;^LR#r}>rT>|-Vj{7&ZqvusAT2{zUVTz&9?OsohVNc5!$g_ATAO-R^SCIT=J67e
zU$nb&pS{RD_=SCdJ89fOdmVn1tkPXw4lZU5Im#0dzaNf2pbvzOIdLC1?r0Akv1a~n
zGoX5!QcfsRU@@-K<B?h*N3l(64rnI^WP1^Pnk*Q2kOqryCRXn=T++i&P^64%6)^u;
z(58JtQnFa~GA(U6IGDg%|7R#oP>TiFn7mFDa4^p>JQE+|qAeyvUFK|O`$washP04*
z7x6DD3Og1n;KM1hy(Q3iE2sD_q#JOGYhlM7Yb{GO@i*L|_=8EH8S-@uU^uVW!gq~3
zT_F?5B!mfM!iM+b*tiMx$iEOHVFO1ID8TsLG5d)z`+I1&8w@JA*$svi>-f<QY|nB2
zeH5SOx^03op(%s<8Z`8erRsm3X`O@sm{^GW2Z6WJ67nDr34Im;utl?|lcy(+B<Yb`
zViU>fHY8b&F6yOhrnaSQh8LHzAra=HA*F<PKY6OsILXOi!91CWVOfhIZ#Tjs`41uo
zGJ;{%(GgZ29bs7ZdDb3HW<XPF;I;IFxGaKsN<UzJvKU}qB8y;gP0!H!rS3cbu&365
zAB^|XFnw2N%+m-lv(M?YHwfuHZs;v)8+ezIs5LhL4%UnYWFj;+t(6_Wz!7ZxX~gbf
zJUpj)FmqgVLcV-%s}Y1CUXXoFg=e{`C^m^5IPR&!RN`Tvu}S3mzcpph?kR%esG^{V
zwqaguBgqU6$&~b*^K9E6C$XsYLa&R#u?4?EZ9QwYTfv=!QO1;_u>Ni8+{zznjp-_#
zf`f^xLp@O2RkcAkU-OiyN@3l@!vHczjnnV+zEOoCy$2ifus}G%%uOidOdKW*4u-6+
zf07$Y?HEg|Nc}e=JhTIyI!U6qf)+UoK6Zm&*$o(ihK@L1MtV>kF)e#GLpk+R82cPe
zOT#tAr$N}jEL%)}148v4H;mmAg8eh#tPCyI@B<LfGs-M%uBZgJc`nl{U{gs~M0BDa
zXy_uu(S_%k00=#?g*Rbw1D;R|ln`8aSBjLR$zoKg2qQ&I3f_E?QEoS2@^*W&DX9jG
zwG&SWokb#oqh>J>I3Cm0nCJ&A4f_KFlO!<ZpeIQM(3AB~Qwza)k;;uz%!>>t)0lJ&
zOngi>=tHzm(MsJ2Ml3WK98&FE!z(tp9N*L@1@4Ljb*YHVCh??AGE^DzGH0gkUBqV7
zl_clVGvVX~7y2%zcNU#{2hMiaJDY%I4xZbMMMN3N!|#a=>yK~4U!8|c?FPTyL(l`H
zrE9M)>KQ2o3Hsjo45zTskP#b=miMFK`hMN2V10i9<JgT0VFWR`-lKaGnCpWnz+4|p
z0p|K(3NY6PQ-HZX*cQz7!8TB=4+Lh$+eJ~Cn-{~r_-53L)=|%17t?M6#ww>dIg$nm
z8PS%dy{qqo*FTA7%ZW;SzM4*FR2@9!-w1GDVenTth{l5)mp%n*(%b|@prBrTCvWzX
zI}-?|YWez|aMW&~(=NJWwE4Hp1D#-bs&n93rDuhnwD}LfQ@G8hv{Hk~7L!GHYcUDc
zCn#Xx?s9;jk^O<GN>EBTI7mcUHJ(AJzl6C)3z7DZ2B!b85bu*hq^i58aqKlJL>e!N
zN+CMzVtP^`aG^6%#G}?*sbfV=D+K|?+p9Bc7lVP(wz-7o4^$cOFcE_2rdRV)#0O2I
zp){?*w&KCp%8*ygbPw%V%mmB7{V-^_9=Hy_4fxT$cndzdzAI(1f_o74-d8SWw>B?9
zI%WY_GAqCmmw+Zj4lG15-x{o75^6W*Gzhm$@B)LkgWD)hYmGDAge^u%PiNSo31&-y
zdXHVS%-Gf~*cltp#7=|>rH*R0*ikGgiPC26E0xOgpS6n}LUfv!u_U!yr7l@Jmpp_*
z#uO`21EmGo@Lo*2$B?3Sw>{OK_O2lPF=4n`;$J|XIy=K4cDpOxPIRQHqr$&%9ubn1
zXv&~U>VO3KmvM!;f&-E9**op_RFl2JZcj_=+U*%BZM!>wEt0K72IQXU(PV-&IV22E
zygLT*e}E=-LRu&^aConoIzsIR$AwvnL2+55^W;!UHb~vBlx&c?-6?LRx;?4;w=Dh@
ziXk<fPut#=$X;t2j;rF155^rI3LO%&fYX?O@DNI>T7<G=>gtUD2|$8QU*wqlc}AK`
zuJ^>H%tku_6k*d^lVvekrb{*((i+%pMM~x{VP(=qY)ph|1L_JC2gDU+fPf|gNfUZt
zs8BWyO*Rcp84i$n+tzWYkn1_;G}y6lw~d%FNp*{mOJnl6mwEEs3v_#AZHeoJleNE~
zPnsjKbs5&-`!5feO;_aA#tlcT)w6q9o!pB7GVCWriv5Hpn^p92c0=25D`(Swpk*|D
z0>?pgUK~Cu73`nS6agH2R3vPRbr@YogFvybshlK;snw+dJXV;AU#)2-J;Mj5jF>y@
zbCmV5j#btdi-ZhVJnuU65AUP+7?KzPKp1CTJ_TVEB|L-{VyFxWTWz2nFj{1jwVH>E
z4JTZQ)72uiIl#s-ZIujQ8Wbf0<$>p-1#Spr4OtsUw5o+v`f68tvB-n4LAB`lu+hjj
zFF~A7NIzkDxT!x6oBH{5Fl(i!nzZ`E?fwV)FAs0c*^C6RD7l<QvUvp!P>(BNvi0dp
zlioDxPcc6IW8ISL<-Y+ZSucwxcJ5YyNH9FqyrZ$>xZ%KoH5fGxRBE*kIfe#6eNfbr
z=0mKnKGij@s4^|^)Mo@ffg-L1H402&_~CycTP^9p3`ew+wERXBr&_>d$oepdY9*l4
zu`Ued;HJ@&m_s2Az6wwoH*c{m>yy$}1PPaD6g{cUX-bK+X)N)hsKW)bP5Gb;*$AT;
zb<JG$EoL`!j|$k&(3@J4F&B8am=nBP%(aSl%r8eLSIyFxPah9p*6AY$FjJKgq3u{)
zF`tb0dNAU+>O-oAI`ySw?-?t>NhLD4fS^`%yBFk(5DL$LZD_yh;YA)i8^Cw^P-k_2
zJJVB4)V_z*y-#7}6(AVQ%m(By5oErG$y^bJnWd0@BS@}xIvk21G8@@<CaMfIEYC4;
zDqV)(d-0oN%)Buv8YVpc+j)|^1~<dS!yawIydCDd@T+bpCexYvec%WC#rDO}_M^~t
zcWApIwA~!q9uXU~agok9L+Bl$?XJ-FKcVfv#HMjRhWhKjJee4()INjCXiwC>&I;O|
zT&1*}Q%-m<a|>{h-J7Q%QDVH6j<P(QeiI3x0ClZ{y=mER>q1A?jd65Q8<RH_j-UZg
zu&88FtH8Sfk;|I{TV=EG21(JY)jc}~=;NlkvIbqEjBersqgf$F2hahGyjv#WvlH-n
zH}>!yZ%^v9QxQPX!V>^MtBg&0gHcMx7>;1-ea?bh7M_)1cl>K$t@~+LL~`Io%Alo!
zNlG_NxkwcK+{tQ7w{iGF8|XzYNX@e4JAeiDyTq=th3_g{cACG(c$-YTo~A}=N@!d)
z#em7CgaI)nlth(angN`VsQZx=eqh@<H<}t5Qm00y6-}*7QCI;@l<Q_Dj&(C;DB5&}
z>Ta2#P=}mbhG0I-d*`I=%5YTEZpx57Az*#E^8Dv*joth{(!(JIt*VN&IW~Om-=ZFv
zEEpg*SwNr-(nX+IsWab%$lPxvos@)}`aS3q*>I5;Ua@yCJ6A4R<o$+=yt|PY*dXle
z(U!rIP!>t_+bVpIdVmvrgd|!URbsK;8He?qkhh{(b}cog)eiMdVLJXkGL{)MOzTOf
z7iW>r#IQ4)*O1y{<lTjURD(7X!4Hr+CfIvuB%Aj#FXTxmO>s-!pGUpx{7IP1pJs9Z
z5{x|<O@;3^Qz7J1;`4uVO2n*3WW!mH*kRUFBvnsR`VEQcr_g@E9ht0rbC0nk;L3Lx
zg<(`zzTQKmQe|1!fP7h>mU)udWjm~w%fCeua#ym(k-L?TiOsS1At2&9*0YHF8Hr2K
zYn)@lDBI4lb|dtZ88&js3>!LSh7Db-ayU_+t3AbuN*KpjGBU>=dSx($#pYN>*Etr`
zX&|lU;jYRsWE}M;WCBRQCjASVHHI_^+4&)BA{c|-t{{AlkC`sp6pvAX;M^%fq3LLV
zVcD7F5rYx)J0WH;B9WoFLi6qe=^Ohxhu4po`XU^hh3Wqa;Lx!%`?}JN<Ix5;$@u*-
zfLT}0L~v%#;8(_vlT3BM_I|=RYE<gCQ*A{Z_1j|hdxrt9eI6BMdra?=ZvYWpSmX4D
zy8+s5GrWhG5@{AEY5tj=dC8hfoA|HhTm@Z^C$0&u@kz`W>P?gvB@?}wh2`4o;hBg@
zLS$<PY}|t=GDh!@SpzJmV=b4QkXPd;0OIKOsfcRS5wS58KlCuW{u5MI^M9CzHvwcJ
z#$%-V$Jm%ihcxGqe>OedRu&y|vYpw9`a`dhJk!1aX-k_l1cwGoqXQX-$6=4P5;tx=
z{8+r|p+J-|n#308x=nP}LZ!ZfZ~1NOQQp?0es~zPz8bx41KVmpWWYaDe>if)v^0w$
z9JHrP6^c707xnQ~@t8=7jxyvlw1b3te`hb?M9z+(%8qTcMZEY=84~@MrY~J~nL5@#
zk6zXJvZHO`%3l6|N*{g-iK4!5W!p-J!(|VMJ@zy%HO9Jzb|Ew6`M<%P2Xq~cvf{#`
zFKvhUDOK*0hp*&9Ij}-9DdtmM=`tQ*75*bFH(_xdwgY;7^GT!-&KN(VqyCr+_*1Y_
z-R~6wC7O>-3JaCZR}3qOUHggwl9C%bJJaM*omWi=bJ^nzhk@ATJ<le9V7=_U7d^X@
z@P2Iol@@@`kK)I^pAs#B&!WDQy;z|TJ?{d<NBv5DG*}T3{fhx*){XG1AA@REfp7oS
zjz5ZqMl-#{X3`-mQJwm6Q84s1js?C)a};>Wa<-DgJqS)}^NOs@=UA6_jV$_=BP=Ty
zqFZRKj6e@G7^8C$m%MF4?nZ}icgQ7!(ZP;G9~XVD_Zt+O1Do$9?BZC~=VVTrKrveA
zgqBZ))IfgE_rDVT5XFP$BZwZ0QQ7Ni89l5by_aPD8(qk%q0AJ4#t8CPqY|>!L$n4>
z1vjLEO{ID-0bwv>v55O4Vj+XeW7!=3N~D0h5EHc~ki^k34y+BhbRk5^+>G)~&eYWB
zufF#m<W@?SOD>N4NuFSzgi+fMnNmVcF?u}TwC0<R=L-oqGb%z&hf@4l%?#hDd3&d!
zjJO>wSNjU9R)#Og4ZAf2HnryfloP)>2yAMZ4+Jh;b~nN?_ox((U;lHsWl6?v2{J80
zDsE9PZC5<?jVQS=Z*YytVQ1Uv?LdQt35>4j8eLHtUC~<}T~YrjDYjN0zZDTER*yuS
z%r<dwdkliq|0jr2-PvR@i&-R<`frogG^W+!8Ddhx?U6?DnU_Mcri(d9<o#z+?qaT(
z+qAZ4M9r>|E}>JP{mcPMQcR_O1F2i7&}5e`79h0OTHUG3I|X$vuT7WQ?P9*O*j~Rw
z!cJ>G!LZYKy(BY39;(q@%*!;03mB)BinU$P48@|hbCK67TFVc_2Y<KV$I0pI#snMD
z2CLPNZxJSC()17D=fjO_hOHej{sK4%PomTNEr}BL{mY{XwPTzntdAh>&EYs*as`}r
zgE$W?SF^X&+c_!?r!$Xu#;spQL50$TaIs>d!`JFIVYQ{CG44RWk|mhdu1szd?YJxr
z(u-`Wp5k1I8IFm;V8r13@JegPv#fTOl{D=eKvvcaN~@n{cwyhTaG}fb??dkiu64T?
z_R7#xj!#SX(8E~F(tGTFGI>8oaHzwr)rdMU*S`Rtfqnyu`;5`YZZJ~)AP@!r>%h5+
zD>#`e2BjD}xF3!}o*#r19XkyrWN`RGoc%Ev3q|-dBFUuwCpH@9ZYC%}`6^53z-iyW
zv;Gy;;_{$;$wTukZ0tQquK5g-;DIT9oez)ep%s#z3!Hd<N0)0j6<R+Mkmd^ri~`c|
z-vxlNo(e0T5oCy8YjP%{Mo1_W_=XX=%A<p(L;=e}4jU*+JM`v<c>9yK#IIRw&L58T
zHni>M(J!TGv(@cQh@T+@o}|hng}jRgh}tmjw0$+XuAv8UpYBYM?6n+HiP){B3GG;T
zIY;IGko@mz&HNh@Bwt2e@fPIgNQQ?d)JUpPJxa6By6b<3@B<ZhjAqU`1PYsIA;kc<
zRgJv}aNap2?SBj4`e=w<;t)kzLnh%Wpa^lyajgf=rLk-F7KbhaUmx2yGuvimvu`$?
z^#^=Q3vyNkCjWHbtlXZ|Fzp$yD501RwNd$J_SRgeMUYY923vckJ?nME(&L?Y{4@N|
zi|hwM8~=`uMDvd{lFi@HfUx`}F_X>Ti|IE1AZDuhCo$8_KZ}`Z{)J|P3APreJyZW&
zSQjXF-s)Bq0(_IE+=6Ro3|DTs^3Rkji2}J=GAUPk&YNNCAa9+eL0@yZTvM);DOcK*
zD`U!))pB90@wb!9*Y1{sDz1MaDj{TTIAAD&Sv6i4am2Wc0~21iDd)@u8S7KP{R={)
zS@nK~X`P5qSA7RGBQCXq<VSq6^w|+GT()1Ok@N>(NGHyvFo?tWj;68@zNQmu%lJ$}
zJv&qNqv5a{(!dQiFILaex(&8vx&CQp_dC$+xfAUh^0iN5#2H=%V{ALE@GV=cHjXj6
zwp^p{)w4|0jhw1XAVB}m6l(h1mwP4^D=gPF*H}(au4_K3<pSMf_pU#RdeQNju+Bv}
zzZlXn4IpoTV!9h))tN`SJD_I42cN$h)@gO`xR?6WSHioH>67Nq_-o+GG|EMEig%LU
z9D`4jPB+vFVIG5DbnBN9r%BVo18A2fxCmJt()4#l0-RCAu{iEnLdSl_XE!)hZ8!)k
z%Sw>;otRCu^mLgx=#+~aqV+9%sLh^?=^Hm4Q*xWc2C<$gc9Oyov<I8$S)B3IfU;$V
zu(Dr<^9!;@>FdV&B-%$zTJJ&nx5^kvBF~of29GL4atRPWs!eB;B3#dbUCgy7z@kDl
zKDwf36l#M+TG>t}g;|hB0vDZnD4cP|WElER^FNojs%*F9ZFtpxl+`*CIsY4&+><`;
z;=uQtuzRm#eP698Qkjp*7-4}}!5(J8L(x9D^?%6LPtgO?G@bsvyD<GU(}Y27Of_}9
z`OHFi#b1K2yiMwuL1eDVx-*7(X$utNd4!WYc(aZ99Ly{6`x1U<Bj&e_`EJ-BfZYvl
z4uKAk75^<h4gjTDAYu^NGq?KRfrcSA9R-=)GcipQ4J0Ua4Sg@A8c;Jhrg$4>1#g~G
zJwSLXLbpP$xPsC}4Y}yibbSd(VLy0Z$?OSaR!TndSD;yPYmbnXFc;OnfV#&LP(p2H
z%^3TG93RHs8-xFma48HlH2N*7AxYewqvCXyGPT|hB8yijP|whJu<EnXl9y(HdkOc7
zXRF=CbTNx1V^#}AkFCWl3WY_E3BBlHT;KnO7%qb`yF+{JWMr!dN!3lh52ctiZ*9KE
z>O9lxP<r=})$zR5srKF5W*pKcc8vXnOp?45N&oF3&ExKgnPVgfw=a0s-EiMOMmO|!
zVN@Jm)Na_!puyq)M$}z1%igFw;Yy@?2m4>SnP&(b>W1O(k6_07CRn{wIpy&>^=1y<
z6NPN;KTu3pS666ZLUG0ZI^-$0txps{9}ps?A%eLpWqI?Ju3OfgR_CEs0dtm(wkJlA
zN<-wfm}qN)daH5&6A&oF%Uc4U>W;jotpi7-5drKS?&K6OmW@O~V?fAC?|!_IL11q|
zZbvqbtT<4o`ev){k7)K?SgaKAc+O@)LKYN|<P1L_pi_oRu1QAS1@S5W3DEDsjTKou
zxQ;YZnuh8}48IVh0CK}?mQ8$~YM~4W*Ic7|vx=ZD^%yEB(kwC*d|80Ah_ucD8~}lX
zEgCx5SfPWBsB@+*kA`eQUb+tj!P4HSO``#Ffa5&~B4rY%C?rPL{)E9f){f57EU-?G
zHmjhDj2rCAZB_VO9BO9+TrEqiec6Zxv}r9?$l|$)Yby?a$g+lEehK}q*OMs;x7c8N
zIM@^3v=-Kp`*Zk09n(#x^wMW+ybk{cC1U)25dX{Uw<1{EoJCM~Bww9jr#JJm(!Zha
zshCF3KOyE*5=3&#+2z>2EtY=??@81Z`b|5_h!^IJ*wK3{3j(*1I;tB2%Cg#2F86uR
z*8d_d4Mz9Bgrs=3M;u><!w4E79}&=h0fbjON79=H4s%7a6bX<-UQ~h>W*KUhk+4W!
z^^<25is`gGq(G&~^5(3@hyG*{TRfE!??xALDzxs~fOjDiB~VIakRp^2@qnVFgMl8(
zt}~q?h0&Rca_E>Sdw`c=5LQ0|g1aW=(s9WQuWBKznC%qlOjD!t3$;{g%E^%lTA&HC
z{6lCJ(I<$>yLr_!!;A2nH;Q2grHG@n@!-V-nz?Iab1`}U@HBB$;BfDMxeaGKi^;(h
zB8a_|8k|<7oNhg{dK@(k;=<HRxryl;N_mwE<&9J**KaN7CZqZLDB6)f{96GZN-x5$
z!!MBiaP0Fm+BzBgtVWUg52k9@AlGWL_IVh1{h30;+QFk1UYPh2AfDW_M}c7f{YsXT
z!3)U?t8F+m{Doj62_117dJ@)!(`h7|MRrT9_6em)Fin9AAMs`2^WW@)!nI~?e*|Uk
zUa*fl_9!NUyj<ET!n7Qo?LHoU-Uzw~?8gQ6iPH<U`+#O9THj{^`Yx*Y5CA+p7q4op
zW*<w<`4DpSzYVg4ex(|aq2vAlE<Hf@Eg(NgO7hT|rbtS}rFdCG#J~DXj=X1%JKwCn
zJ*+O3y&Y!ld$lz)kWH14qtZ*BhlX^#42mGBD^0irZS)lxhavmU{z-?o0;O$s!lrIh
zJ^flexU)g(#QzG?ZI&3y0B$5;25TD$X>@*3-jU7gaCW*CIE%mq)QyS<-HuRiGIS=P
z(4%h++e2vAWN0^`vOgS87vo`_Y!k<U7#Gl?XA#`>Y<Vc0YZ<kGQF+|;-wwQK@&5+0
zFNe;xxbFJ918-XVozP8MyuU~9IY^uqzl*(S2rqj2hvLBw|D&0p+9(e_9qn=_+eLV`
zW*6&Mt=*BeC$i2IEBTg0@L<YQ{TLw8gDHvipTe%$!0f~rO)UF93c8l^ufw-~EKtcV
zz8ifdvHo0!T9_E4iT6yt)-6==9vB(_UisdKZ`ywZ-})a>1KGu7uM_JpX2drq<dJx2
z+V^%0cY)XaD}uo&BAeN>>M3SaJpuO(4D+?sm}h;OcpX?PTpdh9iS?H;$)Us;O{(|%
z-AIP}4Sp{yFy_!m`c)Y9?InR+ZMQH1+{)zER{$)F(QWHbEA0q$b4b5awIdM`4_nLd
z;+(7UxntVWYxNx=@QTs|`Z)&CIEHMwvk<`pna*oyD-bP?G!U%{jbw8>X+~ls{Els5
z?J0k+y&u?)jN+*>aAd6M&~_T^_&R`{28XS7X5`9!c3g*~cWk`oe%O+~(_pR0V;<U<
zod)}{0;ESf4fbXQNWXR(Y#v!}$g6ctI>Bv%MWRi;&Cb={Xe^1U48F3VQT*ZWI}O(C
zz&=2VmRPEELd9r1TRhZTPj_fqx;Yue8phQ_|3vk%Ur-l=fB#C`O=>pjQxI}WRYAxn
zHH7m7Q4co#<zUV7f0d_Xl8mPfzFDRRPLO1k#c>oJEGO^9zMgk6MuDJ&YFtM$l<ggl
zE)8wQ(FM3E)}6EQ&^BxI$hEmj%EM#uS*|)b0Qhu~+WfB}njVGIbpw??zZ%U`I#Xjm
zOfX>{qnhXu$m`w6YoH%prN^#}cOYH&O78@~ptd-=$WB2@fOk~H11#>tRjlKByCgt9
z%>e2C@~GTJ`w8UvHRL&CG&^H72ZnbHiHOiFU#*)b61j>mI0Nk&e+D=g+v6t1@ZlN1
z2QDt`2Mz$4JDQGUOOSaPze1?n;d;>N&!!e`KM9g6CbQK%9>xIOa~C>rnY*LU4eyS|
zUM=2hOX+)UdOw+Mm8>%^*Y^&=>~L&TT*m1xru@e`wMEZP?k><;JOZ`2?UfRgm?rRx
zn^io&T*e#KGAj5+TF@n!1bHl({e{Qk`)6N|+Rfyl*B5|C5p^V*;q?XQz%d^`9*pGx
zqI>aY@iA>p0i*C|xw7&bDPhOzAK}c9c;vcCAvsTD7W+HqskF@3Y5!%h{}tc*-JHW7
z#s`m~joP(CQef45v>=>E+O@>TBj<tf>^Zw*r7#z$WMr1l_<gX~XK@<p7eppz)~*QW
zAwG`w6ekzMyA>0LZv)T#w@5Dix0m(pI?~;}P>ydz^(Lhz*MP@eTlogpuOMr08uVBE
zuYrZY#atSsJ{^ciKj!`aZwKEkBpgd-j&GIyRx2vo#hC>#=54s7D{ZKrz76>JL@~7<
zS`}^bqM7Muy2XbyIX~LC4S&a7WD6MWZOdy2|1hr}44VICUaX@-fdgd`6s-RJaV!LW
zO`#aZ{d{a<u#h@C$a{|9>0~~LO&D4Zvj-}5LfO{v*YSLs&V6q%>Hj-YWZiHt@tbH<
z(+=MHfSly2vy6;gM1^U;6Qsexi#@Ha@zATZM$i_o+dXOv$lR@ONgv`Q2QAS3?PwZC
zKalwq7nf&oGnUDJIa(FsfA6ypP3y+M;8U-XYtRRFuzHtkzI^|d`+WLlw#gTBK{);6
zZXmNoEL2D9dJ0*~>8KndYvDfZ1)w9}Mp;zsLQ#QGehOZ6#*o9voJ2$~MM=}rnTVx%
zoBj@BxdH_qV?Be3L^YdI{yZopqztI`BM|7}a$)gzP!#P;s?4mzWQRD&T>lRyw|+lH
zqUzuDwS-`QFD1#Sz6UwhzZnFxh3C<fv6&lpj)l5B+D=B7dT-SDzfu&VejWDmz2@Q3
zB}2gfmGnd&YvY*5tRuDEZ7b6@Yi?T+^#z(R(l+Z9wR7D+2G}JSr)3<GGPCnx)j8TO
z@+MFu5SO0cJ7?IgKyzq0YJ~kpxV1(1R2OQiP8r41DD8+6GI)#bNvR@Y6MaeeBi!{4
zT)x9GAzN5@>ktRM`W;uuMOyGsa?#<+@KDegt34-DF%2mg4S$C(b>Xca^p&~QU1U_}
z0=I@UPx-mh&Ygxim4pLLdJ+9?jPP3p{O*eI<Kd+0vMKPJTge4TV<RK0Ii!8Hb6~4|
zGR})`k>@Ing67##zSQ0Q?xcM8m?GbuwyBpwCgEp+0v>ft!MY08ZF2ph$yNCd%Fn;Y
zynNx*W;ojF-te5->pqOdpQsQT;2c~Sxj6)yR&%9|2d1fMDj7HGN^c43oO?x%h1b!n
z??>g*7=vjIT6NW(!;OI0?8$=vdpQB27-qXX#5}Cb#buHZ|0L9uj1%nQjDVvPBEl&X
zk~j?OTIlUod$25}cPZr*Q^Wa60plKbARt5*KC%z`2wtdkWnQJ&5-gk{I7nFhuZ>=?
zZ1K-5rFw|%pB!cv!$ycq#x7?3dgvX)ChHWlicQAx&iZ#?!y#q0?acAM)|z*j9<R1>
z_t^2D4eWog=FM)KfnW&p6YKb8YCpP19^31?_u1e^#Es<A<1*!0baT!GA-3*j`*khA
z>Gh!wyKAT&OF*7x!$pWg)2cnSY!h-qiU_k43u`Z-uNcQpwZ1LbR*D@47ahb6IT2`@
zbv_Fb=m;EeK*Wn3@Mhg}A)m1XIB?HGbXKQRXH`y8u8eE04nL!stDCtkJe*hE)y<T)
zf>Q>2%mVpu1K|hT?0A=={&9E<=~73vhA#F4mQg*Z!g?VBfU8-90@P>0z5&5O5iya5
z66pSv2ull@Qj6?)I!^P2x|Qgy?Qn<Mm0XcX?c^!hP1Y_(`T<jFW#p>YZWV}^FbPI_
zm#K8Qh_l>Ni^9|Yx+pvY389F>Ax@{FVq6rSDi?W7jPHfe(jwcANxx%O>_|cko^BO`
z8&P(a1%@gr3!F2eY(9|1{%fIycUc#-J?wt)hV&WMV=LQ?-U#fg+T?BNnb4WuiZ;84
zZKf@I7+Mw_m9+BPVejqO>mH=*_=ltMM7%t97r6Jnh<SI*I4N8<J!$spbS3Ciyh^i>
zxs*x=r9>Jcv~osu)iYfyHY+%p?#isFtT3nL#aCpApdVZUIQ~13>)1sUno&rW#zMe9
z6;}uQYw!VG60C|T?}Ow<)^NR&_Orm+I}ZR{4w3eM4;giE82^v3dj}##@C#u9y$b-q
zf?D&E?Geb(GPS?3f{hG37968C=Bf-=Q2bIB+s0kRtX%wiD>9i|-PNG}KA<kLK9Tc@
z43*VV%B709)!=Gx6Edf@qE;*AQ<t-p2MUGS?$-c?f@$M?IKHvCDzuq*zt3ySUZ!nH
zosi{dDayzpqV5`T7EZGh-LQ6#_<~fwBbA;_bh!|nOPCS)s%EYV)HP(JtRP$R&_Brm
zQ3&~Flbm7Aow6uXxR?D#y@Y8HZ%4M0u)L${T`slV&`zn|_MzTd1Eooo(jDpA3$S@7
zU`~>K0P`Y^Dl9(2Rjw=Qhy_<v`tW*ON3z51NO|o<p+OA(4|Q(>Cs$GJkKehs``%t=
zCNr5y_bi#|fn>tXbk8I+10e}p022gdivlx2$O57Sp`klL$<RZ<?WrUfcVj>Zf{5Ew
zT%ON;L&cRKs634CiL$96_;7#t|9;P@yL4v~@ag+~KL30&UH6__%c-hUr%s(Zbt;wS
zHB>T?*8yk*m)ZK!_1_)B6bTgn3)+J+sWC8bg&@m$RnL#yE%eXNGBv^&Kxe*9j7A61
zq6|rR&3pUI#P_qkX5NdfCvinK`$*Q3&DP+k%9CK3%s5<YQeV-Dw%d+=3ie~m?*PW(
z8o?I-{;-RX^<ZRZqZt_t&D<;)I%QpB$dn8DUuR^9F<29b{7?R@c=cF)hX?DMgtZm$
zJz?EN?+D2@M;8#IPzZ>12b*9}8o<$Jz<CEZ?TCS{iamC|S)_7Tg~>a;Vc*d&T`AZN
z{SLjYl8}o*hO02)p9UjagiT{c#WvyE{+=0dDJ}p54>5@&k_IAi;ZUXPyH!F{`z++i
zdG8>EKV;q!k*W1)M$JaExcmDYbO9ZZ8;gko`V89a0R%DAon4Fs?Rk|pJpMR;t|tij
zQ$~9a!h2bc=Hf5lSsckphX->DuC+c(Ni6GaZbJ(<r-pN$KZ^L3^*3O2@YX!Dg<XCN
zN|1WvWF0e0U;9aPXG(4_w5OP-LQIpY<aN{DP9vC6cSl<tLkUU;^Q`k;r@A%JC$o^o
zqk@ekl+Q;mDaB%v&*l7^SxG!5%%jxTw(dfBAL=W$!_6uw#~(r!a3zd?BaxOR`O>Y3
zWmc<NRjpAdiMAAvPsilYM6!h8Eg5wr5+z)L?)byVb<XHqbhoZiW&>CrMH@xRm$cUV
zlY2YUDv(0kh<Ycr-nuwmz8Q<fy`8EF;x<ea!7S#{uyZNn9b=ukUE9Zo7T_%()#o~X
z5mhnb7p$LCek<yZ(f7aO7cApawAhbiEU-5m>2JN{56YhyD2Z;`#4@2P4ja548?Fe5
z&vU{?X=8~sXx73w+~B_tiFu@LCcfq0hL1761qNjO7<e1qhM_E>f}*b^a0_V{(jRM)
z(u#$(aD@*VJ;o0LJw}YfMtrQpI`jlf*63W9Z$P;}VY$&*fegbU+*sRXD<8$s3eI)$
ztM7xZ6iZ=#*+GpDxdJWgnZ!bJUUetx3Ixbc);*W<AoVVJ?{h0pZUPO8<GRz77O|s)
zfGyb3!3cmu@8Xno59GG{Nh8W@^jkvgSaA*RzHW8lFG*c1V@W3`GglzwAK#0Y7<uJG
zkXN8(z6qjKs{DTWy$!$BizpTrUu0svhEmOssB&%+_z?z9K~03TYOlcO#igJH%x9s%
z<6E2Ru}Picx{)v2mR2_nvk(8<Xm!}HfFZc(tCr;OajmIR0n#>`LR4qT&dzl88suAJ
zBQ5<9s<Y4MZQ<u_{49yf8<2I+ST3FHYE8h*-=mn}|B&T*#g23`2E0drt?sZV>!o6H
z;2C7okpe0Q)s+PsLKRD19TZrs$2E+wJ%~VYK3(}dC?$|KBfFF@qm(A}^H=bP|Djz<
z0LLMjm|e>L&o_Jo_;c(W_<X}hB^Kk*;*|dy&Nt)(>wEuWn&H0r;X3>9yo5&TfNlDG
z&CbI831SWpry)2{;C~9aNGtQ?L?-Xk{2hGez~>e2(4tY7W@{kG*BpQd&nx8hAO;RB
z@SMPmdBzSCXe8uCTzNK=|6;h}NC%9ZKdsp6DUYndR_Fa!BmRE~|7ko*u(vB)c>;Z_
zN3mpD57z6LD5B#9*!jnb1+5|H3tY@@lG7ppoAo)7@~41-p2Zoy5#&;T7DqPwc@_ur
z7yos326i;hxB4$oI~vL;+=gnvwKb_n1pc2R8{j%;PJru)R{zTao1e@+{afYXDy6R+
z53itqg|vAl=OC$dNVCaUT#ee=tdS9qa~W+Ab<dETMEEB63=25O){7HEdIzJ8ND2Hg
z<e%;rLS&LORQk!hh#5}SUG@}NQ27lQ+ZngyVU?ACCNY$!+C)CQ1|Rq$skx>Izr5Cb
zk!Y{y3pO7aEsRcaDSWw%FQh%sIste+z<D4l0&`!8N7fz2Mlo1kh=6%yA;vZl)3JPg
z9YByV<@sOmEOt^o$J~zExuS|mrPXrs>nNVe8i`5Ng&#fx9U|BtR%XL659boJDAr+x
z&PiqCE}iPF=CW;vnDNo?-DJBrv18=$o^9A`!6Amq#h`3DRrJJp0=zI*-Yt-BMpl^r
za!RKdsP2}~D<3|N-@0@G_#rebM&*!}ZTFTO?YpzZ%b}dy(Z2z|`3a+;SSL&IW?-D+
z$6b8LPiTx??WwMbj#OB0Fz#lb^@g>NJWoUV<O3qLXS+w}8535Rlj$6OWkKDZh4DBJ
z!S;;5cIFaTX8(o(>u<R0R|{2b+`5i54AOHQEk&HAMbef)p#oF%7UbE|-qM~L`$c<Z
z;BQPS2I}dN;mXZusM+agbzNz?34lxl5F13(aEXpq&OEa!?TFMq%P1LIqq&E3Kn}EZ
zDE`o_;oK9z4+A`~iKLy^k%%MuO;P4K!s?9vvZY>82@g$?{>@AP<<CLw5#CD%-qmt2
zijCRgev1?zv&EHnvBi}qm5HtfqCXXx=yQl(5+jU|nlqTq{I9VG#bK&wDd1p%8~H71
zBQT-Ra3eo-M*0~5&%qy8cN`0RU&_N6Mju8?JKP3a-H4pTw(Avm0C#>V1MHM(aES&u
z+E3u68eFD91wr)|$VbgfZ;0~cj(-PMrWPZ)vgeP0oBjyGU4LwNCK<u2-UorKxwuZZ
z`#t|IRJ9qdH^dkqcs<VG%#Ht!lvnkcG$mXA2nLA<_x?N5<s!eNtAoS}-e)2k0Neip
za&}X4YPG|tBabH)#nq9aZ7p53OrT#b!C#z?0yyqI4e5xo^<u=|8}T#YLy^%yqS^zz
zsFEolH1+`=aD<LMN!tMHXG~l2BWu+`I8lncXJqys3ZHMl)=a~q?8u~?^o|MDVkE|&
z3Qkm|=)3_}hrn?|K%0)$+aKuD_toS0-(|~`uLf%XK8|%e>h_<&C)(>3YSg`6a(6Kn
zf=@f;_3~zRedQ}R0GBUBCg!{BA?kAK@7@3X4w}Z~!o5>f?of-a8^O@d>h>=;cVpYX
zy@1Ppj7y?x-1HSBX~AW7e&+@iiD2>VUy05wy?@Rguw)l)1o!JkaM*CFeJK824TU+i
z$>&tR+UhIo`qH)zYU(?>$?OMDHTAtqpDzf`2|y<zUP`cF@b5<d58;cR7)Y3d1L2n?
z)S!fK%Ck6U{TFGrEIcb)c@KzFnKZ0E%Vb!=e9oCR+u7V1pQAgF-SAp$M>kBy<Et<w
z7G|rfI_OX_ZHYa0*Q88Ncow62otQCA%Uipb<1C2hJm%&6j$OsonCFWpd&BA_G7Hx#
zDin;(0psq19G{%+%(ival)x>-t%(pOi>3r8nUpSXLbn?n1nQfAc017b(hwJ_ToA#N
zM_UBp8cJPquurQWWZR;DM83V%8vjYK&w=Orb)N$sTqsr9WpXGS1nJlvt-o2QV=|%s
znq2(nX!q7+=jp9(=jl#s@-(;(q*EB4ClMJ!RiQN;D}nROM!6y3rSM^w2e^FOl^&ks
zxHiOwcAWah!RdQ}1U!Y$^HQzuX%G!k;zY5-jUr*asgbZl;W1&-$PU~snJ^5gXT_DE
z?8d?%(@~D~#Ki13@G;lwCJO7YOrggcRK`7xbSAZF^-w$4<_Q}vbEQZ<fA|vQ5zX1r
zZrhCWHnJRUYXy7bZW;=DJqv<MN5Ew|$1390V8pV6g8NOdl&PE3ySkKb#@+h-gk1_i
z=+;L7R5>Pmd6YW37AM;WIY#`OP$<;VzXpf(Z@_cqD0H!C0+)Rek!FZ+VGyC@@B4K@
zJTEANcOy$oc9)TEM8MoPNo9Illa^ST6{LPIk}W{G_r}sOD-3tn--}9SlVy5($aQw+
zJ-PN$6eMybm8dR~N|==|hZ)2~pP#aoVxo_{i|8Xyrj2~?kzYJp8~yd!+Gy3j6|Qe1
zxAFvV^cO)HgLz9|Iv|giSK#L#Ye71ajasnK;p3`1oN*e&nS!9z+Q1UT4!&9YDs14E
z6x%jEQ`@GhFF^zD)4&`%A4hZia^^Ps3u>tv<|Bh%CcVL5sgR(5BVIDW7xq64f~3n0
zaS}wiY1YjFDfI=*t(LyZ@qnhW7fttFvZxS|bWrlH`;C$Mf>_Q&m`OzG?*Au=1A0QU
zKQ|9t4tm1*2pFfjj05H8jMD*~;ReviLsDOfuA35)L?4-~Vf(IkWS-ZD-MjU`_*r-F
ze$L&yBFr}LhLF0zY`z^e^27l*^jLmsuuMU(ep^qvOcnl1--4df{QAbv(EK;?c9)Ly
zev9h>?a(I(T@$g4b{v|MQn0AX%63nzfa0Mh)4j~p>_Bz|TaeiDWz)dpPzxLpor6q+
zy%z3q_8qYS3_93qJmL(>A?IqDX19^P2*eQqcOi*O49+z@LBR%Lu*dK)`$@hu>`5{+
z3c#G>#{YMF3@DQI35pbbNaLQQ|0wbgWm(&zj%%hpN#fqHCrJ!(VU47p1OX1uv?r-3
zG^FHa<8#=}qzu4Y$b-F18<KzDWh$>x?!E}PJ`%N`4b~(lFCa*T=)%Xj*_0x>%}z=h
zRQ5_*+*I1%6ZW#%khnYCII7!GbB%Wj-8<>C#!n0Oid^fJz~j*w@hJb2*{dkOIF3h3
z#lTFo)#au{yXk+g5utC+utNd?TzXd6f)(I&<Ycs0@;czOC&X#yJzuuSptOghWES7^
z{Veb(&A8_)U!Hx>w+=<2J=zoN-Y>f+!YSJOB}Q?C4!HLlFCf}N8AR4#jSCROc65J>
z+BEFwK1ooxpZgfwD!!j9`6$0+Ui<Fnc95Q;{oH%OIqUXwA7n>TPK6xL%<A`Zndd*a
zpUW)5{alu?&wlP7SVi5>l}EHc`OaMke}(!=?dtb)|C>k)y)NB~ScYV^s^wqs<5z+h
z|Nq<16<+IyRg88}SwE-z5Nh@h?dNVri~Sny>VN^UKjOQR*wKxFWG|GZVn;W`CtK{U
zYj4G<lt{Jg9Wc!4XEQUW&LQjwV9g{pDNC)vbCfr6U-yrw)PDDM|B8<>-VY{TzppD4
zrrfJxUzc@>@9VNIZkcn*KeVqKj+q%+Fk6}TzG$6C1kAoJv3&M@-N%6&8mWF?_W<Q#
zU-#qBvAh}fb)~eEKvWcwHqrZ<Z$VU~d3UGZ#3yq+oM%Cfy#@99EoRUyFughqwZUd1
zgYw%UEY+3}kf<Gw0Pa=Imv`Zdd3-k>W4=3<G9G4r$>44H7QQe|_`+0p@p*E?KZppC
zH#pW((7<oV3v;z)EO?6f4dbAgjW|#(@wMIwNJgB17&jqCx0|zYC?)Xw!3wC~k2K5C
zJR1CdWbh^Q`@w?M?}vb~Z^2SSzaRX}6L<uMem~^J`285e$`Woo{AR5d`ds~hU>yuu
zOVO$K<3Yq?emtbOnf-X!zVYM1IB`E7e7F6`kH_zAz2iun+7ITjQ6e`Q4f0k5xzlKn
zMth=q?7_pHU49lw;Lsie+TOVqO+9JnhhaPbU?#YkJtyb#>DtL;(1nK}16MO(U&7wo
zdYpZk@Mj^tnxQ$O-lLhm-WNj$_0VlJr?8_k_8WWPZX{Bk;I|^t-j<fi8KBR=MA8t}
zJCRBemTrhwT=@{@4(srvt(KK|ecT{m4}1cd>+KAZc|gqv$n8#4p2!DTJeTsh?{^|f
z;y<PE!obKJ^W;New1WfgM2L$RaGLwGXB!MDj>&Koy@M}s;lrbmw5pOpcLUqz!*nYd
zq+$Jr;G{x6^Wv%DS?1+>ypTQTA)Lg%`*WFL2x2S+jX5RHsh+{FouUihggQRKKGw{4
zA}01E&jLZ@$J=0fDi_+y-SXMu$yV1k3<X@L7JR5aZy~PM1|j7&qP|z(45<Go3d!#6
zZm!&e)(Vw+Qib=Rl&ojQ`T}cwQu}#E+aaD=GII>SL+vVeK}NcA$x(IX<Z*H?iVvb8
z7n^#X&-ypoN$MFY-h7;)^P%jmp?;t2OXfcWR%@%`GYzx*XoD9USq&S!oC{820{pY5
zm!r(uaU8|^csw5iJHaFPlBgXiLFBczb_@a7aEg2<9Sw-cT%G=Wb`$dESbQ<U-^y65
z9VKaMD-a~a@);sni$1At4U->p!TsI;2_0O6n<aaSWtQ*47x3s~@of5`)mm_<^4tsT
zDQ2!bcL9+AnfnaCXWT3uf|p{yakIocz;0*RzJNUw8FP{3zRE7NNNT%~(Oi%}@iPor
z@NvW&2nb#|?~v4-e0K%vt$bHes^_~zF2;8ySHpL;o^;;!P3{?<Ydf$zEMG{(lTioF
z1ZN)(-KuS1Pf3?eN&ii;<;!P45OAuiKt$EUR3@OERSU@DNf}4%ck}>r$zn|MwaY&g
z<qmhi8;NMEs(bM2ABLZdiBV|NC=2n<l)-zqjjLy(a;tX)39~)T!jIJ}88*u^JFzo&
z8?XwzkzojrKLXg*5De%EX#0h8C#tK#v<6e^j2~zA*rwqN>lnVU+UA8xG0%w4=s~`O
zk2$`HUu7w!1?K2*ERInX?D1(w%VxJYwbD+}cXrEM(Vq|Iuy;0?mu+o08bqEt)phd;
zmv!wL?7@>vb-j4lvkNOCcJ==A)$ip8Q3MSTNb%w-xg!~D+Ci1R17+eK%^kZsTw6N0
zn->AF74q~Glpm%!*(NkN?GyaXc<6u^IW}3WM>K(w2~704!McN_A<`OXmohbP33}V#
ztXZ7PrZEv6j;!kDvLyugBlwm5K>BPn^Dd+Q-SaN9Yn*pA_W+-0ZaovDRq!!rX*?MA
zD>O(Z>%RXjA0^*rTAp3T+2VG`-C2Gg8YzJ@jOv_#F4P{)k=K!@b|ZWWV+qjwgxseJ
zPYQ|Mj`4W!4*mVI(L%Ox!e_9LY%~twv&u%2fvXve<pim%<oH98Z_htrplyP!LvQVQ
z{1ACT<KbKJf+p|<_7p?o1?>o8WI*Z#jUUAe+G=}hB_k%P-$Nu-B@RWv+hziOC<2}t
zBu`fNM$jnzr)L7*HxrQD$`rpwGcC*kR(I|T&dv<Z)q^7(J{x86MqV^h1Me^^nV|0X
zM^Uyj%9|Ra<lr<kibKC|96!+Q!M36wALL%H$pKmwjJAL&cAI;-idnpv+rqLu>H-0F
zGIIH5S}*5SZ;5h`FuyATLW!&Wgw3q#7b1A91MUE|n-<(?Vh?NumN0SoaP%q4oowF3
zM=Z{R$07Wk%r7iU)HXUY;LD|pH%by5yQO!xOp6NE6A$;hD)*ga+_Nx&$|uls1#-$N
z0L4~q1m&6W3iqZ2n?dW0<5B{B*RiW_7{EX7q?>#HOyI7Un-K3;AfNvR-Z%>_H)Szp
zT8F<go}e=Vb5xrju!8uhE7jtbDz=ml(ahTuL5emnHHgJV2o4>J23U-Jmv^)2y&F%n
zy$YTF1TZ2MY&!%4kt>&39$XFV+{D-2vUb78v0s_JQrqI?e!rKrZBiQu#LcnWn&~cO
z#O?|!dX0G=1a-cb)G1qn(OsC*o;^XH-LWi7K%o31V8<-k&+)R;v513=_-{c(#tZW+
z%!$SG8Sfj6N2d<;@v_e`UhX-@>y5=*z;Zt)`0Z2f+*rI}#`}*({Qe+qtqrqjA)<&?
zWck}sehIlF=Z{K9%|$4~NG_?J<y$a%N<v1`j{y~o?{&9545dj{$j(p^$WEendUB#(
z;~HALp^gg2zh`K{L01N}&~NHNr#-IZ<d$zm@oxG3_^p1B*n*KO9n&t8PqCqO0$-(1
z>c<x07+ZHC6B%3j9*ix%>Dbc#>;yg^WP9cPi%_Dp)TTvfGxRvhltMU%a=q{;#0&04
zqjiqni{?rsxX(1<2s{*liS#Ml+o^DGr}zaJ#z(_R0!;Ek&uo`JOMhs54y$%tAlrfi
zVUJ=WT(5`XsT6qB9l9Yg+*WxQW24ghehiQ&MOQWTeAEpy!-J?t$m{}M_ZQYtVkobZ
zd))$F$ApI0$z^*6LxMwIw~_r3@H&1mybgHN4)IKce`OhdyAKW95on&lTzN5{H?XPl
z(Q|fhOLJur@HUIs;Kp#byb9~w>aplJEP=h)8^(ajeU`OgfvzRj1UHfAZQXsAWJ(WL
z0vG<XjW_33KI4ylJ%+!O3HdyLKej#eI>G~ri^YU(s51Bo>(U`{;W$(oJA}{BN8=aj
zVf;e-hTk^%y%1Hgul)gaioZukD7zxfa3AUt>WlIt^X%@Cf-HYA35cy@2H|W|=)nk!
zeq~mZb!n!!q;lB17><blAowd2OTtXCzq0DiCctx*uS<c^9p%Cw9a#le4yrX>3I!tY
z(6+c0S@WO0GH3-BOyg<_(zFJgi$5YjO#nyIq4-;lzZLjfg})c#uXtMLP$hK(>wLwh
z`8zJZCw;yN&n>sv`2Esu!f)N@_fHQnPR|z_f4h;&zV`9@R?{(AMTwj%*?%o~_V7oW
zSBAkK`!j&^?g;+H--~^P6=*||3ebiFU&42^p@=PP!x@Wrv3YOoXm4{t?npzPUqC2&
zKmQ600$MN2G7A?umS2hWACB8^;o!K$F6EqI&-RzVN@GYb>nk6I2w)|!wh0W@#5za-
zfrHzvOs(5O^4JSqV<#&3KQf+JW+D@o%9*@n>5n0OIm@v6w4Cx328?t*t+w>?o&;8o
zsmd8>Vz|zhBMLce+2bgGPV@rsT|2=gY<m1RxL^>;d8T^{LwMbmYxhW{Bo1mH55wQm
z@8GB1C|J4DT-t@QVI{4n>_sO~_Zh-FP@86++5JbuEk)pHkQOF3PQqAxgT8NEgoB36
zIjf#V<#16$CX$eeaEcoq@0kL|b|yh?BQnDY#>iQz#**mpA@{E0IhCu?I9lo0eStEP
ztjKXIFQjjdwOcdV4L2a6-Qt<csqy!-v4d0N!RnZnWvF0ka<pA+&E#1u0g)+<&mz+^
zKB?&$HNVFcp84C~sD>(K5;;s*{#!|Co)Vhc;*D6@Wr3f8O-*CBM(5GV%hrK*s$iBh
zh7x!C330cd5O@3Kh4_$3xC3MY{;NrT)Nc>YobKx=I$0jlBs7(i1c=MIWeLJ(NT=mH
z5iOIDk&!K?9WR#>O@=E=fbwfG{05tIiywC6RzO#Nhwifr$BrfK!kW>Ac40lAwv2*J
zF6Ps+(K&XZIMQYp7D0~yg_sM47u;dwMbG+2l>0X+_jr_x+3+5;e`VGO!r8FAlK9wS
zvzGOQ53DVvu_?9+a2w7qUV~~6w+4Xfhp{m<R5()bhtrijd?)0*J-dpFW{&9<G9zss
zu*$-U5+XD#(f8~Up{H;p(3N6&zwVb!0qLGao~?!SOBo$W_{2!!KN?gHH6;Bqbky+Z
zuoYFq#oSF$qqMu#j{vU@Z*TJ!ap9|{_S>QBCEK>XWeq%PHLb+-D9?{sS#WaPDMd?K
z{b%=0t|VV1zYPAm@JzlM{DB<~e+sVZY!6LPxjTA11kJf09?jW9cw!wZBpo>xjduC1
zKOxqNV31Dr3UGqxex}+<6d)3{7f2A(-=0E1o&NS@K#czOO(az0-JrjHp`@vuieSI`
zTjsJq{VmH3^tY$sc_#fWGgtlXHX?y#*>wy9{q1(Vg!)_Nq54|^Q-90I(BDe#qQ4aY
z^tY1B1@;v23-q_d$LMc$j2(wMgCRqHQ#2x<`9wyYl|rVa&wR-z^qFr@NnY|UT3gL;
z1@coJu;y2<17@Bv9kApW>VPG`KnHxQB4kfVH%>{PPO&#;(CN|+?&l~M6>0ZB0zw~n
z#IfMRGZXB}X<pP@nu}7p%ta~PdQnObE=qwqk?1H#QFr}BNZ(mO{VsY+tZDg8)RZlO
zmJ;sUQ9znHN+=zPu;?iHV04tJl&UD<!%j4mNnFUtR<fgtX+o{Fsm2=2PRZ(9K;wa;
zl4I~pRJRHBRsZ1Pzy<y}(ukGy`t_(Vha|;O3TMUHl}QY^p~}_r`vLjA8^4++CSg7W
zX1e9i9NK6@8P-uA)32Wc5}w{Jzi;PnC4c)2!}z{<a!{9`QN-z+p+eVCVPHS0gy(a9
zu~{$w-JlilSUD&{|1|Il&FaBSPTaw~ljP~|#IMXRZ$vr==|lk=OJ#ggmLEmL?4Xy&
z{Fk4U$z#x#gF;3@-mNNgy=`$&Tg7~Gr9ksCeL6ZUC%;CWZu|5_-aII#pOJzc%!K+a
z_7nM)Q(i+SH);I9r1o-PBhnPsG4!(D5abmYi5P>)9C&$j<ORmm&+uOC<0_MAfBy}j
z`K?4u<?{I`lVjQ`ES}61araebjWfY#Gj+5z!55KJSU&zs<*97*%g6&9|9T*{?Gqp^
zI1MSbLRTe|&E41QpamoNwObv-Bq!@i%Ehc(kPdk?QDQv?=qwQ3t=@&4kp8?0SqIj&
zYIhs6ehuwz`NjVRN-)N^(3e#&!c7H3YZR3N_jEsqO6zPDf*00<c?HD5Km&|%HQQy(
zo?=+Oms7=<T^PV-lYcW`PzTN{TrROLdOLl_F1c<lzstobp%J?$jC>rP(e}3zNlA@-
z--i1FayxR^*d5WtgE@N_%jgf2fi3ql-R-e-(=P%({zm}8-9nOy<71>1)ytdEbPYJ2
z$9{wevhXqM(#pfE_mdo;@f1+Fi)XmRc+*g#)PY?oqU87vmI^gKf_F0@<!@sjfz=7p
zUd|QqKwrV@Jr~2n)#D_#r)m51TZyT*Q_?yfIPsqf8mMYvshp^SV8yV@F8B<)(ZsSD
zWb5`&FV?4gpKHt3P@jzhSZJcQcoVg;i9QxKk@m~mwK!O#2+HQ%<VJDTPe|aJYNPt;
zC#Wlo<kRs!LERxpJoFRP6N1D&KS8}ANPP1XG&cZ=V}3&Vc3dKxUmMr18`>V+zh!Ef
zH?{22T6UXSrsK6tvzDI>Yf0J*?H3yA*tJ2ikLnoW71lAtt2>4l+KjyC7=)KWWKt~Y
z2B@W&chh#de@&sV7Tw{dca-dORz%C5@n2$)3w<=Zx!5(-?5Ey%4SHFF&xAE#SqV9_
z!g-&5G>bem#<mKa(RotfhIM+IvVH?E`H2k0&M@!QPyi!uo^ttOEPJWT^{C73sEhFT
zL3`NA!DYi%0F`g&W(Yd7v1{(BQ<i@7pTYQPmM@9&m3YpA=A$nygFGUrxdnT#=@60*
zrUbJ9!8P9L7|TCSt7hbExg3XWvk+*iOvFa%;mIRuo?hH9-LFWR_HxUIlDQ&2)3N_v
zMgA(W>(eQ0ZkSi!j)`o)JE0ZRk15aO7Tm9sBp?1e^74cluz^doQ)zfJ;$k8V-juKg
zfLn#QnR8X_cKBSfy|?Yzr7Avj@DuD{bT2woxTR<+lK$6Xog2_j7JaJ)A;T#%0nOoN
zNt}>w2<IV8U1*~N@okW8cSu^`z}+O<Z^nv#mh>ZbUzq$jJR|jYqSS2DQM3VgG-MUt
zmKO+}0Z-WfoqXJph-KZytbY(@{g75Uw*&Wv=wp6|UKYZZ=t7T&Ol{pITId=zK^n26
z3Ll4OWc$M~Tj2VC$7>Q6X;$c=%%ej>I3$T#B#Ck-Kml3E_wh$$=+6yX0sS+V`2M&a
z--IZLFlR-y5eO%_M%su8DZem6%Bny%2O}QLJD77u>^LhUCrkPdgk>HbG`;YHwK$<A
z)EDqyY#HPn|L2HK+Dls0CGwx0$ExyM5GL$!I_lp5nLu+{S6hqu(+;Pl+B$g+rli_>
zd8Lk@@pOi+ZNMYe1(I@#FR(0OU>5YWc2D@fAmaZe=m<X4sPdok$U<8kPc)LPt-$GX
znWy|3F&1a4c^w*7`x!m$j2#MM%AE?L$dDKeEh#ih_ikktL+5H?)j??E?ef)7vTN#(
zIF-4pEpy%~Zz8=4pW~5iF+3ByuQ|Y5WJyWpKZaUm_9ho}X7;L#7U<|<@0FxZV$3c-
zjyUBml&k#G77eot9vAGRYzg;KG%{QRJPr)tK6fMq7rJ>S%_A|-nV*dEFNV$syK+{s
z`Xr0TEjXMWigS&nHn<)f8Rm^yU21pvDa0}+&=1UXaD#ZMo%U?YUoNT(>jJZ*`%*Ms
zu#@XEBShx9?qH<xSO<<C@V}i{Ycg)&Z9PAMOKP!E^Gg$-nstd^nlDKpFT;0d2~2yY
zR6oZqi+pg@{~oI(UY`G(7(ke1BH5M+U)Tn*ov{np=^zCOQ8sa2if}u}=;p1+uheXB
zVpzt$9JCpmq4#ep<?Kxiu^M{~@^eLjHhJL?++F<bDiX8f<B+!NJM5AQ))OMTCu%Q4
zX^^S5VJX^MdpV0<1*<bTSx2K^iLQL@Ux7o4?N%6oev4N5C)wPx{}gh}I)xQ$OE^vI
zl|PHu>gQRCBhmxFUiF1|cN6~U1iPiRiT=fzM9;|VME^*!xCG{1Bb^D{H=QpIft7j8
zV45-Uk}_f1g!1vve5w2aqIyEKzm@h6Vu^M*s;x_w1m-kW#cyRq@)61hY2Y5Cy<%HP
zXr2<9?Pm}l7ehXTj&iE7F?W5JIp9p7VC8QEZL=-qE$3g)SJ^-7fd(&w{B;F|<-+1N
zI`Az5FGYzro3OcH=8GJ&uC^g4k3f5hz2G<FOG`R;<j2_1NL>z7$D>t$%ONf)swX1_
zj;TxA!z!zK0p9(W<7db<Z9gkd_(ur;IN=^z-b2fK{Ue7JSHQj5NT-LEpIbZ>(cZ*p
z+ZYWm@8-*U%*(BOxy`&Z0|8+T&^CrB;=qEJ_LGRxk%UIwt<3rmH0o~kFChCZxWQA$
zsb&4eYDqQC!kQg=PRBYMRi)hKKw8Esx-fofE>!v!u39^cL!Zb-o6z+DS(kD9HiS`f
zV`-xs9{w+nj(=}qY`HEkh^^~&j2&Jn67>(_{xpg!jWur18FC9(jlK*&YqMU@Xs*)x
zVVK0mHW+Y}k2g$Ub9X>{8r_AQCK1h)+P@(^VfK2*9*`^f-o%fR&~?U8YV<1nB_T2n
zECGNUhjYfoup5I`fa3_R>372KbBp7;G9e5$?@saNwSULAa8Le)pgrO1d1$WZjvNF%
zI~-#lg4wGD(fr>?KIY|*@s~2m*O7uUcGu)e8l@p4(MYX8NM}zFj%WPCqIpL6GQdy3
z-zoUph`&Mnp@U_+vL7J?4cY8F10nNH<F9zR>)%hr-0EHpI*6HDJy?Uq8Z6adC4=cN
zkW;zU7c1;C4PL9k9U6R5gKuf@BMtUy@DKyxAoh$L1V-rHM1{KQ6+p3>va@nUTt2b=
z!YcV<ne0LttukFGNS1vh=<V#@<^`3_;cH;ujXmr!tNA3*e=qLJn2Wq$$i7!@!wfS_
z_vJ8M;6nvU##T*tF!;|LBG+%1a~k?j==6rUqDh)u@+_}qb`IR#Z$6x}2JVjTWqj8k
zLf}vF8Rc_+ITj)R;a(QoM7B3E5oVVaOxtd6VklW^E|ug*p_dfzt3G->qb?#V+HgFF
zvl8E{zvYO5is(Z2m+Jm0(@(O_(!{orVknMCtiAb6<zytq?QTdL%bK{VjN)1y-BzA5
z$`X5uIcv{w(v)%_xeTy|4^e?9^&{zJId^To0JTud4~>Lk81+9Gbxq~ftdnHoUxNjQ
zlrFP3<tiY+wt61&;y>9ezKU>X^AfgEi?fNLUG8MdI-5E5mu5Sg7z)2MUn;L>%Lq#V
zo#A+SMvCAG3Z7_!pvx!BE4IZoc{Aq~_6w~tN}es&8R(ZI`HFsFC{mYnD?V^4FAdq7
z7>YfIe8}uQBU||lN{)HeGj2T<(_TBm6gL8CX(=tOGV5RKI=gc6XmInU(2(}axYe;r
z`-ScF3g8~6!%`2F#%LLk#;M57csDk+kuQ*8Hm{aSy4AO^4c+Q>GF}ZbYM3%~0Az57
zIL9r-n|V~tZ6wt}=3*$KCdbS$bMCjR7gOg6VT~Ufgf+2tVcc=X4Km<~XrW=AoW}l}
z%=e6e`G}c@hohU}3U5s&H9X4|K4mO`ifJ5AeiSslJ`)~}p5cC_A(dxat?}?q9miUa
z@>+#{*)0M6vTRpyq}7r^!WCSai}SGGyaW-H@>0=rOFFV;68FC)T#!2nyoSF^QC)Zl
z_0Gp}URD>wq+k@P)q%oxdC+Q4BiVwWf&5Qm$V7BIE1=t>q)Y8h3_+ep^A&W<Q0aC#
z(43KO`9bLR-5{9fNVi&AN=rKcsmw^XT&H{qb#IftRsOjjy4Bh!-Fj~Iy-KKBx~rwT
zO1Ec6QfF34*mTicbBi3Cx5W#VJ!zFjO`kjvUiVgafZoehceBI;R8Z+?z2(0_&#yL&
zjf>3KU>J^#qu3J|69hJniDUQ;W8yf57!#7vjEO)8*DmeG7_x@r3X5ADUYUuF5w2uF
zGdPUFOF0J7-sE-Bm|}X2DI)WKJf>#Lm|~{|V~S<Ff})NoLBbVWbWELq2*H>NpZ^JC
z3ga$e-Hf*AU>ioQ+qI|(YlpD0wO!)?vU%DY`U*6D--V{&l3}-(N~@lLGpyS8#!`>n
z1=`(=UhwY%ccYOptVvlIEM#bB3}?CUrbq*cb}UmuEXM9958$iuNgoh|@_=Z$c`{mS
z=rLV}JLUf-muai~5~I0N><eZPhzGAgPB19Am_e`@y#z1yi&4o8?c{{^5e}9!PR~fU
z(~o;$d<V;!IgTtO=h{^+Q-*9=)F9w;1_2i`LzQ_SvoD?16!Y;Y0?ePeRM9#94d@5{
zv!{sJ<}1mvU>#PsCQJCIGBc+%4@=oDE@GRph#f!4uHLRCzdMEiq6{!f8>1Xjxey3c
zrM$|o!$&P_(-|nNx>*MI1s@Nh0T<H8H3&ONv%`g0>})PrcT*6q{=1axzZlqM;uTon
zmj8e%=0{p{SckqDpR2dC26<Rom8qW4*Sc6-@oI)qEXki^*0HKsd(07fWjo1EX2zW}
zP9Ksv|3%1L%im|!EB!si?haPHi_U6X@<wsYl9$orOWt&_<PBH5nQ*m>6|7g5{!t9l
zqNcztY+NhPg6Gm?Oi>XomI)VKg{+u|Ql$$IuwFJXxo92=l1Y~bFG2>vi%_GiICMeT
zsI%~T#$isT{cZsbdy4cg8jKFTpI8>uo>@?XYpTq3YSZlXx}Khn_cb^O+iw#o*C{_q
zil80@8X_x){)%R#3{+sj%;U*)Y?LA8)u<ShA^$}NO?i&X!94qVxXqD?Z8+s@miZ3n
zmK<3oC=-RZOeA%6t#AgLXQKm^mAuO;VyJQ(30v$SJ|&{9tT7<kGCa_nw%yLxE=9eJ
zm}g#`TA8p!?J@*Ich<+js7-FZ0{P+;29B|5@`R>HY6`92k*0p}s@PM^*_Ge%0egyN
zyYf2@2Y!?fOf}(fJcFyA*iQ424{ZbNE1A~+5WZj-5;Z8u^udUMoB}0lhRhm!?HUn^
zAtq2Q3l1+ZUoM&X5BzREIo)h<y75D>3x5RAC_j(wjF%!`7MYhGz7+U^+bk5{p~@p@
zdnZzA_y<8!-txWBm+)0bS@b2Wh)Fd16P`0hD6DCS)^2eotZS7oGxx|}%yxW6M_k9s
zKt^CFghby?@=ZbHP1Tn&sVsQD$0w|7{qF}4KL{S~=EJ9)&CAe(B)AtKEX{F%$p?`4
z9((FG7BM9(52v7mWPb%a8@e1h@&N?#X2ik;+dCK}YHvY6Yxw^m)7y?Tj_B3V4FY0#
zIdj^g?~d+C>Wk=#M8z-T!m&<6pGbdCv5?XVdy3ghv~}os7Fn8YL*uv3uOd_6#9)YO
z)KWHr55cTMJ_He#I9i~8tccY@1K~Pd@YF3?jb)w{2T-aM+g0~1mWDNaA=`|Nelj1f
zX=vh<)2o$4gi{z{ELVLM@ZS1XwjJd)tiP=;@{)r=K;aUovrd&C=+t$6@r#*M_^Rqf
zUMjD)SOdeV$LF~O?iqBW4B6d48B~==+XY<9%kmv}meMPnY^@w<yFfQiVrBW}?pij3
zD3Mm<;Yw6f-XNH~oweoH3fq8+VD5?N+cowSKjT_9|20UWLbSpHf!e=@T}}Ryw6Mgo
zdcyXCWQ@IRsw-e)EPIR-vTyF`_7oTZzZq|L+!TiIU}C68LrjV+6y2J|*d3u9O%+=&
z%4z7(NvAMhdQ{c&@@NZwnPP{zxrq%*FKO4HAaiFE?tj%Qabh>4I!bINpgCogtrNEE
zkX1NQ`|vn?y97;O7v}q$*c2ymv)V7mL91-3{x;y<<iC-THaPjQ7F#dgQi$#U3qPPE
zs+V)g5FOEb2RjIyhGF#%Mj~wv1DCmI1KYnAApa<gplS_I8G7sQzoTw3=~Wlv%a#y-
zB(*v^tS;)8$anv7ea{vYsQMn5ScwP*1#k6jM0Wa}#2=$^J6n*1CK?Yu&~1c3c4*_W
zUhLbx8T)qeK7A{T%&2d<AYk8e1M%<b+qY=(W_(6{J5t?&8f=vcME$&Y-+nfrsL$SI
z`i!B@4y)`bd69WR8YbRSH%d#ro2kwX8ZZS?xG9381#bx2OP1o8S8~2Ak!6OFCtYXm
zzYRzCZ9^{q{t0b(^M2d#2DYJ8Eo#HjecRB0qBh)V+K{2P;Ys$Cys!;(+BQ=4&#-Ks
zPf7YBxi7~SyO5o}iX2aW%KZ^tWp$oimIc@uxDiCB;y}5Eyz2PJxhQP;y%K=}%<?bD
zBZUN2Baf@Zu=)9%w&4+yUpDb2Q(SA_sAd)}t|PQ~f=MC@$RLTRy^1CCNu<u;ldRs0
z5O|rl>Z3)Z2|NV`ms@iH&|@J7fSDwIxwmhh3(j$QI5U!H`!c%EX-Dc@b&pkeO8Ff8
z2I!6+_CvYX>2t>o+pNJs;`bm&$Q`>FBx~0rz?h#Rlp(=G_a$&ckASeuyglR?_7r1l
z59_l=a>}Q%2sAg>VTT|TU8}^_7@BXHd#;(iSv`N?<At0~*AAGEdaNw@+?f!O-ivZ<
ze>PYp=Diz;lFnOP3m3>sr)~sr7(L3EJPK(~F`D4EX(?J4TUCVSG%K$>AEnip2%CD6
z7@mD6lJ2A&C&BfXqnOktGH!AlYmCOcTGGR5yHir*V>-&K2=f$?g}8k*@SN~6x*da;
z8|9@~nL{SIG2Hplhz48|258I~vf=YTs8aE(_fb`kwsaG@MQxSNPe7;f_D4dUMxwSG
z6-S@nj39w?W%)8LIuwbY5NX?l*tc;1)1D%57(0;m)Q|CGR?@jeM}>0vDJVeXa^@S#
z<rfGP(lFC2RB!r_O;B6m`N^y&cz7Wmz?=GnSECKlj$!$^AuK$ZmB=FKH6nvvlODqj
zS^pe-yvf04!6y~sgWXKxa|Q58hWKD76kBR<K^4tLh2mzg5+mrz!HneOmj1z(GTkGz
zm9QXisjZdvi#vT2+5vsTrV&Afo@)4_xTrz)<X~1?`JaOeMQ$l;s}yc_)-X2T$8r<3
zTNos3w;}+0hf@jv^B_(<(pKtAeAMx~26Z`z<3zSbk|MyuKIB)BW3#s7`dp#M^Mq$0
zSSCxh*h2UUzBa>tGo^AVyqraswb*HmMjn)~)}fq(!*YP9Aefh|Rep!eTY^k0x+W<<
zF1OP~%Ma1j=_<Fswul*GLZqefZ{rl!)ewQTH050dt7lo{Cu=Fn<~VZlJ2I-x8MnJ+
zH-Fy#ck{X7w#Dn380sPuW~(xkiX$ZU5G?(#p#fwUjl7n+$D<I^p9X9eu%G{XQm5?Y
zsi{?lP5N!5!A-S0xWsGqa@SF`9XtUmz&)$ISYC-xSAf&5ia`k)s)2Plo2m#XI^}83
zI+R7JqnL*_b~c~MITY6vkqZ-bSAMCZAmXn4LPsIhaphO{I8{f%x|GBolxZ_Cp1K*0
zp=q<Tn?z}`UK7hM>UyCiSH{J=n{aXzb%VtQ?h=K~#woc>!owlDtTD%HNz-&=er5hA
z(KOP?E+J~V(GU|B9BEl9uN}VM#NvWzGO&}z3Mh}2U0yBbQ#n`|^1fKg!su^nKIx5n
zqi3NxxHrmhrmZCTklBl=^>x6?YusC&c{4lMd+)J2hOIp8#;_h}5<ATJz9#qAwRqS6
z4my6wm7R0lR~EYlov&5{U;eZG4^xT)Ds#(dAlV^L<i-+-zR|YIoxra03>)rA5d0Qr
z`*3Rl*TJ@a3J}qkVPWt%_Nr@Cdw>a02|^u8&KDgDd1x7BoXEa4<#gK0Ml?xIlQ{kd
zJv|JaQPUFKraVcfB&}W=ZS3@)*VZIP>+aa&o(l*z7!q_U;p9{3`3-AJPk~7Y5-H7*
zYh&^h)!|I5eg>$YOVou5R97SD>sU%!u-Q`E6;b2JCr}|Pl^Y#!2ifsv@Q9_Seq#B1
z*6vv?lc_WS#${6WNH=3#<}y8663o}0p}qj9=P;g#EbgR8(K3I-y1+>1p`f@!u$E>N
z7*)@O_KW#4Vtx`n9QtuLq$IllR!WMy`f^cwZ^aj9Or$+bF8RqFnYw&nyS)~R=tF{N
zOtr^PLwVA|OB?f(ZfZSRzB^ss!r?xnii<pe{#bO5WDXp=R55C<!C+-P>Usx-SCBdb
zUcof3)Q;SN2)ptda0k+A!a5yk7a*+|L{!f}{y0)4GX@%S#7pgHai`ypwCSGn3$xa~
zwT!zaG7A)hj}b`RkYM&0|Bjk-1Z_uM=0@-ln9}4SJlzEvskomGsNT-)$k=&&lOtGQ
zq@(lQ{zU`c_R?HWT51PQ8A{(Yr`DEI*ulDx;|`$=f(_U~f{@rW_=B%^Ly}nv?6(rx
zq20nNCJd`!I5hLXM;pvM&NZ#;KOo~=3}JNXB8E$BJJ)&<>IQ}%j=#7i3?!Pav%}M0
zeXi$pd23*A&LFyBEoNu^Q(FzKYqzrkkO2bTQD<EvA2DZ1$iD9f4u?qJ6XT%o`Pr37
z<xzAPI)i-;`QP%%NA=4m*x9gu?OG$k2S-nj*Ogl1rryefMSRRp;027Beohf{{6C#S
zzo%5IO$_rM;l>R2)5J&HFemsBD>eOL{t}m&+gvkq{RbO)>u(6ysbUQpHa`L>95ht<
z%$q|(a&kLrA7u9MOQwb)daUJdsIz{+^vMW3Tz0OL5094#aF^Bzaf5NUP}-CjnKtzw
z0TQ@@6~8=;!aB@Ce5{$!|AYo}D_oVy`><Pi36LDByqv$xm$J*XxQm8k0ad853fn^S
z8jc0GG)J!z8iCsAA=X;kOxy3=T=ikVwz4tv`Y0``U9rY=1;hPxh1756w%63I{{#z-
z&ud~x2uo{i)Q$erm`%#R!B6cYZ0^w3AO>SyxyR3cQKyX_fj%0}L2xr-K(_KFw17@_
z_#}LPJo=6qCHfvrhEgV!fDEfUfyL0#@W!d{b$!TjF(iG+ng!#6$y`aST+rkc+K(ly
zvyiUHF|r-o*N?G>2L3H1GW6T{sPxnHN0HO^3m46k2ik6yu%^@(TV}WF@6eJo;~a{;
zi@`q;+RF6GBOU8MP-cl`N+ahW6Z#oU47mIJrR>u#+uOv4+P@Necn*ucZwS8gq4u$T
zzH^ri?l-;K#~VI5B5xxz(4mhCR?ZA->B$BkYJYwMT=wjmu{3@OYUU?_p*?j6@`Yrl
z4_%|#O7b&kEfoS%vJY7M1fpP6LMw$kkC+sJsMh~VQoA#tEZ<><2|vvs={GTGO=vN#
zx|Z=h01YpDA=+#^#-6S>fC(GN&msbz*$}}qYp%~=o5ZC`HJL!5$?4biMkIGfdpwLQ
z+jk%@W-fbrd@y@@T8uzhUI=A@0_B5&s!YEYI1jU*9Xfz?HlK~&2`E$gRx80B#?n&F
z-qpGY2!2bY8|Bv*5GHn_>B_Gddtqx5^<+G1l%?MZVD<u#2LRY{aO=_7fxVS+bfAKx
zox{NAb4^m2c9iU-a{*ur2tXcos_xcV+*Wxhva8%eq7X3`q9g4Obi0#tQjWBbeso|z
zDN-d4J?Ajh$PN#+|1@|-MLx*_FkBginq+wqP4b^fOS;2+4#xx*2n_e(gE4c){m(<1
zgX_;Cxy5*4RjieDO+uM#BpkCq@KZnxPR@~J0S#L}fGWG9it{6zS<tSoX<Mvx&dP(<
zngY%WBb9rR#J?P!FL_0r)n7^rN9NC-l#sZ))@&$k7ZC>m>aQFL!>N286DzD4pRZ7y
zcw)NX<5Bon`2&k1ZkQOukG(k9E^n^nko5|~BT27N96z~t+a;8=Oino%N+A=dsVdoj
zr@E@kB<nWt?#j29aU&TLIx}~>C*%sO-9CiDx)QthSK>lVX-bk}0@PLz{|=NZSGF4b
zZ9m6>Ej42MB&@CIBP<u%3q{DZ?3t|pZKU+d-@$M5Y<v2<2>tKj2e$o%;mmB?|Gs|l
ze}J$B?{_2YNCb5^b<NMVp2<<}EDxahQ1`T-NAB1)4=N46xdPGJZh@ixqV~$~9=716
zh37HF|Jcwh3!9P@&WJ0_>#WhRFCmM0m0ng5Q>j}z*7kc*KxxF29`p($<s1;3?3!$;
z6cEc!``!3nIff|?LY^6M#UvD!S$Y$iL0hgcEa`A&#k?2wee?ykKZos;#}22IH0DWN
z{b3ZJp9~A^NN9PepA@(<EU<WV<t)6wEt<&z7hmx7VmxuuBu+|V>8VW7t-O}$Y!9A1
zdVquQcRjmx4*C0ItPb=^EpFigU44kc$QgSgTxd`ybqXpuhW3MoBGz#8fADfPHw;`e
zm79rc2kLVRVVS+o0vv}cv_S=v@b>^y*S`n9*(5K7hGOK0cnQbrENgDja;O(L$+VpI
zK%o_~Ah;4q++U8oDUM(-el9Aa;z%H)j{`SnGdWAZ@nu-($P*deWFs?%S-_lYSQ*28
zSeXh=`;(<Lsp}80N#i{1U;?m&7p~&Z<J<lg8=p2TM?#>-Fsx;-?GJ{vRJoZl*P&8R
zmLAlTsa#20mU>=}vW>0Azu^-Uo1bBjsQo(v$jJ%o1;~fGY6oX@j>>18Y*EA>um3z)
zDLrkg+HakjYJfWX*T4m%?ND1`PMfFtC$Z_U=vUYa(^xbRF{T}m+Wa9PZi~Mzon}xT
z^?lGOScl0NBw{6OTM;FZR@Z?o63x=60-?H7cvb|EW?Vw$7n!S=Uf@9F)gU>6sQHH~
z`}8Z0$1y78LRzJmgqZ5^#O-VSNWIquz-I~Zq26nqp#_G4-fL0J^nVjSWcD7ukKQXb
z<u$H>W1l$gbZ!zI*xUo@z!VkNA7L%xv?b?vup;2nHIUdp%U%WXF!XUNwpbL)3$<Gu
zFWA%IyN;J2rk?1C=<0BxE2*Q=g))t+*~*y?T?MT-&BSm&Lk4|4^BPFgy8e>JddYz#
zbdZdhoWGpkMHMGcduLj!CrVw8zXA~<NPiWaM-Ryu8L0L-HVP(l2~lN+;mFF_{*g!+
zwg*2dR}ebYHUCm+4`LjQGe&bICmm<ncIZdzL5wAvJhUC#p&}Sug;k9DH+6+ek3Ez(
zEJs!pke(PGsQtK>72PPbn<sM(E80yp{nL|3nv?4vE3FyRpsXYykb9i?it_Vpme-jj
zBQlo7v1aV(`ch&%=k;a!vj<*ZM&AQ!mHg2m40V0E1gbrGyPm7f<qiZLzJ|TSmvH^4
zeRC4@UCw6KKj<4qawT1`?)2$HRpbW<dPZ&gMZ~iGSrlcLJH7T4-?bbp7S2O<bT6Hm
zLjx^Za&48PaZ2{*<12+;hWqQb{nEWAcKy|jJtc?kBDz15--YhwY5#P8HX_bQ_g_Md
zNcR$=nHh$34{>V(3AM(-ytz#1oEQde$uzE{jMF)$7Hc_qCFy*?(0OyJaMj|L6mGG}
zr2H!|p@(jL4cY(5oP%jN7bnYZv?jxV*Wx5L?eBd#OL+iBiX&;X7WH4k#(FHG<zdpI
z(6ZxS%=XDujt9u8ya>M{v{iQk!!1}!e3`8zV_p59<I(6*;G6UnOxr7I6P1gCw3YWT
zd&6GJ>ky~%4anaK$yhT)vrEQU7FO31InaYGej$HO{@^oF#*wr*+)vp}CAd)>gO^uj
z9V6o@*OLowvDBOnSMQe~wUiT#q_1ctsIPw>@TWhELVDX}6utVPAWsyo+PD^O8@m&I
z=e6NPaUOfB0+VTV<GMY&bmHB(Xs?44zG+V#jfs44KJq&PeVr)ZjxjlRqVH_bMk+8;
zOJsGQ1MUSTTZ)BL+ADts(XcP2Gd47vedR|0fv=uP9_#&S3Nf!EX4tvA3fm1%WMe4h
z?Lc`)lD4D)tGF``hj+_a1X<5N8VyzO*E9zJX{y5P#j_!iZ1lwa)`WjPTBrDY+wrRJ
zLcuBJdH&6K_Fu|R!;PtDA+Ds=q_C0Gq!JzHQBn5rw@D+E6ILKR%Fw<G(e=-eJ?trV
zz;L&UCw9ue0Ode;L%F2JPkS>S{Brq!!TSRm*_=m9Sj9zF23cCmow>IEGNcQc9SKOM
zqF{X9NI6aPRKfUU99LQ@K0c2?en$gGp86(jWs3`NScsERb7666aXM94wm6Z`6x&jT
zk@2)l@whTWW+_mHvuKZ@*D>UC4C^YnbdP0WZXr|Jh@9fd$qNpc!!@Z}7~?btFZCQV
zXe`Qj%}tiI0_n}VVk0h$&$r+-%+iODvE827(UJ5H+6q?+_-8G?2=@6PiH#H4_M}kH
z+Tqpd(lW2$Z(M{O(Z#wTDK78|r)^x+?iNPP3I*RM>9D0R7648IAcr-~hypOA?nT`f
z<ThrD7kYggvc>aYBH@X4wHe0)Sg5L6{{$jw4og2QUFr#QO`%kc^eaY+XP+wn4?1>1
zXEO^(rTWUhlx%|YJ=-r_(S{0|35e^bb5Z?c*{(8|4g3wfZf$1zYv@a^MZua$RPyfb
zY)Qj2TDnZikm;<HOm`&q4(M0AdLH0|9m(D8NkB8H64-@MSv#2;WlY<eV;y<A(%5kW
zR>HEjk<)HvX;dQlb2$a_p-<;RC=o6s<;ixL`j9JM$v%y&<i5_dU~v+nE*ux3ZKy!?
z7zizEXSNOf7W!jm+fZUcCmI}Y!TRI`?7Qx>J~{uNv_824NXFMEJHyorJQwCCeEqJ5
zz3R=7u4draI#}dDajJ2sbCqx8!xsa8@?mUuE`mWw!YrY%N-7l0vohU9Y1>?aG^B1n
zxlIJ7ZJ0Fpc0Jb)IV(8$;$MK9BYMEFvGPjzv?jEHyJ8hX`Dj~>&uuj{);Z~Uz?1*}
z_vfxZ%-K+EHO`G?B3egtH2b6&+<;V)x)78|Ns8fqB&q$aA2g}!znY|}NAPve@U;X)
za@6bjDsq%O?O%?%77=HZqwX}+E+OP7hM^qQVf$}D!g@LCIE-y)GcgSKG}E|}GR~*p
zjCK#@s4HV~6j^D?zYlaaygpS}e%NUct0q@sG+Q0`Yv0cwzXgAc6FkR5<c2eSnN;B@
z>^B#VAs<)QWWwT)c@-E{p1vtVdulP0p8f{g;9#6SE0IYYjf)}pfT4Og-#I@GqCood
zv9V_;AH}N=+-SiOP)ec&F3`q)#j#DELE59;H5An>Pm`7Zh{p!wU|3ACpaU3KoB6cE
zDvU|{Ab-bNhy0I6{$}5z`YQAk+)(pWc}sClIy!|7N7WE;Xu_J-GZhc+?M!b*m6|$|
z?a30)wZYyi^MI#*x@BT-hL_Tm_Pg@gPV1n<%$>GX+MREeMmxop(re#D3!=Sze89n;
zI1CoV3kij`i;)D&@Z^kuu*+FktY1~vQDXdvAAgIz1IlC=>g(l2^!3t(@jktY$*1pP
zsyfSWG3Qn|`}#=sE&G}e!2LwNv#*P2*RZeov97NfE$VCAe?F681m@Ln9BJA2JcAPN
zd&y=$ea{>Z(D#WFR6$Y-^3=X~PIN#k^nVH+jP92XXg$AG8akkZZ==;4=|EvIIv}8d
z4hSM0Kqtn>8R_6Vi~~AgsB{3Dk{7jJm;S|B^N+Cqv36pp5~i}_%M3eaxF2@B-*v5~
zb^VVq?>IjezcJK-QXl1if}i)N1N|=Xhg=~clvSO!|7oHqq6q3mxPLg+T9gfR{r^1S
zwJbg0wT$ITT;;VOy@WqOB2;tzNj{3XJ_o2TugotgHeQ^wZJ!4C!>1aX^<R-8=~2Q`
zN8E7V)vZi5NfeQF9nONpjrv_)e{1|U!*kb-AW;3RS_n<AjbAm5&u~ADzrVRqle+%r
z8{7Vi2Wsu_v$aLWIvr>|n_bfP5WB%HiJ$}9C9SfjSW5X%V4kv~rwVee0ZOli{kT&4
zku?eWkttnCuX>!B43LO|QKoG&?Z@!%Y(Guv`d^p!i|h=m-y%Ty6>UVLJxJOa{)BRm
zC>fwe_yG{H{kstV06UVZ^X;|L^L0ORw^`9+Kk`8;7ko_k{*UmZyDHpWlZ+d;Cs`P#
z3)}xL%B%bjlYWPo67+q7xI3gEw6B8|0DLQQ?WmhCJ}yeh(1ONnyC9BhEyP;wO{D!P
z<{oTbEjr!2o6W05$LhN-ytCs_Co_7kkddv($|0Xa!DgRRKQ!xy_y%aK0QhuUgcBzM
z(IPO=_?Crb0YhDRPL5-X?wBBNECw^<D}sGOFDRV*qbm^ydxW@%VxPTH+)L4=`=z>3
z7)!4>#`ageLh}siXVs<e*S6MmipoFOv<2^Ar=VWCQa%iud#3}bVzP1;0<&cbUdGCW
zQe@ute}GiV=px>>O2!1KGZ+(0<!Zx>f;!0TrIqLahn$lyW;|>*<ALGdIUY2r>)%VF
zit}=D_q7I>`GA1b?dG8**&j3B{+RmRL<y)#7}f0rsT)fQ>c$AJL{q+ffl~;)0`rsj
zJk}PX{J{O1=OYi<uesdRm0_SmtlO{QhyOSGHHr#s8Kv!FyhMDYHSE{yVcVb&8HW2c
z@)GRV%+ZhG6eu4X_iIj+wv;-W{TfDdHCx%Q(RSyV1^$yZd!=bJhG?_H`3nC*40RzT
z-rQz#RQ3z$?j)UhH99H_6tWV9lRnKU{D%)jANQ~gKpzsKEf|IaqX*{yNNfg1Fz25n
z^(Eo~?J$umNtJd?J}TVMy}`YRKsf;H+y$3>8kyF9NSOZ=9v46kb~MfuV`5Ee;IP_Z
zwBdQ026l4iU>KXD33D_HJ>-%f(x~uhuRKBTP>}YPOotQ6{9+trfSlJ#1&4{gh-x!)
zA}BwRgs|{h4CcYyVz+u52G<q`r(uY~o?UUg^AkhwuoYL>Td)o#Ip!pFiq((455l8Q
zgSkZ}Q&IRNC<syCV)J24eHK>#jJ(1ZnB~htgX<Zz(0#ze%!gp|)(bfPum=$7K^dX6
zz@B1Q{XG&j7d;qEaPgKB$9{t?!%yG<8o$StqIz}?PCKooM;d*o?f*pz^?6?&HqrIf
z=i)7T8|Ry>^<<B1MtpG8%<*~Lc5e@sY>Jx@R2>4kZh+78;jnxP@2K>Tq|)R$tn<nH
zl)>+;Gs9S&xoD}YGr!jrY1S%rb#5YkIzAmcv6k}cbD<Kw(U($G=Tm0HN9ugDsWX-g
zEc@B(d}er1kt72vfuA7Y*pzTuDM{V-Ku%zsxF?ioJ$gTrEwQKm1L2%!ns9BC%9*su
zONxvkU&Nu!6eAZ#G;;YEN+xi11G$251EmR)J*UP*7%I^R$Owc@%Cv67z*3`-@6cg~
z-$Lp|ndBSCBIG~eeb<oLLGQ#6yid-=V$X?Tbrus<-iuKl<8HCdd*s3Vcs~mNsnHze
z!F9h5c4m2n@W-!hGSXoZZ`0d?HxSeVtXZP=QwGV}UIwj++Rr3R*8USAkY*VlLjI?+
zf5kA*5ubG3V`+Wp9UZ9r1X$`@Wa?D8`bd=ZBzVXcM-QvR1x6bxC7Z)qcpM;T!~sM|
z-(hIm>&f0KbkLrrCz|2cc5Ew%d1)W=SInVj5U+Q1Rum~%NJOkQLl(%8<uGK947K81
zhrwpZx&?I7ZCqAsS~;f4#9{!))VqzpYsmuE+=0g(&C__?k$meuvLOBFRz){Lf;kR@
z#qUyr*@s?UZRmv|=w$<6K`#ue-9j%-pWh$7KrW(LB`M_b?J+9&FH>y^Ly~1fijHMQ
zdVP(SUq`P6DSvps<=+{Vf8}*S`J~X7B1yP@`8luwO+HAZKzn+(YmB~y_PR!%mE>?{
zO58lknXQ`S>gYA6N<LBmI-6hE>GHm%E9_{(rK9;_cU8PK0G}p{ds+}SF%}L-g)#4A
zihk2@@bu6~@N{Mf`|5ZAd)*>Fv0j>w%IV9)e71*a9u4!E3}JVM`MjYapBqKqUl!)G
zEll%Bn9oEA`+Atqzr^x^7;oyeG|cDPFwI%v)7Qe(uQ#d5BOL4b>?HgXe=&pp5y-^<
zSBMvb{&h%e9v=fb=5b8~{RXl$&^IDad8E@JV+H&R^Z-cWm+UF!M@OTa(_;LHb1^n&
zIo=oGFzEzBHJ)eE1~}zP%?rKG@9cfaJJ$PzOYif8>3uVPz&9TP5C}cYAX$3^fx+u?
z;C1@5;3d3$2(2U86puCNR)7{R=z0liLfd`yrX{$t7@X0OPhI2WbTl;(`B=&}3dv8i
z9>k0x(=ZHib1ll;<Yf_WV&sr>F-562<Xo`$B}B~T4T}mA!WM?v#y=_dx_$alz-@mB
zqPA0ZFjr3h3INB}=g0V*kY}9>9qU(E>+_$#07<qowLUSbJ~4wz4Gd!Xkl9vZ`ek#u
zK0)JE-b$EH*vmuM2MAk8*o7hNi-ZjkwlRd=OIVSxi$d712rCixiV)WH1;B<0yEug9
z37bvWB_V8>unxk?A?$d<ItjZpgiR7Qhp@{+SedXKVU-Z}TEbv&oS3eLu=fzwMcAeg
z_A$bG3ELdPzCqYr!Y&VCKP9Y>uvdn#-x1bN*sDTV`ip=aMA#J}tU%bogl!37hY>c9
zu&EIC0>b7Kc4Y`#PuL(~wE(8Pj~hWZ#&{NeSCi}TB6rStefa(i_FAV&2zEIMQrdJa
z28dpjzD8rNiIJN|5zC!bLUbk(7;MwfaRMoyk6fx>lpWn*-M*S*m3EeIK<1Rg7-C*s
z!dJ|z46DbmIOBG?7_+^U51GC5vXxh&o-y~eUNw!Pwp2a|u-fZV_*0$Rh}Chd)kQl?
ztiYAOiQrQEHEPP86vOl6^=NyFp%_}w3M_a(3~2Ek16<-kvE1peB${Y9wqLlu4rly7
zJ{`z};9tLCt0wfI@#A=Q{5PesZfmxuaf@4`_5@LJ{5Kd_QwXa(9oC5Dc-F%hzb}gT
z9p>_tUkc`O&g>!q8qH+63<M=_dx|AUS>;E-s!QiO<xBBV#2C3)JOig2dL=nIVD$og
z%(@A4OL+)t#-4Ne<@i?qEl^EGkJUTzF11_=O(qoGQXcCe<t>9L3a&qvA~zy`m;*)k
zpG)~-JJgX#n-WP^xsGJ6!_9Sg(@v02sVChvW5Q(dMZp*5AHQlnmVI(CcI|o$?#`Sk
zHU`_1?QXkQ*EBCf^*eCMt@#vhBKeetb&Gy$k2O$xI@VZwgT_jzTtA-2RXbX*vw(g1
z9?Uj1k_qXJq(em!-}R_B<z$RynOl5Vbp&_6G<5Rt?8a^=JwKdnG~e<kfJybG>`=<`
z4bzT^^T`?FC_1o_38p9oROxQ8PQJdz-uxz1i6foi5C^$<Pp`fJrIP!oEb}vjFOKM1
z$wQ@WTw~SH=hNpphOj{KXORA%0#R=Xq|Hl^v!m^)MXdq==bg$YAgn!!c67QWN1XiI
zM&w#?@{bR-r|=E_dhIDj@?^rVu45v8u$`U;JZirq*eySwQJ%)LF39GhKjG|;%8O`#
z)&3jb(T~spb$0rvA_bPoa#*j^KdtUfzMX<^)pG!cWl3vNV^CL5Up?!Dj~li{Od%Nw
zf=NXPD@qn-w<Z-S<u$;md<VL+d=>k1BT@b>Q8H}jEd9C(>SVk8YR0<;KQu_`#<_O4
z>uqlSZPkmyRDk!6ciC<a;r!bDw(2Xwua&P|g5`#EN@YjbKOkmeOJXLv<qe2W3TG=a
zlomqBmgJVWR88Kh!fNqJFh<DqSSuwh%72uxdd)IINTd3^g*+w%i(<x?HDg0w;(3#q
z$jK=pplO0tB~huPZUQulT%lxEkGemE(?!-9q}@7w*zb`7o(%2s*=!cR*;D*&jw^!b
zdPC+Z>c0jTs{RR+OU^%+jq{FRb}FBjK_-7<CJ^W@#f$hZto;EHT8A29_#-1Imxz6b
zMNC5Uy8c>by2_qnGKGk;`78DmvmQPOlrLFC5z1d7DMY19L?F#MZ$5D6nZj6p5EnY!
z?WI}R7wsDH@Y@XqP+kv93a-(7`)8tl0c-;llPc}LtIepHPkuB616`hE&Erfe?~~Ba
zrSLOoKr$d6^MFTE@F2*qAbCbV%QWTsn*fpaK(5+UI_>@i(P5=aYN`E|=!~Gy9BhAy
z0PC2tK83tVUqL#Vnwc(Od`|Uv5}OiEa(G0%i`*O1yc?`<WfB8TCN#cKQE_!LF^Wni
z7iTLoB}ri3Ly|xjVv-K#lbXk1SE~WZVp;hv+#67_q4oJlKpDzG#aOzgwbpq{B_XLh
zIQ4agQ!^a0hpER=26{0Y1WnGQ3?)Hq@kY3eH-0dSw-LMi6lkY!qW^5PYx&0DneCdC
zvqxug%#<HTzvHMi4te*ggUYOn7r3~XlzXh@{zh+z5k^e}-t`F=Hh@gxPa>pnhl0@L
z4>2F|U#02Gm=?}OOKg1xI8F1X^3wM;U0PmG*xv}_PYgy$OksUUtMS;~)BLF%6vFHf
zwlIWILeY4mA&kAJ<t__hE@AwMmFtD^qH@!O@h27!+qNd{QDJ^r!uS)5*Brv4{8~a-
zl(sd5MflAkOxh}n*G3qB<Yc9`OFLowiIpo$G=W9s$`VarQGT*S6IfKPEYSpZY*;s0
zq6ute2$Ln6z)lQdvP2Wu$sw#e#P9SF))T_c2w}36leA}tFj>k8Y<&omrJTU-KOvwE
zS;`6QWnsKRSjNR6Y#@YHL)bwf?1~U3OFqf(st_hiK7ny3S=(Ngd;;UPvchD^Cw&yr
z_yU%}pI9Hsl3rj@AIXwlU{N2*l3rj@AIXwlU{N2*l3rj@AIXwlU{N1&Nnd#_s-;76
zgs%_36AL66p^NzXf$-~MyiW6{5+OMn!XhNcLRi$W<4ksUnAM?-!k@}-!ZtlDggqU?
zmJr6DSX&()!Xh-5hOh{YWg#qTtK}gqYO5ncSkzWWhOnrujtXHBJs%C&(4XziZ!sL2
zVdL(_6=c$t|3RH*-o1E6Cj*sHyWj`#u&)G?bEvxIX`0%xC=Bzm2(bS0A|S`H_((k{
z5fTc;Y`|B}3KA<eD-bTT0za5p;gZT#C{@$w`I-5LHR-vWq3Oy;iII@RF-TImH+)^e
zB0^31)vW0?IzerIt7#I3!F=^vMu<d><C!{K{YwEgfkjo~E5zvMF(!4Z+^^!lc$?*e
z{g<xM-Wm5_RN}2~Ov%`^InryZ7MnV?D72a&f>4T<xsiHd${c}+p>d3e5nFLF#qRR&
zuy6~-QJDj`5^?;qH^0ra4MUL2xA}_o*U=@&L)+L!_T~>NY!k!kwF+B7*lfK#Am<+y
zi*2?a{8gX|jeP)u3oHWO$Xp{KbtRkHo?@Wl$0{~Djw2c&R=($;4&{Sfl~I!zXd^;M
zY4R?0JyxrVy1pGq4?8wC2R8Asadf<eNE`s!khtE=h{)TqP7U%_osQWDc}`tVmlm}X
zfNeOA1oC|19}%5INYn(1TJe>&llRy-B3#B1KbUbuxi_pk^=a>5pP}vy8|(hAXQ?~t
z`484t_{NDqFRU+bnyQ_|8b$S$2nmIvo_ytEkg>|gBR(rHNn({}B&j?<n94&`eW$4|
z!<bUxM%J{G21$mPUVu~>*Dqv{teuQN`*!^decL_qoci|tD5EC%20W7dNQ(&64s=_n
zrJ+iU%c>CxhJpp^&9J<O^}Znx@ins4m$7B(%4nwIA(0XX&Ij)@&A_m+*KcE-15mv5
zc?OEPvm(8V(0Jb%&L`5mqL6-WjP6)c`zb&(?ESMiYn&<&qlh6BsGTMdRlfMrYNrcC
z6)U<;xLP2pKJhsiYcCSWT%C`2(_-z#fb?aGCpoSFp~s=#tkeltp&Cot{|v+`9_*Q`
zRlLo67zgJCO`NO2*J@`X4t+gg`-C+f`!G9*Rbj{qFeKUxi7Z2+$dHIJBsvUPAVX#<
z>&K*ZE$EEAyf575WaiSr%w0N|*^5Gg`HMn=1?(Qg(PWmedk|)`EF#=FVmWo&+60*8
zpA=sAk=WGf<S-LH2z?oLzI|*0)y~3qne(`xI3cv4pY>$MAwe9R6P$;(qhBHao#>aW
zJ;kJ6c_&^x*<~^<$rBypKb$#Fny~nddD7<PS@L8$<O#J93w3n+L6{vz5<%5NumwPN
z!WXF-M1;*d%>ZFox1{|nkd{7D-;AO^i1GP6ZlV24Og<9o*haCdHi7)n7TA>IlN*rJ
ztB~RDI4S)MmSxI@@{({c=j@imkW8T5+k*K1=ZFOqGR#R$rE$`ym$e`y+yl4e+~6eo
zM$c1D-(}HGwzBA}SO7eZzFdF~kWdrijAC&?D!mg|8CQOO5w0}XI5_Ac#}$Lf;*S(7
z>9HT06N({!`3mvk978{C{AX`|k7-GUjjZOYjBanfn^9m$$k4wE!^@X^4#b0aR_Be#
ze@%=B$=-5tt=XofFk-f8n^P+t;)1_+{0-o*2sbi0pV#u#CedQWg?v4M+-D76d-zKG
zj@sFL%~oE97E>|JY~sE<xQ+v-EpY@$&ia5Z)F!OOy69C>6nJIQIv(X+6zYPi(+6Rz
zz5MmrxSH=WBmmF+Im#8~eRfcE7v*o_Bg}!ng#f$cs*)p`oP*Rx@Sl?(W;j;YPO2`8
zbsY+HKb_JrQ2vUw4h1)jtLjW?mq_@EP=uwPWZ9`Pz7ou+u^7g`T$E+Jco-kDrVuwJ
z6eS*JW^hMlOWQ<Z$<GXBGe-9!J@JW5o>{lIA(_n$rC-X21c`hYus-Hoip7Bfn4r2i
zQfe#?hA~00I7XPpN(HnM!@eRb6*$<<L@SZ+2je8%|D!Cni{k*Y7{kV)@`L>i70K#A
zLq+E6SAqulPrE}Wt=#C#%ofRJaqWp|(CGW<;j{J<RIi9>&%k7|J_j&OoF9c<9i!j?
z<mXZ0m<?Gtn}<mPS<b;dOX4w8GLN*XA8yBHCNqOpm1@x%%VA#=#=d4KzCEE52AH1-
zW*CxyjExtfj{DGn<Px{_A|U8|$t(VmfVz2)XNq|?SA2;|neeIoCw8)b4|*j-cVi#J
zNG=bckF~cCVsD2x1~4wC?ir$EBCjm`8b8B+F|3Zc*DGYJKW67+R=VC02*a54`V)Tc
zlzFqk#!#l8Za9&gL>YBmWO_AAVdh-aIP5eLuht60h+rZVtpkLkka0QBFf4Z<b@<ZB
z7sOy%hLQp?8LGG%Bx{K$Ym2|M$6sdiB_`ssNRfb8f=EEj+K9O5pMBOgH<;#P*f^dZ
zVw)Xs*ockr9mx0W*c?M)FF&$S$G~$iZZr0j#WQtQ^3Ov0z<6ku?dAOoP|4bQ)T21A
zhC})B2)=>v-pW1W7OWO%a1_~W)=fscgUKj%H&kFBeT=o?CY_6-1r^H!?`QTR%eWQ{
zvGyG|j8<=HL`ck>$ev;ru_)l2gv6p4t_XTyTGEA-x<!mR-fKFDVW5L~f*li5J`Vo6
zF?r}yh$!;VdCV-*)W|Ex=~1XhB$HwGVux*GvKr&4{KcnG{<;Y>TZ8-s!HQ8-u!6)O
zf)ybuSaHpJA<8)ib4}#~7+A(Hw<Idz2q2?wFRj7_0>+z!f^s`mjLK(=1-J4vI@QQm
z`q?v|<shud<ifH0jEF^}duq6%rg@r8Q%CcgZ$dqdE`yJaH2?c&q4}si&qobnnlIW^
z)&v%`@k=-+rU=p&z7@sMwGW)pDA>~lRU2E^)F_NSe!nmZ$q?<x_T)Tx&OUPLJ!sqp
zIo1CoDnU8*;5rc%LhH;j>iCai4aglkkf478!&Q|hkiG5y6&b3>N4D{kpckwb;0F~C
zVqKyj!PB-DBa}05e)t^+x5ip=zHD)Nx{UU4cjDld_jUWyY$cChPtUfo-Cl;Y{8z{t
zU!9djhyadOIYGj%%6SrYS85XWRBo2AxAGYY=T;t+u&?6W$#ngd4hakC$|8NpRL<bT
zR^ky6ii1AjqW^v9BZ?Oc8%ZO{I0s;d0q;oEE=At3OuCFkXy2Wv)vA*%x-jRIfy+#D
zj?6GjAI>?wY-?`UO73J5l08C}Hnct13{|+y0sJ5`Wt{&z*41^m=vlylZvr^ln#jq6
zSpK)!sKP6eg|m_ye_R<X#2-C|&&6NyP&-jwMxuWe%f}1PtA#H-oD{zNjA-v0?Y=<L
zqBk9bffL7|$?g&iAo4_+M<Y;jM5j%$(_rAnu$pBr*_&@M9m()Oord|A*@$r*r)j>F
zpCIjr{FUQ#=qX{w9Ks|IhK=OWF68kUbZBgkK&K$3flJY9=Z5nn*z8M!^=)j%YgmU3
zvZWVu66{9ywJU&K@gOd|zKbTU{u^Oi2x|$~W>a{LEtSXL6Vuo+Ip#E`fX0q7Nk@b-
zB$%PVQ7&!bY6$m{6`3G5p<%f|NNhsWyc(7Z%s#dh&~oB&uv}o#u{d$vd(wIjaOuN*
zA}jQatk$z$<w-QS@;?ujR$Q+uI`ld2R(ij|bq3KB$<yybiy7?X`!VvJsKvh%4NZTl
zeCK=g-IEJu>&w(jT6CYB^7SR0_oyDg_PfS(-~gQ1IpSc~JY$(Bupmwl(!aQTFd>LB
z@1Kb-_j^cX?3)H1_4^HFG6ZGHHUowP!)k$Po&)1@YBf|81ac(;_?E~yelL@PCisD&
ze7QeZu!_8;i6q8wE0#j4B9MrD<AuMP;VB>#DL`_OZpPf46rZL0_Un0Qd2NKKUzvIs
zdIz`icIg)uQXW7<`3D0}sEzRD{WE+yP>*R_{@?VOIWRS!ji?OdHq%WE8yUy~>82kM
z|HcELfx^KU)NDn)!EnX6=4w70?Z7p7RvkRg@$z55VJYHu{~hN{WLYZ31d4cpNMV5@
zULaB=_$K3)MP|SYqlGVwp)av@3Zu&$#i+7QVYEh7e2Fb0w7y!a16|n%Obaq>Y{6m1
zpGj9H8C8<soS|uHXXaSvBY)`QV2ecK{o1R6OhDwd*We{sqa31Z6mzcuOeBv$p33Cy
zDW>uU%V%OXGa9hFXIgZq{;Ob(uMYHIj&%&mUn_INKIMx*tw>OMoFl$}q^wj*$_l;0
z{8EmcE@mV2VqDRF@8ZM^b&4r}9CJ(YLcIxDteD_+&}h_CfdYUv3rf?2Xy2dVdgQ=9
ziVYU(`Q}-NO=vxrXbU;z1hvUnKrmM|WS`dv@#mu(I3G(Kcovs)_>yrTW;wO(NN@Ml
zu48cxP~7SrhbA<xqfoR9`R8>AOVa0NLyJkA{7A~_8c8^F$6Epchvf`8{Q}_nLNXh2
zdIWF_7pEGdZ`_B4;4x@_9HeTid={ipx#Q^I*kGWfl(?0L@iBI>d1dfhpra?j%C-nS
z&d1)-I?@AmUbh>PXJ~l)vabSpW$&OhE_<`y$~0hD*olWKXjiO7_*;p;7vXO`{>u2{
zgue83_<;qX9OtYqCB5+Na8zxkx5_YZ^BR}co}2ftN8O_oJRBOm)#pYna`f$-uq1O5
zp%6QXAZ8KGdk<MqIgxFmmacEbV~i`t4vwb8N0ntgVs-q*YDRUN!nu<66`Zt$6c9?w
zYu~>WEpQI{UUmKu2^gpRSI)U^<>uwVvQy!>OLB6hixiZB`FAM(dQHgp;uvyZ?&5b@
z9RSJvT`UG4Za`DXRHbuTaklvogPBDbXft8;p#RsS{~f;xXFP_pj_)8`_8JuC6c&lg
zdph~(#qCj4ki!+8|2)(dPQf4>9*-w)s4yU(;CIv9KOiwW60o69Ya9o1qFiY}cU*<#
z#*u!r-JUd2ap?e_k3)8vtk5QTr(xJ^5v`QtKZ9{vx-7t{!)*svb9$uY4$pSlfzGi=
z-|h|dD-d@f=i2q^h4z$wblO8i((P$;GeB;%#cofxr+OrPF>78{FtZfZ*=VPv_(#Ou
zdT1v)F(rTOOL+ZfCnv6Bvkab)_xjJ_?OS_zn;~xf^W5>DA*rNYh7dA&yVE6?Tn*+5
zBi9e+3yZEVx0t;0<h2PLZJ20tQc?muuSzc1*m*F>XB_#w0cR-tw@snUjH1G;sCwO0
zq3!JJ2pv2LSJAZzD(haX7me{ES?O!8sxWNfSG3rlaJ$wdCmi=}yuOMr@Lj;yJ-bw<
z#|2goXt}Oc0*!1Sja2Tz=n#Llr7Wgvp6hOFD)t*VIGtN+hhGtK`T|D?y!E23$;k(`
zUal1`|3qu8)o7m6vXl(c>=a#sI&>tk$;GAGaI@Evl1mhGHxw_1FGjsd03EN;_QU{(
ziGM8O-cWpDI}Cbx)r2&#v~5SyL`>#(O0)KFXiw(#aor8Ux31`0ckoT;)#Vq!p`M4`
zwUOaen)a$*dU6tfVy~L+aEsX#=<o)T6)Dn07=J7U|B^D&d!A|12OYM7EZQJbi~SB(
zdkh;zjgvr!2a>77)g!lXV%j<KaM8}anUl(fK*&%%+HA0untTX!NTiD}j_B!_fy7Zg
z9b<=jIx@Vto({CW%AR7BD1T0>gampz-TyofbX33p`4iBT@~U7<Q`7x#_dhx29E<bX
z`JC5`5s6W;izVC+V5Q2)47?f3cI0n$XjnK4`~NZb9$<DBRowW^ty{7oo89bgdMJU*
z-rYd5lu$wm9TDk-E-E0XY<M>jVZGN-q)G46iGT<QQUpOMBE>Eu3ZeulDn)4mR^a>n
z&Y3yyyzjl64St{h=fBUhciwa6%$b=p{mhw}%)H0&<7cD6iWzqCMd+KySEkyA<hkI~
zYtVUwR-hmbd5+bmq57so?;!sQq({Cix-HrFWHf#<%mlSH%ShY}TbF?!<8j!A>gX&w
zUkR<rYIN6tj(NSec_CFP8E)pdDL>;a0Ccl{VT4QAc=m;r%~!ploe6nczMD{QsJfu*
z^~geifsy=skH`*_G53t<>Yh>U02~M6b`m3@7u|R}31wQcb0U7$sQk>LLYU$v3S&C>
zGR)G$g+JDX^b8jMF1}zd5n6Lb9nhF^fOENceeg|}PrB(wyAK7DS{yGVZUu{Dt+%|R
zByNj2DOp$X+AGt!&OHKrs^=q#*ckVV;0p-0Mn|DCxHUpo^&;SOjrKM0jP*fU^Czv)
zDhN&fQ={vQW`eKo-N$K)_wFT4vUh(WQ+#1Mi8{`R#(Lm9T=666#j%<0@_v+5JkMrc
zp(_x7)S;N}z$6_b^mK7(#_PEwG?{U#Mq;}3)^V<sxe@ufmi?f_(LGQL)-M_|Rhh^v
zs3^)cq(Nn3L<t(k7}7u+MN~lJDx70Ct}Eoy%T05Om-onEZi2q<5b5inKh=YT)yu#V
zcdlGcN4h{fm8X56s%%)5WLH2mH%^ywDX3X2l^JeNZJ^7OiM43e6S%seR#~ml<yP;U
zhg`*ip<gaAX{{{QMW5(C$2RFpefgfY%IZx^c!OA9eo|YdyJ^Xx^4;Brn*3|ym>p&w
zy4JxxM3Ni4pGO2tpI85h)%Ia#*LMqUF<H{}<B7{VOL`S7W)-*!HgD!3&OYSg%+j7Q
zohbSYssl5~YQZR=Gs<Va3;dxX+e1;?x(C+JN?c-Ab;gEBux+$33Hpk+oH^8u7MyJv
zcphCrnW1}<p?N-*gIrG&^2E^1VwWXXFf8+CJp<3<QN$oh%Bv%fW3`oOJff;zxZjo*
zU5n|t3=^D%oM*T5(ca(jB5|HM{FtlTi7L(9CiSbt1o~B5pldvGDk-rY58kP{%q>U*
zyMMarZt*j0uq)^S{eV(FoP;ut53ykIr<K@M%h_wVPHg3jJvlR~UV)t19*1a@t^~&M
z!RbgpzRCvsRqzUWAPJkVG5{+FLAo9mYNV0tgavTfhs3)iq!tYn$!)M=n1qEN5ed<n
zFd_=0PR`$Qa;BS>^WstDENLxe{_WCg!~fMt15cb@D{irR9o<6pYjpC}WrEFDuYns>
zqg-FNRg><nT+ojt>Q=YdngqUuu;%roeQ^Y@$JlmF!XdePu$ET=jY|ZbTo<$$a-Nd*
z_R6ELBO6-Bo`f9Y@e!L*^y+Gv$8&>?M?t?v$9}ZjoXr&;Z$v&A|CJ%zMWH+^gPb4!
z5wkY2nGq>g_DkX@;L3Ky#k(z(a%CV%$8xF6Na9#V=rBKLonbJpZm}7bFRZC7I=YOA
zE*a5fV7g2wT}DdR%chViVQe`J{a<n~<X*&<)|rz>xEDfLln&)8s-vc%ZwfW%?;y0o
zcv!IfG!}1;gvnEqRewqn!YLA_P-EFaNC=0qFh|PbaPcRcV!_NS$(2GvI6<-^Ek4`f
z|3ZgPz7L`H@UON_2QnoO)7*s=%BJ;D4MJS{4J0+X7dQoPAo!etHxexT%=_L%aBTy>
zN${fv-c0Z)18*UCfq~y5c(;MK5`4zM+X#;NxsT{}g6kM~2f*IPvrBGsJrrH^Q1ynT
zOW93j<*KQn<N1vP^J03L8+-!or7Z83LmnK5_k$a8ZYBgg(%wC=YP2gN#Q|k`4*8(g
z31gzyFNeGiV~xT@x}{eM@QU&W2!7D?PZ;gT8xYrzWw*N=&`tNTUuJ?=FqR=g>ia(l
zx85#xUL(8MzG74N>~>vUQpH)l4}#PUR{`$_=+ylWcy)im;MLo^ZoRAO!7-W6mrrIo
zuW-X>UmNz?%clS(%=3iv3X?k~!jv`jOrJ)Z&ka%^eg+qEoaJ=jVfNBs6Hv0Y(+Q5!
z%zd$_%Y5`5Of~xuWyp0K?MXN$27`u@h0|b6YZ)@==9NWAgNZP?1~j%d<2;xu=fjci
zFdnz<u!GJ(G5LG~bBVrjO^fNu##UQpYSR*`&Vap^u2?;`Rf<ECkkw;t5Ng)J$4x75
zX*{jumZ_UpPRQ(en7$`KQ}OcY5PJDc76!nf7JTH(XAwNYhTjK}H!Qv7==b+2Mew37
zV-L9eOU{8-{w}w%h^8vcy#_)KU`P}&WW2-Ga=Hog`m>ollq7>{TGXcN2+oIx8C>m+
zc#ob<gNb(bMx147EeWV;ZxkF2B5#=;F`V0$tDEb5+oh0hx*cB3M6RG6+BE6{5-#_`
z9-?hg^<hMs>lvWJL-t!90gMUHqjWIk;7ur1*ni7BAuszl;o6*PvdQbZ`y3~&vr-3-
z_-4FBi}jdDZ!*_d?wqEaz+xIWh67t%sD@i&q$7#S^?01jQzdOEA?AZ6#jtcqOV_8p
zAZGyB2K^#Q!`O6`0Ta_vBHVN|p30J~6c+g=CaY3UIs4&XSWo|}^Omr+cQf<uIhdI{
z=}4vhF}wm>LsAA4b%L0w3Xxhh(%O*A5xN*_$YbaVSFa^7q$K1>H|Ou1$tC4PDw7jQ
z6LKOVA&J;(=qK=!jnc0(KJcA_yC|sY{tVlXEXsqPDmPd}cjLONZQO#H+VHWtCOs%a
zpv}4?Un)&fb5SbI`XT*rqN}>SaaZN%!IDhZXHCoOdZhMQ5Q})!qR((({|2(K^k>LW
zbe4fXXZ~VE%P#;z_Ky*JtZQa92C0fqPHnivTVy@b+02#i*QB{9bFCs8Il8pFU8&Pe
zbZOsoMbA)dAeve)OT26Vywq@dcxyKHN7%EMzwDBG9B;bm&ggcsZ#31pjULg+n~O46
zplv{C->he7HmaX1^usE-t2`dvYxS2%XQj(qD~olO;2#IxO&0F=lZDVA+0PZWakc@F
z1zAxh42t#U2;(-X!Z8`+Hc`QttQ<lbjN4=y(716MMfE)=PP%~^{k;^JyVuU&k*Sp`
z-#05ixGB7+4ouAt&c}z?<B2U@^s6!0QJsUSA8z`-oi$Z<b+M%TJ>p00d<G5-jyiMY
zdl<ndvQu+?xg3l{8E|ML;L6{nhxBK#Ee+O%+Fh??e+C7rKiC+WnM(<9k~f_NC`X)_
zFlcgNc((~6mIPusx8pB-+JoiXfE;XO02Y&E1qySzDKVh4;k<$G)O}XQYKG}Ab&07f
z)JX&fKZ58uj}|0%5oZ^hE)hm;&1&g5zSPtl%XV3%8L+IimdVB<!p{9^N#ZJrUc7FO
z$9TeefVx6dSP%So)QvjAoP>UQKc?p8ROIDz$V*g%WU}Q4kof3ye3n;5VSAfzi4X5l
zSpLrJA6Ja70-4(k-zr=FK0@LJiv7eIyaY4w*SHtoJr>r|u^D&?k`TP^pdzEs7iS#c
z49G<Uw)s(h7z~}!)xEAR(@l2`kCH69UQ#~?JEgj+lj_O-h3f?Vxv>)lKYbU3xBaev
zv4?W9t$}yxql-bIWN#u5$Ktg~?03-PCBza*2=PGmUk=ft`acUt>ozyK_~+u2sYuVt
zsna;E6FV#A>WAkTEwP}6GE&x5ftOh)TmB(LAyaSmwB;Weq)P~vcS@&tpOY)yv|N8G
zavk}`4CImbR&ow~q>Z~-xo)@m2PDuNTus+*R%Qq|6-%#@9A_PThZV&2rB9FCm-b|O
z7wEc+rt3dvvh2DFu`-hA{5+a^!a-@9j7b+-7b1H$kCp`JYKwS3k2dPLPrD@-wpoeP
zJ32Yrr3p;=amJ50C`+@^TXMe>BwYyd0fI2zq&xI$hHwu_07u>S&=ZQQU%CtXsQg&M
zSVlWrcW$2-W*-WFyQ2CzBr=wWT9_ws<);x{RdA>^;v#c&#kd?*NfXI=+Lp+hp1WkA
z7Pa}1Tc@UncTROV^Nbm*;H}z{L0iyDW9V1Roye$=nd|t~oe0gY_(W*D3tIj?*<nNz
zsbb1WHyF{LrFW+-_wqx(<Wk@T<PPogc?!p`1l__T^pgJk|8^ZH%Lv9~Q)*d6FdjBj
zNdva=3CkI=aywE;AE5{qZKRZ05<T233Fh(NXLUlx>7piWLC~89|B<<0!7`2G6*Z`f
ztc@o2KDp_Rok1BQUu1d>`XeE+9Mb^lO>{Y@eK)$SvLpeykq~f&&$;UMjqAqXM2rkT
zy&R56rx5b?pvxQGbQkpMD0z#Q1b<>;QI@)nK1$j@ak`HF0eD;cC)%x}-vEE#{*4;#
zKW<G!XK^kl+|dIJy@defzcN+GreKi+a%bt#P3PdvmCnJRnFH(Bq{prbPTG;?E0TN>
ztNCJmuzV5i^7UenFQaC@kZR#+Yxj4VJ~XX|Tps8KP3!OU=9$ZUW@qTDhpZ0a1?61z
zCB*3WJ|i;VzInX&*{xO*FN3NwZemNeOHaKL#x)Z#T;m;}dacDPit7oN<*zDklEcyb
zuKE|?a>dDtlD*JY%=eVhWD@+9fl6*&E11`m&6JSM>x!G|aO_{IZ;-W!6_0uE)4k8w
z%7Hn2HMzK$KW806D=KH*LeoKRRm{YHrI&^w+-Io130{>c2EIjbES`IjOEvxms0sX=
zy4Jk{1wKr9h&_g!!@~PDC?w+OQZ95U3%bldU1pOmGe?&hqRULsWdi6jX1a`%E=x@2
zm5uLk>hX6tt=NbGMgKM!`NGyBd`B>$<ll9X(ua`?{5bBz1l&IhH=4o~fltDfunP7#
zwG4}rWJ=7yB#x(sJkTro$Yyx={$ke4C6AzpTC#mPy!gZMb`#b}^pbRk#xlSPdP$Dw
zh0HFf<7qvVy(=<p6vGZk<sV3--@&Ku4*My&B5V&^f~x*c(4aE7#y}`RBSXo*(pahd
z|4w72e*XtpcR$NITlmNqBl7;K9y)-~I1fF_gh4eHBup5+7cg4G6SLa)Cy7N{^nO4*
zGbHXyT_N)U2wBUS(R3{*j%Ca2(q#teGD~!sBI$c}Kp8KQzK`*8z4b8Ch4mIe?Fxxt
zS2&GFGl_Oxq3ERwD1GhcxwLwQs$rq&FV;SXyJa1tq5IcIB|*HBX1FX)7~9GF24%{~
zYdMpz9OjmYxI1!7M9{5K#Mzl&AH$ZLO-|++ABXz__gX|ph1U(g%=ZWzylx1~;K^d;
zDYliZrI}ZhGMTwerI}-zaLBI>8m4xROTru14~xO*(4&Up+;mUG#Xqq>momo?MHfwj
z>1ETPJJiFBWhL#zF%ODcL36n;JIuJ15meR$gxlaRkO;_A5M(ttkqD%NYX$D_eO}5j
z4&4!k{t1X%mM6mZ2&%g^`o`UfTkVH-kWGYM>Rb3XFraToqTI+F<yfA=oW**yF+gLf
zmZh&uUbt6Ko<Smn=RAq~()>%T-3De^M|Tbf3Sr~dX0ihy9Gw<pU^_Pi%8er03E8k%
zju~`nI&hJQ@^gb&njaKWj=}|4!PR;g#(&6yMLE+=sOMH?E+HC5Mpu$7eICoCPQO61
zgf^B4)qQH%geRFLRJDg@yR?53i<fE+{(7qtwYJqfK=~;6kD~u5@q-gBR?4bC4AGQ8
z3q*9Y57xpD<b%4kt66~f%MLT1zIC(1jHa)g9cC<jGqb~Fi=KIyeEP;`hsg$qG=|9q
zYpa{tdZltrwQH%!O6KL{C5N5J4A)uM+FQ5^3EAq@U2dx)ce$;K>=i#G)2cJwMN{26
zEoy~#Hdb3##{(8AjpfHB*<m8QQYR-W>HN@@XdFXd#nEmRKg~Q7WDZSXt>XEO^B-;g
zqr-o6`j2-1F@YbDYcYe96;e;K!{kJ{k`d)fK9nojP_E=cxiaCDD^moyuK7zZSAQLO
zc9@wKp^;YPN@j9R2)T;@8J*iEFde-{rcn)@XZa8O8EIful^tf561A2HU!|GNgeMVU
zl`hMjayD(|9g&<i|HQR7y1}%0D|&bGS!G!CE+Bx<eEiv&SFBsnqjV-BKJ-mpbPCmO
zIKEH18*)F|=H1%Mtay5sG)V04(mgNN!HCHgV=J~+_QS5T%)x2;?Chq|;lMar%ubn@
z%79u>^S%z?#o&~wbN6*LHm{Zg7Mjw5%h=m6KDy*cH_l%v!#jKG`X2^Jlm`*Mu*fB)
z{3I$+aB2)84OX3uG@x;c@}0A;{q?{*=%gkAl;$^?AJ!#JAp~oR{#<9J=(?$?o>V;9
z)&z4>c6d5``dgh&jDVtYs`<kEDY)s3Jzb%^D=P^vSTA&zcjGt4%R=TB$mR<udr_+4
zh%B_5t%bhL3q$YodWd3eBd}CnrLLyImtm<W`kbL-z(MiLC$vSkqv18n-48k`fd$wm
z#o8u8SR7Vv7`U?|AH9Ik?fD>hQFLl(;JJLUH1uUeRo<N`mKrW!nK8UxAk&pubJNU(
zZLqnP$?TR{>zGU@zd6rd&y~6FJ#**-d>b$Hjkji8a7C_VRsI;Gp?s$y?b<$ynZJYA
zF*2uMk+I)liLu{daiHH>{c+##Ot$`<g)RLK!$`lwK+^9pl<i8gAQSbF2wx9bpnbb&
zk*c1NOARXgdrF9&-c71!Bwkhf0X5d+zB?}kdyCm&<}Ng}Q%q<)Djl1yX)x6G$N-{4
z?F@tsYVk~fBC%Ed$7=kr>b$x~%ZH)Y@M!y(<uPmfk6!<=CO<g#X61H?V_6ot>RQ0&
z`ljb<>*HhaD=0Y_+pmHLYw?8{N_Vxa!DP(dA2noH%8&`}o0lDCdO5~0xg2AdK8`U=
z5XTs%ryoKl7nU^>fwI2H%Gy^g4Ju{LusQ&@#3K*|CccbWY67E{n!va*0=ef4pt@$H
zecdHrYKqX>Q0X*u?NQwGrC7sh0)54y4Ev^<C(Y1_3Oc9kFvT0vAkRc4XeeVmMCsFm
zyS0c3DoRN!icB{aM63J?4MFaYu7E6FOdrN(g~99>ZZM;pm^>a%0+#Q#Y}WXT_fl3R
zPn_|=CJDqp#~{A#xs^ev4}FLd16)6yLUlG1pmXk#?(+HwLN~fsg&Hg6=I7wDWERE=
zQ)7t(gAHTmktw=^|3GL1{uKiM34!-Q;QbKzAOvvuSZ39Xoa35AiKyt--CfK0rKXWu
zY8uI$l2>ioeg@g@g!A5dNUv{QJgwA;RnCmnu?ER^m+wY&EzjHlqBWz7AfB9<GU|R8
zmV4Z&;^Dr&P9JXnfo8l?C8r6qx!O@o)k~o3Z_Cw|c%ZMOm%#MqYKMh5E--=H)8qQr
z%GLHWU~;Z@hyh?X=mD}ji9z#n;R|1$K&LNjw2sWURWscj1F$yx9!0lIyDBcHe-Ts`
zwdY+2EKy_Dg~LT0*3Hy8hFD0PASEwUV9R?oIbR)<nS^)?veq63P9D5&$(Gsu^yi9)
zYPwjb*99H>ten_Ux_7h73{xDGkd#>8DjHP#FTC2)h4cB@%xVaG7voS$-t8l*{g&lz
zt<iJHk$ZZLLh$QU%#zy>4riR*-4av^N?QotNkf;W7xH2)_qa62q&n+(hH3N!xiDM7
z!kzUjpLq}I{v!KZy(?i?N?MQe>Gs`jK)CI@dAEbs8A>1|UL?URL-+DZqIrSNP(S>n
zRH5{4fz#4zaN3uQb)g1&oVr%McqyZle`QQp8?IuYDHu+?a+<0HyhRCTnTMI^rsnp%
zPImaZBd#7MF5Fh!cmeFRmv<KRoC?lv;G9Y!eNJWd%)>9KZI0M4oT%kNIUR?*UnzA+
z?sSOdl*5~td9f?f4M;`|rCu(EG%;dz)KXc)36KX<FpiK<2?{ECN03{9dOffnt9hc)
zMkvz3`jf>i6YCD@Ug#98$&LcP+OQmhlt5K4f^im5WoH2;hh&@>^QsFJ3sg&wv&Vd_
z!8H-SO=mNe%z6iTn^@R>oV?Pq`yC1_mez-t-R}`zuG0PgiR_+9q~}A*Zf>@G8YCwr
z#L<b>Nw=MM)Dm(xI<ssjd#(+rtE!>wW0gU&oWIbZoZ}kT<|hqJI@iVHf;u&u$g|#T
z=(D=ye230iVq~*)b&9q5D_S9KYu%(r>+w=Ej!QH<vn$s6+?_e`Qf+&*>4uST=1Z*4
z(nMrVor^zbXS;fxk6HA!RMu(Gwj`e#Qd^l0d-<-h%cnVegCF^378rVW_u|DdO;;te
z$)Q@WU2&ApWz}9S+f_bCKf3ip^qRCWS<15D3N2X-{VOa6k$G;Q39m(pF@&o(KWWhB
zikbqKz6qI)KBDQP-m(kvA4j?AGK5VVFZy*2E<~l&v1Lr=In1&77qvg(r-5@&&7#!}
zoJ;WE)BL+L0|YlT-}MNtI>Y;NS|6=%;06S*w6Gfz{D_5}NAMs6xonMw4BVLD$p&&^
z8eMAOrUY*>a6Z8w7`Pe1Ck@=3;Hw61LGS|uw<Or{YoGlE1lKZfD}tLCxHZ9Br~CYF
zL-1qfyDh;_8n_+7qYd1i;H3ucK=Atp?nv;@27ZKK>u-Fjb|ScrfgdHfyMa3sJj}q4
z5gayf7l6E}Kt`+G0XWse9>k;UIi}5mdmHAMg~3-blD90M&>Ecu2Blzy&y{`oLhZ_J
z-qPHhnZS7q_kwq1MZzDh;0I^D4ydmynl>l1C>PxeZsiRzX>wa2!;IajJY0Z$A<$EB
z=;l+hB$N8v{k}YKNLcBIWJvye<9zwmZtZB$cb(I_rha5ELx$Nlw!n@F|DxZSm^i16
zUNvwpg6|o)H^Eh&^yRUT;Hn1hLvW6P`x4yJKu(aOT@Boy;K2qSK=3F74<vY;fd>&h
z&%lopyw<>j3EpMkCkXz?z)uqVoq?Ys_*VltQ;$9{@KA#7Px%aT)*r2J;HL@hW8mQg
zs|FrH@M;4;L-1h(KTGgA13yRbZw4L-uy#6rmJagk41O)**M*(<I*MNx@hjrj<@_4r
z7d@6P#!poEtxq#oFVQ9jejZ@=8MmT#E@dqknuRL0^b7WNjC~zzU&HvSkwjKF(I9vY
zE=MrMNtGB%;-n%Roy1998BXG)h8&l~Nkw?+c08~b$04=h<RqQcpEHs;=0Ey+5-0h;
zF^QuPqFa+Vsh)QyaZ>FbP2!~PJ(<Kw1$;G$lUn#*630S{I-X9*k3|@5lEg`sJs^pb
zn)#(9PO9gZlQ^kKUrpkqvVA*=lj`}iBu?t+-;+40)zf~LNV8P@N)jh+W1A#S8rK0y
zoV358B#xCly1;O(gz35_xKv#eT&i9PZXfcC>y_YA^-6H5dL_72JrG=~4hb$*huB=w
zX%<{6&4Np%S#bL#(=51Dngy3iv*7k+*tqVp!A9SPI8`Mf?MQHU6UPK;+Y;Qp#IeB!
zxbG9kL<YD=iDM!I+@@!aSyW>p1KiI@$3zCWUlGR!8{qy*91|Yk{!JYFuK+jk_rS3L
z0^FT{%hb_LAsq`Ppj(|dHsSy`KpY!!fZL8ZHsS!c4{>b70d9~uHsSzx5pit90q$<%
z*oXt%?}!scP+T6*5ywUx(7i((8*zYZe+D=<;sCccacsl^Zg=9?hy&a)#IX?vxRZ%v
zBMxv^6DMk|IDK~$$3`5`{en0);sEz1acsnbi`AvH#p!)S%qpJ1M4Q{~bc5}`t4I;G
zFNXs2qnHxurGU_NadlArA~?FwTKxGX`Q$BzI#0`G4#0f<c+TlpE*Ml}OToiyZN?yU
zoz{l0j$wOZ-cuP|9@sR<cZFhg4vgEVYvI#}n<M3Z^2X%4_vmBYjV@N)bM%6yO`M)>
z*a{y*kVpT<?fLkO1Mkg<PPhd#!*w8pzH!mPhyyp%@i1`*F593eFeQ~mP-QiRg&w+4
zZcUYs$8B{&tu)zTO022t{oLss_7$mT3I_QY(&kg4_|c`_#&5qL=zwsU7<53zSO>Hv
z_Nr*cw?6)%J<V*7|4w}KPpm|aMroFp$!wTw)SG}m;X{;5p<0!4=|N6gD*J@1Ri^?P
z+tl9`9RhijqO0+nm^)Mar7+7~L4H+C358exl?~RlVk4794iC9R*Nkz#u919ko_r4S
zrTWs9s-{rlYrc4rS?BGjInP<m!8x5xaoI4lUX)ERp9z*U4p33o<WVfjFkkLu4mr>L
zF0QFBUxHND*s<rz-(Z4aCL5#j<r|4Zo`fW?B-mS3u%O=DYb^{(SqeGU2Jv0>xpFUR
zWi;nmUq9RMnmyI#vR%>(iyl$KuRC{w|J-QZlG<SOB28-}u&P$L@}7m#+ytC*TAHic
zN=WUKdr;X<{1EjA@6}V#g`s<q%a(aFq+vgR?^!eE%YBcnrHKQr(IJRY+w3eHTH^(Q
zW3de{nP|&4<;yo91e828DtbrcW;dX?0S(<pJR0X9S$5zy2^JX|owP*PF5O<Twz;sN
zD*L;DJ}n)kSzYZKeMeKfPe2E*;UU{>yGuxdd$WgF4Z4Hs4c_-7QT><VDy#;{N`wnj
zRg_>G{|3!Iw-KAG^q?KOf8Nom(Ae&dwyutGl}~G~+Q&(ayq29wf3B;et-TF)n;mT(
ztF*VYui~Otn!(RPxb3aPO0N}S#}dnYIDSey4xGld<M<SXAWPi2r)Jw*bSP+Vt;#si
zKDNq$RR57obfeHWb(U|24BT3l=NP|?x+7Vjwd0PtzRsKm&<g}a(bcz(Ce7U`a3u0H
zwkf*SYIjqUZVHVxwG(f|)G(5~f$O>7*CKoCC$X*$b8Ol8kCdg|gw+y%wszvWrFrMW
zThr34+um#qRMj(o4#l+K?#R9Y6_a9B>N8E9SQ@(8w246^w$bVLcH4D7jm?8sHVu9k
zl5&<;@`8MOeyrT~6bOEc{Wvao4QCjUKefx8YJS;XbD2w!tCJxEZa3%3x3VyD{m?|_
zvIE&}=p(I6@k(M0P*;iaIWR06xqnJ&T*-(IzDbpnqTHmUf>O(g=mJDrbNMzl2@s2s
zO>yoO-L7u%KABUH&Xr7DQI^Ztj9~h^q`Wj~`mOb-xod2(t-B*%X~rH5?h~EZk#FiK
z%)1aG>9W3}5EQnnL?{c{OOVoT>gs5&>``iOKBs?sjiNoQA1&>r_7;t9ZOyOume8&3
zP3^6c>An{5=)SC*mxJPCVFzxSEzbRVyGVn#a>?af&0Bl|B@Cf(Z;xk>o|pZb+aWdF
z>q@5;w_(mfr`$iOSpGKAC2<T5*{V#lnJp0hRMvm(;&D{6rKK25V`df0caURAr#@Y!
zc)}BgkiEj$;5C)JwC$Bo<%EXkfLfOKv_?0gah3*Q%dYpUl!ktUPUcv)d%thk*_r9t
zhOGzr+6}x;124VrGpoD4^RqfkF(a>n5szNZ%r?o;)mEA@bD+>XW9IB8JmV+6&8;$B
z(!g_{^j8<lxcE!(e;IPi7j#%-Nx*!=UP7p};VlGSqoZdza~O$)XKwJXh`2Rpj~@s;
zb{rI0*7+P=>RH%YISQs{&mxO6`euLBf37xrf&bip_J;nmGP}=z&Y!)i|J-zTm;c;s
zcB}u~WME=WZnc%^<=}0IU`^&y+Dg;FS0GO0ub4sQ%zTCNTNM;7ovrA+PJ~xopVYU0
z2?M5NEn7mbz_t?9-MXHwd?#u{Wu884vGO5MV7OJaWzBSFwfSdIm2<cob?^`H7OrE9
zgHYtRbj{hO3Hp6*It|W*$lY06wA9s`X7p)_n~E65Qxw?8S;(ona+&+9CJBuzW_3PA
zeOUP}<e_)RTwdl5aW(Coo-3b@BBv?ijJ`7G4Y>VA5>-7B;cSQgI06%^$J5DIPk;lJ
z^ss=#^po29{+KT8qO*Tp4P|jU+eMmWAlr%VmEmxJq6_Pm>@efOX)-!evj(51*yi0M
zWk=pct?kV-RvTEgslTO!NLuGzB;E|<sy>!LCji$}`gq?#%`mR$Q<ec^>^Mv9oIe12
zGKQS7zY4W74U?t;7~?QsGb*z&sE6JPSu~Xy%`^5N$fF^4VG6_`v$3`bQX(^5ytV)z
z5z7|qqr|gC6`tl(ikCf)^z+%wrjQr^0-f|p2p*`nPbL^Ep-&+gE1^#%7%RU|BN!{c
zze4ai&LzcAh}zodZw69j8_j>f?}?mAu<!>@d=|kO2A(a%2A)H3R|C%lSmRIhIpB2j
zL83g*Jcg1U=hK5f(Qwk^0`o|*x{x0HS$Yw_NVoK2{D>{no)jYfWFh|)W-46B(}i8d
zFhM*8-`o$2%7<9fQ^$!OCT<007V*KvuWEd`%rP3Bx1Dl}?G;^Z;|>x?YWk-}$064a
zm3~~r4k$3e)k_ei9YmGWI+rpLwC)=V|FUE#J{BS5`Kr*sl135?muU8v+%uxA&X6`r
zDoOeoFF;0UmblrIDBh?sw$j-&h$r@1+KSQ%H;eq1HR*ovi_1Hk8eA7D`VQT5ospTj
zxh}nbtjRzTNODBO(CcS?nl!PbV$|M%isRyzUdFVa`K>Ecy6N)!*(l`)KJ1(R3HMCq
zTa07e36B+CN96P`s(HYxwjz)64-j4TG9-2$tVx_+CV6|sHduO#8iHH7v+z$7+3oRP
z*^?Jq@VaR^JypFNTq^t9EhSeF{3uR5mRnf#R}$Qez9%xo&G@NaMI7$Zb|hC59R0P$
zjrT%Ngv;jCEGQ?b$C{t<@ghqyMeokkWXBb&WQu#8Bz~G>F|Ty#PnW^yGJSLzoG!yj
zzt)ub6Eb@(<{a^aA9skG!7dqk^GP!8Th%;yZ!b}D@j=2qlCh?Yz==xGFhv1PH@bGB
z5;RP0-)eD$FtjA9d+21yH$ln#gxn@;76Tfye_(yR4teHZbUWI%_PEQyp~jzdFZVU`
zNcD2pn8(A(e(_p*Fj%^ay^bFAO?!Nu9^{wyxE?q+{v_Ji?_3+B8@DmN4C=Si##V4M
zkG3(s$;m%o)7&|QEUWW35UurOV&-{+VB9fLnu1kt1je6=z}dq|dZJ+i*8H28>T^9~
z<(97si-Lq>l@%hK#c?mlNR&yUPNhM0r6;Q`S<q$NbcF}<K->0@z-2w2WObLJq`P7;
zG5lmWvoUAjgpD~7&cH^@YIH5Lm_ou|^b@Nq-vnWeKk4GS**sE1<t^s%$7EgkmU*Nq
z(XH^1@shd+{>gaxj4OA#D0eyQ+Le`q!0{o^p%+;LvP%vpG5XLGe3vxz$5E;Vb#uI9
zhksf!xtV{?WispHai4WIpK``DtVd>bMXw?c5Nx;D8bYwqhR+c(NoXB%vOHC+PYpYr
zc1{mmeVaM^v12c@uSs*dqWNGkDQ&!nk&`y9RSB|Lc9^bYtMmOF-)A7anAwybm#44<
zL$So-pk{|?9nDZzQsdQfiV1TNy6Lv`>L>z(oH$<DeI&tn^<mx&djZi@??f7{(edt?
z>Rp0yjZQG%0S0H%e4~*dc@?V=7xY`m&_3wT?9)#KLV%tM1h0ybQrZehrLB-`#4-L^
zCo{TfnY}fN%<l8acRh|=dUiKrbK^XY**XjJ>OH_h!R)h3qTpO9L5zh$gv^RBT!FPu
z*a+prJ|P~@NMt<#DHA;a5y>8ae6pDZY!LX1E<!EU@#4E6t??(_2Yk;wQhmU^@MzSR
zKj&mgH!aJ5k0MK?iEWlEt+VRpORdq}Os*V=PR@^XdgPvB>%;xa@_JeIKBQ1*P<_pg
zq>}AyE%nVW$<Tr~l5`F#FR9!QYF_q^D@^g#jGMINOxwmV)OVM?3-R1%gCb)LC^7~J
z%9Ypv6kimipy3LPd=@ghBA=<bijpNtk>UKDg<<<9+Y~~X1*d*&S|H_o5cu;?`r7AR
zxzI(qjL_HSFkZr!8bz*LSeb|N#I4|Nya!$9*N1KuFQK`9@j*%<`T#{1yl$qY7dHVR
z+AKRvSCYh@5d9wE#r6H3pqVx{d;;1DvQAr{wS+4Qc7Sw|l|=;C%Pu(zZvRXjM*4fQ
zy16($D-Rq%C%a@J>2PqJ^h2$Z<&iI~I)Y~nwtC)IM|ZZL%ch{<e?SSuSFy;$wSq(9
z>1r?U0UE@kJ<%rjh~`Y@Y}Eg}SnF@}6BePoAu2nUEd^N5V|lb@ehChF;I7<4bQV&g
zxXNnzB}X{yH)8DALi7WJ3bltsbizaKwQ$csZ0C$j(FC)&39qSX$@*lqTEQvk3eoX@
zgzb?;9x|znE8-4JW}r|W4;eV~(_5dp21axGxI<tbn_t4)AU675GFKh>I9t294E)-X
zTtNn2Hz>cD96AczZ{mx09mNU7GB#eF{;J?_f`j(~@a{+8F)w%tg$W12fgnH*q2tnQ
zMcoZ4d)xClP#*+p&0}wV$;X(D%Tw7X`D_%T)f;lkFP@KZgY&_uwX$^}aqM(8^{-yQ
zzL!hM2*MuUUdpvM5ceI=tdH9r8i*TDKh~$SIZo%mhfHTndkfRqJZd_db5P0GRf{{G
zIiuJxozm&dFHCU{erGX&M_VCn7{Bwf=^?seOw4pHHfyrf<7MR|sJ;}Lp-}cgX8U$Z
zGC9mMp{JY*>1dtM`hFL8=>}(_-i*Ri`bs8DCybJ?V?0mmrRte{I!xI1OxVGBxwlO&
zSL+y?>o3W@mX)S#``GeCw49E%!qhO9uV^goW6wO?O++U}w+L=>dmF9;a1uyFB(Jn2
zA{rM)G)^O0B^lATT}0y=M6}8X5$(+!eKEh7ZpZlc@pAKf2X>C)T(xUt6AIJAT>aKX
z)*eLm&OinQJsDhhwY<yh6qnhl?Gu*Gn${?@2Qv++I`dCupI=N*>10_n7py7~G^#Uv
zmL<((l^0#bqvy&nk>yD$C2M&mHmM&aB}X?%$qt?gJy#|rGLofIa+qgA&y``q;W90g
zs%Jvam0|Mn229TLOz62XOg`U$$*rCVJy(W_Tvd~j$uB(<dJg^!Q=L&thZoVLW%7b&
zLQlD+W)vn{k;&vjwAp2uMKC5=Ot{>Rwr^e7UXEhwZc0HoNwF^}w#+Z4+tHEim<oTC
zird~X_%<366SKzpW7xDBHJ|;!V52`_2+J?#XGdot8_fa(p_Qv!HC4g%qhn%w=U^7X
z>RY4GJ~7$|)D9utvxfYF^?dMaGU9`jm<Z{28xZ60cd>7L`@|dq@>@sS!erNfv`^%y
zaH`8==U^TrzGtk<pmHf1m)-(S+p)h-XAkqPF=b4$@G$OP536lc7AIYHUoYDZ*#LiP
zcK6@wH|J;Lv3GI~=4ZNZS{VER1icY2St!gHKlmsBJ=j?ET{-V1z@X6+T`B3FR2Y0X
z?&BuQBl3;9*pgF+uc7Mj#hjM4<>HAT_Mteq7G=)m)Z<SyR*x@l>nId4f5C~(mNl0<
z>Ej_*9neNe-%ljfQwoC*F>AD-TQ+N|t5spA+{^nKI1^v@LT~!kp1Jg<OxrdPFV}VR
zA)<4+u3N&a^sS-tlOeDxE7=P&<aUyyUm^Cal$y+b<?K`^C)&DJoZ)x|ymETFROR9~
zq`BV09)9LL#vjXYd`9YmUQpcCI*-Rxb9hE{pBXdfEGW8(b}@&2@A3)AxVDC(gm>TK
z*JbUuDE!o~^2vaMa1EFUJhn2v7`=xaY5>_v#}@mmsTeeD<4BM+SlxhP^R1z3_u0kz
zFPE8v%$#raG}l_eHP+{hZJIH2Zd=og+PXY0CY#c-ubs;;9QcC^K3iTBTFPYt*E1WV
zHN!CUQG!^m&>egmHOYXjKw!YuA%Okx*k>F1Y@iHsgWD3?QK51Lwr|<;<{|Ya^xxP~
z<Kg&3;Oz-v;mEYWB5&}^VaUG_2t09fND%J=Lb5*o0_4L#UBBl0D&f^~b0-9lr~>D-
zM!7%vC10VhQizpu-E$`dkf+|&s3E-{BBjt3{D@AW`eQh<Z;fM1nG0AaMJt3ytza<W
zAGOj&dN=Oa6J3NXh=tF*2Ld8lO|kd!WJI*;jq_N=HRI8m?bI&8?Eq;ShMAHu2e>{W
ziPCH=jINBc;W;q*c$cA`LlUJNx}w*OL$vvyy#$?kCar}xZ{;r0TcW4<GrI;X-|5Es
zBfWlcZMOU95U>cI09Ty?6f2Z4)#%IxT_@ua?gk=tLeD~k*RzmCumQupA)<l}7-b*Q
zKz@udpmEw5&DTpVUv$&?T37OQd!u}@9q)j`<)72DxIN$T(cmME@3xRFj$a@xUh`Py
z7Kh&G{20)I21}^$C<L((89}-NpBZnJ5-<8xddQ(Wr%Tnmz3lQvH=VZ)ByVjmH7GOo
z$uA;b7h3&SohkQ&)c{9zaH1>zC1Ors*8$_|<G_~2&ZBi5R1nnIsqU&X>p)cn{t9H3
z#hyaeb1{Xme}WXdc?wxY#uU6wp!#c4tm`S{^5oSVByV)OYhC->cwy^Os=$AP5YnX=
zH$R9K{CO=ve^r#`NV0&Afk{Niz;tjwiLr5qlss4>B&N#@(<M1w($gh9U7?3Gc!%9L
z;ZnaCmm|4IIg*Vjj>#+06o~Lmfe|D;iSV9`wGXx^bY)?kpd{8)GF@S7L5m`4q}K9^
zt5I~*HEIi~QJ-v7qimzuDdUF+Pz+BZ9<Pj#U#mHH4!oX%SI`<riJ}lJWJ!=R6<B22
z==~W|nJ7t`kO2`YgIG7qJ3o#9zl&J!X=CuJ%Prk>ZntG_-L>y)=(X?ClEvt+ybXL?
zman#E^j(NUd%~#o<pymnwgH@->De|jR_A27%$68`E)LqCylIlMJCFwQTVy1Km#vPc
z>+#Yue^-weKEJQWuYwtR^%>x^wVQD1QT17T&btZ%a;F?NfLNg2mnOGMNtA!?nmJJ`
z>U$kc?)LHL5Eym}xMfb-;PV8hM0-OfBiu5l`qHu3HRxrJvK#?QszxGCnm!X$($SbW
z$;TgnQ+aH>CmXlak8CEj5AAM+qwp{XpsY~8C>k_%N`g&Ya*n3Xm}v#U*s|kFRmPAV
z*HmSWvg4Yo%nGX`nb9R1y5vfi{OFPoUGk+%essx?F8R?Fe(WbOUy^<zzRrqKNIyZ|
zvVX?Nu$a_X<U&QVw|dVw6ZM`5-}adR_7ZgKdkJDaC6kz7LxlHax`Qr+7s3-2bRn9j
zfQENsF`EI6Ylb(}UH~2sPGRDilgmG9e*^++2OcD^y~yvpe5?KThG-}JlSA=K8CJhY
zs9y{oRZ-7sZ{w?W{8V`Cff^NEPTV`honW|oiF=p06AkwaaepW7%Z7W8xPK6LlHsPk
z0^C1|JK1oH2XWf)U&NhaxcQ{}H*u#L?f~NcL)>YGs}lDfabGdq`Q-OLai<&Za?*W3
z+!=<ugLGK!<!fge?q1U2#pZnNERUlM$7DJnzpF4FWy=fMZQ%q}vAj3F{5wKejb`4@
z;Vn}NHLEtmr=#r)<>0=!tPqs@1_c+Nmg(JAiq8c)5)01W1%es;6pB+XL3zt75u#_1
zLRRn7ar?;_RBx&*{{|f18RC&oDoqZ#21=7M6|0h1v0b=5iv;2?`a5WK-}Fxu2Y;gG
zR}=P!e>RVfq{mC<F)iuwvU#kP^mv6H{7KvLylNgPGmO8ON6HN2uk?`Q&Pm4c8a?=v
z-v52wJW~6=Zy2jhlC0jO2Y=G6-l7M8(jI@K2Y=EY(vZX>6}hw~@kr%dnv{5?axU#k
zJa$MXR~naid@Si9ElfQ2OnOK&6Oa9p9@5st<KU!+G&u1%Ea@SwPCN#a9@6y0<LIP^
zv_J9qQqn^jp?I8}^k7Tu-K%yrZ$ikjRsN7)Ibu<lxp#U9T>i;i<aIX}p_`tIe1eTN
zyW~QWOwBH)JBSN1U_#DApt?pAnw7F?U4=>D`i9rKeHC*MwWG&!w|od9;@KhfyDsa`
zD#d=BL!FLrmmplOe?G1g1~*ZdwNyHtz2s-WrPZH%)Umq%#pV0!HD1AEYl*<C1%cag
z&4Zr>6Fpbb1cjTNXLGE6<IhM2teg&PmCVd_ydH6<%<N<J8)L4^^O#JH0>@wNHkL*n
zKegNWRp8eh{3`P6+==)q@#`!6YU0<4{A$Km^qcFv4Rs5_p09hbmEc*Z2ii-GWv~<Q
zv$Tz0C-Q3?etM&9ja4EyID}m4Eswkly3D(vd;jE?E6!S2baS!~SM8E8a;IAS{-gL;
zyUF%uw^GF>`8Sw|H=vL?7V{s5%VU#W_wAKdk3hfaY8~BltveiP>y3UuMq>N{F_ICd
zFcKT;aHDxSX>5K%!o<Xai1fUiW0bdz(Q+9NDlM0Geo47Zz*ivK4tj`eakR$Cb|Sud
zkIWAD!1cyDIe7y{qwKvi>E{<{a)GVbJn8b<Q7>Bob%GEQVU)bPC(nn@--LR&N{qYR
z=Fn`7?Y_&s0x$P|Ygv1rZharVflp7J&+*xQo~>B&wktcjz3vImW2DUDYH-}9{&_T1
zgGo%|yRql|si?PFN4z9--i$FiH~3l!Rr4s+O3kW<mNGvelgaeSe1cY&yg4-Hgvr|t
z2)NGp=x?Yv(X79q_Pohzn47k6`hNNHc+C4+vUSnb$Aoh#xM#b{{BW*JogvrMjZ$C7
zEs=N@MoXcu+pKrGy9&X)6j#E=KHcGr)gLJovGH=}&O-T1K0VZYTx#pL|3U_JiS{C3
zdRuYHGcHziHmKcQcysq2mV}&(L|$UA?l3P|y)o7mm5ede)9+5X4Ko}1zKiUIw{)v!
zYUpwl7qr9O<r9!M*;E!?KOqcM?C(DT9+xq%!ozj;bKN45TME(z`IX|NlBi|eN-;Ok
z+$823ZOdo6{`(QT(Gf?PaGF1_r};a3n-QO$B^aC8Y)9S8K+_WW-%y(@?I~C{Oa;QP
z8>a9(TsQbRqplGcR=-H7Ukn~y*N$5|R>xQEY|fcaMW&;Bh+BiWa}4)$;^q){uHl|1
zZZ2`>8SY);)+FwH!?jERZWeJD7;ZXo1H@fuxVglwN8Ck*+m^Wb#9eH-eTiG2xUU-S
zNa8ji?h?ZtPuyC>U23=siQA00%M5n|aT^kMx#8|3ZXR)07!FUBE~>3c+?9sIBU+1U
zs}Z-%aCi@9QLRGUwT2tl0bCz(HyCa;;-(XKi{UmPZU%987;Z=6%EaAmxC4pnC+<GO
zMa0b}?)!#2iMVx$d&qE?5VtOIj~Wgp*NbX1iTknP9wcsU;(lg0=*||^dWn17a9AQN
zs%=EvlZL}Qa#3w#;+{4f2Czl7O^AEOaHuMaYMT=GyvL>2Y-gZO>YD9zHc9vPtF75s
zp+{b`#f>JhW@Ft?uGxqQ)@;&uRA95szi2D=;&Qxe8k5SO^pZi!Q9M#h1}RMONG%ye
z+TxK~GDsB@kJOSu>X~??mJHH>#Ur(3kX9@nsU?FnNAXB48KmusM{3C+4M{xqhBSf`
zZ&EYG<DjI6R2^lN^pN@^9)n2_X*A+-bkajwj(B`2=^;%(JWft}NIMXZvyvXt7{ueE
zq=&Q!@whVSA>E#Md_CzQeV=&TlJt;{O+4;OdPwgk9``3bq&pLjN0T1Xr-{cek{;4w
ziN}*k59zhU<JqK#G*R*RbJ9cFsd&7e^pM6X9)C}INQ+$y?@KM6&j!)YFZQaszqtw8
z%;g*}m;4=rV@vW)GuT0wN<-(dDMufGYp|mhTsMUFm&<GoKKyfYo>BLoL@&HKl41K#
zyfUb|1rrt@7!-oMVllcB<dj~hg10P*7gZ!Z+^!SSLVE&i7rVP=^wf=7bN>f<t!@co
z+#LgJZhjTr)@b>5WOtc6ElZCx4<C4@_Y<10Y;F(-^;#A~OEpEp^GF7XVl?--i5WT%
z`BA;#huxbK*(?ALlMP=@k(o(#E1&}b2~}RP5DY;INT|;B(>BFJK+uNLN3ZSImwIs-
z|Gyv%?xxa}tEF_2evS6vk<WQ`Yo;h)-G)w~x-FxkjB}a2Sn&7@%YM@Ak@p^N0B7Zv
zxL02oC+^jkIFKF2%xsZ@uHYeOx^<V|lUOPPsYNeMGFK~*-G966(hY9Xx=FK3UB^zE
zos54uZ##rHDQr(5U)_ODp}HfSLisj?&G9`DQu2)m`eLcE;a~lFRP+>_hhM?A=3e9r
z`RZnrZr=;ui-vcARV7j{8hJyKG5E7+lig7?+4bOUyyZ>UmYBBeFn=Y1*<o^7aVjBO
zMot-%m@XrtOFmNG@jK!1xibb5nKP8goWX2m&9I@y9rci?V4YwaUw+@~O3JB!Os`r&
zw^X)FPvOhwLg+AIxByP=GH_D`%%sxbg}}(oT-~@P>H#YPH>1C+kw(VP<y$i!U8s5(
zuJbu>xk}O@Ygl#~nB4HiM?H3U2O>&qKvenh5v0d&C&D(vEoHblrLA};_y?_+<fv1E
zg{TQq<N_lNyhnol7}u13ouyPJVUi{vav^5u8>k0fgK<9lqkDWkmLsgyk4nV)y)(WG
zP`tPURUZQ=<(<v!jktHA9Nby22K#?namh}_?9U@Bo~#v*!+EYCxxrqQNYIcOP@W@a
z?@4L}aLR)eNR+sW<QuUC(ZNt2aUVw>QU@8{1S8=m+NxO@d6DoY@m@Tu`##db9*}NY
zv-AK9c}1h2_JMZB-^oZXxU1^}ot{j@5*ya^wMH{v^Ie5imrW?4U67gH2VJT81}8co
zS;(TTbwNdN1It-P91Q@IDF$?%ikyaVDEDeA%|GxahEU0nIEgn+FpQqPldhyoo*~C9
z-iBK3xJ1gN)hMNJ`>^A`*q`hQ9zMHbe^T8I7<)rIR}}&^CQ&aG)(5Vz=%x$nkx>c@
zjfyN;%NUbvlE=AIPsts9-H@>+v?=8iDX$~^<p+Abk`v`m87I<(X@*oHy6JTNY?O52
z<<C<PgA{3yp23rVWO~Hcr3X=saZ%AtNA>t9QAvOD;pb~I4DAl7Sb50~_a2ny5x!HY
z3V|MvuZmYZl~XUpq8JFWj}t1ZUy7F!pohyb-r*{LnFWBX=Umq5rnCOLQL@gt%Kped
z|9q025l9Y4_^Nvb*^AF$RQCef4Yg<_ZWNANaCL8HC0jc%2eSnEzRfdNj&5>@1?m*x
zl`R}meg}#yC58+bFDH_WNGFn{rF4WH`u~E=v6B5ALy4pq%qc%bf2hGEJu)Wthlc^l
zQTqEtAILr|I3v6y59#*jvi;~2`I#2<^P>nF^8Iht1aioJArhFZWBUNpTk|rNoK}U(
z9Rn7Bv}oeAMFSvGkNgIeixeU<`nt*`Y1Og*>UgX#AlHep{$*x4uFd;`0Y>co;Bbzg
z&zuB4tHwItk=8$neG+!?cz#z*(rU+nl}=%%X9Xy_{^hTTdFZ$JsWMVLUs4=;%0pgI
z(s7i3PP8NmRfoi^LIMXeAYNoZk5C3d`P1I02nldZq?<1P*AUT4jEOXq?oZ3azxzFT
zPTk;W-Rp)N`3^w(eExJAaUd|AxI@d&dndTI*y85Dt(CRat7pzk=cNWYEuOH_<i1*q
zm{b&%?LlB$0$3``p!9Ko>FOqFan+5fKuy4)@H)icr%Pl4OJ&#@m){^7Hao&-K}@I!
z)J<};ib{4`Q8C*g7tVI*DzcM%MC62-leo40>Gu*=p}0G4FU8?;X<~a7lKIg=kbSbh
zV60N`jM3&t5@R?&B0~FyZ24W}q(AgzLJ}RvUbRz!s@(^ZtRaq(OC=rBrgAAer^ZvC
zNtmPWTsQZTMR@gKu=X7<jPl&A08b-P)la}HXpW>ra}+G<JVDldf!P<;&le}@78=G@
zp*DFiNMaL^2%lw{LZ^D7Pf65z3Be~B@Bc;LC%pW^PsUf_h+(hEwMM$>)|i>S;?{^7
zM>blY05F!inGcatJ4ouf1&#@AIG)SD=y(>A=v5B|MU6jV05f<nCecd|Gu*WA<D`P%
zK5e-9hCAGF8yW5h!)<A}&lqkS!+q9pI~eYBhWn`Djx^k^h8r~8o`zdwxcv-wl;I9G
zTx7VXxAS=$GTdQCx7cu>Gu#rx4H@q9z(v=aIKM#faRZMf_#Xp@39k9Nm;DzB?qXn-
z;IRhQ2wrF4mk2&?;8KF`8^{4C>V3m=K7rsa2A)Xp^9G(o@G=8WCitL%rx1L}Kz0ey
zxHmoL(+I9-;8zIlYvAbwk2mlPf;Sj=7QrVBJe%PA2A)H({FaaCT!On9cpkwo8hAdz
z>kPb*;9~|}MDSk*UQBR}zj@AICAhPJmk|7dftM0oX5eK6e`?_61m89A3W77=_MERI
zxRZfb5&VLIR};L(z-0s<Gw^E!|6|}a1k3Mu&etZvuM=EozSk2x#lRZ?)`WfBR&OMZ
zKT+H+Z!%omF28BGxLw|CxVR18Vz{^se#>xiJGzxP$vF+|v@f~MaB=@~yW!$A-$9(@
z<FD4<z71UT9n0!n1pi{-cL>gW*Guhgf_oTv55dz6{4T)<47``%+Xmi8u>5z=>VAUz
z8~6ahvkm+{!G{cdkl;TIe28HAAD-321ot=a5rStM_$a|g4E!O%{}}iqf^+}rS^b#c
zrw#lG!OIN%DZ$4L{29TffBCRKC%Bn`zaY5Sz{d#QVBjwa{=vY<33mP4v-%amoeX?}
z;PD3jn&5W~{0+g^41AK{8vpUEo+7xffxiV<6ZxGDoK~Nw4R@j8erLGL4EKA(Ei>FR
zhP&Qy%Za0KmOjfb%4O*v_(hQ{eU4wu{?h016WxqpI&!{9@OcCONU-ZY@B0$LoeX@L
z;PD2&Lhw5VzDn>l1OGyBjrTpPzY^Tnz}E?$X5bqH?=kRAg0C3(7Qx9McvgQSxTAq@
z1B@T2XyVkv+xWD&ISO5`B5frB%wzB(eG5OG)fWtW-UXv<KH>r9!B=2LqU*YMh%HqA
z&RAp(d2uF_SvG?1G0-H+<ObT{yRokBn-U$1^eT|PUn{Ae)EPgMlETYUl!<X_%Wki>
zqz>2V*CmmdWimLI?<ALbl^nakJa7th$lXXk-`UL$jzj)imXBRCdWgc@0anAjblKmz
zj5p8Zyao6PU)mAz?q$y5z1lC(zA;YGvolhgyfS1;&rVdmp8dYmC8HBrHY-qa#y8Z^
z$g28JFb$SSTM_pU;Id9tC;mDQ#;Y6hr^|Pp&36xUB$s+ZZz$0W3p=kkm-V0!VU0u|
zu94{aH4>yxZ<YRQV~`on`Kgnn{9;4578g8R(~ysw;K#~!a`Ur(uO%Mq>Nnl=9DM31
z0$k?Q7q$1mxcV>rWNYv9^WXCM0YCqPA6Q%ZtG|TE5fs!D`JrCrt8fprHjy2TC-yi$
z<<EVx`r5hAZD=z=dv%^*pNW6Get^3>mtq|!Nvy1GAd|_X!OoXSt+Yn}VNDi$%iy5q
zz<FGHG4*sAkgjA7QLtWL2Dh$U7(jBOI;*LsvgfWPJ%d`TY(;=|)L76l&IC0huTjQz
z)KGfUGoW@mQC$0Mg>>?-)(dOeV2#T%tjQ{aU%KvPVb%um({;vC*iDk&Onn${++(iJ
zisF0BHdmwQ`W|x@2`Hy*YEK<~W(MiNGItD}LN!YVdWM|1g=${hVznS{sah1bsak?7
zI{N1|JAR)w*m9J1q@8DL)S1b-Qcb8|ghrF#mg0d9RFdSkA=!YHT9SwdPI%}tpq3Qp
zrlir5f!x$ITJn>dmPSkVa?{gj$t@}zWyOlel+k5U=rV4)jEpY1(<M8)5}xu`ogPIt
zquCiZ#vO2ZO%#*rQD^mJ%WK8Zq-?nyLz8ize+*5*#$gOi&6X=MG%Z{1i=pY+a=$^k
zQ?GSmOJ9c6(T#KUhi<w@nv38o>e7Gid!(_*c(n;X*;*Svo8@yHKU?H;6@IqjC%E8L
z=pAiA=};4ei0RDnt@1=4weqo`yE?jYcLjUpM0d3gU_AZfJ0+&6GS5KfLwhh@X)I~f
z9!x+cb;KTQDJufm(Ip?c6b4<*B>S-+BmTO6jKONmZCzi3evF<$U!%-L>~+-W#~5>h
znn|d!Wa_BVkI^$h&4kuicy-h`qDRkw+V<bs?`(m5@h{!)F<08}@k@I*R+$-{qW)US
zl&MknQbrq$W#a*&<7%hVS)DMlXF)x+4)K0l{`ny>*v_m9M?XK{Z3eor&KT-chH{&l
zGDi6^B+HScbR{*Yvjw>Xo8=krDU%jjF_avso!yMvWMR03rjUrloWa`=d@bHr7>|~k
z*jHG<W@<;0s~zA0L3Pq8R439wyXq3RQ0*2M=K64*p7AlrXOy$Ks^uo<<Rn+c!l;sX
zRlYLr$|5(#cBgA8=f06o*SdKzQ(M`9r)$Lwg^8}L6)nW5()e_3wxlUxt~4e6r?6m{
zV!BKrU8aaG`O_t1x*`p>$FD#ZEI&VARu-bwBoCP{lZnlj$tg8oCMswb8cRrncFBkX
z8k?zTQhXH<WieE@?XHuio9?7{8l{td%UAvCB*ck|F_})GI)x4@##C_&)oJ1utJB3T
zRcFA}_0ubm$u%}tOx}s=*EBNWW(28v@Jnji8Dk1B+ayea!)qn+HuZfd&tR3rBsL1q
zBv(4n8%Q49-V2c_Vp)kXUyASR@u?2tknDn$xTq1#3u^|`PM1;8Wt!=d9bHC8SH*=s
zpp@auQpq|*W>Sa9P3jQYSREqouzsMgAS$dMaeu-Hg%?wx6-8qYIiQ9yK_LgdoIBom
z*qS5SOb}tkCEu&!`@gcokX;7hl-PF=e%LFZj~V6=sX(xwND9dkeZ&34F_~{emi&uq
zoKec&!D=9iE;ev=g0~sC2Em^iIE!F>LTycge=^^-2xi83&Sip=4P2XG{C-F;!41r}
zLU1<&`v@LsU_Zck#(n_XDC$OPf3(vzYr5%XeULQk_n?7nY%zPTHS5`k3e9>QI)&=G
zbkMBlFabISChsQqYvl6vh@mQheX&WS6h3}-zBhVnVd)0MIWS((JL{!=c9$!dm1|sR
z17yawKo)eF7TU?sRU1nnHDPQgY2Ab}kcvPK(oPuE+6jXOwVY!rQT4SPkB3Og%AcVW
z>*PMs$(?Rm?w?y}xz9z^koy3gLUlblko)>@o!mdIRoAbTWIuoM3T#?M{KC~2h;&>M
zf#10ljKt;2L2rqWSRq`7rsNrhE-C4X|AUk5l7G^Pph+l#CZ$}wKvLHR4|R2{tGWS@
zSy{eTH^irHn|7;DE{V-4Hm_Kj%kxZC0pqH#wQ`}ZkmcmFr6`&N9?_*Xfi7m+xvui<
ztfdlX7=Ls+TAGGTYv&rQak^Z2(?xl+*N65;YVgqKM=5UzkC~?sB^5iP(up(#l&Xi~
zhMrE}-rF}lPF4op{AXp<CL6L(o`>iv8*vRHtBj2Z%7ZB5>ANw(DbWMSzuvu-&cBXv
z{ik{x)!<5GBvj9vwPl7+v9rRAkJ)2HbQuHMOi9iTa~w<PzDS*FgG2>wP&tJ(7>&q0
zLBm)=8mvBu3TP7R2^$A~{h-$>Zwm7073*>51FQ)ybs}do^GKb@+1xx*CvvthkJO2r
zEzKi!B4>elq)y~)1&??fIDwU|ejJ$O>L=ZFfAr;1>gSo-qIgj_E|T)+TXWT|5ixqF
zZ5aP6zSTKPwWrvoNT9uX4^7en`{M5M4@e+EQ6EUidLc0D#TKaVtQWDWlO)zllP)Y-
zG#H}lOV)bn(?l%wa+&PpLN_g!(^p<D*gJ^jvMrJVxoiig_x+SyUdLcIbPn@Qs*!|q
z6$vCfghE0JM_|aMv3y8n@*!zTK18iRKIe@fA3V?~_EmJ#^0{E;<+FV#pPi8u$me5l
z>go+g(<%u@5{+DiBtan(5>hk*H<k-YOfIBL$%UwTxo|xH6lC4azLq+yX-*DwAqTmc
z8vQ%np-U(S*XQ?YpWjlHAqS5L6uZlp<7~vxr6d9{nH4}olxeN19!{UmCicN|c7!}v
z-Gv#1*)4BtFMpLRj)(m-kW0APKw~Qcu@xw+pkas=6Ud8!1SPKC>q5VAeA<bAlKtLp
zbfGb14d-e`THkJ_J9*Ge*Nd+)$O`VwcqHym7FxaFL6q!<!O{9%kuubh-QegN@x$6~
z%lRbXl9=lVL)01iu<i&PtQ3fsc?&(<EXAb32`$Isy7}G=Cl9)5dE7XPJZ|%SM0HO@
zi9GK`r%>IS4(59c#Vu6#fr}ly+U{^+!8Z;Mdy_MDLie)2w0S{Si?d?$i`@+p2gv&;
zXS=I=kST5&lL-Lh<=zNRnF)7ENToFZa9s(We{K;qwp2t-WPn}FYoj&IAy$qDFbCS8
zi=5uOOF%hY!A=cN4oTKf7)%HYg%Y4k5zr+Ax<cpr!1I{r^xT2j>Yt#DBrA1VMT`}U
zC2aGtCWi4!;WJ{Hv@&MD1ZM1E_kk8eRLDw~z;jgvzmz2v56yRI<*BPXGhN-Go31-|
zjZ$}D_TO2)lSIKN9a*cwZp^+&1M1X%OiF4r(jp^)7Ebq^X{k~A4fa;J5e^2s4382Z
zHC=&67>h__eJ%+@p+Wvc)eFrU+4n|})2dERbklOWe`Vx!UrJ7AhjQ8<iGrLCfD>yv
z-E2mV6_CKo$u3_MlV%MBp^${a5hiSx_3s>!#AHLdgmRV$ubGn#T@%VfB9ywivzn6$
z-Ly;|9YrQ;@bCz!+<l%Le-_Qg_#?Ze?2@mbhy+4aIuNOYhz_DtsD2!d_Jz6lETY>M
zc5;*DriAj7KUwXQfl89+dAuS(y8~J63v0-cK`BoL;3}W4t@7jeOLDI)`+``9#h}uX
z8O8+8FsaH&RDETP`{aY+k4%4pPNDiqI_Q%>C2pa52wVt(dr99ye<bsTqzq(6BTW1-
zbTlNc{Cw7>>m+NH%H%n7QaTV>mr0y{n=<G;B@IrVbJh)&CvF<jKQ4=zhw<noB;Brr
zv?}(PRI&Q8ZFN`2=%(w~&qt|aC_Lt!g-8j~Wj^ULJ9M20r7!us>(k>NnW3c|8C-f~
zhPMJGlT?8c6%?pO5YnLAW}E?yTL+pXxO%DA>8#=8KsPOir$>>)6>f~L9g3K%hv5h9
z>C<%b)x+r&sz<=l_VnM3=bs@HKc17nAI~j9j^_rrF<2E9Q^V2SY27yAQ6ouU-DuAA
zYIQ>#Y{2#7x#R_9%Y?9u$%rn4(v9<4;uu~(jx(U7R>p50R%QmnQp7kyqM#Htnve!1
z&6oq4U>AgG@gqCa69&Z0n5Zyda%86<rQMIo?1%L8FZv$)O3@#G7QWFN27Zp<8aeNK
zB*BFS4iY@wz(oWfFz_gVy~oxfIEgDhhk$Tb^+-ChnRhiA?p{v@&|7&(8SVQ#ZnrGM
z#-scqYHD;S!F3Ic2=*FSBe=1FrxD!LzzYdZH*gujbqu_j;MxY>LvSMlA0fDjfsYfM
zZ{Tu*8yNTs!OaYOm*9p5W?uj}&x5WkaN|MdDvSf!@=M63-tqEhHqB1dy0YB%vTq>E
z#0@T#Q}PBEV!|6-bl!g#?UC>oy={fG7=$(cM6uoP65{w1oIm)y;bOX@4Hw%7f5C9^
z`GaE&7uz`>Yq;3XdDw8Vo%0tB7oR_<8ZNedt{E=2eg2Z+;`0Yf4Hut3IF2}xLFzf)
z<LSYl^aVF3m`6&TcA|Nt)M;NfkCZy?B=bnA(@r*zlsfGc^GK=FPBo9o`CND_&1vQ_
zn7q2=E9P-@(&KdV_)^m24D(3cF>|JQoRti5mU&#1^f=o*R!b)L9P{W+dYo$>bCVwD
zna9RSkMqrALDJ&_^Vl)zaiMwamh`xY9#TtEMSC$l_>-<BUp0?ZExE)zQmigDk5nzW
z3?4k4TXq9E-Sj~InhfOoBGtMn7CpLAW|6!fq|@LZ+hYB4aI>8*x$WW#!MFpF^5F87
zj1l7<Y3Y)JuHf&<E?L{9gl;+|Z%axZLP|8|nvYp+kgsNB?y%ogWcy#7WfjFyRXF(x
zy6mzGKUk~MC$LrphCZ<wUT_FpXl0^C5~nvo4tre=>85k|FUjHbg3n>fes>vjb(-c{
z=NsJvSa>=68nLz&5?I^PrL`?xJv65GFVOa?PDdcbp=~V@iB*@(fe+*^5&oi2Gl4R$
ze+`5+{sevcHHM4(^lJ?l_vzOeF7DI6Zn(IwzTR+gU;Pck#r^FKhKtX8-3VNCwk7u_
zlJF<`4sd$L;G2efz;HJk?uUlE#c+=s?pucYz2R;(+@B108*tHU0GHlQU;acBis(#X
zX5FHayo0zkfLr=)lJF<mHc4_Paq+#dcM;qTB+B4B491_JDDEbXKha{)X@2i9+!qb^
zUBjJdxbGS6bi>_CR_6oMDDNW)f1(GB<bK2b&~OhJ?lHrC-*8VG?m^&W-jd7U$*xSq
zd5gR}*b==6qGH!MGd}?Spw<avqSr6S4QYq*4sXhkIwg54uDlU8?0UD2#+A@tDMtLa
zjW$bRbnbErD>VM1BjK&N`Uz9UpXf~BRA@gn+{K3bnc<ch?&pTP$#B0g+?|Gd%y17F
z?w7#z)}o&Rp$T~$i0CZ?e?@=lJDzj*)knAEb#o<sg8cZC9xQ%M5B{V*eq$k0gT<5d
z;7>ZlQ|6HxcYbRgDOOLLM{3;poq42YC%-q3)a>LL^GMB3mYYZF`n_k(BX#}WAIu|l
z{oZrtF^GF*gX{O6H;>ef-7lC&>c;LD%_DVV_aDt;@8q=QPw<FlHu<vuGeC~abKPh`
z7o){6H#zWlb2Ci5hT7IaRgYHr)=1_m@mtI<ky|{NjHQ8?;4t!v3sn+by~w0ar#9dc
zK{q{QO^`&qH=@l9+7`#*kD$(8XZm=ro0$^*_Ir3lTC6nEd+JG>H@BhBn_#^Tf063&
zWnW3I>F%E0RVh0wHuqx4%g9t^J;SYw#8zJ+Zf5kWflSCD9lbMWYY^|=iFmsQI{zQB
z=PM=9E>~Yg`kc|+l;}7#aZN*c4z4xU0YlV}y(jtUPnEfZ+JqUyy#{B~WPwaLuc8-S
z`k`xu%|t%4FWj%QEQU!X!arjp6fNIoQWS5B8e5qZK2BIHVY{QXxx6JrxXiss_-x}B
z3ArJpHV-p0v$oE3B0AA!4Z^LPdoY2aq5)bAq5?&OCO)Kr7K8Z-XaX$;^He`~N!Z`7
z=jt=vbbX$*a`pKL<fS0%YTi$%HMphNJ-b-!nLQEK>~2z~CHhw+3A$yc1Lm{y)xQAc
zw-y4T6|{%=5)%oVuL{=@&r6Xgp-Csg$t5--AdiHwP*q5XaYo;Cyk6=F$+VuZ3qU=o
z^b||kVWLaA1J=%JA&(6zTBzqf&C8cm`^$^TdEiV6t@@gegZFQJ!}^8%U<XF@9=yi4
zHG4u;x_1wqjBqWvzUHFbvyRBUR$JZ_!W`S(AKsen>MjKlc#(Cv3(hrKnad{X!}_j1
z&_#WqCfRJ2RvV>0xaE)9MfJ>?BK=BZD=8>ACEt*-xaf50N(aWa$$ppfo*P8w=G9W{
zM};TYC7YAMYGb0z2WB)1gPnFCh&u@WPTz*KJuxkH;+{4kqYa#l=*DeEFVtIm6d6h0
za+!nS@-JM#Oq#u-F~Hi)3GCBehX}0Ahym;yf^ip&2<A;-dTp;ltBwYAD?<t5?#dHl
zlmZ#cT#;KUBoGl3AcX=~#2R>#%fgPNqJbw_XhWN_Io;67j&3YFy{>c4D6%sZ{5m9*
zIx>GuCUc{;nGZdd_8p!a)Z}gUaTvt-QT-dTQrWJwL|)(Sz?j5ky9lTHHof{vItf7l
znT1r}A+}2fs#1E4a>Ll}L4;$QJnN=9)=i#uQyuH35m;{+ux@MC@OY&!4&N&&YfcB}
zn8>WsWe(^vf5G7wdSg^27Ml@5#5P*QOTrDtF;XY`TOzb;RnEaRkBaCX+8CnsB;=n6
zPeh_?KBC5XXnI!u7I5f1>gH_oT%Dtvu5%lWQs<CA&e@)UdsC{Ob^CjuCZVevb@Ddv
zT(EG{7v6<yM_9Y}u|up~Aen{#%FZ;uJke^~yU18&PvTlQUHv=3ZA)VKgMyYmdK?N`
zM$>=Lb8SF}b8P)5A?=7)WUjgKC;7IUvl2kx%m`85j0k5E$P&d)UL(*Hl%`W@P=CmP
z^@tqkk_BDifgE<M+mu-bw{8x^fPJgk9EOHRL}~98%yN`<I1|FQ3}Z{sFxtN9F*lqV
zBPyV&1gCW2%k%}l2^-MF7{Ey)?-rw*u2TzEu1?*IzU!N*IyGfws?x~w@f{PkJh(-G
zGy4&aEMY%T)&Ol?evZ9n(1Eo2Dfl?^PIs2H-sxlCCsXxRK*!GVaAMh6a-7o6ay-4z
zS&CU21BexQJFzR@Sz@WP0@h-42i9VAS6vC#VP^@}622`AubpLGHy&S>TczNjWR*1r
zrKC5{3P@ql5`a19^QKG?<|n1h^^NL08HF_&^M0bjdKgbr8I$iQ8BL<2B*J?#?nFmR
zgtjA3!ek}F6Org>(PSm<aG4~V3*RjBGNwi6!Y`oIZ7xi-n+tPs?&rcr&AG7j0eP_v
zxkY#}>HVdyGvuaMydY()i7?hgJJvMe^Q?`UtdUk`Rpx`gM;qf`jblT4y!aPz>XFjo
z{M$TITAcrwM@ozHo_VCSIPaTBN{jP>d8D*B8KhlPmD1vjF^`lMCu<%lEl$onQd*q6
zd8D*B1@lO0af;@V(&CiNBc;V@GLM6j>YZluI4tSWVjd@9$y3IjwNnVUn#Y+*kFoHe
zYG`BE8`DK^oKOwzB)##<sD>txTS_$~IMgU{F$<=vs-gOM#wIQmbkk$Pt}8bt?4i{)
zu`cLYxpjfqQ*|JDwk}{dD;plwPUh@2x7dK?*58ix#<aBKx{wRZHy~|3UM3uZJ6ts^
zBtQ?|5kp?V6|ceb*`$!g07+yc$`%5gliB^!w3*)2$%<|)tMXyAdftb!O07K?jv~J!
zXr8v!^ZqgqXBE8{LvjAbxW5&QwfjRfumHeYR0FV*RLg4>RX4MlM0F7*M_w8)W@F{z
zL{jdIyMpxcjJwfAl_llahN53zb|P-LB)`6F7cRe)_nx*u+P*{miIU7zckpE>Q(Bgn
zTcbNsJSA-na^;R=0HuQ@42O9cYq3}F;c3dCpPjG`)J~K+dGpVOnSh~%f#T#LISk%6
z0TV5LBz%};t?YPoV7@Ccy1}CZ2T{a$C5LmmeC8Usw^Gh(<XY_k2UqR-nsj-Fa{3D^
zoM<!@#Twq*%oA0-b3Cnnw3V-{YRS<X%kjMpJQg4~<)85jj1$#K@TE!y2WatCDwgEQ
zMyXbQtf0r4htGWmxBt{766f|liTnr~)^$b}=orxc8Cqy)c`pxXH1ne4pcOETv;vY2
zUByw#-l^Ek$&hX!!$SiZe)xN>MJ$sMS)$=rrvPIrCsjCAg(|OJ$R5EUduZemC@^>@
zg=B^vE+4E{53y3=FFFv#ru!~aK~dvRu<169IQ|5<>BR9Tz|AmRyiYpQaPdCrs)mdA
zNmnymZ2Pjh;bPmDHHhO+5brF2I5n|k3s)|5gK{}CD3^TZMdbIkpl+{)z$>oX4PF`0
z^O6keX7TPUxL)H`j`41($hkFC(F`CZ72k>7*OTIK3~O#L6IGISR6Ys__k9LyTy<@D
zc8z80;8#<rNfnldfNoh+_rkGF8gTBjy-)kL5oa=i$yJ$DED^~li}oau;k858q=I1X
zZE(RPgB3Kj7W$H0&)h<8#`rl?qeZAzGsa6#5UsKPm__9cIT=u8KU$%QgOfd`gf5dp
zmm<*qs32#2hh=_AUulOevG$5=q;``9v{z`UZ=%<Qyvd_)qP_d42%Q=0qkqBOVJD%9
zS1SmB#ejVG;al_&Be&(pkiSS?i<H+It&0=op78R0oM40_>gkrQp3)8K=@+z~LNE+!
z>N|!~AZXE~kUY~jF+MMr7L7JNy~Vfbe$dqTlb$-yHjmWQc^&geO`X>@kJQw84m@P8
zUUhTzXfum{F8rcH4IChNrh)4byvM-x3BF?B1_URx`mAh7a8m>45j?`cjR>A^;Kl?W
zG;kAwZyUHN!8ONv&hrT_G;lM5ry008!TSu{g5X;QZb@*>HqUAS!F>(fir|?BZcXq(
z1Ggdgu7TSU>>cM>ZAWkq1Ggu5yn#Catnnx440i<BdqeFba1z#}9|gic{J0ap-NTQZ
zSNXf~)S8q*^^0`+#n91Bh`4qXzG`pq-Mtf0U!!elviUjUUiUcabi?=4PXV3UX`ZY#
zT;|;N79S%S`7ORU9|=oNrYC91Nla+T$?<JGHnjK`J!m4^nMvhO^gM8C3-K|-y=J&w
z4EHa??P|E<Dn9IPhMQox-3>S0aC;c8*Km6pZUe*ZWw-@~+uLwE8*ZWD_BGr-hC9@7
z`x-7X+<u0u8E${Woo2WL40oa74m8{{!yRO}n+^AI!`)-JgAMnH;XYxw#|`&M!!0-5
zrwsRs;SMp}yM{Z|aM|&`j1Dv0IKzF~a8nI;xZ!#YcZA{Q8SXQN+um@WHQX+SlV%}x
zZK2_gG`de2ZqRUx47bQ|Uo@OFJ$eMqJtCdp;yKrl;o`f87aQ($<F~|c@7Nv1pEun3
zMt8K~E;HO040ny;jxpR#hC9}9cNlKiaNjfB7Y+B2;i`uFx#4QWiA<j|+?NdZ2g5Bj
z++PfLoZ<dqxZ@3%Z};`(1mgG;*m|F6bYqR~%ZBST+)0L;YPgdPw}#<PF<hVFPBq+m
zhC9u0n;PybhTGb3ryK4yypF2<+8Ku1$>`1mPS(;1J@~e6MnX4U$LoIHne4QqJ;0%{
zxh(oujv*g~dwaY#SJMETPI?XVswGRPPM(o1mVeDz)>%k{t#afH@7YY1O`l?v-|x;<
zNr6oa2DN)b95%05%o&9ZT%nS5jd1rW2@)z(BAm)JR??DPLXXOPCgirAlN(*gO;qDJ
zGfsEt0+HKIBg!q-H=M&vVOvyI?PUpvObAwGn}~CJ7bo3xSzRJ=j+-z_Sse`7@GsoA
zwtX;e`H#F0W`!i$|8tRYUG8_!u>+I3XLTMk6|3Rox?Yk8i&?{A1tR2_`jSM=dm#cr
zBAt!TS(4OFiIFr>qC_MLPx$EjI(M+1>U;1zK#GZb@UEr^U7X*9iz$S?H%Gn3q&YJi
ziYHhH*x_ug5N+AoMMzBbeEd|Vga@%iE2C>hde(czy1xtHuaYj#;bAUW^J#c4E>-3i
zf(VyfcjCbCwakVd|8$?7cqm3boiRbKKasE!w1$$1e3fxwr%<?|6o{qi0MTW+(-=tc
zWVtMXjOzCP7(_CyXR|{~Y<ktTG_sc3FF8_gjU!Q}j5JZE3u>Q-0)FUtKKMczyY*V4
zz3k}P3*B^kxk=i~$46@~XCROK`!CvyvyqZ~X?4H_E6#38n$X2acExPo%kusgalTpE
ztBtZjr{(-rW_34B4b_x+ZW1#Pu7+?&Qv)Q5QUctQ9VShXlvcS|Q^W@iB0VMk!6Nu!
zi!4nJwWBczE~E%UmKYM%Ln0iZ-I9m3TM{P9n21CfL+*9`?nhji(oL7?9a5%uj#j4s
zFZw{)GQ9)|_JtMqf#P*3yn;UPEDnAo*ZxKA(Y`Hu4Ptc<j@8sQ%7}IwWj7*QUioR%
z1Mwal*Kl_VFUBgJ+c3YB>z(2D8_|yI)hI8|)u@GQ<35)$TiG!{qU?wmwd{6sWk)w%
zcK1lxt<mxS!T2QwbQuynLfKsouXNdwJS@ArMBc=zlsP0@*%9re{MDfBjJjdjF;*=*
zel;jNq8pT*QLmuv7_*ff10>3hh*8V#qps}erpxXDDZ5ifE4xMPNbxs9UpngG>U+<4
z?5kdZr2A5|?lSPd68`C;WS9Ua`~8A*r;#ulGaSzyIST<{h5ks}?sug88B9w`CKKM4
zlxSB{R|Vy7)D6p@{I&e~)u8-|ZczS4y@K**%vSykkSKp5>dQZ6_qVevf4b@N|Dlxs
z8&>{e*&V*lPFwA4W-pZe>+zfl`$(cdm5obhAz$eVOjxuWxuXcfmVKZ<?tk82N{3hB
zu{8wa@0Q<V@^Te2fX1nI+EX&C&DXo>oKZP97I*1{TFvc{YU#Q#)D>+nwbJTkf;{&a
zx24Jp5L5Zq9G;>Z9~}W+%FwBP%WpvEEGNh{CBBZ_Ep>zuX=##^^$|q7(qs;OPi)lA
z5JHmqZtY$ig<g6!g4FKg*D`+H&#$lX>j8dU!!N$*v-Dbi@iCvJ*Ws(d{Z6~MvZR|X
z%g3ZFpFkcP-y53IF}Vhpf37X3%969?U{&$qTDID5ejQ0~+_GhDTD_iGlM8YlXNoV0
z6S81pT-H^x$-~YouK_SWA%^o5VKBlxg*4V)NSJ6ZL?qgaB;!dY<K{RSp9+)l4Fr+C
zMCx?)27r3+)iEl@|D7BevzMdIQNmQPJX39bS64sirt8O3Qa>(4<{H-zNS0Aj!kWvG
z)^MaU8Iv?2V<HkVhMelsxtmKT-E=yaOFFY%Bc&7k{`)>@^17q;NjFjmE9{ewMB0*l
zk_*$gPm0NNkL`~PC;FsQz$+4p`aVgxvQI)MmbpjzB%-uWA}97q(|87gXzi1<>t!~5
z$7Dg~{#vH_!nHw}?C#2hZn{iflrnkhe^VxZ2lG+JiJL|(lLg)BGI3!Vmq|>Xdu*?C
znd}Q*kx<l^iE#C0@?9wtqO?rN$;yQ2uuPauUnUmBm5Fd|P$ql0GNGF;lUJlnu18uM
zw`Xa0IeA+cpDXC6dSYwpmG1B5;=<}TkwsGqKFpQU&A@1<)kEb{cqrl)cscFHUzqge
zagUqni3?Ae=7)ah*{N}-TvRSB&_6L=YBw0$;7>r<3o9Rb@~}BwJuTsEV+yiYMtz4r
zv7;QMsmO*b`B;x8d_wI95y>8{u0Pw;l@r}`IlU$2)QK#PSWdh{n0LpIJjar8dG<;d
zk7P}U+ixND*<t<;icv&^iQ4-};ffld*f(V}AJ43IeBJ!)Q$f+`{EShd|7_guV)EQ$
zdqY@>zVJx!iiD!R-3eFU?!G7OPVz*-oIy_3?uZWC9dqZ~odsdLLj@u%$GIBJwb+<x
zXHGX=rvH#KeQ3pHn$28^GQF2+6$KBcv-R`lL*2ZYX9;G>!GczInA8p@j0c<P_~&KN
z<u?&^^;V?2g0~XNZRqH$w-K5SXdObg6B-|NO@c6EI|nxpKiAL06PH8#`FC`NmT#m9
z#sr-aVG70=ppqhM&JT#COEg`<BZ0KDrrxbix5xl}tH!4Rpp_y@s%c<stsFx_*v2uE
zdO}7S62h{Es5GG+BdDK)u+p%6>88u~11aAfA;J;cEcILe!?|>MRhH!)$daD}rdG)>
zvmSgK{yLW)19E>vgca=?q}|U^gbhkjs8L+x%3>3kIwQVS#xjeyQAi@Pv~H2aeUq&S
zHMEipzJ+C!mo)7Nc;JSA`pV^<2&u1J-o-C@<?=iH;+vmK@8*}hcX<!L_|oUn@A8X}
zd@lVSzxclA(tG*!Yku9wuix<Nettd4uLt<`6u-XDuix_PL3~AbP!4iS$PWOzekq}A
z-pADgy6Jk*M5#uvj8+dmo6*0<?VMdy&xh>0^)lCokYqo;im3H!(1)3mGks*mp%?fZ
zBpR!b=Z7Y6<P;i|F>&na2oLsfs0=KU=qUpreFGcAgnagO@}ZlS&p46K){|GzPX3o;
z+apMJc9_2-j%^)C;eR`}U5I@7Hl$-4qZ)B+i^+43?FV5c#<ttQD-w$Ou}!%8vF$z?
z+aymiwvm&KZA6D-8*}H!HVfj$Ho_x~ZDh*6k8Zk5JEcrprmUb$|JQwA2}!6viu8}r
z_etOQLzaas;Jf}0ckcpUS5fVcpYC(cK94+_-IJV?S91b1<&cxKO@bJpyegm~f}%oF
z1WG{!yb?@W^b&T(x1xa1*sGNm<SJLu>+_0=UPbN|5fvyRAYcJOo(h7BkE`(ie%G4W
zuOtoLzyAJ@ews5gYi8E0S+i!%n&&3PL4RnNJPowlb`vzveUcjefmo^gBs{n7W0JV;
zW8#?ZBVbP5mza-pl14t$P4c-*`26nwC;2RV`~m7R51-{C<4uTHJ}*u1`K~CRi3WU@
z)Zj0J<g<k5<};JT`OL&IJ`*sT&o{~2?<W}E(gkm0`}lj1QhZAh&eSscBP)uZIM3d|
zFuV8u4@s-Bc{p}PQ_PC|U9{3aV$My@G+oX;=uQl<z{oBg-iD9G4+?S9ELC^S@iu%c
z!IKzHv9~8=&9+-kH1(#Nl&QUldNSX=K;Qibj8}38=EtZ~e7s_-_%{QLbIpMf9KQo|
z7N`w+t6<P=Wz80Om43l&ngc>dEFAP$u(CKZ=rK|TJ;nydaA))RB*SOANj|R<KEHDz
zKELtrZWrhh>n)%>#%KRlK%y+ZD_|<G8T~N`!Ag+K+N(4h7)BU-tDuSSig4i-BX+^7
zb%s}Tlf2qTc(r8d0y6oJ;?)jN9_Q6<tZYOaPX}o#faKNtgAjNnnGLTb8+b$*c_rZp
zuLu`jF=7|II@$1wZjx84g;!TD#H)YgyhHX_e}XE^GbTv<?c{-sy$6!w>%+d?++&$(
zcjJgFvKtp>J(yXg-_5R1h-SVuQ%Nz~meSHjGPiQ~JZ6D)g0jhTNS@}(M0S6KD9&G_
zYpp~z$671FQ5!6})*57?4W{^xgbuhyY&sUA`-Jo<X1m8PtGEP5F-JH0gDk{6_dY)h
z52kBOA6u6vAhwEiu8gAVjWp85h{@KSI*bj&HTDx0rBdIScm0Cq=?genWi|*$afQUZ
z!mweUwT>)OaI5iZ{EdDEKRH>#YAT3zU&_`iUUp&(8+seiPL9|GwYzYPXgR>L%Xt6J
zHZQxek2mmK&mG8luGwiU_&-JU>ywJGl<{=JFgHqmvu|OPUdF$JIJxffA~4LqlcAQ$
z_fyQ0>n{7H@yf%_R(B5CASS6pAS4dl_u+3D{yvMpHvI7);dkSY@aOOsg&&G=25s~*
z{K*4X2-}llFh|UGIIAA%fTS90IV6{5bDi#7xcq0j@xVy>)@{k|b0h23TMfETI?{c#
z1a!JqNKvfQtwM&$4~4m+oi0v@?R(crUm-^AAtWT2{}3GQA#8m+{|T~$eUJMl-xYi;
zOYxD!03X3od~AA)FUUfC(D#O6T;qBd@XlJ}V)==;1PF>PZxLrS4VJeEilt#WiIpva
zMBF0@!}XTLoZ}SJqv<Bcmshf9Pi{wh>~dY}BNPVw3)Omb-BQ*w{ug@&QUf($?m~rP
zgR+?F{?7o`VW)iv%U!yApxNYuHFqQ4Y#|)YnoxER7D}VEK1XqrBLf`Im-pHb#&an*
zBjrTij1aWMHQNSxp}0n}x4tnc`)g40<fmD@4mjCJkC7rFR3wPP#hP<0%*bBF^&+!O
zqvHjAD!nX((km~Y5v<Z%J00w>f*Yik*B&@la15fnhWj5ZSBw=FEF2C-4rY%{!UP}Z
zB(dRx{5sn5p7+X6HF8H6awlSlbJcXGj$>;%8()OJJm5|pD^hqXI5W2t+Edo8{ym^2
zIx{<Xw@713BzPz8nd)*9#;{bWU%p$}|BMWDZ!qN1wcR4;OdT(@oC>^i(}Ffhr}#F&
z_HZ1OQOUe_%&%I<zULudO1YPG2Ok^58T#$~SkKR;HrJu7$PpV`*|aa2!l0x^^#lx8
z!qnGp@cq=-_ZgXPU}>;GizRkK^t0o#LR;?&BB6JPE)r?g3HH|0sc)dZ{}t9(7uQDL
z188KkB6vnA*r)K2pcjAj*Eo1E=?*SK?nEi|ql4gm3?7`DI02>u-h3(OS7h%8)S2e*
zz%q43*t>_ylXtVh<?`v|8~@8bF`#=H`<)#fQ!%7tywB)(&v8xnG@4TX@=5#lqa$xl
zBFgBs>_BVQ6x0wYD2?y8rA2=9<^!vc0Ze5|VXQ|Muxvy*k^X))s!lVqM%NluCsWYS
zj6_G5DCkNy(8O_tcJQomg&Cq_1{#*2$WWljqG`~+#2-r|{EfW1gdG!tB548{VBbE3
zjKV+ZJXAYe$D(UH5BfHh^3)m9gZA5f-X6rdrRUJCv&NLaagAJuk_S+S*ihpC0+8^=
zf-ecQ@iYodCydOOq>(us;i4895ud|lXo%t8<R?*6-BEZDi8k?P@;bn3;j1YRF@itI
z%e%h}A`+K(A7+H0x;c*O5k~MQiRw{C@FyAZSdb%8#^a3OPcp|7jF7_bjTinaM(`(@
z<JXMfPcq`kAR<xtQ$a-HcJgn6h{WyWrx_uICr~}Z2>v7s|7{SF$nm=%B2oD7gNQ`o
z&jt~RSB3t72-qEqQfpyzi#$9Y$itryH|g$S#pBNmE(?PH!{C}A_!kCG4T67V@SQ>M
zIR>u?g3mMftst1HAb3|0T*Tm?gP_A;_cBXHn!y8uV1~hUK`_hUJA<Ih;3tD%j=>v(
zV4lH8gJ6NdVxKLj$lyQ_Y+&%HAlS&@*+H-=9@`v`U5p@<IBl25(eM5nW0BrzZb5|l
zyui1Fc`qgAkLGZ@d1$%u6(?`C-pPqQ4bYWm9Hzcs;5&dhxs<8d-fB}!T!lDy>ah;I
zKD>#gY+^n06USng?H^hUIb@1yt=Zaq$@+?uN9|>SPgvi)wRwNPNjtkXY$j7oU)^H7
z-ujA@Ck<HOU#u@t%x@pTx9Eh|`N4UMVFUjkD27s|#cZN%OnwR!NrOpyDeNA?SnUYR
zTLBm|M_?}{jI9uXy^Ao`MPZaRK`#YGU?Ti1C<2onz=9$$=>{w)0+YVLf&|uoxJaG3
zDgQnPBkr0_EH`>no_)hf?Fj{R1?+mMrpX|Wwz&hIAaV5qz94A@Vxoy&!9P5iGyE*(
zxg6HjbbgZ={plu0|MO(@{|<<c*w1RQDUHX7mb5k()+FR4R~re*sJ~2qR{bUVn@vQk
z1k5wJ6$!YStQ`T-59!p0V)%9T*uA1<a^eOjx(;KnAm}SFQoMcVLtgO_B4X#&gcS4H
zKFuZcm@oY)M2Jdv>0>VXND?W-)&p}-yp;Rx2ry$1VA&c#8|r!^tI&NR7q$9e-7$d}
zA*4xO_9e0_`|wC65nb8Wi3g*^(}j1E=#kCou<70zHr+p&rlXr|x_9lW>BMH^`V#+{
zbpSDz+jqfRxg6I4imX9alWW19fJBcSFojf*5!T8gFIvr*sv5ovvFhuFuQ!!}@%0A?
znyQ{thpcbWu<=b@h#H;0G)R2b-ZsfS`&i%GUK~r@6C{3cUz_ArtF7<X)~A@ONW6)(
zY~m2Ri3Mpd78u9bO~e<0aX8(?YzkwICf6PWjY0$w*oO!sf(Y!}gb{(j(0N&k?YwNx
zHJgZU!o|2W^&Q-B(6#hHConRp6Ntj-gtLf(Iw6rR6r&G?V#LI>|0R>NQQjZ5_Wwom
zi_y(0I9Pb;B{8O3??%7r@4M4)`}-aU$UXN-6}y<+b?!p$*z>~Iw6w5T@0KECy;};7
z^=>I0a{`jePRl$&r)BaWz?2%eqciBW%qDNki)1sibX{hYuFFixj{1?1!xM(Xbdw$R
zqw{lEZwvnm6GT21d%?wai<>K8&q9!NJq!)83}j%NzK>4UUk=CU(Zgdrx9U>oSdz&w
zR3Xf7SL%Xuz8WPs!AEA|9E(Zm24!XCJUi#P;d&Gk3*(qNSc+nn*d_)6u~n$8R>I73
z3`akIPo%OM$gd&5hbqrD45pi8@HSy^>%p->EVf3ImKk5Bb_G+0FC0io87%`<WRO*r
zG9%MU!libMFhXE1oLENd6ViJj-cqh3Og~YA{I?kL=_bkl<O1XeueX1S2|*u=p)1HE
zbP_IfGQ!XqE=bi4DU*g2x=B*5UVxONY<uZ>DnUs*A(MI$<nMd3?n$7oc21#$V6~HA
zv)cJZl%lJh?nP&e{6gwvP|3LUdf>VtSicHb{B>mW2Y{whtnXv4<D2ie4CZqi-^F_I
zk>r6Pq#H!KdLu%z;kg1Ke!A6sWMlZde7lb1Q7h7oyb1ON@}M=;qolU~CNqYjKkfrL
z3;H9;L4Ravkrinc#|C07T}Dek&7=-O-M%k;Vj^81rcXIW=?*wXu;JMDB*(y~Y-&H?
zVm}PeeX>B){oJs3vUrgTV!U$Vw~^zX!tc3thYIjYWC=w2I<~+nKxXNV+TDyALKHc>
z!ElytgtK2GCtLdugcbP`sQgT}b}b>{ab+niBPBq)2{v$#P;!w4(-nBM{$Wj-RBFn!
zmJuO)m@`p-u9vQX-Gbwh=A1XQ>@d>Vea|8y=Ug@|g8NzgRq(eL{`SY;5%@b1e{aU$
zdHDMv{<h+8^pp5;a{BEJe+1}9zZ`|^O~@4nay}QEUqr}70;$xt;i96y4<Plo6A9O-
zYkwibUrgAWxIQaMMj3oPlib7S3HD|1l??tEIsE+?JTM6E&)`Z1<*U`J8SI@L{DE_J
z^1=Jr`=L)fhy74b_d{bx(Nl+XqoN?2`<dNf9hO@3P&&epjEzPz=td;tJ1QA?S(Cg8
zZ2>knc|(^Rp-Vo{W!>qr(sWr{x~wK$){ibLMwgA+zn_sk{{Vy>o`LWW415O#zJmkb
zA%SmA;Co5nJ2dbe7WfVqALaA&s5AR#be-QVV~W7SYj>i~_+~hQq`(B*5hNKV*nyQ`
z(qe+0h$TTL*o9b9WrE#^C21zO6hYEwf;|Y5NE56U5GJV-)}`Yb`*;62&6$DrwCyz6
z49vT0(OY%g1_RA&7ye6;nM2!KO_S11jwe4O!pZqZ=EQg+D8unY^(29FXh(wQ(~f9u
zg9`f1N&O4jf&V67eZT$I-OG@B6MrVdw@+VA7=I#feH}p<e<H9~1hDY^uOkCk_~z;>
z16cUx>QO{>I7bjU)P6LARG9y4ct|(WEgsNr!S#2Xn~;B&{pLNBJa)YOR{@J^<jT-W
zW9P~HPlKgEb;~C%Ud`ex$k$M-x}i}-Y<TubViVAeLcv}p!dC7yQ?)*qhE5l+l*%xY
z2m%?WhCq3IoMQIb>X|tb>RH<F<+kn{&oz9a3t5v7cr0-?&@I=#jB$VJ39<|inKL1#
zICQ6eC9vAlaMT|P@i8beBGa#75Y?i~YT#ZPy|5C*MT}&)z<{w^$!OiJWXEQ#^cI;1
z@f-+_d75#hT&(-ikGh8&a2!RbGwlZ4O85`NU;X8xojDx57KrQn1;N)bSPxYBu?%(x
zvBxop{kd|jlX`y)K^i}%@Qviwev{aJvu_&Je#B(sNJd!{*1;^I8<EA|SXp%Bz6r=P
z^SfpjM$vguqlm=9C?b&<#z`DM=|HOZNe7bSG@J4uCrnLwVRE`mPnYTGGCf_PPvnWC
z>ukNMm}-9polvWa&xEj7Myw`;g&5*CA*{x*1PKKjtXf)Zs&ZC#pb}`sawZ#9ilB#f
z1ix8-e9+$ZWrbC<t%t$I9I`7M)z_kIwv`DUkD$5hb)y|%<-3G-XVmVCu70@=tGZ)(
z9>pDPM%V6G{tp`rd}9f8iJEH+IoU@|@=uaQ_aGt7%o(YsqKKvemx(o!#_U02Snv%=
zbZu8fhotaLEkaM-)vy3QQs+&;Mc=UZ@8n)x(GB*iX=3b-zxoPn_?|?Y=y6opKZ*6k
zq(Oy02>p^WE}=Oeq@TQq5-cY@LhT^QgE6Z1P=Eqw!WpOf2oKVmpd4a%D*f%`w`7)j
z1nY2-OwAnlnMBn^6hU(td<~<@klrwqoOjBq<vQT8YF#HhCzA<ig-xav=q3l}`~t0j
zIuNm*YvH`*Mwzz|wa#1U(~<ezKp)Io2sR`0-Y6nA(~HbjiCb)Srk`h4EyvQ=BR;5|
zsH#%{VeQ^-YDYI&yQT$d7tE@gneZrQ(~H|NicY;7+BQ@32nz>4p&;W+vET}WY+(sU
zYDBoyh!Lhnlw-~SLOF)8@*@iV8A#+z^A|FWXc+={S9B16oJ?@o!^f*2$zr~riIgJO
zYhue~wNcRO2a)lli(_#dAT{OWWsvsB3d!N-vk&~f)>K=x@)e~st@%)C63og=iAO<*
zwH^$rD6{WoQy&2FKL~Uop6Ao&^ES$meMH*Dhd_(6?k*a^jD-WeledAeUCcl5D!cUb
zWvt4ZP-gT2KYiBkpA@Q#`XVlG2881B4kIpflj73FO7Fr_4aB8e5?V7%X~_6eXx5jK
zz#LLWCJ{_m;G%oifiJUkFOx^~DlG|uqI%WZ<BHRaOd*g3#D*)%-CI%CO+g!&C-92y
zMrngJZi4gWLtYT)#gIG;#bI^Dt+Dg?69@$z^j^+9&jy4Xf2ZL%-6Y5NSb*bU_hV_W
zCj@B-l~N59EM_9Inqaz;nzEQnt)GkMOdt8e8F@}ngy;3>D*{A2i|Z^S#&sRH__oaK
z{=N~3ooW7}zhg5*`g=26%$Vg5-yN0{Z~i$*BRzd7xf_JaK}crliYxr)M`Q#8=Vdhv
z76DywUYgtvzx4$;f0~i*vM)48h_c+TXiQp(v(U6cGYUl;Fgx2qsz6<#JYZ0D#cj49
zndyv-W^YBbSzsCoUe3`4*0&KMYRB=0_72^oT#YPHJJ2I&R8P&Go3QxVa}#EX%}sX4
zCr`MF)qkxs=x+LF66RD!+)d}wH+d*JlM`v13x}}hF4o0~<*65g!t<G<qF%`YA((Y;
z>%FF$bd%NGU#j`ndB2&RFcfrge;S3_p1R=xF1DXXa>E9c1Q~^bQ4F#HB~@gkBV0y0
zM$B4i_L(a%o2IVdXeThtF5YLVL|11Q{1(mB!K@7*{IF}uKNMSox%4A7WI<qI5NtkB
zvmY|XEDTU<%YP7e4bVz8eDm7hM4G^3-izRQ&>x9j)D#ncz=~*XPn#?~@kfM<IHVii
zR;aNYe%kK{xW+)ge=Y-E?em`0vNdX-vrP{`c|VSpw+2-X%frO59mC^61jdTd1#2cA
zxv&2Sd#aKAs=bW-qK>C-yBWCC69)iPbf#HR-6L$s4K|x_S~nqc8%3hpYrCVa{AkJV
z!J*~&ypXu{#kmb@aPqRz0!(H-pCN7Iq*kE3ZM4ayptKxNz>vax14~@VU!KTgPjiC^
zt*Z_@%PUAS_@7O^6F6=G&CzwS2s*6k3%ZvnITP(5va#N6J|s@GO~FL1pz7CrOZ?uQ
z1Nn`8ygw2<PnwHtLgj=YqqI>cZLfh;?X`N&l=AU9(ANa|%7&eCazn^ysPB;zp}-et
zg~k>)FLj=9Q01{=T_)N&z0UH}onB6;iL8+FT9GNUlv-(I1iO`NH4#*9T{1AWClDer
z`Sm&ExpgjnMF~4APS_EKE;6sF-ct~&OCZneczPL;HDyFW3BG&hUIk@e*305JZdNCq
zL7sdhi>c!UJ6pAmrFfS9MY0aOZ>s+k<*S1s?%XZvA9iZ5hA>PWLWwxn)c0@%`tY#s
z<<O~9s}Y!BSL<INjW$B^dS#91%d^27{?mb^IWw4Pb_YsW!i0-;iBqA6^*9S8@Dw1F
zod^Hz;4qec&!?01-$@566z`&&@!uiAtp9FtUH?7e=KS}HoA=)b7kw|AYQfqzo*xO;
zccQlFhV|60EGJ^?n%$}aTsksqR*Q$Bn@C1971Rtnxe^kIQ2UnDMu4+%%KicC5={l1
zm!kSosVF?RQA~r7qWxJis~k;*+;TXCEYP9Z9cs7BN2V&0QFs&B%42LnJ%scDqxb11
zhq7atZ1N@!naNKqLz|O_9D~Rux@;c0<O5ySlrEc#E@`JrTImW&Vh8>XazfkN_5sCh
z#(FIvVTH5Ih(#FLQzI2J0+I~vMM_E(1LpChE{Y*6oAla@q&b=qQ+|Tx&d7?{jI3NV
zBi6PEie{XeL5s?Lz^|hIJ1DP%Sh9d}oA4lg69*u=p}s0mA0iLC<)u||caL+`_7U#6
znn1@$rlYvC$0&ds0|gLMxz5Cr5ce|0O%<_Gu$R27pcmwo7{1%*#;1BybV@0;`e>_D
zCQ_>|SN|rbrh~cve$*dh<-VX>JK+Zapdg6LG4oAS82IN@{0}nm^ac1G^c-iJc_pV$
zkVb4g1U-3RwFWjYFtHxE2eIhGL;|U{lqXJMfvXXX#dAi;XBcWNU;_-BC!J{)HJEd1
zr$O46FHq)&14BGqe@Ukf7K%ahu8AF3YN(n;2$xbo2yq4by}QPx6$j&j+L)eB1!F3y
zRbzsA`8NPz7Dh!#n)(>KyxM!|@EzC}LQk(^GvzDyJ;Qx+4Onl`B=b@fYar@1v2D`f
zy7sQ=7<d6B$k-ILnQobxFT8yS%);1nA)SnW5uL1mF&zv+9~L+3Um~vSUkVp(mPtL2
z_P;GM)<m?kY(Ky@RcR;sS&>G|?-3t&NW!e7cJLu#b46}P%L%!&B4-sMBLZtQE2$k%
zSWP>g>@i2G=+Gjp2!@uoP=Iu3`JfqE=q87j2_~C#*33P$kXO_UWCUH-nJ!y{E@`Jr
zGU*BloTKDY-$Z-F#}Xn7#u8$T>SfG*35x3F@YDi}m9d27TFuU~qZlxj5ER7_jwK|}
zW+ai(jOcy@MKkJ<5UR}0h>xkv830&eaYg?`bmkVOp8g1arH3)I>P&((BG8!x#dT%?
zN$N~SBy}c>qRu=I%?O>zB=eSObtV&0-|jLol@b$Jg-!p|zfxGBl&B+vx2boHM=J`2
zKm^b$f|FxJb+%4o+`QDAyvl$%b<!@gQztD%!p)mL%6HZN1!Qdc7=0h5Z!3KtqwnMN
zZKdyf^nDyY^1?}7mePNlE++gkruZ;@+vvN5zU}l~O5f%5ZKm%E`ex|+1bttl?@Ic<
zLEpd9cP)LNr0<*beG0zG{m@r+bNnhs@F((3sDBG!;hy@Z0kbaz+0STx1~4eutLbF?
z&oafc@wFz^mYS}ji^a0rAX)5LQ!$w(cc6Ga5GtOFjpCu3R6Oq!#q;`k6c3AK|6*Zu
zrHJj}_ca+W8i5JqASzQ_Iki~^E4E3nr)12Yh`sYUBsINR#YyV*?;%u#UWQ=*^MH~7
z=Ap|}bOo;J^%7G{y2)D3NG%hKP&(fV7)BmypW@q+m0%1rCl>5Y^!9~6@?%c|>RQ$p
zK&rtpw68tgO7jx;d3ix~Ag?!g2U;dCLNi1TG2zRx+(hud$jXLmUqlFD5hz%|AXy<{
z^aEGU?!|RJ(*!!72?xSUx={IqOnnALscv>v?_On1Rc$jl^ZF&Ev>KS|!~Ze>ES(XY
z1T(C=ZuFtLG&dth=e`0ci2n~dS^ukWl;^xV&VLEvmqI0v;hfGbnO%9>&iS3*;5UP?
zoFx#%Di@oLT+mI*#Ws<PYv+-Emdm=aG`dQyj;q}CB9Ft-k*TFGFnPdi=82AS;5I>1
zS0}ms+#KA#1}SIvkgtVM8M6GZ13>zioGugKu*fvw*iDfZc-Yza5yJ?&Nk&{PjQHbR
zjF9(tKEwDsv~l=$S?wjze)9N%lNm_2*B2S1@f#=-`s`Xd8ULFkg#4Oye+DRK-OIH-
z>;*jbVtbgL{nSE@aumCd<<BP{V(kfKU=_2HWz0ZV;Ix}&w=a`Q`!a3NzRVD9Uzk4x
z&2C?FZXVxcYR=TI1v_<x=UYe&hW#g<jQ?#qS^qn9U}awiSNIp+-?9CJSY(Cug`v`g
zngCx`-hsX$&~cb#N32>Ma!6SOID7p@)`UoSG?g{Wr6!SxnzRcmrtLD%x{Od5sN}Cu
z>aZBU#YisQe*HR|J|XlaCP1^1R=T8yE=#A&^5|;C*{)pEjq66{4Vse(qRol!N>J1&
z4SPIG5s6?i)~sbwQ4A0Wf}$8yy>iWTQR-Eo=O?n(k<JV_?fqCEhh`|&dv#I2_DU{K
z9L1l*xt;zETs<Agv^VTrY8LnJnqzUl+@CXVX)jI<?62$lp%MLEP-9iNEdE^&0GT8%
z`)b67{%<Cp{xAHBMaaBrLldMCfelSi+=dPyNgJ9GNgJ9)(T4s{v?*+8CYiTPYeO>;
zZRlMlrVY&m)`q4(W<$ROZNPsE;eqYSyfA?U-CX8#cqZq2B+VQd*OL_Zs2<KpT#dH$
zB@+9CA2ota7b;m6of@5*9B;UuvOT%@i%xX4F>)3HEhcC%=+Yf%=GHKMB5FE6&~F;v
zF7oBHqJ)p3px8GJzt2(<dvN;d{tZAC?7@kkd>@d=iwBaxT(**^&_vNFU!b6qK}wi}
zBinO?O9x_v*`6~`XyW{{d;{`E#6U6rfKJxG369ze$+IfvVvaln$vmoMif(0G&S9O#
z=EdJW_^XfGv!^G(f*A<Tp6aW|ED4+1=92<lY%M7@U<ETNJ+l){j&fX-heX1Q8Ml(f
zYKv?&?M*j11m7&}eJT*lwYtnYk%dAYT;&AE*17IiFtyQXk+opv6?QXoY?Js(Gpuy#
zp!7q;V^I1Los9ouI$8f_ILiCrJsxw!+VEavM6;T)m^D`{mQ`Zn3qo@#PCgc>xC6C+
zSIDrB8-~$MGVBgv*vvc(BOzoMD?yiq(v@mlA6}?qI$;VE$`pnv<t`nQ8mSCuyN`uJ
zh&Z=79WMXL+a;G7O6i7_)^0%hsr#A9bnmL3EtDnY!Qf2ragejA2c$wb#VZu)@u70L
z1(ZdO1K-LZ>Ly^g623sge5#1>@bE8VRYzQJn!Q7teFq}Y?6=X$_&=eO^>3#GTjZy3
z#TLn?E<v5M!Fk8IYzM`ZI6PIUW!amEK6c8A-z<$Ev#RKsNTDDSr?$Tk6oKmZCxpD9
zl^!K0waaZY?Ls$f7kyLaVPSar(7C%DD?zT3V7erSE(xG3Mbf4?3;c-B1(+2=#j}&l
zt%Lv6)7-9CJP`|_0t<ntqZUGFW3Vt0PnKq<XP59ihst0ucImUX(#jiU9BFpiwOQ{#
zP8@<V7CJ*{<U8qP{JZF6{hz^ExNmD#)3;y3wiGO}zAXr2eOqvATi|gkISxZN*%rT%
zwm5U1wqViZISZuAV(1F;NN;93VHXohZ)QsA%}i=~^QG2`_U{G|Y`BL`*1wkyWc}xG
zjjYeaWIdR7JP0FAGFR+fy_L(XP|Fvs%Tb}$*PK|0x!4ybKAA&MJn=qgT_MFLjz_Nn
zqm)8e#+Mt8(v2K~|09_he3ynY61RC-Z96`Mt2rc4m`6Sc^T>$UK!II<=AC$yvwHBK
zS?DqcUEy4)r*;yIUO9C;PTSQML1cn;jB+_G67NeIYdVxGQRtbRYJM9cVYbHgOr=XS
z)W2^-z4%Y`?-hm<bRk<bba=6X?$q;ShqLiJ<TYS)r-T@1<CP{I-6@Bd12at46Q(kR
zO?DqPw~i3v&%#q#sHiPd0#Y!V;ARsiU2>TQ1hE|eG&Q5kwH@FR^7J^h29|nTG;d!r
zZv}_WqM6Ig(#mrgBu3S}Woz2M4=@P&{cI50_}pU+&%Ih}No=K$APVX|g||*qqwm3w
zIgu%3n-j3GAzin!qD60W$dsBT;L9=PnuMgF$y33$<SAKu%)wX<TJr!yU}i<&it94q
zN}5)(YpJ^B6KqHvwWFKVEzQz~H_g+ALO5jC@MfNS2TT>w+BCKaifC=c5KRNkPNb1E
z=H9`XfdYB}@p!S|7V48<z(30t7mG<!*%dH3D=cZzv-FZ>g%wmjh(Lo6bVEMqbh%CV
z@Rxb`z(UxE1$D$qCtTD5Ba8+W`{xkI2LDO_`&Yw%x?#CG&UQ<=iRIUbVYAh;!^niJ
z`aOu!tTgx!k+x8pB`%{-P|P4HmsAnT2^Y#4VJHug{1QNPiHDgvL4iIfA_)xFHCe#$
zWvmh3=UR&T|1_LmeG;{g&98Q6LXbvWbfvTiiG&M@jF?5@BLITLN11s}5+#8pQIZ8D
z)>$%!h)<b@p&J<@_F^=3%`|b)mFyAH2p7^AVMw#HGh<9Vh8P$VPteKuzk<_mrxNiL
zk827^nAL>3F8F?tAjr@ha|vR%Q#H|_2UvM9OTBV}NKnUY5Gf^Qg9v3dvzn2b$gCX8
zv{4cT>>D9}v`bxOI7l}s+Cxk>IePfq!vkwT){;iLER?Pkg+7#%TiEfjnR$ZsC}xam
z6lfiSq8cT%6^UIMjOb&wVse7dS&aW{q_RBGY1os1g!9(@Sv8Kcv3~w<h8c8|%-C0$
z@wPZKBK<t<ds24Bmjb~L2FVu*M?{ctsSzWL2!__hQ_N*?2KIzNML(TtWsC2|e%jDY
z7j(z$gM&$T;@cjFC~O~NGtiw{BlY`wynZ?+9q3H6;Ej}1-pKrXBs_qDnvq6oxj}(L
zIfTgckV7^DI%J2{`wd`W^{inOhqfDYDGu$J6WSStvR%3M$bX{0KV$eqH`%U7DleoD
z+Qaz*n@s3*<ppuS8+h-aUYsUr8zt*$8W1*^$7~yNSfH_&3>G5~FB$BGzxoQdTzdp!
zI`NnoZ*J|?AY$TY3?OEhfxStV>Y4t@zdVmS(=W$~OB~c>k+r9p`5C51+XO_gZAjl+
z=AdtE0s4x_vjl&gq_5Y|*N@vJB+XJqcMpc=rl^0Pbf0Yd)$Sx|XnK;SO>b5Up-`U&
z3<~ubI$8g>aQGf|YisRw#B7zYSt6SwvFg^j*U0pQBr{p7?{8isBVCC#GNCchCbC8*
z)LX?Y3u%&QGXK)qhTItIrP}stBZzd9f_SVj_HZDWYmJO`q81VI;7W05tGU<6nA*;P
zLLJJyqH&lxHub?!`dLF7-N;aSBB?UxF=#aNpN?n7a^5K7Uk_%FT;HwKHbVgX-=P@G
zHa+?JdqDcJ#;h@F5k+E_JFV&3I+kcPUs{u9e94J=Gbi~VVbH>H<`r-`&cx2LGht+O
z;c^8*(a|M5yF+ZTK?UpApEC@hn{2DorLCU-)qLyMq|23i0U^H}Jb%0eY{@ofnzOaj
zfWiMWibaq3A37QTFLbj0U+G|?{+zg3|9K5>JX*D{zX*3Eooo<HA&B`r&&>ZBg<;N(
zGxOz!a$~tEGcb{nEtgWJei$Bh#`^`u@BrwDIRMJ<JlI2^6`b)mA)YsFsyCYu4xCns
zJ9~iyLQow1GQJX#(PQd4FNb65=6m#*Ic@qA=<UxAtj^k^mzbhAilk&J4I!Ri&VvVE
zxK}&{c>YL)`N7Jj%iu{*JPHB^ir`S~jo=~T|G@Z7&+-@N`px;&W8R>jd2mt}rK<m~
ze)5QWpI>$4t_B3PSl`X;MV${^6Yu6vuouNThnrD%&a)W>e0qN&mm1vL-Zx37c+UAw
zjuB?<N<JK``&!F!_JK{ITalE31Y9l!Q7GbY?I@HId6dQ=;oxoeFVE5=?TvY9Pr33?
zS<zcx?c_HeW2A@T;^fUlmZDZaED|fSWn(FT^*txYQt7i5VR)BH$3mQB6jCXnO6q=Z
z#FGZ>o~#vJ)`BjnrpprP5;t9D#h8^#-3flN4~Hu@L?POWIAq0!NCNATm<HB3)2vY9
z4k4o=o7DC2#cs}QB{qCbMQI@>Rz8XeGhC864<;KMVhZkPXtk_9k)z+&RAjyKd`hXV
zNS{x!)jf&xDdAn3Kza{&!EroT|J2t4J$)^FVkHE3Y7(Lft;F-ZT=t=>u*vr)Mv$i<
zYUhSqqz(ljdNex?0GmSG!<}g+&{HvTly_|uBE`tLVXm_T<3YvG5^E%-pCMqHzq*GC
zV}OCk9x8Sm14!(o9>xboaMU3m(y5Jb`OleVF<3Uco};YP3&+P@z!a5isRrcFB4H#_
zpd25sjJ!}9BHzdm8enu!vs}>Pyeyza>N779vacK2*vPStcAN_=e1W2_Z2y>z|9LYU
z(M7|@Z2W&#VUVW}APjV;&Q(~<#-Ao^@>Ebf%fvX)nP$-&siSE}ZjFR#<1;dD;|rx|
zR=R5Ak>=QZ>I;Tuy2&B*T|&#QhEU-F$9Dd+bLa^l`3BRK`XaNjlSlCwLkn~=evwYr
zZ=i!Qv{Brw-z2W<H^b##fZi|roAK&NlX;M9q?Vv^`#1`~qRGNz0PB#@_2;3QQmF)7
zmdsd71J_Z&4gmO`wP_?-bR?y7<tJO}CG<0?N=_FI2uvjIf~FDPDIA9l%%DRlF=L2S
z7^uXB8ev_iPS_xHSp;3uOqWeTm&MUF4C5HU{fPJ&Kx8ro5SxqvL=%hw#2vBmsND&Q
z+IXS$%K`-#DNyCCrAIM9tCOH8hAG*R8aA&pTuiauX-0K)|DSymQ!_a%mfpAlTp28-
zH*$u6sL5OH*ES%Zi-FbZvvsKFgTWr-;zg71xz;(mR>S<Rb|-!&yBK^a)OOJ=cTOBY
z_<{Io$n|c|rBcKBT<@ZMDmB#PxKkeYQv|o;woe?4R8!v%KruPzI>8rBf2524NP0PV
z(4D%F6?24k!dM4|CFjABHIHvQ(=1yNVLHr!V4JvwyLbjbR1<9kpx(5>cpmZ`nLmfQ
zOVQjvMB?JkSblzYxwx~^F!`Bp@Nqmm%~TW?>9p9DGeJO`8W~AdF!x^s$r84NOAak;
zf!nMeiOxM3qw~e~$Ypna7|ZvV3A3Xw8P3s-%#LQrG+AgA>?l++fDX>fX5VXPDmyO=
zXCKTHn~vGNYc(4DC5VRzmFQ&rRytX~jSf^?87>&h^8O9wW&^njW@K`qpExSP3n26D
z%&`c&)yHkO!Dbth_lnE0jlVx}jz?;28X14$X+(nvsU}hFznDvi23x;u*h)9T)~x|s
zNf5OJi=j(YbOizH3`1IUM#xRp)bcpACW%OTKQW0WAu7Z5Ff;MS3^(>6uJ;^?d6hlI
z>USfRv7yW(<^ZToB`3dd8Cy6EeOZ$o&-PjIVz@1ZKIK=TYQoBnS&2rqgSs2&@jDUU
z|84Vhbj%q1g!bK-F(@z*O%_g`5kFnQbG0+wh45e(tTt9hEIvK9CN0EBO%gF#mJ-8>
zrVCXrWM}9rr?2z{&c2;VoeW;x6^wacl6--iDJ2yip^;A^1(&$xJA^pKK@@UQBCj0z
z2&#1DE-rCXm*~8!H?{I;op%N6+n*&rAYT7r#EWi3ygsAi1zVS;PW*{;u~v}J6)QsY
zEqH61rTrej(DABp`X5gy5bjP%0<CF<N4E78feggvw1;F3$omq@*9D=k8VczqEu=3n
z+2rTvvewXwB#NymsM-H>azBydXDH506pWTk85!%iB0|vYvF_PK9Uo^Mdy&*uttOD&
z1Y!=831oLb_%z5hrdD*5wfd^mYX0XaQ6(0|s<8mNf;Mt9gYnXrnLzq7Q_NaI--Fpf
z&DRVybd%J4a{+3=SAAFcXEI(9rAqX-fGl_mgJAR8)_p*jd<#PefxL1qb1B^L{zagp
zZzPMC0gV}lhR?PGlD$?T2Pf@k(w3O(6Y`#--^YqtNP+rwxj>8{O3pB4aQ=@gb+s@#
zIQ4bIDY{8ceP;nq=^F0!Om(%&4-Ysz$=Q*ZM;O3ZKlCG#ivdh%MC%gDR+d`86}ZSV
z=Ra|IX4*iWnIR$11V!Xokww$Mz9arf8nbInJ<qoT`OlDVPchhs?bt+nA~Vi0^FlVy
zD3~a|YU$S)C9eW$e7IT?e--E(hRJlnWLXr0!9{oK`wKAHp1B2QC-$`u)Pu7^RwT0c
z@(A07FfdjU!Iki(8Xk~0@E9X3>F0qh#%l<?;23)_+|aI|3a3)949#`8O}^c?7cjt7
z&>LOy_;){<0|~p<RGw~9!fsxm^2REXN%xCw<<l@$%|}|LR8`)-l*hiyH}me6zRPI6
zy+fb&;%|eDpcfNtdNH+GtQQA*;2yz6^orq|Q49nd3_qQPL3Q+;Yt<|{A*BRGr8Ly(
zEX0~9dRUHn<%6i_nt5!$I&uW6dwK-2Isk~aV#n}t#xv4y_A_9;h$V;lh3==UKx%FU
zU57gPgA%Y?9|6d*AA%5zPjaBS$sHbCp_^>(+ZSkVyeOH$uF#!KM&3o%V029tonUz&
z=ah>5f)KidR5~Lyg|Z>lw3dZ1^Z~|F>5vh0rB;-6d!8(uH!`V=HcV>`%P^WbC7P&X
zRy=5q-1Co}0Z_iKM2?_c#7bWUh*A7Q!8ajl(qu!3>c=wPQ?M890dhfLPN_3%c#c93
zm?z`G2tk9E;rPXtp_^=(dlzUK@QawqHz^gape6tIgB((4hYVs;VGz?={)OVqoN=~^
z&f)&;Y@O3F5}#hkYRE7!#3m*pf+Gr59VC#w0ih21Pg8Ze$*MoJaMf8H*O0QQSDU&<
z_MIYYz)Ux5enF~C=M7mv!eTu-oV4!4!nWH1=}ma8wgVq=c^L$K^23z&r@6QbX@3#Z
zv5&kSH1VIak-Cj7OgF4%?Tx@O^%$#Z#-6e{v@LHs@*}HLk1oIjOw3sxmkH7IQZ!s4
z^#XM<tY9D^L<bU0rK^PO%ZpO)TcmVOUd?LAL)?7)bMmerILe@VgpJ*o!Tun)AA?5)
z!TlMW41%i}+!6#2VDQ=?cp!s2gWy37I<K$=9n4@Y2p+=VQ9*DGgByb2OBmc51P^8K
zx*&KMgAWJ6!x?Nm(iZem2KNqvFJtiaLGa}azB>pW!QkhD;42usJqRAj;9r8^D;Zq&
zN?XuT3?3N-k7h7@|NK=5M&@|0W)QvPIwL-GL-ElwZ%;2EAZS`^HzPY1hKN+h%WW`o
zf)STsGhT+DArHStBBTf|{eJLq#1+@0q8g6@8oZ6O!dM(w4CQqV`3{L_)z=_izC(h=
zAw1)aQ1m+_KVWUYYidh3S=-+)P+PTp|HxDk%Xb6$Z7p9?2+Nm*KnIfo_8da#5=>X%
zQr}RIhFXHDt@;eLEAxtWW#*V34VB32h#!@_-c*uqvXXyYppxNJf*;08oG&PC8{aE!
zOpvzme*=He#sr%-&V&6is|s}%L?Nli8dCqukV-d6ssl8;dL}kOs-O(yQE4S?4q6G`
z1+9YV+X)Gj&$AtejMgf~O*mZu@W)JL$Pa2_y2;Aq7N|_P3c)h4&Mrt3(2PRCP9~x#
zNh*#}`$C@Lb0{VW=1@!*d6`c$#>OJk|GotG#CiJPIFM9|qwhfyYxHw&89uI`MhtJL
zwc)RZzxuxR4PjX}Sd0Ai!!1bW3&#^Q5(B-Spk8@6JbCOo@~%LnXCE}d&1lH|_YD8(
zCi&mI0RO>DR*yU-nHXcEa|)8Fa|-%YqGEFjf{jGYJ*VLO<mb|VSU<%@pW@;~Jm^UT
z8(cKIV?9aan{P_R+nS`?wsx`J!z$F;P-S_YpTwCEu8|VGgv^XM_Sk+U`Pe>X>lBpt
z)<7nV{ErvK78}=>rS-E0Cjm9yH+xZ9$(OmVIi!GR`16&T9CkecsqhRxf>&`qeIkN5
zLD!Hgulzn+5jVP}7tu|&VtL_KBzCqU(VF#gYwJhsH-}te(ps105;I6BV%xDo@m@k(
zf9|`3YU{5<4yzb+zwKm!nB_AWr`8LkBk~Z+DS)u<-#2xqo2+~H0(D<&W(#ORzLkq}
zGgaoe)ao%`NXz&_Pu3SAFjJDE!7s*=Z;YnPc)AiFxt+vxG7vGLEXpyZ+)iRrvpR>m
z;01eWN4ls>Z2e>T0(CLtE7o1)`S!O1G1jl?n3b3s5cuaK+<#V3KS`Cw)1E;b<d(Mb
z(Z&XK4(kF0vyD_EWAMjQkh|fJ%4#M4c(s-<$R3J6&ft&1A5TB5!`~b6$6IndrEnhp
z-i5yl@OKIRK8nA~@pl#e{vCh+fj_=lHTs|UN!LEh&qJhZw{YxDhCVSUzz>rn>Dr7s
zb7okqao<qq-{(qsjg~+a1Z3Ma$uk-n(9qfHJg304hMv{Xx77Kd0^dVN^l<cb<&I(d
zx-x`=ET@o2OB{u%fV6=Gbwcn9XCrRth#b&`9K47on>#fq$md@k?v$6X^*&z@n21*M
zCO-^Y%bEBo#+>4k)Z|m!uzmVQ?wWEBH9Yf8>yMr3ho)e<$<DO56u*m83EaOt0_EcL
zNqk@5K2@wA{b`uIhW4M_me$Sl!QiRl2Apm)=jAYSyNs-|dl^kBJgV;jeJV6!E~dRD
zsjxjkSB3_>MJ$1|Xp0TJm)Fl1en(jWaNeMWoTpQVLeA$HyG7?*0fd2Gl6U1lArPaN
z1ac)H9mP=|X*1)yXz*}+FCd29$9{%w6n^kNbu9kgfWHm+W49RP>q8E{v(myk{VULp
ze%wH01o$K&A21Mk>*iB{)X!xW30}pZd}~dD|HdG`wPs>J%^<$DW`dt#5Z_v>)P}(n
z|7r&Dt+k3=EAl_f;NN6Uq>MR%XRAeU=_ci8f03X0#W(WZy#pm_prxcCGQMy>>yzbd
zMndTlOxME6JBG<Iy5tjGGKelYLzgU}OJ2|=69OAXZDBG(?GF0pu!;$u%PJnmS0lyl
z_yk&v|H9o?k}ZP)>6XEOgsUaO?=zG9+L2&DA9MrjpaEDRtcV8ij4ErRfljTG2Jp>h
z)=LB3S~(5i<xSR51E?-Zmw+DPI4d(yaqNt$f`^X7!+ZVjow^7@DbGVp?Ss3D=Wj#a
z%K6*z+kXD#_>F!u@o3X_4?@A94}T8PnBM(6ovi<PCgxY|zQC~fz9_z<ob*6m54P7A
zwNAW-NSN+RbH%>S#(sIO*yC*MSLTWxx3T{*SM2dN_Nx+03a$|!Hz?O3a^fVWVCdu^
z#8h9CR6WiVRg&0HuFNlX!Uk+DIs?O@A%*kD^>WU#+R1NKYbjqDYs@<roiY4SPFkcW
zXF_OGW2P*&YbZlxs>l%8Dl$aIMy*-$w{{9h6l<0|HX+Cnd1^usB=XRNAW7tz2|<*|
zBNKuwktZeuVIp5l2-3v*Yp7M*w$+!0ZPgZR^`)s=eQA?cUzp$O3zu7!#jV0aHLz=|
z$z|&2Nz@&qU~+AP@&4CQW}u(@2>Ave?Zx_jMitAVT2vqFhpprrG}j`je%MO3Wxk1E
zWPUXKpWGwI!}X%g=tlO)PbG1!{nrHgNeIbE>5y?^#sl9?SX0-}&=Pk)m+Z5xwbPi_
zEZ>VCykmAMAW~142p~eDKf*m4Vo_a0-yHKPg6En~Q5QWMu8OcUksTHnsvQ<uI}6lN
z?GTj&R5yfc5Z^)s?SxwlXXqyN`~<7Gi%->r!?!G#2ui8zi%{qLWWGn3){v|ZW_bjg
z8omLAT$!tkHRQrIF~NkcDYkrVBgqIU|B<15hoPJ<D3{eRY%$WEk}SKR97YDw$T4^}
zl;C7LElM2)+WD_MwE^Xx|2-tDsP_hV+tvGhcsta4BfOpJ{Q<mP>b(ixZuR~U-q1ed
zS|0h1Cw4_5=_dJp9@9+j!aievdLL+%?<2(53dP>}F^a@0%FXKB0>|#R^ab5amI)<=
z-R6>O$xMvBU)}rM%PjI>v+OupuG}mOQy~x_iF}2F^Dmzigf9(AI|>W~2+NGzfC`eE
zDD*p_0Zl|CK@&+fG?hf6?wp&`^!gNR)IbGG7OOp{nI*RFLxAdN#S@Dp;`nqIWz4&`
zC49aWSptR%WCtLY*Wuolu<15LvE}htn6y0IWXr!>T7G`Z3iW516j_!;SI`=M%-)w`
zYS9r)ZWt4p;xqF+>#08>evpf|r-WR(Npde(fLxAwr0IUq1;nVj083<D)CEgjeD9KA
zvt+{aceM+FG*k#b*D*MgssqoN#G@$K&55D}6h@P<0m6)r$P7Vh5$cZHO{H+*TPj62
zS*eQ`sFd(p&&xa@^&(OwikoeLjw9Gm_Df7HL(23!<U&eF*-s5+xN<3!(M?jec_GT|
zTD9<LnkeJUYA3%5o|9urmk{!KJ0hABq%un1fsBE)%P4)PA^J{3G~Fc8|FQtl;VQ4-
z&-j8Ag3TZWT*8qn#e|DUGs3L6NSmZnXTs&b1oh{D1ph9i4yfk`?){$$#LNK~Q)}HV
z5VJNVkb3~p{@lsE>Q1w4#Sd!Uizs#w90ZgWqnoV!wgoDW>X9y1lhn{94Rl#DT`2~2
zqQ2vqV(Po_@hj#QW-z<hkIXL%QbaJj#}i$w$L~xq>pHUL=SXFaHCBe2?GdYYpxUtM
z{hf$q&2d~zYECy<^G_{MbC}w#wNEoqC;(DwM$x0@43Yy<oYa5F)IZesOf$QZ%n_@k
z@K3*+I)@D^i}Cj%5BAqyG{@q;8k=HW-j7rfWAgz7qsHd-WD8E>2wUhT+48vs*rK)~
z?WbReZXs3LhiNDTx`klVhiOp6bc@tg*Y6(`9Hd$8P5KnuTcX$qHrUuP;@Iq7z;%L)
z6;@pIDX!RVC&32StldtuVJ5|8llYj;%GfcRE7K&W_GMH{W;{eFA+utCBHlLv$cjMP
zjOUnRWW%*-Ng`j{!rLN9E#4Iklif#Qy~^A%p9_m5wy2FY;NURu^h0wMiTdPHT<u|f
z!f7GiEHvLfQc}hAwq{2_&A@I!G9FSTToOj6>sqYP9!(9ip5!D`n+caJjiOU$umdFz
zmieq`G|Zx+VItF0-w`YOmjF_jv3w%JOgAaaUtd6&6Y~Q>DKbF$en{krFqI-IkwCr)
zHd1s|Qof-P6chW3le)sJZ%@9LZ7XLi9!Bm>{F!|7{a7V^7V8%p@dzXMlZ<#Yh$uV}
z%kfwcQHn=A9z-mSM?4WkTn&OEh5w2XEGSv{uY-u`IJr+Uf)pfkJQYMFa{Pu7%r^NS
z@xq@DBEB7ucqWLrDIW1#Mi5^T)$f9c1ghT$5eZb!BBKB5O@Dyn)cWy7xb#FCE7zO;
z1VGwR{~zhkh`;~l+Hxd1pXt@dNcAzx<Q<@N)1Tqn^mI2OzDqHLEG&{;jVol$`g?%k
z8K0b6`)|g|-F`>j`gty$@-`8nBcGJp@F5zKOgXU@$AXY@ZG=!w!q<%Y4;OMxCTxW)
z>R%%e`83+pchbnaX7W)`rlLmj`p@d+j_`%kNZog9rW3S|qTc6cI}q1d`>~-rEpyH+
z=`Q=th{JdK_QM@A_}ohd25`p*K3v&ic*izpx`iGMBdDIrnB<hPs5gZ!G5l>=yGo}X
zMqlGUXKIhVF|s!jm!!B5yWNX?mSV!#w^`&%SsE{47UuLGgI(7PCF~`_OTzrDrr*YJ
zcQ3wDm#XbR1^sdoP)P#X1t47VJLqroyXjQ?Wprx$foGV_wldJ_m*}Kx_X4+5yIp>N
zD!;$Puc<TlOnyoIav`*!%ru(ZTv|%d!Oa<dDw_6TNsE24FfA*aNbAU3KRA1avp!v*
zV!&y`Au*C#!~t(O@)k-CW%rst9tS8I{}Q;|ajW+@wMRi}z3kK;qucD%9;b`yJOS6z
z#WQXPk*?ZKK=rp+U9+Oat**sL)_yc34f``V7#B-$`bg2O4h?7B>b^t3d=K+he3Fa9
zt<_cIwO<iZ_G^Ste_oGr9tp}RDz*l7@RBhLZ&Ig(wqURX<du=WTy=7!H(xz$q^nRJ
z9VvU6>Z?Xtyln4>fp7%RK;Ma^{h(!}D_1>aq@1sgk9dXZ@{vZQe9egKWvk;Wnrc5I
zIhH`D_5gx@A82zbwV%UZ87UyP06;wls_AiR4>8X)C3#{QWZDRdw0$Og6UU_Jqtx%o
zeA9w=n*J5p+TBEgbKnS7)~j2sp1MvLW8gSFj@XlxSJya(y5)jPf0^6jit!qv1m5<7
z75s<mNJz*V#&m0SXg5eQ{X5gkccy}Secj!uG~Odygxze3MU5Mf2u=|WziF9Cy#x4G
zqP^-zmKzk`#IGO*I~sQ8m)CAarFN!rz0W_7HpogaS43@?y=T4K3vlYBb%G60;_eyK
zA|#L={;a0exb%3ndeSMCG=A4t#!oUi(&Lf??3TMpsZ=JlxRlBthTw9iM_O%1|JCK5
z^(L@x*FM?MV^hP_uiZyi=Q_6n|3>t+a<MtvQ18W3J3h9U-<%uCXWjgEDmqzbZ_W)r
zDyxUh?$AA056EY7<?RBfR)&8IKpU2DbDJw;7mF4?qB8bcO`aQmxYAH>&E!l3k73N1
zNMwD4xY99PO(dkVfP`Z+ncU3ySW`MzsEltfRMt0H5*}#IVkwho)5KR9tE^{Ir3fTG
zf<Bi|{T15rQM94aleeMP#cGQv<Wd0zcLvg*^9s4jW%Vqa@?~1Bmf;7Gq)7(|3+)x1
z{{$jdBIzXqec)GjfTh_auC}brk5w)c##LK}@3RPh<kW5f4LX#xkCj}fL)sBNzPea_
zS)gVkWSH3^Uh#}G%>f{n-?2?_dD-E6x@Dj!70abYysT368okDCUSnl!M+rVJGyE%H
zI>_YP3>Z>uE@2@@k|IzU-^}#mlD@p^QLk9`8Zhi}<jKKj3;I^Mss0kDOUY{j(m_Mk
zVBTx0jFp<|F5K}_Q$X!~ZeeTAYqGSu!@n$4#+nMC>FdCCMzyz;E0^-Xw2TQid-<W9
zcuIK<=T@3<PHAw5??j*A09U|E0vy-qayTn&MGi0L<vq9d3*jsWwt|;~uxN>wvj6a#
zt6MNcJqB5j78KSMd#`x!BIt}fvaCfDIMw#r{XpX90Dz$$v=l0tZ7aEDkSzkivDZqh
zboC($M8VDFOqCV*6b4uqNxj@)(L+Znxz*tkUbg|SuslRId+z2E9)BRsUVf%jaJ+)D
zxj0Jg?x7N;Lj9OBcq<xBHBhN3R6$--R0nxYrN%%Dd5sIHp~~>5qH3t3YUrd=gV8`0
z)j(dcvfgW0S1NiKf7uFNeydlQIp73rVQVuGfH<~{#*NRQxwHHCrBkWG06Oo%A4X4X
zD=n^+S_*>=-r|bavUaSr7+;{oz~e1$*Pz$ZzP8k|Yj(jV5O#Spr6rEHMA=nRb}a$B
zmXKYT=TYe!c9kRSD#zGWF13a1YWv@^t2M!{64=$cu2k}H4PDsfZS|JK*aZOMgk2Ix
zcJ2G%bI(6tsO*0)954vnQG?ViZ{A#jVxiD^%|?lOi^pDD-vi}RzF?Em!M$er6_IP+
z1{~w1#oprbs=G9qmpSNk;I7>TxgI?czGQaEm>JGW3Ktr8a|u&mF*L<A_9~l0<sL0f
z2}SfaWNNJUyLmTH?ZRI--!8s(_&UVb0beJ4_-V{{th%k<XwxHkW4^rVH*VRhY}>UM
zU{hAapnay);dn-ic8<Q2y`}@q>!=@EE@96#A_hw%Vz9K-9X5RT!VUkGIr|B(J9BKe
z{iG8O-?gsP>0w(~8oqt2*D-Uzo5Fqq0OF+KB@PWg`jfxlU?~Q59uG@hlWMs^$9P!Q
zi&}oaNXGkA>R0KOzof;_^_RWSn;xewTLh1o+j!ieyd4JGAjqlrVT7T_HXi*LB)5ZH
z@s3F{4Tw4%y4hx}nXIOvO-M%U`E&mehLaRLYNdjq%`lrdiEwi>TGV#e+5j*P=EA0O
zI&>|z|1~S#g8_mWe+7O~M!!0H(Gj}+0eYuttq!yy!AecAicale$a%k0dxQ=+%QdlI
zlg0SwObZU_JqP@N09@WeCcn;{wh}CLvld~=A;^$3&B6xvb~bUAiMvY@BLrvwy;A6q
zm|o6LVXT)GhAU4<4zV%mwHg9jkuKL4RZh0Wl1^X}at)0#XY0^8n;7Q`pQynAM}6<$
zuvLpq)lm0z>b+9)c->dM;eSzaW!_vwb^k3yu{~f=%Rj9FF4Cd4E83iP#Z%D+Hx21b
zv-wf1NPz@85BdbMC)#TmsQ{Ac>-0aUy`&6nLv61eC-3kDSoViley5pIbK===>!TH6
zTbvNoTT)Lm>&gM!7Sh1UmPI7fqW*LOobkpmT|^5)87%8vL0KwghR0oT9!oDl8MApj
zyg$G?vS^2xkHJe7qv3$evHKlUjOm4cr@9-YbJsoW?~Z))lj}X@^s4rBwXlkY0j<4N
zFjnYR3(I*FiQe?!qJFUl(`$>4t7|Y)YgZRcC{J>}W_R$DYZGl;L@hgFV-(%C6^qlk
z%$R$dP9Czu59efl6<c#U6gYIv=_T;#n$uzMIn#`hHK)Vr(XgyJF#>Ha@tBIaqV~+1
zQ!e!ow8|442QqdXDCK)I01C~eLd1`0LI%$<!U(U7rM=9|fXiQ~nx6IB2`k}i-<je2
zGN_f8$5`SO_){!bpW9wR&Lc5v$h67y%FE}x%=TOf>AZ#+Og@&-!@tTYGu!!#sDjrx
zgC7OX4F6n`G=?P&eIX}AAM|lhUi%}u$>=5UdHKprBYsfE3<?`>fazN<HJ52QHUUS|
z3{0A)%KB2X*PL5*AbwVMN-@otD{6twGczk)4`HN%X&C^ATbLhz%^<QFvzD((c=2|Y
z33#;3mU77}mzKa<MVb~^nqCXa^gNGcdbUh2DASWN5k{H<Y&{_fKq-?rJe28`TBOVt
zZ;4E+y<*-g7Tms4X}gF21=lO&XU^>9!O*i#@(P8(KlbJdqtr@ag!)!BhW>gnOfj|&
z?dAq;<!&#RT4CtsO06KIb*9uN4JH9;uvRo!D=2PLvJnK~Y_L|3NDiRU=!zu4G-OL*
z9z>CNQ5nyFW=d|o39{kN;N?$D$pK=Zyz&VLQZ?>ncWm>r*`ag=6CW#OLpR`+&y_^c
zi()e~J*Ski6))R<JaYr!Wn(gV&*&Tf3JVDr<En+)U#L)JEdRaLYr5XLhW$u-hpxA>
zhncXfr%FH5cnPzkMb}$jnh3v4!dza}{(m&XZT{=%RGS6Xck8nV$x^fbdcy4r>dP5u
z^^Z{J73#baPP)2gVhvVV)77=&VtqBog|+Ii|0+a79}VHJ#mQ7wrYkLY<JCWanQIj$
zsyXtT<}hz`JC<7H%(~PoJtocx&~2o$ZN*XQaYt4`gC7eJ6bT&-^gf5oLkBsv=fF~1
zv$7<B6(PWiCdUOm<ifJ1);@+y+oA%MqwBT%3;wnEUHx0|&Y6~W5P~X~LH9ucOG^o4
zhuAE#maa&LA5d2oc+*<B6e~N0ztMZ}gPO1i)I>`XRvVC3cgME=7n10Or1`rcdSQhb
zUa^Tf$19h;kWByYNuyMg`L#?Srz%JI(!um`sMNqBM5Y*7@fmiekH@dB($;Wnv)KQz
zGrgZlC<0p^g4jpp)8Ni35~g(~_D6@}V@pJ)foouAAH=w_|5`fL(`!ZMsIGFR*`dZX
zSoX&euzl$e6*sIeP(XFTyG^7FVvF?`8M4clMRtCkaLfV{ajvblj{B5*#g~yAIzUN@
z6@;=rK86GUuv{*N)0M?=dJG)5CJ{JUXme_9LidoN{}AJj8+W;JUlWHbidqBnP9F$t
zcx$mzsTCN;#b5x?f9TZnPNl5yS~Fsmb|-~hDEa49D+cqVaSt=@sBvGVu53oAS8Jt(
z*Yb*#b{}s(y^Xe5L$+Ao11p?Mu*&R?<kR__m=(IpoE?5FS6Sa6TyD+`-PL~%>@&73
z+VT)}4pxT^OnSS3`&Dph=hY8&rWsvrKLuKl+1%Si(e7MyE^5xGp7p*UaHff_XI!y5
z(?kcZh}cL}dDU0UenDeuaaU>)*WI~}Xm#%2v#g$#Uoqrms=Z3txNHinUl*k|Jtoxl
zoBe>0F6;-Sr5V8x&Z{WP{0A^tq2_`%GXO0KKu;nZNzMxe8H1Q_kiXu=N<?Bky^Q5T
zv0t&C-H2vwhgsa<=C|gmi_H>p<M3~!al3~fa;A?0pUbP%kkC-?ji7X8wjJitz6LUe
z@nmJT1CTup<cnCnU776!q|HFq;hxaSY!@KuZrEupSjrRRr84Z2(JO(|D|>Cnmta|7
zAq+-Kd%aaxVLdD!aX5#aGFEE$+P%t3tRHhJd>GGid)cAAyf&|8#U5T;WkrwI;<b&p
zpHLZTjbs}~HheG>So!oE7UNrTp1Z2SMUL^Ux$?Gp(Rd>~xQmgcHX$Jk(%Q#Mps#$u
zv9R|d`?w{qTaEW6-4|X1kt>zTrQ+zHFqVS1ur2fD?ZQm2W%wD(Z4ZmCc0Jm&+(v>2
z(KcMP<}>ZeoYfZs5q1QJ$4I>g^}zNRMrWZbHDW1PoZl9d;<a=iydCT;_mz73N=y4n
z-F>C5zEWqY!^<||!qoJU$Xd9xRP{RC@>Z|9`Sh{V5!dNfY@pNYa<SZ{F<oA_+hGIU
z-cq;I29|m~ZkG-8=mNewbh!sUb!_v{ke&E#_qy=g;dSG;(_4z)F0W@>eP7bDGN6S!
zDD9}m#bjaM%OH+kFX?)Xt<{4T{f~N||H0P%ONBPnxv}1cJePWfm1M!Cr9!@xw;3MB
zE<<4qRxD;a(N$2|jhy|!&TWAC+dw+HFjL55he8<>rnY6?uR<_-8Z2uR+Dh`cZr)gJ
zt^FC+m@V@Wth|qL*}e0i=V1c3mb})|l2$A%xAYiO+-vAfosWJ{fQM%XhO}dut)bnp
z+fwv)D-?EMVV2t=EyGU(^m1pKR2MdvcE_a9+s(^tE-eGQp#KnDR@%dW=y-c<^LF=^
zjr_vft?Vts?hx%_*yt8x!|<1*!rO}Kti%3}Oxl{Tzmwlu*z7f9e}|q@vxb|nzawER
z|C6l7;XA$NYO5h0^ShNsKX|SAtw@P!TeH_#b1|4$)_mM<<Mp9JE4{u#`7%y$aRZ0r
zbO9T1US{l)fh=Mwm)V&Ix8kHkcz%R@-H5#eum78|F&qtTqWh5O07*1L?6m~;IdVpd
zy3Jzww$tIYsQRrg_8P<o#C4)<wuRe_hQphOAGSlY@~C0>R`3=}=UdC0OUs=uZ@I;@
z+G%eWzqcF>xZGPVyd8cFxZ68y#CQ;~>ajTD#^E1Zre2A8c0^gMJbjm%f|5SsK!r#b
zSiCt9_|0DHY~YMgqIGeHZZv98_BrYod0-2+_c^)5RqHDB^J=tWt&s*xtzCYbXi0GG
zdjcA46O>pcJx<|iU%9BCjC7TOczFOhF{vyJKMBZqDKok+G6dkpbRMfHnFD$R$f+4-
zu30=MfYWXaVPj65JeJFIdAt{Z^p$bE!x_S}W0=v7)yg1f@FoNHvNELy;_pFID)8@%
zc-6$;A1j{HL6z}z41N!MggZjhuYq@8Zb9`c_q<Gb^>-K)yMlKNWIe4|A5wDCGZ;I_
zv9vlF>@r9=<8Dt^##$CZskAs4fm_nq@~R*9pOelEx#>*HB203#LvAM9;<TgzOQ!)q
z`{q*pnD_mfYg&)ObKzxf%Hbf^SZ{%rZJau8ADo-zE;l#1B?(RtKr1(Rxvgpc85~m+
zZ^r+v^=AFw(TknrQf~A{7#3bm^QpY)cC2KYX7&=-vT|FenZE?JN<R@m4P!ZLyxKbK
zdc|sSXfFpVBn7WnTTJncGV)ZEVHi0MFDH>YOC_7I&FdA%Dr1{tz`|TWpdZ6pj3%#n
zC<fX&-`5C2`kETt+^X>?4%Z~~GUFWX2Zyk1rY!+Ev_1voZ5v@NOpFOy+x5?TXdry5
z65fAJBG1i6j@?P=C|Hm)K6MHfIo95=2|tb#8{-XveApE)ksILwWtdnI4LGRSjP&62
zfOIJ481-Nw74j>Gq%pjF*veiZY-SFX(U#r`QO%>l-26BWY30XppaP*%7R?3|4+~SZ
z7H||RXyb((QsAeaVF+h30QFob7n~`OG<kO{KMqxb#VI611S}`YMT``De2QWw@M44z
zg<xeYLN-jtXzCc@n%<41j#V;>IafYl6<5Y+^Sh}hU?D%re!~+gYC>ir{;c|W77=D^
zkz-l7cH)k;k7*bUu|L|QGIj!Fbel}WAo4%aDKHnb+_GvqO;>Fl8+t@@Vr3^p$jq9e
z_lm`^Pu3^`X=*o$VCZp7?5K1c2li#rrz-M_zUU=jBrRp>Vo>r0AVJHxb`s7*RzpuI
zX0EPT(t1(H)X)=#tj#chi}kvx9th)!3nuq+J?p)E<h+uXFXg1hTJF$~a7_Wjf}l1=
zoC(Q(s3g_0?pEv-E$aYNRy)fwrNBbup%3B;HbKW<t5R>kGcm>tU#nP@7Lbk8UBckX
z<}pmTc8N&yY!`NAT!U7obwf{8N{t;}<65IYDJw%yd5s;%Q=b;=XLuYB8!#SLJRAbT
z|3(gk_-()s2EqfiXcJQz>sgP@UE!vtMHp&H05FHc*ak+d`YiJ`X!|QY7X$0T=b?j_
zi=(?yIivi>a>M9{*nNA}=f<EQhz*P0sZ?+3B>7$O<^cHo^Y=Y}619jV!h$@`cL0Lk
ziX8&4X=sH*<FUQAL^?Y`=)X8r6V=#52vG#NKBag}YfEA4^c<Uzd*B(M)PoUvnI7?5
z{Rxn%c|fcwn+lQCz^V#h-s15RHx*!}=q^Ev=kd&6?{g61RXja}lUnQ@-s0RC_8W2<
zUBW35b~;QtutTt<+PV^!l>)SlF_IugPf4{5e+%0b;|4KLCK`hp*gL(fmA;<!dCMiu
zs130*S&fGJF;)UqHAA>DJI-A)xQ`(<>v3maBk^#q@m0og!d5!&b`L4S*^f{;n>E89
z1AREDL6)IM1|4!1^M~%y9>;Ef;O(OLxYn^5L0wnESIXvFsYAr+Iehesd-eI59Svgf
z_R6NbQ*PuaWBM%4FLHaJ@8!8lu(SJ`WSns9q#c0k>NfQrXxj|2;2xdUe&}MgnLZ8r
zWNqA;<{H07t`$WG)u)Qi=OP_eMMV+TN(qZ%2#cE{pIAO^WgJvxgXGL9nu_K(id6Hr
z`81(XZyezfwL3FdzzRNr^`<D9_p7nphGVQ^e{-$wH1x!$FqUY=VaM?-2WyFeVRK_H
zzapE<Kj-v^2HyYA66z2L%a(PXxBA)@(=*UM?30<95@*IMT>Shk%=!N&8rb{f($He#
z8E;vXhLyj_2>8%q;~D2}7Jl4Lyyd1^7xoUt-Yu{GIA#`Qv0u`ux1yhLZV_Em$4-1@
z3^s;t$BTL4GRPywy1iz0=PBV%?;;Fm8b@WKt%o;Sq;&?2nTn?qMb#{K+TFFX!sc_C
zM*Hf07!H3E*icjiMW^;B?vKd|C#MilR%mZ79|kLKxuGY^TwvtU-N+$O%`^NYMzaS|
zH)mS59F37=R4NRFGLFA(ZmPFXB^62;2Hd=t+2-X7BTu;H!nQmPOv=vc=tqGDR{GGJ
zWl0lOe)|cSqTqlf4vMbm<AOA+;<@E*GQ9@Xq_Z5V;QDSh3C`DnwJ>%iNhM4Iq{Bu0
zjJF?O%GR-{f|WzX3Ib1$<pLngXS6$I;y@bgr1Q-Gb97oFy<D8e=m6w+uFqvoZR>U;
zZ%~no@yH-ni)5!jRAYAd*LX>yhGs+i^XdZ*&$sy}GVktq^bhW7yfAA3X^jCsjz`?*
zpd4#7mfzDS<8a=}d@pS+cZ{8Y`FhrGIsuM5bF$_>OX5X(`)=KV7`?*8G^E!_4FK;g
z_|~K|uxIc0wspUQ$4^>uCBGHhU+&4hn<4ybi`ohkCBTLsbo;*?d}QW*xD<u$<oDCb
z`X8W!XZbD=H|u{8F7F3Rh133r2yXQ+j6)d&l#%GNLQ}9$G)?G$J9(&^I=g?<Ic-Qe
z&GZvjt;7pJ@5O~L{nDm8xsEAjMXuu;K${#vGYC^6$lJfEAIPTO$tz>;OvL{ia03;K
zp4dizGQp=K3AWR}-d3^prz}Xi11~fA7qLEgAHdXIf@oWDG4Rr@J-i5+O`Vs)eHuC<
z?Tk2;{`5wiDaXCGL8lB-nAp`U_b|(e&h*8k?l`oEGyP%f<!+_GPcd7U5^xzHU(@n#
z{4XFwX}QH`vbuUnj#uIua(XwI81cDP!A=}GNutQ{tf?TR?C?#87lJRuL796YbkOe8
zTuOydl%6;?APIL383?L;Dg);@a?8+XPUB@pZG=c;bakO^z%05GUswW;9*gb3ZiEyD
z<X<H80$dLR5U=(h$?IC?;xTjK389H^MUo6OOul!%BuDVUp{XSh#a6s)`BHZK^#KS^
z6EUVas}b5x7l5zN&`z?_vlK;U2AiCzsTB~d9)#+z%WV7!wEsZKX_waqr#1#r`(-xl
zKoq{iazT#YA#BCQ*~ACooq7)P-hhv=e1HL#o13}@*`_wwyy(PLU}q=p6*uee2Dkqz
zd~^uz#A;;3XMGqoEeWS3*)$VP{TNsx-F<ha%J_T0p~Nz1@)I;Q!_>Q%Tc?f^MObmH
z$3Q~8u}l&55fQqObqVf223PmsVzpi1t<PcEwjUoEG2L#tX5Euc)~_)KFc3<YV7daw
zTcak^UQC_w`{`u;Ivwz1fQfmmPvGK{DDg4Uk#l_O(RTcYQ-p*~Gxfyh3TTIh$!mX$
z=O>L6F?Qn9fcI(2k%r0t4kQRL=JP+6PG#U{IsR7lvn2oH@Kc`Oj*+D7)bIs!D&>iH
zBiMfCcwg;q0G#rf6NjT$oT2eJ6Z8^Xa&_cf1oQ63P}&~^J`76Jbkh^xr%WGcLXhzr
zwR2d`9D+pP%o^qa-x%cmFJC+WNCW}m37g?1n(t6LSsyQ%N_IkthG4n^=lhVyurq^)
z9QUel@%9+rjrkIwMXlr+4QaQWoA^O%v_hu!4ktF8QKDN$&uh+1+>dn2QRg=QH~@`0
z5d2Q62QJ4|Y+z#$6&AW@u5?=awZL=@d!+JwmEqSo(L?I!PM?=kRUm9qdilnMFXQy_
zNHLI0PhDS5x#!|pV-~GW<xEWHd;;9T9Oh?CiH_6ezn*E@{1fO1&#5nSa!d(mdFF#D
z%Fp5dqREz5;ePribRK}2!+>iM@QDE93kZ|P1TaCM>2HI@z=EbvlHYamd$Rnl$M4i7
zZKyZ}UZ@hE5GFp!DL%<9KEWV9!J_uXo}l|8@)z^OR-cIL9aEIsqMNR*qMW)D??6zZ
zoc=S@gXPJ80=b#Vt4Q>2h|(?-k=av#g)&PwJ@J5%SqVXAf5GsHJYled7d7z_CkM4`
zpZGaKa@=oq?LAaE>zz#Jn8;e%sXYlw(39}>d5p-Ey8}SC${l-ECwtYsq_z_DDyE%F
zDwhzh-7M?@r-D@UoHx+P`lqo1ka!0B*E-V@J5A`)v7X~=_qw10(UL60@kVCO_@~p!
z`e!gN5-}*_yUH@`IoODdB&rMFB9o12W_2g7Mh_Cik~dU%XCfAe-$W<t{}UZ3yf?$8
z@g%X+3}H?tk<&~$^@a{m86r80*)skFoveR09UyrNTq2R!X@-DABBz;h>MSDpa-e!A
znJwc_(aHK7=m5z^akKt8aQnA7(~@dh5=|2Zl#*nc8Ky9;fYDc9;yBNhrr!!kW$d|<
zPY(fagFEmL@8as&q2FShtvv+BO#G7iMZE13u*~pgW~TO02uj1wMuEBly%z_t^_zYT
zsq${}7_;01<jUeO-X?I$wlI2FT3Q>S+>jZ}rhC@b7o{7W=iDv8JoN~QsXdCH<=D7g
zld9AngJ13xTiSCg9<$yCXcM=PyX~@iYoX_OOzE(w>18gdtj|?WT6f!JvIm+UzQL)O
za_#p<SEurarqa7Z5RNcL(La+Hfqu!zH)4J#_68qr@Wbfz1g*yj%xQ|n`d<27-A{3r
zjCC8P%E|Y`(&~tjC@(;m$AoXOI{bL>W^Vk`*B3AhMhaOmZy}O&o|0}-yVBl&pv870
zw1+-zoF3>%cMjoj>_IED>FO#Bw2iM0;yOpVCeJ~zQ))7~1>V|=sdJve541LGnU*+x
z+=5S~meaLuR3LIZN_?mv&v2a$_xIqV(QmbVz`Uu)@zaOz=iW}#!S{0~UP<ue!vLx`
zGYgUxNNs>htVflkl-sbgsd4ggWXw<f07%Zw1^3TSJ~`EN7+R;_sWuuK;cW@Mt;P%6
zmld1(VkfE*8d`6sTx9%BaHz&JwNJ5{9M|w2At#l3mNGKUR4})gs$tW28&jFaP1obM
z3GY8v3oG2I4k7BIGrFulUEWf{a@UqpHr>9Z<fc2e@YJ?j-okSsS+}w!2QLq4yKeiI
zT!nrt2)iAK$BFR#=(jM##V#8zvSO=r20NzNYBP^>kM)%@wVzk{qJfvIwr~|0AXh=S
z5L?|FsR%NuaH6WZFHd5Hsj%2l#g;@8S8W!quGy&ilBm!f3#LxIV!I{h6>Yt|Lc4?k
zHMR2!9b;R({8<Q+u8!G6>^6&t>WbM^G$yIYR`;8Yt2`T5?`&MXNnETENtSks*MY4i
zbwDjqx1d&?S}T}1tXRH%40~1i>XL)@$C_LQuS{H?!O6MHGdSpWd8Wh5U9LJJn>zXL
zD_>Qdv>N?UQgBRtaC`%D7p)I>VdM4TIkp_qg!RGoYRDAWR@+ILg9v*$!33DAFd)Gu
zFmg&GSQrXpx?B~lVDkdGl)xsnumB(0)aDKFK|m}lzy}Gjc?~`hL0dg5g0^y@2-?aS
z5tN!i!Y#6Z5Qw-fG#~`s#liwY&|hrcpknBJ78c+`@3VOWeCWy+7T`l)ws{RcT=%6Q
zRaOr`jzoEAEme7F4OMw)-8#0QQoEA3-7=}vA7<;b@5J?)XLVR^0ezP4+)~P?yS9`H
z>FzD1VtVNooY{-&IIG_xx(!DLI?=aqAj9o4IuIv6+-{=-i(Z4f6!8t%TOB<#O&!>X
zlMTEAg<Z(3D1(F!T$b$Sg=&fCNucoZsupqdq}qqOGz|b16@+ErDs@dvEjCoUkddiO
zM%=xE*2N)_FeBbWsNy_NQpMuTq2MwZshfw8k&4)qh=t|qGGrt!qnk<Bo*;rH8Vydm
z29S|-nT%Pa!ZwJcG8swNKFCO1CL`$@1raRK5W(@rYqE+A&r857J-&&$OS^g#dV}aJ
zq(raRhVh!ZsJNS{;Mh1`Q@4awk+X@srlnAMja1~Mcu$a*XqBGXt+M;<R%xHzDowLn
zWq5Y0;2>wRRlM1)(lNVLmd<V!QlDs*`m9#zncXOR%x;v?*^N@3t5L%7McYD~McM*=
z-?jyY5_r)TwppUhpbdj&Ktt(Rqz%)f4I^U_PI+N0!f6DIMPI?y__=gLrqjz`p6T)m
zmuI@Y;^mp8UPCZG9rBOY7Z|e|M^8<5bP6tbWRyC2Wb`@Z)hKexE0wt65mhDb{Y6A|
z+z4;TqjA_#6yA_W<CI^tt<}cpd6KA###I<Jn%6)=@M4tJ&^S5c@pzLAZ+WY=(fLRO
z?HU8iQvL|bRUvma9n=ELD6rcojNKdfP*4?;XUm0RU>Vsex`e`lp|+ulK4H^AWl80$
z=oA(o(6fwO6}>`X&<1ws4$8%yLpw~PzuI(W^eI%)VJ$xJmSr?l(PI_Xz^=<OM9J8e
zl12-ZjBP1tG;JwqG;JxXWNbTy(k)GZb}~vv8i{IAOXjsm(@J2Rr6y=4C`L<l&`QvZ
z3Ih?gm7uaMzMz$$vu(Pdm7ugOzMz$$wH4MtMWL+}7$%Wc!gylS1+9bu#o`NE2_uTa
zBCQk{Ns(5<SZC7(t%SkO;tN^{qn*NnR%(PT0Yy+*Jp(-uvn8w@p^YUrgbdOmQ)ZCX
zCelG#8)qr{Uc=w2PaeQSbAOy|e_R*0KX&`SV}GQ3wv-xiyLC&cDP1jYDK)374O>c!
z)78c;rIvKHX-f&Kp3PfIOVZWFTX6jUZ!uSNH0*{trWz45#cOnX5N`CET$G6ioV;ci
z#qz@RVizUj=@}2N-!;O6V@fW{*Lk1kEpb7HPW*5p$ptlIrBbETI(iZ=2I=ME0<RdC
zp#X57AUVErn2gQ*3Ox{Q4r39cXC?b+Xh}3c^WizGCO{h13~KTgLqmX8fSMJw7>Az9
zxT)g-)S@6<w}$-$DgnYPL7WJbyr$}MP(@tEC}~2*5~yNEW0ZJ6&ykwwjWx3vxLyoO
ziOW!0f?62@5v0@*fuo;QTojiY8X{;vRX_x*Xo$eGNSN+63TsS-Xe{xn1#yMOQYZB_
zAQ4+>go*&5z*eG~P1s!}XuuYs)X;z{>D9eJ1FL9gU={ZV4XmP}0k`UfspO5RPZO`!
zWCWF=s)T&FLnZkPS>*gG&_L{lTOLsD1xks^P}+n_uLKRWw+sz9Ok3>+4XmP}f#zTf
zc*-go8gN<=BNL8(17zw$Yu#&u;6c22%ZiqUDDSq=LTn2y#J12vY!j<QY>+nSZS4_W
z8x%Gz!bTv&7_0rlYpWLMXV-wgNI!cA{0;Q8gTViPF?Zf^QWV|ZubJtcygSpgyTcN9
z$xB8+L<}SYNepBpC&>%53`kfq2nq;D1_d#Ipbx<W2ue~(f&>v2k)&co5di_^{hd=?
zHM2n<@BQb#d~~Pg+o#Ssbt-gqPgk{{($q(gPNZ24-yflV0+7Uj{KKwP=q*42%yUv`
z0-B6~RLI{!=p3E9gP;xP>mlj+dPq7($-G^pTK+ClIe!-^k-v)s^LLR_@GDOjsgu8p
zQ1i^)MT+F_A-Cr5Ar<rYkP7*GNP4~=g0pMBE>bOj7pa=Ri(my+-Y!B;<mn=n^LLTL
zC{XS$!k0Nz>bO2q9ez>Yit8h#^Y@Wj`TGcs6?ytddj39AHh&*UDX5Qd*O0x0yN2u~
zu?f5E8a&03U4y4MvTMj*!d-)>pR#MnULv~&oj%Z{xocS6gu8~-O}J}V-2`1jca!*D
zVRaPr3iKR#Jz#Z|pzJ7oL4Z|nxFAR|Q_@rFE&Su(Ul15LZ!E)h3T7hydd(#K#m;m1
z>o<e=i=iKXlgtqQVu07z4<+6Izn$;XlW~S!miG)xqae>*bq!mW8#MS?lUS-@>vDr?
zSk8`2s$pyXN`s#@aitojNh^(mRKqm&QZ<at9pylX8m1?!c_2g$(*|=q5Tb_hfU_J3
zV>R3!=N=vkV>R4f4TZ59ZjaG0nYxjj{b71zCezeBfD?-~a|}?2qB5Dd#<6CJCiN)t
zJrU<qYc|PS#84^eW^qXBOQ1eQW<BZXOKR4M6Au;8h4D2>GF+0<EE}hEoa2I$`KVh_
z!F<S@f7XuiN9ohEb__sDpPsd21d>c&1teqEVcFoZh=YfFG?vc@8<j1D7+?^Rc>^>W
zai!plX!(p<!2|8^IT0sL%fCb#zA1htW&)OfR58$pAmVz^@+Ck6IK?kH9Rs(tkxU~v
zUo&CkmdFPa2mxY~j-gvJ7meZMvM1&;mL^k35o?^-ESD2#6epMYWGC~+T^QhOr}XIy
z1Dx(8qrHQy%Qu|wB-0lLiFCq~ED<(PT*L-549n*Ld`8id5CWX?q?`$#5dw_+={V;}
zmJFX!+>o46SeJvcQ|TFn>PfN7LD{L~SjnAA&nQ$+;!dS!6kKPzQ^jT!<e-{S=#Ipl
zD$k5Uccb{8m3v0PeMsLJj_X30uF0~-bs@~xR7`Xi!h}t-xGsbln`Cia2vau6aCcL6
zA<Wq%i|azP;+5~d$8{mhaTQY+zL?}Hb-D-X));r)i)pTui|av{=SmjWgD}yREUpJ(
zrYl)o55o0>WN|$Rmj;UI9)xQHrBC-Dea9lM2jS{K%EfvRT^>jl*M)F>AX!`&(j!$|
z7s3^Sl#A;^xS&!DLq4@uSL`keFU_E~N|#hpEUpLPno6=*55mb&qPPyEqY~GFa9Jhg
z;yMtnt0dDMC<RyQI71h@vpr7G|D!8)b(Jpr4qu`3^{MPNxIUHV9$cTw{(|dM*;#OX
z%A=;bK9#-1x;~{&&DW>s82|Qy|9?7Pz&6?)>9JJ&mQ269*2E{CD#g1iv$vRd_h+LF
zdTD*c{|J6fo`y%bvb#VSYbRV;Z{cAwSJvD3>&$+LG*r!AkKb>{{X#$IvaUNVU6JIL
zR&H;0Gha+;FNOb6=^Lc<S5iuQVZRNX*Vw<vkI0@L%wB|N1S5C1(&@ArNAc)V*>GfL
zjNzR}k&SU*wamFV2$}dSkzi}BGtw}Y&R7Q*vKyfszU-;^>&m<bG4i`3Lm?B3QKH-9
z<`}ti$LMV;&c*yOD%wWJXh~d*1}glIG1^Q@f0Hpv5IXKDZMDv0aXNb|{Es@flFmy7
z#67WHEG}8Gw2tYa7^Ap5+H3I@TIRMm2$}dSk^Zq`k(XlWjE`e+H~n#O{|YkyJ?`76
zIKStQ`^z14jG9BMYVcPT{>K>YB&C-Nh|znG>Ox0u>8R7X{4c~9#puhpuUe*XC!LRE
z;<H3r$Bso7#L^kR#9}lpK1QEG=D)}211ipy{4v_rS;uHsT#Q0p;+6j0ps<IOUM(O-
ze;~W+zoWbAv@ZY67^Ctx=%z(t?PziwgiL&v$e!4-NOE_bIU|Ul>8<|jOpI$sognky
zW3-=&^GE&|_3WWz)BsvlJ9<mue{4qwN$E8iqqzRNwWroOCQfIdSG=Qt7x%-Y^Ljp=
z^LuNZo8xqzSNI?O{DgGg$fxsWAFZ=oQmpI`_x(419w(iD=F@plW%g#@9jCKozkj3i
z3)1;lKAp={W^eYBaXNoh_#exDl62n8r*m9?UG^1mIu9%Sk2+72PJtEoyeCN9x%cNd
zRow>sn<AehRW?$U``jBGsQq&VVs+D9;eYh+TT*IQ{^|3IIY{eFkJH&h;eXWmJ?V7h
z(;3RrI{U}z?5XfS>imgx8u@hA9ISOtjMF(;;eXWm3+YTyI^*i*V4SK}Lo5sbsOmRT
z<s?<P>!w*m`*%K0>9Y#|qteTy)K!3gwSuu~o}2w|{QHAcxwU_BWt|YG>#3ptM%N9}
z<<Yuyo7oW6WnB`d)EM?}l-?wz-U7<{ZJeq~!~cyc`>jyr%kSUe$F+YVZsJ>J#J^FR
zKuY}u`1e4Zs(mB>jVd>(O3d$HC`bF(J5Fg&h5xaw_(*9|0sf7RQ?+L7zws}LR0S;m
z<U2Ak=MeVv41Vr7Cx}DV^VOp$9Zqk#6fYq|s!)1kE0vbsz)BTPuW6-<V5?9TD;i#k
z2dpVWiOduD!HXU`r*Cl&j+*$22S-Chag@H&Cx7p4Pn)p|52faWNl30F$xMUOcy`<|
ziXs2ayo7}oQpho?5M*=cPsN#d=K(&$;eN|xst~2Zd=PJjDMpI!vyRM9uhTQVUcW8_
z=^=5-g+;pjF(1nagxH4lqg@<>NFu#X_pZxmRZ`qxNYw8V?)R6Y;z>v4BG#d&$@Q|$
zIX?+>ZCx?X5h$g9?{#UNU*EX@rf=Ne>KhAvbo~eW;yV9MOyRg4ODRNQjwe=sN>9S`
zQwMcf=CsNho}Zr4lL5B7lBJ_>j($Gu^M#E_-1FOE8%5VLJjvKo?pJ{4c57g>6_O3(
zVO&V3XLQHYxkz+XF;}WM4piJOcvP1KtZ;<qCwd%%Xj=`|<5}j>qP1y>3)dx@1RX`W
z4ABk+nTE9rMQ0SJ2xIL<VN~Vx5AcO1mm9`82Gjd+GmC<HL*lP6Z84LTfv2+ZcHGD=
zK3v3}Sv>#Y%szMkx#IWs>@beyq`{zGUQn367_wg!p)}s)fsdJeu~LHDDBj@3=L848
zs~0W`v{9DiznK@Pjq-QLsG^X~p+69zd{``qzp@$2?_}FCivDI5f-kfVg1=Dfmq|xf
z5lV+y57+lN*zAb7VEyoLtVU$L(#M)bu@)k;oX#80qQ-CKO>km=6e%Zjwa@$uvGO?#
zC$`{`B_L(4%rU@D7cUrQ&`y?tJ#%HHLuG=q`egRyNy`_!6a`sF1(Uc(aXN&wRhkTB
z$vTXI0WPE4P|;C3GU+VQA@d6yK;z{7E9ej!+ZS>Aq`V{RbBLA0(&Iu7m(}Iu5!d`~
zt$Fpa0~ycqv*->%?;oW#Te76QIR~4wcJNVwsBvC;SSYIm1<Jv(qs1oHQm*1~2cuRA
z`oOwJ`oLn74F1HrM|{#EBa(9P8g5z`$KSBX2&=BWh>@N5h?Q$@=#boXcogN$5}8!X
zq&@RlEa<@_^Q79DJ){ES^;da1NWhXK^D>zkrk7F1mJXM~5n8QEpQGFXe5o2aj`pA3
zvNRT!VF8X+oYFXs;*_C}gq*VUf#Q_ICl!N^#)`q;R51?7qn7WK!Sac8SV__v?_Mm5
z<#7aNGwCBCrviPzY(@UW>PdW(c{&_3&)<}Jxo$2SbvnVII;De_FO=JIfXs}#3#G4I
z6AL%h7hdn1b+!~D`tU8d8MYiTN1(}ixR8_I#cPF{kfn-zj4w-U0YqgSL0PKegU(;{
zl|HM`C;X##0%FV(H+VdzqjC*8Ei=cS5}Aup%{e42vpBMjU@6+k^1jG(1MGuc*{!I)
z{E-9r;+9_$BX^E>4ED$`STah6vmy|a3bOAigEHaKUuX6}z+~fOAUPp21zF4lna5<m
zY_;GNCP_sqiNuW<vN&BwB>qRG@0II9glH+s3>N`fBN8igHFDU<xdk6oSo%tz)#+32
zgPdR!;!i5GJj#X6Y)6G9Aq!5$El0eF)$Pps8EqTy8TUE-uFAz-(OdEQ)hgIUmlShW
zw<~iEGW#pt8wax}h>4yt<xs_0SVZZqQp6KE_Oci(za)AhX)CQSl@r}1cnr@Ti}fp5
zDNbI5-MnV|WR+xt!)+QeLI@ZITm>xI$ssqLI_6YvE9RspC3|Ht6>k^f?UwPjD$JzU
zZwMK0yf^wK5s>jl`VA3~@kV;5jIj_$M8<D2P3OFU$UBI}EuIC9X^Em@b?Vos+DOS9
z+h7S2vd#nW!bdDY%c%jM>`o*5PZTw$CVffBsYM^?WViBXLQZY|bmrW~pRSxb{OQiQ
z9iQYct+^kHPx`0Ng{;`fr84^yST?f0M5`V83~DX&2)@UfxU?5{JnoQm!LVFNuv~CT
z7qG&ST;(_G%EjuF=>9Ys8F@^f<S|`~IR)*N@)xzW%!U}Wy&Mynodbni-#S$GQDik1
zF8e4d)2OistCa)qFY#7}`n((s+B*~v+7|U!YQPp;S>K_k$sVI}A|7naPDQ`V>JEYz
z=k=ndnoos0>kqV1UhQTdMb(mZ5>YFg^&S3Z{{Z!gDR}iCm#=bvncLxXXB{Ui7@(-!
zrk4k<WS^r-CDT{Ayy+XWpb!)_!$4NKu<6Ts5Q(yq(Jlzt_u)J3icO`#;m=5y;mLj+
z9mh1XCg7uz7i$C!54-N+F*NIYs?2$KA7R#ONF^tv(B>=@?#d1GxP{+7)25Gb2)mge
z3nzD5AX(EdUB&c{jVDUu&dh5FPO{6YB&rRrW7C!O4LOG$@u;c7JN)XJz$ZR*yzw<q
z_p#xpE+jDg+<^~T3QM1P8w&LuKiWmC@1SGcN%<0T?xGL$g}eDPA*UXHI&<ptrz@uc
zeU9nQZGw(*bIECllm#hctPf%hJHA`JZxkuP4ht;l%=#W>%4q~tX`mE~1Z-+ZDkOy@
zi3#3g3EsLeui$UTKw^SLBSWX!2V2t9kz^OLe?xpnVm~k#ErhA$I20p$B1VF&Q>e^}
zMbTeIA}%-4U;bNZ61*vBI$WT>*qRFpX%7o-k7y9YO{c767qv$h+M_F1dvq1t9<lEc
zDMOW0dqnpv_6QXWrvPuIGWo(3!cG`QC5(45DOoya7?&ZubX$JUI*S7OQ_$e30xQ?g
z<1&^4$+l|sL)lbG)O5>IVDmlp%fo&p%9g6?oEm~`sfKK+33!787`72iaC1BLa5GKz
zo-C2<i}Z`&1mes79R(bj?2qiHuYUQ}q>Tz1@cCDcukBGE^gp(z6m*`IR5DzcFyDk>
z_!~WMy9b8R0q&)b1okTDK1!oe-_M^3IgR<#nbQQHG@ByX*ldcwso7L*du9uo?aEms
zoxk0p0cHfkNpmX_wdPi&%bF082Rv+AJIe6)(P(Q~cu|cvd<*JPqf7&1BU%!<6b`$x
zS7XMN`5;-8GCBFP5#nqZMmbv{cfM@BC>!ltlUV6iPZll?y)U&!^k@ua)4g##WMpPT
z0v|*1F?2BoH6ERL6!v7br%A)klPR8PS;~o}o!G%DA*%!MiA)1;?#}*|TBW712N_Jm
zv1F%wy`x-sJoIkb85j%wvhGKjXav*dxrdo99-(-^kQ?XFX@oX@WH~zbSR$q;Hi|k6
z&A<?b-#~GU$GcHf!}KUh)^LP#Mb<@lhW<xIs2joM^+{~#UqCS|D`R55SHffP9Im08
zF>)t+W0t&Gi}R|ka^!FIQoT5{pT{}Gs!Re_^PpD9NuK-QeUf(Zl4$UaNTIfE7lmx|
zUbUsl^by-F*ua9)G-e~bw7-<;$oh^WpLG)-vZwR))7{uZ4SO?SAj+)oz<3t1XNK^J
z!M!O=qE9rVkA$4&_>l7$L)=5k@eez5fmW^n75L=WrIig=^F`jk>^OTR+6TRvgG8_?
zF6YO7g_OZ#&uopF4Oe?NmG49Jf-bt=w)8cXp9$415UznHK=~`#63}$W7A~o?CZnS8
zHlc#-xuiW;#k>Zer7h_=F7%su0^8KS(_UWmKKd}1*_p8oBGvrZS&?klnTl`DjIZ#w
zdTF~n*q%0S)!Ex|hITAnsgvAAv}Qd-Kue^j#mlD$yLXK{SR&WAu2M}Hw{5rr3OTW-
zD7{3Sd6;&5$-GW`s^d`wdhZTxs(~szf`#fBoU%Tr1?yR#(Kk3u?cgDNa(Of8+JvX>
zIS->;vbu3|k-miG$IQOm7QD{%a5ZQ4Dy~RJ&O;;}&Uu7BaHM@sOQiT7MJwp0f7r_s
zC<CkQMK#_ui*)i=OMQBnZ+##ptc-1@hgpIxvPxxxm2vxM2Hmo**f<}kR#@tUE`sQE
z?btQvY;2|ZC|Xw`u1hvifDB@iKzoZ??T-AGirRY(U!}U1ZdUDZIhEIB$tmr)ob7zL
z;S<EZC1kCvw@@|1Wwft|8#g<0=T3;vonYloXa`yHf%ev+{+S-;Izjv9T4Br1uoW<_
z=3g<CQ1|Q#bLgI}$z>y_Eqx^9w7~~W;`x*2@Kh%@KHrdF=Huw~kssz`PIEuHO=f${
zX|OlddYs_dEZ)i^^SbzY&YIxR23&ThBaHh#Y3+Hht(;b5hpuHZpx>_b<1J9+$0$0S
zy}2xuJFry;IgEQKmc#8RE8^}Dg{(5u_6CokG}t)Lnb`-4oc5MX0$+nTSU=^<8c<F+
z(?fTxC99(}!85HsY>#OA(yC_QLC#?Nd(lip5dYJbLNp_&V12JtBjU|L>8ap&@Af^B
z-<HI_)s6%wV8jxzF*4FTmMpuJri0qr^e-^HXI@79q^Nah5VGM}OHU!w8y7dz<H&l4
zCWw~Qa7bl!LS%;SffjGXcu@?_d=lQ2b!Mdj8`-~O&y=hc$ddH}{*=wS1%HP=X%}{1
zR&`1~g(S}2><-yvkY!>f>dJD{d~~=Me|q2#W^61)Ha(dOQT5q9Ab{;kvb->rIR&IF
z){tB7UWRr@W-|!W2^$N1Fbli_mh3F#X8qx;!O)uhtP6h{Kta|K)GVE#XZEG7)Mxf>
z$Bl><7GilRPOun2=oTkVu1J!=;icHRQht>=tmE>xzpbbwBX?b6V6R%*l~y$!>qca)
z(iyEE{-+H_=##!z>QiV2o%?a?+L7584QPe8Qj}WjqkcELlqf&2^+nhdcC%3jcHp#<
zX)3cvW-eO@Z#GnVswmYCD9wocm$ty;EZv)`3b!_*KNoW3iI?|enlCaPjmwpFH+4bk
zhpucJqCS!`(|$JeFC|5!-Ai*P^b;Dp6Jl}c16iwPsXJi*E9z|zqe66V<9+V>W{v>E
zpwNMO69xtT?5FQKbON?JvT9=1nA4d==={(Yww!FM3mqOs2Wrw5T%%YVJ5&LnR@&uI
z!j)B>?(#XKcVJ3Y+3y@mpIOzwDmtTgS&Tlj?qNn=ke-S$FS_C@yl6;XbfZJ^JQee!
zI|+=UL(&h<U>`-8{h)*^tKR?E57HyYAzaG}7s~A5`w(7(KYVDe)PVm&{rIsZPzk4J
zcCz8ZAAY{MDpr`{tx(t>GPR=I?x*HSnd6ouyVIRH6s@odj)p5rS}n=$QZyAbT(LtX
zzr!d?@6MQA8D~j@?yCP>sN!CIG13bTVr1_@AK{#y^nq=v@R9W=b!EEOkkcDqx!#&k
z8{v5j%VQra9O1JeC7cfYfXEs~(czhWYo=pME2OY-7yjaWPX{xHLZxMj+8mvi7Fl|E
zyLMcf$?Q^I{;om0VOvUrQYmI-tg6z(4$FX)*XK`mshuoRF1Kpn^?m>77EZf(*9e_&
z6T){5#OxgLVhwoz-QVSuF&l;kVqJ+*xjLg<!)(HgY(`hKp0x6g>5R?%e34=kaTZvJ
zQ7$qEDfJlErC1t!HGb&9*coXvDgI|+rz^5W1M9KRk!T0w9z$@sUB}r?nygj-v)#cl
zL2dUiSnP2u*sU`~0n2U<+3iz+-6tXWugd#lOi<fx@q{u%kGjI{8yZ-4$C2H>1=w{?
z&1ZKUkc@NkG<`5KBbL^7T~Fq*J6QwE?nJWNuK>HBLNZTz3%2|4Q(92l-3OK{&P}E(
zVA-8QcKa7#cL^l_mEF`CT2R}48Z4LH#F+|McBhfu0R`CY0?9mf&j86dkAGSpj2N?Y
zTHAdBESKG+*$P;8r<2`*%C4K{&9WbLg`~FIh5Av(3piFNtwiLl*rAAjjuwN}uecX=
z2g_x3iw2g}r^)IdvP#c6w^TNhp3%y@V{+T<89Nl&97}7P!MV9@rl{w%=a8u^E?_QO
z{gB~r%C{|cC=#Bh#k8#fVDaVCw&szo!P*vXkH}bl5L4pK7<3a8oy^}c9QpY1>OyJh
zl_JIFYcr9Nv9vaM9IQZ-3(4dVRew%F`@!)zSbKrisABmZj-`7d3u8wj*J5ed`jV@!
z<HFpwB0Ds&s&5GyjacQB*CcE+Wl_v#5miRZ>af_c$njWOTdlh|w^bd~=g3$#8B^Ck
zY->5>Rs9vqW6QooAB*&irM0aOzzU4!^JHtNwB;7M{wgok`n(y9F@sR{K1M`Qe=Q@w
zeJhkVkvTDGU4P=)zp?ltS&YW&kFM{ye1nifl~2d=0@Yxd$obf@NcZQooG#x9uma1s
zlB^BO7t0RIv<|P1rDf}A>{z75axJHA?FK8*)@rgfT-j=^%5~rKS_fXrr2=Ug+ZH<*
zsk=f8YGZGJ6=>`=GWNI(Bj!1AbywpBt;U<-jO%;!Xmp{%>2)HTViJ+YFKTIBcSpbq
zG`fzAj!<<MXS4fDT8lTMYFvA%PBzoheUU$65|M>3YiVuswv~Tl^L4U0QrUD09oJ*X
zq1sD&a~0ReU@-lj$c$C`VC0@xbXv#tI#_{4e2dJDDk!dRt=4M18H3~EI#`ymb!6Zg
zEfJ~ws!r=N{s2~>(M@D@bgYc+RNGnon%3gY=!)%cRWa96F&~eN|BpT%>9|&>bun*S
z_cs=|ki{Ib7<)EkJbk^-K8im1ZgzG%yva_@qq{4g!t1piZ=_G`i!U-L_9e0{E*;vS
zbHFp2cxJY&LbK1FI1nF@><2I@!&0N|<lO`nj|A~QwC#Ic+lzFHrE}X}ivtDO-bJ=2
z7GS&08(M3ga&L?si4=KLOGQS<(z$J)#DRire@M0`{jY7m^j6Ha>usIRZM!cH6l8lZ
z*`8d0?dlt~raa|d5jzq|*`%c+Q)21dwy)wqLAF04+f)A6w!hjOv;FWpI-T40P8=x6
z_Qz!Vi2`h|-l8?-DR-5v`bcD5T)O7Fn&-Ct77i3-`v}>d`oFfl^*wDbQh%FH=eE5Q
z2MV%%jBHOU!1mtlT2r2K58R=TM1nhG>DOcF+_u~7D%kdCWc$hgwe4r$kJ+yOfllYP
zeHI4_D)$Mp{Zs+AEAG~s@|63h*pbM(Jz6S~y;rAm+pe{*VB24j?dkt(+wbhx_9A0G
z(&^l`8yqOu_8GE0qX65x4{A+$%DwMneI#<=P%M4uuukW;ee_7dw!bFZGym7NzxYJk
zi<~^B)46S*{<L7*=gIcdG28uc9&_VfS>*g@$S@V>p-8FEt&}&?Q6+tm`IMwpvHr+;
zMHBf33+_L=uor|plTG0>S*b7Lt<&vi2)NZH*$?Eyte6i2^82um6p%OG$YGVl=F%s$
z51lDV0*Th-xBxE}Dsf&fkk^Z!$&1<K1>HZ=aTs$IH}E+Q8?RU?Z{(Uv`eN&Q{gFGB
z=-<X6_p0B#9{frk%qbuaF&~n?)Ny!7C4G@Ol$3RGPSJmeL%EZdc!6=aL|!~2<KPzO
zP!}F*4|Q&+(vRsxSO3N3Tno>QM5_K_9ZEK214#J4U!R<eyI1%H0FOe^gbI5AJi!ey
z_c~?zZG&VyswG~bvd_)m2Ck_#Fi92F8#$(uzKCAG?2lwB(Z6j2xmPvkZ3EZHgL$zw
zpxdF2f8_4#swN_{RMHpG>z)0PGm8GL54l%C=k?)F@?pO6A+8N{_)}SyZJ=<h4O~^t
zBi07~&(})-O&iF)W;$OR5SZ1ETad2}JakjFfr@{rC`6{Kq%We^Qu`x6EBd$b&%MGr
zZ~PtP!NLOKKVR6aQBcOeXe|C2>QF5H|L5zl|0e#q*JJ04zmrP8C|~^d+pV%khS^jU
zBIi}o7t!mq{gDnz^l#&zd-ZnS_<P8M#RbH_nxQP`8v|c;SchWq|36>j{WtN?z1BNl
z{QXq=CHdn2ic`fuBSA$W@`6hGB6<zDKT=MK{%!nouME!{{{VTgRK-8;TzuA}d|2$#
zK6G+hNnb>-8TUsrl<433kb5P0ULQi_!?OkWaBGtCA;qVCNcU?W^cr)2q++5)|JH}x
zE6?-#kV-y0r+jdVZfahX64aI-QAuA!uSEApW+|GOCWnY*BYj9Z-fT(pGI>`w_X732
zrqjsuGHDw3&*E$!P^!HVzo|=ou&<thG*$HPZRcLdp4WC!vb{pvc8gxB+&?ST-bk&G
zwyjsT`y(S2joHqah}>y~OUSazA0%=wde3XW1lfP7Ap6^tdT+#;tnKSn@cu}1MgQ4;
z?gjFB?Uy9`tK;lHVwImKSJsb-DgMaS0*uj5GKGs3k1uTQCG>fXl_6tmr7^lss$<<E
zMYpjRRniyHE9(7`Yl_B|wE*+E7u)AGU!Kgr5m(l(xyl-OC{>49FTD3hURLy<P3K;d
zpVxFnGQEjRQ~T~|*^P7$>vHc_Nnb>-(Dz5G7P185jBiKo^gw*~%Dr|!uk9*i``vuD
z=PK2>!ca+HM6cxcN4lo{8{4_p_~*4<oosJcwjWmUrb&IQZB;I;4C%|MjPIzBP2&rh
zdk28LhH8?bUAk_aqKmRcKf`+?E0hgiL~jP*j}$ASEbF1G0L!_z3CL@?Hd+3VEvw&%
z=$e*K+Oaa;(3WClq~9Gfp2MH`V&>jRAg{68$=F^QPx;$r0k%#QRi%pADvF!bMT@8V
z<2!5aeFpNHx|2+OWR=UU&j)f`h-4MBZ1^G@qIx*C7gv^J@hr%4?#&4DTCPWy569Kz
z-?W?S+FGofi|A&2+xURy-mM_7t%hXl(>Pms+Rfe)x}19B0)OP$^!(+_Z#nmt26-*t
zOO`*^@ulCP3#iLu8Ol<ujCbH++q9zTSnW$^Sb3Joz2`w*TaC%qm)e#(w_9~tth6qp
z-u%EH`J<$=9IMNMEa%=BA+P0TWciGaFWv`al{2!tEc8#ThI>Bs%2+9HWQR)naL&0`
zNfa=pnShLCBe{1{$ZNX=*}hPa?bqn01ltaLWu?54Au36>kEkzyYx~wyR<keg#>T^B
z`<H@j-=KWk@R)UE>}f0Ijo8mvNwPgzeJQ~9d&pQe;y(LNwp)?yU&(gt2c_TXD;68m
zCof0PUw*`+*t9^4kKorXZ)Qb2-ISeBS^nPCuw~PR^rCe7=g0rUYE`XXwPy92x7<!7
zLD2oPh11=l^cXyEIm0bpTx=JmTMmu%9rPG2{S~Xq`$X`ZLzHgaQf%}E_(9sz_qT3B
z&-?Gj_gCxMMCpbDvgmgu`ezpjwzkVwRPqGy<(jRg2;;#;B#+|%?by^7Zi+{1!<V~-
zn2Q5&Uv$Nu`yqUmfeh{+iTfNvyoY^xGd%bXMvrxt#&P^7AS!TJe2M?*JH+s>HGUkW
zZ?v3dbUB;oa~T@~hzjLZDz&UloVaMiDxVcslw2FI+pz-ADQ@c2DV+);uROXG`ef=&
zoqAf!HAJcjTbou!rFQD0tC31;gc=gXN7+PXQM*VIYY*GRwC==i>n)jAB>X7&s8?j;
z2+4UxH=Xj0vs)}hr^+o;a^*A&YF0|Kx*MdNQ(U^=F8&xo<sBN3DX*x7l(aU!iIhtc
z<)+!i=XNX;5Ji^SI7gBgh0P!&J96442By=|-~PZ3h^%k<TQ-qAn^^e;D)s0PJTnLu
z5;ML=?e?-EwGhh&C>0h>j@yKbQ%gJ9t<;r>OgTl9ESq?1nLw-t!9R+XQ?%8rsKt`R
zBl>8S(b7|=sD@e~uad-8q~7_M@*YKsYTqdaAtl?!%R6l1B-h)X=WXH?nqrd3EGcUy
zNmM|+k=-P*tB_5k<ET?Cx~j_izC&3X2ss&p%#AjY^Ekzz8QPSL&>@sare2(*Qo9i~
z$%-OYR7$5<6I5D0MhlbrzR@XjqN=yiOVrW-SUx*N2z3-)NOmhkm5t_zuGDNFuTqV4
z-VHjHje3)E#dOQAct&|&W4_YYPv_`(O?f}8n9XVt)vcO#iuW_^Ry+7ar+P(Hi)e=>
zk+N(H{*n=QinZ5;RUch&{*}J`cwXhGgmN{iPqCkl^2(#d`>E8eSZF5oH9Mkw?w_Mr
zRNJVVD4ACbvHBZY7+R+6(-my0caNB%^3HCoatyR`B#FAW+O0NJAyXZlZ1owhn59!y
zTgx8h6vGl_KS~m_H^{z_Bz7N{DX$Q^hfc^)eQ+CUi+Uqgk779lm92<4kM@#^KI{~u
zk}z6sr}onQGv(<_#81Yhqpr*EQAaZGGsUC_UU43+m^7CVHG12{FDPFLQT>MClv8Bi
zDRVq3W}@xNQFJpjla`RU1N~I?-!_$1s$5aklfUbzdTpl$ss~)KQelyU>j2r$Gp!z9
zLQJZuJSdMv<>ZS~)ax(Xc#`<+pz3+W(RXDZ9HCPktdv*0i29`xt+9=^d@dno_fneQ
zsU<agMOqIj=M`m8UOCo%i8dvp@pDU=!z+eb5ps&Lut6pFin=<-wNk2%F6h*CL`Z7s
zj4_PL;T5+duVm(28C|dFXtg1)*l}KYaDBe=>H&Q;LtCpoOCC)U2leQ4C;A6@<rFn_
z8^3bFX7!I552~Z{&{m|}qm^V0V!XHN*D12#sXRIpqmN9j#Ar_ApHu8EZ?}5mr&b$s
zikG!q4Lz!qT&VK?tdAyCQ+>bo=gRJL`-J6Rg3i%Fdv&+Y+uLgGPSFu(UFp>(v}buv
z8Ms5Sr&g%G|1lyd+x^eA>{cq(R7X$rRjE2YmABeUYRuX4wqk(~m4Efxt4JO~Yo{@X
z{zba-2ma9P!iKretZ_Es*<%w8G#POQa}*{mMTQuMB^w8DrXmu>UP?5h35u^T+r-5`
zB`FJKL2*6F&g54-Cs=_sUw9AY#X6QKp2Domr0D00bcDU<p{a3kNoc`KGbR-##K@y;
zEAbPRs}ruF$>+7#73qeje{8V6{Tb91+v+BIvrOq@F`2$hO5#jOGTVZ^@V;%*LnA(s
zj>z*klPAAax%!KxOhz14WT1F~$^F`&A>uVAMetmi)Dsb}Gg&rI`qNPi6MLDQ)_O)_
z<~SbKyBAWL$BM65CW1MW^l+^BhRfbmmvovy1Hr$;*Ho@2#ZR1T+c`yMh)YbWSW)dL
zW(zyc20?LI%ghzUnB4x2%C$&TX7YuWc}~=~QSDs#*(O$@4GNUJEt8M&O_6p?KC5Wg
zq`l3S5fq)!Ge~9?a)H45RP<^hQIL*I+G(;{M43c1c@1rj+Sn%{mFpd`l4X9jY(>Qu
z@d}ehI@eb5DqC-AS)V3$iw|tnHm0F%Nb9@B9?mr)jP{InHXyWH>}T?*MQ(r`V)7Fr
zPcl*HIclT&%4uj9y%BvPpE21|Iz|Haagb?*@mtF55y|%F5xIA9wj(0M9+74zJ@4sU
zdqfdC#i!*G8_QI%?GeRUPu)?HM3Jim=lTKtOKRRHYN1ktIFrUmJv;Tm+cD~F+e|%f
zzi3DmFWO|-EOJ2H!!nzLc8k=r4PY|xijwJL8_J}&&h?~iB$H9!E6p2h6WRJH*pasO
z*|2;M)(2~u)3)hMR%vq4Hj_*G;UH;iyYSiPF*!d#5!1esNoh^e>~Ax<XP}ZPX+OZ$
z`(r$m)+^Z0vrHSzX0A21qwJ0CH#lNrq2~+CMz@1F9TfR8ur5gxdopIcK~c89B2De3
za1j<1BQ2Q>TQmDDEVBUfGs;y4q?UtP_^YTdBB{3K_Bsx#i(gaiOroN>{SMC6#<E__
z_JI8!CPHg|(B7E!lvr#Ne+|Z*0PnnR&N5Zsk|YZ9Ad^q;v$IT8w6wQ&P>VW%O<yP%
zYS;cKllL$pDbkU1_0@XX*gG+)cU)<1Z|}xF|EHo5W6>6)qLaN3%Y?SuG>I^|xlIu)
z;$~7o%k;31VLf%m*sWZ>?c-VIb}jRmeL9mlr<9()_Brfxh9!fiR_zO!OtEB$Ea6;>
zwTJ!e%a{bLTwQJb?JL=OC&Z^tQR<cb?W<U(&UKqb2H4kdy&E@dVjSiKQ8CcIj&q$w
zuT<o1CXb#`GK1`!nIz)Aft1OzzsH&*O%xey-_Aalv4{{u?1xxp9j=RHt|9i%xkc62
znzQXcus_?iOw|4x=W1-(T4#&e6AWsrj%=l8m_2AvTdiTqY_tutmtvU;+MnU}$}Cgd
zlG$b(Zoh*`<B4`raxKN@ar-??vW7^~QH-!RWm5e|n<X>K{wR|-3oA0#-kZrw=M))l
zAI#+97)7SqM=%-qts>LylbNhop~xcp)9_h{5k-_gOYF}Y)SJek7m$b3#LM<&$R$Mm
zo+{VN_7yC%8*@dH`O&u8{wixu$7no$EY;~6`&y31s|RfsS!;iTWomDXk&R4FV}34k
zt+T(wqz-0zMDDb&vu_0v;y({6nGN<2Sf+*6^M?Hh`?CZ-Q?7OPH|@t*rX8-5h-89%
z#{MkS{=8*B!7|si^|$P2SkKp5&s+9$EHmEH6BV26KQMU$tylWI#r`Xk9cbZ_?63zC
zsBM_1Vk9|%qH17_BAIDozr8ujtj4-snQOoO0VeZtEhEVp`^W?u{qE|d^n7QZ&N4aL
z)(`f%EHht|U+kM%=IfIx*Dv;6On#n+`#rzeL{Ix=`+)=+A-}{~m`GGyu^)wu5KYkz
ziJVWqVn5EgUOa%CeIOk%f`6Alz2MKeD%TDBMV8rxd4$ySr~MBmHq?$JZb!&T(RksS
zB0fhUCt3eSTlYDNuuNm^q0dpm`8@nty3HnT_94&wjxsFs)i;tvLCQKQs!yODl1!>C
z=%@r4A!wu}(h8)CQvjVpe27G`<hCyBp|O`pJDcgK$7BS?1SQjuH9v@!@F?yMq}qx(
znlL$ms|iJ#p%l0?_@^XMQOxlGlSXJ8Boh_I9j%yD(=zFfPF(h@TBfAqG1lx`DsxQ}
zB^{$V*UND-V_9Yw+7D^oW-sHI$z-49A(7dVSTgHC=CYofh`jWtjAH@I%tgeAth1MO
zEMu9W+E!V|3MR!6F`28pV*^M~e2jXRq^e^NllS7t5su-35mqi+RmW#+>!Rh)G*QEG
zfk|YcvR=b+k!`iq)@wL^XVOEHT8^8XYcX=YZnuj|_FEl>i|T!{Mb?41m<&MeC>bx4
zEpa4~$^JM!K_-tN8kCFlB)h1s?#HP1F#hi-Zgqs2tUfPERNUsMz~s^-!7@=%*Kw<h
z`o&Ugv_!e0;!Z~c);t5XLu8t`%h8B)wOp?>-{rWE$#$*zZbv&Nhb-$+(ZJDz$wDpD
z&@q5*owICJcQkekVsc4aZ|ul&p%aK(5ku)u3oQMoay_lBKkOLBWc=H*6dlDQj*(2F
zPpERWbc|<my1pz|ildd|2_|bT4?Bw1j_FK}S=Lh=Z5+>_>_W8KX%nL#q-eBp%w-S9
zU~VkQ2**v=IQa8LWt-SAih4?pBj6@-^Q5rISVt<8XE8;VGUFU2m^{@+$&7bInH<46
zUCK;wtY9*+up$#3A2Nw%Dl*CO8<Q#6+(qV^>?rCX>!Z=1C7I%A#$<2J7-_}ijkYn;
zmdO$PaG-K^WpYDnp5o}?p|(-;l1;S69gC=#;uwG*8*rs?0>39P!IESquXI*2PdXm=
zJdYau<qIhz#8ZwOCLhI-u}t2!a*@n<Cc@H8WFl+cVdaW~O!81mSYF63dW<H2raPvw
zhnK6`G<l9m#p;r*b1Zf2<Xkl@@&?EUEc0_UC9~Xdgk>&UWQ*f@#|f5MiF<d_)=I}O
zEc3ZVb~#o$d|vWruO_P<mAw?PlRZ?f^^OOaoG2u1eeBri7{%m4+=(O2M?uE2p0*Y_
z4l;>lvU|p47O>1Hi=2YYGB3q>-5RMG`)4>-d#QGAouI65bgbcA?^rTXvCVNo`mD)z
z$FFSb=Z|b+FaD2;9gg2v=J5lPTy^YlTxMIBEg1ost1QzcPUa6LwO@?sxxu6;&LC3r
zE{DxW5$ktQX@1|~Wa7|zK6JR5*tE<Zho4C;Ewjgw#Kav(f<B5yeakwojvXPEnI0!2
zNzFKdhtA;7#TS%^dmM#)RD<1c29ZARca&h6<vQ0PM>QsPUDCsjT1@WMGDjS@F)18J
zZugOgokrQjd&_M|9dX>jWO^LAi*q%$NE9-6GdYW23n*7q9CP4(QSdNY)h1rpCd3<#
zFCBOj7Dxy^g-BGKa<pdB_fb2OU5>9EeVCL+%OsiOj&B`fnG~y{^nB~UJE)*%Z#O0L
zy<-lO4O-@V2i_<JnT_cE($-IomzaFrLD~Av@fMS=-Ibo-9Un1Sp?&_{fwxFOPj&6{
zRmUkN^R&-@IeumGkoH*^Za?L!tNp=NbWEPo{y2=HOkU9bU~5z+=XJS!Mk6LaYdt;#
zZ)}3*V_Hv=(T0hs{Yf_ZGFht2m1>M*GED19HSn$^=vl1wq#4gJ*`)m`VZ6wsjMh`q
zc!x=29iNg0-i`!4Uu!*Oi~~%{Ykw*jr<q*VdMX)zGMTLXsbt{2M9}k!)>G98GC8RI
zsb!R8Qd8@xZPa1XTl-Vnz?+Dm$D!-%cB2`SmfD}YjLu9_bbZw`qD<OqJ@pK{eF%Ck
zX@43TQ<>bQ_1tePW|E-wG%?mQ*{;jg#K0Sepyxxar@66<$#q?>7RFH~S-M;g89y+o
zr%UmWaf!(qZT%6$iC>X$rC{0G;%I5$O++ATEIsI5MlB}Wta5Du!JCC3GsyD!l%uWD
zoXHUFVOygOlTq5k4n{vFA8T8W8hD!!^o-HAIvER@tk<?W8F)JoWV&cuU5s^1+Us(4
zF*Y+fqRZ9YIKZTxw$;PHtAU`$scrQ#{$x^A+v;Vw@RUMO?9noh8L3PTYMICIx?qyY
z(f;%`sxZmc{`56&V{%>l)8A;u<aVuRfPuI5K+m_@)*xd9lapFzkb$@FKxVqOHQ1QV
zq`9^=*jU2kJ#8yutYy+fmp$9St9PL1iZv#jazwF3IT63M6*cfC9gxl1pW()3CeLbH
z!wm@Fzq*(M(0I7ZF~Ue;@`AQC(!gtUAoH-+Gumjxq_@^H+IWD;x7z2iMt3HUX+7f%
zyg~<hQnj85#%v}Pwa*g_yb%X7$F<BP;}s_3w5>_T>r4XL=PAaAOy+7^PZ)R|4)iqC
zdZrndnM~5QreV)}lBuEV;wdAE$r#<{pEA;zJgwXOOrr{uO4`=b23~CgJ)h~im~C`q
z@|BjEZQxBckeQ+VnP)_qJOh8GFQxO~JOi(wflNu1lt@%8G^Q~bi>MOW<ydMgWzqmX
z6FKg9&Ul?kcl>T+yhD1PGw`}fvIRXvqT+eu116;rF(SJhFBxAjSpq#ojyqNv7n!`<
z)h4!XrCh6wn@r}`R%Er279!1;phwEQVN}Jh5<&44?s#l?h0gD98P!5G0~!0NA{&hw
zEaUk=l1%3&<2ELrzpuz<<6b6rX_>9Y!>ngLW}Z^>cB3oH%=%E}+F=Z3@_;7q8)MnS
zb?sHI4~*$7v*X7YnH92S1Vs;AA(G~4Vz04)NeEY?MDBF%H5P|xwzJdnP(bEcCKtbx
zGDKD|d8R$Cl8}qYi%got<yy()4&233GOsZiv@51(Et3|w^QL6BGwC)zCL_rgRbw){
zSf=a1yrkoLToYOT>|>cbzKxNCOb)*l(|nl8HM9bi>j+0<_7W*W(fFKY*5a;_lKGN}
z>rhP3S4`^1$$Z14)ajVacTDP8^+gf;fyu?)F_~YObjJM+W$Pl7^KZvwE-^_y5+lDe
zSzISZ{@{AwX+<mwTi3Z<k1UWfcRKeQe=#X%)q8yqTQarYr9Vg+{BmR%$<)F}SuHav
z4jSQP`h6!8ZEQU5??lBRqZsEJlWZ5?;rFDEorjDjoXdw&5FwdnEYqc(Bqt#AK=L?f
z9y3zOd}j1!nZqGPP8-9Rj5H<r*m>G`oQeCAur!}GMlzX<-vXqqbH-CldYq8tg!7#7
z43mqfFDY}`SkI)eW$R<-6=MsN=a(v(E5>_FTK7;SoUnt-bqsf~q@J{d_gSX%a3xbD
zVIRx9m#Ijpg#An!_LF40D4*~d=jxNBWHJ+eWSM)@6{(o;Gm~!zD_fNlt}vmyJ<@u$
zgg=?QfqSQt+>&6VPz}}yC_Ob3d?{3e;Y3AhCHR^A_Lw5KB_uK#aGQ$i?Fk{)Q+&H3
z^%6=jIbB-is-KX~<O^Mj7S57PmTU5`vlNqSewC}0vvdlLqMtTXq_eXO%Pjax+3M!J
zmC49273txu&7@9H<?7|UErrIYWq7iN%8uWOoOQSq&sptoo3o$uE+%EHcDTzq$XTED
z46)kbZjkmYv&3p+M?t!?Ow?*Wr<_Bay;!EU)mqMj3<VM5kv+<vVa^d;u5-Fvk2}XQ
zX}m+qY!W%n*{o;p0adOX=QB*+>?LI;xyCvda;`B=mFBU|)hWwi>&cd?q!XR%*u(i&
zuBe#kT+g|_$91=C36q=~nUwrektdv6ne_NwSzqcr!lYu3YCkVKzh!@hYkyWde_*oS
ziZgy;asJ8HeY%ak>U5-1tGh?HvHv&|m}K6oG_Q9$nH17J<qfBcN&oK3!~IS-lS#V$
zeB$&nX}nI!{O0sCc~G~gtIi}Qk3^M>%N0naHa~N!B1x`fCO`e6${uhP;#_65o{*~u
zlZyBqM8+`1Rg6h;w$c-Jm0)sfM3HK)bSAg8Qsg#Q29p`p6uHAyipeZ(tG%l%`x9!R
z;?u!Zp2^3$FL!iR=3HW^($m>>ODf$Df8r@cy18m_uDZHC_jNU5a<^{1{aj6OpD-wb
z*7$?pMqLlH%(FF=^+~RNOw6z%&$xy&sfr&lWHjcwMlngvRx<Nl6WGH?W+|Bkt|wUL
zlGd}p^(6azZxxkmiEB3JTBM`8!nK5Ry`)R}vTG^(TwC{@RjwCU#<f$~TIG6)$s@Y#
zuen}f(ngnko$GaJ>$<Ab*Iip#W+u+~vRs>7?=mTa-+(09=Gx7<UiT?mJ6!u%rUK?I
zQf8-Xe=3bXFIl6F5Ffb?GwEnWgUAuibqHrqnd>9hCoHo9a{wYjeBwIEq>?p85joA|
zajRTJ&M=u{ohyl4;`m(aE%oeo5}`K#g4J`6x<7GU=3KjGDqAO931RYiiq><&<zn)=
zHL?kD!exd@PY)|s6ePst=0zE?N$xYQFq0=Na@={=RWwW^z$wfKWJ$ksRb*1(kR<1v
zms|}wSJGigrn@h>nz4-ky2^FQ^&ra}votSt|L%I6Nmp&_vTH1pB9`Xq?!R2qxfCm`
zF&uC5am`|x3Yf)_KdH9AT(jBM=^M({U#>YUQ`{QaRzc4WCi6d$C0*sd>3W|vmv1g}
zA$aZ&nFKFM86pQbS5aIy$g&IfmrRaZ*2mkN?sHPcs`sdHy1!<!UdP$v{+>0@ux2uN
z?#}%a`~0LH=RNLAoXhsH^k;y(uDezts?#qP%GN7HU3YCJd#%1hq;4Uq({jH_505+R
zy6<H2nvQBycT*;{b$zvPw<<(+dO_D|3wKA>Jlg7CLbPyqVbVpns21)ag=n<-TDMFh
zWWASenJwJeoGV?o%+~H{oNJzyD=J#MXRypQ%O4@yy5}&tOSjdw?xjrHTW4XCd5%fY
z8YPG<W9uDs+1t98Gx@Eu>hC?=>$#+5b=&Ceev`=?DN3fddn<d`vcHV{cG26tgY`sp
zoj&G1#JN7ydIq{bWtr=GRxs4vF^!`7l|EMvb9YOl_&oWxYCpr>-I+Xk*d`j{nboKm
z;qJwxGNK{LXm=Kq;+l+g4`=cP+J=;w=$^nNpk*ezr!sj!ld0|*OzzXRo^sD)@}<@@
z)BP-ycTOqIv)n7vsMW2p2-do|SFub{t!J+LRVG)op4Z%4nbby^q=(zw`<ax{x%Rsc
zF*%@Zec}EZM2P-c=1ceYEc2t*e8zp5$#-wrMEfRmRr0IbR+yq{ysgM@ZU>X9-zxIE
z+sWj9O)k6rg{gMx;a3l-=Y~66csZ;;Wa+_M_}poQsqDXeBV~vbW<7&`jO8lMWcUb4
zPS|g{OEc-dQOOvdicIRARm9_|$;77p@px{<?}<TCt)7zcd+M^xv=K^kAx{G)qqOEC
zp8J{HeHY?}|M5J4r#bWpk%f^~l1iS=kP)J~mZ|LN$+=2ta+_xmm$aEhgsA5k#xj>H
z*u|&ZGV6IpFsX{(MC7=qk!LKE$#_1K$T^U4Og_OiK9RxRdpy&aRKWEqkyXz7J+qm7
zRb7%aXJgM?CIhvtrk*8C-n&K0{OEba^D2`@nzZz6U@`^s4bmJHtvs8gjJDOr^Il=9
z<qO(YThDfuIiPd3^L)T$nzr7>^AVF{mMz2E!*h&Ddrf+JzF_i}*3-*#n#mL^K2g!f
z^Bt3b_Gh5y68m#d`;+Cl$}+1g&1JmV9-|1g=PH^E_4t`A(0ZbtR3?=%ucNZ3Ifr@D
zm=x32hkJ@M`PtG_%RACjmdRjEMtLeSxnPxIm2<SGS`muaChg%EPc4?Y20Jp&<2<)B
zdCJn$*gMJ7kcp|uWY4`!`s(;h@ib<#wUW~Fq~{?fXRX!}6*E2Un2fMUSMO|3M<xq&
zt~s90Ox9}hjHfG;rJvd?59fJ$FxjtV=6iZG$<kzjr!SK;y51Li1~GX{$9bt|2$Kdn
z&d+&<G4WbtlJ|MfNG2b>CM@eOc*Zh0KSKHQl4l~52U@AJuk=i1@-?2-l2LudGo49I
z{Dw$muy>8;X(kVA@~USplRtDRUh~Xn(pmew*0YF-u<9bsx!&^}la7|puX^9`yu{?N
zZY`TVYm3koM;TogJ3Vi+%xq2G_iQdg<KdzDc%~_d=CmJrwz5nsi$p=TGl^)j+w%dF
z+dh!F$~bp>_A!~LW%hWEFj*Q$jx*^UN4{jTU6Z|@GezJ8KO4WlCXE1lJ>P=hdF&Q;
zL1eo);JLuL7C$2i?rVAQrc21UalcOHI^wYxC6a-=my&$qNhnHvuqo#1k{t86S*DiG
zb=>1;64ALn_XIfCew;yMt}i?xCNI5j6O*pc_<X{X%48;@A;}p}I+H0{=0{IWCZ{Z!
zGR}*hyO><ixqkCBV)CpeH$82b%+q?(yjex5zOGtCh*I7WEHgvrD&?KR<W)^-d7ou6
zSnIjNyPC;-O&;;?Vlq~fw%+|r-q578_fsZqPuWD3!BqAh-mjQ!KcGlY@0p_G5a%P;
z73t;unti_4%7s;R-h^UQiVapSBCcXoI|H@mK3)%#qgr!cZz7W)H0kdRGVx&c{@z9M
zXP`H^7}fi2@L7_Gw*<>v*`j2Id&@C-2Un3&CdYdVlNFjw_1?*3z9uug_c7U~$vp2v
zO#Y+E0&jaJziYD0`xuk4nym5;VKVeKWqqA@G?QZwD4##{PG$17_W7`P9ut=)$Gp!m
z@nKH84NtId7pJ`|nS7(kx8BW6Ug)c2zW459lBQ*T@}6Mw&i6Jkn|s_Z-k-3r1W#2x
zX1B;C@2@Pg7IP$$S?6>5t~2?>B6XZj-%Tbjey8*}eU9Q(7iTf|lbT&VXK||KzFNlZ
z^D^o4gOc(15;@mZoy+eFvdn0mE9gsQGDhbL`HC`Wqh$*FDlpliNpW9wCa>#UC44oR
z+@)no`f4+|p`%gCcRQ0qnw0f5U^2lXFZwF_?q{+pj?j9jpqQs~RrEDsa#Y)@;%fnd
zzO3V1&DUDyvOIjlS;N<nNli^^`g$=*)8uyFKqe1pQr9<>$rN2XclvUeWNLrz_Dy6m
zOZ!vbH-(9_kE-|keNQo&?8PsAcn&Wr?)S}Qaz>L5zL%N2uSvwWk;xE?yy&0c+gF@g
zRE|gKnc&;cG6&s?%<+B3WWCn&obP8QcWXT>eXbG|)do7(N}sy~Y3^Z>JN<9_im=R6
z7TMx|*H@a!mN-(8Nm<LER*<Q|q^q{R!&isN)0*t{HDFRqTmQ`0oJnCV^OLV1lO?*O
zzxuL3Fniaze)mOLW~?T5|0E_4XyWxRWb(2mA^!>{i?pq<|8*u8wM@EyGn22i^@{#o
zOg`15ivJ*!jhfu*|B8u2>$%PU4HJ6GPS*P!{)<d*(=zw?uQ9peQZh~acKiYo6qU40
z3%|*vy(X>w8BG4r);syDF{!L=b@SI^@`{$}<-eVYN0X8MR!knyB*)(&okp7)nvC~%
zXPJ}Q`Xql}Cf{kFC;PLQ6w$e!@lRm#u;tH-{w4l->D0!KT4X=S{Pgj#)v%B%`x5_R
z&NW@@dC|X#$x>~7jsJZRA-ZUpH~j}$^9x$@UjJ82vb4-z|2fw4m)3K|{}+=)i=6Y{
z@F!$Y<j-5>+5+NcvR>!9;rBDC)4(Q1V5S!pMq-%BCQT9(OMwXSpeCWj>KQhmk9~Lw
zcQpOBUOce@=lWrQT|8Tl^pr|$kwMY8I!KY)i9K0nfR?G7IFx0kXwo9_DVD)|ky%eL
zu|wjsOcq-*!Nf-sUu1GZYwno1n)Q6BN$<qHEc2e$JS_1H6PKmgoj5k}S0<(=a}w<(
zDPke5=as}1CeAEXiq(n5m^`F&tw}7yq@!iaowy<KZYD*w%;v<0nKaij?<e+WGD?%f
ziDQ_Y)Z}F13?_}Vp6?TvGr4BTWF%fr+`#0BMT#X}N!-k2gO<6HxP!@Ps}vcDR}=R#
zaatuUmS|7<gvqOxt*Edkonlf!m)%G@4<f`qv_o0T?xagh_Gq6AC;3WI3~$xBN+y*k
zWkWVolWIvdS>`T0X;2jZ;|!A2n8^f9nk6-7(y)}0c_8T_CcU-H*rYa0nrJdEsRNT2
zEHXWDd{Sp7*R;&Uq;5>MT4Z73q@><VYP7YBFaJX`#wkgCnPhxnv&b_^*-WazA1Sju
zDTm4H*ObhgN#mK=zl)I>OkTrv+@ji~d1KOSCKbQ2S!7Gn0w$T7Y)@Lkq+}brxZ`)~
zU+*U^V=`==%_3hWtzps&{z#cqN$Z%@{7_irY|;iM_i1uIX(N;Nn*5Nor4;qk3YeKo
zJwGMASBl2Wk*Bc-Nh;OOg`|_EY#BlE$0A8;CH<0git99lD{+$fNc@s?w$$@z8y(L{
zf_-y9s3pAlI(~y-J-;WNV{+k)l(~_3J?R3IAC5?pmUKPoHzw~O8kFlsq9bsF$wJ&!
zBT_jjAz+jy5AV>L69P^qeJmNQ=m~gAll8e;CKT{7IciytisV3u$q{WmC6K~ov1L6f
zQUZmT)c8bNkBV@hD3gb@=CnX@Cd(|%m6M7E$}!oZH5Ut1VlvXwTsf&^pazo(XO-r%
zfjdwNjH{UC%81<^Xi}OYUwerp(?o;7Bc-Xn0$7wQWf}xpm!`<y#F|GULfjMR&YDY&
zS2FhmdNO(Rx~hwN1AUnE8lY@74h&>Hjj?Nt)YCK&DZL!}e!mhU*_><J2BoKIU>K9B
zR@wU`wG2#WGE$elb>Mj>ovgC=N$MWh0D`Bxwkhj<1BY3r^;t#w2aa(xw&`e$51i#_
z47J)}s%?7UH_r7@UzKZm;4*UIynI8Ervo>bwAbzV>43KkwT+O~R-<Bez|Z6-ZGBE4
zScdd886@>&*q#ZbmZ50eZ|T7u@<1BPbUCkV%?%W0J;pPVe4Ml>kijzbwanr`DVF(m
zj*?jxsK_!Sw9NB?nk-XH>v=hFJIlN?Q2Dbma2Lz`@r104g<@5pJ`<1DvntSt$qdU@
zRICo%&w5H~nKglCEVEbpvo`QBldq@A_ERTmU7!_{t8t_~lj>8I^>u;H9G~%)W+B!G
zdX%BITE;3x6r?BTdMBhJ_GW-~IKuCYx)g5*hO(YL-%1%F-VO|BnbQ`Df;`UTMcg5m
zy<lr#G?Tu%q}u`$nM~ET4hEKU+1u+nJrsDEW$r$w^c)Vn0)o5f=ohP+*sz<zk-!?3
z*@wsz$*`RXY+>@Wmiaxfhf6vitCdM6Dy{~OuuNarlDV!1jxlM_Ov*G4{1y1Aj19)F
z-63T@5;p@ESkE|1rf0wiUXa$Y=16Kbf)|-=oi6nl0ax$}6Jv%VJ}iBwsJ>#!R1Wxq
zPA2bY5(p-hrP^7f^#p<@%UsgL3>IPXl_sHJ29t8yR%$Sl$$87?lt4IGwJeqEJ6*1{
zV2!fRBdW73Jy>lILLOe%B`p)I$)t^rPubwDOxiY=<w^-;2J14JrEOIR-pS<loic_-
zpklB-la*SgQt)0bX`-bkDsBljXPI&jNX=1EBlsZuJnBwW7d3(pF$rnXga~}j(EfC>
z$VyFm1lzLArxqC+=o9S9<iK=QJAHyZn560$_6zo7a<rW)#gO1ICLe0eIl=KvzPHHK
zz?9&0CjZeTof4eIq>3)r?BEMbI^g^z+t0k<D_pM0x?J;vud+<ZnbO0#fwe?XgIl!B
z+TaG3S^u2WGdHk-2xNL_nGM0WS*D_{!HpLA)AG4-U}JD2=gQQ%HU&3vuDZIUyDc(C
zll{SMEVEaa^rPS|CiQhm4+OEnBWh=;F6p7*LAJF-+d3RP#4>%fo}(btGMnSv)ax}A
zM|=|egk>h+{7$4;@RQ&%CYx}MBZ5^w!OzRmdHFS*iHKYZd>%Z-ZS16#D=Iz@p5<JL
zIH$;5Uk1Nr@@d3wY5pd7mGxvVmNM7{CP;hx1;zSqk`xP`4?4<?2brHJb4Bq?f>DlS
zx}H>;F9Z`<=A(Kl*RMez%iQ={$^04&lp~+N(mvk^7Gs$XZ>o~s2&OYBuYI<e<(TZo
zb7(ReF0%^TO1)qC<2I|Z%ztnfU6#~sR%22xRay6#wU|7bt;(KgHY!I~&|N-|)}tcH
zY|1iwtr(sUB$*E|dE_ajIbgP8viu1}LS{QA;ti?ie4x1b1e0g2Xc)l~=F?1)F#nMr
zrkjhIG<#a<DQT`@l3ZW<Yy?Z2Uok1GbCorJW^y(~m8-mYlgZQP6sc>LDo?f3RG0J~
z^L8dC?z~Cs_nP&YjQClR`^?r%)@X9S*^f!1@0Cnrb8vZzSlSImnwZ%vGhAD5YEEOB
z?YJtDwjMU;GTEeaJz_59Ts8VjnKHIV%omtkNVbV*?y_NK)6#s2$((CKlb4yCv)MIS
z&7=`(Q08i7u4mFcLFs8_zR6@gTCbAX#N>879U;l1=2j-2G$qs7+{Gm6eI?V`+|6Vj
z=AtrJXLCQ3Lx!@|+5DJE4Q;)%d6db~U9nupnXEv|RC-P@xw;wm%YU(n-GR>L>GIU$
z`eG(b>m2ZlhWQ=K?E4A(_Au#X{!*TLQ{n<iQf<A>KR8!^j1p3&w|Rqe*)UHaQpWa}
zY0D(dTY5@zJlNL^Fj;};DoJJ=h{<Hp{V|y$nKVW{eN+-W8Eclwq&Ai|P?F_lKeKEm
z`SbQdN#@!5ndMo}g0E#MjtBdh6<JS1t*5_vJIfSnBCQ_}_BZRY%vTsi$sZvGn9bPM
z4J%g^q&esM-SYW(Fw1Psx#s9x5wknzYJ_^1(TJEmnY7<7{b^^;G<z{At2NIwdo%gV
zDtkwBmf4rd;q%g;{lQu0ASMT`7*02zF^4nx$jY_QoNJC^68uKyN;Bu1Q<%J@ZOu2I
zVzLr5H1cq{xxk#sWSbSSRUosN?8JCTGHK>Qa{-gqTF*jr5t9i`Wl7&K7nw_${EB<;
zGS_1BMJCs+_(a8G^JON5Fk>W{-R2VW6(+A}nI-0HnDwC@qMwpXG23(I>r9pnkVJ%@
zH{ar1gRQ6@558z_W#VfrWwx0s&HYR^-lxcF^8}OXIg%U?t})Ltx%;qcE&nkuFbUvH
zMAnZ7*O}Lt9JI>5E%>JCuR!fE<WMqinE@uB+^cN8ZDv%UHviRmN%jXfnwc!~{yj?O
z9kVKv#+qy~YcuJ$Q)%96Hem9pRqscG@0!h-9MieBnU64;yHDlXZgymH!fG2Qg72F{
zm~7TH_`Vrs^0w6y%Gf?IA7}EAF2x7tL?&mfw((=|Lvsd`<5t@kZSFSbGI>mE-eWFe
zve;@Hmx6oErA%x;N)Jby`^=Y^xQ|JKH5%q>j#w+)NtTiS$b5}ut~HWmoB5Hso=JJD
z{Rs1bxrxa)+UEo2Rwmd}%hL0)`9723I%0>+PnZmAtTZ1sPcWIO^&BzJRiN?5X_X7B
z<jtR$3_2@Y3z46hJd5)M`5YrI%NCIf6{tOL8X#?n&{6Xjw)Lmg!aoikGcU8uN!<sJ
znb(-i*Zu2LQ&b!WJ&i0q#can-XGLm<?Z1?oG5az-OcqtPi(*}ATs>j>nYgAXa@s7!
z<YEy;&X~oR9Jq|$hFno`&MeKO!}FL4vYvBh1txu7ROB18YDJq(i0(eA2QxIY7R!{u
z6CE<wkLI0BeyXZ+{bb(5<g%9e#cW!UdP<dTQYI=cn;lqY4c4_uJy*<5Oj=;gnk3iE
zUQGH;l0I(>UN`%(o(Dfudj2#cOq!Qb9{y<#<6PaA+Qik46rXyb$C-SySCK}caZL7n
zuE@QiCz(8S3cpZtuKPo?m^AOCNR!Y4CcW`Hos?-7dXCALh@m7cLN7B}hd2|7ingKG
znfy`9ZppL@ZDum=BbBRtXgibncPg2Vp#x0TVy-1McMg5ZWHnlXB;7(^GjaT(NRQAD
zOwLS|*5{f%L%%T@g*_i+uAZSwOsc&pb4@jSg|0K{fh!=A=>zf?lPN2e=D{I*C2EJ~
zMkqazkcUY{t$9Q!z~p_Qa*YlZW^x=OfV4g?RGP`>KdPus3{_$>=PyMjhiWtFa8u=)
z6}pef<3A{w*`XFp?nR4|n&*bvGP#5mB9bf&^<?r?7bWvts4tUuu)Bqnc|J6x63sj}
zp^XulYpx27VVU4hl5{lR42@%QSl7<Gp-D{q=*v>iw$OAYSvq1nLi3p1iF-s+W>4rj
zChsIE>-$14vGu*UM<lK9552-NQS?EX>tJXNlM7!dTZcj$m^_IY2+4FbkA&W4vPPHv
zL}(L}MPa4qWM~(Ywk~D;RA?WQzxFGc)1gC5GFK^bCiDf9(zvda{+tV)W3mzVqa^tz
z^gWY4w<(!#L%%R-q^+M1{mx|VJSB4}lu(&k)FR!&uZFx#(ws`ONG`<WS&YWgmMuA*
zNs+ImOjJ0M%Q1QBTSa`yw=hW=rSzmG-^HZqk4h#jxiOPkT2Fd1?Wr6TLk#I*R8&gt
z$s|daqH=O?CQ~r}kUy=Gt0fO(QgMRPTrK%=ChrziCA}qi9Fue3E18zbb3ue?c|(<}
zb@JlMG(u)snxkTT@+QvJ+v@K`wz5oZjCEu^DkdjyXPK3wZQ|X9G}bLj-pQl_u6!j~
zn!LX<weXe5MI<U#Bp+j$?zq?O*+;ovNj}b+pN0&PsCX^;G|MbFuVgkPpJg%?e`T(>
zlD}t?f}M;d*_8Y%+Zw9%ypw#DWnMsQkuvWlUt`i(Ti=#!uR@WZ+Sn#)A}ZU0JCi+C
z$mciyV-xq`dM_$=B?p*n)a1kDG|ojkVUo;t@nLddCJ#=;KG<vV3{Y@)awe1Y7^5UP
zm|Ts?ee1F7J<A+QzLm+l_$JAx$@Q4@Kwp;Rv*de0u=66$gNLK^%hB27mh8_VlvI*$
zk~>wQ8l2>`i{fa(_?<DO3+pKa?}%&*8Y$hFbSo!GyHGHt50hW8!@HCTru1d<+0RlY
zD$-I0Gg(kZ<tm&KWwI76bJ{kFSmBh%;g1mW;31KyD3UUn{i#w`k>V+{I9JARHgVx1
z`BN`t4wF3?S0!nXvXDt*+~Jg@Vaie_4-K(f<err0nao9eq|E&(tC`f*q*==AO!gmB
zG7qF|V&cc$44Lbpl=qmlTcu<kPWgbzYRv0Mrg^Ak%6=v%Usp0MQw}ltVu#ezJk&bn
zIFnjvQBrg3l+T$Y;8#3J+NGRk(g1T3Njju_%f!I?FG)J4{KTXTo@kY%Tgo*i6|_u`
zl$#vY(}*g`L`AQZgsRkfhv`!Mp5kKiwJ!VBln|3&t18XcQVKJ9A2ld#iPTa|ZdOw=
z?$l~b(sf+~Q)w5ApxCKPnw(mn$s(LDq@Kd5O_|({vd<ljeei-AsjaJ0%N$qE&IHde
zq;_DL4-4BwZSDnCQ#&%5hna&UHB$RAq5Uc)shyh5WY`oXQzvy4Yu<-wkW5tEkvfiL
z#-X*yT=%3-VDgi;bzkZ<CU&e2CYe5F<J4J9O5*;Z%+(@w4wDTyGfMJM>LMmCw~~1{
zbvctYXi-w8W$H>M<1inSq(kcKO!j`INXOK7n4C#fq;u*{CjGUC-BLed@|-S3@6=DZ
zq-_wxO2cRb7?66pD)qQC=y7-Pm=H-l3lbFNAtTAq)E`*Sajd|)x{mtkv#B&s4vHOk
zW_#jJBFj@RGP!Sq%_1vOud=O%h$_io_vzF>S!O^`%5*e$rru<7PajDpnfp@h)kyQw
zi7{eSqk8wlpG^;u&-+rHOzhCSV?Aj;oa$zB7i1h<uA`}5*7E`85*0A_-4;Bb>SvOi
zuE=+(CX=_c%#W#QOzy?nE}84+)DldhEfu+tn#pAD0!1#SR%3ET>$#j-he_)fY?hvD
zsSTJ^ny*MG+>FT+Eo|bkwKR?;haY0{OEE=K!)=(f9*XB%mXl0cxHFTJ58xROCPl)%
zxa^Y=4I<c`GTfhKzQY}0DN`;ykjeWiRIW<l;hgJ7jQqE746B55nDj>sFJN^Uesc+r
ztwwDlg0_*pl;VulgDkTZxg=>3eu_0W#jJ83t_`*YpAOSHT<nvx-)527;kiu4pjS$n
zIpIZ2nxrc-H@uulZ!NPhyoSjfT&Kufi^H!oS)j?%@FpgsiYh(Nh2LYc%WD@^Zl{PX
z4}Zu$AK8Ovn?bNYN%$j{Df6@>+kz{@2bs*=t;j3kV@&4ym7X=>FPZGr<kj$5CUy6!
zT(5<{WAXw@A+4_q|H`EJZAxZ+_zIIpF;|x|Z-oD15BEEzE$nI%PN+^X4DD07c7<I`
zUelUC2q!XeYVu(?nF+;EYTgqr!o>Igh<g)w9jopQc-`lD3=J|nhw~Wj&M`&tI2;KP
z8IyVpPf|iDg$zlV-G-zHr81VGIih4pB1%dnLXw0AQ7M!mm3-IUYp-=5!|UyRzyJGv
zr{AyN<=T7gz4o;B+QYpc^f6{WD&||}ctv5>7puT=;D>XZ4aKThrglMLJ}p+mGNvs!
z&gNpZE%Ue5^Jm4bw#<q5B=>E_T3F^%^aPgrvY7c@CA^Uc&w-g8#oAlu&_rQ&7VB)8
zdoUMpoUe=BS=Cs8H1zP>mz#e0ZLyw~nGWW*mrR@fUaWUj(^p%duQF30^&Xo}O?*LP
z7>uvf0hZ~A*^`;#sl%;Qqf108J@o+_r<O{UNgZpM?Uh6-Gxc%HtVbPoyxgQ*KJ_Wf
z>_XX@shIk#Wt#skaVn+0Y?*b<gsGgmz%mic7c5mJb*W|Ml#w{qQs1^rkvEv>M|D#_
zw#<nlBGn}I3tJoQP#Y#4yuqHj)5d9xIgV4lK6STchT?_*Gp$m8w9I2#iZ-bSEi>my
ziPJvyPs=QU&19*YQz>p*a1<;XGo4cNTBfX~b8Bio%lwYB8;;W@wWwtpj}xYQYPw~n
z-7ief)C|j<7%wUJNv&j=s+b2ko%>U>EK}<cmupPH0jV`DQ@6ZF@8EXLsse*judqy4
ztPq(Ql3L#~W;eqy{b*=vBg?#jlPr!iEVZp=e%Z|F^rJDUT`Y5@#u=B|(=yL$oJpwz
z<ECfUc6s%q$*ChOa|~_4dCf>2Wu+!-IxnS;w#-&dXI|=f%NWm-^;wYmm}P2wCi=XV
zI@L0po|ibUr_QiUs>WH8`iy0acgpE3OMSsItu^<zQWsd}ZOwgk>T=8M`c9<YOI>Xl
z<F9f$Yg5-+rUYyqGasa`x6HKXg!w4-Gs}DrtHp6Pr0%rLD2?-J>K@CiRAy`H0n3zv
zH^@@kQ;%6@CeFK=*_nFMGVj4AFtaN)Up3PY+l`SpU#Awa%-^sr9Ov8Abj!@uy!NE}
zmihB)k=mPD!7@EH&JU?oEYlAoh12;twU%Xm(Q+L~t#6sNDs?cmiDjCvm)sAfwzf>U
zqrx0c?O++>_j1ZdQ@dDZh_*#aS|7_~X<m8K23W@U#w?XLEwGH)VPGbI+BnNx-Bp+Z
zX_G9oUGplGHq|oYHLujP*_K(X?OrnN1<O?E<WXn4A}f_P-!guu6k7a>v2|tA7F*^b
zWiry1TjnyHcXOP~w6`sD#a$v*KJ9(WEXI2v9H(O1Czi=wLZm9CZLy5;)j3X;v>lfD
z4xT47)zZGR%vYF+n5mJrubLTyOEBULgLj+L4%j%=Rl`KuA<I0~QBrP|cEmChlxdrG
z!ZN*8Dw&p&W%}4YST@e<hO|7ExnASkn0Aq6+F^#}I33c8S>`&dT$t&U7PCyxQIdO?
zw6d1@OLHHdR@pLd!qyq7n+pz4t74hUuvf|H%t)(dnW9T1<)_kWTV@hw2NS0s%}Z-(
znM|$cH`2OT=1R;&oX%Tmy|T<)xe6;6!>p$jY4_SVqj93jao%%GUi5Hg)~5}$aXM?+
zH>QoU%p7Glr#)<$JzB0UX%j3nPUC!*Hpw#A-YMnUnl{-o4K&WSw5KdH5OW;o{#Dv@
zmKmyXcBRd;%r-6iH)*e1<~5D8C+&?a(>FT7UtK!Tcn;sEtw0=n#RWg1T{}}_$I{+L
zZQw0R^dDyaNLy#qNv)0Fw!(K!{pioMk1SKL2Y%@Z%xcPAe7$8Zy<3>9;=gB^)0168
z@M~38szdRN>V(V&bwY;t>qi}nUxJ@7A*#QCne{ZHM5XGvOdqRjv@&rX1QP)>0KU5U
zySd=F5|u4uR<-62FFBXE)JhqDgPHLqvTU3hINxDrLW#?5UN>IJ>8z(mOVqc_k$oIz
zJ<V{;t@lfu*^ViVH+jt8dV0?>pVyZ-TO3odzc5D}(?HWHl#aYmic2<goPLz<m|l&|
z9avL}lIe|XoRwIoFmrKwGpr%-h9tZKW-`;SvCO;5luK`AnXtwxrYCJ}w60@?Xc=9a
zev?hPXE)BhjCW~zhw6Eda$#Texh%btjdS&{EQL4N(>vRAzJYgP{`%qfgzm6RiFa6P
z88uGtW|?QO9^^QU(|g#I|Ax=TOq2AUHqMIGB6VYWFPm2d)#t|aK9;Hfx=6K8?~5N6
z!aE-5&z#Q9>HTb+{wj4_`mpNe3C$WkIZgquOZo_#SI+}h2xae*KFUhnyqB4NV8&Rc
zmoi<`$1$^1^6Hj8(K5Fv(=+`s%Zyj%p7h5p)8t!`x<CC%+ZLhD1JbA2KDMq7$5~GU
z)1Rw85;~WEPo#!|iJ+t_-esmvT9E#tWkxGAF@3IOrYiGl`g~i`58h^}s)Y`wzh;>Z
zZwhlLeUW8;c6C^_(68xBE%V4SiSt|fo0hp{r7(xnS6C*W#yOI{$};PfIhy{iWv*4`
zSo&JaT&lVMp1#g99W>7I^p9Ce<NT4n!7_D~`7?c!Wu8*0ztTUm%vZ{sNZ)3ep{n!W
z>0esr6^(N;eWzu5Y8;AvZJA3oju-pRGAEQtiS4z_c$JF8ezZ(U)i4_S*)mUSoLsSk
z97og19sA8PKP!_bcGNOMl*t=AZkf8uoEQ7cGWj&G^J6D1bGOF1AeK_YSjf9I&V{jD
zmN}uVoG+HwGAmT-qSytN8Lv|LV;9vh7OC9h-0uCTK&)U5V{K-BE=<8#VH@W}J7EgP
zidm)}&K%4i_OW9ZTjn8He)CtxD;cX`nVGozWd5)-8LMoWT^c7NR@E{+lqnypZZ+Jh
zQk7$uTV}a3Rbq9l)WFL{pK7uCmN|cwFjvGHTW0+o!qka1wM;9`>*`o@%lzOhNv794
zcD-dj!;EJBVqjWXrlOM?lX`6|X_@+tDd1fjYiBk5=`NAFHrBp|8QrNk*E4@b^0$d~
zv{IKkCaw4lvCfu>DAO)>yJa@HdLEU(eXM&8Y?o7&Mr>Et(@n9vZJcMdTpb*<T$xU>
z-ZoBKon>x|^|egUoi!}u-4?sg>iqZ$W~vtI8XIVtDr!mYj195OC}r-71(w;XQr%)B
zEpw~J=^h(xnWf6~h&^PPB`S4yY@B7DQ>JHZf@SKfRIk`$mU%*%-mxbvQ%Of$pV$=3
zjMQ}QiA}dmDV6FQd)hL6mAN-I+cI@Doqn-rEwfeAxi9vDWfCfNf9z$;Jg-du*ejMf
zPtzF?d(|=}lo=R%-7>#x%7bD{EOV{K85~<?nQ6<VEr!J2vh6+$XQSqCJq?Y$ZCh~F
zB#wg<Lomhyv{9)MvDKD2`Ie+JGPcGtUu&FEvG*-gN%eUk_Mv5NP^r<e^_ICx<2)GK
zXqjg;&Y0L{%iOJT9*S+X%$1tg!?7<c^Mgu_jqR|^5M{>2c3I{IP3Mu=H<tNG(-|Mz
zW0|5FXF_bBWtMB4iLsw7^NH5#qp@EsvrhAREOy8;7ikMliXFDh(`pYNj~%m2H%<A8
z*dLaeuPHwnJ7JlXDm6Jq*`_UysnnEM#4>+toT;(gmbqK?nHD?GG8d`T^w@=#S*CGj
z#PVBak}^-l3Rz~LN<AGbYMDG5XJ#zTGCNi0Ik9xhJgidB#Y$ObrN((V=ChRQydaio
znev+QqF8y${Gw9JVwYH^iN;wOyVNp&Yn;`ws+RdgQ(hCxvP`N<y&ucA%w?+Khp}3g
z`9-DH$Ld(7rb=y!)w4_~mHIr^z%pNGob9njmYJ{Vd=+bInYk+UP3)R%V`;+?w>Q@E
zH0CETrj^6l^MGT9Xvzm;2^;5q?W>1kZ7g$59~rs7#%{<ijDH;Qd2~PL9f`HGOvzfO
zGuw-v&TOiEI&*i2)0vT+6@@83SK;(HkKtE@%wHG>8^EVAj}$wdIqFsup;XT^q+Z6&
zH}e<9S$@Om%p=#F&P1Z8Gd_N4(foz!B-@?Nj7>Y8sodgp=I9yBqBH8S%^5XTqx|XV
z{L$ug=JvX$Gv8M_oq4A0>CD_br!!X+Ii10gp8X5U-n`uD%nzxjGab*U=jmsZz1%6S
zV|>3|UvuI6k?Du{P3*BLbjh>k*O-r7=1~=kj-!IATQm*7tXUYf?or)gDOA&P*Ep02
z<~@a93$~$aKgApFHuT*h9_6=ObL_tuln5q_CwdTdg`4ZxPq@m)YXA?Xkwsr(PpFwi
z`xJGbDBO?G<ysrMd>YbX32<#KYI7Jb(phv2W2b{fx7SZ`+&w@nI}E6^4ZT$*sI8=O
z5fI1AgE7FVbo~pzMr9>>199kGxT(pxl|UOZ!tdhI?Ka-ykKt^_q6OesVkHpg`_nC=
zX{4h^ciDJNGbH6UKpgMo62dJ3Vs6a^!fga%?wzT^tp{SRG*ab!O^Y%&{Yl}T2V$;N
zf8i<uF<0gu;d~(G4x>G|lqZ2W<?|nqn!FIFK^)rm?i5#7gMm06t&!S24~V(`xQWLS
z!~eurF18N(W85=JLtkSw{RXMi5s+ZnaX_rq2Qa6c${3X`tFl`V$`ZSQSmOOxh1(3o
z+*N_+TKbEkf^JkU3-+7)K^aALCwO$X)j90Nb-oe(ngDUiJK)i??66xI6{O4|9`%82
zK{9Wt-e*z8@31chltGDA_-$H?t{jB7xPW}xRR~{6WAym+Y$-welzYW-amwC`n?sPm
zH*ZUc9<eBYR~fZ0U=8q?O|SGJk0x6*6E_iNSo8u;tY=$P9JTvAkVm&POL1fW<R$oh
zZmYpFyNO=5@wS!lEQ(Xnf0VCBp#~=3`8Jh9C!|Do;y#YC5k9qTD*2jtuUlP0E_=I2
zZ&>bjhvIZ#3zyud!3D|be9IE4gFo+(I(Qx{K2rzDU||t1Q8IYoQ9<K6aJ*zNNYO3r
zh5K%p#9N_g!lM#8!XckdV86`NRh)Kp!EbjUw>WLbo$Yrls-7z7CzSVnTaFFr5g%Jr
zcqHDjvxwFZZMA4#U(dCEzV7&4XK+4EEa=g0i~h!Hol)og9__Ib3y|KA7M(l2P{L?%
z;6Ii)Y$Zy3{;zfRXamkXj@x*xz92ebk?G?p&zT<f8(J{8MGq{(ucTVE{G{jVWjbDq
z;2Qe+E6gM|wCn-2f<+%Hn!H}-8Pkh-78+cdd#6XwYra3>eln+L^5s4h_V)6yYaDu9
zB|@!Ap--|zVa;vj7`$<5bt#CGWp1~dVcScB^XZi*Ji6G1Uf)1;X%z8X9aPD}-9Q^!
zd9jrIgx0}$NN}y)^Re`2Z@r)`U3jG6S6h|)(8(r(Hl?`^;`H2XkIEyDEZUZb`%pnz
zd!uLP-$YPl0{7EIaAdxqhL~4P{Uw51o)$FfB|$Yb^y%TkT|ZCIOqWWWF8YJ0GV+bn
zmS!GR14;yUpvQ8`1uhWOe~ZZGQtqjjg`1>#WZ;$+%kIKS0i*Gg1@%$XMbU6YH!13f
zxshexeMr!wnp^Q%!tH-X&<BeCRJ2=B9`t2SZ>`qkr;1)sRAq$3YpNRj`GRnHUldeF
zOW9<Ka35+b{8U|P?PyC0EeZFHHCT`ov>7uyb6+WXc9?LlYFmD#8vLqgkD`xNtKXEn
zZla{p)|Ded4KYV$qkSWE6;3Hlz7hJY7LUdV9d<fLXbWzkap+(5xf~H1x<t^T0(i~E
zrm_!vVvPD+C!wWl2zu=bNo7I@;p*d-nVB^rR6^rb9+W~?+VoDYC5Lh~7l~XN?-5P!
z0Znf{9B|h3%R2>)Xe+Y6YAO#L=h}$S0gbmo(ND;iQ(2_46BM1$RC?SdDWC7=j|i>N
z&<%=~|0Ly@p~zEo&$~noY<b%%>Z7P3JOHkZ0`oj-V&gS(GgyS?p#E6Xtx0LOeP}`E
zs)lvdO5$zM(3YA?6-7OM7uk!I`x+A0*nH31E`6w)>+NyskGeNn#i`e7Mv35mH&%Te
zmo;@Pgx2gKtWHeH6T#v~1T9x|M8`rS9jgU3y_Rm2MX2<T()!P6Z<-97$aPu*YbHir
z(^Fh~v|omoT5Juqz>O|O8;^O^5}ZeWVcutn?b=VTMm*+LTrR1EV`1!02~B%n&`TFf
z%RG;kX>D^`btBIP5qciIDQR0l+T(xO3J2%1R*7JxTQ??xF0Tl8T<4VT%GJ~wudK3_
z)V6O{i$2P=mZz-%zuWah+}A)UP3_`$-gPy5_d3oOcR^hr_o&=8T;ur7c-#Uu^^7-@
zVJ(bp!dDrJ-q!T?YI?Jj`_gfVAe=*Gerp}b4Awf38LV|6Gg#|DX0X;lID>^V$^UMA
ze6BTF=W%I|NVcFk8G`Oe7i50z)6`HRD3)8$dpdvoT0^+|RJM@H=D$!v&pnRJyuiJE
zz_0iXb=!AMyP2JY2yNORJ$pSY9LM`gZTp%6xKn3)_Ln!ag-Zlteg2ny{93H|xL%%c
zV=zvYaZ<##ZV}dqjP7$*AWj(rc_hc_R`fa!jX5q69CZGbM^^@%ibv04rsMu>R!WR6
z!Rn6D`5KxXaJ)n?<q`G-lfkvlw@3!noTrrx?p03wzhoeOSTYblEE$L&megLH)Lxv_
zUYyikoYY>NRNI~m#1Bgb;)f*z@xzjV_+iOF{IFyoepoUPKP(x9epu+;gg#B^=Y&2@
z=;w%c(>i$eCGKHaG#}&F%$Hd-LD9{q-7c1Esi>Pn5!w!W&ogX)^g2`b*j-DLp4b*E
zKJJsBIu9Tb{P&tB0`bE_om&Uuk+lxQJ8T`4blzd>K)k~&TI2M~qBj(6RCEjGU*k))
z4#eAR9X#sna~8ez1MlHw(E>&Hp+u&<S=7$;*a#JNwHBfG5zmcUS65M*Jq=%aKq5+)
zIo~G{6m_0ulzxS$U^Kw0umI-<ZUL{^{~OsA^I6uT`M5D-_AwK|2Ha~iTAeMuP=ja=
z4GLwmY?Kxu6|;X3rRAT>YV7|e<&^%Xr<`-v80dOuLdRP|#~Wr&od;#sNa%P=1mT+Q
ze>H35rZKQcrrmPWUvAFJO#{K1dd^LKfQ+TiO^2}#;CSadFDN(t=+*|gX*UqZ`vU7m
zv*Q(^JwA3w?TFeB)YBrfUf`7fgyrWs;18g_2=#KbjI>cEJ<^bC*Rws$$cFvE*H-oE
zJ@j4PBa`+BIo!WbVXZuB2HS4*gKq|17~P+d;@0~gcH&Ydg8Yp+G!b0Zh>=eZV%^gp
znkIr*5?l_SZrJA05O6;2ZN(gGIs#lKl{qG3VNZQtDP>aBaS`hG4%dBzrq^WI2+i8<
z(P+p<=<aib#_4K|__3$t5vClcJ}!?io=?9uO|kn;+4KTdCuZj<n{N0HZ>1p>Mo$3w
z^yVhdaz5oZw{Q_JgO1`>D5D3^9%gUEr`K;up=m(a9rW2w`m_ymqlt%l!F<W_Obhbv
zOuLaOG}B7_@fv18i(W64LN8gg8=<@tGZvxqHPoc%(WZv7C$k+^<#ikC!8?4zBD02F
zVbNxM&Hau=Bj!kZJg^u0QkE-;mw${_9__+vhfyRZB`SdQK1QgIy;zSvwP@K39&NQ~
z#u)romX%$4SW?ah55@FJyz1xbz@weel+RthevN3il~_HJ_ewo#KQV>&SkCMTn*CUh
zmTKtEgV_JGp*s|PP#51ZSuTH3K}M^?ma83=wj6i`=aEer`32ReAZTfGL7j2C)Aajn
zs)5rMMh~|Y)F&cnbTdJ7@(3!p6~Fm_d<)X~@Uu;;7Nji9ABKz5to*V=y7wga7mteW
z<C!EGZ23sg^&1#@y7%DG{&d-2qp8?Ivt^s8BkG1LIkzl&3GHig^J!f~+A@?_ew{~u
zTiIerk5dUbS-*L7Xs1V!=S|(ufd`P+BC{uGS|(0w|MVyyxGWm8fJ>f5L!S}!z0Rv&
zDe6=v#qO4QR0|yUb`O@H(N@ftj2@UG+(WYkwNQzoDzRTBrmDmYCy@+(hYd5mE*b1`
z$fNtQE6I5@EF(3!6<@${A789{k#&!YE^9W*JQ&4p9{1Sgn+46-Bxw5qj|$lu+U`ku
zdzE`|y~LZPp}AF;6H(D>k)l|6;m$`XdGz%9mB&n!`e6(joujk?yBa1mN^fDTnzBV{
zE^LlzttjQq<W!<G2X@2s;wY8D4lb8t0NTUIW>IsXR7jk?RnOLzZCzXXR2rvbrbqZR
z7N>_M51*QM=KW`%W@3Mw$L||?WLLM$ySRad+<YD9)%66SI>`w_b$X`+kCf_E4z|Qt
zxauUQ3O?O~^w^3TYwO$en*7G`d>UF$xHm8=I9@k!jCS;g<wANsMHOwkO6tXXGKI<^
zy+qKsG}llfI9^R!L1aCZ^+;rW3hmY8cDxJWQKbPght7rNA7Mvcmx17|&hu7zR23+j
zUQzo3C(_xRjo6c6>+`Onr!?MJ7tf<G<uJGXdM*@Idn)<nJhKT;Z={}chKAgV;#_}m
z`cTo(3xx|)2~k@Yit}@<giSdTK~t=b8C5GLs08Lg!{yAk@kQL0ac%vA)Z`2HhvM`;
zkg2~+I)Zbd8bEQn;3$5J5hzQ0Q<lnxDf?vR#=3}y*2lh71B>o*_SvHVGab*hD<8y~
z6QRjq<wdNiPnTnduLZblx&tSL2_TQmJe{;COr;BWp4G<d+->r`$)?u?<z?H{t~d9v
zWYBt-aMy1Y6o>WUctbF!F#7Lh!#W7-G_E6x%h3t?WoW%**z(?PxpjCepqoXe9KC?D
zs8anDy4Ru#HDv|f9lPhoXH5j%fCeBmPVF#%m~~W~=3$f>4;hvQc6=~Gv+22)_=G5%
zX66yJSGg^aH794;G<hh8#_2NWxuIW`<a$X2BW@N{$E^$#LA^T6#p%`3oJyP?9xLb&
zBuvV2x^tYM7LaA`)`tbnMJmiKS6P2A+5Q)&`mjx=Y>6PH0=HWt*xy#{#%_o35|*n2
z%zgpK^C*tBscBV@zGy96{!B*Mbj0n~#kF4IB=v%`Cs!|tU_Qo?spmv+<t0+%qF*BT
zc7}xhrzndy#$c~(`?kqslu5ts5cCCRk_Qo*Nt<hP>t|B$cet*S!C|-8oD6<JOLO1d
z16>&X3ZH>dx8Z_ztHg;3!aX;FQ6}wl`9^8xt3>0FZ<Ly2{4(mgn)^nS=KU<F#5XJp
z4(B+JT8aJ}JbDr+5zK%+H5z16IgDS^zL}K0P*9!8DKs7NaF+pg-1O5#@Q{=6X~SS{
zBcD=m9&b|d=_A(@eHw?l;*?D)vmonJMVGQqX8+3M=9AgAGAJ2TaJ${fpsJ$E4q@f=
zxbzLl*Q4*@Q=49g^C_hA9P%ha9bU%W1)#FjxT;65S~LykAEt)N(&dQ9=wZy49B<}$
zp7U~1BaA3BH^!+3T46CH;?x9)N9~P@x+@w2WOgbOK_Tph8ta`!Pr$e3{f%33Qf)#r
zsV1zl$u~q%dThQ&%fLnH&+DYOZ$^41l}u{tw9lj&Xt%em?1io^GwJWIrB%aJhS!z!
zzW$bI4J5Kj(u>ne(2vV84v4MKx9F41Z3QyAWT^z}x6bA(HJM58R!gA`mODAuqb(K{
zLjU8QvkZNb(Za%P*D~oA*c{VyG6^q$yU-`lOE}(SH}<o&ZzO^j5IgKSU*KO^)N>Be
zPK(aN9*RM68jYP#gA&1`8D!6%62V7p7-iF7c;P0GvbJxScscX96RjNP@y%(Ww?Zxq
z-HXtFr@@IDqQUK*6hS|8BKGfe`4#Dhx$XZibK6$tpOt*tDJ4Jj4|01Lt3^|eM9?g+
zpnsa%+EZ%s=zo>lzpKB$Pbtx#{~(VgEu|dKx>`#FXO<{V8{nmxo^$p-bTdN2b|cuu
zf7eUS%=h1wE%lW8%k>ZPh`AAv2)xUslxLRh>?In1N{P<@7rC_#B#+jb$G<B_zf)4q
z|1VO`Ii}OKudVopJ$uk8byeh)JQ6{y4!73XG))AL-6H<M?&}$G4HZW!iD1_$DVMZd
zCjK9`{>7FfXv#jw`xP0*sS|9XNd@yN<{nP(@l(<(Z)GnyCB4d)tAQ5e^lCYD_VmoX
zvQU?}l`VKmjb~e~?kRcHwp@@$@{l^nscFMgQmJnxlBcB7$Z{RelT`M(n#`Gsx!o7)
z*W60{eo7r&XSvs1-NVvEIlX9(T5EQSL>nt{;5x}y+U@K$wC5BJZnUzOoKm)1EEm@r
zmvZFPpz0|a+-4<Kos!C(mJ?abNAUGb3!Yu8;iqVIx0QY6lsxVMhtsP2iSD<k-aJM*
z=Q1-xhP6A`#yfMq{BK5WFQgTwJp7cDF`}HMiIdF9iQx7#=Df36QTUEn5t!N8x1N#7
zBTm!Yx+hNGxOER?oqr#vOy@BsgCp>kMnf0u6FQVli*pkh&orBAW_vWjq6+ziYv8zY
zWKK&>zUAzxDr;~AD^1?Jx%6{EZ(>uy><{@=81ExJj`SE!1;Q8fZol2ju^TU^S~+*<
z>1p;XabAX0o`!67y3@(}bntwSp0VjkJWlyV&FvMSTqL^{xoB2WeBiEnGL@~I#Pc*>
zlm@|LG`?PxI<;Z1G)f=39T6^((aNXs<#|OKrN1Vn&_ZxgYC8}w2w1e;?S)6_vkTbc
zjuO78aVeKkR6B$9i&9OT<-Y~laJRyzZrA}bdlWvs1;qP4GvH6Yjd&i_!<qFOi!K=_
zs3<)1b(ZVWB*orl$)wAF<31UsP%ES9Cx~~t_M0syDM#rz_JNJR8>RFkQr`6?dG97l
zOE>WTWRyMuGTP(xP`NO-eafA?Hl!R;I<;PETMe3PzM_3HID{Q46PgTuJj8e8lEIi2
zg6e)E=nkxBINng)d1ur^(SXvzB@}g5v<iFcEI}Iu&7Ua}FJT05=rfqN7}ZjV&buUZ
zh@zTL3O5`r$P!bgh<-gaUU}8N{9_U?@vxxhj!SO4J>kli5HzQ<pe|D-<$gB`H=v=Q
zxt$qBsR-h6zd!2kgCv8$yKwJJ21~QK4<&<aw_e3vgJTlfMbV-Zi5EXAp&L*y#$F|Y
zp4cHZ$fI9sac{ycB=imD#-c=wRw0yaiLo2o(65p~U+ltiU40B2W>7ZG3-B9#2+gE1
zeN*Tgiw+T&BU5{OCUrl-``%b1=4aVVnpK?lS#xqF`|y}a1~V2&4Ylnc_1tc@pp1uD
zmrT0#B1!L0Xkhl%<MfGY@R}QCne@f`xLalQ`$$pV`D|&hHpP7|Q}@ZB!D`8)^E9c+
zBvuoqUXnrQ-h!6b5>!S*^LG*MgofttAzbu!K|wD;hwm2DLPM8m=<c2px=T~;qM@5r
zww%gN)zFnHyG&)9Xy|yA-L9I}(sK0C^fswPSw(BRiB@yF3wmC;hn2fcxnGofxT{F?
zx>Ha$<ytCNUb%(JmAXqL?of1GL+dNIS-G*weWNA1<PJ$?g>q5lCM$QHa#OAni7^cX
z^;WK<awU~}Rk;fFMB+Y0r07~jpI<5Qo>s1l_M91tnkX8osG_1}iiT^O57d6pR9oRf
zt)VU&ubsv#ukn7;R;Zxy3TeD=wS8aEc=>dEEWAxhR9gGmF>R0KTDu3dUp=Z4$F&@r
zRN_gMXsmf0Qi)eJk5Q^sQ`PDcmDr>b-BhB!N<>xSE0vh0CHGX*kF<s+XidJa60az_
zU(x4UqN_FEDO!`SX(`iHm)kXuep>QfiYjWpo3EC7ezT#Vi|Pv+r=gQI^iJhkD%VOS
ze$xJTnR4$dw?Jk4X=t0KlG}H2LHn8r>aSc}<E>V1hjKlti3BwhG*P(><z83r3ms)`
zE)@w+OEg%y3d%jB+&#*zQ?9S-98vwID_2Rmca&?T+=W_>8Opt-Tnp8CigFc{yH~lW
za!s|KZ@x^*)~J!7&y>s5c$X_zLF2ul+;%PRFIwLHDmz%?HR>XHRPQM$sy*?8uEPDT
z=@nAhN42+~ry5Mv(9HQFJ5_s5w6bt(m5VF)t8yKbYpgbQjB*_sODaEC5%i5}aF22|
zG~Rp49arw5sv>)_w(mmank%<mxmz@kU$m5Cl}pz=mMYgoxeGMk>B?<Uu8Za|SGn5C
zjZm(Ta#!eBsG{v#P`TX7t<d^gsP*@~a$hR9b-L6>Geyf3RaVsaCW*J8y`b{SO;qke
z>?yDZHB4m>D7sZqpt3)xY-i;@RBnn&T%ahb@$S}mg|yc#tt%RgRP=+QxjO$gQ#43X
zaYcRZlT@bn6VyVv`;;rI+;z(BP%gKkWs1Jlc#kW$Qn_1ti7)>u)&^XYi`I$;tLuwr
ze%`0zy>9Iw{&NO=boSdTD=Ko0aK56OMu==bMH3XIscb!!xXdA5ck^mCtv1omFPL@c
z1^F5ADuy-aG(qxsW`~qxTst{Q4}I@S-K9jwj)=s!ZwPwjYVrOzmX!5}c_YB=h-A{X
z8&k;Kv(BW8+VhS`rrj4X`eoADBxE&v_Rt6K_2`(DH7^MK1yr40#227ut&vF`9BLEP
zp3ChK)`mypv5xXyH0!OAzssGmFOZ&T!Au&~Pg0f_34DrSotzsIKHcxWvhryNRxB6T
zRO-FX_b4)R>__~WkK59x`$qA~%cprwdA*eg)=p-vu(v)%(3jKXq`%%PjC^_?HD18x
zE4AU%u+_NXX1Q@VAvdc)e6@-mR>JC1;}bzEu_i8KxfWvuJ%x7Tc)44rPz4)06(zdN
zqIQbnis~qu1BomfZ;WznCh;BIMDVWb_lcmAJA21z?pGdNZY9!i5umO`cP4n3#G{0w
z*+8b<Jo>pluW)fc5vRzeJv@5Xp+qots?^Y36B%LO3!&zI1nOiSBkajw<ncOLG)M+d
z;&h#Rdmlwr@(A}tDe1*m;Ix$E<=G@$QH?i9<K2ta;t@Y5MbP55f?iUt@gU(+6irq%
zTG17XN-FBA_PM^IiW+*Mq9KZkYrIEpl6=Qa7j#rDa0`uBR#C&660gFwf(k48@IyXN
zP6lr(dgVI41(ytd9?mz8lEFpTsWj)#$)IN^LBAXp*?rhQFrnG>n982;#OBO$Upyp(
zH|`X!2Ts?yo?l!cT3vIGaI>&u!=Xc_3D;ZEu>umh1onXAmBJk=Mh{@Okx>L%G1^!{
zxLwK_yT+l9KPvHVD=oUTz}Y*8Zq?jYDl#{)IdrmWZ%S^sY|6Y!LSKAQQ1zA)`o8MC
zNJB>!lRh~dDR4jC-$Ky+6$P~|E~qZ*isMzqUO1x+MdrJA=4POc7*$k>t1ghxow}d+
zs>b^i{eUIjMr$#u(Li$Rp{acOhQu>v<9Iza<?PxL+7&aC3#}mNf@=gV#tmW)9axl6
zCLP-+DBN%A@xJUHm1re(+Fo^OqC0`foswR6Md6sfsgJa8-g$y<dPz`W<?3s^qi&u_
z2DfRvi#1+zjh9Qg>oHQeZ&X$8MOZlIo>eqWQAJIqq@t#Zu2j@gQ{FjS((9&LB{bd~
zO*!1rH0{9}9DY?$N#&}bjW~2=b3u2aWtgjjmSI$*lhkfePf+E&f-<xh_bVV0S%n0(
zhK=P^Zc?tRa-CJ8w1$46+(U|*Xy|*&eWqM3<u(_T+{!BVq;kIId##3gn#xnk^-}IN
z<(4WpNzu!i@(aq1RJ2z^FH<Y^_XT2oilp!;%cLJV@vNIkPhKm#y04;-v+r|<yCI2t
zP$NZlo3_>n*IL<hd0E`;f%lM2_}Iju>(NHc-HJA1bhU<dcAQUBu|sd#$k(r2qO=Zs
z^$lJ$KIRhaPB#Hc1lPM!(K@(sBG+^4;G>rX{i*01hde5>5x@BaS=<zJUr*s%T18`V
zj+3yV4HXSg^wS#g$Qmn}ujt#ExL0are^FEjnwnEGkHka4P3Wz-S8C%K4~kEcj0eT&
zBXGvIz&B^`hfE!KG`p3cW{!){JvcWop%MDoon=MncX*b@hD9i!^EM-N=z6Zn2t9y#
z!R&TNs1<HAGrC04m}`a0>rNyh)Lc=sHl96aiqMYbeD)Nft#1ih47+P|&ZH+EOrcIF
zTP97oP<m6RllX?udd)@pavzFP%b9%V3BFWqx&OBoXUFE8GfMuia!Rqvl?|tBu59>r
z-<1R9D#hyngraYl62a4SI^$aioLlkkez;Ql>NT+uD;2%vP$u1jIxzKz+hau-#cAh5
zZ13ZAFZ!BEFOzP66|X?qQl|ZYTecQ0Lv8c|ic-UM9^GqEc(xOsZvKWIF~Ek3rcwH)
zataLvhc8*9Vl6(ySYRvlfpROA>!4m$wnK?vhg)SOg6|#5qA!QB&RMkEA)l(?4zpRS
z`P4YUeZ!+gu1+)Q1I(Nz-%RSUgk_V#+i!?2Gup}6s_DGBObSn1wpA6`RnF7m6Bu(U
zok`{dhS6`|OHJ-nv}hlvoHM<yPJ>K3h!qR>FzI!ivN;pxlo?GyD~v=<W>UICQEGyf
z<`{4hdURk4JpvS^KSr|#QF}`JnB^Kw#5+_LU3pas&9G<*>S{JnGAM>R<@UHwXVb2V
z0%wOZDgO|DgCvtS+$Z0b4lR^I&)f9&e#&dfDBWB!h2~l=m-|L1N_Q4cp;s-p_F=rO
zZ_(k=JfgC4+$GL<nZ4XB8iF2SQo)^V<p!bkn5#Wk;(gyjxbHMxpNhggqTF@Gg^Ql#
zw{oI%Hto-So_w|vy^a!H0vmzejuO2Ioqbw3gGX72a<+chCzrvuHDfE2s#cR8cEqg*
zGbzLM;+(Q`v>#+T)F${DZDh{M+XUy$5_BAPh`Ek^1XV{%Ge?*;7@c@T&?vMybDqW<
zq_WMGD>7c<ty>`IhT(!1YRXqDw-J_xQ+_VLpe;`ey6{y-9$jBSR^^{5GQXm3R_YP@
z^Df-MwLM4fE_l?cJ7yPfIoI(Gc6n~4el_+Fc+Ea%y{z6F|3Gf_J{V))SiLBf!aQj1
zI7F%Pr75(|<{`HtqH2r(-Q9)oHo;7v=M>ysz-(_uH*Q6&;&F~Inz0sQZWu-*qo?7G
zFq+vwLg#1TMupX-JuEAuGd+cz<L%siw|-}yHKHWv@liT+G)C#n{v4&S-|xgcxY=rD
zM$a~jhC3Vk&*NQ#-LkJB8=+fZxxTTfm|G=muT08&EhkngO1m-Znm!bzGMLNEjz|WT
zevn%*lB3;1J9O^ZDlAbCH|IsE3he2An{P?zcgUjU1^KoT?x11z<5~O;y~iUKB<IXo
z*~QD$`#!jdzma{joFmzs;J<<rv6W|Z=IG9(#h6J<-^ix^=W`2Y(<t0sFfSowQ@+}K
zpC+54`T3@M7EN*Uc^19-4A)Q={f*Im6eY@}@>p~7{r3LXus4znUPRwu|DfgH{1r(i
zExdt4bIz*`VdeisDi|-WpJr0Aui@stWLn02Et|_Cxd#=eFRthMJ3Zd{r^MqgZ4HN)
zVBoo#n@M3FXA9-KTjnlUs9z`%az34@GpCpTl-zup3wv4woKHVvb!RMtkM9E*;YAyG
zzNYn)K||-WCWH17nK}FF{#8L(IG#<PX)egu)!nta;@fe%cqrnv;NKs3#JAhRI;iCO
z8eW(iDiW`wH<>&<y6p<_pUpnH(V6#X9dh%BPnF^2vc#1Kxi{h4`d_4MuhbRU=uLud
za&K&T^xX9<`~OYJ|I@PJm6m^0qGXWnJeg#0p|)ESZMO;MOKUZ0Ca7HzL7!I>G(dMR
z2bULatfHw-Hcr#wp_uPjxYo?r!Z&+``2@kIlUN<Ir#hvl_^fAZ{jkkr+WPerz1Ey(
z4XpEONk6z>`^)WabmI#g?Hi_cjV|~#(1qNe!|~?RzP#N3d@8(#U&Rc^Q8>2ZG*Zj<
zzp7JDeR=df9TiXE)X2;|cv0XSBOvG9#@b1)A>47T=TUJxx<hUfZlW445qyol!F%B=
zw#lye97W*>{n?lCaql{@5%S%qNAfP1M>V^0d-xPA^{CWo`Igzs-|YD`8Ylyy9<{?5
ztYG7v7$7$@Ga!4Z4UOY{3m((0^sZ^$jokm(HgT)=oFik}yyIZFMDPb}m?>K#$OnIo
z(R9oP#vUYsMGpD&?s<GaHq^?e`S9l05+0f&s2X}T>vFqV$C<9Kd<ttfETt)1wNuLG
zQCPMMf8nyl$#?q2DX!=fr(c}DQ%$ATa_W58jR2qSQmYr%)qqE26@8}8_*xwvsF`8o
z^c1u-WsB2%%%=PuTFD8*)ljYWsaAKVb3C8?UNVwH{X~OME3B`z)*26$nw0v(S8r$J
z;nQb2ABk+vHad)b3$upsNpkZ@(!)C<{kh~ml|WzPwlwp!d6my6S=T0mOWe9P8C>B|
zBDfZ<Z+c0b2BSBz?0eOCb%*y_6lHDWS6T6PmfJaoEqRsgi%-Xz2@;!wU9fh-$(Mxu
z28qedr(5A6*RlG^mx(_0oF=!`!;xpc!e$Ah%T-oF5WZmCFZTInhjQj&=5v;P5c?{O
zWY+a*!cgJDa)jE4B{G^e{*N@3lq33eVT7ba5nEU0tHFr+8xd*-Kg@U@KJ6@qui0#F
z<ze~Fy8-+qwR!o~*RT7zWloKUmi~tKp!f?=lLyDUUTcj}Sl+Od=5-jZp|iDzsqwa_
zXvHa?&V?z5HCbbsXk}`${lBP5kMiUZTW8*1GrHiU8KZ)2_94v424Muic5*+R`4x|8
zoIAT2(Z|Y8tmtQt3p#$4pzT>)N~EkvS_a=rW3DhMV|R5!&T+)KNj#rMxZMDsir@s_
z><i%B8EYoq7Z{{F1R)ppzjnCi%k>=Az4)Czy||N0?o$u9#|Wze3A1<2HQv$IpJ<ws
zlb(&2N7O$s?PerAJCYfd3}l?|be^S8hYw5ZSH&%5GynQ@#m~|w6Sv5?lyVfL2k~|h
z_t=-~3mT>I>emq2v-OA*v!zEA#@dBb8IHPV-}@z4M^i(|;Ht+3J&2tI<|b+AEXXof
z2>Tn1epJ-z73R3)#>)FT-g4Tj{5MK(5{sGBTQVn<U2OeH?f%o3$TR81P5j#pK9wIW
zo|e3qfj6DdbNFi*N!h0(m_yC4J@{nq&hXn=As41%+K6St(6dQMJd{x9qw5uoRdl=C
zmqH(aA7=I<@z!`#-lK@qO)k{eP`ql<UPe^-O^wVw_&VCnN7&V=D&y^Kl!*JTnXUNS
z8}lLtpD%>^HCC+#DH2_L5>0dJA{=Xfmu;<3t1wjd;XLY&RUnV^E3h}mC@fK^b6i(S
z@){U?wXL$Yl2YP*xU<yIzzuj|&Fb<!X34&%X?549l1iA{dlSU^oUJD7P7zK2$|We&
zFVudd^X72wf|GeJTfTzQT4pw7?jY9o=4<2d+bWMXw!-edU6miulD}1k?G=9C0XJ7T
z)I)lV!gjkxTWh34XKO8-9lgT+%A-dzWP~2C!6*^*x<F8c5{&Tn1pIb0y5n?kf}mgA
z4WT%F>5yl?^Wwf6)@j%eq_xmH&(h{$jqig7Ttng4XU5NFPU??+uG4$*z3?%Ora8yk
zne~D<__X!g=r>~0Ps5&_2(F&U>EVVIe&N!T&8G*jqr{~Q%NCY5EaiFA`CTyVopz8m
ze|e#x{x~z_5?!b($XU6i<ZZO|rzx7F{a}HjuF#%m=lc|uL3?n@2L?%Qho2HI7%W`a
zWB>C$6iU2@Ie>GkguY==Sbt&vga78%YS_hkn)~0`;`#Q?A5P^poPTi2VQ$7VGT*6V
zZxW-?phWNm`U`)x|0jGEGb+$eF~4!V(lKd;aQvE=QTkhZa5hf9Z_GI^L#rIlM`4?X
z`kiSz!#W7dn{x!ni-xD?Hq`2OW^RdKBX(1G&DrG=MtF-1{sPxkIJVARj!=8kPg(X$
z>=HA&sI+kA+s%<ymr$ZV_PN;lG{ro~5>pg~@r>*kD=T9QYo>Q4<-6ufPb`aBh*LRJ
zXRftJkcv<3-0Blw-#UAb*9>%i3ulNhm9REKt5<oPyrm+RIuV$2POejP&S_A%C*xBE
z=c)SiGVC+kmmkZ(Kd@yx?2u1)ujO+1^ja+`Tc|;(RjBE?`_($MLQR`T=dz5>KGTgX
zFS#Af&0_&y>fzP~&n~ZH7mU&FOhMbS1^uP*mT0{1HQtvR?>kM|yn(~%nKy74nKy74
zdAbXh3wzRBS6``YfdUe5y2?JJvddj=nYNc0S=`ITiproU84ZlBi;~fRQ4}i{M(<+R
zkI`_{8l$UFYmChLm(et5JMo&3v;4`RRddcG8GNdHk$cLC<u|=}vTX&kUNC**+<QSD
z4TR^*{rO!*rq?m&BM(mHO=!xf6*Og39p~Z(;mpQ)pb>fyGtLZX5TU&e;dOWIVeji~
z(BlL4Y48?}lg*^cZoedx(t7jGNzTxH@Wc3IGz)VwqfqvfPuUyJq=z>#!fh1Yu@3j^
zWUUsi-{7-8$riYEuuwgP&CV+0H&xJ<#y-bs)rEqR>4K)gFJaqmes{{WK3@KUZD&**
z@fZzp{tHHhoA-S(W7^1KF9W-D2DJ{_z&aX<)<LFQle7*lRaDi5;y2t-YqL?$S@sRs
z=WUw{hZzSeDw7I&lH1D&*C}zTHH=qJaeXB%PV!1xoKkD1*tdbgx4k&Gxi*imCXFrT
zJQmFqbY^aNNepAg?4{ua0Nq28l?|`A%+3T(Gu#eFs43@bUhF=1i8$Wk)8b{odb55V
z_5A1)_%G%}$D>T$GY|Iw`sxVSo=5CKSYBDthvzPFyV^G2uCoSjBIP(0I>sX^PDhUl
z8h}$@bHWx{>SS<hCvKx;Ft4Mar4EJheET|rDF=Ro469y7q7|P}@m`<oL??o8;76Eo
znFt<$mEy5#)~mczE-T15O+jzsm!{h4?&Wxt!Q@e0Uv{fbwcSd+O)wFsj3zW{cL?6L
z<&~KUuNJ%WLA($#oUMGEitFg{VE=feRB%=~5&YmRYa;l-S=L1Gv9qjrZ@soyU>RE;
zm4R(qV_Wc-ToP*50c_FDI)Krhiv@`fhc$%r%tK!pCl_u7^zXE<osYFgo9ozr&W-&z
zN!jAG9Jbw*GEM_vF&SN1_W$3K|I_j&g8zS7CZ~S?sojm+-}^ItGG{7cfnnR#+7@;_
z5xZc{j{9_*YfHQa>)JB3#o?}oN8yYZuEu&N*{+58;<q$0%1oQ%{p-Pk{yxI3k1sNO
zye@6~M(#e+H?U}P+!WVK(8G!ex26oEoOy&A40js*H~9`je>QV`mexj=)<%}r1`ek&
z8ja3bH1P^S%UTM$xQ(E0?FE@%T{P{HMGYOwseL7^D%oP*h&^Pkt54kS5l*?(^Z3o}
zF(v{T`~NPLYMOEfP1&T!d1S(q;e1zMTrz5l8fO&R2;)Jmv-ZWzrtHz~#Juo{<zy!n
z_cZXe1fLM~Kp!$S>65v2&u6&CJ{zvJuFAO&ncVP3Xe+*}5vQ6JxHjUn8nQ+Lua9E&
z$*3BvqeJR>T&dP)qFSH7up`3#>LJ%gaa!!!C{F3FjW8Bm8^!6Dhq#S$?vk8zUJG`F
z(NBxpeLd6f8I^|Z+-&P$Fjo1deLWhAGc<z=(h98e7~Smr(}MI3YMkQ@b88`wZa8CQ
z?a|G7#oKJ8XfZq#b2kO|yA=KOl;^k&GX#Zg6t3T-Wjx*g<J%qEtoAbdg=>4<>#4>i
z3Rf&)Yvqg=&J~;7o_U-K^pMtCiZRWtwefyIg@y|99u|~KB^Ibe%M0a8F0%v9J=UCw
zF!~*5);z13S={6idapV6hr(4`#CckH5#;|gy_{oE)~0cK!u6au$uAq?mgA3Pzfttb
ztBIRksC(b;rLnJK){@^?uCJ~Q!ZA1(BacrX9#>>qdM_m6ba<Nd-B<NgrmnNB9({{b
z3a&MClEk&vX}KV?qGv9AOTHdb<~lu_l@GNtb-&;Cp;D;RLqLgOw_DN2sV>f}c?`C%
zEgFcu_h=!$<zcNlVH`1P|Ec)JC(*OnLl)Z}_C%!Y{K>P`ea<;5v|Qmi&bcfX#>YXv
zR}d$$VV>GBzHh<(d8%6#!3#${b6uI;Egs$G9F|d7f7_k)#&7k)zhbMm5VM+z7pEl-
zg<}gnC(dIqPI<l-yK!nNH(A@+;1XUZ$EmSH=S~IZq5nu1c*EF<=5mB>9@eSpe>?|-
z_T`hW<kp6X$NQ|IMGE7|tbvu6n-SwwZ-~^!#eaxpsH7;gG-vavkHeEO)-g`Uup`2D
z^6NpO{YZ>Pvwy(9vCJh}trpm{(J|YL`{t5(^UfFaaB)H1;6HOJVQqX1ow@aYcF3n*
z*xmojrg!EF<LsewQW&-y+h<;#gt>`T#*5xAk8EnG9z{a?ON#TQs#Dq5SikDD&+QII
z^{f&%fH9Mp+KAX*Y{p>3zGKLvF|-0Q20e<Qp4nRTfw#nH2j*Xca*ohKh-XrX(;A(p
z+v`02w9eBFP-~o95!jMbJ&)>oa@JZsp4LIbDcq{~H3jD*;T0_>i{EiVzNSP`S_b_X
zRlwTMamd%8&~CsNKo2vwL~-7V)fj6~RXw9k>KSz_E1{BaB9K#G{I-tUT}T9#osCTd
zwXkc&H8cwzH=}FR0^h0@xb0dAJ=6XrgG$X=XMAJqya)VVbU7(UL$~{Zcg5kIaM{G)
zz^d0tB!b^nLVVFgfXxNB-~LWVu}I^u6EyS+K?PB3re3hxhBspJ@M+o+woRDJuw!Wa
zA)hv*hcPmqJ|i=$c`uvVm0ldTJ3G0-B?34FPUlgmd)B^&>Kuiq&)kowdq&tQb*Oq?
zL6w~COawDkqLG&O50%)e68%+Tfl92cAn7$iy>M>r&l7Y=B{r*sUr|CU!oIM?XRfa$
zf=SuJRoBqaZx35R&ZrW>GT01G<(;PlZBP_Pjd5r_Mc2<3ZmXhir!kjv9?YAYThOC7
zF&ep#Uysqq=yBJ+*geCX%-k+m21ak_oA@%9MeRKRvxgG3ZE5UZ)b1oOC%dNjQUI3K
zg#PQ1VoJm_B3ps|(3DZxf`ZN*6?i2adsXJPL(ZMM_R!wshF?i2!E<tW{~4XYom+*z
zEq1(g4v;$-xHXBl1lXdF#m<;nyYR{AREy5^mGK%P_7lxc7JkVQC%mRaajN>U{BC_H
zVP-^5CDdgKZZWW*(+{$YYUw`Q$QwnMU8@<z>3sNCeCMviHhBg9WEJ6_J1JZW@vRqF
zB<(M<p1~b7oc3{VnxNzDDIGIkDtA!1XO&y+IQ)*dn{jfkE2gK5?<3X`zc2>-$8{P2
z@$4L)LWSok;;sAiv0LN#WYz&jA`v{VKG$;fkSD>D=00Rjg3auVU+|kEBOp8<3{T0-
z=^^V9p07TIH3@6=uTnPWWxn3uz^|&q*W*;=9z5O*g>5%nga)C;`8ODQC=&lALNl;-
z=6G^*K0-gj(=r@(ol7wC_09=?6K<w(rQLk))17W-(YL>EU}SxJ3y#sN?sU%2aj*G4
zS68^f>B@^=Wq(Qfl{xh=tJ%2bn-evH2X8DoR?L^PWr$Pg0~@d2ghpuuR_{iGD1BLm
zTLxe5f-`LtrBOI}WK<kyF{Zai=_F=xZowZDg3i_osqTabYl>3rhehZQ>~flxiO>nu
z8l%3jW{eJC4}j5V%w>!gVh?~(S{p&_+B3rMl%W+&IXp_aoOQ{v-#Hi#ze4Y{&)E}4
zFW{EJ?K>xd^_KRq<=Q(<jhlMG+EiOXdPJBqe$@pf;@U7JVq{9h$drhY$(QZ3<eLae
z>-<(sXRA><TV16id6UMwSL4mqc<<;unAF+tO^vrf<CWCePwIuWXFtbi&&X)c$Y{^V
zXwOz&w2zZ$A1Bd1PNIFBMEf|2_V^;#X%#2YK2D;2oJ9LLiT2oociP8Ew2#wmu9R36
zrE=}Ysl6}gBUj2ys;=K4^v2Bwb8{tUyB*IZEpzS`JX^bk_4iLxId?z!f0Z6a3imKG
zQW%+$@~?Z{|1LK(E;--godlh`{!HEfqyC3d{;Qst2;Ool8@x3HZ_dO6=X!A>D3L8(
zSn~foUsJoRfvH_aro8`3E4D*s%;fBK|NDI7*8ZKEZ>Ry*IJMYz`qbT7N1SP5KgZZu
zk0vRatZ2HTnTnoK^n#+fit4+OhhMmC%U1cHp820UULug2vI)H@n+W6vY$A{wu=wTz
z{s-THja-NM4Rg9rkGr)He&aQez2R<d9(3Q%S$qHFB`H({68P0OhkUvhb9V`wiroDO
zy_RroiW@5P#ZDGDDm$NIF?qIPD>@iG)}Xk(yTGj_vnhTr6*DLA6kUMTETg|O1?@+F
zHeA@M?8)#>huJ4&WcCReiKhj>9pBvYtR}t%|H6?;FPss>`4YbljG8oKI_DXNc%^Yl
zxLFOm@vx_?sX57HWIQ8A<|LERFVzLTfu6|RvTFtPY0b!|2GE{Ei_T@=ED`j>K@;1T
zd$k;&=xvNku`kd20!Lc%ue{@(1gzvtD!89BP0#|Yf0^5f)@Nk)ea!d!9({zb5zN>4
z_*JS)c*T<QEdR`Saq5ll#>{FWj;~f3WmEHZ@?HMSmnF2*6%slTGdq9re^f&kXy~ds
z5_+ws{I`aVy+J~2sBET&wt^m<a+=ES*3kD`Na$*neN;nRVdiAnZW`J^L#r0&&}^#a
z%9c&{X*mk0M2eGu9l{Q?sh4aT6p@tYYrI|>k6x2_AC;GQxm5d=8n3X%`=XiXa;54r
zQgyl6$!60Wt*fhDzS(q_)=+tkw?*q^qsHr~wJ|`sx~>j#k@>|(^A!YsrP86CU#iGy
zK`yG8nnI<m-H_WN;aLKH4;-rmvnGz}*F@L_yGOXUu_wr(Z}t}?U#dj)_a>tD^q=EZ
z!CnEQ+Sn^#6oY;)v^U>Jit4w>XV<{o&|nE!3F8}bm0h9wEm5tu-7mSxuVDOBtrEe>
zr}-_oM3B(Fb{E>xyw{QlN}`5%r9MkTU&r|1(ApY$KtqS3%{laIO}VIsHbU!jXl0fC
zR72lHKj6@dG<1Z9HbRf!(1V(CmWF1aZ<x@t*QwMW_Y(eX)Ed=!ZuIT1+Vd)~+-$bb
z;oTXWZVcdGQ-zgx64>{_c?H|?{j)?udfmAtvT5N6wxZee^Ke1WDT-+53gxa)uDGJl
zTqwSzevjKI=dYxO<&{2^^V_-bODXvx2*38NshInErvG8@tF)kE%FR>mnz9mlX-z?9
z_G4MI!ZmZnx%0)ZW1_ERVuWVX6!aWM9U*6suVwQ|G{CE!P6K?qgjsy>^CsQ}@H-hv
zZTNO~!RUhTw+``d9Og{#L(CN>^lZP+$*phNH+SwH*nctQNCuY|!1vA23h#JfG&1_8
zsBmjPWP}$*3gJ~H#EVdq7d*-W!mm){JDaW6UJa^_H+3u;ph)h_VtuZ%KQAJ>{4`mK
z=aEU}N83gw6-JZS%30tOinhB`X}sEr&1<uNaCZF`e2sHCn;Tturlw)OqH{JK#90>4
zF547+r|7QU5}Hud!J)8TlELyf<t0i%9*NF)i3s)A09r-uFSeSmlg_SvMb)`yZm!*&
z@jAbbmA@@p1&wz%;&H9Lpmnw7S@}g{6KY=I3UvwVFN>NUWq&A}`mJQ`v#F;;czIJ%
zprM~B`gw&&%usHPq8%DKR=Hz}THrlZuJN&o;);4G8lb4OqV|gBD0(|v()-Av3|f@M
zd!QL4=aLcHxd*R|p#J!lXaXos54gJq*i$&kJE<A^8_gN|HDCtGZ#4Tf>3rGQ?hzNu
zFzHW>CZy-nAmtY6+j7M=aet0ebTj-!8?RbNyzT^qz50c)_ZEet>_?2AZk8)i*rNls
z1^+52s4YU78~eNL{)Q=Eo{vi&=7zIc<k8EfR}f?0%o@0f3JvbH-2QrU-=gqg`91X?
zRD<mpZ#>QiHWT#Dr!qn>R$cy7{n|J#)Bx`bIIVmlmxoU~T)tQpxpLsEgO4O-89i|-
z0tw#t-u)Y+Y<lwz>3=2j3#w8<&}+>F-IOJ$N>M@gULj~k9zmnp3hE9YlY3_X?~u_<
z?7cGTs;Gsc1+ZKk3KQ$lbcZ4|1f?|JphoDmqJrKoFG%V>Q~N3RPSZ>9>)97^dZ<ZP
zwm9{7WsB3ru57qli&@QR5T_%kXRfQt7YVvCMUea|dz{{aKWXA6f(_NA7ss}9DtM14
zkZ&j})#I_nzroGE#pFL^O&p@{FfW)B6K-=ewy;JV&)?DGS8zvi%6P*8v&#S*TI7DQ
z&*skYP+MNpi&=IWB)Fe;R8+^+Bz|dkC%$d5sTkQY7LCPsERUR)%B$T{=rJ2g2sPh*
zqO9w2_f=)nEN4=g3@+!boLN_L8{wD7T)W|=0a#WuyW}io!~3KhXO@@0sh(kTn~!`=
z{Y9ue>UlP}2$gbnJVJSX$ElHxR}r?8>-mK){HnK4QqK`G@9Ms6=a0)b!B4WO?0c8!
zRf~oVVGD;|=MZKB%<O!+)L)UrLruDP;aG*&2mKaXT}-{aX;H2IQp!rM-SC!$vj;xa
zQp@mRC$Ve$k(((8?qjOWnSj~(ZJXW}eBHpIJuwUM4A#RTd>igG_36wy$oZ}BJ$ZQc
zgZ9T{mp!z*zuqY)Y%k-~i1*C<9OT}P@7hpnYpgDB>=c{RF+(JRCEV{lTCJfk4Uo{i
zn)226axcO8-cZ?7=+upCJe$5A%c;bvjMEQaKX&J_<&in_`qx@b#i<tWQ8a@u$|x*R
zsLSp=(!PJ8p4kfAh}V-C&48wiM&2geV&%pw7v9OgA9Y|X14dXNnqGqQeeOfA_7`1d
zq9%<e<Izv6rKRh&mfAhCLr~iFT#iJr$8o%NS%<pM>6QM0ImK|vU^KpSWn_FQM!%J0
zgtKz@5^5rN<x#02)0U=&*hl{asqi}vjLh1Ak-42^5Z`q%$fNb2$yWgt*5Dk>a>aqR
z*?1Wk3&svb=!M&PH5<xC?0rH`Px6S^mpD$%!>7OM;MO0~^XaNO-0yRieBc$FZ!*Zh
zTxK*#27MxezQd%#T$>Vt`eKd9+<O{tX>;K^V_x9U8kqAO!u(;7PkRRAwjmJq>u}wH
z`&F?MGJ0mE%lkf?HpqHV?(gE1@mAT%nu>2YSoZULf;#oX`$IP69k3RAExHa~DeoP=
zyhYk*I8IUaBQ$3ntU)W78cGJMkTN5)CSkM?cWW6nP_8?^`DU&hY&)aNCkmPjUzxdE
zkuRf<P$EVh77KTzpGXvaPq;FgO6zhWaR@#f%hul~C|5y2pP+Yg=!8r`E3vz3xSXZz
z+nMVn8I;5rG&PhA77r7yf^vP}TX5**Lj?W)q@bjR4%PHJz>c#-5BLm>4qz?G=tgM8
zXcn|$<kc2b?K(k^v=KD@CPCNZ1coIldxC1^Wdy6I{UB^<v(I28u&1?5PS?YDSHfO#
zkLZhA8{CIN39~PH2(tX*gc(OZnHMn_ZTkjy&n;(e@-i}e0F2C@5u=)Oc=hhnb<YU;
z9kqKtX8S~N*{|GVlfgTGa-U2F*SOx93|gS2jaF!*se-EGt_E}6cQY3uV{Hu=vHL2f
z-$(Qnln7P99x{g(_(4+1xIpr)hcU?M%|mM$<k6EYaNEI_t>har8e8v|&}sMJMF@oA
z|LyR`pha?%GG{9+x{y=G9(*pT=dfkMaT$(PGfxwC#y$EC7LMoSIan{`w%ja5)2<SG
zU`l==LVap|3(q}1wQ0pDV%wbk7nzB3j(|U+ESn65MFc(e2if$J!IyP~+lBTuc_f1;
zFmo~*tP(9&N$7s~u^j5d+ho)bHiuEIrGkzYm(cbl1dTZ=sZ7Mo#1a?53NY$&r*N;q
zr)F*o<^@KtJuRW%c@kRU8bJrJYBTY;<h9Z3l7WZYR0VB`j$j}elrwZQ(ko^|+kQX}
zO~#DKT#=1}mVUt~Lq}fD+C2`B(ex7ZY|I*rVkjk}DH!pLie4w&wAF$x)_4Px5^pf(
z8I~A!ji7ug`&C=vx@x>aE?&+)d1l}BN&2`?V=+>=ztq6}67ynSh8<fzkWZamzsmeK
z{VI1^k65DoBJrP%^(kjlG4{py5k4InFXLk{W+C=p9&+<hgnFa5SAs-@mfpqQO@vkh
zRR!nKvo0RK2?45MIde8<zVO94;I-l-ZN%##>@B^Acvn~rMjsJh{_Vb8<G!x=a5Dt6
z5dTh%(b;Igo=iO;{GJkQB3q01Fjp`tRa&@w&PL#tD88iO(Azh#-N1`p%dzsZ>D7dF
zYzE}f12|vh+%AWAW4uF;!Zr#mLj!n+Y@24LiHElY_KM4P1mmrxP45oe_HS)b7e%t`
zk_?`DEQQ)3G#RAAi)7UQW^(9FSYXz`l>8<e@1IIYyW#Z}SL0l3osddSKd0=CxTR+G
z3$3HP{)2ZuQA1{gVm|`oyqlH17Z$j;MRz^K{)<mb)jrGnLvbpHvCkfSXk$Yw+BnJe
z7ol%pvyE+!&`&`9kaC2!AUEC@sDk|sM%nd+Td$$-IfS?6q18aEm9!xCRop7yr{1fj
zhne@YhuL^x>xUALW7ajfVO~8$HW{q!AbsdXMXhz-Iypi5-!4TTDVnXQ*i{lQswe~g
z8u!kIk4k7lQ6)tU=5we|MbU1fY&oRe@R|!aQ-7Ym_!PEaoc^kbU(>RoXPfEF2^)`q
zu=Qo%0w=sWb4riE>BxsN4?d&F^pb~c9x`h2aw#mA$(NC_Vd0p@iUso#kE8z!t>W|$
zd>XcxZw|$s3*?3q%BQ&(Cxg2_klMXx3Fn&(_F&HAx-X#CV!B$3J`+Wvo3k6q;5^t}
zmY9(cbj+df7nfmkb;UPDJ;C2yo8$W#XN!};wuQX<Oa@yVf<1*rVmtIZ>?FV0HOj5-
ze0m1!P;)agLMsl6=TQ){+;^9wk24DQsz#ng_N$q!J$?@Zt3_kEA~YFea1>B7$b#3*
zrM&xHK^HX@w5y3AGp};IxgQBC)LGC~>M^E#FE!o(J}XP)hgZPpMdg0DT0(DcB<Ms#
zK?78S8#LahDH2)~UJ$4EfrdV+sccj9gQDel9hD`XP>Fh*Mbm6;{bB2v<MpbMz>04x
ze!Ic;=g|md%YPSo4x=5ecC+of3sVs<5q#Q)bMxsujK+!9(lm9cWYbT$G5s{+`E)Ax
z%qbkco`8Ow$K$VadY(#zviR~8GbhJ;-tDVkht%!RV-4YYu}Aq_?fO*LrJS>rOE7-T
zh>F{twh_=d{1uE$%2kV7(6>F&%vShn8a|wvHL|HiaeUuw(Wl@H3eO1QRQL$qX|wfr
z&mP&)><u*Ea#hf?U$@A-vuJAEqt7~~SS~E3PiD=;`I@o7^X0kP!>2s%MckY^%gF_|
z)*Ck8h3AR)B`N##_Ik-<_9zZb1jYk0t2Qpt3jB*-+I!a`k>&RNz;eAXrumhxQ(Jod
zzX%OA4O@XZwsmLL!P!db(QdW24`L6V`^E<N)Fu_2wm6ijd)(OPa&`l+?y5f|-$$`W
zVOon{K4fIpoQ%v%t&GyrQ)rWoXLgyGGp}TPZn@YO953gYx_J?eccN##=+O?u^T?dS
zGuLu9qd3+7P0l}>=xLR?<8OB9e7Y7ZAk&A?U#j9Q>*o!U*Ew)byiU%0?j1#B-f_k_
za`EtzCw9iZx17AAiP;o4)XX{={sy$?S~K5JR<XI6e#-h8&)4MU*<G+T77=bSjI$aT
z&ysH^7+IrV>mV;$!1Ud0x&r?<q1lulvo51|z7(#{4nY+P@H?*fO({iH9fGftkNash
zeF(&<d<y^6pky$lfP_8*#G$V}AnE;$y%FXvsvu}Yb3v7}1W{2zd8<e&#ZZ4NduL$@
zt$?$9=2FWF+M%IM6cy5Vp2j<XJsFmLy0)ObD)FeIES0@jW&cpwmsEDGN_?v51x3Fq
zT8aHD&Uc}ft(AtB)Z8xA+-7L#l^S}fh7Q)y&e);ily|xIz-=$gV9YgD)K$?~MLSbP
z_7FxHOXNjwXH@hZ32oR%LR$=x&@I?M<#^4oBgZJIp~F<?)vD=6^iGcV@B&WHr!RN0
ztWSmEmF|Adj3~J~1IrHy<2_`kACW<$VFh>$&cN*alO2uYa|uexFDaM0fKO0;dLJYH
zpp7>V>p^p)0>5~630|rP$7_3IK{6<@%A;X6x8JtI=e3;Ku`v=E^uQvvDj8G@`%-_{
zP;(}7(xO@qu=UBH*Gr|)OST*)l<mf!SV2bTnN;3_y*FbzgAO2%^DS5RC9!L3`e3%Q
zvST}oU3&|s9{CZ^r<KTqwKqPs(H_5?3SDMEKdf_0;QcEge9JQlZw=X$jSpw^O9p%4
zQ?p-E6>}(~3`IMgH<Aq6!De&lk4S}4g|CF`-&MGA&KtpRHn~*d^a$obe*Zb##g^A#
z;s2>W^o;sQot5jS9@MaEoJWQ|%Q6~d*q!_mTvymPD{axhGAWd4(H_`#uE|T$v$?;>
zj$tyG|F>xW0BW4mGdr5x<}$lvSo_Re=c9b)nn7XxtvxBJH2q7^J*aiAq2@Kj@4U$q
z?juEuF)whuq{eGGic`tiv(3qciHG0Z#eWr1HrzrwL2gu>93;J@G<Gyu(;Y~qimiiH
z$c^hDcmcbER#x_blff+bT&zL#bJ4yE_5}==LEaSX*4k7WVa&XP{uiNv-%6+%3mp1f
zN6B~lHkoVdxc2brE1cmP55T7%>k7(pZRFFeY3v{PG)m)1?ZS_pEwk0<`-y5nmu$Ke
zb0ecVie73UocE-l0Je$amAXw(=goqK!x!byWh%R6xNzOk9wrpu`WBHkdH{Ba>uQ{?
z$_FXBrM=YTcf%y!3Pls#DOoZYq331aVz=9jL67!eY#HQJ?kDhDA;{OKGFW->2sI}w
zobMr=q%)e{i%|yM2fNk~5*hRu+T2)C*rEPnn^qtm`#ya?7W-EslT-G!7bk*;v3J8>
z!LNP_HMRBpB3jxYpBAhUTfFZB9!FU57G%rn(TUF)C4(Zm2K#?wOU|?)c(Hsk_e7s6
zyMB)o`1*X7fZGbUFv71p!m{#;R8IPHzFuwiZn!pPqSkp%c^M;~QE#l2xD^CNw1y&f
zr`L=v{F0-y_YsmgAVOv=yn(up(8V#2u0^dyXbMj87?o<8;zH|U#xb`Ya7qE2ZFGrH
zFGVs#<jnV`QarYho2EC*%_KSFnK8}!olUE}Wki>{iV_hnZ-h3)WM(q{J<p+qYkJhm
zw*KchaW{RE>)-~9{%`6a)LCX&u1Pb)=B(W?H#>8lR)1lwnYuUgKG!{?G_<s_Quysm
zj1OZIBP5oP_s31G!RL4LIZj|)TY4n5hWjS2)=)dH?s2+yTy_jiIsPx}CCnrDEpo3w
z`U~EkaQ!8l<~py+r`7I`&Dnf`h@KEd?26fV8CZQ{q_EHRx3dh{RN!av*A6)EE1UXY
zym7pn6g`RabLOfn7XPo?K8e>}QDw9T#~Zs#(DE)K+Zy%Ep_??lp_n0<i=cKHEyoTi
zqX0e<qfQ!c`+muH1AGt;&4m>+qjIq0jEX4QaFN98He1m0+7d5`y%Clu-$g>-cude}
zmxpir0sC+}F_RdZ!+nEqZESK}w*A(Z)2lj5G#&GbAoJBPhaR3Gs4(`bnClNq!^nI;
z&8Ut_T&&*uUGPCTv~59=-32d=xm>vI#psSn5?VvsXa_7hhpvG4!02!6nKRn0=;l?z
zJ^YHGJHL~BeayrxF;(k%HT)swu6tcVH+zEK(s*+;-f-n+P88Wrg9SCj_%-R_J+cz`
zEk&Sg`msm~-Hb7vO{*1cR8#=A-GuriZ3KS<K4E8YxDf@PhTH8j%)gAp^S~>h*hk_$
z9@&M!>DAZx4J2zV%-iaBAQimN`jB`i)3g-^X(=ZwTBoHv{<ze^%g};rsH4`<dD^Pe
zbk%0=p>VwPr$nNkuI?relU6M^LE`NhCg{wy6;|pxy5DpNYaz6LcUxDNKm$g7Q6ioZ
zmm;*c4Xuj)Vs<8cIv;J$tE`{VOITt&dWoqu+!;e#8ZMi5P7z%`fH%kGn4)80HTKMz
zTLgcDk-u0_dHA-5^XX=s3ih)an6oin?Yw>subJQ#VC^^1=C=4(si7Y<y$ITpQ_h7|
z5u-WpGin_?oyGoI>)=VZ!e|{#a9p@g9iiH=D#MURgyweTHCTkqFNT=;1Hbb09;fHi
z_s_A9luZj%mk#+P-{t8NFTgG~mu>3_-1bMx$>1nvA@=Y-aeim00q?_^UqFr1Hq6te
zo)bY!oY*mH9B0`~`xXfA<iCHIy#k!sV8@0v{RtkPL2ZIh^0OD&COD*M2||qqZGu$}
z`4rap*FVdths@pB--W0D5VXRt*o@?!$iL&nxs81d8rc3Kvl_m>Kn;zz5*|F{EX+r~
z`d9d6L#@d$W$^%T-!Uq^t{rllX;U_%oAWTggTVQIjq$;Lo#cD&Jv?mT+#|gt9B&V|
zm3AB5Oi;bP60fq3%NsS`9U5;w%Eo=|FCEE^Rie}#5*qGl^+Bt$MB@u3w{42<Q1rW^
z`xNEX9`>Yi6_m?X?gK@m6{Tssq;mTdrT!sWHHS~g`n`hD$SCD8u|C`288K(RMqp&V
zP+(-fT5y~q^GySDecl#izJg%Rd<9_;)@0DY*r9AXTfQqb-*cxDz*2L1vK#8#l;5#^
zNG$)q>m^}pbuS>ARxBiFgK`%rSFe<WepOIV4duoum#(reC~BthhACH9Q(mO9l{8*L
zLpvyUgUS}w(AA3iXuMQK4OL>2qT5wsfTCHd!E%lFk%m@LZk@(Ersydb54##?*_$)B
zo+r&SmSM&it~H;k!H%2NNt8N03*Q}~QCuJ9y)S%gi4!7TQHgEB-ELiZrOcL<msvxY
zZz+7e6YZ0^F>UsT_%^ArApARLjLdI~u~jkmBX~v(e|^$$#;3;KA!bgq3iPQ9JU5n&
z&A~f-&@`gov0!C`Tg5zwnqRtNS;KK2k#~unu_a%L^j-uiNHflt9lj|CWzGvF+O!q@
zD%Rq;5qFwjz_}b`@$&paqJ=iSTd~{7d6-*kCSSasgjO)~M;1N2ReI-F>Sc6M^pc{L
zin0~;Xf9*_uX$o4PU=4J_75fHRn;ZlW|e(ZQ42)_6n#5G({m^pe48mg*Ui{<F=ILz
z+=QKXQ;uvZqPC>OO3Al^a+fK0Qc*5Nx479ko5q!7S=^YpU(PVjv`xvNBKBH1Uvo2<
zEmw~kg3PUA=6=>Wpi~9n9&0YBPL`koMHwZ7MQx-+<~tis<z2KTqt>qrx=2w8ob+?(
zg$^Zyj-4cx#p+#8S6?(<Kx+5U-O@5YM1(63Z-mopg*%^&25Ksg<GVKIF4H!u)<?Jk
zI&0L*EvYo|1pVR0bT)N#8sN@^Cwox$#U$R#B^lu!sD_qsYp`spdZol`2~Uu9nXCP;
zj-n+uOK3Zdcciy)=blpzx)LRWmoQ$qrFUyRx5g;re0ymtlvVVjYprB(FZ@%M-5-d=
z7I={?TS3=lJ>fqySL0SecVpktaLJ(ht)jss9jjG4ODc1E3L3FTTC1_n*n?b6X4C!J
z$5TF*JoexY3+KB*Tjn!om9fg2D4{<b6m<M9$*nr>3bE`woQyKst|$wuEar~kMgXJF
zbOjkx*{GrhZl1=kh3m?{wQ{M-JyA~5ds}sWM|J*Ob>8PRO$Po#X@v%857y-ow@OF`
z)rxWLVjolcT94WiucM--ipndxQqg4&;auZ4$!&XeX^%CE+N(vXqv$5JLk%3l7he-)
zhL95z-sLniSk7HZvFM(9>-e=Gw^G6>7kpc@X3D0Tj>D@K*ePdjn+x@IPu0({r+P2e
zI6PbZ4vWs{URXy)`3ei#Qc6&{8)RozRu2CUd+!-vRrU4z&eiq~(h;OXLhqf>LJ>i!
zQlxj34oYuINu(En5E6=1K?S8mKtKVhMnn))x`>S`_@{`9)cYHA%sJPRc%I|A=Q;Pq
zy*DrT48Cj3F?%mN7#8}SZ|a3CvGpvE*8e$Fxs+bCSgG`)#N0`olDMsneL7yLyoPp&
z`*Ypz;}?W*){2?#2XPAw>z&LtX46vlD3*dNfwwmyWU}WhK1}zfG0G213>l%>k7zNe
z54A*f_4S`d57A=U2RirX8OiTW-^b{IOQJt|-Tbj;U5)e&W;U$nuM7NW`joN8@+-(+
z(u)!c&`Q;n=K%cOO<LvT74UJj^=h}yqbSk8i5^>=eO^oc%uAo*;&V4NT8a{peR$p-
zC62zP#~?-34DE&3D*H`)wL#aTu-Q9)`J#@|0@I>j$*J|WwAWI_s#@BsRuQAb8nntg
z<d|l8R@@GgQnsgUk-}1hExv%%CiXdu+;~3SZjjzPc>z|KH9w)H{73cf*I2Zy^cA-j
zu%_BXrr-0JVerl^ov7fLf0K?wg_?rZC@KedSrzjr9$$ThI>UQjewq9PM`3zOd)J<^
z)yl~l+zRFKWUN_(A7f^?dza!=t&EXgla3On5qc{3j?lU4m_2Jp__<1>W)6J`oHacz
zt<ZWluh`IfHcNGtzroP^VeWy_&9mq<!*xh!snoza8b*B-%V@FJv|MM*jBlD@BTY}7
z*GTP@6r6AA^EA<-Ax2eP+OOfHCrbm(Xenn!U2=ZSs-=5Hwe+5mwwby3Zo|Gb?0N<5
zVvw=&TpP_wHP%v&KXh2)O<n!Q#BGtOq4kY4&BU^|8D;!uptjQ4Sh;G_s+Vz_*+^xL
zm1f4u31elXv9id7CDyntX{3I}N=IYmCu1d@8s%c`znG5iM3c^COgh_YREpo(!+H*t
zSiHN1^*`Fn!j8#poQakt%%6$q{)q46Q2mG&L(}Rs7?4RzKbyK=4{ZtObSWd*M(SWB
z>`N=XM%aC27nNf*TRcHaF&O#s*Lh7fn;NOv$`3U=h*K7<_kIuEV^6)M**%nd9=ZK7
zQL|mIX)D)FI$tp*w(M~Ib(zs?H&U~)MtZ@d{Y-yV$dtMrChg<QjG!j^Rc^UTeydxq
z8W>$OJ62aq`;Y6^>?4dA`RfWJtx;06IMQ6FUwyLz)O)&)Wq$MloG$sAX=#obJ2w4G
zv)@hmOEP6G3g-^l?TY0(=Gl*FX%b2Ue?2i)TZx#brHr$+)DLF@S+6=yBCynRnf`kD
zytWdFk&Lp3n6q@j%pn#%&|lM<9;b?l+fyjT?4rS3Egg<w2`irodS&~}d|S1It00|`
zrM)~x58QhDU(;ZY%`5?Kzn6Nna(rG&dgU0W9neEiUx71ODn>YMtwy={l~j~=Ds@pJ
z;#FQp$1ejVaY@7)DEb9nZ~qMvx6hR@(x=_cXfZ!d$72ju7dUR;e5cc;yZJg5y&r!a
zUqDOYQ(7u#^fqnOY_MV5PipqMVO@;d=M9VBtM#fHHpZ~G4V$JyiZ{+p>W<2;Q}Qc}
zq&ZCopw@D_v|Oo2D7BFLoErW}W<e8uT0MP#Tb+J-g#MgQu^z#UfX`Iwp3V|K4ztBi
z?^22<zz^=lzsDGpTdr-(bv$<dq*HQ|DU&}xr_;F^tZ<t4nyICVL$$Q_SuK5sUYGUm
zo?**vVha@D+8rE={(!wZ8l&Ts1=_GH$X`nwdkZg*NJ+e5$#R9?hMB=qwCIBQ0$UzX
zU57N@j1!0N)A7h>+8hsSLF{5gl6EoE)W&XRzTd)>16uQ77jy@jC0Zq6=?#=@mX?@4
z>U+~hyklC-7Dno8^!_wG;t=ySuaPDgy?2bgndWO1Bh|tR8i(Ky%;{M2*KIp=W)>WI
zq(0LdEw<Y_M#5OmxLezcF(ZZaM!I0aH_FWEa+t4IT5Gpc%*xn%9X0#axc$VqEoj`{
zHg4w_x0{UHKaJZ1#%(#{)-uwY#_cD@?K?MgEU%gI!Ouo&i8D5wemhLtKK3&m<_ME6
z&)3jw3g&|<#Z8|)2jc@~RdD~8rOrmrE1_8tBW*3DU9>e}?qWtL_sj_8ZPQEk%cfnd
zHznIOdo1souRTl;Tf~I9y*ZJb$%MIo2OX-qCd{9iP%SaiJ4UK+LVC%BuZ{7ykqLdg
z3G*To(qDV(T$pWKG*Kaq64Mu3;<oHR{8v0^f0}2XbJSeT5(~O=9}wKJqp#fR>92Uv
z2D4~xRYu?|&1ZbKcm+ny4DtK#=;L{;mzqTxJ^VhM(&ITcxri3GO-i0M>s;l`I@gHZ
zI=(eu)Y5RZ&V{+Xs=ra<odde%zlO7tRB~_^0E}n;2X5-GkFegvJ;V~Ur@RL5Vjc4@
znQGNci%v6t*2{m}5)b9ql8~HrWH}F7!U!pKL2H{{N)6BgXMq$gqEd7TJDX95`Q{ug
z-7xh?pr7F~USqxfy2-4E{b;1>W@YT*6WYbub=pNi<2J34R_EprM2YoNQqLu4nYm=t
z7naB_Lx0f3gL0Z<q{{(L)nPT1$`Ee(;cFi0!tX;LsooF1rRPvZi5!@XaoR^`(5yjb
z&2%XVmWW*V$|+vPNaP|)`quT3w(`CS!R><D#dhrQ7J(k#Z1tF7tp(DzvcyiYxK`i}
zn~~_$0sFRSzfP+os=P#tGnaG@_E@N;(0nc3O48CijF3489~jpAHO(#=*37W^gZ0-+
zMk;T5-CxX{vz=ktOdFBexOmolJzG@Uvy9$dGhcm8%~#vRZo@2}XD8Fb+QqA;58Z5f
z$=4g|5>~O2*2`~P6f`WOVP6>+^@nH|O-E_z#c^87HeE}1Ogvnp7isiL87q~{*M{cn
zS>yJynIA1Rqt^$juc&Bl;ovtSaRY$PT2&N!)u5of14ARXg2F$&O}`4kj9!yuiQZjh
z$-gC}=d0KgZp3L--uPDD_*PzYLOe>MOqLft5D%8JD27)eEAbpGcw<S2h2M}Qe}lg)
zY%AX^@rg=t+=<JiYX!CPyxv4BKs?g-SLA5dl1n?CvM48OR2R%<D@!RW#)<s3F6sjL
zi<7*Os6p~;2rXf4De0Z>;28|xk2$q?1d2D4Ov}29W+Kw9-d~Lp<)+zkH2`hNM19IO
z#z^`MMsRGa{lIIX%8%gLOYMhc_HYqH<%ebb!0x8<1AT&8m*U-Aig~nHGhUbbRi<TK
zhq)Ek?oY;PX$e-<n9aw$f~5nP$+7gpWG>@)b$m7MX33b-{XEVYdJ*z@$yOA{9egP@
zHL14UNS)u%XR!;_)@horJFg+*mpb8=S7zsA=Cis{;vr^Pbb`1|?ANpP%)ebJE&Z%m
za6L9(qMo}viqvJp-#4hK{Ad%q|At-{Xna#kAH1ri)kdQC+;}zAU;WiLccVn>k$6i$
z#`mt8r$otfv>cB_^zmF`JEKMFEcJ8_;v9UO_HEk+Ep0)b@oEL#MExK8oBn%Up4X!P
zB|mVU6}|3@@FQBR*kDNszapagX_O)KwY>K4@BYiP#H*+_`m;d&wjAD_z}%i(;LXq>
zdJd+~)#EnHJNhkF{{>ch*OW(O`dw4JFoHQ#Z-gr7$0^Jf2T0cZOMN%;zYf6`_%>L&
z`0wzI?(yj|eg}IPT*e<^w8T=GY+9;>(#h=q{tk4s*oOMSR_Hw_mTDR4;YQ7#Z>Rlz
zGMAQiB(oGuzdOTqeiXs(E1e$0==BXQ_qa`Iz81z;dhhk0&Upmi!=qMogiKw3biI3o
z_G4UEy~|Tir5aw(GhfHzE4hs_WhhEqQn?i+%2d*2=)cZi?E)|T8W)}^Iey$unv&DZ
zl$^8Yg?LSdUY|a}+ajBFYS1kRE|bqh@`}GDMqoS?D_!`Z8iW?^@fRWWTaMUC!n|UV
zjAd4=P)&c#Exq<TTe6O$wQv5rk`dVJptd-egY@>|Jn6#M)4t*Nd%i~Pmg~y&A{xzm
zaDNRe$F#zX7hX_a7D~5zFNS9<Tvz>_z459XM2W;H-0ouK=u<9h7#(Bgz^!*CGmd?#
zq-NRbbGgU4dXyp7(`gkY^jnj7ArWgHG>^jjIcO(&Bu)LoQiRWEme3(}1f6Okdl)7B
z7daCpMh~&oxk%bwqB4%(BhAdMUU_k{kd}@_YpG=omVzbm@4KLU&ho$71;uY!q15rd
z)n`hw#Q&%y@|(tkO-bx&Bpu&ip3{4l^gbp|x(?HI>)-9F^38jib>J6{*6A9*2EF)t
znUXqZFtR}l!lk4rO36xDN~m^o4On#^uK-B)KX<WC>iI6{1qN=%8)DqFQGOkda<xrL
zZB)6B5(CEAVkcOXXoUE(G}$nJyw;#EMz2zj-m&2^!-p7od?p#aFUoG?pvPZV-_oNw
zDiM#5>z>9QAD^hLea;exq?LB7^z2Tr5a4$>_Ulqo$eh7_SWTDWx|lt2DW)AAmWm?;
ze0y{TdRUryMT=59bemn%NNu3UZF_4=OLdL352GOd`o{__ty`q63`1??uN5(lW$B7p
zZ#tPnGYfmn{B@<Lr2@ZdD^1K!;hu5&>vA)$TV%#{Uzl;-bC^A`y^m(;Fwc+FZmU$(
zY=Q|@8#5C0^U^=fJmIoV-4<ElR_21Q=SwN3%{gS+96ty1Ae}k)v)0mMxH)JKIM3fT
z<H?I?%}z)^ZgtkTe)V}mtZk@V#m%N(JlnD4uU%7n)h2e`TY9AR1kU91nCq}%ISkuw
zSPSG9>)pqW4of4=*N+UlZdi3=Wual0jo!D06)}2`mT1dWmTIY>k)ATrhQ<18v)8pW
z2D5Sw)wjlv<101WVO-2G{vK9(cwKTC&)V?T5O!*)eQpyQjdW&v@3hxaU2}%uG}eas
z>sjOiOMC0-k@;rqVK7_2Re!yLmW$b*^;+8eh5kAYZ6|;2Zrny((yZHGT8hJp2<sJ_
zpsfrxUuRs@dQ(t}S#RGl&2nbfEIdO?15fC$6|ncoF1kFarQRs_#BeJQr>=NL_4zD5
zS062Eb!E5FXqQ=v63sFD<e8>F`VY0&J7<F&ed^#ZQ;Mw#x~2IJdC6@~?<rbZgBUS;
z(MZpZ)^)41n&Dc;UrT6zEusCz%@yS@)&rHl_*GoxFLGb`ixyt_YYFWyW)jL@yj86H
zwS@LJO3(|%-^w~jCFchzWlPdCxe}`WTJn4`rC;!!z?R6Fofzk|iM@vvNR|pGYUz^(
zT6*RgEj5{~r3#8giw>}I0scmdw7*+QDhn&jQecIp)^NenOR&Pyhw3X{#6|zXD-*u-
z`g3RrVc8O|Bb|9p=l36{F*oI$KD(6l{CW33OaGKs<Qs(rw`NRhmKODh&!&8oTbGxN
zXixbB&MT031!I+AWQAMD?zOe#uk_MaKI2bcS)#8j=~g*fwA`(GgYSOQQZ=)tf3T5e
z!zya2fmy4MDW+L>jKjE3srHnXh8otyu<XXSShHvIm60l&uS*TPuB70))IaT84SkaR
zZ4-OHyspW4=jeLA%(SuTu;#`!ehJpxSc+MrrBcR4eZ!g>Y1C@gixxF=>(}@0_vf|=
zzc+h>{l#e!jL66`-i!N6&vlzu)$AfxxA<!`R{VdFWvwDwDZ1N-Jx$eK;l3HhqOYT-
z;ALa9NGx5tuBG1S>6mrFsRMoqa9Ss!SWB$`F{4+_hP^{p%440MrTeeqg&oP7ns_wq
z&#z9R-S|$2c@{!IA#D-6c{azqMQnc~#TqHmNPUbn)<|=eg!kN|bj;_CWqX!rWTcfw
z>SUy4d9~iNy>&VlMm#wE7MZVOOp2e!3J`zYYx=i&hP`E6(60~Ct;SZduPtOhTEz}F
z(o@J4veGIxjge|%&74^|BUM!81#Q7WoofHKMC?GmaY+Bqm5pSa0q0Uup^Yvj+fYuq
zY;1+Zzc$y}l$Uh#bc)|ZsbjsKzv_I;l~zkvTk6nXMb6Od3A1ICc8-xQIoO4JLA%&)
z>cVD|zk`f)Mb%oYG@6oF1}7jW1gLL+aCvq_DbyMAqoOrGUWn_+or>0`1k9MF6x~9I
zzoZmyFT_JB)oiL+OilFa>&eA3PlyO9Z5%B`dMWK5qovQf3Xw&!-rcp-vziduB|F<$
zh&)pIHbT3&)=leG>7speUquTq_1+(*!_w5nyReeoZ-#YrDRqg`q3TstTX}7~mgXZ=
z9Ohj^beJ!U(rNHRtp55W;#N-DTaAGUy_Z(esy$PGZTx~xt0nN4(=Rk!hbqE^pbU0G
zDoZPc&^oe}xihqtUQY;7U4E@GSBE9Ktq`>(TbM?Nc?|jmPCqzM@x6;Y<CqUDjNKdQ
z;(2`KJSx>v=ismKjs2*P{N)f-K^}1$Y(omMi=U7){B_=Ros!}uogdYQ>JSV<s2WP&
zo<v%4Dd~$m;xtG>x^PHuR?=Uq7tp@#t&BBp>2?l$<J|fHC5+uB!3w)w0xMja$|EJY
z{9T3>j_*d~CCBK+7j@`=wzaenesJ7wA??|ZZb%rm{5nbwm(H(RY0H^mnM2SG>B4DH
z03l$1-$2f=ziHZOKicKeUq3Xg7itBk<oV{h<YYrE+49E-ABUhj@`I(q&|~R??Aq;~
zH*^T%j32X*&Rh}?jMHga3zpfpDu^3P8I9#?NEdeT8`@Kj(FoKOPL~ZRL@&r(_{zfD
zy)0GK=`tH7f^)Sg>NJP%o5ni6ub>REZ`Dzc*m4GhfOB;dYBGPVnxI(>>N&F=NFla-
z2)W92|8R^BmD5D~HXT+t?bAf+8ebBr!TB~Fsm85EW`uw(pG17QOume~WOl){Qg5c!
zZm(km#b4hw_2W8nnp>6ck<*-8r;tJ%f-{bGkqf1c<9ih~fURsr&TyL6L1||fN6|`k
zmT9^L_PAa~BJDZm<KQp5y@t}xY&z14**TOZw$c`5m(#v9e0x#aTY<dfd@E>5$t<KU
z=X4}u$yU~&6=k*z{&EdCnP1!6SyG7J(%u2&FNgjLa+Upk&|XVD(XMfd4>GOZQG}k;
z;289{m1=|dvX$#-hd6xKgm&8(>B8}-fV|}JbwaDczWoJz9MUVsk0Zr(_!f23`LPgR
z2goo#RZzRliaZ)DSwqB}t+Yq&=J5T3++yFZpp<Y3rj6Di9g1`wA>FzrFVmwP;(C7m
zHSI@F<nL=zuPxG)?VWF<^Q{olkNxcmw=C_Pu0!xW;>-SK9;#C#1!>B9If`g|G4LZ+
z`Vohib4sQws_VyX)JFFA4E$heJ3_$y^t9(S+lzQil2-N!9fB=6bvxM|b%xzGLCIlh
zrjcGk__#J!L+CkO(!}X7C!t1hs9r~&bG{Ynpsg%3Em9b1&w3S+zwF1b7c|R*62@O!
zB4?({kmhKu^`1iha*W1S(SD>wo#s}h94xcF2&4w5-wQ|~X5S)LXG?p#P@}llcmpx#
zkX}TLSaM9w+do6Q&74C^u_k|Kqut=txQE)qZp$I&?Avo)bt$QduyB}%G|{ze3feWU
zGY!Gm#WU!SIDD-U0{&VPWtYq8Zlnv>nbimjv#BPh52D6%2*#t9vAvEcS6rtD!7{tp
ziu~o4YZr2hLv;fo<zDh8@`zI{%UEsYn8~dpNO87Y+SKGbD2ZHlKkBY)-d6}8w;La#
zys(RX-E^+DM+$MM&fzQP^o~(ls%ldFA##ST3_|$Wk9#Aqk0W#NZbj_MNa^wromP)5
zZDl4bbLrfJmWKUUXsmQk(DiZz>LsW1dyREShoFt%6pDZzTge8u9FO-+{`Q!w(=@|q
z?Z@Y6i<in!y@RykHamS=ozDGD3Co52V1Ki~3QHc!B)JH#*i;>d-%?veD>my(2qnF+
zKufROW62R+TJuQX5xp_DqR=~{pJ7{L^;f#-O<%FUH5L062&pAn=f^GuB)npNM!&Uj
zy(Ygsi*w=FO`}sU!B8DQZCnQzxa*5NVySl{Ep0-KnEm;#md2n3VOAThGD}5sX$gn)
z6l;T6($}DGU!#rPD193?QcI18YiXfkK^ME=?^fwzZY3?XoUf(725Bjwx|Vi4uO$jI
zyB&@&vy^p_mfE8BFnbzlz*3urS}Km#j9LAqT3Tm9FyBZNbJp8hO-r2-b7tGns<2eb
z_}g)?X3J5=`D^VsEggDaOSKnjsjLZ0HRO!4oK;IF(5EoVxmrt&ObXRU-RG|_p^adv
zjItL@XUc^gGM)3x))M6wv#7;dqI_eP8zqUQ5o@$`4HlRUG%iLN7k{G0^H<7gmYN!=
z20}_K7^?b7LhO;DqLzZC^oH$9)a)xGT{qHtBc;!v^_Cd6dAVlIjJ+D>>kISr*H?`6
zsgZs%QfuR4h>?Vm@)~Knaq+H^HmB2m%rSazpcHc~g$Y&uR+{BCtb~z<Ann=3&&En+
z^);B1324nyWJ=yBs-@>pnwY)UPD>fk7Bfr9swH}xfEm3_z!JSpz*4i;TFUBZsT1lE
ze;tA{&QdSr0!x=o2nw1Igp9vajK52b-dbaCt6`rScCmuC+}pUFXF@f{=q*~Q_2N()
zDJ;Phnu8MYg-oG=Mw(=#-bNZ@q-TxP&PWxM6eXTKfR=d;waV+TdQK}lj$Efc3O^j7
z?^QbToj_W#cH}#OEa}r|K^L0g99{vv&prq%N_>-Agte6MbKUY^J;i;6E51L??~1!3
z&rjTIxMDr_L*ub}>55m6;J2$FMTt}RO1}Z>h?(tdF%|8JBUZkOeO)P)n1xr&<kz;P
zZJb7+ue-M4y?Ys>VlJ<YIid~r66n;pBhu#M9>)=j^J*#m6b>JLP4x|(E?MSkY5vo^
z3g(DSO|>-fwh(irZ?SXmE1yzY552`wx{H0a6;f*RBz}<%683R$>Yn??;oot5@#`;G
zha(mx?xp9K|D(hR?7Q&!_LE4VGcq14&tg|c+8czJ|0JdVo|yly$9H!YjuC#1+r%;x
zLcc@iLW%qcDWoVtq2DEAPG>%8bcp@hV|pcZcR`Lha&I`h#ji6o)3=zO%*R&n6?c;O
zW>cAkT5^zYoI-D4^bmtm93^&)#vAyuywt#ID4+Ov*PLCgQXA)NQ0{Tl>>s{H4YXwm
z!?}!$x}27OR^Kvc*+%El?d|xzW5noxrnf8wCuU?C+^)uX{$IPmN+{B*m`tl<*h|gD
zsa7F4GU8wR+PqAN?`3;XbAgtYU`$P{koX2=BPaYVB-Z1E21zYq%ZIqEwTRu7UQ4wM
zJ7ic(!%iF4)v$|(4KVCC!$un>GH5?08<yR$1j7m$_D|s}lSf<GRZvU+6y_R6?~u{^
zr+73ldOsMwe~MdcqxY-P`=|K6X!PzHy?;uBfkrP}NXO%!(q)U$t8VoEDXsPyz2}VH
zzfHfq(K-YR(MwXB(;{~7^I9t0N=yGXol6*d?-+YWjJ*oR-oMR{D#qR>WACi7SKHY8
zxA|7j*xPOFT`~5W7<>OVe_I%PhmF05#$J14@86b#F2>#&V=t{*zi$!S%h>z3<)y!|
zcgfhxVeAbx_Wo_T8fEO=Huee|d$GzM|El=;_1KY+zt!{qOG5mwqyb)pdqVeW`W=6M
zsg?S-7O^E~;S}pTB;{G8rRa4mp?_+RUJb3hCAQ#%2KRZyt{^|6#EmB~E|FtB3p<6}
zhqh?0#~{Do6w+;!Sl5?#hl9UTK5DEb{v)j{G}2o}+SJ7szu~JT=ohx`Na=I+6~AI=
zq!q@+IrMK2q&;#`86!))t!chqH<EV2zh}cY`sfro^}3emc1H+%14;C|8T{2B(dw^J
za%35XUX&QW7e7M!9!d4Tz-UuSTPN@hqbQNiNZw8Uh4U!k7^%e{{0rg*#YF7yr-QwM
z!gouf*UZw7ddBh=V=t|d?qMIciS*YtmgnBrA-G)=_dVqJMcd;v<zJ9|4_4^p1x7(C
zg)A}6NPb$;FKY8|FK_9_<p4JYTJWf)MeMb5TIyI{OQ+QiZ<Lsd@bSy4Kc?{52fwvr
zMyh?)NYxcRR&p6~&2Kuof__!EiY#IJ*JB-#A2(0wmm&EVTj`h9qU6|*#(zAs;gQTN
z#QZ6leiU<c5^$_8o%)4h&P%@M@NTNFDCyO7$u5LE;*s<R<1CR|T3&;)776M98*Ni?
z-bk-f7e>t6#3m=Rgtr*R<6hF+|6fUs|DHT=5qo5et~1|tX34kw@4woa_4w+Gyjq&6
z#&G{^@Bb|>{&!OC|D4<ZCsOx+C-ncl;S075wb6f+kS#;YBwI=JIzF+WUVY5t%Syc%
zBlXJ5%rCM3B%$TU-G6F}9r0pgEfqb$<vvRO?s_8Hp$3rxf0J`Ox`vajknj?{Bypn1
zXILeG-<J47k*;6hcSu1TaY~VdSX<Nu@kF{PI2Li@bbIuDAQ7T!K_<_4VDf}Gid`Dg
z8Hc-unINST%ZoFq-j#h%FHR|v2c$9Vq!;N*v(AdoIXqcJPepbql2t5Fq{2bgc}g58
z%dVO$l0%fkS|Is;U4<~0Sb&v9B9&DL^N2$jZxeA9$tN;ZA(A9kUcy;5geOvrQDijw
z*v=pY#coBctoSWrkix>P%65h--;0QJHJD6Oq?kA_Ns`!&^_G5cRYJHiq!TZ4!p;bg
z(qf(@apEe*j$=W}h;}vEjt4uFK+1_einRL%XPQAOh^)0(Cy$CnC9$I}lh+lA7K@)@
z(nFD|VoW_E`$cRn+=GQwT`ZO)PMqtEU%&;aA?%T)Gdbd2tOin&*AN+*nDSFY<dwv?
zQ$xf^;@gQ4*G7|_c##lmiP4S_F~WJ3$OL02Mx>P_A>ysQShYjEVnh{1&OU|r>mrEM
zQsgqon^NalNs=N`TG`?)keZ^YBz_66DOyVspJVH<?0ZeoUlR8HUFnMUS9QHu4^m64
z3J|(mS_ek~e4S4~o))<R<WrEkq5+eLt{E}%h5EB%lp<M1Suzcu6|0$ubyxx0Ep?75
zoiP(Rou3sCB#9HX9$Df`SbkQd8$-UwiEc}9FB;@I+!A6k4>~`BG!&;4`4a1&zkoCn
zO~#VWWbqqxZi6%yuPE~28BG$IL@e86iF;CKyCfH_K520$59{`g#WCgTlSVl6j)*lD
z?s&4CB5uL2m!Z={R8yq*W!%xix2ED*NiJICigcQaE|PHWgrW4j7!n|qs?Ee4N#X>>
zD+6?zi%PNN*JMHQqF6K+t0eJLqq%V7NXHLzOOZp8$wG&@rC2SAALbXtcZ%pRw-Uc7
zJ37pmbj!b#^mC_ko?=5m5uIW_8I~EhMVkxZlk+&?{&#YE7usjU%h$Pn8gJkQiPtb}
zi@d2w!M~AglhBHQv@zlN6f2O;tpM>pKaF223hH?C&;wEJZmV5M5)B=nOwDG=lG)Da
zoW!i7CUktV5q-;Ud~a`b5^=h;9&~&%Iu#jI5+{`ZrbDC!NC)A*PNuk4W`fjF43Z>H
zti+y12k3MXyIDu<!y8!LK{|_Wn6FWbox8gw`hj#2s}!lANLO(=pfdzI-BkPIw-VhI
zi8C!ycTozpkt{!f1E8<MRd+FL3XynmER8KDfV?P@C5aQ)&`ZAo(o+<hN;+}k7p$fy
zg7gy075NxCizNA6lF4Eb?r6OQ(p#KTBn$2qtO4mGE(dhTRbO#=8d;t!Naq8PeyL*7
zUu2$6I(}Q%UlfppQ}tuG>Mx=t;kfSs86a8*$mbxhh+#}3-aNrA(jYOFi71Xc@Lxe^
zkoa7Z6tNulTu(`ILXwFl4F`!I*p(#bq|S{Q6vC7=MbU;|02wUqD56X6VBz6B5OgeE
zdIyVAis;fiM8pILmEIv@4U;swo(>gT6w&o`s5qcV<PssS!qrf5T#<f;{G^Dk%R|L&
zMRZ*rDnf5?2u~rGcS9U1awwwf&QMX9Nt%-nI1Pu27)72rsmTk<RlBFSFBmGuDIFWN
z`=$)x97P%!@|JRy{#R}RhKk*a?7Jq!pVC#ISscQI7+bc+L&YjZjz7fv!)OAAiVqao
zZpdy)_FFeV9!NWNXOo@%Vmod&xE}~HO!SZ>#X2$-?=wp>LJ{323=<QXnBHNSpc@a=
zU+9*0xX3hz$s+9fl!iE5#3V>!>DFerXdNJ#;MWK-NRs{5YZx_U2N@|M=8>y-u?O`%
zAIK=tPZBQS#Xw#au>n#JWQ^FsMCdS&6|EA<&g6*sKi~uobjFHKip;|piAfJh{2pYi
zSgVMR*En%Q5^fV>U}v1@lSG!eO&~kt#Q{aAO{gacy&Hsdwi@NZ+7(EwxGTwI@eW8U
zkT{WMKIu#rIUQ~#UKcqOAsw<aLF8EA>rg8(F;y!uNjxoe{8nO;XemjYSo)nMI>OE*
z@rtr@4CEz{$zrS`4J)$mQ^d@G4!N2t3N2*cNr!x&mdf|(qB-lxHlZI}O&6ym@ypl@
zabJ=YOXtoEQE3rbPBCR;hNv4LR5oUcPLlX#;|+0>bxfNuOFUFWw*a$5+Bc=;G*|O;
zPd!WIRU|SJFJ{2<EKyIAIC1JP?&D^O1FU0hLCTMmI-M4C2&*G^s2`jy#wfCG7}xIE
zVw)nmm6$C)Wnx;1+2XJwx|NtM&MQ~Cm6$E)ciyNr>CxA0Q3&l<uzt-El@!tSYmPXy
zT<TcwVP;38xH%%n3L^W{Z0U{Lj~F?`ivf~w-5HN~#fvEcG8ts9NR}i{co;)cE1D?E
zy+w8=i{^$@mBi1}MA1O$=sZmnu}sX!Gf~V{Bn5Z&Xw;M_Rw=SBFOO{!#b!xTgpOCD
zn72y$Zu*@>u_QpU;bWp$D@mMq88MAVERw`2MOJ|<1eq_IzfE@H!~u{MAPd9_N%mV=
zLEe#s?hjH-D}$^DStzzCQWduWsqbDS4g_?_uQ$czci0u_P`y|zGQUg2uY)qPK=ymO
zrClNlNuB-HdW@q!gq<Z~wInH)9$76FA1I<nUrWWul3cX(SZk>`pmg+DYniH*eowtz
z+>$z+?<fdjxv*AK2>t$jg~%XDf+$cD@1`R>D@3FsPos}Z0a+<FOA;>{KNR9H$f{H=
zz}sTd8nW!i{cSNX6`?cHRQlZPwm1emZ;NG;B#2C>gg6KCuAmb%LL`WdlW=<#WVI-^
zfk_3-9j=4CCt?&C^qehzmxSk@98+|IVuP3~b%Nw=CgKOo)>&txBGH>I5#C6y&M8tF
zSw}OMWN}TA*D(vAG06wwks>!S3m~#lWWm2wenu%*n?$4{XVIV17<;qmqe#+FOJsuf
zhvKLrC($BhfbUzxnE-hTWUIIlAW<M632I%bJnzE@tvJZXVw@zCBk~}9qCs|wsglHt
z%}5{mjh~(3DC@}D6#E3?CQ}<>mgG}d+$C;E9UfKIhpXM98~#NZFfHvKF-{RZ`r0EB
z711-GJz|R@dIq#d99Be+zV?XYis;eT9`OScOV5Dzh-Wsj?|KZmM>J<*#*ll&NJaD*
za<7;eAe1|M#U*8@7*f6oeAy>%D;?cp?-SN$>6ht=_6hpM9K>A`>WTJ?N|N|J(Wm0P
z($TG7inz%-W@MEj+z;7~p8chW<^e*pzZ7weiD~&i6M42sS7u~&Kopn6FV6?Wb4*Nm
zJ|Ma(Qg=6gp%*bdAciQi3vGBikk7?*MRb`zD3&OqOZXQeSrJ{r4~hMX=+b*w6x&K6
zoGj`VvP2hH{!-LY<itK9dVm}eO%%yJ0rNPJqoR9&3<dc{j8KGX!D}EVL~MXe068fZ
z1jsCq)2Yh*84<fphR5_5XT(w_CVkF`EsE&ceMan8<SxbuR9e0jClx7+@DMpGeo<s?
zqAil(`*(tV*Nfs#WCh3%qHut0068z}C{h!B$_|iA;s-@^8eSIlK4v>QeXfZ10kRja
zu8F<@LMe7#Ob8IFS+~RjMJNqVg8VMt3XtzX{t(*&gnoVKjwrpIe2){OFp{|i@|WnW
z2(>MDBze4Txi2P39lspj7b}^VbiOaPE27KTeQ`+<o$?RF?~3SB_fSOa;MCBi?vco?
zh;CPfRa_C>u3A=%B05!VYn39M(1TDpbgXTP6jj8v4oQMl+2`<z5n2P!D!KFTc@eVe
z1PJ9t8moDLP+p|7`UME(MMi79B3V)9)5CHWYfgY<1IcFHP(-)<Ijp+@LM?wzE7K<&
z9@3$fKezRG%b&-3Ja<rt<zI@YSGs)C{f;H_!}myQ9a}avCCd6RKr+EXl=Vq~%tL2c
zz&a2h)O!}PE=$6zE5%^BkTqx*dGD_c7PflqVWL+Zi&z6BnH=#xUIn7Hlp@wJMRtOe
zg`FbSSVab$###c}-lEndMW%sNhE7qV^OVvlW^^hkonqE3<x2NW#jPYo&hO$DvbeQO
z5#3vru-;YVE>`fU%`9OhE24Y7lGZjwk~i_lp`^8k2}U<KiGUE6vW^4@^{}O_pA=d9
z$dbKV8SADZOF*daE^9qh<W1~1lby0wy1kT!lLZm7Q_jk-$czHEv{T+HqsVI@WT%1^
zBT1Zi0hSxVP6cb5B=Mp$-bbL{h^uHlK5D9D9b{LsY;=N7CF>8i9Pu&D89^#r4;A?g
zq>m(FwD<^N#Do7>;uVl+E2|=z;ny%p3Mldx2<cR@$||x&=~S`mNaB~Ds@BJf=<-v|
z+RLs?>8)lR3lQ?Fnw7Ml!jodwx~p4DC7B%2{V=cXRJYz&WDE$UYIW-)Mf$4Ml^WI_
zMaF?x(5Yd4ugGM~5NXyQV_i}t3550(VyqjATsy_3x2APR5lfZKnwCXgBE=SBZHMNS
zwX6(^tOt1wv8ZL`QG`k+&B$t7g%qKZNu$%+R%t~tqaCC5mO55FMaIJptt8j6S|~CT
zgxbS8R#!#3PvBYY)7Ah*27r+7Pg}1l@|CJzb*<MGxu9ZE*P5Y-t{2Z(35w`?@r<=t
zk$V`6QY`9Os}u=0uw^XjS?d%jq+(Iu+ONouhd96LTVE-17lg$6*7u6UVvPMd!u+gt
zNs&a5sgm4K<hx0jyMsJu-BILEkVHw`6v~Sfv!l@f$ApL^h^^S;SPY$pRu)O(MT^&M
z@eW91tB@jgV_U2PX=0UE<URPl1*EA}N0HD(<QK^ER)0x&jQwE*&ZAkel3cWO``psH
zEeZFqr1OIH)Ikc*WU(xfSNU351tsz4%dJw?<yKY?b|q`d=kUFib&p+{dePc)uxdc%
zFtRR}=hjwQMXG{Od2VfGRiv=PD<^HNJc?8Xq1L#KRalYiSR<l!$hKAmMGAsYEZSOi
z6nWx9-jix)HBcls2+hCRSuGU#7Be#1w`y;-SLB+SqqVnQRHO$&NIgggtDhpHL8u4m
zU=3BI-XZKPq3U+DUQ?ta2(2D;v?eO@nbPTG%~a&P(&=O+Dzc~tul97d-cn>M2o<Hy
zR<b6C*{?3vHbuS#A-}p<dlXr&;?>pqT#*k|yt-P)B=O5(H)|W*BX>+&*WKD3Aer#3
zyY+d1P*44$Dhd9sM-S_m)Jeig0qnXWeR^2uza-1?Vp>Mri~#9nH910r{W=fQ$Lc0Y
zyf~Z}?GH#_E8-}-8u13sErRs3noGj2sI>IAx&#Q#d<R$q0)#BTY{g0vFXm3M#eI-h
ztfK)Pay8I8CrOg%jJ+fev#LSXRYhoJI|ImI>wzM)`b}hrmFX)E;nW90JOwf|RlOKy
zE&iHxlEi<owwxb2!>mmKQWRu_bud86f{e0$ROFO}G6wRhbxn~kVTZ^VE8jQ1<tiZK
ztjYmW8zk0hB1yc+f<A?Of881tAmsZ*YgK@d<;m9303pj$t@{B&mZw|Aj<N5whE_W*
z)=sT4iqJatbI^IiN)C{wAhWFV0n!>I-pX;D?U1XEAakuI0rC<^q7@q;eL<3}%>gnP
zWTACGKt_Trvg)2-%ha3G>4+s(s{k1fou$^R0WuY2xiwRg1R=)&AS<k;0i7g}x2)s<
zSpu@s+8ZFNKvr3o6`6=#k98pLSm{o3c!+EUS#6aIknJGvS*;Y=*aJ6hLDpKs6#2L^
zItq~W*5Uy93MARuA0VeeHd@yL<VTRrR#uD;s2q}=D<E5}7)46l!W<4{n>8pv9)fJQ
zRs~4-L#*UjrvfAs$Q~;VdT6TMlU~4ESsv{`l#?V$G&?6mUg%(K6d;8`4p_?rgu;B#
zI;F?~v>TK=hpa+pILuv<8l~atOKX)Pq*EE>h;>7e=agSxS;f9(S47CKZ>(+sLVg{$
z7ASHU`!ZBEPFjZogi69GRhRu0P7H(2vgN;GZBYxBPg@ZI@+`<1tCb?rNY!Q_XH(hv
z-nuPy5=1q$HeI0ez18bGvYa5U;9U6v^j|+(QxzFe3gcer{ABG^q*Vs=j37U!vV5L~
zjrdFPa?G{GDCqcv)*;79@~O0wBxd1MIpx;{>$oD{D{?87<tx?&sl#n=Cirp1`i~^>
z;&|8+s}bg3tluR`5V!GS+De;91oD95^~W8QQ|Mf?Dk(B`K3=Cncz(5F6e&2|7BfNq
zV?7ffb0ujUAPYgRTde}*Esz`5T16V&#p!X7o7ScP`9PBG0kRF`mbFijOl`2si4gu~
z9aZE}YbLj??-ZevPJ7_$ck4oc902*l`c;vQs9#4w{=|>2aopD{@|X3bA{*Oq`rNaM
zD6&S82UayjDnCFug`G#K@<Q0pN*#aoTi896tETYl3|t9&o+L@4OPnok5U>v^as=c@
z=s5QM0I7ofa_x#gP?(cMb>+&l>nYMyxeD1W0)$+J?JkO(M7<!tBJ6>RTmd1!(%54H
zgj_vg^L)^+Uuo@`N@o~e)x8W?X_byYCP{0rl{$Xh)7sl4nIN9dj`H=7t}@!mKMDN#
zt}@yY=ZWyxm{u4v+Vhx*doS>ceMWo01*sz(oDE~0JBlpt#ODt)+OZc|=ZUqJ_#M7y
zw9{Q8k|4f0YKi+Gne7-!CWtgwQFcJG+4U~7t9!rjNvG`g0Y%QE;5>o;G`k&hg>`O1
zhg{{d8$zNT+A_r~Q42LUk3A?rx<4UAetUr;<M0Y1H3yOQSw-F&NoO;$-eN~09AxKh
z_z>EH^%lE{A``0H;v90Pke%)t>pUFKF)d;bQ>10QEz-kP5qtlytP_vacoL+Teds?-
zk~6WZ5_X;IO!_p_<h~+*ZqQ^p6&i%+eb~tjJ0<MxiY$g-+3>BjeP5BEk77?aCr&on
zA+)gMYLIeO)-I$-oFWzMV!yFY4ctPY9IR{?`kl#7NFTCO+0KKuiR_Gk4v}bk`8_7*
zF(V^V#STAY@+Hbf0fexsoh?90g4D1JDe_T1tagCZwC6lxSBKE{)&_aT&LMMPf_MQf
zWime2vxg~C4d*w=ay`2q#(Wf>3uwci1$oXMU^D3wi90kPjqGBmA<&Uy_2wW=>{U#}
zMflYoq?uhV#IA~B#e!V5urEBxWF1Pxiy(+hRwfw}(4(P5wX#bo@>Wki_0iUjQKSQM
zknFUzH)kVPer;;6>ZxCw+S}))&IA!c-RTQg?d?K1uS4;o@QecKW-mm1i0JUVWG`0a
zI&x<Mbb8o-7Wunh1MEyi+0|*4ssrpHigZD$QaZnE&r#$IqDWzW#m<B}Lw>!Y(r}PH
zrVNw2DxHVeg~~FCKnTgsaJytVCO2N<92{Y{lf-Y4M%n`;@l#`@JyVi6kr&}fgq@N0
zj!JB2DeBi+kk{>EXsIbYJN96l1v14h9!(@c<UE1B3y?W>14-h<F%%X0mYAwNOtMQ=
zp)bDgNp^}PN%EH<s9#R{2Umxs4(Hd8@GHr_|CpUO?J2mML*ZGCRw8pG_Mq+6l1vb7
z&?a1itHt*2>ZCJ4TttZ?vIHBD>}uzq_!S+HrS>32j-&Ua@y3c&;aO=fmO6ecR@%L5
zksVHF+CyAv4+)UHjWNcyV*}(q{CdYeB1uZbh!mb3uQB8R+JxpXxyJrl>C7vj$#F%J
zp)eV(-x^z!#YviQSxt#p146GZuCdRuE3p!GsP4R{U5O*`t3PzssS=(dW@Btjt~TiK
zhz$tgboiBQ@2yQSO%bhB3%SWYqR2NW#nh^AvM)<AS=3fKo9zvCWcr9XC}Y&JZMIKI
zk|JJ3Ix{Kt^xxBPvt2bnysg+5HmRXgY^x4ogibM^=oH(kV;Z4T%qKd<w(7W>6f?x6
z*fwp)q}X=t%B0v%J6VP~#iZCL_Cc(?1XFB}aivpik9|_<=+xM2|DwoHq$;(&d+qek
zkeztZ9d{|yBQ^Hgc_i^m-9EcWfKZC<x2pz7R*)3?%K)L0dB8p!AXG9B+8yhWUl&cu
zJgn0BqDg0;=yX18_mZysJUy&pdeM}Y!}c`RNpl(_2#VKXJ6@4XAmr;|dy(>8=hv5p
z==}1DF5zF=tCa7$tRAs%)aR7fY529aV{*_Zy38N5(_@VQ>6GU8F<hID+qo2(J;IhX
z?zpj|Yt!*mxpT@cDqZ=xbK0i&9&{@~xpT&@6Cjj3XYF+XLb-F!-WDK~J3pAb(6!)a
zLv$_p+0O7B`E@Zu=g!Y|PD%XS`PnWf33fSE9sJpz$U2s;r$5{K714G1XL}tMfrI7w
zXZvF&CQpC1_bQ_E^k<!7rVgGrMCYkbbe<YwYSRVn%H-f>Lv#-QVt=80*Ex9AKBb7x
z!K?OVCZ={@wQn}$c<EaCANvW6sE}WR`eiDs*X^tUk`MWH-Oe8%H2S(>7Y~qv(79<h
zQiOVQ()rEqp$Lru$ntG_q9W9rGg+bt_4vhM=eE5~5gON#oj>e-0YZNLX&(uYav*=%
zX96S|<eq(B5gMV9orm^QjX9=zr1!|KtO$+t$j&3Xxgs>uqwrYH07)i@KhTy_8}2w0
zn~<Fe;!rh9_7{$mwJBSsQ4{HeoC-|L%5BK0FG-T1^Upo8z7cZTD$=ks-#H390~ASH
zg>@pF)sn;uPmwfEp6AK0B$1?CJ>m3FWSt^uon%SkMgEeOsEJslbM7mhX3f}g2B#|e
zEox~SDw5H8d^a$YlaspVKnt14;ojVDA$_9jU?!)KbmiB<Ob++dehZn&dA#-WiLNO=
z(KRKLQ%PCYtzTws$JCUphUl8|lp(qu%kIQVJN`U3mx-5dZG56zn_SLRl^QyxxtxT@
zVwy|E)E_zI(!QHE!6!PVKG88X#Iy;ywH*`Fe1_<lMmnohcyvsooP$g(BA+5J3ppp1
zj&1=8r%H_?&Q+=7x9UZlyX?yJl|`K}?!}{pG<{`JC#xbleTq6!is(MBs8dD}9rvP6
z4MlX^i#iRNm{C(Pr;{RjJXXx<tB4-g6>~-@qEn-UGg%Q`T1q-eis-(wjI&Y^onmF2
zO^WFBDR1&rlM04tR~4N-(iNu|wE)r1=K(^a<!I-$vaEft;@nY0hp>uMu%%2@>#5Ip
zoKW3)RubQG4d?j)$ppV@IBf%j_JCqkUH12YYB@cmPLjA7%PVHJoSBL==z-G+XeDYp
zYZWPd3_F}4b(|xLbi%B^6-Zs@Y=CqIspmvsBuy<+TiEFX(!hyPBnEbdfHZQZEAsMk
z+=2vY>Lf_Q@tOkC%vmFe-)^*U4k)72r-gGz5uJvuoPw>$ci&Dcr<x?boi<KeMRb0(
zafU0R^R&J5_+DEF=kdL^4$k9yZ5^H20pD{W9G#uF*>alE_xV0ZS7)6fnTzuteOKp0
z<-5LL(A7Dnh(7z>)ydbI;uR-P0Alf5baP5d!ZD3UigkCY2MC>!d&%j<Bw|cj_N$lE
zLy_o$w!B5s%Nd}E-Iez=dpW}-xoFW@qqktEmje&+m*S-+<8VuBwbU8Oc4Qy70i?Gx
zPg!oU1uv<9^l=t5k$1buav$f8Byr*goH5%W$(c5O4(<c#>tt;!NkraLmN*E~&&k6?
zw5f<4OiAu2G9BSL3DV!$-Huc2)dNDdbpxEj?U}SiZ%#GkWv8wp!xecYRZSV_bd@?u
zq7cT~H{fcZ(?38`P?rZe!xhPa9-nqAhB|QpLVGvEoH+q<4j~-rYz~l1AfugAid@Bv
zp6rZuE(8dz%8qkx1jsG88t-K7K=GO=uKmH|jX0;ZBz`Lq=ggDjqD3LR3s-SYY0QDC
zM6Jk-RU;(FB&UHS7cKIgbS68KFoqzV+Y5LuJl$C?$wliK%rm@g*h6$gSJtTu*XcoK
zI|aJ=u5y6Pb81V%;mHp&-x<V2WGIH;I0jkh9985q+`KCbve;SPo$UCoRyaqQ7*{Ku
zaxY39p<TU`DhJ<p#7m@;B)VbzOF8(ylP*9g2iH2e7124k!6_CXl!M963jsnoxXI}m
zAe4h2I-?ZPIrx#YHb5u`KX%Rr2<6~*=NC!*)s>yj9ZCE=-RZpD!%q$BQ+7IMCGqog
zrxVqabmGM#<mq^<EbVb(B=PffuX9-uor5XP`d;MfqIJAH&$|yen-!tdpu9NX@S4m;
zYmd@7>_qftR}@pyIh<<5__Z@f>iF^c+O#CP9Qs6;x)Vl6hmc<Ar@s_Whw!W+I)pya
zA^g$k=n($std-$O5;~VJIyl$>%S<RwFF9Ei(K&d<=@THN^NTYkKqybIIfnv-^7PkK
zsd3#oBX#`Lxb9q(#IL8<odQ_t&}E*^8((+IGl`)7g6_-QaAG9!Py5_RRpxIv-K0*E
zxOo%5c8T1%;jC6<r(=nyL2f!n6|ryeZq6;|tR#L2Z#g%VP83$|8^F~qr%pdkvF_<{
zW)kGKvp|v27!}Z--5<{K0O<ssKb_S9Lg%CIILV68`GlU(`AfyZABW#f6|cKaWPdJo
zd458>ft0%I6qUpe^FO&#^Au~qD86BISI<E#ef#6CQ;{vF`53Qo&4wp;o!Y4^H<pC+
zi|!-bb^5R?ONZy4Gd!R}_4J-IH9*MKJ?F9{DOOJOO@-46ao@S4NORO_(s|%C7(g*i
zu{vzzndU>MwIXyr;bnY$=)9yz(sE0*h4v$7B$G5%dhz_-awjSs9YV`ZQaW4l@+S@C
zE%zNo?v~>fSIga`$WY`d>+Dvf(+OU=wcNu@tZb$677}7%xn~u5Ma9B)OHn|vvh-1J
zPF2Une~EZH?mp3Rca4sYyJv`wyCLayEJ9i*y^e)XbSw<<beMgj!yI<2$uRr1GQw@k
zv5@)I8<`s64pl^l@CkQ@B07XmxQi9hxs%p)U*Xiyxs%?_EXj}7gCDs(r+0I*jx14?
zkgDn3C`ELb)4OUFJ&lfO219gAeWLR#gIh!SuJa;;`-~zp>hd|g3~qC+gL4jaaxa6s
zUy)9O@xp^7Un|lRgi<4;dtVaXtr&p1oY~DXkYlQAQx-Q;kzBYXF%&vk+{TI=n#g4%
zi`$Bcsi#@orHbf!n#FxrxuW)PHayAV?vf-fB5Ag^^Z3qn7ME8TxW-YKeWG(Pt1dsD
z&Ox8(9L%P5((4?|?mm>h`#G3h>v&Y-C<n6}-*pZe9aC0wxN6rUjn2Uw+D>|%gFewY
z=o6iTKKV%HU=BAli1R|{U=AIgG&%=!D!=x7H%oFZ=XNtnS6mA|$5<kdn~&`Xoj!Tp
zQi|yG$>-K!5~0&4(ruu0bZSJpt(A^0y^-#Vis+a|x&sx_F^zP`D57H;=}yx+DyETc
zk|g_ujzy&Vcu9!TahG*@65{O>T@niDls6^8CpxADwT>wXg*B1+PJNS4=*$WERoM7m
z9{Z<v(qWHYyD}xASgMjx%;@O!DQ4{G66KRN_4r&tapOv-VF`B?r&t;)35QS%N@zQ>
zBv5!tDpy<*NT;;BPP*cfFd8+tjJt#Fn37P|J*bFIpK|VLCZ;4*a4#wy-4j)Ce^W%K
zPX*UP$k01P=(17K&7g>mdqp?5B063b-C~k(zEhYhrpot9I;N)2^@;9xDjOYL5~6h)
znv&oX9n&gW$CQL>nwXMci0Q3-qGMVuRlfT=I_^Hvaj#~=tV@DVbdOfujh5-dIY{UE
zYq<3}4NVTlxGyN8<5kmrk%`H{+U`K5qjRvfJ4Wf~Ubwb9O%WZh+HR5}Iu^Cvm5S(C
z)OM34;Skc@z1r?BCJ_T~^Q@$f`?VtbGV<7_j(b6o_oFnqBT1Y%+}RdWV5g3oZip;V
z<}UfuZZApLuUXJ}+KmekS{JSB&JGY-uY1N_E(x!pCBjubH)1GRo*bcHBdPD^S7hl)
zUhS#x)?k7~0$yFI?>1FBpW<#sX}GWNzM@Fsix?YX)?eS9tw_fYcsy3$O;&c^%a1z<
z@V&mfV3_pXyl&CJeOr<V5r@?~9u3@$lBA^3H|ra?JDFIUr{cGZVW)w6ToJl~PVb5|
zbbpe>zt`W;{Y8?=;v0lH6T;lky`#t|gpkhvG;%}3IXwFIVq-T)fYAN8=iL^Pq*$aw
zcj#KU-2;Sf%(Zf-Dp$1Dv=Jd}>&^?1?I7*lv?FAm$`z{5Ksvd(0_1CuE^Y})IG52R
zi0*EK0Qmtr-Q7U}LizrpJ0U<Q-(PYUND?nT-e8GKaMi=T!#WXP)ZtRs)6F!J<30pC
zhm@y1-64vMcnfO|aMjaY!X)DBahCW)lGRFw^7OtWyGH#zPkXtCn8;N%=Oe7exu*go
zJxCw-e1PNv>F?$oO?KkMiwF<p*Fd+jA}w*UmA(yf8z|zvjaLfcYOwpcB$EZDd^t(Z
z21sp?Vea`?IfOHETH<+-k!~IQwuGLswg-9DZ5|-qKwfiCVPBbQ%6BU<VgwoE{-DU&
zDOiV-<X1&Tco-i_a#xWZhJ?qm@2eeKjFvjt6j_mt$ym3bBD0mwIJc4_l+JW3VZ3`E
zd4TYUPf+4wVJFsg$1~A)w`1MROk~PWmO7CE5)U%bjfiDe+u+w*Ak*E<imX9+h|F+v
zDYELeB}jXwTTqdEXvc`W;g(Y5Alfk^v)syxq&&m*YqncU5qc$pZUWA68z@5gwFZ90
zyX9V&;gMn91~Si`$Rr}+2+!IQ-6Tb-pf2x%PNKU~k+QCOk;8pok$TYiRO;+igzkt@
z2~Tv7DWY$CCAt?CS%(mQAzl5Zh;G>uUAhNLC7~_a54wGy=oV2#x0#7<T_&c@Omtf*
zqH`zF?XFyPeHXtYEd3fFiN6kzm}(4==sv!xpXffms-NgSzN(+(&Y4JI_AM`PTTLO7
zB+}x3<w^Lyz+Hg$l!%wtk~g~-x(%igNszB((7EMB?f^wPw!+zXv@LJCNs3fEkM%d$
zS?sP<gx>o26=aF~i6ZnK2$7}kX+@~T{sUy0imBh$Eq8BA9VXNQEO*`M6dopz;A(}N
zl}UtmnfKpUx_K0#w^`_>?Mk<hBBw#<Zr4h;v?99oTjf?(<OJG7@?(`-i-|0U)b_q@
zMnq5L;X8&tNp6po<d1_obh9HX$eL6+xW;WREvH!7af%?9)afyk{EQPs3WB_sDmB)-
zIcAYgibX9zMd++grIYMlmO4oyFY=-`bdudLO)pi7H30d*EiOq)ngK0&OtQ%>ugEwM
z(%$4YWMWmW#WCINwo&9+5E^}Lb_YqaUu4a0i<Yqbp_|M)e5(b9wz!8Bq4hDUaa-I<
zbI1q39By$3FcFRMUL38nZE=gu^}|f}?6$g32MG0O+uY^>LN5$_<c>)oS1D=U%)s}B
zx4ToBm^Uc4yAKr6yHq>ebn~Pu^Mcb3cUXYb#JcDXH&YT@jz9}Zql=wxq$F|jO}Xyy
zeW%+=k@*L(+XM26yMSGpT;AoLpHFu7OEMTbyHn-hK6mj#((!A-K6h1sP%YT!t_u*_
z8{O}24UqA$oZ_Bh5;3<KRv17Ix<5$buecseRWc8n5`G0IRcJ)ylgZfkY>uFPVRUpY
z@Cns|MELcEJ8+RqF>@>Puscc-U3w3viu)0_-15K2{fJvTKq&4<+-3nnaX;$z36Q1m
z{cHEABq<S<e&rGD3HKrEnAAAohE_<wB4Wnz_~(S1L6Hf+p#H(m3HK>QzB-4RB1t|)
z=zcD}DR;sx!bG+bTcl1`CZ-mgc1KC#r~GO6jwA`<M_AqmSEt={D=9n);<HD1NfqQ<
zcYq@O&}y9o`OclKNSp3xpFz&KTNU{gxpN8Rd-sqc?;k`<3-W^-v5GDKg<kIukRRP*
ziflv8djRs2yH=8TQDigPvF*6g;~rHyD;n7%9moZ@9mZG`!b#XG$p&)KT`Wnw_$?RK
zPC>4?>E2<T3|KKL2XfUtioT6pUCW6U3FL;mb~TecSg(5?<hFZb4U?QRZP5|rj=T9i
zCi`B*x;n^Rx5xWTdZG>v0eRpSTdQ2*4EZ>aNA7t=#$ntt3&inmtYe)hkfk7DugL}?
z@uEa;ORNQX!s{VPf*{KqLDG7~lG)X-xDWdYNP6#>BJJB+;s8iSuN~$L6t5W|CqbU{
zPAPI5E#yUz>|VExtV8cv-2}<$J$@c3w-+mQ{Pr-nS7;NtO0k9`%=h6cw^t6iqDk5v
zLge#CNfIYWCp$=FD$51DbRUu{za=T)HIXD<<hhDo2CfQt%UDN*m*AZ$j4BIx>lOKP
zF_XgHZb{;#PHDI*;$_`Jmg5BJ5Gm$$Qe+bBQ~@dB-Bu(A$TJ|Nyg^&pmD2<FvO&st
z=M~xgk|mmfl=CWWW1Zv`Y^Q>^O_4Z|_Ry*1W%@|jxrKQQNVHc^kxYtI_0B5NsWV<?
zfKGKU-N)?eXeL{X1c~v+D3bk_CE`G8d3m<84()c%2C3@}Qe>eb^}KD03_^J3L+4p9
zVh6kGrbq*?xgvk!M)Gp#H1c*Uk^>{y)gVp0N;}!rXR)}~2J*ajRFR9TvHuLx+^hNt
z>l|04r8iTNFA$#f&}roj+RZv+7GOjG($;IWmr02=oQ55|^O8&ycVLIoxs%szAM0d6
zUXZIU-v0ee+QSa{-rY<0DU<aelwU7-v5JsiWT&ThG@wIvdV7^VV^{r@oqpa_MZzlX
z1HAo`#ES!qFhYsIy$P?~0dh52978)s^MZk1*3X%oJiug-cT|zuD7{ox2Ya=@V83o)
zbg>n_5Aj+_GFh~T4t*Qy?N_7}$S2Sl<}ElxU*g45+{B?9pu@dGioA@xATrW>s7S}<
zIAaD^qrJ$(?5Zs4E9t!EHJ4<vD0P`fo@2dslK5|jj`c1}g4g^KEpZrj#(Gu1Bs>0#
zh~vCsM~K9UpV6uxgU)#GO+~IgiF;BYao#aScB~MhJjNswya7kqRa;m-51onL50d!3
z%p~vedBG&_)Ys&S+XNcLP4?P-LnI~5q(j`lPw~1bvIK<208_laicCMsI#a#Dio6R#
zI#az@75Vxb)|uwLuE<po(wXMXP$W+2O!pELS*moVdy5t6@-^F;;jL0+EC|_|;jL4o
zU2Y!X&-6Z2q&o<W@Mn6TFtOTJ<Pq!}-XTSLgHYVx@H!onakt7~m`Cro%<@Jl@*K!j
zr0Ohhfg;)e;uke%d%G1W0YY|Wd!>%EoxMdcf8T~#t+!Z_^&m82jQ89VtTPEYc?*`~
zz1)h(JK*>@*DEIpUU5_->bYLGlhRe1T!%R|61+Z&ln0^INbm+LvJ8DCyb|-g(TaQk
zLhk2z6PZ|_S{%YeFWo5)&$pRzJ_<9bBrl&L6|yjy@0C+zCR|Z07I-xk*=|T9CTSX|
z5H9dqDxJP6gbTcmirm8c0DmFw3%!wwgjG5(^b!?0SAp|uk+({_0-<zX<W)M&VgABp
zoj1LDikt@_oj1L0io`0N#ohr$7Ac*@Ud$P`a~rusFV!sZnkW)cl<h3>&N4~!X&X+}
zrQUf(`d|fx-XmJ--BhGR7hd69>iwliH4w_3rJnt*^efGQg6!8aFQX!JF&--oon>Bj
zMaIK&bEq%#ifWxZT<Vs2l@xgwgkrkPtE)(27h8^3mwSyASq}0D>Ac))C5ajX?8JQ8
z`+#+<`)4s?g3fC1Gex}bn5^-RGcl{p?|J8y4$b4Lr^Wc#TYZ+(P?z5Ky<|n`Ryd8H
z-}jn)M>@QtO49pY#{i)@^;)k76OlC%ze<S^uJy(-iKqucsj<$Rt8}_Gutg+v)_GeL
z=?|UaAnQGP{}=69L<C4VkPY6ClK3O54c=`@62$iyi$+VGK0lJH1aaauA?R(ijb8Jg
znXDdy^P(UhdhO0LDK#B;89}ysr!F(GkP>8Pr+4TIlQhuj1G3v&{R@-q^Uw={?DY;^
zV=_AlZ7RqCufeZOileWb3v$pqAW6LFfzjy_kVD?7>!dSJ%*ROYW02$CjhpOh{wTav
z0P?L@><=bm+G1V+@`Lw-B8@?Af}Hm@|H(RK5gzLkAufA|6nPUdO%HO-EA<!aJV3l6
zL2h|B6cM?Z{O)bO%Q`y|3rev&-r{>q(k*12dtStSCiGr1rQt(wj3Rf@<CA3(N>=39
zVkS<g&;xcgZ5g`?g?cCwwOokea1{|cugFyu!gPlGCl}kvXh@HOOtOSR583i;#Iy?R
zWDDg{WEIko!jnC8R*`~8pIRWfLhUdUqq6Y<V%h{GUudR{t{0^GIILlV6b>E0oPo#%
z<ltbCVxjL9!GpVUc2hcZTakHl(33-_eCY96K&4P~v`y#}%x`~G3Q>zjmOpNVUI?x#
zh1OyPnFy7HB_LHpr6QQTf-&uSkeVS}ftNZ{YM@Sl)DE>$<XkjL3u@)lp=*j<Da7QN
zP$}#^ljSS<P`cr&eyEQk1)juu1ITlsI_XG<OXim#4O7LUMQC+;(&5&IUeaq3Iv*f6
zKwb#NV0A|8+y`kBdWT8G?7sNLILxWrht?~y=tX}0zI|wmBAxE@jJ|#76Gi$?;+c5+
zP>LjR;s|;f+6QSLy03J$f$Rq95K4#DY8rj%^{5V^PbJ|n(<?n4LZ<^Hv<vUW{EcJ+
z=^VPkIuUg0gVq7MhHfj%=CpGtA998K(rZoKREqg0*t>;FNu4Co5_95Qu-q;5On{UG
z=^1JlAk{(og?3BgmzIH{$6p~H7}|_61V)8s^>T1%ha?<RN}s`@BLPAq>LH<10Yd9+
zLqpdBq#=AC78;a;EVG>sAfrRqB#9Gr3!BKeP~V(VN9ecrCxl*8gx<`jR((QfT7bL^
zR}(_>17sM;#L(IRc@1Pzs8BAl94Fs)ejQ|TsJSEwLci@iHMCX||83`Kp|RLa45r5P
z&?HIx)R-Qc6(E!vGeYwNgi>Q>XnBB8YP=Cj4v?83b3>c4I*f3M!|2U-LrMzmQKZOV
zE}2Q8BLT7quI7hMNis?17oAjD5L%Fz?TjyMi51XU7)lP1_dphf_9;^98C#wtd{euM
zpwkiL>P_uR5^}XTbevs96o)Gs$t($7k|bUfn1&T%=qw4{mW2E6k3p7(UdSiIV@lMD
zP_F>_6gn$Hqa@jHHLrnHERdC<v-!!@eybzMDUi2Acq~GuPZ`_?Ay;ccc?vTrJ=+!+
zK;944RHSpFjrYzmDhLfwBuf&Lb)lJ(#EDjaqVIyM^`TZ6&mrX_V$e=gyw-<$F%cax
z$0s}MLsJ!@-#xhnR~te!3Z(pshR$Cg$)Ot<1rk{hi(j7v`5?5oIFmsLPk1-R38Abd
znB+xxGJ<RlZBt|-bTYyH*3jCLtTQt`UYvl=w$Ob=wpZd&<;NixzdA-?)@O}A4rOH`
zPL#4lLAU~`OgagoBgSiGL3W0kOA;^YZblmqvM-b@372OYSse&{$wclcG=<KA&?QBF
z8;RF4CAp~x?a&hWJakWyl&3Ax3FKhNizeTb#I_dviqRLLLILs;bPlEJ3%*R%)_oZ&
zRfX*gLR&WguD%SdsqT~EAV)%*10)vYt5EtHq{H!|ea~Z|r~sJ>o#THai6AFK<yj{}
zziD|o6eEd0?>-&srHF2y&rq`AFU6bm6IN5};GS=2Simnj9eO4-AwZVy#^@`wT9SD2
z)w6h4ALRQ`othM8CdnW_geKNv^44@)>;yR<T7}&XI<HRqo^*@kV(9TZP!~gw-+{Um
z;#-G)%YP*lQHShs`p}J)E1@g_@)`X4B~*xsI9{L67G4Y8c$!?riSm>2D>=})7K+4b
zERh+C{2D5!2>oWq8R+~cG)fWrO@W_4u7`Fj(svMk$qVF0$VHn%c3#Yjml;5AhO#P>
zjFHSekXxZniX<R4=-$n5p*+u#t9UUH^~2qRHQ`WmCT2wRduWx?x&Hubw9xrI)Cuze
zsu$rtw#Wf;Cp51i+et2Ki^3oeQk6^*9@2<(IK}90jtGxoBIw?YJOdowA0U*=cKAfV
z6^#=@;R^v$0e*$Up~lj3#QUQ$O9Dv~&ZtP)pYS~mR-3~)6xrH~_ZicM3rXUagmmGf
zlK8otF8p}eNEd#*Y@|=6lQES}rZA5@{Sio(aMdO<#Y{S92``c)NnCDki>DEbEaBAw
z(g@_qaMPyb3cpPejbFtA$r|nyARR%T3ZGXb_aoe^z!)h<_`W25ymF=rPtNc>j3LPK
zYOLGQuP5XTpJNiS4kMA5U^!R#7p1cW>xg|Nxf38mKyrsqb!I!-_dMYnlEjPTarl*K
z^yYcPkzHimMc)+s;vQV(OBJ5{;fc6W795%94;Sn4_Ymd}4`E_L7#SX?bPf*0JFc)C
z8J-y+v`ZcpK8q4SG1Va~5dKY(cCXlC23!>kr|Zo+x4Pliz(ER!%Ld4sAVpGzxmdWa
z(iw)D`!;lng_{M)dXVDbPKtDc&K8go;a3#NaLy8+fRqf636Re~N`>z$5;fTtM?p%5
z)1mHBEQp*2DH9&5NFLbv38ZXzVt`x)DHl$Iu|BzK3s<*6%7?QD$ODiH;VO!(gq_e{
zoQDh#Ql$N0?7)Cj3Xctt93Yj$(*q<5Bs#o6k#CCOH%&pRgzp4MMUblD-TiDC9@2>c
zsTQ8vpGdsee-`s0km}*D6`8dKr-ndc!jGTCs2P5I#kFSm@sk*}Qsq~juoxiyGIg*{
zICdEOz6<m3w(zS?c(Wq8hT%0okh<a9iae)Cy>O-B?CMRdG?31-;rArL>pJN1X{EhE
zc#k5lE7CB0N|GdT0j_$&Rip6b0C@$Zad_qkvYaHcVpU@}NR#m502v3;G(2D==_H7P
zm2gfN<oWQJ0HGS!EPPRtc##P@M4E@gqsWy%ZfOzD7$7u`Y7x#6AhhS(GL@@Vsa&;6
z<*Ie~@xAr7;m7yZ+lC+CTW^;tzdD2q$?*8?Sch=U*C-ZAq5xJqW+Lt#!c77s5u{@{
z9oikz(e=GkxS%5AFs@q+ozCHUico!j7o=ObcYtgF>7FVUFQtmbOQ~YfBULPVg~v$C
zek^*0@4QYSj2G_?;qucfTy+AIHL4u;3HOsENt}DgdpG^Uaf&3Jw8TdUVgGPKfb0i(
zIlMeT4ucE~CkMzGkfGta6K$D3)OTM185wRBAh$tY4R@QwI-N?Q_uPm5l<=ScNe?nU
zTm)?j#bV8K_~kW_xNs#!HmpOt3o;?xToHOzi^}1oROvH0JdAZrt(+WQi<M2Xyb)`J
zC17WAxLg8<NB34U!d;k{zF=l}fYK@V6lU`n!Oje?RpeYoCU1nVDbgV?lUd<X^Vo8Z
zzWkEL?C=0ZHY0b)&YbXDio}$%MKy#cKKwy|)CZXtKBGuCq-rye`Qcvzq%+8(@ZA6z
z0J1ckHIaQMS0h1|hsy-W1dx^Cm;jj#@=iG8o9wDi8l3M1c`uwNKvsghAMOz#?}4lh
z4_(ZzhM`2!IAL9QrX=yA)qGoQfX@0<xsx2erCe2>Zi|nglN@%JupJ_MKt2fP2#|vy
z8^isVv(DSIZSf7rrts(hIS2A#cuIg=2H6@;lq6n|tKUFA3a?Z;$si9wwue6qkPQ2=
z0-P$$pN2nEIy%gshEE3wg*hdBEkN@8Uu2zqm`&9e$Ip0a&YgSjx##^zUM40c4N=ro
zNF^zgm%Pg_icn1<)CfgQ<E2S645_A!B106RrczBcCQ6y4P-tY5M5!b+@>_fFwa&io
zndk9`&$HG#XYaN5ckO-NF2wmXdC@X<&V|aPvG9}ykj=>_k=zX=1IU)-j;{)vZ!ZyV
zL2ga%E{OW(?j+?Ju-Tg28*LuC8Qz`bWDzF|l^av)@OklN@_Hof`LUb9rYgBSj`Rld
zRdUniq7VCSfv=kb`8qj+6RF`llCO;;>{`=~<iT;|4)FRW`5sOxlUhKWyMcV0{1B4c
zfiSO~$+>Z46wK3I$@2tJazKM&8LsS3E{P-Tt2n!p>y@%ItmHQA8#v!3cSq74TFN5t
zNgg0b5+m%pYI~DMq0L99LBrsDs*|Up%|HFcv8t0-A?Xc$m<I=`PA=y}s%Uj!RRA_{
zCyZ(wt7z4MRl)v%sviib`hkF|*96Ac!Q_((=W{T*_HB_b(x`*U-O4!eHR|W&+XPXb
zPp_klg|`2kJUou%06COg!wGzW8EhE&CAsxGB66GUa8De_;pC2SWEPNLljnXQY-n~L
z37qrM<Wg=U`|xP;&JTrG7r1Bp48%E_ToXqY0r@Strd-%iJ^elTUryvWJeFMdBW5EA
z>-l5JkvPKE5`P4G{;xpK{}t%@<AGzH2psD~;8_0zyiNtYP6fP92fS(nUbO+QGl6!U
z4YccQpk0dU#`Vu)=;u0WdqI>Z;aXEU^kH3foFM)?BX!l;NV34=Rrps|eF4ed8|v^k
zzU!)Mkc_PZU#H|YCz14RB!08Cu3G<NmM{6%MqM?^NuK&K?E2Z=(z<FIl1q0IxkeDB
z6wYuRkK7#z{Tf<bbr2`;n~4*}z3jTG{s|u&O6s*xLAX~xB=lr{U9|)WyK2p@QP)!=
z6~c?2;;yeY;zV9qs;_1tp({)0se^?Vzjpc|9P2!FLL6b&6Oz?=f+)kzPf{wuMpakG
zkt!f5>gG7I7f4k7DUKWkVyI`4+zY+R#LiXKP3)X!D33toWFVeeT`5|@u0FXy8mhm=
zkrqIjsQRbUhIuttFBZiARlXK#TS0ict^%7DYVSDG1xQPECVKV3e6><v5=0rCC9aUS
zQr95)yeE;5(TkqUZ>8=)o8@qio&73kEA<SLk{jzNx4^M3QPs`toMkR9QLjfrxyVra
zaRR@UkPG_{@XAnUaZ;!Zo(0cF0coR(>m>5-Njo+1%3C`%arf6wP1N~zYU1wiGF9Kg
zdzJUty>P7dYSTCZK<S{ijw9^8!xd^rPUL%ASE{Rojq(EAQz!?oO!bH${;bSYQ$FLz
zQm<2z_`3|5YMLO*X_y7$;b58Sc(iHMM9jfVbrvUb4rZzaXhSnDQ+*5L(EQ3&cW@%-
zSEf4gb1{Bser2lVNN9d#s`gfKhR?#2a_p|qRce|b3eC8y)KVlg<E~aWAh{K;I_5wt
zu2w&bBaZ>OMy*ED7uwE#SE!TP=nHW^jId|SI;$5UnG9`bGv!*fEhjUSDD>)VAYIg~
zZNiJqlox<>RR_h9C7g_mBd-IwDKJxdsAa;&zkAX{{XC9*0A4-R@8SpmB}+XNN7zWX
zRXxdx90@(u?p2}>>0O3i>Tp4n>~7+EZ!dKh66(WV>LE_#OzEXI_=?4m_bYp=>70mn
zsW!n0^~QN2E9`CRDsCfZ%58zUbDO%J+sOKUo7(qVb}acDskf;!kWe-6t1d^vel_(A
zIC?*Ivmj~=?##1aP3<2zpZ@A@ZX?d{Tkz_y9uh>E2eW%GkOAsxLDb7|%nwkLce3-5
zV}5`d<3z+cz`dFX;?J*v>Xm{hLqT_0)f=eZj5bvD2C75Rrnru%dIQy^XhT(Rpt_b5
zdGvwmJHm#KmcwxLf$HWs!p8F;bx#~&6=bm5br&BA{H=sPz-x$_#fi-F5OpdN(!<-;
z*}{t->mTsCU0oDM{sS^peOnOqo_gZ#syoyzNFIMlJhOC%x*N&;K;U$gJ5+TyKOZsX
zD;e<w@pCau%|ODQ27d+=V3_)VAS(UN^)Pihl2n+3?2Vpb>Z?dv<H})}x{edshr`tO
zgpEJrhN%^t$Z<GKeYcvOVWF}I?rj;VEb=Fu%vYMgjywwIJY22fM9erF$errw{jyy;
z_>WX4#u4^j(%owH0citWsEk&R#SymS7^Ci~5l3%z7`{vZk?&KV_(^(Q1mpp=D2`+R
z8K>4eC~Z0bnW(ObBb|Uer2hCbw^4Hc6u&t&Sv|=~q4MoNaK&Q-+_hH+9TGO|8z$Yr
zYl>RN$qa@40zfYyQ`IiN2%F5k!e*K}?64qjj)w2XgUzGrI6>4@AS~~XsXI7XsC)?f
zCf2Kusj0s*uR>*GU$~wLUenbnoaCvm17TiIsB1WxuXKG><l+hS3@0;`X9tThmaAGv
z#L?Mvx$Ij6x$1?S6e^4igUC;+y^*X^>Toh!EspcL2W*~Jk8v_X+5a>2D3H18uHQst
zMp(NF)N#KH@_jkn9RO0O4m!q&oK5r80#0Tqnb2cTfX#fhnv*=`CAhoI;uNWAe+Vy{
zaSPO`oXk+>ek|UVUZ7TSlBaqZqBj<(>Yw81kDUi!WQ8~jRGX706h@u_vQQn)$qXeM
z$O0gX)F097%4~Sw0muvLG4x`D*}SNx9_NwOcUy@)Y>7Ha5dK6oJLeKL7YTbJnvo@H
z5t6g}M7v&AtB_PT6gID@9sg#LXDGQ%h0Rj6hLb`i=83PnFH`Lk%%)J;&<ZpYBEPEk
zLt=gh*N1>CSJxn6*O=b}vQpj12|OP@6|U_7c}>m!N5tt1HeUc)t=60r<VGNSfUHq-
zP6_hjb9I#8fUH+b{uRWT1a~W7w@{|uRV&Dz1>$#V-c_d}>1>FZvQh1QM%WxGgsVLe
z=L2;sCo`1#X(C@AsgeJL&Bri)LXi89)M6wn;OHih3U#Pbm$$tTNGg!e)a*KfOihL>
zIY73lrJUp`>{zVlzg8#KWj1*VJ0JFD{SNg2l3uAq>eUlA&%j6!Hg_Z00JBn%iAer}
zK5P%i+M(91&%72Y^TF#HAm6AuCo`14Va&5@DLd6HP6|0;y0J@Lf1WrNvteiWom!C0
z$PDGH%sR@A5a)XpcBq`p{Tsd>17wfdRTX3{lD+CIP70OhdW&4_Q@eziO`-DVkFXj7
zuWEH1Cwbh4#raWHQiRRL2jD&ckOOK7lJkHJ0di2?!%3d<D@0~qht!Q>=9Q;*gX?2V
zZGKTJI4M-Rz~13bu=zzzi*OrGSi6p@Yd9%X9vmS?!f)z!v|+z)Qx0*Csox{{4py*&
z)NlgNp@B^{L_Vet)mUWt)Y%{E7*6u|b7(iFz*Pt}-C#C_igP3U9wK=CsSZNYzXLq+
z3*>KgEs~Ky9tUzlt>I*$axap9)cU4qg?pP&<CAIwPG%@YFy>iKPpVVVrUlqAZ8@dZ
zAYpGeu(qF8>)9gC$8h(Jk$=@pN06rA#d@_?%|~(`k~3;GlK=V$oBz~QmwC-ls*s#j
z$8fSx`2t4WY>1<THY2%!X%vvUp$8i<uZ7B=m%|(AK+X%zLNWxrRscy3Wu7l=p7WBF
z^*~ZWZ*Wqm6gGu5Kafah2a?|~juy&n#JmcX$H1!+Y+|7jBnR+(?2yt_*xU@NwG(W-
z&^1Vo!TxkFkOrZCND8OHFP#Bt6e>o-RQ+!tO+#Ce)Q32=KrRd=?kk&xx~1}C`F9zb
zg~o9*U%9CxJgEz{xmoBHBpDEgk>;TqBtL_So(Ci?H2gvqXTEaR0C+kA$VH(@GeK_n
z7w*^tNe>+T;?N>)vrx&r51ya^n~Osg&6(FiWzZu~Wk4Y_LYZlTuysN+_}4l#90{8{
zjI;|q$w{Hoy?-604Ui6@rATgFoupg^<f>4{MJ!IC@(I-CZa_K*&ga@tmay@A<J!<5
zP8KTc=sn=ywV`|@Z{JWy835#l(5^T#49HEPj27aY;ivYLdw^txvf~Kz>J=(Ok^?p@
za^KMLI5Hl{z);7QB2J60@U9S$J3{$!WEPOSLN!R*L!5a)Mu*bVg%=~t>)ucfk~Tn|
z2l7B@RUCN*$oSA9B-g;P*cm<)YH+cL!w75FBca|%*n6?8U5|yP#u4WAcxVL@_8k7}
zK=MLmapY|vvqL+PbWcrEJ_Pbq=m#Vp!-(1hBtLWr$&=;qMlX=3Lk(Jq^I>E=kY_^u
zkbDTa_#Vi-P;MMK0AxXEJ(9y~;P+gBJQv!7<c3e+*Q|gPhuU8vBF8{U{sZz-C>u%p
z3xroms2B;GU-jV*!7HJyafJ2ivXGh~;%tKRiGWRMC^L@OKwb-tK~e-Yw=s}6LPbcP
zT_MQY&_*Oz-;<=UU&UP)IvGbU1@d;Nduws5e_>{K0`ftq2+5vm7^^@wg*L~L{y?^b
zls4E>$RH!zLS2!34(EI)kZ(d8kyL|bvR~KzE_5W0OaQVslzOR%!)&Gk*&pg1NAiID
z6q<$PVtA^KdHotHk0bMd{2o%;ia5-s7|8KZ$2hVa$f?j&BsI`3{%gM}B}o3lGpw6Z
z6-U^y&P%D+PDExl><m*<+Q$)ghFVHClB+L))fo^wWhs&?@thl`?1>}noSURHx=cjQ
z0IzZ&%~OUVVP32i=_!li2x~>_lwEONp8;u~(%^CthpnvGOt~gyQ5@L`Hl0(_+Y1|}
z`ac4>A!SS)`4vdFlrkiJ--DVAq({n;IFj@ks7*>n2NCBD$Z`zGfRvm#(g4Vil&wha
z1MO`FWLQe%3gN{F^SUc#5Ry$m*s(^X6vYvCtb0@TAh`f^qZN?xDH&IaIE-8lWKv2l
zl4l@JCm@fcY>p$$Yg$T!OyTt?*s%FNBPA=2+z2+gDYKBYgUIX*XQ!0K5!SA!Q;s1i
zhB&NU^HLgJB_cDzycVSNMsgcyLT@0?r4%4p2D5T7kQY)CtLKX;YtV*Ohv8uJVoIZ{
zMP#PxjFhAlBVpQmFOXMK)N6zdBM$;umXeQT$Y%JKJCKzrtvU)DrlK=}yq?k($y+e$
zo&mBZ<u)WtMV|%oX37vGOht=1xeH079C&V-lY5b@ggC<HK_pEx;hAl2Q-XwP=Cy2}
zl2U;r8N6Nxn|D(VAz>=|7Lbi89XpA0j)2VvK;BO&Ktj6uK}rP@rmHM+dCKuPQVCuk
zr=)ilahO6@0jW&shh$tUxK9h@)0F8*m}WAY%_&Qfe2z9-QZ^%DD#}(DpQXU(_Z7Cf
zU}O(?eUUQeIzcYMe0`nL?|Mmo0h@1AhTb5^n=l7Y0NIlg=_-f@y;|>c*af64MY0WS
zVn7b1q}?cNJ_gbN$dQzMB)_7~v6PcY3^+Sxb37%hoA6>9ej$*PDbtZKm0%;GHYKgQ
zuwmp9u=y|L*v*141?T{zPI%}ol3WX<e)td)HglOxI6S6@uwnBn3y2op5l8v~(ZhqX
zgbkY)cL1@&MMxT70<#~86W)e|&6Ed#xZ%W^;)QF_hGvQv9(k*XOf#inSm`MU&6LLB
z>2ZY3l&0afy@U<Tl(g_4NNA>{hmGFChUP`9@cBq+7PJaCLqcP|Rk$}28uM+#6Oqse
zzbw2N361B=!?j3gJa-6Z^btpAgpKDb!^4r#c)li_kAy~V$M6~?G*&x>)BB1zG*-KW
zcl8s5#%j0lk^Yjfv3hejb)X<LR(pj{BB8N5AiQRfu%WSfd${9ZL1?TF3ok`NV|7GW
zA0ljMtd0(kL_%ZrzVIR>G*-uk_Y4(YG*-ul`wbI>#_FW-jyS@`YEF3SaA8AZ_0e#H
zI|ZS!IwQO&j<B)%L^$&<VMAkeW_SV;8kw^KBXf2*A8lx4&JL%I5OHW^=7)D7p^^Da
zc-%-~LmFNf&bV6;8kq~j`Y1tYWIi9h0tsn&arhP_G*({<--d)V{H5>^Bs6+o3XecS
z8vauFJ|r}rUkWcmLgRU9cq0<h@K?jtNN9wYhTD%8=S&*DB0LKTjro<~jYw$BuL>WD
zBW%pS9!?!2;?S6XGn|ElG<;n+2MNuB_2FV9q~ROF<w$5=ycN#5S45_H@lH59TM(KT
zABIcsmxRrWkHhL%L1<oV4y)q?p?R?_T#bb0#g1_Hcws~HVpn(v5}Fr#!d)H|HZ%*W
z!xNFvET{=joFr^$790$($q|HR!QpWC$&#>Ha5StxA_&cbzrqzrXcn9Z51k@x7-6&E
zWVpdpL1-4#hWjBQ#Xb{$1_{lJ{{r*kY<Lyg(7ZSs9yCovW`y->ok+(=1)-UuMk0?%
z!fe8kw$lZnxno53#1W?IR%HDQVMBALLFB#11);gqDDpEBnkh{pzayb}(Ij#b3C)5g
zk+dg79GV4bk?u%n%(sXXBcT!AGE#+vM)<`MC0E2DRlg+C9tn-`OC!UP(0Fbe$wfk=
zw_PMBPsE|o+di^>mLN2GuZ}dBBMIxnPLZWg2|}ayhRD`@K~nd_9T>>_Es-%#3(^Qy
zGE;zLMbhUA5(C0kDZL`8&j>;zykBG$5*p!yB6fkWp%FebG93wx@Zpj5NN9wQjN}#x
zFB;*aBE^dYp%H#>r2BJ{un~TLB;$EOXoOFQ)FPn~{!pa!1z|%YJSQ@}SP&ZFQzP#o
zq47K|lDGnSG_nV6Xgog}DS1)Eq47K;vh*cEXgtr16fBm6<zh}`Pl+Hjo(m!+OC(|A
zd0wRGWkF~>KO6br6+vh`zYsZwglfTy5n8L$2wxnbwK~;;#gUYyA`XrD#Sse$)q=&5
z3y{z(SRCn&gl56ANH!9x1<NA^NN8THh}0mVTCg&bxlA0LX3A@kaY$&Utd5k#5mpP{
zi0nW@Gi6;wc~!)rTChHnfrRGHhDdKDR14mUOhiJn>Fr2qsfa_f>D@@iYl6^hDvy+{
zl7waOlgPN&1)<rrB~t!|AT*n*BIDKwLbGXmr2ASyXf}Nl8UCgqG@HJQ96>^}X<ww@
zI$=Yz>BmSp5}Hj1Bgc`@Y&slSRVKV>HXVtSy)OvOrel$*A4tMx(_fM49|}UV=~N`U
zTo9T~wUM?TNy6&If04A01)<qgCpsJn)r-2(7m(2WsuxY1U-hH!qYaJc`q8~eX!IsW
ze?mfIH92|=35~<#sQrmJ9~yO`=oln4T2i7#NN8+?qh(0woFjoVj7E>64UL~@bZLb+
z7WKRy@G_&#HVGSQml^GegxY0C2Oyz#+0o%hs9kn67YVh?jqXB1?ee1aD#fv=T@9k?
zNT^-s2hOlzbR^nPyBbFAPtR>v<A7Jw=sdKcb~TNDhJ@O6Vf1Sx)UFGodyr7OE{wtt
z8}U6gwX1ow9};R;T68)RYS%^4rAVk<EdpoQGFpu`SHn9{xiD5+Mmug1$NKPlxIzph
zJ>Ye5w20ftrz|dxmT@B9C0_tu7e~M3q%!nBxR%TAPF@oI9?8Em#2vazqQ{XOgrhG8
zuS=q}NXibw)fZ^<CDG7l?0hOipWFd&x^Wv@5dWK>mqZ66q5JO{(aD^M^LY)tGNMmo
z9E#jJS|UhN^&NGTwP4dax(4IW7am$itC3LTHc>bkc0N%$XGtisB-D0EsO^#jyz0~W
zNE>Q<o9Iz~KB8U8@cw(7XstLyzn?FS(l2z-u`Z3)`<(Zo-(#0X+asZNwT)iK$wKA8
zrEskYdZTT$Cz79FB)ku#UGyO&scnVLWzi>)%z_Luo6DmGNT!@hQYwJ7k9OZGM$}V4
zwgb5$`VEreA%a{TJ&t7T-F1{2u<0Ca{)O;b0XD~gbcwc&Bd3Af5M6`hlR|iBAHHRF
zQ?${S!mH=VI*JA4=4d7-^Oe3=iDTUo&Dh3l<||*o9aVNdJ)?G&B#pr9w&)Q~3b{=i
zAOoURUkRIsv0X!>Bex6Eb4nehJJ{S2ZTq#f84TpkX!;ID3KiycFOZQqo8<F#qoWz$
zFq?(SEDyfi1vaCj*K#7BxO<cnFo3_xXi7UVcgD~-tk2dG?8|PFyfw5Ae^TY1Xipxe
zGO3%Dq|61Id!u8Ju>L9H<jFWv0wg>73X-8{GdB8q9AP%&@#q!xx4>vw4P+vcP4#C%
z2G<2hIgp2=n|Yjyq|9ybHEbYLqJLoIkH?E=V5US*B5{_&S2w|CYP9#atbZz#(tzv-
z@@RAw5;j_n0GSazgCu7p+;0N%cr>z8crkJY$P?6K(bQ+*i!NWl7n-75giUBAjButu
zGoxQ2Spn~#>fB~GlFuF{vL8v-N8(A0nbBX6<QygP2a@^FE~aBMqo+8jNE!pZ>hj3m
zE_Q|$Ne_0a!_RqEG%b!a2AkQ@0!}KEm?E_Vk{|tB5PvQ|9j&{Yx77a%&D<!2Ws&O-
zgZ^m)UUQ?@3Y(<tDM?Bukb-D;B#kf^1<_(8*TWfh<~EJKXOYD?WNK3wZN*8YLSt-R
zv^OUe3LR^H^leVW2=4}Q7DOxJNM9g}qOJDG$fJO~80{EG9s;r?I**eIg~r(O==+>h
zDl}S_NB0R5ioPPMOeyFx?+ul*TpIli3C*3-=)V|;=1yrewwHNrQfTz9h&GHPZ1k>*
zrgKuM(5PDz{g@Nb%!WxyKAiK~=q^qQmGv;976Dlw?Xyp|^kpDr(Gi@;KHM11MZ#tr
zn_uro4{;)UwLH4$2Nq|Bvb-osSqX7Ij<&64<deD&3`|ni0r@04i<8RGoae<Ccs_|%
za3XT?F1M+UBb7itjVk+D9AUEy$QRMnIC2ok*U?>^h>>s_$oJ9fe`H=VI|rhZIg!~p
z5S@)SG~a8Yi-nC!xu}UQM=#1nP4rVvWG;S+ZjU1@7l)!hU>wTw5saLtepxJ54o9Lt
zbDKP64y+v5ljldGwSuT_gly^^;B8l%T|gv)B(FIUG2ipl+ZKy4b_C~pp4uF~3C7ko
zN21Ub@K;%%t?<tw(RH=r9Twll*KnWk-<V@LmE;b%FT?cbs2`a<iNS0nVb6~-@|$nN
zo@`{~cc1iv`&KN@F`uw?__>5V8FDW9)+aXajmi)`!+9)vA(8?(L)NRuq8Ui$!@UVX
zItr5Xb@w`o22V{Li}pdX3dvv5QAo;xGzOa!(MOOxkK|;u0Ll08Jln-!b2_>X$xC>w
zf1@7>;_KnR(QRnMG_x&u)kcq^4Xt+0L{B53uY{e6hHBVIsPw-Qe<rZ*JrhmkHuIHh
z)8YHZ5cy1W8Yg1zbOG{Tw15+_LSyQuX!}HDg~mo*?Vunkjg7k6Q6w}k>T0Js$x}($
z>S}d<;%CU8lVMq|tED5M(Na&#Mna>do>qv2MoWFI3<+iDJWW3+B2#uk+M7sdL`Af{
zNN7YwHT`GdMI$PzWg?-RMzvW;D5o*4$syrIqt4K}AfZubXnBX3%?xD=j6>E^Ln}t|
z+fQ&E4*J>DIv!y*6-n>Goj&%wsH2TT@;bcT$)0EPw3m?#guAYcG|)aqG7X-ZX5@UW
z1_?dm+E7bBDk3lJC!R#TK+8l@2J?$~HP)8?CTu#vtYk-TqE&GspBzrrP6)zl_YgSe
z3pM+9<|W_1Xr`reBF4|1VAD+dHjZQiX{jCHL_D272}mnVKgQ$uPgb|q8Y7`u*;;Fb
zgl1)H?Mguunmetvu1IKPw$}Qf7mdu;+8`t}GFxlIIf3uDTmw%`!TGe-_Fx=#m5=4?
zQtg62L`!L8w$-jeLL;-Sc0CdrneDWPk<iGzOv^<=BeR2+`lpCYBQsMIzXM*W(8#<>
zy9RA&WL~A+jf6(#RoXZtG%~NzP9h<->7-r!mpB%U)y`U9Bs5k#Ymae~r``*7nXU9X
zV~@#7)LEN}HdJ>yYlTRt?sV2lkx<>~td(;jM^tC+kRW_S&4!-8R=e`JI73plF4`bY
zij<nalavCm>7xC@iKyMr1G!GC<wR&yDUchrjK5i&Cza=61<N%277hLje--sVfOZKo
zireHVO<|Ri0$ILAo4`qB=)X2%7a+aDw<Mv>6mC-yD#exXE!sTv8UU4()ty_k#Yk?3
z4isb+lGotcyCCl(`Nk)kk(BtP3dv_a*(FHQaUiUM+@c*vasvA2T_8O)5$8#DBYO4F
zM4TtpgFd<B1n(a;3BI~2ye{XYBI(+1;YldysUBK)PAZdn0bxDXLz{|Z7kmqa^;i$B
zf|F0`GV&2W`bGb+$Q4O#p;tcxlBM<LBu{M(`xF+Zr*=1zufGzJdusO!qHNhsWFaS&
zNq0i8vdBHP&yn<lUS*`020v#E$C4wex26liN7T1q(?>grHZ-Dc(|Vs0UQ{b@({>8t
z*UH;82+JbZXK$aeC!&dLiXH;ZWUc7y+c1@2yEaLfCNR>^w_$Uc^;m!H5FTqjym7D>
z&al64^ZfyM;tXsC_=G7*4cH9Onw;k6oOF8^5qY4Nfy9AlQ<>Kwtpg|WD%K$FdQQX_
z8re)4r1gp;Y^Ds=hKo4-_v~0p@6>9M(9!SG^ncmW<%}DlHI5@J&S))zlT9l1Pqx;P
zlM01qT(*`~D|(*#CtDlIiKrJxA<q5UxH!Vjd7L(n6FIvlYD+k&P-s?8);4fbsnEQb
ztnENT*?B}8lmxHez-aj%`+17ChyUbpr9!<rMaw=<*if%d)yk3up?po%dZjQ@k@PdH
z*;Yc&Ptyh=*#TGi7<p71jU??4Ve^>w5R%>Sgg>*Hu04rlLQ);&G_-VvR>Fx;ewNcG
zwMbYTYw7DyrNQP&EeFYmK$w!u)RrRo3+_}zwlR{JuUUb7<!g%~JhGpiLM=@bEu|S(
zsMR8&88<JG!TH+A823u5c?7Od!O@GfG+mHmu*yB3lV3QISze(19Y<J}7inz`<|VUS
ztX<2A@JfX^OSD@!k$Hbv8_r3kN(%Y1wu2Kn4qw*NP0=nI2`_6Et{^lLUeT(~7lcN_
zE83z91fiL`RD;ulzsmaOt%B!!VRkRo7B^xx;tW9&lx5nwIMNc%`Bm-XIMN!(a_wXs
zVOJqmY9|}>IPmQoQJY@VGMWg&?rkx(c}*LDWO^S_mtWJyAXx|Z@!4AvuW9R%Y{sk2
ztF$AW%uq_vW|fxOltnI7{(-mHI>7m?)@E@sL-`e+M7<iw>)J+6^86M48(KlC@KRSM
zDP6$k4Q*>2xf#ehEpnkaXSPP_59A$fC?_+NL%+g1nw*q#Qm7n<b}_Gwn#zCVw@_KU
zSdfpk-kjtq+o7V31e?v;BD7%{%m(tARuM-Y2C_{%hUEPLNeUz1YH9q(f(sQl4X!8x
z*{cobBu`xfUCP!rKWf=%^ItVQAqh4=YM%%je^q%<t4164?#UvsIjBX_L~pQnMoNJE
zqGcj!wI80~269Bp=Oj<rFdO;?$RAp13(-GsgQ_!fT+8J@F`TDZurg=lA5HuaaGt_e
z<{tt%t+l;Gcri6*Hnp1CT9B<^vl+-)EsK*v#e#PkwgE|sjYCoc?<MU4a$c-U8*$F+
z`S5$1K*F(+NGhQfjOekYNDeiCFU<mRV)muNYaR5@e?TsXWg+<oZ7z%zAsPG|)VL~G
z;m4{u$x~Xw-ki0fbu6o`IOjod&A|nmOJl2$ur)2Sxh$r)6UVv$^f?u5+Q)h$`5xXe
zWRWvtWk{x_iILDbRue~Fg`LX{v9_0qIPY8tdkgUD8p}a){WZet#@Nz0!n|&YMJ^X!
z`!j`Ck61?}OZy40tk{@1!o2##)b_&5g?DP$8QvCaA4e_)GAOnN$?;Yq@{m{!k{w8H
zk9Fz5;^Zl8*T#BdXlyP2$z!>;xg%CC2w&TDfXKsQ5&k2{a{o0v){B!og*`LC=HT$y
zNVK8V&hS_@Cvu%IJT^O%ADzE<+z}!Vk1gV)GKsYA&e*F7Hh0A~B-o6IRUlzw^#+JD
zG6s!;zl!?xS|@QbDwcQ`cuY*ciXFW|A)7I=v7889WoyxUF-~QDihOS@C&4Q_mVPyl
zleDO<(8C7;amL0vaGT1|*w^9ro8Sz`#yTOH0)$;@9~<k2WM40#660b$ksJcTbbefH
zASdz+$H&HSvQSwCM;`!@$H(R(xqNAo@;@LC#!8X&X_=&q0x|)6L&ljDTX79*h0M;R
z*al97%{cIy6g$L;?6HSqcXyN-WIZ-HHa3pztHa1FPNdhASldpb$97zrq&xzVr^Rvw
z@pJK5pbuxnjwIO32-rLk8`POc_TxMeuz508nPBr|z-DHwD#2!EtU(uX&JSHKvOGKB
zH7AzJZDf|`#L|&amgmIUAsNw0jD)9RS0Q;22pb7c#jZ#41+EzLW49pL354DC$PZ-j
z=~zE*vrst&_v3P*SD%ihU&qdQq0;0ExULRlZmjL~g4_gm@fH9nh>g5KkfY$$8Qxl*
z7u$s-0$$yK%#VH0RoFBF#V!G_1+gEI{Qe4jeG$mQ*y%X32FSB9>qg<lddx_LwN@-O
zj=Tdl&&9eTDTY~44&;ScYB%A<#_E?q7RMTNXQWWMYI2gY1)jryIo2_buy>P}#)c!Q
zJ^^1f1Fu&D^Sv~dD{TBX=1OBbIFTc>G&bmFb}aZ6Droyp5NBnqm=kzw9>@tGZv^uG
zW^C;({0#lbZ^qu|M2v)bu-kkywh0Lv31LozBFQ<pE>^{D<oT=%9BV@?y$3s%wAm1_
zd7D%#y8E>x#e!o=au5hx*ZHLW^Y9)kduRXc*gPItoX`2-RTeAfq%w(Y-i_Up#g1MX
zqR8*X=q@=$elIqW+f*d&g*$!CA<lcTa!y3#wm?3JoxwPvcf^(dO|km7ipa08AreK>
zISMNo81tKA4w7+jmqC!mNNU35brF)E8xm=a<a>DM8iGTdOipCaZ;E}uiM$K5DYi*?
z`S-{+#lFNibS1em_KhI^J+jK!UL<stuQK)v#-aN%m9alKk@sajjn&2xc3<YRSg7Z@
zBkIdoDktLYPWFb#m$7b09C)*Xk*{Ktk+798d;elbtON-=I(zfw+t@B7L*QC2v)LKb
zd$D7|SFE9WvN*eAmm%qZk@v*zM#6R_%<G3(E)upHWMqFVy|;){>%#K_kmUohd?akG
z#cY0xtwC}-tjBtT&CjvJNZ8(-9sO{u7D<0R`q5b9J|Z&PH?cU!VqG~YRPsy2dmMkp
z79sf+b{y=@j=us5c|3MR*!c7Gc<h?nSY$C0*q-QkY;qi7747d>J}2U8#$Y(-zhf_O
zQmN84;S;e^By`>QL~Mf~{(AmItP%-bB|Z`R8olT$@rl@XNND_=h#f*Nwg+MR_Y<)O
zec3rzDs)ZwpI8?pbWQl5*f=CCr_AeQtON;N?>!aUgM_a4o{rV)CnD4J-qW!RBy{EW
zbZih3x^jCuc58p(MNj*jOW2*Ge`B``8@`4d27Oo?n~Yv`ee6tZJ|}VoawfKz6OkQu
zmF7$=@hXj?Ctjtgr@zL%<ZeBrm*cT$Cmzyg4HD-}JMk2K`Vc{AC!V5jMMBqP!ulUb
zXm1|Y({E>9Qc1%4^PET}3G0bU64sY+n@ay~dqgi4#8;Atz6J@6gowUT5QUT^qE~Pt
zl_aWfiz7@)bbSvevR7^W5GS%%Z9TD9y+E&CpdaU6vR6}eb*Shu>eW=e>W*`J^+G*=
z__@7$VW3x=>ATQ|dbODzx%1p!ZKluTMD}X4K(98_pW`;NSDWi4g804KTrWjJz1mz~
zFNoi(&Gn6($X-p;KaC@-S6k{kIFY@2iT*1mQlBr;8{EZOu}~p>Zlm9ag!H+cz6c5F
z^X2+hB&5&n^?D;j9Mb12^mHVo&sXV_k&r%j)E6NkeeSFeA1UIHK6lZJkdQuKua_Yq
zeeSCNiG=j|COv$&h(r2(i{1$d>GQ36;@YN{p3QA!kM+_waw4_2mwq~qFzxNFM@O+^
zN$u^eH{wKUZy)_)B&5B4^eY7MwYQIc6B5$iK6*d&BJJ&?-;RXFMjw3)dXe__(H9{h
z?Y&JeM?%_rn|=%lX>VUWbu?>5CI5yJQ{#U6P$Z<i{q<ZVq`m$1RY*vC`|G=qkoNZ1
zYsQGkq`l`7ro997KZOm~-cg{v19kl#;YHdzNN>f7%+4VF3QnX-3<{{k?E#e-reDv!
zq)Lp`2jQ_uB}VG0+2ZJ=y?5&k9uS1I_wIm7jM7J<4XMN^eGw;8dq?R_#<Dn4B}N5Q
zVw8Rnw~;C_TF(%~SBcSjdn7axMhCQawBCi=NR=3)_lP4*CGOJ)aUy$ltUi_#sS;!L
zVkD#z59+@oA(fb<HyX#<wUBERTg5%B_eMf0k)zK-LMriyz6uGc#5Da35>kojdZY0o
zGO5Jl`aMWUC35u=B%~5~dIb_viCOx8NJu4~(!B>oWKxN_`prm4B?<#7F<;N&HnPX&
z>zg@|DluO_Zvu-f^IoK%&xurtB0ZfGsS*qH4oFBP7U<Ut;;Y00y)P0{i3R#_^dgm5
zppQmEV`G6n5xqzy7U)ZnkV-7nw;~~xSg6+`A(ePm&zQ*CB~@aPJ_ZS?#B+K95>koh
z^fDx*63^*1NJu4~)1Q1uL?)FumoSxhUY{>)xJuj)D)EB87QIL%iuKPqk=ZHMcXA?C
zqBx)uivue0ihh85NtGzoPvWsiB}(=3$>N+zC06KVQv@NESP@W(m3qCY!iH30rJl)&
z94#yLm7GYGSQ$`>mHJu{$6uknrk4rgtHf)1IT9KPujyL_@z)Zs={q=)DzQrcA&xMW
zctbzJiR{&NdfjQP6;dVE>1~maO1z~%frM1z9eoWFT1&jA*B~L4*r+#pR756~_(1Q1
zgjC`qy$}hhM1{Tv38_S-eg+At#AdzyV<IxC#Ao^-B%~5s^?680CAR6WAt9C6uJ1)c
zD)CJ~C3fnO>Fijt$9C#NIgu){Q-3~=u(iZ4eKjXiC3fi>Igu){Ti=3&RARUOtsuTi
z?ACuqLMpLaKaO6c61(+(k<i%Kt*bNGIam5mo$b~$k&sG!rw>O$D)F6OfP_@yd%YY9
z?c?_7wMa-M_UdVmi(`>W?A5c7kV@>;bC8fq?A1>`A-qT>&LvDG_UY&4avQD^6G0_@
z(9;C*pPH`LJ98qlQ?1{^iByT|fJz()sKn3u0PZDK;)tG&$0C(DqPL$Z&Y4u=sD5mg
zAfysU11j;G-f_0DA(i+|AIFJQiQn`SoJf`UEua#=>1RY7UnPFm>&@YjeU<oKk07Cu
z@VnkX5ML#J*Hbx>DsfD|B#tnZ_)E{^ME2@GdM{3-O8lcwL_#WYTK^OYsl*xm2oh3>
zvwG@N?3@=Wq!NlT2nne~9b+mIQi=M;7f47YRO1K|Qi&9!`_m#asYJvmM?xy088t{q
zC3K_7T;WA3VHs_akV?45T}VhJ&NpUpBCiNtVC+FcSA-fFiMx`<M%!oDv1G3{HfC@l
zm87xpVH{yf(!|)#iBys%#(qwuk~B4bLqbZ@)c98rUrCx8kpgz~O8<U$Q{#L={3lwQ
z8mUNV{4_N((2Ld^O^u;QNJ&zSTqL9<sm6LFq$C#_HAqNFni;8u;(SO+nj77bkdibv
z#vvgkX>JrFAth;U+&NFgAtgDNFeOPd#tIv*BvU|1E;61*FIsQ3FqU&7v(v&@$B9&u
z7DnQ=i;IoKD?+V}54o3AlFN)8cq~$q%Z%a$;+#oIE;ovv6@--JawGAIP<x{qZAeMl
z8}=gRC6%PTk;jQtlJ-X86`}UV)7(bxN;()tg7`|(!6-&TBcX#)Du}Nn9gH=cNF}+#
zcrT7HCArGj%!%yPPR0+MNG0iHM4n@<kk>A{7{ic|lH6eABOxWZ(I`hkO47|ZiG-A-
zyV2-*5t)>vhjBj=Qj(rVJ`z%r-o|buq$IZ)`U@fsDM>%0JrYuq0mcJJNJ$18Gm(&z
z3^m?CLP|0$pb~c)hq#UGu{({cie;ABb>lmYhvNuSiMxzBoJf_p%Xp3xsS+cMSCNoP
zj4;*-;;Y06qXG%7H%1s=p%<+;Mi{%0(AXGZ)Swrs#0bNFk)5-=ZamWHh=f#Pq>+t;
zRN`)<7zwGwC}S5AQi;)q@{)*5DlytfM?xww+USRbRARJ|Q6juZCC(*GCB_(63mdKy
zkAq6wV+=wsQi*$w2RV`1xz{M-M5@HS0hPEvpc3Pa67D5c;vr)_9*b1sA!F(*;+#n(
z9yT(U2|_CIa6lz;j9j!KmB=y5IFTxmV|0F%#gQtJ6Htj9<3?^HRbsM{C5W#QlZ}2z
zXe3NFh701W#AIU(CsHLIF($+jrV`VP>72-3onbu7iByRh#zrI#-l@qoV#`@87V>)&
z>`u*0qdgK*iP^>&B%~5^j1nZI68T025>kn045w5?CY6|Hv`0cJQDl^@5H_R|3ym%-
z1tFDKWQ;^YD)GGW5)x907mYPYNF_>)ACZtsyke-YvB+}0vCPOuLhFrJ14^>os1i2*
z9jN8Tg{xQ`F%p=PEH{S55vC-i#)F(lB`Gy#a3Ymtg)tWiDai`s1wnizSz)X~LQ1m2
zcn7^mNmdx;NND`5Ft(x>Dai_>77494RvKxmSt}~}7oph|&Xq<#B%~y-8M#PENmd!<
zNJvRm8;6jPlB_oL*F|JflGR2>B%~y(jde&!NzNrqNnSTT5;j~(W`mNvVf=tzq$F#M
zT22a;j&Q${eW`Da(eDkB<<H@5xB~E6Yg8clVF^5m0Hn-lu}0VoS|Psr`@S(8$=C4S
z%^I-z$T%#BpZ5ym1Se9XDgqkyX+WbsH|nfq$C4UVWi;SK>?_&Rp;bopI?-dKQC}Im
zHV8r*^;JNlwi{`02^-R=?ZzNZq(*HwKI24c)b@ZzZ8yFWar`~e*TybEe2x0rs769#
z>}%tQAihR@Z5-!BYSa$nY#d=4wbO{a&CXeB)b~bnPNYVCZ}dh&8nw@O1qrQW_8V15
zNTUuI^~zXexhJYIIwB#BI%o_>LK^jpu@(tw)Dfc!32D@CM&oxxWYVZ(Mn5E^QGXga
zNJyiO8*d^Zjrzy<90_UEY2yqM(x@{5{W)u7ynAksoi(O$BK7C2@m?HZ`lFa%aw7Fd
zG52yJ^(V<ZjD++j$^1tUUw@KJ^*wfUx!*}L9YOs4PLkOO35|^;GabE1f0E2WNJxL`
znA4HaN~Vsv1_|j;U9%bq=}$eg(MEATq(Ak|u1H9K>YLd}NPp^^i;$51)HhpvAmWhz
zoJ*MgoM*NdHe7$+1x-jcZ$mHAAJxp}M2=_G%;7|;glZ=4cfw}kekW$;axbY8wz&w8
zMJpNG9R86wXHp5rZ1jmBq!NyqxZiQjF=#_7;hM#qNR@ESW)&=sR0-Ei-0!&N#oR`&
zWIVI2Aihd?W+oCE37*+i5ML!cGm8_c5)I6OafGSF1?EUjWUn?gr*I-wqN!PegjAxL
z`85(!iHppWNJu4Gni-o|OQlMrn<J5sO0+WbkdR8WHs3}<D$&;5g@jb%GIRK+A~LB&
zdoyFRAfyskn7xsZN@SXIkdR7TV-_PJmFR4iAt9Bx&aCD{u4Ha7r*C1$DpY7C)74D8
za&n`Y`Wd(JE82}_FHWSA+-N=>N0^dyGfOy;O47}IgA=JFH<=rekdoYFZV|*+lAFx$
zkkCrzCi7?XqLs`|=5I)7{M=;Lq8BO2O=iaDtQB%k)ZOfdgp{PanTv#!<Ysd{5>k>|
z%wtGMNqU$Kwu;E4Bt6V7NJvR~nAu23NqU%<eIdL^NzNrqNwUl?!iFo!N1!CPns=ZV
zDM?Q=hZ8yGdz!hNNG0hRP?A0YCFyS#a4)GOL(HXkEK-soW_Fc0XHt^e&5_#$Atkvz
zpd>@hHE2UhGSsZ$L@LQp^WLvn9H}Hj14=T~9M5f}lKjui5yV%L|C!T~&`9{7nJ<X1
zB>yvuIFU+nhq*Y8FeSOuT*Zm()w|74IFU+nw|NW+Dajb~h8?UGa!+)hnT>>$<bHD%
z6510zU>-t3N;1xjd?VtJZcH%SA|c(FWM=IYHl!O5n@5n4ZcH}yUBZTRV~UxDgmmLk
zb2t*xjTz=VB%~X;=0;AWZseJnyIEwZ8#4pCG0R*pY<%6AWuEsP^OCwT%j_CQm~PBA
z2Xi8IW41Yl6R8_>%!iSXZp<<B1o3raj`=JS(v3OhtLR0#F~?kughtC8b0d0@Zp<-{
zA)yt>Q)YwjSu5lY=qWP`3F$_@IUNb<#?xjw64H&i<{>1c8*@#4kBCgVG1u&fgmh!B
zxoEGjA>BBaFx_~@d{x+R-PjDeQD9c07wJZ!xt|j`!VAr#oJid$4CqEtKsOedr?{8Y
zjTcRQpEyI(jTg<6)q;?2ykyq?C<y7sO99<jY<52&Y)Cg2n^QTFy0O@-Q^RbeZY&Py
z#$q$XZKQ6Ln7SaoZj_h}kkCjdG1CO`b)&@0;6&=i67$M9!gOP)*_9L7tEJ{pPNZ&>
znq^36z44kE`H8hcKJ~HM?1F?;;&n3{38};yvj7RH#5!|55>kl`X4*j!d3`GUz6v}m
z`?i^jgjAx;EJZ>p@vd2egjC{vGwo*)hcuzw?8ixw@(n&q{IQvjq#Zs3yeXgwpPC!F
zjqIOK&2Ko7n((P<9b(6lS>9}>b0Rfivw0;aQWLhA-H?zbY%%)_;%mYda}*NNge~SI
z^de2zVopUuBVmg<3%y7awwN1{kS2U))*zv^#AjxMUsx+D`LovSI?3l|7825gt!6$F
z(u6O}^+-q)zA*P7Ax-$gR1b^DqzPY`V~~(0oJ*J{d}%%;Y`7+D15MawE<`WVger3_
zCo(%#=KGvTO{fZJ!q)*!*lBLzUQ!eGnALbJ(u6(c=A)t&qzQY?t-lLGngC>oAoN`B
zKC{6wK}Zw!nOU5O`SmTdYoB=+5>}TP*>C0}VfkXeQc+{Rh=kQ;_Nx#F%~eQPKQo)3
z&7ps=V~MBbS)5<Y=}0<Y<Rj)%By7epuis7kPvLd)O8Bid@cP5-jfCZk+5BaeAYoZ%
z<ZrVANehU~$Uo*GBy3jx3~^4G&HfUR$H24k$AHwD8JvhY$j<PLsT^lEMao)uGx`J&
z#oCU9%}N%zo|U-5KhHYEZR8w0&uaEJizDY?vekhTF$d2=<YcQWCzbF^cj8SG)#`(U
zo|adwI|T9PplXdpLUT~HrlJ?kLDhN!3C%&(nuT682UV*K3C+QfmH54skX4N~RF_k%
z#P6kqE&T**X{AEnOVO+ck<dIfti<o7nAUW(p?PXriQh{xtx~k1@1@vQEfV@(ifg6+
zBaTk9+p~Hjq1o+Oua9DH1XhOVdnq3EPl&$U<yn)2SBSos;#u1|3orU!iX`;C6wjKB
z$0FT0moVLEV9gXZTsP`(hwuMb%g~E-qoK8t6FFKMS~r|z?UHr5p>+!<@>^#Ot-gZz
zRrmsGm;bG^3#{AGi_KH^&BhC?5uC^>+{k($j<71+l-jP+SKXRZWWUFnTl6+l9)9br
zd7uxQQ=Aa>p(NCY&8;c?=u#n@TQlPb`|>~wEAh(%t*jN?Mk?f`Ryil~I|G+m4NkE>
zl;0V+)XL&SUID(;TK}&YKcu2<tsS+3kczgorv4`gX=XcX7bh}b?W|#EnT^a>yFk9$
zS);g3rJt|Ms8{`bT^7jKW!3}SOXllxYjPZ6`MQGo+0WP26xq+$)q#9n9mv<!6vxk(
zB$ThKtvr5onXjt@`RWwN*LBuB?j`fp%_`+Y=Bt|pzh`q!zPefMIg$D5W);_AHu4K0
zH(49&3PSn1$r@Q-5Xx6~>qAatjq7gxfP`vX56e1_d5OIz)A^oOD<o9odRrZlP>t(j
z9YMkrl2wqtmYyu)P>ma4wMRlVZm?B_WOPW>xZABps_>#3_djb95~^{-tc^&h#@%UE
zBcU2M!nz<N;!uqnWwqs`Na+TZF#`HC+A2Z9R-Wvf$5>M%%u80i`>a7xL8$7D4OG4H
z))a0dS3Bda`J9Nc!S2wFx2oa@+n+vY9pFUP!3V8BIgxd6f^`-N)xil?L}TYu>DR#t
zR%0Yo2Pasq1o5wsPq5k{p*lFh%0w@!gA=SVNT?1@4AjAiRsq^j9h?-XgAZBdXhU^y
za-a@Q4b;JDR$5H7i|XLCKpmWBWuXn#!N;r;Bvc1ySX+@$9emt6j)dyq<JS2)KbBty
zAE*BDRpN2KR#F|5UZmlVTa7RdX~N@HQ$hSMBA!cF9el!SEo^ulG+`X(T0PK<>fn>s
za89JIK56~JiPY661G@U8bxg$Zbv2LL<?CvmbrO$7buiCT4AvV`S7%z`IKp&w4(Xw<
zt8*!`-(z#hCPZ~`ZlDk6`aMs5I5*ITbFBva=u%hb26VMBpsNe4H0~vJ^?56k6RE4u
zTLq$B{&%0Aw<?4Uf5MjC34Pwmu*Eo}I{1Q><p@H$`hs=b6@+xP*y`;uBJ)*j?dC-0
zt2mIaV(LRbJ1+*Z^P*MF<H+p1Wc?aPSaz0JCpnSzbQ$Hs&(|_KmY*-*#?RNXK)#j*
z^0h3GuVt3fK(?K|ak(szuhKxiR#_45CG)k`O65f6Yps>TiCnj=wN?omKVNGt`vQ>*
z%GaA#`$mFLzTUL<G!}&NwJuNx*I8FKVK(CFHC7AW3e>@OtVw7?b?`ka7YWtDjaK)j
zA`aET53Fn?R0lt@3Xo78tgxo03a>VIh&otlZA3zKaI=+pp|GJk_?a~n3Dv=^)^sFP
z2fwu5MM8D(D{Ct!vJP&yGMll;a`*SOrCcNk?f$;CHX@-q_+6k5?y*jB8(9bUSVjvL
zN7lhTR?j%X>fm1MPEKSU+-r^FMApH5)-)tk2lrWX1o7+OKI;V}R0sE2rRYWb!F|>n
zNT?3(v&ztm>fk=>5E80`KLqOF50>7NwM$-;sSeb^{Z<#Wp*mO-sDnQT>fj-3DSA;I
zJQS#dhpeq=Lv`@5m6|Tjhw9)FD+>wL!K2nhBvc2F`m>w%gGZ@<e3g(kR0oe*&xttx
z+W4qdjD+goQEM?Ci}r)(5>^L)vsMcmUI)*II{3TwIeJkYJZ4pMB6anc)$?N3QmL!Q
z0=jz4>W?<`?dw0Rp`1vC{DWHRYwsV{NMYk&r~Sjq=0s}mpVq^1glX^Jw43mi_7p|-
z`|uR0v9GkJ{GO*?Jr(HHQ-NMRW##gt%gT5vptQ9CrB&<#?j@DBzP*$askHU&TG1}Q
zGS;`-wh|+XuCvv*XJz0R!!OL7XXm#Tgp~F?yTPS`kkTgG6FHF?Ot#N(A~Tq5C+_Hz
z?Rsr_9DgOF+KDq)wG;ED+7a$0^A)naIKuK3vGHn#pD&#v`}xwz#?O~-(~6PurQ3<K
zK(`ZTfo`Yqqsx5hcH)lSvJ-dop52yv$$T}kyK*A))yOUu?eg>0$gUDLer0TAXI_48
zz8c$u+Mk=R#<p_Bx%p~h59LJWtBL&`Co*460{LoU?-z0Wd^M$B_2*a9K)#yVzi=;^
zuT=YZ9AWutPPy>&)siCn`D#fve!f};^3^hsua<#)wX~D2WW6Et)iRK;R)KuAv7_8e
z=Ie4hjT4!#%k8P0$d%0H_8MX1=j(FYzWUsJwYM8wb8f!c+oc`P%~uDTu2Hjj%GNC%
z?0TJ;ja<oO+5?f$RqJc)iAZQA)5*?7LMxfhc4lW0hgLFO?4d|#C3Ay49SN;uy4e}m
z3a>R6ij_=vdmIv4$=qU}L_#Z>EW1$`;YBN%o^}@`w36v<CtkJgYft4iawXHx)~{o6
zij<<g;wpN7dm<9r;}5iVT`z3<m&2D)pvQ*Tl{W}NYnwal#4Fpw?cceL7#nOyKitmf
z%Dm)ExzoOu6S<PP)9%TMT*=&J-;RV<GI!Zy1o2lgciEGX&`RbmI}g2RC3BbkG!k0L
z++`P`7p-LOvMZ3#N@j$ecx8KpeFSZ2M?ca|ys~|_-RMTvQh8;2jGcI8`#wAI%67Ir
z9ldBJlWiwn+0M30(S}ws57@OxXeBewPVXj;PAi%5c5fuKk{NF&UfCW`{o|{|czcrY
z@~>=<_jQAIqms}{X1qNak3}n)a|v6?JZR4pHhd+M3M-ij_A>OMmCQtYBPVjSOtib*
z#M&iwbz(qQC)&4i8@X<oMD6l*b&}m**!b&~N%sFZk-GYjJtmGYU7bvA_jPp|MfQ7a
znw@xMds?6mr%@b#H7E)7A$aklOI@87(ADVyUCp&;a4)H=v+YHkNL`(69~15J>)>oV
zt-Ba4v~HPg=ied-?GWeKt9l4R>y|lozgq>Nb<0!s8ct-sp0cm*$!ui4o(kmaDf>EZ
zBlDF{z3S&HKaj6{`)2MX^YygdFOIN$6;MC>`6{Bwe!hwV`6>$JtBB(G`I3b4Rb=1E
zk1q376v)@JfqcDS-_N~dzDn#|PGr7H>^-7ge!fa<y_e{D%2$b<(?<}>*AjctZGup~
zme^hT2}1dLIZy{*wu`xqtb@w}b+FVvg*H?NSK4ZS7I~pUb?`NN7ZR$2tL<7OR0r4C
zsRM);)xmZ4NhIuf33m5(gWYAIu%SBmwp}zx5UPXk*kwql4!&paK|*!#ecK%@yl6*X
zZl`l1>)=Or84{|4AKQ(FFfX~sudt`zE(q1ZPwlLsf>0g&JWvO}u;+6dF*aBo{KBq^
zBWy?irG0=CSqHzg|Kvp0!EN?gBvc2t*^&RTqsuGX+w8_js19zkTM6P{+1_TiLqc_M
zo1KYXR0p@&V~|iCtP0e@D!Tw}s1AM=sDs<>a<rix{WpO+xGPWxciU-qh;~sO+#RTc
zyX`Erp*r}zU4n$_;9h$x5~_py?BhtN4(<!o!F|*}zDn$~&mYFm$FGC?0-7KRX~I6c
zvGDS*Y@bV59sI$*MA+~;*b?eswS6;sQ61cG59dVc>VErMPNc5x59sQCJ8?(<Bel!d
z)gSG>cr3cI{iFR8CsJ1r*vH}s)769a8R6ycTn>|p`bvA4j^+2EZ{zPc4hMSmaG+Nu
zp<X>~*B{PuA(i%UKxvN#l=ctX;9gQ`PuS_4NToetPv=DLI8NB>g^j=CIAN<J#K<J2
z{l`upDF`X;KlYlt1tFz9X-7uMb7u4Xr2P~pGJ_`r89Zsv<2JG~o}ym$Gk7YH!Bh70
z+)HNgw7o2juneA|e)jW~<e(<_`ATvUS29UX;w(sV5}$LBgz}Z-yvdI)^OfWz?&#||
zi934L`G9-Ld_|odoXC7dos7|}S7pAU&TvlTJ>RHPagWFa<x6um-zx~^OLGQg3qtvd
zIf*;On6sYS$jWFsi91BcG45w^#FK>VxhBs^MM9OaffIQ^*idC`=(I&bm9eqY4+&Mq
zRHx%u;Z@X2RK{jbE)uGYY0k-U!iFki3#ZX|L8vmOJ6(`aWo+d<f`lq#Yo~w{SsB|n
zsSmO^a))@SlZ%9Qi0zz16NC*_#`ezEiGomN%ybfWh*vw-BxWNk<JC^@IKpPiHO>f5
zWM#a@d5{xX89O?UA)(6H(a9IY-ywE%UPMBbv7@sRy=aHn(OHXxDq}~d485o_c61IQ
zp~~3FN!%fJa`cB-yX3X*&Q9VE@mi+~+E8V@-bvgc-smLm5W6``(Tgf$Hz#q2*v;9B
zHdGnAJE;$g^P$Rki<5<fDq|04A`+^MJ)FcHVh`#cUnP1t&j~NTGWG~)f+VB~J)9Ce
z7VQwvC9E=LIj;*FUK!g!WxUndie6M1dpb3o$jaE$`Ckresnpe;PU4l)o=#$A?B$H)
zUQ%g$QA>TL?d4<(8-LH(%bCcDRNCIoV{wEjZC_GRUug$YWWNswl8s*(2L^g|V4zne
zp<W&6<nyCTr5zYh+93g@y~A0=y`<8Pa8_|5m3D+vZ!+susk9@UOirZIj&Sm);26Ve
z-6Ne<Qw1TV9qF`xR1i|yyB&I#hRrW_E$(iofZIr=9pn6igs#Qi=QMnb#gR&TzmtK4
zl=cBfpDt`jX~#M3k&x0(a0VeErG3a*G(&jx>@Acw$JvF1l=cy);BjF?N;}nAkA#%=
zQD+wtQrhW`{e<u$rG3Il<3uWLuCoUT?LnS&hUPLaxd)l)ROJam_ZjCnOJ@o~N;@~8
zv<1#L+(zDKEO3r;BDJ@`X*G+*k+Z4L>BNcD-a;pf6RExPoWV#)d*?Z$1o5?Zp7Ssg
z(%yMaE_#vn&U2nZLfSjeDMByO-g!<164KuJ0qvdd96=k}l@tZEcY)JrHfyQ8I=3jG
zy)Oi`x7eAEUZlOn0qrezO3{Y2_a&zm32ASMlRifrowRp}(;EqC?-GaZp3r^9CDcE@
zZY*&o2`^uJmpF7kg|5ymadOaxRAPxU6^}*QdoE$x`?51f*l_Lb0NVSCQ;J@sy-S^P
zPUL7=>Rj;@YnRmCr2*|-8qnTlPABdqwRah{)Ysl+&W*yx*WP8$t(-{hebpHhN0|1m
zAYJvfcQr-!`*5|dtMmlU>Oilq4)p5kK(DTL?&e3A+PgZSy=wy6yWSbky`=WO<ILhj
zYVSKvwP=@r{pTIW&KKi{%?tJf&O6SSxq{Ft_g!b!GlG!zzU%0Pf{^yU=VWstGx(nK
zD<?98?*%gWp7W=O<L~}9Qm^{?+8D^!M&~s5lKFbysXvdMk02~x<&+CQUlkPD&sPQ6
z__eYkkgtkBzA6Iws&GtxbeXS;K)yZ=<m+>%3HOrus&d+MBJ)+{<coIs`Koftg^j<9
zta8#8oSUz&ob-j~=Ibk`?AdekwcW87F(RKt-R_J*;@~?G-#Gb5s8;TB-a|sy>%Mcg
zBB5IOy|d~$5t(Y`UZ)BP)yit;I1;Lr2b}gV2(RJz1kO)R4ic)BKRfxw!iH+)FU}ey
zR4adVb|9fzdDKa~Z*|PkUu1D)t^C7DeMu0im47<BkkGE=xRbhA*sxtmN6@i<oJffv
zR4e}t)XFnXXKo|L2D@H&#+edF*skP1XD%nQGXCeh$ce0sXPuQus4|{)-WJ5KjAxzA
zNT@QNb-qC_s*GoyJxHiBo^@)_iz?$;$6mtPCEu`C+{9gp;&wzEs*Fi);;y8Qn~gTK
zE2-}$?n+cQaaR&@tI&%oW5`Y1m4w`rXhW4T>}I_z&Y3D>)XhOcl~Hp`kWgjR+{9gp
z=3@W&DxtZXgqL3#H8=4}g(OrNHFpahiz?%}gjL3vyHnWk%GeD?l<xkGUQ`(kH}VQ=
zm(*3meVh}itA?AnD>2-}U5V+==3cTgn$%KXX-&6K*!Y#vbf4oyDy`)%jU!BHT^FzI
z_)6Q5BKv*VkZgRVZ5Zg)hJjv{gnG51yOtkaDs4kI@%m3=H}U$<h3@;@ODb&(cLyg@
zX<N7%OIbh5T}cafI45#f(!yQ;DvmMSm9%tsEEj|-V@r4F3PGqcrn_aF$PA{tSFU6>
zGK1-X45quCxsA-%#nh{QzAg^r>teSX_mcT)<@SjqEMKjupZ$EbqsV@~+6D5}E|9Nw
z6vw}lB?;xLoqGpAy3AL*K)%`s@|Ee{%e`d2I=Rz1k@@Q6?h@_tD`O`&@|x&*TFG>B
z$E_BGRx+L4iLVPn`ReS}TO$bN>sog>C$chL>*jJ&$ZPJcFi)>{*C5G(-?Cw(yIX@^
zR6TpT>RJ|AzQ@tWZHI)aXJ5Aq5~`m4+%9hlFRGpc+>uDAdJcAHA))Fy)XiBZysm~{
zEo67Q?r=9Eq3Su@?Y&;uQ1!gaorr|0=SX)E5~`k~-0etcr+JTih!eSsyw^>Ai$yL{
zs50K~Hh5bQs*K~^#Orkv+|Jxa?jk3+133|+h1JRlZc!XzwQ{1noD*3qC%SKOB5UO&
z_Y)*kD<`>Cg7~#^lDi)X)yhfkZ|Fs}a+3Qu5~`Jx+*<UaS~<zhC}S;^weq1rt$fJs
zhc;9z9}d*Y95)wjs8&u1)XGN#wem6d5PDIqd@N8aA9MA0#2HepoZ*f{LbdV<w*U#%
z%3QY$3DwG6H*pu4Oa0^PMy_8^={dbzm-dyki_CTRipU{SiClL-9*b(_xrEiqC*9wL
z4X>3$V8-RS(RW3=s8-H&(>RezJJWrh6RET_14=tHP%CG-OGIRUS2BxQ>TB;TcLg4u
z?sm;`*K#7YcecARjxg=bCtdZmw}2x1eOTb@D(xZ*0=-%g=+%NiuNJsl_|c{I76i0+
zen5Mlb-&?WQhSTtBb-R>Eq1%U$9i7Y%3?Q%6Im;Z-L3D7?2z`p=pOk%5YpZk-HGLb
zkoLahR&gRT_>$ZCBW5Er_);K)FS$2z8(AwCQ?L5@S{%sNV)s_=CG%C{4vHfzU$0Ou
z{Cq8^$bP<-la0T&SsuvO@<6_p2lBPty_+9h>fv&C0Vgtp%L5r)8OY%4?h@`LGq}zz
z<3wg~ovVM$dR1m{o!gZYnZb2#afQeZWpKT_Xp<n6!S!zHr-D!hH@H(dkr~|J*4fN#
zWCl05iQg96;D)%3{IbVet}ci_2j6lVAR#q=%S{u+U$4I9W^f{N`nG#z9AP<q*X_!Q
z?B@^M+c^;xpZ%WQ2ks0cteP|Ok-HuV+Y7U=q*l0lkT3;czwlD&+FMvl<+sH?b+eE#
z<!5oWxDOy<)tr&7?qVdY4_V}GZaETG-x>MJZTq>1Oy3Cl+O0*xl%Lsr<ECyEHmr8D
z-|5@w4naa+|M<?$M$#XTzSo_Fgk_n<sdm?JBEJ#zqucun7Fm8H=s=*F*SN=ojsK0H
z8n@|}%u9>}R?TbN|HTnj&3|&oaU!ZY`<=d@+{ZYP-vc@5<|Co66C8A(6U49P2i=uO
zsG1*i-$pO0<_FymkkI%!=x#+Xs^$mXS|oH$_-8k58*7F9M$pf0KO|Jm54pKW=sN?y
zxaCM#PIdTZ$YJ*o5~|dPUA;;~rkZ=$?TCbG?qPSySHgxW<GF-Y#$VkxgblBZcS2=6
z;(mc%R2h%DKXW3-{89HWPNcRRbrZi*c+5@wO5t($EccSya>}*0i!-EE_bGSJ4nasa
zPP;q46@+x-w43-nkbm9Oox+Bc<X^WRCsIlNb@y;0mE>Rd0D65qK1rEV3BOwC9udU<
zmT9f~mmt29)Vlv7p^;GQChrnQr)pm7#yF8ma>i{KN0^c*UQ147uh#Q2Igv_I&l`w@
zlqA`E1PLigidT$;lqBM9MM7T<ih3uJkdnl_hP&B0FH}fLOz#>bq$G|v6bUJb=WRvu
z7u@}4zxa8+*XTPDhm_<3uL}}VlE&U6NJvRiy{D0ok~H^TMnX!`!mHq<P*Gu*GzLay
zx)=GL9jj1z9LdFAE|N*`8=xcLcY#}ZTao;L<PtA&?~vi$u!qO-)h5GxkQ1pk8Qz*W
z!qld<_X#IbZCZQVIgx79#`^&YsZAU2h#<b&wDHa$A+>4arR-(rQ|Uh!*TyrD&=_mu
zr3%7#k?cD{ZM@z{NNq0la*)v1hc5L>k&xQ7^>!g4wQ1+s`}olnQk%=Xjz~ytF7rkr
zA+@>8D?mbObD5`Ci#Vh<=MttimwQcw4Og27AgArUj_5^d)4?0SiJTW5yc|xX+H~*|
z)h5$RRGW@oF87jZbDg&ck9B;%qFfB;bDg&e3F*)EUeN*33euk&yecH5KR0-dYlIDb
zkEpA60}|4ou3io&6-i59hu=|$mUi`OkbDSaI*@K&qn}uuilo1wa^`WO{LIKgrEv}X
znm3S}ycj2<?au<a*=x_qj0R_qBq@u5^zix#qImFI*o<U(V}+N}49KfMZuOQTVJ%$^
zq^Gwfj=Tk=mv<BiYsH5^;JxTW?0oY0SH787Z_kP&%&U)gB@#Bqn9Xh8h&aM*`g&85
zuu;cs`gyD32(#($Z9?)~?>hXP2YCCC+z#`76W9#&PR5aYK(PmT#xLRwFaIG)`S%S)
z8SJGY`D>r}J?Oz+KS5M4BZ>bW^kDB!B=5FLQu5$8>j!%eAW4EAW4{?a*vsLhQhB~x
zlG2)!g2U`smHtzdgT3uYX!H*84so(jX*MNE*$U@8#2fRg$SEV=0vYOUM#9eU0FYr`
z`=i2UF|59h0lCX7Me-y3N_(BJ;p-OO_TPj}%_DV`Fpzt_JxKNev4Py@HThlGFmeHq
zY_D}3X$IteFB8c{e<mp{fjr=?N3v>49i<(R@t%E5#Cc#~l5!Q03EtK?as!ZwUe+JX
zrbv16XcGU8_=mk*P8KSY7Q!#xgH4Xt<xdgkR`@OT;Xoesijd?3$p$jrt3WaZNDh$4
zy)J(VuaBVZPXNjF)*lySCj6HAvq0tqR6XC*|7JE)H}bur6O4$t(*@>xzPBolybN*X
zdS?VtmwcosDQn?beXssM+)MrI!XzY7PICE-b0A`Y*9dL&X5yPyg<cvba%>cOU4@qz
zEgve%Jg*<x&}f<OjTLct<W+D!^SyjwqrUwg)Ew5o-gD^nOW!)mI<P77-bdnICdTtZ
z?=vLVU!J7QJ|7gs+l6ERl4rexNVIgwdzqpv@=nH)_aO2MUe}YX?Ul->p*qS(K#ILr
z;>e}owb&~|^5^g*r5vo6dMD!u^IGZ+Iwj&Tn~UFu-#G9_BdP9HM`87Jg*TBCk)6-L
zYlZg&Cr>ClVf?T;xYBz{c=^4t(p!XasO>AgWk{%{D?Pl!qEK(V=DmqF)Q79QBS=_p
zu(rSMwLN`q+u!gCkx)zD^gfCstfg;yUn8M*ZSYQVB1Q{q=>|{vmyal(<*&eNgV%wR
zO21uid0hoj=nUWTrXiu0mU;O|s9j~=>qw~W?|5ZMD9i79>9wL=)YA98iAX5RA9y?B
z2+Q(E-mx<>gXPeQO0VmGlCZW{dS!8hWqFI&{j9K|-uT=DSLPk1@$8fO)KW>PrC*R&
zeQK8^)b=lZ8*0}!Z=5)K61Ba`TZx3VbQhfS*S;6EeTVmUoXrnlv(wugM_6xs=X=pe
z_`y^8D6ULmghl@092?d@)n0=*8`eJuysS9Fj`fo_G>))i{hzfr53srZ9{*o=7-lex
z{l1oaU)#l4LRl*bA&E#5(VHS9qDYd;*p<py#*$DWYpHA@Ca#MjyHt}XWM7IX;(MOY
zbI$Aa8uR<(^T%)gdG~%e=RD8zJon}GyeB<79K&<e*ZDQ-T=}t5%kS&Xm7gLBwx*L{
z`CR$+XxXb{=gV(K;?=S9UQ6M~Uo3x!WH|B{JsFPtrSjpBsMiUFBmZal3?dxWzsipy
z!V&vBU)%Y+{FfxdIsK>nCP^?C7a$k^l>ZfFyj=WS{w!&6{rT7PkaKaPe0mak$hq(d
z=i<NerAdZ!akG4t01-Xpt@3S&aK4hluLX!GujKGdBAnAA;ZFiY)Py48O++}SY2jUx
zOjfS84Jm(vOj`Ko0J#CAMEER`@$Ey3Af>~%uVu=I|C2HpF_Gu;;bH~E|BjTsjd=U7
ze7LS8V^W+B*sq4e4Ux#2kh~w>_X~HCBp%ufql_SGco@mFdn-xF0XtfF8_Bft$QoFQ
z@CYkX)xtRek}k>i0GR?pdiZCwEIkxjk?`*UBD5mmvjHNsqG7=B=l3KQ6R#)nNh2B=
z9Z#lRK60RQNRDy7jHpo}?-e|)wueJXF(4H^B4kSCA>lhQs+Bw$`^h9l1sRWcy<dhW
z!?o8ZTzjjqOj?8CNeWaC#UshWX9q0%glklF)=F;H0?R8e5&e%xJb!9>TI`Qc*q^&R
z8E#EJ;nq~kli}7>I}Z`9sg6guH?E(Dh?a799wK_k26>2Rarb+KTU^sTMD)gaiLl%(
zkBo>$i#$Z6)iMteX|?tU$GM$HM8v8=S$HI^cfTa17Ldn0nR+Qn3N#j<c#-em$!IV`
z6SEzk<UV>kX>5g*r;7w-el<f%Ll|tI@a%|ah<rWi5%#$Y6EAg-cx}fg9m~L+A9C?O
z)=JJT8&aA8>B=N+MF*^z&oD`DItgo?N7AO%#$0$L`ERJ1kANMYaBJ$$c03PzFiGB7
z6Ycnfqu~>d#<QLlN29k#I2wKO^*?>`^*?>`^*_(Eoiwcsyv+-(vLBP=t4Bi0<B%_p
zc)9S17iXVvF8X_RI2QvvBFZ8M>c&8ih_dJmY59cnHOP~xaS>MP;Gs|IoL8hBpJ+g~
zfMt)Q4SWvj7+8MUv-8R0m{X5<`SOUDFP~hj6jFMDomV_NqP_P8GQ=b7^Xnd|4zH4n
zeB~vt0C|IDyvS!V@gnb&{!@~aH$lrIp3fsZE$-`lvU(|w1*1Hf1d*{G5j9G*<+nWY
z>nqs0-wFR67_G)Y>J!7&3yP6#OiI^RL(02ACWY$~Iq^8w=SlhM;iP=^a8kZ{I62%9
z?RcZ-)Nu0v5u@kSaGL-Tqh~hF9Q--t^l&FBlL(1uOaTw4hqIBSI=^9Uc|ZIy+EGS(
zWC_c($M*hycn!()_ec)O%<Boih6et;??vpXDoM%*kXBwY56G-MGE0HX&O=rJnd_1H
zmC??};cYUlY^62Sv7;+t?HT?lK<Ytx%@3a?GQKd%EC?4!7NwJ|2qI)Y32Q{^k)4I%
zSb%&DsV@rmmIUWoVjZ_6yi$@AGKOMpzBC+1lFI9yPs4jihTFxbuq+U%p9pcg_$=I%
z2)BzBR9?8tC!|+|AC)qbmD~x?a>1V!;jRI)1IVgye<Ix)D9U~yUxi-_ke`684NoAl
z3G5sNvOc^hK>h&ob$DxloCmTod^SM-2C^xfURd}wSrK;r1F|`M50S@U4fDfRn5%^!
z3y?ww6lH68P=KTX*&d!tWEa>e2V_V1>i{u;><sS<5Esa<@Yw*V3S@6MJq7&{cJ2bQ
zFWi90gH_?{Js=0e-2$XBkRQV10;C0yAH!b|S^qA^IX9dWAR^9(!@G&}qc|T8=LU#~
z^Kap^L_PvLBF@Lcsj29pAR^Ak!<7O=#QBeKs{j#kJ{=wqAR^9Z!ZV3<qd1=re;FVm
z&KJV_14P96QdlX1sSB+~fm{w(3y>~A{t0&@@)>w2%Hl@&^#BoN@n3jyfQYiV6<!)3
zqAZfs-2o!XqJVlMK%NCsNX;mU{<NpkDXO*#5K%hC)Ik9vN~gFwH$VmeDG9q>;xCb0
z8)n_F0V$_`CuRJ;uDrTWl0+yg4m*k<Q(nD&C8epkQpR6NY3iu}c^9-a^_nE{(6-Sb
zWhxL|EmlnAA|6@*WEPN!T2~V6SLXpS)%%G&0H^;;fLLl1B&k^wLdxfov?OxJJ52bV
zaH~$Z$7reT$<EbCl5!Sy6fN~MX-#{ZwJwoNf3Un-T9)B~__QyWq<jvetgWV|37-?8
z0atK#VXHGNu~JNgs*J^1fvuJ#nO<&45&!0>8j=3L!Y?DiT+~%#M7n@K+f(2-zSV(5
zK3fT|)U1J(lvg_DWw;pu{#5kH3ll?1ToR6tu?p_R!+=py9gcRC-`))=-%6R~L{@Eu
zU+R>EeJ=J0y#Fl8Nhy=19IP5rPOgOYmwH(eTnqmKGL_U`#bw@8%l;8k{s2;0?N4MT
zjntLZSBQ+hD@i#gWhjPe8M#;%mDM*%hRdt6I#!a+1s;JC6p^p2P9&Kym2wqzI?1%8
z(y5|;NHRZxmZ%$5)kP$80mxsHd_gkJAH?}sHFYhK$AMHRswmaeIFeAqZXxAg(7HpN
zUP9#5-y^EYkxv_Agp>jY6{RM%0>7nrGRY~hPb*eZHS@KmJJos8GHRuQojcX_lEg#R
zV7^)sNG<iOB-jcxAhkL5<g8M-16)Tvn2z=E`DjS7L8gxSE0Iq?CId)am0Q8azi>`l
zPd!I6eSzda4(q8(Nwl*Fi1@F1YAGVW02vN-6=dXJB6;|LB&7yeuJ6_PQl-(KyFHl<
zAR_g<J(+*V!+SiL>QJAB<$Jxp<#{3vJelVphB=V#eVmKX$z-fQ_o*@RaCcTnDJx~9
zgV0X7&NuYzaGh`H`J=<xdtLC*CrhEs8v$wJ$<%?f2@#E^`AWH|dZ$d?@9UbX4Fg2<
zbxl>gnIBKxupT4djB*iA-Lj5JTd5Tf)utY)8TlOddYfj{+l*4Uw`r!nh+3)Zsn=>o
z{a8Ge`>|%~5VHK|KOv<#<g1ywP7<t9j{td4jT7lgEv|*SlSohKGeuM%QqK`74!z$J
z=>1x%g-c;=sSCZISOGn(rW5&<`mt8(aw2zA%WbWOOQTj>=nuu5wzayDNIU2c9|wP0
zs~3q3qG+`Cdj6d&v1e=TmFX#{;hm%w_kMjECn;Se0rT*eNajA%w{r|?@3T^dd)k{|
zS@g86y?R&*b_PUidPH4QM*8gaqHWY%B3z@|sAbAxzOJ=SQl1B`HmXBJtP4cTZKGBt
z@;R(MUj)+D%Y`7X0coe!C7A?}aX=pTWCWQEq@&t|WIo&zQa%LI#gh?aF_5R!RwQ%Z
zFDTR1lMzJ7bn{3K9NqSVaqyXZHN3kgb1(Erq95z7c0kLi&kcebcVMSSzMidz+C$1@
zD??$-TQ6m5l^5~JRyMqvB+0Y+((0)`Lo%$@Q+@L`tzP-GdaIvG8Ek{!Kw7=k?*k+Y
zc5?c7ZTZosv5)HOk!OI2+S^w>FSQb()6=oH>8Jip<a!qz-}~iDy`Oqh%493Y;TM8R
zTCjJaRtk%p`hCI+YV80KbAT7rb^#)GpZcpqkSOE7fZhnmOKM|P+DR$*51ypIthPd;
zWX}yLn;wQ826Z`+&l0c#fV{t=*3_hyG6wGL>;>|gx}3<)6^fjJ3{y27WdspgudB5K
z<VPTxYI`F4A@4$Zr1}jKZ@oNH-7iTZl|39ueO)4DF!&>OPDXN%ow5z=AmJ~SrqG%1
zNG=PdeH%_|W>YzjN?8sn;$Fc>^%$lV+6;D%fQKVhmYD^ooI+-lM-~C;31iAAwX7k0
zPlQB#gw|*^hC~rW>_UuDA0sjl_FF`cG@k7!yCALS!H!SfdkihVtqvp0bC%&r@dR}t
zk&hu?qDH-=t|iNYh%$Xw{g%i+NK4H9vee%t$yT=i2rF6ea8kZHHd*~s%3zH;12U7<
z5)sVT(t%0JUqGg)<%u+Fnxy<IiH#&x#8BjGs#=xE>KVA}I907rTH(_;3Qtv!Ns_IM
z(_p^(1GHFmNK~X14-KTWrm1g9;?Ibtsk0<O4~u}-H1#V<5~;Zgwx*ftH$(=7ljQ7l
zrn;R-+y6pD_9F?gKQmRu5~-s<<-qd$YL+CJmILGiHAj*}s#^l~4<YY!)NMrCsqiaZ
zP?hGWyOD%`1d;(-bJS}@IITHqBim1_I>^jbhe|R<nF*Hb0r^m!A&H;*$Lcmo{M6^G
zyNT3=QAVUbUp<5*wDZLz<vy@8UsW6|K~8<X+DH=2=>s6MKph~7pZX{H>c%1>=#Q|t
zNS!FPkhB6ji`3(oR_d^#7@sBTIU*;aOvOrJiFyr*7x^V>Zx^HSF4TnfU}vd%ND{Ox
zMzl}W-(r}Haxlh;`x2k2CyCU6n={=&Yq{FC0?K?vWTkpUl6Yw9QMhXZGHcah6@^SZ
zRO1BfZUWh$wjfe*bdoY0NRB#;NDG)pjR*3Lx{XL0?DJ0pl2A_)c^__8&jGSc4Oc?T
z3XJcIf$UJ9l*F&SyYfYKm)cv(WGnB(O`b16E5FR{d|LlE^18H)D=FdGZuNrzSq*9J
zRu4$x&-wSL^nGrq!7hjm$m~@Qlgtemg+))YmwVBWqv060Pd!aCrJKO7@`0954z>!(
z6PA7IpCr?)HQwLYr`|;3?Y!+*tqkF5BE;t@`_=o1@R`egwF42}jo+^hAi}%x2h@o~
z_)OuDTA(so=KZ>#R6~+@C<FS;IQaZizBnKLKM`<P_?*1G9qyeT_GU6)<Rj;*!CDy7
z@@1O9jWW?=|K@28g;pSZJ+2Os9%3u_5wwo0^{dESr0{z1548~zh4)haP$v-Kos*O5
zFI9zBJhU6WT=*UAoKcl(NX`&BuewAYuLr*s05X@<szm<n4}B((Kh?%WmJdL3MSX(E
z7hl0_8Dy@hFAy0>GS}5nMBad%oTNkW{kyu5ND<f>C<a8)HV|0`{*(ifr2R(ZDbh;T
z3f+M|zgYxk%OF!&OCz#9g-IDA>k~|DA|=3|N>Zyjku4s%m&jJg1<E`^<Q-3@Gm#Ek
z*m7?ok9uhhB2pRhb%#vrH6perGmgk;aq=i-j!NS9t0~&4eB@Gqh_zmd_OB!fh4+Y3
zwe;$;ZYaD4N!31=1jf@p73CgCD^<%Oa+*jHZ5NT2M2cz`h-@TMOe;|XBR?I8*bz$8
z3`x-E#$Y*3`%;pGS2NSKbx0K6mq^$42egF6l3H$nh<ugQaNjQ;I#m)*9>H=ckL=1v
z{s*Le9+?oV(NOESv>Xrhfpdo^rOa6*Uc^diN==Lyuk1=`!-#MUOKFiiG4CA1QrewF
zIEJOQW<)rKWwd9Ba16_8qls_~%W0D&@ncv{n;RhAz-LvPeV6pmi)ut$h(zI4QbbFy
zg)+QKifUm={Bb9$&5^{fV^M8sfQZ#-R9laBLOXjUDFYyNQ?qJg-b+6dQeFXKX>Ex(
zKr(?iT31Q@Q6{F1k_68|-UgYNwptQ@l&PrY5aCg#l4jMBxd`znQ%P$;gh!bSttk;6
zWiqt6M0k|R&@L0<Q6@v{SXWy1Mw!Y?yivv{JjztodZ1Q_N14jnAtF4=RPpTaD07F_
zwjSn!N0}O0T#|U`j|Z?<uc0-qk5Rn=Bcm8kYiO@aGE#Z?g(PJ%M69Ovwj_Re-Kk9u
zkeMKJr?y&>L~7}maCKZu+el<>>5!5G?W>ly6^S?3s->Nk1m}JqgPq!1_-^43rghIZ
zuuG-IBuRu?!|DHLAX884agUJMT;R7Win0#K-P#}`e*j4UX`t0_g!vjhF-h4Aq@mW4
z$c=>|<rg50wDpZqM(o9%1kyx1N~8en8(#$SfEI3oGT*|S_9~F3T5lqc!hVY&&9%8i
zO1uOMs~_QJh^9P%T1Q}4M98$%su2-;l|?|Nl{SRPDey<gJfcl#j#^^ZQINLU3L;`Z
zT#$BJE|Jc#vs4!BwAZW$h1L{Bg}lEBE87m*6iKiZm>|<pJBCEb_!8HQPih5P2(6JR
zM_`N-`{7S&MTw{_aozN!R+>oB*OQb=VCP9qC!%<EzzF;$k{^XRZMB4uait9I?urup
zpVml{cxdsrFnfjhb60JMB$JhcqhM?T%TH@dC7GfO1X2e`ckLJvH4;)91L>s|d<b(o
z9HQ|MkltFDi0OuuM}a)2-75*^{Rtq?YlD!aTu8%JKtF955~VfFwQ|7we%cfw^`1&n
zo&v3Y+7B&dd=zdw12yGgN#s62Z;%<N4UuGXfecs$guu=#+DIftU5eolZ6cA`Z{Z2c
z5N#%rPl1Si{vq0YvhyVDXA1JFwwy>$urnCa8mi?IX$ZG0UI+4;)~1#4XLErTAS3>3
znD&w+i4f2IhG}z%@Z4{hwu1=I{f22v+X(GMi06L8wT5kx@Z4{t)=QGj1?ql}JLDs^
zQAFP8j{U|+Z3mG%=7f|{;Nd9kkR+MPMEJ#OVR4LB?NRZ+nMx@jV*h!J)`Q5aP=CZ+
z^exS3hceB9yajgN)lN&2rIdzRHyOwz?V2Q5$}@mW(V9Odv_>k=Lz#;I%GNp|Nht(9
zn^*;8YfqC*-8M{y5qa`Fd~XeQvb7ULI*&?{_qwNR1>2+LQx{+*1u`?V93uCF9r157
zw9w-y)3rb5bcR-3l1ycBJ=`amp;<&4K8i9kwc$jrk>#1%Z$v7Cj5raSsTJ%XEN3cX
zAsWje_4l<dPav5<cIImHh%|=O*MiJk&FY9UxnOxSkPo#1L@cP`-vaqaJ0wY#GP*}d
z*#~64R=<<b%2H+n`3cAZZK5P2mGMX53>wHMS}qZNuOj!F7HWf^6j~#_ma<42Cy75^
zEYhY2i0Bg*X$vJuq+Yon_hc4p%Za2kN|Jl;i?#Jg<Q(7xq`pMk)>)*rxxl(BumS+G
zOgls*2grXwmTU963YmCF^x>&L!5w=om&p6jho=MiQoBJU27R~=WTj?wL#?gQV^;*S
zT5CY$0QApy0{Kdt@C?d`9rC+@tknv3M<UL59ssglt43rFj61D>Y|zT|K$-MKDD#cB
z=2;}-#7Agt){YPnyYYf-(F*lMneQ$^{|#iTW=eu}zAKPzT6IbM_P$-amk77_?OF>W
z+}^iqJBV<5->J3gCDKZSxV`VzI!WU1&h6IlyxTwN+w=b$=`GXp=ZF7amIvjN8Fib7
z`L*`u^Kh>=g|v95eXn+z2=CAD)7;)78re!2=t;!R<o<ki4rupC8LZ)A)^tF7T9QQS
zl9PCvb5MH@i8tFhsJ%j##U5i%D8V1JDFHkEfgI9Op2M;b`(v*F`B@tz3C@u+f&7xM
zbPnh9@Yj4Yzvh!U@_!;fQR=);n_ugwb}Aqvc8!i|Mf+e3%hd?UeWc&=rS-dJkqle@
zJ)g`mt)i5{IKKsXKc+R1B$2weTaw)UKA|-w@;0>G94NUHS}P=8<WFe5CBYbGft^3J
zagw0rnLtizv&qgZn8k^`!PD9TB1SYxDG1+ooz|8k@hqR#hCGis6=gaP?3~G$i?iC_
zQU=!`%RuI=R;sVi8k6!0jQC=Y`n;wQ*$wkLBrzgKJ#rV3)n&2IJg+q-;=rt+ZAjR8
zm`F0LMv-(tq70=O$a!rDk=N^llrO=b^V)hM(}-Nqu1Vs5k9JWj*H8K^zef{Vmnatr
zg}+DpQ>!LrvK4VtcP+^LsU;-wzk<B1?Up1<*#&vu1TvR3;{{>a?*XoAA4-Cy^Bu@s
z)jkW5y+E#M8zu4g9RAhz6XEspzqDFUD12AsU#(n!kyboZ66V-q7vf*7p(L1AE?B;<
zwF;2mf!y#`{k+D%solP!ze)bYy%qgUt&6miP<TauQ=3bKJ-n&?CW-IQO)Y(Z@DTg?
zbCCKiZKNcd3-F0*lD?6M*nbwarGUPb2+u_e=$DZc<(X$e{RR=9c^1@@UleI=F2FO-
zWW6|%BT!q)!oL;L%M%$5-!uLT{uI_L5vdL%xzJD5dl1>0!(<+jS7BU68RaER>(EL(
zCrZ_a5xMs$o|+ZW8w^C5mtpiQ_%nR@qURFn2Qp$dn5O?T2xWMtS5hzbvLr=$rdLug
zL!{F|n4Rv2ogCdjQh?`vCH4A5o}nGilKLnjd>&U)&ypllaT{RYQc_<cNtO~W9#V>f
zhb8r$L}s@ODP@3^)_)>9Pkw>(!*cpnNfN1_!WpY5uX6e=B4=TgK~i|I$i<kH<uBtp
zrJP<ul0@o`fh<#=NG>#O)G~?8gIi1xe6U=JNaLZnx+$mEAfkGt9+4ri`;A)n6Zwix
zfy?O+5{bg88OpSg1Y3&mwVXaQKy=7^Iei*wm4>592S|B+E)uWLEUzDv1bgEQkO}Mh
zE5aUH7H3<k-cpi8>Y!p64P9?X<kcJS>wY1)JEuR1Bvd4XUs&t<a3XxVr0csS!L;s#
zv<$t}5RsODx)jlCN`k42-6vCTElDDE)Ga)rv-FNgyj)oNHA&F&Jz&|^`@JeGXDONB
za|C8`;?*(nmq;E(_kUtK-qtt~YFs)=c>uI3=(o?TD(d5<9rULa$W+w7lq8Y*?JM|A
zdKG;gk@49~HWO(#hsk$DdM;L!9Pp!xz7L6)iz<4`P~kJ?qBEpbRj)4zj#fQ@RMX#+
zWQ@Y~xt2bkNO)3`@-oQO(hnj@;rd)lKTL${b1nS@5w5GX^z%e+!5UxOD66IaO@!-V
zE&V1Du7|bsLazy*$0+9wyvJB8Ukq#MF_e+3b#bq$mOf6BMCz1>u}0O=ClV1mRO0-!
zjy@fU_l15PeLoQ%<Lc@ska#hyt1H9&7`_J4sHa<!j8vw;y_8Wv>g%`fq1~<5B&`*2
z@BM9%xmzC~36^^{kbCusk|aW@cO)qv18Jx~__|2TA1m+Idr5*?Vt3_!{j~sD0$Ppr
zw*zDqkfu7`i;JiJ0ryVDJfVfYLdy8#X$w70gzt;C(0?JqH#S@71>X?<B)on8hjh9t
z>y5b&=?_Smc&HhTxew{xB|)F#;7?2a#Q^yZ$irmE-+OQE5#CpCt!JWTZ_I72Pmv^{
z@LjCd`XVBH^Xd`(BoQ8$AJJ>RnKu`Y==~+}eSRcg9c!bHmok_Ou~XVc{}SzZySr`m
zZ;{9w{^Gm8w)#mT{9V$c`V}I)yZfkKV7T-r#Jjug^fE+vclU993K8C+dP3hTNtV(v
z0V@)S;S>5%B;HFko%CChpwAURu9IFiQ>K-=peT+ho%INjOEBlnfzs`qFYlf83Q`8`
z<U(4V_4<<FyyXm#Zu+|;q~#EwlK0f-65&(wUV52PD8r}Zef3eJ1&N3F<oZP&{xAIb
zH?#+Ng!|Q(J;MF!U_Bx2BvRjobMx!q&nx=(L`rz%kR+IkP_B?!J~pq<uj?t}kg(5h
z=(*$b`aDt}@;3Us3+`u@1v}&PG82$YNl#KtAn)k)iL7dgcLv_`eCGH}^a!Vw<q?ig
zwnz9x^?i?s`JuQmKHDRFV|)&iG`=zJ6TX4$6TUI-5$`spPxv;bPq>%x3Ev_23EvN&
z%l;(u{qPSx!uP{J@(A}fAA5xFhtKl}&#32ngy;M|;rrn};k)1S^{%pXu=a|Z-V3OQ
zOr-Fg?S=YtQU+^FB`DK{`oI9W6UbuyjQ|llUCZ=wlHmD8Ly-AYfBqd=H<ZORH~vh|
zMw0Rn+!bjCGE6oXF*8HT!;;J<nZe({UbiF*$xb`i<$FSs&6Ba#JqNQ7F_ZaRzd=NU
zeWb1+^MxLpf--$BBKcCEI}ORZAk!0MR_Jjeqd-Rd+e&@Z43sGgX(5q~5?W>9x^RmU
zv{rhNPbad9NgCglU+odTE$<V)E$<VKyid5U`h@Ss`-E@8`-Jbk`-JbkdnB3fy|3{+
z<Xa8v^rbTISneY4>-3cY0)r=zvyvo29F6t*bs`*%uk|7`g*Mt53=!L)mz5-;@O|}f
z^hQMZcKRk=d0%KH6uyhTNuMZ5Jk$zqv}S^x&H4^We9H;F=`7UZHRE>uX(D`o{#$(r
z5xzhFt={7Usg=UF<-gO%AyL?$@APd%*q`t8GP5x)z8k+oe~}2^gx{$zCc^jLzt{H=
z;k)s>^piyRCj4&Qn1h!2Cj1_~lO*xf2kyp|)E>PXlF);2wmuP}u}2>%NtROkjU;6T
zkiGg8BFaawI}T)@zE+ZKWx)85@(Gar`d%W{#=tlT<e+|*$VQM^1LTmNK3DjYt-J;@
zIY55YYZJ)^nZcjIy&e4tBJDtCE6Dt;cO~)=$>i!U6G;Y{ognjz{yLEg%V9Sj$YFgw
zkp^({{3js4>c@yoh0`vv&vry#`Z4<R4SW}Q1Z0lt1?M4owNsLE8p!W@gvbr3EmwdX
z*Xt5#0sGG(_^tFm^sYq4zzj{0)A~3fBC6>?&gn;p+=82FDv<Mf&H0$tYFK4EKrZMF
ziEIT@70AVWGlxI*R#L{F!TzZqktCt;ZSX(!Y72zrgu-{fujtPa;hWz7=r0rDd)?Rd
zOiALQ_BE4~I*|H*`Y0mfVIF=zkXzKc<7pYNrWSMl0tO@mfAQp3d%|n#AXC7&A+`Ly
z?t(_aPtYH}F<#IpAxT_etz-j#%^{w`mJ1oSl=1tGLPljtvXumsdwWQ$kkODx?pUmc
zDMouDC4oEzGDVCbMBH&$4~rTzh@1vH&w@-b;|n4;K}*!bG-EfB4?(6c$P_oUg;-u+
zkxU7r7LgXPPdgA~(v22G`T`jOq@*#E$h@NPWi*gd#zG=T3t-JGW$Y$$19me+%`9#F
zwHVX-80?G$tujVv36i^j2$^z5n8=^IVVqn6dj&=dBBQz_Da~OFQ;m*9Hg!)@-T^zh
zF^$MRsE5;lM2v+*W`Wj+Kulvd%YfEmAhywCDW-lBv{nO&8S{ud1uZ2Gq>{0l$Z2RP
zyMR<S&JqzV<!2yOjo30_XR;z%%2^;a47{V5t!xC#H-OYKwn>?6<p!L!CBu!n+Qv;H
zPl1PNK<XOBK1F}BsqNG^3?j+U;>v@}-A3+bLMBV;0uhS=X<+;*Nw!k-e@RMJAPtSs
za<nr5EY||k$S4sY_W@~QM2Re*R@uy`M&u4is|CnBXw>^0?W}}|wFlDDXilUY$cVIB
z8@KONv@!Zh8NV&JF@}60>|mYm23l>5v6A>>Tzg{$5gt<>H+p|5wEQvdaiic0Bs`{c
zFzzS9W6Bf8qmuaJU`JzuB!23hjpUVRhsVKghC_tM!KaP-M0gy0+9<Y4YI)<}Ge#pM
z-Z=P-F^&k2gU=X;h_KJyjXJ9_b@sW3@d6PZ2cI?O65(;Mr?G+vkAuC8D@1r4>}}k&
z1}$@s)Z4gE62C`!&cHYG{T``Lz8<L$^?nKOd%Zr!6R?lTB{&5VdERIvEoUnY_bAF5
zXqEkp&P0BFB1w*(FBk)e?ED!=&jH40A~_@QH2EcC29e*P9~0-x1C3=wx&V0rYRe#F
z6Or1Z(9U4vAd#&jp+^FlA;uXZ?@{VQ4dp8ljcnz0N`077mPmWh8V*`-7?p`Au(SOZ
zkm1ICL>?m#M;L916z-TLNBoh-AR<@5vKaA48Pkcp4L(l+JEM*DMAm@MLS~GSOXN>T
z{R5C0Yba~c!`0xkm`jW^VnpVX<?%)fBBMcT9%#K~^d?ddd|n3RZDSmff52yPYCpkP
zN+bhj7lOQF>?ZOS$-HauETs>mE=Gs<44$QQgw(|>WukGBw6?8+mjEEGEaNJXpTSOE
zQV`NYqO8Mwy#&!%C$-peJBWs`Jjtj^GCxDUI>w>*G#U_j9>`|Unqu@OqCrl-12WZ1
zy&t8XZA_LjS;}Paa39EI8$7dmkn%On;F(n&$d{N|O*fX4<#{3+pf$rI-+<48%rw@J
zOfw)q0(sxFQx<X|?94JwlFS$2^Mf#2ePG1aW8ND8ISN{{jrK&2LwrsFnd7BZpHiQj
zuNVE$7%8=|*Al169~$oj$R)7zk@2x4iPR5f;k;#@u_PcPwB{M#+$J;MfJOm-3Hi#3
z_;SG~eAjV-C&PCgeZqGgKk;PvuA@)*uA@)*uA@)5?_KEG;l6i~M|cI~6Yh-{vrHPV
zN|rE5<`Kjv{0*;9xPSHu_s>f`JNymrGLLYN?Gx^wKlNm|5C6;~++#2I2=~~Z8#@B!
z^$(Qk=f>=>Mg2*nK0{|WtBeIihSkKqxK+k-B%wFf!;TuvnpPS0H%P6}D%fi(4Bw8f
zGge6w4~_1LJ4>64twhGbO%?I=;%4JFN&LBJ+_(@RqHe^EVjG2Jlqn0Aw-|9r65bBp
zHsdT2-l5uVw8%k!c!%nHgI>?`*24Qd!fWCE)Czom4tNpcZ=8L?-#Gh(zi~e3Y4I1S
zKH+bieZt>3|Kw@$H_o|6T;>A(sg$cIxyJ4Q5qmp_jcVWc@ezAFN6Ah+jrVPSBeJ;!
z@7pkmr}4hcZ^mcRPCWD!?6-)siQkNaM2f(Ei)hQo41Ap+9{S=O?zbE_E|W}OIIk=V
z<#gP5e3S4e9=c~btiPbVP8b7-w1pE5@o%Tt!(`qgI%O;*8FBYg$ec0$BXT%Lk(SRG
z>6_6q?@*mJ#uM3n1^qc|tReEYN6KswTBGG%HE~vZ);KFkrm`pl)`Q^TMaoyE(i4b~
zzGUPi#Q$b0M?G?bNI8hH_!{Ms(Qm7e*%FHVgWrT+Hii*#R>L?6*KRKxHzbLN_S5<D
zRb%)zp%o9+JBmJEGiq)}@*EK1;WcB8BwIq8p+^^K-7p4!i!vQg!CDyfZyEE5JO_JU
zLPm)c{7%RuQu)oR0uc*IsOBqpyRSfG2$2y$wt#ejh`B>*g>I(e-bKO4Jwz&kjL1d7
zNOvM9frzvUN3w~OErMD_BCCk(Agv;iA0@#%Zz7GfNcv99MFF_kDE9r*A{~jm|1{Q?
z;*o_!dOd(QHcLj15Sa-%wV`H~j<o+C?POCuEE5?;<bp>w5a|L$>^hc->?bl2{$F2s
z$){|@-i3MRJ7(n~RV3LG;?wqWk$NbT`YFsa+d}BeMVd+y4`oALy$kA3xyTztZf0Tq
zQ6nEoGF90H=hXLsj2c-_q)+FN(iDgm`JKp?k8yQuM9vba18*#}2AN2t=5FEPROPo;
zA>|1mW~3XDTs=wY0mO+MBGL$Q+7E~usk#TXmKrd#0uqa~C2|I|h6AY>*-c~y%$?r`
zQaRFUFKYb<yAV@>RE=~!D2U(x+!5&$Afo@N5di`CgS*!BHTPW};jg)U!e4XO@?`jH
zZl7d;ogA>}6CoqUi&~K(fz&?$4{Jw`N|I1`>~0XbLWIZe1`+EAk&A@4O1dv{j0lhB
z_eI7Xk}}@fs$pa)5^smIVWiHFXopAY`y+g+$m4RONF$QrQMhrW(NCzwqi~Z*>}MoA
z3O^7TE=fEz5ysqSVJ`YW<OY!@aARQw<g{s|Y_8D4vJmyTndcAZy?MlxGXAQzd88E)
z&gp}ZTq2x{7LnW6un$Gb|AHQJE?P!v6X9Gu92r1_bI~fF&#fZwkqqylwT`SK!h2|K
zBR>)0J+$_bzlrc3T8Bu|Vf2UBl^r8tN#Y^iL+ccoO=K+Wn0*Zqdn$rEX8vgYRAi}?
z$yUCFIB%9RjeZrDvz3C-;`RXP7P);tp}SXC#f(wB(cu$*qoao>!*6sv>k)pVqo+se
zUctLYy*$F_!o5AhZ*)B85k4vQ3BS?d6Mmz^C;Uc-PxyS<C;Uc-Px#!*C;Uc-Pxy@v
zpYR(UeLSD}{f*}%x1VG^AK{k=_&lXw#5m&Da53BI7r7%qL~qkSa({q`+0ILmwvr^|
zeeA<ff&(KdM}?iZcak+IQVofBlEuV7$r==?O)@+q8Wd?jc6gRDDAM~lTILzi;K(5)
zA<p|Nk+vtKOz3kMt;85NBr=G|5|~*D@@k~ZA1L!aopue4+&GEkF4B4}vf>ny0iY$`
z_8AsAL}WK;9fzF09=So}CJ^yj)Ekj%r%~%MAmYE?j4VBi<V~=QB$voF7=^_g;LXSt
zBH~`R7~_U}C3rvF@ep@uJd$>HjH2X#mPeAmg!#O%?2)voFe5@c>F311;0fkg@OgNo
zha`y*TOJWvfh3hJkBD3*8MZtk()7HrlSpODBRmgz9p@9#+lUukMtU;b|BUtszvwb9
z4-qfAyzLQw(dE57M7-8A(Ifn#%cML+$V~PK_gYgu!e1t4GfCqw6Q?mr=5Gvr!uM^a
zM@GqLOi_e~S0Ji0A}b}qzU~H)nUSpll5zz00V2u;5kr(I59H&>lajz)Q0UpjYU`88
zD@1rqSs0l>gh!Bt5$mEX3-5ezk=K@aExb6=o@96}yg1V35^C|vcd<8q@kq2J-*~z-
zGU!j#;*n@sWCal(i9U^#`3q%uB>F5eKoWls_Or+$Nigp*$om(O1Zt%=Tpm(t0$CaP
zo`^$ley)rhBywXL{tnB^$YDvc6%%eKeFANHW#lrECP2g<+UiKz%fg>*r3MhOueBzU
zL8Lg5uOfU()#V2~rCJ-|Q>uPI#3|Lf$P=Ws)5Wuiuk(#f8zS$LOfRrp7jm&7GLOh4
zAdP_JM79xm4ah@4zKNt<K@Zyjc@)T|e3myyx=I;rxt%~}bL0g{{P$$y5qihWdrv0r
z$?$tJ@yHvf1z(F{FA<Mq5#c#@Ji@QX@C!3O;rC>G!tcq%BeTiQX9-+wZHX)=!mr0{
zW6R#_F+SnfW4?_XAT53w=DWyoBK$JU_Yvi95izVk-5?sfBF(P~;_pHnjC3TzyAVG_
zwh`f7h}=knYeFj?TD~4$3<5hxBSVNRSOz^7kW-P5B*|8ebb+3xE38-}D*|K!$efEL
zh|Fn#GUp?Q0z}AMh@2);vNFnCjNAwiA#*8G{2$>@wlcpw?AikPGhz|>?+GM-MeZW<
zT2&;MBTb1c2M@)m*_BA!0LcP7e@C7oG8#M-GFKzd1&ENj78y+BY6i;u6B!X8LgwGd
zdqmy_4+Xg%nNH+)@KBH&)c<5FPlJbo{1;hBG8LZ-DcL}7MphDW;S078fZU2~4G<xt
zME4WX%ArgsdLlrCOj7hOA_pMv^MDkH-UyJTK$4?L|6)`pL*B(HRZ0|Jwar!pSphOd
zqUA^?8A?aUq($olh>$4}Z9`-R<b6GmQqflfBo3rZ^aCQ7AR0oZeDs$95i)8td>#Gi
z5AhK)Ms!$!2$^VfACccW!@Dd%?C5DCcY@D?xKZT>+Bpp6B}j#6IU*y6CrMH%8VisE
zAX7Q|2$3-`B@kNGqR$10kf|OWN2EL0ISk~^=+XfB14ymtK_V5vj*zJvy%-=urhc^e
zf9T=YP&zwv;kIhDHj(C_C3@oq(XmAKLrw*`FFK3JcF@`iS`DK)M0%3e{n2AY3IGwO
z+l`{BH!-aRpmh;aZyYrO<SLLR(HN1T4WJGJX&P-6AjwBz9T)9F<Say0$UGRG7$8EX
zMRX~V;ZPHb0cjaM7a*m9JRA+*LVpfHO%O7zqm2SY$UGA5OC+gDNYQ|_jm{&|B@5;N
zK-xw31&AoG_R%v$wn4-mSPfruM{f~{LB0feB3fE0tcadu59C6Sj?oyAK~Sc`a;Iop
zB98%afpm@zC2|H%SgHYeDmo!R>Hz5)T}4D21}E1*x<%swA|m!o^emCAX0SsAGTozh
zh0q@pUK16hN3<i6VufJVv{g}_jZP)<)Z6eLBgpiMejXrgfjk%8PNb8Xq)dRllD^U8
zB(yxsBc+Md46}?)<S~!bATnYVe2)&6`$k(3xkfTCL{|{`2;LFu4l*x9j}Tc5TK$0x
zh!!e<sn>xoNrwO#==ECST~*Puy&Nq;G9BPf#Ym7D9E}l~0puMZL!vE+3<e^;TYoj$
zmn{Ry2AQGJSwyCShqHma7HwM)Q(psQ5s){cD~S9Lc8$ISGCVpc8D&zYz^mIpMnrRo
zL`Ehl-vJpLEm%m%OjZOr2;}YPL?R2|%{1|1z<becM7BH}Qho!Otmu%!sCDBkjBh}u
zMstY#5B7+z0+|*qmVz?7dWT>W8|KE*93m#H@rwYN70pORnd2ZM(wZIJPvk?fQwTD1
zqbWs%Ot!KRcHT@NA4mHJNJSv?q7#V>1(_N^=10pFMXhZ>?gsKnv>K6hKpFvA7=4Jy
zFA%YoKo&<w5h(#**|Y(&BzjU3_$8fUA*BP5rO}DS(C6atqEt5^pGGfBk`0+olHY_b
zj}}V9)PI0=K_8I$JX&9pEaiollav>Md=VW)<k`aTVu>W9Nb3-MJyg<yFOj3^#nI0A
z!AMp_kCj1^4n7N+mC>a-lDl3)vMSojL9!TH(;HxUb+k(bBxy8*T@&p^WC4+{qAwBo
zipbjNa3TYteTg^v*F~FFL_1$jfZ7Y>>u5(J4M3&~l-b7U?fW)4(PL7^zXy^NZC^>)
z!C71u^ies{HIgJ!f9{1}>uieV5P2SIT@FZZif%*VeOs|9nv#M3i0><>f<K${rM@NF
zSIS^oAA-!5=s`&msr7Ecs|(-3NE1CwWbqT2*4F5WfYu_=+8Vt<GW_=b_NY}^q>gXJ
zi1+!oN2e0uyZYZnKPJL=^>;*95aD0n*cB~S1?}*!Z|sT=C&IV)cSqlmBvUDS8tMi3
zvpc$i$Zj}^5WlFhH+o$X%&8cG_C<?V_2aw&wDv_Kk|exu5cWr7NW5Pe*dJX%gnz5$
zV02hD-$U_REk8tC+#v|;`%Q$1g5{s0{fT`0D!ds2BsV%-65pT0(a8ZK{5c%`ND|+l
zU!zNrc>eqvZBQLkXMc`HGiv1Z=eOv9ntA;>9-T*|?XHlrX9wJ4j4mOv_9)yifz<!V
z=kuxPDJkRE)icqnlK38;i7Izu>SDDn%Kc1qI1%>nTy(%)c|AOz&!0<FSN-^0iVm(N
zwY<`~6djJli^ipBN^P{vY5f&VsgpOY%lRx{jh>M*nAS1K`_*W{x_Q(3C)yT?m)1Yg
zEkw9JUytr1!u9z^^cWH0PY%?HThZF}e1F8RuH1_5Aj0)oF@KZ<{Soa;F)yHum-i&I
zOntP&aZWPF6JdV}n$w7|Kgs4oBJ59!+4k<d{-l`uiLgJZ=20YG>Z#^QlHt@-&EEH*
z9gciav;MulWzjB*nb`aJWm>}Q+Ca!45#IroFlom%^`T9;JC|<GkuunmoQG(nn@c4*
zA<N<#kW%LKhM3l=8TbWXS#$mUf@CTO;g@s@{toA8Cj4LcOQf;oa!lkM4`Dek5thTg
z3|ZFA8`AQL5dX4|ZWe6h=b{*-rJH>NBn-qfhe+bL6vv#1#H&$`xw|p?{QM>OUDx$+
zB4#ExLGl@#$BA9gie?!}5+VK-p-Se-2ZT%_#O0o0)^3V~%e}HWiU^l!HS-1$t_ju5
zjt`<1_q5f__75T9Up2bJ>>^2~^4o{7u1dgL_vTO{r+|oe25OjVh}16$t1-y?o#woj
z!j2!YI_6SIu-xwenL4KOu#iC_+F*UNs3d;G?lEIXyolXn#wE#AIARU*MXaHj(F$|H
z5xd{~r8N?cSR*t12ojE1W3w+2j#yJOmk39!skx#pYH`Gxn&Tc5BvWaw;%`MYGv`Z^
z2yqOXo69B1Qr=nuzdHbP_2%Y`_CgD0al1oGeTW9g5NZ7ne3b~~!F+9}g}Ft__`Pup
za}Q}v*$XQL&}w0x4Ul#~TAH^c@#EaaEb+KV9f_!`kD6wHbO+MjtQ{czfjnV050KY^
zbT*#~kO@G#nlA*%bRgZ$;gaANvY!CyZK@q)486XkzgZKBSIYhKmFbJ-DU#t5e962@
zgiCOsS@;QQIm9J6*epYYOK`BcyCceQ2@cLz!(TB6brv$23fJdXP5xyB?nz!ZJ9j}l
zqCXTp$?JJ~Ezy&_Y4&9q>PbfAE7K9?QYqt?=?HVqQ^GQqj_4srm|q9TI*8#&b5DS5
z0W#XWDv95A#+vE>^F0*f@>p{;5su+_b21T*;alcBA{?=I%o{{FV(*y6x}jx`^Sh=h
z3C_pFnfSYAeMvAEqP@RoPCzZM+$Wh|24qAJFv-k88LuWx$yXDyP2*`yopUkGtU`oy
zG2Og}2z&Ux*@6h?>wR;*B$-MY^t57r_`W&!8MMqfecx=~T@cL0F380!vyUVvLj3!B
zv&}aGGQ!Rrb3%ap09td*<+o{lXvPCFLhB=QPk{UiS|6GGt1Fwk;#lx;9wJ^ZpJyJC
zT8U5#xbY&!i}~io01>xh7MN{&__+`@YLPihk`p1eyx6=LAj0wzv+1)!>x5@{so6e2
zgym)CHc2v-tK0AtZ@HP$Q)p!>57`*i<z^2e?;gT;(U+U=5h-n9zCJfUByzSJk}u2^
zl4L6tw}TH5jW4O~_+Of=^hRn?78gLqC!DWUo{S(OU#mUB5nGdoh<trzUX-b0xnBdz
z>&=?IM7|PU#5R~i0z_EeXyy=M%Q@!G01=kIF%L<SsoV|aB}m-t-CJ136Ak4UtgXz6
zk|dPQkoPU{Z{L}@0V2}cVP-rh{ZTlro#u)F5thF<e<UJeDDH3UF;5~1y+oGxnl1VW
zJD5{Z5BHfJ0z}mLedf3TDGnYUFjpW^S~Q3IbwCc98;JDi0Pi^f`N7;qq}^_~F$Cn0
zxtGW#Si{DE{Ad<@UZ$?}z6hsXKyuCcL{6`R9Z(=g%sxa!E*=8%d%j-uxH$x6<O>EO
z7st(olKACy+<dC9jF>Dz5yKPa^F%m?f0#o8M8xo<Iia7>!qRCAsh=^G7bH=BfZE#y
z$a(Wze<UKRBK3=A#sEoDTK)lJAjn)aYf6%-+*2n>c}|kvL=^b)MU?Vi<}^vNl$0y5
ze+Dv_&3R}?=4&XBzs<NLe%<)TOn*_Ng+%1*U$YAl&ewG_9v~uLH_TH+xNh7sZ%E?T
z1jQ=ylCbReeu`B!KtxSQvKk{%jPoI7G>`&TD<b7#H~JkQ1+6s!t(iayTO9`q%b7|!
zSRIRKq*?okY=BdHLDH>>gHYzi5bP65Tl<NWp9i~BAXCOtUPhUAb5SO2RU^W`k*Zql
ziCn4+pUH!kYF!+RT4}>z&jyHY4Sxm6woGi5rnNwl6RBU`iMNX#YXy>!DEIB4<yZ|~
z6<Q~})>Of2CP}8UZ8_{ffJ{Z}c_KrgUHk~7k~N*k>hbuiPnE4hL>dD*3Nlr!RYQek
ze^yZ4x}1-!eND(rR)l3ShpcYx50Eopr-oH*7|Pr^8P3pv)U>dUP4?<oE$j9*S{<v{
z>v>bJW8IJhYr=nEr;c^<4I$&l=N{`C5-&dYSp9|znM{St;y!B%k?K%h-yDP%Zk?6H
zkKz5+giO@B_z2#wYh-;%<V$#gM`$&+_7hq42A1gq*6<NR3q34$9L_JSnj_K9_fVrm
z`)X;mAo9s3D07f`*!ouzKNqd7lu<(KgqMrf)_~DSxX)~B&5*>;*P~XBBz}24YJm~>
zOQdoA@klb)AD^)0_SR3*4(7rE4<ENq1V}X?9j&5cgg@}o5xlxtA4nIgG?8y=VqNWG
z=}1CHhv2QnE|yDV#|hY91pO{nRY@={VY!P{Uy>|Eg%_o+tbh{@Ygs^M3utw>HU^03
zNqShjCCOIqeFxeO*y&|m2@uhb^|1<!6+WYk_==>jRf351R+8-N`dJx77C^p)R)4D_
zk<W>|Xni3G`YikzXnh|b!k<CbMbZ-f2s^J>501;5`m0u3A`ikIb#w4}s5LA=9tQH7
zH7`IO1v1RqA&FngZ(1iML4P`d%$wFtBq>8H<Ll*_R-y4C^~p*hXs6vlCev~x!I?}S
zAS0|h1LP$jqpTK^jPdM@wb~N7@B_@Izl8a`)lm}v-MO*W8)!$q$@4nc8E4HR8Ge&z
zytP%5EM;VW+#w%t{UQnGqS5!Ts<%!BNb{X=zHVI!kWpayJ*((jB44OA3CLv22#^nf
zOt)$W$O<4ISTDaVwNkFa?!k39<(y}|PJ~})nrDqBlJ+snyhG&Q=}e{)`F<AOa-U~?
zK;+C!Ci97Wa0k2)3#reumP_JCY@T&cl6dIP(n-oLkeP3lnIJs$U+P<6wUq>OdJtq5
zSWgGY5g-e#fk;w1K%PXtmRQ5cj<DPh4t<tbA4xJwmd-iQT59Ex442L_YriB}%3|oX
zE`!W6>#2AAIE&Ojvjzo-Nd0qbf+UI5hhW?hsjsl6An{&jT4Ak~1XEX_7g%W>A{kD7
zm33AU%xPheS!HSO%G8y|U~ZEGaam(kLy|HA=JSvoklK>?QC(v_DG8=k9PE5$4JR2+
zYpwMO+L3dcvLLh8iX)MA-UPDV+JSbYOa)1DZ<E<z9h1aQeS=lxJ>fH^eg|l6v@#^|
z%QVM&OcKm#ZIH>ao(_<PK;qWBsFlh!YP*$9M7$d&^1j`gO=LK{pMYcmkymFh`IHF%
zKJ|8Ml_Z$DXkXi{cz`?vsqe6&6J_MRma^NbNQB$PZmT*GZacfJx<o{s?*w*sTa6^~
z<Fni9DGA1>E6D7zJ|r0~oxN59?a0XY1ev|oaU@<1-)~(cEw17Ft#Vm@<OhJ(0jsto
ze&i2YEhNDj{tCz(v=&K%(GY1Jvc5->!u9zl>k!%Dw0^Q~N`ko<30gl}#w3xtpH{9_
zQxd;E=UVp$h!`&pTLVxl#5Me=H3CU0*YKm(TST~&k6KfZc<t+`wN?`BN!|i~ezT5{
z3`g~MtMFu5rZTEoAoIIbK0syzIbmf4$frO~TOT7yxmg{)Y=yI%3)T`MqTGu>{kdR$
zNkr64(F0tt))8^3&%9u5M&h;Q3)XH){JL?$x+V$cA_r2xXgxY5Z&WW?Z%cwv-3l_7
ztOWtG2gqO6dL$`Jt0gHv1G!?wiIi*!zjy`X*A;7rBsdNpl`;jV%K9VYa~jAs>oG~j
zr0_Z8b*nQGF~SPV*RAeE*z$F&uOxoHu3M8N!P@c{Xx*@ulMI*6e^y+Qk;<#p;rG!%
z=0EEXNhT{zZ$W!cfqO8Pku5x&tdy>iq!joAPIIi`lK8U%#r|3nj88F;QS2Q7QVvLx
zeK9~RAO-F8X@x-)wW<OsY}Z7Ra(z6OX%V}=B!0e%*#DCR^HmqLirT|ShVxa-o+t^n
zxYAI6irL2`!L;rJtu*_u0C^Bd3EP-n*z@O6ASLa_0n!CX8M`Nv6wxDzdRX2bAc^l`
zc{^JY^spCbh3yq2!yc;kHnbzl{RNOw?ZZgqSTF>LZl90@=TUD+k~E_*c!>39G!Vls
zB?-=&gjUoxB=P-;+D%YPw%m6>#<aVU4Etl*Z=)UQkC+izc6NYF0WHVgg~aQhE7(5}
z;oi7{{VNe3K`PiMCGq{KU>BcRSmZ+bGY2eJw3|!f_hXgpo|0gBEdZHH_GlztZ(P})
zNLt)OR<>73f|i$qRuy|c$#71q+9%PD%&D+k)h_&gVNvd0-+PChE{X5+9d=zw(DG`~
zs&2O@8Ma)*?u~Y&<qaTH!yX+V+ko6@zmG(g@?Idd?2n0XTdrj<l>~m#09xE3DRWH{
z>NkMYwo_&m_G-c@Aa(7SBv=!K<@$CtB5b+7U0V|0a(#O^%1EEZxO}%gAwVvHod)&^
zvcogjM)r9kJT5n~|0c5NMQpi^?3+ZyxEwkO_w?+P4}{NtR2$jVCBdi`2ARh8b0ou2
zZDLQ91ZzTZkZEF{3=q+`G_@Pf7M90&b)&i69Er@A&}wdv3J{^y!rnw$Jm$8vzYWM7
zPJ$J*eI!7_V5gP+H)$1n17}2!*f)t(Da54E9Q3CG%*^4#G361vIFSo*GJ+&5i64ze
z?B|GZ-rLx-B*C+!D5T!TE;3hImiZF9MvvL$B*|7v!@EX8vx99D=>?<~kdAgWNfM!k
zu=|t)k?LgMjU@F6xTn_^=IWj7#w639ZryjXA0g6YK5KQB1j}LyoOgG!hagdUe~Po^
zF7|LDk9%Ysl9cai(Q4hE7_f6Mc-Y1Mm}HKVOgDQ;KxPa0+|6E##2d|@wl@W2#6HQ>
z_92oP0AH4goOZX55IMaJJ?w6u3}^|<-R<-b{iw<{zC8qqa>sjUr<eU!Kt^cwvZn=z
z(CTfkB`uy=J#X&_$TWkTK5riikTyX2*#kcksV7qV!OlPzAOq~zh}`hVNFu$*CMnNI
znF*3$S@f3V50dEx6->yyWM8;V>m~bYK<gzbQ|n_t@56u$wi_Wy;raY)b_*g8C^*A^
z&BpV=F)4pMgfGOtX15L484Gq^v-^`4j}C9zuMiP0qlmS`oA#STCNxTtv$!|yu>m`i
z!A@Q>56CF{W76tQbHDNS5+b$0!<8U2-d;nb#~^&Mf4rR&u)I#nd><fjAaC0#^JFv>
zt}XA`8WP!K?*f_kYzK*Kg9jvOA0Xl#*DU)PvQuwpNO>2?B)bpU;Wg1D`z0b`UMDP1
zvWEuj2oERO;{rr@IK^IpMB#Qi-Clp2o#}Qwpe5`~w|^q7Yj0wGo@xJfo7PPGbU;hg
z@R@e%e7|mp8vedrF+d8#jB&PIH$cSiCeO7WLXz^xJy=`j*^dTfgw{NJFv;w?jD5la
z`;CCiui*0n`xBB8uZ5oive5pFNcuVa4rrmhI-qqy%IqeYjQ?ScT52C6!u5HneMAz!
z?_Fve3uGJgeyw1c{eUDmhpY!PqGk3dNwCFThqOMm%Y7o_lft$4b2~~zr_?{UGbHiT
z`rIBug!}m~>?M-;GwLtw9JC|rSfNvJU)1ii5Yys(t+ihw!sGH<dngeem)F`Oh%B3n
z<MLYjEg}OxVls(HANXBYv65PA&yvLVd9B@XQQr8hv*VIvDb1_Ems8;3I{S<y7@tB=
ze>T|HB*F1Z{9@4tyYOO}3#BrQO=ma4PK8~92=}xb?Mg&yPr-3#qkTV-UE{F!ZnQfR
z$=Jy<FB0MX-i`KKNMsDfoOYu<7fA~DNZ;5CiSR1&8+&;`t19H{8~Zzw;r-{$_C6wi
zb;Q&++mK!O!?$$A_plyG>v0qA5W&C2J(*7$g_O#0>(wWXdnU<W;!fB<OUrogOW4_J
zpGT6)cDC8qNQUifvui97QH6Ko$<DX-?Pna{*?6|@TmH^&gIb>D9d<{u!<Kj06K=Eo
zeLl;(>}^s8%e^*4Y?u9afb4<W5qs={OR@g&ZMwa7M<N|y#23Gkyx*QnqzRD&_I@J8
zGvF6d*TBw+U2PfK*_xW9)By6Mo&G5je*5}xzMLMhGd`2?@p5|9u8AbXIX!B3B*HQL
zJzq|b*$Zy7bBxkT$om_jypGw+rA)%JeB3U$Tzcr0&L8<KpS0^r8NYN++V>;zd_HBj
zAQ|@gRK9XQlh5*5`<>hDoXr=Xv-XtRET6O26X9rF$Y=SYeN4*uz1BrLccsW_mhv#v
z`JJD`UW&bZl^~Oq#{WU<0CLG54)a1GQ?PuJvLDEwcGJ};lYR(xr+{3x2NC&VG@NV$
zxnl1ia@VbpaskNIeEwXue~~g+55>FsSM9TsB)s3XzvdDCGV!|o7s>Efhu7`GYh-yT
z{MF%2n(g>sT;8(zt9kyu@|GvF4ZeU7GwNIRfrjuuN+N~7ro6?er|{R5KH;w^Z*h%M
z_^V9C;auzj%g@7kw@>)n$t0(&^cnNs5ZYh?#|n_<K$4v<lAK7@%HS`sr#L;3gsvWe
zcf(+olHz<JNp^}saZYi*k_7Jqh^VGG`^gT!Z<FfelATZBChB{T=~U;`ZCa_$HIiut
zcUN*C6GfbquSA?rgai@&VG*aABz`W6IZp=2qmYZ@&H&W%a*^%~Av>IlbZ3?%zR&5-
zYSLn#OFA1#i+wKX?6^&<r1LY$REMtw#7*W>&e;HY1xRTpyjJ7_eZCJSwdI^jlAH+j
zp8{XdfJ}Lc>KGZ-x?jMKkkcTbC3?uPGZl%FvIT#&S#{=;9quz#r}{b>G4Dp1?%+K9
zL~4WKxQ^4EW+)RXcNfmAbf+DW190!l0e^I7AQ8STW;)9y$y73+jtLpl$yhJa%2bLI
zah)}iU`~b4m7LhuLM9PnpEI0lMA+vH=Oz-*=PFLw4XDK)R&g96&s2h6<bfJq#i>ao
zr!d}6sOmH#!ec>orwtJv3+{9V5aF?)uJZ{I&S`z;dm_%)xE`!eF@)c^q;aRdbBtto
zY`WWtZA71Yv`SLGfxO@23<(f165Z#dZ^DR)*VsBkU2Wq0xEV=ydn}9Q&UGTY;GA0Y
z63v}LaUtXPqRpLjNifdOf}Q40Pb6O5XyFWy1jh?;*Rh3j6p0t-mJaq&e%)y4BySOE
zo$%^LODBy8*Nv7=O-aUhHQ^CQNeHbmUQKA{?3Cn$cki@=a}8zWTuaoA4o>^6LMx$g
zRG)A@y$(wVARN_>&N!0cGVSCj+fa+kw2PCm9SN7|)6Su9r9WO;-JMq7Nf|HiJ)GW1
zyqej=89;<<T@PnC5w5E}oTWR2olGTXE8gYn>7?vLBFa?EX?r@|BuRLA@9Fd<8Bxc|
zN|_ShOMgOKpL;nqiEw@H?L0<=^ZvZkg9zvS1!oo!&ig>;<Sw+#wfAKwyc-F}`DLd)
z5svd<XQCu{7fZ~eUU7!(!F=_BR?rXX*idJgB!252=Bx>jK_K(Gle$-?<;D3;$CBiP
z7w0#f43zQe*qcr@A{^&8oumVKbCK!9h_KI@PB$W)uMy64A{^C`&NU(&)lp9GgP1Qa
z!LiOYNfIHB^H`_R512Z~`7LLKB$-M(=<CG#^gSnbNXVQBapbd{zCWQB_au{@A(CXu
z-!>KHKG|veGo~JY5?+6WUUZ5xm&n9!@Xj`nY0hOL+BEogAhR4d7qz|uEwPI=$Ei<b
zBxv0WE6op`wnWxKAD#ng&36j@f?D4;#y92WJ2fToOK`q34~f@rEO3@e;`bX1obHE(
zofBS}F3i_&EOdsVj8~=$ol!)%-&p9BJ|gXS?P95OuOykuv}bXAU+TO}<lQ1k${SFl
zK6M~z_)DbmY1ijWl6g$=3D+N=a9jS;)8e|}6RsO8JQ=PDt3ARsVXa5F+&6lJTiiDu
z;hO0auDzQ)8Llmxof(w(re7(Fm=|t#zLLZ*uecKr5Yh8*ai$*?QN{Iz=;yaOOMa8Y
zE3fU&CL~_zY<G4M;TUdrejvi}+3p-C!twdmxh6@b^1z#LJ`eS9r(+z))Hz~%oT@}P
zV*8y|l8jNr$S7B2&gGLrD^n45L)7`h&Y)9BL@z4#k$!j1N|Nx}*9pfxjcIY5PdfZk
zD98DvQ<G#k&ZnFPL^#f;y*f4xR*0gGop#nsnM~zk1NeP&Am^NEXGB{5n0vulBZ*%Y
z7o3u3h0GYQ?Ob#WN&L2R(fJUGR~CQfYde2BYe<Xh>YvUQA{Sw{(+lGBr?Z=gh^mO#
zUrx1iBK1+q7LvK<tdZnIh+Eu0PTF}P<B!7sIZY*jZ-wC7ZBfVmb8yw4seB7}SH$>r
z(-|gZFsBnB8aJJm7la*u7N@xFka+o0+`c5kZBTJ9UlLmJ&_?Jlk3elna&PbX3%DEq
zM9W;J1>7S<xC9Hh#$PDIrCiW$PlW4gvOAFo*VRI9E)lMosjhVy?QqR3<_;smZMmeo
z;BS=S+EUv6Op<s={CeFM$WLiEhe#W^k1g(ymvN1&LMtA6fWDh3>$WE{9*7t(%DPRj
zp^UIB#)9&$@(+>{(9a9YVYj0sQ<NS5;(HgWJBi3B*bl$572cwBmlByi6Mm&)7o70A
z`-#kG3%91B{Y2b?{|d`flud`>eE=vy)2%59mZ|7BY<CP2ulBm`L`nSG>$-Pc7k2!f
zzk+-FjIn~-0cE_trGndy2-m|3?p-&e9k1uF>~@jFZ%viml}J2)s<>aHmRHBB<V(GZ
zyPqs`+o|FnCBms!ag+Ybn|gJ(HW99?)!m;Y$y6NJN16@ssp+01!t0&8+?WCzl!5h5
zU3XZLAbu|HaSur1x0HL`BSbi@d)*}kgqHtZ(tVV#gttb!&)tMFUR3XMcN5`!-RHI`
zDD8MrZS0Pe1WQoVsK)LTBE4bPR(zS*#Jzpruc`aXZCXv;Geqi4$C}wJpH_1>C0V4N
zrG%D;lxg3>8pQ1)$z)|c^ikq<_vUUtB2P4c-`bEeuM;UzB1xGgNfwcfp!GNOY|Y&n
z0WuHD;z4&_fK)vI-#oaR0%R%3v~+h6c@olE0i>0CDnQl&Y3*JnQVLSv45W=)vXIC{
zwj#*4K-#*7B$Jhs@XCs4JMG-20WubRZtoT=EVNMOJs=(2DMWgH1aE=BUO-28eSiq9
zPVPw}U7tjm&Tg3$v?GX+>Ebpbat7LR@4brhKX+n)^Z}W!?hzs{!r9i%ZE&XPwn#-g
zg8a4}&MV#JM7Rg&>82M!8A0|!zIwYg10)wnUw3$b2!Hy!YXc+<X}#zk3lNd_L2j#y
z1!XjZ<%4^m=c3wzw-Lmc@~WFuRHW{Yr?0y3f8h`J!$n>73D?!3`DBK9glp#OZo0JW
z*ZDWxZbaD5o9=Q+GL`%O!I@QNzWO}EEm%x==-V0L4oO48X^qUMHOf6nGNN^hT#Rya
zOXSrWolk3wyC7Z2`2EHhcWr=(9rCg6_W>e$?D1}HfSdsGwp**DOv~#b-*p=yk-N>}
zobg@vaU%SCk?*<Pi162f@40J;@YjM9-9e==7d$dfcI%Z!!Xx8Ux0@vXm@?H}Lo(dg
zO>^s%$?M^ae0}%~w-d^EeccSV2NCY;X1I5i&71lM?xT{7QND*Yk%;^UZf_*ss(-fo
zdVq+i&T%IN$R!{jx^n~MUm)|`66NyxywEj}cu`&G-bsX`y2x!ngrmC1okE18y4dYl
z9&^D_UFIf*^XBU_w~8cw-T2IH5Fnx^EO#%XmRIgyxCK>VCrjZuz!z?PA_s=zZ+5J3
zM@fP;T-1$~Zn}o4b1qi7VIrK1Rqg;HoQu_NH9c=G*189YaNSt%-bCVgxZX`RgcjyY
z%skh-F-d%XzIK-qVShHbD~NFF8{E_grp_LI<7N=ysBUs+5@CPh?tV!!m6sB@OA~in
zMTMPAMSNi-zR!)jM<hWH#oeAQZbuW-67^X`Y^(bj5-(rd+*KsQK5uh#h_Hv-++r5m
z;aqHYmq`L|2+;g+hkJyG=tT>ihHn+!bQ`reU;EtkL^xju+zO76L7z*3)&aLxfT%zY
zx~(Mf<9x{d0Ew52AKkA=hI8?wyO{{*;zxH65zfU=?lB_l;V-V`qR;H%uWn6A&_gj6
z{OXR9BulyWHmqgfi@0CiIB9X5kGN08q#e)0qizo*A@=a7+glRYvswmUO2X;DQ8!jW
zXk{viO)$fSy#MYFmn2K>Fo+k)PP%J}h#iI%M_~2m9wDM^hI3fZI_FvyF&CWoi|%?N
zocBv^P9>D#ykB<vXCUFc|LsnZ1oJMwGXC4WAc;TsyXqFIEVL4#FJFMWSWw5Vy6HqX
z8du$xRZxcWe$8!1ggw0Gb|b<b{^JfH!XDmmAE}CV*u$Id5J|F>p3pApLEdk=vn4^F
z#XfB)wmd*YFPaqF6d<BUDj3@xAYyDP6nnUujD}Z&sj>D*yk0alcK;nx#w*hzu@*!)
zUqxbbiEzG(#(GpoEzVc*SpOPGIA7_pX_EN0E<Ls}Kt#UMV>d{P<6JV<x2CX@snmWC
z_V8iFS}JzzPHEZ8MVT0`VNZBImx-m`g{ia8WnwWR>~q=J1W9nmL$rc$%&Lo8oQrVm
zNPQ%n3oT~eEl8HqvI@L_0i~nGDoWz#%ZSws5YcNHvF4Kabu1b)(vxK!<N6bg4M!QT
zETXYvL^u~_EaM)Ldcyk^X)6}K7m4s0uG}bY?8^WVCv<KsPK0w&A=apY(29pP9KpV~
zLTn<DV{o@ej0F{94ek>%Q<QgM-dkfg-1v=kmIQMu@|6)A5FpJU8dYKwB=Og$Rbxkx
zc=@Ut>)23O_RFhU>{%l0VYS#xL^$u&V#A4W3EmN#NQBF)W^Aq`{tne$vFnXxe7xFH
zJC@W$60f$@j-?RcT30)^T#`)XU8;3;Vg;L`7JFDPHjD^+ST8oAIm)ny^<%fM?Cy<i
zmNFQ_RuHj!W9N{h)Qg9dPCy#Qt`M2+5#>Q?S>Y4#hOsV0`2F67u~U*{DwFTVv+TyP
zSPP+*seBJ3S`PeI<JeM35(=N2H;!E<!sq5qV|5>rX{8K?{zsg4HH)<+!sq7AVz<9t
z+$@H#5TEeQ&3(e>=04$b^JcNWXxV$;xOwa=B7BnGoGp8=5c`Br(p$t5QVXNn6=L{M
z?02*i%I=4Kc&peMBEzXyZxy>tX>kl&#j3T;8|OB$u0%LuZDQkzaKzfhmLTyW_E>BU
z5suhnu`NXSrom&ey+rt?!DF#siEzXoi=8FH5qm85FA^_e?PF;Vqt6_%_A!kJ-#us_
zt4xF=)*)6;5{y`1h}aXc_9zoFV87~BAWz1+5SihT9%P3j_GD}p5w4j}#dZ<lh&>hi
zhX_ZkTTE}2w~jp>%OJuLdpcH!2uJMcSQ8=~v8Q8gh;YQ7j&&iz5qmn;2g(0q>s;V$
zs=f!l?|2Q3yfcX+_ug~QJ?EZt?j&zTd4?z>WJsZ=NRmpCjK@%<nG8`QLXlLG@{X7$
zN#zyF_@$Z{nu<)JsQ+4ft$ofh_wV!R^U>GZYp=cb+V6e#bv<@p@EIn`WA_E0XQDiI
zUvL2v<*{MG<&u!co(2C54;GM2U?990ISWW;a5s~8U2=f+D34_ZQ+i$=V<Un$Gf^HJ
z5qyw|^4O^0Od@WKJrbPHM0xCy;2TVo#~ul;VWK?tNN_6?<*`SCyO}7DJrewmi0iS@
z!C#pukBtug%|v-@bg=5}R4(PQF~RzhkjGvE|2!6SNJfqYCd{lJ557dCY9_bSCxZDb
z(;}IELFtL$uf0$+-AKfd`l(>u-jaycd2r(uG(Qy_&1Bd)SW^OdI(VANYJTJ8nc##w
zDAj+nX=mV>-~lFUI#LfgF?jJ#l4%Jy>X(C_iNTubL{f5+#QQ)d2Z!}VGEcs(A%28+
zje^CJczY=`g4uVW43!;io)Mfa3EgkO5q3s!z9a==2drf(fj6EDcI}6$3PcaML%t3E
z_I&U;NjyEz2XiIy^gJKT=Tu71%;4#AdS(S1_eafz(({<ttf0fBH>_?_fV_|}S}Edr
z{)ONKnQ98$l!9M}1aG_$ylMbyo+4I#0;@3~F9xHMc;3hjHkZW9JvZ2qiOT(@gxp^W
z&i19+51L;Ju3(a3(0A)|6H?6$o|ZDX;>s3Dq6kvW4F>N<3+IT&B1!xVWL_|TAdw$_
zfj476gm-Qe^yCMRNExpb`N5P7Ohv0U^kIH5!bFu~VQ_*Zx#A?$;2FqkVekVcmEkLZ
zFJVkwl#thw;1-feT?cohpQ-?_Dg{56#H;ru!Gk`6E0-m~5=qFb=%1y*mV?kjBA0-?
z8O#_=1U-gdD=!a@m82lBpdp+>NRl%IWeNflfK>biWr~>84U){t;J*7vX7_oLSs6UW
zWEqe;km{Xa-cXdu6=(a>Z!W9}z9&hZz*jOtAoD@+Q<ixK_C;$ohHtlnMJzLWJG^!A
zGrWBitTGJscx7K7tm`8+;osH=TT0^9#fD(l;h5@pK-I;@VENZXHwJ6ok1}(_8t|V3
z_G}C~OmwK7RzNldr%2*y-W<$hqBL(wsKG74^HL^T{u&6@#g<^r2V^M(dVbsqA+{x?
z+7|3BWxTw$1(z{Vd3}<Q>XYC-nWP!#tC-g(!EusgiG`2Cc><K8AlP;U%4CV@aJ#K1
zkexv>ipa(%VJ{rW?w}Y=qy?OA-v{LDV8t;+#6-{vvAQpqDM_|0#Xcy-fdqRF1m`}6
zsi?j%G7kjTOG0so{roq<u475_J@D<)NXYA8a3_;{;Z{{;NPjqZ=i?|-=#B-4gF}b}
z)L3vh*zAeR^Ewi|sT?T^b}dJa28T&Penxx#7kr(Fo7eZj@^46fA6&($RPH|n3!cQ>
zz4|H+9$=#C>*wIi@hFokUWb>`pMaA79GuVO>&KEr7Lbx)@&uB39D1aep#M3Q;MHG(
z?MTM$6MhNyPax&j7rz7#u;yl6;k9ST>z820Gnf~RR`Y=T7EGB)WCV;|i-4R7c6^rX
z>9rQ_|AO?{VE;)(Qb7-Nq@paClZC`<m4618N<zPYgSTQ_B1aiqt)CCBmNHpl8SLrd
z$?V_3L6cEWp%@fR5(^>KKfz2NSq9`{aF&m(0`hNgn~$soB0_&Kc|#{X6+%^}cot$D
zRt!0kWQnzpCy6(qq?JO8nV>!2f`!SUE3+@Rr&=iJBWTYRp{_oH_EZl|@)5MBMrb1w
zWl!zU9!b1*Q73dv67t42C`8>*d2iGWjh^n=gSpoWZT1n&y?!Wlh9`r$UmY6DMCINv
z^u8oseKiVw>?7!(Mxhc(V81R8UhDw>TpL>d9BTIJt7(FT!BG11UhZgNC^XJT&_XS=
z%16*bJ@h{&%0e@ARuXUi6AM+HiJHCnj}=OlWS;mMb`)`RutF=Cbb2945<7JDEKHRv
zB7*|rO1SOpgv!sF(n6+`q5c{7jnhK&nKXql7r&snAymFK-4Lquf-I>!Yq}xSmWgWb
z%|bI~OPd3KLVMo?K5Uktr+KLEi_${3EjJH6EeW;CPa#$F&@7S>)iYss3Z!kQaSoMh
zdjlvQwAEWeU6~m0Mc6)&=@e>~OEM0SBS5-^7Bj(J>k=ThhdyV5_a$Du1<p@HMNDQ7
z3y8BI(<i~^^ibd>(!2upfBpfP^iUlpS>Ua}PB>!?nM{7UhDg6qe<m5jVIK)(`iJtE
zynT#h282o^$r3-qZgZd%R+<U9XM`Hh$J}WI!8=qLp)4ZqPR`(vdhb--qaGY8f171+
zXa?(1=T?J5>b**}lXG9_Zz+={2J_DUeW4Z$F!wAmgvqebSSEP)pc>eGe`wYslEJ&y
zNFE3+djp9#W6VtOVP=949|}2d%2Y!6a6~ABiSpsd(0nG!hYyEJCGmVXD#3@NL%~(3
z+4JG(1Rst`@Zp#QAC3u)WIf7<V-kG$MCgA~#`ED5p=;hD|0o}h3-xEBeE4)Ibq&cV
zAC3<l_(*!gZ7CBHd^jP&hZ92=*U40_51$Q1))N`RaX2ZI&O~`NE0n`Td3AEASQ5{x
zQxd#7E!6O1)a-e6T7p-nCwO&wf>)=9hOr*y)#(Xdof$ePWjwFW4At3+xqFfMLZ~+r
z<<%EMDW8&z@@h_~V3+iU>($&)!!M9{qeE`UOdvUu&};|WU~cGpB5oU;!zK0ZtIr9Q
za4J=<Ib1I9&fCi&+Wq$Kw7(qcxSMQNEBcp1Q<<n0{rphMmn4H{0eHUrYG}q+M6m4m
zCSiW4=GR29>_`@e=1bzW%4MMrdr&4<?1MEd_H4^SeVBa4<jqhfli2$Kap-gSjy2S9
zFQtkyc_*}oNz?l9k|@Zm3FYh~nZ``kg?jHNQVYKFs|@#KHiyPBnF6O>zrjfKacD7<
zBIxI9K~M5YsN?{pDmnwNp8+WdrGJAYOFRo@Zvf=8(Apv*cisgb7lEG7L!<vkq(yfk
zUxvmWL*mu)-q5>}c+tBzR7AwB)BOq2yFVd%_lJsEkE-SU3DJ8f)cyy|-ShmR1kWEz
z@cg%--IPiw&mRd*`cdi;%JauU&3+=HJpXg3jEVC6snFVDl2M-jJygU*dHzhO!p|s^
zC4R|(ucG0MtSnTI3BJJF1pNG0D8!^!h{(CnjZES#h@1~~Wr8&rhEx|qWyeV~)*zCL
zp&=)Ts2cn)wCy({ss;n$si%pk8mtta{|6GU2CIh4*H_hW`EjsnxcoR+HC!z9c=cX2
zT=y($E_CmvUJ))oGS&!>mNH%q)(9_^#IvVHcy$6f#+q?`iv327aO*Oemm6cX5^Sy&
z?npAOJ+%_-sTWqKX6kNXz3^(8YDWdtC)5jPR;mi++ED@f1Z)>qg;z7dJ^@LC@Oeq*
zh@)4)i!V?+*M>7HW2!l#7-|qnlkhes_reV)B*Ad73d&3oDLVslk5LO(OeXR#e0zes
zj?wUslE7~d!FTk{Ayq8gpekt|0puniPB>i>&#P(S_SI0v^J-dnfh2|Qi&8)u<E~+$
z{Bi-;%W0~Xh4MyPc(F{iBT0D!G}l1QJCc+)ZU`4JQQl|~?phONvShhBfrV|tlWGyc
zav^CS{-pNh7Iq4ME{SJhr|`JvD}kPZ<d$*za;j7Kn3O3H@A6INPT?ALP)~t~d`owm
zJB1rEQ762hhe-_He#CyhOG55l!>>sh@)-K1Yk0XNo;}^d+gOjvy<7M^6P0_naKpM}
zkIKDULhjwec~WMMxT97;yt@<bF@~K~OhqeSjPPFJ|A@Htb%%;ow|4FbCtppeRG)cA
zLY?*vzb|FHNa!2hOsV7=1oP^v@^V{Kzwr77QgdM4D)<@&Wcr0u8WJgFa(6hd5t1x1
zXac=hJ1BgF$>TuqcRdD&OC`w_ha1rE{S65>x)xJ;_S_q8Cy5um_lEmQQW&^m7VMCJ
z0k<E+gP5ou;NEZ^5!dFS2|d72<uUix+0bx4>royXsyyc2uzet0B4zUAYN8j!>I31;
zjnU>g;@9oq2_O%K%dhN4g?ltb8Lt$h!c&7@Nim{Eg}Z7<ygu`ha7`UamdJb?Zghg?
zN5dsd=06MXrUH2^oNtg!BZw4ir;mqAB=LIM$HVC+$=I;g!&%Bx;nhs)F?lAO5+j+F
za3AMCxWkzhZpY+*aFZ7`PY&O~<SUnCGQm@OOf@-Nzy$B1A(;{`W3rhwPYp*b%IjO$
z6~VGk3lC$``xe@r%MKSa>FJVTHl_NKQ)P$qnS8=zdiVg7oNGwWjPQ?4UU122CO^Xc
z-Vxx#8R1NaG#AZ*7jb|*7hccgy(*+<X83fRWLCLEy8(%J%VK8OBH~8W%!H_$nGjJk
z!);|MFE(a|ACkoDZDxjNOXA&gm=&H&#BHau!h4vgRyjM|xH(#QJfK=-Zus4nm)o2d
zUQfi;lNY|Hm6Qpz=dXk3g(oq&(<RH8U`xRsU|vGZF9>&SgL=GjEeJ1fD~UJ+y9eXI
z&kMpECGpz(tKmJ8c&*^o@DuGWw|QZLR~II<<%Qu%l*%377bbZA_3$1klO^w=Jqz}{
z9!|Xp^U4w$-zZxeKEPxFv~Ijn_C~n;jk1;D@;Ay>g$r&*J@W*<rGxvK?}dMpBv;M>
zaHnE*xMF+q2F?MHydQ2TNtP&qdBSwCXHB>TlV3mv$%o-PITf}zTurPG-^b*8CL6<J
zIMv^v2hS@vhhJfG3G^V@65h_KDr%Jb$KfxSd|Hpl*6;x)H^Q4>vmy6w;bW4(dJz1R
z2V{G=xC40%`(ErNwugJ(io|Od+r#NZ+!)&){#KGK(Ez@-=nMOz1>w3KWvYPszNsKQ
zo{8Ey`8+&@iTWz)^YCm*y!hD_E|A2ta94PD=gTeJ75=g7<reM=mlAO;+!cPb8>Lbf
z?hdb#q|mi+ceu`NWV5nxZ}=J}%EG+~wX-iAmNK5r2NK%Of$-g|M~!F)!Y>hVN3??p
zt>9onD>xX=XFX~}JDAW4z6+m}GFjq}W3X?!4t}REoYbAlZd9f3<BGy{nY4!AXvUkC
z--m}W*~0DOhw%CylnUSQpAWHdJUpo<k*CKe$@g1Mgnwf47?YClX(pRsrMU=FoeZz<
zMX7MV4qN4^@IFbro}@HfA_@8MO^_)KU)38^5%~bf@8KSjP*1W0$l35{N$9<Ty+F=|
z%kH4OaK4J<pYVh}L_SD{^IRbRg;z^L<0<xa0nJHA8LyA3sEuW!>b<g7z(mD!6>WH5
znaZuf6m29CcXpAYO^}4v-8dIb(USX-J!9c3Y;0fEwYL3<ybpcL02pDbYwrv|;ziVz
z+Gmn@9=lRIB8fMGT&WdH;+5h`jpzJTkHU*>&<Ti|TFKqgW_K*8rKJueqQ-(+T304&
zEU2ZGWsnTcH+}{m*426sBJx(vBryu+e)Tjln8*@{CcJ%JU)wB6uJ~<RK>P}+Qnm8)
zs0Ld9doYz((gxa0Nxa^sfmVKf+CVG6K5d}oQ7X5+H_%F$sFu=DdBd%p##*l-n7day
zjkO#mH}YDqiMHxqlDURSNGrRKi19vr0|fP@Yh#BJxeiW3FF;A7TBTt`>cep}%9xtP
z<h4dbV%ptIZiF@%_!Z73w2_i{wd^E#%+YeBj91H!wt$EmhiRJnwL!JB?Gkq;lcp_Z
zJ<3063I1uWl}Q=e&#VF#HrJBx$8veOw@gUYTAM^Nu05?2YOu9dekI;oo57luJ*~B3
zNuYLM9K=5ACQUp*URC>b?X^7*5>fkg9TPm(Ra-L>WjwET)%Hl@m7;5c&9`X<4^v6i
z?CUmd+apBO?5n4iI)-vrYogxTJxtV^=nid^BwmE~(Pm5H+0#dRQxeafKH5)2Tp#w;
zN?AtrNPV@O$H*SlBi*Hq7)wNrUjwxXlF<EU?0*I(_$Na%9>-LkJsDaHNj#e~v@Vi(
ztuiB_PBRkfG(+o6soYkXp&ekNYI$%%{M@IVmolEs_i5&n<Y%=DF;rX6MD0R6pmi8W
zGB}UIXc?gmV1n}~BoAwkGEpPrBiafkYGiy=+bxObjj`H~l6c-2tNkH~=Z&!m-WaQ0
zAQ`vCjnyhXMYW^m0Asa#m?&>Nk>HJ|wMkOO^TyNK&ZjT;#&~VWcp}Oh&uZtGpf_qj
z%blV%nLsk=4J6aF9!$_1^?*#*CNV*8Gz9XT_Ld}`H)bWo&n)dbDdTx#R)RNXX+MyR
z>y24jDHG+5Sz5Da$Un*(vlG1Wk~Uw;c;0wPE17t?H|A(<CtdE1m$ms>L{x0Ns%>GS
zVq>9J%tXb;A}w_?rBbo+y4FDw&l}6MCncfSz;6(iX|p8p+VUIP2_kM=UanP~f|?86
z{g&n0X(p;~S*blS4P`vd?`Zjwc$(kUuFaNuT+ORBlZdN%wKj4(<)t)#p#3xh3EcL9
zJ?bFT@<*C@j!4H4k#$-_CL@LrS+B*J41{mwG1Ug`Rwny@B(hQK&*XLoe)|k$Hff`o
zWY2@w{NUU6&Du65crL7i%oeST$+-!1F0)l@|2)|<aV6}Xg3LB;Dw7Vc(VpIR?HH4f
zvS=r8hZdYgsXlN?%4{My^K1@!c4$3wk$7#nK+EtE+`A~yHot^2o}WL}YRr+u_48*5
z5&oHW70I{}{+ZU8iHhgX65{y_ZJCtuPUybS^7F`Mb?*74mOPgT_I@`(DZbVwFv0eY
zWRG@Q5-&3MYMC!zZu4GkG!eHq-m87ZMC}ah*N!kzv%&pZ2@@;@&X)IUr{<$(&xZ#S
z@;a!A1u}OxuY=kUCMvJP+QUp#UWc^_OjKTnwQZ7QiTi(p@5l?`_b;@RSI8TWF)7k+
zmc+B?sFp5?SA$2jHB40Q-)noBsNBETPBVGo$t2MUy!yS?{#7bP84#TJ{-{l5f)=7Z
zKPB{s#R=Xh)*|_rd!typjft}7xYmz}vgf!qjEVBb@r1liYKx`J6mb>IMSFqGC$$nu
zJa3e0=Y0etyj1JG@N#>8<*~b<s@i-1U2FfElyPJJcWoSzfSQ5)t{sr1AfR^0PirZQ
zNVA%goYpolQFD?%wLOv)1k^72pIR9cwTu3z_V!}bQxH&l_~*0(lFShqyo-KbtGo<l
z=7<){V4Vj$C;w=vl4OY+`E=lt<}hgw`!V=6$|Y@rkMskNUDEbT;<cTBwVH2GDb(2X
zujUYOy&)pyS0y4+epMnOEm;rNAf6nFNcl6eijkUcVqRI|0Q6C~%B~nGV)A%(xVHip
zR*D>B(ij$uNGeB8FnIw^9`6NGC31$z0w&3ki%ep;`U9D&5py}^H44V}`+-~$>Ca^E
zJQ(e-hPM_Y%b4Iv`Y4d85jn!-qZ+Uq4WxGDPbM0yWsqDINm$uMQdeMJo>v=0mPz78
zW`oFDNeaZLT=oW$ZEG+UobN!-hCAEWL`pXkQ8WDOA|<<#czT+0?%wMJO(UnJjMoD+
zjdc7HQ+czLP(lrcBHc;G?ZZQnbV<AyctQy^s7ELc=}R}W608R!>h2THE|3_Jol?(K
z@fFnIk}u(0FB1F;?U^ceF^NZJFqsH`MwuHUB}|@X(khbvHKn>1JdZN%A_YtuFzFC!
zyN6^(21%w<WG$0SCfy?DUXuBsImz^l<TH7X$sLi@eI!%24axM4%x6-Q$$&`mev;|b
zi)02x#xm)^<laazlf~&IGdwcv0Hw-j@?hjJleurxuE@iYk>8NaY?pw$;7>s%6)g`(
z6j9MK$|WjV#zg*;db~J%B9eR%HG8q~MC4~8ZtEVG5F6tn<yWlZBBiWHweE2Vu`wai
z;}GVRC9r+r8e~GGK$60MTFXp~6dfj+cJoPQa-{dSWTBeRPfciFGa{Map^R6q8Ih@y
zc<o|FWR4_W%+E+D*NlX6&4}bvDtGLj5h-D!O8R_4NoPlT9-&g;{RCWT&W=oFqV`f=
zj3gJ4jM__?6UmXpE5*x^)T1avrNGhZ<;XEfy!x6S`T2h+GezE(e+K%WS0WX^C(Ss5
z;3?I@NIsLw0|Jt~7P<Nu%6Q&bl;Dj;ku;KVdw@j=C0!J0%QDIviy}pmOp&jjWrICS
zBN;znUUTFgY=>{)lp&JxBN1FpGzGFeGEI_P@iE-AoDHc~M)H}wcbdpMku8#Vr_!q<
z1(JAu=IY3vQq=7AneRs~{zXK!f)5k=%ngzAm8(H2FIqN4MkXUU?$-N;$QMN1cCm>)
z=H1uY6gj}Dls7g-Zm3Fn)QG>8M@H|y*49W5DdVl<wnlbV$5iwhE%yA|A}wnWQKcw|
ztf)z3<yG)q4tQ*5WI`PxRZdac*%evOr0=8j#`x|?ow_9RW(tjQUq-@AZh?EJIO=^B
z>BuDGJtAL6dNJt*UqGPDp2&Sn_Cb%0WN%~ylgZFOBiR>ug30yJ8zb2tnapG~^u0(9
zL~@vPXFcCU&NKNI?uwwy!HC+a*wK>SQ9Kk;I~7R~KNC;FE9j9S^{`xC+bN1XBZ(K`
zMUkmQ+&V3aM6SYA1%Yg6DR{^Je~}6Gk$C4I$0FIOL{ts_9LZ;*=6*jX^hn1e4__@)
zxpx?jN5)E0AXHw*BX?heGG5e`MDCNsi|~@jgOYgnKuRK`iMU_!mqg0nCpi^a-0*VE
zry}1-;(6m#LVG`z(EFW=6j3VIW2YjKM&u0@;iU<E!s$qkl<{_wPe;VHm<r~iyl;Fa
zGLnhv{r-#`l7zgm3)WT_BF7~;?zXtUBbP`<zM{6}d-wt(l6)O%_S)&+kxV9PHE}VL
z!$hqnE=JZ%k}a-oMQ8LEBYT)!2?T;%T#6j#R9I46>s^YRmjq5!@tsm2LeFSI<tk-T
zL9g2si5G{J^-M{;a#hx!^pRrNFQ}qV_K~4K!R%De@sVeMr06GzxMi=Y|1OE=A9z_K
zc)2%f>gi0BH)`uMm?&@5);BOwC9SO=mc%P*Jv}9Sc}Y|C^56Jeqp#OUrdKU^DFJM5
zq%VjdnU^ef!|&J}g)?S-36oSH&s0FNN)pdw*Xut?;(6?Py`qkKh~z_G*HkxsWEqf<
zK8T3xA59-FiRT|ppFqToXH9P$Ma{?EGay~>%0&4`*B@b`{G;o$B=P)X>OBn918-S$
z2nc+M#nv}Vk|ioVP0<q9^GuY<5-M7n=_6xACc|0MJ5Y)iI;|bNuS8qvQx-wj2%4Ks
zOcD!<;1|mDvG7eGk^^=?tc6sq^^H<bu4oG<k6VDW(f2di0y3WiX{VoOQgjG<Yalo4
zJuJ5QkANrwa*Lir#J$_xQ8&|2W}dh%5D*nVf!`X_GnnjvuU_!GzfSrzCR2gn?-z8|
z^O-yiH(>C05W48^5=nmlU;6!muKH$4s7{L^_pbWs8^{~U&jbXLZu+ujNJs|De4D<y
zITEi<yX)&E@!s+1uD5T2GE?PiNZ3wq*B3Lv8mw|$h&%M0mQs)V{%Rk+s1*^_&-c~u
zXicO6yo-)~LSKCVlcGBm8OEdo+$g*k#QW--CCL(ay9RII+@)V+atcN(B>nWUZBTQT
zP<L|r>)V*%-5!*=TW{Z%WZEu)FVDam1NE^?(w7n$q!%$61u~fG9zC@krJ4XTNQUTr
zBsm^PeF^TRd<ZLKJ%b6BbfP3rN<!a3W3=6;&-9VAko$f5JCaNl0jM1$L-k_Tqsl%^
zZ+{c!e%yUiWw?G(l5BBvFWQ;R)Z5&QGKKERW2QbtlH&p8)l3}(;LnaKb)h9;eR-r$
zpMba@6g=e0V4b4PBbaz^DZ8YSszHyacTPN_{PVEVQ%U*fVSSjiFjq8yZ#f@@9($CY
zBMC(&<_@GimWv3^`A6xqI(X!7@Yo~zuv?IL(K}inK_s9o9IcOLqP#j<Kg>kEh4QFA
z>sHj0C9vM{e0i*1#$?MFB9H5BI+Dzy93cX*Klp?`j7cu<EsxiaF;VYyP0$Z?rc|A|
zz9#C8yGWbemNHRq&qTG9NqWVulxk!at#>Bry(P&Nqedi&>X3VuK8wi`Xa)6vOmWMu
z>V2BNRmym=I!)inMAgMKJ^41w%NsAU^`IoQ<AI*fRyF9psy$tiN~)Hp>jg5E_rA^a
zggAW8O{Hq*IemS1@`ft=b9!<Qk6>$hPT$N#)!_5G)01RW4bId{C84hc<qA<>))!^6
z#O`|V)dI{#U)1+7!5T!8t3P-b$=tRGZeqf^V2-|m$#zJEEoGiww;#zM!Bq40-c0Z&
zDw0?9agumG%-0_nfT_HhXTCm45--B@_3=K^2x>5&Yp_r#|18vVNRLqMYoWfGiSqm+
zy+9H#_eJ_ql5uCti}YeiyxbS*XM7|Gxi8}S@^W9SSGrr4La4kJ>(wRk@>;AnBqG9X
z=#AFJdJdEJu)cU|H+<)!|0;=>`(piXAHk7mv2F~+yhz3XdtTQwB*~IJB$6fi5lIT&
z8SGO14<c@RU#eeZqM~J~UNb|M!tF(u>DMq(UR|!Yk_3LWc}PH{L0)g^!&yc}<~#ah
zOjP@NN1r4~mfS1AQoN&=Fu7C)y#$bV^&x{W_o<>aoNeJ-<?rb=2NU@X{DW^*t<h&l
zk|nN5rM`EqzTzH|83w0am};%wb_fz!)q)<3%ys%CCf(q>b?h@Y=!==mg<m=&@`oh3
z0>2(=1LfMFSHxizW;<7JfLSoS8M{fZJCw**E8w*aAe;5}Oh)u0vPBoeNM;<9kM(s-
z(m>BK*cI8Te<4YsJ2HNv?`NWVn@{u~D3v=S+O7wNqh@cc+^*l?BOSoz?fPg*XskrC
zL+^-#7L1IlmJ9U7OjMunsct@iGTvCZQ=cG-H&*V{4@)vdsF87}UN;j{Wr=m|$g8{b
zK9WokI98^X2(e3_z(kFeyLB-VQ{{@J+XA91Sh!oS#$+=5rW=y4_4-UsK-JWNGlPA4
zb0&>phL2>w-j~T{mN}r0WHJ)=0Z`@}eX1nh_<m6Jt8V}75_hEbh>CfSsMdX0>2XKu
z!}=`B-L0>0^*1E(+VZ#hcRtb!O8Tu{^I`HK&TWu<r@thLH&P$b=|tnW+j2dk+Sd_1
zpHjJF<q^H%DAau1o$Vae^O&eeII0&jQIYUJJ@XMvHAVECKqtIE=<Ata4dQt5quy~e
zX;$9&N$<f#Mek4g1Cn^XU$H(#63-jO`fEON7nHqN-z*9BV@Q71wMQ{8Z*(}$-thX~
z<GLedb|k6DJg&dOM9tYs^qrEx4)8H}4d^7C(CMY5*&Q!R^{!)NUhcO!zv=33n7Xm>
zo4!)Y(C9e`EIh5RWrBOlNY3h?Fu|Q<B!B5UCE1arTEPW<@>7(T^5F%278B*e3;J?N
zJdgdYZ}*X5p!sk8m?Y#eB>(8$pT68<7ZW^oQBRjLp2sfgIZTwt{?*Tu9@jtr>AlBa
z?w>%E&RlZk>w<Xp7l^KrGP&|Cf)QX(h3IA`=pQ7NqlHY+KS-)Zzhv_30wO8V!;*L&
zs}U`lcDcuDM2ndykJX5ZY?Se$u4eQpNyvxzT0+g}JW0Hfu~u{`5x0HSimqm&T1u_x
z$4pd9sU7`_iRvZlMUOH;dvHvtA3eoHwbT01bCP(iyMB~TFugvie)M0GaqX!eO_`46
z^7`=l(FRPEJ*m+s6J^ge(JoAsJ&mGwN#aFRqv(SPWU7yhf!b*lT_y>|7?NwFHD<`V
zaA!@|Mfud#osV4?O_efUj9nL<%tXallW6%?d3|&>X?CM76is=K>RpvWi>g+6_!Zi1
z)}pG#;g^8e;`FF$r}z~B5;HnV>dAsv-HF)ICzzDpNF*&fi3#d?3R2w|UBCqOAZZg_
z@6&^%L-deO50Wmfo+8%MGx`_H9A-UzqV=A~a>0#yum@8Oh&E&L3)q9?o@lxxUMm<L
z-8zrFq56&C(Va|GD;OUANfNJ??~nfLBU3>0{n3UmQ|>tKAbB7<M-s26&5ZIJn{J(E
zM)ReNSErfL%JWgrjwDs54<*#;h-fn@1HWktGe*1#KPtMIiK^4l33WO;p-#sn)am01
zbviDgPRB>9FQAf6X-%~}F`6og=hdv}qz#vQH7h!UiSlYzbSV)x<|jvK1?`PQlcOu8
zjOY2u(NBHkdGPb(Xt5;JnvhJ1PTEL5RO8pw=qV=3tJw)&ogPiyL^dn0J|A7rM0s^q
zf>&oHcy)GyS924*nwQ|!m!q9GlUG$sc_n%e6V*}{M<+7D7KictW^^GFY;j0dxq4Jf
zSrgsNGODGlj~-#7TFS@KznQ3(QV?ypg?y++*j>@@KPUgFma;2a!bH{Su4si_QpT;*
zFQV0mxH11l^h!y*I{hN5`$#U7;)`fkNvKYd?2cZP#A_*EM(_WEEL3&+bwZu)iRMWe
zuchpdrthXws5<>7p-#U^sMA9Ub^2XGogPi7(_;xO<)`R*nY-6gjz>TL^>VKsj~-y6
zym~zPyCj~+PDHEyhN+0m2mhRiMkFDRAt{M2lEmwOPA2p}C!;H*jOW#p(PAdbtG`5R
z{!SLEc2OD~$3*$?w}e^BZwYgfGtr|mRj#}<fU}gcXsINgH_k=d{&~4K&P6*iQQkNg
zy+;zy8|R}>`^X~Dd_Fo~67mL;3(*_?lA7Jf{5#s3h#Q%IN83x{dE@Ws1SZNG7o#gU
zmGZ`=sB?~NR^Iq8x?U2mT>nM=YcwqTe^LJ$4M~#G?jO{XD{zg5-`Q0%1~S1l8j{M!
zI3_z-rizin<S|&Ip-i%|Qj$V<=cKB!mWlFVRpV<)<*u!&86}c<Uae+SxQO-;c@r$G
zW;B+Byo%%sW0NFajHMXm`|uQ_K+1StO)<nJ)a;FMR~n`yUOTN}Y-ggpTFWSv1YRaT
zLpuz$jP!p=kLsgp8TSTYf&f0e0C&UCtF?^jOeVrw7)jj(AJ$LsVXE=IOy&9TYGX4K
z<-@CuL!{aDVFTl|B%Ti&80UTD9mu_b5lBJ{J&#>uBolGt@ERk9iHfmnjHyhNHyRl=
zDo8zUEjKb!nJ5bz8O<cg6}w>fpjKm;XByKb@hrT~$nz20HM-7N;v;Lp=Ela`l6W>Z
zF}4$NXCO_C1CkU-g1cBvjhiZ7ZlRXoAMG;#Y=Tsp(V0@Y?KEQ0nSwVfh#0+Dv+_^G
zC}E=f6Ez;Ibb0PkV*(T9pQtfk67mL?-7u<G##BVMgFU99OX8J1X52!=t*@BTgNd>y
zW|&ndcV&-lES3cBLpBb`-8tK6UKM3>#n-dol^V#)F*2BJ2eJ=HGvftGyf|!W%x9uX
z(b6!hksejct&F=R@oKrX@qmwDNn2l5%SRxuHpb&p#w%%CV-^v&mfITnMC7grJmo5G
zGTvkIJ=`Tm(!tm*i5CeSjblV)svjY*uEwA%$UkZ>(bE_%3E5l<GChrjl6Wh-UdCY}
z?mDiQag2#tSN1Y~W1`k^y$z9qd3nEo+Q;a?MAc4T<8~%$UD?+dC<)nvJEeV%Cw-(0
zEbM3G`1Ig;L4V^zCaPQmjBP~Red7T}?doKY+G!tPT*pM^KEN;~p?CTIfxHG7tyxCd
ze7Dhsi7NZuMqehX>;sMAOjKkJHpWWgt>}jsZ(m9AGYIx+lYWPDMq?+F&0hrMJ<p-W
z9!WfJ3^$tBz*I!4L8=Fg{*ut>fF#p6DM_x#yaM_kAP*X~Yf{;je?}M$nW%UkVGNce
zJNbqi=wx=JaX*s};);wVB6q*hKO>C;l4OZ%>nDlNli{l<V?`~@D@*i)a^dd5DC3#h
z(q?x*YLu}=k}Pr0_3#pJA<BHl<T!jMjxA-h@ePxohLD~|jS?m?*n39Jj~bUG$rh?E
z9yPA2LwO;=UGy<VGbXAo9yd-)k|q9uw$m8=^Q4he7gKq)Gu}w9C-unRio(3c8|glx
zL#pw{GD*nuNG2F(CGpzwGYRAJGsfQ}<BlND7!|L=yyz_*jOS;Jh>u|I6OC0&R4FDJ
z>Gd&{H@;6Y<}*>VrpbnriZWRu36#8Y3f5>we<nAi5SePIJ%=;kEqp^@nxS?AaV>*n
zhAZ<Y%gi*?zQi$>nQcsxn!VXqu915U=1#GSrN}kb`G^A^%QgNdiPzh_WYB#rZ<qKb
z9*Ml2rI(BnnJUZO!+*(G(Gc_Uc9!yti%e9joNJ71gfdy;!qf2ea0#628N;q6GV?wn
zuNWEE5xF#$NWPKYn8^NrDC%A_%<GA$`Oj;H6C{GWvJK&!`ZZ%Z6IB<l8+lCBIsOvk
zYe~Ewa*0thgnGQa?q$XTCaUEwGnV;eFj|%wEyI|~i{3Yk)d^%+1ZBLsc*B^d%T%Hj
z%-LE%UA$rJWYYH@nzy`TluAOWZUvcljR&LBLbqRi&#fKRufAuDCK-1R|2<<h6V;2p
zZ}c`$PnP)N6KdV>8!IHq6&1G!M4cbty$hqINfyq6Gx36B@LsnuQWE-AER3j+jN2S(
zPeAnm9~o06$r9BD(eC9s;~SPyk+9A<%`)nYexorXPWGIIIomeSywNR}8XYzoA4?hU
zY<;7#lZom@HyYd0P>=Vr>n5Y+4Me^G|KZE7n~fYMP3}$-w*lR3l>gr0V`E4&Ohvbp
z@rBrrjWtYCxi{Ww>|ug>t_GQ{33|2}<?lXiGbY`Lnsdb?u#bHg<o<~<he@TS@ahtf
z9mXmqA4HPG13(HBH19MHkc>MI-)T&3dAZFyjpa;~&7T_uOq9)^CurVf#9LjiXP1%A
zMCtj$7|lfK`65BjZsVMkq3C@CO0nB8TT9JCrTWUqlOzj1S)^~WzBWE48F|AEJ-^5J
zfr-j}uTilLS*Y~vHS#3M6`i3jo`k&iCD?P=nAa9ldG;JOc1lv{+Vh>^v_l!so+Al*
zii~@t48_KakXMm0(MJ{mIcDTBIbS<TtOD|rQOab}?Mb3@A@njv`<pPYg201OdUN=M
zF+`FqF?uD%>IvhtB!z)3Fxq4Eo-lgfOl5x^$Q00X!dTB_AH0E#G9?K%ml#*Hr&Rb2
z)OxU|#7OfIY#YBCJ(vswn^DghV<!`3^BJRIhs$mL!)POkXY(J%1W5`5MQq_8MlqAg
zT#B<s$6LrAW%JpDmU7m3S<1jX3R=n$u&^wlTz?s>NXBgie;J)_Ma}cXIyeLR2~z!K
z^ky>i9r&egAQy}bCQm>qE1rg%u|@%tbf}A~fFzj}JCdHxdO$>gR5l|_8o}7z3`nv|
zbhvqrq`KLXWp0K=0p?!YoFqxE=neIbGWE<dCgYC=q&*GH-kmV7ToHwxj85BO#cG!C
zksAL$WU5R>ao7zsH#T4Ok-LC2HCHpa=JSAz!;o1l3AKVDAQLf9`^ZB;46|Nmv?n{c
z&KP(j`UAKNYBplBm1n2686qMcSS@6aZJRMBSHDhuxNY7@M9$*y)XX+JN<uc9(7GLS
z1`+q|{kWOKGU}!MxLK#Gw8z!c%#29l>ABGyLd4b6+#Jm^N>6k1m`~3WP|{ZB?>_Pj
zkTzz;ZeCu~f!t(nm!z=jF__arVa2WHZX$sTa3lC-kh#??yA4wn2L6UJEtKRycOrG*
zHMV6yI+~k%5V5|2uR|o6-;>BO81b>ibu#<kP9z4Y-UpdZW*L+FAk{`7oz22tDC5mH
zx|;t<LUr2tOIT@|DZNpKNCBkkZvHJvVbyc5Q%};%Ou9qnRkb>dJD7Vfvl^4<pv4g>
zABVlnx>Cl=y_dOK63S~I<kic(<4)3?4hQ`)up`|Zz~suhq&eNZm&r2tZXNSVH%Btb
zsSa}uC`G!N&*Ut$FCx1op}c;EywXj*&*gdbGviF&dXzNxGutw01$$_yr=K}e64G-9
z^z<_)m(w%Ae4fcmZK!qzn0b=S6Vt%LGccbYU~Xn|3@k)4(ENc3_Td*m^B|Lc^JSix
z{S5u)%V6`Y(lZoB59q`1HIvh^6!U}$7UJ*13^(gD`3y>dGMQ$O$;T~WFXarZ{>;ge
z<cjZrTnl8ZxsGL;v=AZ=<SBD6lf2bLo;FLFEQM4pL1w)9P+!U&<FGf7$z~pt#V|k2
z1Tw??kjc4wi9BzfVe;FsfEWcbvrKUp=~)FH8w+H%IYyFP(Pmnbm<?o}`4Y=41epau
z=9?Q>raSx=+gc#6o1gi}$3T{v-}y)(kT=ZVnB>5G3{x#PFZu|kddsZQ5ADenD1)iq
zHg8}u7G62}8pu0l2Os$s$a`kGkNg1SeKV8EZkP%8FMwF&-q`y_b*(v?WZaQxt(h$e
z-Lry*Al905B{?40^$7i<(}(5~Nhl60gUpBKN*}2y$p=1?2SOj2fZ<PJrEYLT`xIEX
z-rVAo!Mrw@U--zRYS4F>MLseB?vQOVAM20)$rjgdp+0=GIf+Q}tZaDMbPddn%^6IZ
zz^(fjNN+Y@;Z&2FB#E<-`(|?q%l!35KwOYyCCl_|mLwj7yf&MkFnP!&hncK_QE!{n
z{4)`E)xX*N)kj)?f_lzNk|lp{>p#eAi@EA<D#an_pHuz-U1r6Bl1M%1jqPS#A3<;I
zFyAHOmbAe9h>0p`fw_}Om#g46h@t%yn59I7Dtm!h#zgtBz>H*&J*w;l<_adN>;-1|
zk`^SCw7?7vB0am|T}RxL`P8(SJP0>G>j5b=TS}58hQf=ZS3%i7Gb4jB)l^BE0@-Ee
z+(UX$=0+f2nFT&_Gmt&zSt73I_nZIt2zq|MS#gNe<9hXgS=&d@tKXQ7eFS6dV8XoR
zkhx0Acq7Omv(CMjYd&N)@e$N~*tC5FHGgZiCnB~Eq1N=Bxz<PU_hr5_8{Q{1C#%Rj
zVg`u_6?I1vEIeX1V;PL7+rU3Z%=JXvvL7`+^AWW0f94)eh4!RFs_zpte{XgiN_C;?
z^n0@>6IDCM%waxqH|Y7%ER}?M8_erxbL246^EBLu#(v|t`4kb?!sF(2AHh^7%=tco
zJ}fb74JZFB;`V;hyqd`nZto{e*rbLWvfY?JY2Lsx%Bv^MHY}4~ncDkF^G+tp&nFXN
z>|{cWoivBYRMfhML)lN6%^slKu`b2{`PH1|BNKr9ZWa-7%l?O1>LXb8v*wh{%S&2j
z&SauWT4pY0@;JBmGP8h)TlO+@HxpITvV?M#C6ueo?Dim)Le=}9=ABGbTmH)&C`nfG
zOV0<ybST$3a~u)3b)PdcA3{CU-m!K6Z5|jwnpOP#YbKBM2)1q!Ye7W%2cxAztfP-$
z>#h(ROeFc0pW(NnAXUZK{Y*9knIp+)BBHQAtRi8~Rw*{$M_vJ$%CRq)d;~H}fh5O{
z`N%s!u85^ROcuV5dVpLR8_nbhkZnL}#`2lWhQ97AAoXGmM`5Z@18?sNh@(In#QHO-
z4*Mj(0l7A|M-s1ZX&kFN8dLenSxK@){eR&^2>!8gtmdOAGey)c2#9l_r%5cGNyGgC
z@h_0;W3!n2@E@gW8vBk(rDiY#f%L&x%`vEFj`*lHd_#8@zUhngmLykXz{pq&h!!h9
zqmIVb!;DnT)v<P>v28wrbAV{<b05JufD!vrYNnaPwV*i`JL)50AWp2*M=T&|vDC-V
zLQ2&F$c?c)NeaY|PzubwMQjhrBwzm{jrc8MM-_qJ!Q3WgP7x80xa1F(Sq8st0YfF|
z`I`x@B5~%>A{H1cb5CB^F^S2|DVS%r+Z(q)LHM(y3iccA!9qm}E8#DqVq0#>GKH0}
zr+pEI##XUp((LvCtzz{hDGXd13E#EBs;qS^#6;<79c#-(>1h+|=F`&!a&Hss=OecR
zX&ZZ(Qz^|i#bz*3ns18bGf|pvjxF=)!BX5D`=Fej_OVaO>1iK3R!&ccScxPBf$QL8
z0DafN^@g&?CDqaMIE(X$=t3TINu~7jun!64>JV%BIMxn*xj6(zhg)K!C821+dDN}3
zsXlTKr0N)3;3JtpI>%P{$fH2I#@6`=mi@Nar#><sWV*-B_{cOMJ!6fZ@M0B5t6s6`
zL}U+%G1fb_n25Lo=Ath`s@|~~Ps&u{#R~8(45aEETgzkxlRIL^n7m$(WbTZmjHAf>
z<sij;pIB2S|J0y8kUp^+nOu2Kl9&s5^@+7(qQ=2Ku}(zXc<vKRmt-EiSC}MTm8sS~
zg?Y^rcSG*Wf%J{#JdMQbqXxwCCGpk;17h#_2=>?mVmpY4XZHrg2GDbN>^mRHhO!Te
zo%N9&Aaif5+IaF0ruq`duvk+cISeE-c9W0ff}V$CLwuwJWFCu+_mT5J#>E!;NYyep
zHH)qHk*k4BiGA%OQ6SI7PWeb{AhTnE31s2_PQb6c0m+Lwl4OZzz~(!F%#Gd6GB_)E
z07!mpn2(GGvM{!LBI!Yy@jw>Gjxd=GbukUdlGvY;c%EMx3p^`Rxjo6!SWO?94XKvJ
z8v6*w^P4f#M_vY*<*~Jsq#id`-->;~<jmQC=m_EaR_rhlH+tWS)tyW>tLS|z)`5wN
z-j%UYOjPu~9m|&_OWe_d&RkZ-Do&x?RrIckr4SK~A$oCkx+<0@2}S1XVDqY2!>O2x
zB6Bs6_hQQ>fp3?(!FQ2B*2Xpvao4#Y#y*wAi`5Tf7kmU`^~0Dojmo9wKOe<fFxhf5
zjPIa%U97#2-1-5mYGZj!RD^Gcz2PGm;hSUYeFUR-TWqh7VDx?(EA<hK%r9b9vdJFQ
zjFGt~*2qV&r5ub|K7uXf+gJx5!B%iIcDIjUJpUMb+($5;PsC<Pk|iF6ybb{QHTJ0_
zJCb7Xn$2+_XJbb>70%)whHvD{Vkdm$SCIKL_Lq;G19C1_c{-H>Q&s#EW`nW1K2ih7
zrC9z9l*tnF@T&#*Tfo}QBnbO0NRlk)Ih2_q*VK(5RRt?Uk}T0?CftPpl5FKaPkO$F
zmrrg4Qq@YCi6mFd92F34fmE|bGN}oqE07dx9Fq$V2gDsfs#|l3xbaiNT9!caUqsE>
z;zig69R#UrSik$o{XlA3<>yhgtSfRbmA5BT%S!bTjKf-1x+I?lS{X^=VbD|CdYQ@X
z5aHv2)U)1_BwIvbyjTM9bCtE3NeAe$k<_>LFnNMyQmtXRWb=K{w@d{+S6jQ8?1Ts}
z-3s$ni{6XdQ9;#v1M6EUGe<aZ=VT_Ny2d*0BXfW>w8|v$`lv>hm_wd_?Lt7j3Nno>
zlZflp##a6Ul$j#Bt68qKjmapOKQDt+O{`)jU6WwW2BfK#`U<6L&Z&Y{TPC-|*Sa5p
zOvuV-k_==Ekg&CkNp+a_768$#S+A0w;#x#>tC&eAmNBfh`6vUu)@{%OK&qH^fXOXP
zY^(o5(sN)MMMB&f%VZCX)Q2HeT0$f=vpU}ilS1EVdo$~HAHkS!X7%$CoKfFsz4sdC
zMg17|>Mg9#eB>D9)zUiXBPBpuTjz)*{{r&_oQk!x{$ujt2%34ev#KnTn#J)+G{<gd
zHI`&f@{@Dmm%%|#JF62BQTfe)_*0TQedH35o2+4y<Vu;!f59Bm+9Sz4u@rVDZ-s9n
z+FOTxq&tufRxy*o;Q1Pm>Q*anG1@avJjtY^)$w&A4aO#kRFLUptz}{}>1+j;pbY#@
z7PRgrAk)Qa#-#mKP<9~Qt*%Utd;oh*Kzbz9PETu$l%ajmT(GdGHA50_U$mF?h9usY
z(#u-!Bke$QFRMtBg1|KRzmD)<Z)@CAw6HLs_C@covL*5K+-WWF5!7?1wONvaz!Lbs
zp738E>zE{2Vha4<UGQJJ_5QNUHQ!}zm4r%xXIuTOuSf>oRHc_R`ddXza9x16p$1rB
z9$HvQ?Eq)6f4r}8Gpth5oO~6u(;<+1hV>_t{<Gme0FXgey*JRFDal_=p<aEk)mW0_
z0i5lO0-1ZP8It6RD{cyir-9sSEq@bJc|FNcYpo=d`&5t_YKi5tq~bG(-q}EgCs=sD
zHDAh1NzR7c=Y9a+0a>pzY0l&UYb6sMdcO~oVOD9aXEFj_NP8JHKWG(5;@SL=RkTuC
zD6APt;x&*NY1MoCa+@Evf|9`7p|GZ24l)m0DXUP1O0gEmXsekdS>m1PaCZgBSZg7Z
zuAq4jkSDCIOioUR6BZ!jtldl|f}ei|@{~319n_p9{)4miKY&cI)=M%))C8G}Kqgwl
z-bI;0*JIBncx;ljPRdM4{`?`@IhkY?GdT(Nw1e4TmKAwVmLmD@-SB!0cy+SXOcKvO
zQ><?!@oI3IRZOYme6`X!xIbp)tR|b!LmyrP$aHI!BvZs(u=y$=Gpup%UvBerR-Po}
z!|Ooid21=lsOX((eZWLT_-w0yiCzM~nFC&U(W<zHH2+ZtMp)>EU$inL@!DXHHOxnF
zA1TMm^${FlbFEi>Bn<YvWEDtKC?nhfl4o6zglujuN%99W_W;h8+X0ztt!IL>Wg?kt
zN#@^r@M|ejhUOBa2iMedt<h3uN^<0hfVfr4JjFz{!FkqXCaMj-Y|WCytFQT1&kr##
zufATf21r7A-3FRpv7VNsuxfS43s>v;)(j$UMCDuKK0-a@L)`6IXwC2u-0fLxz3d~n
z+q1-4;v=}*^M<ubk{wBEcV)SC+$V#YS6F}f2x@*iLGwEanpazu)}e)-<~7#Ml4K`u
zfq32q|Mr2^gUQ!Ga6jP#D?^e(q2gz)wStL?pS20`^P$^|s=n?+tIm4NoxGY3UR`H3
zBO*-LufuV9gVkM<>|}EW+_M6i4OSl}8?x!NYlAhA$>WDqs?khd;633DR-PnN#Bt~o
z@b_ppSVbfwPa+-$ve9b1LDrXhvbM>!S@o-%tW1)TEf;&p%~s8gGF5WMqXF?a=-Fa5
zBqGXSUlhs5Ru7hG!TW4mtpO}E33f`yK=^L8GJRwsq}poDm&Eh)HtR4G<>ze)e*VO@
z8T~vR^n7ADn>;_y1yW$O^^rwD3auA>WF?T#tqnxP?uG%mZ~SG#tl%qayOhZm!=Y7f
zgj8QyyO|7z{pU}Bd~F?MGM>pE>ll;za1&z}$n3RJH<Ra)d;?^^)mD-$aXX|s2IL!S
zz9bYar9ci@i?@*HFV%$;aOky;SSy&|ybkZc9I;k2DT49hVd$fdSnHYKjy?8%N35@z
z9OQ^PVjW_#?hr-P5v!ER3XZ5FR?Uye<{$W6_=t5Qkz{o)bHr-LM4eU~v3fI6rxi!6
zu}q$*M5i!Etc6TAyQGkam;rv?CT%{<<ktZ0p@D^4$)1^zie!?vA;}WEa-dg-wagK#
zZUK=K!vf+W_^`+dGT8&~B2<7~#iLdRlj}z(i5UmsjLcg6DQP~$dVa8W`bYqr_@i}>
z$;-<E;tJ67lO+l%uU<jeMVDkPlZzDs;u;`7TjDd6nJ4yx%}pf9U@`$#WHBHoto}Pu
z#_NqwTEirveic{ZC#|(Ug01qDmGL>*Jbqt5v;sZ9ShI*Et2S6_Enu0okQcVWQfq~e
z+ybdet%H(K)J;7C`v6vnB!%vb@i!~73-c-zYRvuJ%9MmG#QEwU){`XT&T`LMlO*xV
zRc2NE0`<Ue8ADxkhuq7oQ<9J#T-{u-%6z2KI@mq1hU}(Pw=_+Xt>B_{<V!01!lxAZ
ziOHQ0QA@dK{les<DzpN+Xq7SP1$z2I?iZ~dUy<fpf1-K9MQb#ZJ}z0zWCG-ctqD?n
zO{wk$0vGCl%xCf_%&}4CKda_mlqnRCxnv}h_X=Sa1F8PA&NES`rAc<mK1`J>QcuCY
zDOi|fACtuMPbItUev~0H3}h<X%ZZ3C9|Z(_fG?8mLM9JENuk<BHCr5zsl;rsc@(6o
zX76M22oRLH!Y-1;tM@Bx^AMFnS(sv{OOhqV@d<B=tsh32Eb+-)_|<RtTZ-M0$?LGb
zs0rjsJ5v%b5^C7{B$*@dmyaF?durGxDU}>|FcNCo=OyucSj%qsE!m@dSj(oBX13@$
zjQWkb_6RAHEi&MjI&pPV*M8PVaD1<C&tmdq+klt|xu@FVJMz!t-C>_ZlDS2fmp#>9
zK_sBgjv<x&Q&<V>>v@@q=4{?>&(-!enTkr93o=*Rha~apw1HjbBd>tWHFm?J(jMuJ
zWk4F)Gks(=kS6w8AK3&XXm|V{rpgiv`p|2Bnq9`^+=l`28OTKJ!{3uk&tCL<ZKmDz
z7?J!Tv_g#8Q+)(|XxT%5Kp8JK;&v7j)hDFcOC{M+VJN&!w-@rd(cZ$OurGbT)7&m$
z(iFZgxF2e{h28E))SN9o2G1XaR4wh!l1!20D3Dfm2FpC(IZ2!V($>yovZ*<ou>xsl
z&z7W6q(iwdo^P^WWf}Et#ZC4HETiK2Ci{>i)cgGfdTz2yDV4lsdI`wQb{XqY^?q|g
zz29u7{Dh_O>b<>PR}!jaw5PotAtLar1l$Q~Z%<-!#-M(qgCfbb;C?UmBpvJ-ETg`X
z=wQ$FX-1nn*kAfcg$r;-W>+pod*BNiKGW=M*Oa8tJp<}&w`HQDx3fJ;lI&!4)3S>_
zp2@k_>DFQwdj=DAKeLNHmq|A;81GDWv6m2$(Tf&#u|M*WDzKX9nqXl!d$*MFEbL~V
zXQC|ZW>@}MMoaQtkPqf{n_ZWPo7ZjjV?I&`ywTlWBuQb_ZQsDT7L544?Bz`QjSYyV
zAk)i!k4fe@c*jGMbwp%ujIFzueOi(%(c^K7vEFv@INFmXCPON$<=%EbNv65>^tOjc
zLXlvD<~!_%e54hSKK58iD1OjmeeI<_f~oGZ3w#7q^-u8O-FA_b@qBo<oqPf<gs)b)
zkGk9LK%{D57~QBJXm?{$9cF_#s~l*jOOhvg-vKL4$ZMeenj};Tv@pY7<0Dw7gA(i+
zZ0{t^ZqyC7%a|y82HQy`(!#2$PVcd6NaE#nkKM*cI)4e@MJD7m)XpS5ZeBy}JW7?U
zqIanMIujM)L+y8&sOTMPZ(=>l!l8CC$+&eo%s%fUSoYxw_S|o$oV+|%@3$LD;?>Um
zc2_1Uulw!0B%vOuJ9z#9`%%{OJlsvi(dt3_DI(&=wloud(4JXN&x5Lus;+u~hwR0a
z$}Po1_Is=c&*=L?UL)-Fl6d{$2)o58Dh2An9%-a~Gm~2@21GW@WJcOunEY~)Rud!b
zbRwe4B_X!SRQD2bb02BXlEjP5hwX)uc)5?Vcl%P|*!_romWWV$m80!Szg!;SqwQ2l
zy!d(4zTZc%zQ)-3L}X8kJ;`JCvT}MJvp<()j%+&v!9Qc|Vo5v;pRiAqO8>}m4F{Pg
z?IypH$Cji}A3nj>ne>BRVhqSku;Yqw|1-gE#Uxe;qak>8g56OP&p#9F4U$mq*dslo
zYPk}gwT%PK6J4UlxQRB+Nyr=6M@_U3`}AO2o@n>}-7CdJ(DSUljEH+uJlS5wL|Hi5
zUdse;bYQtA+nb4q*I^gpIY|m6@k%k-ZhIQ@@_abOZg$4Y{Y6MM)gC5EVO6z;oo<h0
zqVk$<k7Y6(e(fD2bGki&NZ{2<0dY%jBsnazdn&w23Yw?e^I7IM*q7KQQ&s!}bN4Kq
zZr7E>vv7vpND}fPTKJqDDVJ)N-O49}UVXtH;3Mt7f?EXkQ$&&@gQ@S$v9p=XYOhH7
zu{+1klQLevkz;RTqWX;-`xxnQ+gGlgf7bIV_L(o)?aL%dR(Z{}2QeAK_RO^(Vp44h
zjj(g=Cz)KeRFSDnZg*v7F}dHB$zxKdAC+rvLJv9D&X+P?x#rqCnW%EjwJ%CSb%E=G
zdG>pMdga2k%**zEA6WvmGvEH#N8SeVitYR*Yq{!#E2vd2v|BP!bAW|*dm@2T?@+I`
z(C#Tow)hVAwXjt#wEJ=@yirDE43kT|+q}@8K*Sw$7uw<+=I%w*Yj&w56j2|7g^TR=
z=e=?j0$FB1O(gj#XkR!dS!qvZ(i!eqVa%_zpC=-e%`5GfS?0t30dZKSTEt{&4|r)-
zlI5JL|9UFvN_#aE)h<@ry)Q_QxusZX50S(x#oP9Sl6a+9Wsma_EXDiwbLI4`v-8X8
zS#OtI^2%NesW#Xt|9a$KAfMRHe5Cf@u!CpMBjWZ^`|Q`4sJ?ff{U#IDYwfdF6A^iP
zXwA6KKKGx@D_Ql=`|SS|;r@A_T}8kLcCb#t9jX}QzR#}7<V+RnN%q-!Ovb^Dmu6BX
zpUEtjEF+RUlSj{e_9{ud{%4>4djRvw71mm~>j!%F+ZB_DYymwTfqY}Plq5@>13lQQ
zAGDv5gl3*SLFS;nM3U^})v#OGAINw1N+P1&VA?17&R)Z$%bkjBWU?7{U$%kf@9f=7
zuvKCk{LcQSg7k*$ZIB$Xi-`zaK@Wz!itL*!qfD0g3raCel3|iiw2T6B%zo5Io&fTb
zJwuXQu^v)Q0dm6rNRq;;yPGA693ZFcZA{cyaLV3IBv3q@>f)6Bmn2?Zr|b$<Je%i%
zo?q=$Nhq&HKu)W?0<XLl5G#QEVRw}>g@La5w2$<MJ<X>F`}sfY*^+qe;;g;2oJ^U0
z#7Eu*&41ee5pi4hdAmxov@lt<-1Bw~BBBPj)AM$HmQf?)dAqSBUi_T5^GL=W3oh7S
z`3SB(|F%yM5n~@9kNsm`D5vKiJEf}UF)Zmtdz_DKgi>6xrxOuc%OtTK$iH@uB%VG0
z+WRG;$ow2+{<Ht*Bl~~^oPQ`)RgBdlAQhbo)iC$MfQrM4P6`thhZUXOM1(posN|$v
zAyc_$H<g`Ml29aItX6iql1u<&^+(97igQ!S<t44+-034V!H#5S1QBsNOhobQrmB-I
ziC5C94q*6GSV_&ksyQ$F^q>!`Ijf1dI}BGiTUfKYD|>~ro5|b<>9)od&P~-l3roP}
zE1a%A@;i_eXDtzVGav73UFlT3Ql^sR9LUsghDeen?u8j6_8YaFGD(gHl+CrA&NaNe
zNal7QL2uM@`uPanRH^OUD+#rNq<>)N%^59;ciXw1^9-dDSM7(jG6Z5hCx;2{y%VWa
z)62ao=&9#KeWWIktDL)hBo#=i^Q4bl52S&!$VXy88aba45lz2`I<G23V`s0Av;>(Z
z&W}uf9|(I<K$<#dnd}~)Bsu^IIieO?I7Ku8J+}eToLeNxmYUOnM4ge6z&9h~=~U5h
zRxqi!G$00ojOi3H!P)!$KrCluJ+HpT0Es(K`UuwG4bD_ay!yJ)X@8aHF^sVrotpI}
zk!N-jKu>e0DG~8k*CeqU>Z^rgvdjdBW<)JrqD~N6I;~h{-2$qemQFX;vlMpTn!`$}
zrBnV(ftF7BF9ljU<-ZhY<=n-ZOXkCkUl@MdID?6}y;d8i{BCMn=SiQ;6ew3)=LH|h
z0dlib=p&1P-0Bn&Nmg@!PR>atbzlm&5@b3#XP69z&H2@mT#$s~8CyXoCy<I>og>D;
zJnADU(~!xg$CJcXAf26AOjex<h@C*XIE}CNYUc=$?oLM^`2$EFC(}o&!74h#$@7t>
zK<;-^8+dx!0C~h|?<02sdCD2-BV&L}b^azI>P<@$F94bC)VN0Kkt7eui%!HxUIUWr
zT=bE*f#f*{8d9p0HwVNfAoHDKCXWI6M3VCT#(bxIzcD|d-&o*0j!zfxi3UdRtIlj9
z@{0_d<>ouDGEqAW`OXR=?hZq~^C8RNz67rR@}19EM)j-t&H*N>U(M$jqtO9tIo~NF
z85xK5Bq@~y=32Om4kcaa^thJ1fh~6*kk_4^KJo*QHy!6XPv#7ex1Ao6crEu`=P{CT
zWBy&X$BVl6oLN2@9KYUk7W)Y9imY~46A`t#B#D0^ulJojO(^%>KwgBN_I>9tlbz6V
z&w*Rtcf|E5<IP*%ck1{^McBJp<2aIJi~Z0)W6$=1v!021U1zOxNRlkEgzuPr=+tbA
znzO`-IrKfqM~*28y~>3)f8>nx5j<sB=d5CaW5E@W`$p#nB5upw<ow1&&G0ul|1eSO
zxJ^!SP?p`D&u?;4iMV@%o1B(R)Lded)18Q{i`tO;W@ng>Gyt;2nLtGLt4)A>>}0bZ
z>{pR&bzWo{)vs=IiRxFkISW`u^{d;s-o0Na+vcp0GV{dmAHlsa*rD3ylrZ_1$tO<B
zkXM5d$bGvSbA^ie0;j8#$rc#%X&_VJ^k>p418%AU`P9i|QWbu~s5Ov6XDn$Jb0F0%
zKt6LaHLBD5K7%hHfPC((l!V$&I*?t?_e9+K`qDYUM6Er)bbe=odotDD7vf9jyd?9)
z*D!m(2lRaD6h$zvT%o?c|H`>23H`<jw$nXMUR2hytgi<k)gH$*Ju()^ey6=86yf86
z9B}e|WCoB!PQw_cA{mVE@0|XYN9Kae5ofoLyba_BCv3~S+_h)1a|07x*<t@v?6ha1
zcBqP-Y$D=&URxDA%b1KWqutbEC)GjCSz>KFxR(NX6+1<eWV>EH?i3RdYQ1yZInOdS
z+@`~M)N!XxoGkp-C7qe5b<=UD50lz=(H!8olR-qpUZmPN?&PJBJv*SjJ_dV^JI5q}
zGgkO!1m^%JoF4de9ITETz*?BddL~Vwv40AwPB^K}NaogXK<oxm;$$)zS3MxU0dmqg
z%p?i!exsgKPVXBjRZW*XMI>28)G22w%cv8&Q_eCbs&$`ohO{6(E5D$b=P%ANN#=>C
zp?fTX+%G35f&Au_N|{{oz=KKRJdiU^R!h_aFZn>KN^qC4>@rdd$Y0JZDU&OXLaJ+k
zoOjOqQej?yUq&#mOHRdBsF_k>ULrnP60$G^dMd<=m|*TmD#gdPk*VA}_EqAuB%yeY
zgG`lpKFNqP&~n=VsTyzG7E@)3pI~-6@Bpkz;=?8JV(g0e7$Tw<>^^mbR9D0&F~Ods
zCy<nQvztgy4T$HvfK-o*_Ed_)@C!kMfm|8yDGBuw*z?zlXGlU8KD8d!4)Kvb864y4
z#2a@&J%xd<;U+51(CWsU`A8;ct{b1v<a^iw#%QS*U%^C0LcRD-CMpu@#hqJF^E^@K
zxg_xj=(#GsnaS1DiKNC;Z$+6oA_gPTc#vrj?<5KJ&r^Y16CWsvSFT3!hkOJ}acz8(
zkKors*Tq|QM9taBYIJDq5;ZzBj&~v%(c?-gSL1j;AHmktIDVgx%m#a!#7FzcJRnWu
z!#c^l1o{v?7LM;^@-EET76H-X>77Yt>NQE?hi~DAKzs-j<wHF_iHY)|9zQS1JaHfB
zc@y+R<C$Gh&ph!Q6El855~}4jAY;W#ePlBbCoXQ2xywEr=f*ALK_9`nar<~zAHlhC
zxA<5e!MSmt_<Ttyuf3o-BfirogR|xP<EMQDXUn7G4ZC}}<7|0+yrU$f=M?Cf79S@`
zu6PGl3YFp3W==fV15**H4`gn9k0cZc29Q_d7k#8VkT>IIPnlP8-&xc@uZfRfqWb4G
z@o`L!@M>#KJfF!0xP^;5z-!`fF;Q!oHSv#_bS|Ym;WhCcOw>Non)n_jYQ3{2ewayb
z?!(u_e`ZpJ`|vgKGD)&TH)x|Hp%iQ46M9qGTLT#jWNrL_B-vucOxO<xvMFB7<be!`
zb0C}JWlTE4>|!>MEpc%N>X{<mgjDl@d>k*h6G@i9QDza4ZE?|u@|rXuAl?G9Jw95J
zY<Cv-X*`FCip)>rqx)j2d1B6wU@xR9j6cuh(m*0##FsJo7FP71g3O-yT1n=JTu5~o
z$T#td{YcMVsP|GJN8+X=xnf0A=+S{3jh8X0+8lOP;7&(z-04p?7eIfg11XKKkYt|d
zb{f960CG0Ifk}7p50by)yO`+UpB_Li#1Bg{M|6QycLTW?|9Sw~gL)nWBGSHRf_ji7
zrTxwX^^65lG3}xxq~}>6mD8MoWMLH@zU=~1HSIS^yxzEa+C@pIuX`C}u1u?)fvLQ{
zu4Y<eAHlw^R@&@AQbzVR*kjjDdy`3jm`l74dTOU_U~=cJ)U(x2+v$^8E@jNYq-P`d
z>UGlEGEqHJowN)ls^06QCEtUo=7}#M)w`glZdwi#jD(Fqu1X6IA(`P|&zC^1Nn6jP
z4U<M`_3uR)ub;mzEhdRq_9kg<eFV#XeOhlH!G6AJTJn9e6mCBsbcyQcgK70h#_i{W
zX_}8<KOam>^AYUlLuu`O1p9d{t=UkSmq0(G52I=GnFQMh#J50<G;<iqsD9o|Yso};
zHI~+&iSlYJZI2}L#9`>wkAWU5t^IJ+Gf(`-#7SEv3B?bt-_z2z`ba6Hx*_dzA2|!8
zS=zsnz#Hr^%f<P8^R)2&<T16g-8}6EChA<Kd0Kl#_*|xWT2CV4cbF03ytjE;1{1Yn
zZJxH8iCVF?Nc&n6Z^ha&E%^b=-CMD?N()Njtyo*7HS-Z%v9?Yd%S7#7wo7}9^^Al0
z2)<(7F0F(~I?OI`eQ|SIB$Mi*Zcad40&lcWTk9iL0<eBaJMAMifOJd?KIo;o8c64~
zr-&r0wQ!fTY$j@S=#n;vQ=O<ttCB8hud<9<r*uhshh@}>SeLYoEK?75_0g+c(!OOG
zJlkpvxpzq`WrAm0ME;W`OU(T(Ai`26<sq_J-Rtg}mj8czoq3#3)&KbKOqTapGWMMz
zYRLM&>$zm9v4zO45LpsJ8KK59mN6LnkbTJ>X>2u$48}x_tf7pkhLnBDmg@If&V8SY
z&-XWfc|5(&Ydh;b_uTWA#A|g;gF7VgT3yrNbs}(%5yswHpr=`|T7T37&%#j4n@_^7
zYp?|o?v)P6G!L$3qMaTMkpgKM-0CAQ18EhkG=Tl_T0)y(JtC?lv<<!|iMMyrE;wG2
zRJp&=F1W;}2iLUigByGV+eU}rJxPv2e%gce&cVoc*!l%YUJFJ`l6PvD)&*o<54Mv8
zzi#LWq)TwjATBipVt<>+G9MWNq+2j@u#y=Kq<ipLADIH=&7ea>WwmE8R+8KB_CFb9
zdIgtB@@`9*g@N=5?vuo8&wYbA-bGvSn%AED1!IV)^S%9puM*+f`4sf@5BBqsZ9oPD
z$1<V4lpR3c2_`Y2J!&KagL9;ew^|+)BHk!ED7aM0czY>>g6pN8S$E;vAJ8)>m?p_|
z*g;3~Ztw?5))a<catAUb_@^W{VK4U(kfA~CJ<jSIaGvA@km13ilGK#sgJ4xjzK8ym
z1u}8L`jXr#8Lnjm85Qgx$sfg;j0wIYNyk!5#s<ervN3<Sb_q(256+k52;3QV14u$}
zhmVxH3}4Iz&q;C_qPPn(lY{k!u+Mp+Sz@F~!M2iEuqOEr$h2U8NjAb;PJ9zOD;O_H
zIoK=69Ui952`-W(-z0dG45j7;w@QL76Z`vuV0bLqqSZT&;R}LAiSS%d5cDhvR$>{g
z7qqC7Ko$nONzxHWMIeiU10=zBh*f|r4rWV|dIx3?AWMQ#LpiPnFs8z=0Hlc|iy-qj
zMlA`pm1LV7>y`v#B`E^+#ibTW@^XlzOL7Y8YZL4aED2tg<N(wclOpf4brb4~NnJ@k
zhWf%i>LtNmlI({1!uNwqf=QBG0>U0{m81)law)EA!&vh#@SRITBHfsTRt`&o9`V}z
zl3-tw8K<2X%O?$%1P3#ry1+NHOM+vhX3TsO(7ZIbLy{YnAY(w51+#p5@a^rgU^Wr>
z^&k1A<g#GQaP&}prL{cxK9jJgDu-zuK+p2vGD)y)ya8lI@G21=0kCbX2=dz;wZpk0
zm}3NLo~!){dj-9z)No1eNU}0GLy{XXPYwi`RlyP;aH)o{J{k&Sb#Rd+pTVkpG?2By
z)*rGA-h!0?WL@x(B-P>l&Qu_u1kXv*cWSsc56FgK-Z(5ZTkBIIOxp>&A{&Fx5t*xv
z0J0KfQi6^oMPb#AWJ|D_B-i0-Vl$A>gYBfAVNfa!$oAljQS8r4+u(~aAUlKmedH$~
zX~Bm?W@=$|;gma&^kBWwSZb!WvMM~ez^wO8FqX(%?E!q}f_GW$4<?UcpYcwxn^5XN
z@U|qWaEj?~Am0Wf<5?!76Fd{Zw@I17>O|D+c_`S2Noe*w5{&f`oIQ^PvnBCn&lACa
ziKyB0WH2}uZK-wCsbGvG-t2iQ*qw-4S^XGH@e!Ooe+oX7#G4t<1f$2H<^;MA1ZT#d
zpJ-7(2TP1cnYr4x!{D1Ni1g>+2a+@&2XBdioDFW5q)B^j8|Q-8B{89GQ~;S@g3%LL
zPl4{xo}r!n7EB{DQ@dip-6J5A9jusuGHTYl_=G<fg9giJ)!`hq3#Bdwdl8wf<!J<~
z6d->F7fEs$p1bjGgv-G+Np?bgy$mu}gZU?-t=U@p$Z%~pw4rOkN|H2?<a)3U5w6p=
zQ0hjoIgt#_d$WHl*vTh@Cva{B`x2R{ZG*cSx<aWt!Gy<T?gnT12+k=Ff-9J4LqP|Q
zY!8DeQqKs`^Gz0#9lla%>!08OAHg|S(@!%A9G=5tc({I%iS`l9Xg$H7aQz{Xcr6)7
zUm#EE6A~ZId`^7^kz}o01bp8FGCB3LL^vC0J(qsjM{q`q(6vdZ$G7LHFDH_$y(#tN
z)%URsjjO09pMKOwP)`9pTk6>dy$xrXf_mM_<e}!>&0A2PNJRNlNKf_=obik5YncQF
z$T_9B{+mw*tryp?`v}hFrS!lQwuL9AVj=c&`X(X?fnxA9hP6{cPiLZygb@<wrV9E)
zNoK;gCrp|qQ8u(e0X`8_L7zutCPmTv4C!GR$_Ab>tEeCGkvOpate!3PEQYxo=gKO2
z)KvD+YhzXPdPGz<s_M;s1lw43-D_js>{(Oq{+OPc`Y2y1%ug+SvX7u1J*4LYSPfz}
zOnni_a4jc*&!+yPuN3OB^z%M~>pG#|VWN4bi|ahmTI%Svrcn+<t);GB*GI6m)Yn@x
z33#ogp}v;LOf3>x9XuLn4fUUWrO=-j^-Dg2tHDOPHl6FsJCD>vZ%BmeYZ}DWL~qM7
zA%B|bZ}<qVa$D%{G70SK!0&)s>G6{EdW+XKt@N3`Quw^nN?+t7xE5`#m!6?w$5lZa
zy&4htRW%qB=72x#^if3Ax$X{nf+YPKvh@!7G$vuML3>UETOIVdtS9u2ql3PZh}sG4
zpzrXJ7a)fn^ox?L+|PPC>Sbo4hZjO;!#e8KB=J@|9d!_Zzl@yA8u9JQo%F{~p>)#w
zQmMJxaoCYv3UPJPj}zhcycS4j{W=q^Bv?oCnjSTa>+7i=utEXyy55cnJprWv>7u_S
zW$<k>lCJt-DdRl>bqf)1HP}rbNirA0%KRFpJqO-*(;vTUsGI)yT|?dU$L|_?L!V4~
z_$wsb*Xp6qXA*ep{cyUk^370wE<t|2goUpn`3Lb?wVojvZ{F#tuOvOQwOwuCe8M@n
z(M7*VgfoV=dg*t4WKVPWrbaI^TeT=`b#Lj>MB+8Oak%yc<fpHmO=O&Q_6n?_fb`c(
zCS$3+Pu&KRLF8FUGS9>63&;T7kYv)!P|HBx(PM}tXg|n$AE?L8K|Qmzp<8(F9;jza
z;?3rR^)Yi<rrI7@HGrP?^fXDTH-UX)AhCLhc__orM7R<jrt|NlXJ`u=^VmB~k0P15
zS~ut^^?pH_I7z;MmEL{OGhB~_^$NCLuVs#qdET2FcTU3Lna3mPInTlBJp#xFQYJlT
zWqCUNLwzgzqh(2%5A~grRFE=p`aUA+d&W5Zu=J-a+^-c0n&b2w^D(Zu8j?~#M(M8-
z;YhK*M(cxp1Y64(J&nkPu#ey-AG`rIUdELW7z8WW3ZN%m|DI$r!ZyJ3U>fL&*G~{h
z*Ssj=^=wJJNaOXV7oa~Xt7Aj$(6cpGuS_zk)s59_$x`@jY3007Px=_24A$3pJ<&%Z
ziOlp7JpDL9Uqpnn@f<`kQSY=+<);RaMEx)kJ_n0+Ia$vpk`d~;Q}i1|610Eeln(ag
zDf)euiNO3gpl6C6wumB)z#BPml$fFyA(Ehtis5l1NiWMJ^b|Q&uPjS><Hl6oAfmE5
zRbMHIm({6yk;P~$Udw<zqIzI`nr;)Bpm`&}biFYVmH8Q=%wunA0;Oi??MR06(~?N!
z5|y8JKxXQfiKzU{*0rS+X(&I*dVV4*KgoJgmI-AeS&x=7UN+|FwV8ynF;^F|l$VXU
zdQ&E0@53|o5ooJ(^^vj^X1*JEI9E?3qB1sDzbA>8vAKHRWshd;BRz@81g%?t{?>k;
zUS~PVs2tAIUnZh*IRA+p&euDVjB35}^*%m=W99;VxsPBUT%>O$GES>&!ww%ru~;wi
zF<Kv|Suh&+2eL%pAW1Ih1w()=)9bF_%zHKXv7Wh-<4S`2A@N+?$NFU=@TImKdspbu
zt59aPR`VFVO$9wG^tXs`y^jO3N+0VZQ-Q3}Q;6_rlMH07e%wcJf9DfDuo^X|YhIo|
z)muyAjR_m|F+?sz99YV0iH&+9kp!(9M2c&_jryT_*z*#!ujD({jrt5JvlT{c{5^$@
z`dZc#cIXH27p!m8Bi2whLL+vHS3CJVTOpFuE0rQw4qRV2l5EyrAU#Yz1<jlFCPaA5
z#C@x+dRHPB!o19XuJ@C~8~H!i$NKc-z5u7`^duj_dQa8o_z1?lU0>oOI2wPcuOYHG
z+?zqZ(tjYL)&M*7pM9ks!pXCp`a>cap%EZWFR+&L<E;U9>%}GU)&RTp@<igb?VH13
zF9*Kp(HjsMuQ{JH*`qI#BnjRE<Emh<zCn^ic>cf~rt9~KsH~>zVe8O3?<}F_bUhCd
z71uufc_Qj*Jwtbh%+<EQs$eH%K0{x`GTJAw4$lDcjUM;}HM1?u>VCbTkKmiW1NyT*
zg1f-q>NR}?^ZcDRqiNoZmZ`r$GHT71sdwX2p^-mR?@I)3NtGuyGxftnR9u;Q_w~v{
z%-BKwT_3^v`d%N;M7sxfB;uTVM4#&;KY-6i^v`?*PXHd(Q;BfP%mSHX`Zq+>+<ja>
zE{WGNk3TWP9@nEbaNF=^*dO%4MCNL*z<Z+KK=TQGA`w-mC-vz*f;l{?&+`#nKcCW<
z`^aU`^P|3jh|14TdfiXax~lindQ&273o~|F@9ZO(u`GQ65f%Gc{X-(ESDw=oCGlcE
zr!OGFaoqxc&gq+o%%(^m0{KNhKtx6Qn|{PcFw)=jpL_)4%GR@qus^wA=lZ;UorsF`
zcYVypM<czcClOJRUep)+2uAvco<c-LdRgB^L`8Z<&y>WA^ooAgrw2#uEBYTkf+O}d
z{kD%_ue_<}_zXQ%KHt)trXXSKPeWX{^=>{=9LQb$Lm~-*=V4C4G5mo(j))rPALvt<
zghuQKdb%W@&kyy$CS?oT^Fuv~NQUO!C-aY<Dv5V*k7m@}tV-bws~PVx3H<sZ&obdg
z91(R>O}Oz;5>Iouk+g;MXs2O?k0VJ=qsUe!xZX$ulFL{^M77mi#(I{a=l3YcMlNGN
z5w25wzZ_v4^AW6zyv8{n!MezAG~I@_xD?Jikw!X^c<m_|d(WMK(;7zLbCRLC8}nS)
zh?K;;XP~fAf=Qq?+?)eV6=b5Mj5m80Hfs4uH27TDh$Euvy@;`ah?>od8n-3!X7gf3
zwJ*>gxbGC6zwmuqF(Z`-uO)0CC5&3BD8r;4kdj7UA{;5sjHQhXAHmF*H4gg-w#;%y
z^X)1>*ayoSor$PtkSHTgl3!qUNP|*Q#x5oi_u)AOvk_(Nm!x<#&QFx#e2JP>>`_Jv
z5w(V_V4RY~TiaAHihPBoGPLPU_zAJ15ldvYHUMljg-9zJKM+x^<r(8D5za<yka@-^
zu|wsjBali)Ya*N<%*M0EXFd`M<T)dgh_W7S94DgcE85U@J{ngQ<5ePTy$9H;YJA`$
zeSti0B>Bi7Ak~aLM3g@@j6aC*Y>w;9nnw87Xe%M`9b^?-W-TK>5tY?iMl=!SVQr(e
zBwmXO8vTi=HFnS#Lu9tL6Y@L){0SQAL{wIFBZ~;f6%R7H5!j`&nh3-&>Ji~6utix$
zCm+EZCv0PYk6`8<Ba=z!4hmuXNJPaYjLSq+T&__p4Xvy8Q^%-8grk@R{?suh5>Zjq
zHRcgv4{=VZYmDAaS*5XM0hD^dnCBy(0BLAs5>fs%HY)9T)Or(Rj3i#`ZDL#^k`Vas
z8qCtrF`62;Bq@G9Ov5!&Q{$l|WzO@RGtG<~d&!?bEg*P*Z!;smB;MZO%SKU2hQV$j
z=J{o#xg?*$F9@Km=0;mdb^}3M&5bUS#DHe}4WkxDFG*el@)bnd!gz<sOsy%bN%jC~
zX(UTB40h2ofwVF{=Tek0oIzeS_A#MdBYe(nV;m)t5!$6`V`LNI_HzRCv@wdLW28*Z
z0BLKqAi}kSeXzYT&qpkXtAnwb2+x)KK&GRS!7_oRjd+ykWE^Hfd(^nA-^sYX4{gP3
z^;+|<+jKJGGLX#F>ci9M5Li`rG8Pd@fITxlBh=a0@C}z*76UuYutw@^WJ$6QZ2b;C
zzh*SuPcnfi@Z|#b%C5%iOhT*Nu0~%Xs{M2|h7(ckxtsB^Bwjy#!}yE{=jS@udc!#7
zBX@yxH=aI#*44Q2rcuU6Fo!)2K}3yXy^Mw|6Y{W^@d^>;VK1XQ5#?cT<MC&rKE`B{
z;in{AN4;gNB{EYx3~&0va)oLAjQ@zt)+WLZa0HM6M%1_H^Ee_ncMmd_6JeRcAoH$~
zLWE;42PD=ozQa;XDgzm6^dq8TA7+dqq9Pq`OktT&q{EGQL{y~1jkQG7NHW4mmBj1I
zBaB~(u=Sc?{R1Okrt-%E@}cn}5#`TF<5eHQx)^1=?jsGL)M#Ti5#@8dv5;j#KF1qt
zi721rjZ`Aa=ds3qNj#s&8n=ne)!IYr?G0Z}jWa49R6aKb>*I|UKGG7%1Y-sfjsnM)
ziN+^Bf@651k?AAY2PYZTzDLaop)q{2Ataepm4BgiveATyiej?SfryG?iqT6FFN!I~
zG$LxYN-`D_VGnbGRgb70vn1m)l2Nv%8ec!Ad75!R60gTiH!_K+`C_{9BN49mj*y?}
zMvg-&huwh8FkB+4-e(!jd<5%#w$au{u-=o6DMVDg&oySVOsL-H8q0{NDCQa|L{zW*
z$jBlxSNmPo@;sx=VdY_8ur=R!+eZcgSzx?RgndR27a3cL@VGhxWELCYN4QRx@8!3p
zON~54GQtYI4Exg{v(zXeN#T*OvkPRI(Se8>pO+iMiNtF^orXCMWIi_b`^ZN?RvOMx
zv=y(N9R}aN!F%)7#wjA>wE3_Hk_P{`#xRbdjLOCu<0T@h{j4=wOX9VkwK59Te%2Xr
zBr{X1o&e`k;iSPjBVCf&2e_xKH*y?DTkz|>@D}(w{A+_z<_9Fax>ycAe`?GlqFT#F
zV;vFI5;hu}eFRt3pBY~fQBkBA-xA^bwbp^=O~wf#oWrd^wi)M%s6B_zjq8$lPj;Uh
zbx)v&Y#pEIKR22ZiRaN6{_hK8DUos72QV7r*qdtX^pUT?)|W=Mk5mJhorZQ2HILJN
zguB;%hPR5ljS-Tdp1n|NukjI)@!Gy#e3CiCSW6@$%-iwEFz)#XX5$+p@)T-j8C<38
zH=ZHFJ?=Zue86boBS(RJYm6nL@|<bR^bu^&2aSb3f<5kg;}{Xu;|?3AStiuu4jUJV
zsM<Mf+#{lT+!3SFkLdGUttYGja9llVq)CE1Iay%qm~oN_dzcHPj~nNF1Y<vLT=x;&
z$@#&k^pmPVT%DdU#uHKgoHVr4D5F{(d@D#q)%z(U%13Zs{?V|AsJ+T8qnRY$Uga6%
zRY|<P$}>hEBHRvfrFX^{N<{67{A`Ss#A}B?8_7g?|K~hp<7Z<%5#Il~3goP@mx#*G
zFGi-1V19lvvU~*d^Q%!f>(TuDW<(KT4{=8*+ejj!GIqfToOv{3zZ*q}sEqw?MEeM4
z?4nVRh|1U{<5fw#j9oT5OX6khvN4c|%GhONBoURdE5>9=yo_Bj_}!>_&v?avDu%y|
zoZge~6=Siq<-IMvVyq&fM!ze@W+L2o?m?cf7+F5@ACRj?p`TR_aqhluMEMBzog2mr
zL{v|?X*43DvU<~K&!s|r=a$ini0Ub~jA<-GPYSpvbK98bBe*AX$5`PbxZb#LY$c*>
zJuqsXMV~pYh}^KAFgp22B#?*3G$LH57}vkX1|lko|BQ%p6nn_$|BTW^l&$}aYD82N
zn%RMf>TzM_AR_EfDX<=9&hwE9K*G(#MA#q9Y7R5{7nON@mdR<pN`zYr`kc$`%`%~9
zklf~QNj{NJCArNcBJmnNgFFwma+@hE6M6!QFwg%=wgSJv2^4$+iZHKBvJpx#sqh=h
z#D}sGVb&m`vJqi6AfmF7$LuGGw`$634kMyw*u3UwBAg!`Jj`pZ^${0HKJ#ZHs=l5!
z|MC&cSOK$8HhQRPFw!hTMEMhGHYTEcE@*Zq!q#KJRv|OnN16jEY?eB&>H;%g)T}{7
z*(zq%VVO{VikVG`C|kwMPDE56EN=Fd#9M(BH<O95KkdPK3G;!EbOBP*%zfcee@dH0
zeFU>n#tafs9+ov-mI--S)@(vVd05u$L_}q*oH<q!uLjGTpdS7*a(eID6!FF=MZ6KI
zyg8lpaO=fA;qvAdCR!Y5!#%4C=66KmwP_AN9al7S{LXdi?Fm;j`$*#LHdi*2h`<}4
z=Xn3HvblnYYAuz`4L*XaooCH$MD~Vz=UbjL_ekQMZ;3V!5m7y^ig}Jmyp|~Ma<6K}
zTqF-e=aH(KZJB7^$)e}Y9#Y18Z~nYFn25^!^JY2`WviNboQSej-E{tV)K+z~36qem
z8fJSb<JqcV_9CKe)i6_usJf_We$O&bX)kdOYnvyCq=&`AsVc0U+U6Z1YK#h+Isc?~
z7-$dQLE~<QZWdvpm4NSwaNN+%(L}gC_kq@{n=^c5Fc8x`$E9fG9|puSV=kd)-p^bE
ztEM{ULn1S^p~K-91VE;)S@<$rzq_1ws9rEjOM*8Q<DS(E<};Gu&D%_#m*l}bkLZ%*
zfGB2z<`>MmMAUxN3uX!tj$%H^r1{7SAob1sSI8fV0{6!nm{pks@SbF}-cS;yxuF>(
z8P@y>=xJy+@R6-RUNWcpH3Nw;(}<}2G&ZBIayG8Q8v6#=Yhp%AlJ7_U74jx#Eh5T#
z6SFmuxmtNR)tF;9mYOHY2e4Oo5N;Z2YMzs1{3-a|4<OCV=xb<euC^CQtxK?@X!d0i
z*z_;F#R8e;=HoZ$HaB;WjO>*VMRW7Gk6<mgG|OG*DDbuoyjA-Z^I1v8o(j_rL8({F
z8bnkSub3@ahBE&H$qeuj)cmS>RqFYE4Xh18rj2<=k~7O#a~tztN$M^4NZ<zgqinU2
zadGBxt=`5QNHR0Eoi*W|@D(JBn1s$=wl|Y+amKtnw>P&+;^nY|c}5a1&mGO%l6ZB|
z$;@?|^n~)<*(||?PLy4QxH_AQh;W{-0eQ_#@e$l5e*F=GPf}gXT`Uur2vN|^q<Kh^
z^f&n(VpsF5Bp+1aePfTP{B$*c_t}a%1UsDOZ6CP<{&X|D{6)1)_4OZ+?q;jIL<0ZT
zfM?}QI3a0vWTLe_z$a1PG<y+Iw%#-&?@=}=_J{y{uV)%WICiY}o@V*`%GS&aaAwl1
z<|C0%>MhgtktHD0-)!n58-WZmyZA^Hl!`UWJb2XS5oRSxaQw-05bhQ;YfI8*Dc=J;
z!W5D`1LF_gp*_NE$Rrf$2(y`#nK36^3xcf?W*12!fH*{YN#X*jM`QpIm7fvjbt!}O
z6+<%6VBs%4XY=Ph^7u*J5oXNaDr3bcidTH(Wzh418S5ihr*USokF)`qQRWIJ+VAk*
zAq}jKF}E=ZT<8h+<bdWe=0!=ek8m3sW0rV`)>RZ^%qSvUr*#iwshU301#HEe&3vQ}
zka1>TCbY*G3APf=!9<kiM02UH6zx@-U;7B|T}(1FedJ@%GsT?t4|=G^-s$F-M0gB;
z7p%`PPZLQ9jE6lU9LHvwze(ctotfq(BFdkcW}bgh^IR<p_QQvRo|$GbAL#(G&oV1X
z@&UY2ZL|mWnB<70o(Jdr4-!YE)KkeEv&&QY$rheO9SyeTm<x%hxaOLtiE!o<K;|R!
z29v<Lv-}2XzIk5~ZDyGE-F8izZ-(VS%_^?>W|Sn})98G&E)nI=e6tG?&fyHOHQ(&#
zBMX2mG^Y?@e{dXIWG?WLNU*xt+~_0Aq0|yHod~aXa7<Wc*33yBMtHN#@(?MO$Z;(<
zZ7GBGwI1{=Hybbsy`@@ijv>N6Zz7p|xl~qDfqZP1B*H%L0kYB*K5_uaD)V(Ffom{R
zqpj6uPa-OZtIYvK*w$f^+3q7Jfvhq26Hzs|&U_{}`oq?L0hv!s!6Yylo)9kq*<d!5
zWF)Lvm^34ztZy*;5@G8%s8lKuW$RP3a6s9*2QnMYDog@@J<Yu!#jMRlJCTRai>8?M
zq)dUl;aYeEtUk@gM3nUuvo{g89w3<nE=4m)0U(>ql|+<3Tg`$I<WJx(%<pADW}8`3
zlIS7u_7dJrY%?oJQVQNX;HqhxS%r!Ap*%;u&9sOpf3}(3h_F8uN%H_7sRrZ=a|03O
zPpY{m5Br06HQ;J+yZNmoKkkBcF_hYF9+d=Jf*|sfBwrS0pSPR8O0pErc(9&7B`J3f
zZc3n1Hzg^Y6GjOl4<ren!0W^9W_Vuq=OC<mbHJKyyP1!OigdfVl4U5*2LdSLC(S|g
zmu9L@2KOPqGV|qAEujs_>@d4Cp|8|C1KDW~k>oY_Qs+$|Uz=kjIW-Hu0@wxj+n7^{
zaGv{;ObQW|)m>)({L0oKkV!Ku`v{I&yG?_McD{VL_CCn$H5(IAk?u9yN#c!Bd(E$j
zu=SBtD$_?M0@-KQdK#_syCfW2GR#v%xW^^J81;=AT|jv_4NC1dC;P}kAm5pv`v~qZ
z95he)$SRQe-i(MOJzDfZo==aMQA`3Se}WzWGDpm4Ng8kE_h?7V21Hb(N6c>}@ghB9
zULeAeenEO}`^at}$ILDT(Yng~aq}z@juf8|e=z^@5!{_SVHPRGKJSui$dl&tOaeoD
z@NXQPG-HS;4^NtlB=I~vX%;Pvdf3DL;Ll0(86P<c<VQ1xi1P3!b2Sn8Z6^5T>zmNu
zPn#Q=z;~tL+K*7`wE2}JOK0=Fe5cL*vXnPUoHh?jf_)H2iPPpOS;`wFPMhbYjCT{u
zY4fHe*q1L+ssALoR36Tck@b8<C_jOyD36pRqOx(?j3L6YU!YRSL{y|%X0M{8hx+Li
zkU3+<5m9>1n&((1@X<N=l|}I9ta(wAWZ2DMa-9g<x(j;Fngxof%>N7IoLQC#*Lxrj
zJWZLVj}!p%n;Anyd6;cZC6W;)AkW1?=DfL-NoYPjZ*GvptM~I}h2ko%NN54)&8kG$
z!*ZbKg6a53G?0tt1R~1%A7-*oPfd{d(_G6$ONI~MY#^7+8$?vbE}0J{@%*`DzF9)~
zgDb{MW`8Du3vfak*YlUnAw<*;=Vfz(uN3x+%jPs6sR!1tm@6MEb=5paM6Hponr%y}
zx@ZKYu9`i3q!p0s<}xB&I~{=BFjI-BY}_*Qm!c>FaS8luxwp-tOhUg9blWUTL}lZ)
z8N)Kv#y<TCZgDh^_z2d{9W!@nm7h1j`dzaa5w5R3K<=6Ci73tY%{RGJ=;YpgbC9pp
zJ5cJrInqal0r}h9K}5y%&~(Zu>!U#CAG1A^z;4*hm;ywzx=Ip=f_rjyg40%SNruT$
zRI>&XQ66g6LrJ`rpjj)+qOExCCHVSdCTV_1gd<%DB!`u+9Lg|R1tgc%nF!YozT?Pk
z4e}9OA4XUsm;_#p<h{5&R=gx59>R^tAd|<M<SVrSH0QC>h$x@)TE`{ve9miiD*vd@
zd94&8?BN#BQ^5M#M|J`!X#Guuea7F!DP%=QksfLZIO`R)77$4Y{c2b-YmFq{Z{8KN
zwo2mtj#x2kHxcD?G3yT^>`yvaFJ|5Ik?(<&usT(E)Otzl6cP6D2aqXcJyQ{7n4AGp
z+N$Ow_zglCD~*Y^9ZoD{gG^cLdr6FYuv)wbXI!mwk~{|l?|&|5-DDE_#n^Jze?(Li
z<*eM#DC=KCe#%*8edH3@DsSmNf-Rwf)xt-xe?4PeB*NLa1*Ixm(Unm%lLtVawJahD
z0q>idXseziUTcZAni5eXQnYoENW3;4p3U*g-)JlHIm)UQ-W9%vzXe~QTP-9hZbJk>
zs#(dBlmnR@@S8w2t>cp9r~^;*Kx$d}qFK-Dt>7&d5Z#KYf<)!Vu(}iBC<=p&VSVZ&
zrGS{$S46l5>q33m)-fNc1Tv0wnTQ$zgk@GmTM1h7e{fC~WL&EW5oO)A+DYQ|3)e~`
zqV%}d_2)?swQwEu)UnD|Qw05~XGIg?C>nrFearHZmw`02I&!IiD9%sEFIsO%atm&e
z#rfhz>jO!0!<~&xl8GpvU$jb8N9%0sRnYvRHJk|N2S<RHtV|**iWuv|8p`KRP^ytN
z!AITz(%4$aBy=ZpQ)`7!21lf()~7!57L;mc?e&pCK$=@WN<A6l;pS~1Ev#Q8*#vvb
zxH@fN{UJ&JHLznuGPjASNLyGNYAT;`Y-wTLt3@Pm<s-O92=uhHwAxIp{5(Rov;s`D
zD)1EfH1yM!)?p$_b4#mQ5KD0m$Aa~i)(9V&1mqPfk%-D+Yb&>|{Fx0huUci9(9=5l
z)7GjiN!%O!MAp`-E=eZrkmHK6t>q9={<O6ch_FA4L33LRzSInPxCTgjE1UIDJKPAQ
zgLT<J8RcOY>ySwv2KLtDw=i9;lad^Tu1$Nn)>%nDe@pJ}TE9!uJ5=hLB;$L9(_Gor
zx+_U}IahYI{v)EI=xPNlw64aMu2vbFJPgf@T`gY4vCokp-NT9{8MU@~(~5Dh6lY@x
zMEa)n__ugHtq~-{dKSPFVlQh35oNu%b<d|~FX-uQH5HVf&}`Mm+V3OZg3MdiQ6ItE
zJKwe*5{cJVo`=&nAk*Kf<C3000OkUGrXFCuB+0G29%(^D<!6AkmB>u(J2>rg2J{TD
zTGvtjTmbTp^@fiefYvg|8t5ZeLFQd6iHNHAA=YIgoUwZ#6KmzKi<&bc{z?wh{sS`9
zD#0YIz%$`mPWWxbp;iwjp;h-#YYY+AlaFK$`bc3Q?^~yd@Mu#O$Z)I33usIE6K8!!
zBq8udfiNu^WJX$FND>EQ0`7v2w022SXgKd?jI_RyWb&YJ>M0|w!$edLM_NX`M{SL?
zmJ?xra3^q-mEt2c!1`z_g9yjv0ExHGvrM2wChtd$wXR6AAM%5BI@Y>JL|Gqey-;7(
z7mi3{trk9ldm!ViPCkPBB;&0d4X7?cd7kh@FPLEEBN^2T60B-OI4<11Ot4<`5$rpO
zRxctd^OLMyL^#s=5b0#=9FdHO{^^|gDb__v;`Z|%;}q*UlaPl~tjLDwGwW##dZt*h
zM3k*0>o$>uKx{$YEu3mSlqCD4M{>OQXzWv;=*v@OU*<@$FHf`jQ7N|G60A?Rl8CTO
zJ0LTxb3THz@GR?3AHn?0wsO3L)|Jo6)<Pl)fx&VHnPaVxq&$4JiM!Twto2N^tj7H2
zdXAMYiPHo|;(I7lE9TL-=2$Z%@zxS^tjdj44!eQRb1dCQ`U3gL8cc-a!r!=@XPqOW
zd|qHRYK(dkLccq?&}u1(_dA#it@cDzTU}_4A;LKv1hy7hhlwc7i>wAsNHdLxxHevF
zHS-a?TYibvoru!B)Y`~00o+l<d*hc{UlCzj?}M$SR;G`P0kYhx*HqcUeXWnJ*L@@#
zYH)=$$VYI;Y^61hNoc2Ql{JNk@@JJbkH}nYRVK{2U~84NOp@`EthTNbnMqHzGeBmI
zRil}zoq0gkT6KK{?}Yut>Pm!bXC09B)^H!eXX;O_WFji7pINtACiG05Vm)L+cRS-(
zHYwKAFLRwnLymD(kYW`hqT))iOd_1sEnq#xiY3CfaHY4&I>>sc2EPQE%~lrciI|eY
z>&&fIwj^U=Hp3Ra)w;|i)Ze#S1)HmEq=TNVR%;?Eu5DI#A{k+q;d|=uK<0C69TCpY
zQ6f8i<VPT1Sl@A}kgZhf7!i)^7m!J{3bjD%%GP$P0uk1XdcL$AA{k-5;fkk=K)$l#
znS?ZdWlbW&ny-<}M?P{N$WAMjh<XR~wN>a9t_yF!ZkP3}Brk2_RopJCh9urj`!36p
z#M_PEW!00!+vVG3HI^iI8Q#;|WxXOvd})t#kmPT;KLPg!cUj#exdChAvCs>4S$!l4
zmpk^mtbvj=4UzXH@%Hd{S)+)k7PZStWSP+VXP0$LmTFRtBTcjZmLx-Zm}WiIiu2=X
zPO}^$N^_dkfCy(^gSB{?)!Ik$0NG<LBBC<C*SgpG(afh?`Cet>Wj@_1B8ivhbgPUc
zUY^sfN|JcHsp(cVNxa?Ebjx58+V4%bCQ0J$_oiDbWhpPxbZY|<6=}M)l?X>#5aLR=
zc5^ApDxRRoupasdp4j}x>e~k6;!>rd)PCy#k%Z8<W(TZ?l6c>d9k6<}#Zt=p0c(IH
z-Yj##iY3B5r6OoPU`_UsYCyiT7WoLSTMk;?+9`hwkon#kO(Y{CC){&V2go67q9hq3
z!f6e8$eO_<)Z-3W7m2X-T;S^=E4)3`pk~2)2R!?9$jU3poTBh-3b)7|wu(ry3-;M?
zSLBFQR+6I7QyPNxqt>%N(iF%s%aCL$v`myaZoS|mDD#8WT#~|YRt+_uu-Zvdc`bZt
z0=?;^)m@U^(B@k~sZ&<|4&*b{AVzV@s?9`uF%4#Xl5ss!3Em??o&IR`@R2ScbJ`j%
zi5Gj86)%Yw`x$GpBp7>c(DSo3TM~@DC+InAEs_KyMRLwsCCPKp-*Jufi?z|yQx-OD
zU_$-XN|odXIJ1OrIe)X#I;vXk2YP<9zW0$>Am^=XM7Rd=8UKRyz(+m=ncuCPom74%
z0Qtj;^pWX6E?KpRs4@Ji^%u(o?*0eAmInS@v;L99+ZniK<?KwF1KvKsH7k;cYV+5u
z*(?*Poom(_CYqPkYgURRUW>YJZI|Q$ykWt%al`sXlA2LWZd#{(GT5SSS=l}rB)6?A
zl5Bv}HQ0ClvI@LLK5Ix8fy^DNypOB_a^I@vBb$Ldv~s+zN~HnO>=;RQ$r^mhZY{}t
z`Iah&-L{L$Jhsdn_B%{M{VRw4z9e2Ya@wOM@v@Q2PLu@O7-l24J=aGt(ty2G5^QxS
z6JdYqBPf%{{#+8Tf917zN#eE4eD;1xy2!Sg-##LV*9V`rvn26iFJKqx%K7nnWu*Q1
zxxq*~t{cjzr=&=GDiI!64}yo0_Cg;y38av{g9x|qpMey%Bi}$hs;w5Y-y@O`*eJ(@
z;`RrUc&mcq_C!g%H9&DYSrTt1DsC^A#GCPp+Z!eEX8hvzSCV)$esO!hB;Jf)-2Ool
z@6BUz`-~(w58{fkxP6{U=zKzP`z8_9cZ%C(x?`jnT1pkzzlSH6;&z}1<vG-wO4^Y=
zatZQN(iT4Q7m(6+D<*-e-FVlitld$Pf}j~sW0tkwV4{r#g6}5E+I@+ryRXaIGbHhD
zj4W$s5}B)Ag10CCfUR<NzBkcBuG3s_UZlKT#z!K7RItYrQ8if6Ue;5^h0op3*c*JL
zIFzbnx9Fv0aBt^XJIhD#`90dc=pz-NR24h1w<?8uM9<qL`Vi4d!MEFZ%UpH4GLyht
zxA@(0bvr0!wkE>;*|5s5ZZ{>OYNv)><}KC}**RQ$9&FXHw@R`R^aO#_w0BD~B1FEG
zWKM`2Claq=DM6*$^+nAywPj=AUUVR}?BPs8CsAwLz5B8CbFKJZwc7R=NlK4{^%^|c
z)wa`p<RB2kF4dn(1-#!2u<fc$=w@j=J!0E0FbTCW+kTzM+`uw;zdRbgnz!v<l57Do
z@+l;PiKyP~*gJ-xEp7?TAqvO-)<@2L3BMs?KO~~gyw$OzW3dzy9I@-zDMQI;@&{W&
zT|3Q3+5@R)C%&&_ux&K7=lRH+AoG%K4pTCbV570!)JFz^OcT3{kKj$S&Fua@G7Myz
z+aLPK7$C3MNkrncUrxYDLm;o(+HhrSHjuV<r4NW`m*3-GAnj<^mgMvhkJR;%rBJG)
zy@7~ob)D>#4_Obky0swF$?g=VND7eG>;WT@%+!8?-%wit3yjz84U(i8@FWWTtE+ua
zlGf03zkpKR?3htp%7nX%QRWSMC6RdT>8h~O1DWpj_|a?&SFo8tdfD^FAW=KFee6$&
zjMsMVhaFdt>0|Gdqz{}C`Us@^!kZ}k%gE`CY;Vi?LbZhc_C6}bBR|$xfBUeHWP#=Z
z_B|$AXZhvAKsz#?J@md@82E(dfp&wj6lth84YU)-A>p?AD`*~Q|3QSU{{du>eUFG5
zwFcWG$CE8;ndsrW_7oqv4yE3+moo{>iG#btfyCPDBq;}9X))Q#MC$`<Ee&>EW9{e(
zs9Du}tlfnOdzhPKHV{$%47E2UD1V*?nfL7rOad#wdPN{{_Ekwr?dP{tarPZa9>5*Q
zcy2Jx{#TMLAn0M7ooga#4s?PQb#?G8&VE{wIcB(&DM3W}949l+9^(2Z&d!&JdekTp
zXQvV2xT49!$Vn)p;u>kk65+b22{NPX`94w~$XI(PlRylNb1i^Ou=h!Vzm1Eh1Si-B
zC0X2@XT1sb50aGX1YZ(RsdGeB6ce6kKND<c@}p5quv3X}6rD&<^c0j~pYg0nf<4Pe
zu(eFI_b~}n-@~V-6YU=)DF>uF$RygoOLA&A|H56O{Vx&aVWOQc32m`;+_g`%yAV-1
zoMeAbg#GCQGL!AUm;`FTxAud8Ott@!q{Ul&rfaI5XDUSzDBaB?#fd2EQ|$&s*!ob?
zGnI(4KF!|AdZ?%1KL2z((?@WJe1`oilfV{u9>TW_v+O@5IlhY5B(v<>M3nVePqeXF
zcHL>{vub0r>?9)WVH|ik%g!Rg*}z$5wmo_}MM@ry1DRxdj*p<vbM2Krf^V)rvbQh^
z^!<+CM9j0lVxoQV55KvdXQvZUKF_l&%~16<4Q$P`rxQ`FWxk!}BWQhreTYfm`9s`V
z7TRYeISsy~K+Fs6JCdw`nFw>Z(0*zr+EUgR+L1&!8*{+=LVK)_ECRB~UQC2*a5a!6
z_68#CA-3M7b{dfjVcxfa%j|<hl&xh?)Xp+Hi)7%gA=r)o6f`fh;}%kVX%nG^ZwIo{
z-nxkMlLKUa*amlq+yD5;UXWR52No-tZ-IPb8$@Pm`(SQ53S@&_X$fn-8w2|~@U`GZ
zy9bld$iL|c4>#HGkPJtP-xzMP<A`Jg-p}C7Z?-2%vcC(js5jelB}uO6krk4pz^mH?
zn1wgnDUvLj>ye$3tOL>qY;Cr`V-ot^iY@lflC*2ZcPwnNFG+F;toMgfTkHptOmEA2
zw%LKD7`wXP?{m9^B;FU7+wIDdtN@?!mq)hSrX<IngWEDe^A0<P2xsF*$m&jeKM~ct
z)9jPWxGwM;gbN_E+b*&k3EXQ9YivB*yvHsh$=(9tl2nppeFcwHBcj^R9{V#Q+*YrE
z<~{ahBFg$+yWz)Vi+V2Z>ZjWsnFPF%Kf`{5iFWu3e}$A`zePmZ%CM&pVOzJsR))Qw
zh_dyKow`EV`Ws~S+c%idxeJW+pnYGGPkX}|1~~h5&<<P4+1NJ@evck{<v}|_lFAqO
zi^79;K}lZU1i#-%rAkWT?PngeD-lsXAGFU9VV_G;sZy)Zmh$;~yA=_x!3rRA$nMP~
z@Lhv&ttz}zIAXse$<a};|8WD!a3adq5j%|t+j<`K9I>0Oe$>`cd)^wApCHH_vmY`E
z<tNL|v6i#p<tNL|CrJ;PpDeqGB;M0{mR&{?8)SBY&slaQNovBbEv{R#>}ry1hp%5T
zhgr5EiI?XryRIak!m|#(Psy@lB=Pc`Ww#)rV$ZVq{`r~O@tW{<<qDNrhf%1n1<%-n
znS{ocbN1FxP)2=~dCopAiTAbOFZMr@cwY<tY8P40rM#~Nf3u%u68c&&+qR_)mcsLe
z*>W7?TE?~3g(pU~3wA7(QZu6`qgLG)Y<(le6^i15-GT_$duOn9!QM%PZQ<<syPe5I
ztMUMz5<upneNmEu;2}QC{9)(#3^m7V1Ax2@GJo2sL{y$H+i66UhnMY_Q?L}<8Um#*
z+i&>@TEAj1_Yqu6T(u7pVV^&MQrGSOSSBzCe$x&6;0-(XCej@6zT~=LM-ox~+^{<l
zQU2VpS92-t*SYY!9;9cFkHmwmoAz}dL4R)BB{!2T?Z6dyy8>VA+_5V#p-~I#>y9ma
zWD@APW4HB@89?sZ@AwG5b-ia#B*Kw?1Ty#SwLTfl&jWj(kKk$NzwI1bR92TjsfYGE
zKC&9fzxHq+Ndclc4}D}Okf)r$R;6b@kX%j*k&LkF@O!Ly3NDXxS`z#vZruCI<NP5>
zm0JA$X&&b`k$A0PUD(Be_YQfS*lnm;)kR*1cNBSK!;Iy19`BWToiD4yqy@dQ?uX&p
z&MWYXMb5aTC_7U#Multh;f|@NojB60dTs${Et622FXZ%1MeC~P7IG3L@p^7yXOkpe
z&n@EYm&EJ2MV+6RgnDi<8HMU`#hl9|quN+8r_v6#j`QgW$Z9cX01-8+7k73L;eLT%
zX_at}G6{X9Rm%BE67QR=QqHeLR8~tlId-Bg)t5^-t$gGRSTF7LWun<@;GF}IGR_A?
zl%6t9qOTOTx-!lgAGr*r$~w201nMSoA1v?uElH(nd|PID=c%vJAEmjx6HSC$_#Mzw
z-g*2NI-;CrB*Rhs12R!gUmrn#o^ifqqRoUT^1!K=O3qOx0dJqSlJk=!-ac(5=T}+E
z`$D9WbB&1du#!`Jm#VKw((Djne~JUC?93pdYB1Wd(kSzxnX!sfPZDo$xr)<R5^rz0
zit~yjczy%Fv#a8CBBK1M;-nIpscp{{u2ll-Rh$O9m50v*sp`B<MEUc)vw{fwjH6aH
zXFHR?C0Oa;m|4TwElD`sFN(XwHJnT$%6bi__#TRjMz-YNu~btZ!MdpJtY;EBXC8D?
zCGk#`2c3PATw1_iSO=XfBFa|Ksk&Fi6@<8g&Hy4RF5NjugyRw*V>tgZ3B_eQ1=G1M
zUVESS3T&s6Bp4~~klRj6BFeh$3?QOx+0G6w6<Uir&PgKNdK-gv*D1E|QCoGKa!j;q
zkmEFH{dJt@i6~ojoR?XKG-K`5aoQ14Z{%Na1`%OfEx}ejXCs#ijBUgtZGGn}B1&_8
z=O<sOc2KImQzipFRB<(M1`y#KZiE_a=uGsH*P+x)&SEA3Jg<&tAsRWWB+0Xtp8^^=
zpAu2l8#$RoR1}S#h_tcu1Ich)y}?#fr^q*tdf3c~Bf=gI0GXGabxZ>PeFZ0(fwXis
zG0_IK<J$#WI(wze%04_>wRAFxC=XjYwf3VewjM`%#t>2YdBr(QgstPv+pV1IOhUF^
zb^c)z@NB*6<T-$vm91BuYDC!9II#7q)1C-xo(!aoGr&i%H??#AWfC|EyGF?%)85JT
zEox2(tcE?t1w@`EqHMKyY7t>u%SdJnm!dX?nmai4zau?FFs_cy8$N>1jGdjKKC%Y%
zba4`WWHXTN&U_}JZ1i+iGYMs*r?W+pGVohZxN_*}d@D%_!Ozq^oePpg0>M4Kp3Xxe
zDz2W+TbbyynooN=V~B7LF|M9YwvX%p4|_Qem;_G4Jt!GK`Z(bSIfu2tP9~9jM3k*Q
z&TA|a%1<9Bj)-a-eVt4qoadvU=WQqN_pI55?^rR?eohG{+Ml2D2++@|Ohno0_r%Jf
zpA$neD$;&V*Au9jZT$$g`Z@i5<ToG#oFpQg4Lle3j`NX^{0TCHoOB{8iuatpCsA`o
z#8!FYcSwkMU!M(e2D41qkMLWfcv5bNGhUYJ79y#Vc=Oi~CyhzyT*?rq+$j~sUGQg!
z^9m968MX(tSm#Y2!8<L7I^&5bpNBaoStf983b&}?&Q&I%JP&uYA1SVo_2EuyBAmm2
z!TNA#IuW*>3#^ZDQhg+6A-LJYIprhR#^RijKcVJ?&@RMCXM!Y?hssma&QwYE!aX_I
zo<}<Kh^TrW=`=WvdQ>fsbfyzw4-0|yk<MZtDFbA*lSV}P{0H2&;Y4PUKcU{8=={qh
zbT)O8lj{uo?43=W<UB1&cew*R$tfnul>$63Pjbph@^)E|JS)k6g*;M2l8ka5u_Sq_
zBlm(yP6Hw;_DRlhA{^;65Z5H9!p|xStc%G`dmpI^GLxM+AHlkq=F~sSad|sJ)14-g
zcy%$|X(dVCc05~6cRETk3!WQrZ)dvGorv;qy5pQf&8l{$JL8FP=5gIS-C6D<E_gW8
zN%Il(Fxe^o3wxM2f!D@!obr+^gtu?lo8~yrN%9k{>u~Ki$Eig``7_5EPlPkp1Z>T5
zKIKwW@2>!v>tqvAJ!O%T_A6V*^AZ^8VrRc36X93C(bi(;uq1b2Hy%gG#m*^70#A7|
z=Oign)FT%qX$ZS~tmirr<?~`^;%{i3eeMMwE_O1Aa1Q$eS>oi#CJ#fcca`&iNof7N
z+6h0;QS9CVw_HQ1)lMEsG?}s0P9aIWFBeujr6f7{4zKi9I~654Emwo9ovM<Q3F$G2
zs3=xD$61Cv#M9ubo!dTwwY=7exxgOYUCzB=o%5<B-nw_4(~XGIyzYsSf1NXiWK^qL
z=QR9X<!~~@zRqdwBgsJ4JBx{MRu=-<;G`2#Eg{9JagjXKCTxXoR6%BwM*{DLh$Usl
z4B=60lOsv!Notc*Ps$|1xj}sD50QZPY_-X0EM>fBt4&T@NuuiWcN`%S$OGRu;g=no
zoGv7z^0UeLk_fk-P2}@_ANdN%7N_VR6c^Rb9w1wtx<pj$sZI*ZghuS`PO2o0Tksph
z?M|8`+h6g>eo4H&%I(f!BFe+<PS~HyI*wY~ozgyX7pAoBPHi8-FG;_2n)(Qy7~kQf
z65&XXLKHiloR>&*=)2Lco&1vE?k+x~eeDz_qWt;Vsm3y)-t@JTElU;c%Wpz=IhQ5b
z_aTo7yPVsSl$JZLyPStal;&MewAEcs;$`$uwbfltvnxnAiXS10T}~$-`3=Z!XB81{
ztA7I7;~XHO>MPyJag}3FdN*9V4Kn+je3DEq0&lK~6d|HK+~;&B!q&CISZc73<N@-H
zvy=5uehLEF@BBhUS^w6laE+~BgFKf8neUt`k~{_XhgTqC5K-2@a~{7#;5+B>I|MSF
zF;t2@d=B&+bY}QSZ6Jr7Gi-}IbbuUo!mgt~%EO~hT_OpAm->ZkFGCwU=EO)6EXQ}n
z9CKO_Q63(1<`H4*FM{S{PT&SbO15y<@%SSIPwM{QR3;fN)eK6VaDqfK!v2Jwk_Mig
za@sP9@SYG)IfIylR$r%_`93{uLC+~?t&emC@{{uy5pEm%;Mx4N6Mgg1*v~k_i6jK}
zzzP@lE`D~#NYbVx_uQYIL?SBopPe;CIEr3i>t`p`M+O2p=j6PlvN06MFHX=$5`kQB
zVu+}^_|wUMn@WXdt4mH%NhVK(-Ds$tOHNry&b$O)6F|?s<W!bqP&ki%mz?U7v@OFm
zc*${ys3<NuCyA&Ycge{n!g0+54=*{ledJ>xSDc1_skrdm@>Qp~kE{ckYtA4dDy|#O
zXDkzVTaF1goi8MLX9<kEQ0k_WMnrjd)5&)SZLvSwNv4dC>;-b$d7B8=GPbe5oFP8)
zEy&z)J|d$0x#wiE41Lv$yAb!C<C1)Sme*1Doh%~CpZiXQyUL&Ap!vR2%SV0&^0zaR
z2>Wv$$U`U5N3H?+*GVU${0S3f?s2_)dyL_tk|f?;RpFu<lh9eva3Q3OH|vFq7$VB&
za50}{s8>D&>)~R*kKlSEw-|q4#Z>^t#DGZlk&;02h+l{#1dc!(#8D!z_(PKXFNSMT
zAd^?zkOaTcz?PX;+?NEu(O?qxfFrFgTV`I7kBIU)ub4)J>-|~MyvRpt0m(1^U_BI<
z4diK2<ZslhvRY7_A(9a4O@+jHNgBfGKYXuONL-QRPdJZ_D~CejFG<SC(XWuu9-?OD
zVIi@Ji0V6q#N#(B77}UyhYWj&^Lruj+&`#!ruOnpcn^66NmC}Fw+ux@i+@o@y=5pO
z`b*-yWhg3!NaDR^C?+OL;=N@kE*3Efy=5pNeOCUI5Gf?1;wmAAgg;Hz@hw9P<hg{{
zOoUrFwx5#XJQ0<jQsN5B1iT&TQsOU3zP$~1rov8fDe(^xuI1*Sxs<5(6xw3VxQ|p?
zv>>ADw5(XfGNEVla$+Ns0PYAuSJujjG$P8Ma^frzw$%n~l@m|rP`02sYvn~nBFa{j
zXv8uhTNOkXB1&_GC+fX|m`5@yhZV%*-?mo}{B1i&ir;!v6ghIEKk9_!Gr}RlGM&Na
zXGG)2WGX!&Q%Q7sOs4V^9#$3uNJe@1zhtxk`t$#niF!gNe;zEwdF~EAR~9XZa8~hz
z<g?;+A{<vFNIxeA5y^;fX7NeFXfcdQXvU8g<B725w?K2WI8H>>R~7MmK2@g!L8hu`
zNhBj;FMJD({k^(qFUbrbaUfG&bmvl9Ie7LQOXL*GgsfK=?eeR*CXviaBFcIVQR-=B
zeFn(X6t#$`)>2!HVG{DEwn$_Wb^}J61yHKCIO5X-?^A(X_7Oa9926}JC|fuS8=@Bx
z&d+ktV~R~g*h73SutYWy<&P~cvz`Fn&#@Lt+2SF~MAU&_?ZMt;i&~LrD<k3+c$bYM
zq%FEg;++MxMIsTlzLE5tBBJu+h(-mK&)Yyoi1&zOMBv%N>R_X;7%ho+wy>^9lEgb(
zSXazv5~`iLBAp0Z-vOHIih_mE7L&a|UJy}4lt1;w+l4u<sq$Ta1M#jT*Wqh8Jki=f
zjF4m?Jnx`~4MaQ<ZoLOVa|5xAWkUYEBuW=S&8qLbBpf2_&nYPNl1L<?{D~3o7FGE<
z3o?zw93S};NK>($NJhkqP#5S=bFo{JO0bSXpPP#VlKch)+kA6zM3QLu?hkKkX)dyu
zgnVu;l8UK}{ROr_hKTa8g_v7HdH4`yT8hI&REugO#+O8yjEK4`c>UZ)BuV1+xHcl0
zNm%dVaNrH*f;QruB)e|$HxX@wQ;PMp-^Q75BN`A<S#2Yt%P5}<zz#wi@fH#G8AqG8
z;(a1&v}q?M6Um4e1}6Y9W9`K(CZTM!7t4rneH8=E?ZtH>DjOX{>#`~vc%rPMNMaJ&
z8R#sMB^eJp18I<#&SEtYm9fqulL*@?3${9o>g7~im4Lh^ni65_*q6JAbwoI>pP{36
z6{$W_14?xhnM|m6+d#UDY$n<>@a&2HbQcZEQ=UVycNa-S*q;}uR0<Ildk@h)O2vK&
zPLaMT#t_Mf@V=$$DQ2;ZX4&D|Es*IcmJ)&UQLxsE0nI(d1}+t{-b)-N!q!`XOfPYp
zh_c>W#8gn$JAh0d@dlH?=xsb|^%d_*vcD>~!@gn!5taGAPt1&c#XOQxZLF{8TT#_T
zH?Y-LBoR^mye;CMQU3G>nSNr6j|>JfK-?e_uWb&7!P*mUeGw%pQ7KxT;`^P!qOv4=
zzU3XW!J;}7?Q%;v&klM93scH$`xs8I6KOz1#Wh$gVHsK*mjYXZMH&(1^Lrw)vWja8
z=ounv6Uhj>nZ!LVR@9TE6ucS1(I!?jXA-Kf*e7xrD+Z8^%HjW#x%_{~u!p!djunre
z+ldvApVApBhCYW;s8c%ci)Bng>*o>THW9Uc9wCZEbL`&w`2+ESB;NY@L(xtWZ~Yu6
z`Y;KtpGQ6s`$#dIWK`@UMRIkO=UI^Fks_Ojs*6$Lg&HWseHl-SjTUWvWImJ{Bi?2b
zI*l+^yer9&MPb?skQpoDh^Uq@R%8<4-n5QnO4d}iaF=GBi1ra&36B>R6S_?uPc=-C
zL}{KN8juWYP65pm#0;Mvd@e{3|M&=Mo+t{|Qr5qKQi-A(6K(t}JVH(uux!F?1SZ1$
zS~y!x7BNJW^~oZM2wP7BJ(EQ$5tY>`;@#TH7FtgdaXx}0_Ea&^N6???VwR7517xPy
z#UwPUCyQ^GgnUjG$EA$tbF#=HqI^ykU4!V4Y8%O7FcFU87}!b{X+*dsU=HVq&bo>M
zeV!`@`UrYBPfTVK=mVn!z8_pDwlfKNxKP}ZGM<ME#X};>!-XQoKwIq3PoR0BNG78E
zStP<t<<Bo5vsjd1qTz1*MIcK=FG=3K&$quW5vfF!ttCRUl&x!2sx=X1YpK}jBX>Y%
znK;gbZ2bddxrnmKAI-D1T*MMlww8+>L^!S-#jsR92TQ5e^07!H!q)SG%nGr{M+yO1
zDN=l-6p&ToI1}>cSs-gflz7yiH6oUX@@I|ML4^IOPNnj>kNUG#j3L7Q;0(J?tn?AQ
z)AAE>kBPPx-mKvayIwS`gL;&$^-qjZ>qRq?QSETONF>7k7~s!(af*nliw)w<x)c}9
zDL6)bDhBun-odp|%w`f;IiBB6rig`-Oy19Trlp9LM3jdq;t!u5)SM!2`3Rn3+9aZ0
zP}Z?uY!PdTu+MeC=dI!|mI)j>z<asd#6ObYEm-(&bejm&do(}WL~A0f=S9%7O)Mj#
z+Q#RiNPT6!8OVGg93R2DNEJy;wA34L9tUK$i=T+7NVkh@B5bP@$rue#v$FN2SWAR6
z{|3l>B{F>kZS4?I4apzvdcJV&Es)tM1`<)Wc8cLd*w#Rj*-u2-`dYm9qKa!M$m|lm
zePlF{-C{A50N$62JEiGjl_WRe)X<Bqk!+S^)>b}2kuEZcD1XvL)JtfK{Ye7N>0&Su
z<<CA56{Gx_4Kf)b#z!#rZ^S$%+H!bzybxseiwi`Qt^MLQ5w`U)$;325&C1pRp*2>v
z)`85oqAZiZM5w{ffgBW-C7A_e2a)QM6o8Y%dx$thl=Xw+I1#qKpJXaEdDQy%Vj~f*
z<wGEINTmA62_T0>7L!057}d`KIV!Rxv0#08fyiYd%KFhK`ukB)w<%gz{r#xOBElYC
zCOy@fJ?h~xv62XTcnf5Xi~URj3*?)K6XLKW_$C5d!U=JPi1O!zcu0h8{R4VVh!!tD
zYU`wUNQ7<WC=Pv9L^VelCRp!3idZJvNO;GQ4`hB4dx$7oKZ(Oc*j8bZiE8nvt<&NY
zBCNR-$YhDFK2ib58F7k9;OXz+CIBF3#W_j7lyz}dTqL5bpA}9^w8hqIQ>jEEs@0tn
zg<er{VZHw%%J_%_rG6C+m;`#kiU{jHTQrr#o4d0`Ya+^ewpdDpt-lC*vc*v@MI$z@
zf6j~BK7wn%3!-2v<xevx^}DFSB(&POC|+Tr-K@$hw2NX85oP_NNFu`4TZ5j9B8!NM
z{SVQuwX%gPnLou8AL$6CE{mN^Le{T}eM~~uuZp8Yl=Z9PHW9Yo1N2-KF|VR6W&N7?
zf(X|;&MDW$RVIN2`FXy$Deg#;0QYp^d~s9!OGMeaDWck-X13KAY~2)ti6~pQ#BW5D
zt=pnhTZ%nU5%wGKJ>wlwQIf^d)*Vrmh_ZD@v>?K^27#?RVi6H#>#lgVoyscCP4`4C
zA9){2-4{K41bfrpVt|i~1(}E99ur#0;QaNkXxg4MhgMeqie*HUhyRN6MA*Y5(DSdz
z(E&>-5C0Q8Iw}umgN){0_K}Z)JmtoAVp|0YhHIYz$>pX?QW41KL<)5#nSc#sCy_El
zls~!L4Mf<Vy(IIHi1H`5yZANb&$l2GaM$|CaUglz+dlFuko@jjue0?gnOuXB?jT9#
zLqEL+GLi0ZCfb>2!nMDMWD-#xM!J={pdR+{A<2v;!mS0Ld<(kMeB`MTaI1^Eo=M<7
zbmTlh3b|W|D9wf3?}@PHNRr9d6>V|smGf#^VRrx#wuS4cBJPJi(g>a%in^1Dz<w`$
zJAnJW#oSqvR0L8SG#7IhF$wJh6muW?^q}Tq?(uFa&t;)hao2rA#a<OiDYr9`gupP^
z)y8Mo(ryn)W{1ezlHeTz=uc@kmWYbIw5xSjnrnmR(r#-as@}`Edx@xCS=RlTNgzI5
zere)fkmPH*Vl3}oC8BJVcOQS#SKf{6f!5Uw`@dwOdj4-2_7Lm6yqnnTahXwXaa_1l
z@f3U|QQn=wB(w_=<*t-6_-lg>#2)3Il*HS+sNnt~iMPK|(fwNze6Lp@N<HI7^krK}
zngOZoHYLItYYpUCcdd_LEmw0Jyp5&QZvj+yTT0^n7C?3PHA&XJ%jemuyM2kMtX6kF
zC&I0_7uc%qru)c1AT`|_{m_=G(^_sjB1%tfSvxALwcS{fQMFUsP42I<Iutb5c2_eA
zWi{xgN*T=RD3A%dmn89WsJs72f*G3tGKQOXfXd-?AeP&d2<LDv5ZjF-qN1qdK46)^
zE}eHT>$>6ZJet+IZUITWtk!kQNaAI+u3LqO%0^xH4I-S?m0-QD`;L!n1X9oag!Rxm
zVH=S8?lvFU1*D;S-AAzAW84=9vWEp<=C73-xi3p{t(iyKNU|nGx)4zwHgZ29qO#G*
zJwk+i&IId?-N->?i#)`8`I@-peFSIoX0AyjBLd%K;SAf{eL)huy$VmbHFp~^35{CK
z-CjhL_2%vjB5eH_Sa0DT@{yl_v~<s~o(Q}X4BxP{a?eZRo$hPpUSSfl)ymB`7^6_O
zTDhf(u&r#++}eGO2)C9?KwfnR6UhjxKNg<xfwXZqF$rmI<L)4$G`Ddpy^FS3^8+Z=
z)@|e?VQ{voo!gcO+sX^1gPTAkBLcrJFA1cxJ57@I>)?wzBJ-GpMZo@ZWg^*3LjH7i
ztG)MVq@CSSMA)BdQ0g^zDG|1=19{#3%tz`0>E>n<fjWgJ4m@w%!#ys^`*5D5Imq;I
zvn07+BwTxyNH&v@KRw)PLmu^~hdVD;<)<T*dehxb#P|Nf{Z10EPJ6n?BpFhV_t|>7
zrzP=jhwJJ7Cdov2L)Q&7_jE5w;(f2z)4e50;RJZ&3~jZi`?n+y#_?UjJ>92<qK6p~
z<;Qy@uO!|V=sn%SOhS?NbW1Y{t2h<joRIaZlHh%n{ekpy4N1mA6tO^hyY(c&y97r9
z>Ekw)WD7)*0OT#VjU;$0Aj<T0yGW7+U+hi?^0wPYk^uNT4@f_Eup~7k>F<6Z3Em30
z9ApN#<0UB$cZOk|zT?(=pXy6{st4TIL4@aAZY?-hzUy{j85$FCM0(flPlVgp=TPcB
z_Y)#qYA28(ZW@t{u<P;R)Ousxuwj(vP!40CnBQaFd?cf0kXZLKB5Z3PXpVIc6H$F|
zsA~*I&1^jrWZrjQ_K{;ihCM>g02$$SCz*^0{1)bSARoGYCFuZ9qpe~2{GmHUk_j;$
z87Im313cD!=q51<#r2_^NrZjALYga#P#)d}66e<Pk-veAbn6qzh)9A_6s?bPUzWrh
zS4X)$n1pPNa>o-<*%;;4`2cOP_3%>g?TOok2<ImP$QXA$k&K8JWdBNVw@C6?h<qi<
zD^vM9@dS6TBqi%}uS{^ilO(bSpVd!rk4f?xM1kkb6WlB&A)gc6_8+2$@zm<dgFgvw
zER#?ho8(?5!ckNOnaOV6I4qSBfj8viue?oh3rmuH(j#S<gltW5#}Z*ZwL#AmH=PJ)
z4Bzl3x%Ee?+HpW;>LUc7->12+_+;=``KG&X65)9e0@Y@?<0SFwYlfS|B;?NwH;ag>
zuNiJ&l&Y`#V11_Bgh)n2;W>QLdzRapN!YEZaIG=O%yJhp32C0?en~`Wp5<O3!m+o6
zQnTI4qm`|8K$2aZ2)B)HK<2tld<4%`&U3pG$%t4wfq&O*f!kY>TC$cGxbH9t`Ln=H
zBBJuVzzvR3*8763g>DQHw*DTF#qMiFR92U`Z%X22b&1=LNyyd`cMK5~`x3Wkys|X{
zG%t1A`N$X`%iK4Ku=UA6K6XbF$%tq)EL{5t$SQZDBpqNU5a0N$a;Ho3CFBNM_$qfE
zlaN2F+#F-ky7C9~5aGI544PNF8ARCnN+4_8EFakjWSx7HNJd1@G+zI#cOOX7Vkhi{
zgUot2d>q<>)*|P)^=>{UA%E7paYR&Itaro4tNeTodN#NXh_F96@_*{S<|F$+=2LgD
zk7NSb=q3<R^_AjIlOz?samLkPiaVD{$e$GV6Cx@<DehS!oS);Md6Qdi0>`yz2FJeH
zjb;+kv)S!Ug!SON{>|<{B6GEVCY(bDJzLzxMAV$J)lHQ$_%!h=$ZU0UCZH{j9p|`h
zZfzgI`y4)Zn=lF8=aA~QlEk~uA=T|jM6J40-S>&GhxnVVsqO?WMPnWQuIqMpJ`s-n
z5Af$pcL(bUYnD4)yAI?l_a7#q*uQdfPE<bQZL5zGytQ?QTgE4YwsyKnK7#&y?f&2+
zcfr;!_ac#a?Zry4&jcjR?UYEi0$tt>({jR%#=G5FOz4+qk?e67N%B!II3o;XuUmH#
zm$LhW(+Rh9H-(Aj{T6MyyHgVH_iEGKOi8@ES<>BQlSz;E0KWDr4w}>5PbDb{cUqPu
zk|{~i>TtgTkPP=C6UuWC$Tx1UDX2%ax<l@mBqW^qS3u^lJIzNr0Xgb^M?{@%KIR^i
z<g=A<7cAVte#|{B$vYMJtGZ+EZ<17akH?K;?j=dQFWrv0w<IaH`v0+a9pF|K$A9lR
z_rCWKP!q63QBa9uFR|b~=OD&jVnsz`7b7ZBG@>A=pn%v>QPB{^5)1a;6-%BqiUq}v
z4KzV)V8QmEotfX+d-lG=y-(1@{NelFx9soC&dkov_Ht?MkY0Iuq5O>^8?6gI;Td8>
zdu!gF5O|^7R*^kYnvRS(uX~}~@l45AbXvjeL%DdNJc|+W@IMjqV!7j4!r7i9vSa?q
z<xYZ_hc#c5%jYUGl=8KAkzRi*Pf}zZ%@?H_&3w#?10|=E%ZDklHRbEiBx`c{Iz|3K
zItw3jwxn8~+A*82$>ntwIV7bSE(n+4UzpD%MqCNLR(|aq$*HZ&rx4BS<qs>6a|wB~
zyyCgpoW50FLlKnVTjli?K?%N9?xDzWl#7dq&s*iq6+!8|Ro+e!l+Ih_T@^v;yj9+p
z5m!2Il~)?W`f$E%S-e%=LXh<Q{M7Oef}~|JwfvYOD2u7(@I0~MMWo?);xo0}QxVvC
zYI%$zu=CXN<BGt}#OGM51p3CWZTY8`mpI>Yc5P-$G}~6u%wj}*>`K;W@e5o|ZM*tT
zxfdf+<8C6Fcgy=%AomdRe)$qfm0Dw3`6@+5X)ipje4`@YYTcPuzLODW=V|4sLX+Bg
zT6wLptWU~$dbztI;5@zDQxNm3tHgV!m$zg@bbg35oL(MLfjmyg2jwx0IM4i7dG!lj
z-tEfCzss8llAbL3sJx9Lc)#VNaxX?)E<P$>Qo+Z1%SYuWJU%na&k154+&3_NsGiO&
z|EnU^^OWl2a??dlA6pimmG@;t^7R(cd|v*W(4-p9D*s)P@kdMTo>jhHkzV=|%dGNU
zj5wWVmD~T-$+9}nD*r){l=JNJE{cHj?DAfMn1hM4&Bg3;KSo5uX~gG?@|8lvW%>~z
zUzTsGKxPs0Rrv!(Tv^O14;^Rqku?X~)_qeRrAQyG-QSc)D^k*S^_%ioLDD|=oAO7D
zh=+eqvc4&I`<u(@!ky^%;mQLm5Nqc!TJmB`Be__XXo}H_6-YNi8lo*2alK4qw7nu|
zqZ*^#6hRx+81177a?uzaqzH1+81-kwl}=+s55TcLws%;Qq&G(W7;(MBLec4hq&1~&
zG)9oLMQR(h9nX0;Xp!1RTPX6Zwn%NG;fgG!t$N$&1wpt3W0KxBdWR7yFFPY^7yZD9
zSZoubX&?2t)XHjZ^E9>dTNAQyw7DQ@=`0-W%ZQ}ffoV=*MDk_JVv*?f3dFvgvuHG_
z0<kaW{5qN@NcwV4$7rS^SfT0|eZh#cYR71?%h(#6uiZ#`$EbS+Vx=z;y~&7ZcmUBX
z8O^9b{!GYH(aM)IpQih1|I7A_OGj%fV#g!)Zr9S$hKlU)IIW0Ks->e%8FBh79i1vP
ztk1Dbb6W*s^;tGr<O(ZG^f{SmI!DV?AZHV@T(k!x&NG*f_E+RjBWd-CXqJx-QRHiF
zC6<qlRHV--vNEuIbSxuI!{wuE84>9hGoSk^kgEyl8m;wrXI1+O-*2OhDiHe$--^+8
zf;8E825zKOD@D61@-e+^b~__`GvcJL6b-B3b1&1}R)JXitQzfjrL)gdM6+77PX#iW
zkTs%lj5zzO8C{{s__t|1LNsee*D3N9owT%Nx@L5nBCyz+(S3@1M7R9x?%SHtql`G6
z*Nl2z<*e}za~@rRSe@62{>_M3^<$#>UDWMrPL<Z>b)&Tud4^WHz95=)qwb18pLL_2
zil7A7jkaXO>9cM$NNCu{zGXh+8F6iI_o(MJ&W7!lq1z}?A4VLXa&)U8ZJvEzUi2+T
z6BYS4y<TPaE6dU2ik#V2Zp4?PNs8Dv6z#mA98F<F>bv!pax}dHu`4-IG`j-nK>EZ{
z+X>F9OA(S}_}E{e>Y<2hqc)0`<5Xhj<tSCpD6T+OCFJ+fMB&`D1+B{3x$q{@<BGsn
zH;LX;<ZY_&>rkpqq9w1D@@hwKHg;#Eiz18D3a}u%Fyd^uNwmMva9Q-=R0Asz>l>Rz
z8(!ziVoRdgJldiH*@=)Xqv4E<Y{DxdTSccUf>%VgipDVFq;D0?5gL|m&zx)(Eq1-L
zs+GP?v@s)MvE515w$b(#$N_|G7o9GtnmXwGV*6+e5L(}`>n+<y;}~($w~y|t;ByG^
z**<D>Lst3@(OMOV9gpo8Z7xXD`n1<?cd~Ylwo|0-r?R@cbF?cXPS(!R0FTek(P<Tk
z&FL=DEsRJ`k05<^jV4wgg9+&!eaJ|2o1&gn***GHkv6M}^xdPc1xfq3-J>OMbosKm
z*gaZ<5m)2>812G{NI#Ke?HL_Vft*gr-qCPIn%m6SRQ3?}iB4B!(Mv`8KG7IKQtA6d
zw=yF2%bp|JCz@P=oJ*Ydi_A?<Lu-vb(HKTVpYcR<V02jpGJ%kTqPHYf+D7$_rYq83
z`;@-X$BLkh>KlEj2->K=k-6DQcjeVLI)o8tpT5!gjEFurlk|h5D=LtC2{|<Slo844
z!-VvU8gJozHQAN_rwKVMT0{{@KP*~;5hwkyXnmpKdSP3n!=lY95ZfXho}sa=P5)?5
zrV$OFCs{{CPfMz%K~G2vd1UmuB4}HVjGAuE=KaWMF-9a8uMnRjqplUmR6_m|l`D|x
zgd7#^P=U-OWI*(%3S>4RM`t)&osWrzFpcQ^Ezt~&rbw!^Ob11MZxb6L7lWdKioojz
zMY9<hW>%+t&v04Vsfohdv-vtUT9gsVS39CPHd?&`v1jm(i@H}Jc06``v}XlkJ#$zT
z++jJ3&c7i(Cq|1_AS)0uJo*D8Bb#jdZ2RsJ(JqQ$JT@ZQOOZJ%%6M!<)Rz(G2_vE#
z7!g^k5a$umBu1QPj*Qm3lkLOavODc}pB!yefviobMn$_Y(%feK{sFHVof_?>h<!=J
zt|Ofq^%W$oxu-@CG9uC=;&W<b?sBqzPsnLee@2EGJ1^LUkkQeYyDiNy^K4gR4kBbs
z^sOMQp|#<8(YN<7pR|<EkBavSg14&9kJ>4M+4}iWM@7)foF8>k<O6DZ?aNf>M_m=c
zTUF;rt1;rNdVaLXeO8uRsW?CC$%y3iFw*(_=qyIWTkLG~g6Kv;Qk};}cM4+0(fe9<
zg=%c{gd$i67#mGh#NGlBnl10=obnlIL7rA*M_n-+8!h<&)1)oH*l48+#I^tzW@v0}
zx+v<&G?I$}l#9PcH%Y3r1sE4iR0J)+xM(^f&OYO!SrvSS5T9|;rVl!OP9o%Q(YOla
zLP9Q&%tS|HOZl4U3qewgO^Ci%<aIhTa3iIf5H&o+shaS**Mw+cMX=^MAzEA!yzVt2
zT2>Lf?lmD=Q4zfEH6dDy5tpwC(IiI1KDV><HzXC?+1l{BXvv3NF6=LdULOr-L{dFS
zscwkg7n-I^Hj|roH%3c7BDt`&+n%+)F&fH<lYV0~N@&u0dSi3}Bd#vr6g|y|$Z958
zH%A`{pEh{a|CVUBBFi5{r{Ia^mdHG6r8`--L<u9}y)Q6Le@2|FJE9f-VN;2$cZufC
zXj4X-+brB$M$30a+cGk;X%4-#|1YAsE9#{P-qgJ-+EbCiG|T>kY5EACv?aMKdYloF
zZfnzBQSW9a{R>KUcQlF-C;gsiv?7pxPc&8$D}6aCuY02Lf)qxp^n0SG7?HexN1X48
zUade%ooUx2n#G8-#(mLIk2!tX5zYP4i51A=ggh8s&Pa1%A3E)`3?UPv+XYE;Ix%{f
z5s}`NX{IpZWIY^pc-+ZagJ>R!ma9Oz6Y`H}Z$?Ho^*vce@6FMl6xnQ$^eN3ze@0xn
zH%Ip|;$$^Pa~P3Q-iSCq7H#;1mEPQDuOYNAOvvNW#)?F*(l4qpvXvsoq%=DUlIHaB
zXb>Y#*5lDAMnu-O#OI0VaY<Eplq|M0Ax}nao@D7MpC_Y^j5t0|Mz=5`eD<JJPeq?H
zB39jxkf)<>E0Df~{4-kVDaqIR2M1;VA(Nst6|tu^1~amOBK_(9`!Gg&3X<wGDY}Uf
z(Z{YVO^TLy+LhPIl<K)?S4KpiGYNS<`b!03&t|+3jb@~|%}5$YSgXDmjaB4u($MPj
zVl-ZmRQik2<BT|Kycl)-r;~mjrJ5Y=%!o)IN61Uja7LO77k@@CMG!J2nxx1a(&a`*
zIzE%N{FJC4BTm+oD16q*x`R@^68)YLk##>IuSPpmAdeC9dNhs^cM@!BbcG`Lb&{#k
zb&9O=X2HBnsisD^36kc0YE+zLr8|A5M!Pa1(%+y|Z%0R0AkzqWH~JeR;w_&MGA(+Y
zk>)nr(AjT0`kEfSrwGofO^;?M^4=Bn5($l(rbn{`N%ff?#m{B+nI4U0L}YzUvOb7j
zW~8~z7aPi2_lMC`K~g>+M#=M*kL1Fh;{Gt&wgR#51N<vGiV@*#==|Kjqt_W}ZnHRf
z%MP?rJtLZ~NQsd5Db<YVV?_qi>u~n$_l)REK~m{6B7di5M%3vAtB)K1%!qD$F`LsF
z(F2T#K8>W$N0FIqX_^bOs4m-E05hYF1xaPijJ9ROmEg?iI!1)g!o=s}=--TpH5Mb}
zljw^Iq!S^ZM$5g#vf6yEr86s9S&;!B$Z5k_(b|gi>=>ApDb=hf79`bYR&*jGPM=xP
z*^G!j_IHS9N0S&4eby)Bi|9S!Q)o{)?Lo+w(QjX7eNxU}MyoU8IDZ+%j0oq=DAiZd
zU`8D0ucOhzC*?dRdQOm(^PK1vMjYokQJX1Nx^Ui>IDZpu$%t^aw=%zt_O3we9RIuM
zC`Ovw+^uT`KSV<mxk=Xweu#z(l1l#}dYTa@{fFq3SDf^nNxF$2XQa6eYIh-?q)2=6
zL)+FB;wgd@en{vyE*a_iD%-FyjD9_H58_jZ`wNmvFT@Ws;!b%L;;Dk9bBAKQ{cBF2
z{fJK~K9iB=Hh=9Qb+92mUlIE&6@7`OAs#PCDyyMNRzv&=)4061iMM&($vTYqEEJ#0
zh**9AA#LMJE07ZjStM>|q`A%Vy<{D`L;Q>)XeBztFDYVQlDE4{9pX0?vHQaI)KG_b
znjopp9pWY4aQd7>vO2`OG9o(L-l}6fj1ke$zCpTJJf4xW%{20a3n|qS@i%XBS@3ym
zYDmm);_xj&u&el+xUC?m^xwpt84*9cocR1EmS6D@S#}qAskpb7YN^<NUu&t@e_w0q
zcwbFrf0NX{Wzi`<wL;belGQ05TY=n0$g=SiMnt-uadeJ*PPMrZ<X)ob6893MX~<e~
zdVjeT!3mS);{BAyo>Y05QY{xBC5YLFR=O;*e0&@uZmhLJJc<$LEi1%R-gc$)1f}X4
zFY%7kXA&X5jaOnsQoTk<w|G-Vn%it~jhv}iHQrVcoZwnD?xo1Nz2&8>RpUJs*^z#U
z$nNi~8uwA;C9MUk#{CqTcA}h@ST#OMkw;Txh$5TPjLi0xtH#3>89WWh>56QYB4ZR;
zj^1LjZSSh_I6(><(F%-hGgpm25G3`VRpayCwbnSB&v1UgG&c*9z6Y{K`~o9Vg4SYd
z#P2fVEVg!R-m`p~3;R*tKPQ@X<AoIYfb#w=A?w8*6`4gjEiFfPJ>qT^NP9vyh}Ti%
zIi=|yZ(e~cPBa_FJ1DX%*~juJ$9*ag%O{EtQ{*DDkEMy@6Dtr)lf<Vh(o1Q2#N#Uv
zOS4ftL6I_9wKE|-<J%P3j;z{^kd5PqE0DDb`F%X80*MIOBz~2Vv(1|~7tE%FY#P5;
zf&77x&EnPG7aQ7h-MbO8c~yJ3dE9N9rEwm<ReU8Q(gN&7skV+EV?@fU4<Xycvn!AR
zglr!drdvKjb0Q%-#qAksZu7+L^fD76z2e0b*@<2oJDrhb6#0x!wAwZNUU4@;3Z3X3
zY1^mtivJ==>SMjCe5_Y|Gt;<S>=sXCL~?Ns$?6^dz=&vgAtAfR9X}BJTsxFb!V|Jb
zyo(^ItUcnr7!l4_GtHqD$i4I%SbvO<Wkh7%NHlxKcMG33_H3$sS!l1gS&)?TUhyPG
z+z4&2c$E*WKEme?;<H!Wy#kp?$UgBvMkE)uJ=`~L`!8pCd)9HkxN`;a7^T`jE>|GW
z64EE$QxN`bL95|G@xhAhxCNb*qxyAFe1swglV{q}IVc{&h-)Dail;K-EPqhE&c9tQ
zUL{$5<0BYxbBBZDL5e&{C$w$PcyK&Sk=_@J^n>Hm1xYP-aQr+YPS(Nk+l+|C-X>Xx
z#9d}cnO;n*g&z=dXxx{Pv&~o<>3zb;B|?*O?iXLhh~wNZzJn3rJcm;KIsQsg749c*
zDJ)Mb_VI=vv8<HOVe!U{I6jBPJ1`=Ankd!b@n}g^7*G0?+R>_h{G7+9fBcHar+-|U
z>8!d4@i`*ilo40sj*RzU#MQW?;{6ptjXNqnM37YHqvF#UaXKFr2Om3Gi<7JY@y3kE
zXmA-qj*hod1f#E`;~f?GlHMY)z17k2?uuMZt3iV7r--5Py!{pXqvL*pr1~5kKgx*H
z=jixbM#P3Iko05X=o71<<b4%F2F9CJAZrscDE=cObdQ5%*;_4x;{y~Kt<nd_{RBy+
z500;6#7Q3<clgv<BO=a2;$Dn27sB7us|$o27mrnB7kYtbD@NW^#J-YYXHv(-Ykg+<
zxVm#(Rcm})e3Z}>?D^Flh|kdY^a^BmLWafD6-j7q@IXRNip}TDxnSG*!w4B3U&x5q
zr-7snkDp`2<!g96l@YP(QIu*#+<BI>>R>`f#_KZDT)2gN^&~=0jt2;mTI}T5pL?Dh
z4`mwHvYj0JFNvKT`!9)&idXx>N_Q`bof7XRNIG&jJwBZg_mbG@@pX#eC9yN&$%^2X
z=$Y{hMQ|JUtoVCD(%Yt^H5bleK*VC!hNI&}zGMwkeLz#0s!J7(9gW+3*&B6(Ldz!>
z8Z+x$`i&Y!Hf3a(nM1n+B5OP&!rA`1@#uKWS62GDW;&I{sZ<tc#}gGfm5_4?IX9lc
zNVCCj2cH-B{@SJ*X8yS@&5-DS=fx8h`SOoIM$ZwNclQ7?Ly@D2tE7U?CtM=AI4{jb
z=R164!?%ER`bIdPcnJ9PR%EY3$-60E=f(XMS?>xusrwu1|Kdfzl~nuQLOUL$!3FVB
ziu`b(oEX0#-b|6jCrGLb;_Va}u!Q^q``Ea*B8z-aZ(<RjvGKa!3Foea*nC|Q_xwSS
zSLwHR1Zh`Xge`W3+UJsZ(~=-Vj|5H620;!_krx#iH4rpUHww+E#{=o!B*-x-&Etv;
zN@><@BQ*Qd%R<&~E{Vl|nhkzedVD;JY20r{kB=wQnAo;0_@(K~(^UAS>A$B4entAq
z_<2c{{$BPq@w1BH_p%*=-^;!RvYPOF*$x?ZzWiSHHIUVW-^&Jawt4;`@%ahyU7Az)
z{DipULN@PX%t`dy)7MjZO^A!_E#hjy4e_EC$iv&vE==5UVN26&@LSk7$Kx0oW{xIb
zwPkus{NSQOb1dCj5aa_!Mw*Sb2eSOHga&rLC0>&eS9flS_f-US=a%>;MNoHciTnN9
z@)>4&oe9np6*>A#+JT{b-4cJJ2x`Hdai<QF3N_`fc$6aV-ax;K5YVljxJyT&Ih5*!
zE$@5c)f8!>6$Xpk8xK-sIjR>n)qU}BMJ`-O+Lj068A}PDcc{Ox)_5RpT3V3p4-L#h
z^iIVC@$gQ9ym%e0h!FBn{G=iSY0vjz%EhDc2a3!g#L_$#cj+Rj_8>l%^ONzCzZGP8
ztxZqHcPY~ET(QrSalaLX=KSl8X@7@JHMN@{%LT&c>A26zf?TD!cpAQHZfvHVZOZA>
z@XWLpJPSWGs0Gi(JFIH?G#k`{=fNkf1(Q<*wP12uQ&0;gLsnV~9D-Uf8Pd~QFgZSo
zrMv#(rT9cfPBKG|ld^azK24FA39;)oFU4aNxj#k5De@#Cw%lKeuU6z#MP82IWyJNu
zQ)084&HK4#VR}R92`a%Uad$@KR~?@r<P}}X5yWzSGd{3_#=ZggRy?=@u`l&ajmI!D
z(me4!z3@$`-j1g!vf=<)uX{UgSlvn=nZAhlcD#}x={u8e$6GQY(i6)3+wp!Ch&{jY
zPTXIRrb{0&W+EZ)#se8?HY?M*v9;K{@hC+;>kybfQ#Rg>?_y-6*@Nni_00F;NsLS@
zbb5zQhBESo&@`R)`@kGYMDN8jG?l$Q^fKA!y*OTjbHO*BEb@MQlp+Vx%F^qEOp6~;
z<Zkj+%jbi5k|4aoX{CP<&#XY+p;RBl-!U?+&7Eq)595W_w6dlZKHNDlx4uAo3UL=j
z?xb4z5F!7LH&LWnk(u$I7!e<P<59Z19uKNOJ|bjxJcbb&+k8mU=ftb5C8c9;dw)yF
z4{<L+SmzVS^gqOhD9wTNJ3he*)CMIdGIFkIq*bLRMov>?tB>d`HX~ycx#e}C36j4t
zBGQ*2njpEAk&#U$N@ZuG#pGT^Y)fNzMvBQJiabYr1ewB!cuQyEQ%q(n&BhJFr!o0X
zkpi8Mnn>1cOiF7@3BEi<Rtp=G_KXOhm5EPdvX0Q0*QiW4Af#;)D>7s-t$h*FF4<g>
zRh})FEeL6!?4Zb&UFc5a)ASqG$pefCXIt(IC;t@0Y&BlSKMN;wDrnB7S7sJT+N@(W
zbUoUl$r6g7)%sQ9-^cHmti&`T%eMR-lZ26xO$YXsQPbkdW{Mn6h^^g=C)+6!zae#J
ziDXwrHYLQ;ERpQPh;Y7_EW2bfL}|{Y)hAoymQIE%VqgE*g<is3IyqetJNKN(G-E3G
zSk6l);{`E`yg_Rlv@_i)d8&eD2eRri$*YV^EA03-y>`<~r_+;}jJQ^G`NaIrTI?j#
zepp}*BoALcIjy_3x1(7hS%ql?*^M}_kZj0^>kGOjJ1C!cH98APG%Hovxm$8Z1s^M;
zTXKaU#?HS6yk?OV)@2_vZxW9K=&xI{x*~5;dw2*TD<>N$vitUdIf9T?l8qJVx-5;K
z30XDSMv<?_3e9TCE{a4K3bJ~#uOg%9J%<x1)f&mUj0`gqX#LFoTEUvh4U9+$4kr!Q
zPVQ&K`Pe$iQ;NXHewVz)h*<12;=F$1k3~03KCj@sAC2cXOunx`c6)^$8%v(F)s;%e
za<*-FoGiJXlvf*?7wkUOm?YUx5N>VGCs{p`;~9Co%^ADO-sr~3NI?qAoFg8!aq>5%
z=})s8>xUaBf3M(k3GvxDdD!E#Y4WtkXVc^hkI$yb_l!v1AAOnL+eubf-|9TA@Wqya
z`S@L9woEo*L};!iSz9H2J(@oxqbg`_Bbx1!+dZ0{lh+s-W(L!E)xHweEBRJZnH8zk
z+Uh+zIh<^{ft5bYbX8=xD$m?K`GjdiAM2UBC&ljUhip}Q^LO{8PX+SLOk?&)o)*L`
zvQ1zfA`SnTthXVjGV9Vg^Ct<}E7?eqEymFK4np=$wyi*(CuE;wiX!$k5=*mx@~$Eq
z{!>yNkjzwM@-!Od5lx@uYej6`d4rGxlZLXDKAd$vV1^-tqV(^P#%_C3Z6f5L6j@l2
zgOg62O7d=L4o$i-@<@PGe@;flmh&S4QXQ_Tq+ZxmM<ieM5E`WVOVVwVY^niOvW`gx
zZjntjDCxU>Hr3$dyxlC~))S6P#xwG$*=ALGjh|M`j!WKR#EsdGYa!K)s#NRtww&jl
zswdM_$_jU{ooZ30sZ7<oj#PcBQe9U^s=KOE4c?=+hNGCKQo~7gq<Xz7)g^zdE$cd_
zsgyOVj#Oq(%egYuBaF<wye3tpT5_-28g^xxN?HBtNHwr3)x<hdJzbTm<KDG3?7}pa
z8uqOt)lpTc?yDo!<5j5^-KVyOotUOl!#~!Ms&7@Qo9ak)UsbB&zO^-6lxZq8>|IBy
zK2@o%t0UE2RjIzLBUN!fn~O>fw`FARKHs}4)dh8=x}qx8yLF`cq$*YS{cBr(Q>LlR
z*GYAx8eNrYN*$@*t4g)P0kt(;i)kt~99T!H;Z>;~sY*485$R$7L?gZ9k`4M;eMUB2
zMz4`fr2ieCY$OQx-S*esk56_{8apqrBebE(UW(YgQJZRLa$rTO21ZU0#7w2J@w+rC
z7@AyBfmoVh$>Yk$avno{_pszuMMe<vFG@8mF$ao<LkGwh^2B6GMNTEezSneOvV$Ve
z?kn@klajuQyh4bjIVl-0h<S`wIPF+=c+&q*%-KwwP3PT6)`(;vBkuR(MkKEb4O?Rt
z(=2(Aq_X+?mXMQ^{uPMjJSrKj$i`jho=aEyE%l^RUz=)}nM`YFKRjp58Od#oj5ME-
zh88(9nJoy*YEP-oN|ry^rg9_vG09qrV1$2O(o+$vi;hjkF(M<PF2rYSaxEj%+TiBh
zg~>+kYza(jW9a4Nvq<R+le>hb(CaH>cKzHUk5=$miTGTUe8`B?=i=l`MWD|mN#h}+
zGxWJEi5L;D+kp67mh@E`toL4(9IXiWT%C;a_*|Pb9%?yDzP2Vl*Cxv_;_`KU@>@la
zuj`Yw1WEICee$ix=Z56h{VZq4=cZ&SMZo8#q^lq)pPQ0?e|GxxB7JU7KBz$Y5ps9Z
z_b{eudTFGb7JD!`L6M{B9pE!)-~7SkWJT^vk<o&f3$CDhOT_2FWN?2c>uf?EPR<sj
z3HL7^O|Gt>xsYfcO(q_}`6|3jet0syX7f}s<S!PHvbce0o=NUt#Fgob$)k#(EG8!}
zDuObdlDx;rFf&kB<EJEh9&I_FZN^L|?TGV~Bz~z~T3&Xa=+$H>)3{xa*OJkUNSQuO
zsoqR(QX1@ky`7k2EN7SM?c^v%hM8uXmD(2Ry<~%dE?-vGdr415nhkV*KiRT^=382$
zem~jSqxm4|!-(i(`FxN}WMr86`XQ0^VbW!g=mQNuOa>}~b?gt5Zy7nsywEIbRx@<I
z(_ET*8J!KMoX$vAI@a=$S(2@dGm|wL5$SId&CFz5Mn;;|X&%@8eOd`jdNI;$z~|HC
zHbs{F7p<aG?fpENTEVB+H^$6LKJik`PC5>@(ubLqFQ=V-lJ#X`juT{YLS_^4b@H?#
zkM2h0No$pJk|mFqyhGME$##s0&fih0Z<GCmrpca}97(HKKO_e;B3^gZjTRZs$h5*_
zdP!`HA~irgrYka@5c_Vt>G5$zD*K+5>Cx^4E8V3k^f;W6<^oa`dJI&W&cC8nz~53^
z-{UhzhMDJ%r86M3M;P|-SKdlJ+6=XvB^T`}RjEhJh^rTkJ;o@4dePKl!(n0#_*mN>
z{tU5gkA6(!dh@nDUSh<JqgqP!URA2?PPDS-o@!5~sg%`RN2(XAQuR2gwybTLrc%}&
zb)<T<D%BdpYs-q6rc&0Gb)>qjDpjWuwPkf<no3zG*O6*WRjSYHNM%M^eJW-BiIKUN
z@=;Z(UaKS32UV%IJh`?tdNEC<hPTy`YGPHY6-U*UwJy_C${JHgs_|8+%qg{HwPTt}
zS%0o0)sU)G@6?g%ld4p^o?2VOK1@@o;Xmp~^<q`3@@chYZOJs1vaYL2br&PjLfYTI
zXxrm4M%?aOyQ<c&U60p2&h2_^eR@`(mQwX*8mCXY9?f;6da)|i@6V_$YX_#Ol=VOz
zsh+M%RX($}tSy<QQq~=Hq<XX})jDU@merGKDrMbJN2>d(Qmrz&wyf?<Qz`4pI#S(M
zm1_C3Ys*@TX)0x1Tt}+ws!}a=PHkD;n5I(J`E{haqAJx==hh*MX)0xnuOroURjHOA
zQ(M+rOj9ZA>N-;0R+Z|C^J>ewiD@cjt$2RzRO>QLWvU5vq`Ipr)zuf&mUSD`RLWXq
zZ0%ItnWi#Tw+m~hT9;`mQ%$HN)m>GouD+<YtlOBTQr0Set(~en(^RIqp^jAdRi#>I
zTy0rBnWj?K^>w7WuPW8bf2%F4JJVFkx~7g)cU7fY`QkccF-@hc^Xo`;MOCWBE~zc6
zE7MfU8eK=KaaF0>jjt_hNv5fkHL8wOW2#bpT1P5#snw@a)}f5Jv2jZyhk;e8rqq$@
zy{c53Tvpo}J1|Y9hWFQz>glRfD_>q)R(GbUly!L>scx!Dwa68<Wp!ejN?E7Wk!oyJ
zs?y(U%j(E9m9mD_k!o~Rs_&{&`E&esJ=$Dp^^p<m;xxx^*JDXWrWN`Pl(psdJ$|c*
zUEQ^7GVOb;BS@Qj_Lh~>_C4&Gn)4>wmEOSgT+fEp@n`6UiTyr(FZ(?-!`E(^&gb(P
zo%OK%4%pj<bT4&?r2p2cZi?oVWo%e7BfHwLTCUG;e#fugRP_3a-tM#cx{po<Sv@2k
zm`<ZB<F)l$;v})t1IODiG;i%9`Jb_vg!5Z}pWkI$iX4Rhpi@IOKfj_ghBjQ1{%kpn
zxJ}~i=~S%658hAWM=v7ZH>4M`t^Vf>r+~`o{=>6$%hHJx%cuVag45|ciqp9{4Zo$+
zTsD3Iz3EaJe*UV&A<yTNmu>|*iDmh0(nZoET<a8(gYO8xT~z2Erqet&9YW+6;Wd5b
z`yN`(W#$){fjd~fp}BXg$bF6d*73QGes#g}MF{=~%e3lezl%PBK{@#GOX$R?rRzbb
z6)QvJ1NMV{*WM{~gP)M_Rjx;Y*`DhWy@xc_@}m_;TF18h?s!u|@bU8j`N#)C<iii~
z9ijgn{7^2wzVJKfgK|JR2?MhW`&VezSAQAuE1NH8f8+z{pbtV{ubsL5L3z0FyHAC$
z)K4m>b)?*=qh@(aog`r!j+1x)PVCwH2mMaxu&llP_&wiQJT&*5X89FOA6l!m?cA&H
zSe*9ewEm$!z@HIHy`VSy)xWR%i^vsz^tur9rMIV<FWs{lBYHn{hz$eNuZN`%4cZ;p
zWwQG5vvixw>H+&hF2X#2^ZjziiJ}+sfqa1vLg>H6N<x3EwhO2aQa+(MaaH-Ahu6wK
z^nhH1e_Yn`4a|(CZ5W!@FBUm1<3$s7YWe%E%Zi<keq6pIUwQh@FT7U1Z#>BA6POO{
zr>@*l9(i`j^Rp915Igb@gx$6MonQH>mk<2Yrw3lkE_w9<?a%a&r5tB#J0PJO2Yq;r
zd<Q++@p{A614)k%{o@@swT$EY8FXXS+8^@s<Uy}mbb0CL6^H!w=q)4bfBVuaB35sN
z$OqbK!2=`lQ2R$Zn|_|y1LcAEPn|F5pI81ej&S|LoqepHfqCIrDWCpyV#MZm2%T%T
zVdoKo`*G0WJ3_Q~@MnZS@Hm@Zl<@5O%Z$@K2+jw>z--&y+AB1BogjAmxxY`>adK8J
z^z%cS_b5H=KatKw+w!gz|BT+}s;n0xFEEews?7Ji$G_xp0L?eFy@H&1#U*`^@<o18
zzgrvMn(i@G+U>{k5xKBGo!Zj!kogv!{nGeq!^Hkq9cSf+>3C@$dXvbO3)&}%)0uI`
z=^Z_--{|Lu@OULKKhP<AuJ2y_m93;aeS5V3TIkWf98bTUY15;9LkPUXx$+%)`62YW
zdAjB6<`sGILrxHW_<pR$(e4TVz`R87#9F<s`%Ln&*5?vJ{<(B-%zm#I|AuZLS^dQS
zL$egiEvEH-;=k!LeSbsSImD&hLR}{)nwNGJJ@EZ8I`3fhc$V(1+Vqcc7@B7|BtKBT
zp!<OPS<-{&qprO{e{?$gh3l^bC;wqSbbn%hk%M`BA3CFF<qm&X^mtI^jaPcqcWKu`
zGxQG8{}OKR=mm=HB@VhWw|}9*_dFcw5Wc##@Y#g!ep!9`9bm(denCpgDT~v**`xd5
zEvtXgY{K*<vmvK%Fbkbsnck&4RQb2be5dgy`)g<p**U8Z^t|*UvDcNFPuLqc$^r3J
zJ{3L^r&BubSUp|&p<es+J8L=p^)X8ynhg%Ne2V6CUWX}}Czwxzd7k5q2K?dw5)X|p
zzqNdYUsK8-a<U=4HKcwgIN7LNneS@5X4Au81M?fMSE06dMQzVYYPSYm&ui57tV!!t
z8*|e2R^CFU$50!#HCGI_<wU<d$?FmHQXco$q1l$lb48^urTN<ZK%0(EjJ`<$*;~>T
zjo7PXq#PQw92(XBP0FWD$|ujhQeIA8tm~4m(wQ(TcOd(1Xck@4>QOYiEMfI8ndfx9
zP3kHAKB|tR5oX(m&}?#$<a;UQi}A>3H(I_0BO&US9}mqx>5i+V!#En_TYr2b>q!CK
z2F%hAc-Y3>dei2r5BkOXZxDJ3gL#&hryt}YKUgo2(8)y{{)o7=KUfcgy{hdqzwHEl
z16uL6<shNc7jfu|IP}fN^YzUur@V5l*Uo4MBy@VCJ&^V_NZVKFEuo`F9PNKL?(&6p
z8Q;;~`*P3^q2Elj{=KxG*ty>Dv%M^RVDi$#A6jeQJo@>~PvoGzb?ph{<duJ(et9_f
zp&sVZp&iTnj`SFBVm+hlIB7>lebQ1$;~BcoZ|jeI$GFXpQ-8qY7&nds{UsT`;79#}
z;_xS_Z?2vAhc|BW+fCF@(EZqa%lZqwgvH|ow=V&EVxIrxzG4T&k6FRSLjxS+=96_?
zhkb_Krifkf{p#Z+j&U>S5N79{Za$20W_{lS^ZB772lGAHPx#RIC-c2}UYq^y>*3O4
zoK~Nlz{q?lG@I*q7wI5RLVD$t_b+I?#`_mVGoUM(oBHv)*0&+_t>!m=s?B#`URy`<
zkA6t}B{ZLGki{o*9OM6@ncc>gYbmA6<0o{j=T~3(x%_3z&Ec>Y?3bl;<&%}y`t+?W
zU+4w9!@lr4-@f(I)tAqFKSlbVRzGK7v~OAa)B2{idwKZhyuU^FRYLL8MRndS>o<XU
zbe8zP?8m$HMwt)M>!m!uas3g>@1Ey{AKEpnpJHDhaqLseyxgrb`*eOB>4D4qJxJ#d
zn9uwCfoDUvesSyG((cYLevkuuA)cof@`cc+1CDhd#1RTk>%hIm{-8s@4jko%baR)J
zUoLs+P%eJ?`}Dm}5_@Ccc@DjrV%uAUQeWx!NYsyCUCPo2=CH3VU1+cmCi^n<-jeb=
zP5JoyHLydyc%tVPe0tz=J|Qq`_LqEgp;v0GeiEnkCSD(-my`!ueS!ONNB64E_Yflg
z2nW&Y@zy>g=r)+;x6G0)#Y1zF+969v>#|?jbVU<(l5{6-VdM1b|LYV`DEx6QBQ%k{
zLo^qBV_ruM%mJL9_Dz-F7FS8SXKxX{7;pF?_8DZKm*%B>4kR>p@_u*GJf!>HbN^m4
zZ?b<hnAg=$o(Ls>w=5>%owG!r_KQmVb$U(G=IhN(1b_Qx(K9dqcWZw9@htrOiYt`A
zo@2p&y&u9~{m|#T7`@kJ^@G16yh``g@8$6fjcYk9nvHr&eiB}PC>YRv$n>ERyl5WP
zagd~^`H<2hJmz<n51ltkgdgPY)<ffZF5&o%Bn~@g&pFVqtZgjzz&I3fls9n56+NL(
znCj`<1@i~!|LL1nPG~OUb(5lbV3g=}`BZ|*ej+bO?Spg|^LiEC$Mg1E7w3I>;DM1i
zoxf2#qn{GFfyxb2xsWGzbn=nU&2OyK3*YH|Z9Vt%)z+f_@@Lz8!5)ro)vogW99<{6
zS=XJra-8nUay&4Iqx}cn@z+|uMe_!)7nRa;7kP9dhu#%ty97qgDTSJ@XjajE6!C{Z
z*VpMyQMPZOcEh?mt=sc>gU;U-Bp=gQkHFmD!Nx-)`>w^*FYz7i!Z)l((ZG%pr(fM*
zyM|`WMPgr^r}E{!tMX7DQl5d@Ei?yl`&~5MZV~_Wzc0t<4~k|b{f_bmzvqs%`3Tbe
z<Vf=?_6UvWORwf<aQa1Njo++x*=lLwb28TdIZpck8ov9Y%_q$xHU2)IqjB-P??>r;
z5Z}LMyVF~JntnOnSEk<;QvQw0OF7~D4ZL1UZwM?Z@^97iUVdEY=!HSuSMk4(`jw>r
zn)!sL!?HGBG!H93$cH|Vk2t<VAACm~^8dD<=r8F4gZPU>rGCA|q04WcJv*qrud{yS
zr@DTcheN-m*U#Dy{QY!?aQVA(=%wQ~@L56oE#wp5^Y|bg=p=Oce@f3A;yegKNk_jz
z5{Um_*iJ(DA<9k4i`He-F7?Lc+=3fVE~V+;)p8%9@lQ04@`N8^e-rI1`lous0Xo0I
z`HqCgk(A$+q?{%`EBVFwJD=~XT0ht6Aan>jKV$uuerxMv!5g?ArQabc3g6o_?4)vh
zzKEa2`%|<J%KMG9pQz(CnU|EzQr!MGm>YR~*JyB_@K<k$e1zZ9%WzhoW4lQBpw>e_
z^xIdoo9HK{{R_?NQzc(noPJA?`$e?-v_7HwO21LkcD2DQK3w$3lP7WmBi{?!&$#j6
zT0D-SbJ}NEJ|%7M8_Wb9mmvL!O+?NbJnp0YBkflq7yX2^+ePiyN=EoMDE~(7*P6^a
zY_~S497*r=l76vhHsp4sWHve3%6EGC_K|+LXkednbo}Y}W6%%fQR}-eNB9@bzjPje
z@5sNDEA6|oz9rJwmT!aRqq<yuKJW|Z5B|Vg_LngAgDicuywN+g<Zq#A8Lv)%AJ1=!
zX8MZa4_SF(m0h5BUVh-eVh5CewcI>Ai5^8GdbxBck9T?8SJd&7t2a`Pjaskh7l(O#
z6X-Yx<9atf8_VswKRzp^<0*{eE^U#{>6O|;$Ca2*h#lR$1LGciM}GdS^;P7R()t5B
zKON%xaymEe_2Vc<(EI#Q&jqJ-Umh2_dM<i3X#H-~`rVZ3cgexlUjlkdS^Q?}{j49-
z?-B8Nx-i90<9iy_IM&(G?qJ?}WTWu&<Cq7nI!NR^y`&98b4)KwUo<o5tq<GYf#3Y1
z8-KObFaJC_&ST@A2G$+qd~smpoNlP+!HY)nRWc(^m;A~3@7i?la(_~r4(HDO^ZPg_
z|FzEV{d4m3nvc2Xm(Km@x&}g&FV>;*LY%jJeV~+gk;BkT(fP92J22P2L&Z*Q@)#~B
zIxpTJ_8pOlhe}81BJ{kSpZ;JS@6-yVzoGj#8T!CHf1bz{oPO<$&yCT1nEShG`YRU|
zzuNn7$)DuIop-}Jn)r8U);!4aFKRwYnvaI`oTlOP@$Nji@I!t}DV^AnUKwY5(s>=V
z=O5^m9&1Ml1M{@n74=E#8=ZT&RP;t%>=~vw>?0w)U9R=nkE1?k!@x+rb>)To67|yE
zO!F>#Ci`NwufJ}AbrI|bN*I{yCQ82E-dxJ@$A*{>wENz+hIHSfht(%Eowa}1tgq!C
z7-|1pJ}td%zcw5!@}>MFy=&)aA7P5<S+6~cI<Aut_N`to!?-%nUU@j`uaq0^>CkP)
zV?@sa--B^+(BI4F+dxn6RCBxT;#dzqQu%-$_Zob9i3jQZF03<4=<pA8{)l^P2p_oF
z+MizD=XH;Q@#Amk_u`F`FF%fZ4KM2WJ!^OR4d)zO&c{(duIDwtKhNGm7Z_RJr{8H}
zzX{Aif%uIdhh6X;c0-8rs5dVBvF?YE*3tC5LZ04vc&+k$mCGYc%k}R2rJN*m<(kLe
zw})>(<a@H-3p;!vv7_LDK|K4N+PfVrT`|2cnx(J)j`Y%=h6epH()svG^j@EBC(!<Z
z4si(s^MIa9_v0uh*+;;BN~q%_8t3u2sifm38qaEd6gjRw=EZ-f`#0#HWc-D6f%2z&
zO*}3u7|^4iJ7yKJvyV%ELi*`<*g?|KYx-&z@IikL`v6CJANTo-eDH<-t{oD)xcemg
z-zolwb2%6vqCfQe$IX=<-=EU^t%zT*_fDaw;PXDN9gw3Z#;fqh!}z>!nBF)3f!aXp
zcbn21@wPpDO~>0f=aTgYM~Cl6X}Z}nq@DC}eE-90^1T<|9}EoQa_)%EZEh%f;QR#6
zdFIvgJRE-Qw=<H@g7I;*hX|2h#Idd>VUXUx&yzpD@I1NL|HOVF<^dQVJaDp<Bk*yf
zY&=N!BeL<({9gAveLU%6%cGe4y-B|dT`8p-s{AmIk?}CK3%dTa{!voS(tl#STr|Ru
zelH^DyQD9r?IY$>K7W+&z5_&#%xlB+KCi^x`La3t3f+L)Y)JcqG=8)8^3(a{iv3OO
z$0I~L@toe{^~-6R{V@xYBVk~+TUOe|K7?5u;hBo(*#rGT%ir_uh;;BHgudSJC+uVI
zxRmIJd(@~OOL0Hy&L!YH4ax!IWB4QZKB4n$x$hgK_kE$y+I)VT-bK)G9kyp+zKX3L
zp*c1ZeK3xda}a^~qwZf~y+J~EejDvm9xm&Z7_ZZLgrQar;?@1U=;!+F0{74K+wJsQ
zD^^d~+rM`Ny_<M{$&Jr({t@R<Aiu-$!cX#FNbe`Wo{juHFzXK$y7n9|8fow8Wzrho
zp^v1eb0pkP;C_t@Ay4R>-jZK>^_TM<nA@MH?2|tuE_MiW@O(Pxg;3rnp>+nWUkInX
zBk~Yd+S|^@_B-0zh3W;{r=aaP-aEnhVYKhK-voNlQG3Pv>P6E==WRGgF6{x*70niU
z-a*PMFz<C2`3vu2!@x|YKdTSUl|!$r{loMg25`L3a^N=N|H!9&54GHiYM+u3x&|}0
zr^xf^g<nzWN+})WVZ4x~bN(>xCeZ_a4}V9wWcj#zfVd}=Jzr1nx^Vq=_XCmsOMO29
z>EztIYY$q+oxF#19u7M_&T&^ikp3^+uFx;nYWp%%_pi{dY|Qs<a4#`5CB0V#|MbH}
zb$<!`{qMl@!Y{Uy_D9;S&>W!St?``&N4?s=vy`vk1vB^Wfr(d<auc~hy00nraeldL
zqos3xE&fw7IL9vajqacFy&gKxp!(sSBEHM|Td4OxisqdzqA$M7IFZ(+dEKjEB#wLN
zsE4&e`b~Bn-!9c%@`wE3o*~K~_e}(+-_m10cI~J5eKD<n^?tvH=c}RKJFZT@5Vsq2
zAMbdpUs2nmlDU}gb-Db>_%~l4|GVU;XlANi^S+B+N;T-{_nUOTHES>0hf%xw-+g=e
z-y1m{>RZWl<amSHw=tLRe>z|Alf3-MciMl>vCDs_{wQBRMEwEo{Li<8#KS5-0xtH*
z_eYE`<USPS!2biY&Q8)k_;yD+;J#j2e|7nQUVi-mK6iZ`AG9Zs4|(wa@j7nuzvubC
z&^Majc>W{pEWNKZ)Y_q_?QKc>_uBOa`sCRM-=!Yn9%n<YAOBc-kzd{3!0tE~4|@Se
zdHCO9Z^2#riuCvndkbBD{vc2Mu&DQBU3ud>^bxvJ6&>Ve`9QAY2Ri7N<(FTs(8IS!
zEgX9L>7d8_vLpB*Uq6@Kk$>bfYtL%C|5WAU=Rd1Qez_uDt#(7cm(q4Z(go&2?(eJT
z2~rNBen&mY@260|#h%r6L%9mwFQ@<hU(Hvoa+2@)<t^Xy`)7QYdR5(i!*BES$fo!G
z$;FW#{w(EH?az6*pB{dnm0vP1>w1BVzXS8-1~RXacNL1}JC3{YhtJoKLk|2auOH3k
z%kh_Vi2I=%|Kz1_S-#IFFOKz{(4gIcoR;~Pl&+zw{Xx0>SU%bHkI;zx+VceH+ehbn
z9dv$?*G@vutY5%B&L01%?|JqUyqIhE`Qw+>^(~KY%l3gC3+a3r<&(8L=zM!Sygs?}
zUZ3;)T;#iPa5f*%6XE=>r_L^U{vh@&>il^@z0CTTTc6058~nTV-}B1hmr^hN`joYo
z^W!|+Pmg*dIP5v^^)XM5@9#oatA3&$A%A{2zw2!^f7mn6fBbw2-Gcr#>sPQV$}_(n
z=h^v}QctD5s=xn4J@ox(?)3xqb9QYlpS*gSEw_1Z4_d32*a7)MIKS(;^TRxU^ULGE
zwO;$>D0)}>2XL9+RIek<uYMMCvVP>svDWvz^7y6H|9Z>g$JLAKa&0XiUq7VJme;)3
z`#d>P{%+hWbPL7-C<os@e!DZT^K8Fdvh}gLo-SxF?7mH&e^%E=-@YhU!7<K;on7ds
z^W#!ZjvnKTmc#u1&2L}-+vU6v$^K#ghp8CooXzL_4ohH;*hkI<T+mxW&>;?b#IbLJ
zcVPVZ8~hFc-Otr~=!acq<psL`ADSVT+c@^`3I^Zhy(9M>?+yw7K+hx4ISf8G>E6?l
zeXcybXg2u5%5&!#@U9ZhIn<Kh+V8RE5Bjg6`Cp#H&~)OE-lbqVx=+j@-81B{V0`;!
z<DnU+=hT50^nL*BJ+Xa2`K5j9<!l(5GuzqFz1uT)KS#ZAet+qi;uqO*O}%tfuUkwX
zYB|#QNxye`htwoJuR2il$2rMtoZfTP_j6Ew6ZHKV34OmPnhAQ}P52bd-0A7P>&LV8
z;d_0z{O<OmAMOjTd`qQW3dX0C@6PXWKB#59X!<{7`IXEK9|>R3$@|Xk{EW}1<?kis
z*O2mqeY53XtDLLL33iwBY^dkhm&Z9oy7|TLGlb?TexIRePUm+LYk#k$pKs@m`a2EK
z2knTQ7jW&&+`m`b3-m4LqonOwLwfG3b@Yu|K22%)%xn7jRle}AxraEPg7cN`yr`6)
z!{^>^6wFEbt~mM^)Iazc>H+)$ariy(`K2%T)Y2RMJ^Baf*TVGo0ha4%+l#>5(^=XL
z=$RMh(fhb>r&@jkd7wl6@NwxsTs_9QSlDCkVg3F9J|Z9OkKdo<`^A=PN&6_FFW2=a
zdEaIHK<7}j-;wtV3g*ng(oe24RQjJo`TlYt9Y0_k;oHBBp6f=w5aK=r;t2Eff<AfQ
zeZ3(U<C(m4t>rs+Jqu=j$${M=4<YOZ|I7=s{u!EK&)RxcG^cV{Fo)b^<8;qK<1gM|
z<MU5{_ya=dkM^u(JIz1&!XNFf3(;=w%;#wf<`x|vN$8J{s6XcO_XQ)rn?v_$cb0m9
zbLaz<59%xCVRA0HXl~_upsxPnyR?s(r_nn+e2%#xrI&U-Fpu!PaQ8bPz8rrZ@AGLb
zJ>>rSi^}m^p!@9Tx7@l4&R^G(Bl*SrwlO`o?WbFZ`-P(E&F3ph=0)xw8qD4tuTHo1
zBi3(2^Scf<ESfp|{u%69eNRx%i5AU`?^yck?>JZQ-!BC2*Q*9Smo4+Kk~ve)g}{!|
zuY~D*ueCV(CCp#)())D2{xT1A_dLMw$I^Yt_ZVvPgS|z+Qfh}hxgYIl>sLwdqcr5w
zgRhihZF=Ni{JNUn_d~y4ox$bYkp3QzZ*Sa-5ZslwPX{^2Ge37v0_B14wc3gA_`R@t
z+ZE9Hp{v&|w?{rb;;l_ri@w3knw4#DvT?|D^CQ^HA8(+)K|Alq1$VzwHLvlzbiC!?
z(~<U|;LXSBcNnzX(Enk*!q=l6w@-oj{%vWe{O`h_-j~&O%>O>GaXF9b?(6ya!?;TP
z(Ao3Lt!z2c`<c5*dFIgp7d@SwAXmb`{Fc{i-1?NrqxWujTv;@-zLWPIzbA+LMz!Nu
zPs!>>@2~QB3F|9Go!`>?2*=v?%E`xl9jwE^Zneq-^57SEHxammbPkd28>YW!C-Zx!
z-y_-&4&#24-lgStK^x2kyw1>=wqNiYX>U-!FyE+uT?*}$zrMeo&J%FnZtm;BPCn+1
zd3=35k1yo={A$Ie9j{(*|FQXlJcL<$yKyPT$A0LyZ_@wgjg#~6*3bKVJ?59cz`w-~
z7*GE9>+Sm;$`gL}|J~33zx(w9|FHdF_4#nrlLh`^?Niae>b<`O?T3t?7Wl^k|Cn3*
zfp!Gp0)JWHFLU#k1^%(XKj!8iXh#svFMk1_F1#)sn3o%<+oy5Ss~i^1Ym3-;$$ZOU
zgK6UVIeyQ%V31DeLZzek&X}&0&inBW3f>Wt-<K_>-@ym_!1$f{1@kYd7uj;J9+ycu
zI{d$VodJG_(4W8i@&C1T1;4ydz6-|J*5BPd5!eNOg3$L5Kfb_UT5301zitWp!!Hqs
z|JI5xSf7-A1>ZmC*ZL&N!C&tMo-LpGSN>VP?p-Cwt+(7k@AE@`{C+GOM}B@e>(a<C
z@`rq*e*IkQvXBS)64LKE={rr(6W{aV+48`<hW>s8$|-+*lC=lUnYeUWIlya`yMLYx
z^m#b=LeJ_r&I9H3FY~Kj|5C@jKeyiS%dG#<zUj}rp9guUFF$pC%GL+?YxR0|)-DU`
z)z9spztr|%LA}bZN9ENwspkvo)q;9u{e|wu@O?IS9{r~p_y64XUeF%2G@oA3@8Uj!
z?;lbRYMtZx?>|Sgpq^R3$9mjPH$U|ISB#^5zw+r8jBlmiK|TDr{dK|kcJBQ`EkFKG
z&l_v$=hwdl<6T+L{kiK|%jNL@Z=GX-ze;<P_Iq`{$MAFe>w<paf4g7U|M#9B^7+sO
z>mUp2ne~g>>mYgk8F1Vuly=VD-<9?s_j29-Ouh6NZ~cGUXIoHTtzTBZf3u*z)>mKW
zSAUNBosM4?+$$izbmu29zC|eZLOX~3>-;cpU;3Bo=L`Hr+AV+G3;ux+-~IS6#eeeN
zkI8%YMSe#%NZ<33cTZgWgo#wGXx$R~FKg(#fr$UuP|h{E-v`C-*`nUb{c7BAF6e#h
zz~G*>{2oieT+ipL19Qs4R!{o<XuX$>d(&s|K2m7T;oo&}_qXMJhKBU_xqNxJpDy*i
zV4goh?0^vTB8PsLUEk3Gj(1{^{<mw({dh?qrth0&@5{U2kHtG}qCf7NJAL!+mCJo~
z|6aPYAMUfuefpxga<HuzC370TH`ZWg@_l!gUi2ua-2(%=&wferv--=jjw8R*?S3yC
z_mw;7yMg9np~wAp{Jt_m`Q1-?A8(-4(@*q06~PMz-zPF2>hFl=;YH<BGFd)!u1eGY
zj^E)ZC|!`!L0{;F(AWRR=~Xb`@AHEkgvjrI+8(~1`>EX!`gZuS`nH_Tm6zBhuUzx|
zpt^kLZr9rKK3Pcoy|s3M-}&Y1<9Yr8dn2sR?tXsq?38EM>h$NFFZK8pevhL19VNWC
zQ}6fncNKf0T|hYdQ)zD{3{2N?LYIg8<#EM^q9^Q&`VRgGJCCsK4bgh-lb?P9^DCz9
z#L4Fh|AG3>m!BTxgs{Hy$}1m-|5EA+>?``Bef8UImoJnP>PI$R!94MMu{Zeoet`Q<
z(q9(Lag)S<K=0ch^6*ZwFVE)>|MT_8<BNRESj_58{jY|;pUgddb-gU=yRJ9u`@7rn
zIb&znH9LwwU%yG#ULvQuKIh?CdxU0>7W+$w%kPT^X1vyC-+p+%(8podYu~Zu6_{gs
zN&i3NPm+)I))o7$I!N+^xP*Z@{C6#V4^tfU!oOhZ3+Z>=^?l^L_PDj>Cga_};P=k6
zae7}!&x_-`gm{<G{XTs*9dPh<e9rD7_LH#sd!C%E+|Ymz#_RuC`N&6pzVq_+pVl9C
zJzB?~V%MU1h~w_vLeQaJ<DJF%tv~$Y1=Xhq*YBeGXUY7N@j~jaS-pV6Kb@a|PSOLX
z`>C2wky9{}P8R>XndfVPS@jrOk3;kOBc(paW90ie3roF!`wrVa6wJ6~EFKua3r5n@
zySS%Iy7I|FH*5uopY>K{x`LU0yTn)6PWZp3?aEE-Nc=BnNILLqJWJwu&uiEHZ9Fjd
zuVzEn?*3c(4WDKC2d49Hgdf@o=s9j#;WzQu+3$1uOMKT360Xu&=%gJ+KUpyUI$Q94
z53pfiZsBoJXrx^&n#GrH>3hMzo}aa~`~!3J`XUE<A>V)8UD9_esy?$N-ga4uudn3*
z{g7Vff3*I_^YDT}do6fqzSvIqJlZ7k*E+?9bic);m+zsG@5MA7=9gK%1*LQHB%Q+{
zSL{UZzUnyA5BpyzdcCxl=;_Dr+E4O7M1K$Bczp-C<@YQLM*3-bXP3u^q4CEV7#|>g
zmX7M-^`ZypAQ$v#A28kqy~L@V)bv8{-t$AeWj+PfH!$soiG27y+MinKu^x0Z*V}@5
z@GoLFtV{X+92UgxQeQ%I(sv>kbmCuu&i@Oh*CO_NV0K(8ONV;qe@A@Kk)j9q`t<nz
z?V`fJ?NM2JUk~{G9{MiuoJ%B~qz}zT+^!YXo~5+>eYz)e=w#eMI`F(CG?K1pHstl1
zg2sb1j&aI1Jf8{7ueqHIjg(hW#}`hIyYDA6k{!ig3I=hZ$2g*xe)si8x{tJ-#XAGA
z%f17od=SFk61s6H_(-{6o=`A&=is!*te&A6%_03h$d1CdW&bUjDT_$CwfwzchH$$|
z@6VqmbhY{+l>3)F&UF3L+;Q|v^lqc3o1*W9`swBsM}G;vejM_B9C3u`AEf`H_pZ4g
zs}3PY>=>qYME^Ihd|KvTG!Gsn<&O6J75+V)g1O@+!L#o(yZ1iP9{ros2WHl`LN9V?
zU3(t=6zRoZT|b2R9@-n^3-v(89rXJ=y{#Vx=D|b7A3s{o>KB-`->_kr_E%ZFU=Y7+
zbT*yv!*@TV{&{$o{^yRLqvNX~tVdwholV)Kaox>ZOTN*LA)ePB!G5AYmFr!?N9;!L
z(Du@DW_f{;@eBP<5RV^=sa?g73+4|xu90yg##IF~Q~Lw-!`XOs`+7L{_YLNXT|~Z=
zYoO!Q(45D=XHztrG2enIYyW|M_K?#g-JC}yyg|RW+@95L@3P~ZK*x#X_cg|kwd9HZ
z^sX_li&gg*D8IXJ*K*KtKKvYZg#SsrVBXdC`(}O*oZ265KgoXVAJz6o|B+o+C}=)u
zeL%-wD39ZnFT!8x?-e10U!goMf8FZ;W9ujCUtlo4N4>pa<7_>|d_=yxbQotN9qg5j
z(>wTo5Ibja$EW3V_+HTVCVxG*R=>IgkIP(pjCRovJM-@vU|rtLYcTE_p#A;IJ7xU_
z?I_yMay$9n{X?nusPALf6dd7&O84Eq*4}}Mb)M$)dx*z}fjLv>IsSLq_X-Stf9pbR
z#}Hz_3*mQfT0MyVEzu_%56vMbNclJMyaV&Iz#xwPck08EUi#I*Adc^+PZBv|mr(b!
zF#gDIUphY{c6))(z0!Q)F_H5xt*<B#@I^fXF5}zK?8Eh|Xl~H<7T?kCNV^&6?`OFF
z4D&SK&Qe~^&b7XG)%k@__g7xe2n@;}^KR6`+b*&BckgP;x^dCmGf?c}^OJFIV7}t<
zLTE;8Z_AH<M~~<8B`voGvo)7zqv^!`4E??w&wGP({TKV&K7XuR%XlU*d-D7k^@-L;
zKD6Z%>Nve%WPXY;NY^#tC-Ob4!vFk)@R9Gu^t<$nZoIeRBjOL>hd9;&;D2lO7eD^7
z>+CW<3)0^OdA_Zc8|eHQejJ#8a(@__dpRuXxVmKg@$=m28q94UNcsL$^R_wOJP`E;
z^9<h)F)sA=KK3wc*OKYWVT0zkV16pS^ZNS(*Rkc{>@52%fw_v$3%K)CKb2mvkH0>M
z@%xvjil5Hwy5HW1i{GLDmv+ycM*xoSL>{*n4B9)fpIcu<93jT(sP_ml&d6I=?8oCY
z*Iy!?)IY2<hGvn~q#pX~ipA$8U$Sl%8mx2XrH5VNr|56dZeo2BdSHA4I<x~_w13<0
zGO2I3a=#jwops)Z_?|j{lX$@(1RcI({TCtdKDthcbqIeRDE*9^?_;0psl~-!*|_UJ
z^Kj&EkI|AI`NsJ=*d@D8>DE7i=dE+%JJu%<M}LX^$5*ctzsL98hgf|=-6t&?e8>0;
z=@EzhWjz>nck99^2ZW%*x-rTDA;wz>Yn2P=gkNA@-Bj#}b5b~Ohwu2EQpAtZ^?J~M
zy|LH>-{ss@XsYlf#7@BT{G*HKAHp{@f@5E{VBjZWpHSD;-FNs2^n}0oap2kY`7mAg
z1P;65d>j1D_doC#-1)Un2YXFkS?mISz{Tz^y~szqi1C7JheXe!*^l=ZN@jfyX}_+<
zen-9SR386%ZMXdTf%PnzR|e_63hD#ukE~z2`m<tt@xv^g`+n)D%I|KS0{jA9-$Z=w
z{OMebj(<V_&Jj|NT9ywz=3fZ?kZ<G<^D*QHdO|<68}mEFyhB1-_tE_@;P4Z)g9w4c
zPiysm==V@xP=AF_U}RiO=OehED4KS>zfb2Zd0yhy?`8bp_U~jLsFa>>^v9Ff=gZPH
znAdr}+-Ppsb+CatACvu9jH3|-M#h(+jxT?@aV6}7@W<|7wsw4$UEgy1ek<v`7ycpk
z4Ac7UkLQ~8cT68Y(AL}h^{&smNxg1)9PQRsvip3rpX<%HC4H#-MsEKFeEszObo~S0
zv-^T>ePsZzBe?xYtY@|s7dfye))SrmvUbIOi(6k^kJr-*x*i+odaPR)0RQhwV(-1C
zi(T(JPeRl$%s&zD&g=T289q_yP#+PB{{`vzG8+%gBf1U)9P7d0|Md#Ow_ZQQelh0h
z{&-u~d5XH8Q_}H!gOUENQTxxPs{XT9yM%g%eBYt#Xc&j!T!P=u<&E#b2k9~1^!N3F
z|JZRY`d{$L8_%LVKI8KvZd?L<IPdF)2K~3-1@mLiH^_W1Nas!UmOti+Bh}yib_M+r
z`VshjUWoF+x-r&^zxZ6{S2F(%%x<eo|Brl2IsNyZ%fS9!ww_dvEB*B<zdp&jR#Df*
zO6j_mPX|7oJUgLYp<cl6VRwJti|={kR;=R<*7Y_y*NAafkgnfhoQC{kJOuv!cpdXx
zjQ8HZxpID8Fz4SXaqyA#VgLMxJGX`PDd|_L&wYqLR?}l&74@#Z^(z{mOcVWns`Vm&
zymTz@PZiCezP4VJ%(ib>`3+_m<Beu8pG#{pZFOAM^0^D@$MoFKe@lq^js1tbxajNV
zYlus^Vw{2e{qpJHujmJB#cximU$}fD?%M}A_#*yO(+Pi!A6<z1a-s)~>p358yoY>C
zz5eNO?DL@A^5f74-}6E_@9NHb`El^6H(yxiLFlKK`s2zUaiMed1MO}0+-YET(shmO
zcQ>B(`(=znK#%d5#0%-UQMBLkoz5flw0`QwI}&$x0^N0g$&Qn6<9({o$og{89QA~4
z|4JrVPshppJ<#u=elJ#iAH?TgX`h+XyYK#btIT^zFO@6u+<F*(zj*x(E5|88D(`yL
zN7mKC6h}XE4Sz2f2?Je!bMsosXJ}+T;Li8p{E*D|gY;Z!dp;LbFcMbdSRasa8qHUD
zzptSDvF=qci|V=$LhSQl-tc2X>^r`#zlV%C&L@AU_)~ptc?RahZKPb&c1q7(puX+@
zz0lpco6udY`vcg=!}>DTxsgsncWw{!N1SuQz7X~?QQsDSTjcnBv*$Ge<KN%GJp<5f
z_qg@jz#PC~!OSndA0Hw1z<pm|PHXjUExp_)#ClQnJ*Rr@KflVcwfe(vP+n4R-Te$X
z7l-w&Li#&Z_0nTJhV``7cwMV#cHT+akCwkz+tF{QZrW4)68>ASoiToT{YFW@+ri>L
zh~u8U{Qd*oJLhp_F<sB|^=&yHKb`)_H_8oRRxjLBruDAFrQaFL`_M(R4d<t1Zsl_)
zj;>`sq0;+wbYGtDc{#jgIr-oH^zaYSuUMsD%lxbJ(Vc%sJv2WoYulTmk$jgl9}TK^
zW6IyJFR<^A^`~0?Q*XUNc}N(TtEbrf6m(rWFdZJ1xUYY`dgB~!)^Ea`dRgtyuoLEy
zBDZ>;iTa6km}hpCdXM{^$89C`uVuWT;~5v8yO5-pko=qHh3<X^?3VC2ht@4Mtd;I9
zy*Gk%H}4{H&YN!S9GFk}-b=wq-036Zqk^f$fA$Q?r<{juefqrouA%ygUZJ`8PAjKq
z-cvh6KZMW|<7j`q8Ts7rm~8&Rugv@lX1~p?oPs$^?~5L+_jTc~OR-*Ist5cmEL*;z
zk?&5=YwshN?Chr#edwH*p07qe5F$T$_Cf!=#!Ra(o!@1>a2_K__3Iv3y#gcsOqjlx
zf_WPF@1gz&yYHO{U)TqFA%uRl><vEyAJ|#+E*RuP)^VL(fy1s+9!1S(Ny~}eiPL;<
ze~#o6c3xV`QS=RTzbj1N34tHTc+|H~(a3$sf;mCYoAuh#+9NOp-M<=ew8+CdEBoI-
zpUFRQ4;prnb2OnjbSq2m%17k8{6Zh`C)dA7{%Idf&vo4Yis&Kxc64s$1{*J$W?nDC
z{gi@{cVt|<`oca^o&$6r*DrVYx7Zo}MEm7z$5Lu%*vr>n>=c*@tRK}Qt!I9_jqyL)
z)lOV*=>D_TlUnj6A2eR${LuNl)oi|M+ci&b=qdIM^xPimG3@T+Me{ko2UGudlo$3{
zQJ#?7^7ra}G0<b3!RM33k>2T<{qFF&%Lko%Zwd7uezYy`BfI_z=T9(SL%8hn;=e7&
zX&$fR0nAfzZuts62j|}Z`I7rrKOUNuZxMgMJ48YUyl7-xoR_Ys^`=yl?m}L7Et&n#
zp1VA$hv3&>Bwb^g&d(>-)nT7(Jl{U@-d<pEehhK&$;R{fpuOBe>#?t&U#@<6`t)u7
zO4XCvO*z*bnv;1yvzV@r%>8@GoOQgkn<!5y-_ZEwpT&y?`S$h6+OzsysH~j|#*h2_
ze0yc%VXD8M4)68BKV|&velH`77Y*LyYB?Rgm(p>iFYh5fhw0X(R@z$nFU*UvzbWMz
zruOr3Nmp&RET4h_oy@a?lpo^w4*r;rquhKP^nSij-z9W%5Jx)jgP-_vfP>zb<NH0*
z*Ybb(t?#cWU$jTQyw>`upWfFOapVu7uRr4Wju82Pon$=e+R-dtY<2qvIevXZ9N!xo
zr9F}L+JgD=LWzHRkqw<+?legH8M$wcd4175akaG9_>Om7d^{U3n8{;=pR6C!@2B(q
zuRI+00Ni}&h-XDl+>`eEZNLAOb_D6G=btB@D)qOc-WSfsLvw<@V=;K7&>;>#koRz0
zd)%AaXluW@e=nKOwco}5J^WbOucEp7O(_S#X<e4@9fXP(&A}|EWcu+v7b-uUC)c8r
z`sVJHXXEs{^gRA8n!|Y=i1wA&$+mB(ufVZRlZ}Vw73CxAHIC0RL&ZL|$_?YQH+5W#
zc(#0t#{WKRmiQ&k{gywH_>Oy5=7WC!k>{mF?MI!zPv|N7q5evo&K+@jpN`%sV4U_<
zI4l~e-z6PCHJI-%wdL4oI$UnUCNoU$_oJOb`y}_yLUa5hmJar!eZ9;*CX62gv&im}
zFYz<%|6%<earhzPt^baB`TIRZ9_Cg4J6G5*K!|yX%ooD+T{Yl%pG)Ymf8^eC#5@D<
zJO0%9ti^w+lcZdXuB)}-koFa|{p$ULd|&Ei8wLh(S+_43{~R9P{mH|zZif3KGT(6L
zH(+P<$Nqf+oZmveX7f4(-J8|Wf8P##{Bv4}BOOAl+ezr!Rp^Cuc&{waZ+w4{a(D0W
z`QK-^vGue5?{k++=XCYG8u%m5%RsKkbN=ho%e#X`BXrJxCGOt40AGaQ54m{1uw}fu
ze&GF?!?>Ld&G*OI`bqaf_Nc6<fmvZ4iTm}{m-AEE9sYn2a_3jOkXODlc^w4p-n^Hy
zlw0e|8TTK3Kf-$~GT$$x?-XPI9P3Vgxxs%Bial%Rua>=$KcRDeEOEE~fjHV_*jd*5
zan8ck7p&i9*EOpBd3S!7IM8)fxBijE3nm+{ewQH6AK-VWZ;}t!j%4dKy)QDv)*Cwi
z%<YZKk6#}3+TZ7sm52Pc-oLic_abGT*R2Bs&(qhp2mI+qUXP>q5w%_Ep!=KBzMwu;
zm$T0g?V|5bK3$&Q)l0YiAQ{(PrurfuzMld|m{-1UM8XgEj_2-A&K~fqy!@a)_w(iZ
z;Z@7Y__NbL#Q#R<z5S|k)Nw!ZgHZT8y|VSr;Ud@hwXauRK7704{t4Dy{O@QVcDk3U
z6OC)JFNpR6`IT`nzQey<9Q!O%9)Xd2%VeXA#ZH))`1$bdi}I{R=krB>dkg!Svm?q~
z>bGl8eE$A-=;6!p)A{<tPABpGY-gurtk@Udv!VOlj659WD52w<M=v;j*BAH1YsDQM
zet*H|FY6SbL+I;|`LO$rd2g0)o<5=J$m{GybB4}yv-zQS3onv-n8lqu(euaB(R-G4
zmY+|zj-HG0%iE8`zffPY^S8iE)AM=wF7eQSE?b|f{T=O%U*Ey6-f^d2FJxSVeLI9f
zsu%cA<8f_RosSG&Ow-L<ew-e#8`>|)KkQR6Z`Xahmiu{{hw-?=%@2BOd1Up(d>!Kh
zC&#zDv>UX~%6x)!|0c^1>GSvk$9R<9%h7&S_!sr}6-wrBdj7%JL(0e5tL1#<>*4cz
z?o6qN$j6Dlvh5u9p$lfU)1|)_{X*5RdVHB}SKatd<hgzj<JG@vzTuCsZ<dcM7hi9j
zGlAZ%O@H=dl255;lrLWYgIy7}P%nPcdhPrh>v1?Y(AxYhxv1ptl4We@{7v>RoE)F8
ztb@3Bd40RXPH49g@1ynN47Cr+73K5cN_HGkzhC-t!RK&3|3T-*^&E(=KgJ7aKXKn|
zCw>3sEqxa*Z(S%4$M~|=dJ*JZ`e$2j=y%@u+}}^PJ_UJQc|IPR%XD6zmybNWwfXzg
zbGAI`{Ynmhy8K<u=gZvrUid-QKb*f}ytC`UGHzY@Q_=H+IixQ6AJ)Ys9+><1J-g7{
z$>$b}W<Y158$3YTJ?y)j%;O2XfA8Me7djfZc)!Ep$Dz0Ed%OKj#GyCn<bFY*>*ry*
z58Z78X|MCX`}<#5p9Ejo|8nv{kNpwof%Y{|4)`HG_SNJZdi8!AaO|r}I(Obd_L1oP
z&Iyt~{0;)>rJlR{8?qno?(@j{s%zI)cvZ@=sOOQOZ>{{`d-o3FH?UuJKQA=h`22>u
z$MNI77fj3PeEZ=YG?zc|OKJys|InQ)l6523Z=xLi5ccrTW9QW?(95|p=a<j$eLy-#
z^@-Fs#IgP^zZX$mU-IxR^!%E9$2;H!vohn=^$)*uk>yt~>*_rR{C)-2-w|)^?_a=v
zI0t`(j$hDj4&naI&6^-+zR6wJ+Sk303;sVgA16()^&`-A(a@Z-q2*t_KDL_9-ym;Z
z^Ygf#k3u_)Q0z$WgzhEz1RebD^<Bij@H;4nT_*ZVKIokvUau+YJ(!a26E+y=Kd<!Q
zBkvnh`-yRTMs7jhKMc&>?X7;)PIR(iQP)*Vs-OS9GQE4m{4lOAm?ch<c5pcVzI8#<
z(fbQK2#$6-FU0s!)<4L0tz5^+o|nV<YV1SN??~`DQWxU>(*KHnu<Orl$JUk;^sF`B
z*_!vg>HWClt^b6k(9ec+&V=IyQ|r6P2@LM1`SB+Xvi#_GJ$AG8l=^jD|9PIzv6Rdj
z9H)B>{~<c$59dm6e23H|eZ>y$o~q=J&K>Z$Av9a5-oUr@aFiF?F&U>|o{#ZL{<@{~
zx9&Umq1~&+&o2i*{-3gUy>ja<7rY-Ve6dbg9ip6mDdpGN@`j(mZa=m@Z*Z#k|3s~?
zL2v1ITZ{it5<VsV9of*}-p-P-;9WR$_+Wk~-t9x8KBE7Z@u-`p&1*jIKT`CNemgXO
zJKo0W-C@puDb=@LI)D8^>Tki|T-4mZ<Gy)lq@K3EU!K?BrGx*VUps~OVexxZt=H#S
z9j}9LM{XZoK4m?odR!^%sMYeI*P?pA(T~?^4<8z8{n)j?w+@ni4*Tg6ci%gB-?6@P
zzTVeB2>fe3H|U3xbl!^g7yB&8=e(9%t#$(EKNc@Y{&5blR=T|Y2kXLl>%p?_?$(24
zz1^K_$gaz~^<bfM>%pRLbvvH5W8OYcHIDO&NS}@8$pP;6vufEbZ~s>Ov)ZqHzpa(t
z*T0rNemQ346%58ZzWpHw{+hSm@0agC&$9Ijc5~rh&k!8?!jEp@-z}i=md=~7KHM^1
ztoohjzpiEZhUS8mr9OYUrpP(xVS+2_JI+O5e=%zZx=+IM*<!l?_&0sG8uh1T`n>YY
zThGQk&eaF$7o447AB^+RzGUl-Ti29!jeg%l*Y*Fd>-xCI_xu-9??;d=Y`OUS{e1cU
zg7&)>U9ImpZ;y2nxp#>9t_yv?`*HdP>G|Z=ruXIh`4WG3<MLYH=e2!@{n6i{Uv4>H
z)qW@bo9}lm^Kt!Pz5dWzyZCnY;~3wa&h3J0r!X&jTk!?@+xkuKfVA>_u5WKYUa$Re
z{tbSP^*O)2lJ>Rwyd-d+586M!et|v@$GU61;ph5ZiN8+u<#D$EaO-Pp43+j1A?oEr
zy06(<KdiNm2E7o1KkV!Ojymj8FCBhI{sFxYgLJTa9)HZ^#QxR&NnW~Mx=t&<qeSn=
z>w8m}ANlgZ-}fVokNj~*Yv)(Kzhht6*Tc_`|9kZq*UZuNX@tVx_3M6p+Je{F0`q~6
zd(h7#-Bg}8(|aP^uZQXS@E3~9_t4Dzwe?dP7cm{}2i5ovzxC^n-_F<ij`<z@r4~Kx
zogH_(ej4Kfskfo-KhW>6y(9H-!FOv1w>~20)&F<wGr#=OufMhY62JFwy6)rq^nSnE
zT6$j}zdiH$!w$9RYJI;pr(c3TB8Pt8M(?vhF5<QLUo%_g6;E(jy$^(WrSx;SFM#%t
z#+Q1pauePk&c~sbUoNd}uaNJ0+bhULyZvL=Q_=2qT0+{f_q2Tu_&go*J^w?jo632L
zg2`K7_3h&KqrTnI|BC(HJXYum#!v6ZeR;L~4CPRZuGV*)kM!kt)q3LRv(~)dr^omU
za&TVOf6q(ep}B8y8Bb>ELUS6wGg(Z(Ltl*h{Cq-gYjOX4N3HkKFh23~x1pW`Kt4{=
z_5^z8)wf#qeOBM41phpH=izu49`_#byIJ!7ggf_$`XTp#X@75`ZPyC=dz5sKkIxH*
zIXLJFN>?4n`4EIhw$k5Pwv&IZ2lIaSyQ4DBM!VwHFM;FtOtD_wa@_I5J2v<|a)e@k
z$am`od3xjhDQQ34Ic)H|UC)6aULSwR$NmuZqeJr|kFSgRdru`jr|jsn{*!N4oQoOE
z=VPcn<&f@cX&m-hM9)9?`NQ|T{9yiZj;7D<J5f34I}x~_DDSDbcWHnlo!ql37{q0t
z%kAgOI!eJnuRMKGUN`GIWe98K!{?Wchvp4F7gaP*X?=j4*Sbjk!@VE>9u;uRBfvM0
zPVj=hn}+vrVV7EAU}oyR4(tTKM3`rXJpZ50<r|o{w45<MnESmJe?J5Dx;lhCu&)I@
z{m`eYl@ItA!nxZ6?LZ-YZw})@8SlD%9$ydG1LwyV;&&SYEk8Opt>g68;;q&9=h7=L
zAJDg_o)gb2AG903zF7bA#|5C5a;R>9;U^+*{*@!jwRL`ue#`g&YJBeN1N3`&ynfe^
zo>N*tZ|5UeKbUv>z+d4%2!CmQl;@}aEBRaC_w(29TWin%6+fC^^~CSD^7_Np;;pr_
zuSZ_~=8jj7$AsREv(YXh%xfR#w?4i-eE#^3aX3PZ_kH?oym~y3{AKB!9l$@24&P-Q
z7#O)9k9EXi`a9{hzRzpE_R#f>Y(D7sM{{t0Uej{AqRxLx>HJ5=c{DHJeX_jysXO<P
z<xB64@jQy=y*i)5dIR#0br{^Ytan@}?>*4H27YfVG*~|v(PY=J0yBm~cmH{u%Ex{#
zLd@Hy>wO(xFX)GL8>}};ykJ_Z_qXrccHVzSrf62z`=RhVgwV&gYhL|Cz0QW!<I=ge
z7xmLaPps==UMu>+Uoc*GeggSB@x4d1Pjo*lCysq^v4fkZp+5Tdf!!|cCHCHYdmDyk
zvB-wB?y|lOOXkR~Hf%6m`Fs-n&ch-$-eg|n^>FA<<*f4^Uk>i4zS2e3O*iL#Yx*5x
zz7ONxC$D7>=nH?_jo(MX@2$Ffbe%_t9IPAecbU~UFwdNCL%P?NiHBwozcc7?yo(As
z;OED2Z%WR;(eG5LT-=NF=_MYRA=g_y=zT;Ei)JW?C37){4dyZq-Mz3p{@Hg9L;W2K
z_r5WHZ&BJ4ci$BE4CVI~!}NC{4<9J@S#N0xeg1M@zo>Fb>HSs6k?+-d9K`3f>Aqh(
z;fr#)i0@gsauGe<x|rNwb??ZFKB2CQ74=?L^>@i%_3vJ`%-`7y`Ng|AKE15RL2fBs
zKg^?Blk=NThxJE4y`0Z2nvb}?mCPGl|ElwurE|Y8l=eevU)%#0IR%6ALOjnO;NNmj
z(9Ppp#*1dfOJ)5Je6jD5U9YIV$6AZ-@BgrV6Qq8cjfa|_f@vAA_SYpRiyv;Q;m-St
z-a|P~_o+1Q--Cufwu~3e35!a*13eb+Xyt_Fy3RJF_i5YPuw>fu{XwU%%tJ!66W?oh
z_&bs4<=^l2<G5D~y-?oh-+)7(ZGJ2ItiFK_sb2EE=fK><dWPvb3)0~p_$x<9x`R|t
z|GUU7nr?h<-mOcBJsP#$XiD1+p{IB9-mv+kdzGB7sO4BvdfJy!J>R}b^sOcLJHFr5
zpnM?LzkeMnU#icX?~>-bA#GRw!Tnrd%6cyMPwIz5IK;cQfq7({loQH*G=Hbx|K{>9
zYWdUeC9&NbRBogCSyP%%@jLe}!o2ZoWA0P`LHn|g{+<Zp_v`*W;<DfG+L?Ok<=l5*
zK#w^1BM$x;AEKR*{X6Wx1qSzl(SLq)o0L1kEv^!K<6ioc``UUJm?vJcbo4$yzw22r
zz_-`mb=dD#;e!zAU*q?W3g*$RrT$)`_uhSez-RKk%g{W^=hchm9DRQd-yts>4-M{H
zL+*?_MIVI7*OjX0@jA`}K741<5Bch;`2syc<mdB4t(^k1lD@->__Z7lQyk~bVHbpu
z3w<G1@|SOCpAPv3UxeTbePMs->B|9r%?N9^YWw3m?4ONS+aG?|UVjHk#&3bypjpc0
z^?_nPImZy18~!PN=i}X;6#O@*iXR#+m#N1{`hEGGbh=l=@1hsYYlm36lG%vA7fc>q
zyit};@<r{@DHf-5n2XVybJVYh9~KP0AE5K3GhUW_z#a(kjs`;U-@r6}CG?lFKU00;
zd%j_c<J_r)uAXM!X$Xz~e#0h5i+$>)!|$+2`QdyL{jL!I?oq)^_(t@UkjB$%3x9ma
zJVNFn*jL86fr2UjA93#kmt}SS0iWkD4~h!Op9evsB*Ua4B_*>0L_=d`Wo3&Blobgf
zrZp;8ShlRJsBELg3X@996_u4O*Rb5eqGii9Dk?0t*|N<VEo!#j@45bPKiu>TxA*sc
z-p_}N?{&_(&UMbY&fojo=Q;OzEI;`|t}k`p(#Q3sZVm60@ki0^ukkcoQJ;U^`1+GJ
z|G1~&Aj!A5+fU$n9ff+e>jgj6zsG1l(R=T?z2bfw>DO-mTJrY~3P1KHo9^Iv>K`rM
z!1Qo`JdKY5(<SrAe@;Ij^1(s!nl6_kx?YtVn7`<H-T8f<=7WHFPUeN7^2_qULGqdp
z&2KclD(B9xTkjWt;riG7%zD+jeda&Mi!rDF)7GQTZys|{JhxjOcX2)`gZ1h-tZuzm
z-QB*`t?ky`zTNFt-Cxr>S=%wr{YraK|L<<kfquD9|G@dw_O0_kqI{1)QSGDks^4vN
z`}6pQb+(MZ?r`>x-p*A2Ks`gZGu2!3S6d!@UxE<#hS0c=`{!wX@yYnC`3o494-S&o
z_Tw&x`VY*Xla7XKexmhLw_LP*tK7i!qUT%N?@;nf<#*{izUw@#?R22qXCAqf+ll&f
zdw1ITcl-PM<Eb4LRX&sYjp|YPfUFxm<`!v3<+8r}l*VH{pXBL(PTEiB_`T+taojKU
zdk261hTYn}XGuT(@+Ir<>;K;N!SXznMfX#A%vmxoOcwV@LA4vVC){T!>k*#E^|`@k
zQtxAXwafhf4y}v5W?7b<S3IWl-<&U9AMo?M?l*Z1_iwLxSJuPP+*i+Geb<OxRQ^et
zzr04n^}DLPj`H@;OVQT-FD~Z%Yq`GL?dzZSb-q`8Lw^6R@ff{E*UxS{zcrQ1v0G5@
zn|M#oIWMOBW3g_N=LEIC;-r&oez6jhd&Pe(<Fh`$D1NuU*R+4g^`UY-Cvf@o9LT_Z
zV`u+F*RO7zN%wy`_rd9Yjh@Hlb)B=`Q-8M}x7)2(zgH1$y{PFNF6S_Bp>?aje?7TW
z#>dCyd+6$}Ud{E<Nb7vurzZC0^|Q~goa286>Gkyc4^<v_IW(WT{?&D{>QU6+H%F@v
ztuOsf&Ed4p_n77rxjc-xAC~$DzTecs_3XB@x`)cA=IcP$)dwo4>+b`VKTtW<tL0NW
zxyw23MD9;oALDLk`)PR<^||{me`h<oQT6M%dmKH_VZ5h%Jh2}{<FMD<u$J`?bmP0t
zNvv1>^L}sL_`VgbBmL$_vYuRVFv~p@U_Bh}=?~|4cuo;HP7l8ilkr=_IUU@mM9*Db
z!}<2feB?K`OFz-_f4q^?<?n(y`!*bo=P=2?zL(JP>Kb}J@S6Ab^SE>MomP+6d@A`@
z_k)LXd0M2M>OAPSvwq)3+kdqFaaj!O({b)|`8~xX`aK2mOZ#j%S4#Wc&OI(Vt}|kv
zX*}!E_ey%dt=>-<&0ptz9;cmgl>I$M!+$9H^;|i>*TDBjFK2seIo;trZ+OgVSqI0-
zx+PkE)ZcynmHj<tr9AKIx_Tgb&HfpjAKhnSx4u90o1H~$r|%BO^DyO8_4wp_OSorU
z-jB0BuX&R0C&fNHt@r)?;qTJA*7+`LwDM?w*Kl`z>3LB%@;)!tBUDb@XTQpp$Jbx3
zb+fsAT0ei1d0*|O^`!pM_Ko$P42`Gqx_|EW*LBImKj8duyYQR)Xnb+%P4x_v*WVj>
z%|R8M{{xkC=R@N~%cquC-v=CMIn~~(KU%uc!gXKQ9Z%n@sXwFFsK4s_;|Ly)*seaq
z`)z)68tuyk%(`7XZVlAqF&dxcyoT33zW#NY%B!5Ni%yKO>ET=m-E%a!{ti@5&$H<M
zwL87e4{g5jyWv(&kKd~}>FKz^>FIjh`R<_RgTLd5_pEg9o)cfo^^+3YuDs^n%Q&4*
zdfxIIju$Xvx7d7mj9c!^z1AP+N=ZH-^1*(2cX{0L|G!FSa~!t^u2-i$aQg_D2WbB+
zXqpLQ%s;4KhWh8fdv4|UtOw8G)Q<ept^zWy2Te@C%Kh*0IUg~SkC5aewm%<gzZM$T
zo#%!34&`w`pR>-qfa`7k85W)Iy8m6CLv=pXb2-2Ly{$L={!GfH&sD{w$7@)R(+|}D
zgIt@gV^6l5$FRRw?BkPi;QPQs=<B+V^R4g0*zLR@)As2`Zm0OpIkh`q)b@7k9$U`A
z?fuw1wx8Np?WoUV>YhgSbnKw^)ODiTRr8l8_f4zb<K_Dl?*94NZMNJxpDKF$=hH7f
z<9suEO=c6z*HU}+NIzBdn$+)cdDJetf1qv-_x0}!t3S&*^J7Pt(_!?Q-^=+NxBGsQ
zbHdeqJNf(i<LUTVv7Ytnc%=Tip5XHb&U#{?|6u#5UG<)D#b|cZ`qA_sd*9~AXLuZU
z#!X)LqP}Td_xFeExuI$DT~SRx678Fnqp=U^h2E+8{GR2t5nL~Yi)?y0cSO(GKEv(A
zFZCEOY~P@1p><P?d4Mp~Utb3r|Cy1t-NcBVkm!j$U_E(Me?iGljA4Bt(HATFh8?gz
zZWlq(^S|ed$L;^Se5pPzZ;X^TB>9Y$@(z>o4nN@Xs$MSl(DvhY=rN4A??Ijy)XnVy
z-*ce$;K&X1_xHz(*8a7fy4UwpXYqJ`7d_Yc%>qC7Q|*5m&hvv`&Z`E7lw&=C{_)JM
zPv6IBztra*ec!M7JxqRItk0vmK37zEM!lC>pJzPgHQ5*A^gX6a`lCL7>bRk(;}riM
z8Q-&}b&uERxI1us#JD8m<-qX|>C~|uFQNBm*uSLp6~2=}`&S<G;Q|iV^_`YS$0r?!
zbbL~IMz8sV;$t3`^6+@-HQ!v$_4ym|SG&36?V@m;bE5YqICq2b%AVKM@k-@6+}H2F
z=67~{!FfAcU+K8%k?{=Q36ke^4OhEs{&?KOxt#_szxs2$!T$eQUf<Jt`_or_Iu8$Y
z57z(Rrt8kPy4~$W=X-5W`uzzv>hI|JdlUG+`HR-R9;5p+kI236+CO+5s`H`8%#eLf
zt!KAe`_Z(Kwtmr$x3S$-zv|WJk90bR<S~q1v$2fj2fBSGAnjiBqsZ+&B7gMW9ryWD
zK9OISdo$e&<uyFN;yVvC?|S82tWV}gzx1<!;q`?xpYZx6WIm>O)njy?)cO5?oo9!N
zf1vYhG(G?8JR40Pk3WuGcz%dJ{|}{y?L74SHI%(|KIC!p|4!fkI&ViSx8{@W_<xsA
z)yMWc@b!f|pIo1KZk2UFG`kO!3-+%IRG!BrpY$(0CsKb4$T~MD<7kZZyO6AlhF%Z-
zuX?#34U_fOa4BD0|9Xq<=aqi%JnuZ2Z^tFwe{uFHcpMIzxI7ykV{W;I$FBpOw{`y2
zbqVLsYj}O(tSj8}+5#F6edYy1zqy(AQ3Czt(0S-U<xUoTzZgQFTaMdVK++HPr++!U
z5Ahm(|8|M2Yxp@3=P)E4jc>nq<i&cxK40UlpX}>+j5{9po5ABV$B&Wtq5k;#+{yOP
z=W4&<@2dyo`|3eC@9U(?^ORTGqqbj<8Ooo_HCSH#xxD`V-(d{Y=hpAIIlkNN>u;y3
z$DPj4<o*5)GwporF^u?KmCW<*d0FRGZExqud|x8->Cfff^`Y8Tk;FUW22R)Q&j0^;
zeQ+%GXJ>t&Ze72;e+uWD(Q9s|^|bT*8C^ds4)t76|BM|MyyjzBuX20T^{eyUOI|-X
zZhn5(^@)@ItMQyaeJ`ZzF<l3D)p2_Ie5d=>n(jci^Sc`@&wobexkvAN;CaB)KVRtn
zx0Xlq$Ln9GJkiRh@_DpxhW9`5Jg%yH<@dP!(d??vDbb$0bf56YU!q#jFVubA*8|;8
z%DEN|e~Z4ihw)4HwblP+IS&@iJu`#zui@{E;rt({`<L>3rSiINR`>4h1M|HvabSA?
za)lq!XXWubif=9Y%>$DL%DeYTH63nOgZEo?9nSTm=W_<5J6!iQ(`5hrVmZgE<C3Db
zV|TmO=bnM+m3!j!dC@s%!t=7%{HWBH+X>fwU7fdeULMMy$J@br*dOo1X`XZLeX62z
z;=Gug57yry4)n+OAYbJA(DTE*AMczeN}zk(bUx5^3iid%vhkeqvfaGqf{Sc>bNad4
zjswR7j~VE8;{E4wLEp0u9v^f(@XLFh!+*^7S7d+Z+?vXbl6i#RTjTu!t*`t>-_Ps&
zcD2WWxt-sG>VEn!NiV)5MemzEhTm@telMZ#0i%Vhzm6k1eyG3uJ%{?M+(7i2)$;yY
z=Vg_Trbp%U_q;>N>$s)wr-zc)acC&H=~2cP_D4O_xPyI08Fw^&eGkI=eezz&dB5Zi
z-$dUZ@btf*9V%Zs4(j{<q2zUb(0#F?<aM0?Z|$%9M?>k?asMUyZmid=q~C=_Z?CG)
zJ#XoICw|}LyytU|!)~{Z$2xB7K91JkC9*D2)O}9HX#2&wj#0hZFL_<7<D7FoQp5Ee
zfS!ZY-<7^A=PcZ)=O#Ixo{x3(en9cOX1$!RVZFFFf&6{_{%SvcAO47(gZTyRZ|m>w
z6upMeXQ~_b!pS(J<<)rZ_kGdqrSTZO=CeC^J#o!X7}eg2s$c7CV0_Kj|E?$6IaX~i
zPaMJXS;?Dr+}HCw9^-Z&O#8hav6t5j%%_t-_1F4QH`@W{#_qT2;kzw(p0xA4mS5Y8
z)`#1z`p(*B^XZ)Hne!Iw(f8SUudB9$Y`K?0)6@2#?OM-mX}&almDl#D*jdHt?U#C0
zeF;ypf2{1wXghjF-Y=^@MU6L9KJ@oVpVRkPF`i0!-R)8Px$0N9;(?~8`ZXS-*SsV5
zcYL>gC;Y!nN9$GfMr$W5hu?2We}030pXxPtKV|LiGg>d&Zq;AQ<8DvtAMIS3p8M8u
zi|s#n{iOAB!hrsR^KMe_ny%Ze<>mIK{m$tZY8P$q+MeH}{^Qs|`_I!etR3__YdUTy
zI^*1b+fP)#=3n#8=;+n<uBh>}zBHcB@9y}ze$#M`r+U<1^+b!Wdi1&9t>^9+dHmQX
z=YB8ylXc^L2qDfz(fIE-Q=ewJXyH75;(eLOxzo}74u#skbUv7!X6Fg#_mSF8qm^6N
zKZ;szb?doSonQ4m?ycoKUb*ufEgh{_MR&ZR#xdTva_%|OahLmtPxe)vab3%y@l;Od
z^=SFjdCi@_X!2T~f#@|)AN<|+QMqXP-1V*HaOcN8e`q_8rdQJ)i2r>)bv^QHIX|xF
zOHYvJKE;16<??I(GvvEyFHU5Cx4TxxWp_DQpVxd|$?G3YSM_Rt)N*P0RS%=H@6P9c
z_56XyTp;&G>wKu=wT`=*j=CR{_u_7UcI$V49sT@VrRx^_UXJ#A)a|re&G&!C=;I}q
zf9U$ud0Ep@x1!o@sQ#$&b$rqIjLv+nas$JidzE!v@V}<3`Wd6!NA+tz(fLv1ALzP4
z<)fwNPA8hYj<1T^p6Y4-!0&YAIpRR|Y5P~ya%%i&`8d$=PW!#;S5*C)p00cJ_in50
zG>G+fv~`j`@9FcP`?*ff&*=Q7=|%H*r+<X3cX*r{yq;0JxX-Ke`Dnknhn_P6CQS3H
z$LKnJ;PaN#?o^+icW3wD@Z~$KUA!j!Z5|I*ub!XP{JPz`e|fSiUbFmeXK%CB=QF3S
z`!2oFzDuCL3($K|9JiL|4-<L(Z9JOws=t00fzfNYTsZHvip!_vQh9Z&y#78we}D1a
z{(i&v)?+_E$ENQ!1LGZNc%VOj|5=YC$L+$ozbBT?JL6o6{C-ROkGl1DIA%KAN!ykB
z^F8P|(<#3@dR2aRv_^h+q;g3QSo`7L3E8*M@4gIl`^>=jPWx1QfBgyT;ru!KBB^H%
ztVgXEozD-wBQkvO^ZCGid1s$o_it67=7Z7c2liB}EnnKzk?A=7Q^y<C)8w;q7#HcB
zyvjM{^^W53al=`!ru(w=i%rXHIPP7N{R-9V&X>m1@EhoyI^M4e>O7|Pr2W(#PtTzr
zs692k=g(n#FnZ;CB0h7&X7=at0KXd)x84iGI9OiGr}lK`b35Iuh2NW(N7`+0eQW;Q
z@z;05tf-gHF`PdQ*K~D1M8~mH?_xRCr~9KSA1$Ac(ETJH^WxJSpWkEQeB^zR=?=~}
zzlYG@r#tOM_nUWK#pPBkm=S3QZD)h^YX09v8@A=YD#OOZ_u${*{OI%k$X{4D+MU-T
z#;JuI9<98ZFSVDV+Vy|ctK*Q~r^e%_V~=S0(Q<yjkMr%u9W)N&JcozFIlsCe;XIFN
zIdmPZZY@^>&9jc3A0xYY%&*V4dcEdF+8@*PHO?<n_+WpQ_n1%U_o+^JmE0GgdNo~l
zxiw!pK56+C&!BS`Uh^%DTR0Cw<Fm)GKkgxwbhX_NOvhumoQ~bQXr4qnmidx@FNFIP
z#h#2_qyF`B|Cr`ypnk`G8vYMzk6!cOh5xzToj|`^!gm$v_u@YD3H3L>$)$FU-@V<7
zYQQ<38|3%os(+~VIIw?v%s29T6h+Oy>idX(U*|P{qVG82`_wM?IBADR$v%GYZf+lL
zcZMrm-I|W3I}n}u=?a-o?xcG0nd9ngI)3x3B|JW;9>rxHY+pvN8Iw7198tMf=zI+B
z&k<DnJigu97r)PIXFWdoU6#fhm`|tu@VMiV@khrikGbxrHhr(jmUBXG9H`f6H=52P
z`5gcB3kH@~!!^GCu3C}92kX;w1d2M(@wyfF6wo~FG3p;pkB;Yh{><&xd}%(lzq!X%
z4X>5`b~i=~kCrb@S8*sgcep+W>U%~_e>8oE%4`03CD((x_4#XHdRV8(x<G$_&;8$H
z4o&BFrP!FpZpCrMtpCq4zUcSNbp4|HQYRnI@rFuA^&ThpXgoEJ^}EZh<qXq2>M@M?
z{hy4B>eg{j-5l;S>aTWimphcf`8`3<?cQ=X=j*(2R?chol3nn72w7MBcm95Jyx7?t
zPs^`3l>LUPr)$Noidt`~KboDl(Y+vE^8&@k_rK+LEowh^ed~K>t$(*$>+cO&M@36l
z^=tm#pUL)C_k><{&yw}K`VS??`E|Yzz~`AfhV|)lEbi64!0Pvz6S6Hv_t$a`RSwOU
zj(Y>$KGQ7E=k9V1bUSj#N&9E?_Q&USHGYRJ;RD@HeD(J{!sS$XU5~N9N7m_HGf>Xo
zpWZ-wdd=C}*j{@7x%<8;eGby+A|01>UGPDo?O#6m&Y`pZ)%<d}$5a>FbZ{T<JnoOG
z$K4(^f9k(uH|I~=;mfif)ApwBBWV4Nd#LDqiZf5D+_Mx9=bCB$^_gMx9EN+a>0DsI
z+}38(37UtGjU30EdAO8*PpiMX^O>jU9GBl@)4CS-UVUe{laHQlP>(u3@kK^0kLK@q
zx_<)qP}BKD+}|$qvRm$@-*9|Jule(X1MQ>w>R+|~UUTuc9L{b}zgzWwIh@0{&^=yG
zemUG(FKK-#?myew3FlquxlrFr`VF@WJwJ%&1d_w~dy?~;w;vmrU(JW6$8v}-`gPxw
zaq#<9ZJ*k&xqabYyp^1e`bXQJjOMTLUY2nyozBN#-7LS8S3B!HIg0A9=l6Dh%Jt<A
zZ<F=-53jd&^qDdA9Yw#n<q4bbfYI^M9WR;c8~yuQE}uL6Q)(ah-UI2^eFe;0^m|SG
z9+T1w8XnJLB;AnN{e;bDY=64Ef2R9||NXw=gkx>~yygkHPebcj?UO|7SC1KpUULb(
zfAN^(zUK0&e7*cWQum)!pF6(R8~c0v&l`5h`HMu-gMBGM)uZX?IqM$UKXcA=v%jNH
z-Mmiq^`|p1UUYws=bVSs^9yQs-EY+WN&T*Yj`uu1y1zfG^Pbk5<93(Ry`QG#=lh|Y
zaj%Is_`PPb%&V&B7qpIa?m^LYnd(tFUU%Ymmk-$b^ckH`RZiV1ul{<k7T+`K?9b}H
zuzp8F<)g))ME4-;Jy%Y-_})No|L-R?{&*>`wllYWl~aGMj|y3ryWJ|s&w)<+aqCGZ
z`*;n1FTuIz*e$2uQ_y>mHT(;jSG?v#ng^Y7YPjaZ9e<!3=QimavPbfP^|G8lW`Dn#
zDCdma@zh__;rqS4W`^8Dq4En4w&UI4{Bb@9KUeDWpZ*?tpnGt8((>|sG`Poa4Ua?W
z*8HiQj??#F&h2v_{T|DmKW84)cmtoGeP%h$*M8GS_xj`g0`2<;%?LX08Dn<Q{hc8*
z;hgU-zdIk<^KE``&vF+a!d|*A(tHebqum6*TYuxNY=>6*{esWTrvB?U?LI4y`_Pgs
z;&*_q`AyT&dv1E4VmnP-&iR``>ESy*S6Fw@?7r0Mi80e%`Oy8z1KpQwq~8<Z`(CoI
z&*O{V@O_|z>&LyXtoE!b;rw=;%K6pjGHnMs-s$^doj-p35sCr3Yxz~4-Gkfd#-+C0
zSl1`obcW7fQUS{+g)BPqn!aMR^iGrKyi?`5dtm;Y-`VT_lj<3`Z#lReZ^qgD<9p|{
zUUTxL@!fXTcJacEh=%cf?@U`BzuD-u7%=teTs{uRctYVm3CH(|Bz$202j^>r+&969
zeP4NgA1a>ikLW(>+aDZQ{cyX(`xbehG|=rE)DCr?Jc53o=QF$y;WxZ55io@ZSk7p6
zu0R{H^%6_#BcHj=Rqs0Q@OUtI{^#)M>j7Oy@;Hg#Pslu=_8l1Rv<uzmRn+GLMJ^A1
zUn1{?6xCn#za#sZErdREjEqCk<YHwWIaTh-{D$6xdd;GraC_tDJE#9@{@wb9dhTL*
zXZ+Xvu9x-b4VAWDP~QXgM;!Zbe!S**YOg+%OZ$Bu$*1H04{6Wt{INao+?-;|<uh;m
z!=~pq)lXXtm^0+QB#n3CPpm(lGX>RO^R44zBaMrWeca`|aR<~ukKQY)`>VIP&MT|l
zS<~3=f0z9xce-~`esR7}`jb1n`xTpS+)MI3&i_ES&+MZ0k;m};7m$(pEc+Ig*L<j6
zT}S`FT{mmHQT@Cw^~n9H_<d;;r>}B4ZY!$4#{VbHLms)G+iMyJyti@MO@qkkI#u0_
zPP~EPzJ7h~bX898PaNou9`7<*59@m`Cx5G>`1jufdlI(?y}!HWE4Gu?kJ@7gtv_%t
zt)M%6gS>xa^qPlg|HfnX?qGe4&U+Qrt9lgGzg_M_S9FJe8^`%pbcgf%U;OTd&MSE2
zeXzRm9*Nqy)2}pLzPH?C6y16c?zQE?^Aw@aq|5zbZn+Dje=vGYG4-3l={-jCvCg-H
z!*8Sc*<%#l=^R4)M;^oIHLpmzZn-O@oiaM@Qsu5Yh3iQ%N#r$L?W5z;w=zDs-ER5E
zMzFoY^7~qM_|%acUYx-7=?>R*q`Q4a^LNJ|LwddDC_<mnbfWpY<6qdp`Fm9CG0^QZ
zz2iCG(fn24D7u%?sbBT42yp!Af@<d*>Akbpv=I6R?RRQ?mA_ZsTfQ#+Zm9JI#~-|Y
zbAJz;p9k<fN&7O+_uTYcou(g6pN6~hqwAb#@%VdD?t4=GhV$o)Z_(l(PTwuS=>bBI
z8R*8n9&!#r^QXxAbp3^WfNbs;I<KnREwA~|b-O$Kno(TOZhv<?-dDu$iRt`;&m_ux
z>W)_^_5FB;&7aQ%>A4X1B}MUf$A74c%T@9gV^1g4U>%|LqVEyZt?z@U$$glLKa%s9
zEbpABW;^(!JeT48Ag#Zh{-F6=yMgn===@$--S^3ND|Ft}?})9N$njK<*5mh1wEkZ6
zJR$D;zSY))-(;R-{R3uPxpfE4#S-6L4%Oq<tNyzF;_q>J%z|vL=a1-q7I!-x>~`1x
zu4EhEYfg~-=st?N2d3++clEnm-<?lKZm+yw;rhmNVA6Nn?d~?Q8@+$=m}h^5Y*{;s
zTg$Ead7aJ&IqwtBZeTmO^P~MoQRAzed%sin9ko5Gyq*J8)Np;zp#C~u==kGCP46$0
z*beO0?=pDhyM8`XNc&B=mx#`v1Wf*g+-|O>^N2BqzY7sESIYTBEf43{vA^a&)77u}
zI}lEK&pc%F<2S4y->oA12M<`krr&ot*W&~^PoVyf(fBfW{MT^Jr#t@|?%wxRe?C{{
zth?K2zX{LbWUs;P-yKiWty{<S!HD_WWmmVo{v!5LxuL=}T`iw`zr-D1^=iDX9@`&0
z#@!Dz|0>7hr*lr!?bh?6eBQ)o^!={JkCwk$`kjy0B+9-ye^<qA-@)~(`gESs{Oa?K
zzIWm8v3SjSSK4~OJVfdEO^Eh|hE9jS_cB!eaITEbaeGZNosaUFrs3S~Q)NGTpdAM9
zm+8J)G~{{0v4hSVx}MZ^{=jq`d9{z8_t*1IL&<AAl`E3>eJS!>6EExDWEpo<PV2|r
z9+PJAys*vHk5%4XpIl#FqwRvfzc^HV3@*1jU+#4DeTk;?pX))tYjWVI^`*$)OYs_a
zf6?!#L<`q)L>u?q^`-l&S6;?;SGUSNLHqMw!|zXg@?7kf=f;51@1*ee!@RN&>6383
z$&=?HMa`d<Q{6+^Q}Z*4)@5G9`~5z{`~7~|?+?g+f3SbQ|G$;j{AhdA_8ING+}FS0
z@q1uAe0P)1Vc>hT)W7w8pWn2|c<Pqd-?eEu=g2yD{>20J^Ef<sp1t-)uD`Qs92-1t
zx!bcl{h{2&mstH+&l2MM*|%7?&pa*reeU@|_vuzjJh%Q0pWAXp+t+v2_XV<k*7ZKS
zedeV1dHh@;-|JERx*x^zIR8w~vtD^#@R`gg=Tp?~x6peGd?#G;t^TS%nw!r-c#NKh
zxPA|c2m72(=aJm?f&0y5KgF##n*VQU9Q7DR?8|)Tc<TJlk>4NbIheueAL#mD-;@5E
z-m~g^V85)>ocFTP!qr~dKJ@ug-=nKr#{-qu_h5?bKe*ki{q$Ud{%%iE!&UD*Sr78M
zAJ3ELa=VV^AI(nD<fHlP_@U3Ad*nGZ8XhgrpNf1Q$0O%s2BZF-<X%~CC&~MYkL3C4
zeDM#7f3$MB?WOnP>Gz0|XdmBijyRF+_TAwgGtmFQ+okRwXuns~`Wvbps63<BTz4{$
zp99@KbDitCMD@GNuWrSm<TTt}{-NU6$T-1>{jezGMznf!m;29hE^i~f4;tM6ZxH?e
zSMMdxmfy8sN53<~_togU0e%<Ya_jFD_4k+W%Y8Te`(3X&hQ>vo*?$#}@BI7tfSG)a
zbqCD~!WeTK{VvmEHp+R&Xy@ks+w*t&yw3Mg;yezWf5ZDtO3yFp<9A_;xn1e+e}_$G
zcbtstWBzK#f4x7#C;8X-INvGxA7~HMyTsSuPYx3|+X>$vmiG_SWgNSb_9<|m%!f8T
zkGV<gok-_9d`9i;-tSaBjYYN}<Guny+yhI9bMf(3AJUV0{J*yE@lp;mm+hwe85f*o
z-8d(Dug#awEG9S3ozz?ZfbmJZ7i9k9_uL+%*ni)rjGx*cFQN4Yem6D%oqbQf&mQ+X
z$vJU7Z^geC$N9x+Hht$F<!Jug@4UwS-d)d6Mhn;X^8c%x#%ukQ?fK53Y)5tH#jtw}
zy+=j=>SVbO-e&)FYCk^n82!%7Z?1Zs!`UCde<OeV?nnIfd-K}v^gc&Dhwc8(AK#~e
z=d|}>MzmAyXNv!(e&#iQi?`|e<okEd`_*IKi_EXbJVEUS_jJg*gwyjIy+=0hbe8`k
zmCqw`gU{<eDep@^9nbQ-kA&Z~oMzjf$4nc?{-Jx=Jy)=4EW7Wd`4Hzy|HyLMj)$^`
z-q*QK+WA3KS>O3|-o;}Wb^O5h1>}3X?LXjj-o4VI*Ywc2WS`lb%l<!_^WFaZo)y0n
zqjSAJQ$E|u;a<_RIo{pm?=g>Vg*WsLCHL>&ayq{0Hs8*9Vb+W99k}$qyVL6Rn9t~Z
z5q?iE_ffjt4?W8H(f+6FLv1H|9`^fdS&pBNy=KR;oR30zFQoey`g>(vKRvd>%6X06
ztJqq~<=F8B>vOvgRQ}ULIR5|F@=Y>dy6rORTuxu@<i;|2?%X$w%liYFua?vNq5Ij|
zFZFj3`rS~!(f;nnUtGfac;6Pkm!<PBxW|GJ_x=;=eXbt4H)(J`e2UI1>UU9`?~}ek
z@g2Pfs!zu?zE{SHzwf`ym+ps^(LJOdqu=L^=CA2;JM|g<PCVwX>uviFm^i|q3DEvn
zjPVhM%<1wSZH<5Ji&ox=&+?f6NIuvvKX8BAxnFlx9@h(}i~D?O9MtpUj^6*AFK2(7
z-v>C~6IOj{-$$uje#7;Jd;H1H!2_=UZ)R|Q-}%s%+qqXa+I+&_Ily=5%WOQK@yd7~
zZJjc(-Fi*+B98akCX3E@Y@?;e-=lZ#L)PyBbkh1$zvqDOa+BMU<NKDK`_?OHzr+c5
zyZ<iFC5jqf+Z&&U^O<`lv7NXcw0=E?zmMuQ`rdjIt#`cUVR`P;`-!=nPQTQ0^LknP
zy~nJV-*wpgXJSk}=nE49hJdjq%cOwPO(rPIWWX;IVVS_gfQJDm04D$sH>)7A+DwFd
zBHU+~63+rt=P3o9Z&rAIU=lnRnLEtIz)GA3s5Ajkg69(8CBVgI1SkMX@Kl-8L3fyH
z_*KKN8h$k<78C#_cxn;97JM!EW~B2VsK>PUdQ2mz$@eGI?E5qDW4J#C{uQ*}?D2gA
z!fRK**OTdw1C0WW_7wXQJtd%G|BpST!J9n`f)99B1vh#sgO7O{f~}sCP^+gd^n|B0
z^rWW@v@`USXL)Ed{GRr-fa*fec(#U~h5r^$FKB1zIZs^dFFo;~y3nsYU7;PG1)<kH
zTR@e;cRY!)?}C39{70UWn7@Dm-g%+n-f-+FZ(Z;p?}E^1Z(S$}820WArFxf##&|10
z%R>iyYeN$ec9gd=I2qwn;64E|CnD@5Zy#uRsL<<=ErLu5!cX_E3ZCJu4xR~`4>}8U
zHvG;3EdYP6w=(uT@9N-raF+s0ffs--gnt>Z9JJ88Jh%u{;cbrn0q7FYrJ$wWU9rnR
z%RyIoOM@#w*Mn{Y-39uow<6dGychU0P!sr{1MdUg4_Xgu0X+zM2(%IO3((`BC%kRL
zo&;?MJq>yW^epI?-umG4-ZjCk-ub~_c^iW-fd933ZLrPT6x`;W7kts1G5jUqZ-BoA
zy$pT_@D*=E@D=c{g6{yn2KpW7b#L+To!*k+yMTWHz6JUt>Yx*0Zv)=}y$k9By$5<9
z^Z}?Fv>Wsx=p#@M=wokL@KbMb@b93{LA{_aKwpBsLfC%LH{b)l;$Vz#UN8iT1q}zq
zfkuEvff9Yq!6aZZC<T1jR}@SIKgQP(OarBZ9|t@b{u$s80UZh&57|uk9|nE`=x|UL
z{3e2q06z)x*`T99M?)?Lep5iXpkqN(L3yC#5H<sN0_08vodhcIRf5`0A+QiQ6F3uC
z1S|rc3_KZF3@irD0nP!I0KW%1*Vh8741OPU9#Oj~Mfe5aF92Q$ybxIKD+w+FRe&x6
zUFxd{*7(YTOF%#Ltr>ZnuQb@;n=!J%S2FSr;2pp_fp-G$M|iVu&xm!P7GKB6hd>)Z
zkAZ##zn6VQquN2Qf;vF2fqn=20MrfY^L38;7bxKG9F^nWlW>eb!86U@9X}0x9_V<u
zX8=zCo(RnM`$2mW3P45vZqS~DVuZ~_oVnmn_3w*66?nS8FaC7knUFsdcrn5+238}y
z8n^`EOMtchy$N-|oBTZqYe5f!9tJ%E+6H<V)CqbI^daaYqP+>pfu4l1pkqNZK<9%h
zKv#i&1gZyJ4{8K8fto=ZKpR1ifm%V&fnET$gZ>&w@O&O<4*ok(9}^R-4TeCm!KT<@
zpy8mr;JlH?gJytE3U-Y=CAcsCl;EC(l3-ta3GjQtdps8h6Fl33cVPZ7=G(m<%)Z9h
zZ41i>fvLg|15Om)Zbuvw!5<gF7ew%LBKXrI_;Vxpa^aJJmqhq4jo`10;O#4V&70kJ
zvHTc>KM~>oTm)~IT2>|lGG7UA^KX~#*59UEAiOQFeWbMhR>n@#=^x@87kG_pWj+Rd
zh-W;@uLN0n%b)Hu=B7IQE&%+w;7_;%duYO61<OtYUk?8}Z^pAUc&q1LJo{PsrSN|U
z`#m$kTRnF|kIloC;A^hIZ#u!R1iu4!Va^3V2YLHRv&WnR-XrC*dAI{IOFKFLmfwMI
zQdm9rfd4t3N3Q^H^Q^p;`2^qXw0TGsJu8GC{bQUV03Qqgh1s|#3j7n0{~3M{d<XdF
zz)wZun*Yy7<8E*GZ-f8IKk}L;iQBQtYaRi=8+rcq6pv{I|2AZ_>`%ab8QwM9pY<$-
zzqP}2;B8uc&l=Na{UvX9D|I*g@5j5oSB1agI<NT<{AZ$bpOpuH{71&vrF;V7=6=d$
zTnYXv{C>sS>MO`BxDvmcfS;|44Y>EkZh0JoeD43+m}KGG@w<V8!K;0&Jrn%Kth)j4
zKH>ic+-D*)wk>J?r(1c*eE&&K>k#m^o#ey+ZO9#V5xze!GG64t>O39!d0+HcnF;tk
zJVeYfh^w};X`Kw2c?h@?@}+1S)}A(RYAb8c^YEJh`?~Tt#9fu<HJ5_7{&};oo(Ec+
zXgj|HdOlpsd9d=@<`03)FYzpRJJ9mgXp=TwTjqMPp_QM8ve-Nv1Apxc1@Pa5eXe`q
zHwV1>TYlOa{FdGNN61?~i1oU)1IhOo1Jhx3>BK!<^gJj2>A0_>4ZM|q=V6a|S@^|?
zY;)^>2KH!v2mebXuC1eU;kNnN1-ugeKR`d~0>2WxwvBR;vF*h2N4?Db$np>3+z6uM
z-Yc|Qti|omE^Jy;kk;42UyVF?(2lJBS@5@g#J2yhV1HZ2RQO+n@xkWjCh+m=@H~rf
z+Xj3ecuXevd*Gj0<T3jovlRSkjmAuZzvXW~*+cEr%8Z7L{fUM3-yMr{eBiB4gFa|=
z+OZ;hC!X`I4D#1s7jS=q0nff(wf?prwISL%#O=c#4!o$3T=!dJu7%7>c(kGcU|1mj
zaroa1emCUO&>yX>EFZIi`#AZdu^<}ti{q|z#tPe~)+4Sh@4xU~*v7T#YTh;qzY#Ll
z|Fa#&JP!T|mw$Ju$2=o4?<3FFp3k{t7UO>PUx`fOOK4}1NkzIgEvgIfTCUF!rg^aA
z!)w?hv$kCcf7|A*{yQRM?up>-n5A*oMexXazyG!f-u6e8xBXrDHzN4m5&Xso-rDV(
zE9}?x*oMD-ANNWjpVt2?yia-q{0`V5wcVIMf`3D7^1jI2-rzAk!e58+-`c^JOXr%m
zUGg{N;9fP6pM4Ft4co>hUBvBnH~2W{`5ZFVCaV84(c_VPCZZ92C3+h2nYZ$))7r58
zF}AZU%Y)b(vo=3O^k92|%9t+Wrze214E@E*#Dcdrv~9-5J?Q%$GXiMs{4wUiMDTXZ
z{Hu(y$3f>IpQG)<FBSZk*pIV%Y<+bf>NSUmzn06^k@e4lzpW$9r{!-$Buy*!bheL8
z_n#QUtxn6QzQQuLPDi7USesb>AoLyOKR`Z@hW<N{pRcmmwzl3it##n{VIN>BWR8m{
zua&7oxlVw8f%q4Jp96k9#{ap(zkst4);234KOA$h*69-1+49!^W9*|Z5Sg(U_iVXr
zoZ&y@vRFP0-nKn!t1B>2UkJZ#;Ey;9`zhe9p7i@Yrb_s4?{oNcw3Ex=zZ7{}^=}W=
ziRC|-k8gO1|J8_l9r%x-NBf1Hmvb;?u7>|M5BuK+ez)*8KUYG}Laa}IB601S#Lj(I
z&qS2H6==t0)oJ<D?0XQ{+m3I`4(GAU`r9!<<*m#}$V`;Dw!f@IT2_zcpAdgqi$=)k
zczdbnzv8z%cPBu`_RSmMzZ7}3Yo15Je}+8#68qwIoU{CS%{T`Qeh%a-hkIx)z60s5
zz#6X){+1sOyL}5@%Q6mr${z;)9?+%r_%30D|77sCyzB99>O}C?KGs&JfsaL6I;W>f
zJ}-uGEw5_{%a@{Xmx})_g<f+Rc(u=3@V1OrrUSg%NBvb#0`j1Bp}du`Hu>2ZUh`B8
z^SfleI0icBjX=7HXZc64No42N)4^+9*s@z5BBV#_(drD~w=-9TFsGoLzkAzbt_5%X
zpTs=AN_e|&yb1h0P_P<f{_Ws3|HvBoPaKZlGr`~1i|V)hXLuKC%WLy?IQlr6ka-Si
z?TGQ14Uo6|Ke2z^3Vs`S&GRLaXRBX%n}6k>hP>sq%{&(&ue_C4eh1`tz{8*7F+0KA
zGCtDfF>eV!{7vDZN7p>(g12^f4>Fd2EP^k`0^rZ$zf^du|L%1j^LO~)gZ6hL#sP0E
zr)A3(1K#@o3w>&|^#^a)En(s9S|vmH)4tDZo6n&0X56P^*BEcWK8ImVvdQWJe;?K}
zqwyeW+pX1aZDslSr^(tw>}maNc^iv8=4i;j4c^w{vEa3?rweaoW<|)H3*PE{6L~Hd
zz8z}}TaVU%E&7Y{O&BM2EwmB*MI!$?<g0|g{Y>_sh&*UrPej=?|L7jZu0QJ`e+T^6
zqn*(6l;x3@9b1-yw`=K0p2{fxFCeb9vt29x7QEGI^#f=OvAoTjwXNlc4R^*st1}gP
zet<~Y$Mu;7)zklsX=T37;j&wP88U0_U}Z`%-df)JCmrcAhe5yfe-8Im*=L6Y@TzkT
z_^;7Nj)08ySNV<LZQg7i)K<2PR;PU)$%VY-pBu*GjE!sCsvSQquX(d|ZJ(8<L*CZ4
z9am4XX(1n5?)8}0BK%jxaon>ZgJ9BgOqJL4!T)1vOSWD<M%V>1_I@V*)^1-#@OC`0
z<L4v<*mP~*vEzv?mwo=VcCdT`*29+n7^LI5tryMn$B-#T8Gi%)n*S?Oc)Yp+<Dng|
zwn4_)%F0-Nr#vI?0Dp51?$v_)8{jK<7&9u&{7D$=Mhjo_faAYny~Drp6Nf*y)!~2q
zIP(R_r`3Nj^t=uI59E7EzvZvKz~QIe%<|S>)3Us#W%(zX9hv11IQ$`!9}g<umeIC>
zSp1vv4xU|+uC>Y0*ef^@yp`FBJKc)FAA`JE`IEuhd|ruso(g^r(z0#uLGTGy+4;B!
zE*18Nzm<omNrk`V?c8ns>+qa=6J%_k+VVBlc9uu|{sZ&!UEo(rT-ye0z3a32A<$#T
znYc8xVbN)2R3}W@KaSbC*y^`&b8xOl`Kgvi*s9NQPAmiS5O`g;*zxmoG{#9t-|}|+
zJZ&;~Df`3VJ+O~0i%nN~TkHbKkL6<_W8?k?ytSw8M|MxZ_8m=Y4$`pxPs~8OjmU%A
z%Ieqo%j&dw$bQjd+Q8fS*Y=}UY;xIhU5fU&1-wn`8jR<E$>(~p&!kHV!9&4l@b>xC
zru&+mbKzeKUA8RtnZ@#>PVt&&i<tjsG48Px{&#rp+Ya8^&8~Ci&1O9pAP;{9e>(K*
zI>D~#t<KNpAV2W8{EMe>o}b4cX4`|!r+qHA?aGcVc5Jj`g4J^+)~>YP0RKmy#}v*(
z`+>ZDMqW3cZDrfQU%;yk_k!0k&8}^%zs=i&XF(s_M`CQ*aW?aNan|K^@W(;tgBx*Y
zqwsbe_@40J-i2p3;cv<1y%#J0qZsB_Lg(BE?LB!s=3k8d;ys7?;eO7uts}dpt%JX9
z!<Wn0@)-<Z+vKw%Z{z+Nyv?)j3)wcQZT>m<>)Oxqx+c6tc)J#|{&wAB$99{puEDH~
zt!sGG+D6x$R>sZ?Ut>+M5^32wvNCtzpC8X7S6s+^LZjEL5Plr^>%iXw87sdLI@W=&
zLEYUXGNE7K3_5rn+c$vMHekp3Ls0f^*x#lV!duic%Z(Xkvdscu$n5u&6B_SDgnn-o
zVaQuc80Wp5Fy4C=VWRh1!mxK0VY>Gw!VKSSggL&u2y=angn7Q76VC8GK$!1)n6Svl
zdW(IV$X()Nee-;*zf}Co#J@uPD}7Ipe6^4BSu5eoCA?1Jtq`o2@KqANTH>$qad{d<
zZmq~Qid>WAx7qg$rPtzno^XS&jc}9iH-xReR|q%zUMJk*+eNt5_cmdhlykeJ(=O?B
zNIE;kf0y`oihq}n?cXif<9na<?eTp?xL3-t&$ox%y}nNg`^3KceV>!t_`f9d`}Y%u
z{GNrj-sAj1!g&91!bI`k?~f;UD8Tg+7vOq{4{*IC2Dl!>0k%tefbEhIV7p`n*e+QC
zwoA6?$q_xdq9-rF^*AHI^^hM(qI8P_V+e}_2NRYAxSh-ka64)deH%pICeha_`PwY`
z+9LVdD*0-Yd~KI}wTqq((X&(Z?2>$SO1`=zU)_?g9?91p$=6=VS5}bQb#{>3WloUo
zmm6gJ<ptS(GlE?1{2-URC@B3v<V!?;p2*J+vb`4s+1{l=ws%>O?OhRMdshb8-qoU~
zR`e_vJ#~`q3Q4y<$o5_pWP7g;vc1<xej0*o@3p~9s)xqlM8c-vQH0IGDTM7oZZ92@
z?oLT}m!#V%`R|hacT4_zB>#IP|9d6>`y}07$zObowd+We9g|1t<-~|xW5lj8GQPyf
z_#*yAF>LQ*kuMRPC*kuYd_fG?M`;Y#N14b~h+L(}Rg3=G7_NuqF<cLIF<cKTVz?ga
zW4InxQNBZFbqx2vH8I>D8)CTst&QRS*cik8uqlS^-!AbwB;HPmw@c!6O1v(K*B!(C
zw@2dd5xKoFJbvtp;c=rkhR2OiNXGThOtNQgsF<)suuS|{3ATi|U2hQF6k_|ghS>g_
zLu}_QA-3bz5ZkdW#PzaW<l9BQL*#dcxW0CU*q)sswr5v}?b#h-d-jCbo;k5Lza!0p
z*zXaR##T_iD`I)x+BA&YXX`L-pE<*&oebxEhU0!n^67CaD1KAiO2X#22EvxO`w2J1
zZ6e$g_dGCULL*pD+z8eaKSIXA5nSHz2<}JeBe)-Bh<v8VXNi2a$mfWBF3ArwWh34~
zI>Su`VaTkJcnyMUM{xUT9KrRreFTpe?IU=c=@?<{J>2w;_<;2Ejo3qIMzUVNU`Q}d
zFkUc`Fl2H@ioHfkzZxmy)kqnyM#^|KlFM5>lFM5%lG|;qgs&3+4Weh0=xHTABTetf
z&&aNIqpbc|vu2d7_gK>~itD|Z{6l7wgtv{d?IhN07i=H3Y>};(P6^*D{`&-bN7Yfd
zKc4l6<2io1U`G6pC_G2Pi^RW}Fk}{pf3^763NDYoj^eGB@FwwZmUyk=zg_&>1v}zz
zq<CEtzE}MB#dEti37pTw1kPueFl4gGKV)(f)*$|Hlb>)0VNt@pq^~4_?LVJzxG7Co
zPvK<=n<%_m!k0_<iiD>ryguOt3ST4PYXzG`t|j4RlG{M(g-ol2Z;|k}gq;+=J>hNA
z(;?xzB)lu(LkjOs_=Ljui2uHXUh?mi{F{R~{~^NRCjOvrC_M2X)|)QjnG&8&{=-eq
zLBR@J|1%`KNN~YHY{$xjtX*SGHDSoCILNl!ShM<|QHY0jc988)ezWDEM7aHC>p{uD
zfaw|?ChQ(PhOlRJI^mwt;|TYT&LG@3`cT5&(V2vOqbCsVADu;L5|1GCCuS3d5|1K`
zOUxmRPn=Acn3zi#PMk`Zo|s3NkvN?&GjRrCR^o|-*@^jtIf;dYxrs%Dd5N<LXCxLA
z<|oc2EJ`dPEKWR?uq1IF;k?8%2<IoxCtQ$tHeqSv0$|8gCh|B?oyg-rZKAbn$ShCf
zaiA`d$AJ}zJPy<+ay_m}<Z)niq8(=gxD}M`*&_No1b2%6E^&8Kx&gDF+}H+6;`IGV
zoPH>Y(~nEy^y8B_{lp|rKb*wrrzdgx8A&`oW+w6cla<8lm+T~-A99j-e#lMY^-EsT
z_o>`7l6aoWPvUX5D2eCI;v}9oOOkjTo|k0jkC2(4bRorCkW@ifnsf<aSyByQMba|D
z%A`8N>ZBhL)+Sv?xIF1b!n&k2ge#KnAgoXN3E`@wpAoK3Y9?Hh^dMnF(j$axlO88*
zOxjG?l=K{7bJ7chElDpCZb)h;+?4bhVQbRw2{$MGk#I{=7va{V-GpsPe<s|X^a){m
z(mukDq%R0}CVfq~E9qOp&Lsa2tUbDtVhOvGMiTZUjV9ca6eir8G?s8*(xHUCNrw~m
zC1n%tPdbLsBu^#uCm&B3O3o*YOP)m-pFEc^G5IvYaPoY@^yG61Gm<YL%uHTHn3Y^f
zn4NqnVNUX8gt^H-B+N@*K{z9MC1HN@j|q#CZy_vBZXhg4zMF7f^1X!flkX>7klaF8
zn!J&)Ecr3QisYvVE0ebnRww_8ur~Qc!sW>?6V@en5UxmmgRnmNEy7jF?-H&~?j~H5
z{3pVO<i8TGP5wJ!V{$KHQ}S1Y&B^~JY)STAWb0)^a)@wK@(9A#<bwz|C#Mi@Nlqu+
zntTXhTk-_L?a7k}+mmw$JCctj+?hO`a98q4gq_Jngk8yV2)mO{CG1H)lW<S+0>Zt?
z=M(Nr=Ji@{@<MX=C0|UqKe?LFq%0-$r(8i8O1YXaE~TC@KII0&#FU!}!zs5Drl+hW
z%t*P1Ff-*o!mO0_gxM(@2y;??L71EJBw=34vxGBJwi4#2Y$Gg6`7L2_%BzGWDLV=0
zrTl?#e#$$93sOEHEKTVlEKB*Aup;Gegq11(AgoU5BdksNhH!a`_hMT=bty4~D^lVJ
z>r)a4SEVEqu1-lKT$7SP*pPA<;o6iV2pdz5CTvQ{C2USPj<6-=M8XXzGYL1P6ce_l
ze2;K*${B=PQqCdVno>&GmQqf*J>??8_LM5Zj+9!$ohg?S?n=3euruXa!mgB6gxx7O
z5%#3qMz|;CF2cPjjfDGBeook%@&I99%EN^FQ#KKr@Dqgo@H2#=@biRm;Wonf@NWnc
z!><sA!><#jhj$TXgx@C248Kp975<1YJG_T5C;Ta4ZuoP;yzrNVGs61`^TYU20P3YE
z93(6b4<{@M#}m#AClSsMk0D$TKA5mHoJm*~o=8{`K8mn1JcY12oJUw2K7nv~xR9_e
zd@|vRa0y|3_;kWm;j;->htDHi6D}ic2>*a^ZFn(ZV|WQ+Q+PRHbNEWamhd%%8^YHU
zZVIm^Yz^N^xH)_$;g;}E3Acuu2;0Kz2)BnHB5V&oO4t!@CEOW)ns8V6mxP_+UlVqP
zw-a`UcM$f3e@D0{{3hYva3|ru@Oy;4;SUM>!ha#$AKpu7Qa>Z~r~Z>Ll=?5ixKw+P
zHe}*c1B8jG!wAEvqX^Se6A3d?QwcLu#}Q_wjwj4c%_7W6J(4gtbuwXIDz7(Yr1E+r
zKh>@`0;VXH*DuAXygn*Pwd<pRnJ4b~;$DzC4SE8mG}W#r1EwtXIC58{9#2@A%InDL
z)Dy^En|c!A^3(#tRg%tX(u?Om$xj32Ct%h}{KiyXhc>11I<z@;CdF?_odpb;?o?hE
zrH|otO~#m$;Xlk|jwvC`8gmxO)sEry&GIpJ9W=}|j=6xso5oxW44Bq2T;9!NxV&4$
zy;a<8W4OHA$FP0cCA@>eLuTg~w&$)fY|qXyyngE%!|S*1F`UnyF}!};Glti1d&ltl
zZQmGPzx9sc^;_Q<Ucc=h!|OMb#_KnK8kaMa#_PAZG+w{Or*Zib(|G+BPUH1kdK$0a
zGSYbcmYK%ux2!athqBY`JT%heq}9R>BTa7F?Sy%0j}gvD+d-J0)<am7HfphzD^ANJ
zEJ-^Hh;?Bamw!PTm%lWP%U_np<*!KN@>iyD`K!~o{IzLZ{^e<0{<<_S|B5s&f4$(U
zG`7QPvBMg%Lxb31t=OSa?9e23XcjxPh#fYF9X5#_TGMzPyE%>5v0Kx4{o0ncg38sN
zX8T{jbfj^;?@Z%%vMY_-NoN|ji>@^82i+pqBXWC0Zg1L3=nI&AY1b3>rrki;mv$rJ
z{<ND2O?oo*Cx1HkpHMot|G0E+|MBUZUSc};gK#>ho1V`3%Sh+^Wu|lfvP3>x<Z{xv
zpXR1>KP?vd5|N)L?)l`#zCb$HYiT;yYgsziYehQOYh^muYjrx;Yi&B$>+*E2*Sd7B
z*A?kpul4C%udC9fKGV5fuSw^2-H^`hdTlzl>&A3$*G=i%uA9@jUALrjyWWt_?Rrx>
zx9iq)sn2w-&n@ZvT(VWl(I(~CF6C$!cZaxlO1XAPxjLy_cup3(bc>yO#IAeDt|7Bm
z^z0Koy`ra2^z0Y=n6Ydh|5&z9Xe`?&ZY<j;ek|K3aV*;>JeKW~K32xJv235rv235L
zv2360v2355v235*v235bv233iW7$6WW7$4MW7$5%W7$3>W4YbW8(T-uH}l8xbK8Qk
zx1e2yOzBvjhsws<c_?5i#@hCVb=+8PA1lUk`=}qw?PJqeI}T$XWh}Rg%_6r&<hG8r
z?I&PXkK=Z`W*oQMhH>0(*N(I8JY+h?vEH5ISnsZJtgmw%+p%jL+p&9`wPV2ajBB8N
zv}fF%l<&~NoWHn(Sx@}ItfyA|my3Vh!7}a~Z1<yrCNpC#;s;Gu#!m^eGwvnK$@n>8
zZbma<UdDRD85s`|=4WgqEXvqKSe)@VVM)f5g!3|<CY+zKg>XT}^Ms`tFA$bxY$L45
z*iKj}`KXqB)KWeIrt=UxuZGOLL-{#${-G~J9{u&u4#Lty-ykeI^ew`QL*FH=JhYpz
z`p`cSZkG64B>q;3-zM?5OZ;|;-y!jLN_;b()Ax_(^h4u0{kZX*e*Ab&KXE*#A0E%?
zr;q3KGsgdw@{u|I?}S<7dw~IyGyW@buNM7lM1O<mUn}|>MSqj%Zx;P6qJIPFA7(no
z{|owtnVd|2mBrl55x|hi%S<Mmk(ovqcNq7F_`|qgCLYH9E9)?RzA8J6+fl_~+>Z84
z;P$n50*{0HCUCso3EXe{CUE@y6SyCm!+HP1e>guE?mwKv>$5T_{Z(0q5$?^h{;_85
z#3SGyZW<>Z4GfsxiFt&56Q`40=@Fb>*%3DVfLU<_xBvPhxc#>s!TO6Q@%xvON&Nm}
z-Xwl6uxk?cqrH<@ZlB2Yid^5M8I;ccNj$EEvRN)Jo68%YT|nW9*|P~dvZcRfOMlJg
ze!egJ6oe!H*>;`_nZzT%2Y0N=Ir0p`+#}B+%sbMKJF#ZQk)`C$Ke8McG8IRPJw(1y
z<eNmkS>#(pe!Ix;68TP%?-KcLk?#?C|5047jHB3|^Tb^zxLy3aj^cXl7XPfHS$>yb
zaSppT=dixc9JWWd_=hL6e~Do2WPYEqeDXz9&W6bxf0OvPk~`LHrtny^WpWkC?V8N>
z**Tf(vuiTfXSe9>nJn#dGS|yq!F`i!DSj{EaML&Wa&l)+;e6&y;r5&>m?!=-1oOqe
zNU&J^O9bbM|9o*T5G)n{GQkSLO2KN8s})=>{&nJBG36S{XZ;j@j$bw9dUCIxvYK$s
z6t-)F;99}PDQu@E(bqhM+ilAfw)2K5w^IB~Q|=^eox=TZ^Aw&B_D$jX=@t3DDYl-l
z{>}X<$(Q8ve7!oC^{vVMJ^43?d#zw&F6XaF<ePJO9&gFzeW4Axd>*A!+<S64-Ogh<
zUYFp0!SGaGf2B|5`7dKCuNN|>^1PoV;n`DpzRa1*<;k7O>xeuFpCSJF62E9FuPchD
za=M!Y+o$sQwPz~lD{&gzt$3RCk2RIk{)lqp{ll~_!rE!O371d%GufkV8m}WZOp|g=
z<8iQSnl1lu(>?7Il8evd`bx~>b{)>+cAX*qnc|-%{@HolUUTxeUUTzUZ(bgcuN8Tm
zUS%GaXH_2CyD?AJh2m}#+@8nv*`CMs*hle4n)>Oz$lpk_YWhDfwYX;bzX%(|-8lW5
zTI=5=?w0A_F1PLt(>+&PY@Hq?+$`>`(?i!=|2A>APak%>b$3jUyWfs?+mGjRwI9#@
zvg3H}&pVH|^*+*+%t(OTNHb5cc}5YrTV^by_=zX*`J|i^8GBFS@|%3t>(6Jsp?uaG
zm(T4fKEIjc=RZhTA##->S1oe2`E2jy`P{zh@_8Ovk<ab1KA-!;s(fyDtMl2eYx23B
zc1S*UivC@qzf<&giT-ZU-y{0>i2l8zf1l{@75#mpe}6uY)24viyT5?@Td087$#Dfd
zpT!q&e@QIh{o8N>@86~u@cwN^0k@;90=8Fn0oyC5fbErAz;?|Oy)#5_zF?8)FD~Hz
zQ&Pa|@OcGx{=;)~!6Rhn1qF{2mKN}Hd07GP4_6fM{%~ah?+;fO@cwXZ0q+klFW~**
zx`NFVe|rJfLwf<&bBE-6r{s5+q}M6_T~eN2k?$+u{mT6X&vAYVxx8hCT;7U8uJ_79
zuJ`IfPOr9*>wS44*LPhZ*Y}D-uJ8Inu8&oPY_HXYY>zdCY>$RQelA&C$j>E>h1@@z
z3i-LDxsabrS_=8OWJ4j3Cz}fSJV|RIpEKE9$m@|Ug|^=ZOk3d#C`Z6-FXVlwjzWIk
z*jXsg@rC@n(OD?Z@r7+v?mdNUzrBTA@B73Ky<&$xvBQ3`gPF;8@XusBgl2O4kDJN%
zh@Z*!NSrCpbu-x>=`*=~mdxaIS_C)DWV>&g$@Xp)eVb>p{kF`s^M%jsoB1O0i?7Jc
z{0(8>%y!^Nvw!BR<n|YFc&LcO<BB*uzQ~4$Oj8k;v$;spFXD7J6mdG6inzbD7IA;s
zT*UolOOcG9MY3N~#CG3a#N%yy5zh}DMLZtwEaGuDa~Aird9ygZ`Lj5^1+%!ErL)*>
zWwSW_idiy#&*J&9TI6aa-f}{W$FsVq+zqonqH?v1{tl7bIg8uxE{Weci`#G4EUve1
zNw;Sf*V7(Jf3M)aS!{=1!M<5+kNvaQ9%eSTXa8(&&!O4ep5tb7dyb#Y_DY=1_6pDD
z_MASO+jGWjZqJ#sxgBTC=JtVQHR>7XRA#gNa%Zz0=FPU}PKTMelmANP?mhV*go(u?
zn{EAP6dwr;nYDAcejDeoy_@E+y_@H-JzD0l-8al(du*D+_Gq2M^{{ykx8E&u*e>m&
zuS4|h6n(oyU+0_>O1Dqs_KRHNT+T;$F6SeCF6Sd-F6Se2F6Sd_F6SeAF6Sd>F88P0
zxza8qeuc!Zr1&FE^W4)Z-Cc8K9W|Hj)isyx*FBfpQ;+D`BkAoGJ^Ms&?_8cQL#J?l
z<4)oH#-C#Ii+$2lYAKzPQ=}eF;dJJo!s#qHh0`fLMe=(Jm#c!}<D7x$t3Ji1GtwlU
zdOPWBKb7s!aVn>`^VECE-<-zz@SkS=A%EKa<R3nb)5|7*w2#wRK3Cj%<Q{3(p1uL{
zBTd)ouMzf~{yAajjFfex?~FXcyfe-voPWkOgpFscCu}+6cZ8j1d_}nLjI0N2ytp&Z
zAzX9jj|m&ke44Q7%r3$$XO38J<@V0c1BOh-SzM0Hv$%X&XL0>!pT*_QIg9H(_bjgW
zxO3RP@#nC86VKuDhR<R9rk}(1%{Yhcn|TiF%Q}bkH!iSpBTe^t=TrK%=X3hY&*$*E
z^I5(@{MU+qqxd(S&-rRTpY?ASxptB35V@Tq*HF&-*Op8A<*dJ{T=bN)o|bYh=Z11F
z=caOQ->v1+-^!)Gm2-dFTF&!DTRD#h+sk>rXfNmWOh-Ad*LRk)U3Qi8IMrFs<5O2T
zk5Ap@JU;c5^Z2x<oX4lV<vc#^E9dd4x17hPzH%O){0q4rLJPSb;udl}#4qIZ5*Kp5
z!wb25=?l5s84KACnG3l;Wi90W!0d(g96s9XLf&`DUAUa;CvPFI^JgsNb$|Xsehw&F
zcqN4wFT94ZWa0IM^A@fqoWJl^!UYR?|E6@|o#ZZC_*24)g-wK&3)c}=FMNowZz0#$
ze#xg<#QF9w;`$0L;_}2T;`)kT#Pzjz(W4Z9-y%7GzKHGDw@CCY;&Ph`miJfi`Ib<H
z=&NX@`0*87AImGGJyvk~D=IksdXZmM!RfCSeQPSXy>wKt9d=ecP5O3Ka69O%;Cyt6
z{_YBHM?Dq%JB7H#93H=z(@k8=>4q0`y2TP+BH{BSe7=M)Sj^=pUCj9^Tg>IGSj_pV
zT+HpEdNH@-<)W`n^sNwm^`dXJgs+kC1_@s);f<1Blcd)y>9t6D8zj9=l3wd#F7M{W
z+;6rl=6<tvG54Fc#oTYUFJ^nSFXndKv6%bK&c)nsb}i<9)47=IscSL!o9@NjZ+aGU
zz3*Af{buiC?l=1ubHC|b%=3ERVxHIcFXnZssp9$FU&ZUCP!;#5xT;@ryQum#VYrIx
zDZPs8DWi((DYJ^}DXWU>A-js}A*YJ#A-9U_A+L(-VMZ0#Lw*(8rKpPSQe4G$DXC(+
z%$M{QNP4A`UYVp<A?a00dexF%t)#bH(yNp7R!DmFlHMvwZ?&Yiri$yKp^EEaZ57u;
zV-?p!Qx(@ka~0P^OBL6{hAOUyO;ubEtyNqPo2$4Uwp4LFY^~yYXshCS*j~l;&|by$
z&>{7(Q|h5p%HJjB@0RlSNcs0j`S(is_euGCrTl$T{{2#ZQ_c4FSF^oC)oky$YPNTL
zHJ3lJn#&)q=JKakbNMr>x%`>cT>h+TE`N44mp`YP%b#1#<<G0;^3SN|^5<7``HQN#
z{3X@gp5|3^dzxR(?P)<Zx2Mu-Zck;^+@30`xjj`@+x8SNdoK;sd&zy5@^e$~r3>i&
zkE!8u_-i=-p&CBF7gxjQ^Wtkbe~C5xJP@v7{pmH^shwxkaDFpuxcz6<@cFFl8n#zX
z4WIAJt>N<K)o_2AA($`nMKwD}UvUlFt3>qA6TS0m*bWOMzoj+&yQQ)kws%DhpGT||
zJ=Hb8BYm|se12?s4fmtE8a|J>qK3~Q){ES#8t&JtYq<Zesp0x)sNwovTf_4}V-2^9
zCP}wh%HLAM?Q(<Y+f?%=rQcd3>w+47AH7A=-75BIlXSLAI_)CgQN!mgcZz$Lq}M6&
zy2L)+HJy}BkJxRG<Zo{cpSRp6cImC*_Sh%&xnJtpEa7_dFX8qRTJjTW7ja9ZoiAZ~
zBrbW6(g`o&^K$7+q@6F}_K>-R+jrIyeqPKL`J5$Oj@%{OfAf}bJDagY+PTOTE#dkp
zUc&9FWC@S2^OkTsnlE}5EaCbrUBdNMCi*HQpOs6vUaO@XwNkF-OZYr$-4bp$D<s`|
zNoSSlT`lRXS;FnOVF|a#wGyvU<eDV^&64jHDffmYT+f@9a6f8YBIBE+vqj3cmFzX#
zl+=C*yAC(=YCj>IU)xJ|&Rr_~Wht+xW-R>%{sB|F)b?Ne{&6Xf2j(&!59%-D-|wxu
zjP1Ba+zsMxyv*BT<27Bz<3{skJZ`jH#_e;HgttogW(nUS;cb`kImGSa-+md7FCCZh
ze6>r$J0-kJ!n-AWkA&})@O={AE8+Vu<8!uV8IPx-W$ca<cjB@b%71uS9ASpIGsT^~
zEP?!UmhrjDyk*Jcp0SMEXZ|wIXVEg5Hzj<YgwL1o1rlDiEREt<EXyFQ7I&?<>y{lx
z{wtQTJ?ll!s%1PrtdZ~r312JWjS}9xjO(vu8Q0$ik!xLM-(QE!W(nUy;YS(UMsVN7
z5gudt(V(9TkDs@jt-_B7{~O^af&YW>QzH1|BlwvS@~41*SLDx(kU1}cUj+UiB2xu^
z>?F?5GVn)$p9B0E$mR#HxBGcCU2{F?=&86j8F&lGmfP}o3ICFdxAL`+ulM6V1CiMg
z<Tzc^@O|D8^RGZ=rtqJDw|B)@y)k(n(>$E{<;dI25ym_Z|KW&xeFXnf1V4VXBQrCZ
z<0e6V5$+kVIu8e5mhR}RKbZMPpubu8KY?$H;L9={8FLu(Rwg5YZ=T@D<R9+Hltu9N
z!cUtAn^yi25i$|{O~RjqvTqc=9Q>RkS^mf1FA=^C{PyFFc?vphUDO}XG6~rp(+&Pn
z_}liAkGletFN@&oBlzYBzU)LtzCMD_%y-gyX*Q>IA?*3lsm!ke?~^vs1b$V8BftI%
zr(UkV*5PNaboe>ot$n^mxjq&?@i^$e&XF1aV~1aKqr<O{;G5Ant)5)ip)G=c3Ga8b
z{d^R`$D#pS`DsY&r6%TAPR4iA)-iu3{3l{h#mZEIFWbQUh0s59BlFLqyo)0Ek6YQl
z4>CSnR;KCB0dMvE6nb_%>B#IrC0hS2)_=3(Kj#^Tzv)?r|2TqQ^qiyrCh%5|O}88T
ztKe<hnDa}=e`5sShKyPH6_CGvtJ9Zf{>st05xkXo*OvVS<{yQ8eFWbu{G0G^-sYtB
z@r%q4n~wav<m9LOUG^VyB<_glV!k04eM<PV;s5b_?4N_UvF|fq2Hx~Ae>G$>_c(2=
zB7$#;;CmwZy^eh5rw)IKm&dj1p?~8D=B*7^9>l!;2Fbbzep>{;JA(I&cH|F<;0q%7
z@(6xik|Vz@g5Mp%dy*ZQLn8Qs2);amUm3v{q&soTBlwjO{JIE!TLiy5g7=Jd^c)hw
z7ew&Qu#s&ie?Yx-NAj?#`qvjQAA1zWrTNUy0`Iwl@1M18^^gd@;5C+c6Z*DA@CCnf
z{O#Q<R{!W@QAhdAPXg~LVEz>F-DS*IBCU*a=5GLBCj5Qin<My)g)H-mm5Jcjt!4iu
z(7F3(%s1GynwWnE{2{`B0KP!@&{U+`%QFA4Y32JU&$&lqj4E*W{8O2~1pfJ_`TF~B
z^E~!n3xBhTd7J0_2)=o-pLE(hw?**vRqX#X;+9qW`*n6l@b#BE{-(y^>u+{+Hb?Lo
zw>bX!5q$l9?Ee<hs(8fTKQ}c$&i;Myum2VE<8zSzUo&sVlkRQIUugY*%l!S|+u9wO
z=07msX8k{8K6DIp{v|@@-wxmA50FicflOO~`HR431ev$#w#7L9Cgk{ck7WKv$d|=C
zGTjNxTb<2Gfqr||Pjuu>jw4exkNJloUw^hEZ_Z)=Kfu5H2abRKMeP5D)qkbqpRtPl
zM@&YZ8yx@c2;N>`sAGNxc-t?sA)o&M^9#UdtY_ZNab=sBf7<##&iwmUUifdo*GKTp
z5q$k-N51EoK!06l{EGc;KAX2QfA$o#+YaWh1)necM)38*zXiTq_^-jY{Ke7PoE7XZ
zS3NF+vgI0sF~J<cytQG*ROW5|yYra0c`*6R=R>|s_@&^R3my6VB1b;+<Y0eUTIM=@
z**r%+<6`D*`^l_wWQrpAiU{6+wIkDVufrELMer{<eCDw+{dwq_>hKlQ9DaMA!~2hq
z;7@Y+q6mIff#aV!*WoKpb@=VqIDF={5&SI<zrDfXvARJ`{5<HvlPzu(1ma>Rb3f4D
zXw?kFf*dyoc}ybk0U$1cGV6iqz!u;*;Df*n;6p$xw#~!9EZ_!UHgF>_2lxmu5BMl>
z25=KFANUJk5%4i!G4OF<39uDd27CgD!$9UqU>)!&;0oYoU_J0@puyiW)(w0XxE8nt
z_$}}`8}7wTqBb1(ymkBWlw{q&Us-p^m=`Rf;J>zrg0=-uhxQ9W`$4uT&Ic_3T?V=f
zbU)}L5Uxe0yRl{h&jnop!WCX-JLrCx_(9O4pl3mCpw~cegWd=I4b%(z3KWCfB!R|(
z&I2t3Rf3j-egwi0Ztezc1HBFU6!bX=!zA5*I~#ZwXc4Fqv>dbobOY#C&|RPw(6b<P
zbMqny-PC*z+7B8QG#Fbk=74fRvq7hU&H~ke>Or@F(CksmwnnTKai<>WEzrlHuR(zr
z*aL)aU}k}qf_?~E1=<AqC1^Y7O;8u;PoO@~Hy}T1A{mqh$^ab($_7ma<$+EF%?6c#
z&IeV1sz8^4)`2#Gwt~I@?FWsB#d9O*NYE6}bkIqlIiS-(=YY-!Re&x7T>-ilv<mbf
z=o!#<P$#Gx^bb&A81C=_jRzeL$_LE_od#M4x)O9F=vL5Opmm_fLB9jN3;HwYbI{iy
z&v4iZln%-P%>tbY`aY-(bP4Ek(6yjjKzD#Pf}RGw3HmE&KWGxV?rhL$pzA=7f?fb^
z2mJ~3Z%{m*wbMblpc6o|Ko^2;0lfwK8|X{WH=y81bOO-9ph=)}K-Hk@KzD=Ifwq8l
zfZhgqMnN7l33NPYF6biA63`8x+d$2rO`u<bwu5$oJ^=j#^ere3y>B!q4Kx9i1DXyx
z2~-4H0J;!#G3Zjzm7r@uKL*_iY65KlJqv0By$*UGl$-#Yf-VBR0NM%q05tL-v@uW)
zXddVq(A%KDfqWSHGC)&7XM+}kE(NUstpu$BJpkGb+7F7s5Sa{`3pxvQ0jLIa6{r>T
z8t6^X`=F0OpM$;y4abGpS)ijp*Msf=HG&=mb%H(wU5LGqO3+f!4WQ>i+d;2@-U00e
zc~a1SK?i}tpbStJ=orv+&^4e{pj$yd2dxKf2DO1c0euGYVbn_oO#n>>oeL@hRf1|j
zKLq^<^cZL}s25b03cG@?1YHNZ2ecma3(!-bZJ-WN59n{8FG1gcjvRyj2s#c_0y+y+
z2D%)y0rUjudC)e{PSCrc-JrjK_JI=9u>S>`2+9FX2Ni%yKo@`(f-VMK3R(%e33M;0
z8MG1f6zDZj7wB`)XiRAbgYrS&1Dy@J0CX|vYS5jadq6Fq$3UAwFM(bGy#e|F)C2lE
z=u41iEXE$t3{WAc9CSJ8TF{N42SJ-an?YMaZJ^gdouKzXAA<IP{to&A^fl;PPzY1*
z2$21b?ikPn&@rItpaRgzpznjqK{cQ{&~2b5(8HiM(CeUgL0^JmuveA{ngTirR17*5
zG#~VRP&KFybPecMP$Osys1x)hC^-Y|3{(vI0q8o=YS7)F`$4UsXF=OQZ-YJr?FH=z
zjXnfr038CF0xASmgI0oW0j&c)3~B{E2YMCs2B;hKXV9mhFF@adk`G0j2TcIwg3bl~
z6*O-=>JPLY)Cu|k^a<z-(4m<qC#V*5J?Jh__F+gH^c&D_&_2*VK`|3BUVsuo$Aij1
zH-YX3-3Mv|?Evip{TXBq#~q!Z37{NM0caj*8E7TwHqbiIqo8L&?|{Aq1+y@>fDQu{
zfKCIQ2U-TY8T2aXGtlIT$UEp#&|{!opwB=lM_`-;T?JYVx&!okP#-8|62d@Nfo=rd
z47we3@BhQzdq77~{f+xmcQ*;yO<O`XAt5B2kZd+c6Obk#gd!jyAR-_lA|fD7q>D)J
z(nOkw2#81*0g*0Enuv%<7Xbkg5dmrcXJ(we@9W8rqv!AMdw%aZ@8LWTpL1vD&Ye4V
z?%Zh^cn=oA8u$Z><j{s-FieGS;T}W=X&=x7R>4s?4d>tr+yO@}+ZK``2t8m19D>Ub
zQ=Ik!FF{`z1v6j^d<n<kEL?>@!0`}$8e~8@=nb=B9$bXq;2xxvpg({LPzO500GI%8
z!#r3HTi`4B0j|RDpqHdALKYN<a_}hBgs0(IcphGcKJYpWgYhr}=E73g3P<55xC=@t
z+6^Q^NvI5Up&>Mf7oZdLfIcu3#==7Q32uX0ns)=h13@SS6`=;ygQuViyasQ;D0mCr
zg%4l}Y=kdhKb(d5GBi=B3{Sw*&=xvFFBlGE;T@O<%V7%~fbZcfTmk39j47ZzG=dkP
zE4&H=VH&K2wXg%eg`eOS+y_@#>IVuz3S>Y4N<vw96ly{PXbNLsGJFIp;WO9_J76z-
z4X5Bd{0>Sv#uX3;MIZ;t!DH|Qw1AhO8}x<YFd5#5Rj>*6!nbe=&ciRDmS>wnDpZ7O
zP#2m(Tj&D4VK}@6@55qP58L4Y9EY>;Gu(uGQ1B7@b7%z3p%=Ubi(o74h2wAu<O;M2
zNB}=%LwTqTPs8)@5_E_DFb1Z;ELaGi!dBP~hv0iS3zy(J+yO^L))V|t8md4&XbjK7
zi_isnLSGmJ!(a?dglRAv=D{M^1iN5Ad;{OZX*dr*!*B2hNR?PN6o6=mhctKu>OfOy
z3*F##7z*RyZCD7O!+tmdC*dc!3OC>$I4V=uP!x(mE<6ggparyr4$uPzz$kbd-h~D5
zF|2{junP{tNjML`!F}*np?yFWRDzn&4#vPt_z+gZM)(rGg7XmlDE((4wk7}9hbQ4_
zm<KChEo^~<a0#x1yDI%H1fUtTf{ri%hQeZ43maiO9EKm@B3uKx8skSuhEh-qTEPp@
z2Zq8Fco#l|jqokp2DLiJ1&D<t2*ATo1?oa;=mmpdG)#hpuo?Ej8TbWmLhNJgqfi<u
zL0xDFt)Vl#3WH%B?1mrV638`ZD-a7Q5P*_U8EV6G@FH}BfiMwf!7^A2+u<O52PffY
zxCgG9)Gfq8A{2vMC=Hb$51PXB@DjWNuR=d~1BSy`m<e-X8LWo&umyI)J~#wN;U>s=
ztP2!`WJrf<P#YS+Q_u>YhfdHN-hg?q7*@l2*awH;BwT~LP@ooNhQ`nuI>Q852b*9&
z9EHnp3-sEwM@WNK@DlWf58xwM4(nhOY=;BzEgXl7V0@s@35oCsG=T}Q2zJ4KI02X7
z4k&dw20#!>!DG+}TEPp@9VWm`SO&Y`2>b%h$Eh<&f*_QF$KY{j1}&j0EQ8hX6`X==
z5LS<I38X*(szW_!49%e<41{Sg8y3NO*aAD@5L|@x`m}wh2(_URw1Dm~1V+JBm<b=i
z8rT8*;T!lKet^qx3)BXb4Lnd2T0j@*14G~~m<{t_5qtul!58o)+y?at`XWe$AXJ1}
z@Dg-~K`<P~!BW@?d*D3$3~ED;&yWfaK^1rco`&b36Lg0$Fa=h@5x5RoBl-sLLNeq)
z6{rs_;5q0I<6tp-4aeXd+=A%F9Je6@N<d|J8T!H)m;oQcde{R8;S^kk-y!}<+Aaj(
zVW<YRpgueWt)T;Sh5qn1%!g0l3)lyT;S~H1_aM9p>jO#PhcZwB@}Lp4fle?GhQSnA
z4(nhq9EM|X3H|`JDcctcK{}Lz%1{d$Lu+UUouLN|fHz?@yajK=d+-q~hfiTW`~=q^
zsu}wQBtbd^p%j#dDo_I&Kr?6q?V%$Kgb6Se7Qr&u1^eL}I00wjBHV=gP~a*0U`T?Z
z5P;H951xcp&>lKN9~c2sU_LB?b+85Y!nbe{?m=X8#^+EB9)W652cCxK;1%c(L*XrW
z2i}DRuoOOn&9Dm&!cn*kH{l*QpC*6Ego;obo`TlU9bSjoFdsgJO>hXlhqG`EloqsC
zNQ4Y{5;{N^=mi5|7>tK0Fc%iWr?3&ef|Kwg{0cYW9yp(2{UHvLp%|2hs!#`>fY$Ib
zyaunsa2N}dVK&TzMX&<a!4}vJ2jM83fs1exq?WW7NQMl^g^ExMo`5FM657Gb&=dN@
z2pA9Vz=yC7cEJHS3a8*4{0z4tvK9Lg6b3&8p$t@kJZJ(fp&fLBp3n~l!)TZTTVN-g
zg@o3eyFqPe2(6(VbcV?=1D3;9_zrG@`YhWF5+Da^L06atpTSnx1()GA$ZZ%CKrCc}
zDj9cAjPE39l9MQme;#flMDgX|XsIxFPEz>hU51p%14KzuHYp{!Yf_5T(o(uqM)FG)
zm|B^s^`)v(bE%rtitpaG<&H>4DNpLo9g){~uB*S)P<n%J)4wS-k%mc4rQy<Z(g^7V
zX{7X`G>T`vCP*(ylbB-$-=3c%b&?iJouwsG7ipFB3SW=yDs7OuNn6QnyVO(KEA^80
zOTDG9$@PRZKsrgzr+Gf?j5Jg_ORhhX>ji0?bV(X7T_@+e<a}S6ENSvINtfS|T=Fa_
zT%IRI$O|R6{GsHLSMsIU)qGWGtrR0~mSW{Cl26_$CCb~S!txHOsJv53llMsJ@?Oa=
z?~^j*1AI00D=A0*S}HF8AeENSO6BDrrAOp*QbqZ^R9U_tRgr&^9+fXi)#RV0I`S2%
zp8ShcU%o0em4B65$k(J+@^8|M^6%2C@-3;Cd|T=*D{>#XfZR{^$OGjV`E@x?ena-k
zZ^{MbQF0-9tn8EDl9S}ga<crkTtuEB7nNtr>GE7TL;gT6CVwbr%Zue4d6}FmuaqB>
zKb1?$>*Uh%2Kixmvs_O8LViTvDOZ&D$d%>&@}u(Cay9v|Tthx8*OY&d^W;l%E%|4;
zw*0$XSH3AfF3U<iIZUZ9M<@;CSf!!tRT|03N@F=gc~UN>G?5=tn#v`WX7VFSbGf4O
zv|K}JA=gu$ksBy2<z`B2xw-PJ{G8H8eo1*wepzWN_fXo&uPQId1C{pjFr|Y$LU~Dk
zOX(=TqrA++3!UWml`irJ$}92`rK`MJ=_apHy33oCp7IvuRryP$m;ANzn*5E@TRyJz
zkxwf9<TJ_u`JD2){FCyA{IfDdzN!qBuPMXi-<09<b!CM7yE0O~p^TDmDx>9F%2@di
zWrBQLnIzv)rpWh{x8?iFJKQ{+F3ai+Sy5-nn)<G+t8-+BI#+h8@5?Ur1364xAcw0T
z$`R^fIa2*tj#8J)(dr7>tFDv_tDnfp>Zfvwx>in8H^}MgM%k}!mILY*IjC-xA5yo;
zCDk2rX?36cu==%JRy{12Q;*2y)uVC+^_X0d&%#z#Ps`QRGjetH2f2p&qg+$HD(9(x
z$hFklavk-q{J1J9jZ|4_qAJR>s;ab6HKncUP@Y$v%8P24(pfE_yrO!Pu4<IhP4y~0
z)I!Rus!!>yCMtc@!b*QNSs9|HDnr#YWw@HIj8HR`k!mqzl$xWAR)fkIwYV}?eMlLn
zmQg0C<&`OF6=kaWsPeX2Rhh0<Q)a4<DYMl)<z2OwGDoeeysy?*7OGDui`0h7VzrU-
zvD#Q!qCTlCRhuZw)TYXEwVAR)eM(uWHdj`uPb;6OEtJ*jGs>rGD`kz^T3M?;tE^Mo
zD4(gFmGx>@<#V;WvO(>kY*c$Ho77j8&1xTItJ+uDruI{|tNoR|>HuY*I#AiKzOEcl
z2Pt2vZzu=V!OFMlo67g<5apOUR5`8=Q%<VGl^@g*%8%+u<$^j&`AHqETvW#>m(;P!
zWp$kLi#lGps!mXTRo_y6Qzt6FtCN&J)XB<ib&7IFovKLM+ls7BQxt8MqH41hhxV@G
z(&i`;+Ixyyo2x`??<+CdJS9&1K=Eqxm4ey=C0<*o6w*FaeA*%<N&84i);?C!wIxc1
zwp1ymEmN|z<w~};QVD3QlpO67C8(`da<w%|ac!+qT3e?)tgTndYM(3Rw2ex6ZIkkd
zwpppDZBZ&|+mtHW7s{jBcBQJeL#eLqR36iIDK)g+N}l$mQcK&T)Y0}Tk86jO`r5Zj
z1MP^?Q2S14q#acnYu_tRYR8l&+Hs|+c0y^Uom8IEPASc`)5_D@8Ks5xgYt}aR%xmI
zs64NoQ#xqpmCo7)rMq@Z>7m_GdTLJfRn4WoriH0}v<S7IRzMw~MXIlB9`y|^N_|s{
zR)=UY>M$)<9j?WxBQ&o%QY)yA*5cK%S|N3umY|N;eCk_TqB>DaQYUH2>J%+SovIa4
zr)jC`bgig5Q%h54Yw7B{nqQrxWvFwtOm&`COr5V~sSC7hb)gne7il@_M_R7BSSzl6
ztUaVI)k>+$wbJTJt&IAK_OSY?R#siBl~dPg<<<4tBkJc`1$Bc~QQf3fQnzT8)va0;
zb({96x?QWP?$D~KJGJWSF6}XOw^l>_Qmd)%(el*2S}k>-R$JY#)lm;<b=9x5$JK*c
zJ@sp?zIsS&pnju0p&r&6s^4mj)FWDB^*ilJ^{CcF{a$OT9@Cns$F--_6Iyfir1rFW
zN^7B>)}B$%Xf4&VS}XNOt+jei>!hC7I;%fvUDS)(E9xb!t9n`MuKuF+P_Jt})tg#h
z^$)GTdRODSsQNHf)<>wCK2mk+qg0nZRt?i9scwC;8l_KFz4}bGkUmTG>F=wF`Uh&V
zzCbOif2{iTC2BE!xtgV~RI~L}YOcOkeMn!YR@AqsmGm#v%KCP-ioQdAOy8;2)OV}3
z^)J=O^*w5ReXrU`-={vQA5fd<2i2zfH)?bJu==$Az1m7Yrnb>fsO|KV>Wlg*^%ecJ
z+C%?AeN8{B4$#l51NAHFApKYMP5p*CM8BgB)$gh!bx9kgYuZ>nOq-yGYm@azZJO@Z
zX6PPmo*u1zpvPzn^f+y~?$uW6@!C2)LEE6GX`A$PZL{vzw&)q!Ry|YOrsrs1=(*Z<
zy|}hhFQM($OKE%cvf4hqg0^3;q<yVFs(q_h)sE<mweR#M+V^@>?U>$7JFYj^PU=r<
zr}P%uX}zU(PJd3jptsX5>OHhe`T*^UK2W==57MsbZ)m^igSA`wo7x}x5bcgWRJ*GW
z)9&lTHN`PPQyn8UhhvoHbd1*Ajxn0YF;<IqjMHKqZ)tIkiCRI&BrU-)S@SujXi1K#
zTC(G9E!8ny%XZAravU?YpktO++VP(Du;YELtm6Z%oMXOL!LdNA<XEUZ>iAHr>i9^j
z?pUnVbbPGUaV*gucP!N!I96y)94obEj#V1py3w9-tkGII)@si>KGU9atk<4*e6GFV
z*r>I4Y|=V7wrU+6+q7PeFSI_69oitrZf&q*pElHSKpXG)N_)$3P@CxZTASqfR-5cN
zqD^%i)n+=5X>%OMwf7w-wE2!x+Cs-^?L)_p+G58!ZMoyTw#soq`^52+_L<|N_POJd
zw!?8%+v&Kj?RMPIzI5Eu_B#I1_B(ECUpek*-#G4S-#YGTM;-UI;|@tb;gI!{4pl$x
z(DWZ1x_;K-(9b!X`bCFJzw8Lte|ALZzd8!&*Bp`h?+&+q&*9M(XOylxqxA@9j2`2R
z)8m|8y^yn@p5%<zlbs2As?(>ZIg@n1v#_4&OxBAzQ}k?S5xuxGRWIQzs+V%6=?^>8
z^$N}my^6D#{-`rcujVYNS9g}uA9I%0YdXv5dCrIRy3VqCeP=nnp|iZ+#QBK+l(T}~
z+*wg?;jE-T<E*T=bUv!Lc0Q&*=d7u>b>`{qoVD~9oVE4#&N_Mr=M#EIXG6V{^GUsn
zv#H+A*-Y>0Y_9imw$OV!pV9j|Tk8Ftt@HuT*7`u_v-%+CbNXOsTm4Pv^ZHO{JAIh*
z1$~6Gy*}Fcl0MeiQ6J~*q`&3ttWR`y(Wg3J(cf`))n_=n>$99a^mm;-^|{X8`eJ7v
zeVMbbzQWm0U*qhruX7I2*E<L5pF3aIH#!IDo1Jgy+nj^-9nLrPUCyEUZs%})k8^~+
z&pA^6);UT);vB7?bdJ+cImhciI49^oI^WXIJ16QFoRjoR&dK`E&MEp;=T!Z7=iB-X
z=QRDM^Bw&U=XCw9bA~RvX6mYImhN)R)(g1a)uUW<bg%0@J>E4}PjJ1jC%We8g<T)$
zDX#f?nrngXcP-R2T_5V%u0?v#^^soOwOB9X`dEM1wL~xHTB=uZEz_&Imh07BEA%|q
zD!q>D6a8`5r+Nd|8oiNgo&KcjGrgH>z5cZ8bG?OYlitd;Rd3_krnhx{p|^8w*W0^x
z=p9|V^-iuY^;cYb^}enH`T*Bg`ast~{SDV)eTeH@eVFTrKH7C$AL}}$k8_>YC%Mk+
z(_9zycU(W|(_O#nvs~Bp*{<L9_guI2d9FM9e3#Slq08m?$W_Ymv8%LWiK~obnX8;*
zrK^JD6IVsYr>;tlwXVvJ^{(2E&t01w8(f@ip61NXFH2nK+RSscW)vMSOPOZmXrf3#
zGivLRrIKcp^_u+W9IwA=&->a+zVB^L?LEf+ok$xJ&9h|Y)ZY%<QH_m!)z3^j{~h1J
zG^3sU_@bg2?fBNtxh79qKk=8T`7Pt2nOxyDf7dq@<+t3UckP_>4%<=o5WWIv&f7W^
zO+U#M3p365-k%kT<%*@<O|jRgWD&jvYtE71GS;@|c{y{csF!1j_Pomq+iPBghv7Pz
zzY|LnbL3ZR`K_g>$!XnXsk@n<$T`1g6Q4HhZT@b|5w881QMpi*-*QE%zC9*O1I#(R
zS9r(4jMj#t*LkLVgqb#_qVi`OszI$;bvik;jPEXSEyVnt(ITvE>CLm-TGVCkNSITL
zys7;8y9=RtMOg~gQvRH`SZLmRU)m*DJY12cnYr9%OV2i=iq-70lvnL7m|2Q%U7Ax<
zR@p84mrxt;&m2}=wf>Up*5>cdhoW`Q^DS00?Zh5?>YC8JeZH{MzI?`R5pNf@qh?KH
zX^}avHr0;)?Kv)<=bnqXjQo~%tDn8xi98@_mF2-D__y=RuT&2%!M`)dLD_C=<9XuP
z>Jt}5*-@7?MOtFk+U95N?c3`USz2YLJ@Kt9turHIUaPO$$@hgfnQ4{U+wFecG<!e4
z$J6yz%jq@2PJ8wnyKSsz4r|^A&mnUDyZN=}@mH&5SB|iwzFqk;vsqG6=897kX_uLn
zG~O<Yv2IqW-Wg}7{o5tTFTeciCBOB^Z{7#juCeC(|FVrlP3E^;v5W_AnSVZSesgU2
z%|4oXqwF^HL#iE#BgA{5W7#)@l|S2V+&S*0nCsSencdbFBrDP(Gff<Ea;w?-{W?IF
zj+#?X&E?%2GdekptHEZpNLQrGX7pVsn!3+!u?<-6HFIhy&E5lQk#@^WGx}_6j}krg
zr^~n(VNMk#ZPe2~T8TAkJD+Q}8O8`DEYx!uM^5V)B})HBBfGAaxs^YUq3cw8uU+0i
zmLkktPG7Z;`y%bj0d^fs{fR5h=I_oPm!)_!GL9OB&1g=jmtVBsUh^vl?dZKwH0Uck
ztwxev(lVi=!JX&ql0F_v+uzhq8#>S)0aR*bZ?~{?`<OR3w0#HjJF5p-e^dVRi1-nG
zj#c_vMeJUsD^Z$R`iUIlt)uSO&)K7;XYbgx(P@aimY;E)wvJ%NzHhC$v8QC2xfoGN
zGpbtMuIJW@9f|!z9OL))mZkFM9J3g0RxzVvFW5D{&Bu4E&9wZYjYnju&R?dAcHep{
z_d3j}rznfn@6M(yP0h4UNp@@hA~fnN71~q8D5yy&O|(w2jHcW>u-a+A(B30*nZDQF
z(jq_6Cd)9IYiX9{;n2JyXHjNR(oUhhXXq?@`z|B0j@bE)HcN!oGCg#hxzX63BauGa
zn)h?wQ?`!hb$C14N^7&(?j!CGveSP0p66=JGVfqtuzt6lme}DhY5Dywzx?vcCBNS#
zmat1uip!N<%%y!BD$DwA+*vZy*1l#(Pi?ZtW^*sw(Q%`7n!QTDx%Rq={KPWGzGLqn
zB2E16%nW<YeFf|&BhijVrrDA4_eiZiw$j^nv^um$iJZmunB=s#>ePjHl;0ep^#6R`
z&Xepq_`B;-n$bvKvvxlU)!)!1c0D&=YDY^>+0l_uv?UZ>4n-S7(NCdB|DAVz&1IBe
z`&vEM;RE*GbBUvsl_nyQpGY&tde-(G`LQewH}ktr-~QLMS1Z|5kDlS)uK7D-j&Wx6
z`yyGIVn#m^S<B5YEpm;$RhLr-)|T!Z$vsMQ-Y;npR&+kXo_f(|M=v~L_i$ociWVl?
zhG++(Z9KR|<d@5TVj2HVN&hz&p6dwpaQ}8Y_@7w2qTP$q=eGy^^L{PAdKNvu=p9FL
ze6xCi2lw~+^+^ATW&F>sA<@P~UH#iz;eU1wiFy%r^>5eEe_|Q`yA^m}Cp0?DuebQW
zS3{!Zh%NoUZRo#l4^c0ouKw*B`oFh*{}ZMEPb}kqYv{kW$^UF0@t@ef|A}S%zjU^f
z-xZb;zuQ*`R&C<?nt8TZgu6Ue6c@VRQ|G>Y_3fWW8KEnN`OW+2>-IUem|E-={yLIb
z7Lg{RPn+6vEGTWCPm8I^arPB|k=CpWf641F`Q`V!r~25}|E7k@Y+MPnt}%9d(!Sa#
zt_g}|Odc&uOUz}o<Ib`bJ<;4AtuG#BrzM=@UX1xWakX(~Nkv*`rsaHZ&mnT@8Or%r
za^7SuBhOw-<Lc#hGi}Q?`^v=T&+KUDIy>4JDuF1=ydJW&$DFtCExR3v=%3%q64yM$
zJ%?W<yVjHh`x^Jlcc~5Y+E;ClEFCmU5YF9e>z<8BOYLT_rE!1D`rV!Gb}pjsMIGc9
ziM14SoZ#62Yt2u4?R%~_w#(9Cvn-41*zGE}zakwo(;i)6UzNNQX_uvB=yw-K+S@n#
zasEo7IY-i?b~}CT0#C-9X+J${->VGPx9epYYiZSnxNh5*tz}&)`kJk8MQ20NI<K8`
zMhCmSghktF`IV*nH})Q|{B8Sc&#5#!=hNKHu*xUVBCMsIe8P^NX<(PM2K$G#FBA?%
z{p#6icgWeATA90tR+KS9kuI2PKE8mx4CDT#wWWu1)!ABe<65b8)#|_$I}+C{2Y+bq
zgZY(NlrJ;c-WT#K%P;lq5*XXuTHlL9?D`XJV`qfD=4(H-mphF;>WZ~hL(zlxc(Erh
z?4wB6&3V(fc75Bb4Xy~wnKJi^{uBK{UU_?)8&6qSYc3+uZ-}%xGwk1qNc`@FP}^M>
z>VY4;mZAq<9=eh$^834W^$_>?tadex{>r)zl3$wG<Ha(TE|n#xS>vJ~@3zyv8voDx
zx=AnEciel|wfBGq_hc#3T*iuKcA98c|4vkoJ0aGZi|D~QKlpdUxSkzjmbpbqyWKxH
zGVZk%GUwRO)p)D7_>?19vY95LjBo8HS319E@6%%M79*p?Y4%icohxj*eLPwdRHSq>
zXX84*)khfD`K_o5cilt@vO^`XB9V*Hmsr1hGjs>FKfRQdCXV}}q@sMH%tl!r`Ws~t
z%MkY~j9j{y`@ZPc#J!lMIg0eKnX|W!^5^qDVyhZ;`q!ytN7{8@l+?=E_+7<N9axcA
zBe5Q$Uh=C`BbRD_DNBB7B4<%o#@#P#%NTW4>;G6+GY8n)BiCU^S?}<apE)YHMvJhb
z7B%dn+P+fumc9^*x{g$&`sOmEQFiq5FhzROOzSw*jzpT+=6Q@utgU~swtWl`HT3pz
zyHxLS6t~u>edr!qOXhvrT*iw%>|?i4L(iINqBV)M{Gvvo`!1J$v)9cyUcO-F61Z&l
zP1U$pZk0fkUX-eDXsY;Kep_bQyY`mp5!xF&_qB5tYc5)+*w4cl$6EdFi}&pFfd4;{
z=xxOlW#TEb{GO5$qjlr%wRNXj98<(pktXhPi~T6SbB(_{_22$oer5T)Y5%+|Vvc`1
z%G)YSFPkm)U?}?M+xP#?ImCHrevzojzq{T36TcIssu+4sL8Lu6`n%=JFPHr0{pY{C
z9O{e3y!qw)chf{JBKo`Y=Jz|1i-`X2?;gB8^2_DlPWyMtoL{L#&PhCZ*3Ik>MB1HD
zpDoh<H!}WWmwnt9Bkl*+i*en;dKx?!I`hh}Z`zb<=bYbIKpgF-ZnKZ)F>&_zU_pu<
zO$t3hawGHviI_u-^(tMJ|9rkgOx;q!9>0tq%HKRN$94YD^J|aHm!((DR+8V;x&;-f
zpE*_hZeu8ye);5*-_%K=T#P5#-Z1mqc$TMa%xD(Z^{gj7#rdGPu4mM<HMKY+P%ARh
zto6`BSKq`la#wgJ+WOsnu4!4@D6KV5L;htw#2hY0eb##fVvcfL=dyCy)zQ9U(|4jG
zO)_)w?UJRp&FGo2_Bq&BgYD&xB(j!UKNJP4*w0RPIW9}H%z5{`WItVbIrO}!@#ew%
z=G2^5?X}Er8Di?Yd+agcL&N#|4CcJ+L))l#Xd6ukZ3W|b%%$e<#Iu*YRR8DMtg+@+
z>BW=0qOQIR<-9JG^GBhaAH4PRdmdPnz}Tv5%u*Rojaz2~Vw;OSCBOYhoQH}z#2MAr
zL-tia<7wdy<}!w}v~6Z2=FoW$!y4a5vu;)$h^Zn!ktWI_%J<;1?5xN)75=hZBR^|>
z^LUoiI^T*6J%4J{hE=K$xN>LxZXcyTVCEv$sP-53xtiEoBF(5>YYs70q;&{A(QTY-
z95!<nXEEX&N36L>dp>mD;|`tA_&5``%G@ZF_EIP<zL{OmB0uB0vbAnvjf`Hvstx{h
z#Gg~gbhEcxolADw*H6jPF|*9`A6KL^W+c{9)S9S`{Oa$IP~ESj-?(7rvcI$<T`?n3
zSE2-BxngO?yw^i>Snb)^-)@^};wqhJ_u>lurMG2CDP~-Y6eTszLtSRtl2MA}HY3qq
zL@O~`j`cLNm{+X1s8g}#MycY={2p8?k)Nnt@szh%bEE#O5{T9$<}F1(X<aQl7K%ij
z77X3x5z7$s=2yPvqw~p+>qyoz?$UQ!d$-6XzxE<(xAisq8T!Ib`^ohDmMhj*)TF3g
zQR8B{qFxfp+2u3pKJjnVeSRhQda~V9i)9pY*!{-JNV_lb-L$VyimBqAfr;(y--$K4
zQq|rEjq(-!KbCL*tID5u@v3q+Bg_1q5fwM12haQ9sYWhk%v`>iZI?wv#Y1mPh%~jj
z{ktdWS*;!<DRh-x+-coMFKV?7(Vr&%!WRe3{j&5~yT2E8u#GW;HMJE}tx?O`8uqAQ
z9Ak#R<~JtW?x`Em7h9tTF~?cOo_BdD7f~CcKgchwd7|BNj3bU!7UPIxMaES>D>AO&
zT9J!6Dws8C9FMHD7kAoktwwRR)=Cp+1jgQI9rKK9xz-ru?FBM_t=Q<1PQ7cVRhwf+
zV%|~3?b_J!oZae-D{X()?nCyo;(zxl?4-$xlxHqClBk{;RVHd|Mn=xf&1gb9`?>$~
zp}QHz_O+h-U&hGDS|d@Gy(jD~txd4s(hzIzV+1AUXl*XTc(>Gw#`3mjJ2P#NZb!G=
z_A+846se;*^)_|Y)r`cuw8^xMXZ%J@8vC17_r^Q2y+X_AZ$`!)F>7pVyjf!XuINer
zHkLWHJ$=&%GZJqgi#N26Qqpne)H=*-9e;bbv5&P&xk5VGoGMCXEKQWk+Iz&iw8pz5
z)6F@IH<hhuI%Tomt~TCswxZ>$?4_LyjSja-eD}$m_rJVN6e?en(9zzw2Wi!=(Xy>F
zi>ugTR3-KgvG0p{ukil)eY19N^tH<p-_MRj54Vf=&*z(^TE%j$y6Q4tmKK|7S9!+T
zN_!;I?n{i?u+nC=wztQA?x$F_w!N~wUw%``j>LQ09YRyHX{T0gq!qE>ttxPnal5(P
z8#nCe)+AY4VWt^x&#y5f<DGe{O&agfTWw=$7v;|qJolyD{){)ito&y3j*~UV@f~*U
z8t;5tZP$3C-imsJ);EpOrd5ApTqnkVMys>lFc;f5hdZ)X9n4y4*Zm~6xs{8k@jTjw
z)rv)X7HwR#wL(dD3meaydRANeFK=cqkpFxOTeN%e=DpYh>T=)NTAJ~`pOuT4nqR5%
zD@%UuUgQ#1mU9Sm%k1i{{JFIvS#ztEh!!T=)lo{d&74D&K-9)RuY>&dU-9Oj(f?V!
z_p;EKMvO66v)5Wzh1Row>^4hPlp~WB%_r@EnU=i6-h1vfwcE={BI|e0Y_yMM)5<7+
zrqx=`U%)iyHO50$JDtNFS*t9`PccR}r<T}kA0bK+Sx3q5H`!zPlDzkM#{Av;j8Lrp
zK-^i`##IulWuKpCx9pd9+j~Iq(7UB4BJBNlK34;*ImDH1afd_P^~mpDhw(10)tZcV
zX|2e3m)45JS{hr`N?XQ$e!(og@m8(1T;p9;YpU^9?G<yXXidhOf7i`4<6T<oN=$zF
z8Sled`H7bE-`}9M_US{6hpc6Y<%;)a#d5{5yZZ>chQv`)OwI53HaT>ZEJj<ij`8`m
zNwFUJ?a4;3VjVBV6$j%@`M(|w#4*6QTWYlkF-LqayR8}XT5V0Fy~mlgRX*cb(bPOb
zxI@R)SJv~lAI-Wq&NQu@MRb(bDQ6i+><`&LoMt4Z)@fqzA4%oyv5%j~YWF8D@>ej;
zIZCrv#F|mF6nhz;hWc^QpBiU(R!K#@TpMLCL$tNAp?&KFXTsLf^6Rt3S@~6uU2B~R
z+mRY;N4t{k$QL>*&u?j|Pugw#!|(0(JbH-Ta%MBSu}Xj3VQ*Ej^=JF+G~+6wRWHVS
z*4Ebl$ZJPWvTs>wV&3B`WGTU{KP{BAI1V1@WN-5muiCXyB=kEmq7ZFp_)7j3w3%Oi
zEw&R^>8xX@sDo!7xBIZYJhx=EFtHDc(TK4pTWvStMZ2%t$!Nsd_ft4Kw)W6jT@}f1
zmSAk0ECtNSQB{#jn32<^NM+3^kE?@~%t*WmEL!mw1?*nWcwWycm8iAlJfBnDoY#0`
z*jldfmb0~P|NY%zYpU_aaBXuAaXdP3!rrQ)uEaQ2)YS=kWviqq)IkF?7vmUe<!p={
ztw_9gEJ`ZgmA=dP)GD8N`cCvi#TM8jfFFM2uPmE;t+5YUW7a1p+DE4CjA`zh`}riI
zCT3YgnsJq>g_%~RzddiGDfV*3k<K^@Sx2V)jzSYcJ?3wW0IVZoH@3MoM+@?^qGHsk
zHT4{kRjM3D57r3u(Yf|^6D4iF%Fd;4O?zI^5{J_gt-JrmdbBau!>CEC4hA!?6@AIx
zC|ZQouYIx0-amG{$KMw)=M}Xp`qN%BxDH}Y72}9ejC`#!i?WEcm+IL$i?juyG3(eJ
z_Sp8|PP@e#qf)E4n8@hb>Xm<|kF98Kx8kgaRpwDw$=NK+6r$c{6w8wm1I?%@%N=4y
zkFai|%xKnsYxh=uF^mr;m{UIw&G908vNf+LvsgC~&5E?kJTlMjpEE*dd~-r+6?o=z
zs=181U)pobWEnHfw7cvdbIqucZnw1zqJ?H!Uye*xjZY0l#;D5L7lwq!@|#1oCbpaC
z;lw$UxEmyXC+<-_cn<N*)3w_6cw>=>Xm!>Y#Aq8<UuX0dR?8NBqA|`{Vy;{Bg*;<z
zMz6DFte)^a`h#_5+TA#wDmEk0ibXC%D%<T!^hlquZ*4c{5F-lX8s0Rs<wVfxtaFkQ
zp-7B)j3ewGbKa+E5!SVv5s%rCajn2wqw)MkT-mYGs)ow4A`~?mW1oW+u40!oj<aoR
z&uc|4R#}WQFY8RiIP<b1akX32Wc+0NSdkh!i!L3?CBHdp_fn*T<{JGN+PlRW{V>Mp
z)|PpKan2F*ccQLDe!tO*t+jl2ygf&Lqdw!h)Cn^eaV{?U@on$R(s^_0;LuULOlX86
zj@Z5r>{0F$TwAw}_Qp8Os<lp`G?BB2@>|AC^849b?my3Obg0(i7?=EY>@B8>-cgKC
zMVg4-4~;=y=GvjPM)^$@YxGs9^o8?T^ZeHL!E@~Yfv?n<wIN0dVvjQJ6k4S+{>F@T
zOn!x4<qvZXQL2|{f7abi<2t%E#vH(2X3cAi$fRszTzrl50EZcgdEY<9*JjN$@3Z#O
zL@rkuA6WgGnB!;m#u#%B@jJ1!gJ0Qai^jbUtDk%;!X95mFuE>e&byprvek-3`HXw1
z#(0G<CGgj$(#_~8?zCD_ej`xhN}#pA#-3vBzmJ5@IXxVOtYx@D$AHLyomQB04XbyY
zyTDEpYboy6=C_tc?~`qoPpo-=uGU)pkXSd7pO`9^Chi@J?Rzi7-oC~=99A1QMvQ-L
z?P82B_61QxmsoRaU(IifF3OT$NsYV651H%s&qwg$>bbE-*701NCm(LlNWsjxWa#Qb
zGA*K_nI_H$C$d*md*JV~iW#lMcskW;8?}4eZMRK7o}M-5t@0gT5ip~^p|nRj@U*L$
zW*l9fG^2Tp>z+0v;~f}lj_&-<nktTi;><tyIA26I=NQJA!P?8j?-J&5N6{?bAEEP0
zANg5rBZ<hm3fqtK1#3j%3eC~`ynWPtjAQK!<}%iY+V191+ZAPrCKs#BvqMKZ<9z>R
zb6(>K4Xb>jEXFypb!0dCacl1pM;Fm!=65g4IHq(nbFRD4KKhB{)}5#9vHbI)EAJOW
zrMmHkebo3m6g8)<S>>Dgqa8I1MU@z>TXj(96ULL~a%V8oA81D5Q|u$QaZI*Gphmq|
zQO`X2&v|<@eztlBv5od}WVh<z&@B6R`7Oi9Z-}`xQKz><XJ{XB&C=?XHMW-ZSJ$2+
zvPMgjLTO@L_s_3s{qs5g%Lw@k`>hZ0xAcrHILcfj@z(*xlT%$U+co(`QF~N%=zBZz
zIPIxX^mW#m&82VcvzVPP+IJ|&AG5CxUS4KTHCmYU{*18&t$CklYVQ@5O54B7FRg#L
zJ%?zg#x@t{R^!bzn%~pT?>CNR*8V1r5aQXRzndnWoiUz-v7UZ1{xY5wi7}F~M_JE3
z*neG7k&5s|5``~{7~dqx<clQ6x7eM;S$vm-YX?#UE-6Lg(tM|cdw+bTM3L(9rFYhW
zFO_f?O^V0$r3Bo7@0QSS@YNFfCB9jr@cocf+($~oeffF`dj-o;q}N%3A`OxP_zfwD
z2TR5An=Dh2hVjJ{%Fp*s6uvG}7LSt3<Jl}<k>2HFe+u6zse;!^Rq;B$fucyCNj30h
zzJsDjTlfl!BJHH43STd&hYwIXMf!>_qbQOrH^vUR33kfOuuE=^!{in?TsEHnkC0pA
zNVyG;mfPZh+zwZf+vBEk2mGwuks51*dE!d$MBElD((`f`;&zyxLGDW29xHr<q&sm3
ztVl1(J&8MFMS4x{Mcf-xS8{LSzL+yZxi4{lO#R6HiQmNR>+(S2p_sao2N4g)v_5$-
z@kmUK$wP=oV?`Px4<jCnxf3Oiz~kjnq)fny^p-q^cp~OGG<h8HWUNS2<O#%6u_C=K
zPb8j(73m#$GM+9^C1nOyq?vr{g{RLj+en^H{4VCr33(>*QmjbJ<k`f_F?ToQIm9cm
zBCV3=5`TgfX*J)8k)=;D+gF}XycV;4`F4yfeTEfjy}XF{bF4@k<i*4rF=u@865`F6
ztuHSl-ij%?vI0+2R^fM))p)wH2G3B|@tc{L<D0S`f2eH0i<C|HBV`L-tQhwjKgKLq
z*^WO~cH#}nZoFC9!_+NUk+v%P@HXWDDPLf&-zW$1m&zghwQ?9AQjXwnl%x22<ru#_
zh85|!asr=FPLXmFE7A|j8GKebiyi7Y>{KscmwFLLsF!g8^$Nd_#EKNFUd3_hHSATd
z<3j2UoS@#~H$KeWLG?CHSMOrKdLL(~e0WC6RQXRThS_sf9XC{+xS1M;pHd@mb2SpT
zQa$)NH5xBeWAS>`i+8B;c$b=hcdLo`OSLfGqo&~fYAQaYrr~c?KR&Ex;uC5XKBETk
z4{8vfRg2>v)e`ueS_+?6%is%YSxWd5R-{X6d3;%|fPYpi;j3yD{Ht0O-{i3kMY^Nb
zz<1R=d{3>7@2hpOq}9W+)&MJ7L-JHHwW>A7;aU?Mp*6z=wB|TcYk}QbOYGHJ;{>e@
z_GxW#qSg*4YwdB0)`8rLVCq)uh>K~RaF*5uXKP(?Nv%6Bt@XrZv|jjOjqeaiWwpMz
zoYo&#)&}B7wL!S5HW*jahT!VjFkC|$fop1`aGo{>*Vo4320U`WR?{ZpM%rZDm_OP~
zAEiyh&9v$GC2c0|q|L^CwK=$-HW&BT=HUU_d^}!Th$m=^@LSqqJW*SMCuz&@WNihW
zqOHPHwbl4-Z4I8Lt-~|4_4s3L174zSqBfRd_Ihm#@p8;wqirMJh-oL<cD!HPiNDi!
z<MY}cd_miXf6@-%i`qeaNjrouYlm@t{RlZUz_eBUC~-r~TI<J%8)J?;`U&DDm>SSe
z5jVrMWc>_rbIg@%{VeedSdrT6=ZIg#iqu)ZfcxkdabNv1?x$a2YJW^E=~wYU{ThB<
zzm5m#H<<bcrhnFN5x<G)WA)qkE&VRuuHVNybXnner1NnhX_v0!FLftApoih#^$2`J
zkHj~157r#f*zJhLsSd9qOOH9?aScZTuIWf5y_ushe%6tKKXIhu?;L6Pro)d5IWuvB
zGYk8i0i5Uz;v{Eroa`)tQ=Fx6X=fQ+)>#%m;w+ErIxFDEot1EXXBGT}vnp=ltd83_
zYvA_IJlw-s8^7kPi~Bn3;r`ABc%ZW(9^q_^M>?C}QO;&~oU=I|?`(l5I9uZR&er%t
zXB)i6*%ohbw!;^k?Qz$z4!B!bN8CNE6Yde#1@{c=ihGB3$Nj^4;sIg3@W8O%`1P>9
zcu-h>JUDD19uhVP4-FfP-whjrmxm3*E5b(Lm0_dss<1Kmldy4kb=U;_Y1l;kW!PlA
zCu}O-8^)K5q@!We@eg4$@%gaX_(Iqmd@*b;z7#eOUk;m(e-2xSuY@haSHl+LU&EH*
zJ7LT4-LMt-Uf3$^315w)!q?#F@O8L&_<H<M_y$}ed=oAmz6F;F--c_1Z^t#mcjCP8
z-MCix9$Y(oA8s6e05=Igh?|BV!p*`D<EO%p;O5~+@zdeQaEtI0xK;Qm+&cUWem49p
zej)rEZXbRDcMZRY2Zdk8?}uN(^TMy<E#cSjo$%|l$-9_!3BN&nA1hLP#4X}Nn06R(
zo7jhGhY@#)lQ3%(ai6#hW^5TDbN8-dgo+=HU{{f<MmX_f5n;GSL<FuG5sC96Jh)aw
zG_D;Hi|a&qas7yR+#n(WKM|3LJ4O`7FGr-{E)l8tm54MvD#DLPM`YqL5m|UvL;%l@
z2;z4misLmACGgsaQh0qt8T@%fS$rg-JpL}C0zMj13I7&R1z(S-if=|#$G0MC;J5;L
z*ju1BE?A&0E?%G>eyBhLT&h4rT)IGG+@Jv89h06Y&<r;$&>X*9pat$!pe25#Kx^E!
zKpQ-|KwCVfKs!9PKzlsDKnJ{_Ku5f&KqvfBfi8G^fv$K*f$n%`fu8t>0=@9r0=@D1
z0)6p?0{wAV<UkxAIS5BY4#w$`L$E(`7%mn$0%t{z!jDCc!8Ibs;hK>XaGS`9__@f*
zxLxE_{6ge3JScKHej{=w9vnFv&y1XdXGPA%b0X*A_af)x^^ptl=aGx>hRDVEaO4vF
zZR9e1G;#(0K5`WfbFaqX?lm~ly$-wG>v3WC2Au5Pgj3vGa1r-5oa)|=v)nszwtF|u
zb??E&-TUxE?gO}l`yejqK7>oT594y~Be=Z#D6Z;0hO4<x;F|7JIM00s*K(i5wcY1%
z9rp!X*L@K`;l7L;y073)?yI=7`x@@*zK*-OZ{R`hTlfw4Z9Le07r*JgkB7KrjV<fu
z!*kMDw~pU(JMlz!7@p*gz?0pPc#7MDr@Eu@40kM^>GtAz?s&Y=oq#`dC*no!!uTV1
z3SR6^#UH!V@DjHluXJbPRqiZ&z#YI}xr6wSyEy*FT>_tVm%=}~%iweFviQ8aJig$r
zfPZyY!q?nY@C|oWeA8VW-*VT$f4KATZFg;a$6Xi8o_bjEG{E7WhB(607<)WTaFnMR
zj`lRiF`gDU*3%Nld0OKHPaEv>w8cd|?Qoi>J<jxWz{NZrah9hO&h~V{0Z&()<LQn|
zczWWJo?f`Vr#Eik>5ChA`s2o)f%rMkAl%k77(eeBg4=n9;TJq3aA(gb+{H5nclV6L
zJv<X|PtQdBs%J9p<(Z0K^Gw72J=5_3&rCejGaC={%)z5PbMa`;JUqrTACL7c#N#}R
z@OaN+JlV4ZPw_0n%RMXb3ePJ1iDxxl?OB7r@T|kzJ?rrf&j!5HvkC9=Y{3UT+wft}
zcKoepCqClYjlc8k!ACv&@b{hr_?YJ)KJ7V#&v*{wi=HF+lIJM?#d8c_^_;-JdQRbM
zo-_D2&sluka}NLExqxqbF5>v8%eYX~6`UA#6(>bq!-1&lI49}`4o2O=xly-q@u<7F
zT-1GBK1$}QMWrYeSLVZ2oNGrp@uN{;xN1}ct`-%E^P>2+l~gM#8n=sz#V<s8afhgQ
z{8Cf`?j4ng`$QGSeWOxvzo=B)KPn9mjq>ARQJHvDR2Ci`6~JSnf_Q9HaXc=n1Rft%
z3QvwIgQrB5#j~Qy<JnOa@Z6|M`2DCVcwSUh{6SQ8JU^-iUJ#Xs7f02`A4k>2yQ1ph
z-BAtj-l&FnUsPj!JgNyk5!DQzjB1WgMYX`EqgvvNQLXW%s5bbQsJ8fOR6G1@RC|0a
zsssKlsw2K0)d~L*)dk;<>WbCq?pTZNiCxjXa9DJ293I^lM@09>1)>My$ml^hCVDWA
zjUIv@iXMhbM32CwqetN~(PQvq(c^H9=n1%H^hBH&JsH=Eo{AerPs5F(r{kv4GjX%%
z+4!mGIk<WBT>NzOJlrCBK7KZOA#M}B2zQ8Hj9-dgf;&eq!(F0R;8&to;jYoEakuC-
zxO?<E+&g+b?i0NMzY)C&502h~-;CadXGd?x??&&$bE9|T_oMgV4bl7X#^?ihQ}jW6
zJo*qm5q%h+jy{6VL?6X5F~@Lh%n2M9a|%Bca|V})Ig3lhoWtc}F5tYFi@0&jW&CW+
z72GrCDt<lY8h$J0I-VJG1J94Sg+GkBjhDpS#hYX9<E=3=&lv5F;iIF{z8D=Jh;ibt
zW5V#Um<W6#CK6wW@!*Rw(fHSxSbROki|@q5<GV2l*b$qEU9p96cx(zT6q|}0$EM*Y
zWBs^EY$k3Nn}uJD4d4#3LHtr|aojPs1b#WT6z&{b2EP(p7I%v+@8EtGrr(RLfM1WT
zgeS*V!Bb+Z;&)=J<LR+A@cP(1d?2<q{w}sIJ{nsOe;?ZbAB$~>PsBFHr(&Cs^Jz>A
zk8Os3jctx^#<sw>Vq4-rVq4>Tv2F1E*tS@YYlj_i?Xf$q1NOvq#KE{uxN=+<+%~Q&
zel@N;el4yi9v;^VPm1e}C&%^0AI0^@i{l33kK+d6C2@oCnz$i&L)<XDF>VAU+=Mww
z#*M<4;>M728Ph_%<8U$W1f1oah=bnAIM+KBm-0@-rM=T}8ShN|uy-~t>z#wkdFSFL
z-g)HK6mvZC&c|)N3voy9BK)#<G4AADf;)Sc;V#}4_!aLe+||1pck`~n-M#B@5AS;1
z)4Kt`=G}z*dAH#H-feiWcRL>C-HAtgcjGbMJ$S5lAD-krfG2wo;wj!kc&hg>e%pHl
zPxBtdGrh;~Ebj^Yk@pnd;5~zPde7or-gEen_X7ULdlCQOy^PO#uiziOSMhc4HGJE9
z9pCZZz<0g3u(RN8>?(K{hZVe!!wbqz`m2I`j#nyBkdtRAvY->Y3x;vM--8)B6pX+r
z1tW2>f*xF}U^K2*FcuFk=*43T#^bF86Yv)W6Y*CCjd!z-7fit?3Z~*41=H}&f_{9f
zU?z@@&%zn;0bDgch`YrX$FIegz`f&3;Xd(Y@W}YGcyxSuJTATho)BLN&y25v7sOY^
z%j2u#74bFj%J@9ICB8P^8ebQ0i?4@w#5ce@;~TPeyRag)EYujcD%1qGEz}G@U#K~L
zp->ClwNOjkyHIQVMxi!%c%im<Y@v2|N}=|6W}yyvZlR8NL7`4~Nue%yW1+72Xrb=-
zY@wd`=R&>kjY7R~rG&n?X+nSeLc&1YHDM5bHDNIBn=l0TOBjaVN*IBsB#gpS6UN~8
z62{@V2@~-92@~<Wgvt1WgsFIb!Zf@fVLJXeVJ2RcFdMH+n1eSa%*C4%=HVR)^YPAv
zg?LxOBD_0cG5#`P3Er2m4DU}^fe$3C!e1q<#)lKu;A08v@DB;=@!5n8_)@|qd^uqY
z{yAYAzLKyV|DLcD-$>Yv|47(_Zzt@-cM=X@m+v5s_8r0neTQ*^?+8xu9mPd_$8f6e
z1kUiC!U5kIT*7x2m-L;(5Bo0Qvc8MBg6}e}=(~a|`L5#1zH9g~-*uelyMgQYZsEGV
z+xT(cU0lz1A2;#IJkQy}r{b1A9e4B@Pk6rU3&Wj!5x9#l62Ic};O@R?+`|`(d-}Y%
zmoFZ_=1ai6eTlfAuQ2ZKOThztsrU_F8XoHN<6*u`Jj$1a$NB<zqA!Ri`-<bKz7qIt
zUn%^KuMD2<D~sRtmB({@74QeXN_f7n3SQu=iWmB-;}3l`@FHIx{?u0+ukqEz>wNX_
zXTApbb6-Qe+1D6v_cg&^`<mfzea-Q4UkiNN*AoBcYmKk_+Th=PZSf6XJABjE-X%-7
zFh>nv2P`Lc#A;$E9G=((M<#Z~af#h=p~RjzA+Z-On%EmZoY)taP3(^!OB{%wN*si{
zB@V{j6Nlj5iNo;7#1Z)2#8G%o;u!o<;yAoLaRT0vI1%qnoQ(G+PQ~9PPQynNr{nmf
znYc*OY@C`j2WKbE#if$w;fhJ~ajm3<xN*`V{7lkf{9@7)+%stzem!Xg9+|WXPfc2l
zXD6+}3zF91g-Pr2(xeS|S<)uFJZTGFk+co3OxjK@t-_3pl6K<FNxSiuq&;|R(muQ`
z=>Wg^0<)JT9mEHd4&kqp4&y^fNANdENBPZR%s49P82%yY1U{Q|3jdgN2A@kh%WuwO
z_P(TZxJKa%xNhN#ct+vNcxK@%_~XJ?@sh&V@TS7o@#exe@ZQ3=@V>&g@%h4c@rA<o
zv6L)_v3-;IXuA}i%mr2{BH4)(lf!U&as>7#N8+4h4=$A)jmsy;;_As>{8(~4ZkL>Z
z+b1XDj>&~_m*f=OJ2@5iNlwEPlKuFd<V^g2au%MK9Kh?7gLrFl@i6Ktxdie4<Wl%R
zav6Loxhy`NTpnLYu7H0^u7s~8SHZWFt70{!I@VHZ;Fy#=9Gg-br>4}!MN{hG5-APv
z!zm4Mos`D7Zb}pUWJ)vqbV_sFA*BWGp3)NcNNJ4+r?kOurnJQ~Qrh8}Dedvvln!`Z
zN=N)fN+-NMr3*fk(iMM`(jA{j>4|?#>4ndw^v3s6`eMCEf9xtU5Qh~Rgd>X##_l3R
zaD0(rIJ3wI{7{im)JX}<-c)1^u2*CnZdhaj?ownTeyzx4Ji5qKJhR9&{C<(?cxjQD
z`1>NW@!2AC@NY%tVm);p_NLCqNvR8QX6hnbHFYs=n7RaaOkIWtrLMr^Q&-`+sjKnI
z)HV3?)OC1k>U#WT>IQrybrU|7x&>cK-G=X`ZpZghcVbV`-MC26J-A%aeRyKg19(!=
zgLqoeLwIJ<!}z_TNATjJNAbr+kKrXnPv8|rPvMnC&)`)>&*D#tp2Mq)UchULUc_sQ
zUdHQ+Ucu{&Ud5jmy@t;hy^b#wy@4+ly@jtAy^Vh_dKcd)dLKun$vlrxBu&MsX*y0z
zbK+oH7|u<Lz{S%d@xy5zTq!L&T$U<hT25LlZjt82Ez{z0tF#2%IxP`*Pb-Xjq^012
zX{q?lv@|><&5wtsW#VCJS$JMr0Dq7c#2=*<$G6f-;6Ktz;X7$%SfVezEKW=>kCW0X
z;I#BgI6b`z_NQ0H8R^w=>GT@7OnM%EIK4K0JiRWimtGIoPj5h;jnW(9R_TpNX^k1N
zq&LCs)0^QJ)0^WC=`C=V^p?15dTab<dK)|>y)7P^-VP5-Z;ywkcfcdkJK~Y)o$%=N
zE_h6OS3EYoJ06$b6OT{th3BUC#y_X`#n;n~=Rt0z55#xU2jRQvgYmueA^3j!Fs%4T
zVBJ3oyZmEtn137&_fNoa{)sr=KN%PDPsK_8X*k6{9T)Y_#OeOo*zcc%GyHRLwtpTD
z_~+x|{)M=te-VDzzZjSGFTv&f%WyUS3Y_O(g=_g&<J$f;xQ>4vZscE&8~ZolC;gjn
zbN?3nw0|3J;opv1`gh`X{@wTm{~p}lzYo9cKY%;=58}@LL%56oFn+~<1b6ix#oheJ
zaCiR++{b?k_w}E_1N>+4K>s=XrvCyS;=hQ8`7h(){wsKr|0<sBzlNvyuj9A<H}Ew7
zEj-JA8^7<ri<kKC<E4H%g8j&^;?MltY?D6sJMk`m7(VQez_<L7__p7J@A#wfUBB_}
zwUXh*u8epbmXUzNGZJx;jKVlIBL$~rq~b~$X}EHRA6Lo9#E)iV;TjnMoR<;AwK9t1
z+8HHqlZ;ZhX+{~`ETb%bE~7kdn^6HjpHT_Fm{A44lu;FT%&3lE&ZvPqW#r*r8MX1q
zjJkMMMm;<`qXAx<(Gai8XpBG0XoA;gG{c`~G{+k<THuWtE%By|)_8M98@wf>E&es5
z9ln;)9;=xhu$I{o>zSQ!TxJ*S&FqTfGrQx2%$~SHW-nYRvp24s*%w#I?2p@L4#Y2J
z4#JBw2ji8QL-41W!|-RBBk;z|QTTA?7<?jg96p&j0iVsBh=0tSjDO3Vihs|XhHqp}
z$9FSl;*?^uaq(hv@I%Gs;*!PY;Znus<0{1#;;O|K;cCSe<Hw3E!Os+1hMz080xv1H
z3NJ0T8m}(425&324u4&2Jw8-y13q7D6aKB(7A$3L<2hj&(>AiU6RVh7$};}0w2rwJ
zk+qxHiD@}mdx*m@wU@OICuSYMHM0)lysSg`*{s8OPu3B<H|r?gmvs!^$vT1WWu3xG
z_8F{YpT*(X=WulP1ss!o5yxg<#&OwKus8cE_GMqgMY6Bs)a)BLGy4_}WZ%X)*>~|n
z+4pgYY`FmSmaXCn**bnS+li}Yhv9135jZb95;x5D;6~ZexN&wYelpvOn`X!3X4wh&
zsq94jbar9<Ty_d>o1KbZ%ud5yvi<m#>`dG@I}7*A4&b5LK|CzGI3Au|0*}oug(qc~
z!IQJg;&-yk;~Ci%@SN;Q_`U2Zcy4x8yfC{u{xG`+UX-1OKgzC+7iZVSA7|IYOR^i_
zrP&Sfvh2oqS9TM;JG&YFI=eakF1rOjmfaE`&u)!RX1BqovfJX*+3oO|?DqIVb_e`Z
zc1L_CyAyT<y5QJAR~#4Uj=h1NxNx8sP7d_OnSs8zSfD@73Jk=h1A}nIz+hY{Fa$Ra
z48u<bM&KraQTUm_82oHt9BvbsfS(IY#O(r;@e6^exKm&n?i`qoy98$9o`Ko;)xaFw
zD=-(o7MO>72j=5GfrWTPU=bb}Sd8BaEWy(P%kVpa6?l4J6`m1Tjo%Bb!E*!a@RGoK
zyfm-@uMBL$s{&i_=Yef_Lts1J5!i`$26p59fj#(SU>`mmIDpRu4&w8HL-=OkFuoNy
zg8v8{#kT{;@SVU3d^d0k-wT|<_XB6KlyeTtITx^!a}ldKm$4(~3U=mP#jc!dI5Out
zcIVu{o}61aD(5zi&bf<Ya_(bqj?7=TNy|}jdJYd^NRQ<>agCfXTr(#EzmyY+JLY)s
z%Q?}wQ%)@Ioa4n^a^mqTISIIHP9pA>Qy6#8Nx^+`QgPp$G(0lLkEiBj;&*bgB6)KM
zQ&%|wyfY_=_vIAF`*TX*139JeS2<<y!JM-A>zwlV`<x2+SWYE;Jf{jiky91_m{T2}
z%c+6S=j7qbIkoZ6Id$=soO<|rP6PaVPD6Y@r!m%pO|T=_3_F9(u`k#HCk9*Mq+n}Y
zIM@a!2isES6iiPNY=?7#?Qt;J0hbJR#N~pWaQR>t{7A4Xt`O{wD+YVwO2J;ZTCg{+
z9_)*21^eUL!GX9=a1gE=9E=|i4#D+;!*KoJ2;3kz3O^AXgBu3N;irQW@XNu8xKnU4
z9v7U7CkLnDDZ%M@R&XYs9h{9n2+qOtgLCoX;5__sa6VoVT!@zj7vWEWi}C8<61*<B
z41X3}f!7CD;myI-cuQ~%-WptocLvwveZdX*P;e9eCb$J33vR<Fg4^-g;7<Hga5ugf
z+=G7$?!(uE2k`H~gZM`95WW*UjPC}IU?uk`E|7Z+N9LZup4?M7D)$U7n0po%&OL{d
zb1&eO+>1CP_cG4Ry@HG7Ud36t*Kl_3bsWgOfpc<i;b87<Tq^f2E}eTHm&ujgj1_ZL
zTrpS2m2#c9a&8!|o*RK5%Z<b}ay__aZZyuzjm5Qcy|`X(Jg%RcfE(l{;wN$o<A%8@
zxKVB@Zk(Hjo8|iPQ@NSAO>P!$n;XFGa)bEA+~T-%ZVB8aw-kOQw+!x@TNb~TTORk$
zt$_RGR>J*rtKb2-Rq@c=>Udag4Ll|{50A~Qji=<+#Zz<Z;aRy2@cX$9@x0u|_@mq=
zcyVqs{Bdq`yd<{;UYgtT|D)_o;3T>0LSM;dClK@@0fcUW%mxE;?bKaefq-?+basy3
z?wP%!Ha#=FyPcgY-80$UAXgB9AR_T85(FfONRY=Ph(Hj5AcEofe1JS3!80mI0D*8x
z5P9EU9o^M4J(D<}`TzQV)xWC#^*?_1ANc-*P2dL(wtycwxCH#@!8Y)d2TuY2{9p(8
zse@;LpFX$>{LI01;AanB2mGspJ>cgKZUMh=@GS6e4xR`8?ZM{(|L)-Pf%hJKA@Caq
zUkv=_!IuEPd+?>ehfll=_^63j03SW^O5o!rUIqN=iB|)!n0O8FNfW;geDcI^0G~GT
zTHw<sUI%=}#Os0j#2bLd#G8QT#G8T7ns^KFs)@G(pFQz5;BzM44vZ$=0gNZ!39L@M
z3phLRZeU~LJ;3>i_X4k(cptDe@d4oJi4Ouh6CVP0Cq4}9O?(u%HSsavO%opnzGmVR
zz?&!j9QfLaPXXUJ@fX0~oA^uM?@xRh_^yf10^dFHIpAj}{u=mK6Q2j(J@EzL7bgA|
z__c|@2maf{KLWo#@lU|}C;kQagNZKz|6}6Izzfx{0Qae1174zj9r!Tyo507Y-vT~X
z{SNR6>i2+`sow`)q5c5)boGZoUHuWzP%n5mE10?u=&GpVDOal(0}rbY1=iJv0gtIa
z4*Ui6;lQT)2;j2%NMKuiH1MSQ7~mPT1YA*n3b>^{9{7CqGT;l;1Hc!mPXxYPy#n}Z
z^~u0rQ=bBSjrug;&FV9NuTv+0x2PKM^{N4UvuXivRUP2lR2TUB>NA1wQLh62q52%)
z2UQRF$7%rlkQxC$s!js$RI9*`sfU1ns?GpEuFe7fOg#+zgxUapQe6Q4xq1|MmwFud
zFX}bGFRDKe{F2%P{;S#oeob8h{+rqceoH+C{I=Qwen&k6{I0qR{GPfF{CD*_;1AUv
z@ITcp;C}5aa7;T7yhM8*@KWvhz(;B?1U^=KF|ee)1bCVDQsB7uGT;I26~HHJuLS;#
z_A200v{wUF?KMD6`*onD{RZ$V?X|#XYp(+y(q0do)!qO+uDuC(LVGjt8tpB>pVQt7
z{CVwdz+ceb4s2@g06tfHC$Ocx3)t4)4eV;~0rs@_0ynky0k^ad0I%0R2t2EO2zXBW
zFz|WWM}aqK9|OKp`#A7dv`+wEt^GOh*R)Roe^dJl;A^$N1m2>38u%vdv%ufcJ_mfW
z_SeAQ)jkh=tM&!pJG8$A{(<)Qz;|l@2>e6spMdYx{ss6)+LwUu)4mLRzxEa2A8TI&
z{;BqL;9c4`fuGX81^l%39pGoQ?*TuneINLF?FYcSwI2e%p#2E=H`)dGq`61i2mB{(
zKk&=i#lU;DhXTK%Jq-9&?Z<&%(;g1IPkRLLTiPRm-`2#R&3ClN0DqvBfd8TW6!3@I
z<AMLFT?V{ZKLC7){zTwI^(%mv=uZYdOn(aS5&F}Bm+H>|K31OqmUIpH1l<5$rdz-(
zbO-n(-32~fe<tu5`c*(ve-6;nJ)o@zKu3>&SLu_$XX{m9s2>7G`V4SZp99Y6hk-S{
z0X(iR08i*gf!FBAfi3+S;G+KXz>eMoUaPl&XY?iDirxmU>ZgEfdI#9k&j6pVuL577
zuLFNczYh3Py$AedeGB+9{Vee1`g!0h^ydL@(w`6fHT{La*XS<>{-*vC;A{1l0)Jb7
z8SoAID}Zm*UkQAZ{wm;G^j8CaSAPxgt@^J6Z`XeV_#XYW!1w8|1HNB>J@5ni8-O3v
z-vs<q{msCS>u&*mN`EWxf9Y=n{y+Wgz|ZUN0N$;?6ZjAMyMX_wzZ-au{vO~L_4fk5
zqQ4LLRs93NujwBIeqa9(@P7Tnz#r%z1wPF981To8j{|?g_yq6~#-9TpYkUe=GX4TM
zZu}+ifbnVI<;G`$Pc%LUe2Vecz^59Y2inFLfR6FEz>4wrz~>nM2>e;&pMak6FF@b;
z5->2n3=EC003+jTz}WaYaMJiDaLV`=uxfk<*fG8byw><W@Qm>T;928`z!w=m0>0R|
z0G|st8vB61Z0rZV%(xi%azoDFy2W@H@b$)z1K(sk9QZrNBY<x<9tphFcr@@W#$$kQ
zH%h?UjGqF2!gxIJKI1arw~Pb8ZyQepe#f{1_+8`4kGMej9uQp4d<yUh=F@<ena==@
zn-jnTrbeC1f$USJ0kljDc%|t8pJlp~UIk>Fo8mLVGp_>9na=^%Ob>Y241f(Y0?wP0
zzy-4kTr>}H?Glh(%$y<K2Ew;7=YXfp!@!Q&0KURp0KU>Z3VfA$9QbPU8sMeY&jTN2
zHGz+|TELREL_1|56ol0#{x~3SXPqMc1R!(P>HrT~XMnD?3cS)<2VP}e2Yj~G1Nzn$
zFtE-7L+d<n(s~|n#d<#Q8vBKhxK{bd#hS9B+z0&CeYeM!a`D)uoi|=_@z|p}zXSZq
z&aGEGWUNfiL&hFQ&O^qYKu#3`@=q?pcK2dMx#S^uR3iKY;gN(V>5B4y3D0`AqP#0q
zlz*)%%F-c4`NbMyrFli!I;JSM624FP!ZnKWkYB)WA>rDuU#2umHv*qqx*6Ci-TaNq
zl*Q7mz@^fy-@Hs&F5UW_%anHMPT<MXJ-}0?3%`4ra=PRLJEa?e*OqPvo+;f8Tq)fT
zTrFMsy~~uf(v|;ynX+EG5x7yh8F*dk=KC*Gx}{5haGBC8UHYTTl+98dxK+9tczx;S
zedEg6((S-=r8|J<OLts6uG~<%<Kg2-?C%8rV(HFDjw{bE-3@#}=^o$<OZNd^RJ!jm
z<I0Om-O{*nW9bIqOG-C9eq8yb(#^n^mTm|Ba_Pb+j4LlI`M{T#ZUnxfbmREAa#QKX
z%g2>hmTm(6O6eBht4g;4f3<Wc@YSWefWKC{>q+CvYf5(mZ!X;f{Poh}lgE|+Ub+$Z
z8>KsezgfESXU5SWxElCdr8@9+rJI4blx_vSzI5x;$CckM-35F@>FQ^UD{m~-fp03^
z4E&wa?Z7veZa+AV_QCDyINAqy0e`o2H}I{cdx5`Ky4M^>``}t@9PNYKfNw9|1-z|v
zmp!h$qx2czAC&F}zO!_<GmdV;-R`*ZuF}20|5>{C%5ml0rTc-mmo9ncxbmLTCBeAz
zhowt_?=97Ve^j~|_`cF-fbTEe1N=bgUf><2d&6<G8}6MRSN^zkKk!4POJ>HEKPi=g
zA1<8$ex!6_VO;rWX%Tp5Y4P~D^0Ct0z&|aOPmC)cFI@@zv(nYTPn2!~ezJ7aHREVT
z+ycC-bSv;vrMrOtt8_Q;FG?5w+_>_;OP2!wvUEA{|CH*$PnYV?9Y;&zX5eQ_H@C)>
zzbf4g{9NgN;QuXMzBrEdgbw_FrQ3j?FWmvWyL89WxblV4-N3&o-3$EN(*3}{EBVXg
z%HNl+2L40o>h`$ukEIj9drFJIe=2o>|6J;J#?im%UOTRQv2@AGxbmgarNDnJT@L(m
zNeA9r@_}C|)q!6v)mO*S(YP7-Z>3v+UoTy{Hm-c5R0e*tRK9*(xv%t8;I~RoeZjc$
z?b2<)@09KZez$b_3&+vpxcnvK%D<N`|D|!|`=!fYI*v|<5Bx#Nf5kXD9ajT?Sh@xH
zpQT$~HLm=qbm^~-D@s`hUQq4=FD%~(+*iKw)#J)V<r`l+uIw-0`1)~Wtb7OX;_{uq
zhm`%_9#<Y(_TMnBTvERCP2<YL%6GnPT=}u`UBDkN-wph4<?`>3D-SQ1|6pACiSi=w
z5#=uM(sK8Ij4O{Uci%OxJgR&X@X_U4fInHj4fvSyZSNab9$UWc!{cb0+zu?4?*sl+
z`O=S!D~~H*`pI$S@#V{bPbgph598>eT>j7F=%Lhs2g-}U%gbHh6U#RNf4Y1N@QU&+
zUmQn2<yPR6%Xa{OrhFIhDdoF?Pc7dId|J8urE%ry<wf8#$~OWJmT&yZxH3_`@vGyC
zTD}>mm2U;=<y*fot{COpfoA#kZ;vZh`SyPwN6+OmK&N~Uuu{Gs=$7yQ{<v~w`SSb6
z(R|T?&noK|9zgTO2R^%eEATnxJApr2zH{FJ#Vg-=(E-ITe+C$o?*WG8`+!mT!u<!7
zxU2&w%lg;>Wvc80t7ZQo2hf)}0X$T`8#rCQA2?IK<e>+Y+48l(x$;fGTKQ(+;qoPy
z98l`zOM#8@<-qy!<qtc6W{nO!QobE{w0sBfSou!i@$%ik6XpAW*Oc#j<N@X9$`?NB
z0NOVfKK6j}3*}3J&GMy>JD@zbTnDzwp8+nGFM0d{WvN^SE|<#(4k+#NEx?oITdp{u
zoGRb)lmp7?@@>FQ`5xf4<;$OX09~G24<105=QF_7@_oRy@_qUNG<vQy4xrI<rE@^J
zu6zTqTfPa{E8hm(EZ+g#D&GmbzI;jL06IQp;JNZsf#=IQ@P@MftOLsP%KG#H^nHBb
z^UEiIFDRdwIiS3-d;{=B<y(L+E?@K_CHuP|k0`(UnKXV;KSxo#mZE&|jzPxuvY)|Y
zbpE%!?EBXZ+Afw|O`BVsHk$tx%jA9+w?|(mWf3?={#U$C+Wf}UpiJsW>M`FF`2H;Q
z_3uh*10cW8Ov*&l_lx^o<xBgoSN?VXS>?<7Z&B_gd}aSzl&=!Lw*T$QzY)Gp_{RR*
zlyC0;pmHDKTl+tze0%>VmGA8T92S0`!@lpUSoeMMg75GDn+xvW|92PsVE;WA{Kx)(
zzTk(1|0Miq{}(S%#_qe|f-&X73kmziF23-hu}d!8kA>gZn04XBV~ZC)WNhiehmM`O
z@Djqq2tPKqa^a7Uz4OBVHumugA3kR9`w7A$2$vEbIrg*r9z}RG;U@`?Av~5)B9sX~
zMR*+H@q{N3E+dQ+4iGLUJdyCzgewS7B0QP!GlZuQo=SKc;pv2D5DpS12r5A%=mcZz
z=k}Qdi(nI+u@~&CjJ;@|JND9jSB~AZ@0nx2vhP`htHyqF-?PVlYu|GSKTGh&-muRf
z`^dgv?BDl=glO#keeu{2_DvF|2-UI6F1mVb;-W)i&%9`Q?5c}q2(x3=i{{2&eo>8Z
zm{2D)2=jym!V$tz!ZE^e!U@7Pgr6h)JmD7zO~P{tEy5yUiLgv)6HbnO^rBN^e|FL7
zv9Dg#AzVv1Ls%iK64nUogbl)Vgf5{+*d%Nbt{?l(MP~`;2<Hhm5S~Z)MZ)t5FCe^-
z@FK#C2{#g6Lii=ZO9{VBcp2g4gjW!5BD|9DD}+}OewFZQ!mkltL%5mn>xBPK_zl8u
z5?(uI?f<Q@XYGI8Sh)Wd!t2NWZvStO-LwA<WB<JWjf6K5euwa8!mWh25Pp~NR>JQQ
z-bVO+!rKYA5#B-g1HwBA|AX)@!v7?^n{YefJ%m3byqEAtg!d8NPxt`g4#Ecse@yrg
z;ZF!3CVYhO(XmrwOg_9q-0)7;0p;(ApH1M?6L`S|8!QbMT(Iz1MY(3*hn}S<&)auj
ztSGP9CpDA5V5Zj8RaI4V%`+l32=$8TM0%|0Q4|@DW4fLj>8fqIre|3i73aFA4*Kg`
zYfI;YR&R5qebDQzX$Oy4(uQ5J3{MXXUH5%2w0u9TRP4Z3J%bECh$9-0saR_Q8tu(!
z{p8#l(Ple~H2k?^T2s?BRf*P?y5~1GJL_vvFuC5_G|ZvQewODMff>cV>Y0wGRqQYb
zR4Z^bTh(Giw<^9CnIu)EV*6@bvAjSte5(>yDq$4IVI>ajC{kU^G%CJZiK)1;epYYt
zTaRidnuf$`0-|#p?QUnay|&p}k@V8(t+g}!hV#>n>-p`rmOJP8Z8jU5t<BDo*X_2>
zSJyh5^XE6(jm{12t2CWPtF>q*G>FZ%Hsxpc>J&D->4wLz=4iHW2ac!4eyloS82YLa
zMYa}(p08@U;i|kP6)npTg1|JiifO2(8itywJArSymaoU5X}f_LnjsbCvnx>)`hjoh
zf$iARA69I|p{uKIRPl6Law@h58NJs-QdnyOf~IcnRnOkDl)~C#yK%auHS2-i97>v!
zl-$4%B)Z)00Zo_BWoS;InL+HTsu@Ri;8!Y6MduA{-(d8*hNUWoqtg+wS<yYlq!-3k
zC5qL+&^+6#_>sXY#ubl>^L4K}9o3uZ7h?P<Q>(3|dS|0O6H2PyYc)Ej)>@le-S*MW
z=IKF66iC5v-h8*!S!s6%mBP-cc5ic#?w(w-G|glr=>XdAEH@WdT4&n&qNIAOdXGk%
zXSq|eySkj^wbNNKls(nDzO`a)w0b?M#ITYdJB)lMcFc-au^iJjbzk)>y6L-tTJa6r
z4qRLJ3@YwE{wQ=b({s((sHj%Ntn%zYRb$tqy^71g^8Coxt&oZ{1T}PM(=;n_6kC>8
ziPX@u4bQK{MjQu~(C`eVmm`DJVr9@Z+k^|Ld0J!yzT+_!&CrX0TI?Gt_f(u9jvc;D
zz;tyhn(Atfs|BI2OQ#u9)n=4Zu~DC|HD?#5r<+qVUeIhzd0I2i_M(QSSDL}ha9QA5
zhGpBD8d_Gxa2@8Ct7?uPg^p@gBHv<KX}+r}%sJ2ZE1F~YOa_Ms@!Z(cZ6{O%I)#PL
zw{2#oVtJ9F$Bv~l*&Hv>W8bkgtx_==sd{X<6~}j3PgNymk<}yJwv5;gtjMxl%k`~@
zs7jZ5aiD50eL#;|ZXA1_?$QB)=do7#ETDcIMmCL`vE|VVRzOF^vFd4-?dUO$tBzZt
z-yJ953$TRiJToJJq(VJqa+0B~BCk=VnRX0pRXH^iHdN&hp+N|%!945RQB`T5+w8WM
zHi?~TZ#IuncW&OBug=Xj)n*}~k%-%dUd$Ux7{wB^n6QcoyO?lD%$+>hYj4hYRc@%P
zv{o0FTYQj}jnn)v=T`ZdKi%Hsr@BZEVWtUK=E+s%w5pux5GdGMWuW&2cGg&_nO>(m
zCpUXs-C4U{RnAeXeV(3SpQ*FaXy;s0rgNTF&#^~pisow-HLxQFsOs9G#XhIUR>XS3
z5b_<SnjUy26&=^p*<~Cm>0an~6_>Ty(R|fmBV>hAo!DaRXvz$M%}^WMS(%(`%*!Jv
z>4K5%bJ`yBlx0MTJ<HdE3X8m6aa5<mDAwFSlc5#*j_&%QU$I;&G6^eQ7})H_e#HzU
z-C(r{w8&C*O%FZR*ig4TD%J=MLbW%)(mO&V-4^9}Nepj>WJc#U$xgOHO<{gSJdNl2
zMrc=<)Ed}C#Zz4t4pU=-@qjuvR07l2Z9B3nOei%}Lpn5ML1vjYw8;0tIJ626M2`j*
zi$TP6&@HAuE1ActWLCg2WW8`B%ZY-RiVXsLo2IC2{0?(0VxsD%RS9KI8@6Y%`mwgq
zU$GrI1`q2+vFECk+fL+rk!riX$!5z3V-2g=j<3m*DPJ`NNecO{Ds9EF%|kn$Clk&K
zT;Dbv-;84_HVABrd|s0Tq26BJT58*xqSIa_bYoquSYhn49%}4IOlJ+Gh4r$+95+3O
zikhKXEU&R)TdvNkZOfyFVI2FW=K8F=tjqxwS)RjKHI1NBVZ~tC2|%_S-}Y4BS8ank
z@mvuVZB`&Z&|OdCW?p0&E?Xian#F_>K;P(;Nkv!nRLj(LHcXWbiY3K0Bi9KcE^=df
z!lxH>myZ|QVZ|_g7O2oQ=`)p|n3b9Z&xj*UmQpYd=1pkO(;)*(vnp0#x@slxJ*(oe
zoJTBm8m$BsD&||Ttlvs&<rG`uY4%{5ib)pJO!FL-Wjj_4%QC}?EY+bOGb!2fUDu0w
zN1vAs8S|`#wi$({3i27pOjO6>KB`+$>AqNv=tHH}U0-VVdO>$3Nwhaw-S#Z2UeNAt
zlH>Tgu4z276)-9-NA+T#h1E1;PgD7DG5rDxMW^YmV>)0Ru0|}h_*gcBo(+U8!i+pa
z3mi3~VoX=4TEGYdfnhG_M(kB8E||7%7%UM6J1omKui$z7`rxI3rLx{c6~~P&-(`bg
z)N%p4ml;HG^%tX{*6OxaiEkF-am=zZsU<5nKeg`A%T4Xbsq#gqqTo<^1wTP+Woc`r
zwb`E0l%<sph%b>wO;dbuo3)Mg^_3b3Y`vIfBn_o4O&>~Y?r>Vy&7pFp^iW#2Y|_(l
z16Vt=)Uz7=9twc6V`=PIJP~2&iRO!Go@gk|6Ah(#qM<ZTG?eCvhSEF{Y1tvuemcS|
z?<{rKd+R5YK{MZ8-H<*bzq)*QsaHGGId?c{oQG;SN8Zv=t-q=A=tAx&lkK&3mrIDs
zE_-Ng{p?D6`Ba;+xqdQU?~;FJMBZ`MmBDUYNI*ahN}yy035c0N0<3e8ut-!Jb1qv}
zF?%TCP{NFy_nP&F*Sub9T7qcxGov6RyO<-@YK=ygH@syi)o5*NmG@p;X+M`iob2sd
zf^rKPK<6bttIL+RmPQwPty2k!pltQh->FvbbW*EGD~7#RvR<T(45tL4?-vfR_Vi8(
z%+U5Eo^HTNG(kBuMHZuGPg-7FYHlpH)A$goo|KX^gs3N(3BJM_C-@5Qx5(!wfUjsE
z`&x79q(pir4I_)L_RKWqg^lLSTo^UA=4@|^TA)9@w#-hV5?Woz&CW(^ZL_+}*qoX=
zzu4^%t1|jz&Mcj7ueQ^{RTB!9OVXd}^317|yv!D0wRwscWT<s0CN$bhH73s)9;&^x
zk;cfIw;V0a+e~9gJy*}`B{8YTa+cLgW0I%Yd0rYz>Q(YQJ&8$sOv0?aG?wI9cAl5S
z<XTg8vwNhmq&*|ggDR$Uab<mppUy_|;kOo7TRpjEYjLf;nZ}C)li9fn;l@N=Ujc$R
zf_Z^B(!iRg9BFrZFeLbDG?Go*^==F^MEDf+;pps<EE9(O4d;b-qO8l)^*g-V?{H%B
z;+C#ud1*{uQZpnk(C60{q4m>>@@3MB@@3LIkT{*#VmDu~S^n}8S7JT+wn;2$Rx{F4
z`Fd&TW*SRM?L3dKm)EQ0d3?PrPjmCUG{&{^Mbq{+(wOA2w30V?wlv-2iPBhdon;Tz
zVfoG5Nn%n5>W(~OG9J>>%{10L-EJ+n$!eZlU*D97ObFgO!T!@3!Pj43V{emnIgc%#
z-)sl)xX8>91aEV*D>#9sEcXCQ>uZ}_ldcfihX9eeUh2yPb9JI;TN`}WBpT?oHOP8{
z+_+xjCGwhSl=WgGjU}Iyf!i-nqDih{N$x5OuhJn1<-$O`4v@62JNnry3g;(}YL1;p
z!8!A&VM|m<i)f{BDx8AeP|u~^F)6<iy6amT{yMR<>)kV*wNr=M=UE&CK(Oe0k|TN%
zkz>RuYzjtGBFU<rM$?^SuxUu~te@2Kr{{u0jp~UgNj0E2qo#ix(9fHnsz*^=ZA>LK
z4n<(ShtkT2B51{=t$OlPpIew^{p{adBBQs9v`S%%kc`28AgTV2Ac=f4koaIbkks}K
zA<NsoB}n#w>9ga)j2SfQ;zChtd3k1iSt^}d@5&GSANkpxtwZ7B<{Eo*b#-ICyUFyC
zbQBDd@Jn*CPtV9cUC2JkO(szBg|+5}%&B4)Lpje(nWKyVFdaAo(05R1(imX5+d8?~
zJb7~YbQ_XxuScd3Uam4j0OeE;6B-gmaDDRZQCuI&Aj@<m=q>?MqKpVHC6ksIJy~75
zo<&{~X9&w}P`j1o>(+_0P_)+I!);2!TZXyEZ!7zS{O!UhA;*uJ^Xtup>Y5~`i;4O5
zG}G@*wl~vgo%Ly<lT@wtj<i-fdFp7lv)Rr{g46A#Gg%xmOVbRv*aqAx2wMvhs8WIP
z<a*G2UJTg**=N!>gw|TG(>&)kiS98RG>g}v<}o;esE0+7>8NqwM{X4AaE@ViMUEYK
z70rk4j%^p_DHW5pkGV~v!pVflfeY*;3B%IuG%;Ik%=fcl-MQ)4PAV3@ev;n(328Ni
z7>8~%;J%rrXIP=Z<G69)^7^&~?@)Cd*Q!u4(EW-5AsvL4>xGbEk!ct@EQG*Q!@z^8
z)!;Ph3Tv!yL8-#=4<hLPNY^c=0{c7Ab;y1L4x<OPK6twdE4jRC@^*P*@J>li;hmB+
zgRm)=1+CTg%1Wmt@p<^bU5R+@p8N>ER#Mc0WfDdvoQeRJW5uy!s8>}*ZULt|bRsW?
zq=aFjc%I`r26BJ^+CAd4Yp@_)NA*>{K&V=9Mqme0u|VBQVu%2wII>L#Q3Tv=E<w0s
za~mkyiW3Gd+*?=(HpFMZR3X@=5yNd4?oh}$6UJAl@g*t-93%}|-h^4qkWpp`^ttB9
zSMoJ@zmeuRaTvmE^$gXGHFyoeA+RGV2Byhph!8=jMp%IfYHP4hq4ME1Tl7Hy7YJri
zfy&hjR4(J3t!brQWphX7vc6XH4}~$S1z{=cbfQ95P44J{sU100K7x?IG|PI`Y!FE(
zGWmizEzI)X?y^SAP^rcYhc>011ka{6RH+VCN*STLEJ6(iCDbCRBWY{=RF^$ZL<T&&
zAQhdHoh2a|>AR7nBwxI{bh>kWd!A*gx7k|VNZQy=UGf<9D40W{SDQP^`xE-4rF6;a
z*2=N$g?5mWEO#UFR@T?gY;Dxm&vM;yhQWZ`EF`pMA)yx&MloR)6Bdbnm-Z3qW?Zc`
z5aCgnKX}5}X!CV@g~I-GNX>r2k;~!)$OZ(j{E!qkXS~Lt=JecA5=Bg3lEHvHl#eo$
zTI3rNpwHL?bApTL5~~1Vi0I-IXG9m<U?RgAroGZ$Pj(rul+8w0keIrKkDrc~Gs`D+
zp~U!lr>WV|(W6c&7|B822*yw(WEhNnLT32&^pud{G6)&k<ia&wS!aJb(b>>PNO3n>
zkckKV8>BSBs%^C^V?Ck$hzWizWJgvC9g*chGh{KSg5(MWQ2jh;fh;eHB`t%mryGcD
zInAZ@)r~GZxb|{$>2!+{@bDGr+087OA@S^CDH2a}vN4|&E{lj))6V77CTM(ec^2!V
z@iNg9K3|T;(?E|4htPQD@)n~~XevSF<(dqYm)s10&ngIpo>fSr5j;d@ay2A-DUX1w
z^RNhmw|dQP`?@XWuH<wGg1s}it`pElI+$ou!W>UxGg~VN9@522ehG<;nKl>KNemEk
zmd93a6AYbcEWm-I?%6(ELeKDGla(7e5W58&M^_Kcz|r9|!a_y<U<f*I$m;I7$nRX3
z#ja_=Vn*DBI7$!UpgS%?sn`f$N-LF$UJ)s)=EI!~G)L8uRGILxea~UzH7Y^HfLU&!
zV(!EBWTVgw9RXixyX;JCH>~`T;c<5scy<i~A%h`=bw|XVerL0>*=1R5!g-QM6Ck1m
zs_Bvjq<EX8DBwqyY6C38AW8tk1AxZy1D`r%Ycr5DBHM@e?nfHiR>cIjv5^FuXadCG
zo{9!v*R<e?yGR=?gggi;4HwxR;y5m<Aihgf1Qf$mVRTzoq=ksn5hw?U)IAu(h;#zY
zGvNlaIn!c8T2=J`wz>hkI6&<HRdhcTX(s5E?O3pN;ZP&>Gn62({ECk}L35}8)7cK_
zBKZACsFA4h>1@>v?fl(|fIhanEA7_xZ5CN=bDb<(hc&J8I*2^DKH`n_01+YVW{ci-
z0t2xLRQevcprIgCjZD|z6Z@Jk0!$DO`h{;5Fq$fSaDFQu6*U#53)^rR7mn>X9$1qO
zw;DlD2-5*fz;+{-ibrN@LGw_9n2ijzqUr`RfLMzWgE=OmY1Km#!1xFprxG%9d_(ck
z|EQqdATN!$%<y&40u=^7lF!fr0dyF{3}FS~5>izS!K;fvOOFv*IB1?YU>3*(9Mn}J
z5Waw?<tn6ex{VMVIcW$=Xdvw|D*-YAK8G41`;9{;#2la!>w4fuFxLf*K?3E6sJ0-@
z;{Jm7Fh6K6;{M=wQAlLKgEtD;iNU7JSRBT?ruf`~W26HY9K%R)3`3bEt40bO!T^UL
zMG)M<$SGE4c-Y!(9Wj(+hH{+YFxZd_39ZSEMH*Yk8%i)+2A6`j4-yuMJ+@v$Sg*1{
z7cLn}IC6aq7}{wWu8X`4f!)+lmiTQi4~=2vv;n;}bd`}2*sI1idOFP*CZ@^jtkJPT
zDZw$%_;iNSrTan6<Rc8N|Aun70qx5b`EoB+vgKZKv*kXkAZvV9A&oW~(`3jZ&b!Dm
z&1WOXx@;8IWd=sNF7tNn^9Cj<V7U&YNXX)8$2$5+rjPcD!NThz>}1`Ayi?6&O+)X+
zB)U6YB&AVY(F|4y@NDK1Bb=da>4?=>^^tZVJv2QN`Jk-wrc$v~w0{tRF`SXS#UgNo
zY_N4i*9h%&CyWq3X(o0t2tQdk4HeA~2rq<JB4uTUvTvX|B?=*CM8yVyReG<-WEC{~
zG-94WsfZOmFL6cckR?zfa?=Fdpd_=gFx$L3fc-5s2E3uPY#VbZ$sBNp(mDxGD2dM2
z(^fLBP?E>~oBVnfuM5qEJXN&a(7}ixYS`*j2TBpKs$nBF<PmoNBCLA~t2^pODq?r`
z2M5Is)<zB8Io3&}cb0C&sCr1ng0K^wXfX-@2L1@0i*zNAC!Di9k?_-`M#fK*Xs%C$
zwo@g!dOL$nDrKCq{-qKb%?(Sd6u4oM(dU0jV!-o~)OMa%mNz_2Pq!o+idTMg%|rr@
zvKE8ZMrB2WnURMY3rK`pK~9Xm5nI?^{Y_zm09ru5gO!^g2d(9~jTX2TiG+#LPvyK8
z3JScIyqfS=i1&Fd#2bb*4cPsI+iV2=v7ILp4ndw6a0rr|0*4?;Gtoj+BhetTtdN~B
zVt^Tr3B?a`gf3OgU<yrcvimboI74U<DySiVYa#HqY}KR#(Q)ul6ohlaN&|xgtT18+
zRX_&=ctx>mqw;8lf~SPY{n?q}@K~^b4BteEz1M9ioFUW*hY1juhJKDshdAtl^v9B)
zU~U!`?(Dq8tG&6kHox7)88Ck2d48*xriC0%RO_;w1tjum8SJ_BUazybaz4u#Ak5Nw
zw+$VTG<~AoU6)87HDc4#L5&#V3F|IP49Z3CE-k-~N^y66)$g2=VmLHp%&!k68zMAV
z*Z@WCQ8-AE81Vc^40wJd3L}kFpQ}f_KhlV=_W2iy)PWqhe<?#F&q&`Bj8`sQ-#E_?
zY8`0Q!srn_v;@OLSImQ3$I=a&iZZV#t~q;sL<B9Ov(tnUo{9t_u{~OypK1o)Of)@R
z^_oITi{hm$IfcsqmAX+PFMe>%ipcl@Yo>DLLl0areXSbw{{yxu@Bg4GKB!7N`cpW8
z527pgs8;C3J!%cQdY4K=eYZ=UZQZs@t)U*<rB1)Ib}1ivnnZtd+c+zHl<mbs_upRF
zzw!2h9baZ>q)(zHy6p*e9qA+L7QWG5&B~LH9_S<5d~h|xsRvi@LEU!ft31$)^m}@*
ziVv!ibW4c3$j-UCty_562V1YTw!Zej4el5e`EcEKW2sjh4|`NAeBoVc4UK|b>LfSp
zf3saG6~Fy1RUW8`p)bBm8$<JLmpc9Lyi57eC*HNr;Op*QW$<A~)yY)(v#BgUP1(IN
zbXlU?v17^0u;W2Z@<wCFX_W$YEExk?v84LAvLtd@vBU>>v!pgxdd-dQNzo*d<aRVV
z%iE4dOZGr?EGdv``9VVyCKF1THcI417<mCk941mbI8KoZg{i_P^Qef#OS3T$fCF2B
zwDVBGw6p+~VcSL<z=nGRHmbYkKr?xVPBeu!$Rqp}CyZfyiN385k4<<ra8w+4Md&;V
z6AjGNfmepUCMn&BbkSEwvV(z!P?KneYNGOs;fmtb0X098MS$<-&7!~QSLb)+qV$nx
zFDB*~jngeO#i-obOez<1rE;1Lv&Tlg88!SEVi!i2hjzRu{3rG#w(Zd`=#_#E2AI}(
zsPs~T4krq-DAlScyjsGsveBG|>m(HeWUr9kkn}Dl0~TB&ka*LvB3}?`Y#(5F!G8r?
zCWNMiLM?1qv^CHXN3|B;E2wMG<!(p@3d)$^L?%`%)C^sSc{pJ@T-6wMo+{=Oa0j`W
z2U$;=iW(+CVE0&W$v?C|+(}qrC>TS@Y5}GPaO|iEC8135xWap4xPZadglI?@O#NY=
zGnh=}IB5KUyHrSM%|ZfGok2CDn1FjRD6xtOyO?k!k&0-hs*_WsCeiTDq&ErTKCroB
z{x0&!gzgekYPb|6+RXK{sK88O7!5OhczJy;W$tHDVdj|1)>^N1vYlb-)fzb)EmQ!K
zSR#{$z?eK|!r`G+I6U;;+${Wvu<ph4&0xyoUsn;jO&=Gn?TjP|PPh2i)!O>X`84}9
z5|(0yj{%9pYzz?R`+RA{<`pEdo~<Lyg(-xs39@Y(j2WzIgtjsHXwSpu^#fGl;r$p<
z=xHGY9BTel3|%atY?!sM_Zfjv05{Y|iyTuY56dqW1l9)zX~sh*k}%hKWa#g})KO!{
zl*Ph0NQLFfs53)MNrc6VcD`ZjmNFy3AXr@F$4*=c%?gVQ!`)>TVSxo}7t#{SUS3JF
zUE6{WZeSG?xikbfH8Sm3<9T2dJE{%SI7ajUTb7FSgNb||hH?<m6y|~|I^zyje2}uJ
zRYw?XAxW?l9W`hV(SsxWc#B3NY~o@V(<~$KSfa$VDWc+l*hBZ#fY`GX4~CY8DgY`J
zqOuO77ls3JY!}lAjTePskFlC#?Ll%&BZ{rT3-hoYl*#AOM>g_stgdu!@4_i}bqgyq
z-%|KEK3x$<m@Sz)OG-kGv+k;h+4)yZn08uVp>3`~etWi~iJ3#}BfCHtZlgL6LB}VF
zeJnH}>mjhMglv;-J33aItIwx64htU^a?P1AEe0`2w#hxJ>}(;ov+K9g#~q|~R?>b!
z-h6_uZ7=L!l_22qM6z4TZ@Mu`3}!onn-Yt~h_Q%bH>1jH%=3nWwWp9k<#<q{7Zd1|
z4NA;n!YU^0V!|OY#HVJsEb=IX)tO~0-Lz3amQ8tR1D3p03RN6nQqRhlAl^n)0t%ab
zswY*<k#$aVr>Hx;P|*pnje+@cl|^N_+G|*9n!U%MrI76n6HiT~P;B=i2}9{cWBbN@
zf+5G2CRQ|5oF<_CtJEd*S!yH-EHzT839Oy*S1Oz9<V|;aoBr0xlPI~^1;&V!^p&AV
z<lH!-1s(~hK97WWpGQJG5q-*UrfsCLS4tw`wj~K0>kAA!Fz3Zu50RUV4W3A*ST`fg
zWZ<S7tZ!VkJ1>nwtP<hb8V(Z;^I-Ic5L2=;V9LVub>Y@y@1dKftuSp7Hwm8(-6J$&
z<VRx%H!Sc93{6B3=lfLL{dSB1CEZ0vGhw!GEkc`)x~4zbc5FsFuNWdb9z=a<yN}jC
zi25ll^<TMSh_HANcX;5or8kG)a|Am}Ix?-e3+bG(z4Cg4PTsSz-Ductt+9BHreSy1
z8<09fB=(MqBS_92bq24RlTF*I^xtxq@{ttWwl<3Iwrex#)|BiWyVOZX5^x7kP<Ekh
z_ms*-(!AeQyVNao)?QUdkD^`L9CYs9O+L7K{V%asW5csEADFv5UxAsnSDVB0agR0!
z6LF79Ljz{-+m4tKBi>{P?bxfq9pgvF*@y<W51l=#6-Lc2wT1@FE_IR{_CN0~m3Yku
zs`6mU``>7n+oYZJK(&U3#4as8m^S)L-Y#uyUpYp6t)b7qOEdkB$+^G9HN5|v+Y7gK
z#rEQ%KG<IP0FBc0$VDvUFXoSz42=Im-NJAjnh4vP9U7B+RZQ;R@4UTg7Dwk^^&V7X
zQmNm8d$l(73HGY^pj+z?$h}%Cj>-q9H)5}rF}&@ANIwsW+wyTdqF!-R+oM`xDC|;e
zXcX*HXLtbYQmOducd63<?0b~=ztJvrhCcQ#bskI`{ZG708^y1?dzHb59aU$*Z<eV%
z6$niI$Rx4eD9<rclG4JdQy58u-ye!3Qcw;_ls?k3R2zi&KpP}2KnXC<O{2rwAe5#2
zZuu^K!(F*#I~#nEmrlymcvo@<iZ_xPsMts<S1TdfNR(|PGt;q=sC1e9CXX$V(OmVk
zN`b2`83V4mr21TSN#tC0i4VByk}7c3CApoep5+Y@^)TQiJ2%yk_<+MMspR2t&qH)0
zrPuw$wA9ttyOKF{lT-`5m*o%Ls8ECnh|~~;7=CuA6Df>QeuOuS{{tNkkQ1Xi8XIUM
zV!z?4afk*JK5B4`pjeQtwuT=N@lSwV1?=qz4b?z+TG+{<*aZjNa+15skBt)o95+O6
z5ZSQ21AI~l8`{*cz<|$<NlF-^fx6e@Q5c|csnLpoQ~`HNE^4bN$m*_LF>zak|1Hc>
z;H6U$eb*4Z1vu)^=ZPs3&JD0^wQ<;hya9I`IIyDP?!AG6*nka?ClWS5o){?IBsm48
zn<Tw^(=?oo)#hB_W9mLR9nEH$vW^dBs(4ev?Sv+LMBg*%HV<`E+?k-*kGB#$Ho&XI
z1(Jf+AKI<r{0HWMt@BkPHL}o}#!Cf8Rj3jpcCdUpM|1!K>~G*LpdpAS2-vUk$S9o}
zTmTaTBOxl*13sLNUN8a%w5eTO{~+|?vzquWL0uPbAn33oQ9+Oc*9Qw7ET>?&;?M&@
zLxju&by)m_sHiL_3M8ISMKrzfWP@-7EkMV@wFQc_w&-rVv8|)6i^i6U2@(|<U%1ym
z0TBlx*rDMD1>HHguBZtc_+nuocq-Q_=zu#Fe3mdgJsyZQeJ?N>!YI|!MIj7f#sU>R
z+>BtjgP*4WgJW1YC@{jT#(D_HF6>I^g`wIQv$nFt)ChDIj6zvu&;U#w5)~3!vyea;
zX;96OM1)#bG1Dw2P+A&Pw~Gmf#1O-fMPZR=A#9f+utsDu1RIC!hN{E(M)h1Z`A#TC
z<D4c&YZ_-VYQ;f^TAbE7!VlG)oHy?%FoR9$epvCbcv*p;ZP=Jrpy!PiHfrdwgb}AX
zXloi`zl9eUw8`PfGkhHQ_#y6CP_~XjJm{doPsJHRran*es%nvoKQ9*<RfIj6h0qSg
zez<2ix-m_-TCl1e1zpIBisT8MPkeNtRn13XsW4!k<B`h3e-^$-FdWF5CL%tJ&?z-}
zv=HHwE)V9Tsf6Pr<dbNoA(g_zoGrd*5Nxn0DK?S<IRDt}g-(DXY7k;!fJ^{691gDV
znuJJ`5yv|aa4l#e2E(jOhld`)$n=qgV5|s_FN7n9-a1k+i^>F+6j8TFsaxy@F-gZ-
z4dy&+8?IUqLfUA*xvK3bOju?gl1Pl)Sis=yqd$eBKh|`f2V-9ohc~E=E0_l0g$U1M
zxZcCRO^BmGW)*T0L~V#O5F{YF;kF86-qcteSW87#gM%UmH!>z3Z$x*CJ75}snjJ61
zqr?bK9h4y>)Y~0cnJf{Q`-K6v1E{H+h(D;vVo^bKC=5!x4dH9b3FuZNkm&C58rTfT
z0CBiA{V8sjDkND}uopx&i_aRJCUw5Jk7BD)p<;lE1kY&DZLCAG^rMArd9na_$$}>C
zim*mh@E>O2%uUDE8u1J+B9Z4HSw??Yq!gMsmZDFn$Y{kw4a*27noL}}pLvd0lcA0k
zBeEggw^2QG@GeJG#j;ck3{)TAN3M<YBXNc%9@ESqz;{;cF*xufiDOCDkP7w`*cc#=
zWo**P!o|ixC2Jm^+)?nW#zICC=C2(v$G8A#7IOp31<UqvTLi~eDq`?i!3<twW8#*c
z$=DB2{tb}~VJ3qXFb=G+e^6L+ENm%op2UX`ABu>sS;Y|>*@;;Q?}q=Sfa&BQIObb1
z?y+RV3zE3JWIqc-)?EZm_-YidUykA<<-^J*wo&Xv@mW`W1k9{?f#qV5z=)3ncKDE6
zGw~4|At5*MF=s{=JbIQ8QR74sgl|Wb$z{rN77u>*=rFz@{AwmJ0w|==FuffIV;3LC
zRz`pfQAzHBL&O*dN)ci@Tyh0iambkAdC0`WB%{DlrW{sTCy~f7tp`hNA)z%33B8yw
ziV3rru!;%0m~co8Ev*hqD-S^!i11{EX)TLjg-06}nUH~QBwc|hgVDv@#GM(!a@I*$
z`HW3GvoYmy&&NntwaOmo1^c|hCqcd_J0V{lO#qfg_G<i?G30P8iQhfkyGg|<W_+cO
zt!J(y$=StOq}0V1$G|Zp8ATdE8cS#Zi4;9z4yO}29N#5zZ6HM%O)}86mCPKKm3Z!9
zMxuQmGf95tWhRN+iNl$!`Z^A2`qlG<IHl>w?L3;H#!`I<H71>^-rDB;x|B9CgQ(&x
zfG5WKIm_rIF_7RSV^{B~)J{CIYWO!YXu!raOFW=fFdbsXW1@rgcI*XWW(Lv$n#*!V
zMa;xOC@_!)EoB~25r2J=crj!5Lt>4KQ#KMRqDK*+{emVs3MnjDm|i1=#ZZaGfo)7M
zEi}`qh@}uy4Y@ND8jV|#VvFxO)-aq?;;9wP#%IafYmkYSeqWT8ClVYsNhF5zdG-LC
zP0L!F_}JWI08^Mt*N7IRYoz+pHR65g8gUaXo(SW55IdGcq-8kN!%jpN2Ok_&_C?Rb
z5?h`*vE9I7Z1VhKx{<{b%MFR|j$c#A5+8yj8Yascx+&l<m~e$4fueFA;>j1Geg!-v
zQ?jVX0oLM`K8Z;bdqxYLcu)ryWR%q&TQeW8j4_^oUG_@6|GJotRdCqHPAvxPScb8}
zRq$Y^M(ERE#)@7J#xWK4SoR+_bT&C0!Xh6HH5|6NKFAcFI$4lGyK(o2i#D(dy3ED@
zsH_1P?1<Na7{Z4A3R6mOV0H}~?FEz=81`85X^c$F<9SKfg@i)!3G5cH1-MbbF(hu~
z@W9BaJQ}JHScnLQh)-1>9n^pifhh`xX><-d7gU%MBe`Us*Bu<eVQq)_12aJ+l#p+@
zW_EGffRj6(l06Xe&}7Fk=m<PcMiCbNF;<u%uj+xifkR+!M@6)*=s=wrBWoL2KM1Ml
z8lh-`^GFOZ(9B>1;Taj)5duvbz`-(ah|^?<6Y8@hqM>1uuSJ!_kZoZ;W?5tzt5w7_
zYO}Mka-L{|m2Z@yc}{KxXx^q(cJQg7jhlnwA=c7xk#K|L>S3W$zu_Tf(eRbKGUNvL
z-SJqgR=YjcaM6y(+F9Ix;z7~SZrESI3(L3UrHgku-%~>uhThuJ`f@u@6$JLInK+AS
zZ=POXUf4XzV8)C<oMO$k&(?4rj5%?dKZ6ru6v4zELh@^;yBK05SD+2GmB#R3B9@34
z>$Y2~Nm)(k9n8DCZ81caiyOQ`Hz{Ll7Vjun*j<k<6~#&JmOMnFLQqjwR#;BfF_msl
zw@+^7@p|XfX%hKrHnf<rakk|}#c(Ho=``M7;|fb0cc`yRyDgk_S4Nn>XHLxBoke1(
zzcV-SdS2~ydNZ4w;{DuJ#J0S%xP>1-Nkz*#q_nF9TR4kIqq{GQ)WZN9g+2H!Oj!(!
zQ5=9y#7d9-h2;v`2!e>U(S=Ay>&lg-nd!%*(=_yo;GaMQdT0dtI5=0)L2^+$LbnPs
zkp&EN8=W%K^8*x=EOCephX9|z%v>tQcpyeQv?Au;xHAUD7Du+CZHCeV#0!?vF-nLo
z-$C4%O4I0);d6wQNj!X_Q3j<7IRaf9K@{S#6fH|=jQk2B=r}?sf`9w636nwx3;Svo
zPfQ7+s>C_2m?%NsQ5l?=Hlf+D!4=gp%%riah63~K(1)JDgD0w^bS|qJKIc){qMoK=
zRSubebt1k?P@F@xPP~5OTp2ph<#e=)!Nv?JLFb`SrU}*L;OW%Dc`DBa@x&5u(;tvM
zIEFV+v&3~STA*~8Yk&=6B@71*G6vL{HCz$r`A|VbAoOr_4-<%8NCgQIW*x*UyBW69
zU@2gtD5fzgcnQ(=v(akhA+ZmH$V5*xb|P_1j;3sgj%>g)s5}E}D%zniV{qn<A6IA|
zXh2X~sB_54FoMS<JOjQ5uM9r{Jv2Tn{2e|IuBX{gaoUQ5)IepYg!|wsAhBqgVM?t*
zCBcBOpovjhfpvq5jQIKY#AkTyDpR`+`D1SC5z6h`>}RtYi+$d&=p)}vbfADte;!oK
zWL@Q1SZ{5uw4bd!E4vQ2Q!BV9#6PC^ZwYaZ*jed4Tfx$laY>iLV}l`pCN7gfh*x+^
z?4a1~qj#g}9y=}6HClkUC1*D>@X*b76ThvIZ=#8e(leY2SW`FzhFQm`V;Z253p*4#
zmaz-K>@ZROgAKy3!Z`v$o}$wOTMgEeO`jR4A2Q~pN%*9Y(#$gj+yN$ro1l-lV?sF?
zceg%nj<nc>KEuhfP{lU4#@D#G8!+Ly;T=3;!-j7L4<vTc5kxf*KTaNgk0I|NHc*`A
zgA3jQl?R&uo}qyn63&d7v#49*I2Qvx$WgQ|T{IW5<mEnM=>;AP<tTd8V5lbOg{SDO
zAGp;)x0^{vui-)$l~QmHG513!Q@F!6eTS+RbDT+`i&rElbUYs5O*pwfO5SiM(2=I2
zJow-M)R@un<aTf$n0O&PU9b#MKZQ*vE^&42U+G~i@9{Fk;s%ooE+<-~4vY)F8#5kr
z{ZLR7+pbWtj=#NSSU$pa2a4Yvej2M7W%E0?cx`)WGxwQ8es6``YA>r<?a43_ry(on
z$zq8RRu+!ynS*#m0)JyFiBTzd9IBLjR%UQW?*wponDk74cyXv?!ebCUI5atJ3{mmN
zfU_vRjZ#IGUO6@ofUvGWc~tnMbReo>D4gOPf_V>*07ZI;1>P?96x3o_BUy*Q5pjVe
z=MsQU;`aeh&y<5Q!Wfl`14lUCXdEfmt%Ne{S15`FN0k@kfuo8Cx&_-y`}ozUf<6kh
zy)Z?fb}b%~<!!%q*Q*j~<UsJY{kj|@E2_8RkpTtROgE^g-nDlndFj1t$jwBO_&~KD
zT&3it9;m6pC+tg|6SOro$1J{Gf<NwBssBlLt&zXo-t816rF%40(Cpf^R-;}M)x>S6
zdf~-JV&vQ3J{cf@T(_c6OcWZ*@6_*vQI*oW?O7!sZGBXI<ik8b6N70t>M8cTSPJ_y
zWz^N_JM39S-eJ!Qdlu$BIV4cu-U~w`Y1CsD2hphV<eLsA{irH5@jw+u&7Fj{DvS)8
z>Gyblpl+}9z%_>6c-MA{uf12L!Hex$EB_Atk+}Vt(~$ry&Wll%ikpaZ^!7UWo%)?H
zs#1ElJ*(`PJKJxReDnusV(_s>J;k0EOX1Ma9(Dh1Q)7FT9dl=Ug*|VO_vFyr+1|p?
zNE-E$#X&TxJn6>42pUyo$K2We5dDr6lxN#cT9{Q0q#D~w2OnrhVZYHGB}4B#qI94W
zI;wE+t~*Ne9#3Wo#8Tp^Y3Pa5feXy1$*#4E^JHYD{AT_499b*9;ofzIrpm6Z47z$`
zmEy`avclfaAf^4$Jo5VVP4=!cG+{=zviJ3QpZ2HB$To(?&n`6vV`yXrd6~k7GP2Ht
zsZp36GTcTWp~+a>Ue^B>+Y5$XZD--&twxj$CdT%{^wR<JQJ<@_jwCI16c%1`N7-Oh
z4i)uZa7S)`01TCE8(c$WLxXClWcRiT-?o26zPT#%-U4pLCubl)7iJUUlk+W--Vyhp
zxt3-U&$9cPbXf&nFD;gc3|je}Ul$mlJ{Q%GaHw2kp;nuYW}?}7Z@L+J^GR7ST_s~g
zS#pb1l(x)ibIp_-hU#x%eo89JemAxjJ!PptL6Q=FBlW$$;Wj=b@#z)FVT$WWO^+>|
zE|%eTX{cmrD7Df*P^NgzP<zFKLSsBh-V)K|^cZ@ly}7k9yI#kSHtgcfEMt&7+HGxY
zZHOaHFBkCUi6P&`9(~if-cvMWej>C|;~4H8?$bn;ZovzJ`iIAdyFSDe$ox3y5Zh_E
zp(Y2t!9<HW4+;$c#35*^!99cvC}+=UzNpe@hVWcXw9`cMg7ca*OuvyKhMZl6$_y$?
zi1y(ez=DDO<KUnW#v2Fz;I~ouMbPxHgm7w%R#-?y4=Yx*;sSUyVpoekf&~}TL=`9^
zj#djg0&pLAMtHP1^F~$#PXt8{{2U6yiXtQ}DA6Gtqtv7#hOdaLMBPpl`cN){$%Aqk
zwr;prgeiso47vqWMDE3LK^#VhQ9Hs?6Acu25BS1_>xV5H+JOP$C?B2%-mu{oQVCTA
zPEz#H*b=@>h@C6~DHjzH*icl2>kOw<MMH*Hh(zZG5jlrNMHsC+u!S)R=D<&%^N_Ic
z=egh|$<bV};c(y$2NXUwP5~^mAw*p2_=<t|0JPnZ+1vCAH^g}w%o4cZe6d7MhRr;(
zH%=Es5{Zjy9vbhEu+8Xsm^1V#d?rzy2ry^FQz=H!_&<kxh&eEW05%#tY_yFyc8OVl
zm@#A!@VWey;{*c;@1JI(lPC&u$YAkVprNG3m%vaNy&Ke?T>K~aembOAI*U!trdr2C
z`{`AVY+OHkveP@w;=rvFi|{?=TxbyPsK!z;Ob8EGl2zyds%%>_1@RNYY-c<DRdRHd
z2PiJAh=T_f1akOBX|<t8-dSnKTkWhe;;nX88rl(ZjCc5XhTbY~0gV7Svcl>|84~s+
zj?LkG%2A>b3L~PCD&86+Mh84-9O?$hjaep;usGOj%VA!KuTc)c!jt)oZMHI3i)L$+
zHCBK<2a1$W&OJaSDQ83Sm5r^<#%Wwt&NO_M&*b=>y4ECL^k0(A!N*~=pYThW@yW&@
zS1tMjz9RR_4mRAm7Zl41%Qw4(Kk#bm51g77>ksV%#ezaZSzpM`<7b}J<wb_}fh;56
z2YlB4WVx5M-$!L3-xPdht$mIhS^Rldv>rtV#DKj__ak#cYm_7V&}W3hicbz0_UHiw
z3W6R^N?^g4<4Aot=&->JT>Nqk3RSFcC~@GUF;EaG_&6OzWe=t<LKn_zLn6c(#ttlg
zw4>Ps@Kdh`xF3+iI^|4G&P-$lMB)aUn>7(GJ!*<**x|Fop(5w+A&y{WWwFBf0&9rn
zqxg(kR)E9`?`?QDz~^$HAP4Z|pjPxB86WWD5i#fijtMk)=|~As48=c$87SzQpqhw|
z1TKwPiP81ua`qSl?Oa4-;>-X)4px9{4E0Ww0wNYKd<-HMKp&6?tDr*6Dvt6XT1@D_
zu&|1r3qlR_*+MxPkAv=zX5j@v)Im5H8My#r$$*6wO$zn_UXe4RQLsXMhA;~4HuU{O
zpvRl>=m8oCd>AyO(5k@`FZ&3*ezck^a+E8(6Uuo!3HvKPq7mMprHAW?2qz}^LSzd-
z)*<c(*-cSg5VsFhY@O=1+nnsGET0xQ@<647et<t3ari4whU`W>A)+P63eVg52q@6v
z!8;BgD@fOV<e}oiH)R+j#2a>b*VhCGkslPw@*x@dN+a={Qcgt|f+kKi6DmST0I86O
zG*C?#&do_y(4$^jf-m8ueulH}y^PRqtJmzEC$yJjM{0JK+by{rb1ga4P^J$<3#l>s
zNw|_^+~M#B*{3109Mb{~LRS$PD^lMeP*A)_a)JVgD8Y*UWW_`;1^E<m69jB%wS$p}
z;wXKp;NMjIT_dTr=~RSjG>V}-+pC<QAy)C6KZ_J<=eL?^ZJs_DjVMSFQ7K~SMcWpH
z15p~QELz~;F<=H9fh$r|@!*W_5Go@0WX=hmfkXzSOcb>c<)X2P;-pAZHMD$KxMhCf
z+6d)8q&Z@(k20jl)lvOYag36>{nj}ClJQVMFH>A7=?vZq>Y#{HQR`uGLHLNGJ!g=L
zGH{?Ys(~`&9Xk{x9<FiozTRyw2kWbgoi%>z0nX)DS-f}T^~=R~eTO4odTpt_u(6Et
zgT&I765EnuGyM!Oj-@kFf)2*y%KBn!MG`Ejg9IgUXDuzrPP%Q-aC+)hKSpG*iv+2}
zE!#nOHIzWOMStHYEa~hGgE7`!36#}h#i321SWsvodE6o;kY(gMK#=%NW<(;x#5t*G
zo}q>S4i8F=3=a(?a9;*7+b;@STBtC%8GM)?h|&XCtO)XvMp~>!co9c&fMpaFs1N}-
zXI^urJ%V%uwz3D%JZ3M**Tta{=&HeCpOugkM1^=@K}Dv^k`3kw_Rl$};$?|b*HM7R
zfC2yH`D9~ID7d&%*e}4>aTtt?dE9HD6pgAE1C}=tm+WBC$XM}Gqj2geV+qQG4M^ms
z_>$sOTo7o~gF*1Q0z@{V;tU5`P0!68@}?w(>KnTVND7CBx*W@6BE`nxg~O65GDbm#
z(c7Y8wFa0IfWS7C3Ba0-11UBnIX)ia92+e<7H8Qc#2pWl%kV=5HDd5(bdW{j3_=W+
z&SXPPkFAzd0YHSn_*qWHM>LiJIOLJjTi8}m=KyV@JK5F5;|6*eNXx0np|QweAtIm*
zK+IX%Rn!dvA$vIER{T|QUb_|W6)_&7QCw`W-$)#9CCI_qq}ij`t#K5L=Z%n$gH;IX
z*C@gB)N=GL5@j?lg_IB{M4WGL@k~_24G3DGq6Nb-LFiB5YZuR19DmLsK%9}l_6eEA
zhf>ft!8`>6ok-53fkv$0lMF(NlLKrH24=m%QJ5Nq%88~Qai~$F2C<;X3SJ=c<0^Wa
zQ)yO4+Yhql=IUYdYA=}ctKO`f=U9!aRGmLw1H1Q{FbUF(6C89hJs;Jj`T4o@M-D(s
zw0$`O@`yKGg@KS15AyY0@{L{cwPsL{Mzk_2*XY+h(F~(_x^UT{=r~gP>0lwvOkQS|
z{^9Amy;ifmAtz6ETPw}w)6II6@Ipdmx!2pJ<Rpl0`-U4@&E?hJpni~a9fpNR`!7vL
z&sXV)6Xb}dK)ucRmxro!S$ne|@8+3OqtRaDB*3i7Akph*H!;$iqXmwkke_9aY3gly
zD@h_hq67t%qzdh!#D=1susE_z*4!O=XSP?$3<0xCT4;<F+Vcd-5ltA$<I<rt$D|}j
z4oX=weK?73_F6a?>nxowv@>`v9w=*TN1pUawb$EfcNb`eZW|;z{p_UUwi4BgtX5-?
z>J6evV<Gxsr*Qt$W*?+Uj#SQ_r%Cdd8+Y0(5<8jw%0+XVr`z3Bw`2bNMw`<09XV2u
zeRZ|7DSeYw<IQSY-HmnJw521!Z?TVp@MLExk-NAfC&ZWB_1kJCkDk8pS_ik`TsYb9
zj67%1J$X*nM|o0O$-5@c<D%_Zd6(r?w(^Kv@3&4RPc0DUg8WD}Ly#B)CynrMXu+g$
zhH4rK+b3J7+NO!Pb1sb(9;&vr$RMH9vI_@~yS*g+sM~T|$une{<eas<wscw^HIFd3
zXj)WB$pzP4+LXyO$dU&+)ILMunFKO4h-WXC@=>z%OiNyKC~Gisx0i5(-3wEzitU#)
z@H)=q<8G^s_6izB?d3sMZ$}Q5^7^yu46XBnbgy3`?}1SVP6U%vU}>8#Kb(Q~YoWN_
z?rmi6D<ihvzAj5i!MZF{S$b}%w^7Vn-<Iaoq<;N$6*#;FLdgWnTM&h*Br)0E?0-|y
z&7EU_fgysla<9RCc&q&0$*d=_o=4<8leJY&0?%s6^Aqj1PX(LZl_p0eW;p?R!JxBg
zaWc!Zcrw4Uc$6QSq|ljJ9uJzumePwEEaFm(yU1f^QNc^e$<9$r-#tr5n?2sTpCyg;
z6Ui$uY^W+$M6S0vy}s01Npt#>JWck}pY%ntiJX<Bb0kg3BcO;Z8^IvM>z!X+9m+kE
z+*Ix#v^H9cot4g}JjGHmA*HjeRZc(hwouZBzbIAKcI2QznJd;$3qsPEXDgp+MzaYn
zB0n?H{L~!pSm%t?W6he^XdDImP;i*qXo5{93AtOCq5FL-md<AV8-?@_s?ebzfAB_N
zuE6)g+6HXZ#VP_5Gck!q*%TF53>o0ON159;A{^ETo(gh}-601Af#c!SP;A>cWdz+q
zR3>3nfU7H*x5CZEYzvMrBqZhtLe%3FQ^y)GJ#Q(-<~>p{BSt40t};5ppy*(~2F3}f
zwxT!-UBEFbXm6qjh>0U6BcV8MlXD|6+7SP&V(rJ{VjYVqoQ2u87AY2nAs~7l7J{fV
zi>V!`Iy?<108RzL>IijbY&9Y!!X^+o0XV4~Q^9k9qN1-1H^Ud|7^4X6Vd2v#SoonJ
z31JGu3FTGH`gmdoB~8c#Ow&+M6)O)arYCzv3W5SSEV1~o#6KoXd5CE_-V=lrp+sVF
zjyqW^?^s*j4#pQvi4M5f>SMNv8ZeIobIe7@P$VSS1Jki|q?oKgEjwrk`zkuN&>0->
zgibU{!N@>(ek$T!)K2+Q1_YLl8MxT%gDN9rapCfS){E9H4~xz*s-!4AqAOraKfoTr
z(iGQuCib<$S%Pq`WDm<PmW&vapgGC-u^`VvY$+j!&>@E&fsqP64_@z55oSJa3{bwt
z4=$SJSOH^}gU4MgBq4F2$+-*En35i}Do3vRX~H%O3C+$D$tdEh!7LO{#Sny;g&{s*
z#K8tZK_12w?g1mE=GB=?DIzOgUKKcla8GcjiW37gfZ?>EU&|?|yaD_avARW>)D9Vr
zkR2*t1`~YPY!<vbOjn7*EX0BeMSI*ZK$}Fua)Qy5A08!CW5DU|TrXZnVZ9+&vY?N|
zbP3rB{0b~Op((Ksh7lL>d6@59o<J0E89&gpSj%!9wrkKgOb&yCu9!Rlg9o?F@z8tC
zM2&_w$-wDLCk2g<j^TQ5HqFk6m!WJqL9w1xsLn#3Oh?|4NXJ8hKOHH99AifgpJQ7c
zYe$Zg<-kv2eX1?YH+_~V=%C{F%@XPN%@XPNC6NerXW`(<qL-Y3nIuxuVcMI4_uJ$Q
zyXq{josbiGqTdHooOdzT4CkmZ9UY0Ln>hK667q~~rpEeJr{}#!vD<>EJ`d3rKoCi1
zX1!L-&B!He*`)76mSSABdaT%T$xx<0DwAV3lA0+MnI*`gk;ENKmLt?q7WEez$Malh
z|K!;0gbR?y@*O}<)6O~~>zrDB?&>I*uO8to7h*YRTew?IZ@Pw-W|Evte-1aq-7F6g
z97;2?Cy^`QP@vW+F_D1@zd}Ucl0I6U4H-a5oQDW7U8N)Hb&sc&^1co<A8^3EWcDF?
z)G<=S3<Aaph9kn-4{%a~$PUvvm<4P)u>KX?kmJpOJ&7ray+7LBVvdh_ICQ<3^kK7$
z$%+;$<e);2nI3XP7&A1B9X`_C3U(-%hrm?Ab{qE$ijP4arsFWK;bOo6z?zhY!DK~c
zGUJ~ZHV8ZiDzetYL*?jOtP+@WNFR6znCyra;E!XPE=LQZ5)RMQ#LX|9b)J>Y5pxE1
zhk)i#nMX{C?K&p_V;HG$nxGuzjHNi4*m+~Lh{yn=LsnSS_GPodX95*r&tUGN!`@~$
zqG1<DAMj~;VRZRfSNw=AgtMm<_E$s>nEtUBB#RlWCfKI1GqGpJ^bw01xFJ-GMe+d;
zRouqNL5=ujfbjuG%SJ1n9DG&4FL7gq^Y5^>$NLN$4;HiHC?T<6k;4iRT8jlfd>@|{
zVaSW{ox31kK<FVptX-t=h}Cg_f$luaTV(avpjLQs7*!w$h#gq+;Q#Y|5r~VE8XUyH
z_kwe!VA><6a>3Sy)l5S;5g>_00TxUM9k2n#{s9{un0PRC;rz##{8Si2JPE=PoK0gV
ziIqPciM0a;@0k2xCNGX^IOZ!rvdswd83eHXz;F<5i}XgmwldY~o#w}8w*ZsCxCi4-
zWX(E)B^(xDCj{n$+yuiOHu8vuWkY29WkF|;t^~Mf2l2t!3JVluNL<Q5Mtwm+I#OXj
z!=wc-1!6sn<pO;RLc$Ycj>+bPe2I!|RB)^q^L!I5uh>s9TVR{y36XDrF^Po~&Vl;I
zmy@xwyq>d{r(?|i^7B?x>%C|$X3>n5wVC;t<CJe`lgy@IcO@=}-v;@hfV|qYH(A^+
zIp-;^PAYR=R1-ZXw7WHyyqU>ZV<8HwvqMGAJ<8BE*yF-IOZmQgT)Jl|qj`@@cQ3_}
z_3qapgx|eTMD*KA#RYc1yQ+;jtdKYvFYmuJ!x_q8P1BJ)7OEsU&3?`?c+Q1V9K7Iw
zKhH>9Zs!S_Pp-|=Qt0G~c|XXbC!+eCY#@1hR=CXl51hwmyveHUUv>HNLULw5wMk`i
zZ3~#-Sd$UF(8grK3}7_%$KB*W_&hlfK2H`#qtqT!3Yt_-x6e%`?D83JKA1}OuQZm*
z-$X7a?1|c;L`2t@%4K;Jrn6+qYfLGp5;%AAWUsxMM2|{t7}Yo&OPrsPXv}!i(|Kb4
z=v)l*SKOo>O(Md_6?U)?Xvb%RW<0%+Bm@P3b=gnH3pA1!f)b?BWZ!S%d}?x@HtFm<
zUhLL9PcR;s%h`ULT_j=yWTjwI^Lahl&_`s&b#GEM)ADLzby8T|Svx`}P8Gfk{hC>I
z(_em7sZCXRMXwQ5t0_w-i7m-VoYA?Zm96FW@<P3uIvc39yRh+Kx=0Spuk|&Fw6kgu
z*_aczdy==2*DPjY>D$K0cxh8=ELL}l789dfF~2<s3!n<#mi!DxRh5(05*>o{QLiq%
zmc)mK)73Ie!>!fT^9}t_;ZzEx-e_{fsT?nkv%6{ymOhb$Q=cMb3KV!2JJFmwl#VXw
z6gh`n3Ba4{NvsjgC%=e@li!4|kGkODG%4CM=&fWrh7!w;q*t1>lAlI@XfRC<4W`MV
z?eB6(nMHBpQ1X3_sng0iLZnSANEa5s`Q~Pm!z*UzW*C@CG(G7tvXyyFMlg|tYeD7e
z)w7`&O*0AN=1erh00B)-XIVd$OzPTPZBEX`n5Gf%zyvo>R9{mpodMtXm~wQgTA!}X
z%}sNn_sV7~s81(y(-n?<mw2<Yw%mb_zbOeh5qzuLh5IC_m6gSCdi_*qX@Nv$U_J%s
zLY5lInh$EMEYo}=L?`p<ThRD44E`J1)7yI}ebQ9n2)JD#3pW7CtL#u(O3Yuf!XbsH
zV!;j-rDEZba#FEi<ijND2fIB?v2f^NiUm6!rdT-iFnPg{Vgw#aQF5KHH9asHK&oga
zx&3N#-Og%x?r7bO$(fzAIa3rk7;GUDUp+{bWOOBXMm<kJf;ICT8K^Vczbp?nBzjYV
z*>o|=SEn#b_ZKHJ7G!PWS6WO3BP99^LgL%kEV6biS>*8wtb{#c(o)7nBt=t$MB?B`
zmNg2(Dl4zB17!J4=2kzE62?LlH=)pCC@ZOw<}!`uNz5(G3-O$#m?aQble73vK}shb
zm88-=ZN{t4X8q|krNTl@q>4>%HqYkjexe>7nS;!gm7<@Qv?!_Bx#&<dH_I--_9e78
zyJLf@WUy3t3)AvO#oR=KTFfdiU20LiF~_P?Z6vqDIe|C7P>(W!Y4!|ZG%vI&w@8=x
z<X#K2hi2!F&ca7&NbRVpHfIwTH5^sU@$imbNQwivLQ>BEEhOb+)<RMamnbB~A7ddY
zK6yx<BCN_U-<c1$zTCKOtJQ6%8MV_L#)p99*wDnS#jMDgGQrL4_CY%<xD2ndvC&;W
z*I9*?9(Jzpi0HyUPb24%vaKGh&h4BtnGVgUqJ>T2I(OPVxp2VyN%$TG_C=aL(TwW#
z*}3h{#f6!c6n=RO_`XN$UM*v26?0e@ib)QHO)BOWCkYXr7cNhtT$lW&pEaoQeKQ{$
z#HDM)T0&r?BeyVY@eGybaSGEkqT?(j=w&}q7{vX&WUK0@5=Kftl??Dfsy>JL?{J<x
zfFNH8?<G=`%?9B&&$!WELlqS7CIvL8THA&Nk&!Gk{BB=Q$l9@<kk?--h(o<0DnKYD
z`3a_TNFo59!e5x-w@$|9`dp)?OlLpnku0P=SyPs430~gd@T)9KPC)0z>Cf4<)=5dU
zg<za*pX$fuX*X)(OeV3}57yUuo2|9YLL0b&SYKnGuE{X2^%2JG6CNJ%^|HL|>t(5-
z50>R+pD3@dVeBm{TRqBhwxx<6EvvEZqa98<p*DFq8DEE$<urnKiq-aEI{bP;IS(t+
z8;1+ML3|y2bf&e@&pj;ta(G9-6xz%C<*@Y2VMP|`*@YQDsw*Dc#^W<{3&M_^g=?nF
zgM`<M<h49DiiWeoaioM3=&35UC2%HXrNyR1=Ik7oib_cuMO$Sd?#FXMQBvzfg2Uz2
zXh)Xptm-jZ3Fhkq<gz|MF6)ZltIN)mx}OsqGSy9K2x6G5_F0LL8(Fjw1so@&9?}Xs
z0wha=jWAJZ9#J4yxcZ0!uE0g?=mH!WjxNAa!-xXz0Z(9;0?Qszz|C3zM;E|;8(AQ4
zj?Q-8I|(|Hym<}Q=E#D1T>gwM;JBud1=3d|3+Ayq8C^gpjxL}RM;FkEqYH4VI<i1|
zcXR>#l+guXz@rPmA4e9*_ZU$yqt|Ha$jEM&@1c+Q9!a;4E}#=f7tmLu3+R#^1wr2#
z)b_i_`pk~3+V-6Jqmh>~-4hXRLzIyFULsLGA0$NkSiwFQG^l|%L%0Z8!k^9}!eM|x
zBT^))9-qx(!rUQael`*`4)iinv`R$^jRYah#mR|8ftrJd5<Ue3+XLYfrhZmoh@Ft-
zvFbHt*KAD9%^}N3u8U@B^T)F|>UDuINg`2STaX9LmX?AXp&2a9&&6>g^GvTyg96vR
z>BjJ;8_qVi?Yfea@E#<xeczS59UHG?_IVGIphp|ZY;%&;ttJt<bJ{tLXd29Pj+D?@
zn6C1h{D@(oB!vzR=93p{9u;v+(x+)`@YYEIyLevCR~y9hOxY2V+>{Xo6~s54rNy)-
zYjcR@@<b9%38AUEnK|&Hh|MNJ`vyX+<SUcw_drcSHI7KMwv|Qeb4MGg&rvKEeQwUT
z$1^P3P?nlyymET8jM1bteT);0l=e~1Ho0HUxM(P68NM6%24sxoIG#5zGz4g2Gpq*l
zBFTeElE$mcWUPks^2F)3$4^3KG#SN*qWPl4DcJyJXbfj(^I&H|zWHS(5eJddUUsHK
zb*4654XX1pzLe>?*~#W~b%tn4gTdTv3VSfi%!g@h8uDsBItCXlsf=m}dp~B6hmzM4
ztqhqanWQnhDn~ZRm)$)TCk}8WZ<47he7ZqaG#gZFQ&Bz1rCTsS;=yD#iJAvbpajR^
zI5Fc9w<TRCvcqI(3V$GVKqDh`C{=WHlMUZO)x@$myE5CoS$+{;9;W3OpX_*k%qOoL
z=?W_`d(C8+4w6z=QX)Amj6pCtCOoe(Jr^88*eh6sjB-Ko1_i=R*ikYs9t(El3Xft(
zrqJ2a%jmYswBZRG^k1_Y;JI9(qalU!lrU10Y-uEkB%HB273&eBWVXR@U=+?UqxiZ5
z{ehGkm&JmCkWlvWo3XIwm1S)~Ijk=z%Y?aw!PHn#;;ogH$xTYNBh)yOv8Ag=vXf<r
zOtw+$f+{46+r~4{0mLw=ZLPvM>-G{=yd&a*zO`Cg+3F=%Yy!7>ZN_2ZD2vo`s<%W8
zbv@BwA|?#G7|tDj`q^rNMw*jO<vMRNIS2PTVFXlX<GHlP(#gdm3SNPaC`*e=@^G8z
z<*hICR7aG~5oI;WN|Y}XA8*`v{r@v|rrT{CJG<r$9WP5xoaCn_+uXJ+MUpf9;o{Je
zxWy@KQnGXP=Xn9t&?KF2uO+bo)X+6`6$(J1h<ZP|+HNeJJxMAd<!`;4liz!v-v8eF
z_<QdbVR~tp{|v{=(R8?Ab1fUU$?tm8J`sbi@peYz{N8(<{>}{cdyg}kzvFxFkKQSL
z*!!%XG`uv&FyUm923AG0AywfTOci=_a^C;L+qu2|2q+<~&3AwFF24@IDNXZ-{NmY$
zXiBmEC^h<nTbbwE*&nd~e@X<~Kl`&DK-XVRA!#zLsX}drlQc*3j|e*-5i?r<-Jg{J
z2G*Y;{ho*&VHi@{FXx}He!KnnXGd;=<d^Y%_4$+X_<*$O5}S2H0hGzL0x;4zx%rdh
ztbbaS|5TO#^eR*0!R=ox7cB38sh|GpJ<ECMV9@(K8qi`B^a6t(8^=upD!q@NbRYJT
z)$scv0+k_4_0wYcvKWkq_L5J-`Dmh$nFD>!JR#L@@AT9GC|2s}=661d6HE|$55wO1
z664o~>%n`&*@|B-dfAtonC9Se`OkDV8}cEIpYDd+t2OF_ISK6dVK@gqEWPXx7sK5<
zZ8#Oy4q4muTg+6Qh7JHKMLN=#DwxZ`3;1IKOFG4QK>l&3beNa&XvPzM4;Sd;lprkd
zWgo7OUJ~1L{Iyyh8Ne6pFe7H9nJH$bnK5RS5)m6+OEizC6$|6-tNYXGl9=nMhi?wh
zm}e}lE81+Dniv6Lf<N1Z%^i)S+r=Xa_drn4aH}kR!T~Fbe78KC%h)sF19~dKcWmEp
zH^ccV;);O~jS-h=n;qP<;uiS}cKx$uom3W?T`I3WNbJUH_HrufcdNto!)k{@#yga8
z*4SH;cr)^q>6p*Q+k$-X7as$r(7FV^!!ALol4*E1#O<deqp81x7&zSh)GQu0kF=5(
zM(YM|HpC+s$gBGE;e*qWU<PD^Wz@P=bL*i*z1tyec5tF}lDJi_y~w=%8g$dlm(QLh
z1Hnk@b@h@V!vvV)b0d*2BM+(QlGAb?sf#B0GRlEA$6=Xj)+vF#{~a#<@0OpY&?6sO
zwnjg|`!NY^;dtHIslP3)<9h*?>mD^UnYRr-KGu7oROUM&?coGTF>2m94rO<CIK<s~
z>?LS-YuC!0ShEi1?~~=+Kz(BdO#MNjQQkER$+nGt!xaw~^VJ51xh8)Ywk)D%v40@c
z$HRdDbydmxdYH`p?NwhEtV3baAMYMBg4SKqaH4&RKDAUtCSZ;O6ufcnshJ=&3<uZ!
z#r@K<)LC^tQrU(ll5D{ftWoV{VUk{N9M*)L;OHZZ)93p`|B0eVjY`YeGrrqIyBWU7
z<~^ZzYqV#EX!tWZ8T`OfLPUdC+YzNp@nPu`hDs`dik~M6i^@p=HC2j0XUW5NLMa;=
zxhrssz8=1$u%~$0JoV>q9Lu@)0(d{xgv88Mw274RmMaal9?XZU6|Cl9qDHC5pi>A<
zo#%umhS7lH^Ij*af~Tx<Fcu>{?jH5aStNd+&ZU}m1$D1a$5;Hy=?JF=o6jSq>)j1U
zuq*%EZ+MPIto^#=0xQ4qh&6kSN?;S1g&>})LIU$N$3IsgaHPV{n^q5Rp|dF`>(&GE
zA6#YP315z%67GiT?vI98e({Gvavbl#+j#0;58|XUpWWAG7M99fg;3@kLMf||z$kNx
z@XPU4CsSc5(<+2aa|qc~A%T&ph<|;Wj`q2qqU8DuKP|og*zdgMyAf)e909g8xx@DT
zJW$%|fO^t9pZ|A+DafdIy`qQt|JaPj!>5x`yIj+z^z?Kyvh&JBYc`+I>&pFx`@0_X
z2IKt~7_)gX9QVSYi&IK(;Hu=**q-O@W-D7y(G12<kYF9muxqu1oEb$w8oMVm_Bed&
z3*!hrh`i}wr`zdlV)VKF_ESndf19ty3D^89c%A^*Xd|qKt=$oDI&2#wOdd0s<vN-c
z))tycFbB$Sv0RJ|aNbX(93{QmRy})phF&-ZW62&Zh4g6_AtkYj#}vp%yAVC*<AmNm
zHB+OHXU%YJ+1!t+55*{>@ebu~)+&H5)q|r}SUm|^ZtX#1EXUf;P3~A@6rgU%bEF82
z0zY&o#OE(Tu;%=xLpDdc?vk^LlK~SuO~-VWD==XGSr{Sr<v@2{_Et~&-DCaJz&#l;
zv?lrbA1)v<g3m^R%WNc!4iYD>?Fd{Qy4s3($+b57v>!XP7f%e0(;d@IHv@7dfKRuC
zXeOI9Z}gV4VY~TJKq;;!6(dmGfTOs9S<BgH&`qd0CnXFx)iZ_Q9>ZeXHn?Q~>egJd
zRUvxKcWJ75m*y2bW_7z;bJt08DD=&4s9ndzyUMMlM}rk7(vFS?Lt8Tj<4!15KM)=_
zIT6!u0_h~FGgR__%P@tv^WAuLE;Q=D=90qYiX9ulmy_{<F=}%kJD67&gwCe(Q#keJ
zd-32QzCX&tEJ$&fbsA3gPBdlt(s&E2=yLxQcJ?@2JTz4(6P%~o3rT$OZVHZ#Z){?!
zav58s!PuAFR<C{L|Fl_GT%$^Z$cowgFqt_8S0RTIlu4z`mOjZK=eU=YYhX5$gUL4?
z6l6#b7yK&O=PgI?ffw-%tC6$iOb1`#W!qP_{ZOK(=~tbuWIhKw|G>tXy=5#c$V^~~
z0`0da5~4W4<SBI+w>QXcbHRDdh)>&!FQgzwqP1$2ZJO4A-h4G>3P=9U?6}a`;j+}d
zV@dOie$Q`C-w%B87#LNe9|In$b<qh_U+gBYh54qcM&--2rx?)Y*}${QAMf>oXv^Dg
zz&G24#7Fd0D^y~P74oUxgZo-pQ`|Ft7R`$u1OCVSxB9nc8%ze1rp*|>4=QX_p&qa|
zi@PXlN)BJW3;Gk;MAqluCpw2f1=A7uiQEMgg#AgJ=J)gE6N#|Mg+&8a0|5U44nTK6
zVit#n7J~z<pm7j;(o?V+Ol?W}G+tCP_8L0DJh9Q@oAe1sjwf0<Yt%-vxhg1!lsyq!
z!rjx$R^ol)YA-!6AvwbEFRi_ls&{bq9TC!RWzsQRe+zuNgOjowL7NM&hH@Nkw(tP&
zI4|vmruD@?g3<H=QJ4socS~-gK;t7y+HrKLd={M6?$VIhZ>Y>Zv1F!p)c0v(1Tz17
zTw@B=_K$#5=0b<mM-Z~F2w=-4RV&U%TcdkLGbQ&;q@mhCt!)_rRAY0V;B=Y-;z0BT
zd+naYOFaHqQlkkU8Izm<E97vY+1f0n3>baeG{}V@Z5P_As!iEt8)Y!8kfGv;eDWyh
za`-hSa>pssr{(g=k-;p3f`*nNyl1feGt^4scExv(Yi0RmVGm@~gHKEF`}O>C$i!sG
zf3ES2WQI>i*TZi!g%{HCKIu&&ahaA!U&YfF?H9b;4OV2rV43um`njKeMK(U76~_}8
zBM!7re;v2Kj&ECV7FO;xngA>(_7Ki|Rgm+9xdmdvNGS09rHXrWikw%uAfLNiMs|wT
z3Z_plOlf%qLbK9!2<>~;QJ>+UfIm%{mN2AsY~c^mAsa$qW>J_spOMR}`{TS39u6iP
z<bbbd(np{e2(xv<@0Jz9o4Z(wh2a@}xcSh0O_V0`>zLhT9lsBH%Gf*m##TT~ppo?1
zJ2o%iDihC_SxToAGZw#@rKLh5Fj$ucAU6V~xc1acB-}>5L24cbZmWj|9ZHMg!vn}*
z<4@XmV6sWLQ)4S8z4ZvEO>&rGCHrpZDZU)m-*$sf?(Z@Av;{Ebr&qw<JTRBFi8gw8
z*`q05@{rM|!@j1-V+w?mg68|7bia#;4@cRIE_wIxp}EmjY$@B#C{MB-dQt#jh-yCV
zaBGIMRoaZnna&^FC){O{1?S9ea9u?HvJhitO2gjW%XHlAY7O_fOk0KRC`nqb_!e8+
z#i4ra4af4Z#|pj>rrwN>lQ<~D^%;f1r|IGef$I24$u+f9_yEO(+Qg;qEnX=U%d9=+
z?M*Oq<MUFGCiMhsW*1{AK5!l3n!P-xigK|SqWw~PZ3e7fm=bRgmL;kRE<4ik#=9)h
z75gClKwPUl8VWnJv7XggNRP2YmM&w5<llm-<TBPe2d{RQuIhCu%E5$m@+`xN5ki+t
zCZ*=z4fInd2U2;V;1w)sTW8j9_sAamB<l|3R>WBBl<u}xH0*^k96|@N7c^&AAX(=v
zQcRRLUL}8ByQL@3VXW=iK{&H(S)`^o>O!r}{}yNZe}p&jzAaxH3Rna<8cOqby1^JO
z(#;2W@!;Mm0~p5SRt5<-yuIQL#_L&|VMc61G?JOb@2BgzjnLV>@os5$3`Cw<j$SLS
zk96J#!?{J1N7oF$MJ&FY>4x_u{BC&)LvgZR55MvCi$xS;5dhbPU7Oi5cQGq~9$ims
z!o{2lal4pIn<I|5IXcKm!=ytZ_Xu>ozE8UzXkVBreG3HAK22BX5aCe1jii4jsg%!p
z{N-yi6F~w-3Gnw^tzn{xIPb{xIJ)6f7Ch<QLc*2F@Ivp_!w31v^6xo^u-lGJ>y~vF
z0jg(I&mVB99JR7#|AzgZK((zgzH0D9$?*JQu~~D6D3To}rxZad#(gp++KY<dw50QD
z!*4J{PQznQ&eX^9cLFK*p)?d-9yuAMzD;(wnz}MBw5j@FOrxw=bwi9K;Ee7);i~S<
z%@8M@OuQ04_OsW{32Ob8O#!M8S24A97$?_~dru9#8Z!r;H$$n!EZ>Dm9@~n-5^AN4
z2=lWUj?U6&5y;qSgQ<B=V&Y@dP(_ML=2SK}q^d*x0;`nHfm6N;`Lf`17o)Pm8{Y|>
zIDO}eW_TGp(8*x{2|gvwxG?F0VYkB>MC4<AX+aeppG<etMwja<KZ3nicXoLtcxSU$
z0$iKOmmdDQ^8PAb$lmx7c46ah(blzKw>V}p6NUJKa8<{l(g*okDv_8T_K98@pAoiJ
zep=q<2gl@~kIBLju~hKUPik<jcD~|g$wDF5O~hFODYE*D$0?u2P6O=)dh_g&J;Rg5
zx7fn%WOg86xF0uLWOC+vj2e&CiQ?FvYlb&2cz)39>8e5co>1@p-g|mSp%3xQ4X)ip
z(v$X_jbr1Azei2Ka3(LqHC!)W7)>D6vRpyJJ-45k=m8e~*u1dbfi_<shbT6IZ2s3y
zk(ts6V`YNA-cK4AYhGT%h`G1@>Lgnkb#`(|BFI(5Tt=DpcbS?jlPpcz>g7;Nvq$Zu
zNqfO=nmsD2hj%RbGoO4yO4*r^5>36W9R<8FdxZq#?mM|-CSOmR=ca#eiV|Yc3Tal)
z5*}3RF^8pCUE!kbNP8~hOq1L{<YoQ!SzP6eL$%7gLVP4jr1rR8E-aj0(u4w+px9q*
zpC5>=@>f&xz@eI+N}iq_!y*w!wWW~=h_>{2Zw4-c*b3@_Y?&RVAmwLcWx`iWZOxOU
z0_dS_j$s!1qPDmJjZ~K=HcMFDdKHbfOqk}M3XM_Ea#In@*HGvbS&MohsK~KdLZ;4X
zFY`wlrSh#pWa%P}K!#ov&KAO_ScRnCNu?u_i}ggnA7cln{W^Hgw<IC=f}~}GGAp}M
z17QfHF^Uni(vSAho9z9LbBKKOqC?e#=~KNTF!>SnDvILe5X8(e!99x(Qk;Ghf#eQ6
z&{{5x`T|+3EmA?CA^%VOE4*-#jeVHDTg$9v5EWD6C%eu2V3O~LN>X(=U6pI?gS3<*
zGTjfXm=ll9{(~9s(-MWo+9~0i(<+ImAWTk5-n%qLQzy=7I(X(IhNt<ux!AIqhHYQ!
zhf{9MEd00pZ}{i7`1f0$st&LXt(oTM4DLy^O)qIu3^b2pow6wi2bwbC2fhkwXR|6)
zC$b7^r>Y8SXQ>Km=b;K}2ayVD$Bzn%{_CdBSx1c`G@T<Vk?r(QMs>cbAe^Zx2<NB@
z!r7^Ua9*k)oL_Rp2DM!kUjjK(=7^fxA=BhL_}*pKjbnYSs+&Mez83WM-SIrYJkbXZ
zm+)-?n>n2AgoJA7U&1#oblOSBMpxTI894bXv^6Xk@}5coboUaG-~d)0UG>CyDjUqT
z6XJ+;ho(JQj=*#-F(5}6;DEyb-jmJ|2O&E1see0i1lhF%?AFg7F^XWik=>xfW20CT
z_a3+Ro54tS6DD&BIm-u}oc7>yE!PX4Vq^7OH)B0wzacOdQGuiFy&f=#&5(T)IW89q
zSHlUj-a=<6Sn5-@I_wW@2N@uxHMT<whX*26-=T;xrZ(fpO*?AflZ0MUwYw!wG4Ptf
zN=U(P8^~@(Wa$%|bB7eO8<Lor{gA}6L<svRtea>S_Pab*4dMd!;>#E0*qbHyQzYVI
zx!DWguAV_7{zH;)el!9;k<_iPPsNGJfWL#IaeHS0OgqTY8b?^{V*#~_Rc6<YlY8^k
z!L_AEhTcP)ik<T#5cV1Yv1A8yE~$9HGGy_X*?F)Sd5Kb4|00M_GVM$D16^eB{qQz+
zH2W#lD6rzZD&E6}uY*f{+aV0=*mEy;Sp~jG+6a?8rQTV^0JEsQ9{XYsu$Qu)X$iEY
zM7typ(lU2|%o28h`hLk<<n+lmWoj&jA|4IM7aMLE{~mW7ZD$jNSz}>(acl{C_r5jg
zVOJ&11mk<M9XAG&pSOs~PK_j!&he9hq3|H<>HX%MBLqg3RH(gM8vJfHT^V314Qggc
z<Z3W^oPJBt2J;R_bYxz;A-**gN#9L?Jj@c|1K%F99yCP}g%tLYcjE;XuMA8ac7SS#
zKhBnViFF17{Y6s|u;Hw*KX+qR1Y!pEp2HX(aiWtEY_}XsLP*Ev>}S(!ufy`orn-#G
zMj6}`F#IYr&m;STKgn@yuaGfRY8j?L89ra0AyE=j0dJA1s{1Mx!qsCNjobcsxV&5g
zw)|TJQ;@y>3fI?!aZL=E{^EKz95+51J~j87t3}hHnNyCMX#P9)qa+IQ5zA2Hpl`CK
zTZUf4>k|I^Bdc+1L{=|?`cf*KJuXo|_-UAc$4<i5eDyclzAu_4h~iwHf&Iy^n=eeB
zA}3!D=jIq`xke7MepY~5$+R2RPY%ro?3gW4RwHV1K`VqX7q(i91OQ!-_ceWU=itN)
zv#Jd-fXleAAI_j>BDw5PhLdN@|BUH&v;KB<&t?^6pk8UEZRYIr;XR}wjB?!V($I8w
zBjuwVcj!YFIjv>bZZf{9;A%&F{qaV}NbGf5R5RkOUU22-ZCq$t>vw62C#A!h<-8kn
zpUMif6HnXS*pQaQ8Yj1sajQ+dsWU47RvCe1$Z&K?Mfo)RM>a4y#;5Ighzun1b)%z<
zR!yWSyuYBHw+Q^ar#{PivzQ<`I`@Yffca|5&7O(`2UuaWN(x9;BPEq4PVHor40DAV
zC6^j)tC(B7)O(tkHywE|tNbW{1EHW0LnWcI6KPX130)#Dw=&DMy+>PER`VO?aoT&i
zT~kEyR~hMFxJWy~)CgUQ8B=vhXL|GUMAl9w4v(}+kRE8$3DkFqhGB?Ui!!!e64p;&
z2jTA)n+J|vt-l2UE2oPIlV3YUJK2-lARa1R#Z>%x2UFYhzWGCe;@P)y^#WNOdxE95
z(P*S`CDyR;Ys{^<TS`$WM^?&64PpjD7NSW(!cZ1_!<iO2Kx3da)q1^L8`flq_^mOi
z$dQ&@XZI5uB7LXG!lMde8^VxSkiJIbNlQCqX<<5tV}R9(ldq44DdM|~T{rU_hY=K|
zHqxq#y2`{tK43b$8F8tBVHl27SVu=^;f&r|Z)Y^5yIGNEgg@r9&#H#+KU`jG1brwK
zs<F>%Ow56n)Xifcn!O#I55GFV*X|N8&FJv@755)>H4HYF7feLM1>T1&UtAhq;x+5S
z%qLu|Z}hpnbfI6}2X;ApfHlFRBOP?X@;EC5X41Q5LH}yj6^3<5q(kD%8g_@5N0i(5
z_EdqqvWA)zqQY0EJ+PpAB^zS8;N$rmu|1%jR1ElXita*2Jd6#u#oGwBJ)GG|GGu7W
ziika)Vep*`hcKjcKuidSls?0FS`?~?rHeVVOeCoZP`Zpa@QyBS-V3oaNqfO=Q8G)h
z+jvD3dSdTWK^$Tq>4o$<&2q3q8>-mR(}+EFei31-A(Y+N;AV1a>N+FdbIknYq0zCG
zYjy+7?mBy^De4yWxltraXAyXqHMU`3Ix#J4<`tZ(F1$T{a->awcB)he4zqofM$&_2
zQb9;bm=S%X8BvxdS-?Cf6BT2R_&yGh)e+Hh?8WmfW|f=mXwXyT?8zy^PpODFokZOE
zz~SzY#9G59Sj?W374@OM6sG0tdtndB2nH8RDSkGLvHgS_#`pvzLzWav8;cpjimowp
z3Z)8~ra7O%PEkGh*uhjJ35n_$v4-xF%L!c;MxFF3dGeAy8q0h)l3tYxampqmBVQKU
zb7WNZzjj(*Tr2{R-~?0B-`H;I+MPpTIVn~(jIYB<4~JRbSf=ziU$r%7dZz+C*?~Z6
zt_|LI!@Ym>Yumq+r|tdrsHGSm8pI{%_y|Y|tPt>FA$3aR^!ojf+!`sWy)q$@E}?Yc
zHMQi+P82V<X`Fr^uF+TL5LTlS2@C4kETNh}5<E}9PMs1t3gA6ywM`+VxjW=kQ|sGK
zh}cthUnxDaG(r&{?mMlf<z|}$%MxD2W}6wuJ?~_iwMjX}>%SMw%-tFzof9yJ?@+2H
zO}XxrPX-R?HNO+;V?PC^_9#8y4M!@-LZr5dA=3@sa&@vIAd#C#^|v-dga<+xU8ak?
zp!KhvpdFHhXj{(q&Ed5!cLIhR?k{SZeAZSUO%F}xE-AJtyV1JoJQ7Y1b~4+ccr@Pd
zs98LH$MM!KEneFtQoNm{9__k)+R1N+GOvR@&Fy+s6UlmqQmjZdnbmPq$VIv?(Z7;9
z$}P4;`_u;(#4wU!U$>iW%<TIC?Os$)Ga^$TZzy&BR;GzAifuYQzc=~y_G+*nB}%g&
z@Kp6&J3nq>HilJGg$4v89`+fUo02utcWG-IlWGc9MHf0rsLPg*vcm%x>Sn`5%j6W1
zBxk$DFN?-KBEjXS;TmwPofgMvaNO%<wYf*kAcC={DG~g!r{(g^-K!IErQ&y9nOS)6
zoR{7-2wX73%nN|jn5f&@ieh3JwooMw-&R4+IJ>ymt_tB~goT9nZ6TT^5t7qFv1n0|
zv?#$9#PVd!jBTHio0Rcz1}A8IpMfWn|FSFdC<xmffLkUOLijhwFpq%iaR9QN5_ib4
zNDHtzCcv=13pMAaaWWD=n@*Uk7ZZfPJHg|B3zQVvl&zkXTP9CTkLDDKoBoLxsk{BY
zW!nm|!g(B|1m>$K^3WbAhq3#tFbv&3*#^v`uBQH+56}Uq`yAz?Iib4|QaBz1-x2(N
zI*<%o)p}C~h)h}qvvVwnxccl*1l1|K@*6l#i^v(ee+laD2li6#<i!@I&RXA6zx}YC
z`xy;;-E;?k?1WO7TrldNVLH!CD;a`qFD)};O$rK!;VX3^^|5kWG+xofA;u)LT;rYS
z`u6DOw*zjs6@O^oRuN7eiuXl2!W5Gd(sWaFV){;h8?HTr=LD$!C(lSh?EP%ynM=%^
zSNr!8;O2h?|GW$(Wg$saiCnP|SWl%4?a;8v9zPC-`Gwy63|*R7Lt<Rk^uczq9BnXK
zwE(sx^QA*!ho|Tg5LT#dKr6hDl7)LyEg9Vwqtjm`TigduBPbhrG2nrVeFsiv336#S
zM!cH7+D8xekGSA>%L22pJZ;cDEj%j11KeS)9hue$gTD&uo4DMyyHk|~sfjyt>Ty8C
zygJ#v1_4TsXc`S9DoC4YdD8-GDkN=?bbV}47zM)ATtTV5;oL9>oT7RpDP+DEcV<zM
zM;?lGF^b}Q;*B`CWoLLLh3a+N)<`fYjoJ4M^im_O)Alb@&{>mO{y*rNkWB#@6)TS=
zXFe@^tPPinIF*H=OZ=xBAQrt_$qKhYz1@5Z=o|}N>A{>ro~%@DdpcZ~D5t1=nhIwr
znb)*;NE<yi^WA89y8P<c&Hb3Wm2@torwzUV8pdZQ2Bt$J=1@2X8lXMB#~Io~r#}q{
zMH0<xazy5*iP4p<b*y3MbEj(lXs*^&>RB>t3&Y06M_iR|=0S+wSf$hh7RFFOKbBFo
zbxw0bD;u&-Kn$FeG7CeDpaswXH$^(ZCKgvg8@7x_W#1s{*IhDM?vj|1BMpHUE?{U+
zzj0*9GHR#(e4sgU39#L=z#t|R>!}2iEP-Y(d~OC{mS|Ey6-QT?)|Rpea#KnbsJ2zJ
z<Pcr?lVT04!szH2A5@BH^L)aQykQ;)M-idoF&%y|FNX=H+u3hgB-M}CxE)%`RP)Uq
zk*UWs-wR2*g-%VnIqsziMNOA(OOP&Bt`ZMB7)|q@0kH70X9zOufGsQ*vZxWhuldqb
zV1aeFOtsARv@RMlvbk<Eh>u@o)TxGbO2M~jp87dxxC*M;&&Q`ldI=YjW-@0Kx1KZb
zbF+cnTQxW*ac<M7sIly+oMIQdbc!)Bwyh1q+Bdm@oiAETsLE@)PzHBmyd7nItT60@
zQvmEXC)@wA)*8;(w3g&7XwC-8azRI6qJ)R2yw*o)#L*@1sXV$p#^9EDEfKkILB%|2
z+h#tRIifPZ!>pFo!3i-}b!e#1_|Q?$T6$OeB}^HFO4LHft{yd5VLAoGaUV}Qs}Y4>
zu((AS>`MYKCQ}_7_B1E!=2petau#g7MEZ`s?O-8_O)Cz@2Fu7?i#6Oh`H^ODNH4qH
zGJTPblMeR$<Cm{*-)Mn>##9{;E(7?SXQu7H-Aq7nCh~D|e<1j5dCx|3x!#R)`S){`
zM<=;g+9cC-apc*~2dx)F!D6(excIUe8;C;Bo(l6V3_B9V5kaTKG}fKM>7)uH59c4v
zqB$pl^ONnA;aak4d{Tue`;gdJT)u`H4bh7Q@vXw_FiP@Em<>)F>|LC~bWmYBo~xZ$
zBe#1Vfsf$pB^%dFP(gBLpKz^We6~?ygleUrqm1<4b^ZyxTaq74ayy*mJZLC`X`)P{
zbplRLYFw!SEfB?#OQGnmoU)woGg3Lmmtz<cnUXM{=Y_2k5Cyk`Nu2;1`@1PR5$VAW
zK4zaHO{Ep2&fYqx1l2Ft2_jYM&`$h);%AnmTw}WY<Q^8m2=sVC$k2$o^~%r4{XU#J
z=`8JtuuNyVZ`nCVfE|7CwYC%B=2aM!yq{x7GW}{fqerh%8!R<pPr@O7{MGGTpAkkV
z_IzNx!`VaWo>WGna(M$cHqs`-BbZR3OOj89I*J?scPY*SY$A&phmXz3({tQ(QU7i?
z&F!6wCOwiA{ap%HHyo#`<HS2T0;HM@5mfx~%iCkxJ)MwZhp&((j+zC!5lzDdHd>=+
zX?wN?*XG+1mPEP<M33KW9k{x8c&(@cu`M%;GHLL?eeSoSsW}}oRi;SVOMhZLcN<ZI
zc;(4@j+BR>W^E)TL{^=G6NtpdNPloTryU-@zTm<b<;i{I#~DtLynuadhi@Vvc_GX3
z@Isd11epV;pnf>RjylIkkYXe_J21;B@EH^^VmkhQ`ti*#LAYy%0rhe865t=340?i;
zT3>LJTwVncX>mZzY611-eJfy9xI{HARfF$WYa*T456~?tO2ji}=)i0iNeHjAJeW}<
z*i_N?sM`|$!agoz2<u)dR3hI0V!Rk}FJ|wDoT~}!X8K>GV@*Oo!wE+SdwnmkyqpF6
zdD%QQ%Zy<PDxv1BwjwFN!W1S7cQnBw29`R%B8iWD^UDtvB{g?NQnOX4H(f=*saJ)0
z^Fd2*%}_r>cMII_WGub%)AZqyO^DT;^fd~XiWPDd_>K`6Q5#Re{6DbIZ>F!oRi9G6
z^-O+hka%JPOjC_bP_Pc+D1<NnFVTXBdX)MO=>rs#V<Id8L_C8`fD>y-%!RWRX^>br
zKkb|^0tnx`3(!Y=$zi*p<Pts3L<b}~i@cL}RmvVW2g3t+JSD;|8^b;7ILRldEIJK(
zklsf-jKRFc!B@^hW6-YN%!tJT#<fWvGs%@bN(a-X+Q>Fl!BQGxi^AuG%`+rkGsn)0
zx=~tq7+d>uIMXg-{MHjNRtmz&St$%Et(YZx&-#BbV0@Tb1aSGCSPyLdg>f3mLUeLe
z%kda**haAWrQJJRd5|eUt`vu{BQ1=*Y$WqLY+nc0gkhl3%+#gAG2A{Q8w-PhZ^j9s
ziHyjCkH14ZRhl!sY&~qA0QJY!dg^b8rxiOVN#&r<9*Z-<Ys!)EyxX-<#CseHHn2&6
zI)M3lx-hZ?ngugU4O>4o>dj0eW8O=ZFk8!P`cx!HH3a(@2M|^|pbj>VY!(i7x}1DN
zn3dB?%V3C92nJl7$zZQFxEU8%%_Hd&hDCaDHIypqyn^Zf6j^C~yV*>xOz>lQAdg|&
z*&#7Kk2x)jy&Fn6y+`NN3q}o$YK7U3WaAzbw;!#&gTb4foM7!M3Bq(UXZYu&@Pz5)
zqfIs%gZP@MsNq7rCZXCWsbU{dlf<5Oa<x6Uy;HJ4HJBl3;>!eFv?Mj1MPLYX1jF@q
zMtEwz*^?@)9n!?D8E&vq8^z?S;S@S=r~6kt*rU%|gxgA}5Qm1L(P5_S-LeJNQ*uD|
zuRt{6N>BDT?w-L8=OnNVAUoDmibq!3p*Vz|v0MhpS<<CQWBsTP^G;9to`MY60r;M;
z=R)=#9i%jSthjlmk(n0aX_GlS+!x(Jm`?|MkyWclBRRQlo;qUIzeTjHV{@Er`3r9)
zbvpKnk%HZ#LyX$$wXH<lB><lwg<u15tq)orYWT=K9`hK2tUa<F&%z#Jy3*vn7i^<0
zdpV3km8^ommsZl(uX9+{R^c7ffQdNP<{Cw88vN1<o#jGrf`l5ke9{=aa|7DAr!!%X
zX*o1+DT*!4V?IBWsoG@v`S<o6Osyh9O5lBvY$l+2Ji<e9pM;EEt?Bg2t&%difFF?$
zuM)w9m&v}k(Aig*kk*vBo|nmsON_MJs(N@ouu$|VZP}aUqS+EtP}S$klp{ll=A-<}
zJqpvQ{JfMX^8%{%UvTBXY*dKS-sJpNHKJE)nnhWJ&LhW>TZbJ|p7nO=538$%3%#o3
zF8M1N((t<^7YCLod?^Ld0La<h$tb#@snt<e6ry)xhcwzOoLXYFInQhSJ!x1WQ_?|$
zq+c=BP2HV2KrMAJfO2zn!@;1?bRhp=`-Yg3LzgI)WD>4dYe|>9{M&cJ*-Pccp`>E>
zpU*89s^T6XTcO!w>vgRv5HJj)8PO+P@wnzw%3nCeh=eA0(ITg0D&k<o0!FI0@W<2;
zC4xuLr&;YbjDiG_vaty?Op{UOaEx-g-E6qWSBWK?*b$T9x5z?v#V0{OMb+5Ay*qbf
zQ7ip4BS+r7(CLvmjU{2Y!SYd!P}}LU+;01}ut<j+Ym9+JTMq{#QBm2PV8Hq^MLEqe
zPbB)yKjeM=sKD*!{%4)ex_(>>T@PQba8XwXoRO_CpGhjhImY2nGTG7!P|?jncZHL0
z7elU55s+?F*s8o9nHkbWg{{1RH~G-u@9f5qspt%$%VjD8_8o@lL=N+^dEe=s)d)qd
zgE-#g*)hl#?`TzD-P3-=u7Zv22#Q(>$a7HskW+XfXt~I-@KNl$8NSs5viXGHoUby4
zew~hW0yI<jFgtiUds9cqu)g1nz=f@++y&6CXv28<2>0aU!axk1#Vz4^GgwGSl1E6{
z;DYY8`vvl~(P4~!jOMlo8f=)+>mIG#f}{`l+>f5I-!PIs<sA}xSshMGG4N$T?^|RT
zx46NV!`M#RJ#7IWvDK@vXku4_QyJJa`-ROpn;E1z3f3gB_nQO!Sh;tAow$zz1FW>7
z&>?1UZq#SFTF4PE77p|ECJ@z<1tUk#(R4scx@{xSBL&f9MCHThoQ3PXJ0#kqjzO*0
z%*#1@MwHzeV%$bS=;|PAj-=Sk*_MX(tWoDOjrA%6#cWY_X?M$AippQDAwFAIxkv<B
zhtrm-8_p1GDpfwoPWkJA>SSA}D!U1-UnD)OUYWkenx<m^cAWX+I>`9$gCQ#W!2s>j
zv^X;@)H&H+`vCoR(oXAm%9n#oHA$0cji1d|HL4V>O*Kgkf6Zb2nl|4hFf4aTI^bWY
zQ9hD2)HFV%4sPsn+p=Er9o7-q{$vyXnojzin0if@-N=Tgd*mIyMBiVXd6Z^P3KU+J
z_UXQ->|~Mlsx@(Erj*OU<jbm_K@kOZP`Et1xx+0lF<O{RCz>^|jR+_WQcSe%yHhAv
zbPp=8=zDI`U7YDBIb7U`seGXH>RrKPLmvSyuc#79DN_<v7#8Izz`uTEn{o_?9@bp$
zC07^}+3{&S)sJd49rcw9`{b%R<Ll<(Y_p!>D#AJ~)5mopw9ms8w{loZa9WcmyN0H>
z=|88h*M%H14Knx2%xXaLvFwnKMXgJAR>O(j^*cnA>+JhZ*UJ|(ob#A2Om;ZEG4fbT
z8xaPlPU6&!tWOhSRzZQ;2WE#c*hq#`5RW(CC78*w)gq>Ek2m8y`;DweV8tXD57^de
zwwbNBfIrmu!7dk*$wW|~IZBsvAnZ~TT{qK+@sTgP_(XCGWjddj#BBZhO!+dxt7bQq
z1m&5AMgk{IBj)niY>wNK=>yr@=ol_c9f?)4KeeqxB+h61j7HIzuw^S!D)BBI_U%AS
zXPa;315;-hJ5DhnoM@pjxuHi%A6@p?QH2#BAQh1&I21Qcak_XR@$UYH?D3<@q_0B>
zbus#_=_R@(_87R5*`cjhHGzRuqvPrw4!7126#DYlEw+Zexj(W&ja&2O<*TPV!_7r{
zAxR#Ttgto7I-5(wVP2tS43CgGSpAM{EetGZi4r82QUx>JGP{QG<^unPTrLjnmsshW
zLx726oBWpZX0*kvwvLtCn$!uTgncPCN^}}&hvFGXab05VOaLW-I{h|nWu97SupwqF
zbSHz%LcZe4D1AVMLTOHi4+YN&*C=+mtKg{wxm6V2UFVHdQzam!k<{`xm|k|Q`+-S9
zWwN#XVAOPDF0avUw*&^0?MkddwoY9a-1<D^HFD{uHZP&pleN>g66B-7O2qky;a7v&
z5}qo?H_vWuvmc-%NjBY;ptDc6Ho0gkU#RRZhI4ZTTxbu>bjE8jxC%ABQ<>lwvjl|s
zu+cZT=ah9;2_5Fa$2c967D*RZ0pn^W`7J-;YBr(gY~uo)I;FLJp#`EIv}YXYF?fQ1
zoG@YZML4JxlFdOZ$mUCf*iLE5F?hPL2OfUdsT$}Gl6&lVTaG6iDVQRIH8fS=_zDfC
zT7!{@qv?Y^^PAZ{PA6L?kV+VFj-3A2EfaihgRUXHhfQ)U-N%FZv6Iat+g9aH7J1Qe
zs!HV$4pULRMOr(>*hyDW{<b2i`%P(l%0#7k>)fU+TTUEmiQ&-oN9=4$a7N~dN|>>0
zF0m>xX*)+?RWiVIG;xHt+P*hX6-l}?oApv0Qfd-RC`tH~VT&^bvDz#$$m3B;6J$63
z77is|-D~^Wq1w<7i`g8N&ST^0$y6GB>L&Y*oVuu_L>|De)!(r+EeG%5L|+v<q?OC;
zJY28CuLL~Ob7U$ClcNWZ62MIfC4n3u7EI&qJ$}77Bh@}SS%YhbL<^R1WLXhYZ$k;{
z$q-CBfDzNMeF|cTq8%d}X*nHHVzrfH^JxIuk6k3kswG*M0uSxpqjLn91)B<;fJUgo
z^d|MChutG8Dj3{#(8Z&N4BI1We#-efz_RB+_Wos#e4Xa6i3mc(t$UDIaEJ63holJB
z$3Oh)0Iv9$RUKAp#<WI#roET_5?}0^J1aaEHc+@YNtiLJ@<&OgI~%Hjx-5dm(mQ_L
z1ZHJ!*+@y|^bC6^sXmA107uw|@L+z?(d`~`9PLA~^3rI_c35fn5l{XAdz|^W#@FM=
zqcd6J3%$cxWre!C$`Xq6$13y=_m4G-1IP-!Hs6*x?KPHDRp=c)A!`&bkQJ&@-IP*Y
zo9D}%mE3Dqp(=BQs>~HC@0B%56>5|!)F@S`QM_1IsA^QB=3+CKN)@a_vHPk})i<Nb
z<7P=~9yc>;6+Es`s!*epxkf2upnv@0iRNLk;X4iM+>05m;P6c15zG-2hP5Z@-Zq(~
zOgs$t$!SAhQ5n&~uI?+EDYz<}IL3&;0j|X;RY5*>E5f3@@C2igg^aoV{Y;?=gh9i!
z$H``36kyUurUK*r)4_DgHxuk+frsgh_~NtHIKwYzPQ2Pl8@QElFt+&kinAvsRj<FI
z9JpWqzgDdO`c(t!ssl5#nwX%v|JyD0=+^oMXr(p4?vpc!w)%ZK**wxruv{oKi4QHq
z@K{b%%dsG*2nl3q4icr9I-GBXvJh|bce-jR<7WJnvMPuzu||gTF0t8PjL~OOGJ1!d
zv4h%b8<by%%Ek!6PbU=5qE1H~p|dd-$GJKe!Sv19ehSgNXHise+YTB=qu6OyEW9`;
zfUg#BsF-mJjWf^77j0<@N$YpPU=ZsJ3c@^H5Vu?@IIr*PR<91_%5F0(q*2aTJ&j@O
zbiPGvOGzdE=L!$MLG^1Uf8N^7g~YU2N`<~~X^4GQTIwItQjZ5S3t>fb?U-R|UUrNI
zkGbxZquzQWweiS^mJGn$JpkU~vLB<XVa-g(Ft4|PYJaa`iszlyrB&F{n!_SbIpW|Q
z^gAw4mZ)&SUJ95hKKyDS<*G$4_ArXAjJA_8RApgR%`n41p?m=eR4kVRB#Q6;6Gl}N
zh$$p8V$-H15}`Ykr+DL@QOcRQH+$9fjP~jx+?lDa|6>xBxK4(RtNTk+9w;qzm55au
z`KTZ7Qb5St1ZFq%anK$TV*}$R0P(ndRT>~pFqXoCY@|BTd&Oa!-7EszKBY7G*?t*)
zTbOjFe&k0O1MqZV=ojN`GMX?|t&dAXi+>?i?A7{W$nDg4^7h@kg?wTfsR)d1$U4%|
zmk(RzYW_HScf;)o_Z|KIdC2>jg|J(iPuH+PI5RO~L{NBQ%xjn#6=O0MuM+G-v!+C(
z5?}-K_1%J01|Auh4BBrxn7H8IJCrV_@J_HH-y0~!y8@?+P;uu|M8G;h<mZO8R@hRL
zqsxDTQrN5%U&8?WiGOv8By?l6v-e2m6NE*R>rg$4cwj{k2dt+y^6Cv5UIurzQRAbL
zq^kGrh#Pi#-?;IdSL)|XKiZDyInoa&yvBOMi!Ke|22tT(8K@S?A43c!gq~vZXJk#L
z0vJK}C^hxFnXfEJ*ZTAp_N!@47_wh`U~i}=bCDif{Y;<r`=TEP6iv}!drG10_n&_R
zpHKN2Ecu!0XQ`j0Nj_QQD;q~hOw3S8tjDOO^!Kut`!Jl{?|<%gg5+#HzegP&rd_&e
z!Hv9J`N5KZv7}A^;HTlA563o_aw+$5v3%i1DZI+ADN7Mw|6AAx7Eba!5apl!95ocU
z(aDAcVpyLEMOg8_Hzut%7j5};{sX-G6^iCk-sSpoL%$8jw2{1p>!DGg=Ttv){UFC<
zQ)j3@SeYTybMeq}3qj+AT!tJmnSD#JCZ~FWW4$xd%zicg6hXDTdLd8#*Z1QekB)vA
z9KAl~=k4pkgOOhU_`~4M>z|Gtee>fn&K5HIqe6dXCsBnK)Iu#g%jy{3-gEby^|IsF
zKm0skzfisG?a>c`+RF;++5PzDZS}IFj9S?}JMOqHW#^@Jf`VFhmcSz0%L;0R{psz`
z<TU4B#tX<Gn9*l?m@R`FyJBJkZe9T_0&{|%x*?P~Ac3+Q`}vmZPw<(T=*Z44iD?GE
z0%lXWQM5kcY_~mG#s#L4A7~b~1upR(A5LI%Pa~#IX-x_!0AaTt`U>(9Wf3%|W8Y!o
z;&fP9^lWw2iJea!Q@Kt66RjII_ZLd7kyVKRMJiSZOqjR;6-}apYqwzr(^Oz$CQQb{
zvKeYej@${s?5CSCg%Y9C^MAslhskJ7s9^$>cQc|;K6}zCy$%0+pLDP=*XzZ@tMm1U
zhNFFNuYZ31+A(qA8AC@|kiLPxc)YpAo+tw~32TDd8}+E!HdJW#9iy=StoYe0(&>2h
z@QOBK4q|8VptY@g_E0ORg`07s!i6CTF~dRKoe~zRJp@}1J$M=o3ta`RyGuEnWT4!)
z;>2=cp0u3Aq#l9t%AokHbo^q8qK9fGDGO_$;TW4`7}Eq6VD5){K!W2>UYk-;KG{78
zg|n$J;-moO9;4R080NJ2B@itC1bV`e(J-+3Sj90+Q#4kHaGoIwZ|M?No!}P^J}H{B
z`6&w@>ss1G8S?+fFUVFFw4Q#jRllJU^yt{0;MlGw67E6_L_d~4DI+8<tV<26q-0WH
zF?ZdOsAs#W{FRh5#ZMq_^~os_(p$S!e`}Yv>+QtGQ|<ml6)w(D!pQlR>jl*w{oAXf
z*GI>1CtM$4J6oFVm<uBuCiJJDkKRsxNCeH1KP9Bq#}YB`M&krhodjYLCE0dDwX91E
zknp}Sc)r_7v{ht?#@0Ch-o0D_4`LsHc7mf$YZ;<)p^0_|x@zF5VCOd{@9wz90$<~U
zQN*AYzx?#e+sP5%hdGFH-o;GuGwI9SI}SHSxQ25^RLzWRmfkt$+9Ff+CD^2xDXMBl
zu7(Xq^&)RZH?t+SJ(;rYq8d1UH)y2L_w3~s7ke^e69NZ}yIU&1S+1~twR_m?6Bpkb
zCkJfv?PK0$!n<_w#=A7tT&fA>)5&0uC^2;>*4%p22G!&vH+D`m0cwI^BKmkO<~-r|
zOS9lskgrE6KyPQ550N?$W*fY=;51A@uo_J9;z&nm{a(e+OgS)2e7_%FGOP71QHr5m
zqSytJrh`h97x%Gg_0VDLTiJ6efA@DBhqik3<9aY3+6gY*grT#O7ERT<lCK`6q5m_?
z%9>%MRUW~bT^$Rb$V{m;jF!8%vi%m)4?A$dT1_-{zx^Qs-SRl2=%1M8?MP4m<j06Z
zZUx~GTn?yWf5B$BM6WQ_g*4epyb5|33BKI)17e6v$^grRSkFt(%ei%M^;i=^k`ghv
zm(E2>fs5-l!=aNlWuosOLR}4JpPQ63tZor-fjzXpQgV_2UHq02ToADiO41f2GpFfL
zsx}GJfs(pQP|Nt}ux=8Xyg*cBQz9Y~OK((rxaXXbZ}#mFB=xeKAbE8-mSZnCZ8%UH
zFur2o*4TWt#y+K(=!%`}u2_Q12s|8+bLm7^MNk>@QnRp+Oq@Rq1e0?wQ`K6h^HmV3
zVnHU``O5F2q7jBCZNz!cw;e8<GVMb4?Gks)n@l?=c}7$+_l(ma#bJg_i@ftGh8&>u
ze9IgFj8d?4b#PL4@V1U@fz}iHAg?eMBC_EwQ|kX#)6|DG&SelaN*mSaXh~xXaZ(^r
zXzK2DLDZx<BnGu)qaM}7q;*kF?K6zfQH}V8_Z}B7a1AcPtO~e342W0##;pV}Xqkc=
z6mymnF=+4BQ%%fUohGLFC0>aHur{YD7!4kT7aU{gsa4HPhJY8GxodCnGN*v%D=vZr
z#Jqma!2+R3gWK$z4<SK5<<M)9>e+dRaJzt}xhIncv_jH4W2&yJfH#g<jg730jRAXH
z{F%!}wXp~Rp@CO$A+p>#$53NwyE42!1%lI#mjL&&)24vcjA@9Yg)IqLTrnFF_|E`d
zn4^xi)i7Ho=hP8rU>Jo_rhad?b8ezReq=xG;E@GEcTDt7Irzdu<M?8=3`mosV;E^<
z(Ds;4=3_=<BOASlcI~W|V-n1E2y>^)HEP7iFhwVBIItQ7v`#WlcT6rz9BQmg{)M8P
z=WI&vf!n26BL(6{tO*dAZ9p@5c*UiWM`5q<9H4GZm~ll)pbWi6ncyn|AAIPA29rnR
zXKg{6@g#=<*HI0%-O)u$fI+u{9v^%2b9Rl^q7qMPPt%)csLiB@dk<67TO<Mb+`gtZ
zqjs)7HHx;V20SK!%_f{`gAk5)A;q%Iks)?;(x5L~Ahz%r{>HF^wZLM2V<>Kcv*nEu
z9*1>orS~q;#A*@VqZrEW#Einni>+slU<ykMP-+d|;2VuL-obtPvmgYn_OuKT%{j7e
zSpO2nm;97q3KBypQC2C9j$9{B*K={pEuVvog28EnoCQyka++@>2G9<LR}em&S+Lb+
z?Jx&nGmR~z&bvL*vS~25^u=(T#Yz%mFw7<fg%9|Mx#fHM&lU^`zijg?_}m<8+Hi8|
zwAs7#bYKUk=oaO6>Q9ZCZ2qEsoCsNOX5#3AWs4xcQNuF2oQ~Jac6qO3(a#)&qF0Pw
zNm??^DxM--Ek~UI%RE!qY4{NU%Zzg6ka5aDxxvEwMIaW9CaExm`v8L>PuX+{KH#e0
z1ey&Ad^`7v&=nh97a}(-J+$8TWYb}OS$etp$p1`arR_NpV^DCdq74gOTWDmrx3i08
z(%p{(+iOY;>j0)Fn*jIbbfz<(Ce$1_pl0&m9G$n6p%T64Fg2A?HzQ8E5qX9G7(K6-
zFUO`lw=v=nv-7|qBs>8OUZi1{fgk&-FEFh~Z%wl(Rf(hS?ATYpe~aMUf@1vK$>Hb7
zpuFO6xGfytPtF&27dffh15}j))S3hnEMrHF@G7pprF)%MO2p?~!lZ;bQ{h&K%%qVG
zlCtVG0j`GMW{7$-mLQcx;s|swUg;Eo?4e0;TR_G>JNFb2-r*uw_wJ+#GYInJ6d+77
zHR19^CU*wkCef`WBMy11D1lvms}RrHRFV<w6v;+|z_Cmd*aR9fl)%`DjvMhgf%n@A
znbwFF--x8XLyxVo8WeS5m%@@<h1<3@;@ZwV;8pt+kloFqxi|0))^Z8f?G!;?Bp@_8
zSQg0GAVT>h0^$@-K!3;cak365-1vDz1&xKkENpF89W>;Ox|A}o<X-~O;y7GQXj88x
zCgXHe#J<gtb)=nkm8XvgRtv(T2PS<$g=sY_=%Roo1t{nk#c{z#IXh*J%ZikHv{XgW
z79d_tr(ucyAm1WEq2qQa)XEJgB8JOW196U-12jxP#%sB~M1+zQL+s^v%9=iraY)dy
z6=9Ak`1Cmf&<F%X$pRXW+zc_$Sr<jSL*@fHCT3a4acWErQo=BiznDli9&y17LV*kN
zl;ap@I`di@YZ|a5;&GK1f_Qk&f^d(Q+~m}R`)KJzV>*0JFuNwYcQDNa`XPnUweddH
zMBJ@4cia?y-VQT~;%8WK86F)xjfIrO#Py;%4mHj&6CJEK*72Fbpx&eLMtW+GjAXf+
zwoR`@^wMf!l6$T7#zD5$r?3*X%$?&{Tb#B%CibhET<eO?tNYXGnox#MK@`fmkONr<
zGF-7YCMn>iYo(XW(T|L2-*2cJ3>g~VJ*>jX(KMO7YqdTH{Rn01nwj2qG(}omqF920
zdWtFj6l2CgMm3#UB`=?*?1J^ff6IE``#2}Bv=+pQbGgcyRTT9%UZIu>#bH8*Kd#A&
zw)ny`+GLnuzmHI>rzq|<Az`$aQS+sx#IU2|J$i6oiDjztlLcHZ?RK^y?slq8=<Cbj
zf6;~NN>t>w(#h$u<liRzTMTxNUcY|Q_3{~3F}ZHc4~+}R$_?PlZ=$sP;{xOANm?4T
zGS^Q%Tu-zco=Sc9(hQ$^oKACq5$eFk=;AcTDFJ|Rw);BGPqU$NW#*lYM3G0%j3{I7
zF;8LB0?N4L{#yxIAjHLl35OF*LH8*ErFi|?mb~7tTg-RF$2p3=EyjZ5$pqsw`*UXf
zo;-^3=`8t1kiy-OR+VS^!xjMv$o0{&EZdxVakfV^e-v*b3afsJ?Cg^&ZK{Y8kaCd-
z3RPbTC@-z4IS1*-O~A|)my5(l$_l&}!WKE3GGS4YuDQIEX;bgv!^!Oj7<GXhgLUY=
zW|gtSux$=7b2#8!Y9fm1b(s0o0pDcivO3Y-gyQAFQOqYCXr~Vj#CNYfh!Y+&^kt!O
z<5bVwb90J}Nn1=jtP+vSB`x6uX(AkATx?ek>Jpf>gVa@9k}&gknz&Et#+(Cj8Us!2
zh$F*|Kl`wZ4l&<K%;E?wBq^06lNw<nDIrab5RI0UWtu1Rh1_9rC?;lSadZkdD{?3m
zuT_)5$m%VEtK%FWhgm`di?<C>d`o~PUAcZ)Pd_%y0u4X<_Bba6ll|1g-eS6VVqslB
z^)#9}LW(?~H+pzU;GEl>G#Tpw3)eRN>*pVI(gR*(jn`y4#xM&r$i6#+5HukFHjw59
zL<&X1SXH$|;pfarD`7}7Ioe=^wt$?~(79zKPo&j=ap=V#k(o*r8CtwTep{124Nh<-
zhm?S}SaP!mb>g4ZpP7rD23$UsG+thyUZ&?vKMWu}VC=Ncv8`<x3yh#M7I1mw@69u$
z7RFgp3eb{Kq4-QnA>#xL=wPzo5HXoDL(SQq^_sD~%S>BoUo+A3=EL5NBoVNud;jj3
z-T$}1`W39i#?KFD6&0Qyt!_<ufYmd<FOsBGF}cU}aKLK0vcY>e)LhjZ4pL{SgAToI
zRVtx^!%nDGya6O13xdlo0%<)`|2G5#4l>JSSgR7<oN@JeM(QsRfp@0sg={=^3t3I}
zN$Nnr<*&c7YuSyC84AnGP989Wb(VzYx7z(%9xj<{)Lk=q?A~oIPq1x)5<>LxV?tKG
z?ZR+KcK6(7%fzMLwstg8oUt?xvC2E(yODDVZHOvU7z1d(<abO;(F;_5c)FiyesFn`
z+<r)@htaf?`J{D+N0&a952_N!lNJ(-eFVaMg?6qNE`Ad_$0t(O)AfqZ_#Ld)j9Z!Y
zi**LAPRnWU1<slE*+c)_42i`FqE2#O;3w-Q5xMTn#D{IB@zMK%MKz@Ag%`a^>+y+X
zGQ)z>?92`{OOT9#!@(r$%o0;o)TKIWPYF$EK4Lx*$NFhFYGyrT7EccOV8LCr(YacQ
zP`DIk?J-dHp$NyaplVo<Le(&}va+9Wisqdzg?=)EvDyqOu@~JK=4!M{5(m|#JgZ6a
zYp#b2UN45fzk;*6+v1mj3d(Ne6Rw4r7#pMq0wjiW$u-l8lT6X?;80G59AsOj_>(2W
zhavlEI_tgT{9f;oMH{9~;QbPnn1i<9a7Bq-H+%szFbfNlbkVTW7%sSZw%~06o9;Em
ztw&(gbnYk)GFmKpmJ#Byw85^>#`6BmspV%=lto8<SqybuRqw7{$@3AyRI?%xi;OV|
zdmRp-@?=0Jw;V!m>|mXsY@ctj#KamP_C^4Gs)uQn1Pm<+%}1MI9*ZAMezc{KA8eOT
z8iWSao_xplq+#tT{XY?{#~C8<<A#s94sfA>7=0+j6L=dt(O0gwdysv>w^xcFM%5x}
zD`1dDX`cbI7MY^!v0(Hpo(GqdRM$~5lOwO=gV`)ak>YEIM5In|MhNg-W~M0h4r!Hg
zb~CJNbiEh=(nHPq_s8jawi1EM72#SJ$bGp&{G}!bN4Fb-e+<-t$ZC{YwWL2edqLL2
zQ35e_NMPSR+a**_60=>3RG(17CfHXRHl;F`4uvQ)qhZuIJn9>2wkeIDvS2D=8LG&L
zz%xahJAoX7jSb<_V_JUZONfHN@}!q|8>&Q!I4y-SA64t9HqR;Q)7fUo_TC1&o(y(9
zviXiNPP5)7nezm0pK?kkmra(1j+kny5@zO{?vsimB%-7pUP{J*7P!IJA`csIZ69Mb
zY0X7p)amg~8Vz)vDH1xq>~CB)J;F6lhN`U&zQJPTg^P8FVLiPzaO{tH9rNsj$sjz5
z)%3&EvlDo&>G)g97)BHJARA7Iyx1o(`J;^{O#1=(%n&T`f;$FE_kfnkw;61SQL{U?
z;TYh!rcmL+ncVoaQS@5Ko(e|lcqQQ|Pe9(*qWSW+nf3VAW;!)&9_`TIJ~g-7u{K#q
zoO^Trzs`DtkMrK(Zmy0A>DgZrhz;k~x&fxmP9rC8CXOTgoY8BFx`+g?7Z6+8fcRbm
zLaLErZk*E@|49V7tye~|2e!#L1&6zZh-}Q3d<;sS7&O@>1lZC3x}GGx1r@`ua;Xrw
zJQz%_?gN{4FgUQF^QorvE&LeTGp-HLZpqu|nsrtJmOx{Z%BT*4KAZr}UP<j5b6CUn
zcPj5iFrJzUQVOPdEmCy9zrs33Th~Nzo6!jMsU)SH>Jqm=%mS~O<QXQ&BiZ|?7<0`w
z4xTcNnIIK1vrJ20$^B0<%2DjpN0sT0$P})QrQ@~QrANLGF%uUG@ogH*QO26oGUl9b
zq~;(=K%cOE(B#_J3C^IMo&Ggl9oLk<YQ(M`X*l*&QkaE(mvq<Q`>Mp~-h^0(Xin<j
zShdtRpN=E|p~I>}nEbvQ#*!edOdXv{*oK?cp_GeOtI=r{q-JqRMzo6^{jj##BmdQ*
zP+1#1_DS!C<O^H%z3&EUPNdIt)u>Mhod}Y*b_mQ19Xz_GL!&U5f*|0+A<?80Lfus*
zdg>6lLsKVp2=t1C7hT%)p@Y)~9bEQG9fBCJ4gqUm?2mk?VrA6{)92x*X#LA#Iqcwn
zMUlEx=P}Z!)k#40?E~8-;zPMZTGnrkZ(cJ?j0*O$0qG{zbwd6LV(X>Vyd%r-b8U0^
zy0HkYFp5Iy<-hdOgOOM}@Z^tKkeSvT()Dx^qxlwrmN6V6j4CgfoHQ-Rv(Cl=<9s2*
zcwP|fjpLKvfarrlJfXa{dhUeot(IZarkz>)>V0|{FU~M8&M+?)+<9@j&Sg+ScHe#=
zN>#4!r&FC2+Rob_2IB-gSSjH&KQ{AyEk*I-+P``QtELU=j;OmUStrW*2fMaiiYe~y
z;hxUk&8;lSolE1SugN0%0&Ja>bVUM5qvRbXi>7Zvocmg`3L~Asr1u*vi|2JF9}C<;
z-VI5v;`alzChSD!>hf;tyM{|yP>kGV^CWwJ7h|R=1cqw|hbid<=96NDdZME`c9m$M
zJ+Ovd*qI`?ijsn-gR`8M*tV?<`zd`sBONS?gv#mq);xL_Vti41^wn-e%%PepGit}z
z&AuB0H=M+EUZQE;)F6eNo6j|ByTPG8N&Z3(WWf6lP{lUvzpULSO`7{s7;A`iMIiGJ
zNPBY(%;K<t%c!`F4vt}538cwC>VQ_X^282r1)`FOiO->mysB^&rSod%dUFNb?y#gU
zKK$7;brVv^(iXdcrAc-}Fx)fC!14}i*Ui~X|GFezb~T;QPJ84oA%<6%=)K*gJ=X1?
z<b9<~I;~a>WA-OcEHZ^CNpgpvhD|FvlAkK(K`I03AU)q~*U3YfGx}Lv#Xxt0BzF5w
z5NqI}6v~Vb+RU-*f-;Z}k!kruWUsIBvWJ4x)iZ~}l+?M2?}h41KTtv{bcoy>h&pbb
zv>zzl5C;jPPfxeACts^djIlZ4EI1X<4*n?6^>CWpV=fVerO~kyEAKu!F|xCRLbd5l
zqT)i*m_P(j2--v!tTbDp@pf;?LZTayGZg$YvYmn{6Drds<dvZl5_4o)Av$4s-RMx2
zdD-KYcTllTyr;SVHV|ji5iW&On`ZCH5;LNZJP_iSd9j&5Rab(~r*njB{Ln7_CtsYI
z0h`GekSYH|A=?OXm2You?t%ibqrxU)jB6<EWNC+>T6PHf1Um$`v`HEC*(Y^^TS+ie
zsBwuV!Z*d#5a%;&RiiX$PvGE;<GWf1&0jB}SrFh_3PQ!JcrHf^!q{$53q+f@!P?)3
z*!#^JZQOOd@;U+b6oZ@y=hD6=B*W*8)@dX2Zdj-=nM@I72V^kPVjbLS>~0}@6AGOa
z>l%@)!S^bL<l#C!ETJDt5bdB*|IT~A9kT$;d(Zxmq#A~rHK>1f&97pKgwevr0GND6
z!t7b1ms8ldB^v?GqP258l5|iC-oY8K9h^Km_`?o9=Xgt%`@9j8qW7q;kd1J}t%sOQ
z4@RR&9Wk(x<U!TSxMG{WlrYnh@-*7e955NTifxwcBhjJzQ{fWqK+=-SV=`#@wYw25
zXJKqVBn8WOmd3FS<;yH|$@_O`W6_k!vzO+&ZMIye_{}kCr?1w9hQzRgqoaw~!~Q~&
zAbt^2$N@ROBa<p{vQo-%aMk8chN8f7qr*eS1w8)Y|7wBc9(j+s4m=(#@UhVvcX>Hn
zNI`gtFr0H#mJ5o6Ke;OiXTx{&g<QwfsJy34n-6F$<^-CU7)@Jmvgi%Q%;543Ph*-a
z$qwa<CiX$kA;JJX2hCIu45Exm#Z0=L)9MVZ#cTD8d{~dlehonbW^J1AEmpITZ*-lY
z(nB%@%o%$l{h+Itp|ks=5iozam!Ym%4CpzL(XEDz9xMGUWaTOkvU-GhD2DHbvU3*I
zgen5IhRI-4tiB!$E<HxL4A+w~>G6+#?)X<9>zhJ|26j6|FUxcAz>l~pJ&QnCg5f)z
z(Du$v5_l)E9X{d9b?!V%>pd(B>jOpdpj>2H<B%EbH_MT%Dtl;Gk<SEZRxF~T!CM)P
z+p6qI**GaK>r2#q5+qxxu=$%!5aVG~ksyskdOYLf6u{?#Qh<r`;+X{YaojJMP*jaD
z-(&0|4;3!M7d_vzOw*&BoD^mYf&hJb^uH0ch{&M!WTp@q-=Ovc3e^zLUs~aQ(#gOz
zN1hDOQ78knWE=2E?``bewlAtoxJ2JI>*_J<^vpne0ATt<0dxH<D3hM|>-i-*BUMFZ
z4n2h_aC;Z?)rLt#!3-U@la);;xE8hP;(R$5g7y6-K&DGkIPS;qj@tUl3;=qJuBQOu
z+As--32-e?{lokz{m{vTk&oUI^HZKQL4&#&clD>+@grLcnncCGG?iKTe$ysW@^HWA
zJ5&_QfQ1yvP(^^jXd$A1aUx>)$4xt2yl_MG0y{^^audcHcF8f2<!n1&^ujC<flz<E
zWUA7SnW<v^1YfzH=tfM<G;s6!!Ul~-m5v%&-QZ;0`Ru+ZMEb8+7droJvF(DBf@;Oi
z3I&}%D?zM1-wAQa&vyd(489YhcLhU!hk$hVW#0?(w|y^^*L^QYO9I<a>QO3%z8ejX
z{4f`q%H>L2El-6`!b4;)&!G?o`yq1r%+CH9K9t<`);O9`h`e%-=I`4h^RhkKrHpGz
zZh8eAK-ZqX1oN_g3H8_hON0w7Ew+s4e~A)|#J|L#7XK28Mam4Tqwm(>0xkBo-O#`q
z+ofjKqiYOo(x_Kg)_C+`O;YF8xblEMy<Km*`Rvg=uRSvP?a_>Lf+_vNG`T|Ki%!qD
z@v5M5@A>`U2j($O2XE0AQ`p_aDl+beFjA&lCfq&Y_CLGPXpH|MmRIY4h)6~MhgjAn
zNr2Yz(%V+Gr<?w-IMH?gS2T6!{}so|#46bp2JV#S-@>CT{}x5%__y#*yO?hmZCY4H
z4!6qT7&~opI8xmrhhwNL9E-w`l0&$i_aC78I}Zf#o&(g!{d|d7UZQs!rgQL>dcVYA
z*#3J2FVVlp(Q=_#;k$29ISveG-x_xc^FPG$68#SmX^Q_LmW>s2God*E?x<59^cHxl
z*b9lVaX3(8;&4cP-&K?6(Q=UXBqm*Pc-R{vXoO4N+<m%D^arM@8dl*GF7CC)%^5)o
z1Ys-Ask%A_d+bBxbn8w^`=#8{l}MBi<2ngO5(OrzM)U4Ah0o1~B4NC_gTG)FowHIU
z-=P3aky-G}Ff8E;hg;SjJdr5R4#gt*2EB^(W$}cQOkMtJd>fzCBs-Edp6})izg%I^
znPRPW3Ci2&{}csjlLSBsr8r#z_3aWkjE-?|mj?HnuX;;4wVizRV*hBgZw`BuPs4BJ
z&0z)aa#g!TiJ32D=56xd9Rfz=IR*v)G-*@(SpnG)H{#Oq;j4>7Qw-{rz*4qEnR`(a
zO585N>)WM`O+c2CtfJ=!&(UGt92wQ9#&r=3zBvexFrr4Uw>sUV-J(mUOGFjc(wZxx
zNKFCvXyrb+^bWe(UuL!}0b_HR$k@+W&qgGDZ<UsT1LYkQdl=LuG8m{M`Nz_sTr<6*
zRqD{pBC)2Bn=A)*NHt19Yn1-3(Q%kVXa~esC;MgYeQ2YSmEc7CJ+C0iv740;UE&B?
z-C?1j^s5oQm~DSC3rtpV*6k_Q`Y@SgsqAo-TN-~|YPyu7OLarqE{*$px5HVN_IcUG
zIkAy<)p}>>vARU7l!**V-Nv0{;;&Qn=9Srsvh)vLK56NyoiO@hhaxc-4VyA+8ML3m
zw9qCi#&^cCi^wpo#~+7O<e|zgW|v$y2PcUS*5)ZUk+4}8Q&my*m7JLEUXG}Z9>=#+
zx>*7`ja2$t;*|<Rw#_!XBA8vdkCz<*gsre@GBg8BmfH#Jw@?lTrq;zh4KpA9Eq!?y
zEP_i{v?Ts#+H%(2v+@bnME{+TPzQ8qxWL%9IK8fO@Oa46Y9hB)b_r@Xi6X^v>b;#0
zC-qAm!P~v2NP^_nx+xPE!wfkdR>!-=1YIKpd)M+lzYVRXXwH5?b%5w(x|%Yk>OlI)
zlw;oseEJUk8!F-jtkHoS8Om<gTEB+FJy^QdlxbCFUHxUVJig&9<5C^$XAtywQ%;)k
zjOEyxmA7apbuYS=7+x!t+I>G1u|^4wIYlwg7}S>L>K=(?BtPE<Q1u_PBBRH%&!;j_
zAv`3as?K6n`G(`8-y`vkP85w8Mmg&jedD>WyQoBCR;iE8cszXK9rJBaZkMxXtW1X!
z?!}vq;TxlPJX%ET?U_ttG8u*^6xhj{|NU$^LeS|x=xk!amI>ua5SBHff}YrUnV#SO
zP9y8Mj~a2Ep=cStpg3I9>m!m&F!o=pWUxAYoK|Kkn~28>m0%HL`ijEQXW4U?6f|{(
zjY~lJ8c|##^ov_Vt!l|42(zp_fy=qCS3%XIixVng;RQm{Sw+)y6S1pt0pnoowb}tO
z1RMZ!LLtRc!X8W(3-7QswifFb+ki}i{nYuMd^}E5XqwH@#IV3xQY-0Fmo)K4tqi^v
z+UtEQmI)`5XB{KTIPK<^wV9&yY*{!AopOY0#D=)0$mkQ(AH;lmWB;na)gcguUygDD
zPydKzQ%ytcWDZ~yt6{rXVwVL3Vc`l<OdYnC|0=!!cq>fE_(bYZ=tU@z-(KZMgg@gL
zRC!;T5er3}6C)PcHH}rsC+i2MjKv1a$E$lZw+~gA>}<at3Xnzktcoaku`R?U-_IO%
z8e`IpqNEVBRHKlpiX0|}ui6r*o?;ZWd}M`KWwRHivGj$itY<o$SkjE)YvgdIP^3Zm
zWS%k#jrwCXyh}~ZrdBO+QOXnqRydi$7oseL%`mi(Ff}ZQH(R!AC;^=PQ|aOq6JxXl
zaSrPcnG}3mhe9ZXREN_MH&t?)XV#RZqU1`k4v}NWke88?Aa)_0qWQN|;@Ans^pR2S
z5+ZkI1=A52b*Z|?yw)|G%}nXkpLXP`kfKy{J<@p8C?%xMDcXWNCURa1mIR;qnCT2n
zk)J0NA5tR0%oc>kD~RS1iM>+MWC^SWWxkZ4Dv{G@DU>KMe0vow5zR_Snz|C-2h9~M
z#67~^LXRYLbfIaRw8TSRt2u>rsDzk}2<IH#)U^umo}Q)flA_6VklFGtCnlKWD>`rT
zrLmIc6rQ&ZaOS$EsOz-!G2zr?=KWogV%k~CI-Z@VtO=8<80~2J71NL98k3f=JnP{`
z;zt}{aNC5LzTC!5EjGueupjL}J-#c-0PfvzhVk;88!;?dJFJ38c65-+i}vZ4=Ld*n
zkxI0iH5ca{%H$yN$NiYfIqK8NIk!z!kpV1dg}P{BaB*^-J*lz~svETPWhRqX*6C(z
zZMWGc={lalkQ<pS4RQfEKxwH1QbuKzR74n~J^K54L`7WK%)NN)yuFS{I;(0gUi-s}
z&tb=jGp+dhE3mi%KY;8<7kfAGm&<?^sNuVUm)LBmiF|k0I~^tsJ_GG&(Hw7JL)j@j
zZi*7vb-$e?{qeXZBgq2sE#7mRE52yXW+9H4K6B#gp;4d0>Aoz?<ILmqURoJsdevED
zj=Q;>uebhuw|u|!P8vRZUSjjI<}wU`0nT)In2?lPss!4L9d3;R+x6zn-BK^Q=E0#h
znOuQ6a{8@<I-OrL((+`A0K_OlRO%!oXaJJB4DsBz^y;Q3e3{3R$(BRc$fE;dE(4MV
zmdD<C11<Zn`s3kJy`aZl3^bXKuP)BGb8O;m!g9bx&DxU5(?<d|CQi<b+WKMs>yL&h
zzyO9HrCMW7L`tUNfNtsVS%Xv}#};Fj@V0`Pj??Xt7B@R`^&DlQM9vz{?CuQKaXSN4
zh-f{-HNoR1Vqt<Tn$(D_S~@<y4fKrjBMFW*yU7cD#Ti*zjNZl^fCw+jMxwqq4QH<?
z6Q(rw#Js_tGK)xYaJXXN${(bPWy7d^pEde`3}G!RD>7A`RNj<PhVK*6P8-^3he)un
zXV+dQ=Y^0;@@>P5Jl9a$V@D8UHKdjn)a*z}jTo8^7XcbYTVT*SWz3Q_NmU|$BHveO
zhkKL|E?Uk?!)QtJ9e>-?beB{aHm&wUS34Pa1#W7IO@3K!KBLfIx)csaFB)G)`kf2n
zc1XmkW6-NLO6WT|dN5sJ9k8l$UALb5y7}AQawU(i2EqTk;Dqh`jQwelv34mUqMn;D
zMNknG*(mBtiNtyAP?Ar`kRw?l*H&2p9@GU-(~6?{b_le272KMp%hJMrH)>Jm`HV#3
zoNfM4jlwe2l}2I6b3jIAyI)zicH~S@yHcs1HQ{cY0}`rSU)x4nN&e=vFeTR>FPAk~
zuw2p_R}(SdhpW~c;2_R7-pu0i2_2-<4j1?}JCGuB6F<fo_bMv|X!VS5s~bpu-wl)0
z_<M;C(kb-e*AsiVs>@{6*rACT+KW{uO2-hafspdv-RYjjnDuJd1w3v`ZxOKTMAA|b
zcz>C#nczY%Ymxbwq`ftG6HgXVOthQl{5qy}gT=ihm<c0+YIE2)z11h36cDrEp&%xJ
zgGtiTnRHP0Ue71@LNU~@LU)KXuPCV`s|tRK+Kf3Gill4m>r*9~cG7TcAvcf9-qSK`
zQd|{bdc<U#T$9o=>FT*ow3-wOxksrZliz_r*qsu(2u|Y}V5J|mu{?2^#qmCmVqA>x
zidj2)FKb-n+QmV~vRt>+{no%cdK>FngQxAX$Ch+IJI_fLiDs0E;~_SRWEpgn#vJc^
zG4=<u`TnY6D!;6Hv*q%M$E~<bo_n_eu6l5y_qeRSpFB3lKfE~}Sfp|xprJqga`cNw
zu}cCwiGo7TmdNf2+({I)>P;n9xjwLzE?*y5%JNp%2kvAWv?|*Y%gSQc2<~RfHG(Bu
zyEkwr+n`n1mRRLF!JR}_WTWLP23N9QUiG+x`*OI7W3lK3-~zeRZ-u|g48pk%=dFkr
zXSVDLyv1O<`J;>enNc5u$TAdFh%8tzM;}Wyl4EiEoUVmZoYmjlN4&t?X2ms>s5^Nw
zlOY!2X7nLPdUehTiXSXa$m{`82nGd)vnj_z?wbfpNwpWvNehyKITT!i3-XyI7%ihj
zWk^v|413)h-eUwi*!!Zqzbx#5-Gi{-+82Ju)MGH60IX;H!tyeg=yVl3f+2e%RfbcW
zc<SaRt={dd;kUJa35o&OF0wmDL=60X*=~-1KKkJ&+?L7V1f++363f4Hr53?l2^zGw
zOR*dMWEYMstoOL;;c|gJ&lYt6cdwqYmHY>*+ee7ExOBHsqGzk0;nQk=3h)_aP9`&M
zky0;7)p^m5Gxvw>HOlP8Lm_OEjeLq8_qi$t98bwc%Mp9{eY&sYg>HNr+6dyi-k}-j
zC7#*%t|3bsmCh!*L_gs7nZ=~jf{*MmDs7-@I}D#WhGW%Dx90arclPLPfvzHCs<q4z
zV<Kw?)(=Y5{dV#x@l`%2_X=akUd#Vp4_S*MoZJsNNVMn@U+%|0Otl1k{2*R#Hm@uS
zopx>jtmsz*mdX!na`Z=t<Pj$_9&Gz*AkvMA+8)ks&czP|;-_IcR>}y6gm!n(Vu{+D
zU=`sI=Q38hj)41bCR;|f?a}bC!8!mMTAaYNI9MEcS#qhW3D-Vcn1!fyr$g^_(u-R%
znpw6V?Xh5Z;5;6*wnP899zNl1lG0zT5mz`-W5d<Dj<dC@Q8YEgh^V^y-A;c@2krQo
zRZPyk;b+jRa0aHpY-vSm_`mpje{n0MyrS%qSPlMWO#Y2ng{v@TlfU<8lD~UZKm6VE
z9{AfDN8b({T<?7AD*YxAV5t%q+im-96j$wlh=%JNaQDM={t4FI9B1hmmkfNMh26iw
zI;+CIpy4uR;aK1`f3txCyrh|{4Y|eM+~XwbZw^{08|j1}7$U%y2s=2y&~4(n?{6lD
z+tuH_f&M?P8QnNFTGJkDF;r|?a4b7q6R8=V>9)po@BLzn3=P0s)%H#~kF@#1p^Y`*
z^)^89rfDx^VRuV=pm#<!#U+76M}o@-j{sZi9QY@kx6TA0(B{`9Ssx~AowZzRj&Jev
zVFEG(&^qF=tHq2Tj?bF(^L9Q0#0Q75tAR#iZ(%{3AW>kB7|>QVkz<9j15pFlWNa`x
zxcmXE9&un8d9lC`H-pU%RU1Qz=)6QMMe<8t2qw4lFfX25ghphw95pHg#en6*bEwy~
zgiw#e0kq43=*mb#GN$g%OUSB&YeTSGh$II6rc64a<6VM$dDqF?8nJTNDModdFlkhA
zLBkqUHNqZoz8lMua=%qKSxrECTSDVag`lS9Erq}v3Np^wDq%>YqI{w-^Kc^C%_xG*
zhrUZvOsVv2T8n6t9Xv7i=Zn!f-*#>TA9(mLv~jJR+}6`?sn&5yCIy7ELDd495&wD^
zhBWc}biKsYeMDsi3W(L!MARvunFnMU@WlnnfC$LzZW+72N`sxZph^r#O057F%SR7g
z`y&KdOyxKf<$}01u2fEZ(PqFr<0HNVe13m8pnoB&iq$uF^pWG+;&?d7^Ep{f4+qZ=
zlbeID>FeI-{8Al^>JqR3=@9Im=p3K>q&uOLIx~1n6PM-KeV0OITs(yai)3o=FkQhP
zQ4Z^WFTgjRrlSuft2qc1w<eR#M58ZZJrX7sMZ#r$>XmxdycX`#_Kv!zOmvsBDH|J1
z4mhZn=y~)dLXiswv$9;Lpb)JV?j!{u5n)~p8BHScwrlixACErRwMtkmjqiT^>8Qr9
z+3D2y-SL|@9sKBR7eD^FgI}Z6tK(m@<EimGwu&A6_)P~_`EIK6UH^D|RO5F?TtHog
ztNb;t^4Iv?(b1a@PJKE!_37Z$r-L8;(!o`~I{X@CWe2Ce9h@y)jjR3{|9!Zcs=&YH
z3SAzn!3y4tS2V~|4o7N5g=>68`WoL*!46IZJ2(}r@f8*7;y=Ev@eKv;;B;8Vvvbtz
zH^;Bnsg#9E*)x^Frn+=+I=99*bZ*AajyH?Z4;6t7RQVjiGCVrYczG>a=mS(5DpM_O
z7vC^a>Toq=2d5!BI1Sms87UbrWubX9Rd22F5{psPiB;nz7DJ;GYZqs%)#2*8jF(*K
zs?EW!IzXi*4^U~z15|2ufJ#jcP$_w)T1OxKa`c=EWg8>jkqKwVtHp@s&jgD>9+~iN
zy{b{ml7X7TJwZjV7;k<oG3*`3KOMiMQW)XQ>mRy=qo3Y(3CFL0?h@X-Ed)B;CbZ*f
z!qo)U!I_{sI1^F_X9B8l`-UpqzL^SN9WnST+=g`rXBc;IhHZtfG>8(OyCxBG*Cayj
znnK{SRnsRzZu&&XnZAiu$(bfX&a@CB(?rObCW0Bj9{>2`(Jzsy@q@n1iIENJA&qbZ
zxeh{`h-{agm)nT)$1jK<vmhXdV*UI*ocA9$j}GhgBo_-O@YcZ{1Nfk}Ek;KX)gEoc
zPFqBT3(9B}&yZ0>fs;F*a(#G;hBd{cp+X#%Kxn5NaIdhyDytBZ`&Df=6#;L=+G@Q0
z0sVy$;3geNF%!<U#tCd9iYjXI3<OjD9L>;0D&KiLM~*5c*OoxH-xI8AbSpJRTZXR`
zB=4N-?6I6?$I3K0>X%~?0<ZlNLN8ix<w|SR=(A=Lv=O`3rxdO%hO@vFEk!EV8tV{6
zP<``YC$EC?J{i>_hH}$=j3Of}X|M`q?naXlZoV4=9*pd|yvm0H{9HIu*mI#^!v}#@
z^1y<)Ld}LB7rQQ=YXOD}qp9)ssoaFJ8*z>pYL~`E60Yeamjl6w2zOIl;!9|Qt<D;s
z+qBvAA)&foJ0qh4o=cnUDL%}HNM@DRt|ngh<g^`cw(TS9jh|~Pq@&lzKLjndM`sDo
z$(Z{)QBE#y1J_9F1SPq95XYkcW(n|@6qk(=PQ%DCXJE=!d$>StYZtJ#ashf)65s~`
z2k{!X8TSaTH|V4ZM6a=(X5evXY`Q|{iNH$d5$j+#U#lrEGPFvG)A=$_j`ZD5n>ohV
zF6P0J;8EuK9-Lb`aQ1a)?@n!N9F%^Ic)e0n*CAKqQ3rJ$z}bC=`u?hmBU-By-A+4b
zzw}idD>e1u(Eg5>)$E9RmtOj?&RiZO(j>!EvrM!@-KG2Vn&RStn(`4Bv^9?R)*AiD
z_PECVRVbutBIC41&o&+O0wGaV*ii+0Zg#dX`aDh=I_AMQXFqtcQ?GZh)Z`taC+v_k
z$(R9n<f7#%z?4OwGcCCo0c|+g=rl%aKyvaEpaj&ISOmtRRAC7HOH%agft;P(-VIp$
zqKd*;)Ev{dC#&dlWL9kbw{p?GHm6Ko%A^ynRA#6mE%V*-0=2!P5({95?1&jH*vy`d
zfDFSZsXA#{!jJ?Xr0Z?0MI~ZeBj<|}@OLsc>SalYy)lVJY)LbJ4w(|%kIrnHNTsKv
z*a5Ld6vTvg84d14eH`kJ9P}WyMaG^}ZmNYZFOuBg-qvi?D+=V<q{2CuF3n_G6{`?s
z)osKou-l4N0Qn(ItO(*5W$9;2tQG31gV}4=vnm{MXoV>}pI@lx?`0!Y-1=4_QE*g$
zcINgwi4T#L^1G}cx9)b_R90^s?lX=yBBZ{lqDcu?q0}IlpVBtw6pPipP*f)L?K_lm
zkg>#U^WnxqgHv!jp(;J^-J|{HMxj+Ky%)YM&OeqM`QmquKb9~li<2!=p(>|1-&lyM
zxqTyhA&O4u9-Z%TkGAqdk|kT8A+z%*8P`+bs#-CH?$PzuZcHDzby_Q#8#V1m4XdV|
zfJ3q0n{UyoOl*6)$#T1Q$$EcQjdX)l*zW|%z)d#g-?}NDI?Vz$Ev>kx!cL~p*mQ5E
zs2`bH(njOrtRmt}teIc|dUO1#qW)#We8QJC-E>1_K>F$U<~wn_A;nOXS!q-yIbWiM
zYgi*HT0WUp(ZV{lqV(YkD%9lqU6LJVYTy3wbcp=(4z=7X`bj*^y2_e9uP{2i!hA@k
zGmoW(ovuBk+t`#4yn9yZ=Yx3(q8XCZ+&n$eQ<AVBq9v(&iicGk_k$DvVRgxUmq0jv
z)8iCp^jdEg6Abi4(4|qZ?6^9Z)AHzXhaBHy>rt+q@)LdJkN~s?rs72(ivfbUBE+G%
zj{TvIP4~J9z+8?}bR%%Q!QV{J+YLV5V84`8-VJk>yv4Gn-SbRy=SEOcQYDbBvP`6s
zmiml+I^O<X=`}`gxd>3<7iY5CdGo{3Ya7aIcd=_bSJv3&FF*bAc5)m+{diuSeZC2h
zhT%9%8&=6`rw$Sh-+9j@$1#p!I*tsqKMGKLq5#jA^mf3L3YMxq$Z@@nmo(-+M{H{o
zv21G-u(?mCD3~VIsVH-bP{1??6v`$?gLaPj;7%J|XHxVGZyLMtPee@(?dxz5X|4`V
zi*;}^d#Br0BRVW<Kwf2T;s|_uzy5!1lu0WU+_KeGzcLV05L(U|C(ecEJ63{p{((uf
zh_XChT*YA?kt5#S^2<tD^krOTdC_f~CSi#)ch)&ksYC)f|7{0eWV*nWX94F69=@<&
zH3kDwj=)@U>3@Tk?MOK9Q>a=aa-}MIUDqyIZx<)k$%g34i4RWRHabCUAs0uO+ofX(
z>EKEf3q9}m1C=ycL6rDA6k245V%MwLp1?{IDV15e_=rtM$#0)1E(uR~y0@srgvhBK
zyT3Ei#x-t%p@l|;U%kxtVI?#mxYRv+@d%<B6T5^lau8E(!oE=bt6^!(5=_R5$++RZ
zOz(M(ge-{N3sn<f3&MQs3|}Oo4-QbNPbU_`v4eZ($a+gf8d_H+j2v0hBFH)@A!;Sl
z>{=?-EiF3{n+Q9U!OCB8xBez`B_HWpD_UKT1~2^Rvs$b!dsOTsu}K-3117Zo%$Jp@
z*^PZ_f+AF(ut%r~Og@y=P1brCsJeAh;F!ZR(n~nki4;ViN#|g630j$3i7IZ~-&$f^
zkLCqYA=v{Kf=}Nyr3h!3qe?`d0Xrl~bsvT^wR6<M?4a00B1uRMZd}0$#|0(ohB0vP
z0X~z+j?m>99xO67n*SLSt2t*F<=EEy(8|o(IiCgOUrZnjgc3o99f7?_?iQw69pAQQ
zsEO=Zq1aW#OX3pqp05vLhhz*(p!T>D9|jt39ukUWshmoARI6}8RAtkVFz+WCH-cbr
zSP|&X4sMAaN`h4ds~jA^^H&*S*PbQHI70sTC1kuz5$YPMfGu@F^evgQSeg2E$-zs~
zD0Rp<=hLzwNbTj04&~1`pt*TIgsu71Y^>c7zVq$@iz<)t%_p}6v-KxH>Jx@zNTCtg
zmbo}0<gZ{qh{ff3y4+UIq?$;?1hgN0yqC9{nu$0PsYP!7KXGr@8|RVadp<(L5PS^7
zFbu<JG>n$F;p6u7NH$5!wx+k&ph!yM>WvmD+cVw<Q7jfIj#w;q6{#1`3`T>&U@#ag
z_F}OY=L0Mb4i@KPFAnx<uMYNm?e8Cv@nk+PMNxM53~aG7Bi}P4BO@Xs;~8OYf(0X%
zfHho71+!JdkP!#9qgiewg}~+%qPJ=|#Z-SSS`~2XiC5__NOfA6gX5VxF*HV(X~oj>
zkneLs#iz%gZ<?aH;uDZ5q>ZggQ3mNG)!XR0o|MIR@Jlj@6STTtl8;F}S3YeVb1wJt
z`p%V4HzjF2n$UG@@uhOdurdX>a1k5nP<Iw*87P<GCBx}C3l*6I#DRJUJ8v!sxFLY}
zCD6=MwkCHbPib5xO}JNJ_sBXFG6OlYoxNen-q9w^S+`BB>OBuMR5xKBfyBr#&MvyJ
z2s%P*SwdWF$~mS*ZeQeYq{qWcS0!C+9pN)V=0BcBp`K~mXUP84JpH>KU0j3ZDb~$k
zcFe&{PVrFJPSZdIvy9rzbtKT!QihQQ!e^)J+KQbkv=|U$kS#Na#=)7>PvF@j7VSv`
zs@17$Zvdjs$lwl0>OT5CZzTFXZ^ZIh=qz@?=~M(Cr)G~eVPp6NKE(RnL{~v<_oE>c
z(kL9NBtAytaa{(NadZ5f(#8WEMOtA=%Q#v}F&MOO4&+R4^W-_7m#@>X7bV9Htm0wc
zr^B`Bl)zXonf>FX4$ujp56F9L7kt?rZG+R~JxEC@N}9OL6pPObue*amWv{<?yDf!K
z;@nBlTHKL6GGS>7q_fm+!9X&=+-%gznO8e`RQo?^s2G}1kwOlqnI!GP8Hy?Y``}W^
ztl<$#-)-l#r&FPoX+m8wvmgyjGhrRs{%FPlKv6E%ix^#qgms~2I9*jn8CNzzZb;Yy
zN^~?vyeON<Ghe*WwJ(*ytry9Ui}1QLJO#w|IO?<lwC<cs0ZE)eEd_KkNJrEG?wY!~
zs75QDpEp<N1o<q1^_Xq3Iy#zwlNROa5}cuig2{qAfFqpT3ly{i@wiT{y}Q9%nzydm
zl_-pg=n5?qnHi$x8BFmtT2~?M529pWl3n>1StW}k@<7jIclu?H!gXt^Tq<pV8<KBM
zfv_~C+?-?*S}6cGk~%VQPNmLT@RLB@NVy}9c5v8)``6a>CZqTwa2D-z1(GUCF}{&f
z53vDlbTp?(QG~#f0Vc<}F?a?R0(S|t&y4y+*X&*C{fUK1hjXL#d3iCLK(#k7wIfO8
zo-otjEY*9X0q=p<Y7rQ3sLZSwyiV3{77F~%by?EV{G`RY-@SRhS=i!Z>zT{T6@Rld
zFU849&Z(Dct=VoS^4`X<zV1p+*3N%;gi()N@r`zSa_H1MJICpn<^61afc7M}3NjU1
zl?<0>A8rIQz-D(5UOj^nrObfFrgk#gNUZT*o2n<hxxsrfG?28f5?(zHkx_H2>wZLJ
zz&GRLVH>8YFTU26Gq32lp72tjUBU@@8#+b*F)13a@!0slT<wWIIh3O&L*vxP88)`$
zH@&E;_w+eW(qK1%wW_%ZHk>nW9JzcxWSV)y2Cu%}Y9_;(wQd$0y=ptL$n8<kj`=zD
z-e1|=&~DEKjHU3mbtTv#e<<?tp0J)d$Y756^4zocG8rlfFHZCft?&9X=t;V-&yY}i
zC-yWa)I4?u)l7B)s+sEy%M5pht=_V+cUw8UIpD6N1HXp{W4TK}r#3z6q!#8v4L&=!
z$GP7rMZc~e!b(Fd{Ao$f4jJj!Xnq6XniTWT<E5I|<>I$@_ZG}yW(M8e?|{g)*vcga
z3UCX0>v0DpQdP_6`aYWEAhuO3U#)j5(!`!z-IR|>cwy$Tm9&su=(kd?ZuTY>y2+vd
zoN8YSdKr$kp;Sv2h1yETA_-FG>fb!bP2L_3lUF7U+PH-x?uy@>pVicf)zn<)<eG%>
zQdPc4a>_T0=~TRfK~M&do)r<;QKnMD5`^(-&V-G?^M$2PuYz_N2=Nk&-+;NPU;|Vm
zaV|-&MixitoW5V9z!hPriBpc%7HlGVEhe|XsE~{8&{a$5>`#?G<pwqdkrwMFS0;NN
zp?~IoLvO2V;AZXHII@j#Gm}bO8Corp^nI6ATNCluu&<L{IiE~Wd->E0WZm2FF(;^b
zH%f(3uC*Y$%?wBO1q<s5Ljdz+3Y!YwI6T1A$<j`b9-;roVU*p1Bw#O|rL^Hx7jN~=
zNG@>}oxy>Esa#X;%`wW|mBH~~=im@KiUhT<nE957b)WFnwJ8j|wh1sXRV+gThOt#6
zj$h3qUIM2QA}{bk_JpnpOsbdulrB^(o*2$%%03-R`=+j4oovIVzPIW;L)8?0oJHV?
zj}ohggTQ?8P00VJBeu<OdH{ptv(N_z0Xlh~k$=@M!g%k&WdwUqh_H!_&z;kh+8{fp
zeESgl&1&a#Z-XBRvicQ9!Px2Mn!mDY8|X%_nhgDiOJQQ>>0?L$We++Z06!e-FaJ7b
zFXmfAQ`z`LW;nSJZS&hVzPM?*aHQw~O*CCM;N$c=P(3%WJ+Gdj@=5A~(RYh8BNVrB
zID+bDU$0Updti+c^!1ev@EHlHPdQ7LXL2AwoAHsU`{*^SHtD@nP)v=&>?$Dyv{o_g
zcI|+aVy2WzR@^KqBO+f6w`P3M)19~6xRV-qK!8=XJ<e_S(ZRF3vx=7^dUKy*rw+tv
z5Ko`iH)gzCux{Kr9S&v{D|-Ea-_)<9|6ayH3>9O*el)UoC=Osh>Z*R`v4LeeMdvX(
zJR$p2{^0}s*5Ggt1u>8MpWtW){5h4?lh)t>sM?WR2aUyk)_1=iGLyS_H#tzKv--}V
zU*X)Cg@MTG!C?OgOAx*w(9JKRc}0hPH_4#h6K+u~c5p;Sg*g9rFqmZCcm7&G(zam$
z>GN!BM3~-3a39>NSrAmimWYV4!f3fez+-f}hKRJe37wqaUUENZWf2(5s4JAD(A%0=
zx_aW$ibc1R3y2crWh|K+7<G1He?Ut8qEST^azi$$h7o?4OB2Esm0<gFz=7<>XB#ZG
zwvr>X&LZRD-DbeljuBVSxG3hUgRW;1Hdsc^A>6R?^?@N*0uF-1ZNz5@t~wrY7f1D6
zZl;iI7oKk(97lp#MbSRu8G^OWX%LZax8mdb>8(OCrob87-4SMaWaWB6w#;+WCv#J7
z>K4&;Q$>BSm{#wqJz0`R)mde>=`*emJbEB&D!}#IC67{{2e|3;fMh;*8SBnlZK8EG
z!HvgXt)RN55=uqTW^C{@q6bG$EeBTh`ouZf9Zm&YO+CS>%pVZQssaC?y9c;;bT#)T
z#tq71o;$B#^>xC*d&N>Gp_J|<YYt?rm6X=A3c{=KXzCY0BiwOVH_Pa;-3`@AECMXj
z<Vfe#ec^+rfFS!*^U;x8P0xn_1Zx`--xWSMyOF#yUIBycnbDklccErQp0(lbY#<M9
zSJ;Bs3&{cS6{g6mC^8Oly|c8-co3astv0J}?JQ&FywBCNVsnX@rLK;4PWMsz?t`Rc
zcI(-D7KV?7B@}eme|8T27aX_?(Zf@-5_QeOXMPX)+V6;{RvhQvhote<#GMS>;DZ|n
zTpwrXERsPOJfPUuzHM1jh`Wd6h=y~-52`wTD$g>OIbGgjnP``|RnQz+g^&YtL;E!*
zF}mkpxis5hrq#GI4j-5o`5nc0LqJ_3G$Erl06JkGZLP~VKpb)nQpeLtR>K%?+A=i=
zD%1vv5ZXOr>QMcaJ19<Fj;iYLadcf@dDuLK!qg_A;GE((>MKC3qwE1RSc0YnSpP=%
zm<2THYqf!j1bvDbh9dGo$0L|NBr)?F;I-kfW|Gy64mWvtZ*b2_U>J>zIK*_;T8SMD
zwqw;j%=f0Bk(5sGoWsxC9GAi-#~$nrKmUB`iwqDuo@26Tyw!-J$;ff|gd8C+(~;vG
z@i}5Ht8z5hs0>lNHF?QkSxe`bynEyreP3Gq@>3z8ylAu&Os(Ba;G$daa|VYwuUQID
z3jnukMe3-CG!!8@PyWJ8hDoV&BFRb1r@Q=V5f^)!Q(XYhac8k}JlRKPK&|p9K!v$;
zeHWRNYtcP}HorTb<`_N95!B8(qD2knssOJ}_;BV)&SpwX`Nz$mY`dOe&L-u!HWj{R
zGGHI#S`ZW|s1bE+7R{zESmpvg%=D+sUVM26_6_=9CbApF)0Iw!%H*Rn(rO&7kHCC<
zaWMH6#wz?2-rPke#c~Xv7=TVBkcLUI^pzk&dz|J_<Q~{@H(P8TyIzNfJTi?%zHx`a
zG9_(F_uKjuQOg>-Q6#taS(Y^!8Y`@a>J$z(xw!31>cCd?@hC5;+IeJ@BlT?6P^P{J
zyG@1T=b;w^-NeE+V4T#tJoF4wT>7Rd+A-$G<Frr*+ykCRIf2TkJH+!OP6z%6&+5<N
z!ADQV4As+}rLSuRZIQA(dSsLN-L+?*EpDPT*38;#S84h*$v#58MmH-PKcF{dV_(GW
zwz~wHL0kzitNc^~L2=hizf=5JhIl=vNIDAE_>vaS_Tz&B_a=7`guz9*#kDT_(|`=Y
z<VFcv%wjLfObZn4K#Kk6S*{QEJ-`9#0k^W_h|PtWX-`9%hw&tB1EZ80G=sZqz*N#x
z{pkxkW%qP=Vu}(TC&GH_h;1*TyxTQaRi5rlKV;cc2*gMsjU@$V=yAN#8)(zuj;%!7
zEWxV@uGnJ6NhA$0d`EJ87g7uA7`koMX?{((_o|&X2EZ{cVkZ5QO+{dl?Go1-iwhmy
z>LO=yur!i$g#M>e9cBZe(6k0u^6F4m5=e5Q-Q6MN9Y1=0#dLO=?sjm+l`W0>Seizh
z)j|cQk2f^HsNp&=*&sDCQCF>4Xe0;)O!tAtp`Fl(v*e9<>2+1w5>(T>XnM41Tni&c
z&mQ*L7jxMMA-$Hsrd(U5ghX4yqG~=E->8~FG~&aukY>IfqM-mg;nBekDuvzUl_G@^
z&Pm}!=_^39_eT0`0~RXnn)(y?XkJhDeW7(MLIX33TX^Q!(We1ZQC#ps&GPz^vjb5+
zW0T5k^ncAfiTLxNG6~U$kAksF8}+J|jsbx%*ZfKLq@Z=|t3#XvoR7Z>X^s5h(O^#M
z>D&|s(r1={N~X^qft@O0qi8qDAjY;KqZW8xWJ+9OS#E8%S7gxaK*<ZpP9w&JNpq2<
zt1CbnMH6z`jF#pthR8+X#D1*ukw4ukB!woM8U;$TRWz*z)}XI$Buxa$*^|95?Pk+R
zriXAZO}!pI8u~9=L^!;RpGJ9cVeup6EC;*F6AscZ!xAFdiQp-ksGzeB30mthN)$^F
zFlP%q#+N0sI!HG84i0NaJQN3rx<YMZR}P-hR9%u@J&Gy|H!?Y1Yr;G^SdzH=tw3r|
z(cn3+JR&<ObeNo1Fa|ni9gOLk2M&(>7yJC#(js14Z2nwf8!?W;b<B7@N$Rx-yG)vw
z%X75W(1GHkqL|#hL|7U!T);%soyJ6rsf*wcSC%sUkGPl{ubIy*EzeTRjs_k{45&w#
zaSxbM(1T2How)o2^HuTR>qqk4W0OFc8hqatqb^tH*`3JkaGgI#4xTtr{#dOx=Z-x5
zc=X%@?hnY)PZ{jujs<Pl9+ai<-K`sjCE8t%ZyB-=)~3V)JL~NE7|kHrBBogKkgfw9
zGg)}K1Xr!v#wn`3n#(uKs?`K}qT4g%nEJt~IO|;#D`vbp{d}>E-@IGK<S<y~$y+55
zo~4YUA6q_pp7b_)s+}ueK0=RJ0#;7p`^F{Y9@p_@{HQ2Cm~!q;IWM=-oJonrccJjT
zytoZR^@I`0_dg#)9Y(w-zwz#oKD(~Z?^Qbk9Fe=C3hFL9)nU?k*W9CaH)_j~86+CV
zsrb{Q!JhN^hZtQH>&nw`UHh0@`!-mdsj}zAEOWP@pf+5+bDdNPH(iJAK8@^F+V0aL
zB3J1XUZeiN_0|cT5GR=(q%xs`L*@#Jr+Id-r(3-{JeIb&wFURi{f@<jTsIDtQ%sNs
z&CxK}A2|%-#n<vYjP`|O4^vAWW-jaSp4G&cP|%K^?m*M&fH((kAf*ZvIQ>CfwTSer
z7G_6^83yews(F<{(#5SND6N|TgQcf7UeL*IP>NaI_<GoT>fsKPo@6;ac(8)=G8hYF
zIW%24He|a=7nUKWRpkNH@v&v+gB2dotFTi!*fB6>DtrqX5Bj=DHpndfGMRF0!@eCK
zpFF<<X+{JUNqs0XjViR~^*bN&oK>=UzBAYv9V$>heYey(@7^t~c=T@Z@r>$j?dYgl
zLEqvZn4Rg#SOk5}BL+<kd4|#0M{1oxz032!11?m#w)N1{!NExi>OKaFA6W*^Qi$=#
zwOWG2ty+qXy((lY2=F~=pP7^m|J_Qz`ap$!W^@A)_6R;wnFO@2TNE%ZN==EKq}dfc
zPXv8b+=E)~E!+sO{~t|o`);Qg=yILARe%z|gtW=qlwGEzB<ByRV`WQcA2-*_crrZQ
zIg&H?842_74gH|8SnD%|Kw-!OWZg)E{Q?q+u(0G)3#hX}FFb{z>oZIiN%sU+9qMLK
zHf=YQYv!;+^%u{g`ZFZOz7&|f73g)A+y$1E(%HgkK`RAoGw1>bX$wvlyYQlW-Nf9r
zZrZG;iKIg^9aq^n?(=o$SAv8)U1(x+y9u!5tqO{cm-X7p=GhO1BE5qv*2OVeU&$$p
zrw(+pt6qO|SJW}=K*qI#xvaJ5Yj1j<=icN4d&!6r&F=&Z--;OaDu-qiCg)e|N-oQ|
zty=S#d}0C=B7^aK9^RsyhY?f?WMA6rN8<nv+5qLUhfa~h9y&$DYKL$~Ttqy=Y?cU4
zb1?O1O|M`hnNBt0?1;?=TN_fkBk<f<SzNrjwE29zGx6xc7hhb9D259WOmi7gYY5#4
zFFo1o5qQSI%yiWAVpAFqv&64pyJG1QH7sCsi2|as2s-0q=uXOEVtB!=h$LB(>4VhD
zO^_#XFP0#yC<_=(w2-nWE7aP4w};Wa^_ku#b_tu^y&;@-Qv}qx!MCK$7XUO{!Hpek
zX5DI4?Px<Kb5%G%e<tr2gJ$)T3hj<yKroB(Dm0tirGYOAK(`?cISy6G5#`P_tqF&}
znU@p_#%N<CZ3!oM^ypCv9H&S4tk*=Y^%D3<HfkEL4^h<9<LpR{WG4R%o-RiS3W<=X
zAbjqV6dXMZ7`Ij_XbiJI&KKJ}qOeA}j%b{=WtinS=(sl1sk0!tnt6sEbd6klDVc)l
z@jd7@7SU1mq?X!9Z)d@AEJ~&aWjgrdwiJ-5zVte=XdrIS3lQs?Hd1}gm@1(+OFCHE
z88k7qG@}EgodE=Z8#*%!)6SP+!iKJ|lJS|Tc^qeEo1N7Hbzld9=-k&li7aSeO7ibl
zs7SFK?8}(@n4I#o=jpNbR3OLW<1$9sdPNi89~nzbXeIF?WB9lQ+Z+uJTcEP?xEF9?
zqOXnq9DGKr==?q?QE%_4MB{I|??do%hPWt-v{S@pfle5_)KilP3LRlHuHJ%2lX9FM
zgGFhhwqZ|NdD3ly+q%uJuwoRPa!tt=MXdm-IYOs?a0I9B`;;lW%LR<R^pP=_;BsYQ
zfgu7baTF-}2|YUG<_XT&xQ;&^10JT|8FPb*c4FWATjiKRi_3M14iCwZaJ&K0EEZ9n
zQAO0A6}d$)uDWum*yRO?s_Si0fK|VLfvf<|pumUO|ACJ_^od12(5?p>s>ULtj0fQp
z(oK1hU;`-P7%Q7_-2i1%N+}H1`AB$?tQm3YUjWBWZn_C}zCbPQL@Wx};oN~HUbe{B
zU|I{fX184@v(tgi+L<)};8jr-#fsS2Ine^rU|S0~UFhU>rnShV=F&5d7SxfTo94LC
zg^#-+LkD|8Qq(>5M<oRWZpV1P0yN5~+c8tZrolHyGi5ZZ6Et$TJ=pu%{k`SgF+8;G
zCb57W;L6~rpdHvoyRxu8+j&Q1g^{~C#_JfC(>ZpKgNcY_dz&5}tu`gWp<VqfJFdR(
zo6<(i*g^VQV?YX50mq$0#*C!THNk4K@V8E58psYxHTqgh17)H%8^wYG-#@~7b|PaF
zhiy+<0A*Uo%=<8Mz^F!$^@|{wdvEkKV%yVH-CbS5?T^qLUOzoKQTx-ajS0Fy)b09x
zgx1OgeMQ91)sewT9UQM8DLHwTR}d`_3L^rjKJ@cUe}2#(W&>MtJ!3RImIwT{<gku-
zKv^@R<|SHj4PJ*gX8D#*kusVUg|w!;jrWe$nHGc_qvXHU>O1gOQ)#y_bUhEBBShmP
zb&iGDP%N@pMJEV^y^M}MA13rCE5|DNc!ctdbB2Eh{7XGICc}(BB+bmKhu2pzur(jY
zu+DOabHeR1Pi7Km^;QcIpM7MtQkK5YJz9Hi&JuNpc}t4BeM_|Bn&K3z*|P0@jJfG#
zd=Q#XMDOiw(}PHuX?gVFM!xGXomCGGhL7Z?3T!K&S{HqD(E6l1@c0%W6*psMmXr>7
z&Jw5%A7OwK^^c!f`Q_<&GL1OM8$k}g_(&Q^oeFofQhEFPsYC;O^3)yJFrj`)V@~v?
zCfrY#NZun?h<=T*&)KQ2`HFVH@JJolxC1#hH@!t|(i^0T#dr8a!|V}PHyvHr^_4D6
zW{+PiUHiHx$=-GJz}Zsk-HLAB?ZWB{m2T2HUyA5LZy(Hhpg1n?W<~ef1?q`;7rHVX
z?{%SeUDE}NOX)&gV-Ef4Ng5w_fzncTp}LdoLeT_tflf9idmT^H*yC}D)Gd&{U)xQ%
zchZxaFN1b--amNS1-eV>@t6bmr10fz2rbr7_W;I(3CW>*9oVp)>9{Pxw$L4)N|m*A
zV7mQlWE#4&T^P&R1W`#37<x|dbkpIdfSslhOqLlDmFmd-#s#F-N;bh}OgAzaF>h;5
zocbOL!shQT+?DD4PC=}={(~c7E|YWI5|nOPr9mpdy1^`>cvCE57)h5ep7FJa6+@#D
z`)+mtn;q<neiRTE1no-~m^2No1jvUzH(!)r<%5yAP5gH?;y7NG;obEjOY=iUW;9WF
zmz=pfNxL-df_ZdcH>Hh~BtDMHXWrGg5o3^z_&$eD(WS;yaNVyJX@M5J*~P|{rybdM
zCDJ3V|E`wqEo-Hnuk+nMJb~Sz%SDCy$VU;KjTe!1bVmVKHbhG1?p@Dy>t!r5%%nw@
z3$P+NP|0SjgeQDT{Vr0D3y+(6IymFQ@n!OKl-R-&2*P%u%l-v%7;$9mBDcTvl?`M8
z6eeZ1TGy{->b`DKT^UuBfxh&CSx(vU78#QoG0$2oTaibL(Q+c{R89BoMLr13!k3@&
z>B-%_0*VibMqIuQie%g-6tP$oUwqW6Xi17>baU~by@2kz4%IQI<7lAb`z%G~7+<Y^
zDbmo&kX!)vcTgB+b*#5=JUO<{F7+g>-s<Gmj_Cjk6|dL1`FNC6z8)XnnP5I#^hDPO
z)8jUj^=yL<TLqEuO;{}If*4?$(}j1wOInlLhN3BGaZ4u^U=6rG|4gs2vl1%`ltd)0
z4x(Ps-#`k`p*P(em-MEX|C0U`b7Rt*1d`2b$#=`V)P#ETlG`3mdK+IivJ-l~m?F9~
zn%y6avRhtA=&X$0v5(#tlP00Z1djryS2yXivITVAmAVBa^(-04776R4nO>fD3T!<c
z4IWFWY_e@988q#{hGt(|)D1l?VzgAm4jM6L1L-@iK4JqM9HVa08-}7B4HvO&>SRD@
zWRWPzvc5U-I@3vBWWwNtol^jOD;0qH#>K19j2Ec|CKu4;c&9$NlGmLaPcC<AfMaM;
zL)2T7%_5B>-%e7{vVd}`_d%J~9&pgqo}{{EKOmZo&~zV|wtK-e-UpA?`_dYF>a5bu
zjx~xklbG97&&t$23f0s8xG{sGb79v~Of2*k1qLEO0h@I}<Lnb#D&OVRm1TbyWGAcn
z{={s0C1Buc2gaL*nc1I5CiN)7vm$(8H}0sYMu^^flkHQ?bT@eSF*6?0<q*Z#E!K!X
zT{0o15w`~GM0+|7UoxR&M<bBLi9|@0rJ*4z;PZ-Nii2uWC1vG>8cx=PdcfnpXk2;F
zve>pEbYLy}Z7(VFamh|rBu6xbZarQnmeEr)ANM2)T1lzG<LRC`uq*AgneJMQP32G%
zasgQ1tx1@v*J@S`GklVfHJqXID2~TRt_iKwQC&1W*E-7U2z92UWW23}zRU@hRO{8#
zgA*Pnq5b&m(@&A;xX_?i8xh)gJcyva1fe_flt+R&FCj3~2N~=|&2A)V>d;i43=RWw
z+=!*3Yck=89A?iEkwI!hsEgS$pMOF0gxt>Pw0+S9bT#rD(YT|76^H-lp*@4(MhlHo
zx|LY5&)MkOYjC2AEEx$vlO|Z~1~6_Pn$UEs&;(*tP?j7Gw~rOy_LUGKxy2B!2o0;!
zvb%Rs*B2xqEh1>2F`A6n4qgoH{hv%W>Yz5|V9Mks-G@~j`EWR6H*vlisMa7|V>x!w
zD=ieojTkj)uVYJLiNhkikyu(&9Pn0)){Gi>!<8#F4a7#oDH6!GVSbSe_At3hDxgj8
zN$9f=lOrW7;95e}a-3?R#k%GKR@59&vwN&JOi_jKk2(qn11@5-+}iCCzUCe$gEtIh
zA3U1yun4@9O9v$t0DF;$YQY>#TJP(|6G#(@aLFypC_!LzPa{kx5_F;uf1pJ@-Q%wr
zly6Oz7G=p_-9a3_XCaNk0_c0E0}EkqHJR?zsj@Cq8H5@S&_V>6#t0s#RI{A60vuoF
z0imvm3n0EA>t7h~DhGT9hzAX-o{fw_N5men>~&;E#*KB%@3!kGHy7~^Le*H_SyTgM
zv&s!>q2u&@U*#R~MOuFJ*g?Nz@6Gy=$2g|dNQyF;BBlmX0(aE=Cy!FZo)4@}o_ZA)
zdx$e2DtGH>3u?;O@O^><mnS1yF(CEZFS_cPmTAX2s5RNPpt+~8kfz3AWB=juLq<mK
zxWYkC{m0gHd$*|Tun6yX<f(xmW_)T(C$z@4t8U1`)*gLWWXKC{3)qJ6^uIbdUgVyT
zrBn6}mdnLVJK5aJWT1JO$x-kL*L%KQ>l+{21Vs$`&8*e7enpBYD$VE48pcJssI0zT
z;o=4RB8!M>oBwTD6+~#j8K>J0EJ2uLih$pVV9+tU?yNQrj`8JlD1YA$xHWh(lB22`
zKq0?>C?R!t808Y=)`1#wJ8BD#x9vx$A=BX@`Jl1f<B<(I(FLl#cE+7HK-G~^8mCr;
zZIE_tnT1k*3Y0)rrwepiU1rN=r8_PLlFPRe{92{VYAb2S-wY@6hx(W*zOGKq97Ttq
ztx^xvPRLoM*D_Kn|1}(|D4%JNx!#m!i?*GO(v>Z3n)|I4v!*~*tZUmgkO4*dJ~Qey
z3<v&8qRD|CvmI9?xC0pnF#PZ+6Pe3oRb6&TT%U$)FFaa3Yo)=W?R%9&MrVqD8zs+F
z_-1bJfc1pSQyN3gV3}V!bMM(ScWTySTu|H7OOI)StQDbZy&oMkjhkAJZo**Ig|Kdo
zOep{vbO^1>%@en2_GlNTR__n&jn_<G)CN#1xfSZ+gOe=aR#A4f5JCDGOq0IZXvM?N
zP95J(30e;fB5+}q>@s{Owm|LzH)k;xNX|X=(8Qz}u<;1eGC4#kEr(@b3pI^rpKU9!
z^^|+mjl)w=QVzjzUv#R-VHr6oBkES<GIs&`HskYvj8l2!mdVrQqsh_pF<+pm26afq
zMG*mNu~LwQ(0l9@Qy$I%dr6)^{{E){VoYU@m{=`e;!aZ8(wRU4C9$BJ_oib~s{;7e
z$<uCT8)O$e?DPPwNNU*VN(w(bk{80G6k~)#dsd(0Wt5Jk1kH{bP0`fj6jR$pFpXn-
z<}*Gxd4kx(168>mdoX#*8ax{CXbQ^YB+2xZtAppW>WMU$7FwQ81;9n5e$+arpP9u?
zr9837K76MIj?*v9r^V@=QKwqVq7&Xst_uj6ikMoc_i!y!SZ(!QZh>{sdp{^!J|~Vo
z^uf?uxEoA~A11I`ZWH>kP#6xjA8VYeYn$8B_IYf){R3}-7EY>Li~L*S-)H>0%D>O~
z_XYpHJi$lQ&eGEIiC)9lFX9@pb-t;5QsFmBPgGZBI72!Rjn^d@y&Fe{kuYOHrF_ft
zp6m8%j{QOM(^j0eR#hQMR2M;@8JI%Ma)GPl$4MRj90`zukc5RGVO}Xrjax~Vo}TRT
z7h&0@RP5905g3g_MgH6yFyd|gaBLwH$ZBGGvNIy2{=3}Cr$+2si7AG3ltLlLBG)H~
z3Q4F>(Rja;UVs)U@%XO*HDul7r&RtcnGVyGCKk~!a_IfjLz0MZ$Vg=E87ft|Ph^yu
z6OXG`(r@@gFm)V1IqGhGQ`#WIRVqP)JpIqZWXE82q(u1vOF<SfLex`!OwbB60I;f!
zII8qU+*IGGHs0NFUzj4`JEq$yg5i+)8corg*#a~{Y+6#-tUFU!K3r39CkNe}b9ot*
zKA8+Bhbf0<taf}2O9g(6a{M@4Vhf2-TKJn?oMD=Nz!1q#)dbK(=30|r6T{e3TB;jW
z0EVYe@QfG<S`G0RDW8s?B04U@%t0;mf`>&f0v+}Iv<D3R3@~-14C(kzF?Br!w~unz
zr|r(}EYzt*?VzvRB>91v!Z33+IDxR@bHictdJ#b$qL^D@X4WhfHN&{nV5iU4;c+0T
zB26+jFkl^`0Tv#CWNos?8y_VWo`RfU0m9yh>seTafF#Fw&r6u+Lj3M#YXHULvFlLR
zRJ%r&x{B6pdWB~&Q7&ym`dY2)&%+}a5Dq=F_b1-*rJ+nJ6uhnC5@=0>p$HF$^@C#N
zk$&}%N5AW<+tU1-mBjX!*LaPkZ%i=e?Pa$QP^Nt_DxFMmp(pUDR);d719WwCfw~^>
z(c^_@*FLMOs#8^uvx7CrnZi1%9QBb|LysHx6>8@=8icGM#+bV)!4+kf)p53*3~ZIO
zImOb7o3}g=LERyJ+P7>e!R`!x;PsaUnbO(@O-W!e>3r&Kc7hPE$Tr$Os)X#+XS;!o
zVIlpLjhPfwE{!SGt=kk@LHgIPbKwL)laYQxb?ky6{)Ez_8rqUY<c8_nC|-VPC;^La
z1to|`z<N^L8C9u^`}d3^i6h0g1ar2+kWx0}=?(PRb)OR0XlBtujeH4)k|>3^U4!A5
zu7K~}dC$$3P=g(y|I+tqEBE!#0M)3#sOxKP%UsU~yiF(3zeS#^1(#)foMIx^Zney_
zc-^}sxN%1*47yQkinK7&8ZYqCI};pND&yUTjKOFnkTYdXP_d*URQrC}WHqAJNA=Z&
z)zeQc$3A6R*Lv17m`$D|pm2`h5L=9NUBRplX`Ea7j`~S8j$bVsp3s>+@F4+5J+R;b
zFtBcBPIKRZ)29y1y+3upN9{V3al`hBcUH49nqEJ(o{PGnH^qEt%e)6W>EhbMr{5St
zEN%6wLOgQzsa~fi&A;ALCzvM2J+LJJXPa3lHGnY%;G(}1N9)zdFq)Sj-*zz4D%CE-
z6I%O1T(hP%gdQxaW{(>6j~g*aN+TZKqlGal>UwbKjGKTM+_q=ip7}%_Pe&~XDRA02
zo6wgM6yEhGnaH<9lIqkW2(*A$^M@xxSI@grI)%Aq)p2YV2MGjumuuU|%nJCaFS5k?
zC3rnOH^(Q<x}q9fU$KecOYBmh+QZ+4h|u=L<2dt&Tay@ZXSBy?ENVd$BrSBP6pPw<
zx;>MK**(5>T3@M6SgW;z{YO#Z0}H!oYC&cLNkE&Mw{4>uw2CiJskjqJdt|Wpt*5h0
z%n7RT9f^c|-9puy%-sZOJ?-1LE%1uZaT9vbs7-4HBYk>OHZg9+#n`3RXM@8NyY=8e
zkzmJp$j2!qbfBa`zEIo-oz(W#$)pCE?%r|>v~q}Kr2s=tKYqk+dR*!#!R4A~hhNcf
z-6hLo3~s{B61I-R{YBC`Z<SK6?SmYS&lKOE!i!J?FPZI^E8CN8e9rPV;W=idl!O%K
z1J=H{Y!rlP@`!|~8qD!Of-U#Btaz4XW{>XLAy2so^-yv7?SSz{;Hk%%h8Bd0XhBdl
zIBKUV+$=}9?f|#S$??LUD|#*7+w-M#2@(|}){h=@*B?xO!1G-`d?`3@r|K{iGr)X*
zbn!E>H86p4k7>a~0W6#dfQ29K9M~@|?~fnx9Rxo1fQT*4JijMX{{?MMs>e+JWH&f%
z{D&Irxe2C;V%WP6i==bK+`-C@$${bt&041hjV-}GB&<4^Sg%VF*6Y#9Y;g2c5mdWk
zPCSyjV9e~=;pYD8EjZdwlWtU%U;}*h)2p8aWS{*U;mw`Nvm8M)0fXk&p}Gorpo2rg
zcVsuifQXDyy{65?W>kd3Ermog_>=@jfeEl~^fDrnEp<qzxU7}L2TNm}?8H)vX<2!m
z(UZ}1WU|yqX?$5Fg*0UE(A0k(fBxCZ5zI3m7w5<LKnPm3bAVlnfw^k4ko;=l*gc>r
zC{a-$9L*uUllo*ZJ>aSffHr;s@V7fU4M1q+KrGt@2|-LK-L8N5lfFT61e|As!goc@
zQ}U*H$G@_UQ1_z?Yqk3;IOwhRxTmQheT8;_a;^fHjP|&9me-G@5&&;9Xjp`04d`zt
zE56Z{LL!KT3QYFqYw=7mWpU-fOEMunZJKSxOY(sa=gKE(?94BMr_NE|x$<cvry~CC
z?-bFuzf+JLIl_fI6l-{rA!(~+z)4+lXg#(0uO&IjlahQO-n$K8`DH<6LSEPsZER)g
zxl9%PFz>@T>ojh1D!ij4cTsauxxSv|DR~ZK!hCDR?kzK{W{;FOFRhcZ-pZ-MqNmt?
zcT%t??@t=HvNGltWNn4QE!Y@=Oq$kF&loZ&SlJAz2TGM0y84Jk$<f*P8q(MR`y<l=
z^KfUlwXn2MUTPcc>K7f@#=^D5+g<45;%9x(tDpBk7e4>=LAQphiwiwaTI+$*S`T#T
z%RcDh)z5qKE-Zf8hTdJ=An!Nbo~gf!ow-?9Sn9wQm%6Zp&%3b2FT1dXYhBo9pI&RU
z0q6Q;w0QOELKCdzTU=_wzH3HB71vf8mH8X~CJai(xr%K@D=%iub5fEEjYiEk7RSx_
zaU=TO_%K;cRDZQKIE^q@Cw?iBuO~{w3O`wEwv2BRnfM}2XS%|!K`0Gpd=$g(wBb1<
z<yba;mys5Z48Rv}52h0jONoTAYR21^$Zl!G>GJAi$fvedlkPb&j5-t(Q$w%gD+WJF
zk%>*Nhr8l<%oYUgD~f8H+6)`kslGgL=$<((O&#Com~BK{sZxUyC2v7pGgD_$CCLc5
zhH;Vn1R7JvN6`ZifvW^Rfl)mwD6T67_4Gs_iD4;I5~@VeBbeAQ*bAAwC?(nvZ(uN2
z-9$`1)N)3hrp}OYk3lHk1o(sQIvu3~Z>a4NOAS+vETn58ii$cgIgW4VI=VaCk22<1
ztB700uoZml09QfYK~0cYjS>cmG~(DKPEc@wU&!wAGUP?!Q3>uHOp&o1BCewiTBg{;
z<K5*W^pPpo^stC=!Cu73%(2QvY-C2|iU)u?%GpuGC|ksGH{mDi5?;X{qCP89$5@_7
z7^dE7l3Y`E=U{Inw_Gww3YA&|<_fF^NTp3<Z-t)7`p`l&WWWA2)#kygg$?pI&?nCg
zpj*ENz_n@(kQ$L-aA%}B6^EoABBit-3@H*%kB_$fsnhl&%RGC$ePF%>Po6sjdc47*
zaeKjRi{d0LqJD_xRL+eeb&DgTjB;8O(G5Fl>#{ntiqtKRj55lxP(;<M2f0@pcIMVq
zi3KQ9w>bTasQO$)w>baGC_^Zt455rNgfhxmS41_UGHT~|-75{SOtq7{PStqp)HuQG
zR2%PN9kl_LQHD@P>2n#SlPQ|dU9Za?t;#~o52bV?%|h3wr{`-Nn+`IBv!Y2Wu=)JR
zO|XsIhA?r}fVT}*4o%7t&|Y5nhWdJ|rMeVju80x@!lHW$OHBf7ih15tPEV&j7%~9|
zwgc3=j=`ICOjcTw)!R05b}Y<I)FX}FQiuuspFEJ->rcC;>a)VLBZUug`g;#qE_XYD
zFDkZYX}ecD^}NCNzciVe9KRp(IGQoNdP-Ai#(xpfwe^F+Q;(Vt>@CYSW2xLc-linI
zfTbd|7?3rt1_t}1h}MiaiZPsvdma|CjP4al*ZFufszNjdvkgoT30TXE%%7jVH=wG1
zJ8W0IC^!tFB{MS)^fsJ(JU%ynEgn)89-1va_JA%zO<m&A+Kr1x>4RTN7FmXmPI0bl
zHLJ1Op^k%e>a{@QR-8&(kONLdd*_kr(7Nl}fp!I+U~PcfmXgIfBGY3Jxy`eOcd+BD
z`?-u!8k6Clm`oAXVK-eVPS5V}v0e^QE=jlmOW?yEm|cpc^nq7RDUKAw1?}Po6Cx*k
z6PF*oOgToKy1R06ux5`vCVThyIFCoT`KdVQX^ZdsVQyH-J@56|?)4S%AJwM++`VD!
zh_KecJgrGQOO;-ZMKnJM$KLN6B*XHf6x40Ly$$C)<Njq6HD~Ipg|u!CL*(`VsJZJQ
zJ`L=FvH!S}6c5`Bb7^9=>@nsDKXVYiwAGS*Vo)||gm+|HpTcl{-aZeFEHETP*v#5o
zeusg;lckN@Vu2FvX@Hcuk*<vQb@6N^hK-o~s1Gz7kqp_XD^7FhAGQ#=O)OwEY&elp
zZT(YNXjES{T5X!mCS(xS2bTW8%&;sdzQrs|;AU$8IMRTr1zrE8EV}qh!7#(s9h2-+
zS03CETWmF{6ox1k#(|gpYE%{&44s5pM1<LGbMurhY5<mMGn}K6PU<v`%QDrPn)I>x
z>SSkT37QKq-CZX&vs&zA$Lw$`7gxjzYrb7tiP%t}2ZMvzXc^ZYC_^!8fIu923@75i
z*6se59|R2(@az{(&3-ozxcV5$5|}#-zG<z1$yH|Fi>oF7{K3}5<2>)+I!l?7M<Z@x
zaD8oxEFBd3S~Cih0eTr!TMj{AmSeDv3GU{ff1u3P^!cWK4`zA`6Ssofdy1sv-y^zi
zsdo9dYC3aW@>FX@khe&DhIRMu12B0<b}tBWe9J=F9t?Ke)%a*?@m&M*l;G~_(&DF1
z%yG7)INV=~rw6VJDZ2S+5W$=GH@9T7vc34}!eZnuVcS=0IK^`0?rLP;yt|a^ErPIl
z3BEczIsM}5=MkkIc)pZ&cQuEuCYX00Mli)2o!riFD$0>G=EW~lq4o5uO_GAcofJ5X
zfHO+BxFt_1!u=GS=AhvWFXJK!ZGc}+2SAO~)FqX#=}U^Iw}Xj|NI-`0c$C6?mHIAp
zL+hO&$S8XU`=`^0OSc%|og73+goTMR(YF*wlfwqFt&kwD?JXfsF~5lN<NdvqPm~K8
z7;=*UH}!cTE^!W@8<QtncMO8WC0Y=kBZd6cPKt<vp)G;svRtmijM%-?!w7!+=wNzy
zJefoszRwDnTZt6j0;H=;wd|v=HAHD%b)jin0*wRD@%SFKX1JBetb@rXDXSLGS&;-V
z(%gVB@<x1OoJ-11VhVBCL83F5^^-0m0U%XHj8dsriG@tLczc#Y-ymP?Jx`HcAC~%>
zY!79B8$nLF2;Swp?mQM9)c~QiNN%zlk9;99^dyCvxhJW#yN{aEjbu-5#@GWLb~_U-
zMwQ{V(rm#37>{q`dZ&ah*tcALh;|of4lcP=i%e3_!KsY(HEli_10ROdt_W*ZIo2Xd
zw~H9(TqG2Op)TG#L;@vLUlRzwQ)JO@N(^C?QgsndlZYFs!-+3^q!iPIlOXT>BW0^&
z-cTK_jkODivO@;Iry59~Ies^ILw^ftO5ZN2!<r9ig7^qLH<GJ*dZOF#CIDn_WLURs
zSny^-$Qf!tP0s=50#t))RiDtdaB10Tfb`~B56LX<w5yJ~J#8pmb=7CNXi_YZxlas0
z+icI^9Pvlxw`~kqVzdER`eL08ME~2MVpS{)ce!KURYi8wWLZRW`A~YhU0G-uXxxgQ
zHk18Oa_daVzgEV9tFm6QPgfey`E(2V+^nDocjG4ms_nwS*I=>LG@v?D8gnB<6Q&(e
z7da`yX>P2jEIR8<nxVRZgv_adz<P@&oQ@=S^lUL7v%OWZxEYFCsB_tEHc0Z7r%xb_
zOg{k6CpAHJs6ULFJL4q?GLa#cy2c0FWuyt&9%3w|^$j!m*b}x*gyXhTkN>b!z?pGi
z+$@C2?zN?LD%>I>>p@l|b>d6Gq>DKPl5anR$q3CE?MYZn;9wK`6tf@Mm^_Wx=>i5!
zHcb6)@96K&aHt=dIuXXypWoxh`YTk~!U*h85q;m)lJsXA8lc}K2r6i*3I+UBQs@W$
z(Q^b?gY5}nBxBy$DKyZB&MYJoDhq6$;>`>LqQP@zfU<Dck|Nki==`dauy@k;(VRc`
zpnC2h^;*hnRKb?%xCjq+L*e9U?!vRWeKO&bd8!f1IN4iR<t{~dL=|dz83_c^VMh~u
zi{jo&neRSetO{&yrGOA31!Xm+v{g-@0@g|jgMJX<lN6hHh7B$e;t3JwxMGg@3b~a%
z;H^o@c5-lh_`C+dJ8-Ljoy|~hvh+#`!NkMdzQF#--lV$An;;8-;P#vRA?r%ZS6%@L
zat3kEio=Sle^_IKVF@ttkW81j+FBOi0KRkA(jjgw2yL|>R!1(P_T08H)v@c^j}+6|
z-r&mGs^`X}4jTnb@V&?oFRo3$VnvMak$IiP)_68vN0fA3y0RK_eFTr1qwCmIM9E<e
z*^Qx9$KdQ&on)fT9?t-yGJ@t3W3}gXPEInAs&;^4a9&AwU{EeCh@92)bEH2Us#5lb
z>04DB!P)v5qe(8mPf`F08vQib7D;}VMl4jpWD8KXBngNM3Uy5ED^*Lgx|`f;86ex+
zf%QCB7~MIQ68G+D#dR-!H%_bZ=^R>zXVU8VX|?mj=~ViZQ#Fae@DZ1VPo&U#VuW46
zgD1M(b-Bni^|+Zd|2mted|Edd(BW)L;0?3|R`u5kuxs=~7XAD|f3*4Z`-A>Wk9J|h
zsBE@5oIR-yPH1lObn&T1v-Pw)guC1uT|slKitmo_YO|||4ndiQpwFr8X8_AL7vw|-
zy1*NcrW{ntPvufJY}$JO0fe2ffM(N1l*?B>xM8-)sr)7wH&sqLZ_dJMuTla|`6slz
zf4G~vA<rcdR0=(dD4M1S?)8k&PB1*hR*#?B6f<>RIp)mwCLT;C0g7Th$N>}&hzN<;
zY(1R_2rgJ!dZub!^t0ZA+(xof5&&Mah{-;)0pOGOhuf|Q#>|$wS8u`Z-8i(+t>-(_
zgWZUuwStIkL;t3GN=J)kel2E-u(;Ln>}hqvqJ`9a^I0|Ce#UA&)1${@EWe*&9F1n_
zIX05dSn1@qzK-WZM#q+Exl@{0dfb4^zd(Ylk524ExhZ<E`>cA#gRN&3rwo75$3Cm3
zJ4r0OHBzMJGZYo_=vRwK2|`A*2l!OC$aLrdr3Yor`I->rF;^;{;nXfOteWxKidb&l
z>vOd1V9lt?Z<>^Qz;3aoq|5andMpo|>|)NU#9h7PN#VmHd~%q8qG$xm7>8ksqTf;_
zkNCH-$5@|Ln|zz2vKtBoHu*PBbM%1E(G#mD$>URlnxWzz$xsjdu&Z(3O<?9f9j;22
zqi|jJgQ)|bA+jJ2{*RS1*1z2un||scNJfr;C<ccVY~tg*+PA;#-O?^s3CyD<r4a~Z
zvutVdsjh%N=UKW;uXY3kTj;{}b6<b?7Sus(6LbIZ;JFcwhuj}6d~Q6m>px3?D2w7>
zw$f8vAGqaK$rE{~c~A$Lh}7RmG<yaNphpgXV0%C)8lO;(yv;bDc}!o!))5?e;Ec`w
z&CX>9;wn2y#Zrmo%xYqJHas}UAU)P?0F);u!(Qgd4et9;srgrZy``b^WzuDpU?<5X
z<T~o9(cq{AB_B2=NYjjaf%T&k`(AJiQ95;Vz9GpKsljB#NL=T6bQhk@h&-Qq7$qcV
zAy%QGbBN9z^)J$EjR#F};TGWd)ngJ5tC1Yrl!^iE^VS4mlOgC+$x#Lq5M4_1^|yei
z6R!0L2rQ_Z`Q*x}B~q0?DWW9EIoKIt4-e#$pxStFWBYKlKNvo*ApYCO)4hm_Y;oIW
zpI5MbfMlnU*04dD=+6#~N~R!Y?<s^&JiE2i1v~tk?<&)ZrMNy>d=QCGitsGl_@|TW
z52*l*DGQP!h_xvcEMbcB!H%Qn5k7i!z}0339JB$)xo;xKtjzO@(R*OLe0(h4K?vvl
zzdj*gYNjWl^fV9~*nY?M*BLw0HCfzr!6+Oo0)evM9aXi?$vZe)gz-qhB?WORq91aa
z+fSPY0eEJrAKqxm5x6}iR0M+w56cyC3LfU*Ne+s7dRFd-ya|7mRtqBn)`vC1iQ;4b
znVF##E>gC+8KoH(RjI<574;^?VXdTAO~w`V(IGa-d!6zzx<-5*i^`%F;e%}H3K$G`
zm{aDAO{0+9i&VbwVQM|i1!-Sih3gVpWbTDCz|d2+3nfs!F5?=#HYi@m>zbr5EaR#<
zr&5Cp8wD(FTeeDFNn-mlz*sc=&eS>JBg_W5fF!%^45^nggZ%C^$LY_?1cWzjBcf7H
z(YvAszy(*WWX_}sSUY}%<ugytGI-Pl>CDI(&?@E#eb}`3D;b1ABZ`q6Kjwq5IW}ey
zT>i?iX&00fo;i<td*3fic#V?bt`X=<p=)(Eji4`2x`JucsFv7kazap-H$vF~YVe(m
zZ9v%#X}X$qvVHx2ID_HL+aSN;%~_CUa^$$iD`=qhHJplmjt6@4s*oADTS%XKi>(hX
z`!&A+bw3(VD$H39Ohx16Ls!a4DEI%W0nrPsibBkZIi6D(x>bk2<LwZpD3(W87FRbh
z;u?<@`CfyvmLM@k2`pyEGvJ|L`JD3NonMh8JSN4EAoa#k#2=zXZw1lna%n7U--sqE
zkb#K|WPs6u9A%EAa>#&sLl>af(HUg&YEde>Re;pHyeD(fyeTtGt{r0-s0-i-W$A)U
zg|Ioghr5P4RXaAv(*Dc<5KfO2r$wH;BXc&SxFW~uq$6XS3L?#`)`d5;qC%SH;Z(L{
z1t7*=fcBGz)dIxcX~rZr7m)3zxd{n;I<r!XO<koeJ917=@4FT#l4nIuxqi_g;zY~w
zIHL+k95Df^&zt~+!)x2MHE_lC7!l`uYXXdFGK(jXBURJPwLbe6=S}LX*<J*KgRgRp
zpeQ>!f?A>nY}tt=h(am@GrEhf6a|}xHG&)%oK;bcnE8Qh0=N7wILRo|>n&NpsKoSV
zIP0b5BH`iDQ=Wtt0CE;FV<n#?2T5vtpLOR^uT!ejA;cD4C^vyZ5DGMbkK2H{uXaN3
zeoJ4}iuX#Pe2lmO^&Sr=?@yJ22kw=V=^;$HI|EWnf}f&c)UWr{Z=n=FKxEdldxgh!
zXyrLf=nz^NMRJ3J%=Bl~JlQD3<miW4(T{TojuVRO0x<MrCSTVPKT&extWIH?R8+E$
zex=mbuR8C1wndXYo>J0;dLhV&rOS{<kW>8`#W5oKA;4fdd<4azyU>9EYR5+SIA!$n
zh2u`8ZX7(*kDq)TGLMOfGN+&qCPikRyr(=f{ZWnjU7rme^Qo%A<3l2_;Lh|W-K}I#
zV}hA1XRiyfETtsLyPGh~5?oZ8F05@b6RgOU?wzZl46L^GS+_kMUuMFlAcle{$wvFy
zVBpF43L`Y<^H)~1#c-R=(`jEB?h{7iokN#Ao{>$D?Q0;;YPY#_B3aXQ1IrR7h4oZS
zPB0T@)=?JM6#ACN^5)1MzK`&SYi5jc-pRSkn{Q+`PU8GVn`XE`V%0}U>CCiq9aBeK
zIaEhO45X6X)A88mfZ0eWh6v~?E{XA7RkKgUmDXckwuSBzRRTI-zb49|G-o{Nc?`tj
zy7&>^E4fBU4$k|Nr$}P<cFUhP;UURi8LQ}>gCo4v6@c>gz5t^)$c2)+m3><P!xFv$
z)I#m%g3D9H;;Gtg+0^n$cpc)vb&O%yB(V)8ufd8J`|xQ8<hp)3<B9%kwjvCh0MG_U
zxhtR1GPVLDV^cFpcc=U?bMih#<)$VIpf%Tkumu~;votu7o9XrAK|9@fg)(`(Vz?H$
z%gdNX!fNtK$|X$$?x<Q9r@yxCAkhI^Zv$L_XhU`W=R%6v5aV>1)b&AP-2f^Ys2TGb
zP>(bqTGFJza!Rh*9-`oJCU{{{xa%uoNVmS40Up}qBjE0I8S^pp964Qva30h06;#TB
z+}~v~mFjBPa5xNP!fAqs6XkzWR+~P7EA}1@n&%rvz;@a#Xv=7tQfSgcKG}Ym;gIE7
zcs#nTqgdlUJsJ=AK!D@~2dwMR^B^0h4nGcH-a?+qdMu;&m_#VvG74F@lm}=x_WaH`
zN|W{Q0Nos)USJtgK$VyxK~Q6->R9-SssZ$>4nL9pLS-h$+dSPS=Hc}t^oJhPtkKNQ
zfu%LS3;bN(*tE$Y;6)~NE9F<m*fTnqgL2nV`Oiox^y$7Hs>^|tj!x7qDe^7PJuwrI
zubHSq7diFqD^CT=nA&UI&sMFwS;(jKukrl~qb2o)PzDd;jwpjvxvTs#%r$#CZh58$
z$m)zldk5O#k*!Bl(5#Nuh9S#a93F>UF-RQZ>T~edp1*Um5hrT<gq4j6U%<ROJ=v|Z
z;3iA=Bj%AoE|BafwxNP`F_FdFJG@ckhj`c|;%J;p<q~!iZ9tKQ6)U61MbbDP>sfpF
zGpOToe^5uLp^VOoq~%kPvd+ju7J1{{rj7c|o>eXCfR#8CEk?yd$)O=UwVm=@R+<-N
zT^F0pg~zl?@ZoYC%_1Elih5XF2;1M_o+p!jhjN?1`NqpbT>Gyb=}JSl&Df1mlfGn+
zehL_%XX3-hrO(4IP|EWzG*bvqdoGUq+4dn${phT$0k#KV?+@@|a=4Kq-rd_16r?9V
zRQFe|Zy)jd!w*$ey>_X3QdQqRs<7v&j;p_@KH<No_TQCix4K*%R+DPKI;e)#mFlP(
zk?RwF_lRGvru-gQt|=)4LL*?8D}3`-kI8r8=|*+CTB$axUsVg$Vs**#AChZE_}A5+
zQRlIx{5FO6s%O>5)!)uZ`P*ul{v7t!^JjIrKdY)QHprzO;qjQ<`m6Ym-e2P1BZCh4
zJ2i+#q4etF1NypLakob-N{krICCYm4D}*EeB~m89`5Hv^k<~OLene<MjYs74`Ytg_
zY#^vn^LUB58CB02`-L~w=)sgS)2h1qkP^84ChxI9crR!zd+tltpCi^n{l7$xJ^og2
z?og9*&Zw{Y+2!iOh3dsWZ&Yj5U6P}t<#dm#apluJwBbis!^=~DR<3g|!`1UFL%Xll
z`i-<4KY4mz`?UJ3s(!geePf%VOVvGopE5HKn7}d1bW~MuYo2~>h<B;_ohJ32Hso1V
zy?&|s4QYffjzHPJVC#(ZH^CQxuYu|-RdrVj`IvtbS`rdC{8F_+dsF_YFIuuGi*_j?
zN}$()t=W)V%E6M}JpXK{ow=xXafROgFVy#AdUs4;#?&47M87_Wu#=2W5)z)!XP$rY
zulfbf>_OKf8_Ox9)p)qx29c|GHalt6+qcQ_y!wXxhin73<45P*?!P+=&!V5|y*8T2
zf%i*Wbib-T$unFMiUV?M^|Tg8w*5sAcB|^EZr@esDS5PtxM!!OQ^s(}XhdGM(!Q=%
z{;kbM-s%_EX+b0=`lYq^`Kn&OL7IqD^>wuBM8WYH2k(qPB+h&3MCcJvwR(x)OVtn7
z{)CYF9|Q#Ab2Dnp?fs~F-q@^eK{PM3D=siL4=+OQKWoIVR-YH~rRvK@`c*pyF8n;o
zFR*tGn1@G+gkE?*QoQE*scL6ls<%2X)%(y&z1-d}nq9t+WV3t7><g#7r{k)Eps!S`
zeu&gP&SS}`7e448Pk)YbOno_;<Lb-N99xlNp*_A`MkAb>G5f-x&KNr-hLkwALsh%$
zJSDXAbR?>UT}tS{yu>_e9~_9r{{A|@q8wA(L$QbRIksczab9`s+~?BLS@go|YPVdy
z_%Hok5&>7Ya6--BL+i3{$sjjEV$Y)?PwjLUp}A7MS^Wo&=>Y@Q0fiMMHN;Sz9BA`u
zN}aSE(~56@aWEpN(fa3XCh-;5b!5Ew&wV?)e_VM+o%+O#dhBnh@K3l7?`qw5*fGvD
zi4lU*{oJ9>I&Cm5J1~(t8LIcsVyCK~?~~JW+@+>nO6nY$Rn>c5OOyTL?0)aCF5x-W
zSc+p#C;wHiL@`fv&cCN#YWWUq>VuQ0-oscvwc4oT=eh1yZ{BXkshbf;9nG}r7kNx-
zf6RY6jdnGvU+&Peqtx~~DZw^w&_ig^$0baNrTG<#bvUkzP93U?UsOv_PyK!leXcHk
zSzS~7^@ZwFqvr}OlJcp+u6k}@*NmE1uP>7FnM%I?86hkC{;(dKui_n>Q)gqV_wy|E
zq<-kI=E-%b`kop^ac9-<wK8YSgL+#%oIel!!pSA(NdNts&E(?AB{*h56n7Ct>n_|C
zC2ip7F9hl5!m4+*nw=8w&o9B~-qj3s%Dnk4y%Wdrv1WjM)RX7qXl>Qj-9?f<9<=(6
z_dvpo@Jl;hBj|Fg&HhCCZFu3^t$q|~#RvlWfD#Yplpw9A#7#t<n{&n-wUVc&<aOHG
znbQ_&(11L9QPVPI26M`g_DRg_18`Y%MuMgDiyO?L_&#y}V_-TBtKW3<X@0voncoG8
zq`sQnQoXes6>|)U{;#n!C8sQD3`U`P(tFFXUnsXYw;buc<&b}R+X4R0zEK_tw$~Z+
zGdR5};rt|V$A0Wd<la@w?@!YVh%<NShEZN|z14>~T$a03{S8=qgH|q8e+O0Q)={2i
z)yHM5ubxGtmDFT3syTnT2i0p*npE${n&tgf<gt@UHFRkBhfc$lR#K@OiB=~{{*Ks%
zAtPHbE_tdM?7&!=0wyZm&gZaZzR#i4k6ZN#)-LO?X4z}tNxQ6I&9cs~H}g5HoljhD
zJD*_9e9r4OVOME&p^@)|_yYJ}=F6}=4#Ads$~vr>?{jjN{Zm=N+HE+jS@v2_K8Kb0
z7Rl9a!(q)f1iRMii&nQ=R<LGSKbf23a9A_n)#?kz*UaZI%lEd<b>ZzjXq@fKx8tO$
zA@EG%m|PYWH?Mr`mWz(Z{wqr5T!nr$@A?(K`LCx7uN2puRTmw9^sD*u-)r_Od{JEE
zt}Z&RR2O}G6@1R3)$ik|ei38n;XQs4qv=U|zkk<mP`6goIfHK)tIPdxt{;@KUP=Ew
zohe<uy?VC`6TLYmcdk=vMM+V9233iw<aBP{No(q2s!x0r-IO~}X-Q&1g`84WUj@9c
z|0RDZ?yM`jRlgEN?zSfFhv=I`nCi_&%+7&siCg5B9_|+S_gy-Vy1D#3>Vb0}?I3o!
zrpEOr)m=%1!TCtYk_Jm0pfFY%ozSy{Q1=9QXm!fDH-79RpV?ez%v@_me;e>iJ?#Xy
ze%5R@M-jD$KC621pEl{H29l-9mkmIJUaq$IZ;h?J#j$js-@l*^vD}wTwc<K>$)96T
zMN=Ue^~gl^_Jrlh+#%l~`JckH`tjWCeq-r>E@Ww@r)4*!Xr?T)KvF^+pnzEh#dMgi
zvk|q0n>nl3?ur1hMLQ|K>ED3)K+j6s%81_z?S<N-GUC^O{Hl!gsYU3A)w4=Hp>Xkf
z8jz*t2&6E{`RCM&@Tsw{Rzfhpy?KbBc&Dn~+5>IJrghLJt*&}oT3fNImwGnnr3Rr9
z+B=)AnbFpGN*hypC8kcovU0fi&`32QrBmh&-zxVxXsV0<5nMx<c*kKYhEr0h!a~3G
zA6eC`h^^l9adhf?y94>%8n_{Wc>p%MTI&iTo3@wK+G4lGWa|Dz3^!kaw?oTSxz&4@
zQEd8u*Vz#_!K-_W?!p@Z<;LZM94_;GS6wwBnB4E=9NJZ@s^R@EtSIq231WxrTg~m5
zen~+bf_qk(Nj)*N9>>fpXSLwU3bE6d$T6{<>qJdTHopgxPD*NPThXQSlu+)S>aQuG
z8mfzr330e>I;;DHnzj0Izm;*odw-dfW2>R5h`B@=sa?EQ<wZIDu2_qk;KL@Xw#3mO
z6-4#hduc3E7p^cf*u&B0B(0~n*t}xVVWpj0eYL`TI>suW)}I%^wC26jEJ^(>rH>PL
z;f3z(#IkTH^tSfPCN+ufiIu6Ywjm<pQaFiDirPt~>Gz_SDdBZp_>EK72Vm0m>Y>qD
zjb#n&6Scj;zZIjvYwUzY=He><7GZp@Fb6O>H+9?`)vM|~R-04W_LX%?DyBfIs#`^+
z`tc^UiH)aI_f_sqUtYJfLl3FNk3_5Mlm6?gSlI)c2jQZ6!(3jQmp^b-xFjr5nN!MW
zEkvE#GqMDeT754J)_OYKQOI}ij8eMr@O}t4r8@KVcHC9%F_JQuN~*8z_7>D$XXa3N
zeIoVH_u%O7`ECE_j9Ap^GuF-{%Byj>%HSUT8XFExeYLFqZW%$=8A0sh)pS;Sf4cdF
zzfuwiLstoDPUiJTrNv5!mDAjxC%;Bf(ukM!$5m%R4;;60f4a=uC3Z&pLL%qyj<@eT
zJ3D`09pK%^P57EIh{C5>Ro_+rp{kafIbRmjCA>~wXW<XwzN*(gX0~++?Ylq}I$cb^
z@n={@_<z+{EjL;EK5if`n75!do759KFP{s-f1NNYt?K}tf5HpxrpR55nkyB%M|4zY
zre;EA%JU{T&8VY!wcRH~RBPJnK`G--MZA&lHO@NmKfbG@1^<0YN#jF)WGxzrQ+|!7
zx*AunJ}ST833{Gqra3BI6ZBH@%PYoz#R=oINVM43C(}E_&KLjGhx*!v&HKh6s4H~X
z85uG9BI0V`4q-ox!b~MEy4VZ+kJvrt7KCQTQQ>t&sVflH=ybQdPm~6)JMOqM)uOrq
zi?*~+T;GvT-DeQAU^ruI&EK$F_0^hMb++g%f+p(^m+a1$U$z^{-`(idyCJUV@D^)r
zy?m(rLU^$yVL=c`6KER*+v8%u{eTv`p{<uS$;tuiveYIbI<&M}v1Uyqw4QXzI5YCZ
z4o9uMx6&Z$jWQZV7pJ1{O0#w@d*4LH4w)_WS8Q4Tyj36f_t>v7;}ElYu~#vH<^8}d
zzuEKKue-2@H>AmVCsM^OrhE5`cL~AFyzV#b<a*OXNo!QcOjnd*NmG<!=|1coF=@_p
zubOU$gT4hbJyip?NZaV3-fl9l^x|XnYq9#4I=8Tr@bO3-&`AH1c0$;$-tEij<*%N*
zd^>0Lo0yMt^x(bzywxY=OrE2jU(C;+>(YF^N?qOjQJ1gc`RnS-A9XnnoWHKV{MCp3
z^SEq6V2#Be&!44vIlFVvpR;d-{W<&k-^zKlxgUi4=a`=lURJ7V)hq4otJm8t)vVX|
z<*U})SE}mljzoFh^WSJA*1qc91*uG(R<39>t+|HHwC1Wc(-!JkEU2U1PkX*jKY!VW
zheg>sz3gi@z1iPxdb7_(`p0dW89i*mQ3QO_gyfMn;h&<qxrXxK!sRAB=U3~^G;05%
z2{}9WWoY`R{D<}1(!6p_xO!EWdDGeW`<%xpZoc+&-GxALYgr8JDi@>#(JiuS(0MMN
z%-KnCEMl9d*p`$vmSSbK(8p}MVnk=ZgvzYSk@Duka@$tS`!1F}EEdJIODPk|k3TR1
z)ukRWz7M-4x&mGGwYW6(q2!_@xJ%iQ+5dhHMLcL$h9o=6yW*rWlU-V!b#sTv)L;Jx
z7+C%5CewX>*{i=IZ$`39X3Nhbi#3_Os+Z;L%1STq!vyxT*6n??$#mnA-_XEygj)QA
z$`^E<W%#x9_+NGPPtNwYC%nJ?>J8~8-I}dh?_2gJLORRbCkwhgd}12cek!6G3;M45
z(`5dU%YU9%t110f7kvh+FG{)HHEM2{>pDSc6n%4P<YH(q89})4MlM&qt9g|c-?gGi
z8?_P|V(InTshjjwI<OI}WEg_vI}45Id+ZIX_r<XH)ox?{899FTdzk0g#?`wkXkqX0
zpGalRqJH=t`pD34YYTbH<@Wyw&G<(JZp$cHI!I|@T^EX;_v5ZMbdCi5%YOI<8liO<
z=<16Vn@gW*&ANIe0XbuJXcS^>8u5j%C8`KJOJd_IAG-3ux_%rMG0{Bx*k+immuud{
z-yo>g@|>M3ocnPt+X{Xl!Blz}^+>wU@({5cul+gD>f)v9f70)Q=E=n>*Ppb_?P6DI
zUmFqs*%4akkI)%uUbMneCP)ns+FQqSnf*xntsNv?QpR?bmDMX4@=4a{YafVi>Bv)w
zETm?vs@{$qTj`joekmhOr#U(rvMH8E!|lYo8lU$>#*Zq`LG*6E5mj5RJ=S5_%v-0t
z>&gWkxkdhuGy@V__w0sMcaW-Ic&9PwcGUXta|!m!<1<mz@Ud#pZj||^kJ$G{JRH!0
zX`1K{m9sp;luw%O$Fvq0U0rME(ujO-3Ma}kqAl?p0Ia>Kd^(G?Hhz~|=Fm>kDr$}c
zW3(T1-0}#GnnjVQXQ|x-U0`cQnzd;~#3pFW)feqDQXe_qNa^)StE}crxLEzBU9Q`^
zI`37nJLR*Sn056;^w{UwS5CO9HY!`;a@M7A5C-WU+jW?-(XK8Fsv3ncPO~rBxu(77
zt1e}mQn=}?SG~-gF|5dWKTPC=Wm40*zF0d<>$%I^i~Z7G91`!FYq4>T)%5db^i%kz
z711pJh<et}?$_DtSNG<3{k=J7>1${Ap^FQ3y9@p8o>5|1yICiM=-m8#r7E<<clN~_
z3!Ipr@{b#&_k<IB%)jq=?Lwo>@2Ous@Ye*dUNfA3rzibqC{%xjJwZAHT`la-kEDL}
z=PEn2=F~#;M5`We2diJW8c@{jzKIcf+3B_#)tgQ`9gC~izJph}@NTB{;$OA1*ef^H
zg2WAfjgawqz|8qx_a|?nG;u?!HBot;nZiZtc@r1M_5QD3vzhr`Gf?hB?Gfj4MDex5
zgy*7Y+J&mop}tR4S}peVuR8c?b*tZTu4v}<E^|&xf7v_-M05OwN1U9xKbAqVEK7tx
zQJ;FKl~hY54UZbCn<e+td;q4k-nZE;MZ~DB#L^F{3lD$VT=+b@rH=NA=4QbA;@}~g
zJeIGOc9Y-dxQ&Xa>VR2v3@um8PiN0<SkYUrFx9F4kFNKj?}rim?g9H=J#pOgySRRS
zM>N@QqLkmI8sUXRbYW}tw$Dedwffoj&;oHl%BPi3Tf$t?3-w-WhY){J3I-GtAF1WG
zRfzUy7PD<$)|#+<>*O{7+9~bRuzR^wef8?KxKX>#A~>%f(F^ChH3xAXS6^ub#6@d9
zg#W^qu$Rj7ESe#@CXTnnX}1|^m+FpISm!n<E?*lZ>b1hr?$kOt7o@)V)r!ii2cm$s
z3hSD`656*8WxquQv?rSQ25sMrHq}e*C~sACR5!7rZJ7>-`eKiK{;pk|LUS#t^Y`7}
zIrjQo1-I(>=v<Mwq%ed$YgMRy_{XiiyIz_V&6o3F(#6DXpC_e>7U{H!Yc|btQ-Y_?
z-)?bBzHBMtXC0Gus%PwqS?bK_x89#uTPv5m{KQs|v;!Ou{WPRcD_h1n3fF@gl~!t6
zZ|!KcuKm#`XIJmvw_2N0m8|Y0xm8cMQqA+QOJmi%`UxU@av3+;bcs(?H(O8n$?IqR
zilt~o+QaMo)ht#k;$}lebooU5vU4sz&!Tu*H?OUYRUe=-?XO!iT1x)W(^x(6I^}%E
zu42Bwh}n=Qi-0S4-ff~z!a47i_$V|9k25YhKO#BXuXMFWTAOSi=5wXmg}0Z`yopa!
zo;W!I6QeE7gR3*?<5S1ANc%CkubFVpP5tbf3#TNR>!RJioVUC3v*@m|fUlv>K;ez%
zMmVraEJ{)H-$hDOzo|J@iGG#%tF#p>A9L22&+)w0UAofF{A0C+&gFKu4|)G~_k^&k
zzkkddda=7^+0*5*>=asd4U}sYqycGaq|U}1s{!jiQK`IxR7ShCOO-AE%36;`?NwT3
zRBI(aD_u>rD2uLeHz54fNmz1DT2+_i(Js=H(BND$p27Jk&*Qv8;QhS4e&Lh8(TI*|
z2WQ?@Jrssj*ZT4c&ou&_DBkW$+6SBT*Yz{iSK5uC8+Cf4)smE>JrE-Z>Qp{jvw6R{
zPI>jJsZ}VsCAI#tv%LELA-PITN$k?T71#c3^G!}SGEK=;ROf4#ds3ez_Xwu~%lt&i
zqem`0h&gLhh)h-0Q@;k&e3#}sk_vXyL-L38Irtdu8b6n`Cv|>-eJ}pEf19SX6k1*}
zalWB+kh_XUh^dWts1BK`*t<DzATe=b4YVQr5DoO!GR0BmC`hfF&5hmMqCal(s+A^t
z-X#$lUrA1Uq4Qy+er?&TxZ&T5EsA<C=0$yXv$?$JUV|^V(tV`CNGC^0Z#auA6=wC8
z`Vhw8wD)aECW6@bED4FVLScj`($Quj=aS~xJ^HRqbKWvdHa;JleSPtHY0e5`dGRkB
z>?Kiq*9eBCW`8I1q`XQe`xa0XN)zR}OWE*OFaGi0rz;Iy!f;hL<l5YR1ZwS_1!<EJ
zS1D<(m1iDF%IuJ)O#7Chu83r|Nq1n<d0M27hkZ0Bl+u1V;0)9&_3Xtz2NLemRW}q6
zmD9$&#PhknTRbO1zM*1ssk9R*y}WTp67wd~?<F)n-hJ~;_TpbxXta-wkoXd|fAi-m
z*tdC&#=3RawmpYJ&42P)`L}Mm+~9QMTkl0iss7=&2hc=MUm?jElJ*T9-#z9?kt3ZA
z+mq54pi!ELWVFxOAZ)o0!V%YUJA$jvvEt{a5{&LN<W>=~(#K6k=2BA=ypCI=Yiqd$
zy5r#yeV26Pqg6Q}jmWd}R=Pu%hW)}P8)@v<>lsl^c_#9mxNgL&PjnxCx79=CR?U~V
z_ZF|`?n;cyddusN9MwfP5Ut(_Ux(=TU;KArW2jjD>=Jnt``r~IL~C@ag(xV|RL>ai
zF(9$KYt`306mm<^H6Tyvm@9Vj1EV-0nw@jCwCaz|8!FjgFSS+ux;Us$9@r{va<P6{
zY^nBV+c9CA3AX9^Ru4w|SYS=3&`8&2<p|U>?_rFg-IKqN*~0gJ==k-1Zdq*cJc<w$
zBc9EbrNnI=r$xT7-q+u<kGW*@vA@mggT9*b$d5QF)|ds&gOEE;h^V#6YxK9l#@cqW
z(Vt$D80RnD&cCk>5d>jg$yrhVi+@^SQQF4eXH%i({&bXf#P?Te=RZ6Aep%i47ayna
zvpl*qOaI1)7Y}uPLh9XN-t$8E)Yf0;FpX)8Tul=6fI75~bit#&V&*tzKOf~vjwGf#
z>ayMSfr!->OB2eXW!6u8i}1;ESbdwMm&&guA9kC5JontM{RbYb@lISQ;8m6tioS+!
zQQbbQTvHVO%pxuHj>@489&7DL9#hvhxY&Ymzak^Z%r}4ooMhrE%QJzK?Aloqmh1HX
z<(pgT`+YfiI$2`!eB1bma~|9ed~YzD!}i3x@R4U%!a&)k_DTCh_7m>cjCzEHT_!z=
z)qL@<%S?0o9grqYS;caRs%Qvtd8l)!D-itnuDQzAS^WQF%ho5jh`zNJi5BtcC)9!F
zdDXfHWEO;);+T`KwrI#I55BPp2#NlZ9i;tz%e-!Bqo=*#SgiZUOKfc235Zx~3&Ul6
zeUFed2Rh7z=i;|qvy&yRd26c)6i#TFq^)ofVuP7<o}(#<N4?Ga9Q8#<SiYrT+*o5a
z$&|kvluecPremLuKGi9Nc}DmHb9!s;J7>+5|B+O|HF8HMzk!ZBZjI0Nat>*?ekF;`
zE2&o{1<*Xog7m_QNMa^dC8=^kRcg(BZ)oow(X$xWg==|-mGtWzC70)s?r&HP$<R)Z
zH2yC6z9h!vmm<j$GV^VbXpC&qj3A@6(w+}`A-odSG)L`P?vS6gQ-mGP155LrsZ$<l
zla{dh2Wq!V#hVO4+(*P(HP@t{4y%TImq<&u+jOp<#PsP2GP{@X{w>KYvJi1c!qvxj
zxEWYxMl-$mg#D+-V6Mc{S_pe8JUetPH-lO5y*N+4Wei_8*GxC)zT%mDYL|$<t0(0e
zIu>?Da=#zX%U!A+pD9k@#GLwWH+vYpkw1uhMxL{8-#6<zd$fV0^G~OcHs$WQ`c`h;
zL<w~3FIp*@dBT1W<<Az&dLXFY&ZCOWdk^Y;tR1JioYtwN=3Ff}Hu!-j3roK@bp>gr
z`t#fBtli)ElbAjkbl!StJ=}8LcdF=WmXt-qMcsA2X-{TsZtgh7`TeS`r$*MKqoMJC
z)zPVC?E~tb<+^j<oTmNp+H)SwPfXf8*kJ6seH8{s<Sj+1V`fBFXqr9QYV^|~%~$Sk
z|1PGb7ylTjAXZN#)%l)zTP0U1dBPcoFbBwt$izA)B7LrH|Kk6e*9ncn-9Y9W>{snV
z&}-2Ox6J74wsyA$txh}r^4k>0LamI_gbyp^Y;&B!z5OXBkv6a1v%dQ*`N}%I@Ezm4
zMYHYy0eeRN;j^WryUuY*8gM@+%`$mry(L<H94k}Wz`yElYPRZJVNY9svz|~eF#CKc
z=Cx~mGTm}roZFhsr(wk|zq@)4baoolU41`&irQZM*Y@!~pB?GnzRu2Q`)i?mf!z=!
zG#+9!%N;wfp83P~LyASd8x!w)e|}9RD*2#QM=)K99eJ<ma%YK`dNSLs-g7Nj`>M10
zg|qwGR?-HzqEutU*!t%~7@6Lb4`tw}xe(Ks5Azic6!lUYk_%6sE=cR9aj8BXT0lS6
z2sL-P+<ofm8u(Pd?4OHU^i|}cdP`%<7roUlgaqNz?M51lZ=vc#jZNl1u6a}sza=bz
zWtWrzME-~o59W<{t&dsLArX4d*fv`6(5vV`kK^7h5$^ZZQm$guqTlBAMvwxLPiG;)
zozpg^$ENjqq*9mhwB}t`)2@ba+|5_jnHY#s_w|xNekS@_M~zhT3to(WN~>jS8lwn^
zZZl8mqxbV=t!a&&otFq9-J1I4>U53w$B&E|<)->&wZG~Js1?%&2?Rg6cVCtD{D^+6
z%c0TcAEPJB&6<8hUzTMqy<Yd_N7S(1tRcjavZnLkGwbu3J{wj2O#l8ITG`zLro(^T
z-9aHVzu}`d=vx_MEdGY~%1dayEM$){OFTE|W%XIA0O52z&k#KjBP6VrpcC%LF5H&p
zOhQQ8*g6<*QDf1EuHwKM^LS>34Z-@$>WW^p?G!pSef!6%DHubYA6gT6#MbwT{J-jF
z__BWfDY13i>zWs5!Gq?BzB{|w#|!r{D)Ue0j(~Ml=U|)h)C!3L1&wcV1&jeRu(L|_
zpKqO7Ui^3GKubMhTn^2vB903ogb3=ZO;$cCob4H!#2ORtj7qd{p6O>QUi?36bVBE?
z7x$246bZx4s)OTF-d7hI+8C=<miXZJlYYkd`8tp7%;E?gA6}=VnA;(J@wyySy*{_*
z`H9%|m#&~)vANOyjmcHd-4d!f3Y~JU<ejJT*NI5)@2*ipiJ@oJ=)LGiDXVQeN(-;^
zoX+5y+BQNl7WGt*E8VI~++m!9npII5UDRn+=<TeJKk~T^u_+MQxrBJ|Uvf7R*Cmi>
zwG=AF^(Jp&WBPuRnatcxSxUmF<6{4uNKPn~zslcGH2%Ts&b^e1&efvYV!G{cbHBXd
zej+CQ{U38Q^LkryV672PUVX%Y*)HS@Uj%8>+Br(bzx%fsZ(g0&Xt$ecNfBsS890t=
zBtLOA|L|k$*WUb5^9hIP2Zr|LD(m3f@KNiEK*x$J@cCA<?QPLVo?@&t*Z<XPfdBe?
zQJ41m=d*U+UOcY*5o+qb+0Wcze?3s4KasN8Zyf(+-l5}qcA<_AfY=m%$oQt{9+ai7
zEHrI#bodelQ>=P*QfnHe)L@u0lW;|}vd)-sKbf7wi?p+^Gb2}D4d-MG22CYd*05xD
zCun|uYiHAF26`I3i+aw}v!A?oU;Mw#t)MlXcPrM9ihn#cR7_D!;Cuq>Y(JCs`}GD=
z%<Eyd=5wj3ez|UVE`$?tb)hB<i)j7t%X`%DIuc?|ET^OEyq-1Dc>ajBBc$4B+-AS{
z=kpCeF3ZJ>%{R&KvzjYq%*^kJ&&-bjnFucB$_dT8L%N!5^w^Xcgld|cu%^&GfX)Nz
z`><J`xDO58{h&H}kP8RwWvk6xl8wa0s0Ve4-!?CtLjqF|`~k8SO}!LfrtgaukHOYm
zyeUT$h#KfMq=Y{Uaq^h!RSv(#r{A^5*Dm>V{b$z-FgB&muRz51lM3S#N2{H2_mSzJ
z(heiokCFc=XjGh`wDaOW`=rNxvnEt5y-z`OqH785Lyp6_k15mgx*9pqW4;L2JoCE8
zH65KaH)5{4AH_4v9%DFr=Zi^F4p%<X-c>0SB{1E!|I~NIZt>q=fXZY3>ae_o$=oFv
z9{;cU?TT%r_J(sMPTOg%7^gkkkP_aicmJHfzBGPUY<3sl&Z|+vr?zw4%63_$yeckg
zxTm8eV$FSpbUyZJ{%m$sCM^pEZGGR)ey|6Lc!e5U?DkK!0_gPktF<1Bj6Nm5N;XNL
zk%+&!Ve9BBcUQy(7ItyFxs!rV%WIdhvfNSqSP$Ml{?oVZV-fNAU!8c!oJ{u6-RY1M
z1G$ZG8CQhGS=fxMK2Rq=u9L}I`&EWQcfRkQ9~qftToE@HP8|HS@N0e76R3aEG-;7^
zF1t$><JUJ=?0oU-=vbtDQu(<$@4OWQ=jXX^SZ#9pyZlq?G~xhPkY{p!uktDB%+Orq
zd9Nh0_gFQZ*|_rmtz7w^Edex{+@kD~%6hvo3&DTS?MG{aYYX^$IB9=W`Ydf*$+7fp
zBWAuOPrq9I>Pu6qK1Yj#n33QW{^+{H7yrD$V#%s%{*|3?zHWEJ4oW9n-hSc&oM}7%
z1c@sAlatT+cX|IN-Pm4don+!2&crnA=iIS0X+l3i?oLtrkhs9Ny??Ae_~o@%AB&br
z0pQ&AGNJz6QrS4;fENYzn|RT&{t}|e?m|oJkVhd}(%og%?Yrcbfo(QzmPLf_T-?kz
z=+1mciE<7lR<L^Uf0hJheg|EgdYLfgqC}T**YpaLy9BE#Y=zL)BuilM_KJ15%f<N%
za;e-kQ9n+Ip#By|G;ena9vpT|@*IMu=dz{g?z}2>^5nZj?NhlOkjx{Z(X69XD!oEi
zxCa!gtolk(VjeDLtjbz?VT%Y+Lx=wRKjorS-?!(&MUrd`9W$r<6zw)4Sg6{xIL<lr
zI<5ITcYF2kbYlsl-*1W1))jQOOV+&g^LE;Rp)VBS|KDSG#{vK2h1Yxv^)Z#NfQ~Qz
z%fD5pg6ybseU?9c1S!w3=I=i(v)@Hjb=jm1B&Ic}RR7bM{^M&N-SFITh1O=b=XKnc
z_TRT_T_m7Ww?n8Jyz;d9(Gd?XsO#HR_H<K})7kr~%h9R##sB@ssrc;8IdA1&eF#j&
z_7(%rt|GLT`{eak!#vk(_|?ZhEQ8vvYIO>F7O$eAiQmo_AV1~sO&<+>DDJAMHw|10
zP2>4US3~Rg(b=`SyvYRLf0glT;$EUSdi*N&{Y16Vi+}V%dbfmM5`tw+*?&>u8^UiB
zq~D4oQ~E_|xm1Hx!7?zNrzI1^?n0j!119j52HZs;H*d|Nfzv^W=1rtD5&QY8Om26V
zHd~i@g47CO`08&y=CpkCRay?h<3dALOuXuBsh&8}!$3pqjYJV`39Y--BH@-NUTSF$
zY3s#*ebr9q#?Jrv$}L{Rfw@^y9<HWR)I?p?2ZKd7gqp$PE8U&XnW9dQP}{3MUn=RF
zn-Y)3GRh3ZnZ|r_&trYd`ZRa{t&hVE^=RgkgF=<X=XcsQFB*3fx#yP<%Jz#L?RoYk
z|Nr{$=;n=jzMrk|Hax#;?rkq7;ME4z6}lV5`^A6zV-3UYErNZ^N|ZlQw_gouUJXP4
zn8=fLOyK%^LPl+47o}nh)q7GEZ;&Q>FQHUue~2$_@AqvsH^wDzDpx4f<b5;8ggbts
z1l0-!vrd_&d97~<DKe_1rb7Zh5!?)}i5A`iI~lIdFSFjDqR~?;_0jxNv12UX$I2Ha
zb%WNYoUxq0d&pen=MNgC=1ylz>8D!r*nDp9?a14V9*2C%2d3oLeS!a$_$JC{>08Z$
zC`a}2`Eq{7O_qNYFg|;gK4f^#@_h2}y=M9P17yGI_CTVw_xm$?xkNA9AE}C7G~s;6
z@M8MR*jqY+^2_b&opO&PjQdF3Zh0lpPwT6%LRyQ>9tTfI#BHP0c#a}k#*+%3%9I!X
z(Rx6Y%a5-W+ZVbHckla>7^|D=rLd@6cgKd($7A;!x;oXR7INiA^?LnDzu$IS7RT1c
zBweD2;K|caU3PgHNc+(7`H|wWJrhoA!Zh7*^W83m=e_h=U%h@b`3TNc_t@(WiV&=X
zUqm@Cs{>X_EH^Lj_N5%P7>>5D>D(vxf-bz`D<LobAzUmiu&pwipvJU};$QA2hFFc~
zQ&(;b)Tnf+-YJnsF>LO<K^#%osp?lGR;UnyzQ1|G?ZX>dLg|T_&ewzNRPRJ+joP(v
zklLGDW;^S>(u8RFbD#aJb2c`kfDl2W$Y)>mwl929bF%h`Hk;3hMaHFU)%g9kP8z}H
zW{F-@zY?i;8(fug0_go$Z`J3D@6!n)JAFQR&&MEKTO&<Pb@94;h+2?%p}AFC&bWIi
zcl{HH;A>+DiXyj<;fq!AdDoit_uSE}Br6yA077_l^iujbh^v0Iy1oK&w0R%hDo2Rw
zPnE4_e5ko(cr@?IEj@~GB$GSK{dPQW4^s_&9&E$j<$MDsZZSVHbXep2uGPC6c=5V!
zw)!g>`ceO9tu9eV`2E_Xp6ZMHMcdkR@s+(8lZbKCLzngNoi5R--i~<=?62OGuP=ET
z({J^2k6ljjC3epWJzuFVyuNJt_yov1Vm5R`eVN{QUoO1&84iM)U$j+?)!VA?HaXXs
zO%eDDujylA@zIJHfxmr}lU&X9yp``EcNYg7<Hy)$X;=Ab1<rK|d-dL&^?Bb9Ppx0i
zI`N^ZHC{Ywo%=rU-C3^>O3dghQC)P$&DC$D-_Q<I&)s%SV!zX*7QS89tOyI^X}wlb
zuR~+JK^1K6fA_N7K~KM6Tpis0!#!YHhc=}Q8#=#j=!zvxbwytdz8f{>e5b;D)W6*5
zv=#eS$F;kk%8HOzsQH~9th_B9a{FT%nt4Cag-OCg&8${8J_{fgTPKUl%TArESE?(!
zn&_?T!!}#$ZR9;~Yx}GA+KO=%mCgsRKK0kXi>!u^g?A<U>o$VT_Y{`%ttLIVVEcKK
z{p|E&38#zgKKqXEV|lE`p9kh$Ww(V1oe3202<uv~i%xZ_w?#egvkPxPNyOZW6&2kI
z`lVe1GkEa<yA;OzO)n>IfiHL0v1>(I`dW7yVT`BxO&4G0(si7Xh1{>t;Ys1+bSMOg
zd8=^Y15rVJxBOQ9rQTrKZv(x7b0Ot8Bi(Aai+{*(=GE|;O6vnp>(r-tTO+>4Jl-*0
z=^lJcv{AhgA!xIOy=@PBE7b@2-doB?zq=MQs4;8o)d%_ga357eh^04kNBqUh>i>1Y
zGW#saPNw?U*ZLF2rnBl3aOgInO+L4!PeiWr-#TL9P0r!SS>~yJ)dzifNrbMRlEUgn
zn|1H}94%XJ<*aMF&uVEL_rUmhc~<7<`Gr%g?tCD?{VLLOKNi|;d>nb&^V!MyLFD{|
zo@y31+I6MfB{xpuBB~;;G3L0pmE%4K)$3cV-WqjR@A`iCeVXg@{a(jEk+{3Wzt8!n
zutZ$_E<gvq<oAm@ZUXw-Qje+rx`xYLf!T%oC97BEKToye8{!=)JjA74%{3SeLZpXd
zQtt@8<)ItQl3qAhAI@vT6$t7-rEq5}E<1$rpb!3KcBgFD!R)PQ<#J#CSIfP?Xznp1
zQV%rh{>}WlJ9&TAmp5uoRJ*snW}ce!JhQ$;@6W8y^VIb%pVdEcyw0_2UiAiDpTG59
z*EM|ASA);oxyoNXtNgsytB?CiHRsHGTAew<#h*CBbCv(%tiHB!S2ZRn<BXYk)lxAt
zP5dm{TI%a#AO06*e%DtfS}J?!XG)CgvQfVazwImC-J!i@dvQ)K8qZn&B|R5s<U78%
z^)q|^lCm%D`Af>5*>mUOeq7IATJ|M9e`)!ZzV*J$Okd>$Ip@0d?&Vji;at6V$r_xa
z7cZ&d9KCqye7>|7FRkJAP-$21L`V|C0w*5M+useC)+nGCt_C#2f?LR3REO7mQ>V^V
zD4YC9T`-;ij&Vu+!d*@japCKP&r#EFq@59EKSy4>FzDldma0$b$F;=$AR+y{Em1}7
z)jQ(oU6-g&>&;BxC+Puc%VdKT#{Iqclj`-Lau+TpI`{Tv<6I?4ZSvop>cU!cC;0Wo
z%XfhI-}BZoAOFr@%USr-s^zT}=H@tQdXYkYe-~L$GN|i&-JDh$6u0b@gsYU$c;)-}
zeC?67t<t6D+R-?#H|64=P}9%9Gb~sHFI%$3KV1Hn?&?*ktCS?JZ-S&NAaM*X-xcbP
zP--i;c9(+t#8m21LI@_KaSdK-6nz&r6x>o^`M1lZy7F(}hGNfE;N{RmeJeG;E3930
zqfaAUf|-`m#?|Z1QdzOCp5->(tf6dGY7_r%sFYm_`!TLkx}VWh|C&~=uz+gQk4L;0
zudl#*Zvv6qG*=SG;+EGBvAilL!LYrw2*r0L_-dw_=%T*5qT3byaV6o(_Wt^)?RG}8
zJ|R4=JEE`c`6=hIx~Po`v9Mo6l6PGQxoUIt2`P&bRNiywWyqc8F5nkBxpnOI<re$`
zH=ts-*TA(^u*X-S3;i5I)`t4FZ9_$P$@@-OufwXhy~kqKeGC^G5bI9?S>iDGtSa;P
zNCP64-TNCg3*x<!NUQrvzbAxHd?kfhS7qO)Fzdqr`Nc1lhqtMjOQ(g+9$d*gth;}z
z*CSPm9jURT_I%E6_kAEW^JUyfeOmopbpZiZ<o{blBKc>oKGyB`f{DTT4qT8=`R4+-
z1aC0sH|NcH{=A>5-najM_U`3ZuQJaU``SV!L=Zv<p%Ov}yAh%YZCti7F2bRa*)}e>
zF$T6Ns=8D`U@k>N6&F)Y(NXKTy8E1*BONKHb<~P7%IFM^GRP>S45C)X8RRd?DD(V2
z>-#=?UEcNXi!oK5uC1-T_xrB(tmpaNZ_j1T9clOQ{K_u0-=E)E@oM2ZC(^B5UvctY
z{Uq7%c0ZRyPf8QJqu%@DqUCC&{`0Drds@k%yI+CF^vK2fU*)*nkilEj6Ealq50KwK
z@6&Qzc(uw23ev9@B<Bm-Dni`T0t9zVIK*jQuV;6vcUtx5)pol+cXykZI$wpj>s5#|
z(R8sd4bq1em~JiJTS@$*OV8muOR#nS^@39wNY526)c3awx80)cJwGY!e!U>+9&Dea
z+c2q8@;yH-i`qkX@AZQEQhk22xS=%ELNMXfv%Q>cJ-U7k239wmDo9Z3QuS-<v1s-{
zYu%n70>Dw954TpswG-to3$p{R#HbS6{Xg!<G{w`~&dK+(mXq%l5<b$}kL}b-ZZ_Ow
z1G@*>bFpPL@`LTlh<XpTYiYHz*pE)HPVIKL_DpZLH$KzfojntaIqxasboaE;yV8qH
z4cD~d?&ms6@R3-xOJ#$s{xtQRiT<*mb+}z^uRN~w+kDu%H7!5*c=`}HS%bOQ*Dei3
zI2X!)ZS7)tqGWIIM{FHmGQiuYzO{?F>Ch&%Ti>6zT=|)W>%F&GyT0-{Yu8tLxSF;N
z^)k)6(<cbZsx{^D{gkY7UueI&UdJ!eOctg+l{WpA2Xi-Nq*dRmo^ox})1&KcM|Z2x
zZyb{~*GhxV^}nkgS5LOW=Cn<ND&zG~O&}OS`}`OJEvG%6>r=Sr%C0?IHfLOv-+F2M
z<j~`RpMPWg{1krH=2BUp^m^bPuk7FBf%~d0$z!SqqBC9h=<@XyS1#^#_rPP<Ay`Xe
zANcu-C8r*11>Ga_>myk^KEIb|MlJ4dK6lmIgYEmM&BN{5+S9#XKE2{7e{70z^kl8Q
zb7lFtvy<mCP0(~SC4#l*cD>M0a9F{8fAgBF?+>)^>=zHeRS^KI<vqzPlxTbWork0k
zTaQi?@@B1K)w;*_x?7&+krw4CoFv{8=bbLQ($!n?#?uxiKUf0(5QNicY4>WapR>WX
z?0Zept*@0^J`OY!;U?>Iu1H>;Ck{<6#c#+(P1sv1(TygbL1a2qF{Uu8JD=3}H_Hdy
ztp74mPv%ah6VLWov}Y<#-0)1@nU(4j38dT+J>M;vtXj5wH7&EyYPn_8q;a2-zk~F-
z+;ZIK+2WEZpykoWaGovdDswEiT<UXq^rb#$Emu=pt!1QCj<^WH6H^HsT8}Z?TAVH$
z3hFbg_JLpq?>-Qu^?ne{`n<1AYl{uL`WAWZzpV<@o9L5hGWCpTW0RFt!EWE@<wdvu
zd@`Rsp5G3~=J4ma@OWPw4%Ej!cpRXQeQ`Opj7yW%F&;Qvws`eK)0nxu=85ritT&yq
zv2%L0F-&=d+N%*3r;-O*pH7h#M9(j2P_$>5;EaYOPHXbCwVJHi1evF^sA=)(#c8HC
z#dWZeH&Jn)r&pZc|LHxZh4-KuubYY8MZEW+nx}7<Y6ly66W;qgy${ufr}wAYCW)Er
zi#}JA#f$VFq<XG5qbFC>)0@Ve>d*Rfo2WI_qtSDZZ`P+4b++Xmn_z0~cClYv@(>+e
zYdecaVqwyDR-su<z;A+L+Ikn3MGLmn|LzmVrxxtT6>W+C2HUr_YSCytjZkrUYev;+
zi&dp#<%t_U^Kn*L`OIHWd)loL?=xOs2ibSLKHJ}SyuQ_pYYnPtT|$n~;>|ghZ&u~Q
z41!oO+R$3gsXFbmuP@Ca(?+>zpW~K$^|`8j9-z-v%MIKgDlFXw3A(<jwtrc>UZygJ
z3N2<GTa|f4l-KF}x@2)Yb=hb;?PYU3aqwRDiYR8iRBqL>lpVRr<a<Sh_YduFRu<K*
zEhr8}W($fdk6Df;T9(*wZ`v7%w`yC%__<KVW{3IJf~=O_kFPdqYD+SkU0B7VkFE1$
zG7-GWDdphfWreMmtw}|G_v-z#i24&VG1ECRGlOR0#tWjaRR(R|uFd3Ks@W1Vg>UZG
zqJLY_aq7;S7W{T^t#8IKw`tzc;@LLCXB$nHoyXq~HO?uV*(T8aT-)(%qwnA}b7VR>
z+i<e~t@Ye$+^rH0=JhQ(-Os)Yi2Ehr_n05(7v#RM&VjZ8qP1C?7wda@fXDc4Eq?~5
zU2NSG*~i+d!r8^De*96jL1PQtvtWPxT$|ILK4<<bRRuHGau74U=sOzmAu@k@HxAEo
z*si}iR3oQXn=Y-cKBb3w+vyVY%b6YOdp$cJ>*1!8r*^BK>3QqXb|*frS?Be;e9fl2
zsX}kMn_BejZs|YEIlam%xH`jrwd>WL^A*>n%~sXhe9yP;$%e<N+0)4j+uq5oQM>8b
zi9>eVJ(m9F^s<x(9NqC@ylFqJ#a1oIQD19u!4#(%RI|3z9%qm}o_?43)yD3gn2tT|
zueBOOh`R@ca9t8MLAc(sjXj2NbE^TuNZ7$3T$09R2$x!}L%3I~0m4Z6!601Hh-C<u
zTCPL5SF5e#)2K}(IEAvCwGgfC)gpd<*5dnSsj~&nVso>`v~#}WytOimeZI7R)v8us
z4Bu87RvQ$CYct({wDmKU?A4P`EZ?2=u?F#K*ZS`DhGDy&|82xJM#E&)YGi4r&u`VH
zNfc?%Hw`rlozExB#`iQ^ttmNGvj?jy4-T!{wXM-et<SXHs#&%5kye?`%-+vntU0&!
zCz}OpD|OOSgJW2!Grhjav+NBcThNVQ^!=bPYCFK_+Y*f9>th&QKL{OT4F(wV{a`Sr
zZG$o2)?u7pA7IS&gTNSjFu<7a2ZJ$f8;tq34&(It0AsGtVQjk6u3M`SIp`i~_ZoEL
zd&B4UWNY2ln9-4;)gX)0>syZwZCX!*Mh(yp-hOD`^sGtuaHp%;#<7PVL$bBnn76J?
zD?L0u^fQMjEw*+ejC^mchUW&zBGbd2F=X?5dqJjcw<ly;j3M)VGh|JYmmpiew;8gu
z-3zj`7$D2{&5$+uU4m@=-e$<sb}z`%Vt_2)7a)6V>Zf_(u|#!GtlwYInI{H}+8FE4
zE%nt}56=gymIsd4I<-8uN#Im(UMsKOY|pyvPVdg;XMA^^hvU2JbnNf0BIyC5L>MP0
zYfP;6sO9#3R&{n)e)nj3cAbWeUVA)s-^nh^sL!av+|!=0{w`<HWP^P7K-<2!yDD&1
zgV_CE5kVIB4_Dr<yge^NTlI2&zTrEYjK}BGd{y&3H;X%RR%icNVfsN?VtMboUH5!4
z<7`n@NjOoz?Z5;psN3NI(<4QWcU!fp5)`dMp&zs9wMOgAxKE=wXXo?ktF82IPwvze
zYnDIgw$82}%8-hQ72(OZW!N88FIK01RBsHa6#<J+t#5jV{pduV?Sqe%(|xAT_amQx
zdpq7_y4s+@*(g`53!WOc9_YK!@<p|VhGScAzf|eaX1)fz+nzp+Bdx-NC!hA!tKp2J
z#Xi2L_S8K+m#lTFs(tmeI5%&*j^QAMBR>2Bd}JoC=_Ma<|4Ci3jybPS3b!48GvGps
z+qvOQtJLPk$5nJEBZaMYGr&ZuL5%uY(~dITC**K|j$95WhRx4cTBp4ln%xZ3UR<?L
zpkbkgSSt`;T#~?b3b&^Q+<SUou_AkXNJDGa<Y}osw+?aN*HhUwkqV}DE$9e`v9;)1
zo|$u5g>rhZ%9#G?eQXJ)92mE)LzGU=ahk(0<L*1lvST&9of`Ho=)sEhNK0N|>RKwN
zIbuBA8O~jOx2&c5UU%Xz>M#Ay4iJ`y^>V~NiMw1JAi2gfpKz_d=M>L&?jo+AuA^^`
zRqpMtmC*iYkA_vF(Q12MzOG(M=eFB!k8H7G>+{l-q4w*V)3Lll;B@__mK(nJ6hCAi
zKU(VJ3D}Km$4$Q4A-{c1^(9wT#kEG2?1-6b3jOmk?s>I!>yfNOc(r;MsQa&ayt)&1
zMmVa;7~$W0wFBW;KVG;pSk&%R_8>V9#^$N@6U+ELJ?&O{UwExr{;GJb7f&=RK|W$1
zQxgtPV=ZV$>2AH1N+qv7ky>)BE6Ir+VxK}mv^v(ot5#+|{#tz-*PPp-Rd7UyuPPRQ
zvp!k3>;Uc9#7LnXSmdp{bZ}{Fau&H~7e?}SPdl=^yQ^R;$w48uaiCUcKk#&l^_-{O
z+15ukw;45+@}-(N*}=>1p1cX-m$hzg7%6o9v+l)$sAh@o(?gS!?m-ft6X160dapf?
zP3?W2Z@#7W!PJ3lslf7YtVdDu`|IQNe0m5aK&M?Ku)O%AOC#*k@WH0}qgjA+^Zv=f
z59&aeby%LPJ16S*R98F5&di@1v?zxju^rh+*eJC1#r2{kNnz2woQ3aM$D+;k?DTUN
zERWUc?^b(~!P30B>e~*!cdGWyQ<8mm>;^&+oZsrt7oBTDNzz@vt(O8_uIKRo{d$6z
zja`j&(JC03H6fEUP@l(Yee^3upVLKyu@;k$96`k2<h3erjDFx#9X$6SpPC3anp7P7
z`1NW(A8lRdmTZQ-dq(iLy~Z%s0Hn=Vvnr&rd-!VM$r{@oh*pg+qz3$BYtF8r;*C1L
z@E?J!6OT5gT4;(e9&;5bu?V1Egx1a$YJ<(igQIDEWea6O8-2Rh+BX$+ZLDBhwd`+z
zYA%d13N4uTj?Re3Fg4mea=FGByO06P?yk=(Mc8~_%0ZC7>>XVKKW3ym4{B5z_uHmk
zz5Fj{kRkqt9_~i?GB_9K7&Uq{Wgb(HSi&`-!hqw}y(66JNZm%Sg7hSQj-kXoVgk1H
zK&-nGfu(3L9gBX1X@Dy#I&fePRd*F-;UD!AKumc%Ojm<4G-D_j3~+c>h|!Dn{lk^s
z$i8v#-t{A}Z%!btap-R~!dnOLQHXfJUN0ZK*IyRq?-i8X!U6?;)_P)gqPXGKu{ytT
zS<;#@+o$J~dLB#3AVceLRI<CKGauLU`|xk=neiBNTE@|JkA6~4Xk7;Xtge-DKlw>5
zZdkwj!@8CP=#xG$eX)1k)&8-3pKF}njN|@Nf4N_de>)UP7zN`o#e6?jE<<qvB?NEb
zB5TGf^&!>wwCEo5?gv+z1xcT=k6)BkILJt+tJgipI=hUovl0@1aaXY@Yyv8rsZF}e
zPsIZy$rwLVbiMnPqI0>uFJ9S*H%r2IusY3lzE@hAL<a4+AyA~mA~})5rstvGi@k5y
zrRHz0)f4)hZqCnBd(j3w3H72O<Zo=HK-%m@I5&h}Ud6eIze{+Mgh2wdm_j>vt+Cv!
zXnJOzjDmFTkyvsbS%_79I5pO+M(xO_Z$cFOZ`QY-xY$}rR^k0w_m|Zdi=E_SlXaPl
zd$$wp>QunHDx7@*-0NE&57f`j#R{L2a3;**W7fGmrq()*<BgiPTK9uXGBRjgcb}B7
zCD(Pdb6)lJhx^;z`uFhtZPDTV3X{hij_rJ}IM-fN($0CD(w~$Ju^c(vq|+^)8X}Ao
z3zS*DtZiBERX^|aRxa?oGlHkveyv)?!;YVClLf2{Y5ThV9xDoywUlHd)kf&<9iH??
z^Zg{gJks-nU72DXNRqNI#ZJa*{dZ>v-!KIFDGrQd(j?KRyZ^SlMon4W^+}CCJefEt
z`qn5pj=Fwc)>4$~*<Tc{DD!@A3A?o<ZU0_=q>uZ<5i}KjcE4g5qdVs-qF@<X&>y*f
zy>QmIh%5<Ui{GUVp;^X$yHCk}(-$B=tVOyh23WG|r173x546$0YU7`Gmgn%}tkA>!
z)CRos7pquxu9m{ul<SBBMJu0QsfB1~s@!{_?%U4)eEpoM7N_giB*oeKy}*ynV7OS%
zPk;1oOaBk6{i!M&Jzt+p`ke1at4;5-9uA8|S;A|BMTwsoM+_}rP&T+x$!(VVzFGeV
z|1$G;wKQRK+wLug3QTd_^bNj0s&U}@T;cB%3fTOZYcJRJm(lT!!*Fh??YZiG_$l7L
zajHhK-P&T?SL(BuQoLMHoU5^aRG*&fIb%EckE)%&r|Ryr{jV+3p3nx=&({CLVNQa!
zd+aTYHfAIS=48U8A-TKLm>*sqOu`;i9@g7_Tln!NKcwPZ!P33)a?#FKRLgQ{nN7lH
zi$@phKhBXNv_n_A=_MXcBGsC<y;6UpWodmF&UwzXD=oKe-syBCgB+i!&$eKZ<~p(U
zTgvPl^U{JtYI3-7x*%(j;$}@=Z`-}wD1Wg3j`4Y}#xfpTiC3@G6^DYLKDovLc(I!o
zy2FmJ9~=Y4aOX^ocUX$i#VZB-K`6G~_S@n!z`u-XS*>?T@#%u_hrJY%d6LhP{IHiu
zG)L)+b(J2_0v?Kop$o6n9a@49mO0=Q{;<0**XP6I!1sl#KdMol+wG5a)gx`S^xLA#
zei6VS<!Vlg{it+!3x|^jwQ%cgyWbq#<IO!Gk0N5gkJCLr(9c0p{J<;4v-3s8b9L=p
zQ5N@5^p*N1&;2fc1}c*<-uZC46sbFyE-khFw)hS3AB;*Di=rfzUZMJr`v2R#)`&pp
z62IX{B}b#h_tPm+!w>8CT+v805$nba@jvdIDbCSACkdXd9}pSq_HpE4^e>)F48<?S
zCyGj)UnwRzTXN+0bhQ?*-u{S<igO9x`+M1wL;0*o!ohTLscq%R4ba>B&p4j1AHf*K
zL}sCyfE<Zmt{)600MynRPS=@bhO`j=wjdl9@Uf)h^kMB^Wci?)O75p^7Z9Eb#X-}7
z;i<!spxolE--+wC3pN@iy1+zQD=!nN(L&4>;nR!QQzzZ?eV!E6VW#gttSdAJ!xP2$
zL?C2&dZOFJK-|Ov>`MjR?ERAggiwILP`@$!oIIBxz~rX6hA=t^V<6!71>w79#O+Dm
zLA9OaP1|<2{%LQDe%E)$s+X|_8D9Q0g^1+-6Uh`8(cDCC{6zALi^cZmi}^pQ?>rOP
zB!jZi(<LIO>aKW!<PwbM>aGYcCo-#7Sf;9Xo=rc=efY3cHlj6p=B30Tbcbh2?_@mQ
zP>kuSj7#L`y3u|QT#)zyP#_7llwX9lz=4vhEcAsUkZ@OG$Bmz>A7D~lq3-k550s<c
z+~m3H_xFIpl=1U#-&T+gt9e;gJk_R6x#3dV?sxYHdgo~T@qI51Mv9h=@ff@eF{76v
zGI@}iz$^8iz|pP<s~VFylWx*?cVhOLbiK%+Xs?)&@h8@V+nx0PO8x&~eKQg*CgL<X
zH42I&6O;?f9C$f3N>L*{<_~3PG7XBrFNzb{7ug!^=kGWlH4loXXCY9s##B-~UzM4E
zE>dy62a;=N<RAh?1{Px&QRP53fD|LBlnNO=nTQT)gw9xi7)b66qSzC6d1^f&40ccy
zaiD(w*^uH7uabw$0LbU5nV;WenU>miR}Nn7zFs3?+s0~7Z7)>mUT@dENZ!>{hz4yH
zF`h5>i#2H-FH9H+4S&o<@x^`a-aqXsZ_dZZr^;x=lj>wr34Lq9I_QVPD`!<t?;Xh{
z7KqE^&Dn!w@#QD_u_;EgAzUWs$Wn-+InfIR2P;591f$6$tLo4{&AOz%q~EAWTq&y}
z8fLA~f?bTIVnOzU99B_SN|$++Bw#GqVL8ig9)z>gcHKqvXRq1Cm;}KGWAI$T#9TD)
z&@Ix#T8f8Q&*bBJ(UvSEZVPV0c!r||^3T<MTt%bj>JvkxnwA46^unC%^+O^=d9nG)
zcvxoR@GO<{S1-I0-o}ve5o#5wF*z87U5}T6JzP?8ia)@Mz`_)gQCu;K90^^t6ISsa
zYFA=ZxR6x;^~d`i1S6CnVb4~N@M@JyiMa^1<miw(j@}26glRjo0{c<FafW7x!-<`f
zKhh*xMn33JA1zm}d@&6~OFT#%jXSgi?y!$ssrIr00$=e2t)QFoPtSX{=-T(nmWcpF
z5egIjrlw^K@kD&K7=z3io8+-cBqw8om47cMR=q~P58_2qBr#5`3n|JNTqJ!kb6S~l
z^@?7sC90X9K@mCxcNsSQ(;wF=LP>nZfx|lXkzLb|*r=qudObL|$RZ0ZJ@6O5(2Z1+
zIWkQ04l8Nw)IlU|+OGS69MQP=iPY$66nU4Th`DHmC=WH!0nK2H9_sIG72e6y!dF?L
zmh4!S2l`RaD%D54h?jyZ=_9G0Pw_$Wgbyr-aEEpanMAbm!_-+=A3+i6^vNjrb+{jW
zv!!$%X0)7@1(z}Lix*@A_|%LNeHFDP;1lJ7E%rw|%?HsO77N|T8fw5s@4OdZM@x-M
z5>mD8CAFtm{2T4zu|a~~EGsLEcAle!WS_ROh#*SD%@)%91fBHL)99vE)tzsHVr+GE
zIx#<-XaXxve_&;fl$U1fYj*ljHZyj2e@ULV>waS%>h^wc0i<M&Rq`o#q^g0MB$K|=
z0<ys_mOuE$h<J=6ctIa{Cpt_XNEiD;N5Gump8Z6xRABs%lqF`1<)v%1F5VI6$tF1h
zi;)j6?TtRh#v%5M6=IX<E=q_6Q@LqXMtlVeuTqiNq4`O>H_QX?#<^%SZr6PSirf7m
zqggFO&uAcjgq!g?ED3F3dyF9xru%f~u=q*x4uapbU3cprFz_JmZND}Nh?xQ6$E691
zFjaU&OqpV$!>}biC$tPKQ-Hm`^&qh^@uTF7Mdu&I(tJPqu!H<GYO!mXo`}DWUpE*@
zp%c6+*=OI`sT9n3SUs7g2PSD`muLdMX{)%_gLLpfU@uBBgp`MvB^Q?xF|h(hZVNw9
zj7g({M2JBLx>N-shZTQraxB)fgmPE>=k2;%{}(EL_dmQTUd9H+cB6iaY3NVp^H`v^
zx-6ardE#vn^OF|+q-Grdjl^XqZ~foYjM4KzT%~4YH$jK1y1{%B98nNxBngU85h(@=
zS7=X`!cp+Fa}6&UbWYAlzzl~Yums#y4pU!*khxDPAq3{&gu$7Rjc9s`fO2(6)}wU$
z7Wi<M4J`>IL4;OfZRjUU0bDo<a0pXsaRc8R>rTuGxX3}Cho8|jK89C2oaI9<<lfJ+
z&)apsJDxE7a3uIHTjQ&A5x?0)vV}A;Or(<4AiJh15+snv1U*comfT~~?1ZSU#kydh
z=LH8Onyiz0R+>}S64N41Wr>mK&X~PBWkEzWq>e#MW=%c#1z7;(c~al0NeZBRI-){f
zBqT3PUPj{dh9F2p`N&{mTYj1)p`PxGnaHrK;uR9Uk|I37vxLF48TX`rJRhYI<V3&|
z1{;ji0Y1OSTEx@}5rk@N3kjem$}hO?Dz`@}phpptG_yAV^gX@;5fc7UN~w%~*tDoF
z^uQH2YO*WNFtT9es5-?>XaW;NMvA0K(#Aj?XnhXW)QxpJUlwY%Bq2?|jYQ0qaPPkQ
z>2X#zRvz_yA_S<<u8K%7Klf-F&ESRkO`d>}!=WUJ#6)YH;?FY==cyC`C4%~oRN%uM
zpaO!@N1+sfAY?=*wpF!@vq~)s*Z_tU^FRmg00?tJAC3{_tq!;t=4t`_di|2spA`5T
z&3i4y-rTkjjtKKu-~A68Bsa%=>Pe^y1Wr-3ke~%)?(`KRfc>PJKC(14GqW)T!nchN
zBF^-dL}i{%FmE_UCDC*u=oVU0tyJ|ZOMK%Xa}wLNtKrLjM;>BPu{}c8$M$aBooTyl
z>{znX%5K)SzpCw_ogTeVn|p>08#@(H*sN;9i8Bm7Dr8KBxSDNS**-RG8ygRpjeYGL
zkGB2O);k+(e_4GvmBfB;TY8+@V`GRbHd)=Q^NDR_S>IG?8>S69P6ntmBj2)h$f*_1
zFR<aVZSfvo_lzw`1Ny_JnkDGFFJ9|gU#Y+L=!5vL>*--LkP{2ozU|tTZwrk#IZC1e
zuTv`8#uS@c8dk&jwoN$&qMZTIUGW)}Y=^SF>BIVLvze`%ZG*;Uc(R!<TWz{?&Sd#P
z!G=HCzJ_Ac^8+FPr>kYCS&I6!?QS_g$p$_nXB*zadDoAPPr>%qK->#Y`>i-9HuZ)7
zRKW<gVD;}~J#MStaDAb_`zCMN{ki9}$?)^~pA$jahQW3=7GC76jdxeu%yX8KGaYQ?
z9_Tvh`((~@$VnPDBmJhR_+j;wEvmL?wF3v7^wpiq$r&g$D3>vA6n0v+_cqgr;bf-n
z%HhTtpuJFi^9Ht9eOi2es!js2HT0wYT5WkeF~(<r$`d3x=Sz?@Jnrsw{aTM>_m0ow
ztwAK{!@lKLb&A<^>)HCI{Q*Y(Gztz!HFVqA02XLjfpz_k#0{sd<cy2Kcy^CPJKkMw
z0NW{yY?6h)9=nT|`ftsiM7rA++kr#22HN<yfhrHoA@v4e^e&FSFn&Y!l-A=r1Lu$T
z8^65;uG={n*W1SEW;b6i9EVfiUM^Ek`frB&KO46E4R&qHE8phlv$t)7Y(=QloI=i1
zDY<&YmPDKLoFnp8ZM7Wn;Tj5qie8{%Ht>zlQ)}lGH9yg|V>WxHSC+8Xql=q1>bA4}
zwa&RAc+Gm?$4CA1&8KwltZ%w}r!bG+u^Ku1?VW{Z+0Z5*dLB*%8sxeniR*RaW*raQ
zRQby?v;>e?BGvf#mgYX&KJl?DXnSObL8qW&%Y{<z>;21%?b7thz^Ch2l^Z>1)c2hg
zz&RMMdjbhVRE`?k-mf-OGuYLxSw|7Q(?gBHP8HFLtLPqwhofA+Db_T{Wsj{F!xE!1
z8IQqtc=EG8V)?S#gk;^*>0^4<MTBAKDU9eIC$f(1afZvgy+c@Q^C-5wQzH^NFmaA?
ztYz*VYxr!q-yfqkrETc4q5YG~*F&$rDo6-qQDI}daKLMH_ii`cQQtj|z9{T4tWOJH
zFSwt%)rY3fpvk+XrZ@*`D*jHvMiNzn3d)BYFZ_R}ew)&EkK|6{^yJ<XW7Q1iF^K5i
zq@wHHwzCtMCWi_!5JsSI3`h4g!+`cViH5O^mQYGEL<%Tx9Y*!2wq*9p`X366q0N5a
zFKdkK6Nc|f9*;*p;s($UO!ROU(x;b=3!E7?Fzv#8Y7_tUAs}=<1Xy<u#(UhIrV}64
z=eT@Yr4{|_UfNqq(L=us6dvkreB5AncE9K2;(pol0QLF<>7JU)%jebWC)LJI?`E%h
z>YoTkpO@4z>IuleLuzP0*#v{Irn~>G3V5&7@3lHM_O;r1UN4!xs~pDtUsntK(_0+@
zb+0GkRfkDl+OGe@(O5YSO|Y95Er^4;dnbAc%HHvD5ay88aX%#Q^FFuf9v7}P*C;F}
zgXtkMQTy{BdwC^|WNRFr#YuIwe?LJusZOXjIOFEH1St(pqc|a?yKg*tck;EmE;L1D
zPXD7m+}VU}H^XY^y?b<uuR9LnN?_F05pOV=Tg6v<EGk&JWOQ(#SsZmFEhn5b=-c@K
zvFgUiDM@5QO3*#v+C(C^pX_NczUIKTcHYH!)N9q7c5lx5*y=TB-8PR;qv;+RYsU2k
z&;8&TjwbD{1e)Q>W>~h%dwWH~pl{$Bp4@tApjm??Cn0TDJG9>JeH9sR@U(W(y8Q#P
z)yYARvVWge>c|8BxOl`1?(*)|KWrECWVeQ5&RdhQXiv!}ieVt9aTsOHVL9Ta=45X4
zYUABOGS?>D49V0Xw<BsQy8hW_h+06i>Cg{E88TyVG?PWJw(cEr_pVOSTN3K-v4OCO
zRi}Al_f!+tO+ghJ_Gf~gdvaysS}uB}M*OBuA#BG`G!dA_#9NOGzM2zj;xG$HUPS-F
z&`o<7=)57ktFp~JTAhl=`GQ~;^<KSRa>7`tdNA3|n6~3KWTK1)r5WhH6hT+z<<TZ(
z>myYL^YmQB;TLmn)Ew`z3Xv|qRh%{AEB)A?^!ZAIO$;ByG_H6E20Y;;Wpp4LWyT&{
zr%G2ffq@s@gBhD6-_0o=GkOYYjD2b<43sxk3uMPVEZpC4_GT?}zt^!$!X77d4x!8k
zrAyHsdfS~0{>F|>kn033;lfnUx`&e;HlvJ|$#uHBjqyb}nK4FPow(h?7w%lehO<I3
zcyn(F=25z<vrRd~GUj*xs@m41e&w`uu;#g{U!Tm|JUjZP`rPiB1{&@uPS&Esji&O)
zHI7igDc3%IRaI(-=;7@si@b+ay4qcB8ppY&MU3uJPozRVPCgb*@X5haz$?xY<<T>h
zhn%asIy&cm!FJC36nu0~4$nt_VGzq1`sUc2?h((uUq8`+S4SgscPDl0?zyl^;<~#X
z7gr~N*2(wYmUyhDB%Y}&-TmVvZ~ncwGr3<>f1vf4w6LC-U8y$3?G}1ISy<=ul2bfZ
zUPZm-s|w`Oirmnq;I#GVSms)rT_^Q8$sxBnX0B1oS>&Gos-&hnd9{11Fuq<G3mN@S
zyFaNBBbDFu_DS&jCxy+)YK=l?N@~or(Qaw?_E_U90O5^T+Jq~E^&b1jj1-^Pbk9?C
zaqI8@X+EJd|8COIx{NG0FyVN*3cn^aG6|WLvN;LH?35`#GgMitWoFg1w0Qz^1g@HN
zbl)1UHsNOC+ll}aq*=Rd;?j!2tbNQ(R-QG(Vj?`V5oU8UC##42W>PY%GtHD)Z;+L3
zW`nYl#H??oL^GdeZrEIzU#o`9X=uYB1Qsf9PQ#jRbI@7jgfbb|jD;CE^CKoxQO10n
zt0rVD*)V;o50mWX=Q3|?iAP{I&FUA-rit6C%B&~0?n$38HwSG#5QR<EqOLh76u`4g
z)MnKa5wb$YI95DaH)!q#{wQpPRc6ca)_OrLEhf;rxuYywF)fOYCYDT^YJ;~KQ6HAb
zWObgALV0U>d_((C2RBWRx{4nth-P5U5`@Uuuv!(QSw3T_PF7A^*<~`#cM?E4GFfhB
zij?6r>`d=kM`W(bG_dcUfS=hqbVN~7>Mx#ZMHgTS{>-526ZQ3Cx|}>~hZ-nIFU-hh
zsTNJhj4Y`!HJo+B{?Zlmw$TfHra$s*O@h8dYrSP%u=zEMGhFwCQLH*P7YrjV3QpwI
z^mW$2gN+R0ES_dw4OOzz6b9iC4w&IX2Q+Q{=^YegmS$vSsfB7Jl(c103HW@<GCw@P
zTl9pxWo{%9p4RYbNh*zrb6KB<_NYe2Ks>ic^Y7ii-I`yTe?Kx|M<(pZgdLf%-=_&<
z&azR$%8abf<Kj7eZh%H|!Ip?{gN$`nMKkRJq%1;9pyYn83sbV(Q9x#?k8mPpG@GFk
zY%$av9QP<x$c8B+Tg}C^bF|s&m>?iqNd*PMD^A=p4<Uyjz)03XaWg_B7ziaSgG>0p
zx#s8)W<G&X913IJ0x-}p>iPg9r=FEDXv95pQQVxhaoT2e+1#d&zjy!c$OROk5(ged
zvDDxwiam;A|IktFkqcmxZr=rPUEH0(B{>IIC;QCK!InX0Um?dTbM_RcB!iPnSZXOh
z&AM-SSX>y_$U$b=vpj}Flr?cf@}-tH${gj|Mwc;hZgLw?$S;$d;x@OKd<@jwewOpg
zapX;0DR(KCl>a2pmv5`3$fjh^+^O71h6yLG7MxkwndQbp0M1!!S(-f9vTHxG>|{_D
zC(Fr=+uS%hal7g)S-cBt5TKg;*XW$REe2po4lUC(LNaXa1T(T#G?OL!o@z&yOQVEd
zlbs47RD1A5hA4c1BPXv<8Lw~z6>tx2&>N3bJ@)?T{=-oS&@-0!9)$o$A;3`~>z_j*
z>nH>`3IUEnfZGoNR3QXPiqYyQnV3=c$d+!wk6M8cNBClQTPB1Ai76##+QGDy%8Pb>
zgptAubqXPm;4jl!>MBAq!Hj^+WQed%=p&c}k<pd=mB~}NQQ$VBT8puj)WId#^IaIF
zmXaEY08%+!=p=9wju|f#Oxh=iMLFT8>v|Uw+H{!UG9`XtX3Fq_W1mxi&-9$h8IYqM
zdcarxM~r}q;LLu}1YZKz1e3y96BMQs1iPv7fL8y01h6nu_RqwYi3!0Y8e}>n(+DsU
zkSA;wShi3Pw_px#&@{YNvCudZL3;CDn3xF+<Eb6tp`aH=_=wIK6W=pULv942nf6kb
z(;q5ivP9@fzJ%%7R|{4Ukqe{PKWQ8xF6v~Whipg{a0YixBdMIJS>c@iKuOBTrV&Ak
z8mMa83zWu!6>1BoL4!N^mCC))7-i5Fmy>FkK1C;e*_Rl3@@y(}XaQ~<Mp@7&-O27S
zqc@oC1x6t<kH1=?HYmsk-jH-vN)Su5NHdv*8##lEPau@AB>h2S^rm@9t!M>mNkt+H
z=@pzL3YAh#gmb1tB?5c@bpP=v1t{VjRRNFYvXADn)rMlSkE($G|DFgsssjFTR{@Vw
zfTI*ZVs?}Q{PCp#5?twvRLW0V+h~?RGAOO{S;{1pkcvp{%`-@`q?Qs`l#{YcV5F2%
znKpxw174D>NCc&84o8y6NRlN?5-TZOl4#!~O7W{H1V~b(y%Hv=k~F;)9;8rGI<RC0
z$!fzK6ecB;@FcC3Xi5(i6*8*wfst}5r#?~!fUgwI7!r2SN#XpWjnq#{D4mncN`$4K
zNi~h26p}R3Uuh*AC6j0hNBvkbV+AjoN?22h$ZQSRQ6A1x?xgBjlWF!yLZA5`)PZk!
zk+q~~B$d`4Kcw$)wxU&;Kv@T_DK2E*FV82*#B2ScbLQ>9gJ&sAzymFk>Zf!gMKzb_
zUMt5)V{s-auOwK)n{orbks-8DurP-PQpFH-%}gL@!H|LnDIj@x057~o1tlLalRT+<
zq)966u3mAA1d<W5g=Q%zz__iD&1z@dQ`X37Yx)3_k^H)fmijTOQ37S;E^wqslacW`
zWiYlD&&|Q<GbJ@Lh7wtw8vGO^lt{>wR9|T;Qs!AtW+sso(TB`@8k^KA=R|AiI7;IP
z{Lu##3NNIR=B5a@cLAUd7kXsa5YqOuUZ^GZcDi*puGOOV?1pTM`)yLme)VDVmEC@p
z?T_yb2cOtpW?P4C9Mg?w{f3&_g=Z=L`T-s{`>j>uEgs{yFAx3O9F!f0TeYv-1{j+N
zY_+k!`1PWLqS2Q{Py4>t@6(uP_qb1kPUrq-uT`Hm=Ge7vi^Fs`eKtpB8(MaI+Axr}
zklScuTS2zWp@n^u!$yR5@WIe`Z7F$tx>;ed%_rN1@vwCaooz1xi=DZ)JK4z4_BD@p
z&l=wrreUAHV`*NkZ4}GUb^rSI$Fi#!44+ot_%j?Uvb3!!<F~UAY)yLKQ5a9ZGJ%!E
zjd#_;9aWu9(4AOn`*q!G+r=iW|GOz><8}w7<Ct?N4@1?LE*Dj7Gs!Og#<`}2J1Z`Z
zw?nlpQ2oZl<AHE<`|j5NJVno*86vn-EQ!GUYQ>i9g8X%Dr5?^D$)29<2DI<$c(rZ2
z^sW`6IqBwdF*WD6IA7-E>U<c=aIN<Bd^Nf^Y$=YYKGSXOEW>B-P84n0dwQTy?%Q6z
z4r4cCX~TIF#0Tkfz<Zr?_CGazx(}8WHyfSDf?~`0jS}iXf!o0hIi<)Qhj0x$F<}}y
zcenocWwKo=K)xz}VM`p1Yo`tjM4TQ6b2!w`*YN9hrAgoVsKjBN<=r>Su)nz?;sERL
z{N4;dFmwK9dE`MbmId|>jehHQ%LE)7=BY$vHyVv)LhX_pOljMMZ^z<vXDE_qXE(Q;
zGucS!@j71bAD1bxNp8mU_%@QWkJ4;V*d`HUDDJpST%?A>)?m!Am9%Y4&j}ZQ)nAM6
zW;Pkau)^l~+K_$@thN@epC_`{_VTt>ai^YaTaUZ*PnHJfj25QgHa05O2Iy>hP26C6
zboarqNp;gESK{_n_jUb+i|wL365+D>^mP55o|wTPp&bL8Sf~4bjO|Wg!|*rT(A}L=
zIlAZ9<G`JI);TC5m7MdlzLmT-nqS!;{ts(ZA|J>TBmAJ?wr%%pT|Lp?d8*sG^`8$i
z=rcX?LZxB9>9N{lI^UfdC(HxbMU5x|Q@h56y>sL?ohG#&jCU6kbha}W>`b1T_2GPg
z?125NVv{k)%<mo<pNVA$^62=QNA}nO-XDWA4!nO{&)UDc&YtcOBDLY(`4-?zPmmag
z_v0Ph6l!*2!NZjB!=-U&N7fvxpnpTli{tTH+HkCdT~O$3xyC8{`>4LN#Hi&w4d%f!
z-P2=Jv3#OK+hP7~1@^guVOL=9&e0#;#r>7w#s2&_GxQ=1r%mLnLoyMg)zx`*_;qUc
zgplrum^ofzII;;XKda~A@9FNPCGR8-%ee!jA1z7Pu|D~tbc4xol7M)vyQfjTd!gxJ
zqdGI{aFra0#fyPrIPLLR9VF!JjY<i&e^Q^^8xHttY0^?J<8vu@`?z_bB4IQ0!|4$X
zB7G008+=3J!oTJOg?0`~lb*qd9V;n{OOSZBB&^_m_fCzO<FnTB?=EMA@O@0XW(l~k
zfy&JL9FOp$dt>NnOuzm6*$CSuD=Y2*WY=0hcL=U~^!Hkw$kCl^mg1m1U(xCX|Jym1
zoKHJr<;z|Y1{$}K+KHwm6E7Te%z>`olswYA?g7D@(1R}As8dtcwQ9<5T1DU2C1Y=`
zTIyw;`qjs0Q;5EEjrzr%7;m8Lv~1G-&85m?okwBymon_{)mprSukGYaVW%=jJ3(ad
zT4TF2Slr^p&K&wpyiYmhU{+zN&vi*SM2{!0l|;gHu#|)CT@M+%<Md^E@{4*#D`$OK
z=g^=L3oJYD9%~-wa&hunUz)WB>qL2}o%-F{St>%lT|Mw;JJqkVsK)1nj3br}w)2Ho
z>iORm1ng@&54PoI{Ho{!XA^Jmu|65GdvX1cz~*sUq}3wLb<fk?XxHMyHrcU8lPMfy
zx(zmKO5HlZ?u)mIWAFF;`k;>W3#Is7@)=!%`PH5S?ev{QRVjI)O3IK%Y_+6BC`)p^
zHxKJ{?>dDCpTZ5tD2DFy_}jT)>+ObmQuoDge&3iq_;&GJ#Pey5oZ@wNqxsn8Np4nR
z18!y1LE>@(cVd8GJjh2&-3Hkk%UH#8bpT`In<%Ke`DQPt7wT%$obTLrzk8>~+-Se=
zcEn`)$(Ix%a>^9RBXM+!UN6P9N#<jZ^xfUdlH~dB<5mojAhXXoFn=#zHSZaV6kbiC
zX#5&;se2G7;@!cb#NE9}-=yVE%#W`8b+u9}lzzh~l_O6~&!MWbo*u&W_B8%_w!8XT
zJ?r$q*o@dGxzAVCBcGA$Q!MoDgnzAq5eOY``C0YWD!<(emuoy$9L;&xb|zj9ykuM2
zv7Gu(834{z%)j+NFe<}&ix~#v#^=EzLJHc=gf>Il0;_c=lGJ2K)j8K8C~B$1hXuAO
zM+@M)TmR|1257KFB-6VA)DmPPO+uP&VCQ@8-FU4ih}UEV?Q?)=tm#1A!EWqNzQ*a@
zqlw=+I2V&mwxSt3EGAj!_RSvFFAK|(z+1n|4oe}H^woT-1<jcqHHVzH6<Jhne%U;_
zxn?t|W=pLCFc<B|ym;0XsQj40Hm99kqGs*QO=nAj*;%u!=Bm4MFBge{J66HL+?waz
zDNspD3*P&AnES$zS9|hz+tiLiD86D!l)^dLibU>kxjs8;ajDnt#oOtl!PK2>0>Wh&
zk6d#efrX0ZAU0LH3KH)s^LUnOI&cvF>xM*1FYt6X$wPlq@zr(nG=7?)88nQUq@VEr
zdGSbr;`91d<~ZH`qTAa3qCPbv%J?Y6gnG@O;f9G4SE)n{)eov4ulT6i-d%O@;dwQ{
zglNuK9Yd6U9OoC~Hsy4B`@ASp2QuFLx>r0Hpxn4W$3{}2!STX{8C)OB2=n9g*T;rI
zor!!`oqhb-?T)+j)|REwr_@PJ_PwGtLm~K?(|9fof3_+yb$9(`L98r>&*PBzLY0>A
zc0DQRe!&ooY1xi~9RmJoL3Pak$Wvx|X;aP}9w2u}WnLW6-Bn@q<6{V})SYies|{#!
zr3R-qhuSn|T8iwo{q1Z0funN|Ge3%QJa*GeG!Zc5=)`CyUF;#btK3~d{8`CSrhDja
z!hE`!0#s4EigiPq=HC)Z4{Ia3PYwp9_Yvgu{?GbS8{2Sr$ltA3X<VMkz;COk=5Ur0
z#=+MP*0kH6_d;6s>SaN~?*6#!YU%IFDqpMTKkT~W3E%i}Yfi?aM>4u69n;FyvTS%{
z4aq{gTmNRK7=t;w8ocuQ<48H~poxKqN}MjP%!JcC|DhC&H?}VcO-1h?Ut9xs6YG)_
z-1bOyGVXxy>m#LJ5w2bUuuiyvF{@U${_Zej8y>%-M0<nn$TaFsPhbgExQy!<Gq-m1
z+O_F%)bSJ*PJeXx9%DbnH-l`m0n>;!(Si_3@Z5b*xvtxJvtk})^-roj-I)5XBr+}h
zXB(8Ehqz;@M6XZj-?EssNMU+pYtu-yS+W-0ldaFJSMjveq}j|5deQ%NrJ&RM-Q`Ws
zH4!%AI2De9;oa10bq|<OV<{yP?CEgIzCOm@YI)4=R12y%wO<?IZ0l)ElZ!Jr)@bmz
zcUc5!F`8wKLR-ro?P0ap(KX8>?TyS*Lie3?mK~6m;JR;lr3J5+5@vU$z&A@1^L9mj
zTRdp-qD7n*Oj^(>^vyA}_U&4RY1}L#w1CpW-Yi|slHx2jwLCV<e6yHU5Do{6FTr9#
zsinkl6S!NlYH@6q&04<L7IGTH5>L-&A*uzB7UX6@rX{M`m1>tMx>%Zu0$G}D=W6yq
z3i2(qv_lsB*-vcwr>86vl`>?3CF)tonPs`|XNNGVStx4>uIDT>wV>V-XV=gw`(Dvg
z-`U@38K?2H9Ms}WONoQ6c9y_OY}y+yan-U;xK!%#=w2ez-T(To$o4M{xc`mm_wT)5
zM$Ea+vvzg;jsE(q{XJh)2qR?c9?gFaj|rN!JHDR^bPuJXn$*kkV>Q*SCxto5``S7!
zxvY@=%Q6JgqCUHSFi)c>&YviHY+bT!iN|5ahNpQ#J&aehBsk*N7|#~SBz1S9HokTD
z{<P@qbx3Eb4*VC@QkdK7H|oB_iQL`SMiIs*T{6!XKcDc5zaCPLxua0IWrjQxgETeH
zu$tnuo4<cDtw2rRT*Z8iv6Dg>B|h1Rt&W$f3zH1T<livTJ`SUjy?ag;ReH+wuW=!F
zq4hrRuDdd=MQ|$9*@6azh-ewlmacW@K{YnP>tQikxhi!^(I<(3#r9Xb?k&y@UEn`(
zVu-4yv>%p+oU8WfiOmHOjtaob$@aAA`#*8HdOt929!(`2-uj*<*xkv%Jg?>mL&mbE
zlG87Cz0%sl-x^2I4L#G3`J5t&krad;2~NI{+Ml}C^Y@^b)Dv|YzEMF-p7Ulx{5n>Y
zN1Hg>tO}@<rKcG?Y3(B_zPzio+Xc~3y=uV;zGZ2-aX_3hiFwhN`=UTn`$*}OYQ>|g
z+XY`+o;C0r?dLVy*oTIDwBywpuN4W8cUu>8wY3?)JZPZ!IN%5+#OLOBEL*CS{S6~W
zN|UsazGlS|f=o3c9P)e{xrJ2QHPg7$Q`HuOpH?wLtJ~9+RS&oRQFw5n2sDW4)Zn!0
z3RBq7_^_DCSf*?@Hb4+M*|(fuZKelPDK5|%pBB9t=c5wHUlYxm^c#xA$g__D+Cwmd
z=u9xr?$v*mNG>RAiSwnHnCCCg2tTe`G<M~c1I%$sv3-T$Td-_3_SwtzBImJTYaC(-
z#=>=~zPAbAu1qx5U>db!qO%?^wUuTr8|)ctnZMnYq;2aktk=Gp8^-OypyjIXdzq95
z!+0-3ckz5ZMf#={)VQ@KTZ4KsSXnGR1Po;;-fDeM9oLjbq3b{?K})00-0_louMCY5
zoc7ub0JjzQlAfnDX$yza%k^4r!T~jN*v7So2UpQ<YBt7W7KZmmR`t`}`rlrwM~?NS
zIgdxcA(p5~L}Jz_>YaML)jij1J!3n$CrW705XpD`bsUc%P!Jpdw^l7S`$zQ&%G#LI
zM2_Lj(1D@V5_)o$piiw^^FB?XsMfsL+O4VPa{RFHWRdJjF|haXXS^2{oYxCW@5TxK
ztrjx~*ibC*o;K1DF%Ct`^$Di#`9Rg8$uTR@rK#z{lgAqs#y)tWB6roMrn}`g^*)#W
zzwf^Jo@m_v{{E>sjn}C)jkO3CD)oYOphyV3N-5n#G4;Q!rw8BPon4C1_KgxB(kp42
z^!3G)D|a#-<H@2ZGeAC{EW@$>q!t4lk?i%DeZA<rRW9LL!B7#-w=nFjhh@V~7C=Xf
zXdJj;V=41&73CgoFk{TzU=MvCpM4)5bm`ZXCtj*w8E;`#5fx5*kIv<~7C17=1)3qs
zC$+B^T+;&f&E54MaO>VWOmCq^u-{au>Rsynw5PqUv4V#~!JJVNbIs$kzW1V0aPMB6
zJM?v#Awx^Wz<PJl#r>b=yfYmXiy8Wox@K3qH--p$2rSm&u)#3$D@cpeNS`J^S>m{m
zauk(OTrIxcsB0;>k+H#kXLdjH_;}oki(^NYNs6NU_Xn?`g7WOD=kBRCdAhH4IX>7v
z+C78}yY6xA-QxT8*=Tp6XlwmI^Joq0HcloRw+e@)cHI@0vPI-`Tfts!;{7=ASk1}5
zc&R93Yx#T~+<~;{-V>#vd4B7Q7K)Lbmb=8y4tc>dHBM`{DHxe<;%F1ExY%Unc;{#9
z=jb)`9q%yJ`l-ig^uJV6g|g%?r|$*Mgfb?2w;o<^6E5*OKVIS7T^@%z>#`5NR6tr#
z8|}W(YuCk|O4`)Ag71&l{MmwSQtwO!O#fzGsIX?8?ac6|0Ymb2qu2tX^*b|jd9^WZ
zKJHY#v#O!>s#rECxQu`@*DQW5WVHABn<9P+#7n|Qkf$bM9GXlM?o#+)9js4OilH6m
zuakXn$(xHqV@B6#rw%q+Gg9@$i|bE(Qj9k{GN);Fgg0ToDGPmR{poe5w?r|x*7Fa}
zpFh!UJutu4ox7b}w0eJFrzG$5-HjU6_oX>b2@?)0pWV~z{WPht1vm;DI&M9*)4K#?
zoLDJnLGts<_5F5?#L(NZT@$JAk&(Ex)MlA4jo0hiT=aYUCpCgVr@>7|+eqtAO!Xg3
z+2596D3r$ctvlRrljg0f>+r5)E$5GG=H_AtT4=;VSX$gexpSqT^jI?AFrD^1&V1W*
zmwJbj*>EG);=_}NE11ozJX05@Pl4}H(u@lpOVzM^wWWkYHWrW`4|r!bE(Q8lNWEM=
z8?o)LmkM(m36WbVUw=|&?#Ze#6%liX<G!};Y0q|-6wlja!{7$L?&*VybItl!eNt|^
zZ47bu{Is6|&-wFHTV3JYi_<3?Wa}djW$$OpRz1^W*FCwk;%xod?w;mty6+DbbMQ5#
zUB}Z?lir0s`laX!+w1oR*i4+E4f;!1P2CO29NUW`OCh)LbL;D$RA`%b*iZF0DW1R6
zU9IyGc*=06C6IfK*&yuhdbL)~y|#ibQk4<O=6G)Z)oSx%{q8=wz4Vl6RCp(ZZ=R~v
zgjyd~Mmh^-dE`w`H4MAA$BVm-HLk!m{fc$TB!)zKy68N*nRRusHLrEuXRTl~Bo(dl
zxKrNieDRiEHEgD<2H9Cv;#bOQdDl8hnG80SxNN(&9&pl5eub|WYvq)x@_4&y^9v2D
zlGl5jR%B&q_dq^n#i_NV-T7-p4a<;kcE@Yf`P0WL4Ud$z6st*5d}a0i&W|eqH_5yV
z^IrD$$2H#jMV*&-?b(9my*czhtzk~78C?VAw2(kHQc7r(s<b5>{Bdzvk?YlZMjY2@
z)_pdNNfN|V1BWB+LyXtB+eZ4YtM$C+vBl2VV;Ssru2$M}I~2@wr|M}KOgz^2P8a0e
z$*ISHBgy6q=6<j*2|OiE82h2Y%8pl{7T-_2Tv5W{4|b|gi@qY$V}IB8`>2(ou@Ccc
ztFL~k{CL#8`VPJErC-JS@OvXT#!z$@-!6!fAsj0i8$+9I6Zq{u*idW919ndzj3Paj
zXY|CHS!p{^&bLh-wtM_)K{1{+5}*0rJZsVC_#B2c`d$tW#%}W1bh&A+$f4aEq+ssz
z*Ne>W_3(U9+|&E;<Qfc*9a~Y7{aWDi8#~ogWRKq%qy?p{RZ8)aev+fHJfsva70<Nw
zmt9ZqhZ-~!zQ3?t?b=l7R5REHd=}YeiDD)O8m+b-9>*#ZuYXCL-ZZT3lK^?v)vbH_
zdC84^FJ7+Y4`X>AIP_&f`FZtjt$G_RmSdh}HLG2HZ%=JvI6vhC>MpI<YQ1!4milN#
zdwfBMVW9~6b?2`XW!Bf_wWkuvoh<wvZGW<U$HkXEAANeK>@ZqpB|cjg9kr4#3jwkn
zq)Hpt=F+jA(G2lv_?x`J!YqEaVUgHt>ukH8GLyUHq(R?W&v5?P?Lv_<=hvl+^xh#1
zZG;s(56oM1r{-7oh3;aL=;qV#T?rdzgD>M9@Z;I~J1vv-T&ZOOZI(_yZ4pu{xxL=^
zI9=5}w<jf)570-GU?M71>|UB*$!zRLJtYo6`vXjbElWW6z#6q5+U_SE^4D@Tr)G9n
zY47@6EKczwS>^!J!2+-iZB+i%2`p$@6nJ`W4{>9v1-trp-x!|m{L+)t%m_b?yrI7r
zmbSQM&x2_rkjyi$-F2#O-L8yJbFG<tpP$R-Is}PY8eaU)5J43^UzqlPD7}5_XT6=_
z$)*-3s|VV&WLv5uE=+x|`A+uU7Ut~NfLm1{pGccb{Wi;?Mlo4v_55q~ooqCUG@Ft|
zP=obf>wovjO*!FEis!XL5z{2yi8f}YGKMi0@u<v>4gR!X<bA*yug7|jm2utD9TUji
zx$#tGyE@pYO)z)Y$a)rAq5H2^lwoU9ds-R|^#Td`m@KTkZO_m$`o@>$8QS$jN!YL6
zDylU(0wap3kZj_SSZ1)a&09vFPnJbW2G*>1GE<vid*AypJ}!;cv}`O5-)f{2oA6p1
zsr%@1!8MNITC0P4>tVtzXYyXG{ss@xIMv;@AD&N!4O+S4{!8mE4kZV*Fj<^COv`mo
z%&*8$*pV@A-P@a|6v=(d55|$rf%<)FlO<TQHc#{H2VCxPqFK8G*_X#|tZDpYfyez9
z%l2HV(NlrxKAV1jy{JixEcv`r@;~0$CQ9Uk(WvRlH1-|WdU0~d2oqtKXZd12-gqO^
zw;Pc~TNv@h>4=Angf7#AHg&sRS01eWe3Y?eeWv@bYER0Af)6iJbL{TBSe2;jeZ+jd
z+q&Dg^Q-?aul{eZ{$J>}?z=E)?OV0J3c9fk*s1I9m96{j203m!=9VT>w;o)dLha74
zUppiPZ~dRl+PH)U$d^|@D$a6*NzjR&ps$^zcC$}I|D?)aW77Rep9cR)kq!Z^d-$pw
zUpqhf_VVQ0_T<}z-ESf9w675PPb$FNdf|GnRxOBJ3aF-QBZkzryYI*SL{Z$%*3R5)
zAJkmyr3I$VIIj%p_Q9ZAPYg#;UTJ+K(3*#=OUd?r7{|eWJB(Y<J;V5ox!@m^iVm%`
ztar^Bog3~P$_f4K)sjGtQ!psZFii%!W;EuM+_WBv)Muwh)@O7NU!Ey<u9p$rxqa+y
z$;;{yy^p3w@3o#G_qs=3D>G#cy}w{m{$cum-F25Y-#esXczaBxy-e$T#1kWUrU5fU
zyY)9Omleq=&Qsp3ZwXJ46OJ_6K?IDm((_>04>|hTi$y2tpOg`X(Xr3U0%jBZ`Tl;2
z-Yw<n-W53RRQoomB?KR!d#3JQoJ}4cD{i$jVqUE$S;6swh;dk2XQ#X*JkFjRqY7%d
z>!m&-!?Wifd9|Jzu$TlD6;Lfxd@rs}3mz>TYQ?zTWj-}_qDj=pr?^Ofl1z2?3%x!l
z8h=p#OG<x6y2p-j-9Bsz^`<?o*@=5v0@s~upAISax1B`Uq<gw}Myf`dTiZi({ZMx6
zsm2>pmSyf}lr(CX{{F$YC<lT|X<-KMZCfw><=v@wy3dr}XK;QiKA8-d_1E*s^+WOL
z;geNPwsTjh%W|!j(sWO4N(|Q0jmJRJ{88h3$}^JZ?&;x)Bt0#aRD7G20M2e|+bjaT
znkOM$trh=CU7y;N2LJk6)tZRD*2WocFPi&OQw^JnAJYXa-42U)hx>dZ3CkwDTA?8m
z_v7+>3c@Y6Y3pgrv%dh!ajYyNjxS>`;~j9&B*VwuUsh|IuRf?&x1Xrbds>s+2j(rh
zm*!UvDb>4M+7G1*KW`H&)2D`{$`r{`8hEn2V@~X&2^IxtC8o)AS52`z%I@=^S&r34
ziY9a~EosoOyl99P+H+&iReXKp$<m|db@L*cC0R};lnEfyGbSBdu{hqYou#(*)Og9+
zG!0LJ-U_ST6H6s-g~d$vr4ZZACgu_Y(Aw@-dre1(5slPzIg|IzFAsDv8KZQtRGc-*
z*!+I2pB*E%?6wEeO=mVSZ!chfP%IFZt%HYvCkn(k);jO${>-HU&Dxl5+iZig!iGvY
zwQtANNn$fUfn+aKtL+LZk;d#=D%{;ihv`EoH_X?Cte9q>8YAs@!#L-)L%D=_%#W%-
zoO)8&@qLbEdVlNqw1@p$tdFsEZl^+4hcg_~G;BBLGjKWB?`7<T84bf)$@V->?j8Ou
z*ZI2QJ3eMROS#6|u72)R{mi<fKkw76D+OPZu2%hAZ!tA%O{Lm%Z7xF{ung91hbL-I
z3kmS8|9p8yv?br8UZYY#Vbo;g9hqWfb%>>FCU`}X!}9E*uVEQb%a-E@*}9bCeTt&C
zrEQqYD%LA8)~5H@O~f*5m!Y0S(r+!b*(8okL(XFuJaeXS#<*7eeE(Q9>oB%cOQU2d
zVUF&b3%(xOVwIbYb9?l9eQyW-?cKV3&qM3u)iUez>sJq{sP|v*`E2{Fx>?uf^S7gP
zu;Fh8S(<RA#u?x5PENlMzGs7?oNZCsz$bBNc1wM=GSh9RQ<Jmqg{7yIy%}^)WO#BO
z$931*a_hsmGSDwC3%^tSwd!Seae!|<ayaNR@a}=1R>i_(*{+kk$^yv4Zx$|37KP}#
zs)x8nrjbZwaI|9!F*xOD+}6pZxP=p#(t8)H$4{2Qou0#es^3>QOtfr$KRNEpD{FGB
z`?KorT<zNV?<2&i&0~ci(SJc=WBJF`eKSozSSuJYjauaGRLo(s;E7Tc{;Y4+XV$_J
zx>k6ydg-|;G#hiQL@5yoCj(RSa)FL%X$eBtAG|VtmccaZ3l`5$T32Fut^B~nBGK!`
z#(_xPliId)aX8zdC62}eOZU)lPhz#Y`ogvP{81InmH4GIUeIDair|mpJyYX-Qde&l
z#?KVJvQkYT-reJKe-zOpC##js!aLP!2H#0EL{sjDDy|E$SwGQ_gMGTE_QR*Cb$73p
zul79Ze&dWZ$?rFP7*5?8DEyK-SlhtG<=Qa2+)8?2o6kmZY)vLwyJ=$LjgpO@;aN+;
zld5!2?R|f6uH8e!sf`qdYpr!R^$w?Bl>&XfQlh`AtKGdXSNuo%&U9P-XNMXMpS>Y8
z*ByQJ{OYrVzUp}Nd#{Y1^|?Kp&w1A8_N>qC+1LALty$Z;*XOKNZ=bDU%jdjNGoQVM
zw#NOUtpFY{ZoFs|CKagntDa+|K~SQU`d0B#RNf3pf{l#Q^t-JJXimd1SnXH?kUd-L
zuG-vKUg1!be7w!CwJUJ4onC~U(YE$%lTo+s=X_Ft|D>MWdS~wB$r}ukrlrt8x<bKx
z0%bmVv#U?R(5GOW(JDlEFm5lBzj|4~6Lev0P3RPB*iO0Y_4L~EIxa6bivGM;?T0Xs
z&d?fmfDNHX$5!WX_x)`+<#^s7UDOBe=M?V`syG7TvP<XY)N*~8UWsi;UN&}i-95X`
z|Dm=fcf7BmtJ3dVWgTjN#;HM%rw%S*Z`19zM}hw2^BLS69b1shW;1+0FX{Qy(zIXH
zhSLPPZEa|CVcqeh;7#h&W6pvMf4zDpIV0<p;?e#YRh8h*FZJBCWV#QdU4;odFF36n
zrS=(Smqs8tS^EsVmI3Xx8p~U(UDkZ@B{_kyNn9wTK$BIfhvUGN@^amZ1O4ZZm-tI7
z#`{(pMaN|xQma)CLJuvc5-^qR?!IBiVR63B_#KbXY)gumD8fUN>b-K^6gHC%v1b2G
z*S&kW;EJsyC1ix3&{L#lyoPj$2F3@vMREsdFIJCjHBecI%fp=(a4kU%1LMZqi)p5l
z#MRUJaZj-VxC_?!(nfbzQwkGgx)=N1?M$gSJ>e;Rv{+>*ayQB6x3dO%%<b;(o!Ze^
zJ9zHBULz&m>#jL(dQ1li(y)UM9kqD9VuazPM@bt*EbL5T1yM>RNOy~=-s?{%P5SX}
zKT`J&E0dQPs6zd?MzKOL6EiqCtjQT@uet<+A@W-0buC`lzMcL<$ChSp_3Ovs6gf$V
zuFx;eN~j;nE#G|UeBq^K&OA=Mi-#W-?a_)BTZ_0ir@P<%Zoij}d)<7_Ej4q^`3YmZ
zzFZjcZ2kA^>`-Eu*UCF})Qj02(C>uLY`AjNKR4+$?_PSoU4Mlv+_x8@E13w89Pe)d
z^UHOILw6d1vsJy^{rURqv{KJG8`Vk!CxL3^31@*iU(`9MwyU^e1g{*>yG>sD^vVG(
zaxSQs2%M>_?)%jn{JhTIiK0#eeYt*ZT!W{pUNjGHXSjw6&RcaVD;&J2UQ3kQ`=|RJ
z_`1K{+Pj(QsUt=lo)OrDsRY1Lw67HN90(M~IdazluiB`j^0BTsT*o1}j@5N6tz&WJ
zaXu3ZlY~V0*=pwy-i!5=Lt&`^5g|at!*$cCj?~zXzun&*i9k=vJFSa<Xc1sV*dbPt
zMX+U=2(pAp2??B2jajz~b(O_oKUg7YC5slz;uR?D3z2jlv=f+FA7br<Xiwz{*4c<G
zks~C%HBEo4k~5Q8JJ3)m2_FmWyk^!fHru(?l2PX;6KZPYih1(0H7d*Kd}M~nrd%g1
zQwt{}d%X)E!DFzprZ=3hy!TJ{_eUyFB)aqN=tu?rkSbtLys(MdQv`lIfdv)hbtsJg
zf*`6cyl}38Fp6sBh;{ql6Bapkn_7FCsyQ5q?}^`PMuSm_pL0cT&zBNktWT6S2eS*E
z9Cr>nV;R9U-VD5gGT$8ypM%nwBY_!n!ao{Sc*f_c!w8eWqBSFx1&{s;8}~K<b)5RY
zJu(4DCZI&@UzQg<G67aZd$$A5<_!=`PF?~hLW&Vn6lXLNlX%^mw=Re)7%V14+>z5S
zwGwqOUl;1GOi-4`<S<(d8e_y@F@z$QbA3xj&e$R*M#?cHd3S^s#uQKKMGT{FaS+(@
zUW;7!4hT7|C@6(zIjEQ`sl;F=Va!xZ2lOo~W(b*0aTOz)3>SXhwIS1#7mA$D)N^@@
zNAOR1ULqp-i0M98pA%c66Ivuifj^8GYjogfT3ja==RD9A4B|G<LFDGYcn(w|x)^g&
zZ1QF_5!Fgd^9nz?ex8&Rad^r8aRlu`0}<iAF5urCxqu?lQ51OO0{&%1fk!UjkJ$yt
zfH(*_0>>^(P_E?+edF{vNG_IZ;=c2eD=vz|QHA5?6ePU-DMbY?P<Ema%Wb7kPKQI2
z(Qrs{faxjj+8q_W6e+l;6mmItqxn&=iTmf4-ATEbGtX!6s|U)wxas6M@*mlgl1^So
z71z(*a>L+<iNZ>Av$8@sfese3K?Ne%$*tg?vNOl}N{^8qQj#HAVCC$=A}l~PS7ez9
zwiK3xQUW5OhjNl2L(xZ&Bj`an4%@4^lKtU^phUSTrF}4Q<7%g_fL)N0vJXxO+7#GT
zTlJ=3uW*H@s;GPabpPQf1Sk?6g#bq(z)=Wrlm-4v$pVi;03pR6a|j?X%0y|3-kHe~
zYN(J1nS?V!Jb{&vOn8x?FV_WiLNQ^5+K#%75JzoBz+|>5HKP=p1z<vt)Hu{JtOyV;
z3B*)1)G7okIe1@qs`4Wo%KK1-i9)v2V+2CN7y%UsK&@@UG}R|TRp#;Xq_7R&ty563
z5mpVsCQQMtj^e7YGohQ{D(e)4kOD|+CRCcV5+JJ8Bs3Jp!8+leI-3AZ7zi^sp-ZY+
zTB>iUItiB5crr7nUz6CWu$gY~SrCd=Fs8wRM|=}ZCgcRW+EH6gAvhIMW}O7OX)W9o
z{;OqyA=3k(OIRo*g*(pTPNqS^=N4Y01Drr6RK@|xLz_g=w^b;qNkxK$wwZg(dtK2w
zG(>OpE%F5-GT=_8Ec6vj^p9pR7L$<ye8dkplHF7j;i9#0IP#%K(xzUA{~)CWkuH6K
z3fGe`sE?9o98%u|3)#+WF**pHNibSTU&s%cMMW(=C&bUYd_zrg(_o-0s3%1cW0F-P
zf{b-a+T=g^4Gl8q41aY=_(bAh)shDoB-v4CBoTCv)YDNC0ag@GZE>Fz;6EOv06lw-
zmO~J`e<{l$xQ1lof2?!CM^!-P^N)2R=qLp^N&${ifTI-PC<XZAOaUZ7l4t3ibV1r8
z<&^M9DI_G4KZ{F~q9}k$aU|nr5+ocJZb)&G>PadjrOIRyScy<d0c@?<QF3Q4NE&Yr
zLkS=Y8_c9gxTIB5EDIWvZcFO2<X;k~S3X-oTKZx^tOV3z5uYStSu!H!v0l!&+GZvN
zu1UO;;7Z1mguy#SfUNzKJXzwQ$RW*EqzIm1V>`hK6G>}++A@?R)93{|nS(SD777!R
zL}N-H6<WaOuYS!#fkL{EI&f7EK=~xqSvU+Ui)K&}<<L_*sifXB1C%sf0vtN%F~tzc
zcsP*7FK8m|L^GfCfi`B7q>SbU;gQA7QgHM|yFh@~Nl3%b@B<Doij+xW%{mzoPeHG|
zl({!OB#~FdN%E_x0zc271KL>yi6@ff6h)-nl3x&{_(FDZS{pEvr^t<HKYIc~r_cp_
zNw{H#SCVq`W4Mc(79K?t8XR~<_A^Twtl$N*lp0df!Z)e65flSx81B$D+GQNHP|`qE
z#WV}NVW(HTC4ovzD2y*8Gig2QkPG_b8XB``^v^famnByz`rwvNprn7E-|wgU+bty4
zsVanyvCuFC9`P{*sr-k07O5fxa#G1Gdqq+N@i&zhLI)Lui5RPdMe(Avri`J0mC#rF
zK%^*<dRUgfBDdNK_F{wJKI5kD1`f>2sx<7-Gh@dvWudK#4Tva{DiJkfk|ax>hN-Dm
zPcu*vH^LEv00JgRcnv2otJa|cGBYZALnUG##YffDmzV~Mm8ug;`B8mhs@-*m;h;Lq
zQDDg420{+H2s>OnfeL8BRD&ROEg0rAPI@Mj=L|urR47H{iBO4vFNhs7giyL;y$}&o
z45b|#3t>{|hwQQzgh(&3>8uOUz}k?8rqL<{P}tKe>qBSrnO{N-1jGPjK}eP_IzyNg
z0aLa^Ow7<jmhvf|hHS(FiwP8w!#e$83Neqa5d>BN<6#s5h=(Jv5w++yD~vU~K}vO$
zBm|Fu6NP4*DUlJu3O*htOD91Fk9b=m&(oj<I~+a`HR44i*jdVl0$^azQvAkT422~d
z6HNFQ81hhh1eN;{6sprovG9c9**e$_oO&gy>|;Dxgr|9ncxI4+H+&&6@lR|h9IQvE
z9jJd_LPewqfN&%Xa66U&DItxW25qJ?PCg-nif@LBPDNv}OwXJyAX=b<pa>nN1YLb+
z@dzzoj8n1AJccXCOW42(K|K&q&vTZ>N8q?@&><7+sAY-_S>Z~I6K;W^33pV3tqPl|
z1)<Fr1sa&@vA&|gM8H!l5xQZldss*n1VSOc9&-)W@CO|Mg^hk;s3*3NTcFSpMQsyo
zd6ESuOtB9r0W(4zKj0HaqZHAK=*519Hd*`<(ZnZI0}BPDqMkPfcsO}{i_*rCF)XMK
zYx6FgXaYDG3#Cvf4j!EnT#>I=>YkCv40?bSA0iioS)XVXYfBwcDUVE$NR}7`R4w6`
zQ3DTugxerb5En~M3KAfr6nV^?iV<-wG(<n@ZUhF!b#^#%4r)F`cn~VZyfP1Tg(RX}
z<SkAg{TU$r(E&2btda@JOZrGxLfc48LNNvrwaJWLNEJ@S_cF|+934?qpH!Rf@xT0>
z>w0n5IH-n-BosA33ty(WHvv&CWHneUcGv+t-2(xNY(7zs62x~T3ZsaIHgJ3nMzD?8
zjF}PDI6<TgKp0C5SwNN*6C=j1$I*f%qQfpTLvjAGydu*mT<kA(puQ9<;fJ_C!c5`V
zKV$)u``{)#yjJ?BjDc5=2!@#i1Z;#XJ~c4MqDK{|1L5`zHIBMcK0WXdJTY7-8etWR
z=m*oXjGt*}J~k6`MhhPp(*zCdctjglWM(lH;(DqDW_BM(n=xc6iLmeRZAOR5MKAQH
z+~`ihe1mtQUp+^;aWd+!_e|L(vkJ#xk1H^u773g@3m@tgDS|y1@iTc@f*lw{4M<hQ
z70k(;7)lhO5+WJWfre2Ll++(z>pIGCU1&}|$%Kf6^ii0&sN}7@GOR@fMoAzV8jv-Z
z;wcJIEpUKK&*3N)i{X!PBr{C9>r6=QC#pd0L^C+ZAmS908MOwXSj8wbG+d+jIFj)>
z<lx{tqXxHV2<gUgMj=|sQ8OK&)-Hi{_XTqlV-e>=uVG2*0x?5GqWsmCe4w#70v_}a
zSMdu+Lt7GsQ=q^dPis*|2dG%i4khpcBw^Dq0Vr~Z*+iQV5mX(<$_tYa1LB^89tDFM
zG3GC|A#}V(#Fs$EUuq8#WXIC<&r~o@F<n|j4KNsK6Jzj;G8IIkP)%%-U1);{gq@&f
zt%OmLgkmy5M1u;m#0U&SRDm_JQV)ViltcljBFKkPSf~eA;7c_1fenliBSMXkJdnhv
zFvy8QJR^ApKb$EBBPf#Mdx#u$VU*Jk>f?(0u!oH?P>?5NcsxN|xrnHC#3}S6P)s2R
z;?o&G!iTc16KU|H0lX+S@d8I;JajZ7IYC=cpdB~}BMRy}RF6Tx1${A}q%LLw7f~ZZ
zOu-^KS|=hVIoyNzl)&SaHXsHwVUJ+~dmNp<LEwJyjruTaiKb#cJjpd_AE(JhxCX1p
zEoEaI$plK{H&cfCdIzcd;ZoGoJ-ns|Q9IheC??8Qf{O9+R1A5{42cUbX#?scmBKMx
zBA<*ph#3c341Tmuq(Z9UjrTq$+b6A_7lDzXItB6Xw~z*zQkaMjk0J$C0<8OxEeeh(
zNP*C7BV{6*lsFdNe~e19K=26^gbj~`K81x006~uDH5LN%tYC}%W&eyvJSi6O7vxhO
z-h$BT0lM+PMg&t-M6WRh2t+xV2uvjAAi;8Gh*9v@2r$A_f*GG1&&_mUH(~ZP_ETC`
zo#$XaB2pA6#tSwr!r?av0b{Fm0(Q{AkC+*kIRy)hiBiNMwMK%#Bxyr6C<=2-wLB9K
zKqVLzV}TroAmsrG1BlU4H3E+A7>9VJUr#emQAJQkTC{{sR5lKR;^UK16SVVAE!J`+
z=}Z({Y=wq+4{y)l5!r*8p1>_eiJZmwkt%Z2%%i8MN8A*8i&nu8Kc-pYLFM%aVus%p
z6o_w59<B!l5j`2VP@Q6FjjFg1cO?==Ia(w2(pQVAq!=+=dV?)KYYQ_Jg)#Xy0$z{}
zMq5kr2!oi{L^)(RT=YG<M7J0~?o`h>$2Bpkam;AM^uUNwq&LP&0*6A3KzHkR#66*=
zrY&%ZS79YQoI!olCMv@#CV%3OD0Tys_{I7~)uG2*0f4abOY9fH=?fsy^UZ(B2@r!d
zoe0NS1b~uVbZ4|#9@K~&K@H90OydMO1ynOQ6H1Cn3fTi36N^7F%fL)Zn&>~z;uIu9
z@5mtJ5@Us<WP{O<-X%f|bnFTDOg>l(kid|E=5qbQ2#>TOFI)t&B^)3lc&k0)YG-T`
zo<!FjOc4dfTGHzTU<nXN3>!cW$eupIO!oY8h_O(p#om#0OxGvOX}iEDc7inGP3Q<K
zz9ZU2*W;{>L!()3Rx804>16q09paI+j1IvBmiR=PX%NeR-rBG(G7PYRIAJI((HQ0F
zO#(2sCIu3Gp?cgS3Zfa9(Gp&IW=DuI4Ncf+Togi)xby^(beVMU0{Z1^*hzSE_Y{X7
zvRCk@Y&6mc<iIz<sXk&YwW1Y91b+fNeWJcz(2G3BV&XKPXOslN;3GLOAyYgX9|x+G
zzgX1hg+9|?><!9!60P+HVw%@{tzJOKSMfx~Ws7_UDXAo3_^|g+_cnN(t#_Ey?{eC2
z-f_Qt7GBOt%mMXIq4T<s>6wGhT^yfz>V&@eNp`vKw9?`A77gC+XYJGWore8}GakQ7
z*thG1!cXed&JX*ybZ*yqh;Q^S?O8s5u$?xUlW3js=QKj65_)mT^jyLNaOR!w3cFy@
z-TE(=>&U^SH%)q%PD94woPfVt0_%-zj<C%c|HDz&IRw$+mqf=Ao({?+3XUyxtYHo*
zC4xlfud0QkCXvUnrVfM55uHfq>JLg~{<PHPPy55eyIcQs7*N|=K2Y7+iXZk;eYN!M
z_l*FeH5C5W!=R8OGk>4p?i8Q_7oqBn3b+1`!vMUA=6^_``Ckr$z#mvV{&tJU5;w%l
zi`m4%e1!~26vl_~VkyhVtMFGMTpor0<$HK2ITLTjCnX=`f%zsG1n;Lmd4h<DKQ~6!
zLZlWhUhqU>10%=RiA<7%fGM6Y(U8bL(HyTXYf4U&Y&9NQEGbJens_DAlIX>gVk`cb
zpM-~KR!cDspRbQZBcTXi?m4k$iXtif$XfN1*p}~&2X|eBC@%CPhJ!s1#g~h2k`JSq
zJMrbdi9L*zx?xITp->`hcg3FQl(;WBskl@YWn`nkJ#moHMNN9CAph^S5Cej#$q3s7
zpNO248M+B^lKdt#mQx5`<O<3LfJo3Ly%SUdn$TcG#0+zZL4vm=JPD}<Q3OYj46vk4
z`c8cb3N6S?5h7t9(qe`HS2!pvlE4bSi7YY%hJ@hY1zjqDgghZ(63K*-VT<4>{Y3Br
zHH`F-v_9#jgacC(Y^Lx53Ri`+C`F_Qa>N?5F$Y}<pOhvcvr&>JsN4ygB|Wf{#!E-g
z1_U4>Xe~Sjt$@|j_(xPET|`@`7(oG#q(v}}LliiwNa#?O_z-h&p&$j2XC`$MXi`+X
z(}#o!Uak<@gzQoXR3T`Lf_~6EVYF*WyvZ2;;+SM5!6?HL%A&IV!C)+*t8oHP3x3gu
z@xk$id3cNpIGn0#D4g_*a%fE+R<nHc9jWA*@^+}`MkC^nP!Y#uqy#RxJez0;j0rh0
z0^-D;pkgx%2w~X`HXs49VX@>s@&R{K<1#vtLI9bnXE9%IECiuJlGsE_6dNlagaZv{
zJ>_Q+a!_D6j0l#TCqls@ARk5&nv9uzjgreg<wM{>YHTqw@iv<LmSXD@S<%t|RL%4q
zHO<%&OX3<slR|IUq37V4{Ddg*1`H28cnZ`)J=hQ!*OJY`3swvf%L{)`%deB$$>RwR
zUNc1K$YiLM#&+XP{1rTm3QyFAl_~+MYehu}Jl>EGcVVOj-lJ3e3FGJv^(F9ZeyW<r
z*8}sQZiI(Xjc^bi)Da!v5hd`S|IruDpu3)Zjtnyk)D3SygFE;~i9v`;@j(=rX{DlI
zNo7EPl#VgMJ5rf!8FiV4_$x9)I!PUACiNT%e&GckxQiO8)#5XchZ=ZD0X-MP7l%PR
zXcyjk3bo<O^r1U?@bs{Zag7N^CHThAF=FxDxQ0rg@I&$S3TtDO7p&v8YYox&Xj6Am
z1~kq+r+L?qbqbX0jf9U3?}Nz8CPk%R)hm$dy$k1@KQB3HuMHcY)!$BC&w1_6X#c#P
z`=;KE(p`SDPgUA`1CvF6Qzy57R{eQzhf~}oHNMH7z2U|;X_Ncy%@^G#Kk3_kTvvx=
zXZ?BiJR2CMeMqO;YpT7c1HNNecE_4P?FGs6mIsFV)<5h=fcdLM28Inp$g3;zij}+~
zVjxq?7RSgffxL^{9VX<SW8M14?*{!Tk)*@k$8um2oJ)eZE<N5p@M+1Qw{{KW-zD8Q
zV{DcXzf;U?Z$sD}c_NW#zLiA&ry$?tChvq#st@_GVn?BuiE>z(TmpI*y*n(EdyaMM
zfBdcpFqg`damG@)Ct%y3*Sk8{rMVQf7xw1Gy54uA1f)>Z-pS$}Zr*yd^|Zp#{CTWC
z*8RNvi8nQ6lwWjPCqAk-(0<Xk&zr|SpFBH$iFPeber$R-q7flb(CQvbPs&omTW3c1
z|90!cGTrCOpmWB8jZ^)1ftV~tNOroed{_?c-THQ;zIow?*V8^*zn<j&PZiR_1}@Y+
z?FCamtZ%}^59;rS)&CExos2;5!aA;5e)WFe+KBFbSgj<zXX^To>Q^A_?a%Mk-y8J}
zv|jCFhROIh>f7`EGs1)$^@Om5yM3=86HcP_=c@IGtC0mPV1BND7M?$>9?#aV+~&jn
z_k;dvLBM;}n*ir@^)7e^AqbxD$NI4F)7Opa4JBY|Y~d9ex&Cfld$+%Dqz~&iy=Vys
z5W)?u(9CE86F~?}KqkzRy9k>+gW@07H*W?%UE>)Y?x*`J!4=E`E+IZ>->*-CLZRo4
zYTLabG;OH@I?H&BjXqvZ_FjFHTA;CT>)rZ=ul!dVxZsffaHb<v5I<E-#c<dQ@b{`y
z06-A=m@q_wE;eY1)JcGe#=F&_mY5$jkrDD3CZfF2gP`9;#>5I)Adxmd>VXx>5H-DG
zmsVJszkrW$5?dtBePkd6#>u=35@Ri<LY$DggHT~Gys<KUfESL0NQ?LT)*sZ94I>Ok
zT+|^TpbrEhE)l13LIY_mQIL9L6zU`mM`=nWnho0svNmi2D9}W7F81}E;8ASw60Q&W
zagBvnaMCwrjT+z#aZG&;>j@IxfelY7y(iz5^eTu+#!@knh0Cpl#tD(P>p`J@RvQVs
zh0Bs2;3Pp!X|SbIdH}Yx1X*4w5K;$_EJ=c-K?&TY5k}K*601y$LQ6t}%t<=r@Q8+8
zQZFfvbW73(-DLEcc1=rF0!)xRz)q4XS&)!Rr;=0{i4~H(fC|*oT68g<1SRW&q{&Is
z;CsG)wUO#%=DgVf{Yx|Sk4k8%Pk6W|<;7$yGpg}vwp7V?RTdb*UAiM-OtBBnL_=?Z
zK`JZBqVa(Qb<r2U^cN~+V%xKPfb<d!L{fr>(|G2JR2#-BV*1TQyc8N%CK}nfm<wD@
zApk}F5?UBZsBl<n>_1vaRE-T&7)q4MQWCHfQg9=_25oUnuk03#VJhVeOsO+vBAd<B
zHnlpuPD0v}*C-v1M%KtLNlcYY=|k^qJxK=v$if*42o@Ym(g{jb01x_uQ+g{s#WSDc
zJyBP^OB#v}C<I@U87Xm>Y)i?(6RME|&_p8e44oMq^d-AVznM{2+>vsN4io@T9aip=
zZ88*IMJA;3_*9AR7o-9#o{IL7XjE6BGht1NrPCP!l@&+8g6pI$sXS<muXkgE3ZDm_
z;!j^`bBmH-2-3zT5=SnIFk*skv5;!U^1DX7kOvV6K@;UxPobu%mjFJiHk3KT1fBzX
zqm)qyh6HPZAod_91xU?3wH;~!TBHP#8XdJjMpp?8Od@O;fEc;P3}OXrFcxWJ<0E>^
z1$BWnL5T1XGX$oHnSDSV#v*IHm_pR?3~@$u^q|I!N<=7qx(*5u!<Pw2C5-S!t@Os^
zp$`t^Gs=6m`D#Xi&=Lq#3fy2%$rde*9TN-sm^}2Nf@U;Qze{a~C^O`sNwknk7bEB%
zqmF+u%dX)xMMj;JcexnK2u?UqlBj452^a`?;Pow%hi*oT>Y_JE1EHRXxvCzh&>7sM
zlW}Ayw4k&x-=RA?=+jep>~CPvmv1Rwg9dg~2uDIMlA%wAhD3qO(_{zT(^}=tIQZrV
zJb@K2VIKz*cgq-X7hq=a7&`4D$wJD=AZo@5;|_zJ)hZw}GSjVJwDpu<)YUUnfVQAw
zeqA*>)8PrvF%)qe_2w2I<E?>*EEpThND*V9h_+t>$S+bRq7QX`00<FjHp@LAASR|@
zD<4N`QaHt$h!NHytRAp0b~1JgNwstp(##B|Fd<-M0SOHcO=R@1Eql$bii@ZlMMgx|
zv6y(WhZqZcBFi&_E#4Drs20c>0Uj5n2w})aaIxCRNQ?C>ajx?)KIxTMg&wTCw!Tv}
z-_VeFQKfht-^76g&B(?^MdF32=&grDQbweD{D~jWM0t2#{wA>!9tBF=4xP{?5ob8V
z9K|5%pO-}^@REe6c>FA^(FTUZnIQ(f5l|YYM)#av8<y0GZ{v2T0NBtR9l_01fGGTf
zcU)1-t|wzG!5t-tP%{b2*PxEVlcmJDa0Ml015sQAK6@&$N_(DZAR*-6NXCs8;4SHc
zcUs5%ph7AEOcR;Xo@s;y-p5Jc9Ik^9)fgPH2WP<$p-i}l1~GCZHi}NV$rG%|vJpIM
z1S5vi3<P<PA#71UIi{01Lt_1>*Tx}(sLG)-6IwDQ;5P!<O0O|8G>?XIy_^hfj1fbB
zIs#?}6<<)2j^VXuBL9rK7#BWx=6MdE+{9UvK2S$?JsGnciEhR^M%7*NPG9r`s?2}J
z?4b~@k=R6u?nVn4Op=Hzc&?>TC^DT`+i0L8<AEt|9E@;89dM(zcKCritO?j?1({?I
z*jM_CN=btSKeU#fp&-auoW>mx(g=wv8Num<2;x(tr6v2qCTbab&U(;l8Ur(qJGw<e
zNCC%Map$eyF{Kb8Uetpah%%rYKbv@lQ3M<zjA6uVpb-QD9T$Pw3_7zKkxyJfa40)8
zjY+|XV0odqelQ8>64;<1ONGMl)+V->V-2rpV>}beX3%&Yn!vhnrFfDs!oZPpoR6i#
zTVYoEVI$mwdMpw7pcOd9lEu|041*rYOD00okwWWaG|>k#6r5NPpK#9Th)jn<T2>(~
z66Vm&cq$S^^KdYBLq9x#(2tctyZ9+#BDq0kPbcT_6q!p<0EUd=8M2R33Af_QSy&p)
zhQd5FkG<xp!4mCB&K^6WcM^$PWRfjJSAFtz`ou-@$M=E`_Qc0`zjPU_(aX@$U0#p3
zBLfjXHY+|X7Ngl#8Ulvqk;p~F4c9y$TE(k`2dq20XAC$e5&#$c(bF$`h_b;J9q1#g
z8e2*oSZtyW7lKbg=po%qfKO)Gou~*bk`$3R{R?SHMLd*#jKXR+RRa@AVFO^vQnT0;
zH!%mB+582W;ep|cli@c>4?WSCT?&t5+sQEbM+^5*IC8EnUXXcGMG8nyA_Z|sVn!5q
zFA*C30uj3eH<Cp<vpfPvNQqwQR165I(LR{M)rg>uzOjj99CgqVzKoYAXgxk8AO{`j
zQJrQdP75r29Rr6l$(wOlYcfiP;f^Em+n{HQ#UI8ak^Yh~wx0cn#UTZ$=HR5y(E$>O
z7C0T6!W#}apa;@N+IS<M*(}^kyn_D1dNB<6;<fk=(necdAszbEnl2@RAsr-2PwWq_
zvw$dz@?ej};Q6)jeBvjuCE3AORs$vcxPn5wAj?dz-RB8|GkTDD7_yP^TKXqJwd&{Y
zkLnfjH9^z=uXk%d`AJRpd{z_npH`{#{aQ)<LH|Pe&+6KT)q`2&pK5=gcGcfg2kGy0
zP5X2|Gokd`nnapUgk^eGY5n6BRL@kaV+C8<->hZcrsh8_c!!s`XNu{RWdyhW-;e6y
zwzhseGnMIZjdXaqpL^QeU0PkQ;VjC&(XTH5b^ZUKz_*zC!}@Enb=L4(d;WR-d{6{!
z)1_^(c2H^yvk}#7!<W0goG#QDt{>KwHq8lxTsu*fZ2JYw*)^EH?C0?856F&#XS%Jc
zf6@2(S<MTsGr>%rxy3-eKgqW~e!1F$IO`d{tj`}8?jKh_S?PfW4L|dE4d;gC&AOY#
z>z-JD-bxXR&%0ay>8T#A>${|!Z;JS|cuhu0C<0up4zXhsXyZvupkW_!TF&ut5iy%5
zHiK0%wDV>?h1I4{voJ*a=>iZ0wc;M?*6@E>Kc2#>*88vP3Pu;AmxJfUl6qpIU3!jK
z=Giu4dRQK>yYEU_fOkqf-s#@zx(EKeboP9ArRefb{jH4@xBj2kS2S<KU+qbDz5bf>
z-Jk!+j3IzGZ3?*$`WfNIUkHxZ_?RueT3~GVt+YQ@?E1JjDVgQ9VBn*^C(``Oo^+8%
zGeLVZ)E<uLU0Xktr3juXcAZ52n1o+<PxcHL7QIA!NpA2dT{+p-OkmwWjj)pV7>fim
zh}Hia9~9GwgSAR+1xaQM&4xGGU&1hg5M99VFRS0`@%$KqSPtTpIq<9|8QX$6<*J95
z^yL|pMvYH);b4Q{|4k2XgbanO&~oo95L`CT*{GGBJv6ex1@lM`Xd2Gz7#1}zFHwiQ
znB8o&X`5VJN83O}GSc!_U^=zbQ?MD+xowB3C$3%Yu9e`gbLU{=uTkX;?{K<)g+@QD
z|D3nbPq^dTGpqm4)u%J{`=hSAr@_-be;8;c+_?BwPwlyB_^fRIUly%mRF-g>^zsx+
zOpQw<ij3oZ<8OBy2duOsMX%Q{LzgyL@zOoH)Yoqco=>aojiIN<racWUR{cEnW^F7w
z-<>Qj2_jF{XpGcO(UO%i^Bx)L?*6Pk)%wAQ={VQkJV^72-S^+DphPH@r0(s4o9=Xv
z<%!5HU-Z{KuDj1&MctcaA$VvS(@bxZ_RyixV6(Ja{n*{#FgROSRM2zxn}y%oUH8s*
z>EX?unxFO7A~q!JZY~!D)>M8~&kQmzuAqhDiC-6Gt;|U%6URj(-C=vWUu@U&aWc4`
z)?+OuAD`EC)-+Df`bNBcuOB&<5XWgWo%b|a-0ZfljO_{S_w1m(%TJ9rp3&v_iSC8H
z`r7W^>|U)AH$3~;y1oy+mBt^+a*~CQihi&}yWX0g8TuQqA#J!WKJ(=M&j?Psrvg2x
zByU+6*yL&Gqgp=d>al`oZo7IJdm-^!WJiz@KQhEwIE;@ci-%v<IJOJoS%uaQZCB5N
zrr3>)-aW`ePNlCqv##S`S8x0?>)lq2jjeQdyji<zeShmR-TmwBdiK}#BZ9Qj@`K`m
zpiZy66~FRz{h!7M*D4~vP^|=OAMUno@kSdJo@4z<u$Zll`YrqM&2;?Oc+&pSN(Po8
zxC0|UxKq1^6N*`#Cw<<UT$8*#*KM62Bmrl6ar|U2niP`QO}dN6v8w3&e#Kpv$}U!#
zc7lK6m3SwgpI!ZzmJc4x-LhK;Y^|SKK6Sv>d}l#&b#9kV6n+Vl*;+i_jNjBY9j}#&
z=hs?qS1;>!>}1!S8IK&DVE2cOu|F+rlqPnn&)BQ2dt#I7>8Hj|liWGnX<0CxTGyTM
zBphwNWaM*q#(mqsEB(DtaGbCIU)OiCjxxV4Kj3qdg;?)n)sl3bDxJ@#)7{p`OMUXR
zhwqm?=5eLn{LolC%Rk)ULtAFaW39)6Eq;z4+^L?}UOIWH{tnS3sz1|T`>LV>QgN-?
zmgYVoPx*9}Z-~PAzqJ@`Vv7f<YSfB7EFF1ze=XZ>dji%hri_|3oyQV-KUUPgShVlX
z9jx_sPtOnfo<FY7-Q!Zwy=mAqr&&+_fgRw}SyQw_SMbmw-$~pMcQx31KeCd!O}({U
z_TmQF5t<td1vd71>)%J{TBj5`rk(I$vs5tK_m?_uK^K?y@d|t;f@zX84i7eh^0Tq{
z&q;N?!p)t6B@W{^JpmI0jQehmbZT_A-iFCIHAHse7(uvFSbkID&<<#Lv%aT1@^O6<
zo?WiL2|$youH5jg|LL{j8KB0|D1gGrCl@*VWIZ9@R<+_KlrX-m;aUHk{xkXdw0o`Y
z{Hl*2Nkw|x>1Cs35dmEFC13_^y=|RbmaWFFDM2cNxjZKV>4AEDzCsK3@@s+qn}SW7
z__Z5#HGOvz%Q$Ca8y|l2`oZ+rgTw-9e=r7K@5N4Ta9{>L-tw6}GMWF6yt|9l>%8v7
zz7Hw-P?jZ`M^P0)VnjhPID*W`6h%uMMYX9TO6E9{D3P+`QH+!#DaCLcTOYQoi(n4b
zI<4F>;E%e+AQ*IlPJjj&U*y6-2biD<&|Vb<IzR`Q0Wz1lD3FU@bb$7*>-YT6!@b{+
zbIyAxIhjF4o%dt!=VLu<{nvl3=h@HR?^E;qAd?c~zg|7{*-3yzADJg?uQfbs12>>?
zk8yU?fwxfp#7>cLX%=|2N4lkFEB7AP6z1muW${h?HRgp`xayfHw>PFxfpW=8Sz9*w
zjrL54;nXaSc*4}N#;Ec34Hp_-3TiC;CL)NDi*qJq5EfTznng~ZPf_FeMr?SoeCKRM
z_zU$OqL`m8OqUYhDT~C(^OTEac#JM)iEM4_d#iW1tN|(-yT&h_hlIxIs-s0{3);(q
z^V-*c5mL+tw4|bI-~F(Cjkl$Y4|Pcx<XT|*T){?YrHd>ho*dR*n_f4N@`Y+q&arZF
z=3d3<%dD{W`{NX(N4_K<vy;8iI)V1=^z&H3%}TVyREkBiEPhUtooU2k;aX(->NL{L
zP8opoYmHcGV!B|I@k??zAje!LQ?-8YY?5`N%33_UHmq&^ua{b8FrSBwMSyKFm+uWo
z1zs(sU#hOh`+#s>j}_l-?MoZtrK5;Z$ztn?CkB;Vd)iu96{qyv^F*mx8<%S^fA-q;
zRjmvMdi$ibS5Y)s!aKE;{nhHCPeFSLVx6s{31fX}g-|A$9h2j*U##@j@Vk!tL!w-h
z=*Oar-IZEIvY+C8oj;d5I%MN2+~CDFQ!~7n`dF=;zf>vH-)k#%1U4T(SLH6%r|0VL
zT)EKkVePG(mtwbdd}|?_1>l&(>!l9Dqq9+uMcJ3#-v!Zbq1}q@4XddtM(gbk+K!HZ
zv0o6&6mIVxVTLb{0ABkCyN_Yf8E($Zo2A@y4V7H;l``&&H6bhG{{DySe|G~XK+oSY
zn=Bhl*S>2i3|^yWcCQ=#ayj9Q7VG{N%ki?_#!iGXZ2easMaSJQMh6#mgezg$XXwUS
zi}dlOD)YNF>{{pjO3!$^&+c@6sE4=3tYwGX@{7xIulWEqowO{^I@`?h<S5<jT0!b)
zWi}iQkD3V0&+ZeHM-z=^9`0Gpuv*XO#>@V*v#6LiW0yrI$adq8E$0fH^&6AF={3FC
zz^WzJOBY*cay-4P1tA>{`c;h`Yv0=A>hP8Q0$T3NLAqQ!!uk+Y53lXj{+MEQXEAQL
zU0!o^*kS9B`Y<j|Lhd5GF<lJPyGVE*ll*C-&^=g<E6pvaHOctzmLs{C8}XFjS{Rox
z^^*|SW5RIvvOx^@cICy$B5!i2wRd(pv#g!v>}!nEwS(iuv1#2zewy7S(^xy+`y4@<
z$RM9H((TF9MP@fap1sH?dl>UzS;(jzQomjG<&gnO`p=ZCCPU{=R8E?I_TE0<V!^SR
z6g^*m79G#mrx)wYv-RzTdQS%Ze0}QmP7G^j(E;v$yZ*AALDoJ~S(IWn&R9<9bzRiw
zL|<?1AXB5+M@zMc8!4tOb-F@Kk*xass!!7ex!q<^VtqDH1j*t{7UDLWg!Fu=j#;p4
z1abQps=WDF`}W|4N`#-OOJC<J%{f*VLC+0esdq<Ssv}>l<-rRr5`U?}gXp}pOkGZh
zJ(PL1%AczXlCxGB4nAGSzEqOfY_PrV^uTDVWmaChZ#*yMW9yE9wWD_8`F5<{AF9{y
zw2KQ*W~u*n8L+#$^*5ZRn<@6$(n5x_QoLLQp!a0nEIWK|-VQ8|gn02ZFWaGhTbP*I
z(F_iPGV>c#+~xISt?31_;k9Qbqk?M;(=n9HB5Qv<He(}e7A9=yvahdm-gGpDy7g#w
zIF|>WW~pa!{gdr-Av=tAs_Adm_p7xpca-t5#U-+FCLO7B>EJ|N0CFh`Te3?yL3$#s
zZZpoWU99wb`GVbQJ!P@HUkKZ!rx)HRUH4g6E{W1<0vwsJde{AX+cw3gi2|4;Xlj>W
z3y)Xo%$wyWzgM~r7KcZ_)U+eP(%QUM@@!U@V6x+DxU;vC%bdek<`LSxW7*pDa{VmF
z-tef4Q*eXfJQ!mc*2Zm&!y_bFmiT1)+&#WwdciN2#hIRNE}|#A#iN7qzNiNw*?QDU
zEL_%DBFRZoFGjAZXLx|`$Q8qvm)AH~Z24SiNi@SNq+6b(LAA>w@vqJX!=o3g&V16l
zx!oT7L!9kziP*#K(<S%esb#glShBceCL#P*)#J-cS~|6??p}4QGSCE6umY51T(cb4
z7deU%?p{`BcyP~pU)K-4N?>Wof_i$KwbQ)rvz~=V$T+($(tDk=!sY#0_a=IHDSnjg
zfQzHbJQIgFmrL)l{Bl27dy2%<7(+{|)gPW%wJtsLp5IN*@HuSEZ-S_BHTk*)ppFM%
zS2>|i$%kQOc&ejf<j?NSq8Gl?LZ&@x^j)ciqVw=YFVozsb46$4#JezC-*DJHC}kh4
z=>B3!*JJ;DDeNtBnlfSL#kKC?EZ&%(s?GP=Szy+dkzsh`_sWM{8esKtE9lbRjy_sh
zj=lDeRvz@t%6q1lVTMN@E&hq769IN9+qT!t%Plv>T=*d}PbC^YH%0AO*6e2)cTd-Q
zaq(JhZd%mUbOhSLiqTBt@3Xu02@@o?e9^7H(Cf=Px4@@J-_f+{IOaWO+Gof7bS6_1
z-KVEgz%7}x`C~8LSp#Q}Y37>ImM3iPbV+WUON<iD;;;MPaB4Z<K`};8hBqBg^?N**
zP%{&n&Sj=oIq>~5L=Njg=5Y5?96vSHReXsDvQ)Qn=eJl;4)9K6rL~9WZDYg9vYcme
z!^7CNt#R08cw!l1NjH7CUiX#MclmmFd0vVSor!HOm&EvEnd~9xvMlRwcyk%j#`%Z3
z^g6w2mjyRDDUBr48m++hzEd@5q~{c6^UF8iPyF9)BFS2o_h5t5@7A2p#Z0zXVFT~e
z^A<6l#W}?C`05^`$TK3Hq&7cJ@jfhNxREKlb!J%gsdGzMk*>|zM<&kV-E4%K-Dn?H
z8EY&b;Y{DPQGbz<=X)BX*F4(}?<~Wa{I`#^uetZl{NuQ$+sc-=k`)b6ps#Iwrlegv
z_?yG<jWEO*>1{^f<vSrY%hAq{vSm(;hv&1Fth8W0@nLvjcFiak1tHTq#G4g8F0`nX
z&F5ciNO|Rk255M?A~tM&&-5L&N~jh)=Yj|=EA`S2Vs`*e_u}=VC?_IHa}8@6)TSv?
zAAC9Kycpe5V>UJ`$S+8YwpDRH4_Tf+MFqptn`Oh<EM*zrEM})IpZMG|Z!`9eShCD-
z-b~im>OZpC)GO|F25^P@oyJ7(787QN15^#S_Sk8Ad|x-*sg~Az9%93rteQtpe=z3L
z^=%$c)z6)?_#Bq%bh%e=>-6+8t;GJzqRV!z2RBQ`?%7s$lP~mDoZ9p7T^^boesR-j
z&r1L{+oLYl=sL%Iu|CWH?MYb94}Eq7E%eQ8Y!9t`>EYDo7{^PCE&`FG^F?;OvDMlm
zi}Q;U)gMQZZ;5z48m+C9?n-Sp&Zt}~e7ntv#@!OugY`FNU&DhbZS^D>TrPS~N}QOF
zP0{akZE;fiwij#lD4Q0ByB4J%PAwj@y`gXN8nrNKv&}24q%O_J>Z-$NmrgoUChgqO
zv9O%wm$$M5%kRm#i&)u>bAPZ|0GPk;;BSw6cMzxRakSCj2nXL4{xqAsu@beNgLjXa
z&BBwVVXI!AD&>vtLmkd8<KuXEZ*LmX7E3SByGI#1SNDzNX`zDJ(wp@7gG;F->^0+I
zRby!ewAfQJ0vs;X_L)=FzrC;iw7mZ=8u)Hq`+#-V4{I*){Ke{Zc1>>@!LZh)Dq*c*
zw7VY*%hjd6rExfw^{f6!c<g}F^o0G!RRnG2_R!(3@$<8FjIRx6M3ChXclS%f!)x<A
z)wL2wn%@B1vo<<ER@pi^pKZD@4}G^*FtQo3#ntEM+g{AX$2>4CF5>3z4#REs(Rsqi
zE49Kj-{w9t{zsBwW`%AV+a9aPKf9@5?Njspxb;q{KDSEdu)M_=N++l1TdYmG%Wuh>
zzc#@7*Q&1*rORB6UAt#_-Jz{=PuB?DPG$SXGV3*o>o!YI*YI<LJ?-o_cep;|x}fJ|
zxE*tOxjY7F?{c0S;;9we?X??Dr;_fDv&B`pCjHrYtE^`IY%OaoyqxDH<@sHCkYk=J
z;yE9l`{BtIo~GgXU!Db`jAwi0xgegI;aMo--y$OAAb1Ir_Sto3AM)oI)*0?}6_XF=
zy8LkO{P?=R4fpo-%;{dG)<(PLvY0{Y@oHhnO3#UsBoh!v^W%m1<n2NkPFuSSU$V(~
zMQ+H;Rw6S+*<8=~WX9&BR*grQ#_J+GjC5hH?yB%B)xzvL+YYtsCabJrSY4w(jGZi&
z{><4)?@V7&9xh7{#IK#}$U}{Mx(X+6eY1_X>mCb_H#v+M*4h*O+R%6`?O`$UjO;dM
zi4|XJBTud=P3!e-sq<Q&x9sq=O_DS>dyS;;xX>s3;pfNe&*S&$C2MKs5sQ6i?lszQ
z+Vb%7YI-!Qb~Dq6jcF^>?0N0A)mqH;@jl;ry{ySQvTDC$+jT2&zkz9t>C@gZ<9NI0
z6n(=NXICI-1@6WxQ}bwrol(Ox`O@aiwKc``@HsONBkebdO{MKKt;FE-B}p>$>`Q7~
zx1QF9nhEynr}5&&+dpSpZnY0SRJqse@t*0Ot-gM*`2AeH(vaLKk!pB#x^@PO@)>1j
z*EEyk<k={Zn2lWH<;xwjuho9&Cd=nut@_jGF)LT>u!|<n&zH}&{5)btriBUOX<6~X
zas9~1DK!iI;(o@bja^37HuO!`k>)uq+RHwQ?xQy}eQrKh?1xcl)yi8vCs4XEHH4||
zn35zFUS`6Oa3}1MJpN9BLjrTG9_8fDU=QUwR`&z<Cs{n&K6{*>J9q2nNZ(7k`-|(>
zGd1+pd(J(>)$>`Yv`rl&5JLLdX5}(}hkP%YdlnPKZ6xZ)dkeXjwYL%-&3>Cg(e|ai
zBoHLB2517%+~KvIp8F9;%XWxy(RfNK-6gw=O-ZY@U3cY8Z|Ugcf2J(@_A-b6+PStE
zx~Rihdj`adL=X+_j2RD9bN6^z>&)&UMt@ye6OHj9PQyJyrcE5PVPkk?p3s+VWXSK=
z3}>g?&gNU{{hEwQ9^&}1Tc21C4@$Y__ajfWJ+wt56Y=@yhAc}(hRd}13r%opBHald
z#qtLz=uZLKlXjmNc_j8vjlP;KMb;{=z!9Ol`Z1O}P3*7MC2=%dm+W40*QonNx-O5`
zw=6#Nsq=g7IZ($-bJLp2&CBqaVeRY7r`;rBIoABWmO3Yybd2RP<qu-JBvXQarWOY-
zRoUq+4r@;>!_=~pOH$a|1!~D#)57zk&yMM&kTHEgozyR>`N@)GtP#!A=Wv?`UH(Q%
zSz9@4SNJQnv{9d4c%~A=m+H7ju)bJzKU5zNFT*-CNu^<k1!z)o@?uF~OR4AD*ogXU
z^`7bBv9=)*-ex^+sAXHo9O^#$KB*>gLUrd$&!1DzM2BsM+ovUlt^e-DR$ym(p3NJh
z!f6w~R?T0mftX`3RAzAuna78XYo`LD%w`(V`@ZphI}{?Nl(%b0;I`HVH=Ua-y5nf1
z;UxK1EuE~2G*o03>H#TJGD4>vG|N>y9Q;l_^kBZ%I0lza*l~V4Y(4m1%|-lsq5iqL
z_l5dr$EWM^zcu{*VYuu0I&*1wr0C!?73#bW>p3>8Z+|~n<sR6rrJ7+KYONhPUMp1E
zJ6<sIZ|%fx^%hDW-L3TSfGjvyey$aO?OuZod!SiwI5!=CPoQ9pMxx!>?0#|Gps4Sm
zWsal;NCE2F1ATX9n~sgQ*AI8j_CMS+4Ugt6c>vDv==6AZdoA`7Xe3lk!r{pDn_KpV
zN2a(LTkErgmnI3ta4Q*6z;N$QNEja8>CA$K?tzdcn5mx{E#%xbp7pb%X9^cqZichV
zbjr6@UN5N!ug&_J^|WWpf3(ax7wVnPvfC`EXg+uRnL3))i`lfBzhwV)EBDB<9u}`j
zx3W(xEBmGDN63ml=4xl8;%}|qJ$5Y{_hw0MHWBt2?#{I`veVjQh3k66&XS|`P@g47
zPt6?lOxrUHE%c+aE%c-FEm(z%3|C5;Z<VC4mqeaAyVFtaE|%5q^r+`@f47az(Ra7o
z^%UQ+-PxnP-PxnF?ZViT3+?u?(d5`$KRVlPKRVy8=RJ?|Mi2J=KR!7c$vi@^YkeHC
z70pG-^1EMe(?eUO>od$At)x^~4X2M0Xf_RMcv`rtVwM;9h3D!@XCM|oNdR59_&XB(
zmo62*B(3YK?0xkotI^}N+1V>keG)Y{Ijhyxet&f1si*qBy3W&m=V&DR&C-~Dmig|m
zdA#K8{g3HqVt7{Dc+m3Xef!?_7AyM{$O!lwuXFviGjHw~816G=HBlWO42jJ=ZFx9Y
zXj%8zt+H5q@81hA2OqCL@5+6){wke5_+<TIKa*~+Rj*#FR=rmFdacs+TIK7tYSe4h
zd1xmYOx^RSui>~dk;N0I$>ecgU1~o1YkJ*rJk{rVCggc9*%x*%FT;^_7&(_@@4fKZ
zc~?KA?j|a;tG2O|ea<6B#tdhE31oQmY_$!SBK))M-5v%zdBrb%Kztq}RnOY}RM$d(
z5ZdV)wZA9o&(qP{1JG6|RhBt5FHQD8**DRrnVC$DQ=j39vxQC5D%z0bzt=o0O9x_7
zmwGy`y0TW+m1c90<if+#i|viOFM`=I)1Zld_E}FJerjrm#nHsux*v?$Guekn#Yd6w
zN{dQ;)i6=D?+E2Pn^ms*di3Eo@xxKZ{~OJt#IyOD$A+g%&f%p+d1j^U_dxY!m(6N%
ze(%t=>L>m?JiPq;g_58ziDd14xG#^wakZ4^D?t<P-5c)7xfjcd{Ypb))I0IynA0og
z;ft@7OtjQ-INT%uT)bvB+!wphhh?U$uj*g^m0ti@a^_QKYes-OjbOyiX6d(2*lXf;
z_r;Rd>Sbbs>m7Bp>4Vpd^<JvBvST>YzWC4Zz;exfp=qvKy3?4(HQ(Vrqjr@8dq1~5
zmgr;n)P?#k|0Z+t;xE@{h`3s3T)+Rl8nNH8SgMQjUvBMv1kAA{7mK~gX9=l$;?(|y
z%ZEEIb}#o@v9hJsp4%^Pakw+9#X-nBHLto-m~kg)W-M*iaB}Y+r&sf<=OgZ$!x#Pd
z@Ti%pJdths!$;ZYQrRh(p6T<%ES^1%5K<N+ZbSd+`O<xcoNJX=w^_%|jO>kQwf@0N
zW$P@%V(zyKd*g!U`NG3IfAwp2V>Ti($eza~#6B0^OM;qvR_1=8>YuHiU@tMGFIVyS
zi9gTWK@k7!QD=7koRx^#W#F~-ZMMEo<}rGTyzRzP@p<R=lhI{HKyNf4=ETB__slMf
z%Fow$7qh!&mqULS)7__ph1|5?kz__PJl*F;k$*mhcSb&5h@(eYAHF=^V)5EOYG1CE
zmbu#PF2_Y3cDr|0YM%3ibt4Oe=i6xCC|l<)G<UFKbnQ=bWzxPmtkn`*=6*py_6&}h
zF1?6~{5wpvTl>TL7pk0olG`k6bIfpdZRw@u_~~Qs9vrFmW{sgZFg&wr4frU2sda>S
zZsIpRYT=z)T@kU~E=KX%7DJEkR5nrVM!5%ixr?Qz&Qv{i7Bimi=jZ$EHtno^ZQ6U=
zkHb#<TNWCw8xFNxx8=?9-euWfa^&RJyOpWze9v|&SKhNs<@bA*sqBBxGL@(AS*B(V
zdzR_*irvOubCn$*|Lb>-GA}U;F>@$QJvg6#``-WT*%|IlCNvu>+7-}UCElKy>{+II
z*!rn-!z5XnB@G$LbNaB6B=5P#fFvYlNI=LD*rsLs)z{v#2QZwk5^lcii9{!W<-|Ii
znoXm6aOlqc%C@Xi>KbnEwA_gMu3R4PQv%1<)?civsb}l@=lPO(3}_yDmw-M#A2y1=
zSn|#;lef0pt(v*M(kH-KdhE~XncXIStq9Mp^8yH>9iE==Us5`T`#vpM4EnA2+rD1y
zm@3sG=EBCp+3;q9fz-0>k!Ac#MF1#eXj|g@RU$#tl#4AT!I_{6;C(RyEo(^)1b1xs
zQi0Vi;2t0=0a%=HWZ|R-&a_&Ok?J$TWGgq*@nhBT&RmySp1myADkxhNUMkF^#0Gs?
z%3>^=W~4Fw?&T?F1Xkv>&u+`n>c1lje>kNZ`=x@5*<_U7=XJ|QSh?LtVCYk=&wU#D
z2p+PYVAaJc;Be==Gjb0{vUB!q5sxQP6rgMOj|-N=7eQ^h!DD*&$++q~W|;PIF9+f9
zM0PdJ-s8@>y7P|rK|p~SE<#&7lGPKGrG>gWQa_=?MbeV2hqYq^=*g8Zu|KoLwHq4n
zt7o>740m;%<Vah|S~ylwYwlRP0<dtb)?F5kRdiiAR?&3fSVg^sV-@8VjxEY;?RLJL
z__lbgEI!ws)wacB70DOME$YB-*7<UNa%T7Fop`$YT35={2zFiTN~s#tu5neVRm$v@
z1!-r|ZmuaT>R?fSekN@=u{&3dxp!lxqnSO1@vd%%cC*2@LUL!vEnhAfZXi1=s@2=v
zk<#Ye5&l1Ir8F?}y^uEZy+$?jy%0O|z0f-Iy|gvcqhCmzKT>_pm07G+{mztW>&$aU
zN|u=;4VyDZ?7ZF`Dfy|Sz02%{ChhEnCS~^W6lF^0w&pF*b=}39cwZ@>*Hl}1pBZ!W
z#?vxfZMh!A269^0<6H^A9oa(H-<7LgPwlr>;p<@iirc}L>hDsm{l8T6t>MsSt?~?q
zY-JhlwN*soY1>FPYh<tCaPVA}@e9Sn`m2dLw`cQ<->$8icV4WvUa2}~>pFaut?T>e
zE7`H-<HoTgo&{>-OxnL#D~q1><_U1w5Mr}i$#UE*HS1o}-4>pWJ6&lR9^9#1Pilt;
zrNsT0`IfB+8B_Im*M*j*eY@HhpWInK+-Kd66r$K%&-e5m<Wn{;N#p8@d98`|>#MF+
zSP$K-v!bErZ5fs8Uf(L#TrBxYl@JA!!ivko?Md|=dAqE0p(JrF<XUTa(r;~hOWvl(
z$??0VW6-0Ph6mlktS3pPRCjZ`cJ2XsuXbHrsxu}w?qy99K3%aM4%UX8gWs&bcMBCp
zJRG`Gtqq6h%M%dEn;#CCUY!|kk5%oFQO=ae%-^VHEPLo`jdED`n1AcTuC-;aOiRM=
zvT0Ke;kjwsYgR{$CYolicM4l?wh|<vo9(se9kDeh!H(Fv(PJyovDK}npQQg~uNp<^
zr0(*hk6CP)+H`Eq^?Xn7!D`Rz)n3Pz+zH}MuimTAZ<LOfV{5Ub2sMwb=%-`L=Gb6s
zuHSnyxw+PQoXAuA0md=tG1#(BJ;j#n&x~TkmT$Azn!!ljpWC0PGdnS3VYw?Q`($f)
zFjsoB3anp#CKEM{qr2hYZ`G8~3_`44e1=qCYn<;(8}^E?eJ=0IriIppSdnCY0?N03
zmtnW!+Dpf)Z}@npa$xf|`Z1fy@_<P+RL^dEBdf{d@$H#Wt`#4zxUhC>cJusNu?=>c
zu4L{!hN+e^;#@0?uBPi-eG(f_&B*MsdZ<>=pl{mW;@mGb>SJ#?(oD2#Ir+>HcWDjx
z%G}2I=~H6haCGsEv)dWtjSN`Cb*$RD5sMes<gD6NiS=Bm^{w)RlYOmrR(pMH@i;6(
zR~gZ)OqEkrOOMwm#ACT#qV<!N3v7>~&R4ea#pTx@yUzNCNi(PHBI8lVTAzLPpR#o|
zv|20#d}X&5@gV+oO#t66YZnTvEO*bbOaXU`>ul5O+-+aMIWn2~jf*g9M#78LW0pqJ
z?>iOqm;P$a%yR@ikt2HU_ovahc$O7i%x4srivL`XjBeb`BT6~r7*5ptqOWC9sb8(_
zKXjOD5ZJI{&At8J3L}`#rH6a_-B=4}jw~Fx(aNRL@0;~6e&)*B!jZe(v-m=dJkM{<
z#^T|&bM4rrdXnpK=TxSOn|DqnsqYWHG_k??8U^f5BT?byh@V}~Vx`%*BP<eThVDA@
zQ19oZ#;{qox>#js9mAFUhx~5A@KBdvmy!?kGVF)%=32U27U+jA$M#Exy1sp>uK7MW
zfBeB*_a$+^#x+;-=$EP=IL`e^b7${<rs;G3=%w<}lk<HYeZEHQ-defZmHD#|=!cH2
zNkP<Hn@5bmQ}DB7SYvwd`DT%1BG8u@H7RjJSLaI4od*&(ud>Wt=eE~L`i|kU!KYlG
z;Vq(}<ybxwp2|+E##Ilq@|53qEP1!S6USriR=;kXI9r<Nx6X{2)Wtfc@4jwW*jR^+
zl6K)KUQ>>+EZx0#IOONjhZo2=t^o4e>{baEjmxRaxeyzhJ^5FA%a*ogRZ6xpU7TI1
zwfY(0k50B??4|A9taR1hr>64R4HY(<y`nm_pQ)Wj?pcelw_GE8hUD6EtoK^JGMjI~
z#M)Q($~)593xyA}i(IikUsiS9TVL<))bgvVwcI_2=gFSF)zJUePOX0V!?bFzjl6A%
z9$s3WIZX4b9uGaI{hgAQwVYpU(H)1Y%DH<>%|@S^Z>!^CT)`^OdmuZ!*+e!kK3ph1
zv=Y{KiSBa#U76Gl=dE1qR^R!Z>${5g_%8Kxez*Eo{B}N{yZ(2UFXwlwZ_ne-=kq*-
zcK+^V`W+6|tmMdS4q4gZtv7Ps?N61PZhy+z<h_n1KOS!HpW2UwS4LQCLiJiJjrCfq
zZS|Vmv{nf#=WTmJ+k0~0wlB1OulC!!9Jb4q+wpoPUai$HIf;p)Z}yAf@pk>;QK+8s
z_r=EGW;Iq8=Iab6=jTBGaoe$%OLXQ%@&z+QIY(PpIcioS=Dyvs!FMZHnw-6Bl$q_?
zmH9TF(notQjkNa~MZLGH#O*!fhPE6}`NwFmo$uvKi|u>#*w*svdt1M6?`5g>p7yNZ
z<$Kz*CYbMO&vP~Mz1n+X-cOe?^CI^QTmQv}y(qTX)Y;R-Ow+SSB9%z$J0+SOE|mRt
zZf42mQU<$L6p|~b-z`F6w&fG=5d`C%Y*}iWUSb+fymLdEq%}fYE(hi^l9W$9cNPw(
zrW2z1^L?s+p%TpBtnwG?;@PVeLcs@Y`c`Js8{6u~-!(3Wd3f(q+YY)yNt3D7+RUZE
zReD#l0JviB1<6PD9#P~hy{=rgMzwO;l6K{?<zjo-iT2CERw%W1ThOptsdDu_del}C
z!3w4JmOdz5rLCftwqbu~TszZ3!b;^<L#s{jtCuVduYgu<u7>Mu!C$q_vdN0Qm#?f)
z(&d}g#-0m3tG2n?*tJ<$Tv5)|#;(oP$6n}NvG)ppE0!!2ufPz|{Az5HvZbk&+bvzK
zTy`~9B|}>XU9sKA;Of!6**fjUulHBJJaOgrx1-#t)#S-dLMc1!yH43@-*pNzr}r;g
zp=aN<S^~H)`LZOvzcHy(_SttoHKKjj*{{CIR{pW?e#%c)#9Q#Q-|_Q-{f<SQ8q2;=
za3hA^M6L4ao2XTq*mteR<wg6lk#SX>efQM1X5B=so6~!t=qCEQxp7s@x{1E_%SH6w
zBE!D>YBAy_YTXQ;Y*N|3Hrh1%CM3KWY_uu-P4rdRICQElowP~%p|&~aklUt*dNse?
zPh{Di<?Xx9YBsTalMLQ#%RN^Z@qDeD>uWXp&-Yb~d=nC`X8-xVR*NvbR@2@J5os)6
zdfQj|(%8Prm#+3zzO=Nj@}-}do2YkME6I|*#XT3h#>a<SGPa)5E)uodxcg-}mmpji
zw(Qp*Ca}Df;ht|-E7QvoS)?8|S6Rgw?;CJYVP3*v;jz9;7r=K|?kwx>aHj0I!<n+!
z4rfZ&JDjPgvcs8*95*&H%r3>Y+xB-j_ZaTl@m#feV>?CKG-D2nG!NME4iby4<EElq
zWZd2iv2d}k>v_7Vr=g_H`OF>`H)hDzCR;e_XXb3xpIwI>j=I?Ca*WkJtAe@w<6%ti
z)J1V;->L;?(!E=HoiE)t4Wym<AHM0Al!n_~bhP12JHt_{i?fga{!-z3`}eeOFuMnz
z^w@2aW^P<^X}NQA-V0azu2YEHcb&rGzUr{beq~c<zp|-QvVAI;gM)F+m4;|etF2U9
za<448-XE{yc`qs3_v*R5S8MIP_^-W}ueJB`gRjlA%d(~Q<FyJre+Sdq!q?S8l6C3n
zy7uBlyIewETlfjjWj(nRVm<wIwd^NAt&+RY>M{v##g+4y8HaXL@01~zwd^8{XSr?G
z#gYC{lZBR!@1%2U-5!OVO-sX`<yeO`SdSIF7qi?NudXxOpX%K9C$@=q4-f4wMSFD9
zk@$+$jBJ$8W+XL7v}A=o4<adB--cD>Ta}|N+#;A(Nb6zVCF}ZjzSQ0!DyYkQA*!v*
z7-z=R<sg?^axw<5y{-{zqxk&Rv|VSmKNTV$ezDp3owB;iVdD*^os;lmyG8NQ`I0zr
zo~vFhtZe^`WBvFn<YeOup4zO<B`&!44I|@?HI0KG$VeAQmYXeyTg^V&xaw0z;+RiH
zluxCh?N2n{%a!JDta0<#w1W-(>o%ym?S@a<TV5(_$iYCN>7lfv|Gu5hxu8`m)$iFc
zHrX0$^PEjiHmCIm1Z1<N+rV<YDq9@7-{Fk*Ae{DI2zkI(GI6ADZ%O|1g=*Ip&*5}>
z$W2WyO!f`1JKa!4`)f~6x3=cyx$&OR#p_%$sD3A6ZS^?iGOK>veAl=AEY|8<`I^1k
zR!j3W<7*cpe|wr+^|F1NLbj1#t_Q8zF5{seeZ*tb!&2JrSK(xWw*9b0N%_K}M9X{Z
zSL1%8*z025Di8+DwLBwreptXOANRM-C&zcfvk2_LSlbw0sazp^7tbHtGtxq4%eR-a
z#C+LSekB=-H5c-v?mM$%DrtATb$Y&J^WGKPEeTd^*Vs#nldIVvrJE-9S!4fw)EM^J
zNAXh2nD(+KFEVO>g@Jw7sj=+4PK{>Yb@o4=mSgR+pLV<0zU%CNJdanbSk*6jgxTAY
z+u6m6eo-<0?(Y^O`x)+UmF;Ex?csrqqrwR`9znP~_Dtmp4eht}yteRi<8$HQ#^=(<
zjn5^0`@GFDH$M0Bj`#9DPs^8tH_BJm(LU2c?>ERDkN0*Q@9p^9+wr-#v#qPvrq5j-
zpL;t#_jY{l?f5)xN7g_mj#tKX<8#H`+xv0v({D9~$+_zN&S}XiTaT8bb&ttw@3-YW
zqwk+d-9MMqclOWPQkO=nOna}9wD%fCd#@3+_maN7m*nkT?i*{B6x*M=9KFAsPv6^p
zG&y`OIo7Q$s&jhsP7dFl_f8(~<nc}(@8mgMQqzI=s`us9W<HxOKavC4lKF+gwfEen
zGP~tyd!BRoX4+l0A$`Z0)WT2iE}QQhuk1FrttCe@|Jkv{S67qyr5d?gcg9E0?Aq!#
z_S@>k(r$iU#2%@>N->*V?l^`ktM&Gw`grrB>*Gs>!5zo)+piYN_L|Wi-$6suEOfDl
zmSfj8#bufMJGCD0LR%@aSzZ>MTM3fAj`M`$wKI%Yo!LPGYfiIIHzCIqrSA-D-&l2w
zZfnWUELjC0QJ)dYfNk41&oB!i;SM8y&}epUr*3LFxmStwJ-K!9>mPmuFPFBhpNy^U
zApgGlaw9_4OP2eP`SKe}IV|X~b8ykm3mq@5hK`+iVh#ge+m8mvQ7xPA?=hx(+&=KT
zbxZJ-8h5tB)4=e;Y9rcQQhN!eSKLIO)>h;EW|4YeA?eRIM&Dj_eQ8zQso5XovYfA5
zAGfBD(#fm)(Mj0G%|4m^Uv1l+m+0o@{m46OryYEv=K5KA>^}(ASJlH;%WO8Rcw0v5
z?mV{H$lvsLXY|+C0#><-mwi^UVL6V~{Z-}b`q>ADR@8rQc?HDW_sxknO|Ll=hQ7QS
zhI((jceaI&)H%j@Z8a3_-R=?#)&}~p!!oT77gz0h8F%i0;L_lH=^OaDYdm-3*tPx2
z&}*J8PkFOezs1WjKiEO4yMCv9*$UoRa#-=EqmlW;(R;9RJ&v%Ce_FoB_u<~<=W*12
zHIeo+qGj28^Wg<~QhsN7dV9l)@p;tG&E=s@%G-MOR(g1CH9xyh*^ey44QsNdtSjdB
z_Azgo^R*+cBBqvSwN-ERe7oHkH#+7;V?H)wXmwUtp0#vFS`u5fx%Y-OR@91H)2!}Z
znaK;LJhY^*Bb_B~^tNKQ-YrfyZXa|HNY^i`_#yZCD^ktg$I1BSLg|Hk^uEP%-T#Mc
ztKlRvPUTw6P&<B>=w^wei}ec!-(1am_tx0F4tCJsL(z;!F6^ZHVa3SOWio#{Tdn2B
z>^yk-+D;a{H@E7JKV6wjrLF}0HXn1v(=5O}K+{LOOmEJgpN+}z&F}3b!Pl-Ye763y
z)o(>FO|O_?@7L~2qUU|CHd(FeSDmcv`CMx+brW7zblOVO<lCv4bG0hd_GKvRM~1T&
zm%6or)b?d8JJ;61c0AkGpxgD%Wp!QCYf|k}zgCTQJln3u?kIJwN9}m7#=eVG(c*3;
zqS3ud?B0tuO2%E}P@-1Tb}7M1wJx_uiL&h;C3cr|d!OJgZ78vOFG}p*i(I^{y-P1y
zyB@awaV{S{(U!RV!i}ZwY!a{?8!T*$bj+`4TP%69Et)9ncW2bJFzKi}GW|5DGM@OB
zU)r|dX|de9%`<-O#BXxv0>8R0-2t!*_I_LBO#4=@@==SYGlO$=nb<@iuKlWn_oy}J
zpDbZcHxY>*5v{^LS^s=jwk+^bi}z7#&yq0<*8A2UcIDgYYHW6d(SSW<R+Dx7WQ|BU
z##4rwtVG*)VOKe`7=4UGhrOQi>ba`)SgWm^wzctO(^s?&E?`3r;3}MN{UJ2Kod#X}
zal+|Tb!p{^I$}G9W_83&5si2d>eV1L-Azhx;$(n%&!rkiJK}>$_zXssgGIyqNQE;9
z8UuA5M1Mh9^iR-^GKw$|r3l-9z}^tK;YTdoN2|G_o~=KmWOR}1E!4?O{3*wc)%f_I
z*AR)LN-?UjBMNQAL!q?$C4>eh%EDvLKsJprqgHd>hlbNuMS%zx1Q<Dy(j0ujU+1Eb
zLmVJr23=+Zd8UL!-ylyHP>M(h?Ysen@094SWPpb4e4LU5ZQK0TAI82shV5xB*L--W
z3LZM3I$`4+L~_h4!NOtLb7Pol#KhV(5aoP=$_$2R^qbmxiNG0PLP2TnqZ5t}KpuTC
zPlO3o(FV;JJZ*wPD2Wns=?fh(v4OQqY9FO=y8q}jS0r550O=Xj8vaPn2$;_(@EfoO
z1qoC^iz9LWL{NGF_h1vy6JZ%DD1s<xj1%cWosc`-F(#b>0`zMMinTkOettWZf2G<8
zgih2sz&Tk@$+M*BnLajtU#QRDtYc?~wVSB*%uUtW9M+!Nzl6V8ljGkZ=S|lwX%~J4
z==qv(dopU*)8aNy6W`(eug8R8e`*H!ZhGGtpMjWy>6wPn<K2uc8U*+Wm*G1{7@dLD
z_B{~ritn_>;A-({PDL8#Pdv}NSVM*cKeFK(1M>;M&{>#U_yw8#%Og<IO28aq6v>nW
z9WVnyHISq+Yeh*B(Rh_4f!-1=NbE@3h};2wZ!f&2S0te|Z5gW;LgPjdosfYIl4d5I
z&>Nn^d&bCVqUQiUUaJSr<QNUgAEU!Crf;N=H4+xo#MVX;S7Q<V>4k0+&H7o#>5N{4
z6ZW7prDG58J;ab#$uK<~$LWh(6w^2bP`5@XQFx3nhMoi?%}1TgYY>_R&xDPDRy{%p
zti8n;){vu`06_^o1!$B?8m&~y!V`>_HrdE{dvTQ%L_&lJnXz2X1WTd*M1J^<)(CEJ
z5s8j{BT9UYMYYp~i(l!9BoH%Z!|^(3(soqgwG*yh)#H=#66(uYs!uc}31u2*l*!|?
zLnf9D*&DrfoFj?P+JhT7QZ{i}-QWS*AtBz#gJM8RcgAb}F{yJ}p<O(o7k^;|#ta@=
zf<DR1-1^dDY8au>KwVm3tF%v3aGQ2wTW9I1%aH&EK=kKq{6p(NLQkwj8#$NJ2QAuR
zJvFtcW#bR{^iE6A1omuGGYeqz#W1LqLUl(80Yem*p%MXM0Se_aXg5NRFb=cDr9**H
zH&2VHshI(~`jSimW2fhUn-VEouUZASP6$z%!Sb1?D+-I`fdgd+INGL+lqWY+XoaK*
zB1)sA7|C&c2a0iqFhhEX>gmFm)do)l<9pzwAFPri;HXdIRy)S$yiC#i3Sc6&dV0<~
zdytb3{EIuLu6}4jiD;^imBoO-dH+~}oLYzlv}jD-t&AXg=T3muwH}-}=aX`*3N@i@
zmeyBv5O##0fW9ThOr=P?ln|*JbQ2ZI4JuIdJ;UOo@rRg%0s%@}#0MTng6@D!nJ6#Z
zL`6&#k*UGZ!E|{4YjImhgOV_KY}Q9aXw@^`*amhq5hMhSYQs@THWuh~rG+@5daTc0
zJPra3SG$hUEtw1<bfXRZhvq0xy(orN;=ef-Zz4s`#J+kAH3e7Hq(=%jViFrs+D`7v
z`r4)yBPRn)BAS?o#7y8=j%$^%;s-IQ9_bV6l%{^Ysf`{(W2DeS@Ju46jXo2wfFvHw
zw4@3_rbjw(o@q%=ciJOs<Rm-)*G~H97tYaw-r3SOb%Bq>(N46atdW8ookV7u?qnN2
zO}~0hNu#ReQ=}WiGQPo61|`Lm2IUOk#Pu{CaRQ5|Sq%f|BIqc14plN1br_a+uGpcg
zb@d2Jaq%*+13qR|QvW1j0KP?GOyQfsc@Mk-B0W)9%A`L4)xVbYr~Q$Bjor5%NSL$(
zk>LU|s*W_>O~_4JK#0QvXwH%?M5yP08v&}Lrx@3W5m}cvrX*=xO3&;<LXxKipQDxN
z%;>e7QH5Lsg22o1QFC-nJM^SIZqtDdgrw<EjV;L^wsagKV23TqMF0AsfdDc*+TF+U
z@E=l;!Um%Y1B6EcXn;^UN%Ek1#?U1A=*WN)In>vovK=(cM4%{2d7uPKYUu-Y%o)HU
zgC4fi4;G+n;|Q8HqFFdHmgpqfgBJqFK19`2#OvA&t*OmEy5&Cxo|-`^TQ~w)hQ$(8
z#8>o6Wx-GU6E@@0(SBssv!OeqZlsB-wHF^Gbu7nH`i(T&NSh%ZGLu(}<Weu#HwGnX
zB?wSLX-0x6$kJ-Ys+8|uqt$?bd<?2J+VDLd6mM24q#4pP0$QM{cqh#}MsqZz6+Wyz
z-?aeY#t<1p%8@=~%jV!gx}ccuK#JClMeEvO730t&?c}?1MiAW7iCW}|1@n!b0_$3|
zIk{{}gzP&m*zB{0<&XXKabwBlsJ*S873rGpxI}WXj=Wpfs9cBtPP=Yw_ucIN+O~XB
zyCSm7*S?ImR(h_)xFgL~Q79gcxW;~Ex)<p7T)oZ%+ZTWEV0IUty#%gtTk`S*g8T;I
zusOd2pqJ~{*X`kZ^TrRUd-Sd!i|&tZZsR*K-^S%u=67!FaG5Fnz_+W#>7MH7&Th)q
z+O?^+vtP<xgdVf{JGFDzwRyXzyywT|`_+Hf;J;DFSZVyhiaZ$JVjn&AT~2-scGhbB
zcO?5xhU}g3DExk(VUuphdgoeuek_EZ7wWYunYl;BRodJa=sIZbyQ%fnlk*a7R!eyd
zb#@pmwE0MXq;t1)zf19W;Us&;Gn(UdH|Koo<h4^WOQG7<pIzOlqrCRos23iZyI6Zh
zOLuDH$_@Mb@#$G@L*LiiUYqnb?z<iq`r5f{lWpPWxKp05dEmP{pq7m2i_0W>uNGL}
zES>ntpJnwIf2^QMaB+S&)^z_?zgso_wtM>%jqjt)OC>R%$TKK*8S_^+Te;i^?1BIN
zLHT)vv3rp_l3r>a=ckLZSBD2K+l{GQMz;3+yhiumMm%gD)nqtU3)MJaUZRP{PV82~
z$UHJU4{WZVpIq>^-D)?vo?2ymi_d3hbr*h*Rur*os6Tah8QLaeTd2QSe$gXim)3th
z$bWXf;4*|Rwz<sWt-S>{S*)Ahm$fjQo!8`kYPbH+%*T+~@q~T)4^WA{_$`)rzCQb5
z>_p^u>R#}N3l-UEJKiVm4t%ZT?)>QPYO(cjd3pWBq(=*3?v(Fk?D*ez59e30Rgca_
zu}sGq>%5*{7+$XYL4;H<7UErR*3XUDk>_ZB2(8t>ujeg%Blzli8}5saXX8h7I@Dbf
z`NXboHTm*mYT5Po&M-Vb-orHiET>aV=czw?$C>zUcb*9Q-D=qn;QXhRLCS2uQ`zN(
z8qp2;+FjxHOv$mchfB6AUlxT$UAe7TT+8|^mzLr0{)3Ko-c`1?>raR(Q|r5XmMO{h
zEK|G2_AFC72KFpd8OWYxDo<}u&DbfA$=FLnE0ii7tx&48v_h%U(+Z_ZQ!A7zU9C{6
zw6*Yr1le5A=)7<5XI!aVjdP`PHPV&J)mT?5SEF62+^XX(gzVWKuPp1YRIc=L-?u7L
z{MyX(v+!Db;>M>gv~$lDFWA|e-Q4{w4r|Y;xrTSJTb^H%Tp)Q_n9zK|6GHHP|4Ao5
z0d=XeKtBWed>zM=c~)HSQ&hQDW&EsC%>%!d-NSjp*Ema2>N_`h35P8{b7X$jqOaWd
z=}yVWC9>p4B^LcOeuq=6X;?byKgN+ynL~Q+P(GDbw?CV&4@aJ>ab9S3KU=bvZEifB
zPkUj{w4ObtRwaD5rqOJ9YW#hNWA$98zh7F@p81&PMt!|>V8)g`(bwu&{bcExUdL!<
zpou)54wTY;Hsgsbo@5}C7psP+SFI^aSg8HQp83LqC?@CacdZ_)zT^jx<OfGdeWiVK
zT-p9z+#2d`Ml+1uqj|B)8Aly|*!*iccgwvUi?i9`UK*ko5$|HXnv;=WIP*%q`(=y#
za8~q}nP6J$Pc582mFrmTd|!Le?t6HSwD99+sr=}pwyzFro8u~mzVto)9gFEay0?>O
z67^>SRVMVcWo^9M=98qHwvoC)b!Oo7EN3z&=cS)6EO{c2HK9+}tMv~N8dnSt?AB9l
zPkEYm>e1-p(X2yb9YgxgIL&A5@J|+0tsnVH{cN3oFVw$h>)&v&+I;Yt8i^Wy@b1x?
zedLZ1ETiSBcm0qBx5sMA_&5LW+3MG-@Y#C*Oue2fhdfj7C(HSstanRqpRLc2*BQ=w
zt_|$5q9MzF7Av2vqmS2jOM|EC+vD~3M3wt&d*7^gZDrZ}T$S3~?oFA^)}C6mg#EH5
z-p|yL&uq7n<ytLSAhfuMCM^AB0sb>pf3r%TDmg8sTF!m8eOJSx`1dF_>zmKjub*hZ
z`lF#)=OmU2o9(Fe$tUWwpXW2c)2-ZR>(g`f*>mQya_RWlI(Dw!<$OfY4i!=Y%Tv=6
zbwrKf<umo<yUQiXljV~>oi59J7T)Vs{`DHt>xBc^r0-cD{Y-s+tV%vsB|lStjPh7v
z(CYE!x@-GNl|EA~e7647J5@)mBVVmvt?Qm_ZC$C)C+p0~s@X4YUar<oSGg$rRGlei
zf7psHAMw+>*Q%D*bIrpF{pHr{nL0B(a-z;yfu&dS&;V^l{wu8wOn-V<dnBvGS?j%A
zrE_(P@vLQIs5j~#$%m7xNkDFE#+4aXjaB3@!mA~1jdJUc!QoVy4PJBA0|G5T^Sme-
zmMHK{oq@Yt3H@vt{P6|^=It1NrrI*}CmTq7>X$g4t5QKX?+L(|){?j7YbpkvQ`IH}
zZ?@L`s`&77E)h5eNSI->YUpz>kI?2b)uL8GkC|-pZ3BP2hDc}6)FJNlWHk=iL?K$%
z=)LBug)&i7h8e7Do+of<jt4cabYxiSSZjZxgk>j6Kn;)(lA|Im!6~0QUF|*7Bp6<%
zOkSB+voYUDcdBINWx1%!M0+cvvX2a$I}_xYrfK?QDfVUuj2GKJ*N*7$Gj)XP5a8MR
zPWvzuR^$2z!25I68U!ihGX)b>?dPf#E_<%ELuIH$UFw0v)E+LsUT#N;RIgX==ZNoD
z>Im3#o;T_UY$i2B7s$f}5@hmtop%NuoUYHgpvEPK%crUhCVr#7Aq@th)+g)u6Weu_
zVI0$0CQ>Sw*dP?mAd?UYDV!sj<HJcKR+r?V5PBqw+E3Q8tM!c$$yPN^ooHuK4xA#S
zJW}v<_567C<k!#<WxU4GwR-55`g%eh*Xo?lq%huV)jwhlylJGS_Gk7hSz4?3afW28
z%ZFyJ)c8@&{{rpL7UYlyU<qs@1%DF;g<7TnN^qbUhJ2>Jfnyj}R5@K|g;2p)Emy&W
zUqMp@1ES~ZnD6{49tmV&a7IaB1ROthOQG7Qbg)Ez_&^J%n_M7U`OC|Um-GPi<M|vY
zJxU7rxnP^f%2}9%w?|r^L7IH1s3|5FvJK9V1yUH{@H|iS=B);nv(&*~`(?oHuQC=)
zYY<({={(;1ShYel=a7~jsm1V_1a=I88RS72Hv{6E0vD1>sa(Vl-iEhePhjSikjv}f
z59^8=hD^Cv>I`3kQNAgd^7ME{!t(1?L!v5_KT)raLOt~M+-G=;=ktiG)dtyN%^$pL
z4fahVJqU)+ODfb?HUVA0W%g@L9&Ex_dA8QDf)J0q>3KL4ZXu5rg6_-pi6<&SvyPu>
z{m=u-FVB98XFu6In5P?+Z{#!9c>9@Z*D<~FSfy%0@f7>9w?su6Lkp}KPBL0GwI~&W
z8=S)y!`YjYSQ}4NTjjTBZ%%GW9eo1$Ur{E|WV6LH)wlr*1BqxpQ8`HRd1VbjRAX-J
zAna2pWsBMgNPG}<I1I=Fr(UoDUSJXdM(!!9o^3tz*90HV@=TrO$!dV58r%)@_yd3a
z3szcpM8<$u)I3>7YnT<Q^}@JGy%Q=Ui;)SqWK&lkWZ{fw>-EX{{@MD3DrMtXYg=&!
zWq^|Mh${IY1~DlP`o%}WYCw#YE1j$^#XaPx3>=AYuoP;I_((9NmC^_6!yil&S5InE
z7EaI(qfx(sX)%U@c>VKVZBPYMi;+|-kzz0<s9R*X4r<rx)Mx9Ro3bglSBSH6lQe~L
ztZ~F`RacL@a7mOw3<C|3ILA4oAg*QLp+aJutor39Th}FPMl8nS5S^<CmUvB+7o0@d
z1g4NWu};_7==NHbk;WSa@PRP^%P9z$Y{<~~F^%FRx*g8y2@hj4cHlo`N&J=vILp^b
zl#M4C5reScuz8{#k1gaD$&A9u;I2NkuneZrk{@fp+{S#W7B8U0XXBMYFpW%wLPh>=
z8s*3vu47{+kWmfiKkP_kUE~_hlk4Wkld#M(+Y1WNBihF(Qq|<+94eW2z$;&X8|iJr
zS#pvXF!??XND_@1dZxgyeM?@!{H7fe!^|E9!?WcMf-bZ3`Al^vR$hZ)xEaRa_Fd5u
z1A$#zoDff#Yh<Qj?g{G{Cb^T++F>RRierYColgP}9Nb%Sj$j<;0@@5@(>G$VBocNt
zmhdA^t~qB`YMdk(@hCu5bjbn)q6DNy_2+7sJk3C*TgqpOjzeTF>YC>zP+$|;ji5jn
z{-zX#Vj{FbWnmM2%X~;c$xLkM=8+hO>KvzB=aggaNGC9%9^(-Tq<*BvyaEh)shp%t
zglfDFFEgXM79}XrcdD`kl8i}0OXcLHWMhsN_-3Yl%rA7+^#A(z5;fU9YcOabxhgaw
zEW~0+CtD?nTf%`PP%J_o28hs!51Ei2KL{1an(&i&X)?iV1`upPJtI+j28{|0W3$SL
zeN00ABsCP+64eX@WiqSyo!K@80SDjECL@qV+tlYztn>+R7~dEKCL^F!Bt<J~QW|B0
zM}n0=2pkkn)xOhFbO8pzF&%-S+CFbqYkUsm!1TE?EVGf2uV{}{+R_6XL=Q$Isu(dp
zBB$~C$Nxyd2hY~l&$}5`Qz~hM5#cJ4-Z|3<&K%{K>g$kWiW#UW6hIiQAcLL*5Q^h7
z5_E?7B{~$L7xCEihd5EC()@#J_>LgT43r<G$q$0k%qzf>QIpCsUNR2jfo~Avc}%KR
zf7HyZRGUnOL=4BHVtRGKnvt0^Mg%ak6<|va0zly#EhVo2C!B)HG6jp4Xqjnxvgfn0
z&}($c@FXNBxz(o$qlni_$V5aL7MbaolSxsMhtoTm62;^9q{M)sTF#5V)BtU4sekQe
zjVt|gDu87tB{?y883)Vg5A)<R3(+%ML5b0GwBh$V&bUZ-MNWsO!l>!R7*aypWEM0e
z=iCR5*a!3>gl@v8AZ`roN?%Zw8EIY8Y-@I5S-pf+qZ<xEyC^4G-g}%i_1+#&(rwlZ
zR)k?xL{hDhH|aJPrC}OpU*myOc4P5O*7->EE3@SxzQxDbfrps*uVRf*YBFfOsLlD4
zS0fshfwam=wtmnJL`+3F3vseQM(N275~`RbZmyxE=iCM$xeOwRqlLTUI@)7=?!#1A
zNN)z;17HBST=-Rny=;IL!ukL+2cdIuTPV@7PT_@y_yE%H>_$MA;vJZVRd5_knsiB9
z*pz3ndrF2ap+Q*TYdj<VS5&_Bv*=s*NR3W<9Mv8D5(ktrh2a#~Jkbj*Ok~hkhYtV~
zFL8+-*edavI}jNp*)nvD{t`(dwicDMDhw)YXCTAN1Q!z6ORNt8u1*WcDd3C5Hxxiy
zU}JDT@g;yDhHv3tTtLf?`7D?6P3gR|4P7UisUH^5mSJK@%D|{vG1Pb){}c}lNq7}p
z6XvPQHy4S-5}qPjFj-;%hKk4YFHs2}X9AC-vrc93@nb%xyhkf+BR~<S<J=kqD8-1#
zJ=vd%AVO6cwC^%1wqV0dqzywDqw5S0k`R)7Ks#EJplY9ul@rhiFCZG0WFRC3Cra0%
zQKQfV8VP`WZf~MwKBm&H9*lu05csh5zr_VuAvptKMFX&<`DDjlbwylx14_~eK>9BB
zzz*9`2gN1f(i-P7Y-g#5;&?rxQaW=3EB_)eMpO#V>Q&ouAq)`f%6(udDIa#=xKU7C
zWEIuSx=}{eU4(O%%DaLbmcD>Jkt8RQG`5Z>`fLD%CwMTy!bz#(8oESu{2Ck$4t6L!
z87XXJ>HtOBW+?_p28_|8{3JTsR~M@=0V)-kIYpLhVTF-4YdHU|+gkzJ1o<Sc5m{&;
zKESaMJ0-)DbSIPQvo&fUlpIp`hNVlME%e0Web!cTJ3bnW7zD2uhNw1t0(ZRD#5=0R
z9XJM_Vg$0u{Wz?e*oZMg*pNUCQ84-(UXH6|nT@LTmCTnx!VNw1<;HLgX`uk<GIBlX
zMJU@=Bym~Bkdtoth6^+-iU1N+5ZZT18V92sWXa*2XThY+golXC<rsvEa5*)VVQ&t_
z38YZePKhuWd{LeH$|qryY$h#K$G14Rl1vXrL31ZhDveZn)5`X+;UbL?06S{}Yx7?b
z17ySEtk|c4%2Egi3S-l>K*voGnzL~fLp3BV8Io*4#!In=%p$?4LB=|;MP!bol)B;!
zm(hk}%%c}(U@-0JGd*O^#Vm;%tX)&I>z|6-Bt?lu6a1Vuh=eEt(PB?DIZhH_LTVC(
z4PECPke~^s;1^X1!9kDi3FlRWK*yPeCB_)27WGLbdV@vusbB8msDPcRNt8tb2xJ)Z
z@I;)rqCQ9fJ<f#I^(RB*9EpLL3lkX+Vwa&fB0w`kaGR(~2H=Qs6Y;YC5U-&<<A7*B
zLIwz(DBd8riLMNcBWcJ05w5ckp&>~Z5j2itP_@~Jx|yc;piWuIIf$Kh;(Ej(f_KS4
z&ny@bvbYU%!Jb|i2tP6aR?<om#Lgv#M>Uih7Xu;3;<6+Rg3ZviFQ$?X7_gS{s7)?M
zA=i=N`X2|M^hejcHS9tRn1M6FR9H0>ZlNS*p>3F^NGucAWl2L#bmOL>VTcoswT#sW
z+FclOIAEL(U5a!5NevhQR(v9ZaLy~Fi@EGiChEvam6pf=jYh<%`hr6e$CddF51@7<
zcSeH2wIdHEq$pkm)me-%K6C;U%po=5IohKMVF4`|VHPf(m(E~9UTa*A2oeYoFtrFY
z7y)o_XtK#?%0G;hY|#u;3PcH)bjjdhmso+;!3PK>G{%;6myFe7H#~8iCIFn^Jp#ZJ
zHE?1cArS=<Ghno%IVuZoGp$MNhdzqcZCF*fKp$z*Crr;5vN%UE7@k*9B4smM2u?W>
z8T|BVs0_*c35ygXo@kSd0K%IDSaqPDIg+(7wz8oWEr}}XIm!%b#9)p{maqh^02X60
zAnzqZ^hIxa;Mcqvp=SC`O5d3flNenfY`o+QMarj`9Q}ofYVG6wbMa5=hW(^76v*D3
zn~k9~zLPMA%nZr-td@qZ;4P{*kjzmSidxZ7f}>Zh#k7f1JPQJQBoV2kIj|p4B$kkt
z+2N18)WW}_L_<WyU<F9jZ3GGUYJpBtF5VG#Ph?Od`3N|W(726;9Dyo0k)Cf*Ia7xd
zd=H2~HOql~5GiLKEJq?MALLPCFutiJ0UxmNTvkJ}c#xSGKQyM$Zc+uVksghQEcD@D
z{FU6!lQ|JBp(ir{nqq4(>XR4QJx2sFj6`c%W<A;<1GZL<oQ`Qj8mli_Ge&F?9nwU2
zJp{mB+Jha|*BcFyMSC15Y19p1CZ_Q_KF<t^lNf?m638p;#{-heFn;p>EQ_eE1}@;A
z%t&P4)T8zuy_4&Kls~==R9aIueQ7H_S$e@K6oG?;9p<1YZo~*w2t+ujdvAb>LC6C#
z+NOMC;eLP#5&<&CK-<Y1!Wr7k^_}=N8s;e66qy52!eTg*gJVU3i`)Q7dkGVfQa@nC
zK>`BfCKqES42bf{pTUsP(10-*52vJA?nh5_qXpUvdq%^VRK!JCCqYtAtV({i6`Fw~
z!O%A&fQ6(EpcVN8W_>%u7TXv7;7Yt=3ZGDChQ@GAE7pnShLfc{L*=P>f#|TzgP2Q(
ztd#Fe1OP$|2EiE=#h5(PYi3eZF9;+xN`4ZL=5L^e9rPnWFj1np;Q}jv1O*1ASpDe%
zw3s~s2wW4X@ql`@nsUUxb$1ZB$DrNSch{%eUUoa;?SyZ~uJpU#-Q{QR{CF4pv38-`
zJrX|U{)F5!-tR)_cL=;!XWenIcz=Zp{VtUIE#TZCnU=m;$8%3d?(BQBogMG=|5o+t
zK7r}4j@Qon6VsOL`L`jWw=;X^dzF686A#?$k-HClK30EuhQK#VJG1wtkl)=m7h2!_
zu9Wk2EKfeTSYu3|bq~u^(>tnjN5QeO$Hmh9c<+I}#yjn!wO<?7KDVrHlKYkFpCHrp
zxf3sx%;&eqMhjgh&BB-M+1}4T_-Caz3VU#gyt2*1_OrglOXlo+ElYhHGNBZ^^9-aI
z;**YuoybXP1i@QEAfl{u{)r8|ODSFn_aRW<cykg*IR+0J_C2my9T?wk|E^RIq~cde
z9PRDlwO2|u+g8YDqskNY`AogPUY}?sF_pBouDo8QX_Nn4skWlaXmYq_Wbz_qE^oK{
zdK<6INc%#IO@nV#%X)piwSRfL77e{oM~uXFnQU^g9p;TDH*M{<D^&YQS6K!tvTCjk
zsB7+lL4C%WxyG<x-P4<Gx!E>ELpDazBC89K`1Wf1yV^7|T&6AByjo{%PkOycccs3)
zUPs-LLBm(74JDH9Uan)Yk+!eYQM`P){*fNavLy&QqkDF7)`mb9y;kM43#DvN>#Wzq
zv28@GeWm{3SpTe!hp@LTOvb{lwnWptQR8)e(WvmqPH=U#KJyv6kqc?tk@ymuUaj(4
z$jB>w-#6}UlH#FPt2NTleC{J53GC26Y{6$~<}$srxUEjCK##VO@dKN$U_KrUwLvzG
zh)sOh`K$F!uWZF;SKGV9pvF+R=f%cG*R)L=Y-a8Y-CD*aWTg$q<0m$mv)GgMN5}M<
zO<=GK_blTg@0BKl&#cKWZGh)P+O*mC@%pS~qcTSFY5j724r>`R?`FT@JzLZE^KV){
z{1L8z0J3yj!#70mKY50cI){mE79O^K<PcCX2LO9lh+78U)E@<dU~*xO!R!dtzhqvN
zVR(iHzPhC*B}3-gl-j80xIZPpGZg*dlrdEzcUksts=Tp$5%YTh#ck|3%q~Ta8N;I#
zO5>0wTG5X2#>~LP*zRuN;9fydEwG?NL65G0Kf#Klmpj*0elAQJZ6F>yyupWdBN6J7
z4uWVxh~3^uj7hc1u~<<b!liGh#)#cp;yaM$mNO2A+J~2so-=^YA_zh+9EXJdXvSEL
zgIkbaiIitMXc4R`HQP6!r?#T=gg@iZPxQz2(I{zPH2qy^<E1@XV?*w(1uhu5;&eux
zeV<4pB*|guKBP}u+@1yn25yX=(%+S87cFplWEa8<nHPGR4ar5Paj~S?^e?EJb&wOK
zMfTV07)_!E{=xE>YZS3P%e_(GNbip%!b*a%yLF5%DFYjZxZoFF1VK{pO!C80u;Xa_
z4c%R9rQ9oE#KuR1MRWVM;nc7Ae<wv&gF4}Y79<|zVOM&9IZWY|j)wOzhjL1@B;qs*
zp_cCnYXTyfjg3!246CLj5AzNE3sLOLlXxkFN|XcwK><#9MiFt@5L4kWc1!@^vyj7T
zu;~vbcpQw-8W{x{E%OUn#}>3{)Ipx(kzP&m86O0Y!=;6*)i<=$85uCbwK{@lXi-}@
zfp(lXZcH5>ihoCAYStF-k>K)ao)G8H&wqELg+XXkHbTu*2(%mlK&b}2D4lvZVod1b
z^3vZ^Vi(AU`a~6<!~tW6h-emugZ@M(;u|&8&`LrZ{*!|EPM5ULj*j&h#j21mKs&D-
z@%GSA@`rh??e=|MgS&q(;;;`tiI_1;SE-u6NHZmgyhnPGbSJhCo-={s6^TxXU|8E2
zd51L2CuZbzTIxwsSV9``y#SwMC1@cZSu0pe4gk!|t>XbnYFKW}NC`7k488`TZqJI8
zQ$}9JB#fJ(8b-ol&#Z*dq!%34T@YI3W{x5erWAsb+bRz_LXTcidge~GTJdUVa5sDP
zbC$;_B+GXRFV;r@(n6RSi*p5<YBlK%pt{Zhj3^8wt)<AeTooY^QU~GZS}AKrj-^JH
z1ZlVCQ`M?f%mCAcKZIwk*Le$hmZ_{52{Mt(;+K^p3vU)JpRG^1){<{EpZyApkc9L-
z(b5Om<A#05mjGmhn^nUxjwvwf(Slqq$!X8Bo?XI5<NPz#QefE=J0r6)W);fFNk$WN
z9O|MI5`eDHb&0Pu;5xu6|Ey6-g7gCiT5;`<l(epID^~UVm}=GMED`2Hd9JXLI>)VT
zLn3+U{ak%UDrsA3?OUaOu8y+3R)a)Kgx1Shg^qLOj^;M&v(jvxaY2!F@LUl{pjOXl
zSh8CyDG5~5m=>Xov=EUMyo_E@(hpA|uR0i-CbDeHp0#agAG$Sal6p4+@<y91!-}ER
zLRYm4Sqa~pbp~=Q;o|?Z?bSLZWV5=oBbTD^iS@}`S-=MIBxC5Z@_T(H<)j1kwM}O(
zSwXw24y3Y3OApppmGv2_NaB(--O_Qcl3GNzni|{2$9WPwu`*l6i<6v?H(m@UyiFgu
zB0^sJ5nl9$0dbrWX72>7(j^};29jq7!Pz=)br@S@zXA(F^6*tH#`>(z*VUCakg1~!
za_OA4bKx(HLtC(b0WGFm@XtE5ai(<_RB@ZpK@|^&E3z7)Iv5XrA;L^pE4&OtU<)PG
zHG+6<c}K|}TuWm%TfKM-?cpn9V>SNd2zy1wAQ|TvFI{Wd*=Vn}G+u_v{ryv)^+}Iq
z>5CrOpRb4C=uAJ>D#$_4tVv?{g#h*uiE_~bnw5ey{^Bg@gxIXTi(ELc*Nunjfo)xt
z)CQlW3x1+!h|#Yjc!^|M;#GXCGdMJ}A|1I1l?f)BWHp4OxQUfJs%bW8g9m&RWU(le
z@qTC2HSwnbWoU{X!w<YVTf}`A6KIaV@upQ6pDwk_C)hsi)6D*Cn?#zP#3k0GJ*|u4
z>|(Ue;1VlQEW~4#;Mb(}?q9C5u%3S|j?n`i<|ok|Yh|2tsz0{N1vVBKF6%Mlz(XP>
zl#>sCLt9eccqA>8HGC9)!3(@HXjPi6!lspjw6!iihILpib$P3A+Q9qtO21(hykgRb
zJ2Q6D^K-K6!8g(+eh!yK*8Tj$b0o$wMqrXcS6a-NMMfB=PqxS<SGCxImtY4>r(XU!
z>$qdNRxCeat#j>FobTTp$x-Z7Om{iH71ZJ!x(LVX568qqc_LfkA`1^t#MgNqkHc7r
zSooHPcyC#|t+(@%Y*4{ia7W90TviALcv^YmgeP*v+hGTajT-|y%eMTGv{+g%^uWG+
z83VAFY=rmW5E{m|;y=DKA|57-l-Xph69#=w|74|UEmkkz2;y)M`>916*iL(1m8Q)s
zGZ>w6u`#?Etx?k;NlC=k^r23ow>o-*LnY-v;tz(&wNR|=sFAV<R!jaR=Yldi6y?Ld
zJW}r>GyEr;!)C^Mwk<5|k6C6*Cy&K&v`Pa;o~x(u8cg6p@jX_giONCW3vaMrChyRm
z+=Hg*k`*ybm`b@Gp&&n56J09@MLgJewPSqoGoO5>Asl8IM>`l#Zp3nI$}TL#YB1$E
zbh3eH?~D>KAJ!u+oyU@7W?8m`K624Sc$}59AVwZ-VKSZu5j3U0wCFp82OqLHWqE*@
zd9KE0?5s%-v`$0uaS;PskOB&{iX#fg@9melrYvVfbPk(ZmenO9!W2nmfMEa@<LyfE
zwBfzj2zK~)tb?IMbmNC{R-})xn(=6dUcw>r4v~kQk~`}Krovfjs2k*aubX||!y$MG
zx8__pnBQoJ)QK~=9)7We(F7Srh65wD(X)p>*wOg367JSk<SveFi=WDeMc^%&7A@dy
zmXa-#Ugn@>Xy!*W1I=<A<+Y04As{%@JN%GR3GG0lZ<VdR=g7_e<0<@@50E1Hv~gsl
zK0$%_&99P^N27X<=SF92=pXIVq0iw0pW&Hr_Bk-N&YVc^DeZ{!+Vffc{uw5<O%E2j
zeae!Tc0~ne9Otp-i&)9{Sh&w0={1o68dJ(y>>68(Fr>s?n2A5}JCUH~sBMvyJ@m!O
zG8z#wOir8lDG{6}@fg--*~G-?R_tPF-XL3`J(BT^WFR6HIrJjd)y%?D6&lq&=P&@x
zE5tM^t3m+AjF4cY2_ObVB;t>WwUZFXNr8~TrP4{kftuTMK%qzgY`6JAr0A0Ocm@sP
zP)&+sx}$#xi)O@Lo@4;Hm)4R`c1`dI-J~|1>w$)~8^06DAxfFD$<_y&ATOths!Xa7
zVoZQ+jmkex&iNP>X%h|oF)EF4KDt6bItd9ySF}T?h9%gd6C_Pc0B@SXREc#Yjv#O#
zGSf!l7T=9WVKV4rLg%Aw=7W$##-K}y)WIVLfQ{&0Zjo22pk<6RZ2dHNamX0aq9*Af
z>ddt#l~*Yfl27WDZZfGro6MmH$7!xR0n$!NWXR6evUniOcQAyQn0x~8%mye~VY<kE
zE)Bv<XHU9Ge8f()#dFo+Y4P67v_%(uPlwu|f3q5S9kYtS%o*kZ?<QUnMIMok=ua}0
z1t?<hG}8sTgBYG8_y}S&43WBw2O(@_ATL3OE#NjuPeM``NSlTSB<ew|fmPZ_JZ?xZ
zo$G`P;|T@A;+T-n04A^G2z@5Y1q=_0APD2(W7w0`FtD<0lRB&rI-$j6#B>bJ1T#3M
z_i&$|lbzQnYHWhlM{|Vt5f(hW6EwIE<4Lv&!(uE4dkL~MjT?y@LZUd@m3&nY-}*W5
z8gKrXk7I{p6jhOK@IKnm75Iyp*xMP@kvOPEL}UJB@oXYmgnr{L>T@e}!-kpbX)6we
zJN1)@M?&Y61)maI`o*VXctrstVI9nIymZyrL4lzI3?kwMWXlP)lPSOBCJ~4nw7899
z2~Hs5Xp%CXkf|=0OgKw27kx{C;<|}LJYv}T=YS5Aaz1WDw{)WsdL(YLatJnnI29N2
z37^V*Md_?j09kTt+M-XaE3SB@Cd$d2N;bg*#1no)0)K)4<#~naWUAsbPomgud?zf0
z(KsAHz&uMRiei`!I8Zk25rtzpFVM3Y9V0EGQc0|c#3)2EXc$b*xswhNm@rAE;T>2E
z9%qPW_yv2Y!8XMHGa~DRE@+SDH3I;Q1RRbsy1Xx16ZWHj<zb&F$pj4*5X=u~E>S1%
zaGLI8Q*bg2-~${{OArD=kQGu%7OF5nC}(5sZHsSQh&*nWshMUJCy0bY7mfv1F|kHa
zJR2k>H_;1@)yqUKbQri$O-~7vpbEEHULb*?N=iU2j1oG;O}qdplY_I@<eT=1o#;i&
z;RhYVWb*f<E1A0yM)IMKZs{v?P_!CbXq;9JM#jZGK`eQO*{DxM#A2)-zv8ffLW)ET
zW%Qs7UxRpFMU9njZ~ZIS<UoH@uN;qkh(Qg=lGhL&)c8iycI<+goWpQ@isoY*HcMm$
zF;R#YLX1HFZyZQ~O&+Bhd;%J8Ax36fv=e<tD*&KwGIlmlHmRWwV3{LwbKb(y(Jot~
zg&s`>bv-5Z22K#=l?J0d(ug?xL*x*NGH8BDDjdd7l_nR9)zAzEYXllTD~#g-BMs3T
zcg_+enoE?B+ZvP_xJ0zosX=O?4+BZirZdTSv?f8IVZA3xgocwn#Si5)`XeW>%dM4-
zOC<P_)LGIc!4NzCZF~u9#ZC!LG}Rl*oGr;H-vM2C*MaXLUO*y(L=O9DkAeav*^H>b
z%0!3|$qN#(a2l`XSNsr$_!aJh1)jtvxxxT|@nwBbZSX(}D(0m{)Gup6Tg=A$C`uWI
zqV|BByqRTEE!p*wacZmUrmj;SGRoE4MWL`tid;RxQMd(DC+ut8K3x47eON@qWH4|+
zf>7xUO_*+gisS6XjcM2TIJ)TM@eaZkCy#IGGwVg-JYDM(A?PdmV@u^i@L<Y<X=nTC
z*MyMipj1@Ho$v}*)*M)vgfJ-QN+iWFiRs)HmFCsiq>8APF)1umLKumSfhD6NxYEpT
z&}p5UgA#i9=#5hsz-m7g_%K&8KEV_$8I{2pGa=rXO$JEBK<LVOkj~VBQE#Y{TXSr-
zz*>nunbZU)EGsOsIV`{~{^ALI!~7#e!n?w_5_Gf#4gT~J58}DV1O>r@K+7YfTJVTx
z#WO*_GKI@QQ@mbm&5A37haWRUIAZo>I*Er2W#Hh#fT#&D$j%!RO7_<SWRpNRLVQN3
zZ5|IgfFS0=dtg``P}hY*pb{NErW}nMrP9E}BQXj%;++sQvk7`MkGz$43;^SwEafWT
z>=8QWy~apam?j#|3Rh2ZScNMn#m*Qrt5+zSUG-M1lc!u05T3w6@vJ<=@6akl0!StU
z(8{OK3$-ByLL)mSNVsKuAWAp{GeePD@iVcEuOn=84F)Bo2xWL#XwY)f9dv<Wk&2$Y
z2H?!}i#B#mnCmhlbsIa!U^uFeIhkDC1yex5H#8PMR+7v#KsVeY$z}2+V7p-oGa|7i
z%!n;jMM2$T97+BcPG?Wu5egQV0B(>XVSR>b%*+7cbma_&Vu_bo6g*RSQaR|+mO(KD
z&n7I{5_1w$;Y{>uh<YnabBO_o0AR(h4WIX*VN)+X$)H3UV8T<p&+1a}8`$6;N)6_d
zxKJ72D&yZ|k64ER6XmtUgENT>%`y*A8!<~5CF6U<d8UiZPLuSO>>z#}a3bU^P&&$q
zLfOe#=zuPg=+Q4=7@f8p*Gg<VyhT&m>sZJdB<s*L7m|J8XTZZ$GAUYzC5{Vn&eAr9
z$7$S;qb8x_*0_k2+fTVpcG?Lx>2d%-0A^LeKy*udf+PW=Fr6niMSy6MDyR)9F)Juj
zA>sKK#Zm(3CVb=^kr9^`fP-<g%`{>n5R-?00TL&QB6}8L{(+*Y--y)vn+8wC{I|%*
zAjS*COqdKFAcZyKWJ<0rNdzr!kxYP1xDZXyz1A2qb6l{JvpD0QY58AiKBTJ=UB)O-
z1<?>BW+Za+YDbwS(GTM!je<yJ(KMwKj#2{=#1|t%ks&fryhvM6$h4pVOjyfbQX8$w
zlM_R!C0>`~zKwxH+{aEqvC-5nWuVWTgl;7^hMR>z^r3se7q3EvoX_BCp5_v;Wmixm
zD!~hVLZdob6s}<&l_uU1%=*oT6amQDCx)jV+H}-Biq5m1$%0vv$n1qyX}gIKKN8Q$
z$H06e;Ui=QVM)MI5=9$vOwRPYOFEb|MfW^92?{LAnJJ&Sr5w;4YJ=#~!hWlOFB6DG
z#%`vNRl{Ukx@G`~49_OJAr`X{J^ajp>dJnef6X_*ED0_)=;13J(Mm=^u^It5eiwb<
z5gf%Ebsf_LxO9r#X(0KLv2zKfVlrH$CgCs>8-%N9O?lcj(4dTq_>{#a^6DAJ%mcJa
z8kl8pM-3lDH~<>&3m~}f-vd0l(r}%}(X^4#H>?-~YM?(vqYMv{<Ixc`C7otafZ)4~
z4te+yX`mq<%Dw=DN0Vm5Xx4a3gn)rVb6d^Grl>AaR2S)57L*7Y<7OS7S(sLa<#S*Y
zlHe@Nqy=SU{eAuoG6tK}mhqTHluf{-3Pv^r=!fvW1{f#+SKO0|%;G>;X&_5p1|rxN
z5aex{6(#kg9zodAVe5~w0+%TbB9R_Mr-l)XQ;oF9<Q&pF<7G-HLE|M<Aqhm~sF;rh
zpUL5c3+-jX!!|4;{fl~VOW4EkSr_U*auLzCKLMZ4d;%u+k|JcN0T(M~aAJ@li9-el
zFFj>15y6Q1!+6nvSd$r%m>YNjnx>d5fiANha~D`=A^?$MDhohN$QQsUOEltmf^?!=
zP>*wQyJPsCW>cQa{ZXzKL=<GLVT2Q7Ln7*uQp70qV<1T#68RIC38+4Ug(^dGs4O%k
zlB*dS)Sm3U4=OWqdhOaYz~TBiafbth_@RS?iMae9a~n641ok{1ig-Fk;1GBKK9fuF
zeo;>bN}st5;v43s^OVSv9Mk7J2F5s)0u<T|3v)thb2bWKsSpPzW^<|oAlYYJ7!R|J
zJOOu8BzZHjNuB{tat!W|dPo^U5kWAT<MCH5OWLUwbVFju<==aMX<&qPaG+B<k#Dh&
zZ(<kZaxo*M!@m5|ZJTuoT9@4=7GowcToxl&q07t{V2EWBdqv|c7A4LgfJ}ASjR)2S
z-+(c}1XCu71T2l}M5A(4u1`Q7!9kTVCxdx@0(?N>Xl7GcBI$`oAdy9bL?9Fl9!a94
zXBdmg(FE>^k|Y$I1<g{Zvq?S^7}cT-KB*36kc47G3|xnN!fvKn)DEIb8WR^mDFDsw
z7(^|t8WYaMAY7L_&<eLnaye}Mg%nI7)r2_0vNi_f$y5c&hRjDTi1TA~i=eVl=o|&|
z#pE_HVj!Vo169i;Il>5Ylp-!s58r1xwJ0=X#on-ipJ9t9F(QW6Lv7RhMGs+&E1AM2
z0VJgGmz)Ei#>QDifH9UZK)Eif_lQruR7IHrX@Pm`FC-C0%mTn0KIK33?F??Afp`ud
z$>Oi5u7uEspV&;cz|g!VJO%1(Ok;osl)ekBafZy`IRzN&HQ@&IK*mv6;YyG}PP|Lv
z3JzQU)9wW_<%PwNa^g(_3J^#R=~VM*GD{1Yaf&{nP=hx}T7z<+5gGX)7$-Z+ycTFF
zmDf8CVw8c9fjNVegts&%KN1tOu>cJwz(OeJ;qb`=*oQW_myT&S$W2h?oS_{?<|AP;
zR#gMKVVw<$4Jro4a?z(V$O+Z(J$Pp!t$`EU(tfy?>h+?wVN#&vG${oeQ?R^UY8e*i
zReZ@2@se3G10o@s$x;?IgDJ(q0!HV-xSB?&mm8qsn1`(XP$7dlPgnjSEF;Y5)XOp{
zgTnfM@ZRilPI)uVq$yxU8!YBMn2{?PIWzz_E7DRtG4osb2`%DNe#aGpOWw_fEDbrd
zj0>HQ<>?pYKuk0o4rL$q)+QT^rC1mxaUNvF-rK*J#B97#WI+KuO{h?TYY6O#wwl9)
zoW!RLl(&bjhzqa;MnR0NoG!HkVoAHzH89Yk2=5e`NESEH3;0otG%v&Cq$Jj36qXP}
za_Zsr$)d^5Jd(@M9S1;_Q3o#Pcwuc2X9{PzhFWpp9-8PO;VT5qSjI$J+(RA?MB)%N
zcM15@s_|rYqg;2U;rg1P;ah>7GQBcLGHdab==?G>YJ#IY0>S`qXROpDaLyYp#$gT~
zs70I<RHTN_6oSd1hI-MZ$N^Q%5|wB6<2&Sw@UR>_kr*3^ZH`if5oKJ$0X}1#3_R^i
z(<tw6T?KGT!At;2QXEmmkXaO7gI>7EH>NP$BuWU+&>>lrgF!>pMxQP*vy?h1jbsN|
zn}JDn*Mu!LiKhZNxba_@$oxls#D8%-3vfr)%3R$i&KH*vhrn78W)tqJG;7j7*2*MP
z586TlVuU}!8USSYoEEq@SA{<EWy<MO66Ekd_u=>)oC@$F`4dISP1T|X1j843N(KL+
ziOkc1o%3K4O2GsYD=d=bgDiq2p@J9K;*vp6a-=Zp@P2JJ$pW%Ui2<=E&4Z^n!a7+F
zlc9B{05ulXtd5mN)I?#^Ac5B=g-Tkb7o>_}GrjN~Bzd&@G6>i(p&%P{_)PF*Df(n#
zPL$w4mXyN}R6;gVsRJ*<2<f}4sW0nEHfzjQa>64VhPtxY1MNu=;me2-F*()6lu)PL
zj9y3+B_T8sRW9uxuR+P(b$k9ID`HwQm{6uREk(2HK&%MO*W_dTl8o#|H_r0_67eK?
zrf^0RWYxMjEE`ZuJD`Mh|9{Vim0#gQY~~;PvO<`PJ~@}H2}@=@P8enhQIZW{CHQ4$
zKA<($WM$Z61(=0qmPGIzSyGV6h&s^3l9*X-{l<>w0(=pY;3A~2@9;B5#h(~d&*}vu
zB;}0>9$I(C_oO3wtNbivpc8PH&<W7u57D`vxW#ee)L?D$O>8kLIhW*<c!^^K2EL?{
z0G^~H=_Th*njq|$@Fa?9LoSu2QA**!6rJ@J0V1mvC?NR|P?Mb#3Tf0sNyvm`WJOHq
zNPS29oQ+8lgam@KQDL0T5@9k!IVtB+(~=*@vD}zdd@h?r8GwL-0VOY>gSrwp9Wzd^
z{rY~UWokz|CO?4_9Rdo91TP~H$fQ2q{5~;cAVgzE%6@3o2x$-L7<Xh$Fzw55nIO=x
zUWYTva|Sj=d6_5E4>|=VNg!D=5lMbpI|XjCW^EF!A8w}&<BXiZ-xn8*A94a>s6er(
zuB3gLJIHjooa0%j2r9BXL{{j9L0S*?<imOq3E>-J(Dm-4(3U>prov8Ih4A6q+7k#6
zcOooXLQsN{lq4vGDSm{m69##WBfJjQ(t=b)Dis&ymqrWYA(CRQ(p`L1YbmdF!HkE(
zy7ow#K&D3+9?sAO%}TLCQ*57LE{sZ-kd#&v8tJ|g=%#ggLnN8;Afdgr&a>c{B>G`B
zVSYH1MG3M+UQCe5iCz$)5GO6n0)zyCcSP$xWd;eeT8@Xt7xjoagn9C_pd$%{_yt`;
z5uTIc@NC$KcF4vz+1h(uP(5p`VJ#Mh2+V?d`HWeq_E=QPnWJo;M5}OimXz^rBTIHh
zzRcrD%c8*;$+W?n*%epC3ae-xKGdUK)?@>=<<BHGYUzd_Ift(CpOks}kI(bC%(8ht
z^l1ZXtvY@$PL-)^1npT2m!PVouiOpcpmHXlGJ%B)ftD7ML&h}>H2F>zqIFHt=m_8g
zR0gksTm~yG7?x7{q(Xp4G%`x<0%A8mm{X0ToI*Cnb=1}tMTxJJrw8A;tCo$1^aw^o
zMqX+nX08<}5JMa?At~!P77d~)01-6wW2d3_gaG4-bchesI36jvCZ|DvnKW_|*|5=u
z)@2N2p%cz7Un~gjTT93XoU;zcAwq;9Hh>QyawinEy{(iQd#Vl|yhRnhm@^O>1|TLC
zGPj{Cors(B{J~j+6pg?IV3-3ud{#4RW@O%#Wle^lHim{)d_rx^1HoWNKCq-J-z{p?
z-UV8d>uVsWNq2_D`ou8^I)(=bGLhF9OTYtHF<eMtFP8JE*P&a)jU>5i$Ob|=*59%S
z)*!E=tH?)In9bU2=79_m)gxoH%?$j}7+?olU{sDADx~-<nnAJTMZG@v!~*`jqNa~P
z3sEi<Sw;`turbFFxtW=u1`_^e9+-?{Z*L+AAFxwc1M>M4J7cn>c(_gp!33exmJ&&d
zJG^){o=I8;f(cl31g^k{wctz;Cm<|oEeQbz#cl{$Pdr?Edhm(vF<^KN>H>8<5S_y;
z#OgEioQwdi<Fw2{_`Uus><<6U>%a2Ne|`6xfA4?%@3)>`fAWuiZMfyw+S=iR$A+~-
z_2I}7U+?g8;Lx!HYj@o7F-N!l&qK$CjjbP5u{#b8!^ZWW`F{OR+w0FiHXOX8{`=Ul
zwsHM0?l`o5;OL=S*Q@fz^-mrCkJfM9*t)*)!~cEb6B}FKJG}9u|MKXeqlXSx#Ut1M
z<>6xotA``k|5a=Kd#$y9(_a5=NpRqf+lO1KloEe+<a!g~`dcN!;W~M^x;uEs{rBI0
z%dz3;A)+5WwDHNc19xv+|95M@GHkycKKSvqL$`mjPTn|lXjr>Lg##t=C)Pi9_%L}&
z#QTZ={@NX_`+E-?%e_b5KXmJG;6Qz<{~g-;qm8W}tgj!e5o}yLG-#uZ;S)#Rznh{q
z-ak_E9XPmN@~wZ&z-!b$*!cV%2E6h9QKP#5{`K2?pNBWT|LMb}*Nv^8ZkMa-_kV2t
zz#SV~|LB&XEOFcV!Humy-q`w+jjf-x9<IOD-nRZYZ-10-PvqO5v~EsP{v8|dpUJti
zhu05mZ2jrR*3avEy)x;>`%fRv*^~8FBYdkB`gwKxiS=8m`1K?I?SH+o^+6f?$ouD&
ztT&c_|4iwc0*6v~DXYD%)9-;_89p%_YDQ=H!*{NiVyX6@Z~W+=Z2a(l{@5qihAMXG
z<7*o~{PV->w|xBL8(V*IxPj(Jchs;yzJBar8RPKbPp*ILj*UO~<vTWh{OOJF-(PZ+
zqD#}@c>ga)=vVXhmArlR(0YyQdZfJERB)}GxnBA>uy(kO^vL^POM!3X?b~^K?-R!k
zt=++XN8bPaL#@{P-^-~F8mjKkmmlQqM|t~c-u{udjraetUOw@O9BT$S^8TOX+t144
zYX{rs>;E#P|1@WQesCDpnD{`ca&6;m!`;tfx$8dzw)g+6{x`IrT=4qi|KqmxTaIr0
z_<uNDe+Le)A3A*W{=<h47l!NoXcek2x2+#Ku<-}K(=dHY)w%!9_4SP(|Fc%Bm2S;_
z+NooOvcntK*GigtJ=ieUzuf^0Ke<r$|Mm5|H@^S*jqg9X@%>-g`2Hu#avLA~KN}zX
zUmM^5X9eAj|Lj8jUpD^fzu5TkuWtPCFUwvV-@nw%{?mVP_+!mc4(s!We|^jPf&0r4
z2MRDH{K1Xu1^i!KuYP`Y<NB?orNj4sypI0x|2_&GcdsAT+SUhNfAm{W(ZG11JRT&s
z{@)V&aJ?Nkdf=WKVwJjHJoBTC9~EeS+CG19S2<ui-gTy*66NznP#d2=@Ufxb^vMG(
zaR0sQA1@sgsyBY}1wFNPe)8<b5C3(v13*=vx;{`!&X)t#*3m<S*?O&m)n@7Dhkp*M
z_uqf}`Yjtj`StoA{y)&`vt_(C=Fisw!~T4U)AjJI1JBk0s@nSClk0~zuK&|!fFEsK
zGN2j?bNp!IC%;q&98&W7Kh^SuUtPcBhV*r8b^t0VU&<|v{8E|g@U8Uxm*wLh5c7wB
z8U6g^!ri6F(n9HAs(~(dG57^yUMMk-lz>(0`ajt&xb@Qpm@jPn<k@EIKUd(#zcKy4
zd2f;RS{YF2IHavV_|K0XV)dVVa^nyFVX3hW{rI=&r(jYH_`%0ZKGr{a;ILxKY+S#)
z$^X|!H-5b+rcC_TC6F)mzvd6q$+u|i$Nxzc|AT*6)KeI{q1C33>vu;b8$bEw)+&}Q
ztds?}K6q&T&MIHue!{Chao~WrTjF&8AA4^fT<4h`_FY_D;9dYE1iYfOkOXM4Ywj+0
z&0TAEr8U>4W7wu0I>W@UO*^!QuH{&paBJD2y>!Y=lo}VnUIGwFd=lg;biz&Ogie%%
zZPl7;<(6uhj?z&(%#7M$JDirDk*93SPShFBRB703f4_6y7XbCO>%Wpt1YVx^`F_rG
z&Uwyrp7VY@RR|p^ho+WCX@}+Rdz-_>1hc7>L1=phoTJG*jOhj;gf)Lbp_|cy#cknJ
zaBz~PF$)y!Ik-(5u`GZHvrK+1-DHwNIraD0;8?eG$ohkzvvMiBV+0|Lcd9^4Bgm1+
z0o5Q=XPA$OvJG}IL%Y!(^|4lctgk-SUmqJ#xVr_CbF9A?02<63R7*hW5blSIkf+S)
z9cuQCIUCCVV?Ag9V|lSRRRilMGCDH}x4K)*zk0XRzZ(e|?Cx&Wx<^@T2kWr{e}Z7(
z_=y(ka*%a(kP2y(K#3sYQza3g3R7aci`3K~6G4Ffn8mq;`7mvOC4@i--)GfKgRL-C
z0)_6hAi5b8xYI>XH!~ZB5VIYm$-xTx7Z9qypK&yp@ldAT+uPS{8s;yE*lMDet5`is
zLgwwwfk=!Dn(pdvX?gf38~VqaJ2D2b{1-n{A_mMJ`!Pls;wOfu|Ie*0wptH1hbVOa
zUn0UHOWr&FhMU{Qdihr+_kv)bDVflV4(sW`gd@eIUJ$O^+#nIT1lBbS9D*&V#{je!
z2P0IM9x#uxO_U{;+t<nK>JhNO*Zcd2+dt$Cn0h%@2Z$-#rd~CzjrQn<E!&%Fv_6#)
z+}kcioeb@Lh^?aD4h0p_(7%XN6Jt<rZEN;dqiUfuT8tz3G0^NY7=H{U5+$ku<^VQI
z`=MTRIh9p9Oe^QGS#7Xe7Jc*<D@F@qqz3zG2aPq%x-l9BKV7tcA<VUM8FEO=Yi6M<
zm*>n{y+oO!{b{Ez4WHf3icN^s>&;?)#0pE-T+b+Xc7L(Xl7Jz5w`jjXpsH`!GHsR?
zG{nnPEY3VpoO!Z1{iM=8HUDr^13-;{8flSSOuto3-%=^Jw-;x|tr01oL)EQbC|1uG
z%g=zJtLN&A5g<HQoIa$!y=em~%uA25D#Mob@#uJ2b(yFqrO;F>7kAU-)Rf3gkAR9L
zQNHI;oGcs{sSYb6bprYZ@dkG_w_A9+QA}?urgxc7l)^I(#uhAV5G}T|EHuGvBuSD@
zx5ga@8dI5}12pkO+AnHQglB@9AyE?SRU2zRBsW{5(u7{4Vvfr74)(inpZN%zm!)g1
zV)ZQ-ku}<d+|x_B+TWmi)L$$~k3bnmeK9act#6?Hy@;}d8{ZsUIlc?;8sDF3js^ZU
z<7$s)6)|EH#q^WV-nG3mA}K}XoVgQaK3ZSVn%)`loeBtpr5VbL4TT?~VhB4^DJ+fl
zoKe>4sritNi&l}Tu8ykR>4}g}8<GXz+k7BaCDDm~S$n6JA$wp*FD!HpZYSA0P>X><
zEQ_sdKnr6Mb3|KazF0nD$FLE$g5|;vc0*xgc1D!-<zwcxf8k+eJy4sPwZ&2x!boD_
zcQq5?W%e7z6cR?!dBkMmQ-~Guuun;pk`H0gnVXQdz~jt2+doR0g;0OR$~i(T{pX_}
zdr-b|@Y56OA_+_5ATa+J(qi~xil(?u8WiDB5MmZamVsQ~XPH)IHpQ3jY~h2nB_$LD
z6%3;aV|>f3ZOen9M9dis#0)950F5Q-K=8rP1+f!jY0iJ_5>ycJ&n<8jc7e7zO|xvK
zDyMEAbeXPWb@U8keYgmaHYi~IfkjYzxmdX@*N59b7j3~C7kg4hW1>Du&qnxPCk0(^
zF$d!)sjk?cNxO#BGgYcKQYe0A7KMzKf?TGnqf^8zrm&XL?{DrXR<1(sV&y1ognjiC
z8Rj!(+7B7yB92b=%;Z~#)SEzpv3e2ml^1PcdXEtLSjEVhs5~{Fl_K#YD1r&AP;%)G
z?vAzClFa}4CK73Tkppj1hUk<zLm^Xk(jtLTla!;BG{`kr&AO<ExJQoat~Cthmu{eh
z%3-x1k^qc&dY`|k`Oh_nN=@N#)sG<=^C`06I&FK!^bY!Ojn$RE7^E{&)o~`KRj9Mc
zm@Xe}4j|NERHo4jXi-%CPR?iT5OU8J?YBW83reD#O4ECteZZ;tK}!E(^Lx}~kVU3R
zGX;qT(SC!d?28*?Pl7FBP6rjr{?S$&N(bsu2%RM_)j-(1G~|qoVLM05M6eV8@;B<l
zRh6QbrY{%M;C*i+)2*l+rPUbmat(t0!bjOLP82Jzmkb5%<g5(6Oi5Rf3D;26hqIBg
zM+px?-ZF?{Vg_}M)iYa^cSc{8kdR_uQ}chSIa=zRiuDXIro=`(3C19zU{GPO%5>E(
zrvMvNwjwuZGk@82U>?&8YQ-3*&U~?1Y_O2T_uwKWD@Ia4UZ&yXybb?BkP+!g;YB)7
z5HX`&3wJTvr|2UWdSp=P4=W+*yd@YK|6DOWq>xUX8Ey8zkNlAwTIQg`LNGe)91X74
zirih|wsRot8V1AEsSyeF`qL<^Y+5X*4-UGOlKyKrBy5Ty+4S13gUyc>YoizhVQj1{
zv3g>5h5{uqEQRGYwD9WN)?Y)+&j3kaz1&W#gT+~9`thxehlLx|QLUdDjD`33psQkN
zQWJ}|C~8|#*X=GBME$sUt~{&U@}t9SoSAeccKOo>DKq$7^9fX&NWBHnkQsN;Z(ppE
z*0wpO<qNc+4}@9{9AUX;N{+u+xrZThyjXpc<Vbs0LUx`7Z2E1<qMi<37@*_MVHXPx
zsvE`HwxAqbc&hnev9PyT7%JxP7OQuQwI_>(%i&|%g-Z$fJy5J(FTG3)IGku6|B_9T
z(>WY$KaMvb(0{9#X`qk>huMkXqm0r_Z&IB7YrCw&09P=;bYIyDJBl_dGppwQ!7z<h
z?z#v<$ne!b+t^f3A1(t}=2P=O*nHUjl<RVHGUg^kUC57F#VF7K`NMa{2<-VVQ+K{u
zYv?i$san|$3d3h#96o!QA!J}M8j69nCopwr7Q|QYiD?M!@Y$D!&t4fm`^snV&~*-s
z;W5S5+gEg!2Fb!_y>PX7e%vl7!#?cn6?dpz!)LEDO-*Ee9AWP@-2Q6aIk12Mwhab!
z_cBS?^)dQLiXy)rMS@!J#b(;St{ZL!H!wE9XuUUX6BILg6V1f!ju*R|jnQb6?!3C(
z<1Gg=mNeWuFMX;xL=-83i6L|d#YjY7Dmoj#BQ3lFZhT`1#lp!SX3WV%NQ}6^M17KL
z`xP~Y0c%%w>OKZ#Jd$`Pfe2j6(DJ!oYksN{0;cyJi>>I9*!<1kD^`X;lr-{T;k(;r
z>djm)o5zX9C@4=qGuK(?>2mp8j7-^Fp3_sYfhgOa{vlidx@wF0wJ?F^*RZZ)W4(O<
zqHf>5T{DP5t{h-0_dq#lbR;-<4Kt9nv2$qn?6snEA+#Otu$ld>*cSH1QiL@VhWzwh
zltEaEXbmh7I-Qy==|9u@J{D`Hf;!<jBr}L|DHO@;l%ZzuihLH6huAYZn3V&<nIRR_
zs?Oh4Zom|4I2mJ(#Qt^zr#-D$akt<U&3*xYnVl}-0xZ_%qQ~pmV~GY<Rahb$U5h!W
z&Wt*kwc}2rz+<N?*9?p1O;SlrjUSaGA9pW``w;%}zVMMe*4&O$qU5%hR`=ilmqGsH
zvKY{1p>sXFSOe+Y2~UYmEJPExh!-3O;gsoTdGFCpgJFp^)^Csy+@j@{-U6J?^*)qJ
zcdM`O!6tl6R}E#NSsW&mr!==c^rRU~w@;uS>M11Cj<e1qx|7PHTsA}AbZYf)COrg;
zwn(+j^BZp#*5+q>846S~CGH}SlNsa9hg+?BpBPa%5lb|piXNA~awH_<)&jKwc8yXH
zS6TSE`UVErA`G|sS_Ax%O@e`kaeHNC<3jELbRD1sj10Pfhb#|-`ynF~AFTXoNkKIY
zeFuYdw&?;Yu?weEA8yJjArWi2JeDJb$M6&8z@?9ar4G@gF6NX0hGFk6yO2zchaLj<
zr^~PJ@#eO~&g}AkCe)3&-UaeymPK+vhFo-J@Y0Mm9{_1oNT0>{<6<Z;kOW*16&#Ns
z%XO@;uhoZi4GbcpV|`-?w*Z1S2=$HiAaw&_U?O_Bb(L0W4grB?;^VDDcO-^tk)&tS
zTbofsCMKWc39hu{8I|F2{AG&+(c%DZ#({ypvI2#Ik2W@dOD@aX4nrs-4>cd$T7gvS
z;Mc7Fh*iCkG}3(d9mUHUgUxMK4LjICn&4y2N8VkhtoA^2`$jeEZDL9C<IU0ctXS3^
zX!b&3{z+Fj6XBSxO99scUK)n9E)g@A5uEGA?16Bm%v>f^%)An1F0&yZ6ZM+^HKFA@
zOUOr+s>@NICa&8={AW!f*Zcw8ti|jT{5CQ-3XSzV-t5Qs_rBTa5DN3NEibkaK;N$W
zN_K-|1#QDa1u^iMEcM0hC>@cgP2JHZ*4##oE%Iw8qv}1b{HpGlaz$b;C1ww}Le5;r
z6x&|R?u_{nks<JaI5C~0HmjvAMTyJxVz#D}j%EYPoGl4mFlMgti=qa+C7nqLQ9v|h
z4!<(wMGJi9m3myRL5eT~swqt4vEoc_^z~^RO<Qt5ARJDy`-?iOow5FVsM+V(CRH2!
z4Dt&>c`ZisdNK2Q1nv+Bya;UmqU5!}?j4D*C)KX8)&w~rNjYAh&rr-R*ZG5v{N!zt
zmonF*(d&Ai$O$87tY@dPS<>x3>TOM(T5NuScFTUY=4=hy>3uD|U-Z6mip2Z<?kl*p
z&{yy^IMj;O8+q?rW1~a{zN>Pd!QuPvF5b~nM)gpBH$|Uhqx^2fzXM@IdM~HSDQVTm
zLXbW04kX_bsdp!S9%JoY<hJ+sr3aqS_s33~<bJ7OTHaTD>TL6=cb0iK1{*0Q8t;qE
zM!|On{)AQko#yy^Fyh_KzGupJ#_!AQg5S;O_iXGPiMpO;(fxGILKsV^aR2&Q>0@p0
z=NX%At$vcd-KnJ(#w?bVW@@Ydlg&p}*D4X~VfFR%^B<KqZ?Nrbj(lLTD7mZo(XEAS
zk3aNzG*mWcNmlO23ZVIDZy&=f+N$C}g=oUEH0m?%6l#Z~qfEsPr+P%nlvwVd&TJ-c
z$-7^f-`>!N+Ma4dnggPw%f^SA%_=K%ahF#K_Wg0JYm3HztD0EWHAu>KO*R6P#x<a0
zbz?OrS7xQ&H|k%k52it(uvA-?{J85kro<Dpm$2%TgzV4fLZV37e~3d2DFq{t$~*hl
z3ysuUta`161I3jvgjZmU3z4zLWA^rnIk)`J4^r+04LZxEK{Onz9{!4MY)2iXEtLN=
z_AuL|Sn%$L6U|2h-=~Y&`+ij^tgSG)s<_vUqV#a>6Xk%*+FQ$QDOq(hSIpk`tBSvO
zH)T<~`B++JRqd*tU6iFp;Np7>aICND`*<;X->)kD-hG!vw+^vNy04dwMt#EYzMQSG
zib~ap?kl)4gbLGh#q52*s-^eFv@E)nN>$QEHyaIZvGv*S;Tg)dtDY|vv-kZzxaYFy
zRvJ}F8$H{?Mx&262dfs}>sn!PrI@|%SCxJ5@s~xnj=xIUz+$68wj7&(_1=E=W5nIs
z<v+HD2Heu+bvqt{jb>UEhOZT~_x-9O?~P$ubSs^zq>ZL+VWZKin;XUKeZLRxrYyRZ
z5LMDfHyaJ&8`va78LGOyUCiG1``~WNqFYB-C2e$@qbrkfm{cu#t$KaCn7!{;m3eQP
zmPNPrS|z=s*D|^6<{Pcz{@(|7Qx)CP%|_Dw-Bih#fMWysESC<M*zdC1a2<;<yYb#J
zT`dDFLOmAEf68DPjMZ_|)c%R)h${MB*5IGejtawfvzhm`jP_K9@4I{a;FOOvcjO4m
zfo5c2AT}=FspF@#cQ*@ta8Db#AIk-~BF%e@X^2&Uf4Vui@b^IF>>$~d9;2*8v`qM9
z^JB?~GWmTjs?KP7s5y9l5mks?YB>Od)s_E-#AalQ&oC>-0A)16@GS8kHyTKSES0pV
z9(czTtz`JE;v4t<K3Im!qFZISN_vM3m&q8UeSLjD-o&qdx#(~w@4nv$c2*TdnRROR
z=+-$BtBp{nwv#PbRnAfyNNi1Y3*6DDO!I|DFY#vh!)4LIEnoh=r@6f}cQ%r?1{w{j
z=T>Jj8xm>?;?&E8F^j~;ZL$&m5DS{O4L)WOAQq_7vYCJrX=`-TVIgKiQJn&nUFS{b
zhHodN9oM4I>pQT$qx0;<E*sqQX^f49&4+JvtPxZg3IC#ZJQXdkCNC_xMu|jE|2T>9
z(5JVX@aEv7?Dbw+=g3$O3s^Bn!KfJdb2}aGiMuRvUijf$!_^ut^wJ&a1Cu?i@kTso
zU5{r?z?O%r>CQU`Q)j}{<}-Y_XnE{<>4t+{-Rs?UZ;9t~F+4@B{Y;9#sh7EBaDyec
zXVlwYXK!UoP@OhyshHn`ohqS=g`@n$Iz!&u&-fTmpqfat{tF5n*PqW#z`ZgM>=v$Y
z$Hk|qTE&UIT*x{S1&`P-1v*E_mqK$p$9lY3Ki4SE-Y!m@Ean@<+-Py)d@*;K8ygeN
zN6b30MC)hYDo(KL!OdIDT?x!i+}&~^`GiBAABske9vkc727^O`%E<$s>6GS)_lesg
zMJ<e5dVxG~XA^H6<#`w*?giC@rT9ES_6QkypM;)lY3gNfw{wr8IP0$QVeBg;LciRJ
z=lY|ceA==bY@YKCA&N!`MT)(sj|tZq84i5zLDI@wHWjy=PE7fv{E0b|hjeR3v$Q+M
zPn6Ey)nDbKXj5mr-y{X^Nx_PCpJ!(sw3Bl1HmH-7lQ<>qhD5^n?XeyoEwAWczE6ok
zyg8aZ7DV+Pug}dzvL(P)x`t~l7#3ubbL>nR&pB?BA?D!uGUJvRAj10wHoJB#W`okN
z9FY%FF2g+#hDR0^v#D2uNLE!uO<ykNwlQQM<BtRyoZIFNuz2VV)d4|IT`rz~4y0ma
zGm{?)nNC5Dq*AzdlwJaGq~-Y=jAm+nl>00s6mwVoZB7Gj)^-k$_+YU@P_fbG4ChTQ
z?i!UDrh5m5OdDs;Y17tIydP=y1tI2+Bgyv(?4xwPMF!s~hUZ4ycuM%<9Jh??`gTto
zbvC7Rs|8`;+^%8{ERS)cQFZN088t@6Gq?)QTq5!o1T)&1g-}jVehMR;;^K=)-YW_D
z#8Il!i02x30VZ!k@)DO`2%c21JdL%!)O@(y#)DsMfy1QmezDS<N%v<-aOV-X3tCEB
zBG2Qh3!@Z_5twa^D@hC7Q)kLvi-8P9c!zM|sNxbllY3&+xtFs_AytZxse2I8cy7_T
zb8ZAu;>qyt{8&#s1B(*ePW>v3%FQs3r6PLyY~IVtV1_HoDt=I0G`+du=mXaZYiKG$
zka!jiN!H1GfX;I~hzJUdOCh3WNJY%k6GKY;ebY`aL(aKW!RJO06%!oGd<*r&BiRv3
ztwIuGGpFutYZ$UsRJ?7zLG3vxp|qgEC1z*uqs*9hOah-)@aZD&tiesj15uZ5#N=f#
z-Zw0j``peTk92n>n&Zv}W2QN&(`05k+DH)dN^)7Y6~WA~^D-|U^h`o`Mo{MSR+?It
z9pNR4c3pQ+1eweYJvgeg(h1|HLIy&WPv3OtJTOs8=%!ubI^?qqn<<88Yryf!4ytmm
zhr{P`MBOSNa0>Vs24u+oJKCA8nfoYSuZ@|p(Th#BM#5_pb7Wyx*-6JYm&}Nl&LS_o
zOwl!?3ZjM<VC|^>K_FD)MmIkF*DO&wP`1ldMU7+yk`y2+*nV)(x7?PBg*B!;FEcb{
zg=M{RGbzFmH-VL@3KOIJ23Dcl7hYtww4NS44LF1B08Fxc{8N;o&#<mYW<kwHofA;Z
zf3g07p2lL}9Cxbb*Le2=&An!}bAJ9J@7XotlJQHvG#J%Glg+<kg|hV>_=8grBOz1C
z7Bzl@jxF#6`xf`pOL~V%M}g{}?&Cf-lUlW9)84bTE_aK$!xW^LzvIlBkEMP7ZiL?s
zcu%+xmgd5?2!~o*NVOL4M=XpE40X}s<F&_YJYLbyD<aa2hh}$2g<S!k47ev?Oyh-k
z4CKs}NQnnn77j)DQozd~4vuPeFsw6KoWIQS`5QcL^e~1!W8euZXtXg}n8(KAxMNGo
zu%F5RNvYb@5j3H(t-;7cN;jy^>n+hp8a;FeU!CC#z5?fHqF*+HMytk?r@RrvOEf;A
zz>6nHq?-~(Z`;whd$$l^5+Jzs5jHNUfMEK<NydkHZp6(_JV^k{xE;<mEB>t0SKdbF
z#=w9#`18I2w<*JQ?Isbw)L38lm@VL?B8=x67{MyLT&9i&iO;z(lqLkWpIw3E*4yqz
z5(W3Efws>lG<)26f;OV@5_SZ&@}GP^Ns~E15>0rvSU9q+3En~CKB_r<M(A$W9wiaa
z71$B!ylLvKs@P<e7o&2&(tVD?tOs@bI^nDq`*p5%X|mqLau(1r3HDSL=kh5W8J#2K
zh}M0%M5=-WwK}cqKdY<D7sh?=iH8J@Bm!zld-h>7QRVeq9)C+4W?`SN7)<jjZmHu+
zG<NCL2z|i?^kYmhj?Il^V1jdIGbO87V<SW$%CTpBM`FdL!@;X#f2R33&-LDP<=a~M
z9pQ3Qy^%`WZ2z{<&i*v@Vol>&(0nz;H8wcQLi&J{0J}n#4nkl!HKv*E+g|KNr8=*M
z)(EEFYO%yTP_ZjW9Yy3Tb6OTj{mx;gNz%N;hPON|Q^qzhe$N2&OG8jqNOLh`dI~Lx
z%ERCTJWfu8iw7I=^w2NmLM{dI7tu0ERYZX5<)0IoHkjrnfOyq3!tPxqc*|31{!xaK
zPSu`>;@YwEYS5WF#=~jDQG5&F>AiB(5kx_DQ6MI=5TmU&|2dI{=#clZgG3d`F2N|Z
z(m<;}pX7AR?DW%Zg|$R}(w*-C_@t*xPbTDJZ#}G&52YFg37HS}F@TR$4^Bm@oXc^2
zJiReQ<PQ%Q3nw;sCF&5rSl}s5-Jmi9erxd^#zU4gaLJ8DSFI6hqZ*gviH^!A1Y;sS
zNb&R$JWHNvjP-m(H6D8J*&I&^wcK*1$DY~peI<h=F!Y^sK$NNek9dz4-QYyn$h1r>
zx7n<+Up{TNMNE+e@k^Z*gFdgP;ekLhc^JW9E+ZVlDRw`5lcd$lt*L1*Fe;sd8ze~;
zeZe&D+=lDKNA=t|BsHY3Bu8=rr63WBEH<IyZRw-UhrI0Qsn_bY+Sr!6%_cMF%ba{!
z)9-jdW<D!0#6_buRGbfwXP|<ikuK^Rs8Tipu`YoUjAt&1x8Blf04^K$E6Axvc8n){
zr{%++=8iNUbjEF=hxPb#!S!`oxDX4MlUV8Y4}OIOnAq@eju|#ulB`gCu-P=*08s}L
z;(J(F^2-ldj0`6ek?<XWC)Q-RqgI~4+VI7%vM#EUu~;&iLIL?uY0H{E8pK-PRh(*Q
z98dy8DO{F}oG{8x4QWRXnC{HUhJ23DKObI(nOpAdkr;J%2HX`eY_(HipPdT(>{Qri
zr}ptQUrfE2jb+9CG*;=Ps<ANPPEAH*2Lr~UbL!~`KO69<{y+Ao%ok<})1B|Y_@NTN
zKyr=+6xTRjnd>?KOkp_E6L)t=x+)<WIyTmPY!d-P<isUlNKG0jr;ba95dEn6oUpT_
zTCA}vT*6z$sh1$DQ{lN{VOQMBFD;PEEUDM4pR0BLFtTD6#V$`AgSn?(8fNCmA{52)
zC7!6x^yN$aX|u%o3=yhk2$+QXyA0_PS?6O1cZ<^piqn%nfSZg*&au*Xn%dtr-a%$&
z#0wnQy1qO+eXE$h5{`rA;`Hl=d1WeH0G&O>DPH8drAbmXX%9<p+tTvwV(Bf$n(8o{
zq%(5h(Uz8coNk#nC!VyorPmGEb3D+_n=o5Y2;%OEG3>U(b;sazZmV<K59tE3hnw*x
z^$;n6*{$OAu`-<fEc0F>81r%kZ(D!bTI+|Z_TEhvXhNI%ol3GCDxP2a4rDn!N`W8+
zSWYIfeFp2D<BX=>Z>Xm)IN;Mu3eMU{aXL0Lr_Y(VbOXr%A15o5*Ovo=I2T-ITt?O}
z*5exnR2=k!H^VcZ9iI98@XS*dFHY~rtsV{+`d;VNg*8Sub%sYsi_-_?kU!p(h?gbg
z)@^b_-I^U4>z55oA%wyoM3AzYZx=*?<O0QfccyHjICoc?D?@J<({JfTX+MNVP>DfY
z*7p}nx8NWzI|Rob=N6lj*%xkj{{Ku>>=kTpDmvnP{}CCXi_Q_sXuzF5OnofGSM?E|
zetI)*jdS<D2gAM;1dv5gL-K6HW_<lBoJbJ$h!v(@<(brYT2d^Q@g}ANHePf`KI4_L
zYJ}cw8LW@-rKxZ$PT%sg6Jv}ptXU<9*HUc5mo0oVBR?Tvu3@>d-?3!DD5W#(P?;79
zek}#8*rYR=_es$9r>pm-^#l1D6K|05k|z}A;{d#?8_APpGH*-yW+L(vQ<1Ln^D?X9
zcZ1sSa2*#bAV~a6Vi0LnvQ{k9;U<0oUwQSvCD)IDKN%fO1z8xn<A<9Mo5o90hl}+o
zXD6yF6#=N@=uskWCEk1(W*wjIVN_hHl}glVuJsIU{d{ryHOs6&Q><T#0mU1z>wLZ7
zMH5%<adXJ7vXS*S=$Q=?%w!2Y>Ms>qzPu8Nhz#BNVqdX-LCvs!A#}(yyxhxfqa03F
z>rCLfWRiv9k>6=L{i0)Ex~m>R^h-wH05@zi>O1(u8^cE0v&~H2LMK}}{hIx&o7Gsh
zs9;@p%(fd}0XlsnXniFxy^@%^1>`dg*|%hRMKRvfd`KY<y@h}C2o#*>9ou*-9x-%=
z@@<H5`-rdFl!|`(P404t_R11wi0VG)+WJ)|S61OQ9n})8tn+QJx=Li}uFgdQlt^75
z?zd^W8prM8G;car<CuOk94LA>_}rJSRc^7mEnq|VkoQT47mwt7kmv){k1sxugtK=M
zPY^3MJE=v!=)v1*i&_)Ii&s)E7kT+7JhY2gN!`PX&lZb^_^BFEIE!IrkSY}yaoq1<
zq>JaoYY{cr0{VZWT2{Ufvh~Db=O%~kaU&)wQq|cTJ&<yUMh-C$m!~X(na54tY&}eP
z?YsK$;(4jM_<FG@kHd6Yd@Y89rGk2=)bQf<NEmVm&$EHaWq)z@bGR86j>@WU!o_*9
z|K>;rNJE{mP{IG_&xLB6Px6!>e_*&v#Uk&F5#Tmdcd__PvG_)@c+Kz<sKckw5(ZF6
z=;l2ziR~dD9pTkmo_`1i;S^XpNE5AMX_O1~NZ4tDT%ht&d@TjdHGPG<v`gFo#wD%0
zs+)1}DUa<ij!}Sc=MV|-*Q<D|kK?mmi~Ec&J{Lm+*fMF0&#4s%=t7MzN#HHcua_yY
z-PrW-$?wjA|G{GE8Q&yEl-L#od!H*7K^b#HnnjztF~!u3<(Lmrcr)q;Sk8DKZ;^@Q
zlxgu^>=Ajgw1*l<q#-|Dg=*zWnliSu$A?j~2x931Q?6!5f-;>$^v*j)^7#s5SK8-;
zAaPqDi10nk$BIC*A1hL$QEhewnvsy7qgbrTlf`2tV;M&LVyTb_d;EcT3=!|FDC>QR
z!7B?oUPNzc0;<J#$VyU7B<4X5Tbl5f%WaUu;+PhESFMj5C`?Q#yl^>?U7Yoz_6Z&7
zc!M9HGC$TFV%Uxd35bmkbKAcd(<fP~9SskGj8rU}l505OU>tt1B^K|BcZ*Mi3*H1A
zrOiz~jmjwA8%a`$PP94~eRy9cJ*xES%&Ie?;GxrM@t9jzre}<RVxQ%e?2^cH?<8`u
zc(R&M$1|YpNG#^ge(2-qOL97!NZAywD6m2O1Mi^zfs*<dG%3wkq@=}qFny)GAB+Z3
zbuxd|KVZ*iE|@4RKGRpmkuTMh`o~emKQ)y1k*yWa1uw2SLl35EU2|WG+mIS=kwbTp
zdp=cEEci<oV}pVYOLz6s5w=t~>&1i@fmP72S=AS6`L!Q<G~K4C_|B1B8s!z<C3%P_
z@&OaRI8`HnwvXFzV4Id)Z|Rr<bG54)U?+;dRQcRzLxb&fSgs^J{k+xGKiJ0yLi5%^
zyh%q}fy`~!t)&~GkC(2ZxUM3(ylr~WR$aPo@EJw#XS+wBX!{qO$IIue%-g}SfQIRl
z6ImvbtV)2_+!dr0deCJy<ek1Y4XvOGokk^0=dzNwPQk-nIG5J84X;_z{$`2Q@<A8H
z5-TDY%<W&O@@@x)wJq{=74b;Hpc4h1Ss#0YBmx~TpNqs;#dE79{??0ThGRHJW2{TJ
z!0c9Ny9kAryAd-gZy7^f1|4_=dw9J#@0KqgcC*s<ah_0!%TId`!KaC$@G}9`qu7y0
z_(ce^FV`X`7V7qoct^e)S4=lLe7OC)tl~B9PX18KSK5D<v_>yiUPo_nafPA?-v{v1
zWNNqJ_O~b#Rer>;%uf9a)a=ZUlN@~<3&^89+$v#8NY&-33jL|boDI0dvNG7>qc|A8
zI_E-zt~3Ubd!&3#vx5>~$}>#e-r{a|>F@>%P&4AAOJh+Ii#mSM?#0q}SiT^uN;X8!
zwScc<^asZHQ!C^nL(8C8ej_lxQDGbw;&Oa*aQSWcdmT}9-$z7kwtR1E+C7#5*CkkQ
zTRi)d(dE|+@Lv7Y{7BvcUfEOdTfQVo4Xy04(Uo2CiuTGA1bHqZ9z2N+R5`IIdI+_$
zvS0U%U)>}~+I}%n3b{R8K3!mhu!V2LJXtx1_E2=JbWU0$BDFN6R<6;=wIDk!@G+ja
zZLgDdEN%**UT}pu96VNjzsP1UZQ^jrO5k9N`9u4Hic?sOU=%a*W-v<tiD5ms_!t#U
zUFO~a2EQ|#UEv%xB7J!-ZeB!s*sXM7#~|Rub_%jX45esSsEw?*a>&^*{LORG%IY?H
zqZhtIiO5saPYb;k^JR4;b9RJS`^BsuNwHn7mFo*j%*sjiPg<XNiL5VgSNDaSToP?<
z)j&Y0Wh)SCd5j;a%*U!yZ4vd;s0=hV*Ro7G-?DZ^g;+qA*Yro*uJ+&^NU7;wahi{g
z=wuiwRuB2H9~(a87yn!o<L6XOB{is>MW6g~f5~lMADdiW8{}>e_Z^f$KM(*}0mvas
z{Ee_{_{d~;+&_8>Qu7NxE*p5h@ECVeQN8He)sv1@gcKnMrCceI7(aJfpXFO0F^*7&
z(%x^N_@BiE%K+@T*9$ySEI%9H8KJLS1VV$Bny}p!;{k{A+AXhauH5OQj$3`PB#~M#
z+1!3gB@AAx5*{eml{c9zfy0deRIl^#yPNcmpsl_Y`rtJeAuG$*;C!U7g=doVymh!X
z;rwO9sd2ADgOV6XDx3bXV(rb4h!|3c-P-GlU9o%-HK4q{aJWR1BJrzu&791oP+V;}
zrS@dXH9U>lPm2JuQgxeRx_n!d&-k_AvEt0Gtg-@kBR*bUcjlGHLNonnd1dj5a)<F}
z2L*FJXX3Nmw@LwJk}IIOZkKcLSXNz|ESoqVbD0q!9E!YD)wjxiCC!^Nug3=m$_Ufj
zp4W$Tvcct=q}m+(`bahH*GFh9%B+t#^krs7n_GJF7m;NDZh>+Ngp`J)`n3nyMayLK
z!4)kOJb|*Bj9~P7ET`*B5*7qDNKi&L*@>{Mhfo#kZ<TnzU0(0x_3Tg?zZLwET0Bzi
z2+!_O3dYcibE?(lxg7W1GIxJo&s3$Kksf?YA}=hl&ED?#+u^o`c>ZxSk<`}5nvZX$
znL}Fsm4WzbYpeS)zf=)_Je2j0`!HW@erij@WwG*e7QJG^UvK$mr`;$NZfI5oxsDYt
z95wn#eyTNk2&J=8#s>|=$opSh0y%E{Ah~BR%J`Xms9^{*+-74Qmd8(qT{55F%$euT
zCx!kjhH96Dk%uvBUoOr)iTdbEFJCeJ<zam2{$r3n?GFMEaXWiUN|`#={Kz{~&GC;q
zTD#mCxLm9}nGZ?L9?Y1JgiwMnI`GZR^m4Iw;Dc&E<ZGtR>Kkk#-kG-xpBk=O&6QV~
z!s;gczE}0^b&lw>#SIkD=L^i-T4GDK9wYjje$(3`YW(mX$M>%gX(z+Ex6?Uy`Zm-I
z=YT|BeC6YA4tKg0_8~EM!?CMj3qYaVFtQF{QnPc^EQot3i$|q3`fcM$s~+yjmA470
znYT_>p7aZ!)oqlGWJtF1Wa|(9>fxV%<jGs}t;;|B%fB=H-}nDOqc&cvwfMX{$1T)q
zjVZx|U|cXHAh*_N2)N5xYgn>Tn*!YCJI9Ux>)U|K4*~kj_%?ry2cn3861B#^GVT8r
z+!Opu!T%%pjJdxlc!8!H!-fh$olY9Pg2#<MC>RrnXXA0f4_V^^vf1E2g#}GPzhFSH
zO|Tu%|M}YIIH2Nl997ZqR&C>H2KMl0Yt=uG9QxC>pRE148vC~@@v|iUIS$1brw*fU
z?4Y5+$=a{gezo>B&Z_uX&aAjE`i0uID%Vq527jt{wDy(SZ&2`SwP$OOiozH9@0l7I
z`T|!^b7?^ehzJ{gj=zn7k*O&UHTl>1Pj*i=PW>zd_^0rvvHB?BpUL=dlM|?an@}0}
zb{Aha&c94S5+Yz~S>|_YEo#PJrfjzJ?PjL@&PL&HKVV9<X&@@L{^!5;&;RiM1}JR5
z)79wWu!gSwt{q(ubv@kmc-OA3Pj`K$>wCL)cYU_&b6wxp^+ea_yS~u%#jd?wKhgE4
zyC%DSvFn+x-{|_wT}Qiqv+K9IzSi~g+-a>h20^HS6xSLL3qB$k5j-Mb(6z>6g6|V>
zP))7D;YPIv2lvz(9Gz2Za3WN#!I4U}#+L*fOjK)d>|CwES!T7y4+wrl@S}ns6YLZG
zxPVh<YK>XJHv}EQ3BjCTUhtm^{xiWVf<F}e=Ys!2a8>ZC;J+07SAuJTe<D~HoE4lC
zd{gj(;BN>P1kVdj3Qh@53l;@Sf@Q&qU{$atI3wt~3aAUZ1>(`@5%db0f|j69&@UJe
zY!hr33<@3)3<-t>h2TNK4#7i$hXo%Ij0heP?5+VmEBKt?QPUn1j0(mCj|)C37#Dm@
z@NvNp)&P42KP325f*%(ACBYHFR|WsB;MWAt3VvO1UhunuzbW`zf(wFg3I4X=?+7jm
zeoyds1%FTQJy!uc1)mUnQt&CkF2Sb-pAmeoV7K72g3k%QPw<4`^MWr3F4X|PFZla{
ze;{~K@DBz5NbrvZmj(ZU;6D`nM}n6G|FPgd5&VJRir{6z7q0@I6g(yPlHmIVdjww=
z{D9yG1>dd#e#_9;1jhuwE%+;fe@}2+@O8mo75p{9bArDv`1b|BBbXAj1=E5V!K~mL
zf{x&XU`{YESP(ofI4L+KI4xKdED4qcD}q(Qn&6CJU2s-#PVh~^3xdBPI4}5J!QT}8
zEx`rBw*-G%@OK0k1-~cwyMn(bxFq;}!QU7B1Hp@ee<=7zf`2Ti{XF2(>ww=E{C&Yc
z5WFb(hk}13s6pdKm!K}_7D)F-k6=hJEGPsI3U&w{0(5nE^>p=iO?3T8*N=96q-&&6
zn?S){eWR=9Uu)|3yEA|~<&Tt!h}UY5|0*ljS7Q}BRvWMVMZ&+q|F6}KkoHXN@vm|D
zt=eA+`0ngSf4%lAls#5vTliNg{uNRl{WUIMr^&C>j<Zbu3eA3vhW|3x&)naq=YLK{
z!QY75U#Ix7vgod31fQkmIIFVliQZo#X2;p>R|!2^8{I7UtKe?ZvsAF~S8AX9@!Fx<
z!P?Kz(T{QcDMFuRaM|)N)B0}_KFZXEC|v_x+q$-Q4R$@y7&ZE(uEX_O4Qr*&BVgS%
zPH5qT9FJ@9K!IAFGZ6auOkb_Ojjtr~6}DRafm(g2)_DE%aOU+d2)-zIQt*`EOM>qg
z>=Arf05`f`;bFx5Yt^QzKpAS(hA8H*(O@m}KZo_yYJb$qg0(;DI??r5qXw57A0?@=
zAJBEL@r>aq{u;l-U*jr&jUVQ(@$%Qd|8F+NzyF{A*NsVvv_Agmz2E<z9{XpHHNM(K
zg<rJRpEb10kPjF9z)wM=zl1gOqj2!IA?vTgiywo`GG9V}4i=`}q!skDr2ZDX`c<xt
zF<biP*QbB6@vZ;kfBcQc%~u{<Z2S+e{)PXh^?T*tG-jAWkjHj<G;p48=V6wfS@tDT
zJYmeU+wzpc>U3%kO!dsMFJVA=E~Mv~dE}|5zj?md7pdprpq@tdBjkG;S)NYj*=2do
zpogj2ho`G~vRt0B=Bask=A!3CiixK;dW@i_vn5V>tfptD<w=m9W9a#3ww%3snwsaK
z<*8_%*yibO*3MJ2Jy_7w0IlhX^B&7<FOI{r(k$s2ah|wl8=gaH4JqP@ch>WyHV-%S
zbTv~w9n)4kVNGgy`lEC*J<nG3z(X<c)Jc!8^B6l@&oc#+X68uGJhwbgD3@{`aA%KF
zO$vEtpPcgqLn-6wa^jkY8dv8Q+OxelcH5FGo^O|j41ZB`>kG9RnyOAp&7<sOoCn=`
z%$!HqIb;Xrai221I)^b2_shdNJx<VW5>1i&F%Zt<EoDZES{|dA#|Gx<suEkF@rX^Y
zlG7pDx5E}QTXq-@+PbnfMNi@Kz&vYtW~_%0dVHZr8G3A<XE5j4tg_QmKgvI`^Za26
zrT~bwl<;^@drj7OdTO?l!k1X*QGGH(_S?5?v31YGR3ODKu`sndLQt`iJ+_q$&m%r%
zicHN@r=^2uSz60O0~ORfmQ<0J-5vz!d52QZqX1L16e6+p_)%-iKk@R&KgC<|OkuHQ
z54QABMmZ!urHq`GBGStmil7vz4#V`gLXUBDA~;zUP}}fy&J;VRw&O6x(>bMz!lq)d
z9ciwRn(k<FYS^d86iWX*z0na_O3F%Q+m|PKm|`A(=&_Wk22?ik-zg`@tC1&<#a9lC
zu~MZflU7a{rA=IZv^Gos%2!IVr$~B+s3Wlz%P9TQDWx%wh?V<Fouf*c$d{yM9s}zn
zS0WsL9{=i`QikP%6i{kZTApVrb<LHoDkEv)>BQoz)Ht$iExD!YR60^tq^6X}bHC-U
zbHNm4SQ!@!`R$05D-WAYnNTT6J^852WS?@^K5R(}ri4prxnj>sx7xw8UDXP<DOIJT
z*F445wsV$d-zk+!YwDTmU|zXl%Q?<GK2u3Zbtis~!4qS1nM$3J3x~8*4Lj@QpZ(|3
zW$iq3-TD1_T2pr9b;_4D^GMfJ-|{AxEXQH5j#ElFDv#)t>XvebDDSqae3<KqETPOx
zr(9ChjpjIem3P&?3OkofTTnZAVyQgLnUNfH9L`4R;5c#)<U(tIYAWe0udBm7l`Q9w
zaw%`bM()Tz=dc(`rCf%bt!mc9##AX{d(Js^iM&f)?eZaY)eO?ia%xcd>ll?B$0Y?#
zS8mjJ_NsK`@w4{i{7yWTb?c?x%k@Huc6P~IYe{XFTs2>wBkbsMwNOXo0<0FZ2lbfq
zO&yktw_KA-Vo@EgYO9XgKE7D%M9A3t{Zk%o#hH_<hZIe1q?XCm&Uv7mrQ|s8q?Y<d
zDoTGTEY+L~%9VOFrCKbdhMdlmy`9@?AJ;19UFrm-MmjrIXM-9p*KhTadP1(-t9+1l
zd62ZdJD2mw;-82%m0L@QftoS(Vj5;jo!E=BlubERI-L!U)6~k4aW*CuluGr3V=y<3
zDaR&lotJXl@|q!P8Ou1&l@(KzTh|0-Kq*kRlmo+JBM)=+O3OqEcD2is;gtjDx$-OK
zQbSHiU+1R%Oa0Ve_NLa7qVm>JDr1gZdqFDZXk3vTllUm*xsK)vtV~-gYbd4mn5R^`
zj%Rz)%-P{g5gX^dk}TI#=Nd~5lILqXGo-aNG{yO(u1M*14vM!jASYAbI7^jFN9f#3
zTID=;q}H{6>76F7I>(qeq#dB#+OE1=y-~@bx+L|Z^i5qT)stft#iVF*I1OO2%-Ji(
zQrvMlc6Fz-GFKkc(#Vx}u2WJ<&dX7G;Y^U0N`}4Wij&88E0^Mu_JkbvpYzfqm|Zh+
zJ(P~QPPp=_VN92&$qhA?x?YNkt&%Lo<#eu9(p%isU~UeaQ}$P_HDV&RQbC@j1ttyc
zTUk+_wMTM2vV?s)J8VVn*|zJyxVi3G(sVVY8bn>-43rvDSBlBQO&U33x$Nw)ZFP_{
zP?{-GQqZs*R)?rpsx`u19kF>iekId&PHC0?^37EsXO(o47CAE=zatVi>5#T$O0=3!
z$&s$&pe(A_#lx$TELO^La?<&mT1uKYpVjWtz&R-It?Bxqw5P6>BhoHukh_}q)9jhf
zR_LkP98G@kzYmvz50`-tmw^wL0af^i%fSCXmH`(o7YVm=F7BEM8pyd>&dr*Oq|2<!
zlZ$O`a9yTcbaDfy>5*F@jj1$Sa_i($Rki8D<D#ZX<D!&{V78P?wmBNJE=z8l^d)LK
zyTIF<|1?+A1aN6KM?*ssw+f5Drm#kdOSQ(1W}WzJc8NtUqAvd~xh}=xpT0^L{ak7_
zI5jMDTjSF2h+X8<ly=EYL*K<!<1M!{X^?7Qh^q^J8c1$8+>&Tcr1|MgQC2i-G{U8$
zZRFNgLr23$%DHIk{7CapZfKae(C21KoLr&ZHkcyrjysKBHx=oE)J!%vw@8}p^3)B)
z2md?y9r86j?DNBo;D;MQXU~Tl!4EfrA8rKyP2UK9XaW4&ZUJZ)rHe3~Ug^fu($Gnw
z#iTWpcV2bno32yCluXyA(-L$2*S(`dMhi!mi}sSv&U72OCTOdrgEQS6=}On3X2=@p
z7}sLa>8e$fE^@6Qtx8?*I!3iN(o)iHOb3e?m}c3u(p-tOsnkW{Voj|!`JT7Av=&XR
zY)x$@@z(A%RjV^CH*KqQ3~NDZ8SA9h*<>m0L)|s$lGBQF)M@?cYSTW`6_XBL$EH=S
z<!4D<Tsoe#zjgCy6KaX-0M)h?+q{{f1(@z5T}{qlZAba0EtwXlxa&Tu+}GNsx~<bO
zE!`}wwW;;5J4+n2HI)Wi(<+qqj$O{mopggHpDXKHIyffBuB9vo+(}eURNKy{4zvwZ
zg0!2Zq+?E(pLV%pmEO9z(zUM?I#OMF^24@rB(^Wj9I?(dZDILn8OJD1)1l~CEUh){
z?E!ZumT=dgOIcYEcj=&X*_K$z_1rHgH_Efv<}FF($Q~^%9UMtMKOoh_L8@6wE+^gP
zbKVL{YAQDs4$c*+=ME*GR>(bqm}$S~uF0$Nn>0v=yW@8rI-Zm`M`e%B07sB}9bJt|
zgmX`+caAC%;wr_{z4*a9fTbAc2bFPTAMOC8{fD=LKHLGM*8cETkQ(;GTS2a}t||Yf
z-3t0}2k_wz;KLojhdY1|cL4u(?f|M4$=#j11$Qm(INk5Kqi{ds-p>aKa);t046bGF
zmb{PPe#1vM+~MR-&pm~E(tL!_GVY&kSzYTM*WIRfg51S>2P60S_V13${g%5bcUaz6
z$lbPky0okFF&X_8w(8#69g;gD_ldUb7~Bc^(1<%89|y5t%jSI)`^tTH?r+_T=N`;)
zrw_pWm-u<N$59&h{)W5wv}zoUd$9Cn_z+J1s~$wjy|na_8tw+&w>k>#WA}*msdc2E
zMf`-0*}cD5xZ9UHj@2Eql+Qi2_mJ}OD)-P*QOb$0<=jcydfxxZUAp_<q=PM{FT~wS
zav&dnktXgsrI{hykT%{+a>wX>ImeMby91ZL>30wVd7b-FN31-hq{uBF4pPe8!+Ouj
z9_6Xnd)F@SyxBtT<MrX>-dCTBty@PrNIM^bk|*w!(<kDt+r6(Cr0+%96${IVv+|U3
z<9$7M!H(21CSAlY_uG!FdPv*5W6lY=>7z$E6DmC9m9n4rNOM$<OU%;KkRC1h=FZz5
z^aVJ><c@tSrE*7F<U>2gm0D+8J~k+Cl|VgAQdqtynYpW%I?9Ff$24iIM$><ko*?O~
zoTbl4o*NQN=b!bz(?8xnW$OAqjqeesr^vU9P0k0@jD3!Fy?zPk+sAuqpQ~O(Hp#HB
zBYV{?M>Yeg;x@h8toQ0c4_g*i7OnC`t?}PA{-D<Qmj^msjj#A}&|eh%hTvZTx~96u
z>wlqEKUS;%c5UdF8U0W3g7wb=4>0mx#ph>gz0T#I;ia_lWwdy2`u_gqyVCpkyHTsM
z9MuPAf1%cR4V0pc<EV)76k-2MgfD(@_7`gX;$`V4YmNVvx2sy?ynE)qo$to%ooxC1
zcT?z#-%X*XYU3Z=-50-8fiHYF-F*LdQ|QaJ&wMa0<|>hD=I^>F4EpX`O*yCRpQJdf
z|C1Dl=YNvoPt`v8or}A+Kk?la%ZVoZF34xQ77clPKQUK<Tj=2m0X4sct;;;|>kzz7
zI3<`6j0<>+5rG%f1ziF@6abhIj5jWHNc)+epzgQ7{l9#>@i7t`9~XQ=uv73U!S@P2
zDfl#izG^k6egp_lRe_1d|K3HR8PXd6o8Zp~{<+{WGrlSK^G1J=S27!%VzUddvb)|}
z=ksc3*NAjxyL*ct=l@Ug|IhOOr}_VL{Qm|1{}TUyh5ujS|5y3{>-_&sDoy>7;E#!o
z*xpNkrK`kt8@OxUtEL|UtnM{*w7Yk#PJsy{$4uTKm;@}n0cdX*Tr_PbV0jI&azJnx
zMEw|Cv1)Wx{8yh4JV|qwZO;)H<^MR5nMnfs2uz)`j6-hs2>Jw{?coz(XU~DlpwS)m
z-X6lehHC^`^<Ilj-KqDEdc8|pzk%C=dxAFwZwYPz+CM4yGR3+LJSR9V7zRu&8@dEo
zJukQ@*bi8K#*i89n{q*#EL}5do2L&7?6GZUXD<L&EZmXQ>*Ii_S-|RxhUNj&+XRww
z+NP$Z4)3oL+6P#99dOnLrfqqeE{ka~oxf1;mFjEOTr*|H>T8yo*<t7z!4bhx!7+jD
zuAOZ7&7FGhfb`^~Q7W7lTo7CX%<dP|jN0GKn}R!0+U%Ljkc<=J{8m2E*#o9skN7R)
zfx>M=&rndF%swj+$yqutX6<hFMZqhA*9G=8dq;2&@QrO$9WXE|*eQ5Yuvc(EU^m}5
zEO=Jn_`WeKI4L+Ucv0|@K)k>4y5OeZO~D(2yMRuk-rErW&XA;Oko5ex>H7o{=%lSr
zy=-&|FlV=O&(wPrzB$XEu$_5Ba~7R@8_>B2IKf#@9)?QrWHcv7ItKuAI|1|C04I(L
z)=WEOC~_g_N85kB-W1Y&#9HP)CzukP1k7C#+!RRsxi<v1ch16XhcPcQ3zj=|8PGXy
z+77{pz#?;31y2jaZ|)VrB;dr5KqTi4&A$bh6TkVpfQ8*gYepk9O6Y{qg%{1ZD6rhz
zJ%Rn6x*#Bf?*I|%JPVk&%Y}wOk}T{8JpUY^{SCnUc|hl=A;;D^X2`)TM4BxxY!f(`
zg;BvC!2!V`K<BWbtAOXtc;1ZX_rn#=`!V=5;FP_ewDj{MfT`C^v;B@~^S1%dUjZz{
z;GQtFPcS98<Y=O)7{f`UitfUbfR4>~VqAt6W)%nZ8E2~yKlu{i+}>7id9I2{H!O1Q
zx*0bB3&#PcuAysAy-Db_R9N39*d>@1>=!uBQ=)oW1lyb=Qk;HPuotj?+0Y$Bc6s`k
zp(6r|baogrZRsXpb;zjwuAc*(eoZh5=s4i@D@Jb^dc_a}E*3|?Z_#RthYU>!D987Y
zO{*EQqs5j$>=*5AG03ra$Px3kTMC^QTok+*iFD2Pwk^6%upjVEk$s-hd`a6hhqtsx
z@T7pg__lPtSEasqKp^Iehiz_Yr$Mn^yec><m=i2T_CbR;0894(%cFuP1bfY1K4Q?~
z99>N4WF(5nvK5yv30?xM3>i9XXhg7A@T6(S3_UFnsTHd&g=SsZZ~R5T>WIy*L=SgN
zJTJ&X_OSAb;0?hw!5SbiTe(GOb=0)$ro9Ge|B`8T)9x~KQegk9bAaVpL&pqBj@1i*
zvrY{@TxdMHUm~>D64XpHV{MzDA&6YtT6<P-9I#?1Ylj3k0n1ifzG$m!ZxcLYy=C!V
zzHU_H&KwauClH%6lY(aiHh5-AV5?`Y2&}d)3TJHPjGdf$3$V5eux`g^?idp3GxrSb
z04!N#`L@vmhD2jMnzH3}dt1LGu($OKf>FUyfvBxN4OqJ6K-RArpA$Hw^)~@$B6N$;
z+1*Aha`p+qxL}`vo`zotFlFe5fTo9E0Jq^6mIUVnF9|?q_=WR=R|H@_`~m|Weu0jL
zU$`j%gW(sh3XTb06I>9yF1ReXB{(j4QE**wM{q?j3-}u~LkwZ~g*5?)55I6%a8Ym%
z#LtWib`m{nD`#!_>`MY$IV*l=uL`JJ%nSj}Z3CQGBJJEBLMu<0_6A`2Nx*5kEZUYk
zy<2cVa74hcI3t8=-`quLnJ$av3r5cYUN|gxn)9Z*MvJfK<*&EK;~Teps-BZo_!=zV
zisp08e(d#Ie6oZOkxqS!Z>-e^Ik>W$<A?b1vB4UjKjuiHXlUvW%j-WWum7}%Zy8Vh
zQJjS~^~c!$#fTpXWTwVf09QQ~sK<nfNM4=vbaXzP%J+x)s_@E-SjH6OE1;7^NE#dU
zle2vUGO3rt@Cfycd!8!|)ysy^3FM3diU8x37%TSD32@N7I^jA7wf&YCEK3_|UnC9f
zJtztu>aj+gvA-H|KCAg^v&I)^CyR;lI@vPrm)!dx7pQ|vle#<kKCu|=%*fQMw#%2i
zjkckg?fL0_)9LA|H1k8O<@H(&j&B#!1YbF}%<5hvC5%xo9}blJY`Wbu7}@)U9II=M
z&iTBY<7+c~#`pj~o985zr1;8lF`N)3K74;YuZ%F_s}ii3NR0O-qQyQwfo#hw$D-#s
zi}Jz6$w*w?(Lde|o;zfjIULOrjZK!cC=*wX*)pG*_R_xSw{XC9mcjSdpux(4xGb-c
zUaavw<^#$ZoES8LQ4s2>!K&fmnqNgE%7C%yZ9wFb0UT*E($BYXy^<+D1gEx*cXQ=L
z7EeZrK@7{mmBSS)R)VN22SPGO10p~)3;8*CtIj;>8uVL>%?KoYc9xxaEjuGP74(>y
zM8sO#k!>(D$bYaXW9){a^~oq3UoF1cXD-2Pd$MfXYuPrzso?gA!<l5Qi{Us%KHytV
z%!-MsonoSrwy7Y{)KYZ0Ga~J|xU5{t*l-lR2z4dP)H!}xXH8kz7Zrg_>@qzs?Tdj=
zEy}LejKtJ&93g#7nbk@77-uWea+@wLHVH6yCiwifp8=kz>P%gf)l;)fyg5QKQ`(P2
z+e<gC#8+D<#E)xdBmy_90N<sLB22C*!qo&$!{uLG`AU0S)m*0Y1=6^3N@7o~i*IT+
zYkAye#K<GYr$!^z7qPxFHV`qtLs|oW|2aZRd!acm93$w351U#jzIobfuRWCI!sl88
z2ddOjA7W%XV#LSfIqQ?F-Fx*!LOvPgZqxtt8Y<iFyQ5G9Eaj*6H;a{RM%(Q4d!ZnG
z&`GxK@JX;m5<-Iw);3R$MdpGV|83EJWH5xn5M$!I(~pECycV39dW|$T<2gAUI|e!!
zc|ko@f#I0D+asF;iOt^5k2sZIjZ6E>aV+p)19dPedHB#d8Q|QFFSVa#qCXCD?nRl6
z^|t!>))W^QXF_YNm*W)qsBJTH87{NQ0|v(VM0MNmi;sJV$&S{*INu#Mfj<Udm<i(r
z8aT@dam+ofnA9I*Z0{HxZ_*kJ;YT{NmX8nLCe#`px1};Ck{%xCFyTy;J=H&sF53uG
zamP4R+DNbvi9@xr4Dm?lXH_1{V+xbnZ^Cp(&re)gp_upJI`wKjXuG4{mr+`4FuXcc
zfeercLUA00pZ$e2z&g~f^Cj{S0@_gsY>xnAdzE7+_*P>CI54mlT@Yi=a%jh^{?9}X
z4SKce(q)bHj3fQP%`c&sx^_Rf^HFFoP}MI71Bs9{m}y^*v@a8Z3}v|kViGusiQJ*9
zCTT9r{o|WS3@Vcl;;C2t0<t6Y047P%evT{OGNu8j8SM~+SRSCm1=t@$QC^1$A>hNv
zcqO@tG-DY~L@$BpaQo*n;u4H1J0EB-&t*(g0u^;Vl>NrX;2A6*p665HtWE9LA<+OT
zJOWHW7pyji1+H<vb|goTjBN3esH|S1O{sKtSJ3Ka<h5T9+P7~(?Cj7GzXx1+B01wx
zbN`^NzhPgoCT)%4OGK*4#VOZHuB`8iK29Hu4&M}VUKenEoD3CpBprkotmGrb#Ngo2
zcyAS?R2GbqHhpuW;~dwER$o0YY`-R4k-B*Ig7lnrcN^u)`mJDhj)W3o{aD>!a>gYT
zX=@GI{Z3qg{@S^^-*Y{iX5nl>2m?D=W~Py?z5!@Gy(>!ZwILFx_a+f9;yMh>ruUX}
ziUZ4G<&7|wki?~{vWM2nwt~p^JBj-d3W)vmHdw6D(Y`nUVhAROMQv+E)<nR`U{qCy
z?*Urh^2oatr^O4YB;d$bCr2Rz7LC~YLFy4wkr$RxZO1G$GdUVmxyai1Kn)yeW<pm9
z7ka=1j^JRe2Te&Bf!+?k_&VhDM42!>v8~pKekYl$Z!;0(DY~3RC9!cFEJR_zo+IZ0
z$`>ny&>I&)gg9uCGMeSLgGl>gS$8r9F<I4LqCQ<vf0mjc!c->-!KVt*L^Gq3$aNiF
z8H69Z$Oz$uW%f)T1LM*pqY)0Iq7$n4ar}zOOLxk$VT^2sql9gMK+H%(>M|RS)p<M?
z=}2N7^&j?K88Vjo<|4ZY^$vANh$=2kgCxh!DmEJ!yq7}ORxYd3tW6XFwZ9myl3cHk
zj*<+wQma(*iGhkKRtoDx!Qv#NC?(@T-<=Mky)S0LJ_5uMv#{V+?)0&Q$faTuZBDUm
zOo1nrCWAX__{bqOiP4-~39?V`!{l5!_aOOXAR}pF?<Kz<t{^LuWEk{He6-dV;xWCq
zm{16!eEV(CpbE{<-F-QI81`k?rMR|+_#PyUl_E4zOs0r!#s?I^7{ElUh$fkhdpVJ5
zBz9{omW*v1-?gvGfms`k&N5g`Y$l>HFFsP^<aq}!T1>_g2ZBMRNrt6}_iRoP;>?YT
zTGLLaO+_@lm&H7y<sc!WB;H9aCqboyBp7{~{0JYyhQbj}f>qQC!D3U!qM<@yc-0!4
zA=+ic?OzHJH?*D3i`9FsBN&U)gQ-u#;Cn{bb`4=?3}(yR#Ii9G*lui13K@z$Cfs(-
z<8m&0bQkAVXS0bAz~#dVpod1dpC%AGeB~bPm-`-aFwsCCgQGjzTH6Hz+h|Ml`Otp1
zvdsOPSZgpCjT|RJUv6Q?j7c6e;c>~s^`MDPJ?70LK{8v%pnag`iJmUAE!t)Fx|4Ks
z8L?2#M`Fr6TVg!@tY2-7sot%A1vyZMV{5x;aP{5*>^I2PmlcO$F#CR~3T$^>9EIZa
ztRipkA4S7@$+W((xH=<4gE8>-PjYX{-sRtZhGt`NWj^f>v<{aEJIe$QOx<tOE4v4g
z#IC_1JWTw*ye$R>-rZOl%4p~CST}j4ib5KKKhrlIRL8xwt#l5=UOVE0=mQhdtPeAu
za|p_E9CTyxNxWDQ;M|xs%Ew_c&9EmsN6OJ1f!365{|YV)vJ6akWo*9^b$1l)uVi4j
z{Z#`TewZl>JIWM}Rh{})Rp!^D%!_5p!i&T0Nb%^^-!yCLTiidX0+-9c+LHt*nOPAq
z%Ya#6?lve3lZbv`{bBQ=F&hgjr$d)x-;-nCU&XOtYv^q(J38mA=d#%GL9~X4>OgsR
zU~aTJ$4i<V*S6;T?4uNxJO+bLjg2%kt`Sl>?<x34S=wUpOLp2Y5j9E7uOhc=9_v$v
zZW7R#r)L6A|ISOEpsF;pjB~D=^O7*jfm4%^3pUNFG)w`7GG-^DOw`F@?J~&6j14Q%
zOIH=|2wNVqaJY+tHA*Emb)zX=9KO*xtO%&Of@qu%!}h}jCR21X60-|(SqL(2B)S2~
zL<WyC&gopLxR}lx8m??{wFU-S0FrV3ZOO<{7~D3f)e8JWv^KxSdP(=wH$&*Tur-2V
ztzH+=`3vY8BHiP)?KYX(ECMMBvpGmySsA}j#V_O}TMMV%%tW~MX0TcDTjEs0H%Ss5
z%;2y=bIc4CGdsdEj1Xq-11iCYxEQSN50zZSGbtKa4YPg*B|k-*WKgk~VM_$<a^)RI
zytl^DNA|pSF!yN_P(-xW4k}Lez;9AvSmTV41I*QOZ?pDH4q{ItK2#yTx_{U%Wp{Q8
zEn}Rc42bj+mB6ctP$ZE!f~GEJcD7=kg`Y3ek46ha8F?-*;eTAykqGuvRCF;;KCPXU
zhs<K#VC<$*+<HftKfM$)068OWHH@3z)*N#;Pr!=&ni0@3;s$w)nZYq#v9+g1UA(RF
z@_3#;WFqU31N!)$Ih|31EnE(|8h+c2c?6LC{(i0U>I@dii-_Sf8gT4(&F?<%3;Q!B
zQ<aqgjh`(kd`dk0Kl%<BY<QshwqpdD;J-d5C+>qX+~m{+|3H{l7@Iwdr}C{+A1hRc
zQ&7*SR74HM_zA`|kg6zgc3nyBfxPsq1<rD^&JifAf;#(#n4)*cw;xcAfs#VU<(Qd#
zqB4lBQl<n(K^t5LVcTudS2SoWP~!qs>wSPe!GIpRF1>9=2DEVX#EtdYNQTBRQw_I_
zvOq>Mks+(J%*-rG7^D!W_GCb^L}+`hX{quT1qZ5v2C|?bE7()NZDb8;7iq4QCaPvQ
zB^fy2sE{@5c^Pv&5vPy5k^_fCD{4b3su=Y`MxaPEkn&2p6&!Wc8$&qoVv&`<7z+*X
zBLP{D5lXV&9Cf5h0moA|pTsdIDn#w5U{Y0qs|3w~le(>>T9lwP{xQyI;y(nAaBF}f
zWr$>|R(MKBnoBy`F8>)((kMn0Nm0b1(=lP%&46fU$gGl88OSV>=&fo4(kg<wa20>X
zXz$4mX}y7leMo@pS3xcdh0C{5tMNz!fMN9}tHqmQ;R<fbcKY!;z?Fu|LWlyPfL2vH
z@<*iXi#UuM*o;Z%GA8STSrIT%9JywwY>q+Es{d%UY@Y&P7s*s96TuJcl&rW8fEP_D
zZZ-&MqLIkGs0yOgd51IZv?j#L$yyiw9mDE7?k0qr95P={)o`A35O@FzZR-Ejde?~%
zP8e$v(aS_*Uh|lho^IxHgaB0$D+L+^u800K5G~yXKEl>@qo?cGK~=10NaehN0}o|w
zCKNNb#VeHab#5jUvrqW+4a{xzx(v;nkLBYUWgPC=o1xOPQ$0Pj8wgC|iG>=Mt0XF1
zs}H$sl5fP(M48zd6f9<Ul7k-tb<34#bVJ$eO)1IMO_EpEu$gPo`1OF-60hrh)XjVn
zB)H8|yu@^NKMfH_VMiyEiDp_ERV0?1G(<8<OdlF&?;bfs;%A;qfOE(8ks%4gUlSy~
zRzw0hEFVfoIstyewC5l;JKY{BRoa8&t!QIwiOsZ44D<+<2$>j+$XrQ6iX4Lk*Fr|@
zEk)JP1LJY$WTT5L`I`QBu_wI+l_DTrW0*Knlytku;;;8Hqa)$6yWx;obL+!2vk|id
zn_9_mtzv2-dp+uwja?6%;cjpV1d>gcvrHIV<={4I@x)<D*{!I1tCY~oG57j4jJ!$Y
za@S9iVGd#P!hV1wsX3$Ca0t;Ihg;0tDV^v9RLW%$*O3fb0c9I)QMHCdlG2aX<-S!~
z6OllXvVHdBG;7PK3<c6aFDiozt1@vb5K%2}2D1kYCbgmkC{cyMy9!4Z46<2Lk;5pB
z;=u-ErLFh(mqKs{63M)3x<dQOWXg3E6AZtsl+3n@*`1n71eiK0FPBjeF_+-Q<yI4(
zhkURshkW!Ca6f5-(b8nJ^n?xA<P$WB5*0r@P^6jxA#P(NnQIJ<hIoWVYT=tHW^VcG
z3{kbg33iOngt3NAg(Tf7wZg67-t7%U4~D)G7k;e~J%tgZ^-2HdPg|iYm3l4`Au)ZB
zh><^?m*aVv%ZvAa$-9)7D|vZsSiy)@p@QtmwxpoHS>ODZ6>j9^c3$3&%QxT}f?C}&
z)iz?S@iOKL)JFiW4ro3EmIGO9N32d|WOt_R%gZx)aSu^1zM(6M%f*n5XeJY0i3K-|
z5Sq@kH}djU^qV+$YW+xUr^b(!8kOFuQOKuY6_ZX#LNivtNgE-@3lM4dVkiT-U_`d5
zR%agplVgY9B4lzzhBC~7h&)AT7x}}aX(1>LD}_!|D3CdX>Xp1)L+%?AR9-i@SD2lU
zqN1XiS5VuALUM;}e#jVZSITp0A~=QUso$$`X9y9mBoIe#B0#62<#WK!fXr`%AhNM9
zpG|pwT-rdV!|;x~gJ_xXN0g+JVGxOlNTyph@5pQNn|w0&eVrwyF;66gvcYo8U3TYE
z@M1?c5PnC{=^XAGkNbpG8=YsO*b!LZ2*abgIa}q+(a?XLli){&rFouzysM`tZpCUT
za+iKw@1Z+ODx4b)cC)jwFc;Nqi8KgM*x_=cHLi+5I80QIG@^f#;WTv;b$f9;z=gyz
zf~VIKY=|tug~@6MT3}AC*bsS%I65=76+P_C>THOj5|^?Pb0_9jbVD+Q%&e*ogp#)n
zC96AHPsPt9q+FFv41J?dOGhpbUi08~kfV#IyHVy?lI6{i?a8~jp!<A75}mjkOya3*
zB6F_<4BKh$XoL@C_U#az>6^t|)Y1<_@kV6MH$rgqS($o5;<~5rb84M92Fs$@TuRJ|
z5{Kj2@HS)uetKul8;Cr70mAH(d$P{kczS~GbH}6Yp@7>0ic^d_j3z>JJ9T&<8wx}O
zS@`QDm$8`Yvt+o;@UT;qw<(@q=eBYXDTD=-<U@$m)XQ8#zz{<4qGX+tT75pAh2fA-
zX>nS#v;Ks4y;)Y}N8I~$rk>aaOGu9qj@skektjT5A{&vONIY>T5^=Ed$QHDqfv7#6
zwUK!Sr!cp$HuX++mg+o&L0QsChTM_3-GT&TEWr)joh=>UT&>QOv89${Np_sr8+5p$
zC0My7TRB^?DL}@7mGX5k<jdYd)I#R=M;Zl-xyX*tYbKgK|3qZlMJI&o`SA!Z!DQVO
zUgln5R9HC>D!Q`3e6V}&Vuarc%eTsgXVk)3dxfsNRH4v&NxsgJ5F$Eo0E$77^O$|e
zBp7p^R|R-W0VFwG`8Mw%a91aiBhnuNX7JcXaPH}xY-evr<7aP2<7aQ@jmREaQ37eB
z6~UmLE!-8S79?{pC)Ut6(DY<4E|FgDF#7ln+Ciyd{=~J7>YxVFk0?OKUSLRNShFV%
zIEp!5txy}!mD6-83UhChIb~UGtX6;EAmL6T$!3Vc*|++}d$fBfCNIyv#V?2SmRge-
z6954LGcNd<wxfCL{T12nZjkNXR<aq%R_>J~BW2rWaA-4lyCmejq!Hyn1gf09SKeDQ
zz*`|SS0^!AJ#jLo$hDXv9GnRD)#%b~ed0B;9HtYZ28nMIk0Q**d|KgzkB~~JSgqjH
zU6=t3EgRQd#pZ5i(}#H}B|4wGwUKZuW%UhOs@k7B3LE;IS@GnK%=7s&_bJJw`L{!k
z-xjSo)kFlgRRMKDOseA$Y|wd_OSsl+l+-gngw5#FGtkP}ovfS-Z!Oxa)U=)1eg-tR
zn<-K5Cz&3nE;IR|IB&@)pw2XIhQv*CgS<v#EXFxMQjK$-#~V;CJv`RIo(U0pew<&6
z=Q!AOZbn1z&s}}6Ozp7N^E=|yM#xgc)I;3<#pNiEA=~uLpkWY@NK*J|Ni-Lp<<9F7
zW{0gRoO(G5l$R67q*PROC@wa<(Bqa9wLXuw-O1u)k@>gyA->SiTSFFV!5D<u#W(_7
zLs={3+)dxklFx{Nk|V105@AikCglEv4MJX6!2OH)y8}>~+g+@TG+jg0-OVt_$+RdQ
z0SX7_VQTrbR)$a&ox}cTTIZrfFP+1TmRE|r9~H=kPGFcK37?#pE|M-=hKq&K7LVm=
z^`Z+$`4N(zY+I_(!fqN<meMJ#uc4T^oRNjyL>5L7j2IcGo-gd$9NEGsxBf|CWKoO(
z=>5(Fnk&a@t=$k6>orDbUxc)oX*$axPWrbceObzFAEnrCkrE^sAXxQNhS`=)y~?r{
zoVF>nZBnK<ajoQ|{E=40+)x!du|v|IxR!L2d@+%R%D@S3Q*Lk6YKnqA+LYJ1p)&3^
z1~L*OFRyb$Wt{0!O6I(XIU71hRHoa<u@!Tf2GMFw%h`aehN;u5((a%kc}X;NKTJfR
zUxr2A1fRbUL!iw$c0#BWo1bGgi$4`CNT82E6l5l}w@X6EL`XTvAnrnD9n0{;x^1j6
zhYfcNxlAfLM;2b>=UnUT+g|lWT5v9VUf^DJpgdPvi$kq(_y|^`3g0|WBB8HrUe2g1
zqN`LXdd4yf)uUzPVy(4rmn`2U*XHAqs(EfjZ%^vaPe}K99<<1=-`L@PSu!uhFVstY
zJL5`XOZ!;3w2GJ*U4ps~{-O(y#U(Vo%7iBubMf#BmqH+YjM8{K*9umQ&q=H>+O{dF
zwMnrKO<DqxHlLWe#L7IIBUZLXiD)g{5;p6K6U`!9cgb?FOE*fnj+8#St_rDdkY4Ac
zy6qUI5tz9)x8i>6d?UC~5!1(8LOz0+!IzMZb{~&)`>ZHQWhjcx?Tp*CG#rl&u(hDQ
z3}T=d3>s{!ZCHoS0%R<#UXeq@z_%<%2a%*cN#SL40D+hxd6W4FqYw+?{LdWcFA>bl
zBQP!q$}LRiId9*z_z{BtS3ung^V`tTHN3w@+I=C2tl?ngZ9e6m>xt0M^LwON8r5>H
zZ=8lY&(cvEBeBkgkj<N-7E(SbhQ{;1A>4y1)2O<Ssu7~(G(KkdRMu&Z8`OT0QkHAg
zU7^Y_o1GveUb&4#Z+AOrE{<Oo&mYh7J~vc_ZHi{Arpkpox-csYhAMVn|1lr4y=db>
zr%_eX6lP)$%O^*wQ2Ck)<5$b^{%StO*8WB-c+1W_me)7fqep@H3n)Iu%tF{XTFjr%
z;+<m>WIojgSM&r+<RyAV%ejd$?21&cGT5I`74gCC7K4SDv`CVrLQ5UR$ci~B?|q~%
ziRlu21#Ic>YUtf!{uS+zg`@Q_SLg>aAC>-Yg-THc`QV5Q%Ou(>Jspk#mP}HHn%t$0
zGT@Puy>q-jq&w7p7)TJa>>;Dat0?HxI%I}@3rA@o<Re0*9z2TXaVYM|!up`R%E+YP
zNmv*mD)VniaZM40C`=Nb>=4!YJHdmHMZ_?zwvAZpU3U}a?}bj?Qi9<8J*hmey=~jk
zxyf(EQWhZ}s)*c}URfP8E0W&Mv9>anwmrBn#GZX&TcW<OEwUHzNW~oq#HMua6T-Tz
zj9;hKLOjX4Fp@R!7a)!%mrV>gVG@NZX-5|I#T<%WE_CX0Pr*jZ2=R@(0A})wWk%yE
zI>3gCY45u;gkq^0b#>vjBW$e<lvG&Q8LQ~HsH2OhT23Re%;pF!ugR@JJ6jmt2v$w(
z%3)pKsBnF=f{A4XQ*&^;qk@Fp6Ugle(OB41(sxgmdeVA1zGTS4o(=kyMfPUNeD1~e
z4pc3pd|jar#GrgEt!z79V5<{<2cKeRyKpGm%T^rh0k>NH{W<4ivZ?47V)N0IUW9UH
zZOA&7<-)GuUW70!1Cw0=bL3%cT1~2}PBFnEgxY8zxb(~f@JY%tShSxabYFtEeQmP+
zR7;`q;V`j`K;C)LWf?iN9U<(Zth4Z9OkujQSIJ!V`4|RCcKL3oF+r*iAJeK1nrt2_
zU6r^#nv<NyNn7?951BJi)eiqHrY>TZsV=Je&%>0oWS}<N`YIjeRa5n-W$NtXB8HU~
z*Kj$8*Rm|+!iujyb9=^kawC<Zx0NcD8xjQqpzJgdm$3dKK;i%-2eJ4e3SE4LAaH(u
zgkof6jtz$1-OzHZ=JkPiAciU@gZbF9Jm%O5x#}F+NIJsuu@PaVJT4DA$2XGj@Xbcj
ztR16*k2J=4Fhv4+lRRY2D<N<IAJuVikKLNfc@;*0Bx>whAq<@J)>h@Ar{sp_DYvf+
zXk6|FDSG~<Z=z%jVEji4y|H9Kvm-Hfgnwl>^C%{mTP~yzS+*l2iWjW<Bj~D;sfIEU
z{)YU7g=Kk>6dx>nerh70Hl@P|IL=<yN}k7aNHOXSMiH|)8sR_pU94tB{^Y;j=WVsk
z8%GSmRMO*N1nAQK1ib5`9BZjw>R9^;(RCK=g%3!pY@kq;=rarPC<}gcT}?dG;ab-N
zm*f*N$%A9?#=c9bk)hs<Qm`=nLZ&qWe9eixDBnA7yE@N+xR1S4Wc|FPlaZ%tJ5M7s
zp~0#M-?ni1WW_(6KX{OofEt<!#lo{K><a?r4H%vUmfV3A7=w-j5)Wz+gM$p+9e~2;
z6%v#=&R}1mvq9b}6g>m5nARy7RrLK+g-5IKJ@*6p^Tsi9#4zLLZioylqJw;%MN3H%
z)w&0Gu7_Tb9g#xp_Q@izcE=NPbb}1KC|(X(Ho!-3ni7=v+?CZq<da|~#p2V&Cq`n#
z)E4RDRC(E!5=AmUD?mKnbL5IhWl2|ND!7(&VI2*%21S_rahs3S@xXi_cwC&)%S+-e
zhO0nkY&S*ZamHBEc=Is+GQlN{Ium)>mzVu{Igpphyd2DnYZeuBx^Q_~v5y-u2I6K;
zW;|0lv*f3A49_(+o{jv4mo(U*c8U7YK_r;3pH%<#%0{!<+OfPGAE>qB7P<q-q~|IX
z^fsaZ0kOSUGH|1KjmKhjV~GL_#?v2(2WhYobjbMA4a0BC>Wuy=y=`p0BZ6%mVy1lG
zZx%*&)QxR=78i+yD|8MLTl87^RAi;z$Qt&cfl}ew_E^t5%WPGfGm|^El(%C1LX&5t
z+-C*aObyL3q$`%*2!$Xs`*~dfS>-|HQ`a6qgJdXicPTjadQ$fFh+NOeb<MU@J{uXU
zWrXgtpX*X4EH-8&#rzN9BFS)aARZkvw|le}x|{IUA3T!$MUJ$}GnLg=bKoP~r{7w^
zrp*q<-q%!?VzTf}2;t};Z>d<iL~^qgwzddg$%{vM_vgKeP`r;;#4qH`P`XE5pfc<D
zM%M8%iyfMT<Ap+erO@{D8^ZN{aIH9Xhfnl?yH;iyF*zKyCi|dFM0}DNHM?}pf|-qB
zQHEkUI^D9V=-}99)}YOu9^KMQMl6vb^lptuq=lz$C!=qt)*I2>l6x9nRESWqekA7d
z={<wG@j!CKA8$`?iSc0v9}ZhNU|k+M9|CvUB&1&hVss99%b@677*vm*e#6&xPP3LG
zu&fa47m2t6P`aG9d{BXSy#FI|2ri#opatGC2%Oue0;~2ZG<Fvs6(J)AaeA-Rhi5vl
zLu^m)g=$r3eP4v|5U%eF(%lKTH?TU$C*6wEcbt$04i;0h`HP7agDyjOe$o(zWP^iF
zsH920MOwzm%6R#jsYUNA01;sUzpd|~M#7dBwibvMA|YsS`c~{tL2Mn>lTFb<5Cr`9
z2G0);67n_c7}H+fUxHjnVe<Sm{;Z^p{vWkhN*^VrURC#Gv?2si7etu1^mY$x!PuZr
z!#Va%3=*~5_866MW0b9$uqml{CQDgo%Shi6kxSG%y;n4s=g?*}r_m;ZXs(?u$MD^9
zhcXkR8!IqpQc4iS?eq$pU7Qc(gaqq&71;4N8O8dQe7R@+3i(PRZ)py?vczNk$Sxxs
z8%()9l9$=R7#81rSi1ZFvG?ZzH8$@bI6kLEixkNo4x*4mMY5HOB8ox?ZKs9mq)rqe
zgwVd6LI@#b-$D{X2qA>*TL{^+e_u0m&Z+15JiqtvzwcjPnz`?L)@!c0u4|V2b<bgJ
zgYYKP7nf8mWFK~cMO2bOEq&vl&T7JZg7OVtKye1*Cb^u3Ab(7(jHR@ZGL8V2PxIjf
z5VprF^_6{n!8@02h|~5inu;cJI@s|9baa*mfMZloXiK12&_^tkz$mVqEVVQU`o;tS
zo5g%kU&h`9NaN5Bg;q+CiVbv9+?CRkW)flEG5uo}KpNBFK8}`#@Wg!D+fY)Th;oZQ
zQ01gFA(RskiK0L!ojl27WOPKb1We$lYD!~SbEIs+62l)-`Px~Ug+f?rbXX!=s3w-m
zTD3Bi&qJvhLVuToetHA(Ni3z3AuW_k2B!z3K0gQrLa{6c`(aq+vRkfIpg}kB8P}a>
z2+~Bm5+Bho4y_fpe38UMr3JhMRtpSJVmwNq<`7irrY7?(EomX@#+EjfJJ!@<D$j}4
z^iL|RzfT0Z5!EBSQr?D2I?<y4I7S(tDnWel*`RDIj4BHK_E3Ps*{E<OQCJYFzzJ=%
zq9k9&(<Cfk5XW9KQHvRK3h`{_!0t5pzAV3|qdHGO?FBx(P6|-MO9WJbqbne8NqW>W
zB2>1x(M`e>m_k63RCqjL)i-5qkq_}0IoUIG6aeTXYn&p-Qdu*<fb|TEQ`}*)M^_g~
zgodCt+_44`2smpB#hv2i3M(u~lWvFNEIO713r4Ik@WhrybYC2jiZX)ew@FECFi5ha
zBM0*Gagg2c9g-voXu}D1Y`#V<9t%*Hg|PCOfF?=W(AP+`8k$=-DV;fBx0BpC23Qt_
z^$ZPbE7ZVz_&<{~<V+GK-T=@fVFk?E$IJ-Jip?_G3)ys&gS9f7QIU?$p+o{`M#obc
zOJ6T3;ha6%bo#XmW}LDImM@nrjBo@WoxRYwd@78%&@Pv^TGp4PoEoSSWmCDFP33YL
z${7tvMJ2B(9iVXm<C*D(c=AO~k^@grz!MbE!HLyG_c&Rd^p%3_7I#oPIspJf*$qg<
zUL0Mcqg8wflWd7PDD42b!0yS08}Jw<Lu&CyPe##As%DE@FamF+`Il#?7Z22);hEBb
z(*<$1AZ<soCG*Xhk`zPI=nd>Ol!?GPBoVwN)sQ>>_Ar@fg9iF>p)dVgT-A#9FODhX
z!BBQtcx$1iA{<BP)JOay1KxAWGqi1xfl5|`EbWAi6=fmnAI1GUTZ0m5AAmC6X7sl;
zRR;v{Dw$r&9}vk{;lzAcJlcG92$CiSZO&h1ZF)WlrY-VEJn?r7jQtpj6If<_R&5fs
z^=O<Mm#bt0P7J-^*hV_LMFoX80g{?a$c?h>N@sTT8T)sLSmq99Gp&X?q6gKuZIH<H
zn)fLyIf;eQR7u6?G~QB6{=hyDkjK#eWq&LQLfHe|s9-QKEE?H7U{Nz{P(m1*=_b?B
z7B|=cLa#$~EHO23qw^^CfOtGA;`H%A?YcZpLw*kfE(_If5bwqr5ei07*`w_ZLcLVX
zlg%js;BB%wcmtD|Y|h4jW$sx0F*aJ_D>syhGt=;AN%NytZaC?@h;7P%aBZ*>y@M;=
zltN;j4f7NHLC<JU#38F5-L*|N#~qb$RiG%Km<`34g~`SBUo!cRIQq^G1W~QvvPREn
z_(uTbts@ochPwGL#S#j&{wp30mT4Gl3$=qvz<4vmz!x>tFj84cHs>;hE0ZaDWpm_}
zM%ql%A>7E1LmEJ<1OBiOfdMK&qw9m{+MNZl2C!7DMi$1HPs7l(mXrpT7^R|!rWiMx
zwpYc{R2GZ||070EMl`G$rI==+pZ`Os9GE(w%=#zFO>ImZc^uVnOHJDIJZb$c_6g+$
z;B6v(Y0XuMPHCB81D=kWJ!+ldb2)I*O~#)!Yc##D=L2gXkLEd?cn*B6j6b?ogXAQ0
z0ZN9d;SNLvfI4&y=F7>JJcQ~D5>v8S_1Hr~^}ck_lSwvBNbNMZL`MvD^d8lEdIe`#
zMagtV1Jl9Ye<oACp<0L{=@d2Djn^x`r!`XTq2YAkz#ddmI)>6F5E<Es%`3<BC7Ex4
zu?rsPo+SoV=0nXez|z+s2*R!-d>Fk(^h!TJ#fAH9SwN|v9~aSsRp{V_p$nri8c3%|
zYzoXspo{<|V1bM#HsB^_(+k2GgW@UeNu?Nn*<&Fc6mfzkpHn6WK+}=e9aaF)C$J2b
z1sBRZ9#DV_G^>CL#>!Bp%(N@nE!aurir-_lqx_F2RVrnQI92*VFEv5bwrkN5k>9cn
zcgRx$p4kL*Sq>^uCrq8N$%gWiVnGd+YDy8TGBr*q=mAO-o!v<=9c)4c6v=Q4Ey4C0
zLx<qX7FIMz5*FutU7u8mJ5_4^l`td4TO4o%ufk~n{k8|eoauDBBs)ir_7o#Y9sEH>
zlz+6)WI&;ssj+Th2Q^~Ku1*bPawR6)jNc_pbV_gxFuh61liwV~4W~cFjZQA9vQ^@w
z1^U2BrbIGfP069%j96y$t8i#8ML1x2rOzsO#2#w&S!@lBWx=(q-eMe9PajjNS*p)G
z)n`SjI;saL)pQdD7px+w{8!S|q!Lv>R%HsZ^D0va`x*e6RLo|9^oHl;=d|Iu1kY5}
zez8sx;wS<&%2#lSwS^t~Nqd?<@l>YB#-B@Au0eDg3o@2MZ#Y~6S6U-%8}c$eLKSSr
zirz+E$~)8y)-gfGiIJ?ODISz`HE;_@NKy&cP4VOro{Bd4GNen2uM(@$SCPS2mLY&=
z0G2~mQb2oE`7#7M4s<<M%HD!v>A{}S`byTElsMKWm1qSO8%X?7FpN<l;e|?Qp=b}p
zOPe3lkP^vbaMT8^j%GTA%uI98Hkl4lHn4JHc<LCMngzu2036#u<pBGdJUEUAV}nGN
zE|~`;D+1Da0NQ|hk&&)4DP#GCzMW>Fm>N^_iu&0;CXJ_5L7h`_=-9&>4%>y!!WhP`
z@;=GsRpintSV!kk&d^RdDDQE4!znJ|iJ>?$ipzLFnIfQ^2jCSxqnPoK@t}f7R47tb
z@&NRdtgI>?z;ucBQ7ROVN2RLkv+aAjmn8p7ZAyv6(HLBpQk$|YT8b=MthCgoih!p2
zj7L=Z;`m)U)Rn0v$LOZErn@6ND77^uI@N$rbyJPiDSIi7l;uo?4%Dy&#`;X^@Iooo
z9K6S$9C0Ck<|aMWh*p$3i1}<~l4{JlZb>;?Inh^A$yKayl#+~vlk6kVWNKfLk?I3B
z!AsbagRCjo7RzJJc2cy`Nf9MG(wB*Lstf0a3rj~w_0)VO6lr+Lga<bs?M9<HZ=eJc
zW}_r5fqQ+ipBc+OvtSQ>Ey$E^swdlS^I)y>WE3e>In|R{#MFZ<l5Oy$y0Ic^7zK-_
zvP<%3Y8q4BA-XgYp_Hxw8UHak!3sLnffXI3XlxL#9tXSP3}@L34t7VEy|8cWp4FSr
za)v5$hVllZl`;vFpeFj2iylp$#;i{&w4Qc*+93Mz3neF-=Za>z7#Azm*f5g{+d>Is
zrWwb}$xDsZm&IrCcwE5ylmJFevLacszB;Xl?s4)2T)4RQ<8&^0aal5UXXAKzG>)|_
zo9^V$<1sKiQl-gOq|WBdOCc;gM-iUGTfsD*H7i$6B{%qsEI<TGVxtDN;Ve-e&y`1u
zp?j)0?2<AWW`xJ*^Z0xkFKcujZ*(4)kvy&+jF`O&V)k-YACz@;AybOfLOO1MA^F^N
zrB<+}7BatrkyFU4E2IT+okY!Xtngw*;l=v&t8VZF!)9s?7Du!bOL>j3T(k<{WhgKP
zosx&;6f-H9J+PPEILZs)2}%YG1y{UsF3Z@@MsMSU8d@GVY^lt!(N#50y`ddRX+=lV
z{1}5|=Ax3<{fu9#`K6Xq0%4VD^Jhf^KJyfHys^I&;lK1Lr8w0rji|AaJdJfS6hS5`
zX+%~iCilz&q^Ym~9LtVcDBWr5GKtq>BA2G6#w0mSg+*$~B2_3yv4bry7Dki?v{nSP
z<^lSO0DW1-<zO4{#B%mcLYk2Cj=z?KhA~ZG)8DkF>>>3azqs=#39HFiQLwSBV6drB
z-s7niT()Q!dV;Pf*a%V1HVWx&nm$Kt@>>`+mVrItLm5`ZAVn2}WcGxf*{z%6!8;FY
z(JI;y%)F|Yd{p9CRhH2~kx^!l=|+QWD<5J-4I6mHZ5JJ>F{j7ba~kL{DiRPb%1Ren
z2qTK+)=hI$Jm6CvH(E1}xWhaZ>kY*Xs$nlNFb}{j-R`9zX&%j%fox(xOQ#zG^h$d*
zxe_l_n6W@&kU$qTcvS=Rw2)3Kwb@cfTbT)fC-0!Nc*caZct|jn=(Kny`nXUL^3`V_
z!=!mq)lQKh79_;8be=3h5FZ}X;wVGuA@{MYaq?%DGLC6VEK3h7Ov{bbr_IF=UGV98
znuLW$^T=3zEcd8V(KGs4L>!NZ=b{+TdWA_B_Tq6sAZ;5ABw${!k(e{NBNLXD#cUmt
zTnwv#r3KsP;=)5`7_3|vP)bb>zvS{cNE!@jIukNq^et;a4r_rgOAIqfsmpZ0dm<K)
zuipXthcpk(iL$|_Z2Tw{y-&?U5g-GxjhJytD@4ngQIdfxnVc|vNGoN<mFQE6Kn89Z
zrF6}Vw;Y@i<t&oED`!N|nM5&TIPD$}Jn$tq3#XDmQ}PH_b``SIwQO1~@8nvp0I*(_
zEWTQ%9vFM5da$;$kt(f57K5YLvH9>BsUdCjg0eXG>UavYhe`rBNxxWBI^h>?pqN51
z_NQxsm2`5Ej3I{Bm6}WoOmE7Q>v2Y>tK(-*Xly!5lTKKg){qej>ci56zGtG70e%P8
zrPbo+P#EpCET0z3A!NdnZX{RfbR$kMqgK|IbYot%sUixoC?6e|Zm!5^&J$U3(Pt@G
zzsIqj00SV6oHyy#`fTG8l7QEmpo_kerGJbfJAHO^0wUAtOL-bYeauilGrE~+PG{zW
zrFY>Krbp9cw6~eUrbjdK+!W-wDd=L8U696dV}eJU0kPy0qI6#wf0K37nTDn(vs&2@
zn;xJ@79dL&grAaO34)j($w~`VB*T1*iY*RzgFU3ZDB<-<XbP4#Qjr$ZE=o$YA|P5Z
z`%g!D30j6y*u1;JGs_dB$b&T)(-R4P-G)+>8qX3are^7}JOS)4Ur?t*HDyhY<57%_
ztkdKSWs4BBAsy3HMhPE5(z(f@&5CD(T)I1}ELl-vvP@#IwxYB%4sf%Qp3B80Pc|Sj
zJD6U|1IsXfp&F2<n_h(<<9WtdTg8+!{TVByTt+G_n1`3K@Cr%?etv~LVAg?Ra5y=8
z;>)ab7-Pa;4$?t{8}#%?&>Q;N8}>f6u>LlWWqiiFfs&FIPlqrV(JB^G&B?9d7tCj9
z|JBk8)X@p}0T}*z3qJ%ydGuLdlMaDtgQ#O6b^6q(smqGXAl$-Z7NwhB$2q`m@k>O!
zjdhd}ctB|xDy-5B%tKgzr|YJ$$zn<ci`D0`LVZdIT@e(rU;}-+LV%*w2O05{P;qKd
zGmKbGxX?OGWr0E-C}e@qbC%LTjTy}h18hyASs4a&9l#SBu!NSpWNUu0;}-{gS+-D~
zG?XQEl80grgc)WA9jfr-N^()fYMPIq^w&LLyIHK8JdX#@<H17Rxx{6->1G7zW<)cF
zxiLS0`Oz$uhpY_}#=Hy(>SD1H=JWF9hCqTkS*8Gag+aW+AQl=VD+*h`Q1lF6-3(rc
zFN>AwKWdQm07iPoy+{@fm8ZF&XI!E(qV-vL48O#pyBKdn*&2%`rRU{0V`<{_0Y?Vo
zQzZ}=7u}2)#v&Gv2Sy_O9T>2aAB%}F%2do2XgRRQ8IerJ*d2JDEw|Gdk*I<(B9b>W
zn`KOvQO?XtMm!5kXKJ77!LwFC2B|*MYO;6>ve{)NKaVscpQ;9n&gU~I48!t2HhM#U
zGWIGG?bWCA&Wr*O%Q6+Pl^%VTl~MpZAsfwEF;xFD3Kh{<E6JLgk}hu?S}QB9m{VB7
zv^Jwek*ic+jSF@eZ#^?C8D%_K8BNC6mQk)N)dJg!8K>BMUaG}&6f<henN3mG&8X1L
zsN&Vf@duWJX=_FmOUkSkei{s-p__rtT6Vz*CA*<;G8%z7g6t-PZK%=^B2VlgPvgK)
z5ZKGY{Et&2pWkHgN36oA2&Nk`?$DvXLVm}86(F5!Kdc)~C*|vs4BoFbeCUS6;t!)O
z6J6Y}B?u~&*U6_p8J}fBQ_b30hbPFRv?+V~#aa4`vXl{!sgHtaA4>Upj@7P5(@IrX
zTB!<6%XlfJ^BN?lyp*c5H0m;C!sL>_8P1^VM8@o2EP<A+K`PwpN(l?)^D3zxFQhe-
z3MuR-qqH?=fh=Qd%42D3ND#fjc01p+ky16K;5a(TDQ0QtJ^NNf8mpVkCNQ9u0;e#|
zp)(oQN&~sfNeyVN>T<kLGMk`D9oQs^7a(Qxp!%%Fimb*=1*J}m5q$p3s$w+^QY0J1
z+hxc3Xs6&KNM>EgSmDGIxyhO<Ln_g#*{q`hDgS(y@=`H7;EE}Q6~@VjXb)@fXU@cO
zRtMh}lkx{&HXdOx!n8ulW-3y}6iXVwTgJZ@K{%t6H7iI_Q4miPz=9RiE@>za_GL`T
z<HW{L&eJk#SYpg$WW-8%Vs1aBISu#`$zyU@0V%$^FmEZbx>C+1m})AZslRyZ*aT6k
zn21SZSl-lMj0C>%N;{wTe5|7KSk5}dBupB|OXrI^sbVT6P38$<zGP&l^N|iMs%K1=
zA~uUB&sGFvbM26Zf(?wOP}UuojWIQYsi(S*0fSyJ!qH0>za+Dix%y19DesvEf}8cd
zmZzvEkJFzotIkfg9+d9ovncRDrUsN56fum6KGhrgh(FW_yTw)l(u2IH0)8pvmIuH#
z+FqtpOdq(Guu!Q!=LNcmHL-y8bg_aqZt|riylW)9ThXD>R5YZXteK@eYcwl>2bJlo
zfgSY66gfZG`ygq#qS$iqkeam;X2qm&D2-JNX_56+1#dznFT0LaR3*z*%bp&|`r#S3
zZqIZxYVbpij0iUU&8VUG89b}Zf=l^RwQQCktpg1;oRm6#VK!S@BO3?fbTj$#0W8nN
zLj93k6dtM5X$Jf7g-$6LusqX&(Z%h!6n31NVHj{+G6}z^aGEn67|ke=mTOGu%rs`{
z)b-UE<1(?)1qR_lbHfbN3%9$OdNMXVVu7t0hcZgogFYmju4d7x)Y`M|LPw$dQ4#wQ
zJKapaeudSQ4Lq3!Oz<-m1~Su_Q;CVO5YwItX67?ZWrH)87^!@pmKI4L*h?)wkWqQh
zG>4SSZs=FjGz5!k9)pcBS&}T-O{TH@rl|%`i-yWm*RXB08iZ&N3?DU=BaB<7thtu@
zfT5#&Q?v>r8#=R&GgcPB$4L6XG6`9xL2?#bau(wP{92|pi{#dxb_|!pOgj6f3yw@<
zz9RxQWg4-h-1KL<AOYZoU@%Ce7ukF+(@oY*Ofxgxc^7){3peSRcB~*@&h898r@-Wg
zFZ(hBcmWVADhe4Tj4467nV7EN{2zK#AIN|FFf)J^7z&c8_GMzrhYFD|HjeO%UF?{V
z_W0tB9v81ne>4nx^7KFbl8AlUh!eZ{r=zk!EC%U6e1ffkJ$(M2iGF{j56mDo8#&$h
zB#~md+1c-k#V+M{I-B>Vhtk9BGb?CMvV*rNKk3(XY|Dmy+QqgSaag5ptb=YWp+c95
zZ%Ek%LGl|Kf%6}d*(HvE3{CdxI7^FeaN$=;DZT<1E^Ap@?D!-afNe`Q*TOqb{IWdT
zFQh0#c7yNu)!FQi9t4J*6i!ON+++{XaosF)+_Qoq#3%*<>`f(Y;L3xH7X0=pD8nad
zI8vE5PB$TxZ@Fbv(l;(B6`w#c9)SY-BMeXw`o}US5~ie!nks@>%0y%Q46-7K$uX2T
z(Ww>1WhLT^&xR0uOr)4er{OWWF!$`60ff@8FQtWaumC6-zb8P6ORUmnpAjVDd%uQ-
zu>DyC0+U}~FF}UnG8hWRtR$?`Wp<B$J_QU1#bvAv1%Z@ftPc7iq8us;oD&XnRZ`c-
zNJy7Z2C~;yF)7MML>oW}{1z+opR3@$H3HRDjR=GTKG>{+dwuE&5u-$7@KdAIr}0pD
z8f8sy7sWBZ8TIjV4)6`AXGfo7vT%!S1>7#mrMJ8wLIW@xrNOEwUX$HvFyE2+0}zVZ
z1^W7U#LueHTSgu>b7`(B=0Br8et8VOR7idNW*Chvr9M^%G$fz;i?x`~=v~YjfZybz
zX=>Dsz-5fN>5bTpHcMAUNmW)=r{qx|AKfD{eyIV$y7;9A8o}C&GpuPu4)e>IU&8#o
zJZTBPl=I6Y7FEq3I28dj2#6Z^IQ9_!3RV_QHl+8=$4}kkKF$CfVT{D7Z8SCGUR(i7
zSI1HmGhae|oL5EjFpBUK^&p!SvMiJauVns;T6&KI7H9}#4-Pk=_xjAYWWE#g-I;I1
zd}Hb_vY<YW>ZIxO*}Xe{28VSnKK4OqawYZg=@a~fYU(ErLJCHOG=M%Y)1y9ScQme)
zb_4r#0FMANGvAu|1<a>e0Ih;g0p!$=Wj<{!MQc$%m-*l|087=ZCY<9)>tJn3HfKF-
zpw2FC{8G%4;m4<GGR6>mY=iq$N`Y=_Yvvm<e-QJ{na`MjH}^<`_wO|CXBO_s{DaJQ
zVZIynvByhGV~oPjkmEj0pM_AmvDL!-3g)L%KZUkdH?^GlX^axQuA%p={IochhP6LU
z!oqV{h%fc=JL5EOGWD_9PJKfCv|4tr#e5a!M>C(NWM!rYv5-jSGs@Fh`PiGK<+wAy
z3O=?hna}9SV5MO{4{0)3u8aV7&&tRC5)F4@KBF)rhTXGTGFZv@iCvneocdBmVFoXa
z)`g7*>ZcpASk|J9UsPP!%9aJjGT({$ybxBblvO9qW8th)X%4&Br#{v?w7NLvhcdr_
zg)@Ss(JX{DP+G_CpHUwZTk7+WNAw<3NE!l7XY(}{WXgOY^X;hV(uVSCs0)ZXq5nDv
zh=8~$wVW8{6*@*7Vjt-v3Y7$kL)-$w#B;(0NT<Zo=?I8sgkM;%@Ie0%Q5Yer0vg;(
zKy+=zp;2Lh{s9u<>Fq*cU(-JQ3F$5%2ByAd=KXwpOnX_H`B?Na@6)G$FYmshe!cp7
znVI#o?B{Lf=VMBUmVl_4n$Z7!2yqmUwkBij-G+yG1&ij0!)6*!5QT+<n!&TpP5OaO
zZ9PSlU0`@<kXO_gq|~K(go+p;(pm_J>G*Jwa5m2`lz7by4DlCw3GGB-&fYUbJ`zV?
zQHUhaFHjUF3=9dEh`f9Wu@VrAF=B}@L?rSR`3eL5gd;>~t(Qb3j0i`-oIpu{&?`jf
z=n5`)Ng~2T!@YbY;;<+}dJ0H4TA?Dt|47?eK-$x^hBjd$`&kiQL59L$kt9Hj8s(Jq
z5Rk4ki7Z@3{(lfph`xZd;x$Vgyut%)#lE8Ya!drIJB{=aqvWs%O6>n?g`t3SW|WB;
zkER5M_=+N@8VbXsLL^?1^~D+pNJo}#n3uneL=qP09U&2o5=Dg@3PZ!hp`tJeSkg&A
z^jRWXaYTruKBm5yfdbOc)+;DT!8KPf-l)4!9D<&575RX{<GezA#lb9#SBOu8mdQyN
zA(A+vZ8WmCt4KmisIOoWWM-TwJk-uh;wAJ6@(K?Z28Ihm#KItPh(CHhOf)MZFbp}o
z!iAI$zlabYD*awTfs!bi)N8g^V33!0kciSG2|x%dg%C3VF>w)v^$HaShDgBP;LtEp
zI2Ba|1HfmL=q*Ae!Q$B>h!<@xWr)44ZA92?k;(8daqzG}f5#Ash!P_a*LRZ;f*Is1
z6a|TbA*SJk$Yn;J*D=H|FoY6W&u_UP7`mXH&>r7<mJ`xiK$^48aP<mm&=>WBE7uez
zw}xIp{^Br5doarIqS`2-N^c|}U1%Zlv@)?Y^a=0^n*uRWh_AJP45SGgik(~qLxiHp
z(4at{K#9=MKTI4E3LR&9Xejgw^N*nICB$4ndN-_zQB|MszsZv;jhsB1NgRP{d_~?7
z{{Lu+P(a$z@@3*BXJUN|<OvM_$*=kZ3hAEU6%-+=XLWrFIXQ-oV4fEhtN*D84Vx<o
z@RCrQC4vMt;8%FxnRbExqHsyWP8lj7R{zK=Gj$E}8AgPQTm!uNG+;qJnevv75k*Q|
z{6o2Qgc2$`bA*5lqZLR3{{MIA|EfqXJ%+YnBE}B4z~KL6+`l`&UUF>0L;Bc<_=tU(
zN<v)fsgySZ_P{;_QUs2R!x}cDBL)}R4A=@uppQ^)G=$vL5z<RQjA*=EdgQhK*N{Po
zyfi~Mv0Wgy8DUWkG=Pqbv@}D|V-plKKHLlaX2{0dHZ;6}*=k6nd>FBhl!!v8IdKm3
z4Hr7fT14%TTvY$BHhTH6u^YqOKiI@=6|K`b%->`fY_U(2tyj1tNMtfz5(q;VC<-@m
zbT%0t7z8<Wm7sHi>kFs!+j@n1dCO7`7l(nQ1`Wjof;EUHl=HMfw7Y<~(z+X3f;j<!
zJ^?cEHiVrLg$)aoIEh01B>{?@#?&18N5J;LI@0W6VHmW9BHH;F$^S`UeZ73VGzxDZ
zzH}}^DRA=+r$Ye-LJ=Dd<czErA!7kCq$w4nyN%omD!5*sxQl>v_($UZNFx^#TMUTd
z{}JC+K!mgmL)maE4)pzx!PZnjdeT(?M=%XtBiJyFfwz7((?G_8#bFTlP>~PJtB*W8
zA#%zM!y`gN#bFYW?{sE|F?cI<UeT+L;bONijDeU(HHfA*$38L;(<VA5i~TTM8wLdW
zVoD`+9W&h3Q0VRDGt*a$$%c<tNC;+BbQp{X!axgqY{KV_tl{>yb`A~7l{3sR(097X
z2mRm{6$%rfAWK0y;zJ|6F^Zt=|4Jh_1nw5511RHZ<LL}eQHX-;j=nZF_L6W^<03{;
zQI2*Es!~`hSt?s`aB!f6j!yro@81cj^oYWo#HbYd+n~g50@8^!T2`Vn3~CrsQz9EA
zvlb9D*C?<y*aY$_jtKLCe!7XpLE$D)PRv_^Sc`q-k;5VagP=lc=4=*?DK#cNqech%
zgo(q&eiD-jf#H~8x=JE^1H~rxzJaicC`crcK#RidMB$8DMSv?pgG4X|BH2V%9H!n!
zQL>!1hLfEmB%u)!ZY&zmuIRtXjv@aQuOT2R7!6@xnhA*37!gDo!wOa!A%yf7kiHGY
zoDKPMy@wPB1<@J2p|ekTDAi+EnDGc|QRNdsL${!C+n_*nkV}|YBK8quTCM1FxjDAM
zJl{n=p~1AOt$?(kmD-5H?L+(nLmG&Qyj;231%@!YYGNPmS6{Atj8{y88%P``27wLc
zqO^TBv!UWby0W2dVJ)O$N*6J*aR?LC5DZaaG~Q1f22Lp^8qU;G{?|l9PN|`-*pID8
z{wvV{0WoJS^~1zb<ZcV)^feYjL&u;NP&!wHaR`%bp*%{#yMN}K^#41jJW7$XjezKl
zW3yi?Ot0s7MTHCfyn@0-_0w5HSJWNk5{8*TxD)J2gDz_)AT8yY>u2l{Sceg!Cm=c#
z|2@5yuXPNW2Kw5HF>=VY_20%GHb^eajv-K2#kyBvr5n(Qk&X2wRwUvO--dQjQKgOV
zj0mW#FP+jrE6{uY)dvd8qZnBJD^+g+=|OwS5Nw$Z%LNnnKhw*X2AKDUg^TJlHQ=RU
zUFVFIdLWjr;xHGv`K%`a3;Kg_S1!IUqO1E9xS;=IiR5Ny95hK3W-JU2hmHmXdK(KT
z$kysIb73sBjR>M^<iR1L2uYY%kg-rvr<-`DC}gmA|NdSUJ{JA@3@|ennOY9$@_#GC
z!Vw&m*9o)5cOyU<{<+xL(LYM_|3|m!|Ev6_>@V@UIEh|qm-xY{yzfX<u5~2iT<u)N
z#shSYoXND0-T1gJvsuY<Do?gn9-(0~JgD^x5B2g9dH8hk@P#-^yn@)a65CMe1#`<*
zgC3X@c|`Uz_ZWvouvfUqqki|vB-GcN1cZh;4-4@U1&IShu2{m`MTPlDyd%W@iwUuS
z+m9NP;qF9!FKKiC&|9NdzoSOxRIWR>p#PGdvt1LtoqXf$R{h-6YR#lC%MUm=_p%R8
z&{#CT?};SqH_ML9Yh0Vrsk6t-F^k=9iPElk?$-~WP^`Bt{zH{+#Kn#Si=JH@Hn_rc
z^Pt1s#3!}y4i8kDX!x=H+QM{O<+^6)zb3yQ^0LvHo4rf@I^0&Te*GY3+`DhFJHqlU
zM$hOWZF_yz<Q9&SQ5(vqskF|mIsM2cL}%=!GJ}*oE*n3G4p<#+wX{pY!MVSb`c3IN
zKC@4+sXwxwu1wvn`mlRb|Da<RZjcvOAFt0d_Gu{?>i%TK_9m9*?RJ{|-Fw_YYx>cB
zmrc%ox;Ntamh3s2TZI9C7M|Mm65aD2?u%S=R0M46ju4E+xW`L90j@*^yrN<3hKAF0
z2vk7=nubQwG<c?IXdE0(&!XVbJS;8EM$^)KNX+xlI`EIClhw-}X&E$vJ7hv0mWGx~
z%b*_qI2|;M(@e9->O(y=4K1J1O%t<xv`lu(X=L|;&)Zza+K5~iw8}lx)^M8CYUj*L
z1J~Jq==j5ZXZ};=v{9x%#tUZ$f8A9!J0(uZsq2^Lw|_bJxODrhg<VWH@6Abv_Dyzt
zaIBqw*Vo!v_J4{WPwgF{bjGPxchT_7%?UTYpPQL9{iSkhc1DZfxo=L6n{+p$Xi2XM
zNv9j`j{>_pUMRIoJiTH@L}FCrXZIm9S09~q-|(^X;i9-*t!jn&eiyD-9i0DgWNV+c
zeHK3-Yv!5hy3pR+cg~}IGk3=xUzDT&N4;nIcZUG?Q2XC)k{$#tPoGzJWL)@-E;~ml
zJqhcWH1X;9ojv^C7^&?)bXvLh*?DW0^;h3=!)W<O)012FcTt{kOsVB!kGEI#d#;Q+
zn7U2vW9_HFCmYAy{d`%ZT6D9Kxp&8FTmP&qF>zgI{%L&9rj?KTs(yVFk-Ma3Kx5DM
zJFI7IXf!RP>DUvUR(>CHztLdn5Y^rHUz`{|+AZNwO375!S&b^hDlRSldS?AJXmjFK
z<}GX6vK4pM&+)Gwc4F^}RdH%<rdYl#eRnS^T64t4VLGp(V>?`^qx}=JY>7tCw+?-q
zh30pd95yCM`|r=+OD!kp?7rDyaIXP|{dDg5YI<z#6fni@+S-05RtB2>`?My$)Jc0M
zy?$_Q%KCQ2XPslJgqytPj0&8r+qR{C+A+;1IX#{icYb6$s9me}x*AOyYp*)L>*L|P
zqrEz8FV*|dX6eKTHK#qR?;n4+(DV0ZLAMRx!oC!G_zgU3_j7^y6x;5zS9Lj8b?NP|
zfWyx|_!RW1x_H}XY13huovoXnYbJ~xX)u53@xgW1zxQpnyZgrA^Xq$$YQNv~Q`NF@
zHBC-EEuV9sWl+!1qpP>4JN#(&%D3}~U-2b*wL{zH%r~x_V3z#8v*Vca%Pp^+x^r>U
zpZJQ#{j$C+y1I4l1EVcR61&~qbuxFT)w*ZKk*Q5wrkAaqv0%8jTSD{GUn>i$lLvg8
zW^!iFm&H?KiZ+y|MF-yOwO!m*_rTTs)dNdg&)?QG+b5)Y;PH9)x<zVSp49qt$eJU9
z8s{~6OEN-4FaEw*u%qy*dZ!lEFW$dgd*_(A-<6RYG%8;2jlR`AcmJL~L%a0pu_fK~
z+$O(bi!p`$C5ta^{gqt4_tCb>7G^40BR|yK{bqC7MSEe&*WRs0-%6PMe(z}89i!dK
zq$&@eT|4x2{fxMFPR1PzPKm}Y96s%}%DQ-qse<K_@E?tBOn&;epM2on^>L|9Cz!pu
zHKKX&ZLjz>8@1;4uhUDM)O^s2H`@*0UGchLaYX<5+s7mJ4VruX;iT-3;X}vkU5RRa
zzW>SaZ<k-Y{@yWV`e3o%L%Vy+BKLe+bTOc0$Wa4xW6RCf(@(cQ6V~!cSFOT9j;oBC
zWZ3-86U-W*b>M;e!Drc(6HX=jUW)aa*Y|Mf%^(knL&3yh<x1C2nweeuQ8m(gdFQ-#
zi_ZLVAD?&o%kB<NEgmLPd1OX|-ryg#JAeN2e>l{Q{F2?vFEow(AI(R@`zOBi|Io6}
zvFpua_NqAUn|nETP~XCb?dQ}9bt_CeZCE=s=KZ?XDP_xEw$I%W_t<FMkI$`c-r3)7
zwL@X*$Pevq3vGtk+Sv~u;ovxOl+)-j&Msrexw?&?FwuR|WG`<YUy+}GK;Vp-LBS#7
z&{<*Ol8D)JBBSP-_UUV8Zqcv5<$#{ODGhR(=)IhNdjG%v{gy?_)64lFA2u8hI+T0n
zt@~wGxoyJ;zl*(fVkh{mI5Y4-;N9xq!dGrHzDTO_dtT{%UUR@NqZxx^EgF58Hho-n
z$5kI+N9gVAK5yQQCpyoPE!OWlb-}8?r}sUL(}zFXE}MI=&*~1+FPg_R_m9(<anrQl
z7R!^?o7XS;bo*!Y(*cXu_WrxvJki#!<iV>;Zu8RnZav*)@H?lB#>0M`8KZ8p(a-3P
z!T#A(HaP~by4E$U?yK*zfUK4kxgKRxMTb*^LLFRwzdd?)T8rTmw<WBLO|INY;tOwR
zetYJwT5!O=QMqx4q>Dp!luqqAp)6>=a;8;EGaG0Bs@ItxuU@G=_##}IFX{Ypm&MX2
z-}_hVM?4G}@uBUk_TA5}5Fhc@-qE_K-LDBlMxDDJC0ui__)p~J$)7vk&ohftJKtxY
zZqrGIF*VaY$1dF7=FrF{y`InAkai*aea@qSqj&fCvbXfj@j**mS9`VUsj}eMoLk)<
z2kQBZ@1!+<_0Nmy)7w1m*(F*OyC=Rjqghek(-Vi+H4HTUcffz7QcFO`rNFJ0b>Imy
zfxIRk$tLoF<dYs`FG(ZUNH%Fl%*bz2PD~-?he;KgPacxKWEA;EE)jdOmh>UVNhdOy
z*pLn6F}XuVlF?*6xl3|L05K+Kh#{FyVn{zSguEj^Nd{?4{*WsqkC>C~q&cZ2TggyT
zNwi2LF(7+L7c!2VBL1Wm`GUD(GI>d=i5e*&p2UH?ARUM+`9xAlE(s&?crn?6gpg$r
z;#l&7d?pLYN-~VJAz#Toa+&Cn1mc3TxQ>xQq!AfIYRCa%L7I_`B#tDKo+O>DCP&CD
zA|W@(Gjftxkq1Odv`Hb+ByY(a@{9B*Gl?>ZA}feDIY(}jVsf2ClNn?c=}b10DMXb_
z#hf;R+$3J)DQQiT$apfA>>?dWV=|2_CC|xeGLiU@i)1hf!ph?;DI=knZ>Eq*qzM^8
zgrt->6L<0mw&V$ENi0bT5tD&Lhlt2<QbZPzUSu9wOuiFqa)`7i;iQhdA>GJ%vYcd+
zuEdS(BSvHg$s+5>7UD~S$y`!FnvzAtj=U$1<QCaYOvrsQn|P4kWE;^Z7l;N4Bx}eL
za+P!^1ISVGia3$K#Fp$N>MD%|%Bn;|Nn2B^Nh38Kf>Uc$ny6}Ns445<XlZS2EuyKR
z)TFVRs=AJHBY}#VDrwTVkw8gVQ%grhTLUM8Xz6IEYBt7Xu1O<xZDn=*7N|-S?Z#RH
zH62Z&p^5`x8fyr&l+{$4kVZP{+C-(Xwz{&KKvPMhkq+wFa?Zymwk|q)^}9K9628ux
z*W~ZVk0)-;oVo9TSnQT^_N<Gisj0G(K(PIazyJIRJ$tr!`R9-Kq1(4#jNZ9(P0j4t
z_DL5nuIspXvGs}z7nc8+KflHMA3xsgpET)0;)oHAf7aI4*zDTnf1sk`_w-GhUfb{4
zbFxcz_BYquT<Np0uqkVci%&-!Iimmg_wU_<)6!-*b?Y`cs9!&u1w)4_efjpyc}ZEB
zM}WEc=doM1m|uJTT>blp4{1+k%?jUHS?TKCr_azHEm~-)tEi02IDcL=yi1p9>&~1p
zGHu;@V}GesM^jbxQ13NsG_=*!`Wfizu5A|+Gx*_?C*3Z;c@sFs(D3rY{rfk(j)-Wd
ztD&*J{gNdTcVlA{^R{h!^=sE|e^p4xyMvP_|D2MO^EG$exY4r*4)i*5>(-U|2M){|
z*S-6Y`%j<Fn%28_X7kwCFI!z*1CCz1Ms2$Bskd)Et%bslPk;R?joP>G?cpg?iYjKz
z7@lzH(jEVzqETT320Ta~IkF<l$*Fp;yZgwcSFg@IUS8hg?ECl6op<bL`S$0}v&(F4
zZ?73Wdc2>RS$eajORui9w{QCD`}amFN=l3VEL>Qd<Kki$IcU(at{XNy9hH~&Y17!T
zf2MBUTpVL<y;3zPY1h!y)WS~d);WY)TB>~b^5vmVVd1GchYv^WxqH`VSf@^=!lq5z
zKL7hy`}e0$!6&a@cUpA$vR-Q~EsJi=oA*9bQ}eiJ`t(f}nVDsAc6I|yTD6*(R#NhD
z{I+e2e=S%rV(#F<`K7+TFON-~+Ouz)HW@F%!*hx~J+s;@T6Ar_v-85uRaJg=ojWgZ
z>(OK9z~tm5jpO1j#t$Ff{rtOkH)a+T3^LNwi`w?!!IQ#i)7rOe+<5k`d-n$3d-Q06
zZ{NOSBvw`(^fWc^r8+ulYBg#U<X~X%tiZ!#>W0&&Lr&bd@!mE+e`|@iciw=Ml-xcU
z8U1fOd$#IhR8-%aFJIcODlMH9(!c+ayTQTnf`kO$eK&7j&mJ@8k>mF52P=bue&kP>
zp!VtW=dM>@zut3EBue}|ckZhZyLY#4s;+)heC$|UZDgc)WY?}?9wsIRmiqc1CT`t&
zKK$Upv6<)2b-7es9li1X{p@Oqq|=a&9q&s=jjHlGabj7MRjZcjtX!G=C^U3f^pGJX
zvko2FQRe4Yne5=8+DKVh@a^kYU43os&8NM*rq8gj_`ZAM#PYzSM^joYTjsv{)G0%&
z_U(@vu3v9?=kep_Z|dp}^vudK>)fo_@#}$sq1*4=S)rDgxXmm*{cx|fYda6>&>^+O
z^5wz{uU<JWzjEd8j`8CoU5t$8Zh81HNjW~gZqmk$F&ZmYv})U=$z9ROlYMT#cyTUv
z*sy}~fPgcLZEW^-U%h(H<X*j+b<okdG;i<TUwLkBw}Ou!w=!<oa&5;c!$zlF*rxn)
zhmux^jm?-Nb+fYjJ?OCFpxwaH_e$1$UeWVX>e@!hf!7jxUfWXAyI=lki%Dbi?&L0P
zQgKr0Wrr(cvn79bDLX1Z9G*GgK}M4+YtI|nq+LteXKeAe`-HA*_HGM$xVr1%sh`i>
z-0n1>=yjJv5pB=wHd}30rsLN*xAksIOJZqbLu^{MBrRvpCbRF{A$QW!NSdc7@%;Fa
zd<+XCVW&@%(>r&Poom*RH4zacqERE#XyQaNF(-%Qq@<9PZ{NtbLx;$r3m3?RO`FK3
z_;?b3{W`gxoJ^9xekEVk)QH-)ZDgCFAu&u$B#Ha?ll_j4#PPuc^1#-X*m`&nkK4D&
z?epi!`5{BdkS|}zm!u?;<nK@XJ9Z=;Tel{yLqbT%o;_qw@7|>MlPBcK(xqf+lP08z
zt1EG>ttGYD*(6&eBBIx?$?MIV$>!a=$?o;*$@-caQWFzHVtVx=y=KlNGxPFDUeBJS
zXTN@=-`1^U>)Es9?6PHK+33+^w3!((`~92z_VXit?(W20DkV}YD`JIn1vD};NJi79
zq-kU%iL9(7mBWUSVP$2c?EQQ4zFRla?fG-^+{=r2wQWn<4joE{4jf1ZE?!I)A3jVD
z-@8ZdRaB6QtSpjMT}`T2ts<+Gl!(%sH{^|`CebuDCdTdCllFV}lD%Rv5ho;&gt#~o
zhja6_+q5BVmM<sE$BZFk8aF15w{IugwX}#<R1}G7){Hb;xR5OD+?jNK`I5YxG>J@l
z{FpqxdzaiDJeUkFEhVM8x<nW2e-(*@NZj0ro2e-=U9f;GICzj8G%~^~-SK36KmZAF
zaUm{6MWm>_oRpW8kdi)qNS{lW$fX`VNRM5+$SxfnqI2;gxfmKsLNSB>+qW<28yH9e
z)qxcB_Qq5J{|pR>0W9&gpFhdZW5>v`w{OW?dwXKPXc1Wy9!|o8gGq2~EQ#H)foyp9
zj=UQ=l8iiahMX}mAtt9zkyF^&5WILnUUcnBx;i)zht;de>Z3==(E|s_fqC=Dyzk%1
z_bXS(m6IpQ$%hZg!&$S)tnS@O_sf^b<)9!E)Vw)q?(0i@*RCaNeSC<|x^-k-aWN?#
zHHwTna)cb&vW09}v4X6aKAlY8w~y>=)rz$G{F!_%EF^_DZjc+phm+w~uac|%`;-3D
zrjcnQMvxKd=_LKf5Ax&JFY;^36fz|<lVtw+L;g&jOeW{&ll(!0$RH;t;-suhlr1cX
z#ivi?Q<pBJOF;oCm^zhAoiT&VNKGZFH*b=gojQ?Dc6P*W>{v4P+&OY?{(LfjzyLB}
z$r7@ps)|(Y*g<wgN0aC|bI6<t6UYSowvB4LcBEZyF3D}tg0wI<C*~bGkPiC#M8B?%
z)QuZQ#tDT)sHaEtUcDl(PMjbo?%yZ(pFJbbHf|&vA3Y+ER<0x~KYSn`Zrvic=FTN^
zj~^$;pFSl|t*wc*vomoH##kg@)BJn=L;KWq+=OxTif#{um>Q!i4uGY_sNxw+z(lCq
zYpB|8G`S1ZYbLte9&Fx%u78W-ogvok(fm}X*fOZ^9yBi+D%}xkJ_Jp!0-L8ntQ$iW
zw}KS|z^0pE+f<mLJ7Do-uxc#2HV7)S3g%}GMC&KiWG}>70yXXl)vtv}#X=k&LR>F_
zMdmPLvmt81P?hZv$7>LO6|hJTs%!<5^8jko4C31tCL<f>!xd)kBf9hty8bG}@eJ5B
z7ouzcRjq~@^n{oPqHA`*+~t6+8zJuAP$f5XMF+6>5k$@xrlBe26HL!$n8*mQeI-Qs
z1x$wqy5v4ocsaUx2}JcW%wjUsAsnXhD@1f1#Q7w;avaP`B~-Q)qHzu?vk0a@43TaQ
zQT9RizJdwe2G!XBaV><{cZWKBhdJyGRXzx_6bZB32xj0V)M6IQO$AK$PMDE6n3DvU
z@i3^;QHV_)#5N!1uOC#q2gG*}#Nz|R!5S)X1LAQUCfOF^)&gq33!*p&<}(JSY%xq}
z4NSNpOx<&s-=z?D3z#A;3?DWygYPkHq`_RZftYuK>C%SD8UvFof>@q_IuyX9C&A>s
zfeK%N88U?$PKWtD3zOLvX6rG`%SEW%2$-(HFa-jL>@BFl1eoU0F!fDfmi=II%V5fT
z!K~>*^o3C4eJ~TNp@L2rrcT4OEr8mnLfwzRg!O@nx5ChJ8|K^{=GhDC)DG&S4|Ar2
zA+IHdmew$zouQU?7?$>97(0X^Ed^#x9YaMP)czMtqYKPpIn;GN%*P6tfJ~TzDHswm
zU<&_YsJjl6Spt*gfT8dk%>6x>17(=uyBG?F!i1z_i1UESSAxkKiDAYJLz_QL#V45W
zg&5ABz+|n(FwzaCr$2^{ff#zEFk7Qwl8ay-O<?Y$Fs#O77!1J>nusCt3x<}%7_NT9
z>`%hbk_A&U114-ZOz$z6(5@JwhG96~1oQO+L$Df5{dkz&cNlUsG5k8h><3`@w}g4g
z#ZX`b6FUz>_yw5aQ!o)vVH!VUNIs8Ybp6^-cR%zl+wgf&>PPXpn+qL==2iXjZ?w7E
z=gP0^Pe-jaK7IUW+Nf_s@A@4J{c~Nkv3Et9c4pKQ<&CqZJ=;5{=5kTyv!w&VIvl*(
z%H`WMr5&0_9u-(y)@pRAh+4YBqP*>|#Irm1KWUtLP8yanxxbIi9>1T4vo2QclytKB
z8#Z$5l|cu#_?fDkIgYITvc~B4WzEclX{Ss3JgSx^jhMQ8cIV<hpYA7nsW$yIuO>xL
z=lJfuyS}8x-PBoH=d!kX^bz+Z4iS!C`mQNooh>%MJ9mB2v*Su?S#RIYS2g&#Lg|%s
zY4Zrv{I_9-tzs;CwQq7}X5#6j@HgFTReX}(ySWz)yg#|`IFI#RhI{nA>bfJ@zkHqf
z*wNQd8Ejp@_1)F6Lgxi0%QSU5H}`dTq>?^hz?CDvmWAdTm)t3Psl2kw^~nMEKJ?zX
zKi0QVP1MQvp;OoWack|6egA0lDZ4aUyp5=+Z80|Mymq6@ZyMJfv1*;-AAj@NyHDd>
zqFZ14yLim=)MisJYzoRh>a_9QvZ?d^UH26&HSggV-!Za%oBQA2#BMw0r~XwEU%qLe
zZ_?P#(dv&Uyc!pmu)AqV!li(1Z4+xwcAKMOxx;?o<%5=UwzhfDq((om<t{ao;W24_
zD$ZH9+1faG`IfWRl}TGV{y5sQwez+?t@f>K-BBs~LRRm)J6l$dY`!x_b;$9_zTrny
z2TuR`F=BktCPCNjs}_tQlHToH?^MrHcE7D}I%c+aMrFvt!9+aiZ?{SNj@~+(H@LfK
zgHv7dt<kktLgMzA{he;Oc!WTG@lbU$y=RBMw_RiXr^)Y`1MV4{Z|-V4ZolAw_kx!z
zCwq<e+pu1IM#K0<YOl%mOP5MUIBtJ%{^POro6Sxgyz1laRv1!dy?4ppZU=ssx}^_{
zzx{Xl`Was)oa^~{b(8edy?TXc%+z@JE$igCN~;c!wzg?}u;SjO?CrxQoqc7$Cu{YV
zWqt0bRcCnj3;(w9N4wSzGuvy<ZSiDcO~;#Ug<ogb`45k%-Fx-on-(u3)w%~bcl=b)
z;acY_w}#B>Jn+I9lWnIan)dEEH2O^b@JrfXb}0Q$E4X)cLt{^qI~~n#S-p1f`ks~h
zddZAcA;T*3syxDvNcOMDX*P0PhwuYmmpl4jxb$2-u37qxwfoLLYqVNxlfl{r3*YY9
zX4mh{gV!3O2ioteZ+z$wbTBFEmF@fsM>iX3Nn&q*+$5fm=`}(cJ8xa1>4#rDoiewn
zxG3_isn7QoGt}n3Z1Un=`Px-EBj1hcIc7z{`5{{;%=rAr{Me-Cx=O#4`y17*KIv3y
zx<|`mR?L980j+9R%-vQVXfbU4o9(AQtX}l4m(lE~_!DzG-rv%{)zp|D+cgH+x;o$4
z82!*yYt@fAmxAI7tL_XHj%c?%I>oy9Vb!(o!vy8?-RD_4xBoReR$0{N)7h7GT?T|d
zeQDRZhw`XxUtDf)S?*!7I;&raQ&06lU)>98=A}Hm8(cT#S3zjs+4m21KOVNbY0rLS
z&X@}`CMNytaPF?|wYG-2KhA2OX%}cat8ZB|AA`S*`aU;J>^H2BbhGiJKH8SEKFr>w
zDfLLm=(i>Kl<DVNb=M!iY&Z1U-_pnTMial?krBgR%xfeVx<obD{m;N%hs=-HX7=28
z!F;+#p4P3d_J`*hT$>{id^&fpYV`Gs4=VIbM!xBwS#;;cp%Xg=wo%_g7xegTt!lWk
z*XIYPIy-GHPE->t_c`^s?brv;HO<zX7-w~Sfran<9TOu1=k#^jt=w|S7^3?$a+k2_
zrk5Xu2WMz)vsw4TrrGP(L63}#W;$n`h~IyG$+{4`py@}tEljW(9Y0~jvBbfxU!2_4
zxYEwE<@ANYLhT_JFEtyG>;9y$xc&a&t*pXsT)zFqE$`y_?DpLT$MwyRHcmg*#rJgb
z?1Eu2BMinrZ?(a4(}dY0iXP?k+UY-St<mT{zmF$n_grQtYOc3Vr8N3r+WC~8{n{BX
zu6)@1=lJ3K#?0IPL{IJ5r4D-2A9$>@xAj_)UwiYz&pcN$Wtx7a%InNe2Yy%NE$Za0
zuG?dx&5goWE1#FyF6-J%FZa>8+&^dSQgpnpibUmRO*UqC+Tf6o>(;5%CpdrFkdi%3
z=7d?T3fumE`9tBnF=@A-FB{VKu=4n)DmUAd{_OPh;?|R%`3GFq=$<*eVZrNwX_wFM
zTaw-;S$}U(|BTZ&2fZ5HeAm$)4^3|Fj*ZMI*8SpXa-pgB)6L5U7hV}Vpyk?i-7J0_
zx?J8PWWJW!#D$fa-qn*{?oC+H>0@H|1v|D}>rTjc`*w{EJziP7$|^K9sHgs!)5G3(
z-7|AiS^5MOx6b#%+iR|ARdVNh&S4eLL4$X1+VlH;i8TG-6t&WCPb>7>>zzNFZ9YD+
zlV!^jkuwZj>H=DP*x$WSDdR`skGJhqyWIWwJSZyKHLYr|(c>MvyN`O8GuYAUc1D1W
z@yv&Z`Y-II+x5iGU;9d?Hg#{jC^Wf8+_(Psbsl>RT{-s9#nI!YbR8SJeChf@Ps~rW
zS+uyj^`)9YQ^iwqBo~J~9@avs>EZk*lX_o^`mW<r_WhaR-Tt2QV?Q*RoS8c9PnQ=r
zk{<`(a)_BQui#c+myk{ti?1B%w`Sz1uLg5_7{+{S85qCn?fbOxEv`6yK6$@?*AuHp
zO}&>fs<`)}z>U9eq#kbUm%L_V+n@W7<_-^RqZJ--*Ky&F6;BpT&)K&`XN{lls?T=P
z`F{@>9*8)c;Ndm1ETia6;ZdQp|Kdrah{av{h*huJ51AGBZ1Tirr`=X>@H+YGb)L0n
z$+6d$PZfWBC3dpc57hN_{F-eOsxzhA`+-$A)~}p+=8LCx@a(+aj<+xF%2=25<Ll#~
zd}Duy%}&t^&7Qnezn5{)Hb7A5@wO)4b$nk>jSVN?KH2zi-Nf1@N0+_zDcE|r?SP_b
z5Bh#f`eeCp#R@OS4`wI&w<*4RuF;nT)4ZRpeyzTF(9<qs%5GnZ^0(dS&_=4a`R1q#
ze@3>_+vwLi=XI}pu{mOgJdKfFad}yLNcWUUegYq()sH>3K9vr7A8FFJ&CPPX8l9`x
z)h>Pu6XumKXk+tx?^e~cyH96UU%pW!8MLKWe+RpTPSzEN?w-*;7QC&^0QEcXj&0a`
z^`4`vmj4(*_Fxa2qbGc4_-GqnzBB(=T)6nP_xZ*z@2&Z0k#OJ1BR-*`_KEAF0>7+{
z>ZPxrv|X{s$*9ZX)E%xx=4mH8Sq*$T%C=>r0k7ADoT+|)=W=r0?%>Wbn{%ztXk;&V
zsFs($wQO4Sl&uHackZ1NxW;Yeq5yIC{a37Fi(SX}Tk&V*i<4aoS9%{jY0~+sgE+tI
z^0e*SMfXm)zWgbE8Ts4)m5;^t#;1CkC%$U8vAT&Q#_`vD_0rWRpC#l7nr)1Ty0Ngh
z+vK~>t2<V&xNMa1c7xgPlje~H!S*WCvzB%3Jg~InLeYd%y>=vcJD;8QWnz(L=O-sa
zQm$uAIX|ZO%twROQ?CunS=i+AU&D}jwJWRg8lAEa@7<-t=Ve`5T6A0S`bGL)GqaE9
z7PQzS>Dm8Tc-KIO%I&XKD7F05{=K)A<&)*xW`EuC$<?8s#HVS7Fd=ZZy;{YO!!F-@
zOzL9st>5yHpH9VBa_8^p)gmZQs(fkcpC)H_s@?w8yQGuG@!E$gB8#3(H*-$1yU=`i
zL_)c0&!snyI@qMERIN?YC|&mQ?fh`FHD^?b&9JepG-hlq{iJ;>jI3BZTWD1DZTt3h
z{(VnIOqo(ae!CuUf4cXQW@nuxdi#?)s$UJe(R}2fGQU1w<BOK-H;PNT5SRJX+jDN>
z)e%d^l^*_?e|pgDz~Z6fl#<4b?o;XeG}Q9$BsaefwdxwDwsbNbdn8~=P|nKUi-%lR
zGkw2)mSj=4<y95dW@>kO+b*y<JxwdfNFy$#GWE+>)9vc2pB7}C`1|vS_?6%3to&!<
z;+pV%Jq~&n-pw-4(A~Z9XTRH{dhPttRp-sGPq|%Eq)!HGE$r&J$04nd==B>ZUQ|s!
z>RH-af8TuCZEp5N=g`9MFKzBx-I#njHs`aO>iC8GilQwhm9{wXcIVm5g@?{hKDOt<
z*TYuXBdogKRdSuNV6ezBp_|+5Ik{t}+-&6%H}(4M*+I?iO7m1yI&FMjurjr6L7@9v
zPwAAineA5Byly@zt^0=~zXd-M64k$aJ-lYaNvDB3pH3ZV(O&h%_{zsQADm|1c=Oio
zi-E<fy(f~67hUzfy~(Zj1;;+04q3Y88qHGeKER=%{gkaIGWD1Cz8Z0>3D&r<%XmLT
z$XL8XTZ9+CI0+Iz>D5#SpKM0h7Pvid^xs$jN)`Z6(iVUcD*#Fc0#MQsfRcOwN=5-t
zA_Smh7XT%30F-<Ipu`z~lCuDmbOWH|5CA0)04V7SK#4s7B~t+?IRik+A^=Jf04SLW
zK#4K{B`p9bISD{X1^^`$0F<}`P~r$cNg@Cx5df5Y2B2g$040V1loSC_QVT%I1prFs
z15n}vK*@6eN-_Z`@dlt|9{?rC0Vw$cK*@IiN<slBNdllG9e|Q?0F>+mpd<`{lBWQa
z_yJI|AApkH0F*2PpyUPsC8hwBbOE4534oHf0F<l*pkx~WC7%E&83RCx2!N7C0F+z<
zprizV5_14bHUUtg3P4FN040q9D6s~hWEub^CjclJ0ziorfRg(Fl#B+TBn5zySpbx%
z08ruyKuH?_N^SvAvI2k-e*jAM0#Kp`K*>u0N}>QL*$6;MGyo-a0F==F&;X#MF90PS
z04NCppyW3IB{~3<3<jX29{?qq0F(p(P_h<)5(5BAv;Zhc1EAy}0441JD2V}}#0!9u
z$pDn-15ok=fRbVWN(KQ?q6<KYHUK3b0VwGOK#3jzB@+QC*#khyI{->H15ok}fD#V?
zO6&kAnF2t`Dga6@0Z?)nfRX|LN^S#CG7Nx{<^Yt$0#LFPfRgI~l<Wqe<U9Z+?ExsM
z0-&S`03~w(DCr46$#wurngLKU0)Ub{07`NID4762NoN2`mIF|72Y`}z07|j|DA@`?
z$rb=g?gCIU6o3+A07_f{D4793i5mbVUjZmd2B5?QfRe=klxzT?BoKfSF#si30VpX2
zprk1PCDj0w+ykKGG5{qZ0F=}KP_hJok{1A!>;Ryo696Ue0Vp{JK*>k|N?rp{(j9=3
zJ^+;T0HEX?03{Zi{E8(2l>7pq<PiWRW&o6Y0HDMMfRcp(l(Yh%WHtaLwg8lr0Z{S`
zfRgn9lsExUateTw;Q*AZ1E53zK*<jPN`3-RasYsmQ~*j|0Z<YQK*<^aO8Ns(G6{f^
zHvp7e0ifgv040wBD47dDNj3l_;{hmX4M0ga041&fluQSp<RJhhkpPrj1fb+7040_H
zl$-{jq$L0)g#eTo0Z{T6fRX_Kl&AwxQVBqbF90R;04TW$K#2nYCFKB=xIpGq;ix&7
zD8I*ptL(lRu2baU*g+dByQg_5e3In_&}6*q-UipH@^EW_TxItZf8s6=2Pnf$cHaqC
z4|%wd;5|DplbWo_@^F0XJ3)582-jkHxMzL&C{jWHq6YN0LAZkc*7fwOAzVR!qk8(i
z5U!x#v%Y+arBTq2#>naKgK!1?ruFnwJFK8ztDgQ-2rq_XeDeg~1vrnSk(x^XD+8>q
ze)(~u|D4l1+x0p-dA<K$k74~cJ6jtrzEQNcaP_*xW;a`e>zrJm-|N=A5^{cKyZ9sa
z$s0Qr?F-p|Fr?p%-a8#8MunsoUZ1`BT<K{?(Yrbw*ZB_;hPT%Yzj<zSxzoMl1G>8m
zKeoNPTSmUh(`iMuH-BtgGq%@^C-LunI=@@Crr`97;;$wKwmXzNY{@PEn0?Hvc**D)
zuhzP>c%F1?itn-So4Of2wzAr`EMxnqSKi~_-+15q{M~Qkz6FX^hECG_F{j1$XEB0h
zdzbHep|LjY`H+E=e<#1nyluYz&XHQ<v8#G2S>@l9&fhv;aBIlbYev21M_=u_q2t<u
zkGsMS-kR+6C2sPp{O*rlY-#i8cmCcHYk#D@O(?lhT{dx`QFp(abw(!5qf!LZBgcD2
zytUJoev6-W<7q{(YKvpRpX0iEZB#x{>#N#g{hKqJCMFN6X=|9-L(OXY+Tfw>zI5{G
z@Y65*OPfzs-Hh&-MSS@^e&1sA3ChO@9b4IK&RC<mJDR8c$CmA!p1P}SY^&<giB+bS
z-tO!Ar+gQtolc(n`pUc^KYg!s8r!$XdCr2Thx3LH?tUiF^?^goi{`#f)pu_)*dKiV
zcdw;^ex1}bG>5M_aKG5z_v(Wn_uZvJ{rlgFrdTJqw_7N<UUvNH!I=wYY`Sm%caoKz
zrp1t(mk$=^U3ndLJl6NeZe72G5#m87eV(nozJ6+Nw{~+*?+*1D^EIJ~wq#=SDKBTW
z46B<u-*u1rC2Q-lCkMyO7=GP6c25g|k;>l3?X9vh4sIxD<d73`W%0nF;>A0K7Ngp?
z71SAq8Se9J;Z-#>?Pbp>tK%oS+M7Qf5SKG5>dM$77y9<TaI9m_f>QlQU$31nJkv~Y
z_56<NjgHHc+pam`Tyg2a-Ezyjnm2o#8KCUnFXdcxpYI9IJ@-92GHLxctK(m6|F*gL
zG28x*p>gNTlRbXDXff+oicZ%S>1(~xp8t50efY{G-@Mb;@{Z|FQ#*B7YliAmk<0a_
z!*Z1`X@}H28h9_OWl>I+lkcm@zI`(~Zg`k_<55rZoEsfJ&RSt3(QFrQzIl{zR?*qY
zzO&CHY_ND}(tGvV5#q)#+JAVe<965Sc}nHo4p*bRuZR~6x$L*EbxYOu#=p;APl{dL
z`RCV(pSpbMGQ02AJ{EatN|(zfcrU8WKlCPIa%R7lA!Xs$<5In)56T^nE^3$T;-oj>
z+^iGl&%Mypo7=Zh`D6Pv^FE&W?YiRv(aH0Ea<c33uh&mls0QlJ>a3))Kl<vW!#%TS
zUoIZf%=N}o>z1A;c3Rf%8qqadXnAb*mEqscZrn4+(=$Ri=Fg?2l?l}=_kQ0ocfpSD
zP9CQn+QhH?sq}2d8Nv6*Z*B$FRV3#;@Yvd`tH#g`FVs)>^%`?z%9A-)o<2;P_#*6#
z6}6AlCQy5e_iV7o@aR4Bx%Xf1e_)bX9$i^FdMpC9ZPb3ktN}H|%WaG+wP7$tKo1ch
zeK_)68&_I~4jlbA>h;Y0T_Z-UUNh82D`<NcpM@>-JGNZbbfm?4i`y|ee@~pe+-gKu
zt1p`${v}7c7`AOWcfzIx+h6;9@oeS(J38pk#D?@Xd~ZeXY23fB@-S+@Y20QYnlyj}
zsspm>E6`I1NGIT_B7ut92OQRSAg_7>$+Z$#EhiwDOfX(#0NvFANGeO<i*Wu8a9~O#
z2S}|C#1mLAU7)Gv0`K(-SggSq)ucdW%_PTwDDwg0s11-)yMc)M0^C?jV5l|$eRLS;
zCLN%?(tucM2Xxp$V8dPmX_f-CQUS)fqd<`@1v<<I=&VPu@$MuBSTaALt15vEvjFa@
z7^o&Qa9;#elRes%j?pU^c&N3&JY@pGwI2wqy}+B@BSP{R*r{7Udff-|Y9!E9!+`Qy
z5B!)T@L`vMfHDNSOAYv`2f$bP1I@Jp_%>5uxe|c=N&?EN6iBfuAgHEd6zT&6S}1U2
zUO>2QKo9o>BFhCxEjOUBx&a}lOss)#8wJEwI52c2z|Rc?_Uk7QYCC~q8-j6i3vgm8
zK)YoFr#2RNvRbSqqJTzQ05n!SP-sseKktD>3j@AP3?$k{;MZ;dx8@D>*)m|fs)2r+
z19>b08qOKWxwF9J^#cy<D)4bzfym1T0xgIk>?Q&!b_n>i6TsYAK>}4V8utLcjQ*oC
zLFJgrur-_woCBOA96A>eFvP=Yz*)oDz&XG<!hr}PfK!LlfU}0PfpdU!go8j30UUlL
zk7&T*N8*SLoCBOA96FN-;MCzX;H=?n;2hu_;lNHJfK!LlfU}0PfpdU!go6kW0h~IV
z2AnmV4V(j<BODk*1aRtb8gSNdHgFDbj&L0DuY&fgp#3Vu8qNmJ0nQPQDB<G(ICVG;
zIBPf?I0raKIMNjHaO!XxaMo}(a1L;ea6lWN{fLLtfU}0PfpdU!gd;JChf{~sfU}0P
zfpdU!gd>X)52p^N0cQ<o1Lpwe2uG6tAJX0eE{pE#`=z@}x*JJpq*D<I0ck<HyFnTe
zMNyFuq(eXy1VrhO20^+(K#&GeP*6B)(EEAs_y3-Ap3gbY8h+Qz-m}+Ud-fHxui?Ar
zg8d*I5H3goqzKXgT>_yzg8d*I5H3goqzKXgT>|N->mZ$g@)HgE2|lPWkq;{{BDjYX
zE(RJgLib_g5ukd%_&@(Ij+Fa5oI<q*a4!VFJ%0fAf&tw73gDhIfP3x$?zIEBCj{Ug
zDu8?T0PgVtxOW2J-Z+4Jr2y{v0l3!#;9ewvd))x;g#x&D1mK=AfP3ly?(G7&R|eqT
z2!MOJ0Pej4a4!SEy?g-oya3#525_$iz`fr9?mY%@j}yQ>aRB$^0o*$TaIX)*Jy8Jn
z3IN>u4B*}#fP0<*?o9x=Ck)^oC4hSv0Pb}HxW@+IUK@aW)Bx@!1Gt9?;NDXJ_pkxn
zBLi?R9KgLr0QWWk+~Wdp?=^sXz5wpw0=O3i;NE!v_h<p!qXTfy4ZuAU0Qa&1+|vVa
zPX@rfF#z`}0o>yOaBm5~JwX8Xq5<5y2H@UD0QZnS-2!lr*;0Y|7l3;e0PdLrxaS1m
zUN3-qjR5XR0l0S=z`ZK~?im5NHvr(?Ab@*20Pd9lxOWWTo-%-YS^(}{0B|n`z&%v}
z_kIGn2Q(&H7=U{^0PbA`a4!qMz2^Y#=>oWy2jHGUbGX6-0QVjNxc3aeJxKufz5}>d
z58&P#0QaT<++zW7j|9NIQvmn&0o)q`aIYW0Jpust$N}8j1aR*LfO{zb?x_H{cMib4
z_W<q{0l0Syz&%+2_iO;%GY4>w2EaXU0QW2b+=~EkPaD9!836ZK0o>ySa4!+Sy*L2(
z)BxPu25|2!fO`}G?#%(XX93_IK7f1E0PewHXF&wOJ!t^<@BrMq1mGSPfP3r!?wJ9&
z*9zd?Fo1h60NlF?;NC+3_nrW_w+!H3Ab@+T0Pb}GxF-SNo-2TR2>|Ym0=Rb-z`bGs
z_gnznGX!w&8-RQ30PfiWxEBQA-b(=YZ~)w^1#m9_z&#EC_XGgkqX%%W5Wu}E0QWio
z-1`FH-YkH7J^=190l23L;9diOdv^iciwAJe1He5w0Qaf^+_M94PXoX`bO84b0Nf)2
zaL)?BJuv|Ht^>ID4#2%w0QXt|++zT6FB8DMPXO-y0B|oAz&%m`_Z$J-n*?z0K7e~k
z0Pdv&xW@?K-faN))&Si50N|bhfP35k?#%<ZcMrh5902$30Juj8;9e7edn*9$DFL|W
z0N|b?fO}~G?(qY-M-1RzIe>fm0PfWRxJL!xUJIN=x<UQO$pq}|OBQ_D!o@;|TP31m
z<6#gH6QB@cqGJOjj7N-uiH1dhk3on^gn@;Ik4}g~Kn%YphYdH3gby1+RCHVvG<*zV
z984^HOjKMPLShsm3^a5CY&<M<JVF9E9|3=ii-AK-goR3oh6~v!I0P7&#OU}$_;|#a
zC<H_}SZL_DsMv%Uf-ngK8Rz^znSkK`YzD>IvBCp<e4dT-;1l<3T#1YYk#Qk%UPZ=)
z$T$!g`;mYsK=9QV#sw%S%ph)%5J(cF075>IEkPcja8Nd=8MFZU$JAj1IX`QIkZT7h
z+{{RoD5Z^ah2fa)dXl`KHC`|8@83~er9X`im}WZt6i;`-3O#Gp9_^Lm1<fEv7a<ux
zy>H^FM;|F=-n98tbsndxW^CaQW5KUt;uD}_5aPjI;E_W(8y_I;M#joW0vRupfM8Po
zf1Upk+K2RSAyg<x0s<cI%mEo&lYmJ7I-^1bBp}ki6`?|9Bp}kim7+q$Bp}ki0T6Fw
zAq63W4O9>bh!liiMyMbX5b57Wph81PK%{>gghWQXkp%@B2ls6Se@OjpC@M6T1Vs9`
z(WuaH5)kR%13(TLiHvw73p5*PGSW<>X-IRBCLm#vP)PMil}I&+D^eUOf@C9`X9mX)
z{*XpCKyduv4{0P51ji5lkUr}v<Y<u=BT@f2Kn@gxG~x(?;|G68Bb9*Q_`x62XT6N{
z6mqmki~j^bypaXzXe1aMKe#~}2?~PahZUre2AuUWl!P^M#7L`=$cQ(xAdN$w0;JpF
z_@U~v?nJuq><L2}4UR~cAl-0w07$Em$cQ(xAcuf78=8nT4QUS2gtI3Y35SG0szs^-
zH>5aH1j#=0h86fj8tDXN0|dtp{zxYv8_2VZJVTI13Y;A+(qbekq(R7nyl9Y)L!9CG
z!5`@~#1Zy@kY^ZqmXJ!3-a?KTX*Ci6@kSP;qmf|XaQ1>jIvoiN&d5su{Qoop>1m|5
zkRwJKghWQXkp&J8>3*ckk!}WmXbuSJMx^VIMuQ{LB}g}%9RSj5Br@WSEXW}s%|@Dv
zG!JPK(hLZDc92L2q*|mZ<bV+uq!<zzNg{^406+?``Y%I1Pyh2X6^`l5n84syu!t7G
z_P|d58tTcPg=v9lfoP9t4|M^SJ=8s>6Q&a)SWuZ@AwnfuI9WK^gXM2=R4C2_#fknF
zM}^{N4u6ZILh&;P<ttZ_ON9Ttz5Z#=|L65}mAd86M*sWq(G>mpd`IekJo&Ubl~wgu
zt<yYO){L(4<#T+kN#E-7ZZ3O{^m|Z!x^%I5!YsWk=2}ir7yrUXufp^1m;3^1s&Hk9
z6tB#^PUI*UM<)fu_tDN(vS*>aVkD#5nOemL9fQHtDZ}C`8io-M{QENAExvdwNSPlp
zCCP}7IY!~;a?9>_#b?V`78h=J@0z>H$0c+gGOTTGh4XL?q&?RmmSE==dNL$ust{G_
zc%2EGKE9rL<HP;ZZQ)$+pFPsF$Am2>M_=6=l4q6m-r(%NY^1p(!dbqqX%ijk{5`M<
z^@guC9h<BJukDwI2dCsld+K;$?M16rCRl1JN*LMGQnC6a_e5Fl{vhzNhc83u7#NtC
zSYX&-aOdYU!~JV`|6%z5VFdq;5&k!Zyte))M*KfC<o!rSMovxvMhQms*UtSl>i;mB
z|1jGB#_0YVqyHZo!~f9WtsnNEV=3f)VE_XkbC5MM00NVN?~$?~^}pXIM-+~Q@K3X|
z1p7CggYI$23(B)F4r`%gD11h@ywsgF!1ZdRsk)&qE>Qt}(KmT8bs^i@ZOE#PlEH4Z
z_5SGytGkQ?xA9<Db5|hS>7vdJ|6zqTWy4s(dD{GtIR1vA+_8o392yN5(c7*yR)WO(
zte-?0d7Y{BOQi1`vJNT^=XNPf+X+fV7YUwfq09}v<9{Kalrqtha=AvuPp?SgTlG%u
z`M1U&b;q}M58au9a7_jsf+GdKZzk$Dm$Ql)->(l7bk)qYsna33WH-bg@wqXP^+HV+
zrOX=X^8G4v(Nj%@R@L9~DZ*s}g9q<zBYqi_^;C?$<bRRlS~HTXLy+F`Re?25QrnGS
zylFY#E7w$8kl~6U&9#hn{iRFqP8`+B<4fOE%o>q*s<y{in?EKd9gV+s{V|4=(}INT
zO67q*?~Tv^>FR91oAbX4X`Gmqf<{Mv@;s!bJFwvLs<V&KDS1eeD7k@I-EptCGn&|B
zoR^E@@@?nGA9G*D4)H!5GAyxFzB5kfYo^4RS^2m-+LM~U62*n0ZqfT<ePec@#7+Iu
zOjVo6yCU+D1JwS7A99TaP_{8v0#5Ge;Fij_9^4SYl$VU?YPWVAGwJo~_DLHVAf)aY
zjl`BbFgxlbrEH5Q&s-H7d^n{Zn@IdEQ*p6K@us-&lW&Ze7&6yO63oLd528frU*r`*
zneVr0x?gy`mQSL?S8@22j;}~d(RX~4how#W&YTqZeB<3$N+bI-RBXQ<AMUrulqO9Z
z(6KL#l*l*a4=m=b^P_1oXTIQQ=&CfBUr)_!7=0~Fw&YSa$~(uS{DfPzvCNU!bAq^A
zx8%S%poCFgmo>dex1>*Hn0HsvB)IH2WEk@a7Tv?;O~n<FwyF^aR`fnR%Wl_Ok{?_u
zoSOoUJ)F8H(Fy0I=0~QiNfvCriK|a=51S<SsaLiU*ZCgP>86VH9cw!c+^w$1WBPRY
zq`iq`6R!yGy3`9n6%6@n6>(MqK~f8Wy<FEHC~jmVjJ=>w4jJZs*6WLkd-|+n*VeRi
zLScF`(4S~?WL-twM})p2vzL9gL7)ECPZiSL3L^HQ-<7_}1`;pwUU7wtXx-@2P4-PR
zT%oKh*u_9M+B=WYvo1l4I$hF~a9OTaEc=vG3|A|-ZPHDs-j1^%mE%yu@R^~->7ex%
z!N6<lkWZ@k9(y|Lqh8#_F+~kbuRJu^M)vV<7X@m`@TV#+D6MV{61*i;=e!aT@nhUc
zOWn+ZAjFu4?PIDJo#gblq3_pXqe|Hr1>G_;JfqYW9yYkC8a^dpmYVTwhkv+C@g<)o
zuYAHORjhb-rza$8)sa?NqYo{x{V+H5Tc%P5Rj|^f-EI>U;s>)$wh?A{7?@Z%sOZ>)
z1VnHh4WAg37z2La38sQ#W1$le;o)Et6A<CTJvq?v;hP~I4j~2}HUSDT8V(UE7A6!!
z$Hv0I$0b0+L&ZTMA|^z~#KuCyAjBm`!9&Hw#~~s>CnUl^#YVxzLnnZ5Fle|ii4_kQ
z6Zr~>g-t{VKV|e%`{hdp>ETKD{5F{&A*p75yZ1kJmGWJv!=6?>-M!y2a8y`B|FotG
z?<<pCYh%ZoCeL;+@kDL0BL{^bHJebkREtP23N~hn#LxaFxohuv<;EoA42^<DLQ7*~
zl9z}0nZrrK;maDbpujeK0+OIG!y_{aNjNj)!ZxgtG9cLgQ}Tb6fqbMa_`;q)cDD7m
zF7Q7q`)40g7TG$h>#Y7W52P#-59Pn=`5O-@i{!(?3|mkRX$zDE3r8N1wjqyyeUbFv
zI+*`%!#*eg7XG*FpM0bq$bo&#)Mo|$VsU;bs8ALaxoQl8JA$5l6GrmR#*#=Lj>6x(
zKihxGC_(<;GRRlzvocT)3>C(ps5r=e(Ahp@{bwHv)PEKW$v@kM71V>&`6nil4`u(h
z1&RIVPSr@>AKyQDQ0$+&&+?HpvR~=U7fGG9>2D0Aj<YtLwfWCJq#b|Tg@k4Xv4Bu8
zpgACB5DN$;9MT|W5DN(YO@e|7Vg|8*kmnHjdWAd>EFcsNNQ0O`EFh%MQ9;oE;1B6&
zNQ0O`EFds6h>yk$g7|0<9}VK8L3}ibkA@NsX%I6A;-f))G>DG|@zEeY^cM;ElYl=7
z_>+J?q(KlL{2?6<X%NH*e@I6|8U*pdAJQl&3J_lb;wwOW<g&T~#8-g$3J_lb;wwOW
z1&FTz@f9Gx0>oE<_zDnT0pf!{3HXzMKMD9l8U*pdAJXBF20?uAhjcWgK@cDOAq~$P
z#8-m&N)TTO;wwRXC5W#C@s%LH62w=6_(~983F0e3d?kpl1o4$1KKPS>KMDAgfIp-`
z5Fh*@9S&&_#0P&!M?)F}@xh-&2^RzY#|NSTA(ko_uk=tw!gJubxw>Gwdd;-eP->5K
z&p1C){?VufeQ9b5_5`YF6j@`8Fne1lfq{>Cqt{8rTzC=IOuElrdP|FA`f{v#<4(u3
z7UI4f0(STFYy2hAK9^^T%gv_Ze){R@%B8w?2tV)QLND(OGj7_)U+7SOSTw3@-GgP%
z!$T2+SHmUALMQOc^}H52q2x7vZ#>&NJSRVa?$(Hy^Inf~zBJ`(+R;AuxU1Qkr|Z&5
z^X1V;cC56q7%`%69@$PLR4w^5I4%;5SNt`&s_V-|D+%bOE|*MP)$YkK-FFvo*p7Sv
zH&HAIpa|%S#zE`6cXZmAxZ$Fcf0*~P@oRu*hdn$Q?jT<fVr!rs&>oTilVr)kG-)hc
zNe%f?Rlu54o#=>9amVta;ix&2lt8cA715-c?&&g-$?vZynU_7*arW-1%h?y&j;AGX
zmEQ6_e*Xx|jX$=7be>8kjBqb{V-{oGwh-e$z`b&QVV9Wr{$<_Tdf6Y_TLp{~`9!>U
z+P`?BE6tuW$bDI)r>l+p@nDAV%e5#A9o7DG*wZ5@Pd`$lM(h`C4P=Xc?YSMNdutV6
zT=#vYB!wvB&%Qf}-%_qGP%s#OeI`G2+TZ>phIL9-{{k;&+V2P^JHKG!X~h-s+t}Cc
zD{}a=QXah)pi&FFv3N2`?n3tZxyHKN>Z5b|Gp`=p`Pk7!Hi=I6J&NwAq(XSIhIcuc
z>&4!SjiF!TMR^MC^~ZRw<c1_M1g=kKKivr^@d@M&;1C;5Z;r>tHD4?m-0E1blvHf+
z$lUO3Y{GkFcC%Ic`(QzCULqO3^OAlu-{X^;r^d4fp)a13s)|X7jm#W*J+z4KnPGk=
zV#)U-np)7l|I_)7!1FfjAIoxa?{cnA(m1WP3=-%RYo<E|nCvTGu@*;1BVwJf+qkSA
z+|pW-zPUu}?PP=&y%1!_8CkH|^U%+5#J;-BSHp}liD6zo!Zh_aiYr#XPt7kkZrxWZ
zMNI0VaTWqEtyW)VpFe!M@a1LyvO=Tn0kv)&e#)8+&HRN8O*gNbDKtFTC^8;JLOb87
zCWO@*3o$6GtHa;AXinT}dwk9&Idtv7e~Ts9+xe$}FqXCdw|)078h7+w{`ip>`*nQ!
znl;I<E2}d-RI?p=M-4P)D8o)8Hs%jv9h|5c2hQt0lYVJwDA{`RmiTzZjQ{$o@seBP
zQy*_^7d=hytihk3O}wAqHHh!)l)t1}swi}=<z0D$F`jy@5sk>>Hnki0<@_<9%f*NJ
z(wQG-?Pc1AYFoOo_nr?}jDPyB^F2k^8{Y4I!Cs_|uO_+FwJKRq2?(FuVp1>jFoYX-
zUve<9QW`1y9`xj0c-q44s|HIib>?#hcnwDde@k<wPK-Sun9zFktxNjcWnbBzw1JCF
z4`00qRzKlyNgO-yytb9(;b6gSMjMr%jU$2AJ=`8{J9thaF^o9u>+iSZbw6p8xplPY
z+#4#$6iy%H(fQHKFfA^=7osGLKQB?__(A!O-G}NE(yP>;S?s(U!l&<A;cH#LJ66jR
zYI?H5A!k(=A^#A&o+N`FJB9xRZs0~^=k@V+8L@=VZC|V&>^}-X-JoryPtQ2s87VzX
z`o<aRm4+_o{3O?UAx|hH`|{Jfm!DM;<D!h#ILSB1b6(H>+MMxGscDP<*|w}#v1MS_
zCE^Q;bV|3;yk2)?h@*rwXSU;Uh>G=IdU17Uf(LcyD!b0NH*?>5KCAV`A6h?3wJtpo
z3{VX+KY17OKupd0s?FhqDM~kg6Qy^M5<MpeOUe7eb2|5RAG>Hgl4=_n&s{j_txA|R
zKhHeo8)D^Rx-{{mb()3`9c|dL(o#fmdFF<L(gza5gV}ep`&hdgpQ;&#^6$G}>K9!3
zRn9EDU2eqoknTKA-goM^=b~N@3>9WjGiE&Rnl5p=PVG#vbd*L`yl(zxm5U@yGm!6i
z!&F8kOn4cia8Sxvgg-{}R~Ym0w)4wTpW)7k*OAFWzEy2WIk-!;m|0ci!9UyX*-P>K
z5L7Bo4LS8ADW}q8-?o>vqrcwtBZqKl+sK}fspj2W&?M=b?%eAx!EvLnYCdVFI!C`u
zy!pGJ<;C2U`J_{6jrNbG@t6`9Yn57DsH_#-4_~|Ky-m34O6ZOrj`N8@m?5Q`4KwrM
zSV$i`_oixhB-@H{l<D;+X>sof6*7+;D7{pB<sv@{;$TI}r2d}jeICn(!xLH(=ld32
zr9X>v;bQ~$;rEAh2k=jAsVuwYxy!rvSV9<rK77s?=ec;(wgSI7IZ?%dtrorD+3mgb
z()*Z3`4yXN^?i&Ab*S@3Ph}}?Ja_owk)6r*HB=~WPdkd#hPKLflmd;)L(k^|`8KWv
zxBP%C(UWVqUGMbK9viz(3Efdh`zmvr-0_-xl0k9w?cU;^Ig6a^H9j#e77Cu@psS}$
z61#rftlC^U-=xs)##%7!N@LfxBonoGVs<sL39vfE;Mfn9SBKvp$@5H(sC)b=ez@A;
zEymrP!9{7u8y7~)HmfwudUB{P(a8AxexKSX8iDH1QI@ZN@yqSN)pwsROi_@0;wH~^
zV$EzP;Ih0y>*{;slBfU9E6d|+U(%aoRSt_{JIf-UzV^0K#lW>_5NWjwsyBMwC2fDt
z0BfJuzxz#x)PdrZ*i_cqjw=i0N-%vVfek5_ftg{F`1{9F0sd+?@1w6fvdfu#*f0G#
zL^e#E;K%6Gp*Qv+>a7Z@UW|O6sR@4TGZW>u3&|_Ao4@bj<loCpVg8oPcrl+nPOWI$
ztx(WP!h~qxr)|X*=gY^X*;w=?%Fcl|_uN~x!idwi^zZl8y2x?V4egxP6ly=qEq_wa
zA#hJ}Z|-ivSgii;8^89;<8$WWs(kegLg9BFX{~v@inut9BAhwpdMc+L*EgTlmQZ=?
z?YRWK7)dgvHx&v)L{ndje`=1-9DPt(xph&Qh?$IBqccESyX#k0onH*Q7gPW4@_?i`
zrjO(1m8+WsA#aNKwnRRB-q#X*L3(AKQ~BeC-g={3omVi{@^^lTPCgdVy`iH28Oy+?
z+Z=B>RQQ47oR0D0tRrpZJ;_+SNCVO5Rs3tTp3#iOB#E9;mnv#@548e4Q<_T!c*ls$
z5=v5<k62OQf2hbfpaREqim_*EZKGE(qS-ctNzlnpSwMA=%Jb^m1mBqVzcfP@9zL>n
zM9o#=#mToEro{B~5%2TSVw(-OHU3(titV0P9bf!RkXC!?nHsT2_4xkDx)&ZBU#iup
z1u<1Ms_@h5bIxRAX+~z%R;|-`MLh<yxpd>b{e~-n7#=JY={3RqnS(oBcaDY7I{K|m
zPLd{$oa;79v8|X<!&xYz?E>Q&Ja^VL-u3L%_A`X4yQR+M8eeX9pD=gs$?uQY=clWH
z@l6e=?(aAUnInYE6;gl;_^^OsAdCpIMS|ohAX&&Z<ikG5gMB2h4QtqjH3~8q{<9BB
zAwFl`P!CcU`1~n*R_N>j$y4~RvS;<4aVb#$S-t<%`NtRP{}bn|EoXjb{(stt_&~g~
zmP5I-cK%Zaa?g$d35x84b|Cd5<^SmHn2=H!BrEa;A5z+c2RW*-%27>gsk%Jecvi~N
zpPMQV`<v@AIpH74UiT0qaVvfD>m2Vfk==o&bxLNCh~M|Sa8Ju;Wttj?ZPPCaqV`UO
zAKEE>?`rQY*O;NdjPb<o?T?G|H+k-ewFs@@EWRrb@uRict<=sDN2Q|wipiOfso!_P
zN>ej-H#D(8G6_c_V+7skex5mg{YCfnj6PG7&!^rpuIw+jK5Vhh5#M?{v>6l8Q&FmK
z@y-hK%Yz@Q4EM6dP;b*(l==02upOJ`6*P+a9$8c!eqBCzc}pOEMvi#35lhT$vU?lz
zstW^YV-$&xxH0ZK^g{EwtnjLcizJu*2}04{IG(>2*flyHo+wp?<)cBxID&h_LWh%D
zW~~29Dq8xt)@MJ%-ds$=(;v)eKgV<@O!Ikt;n#$kN(Nak0d1L8Pq&f)LVM5bw3Q1K
zk=Qr&m+8Jn3la}iab1{CHOurHUYxnK8?<4VOk?RX9i@I3`?cC_n}M?41Y@>-k(jB@
zUDGG|jMZw-=oFN5*50yg)=d^X`b~EqpD6GidDqQ?VArSk3j)9PY97BOyZ+-@(mMXc
z3HQd8b%pp1+slS*+?UnA#HG3LKVTrcdq+(5Tki{Dk>-ighLG5IJr4zHr8)2K$TnIA
z?v4ps`WKTDaEWzOm3`9bz4QA9dXm86I_-x=bHR^x+==_?rHa&ar^<vU_vWM?XC30l
zzwhEwPo}^2vZMn|Rgb)i<i);4MtXrrsnVsRTx~uw-Oo2osN~0&R{W+k6g!Jv+bn-p
z(0DWzoie8U(rY-D_7i4~mkgU^q2i^781ebG0dw6PF>k8S!Uqap)UMCQHN4Sj^-jTi
ze4)Xj?lijfs?&q>>hsxmMd+Vs)wt~NDkcc?dPM~)y-t^GI_*F7c0oHY`4jI7wh6j4
zJ3g^fJk#U28y7!Mxwpk%yOo@Jw?k^>Ic=x$sS3}dOyv&?zZMnxCj!~$2y)jZHo9`N
zzR(bGrS1>ZseLn8j%Jm+R;jF}lXSnIP;i3zi_2>=cPw33rFQ36*QHjo-CGn)J}}}0
zmo~L)%hJdwX`P#ovsnq7z%cUIp-3g_7?%o(c_9(O@;v5~iimfG{SQ+2JMw0Z?B92m
zu44@xj9T*y`h6{>wP1Ybd(|$FpL@ukB(>oV+5=1SZ=t_i63-Ps{{2S6;Nn6qjnpj?
zvXTJjG@<ILSS+{5rA&kJ!l~OPIEIIUSKA~MPqp)nuDQO@Fs^*!YxL{Z!Dy!$Zb3-%
zW#79lVHC$dU(7x%<=klUewc6HzLV^5!7POFlkn4?V#*5@v5L!e%S}%mWCEuN?=v42
z@nu(e=>Ej^4wepDW_8G;XdK<VH>py=_U_Www(v~lTdlhu=Y~&gxw2T|EOCRr?#(<n
zs!Yc%{3Xnf|FF+>D<JQ^9<gY|WUWP0pN=-KT^MQPsPp{f?-8A+ACfqInN^SLIry4>
zU1GB1dv8B$EaLTxnf=nmx>o8DS7r2vm0my2sk$*aFuiiDw~onv6I-`kn=dy);aH7x
zWv~Y|wL2WQw<qa^jikg=?};}3)}C7a=Jpd#IT^ynfbrrvop;;J{Px5cs)?_ICDzM7
zTXIzOidW$6AD<_az|KIunIp(ePVm_Ii>Ab90sRg7J{)Pf-1wmf*IMv0CZt)d=&~p{
z%6wE>#j&1UIb0iN3)*UTNLxK%Y4pFxB_1AoV?ZdwWP@%D^DtpyM(?9KpVp5}(bnI=
znK#y{`(=#+{Mk!JDOExWgJaX~IGQ|5`E&*OEJbWDx#I%MH=9jQQs)*&gOKW1abari
zk2+gY1muWMlC^AUh~7UR75_>3<mFzm-ua@pGc?mIC84^-N!!#%7@k8$;kV1aYUEHG
zzrTJk#X~h~cI0wwqub&W`PFctW19T<qf?gU0Li3#s8&hwWP_yq8}w$*??<ayvU6z^
zx3N0we0cTVz7fT?o_BA>>qp-jmL6eij$(c_cU1SO=PH{LVRN$ExY_ew$(Rizb~hpp
zwD*|iPH5z!_3HUvN~BCh<FA%(%J)SdCZt4ks^l>Ka((x*E16Pi;5ExW74DOStM`Si
zKR=S|Gko$vog{QNUB^T+@6~E`Hcy0DAfJcz((U~fRE4!`hUUHtWZ!<C7ND;M`x1Of
zJb$s8Z2JAJ7|MO@3yi~71Ws>XJ<yY4iH(^3Jh{j^mNiuJ!~euHK#byf14qwp&V$S6
z;MdY@%~LHm!^l^|>Yue_stBDQ_@+2JqEJA!7W8t#iFxL^!PMd){X<g*a`m5yH-ui-
zbm%o~{?rs5lv5tE?Ko%tyTYP*Tbq^ox{YS^qc!79?Ae0+ru&9Z_48dl9f&&e4B2zX
z-&dW#)mWc>MaZw>cBuHiNa41$qKut=z4H=fn&S;M>2<kXg)*G-g*I+}`U+FV%b2_l
zS5*d0xvgs2F)4Y>OlcFEKKWchZ40t${%YJt|8eij_nIBmB6-a#z1Gh2cQVwXX`jg+
z^Jzv3i7(~u5Um{ed>f^{%6}Z?eD6D{=sezyWk0pr95x1DrU2%Tw@M-|q~B~Pr#qy%
z=Fjjl`l&!3Vb{kK58cQ|@;JB#L`ByPtWjU^U@%1KsycQT;nj{{a5~uDzf{8;_e1x9
zG+s9Fz^yxUyq_O~?|T~8PPfqQpz_^qjYr=4gj>0Lteq)?g2Q`CR-YDkow&8^FAp`|
z^XU%x9scx^_A7gjTb`BEA2*8=BOiNx)DnICdMR!!kC@{gr6^Z8j8vFmD1dObXmDkd
z9}RwJ2qXnUtO3^Tpn<<>b}xI4n^uE;J5p@L`(}l`Hkzk;V~+jzsuJHy2XDno4f2Jm
zR(v!jmfaZfwLS5(UnBQPBkDX(J7j$SY2erS%t0nkQ?pw?R;Z5Hal`$iIG*PV#N1lA
z)aBHI^&lr!&D2dXcszGa1mDgq!aiSOs?^WUf%bXwxdY8753N1$XTI-guGA##-_&T2
zX>fRY)9m!g_3>YYp^?3JcHcR^avioSkCN5!$#N0PNxR2Zu~{FI;PGDg1zM5#*nGX<
z;PW?`5-%%1>mJeE#SbNmSEwGyFnPd?QyoB1zqJ|18ohMk^U#eJ|KZNo4;IAcI&aPe
zY%<&yk7{nc@~#X6zqiVq`JUjNY;Mz-i+<NdP7ea<5{%>?lPYH(Y|3|2ONVC-Hxoyd
z?SJRQL)|V6q*46#Wru`BdM%V7r{Dbing$ueHr-_@?`W3kuT9r*WpfJ$2)<YKr>ak6
z)K}g3X-JQKmp}eXhLf*}qo;pZJ!5UQr@(Hz*9xUl=}+szfVvxVteF)86tzhl#2?-f
zMr+xnSQF_*rmo|lIWeLO?m9Q-sIY{YP2aTsNZ%_FWJ52k$#;JtN`xr6G+o_efN^#1
zU2L&)%$m#hpxgJ<tACGK-H1~<dD|s<GuaSzmQJAfhuov<EH{7nsgNq2ru^DCuWE=R
z7W&MPtZ1RUJMoGOYVR?>4i1~DMq$wrdJuo<`;I2byKdiV=ln;0|7dIoOvmopxbi}p
z;Mwgjm=zhjy+-jbNSuzi)(IFCT2?LZa65`!W{hyBJx%`TjeYz+F$?dRr68@2a<YVc
z#{yNsq28mZx0Qv<^y%>nlIMNd$+amrWxQ>k7syv$GPusZ$Jg0Ts6shyH~y$bDRU|C
zW6^L}niVbO{1h7nSF?p^c5J>>v1_pIsALto0*U`Fwe4)~%YsCPKr}q_%Ncj<hvHgo
zx$)-hh#%iA$5mw>S-Z;16Jz&K(m+J%`Gxi-Y#v4L4lVtge79a>FFd)aigC>)K2i7D
z8rC-xcPq9QXBk1Jj?V^qGq}NRDh?+V7e3lcEt0P8c1p$Z<o>jwIlP^&K!dG0-Bu>K
z_HCo>r}|ZV0_8a8VZTvPg9)^|8z$K#YPw%VBER>yF|Ss%HWEgEa>ZddD#x1pk}Y#V
zlu%zYCOFKrr{4bQq7u=p#QS)h!ik72<;mhonU0D)TZ;xQPZr0V?dsJnEBk{|@6oP9
zVRl;kyiYM5Or!kWBp4$Xu`JLO%FjP|C(WIB`1Q3*^TvaV!#VDx+GFQRmNSd@jJ+4I
zn)`k3ja?0xQj+N$rQvmJQ}v*ysv^7X%JO(?Ig(Q1*MZa}#l)o-Au_D7EPL&@j;UVo
zVI-9|H{H^EDxo_5(;?zbo`8IacTd1j?d03l3w0-gt)jen#e@y>Cw<lt%N~UVZtM!i
z_m@BNMr-bL=-$)G;IbX8W!=7KN!=PpF?nt(gy~X2rm$tk6>{!RNyC*(qh2E4G;tq}
zm*f|a9i$Wgb{|rns_WAka!R_$G$-o($s)}`-&8xv|G~QZtE_oG+*uE!bq!AYkV#M1
z&z((|Mp?8^U$4xfTYiyNbLP6p)EWCqJJ|1G_PY_W0J$88kt_oA8>IK%pfVd#bq_I6
zykNgJ8~Q*tRbTI1pS(wj4QCbF{iHkHt#hqvSz~?{av0&EM(FN7I-mEv9!1JdtM20)
zrlVapvb;I-OTNhH<?)v*WiD4OOmh0(GJP;`E7rXBI`U<Z&rcjW_2a`U6lg8t_c!)a
zxiPYWj(5J6aoxpgw7|P}lG3v^Fmd>e9P_^a;a$EqRF3mPS_Wq4e$75gxFLwC7S?Y2
zgZ<m<Tsoos^;p8Oy3HDgk}JL#sA9wq(#}47;bF6HP*h7;V6U2u8mo~N)3XJ$StyN=
z`<3lQNApFq-zk(&`!00Q=hM8+?EK-S82zL;+V63Vi2jVxKq9+zi+GapPM63&IbXP$
z_Ew10OQrXb38hOr6ZA(P<$1K8y!iYzlrAXo3)_U#8|B@LKQ6Iq$?pFQoOsrY?!!4D
z&Lzk{H^0buhbdo~SDM^~?pa!@`;quJ*?zUMk!FrmPMvwNx)@ivh>{uY<o5-iZ(S=_
z+)&4%y6ao3fcZ+LZdGQPHb3Q@{UFc#w@dFDv$pFVr$w;nr)+*qc=}S<?bgHD^Vj!3
z{CKrEHU8LI^4g398FQ|>*fx6ioHAS9%EPD6-y8l4T+qEfqY?fZHF&ya+2(sP8Cj6A
zZWQ&Q?*)Mm4SG*prymIUFtF7<W1M6i{{7gCP|sgYh`>q(Z;@kUy=rK2`@|P3oO%1V
zP!G8Ys`}-gbt|E(oVO`XF0U5Q>;=D$>N-CYc~EIQU_)j4Du6Mhg!K9Awgj7FPD2LK
z52o|y9?I32yH`8yhTIsW<|6OM3*-2m$=mL?(xr9%X~|oG&qY$$d6O53<qTr=Zv{Up
zd8u(~c$@!z8HcTJqhi<e=}#A;(6k;Mio8BX8HF!VYeJ3Wj`T%tPjE?e%dU!5@z=ho
zuE5OZxZ2a;sPf5^xF<sI73EhxqJ-X5Ri7H`=e)w{^2XM`@_F3iD|en<=D(7i=j6O3
z+_XZp@kDmCNuM&g?P2cs-t?XO8C2A2+*hB~JD8I)`wSdW-?&}dAh-DD?XRtmFKw3g
zzKUa)pS-za`+;XN+Q3VD>L9nqgXfZ~+4watq9S9(>$1{cG47L`$6t30$0Mb!aBlY=
zyfl8gEJYJk8o%>Gk_g`fw_oFXps~2+aW|`I*jUO+!y~JD3d~Oz?sQ(R?)H5*+43p8
zpKid?igU;__IJS6BbBF*Q)uIOOZzJ020w+_HGS~nN-{|`Hys&+pY}ML=$k~s%w$@G
zzjJF~$uV46UMgt7>LiG{eLE>5&OjIImsj9UQJI(*!_^PgCZo0D7;`&9@6(d732uZ=
z&rt90jO7FiR%c_1e=$xfr`*P!JY9=LQJFDTN!qFGi>f{DZ(E2^ocdV7i!0Nzm+~`s
zV5MN1Pzlv^XLVWeG=~H0NBF03lJ`tO+v(?uJA#Jug^W(Z?#`uNmH*=J_~=n!aMlsK
zX&3pYD3tdvIK*_uZ&<A#>I+lcwAM5rWFd7hH*T}*@*c33Z5CbpaQoK82n(ORS%ei6
zcG%5Bsc0caahdBI%lS5fmKpuhV`6Icbo}TMnFQZaxvGMq(*oz0vhVG?)Fuf<lUNi>
zaGbcie`At4&2c)u$Lw=Y^#NDz!lbBl=T%4TxL@;MwB+JYh;|ZejK%Irs>a(Xhco<6
zXMp*#u>}{bIlhoZUX4x-Pavz3A3phn$Nixo{S%j7YvE{ve#-K!!C1SEhuwx2ezZU8
z^EWxgoYT=1_SFkD%DXI<MuVTDg?9D5zPV#v%c0FPP@kD<GQU~9LTBiZ<lGY_GvvlU
zjXJPdJ2+fuCL8_+x5)q1mAtA8V_m^gPxuxsFs>2ZuyWsuuu)!R4j{LvO1Gw-W6hzD
z`^ahk?n}|7@ZhN$Rt|mx3yC2wJ^Cj@fmiMjcA!<=(=a{Br*qCK&mW+CPLC->kZV2f
z8P_W~_inAbgW%ffHvTzPmL)N6{i=&R)>%BOirXRl3~sS{7&`kgc8ndUqWe$I=L+fI
z6bX|PKejv<{nOhxl`}`h%x1ILze}(1!fC(aIlk=N$=VROAkTu6F{xvvA>V5|?%Y~>
zkZ0q^DH<MZQN;1<<I3_1Nhfpoo85jHt>|-FKemOJ*>P@dT<SglQpPDdF5vLNfu;Gj
zx8Y&XwArj+i!fD=vipIM{^n8T(RdhTUtr9R(VX5#i{FCNG#^AB1pRap`XRTAHu_XJ
zjrd5ZwR~f#2<y`Q4g$8Rx7<RJ;a&T4GoBSUhP&wEaV*=L8^3htS!sQLUVjAh#?u5M
zS*twSBkx?DoTwM2zq>-kC=|FR!&SI`THf(?(#lceHH!R)(;6A>861;?Ddp6ZPltjv
zG=BN%^bfKnVrMFbi>PWIw`Fa(kr&Bz)ORRJ=+f46JM4_vqU)9VJMn97afwk4F+~cv
znc*IPeKg(6vu^SIkr73hw$a02$0+^2=k}Z$mNYTzFEsCsSV~6yTwo)Nza{B%X=nwH
zz%u$ZgSXg(dPl{~y5W@<l@Sec<)uVyx9cTsjw-5mD|0O#D5+8Z3UWrrYq(RceW&1=
zjfJ9W9$OT;**h6?Ij<+<${~ZUw;1Q=v3B0OxJVUPdU`ZAd1LzBj@sK~Q$@~i$fa21
zYXv$8xf+Vh%|I?TBXcs43!BKq31*NGNC9LC3I{cV5a;m!9~JO{GaCpOBnaXHk%Mwk
z{=^W0btcFjbODqBx(E^kAtr<(40Aaz!2D4$n9(T#b3>$16ah<6Mo~dgg?XE0P^J=8
z4Qc`*O+*agvXN~>$TpIP96Pd&{ALHz2mfZbk^M;8A)!ahTk|UKh#qI9J|hhiE4rF2
z|K)2@<ncA59D&~(j06eMwsbQ|zsea{e5AT)=V89Ds?hf($q?rQt@O~R`D#fwqR-!c
z#;$3P#jp*CqzO~J-0spC7Rq^~SV8^%yr-86<!_0`8zt#+6Qy@Djx5*fZxXN<KHs!w
zo(|!jePJqki)1hOfps?KQ)PdaCNA8ztT*F4tsBkxckeMApSHYC5%^(y;ERoM>B92l
zyFsN+mqe8N?mDRLQ|j{lj=76LMIDcc@vv6-lJn?aIgv$6t(Hd~o;<s479loQRq!i(
zr?<}8uht|q0RPESnNO;WxQ*+~u5s~|b72qPc3-Dku*!oMMlq-Yd4Yfx{xuw&HX(w4
z|3xw5ME>u8NcW=fLC1=LB#;gUE3Q+aqXlmKpXUY1TLG^8pWjV^E<ZDVh$jzH{u>v$
zM}`&17KFSu2ubkHp<tlV5n)o`Qjy`K(_j;0(UKFOa$jI%7Z7LQ5;@N-$S1@p!6M4f
zBg{t61TH8w3@sRLGLg8GoXUhVei-D=&h6)3YsJ!H>Zmim-NNA{-tA@`8;cjT>eb}4
zNhc5+j_nu5%f5fHp+Q^HW193zXUCuh<HBRr;@^6TFUlxy(3OvvwkD?-`rb9v>k_AN
z3geq_D<n*}CM7Ykr%+%B%rl<}4GPZk=(n@*S$M;idcAZp<9<TUL#af|Cl{N!?%thU
zd7yV(5czq<Cf3N5uW?6hy;j_^xF#ahp)#6Zu<U}+cJVq@S-v^GOLn5G$OxCm{@{sW
z`RpZ4&&exv;+@A>hi$CPRUe+n`u1>#OMlIJc6^{#_x5<NF!1!-f!rtMjnmIh`|H2(
z4~A~~d&G)1yQ&M(Xky5|G;EhD#fs#jr&DHYmqiiqVs7Cbcy^yGAY7X&r;vb-s;-}j
zd?Ow;|3DKnbPxxpr@xy3yEG-B{EcCVV<M&JT*8R&^z372mu5Zp>J`$PXvc$gO=?*d
zIHndRA43_g+gZ+BvldF%8sRs&M2JtLQcE?VkkV1`f_d8J`On{61y>hVax}|xntqj8
z)^Xfrd-EuH@wFgdS$wLv%Y8)>!Keem?c4k2#c3)E4$q$1@g?#GuP3cCR4wSB_%7e!
z6kn5*Ioy(QF5kcB=Xq$LBXYE;wSRJBx4z@cR%okmuiQZF*lBN6?AuY%^uUi>4bn3(
z(R5;afxyxDcfV`+^nFW-4s9EeWSpRwyWO|U%Hq8@$~FBB2{E)kk+f?{ipQ!w;8RzM
z4@NPQwQDh2R){pXX0EK8DZ{|Q!#TsUi;{I-oxy@zNsC7OyUv8jdB1e|bY~M8&M`{#
zhrJ`%8e1uNr@MwkN7<w#S`C8~N$HPi*kbh<hztey-f3=sw{$K0G4A2=YlxX|(N=bS
zrJk;M10Ty_=S>~gIBMa_@I-jQoclAIDW`t6_p^hG%@_wc{goS*-M13t8oCot-;unj
zuPQ1HEzdoceo47<T+-M4wkUWuFt5W>Jl!+&FzdN#)gvY~-(*@Uk+?Ga{d+$A<q>T{
zo-t{O@#X>vn#PBvIQj~2x^+}n?qB_StbLhpmOwqDxnG$jG%`5ZQaMap4aMt+X^Y=)
z{8)#}RO&8|g)pqx`P*&RG}B2f3{5C+d(cn|xlYiF$!4KNGFxDoVlm)v(#;U-7Cx3(
zsnfe4|BO^FE__frVK9YVy5Ep_X@inq|6qhCkh8e`gN#GVIR?JIY?Sq`0-drkGA);(
zUT4Ai5Wnr|mfoBtzcI_zSG#QM)LV<&3=IXlCD}ILykoh3zE5BIjr;rUoyLX01p5x@
z@WJWh=+V3NPj4oNX4aL<JtinSO{pL$e}zTpSvt=rQs^MQpX+K@RX-IB|J*khudY%!
ztaukFk?Fnfc5!88HlVM+ZZ9p}f9Zn6PKUkQT*AOiJzXXgxCjLTpuip!Sb_o_P#^&c
z&_MxI=5Uk<X1I?TC>#ZZq+tsc5i?{U26>1g5S?WpW&f5r+mAdT<&j*({`iJ7L%qm0
zk^|dkdyzHs|EdegLk0b3{orzz_mAH{^`M^lLcPpT4-|<&(y&HipfDqAs1MfRXZinZ
zqktjX;qZtUJTk*0q~o0A*@toRVg%x8$W^>O&{-vM^9O~qcv6o9aPGKV-CSYeR`n+z
zlpL_rZ*(D86RqKS(LAdY(p^0oEq@MIy?Sz#>Ji;>;2oq^qz%Z)0XZdLfG|P-%nMB!
zko`T`^S{qC`sbX$A@;`)ilcl6=RMH(zvmSs@Bht^nEw_M|KCEY`L~dE{aZ*I|1C(K
z*#J~J44OwOM+}(<goy?7e{gZ}@bK}GX+6l)9b|3}GQ|ca)ScO%S!ARzXXcNQ|21U(
z%)bqpOY?90XI{-e>wo6g{ImX#X*T~y@;|2C{2$5xW*QFde>V-MJe%k;7v1*zfMvll
zENW%JqVZ$dG!!j9{P`B`aP}y^Q|MH5=tx|oGr?Lw?VwK3Fi5ER&$y5q)?6S85Hdc@
zLisZ;bcQu@{+9wF<HKhlWQ-^aLdJ>k68SS$l;mcHO=KJkYXxQ$1=v=AHEbhe+rQh8
zL}7+)$Wb^eOM(=HJjj52cmzZ8V4E4)g`)6h`>c+$x{x}d4CKSUKR$oAAsg}e6A#M%
z@kPp?)o~UN*+$ABWs!JDd(YaY012diWDWH~0%^xtU5Ly7+IN<Za@M}H?6a~^?kong
zBlLF|C<1vggI%7@Js<dm1@jOU1?4vgxpxU-YaT(GDm<0d0=T}@Y@9Uj%M0DgLg$Mv
zy|vuVuzS7r!1G?o=IObojxKsOhMzJkS_{y`X?U*S`YMncXUj=bFF#Gym$!YUWIDF|
zz<EsmFbz9nDCfJ-mz@<!eytXBj@?-1*(;nI9?>0Zk=7P{jA-)C4!GSrwQ>~HDHn4*
zoSdV@!W?23v-L2qWz<Mu>y*$(W6PPnoD17j3BCXJE7f(0Dd}=T0-aq9Ci>meN)$BO
z?*uPj`&3^v3X0-rV8NaFN&fKTfnafnx4K9Ys`_`<h|iy;XQo;uME$C}ie~qps#&QN
z6QK_h%XM~bDl+=!r}axN3KFf$<kW?W2v^EcOWxJLiu2A@8=X+ey$J*FAd&3t`M{7A
zcCYe4!&i4+)ie1&og=|{JW2NQZl!?yzzmZYnE|_}v%tzMt<LTK=qze=qo8wBI6n1H
zv+D1KYOYCd25lZO#7x^M<5~~3*}PY$rr*Jtq!f{mQJ$r$ZDm*1$|2KzZ_A5@lB6@c
zEKQ#IW8Tx?sxZlz|BHxp8qynkhGH1boq6Lj)T9@23)qdfRvvskI^Ih;-&C9Fc9D|N
zLv<;(!hLNW&w?nnl2^`zewE4p2ut?ryBS*^VusbUu{(0%99?#L0o_*woGM8&YKbU2
z0@fFku3h|9@QojjvFPgIS6My=abiv>8q2^|8k{0Fy*Fg!hi)fj8+J@>>rYhcm!i6Y
z3qMMPRdAo)L*1DbX)7>sX^depvPDZRbs#SIur2dMaJnpXhc{Z#&6N8M3#Eq@Hjl6R
z>?R3imX*-+KJw%Ss}05zQS<?8^pZp~?`o-Bk1P0@nWGeQCB5~recMInZ(5d`m1ej_
z@4tS<c-N+9w}IxJBU`pkor$f8iGxCA74OB-wM^l|w=B&x`1<K-**9+AN;`b=JXH4P
z(>RGA{`^ZRHy&@1MvysB@x+M{jWMls=FHC}r_~w-6hwc&ZtcZNciI+}o~+hNyMb5P
zuP-EUZCPXT0k?3y>(18=qxI7cQL8QP6Yq;5+mjTR&6jFyzEGHxC@ql7F~3>dR$VVG
z$)nVEnI6>cJyQCn)LC8Uw8J2yZHvj$ub3IgIMJyU6YHd|xvX<DLiTIU%>gye1k>!O
zxL<j1I$PS<DZ?K5^g80lN2|xYeq@N!WQzMtgQm=<;wA+OQ6w90f|AktcLM^sZ)FTt
z9`bCDcD*hr-g=y{w|Qf1T87odSYj^3(r3H3=xdCEn~491=y2@9Or0Mz1`|79#8M`$
zN{SqdTd@e*f0bgG%=F-g3k0cTMvJPpVcL)W?#^T+8lLu^?vFDd37ooNub^zdWGni<
zeL_;sGxG<xEc2=B-YSb6<z?CO2YgveD~DxK)6bP}U^)A`7<<m&esXSi0@rn)p|@M>
z{Hwr)l;7@}s#0>ZdD>NPo)R%NQGU8K^tj`ZSEkiR>!a;&G^1rk`E@xnU!x?HmV-nx
z`bsZ9aKqpdSY0$prefo3wY4LzFIHC+)%aE86jyL9_NVEzWN;fJ>jidh@y^#W_x)?X
zQ)J;7q+dC)G@GJU>knlqm#4dPx)JRt{cL>L!(O3!&RpnWMF1)4XB3Cj>~^$5AAbB?
zzsklB4KLT?h3Pl<(vnIJI0bjU+!I3|2|LDYu}EZ=jXYe(BfRxPhxR@8^|u#qE_J=o
zvmqIrBqt!_(S0{C=A96s-@J8IrHD6%W2GnLu3<QG?nh2Z*dXK{WrQG@Bo4p9hywTU
zLV-JCp}^g)P*6BPJRm+0a!mp`-^hTF^N%t}9drq#4Y~&U&+o0s`O6jL2?_&6fsjGb
zUC<Ly3J5u;<$;Po|9L&51@iuVzMO~j66iB%4YUJ7<_;W#P~r0(8$<{q22p}&Ky)Au
z&;^hLND2f$q=KRe(gm4<%t2P5f6q?{hIAMx2K4XW$IOHDKlk$eH|N&^`TyMe<lp0@
zRmk4}?SuY(9>Rxn5d(+~g!~^IF&Ivrt^c#1jv@Ou2>b7O4SAl(K*)23oSO|`pE1Z3
zgxH6=jYsRf<SlE`W3Pu2&;3xMG_10vk5g_p6R-V#-9AD1z{V)^8*7O#F<QmEtG8AN
zr@$eOxr$sCMb}Gxl8Jg+XUF}93#CUN(;co-J$bl&#rnQ!-$k07h)cnf?h=+gt9%;2
zlU08yk`V@ezH@JhS!kxl<#M%r%E(QAto(wg8@yB9D7SJAnn*`828i%vbweN1oxE4a
zjm3ZP%nAElc`CJtr{<1~NA|M9X<PA1z|XsC;f#`>-acO-VDn?(V8`5ZOX7YS{UuM^
ze>i4Q?`xz^kf6`CN~>2=VsrgWX)nsW&d(0sZnP-e#OOd5J)Smx(~7!lvQ=cq5*E+Z
z*~~MZlSqV;3omZy^8Z`2`0;;UgZXFNjjYc`wf{GsNPUQqrwb9%-H4E<1rhR|LWGR(
z{~6;W?=j>$BO=_t!h<y;<h_Roxdw>{c^@MBi;IrCIxVO<6qm<KSMF-!f9X{I%t+;|
zU)hb*m{`0a*19M4x)aMz;%j3|iKD93g-6WipK`ak%jltQ%ziL=TzbthiAa=O?m&{8
zOD~%*XVU=VZtjl<DeqtB_{S=IChuX@E$H7HzG+16$9m#YgEKduFdcvHa%LA9qq%)*
zGP-kwA(8PG`h_QfH?|qZ14{4uY`xmPCijy+>yaz(y};TZ&nLb+4@lj2te`nq#CYf<
z_-ghEmrdM4cn0t0`V-U0i3esMJkdI&(<T?*|MU|&SJ0NGrj(Vd!$e6Zt7hEEw~jfQ
znW`B!GhkvTdZ@(4bM3goN=Px52&b8)(<k_MGFAWMSj`G?&qu;sx9Plctm9o&hA$I2
z6n+tVYDe`{N9wE5o1S;^0^hFAea@f6k^f?$TqKbk=CUYt^D23q&jJ5M+Q7(*R6J35
zyKeFiZ8v@^-7>jfJsS~tWxK?T@XMY_faq5mkA~E(rCD>17kwGUBJp>04DGH?(Wv%t
zvocg(A&xVC$vHhHag>@uNZWr}wd?RxL^Xy(+Xk07+iQ;9;@qh85vAH|^ALTPZ_Kxd
zPmjapJda9-y!i%{1FCM$zZ73T*D&zN{o@Nd(%%dA{GHQ9wU>vFE|r-(D^}ipPI2iq
zRbD;C&&_x&osX0XzZjP`7(y1=a<|fb?=5QwoY$kH_&sxr-hne@&qL>G{XV5pOHcAj
zQACxDX5o<7!SB!$o>PMG^8DJ-wxdbLk7?f-i>*0b6qOZ3AJVj->tlX(+|nvLEFGhJ
zb1C^*zXSR7`f5X4m+dicdDb1_k9(^}pY)cf8CnWMc1+l$rh>G$pD%o`%VETSI)E7<
z@zC^sQ@E9<q;UA>i_^W*KPGS8xjRhx*%z&&{&<%~o?rb*-u>7bw<LaCfh3j$_KUSq
zQgcnJ;;gF`bjxV(PHaxEPm&N?EBbf$T}`NFJ=fbNL+~=gb2BLSnDSn}ZtqDN-vut$
z$QQO0s7)5*K^P66+AV34UR^j0^nIVF=+Z4<zaOopSGW<@Dtdd#_xIqA4fRW9Yz)iH
zEiH<jcaM4QA4iznB&d*6l_WD0Q^M8=aLn8;r1+pTpz(oU7;B8_1%2JxBlX&`$Y5;R
z+f2dq6wd@M)3*@5r84v{V)~lea_KEr!DJUIb#X|Uck3;U`=S*p(!r^Wgs&Bs>IU)*
zN-cfxzWS-6bFV~uTLs;5{dk+sNY8wECv=gxrct)%?Mi<X4JpImEgLq1Xg2shz$+d^
zB7bLZUxDe(j3<W5$Lk}$Z^b;=M5l~Ym6?Ctwk0i`8RRVO9=1<UILAS>9cPBmmpE0;
zD;c!vE_^aE>GeK?^G@&cBQ?hN)`H)asQl|oYoy%C1Y?#NLbKB^unX08JnxG8@?jhs
z)AHpjX4;O(?FXdc<D7R?a<A_i<%@H#7W`_sqWPfi10Qw{yX*et#^6h#297o9Yp*UA
zR~KP6WFC=CJ4cz8Xf}Vr43v5CfWljerA3!JB04JZce#O!&hYimR<hc?PHCrJ=rfBp
z_X(!t)-JtUF^r1c{Y8vl$2-1`;pAa&OkSOTE=+tB!~Ij&62bLX31~vvKSWri8-8`E
zQR6)9IXGmFFfEi@-xSVuAK}0jz2=job>Y%be5;+5g3))Dtfxi$V~zaDCk0VeeGVqV
zpRUvS#th#7DEL_xZSZ8iY=!xTDUs%t(h9dV{tL7i9k#*WNj~I_UpzndJoo|0rwMP8
zoILDOm(j+DWMzcTDa|5c%69u-M;1Q3=JYoZfRD^G<Izc<^UFu;Z4Ju2J0iHWY;hQU
ze%n^l`xVKp{`%N!Zt^|7tI@xzP)Bbh+M0QP8CYrkMm*I-F8<|URrvgE8PW}2OoQCJ
zp9Gh4H0lLveAd!ap1oBxtjBYEgT}g2;8b<{wC;U5=cY<0dI6WIOk$z>O4_ePREMyP
z1ll6$%g<9n)+H=IZIR7h?IN6I;LvX;UvhpDdZj(ioX<|f(($3zqj$JzeO}?^x*^@|
zH;w12yCvSxl%c<k*c6JqJel(Sb-uabjrI~8{IMu6)S)nuJ!^~ofXs)fW!IQ|{gQRx
zIcfV}!?R~uW7lvUp`@4n{qBaw)Nzv4!6OM%R8sF5F%#Khe|?W{!*dCQ{SlQ!c+KL=
zH#%@9;_3`)Uo@s%BB8qX`mtd*UJZ*MwIau2`#0mXZ!GxL7Sp5dxMtroa>fm^bbqu}
zsd*KPNjBu(9?^@@X-graHn-OQDnlJJv(w5J_?V#2?Wa}N)`OX6d5<-&_3Go57~{`d
zm?cSO(Yl_0u^L)3kzMz4oO`Domms@|w@L8uqISoXiOK+@3atZl<{#Z|&GVh?MUk=L
z4)P*dSV{DQy8TW(eQoW{W-s|HFyEkBGqf&x+-#;{m1O3MmSKPE6it-4J2a$vE{Mzh
zmmcw5t+jg>pLEFiJ`p<kfxGa3k@nV6ReW*(uXJ~JcXxLq-6~3_bfePUtw>2K-7V7H
z4I<J?OE<#Z<M&y=^{o5*>#loTFF&#O#5rfr%szWI^F~u=PWEMgVb!~;BsV9dnqIVl
z9NAIXu-9rZn%Frll_5N-cKx`Pn`ORUQMHxEpayHvR(FnUvpT%5=SPQS-eDSyLyny-
zo3b?fGj>wb59R2<l+!SiE0(IhmpI^Ew9Dhn?rPx=Zqc{L)d3kNh|=ddUFtutUYjI1
zx$-I@I#TgvTiS<@-rZQrd)WMni{)l#$#uJ_c8ywWGLxcLBAvHp8l1%m+dnE$nv!mB
zB!9nx+kC}fQdgSIEAJw$LEx2wXsFTXC81r6dNVzcp>!6Oh2$;I8Ix&O9ww39;?MHG
z`@2vBr{>LMAAH-2p!urt+DfsAXZBpl^Gdt1CfK_0Z5YOF%-3}Lyyp%jVMD(A$TyW(
zA2~jsE9DEl%A@pPdO7A7=G8_`j2ej6cU_-<1yj3h)xOP`>YPsIXs!IaSGR*^NKJP5
zJGg-+lXg`2*0OYTjM|kLHOf>vLpG+4H}kSk1ARtKV1+|)X|#mv#k)4T<@a@@VWqZT
zQF`#!lm)-=m`&HJ-^;M{QNTuTJ#}eXdOr5s^)U3imG76rulz*w&ceJ3Ze_xAjvPBR
z_1<QCN;Jkh<R}v^WqB_jzcss!2PBpk`_O*)`*P3_Bh~q}z1mjc)+&|ei;vpEIc=_o
z!?A|usO%J-)ohX9#k9n6US_{d>X-8>#-Z%VAMg5DKsRKuwd_^w-xp4Jg);Yk&Ap^P
z0^dk9+s^=_>b!sXnG`E}{ZE>yw9so<K~-hJbcvtqGruCO3rV*XZZ49FYW?+yJ)<Z(
zwLFZhQ(hp(S`lLx=M=yxwxJ{IX-aemY4?Z1aj;T`ANXkTE?-F*`ra3F?=_+$40BVf
z)1dbd2D0%UTSd6gll^?(Zr5zK9`x}~+K+35;qUmw_fss}7^7dOF@p#2vE;N&7c8(u
zvvYT<N5%5>qzu))q~pJNo2_?wPKi9F(sX}UaDnUCy-LN^B~*4YX)Iz>qipa+wnK>E
z5Z=K`nj4>j@WUZevs>Acjf0=~jz(+5Ezv>O9X#BKZ`G=#Vw)=hqLe#R^lk($`MghF
zMZI_Y`MXKRpNS5-=G`p_gn_0;nerQV_cAvN8J!83j$2Pl#uslt?IR<`oXQov<tI{^
ze2tq)n`O7H8j+l_mh-z;_8knFLGmW1o3Wbc(#HbHSD&1o3P>zIKi4gI%|K74mbmt?
z{c<;gAp~WTc7q!qt22-#G=-TmJh!v1|CD8cq>#@8+1Y_(wnBo6Kfb8;u2Ks1PYBP?
z#9sG5s{HnOH4Pk1rK<^auMpu`OGcev+vW*8ee00+`P`|4&R%DRH0*T?ISHx2%KU8l
zoc@`A<>@bV(;>I@ppt^_&*bU4Zz{CYxK;=+2Mr!e8MwcjGE-(#=n#k^Dcq88I%}c5
zwPZWd&mw+S>|dF25D4=M8y!J9=HMN?%uNi*FD<$Sj8T35ndqbB02{~k_Af{u?6xsl
z7&d>sv2e;yB0zku7(-1=c!bkf7F5zCxq6P$S?;$Jjr5h0itbfoEL>8PsX?`eLfi~i
zd;DG(?A4*om@sb0+EbHO<MxN~ZtvdBX)-kd2jy`LY?2;A%et4b^zP<grgHWe_kRT+
z)v;v5!B(D*1m81%3TJwGoV8P0%v|lkbX!g;CtT9RlS8F6G02&`**r;Rgm{D|ok`-;
zW_~T(G2nWa_z@mX5qn>ZYGv_xgVGyG+r+7~&la)?>AIm7POJmSiz5ppJ#TfG5Gy~h
zELh7|@4t(++CWA3{~b7JP>pmljUS69&CT9J>-uASX^v|BO|%DQ^sexamE6w+{mXhO
z*cBwB`j<qcyJ#vk-<lsxe#RZ5MpZF$|LU-RQ&E5M`Nh0H?FW{~V*}qCojP89>m6*7
zhw-IVGhIwGn4wSbX9MG$CIL2P4d#!>5e(Ce6UHAbs>Jldv5vG8PDikhWGJ~JRa?Fa
zFuLieAItM?x5iaw{Ef7pu|txvZu!c;l3G@mS$YzeOoSJxCyvv1oNHM`lvneueU|5>
z;Ua$TEZ;StNB?qAB`iYv;N`KroyLj(qLB8*vW4R8y*!@|#^3VO|9S&J3qt!M{+Uyo
z32#{G2`B#qVVtqZ565qU)woSOKYwd_;-w}!aJ>1l`jwl_NVI%#J1Se@b_@mcwK$E{
z#y}K8Wv}h5Nr3lrcNOAHb_xT_zr*W8pSa*)36|_a7*hr5Z6ZUXs>CSqgN1gVy3q5?
zHDvKk&yYH+{#fYvp28{@b@RD;6EnI@L?C-=V}PJ)_*9nwOU_H2nZ&90Fw`PtV_yR9
zCWg8vSp3yrJk=JpkY+yp*S4HBD=wCTy}ECNralRHK0AZ;EgClS&G;3p^Fb6o3pa#O
z*(Knw&sdfn-Y#b!MO?Wb=3@)9Tz0OHhKIhM44+QjXr$jr>ja)E8SXcE9F5k$3}Y(l
z;O~HAsYkpdy>fkMTbVAU_G<6oPYt8GH*FlZf*vFk$jrY;r2XznwIot`G`0<4FFH`a
z|A51Oc4^C*{B53|O$w(kL*9q2mggPK)M4Y9^8E9LcF&3&&et5XCiRP&M7L$axbL@S
zH6|O{AO6(;PDTzsLgQV?Rn%rpDk>JER(da)^ZWY66}<+^1RlL`&9V0t%+TGljR(IU
z<S0+w?3qlIJpaI4Tz^XnKTxL?&wTc<*Yz<0Ce*Q9<OlgybGk><i+41xub!<{b!v$-
zi59XtiRnol$e~@hXu6xzNXCa4Jt8UmNKWmv`P04nX|KaA_jW96BH9+GMKIldF)@fV
zZGfO(?EA=@;XqSnQFguoEx#R&T?PK|u$B2q6Z`j<<V$n!HG?X4=L#fq8oBaaq%GNu
z;x6q_13dq955>ziv!BG3Z>p%8(v4uFquqqR_;UuEuwVOqU7lfjCKXSFrF4GMI3RCr
zu)-<-s;ED<p&K@V4*4!6DCiT{3&n)~xxUuFk<(d^_e#sp&J2?fyxCM9kwiEdDGd8E
ze(}*7-MKej%WkyQ{+xKfrflBi&7k&0V)1kDM`svA-+dW>{4Svs)+Dd0m~$-f>?1^Y
zgeTxR)EF>m$Z%+gaPa6@n6O9~$l$3*C@?VSXivc7a1l^3;E}=8l3-yFFws$wo?w8d
z>%ybJVIe<3M@GSbMMXn`Lqq_N;ssCH!GeQDz(j*Vg-1e1!9aw2f`|o!i2@6r#0!sx
zihu-ziinJb_5>as4gm!T0~Yg$YPD{Mz<T;dc|G@~>()=@_%MGyV{yN1H}VSGR{~Nc
z3+%y%aPyvvO?Z4MI&kg$x_fykJ3=S4=<RKxn^T<7*a<XF0*!Gn1AGAvAgKV7lVAYE
zl@VyXxP!5-XE0B$G2ox<vY<a{^P_)4BE1%7bHT><*ui0)V$eU~91zEfJCs?Lhitk+
zwZu%l-Npn<$YQDfr0146IOaqPXQY<hc$>HOG)?g73Q|PvWt&OvZjj6vI*r!)w-b$x
zpdQ<rsO_!4i`Blya(`neVYF1#W#rn0DgKBjNo9RWZnyq`d|vUVb)r2Smt<tG@kzHS
z<JLDT&o@-`mL<!|!PXUZJ>jN!%*CsVXs6_k0_{=W*yFpkbqS@g2$TYyXsj2n34<ST
z_i^l$Hwit}XC6i0YLMB;nFy_2W`&dosf=68@-@k%#CGZ}PDVP2j<7JdDG9YQD6vi3
zf2O3Ge{<VvjE;07Byaw4yOD5lS~e2*J*rb@(Yj5J2OcT%z1x+@RE>g=(T&k6$%MgG
zPdj(3Qztzc4H8Raw?Y8Vt0A1e__kfeHevkR-~FmaJFSXs8Wk~G35q6iEIwky^e3NM
zDT2?jE~^|h*!L`xHwj}@^^$uuGoKvBelGKI9?HmQDnfK}3ac#v$}W-NA?>^H$e0H0
zC;DQ7zqVhV=GBFLUAYp6dobfO_aJ0egA?~acU*GlEA_2d-x7x%Jl1}GcAfsIkdcsu
zZSl`0moP;}izd2{A@A3>-}@y?K6^VE$5@RFaO=#*NKdgfNp_n0#38nv>j@S34RW8u
z;(Zz9jdg5k-=5v)$c|}8yz})%)}`I{p74w*j61?H8Vp%;_IVxmnaJXK?v?Q^-;<@6
z)gAGt*gY*5f!%w#Z@gNNtEayg5XsK?#<`Nh+Vk~inEu6K+SCe^D@Oi^*n1ctam3~r
z>=nAN!7vf0Y&|z5D5J5>JdA4AJyD_}vD&iP`a8~~(Xy&C`S;v_C<;Pxjvox$sf!d4
zYa^umd9$!a5Yb$tHK+NBEx7f$xw$WleHK|KXGyd&f%G=v0{e3WY1)kGl#C9J%@&0S
z1j=PyekYcX^UjYBD&Z=h$dL{=R;Og$nk)TRNJtGN5n`Py2*@4Gt<}2qTv^$W_e5Cs
zQ;w^bi7HQLjqXzObJPqbbgUmj(t{9sIeT<Pyg2RVVUW9WXD|u3^FFVhZiP)t+NCQd
zdi=y>Q#0`L)b!yKd8tXqoA;8OS0Z)&q6a30@hKPVrvZQekK*uYny<dy-AZ9rTzQ?R
zShF~fQ%STdQ1<heHOw^Kuw8ZX!;{%GxM@ffB<sVZ&^81VPfyr1RhqsQ#wV8OY2)_m
z%oRRGB>bDHZPAlBlWp|-+E-6$zL~tl?C*#3XWo0+x`rGRMi~Yb78*M~WSolr*MU~}
zzCmZ_`b$Y?-1*W13F%YQ#G8$6TDMX($I=p&-#UBLx{Xw71rxMgW@<u1#t*TUmf|7?
zeDhCt$ktMyI=dzoL_bY)31&a2W9t016=o=~hh8Z|cl0_%fuxA$5K~iw!YcV&IQSdD
zcl%W1lHAKCulmqPKd*}n&ndl>_zv@YUfaMyJq9Dg`fjwE!vmL%`nV?a<Eq+7H^09Z
zf@4z&&lC~-0{ER^wnBzO&Wn{rs7riG`yfA2+tctSi5_{U*!12`t8_BgFE7gcgWe0u
zw6#aeY3$x7$^}=RKceA&FQG{NOpP!OfgMv#<a4*VJj)K~*wD#bWE>Rg7Ylmt{1mU<
zf^*mROYA47ws@9{n?|m`_0N3L5$(4XU0Y`v%48$+<8IxMTJ*2~l%oo&u-b|XpA<?n
z&%FIQB-cf-S#j<?5SRm=CI$waVWA;pFpdl??7!h;@FX)(0Q~<+01M?o0@Q_az(@YK
zEXe;`7+S}F>-w+kUpZ7CTJ67re?C+fTF1Y-|2Fw=+y89`ss<JOSN?CcPzY82pJo2r
zkAL<4<)MA}w_ng||Jyg<{M+|`1yI?)I{)n}<p0Y<>-@K0T-7}fj?4e|JeefAe|z$8
z?k;eFI?EHFhVld`usi{(G5?L#L-(cx0iOZWfC~V0-Ejsa0dxSSfHpuTARbTvfX3tB
z0-$?d(EYGAzyhEf01Y@j1v~%@0R#YVfDiz>H}wf{3{V9u0gM1c02Tl=?q37Q1-u4?
z0looV0-$?2=YSD_BmlaXU<23!Facx$F@P@sKR_B_5dhu)`U7|eum=1D5CN0`(EQ?I
z00*E0fCQ)jKssq506u^P0Q$O00j_{S00}?^@Erhks5b#G0Fi(U0Jv0xxyetSR0DPa
zSb#Y|AfO#E2H*!M10Dfy0Eqw-05!lCKnkb?)C2SYDF9l4CEx@Ax&r_1b4de>4CnzI
z0Db`S0C4~bzy|>IngFl?ya2&~c>o!p0Z;|72WSBl0A~Phz!5+Spby9g>;bF*tpF}S
zCtw9Y4)_aD2P6YL0f>NTKrP@m024q3FbB*6iUIEdH-J6>1K=4T6yOFB0jL390ek?$
zfLOp3pa`%5Fay*9XaHFNN`M?-0B{e02WSI60vrJtfLp*Sz#l*l5CfC}#sN5h1b_yh
z39t_k2Lu690at()03LuHFay{II01SAZ~y~<JRks20$>Gv1#|&)0m}e1KsLYuzyt6A
zTmlpU<$x#vK42X{2oMF>0Z;%gfJVS1;1DnhkOiaz3IWUjW56{a9PpnCvlsMn|NnZy
zf~BGN2OT5O3m$#Qzs19eebpK>6UUeD^J9R0^M%n2g?#o;`2a#5qT7=@<WZc9?I&ai
z(@$ETyD!o<v5o{;2#eBRmcRMiZWpkf|9gyj;FwTZr8ltaVpN(iOjx<NnqY)D=J(@D
zsTvHbvPo$zF8n=yI>W}%q)c4Bw8mXyJpBWCYaDE5i3~idKIw>6LhJUqwi^RcQQE=*
zVi#(9(TCC&kv{teUv-PCvs3B7DqDjb^uw66dYs7T`|H)eQ6dan*A~7!uxN1nvbK2A
zIR%RlU*79_;hn-Ngn)i35M~J5ZbmzlD?1;UkGDGgqQRr{BaQ9BFPhmM@jKnR!-~P7
zfMVvLk7*K5Zm5hu&ImuCJ!+uuA<-k&XmXW$*|lgQqzxo`d?~Je%+o*W&d>VA#L)=G
zAMAfqJ+WG~M(M+B)Bm}ukGR5;;ZB+48C69@o;1K~n|d7;xC?`EuCJssB;E*DD?f-{
zdVJQlD_9=E=pp)xZLtnU#UqE*pW~0^Qq7MsY?UFHzz*Byzh{gX+lR6#q1{FBjY2jS
zgpC(ko7PIFU4p~$KM<Vol0r@%gx*Bn&0cNK5Bc2<tlnF2uS8umF3GSQq*-q<l2{rv
z^&RP5HW|fD!ssO{2aL3KVd+2qQsG8!+?i~6@tkuZV%^EUY}{IucI=F;|0WDMM@e$T
z77NA!nR<sJf5k3l%G>br?6L>;wr9y-T5GOuL>)PWs1<Xedd{Z~75z^8yTQ`J%GOtU
z83VN8)G2*KET>=VYwZo8W}oO$jXIxRrN&1xZJO!7{S*kh+(Y1Pi?Hz8!Lm+0QNG}~
z-a6Xyq_b+y-|muYS4C4OhudDDk=;EkFiiS7Nd>m@*h_s!3^{{bmKiZsS-x4#$sL;o
zrK{g$DCRsX+|Sue6E6<On{%Cwtj?`Iv6N_`NW7Jd&<{JYA}gOwv1<C+)~9C*GYWW1
zr{5#=`hRHLY@InPI}+{Ty+au&qOb^dH<3RNF(CS2-#-=!+wS5vF;;gr{nE+TG=;h-
zFjL{jhG{ztPj`tiPtpFVtOl(cfiXEdncL;r<20#;G(#-cf(Gy3CL8H^JURrQwgO|P
zd939S+GJ0n*Xlk_HTy<knke!S6v|R>D<AH?9vi$nVCiBFJkLv6s})UPm{HiSE`%in
zsfy8~RjYJ5x96-qki}N9wGq;a7oL+<%u!zYZe2Qr26<9j-HuNhwO>Ut+QO@zU0-6k
z1Z3srmMQ8oJM0=49D1z>aF@THX0a72!4eE(eb^+j`Orj9{kr5LjbUuQgYwaqU0&a_
z9r4pihSk~)g-XjGVk8*;=3(xy1P`=3At;8CD(0A;`u^ri#gAUE6cu!9kXMu(XSa93
zr2zq4lM%qR2Lbdk5Wu+>0i3gdv<!e801LncpaMt%hyX$WCV&zEDXifDPyi$V=pO+9
z13&?Q1K<JB0Av90>|$`;MtE}gzb7O7-+sXP04Cv|(!K-j^6-ZadK5j8oc@8|9T7t_
zN|JmeZ&HR(lFRxyg4u--mFz;8RT1C?h!oWF#Z}KD!wu9$@n=&^z)8*#;0m4W{=G<G
zcwtHVpAL}O^8HzbvxHy6<c|wFQgcNfytX6n^6RE(xM^XsSKs>VmNA6lW5pGXK!deT
zk9!=fAds>Y|32ZzH^IsAR6OJ96KTZ|Ve6lNxjPVJ%<C97(rF`;u>GBsdkPvUWkp{z
z>)nP)w6gi45@ddQHLNjP{_D*Bi(!>fvDW$CyoYAx?%ek8iXHX^&o}#oXcx~$Osca=
zv~vT{FP({cRSp*As5lC}-ZqVXm3)3@S`#j&ljl&X&yxM2HX_liefhpEZDLGF>cy0<
zNT|3>zM~R8YtBo9)0r}PoaFCx)SOZE@0uCCKW-M;s2;BL@jMV?Si}Z)Ub!H>1}FYW
z0CYWDhXMUR@VRgUH~_mKCkV=*>*9A1&jNo8`2C<B^f^Lvdwzl3DabW|cpliFAcp4R
zXo9j{;5z~&0V<#@9@r(oBD5VqJ%A8!46p#pOoKWJz%K@M)_~;$u@lHo0U!GNq7o2W
z0b2mdEdVW$1u+k>uYj!r_72pA<~?lyf<S#Hkk<rxXuq5R??LVl0O}V&^PI{-?q7QV
z7FvG@uy(+f0!)Ap^~(#vIu?Lk2K5_&EdjO?lt%y`dS7n<(EG&&aVxOUoTMh;-+=r#
z5W@jK4&-Qn?EriLzCB<Gl(_+W4y+EyTLOXrG$04{Bk}=!z+VKYgFFo22-KwlaULi$
z25~#^34n$Ay@{YK7yx}HMj(d?tUrkLfS&^_)DMCOzBlkof&B$+0;q!ztT`xS0l5NT
z%|V<2{31|R419e6v<+(zZ-R2@JNyB1P(KlxcLse9B!Ef)wB0q3p96WQp9D?og5GaC
z@I66}5g-U+X23YeH3O=EPX-7CWzf7cNJA?Xa0%9>1oGa15#Y;#y7s_A`wR7p-h;dy
z00jVj7Tka);OBxeS>R6tG=WbKa;Ct31j`M9Tseqif&C2ZFrWkEB>`ptsO{#0GN>Ph
z1N<=HLv5W7@Cua2fc#4U^ch(I%MbFg05ebz9@q?!!v$sXAco!>w0$?=djWm};sB(e
z{1#ZKJwk0A>cf5l%R==Cfb|1$Ca43=*)9b!JMaa7)c|=z;8y_~2)G46?Gy}NJ{bkz
zfwFC21Hf`nJAvw(0t@wpp*eDG0BaCK$2_!u??8SXSg7qm&!2(XUp4@G?@-^e5%{k`
z{WY*03t$_>P)Bnd_|*WY9UXuiKgdDf`#vBT0QFy?;}LpaMxYJ@@RtFbpzIOE3BYoK
zSOfUbF#;VQK_LDLNC*BLuu;Ief--1ZBcPriuv;L8<{c^kA8M=Uz|R5xG00m3pz{k<
z7dmf1ZSfSq2+FU4Jp}m_z$ZX7pbF&L0JWez2iQb_IbZ`23Cf{mpyLc`d(d|_4Xg~v
zO9S5y0DV`NAod6OFTg(o+iV6g^nE&mTsMftfgcEf&YRGF3WFTfZlUe=0HEJ)(7eem
z00k)T0WlG<oS>`*SZKX0pbR=!83KesZU|ZqkOlJ4xyS(6SHMEwmjgfy_|UkrH?XrH
zhR#zVz~=@z6#&$J%%D85M<9O!tSDdstlJA%=-A8!#DY4|@d=&ZpksU%<kp~d1G@rZ
zXn7t0)c#<hJn-v*g)~oeK+X`@7C<4$U4qyZltafFbo~DTIq1AB27u1TguqgRd?v8a
zvHAx13m`8Jd@WEHn#(ExEE}L70Ifd|lt}^TK#Ty&(SaQYmH{vYfW8~(^G*YK=-8PA
ztOAljYz1r-06M?y0=huGCm?17z9|4Y??L-O34r!v2E@dGE`S7xt3e$S;D-Xc1T569
z>_OfMSZKXa-UIkTz)k~O3xLie(Df}0_|SGffO-)iMh6xF@D}8tGN@fxf;`l|+Cd)r
zEqo2~>A<fBeis001JLn|0`emu<^^Pd9Q6G|+gSl+(DHpCegJi>0MK!-1M<%S(05e~
ztUsv3jVvs@Hpsj~gTcX`AI@0VGl4ZaJx;k?7s6Lv9Vy&gkib=LDot&wtw5mHGl0}9
zEe|hmp~>Z7@s!P0_bHiCPY+zDxh$<I9~>WdO_)GE4GIf$ZXk8;MmOzRK?GCbOb^~<
zQV>oeB+3PghzO63PEKAOE8fP7D9A7O6is<^g6kkK5;@XTjol$PlDQZUi3q>57rqx4
zkr4m5m;b!G8@5wM0YQGfi)L-QpKz8BOG=yvLqa?_9y2yEk~p0jnVDHu15@p^U+|n4
zQ&K!HjG^#kNaPv@0|R|#f@*nkka&>}jg8q{k<rpkRn&(LiHV*Li;MlFi|5!)me)mA
z7FK$)7k^ep21dHG^GT<>9G{DY5|d?aEPHuK3|i#bfY5nf97lOz;FCZ+EGqKuVbnot
zbawXqXx3tGcz*urZrn*YG&JOman6JFA(kC&bqeFeQ2bPEWMbmuLE&p%B_h52c+PS#
z`iI=rhtP`$hlkxYhA|o(ju=`KCDMF0A$9MnF7d9b3#O9?hKKv4PvAT_8a2{fmDRQ;
zh^Kn03ulu02{rZ10MRTgIM8TeX{n#U!^4{@Guyh#@VLMsA;Hg#kS!*~QDh}Wk))f+
z(3sZ7OSWzFGj3_CkQhykQ7miA;AkZVVkb_Hk}oGmlcpDh(B&4yuoX{sVowGI!34r#
zVWG<@A<5&Sk`izB(5<bFvL6J+VZ_!YNVO%06Q;U974y+jBR9?urp?U@qRF+8qcf$0
zqobBl$587WL>^3zr_4%>CC}nT6%~F0{tk{7laswRTC~|*gVP};fhtQ!mDK38oA)?5
z7&q~(hwoTM1x49KS=gs@6nzv2fdKz(MC{r{n%l)yLBPXZQ|cWLf&f2wXeu@w9NZIA
zd3sATbq<H_e#BlEd47+nK7!fmQ2zRjVb&cO6cl7PML`c76cXaoamjmWX&^5Qi;KP1
zNxfDRC(#CjfB=6wEP4$@(4HK3av#&8vNG#vP#Wh&u@vhl66(px!AS>&A%tSX<KqWK
zp+u&{kfm1#a#yeSF>FaIBP+YAi1?&L5TzcEir?d6Qj!M;!v@m8&`<})qQ~N)krC@^
zQW?7|33+JA<LlK1^H$?vP>|CgFwo0sVyS^c?}@A;qWt<8$AOkIv5}4}uGZ!V+m4%t
z<h$u%(#5VJl);lRiF@uR+}ufF1gT~U43^yJ;^MX8g7s^?^jmc?V$CjU;_qNFG10Z8
zv9)+mM1*M(8R>apdAS2a;X}<-SZq^5@Dllug!nfHn6{|l>FIMr=?i;C&<1to@U&o2
zQISI;kV2=1NEW5l(A7dh-~vMuuwuK%F-Q5(#Dry4QI+c=gzCYm;Qze--_Jz=r-%RZ
z`rl>H&oUtRObiu*)5sHe00ICJ0F56Z15f~{0B9@>8kfTY-~jLdL;x}XG+sytU;{wc
zZ0I^C2hasr0Neo~fC4}dU=slQzjqkK7Vo^@p1yYO<A$+edsry*8V(-vyM3l~Trrzp
zl~w50+4MJsQBdk?l)vcLiR&T{0sH`65Al113?$sZjeVwCPm~aLQZlFKxjJI=bu61)
zp}JE~4yo^JUf7Sci>Rs@O-vq@-pQ%+g(=*?255<YD%LKLPDsuczG!P)qQQPVn;t{Q
zJ23emPt^OxU&8VwiMwf#<}xj7Vx;1qX8e^`Xh4)#6jcS0-ne_F+&n35%XfQF$T4nC
zqr}1Be9!7lC333|11I_C`u?4t9#l`i#YDSEHdrgeU1FLE7`B9WQRJ*&r{matk5A2{
zjMyF5XI_oXi^AymEo&?Dkprt*?<*l~CG!HLtubbGL<i|>aEYlOKpGouKca#loekjz
z<ugcYgJcq+5z^bp)Fi1Y1ezPfL5@q1?uINZTmhuL(eCV`0O@bU)^2G)8XOz-k8_X?
zhjY~1Q%H-W<~^Ypq{ktEJHP;Ga-=faO+dOF)2b&qkT%CAgQhT~&(Sa!8v|){SY?%a
zLpmLvux!sDt&Whb&rXnD$LyWVH%POiK^G?k((Nc)wf+NXcVP3@b3pnXQZ#qzkcP(=
z=21JO<I$Z^ECFeGFnmExf%H6_gW=X7O%E3*OjJnM<DP3;5z_Wx9AY$v^gRw)d!IuZ
zAFFj~*^ti1ibYinr1eo;>n#rHef+LGRDv`=!~}xzA>9v4xDz!<`vZnswhhw%NcwO+
z32A_Ex9cH7Iv~V4NAr*t2zH5;KBNc2O6_V0X@WFQedUF8K?WzMn;~rw-7*<%NFU_m
ze*7w=5mKz2xen=sSUex<gS0|MqGdKAy%6_J3vWm>q@cNW9?}iDuRVGRX@{6{5y?UN
zA#P>Id60(4fruq3q$9#iX+Z~RiR^w0UV-#P2z>i%Ax#lBUAIk0S0u}fac^9bX&9*+
z{P93@_!Q;-+St6`(w@(h)1LrMzl&C9BDYeTW5mztgZX`a7O0gNH|_B0QaEHv<ah#T
zu4JKp@N^g6KbTYK2c+MY4fD3O4-ufY=ZLFeU}yE(P{=jPN{+P8_NlS@Tis`|1Ux&q
zofj>09x)*@Qc{g2k#|_pmx@Iw#u+3*Y<SO8e_<u(<T79LUh_(DMs6gAGCM3(;&wDF
zy6pMi`?T(l9RoL57Ef35=BV-=6=KA^j_St3damAGKa&a+PvS9YcYjw)qg>5rUA~!4
zeBI2bW@FYd$lcYOHgt!TPU?kC9iCfSN(e(EduC`VFsg@$?j?RHo9Jgfs_=s&7;g6I
z`{(Cv63*gBJ-Iu!ZSIeD)5+hyM9?0>z;2+jBm{-+jPb8DWg?jU{PG9pyRJYk2`|&_
z{LuKQ#}29UoZdwUr!hUx-p8%Cxi9tkU9Q@<4a%n($AvWziVTSf|4s>d=oI>4+Mj+}
zAs4n^e8G$E&13F)H9R@!yYam;qxy#jVt*3$(MtubSK9fC*f{sF>26yNx^%bVjTcvK
z=zVZhL}L-QdG6ohPQO>lu=r(*X+E!)d?h9AYC|UY@F&#O9BF%IvsprU8te3iS(KE?
zE2rM`U7NqL!TvzX=`WAM7$wb|i)CV+k%|({b0>7ufu(egppX5S*@{lfh%r7I2Q;30
z*H-uXXz@8TS4G^f-xjr5Ngc4gYC37PQ<?l}xR<*5LoM;+rS#tKDVSRPpQ_9<!JXA#
zA1M+#EZ|SIn#)I0#BLULcEaB&#W%*POT{xLi;(^78sVBp!OeUAu5w7=M_IZA*M-Sn
zHUm36o4}26L5KA&0;0^b>%&@q3YZ6sYQLG(rKM;zuY;bq5%QI~>#J#@BX!vIP3}th
z2&-kh;y!P~aK*H7Z6{rt;;nvfPPd5I=-OJ=x^5V%8!>zc9ZDF8T7X?A^}GElP!cKg
zd9^@@Am+`APfzB{vB{>1K=lmvK~?I;Zy{s>-m;$G_$Wjpr`=={?8}~Vym|FKjr{BD
zvZeDzp18l;kH(2q!kIX<mZc#o?69(-ca@!+qHq@d$Tzu+kty)VRm_D0y3wTk<XaUl
zi+_9np>eH@%}HiZH4f;tSRB(Y1!ql`{l%q{H$sSM=}dKRccSy~L$?I%msXv=q-q6|
zWc$7DaM&r-za^i|>XY3YIvoDx+vSW&F5plQ)lufWvK6E~OQcTB-FN($Yy=-lurHHs
zCbGb+rGr6kA6AS`eBg63hI1Vc<BE_mdUPTAE<Z_n8a#`Oj-ZMpv4!&HNXvu&nfG)Y
zk}BCc51#4$FA9T}&Xf|4=Tuxtq$K$-8khA5_dmXlMp@yIeAo=eqFk_!UO;|6*Hob$
z8}KL-h4qV1;ozC_H=CcoVY%imU$&Oot`&KzK5jB9cVGW3kHkO{ad0k7QjFCLw?uzu
zjK}z`eM*&&AOS7~tIjT?qw7=X_u#EtYQ17K-YgrWn<}|rom=Dr+ue!z*&L-Bd3K|}
z49#EbmS43cd1Vq>Jt!xd?G5mqz6qlGY=NEf8HL|gcutA?&`~XYyxW4}dyvE8>L=Dz
zYgRZ!G0L|gf4|@DN10l`rS^3H9sdl~MCBe8KSLggpZ8g#Yf&-#UH4aoXy<gQZnrwE
z+(J@e(JHFNiUK-4hp*u=XyQyn`3-i1aSS03CxJs#9k9O4RYJnA=bx5b;I<Ce`l1F#
zs$qyBW6Npj*Zyfi!b}xh?W;|+8UHc`zg*97@`y)orishm_krz%v7DLfvo;-a`1UWM
zk6achN59ELS#+wA1YELE4J*0Xx7Qf(D`iZLW_s1K7wS9|R-W7TNe9xlCX+M8E*GJr
z9XmbGx;%-%Z4X~ws|n!AIpg3zpq9pYsq%D;Sjt~I(~g;7&VII}V42=7%J&qX0_p<&
zdr|hk&ogO~e75)+2aV82gEKxL(x`e{)e%vWGXihY<o8A|=FHb0j&EvCDu<))Ka{Wk
zAfXhm8%41s{$t*|cNW!O5mBl#;o?1iX=pX<-)E3<=is;`kp}l}%|JdfE?F?n^i!Hp
z!agNkNvTE_(L9eiW9P30(Q;=4{ExbyKf%lWY1Zk?ww@_tL+$>e+XY*N)JZ4g1UDki
zKD?eN(LIzhv*5(_s$Z-phu-J|pTVQrXZx4DmKwV?sIqRU0*>oKK2qlGW?=FQp8NnT
z{C9kv7w-p;|DJFvm!J?H^krV+wI~0=XJ(1Sbo0Yz)r%p~Alt6mAHnJzm2_dFl^;|g
zo7<HxRwuM%u)aB`lGN^}F55v*lA`WuJ@)T4>z+D1Ju{mrS7=cSLZA^*O>KTitC*)H
zWIxU_-t}?4I<q4FaGrOZ$<`Y24dtcPvswgcd9=0wdgXS{L)P;NB2L`*o&;}p!-!Cx
z)_+>kXVM6J{XR(vPbE2I?N5tNKb<109IuC*WQEcT#p0M(HMsO9_16VYEq#tJiRf{P
zeg-_4)7*7A7G^VzetqhdPe1u>%^fB>w=Mr!EH$nAnP9VHVsFBpjkTx;M$6WbqKV5|
zgOaOAH8KI~NHCKh<%{!+SBMALFD55KY8q&~jaf`P`L=)f!>Eb434Zw$MBWpQ!>d1W
z_(cJO6w__dC~8&W&Bp{WPPV(l0pEMkam*vRaFW7ZAr6hVmt!a<@T>f{yRYpvZ|L%b
zU1lp9^Gf{@P}OPUim%9wo0ZLn8aOk!O+WnI#0b_dc;Uo~Mr-)xVZB#&-#vsPgT*K=
zReQG8axiNmK#R3$wn6hn(Fb3N@gUs}<X`X{TXTz_72ij2``-t$P3P*lH+bhX8rDyK
z2&9m=6PY;PIJ+C>=Ie=VU;F7DzoDq9lEuJTV?I3fqs7^6{Bx`N)SoWd4Vh}Jf;Z<}
za9;n!J%GpuG*)f}fX2q4SJF4UHCEDQ=7g(n4Yq_Q-MG$0muHKnM4E{r!A43=ng&``
z{sC);G|euD7M#h*-*0tB4j#P@nw{R97Bs&tgt4$F>VNkx^xE6|<Da*0<1SB6F&<yP
z{x<LIT(i>Gr<cUdtz`-W0|#qkQ!>uR=4bHmK(f8CVBSzx_FLV{E8}2zSRo-eIGbu{
zNIJ^TFXHz0mf+~wv;A5nrJ?xaW3;=9iUXP1S)022{J$nuReK6qSsiqRg;%<6Ztu4`
zJ6~irHFbOb{Y$={l2R$b$Y`%7DEQn#N=nB6>I(K^bW}5hpWoQFsOVh#*DwC5lN00{
zSJ#w{#YOir9v)qD0s<*kczAT=fdQQ~Iyx)Go}O3P#Kg?p@89PMAs}F(W@I#QA%Tgk
zxVVD!fq|K18yga<`}>SzOiXqfwY6gbo}QofP*BKlLqc*W*x5adNJ%;Q$;dbaot$cy
zpFjUopPPI4LPzJaP)tnSYkuCWsjhC^kA>x}&gQ1%PcAOkSD~RF@N{)AK2J^ALem+Z
z93HZFQB#{r-``Vh*3=C8zIbuiXm8&>J2Ije*WUi!MnvSPo2u$cs+!ttx{=XN^~8i~
z*yQBvuSZ9$eWj(pH1F;R59Q?g!qwFmGWhuPt;51naTF9LqHk`ncVS@>;R6DK9<;QM
zbH&BweLj6^WhgG*e5$Q|mS0ft@KRd3GcX|`8X-BkLMl7EjYe2l+2!H_{-mvK)uOSn
z%X?|bvx<hsLKYjFoBHvQ^w-%L=HKaQ$BwZvwIFnKd}2I20mg#^t{xMU_4W@R@&)AO
zM<a=dL^ykU4O6~+Io0>~55AX>P<mr&Sw8sk<#sCx2^+7wd)jYP)7;LWpmY*V&8eK_
z<$wZOT5EY$R)4+3#4@qS$PhF|#o^dLe^>^Zn`d6*<BKz|toVL;^=hLH4UK~E#}BWH
zwKcIHyu1dMqM{lesHl|qDk?vc5fM?*>FFJmjg7aOySrb0nwfF>R$hK2XKwzvHz}!D
zBrUCwXKPDn#@9FIbbFh3Zg5a8Mo8$HlcQtPQe0dt%-o!1jfTc_R!Pa4ii1P_qJhC}
z`T050+1?(*gq2m*@S8XB=arSaO328>*sZN|&OSbo#|#Y4s+^o|#^mJm!k<5%7}nPh
zxcB#Kf7scf8~OS3U7m+W)(#aFjpWm(Ki_}*wrmy?6OIub9fsxNlDH-*Df_OWq1V;g
zx^z@oc`*?V4gvA<66OjM6PMh~te{&!z{K9r@TRh*WzsG@Jc+2Q%jhEo1(Rq_P7Ble
zy72ewYrOsR^g1>i96nk*yRXyVzq^#g$44Qhrhehe%xvVKq@)#(h)5>b-K8EHA6JRc
z*MBT!X7<rqU42s&8=C-^mv{XvDk=~K1A~aPqhrbH_ivsBS=s(jTifPI8JV8oj~}a9
zI5@nYV`1S?R#%U_)ziB#{`z&^k&sZ7{r|r8`~NZXKjQ@d`*{b@u~1@Dw*&vTz$+s;
z&}ZxClrToWKsxc&frFf<5aTUgs`BY%40ovBDjmrSiDze(`N0-2A)Mc}Gv9sQFKQ=5
z-!$ut6}@n0XF&U^5%pTvzW!wW_cw)&^G55@G&qA<a>|9fp7@5{iH_DiZ;>j#A#>Lt
zUz7^^v75zTeJ$$ppu3SrQF@5zQadg4HW!Ddn<<g{()97YaZOoHmJXRo3hGf(n93gx
z%>*%}2uH<vNjpo{@e!{34+w9{1LjDdVt#qfj4#C!DXs?Fyi`r3PZjNFI1uO2)ceWJ
zpMVzE2<aoglh%r@Rojp2!D2S)<p<uvVQiY?nU`2koU;XGRbO?jd7ky3|9E>hs5<le
zwSwQy(|O*-ze27j>)cq^WD&QBQm<MoUqnA?%XaLl!3=ykJ(nAbgx`?JUQp|<rkCs?
zs4ZOm?fJc_`FjW1E9`g7OtE-rSp)QnVlKm*VIw$`Db1fls2@Lh_l&|hBX>w|vu*gI
zmj=s-?zL=X6n^kudP8KLnnxjVyi$ke_J#atN>?(0kJ047i&Z5k@()cf>HhaVk&j~)
zJTWlDbU&#yIBt|RPp#s8jEzX*ex)1Q1Rz*eSu{ReG>I3D@7l_*sms~1aF!E1D@M(6
zQd;E~u%B3_9qP=CnmsJT&BxIB3d>cpU`AQ51%KI1$PjLzkJ6qLa>}~D+wnGw|9xC~
zi(M>>M5HaE2#y+Nu7PwiL0jFj^EG2@`!}Auo`*oQ^*6lJF4TDn2j59w)-R$I>BkFs
zmDpet30l>pnLqO=(BgVJIGHduD;|zZL3ebnOCs<);MKgZHZA@YrK)VEj5|k{@#p+C
z&Kc&fLzVVZ&$$yrZ)%Mu{QE{eY!N!#Ry$JZe8kXzOX^m)^#1g-S0y@wUigb)*uXo#
z?aQWeCdHLiv4tEqv^hM_W4Fd^G8ifOUlD(iPRde=_wGf5O%U{cJc-#<Mj!TxLVc8c
z5%kA(V~M@FVbrPkb%kj^GCb_gg=XPd=eQgLISn6HmC~WLMM^0)4(=0VBostcAPx;w
zqhT>&ppm)%?g>KojG+6^|6=f;BLKPw2h9z5g}!_BuBH_Bpjd7L?x}3~%>5k3=8G{m
z(SV!FluQ`Mlq9O@N1u;l8!Uk?LwW9=Jt3^guX!zNT#S<7|42qE{yu<nMc6FgGuACY
zZnl%@d)K=Xm!!9?hJKE*yn3FGdfTr4h1j_X+rDh-IbGvu|KkRiA&r?E9%XViiF2$n
z=`hlhrSqGirvoxNJD0yN7#o$I?fvjg3`>s98R`oo)_fZ7Ttev;zu?!^pc5-A7~f^V
zEyQFyVdvCWpD8hf)VSB+h3SPE>?gY%aNM6|Y`G@ONAHs>+yU>$nJv!$+N2*7&2&Gy
z`?S1G&&^~J)8UuqkHR3@XRe<PvBvFgZAgA7ShZZI==?=9{c^gn>pQ4Hk^+;g3>#k8
znZ+TddsB$#l}6wYqMLZ~R^UE*!tsY8me89wd+o&5i7i^gM6PfGs<Iv*Q0we7=@~X*
zxpvRjhshC<eu#J@uofO<)t@c8a|vrpwHth6{#q?(ba<-}Le+s|ED=O*muIrjxOE);
z@nc0qA@LtRZ26&@y&XpJ8`|PdHf-z$G2GwiJV%uHdNn_vJ!!GJNBX_iCml|(Hc`;S
zn2w|o`B$KiE)4@C<q2DchG(3Gz+ASX^u&Fbw3_Hf%=DX@UQT;S`}^bC;W4Sy*Q6gz
znHAwTaW|Y+Br2_l)>zMI%^#3Mlp4_VU$W*O=EjvAm3+bI4JZ7f-4psQJj>At0Y{fP
z|8Llz$7QdhSL}?FccU=ViBTh|r>&mfZ&@!aQ-9-2;;mNURi_#a(J>cHeL*C_x#ZS<
zNOSH)WLMOvWBoqu`Yw`h<?W%Q2(guuqlYgGpX*CulEN33o+ZjHpUK|Yl>dE8@-CeR
zRs!K^FP+1R`aJlfc@=UaR{}<13w5QR=9BJQJ&FpYrq}wZ{NoA9-&4zm!8|Z!TW3sf
zZu%q(a?5_$-$jE?Y(M?@2pE_n$XuSn$-Z7<cSIQp>JpNub|xRN4wge+*RR#y9|+`O
zYm4c8&()l~+6rWBItOiy4G<*A!$;xu6JFPv{3`4ys~>NzLyZZQ;e9Dz>YmSE7qs}i
z`1t+jHitRp2CIWhdR3kCL{9B>^yf2(`q>NF8onRK`)?7V82B==C10?RP><^6y2mJ$
zTvz+c@ZX%$v-FZV>iP+!h{QZLQgo9R3wIEj`kmbMDqU>ac>OHJqI|y}lVbkZ_GZYp
zD<QQa?hD2*9G0eZs)Qs`T&BwSEi>fwFrJDlbM^f_<0FNF{e$t)_ie9g$1iBiubR*|
z_%63ng3AzB*$WEU{}i!PKToeoh#pl6MVlyimi|Fr$LkZ(6Z*Uw!ntC`ftOz;TNlto
ze%Lqb4?q275vb(wSM&|V&m8M*<o+COx>A*?d;&wv)RTlzR|P*JS~VCMUXzAD-JDLM
zdB(4>%z7?7-zKvJ3U1B!lzqah;F6wDD>-?IF}PaPuKYbl(*H{8o8e4uk;0`16$9r~
zesFHkE1jIb)+%po1I824Is3#uw6?eHbenjf{AvT&?)kc<-(S6jWE-50EB(o>rxqtl
z)di@0^6sk$*;JWvIH)M1Zf!L0PnJ-VM_zUxxN9@!b<?7oRYo@%%wQL<y~m2!=AshL
zc+Rb_v3qD<F~@`-C%E&AVVXy=YQW{~2P@45k(Ju0>yL6%>v|pBQgk20KYyR`e4kN#
z!+)l!@1hrJpsDIHVoz96xm8=LHsFG*&f;vDG<iJ5BW)YS+HCk5t=;VT^Y2F)r>Azi
zxZk*TK0Q9*xy)oDK1ZI1htHHEcyJ&*>ylQvTR9t3XV*j7G#(2Jq3Nra`D`w~+$1n0
z)i@LX`I?Ad`UTAkmS-r<Zeg)vM@v~ZFI(=f@eyNT&c;MZ$I9`^INZNJIdz>4C0yD`
z!^A1*Y7Qptpmsx*!=zai!9ekE%6>H|{^{HKEBQi0|D{XK?CYZ0kabgvC8hX}M4>$q
zwc*5dWVp+c4@V>D>7(Kg18{#ci4z-~x0VgnG8F&v3RzX0yvu!Z<^L>_qQF+Z|JkM4
zi`n{WE-zwl_>Ys7F9<%jYDuWQ^0Zy8U!)DtpxHf7E9cbh_{oX_^Q|65q>@*QKfYS%
zLOmqTjas%ioBH;O?ja|W!Y(HuuCh0BS`q$*kKH<bpW53nykP;DfJK_3=(l)S(qG5h
z-y<1WvvD%5RChDTFyac<-ceS3gY`z(eR^FU|Fw1YZ9kc%2#-+`{hDCl8pm?Xq3x%0
zgCKEJ9POhYSAx@5ft1tH&w80YESR9$yho1C9VyvIkxNh=$rE(JdTLM=^euzL=SxOQ
zr_S!6)F9=jw3Z-MUvDj~*kfS}goLVLQ6HN(=2}wqNZz9d7b<1)s_B1x8$r_*i^ayD
zn40a(${l=7jn;`MAH}gSs27<R%q}NxTxY#$b1KA!ZT6F{g@P$`(U+;rpo)Ruv3fnE
zy+p;IX4dN6-R!oq<M!H**EvMr6(WLHk@>&r{>-r7qeZ2rH6X`#+We!{6ifCpFhFR>
z=u^?auPX8G8cq9;0UMLYo=A6o;WMOBkxnb_zb6?SnyYg5MRC)b6}sl;PPn)2-2QN=
z%6%2S<+(Yq8S%;L5aV@&6Fc+BV!9KwnAa)QxI-=HGtr7zAI<+bR<!e#n}agYLq#{y
zF=7tKkRvW0t}TgKhLlR#`d2W;_Qre@ueXY*1Dr?Mg_*^7|Hi0%*u9g*w8KY<SxfwR
zF}7`L<z+M?Ebh;5zW5xPMs)3ypt5JuXP-)PnO`^3TCDHB3Gh^s{wS!=hxWE`&OrT>
z8d09Tq76fEEf?~>AHqemu8Gn)T9@*u=)p^-*+_07>_b#y2Dyay+Ga3U>~s=Dc%#m#
zpC&ab-P3h@Wt5)&wGvACjv@7eOh?-C?fdF`F7(hS)M+oewFTl#UKi2I0>-cv0lIHl
zG9P)~y};>sxW&jU4bw#W0O!&osC+jY-B%1RbH9n!-|iOS@^o47k+M-Y^pJ0v3U9`e
zh+lG39$92exXg*{1nYUTnKvqxfF)+@1j<FKf!L&iTXU#O7`J%k2ik9SRZ6P*ubsJ!
zTTj<rG^xCLzj?gsJ#>}tU!5SV>ZDNf!T!xGg(E)CGW@3MS+N(9%pu30xq^?BG$!R@
zXa2=1H=(mzcx&&A95%(-<+4T7kEy3DJfAIF!uP(;aY&o`bunj0|216@-efmJ{;1G;
zY4BjEf3LP^5IJo=P)w^+fEK+Mj>amsHKj{9A*W68<-i~Espr~4BrrTPSVafnw!bzO
zlZJc^<FJKl5M_rE?8H8~91RB&hG^|;3Qv>KpV=!Mw3h{~SGms{#ddrj-qz!y|4TB8
z5p;qBi`p-T^;Nwsk-{rC+g_eHjTOdF>SUxNufc8IEJ|~QEr{M-vsky8$?PfBs@(6I
zYTI%VV_D%*Vwy#vj)kkHY3c!dZq;x&9^>0GHw*ewe2>0XjRp);r?Ub$cn>Qj5xU>5
zZN~)NC<@0ByGkuatc%~g>xoy@-mW=2B<?q$d_end8ptS)?CuYDBZCQknKbV{-Rf6X
zVZM8Th`ci#??%d|LX?Bahp54_ZD$sy^-NQ+_xJtzR;!8!=4RT&+u`o_k_F*Y0e*?|
z&lj=HLUeFv)W~4-Zq;w)86rHtiY5^gVBxnMDE`Dx3a5OXVI`4)O|nqNF4Zk)JIjIi
zfVZ&RbysVE_<8buYT{4d=j5~kDm8g+j?+g&ny=_`54|y4E^S}G5cxaOJA3~5Xm1T;
zn>UP<>X8;cwRC>vRkPiVRKjT`617vngK$ZZnE9mWm%NHMF@NZ--<lc>{@e*}<YuL0
zcJ7P)5|?|c@P;9CppKi(a?L~Lg&u6B|6`1W3Gy`pdREoY(@Mpdn`rK5<B>i3qa|^D
z2{o9GHUsbZ16vm`w%1F=&pPV!op@o*zmB*PQ%7LI&W+<XmFRsj&NdL=@msVb4E^NZ
z_{t~LESindquQYrO;%~VYtQrr#|gPz2=0|YxtGb0@rUnCuh~OL1=JF1#_od=2zzil
zeW{w%zL-~5lpWtA9tD#J7Ofl7jhreF=i6kfAHOuQ#@99qXY%0qE8Vda!qX%rA(Bf}
zy_r0PQiyP4C5<-0d{^>LqC=J?zk~r+QW1`6!}Ev3WW#gxb;i2i9G}yI<KJ(~RybMI
zow>LCLhm6FrZ8OX8(Cm+%hda$IJIH*m-QpAC3CewqQ=p6%m%kK9wmH}4a(dS>rc*3
zq?fzV=c;Tep-RjBZ|{CPTN7UDH<f45%_B8`JA6tijbKp~HB<abS)!)Cg1Vcm5a*QT
zLo=_KCkr)i-BTm~j{)RM<0(A06!AfyhB_OcKjv-P1Z>QGB^=|MX86OOUGzO)Pb{qR
zI^Fjb_Q);jl_Nvp*Orf*FMWMv_~dQg%EccCTStyxhQmz1<^Nice7vtu5qDyKyU<2y
z*oQN@@V#Q?@mr1S)(qPD!(MzKmqTe`;NT^X->+A>_wvU9g;*D94Hw!yLqADrZ*=$^
zExq=@Po;ma&+YLSgr5?_M%hnF-4$3AIsJZ!bl~cv&N2SvF<kuNqx_n~0l9sGB@;{3
zNbqG0O}Wq5ZN)S@L0j6uMr2Y!h<$Q^iPcg|PfrvDJ6Y~X&Rz-EC#~xSqzQ~v#-aHg
z|6wPwDpLPO!7>JVmuKln;dXVTGpi~-cN^NQDWit()E=3lF+by3es}#$FkoFI$r!cl
zCC7j7>TvzWB2?#@rs`=Mb<8gQ*;0gci)xoGli}AvPTO}sBC*Zw-{{_Wx<ux8!=4!_
zzTs3y4*vCnFv$#Mn=u4t#jkkhgI$(4Y3K5wmS4F<R?lH)u}^LuAL{21F?BjyY{gx>
zk*aumuRWxgGXA!<k22@Ozl%lG_`X-B<xlHVqZ0)lyaaz&9eZy4Eqcq5V2#L>M?m7s
zX}z#~n9-xk?`WM^ue*Eo<RgLxeuHFA8ggs&aNmqRW0I75$;2s|4DF>X4&(L)grHR3
zbWW4m*l|^oA6dA<`D$@;vmy`e!zIp{GO=h!D5kYR1o1^lm-|yIRLZ||)IU3FME}K`
zh<C2myI3EBp?I~ZvZ;YWuFW`DRblhTle-}OQm$70fHQdDx#!ZyF6MW$amhR6KZHUq
zqY8e~yz3JhA2Zbx*IN02pqp|frB`|?YhOZU?(YA_?d3_f0+Mb7?}qo*YByF+o`D~2
z)>!=vML!w8eL7q~#IM8ieuBc<oK)!)X46z0MDuDKjh*M)ffmjulk<&k+cAz4@8^;d
zleJdYawHGZY<76@jo6f#Zr;^9cK^Ybv>&|eERXv#M&i2Ph>krL1+#UvngA=>R*{^g
zGc(;ylw12c&Uo^=41-$8`zk*(;R`<u6<tEMYyD<d(+e(f*>;7OzasxW=u=)f{W*Ka
z2B&LVDvI>jyIW^<u>UJVq=(h}#TVJ@4^BZ5PgRxIYB?}*ey%J^jCkYn6@A+GEl1b>
zHgJ)|s_#o9@SlqJ!mv=nb3H;H+W&{VFAt~k3)_7++dPk%XF}##<}svDrXoXR%9Lcz
zJcWu-q=YC_Aws5%B_UHKbD4(>k(BAIh5eoVeP_6?bDclVALse~p7y=he)hZ9yY{=6
zb-(-F_nncV|8Q`L-g@lh&6CW$x72wQznN4`kP$_O5^ItSzv?avJQ4Ts8NnlCa=DRv
zAK3+Mylgd%BDgOO!|Q_>K^lQv1DOrZH=sZxiW*!SyuTmPqIz>jct$qZA~Sh8m)FDh
z#p}DHhV5Dt=NR{?o?HBkmcDBH=^F{_{PtZ{ciy52*?@~U;*FaG_a7_v(SQGqLqdAR
zaQmvx;QH?ygssQ-SuX4KTmQTEQT68K#GD~|heEd>kxSgV($-JPTL{{ef+Cmjekh`y
zWG><`k`$kD&3v1mQrj^9BR=%sQ-k-u=N`Rz-5Dsqnp*eGkB9HYFzK|!WU#+PGIh7X
z`y!&}B8y7`$F_Qn(>LFIX=XC1u6dhq>(X%C=&@~|hf%LXL}jAQ=a}QVWY+GgsBKzK
zR@LTFQ1w%t>7@O<EK2-_DWvNsrPy59XLal8OS9RPoC-}QdSlC>v}gZXpa1=f%_o+@
zt)hukAxYrMu=V%4=CErQAI$Lz8|Quf!4eX7?KJgy%a3j6L|FMBtu#FQ^Vj|NFV34H
zUYRq`N5V45j&(DqRIuQMXOK&N)m6MKdW~)5&tLU_mQ$QI6gBZ70e3!XS5lyuBGT?~
zTim)s_DTO#YQQT4^Qe0T8pe`%Uay-I^43=(=c_-fCtPF0kzy7`kuZ3_bh-S@jGAU}
z5`Twrf6pz*<;>$6=_@~@?;g`1_z-(eBx{EIis7wfE__R2U))AEXOg`QRD9Bf@Skz@
zLt71w7HLZ-&*~T4e;X3MN>=uLXlvl%ac38i{m=a)x1wiz&*!n9U=j&q=*U|9lK5g<
zo?Kk&l|~!Walbc0<A2cfI8PXioLP9DSp}6Wbka!Q_;*&n{Yl<0`-|33bl6VZ<k8VT
zRmAYsepr?G_^<5e8~!gBGXx`suG4w3Tz2x0ejtVB7R%|A(=m$L^xBoZQnFg3dG(|+
z4nFJkQTOha*eJ*SV$aS$$@vcB1wUU4ob4NMby@JFl`xfy(7Q;Upw>drRU>UG`s(8e
z;%|P0J+2jK3I$El>Wj<x(|_B2bl5o+(#DplZ?%{cT|mXZ?UFy;JHfo+#UT(VKj!qE
zCRw#H=E>8JQ?c`WFKVM4A4QVVo;^RfUd3v%|Cub;@=~vMN0x`wUd($An=Z5M7P?Pv
zRgv9OoY^~ByJJeisQWg7w@=#(#R<GnfA^5KWR<dh@CISAcSPXAJF{{LdaZ|poOWka
zUNOEWaxD0XU&p^*%j5dz7okuR-{;Hk9Ln$cwOaj9td}?NP~rD`vn%QJIP-2oqwI!%
zX6Z3`1ImQPR~{2e7luyvmZ|y0ekpxSBeCrMicwVg+YN`9lnV347)D>&3*k3xwUzve
z=M#xyT=#K<!`DKpm8J6=FQxFkc^!A<FTK_ZM`>`{^;8vc9V0gqNt0@|k0*?o3uXlU
z(e&?Vro`>CsQN?0?%Y*9X~^4RYqY-d*)z5NFPB4)?(NfLIp2I@<4I4NNsFJ)<7`bD
zx9@lQepi(E_bd_fhH!Qh4@E{Pb*s{a0-;Xbp|{V>lue~9*~8;a^JNTrjUTFQYD|m=
zmDFu%e2C(6SvbKu|Fz=n$TSDuWB;+yfLCrsGhbdRYF^cvW8VCb^fJ)S=w(o`Q?+ug
z#3a}G%J)<~_X^%5(JJ<Jyr;qyNqc>FaNxrPzkRW1+l~pv{bq|>UsrA~B`T}?IC^D{
z1skq<EHozstZIEyDzjuyF}BIld$c=NYOzgep8W1%-DLKj)go@_h~DW@_dc?+xh+Bl
zZ?1<?{8dd>w3-6P46i?_<L~dRKdX*Ue0=i+i{!>n!3WX#4#ZQw>3Cm6!t?~i40%ua
z;y%y19XA@7LH;0Mi>}SDjmf59fm`g^i|y+t3n!}{Oc%0=r&k`Hv<36$Mg{uv<27<|
z6Z>J!XV;Rs?h)K)x=^x2cAw{2b^L=|OBv}Ka>R@$ScGi4!e6K6sNFoyXWum9FL6!X
z=Sg8oc2joGIG;l3V;Xv~IkkaSqnAzNS6*oTqZy>>8_=rzMN<5Yu1))%O9QvuC#8FY
zXTIvrI`kap#Kn93-tLUm{#b}8!A%|$lwfe~&$s!aYaV6kC4vtU<OgiE)l*fTw%7KI
zf5d0aOS%7igm*UkX5}JBsZ^nxvmG8q&2!g3pF?xkrv5BYrk<UYYu))}ufP+Qnf!@Y
zm_YmG%I&kO9_CNi3585gek#9Vm-p2$dRDdj)CUfM@U`gCr&}5^&Mw7P{_&=lxN2G1
zQMjSFR<wWmsbzjEE|G~1-FU*V{((dG(XeM~_3-tpW^7!wqcXpzRL^aC6}A_}8vRhv
z%r`6lCb!4_<Jj8Ntb2#X?ox2>t<$zoJ2Ef7`z|pnwKq_f&a5Hi9pUn&IiiIA<R_N-
zL|t_LbfI<qQ+*%S<9vT9%~kZPT9e-8sBLNWxCI%A+wC##GKI`PO1sT%_P71cGXD8X
z1Vqot|LGLs81I-=G;k*>n*P)AQ90L9)G&T!`Fq_U*UcE$Nv(;fb%isX%Gc>^%bjZ*
z_%(Jp9A7L@3XV))BQNW&teTK@T+!^Tzg<e5dxuWtoNafdaGUp|w7E+uC(<u0X6SqP
z5_PNy#YKWYnYXXjKNY)m>0_DFsYUNBy^Q9Z?Ut*@x_Rjs_#aKlwf6j?l5}FPifs5=
z({G&-`fvJTultVgo|P+AX_rj9InlXOkx2rC+BO&7cqZncnn<73kW-&`j{V{tgeE=d
zq&w92j+o8a=+xqjx9;%u59xRtyKxZ#>Fhr$B)jx3u0D`zH29!xlXK@|@7%qjnKe^6
zhu`mwCC|JJEb;uV{4HokusN{rs;y^4fIQ{H@_UJCcTS6yw->#_A+d|`y8o8WeW#M(
zi=zd$hB-LA5gU+j&43(zp9ilkHiY*<KuihJ_z1)6h2d{QU_HFH7zV8IJV1w7><Gi_
zlN&+8ZNYkYtuhQ)Zvz1ch&dnt0qe6M00G-E0deTj9f(zrFsz>diP=89HW~)3F+V_u
z_~0UHa39tuf`r#T!~Vc)p<%#!zXNoL<&H3{?*R$dQLvs0Bn(*Zbbt;q{}G1urC9B-
z4hFo9JwS(8=Lp04Rgi`t;r8J*-Y{T29B&v9(}INh5fH=cvoZaL*L1^x?cN9I5KA3l
zxczpJnEqofkb?F0M>P=h9AQ|WkJXOdpGd5BO|1GkfHD1t+kydap?(4kh*=KM;rOQk
z4EGK0FWe6pum=844hF=E2k5YV5Ma#l2Cr#{0c+sza9}_zbbt=)tB){jC&j`ESXloE
z!~NX?iRnKsRt<bj7;rma+58{l{}f=%_;Ujc1J-yQphGNigyHsEL1M-qUZ)QO)?YqA
zhnVXK!}?sTcCc(e2v{GEh1HKRte*mj=|3D(7_k200XoD?M;O+pfW(Zy23Ab~7Cw1|
zVf_F|I2Lf*G$3KX?YkVHLo9fNVSNQwJND;24y#=ct9}DuO#k8U8(_fgn;xJ;Ob>7)
zNZ1YoGyal?cMsZqu&~S#hW+UTi5Y*)A9T1Khoc&Z`HnEGFUD%eo=>8&+O@IjmjK4}
zA3h%j+@{q5I>c;87(V_8Bxd~WuxjA%M`6I{Dj%T3<9P&N%=p9KbHIQ#?g!`)iyUFN
z{W`36ax8oY3!gp0uzm-m4akFI2W$R^V+I4h78OX${1X8%ra##8|25DK1J;Wlpu_$*
z1B@9T?Bl`qs0P+^V%6thwI6loV4GoB?P^%{KLEyTAN&2ffK?B<FbufA_dsHfAME+x
z9~OXs{gFRFhxL5`!?A$l1IGadtZ_a-hgjeU!|lJqYKQk>!1`MU=n(53VfgqjkeL3X
zv1;IW!+_7F0|{#&hQH0h^dEcvzX2YD0c)fW&|&{O0LJtmd;Y(2R0HdIvFZ!4+Oa>6
zQCRI-SoI44WBL!b1q0r~-*3Z!nDqc1_U9qMnByPr2MkyPe~%3VV)*+{7;t=sK%N5$
z#~*wChu2NOfc3%$=&-)#2*Y;l{k@IVeg>=lAHbOY<6_ld_l*X$!}kMjvjrq({J8;!
z0o$)1phGNqgkk^Rfy9hI_WW;$Rgc*Ytbc~pj*EpOu&~AvhV?TbG5tUI41@cyKNcWi
zK#Z9;VEuiNnDNJK2i63FgaI+;a{=qWfW(YH90wS%=IQ}D#F*m{)>mS+WAAS~R{QBA
z4C^;RV)~DLyqRIu!}q-rBz#>MnDNJqGi>)gc;v7~_6Wo6cZ0-?Klc3Zh*f_atNtZc
zJN9_SV6~sZs$T{e(|`DSFkpYI56~gT%#-l(OpuuIx5KIl!NMv>7}k%0#Ed`YeT3Wh
zII4kI^a#WH2CR1M{k@CTZh%$42e1vugMB@kaN#!LKEZ&P5+v+1#MeP$`h(do*zO4u
z2E<|q=<xH{1Tfqd+&=dFZv*bbfb|>@fPnqaK0t@<NARE~6sukJ2*djCATis=KWc~D
zG{?dWM;O*8fy5j?nByGQ`yJIlEO&%qeJ@DN@k4dg4r`pSF#i#T^<`M?unq>ijXgkz
zSmy}C`ZbW4{$tPoaJ*r_=hA}2%s-O=WBQNz+`$@ekT4*YIzWfx`2k=||FP#o`=c6I
z&x2K8fYpxOpGd5BO|1HPfHD1t+kydaEf3HkW;w!ef73z2eS^mX+z%MAKIi})V#Om2
z>%W1-9B*(QfC1}W56~eNI>NC24OTlT7EZvz`bQYn{{@NZKQ2}cd`%eewWvX2#{Vh6
znDOTZ7zV8IIzWe5;t0d-w}HfrKlXfh8LOTPt3D5_9R~}CV_|iy`e}eM{Xh5&gZr>Q
z7msQnW;(*KKdB%w<F9el4r>Ci@W~?#>pz2pV*$5K0}=+TcR4_ZSnvqL`qx<P*q`?}
ztad%D`riO!`j0*Tn_|_|1KbD_zAg;R_)8w%J!tpA!ZJq~_NNOZX8f_|LkFySKCJo|
zSnb&JNi<fwHdg&lfHD1tuLlG6)9L^nVzwg;AAbxIGyZm1HNjX|`3S@MQIMGN$DaS)
zvFb&z>g%!E$+7SqEPNKLeivXHkO#*O>hJ;Be>i3^Af^Ioa)cwmEv7%%^Zzx_4g=PU
zAE3kerv+fl_+TFownsIvo)fG7DOUSYcMi50hSjcyRX+(ZX8YLh*9EM4My&c|fHB7p
z_WbXURWFZK-w!Yx3phS-9ALmcJ0GA!EO3P3`&EwB4)4Q&^|ubtA=W*@@bPt!nEqqW
zw{W~+z~|C|gf$TVpRWHug6ClRk3Iii0qrp0HhB-w;rmr|gkd}O=P?SaT??yz5nxRJ
z;d5ZX+e-)N5VIa(xW5@7F~>iAA7H@xn+NC+D;;52KMWFcykXD(ZdmogSoO77?b!Q!
z8>{^cR{b`>nEvBp)nNCH2DD?2e|S8@$Kdh64H5?I|MdfOh$W9O?Eia^nDNJ+|Lw5q
zG24Ol&#~HZv2X+y);PkjeikIA|FBOmV1FzQ&>?0%!m$1UNX+<Swgc+}k7^)RIKr_0
zD@e@v!*PHCYpx!kLww>0!}=<$cI^F)$7(-~RsRQIO#iWuH#4mIV*odTgs%$&Gya%y
zhV8xwj~v#>9%0y@ParYlk3Ii8V$~nVsxQH6#~#lZtoBn_^(z2l`VU_Z2JDaZ0XoE(
zc@jSU1SDqs?XYS>u&~MzhV|nhG2@SUAK~^rj%pwlJ;Jd5Emk`P7QTyx4URCZ-v`No
zE`K~WU&+1_*zi0p=X&38pn;xQ!V7y1v{6(qInKZR0RCXRN{X3mX=@^mwMBo8$9TJC
zRS)d#*zMQH_1Ji<LumQCs&fof5seQVTrH$xB>lSvvU!c)5MfrjKw2Iqsx!-uMjaIT
ziTl^~tQm!^?eUoQ_Gm~u2$=~vQOAIg<@wM(E9JSZjfcgk<Fg^w%hi3h>f`uv8JV@b
z3&~#N`;pzK*lWMhr@tsE@Ok7Qkpsaqi^0ZO`fi%PzpT5C7wPi-exLQSDM3;uIatNe
zmczIIyIds|F1evs?JM#v5yOe1G2h!uVQde~v>gq;BgT>+?uv6br`NI)=Am2m@ff7f
zOj;_1ymM%OR?um2X~AP@D9PjA6HzYhCpWc|<nOq>%`<4#pu&kr)mS{s*;5_CfkVnr
zslt}L#V}(|&#&yR!{-_IHNI)e*E?te|1~eM@H$RBk$+h2!W6dxHNV`8F=zS?Z@SCO
zG2>OLES!HcneqZ<X_59gHZ-m(6;a>Rh5FB?y_27P<_uJyCW(&C1)4mcT0oYXr%9jH
zR-D<dH=QkZmK>EXJ+^e5+YG<7y(B%UrQMVz?8;R}TUx6dAEVrH8VMSFO(dF^HdJm2
ze|T%btFY8l#S~h_qu_RX#qK@FPM$+cD8JkzJc(}NIO7k6@4sd*N&I6%U%X7uDwK$F
zG!D3t@yB;ST)dPoY1pGvMmwJ5y^hPwH~)*%ri=P6IQzjG=PG>eisps>C7bN>j$T9$
z{X{nu92?(Y5PBTqT~+Z%u!!SK%SzByA`#;pwPVs*mD8K*N}PN_EJ75&n{EFNox8Fn
z-rVO*LBpF9LO<C4ivj)YJ`+;JM@PnKDQ>sqMQpXZSEKul(4Qf?p6vE>PbzUz`wZo;
zl**lz{T-iUTV9fWM~VH}kMnZP{;_b)ef=T3Xz#~Q$0Em?t~L-94`yqAG^NOhZ;6#h
zb%?f=b%{4r;Pd+p{>XhwEirx5qcV8c9GPe9Y2JUq(?*fL(N;+HAT^K`>6@Jn-@Kki
zd0)&H;Y<~7+2_oDK^K`Q5b~flWVk%DMDXVafh)N`EQQv^p3kWi_9Qi0#?1<44ip$q
zkw$kBe_>>_M&TwA_->xe8nZIZ_Zv5z9BZ&#<&2rU5pRUwR=(1bSKU{+Jm}lNJuRR`
z*F3)BEV>;qQ}U|SbHieBV%;aL^9!l=l)PNj5W8qZ45Q<9q+?4nsUTC}sz7S9sBTe%
z!#!tr$Jaxn{TZTo!Q(8Ryu-^zR?IUz=Qmv^cU;h&^tj5Ln$bNMMyl8auJ~*0e(Cg=
z4_DjlI+1*)#jG;CZ~QE&z;wXX^KTUQIM||sO(fGwSC?qK%J=)5+M-nYf>($!>nsf4
zz}&~^5$*n$p9NZg0*t3IoJx9e54G)}_8SbYM)2JrNKTM!AUQy?g6skdoKGM>V-`BN
zcobBUCi_exUiY)NXr!&b%jpbWPtE;<gHO!H<xn^+WjQ5#VUf?J;hSe-(Tw={-)K@=
zMa@owUZ?7Q_g7u|1C9j~3TM7vezr!)!0#6uk@=?QYW+w^SXz0v?y%3p*R5uMDa8y|
zNm!3N*M6~my2p6pX3V`8OQP43U(R#bWNp)*Jlp41)qH7I!t@`Vidu`+52aHdR2waR
z3VA<z3%=p5`D|ajA{ZS0xNbb)&aKdl$|mzU?kgn=ydGuk8g0fq?3{La8w5nm!oKOH
zAGJHQKIx75$44jSPb#awGg>F7mbthr5O_P`Zd_E#^Iv4g<WG+VMLx*cW#MtHcz<pa
z_5b<qBlrYp6bcVT2>*UbgM{l2xc0-WOCrDl33X4QHYAL%;1+7kP9EKt1jnH)Ncp1!
zHpC$_D?YJP!F(>D^40Z1eNow!cMahN^Lgj@jafYU*Zv)!reqa%8f%U<E!}OJDGvqP
zgnv^ZUvvdI2(kzyTpvCJ3Ht?kTpdXGxB4B(2OwczT|f?ign{{ZU}H=h{0t$Uo}Nf}
zcsL>?B!nz2Eg|LQ<;d~l$C1XyMr3+=8kw4!LZYIg5Hm9~L|R%JSy)(r8gIzUmoE`D
zH8q5rn;ThKSwXH|y^16!CnH)~S_mT}Ba)Ywhj4Oof*+s%M99g>5d#AQ<m}nA2rDZq
za^=bu<len|NPT@h5*;0lR99CcB_$=u-Me>@pr9aRad8o0XJ<#cySou(Wo00dCWefR
zj3Cz5)`*pr71Gw$hLDhuAWTe5$g^k9kni8WBl7a{NJmEp^7->;<kYEC$fZk{5G5rg
z<lDDz2o!+3c=00g<;xeu$jAsWH8n+CU0sngXU-t;@$m>585#2M;X}m1!2#Lc-bOk*
zJCV}TQbbr-81eS@MyRQ&krO9QARHVV$m;4UQdU-mL`Fs;>FMdn`1m-Yudk1M{P+=R
zZf-`Tq@<AG;9$hZ#|Oc~!$aKM+>olODx{#G01+1#M|yjEkz>b>K@C6T>({RcEiEl#
zZf=g8Jb4nawY5dY#>Nn4W@dzniV9(2VL>D$BoGP;3gpqFM+iMVJ#zm1d4z$10r~ao
z7sAEGh3xI^A)1<+$fr-AkXNr>AuTN}$m`dyk$`{zBq=Eg;o;$d+Jng4+#HghpO4ts
z*dRMQJBYKhGh%3Hh!hqUB0W7lNLE%Ba`Wa*Bs)7BxpnIna{2OQ<iUdnh_SITVqsx{
zu(7crsi~>R#KZ(Vs1SR5d!(<g56JXUBCV~h2M3#ujt=tl=~Lv-pFhZr8#j>Q;b9~$
zE)Ic0els&O$k5ObLPSJ_sHmtQqobopN=gb66BC12T3R9z5fMO06bI?*>O%DN^pM2F
zL_|_j61jf;I^yW)h-_|dBJ1nx$m7S4k&uuO<n7zH$d4aCkaOqGAsHDN$l%~0!pFyl
zw70h-va+(syLayp1qB5pEG!JUfB!z>;o*UtK7AUYp`k$<8X6EgJ3B-~L<E_ipGW-t
z{gLO-pCbtg3CNQtPY`!^cciYa4!LvZ4k92Rfc*ab8~OY9FH%`qiHM4dBD=f0NJT{j
za^b=S#Lv$UNlQyZ@bU2x7Z(>~c6Jug*49R@UAu<V)YKpY0|N*zFE3J5RD`Ijt0S?o
zu}Dr%4s!eUZ3L)NAYNWx2mt{B^5)GO#Kgn|+1lDdmY0{2;^Jb2n3x!mk&!`kb#)Oz
zK|#dH$q7+ZR7B+D<dC(sH6%AT7g1GJMfmyok^cUEBrq@#sjaO=K79CqXlQ64O-)S*
z9UUDqIXQ{Ec<}<+*w{dPeSMMl@82V#p`l1-W@fF><&f8f17u-)ufjiOWfL-7Go91L
zp==$K&RYtlu67<0z0sLNB!g=!ygM<9r;+%g{d<X7hW?<@OT#Ed;;HpVeB9?hL_E+g
zOSc#I{mlBsuimOOj!SOK>4acg|DQUKarAVmGH>)VlDlg><X=_GKLz8{Jv_tmbXek^
zIo0uv3q5CDj#(7%6Et4&-+ABVqkd`jq*Q<yKgD&_-`+mP`J^`&f2z4vv}C@u`^PS6
zbL!UWeJ1N<CE3&8@|&19<>RYJIl5!rE4}aBrWg1X^Lx>Aa@*v|J54>Un?J5vx;hjj
zEJxBjXL~&2s8b^{lUo#&f^e=ZG<0|woJ&(_rVUgu&I9vx5y<kRc^id;#wR2uC8waG
zp*zON%t9tc|6^x=w6=a|@p)>fy>!*qEnjBprWu5uhy3-N5MJr00xBxe)M?`M*(LAZ
z=wy~;bwR4INuQG|!eu+7qq1dV566UBNQnhJ85>lIvLY!?^3;Bk?X6h#KU=Z;GZTF&
zn~uauoJ{B9SZ%!e&&Lkpb4%}MQ}3!UGmd+aNrv7qQYT3H*LBm<&aI)yo>R4ucmP%2
z(L0OtlGW^dPPll$(r7;QCCS3wISr3v1KQiyxDu)51|Ft#zi>WPeR<I0zDdt|xZ{Iu
zhqENrbXlh?SUo0o^{ZR&G`oAvneF%m*lS*jPEY<EZ-YzD;ks!(BL5U2x%8{V?xn<+
z_+ZimN>5$G{#x{Snt<R2X<E{TTgLg(;7pyUBz%J4kLDsP-U?;=qUSmZPxW;j4`#98
zT+IE^x27l;P{GLHW1uc?6D2)6cI@$t^y2Zr&5{q*ziVW=99xOXC~q|dzGeNs#ngpQ
z_|Eg1v80voMcuIh{GNCALhl;u%E@|^r0(AJRA>I|OL5tN?`>Z-Pi9pUojq@!_SxyL
zTQ*^`%6VO>etC3{qGBIt%~-z=Y$2^77%qD1gU^=16%r^CDgN~dFOSzo!&dc<b;Pfx
z4Y$;?-}iS`iFfsB_DYr941X+8XBhDQqWk4>ojZrWwc?4tZV&Gk&3mbsFx%EN_ke{R
z_ue4a7#UguHRCnf<*|n2CG)0gxq4aY?SB+!YL@P~p&UmS!|Cb9m(}wtY-)CI1SYOg
z;7)R6HV^VBILd#oR(ZB!EEaQ3;nS~5b$f{?ow;-$(OOKUw{K3ZO*897j*QRNcn*D3
zCw_UeE5KsTZ1bYZ=Y%t#IQR#0yK}{Q{kIpRrAE5?CC@8F`M%y+k@btgZv(4>>5Xcq
zv%%%<Z8@2tWI>B}<x>m<X~<KnG+1sfi`LV~aOHI1kDf>#m%SCv)7rAQUR<?FXEy35
zwc=sx_-pE;PLoyGxx^w0HLEK;aTU2CLn2eEfpd{rcjmv(-!k7x>|e3yCm2mJ)fs*@
z{Z$Ty@-nL%Bfm}~Zf{`_oRm@{s%RKa?P0Ii$9*I9zVF1{fTq8koE8E1t7Cf4oa7T2
zCpD^h60{Na(~j!Jl?#Cj?p_GfJuy`(U$-H|c9c{PSDXDs>9~cBeap|x{Fz0rxW3u$
zEScG?H_z-%h$NyYfo|3N4!l`m3NxcyC&G!wU74Kge@#&rQm|;n1mtW^FzO7QH1Ju|
zKf&TlW?I(e7#Tq(P4Q3e!g{8>IzeE%j1o~Kxvg@6Uf`fj1ZjK$yO5kNRUWU;d{r+k
z{%Iaw@>3B$q~W(S&3i9!kg?S|<c1RuZHXnVp&QS-*Vr5JrIT^bvW32QWr%WGUWmwf
zbvyHS{DKzX1G*p$K*D$jgo(C*Fwrs)CfWqTMEgLP=nD`g8Uw;aNkEv$1_%@30AZqT
zAWUQmgo$Q>FwtuuOmqea6D<K@qPswth#d$M-2%cy|9~*j3J@lG1%!$20AZqSAWWnN
zgo(<5Fp)J7Cei}JMBG4_=sXZ6ngYT^89<om1`sCt4upx6fH09h5GHa3!bHJ9nCLeU
zCW-*UL{31M$S5ywqZbGh{RP5AKY%b%5fCQ241|dUfiMvv5GG0m!bI9YnCLMOCK3a}
zM6y7bh!_YHi2`9Fav)5^1B8i~fiTfH5GLvZ!bE3*Fi{8)CRzZ(MASf-h!qGEnFC=W
zDIiQF1B8i2fG|-75GJw!!bG`1n8*hR6IB6WqMJaN=o}Cx8U?~cRzR4D1_%>91Hwda
zfG`mp%O)U9qzZ(ICV?=KKM*FW1j0lEK$z$@5GHa2!bDy`m?#AZ6Qu!RqEaAC6a|Ed
zYJo6O8xSTk0K!B+fiO`t5GHyEgozx0FcB3HCW-^XMDswH2n~dZ_JA-^77!-#1HweS
zK$z$>5GKk2!bF#VFi|KFCc*>4L@Gd-h!Y4Cc>-agH6To62ZV`yfiO`C5GGOw!bBWE
zm}nXZ6YT<FqPIYpC=3V_F#usAJ|Ilg0)&YgfH09X5GINR!bBoKm?#+t6PW;Eq8%Vi
z6aa*Y+JP`p4G<=h0K!BwK$xfz2oo^^VWLbRO!O286KMirB4Z#-qyU78NPsX=0uUy8
z4}^)X0%0P4AWZZe2ou!-VIq1UO!NW>6Ac4lB6}cA<PC(0Xn`=%Js?a(3WSMtfG|-t
z5GHy8go)~bFp&ljCTa!3MDjqGNE`?g^#fs|UqG1XGY}?<2f{?|K$vI<2os@zFi{y0
zCVB*fiFAQ5(I5~eDh9$t>p+<36A&iq0K!BYK$z$h5GJAo!bBcGm}nIU6X^kAB1<4l
zBnO0v%z!Y_bs$Xi00<L(1j0nwK$vI_2oos-VWRs$n8+3g6OjR7A_^c(Gy#N(f`Bm5
zH6TpX351CffiMw15GMKqgo#*yFi|rQCUOD7L@$9bkuwk`ItGM^(t$A1Ngzyg90(JA
z1Hwd$K$z$R5GLXR!bE*Qn5X~<6A=JmB1s@jBn*U!6oD`i9S|n^0ECHRfG|-Z5GFDN
z!bEvMm<SgL6I}qpL_|QChzST2T>-*GUx6@DBoHR*0m4M#K$u7X2oqfd!bEI9m?#hk
z6XgS8A~zsRBm{(s;PMwP>*10eQVX~=g|r4PGa&_lOD{-GAU%T1K}bj7avjnUNVDM5
z5K;z6MIg<B%VW62hf7nqJcLVTxa<c@vx6l+qy>=Hz$GMH-a)DYmzIzUL5c*Ii;zY@
zngo}|kUqgBK3q=1WiDLCLW%>a1EeO9@<56Jmz{7q50|BInG2VykTO8}2bbY+c?*|}
zaH$HHqHuW)DH5bEkaj^T2x$^r>O&d?sSBi7kY+&20V$R$Seim=2AA4!*$<cVaM=!*
z%aB??S_zl5kd8p=375N&BEY3Oq&bj+Kso`J>5#%eiU^mwkeWeS2I&^0kZ_3%sSsQi
zLs|l<3Z#RO(n5L&=_91FkS4*UJ6wXpWj>^#kbXew3YW%^%0dbQDGj7)kSanN443|p
z>OhJFm*|ipLFx;a?{Jw7DFviJkQzXW1!)3YrbEgIm*9{tL0SSSF{F@?UcrDA2U1l?
zpCPS=G!ZV>A(enM2+}x6Jt3Wh%X&yfAQgmk8BzvFAtCjFGzwB}NM9k%g0vaZZb(HS
z1%eb2QYJ{7A!UH{2vS%`TOmb+bO+KANLe9OgR~dYP)M5~rGm5&(kV#OAkBc(6ViD|
z^C6Xk)ErVMNbMmVgY+FzHAsCSU5At!(oINDA$^847@k6a)Ckg6NV_1FgOm}{WJv$u
z=>|x#Aq|G76d)yrGz^}OfTt56Eriq+(jZ7BAr*sE8q#`rY5~$#NNXWIgQqwk1%fmR
z(jG{AA>D(N64D`f+5(=2fD{zcEJ%+a<%QG`QZaa10-i#ErxO4_Af)6_4P};b9V|NY
zP}Hi<?%e}vmx1z||5n<P!1p<TN0@=UaKtA{E8T_<|G&qhd-OkCO1!G%rg|RR_Due6
z>)drNjh67^T?|H-h5uNRE9`b;kWu(2Q0jZL5Z?((A$V^^o6Tuvc(x$)+lsx~C&gtE
z8i5+Ai!bABC8^(-<kR78;^OPR<|U#h6_nfI*q9FaDt^MjW8W)!^{J>IQrG#TbWOcN
z%-ROMls6ea%lbAla3*YPY_RWG_vuq#oLw2yAEL^m%KlzxmYr|U`e|^>$?Y>=QjB^1
zhqRF!jXu8}uLduk``Byogk)It9@D?#sqfd=uiSo+nVNX1s;R_y8)rhg_T-rtLQ1BD
z%zDW#Mb!bnZVsvJDK{(>YQF1{(eb?R%X5BwJ%V3Ci!HZ5N8A0;sNKM0Ymc@4OI!b=
zuPNr-R5k(lJ{gQtJQ%EGkdNV@fiO{&;ES>$xA=X5`CmbkHq*bm`a#)RKMKB@2n=5^
z>bTNeBHisnJdCHML{$*{ej$vExVSQI>(06T$-oQeb276`yL5`n$H_E2rYtuCo|U&+
z_59c#{M3DRRXV+#(&M-CJH{`M!oP5lICG496Kn4tQ~gO9b*FR7^?8T;$+tZ1Uvxdg
zn9P-UY;)|IYAcK5(Gs1SH=E<0ek-EfD74rg4LKc-&cCSZ_9Ep;g0R8!XWu91#-ypE
z{tP4!s$Pi=IlVjdHdheM5yTTD(R-{d+np%Nfk~#q!TIw|JWlGCyqm}Wd^(w%oc1{-
zjH|JWrES%I_?GQ{Yn`Ohn#+tn!$-V{g^V|>tX-D-6lv;v&yA}~pPasZ&BbLPFkv^3
zt23XXSG<1eL~0~$|0y}1kJb<V0mlw)bGDz+I%twAHvi!+{t&h6zkiUFHv4Xca%v@}
zS|W>{>-(cu19HE7`y!WV*p2f%#2%qoT*UXV@%e<`$x6H*ofH4-+tlS|h7Xs-E)E)7
zb4kRoTAbQ@-RVUC+CZ42=ET=;Z~UL-X$U8gu|%Gq%cXv+Qy8o;&MNxr6givUb)whA
zGo-&()T{O%_uBSx$cqT#<DST-Peosm=UTL3tga^iyhqQ%>yF~v5^HIEc+E#S^$H)|
zPtR1DXDQ-eaAH1`r9`ZH8-BNZm6&j$#&c8s0ZAC0p1*5C$<93Q1+uf=PJ^!39L1Qg
zf1UF!B~G#xZM`^LYwO}j7qz;rY?S<YJ|gq9SIWk1dm_uU?=f?`q_Q{O^_NLq;w7t-
zoRS`yV5X5$uP*E<368HY6hsqB7d_QnZhes6lYWdtH}GM&nr2%SL4*R|Ggp`0ja1Pa
z)9(m{RF8SxTmF{%+_)-EP$|Vr)Z~wPE+Mra<5@{@p`^>p3qiLF42a4vIfzELn5>tb
zzjTZezy7$2nrgM{p7w=*q~rHwCsgiQRg1_Xv!58g*S(k(Xm~y<9yw;YtU0Y5v!=$(
z>=!q?+Lz_0{~?c`pwgFLL``1k*@u#KE57VDd|nq)-{v~%?(ZX?-6~JYS~%+Uq#MuB
z_q`31I(PTxt#!Jk9eWRob{dO#+lCcyR^{WgRpBGW#~w4{PP|ne-LjpSHM=)2TX@kI
z?R@#%zrUtR+9x+_<L%vZH0V@Nt7+|-F;9ZU@;iM|bh*d%J9Q*kJA_0vm}#;+p4??;
z9s4r+{8Sc>gU$O_ES>g6vVHx%JG@?Zk~4fZDDHUTo?Q}d!c`jDezo^7R%5xZo8+a2
z!S*8et&d!8@_!UjWHQcN69auXGFDOge(XIpcya{Vzt73h1bmm2t9&1a=dClYmmTN$
z=+(WNt{4AY-#?inmCBSPBs%-p`VIF5c7gelHETXSip@|dcb3SESAr+sF2ATqx|=V@
z_@kx&oz~XMxY@5lp-qyjh^XK44UZN7jmrh}w^#-)=24v=*o#c;6ZkcQl+p(_uc>=C
za;JIwu%ECw@7?@#$>(%^68#&yjkE-pnHOt{AL?iyL}<Awb4JBdojP-T_2#iVMgl5^
zudioRT)q0Y#VL%Q@?~j<ox*)3a@yf+6VuZ>w=KtL-KE!V{b?F9I$PqT?DUP|^zFw6
z`5$`!W}Q=+NRkP?6Z2i$ebCDAT2DGT(=|oP<g=u&t`J@naax^X-`O_J7`LLFymWgZ
zfWe=;Y`5szqrlmQ?~mVzaBF>%TxeY4%zlr@aPDjF1+So&ri;Jt%Z=Q)Tc&i^uJBIi
ze9>)b`6tC*B#lY`#;WcK>t5bfGr4MUM&$3@*gLo2g@)E5GZpFXMAM-!&SuvmY30?Q
z>2VW3Cfni<HT=6t_p3Z0hjFs{43m@*)uR{Uc;+jCd0dLVlF|1Gm`vYm$uvCX$sD5j
z>!kn8FGKjs(27)xLP)`J{f%Q+XE>-Y`;gr1dU#92_kOtJ&xsC;<@Fu^c0}gJ6V*z$
zd#~jm_Tb011&EivjPT%Omy6cxm_hN1J?XtHwePU4usg~V#NoC0W9dhK<)+>k;llfd
zGwF|7;~$njm@d|>c|h>V;Z#ET4Z)zc>&eVC=4{Ef-9q7Iq%1W=Z%l4H?xVVyJX#V$
zJ$29R-3x^wfx0DNBLBH5hi7jy{0vQ-xxw+v7DkgNS@^;}qD0yW=0Ao^(l8SJ-1?x6
zwErE{m9X26o&1^cDKvA<mFnU7Fa|T8&sYDf;~M4vIrZ}QOcmXyN5KPQ@4gN*)$-%0
zSx#%FpB=X19XM4fwo_PrB9`isAZNcoZ9LKM^7}aRv<t8AUc?zS<4g&3d|jOQv~kva
z8>Lqtq3_s#OX1D>>G53QOaYyu1PQj*opVCwHTM(NabH~;45_d0?TC08ZquY*QCs?O
zDDUc=^&6FfYqE}LkynG~#C1QIpO0iSu6PiwBiP{Je5YS{Bq#Mml;XW&Dxt=}{9k10
zWwG21vIflm2t$K#r;X3F_js}om~{s)y+|}Zc@qEIam5qJ+Z<pQ^YmqKBQD2JHwm0~
z(W(W`H~F7O#0C5o`)D1|=0CgWKc(sPdcJN1kD}uG(;wt!vF?6MU$Zvn>bq(l#fUz&
zZ>sBcc@Y2A;l9-m&LYK@>FGi{%EZLm&N`aq3~9A-Y|1ZV>?bQm6mE(CtuJBxTx&g&
zrDfM~B_)Gzk3V|J=#h#I>JnR(u3<L5>eQLCk3N5<Jzd}aJYll(i-B70smw)BLITo{
znl@<$H)zkylJn=2YkV{9x?*U3{%aC%)BP1<uQhIocJ@5G>mKr1Ezk>$86+>r!w3a8
zsvtQ)Qi6n6oxsHcTs?rIP;jFPk^|)b`NId_pMmem-eT4z@D{!_Oc=R21#M?P;C>6H
z=zB5Sf81g+du}F3(1bKv{_E{(Y7hRdI8Rfrzi$n$&;K!_FE(s^Ty^T2O{=$tD|@o<
zNH<49y0s?iH(QLAt<Y)KFuD!yFALut*FyG&6ba6|L_Ye669F!*_;KN4THZZ-G(P1S
zmIs95%SCu4{#gv#ZacRI-tVt|Qcv1)BEE8`a<^s0Prox$Or(y)nCV$9U#L!s#Led_
zFS(Q)3OA8U^?DNu702SA_>}TI<h2`K3{bW#FBACHVeUSdFM4B~cAG{w_SMpql<@s`
zCx51rPe)x<<;);rJaKMJ>*+tE=GVQ6Z`Ng-$ZFK6<N_OdK0C{_UuF)!t2IEPvF7zN
zw^?rH+HU2^R71_vKfJH9QC)mjF_;(U`859@-nR#;9}?5<j!=sWopMQk*&g!O;L?4M
zjdFR;p+`}f3af8d@Rz5pIVd|7jrGo@kT>#gn%d+{QY<~@i3t82w8-$aYt(OlIGd=)
zC-O!uE0bvH-WMr5={~^=ZfAUF@7R8N(tZ4QX!QGM+gmY3msQ4f5ZZ_J7U+98yjS$k
zll~GYIp(S+HlJ+rr`U<F^=3zaa+WM^lZ>+iA^r2ZwtlWE8f}R=v)B`1ug==D6egLA
zWLPpAU03Huxv!HoC=m;@J4!MJS}lyle=JD2{X#c<s-}gmcjDGg*_+n{{?*@^!J)<r
z@;E%?KtMlD=<Svb5(f0+Qv-P#9*!WsgSthKyGQlC28yVA-2eS}I;;Y}p&QxX|F73J
zz+(>(5FEhKZ~^x_2yiaqKLy~9|Jwk(@&76S5C4A}1z=oXfGj^6UpR8mo0t+@0ZR+6
zMpZ@B5KZ86ZwRieGlo}20^)`SU*uDws8F;hI+Q9(4W)_FLK&irP{t_WY>GyKal}JY
zqN&idXgahiS`Dp<)<PSijnKwu6R>F%9vX}=B_0(XEgl`7DxMmiCY~0aA)XPQF`fx{
zVH72r5)Yg*prWLuq@z@&RHM|S)S@(`G@>-7Gy&a0QK6~us3-xErKO^yQl(O((xlR&
zGNdx1GNv*Cokr23Y4K<&X{i8xrK44)Rio9U)uJ_|HKH}9H37SXqC?Z+(NWS-(b0mF
z1FCdtbeeQpbcS?BbjEZhV24qvXjME_N>wUVT2(r5%0*38Q&mgVP}NA)Sk(j!2TBdC
zhNniUMx{opMyI9<PF!fJX{i~i8L1honSjAU0Y^VPO-fBFO<GMlO;t@baGFF*(@@h$
z(^%643?)hnt%avWsYRtlt3{`!s->o-2?)8NmXVgRmI)YWlp)#>&ydoP%8=HO&QR4*
z%}~=&3s7t$Lt{e|@HU`~&_;MhltxrWv_^DBszz!?nnqeihT!Civ5^UQlTgNJV?1L@
zV=7}>V>)A1V>M$<V=ZGtV<SM}O~6}-GC`Z*nNXTgnb4ZhnW&nmnP{45nHZWFnHYnU
zG2GH?5B<*6@%=cu#XtH0p>ZhifIlK3IW7q)838dqDG>!ZAqtlmhX756kC5Pz5t5S<
z;1Us|@W2;-6bK195eW_+1#r3~BgH31;}YVM;}PK#B4orQ1f)193N#@FJ_(A56psv-
zfEXdiK@*XXBDnYjcxXa$3KTI8corTG2|`4MOHM#cfkqL6ix&_6JGy}vV!-Pe!M}%a
z8{C3Z3J7?`gMc>&*JFU&qp9LQ-N*dBIjlac#k9fa{m<qKIA34_)&ffXAAW390K;o$
zkAZ~OK<fez2k7Mh>)`9dj~ASx;B~L?dGLBnGLZ0j@S1f_km4ZKK-z)~1K9);?o${@
z6xav~Yy<^1f&y;}7!d>oe)NI@e}hpBAUQyafm8))1O93sU2u~Oo(DZUvq8cT5YhOM
zGZ=(Yk}=L+TE(Zi{2Xt+@%{CLwB!@t>h!}q*fPu%cLyfu9o0P;;*L#IH=J$#GL$){
zo3;J>POa#2K!KBg65T5Tm6T@6TO?f8oS`9?9$rk8I4-T+Is5j{1KfQ^v2vZf*S%k@
z?g<u~7QQp6mg~Epd$ZDK=jx9~-sm;0$DSALuf=dgTYS1QBb<-JY{UEFW$Bwu7HwN+
zDb-*KlT%N*M~zBOwpjk{u4!A~6FN`k9>pI?)IZ*}p%!-LoXd!8yK7U?Kc4S_grxOl
zdVaB~@soCQZu1{M?<pXx^1oK9$Q{gkrk?qFZ7tq7O)RcySaJ6!JJWFbZOJE85wtX5
z452qH^xuVnCMLomBSgr-(MU=_frm>DWW4doD2Q=z2~h|E9uXcPii{W+jYCdBN`Q|L
zkr0r9OXvu}!H>o#1xGk8J}ChTkAjR4Y=<1dCBZ?H5F-RQC^B4pLOdc;3UV?MGzu4d
zbP!^40(?RoQWOPnY$qT_6XD>3*CZr8x-1GGA!Oiy{lOex@EF7ncucW_<OL}J@&rg2
zol{*W3!GkQ5k5AKoFfS-u?yF3DmRWm_wA9lH%lAed%is$@=NyY@|iUo(tDBt^pVrJ
z3+EK5w+Rw!ch47*>M_RoQOIpBJQge`y=$_h^Ks(O-j`Rck6%|Vt#5F343DTjdT2~z
zK2Fu&9cMZ|rZU+w&!s`#-jqe=_Rl=*Y97Jp`u8&b)Z@PBMnQG&__A*)%|-i9gqNxf
zl5Pm+ZxwI&Ih|N3bAB86{e6H=iRfl4>80Rzk3zeB^qZ#c-5sQI-217-^DRB_vQd2H
zcuSrhx7%A`K05Y{#MgC~Pvb2(7|gj8p1b(z2a^t}yJ!1+R>KEcyO~Bpr=OI^^Xa<i
z_cS&=owLO6p}R`;J0G~l)y+1(Dc_Nv3zA$9eII20YwU_)t%TaxS<Z9g$s36pR%@wi
z6MdI1%M-?wIK*!=DT=GrQN1!+CH6|Xp0_*@tbX$pZ^Pu~vc7_dMkmRll;7p>cAi<k
z(MjA#e{V*Ai<9u>|5d8-LyPe>?T-hGe_|<4o1IL_eVF#IGB!Gj{-e`sE91&PsuCjm
zWy9Q}vyGpRt=}woSCM8MWEyaXLERv9yS9>~t4-n4iDpF_U-`lX8I2wx8p$Q*V$s#x
zI{mB9hw*vYm|A{ay)^UnH^&w`{i`=tPbl154e>=HQDTvqtczE#4Ood6CESoKxWeV1
zvr9XrB0;pu=DGIac*C{lo*hlO*U6Qx&OSTMkP_TZo3Jl1sQS^{=l#Ey1`4lK7d^WI
zdKuZjR?Un_G<P#q7A~Iosr5ThuEy}bF3ud6h&f69tgOB5kMk3^o|w$++~&udJoh40
zI{ow{_r*3hq8B|(zbAkNWAue*et7cl%7S!=uGxOQk7Gl}dGh0zAH6T1_)gQ!qpC)H
zT~s(rUlcvde&b#hnwIfNGn(i2lS}4&4s9}8R=d0P#Tk2V-mSIzr#GnCbuIXqs1hFI
zdcLA;d}na!8iA1#n%(iEQBAYIdC9fn@Bw0(4?~vd0KdJT57BodOXObhEqm#HaE-1{
z#0jfke0Ir}>X=Y`&u*&30`c4HHfX6W^_{yn1d@r?r3yaXR4#kTav~y@N{4{E#&SkK
zM!kE5hiPcOl>LhtxuR6Y-!C=2<>6Y2w^#yiG(Na@Qni}Q=!Bl_@LE%vk7Y%|%x4A^
znewL!%cwg#6konceq1MGyZ`blc@}Mv$(@r;w`4E#;~rDLcRA%zuUmY?;z@;{H&?80
z>5A)}ovHr#X{6<fsC}?L{*c{8eL>|DN~cIU3sl$pEyOR_W}EeTS2%dhu?|UHD7NtV
z6F_xk(p}TCl-{x5y}eDBmBTXjS%#LYRBV78-kbf=H#MzZlr-rjM$g%_b>C)NOt94X
z3Vc2{eB5R#>Q8BcpP74&n49rSQ;I7DUoVQK{t~qfe;4!NTHE$-&09rz9h$!`%<_K@
zj;+2a)LlDryQb{6M1vk(Vf@@u@_dFZ+p#K|xy<@sMCB}(_)iz2yq7yt#cA(GaaQ-H
z(L{!|=-i6^`>NltYUj;&mfPtr`SKUFuTPQQiDjpcdEgUan(p^jjeGg4;3u53*=yym
zY2HW8I%=Kx?vb>A1FyGA42LNwFQdb%eJ73d1%Bob$Di4!avNo}IpQ`hHho`%Q@oWQ
zJlt<&kayS+;<@AKwEo=Cx@$l;w<6-3RLtvpCO4Q%oR}BfL~xW8L$0z@Ygt(D6nRUV
z2nf$#BOAmuaHIUaJN}L_;YnaVGhuBQQSsC4;NgG5#~fZzchtTYAVfK6c=|uG-VgNU
zONM`z4}$J1{)b#2o<)ywIRepvGhWt}qjFc4&s9BD_^lLOw=X+m*7SNO^531p`@F}m
zTQ1Jaw@UNA9U@`oID1AgM(BHV0HJbse2#Ov$>~Rrt3<Z{y%PFXX{zRecR#0LEN|xI
z#ZX>>e7@4BTw!!CWE3pg&qv&-K88wUD-&~`R?$1j-d4{k^Xcbz#tDX+og`k?uq9T#
zb7%B#T4>^}z8rD38Oj%!d@SbG`P<y{cgWQXmm3Gto_v<aeZkeebq43ugKsPsi~|{P
z3)>RoS9?rbLi+4BKfAw{PRcYNWC{4vZ**TwTI4!k7pLQ2>S7rtO(m9uKIaeud)pL2
z-P1<a9wXOTh2sXD$TmEQJ=BWXI>^f_Y;LASNe&WS>CfL3!`FSFMB;m;^*-^3&di{E
z)Qh$s<T+zcJ;|+JKb*?CY9F5cNIlm@^!~7R#e<>aW1C+GVt#gNE9S{wVyG5;_R-?|
z$_Ve1^NUaS{<=SE>W&;_PJU|te1kG5jO0R}sHD7is2fv`DFxYze{I(FX>PWW)GSg<
zx+&R#ly?R~u1OMj+?!`)C>_;ZBi@fojJmJXrAw&r;Xd{VoObEja=1YM!{WqC>4cE2
zMCu>S<>I)8NpFvH)F+!VlW`@IYdiDzGrsgVo+%)zk#k-#;htSjCiDE(UbyEU)t|~j
z{vLJ1=g0bFKdb6re${OK^6lIW;$5}8zQ%$x_SCzI6Z?11PCoZ=PMzZ5bG=(oO}Mf8
zz4_a-Q3~$D-n;zodLL8vypQ@E<89F6AD2UN?P-QtinfzM#J`{rHMwa5L*n7wQ>-fX
z#M)~QT{);v)l2;u<<A!8uJXb^r5TodjuNLcdg7PaiCcBIr-d1|S(CR)|7Lg0Uli#)
z#dGVbLM{h7ifZ)l7iFHf%7*FFm%g+!TJuJl;Ag4WomF*IU>7{)>Qj098E5c^iihvx
z{wx)SQi^DvZ=szHH+%Eg;34#ce-HBG(RwBym@!9&Md1wqbMGEt7H$m8lv#k0axpOA
z<^g8PmcUS36&N)$07GpSV8Uz&%&d2SA#*!0;<f=s)cn8z9FP_?2M5CO2$*0`K=Wr{
zKHd(DscC_kcrGvmPXNZp@QY19U}RkljFl;Y33m@L?p^|>-JZaBIsq6uD*|Kjd|*H>
z1`L)*fNAyyFckL&hSN*H3_ArFG!p`oZ)0HQZ3&F9&4KZG9Wa=N+>!?vFS7tsb5CF#
zo(2rb!B@wWoxs?76&PL*0`p}dU=}_F44OTG*?1^0VNL@k(>=h{J2E^Pza5xB+t{db
z7y^UmEMUq#2MnS~fpK{SFoAvqOttlak#q$xX*LH2+O5C<+Ygv#=K_;<N?>wb42;<a
zfEl)ptr}+|Fk!C%rr3bnp$vi1bPzBUPXGqqgy36q7GPSQ28_YsWWoT9veDpMV?$sN
zy#b8PCxEH?4ltqi1}54<z!aSan4^~h1MFB}d`=3Cr}KeHcos1Ib_GV>iNI`H9~gc+
z0psZ)U`$O2&9{NcbR94WUjioXtH9X16&RdHM#K=%0z>T`V90F`%)3W`nY<7exrh!h
zduIR!<7i+4&jC!doq&P7{bg-Fc(K6-Fg;HM=HRiw_?#4cGh7PH=YxPzb`LNp_XDQw
zn!ubq1sIV}0b_0+V1f<5!z~7;>?6S79U78@ulL2IfDv{vFj|)a#`3hlRGb4CrON?x
z`wd_sp9_rW0q4cj2S(VT!0>zy7_~=+Mxs-IxwjNB8*c}u*`2@`TM-y=djeB+O2FA$
zf!Td5Fa`GprsP||pnMRRc5eYg_Y`36ZVrsqLxCB1D=@0x0S4|mz|dR{7<AhM<9K+z
zKxfM*iUDBQUR@e1M+(f<6M$L0s=7K32QW=fObVlN1!nhyz_dLV7<Nkm6ZutOMy~@5
z#~Xp!y{nypC^Wbi;v^G>*H6>|Gj~N`Y+qNJpx6jZ;`4#=d^Ipv*9WHe#ztCna=^@c
z1Q@$J0Yms8V4e<**av~>y$&$=HU=i=-oT(dD=U;^2^f)Us%zs{ltoGNbCaB~2ZrNY
zz#M%77`|5nBl=QcHvb5iwOay%^sTiI@>9S-z7&|6ivd&mIbgQ#3QX87f#LZSFehIH
zX6l{5#6C7OmXMYjpI#0azncS-^MRgLTAR!2T>P9w0%%}NFD8jAIXBVH&j8HQ!8sT_
zKVYby2#n~RfVn+CFk?>xX7nV0=dpt1KH__ZMjOx12diCaVLFz3|KxG2j|xRs*VrFx
z6&3$8Pd+_~Yr-M+Z}WwZTT*PN5ASar{T+kpuV32)KZf#2Yu<f*`Kj($*+oa*8s;>u
z1@iBg_8M_oL~l@s>90P$t^MHL)&9S;xOc5n>FzyReCrl4lzQ%h@IXUEzqvQ3fbN8|
z=A94iE;pKQ`EA_sznX5YJbL`iwaSL?2FF%oUpRc=D6Y8KeUia$TrYf@N!;dvk)+n;
z^C1&u_P&v|S6{O1g=MAuB|Ks7spG_WS8F#WWz4neT;LXW(e?fxUZ-))CfV-_I+zp@
zyjtYP6@A_OFuE-;uV0q%ml%J{EAF>>H8{8~mOtskPsDv<x%b?^Vs)M1SN2)wA6-|5
zHa_FyHL&+eU5;ygw)a>{<a}1nx`_l{-1i%~n~U-!5le-tHY@m6*Pa;FyHoyE=8RLi
zKZ^fyR2fhE%uN03B;(t7*IF-mpz#OxZ4Bvn7}K^Ne5s%Byrrt)>-a6RzI0AKmf%*r
z+$^KTuz&mVsq7%)`5<+Q4_lE3(f|=eq0u@LCw>;QQF)$qz38>QOTKSP5hcf_^z!p@
z8DV*QVv28^PL|JlGc1fx^2mskkrF#nB%96lRV?4nWX?!32yJZ3u^r)XzUX_Jo`sr;
z_(yWhbYqsFh9cJlD>d^maN>pR#jp7HZ-guJ+iBSfqRiG9^-FFL)Gnuw?mi8%dGZIv
zS7+(<yG_$ULCRt~*e6~?VB{nBJEzK@J9gDmYaL(3M<~_pqEu-faB)Pwqq-TT$FtQ}
zt3>tkuY}usf$Y<)nWF0>uf&$fqR;jCHch&oD5p;^@O<-+Dn*Cu)VzIb{!Ri@)~d>&
z=}n;(F3H6AF}i1)zRC6OC3NJ-qz#aKdiFbvKQCa6Z>Z`{uF8wIQ$i;nlNtKm%W$#o
zylfn--Mo35W-f8C+Db(J&+qV-l7=UjLW7)pk_$XO3zvW5rB-M!PJd3xaMOM6kzL@h
zLM>4jpWlZ21qRg8!>arUgNIjUQr&|K_h$$>>psn_(9M0Tna$|d^N<->ctZ3=pfspN
zJolBjpbEFxyS$V}=^O`H@3VE!cEUSKClY(;B%crJt)bKYs4WeVhjbZ=9!uK1?Q`bK
z8I6@v<Ich}<5Tz1lbOA*ne|;_tDA(_L$t3Lp&wf<TtX#CU;h{5EwW9bcCp-%_1wMT
zKFN7XQyRA~rxG51wGEKXCcSfEi}uzcjpA~5!Exy-+Ydj#vrH=noGQEUsBc`w<kxk7
z2HNho*Wb%7od45hVZB>OJFesr?WZ{$)={#q{KlzONRCI!y7{T97d>kWY26Rrcz#7)
zwSBVGYx4Q1F+$SvM}rkpiT0*Vwt*ibJwHoSdh57as`pfzoqO`uV?D4gzi^eQzS}E}
ztv`{oJn>kDm}O{+igERJ9dntudl&OFvPlV-frUi|rtreZZU&3a9N{$W$NWX%&WEe!
z|MkD%)YQRuH<(*E?O-QdmS8752Zo*Sd>D3uy9fG0o)CbL6XWLqYZXLZT!532iU@U5
zLXeAznixkx@&vcCj0hhaJvqLTv@kC#9T}dYln@UKEh(Crh6I-bJog63w;*9WBN6W{
zem$Nx?6oUeHO|!Yv*dgA{a`*9t;C?3^bn!7Q|Z|}e_WHwfBZrb((l}f8su=cb3SW!
z?dhI*Zm?4F#$E4JGV{tiUgll#*Ov9@!dY{T17Bab*ew59>=BL4FG23o-nP{!8-50V
zwT>0J;p);6|2yOiCvD=%GhLPA*h-sx>AoI6EnYt)TH<G8X=Ad^Yci8kWKwuJO~*`?
zcFxX4zQd%FvPe+Mva_OlPK~N0+BiFT-YbZTcDY=z&cp6fTfvD<aRzUCWy@~1<d_V}
znlB}mpLkru&PxRNMyK+p>D*N)d2{+I^W59kWKMpEPNG5Eqyo-uo8llHiO?l*xn$%@
z*^Q`q9B#gmSmrB>Vam6-+lue^uY0&r$g6Keglm$BpgAIQ^;X-Rtuoj%)t%mPK6IVm
zw0%VCxEkAE)R$%C;v{N3$p4(;{!>Y#B3F_X_bG({8pBnEnl!=fVAd;Z**>TedF2Zo
z4zc7K;f&GC2^CK~v|92aZ#G!PD-7Q7n7Gc-6!k=tN%fgalj-Hc{<HYLDl%T<d(28W
z8R|S=dt`N}iF^7ND26i{*K|L4ohJxnP7fXQAK?8nHn+)SxHqYw?_XIz;rgHkzY$$&
zP|(zB^F*~d)6&Y0$Az)PW83NVc~|AdSMoF-OXn2Wjdt9GQpGYfwZb}y>a9x9J(CT)
zdXi%V{1gu5r$rde@;^3Gc(-fGTa)w+Z}-2cZ}c}Imat)Zhh%^8_YzXw<9*`T`ILQo
zYd-JJ7MH~EIQ<Ppx~sOk?QDjkMd$Ed{Clk=VH3l>s}m@GK71Tet~ImF%u4X+5HXEm
z8g@Q5zL~H7xn)0?|DA+m@pTh}gwo>{&h6$MwU?gmf6t;?txi+=M_K*fYWohTsIIo_
znV}7JD0WdsM8QH6R8)|mgH*+qXq2j;GyxT(=nNgDDE1C$5{+H4MO3<oh*%P1$Bq>X
ziKr;wK85e~{oefR|JM4~e_fkB=RWtG=RR}2bM|J=45|ITL>+A(H|^?W^F@yWH-)>k
z9V_+9yRvfqXYZTu?%cOodSR!N!RL_Xnnw*c>!dA0pM@j7Zd=+|V)S;1@6B6lH>_H@
ze_r0c=Y_wop4)giud!*sxdWEd?DLMVnV<Lh!Qc5|L-gP2pUBEGe51XxaK=7=!^-@K
zRc|j{-dDcsNDpI6%Z1%_&U`hW|GdaZv_eu}__#SS_UIq)_x9NMAiJT-e^<%zCW9}E
zF;z=$?Amu_R`JYkDht=jyCl@FUf88qzi{ckCmElPF8s@R;<-!1w|>?-aPdW9_SnT&
zdprH%wY2YkbDaT#8As+xPYEK74>X;avUx<9N#B#|Z~CkXo%HL^_rA+^DNkA!`2CII
zY01*+laECUlm@2mzO*(ZqGzq1)3^k`I&+UB<92shJV7wNch^CIn;fS|{&-ZgxpcwK
zpdo_9CyJx7zln{W^`0{K<+^uWZ)gwh7mh!F`|;#c3l-aru*vDwKbRj3EXv=$d!xs1
z;yG&RF+wPCb!~w}Sw*a)p{A;YKazl7&8mp-c7v9>hN_ZSq#{sOmuM)dX=$tK2sM>d
z1ws{V4Y8(3T@8mQi?uZc$|^#Ux{{WTszgIgOI=ea#`_j(N~$Uv0*ST;-rdmF5eXzp
z_(PERRk9l1>CzBMbhK23n%e40;)w4Zo_&xh)))@-`P+6-<eCrCu1+7Wi56JQZ7q!u
z6knTXBEB}KRcdqm+Hscy!GZvbzen|TcQaX^=-;o4ENjKtKJ9CL53D-6?&_V^I5*3}
zSufQ~&!(?Gt<)I3cbRhf1?wZGFV;DY`ZDQ>$AFugH0t&YND44(9i$w1Gh?X6=jdb4
zLb}|J5JY-j-&v*;@jAE2wD_x|f6l(lX4R&gqsRVe{c%a(hF@RK9C>x)j-&?X!E<H9
zw|$kKOn-l4&-GESSNQ3V`S9s{pUFL<y{%{M7<hR7!{>>gVnz>hnRe&HQ>Tc}(xf`S
zzcfCtKl1g@y_02brfWTa8$CL3Qf6+d^!V<%U%l6^Yb>3;YtqzBU5i2o?XI`Eb${dJ
zaf5&UIKbM`aB1s|CDwyhikjQL#95juPw#q4{&1+7if7mIwZ_pkj~orkJ#S}7&b>bW
zQB7i`?6h-{hpc-{)(<bn&m4BSZ1eB=<)!b!hU+=mCM_Niv}JJ6j^?&|y`w^nDoXTq
zwhg;4y6iveKv%`(x~8@L=iV<EYZIbrGRFAinb$hShtoG||MnzDEB>z8hhlTLB>l!O
zYmToC5hsVe`K$hE><+JqpFEQ@O}}id?3+9Gy;G=%Mq-D>#yv5yqep&eYYn=szpL%e
ziz1)<y*Fyljk%>eX>rZSp|hjMTnjf<Zf?ANPJ7VX9UX%D0?DYOny)00pSLfbwI%sh
zgXX1Gg*#?+y^&>UaLQ!gwDD&bty%oyk1-35Sd1FE=sUgo^$!Nh&8;n3f7$08F=oh|
zntGr4`i5^Ul14h~&v`n&;P{hMMXCXzpS^qN&h7Q-Rh{0Srw2Hkue|@@yKc^|83y_q
zF)y`l41T`ncfZ*O!e;KuxS93r?3u5XkHV(NOSfi}eR$KhI4Q_CNGZrY^~>dhMs|NI
z?{`~R-#+5H&0Ocyd3*Z4$#jw*oH;{ae`ZSILX-W?r#CvgPYSk}dN#jxs$cP!JMZjT
z5?d=yXJ=M^oE4auccgaGyZI$2Z?wAy4}9@s+Pyw27U|4Md$4xqs=V)F+~cN{NLNkz
zJ;&#+==}Y?nkO4oQcih>?9$t|J8}N8p39D_-`?F+q;5XT#(h|o$msj#oHK9K2NZ4`
zr~5UgPalVqz3%P&NmKGJqbTxigjwp%<F~)6j+(N$;X%=aWf%R0GxP#JrK<i?byQSn
z+W17<G^cHoQ-<S0RiB{BqpG`t&3^3urYYmEvR|hL2||)@TV3DwL@)HYUH>(ADgtf0
zRa8uVec{yIW2GyLlG|S_=<{8J`XiOtEa4Jw2aWhqCQAyI%#44SadN9~e95%(UhOBg
zT}_%a@zv3v+QnCwIQ&^9+2=c>C7^HHli)))x}+D|8;p;7dhYkwD!==a8_o_MF|xMi
zj_t5b*Y#6E3-Uhc%x)3{$$o(m3x^Tg2_rTGMr<yOm>Z1PR2VTO7_m<<V$m>S3t+^2
zV8pJ&h+TjYbA=Jx0V9Ub^Bw99Bc=l*Rt6(BA4cpAjM#b@v5zofGhxKGz=-__BlaDP
zSSpNIKNzt{7_nLyv1}NzMKEGxVZ`Rai21{a?Sm293nMlfMr<66m^F-;4UE__7_o&g
zV*6pl3Sq>Cz=%b_h<$+(i-HkrgAuz5BPN0o%ZCx$10!YzBUS+;wirfC3?r5aBlZ)F
z*c=$K6c{l>7_kx<v3D?H4`9SvVZ_eBh=st2eT5MVgb|wrBX%D~>;;V2OBk^h7_sdz
zV!AM5%VES+VZ>Bm#7@JA<-&;l03&t{MyxB0*k>5AXE0(eFk;(a#GGNoR=|i&gAscT
zBc=f(CV>&_3nNDKU<QoXD;Tjj7_oR5u?`q9I~cLwVZ=tkh~0n@`x!=TB8->?jM!`#
zv8OO%>tMuI!H8AEh)H3@ykW$8!HE3^BQ_XDtO-V}JB*k%jMzCCv0X4?yJ5t7!icHC
zh~0q^3xW|F2qX3vjMx|$v86C#gJ8sJV8q&C#NNV)-G&iMhY>S|5z~VaGl3CvfDs!8
zBUS_>W(gx^1tT^AM(iPsST`84lQ3eQFk)daVmUBkjxb_FVZ>I#i21>YU4{`Wh7r?*
z5mUg3-Gvd$gAqFmBeoSrtN=!=9!AU^M$7<4>;#P12N<yfFk*5TvDGkQ<}hOVFk%~F
z#FAmeLSe*C!H6Zni1mOGI}RhZ2}UdiM(hcU*d-XTW*D)}Fk&NM#MEKLmcWP|h7s!z
zBen)cY!-}IDU4Vhj94R#*q<<B8(_q4!iWXHi2V&C_6LmEK^QS#7%^oSv7<0zSukQo
zFk<6j#Gb>54Tlj+gb{Os5$gjZb_GUkGK`o9j94&?m==s!7Z@>n7%@{AvGXuuk72|P
z!HC_15les(Yk(0O2_tq9M(kG@u~-<fTQFkpVZ^Fn#B5>2WH4ftFk%B>#Jpg{*20Jh
zVZ@HWh&_T4D~AzFgAqFhBQ_mIYzmCnQy8Qdz<Xkputi!`hz8=zC3utV<UeoL{h!w#
zME+BUZ+gG__D$peeC()&^?W&i4^R&b1@;0_z)Qdo*aA!kZUgo}DX;`+2Sh*$;0#m%
z#y~L;0z3fl*Rb)u+hTl=l~`~E7zP{$;(>R72Cy6$2h;(BfnR|+z;mD%unG7cxCx8~
zegl34J^^^6T#x~{12w=v;AdbK@C4`vtOF(ke*hzZW55F7Z$Jmg1N?vnzyjD0!~m~>
zzQ8tM25=V`3!DL#0$%~V`H!_3Vyx2;V||7g>o&xKA|M#J59k4_fbqa(z#2FN%mdy6
z>OeN&1)K*40lR@n;2F>p*a&<F+yF)aCxJ!4M?eKg2i$;aU;ywF5Dq*Bx&mu~Nx<*G
zaNsB~ANUK<266#k;38lS>;s~KS3n<NEARtw2XFvR1IfS_zyK8(2-O9v!K=Z6;6U(I
z@Kvx4*amzAd<2{TP5{3LzXxMYj{pmQ1S`NRz}{eQ@CEP%@DT72@E-6U@Lcd*@C)z@
zaBpyL@MiF4@HFr=@GbBy@EGtI@G0;q@M7>{@MrL6uo_qmoC(eZdw@N_=fLN{reIU>
zFW_Imv%#~$Pr*;Y-ND_#>%r^6Q@~Te*TL7pBf%rV$HB+J3&9J)AHW~L60iiE56%bs
zgZ;smz?Z<5U`y};@BwfvI2POjZUGyCjlkQ%+rcxzGr{-3_rQ)|NAOwjS@1IOGH?gD
z158#Q$p9%31n2?*fE5r2hyhQ)42S@F08;@wAPG<gTmcgx4Cn$(1Z;ssKnWwH0xm!$
z&>z?VgaQwNZ(owWeJLaRzg=_H86&?t>RdCWiN~F5raISJWe?g_l&+GdsOfg?N~J;L
zRo5;P1GM`X>g5dGTc|R?q@Qn}>Em6LWG><!J#=;Y8tOag1&pt^Z+}y#QCs2CKPXge
zW+uggJ()l%mFD)@vI_5ZHB}flJ*XAemZ^2`Vvs&yXHmW+Clw##Q}P~@l&}Ktcqtj^
z8dT^vUTLs+`9NkB7nh@zBbPYZ+hm#TDijT~8g{YI?aMVITHm?aCdSndec6=Wb<HYG
zO|g<k_lbc%hSLMQdru9_btpX~6k<7-iHTIp&`{UKCN3eX$A*>U!;<w{^<@>q-n={C
z^Uup#Lx)PwnLc{xJS;9gRY{(@qW6Z?<$8^mGgQ-3&a2m!%cMa;GTnfH)c%D#E(~dY
zsI9Ff%otH}IIr)P0)L5*OXkRuBjb8aolv7%RpDuu6qhk@XR%0MS3lo!?~dxO*DgEt
z3kt4ODyvMhEjj2UlsP%;2TbsFSTZkHJ4b<qsRD_Sp+R=f4frG;)~xmHp{I<`NV*sV
z1fCn&`o6qh)BTGM?Qh*jB*sfDhvMBXlm2q6g9le=W~J)rXo*$~*|j6ZxUksIA}S=+
zVC8CGZ67DEK@q_|_DkaMZkJF)LoCX7EIo3`^5w%yn>X*PRjSG})zVUxyL8cQ7~B5N
z)g&yaq3`W0Iu=8Xy)`{uG<x;WS5;LO3HwR=c@K#QbsrcOA`%Hi)x%rgrs%IMSgw(k
zLOutXYIE?2-`FMbWx9=x<3=aNd#Jg(WOQ3oP(9$$ebs>`#&UdWG1q)=(IunXR~7vV
zi^vCB)kfOd<XP-3RvlqGOr>iVJ(020SZrr!Rb|`yCew814mTB7Cm$^znL;R6oFCMD
zKTSDJp4olPYL(%())zEuD;sp`E41wGt(>gm<_WPn6(1C<%vR4*xD8L7cVSH1`?_9#
zUa7Tfdz02>%}TGHQ^%)><SA9kRb`hP+uwVsdpfC)va|Lu4GS$3l$BkQ)K{MCe(h?O
z-HC$|iI!5HPELxmNan26U)o=xw{n%w(5Rpbz5l$LX0o$T+1A#o-1^O1PqC-0LR41a
zZy6P;?SOZ@%!l@q31qUov89J~@QzoGed)n+VOja|!Fb1O^ohfMIzG;BT_=v$9Ajrw
zZ+N@W(<~y$-*HJoj^UP-wLSi99H-&w?A~qS1dox4336#+;YIV8_uW-pozsVx9MT+O
z*57SFSa99wws)2Nn;vG5I)Qh)4j#%k+OpcO@AL`hN434J8TjZy%CLinh1OQqb%UE9
z_?kxr`x{LUtTK7jRA%+&%|-3{@+@(dT(w&leT~s}!#sOT4XEmJt<l*yC`5gbSwH*&
zMM=rV%BI$=xk<Bk4+9kyWue!oq<M0DRASuVh!73D<F&lkh63`sL0&7qef{{h{Xf^y
zkyz(G@>m3rO;*u@RZ5=*oOM|FLhZb6bH}nE5AR3YN4VA)<*cl0*njrpp)=3xKEDp=
zd8v87+P(3rSvm!tD*N7~=Gx!?T{o^^d$O+H$>cD#YmXito?+(iAl-G~WK+uBPb&t_
zF0@z_pHg<%ang_nn>^R7Z@E_LI79z+dq=-7y{DzTs-9FJE1se+O6}#>v8?I0r|u~e
zbh=E*JNqHQCQGqBr`fOl=bw(IoIl>DY*$#t_9@o>>a%A$o_<&Up+nZ5d)%n}%G|uo
zj~Ba~bvU@uyXMx>CuO;z8@DPZ8P={ZiZK_CGaHvxJukMh-k`$e#9J4&DEn;n)R}i)
zNdlUeSuR~xcKz(K0Fm;h&)+v*@%Y7}=lE`8&&C~)8&poUu-Y)Qs&YxZs6?WX(y~ml
z@5{QJ{ey@8;I-*l-ifT60fnumX)CAf?dw$%yQu5!2`QVCPq!q07yt90vR(U>-Trb@
zO8nuIO6Az*Uh`M^S42)OaC+9#-{P&(?swXzLB}2~5G96xS#vmjQNe{<3sM#+7K(CL
z9cbJ3!PD<vba1{-+SUiD$(CugkF{)5j-6WPd8lOd9($`6vjhGcHXqoIFDtoSAnogG
zob~I-v~{-!CEva}+4S|2l`CXdjE+8BQuef{WY*&u!OtqUO55xoUS1RAv}4Of9rp#(
z$82~mP$d0vZRiw_FE?IAeb{2W>-4YtlJ))6mb<JhTW_@dR&Vi{rG=}z*4drxus^uI
zt*pY~<>6kr<8|!9J}<71$TF4OPzb&BuXQ~BVNTo9J6#?WFNjduc`|?P4+Wn(MtMKm
zKk7Hls~tPXtp4z+e}-4|r&9Z#Zu3J-e{7weQn=!D@MY(|ms^$hH5BYvs((D!SvP)n
ze9Eq>xB|_`$@;ZL)6D!^L+pQgUN+qNic0h6LD|kJ_u5MW=N$8&R-UZ0$4G3nzek2{
zwD?PVwpqtVy?XD+{nO|4_pQ6DU!CJP^s9N}m332F+HOv`^l0|9u4{8V$9ZY(I(D)&
zC4aix+^g9m*948;eO~Y~aKb!SFYinZS!u#`!`Ze={$4syG-A>V{|?K>;;NvtSIU$e
zuSK_%1YFMXP|NBOBbem)xVZG%lat-#%EdNzQ`XN;mR@(rm)x~k+!k-+U%%&v>Z}C^
ze}=>oEM9YEzF<mQ)~S!%gwEL=KZQ9ri9*wd+_)7V*?ax#yOzZ<L-vbjMhE|RV0PyD
z$5&n$U8<;U37$7#@7sz|DfK6O`pv$a`uI@D*xSb&PU|kSo38QE!S#)#CORg_YxKk*
z&vMf#eU?8PV%NQ7xyhOPQpwGA2L`0MMLZspx-r>JJ1AharCG=k+f=DupBsg_(L=2J
z4ha){Z?z@sN$G^;Q<ZxE-tyarEw7xN^rl<ytR6cob%cA%Jz=#?kzwG~XQ?BHzn<AL
zfAra!zjy5Xl=h|m<JW^<wH7+ey0dWW%`Xup?=Nh)9`35MeAdrZz10%sk8Q7AU;2mZ
z%WHef^C!0D7tNX2J!T;JuE4Fp4&WDnydHIKpYeda){w0okBO#9z>kH%3eq5(l^IrX
zvyB`}c9V7D5`e7xbp)0H9RxUl4AOxEI&eS-4(PxE9XNn4h{rLwAkcjRK{^=>+iAS%
zRt}saZ@yu}S25BR;+W#Zc!{mWbfFDtkb$Y^5~kb+OrfcmezG7F@`=R2RN;mx?Hr_%
zE2bEKOut0Nctbi=;w9S|FV#wz8q)F7t&ZtJ4hdC(X)_a&tP)d}0#l+8Q@1Lljuxh(
z989ySn9{v5^<Tm?kcBDD2l6Qkl1mNKVil$ZRZP8An9?dR^}0c7ltbdxKxRqE^oA)h
z4{|9B@=c7X%nx#_hAixWTuaCFa~?8C8`JwGOl7s0t~4PP+#v<VL87QZsz@+pmP1mJ
zY1J9iP8Fn&6Q<rW$S@a7!yb^2Igl|cAal+^D&#^k$RUL!kd1YaWLjhz#nh_|8CU^n
zrwJ+809kMza?=-6d>Z7Y7}I?%B%cRlMINM-81kkX(oqRh-$lr`3{0EZnEo$8Zuw$r
zF2__Ugp{d<j9HE;ZXBjm1*Bd%q^SUM;2fk5ktHH!EIPt;?Fp&jglSR@Qs4rlYc6D3
zHsqWWru;lizcr8<UXY>}A$grJZOSpt*JH|D4yl+5X|@9Ls0?yO0f`}jMDl>V(!g|H
z3CUUy`Iif6mJivK0om&f+3Eu+mjbz@fNXYw6j6el^My>Vh1AT0Y{<bht^xU_1-YgJ
ziLo5A&kvFyAM$e?<ZJ~bS_))dCFG75q^KukZat)y3gpoR$Y>d)k{cw5KO`0T01)m0
zB_&8eS4an6RV>(ooOXp|t%g)hgQTc~gj9$0bcZZehg@uc+>t@riXh?3Ag^;F8B`!q
z>L9a)kQ`-XkqqRCA1p&Qq>VdlfeWldI^?D@q*^wl^$N&WIb>or<di4mh8HAWChS5z
ztb-0DTMDG75OO~Ul0*}7#vk&?1D3-TQYQtrLwf)g*+F*ulY0zu$sMxkBBYHcWVJKo
z`31;QKS;qkNcZ!Q&KJpdslXnjLr%FtK59X_XFwuVk%e`T$v%+LI*|7=$U}8VS5?>x
zkunxrK}LH)Ql~<;s=*$dgN;yz987~0y#RUc0%@%QDV+%maUQbO2i74KHYOi3wE>b(
z6Y_2xtU)F@PqOis34xrp*ym5^LmAs4<Sgf`;4BbG1!NO)mUC8c7RY#<vz)VnGrE#b
zk&^tB<(w6q1u`DzjQsRC<fn}Mygy^)XK~KR&*GespT#+o+~gCk$WK|$8Tn}&`B|JZ
zsh=EA>L-l+EY2DES)4PepN`L&)X(}e#sFB|!0IO~=WPXNQa|g@nAFeuGe&;ipE2^Y
zIA>Bn>(Ar7jpv{4M@qUNL&#aq8Tr{l4H;v4{V{it`UPNm{lTPu(x%s+#Ce-ue-fAR
zIA>Bn>(3ZR=(7Hd<-D!nOzNj`&ZK_UpE2_D{)~~I#W|DuS$`hqZBjqkPc|`F$XU)A
z`RRV-XK~J?esVm${<Oc8_h(G%r*Y1temXv9Qa|g@7-@8AoU@#>f-|X~^=C}#XZ;zI
z`dNR*q<$LbOzLO-d7QWD_2=~y7bL`q5JrB=$WNKnPve|P{iIE=KN$IGo8AAUKWnr5
zA8{Fvb0+n({*2MU{Ydjumh-lPGxD=IXXK}C<fn}MEY2DES)4PepPfHr<Y#ft$dCJx
z)lV4tX&d<|BR`9CMt&COOzLO-8I$@+o77L3)KBA_N&Pg=Ss)PLK4kS1mh-lPGxD=I
zXXK}CQa?GK)X(}eCiRmx^0PSVq;bxqej4YD0dPO^>kpRmHuBT`$j{=Ok)O8d^~dp~
ze%7Bcsh_mz^(S!|k8>vV(>P~=K!E#@Uw^Qiw-ua`pT#*NKW)?NPsSJEdeZ)kN&P%O
zW#ngZ&ZK^xpT#kPnB}L8{FITOGV-%HXXIyb&ZK_UpE0SQwCVLH=O^QF&ZK@C=PW>-
zJU?YQZ!0(>KZ|ole%hwjpNx-sd4ArXwdwU|`FVe~pVZIuQ^o*f6AC%YIU_&Wgvd`>
z$Qk)*n_hqVvMHr)p@1=|ADfWWPngtCSjd^wPuh6>p^P86A8CHda^6;OMt&COjQq4s
zuRj?d^|Strk)OpmBR}uY<Gf8@|7m{#?nhQXVdST6<flyPr*Y1te$poO6Gna(=ZyR;
z&Y9HD`ZFf=v;K?)sFTJy%Q-7JllobI#-x7MpE2_D{)~~I#W|DuS$`hqZTk98&mU)?
z%&$Kf`Dq*ZDU<qXoHMDPwCVK+BR`9CMt&COOzLO-8I$^1f5rmTN#mU5oE4l&{j5J@
zQa|g@82NdB#>mg&oJswxKacY^z5ew41-Kvi^#>zAZ6iNrQa_DzCiRmxz5cYnl*I*%
zN&Pg=nbgnv^Ehvl|Nmq^(%?R1|NjZgd0WAm)X(}eCiRmx`TtK?fI4ZMGxD=IXHq}w
z&lt}?i*rVPZ1{#<&T`Jkk4?nyf5c_1P3kB6>GdaZft0q{{V&4#vo^c`Nq-*aEayz>
zr{kkeo}aRuw-ua8{WQ**)X(!%CiS!aj7j}8&KdbxoHO#XIA@#$?nhQXVdST6<fn}M
zEY6wKPmZJ4pV!a&OX+@6KaF!H_0u?KQa|g@7-?{S()^U=ysh9&>Sz5KllobI#-x7M
zpE0SQ#yOMvS$`hqZFc{QgvgKkkzao>^3yi*QzrG(IA>BnY18WuMt&COOzNj`&dAUE
zGnVr<z5cYn0QV=WpRgQtv;K@p{WQ**)KBA_N&Pg=nbgnvGe&;ipE2_D{yZ)a;6CKn
zpXH}*1>aBVr*Y1te$uAbA57|J{TY+`X`D0i^Zq=}+wA@){ROxm`SoY{X<Nbfllp0#
zGpV1B&zaQE`ZFf=(>Q13=lyw{x9RmqzRurK5+?7zj(q*k-yuor6bYotA~9Y~$%aXV
zJQj(icue+7u^*4IiO3bFj|h_(8vIza*<&1o<CSS&+K)V@V`5yopNvB`a?Cf3^Ppq#
zvB~&|(sAjrIG*NUdH;2O{JhwCc8*DNuyZH5NgjS4onw)6!gxXPzUx$b>fJX~<SzN;
zSBI=0CF@qTYKwI%%BPh)zVo48^ZDaVIm^{+40~3KGbTr8rrG^<{d(4gjdzdU*?;Jc
zx1E*sFdN(9BSzYd3JwVk3!g;_`v1L&1bC?<&xM@)YB>N5`ewuL#n7_*hyCOrIr;H#
z8#_MYKSE>_{N)@ad;@P#KfzFN=QdQy77r(5mB>u|bi=BkK!F$5JousQg`e(tOt#a?
zEnhpu2pf&H@JnsF;gZsG<xNVibl+q_FxD2iWBp7N*1&jS9nUQO_wq~xq}N15gRwUO
z@nEb_h(t7o4|7mC2mf`1IHyD$6^Z?`|6!yEdJH}i$^Y46t&<f-=!Kp_taFIP+L>tN
zj=?Aid}QNqVsSM8B2*hpkK>16WsxS1>O6B-jF2D*rRNd%Z|6B56~$wnP6EzwHnN1H
zMK&wkF8}I3neHdYbk=8uwN0HM-z+m0?<EN7Gn7b=jluaueREd-l*a-`CIMvg#M&+)
z){TYZEJ#mMc^uXyk!Nl;)`}$JnE%`-#p)(0{td&qSYvgJ04u)8^Y*WC*cA%HxX~Cl
z9xHx2pG5(l9dge8JO{Z#By;C;Mq1>VC!h5B&*$jdb00yU>i~=si&ZQ0@jNGfQ~5vl
z$FNw{LZ0J)@Ap5S>CWevFnONsXdfq3kw9w-!5J^YGw^@wS0CC>@VxUsKgMY}b=KZ7
zDLP8JAUr-HGB(D+*xJI%SQ;J^8XJbc66at%X`;Kiov}0_F*qhHI4U+K+`)KJc!IIx
zSZxh$4g27Pgz)H)s6|o?5tHCxJU>2WbV6uEcyw@rd30oGd~8DOtVHwB*yz#03DFh{
ztc|77!7-7u!V?lFf13}3Nu~cim{(YMOk!l>qJKLl3oCM7F~QL|0pCSVadA<Rp}~nb
zV~gOpIAcpTLSp><gha2HS+W1i^BHDL`yqEic<B6i<m7Gai4UJQALkh!77!n~ATla^
zc6h@7a#WknQKi`aHI7>na*#9j311K%C5<9K9gKq$ykZu_&JB+@md=lK3JncUz|%M@
rI4U8W7exoL{D-sYJax-|J9m4_|9%p1fW2ks73%yG(Bwbd|Ks*wD)8_H

literal 0
HcmV?d00001

diff --git a/bin/x64/Release/ufr-signer.exe.config b/bin/x64/Release/ufr-signer.exe.config
new file mode 100644
index 0000000..8324aa6
--- /dev/null
+++ b/bin/x64/Release/ufr-signer.exe.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" />
+    </startup>
+</configuration>
\ No newline at end of file
diff --git a/bin/x86/Release/ufr-signer.exe b/bin/x86/Release/ufr-signer.exe
new file mode 100644
index 0000000000000000000000000000000000000000..6b33bfebfa6abd0aa27df5b6f1b94bdbae2874e4
GIT binary patch
literal 2177024
zcmeFad7NBTnLm8{-l|($Z<X#;b$61k3MApuRozLtS+cMMkVOPR5a~_`31JV)g<Aog
zl+^~eQ4us4Q6sqE!ib3IprfNR3Zu@bqaxxqLd&QltBA|Y&lwr`eZS9h*Xl}OW}NqZ
z|9Jb;b?<YY^PJ~A=Q+=L&T`K^_tcGVH!Q<2QusaltYLf(cm8dV>;5mh5Zzn(>t5ro
z+_#o~uIrR<Eq&=Fmo}<bc<#mCd9SFRf8OPnyF04eF06W2U0%KP^6CptJG1%<_ks&2
zdV2E9eAcHQZy2X^S;qb8Z_EU_J!F_&g|1bGF|pJzvWoralNH0L0^SN7r6X*r+<*+5
z7yf+!@xb%XG`7CMF#6>`y8A&TG0p(r(+Gp_7t=m6e%rOw=tlV7Usa67ar|?^)lhVy
z%p!bJEX~A@3tzPZ;V0^l7jaTnU+#bm=&ci8!#f`ck&R_%L091(``ZA8On4W*+yx<J
zH6XL-;IMgg$HtNg_(tj#f0WHM(#Ai2q|bQZ_<peo)RFxck5>$*O)g2WkIP}Ev&b;=
zrUSP2m|+a8N*NdXw5I7og?X>bFs^Wx0CGop0cGB;;^IKuyn6sHW^({lJL(=NFi2A+
zA0COp>tpbdAv`weWtah^&#xF8SY;UpA%Emqw64E2J$>Dk2;@tJTGq~_ZpxIW3z^H)
z+b4f(*=ct<l0fK1koj>WK(ULB6~N_fZwpwuU<B}o1Ra2b1=~Fs_wt4>gSr9f?e46L
zLIZOLFt%F*oMqYU%3!08fIE&$PtKhnypk7~dEV>m0?XBa#)rHzVDB}!lq&tsBycMp
zJdeVNN^<TL6CHxfKz2daIh3Kp7)ljWrIq8}wMZBvdTSG<_3j4JIUH0;zRI$g64k~M
z4WxVl*C0t_Eia~H*oBOn$8E><lwmF}xvL0o13Zu}M}cD6J@H_a{8t&n9<XC@rq)-q
z%MMCXqdnCI?4n)TJ-(=DUw>&aHM(ilKerQPiWv~3K`{PHvpIwcF51o!EX8-IqVM72
zqS^zCIfVq7eG<%7+@qK_q1m~7rfz54qY?4Im~jl$%0J{`ybXeW6TgLkVUb-BS@0hQ
z?jij02=kA&;vy10RBeS7;eDU7(OLkXYx?E_MXR+O3wi`-9L@$@8WT1&whEVlH1u~2
zQ1`-Xna;7KI1ZQkkWb%u0a5UodFRRm{q1Igetj{$gDCd{BVc_SDkGo3uzI=!%tuK>
zOwXDhph$rTZ|F*}d>P1za#t-t#eaMr^G<O=Hf?bq3^S}<668jPu>!9_Zu9eqFac-5
z#P|()d!X-REkF2OluC_#fe|&CLZ-CxKxr`c^Jpd+X(hFuY|MtcvoO$d_WDb0*zYfE
zJ-Jw1PY!XZ-1Xy+sqJR>X_;n|rkmSm{M^D$mTSOX{SFC^#TbW8&EOZ<>mr!btuV?I
z>eIBGYsU?{h3J&o<kfx27^?gOIm2EuJ-Vq7M~d}5nY6y0W^*Z0mE99ycyZ#t1PAvu
zys$p<8MNiqOH8{&V8%h-cD~jVZ}oY$c^k2rRgaiWxaicroAjFZNwr1tifB(IMQfSO
z10vC4vh5(D`xs;^J<}D#OR2vbLnz^|KsX=!L`Ur7#5y^YF2=^a3t0ClUjAFUfD_-3
zF5($|=6{wEoZNF~bO!BXWBz|sBJ^D;Zw{@oV--6m!j}BbUaDBK-1I-svOAlVVaD^z
z^-LD@zg1!Axc93^bn!uJdnq%i2IYOu_S_A-e*@a?Zv2AwJZCmB5=prjr=bNB^nL-=
z!uG4j3^iUz-X}*<DGPnhix9^6CuJ-LAO4w5cnY*)xEr6x^JG^F*d=p*Xv4gmN8M9H
z=6$B~Vgy8vWWo+2mtqOMu^>Nd?Vc{mjjl4~9YQP$4B1(ZK1<mv20d$7GIYEljL}#K
zW6T!9#P_A*92nb|j$`6ley+0m!cgb`&9WwwJy(9d=>L!9=PQQ!t@)tXlGMo&ZFQ2+
zA9d_o7?taT#Fl&;Bszdug8|GM4B-DtEyScus`I%l?%2TMARXo`rU5gSKkfNkOcC?-
zqqWEK8<3Ng4uGZ@E7|<=Vp8FkW$bI(St+*zm0M6u_Jw|8rqE2rM3!ank7@Sf<raH%
zvx$xsS5AxE(;?WzQZp86X)K2ADIFtg0|}`seJgw8{duiB(S=5A^Y-!R^_jE$O1Sff
zx(R=nAQ=3?|HyA6?)<$Rzghg=?*G`6^LKmf_t${=`v?DrX_fIy|M#!B^Or*F=Wk6n
zE@pECA)N@W`6FT#F(d=CHIIde5k>qsL@ZVWGtwkFv0U?4A)-=Hl8;1~9>u&P!t^QT
znh;YKM6IDrhc$Geh8Ah)Yz-~Z&<izG$!Tz%AIxj8<_EhqxY!T&YOu!-_De9RaL%Wl
z3=Od)wgG={8s`M|(xkc6yT&xB*a|AOhyp;J2Ik!cW<JJd{95?2a^~=R8o$LLI0C<O
z@Y{~xTkyLTzt7-zAAXzyfo*71<@JvNqX?~`cx<JAJ?ByyT~R&8<A>MZ9!6_*#$ziB
z)?XJ!SBg^pc>JREmxs|(#>MM5hX^%>IC*7o{ZV1G&{r0&uZNh*z`P7b*Y||cT9XNW
z<@FdY2ZifU`26~BNAX(qiS)zk?}*|P#jkXbzI*+yh+54y!EN!x`M#dj1pUa0+H-<*
zbYhK9nkZF8EiOS?oq+wZwks7?59ht7Kr1%<(*D*+f)$bjK`SdHSVe%3#R^H0sbvzJ
zajO9R6%wqVaE+vWh2#`EXs(c~{UnOt_&5?|-ItK?R)APh*-36!)^T~LhRd5c<a+!d
z!*+^Xr??R76wdXS1Pug^^9-cLr20(U>Z4jV1Ye5aK-v$crKq)n_flluI15pj2+^;`
zbNd-{`yTSx=lrcU;N1cS$vNr127z7uD4wy-c>1ueg>c+moX7nR?HO%c_1v9}Ru{6~
zV^qt_AXzqAXUO`?3|~UBY^PNQXzLgxx%b+{lzT0fj*L=5KknI7N2WGa%(&A4cU%sM
zWG*Qa$lMNcaQ`?A4Lrfi7cny#?<=Ot(^v(`xHCvH{*}3f#mrUc(z*t+#cVxO%(@$a
ze}Gh~XO~ssZo*}<;QcnHYT6s><Uqt|R<b-2Wf#m}v6Pf{i(FG^o3Ru*(_B4@38_H)
zo{@6CTC`U^9Pmj_LkdMZBYZO814#K4YCW0Qd>^X`yT>z#B_B1DeNTQmE>lIzpKE>v
z8}KU$_7GbaS^H(g_|}gBSYFnH26Dw*)D{Nv#r*Sb4Ve0i50}<ZNVbN8wgwCjq$2!o
zX?|-+WcMd-4zeZ(J2qa0-v<0Xhacxe!5@}GjoU!*Ab!LjAZ<q1d@(>Pdh1eXdgtJh
zZ=3^#73_?I4$z+KmPHk3GjMZQOVM^`7$YM_H%2&JTsJ-!{Bmq}0P@RI?iMP1D=vB4
zbk8HscDE6CJ}!k!s&N7C?uCrVxEJx}UQEm-xLBperMNY=;{q3V8E#n@!=yZ%A?IjV
zo#mQhvGEGr$sbKEFB#k3t02AWB3xLWDY;hw*zs0~=w1oPay?u*PPBwaA>grGS$J;^
z68q)P*vi6fAf3Ad7c=85fJSuP`yuGD8$8N+%WQ5y1Dv`{+<PJ8y^oxrn|#Lm8bODk
z`kJY=X7hLum))z#P+;e3fbJ{9a7J8_PT+=HX;808BePQ8OQj?CN_=<rc#L6X(23;6
zAMk6!H?8>rE|BUNN>$fP^eXdx=gk(JFzm!%RVZs7AJjz0A<>3+0``Ubvrw)mF<XtF
zct{gppox!Vj_c>=h{g5%KHWY>WKzg#On||C3qW4;1^7A2jv|Wy8#;^bzWVt{u~!)#
zLp59vcz?Xwby(Z#Q@1E%RHO0f1#7<~wI7I^^A%7#AgHq(CNNY<tsfXx$W+EuMbEhy
zUc{;%cERU%#wdPu{A!1(4s-<)4-mu%{LqLp^Fwe~8^Bsac6~6{dGRz@J7rFn<8lRl
zXkxzqNEu%Q%s;b<5l(7+5)z+Ci4QiLC*!Wy$aE5R#}u`bG-Y|}Xe2#}Nl}LOq|aqQ
z<TQ7<F9T+6<P(*X0%@po83Uj8`qvwWA0R$0Z497HJ!s!44yhOAP0KE&oLST>+W!E?
z8m~iqFXGLTdHtnBn;Z+u&zs8$M~Fh>HAvB&ZM^DWjJ>$dTWkCVV=X@WC|?I}hUY_N
zyKyttgc~ma$t~`05gUukw8!O&sm5+ly0670>s|x)>W|(7dHNtvX?xz<u?K}Hxvxc}
z8l>tUBGaY59=GZvkazp0LJf1NEVN@b;Zswkocl98v#@j9r}K7ZvagL-)~C|j^_RMD
z0H@_WrBz>;%V+D5M#d}q8n8jWuEnquqiUS}%HXk(W$b#LA>+46vx&Yn<-QR-$3V+*
z^V@LepGNrve+~loO}Na%mS;NSeXN!f{Zz{R1xi_8=p6!o>g~X#RN0_U5a$l?UQgr)
z1i8vbqRqh+U_z%LTRi`wy`UKw*IYvrp{#6@(h`ei^GN1^lE$7^uDw}Gu|9~w*z`8!
z;Jg`B;|FKG&xV0zS?_CMppx}|5C%qSRqvMw<!c9em`&im$QzaWfOmx43*JWDb^Kk@
zhbbaQrN8kWSeQOOiDMe?$5^ni=C>kTB=(!YMW+zo`qPNLN5nhO`?TB_dH2hG!2373
z7rdcNAhtisqV{C?j1f4Wz~o#mdgoj&Lg!qr66f5raBVz}(eyydqr^(714^}b_H*t%
zIX0+9A4`fE%E?hyw)3BOGT2hH;I))-AA(`1gXIufdRJET2!50JorYg+3)U2l4{B06
z(-s>~?TiGT9!v4-OsB0Am7Yi=mzY&F2tyvWE2iMRI+8JFOku6mkM;fB5@bk68I{&4
zV|>!0iPz3dM2i26BH>}hTMs3Os4q=iO5mj^WU4K$r0vOl3reWE8lIYNT#L|h^BH>>
z5;QRC%DdP3m?2`&mF8Wv=lt@r`*uG9TD2Ry8F2$I@4!VHnlAM{cqg=-a8IG*p_d9`
z!UjFhA9VHx`}GnXodV{i9h|~G9ySL3C1f`+>6BkI-cA``0UqP(a4p~tRJOlgqC4vk
z7K60_cxqU%Okd#9^UgbQsltsK+gC62Hh{Wqs(iT`W^A~jqk+baOg#u@@zH@2D}U!*
zq&NbXPJ0IS<<f(G^Nu^zhtp@@(^kI6Stt&MZEs%r&_V61d;=ZIr`Db*-AS-YEgf`>
z(lM+(y%PUVN(V)AXobJqZ`bnewCV$96QllA9rHonrOU%(<9DNgIxaYaegc1H13hxS
z#eTzVU{INFVYC47y#%p54Dcp`FA@;_L%xOHCBUMo0u(HoPml~X2=INRJzc=}6U0a*
zNCv|S2%ryuk}-w_043wYBic0rN)~G)f=Wa%9uZ7L*p(4>RfJs~VNw1-oT&(VNQ6B!
z!X74|NVZ(S53oQhB3c*@n2C^1ggrRIVyF=0hISIr)&&&4RRKRpzDpzU00E@}4ir$b
zSSFw(gBt@gQT0m%6jd(~P?BN94FbW!j|DO;5>S#Y7EmexW&{G^dxC(sP@FR&+80OQ
zsRD|;9JZPb0cqF1!MspFk(bWj=X<n(k}*1|AlZfpJSGB<jlkmslmfj#K;g^Y&F8yL
zKq=;t5$#bCc723BLckBPYzqj=pvnC(!e*1k?}IdcAEZJ1AdS=qX{0__i9i~Nk7b?u
zAnVBosbwFemVJ<l@j;eFK}UsR<HRcaM?^vf+>b`W-r9~83Fl!Y*9cqbu5>s40!iJE
zh3UOLIrzZa!f?s`cnDXoP8mkkG_hE9J5zlkj48Qy2u#g6pJd!C!|;%MX9)W;i&j+*
z(Y2OD6dYkkDkT-}Q(^K_<J08*mm$KtEs~a;hLzy1kf3@wMSi3!DKbe*?q@<O?<-`3
zc81EQY*<%UJ&T|!9ep2{rF{~=By@xGvGj=Zv2>0x>}chTxbm6RXuNzxct4BE$8Z&E
zUPfhWT>V6sef1MAxt|S%^q!8&MfuC_Ur8L{#g(Jt*%Re!Pt{9=H<%BNf#J&Gm7aLs
z#0~j*3w@pRsz+)j)FT5<3wir?!LYXh#GqY#Oli3Kq=6dx90@)z5=!a~m346uiAz|3
zaG8!oWVqT#4VB_j5<Too$(jkYKzMOwG@b=f2`v!eT@hu$aAh*71>%ARAoOpEw7@zK
zwZK4J3k>g93zB+6Wh5@5;PP=p5jHnPGBVsj4MYcq!lo9ACGAd){B+=b6OCcnY0t;9
z|DKO!S02NT`fXSp40$GOoCxo;k?0Jojh`H^L81c<E37t7ajQ3?aaa1{Dk3^zC`5So
zMcGKY55VLqtK!)ZJ>naRB>8PrkqnpJzZT;pjM;;YQC#B-wAn8Tnra$y|0aaX?%#&6
zJPxVkuUmqF+VYaOxL{my%kr|fOzuNoUGBr)A#xw_j*$Bz?*zFo_D+}k5^tm2N4*Q=
zUdefv6L7y2=2JNz6X=*rr%c|fK;*l0hAXeGEQ}YMxS)NoQiJwEc(gJQXGfHGW5kZ(
z%2~<gKwRJyg#Iqlt5cwLRG*;Y6BR~uC1KOVc>fe-Bnju&7}0@YNRt0Z<`vW!<4|Mi
zwi;tE8Skzb4!SGpLA6yJ4zzF6F|2g=+9AZS(#J>GwoZ(M-s#<8bugUhvxw;2XECPi
z_gTW`60%XXQoyh|i?k~E8sL4wW7xGx>}d5Wc8@WmA#I|W65+i*5}RRdrkBJGiRi_C
z`ym{3MUs4PBre4YjEwLonqe$^q7qJ+2=8-I_6%1JN?M)Zihkyj;M-A#EODqG2I5|r
z;r)7HNquNA8c|P1T-p7yv^!z&KqQ{V-5thNhuI|^6W5fmT;NMfLkgu6tJ2yV2i~u}
z7<Qr~c4bHGs*c#z9kHAW&ChMBBleJv*h4#F59^4P0kSreSlOx_X*ubcFWIsrc1dzH
zMW%@^fC%rmQ6(`fCR|<AHaKKV&<h9~e?TQ17WagWj@1)bG2trrG*y2M=N30+#w3iH
z2=64a(LpxDm15GE1vlWEha@;R%9jQZw_k?$YriC@a_>*|@iyTYlhBgzx*!sc;o$L~
zu(=i-lA|l4D}%nQG{ZnAgjFZsY0H)|37rt(?ToTzxUwLr6Tt-yToSxJ(g_VcY(fmg
z6~yp<6+{A6&^Oy86~2j%NtoRjiOO)GA>lJ+wQES21dW}IFVGO->Ti){_1$gxGA5xR
zBD~w9Y#FXBOKM1PeSS?yf_owjv3Z9YVj!*|hWD!>5{QN>vvK1lI$=LV1a487-W!Rm
zaaW03R9Iak;i_mY;UbBy^!ufu8w#{WxOzVnRyj8=3(*Oc5#jwZ%Aes%e^O<F>xpIJ
zJsqixUM^G_196oxykC`(p!z7q+!z;AnD)kp@50IK4IKi*fkg?Ei{@FBGV#Tx+YNL>
zSaq`@o+;4@-4NjoMR_vZt{cG>VwrfWm_SDy^y;B*7>MhJ;r;4{1ge`O;$jNZL~9dH
zhedKS9Oy=v%-4-D>Gs8zZbp046-es$A~Ebi9kEVF?7<zeT-2M-x7HC`Phx{z!jz{{
zsJtq!3*r)EFe1EDB2_S4eSps6U34C|qh0w6GQut&(?Bo|6Be(IDv>HFx%WtmBpkea
zu=tpv`7?47V8JLcpHl{3ju`w!Bp>5~s#3bY3+bxgV7pin7h2c{?wtWoUUyJyV=V<H
zP8f2$GOjG*6824m_fL^9lBkqy`+^JHr6l-mq#9a4+@u-auSt`ja&V;)7mK)rdlWAJ
z5sAfcpd-T7`Q0ngp&O(H26`Y2J)9lSkhp{%i0~Hlg}y}+wdp}{fe(}fV@#l$r*+5m
z!0>+cKmzFD%(z&BOSEfYGa1RnaG(gn9TXu<dVQ;A^9mF}7>YPNo+EJyMG)bg9Azkp
z+7uzUz~M=PwwF`lieOXTuOdhQMNGxT5?n$N!e(0}7sG)f2zO9~FbN!76*T@*<WhpS
zN*jw|QH^nI;BrU-mopTXj<|%m65;KPgk!jRmw~1`9dEis2NQn6fx98>UC-odOB67u
zG=)zPX$hkO6RTW;OK6H1@AgO-p}440j7vgXupB_R?0zN8!TUzLB)XVGIxG$3!=-_*
zN)qZV5SB0mJT$H>;u6Xt!h0%`PZC|3l#jSz2~Ozy`$O$$oXSKPG8Nin;zTHriLmzc
z2gJo9I$`)kc<Y$WZBj0V+k1NA0<{VKbR-t1Sz$-dK)ew!yx&GZ0`2G%%dEmQQM<zF
z+(=A@gLWWH=6Cc;a)*>^804Xp4ESy0B?Pri#IRU|>wq2Yh#l#O<)gFtd>1FN$+b`B
zpXktu@LnAinc)s=pF{^XLpW$%ELw-PPoficNrZP}l#QhOfPqGwSo<Wp5)2w7O>FU#
z;b19^Fl@6gv`t<7q)w}Mc45EW*Q7=m4i-ZR2aBPEOYYx?G`cXlG*}q@A_V2aC|;Gv
zeaQQT+=snC$bH1?E)u`UtIB<`cZl4Vcqhqy)H_G+SQx!RfxP#61q$A~73lVESD?rH
zvI4!{{R;GXk0{XZJ*_~|>tDbOD+|133JiE_6d3eQQDC9BRe_SXLxHmQCIyDPn-m!K
z?o?pJ`-%dKydNpB*n2{OB_8(iF|Sc?P=Si)C{Xo|AmFd_Qibj7yrS;-tbz#dbfogz
zy(DT|_!V5v?@}2+y>^H7`VUe^Y!!jeA>6hgOq91R%7)>}amj&}B=d6-`W>W)kHe!h
zHm|@;2nS{&&F&14REmLVyp<||Y3z|ZR4eyk@56E*@oty<BJVD_FZRAD_a)v}<UZ>C
zqugN{_bZV19#Ej*{X&6m?+FEZyx%L(>piVNpO+ex%IWvI3HVh(F;Nv`aTiRSHwYqM
z^Fq_6dE$a4cfwG7Pn+WDVgkhz9<7YWb0NxG73IQk`${}<LB}lgv6XoGstzmhL?>6`
ziSbT}GLnSz{Rh!OA0kO&EAb2m?t?H&+Z&eli(&`;K*v|&84gzB3H$yW1BSrw#;`|s
z#I8$X+g9S4+}j=%i{Z`-?~EDt7v3e+EK{lZQl7Bi5#c^6#ewApa>lSP?ub3LBlg6O
z*poV9U)T|QauPdQ{Ry0Y+=M7uqDLaa`#_`<hINhf%}jbbisnx-8B+;Ni-Dk55*D9}
z6huXY3X;I_m8;`I5GNaa-LHq5^S&L)An~~rx~qI#0HVw8H^L-k_nRS%x7l=5Kz-x2
z%#TP61I|AJ^dCVpT)o2r<HQp#q7(fm5#AG#K$1@EKk*Qa=*nm;V=rbV!qk6wNEi(O
z?J@E2kX8`N%0LzK-!|EZPRK@tw_suDY9!r!*@&(z@nw@V$1;tYFvCIPBn;Wm6(nS%
zEe5WLaAjw5;y|4D+DHtcIWjr)6<pvT7zoDZlK7*MJR0}cQfGuA&%!o&*a`x96o%QM
zGa+0#J}Db<-d&MwLbEa{o8T7u`e7iDO%mT1$)<5C8{rPJu`LF&5gx6)FmCQdCC2AO
zc>fg1$8h^L3&90zBa$H2!r08i7REq)fX?uK2k4Ue_{z$-jKl?txWeGKk$4(+x2T(N
zRhnjE;g;x1u-r}897-pC`lFKeG~oRKbPT(pBleh%*ke0lkL!qiK}YQIN$hClrEx7#
ztVClY!poP!#>TLY*IyI&OhgB5O?dc^k0kjhlWV)92Eqo<fI6eWxC}%mWFW$Oc_f3R
zo8RDx4xN#t*^|sTXz+}K5u;O1G<eoSV8n#0-!tHg5{m^yd-q0?2pM1KN;WN`E5Y=I
zfuLzg`rk)VX`D7K!jNjPO)A<!AQj=t%aS4y=e?~QR*=xNxgo&?Zis<E9!VT?LmH>@
z5bhukEijNrVRb`<D@&8I5$Am}l1*sZ+>qb`H^e|7n<S38A&pbn2zQW;?I4hiaP>V#
zdkqrpeLWJ1;mRS&>Jwb>a8D9E%mfEW8)i5#B*GoUV8aW<Al&8+iAs1wBD~*4GBI2k
zNKPjN7kEQSkQoYPVw(>A4Fhp+$nbu>p`>1#^oGO*-cT6yFt^)80~&XC2v^5b&~m~X
z3d_J7u8T{@fIqA~lHjevCWbw#BX)g9>=8+9a_NCQ69YXWyroe&7*<zyO5BwZ9Srga
z2ZKC{8%){=2a`4_21aK2p<vF&BM>=f<NF}NoQYKJb0*@vQzL<drftq7xL~$Q-2{e3
zxNUYsl(!|~$8h`XNRs)TzR+JudNpk-IVd6FpoF4)mT)8}AzzJR3HeqO7cBTf)Gf=0
z<z1+t#7tFv8yjF^Zx+$sJ0l?(uAH9Sn<coQ(5&R3(1hFO;zW73M*JAAUc+n?n>Hn-
zUv5eA`Ka6rkR<Gs7^r^QG>j$jK8aZGS5YoP^^aZRU1Bo?q65FL@VCUiC3%L2ZK|dj
zu556>9Y(^7Sakf~0mi+TXb^sR11_f@)A%mJ&V59d9rQ_gvx+yNjp{Ij6vK7yC(_X|
z23c#X@)12DqT0`78-ir+_nFMg4C6I7Y1w7x2ZAXBqk=*#P-`#g{E(5dW4z@4NZ?+u
z4&YK7?EY9t(4B=Ogne{h46U1{lp|rEq!J?`?4y^*(1d+-HHIeaqjl|2c@y^0oY4k?
zqx(w0K8cQEG$mmltsX(qgcV(Kh#A8hl4lXOn1S&4*aM-#F?})ROvLiV6y6grrtp2$
z4@1@b^WP$PDQNr`E6CJ;)!}6kcs4<QpFD|!Mnbr9QL-l{&O4R$sy<w3PER%w;(|ef
z(4QaLffQ@Mod`w5(}LCUMnjx;O_Zt7jJf|LhQWYrlu2%^Av$P5ENj{QiI5Wp|Cu;{
z;=Ff7{Do#`r5yL>#0B15=sy${is7Iur!t59ya-p{ike7fN3{3xC_5p0J;@R|5*@5^
zNs=!`IWp|$Xf~O>^8ibCz<%1g*<>Q;LDK1Vo$HY0{B}>OM7t;Z1cItfAXv$Y7<T5!
z-}??kRbMdT`+|o<;nl`XhwXZ7qw`bTO3p*LHsA(r=bwolHJzXFe#h)Ic#n^I|BmGM
zreV`^9;*9ulK%piU5po^v60ysz(~4F?jy4sHR${cIlZhgM()1^yu${cT@w3Z%?Gb_
zosBbVTAP^S1|J9Hp-7UF*R>ljM|@*rNVEuNOQ1_N;3bPnZ#mmQou4bni|36ZUc=pK
znzrz;++B$4$Ot_2-80+B^%(`!VAn-S0UDdbT<-|PO{W^?;;rz;Yw>1mZ_0VH3-G%r
z;g*n=XJ~Zs-F?2_j(3$=Hg_AM^LD*xyYB(y{vK!axSxllV+*03{nEde^lwCV?p9<x
zHt5qY>Bzs^c5fm*&j1oq;k{4Vy`=ToPFjt_5Nw=;3-VZmv%8K(9)l=D%6$=#Jg0ix
z&g{kO?MEOuGPOAC9tpsC9}YUQ+)v?JPnCP-igVVAIYSP!#z{6)-ztsez)y8OWDKu1
zEb5x)jBEz~h2USxmwIXgR&KA)IAxco^SSbLPY$PKPd#kQprugi#(_Y!gREjIpj(*9
zE-z1a3nrB07XQef6w}_9LDtYg%D4pg66?c~!texYmWV7D;^pPNSKW`30_rJ>9WbEu
zzsOw2i0)EPX&_x&io<<;%KmH)dG`>pgA}(E(>Q4eFElgNkFsNL^eg^6XsEsb@A`@v
zFyyR3)~KAlK5i>1$^ivK?ki$sH^#~E%DM0ns>?}wf*Qp}KjKN8ZLniK<lzb5T8}9s
zi}qcPY*8{iu_GsKFYd!=tT>2DTUMM<1Un3zYh9)MgP(>@{a7hx6)Da~WDMt!xSlEJ
zAACbZ%*If62MZ?O{kNTMctyN0mtIlI&z)~NtAXm~Q3vITYHiBmE6cWXF)r?-C|ge^
zSIXg7gnz)>$+d-+y9W^isSM5=FQ$BS#<>s-O=pS;e}V=&o&x8bW?+`a>@l8^!1Dlm
z-)E$0iwxm=1L-fKI6SlNV1$RDFUy=V%VXA6826duNNMdLgdr5`z}A|esyJ+rYI%f#
zbFHf|I*|mXwS%Aohh>k2F3-Ilt+{m$UEbA!Uy0gY<7hM_jiueb8?s>B13$t9SACOK
ziWg)V*ujAN0+8o<Zla(*4piP26PE^)u9Y${(V$^v(Od#U#qm&6KhH|rf^nxx19t7;
zOwkT#%QyxD7Ea{?7i(T<oIEd`$?wg{nXcO)qqHsOI281MvsL}?`=t|9k<MFq^uaN#
zH~J4t&LSCUtA}%A^#G+GPY-yw-rcZq#+%d-yw5e@>C;GSI-Yry#t`#biD7*@g7i_b
znpHgHQ5#(pv(ap5ql93iGzVL*(wu3dM7jI2(G!ERri?A9PyYGF=^Z{|Tw!^q;VQ?1
zwcxi?rnjjLd#+$xZCLOE?d~@0R$%o!(H9_}#VAMPQM8>xt=F#fOyn~5ciqPjUSYY9
z<F-6cq+Q8Rr0mkl2kp{iHsd~li26?vHV4P#&_13oY#MME2Ku{z-(ol;itDU2;RudK
zh+=AJHQW^hv6tt^e_UIJD9Wl)OA(@s8XCypSZ0b7CHSr{z`>fea|O?P;^}_NucG%I
zFL<9sksD7U)lTup?2Xx{9t8PDX-7QSMUy!HMo0cMF8R5hg7+&V%rtBcV_<y2`|(3V
zMh|_}etA3_@Te?${ye@M%29ynx&8DfksJ&6A;$pDV_9oq=*+U9xMw2A#;;ji)188I
zuJ?PJfKvQZg1_qRIH3;**Y4mQ?PZwfh0KmGG*TJ20vM{qwQ<%2q+mbRcs<%6P8T4O
zC-*cSMDfPVtKL91r<pr=$6(|hoKMn|tB>Yf41RHF$-Q#@F0PH`R4iH5x&{YQvl9z=
zhM%y_x(|{d&UTh;Uu^E+T@LrV5fpNqA7&_Uc<wEF!~BDxTXAcA9;Y})vf{+P&k!5u
z`f+kS)RgZB3}j|69>l2mZ;LolfrZ1lg#0D~Zv1LM<7<JqK}oMg;<e-GpG-O3kcSq!
z|A8F5PeQeFvd!8z!JdG98d%iASBYN=Q{M@koI-eh9yaOXZBsoDejw-0gmAvHK@LS3
zC=?5&V$Qh)mQXBIs>Qs5%67J^%mW}+K^fh%&y=9T?pTovjVr^d3FKG@fF~mk^cDN$
zFh<;dg)nYU>h0HhdkVM4X;4JtNL&VbYP~*-#!(XX3(?q&kmR}Ja5S!g-q}2BvL_}+
zuUkdqYs{&Iypwu+Gc;rFAUM!p?04bB+BDSfo(P=#BrJTOSS((DsVZYZX<)EcDlRAv
z7K=D*sytI1oY{R-aS+|!AaD!N@BPf@7gNo^?0-@<12LHv#8l&9%y9(<H>es1o;Kh3
z4VwfcWIGziy^3l~>EZ7w`9_9(458FrTVPt*X<G!zLJs!e+05i)I<B>h%aC>{(pvgG
z6gnR?ttlv@y!vDuug5Q=T*VVd>qq#Z*|)<6b%=McY5Si`*#L^NQv<QHf$i@ETw3VY
zu|BaKRxyTAKC3B>;S~LL%D5Ey!XIH=LaO?f+Q|xG9E%}fs(^uXivT`o0;YNUD&|mM
zZtvjTJqNg<sj`Mjns1bWvQU2Ru^^rN5T`xT@4>fAd1uc9bBiY*a$eOPmv3-vorxn3
ze+vyems9vC=rSmN_-EjAAoYe;gY#s3-(|VKL#pw9?@XW+ufD5!0kRt}n^uc}IjFiR
zNfB!}vXxkCVqwR4jFCl06Z6V7kyG_{&rK&;4tCF-U^TFh7lo59klzPM0lNxb@^GLt
zl~ogYOmb2EcK6(fY0Fn}9MlSe1-D8Q%hGjcp*ZbBE-<eAzRq*mPg0M|P=4nCm?S<x
zgf8y)NW?CVIzylMtIXK3-kYf!^o#Z`>YHQOU&Eb(=v^>})`i6F3~(|tPBq?7fAF4t
zMt?9FeS+B}7k4k4xJ*TLzJ?V5W4YLuMBjvHsDj2IXS!i<TkFkaaUdGa>lSGh8a?%B
zhGQK`Mc2<IjekJ_pa-5`i}AX#f_w#u`nm|Yo8D(wPR{JzUx1b~btw0KSiAEbmgHg(
z%`GT+Uk6#n`B!RJ))@@bD=vwr#LVULtS0<N2!^w@I2Gqvbk|=xx-sY8kI)Pb^)03=
zxye*9T{A1W>pq1lYQg!+82li!NwA1XX%U}t*<IZQi2-e{RJNSIrSyz-6FyxeBk*E+
z>U*^e42Se{g990FIb^|Sha&kfe!$?0r|cbch_L|ewaYM0G_JkR7$gk4W$B?V=ig8y
z9+_p2?d|I_-PZwf{ts}a$w7u+ABLYX@d*=*SA#UOOoJR~Q!o+vOQu*|^)^E;&C7K;
z##qELuDHPhZ8VwV%BqJ+NkD&jlD?PptX~T5UWUjqSdau>PD+^$2hp!!bP%{APAgm&
z$1x&T0<)d`9;XEbEOsyfX4;aS$LKf0IGkrN-JFkBW4<j;&2ymZn8HWt!;_&gJPgVq
z`F6!+6O2g=PM>0B!#d^e{sC3A!-QqaVh_iLs1J@Yi>CMY3B%0W;}|GIS~2P|n4z|O
zcN}1MZ8)okDzm4+99x7}hmh5ylYcrlnAMY$Vaqr<Sy#Uw$PA?C`UY(8C$v1fv4GW6
zOw;GU?o4CCSbip#koZ?N&U(4gN4tB{Y_dVsSL@yV9`&-!58RKyxLtkr*=Juf7DENA
zWs|0N_$XGvchl|=cu^Qo8@w7hIV`^wZ_X^cU-T0&MDUBwRV}RS)Q-vK_70>3$$=lr
z#sx0<4wLFYaGU~*V^tic)e6W$6~4PP`S}c2eL}+==FG$oOAT7_I_2r$&JSogfpv+g
zNjrjH<{Ct}{=hW^)*ohx!rs<Q9!BMlvCfYMJyc#aG4-|=bUFWy2(yX4AT`d@=R~4M
zfNO0B3g@0OM!q&?JO2Un17?#E!I_IGV{Agtj^tTm{T7bn18<q1<!8SE!UDcPN3C;8
zWV)|GMYw+in9(_s?Y%9E+{MVJ<B?yABCnYj`Rgc>9_Xz{!B~>XE0r)~`lJpNr$rR6
zotMFDqDZbQC3$}`iu`j%vV4A_OrDu(ciY}i1Db59GU&VxJ#n0@f>}oG@X8>pp_rO+
z{u2xa(ze%E^@YyDr>EzoD&j?C9#Wp75#7^nF+I7pZ-&>-xo?5RxLB6TbM-|UC5AoT
z(E;xjKu#l8j+Y<E<S?nY7Aa)TfN#{;Ygd8`2GoRQuq@Nnft>AK8n8g@PR2e1Hr~er
z?22M$_V9sV$cW5y(kF`UR;;-bwg-Z#B*8AW71sNTHE&ab4`Z6AgH9~B=60M7KhrQ)
z22{0|g9o;;#7WL0i5Zc+5G0@IK$40`R&XlCK}2ARp9%^Ap$9lulWF|iLHj23z8WOK
zA~ptFlEByZy7xTu?6c|v#&k^e$FA>v+dPOqZClXL*e_U(+#+PQ7dA7t&BU3zk;nf%
z=EfR9f0Z`g4E12C77jh6iCe%Qp-AVw;Dcf6cOjV$>SDz5aRIE8{Eo*p%9;XB`hFAv
zyM&c!_gU0|hMgJ)dhTP0+3^v4IZrLxeF|Z)K6)uwzYX4K=NRPSde_TvAE#W>$65LW
zf*wcQkmQQ<zS(~j?7?TcGWbp5E0zvM82K@~-ly}ms}4ma4nAXHg@$9XF!-`y-Lr)O
zY|2cvUQP$}OT}95qwEm4R8OGsXDGhVSuUnM8bLrKB&DtkHX-u_WFExVFwG`8vsd9=
z)``X7or_UFaHa+CBP?^89hTW76VmeDMq9{$_VJL`&NLoI-VVKW_gpUqcyLnroUYek
zupO+|Ty~k!OS`}rivnO2D$He#YAxhk2|0uH<zmdglh~FdqDnkEkaV_ORl6mvBh%m*
zISoDw;q9fgy|!Omdi(Q$m2wT(mEuMm<1Qgt|2vN-ENeZ3;(u-ah>3(g-^Qv9*6`_C
zKFTJ+`QuBFFZ2VuCsqB#8oEKDH=CHG>HLvEIDh2Kw%(KAqokTn=ZRkk=ZT|!xn^Gh
zCgD6WnSO9=)Dk0#%@99E0iy}yZ49!H{RQ}~Vx7Snp3i*o3S=wuMFJS3OW8^-7K!sk
zVs*YaKOXZ%(Fx{@B#)Jk^TiKCqVBnkNtT!yp44%^IN3H|{D`Dp9LyI#B*C5@Z}kB<
z-M5irYsmV(P3DWT<`~QuSEKwobV|$@sj^_ccrp0se35z|yWEm_X|y)s{0kfI%}5bb
z@}0@xrx>KpF(2WPz|ULfS0c;t9OiTcYW-%DcWWZ!V~ma(TI_2Gmh}l_+&+8O_I#3Y
zkei%4<LOc-U9c#s3&_qgpj{e=fHs_OdXNd8?Lj(`M?u|cP)G@jJFW8}0b?a36Oh&p
zmWMMv0&v}5XS%BZ&n>`5WTA3f=X`^#zrY9e7%!UEIUh!)%+-AeT!(a2D&c=(E(_5t
z;S3hxnKhm#_<fN?)5Y<zdKJ#3A*?|d__y9()yH8NXfI%A_g9cfJ3C1%C6LbUbBt)~
z>p~J=GLfW@4nn$^g7*p9k>u%9gc=F^x-Wz8^X=>I25r#S9dcmU*TLtABvcH?;S%^~
z22St;Kck9dT8QVc68&>vIEf1b65aR<3<Y(K-!jmX(>E6zcXI*9Cw&0vOukHE7i1LI
zU0dPLxxNa|W;R)!nZ`E}--AW$?;>T+{T8YH3D|v|Ct$2Q)`^Ly3X`YnT#I`oI1f6E
zcBg_yx#uPKLT#=886D={jbrDTzpeROS=VM=a5Al9wsdYFHFuB-gfa09#{plO8}z@W
zgE<psglRpSesHXase~`nka7HGm5Dxt6G1$8M_c$C6b#EbT^KBsR-05D?XQaXdL*+L
zMJFQ+Y;a&eZ7`_0pR(rQT-l;HA(tu=!+9gCQC62g%SI$SHy~y>-&%uwgZ>zDhVw1*
zu$7a{w}QOb!!kYRNM~b?gg(7(j`VienG7FI9uC<yM~Y2@XcEbZ$d{v(UqEDsNzPLd
z#TVx#kIiH5VdSqMYB-N!ONh^7R@nQR$)sy*btaScXEJtdCWB;{6x;LXGHK3bU=W<k
zeA%yp(9d8l!w<H_=Q8-Pw$5c1*j{y+ud!g*?VBhUB?huNOiyG+!!HcUjK%{mAC_f}
z0UUrGO=j?6EE;k9WF|YiCY-ArXyZ}GF|=}iC%o}TT1jlSy5?u7;9_?6h%mvp?VS!G
z=cN+&8&~w2TQ%vCVbVp&OP&NeUNAZGi&>jR9veCk{%e~&wX;BY!t)`l+fY{LiBLY8
z2>JQX9g6ADKFFi#P(X}9zCS6_id*+GOo~jtSSrh$^^>uDBD2&&tx_!Llyo5))Ihh5
z2S+j|3^^3kll%yu<tpgnQctl5uB1m@i9gi}zlHu`)b~RCK5xq0gyY99fJPtMAN+=~
z9(QCVfAlv;0$PU}^v&=mP$yP)>-t2VE69uN?B2-LWz^SU%ZDx}!-9V*V{P{1@DIj%
z@|u+@#c+@t9k`=QSJb3ZUx}J6%q{5lE`pI{V|{YQA5--jrDfVDZx06q@YLwj`Hr96
z`ZId2Tar<!)+<SoZoR6VkaArBxsH%Bl8WnG=Il{45s}ay&zMc7L(x@EE`J5vLu!=_
z%CDQb`U!@+Jg|#PA2dM+Kau@hgV@ETes`&H#Ae;Y1y?Hq!zZ#3ZdQj9ZDR?E>g2}f
zjU~|O3US!^up1UkhAmmT;iF=Cabigw+yk3HUAOt)F9zPkbnb<2;|<&Po{A#Bi^vWx
zcG>d4eLL)i<H=(pbZ6HdgWR*x>I`OtGjO<T$AGrI>41yhXmYVNniQ6U)T6;)sz(!t
zqi}4E297s!Yw6BzEj7C~bPQNwv7KLIUAOUU;6YZ@&Mc<XFxZXNE4KH>K(wOn7<0rl
zq=DAp5K{Z_A9mzFRs;=MJjgy0?8k$srq(?Yt*Yp_!7%=4>}qz6vwa_6mYnZHlb9~Z
z&Qy%$G0jiOJUX1??F1$<$NLe>{bMHMgplhQ|4Z}S6ZxF<)yUrD26CC_MtO66=XkVF
z&e6>#skn8kMQRD@oRv*h!?-arkLNor0=7Kdaw3M9uKuO!B6z;}Kr;9sgEH^<SLBP8
ziRV3cnnivxUnPK<hLou!VsO4ntj<^G$78-KWy5^6t!$jHQY}4mmnB&a_RP(6n2q(!
z9p}%+g6Eq*kksR5la)T6)yJGQ+iv_HblBZymhUuxefQ4TEQQ-m{pVg67_WQS=(?N3
zV|dEfJ(8TmVcopb9F95-=CgOAk?4GuHU`G@Hy4Bd2G*(jQ;?!d*(4+Vf*pB*?%F}|
zCn^}rbLb*X*P7}M9<cl!M*05m{=1!r_Zb?nj_(&6Q>W=z8g0UT2sw`(V3rl&EG&F_
z8McjM;xaD49$m^%$ka0#@it(MMy1blTW@0V;K+GzT!T(x>{zSbJ^N+^E$J6m=zcB4
zb6+sZ&b2?3-4hyr;&!1f7tUT0ZZW9Z&Pr}5nBs-QaOW{d?tKn=bx!0M+D}oyjt=dA
zm)Z^=PwCbL{aC6b`9WI}9nZ6$|0-nS-|U-^t*KmW?=jGi&5mKkI7IzcP=6LjJuRrK
z<EZ=!CVXWaH6*B4#ZfB+^$479$o>#PJsd}!B&bK@sB;AM@7OI8CcJ_uQwua9+k<vd
z@w8*El|7U)jN@plE3kyS>n(^;=vvkl=a{?R3TT!Q-fO{X_7bY!#N<kGw|BtZLmUp0
zh|@jM0cRcry33Mu6CH3T5Vs>qcXbEc4a8lUq`RjBZjLxFN!RPl$H7#tm~ABKHg>>W
zO`Mozq?emI;J(%Y_f!Ym$iegZVc*vkvyZbIj`G;q0e2H|II|^AcV7qG?}__Wl5T8l
zKJFCaR<Z#_`CiZg_iEza10#;ny_>kbN!(q;y*G)wm$;jfxF?9qB=gPI=Hr$T*PWz$
z0dYM^+y%t-CULJPt}luEFmcbK0maJk?GCtSh{JQ|I9<IyA9q0#Cyhyp#Z{PD35xVl
zPy~;HB6AcJaigHrOcay~h=QW~C@5-=f}-&#D20xKQZ@<F%|-hP^Rsjf9&H|<vUZ+?
z$5mC)^+jX_C1W$lR2Ij`=nf;YZY5*O$X2Q`GP=l!tVhY%SaOwBF*3T%hz$EMML0Gf
zJo(%Z5n?CN?B!_5rtFQh8polFFUz&D8okHZXH91e4zS-4uV%Uy99+HV2XKnDKKdLp
zr6*M1X&I+T&w##x)o8l+qekl)Q{LYhvy@+#2xKY0vgwC}A)K#DgIQI$Yjf;a$<xJV
zxP0SFU>Nx6labd8*f-)C!MkBox*yh(Z{X$A^?tjYN;h7|J%{`TUM-8TK)oqh=EdiL
zOW0Mf--mR64wA8x{XuVI1$yq*btnS*=vd$mJR-xIZ)sJ(_fcf%{eihYg>Dtkv`B5q
zUR3uWq{i!vigFKT=;VN47$J9TJ_-#bmS%z>j(ut<;~^}gGSfFRRw8z;oc9)t!{B5j
zCVjhZa*WoDv0hi^n4asC)D{0Qo_{-Q#&UiQD{Wm5c&@m@djU9kZ^XqfjoD<3<)CbK
z>upRR`I}9`u0!d9xkJY2U1$`U4>q$6I?o`*7{43HY^+q{8R*}^V^Jhv-+DP@z!*I!
zkNY4WkiG-eE=)BScNO^KY3Cf`Fv#OvwmTyaS+gaqbIC(i4a-AT6C<sVO-3KN;%mRA
z`w67yBRsqdV!;x=!x`EoV6D%fMx5V>R652Sg<L04E@uJAWcOu$u6Jj_yB$iw_Hfu9
zw}<=VTzn_B*XTkyFzE!`r+dXQDs<2z*p6)5j2>#C;fT$$KF<Wb)Mv0CZa0-{xgX>V
z>JDDs$;%MhV(T64QG3Fu8xS?ullPvX1*mjEz4sVvj#qiEHk;(Gyg$aYvck;w;L6in
zu#I9r5yXzYHjciHXg*1fz2lTf_i+&DYa5ufP$;ekQ*NjV^=%tx<BoAB>O0EpP9(xe
z_85I{u7EZ;y3y9Hda^f<dxREebD3PQ9WNK#jTdbHnVQRDKpkw0>!pfiD_x!y@PE)G
z{jGF`Fx<YCuAgZ*o~4ZZ<G#3veDxyTM<*y*u+Rmja0^|O)5=A<h0Y}^MjGy(ld|7}
zVspqZfe$mlO$=d_zli}0ZvJzfFvgYVIuar4-_WmdQlwMzjjQ)|gk?|;w|L3~nsgQw
zzEig>;OU646?1zO6^r)8-3#go(M<7_fMID^b3NVOkHH|@_&v8OBz7|_fSAD(p7?GC
zU9&pGnAm3YuzdvOWnNrfigN!HH6T6#^Frf=QF%nRPa+nwaAWm#eQ;Y`J{*t@sH@nF
z@t7dog-RN{IH<hfh3V@O_9ndaK`Jb343oo<2e$$7%hhlpt5NuRjyvss4`_whnF=uV
zt&BW6DeJp0e2OA6;RVTbt&D|vK8(q*L!_kPn~9oe@~7CP5Iy&J5o8OVdn^WZu+NNo
zu~j=<FbeJD5eBZtmlxr;T6;hg^iZpbcqd!hxn?5_m`&2Sdl1Pkhw+xaD>q5hxdG}N
zM94c=?%{D#?Y<68pccRtxohU5))EDKv}DZ%MP%RdZtxBImKy=jb!*?ET@%cmNWWWo
z7imRAvq{)JOgO@5`pHfDm2UPcfz;xOWGA$H2uUZrl`DhyFV4`C>$E(TcHc>YcI1sj
zN-uRVTN!&P3LNxOSVHvublUhPB*0h(b|eaY7gCPnDI^u@qcGyI-SxOA);$6sES9}h
zLHjPeER$?o8kV*deK@-(H{^dd+r|kYv93(NoSh3ks-11?*`z=7Y2^Fa(JKRZc-S|P
z_RfZOifP>{!-s^b*K3S5pVxh%fmywWh0@i&#z`neYcCKqt1w_TNuy?kaSh`w_hgXL
z$RyN|am}goQ7<OyqJWC8>ZF7=?Y@LD=x#K9ET%Wr5TiR|pGnVTjI0e|x!O3DZ3@or
zT_~?V29)O`=wmkP7QRC5F#p-sLYOID-ejIx_d96#x=V>GAns}4I)}{}9|E6TL*B&l
zpS|7_K6_2<#tp{<<HnMc)!&(TL+jY{qUXXGQ)qv0wQfe9LECsQVD{e}ci9cRFpLqT
z*(BC)95<0z#59|P-4{xc<84FsionEKHA%Za%0~w60P2qu$$K(k3y~NMkN94ZBBh0_
z4_XMt4qC_&(n5mwQC=+VLyaLEfQg`Z1s9Zmsv+D_%=K@58w^?^v-MHZ5?>1asKVT{
zsH*o3`>o1Ct4iU_9UTDP(s(<{DQmpCwi`5p_mQ992wnyTt@i`LMi2(fCTX-0>~A8#
zg#JX}Y)XO#BPe%<Av72zkOs49K5BC!&AD*`9sQq26#Xvx68VGQy@k^IWBLyOo?EcO
z`xVUCicJh)V2tt&?1M}pqL@v>?ljrP?MvQYc(G4oIWIyjxLZlohTB3M$9f#wR@oM>
zzm#uN$?IKt^xFqm+1>SFJ3G4RZCApbFF&!oBs;o!1}|7_yKn1#XULN;o*wWcTt+uz
z17HT{`k+CM*`t}6#<vN<%&Gi&W-iE>na7D@79Au{nE6ruB5o?}yhQApdke7c$4{ac
z(^l|AujEaw;`_KS#FfVw1h1m#1HOW3r83T`NI%yLe}5F>v$`!m(B%Qff<ts~qO_|s
znH75;R$0)lUMl&sU11#H&yUn*qISjl@l7yj10?ZL(gwB(39;_^0RL3&?<`7(*LuFj
z`vEYszbAmwq?~^sgeJsQ(biv390fl{P+AjwB*)lzo*;kwBQ>q&hmfwt3*ZkE<^}La
z2=f9Mdm2+MUI5=pm>0mzvvCgvk=(5&<xvD7?Js_W8QbZ8e{nu))bB5@%EiWF%)gH9
zY`ps;X?Yib`P3KMF2)6@35Il-Es+$CkuV-aG8BuXw2VZ~h-4@h$s!`slmfdSLjl~g
zK&S5?P;%Y3vkGGo7ED7&Va9{SveUR)c`l$rX6@5Za7LdxKZXYi-E+AWIA`F&hk?$z
zPXN<nic0)#K<8of%0mcF%JIN~-ywb=QyR$D#)_FDo=rbO1h#(E2Q?Koe#l}@x{N_D
z-W$a`QFuMJh{@aJw}UsNa8krd?6|LgqL^0cBY9UNyL@S&!0ZZsb{IcnI9}{7_Uv^Z
zW_G>BUS`Ks#ojQxJhJOScG#;>?3U~b2;m)C%`T7ZWS4ZAJE3%p^FyQeUyK~bj-zH{
zvzo6|C(T#vi}O?}UJwER!CDi906?&&1R($rtaL#L0ME|)v1I!gJiDcXiFGK8^K$08
z&IE1;AZZ&M)Qe5ZA{G*}pdAxmkxWcFCg$B=0pnW2X4LFUV9V0v@>cx}%in7@p@W_7
z>{Yj6Wu>0OLocpc)=GAEhlTZyNKC=|gPd>76?KCd-tNX6X(L?O12P__PEDiVSa-5f
zWFtPotaqF4Ya!!~6^Ow!JUp+*eH9CP8|1{A#!kW?SNPS0Z)Z86MaGL31wg?_<Xi<3
zbe5I?l8$9&nzkrm13BndxSq7KLwkmx;oOS3us!o0Z_muNzEE?wUARr#{UBse(`6=%
z<lS~Z5RWXQ42@S(+I8l_)*T=SU7g7ES;)k{L?ra_I_lsPB)8l*5SFBt`{#r|sd&75
zVz=&8_*%lBQusQ;pH}$og#S|E8wlT}@E*dSQ5c`QwObH`dA*zPUn%@v!k<(4X2PFW
z`2B?c8ZgUt4Fc3XW!0T~tQH==B;vCQDf-yeR^^$M{oZBpquz(;OrL_y>_iKbSWvN0
zQqckc!IB9=0A#`9IoN2VHBUfF%q&=1p%nnjPQ1&G8-d&^GNY8#g!7?*1p!eGqo|lR
z?nIG0^(5Q{0D{UAgaANLV}cL>`SY&%6AJUEHrupB6f>c6g@ph>h=%Ed1b~fj9Cx2-
z7-!Ii<sh42MS#k;XODw}cRq?TsZ~<33nvb+-RtS|wHhkVOxc-*6FsFdY(65vO6icO
za#}s_ajU21rMn@Z-Oa1PO!>1q>R61s4j8;!d%9MTxRsvTvU$5{WXoF)vzPHKdXoq9
zD2Q${8NYvSFsED0usH@>%xv{1T8Z4x%gVIfYmiUby%U2K&7XByUv0Z@1%3c~73<5{
zC5>n$7cq>)dseuSIOu}#V(&v*(`#>lLhadO*eCvi4A6ZEWlnoVPVxq@0!9<?7j(Ld
zd3|}GIz#t_AYahzsjcwK`dRLU#DtM)u%GT0xc0DPD$L;!j2T$rI5rD+Ds8c#rJ{+|
zx7f3Xgp#2z6Ulm1vQLApnxs_7K<{$*Gt7z0zyp2mT_N1Rptsnk%bTmZ0rxAcHBQ5&
z%i`U3cR>TOQ3g$xdgtAivv1;hr@`8@lSyNv(UKqUwu85r;{0g9byN)Re&j<G6T^+5
zH;&#*eZR5lJ31#ejcdCm|E6mYHN}1eZx5&#V;0_M!U7?CmOp?+@RseQ$;U?=)yZma
zbUf9V`u_^}VBUdeKs-7s+=j;%;J<dqBdMappqyoRq}BQYgx2xkG}6CR`VUkx(LyjL
ztA#KXV*E~Z$nR9KTl;LVtn+2~-$T+Be)suM$L>@6&ZWk(<F)U6qjnWsuJ~j){DgBA
zvA#&L;I?>IIi8XCK$m-81+8uaUGC*p^KEU?cn1NLIY|&#143bSPtqS<OJ(EFpWa&T
zCn109Z@>VZ!>0)Ut-^mv_)7|ZhVYja{wu<FEBrTvzoPIL2>+eJe@FQ575+TodlbH#
z@YfXn65+1`hHq?q0s;C+${{{d03axgAOwIqD3Pjz-H>RCC?=+WLMs3elu{4^06{SX
zApj7RR}caK!NLea0OUsr+Z?(tbdv=US^<!lB^HDL>d#Sp<1F##F!OK}!qU`_)Z$4i
z$Kio6FT8%h55r?K?*cRDKe$+kSH6o2Oe{rnHsB-0sk7YmO}4z(Aj5anj_v@?)D~fP
zH!M0YN95t)G4ZT*4B73us=x7j`~mF#^<N~w03NP6tFF1|yI^W^94{zPf#?c!`*tUH
z8gAsKPi3n5f}#((cjA!)-ZbDF)WSz%2x$!c)nLKao!-J5!})qov7qjdoC|X{rZ3%d
zS7gR<R4=Wr&SSeA+FV^2Q{(kgM)s0xMZ~jZ1)(R2whs?r`on4*x3TAW2>nNoZ29!7
zn_hw*8Iy=^xEB9?`YR3RJ;4^|YFBkbmwkZDDI7fL$+OxW)N@{^!gz9oHx#%B5s$L@
zKBqjFUWo>&b4-1jUcT-wE`gLPD{pqYkpc(J46Q79LiQW*+PS>E*IUbG-GkVA$vX|O
z>0L$4Qp7hlLeQPo4hNRy-Uc{d+FQtY?_&I$5kG!##^Xz28kop<cZV@k8IRlRG-gfh
zB>UbReZsLw<$M#IYNy!vo>l_0&c3&p#5nf7H0oHYeTZl`ZUs+yhW#Sw^K9xv%ruYP
zu41GGE8}7on;$QE{|q557sr6-b-fCY=J2>R=v#}nj3nfgLbX+0TQTvBU~;YcRZhNm
z)PipL|2uiM#Ie;|kT+Tcp6hNyBa>tQ{Fms5r;aqG$CI%Fw&_ji<XO%<64TJbIZf$F
z8~?zkYT={M?zzLvs4q$oezlDd3(CWjTu_$78u&0s=ctB(O_s8T%eh<~a$+a}IWMN1
zUr8{@^DLChz{EdmMBW_6xr(SQ{^6`LS*xRW{1$ZJNbwo^b{Gov!xNpH`_WTt|F;_H
zH%9q>pIx|=l63jGa>08C^OfF2>qZV@3Fn1={<6=2IpTd2ER2!;q#13gM#nyTSTOi;
zeh3<34ozZYJ^w{$JDVVn-vO^Z5@E<ouChkY(OF^5zav}U({am)5O+JAclTs-?Waj7
zf=~L6hrweeD>FvU8U-%JaOVL&3BTH_z(x+Bpf0qVuf4{{$pNgQ5I^D~KVnA{vbewI
zI=T!DYNrM%&LK_)%NlV=5U~iw5jFWK7I}}-R-z*4Gv_Di8It3Tbx&g(clcN$@k&_Y
zXkOIRF^6bLm!M?uQig*c8gcm74QLWLtg{;h!1Qq&O^b(dnsv*PF|6f0#9Et={^!o<
zpAk(5NyjQ<wG__*GR~o`U4Lob##-+L{4EZ-?X}A@`HX4rw(Q;KZ7ta2zs~T?oB3J&
zymMB+Aewv5E8w4w^Y6#$qu{NqnHzYQ>7(~Y`wq)~$MdD7$j_H{k7e(9zO?VO>~|(<
zX_cE%w#ueP5zaAhUSF@<W@)d!;ZrWuhHS4e6}&=`@$qshFw{NyGrO|ceGFCv-&@5^
z^mR~BA5z1t6r9G3W1gyAFocZ-R>^q<C~$ecwDK|k`FbLaY@ILE`lA$<JsqWaMABGt
z2BXybKJ(f0-^eFQ^ZfI9=YJ!gC{2*hI_T|O+F7DJOHKR6?oboiOV2ArflBoPgnd>1
z5NZ({Oz`n_d7uduK0iL+&&20TT-U=C=|%`OIA+zeXkVy!yo{|QS+iu7fO2M0`Bpq#
zO4G$=UT8w(6vNo_FqwVk_B*!5WNuui8-mW*HcLD^7fqec1?Glh5@4NAmSi7JlIDiz
zL9?d=jm2}oLqAZ<;><l*uyqr5?fsr@-wxlqw)6>=S+YwO#E|o2L_u&^0o@kJY+ZL3
zJYs&obX$e4`J8m;2^|&$o`WAoE6DeLIPQJro8ftF#`&a6IVNVcd0WbZCsLUb)oST`
zq*5Z99Ll6=E=Z)I%+H<X!bBR%|J-RVN~B>~_L1fW%bZzWTDjPiGoZX8{Fo)6K5vt8
zv9y`A?1yBTvFEca#a&*qZW=>r>Ad{%mr#B!wQb!bK1kDHWTok_K!PE-b#s`Gh=LhU
zcXKQq^(FaHRY>=~FrDfyp6-2qx+9@)jOmarqbsLl7Tyi?+al`b`b$+>sa+bMG)%2G
zKO|!;&L<k+bqRUl$V@hKp7<<#kE%G=ZZD4~!d}-54v#Jru_>yEb7-Pdr;%pz$5~N~
zo;sbu(YwXWUOv1j;mGMCHdIR93i4bebQ)ZG%S`?dZ}u>MmSt;DmZ#Xhr7Qx0zmz4k
z{O2f34ZNPa{>py+p>AXK@Z9wmrTeedUzASk&*qtCJaZHE2X|URcYA3eBU<dP<+JD+
zq3!(cn=)`Mh0@9=v-13#X|}hgp<-fb_Pj4jGiu6Vs7RYOHX!X~NNWiyk2*A0_j|)=
z3Eqov(Uo;#r||l|sfKQsGI;z3<P3g(Gw0Z54|u(ta#%7U&f@^*B4*<S?=*6f)@0)K
zm)kH$x8ypsY4z~zW(yCaO!skMQ%({7#B@Idm?N}<lniH00)fK|be=ugoz)CVtIX_}
z3^n8vos-}7*$D6Qj3zT3;YRu37v#@$O2`JMf4+;w{QIz&mW$nmIH=%gtK<%FPB@55
zeYI7oyVwMY!N>}$GG5u@mJsOgvMMV>80U~WWngzqLF;3UA%Ht)_mz$53?p9rik|QN
z3hK-mq$_ps$xl5LZ~K-@ZFdBOo3UTqT@*4$<t=7%>>}Vs2GhC_w+qhm!xw0H+j%ku
z=5%&!#96`{wwQBQz3zpVxj5#?U3j`?@L3k}9|ct&r{@pmaUfPW$IIo6^eHG57S1Zd
ztx@F-!KMEF0N!N|wH~}&@DdWtcG0imsP8_1{SwoN13?-rTRz%x*;3}HCeE?M1O+Pq
zhB4Au=I68AzpvmO`)?1z-Nlq53Se^`C3BDFKofWDt3$bGzmCNh)2f2m2DdgJRiBR<
zpO2a#3RBBtz*`m!#<r^jIBqS!i&;3MQ17m907BKmf0@Qo+^>K>EI7{E06(dL7a89S
z26YTV#BR}kCLi|Cc}f`vgZ@g^1^lh_{7BYkXUxoQ2Q`(yIZX1n-B?X|B%c(|cQrge
z9nyC(J4yEr2h*!Oyv1}O!>k_HGnwcMg<kAk+O#jBnNh<}CVLn!2|9lUxy=$pbElZ~
zq$1oy;(=FF@y9xc0+%2aL_n$mAr<-cyb$y?MLC@mM?O1;fx+xIp~;P7D=HUk-$hW`
zOWJq>Q-mF$O^sXS?PC_skA&~rlD8`T=lgJB4HoT;UVQF-A*PoZxz)_xRCjMGJJX+9
zb0K2wR2q)7-`ZV8a%0Q(>3qhXF8u%4Kb0P`mHwG-T#k4L77McVC7m^!MK9Jp{&Tzf
z8&=}xe8vX~y{XcX>ya{3>EC8=ML(4>UWi)bUnPGX+!aPc-jCt8`Dwd<m-~?SJ^7g5
zu-A78@gv@Hxi9jLmiuDwEV(c7T5=!t-X(W@a9tAa`T=YV%zv52r;EN1c$Sxv{55Ka
zVAr=G$|EDABjp%kXk<~Pe>9F69$8$eR;qE-$jC^gztTSxOSfng7?8zri-D`|LLuc6
zk6AKWscMV?J;Y<e2)qDdRE<<Jwvt0SiP30ydp~jDqh3R$;?Hcn1MaH@&xfs40>a}3
zAbecPtn^>U;c5%6C}mcUG!5fAjxk#BL_wI&rv;A?Y-p_RgglxGz8EZaY5-msffs84
z{uhm#d(gfCIb^;*WH!-tr8c(E0b`>X`deJlsiw*^rJFI6!-_g_cIjrF%K34VkC;+P
zW)poxYH#yRBiN*cZX=aM|2fg<INH!}CK_Ex8~QCoqYp}%r53tA-q8Q@hK>&hdJHWu
zw9v1mGA(qoM5CMJ4Z{KTS*8){xGCywQWveP2{J*<KE`lf!lLvh_2Ux|G5dH#AXU+%
z&U^wQX5kfm4y6`WE}1_T)l%kY3p-~~8z-S|RmX7S##Qj2&|;q{lGsBVeLYq&1TZEa
zW$$5%3>ijA?@<|@d;&WvfoIlP;${0}Wnl6NWmDy%X8C5*EG_S8tpic6wU&8Hc)f%V
z$2I7)T0vbmX+Nnw`BZsZp|%M-3DEbXRxZO~nv6i^dwd9YnwE1i%Ay}|vheI$h~iP>
zRYgL%8uz|TznKAZpY`gS{CFD&(d&B1GTg6b|7i_vydiI<aK)Hwa)F(h>P}m`)2ZFT
zD?DZRBFo?^@GC*Tuwa#M;Ou6}Kzd}r&W-1*Zz0R{@PKWl%F{y|%hL;CuWP;nY_8ja
zu@ZGd55GLM95bHu%1k!5{uadY5b%{SdtbY6V@q3pQZaSO^d)E3&dt`xvzZC(P)kOa
z5vjOJ)lWfGZ36FG=2zhXI>{>s#G`O7g&>#3kSIX5kQ?uggs&~g=BBcXr64t1OD8QY
zb=09auvzt%rXA^ehgyJIb2A4+c3y-^!d_Ep=uO&i4BZqPcHa(?%7T2&FZC>r_(|Ej
zML{?K0?ViN@XB9+2d!urxo=!Fy=Z!5dRolNpQEN^OwaWl4Dh&mIJ3xkDYJ&B@S*g`
z%!uG%@k_vt#gFGTERj;W^yE)Lz}9J%XPg&DMF2MmqTsB5X7pV3k6K5MvY%SV057O@
zJoKbg&Y8#&rZEH47=NsGMYfLb-%Jdc?a>4D#jzxKUOPN9B*mz$m#SZ6R<LO^<S7JN
zPHbtZEJ#LG3NuSoLH`vyIFNR5y@ghmh3ICpfNNUjf>5CZrdzzJt)z^Rz*dxAX}ESG
zR9G(&-KKbMoZ8er=<Y-Fl^o}B7(M?!FkwIPTs%m*FD}X>9j@uaCBP%tH^|^}3%^+B
zgQ7BBr}$JTGo5awKQ*&@7FwVqh8q(cW@=m2Gk2C=srM<CMvq<q0*rK(C-<>mpga|U
zoM)!R@AIIU&bj-PJ{jbuJ>xl?{Fy^)BxaSPjM+yZzu2Vd%)m0sW|N)CbR|C>2#{Mj
zy8krh66t`XZqvrG;QA`IRn<Xr4cM7Y_6kEAr>$76BxB0cR;ZXJW)FUv=@hV<99Bdw
z7T=U&^98?{f2+M1WbA=J#v2-Uf0q)@rr~r_yQRF-^v<zl>b)%IdX&8_f|*sHtzhOb
zet`})hE{J<QAS}dO&KRNIZT-0`-2tqQ}l%BHgDLzX#4E5g!gQp-gxPBUVG8e$p`G=
z^O2JB`6}785=XENZCc5vVWK3niFpy+1D;W_-qO+!p+7H{u!V>st-TM`7*{SboZdaU
zt!iL=y`?>(JnheZwjy6`#8hrJKo=;QjZF|(NTg?~T_)Pf?Cvphfx<Lq_8Fwh?ctNo
zI=+2mL#MetGX)dxH2TgJ&Rq0}q-s*4gCL1Lo6#hAV&*4-&tr*>o`9QCbJVQp<}uE=
zAuuax?^q)iyTbP+sqP{Y(+W^)H=qPu>|ZkZc&&&5K#0aO5umHPkaF_jPAQ~>lMkEO
z%+UF(tTMiXcwegrOap&*CsInkqwTwY>NH=8?SAR`x9r5w4Rub(F*<qbbMXy)L*NS7
z@O4@nV1&_(dItK(*Cu2iU486xWwAe>MW<AARNB(&%5$+w7V;j`*$C6}$Ej(Y1)jRZ
zc?mJ8i+sRrVkr(UtT?9uJ@y}H%4}DqmDa)<nib(hd$XJ^Os+T`sW)v9xqo1C^>@#p
z{G4ZqPv?QzIS?$GS)B_YGzbpv%d7D6$yTzH;CNaeNlReujbP$uqtVmB^g!kXA{o{c
zR1oYp6sM4xtodm&Gdh3B_^F(8Bp-^}+<?{~kNDz_M5jbm5EwH@pTlNRYEQH7c%ZRY
z$r^d4t37T!YmM;9?$8+T<+0&0&n%U<rN^yOt*bokJARB>olT-B`j>x25$Uh#UpS*G
zt;W7wHiDrke0OtN1eO_%jO9!j=a~vSryv%|Wbih<WLlgXX9dF&z;e{8d?sJBQ;VjT
z7xJl*X?s<lwQvH@X)ua77inv5#-3Vcmgk8m-O}u%VC9@mx)aTzc{H(+Xc?VVIQ}e8
z!>2i?QgHPJ>X(I)PLk4ixGg5B?L2Kf34L?EWHxm!%F3P5%AD!RjW1Sk9Ak6FjHAe$
zx%RBV*vH5%oXX|OGd*i)a7w7rdY$$w^C5|)l?Sne(Up-?Fr>n2s~<hn5;)FpMvW+F
z4oo-W+dgN_dDa9c%(CF(k6&P!f`V5h{YuyYo-YVIa|!0vcy>Adbq!1Uh4a%3YQO1W
z_GCVd3A<SK5wz?s_%?>LWe4S;`lfU4zoT;Us2v9FX>B7C7@j-@Xw?$?SHJU;c{U=-
z!f+9;vML@U4EwqB%qG^;Q(H8NFqIlui2+q8-MRs+JNf<V<LGI2(*AvapwtJ(eS)GA
zj^PHRQu&7`U%g++hJvoPO)}PtmdLLw<WF4(s=`x>6uR>m+0F5glA#W_*RiRTy0T|<
z_^P#`X159kh9&gW&_oZvqJ2K}t}7VLCBP0JeH9EC((6!$76+@Bm>K6~pe-Pdb)-n&
znF)c}<dVyg-x8}P$?(y46IROdjOL=8F(Q);_E&%Z%UTNM>duN}*>zj#TodxGdA}Aw
zl|e0p&Yl4f|H<sKb~skf=d(-b96A)$CuGd5J^Md9b_yGS-cP46We#C~YtSjkxbkWX
zdj$W>cK@6Iuh_j`qp~Uon6}#*Wi<^+1>5zj%_dju)KFJmqH65eMo!sZ8(Fk!T%*eq
zOZ>JmwMdz1t}|6WUR#~<GuB*(k3Nnq%Wo=_<4CM{h1~-yc6xZGJ1{`BI?9e4Nr&4T
zACcvm&>k2Znh8oybLH37rH$pXtNvg0MktU93wa3S)@_tQjINhz)dYps)|FY?>TJ;$
zsYN%r(po<&*<Q*se#f9K28Un<<D^7uK~B_k(2~^ubKJEqr_9SL*M1VM`RUVWZz{yH
z{R$B*3h!%N*46}NPJ>Yxzl(u!2iKm_0kAUBXH#`p0P_7ZJ6GSGqyNU@o_eSV&2JDk
zxu`vWK`i@?0rb}-lBWWAl~#QXW@^*W+yMG(dNKxgb9X&+Gn)>slbBAOpD+4D;nhe-
z{b8LGLklLs8OPJRi}?*#iY*5i@GRywY>sfd{S0<*I4MG6F|<2~KySSPV@e}4G%XWQ
zpB^Lyp9DiVkZ<6c>OLcH-CyKe_7gdE#lCn>y=<Q`N9;4^fPKbf@&3cn6|?}Uh+;M~
zGt*PdN?@jd{V}U+cv+9G3twcwi_$BP@;U9JqBuOTikU6`fMI!mS24XB%WD|Lt((D!
zrif}}g{`viuCjuB<ux^$9xXW+p+6s+K&aB^TtFBK;yjV{#yM^&Zw<DNMdL^<oU#`8
z<5_BHWu~0(O<mZZ>P?p?5AMZRE>|6x9-XT6rtn(aFs^;8@TvL9J_J|gd$AED-D?kF
zC&e>kmf1QEtW3Mr4SB$;RpcG3OT2UN)}r~Mf%1k1N~<+{(@UmX!-PP{yAX143qpM|
z)Z*X{A;u2Fnuj;FI2`mD4Q-U?+%4&-mA5{Al7W@-P=pMt%Dw5u(~`$w%7eENpNA}#
z=xWT!#ug`!$b<w#n_9A_HLSsntwR}?YH{*p_S!9ux6Jf?tzO<O=i*S;wtNEz&qRvW
z^3wL@`PMN|k=?>Wwv?}WYp8WR)mD=AQrz<7(WDMh83>Cu6)~QwjNyZ$SGF>UwU#$e
zM8eYc!BWXZCEBeMlusWSIEcfH2Pj+jLY{`Y=bzbR;>y?rUbPeG$_WgU303#PHBGQ8
zan`e_Vz4DT8*GU#2UW*GD$F@6|H*Yy%eWhS)t-Dqf`#<ZLbB=7WGb!pk$8f4EgrrJ
z0#EY@PxM<&Dh1n2%kJ+XG<+15o0>R3P;(;vpZE!2T58a5AGQI5llgHP>rSaUMDbN7
zX0B?tn$&ixl#W!7#~R!b9v_RZhMSLkc0O&-6jJchv{ipcA)1T0c3Y=)e%$kz1C@Q6
z#1sRIWSe2Ko#ss0eGRu+xA6MUG55$`qR$2G;hEJpb7Kqlvwi{wgKdVz)W|BRVx_33
zc@(R0snuMEI~FIJGBt!ALKB-BOpTzvXYm*%HL_Ry58a2Zj`;W`KK_qb^k{JoXEtfp
zSg~)3dHXf8fjiUi(i}a^=*-Br>CtWIN@+M{%#0AXrF?#Oc6hZp+?~lT-nKPZwMl0x
z)vbk0rGo#>Gg!>=+mxAc&S1Ndo)q7c(^|$BluH$_VVQGb8<*hr(G2BLNgbzeae2xw
z+rfB$pVDJgu38yN*{fp8h!r}ftsy0@&(n<01jT0uFkVWny+3T<(w5h=D_z)=XgF+a
z^5zPr0(`J*@Li1(eznDB%GnHIduj^+ohMKh&^AK3p@~#(c&cCuWAQ(^dMY<GRrJf2
z3Cor%Po0)3Pi0N#ETpXA)w)tiR(?{$QxzU?2X{laQcRa_#v6t5u^DyKlfO);D;Kha
zy`W{O59AiB=T$GFd9V=wDb>L@di_0FmYnl|V&kjny4ztRL<-<dgd2Ec*lwL8;F}0u
zOi&MWsy>AAzoy$tY+C!E^8{{f<1N*~ek8i}vv|Wfrmp}GX*U^T7xH}#+f6;k<)Di|
z@qV*O!V#RfFTkP|D->8fg@G8Qu-sRIL%^`qI+uJ)tu4IaS$w{A0U*0|KEqAsU9VVB
zRI-o2o(ATYk-h@Yyz|D#dJM{gdR&hN+oMLsfhZZHy)YX{K<4}`5I%tpXc7@DWidTd
z14tCW@(c%~|ChZl0h6n!_P=v)_r1MM&)n&m?wQHb0W#q_-95=n6eb~%fGmo#iZ~O5
zganX9x!9ecX6!M5prU}`#f6A@8h4%>?knK(T+pXHa06l772Nly;`0Cf&Z&F5X9=S6
zp8xNCZ@zE()?TMhovJ!@>eMMVgX+G=WYEe>@eln+>%;iJKLHIdX#SrBUH{)A^42VF
zN`w4fh5zvx`~V-xVz*s6+V-?rDQP4)n<gg_j5ID0X@zw1!U<hQ(@g>n#brSNZ3xwg
zX`Z(h5}wXOX()wtnh7(-)qis~wR8eA!`O?xC7W<MQQFi5Q-o8%tpYkA<$@+kyU^>i
zUXB0p1HjaI16#8x?BY_$<+&&cUKg9Xl63R<pTUtSJrz>s3v+uYZBZd(zFF9~N&6W;
z>jYN;PV_Q67rN8C{WSh@`?Ba~@#BQs5gpZMFV+fPP30*AgFT>OFKQ1frzOy-e+*hs
zI=B9*+kRva`aj(}<z-`6d*?+8fSWv(b&Z^XC)Z6QfAB~*(l(VePe-Q|hjNsL(OJve
zQzQ^d)e}o99sP>>Joc2(SbSs%)?G{e6Am#Bt<{i0a9q(~#lskPzPt9r$US!$pz9y@
z(EYn>eq`E@k*~PU;H+>IgC1WOUsxRzUIG&%=T|?es{Cnp0_rv{#yCQ_h`4Z5{Lk)k
zp=#ktANt<f3mz1)U(|gaOSJD!MezUpj8o2!T}>ie58ecG_EQKfrjhcJRT+2DR&n9P
zIVSJ}9`gu~V%dnY#tE%%0^IE+$qdstzfk{QnYUeC+Za$8#HD$z+4T6i;$A<8H9P0$
z+_4{d<vixUavl?4u{nWwdr)!vS`zX<V>VYXr;j8o_7p+ld=6<eoxZmlv;E$9{*-uZ
zgV+h>%+`sqk5&%+YXubdYO&Cd`;t9HrlGh5LBbmdiZsxk5*}iT+<_B5A2T^$nQ^=A
zMEOsvyRg3^HluESBxdKR0~SdKXq(WrZ1%h^U-u%c#s>J^naVT&=X=T>d$D4uxVw*x
zjxbSzvf^%UdINxVcW;^)fKJ_RG-7|T{S&(jU4B=&dnF7!w$@_ph6Q@x@7g>5ZOTl#
z$~_|<e)E%+jwLVyN53<GoprX5|EHkC@0=KWVOtygykf!c1R4r?JgBG5^E)xrl&o>`
zM!L<whFyMQUKg**5-+Qt20M2vx6C0or+&dBJ*%*?5iE^n5<#t#=o&L;bb|RJlK1*~
zs=(!IKd}8y8Ia?rQ4XyA-nZ8<Ox@<|n{SW#7X0pFIlb5Si;FSfr0qKHL_bibw33<A
zOvT;4@Avo+p6V#PG8%;o3_*;{M`RQ#GuI79&M!iFl@<Fvv8zzrt!$lP=l+o@r6zE@
z;iYKSP`6#e&LQG`Whrg#86Gj#UY1bK_2lu#{a>T=bTR!$*bZfLlua3VL^vsEoe;p%
zBh#nlM~Hte|M`)D=d5TmiD4}p&fX@;3|mXcWRli0d?|~g1}CG7k@9A8))tXQgat|5
zS;K?@@_N?OA@{nBd8gK6OJz28d|Q~iKOPN`F{O46{VC{v>E?eFyDT2DV2Mj5$`7t~
zK!4b*G02^4@&lg;KCx%x*X&P&Xn(3(V1+m3ibM^%=G>^JRj4T~fh>u#B`>;)i*p1Q
zdpLz^!|Ty*>a!3u!$DJes^0&P;B~wvk!z=9r=A$TrR)o{HFU?N5X}UK;)c}D4QNBT
zV1ln2h=R%0KvAmLd@kGQ+}V6Szll4WSMr-|Ud0dO?k|vUviU;!y3H5y+uNMRhw|FA
zbpdwYm!qGHdV@EakiCBaU+%MU_9L5r$O5?eFTmhG@kd6=F}r_9cmE!C{~F|b-2J03
z2wEZIXJq%!Ei^=P)_cHjya)oP2eA`=D*}fg0XQ{fSsiK1dIJ8(cj3nzlC1wSGr8r=
z`p?7Rq(u@y5ddL<GQEfb5-JMt4djt509yeO2H?O%JKmlW6io?&rUXAzf}JVB%@i?%
zN%Ps5Lc5(u3=2uvoK2QSAOHt@A)Ph;9k3l>NC{1ICw|~2G}0$<6Q<_#7+%uOonoR)
z<vF;C4UvdbIqn}r1eC8rm5Six2p1X>vZL~OSFVsWauFz)Q!s)})ly#CPPk*2+f#%o
zJ$*iYl_ASw7e+eb^$oHlNZks+Ud(uQ=Tgw1G9IvL&C8Gniyo<C{Hs{>afNJCb%mWO
zcWr83&bYR;P5S#a?Y~Ld4V!TJBc+J*2B45DAfVg{LE8A0l4{u|*!na0ZjiCSE{YW<
z>aT9&cbrEEllBzh{^xfQ-s}V%tv+gsSJ+{*KL&0|{}J7h@*}z<{VUxK{BNPVhajvg
z&|2(Jg$TL(PnG`~VO1$Qh{@>7|EtM}*l8mp@y;TnMS?kMTQhF5kgjBX2xG|;OwclF
zaqQ>gSh+Bful*zEaI6-LTV2y7f`Y7vv4kM^Eu8qx6dui7-Oj^bh5qiEYmd}4>!_%T
zCNv5_1NktYGU!5j*NreUi<L6M9GE32XXqftnYhe-GNRYMmrI7O_2aMq9d@n%hgPhF
zvoLE<ab3C7pfp0(v;K>My(ObPSji|J#Ek%$G)V&M$$x~Zl!}!KM;<9c!B&OSQ3(zE
zhd7;RnBYkMkt^!Yk62MS_~Lo-NjUwv0y9HCr3|MFhj5%;-V>Iykbpy&&LkYdb;7I+
zoLhmUu^b$nQT)_og>DAIjgHlM%h_GX2(OaZjdua6ko!$y#z~+Oo<;jKu~Kj&ZYL?+
z4yDIncOYOd_u|=sgrC`zN#dG%4qJ<XjfE~qiFOZl*4Fw^o$4|?5A&!G6a_G3bf;K2
zbbq?Qm4G0j9bQO}e+m5VesiX=Qmr{0TyYvqP^ad^6Yu1;(v<q-{6v~87OP96roXvC
zUDBZJrc53!f|Zq4i@+G{r#S-DFEEJ<P=9Nc>9H@)ZwD%y)ef9~<$xR<gLSTlRd6g9
zkZR$jhLoS5ERLSkFOJdUW+OK8<%#C}t{Wr2qCN6Ov3{<9vXC49C`yl`B1fuUtrI~X
z0<&-)zj>4V+BRVFNUjSTo{%Vx{mgg)BA$#$kDiAg)L>v<$;RX-M-Ptc5MqdY5mcZF
zkkZ#HE8>XAkxCnw(gG8H^W2(6IC%_Sw2%s_afSsefMg!>wOsA)aVi-`Y1tGdQ9oy@
z@pDoSKY2*^$E!%5CNp%ftNn*7RBfb~X(yfW+rV1qQ}vh`GGiD!Kp-SJu+`6v;hdlX
zsvX#h5RbLMTsu1*v#_5V*doIQJ35{)L$;Zetz8~Zf5_f0pE8>}&JH}<jdpiP;mY<7
zc~Y{!gZ`0#z2&chJ=D3j0j<vc(tV7hg@!S1#sEFoUNrxSZ7mH0>G4M9p9lz$?x#iI
zJO<nO<;=R<{y>6|iTs~I1jXSk3y4rSjY7X6LA%M8=-)xLZ0cx`Q%$wF_M?p_Ni^Zq
z+fjyGqgv8@3!EnOopknwROcw-rJ^bNvGJ6z6NU(etc8KpyK`yxNB)eupNRvn!qTBM
zm4&jUjcvbpmyRW&VL6K1Qo$4oT0vdBMDrc2Q2`s0kAcjtbo7>F*WP$KQcI=Cxq~^4
zo{MXpi8YsZy&NbINoL|fbhC&DD4alSZ<inJ#y<{PiJ&PqHkUdk54b78p;i%?6zhBV
zhf0t2N&Fvyb?aRG{|x_=SmkcV|5_ye0sbGr|2Q2+K?(N75*bJUxzdBhZBykaMLHbX
zH~|X@Ip}lH2A08|+BKAG-UNs!D_A=6D21`ysa;a<IK&)~YWSk&+mLj8HB>cBW0-Yt
z>(UA1B`!zj7INr<h5Qr@xaKOE{wL_QhtnM5cYZ@uBMlNW!7>3`y2XPs>Y3HK0Bu?j
zpfdpw6xTM@AfROtN|xit#&Gukt#GmwrH1`MTkhX-;W7}wUoPI%d@CT<ng{-#iiW1N
zfQLd3>;kd6zrgg<L|c7>|6TPhWpz*#oL$|bN4~m?rSs!z%s3`OM8d6TT`cwDCZ}|7
zOye|&B&s|bUKAP^l}RBanULJ@VhsC?i?gkzv$IQCnrD0w)<9ULr)k&`rDLT<DZ;??
zZ-7Z=H!Viynre?JGba#^-vzmdhAjPiQ1$na9HcNh2|w&XNaXwjG*{02cU8DB(Ur50
ze0_7MPCJ_&TzvTjrh7?(7tEVhuUT*cy7%`{x0jU=N>l*{C1Qf$T6ZJ9ynkK99?Gc}
zwT5cm)Wq&vEc)fDl~}qkQlD0}T15S681v9<jYSzAUdfcf>6;t3vC`a-(quO2O-4%?
z2|5AuikDzeXjYvpxh5y92Lb2vWlfyL6DWEJX1Q}@K(j@Iux%9SvW8o<PWeF$RjyXi
zoX*83R~c3M_I6F*41a3ZYL^xlDi}kY`n+A$1oX5MgQ>|JO)!Z?oN6L9IQAJdo*Isj
z7`5}gI5DEv(W4IqD<yM43adA9Cb@82!?QKW;0+4^i2_UG*$E?Nqv2gnwNFE;$QaKf
z${e-);WL3iJa$vM=Dj$sX_9oz(`5BQ(Rm%}mx=Ahp#lBwWRsO1JnKMk1y_<D3h5-z
z20o2A2a>Rf-Ph5=*wFE%iPNxEru0y>HK9s(kESZ_POiolzu31opDGsj7Qy@$cNaW9
z6$n*wmg6UP*RbC}W^UfQMj!B#*k52b!3P5iUb(A~h?6FE*D`SpKk^gYl_W-S#!>K4
zuJ7$Fp$JeFUJpFLhhl{(ADgL8YPEym)p|NhNP;~~V(jiXSz>o9naP<jt%Fv_Y4+6Z
z0Jc;dDkS%o3h936QZ3goZ0exuCsn0)!)jDA(yWRRLUTcP!H5&kr&vRx>XJOpWm%@5
zG}TZChKTI)6MJK9(hOB{>@%7)wYwYkYM7}AKoWaVU|*;2om)UrpOsJq;W5ShIBYCH
zGf04PcW1_Nc5Ct7azE>Pcp)+6XSq|)``#+Nr&zIluaGZcYnKHI1c5^|zcG4*hu=xq
z4(5i?&#xS*8~{6AL#Rv&hW;3Ksk=u@kR)pWY>E)WD8$c?eJSdUd_Ds`3MjX{2D~J$
z82t$v;Dk2K@S#FxFTN3`^Ao3~tLJJPK}=8(`3&3TC+{@QlJDKQ7xEo6g!Xl|^7<T;
z^z(%oDHSR!lTc!gvgUEp6@~jr2!jS>^IUO3m40R~TMe8XK0_(3l%$A2CF$fCR9~e2
zWw&9b*;~0F4@vp%d}8H@2^YUwB1x1t(*}vDwx2QFgQj=yt>BWkl#+K%{>k0t?uqh-
ziB{@lD}6pOxf_Jc-XJY!*;s8URQpXqR6K6A1!622JwW;lGL|GCMi?YEe)4R}ouCd4
zYWI_yYCkq%B`I_Z#9OIKkv0$nqlIi+I8vrInXcHq`s)z8O=i}99(amg^-LXc17rwz
zGzWGIR`VLsgQ9<sqYZq~U9iiA;02g?@RW{HC(Q7c3*|y@Z!(d`Ji<_W>Qnd)u86pv
zd_Gx!f3#{<2Hf(4BgsT@cdZNI-l4G;Wkz-Ib7BJnbmiO2mSJBrr@CZOt&UCKhB~G{
zh9C3+1c?h&T|)$_c@#OXd_G-2DXOc|>z4mG(uJUxMM331q5Ad;lTM;I{c+au3D)7|
zlMB~@#-Wbm6sXblQC)XM1y_dA-qk+p>Kt!1wFSZYwon*g9=_P7DwR`Qv={Z?f~xl=
zi_^FAYxa#vi^uS4(}~!wJt4XqA-H!`Ka@Q{^O2m)n;gpafVxSxcDYME97S;|PD0vs
zu=Bk#XSbE4_8(cMTih#Ve4MeL!DgYEki8--UBljOxf|yFa|~rIsp4KPuF&NFna(D-
zPr(X{xbldrNf_LO3xP8GmAfTS*C)rK#E*Z=ENqem*r7X?##$J}OL?;izAV<lAezc$
z6P$`ulTzZ~v*TdWPI;+GeM%h6K97Tc7MD#b7#^%&hVB}ESM<7C^Ct*}7~rS;B%43u
z2U;FKmv6EOX)PCA>i*zPiTo|&ye*d=hwiv2uJe8*EUz=ce~IgS0KsZ|<<D@5GM(6q
zEO#|tg2A=(hm4m*e}Su5UK&OG2;Sal3#<hO=Mqi)V}uP~ZtK+6J)J<Lxa}odCw2{s
z-`*v1kt{&GisNsJ1~bu5w39i-red8CH`@!jin!Tm^tia$U@nSTzT^m@#wz%6f8y2g
z`;A?rKLpb^ieP7IHGX%~_F(bV>LJ50{zjllQ-F;qxbBb-n^Ld<CqGERhlmrS;2GeO
zw}GLG&Nv^};CNM<rVv-16;<74TMR3!@21C65LKq30-2V4*B2=MSVJ%~C^$W_QEeT1
z)kO$jE8&okO63|WVTQL6i>&KUghT_cKX&N7mQ=;nW5fuA>#IMDoDnpW=RYY5DovQc
zeprz-fr++seirg_JeXEo^;$N$^2{jX^?1&CV}vLQmw_#u;Ti;N0KcU`r$$Di7N#zY
zLNA;Y*Yy{|9Gcp8)Z~gptRO&6ZJ#*~P1RnkXGEi*ix)g3U6Al|eK^c3Hep~P;Ru47
z?C4@=<#0C*>tI#z#M1vmVs#Wf3aBNu@1@a-y^fe1O&4#hq?m!^K|Uv)8oRY}{{Hj&
z$^J3O%fMv{w}MLsd%**_N*y3D+A)P?{2L82AnjtWdtkM-pQB!$6ho?x0M|cu9n~jE
zQYPSx&I)Xbro+c$_;HC%msb8fMXfA0sk9sXx;SQm$p)f2A_Qvgdts7PvPXHS#AOgd
zM9IOJCpZH_fQ|jdft8ZR3083?K+9|A#|<@D++`Y`*cFUJeXTTc=Z%U~$$(Mgo<CGb
zVSFN^KyHrW+Mp!d{p$urY_~sHqPFbC2Io4U2B!&1r@=1xbWV4zvoW+^2>LNrjd6pw
zl!J}-lt&{;*H4tToIjK`CT_b%?+3+<*+Kx<gWtiuReAun864bO(DEvI{s8uW-1C)8
zoYC8(HDoF3BOg(Oy|L0JnA|IE?S@UoEg4uN#BKfJs{3)NOy+0Dx>aUp*t%X~7KE?G
zvoPo01r`KOxv?hTpW@V<bP-Im%tLqd#xr~ef|nuAGBNw&4Dm#4V(y7!Xecp;=jCy*
z%iw6;`a~S;A$S<~FBcbsR}krNCX5qp<6ZE_nl{>v2a%wOX&y$TH}krr7?IA?Us87$
z-2p~O2A6!h>6v13=&HfwjJskuQyk9V*rRx%;yP*FW6Dm7sVSy)n%q*Ge6meecT&X6
z>b9p?X_LC68c<XXOsPyj6CKqkaSrL^3VL->{TeL98a_oc3Hn~$Pr+8~Frga|Dn+b3
z2sgc@23A&-u(mXlA%u)r<Os6}!i$G*0<pKHSaTBmc!)qs39$fVhPU9-GYfNQ4pUqu
zDF*9j(&B9|;a{c9zp0Ibdcz(vz@_d(HgaAoilcvXGsU8vwwuUW^F%gV+qX}fA9rT>
z8+N+}hJSz?hb2Uqy!lv(=qh+UVrCYvm>IBxH!zW4EU0LD_QAb&u$~VV$eWwYmP%R9
zF&HZt8CEuH4KQp4pZ0h&GRfGq`BsYj8M^gRPCMP=5^GGieRM~3ix)>gR!p7<A3$+{
zU-C{dhoMde6b*H%n?g*kcS$Rc-3R+IsfGa=?HF36J7H**?xdkpx`l{pPr+S(cxtdw
z$-wqHaLF1Wux`h2>B#U(AjOP}xQOB^+>g+_gb4>xEHG+A58UC8(JGKG!>hQX@*uZt
zZnX^ZSyX?63=k=8-T)EEaHV!NE{{nH_J5MOXZc-s&7(jQ*pJ7FCOHlWzS7C@>d`LN
zuDu!~g56LoNvrT+Odm>>5ToERyjCWlAzOQePpTG!53;}4@}9)|;R-%PFM6Hx*40t}
zw<gf$BGeE~R*UJDPEXW4DH@l#L{L`iN=(u6NzF@y_oGDA)LhEc8jWYDn@hyo9N=e4
ze_6I64+cbCr*0t+om)TB1|#2X;ve|yXp-L#j1dSWty<^eR`t;o`?mlyRVJ9QQF}FP
zBf(ki7zVY_1xr@=ZSS6?u*ip?VLnVRj={!Zn9*Q!PiTI_Y?>!r5zW&b(LCJ|&C{(k
zzY*3M;HjOez_%k#0kNluTWtCG!Luf9WFMCzWKUmF2SlmKGGV+6zcq{qMrj*_{3%In
z3;H$sB%@%ojfmA45i3m*Uj3sO8I@%H6Zq6WE2Bgzmr-&624cf3BhnT#N+iVwRBc8{
zn;)a(zaT=vD2W3nVd)c=A(4FcD3Fj{972+mGT_)lL9h;mJ4jbD6utmg@SpT@9FTwF
zUptL0N3Lib4AK3t$HBo&-5Lig#M?X&AHzD_71evZR{JpO1x-n@rKS|8w9O)62m`+n
zZKHyz0DgV?Q=BB(;A^PSED+H<xzgV79z@I>v|?r%$eJ1L@NOoZVr9|tLifGH9g7v%
zIqS+YhW<gJkVTE~RdI8iVCmw9w+hww6BLc5LSp{FYI+qb7#|7iK9s|A6pe?aFyuFD
z0y9MX3*8!d?FD9OV2!-1&Zt2pT~lLg(I0cGAX7=X5ScQoay#v0N)Yf^m=r8GdnU79
zaTFs(x<Vkt%h}50NC}+6iifWiCPxBD*K3Abt3T+Id3B1%gmDl&GGT}Vv63sIUhxR^
z0ykVY|3qZtPkBK`N4y~23A5VL9r1#6|IN5W3pF31isyp1AkGDU2R_@-7Ik4ea_3`m
z-5g9-;U|a4@u(c4xD1E50@AnOhX4(upxosIKcZ8XKyh7eH!ed+^Jqbd{6f>kfoZaH
z!{;*TdA2TX)Dcl9-hOK`W_o^1IE4rhFv}rG{K`R+$r(P6884h4f!mAIjKWF>aDPcB
ztd*6!62Y%bFg6$ByvlAIgCMmqCabOOz{GK)VkgcG&tYOfEQ_#0OeY||h%w;R=fs5P
zBOCxTm~hRB=B>&Lm~-K%3mGLem^JH|mLN7}Xmy&D4&#vKPMpjHtU-)za}0?mgPq;z
z5iqZf7zVCqCY%o}oYI{b>zSR_omheSBTn5`s;1Kt^{yP22^J5tyZmU<p(#RuAbya5
zW6O>1=PB&w@?Ml4t>t|_eoSq2(lRokP{U;^!@=3A*_&_{$hgT-JDGvr0XRRrHNc8g
z4agLeV=>DSbsVB>F|1|FQ7O#kGjYqrR(r6Mh#M!VR9y(AaLQmy<O>b0US+d-bp};~
zcL-!<cs#EG;9c>UgUw^@;Lix+<C+fM?8D_qgjjGfq(ei{KEAP6z!&CW@W$R>kRvmb
zS~26Sn6bbfxAq=*XU{nqdk-YVqal`a3f!FIp9Vj8PP}0c%Uc=Z2G)q{_kmN8U1k=N
ziIwgkxn(b%N>7ICkSaJFKa^7xp?asb;75@F0`N}C%hR5ewKDION7CUDNIR5EulkS+
ztKsYy$2tskzL<5ESIWbOG<-7=u1CTwo^w19@6l>CY(EVCD<0BNISOoTH%<pw&W499
z=is;;;;&lt1dla5WxNylT16FQUw0tFULrVT<M^~>+I8ev9vq8hTPVe|on}AhS$=<n
zQ@9r?PG|Q=0yY0_{lW7Ns3Xtmk8id50}rGo#;-#vcPV=XTFoP8;TRbmp`BAm8vK_g
zS1-YN@`%1IIqLgKMI<t@mnz4!=Mqjn07IOiIF$X$S0ZuVSuPHzOC#NJnSbs8BLkGA
zHo>CSa4E-AV!m1eA+_mt9C|}fUHctJc<WBX3gIsOb4O}3S)s>)+{p^91$RStv`1b9
zTI9?1JnKnh5=lJR-HS&%!J+0-eIuQYJWQH`M9&+$e<r=cO{}*6Jcx%R6O*8Eh;_gz
zTFVZ!(%fIesy?MTtPZlvxH`I{>V$p<k&FBdYRe>ez~gwk!XuGW4tU(LpMhVM*QHh5
zLG=R>bzz+Yt4k&W&4@PO$D?%exBP~`VqD}oim*hU$F_SgLA7FzX3Qa4fD;}=-|^~e
z-_k_oh-7B1Nu3Cfot61G`Y@>z7GBBV)+2_1IBk!VcEt6v`FPthIDjMV2-q!q0<q=<
z2hxuvjNZNxuyzuz(corB7=2R|T}px{<IQg-!YeA8j0V$SeZR(}S4T;+_3weU8;?V^
zJ8V3+h%VVAbrOij6BumX0&Y^sHzWd=K}f{8i~Uzc|FyQEm`RFwh|+Ave~E;AC$ksn
zaK`30o`+(PBsdZvxZ!0il=DbwcD!?;8ytlccv4=H7$OKZ5ODH*%aC66iz-FH<W9h#
zqEwmnN@I9b1#0WbvG40!m<J;*-@<Hzv66Q1!mYAaEpYMP?y4VfUQ1X<ArD4)d!FKj
z*~&7<n@nA}GFxA=1{hldXm)t13n#KTr%cT&EmvH1hezCn#}i|x+d&U9V9#;_`!mrz
z5g)1z)2s9~#UMj!X*N}0IS8;M0gI-LhzaxKC}@B=(0-|0(%bR7Mw(s*Feg(SnlZ6^
zr;IO`@Q}g)&q)XdJSXErc<43oFv!4DBs?aTFpy^LDJF<~WW1QykqS(lxLMb?nciuh
zf&{4RRD3{QQ}psH{!6iBGaxt(b(PETF<5*XCx{E%Is&+ODRAN7vEtIOvmI+Fo>7Jw
z#cgx}Am(?q6s)wFYL6D;YEcZrq4yYG`9SXQev%({z5%#+yi9yLn|M_WDqh3^sKIi?
zHBX~E*?clS1ea0#GMHZp&)C?8OFNxfw!VfG@-tL`G1bIF8j?=Fr1ulhj$P8H3<{qB
zxL`A3om)S25X=5buDUCYhfIO2%uwm9$x4DH+LPruhmBVX56*5T;JrE~9Shbpt?N;C
zy@|3M;UO~8!ffLKz>}*yEnQwK1(AX1TiumPhficBKSAt@%Hz{TtQ}-BB$Njq_2bYO
zg$i0D{Q?aZIVe&o&!7o$^#ZoH8Ycmm@YgH~_GzNV4RuyCX*Z~$VSOVz(>33%pTIJY
zLpqgzq{1J=J$Pm{Ti;65iBQDxQsFWL2bZAGhV;+(?eYeBI=A^$6yC!3zqR9gBcrBo
zhgnhKgPLc+&wgS!c#VX`3qk(^9Q8ZlQwT4SEU#WM<;2Ftc!e(GgcFSFKvZ$`8OGNS
zXmXYDR5$^L5M3wE=T45wsDF^HVrh8j;*=;950pr`cnd0=M84W>Grg(pL*)N>)C4Xd
z+=$?Nv15>QsCp84uf3puV&IIyjd-bW2)aJd%GrP$?@Y0A0uvnjo9nJ^9bz55L#9~p
zqPF!`gzx4U3C}<wm~5qq!Flkw?M<p1ADfh|9HDPGOOwFJ6H_T|*9mBi21x6|mOrIU
zJP`>zZP<qvc=B2Eh9|KYR~i=J!hjpW^)$HUEo$4US;s$1--PBI4@}7%?*tbi2@cRQ
zm1Cg<GJx3~@4~NyDibNdbKu{lPgrWmwHK_uSL;+i2FuB)8^~pPykHM&C3q?MJs7Rh
zOc`@d{UnaO1AvQ=?TI605Y3H*sT4eu9Gt?0vL=elgg%`O5_uX!gSDV}tXT=Mt;)61
zmiA<@0&$(>Jc_TZlL-rbA?qpES(XDs!Lw4~QS5P)7eLQOcm(+(&+PI!S{5qbu^xl8
zx|VDLE@Z6_e%FEfE13!&lVljI8{*g9<$}@U16t|_zP>s9TMj*8zwWpoItOerwOu~E
zc^1FI*Xxm<l%=zNP$xzJW74{&!?Iom93%(MR2#^+8_7MQ<EM?ZJ_l#~o=Yb@v9)4c
z2{q8A`p+q^-=vIU95%QmJ$TOMdEx2)Eq-G00uius5tZSm2jt#*!kbuMC$D^r1DL+3
zxU$Z`cN}wx<sjZbIn=)ux$!3G7Ji`krD*b#vw`y6mY)cc)sTr}Pi0$MsdUC|FQi(P
z_^H9IY#Me3seY-_dpK3HZ+yd0&#D!sGX^)hRc8>}h>78|oN@+cn4#*Nb;{`x*C{W<
z_JF2<&}V52r|{Ox(P!B8fK7*1V6W}qFnn@XupRwcrNSoe@xcPisvp2&jE~ni@d5#?
zHTqugEF>tn;~z&!N?i!1PNTbP7np&zBy(eN@9808p)B?gv7N5BIkh>xS%`5gTfa44
zPV#u+V2cM-Di4%Tc!OI~{VgvHL#Is~9^AyPYF0h0ay=hMg{6}`l&R6sUHBc4-+uWe
zQl5i0i`kUnEtMozNE{9&SE4=8i6FjeKUN*Bv~^kwuZ}E0Ky5#21UmJJ_SxtyuKG@K
z4tjSedP%6W5h(d%6l=1DQbcIpe~Jjz`%kfdbkD~2Y-A_)hik1!a2+VF71h!tL3iZp
zS2VRDtc7}+4}srTfNmqoUwx>eAOXb4RF~X^l{F@lMQdZOV-}S_?*L~l9I&gQ!_8?e
zu?q_%9Z5WtD2{w$7hYCPZ}t-l6^9|4j)~4m4`M=!iLQS*DwBH1S}1KN)5TIDJQQbg
z7ZlLIUTyZh&3<a3TELiX@!eKEaBqQ{RYct|c(8a2aw_TLZMYV3c7Zrs6j!?+rl?{j
zcnjO>gs%dnku|%LNcsg9pB;8W=lRV@z`5PEz=4}R8O+@w6#V<y_+Upi(WJwJ_JV|H
zG?wY*Fwez=lDrrNV{@?=)n#xqlG%jMp-r++qWoub?Z8#Z`Zr=gAS{#o6rD0XZ-0zF
zn_FK2Lc%;z_5@lNs1Dk^S|JReYK^!(0vk{sMs6MkWxJEfp{Ry4Cv&C{Cy{E)m`pK8
z3OSP117}wq8C?@Nl8Onp4Z-IE<cCD?RwMxbFdM%N1b!j!R{YW-_@x7O^zf_rW%23<
zel-~Qz0u&8sUHr0HKW$o!mj`!FvR#>pgKVlD-`^)#)a^!H7I^rNQ7U_I1j(As$=|0
z$rDX&l3~TJK()$>T?v=4PB>Q(-i-mulaxVMlubaTt#K+iw#@W-L>hP1uSB9q263zg
zGqWQR!$(93lj=t~<Z-~)OL<6$_h!#%FO!+w@P@WhC68k*kMhVuFgKeU?rF<%h^bZr
zhesOMAZ{l?Haz5OQI_&}INX@W<1q}@GV$Ba<IztZ&z@p@`AG9Udl!bRgdAnQTjG$%
znvkt=$k8U`oH*nd6LM}Ga;ynCZ`X~(U!g9z@{^ZEnrlr$(#}T;yoQf_30lfNOIT~r
zMv)t4Diz1w1v?$uCM@nPj*CU%`j250g_{KfGxo(~|Hk37Z1Oxdc^;T`8gcD*o+oMT
zMftBJ&yz!rPUsdx`*K%s9qO;9L=iKw>c>z$u3XAJFgJ1Om04V`(j>JXY9kRqW+wq=
z2U@xhD`ESBbns!(f&{*0aEoWAZYsH>zOfglq`#BahhkWjjp(fO5?r0p+dzf_A_do1
zB6$m#E&$m|S^NHM$R%br^baS)!mU`K5$m6WB|bHr=~rGeX&qzwmGAsk4&~J0O-$ni
z4)ejT!L97e8#S;L2TP#vS?pmxDh1Kszq5}~7HQ?V_};*EqyLNy&QdOR@LB~PP0s2U
z{C3VOpS?0K<(60B?GU_n+ois<Cm|GIKnf}P7<Qe|>v1V0ymR8tQ!B+;fs&r#crytL
zhbR)eW7oPcOfZkqcd}W8aS`T>aeVgxMwO3F<6sdlI>=-pQ_xI*w%!Cecp(H}8IhWJ
zjV$J>9Y#Q^@^{xN3|RfZVaKtpBFtp<*Xof;iS>N>@2-bMph1fu-+J@{?J=|1!>*&N
zPup^cw#A9&yEk#ZBZh{5Y6lH?bng{yRQo5(HOyMFFO^?R!;|GrH`?V9-K6Sv6vqZe
zBzX~wf^bN_fV+V6ygq!PV+ENjLo+?rpNqhJhX|vTu54?aNz-Lb!{|aH_%C!#ab<VC
zwhoFuSKz1db23U@R&WS<O46Vp@k}o3hE)2(GqA4P*5arx4cs^@<wWC2$UHm}{FWX6
zR$}=0W$*GVt5j-W1CiOus)t4HL!3VaFgqcn2$@W!3-TQ}@JP3c;~;y1xAwq{?~3dx
zm#Vrc6+9XFi)Sr5P~|U_Be8w2A`VP>y{0_J3!$o*sp0PG%o0=RccVf((^bgBM4D9^
zPQ~ReJ6OwIYB!Pzv;kjS36<|*{1Ol6puQVXU;Smo9Zb^Vpg^k5s&J{g7T0*$BIyMq
ztz7EXv$zzmzWMP+EOn1tJ~R9wvSKk`hR^We^u@&6NaOt^re}z|ego^3V~~-?hZrtt
z+GM&nGeIQN4VejNLHr7sI4cUEOXD^#L5Nb9oNFF!`ej~h)KU3XM|}d-8kGJpLh1Z|
z>bC~R6rVVLVr{TOg2xVUD#LzTZR-0wiZ}8^&l)^H%SZcIeh4Gmaxx~Bg${iuny4f^
z*gwF&yc}>za>`6`Sgv`QKoN9=2@#PhL<~{slkIsowtHYZzpdV<()ZWe_=UfM!u_`K
zOqPDB>7{2%AM#wFS#Ndc#r6~<&|Djd?I}h%I=aA7NSvTbW5Tlx^pZ!hhQ8r^|M-X|
zqzE&>%FzJRlDsg1{A3}z?Qj#EhA{44h%iu|%7SxN<<PkASg{DOG2p^)0WlnSKjQa1
z(~^)ljT*9<@GdRB<YpAc&SCT9`~!6Ci2a<?WKLwb6dN1_1exqQR4aozM!8R7?I~%5
zqR0%!nFVCTTsIW{CDw|^D*T5;AQBD3Z;X5-z8d!3ZMZj42^|Ed<FIoZs*Wf420Um^
z_!BhzB~NDCFvmM`PWEcHC-@~IDCuNEf!Y<Q8)pkXG+y)Y{7HFhsX=qZ=orIE6n15d
zqUcnhh>DF9{h7LL3L$AGu2ZX#iecJW3Mr2DtHUIV%NTPTTL2plgC#q|HDTx}$l)K@
z$vk^ZaC*gJ_bUY8Bx*Zx0nGC2C`n=t5npQz)2n0yA`s7378`k@;VLmQLZcWNLXn5#
zKF)IvJ#oF#qlE4N16?=1fbLQQ9luVPW*$H%z7}-!#?Xm}>m3W%Z0DMKCF;C(PXw#P
z2&{1?!5h$2RY0C)0O8jOzeHpL5b?DDp*IFZJOT*XFP<+mSLFFhyC;G}k_j9wZsggl
z`FKzf9bu)0ZR_KRq&TQLKd2T59qUwcPI&C2aBlTM54m`WmwVC^4c!i2vjp@%RJ4O*
zQ0Pmh;Mq4+5@n-(L;ZLq5}{yH>L0~Q7d#EP+c$*E701mB4bCTCFSLX2K??>Q_Z$F=
z?mQfTG<UECczLvu2mt&E1fD*qP8lCy;X1{!v{%NT77}Kd;xR0O#my|w)c+k|xWRAG
zy?P#)l@PBjg!2X&DBRlx@7r@cyyC7{J+SxHvC*DlS>ZTJZ9@y@aS2|-;4%JOHH@Fl
zz#EsXR@`dD;TEfgtc9lvmQbSU(G0zDg2UPq&?8miWHu^cU3&t0!u!!?^b+y$d9>nR
zfe*(HP6E<|{A=Cyp8yBTb|S9vHiYg-z*u&03S8BtnBnM%60SZR3E6y2Xa}b=)fvg^
zggV2kt4K@|&ES@}9$=oEux!Z7q#;o`4JpUkY05FH&KDL~brjIxji|>CPR8%G7mVcU
zA4L8^g~9NDTdhNGh}R^+-UA1t*%%w*A=OY*h=kMoXNR*QomEWo{5s)_0XVRT^z;We
zp(ZS3(mo-rv(RtNDMZm1d>1HfK9{~DAjC<AtSdN+d2~Nm11?`fJU5sRt5*|g-9)nS
zOn4j5A(F^U!L~TV&FbDND%{MX_GmVg-<D080%nVt0_xlJ23w?Zjziupf_%oOhQRNE
zCzYitB-6L}R-*BI5MrV+3Y7F35M+v>A_EK7Y8%f7l$m5Tm24ahpke(DSEY#nh>O{B
zw{a*6XdKUaaS|!ri<cbfMMKn^RInn3he)tRO`s|D$nI!(Z@h>;5Aja;SQLvPppM3K
zP+)T>A}~9d;eG*vg7a7rgJjINf^^&;0vzn)xYq%{9z|wmR%GjsIRYD88QNaswJ2dn
zPJ&Vrl+qyK6J)$wRz7bPIL1+&l|R5LaO`8e6VUJ|6dLYajUSl?WxYpQ>vgQREy-m_
zQnP!9MKc2UZe?an7S;tyE_4vaS<>5qY29atodGXA6rroXX?7GhwP(KE6gxMpu?i6&
z-6=sD;2|G^eZ2L0!WBFNt<Jb>zJ&-koPsCogs0+DU8-L%d<A^r4={v5KMmlk@m2)v
zu!9Sks#m|Ik!<~=ahwx!V0z&m{08^os24f?^-)eQyaC}(C=<@8mK(;gZrDWZ^k;j4
z(I<>@XCnUFBY$qFmQSI)yW$*GJGH_IWqMkxUoYH^GD0c);QGNEqM8lNX#?|WsC~q7
z9O=>%GEMN=>fYX<j$-5q>!fkt8Pn$TNxO;WmHgoG3x4?c1;0T851KZ9fhnMQIsCA9
zF~x7`8VH8$p`z3H8hUkK_)E@5M_|>x0+G(<CO?=iWbNFJ?;FrRQ6AWuMr`A;%qS&;
zZdhjcUnrzFitBKua1CzkLc+$Q(eYZ1)=?d7OUBw7)kjAuT+Q-a(u&MGjW>gP2%bd*
z02b=6d<kEeF2G&E?)ry;w`G<c&HE0F{G&WPD<QwcLU<ao;&6j-+x5R7eb8V?upPgc
zIfy^bly5;b;k5`0ui(!M4??Xz7v<~G`MH_S&iaxgtxM866ungANEy0gI4AAbvLQ=+
zJ8}lw@MFV+B|g(uRj<hb@@{aBC?sdP3U2*nC=`lAGUol{a7Tc~Sw~yL7h9djnDKq(
zmDX63sxH<Ctjx!)E{1c>JRB+C#IfTj012r&S@rDX{Cc(0>`Z4)sx(sy)rn>Af!9c^
z^oZ6;hGm+~-vKa@fcu{dF;3qs<J1U_UML9WZ+IorPJe*o!VJ#4(IzuErzFKrqzGTX
zoC91Y^wP+(dgUmvH{ugctiBcg;85U9mjzv{jr3y$#5fdwY=dONZoa5h^;IZX#D=+4
zxCL%I6<$WPOUE699%@{NHZ-r69LyJ92Pj&D8WJ1oh@*##;d*xV2UntJ@Qi9A{0Lmd
zJ;4q5G-@Ev=8KWNa<V<uDkh!_I@6d4zK8~Bt7nyXD@#nmwn6wwE%7xhaU?2nhUeO@
z5DPvRVC_{}0Nz!u`9kY+PwFV*oWsV{$%b%(5E!mPQ(_O>6?<Mv57>Jm-w7`VVp_f{
zX8A6o4>Uk}x)^=@7WVNJn;NbJh)%d0^ctMwqU%iXD1zh3^ti`HZ8ouEh+P8(Je<i(
zA@qkASMWo=+zEGbb~j}5+J!QQ&tT#w;0I5`Zb9mtJkL|1qS&5r9l{4!4~qM6xP!gm
z1ybS7_^l>NowV7cM-m=R0RMx%Qa(C@&<S3j00@f2@OrqzX_T+Xbix~eGo-&JPCs)F
z6+5I$s=aV<JR84uQT=YDg<3mVbU&$K7}39Hs50)+z%F?8!;V2{n+V%C>pYNu<P(7}
z^M`Gp#ed4N*yruxP)ig&s*lKApfOB~b31DhydOX~XoQ_kN|2GqX^dP@BAMqpaur%F
z@{C)N{wDTyU-KnMkIyywxt5<uI($7niRQoXlWgwh2W!hN`MS-Q<C_qq=95*JR}W9Z
zIKpX<2m&)!{idXKNuotSjaPy2voiL)#)mlw{*{ZvI!>?X!^81S3G+F#xU+r{&}HV@
zLZbc-A}^sBw%x|DNZNcEYLD)hoM9dIa;sDE0{82zF5&`v?B*+&ijG%C4mMXp*kEz6
z$>O*!a=erdjES^$GjRKFz>{(b!Zf#7Rb?-PU(JvSWzoe|U{+alaaG!$V$sFXr}R>*
zL1IV2*V7>@Xu<8Jj)SCT1RWaT_3{-d&5Z~;Gy)cNV6`vR2r##0d!dR!m}z&JU*Z09
zy`6?}!e*EZlyJ!?gxw|$fE5(wQjn0`iV4J9M+r%rZ1kXGycFOkBAk$Wsm5`rv5;)M
z1Ox@^KFRP$Sny%dCwvkjtDQa)6W8HAh^L464!>?ZLPt|VMpHsXQ|vu^iWC%HFNt&k
z;U?72G|oX#DSS148(f15*_m1)SN{#EAZNx|XMN4F@OBz+zJ39{dG-2P&S|=qraGQ;
zSx1+SCAeSOA?qisA#^<FUpu;x&gR@Vj`TP~03T}Bw;Kqc6P|!phy8%6xd#C=rA+;G
zs7L2(Rp5OM0Nf#aJ<IB}3d^k0fv6fAX_gS4$o#U;#fX%UCnAJgFv}a>Xa~E9znp#>
zN5g~7UX=TI=8iVzlKTk^;Z({IE+HqgJnXT>a}qq<rN^FV6CRcLc;@G(pUj}7ibH0L
z0a|e)28e1CrWDXKnmFbeV?V~oCBWVE3&{fz+?}sN^z?9F<h_yJ=fvJu(|c*`-AnJY
zV(-7w`|Q~J8hY<9L`A)p-XFx?ee^yMdtXQI?~765*TY-RTyrrxWT-ez9|S(r1P%h9
zX+i}N&osf=H#9g+IQ9)KnkE4Ih89n==6yp;rdj2_p{3KTYu`{gJ<VG7$#!w)8{p(|
zZLjO?$xYLjGV)#;X@g8)?E5(1ajXxRnY{5a2dmb5@U!!cNGyc}@22-n^zsO0=bK~K
zTi}|ew}skrx3EhhgV(4S&E?*?Q8CKPi|0ng=r1pu8x?m&dDYygxLe8_=0?R`G#|pa
zyXHd}cint2;%=N3B`Aprt^UIyoPSaDFf9==F6zIW9T8)q{>Rx7F&^rf6|;(pu~6@y
z9TDT8zG8O7MG^VWt$bS?F{kop#u0NWug4K{DsRLQb1IL~Uw`y$sAA;TA2&N9Mt%LM
zvm;`}*Dr}8L`H{`D+~Jdz7Q>rC&^`Iy){3^G~i8to`9Wzg*p5k7KYsTdl70b3S5=6
zY~iuP!@**AR-T(yW}drHs*i*}MGo0!iBLtjE(!pIG3FLMcmsaya2M(mRuqhK`;PuQ
z$3`q36mWI)&GfIRSB{H<SJYn+yVG(Iyq3BbGreiOhXA8tU@tvAxz$?=Yd1&&b5UVd
z0^yfCuvl1-EI;K9R*t-exNo*{ocnESz4hYT^-h9qEw?`Xqt^Wdvc_-YIukw*yypO<
z6`vqzzW@ul!=65d6WMnWfosAhMr9n~w-Kn(oL@yKj}*1XMNLH5GVWhw<5MN~>`mX?
zgVILfuHyRSqw%G1<d!(gOm0QJ_wi8yn9Oy*af<cmE3F*&m^_#62fUa*eHmW19MEjz
zbjo|oHZJ(SQRX094pRWo`7BRXL=(=#jyF)!j`d2qG1!8=1cc``cbXI6FvtkZd*kEL
zv^Xp3x&@**Pa@Z~h?3(unLQ~g2v{!|*_)Uk_9xVjB}>BbeLLgH5{d%>Z;JxNaRlDK
zZqlW!0Pw;y%R52)ZwDTn@RB6EXZvz=dhLWoW^Jjz6%EJQatDKhqtKgS7g~;0rfwb2
zn1MTX&WRbU=NJ=UXPs$$6`=31+-=P6gwH?~frlS#*E{Qrku2T#8dG?(Uk0AHAxty%
z<~$K=L%Hee=qrq-3DmwVje@|f?S#yWdeh;_pr7z){1iM{f(j{^I<Ac4iBYhVnLXhR
zNC=~h*r7?~HYyMAM4v!Lk*(j4+Wf47;KQ&TUpDoz!y3EIPlY_`fpTo)2@ymxJ@92C
zg)0YR(m4f+_jL-L*b4i++Yo#ZO~U!UJ+ll6L_OmxGktze$0Y14V@&4Fm_(w3&@?7m
zJHV0I=O-3QR~xXW-hsZW`t{!dAoVEVDH^n49ME^x6C+@$N2X)>Osn^qRwu`=W!+&N
z_)Dux$MWiqk+VDcfLaXlS6M%Ok-A9}IBT=s0hH%q^9uX0Ock=!WcV?(Dj@?@{kOv3
zH&V#!X<2D988T!PX_@cWXwiz^OyeU6%R&mZkzM}_c&bO{6OGTnk@Hf?@WXI)qAwEl
zeE=O>A<=)r-L)ShA|3unet&}B#@+ZSB=5VO0OPjnFX2T#ul_scGkQ}>0T4SNLAI@@
zQ}xSEK&q6Mj#<|9ZT>`{>&bw02f{ETWbo+W!M>TrrBgu=!EaDi4No5X8SFKsb1_Na
zK}7A^JJ4ljx`l~NbZu6<7V?jrU4I#B0Bg@yHQ7hFSzUvUF}O*DxWf>Pp*bBJ*r-ib
z_CoC&YPO~KSzWiWYq0z6{!G+ozqTG7Xg^udHu&xOjw1V#eReZSc&7{#j^iO6#>-{+
z&KbMH-PeD@rvIExm$6BBF!~e0$B-LJbir--VxM&f+Fq3N=WWDCXF3twiWq!u!3XI-
z%8%nEf)A<xBlskG`+^R93kmd4vhJJ&93&gxM^QUmUZ~e%gAXGK$<)lx&$n_f)pqW%
zg<S0LsYubd43IT$L1x(cItKx`%(<xfPR?V}-OZcnbb=EQWhcTjnF4bk6W|U^AGFFF
zsK0SNW@ld7lyETp%q5fa@D`_*l9IYRaIhm`QYLi+Y|(iGZXt^dSh=(Pa-gBQ+}Xx2
zuD(e{3Xa<<R0}w7Ry*38pfc#EqV2K<fv6K1IjtC~KLBW5=_5Us7_x(9=qBT-51bt7
zMFAZgaN&c9T`}a=E2GSKK%6#Yw&6Qv)*7lmp7~@@4%H{y+-Jvb<<{Rtya6uCMqh(@
z;9YFH%+CEQu`t?g#6XFpn<-^WP?<e~l0_c33z-y>oSK0lY<AyC5mw)<Xw6tjV0+OW
z$+fhO)gSPxtVJpmJrrypmt*gM=hEEqoq)^6NNv^Q!A3Cn8`gwpHgyPRD$D##YhISh
zaQjRFNtOyJOv@P^yI;lF&FFMHYwY@|8rBS>VaFOTLdzoa<_g^U29;a|&eEuz9>!>|
zY))amkAc%x7V+r7xb1hg!V7s9(|;Rs(1g5p4b!nIprsS5Q72v@kQ&Br!P{?qG7!>W
zs#&dmxrP^6bEJ>=4y$&rs5n|%qRqbY5uXN?G~dmBg#cU#A;5c1;P!atfGvjgZuYUr
z2NJ<Bb$?t<MYo*sRGWJ0Cue&@+YduFEH=*o=`>Ov#+A@mb{oUP8o0GwWyG+^tf4-3
z3TW?#;Dw8gUxFq(y<!8RCpR5HDC>q#M}y1_+S_MNUGN5NU8r;vd25}nk}o~gf|TO~
zH=!J9YqsLo*P=FK%2R-w8NeKLJ_13K91<$skSN;=TFAjXv>5aS-goT_m9M4T<BRuN
z1LPS;ra3Yiw}L4Uy~Ybbi|>(nLGP?z!RbJ4;K-zzb>#ylh8?EehD!>=%G7j5yiH}P
zS^Zb&s$<xk0E@L4jWLVNJteT2QlMUMSGo2R00Xuo7@wcxM8E|sQ(0>C&AjcHS~{v-
zwkLdT_(ddXsdnBI9sIYccJ_jlWG=R?oHcxip6xHf9i5$^k@uk<Lp)`WMfLR785{)Y
zq%Iu`lUb-C#Ajt1<F$xC_)mbLM`o~R3>#xB?}XfwhiSo`q)A7*I$#xRu152wufz7M
zxA9&Gc5<y6F&iW+we*~7(7*BEYpaJQe!2B(gL3sJOCoh_>_x>Xh-2~T6;I>H5w2VI
z^h;4M*b!D7LB?rQAgi7$M>E{UHJ*WvYOKfNQs7)v8Km`WVgp<vfeAMtDzaSO4#8J3
zy=>v$po*q)$8sAew2|a!!hD076_=Gs$$HgaBXl2A?pSw5hwR6&jIk=+C;(ZM_dyfL
zdO!P0<<s0YWoA0F^~I;+9KPYQeBI|^Ip-hF+l4ob@_s=2IUcc+_q>P5t7moz>mbm`
z2c=#v+So^|z<{V7J#Qbu;05;)b}$M|KwLF%`yh)mWKP?dcL6>=QGX!-L}!_;gkkPJ
zkHBavArn+I=#m(8$<_h^5jM65>F`S&Aj-8Tb$PfO%R_RZoiwajO}z)0uP)ZF9HAKJ
z1tbW8L>O}>o6DH1ZquYSP>=Y!*ISh@>fFsa8N3+pf585A%zh_?{Z^$lvfl|=`};<E
zl4jUx0J(4EikR>3ph;ln+L-Sr_vVtyeGAiFeUcz93z&EGc6zBq_-$k%L!MNIJo#4`
za`!$=g1kf>G32TGyIH1TwUr@<lmQ8ZA^)Uqz0%5%rwv2yg}3WwtBoP|!p|ZMd%4B!
zt2v&u@wuH~X9*W>R`Rd6R&uP8;KFl;3(s+1*4bn?koWe09iW%2H|!J0`PAuFdQ-%A
zUt(paBKJ*J`rQ!^{#mR0?x?Sl9giA`c<^JbzZ|1u5t>WSr2qi?@1RMCSP+<|>vG%`
z#>U~N0GS#>N1O(_jP%Xl3%JOx%9rv~tRwPgxWSW=IAZ-?8M*D?9+VaS5tBqYqZ;r-
z^-r~8xpxXbjbSJ(h%9<iMl13Ct;F11Nm2FUlcTznbwrbJaw@vno^@%`qD^Y7Pu$5t
zL18gc*WZsH-9;!*Z;rvS_;J;%<?H`}1ienN@dMPdBN3j3yg7Hs&}?hEZX?monZZKI
zFX^dd$uZ~ZlUhO=MS7>R$UY6gLV%m7*BphVuHY66{otHjzh8#?KEEFmf4|@FQ(Aq0
zOp4P#2F}C(<lK88W*oc^)hlrlUTj<m5W$h*h#XV645UVZL1`@@n+Q*ax0<Awfpr%$
ziSSetlGBhJbTdpyr-pQ<r9TSYem9O>yOm+>g5zJvx#lZ<>F~42(Rc%x<w93Fyd9oG
ze#S2h)Xzn8{eh^x*pvsq1uj=0Zm|AY#tlYsUID$s*|*T+_f!w^d)jwy;cKyt0`^XS
z%B&7Ko5>4)L0RWS1&^xh%=iM#wZ-s0RD}?cVSKN*fXgE6S6T)bKfs1`6b~wq(~p<k
zLN8vj!YfaBtg1VB9m>W%ZU{tPW?WfHV(?7yD_CoaajD?_EjRYs`{45qyA>0l-&-B<
zdqtX9THRIuiNK9*q)-yF1}`^-QoPd{{A*lHI(Var$pmj>XoeMa25+Yu@)^8Q9K3^W
z7^O&}%GbB0c|%*8H$`cJH^arWe()BC`Rc|gu)2ePgA1U3n|-;+U$llIVt<kBB<Y`C
z9UbF@Ujx-4;K;cFN6ig5Zf?Nga|71R4LEvkz@c*k9y2#!{j7kBk)SPN`xg0y;H}aw
z60IRv9pu10)a6N^J%z>flO{lei;+cpCZf;CenfHISNRxJ#_tW@$xQ4FJQ<M*ZWdpJ
zwm!da&8LXAK1Cb+bJ5l}7j1phbI{f|JqK-l({s?)H$4Y!ebaN$);B!|ZGF>o(AGCS
z8*PAe!-9D1)20^uzTjPGEG|Dw(@C${;N5IKUK%UnskLIYJM9;N3eE-%t`o!c*8;7*
zF;+3XJ(|nHW32<uu?7!>*Rs}kth~6xS6#`S9hs{;{1;)&TGpQ&2=035UJIcy&gUTT
zm8FSR=frDPsExDz(1&;*S0l<MYzvpY<ZpHwXr|?1rVhsC0G=*l@Q?K*tAly0%9Iw#
z3;_cjLz74mVzz)$0Vx=Y7Vjr8P_!TvQcs74wulVG4yc9#b6I$|)Se<BJpAWZRsx(I
zW0honekDJ?A2R+An(v4C{kCpplUQnRAPkof1}?n!#XiV^m<52b1OO%(v2EtcX$O=#
z+JQ(Nr8BrLZ!`EX>vCyhv{uevd1tT7lTk`7ch0K)uohy<VrEePM=(Cj{jXl=Nc489
z7##Z)JNPwGPht0cFGotSZ_h!!7?i@=8NKk`pb03Rku#_sK)aH{BXD8B%k%0X1?DQp
z^kyqZf&pW~L&2Q!yHe}WP+h37|1n|}oWn3tu44CQXS@~ofg=Um*s1W9C~+p)i68*T
zg{10wYc7KD#H)3stGW7j0H@&t#RjP83HDk&D^wrQvUXU*ueXwrM}xNCZl&LEB}xCJ
z(NoaUj{+w+YC$E{$LZJXgU3vxk3wSXGi8l3hs9LWs`hv#UAMSRc7ople?}?(Qy@)@
zfex`>c#D)jfyRN|bmhV()a<EK2{r2Nl!<~)Md&5W*03!n6s=>4;vU?olj+lz1d1@d
z@5a3v^pzlcc^cpkzloD9*>9b22KQ<zFC{Fx?`!SV>UOncPk$7otLJ4nvgEQ%^Pghh
zhkJ<gkPj>y=;dPe-kEm&29&Di-j1@Dh_$zFE4CC1Nq(QCh>g1*2PCbi<TOxZCM)W1
zVG&sP-5uPq-UXjZ&jF;un6gfp)U(3N=OAY%S_tG&!a}sm9+Z2|&4BYZz$x5S24??|
zN@Pe`XvQfkLKzYjspK^E?Ld++Z#+TrpGw*hM44-7pP%XVbjOBKfo(u!gU#4<UuG3n
zt1hT*^;qM_tDJ}98w#4%#{fqnyn=lVKzfJWT0caTImc6e63kxKqmi+nA}SHS0O_!;
z`6DL_?awEnjE}QFop1*t_vlswx`FJ0bxt^iuc6L@p-vF4jk~;3iXp%6MWUJZE22g&
zbD&i|vL%;!DOQ0`puS?pvG+*9*~%(|G!_hL;qy=>&Pqw}#Zo4fOz24`q*owH#8pxT
zai4M59*yGSg2pTGwUyN=^p=(arMxv6B<L+9dJEXx$kH6-P+%|&iG!#BXX;zgJy3d*
zDF|F5C4+cyY_b<`k!kaT*P=I}1l0v4sCP55o|Np6x^R%PkDV>&!qS2=f?kK9;19q#
z4j1|ho%O#kTc^?hN)=8Oubsk@mhxkG>aAMvQ*FEh?|l`#wDfZ!tyQ(PtGYpY+ipjd
zk3$RC+|s>49=?2tvwx^u?ujI~kn6GPwYTFD2czq})9QO!w3mFB)&23v{eac|d#j7<
zGv{^8U)Cq1J`@?IcI5b#h-kzA?7n<jO2AJk5!!oHLT%$QvC6SddJmt^gMf^0dg>fU
zY7nghl432Ngr%+EK_Ic)NmgONSOsLDeNH1|pAlOa#g*@?hyh~LvP(p7zznWgdINff
z#i`KhwqEfj9aC)EVo=Dxqiwy=rUOr`hxj5T4!(v9F^zX43=>{w{fsl?H2_CSzXxC;
z=3N~1!?=1vmbM(|^gj@!(`T(G<%E!s81EVgCrOH4cqhWD2YJ(Lz>q09{)|MY=TPrP
zEzyc-?(ciye<DZ0?Q!J>|H=)RG}ZwRzecWN_&Z3;YQUm+OX{V(ma+Zn#iP99T`Jz{
zD&+6QV`35(K7jn;yU?17mn@0{m$F!)sQ!oVM2wl2Ah#<=XSA1Cz0X%#;r#eUG!2X~
z=ahJtC43@8Y`7616Q;Y3F0AYyA3*bMZ`k2`)KA6YyKojL51)mp`+KN=hvvopRPrv@
zFHw0P%7RSoUVJc|4-zg+XM4FQV-6->)mD@oX6iZ+TK-Ne%XOM`fW4&kX|^GJ8py9S
z0z>P+V%wog8aqpqwI`BJ?mz_IuWLa*{WWULeHT~@x*(>_aOHUw!GAKw+YZ<tS2f1$
z%!*w7zYuODPYaY3Lbl=#gUL|&+kw{5aaK<GXORJQ(oLLS3wS>Rcy&!ujw@T)WJcow
zAoN_y=G}Om%{#e$p8zy^_Lbm{nc@W_yZ=tCjsqbymL!~oBkjGI^xXPIn?RDT&X8sz
zz9C-0W+mr>Nxe_o3akSjADvGuvW_;gD;sAO7d^W*_V%I;pG6yFG6RFqhk3Jll73YS
z9oL`^^-_`Qc>ulGJt0-kb)BXDxr#qHK)(z)4U?wVq_7HpqO!&g3&;T0dgJD(Llj#$
z5yW(3L<x}9*;*7rWP<)KZs5H~nE<7iM_G%G)^(Y@%TEFO?Zp3EktQR(kaf0`b*K({
zj`9%DOHjR!;vPYECFeQH1QYeP=OzOO#KvnO-q|gxP>wC{I?A%W6Q#hgj+UK6Xd0D-
zA3`XmmXF{w{Sk0kF4lrB6gH%K15b9gGg<Xfn!K|<g$iIU7Stu0D8)VXn-QXSK7>lO
zHYhnTC6I6#lFm&N^H8p}{+LK64_n-rLq8YeLVA;`WeJ)76struu_;p9_p%1V_V;EJ
z)8o-h$mt*I%rMf8Q4}7BAFjJz{Wr{D^e1|A3E45r)CnP2s)~P6h|VExx_<T+q&0Nl
zdeu&E`YZ>7^L3c#a9c6_0P&UzZ&UProF6azBtD8o#}+I~e|E|$2N7C1lJ52brF^6`
zaDi#qW5Qa`o{WxazqTI%Z<=_My|HVRhoU{hA=a|fqxJS_)}qVRZChWps*cKTH`=Ot
z){+OveQ-HL;rRdj-!uM6qOjVJ{`e=4f17U|SXeN9d(BmF;nr#RJ1n`fy|@p(XgVBo
zz&S3)J%=$)0#8eaOE{pPm=2fX8yt%tnJn5E3Y{<(uO1|Kp)*Es2uX@JDRm#!Vkj_8
zd`>0|ieO)ku8Q{wX<uoaHUOW6@Gk&X2Mo*}DjjbD-N@2qxY)};5~_f$`bS474W&&O
zk*!Qynj9_}MkB|C$R!c8YFL#q@vbNh3nOm?6)%%FFFe`b&w^p|EEt4MRCZdq>BIjK
z5N1K}3c0s(CUEdY(%epr7c=KUHIy@jZ0k9ZRkp?xndQyXXk*CJfvBLR<A$009^`4;
zUYoTqXXOWVzQv0j)`}COzEGR~*vF9HI16?2NE^GI;7foC=iUk0jFrDe531V9*|8p+
zV_mY7yHS~JR8RgEco*%w6~Bvj-iF_DHc}|ufYh{3Fd^Um`ZoCv)UTEAVEsMvT~xna
zzKiR>mhX~!@43vkw7y)v<#c_6Ix_Y1=-Bx&)B*zI`tfZ*cn5JwophK0!3mfk#s|ov
z{3k)84;Tk=mD`De46Y<=HVH{SxBgZ0m3@CsSA8sTn?PK$?#tYT<vN6fMuh`pDN|}Z
zYINKQ-vRXT3E%2+B*HO@u$(vnem<PW#8eMC15z@!WX6T!Wx0GM=02kp$T=C;WR!&v
zc?sqm6k-Lq<4AtXh923|Ki4`-<d_4?*^Z034bMu$BhzD?Pr=Kx%)Uj@I^@V5cW~FH
zoL*d_R{Kbul~soMAzvhuAB?J_xq|3Y4(Alf`lo<cvnW9fWcZ@b#C#D~COn<2jY`#$
z&;jyzO09g_GOGu6kpPx$W9z%_1m$u5V6?wJj&3*3Pqdt$Y&rkE<@^+#qUWM^Um)Tz
zGLqHc=u0d4<UmNLEx&wwNByPAOl1*{qE<0ZKj9BBm++AS7m;pp<+n<>jfU6gQH2wf
zKr`YcbWYGuFY2Pqign%vJUZCgII`cWVH#tl63~xQGZpZ(LRVC%$tJv@mo(S`xs#B?
zx9i38z-~Pefjgwk!=f^kKViXI&a#Ed$<|*IXE!BcH%8cAjB>sd_p$bGwo*5IFBG=z
z@JU<|T3jMG`#GluNyQVf@C)@mRx8KD%Z4u42-wlZ3(L}sbd(TBO(_jZ%~>%&Wmw^>
zfHlJP48Zke;!N9@Pt<H@7=xPiIm0^2BQ8C%c+XmMQ3Y|G%Th5En!S=Y;9z}Wai-=E
znf}suoW3#-CnrYtc4MRj>(CvFiqWWrL4=BuLB+)wTTm_mF5F-g>CH&^mZ|k7X>S6z
zq%CkN53jv_rgvC$&Q77=8VWWAen;o*?I`bS^V;y#1^YEvgf118du_}iQDbURV-}mn
zIGAiP-l5r-3YMWx8Sth>_Zk3hjPdw*z;O4&Y?HAzwT(5v<P`d>9F=d%oiXKdH)K(E
z7wy#&!PhbORPn}?QX@EhahUEUK9WM`_YjtAFMxg25mzXPMm>T9QO{6uPiCmJCp*-?
zCpWOC)8>W2;2=bh?=J0u4e>p}270m2$02c|e^0O;UYv>@iBD;@DK3sYifLUh9f(8E
z*oL5T0!!)#AWFa^ohPk>(3Y(VSH|t%c+E4>r&*`y6<x7(oG5zkkhn1MGyOS8|8-3d
zE10gP*H5mM&2dwv0FCO@5A41d(^1J7fW|q93x(FAp`wR1It4ZVG*tZk#6H2>F4T8#
z1mCRM=9En7(}`HcaDKH5T;i@xu(jFdW6*h<@4OMWEwO0s%9|u)C|iCBWvYmqbjRMd
zKi~itWw?*S_ddecHkFpl6v*+BwK11I3OH}grQg!GL~3a>7k3QT{}9iPEOT8{=G?jU
zfCUTA*3W-hG&h^c^{c?0BV&4IKd=$w0$VT#wrktrx+N|+f=kNVA6&Bw&DP!X7l12i
zosIT=BkEI(hW<0CrKtUh7my;_(}0}mXIPxA9Ee#A17a6s?Cf8vb+>$xR<ApDHwF)f
zq^^ICyo>iu)`!PW<hdI2+Ds;4{5XhkL<?1QQI*?1qy%A+*saa>bd*PeXF^U{>w~Zv
zXA$k`@^}l20mLI70}|dI?^B?S-$I>us!(6xTZwGd6t?($8!rQO#rJ?ZhKl8pSBH44
zFq3uWhU8M$UVwWctAHAHO?LJH2V;C`rx%DwPwc7R)qx|yQLNw9KBST`UgsB$K{5&v
zPI$lM)8-upN8X{BOS4$$W%-Y3mhGt(w4t6fS}TfKf-lS`<74Cgma%cn{^)q&%F-Aq
zqUV{dzcen$5cC(KzWi#3MPA!?qOLpaYSi)&J-ZB3tdyF98WxvZDy#8}U7L6lZT)jV
z+>_kYEtDEPZAx1>-f5M#=1qXCMPg%#2<GU4L>uBGA)AK-+B&Wk(kbayiwq1l7`}%r
z=&vSdfw^)nm`>E-hl4%?BkW1-2R$+R7A{Tb=KuN_b8w8P|DAn|T`1odGdxtp_h0l-
zJno4RTX;;w7Cw45k4vslhCwD`?khcHd^ONB*$un+NyFA%L;lRMLcsHI`QHt5_+KqQ
zZTP*)0d@pOya!mA<Ntv0-mr%{cTO8Q?;$2MsJqFCTyr3@MRQvFB-R&AVr!_f6QwW{
zm)tOp!rCUQYO^&3te86m;IvpLm^E()nxdiIUMF@(^JgbB#N)|lTa+^n*%F1cDqohE
zvr3!!=g>H5Ylej_yJ*7ckK1Gh4z+G&0#`om;qz37av{&w@0_~?k*E6a*_(lGVXhL@
z{<rMSMo@73-t7PA4LrbqJH0)ueSwf#%up?`FX+7>VxT!k)iC(LpZQKOjy}z_jlWtp
z;!Eapqon_Y#iRZ2Ag?`So@|VGV7Go2Dv<{jvtHjw#>K-2(JPT_!#Y^gzL9Rc9fxf6
z$a{_%cU~!T1}&bL)c2rGX7!lN%F88qcU1SDVu}hp@#HZcf-q@`ERjpZ82<U?R{lKv
z(<<_3DN=Jp_z^4zA{h1=3cW-~)H)alDiW!|dcsKAQP5}d+`dqrLl|jFip3IH)bKf^
z_JS3RCO-d8*hNTaU>`DYP=+`U_NqkAgS}|-P{KGb&ln>Yf}KK0FF2UdgdH}Rt?z;s
z)V7pkRG&`NRV_Fb;x=f0h}4ZH!tgAmnkS+80lc@VK9OIDg{k)FZ5KdfszNz4<=o_k
zH2I7h^{A1mPTXa@0Vk9lg=7y*>mg1|8t|yl^nVfwhw%S8{BsMz@45KD693~oW3~+u
zApbVxmr8?0XkC+}QJH2u31U|KO2#v^au(w$G@TVcz<7q@UMb>99JAtAGoGQ9rHm&z
z%!*&ac!nAY`r2+NuM8hMx096iZP^2(DVEbl^quf?of<G-A_1E_5WQeqS{J$5lE_V{
zBR3(8+=NE!OHvoY`X1*F>DUZjWk=WIMXlD5TZ9z5@&6d}MMv?qV-7icO6b<rF}Ij4
zWq`zp1l+_xKIAqTATbm~w+U`l31^T=7$ZqUP;N3mnlTKJ7?P}JZb=7&rA)#Y%Ay==
z1)xi!O?Y#1(01{l;$Lv19gp~^W0W>E<l#wde!uAe5q~`ouN$}L!R>7o?qM$tCuMH7
z2`CNsMYvtAnDX(=ib$w<oY>`hwzmt9kVBdzXMczs`w_2+>upNHayjzx5BMcUf@4^`
zJw*hHd%_?-_OR)(hp37@B!SpN+K4?I60wIA5qn4~>Ji-7)=_}v`=k+y4xr#?)cXRR
z7;>rYl<!o#-IPd4gYQGcg16_%<lc`#jVE*Ttl$m`Uf4dYH`WhW-gZbspf$wTmFeOY
zb~e~F`#3av%?F7GSK4kcAi?`ISjbO^FpyxL8Xz_CVau-sSD%G2Au0LQu&oFqc67*V
z*hvT@l60ETu)`20D~tSU*ue-R%5=DESOH<goK6uErZOLuGXWF6g9q*LDs<Jsp#hI`
zsNtr1Zj^H=S~HbHRN{imJ^jEQEHhS0dVv|zdI)iX#{n&3hcRVtDt{}@;*3D#<E7zm
z&#6bdXE34P9!Gj9p?xLdFdSc?JNQm|!nzt5d;qYD2#Ex{6c!cCo1`+`E0+y1cP0}l
zq4u9Kb`LlKeOYYMEavrd$UYp$bdYWLpOIrpsr{5B=kio%y?0(YLNm%=|1gFNCSBLX
zr5kcw0!<s0RgoNn#{*6E^9jQN0;|&C*A0}TWL@R}Orr$~u-Sh-fc21kmEyv!KRs@d
z5>53WxBmP%4AuupPvJ6DS3j6#NySP_OnPm5Qj*#Hq$D&Z-P4|wf%B7+)|m9B_M{A)
zpOmCpUGCQ3*Ot_f?(xJ@3s|>)TbxEmp@?*Aa~sN0I=>!HP;vTMt(BO0h~ems)6Z(M
z#LP?2AsnZl)ozKIm!8vrrk~e%nK9=!9;Al($&T+=*rn!wq6mDx!jGKRLKoo-;LNPN
zcS`ty5aBlOXgR;ua(<moU8V1BIqz#ZXIjp0z{wjWtW#_!i30(5MFHYKz?Y%`aUkH!
zQGhrQK!BwTaUkG}QGhsbTl)(LP@^NFXN2<|>qnfUYT5ehR$+G`w?fS+XLtQ8APWuu
zImmm5X%fqbrmaOrPz+W9>YuzY!&vB;LZoWuru!DuCI`!hGk#i!Jb07plf!D_SCN<6
z9_k9Wlbyq|ZVz7y3n_MQlkr%2H3A)PYY6+VL*BdMIh;Mk{((sVerkFamQgcUVr%V0
zv>Arg{I<??s_W-A=wbk<4Pr45r$O4DKI`Chk$$}15BUk}66GMF7N>etRF^T7u<Zpz
zo;^ic^1^RH{nTjH>Esm~N|>dMAK|ah8eZS3?|8KBr>M{9TuPB<q8u>OBrD@xhE_dh
zq5j50zMs=$4Vm|UHadJXfWSI!h479E@8vd5z)xf+N5<81%%}WAzfqGVoa8`q!n5h#
ztnO3kev-ORru!6ipGNnS)qNt}C#jp4c*9NVKArBTsGC<$#r_V;Cono_ovCjE*d~8$
zXX;yY^9SyG=;jaHcjHs-(Qk{upj6mo3=(jBi+X%hM!GY_QLX_p-km9qb+z6jqu!a~
zFxLPX@Xi#c01c4Iz?tIc*MMjqAZRj%#ep$QxFtXwSmZEQJstSOP{p`~bsCw72vf{V
zRCQEt$5Le1%JsyB)+Kk)9e}4(^J!{=q#FYaPyLBb$LFJA3aW>MNHm1O<SyqdCxt70
z7p?IVmEQ0s3{2lLDteVdLx_wh1T#*IC7M-bYAKR49uY4M69<OBbOFXMzpXC7#k)&M
za_z&ODTXm2$QR|tn8##JeQ(Zd5q?_paEzZ(gCEXXwdM7bi66RK_)&g`OL?OmNuOR2
zNv%HTS`y*u@Fyvr0AAefjA#FGH#HkRCW+zeH}G*1!pyt}@XZ3_n-2ko6coX*d~FOv
zOpE)6fk_?_7^I*DV2G(*VOXf2WEeyfWYkYE=ot4C-TzQONev716DaaKL;(8h+xV)X
z9R%LbKpHg^2V%d^SXxyi5&wX(M`#vv2hL#;-;EQ|=08(68N@8#<Cg`BL*~d+01y9^
z+i>s>nT~1#Qo&p4It=N<jZs308>1|aS6NvKUX*SUEIaQu36Y)m6x`FH^89>Gj?$)R
zSi*ii%hKCnfL2eAUxak%80s&+39w+v_vNl>1{y3_#PG<WHrIISzXVwt_w?;J+f=tf
z1$Qyo%5t;lycA8tqT|$mhdeU(gse?-nDysN3#~s<&2{^tg(`!d5bB9+2CcVN;o1lB
zh<){o*&5monuh-u(VD1z+}1t4ZT+du(;k<bR$wBCC$oZ<+ZrRq=Tfd97po~RW0`i~
z9X-9H)MnU-c-8T+!Kz%OFt*<2dH{8RAd10D2=jT^=QG3!uP2JW3?b#_rX)F0Bc^|d
zSV@BGme)3}K`Oi?J}1kj1`7+XWr>&0i`9U$Hy80N5{Q*~8}Ek*X!xjQf7yu_KbUtX
zs}XugT4UH;{Sr9r&9tfK2X*8SeQp<>6KQX*Nh7TrJ_m7YuCl3J%4Fj26rwI9jE*<d
z^XBMy!+wTWfei_&Chbus$j5e*daGhW<9nL3wBb7RY0DT>0ajyp7fYXH5<9IF?do;E
zG|ac8B0EiyWkry<tu~+{BZ^<g^@2=&CmIsp7mRZ$oF+Z&Dyg+7-cM;9!nXaIg992z
zdKqQSVPJUF*@=sWrm;Qq8f#)o8=%yR^m09>tL=JBAzKMb*Wghqxs*`UyCqWLKERr*
zzmKq*>x!`PHjaL?{H)*Eeut)ohI|{kx`2|d7$te#KDVJHZ+6YCM6)n}I{dCVIM^4N
zi}SPBUa)>Ugq^TN37m9Spt}XAy7#CdAy~glR`Px~Iu%A8n0V|Pcx`5L{f}skUZ_$O
zVA=cF(`N_iJpjL0=#fHwzh`!#Jt!1*M||HDnr$nzH|K220L@}sLGR^#5w{U|siaWf
z@eE+H5M5N?jxMbhac46X-i0JM{F_0%x$G5QYGNUVVJyHLzql3qY{q8mSH(db_m4)$
zShiK@Q(b1h0DjDU(LIr8!)QWeH~+(S|6R7&M&%rQ1<2@E=u)-1Hq>_eE+Y#KZURr{
z@E8X63so=Wt>?M18(tob19>J7x9T!H<RBg34x*0>U*898J{WK{mLURa9)VC$&Eo{5
z@#-5xr17FOxL@mv2@1s<uVmmpo?l4S-^X;RC>^9!923*eq%DfK^Y#`O0T?trEE;y?
zX9}4TM%Wq_k_BaiYozjQxK=CA)q_h=DAqh<&BL66egqom#>gp*5<*$KQ(078XxrRd
z$U|S951WX^ny&hrSwvS{M842nEclgGAUJ<dp(o+@m|A<HS_}35XCg}>&f<fXeEfBT
zmOg{^g$x^B1?qaD<sXPfSk_rq&n1?BEjt!RQoXN?!oP0y{6xcT+~$5<I<nI=)RA4)
zVe+2R(X+Kf^0J?ydu3q;G5y@$&AnMy42&q=*@w6=m8-uTpvFk|*1QJ!J=mj5jK2sj
zbQYe(fG(V<ic7~271jMz+)61VOKl$Q?ccKLac_$eBA~N%={a9NzYbF%5pFa=`>p7F
z{mtzOA~mzLD3!0jkS8C2Om*pdt-`_4y{IQz!<Q=FxK4iq>&9<lJnV<wdpq4ZH@!PS
ziHZ7;0RW6p7@|q9*^R=IYp%twu>XZ*T33UVPLpl6A@wLwu7T5{E-!q;2s6y`C<Z9V
z&=#A3QP6bl2;Lx1w_OF#0*YMy=?y>;lP;|6!s<*mNQ1JWpl*B__;7uKd#<(Hc%!+`
zHx?&n(X|m_bta^8y>!%_2=4+oP*N35=gL#HZMbMI11(iqf`UP*nL-yD(50DhRUA$>
z!_->4XTMcy>3JzVpTv7BDR14YIIYMmv*x96#(3NekEw1O*N!$kb}PcV=iHuOQ)8Cy
zHmt!+ObQpS3O&U_VI0Rb7H024>)utN7ZzzQ1HQC<edD(?NuM^c=oi(#WY#Z=eaS)z
zwhxQj&jl=NUdx2VZFEaF7D}+pg~DR{2ZaIH&K}T}kIZRd&@cIeE!zTBr-Tdxx)9QK
z_P}<Wzje?cYTMk?Upq{@05+CjFpNkR7AFO7FJ_ODxdgTtzQw{LqQQIM6pjHc5h@tw
zYFWU911ngVns`32{#Urg54+rkPIl9`Fr6d|E>KulQaJ(iwPa6WX|YhoOt;i8x8ZS_
zzf4R()O_DXvSo7fUan*Mei;@2Kib{|&aR@^A3r&FUuL<vlRJ}1GBa5wIhlJWE65~a
z2?W9}n=A=}$||6oa8AOKF*jiqkf3a$2oH>+f`Yi9@)QLG6_+QjJOu^;QIJItP!NUx
z_gi)Lxx@4Q{J(s1=X6(B@7>ka)z#JgmHtYfWW40Q$_yq~nNeGKYu0`oeJ{6$cCX};
z1`KAhF4bAJ>g@Wo%B;%lFu%%7dlN_bY$QFqGP^QMlm0CX-gONbyIzUT!M}d|s`&9x
zpG>>bRfBJ#;TFHVxg>B<H4{V@6xT4Wzz@8<UM|9y@Z}g)q%X(eI|X0<Bm6}CS%B|V
z_(tKM0Ui#Tjj13GKAbWG=${#XMNuLgE>1$SjSi24Jp+^hD!n+N33yE$(|C;AXq0gi
z+XuT*ncTnIyih&CwH4u1^ZwZ(tsQ3NhO>VY+t)a+Kp%R^*9tI>14iQqpf1XW6ozLy
zhphK~S|H^QJ!?2-x4fJ7+W?1r2piQn)EL+hzH@gcAb&%haXT}-cI)%?ZO)Dxg6nA6
z22Q9pvI!QX>@I%i>Q^=>vSHBh&~JSNgJ6hi&JuCBT_fOm0@+z~;T1|IG@KVd4Cf{j
zgoPnLv|PvSEM^}j59{r=<bXP8-OPZ;k~?_l<5y8Pz0ZgnRnl!VP=w~rIbTNI{9DH|
zX<^?JlvJ*!nJBn*8)mbB-bY^mLgc)2+Ubbw-Sf|Rw>s6JZduaucRC~Yp>W<}gXTA3
zyB~M0{s<D?=;mspbO3g%#4&O;unqTD;OM+U1LZ;#809(^g;<Ymk2$CkPU}u!Rq-?!
zP;e8y*npk*n#f1%c|0T_F05g{pfp)*H9kQ6QY6z#sU}v`H1DxKtY1H6wY)6_ESvn9
z-ZtfnJxa6)w8~pi!DiH8IB<X3A_=WLTtbS`QR!&(S2`{|X~vRbrK9;gHj<aY@}GT%
zH)LUhr4uVu+KZ{HQ#+^yo+c<LvA79~94X;&M}<uGtA5mtJ{&v328@Wn&#}E7TP|y~
zclmtve8W1(=QD0I&a@_VoG)Yn?j0t1wog<(|C)?{6*-mscjnh$FbNV1D6f1C$>!U}
zhKpmcg(8B|vA{e6cxEgHo`D}{uQOr&TpNp5!aaVcn?@*7v*0z2f-!fY-W{Y2@G#)~
zUFV)BVDN7pb)lqX*cb8gUh+TYjq9P#sbThALvkm5I@@HT{IdoQ?2XrvzgUzicBI7q
z$Yeu4i%ZT8NYC4lrE#k|jqz8*gp{JTjbK!g7a+5NCwO?hjwZl94kQ{nhApql;2h38
zB3wc`-JXWUm-f7M4H2M@3nKuZpp%cWrR?M3Y)poM!?cxw6W5ZiWgtRM#J77vBQ4id
ztHsGhDIJ>pn;d4o9~Sl>j+7S3d<^kS6v?`h=|Sl?WqlPcSbI$4K9+U6xKXUE^))!#
zv-X!TJNlLu+Oz#7F_Y5H8?Y3fAg{-n7bZ?)7g!#kB#)k?UB5!ou3tgVAWP2Nv;2m{
z&Ds61r2m`gofD+jT^dW3{oAaKZm$~srKM$bz=u)zWoy7V<c7`sMhwVZWjtWLM9-av
z?)x@=SOR6;<$HWIdHD|+kD$zAP*C?BuV9-?Lk$_{Ddg;1b}(Q!C66p*={j&D0=%*B
zeg#cg7O50BCAo%;m-upW_rIDG;`s<|IC#Vp7m^RCVT-uP3@IGg?_8yDO{FMLE9MLB
z8S6Ua1S9`rDNF@e(m#Sdz-LkxPR0wB$PabKiyf?T<7)xLQONMgVAfN5kNxR+AgyWc
zh`B8myH9P-Yb?D-=4!oojb#MujJp^AOv9h9E_X6M(E`H2?*wJT@nv?SUxEdz^7a=|
zI=Qr6?U>x*oHPpY=jkA8)pqB4xM8buPfQ`_A-J1=2AR~T*N75<x7JIwU~ed>XuiKJ
zW7LC`@y79sh_C3_tL}$RHPS}4+oyl?jKU({{SKpewC_IG=)F#96K}Upecp%v+&FRB
zB%xW{mtj+2{1fA1A~{5A4cF<!MwPd&)3Q?ycV(Hj{IUy?SiYJOUBjxL&C+anVdPwt
z8B0PzcBi5o=51ReOgxq~-hYljV8#oJT#D<&TwRvXHNM>r1i=V1#3CF|MOkDZIAR3q
zE{dKYA2jgM{b7~SZL3YL+%uA&AGsGyq`%t{DMnj+y0-IgFlDd?rXj499au+w1bZzZ
zin6Jo-O|k%ln_>M+t}#s#tKLKz-?g>)CgJu@nm)RPNjYM;m9mZbL1H05=*wC`>RU0
zU0Jp>aJs6KyQ<a5{#cr^T18iMJ9~csqpjQDAY+#$w$OU&r&M~hz}&-Cr*>f@G&Qo7
z>qX>g&Q}<Dnjcwn?@jFPV9&8PvbCE$wiu>aGn)``x*ri)NgXf2UZzL)Q`l%=37w&`
zoEpvh3U!3>RoG06+FSi4=`QwEYBa5;WvE43fcGDS_X1-OZC{u*oeY6xmzqxNgSSt1
zVrXEvl<$I?8(Wx#TYfo6=E$!AKnL&i6V9aEHFEr-UEDMBQ6hVdCcTW^Q>>TIg#TRj
zdcPP)gH~mApnf#AUD0%A*5_iI6b_YH*d=X2B$%X3S7ylu4J<q#aGI%&_A@lv%odGS
z8DRRAf!f0By!Ksww2Bp4HL<^=Tm+N2U=mcWH3Mf*zWnO5le)g?%c-84)cLCKo@sV2
zHpRZHY5Z!^nfsfvbux_uQcKTCdG1{5rrXp_{u^y$yn&{Yd07-oN+s~hw}GEk9=VW-
zm=J<FJh32zCBwO0Y!vC^zutRHFqJ9Bke&gJ%z0*f@Hmig4*ig3W`uJP!G$bU$8+F$
zMu>X0QV)5shRej=*=?S^v#K$Dp;6lde3@Y!V|03U@L6u|F(Hfa?{iBY%eDYWV@9ie
zV@8%Pi?E4uBeL?h0>cBD@hEN1%x18U$~8uCd&XNi)6Q0e_-{^8E#j@}fkPzabE`&m
zt}jb|n^E1{cds!D$M`hdF*?st_gV;YDrvCa(>F(?c(fOpH7ck*TEL_2czr44<V(4X
zT2Ad~bIwG}f|>S2#%TYvysjjVJdf>*9{Vv6z$xvF2_y>|h`xsnwm|~*k!KCe1c6zn
zeG6iOSJSjpHq|^D%Thre?U@Xoq6Tnm4h0eNW;E?W4Z|8DzWVGlWYAs$InP#Kd)l+p
zxBaxOGf>6BnsYRA@~)ISr;B@PJ02bFb-qlG^<JzAU4Amczpq5wfL$-lFgm^<dxv48
zb0=fQw|)0oW5#!U_Zj~D`G_&)Mq|z_WXZ8~4VyP;-=u7phM!}y-8SbBC`-Yom$?Qk
zBnX{O*Z20d<*mcXxzN<hJK-3{LlQM>H(Ed9)3x>;Foadkrx#}O)$G{7*mRKZoU{6D
zv~eKdML!7@zBSDk2v9!Z3!`$`-Hjba4YBLYI(*{atiw@39rkHmhwi2S@0GYkE77VB
zBOeIs@Kw~ooUk8gO*`xds9ELm?)hN(!1cB{-$3I<dSqSBz6e3w?=+_2kG+CplLsrk
z=g3I*M9?|=Vxpm+8att{q!)8_nEDr*FV`w?YzcC_GvWg(UGf+bDmb5FLP3_EEzd4v
z#$tbNA7B*M_~UJ}F?*XYLr)v~qn_Y~COAu=ZE~$AEwIU1!qB<VvjmtV4u=t5T3d+6
zo#f7d%2&cM!f}DM%K#%aL0+_Bu6gmCP4c=po>w)eCulY2DFmo3NN4hSzSDd6In47O
zWk4g7NZ-Y)!H8qK;~-*iL;>@ST5gu}P?R(CZ<G_e@?W9~IL+@Y$ovxPcMGvwZQVB1
zr>0CZ+bU0+@)6h=@6I-#^Q0o*j+Pwrk!3y(@gY-b(Y6^+Rxsq7W~DwK==Sfh&lsD6
zn>wVyc_EVl8PUOo8~S{g1`EOQ=SSMgYv<`k*CJyIWvv%X(9XGZBdra)PfA-pZ#FV8
zm<A)xq?auBRruyxmYZ9IIK9K!YnyW)iV_U<d}D3ir+0f|Y6*9=l6<L8?kKY!ZeXL3
zq<K7l$vNE@L<t=>zO;FuwZBcr@i<!dE@R62aQ+-UVY~ZEAai2vp3!#4q1-lP9UjVQ
zp1;iaE&g|e2BVWS7s5aT8mnk?PZpIn{t2!hl02`^Mfe5r-tdf+KKIe?9PvRW;=OXv
zRT_b&E#}zY(DBRoUZ&zLI~Yz#0@&4!L>%G7AhRAh51F^8eJi~uQ#c(;@3Dj6`y`OJ
za_gcSmtElt&rWjnibuz)d75XG!zGV|{Q+#MXQG!P6Kv%Db6V`$(T(U2iuIO!2-~f;
zLObN!yEtH1y%$Y$IKql**{}o<a&phc4ZvKVQ1S??RW9wB#-X@42GxnZan4b?rdsCf
zcMWXvyyx$PVTY7adF{4#SdPXX{B^WpCtm145plqSO`{a?{z{2SK~B2x%k7!c$kAw7
z-DGy)IC<nV(ui`R%;PKBz$T8bv?1|?NYIdLV~0?=`cSmG)hQZbN*DpJe0JcRDB8k5
znV{~;BP7|tdgs{E&IfQu+o9W-&iVrEO~dU6PSYgQYIhn3S#0ZJZJe6lIGsAC@AsRy
zN1C|jn(EYAwHHl172ChSVj>?Mi8k>xKb2lIac_ltOs|Q1(8PElN1K@D<UAX*pECOH
z*5ery(ubjWdX8=y&raH5w(dQ6W&`=90W07Y6ZUpsyLbE<M#=dqW{sztlvZB;enisK
zfT#&)2$`2$=u1($%E|K(YKml>Yk}c!D_~s@taB0Z7GD&^YfCj(`756u>pYA=Up58{
z(PkJfMxk@g85fgid4gl4R{oHm8o2h7b41|fp+1ie0K6>#`g?+`QJw1V0}eK-$NRj(
z#YX$beD}>p#~t3D04EBvcPghEAisF5_DxKIp@TENkSPKrUB{wgz=(Q_^@utOd`u?f
zpJc7)d3;C?hf`ghCJAtokKkH~1x)^_Jx6Zv)Se@W(6lXFC8uxU3Bv!q0Y?hpxG%~W
zH=snY!-M)BDeHCf08~*G0ysAs1ExT<(tiS@H<vHm9eYXmYC<FipWMmVXOaf=p!>@8
zF7HHWGsYnrKWpEP#`msu{eH|-2Z(A9>M~MszKaZS7LP=fUGny_Q;ljv``*;^Jszi`
z9(lvU648cw=)P*%ba>6?+gTT^blK&91V!V~A778rx^P!pl%ehkd*x{ZnpI5-dnG`G
zy(JO$;xQ2H-Ls7|A@0RX^++c!?$v}S>z$t(C+juwvT-^G6$$GeG!rDfaUpNcAC}O%
z5+U!MSnf;C>aCbLC7C&GJf2ZW@Jbx?;LMG9!<)MB1aj0avK+idB*2{3?J5Co*C_}I
zaJjVvI9hBz=@u_BO4Okx>hMd1`CE3bMInP1BD91HR^=jcVTh+9a^X(rUe>BJAs5!l
zd2(Sfo9@*R9J?<7&v|lT4^m#b$mzP&XQ#E3rQ4xh+}z6_1JG965+Hf+(TO}r^w11r
zrBT@1rysUaJj-`qWbE?`e-H8xV_^Cu5C1jeeaEZJi1hg;bVa+2ztjEUU#!=?J42MC
z!j_1AFot5I=43vM*%Q&bSL5)y>ioo4c#qtHN!jaLr`cu}B+cQPa~jet{4dg!^#?p6
z-yhv!mFns8g^(StRyWV>=A%w{fu8R%(}ui#IEp{kTXdd5URiwxq9h*g0Tn+@M3c8J
zzs=<7hHX>I57<s;!H;_en5PcvR4aN+{*E3mbS2Qr&9l&F&^I^-`PB;c*P&pSmj`l$
zMH}WzH{WN2aEXAPf`9+^Tdj{Pd8oSdBmU@+GJ+>Hjdo+N!}N^uFQ#l(8vXjMT{b*L
zUEP-<?)5=j(}ortUT-NmZ@(;>9_uxLdO^liarq7;?cmDmjwPBBehA2U@8uM450W)X
zu*u9l2;*K2;xrj?@q|0A=$1_T0OVui_$u4j6uvv8&=m|q3>?!0SXI1`m#yR064={H
z_8R+A1mn22#rvH(=c#>U5f&olKeJrPTzb-yyK~A)mz>Kl_iN|nv5X}-MN0x}{E{zW
z)dFAUL%w+&QWgDtahe(E7Wi_?lIC0T9uFykIl?i1r4Y+^%@uyWDLM29q4ka>%JsK{
zR~06XeOL8fV*+~%c9(hseAf9ij0sUG;Hi9GQV^|xA_!Ke(|IL{jpPp!iqu37aT8d~
zvdWsF#RMk4qD*|DVHR*-i24LR-?6JPGmtsnVa)ukPapP~)VX$2g=g-jF>TV3rz`(P
znd9E**DA+)xDde_qJIkQ86%D#K&N2OByj-!I7Zf696)FN1L*(c2u!ECy3*~rmdDQ?
zBQ%*Bu<_&Pw0HbG2dk%a>tu3Z--OdMm>fHH=ION@JJWF`8lA_^Y5&+c)t*WF$Ifu;
zv9oepJa*3b$Ig7qkjKu+quqcpD`RgbN4sxEj&?o1YLziIQ_t<Z7sz<6^ZV%G;IYq_
zz~SK9)C>A~Q9pm-CvE)**^&<MF6_Q+UHtR!qm-OSgJj5*{w?q!HAytJNs>v~10X+}
zB;~Z`lkrk!y4+v$Uzl#@D!+K~bW?Io8(CF}0G%&fKTXM_Uz(AZcuKSK3gKmiJ2os6
z@7l0X{IWp&vgSj-P7QaU+%Ln8&npChGQEmC*5i0`ng*mSxkzvxm^($mJqgCJp2x)U
z+vyh61>)t3+<z&`ZJAO|ZmD}$Tf8eSnsH;toO3v;BVh`X$JqRPFwTd<Ko(f=yukX5
zoO5>&Yzd{uX+2DL$kiNkl+|be>FEGTK(P#@b8u5rj$f_6pu=$s>94H+&KLkuKblJ5
zs2}^S58p1%*$t5J_^*r$MppjHqJziX)kFIaCk)|z1L_dVLAf;z&(K;Aa)hnsb_0xF
z2$4L}1}Kj)1$mg(_kg_Nqfo#Z9IiOkj~eSt;f8!|l#F#J5Q=6hYuy7!X|OwI-!@sa
zq<Fq>e-mz8i@Y6SS@%3JqIviGctl(KENwiM<tv7sy_+q6W0%gwCC4qV2Cmlv*Wcli
z)o07=a5ahSoHG}fq7Oo;+@mRRhgi9&0biIX;2s8ywutfUL;*Jfxn&G<9s<7EBB=!v
z1*}Fu6FNHSNJ&p`0lS>A)8csdw1ABf=EU*Zt?@9ZtFLRialExHV5bwdE{=C?3)uHs
zz+Pwp>zzM7y(ih6ty=9`B0o!BIPAusw}9<V*fVjwjV)j=6ZTvjZ)j*dY(K!9f41nx
z<0cCD08{xmA0i4%`Z2<;iNn51*eBw!2MD`14ttic+~in#bLxPV<FMTcYm38<Bdk3R
z1D#yg?1;nigeCI$G+}SnV)@RzdOYk6;z4^YTHi)vJnXnQj1xBOX@|2y8;k)m4IB>s
z2#iDC;XseTIJ_MW>IjTO+2H_=z*rB5HHyGkW{0H@Vc|@6IO8J$0U2>fJR$+X*l;*h
z!T@Pbhn*LJvCEt}u`H#_oZaIvcA0Zr9L6ql&Wpnu7%Iu8s}q(e3x}h_ff*?ahoi%R
zsW6h#=80@NY?-341<ZF}biCpTd6l6;QD;-UG7>|t48qVW<1h5e&<ni_k-SJvH7S`m
zVW`ZR&@00+^vb9c?+_}}{B{Lv0GE+slS_m{f|c#>vVMcrObdTj46USSq+z-K=@GQk
zV`ybXBU#J$4@A(;h@rJ98Yx|&e^CVO%otiVt$3t<6__&&5yACX+qnGggAFTL8nwLj
zX@dAvyf_#(IUa^}KWm(hHJSf339^$H3`hC3L(qZBT=KEoV?&?46pL`9(>Vhmg}*=+
zt{uu%2*Bg**E8TzMvwp#OtJgVUR-VgZvg)Icgl>i47L^_QifN8e8@BY|5%1t=9EpI
zhP-R!NmBMBDEIm+a2T~|4-DswJeXQE)6mU!KaaNDv^$_Fdkk1G<w1|WT9vb(1}I;H
z(QX@BCD@hIZ`HwZK=kn^CVCY(9s3rz+@GQgHmycna7miR7m>8}Yj84Pu1xDOw2Jiv
zn}(OlCr^X#_w>EpOqruBmi;mle^MHca!m46-7J4tqGHN^2}pxd4wyso%B6lOmzL^A
zl*$}sVeFrySoRBuBpde`ALGXTWt3^7%ImTB<iCCPQ5ocC(v89NhV9W(JiB@n(VXKE
z#R412yOB^T@m_ERLq^{6K*Ze*{FrH9$VrxMEYE7}C8m7=Aj%wwRAV4(EnI-IEae}D
zSx=#=&Nl{;<eq3;JlsmC@SU)0W%BJu`PaM<^)OX5l6C$B{Glc%cL4f}fH;u@&_4vk
zNgIHQAksrkPS60<BOp%305n%XPk{>vK-&rEk5SNG0(v?MdZ&P1!=e&ITt|>H(wxY@
zWzTZfKIA(d_8pJVv0RyJOrSA(<xCbWXY>eP&Dj6`99G--%JXJbkCFGR@Kk0kD=aZa
zNt?4f=tRNAS#WWqkYF65Q*hpH=G=48MKX!%I||XtiUMb&&&+vVQP0HeGllFbY6YPI
zC5}wNGR!MSry%4KG9HgL3h&eLh<#fy9cA8xvy4U<WV%tVw+-zyRoV%%1?(<1{R7k<
zGGA1oSYM|yOEFc62LQxUrCdLQ`H;_JL_csU53VqbBj#0{=MbRe4KZk&asw-c7^#mV
z2Hg|K@T{_2*h27$dBZyLrK}HpMCFo4o1<D<xwRRzA85V@4?&<TM75z3p<+hTngF6!
zFP7+g(C)9W`IUKeh)yH)$S&KV^KeuRZGY~XHoZZoLf;IbP%QTmCW+H)Qj?zarW8M!
zO=)~k#O8~boXwZ<r)K?~!**xWdL3VkW$R5D#u&#bV>RSPc#9DBZhs8gBe}z@(*r<|
zm&nu0UO*w!_D&#HxC?t1JdoCiaEveUw7dknoVZyWSm1bjH@Is%L-=S^@bKy`49QU%
zBP~h|<HpRu%htrfEostlud_FL(|sQ9jXnax$fZ{@%}<ej3hkO+$*n&E1(8?kU?+=h
zh$m%tLVH3jDAW9OfC;U(^*aEw4dtgeZuxeq&)Mn$u0mr$LEg%-&cXDm7V?m6NYWKN
zh|aWOON(6uQKV=>51F}588*8=h6asaysGD{w9!~Y^{1hYGmXhuhf~%Jv^4B9rtN?F
z{g5^8O+#~m{eZRi>#X{pS@j72;Qk$p76cRjz=yAN$;$^>`=9VGyA~O!bI^VS0P51%
zS<#dlw8sd@+K=L+iZ-}6@O5~kHKdl%_{#{1hmLP9U904+PLvQy<d_5$4y;EYof%%1
zz7#9XcY}V3M(Xw>dAL!$Zm(bL5wx5(oP9Vt5>g^InyRhl?609r%@6ziwQLIpX0o6m
zr{#W()wu?Ls>NEhG_ohKc`X>a2@tn3sVdAwKw=xF*nspkS@HJzjzGE6&$O{1-Kcw5
z)_0glM-6BD--Qc(-C^GghmMO18i@C*mi>T3yFDzJYT9&;Y$e>&1>j6^S73GJ<#&5W
zIGTS7vc%=FiYiRk-|2@w9fZy>0ow^NtREn6xOavd_Zi;6$bou*m)cVS{?q_J4@3`N
z#u*AD!~R4a_MIw-hGho`q9=RWBqfN-p_x%BLVx5|NJ7m~QXjA1NPV>5MoE3dS@858
zMxJE*d)4j8Kx&R#w^DB5i`{G4aM$BcWYBfFpU0@JbXlLJ7<h`1o@%YD+T8`!g{o9^
z8La3To?A)Kw2|8hnl=Fmn(p1h7ZL<5c#r;^%{VhW`a@;)=@9}nEA$Hm>Qf3dEkc0;
z4CuBC37Q@uL7kPpkOWnG>fM#;5wcT2D9KK>8-<n**hM>FTB{D2B2PfOOEFQZQ!7&{
zHFtmmt=Al7>x(uBZ(f+AoH&hLOzjCOeGH!f?T_sdPf1q42H^&BuTUtDd;!duN*}kY
zbT?)|FJ%B!Sz`@&u?D<Ym7WF&AICtY2Ov^De;9ROc;Gyv)i4^`6?bJ!H2L>2C~m-)
zcZR3n%YTFqKpxC_^Ax^O_}38lD&pJ<TIj>iAwgVyjZYA@9w~cA6lMKYNN(sqlL#!X
zA~ZUq=v}buQybctMCXd3=v^?|BWvOfDBBFsVqFcrNw6F_dIyL--T@-H6WCvJ4o2~$
zl|5}O7!n(2t4K>?M^f>vI58D{T$aOcxDABYIb>Qq#g<l_L{GuQzIx6I|4j8LW6@T1
zuQsg|hK?{K%6^=q716p5Cz>WTgqMrR+rJxi@AKB7XtRf{y8b`V?07$Pg_81=GOMfw
zY}~={6Ny7kfr43|tS}EzV~fqmpCPY)FE6&Ccc7v~XBpbNSl=$eA(G#d0@yQAyOc5k
z9Uki_1`En#n>{Y?UZ2a0D1B&AJag&ww|TrwXe)h!^wo&Emwvy;K@8tLhPMu78b@;I
z8p=~9PTgtK=rvZZ_50>bW7Ri}$q17D!`T?;1LNB{Wtpg#SnEt#SvZT?Wq5T{@8Fb1
zaKeW^W!15|r3<3<ByXsTO7wE9$TFGbjO89|2&ma<-wy}&0ZKyD>u$%<EbJ@$gZ#qs
zPoZQ5xzJa|wUKj3l)*DW5%Ehn6JJjC4^1NEaiMi`5I7*=2A?L;2VoLA<=q97q_Lhz
zfn{N4s$k=oVxv~TN{eeDS-B8VDM4{-_FP^>6f!yd8Bmv2rfHxCBiD=Y*5U%_Jr?U`
zR}nflJhv0=x2?<-3X1J8^<2S)Q|}rzq1!6nZD_?@@@Srx6SS{*Yq#1yDRnFGOyk?e
z(bM&8mHgYuz~R3*>7bP4osm%+5)!CgtV4kJ^2<yxa^6v!jBHqlCLz_PN=w^>R6ni!
zB=_)XgBRB`Sh>dM`;8!9$m75Ys9*?sttID&4APT5VOc#=h>HqV3FF42h<+JlT4(Uq
zI*SAw?{l<R8650$l!XN&giDWDZpRV+(qAjRcoJotIer{RvKBH80R+riY7?zMR&%4o
zNG3Fhhvfr3434E-q8#=+S%}6_<A@J*STM%Pm8S$pXL>#y<j7#24`d=*)0XMyhP$#j
zB<uPFI#CbFq(M1WNF#U0m;cfaa8$`|(^`dIZa_EBnuKN>N<YB0DH2jc2xoSq1PA9e
z7aJIWr}&|rF|auldd;<*`S9-Wa31%Fy|x`eSwflM>cAHoAVY=NzTpy6Z6Em(=mlng
z%urcpI{LfBe0~**xt;bI(hQ6R<~CSTVJdF8yGfoBhQBH@zT{l7TCLA+k~OV@qI1ug
zu5=FIO03}{{R$(oS`AAiHw$0o@a#eBRHxLB^vuktWtked;hOz7M(VEAl%tY;;bLG9
zFRXO=#?*SYa#ueHZCa6p;JQ(z+r1vggxlPY@UQ(B98h|8Uxu#*-I$`h6*OSM-1d0P
z?YQJ5M<&+cJ_;6Se2Nw2<Nk^g4zD&V9nx{(c(h()(Wj0tr$l4IQ^%!=HwnGEP^tNO
zmb=USBr4%92fyysL@mWFU!^QodyC3s)ll3sh+mQ&PR`xLD%=hhyX<vw8>}<2gCqTs
zE=Yg5ZvqX5^+qW%z?#8gh)^iFJKSO@os%3&y=J9XTBJIy`B{t#@V7!TpjMT2Ph*v?
zV>Z(x`Og5(#N(k4_I>(vJiu_y`0+5qZ@XYT^abOge_TudkK<una>01$onSmni;Rbr
zes#Hm=|~uWksq&j{SpQvVPJgu(mt|m2C*fP(J*7&Xvq0F@$dwbSvC>Q#A74LuYwFf
z+7>4RGZhK9U}e_JLOn}6-GeP(h&bA>vs(7+>`1@P!8O}xzn&VK=Yy3&ZMbl9?+?>P
zgWA<|5i0VWFmz#Mj^8$ZLskZZuAV!-Db?iD@I@0%{c*_!T|IMxu1<8$Z0(#mEjq_*
zooMG=_Ew$4MJ>WYwU0oPIOrVVqOeK{7d0<jyQ&sAF-!Y_65r+jjU_^R$Aczj-TX-J
z3?XK;cMgyBPQ6l3_RiZXL*v@N9<;wzsY}mI*bO&K)D4M7ov)2LG_Fy-F;1QiNwuPX
zxZHagD2zn{hzoziQ-lb@{6#<o!JEFVyOI@YmI!Maiju7~6zOgfr(u!(RECuVl6qDP
zJzM`Fs|_zUR|?zQj{|CsQmQ(fbKZf4x1Mp99E7uxKQZ&7CR+@1hFy$wV?TeL1&_Kw
z$grG@R2B#UMyZM-W2-I{a43VXEOgTlx_Nl+!z>XvX!mtGAV*^{8pV`*CTfp6IQf)&
zDP^j9zvgTJ$vf<NFPIN}xyODlev2@|{QWfH%kaAwuzx1tup=(`D--+j^8m+jnlUx9
zFK0Tp!9R*`9ZYI8eOxXxP6s}$z{KEhhmO#3!2dG7QG6V-a4%&1GXf|7y8yVe!T(TX
z{Vgy_MHAxFto0o@OQv-%KI{L3`b@a;i1RQU&-@2DDe`C;;~j`QhrE-XXc5^{eyWM`
zlLvo=%=w}CvoR$HW!5At!#K?2fma%Lq$RIGoGE&$P}G8g<zEr5Z_1-HOcAkff_Yx=
zQH!Bt%uxv#71(GIA+8AE=i>B3U_*2Xj<|?n4xMVMY8(wximX=#nax3_{9xAj6Y4a`
z_DEn3iclD`VTyGlPdRZLSjvhtG#93(Yct1sQKZMX-5AJ*+mdNiA#0>WS)|F*DtQqo
z7g9ASWKv9A%_K1*qd6m^*^45hxjZ%%w|d`+X@s5W02*HT>*v`8P$}a$4~vS5>$%eb
z#=7qqQ)j_j1z&s`#^+qN1GYPqlz4Ij{}B9AB(89rT|mKc!-q}7Z0u&P=eO7##;Ib~
zo{Cd(yB~i%=K!4Uq3C=i1=LK)+H(nnmQvO&AY{ngfSF)6_BYq_TWV6<B4^(-6_I|5
zKc4e}(D^es-9gOfFwva-Ac4_DH!;xz&Gr1EGd_xNdmH|E&QFET&ob&AXri{feKp*L
zFx|X;D+8nHeje#9`y9rMsEUNWVs7{XbKKip&#&A9y#W;kBlsEpd{RH3)z9bjbCZ5<
z*3akhap#~>@LKi?b3L;XSpySl9)$so-eof4ZuQ5D3{i@3pI-Z3%pz0hYp$nLY!keW
zdeJt4{X87@%{lmBrO5s}e9jlq`xZ`@ij6%1`UgN5688}}6US&9Jy>%Rw1?b}E<((5
z^9>vX<1Pw27;526DbKo$qE&Ih@x6XBi;>~8NDrUq^uz4o`?G#tz{foRiMTs4r8byf
z)&jUYi$6#iHjtW<cC(1#0-u*N4lDdobtP+kvDBJQo-5cppiuF;wA;G_W<SpcfYQ15
z4jPT{PR3DJCoa5n3|@Lt_nOM&HJ4pm@y#~F)b7&9z4W9Vy4<VT5S8XX*$|a*1VLe4
zxOV9Z=XaPyrnMNYs1sB+z;jI)%;xD8_x^e>ejesw+P)t(EM~3yl2q2yCkUx5jvuYN
zfmIr;DNRk=KSW&7F12`Mk<_CtVJt=UXvL3>zI@SS+>iI+YmwG(AR`OWByK1xMpp1d
zN=Q9gMv`~bPQaPI^*F{22yvM?Tpsh{FtrU(9HzGOgXaJ`h{W@38|&13kM<n9D4;zX
z&c{O3sF>^dwHITRu;#Iy%ni7QV>WW;dVb->nXicleb)199|=|tFdjQM7C0x)GS(H%
z_4L_f=Sq*ffr`O&^R-Y7NzzJlLzl)n455fcpMAT;;<Dc+v2ciqIz}k0x#0qqa~D%A
z@yRivs1(7RI38M@&yJ~NocAJ0iBzm_cFtk?p!FvrZBf1{)lW7z6qtFJbJ29koU%?E
z8a>%k{q5!kh^-j*F)bK<azCt8Ut(^60Xv4h=Rk=^pBGkh?gD;v#O;s9*_h3_hq948
zdm2X=m6MF_Zy`y;xYVdzZ*<=cH`n{Op<jl^^$R6uuOeMtAt<pcU+4QMEDPl*ruJZ0
zqz8F{(_$xf6}w7a%UNE_QLZX22Oe{B&TF|`q~%~n5vm)lE2X*~<-F5}!YKL5It{o1
zT20VGOuOM!U)}8Q6lsmWmG91_^95^1l&PBTv1S8{)Y~}_ah&7u$2|aT<%vf#&IbU=
z%d>3-Io?t8XCVqGKKSUvq<LjN<6e+aXB&#R2mC}C6S9<(Wxt%4<xZy3G9GTGM9=V`
zoU%=Gu*kLPx+n`ApCg!0Mi$?BTmbJU*~(1!_Qy4M6;@R+*cvL!*0#Z(f^7lU^G($h
zJYO#^2y=1UHaHE17MBQrtf$E!<z<P}(||%sv?33x@0=H6FVNw(ywKkO<x(`xLG@|Q
zmH0+Ro%1l8QTT?e-Hz(Z@B|;i`?`Ce+6}hPD5(RktB#U(sLvb~QZY(GA)}@^Hci8Y
z5XgfLzen0R_w6#Sk)+4l7{=S)X0##gNni`Rtc4tLJA+JO6@>+#O`W7XO6R_f{(-e;
z^v}BxMmpCugqw13JH`LNumO33U05?~jW7)jDdnso$Xm<#fu65Ecl7pq=LbGA?<3Q<
zpOzokE%WM>6~9I?6tv<FI7fJmC_k`Z&)wFpcuImk_`9>#uE2#lK$*ab$A|@{9R9_b
z#piB6B|mWg+(Xtc*iHQl4j6%j4g~h!y8YG#J^6v(zWlyRS6nLbOIN?~+JfCj{s2!-
z$cha8<)GQd$j<~gi?!f#zWg!*G0%ZXI-<by2*hbIfGd5>VQ1tjfslF%+VFeDYCz6e
z7vLOLU!N12qX-AokIy-m2cawLhvgiSQ4L*I-!mtKO}$I%BWTejY*Bm{d*AK7?^5r(
zgZJIe`@W4|=Njap-4LO{?8}rf2ZdgMzD(I`(0|I%--p3p#8Zktz!x)yQ{j3n`9n)Q
zq+c>o#N#^Dz!xH#iX5VQ;XFt$j&+xu?;+n@g!b1FabwoI4~YD$MmKqBKOO83EAB55
z*-PiQ{}1WRLwObl^>L|5_f|y-#(sOdmc^^1i!-TM9hU@YY8zd?*h~23f3=Qz<9O^B
zmP$IDE47qN8Mz6i^9FRUs84O$`@xCrAN!;v$G<R#b_6^k!EUS1^iI1D;;I9ckhFau
z0`WPBI6NQmPOlyu>+%k-K%gOn&ZrPNFSJ_aI;Wxsglfw;Yiuw_In}W!Ex8^fXkT`j
zg6uhPi;b3&^XVWgFZ4Z3s(b5Kk>Fshzj2+7OZLS<9O|$()m*natcy^_YQ9EGemK^X
zWu#<)JWzm8$_mlcA-_5+v|T*Qzle^-dz&C#>L0=M&N^?P9O~an|FXOI*J491yAjS2
z*rUU<DPr@nzko}ulW#zsWEjG9|7`9X$~7GS&4mk}dHBds2WKAx!e=SUeEkgRr>>ud
zeunXJZ^TTg7Dx6EGoFrokB;Q)*||K1+8Aw>QjeOw6mNT_G&SPwsFZp`Z>2OX;%O6G
zPT;6%84SlJ{J1~CZlKz!picMK^c8*I!}JwK&^u@m>rCziD!Lb_*yq5f8v=P^CEN>%
zHXimT75i*PfHqB|Tg>?Xg5rTOkOt9ThLr1Fm7?sGtc5d}PyK+%pc%wy3P%ibrxKC%
z6Aq`Yu|wb|$E{g)jjeKSMq??v?<`#GFN3^o>q7CLQ3f_vr#KG~%Xt}pAx9h_e|aXl
z-RoRAPxbXbc14wk@xw^h%g^}oAMU&v3&6qchIt7m*HwN3_$t8r;U|qEe^1)79p<lT
z?LC0mpB;vk+}YS=!Buf4e=>fPP4*^}j6D%&d&GI*8St2T5H|(O<BjxUBlbp(4k`ZJ
z2cC_i&<kzUH)?b!irTOEIMRfus*>(`hw1Eye093Cna+N`r!h4Z=4e_~Kg)NF9b@(n
z+YVZ)n5`|@C5i=#za!ug<aAgh69=yLE<rGh^p3IGSPCcQ&e37j_a?cB@)YNtXQU33
z_RDa;LjJgtnT)I7)(W8J_JD{^WQ4`Yx8CVoiX_YRsm|x*Tahd>x_C(z?P;j0?BPd3
zA4(z?zKif1@qR1u^?&u%&bN>l)GjYQsc-Q<eR})|+tm;t;s2#4Sxt<g`eNr^V%6t6
zzn1SzXH33RooD4cz9_y4!UEVxc_0}KWbP6+(6+&;9-ud`CJ3!HsB{{H+S-YOKa=ZO
zfQ=3`oHvtdWCl$TXiE4}vJquFa)0}Ce4jvnr=-H@d3jl3CcX>t+X=tD@Ixz$RMWwC
z6Mn*d3~Yg`<h+cs7wcyX+$BD98+|7YaI}}4PVpV-VY2qc`u_bZOVR+v`fgqT_XyB~
z@sjA1NOQd~HcheK({Giem5TK?##bnKL-(B^34^B9Sw-dTqv3&!stk`PyT1p^0mrpz
z)KR(}IKNWvAezTI4k2UH!T+Cxakqi9vr$&hdU`f;q^Vp^Y%fed5TjtV>d3ou{RARA
z>|V04=L9=!dcoNC@H1fK(Q0@!Lf`J2<~zE5hXkQ~ym#?oe6jq1|7P6b8RjUHlFdp<
zR&rbe!EQizjGh1<r{YX>xMaG&L(w+TqoAyJ{4M1eWrh&*GdnNYUxS4yI}6a@`7l{p
zAHsz-0I>@ZPM-E&v1K=m{fs3|y{FH2bB`nl|C)cMZYIyRwp5UI^M$}WnO-VsYiO0;
zzXaYcdS42>Q|P5Kw<6czr3@w|qmTIrv$AD6(d5q(Ue#i@&Xp*vuqGM+*@PGHwRixw
zvtGcj{QzhsNE+6GXgbZ0H1KiE3DX(^Z7WKeo+c5<JXFA7svDQJUquogb<8<$_?`wt
zX0wn|&guP>7Y@)G1<mn6!)-Zdk?%qHQ5wEu1av$>&R&3+&dG#hQWo78P|A&O^DanR
z2M1;Tz`s`JOZ*I205*<PpixP=&6yZgpFp1O(OMR^P>awLq*$M8RjjqrQd+i<Y11~n
z1m_;hFs`)^XP^(&)d$xD&w-#t)-QTx{i4HLzn+hy&@1Z~9UjV`<0$l&C!257=ung<
z^KG6B;kXW)-=P*dY$V{~i2^R0Aiybp8d8aPD$YO)*zPT0YsbTy=LH!x5gIAlhb9WR
ze4>E!gMiP)le%Q0fGZ{nxF87laXhK569rs3L4flDD_y=ZS~q7Aya||!I%I0ck(=-L
z>4UR2mP&JOkmU#B0ag%jNjzXM2)H&LFfR!BLOfu85Wp2H>>lS^z!OPV2y31jl=OS?
zRL%<m9*zY#&oY(ipNXZs0AA;vao9S-&Wyv(X#u;u1?(GyJr#=^lJ7)-Q~NBCcgLSd
zwF2Uv2yoUB`N}wQGpK4jz`2XazmFqt4v^ykPUq)<d@%lm#c(bk4+|HXB=Qf&BRhW~
zY`dGHiH1v4BEVS>Jm(8><Y3`S1UQcqx##9s%E7Xh2ypfTo^x>w+4)`zSoZV4+Z}%*
zZLp;U>@LFIh~q8)!g$z5!oH0^k@SpPm<RquU>6Yf!#J#bD_}MJiQo;5hc#cv>5CHD
zm2u?LiF{rR)_h+uw=RhXynmvAQzr`ec@S_{EGg$%=3D!sS8%zXwlmgEEb4O3x(FfO
zIjgMvorWwJX1JC?D>Ib^n5&it<_*T71p*P3mw=xjJFa`G3&8*3tue_Xl+-JCF+L9}
z5jSvr*GU6=&h99auEKfYD~k0hwqgNLISUkPAge3*Uf_V$b>eimzS4(3>v^DWI!7=T
z#qP^+h+vq`yXmJqbr~5RQ|7K_)#>iTcvEmq*!?l3bEeEyKk$V_V9!>xAPuE+I&r7M
zxw_5T4oNpU-5n;v=6oVHr;1`Pqe#?EChwf=7ZmpA9LM)GPBi-qe$JdhOp7xFdnB0w
z+#+#=(^5M}HN@&NlD7>`cg{m9+XiPiKa_8u(|H^Geu=MP8%8Q0h@BRy*hy{;LN`5E
zyQZ3vA%d-yD4Me!<fT6xf>tv|$k<dey7eVT1N-XTbDhJG<2c5ylHFrAnt<Cd^4mCb
z62ZU{eEqE$4%NgM(n<KP$8QUMFbyq=)Z6go?^gUM>b@7hpW+8$r|~3yFW~nN{7_aJ
zsT5(vbbROI$HS#n`0b0|A^1Uk*f<`)k@w<{%O)w0xO75nfuos`6Y2i3fQjn<L7WHC
znMaS8M|kVf?G@(=Iyt1uBh=H8AyFO~q;ox>Z6mmyX}D(y0<1k4?$vN2j}+aXRQKOd
zZg-oYJWJ<K#rYVWUWtB1HwRByo_lmn6tp}-xxQNwC&g3lfH-fWb5C(nHt(*1vuy-=
zj)uDqPUQVTy00KceY5*<`JUl^SH8A;pL|ao;4asFKs;*)C?@bc`>PJBhOBg-5R4J`
z_wrrjrXk{iQo%eor;a|i3`e<Mn_yI=8&mOQQ8!GRoq$oJn(x?~ZRWhj!`I!_d{?#5
zRV@OkXXjs_OfWHDa_$Xqb1=4x19y3>T_-VKQ|_p*2B`f@K7Gmd_W`!Vcp%`Tap$j!
zIea4l)sBe=ZO0x1Xe<ueNAYWm{HDUq-=Ozfj4yv2%y0L8@4}bA_j^BTTk(f868Yh9
zRR;GB_(p&1!Y||Zb^PwaZ-k@0R?Ux4q~YF2p+{lldvyO$-8AS{aBFDkwh_*df;&sx
zoG}I0<o;*207!)jN<<Z~MF3j^jJi{BZwP(I72Gd}zQgd;SLoZT;4WpN^<CTtr5N?M
zxeu#jxEpVlTkd1(>v#X4jtK^VbY8W@aj-MR&k%W2YtA|n%S;u|1=SY9Y;_$P7toUs
zSsO26hCM#q^FXkLs#LUJ38+u%=F``Ew4;j9%a<Q}vVvb9e*5BgIDRMK=i;{oKlaQu
z__4u%f}b3B<%MFFM@VDxZa<a|NU9-O!j;L|61>-qQi+IfC&*js`M$h;6GrdaDzsjz
z?owcvN4_R89~Ae^aHDzrL_Z-xt2EI|#dDZ?&K8f&NcA)GcpdJYXb<;h39O&^)_Hg3
zp_qQJMBORx{#YE_X~FtC@id%;xuKIS?@F;InxGR;jbdX39x5w2hku!}W)y8Bo^l)D
zJYC$2S*iWgh9&{dCqtZ~y94KTzOe+c(F!}EY(p@LUchZ^_eU5fLr4ZDZEpq^!w(j0
zU8`X_z2NRaKx=9O-O2sXX!!Rc`nwn35(rl}zLcdB{+YDG@4`0<UzatEQ-JYME`+c3
zSR~PG4%R^K`Ax%H$||^X(`9DuDkZ#Uv92agZo7|wRZlsfTJppcl@S~+xq}r67C{b!
z5`G+wEXfS~nCg7|7)BW-zx-{F--?KTSGXx5-yc6Nnrra$aY=8E$L|#UPQ&jE{LaB|
zD}Eotk86UD`)RmGZp0s11czkJ8<OR2NLIQbS>%RfeH)UcZAg}~Az7`4WT6_8b!kYJ
zq#;?2hGZcck~L^Z)|nw$Wrk#p8Il!dC|qCQL?_AW0w?-KowBkF$+|KmYlzq9mypkJ
z{)_=-?GQ+fM3(k3#Km&#$zl2fIm`g%FfSlhL=Ho*$YJQP2awR*CSx=&2zF{KzT)o!
zB;bQVz^Zt_g+aid2BR??non_V&O~9NF0A{8c!2W{BJUednU+@+IUe8?=K>k(x!x{C
z%14_liX0DcdWihJI5MrZC~`c&p_vv3qSI)~wBw@4@c`#Y6xTT|UgnJfay-Dfh{)H+
zkw*jMc!2YDBGW#MZo{O4v>l_xhzB@7Au=t;M38A!Mv>zI&J#p_XB?UKW)wLd;JilU
zj<3d2rX?ChrWu+@mLCWzGdmt*QxLFyJfIl_>=_T(90aV12W$xfPKgJc9RzF&0yyp+
zj$$3uJl<{!j03nS<2i(J?217kt&!kyi0X(9@i-EjGB86J2V7IeUkKy45~Dzo^f-K)
zGMYj>j*_Mfnh?gp(3G(e!q}!wY2pyZ=4?vqhA_5dQyMmeu@RfnrXh^&*OcZAVQjjl
zv}6e5SZm7A3t=2mO&MV!j3cKh11W@YfHY;i5caR^$vMzl?8(_1@jW>q@jdx5-kv;V
zzyytf6Ujiv&qT+`_>GVv=9Fb3B`oLn;Kqzx5;tj}i*hiy65j*ydpCYuS5C+8Z2Y2|
zvs>W*27ceg@4xW-4Sv7J?`8bReZk^6t*B7blP9~zZulL5A6LeawfN(1AT#;M$#4$*
z4w2kj#LpmIEY!ab{R8;pg+uya3~UMg6aeUoqWH4^dR&r{{nv})<Tg?G;<iU#V_tK>
z*0w$JJe@m>^9ec+5hpL}xbGJySwi8S+a9@xPV&udk9?g@GR<v|e1T4K%x#Z+l1{SA
zZI65uPOZ}q#eV_)28$s6v9mPrTMQg~pN6RCU0OBu9IW+H&mIF?n8AY*XGG(ur|$O6
zVnVas?c_U6kDEV?(Va^kx8V3IcmtO_@pC8?d8QQH<eApWsyOc4<7m_3cpFUBQZSYF
z18`*4@iP8+rbTY10mjC(??Zqb7{gpn&AuPLxngoJh-GRtoKro+lfR9eCh%No_@33G
zAZ6O42oXyo&;#zaKS1C6m?6)3*CW53INnD$0gh)i>YmdaZ35sv1`Up4w>i3*p6j5<
z2=|tV`)uExb^i;fB?RNPq@w0r>VE)oZU~`%NI5S`6(~(jOLMAJU(TJ6M0s}pKP`_m
z!g(l>1-=!MIG%SG#a=%4A$ZVq^nAaxtT%LqwKAm|^l_<@mdyeDK_3kFg%S5f5%<Lr
z_lF|xOMJKJ?L-?xO69Or&04e|(Q>F-+~ej3@U1wTHrMlOox(`w2Fru-YuSW3*JI>5
zkK&JNcH*w}8Gu`(420**sOPM}BRt{3Xq%O26R3<#LBC9z3~rB?97GR)6Pw9YMd0ZS
z;gyH1G#>OCHX@}>Y^3^RKTKn>J=y3S>)d$1b^46Uiy2{DLU=htA#8d=cuzwi>;ON<
z@ugu1FLPw2)BJL>qZq>b9obQ);D@l=7{V(b@ep?6Th)WwU0Ncx6VsrgSG*q7>x$Qd
zDqit=Sb(&y2lc>O*Mq8I@zVPBpte{%B&<h9-sHgw1=_=l7DX6xOfBV>4By3_&MO>9
z^KSPCQc7r3DO<~>fUpKXQD(^vec9cL8V@>)fokD}gyJQ4b2NS!u1z1oANMi_oA%}S
zaDSIE9LT}>PfvblV#QV0tiUxJE>WfF_TSz-1gUSc&cQGfMU&}1{8+*VyXC|b0^cUj
zC?W8b!(9k`n>_x6z_<B9el<Q-Q-b(gz4$y>WqclGGCt3M8K0-5jDIP=8lTE6LHs+s
z_&k4Qe4cnRK97nSpNFZ8e-*zP|6XXa1oh%kga>~TNd@q~F<r&4e9c(b<JDJ=M_6Aw
zOmBWPoTnrVUl)e&8V%=R3Bykd!`C1@$d~7gUcSczZh^b0YcYO}V)y#R;3+GU;h`$4
z%`;S1n@6TzbRLaP^}Fdbqy>CAASFIeP<=c!XHY#JmNMO2_|<%Qz!aoYW^*AO9y2i=
z9xZuzAB-3Gin#ZBc!NsvfYpn2QylGCR5B<G4`^AKTf@Te$kh**qgNJ&=c`_FJj@ER
z;qjISzayT__v7B5#=Vcly)VM+=h^&)G<0{9XIoy{ugB3#UypU$jJS6&?%g%+Ju2=U
zje9>7_kJSoy)o{+BktwaN(a+<oWtBzMZDZl`OVf`Abl!mlnMk@zsT#3g<&`a0YSWr
zrJE!k_xu6;Lm`~o`v87P2<J{dfNu@q+_XoE$!&SW%WYP~%N<t4%gt59%Y9YE%dJwx
z%Ux1XfW=`2zl&B3;EO^yb&h<v=p1dc&SksO9=0YcUaB(tXiaKEd1$>*c=6$Kis->b
zFG;4nM5h{(kJhBll!ta<HkJ!-Ci=bP{1heTr1&GhTByu7V(3%g4bbPoL-ZB=Dmr!^
zL9WiB0la@@w|~k<QnbxF8x`(9FaUDgD^QsI{wY2-6%&~S=`Lu7LwX8Y<&f@yM2o%#
z&jd+8cqX`6iZsLduzdTR>*d>DaK5OHqC;Y`ZLq)Okb1yT7Cl5b+8h!HINIe{8;%Z#
zvl)&~hw~VYio+=h$7F|d1dgi1sRT!t!%5^-;s&gc!HMdRBx|%Pzf$voyAa;z*O6+c
ztRvSp){$!h>qs3+*6}roKg}VfVI4^`c<#v=?xpv;Xnt*XFudED&9COiEm(iq&yb5C
z5x8hELoPDRkc$R0B-Li4k_<D$T_wR8&f)Uyb4U<T<AOs{2uIN&WrCyRkj!{_V&`E5
z9lRk@7VNr$w)v1G+3k>)`DKN4Gl)l`rf`oBor{{T1K*P>)=KrM+1xedCK-;rdC4d^
z7qNPn>pr5C1CO)hF)z*%#Mu?Rag*$dX^NmG5}#1Lx2QoA$0w6BK0cvu8UJMD4=F&!
z`6OzqubC93EVw-*LKK$3`Fs!<g?>E&O~IyWeQGX$O`D{kHzzehzWa!B9>)@>_gby0
zXh4Lg+5k%pl3-tZ5~RV~W2Hrc4$%N)E9V0W4fdMzT^1#|ug+Rq5njqoS-N<dKfZ{F
z@df?n9_LYUPsM$>Ugt@=t&_=D$}vjTAu-Uy%v{dJ$p9GG@UkIH49Xk`5dHyeh@qT&
z8P7%hGG81i^Sx;2Q>Dxo_+`%hXR9)YYM)TsENiwxeQ_#Q1Zb*)<T44BEgHG3JESn7
zhaTDz1(7Cd8ME$)f=C8^&_x6VZNmcnD{bS~4?34YpB#<){a^P<Zs;7DP^OsW9yX^8
zd0q&TiZ^nO(G=K~EEO%0UquJ*1E#HyYC*YI#H~a5r#pi=7~D<yL*_sw%5}7Y4t)vW
zqNxEp#RJGLXuy&204}E*V8;W<Xtaz$4nqUZkH;X3p#j&$1IS}&!0qt>G8r21lURTZ
zXXnW{>?L@e%r~R;b!Ncp%#Xv!ayu(xu!#C$Jis}C37i;1cFrg4lX2L02>V$a_B3I$
zzZEOcvG68gx3_>zx)XR)@h9v&X9vPI#bI2}ojc>OUlH%cIE;(2Q~h=<z1i?OJH%mR
z?VW?-uy+yfv^b0`ymL_;b~W*Cio>|VId{ilT*sY<;;?5JHv#)6VR*YS+6II0I;-Na
zV`H#@U|kc=ldobWT!nSP*HPzO7$?8ZIh&D?=zKLQo`?6><Rl&%>|9ecbR;Khh<K<P
z&ZR>`in(cmUaseJz3R$~T+^k38PwcA%q)bemE?rfU9519Wgjl;WL1T8JjdX370xlO
z@HRP1?O*9m(U9vSIfyoymjeg3pOV1695}dRa4!cAW<LkwhdFRaYsh3d!9@s_M%<bf
zfHOma*)$x&e(F-M(-eurSmB=foTT7rAjh*GiAqGSS5%Ja7~Cr=$F&cq(vy$Ru^oeZ
z_#EFpT=eI>^f|_3a1Wp3+=o+7%1@tTJqGviIo=fxjYF*xhqe#;jDk3_eb9vjIky8c
zPM*G2NcuQ=`9{;?03S?=siVPk4Hu{E2PrncE*$rv-27KDx%q#`<>riLhVe4S`@tFV
zpROx|m@Vp>OZJIew7=hRRO0k$Wclw%oFx9gA#sxU|Axd#;<u1E3A}~GN#NWe`8%|P
z#7V;6LgFOhZy|A#@D>s$frk<&@%}F)PJ++n&zDd+r^&t|A#s9)N+nB*AK669I=Rgf
z_`e`=61-62B;HWsB;FPhCxM3&C-J_8#7V;6LgFOhEhJ6?4<%0G4JA(E4JA(E4JA(E
z<xVx||G30S!b6FZc)3!m&_TSR#7VrN#7VrN#7VrN#7Vr|k4BQ>Rxsk_@*44m5+{ip
zN}TBJ>-D!1y6^86&WhU!4wGPSY~2Xl{?7iQkL~ZIRcg@V?Wm{96-L>B$cA^CCq<a<
z?X+ij8{j@)Bv8=pz9f$=q?~^Qdq|R<@q0i*-*OMwV&6)#HNn1hZBw#IZq!yQy_LgA
z>t+(vC1%94vlk3|FcL^!oF}ldC&Cr$sNVW#5L<S2-vM<WzpIPv%nGnC<6exTz=`)}
zf^v?ca8Bs@A<&Ot2_9k!$I-FeFQN4XmL6r}+b+-HyF2-y|5X{gN?GemNM*{>d0CN-
zNUp=ZSx3e+xf$*tWf%%;)1D4rbtu&j$chk2i;5RX|AONd`xX2t!I-;9iGrY48T7gY
zP0fn9NQ260Ychkn8N^que}%Tp>$69>Mn093Yr8{E%O*yh^*-hz1Kd~JEO>(}fwyYo
zu>Wobp6vPlS8by$gI)Ool*0NVlZ#e&a;nd|4L}jLxi6vk2qw+bdbN4M?rRznc4-h&
zWk~Ca;c+raT&#47E(kR&cuuazP&gu&8?9OFG&uz#J5BY5J59u68#Kyr;GeGcb;MCu
zBXAAF)ntG(?JjWQ+vAV!Py}`WVJF34%`L$mE*{{VOXOSP$QuLXc!2XDktf|9&8;~a
zAjbooI`EuB<H#QfkmCW)W+LAdN8S`5#{=}*)-Phn&ZK*gKmx`KTuIox@p#Sf%2y%*
zx$<==VnkZ^Tqcl!@$y#^cGGygW_VpJk-&pQelnI(^Ti&2+x=2J;4eYI((gu#)_f@l
zaN_|l2LWG+2fPvl{4E~v*C1fUz0o}6x}CE*4*LcK$w}CkfRcbkF6|`}*q!b7L_ATs
z$d`as?;D2~-rP<mu!_i=@F&uFyycUGeX|9gT;EH?{aXvX?Y}oJy~vfmL;`0K`78Jn
zDG;w8C1EeNz>}+giMYexA0PLW@vz7h!9)VQ&E$L$F(L($Yl8{c(@ZoD3-7=u0_19x
zGy4azMCE#60(K-&5_sWF`b2=-Hgw|CK(8StU~&yH0ptBDCq7dgxtf@O$<@RJjJFaU
zH#RjKxvrRi$#um9jQ6;luf*fZ6~+XN_q?3=^mF7|V*<t-jZR`V%2me%><TvQ*W(@V
z#}=^a{lMD^e<Ho_wt!L2<J=g>`#$mFu!stDJivLH$ZbE2WwaFD1WdJ0<pOmAc@2>_
z#S{3{c$liHN&*Sw`-%KgECJR16y$h-Gvh}<-V=Yqc2T8JL5>GFrxE!RapX|#I3D2K
zN8~@okmXjNQ}}T-H@V^G91w@`wx4rV03$CT>%Q|)9LD9{c_t3yDxSpSVx5F>O-{nN
z^d@0kC6h2NXh|3sw8*L^WhUiM!bs(lFw)K>jN~f`BUwtqNNJKV5``peDJEwU#z~xn
zal$5HoSaD*Ct?!DiI{|O(j{S>Gf5byK@!H1orG}!Ct)0?Nf?J?62{?}gmE}JugAv_
zhhq}P;TVCDD-~9<DGa0>^$Cn)P5HzS#<A8Eb})o-tTlz}3t=2<%AkcXjy2__LKw%D
zG8iF@<4XC15XNz(OLPe1xYAWJgmGNyA{W9qu5^tGVeGevF1^&3{T9)s7a033qDwC@
z_FF^;U103Dhz`2I*l!UXbb)c6D_765h`#KZ*fZ?GeWlLB#XQ_Aq}=!8K(1In%v7o%
z(7d}|fV-O7^*-wH0<D|csU9k=6%}!ftn?HAG&f>~OrEf|GcaD19r~JVNmRNYp2Bv*
zvTUWvGDkJtyKw)UFx7R}eGl@Jy?e`Ka9_M8g>90I=&^xV4aH+Uh{t`?{~VvR^52P1
zy87?L=bV}-zG<)?lwC|z|BgsheWxgtFWkvJ?>5u=I=<M7r{yh~A=A3U_x~9t<{+4G
zpWxS*oYd0RcNx+5Ly{u?6CzJbr)v6Eb&C-6C||MGkRga>yyT=mGRF6zor4?I6V#^*
zSJG>3SuOFbj9B;|v{Tq<mu(Y&<x$i&oU~5C;40PUWu-2|{Tb^qRAJEmJ^q&MC-K+A
z6nk1F+;LaTWz_%IM|7+|N{naZ?*+62o{@r!T|d0R`X?sBnh3yp4qliz&ossA$sak5
zI&n)gkbPA1uqqxg=+F1q?3WO!jPJ`#>kjCswxzT{fV~3PZ~^z}KZM2>i{yj|R^Qrc
zA=0h#0#jEG)`Y(bR9w*~&w;1cXdMh@q4Ud*!<j%O4};>O;%YrK36G8(NEiauYFc_^
zCHz@uF{Y~=hb{X7G*gm!$YlpVpK39y%(cw;8I_`(E{L>5{@Cr3{m372(4AFQI*xf4
znmUGgr(kj|wd0u7%!y%MA(*ls6wDsvzV0)|Iz`fYkDMw<vKbVlDIQY4<+aSneu5zz
zF2U#p28E}hdepztuK~o2sDW&Q;%Hk?gAfhRl>tq5JOLV|LQ<#@?Lk44eT|@XBU7UF
zTOrO@1V`iw0nV?9vogf_u;7SDfH=!G!|x{*L3^*D?Hly#4Jh-te!T(rMuL8Y`B3sM
zejk)3=+_QOShgEd#u*h4^Dg8N>#ZlzeOcXvNJ)PMzmGhwYri4LCk5qws#ST-XnD(7
z6&QIfRTi;qw55)hBt;w);7E%{nhB~;D5J2{UTw+~)Vo_Sh0%^<j;l9CwpnGriMi|%
z_$ywr<Lb@WS!c6f@5Xz^b<*PlkxqipR>W*lgsw_kveI=ot1>r1H~|QW8rKg-(SqFe
z@I1kxxtx4g+mnUBBaA+oX_pH<AVqk;!0wQ_o~uE#%DMuq1+6pwfQy8$qVqj^XiIMe
z>M62zu|zJU3XcuQiZh@qgVIw{Uz@~N@T?;kKWj-cShr0hg>HBp?K#1^7pdE<WZm#6
zH%|R?VhK}DVj<WK8h#j_VDt^oh>*nLPN<*yEw=1@>91Spr)e2V(ZB0^aL4@#y4Ogd
zotGkT+U)Y-ssHjK1D~d|eE8G|oR+hEI4PXk1uqG;Q+O9N)+oW%Q-hF&0%O2-T8nb-
zDg0ef3_O7D1bGjesiD+{PvNPGMt^EOzmz?ngM$d^z^r{X^#f>Hb11d`S_Iq2!#!wS
zijxfYSc367t-Mj1$NDSwX9<}M)3%{SS}9B3*b{_wFP24&(ZePsm(@}(wD&$dFW0<`
z_iwp=4)^Ao>nP0?Pg_n+qRGm-n<@6(#rQB@S>fH3yxd30i;3a9&6_BBo3~H$Ht&_>
zZQdct+ktiAp<MG!Kkdd*(S=;z?D<a&yf)2bJ&g(%>^lMB8w-sBEJSmuu1~5}@haap
z0Wa9!!rv}fwf_&a3U~uCCyeV=xA3?pC$H2<EgCDw<#ZUzRn0}R(#Sdca0Gx2I07Gc
z2K!);jhzcE_csoT#L{%dJ_;-*z-ofdqB$@w49mksvD=RiP4eSIYyN8IxS-h;#Lh8N
z$ITvX@MWLp01p`)cNelid;oSO9C&}dWbX#Y`s2|$)&g+*)pEV+1LcwQeHo$b^%PAd
z+gsR%u-2?eOcg`a75ame+#D+jOVI}*GCl|E=Meq8LqCV&<37Wd#+&e!b~mjJ!^dEx
zm6u%@FS=O8c0b0KQb?;l4u`d#K3EgMiP3yaH}8>E8CA3=vVoo6m<d}R&m$jssHRep
zks$4*FU(A?<GFV=0zFw?uff~vtfH5P)+HxzvuN+HinM2>P*txVPe7j4uI@^gKKxq-
zS&<uxcwCZYc2}{U&Q&a~sD|<oX*x)ZPCEKz9zH;-L!ZpSz!#W{#`MHlBTn=9#HT)q
z;6rdHJAi0n5Bt`sgGn7ia4wlO&P^M}-ZH0u2h@LKPWPMkW6X?(^UJlo7|zc}4Cm*X
z+XrLwH!V6C(^ca4V075M{KHv@w=1j%(IAat4$oIu|IM~3SZxTFw~{IW9{J|UfsaPs
ztAUSJhXCjTpwaF*G<6yy0swYBWNtJX7|a8VN7LRgaE9lSgH+lo<w~274)+cYUOdF2
z*4xD@_YDBKU%{UkWm=dVG1Ydhri{gEN6s@^4hu$7wSR%ubVd@;$=|88rZYloh7z;}
z`e4mEZsh1V2H{~-OBp=EQ|aRSvLHPA2$3a(2bRv2@KlxXR3n6EvgSQmuGGc|&t37(
zRl?JSS>X|$u8>?P;h6%$;{ij$GsUzYM;WCf<dn5qgNbt?D>e7s?382JX`F46u1AgN
z52;b7P$Mte6s1N}Y@tR|Y@tR|?2sDuRJtoYZd;NX{Z~+*^-??`L{q&c+<|kxcdR_u
zc_tu3m0lqL)oJ|$vSF)E_Z>58)d5s?dS#$8t-rrAz{jBmx{s(105AiOLp@om&P4c(
z%1ngsQklu{nFyZ=z;uRJrbftLU!{+)j^LeEK91F0nXdPtD>LM4f2M%;=~u$m??rT_
zMWQtAEFA!ms?GAMCgf~(qH43XYI7=c{5P)#Yt^}U^J=g%w=zfHyqe2m&qcB462>>L
zy76Qv?`q>|QlW&ag%a-hQ*v>yfK^a>=)EhnDAln`s=Nnu1#o*k-O-yCH)TBsp(pkc
zTD26@vuCN<J%kIta86y!SElq40c%%~4P4}2L=J{-HU6*UL{@^6tyfSM`!@Wky<yhg
zn543#w3tla7wM;6@(-YeWE${Pbw1~F3^2V-h9RpALtglWwp77%zsi}vVDkbna@LiU
z&Gj}H!maj#mZ9AHvE0IyLnDQ6#kgfeDWw`SbJlM_)$De7bJlO+%nE02JxpjDp;|su
ztT?pNF_>j`TVte*$cK06X+>y%$xrM;XPr-?rIquXpM`~c?h+J6m%g@<vK~STs4Oli
zJkGS7&m)pv<WQxW7tm1~mq-asDcsOLrWmj3mZ+A*I>8i6IkgaErtIG{y`9aPbrrJ1
zD_`i!^pK{M(v<KX7=bB!D%&ye^{UT)76}Zz`R1FO--SI$$~YADdnfh|sh)+kRBd6W
z^G6ibc@2Nuk0OVSwV~8t_nLPNcbk!z#q7zclh^k5AA1r8O_*RYn>wnL&8<mwuQ{T&
z<VmlsQ!*BqM>@3#zop=^o&E=WMkAeCgO>vq7gJ!huSSkXcuAIWsU@%E(hFbAg>{(5
zI_&J#FP*Wc)4z{tKZiP5A4BBkV$}Rd?K^#ohJD;Cq$AKHsa@80Ot$;7cjIr5{GEE)
zyYW1mROHnDfnz+^yN7;j?E=1I3kRZ`MOM<8TR0YHqt*CtrRO+srS)-SzlGWBIQ?6@
zVyNcH62R596s{({&KKsQp-(|O=rNhV&KVDDzBka~NFbk$xX#t_1a27*Yn~J&kU)Nx
zxjh(9;GXfY=E*?<3FHOykiZ`@u_~D3Va-#51QN*4vA7A?=}aK^vsj|5$HSU<8qT{_
zkw6|q+++gxFaaYQOZ4*bu;yt&q6y?xOf&&&w*c#lCpyMN<FKX^BpMHJ-or!_u(eDS
zPoYJJ1@>V{Skny>O(1V(q6ye_gnb2nB4h3T@i5(E$}w#M`O)#n&gm@GbMZu{{CqrY
zrxviITEMPldYcgtDdgvgmw-Lk0`__f*!P&;%wNRP+aKN}?5q~B>sr8GV0zz;r}t;#
zC1BHjIUcr43s~=b;2n>ENPRCOUIKP!3)o{VU_WPixnIT7yLLRR`D|d-D}lU`$n)a~
z;6=J5toclkKmvJa2*~@!6L^^k#9__nf&}6L&ifHp9&Cy<$@wi{*R_Csp0MxWPbBU`
zEnu&;fc5_xad*I<NZbQjz)oxd<3&JcLp<(rY={Kx!;G7N-P8hhM+?}GTEO;ek;kLs
z@tSz!$fJ{q%wHq&lm}y#UJ7p#c2Eo0i7j9sV1W|pZ61%;{5UsHLSz!i*Ae*+{E76!
zgDqgMw1AcVdwkrFu|SFRW{<~fUK123fxIh`kHViwfks=vKHdWM#TKxyvOtOSzCRwX
z`H7%F3FIe<Jn1*F0`<e2gzeM<c1R1@11wM?y;H{HHLnc{lt8|S$T#9oq=oKo0izWG
z2e&|@c#jY-0eh(hEMFgwSNiRE*t4umBE9+J@tV0{Ld21qe-6k}JiytLsk{e&BDFlX
z1?>73u<x{hK_W0Ny~oDmHOoOs6Pc$TLIQYhK3bp|Env%9z}B>Y?al%v(i<I**K7+4
zlt8|Y$iIvi=<6+Dzi0t_sRisf7ATS4l!wQ`n(aY>639Cc`LFQ;9n=E${uZ#UEnw%d
zK#BCeI3BOr5fmta{4*lIh(D1r)cweK*iPeN%@=}!nMi;ZH5}e2k0eU#8cEovS^79$
z^UdH&bUZ+;dWfhalIXE46>Wb+U~e$dIIL;lMRKL>VF0&0veD74jHvzyjN1|2orEy%
zFm%Ha!ni@uJwym2&#zm65JvV~IrtDp?phh}5Ju)$`R5QueplJw5JuiM2_r9>gptQg
z!pIXQVdU$QFtT9Ek%jq^t5PN_gppBFzA1!pJ=f(ugpqP7g$rRM9!g6>80W7}=Mcsz
zq%$gnaTM#I4q+TGI($MHyIXsoFz$g(u{kE^n>bl$@y-T!ye({ca%e;~ofb3+iQDx2
zJEb5ZpV@$Iwx37zz7nN1cxPi=9>XRcQkSie-d!n)A!6%wCYW`;G3X0-`U2sOz(V1U
zqBg%>;Z9#=L}J-qWJK>mG7=<@UlyCEVw0v1VU|>2CE}<u6b$5{=x+JzF2=c5a60@?
zshZSnHS~WDV7iIBJa1jMj!BrMa@1XRXG1xl%YCj#DktIt2`ITdKzE-}IH#dTD7iEO
z>ceHT@8MI+z=z9z-GetHaM^}?@U0QJ?3z6|wJZE|WaI0>zZ`+f-qnNO6M@Ta#e>g@
zz-1HS!D*w^Pha*H9{i99T=ob8@02$nM3u+-nKp*(dy|3gFEmg#yAuV<E;Sk`ZQ#X}
zZD=%58o~>d{bMvxTEh#J&0sW8n#2o~EsGb3r+o340qc3ZmR8vPXrOeK7bvWEG*C+G
z1qvG+4V2P)fx?nT1EsWHps<J0Kq;*kD14$9ct*0cBwRWQJ6#EkmR8uGXv}D7g%ybg
zMoTMfK{PO0T3Mo_fzi^+QX37FvE^0ee5{9lX)j?_qNTk)85k|?oyovxX&*`kMoarz
zGB8?NS;M{3ev$>E(O~x~9SO1)dx0NJ26m76RjGv2q1*koMqQN*H8H}1(Dx@p*+xO=
zrx2>5^7jYSRA3=Bg+Yoh5o;Lax}2{q-aW5=VjR(y!`UYcHWyU`C!H(gMBZLdF}n&1
zq*`rKavV0i%2GSuM3Up~sIK)E1MWOysv)4YDPuNHNDc(8RVnRuSaBYBF>V>3UZ@1T
zQKQ2ifCPVTlXzloQh6Sl5l{w60%%9FWdIFCwhXX?0NR9%Bt;XC8Y2-v+m0;*c=ufc
zcso8!%J~r*M{dlAFtK{5$d4d262J@L8t|MS5Uf-t4t<7r9~Zhu#zEm3iL^?jiS_MF
zBWzF4t~T4Tt*{3TghGE#-hAl7m+w9B_VYsgxU%kxU;S|RN7SoGk8N~wFpUAnY3?rS
zc(41aI^N}81*;YaI!xc6TByFg)Iy2pTQ09SxSp>e7NAYh9xCVgs>aIgIDp=4HGnEy
z@bwOEpK<l=`VR40sqHw0BiKC3v3Y3oC{KsjJSxz2vS~dDbrPK2Y)?)nWxof@|E9OW
zO@4y!*0Kd)F&xI42^9;_#j&=MQ+X7JeC{4d1drYWN6R8_)wc1B?-(z_7m%PFDa%n?
z_Yu%n(3EbW0?pYhgb%rus6ChwJ}<K)(mj}csWHBYa2($8U~uct(NDA{)|1OaeMrs(
zA7Fx)Ai-_EF|nnO=P*Dt@@)vE^{45~ajiMZ`r5}b#|v=YY&k8#GTQtk+>OLRdJ^>n
zrYCKbGS0^L5YE?Gpd5G%R}kI{1RT4aoU?~f;BtLc-aZ2JbUn`T%(kpp%r1zQhgi(E
zU*;Sh>%+shhoEIaJ)~)?8TDq=o3~+vxj20LSXX|-AR3tu*5l#(tUi3N{a~Rm#*i^}
zmC?a|5ck1G$DL>}6AyYFaEd+?&htdRSn>{;E3;5FH0>nNx2?GGEKQ5oZ_u<kfYuYF
zt*SUnelO=~93R6-<4~mGY(=qCqPu5WOwPS&6592L_#@-xvlEP$zCOJ_&bNp6M_N$h
z#Cd8T60pd94%Slk?`TUUGW-TXz+su?aWSzn6PWhz;Vg|+%g#f{C2#TQIj=1y<@Cqq
z$cRy$g*Nf~@acKlhuj~`LEhLcR8l67pHmy|L6v!;i}Ppc&#d+;)!c$H03F!k&<Ut6
zx_#3QoIn=H4^KjuaR$Mj%(xKuT$ERXPc}yx2TJjOMWilw56pHQ2AG!7Aas5h<ivyU
zy!Pra@B}{)YDDdsXb9&1rV$p3x<MCXRKTKtC1pQ?hFgCHMx@Mwq6MX)y89xUrKBl=
zk28wZY<+u-F&VutflgL)x$dnT#)CB|!tI6Zx7mL|96Z~ccPhWb==B;Okz~ByGd87?
z)d5?;BSJaoz(f79_^>(3cCybylVse<nE0@dhri}1OX}W?2~_TCOW9*6WL_vwwK!-$
z4PT{LtH5@){U%aTh*d`)*neVma2Rdcx4`B86cev)tX3^Kd$Lp|85ot4N3|>$`Bu|i
z)l9l^YWmW~$zkoQ<ysZbq*uy*J@K60HDd5ywXaTW_;s$dK_8;6(gssOOCP}WZFfGz
ztlGWl+u__nZ-;s-WvO2^lZVa|v=Wa-4c!__0YWlqB?h3e%;-5t-?ui6`NnRi7*hx}
zj2n&J{%F)VcKJTT4hK*2<~H2#nbh$uj8!O>QF*M(TEg@$NMW1y1hV!N=u#XGZ$LYP
z`eloVaSSnLJ{G~qXh5&Ep5cy;WnvvqtUsfvH)0U2;2=VYNI&ZM9wGCU!#?F6jn0eg
zI8EFqa&cypwN@fUjS0%j6zo$`bs2L?VzC4W*d}-Y-Nr>hAnV3KP9uamWVj*|CYJKt
z43+#mzf9OZ^=P?GV*$#&CNkIWjm&k)^!a%-UmiF`yDBIV18tf5KaAw>IavYE$&#m}
z{_gwWbhl@-VogmO??e80F$4Ox7f|7eOkm177VB_vP}Tgb<3RdKDf<e*tP}AE%Cv#j
zlmxb!Inkaf$ltW&0B!@Sug)pxE?iF`5yTjiWdz)UPXiA*M90zcVCCP5J&NJurqS-!
z-Yg}3X5bS(U@w&UNa<^380;d$&qc*HF@doKMd!X9jdfXjXXGo(fcrd$Oi94GBzS1j
zbR>w~cy+4L%{MH>y~ya^2X3w_80#M2!Q|}=kddsGvY1?rDn^(Ozi!p4A-u=w=4cq{
zA;#oz@fi>d!7%h;gj&m?kmir+U6C)|lLXHZB0T~mpYixFjFklAaRq|i)6s4*#v_)^
z7_&JWRD&$Y+u6h)HLXMOrOJ?()dzuN|A2pjQ89FCYpfpv3k4>>dj`sT6w2%K9#U#a
z>PJ8V19GI#fZ%1h|Cs^lNH8EC$8m4KabzkP5b#XEacDm-G^Xz5)2*4t%J+mk#x5wI
z@)$vNt%FhV|1Gz{F)@O)$ZLd+V#L@Eru$ZGhmMny(Klat4ruQL&BZ%-<UvkA9?FAA
zc}vbuN&R+5${V3jeIULGz9bwbWG66#Bh1M`K>r_@6D?DhvC}~TZz3rQZ*s6Xx-&+9
zs>|IwT;zRVItrArKwf=2^6I@QcLZa4(=MEuZAEAJam-A$?Za{I&zFu4Z3i+3MCA@)
z(@Huxwz9@On3YF!Yz1sVQ46GOK^km9TF2DOWD7D`f4Ri?*eA*sWR)$*`qU_73)0FK
z<oL`Wm<f+9U}3TzFTnD+zu{Q!A~&#X4hm(C5(7)qQK*>LIVqu|(mCb!bfc2*PJ=l*
z7i*p{ko7zO;sTK@I`<=DrKm)*sKx54LLZRLUM=PMie<^;G4u8lJ~L6xBXU`}iLyp6
zYvfe8?o|t!#+jK*8|%YntG3mu?cgWc{07QY+9%*A+QCoYsnm?ePjo0h;V}@^PUR;$
zy@o7Q@|8AeC--}3p*B3f36Ogq-FSrYJbc~N7=!4~N&BJW4a?|R>Ce+1W4E;-e^GzH
z=P#Z%=Cn=nc#Tz)cG&3i8gO5vyv72v3;(R6nDPSh9bMMD>E`_59DNtYOq>BRQr2m}
zfZCgAxHD#HZ1P+u_k_P`P(~%^ty3MwlsU#^t_%BkOf=_#vLrCX<+Itl0vIk`C$J2`
z(j`9K!_xkl%nL7`u3Z<Sbv7}Dv7VxH2nrHeyRvQ;`<{(#H|%}9b*hK_7sxu}*jo|X
zei>_^EGt~sP3kTh?<RdxluLo)DTUgfhP$~F1sHNsW>MC@kqMC1QI_&3c!d`%jrEqD
zO(;%mAEWp~e*4TeW~>b8g_K9=1@iazGVfs@czc=qBm51KvsylXFC+1Vp+S7s<GuJE
zgZSy;$tm|EC|H;KAr|jgHgH<DMvax}_4i1!_FO=P3xOH2Hs?zyIiCLnY@^gS=WavP
zvZj-dq~kmUOr5*h#&eAJB}$L5M%v7ZvM_8;<e$pI-j33%>j1diyHik!JP@uX0~~5B
z>bahY-cuMg8<Q~V73#TOh)4ayB#i2Vde#@>QOz(3qeh^f|Alze98AKf<fmtXAs&?h
zlQ8P-={aGDNBzDejH-Bgb{OJOWiJV%-jtr<g?QAjO2Vk1rRRSk9u>KgFsf1M`Co`f
zb*m(dT0wdy7~&n*0!C#W)x-($s4t_+Fd>Xe6?&c+!l;mugv}vL^c6z9-3b$wfe?1w
z|Hs~&z{zzK_v52?&$ZgoXy2RN)$Yj0ieYC~E6rjM=8y?Th(jO{!*5rPELj#N5?Di4
z=7<#ug%HSP6DKS4LpW;?1PBBOckYk_69^c`5YAu-x4Ey}znK5`Th;yEo6$(J{Wr!O
z`q(?~RbSOr)z#fq)%^$)uYCr49%14*&tR`0OkC6%?52Jg#ZkmeLTTkH|04opyy`NA
zD+gl;>M{i>2V(^3GKD4wV*uzf1tbS!{N^%+AqQjl<uVzcgE1~{nM}^X7;LvphUQ=l
ze_JN=axg||Et7dU7z3r2$*3HRu}aHiR1U^~mSr+32O}$%&jrD9FtTF#5&bZ-VtH>r
zjI3CGUO$YiSbjwc69piFH2(yBa712(``N27K6@3OXRpHU?3LZ`Wv>z<mc2@V7GG!I
zrnh6jvrFxxR{`R741M86fN}_L){%Yj>~$g!X)X#!&f$zeb8Z81tsv2NdLKjsozOY>
zTx<|$oosP2`x8>Xc%TpdHL=Jxa*szz?o#>NyN(K5ww$nb3FJk9aQpFWs@AO36Icq?
zTK@KiS!*Ss&sr;xoVAv=fXr4asdv>@D}}AC_BjSqS{JY~{W)U#SUdS2d<puaFwR*Q
zVwSj!bFa+tuI!pia%LeI*gBWZ*7@LZTLCSH+%@;jxVgE1%l&n(g&9F`uygF*+#Gvz
zZjNQ9K(fkgPkSLjYBT`lABKLRKNqn-SJ_uFfO!XR2g47(jhIO?*va4Cp8%q^aco)y
z@~41s)ADDzcdUrZpT(?-!@MxoWchLnm5lLEWb>$>zrBA#ZN@^OYl!=Uo;aY7wTz_S
zf^=-zo{b+l<swhX0xW#L1W@ZOEdBzr>)`M4udVh2fGgV9nTkFLNGHy{Nb<o~Q<T?}
zQqtT%BNt`$T2_W%Qj9ScLE%dQz6B4wnipJ+mBHjpJbg7k>@ail6%$w*JOCZX7b+$V
zY)1xbSlE3s*!YCW_oDH%?1Y8AKZ8wLSe%vJU}0a(@=aOTa+VL*0V{qtX8D>$3;aY5
zSQ<Auzm)@)E$~e_V8sG|CTpizwLlz7wuESoSl~l)z_k{L(}ZcxQ46f)fHey|D+gR>
zfp5&ARJXuq<#MjKz^CVOj#=Pya=_RE|0D-YEb!VKuwj88%>l<P@E3BePgvk*aych0
z@RD544Ho#9xtvoL_=sH2X$yQn4%oE7Y7V&30>^T|vn;Tc1D<VxKbHfZV}V<8z;i9|
zuX1?KSm1qgIX7A0o?OoRSm1BxfGrDrVy^goE%3d$oU<1A2RUHd0&(s;m8FgaI=MRM
zEbz)4aI*#C40T$3-U1(;18%XvpU(leTHx6^VAldaoI`2B0&mL!?`MH;$N|r@z@Ny~
zd4CJMDVOsB7Pyehxy=G!k<0l&3&dA$({7$`fe*?Re~<;fJD2mp7WnL3&WBjwxjEoN
zE%1>!;C2hdS8`43N1p_xAB(;@x<ej+5lZyv#dvJiuKpnAvZFtb=Z&<>Ud^PLn}5>Q
zcytd^4t@$2>Z3h8S^Ybirav9f_=r?{@I_GEM|T2ngn#10&&(d5#YeUhOWKJ9-*A=p
zAUM$aHp-m{lEqSRKw#JG+u!}PJSE4EUSdl&jvw7+pU00M-EE(nrQ=60#Y;nvgdTkg
z6Zj|TeVhpW0v@ML+CHZ7k4f8)$7abSK9!05)2wUBr}25zq+Y>P{%MYC>Hz{sS{$OK
z)<61x@QiPLZ51HC_Z7t})uisVt3|kgR(4ct9?U(sy&}41U-v6Vm^&=4$~U}BHQjf@
zC^x;BEKOgG$?*sYe((lPhWwuCZ()x1Y3~~oy5fg4)fJH6d2(E8dqP5>Gw*xBO6Qva
z{Zw@)KKu-36doPE5|6m=OF+R~<ah>xtih6WLjYdj9AZ|?-TX11VYLNqDZDpJtrrtR
zt|Q#SZl_Rq3fB=saC9Yt28))ba?x^}ixzKsOUY|&Ugu43-q_v&Mr>|_x|<)^e(Y2!
zDGLuPN65Zv`zHlL&Q*?(Y1Q_5Q>A9TEc~h*A*ZVCvo{uiK&d%e7DiQ$kVVyYdHKa@
zlX2a166w7g_v%2RIk&J$QA-x`xS<Oq8~KNObd+(LZ+_f`C6s0B;kvN(5<CR03-Gt|
zVH`4*UUr93T?8K&9(ds*UHO{xA+HBpQC}$GM!1hG3R>5*YWPlNT+~USGAJaZxv>4j
zTCuVJ0qd4Oi7wS5^}Pr&Ykt!E99U8J+YhQ0r<v!R&z+QK+~!GYKCZDc1>id>_C6$q
zYd)?fdAUBqVOk6F*go_LIKOK<Isa7BVLOq<jU<Y;qFkx@he$j`RRQ@0AU_YjF5qq!
z+{M5EtHvJNa$JLdRDm+8GAt?vi?&y*)O`n4QW8~M?Z*UOqM|2j#althUpR&A`F&#N
zde=TBe(>)gzhScHFP6M=+tcsq&4+Gy?Ni1!e=`iaHRlNRPp)a4GOk3TC1K|E+Usx=
z%?zc(4e?XH_VQb<#{lo%*7lJQUynb@(oEgEb|bvkh0R~a`wK<G{$#Rv%M+YpT*T12
z9=)&w6ZiO~uZ|gfb8g&Tqe5%O*-KE_KJ?Y~7E5l1xbKA5cD@a?0~zeIz;%3a;$lSo
zE=}yL7U!IaYLv{I#7IVa-Gdh~t_NW~gn{3m-oqO?oLZ;|@7j&qb&{oOG2XIHF3Rv%
zYfv)vU;>@@YoHfy+e3Rd;tmb!9bE5$Cu9;st$b6bwVLwCE9?Q@{5MoTjCDOX*;-zH
z3Zz!`gF82D964fDK8Z^ElCJCGJ|G#kLMOj)1KPq@{D$kJc)q-RHQV|oU6=hR4R0A=
zkwa%nfv~@fG5ajY@^rAnU8;n!;j1t@YBqQ6y=50TthaFuMK;Nh<(_&IX5Xit3fBg3
zeIIfCeYAL$(O^*HoC4g&!Y0RW$Qkxd<p}3Rk=J(V2<OY3?DpfYi0AOFCR5Q8FyC`a
z-Sf3`X}5~#O!`vucH=EbmaHt}^`xGfDIh-lY#`w!-N%4$N$W2_z`2JdP*V3*>8|-N
zlr7VRes2|hyY!+oTW8HIblRc_q;%q%eaTYy-P<mO4#L@c)iCp+)A|S{%mK?q4?G^f
zPa_?fz2x$5Io@AsPe)F$a)85hsl0Mvak1hAcq~QxR-@*|y<p({tx;z@h`VE&V9-hy
ztHq0ooiCXBox&4PKmRELytzxCTtR5_oc<!(e^#I3`6@!~h-2%^MATJ;d-CGA(zDhp
zn4)tis8P6r_?teX2lHhYzBsDCa=WMx81`co1V-Vmw}l`I<CUdK5U)hH`?v|CTI?i9
zN*2us=ls>1fsnVWLGM5DdnGs1T#1CO6KEJyqTr4=6<NaR`36jIg#&^IRXJ`Zl{|BS
zOk<|cPz$OcTbwZj!?syDluYlptaC+$iZ(Ynw9|+>l1T!+(}&wVj0n@I)(sE_!M_R>
ziQX*X5+UjC67^NszPJWuGY`!e;)1T4x3t2$JZru{pp$AoAfT1D;Mbzd>!t_syk9F`
zUN07rDXJBBtwtR_<G+>5SFK7zQ{C01m<T=U0kXjO@iEd0GdJB%^3wVPWt*&h;BJ@u
zESy7J_Kqz)+BRNyoED4rUWGrhc58QHeiU}SAyv52dNq<3OEUjhzIXrC(cD_0_(v{4
z8$I%*1lirY@rn4i3zt}IT)@9wL1V8zU>!X(v3GIfTKwCE=jpwKG)MW<+zyD;^*DpC
z3&q_<<eTTN%!O{UIJ&0&mF7kO-KAt{M+soutkHU{An3&NQ{l{$cZCZva?XsdVc7tR
zpw#w}vGb*1_9o{LmD1S4Ihejga@HF{XvbQAh?=PRWc4a}DQ|A!VZi6<+P7w7FJc+W
z&BhV#KEi7kXYuhQ1&wB)X+lcVDL@{AYiFNi+S`gTLslfX8zv^tuH;sy#T#R0|E%ph
z=xV{i=-OOyot4fv&;vlAeE{)&4-h&#TW?@?>Ssm-|03{131nGvyd_Y+vk3|VA%tTX
z)|mfC3oB)x>w!^cr4mM)qcD1aq_UmvznJ@u{lX(r7yl`yD*oN`@^4#a^sO^#dZW~f
zjlLjOJJ2h(jC!~~z=g7fW#E@?1gJQCmm2}dnyzg)NBdsLy@4Bg(l_i<9(o8x6TFi(
zbuU4Dl00E0fPqyH;(7!xdd<T!5BH^Pt_72qS>1w>7ALi!xp61wjaAJ4t<SKMVhwp0
z>*aPUkwH8YC#&@k&4)|4kgKAKspug%Fs@ZvN1&5x&}2H^QPl5_1a1xfZ9y^a{=9kn
z66)TBkt%9yQ@et-$P88df>WGjPru&Wh_`@(i&qs|&L1^z%Q*keBVS+7e;veQd*~$=
zHVZLt0b5D-qA=t9?oXgB)*JJ<mKNxI0SMH}$r4BbbtA9s8K$7)pO>^+U=j@kyN43$
zV3yKK=i7Kiz_RG72(R1LVlq<_RinA7Vz%1UF1msAN3QcMs$S+k@F3+-M%P?<`L=9b
zpdh27-QFJoqs|tm^)mdrJ^q!elai(07x8S=uFBWuFqAn8PG^<0Y@)z0;yBj!b~u3%
z!8f7`)sMsr@&~-G9FA8*j0~opxv{|50D?qq0ozWXsKNGeeR$&R8nF%q--;8qK83ex
zfKfn<4CYZJn77wNupubSDDD&OpC0TC<~r<OWFBg<2Z&?A9yixNEICB!r*&cSGywKf
z@A`fQ`)T~`R4O)hnDqow+X7Y_t+%29x#XPs?GflC_wU;HCPfTdR&asNfeOaZZ74ig
zQFyRIxa{j~f$k>~=p&7fdS*s%tb<4@aF0kplMBCR9qtcGpy1ykF)WosP5zqdv<nSR
zwr;RUw)>q~yZ>Lg)WY^9TkV8pvnNZE%m$$aag6bDvxe!{Z&)*M6J=1t6f&k2<b?ez
zz|II$ZpUSpMKV9&J|#21N(Vs}i-y4v)6j}tQ*@nhHhePAKE$m*Ct0W?y#nLYgm>{4
zUOOff!yQn)|3sF#N+9cH_2MYX^4uW@T(QP@J+5DM96l3uVf_yu)N6?RlCj~m{uj!O
zv-{&5HSw&pK7sU#F$&41@xIswt}rmz--+w3q<nL99>UHmO>4f)SJvjhmB`JyG3~xi
zW~9F&3NXERaZ4V72m8izM9)s~Dd8%t#>Lo?`kf1cjRh?D<|pwB^T_-tevubj@@_k7
zj<&t&_L_-$=r;Gxmuq1t9e~V)&F)ee`hBtNRHEkXz5hV7)u<>#vF-`)nj0e{y*p$-
zAN4+oOwut~-eTb-3P-J2G;WCWb#AL+%yJ&anj3o5?{T2aeE^SvKK=t9y(n(Im({@%
zf-H<*nR_7SAw*U|q0ZDx#RV{?Rurb4oR?gqT2>amH^er)96#h~RJY2%p90;ULwlNz
z2shq8OrZ9U9oSV4Ao`(7ThLfqAq=;5?H&-e^Ks%vI<<v+0ytgGD~uJ~op8+ZWRb|9
zw3%R2mwZ0m)VVEEucZ1To{ylixvHKOd2<UpPgB+?&j?NaJ&WL%b-C*bt#{#9n57gf
zFaK29;$TZy7#dl6F@ArEvJ|&uXyi+|W)3Mit-nUytsC*DjISHdSHomK*Oz;e{Y$&b
zxDyZw6(nrkZqTVVFQ|KvAR3xnD=NZ1@R!@6TuKG<zlU3tp!+_R8c-xsic}(t=efX>
zI+bg$iCxJaEN~l6umj81lYV6l$JnsLnt%V|#C}s^zb$g=2ctiJ7Ui!3U4)<|nY}PN
z+-gzy8E@^PcW*{VuvcLRj#n`l!jese{R=yl__%aaI$Unw<OPq95LXvtyDGCh@bn9u
z5Gg0#5INDIr($hqdKKY5HETC&I#tHEdo$R=$wWE2#_?L54oYTcCPQmh4F&p_o92~d
z*IYTkftB|#E9MZ_OJqQnI#J;D{*F-9s{w6M1uP<guUd;sLLf|AlWOQI>-z?M^LlSW
zVSGYDMG00kuZV4S%{xM8LUCowH<KcllU%vU%7Kfs*g4_!K8$i+7`6Tpzx6OdnB`fp
zH{p{GwUK1$I6_J(S~kN8042N<%gK-GbXsh^k0qgqV(boUMKONt;^J)jGA!vz$pStE
z!5d?_!o$VFT)SO%yk1FgK;-}AvX^DAQ7c`$SYI30N81T*N$$g~QX56vxZ1e3w)+`e
zIja@*p@(L)RYY|{eCySfnR;<-;l**iHmtrHvfxhSTAB4(`F{cA<d->4WlWZop4hI<
z!}<WDU$XU5yS%745te=bir)Kz1s0+52Jm9<(*T1RB%XbR1jD$?L5WS0O85MF#}kb-
zT7VV8wTZ6L<X;sX7ZfHj#~jYfLUUuVqwEQWjm1#z>Z~9Jfo=MowN5BghbQ`A6ceen
zTByFI3}8i%$xHVPqgcj|VvfWPOiUWJQ88cIZYEobuI#fLTQ?Z#s$t2ktN5D8S1nlC
z@-^;RC}Ei2B(gw6qUN8#QHpQi5F2E}s})t6i&5)?z%{9_YtLa?TF3t(Y?AK;vf=f3
zF7F4B7a10D6YsiO*nOX3hRuLT9&Q1L<iT8SBoCqn$-||@l)NHhfvb?bDn2w40d$!*
zQXfg`YaxDFnW~Ck1>#qa>+2ydUTvfg+uC|yfa`i|b%+ZRO?_z|!BU$p)z(t{)<XQs
zB7S4T>Kj9rvD#Rz+Wm}=Z>reVTDPFP?U|@^c3c~YwfffU0gJn%If(4r5{$>3ed%qG
z-6NFUcm@6w+84@VvYXr!E++2c#SIk%sEOuT*fn~vVv%Jf*bWm{n1_vNh`nihJ7gl5
zuVUrC2VC6?n|1qaEG-&Q5gh{<8?~EI{VGb*as+!3Is^0N9_(rHgh{5kvHR!Tm(A28
z;IOc6uw=XB)S{IV4gR-8#j(|B_7Z@S%SH=gFmaMyoo_ns^d4MkENiiMqHoV(-^BWe
zEnKox*>)5_H(EJREzaz4LYN>+P8jT4#pZc$34;@L->(Rd%F2Nq*pxW3U|BhUrAE!a
zBH06jWtJVTn<k7oz#gSAqs+f6&2Mt)a;F=i1ysLpHH;R^Xak%5hx`(jKyJKp04AY4
z8m7dk6B@&(6kNQ>*ggHi(}Dg`j_Ygom4bvC2E9YqmdfxuF3pr=SyYMlSEJ4YrN`({
zyBM)YTri=nnztyAi;FnWgqPyJ)grK?U)1yi3tg-^<1QQ-NDSgFuW&FQx&_YLh_}XC
zjmBhz%E_-;ui0$?rmQC;=DhVz@Oq{!W@jD<<=XhUDE}+K9e4rvrE+_x!`(t9@^*k7
zE}swVhz=N8*b8B6z|7cg!6NF`e5AqsM4K^pkAAXP^Y+2T0n|Z#AGkwD#q%F<V#2it
z^Ebp!?3$5Kl4ltMf=^I*6Xwh30w1U`;IptEpT>??ym-ZrS9m2ng>{xxT`4PW)nW*#
z0IRPU0mf_($1jL8W=7atu1GPbDP}LwB>rLh5k(JHP2|EF8>7JHk0?|uB>f2+S$}FY
zg)iDlFiublEIjjXcc5ZSpZ8T*d2!p{fTpmh*Gq1#xN?9xjX1)%!`e&02nG~ImnR$y
zx@+;RfVD&yiD;@;k@nUK(pA<w+WwhZ*{h8b*9yw%6N^c`EbDM?6>e1V2<)rC?Bv>z
z3)R&|<N4Rus^o1Iov>N=LE9o3OMv*n55RzM;%IfmpNqjMKgTt{C0uh7Hx9%~W%%b|
zj{DVgEG*Q)y{a1*XUIasK4n}voKe2{$~Ix@nb`KI&`sH97$|HeVI$QA6vP3>K_i^Z
zxVH{r+ysPA7*{J1D=^MrC0qjo!Hv2wd8FOO+6C+w0XrNnr-bYkJc8^MkX`d~^~G~6
zwc?idt2BVU==fTeg>dWuA1bxA#D7#6h~=KGshF#&CW25K6>(4w)!L7%Roz;Rm8@fR
z@>EB4byl}d$l=tmI<ghk@)fS5qO8?Tg*BjwB~(2BN3{wiq5|sJUgRa>*4vFlcp?#A
zP9nUMB!c>hXH1_5d2kN62e9|J!pDN=KqbO}s0Ky!7<TuKd#UU26y4toBAAY^5Lt2y
ze~GfcM&0Brz=p$BB=j0h9J+Gfl`iDfoClLe-jdg%2j4nSw&aX>EiwLWg10Ge_hasg
zS<h_=)o?Z&r5j(njMAyMWQ;%xZQYErFk5A)U7B2KjW*~5>40Ocg}vFH+WLwVm-X<2
z<Zuzp)0QzAs~(S6VCtWvM8eNX&tTc?yj$;Q`$-t<8UhioY6rqRBu`H^<;@a9^!^ip
z5BE`~$JlTGTDtpnWap_ncKF2UDuqSpPtZu*`yc!*!MrR`S@VK}d&LA4iwUUnSzZny
zxz%i{{r^?8_k8j)-ZF+e&CAPwlQt(iAcHEMgN_nqv%B9KkoNDWL~=j+emKED*IzK&
zC#&RH-FP}>H`$deL@?`d%??}7Wut3cd|hKk-plPz(LmJP>mGb5l10w+?uHitw|GCT
zQ^wASIRRVrjeDZq?*5$v{-;j_`%n~g^m!Jz@arsVgN!is&-+j!Io|^2R=69)x8Q_s
z>RX^2F~K`M3e_ZV)U|-Atf-E>A}6PKYaR2fx(;9<ulcZ$w>O|hEc~FOb?FboJ+^@`
z!i&2A1|m2KparqCrZ*(+KGwX6$~L|MuI5N=^$p-nd;@qjz5(K~Wek60$CSf+>m@(~
z&JRqrbPHh32)BUIns5tX5x}Izd`%D#w*c30QG0>_^hLY@=m}wF#VNJG=6?YuoM;aI
zXTe8y{jzuR3-1HHe}nR)vV9uczS(Fe3)^*c#w%DiZS981f*o|B+8v{gv58wpOtfl7
zkUDZrgje3N6q6Xnq!bUR8yetCZN$cNqo4B;Sg*jXOxNMoryKmjF7yp|QPkWt0>y1^
zM66qL<Hc6dzyu=JQ#0_j5&cWfg=P{CCifuX0(UlHX<`<uV-j((>mn@p7&rbPw558;
z*dtuV#4sokmRt>UgYk}OF)DSJM5GjJt6xO!&l^$?X`_lsYe4Z3OFatZKn)x_LE*Ki
z<G0xF$-O1+Te!=qgmZBesFtlF3P`rH+o(OT#b|DX)ce>LahbnsFO46a26CI7aTR-0
zZrHHyTgCc1tp)o^*$uU^Rl#gX2e-)=hTJaEipu(SuVSMK*Egzw9Rxz#y$LyK9$1ll
ztH#fCHn90^;0<&Us|nFBJ3*N2ad)pG+uqSN(9kobc>eRQna7BIrfWMUPT`t#`jUu<
zcpjF6C%3)`DKWZGiRjAM*X<$5C?539P0T;k@$nV|au*q0z(fs!R8R9}r~!F$7saV8
z_R^rR0(_2PF7hV#ItcF~<z-t^37pO61<q16!Ukm&+Y|g(Tw1|`9^)7KAejF$x`x$%
z87e7WwF`V_{u^QEQNo)5yExpJgMq!t1sxe^fM1x-NnYBVN$!-)Pyh((+w#wF<po0F
zy{ls5+XDQa4g9z#k;P)UU6<dA3p($GK%<Tbwr7yp+44EpftNawvOxhpr^3~gsXS3R
zw==rrHTdmL7}8m>mx)8CD$U^{(r0n<GCRq-lb2N}orn^vry~O{S&{4Z&gMp_YdG9=
zI3-IF2t+Cc?T0|!DZJ(*o~G`v&~~>Mbc?%_NHYV}W?9i){O*fjlM$zDJpWhy!v?yA
zOc#4CV{NWsKS3kxmC7&~3O!^S>C2W?9+!&y7eO|O<=KAOzG~=g`B1Slu9<Bhk8t;*
znm4xj3o5f7?f-=rvVPUKoGJ7P?lVU0m{(2SoW}8pS$>G(gd5OmnRq^MVH$3Gn5)f#
zE7%bV{nTgD%DKFtC%i%oTy}Hql+&s)T%EGuL|ky(`Z_V<XJX`mWf137_#KW>#d_48
z!(}~;FPuHX=<ZpU!_W>P^;2;O$&<vgNoI^L<!c#nHg<Kmb-9hhM}#Yxv8RNn&%msG
z%k}nYdT;iORa@?*ftN7Z0@jL>U8y4UNQxJ4xxP5Px2l%c^S+z{x4j(QXIR+d@{L{&
zMdf#3lci}UL}(MFPO%8n#=;yHVIGSRVI+dZ>ns*frG95zC9hpGH3baW45mfTidF8s
z&*xGw%T)AL(yr%yYKVFMCRw3tzBgencr9fJ!OU)B^Q1eyIcY=Fmo|^O2xcxXhhMPq
zjEcuxu>3fHtf&RcOMJu9YDCk6mASS39^WsR5r)N#$$juPOgF~=G`3I-n{&M{0kR25
zRDr}akl49x4446r2hBrDfXagyA-jz(z@TE*)X_?#^-=^{_3)L{(x!Gi0B&w<eG46>
zVGLrSGSdC{w!cJuT&QlZ>VlqHQ_Q<{UoIwrR=6+LI{Jmi;;w0J;yY{tqkr0X5HTA~
zLtXG^%Rj*!BuDE_UO@-GJ6=%+H4(Nqa8VWN{bUCq-(UeT%PbV1+;$&e1=GIi0?c*I
z(R|;MlM<%23S;)O-TTNklF4)oYftGIyj$bE$chdxxAn4=V%y$?yk~(F{P!Gp|HZI|
z?5~#-e1;KURK%Bxu)D5cqQxe<R@(YiUP^@;>QyDv2n<X`e2q>#Mr*NsUYi`xH=z_;
z8z1Ky82Qv=`rcuP)J80=MoFs?d^1t*awDw}U?a3j?IE8GdmF(Fkzc294!R(52@;u&
z7(u7GMTJR((CdC3OF&@=*H(IO8}2l!IoQtbD>?hhIN_HxWJNR+2dgtlXcw4a=j_C;
zIxVoG;bUQx$P^yU>Z<HLPP~79lXDhu;lHB`Rp;{7cR(wNvzv9EtS_pQCCGgCxhT?I
z@7Mz)^F?`bK6o5kE0(k&qI1sJtTWc4`&w*?+!Ow;=u8!8?1s#^6Dy{>tAf>zNP|u_
zl@QC+a@6@UE)|(Zoai)O)Oz3fI`0_)2yXTWCg5+&{d3$0UyL?{rrZPW<oMUPUDd_&
zqZ$zCO56cIU51r#ZV}9AJjK8cx@0L>T0tg8SzVUw!UxaPhh2lrXEB<LMID^U?v@D6
zt~D?)LNmFiBQ&uJy3-Mwpg-qF##G+}^qDUz+2eV$*NXEL^BBE<PZRCZyF@g~F7N*0
zKe1oDER$VVLIFDI8i{*$Yr2?c<iYJ6VH&;TinXHkUv|u$zD_ZR=+HQGov&n_|2~M^
z9WDLeEUh*T?h$uWkI7iiExLjk`fIQtUa~7kE{yTt9t5XLLxI^rL&n@J9vq=~A11lv
z@;rRiZglxy@w)s!gna}0_A1_CRQ#gN;axK~x;%wfg-H$s^|Zdmn>547;OQ0+6<_#0
z>Z|34Aalz@3a{IF)JxKe5;XOAR<w_mYenjAT?kq~jjNev@g+r#<2Z5%3%b^01Xgm6
zT!l9cL~tZUo-1MR-$5qaDP(499QD{X0xTp;gb&=}_C@YWgWlVaj~)W8Nam-ljEj^8
zxC97#?`9V4fHVt34bJ}yP`-xim*nLQc!@E=MRj=g%I*6jCvnUQYQB!2)Qjz@d_8k(
zSqQ#*#F^I0#qK+6#kswG8D=EIV1*ebbMW4xhEhg{Gjyr-Go+lg{&?HJ1Vgb>7++CL
z+2gc)WuMHKC(uEBOtPPUqsz}B!-R<{8>e9+L)8oeIWycDzO~QoXIg-T7B;A@00{EB
z)3hty4<jr}@O>)qJvM;v^6#gjmlGOYkaS0v-^ji&OTX|D?_74=C_uSFc!Gv=;@E;K
zh|K<`(^=>AZbM?yEov-7W4^L{8)|g5O0!mZ5*DxY18#i&#>Z6Q>(ir|65A-t$8y-%
z*_jK+cXnFg<j&4H;ndE~bl5EK>@>n=b!TT?*sSgBU`DU+>;z#m**OOsH-7czBks`3
znkbHfO({4d1@9{b+gh-B>HE$ZUT|Ito+kw#Bn2NL1s|>jUw&->HV#3*`IA!Qr=-Z^
zq{z={k$>F1!yjH`Ns3%5MV>50o}xuA{q}zqhZlLO6uCl*{Gt?jjuzSZru)Q0i){Q=
zh{ev%WVrD+<Y8U7k%7oNJH>D#tSkjB{;aP)bJOtRFS5md-xlYFPl~@PE&lrl-@ko$
z@z>enZ??tXYK#AMTKvTmtzE;5|BWq9$2|MK@m;p~2W)W$=i9a0b&&rN4>z+=dzFHm
z#wa3kje4sC!HLUBrHvgw^_9(PQoW?yPIBcKjfjm#CGxxP7aJwM?+RId5yzQ)nFAZf
zvmX4Lz$Gs0@v@5kR2{}a7BO5AeO1Pf;}!efqgDiHQT|@ao!A&+;CYH`?=HS2hy&%+
zmF(VKmoor0uT?<-#Bg{AWH;i42cJN#7EZW3wqCnDbsL7UUMb>^FE%drWG<TN{T%Yt
z{h8iH_{G<&pUBq$N5~L3nk?1Ai=pEYHse5}CX1~SS`eZkO_l;OMEOF`3Y3lj>p8`X
zL#J;-l2V%X6_cfmEBF|oFOH2YmHuOy;@qu|>}yD~FmCCTH4d*%LxifLy3c<;7?JBr
zt$O5_?Mx{>5tfTz2$fZg79!SlgKt&mJ;d|WMlzISzSLKdp$;}`J~~1v%YhMP1LLl8
zMd?Y#*8(u8R$T0sb3Ce58r)r0?U~)`w$EZpf*gAiYl<(^!e=u96Rt+};tut32g@7q
zXz5zGCZ{8OOBc3E#GgPm!|rDSoSs220xm=R2V8@Q!!W&f<98E=hSYgJe(||kE3+N~
zyFxJ`Axa0gvj<CM$BjY}S69WAfqg}<``ILtZ%3Okmd0(;whYf_a4n7<;bg%r*Sphn
zWyM<~*?h(GpOHNqwy^~qa;`a(=dE=bn~To)X5X2_#tAbFHeMxX{E`j;mvBm(zWPRN
zdS`BaoV}s|8$68Du`q~^A@HPl$z0$xr*HRlJi_9I?*%upsiW;^E`Yz@;gKCs>NBt0
zNab+!m%w^4pC09MNnC<QIppP}<xvX8?0X#D5h7M@W@687oV>!lh<s__Wnsa*BzSou
zwx3Lyy&XlqYZ4GRg!13jB3d3Nx3cm$+{G6yk0W0!FZ{Ry_{n)NobkGJBWfs60nSYC
zx%5&Nm;mq_g>NWu!T=ipR`5@9HViNU@NE1OV4}ce?*Tbswx7Yyj(ui`leA4m{u1(p
zC(F=y;k(~GAjO-brc&T^7I7Me*IC4C7;a|~H~t&M?=0fSe>ogo&pC^S;P`LX4G2(O
zbdtR}h{YAo8G|c2I;<ja3JKcqK+_=NaAZ%}y;IObWZy3|v68-?bc5`}m~??C<K-7Z
z?JmEHx>uHiNZ8JVvKxCg^aQXifZ?S5R{X&Km8{12P{}dI=_1Z6TIaSVkbuK_Qnch0
zBd;|M2o7^dNtke@s6<R+-7bDfSl6(CPnM3&G3JpEo!hudY@Lsioo!gdhpngKaZ?d`
zJCa8nagqqGaInd@<(gy_QV#nBxIyK)xP-%0IDZ2dslP5zY>|!VKJZzvpgGtw_y%Xl
zm@D`5!g8Xt65Qd00*aLg#~*j&Z$ti0$lq!C3*zra@X8)hOVuOK!SF1~IqhN`wpw)@
zf<Xl@6czE)(XNXE#9XkabMLjWV&jk%+HRCTH~~0KLKFi>`;h9wlk)9O^W7Iun`W=V
zCbf!MJd|V|n`XV(mpE_w3dINXOK9sErY$(-M?4%?`B`Qao0A(K>wFb|T9W|L--&cA
z1|B0B5YPvmd%jQpcg`L0F2pC)N4%K}i6`4%yr?~5-^qu?i+COUg{?=kv}on9`?oqi
z9J#=meTEUbh!G@VxQK7u)%h0gd_5?)zmSmPlW75G>`6@=!34bW#}0V-9|4Mf7+j(8
zjB;Sb>3$kfE}V-VYQ~@E$BV}hBLjaNo@{1Z6Po~>>_-)ROyQj}W}wDm>mk6|oTKu^
zK0&?1TL99^@R*j8gj|J4%h!n&6-uJkhia{qv-?^6VuM|r)s|Syk`xB7ir27Mv40P-
z<?m$wO6;FS1a+{kIs9hyZD#cKPeJ5QNGK7?`UTF<S=kOk_Ct^e-Q~~Xh(ChcJcLvF
zXgg%Mb+d^{@(MrE-ycL;4doatl6&tE&v+eio@b`Qp<GKVJtN;dxqn#dCEv8te$Ls-
zPQ$y0rMQV~-l@J0<KJn<hc|qD_=PQfd^>x9Zx~qQ-~hKiX2#ap27mW}=YzKxK{g|%
z56Bmm<9*|YW1ci)evnv;<T=sN5rT4Ngy_C#V^$8-Mmrg$IUW+*3T61LEbmD;k!Fdl
zdNb!YN1V*6i~K?zWpVhw=Eyp(gvd*ifp-H6jK6<RC#TF2>_6iaczDtcjAmyT@kQZS
zc6hS;Sss)oZkx0G=eof$<n)4YmA($-U)L^q@Y5fY_rU3X3rGK)?nkt&E8i(#TizXN
z%a!lUFuz}FPq<#NcuMR(Jtphi3E(Dk4^PyO01q!XrhPy(Ts;3Zwb6J5o?V0A4&QX4
z(IoET&;z~x&eq^y1J0?d9P#bTgvns91j}0ZC|t3TtYS=v0S4=ADL(hFG>Hl=?~7mB
zS6r--IkC*b3W|nt#2@n*-4YtW5*(9I2c%0m{hkib#yi9tTsQ`r9>W3n`=Lk}-5={|
zOuFpBXL)wj75OkcOER8e4SrE5r!9FEnA80nyDL1SPBi(?A<q^wo^^(^?4zb^))shn
z2in5-*i2jC*?693gV=orE$~d=6!Md2n5Yx-3OAb}YWrBOAKx^%@QX}oUZxMtTE`-f
z{bilLgWcFMtU(@uxoQ>JW1I|FbSM~jYCVcjbrp9%ue2)4Jqj#K70<lhF${CQwD7?*
zspKra1&fjxEZXE?v9G?5Ykj`V-7f=g5jW@_DEkMn)eAzecnksaBl08jN->*Pim9f;
zGGnIdbhCM76Z&-`tqXU3gkFS-px`2_w6GI}v$^{@GZ*;<p8Fjr<40%>rP!}1ZOxSY
zr07LozIQdWoR-pQa99N&lBU61zpxK&zdXek*j{m92dK%3g3BE~S-g>m*^sGRdT45H
z*#UTia29H0g*p`nfbpD)mUgWSI*7dDXp)E^gfJl@C>-SqSR$_opbYwj`v6al59E(2
zvnYYTh$2G7mz2>+n0Wrv1ZbJTHhe}Mou&=y2Gd4E+aMu_w(==$g=04m{-x!#FAT=o
z>w8ZY+XH%JvHO&PK}Q5~=EIbm%Jm6V@7g=!`DtN>3X>ckw?GIk%UhiRnjjG9Sa}3$
z{!|Tr(l(4fvMkqwrtPNbs|=a&l&ya>ZJl#Wg7Turv7ScTZs4t^Z2LMsxIvy-`eWXT
zEsysAK?LXtk3|K3o`8NHBfrcgmdAU5lav7!r3`s&$_%za9-poa%VV^$p`XVmwL%`F
z71GPc*Q*MJS8$w|a@T>{DjO)beedoYgvWv%%5690GTD%FnQZJ)cJ%ei$j072*+99o
z24rK8VT2ThY)GS4HrTM0ErYL=zfQ*sP}`;Dx9<|9`^y73AX{jEDlc2Z5I3@w_Swo7
z%ARwQYz@WU%9i$><qhsq9<;Wyc?#^cJh3OQmQnr>s4Eb1kI;t-PJT*A)v*ISs)Cca
zOEXnW?|TrcbJpG~cCRV~mgK!xAV%_vaujd5iGf;E2#@qymtanTM~CO2_O#k~*<@Wx
zPWRRT``Kfts`Yp#7~1{H$?bcB0MsKffIbu)7V}7?z&<=~BpzqGXdLOSU5W}G1({Ai
zG9Tsk7n32;d4fSlWOpm@G4q7u9y@@~J;5fxSqYnM)#QAzYF;K8xBD;I9P#jcd9J6m
z1}Tiq#10={rU8`u3TS`6*t$4XjH2(D@VxGOStE4^_YbesIR{I(Y=6Ck(q{i~nTgcL
z{(7JAlzqs`oYTL5KtW1~-9V&;KWgLqb$@;sYX-YNU&`&zu>iFDbJUdW&jGjl^YcK@
zzWuq@CH-~}u(Gt*QXAfMe=Zfuo6>}Jru*~zYpr&FE_KTO92J_q2Wyl4IV&=IJk}xm
zbAuIW`Vi3PuJlj$cLovE!MZrFWVCJu+?LY@vP2^Y@HmM{xpNfUpJ!z|f$|0AWrMy1
zGI4*7N`^A*W?>j{;Ql<<AIR2Fj&b)ZB(@6?(#F_S`gq3uxz?vVGZhZyT3YED`KJ4G
zsn_h!PvV@d>@>XN{`{`?br}B!#~0Zq{DTOcYJ72jp7HH$suD8FuuT?qCk?NU$=LK{
z&#3sLfDDFA*3JIBj~AR%^Sn4|{ABy{R4_S4HrjG0j}hIU=f=Z~&1>vc1JVPB3is$~
z^&<B?gZnDZ8^*TEjpaB9hp!ipL;-ew;ZkEy>l|8Gu|Er)?q`x9@AIjlJl8~+_aZll
z?Y`wZ>@Q{d68zFGfqe!yp9e5?a2aif`d&aW)Lr~fXlBrH8i3+|LK{}K2F^I3_@B`6
z6sl+LJedPeYRfxygH$r7Xw^G))7~lDKSf_*>oE4yd|%z6eRYTS)gA1sFW(GgUq?I~
z`Nnn<a;s{d9m-o_9h_xnn%Tc(nx3S0xqI<oj8#J5Awv~@Vy5x0)H$A|$(-gFemBqC
zeiVoisyZDeL`<?+HFh#W#80xE8ZQTEN|rwKE_ZR{_t>hNK)6=j283zV9f$C&&fcFX
z*WJLB>u#9EmmTOcn4NB@>1kTsjD(9R>NVJC`>hvX%9_EQ7V>r05x;d@78;)KxLgmL
zSCMzO(7-Rp!#D%KxknhV^l(huJlOdo&vkBaUB5Mm<K`z(4{bpjKofVX8bGu0DB#u}
z)cR#0lCuOkY6(IJuUdle4P6?N#1drdeD#^?JUmz@qoZ$daH}+r_rU*{uhW$;tM}WM
zn$OwgvOhF3oora5ZH2Zy+Lb^f-0Q=A@Tsgy)FIl2$-e<s66}Lv4P6{s=2JAv<n1>!
zcv<@m+Dh#=6Wz>yGYx!XUl(7O?9Vb^mu7BgX4X4q@<QLiX*ImQ{yZmD1N{6#drhH$
zuWQr3bO0wkvA(3Xt5CUB<NY|4131FyvFHtU;8d80TL`#N$JEdG4_rAUP@LcIgGK^v
z3_yzl9nV3%3BDxtVB0GCgZ4r=>ChlATaAJph*MBw2rhTzV=Y80a9-_YR3Kvfm_hZ4
zWWd!4{TU)=P^BUnaCW;tLy;L&vq*;Vd<G;<=sOx=MB>Eu9dIM+etCzXn<_h5xPo@7
z!YZn*lzyU*aunoHMNj(aB~)YzZ+|$Ml1u^a{V76CrU2<Ig#cg;0IACGM^-xO3vFH8
znwe3TSuJ_>d4M|M4uUO#^?4vmBv~wpnPmu#3ARMm=UgoW43hb$gv=tJpF$5_a~k<%
z^yphucHsMkI{>1AgBz3`+qpm<aU}(A7pLrilQ>Ps45n+$0K)fYpzN3lsm=`OSAPb|
zj_npRfDL^aJisPo(vtG%W15T<NE8mIOl*Gyx(aT|KI^|tU(X~{>@%hdju%XwIL@5)
zn$$Er4fHu{)%2TS+i`s!$kNACsbxstS<>)SvYga=X0YAY=d2mQV3dcS4HdeE3e=f?
z;T7oHYr%7@)g0&}F^FQ@9OaCo+`(klQHEwfUj<=tN3@95vvyCmIoYJ{iis3a3Wy!p
zQDio=++bbV#O}gg3VOnpRr7b?8X4r%eoA$@*&TGp4Q0glH-N9P;{x9xRE%@jqK*t%
zrW3(a8gr3O%$RO4lqX0J#TU12DvC@un8{O`&Sj|3@gRQxD5E2`T|z|_uYvU$w@QY9
z!`EoV;mb3#FoOcjk;bgccupm6-*#a2Fw)t-HVlV1X<9_yj6Ff8G=a9Phfn&sD{DvT
zf2wBKNu(L^=v#u`(Y79iwqBRf6!#l&8XDRw(~!&!DRTt<oKv3bA?_KijY#b~uKF#!
zLI1-9V(3&?AcnN?df>tNxfEB%>y>F-K~t;nkZeUvT_Y~9`<kg&dDgc!qUJUW!<{O7
zp$|u{z=bUFmUrQ@rutguJAg}4&f2>hfkC)PXH{-Yxgyzxn@lhy@F@Te3=AJE1<K(S
zRTo#7<8B9Bv((&+k8*Hg#(3tAsUC0vf#A&v{6%~YqI59#W5A<OBVP!E45b*$zXSIL
z@yc|q1-}qiEC*Ok(VaYYKratMJU#Ch!fopt04hm~IQ&Ks?s%>h*$mbOXl6X$j8=<d
zZqiJIE0uW_5f4+dSw#7#RYfQ|kuO>TU@{LV1F#_naHo#d%Bby%#i~1{a9R8Lg?CsU
z$r>Qzl55z6K@Pf)cnH!IMlI$!l|lP?^*1N+iqhB5E!k>eu_p6Zo?{fr9O@a*WCMnI
zN_0AwLZZ3{ILGSph0n-4*}2uBI40540seXZ1_DpRLE@5c?oRQL9mp337l}q51U?dp
z9LV#h7E@mGMbn_;)qX&`N#1@y<5y-XwDto+GlP@09}wD5EdVo_wI2{__SAs#LKMy?
zN1zYVwsQMf<mOCjrxMna+f<uWJK;$x=MR+vlWG;Iq;mF9j+<1g!c$z-mSJ(B34{7(
ziJJu!$#tG43=&|8TL>m)6rc%%R9K?=U{Xc~nlMO;C29*M4bq~Y?rc`t$7g9Wy0b-T
z8qlm&HYTkCnl;FFq(MLj+wu#%b2;s+sB|@G5VJhhRk17WB`rsDrM4P0BrQjAr8O-D
z+S_!>%+Y%uIM5E(9M!|~jIVIS3|5JP@qQ!N1Y#Jh5sWg*vTr!4>~%1qp=^S$^}vT>
z4QP$5?4z7GUUd@u-@yOl@v5#Lyuy{J?<6}GXff1|WI0aj320CHbBSSSPbg?l`V*Sj
zksQnroFxdINM}in>$`eb`}cqyEyc+jf*5cjtxrK4E0^pq<kHv^tz7og#>!<sZLC}p
zn$gDXr;T5DxuMPX#qQ>~T-oa+A?wJA#gui9OKq<@A8G1$@(XXx^D?K?kmdVoqZ{Z7
zU(pqIE$z`2vqw&4#&ajYqt)5zNj2Y{-7M*Y+UwphV6S^ezr9XhMV>NS+{7vEb*Hw)
zy%cq%wzyXh+Rb?D`|2rdajwL6^xMreCd&&Zhel-O?PkFBPT9?n|8BFJP3G)o{dTU*
z7MA7l`JJx9A44||vvbKR)x&NY*CKK4nyy!2?eeh-<`R{QSA4CGt5^>ox9fw_+U0wV
z0VwS=zK0Kk^yTFW6yS***qh`_QV+Mi1B?V35$+x1vKOmiENBtWZg%vMJmQkZRas17
zd4>!$WWXgt4O(Xg7&7`Z(2#-49McTg%=c%YAtThCq||_|e18Vuj2vb&&o*Go$a3I)
zQs2=w7vGcHw`KMl#C8eYb&Di>p_A-nX0@ptP<vU%16}dt$d&SeDd=rKeT5fHK{xwT
zgda>n|N2vuCrm=evLph~GXTgN9@a@sX*iIMPZwl7Vphu}ea;a`xkRvKlRgh*=`*_^
z_)WTyk(sp=#oA_B#Vo^kMYv^_KId8@V31ui$}U-ZM&Q?}?7`VM!6*H;eMp7%-ej?*
zQCNf(hFg($nvIQdF*O_efN_fAep4PZV<bknT6!n9pG}LDuY2uHh9-AZhDn_-S?b&y
zZLWq+IY9}Hp!Au?VOFBBD5;F#q#1l23>n2n48?R0^Ir7-jnKFEY8#&GQBLYO)C5BS
z?0M+03Xa(Na!UZ%&5f<^57DoCk*yE5Kw?Z=put?8a%&gh%RS|D@cVtS1$Ii4(C>Zr
zy6=%)5bfM!cEOX{`u}eiM3r~hE;yOm1-Cf`-v4dwf)n+%%~E~T;Vt}2^|fMfs=2(p
zdZs=q=BAo83@QwF9n&yagJE#3F$}I#!{9n=7+i<+bu@VW2p9&{*qE~qs;QAXvw8)V
zzXM|W<Avj8+91pBG(fy9oSz1%5>&;MR0*)?!)om$+oGBwaqC^)49O3A@V$(K*EB5R
z9cvf1fhtYaXS7P<cJ$O7srK0s0H$-+F1J}c2D7jlE}O;F*5wzTW@X6QEv*!}MvS0w
zV7Np)pAjTATpCHrp#8EWhRZ%#62oPmH2p{#E>9(6vdON)nGCDspqzRBG=WwehDaJ0
z)j4ikllNVdwKLmJDQ}s{G?h5wnZv^Kn>fm0rB2>bxl@~pwZCyEcCwk#+Ei#+%WQqt
z-bAReH_^Un>`jDbwmxf9A=KDZ#QMfL@_NjXY5O@F1@dzBbC1|v^Y#eSu3d*1JiP+#
zViwPP(k4rD80ojfjlduQWu4K_!|#>7mdy(uu;LE#kg;GXZSG+kuI^)%gCq||pf1FQ
z*>~3uvF}dw+jl238|{+@ZM4orW~cp4^!fW^r*+_%qjQc%z{$QvCvBv!9){QV*M6HK
z><z)1IG=)+_kdkDMGaCtNK3!KNS^OooMm1qox$GAnIbO;)T<xK%Rx@B{s7p12dvqA
zMehbWdEM#F!|o(lyE^;We8eYXK^gbC!Nh%zYn<oV&58kR$OnFYbik1O<$go5zH*<J
z*^wttX-CfTH10y&=R3g5)Yg2{ov}5m{d!p3XJ4J~AFT8Aai2V!INW}{;f(fc(CALt
zuaW<5vtMt>*{{zS_c?y%xX*lj{r2!I?$cBw_5j%U3U5BGJ)C+Sceyaej8<_IR);`H
zSj900`eNw_#YgY@ptQsWu!{FXX@w1774L_N1vY?Hd;siA?#Ue3+rXEk9&P(HI1lWK
z_#gq$lP_S?SRNTWEIv+!$666M@zXeR$#IFsa-4_~ixxA$eB7Ub#`4G*%b5XI<o*ma
zmPf_{%M38U_Gb|LW2D9y#6HyUIGDp{9mcN49I(e`b>Mx2z5_dM8aHf@bN1OU8ou2T
zTckSS3=h?=o^erEv^mOZR3x~=lp*1eCS^!0ph*EK2G~bmhg1g|3?vC>jZHC2A^^QN
z9R3e*Sgnl0XM6<#oU@!({FRgXoFgJ4d%$agEwlA`AWNUgy~r#>_)V~7xIPcm0*(`I
zS+386d3?!Zna(_YTqj_V?Q6((&YxSr^V9pTvayO!5N`WV9T`7ZZY26Q5OFEqB;hI@
zO~zBfU@h@>A<i~r+>r5gfnuqHgtxVe`)R{=+!gj+$dJ(P35IrecD#^|yp>kmaX+Ze
z9z#==Hl>=8yp(M8A<7W7WHpkQX22;z#*b&z<*l@&uG*Eq16g~^4~w1O^*BKB@lJR#
zcfjTkTe^-|@dxA<ws8I#f55xZ{~sWK0Q?2)5&Z?GXYvGvtFgst?C|%|U$EgG@)w|;
zd(2-j(AJ%a`Q4D(_P+(Y>{~P2{$zb!vr?}+wRN=ZuM?Z>dbd`mZNDzI{q@$iuP}VJ
zm$v=&u<friwtart3PHbP*0w)}bX@WJW841s+_rCGmIqDz>PE;}`qi{c<3N2aP4)-G
zddjbVkI=m^f={pjrXRJe)kX;$g|T-nT@JW>97g~C=w%7Ht*up;L+WB!t1buYVnDjM
z9Pp(NX%6odx*$gJeM{TaU>x+BJr4LhXBAz@*@NL{0;H6KxXtphTFrVT%EmgZa}Bn)
zD*x6mVMl;#h5$4h{1WToflz^0zl0eD8MJ>Kh+m>_9Ee|{ZzTNKFF|*d@qOL1eu+Cd
zP9*xUzE&L#gJT8I5@aM5;US~tBu~fPIbH_h&F`4cgrg?sDN)x7#*K6)H*)Y^hHu4;
z9eFdO$J#ZmUHqQ)tysGzE#k(mncBns!k=ONl;V}M4I1Cay};*^Hvt-~>`E~0huXSr
zKkg+y8Jf6Be0*#~-8FgY56Z+n>#HF~f?8(lPHE{EUZ0Z*-M8Iyarme6;ix@D<w5*A
zL*yWh-){`@?@adlcQ$1H9oXb@@%w#cP5geNKYo8aD|`7c-;gtz`G;N#dfuD-Lk`Yv
z@%$ED2^(@-k2ClRxHGl-fYI@}voENLsrDR(q-JMdOsYMJA*r<J=y?p2YR|q%Ds4F`
z2`1Hg@+6fzCzS=0YUMyuxsle>O(u0i-XTIh|J^Wt+-v<}DYv{KEE8LD0y{}6UpXDV
zs2meUpN@ITx-{FVxX5g3niXcBik-}+_BzRSD!wwC37ON!R1otDU%Fsz04Q-PPO}QN
zph%;AESIr;iZS?o^DCxYg$5oRga2sc^WJ{8gkvzrwZ4JJ5tyc#^T_{`A9r~<z4xC%
z>61yKD?L9Q0UTEdFhGab-w{`(y8+UHQ!P{WRLe;IREtyWzlCN!-f{W7y@f_!A@iA^
zal<Knk*7Y>@+t5t^)vp@pil6wo@tpnqfZdH-YK6T^51Pf!Ks{2u-}K5ooUJP_yzic
z-gXCkc${nN0W8^}c=B+NmY1tA{5{TM-_4CGgeC(}dh$Ye^3vFE$xBaO2v1%=R6Kbh
zJb43P`g=m0bQu6E8XIz8Z;CJY9NRWe&F>|r2CE0RpS3a_d`08nE6F1)9ILWLqp_n_
zrh^an0*kGi8Q{n2&p-!X(Kz^+0S=%340P}njlYK(;MMBSAP&Bw@%AtWoLd7q=*B4O
ztWjqUxG@HDNJosxojKsi$a3I)O5cG$9hXzvzXPMY_%r5V10>Jyj6XwHBSr#5@4=a3
zWq>o+kehYDEvA5e{TvfnU<wG=pCa<W6i}=`MP-6XgJ&^tH2~#;Nubd{DUl5(fjC(b
z0iX^5l#xluh&m`B-cXD9f>9<b%xZ;2pL0Z3X(8B(i#`uz>2nd9b;m%KzEe47%`uP#
z6kzREX!Ln7PoIlW>KP_CENcZvpL6vPFeo~opy<dtZ4tz}BR>C3U&QdUPv|iGVe_-o
zMGT{-xZ6ct&=YT5uxY>m4hThzzJ=+N$sld&sK@wG|NPYUTj>!C)!%r;(D<&7Pg1;V
zDgMLk@iz3&iL*H1PvU@zw6eg6cg6!9`WYu~G@MX-@dnWG?LTV1N!O!xs7LT&MmylA
zgnv)fh4?UYi(*7mh!4{%T!Xb%pAQr9KDhrrw>QC8_!MM<uCdV#dBUH$8tF1S<nexj
zvg7@70}Mgg`Sp;-AA+(V$B-I_p!`mRJoE~09Kem+<Q+6tVRN0khyaTg!tsaj9G1L&
zV#mps5n$m$_(|6hVC6zM{;-}L(ln;+Am)VUFz2Rt$1r0C@TNWEwgLRV&v!$e>AcvP
z{KH76G|_)-q)MJr5x6(_kEiY-|1sLR$Na|wZQU9F@l@(R{yX^3{v`7sZ>WzoN9wUt
z8>9btOnhgFTZ`#Gj>UhRSpTuYYKi!d6ZntEjQ_Zy{^N%AA2+ZXZ~WMQd=H!ryOVw~
zXs&z2f86K4&fLi6fYP8hSzXvUr?PtFXq>9AqbvA;__G%4^;(Ud?V8)f<z}@yBy6$1
zzE&r!j?;PTxL3euy5UXEU(IC?(5>SRBs)M?Tc_Uc)VsY-z1`NkjdbyL*J@}MP2qhl
z%hzjY(lmX><8^n$*<GvC{cW7w>eyRPNG0dibDPy;we=iQxL>SUwGMI4EoIM)XW7%?
zela_uT{EPiso@V#;Q7`8tp0E_sxxT+xE6nS-?$ckc;CqWu|NFB{&0?nljBG3p79Uc
zB{hJ$v<GznpcN#iLve@}pv5CMhQ7CY;LOJ!@2Cr(`XJ}HPc?${IM*M%SK;b6T0!12
zz2FsIiZ!S8Mc*5I{npn&pQ%~li?`SM`%+wUHu)bE|3A&_*57AvwtFnoNA>sFKHmFd
z1Gu9h$CkLO8DyF4$@21bZ-^TpqJnX@gG}Y?J-M;)gAz-i_F9!JG9Yzjr7;p3D<Jm-
zZWt10u%SQBU@D6hc;=~M1)L38yujN)v(%r9t@g>=ZF>&8f3t1RVH28J1?)L&LNmjF
zJ%>$bw#~M&LWE|UY^y&A%`5~CZeL)OCZSV(8&K+%f6w<Jr&o}hR-_;BI0DC|RZ?#T
zFg=>;b9c%(y){n*%f}zYID?ec-YNP0P}urXna%TCxh-OHI>s|i9RVUAKU^^ged5BN
zs!dyZIz(<xG5&M*z})!1Tkp2ajsKi^FgN~l7Q$30p!H84|6ee&|3eeQ(8oilJn%5D
z^r-WuPc;U9RN@;3XvA00Xn<5V-tiC!cM3wbIxAoCvES;^liU1?56*9&jca=K!#&ga
z^V;(RArcSo50TJU+K00kiK$b@NMw2RTRwO0J3R%+L>fnNF7UV;zSGlJ=geT8r$4WK
zUyRHC^V%D~3()C4)dM<Z-|7LK?o@mR^51Ro8PmD=j5D6uHXrsm-M4!3_4UVlWM{Us
z?*rjGyzu@1=^c*u;M%Aj%K1gi{q{CdUJ@E-rzXu6qJ$;`P<r|!M17<u0VOZJ{1Ku)
z`k~_Cj}Y}S0H$|8Le$3qnAW-oC%Ff}p@64yU~if)Nxig<cQB$aWv7PYF7*m*ez;W2
ztCfs@zbub10ItfFS+oV#DhviG8Sg$bAef;)1A{?ICK!Yn5Yy0~fx#dp6AZ!(2yN)k
zfQ|!f{QAs+2#0|j3<fEgU=ZejQ-2_bbVS`Lb>@H%bRdWH#5kgv1CHn{2i~Xk9X(_i
z%=GqKQlI}bjm+E?f3&VIjSR_}Dknv{n9A{rhfRfpx|AA75ouxyXxz_sktn8sxcw<A
zRZId^2a-gxm;`bTB#Cq}33MDtO7Q~$vn1vP1p%O>ZHJ_#Athyml<>%il{jX#BB#$e
zMySjYY=usr2eR~ql*p%yhsYgETEWxjfm%Qu!ma4(^I)F7kP>NXnDnu%6+e9*tVhq%
zTLEOAJ_#gXPz3)}L=d{$FB}C$?|7VArnh1Q_&iw0{f}M{7~_+03Rz;oxO<U6GEhAW
z6GIN1kuUNhIFk$>q{$eK8ay_={Vy055ovr1zNK}S<Hz#)fV_E<<;{<J*p=axjtk|6
z86zn>7@a7WI$L&`F_UJ9Oe{;vwG)PG8b|O5(E87Q9Lr*(4*1P3YiHeCay_c1dJ!=%
z#T|%iK}>?(;UZsdqlEB46Z7&iEIRLPF)txiAH!h!x3gl)8N6rU2P6(Aq{U{(a5J6E
z4MoUxA0OmvZ;UU|X|^O!=}s5%C!AZEZmc!(luze+j_Ky8h&<)fIjb^VXIIvrJ0kME
zj*mh8luWj7BvhVK{O%3$Gt>7_{0!Q;$Kq!O+PX9GGt+7O%xmFq|MM(<W~$z3j@HMW
zT7&U34e_;4xV3S{&x}j_%!G}fQCMw4;%6ohKhrSrGm{!WGil>zCb5B;q_h9WcPqog
z%iE8?S9dG_IDY1Ch@a^X>q*0C`oem$Xc}|eelVy;BYSeOHR{l(eYZZw@RtMP>0YeI
zwe<}6S?@MS0E<O9l3Gky3>W_xH-6P2*HFkc$+a<VCwVQm2|^mvAfPnpXH0{D(x9I)
z4Fa-3KPWFjK<jHj15M+79qWs0K*69gc*XYJ6$4a@85Lw=e>5r}A!H;M6W})29;+ol
zMB;?jX7K=i;eV~(l07`)gskRrjq1XTgg7C5SJNmjjT183D}(myFNqWC(_a!N)ThCI
z94GYSIH4b=IHB*Uz7wBreN2OU26Y~wBN(Qssu`m7xIND)1apVbJ*4*rE_%PaBc7-M
zb8$|o4ivKFI*s?Wh>S9NP~NO2)bj-NZQ59zdv9!%^=&fx!)ylA*bj|uNc)iUb({Dj
z8{2>q`8yI!s`YG3D)&ft?fanlE1^xz_KpOpIlCjlq}rp}l6tzBsk{@<l(jo}l+|yf
zdIiQdSQ`95$5e5HOm;7ElZ^hJ#BZ;Vm)U!7ycO}6j${UmlwW?~^Lc)W3H{!Gr_1T$
zu+$c+vP!O{?)bFNxfrdDLt?b1`eU@FvluP0_oUx)?JH~Ug28uS^WSpKeFygWr;G1$
zrV!&L-?AL$%;vW&c_sOzdb0T~%fBxa*2q1dnGagOPkCw|^sxKAFMy3F^+7-8&iIR+
z!WsRn<|B_M`&ly|YW5w-+#NfuJWmW=@%@E7U31@G08hfg3CQqYaR2Xmty^&=fwRHg
z;593)PvY5=r+?%{1-KyF+Yq<jgXhI^;5FAFPpGe@7OzaN$lt27!HJ`|bqgTw1~)G1
z<LztW+t<{+*3AId{RnsBN?Z6s`rJqpUs*@ptt*h$uGqI(ye*cR4K~$k<7JcZEGR4k
z-@g=mTVDhi=mOc>@Py{@q{zCln<48qaq40K*&Ldi1gmOPl==dkQ$S(CM%qVd)4p6Y
zacUvsjrd5#H4_xLDJyUzM&R;s5qfvTos+kB<mGMgZk9K50mJF!ExV&3CvV$^$Q$A`
z^YWI9(>zJu?uTwT)9$p_9BrM4XHTBaV&^Dt({XDfo<-go$P?;osl||wiu|oQ(;{yz
zK-_7OH$GZ<+k|H$Z){8DZItphZRO3p8F||Xd25_X-Y!5DKo`h93{PkdPl_z$Eko9A
zHjvVfY!1y$En-D^V|_t$6!NCnK;AY6C~exm_2h3WXoQX`wY<DBrU$Y&?MzGjPSFbA
zI(^8?-t-y1k1$l%!QY<hy1l@<FW%;Ku`y1eiSg>=8}m+lU9x|(6VE24cG(FsMb<2K
zzmf1Pzf*`!-gtNxnM1Z9k9-gO(L-c!x?lEC^=IwJ#Ch)au_-Pqozdmj-d1?}^3<0K
zPe1sLLZNgO@S1jl6(>lRR<?{TZ$&~b72nXr%JZ6i-G4dqe7E2^2cHcx9DF+dh+c9E
zk3rpx0djh;!MBM^PVYAS#9O_fF+aNe5?1!sw5ecxe#+_bzL#>?*c^o8o1=C`>YY9E
z0@Ob19DE*YzNWFi^>4@}Z%5hgcpe~GpX9VY4fGxN@UIgu@9=N1g06Fjuf6B6nmy*_
zC|;aHOz-^)9(T-6YXWnpPy(e2^oKloAb$T!^zDL^%(~C`Y@y(kf;li!3kTW|LK91!
zby_sg+6bDBXOEcHzep@Kg^w6J6HXzxboQ~f1FdhYDFlaqljvXQ9OAG3y=EUcLL3Q_
zOdz@7b}oMZI)~fma=0;bpha#)y=i&eFB8n3Z`(ZlTWk(pmS6Ulbwbx-KGgnxDOV>m
z1(LNVodZq;_1GUY(0ene+WJkBeAVfZ+R4@pj_}~fF6I*=m7Hhb{Is+Fb{E94g?^ib
zW=)~nb$#L&{s_4I4RPtz+|CH3&%I{f0;MpSFE4+9;`B|ld=&ttAlV!Qjm;yF;rO^4
zAMZV@gc|kPNshb8@zynL1CVmq`#B_5f~#@Qxl=91;fbW~x7TA<#_jt4@z(Dk<B1yL
zJ@|d-p!<cW_YOdwQD0MV>R!$3tS!1VuXP--)(Yz^x~&(dFN}@&72y51#9JDIE|)4t
zo!}W?M~juHb5_**I7)QJ9aj+beEI1u123&J$l5H2omN9|or#?jGl_SiarFmL&rIy%
z%|8+5P{At3Z(Wxn^GwCSwlAs2(o~V5bAapL0asUXb%NesAj4dFdH<JF`ntV000#cJ
z-ul+>@{#fv6s|<szeic`YVZN0B6i&4C*pE@U4YxxlcnR18!jI2{W}Vrz&-vmWv}~r
zfXjZT!VJfKO~O;}zmccXKHCl9btx}ao#OGj=fL%QJkmV)0<b((!g$Na95*_Fdvlz^
zZnXbS!Tn{bbI8};n^0Fd5H(bZ;;mbPxc8q(?l?|4skWhbo{3zeg`lY5D0GDGII+1{
zEk@l>x~jUmPB<I(u0-D1{Z8)}@H;oU{2CBt`9@Mkbf%+sut2U0H|F@QC^(+fTfy%^
zl&($~9(v$f@x)96yc~~C)IH3~y*~!d&7#Rr^Tv-$!^l|k8uqzS^Ah_!Uh^R1MDE1Q
zM0jFmlJ6&GHZaSHnJJb!F*D7IPSkzZZ*44NArOT8;LA1p>QQ?h9|no8ooP1qG&fvU
zFE%&GZ)pNoBke%E2@RYfzR6ua-g`FMK(UApuqd8?S1n|pgTlwr=XVM1MbY055jGDc
zw?}r2uJQHPg-6X5cC<DDjn@BS%(iY=Qz(^@;15fvIAPMdFY;EsNFVCn%v@CLC4jZT
zxN&yJ59W#>oxnmo2rytaJ~11UaPhxn6Bx4zFbdt)*-R})zCM)DT|^p?F11qY|AHUd
zPk!_GAMRv7O{dt$!7ig`UaN(coz}Vdi&Y%{R?)f0bS~0<c+!#n{xXwxO*7*g$0zsJ
zb}R}_$3P?Llypx!#<jqQ(XV%-U*0wQM*M5`2}7V9MGJ`hmV$CzNtUYH_yxrxvUT0K
z?Rmv(pHlaVEW&quFq!}#ZTP$A0^FWcX+IT`1}%9mbmR$80K((NUDs)^adATx$r~n@
z9haeje12yJn<2>u{fm5l+Zpi?@E9PrrkG{KKrV$*?-`Irpan4&!Nizdf&zc=PJA2$
zIU<`wWYjOb0GPjr<B}7^)wp$JO*y!_0yPfZk82Yqt8v|HUkqh_yzT?bS}MZV<B>94
z_aUNq=8|TBll1^P$w5(kEL&vtgc4e*egXq=k&{KxeQAiL?)65Vyuv$x(?1d?OY65G
zsRRtmVX{Z`dL_o!ed<BG>$#YXg5KYv@!mrytRd((gL?5<6pZ%l1!LY$S7G<vUhhGa
zDX;fn{B(*=F>1Yp&9i>acy$l=5h2v8y%}FwI$kf~&ZORJILgZ)L6P+Xf)3c{@(Ftv
zPuP85&5LBRgZ}jjSQ`}HYw4TpnNbqYD2Y=FZ=<OT^w`7cl-PsN$Lk^WOK5e*^>`G5
z^Xu)$>k&U`6lIB#CPw5&DBM7*FlERX<JY6WQ3huf6ITXXy^KrAFswP)NVi&9A0cuW
z@}Xz|@Grniq%SG|w*LfVD`O#apI6|wc;1J8$0ZDlGT7DDPMKi@Rf2A!vtjp(T#9fM
zTW)i5szek#th4b+`4^+A2+_FE$-8hF)p5`sSm@v)Isrx(deV6?u$NI%#{E&p5xH85
zZ-@9r*KRJ>DykJiJcx3uLXqJU1nJ;OZ?y`$pmVeU!3BO^djbP<YlS+L!-_b87Ba4?
z5Ncpo3*raw;&*qDubAd5&R#fu^&t$VnVbK494pcXV36lllq+0OUhX)DUW^Cl&~f?u
z68t^*r29b%m$8WGy%JQI(K)re{GN27G5bueP<pRAMJm@Hv82xKaIkWE8S-Ir<&WR{
zL;SVt;wcdICd#F>E(^C((21PjU;tLk9*p@nc43p5Elgq^@gU@XKl8i2KSebzws*n0
zHLd@`MCBfOJ5a}xZ6xw~xV*4*C4!rv%hp$KErp#RX#F=b{Y!DSux1oPt57bSJ6|ZF
zI@IeHF2L{2r>}Qz#GPp23_vhbIn0(K^dBLZrF`wPw(i;Uv~J4aBiRW40cWmy794lh
z?Ol$i4%Rc2GQ3`f*U>e|u>%jiZ?J2<i?he4@bM3r_5QHiVr{*?_eQ=!#(lY?>7N95
zVD#qzJH0=_-)gbr6(<+QMm+2wZ|7?0g0I-s(5$cPKwqQ-YMScxJQrGU5egQn{+tmH
zbFtssgNEl~C{RD{{XCvegb~zEg&9}v!1KE|MssUsgBSspvgV{poPu6hsfYM<6aG66
z`8?j+%kmIcYQ-Sx-pb94h#-ECfuMZ9&iuZ}{Qh6_O9`EQrVAaZMBF^O{Al!M`I@Xt
zU8Rgr06Nbt>;%nk0bN`yk&iPUmh`2oFvC?adqp0o=r3&@U4Av|k#t!oVn@Hp^@2rg
zKCtN54G3EMNPjNbWc%F@Svg)34wJ{S7n4n=Y_eSWtNW=3I=#1mF^0YAqb6ee_0}vg
zebnt+Ouj$kE2v-A{Ig%v9h_|Ea+S*awC+}O)d@J=#e&Kl={lay1KuB??BoWLbBH=%
zuHrbo*8-!%d{bB@FY6KeuJY~`X6~EG`<1Z&eGql7hiT!Zs9<Vw`r@)1Ut5VD8KDSF
zEQJ!X+y}q>|A2Xa9e(-$HXn&#P6Dc*`&IB}8Gp<oUY9%DFx;5~I~C-4ZhxLA*;P&4
zBs{pvRROjpP?~=YEJ{J|XCZ*+|0T-G=0JC(sHPF_kcvLoUr|<x&&NemV}Ok()-<nR
zmF<JM;<I1t!!;`&=8NMLk8X0JsoU28`z!lPIlLIuR30zigv98#e-UJE{TqmO@Ho`X
zRZ*uAsQSRL?k_Fsp>+jNYu$i9v)8ztX}d=nbB)Z<(9-*35C_u|_VwzQy%<#aXUc&p
zX%Oqbkj;qJxA7Rrrp^cz0lojhpK^$?)%`m7BisA1=Yhm-f}Vw8??0Kr!S+%$KE|i#
zuV3GK7r?S6*?~6s&v9FS2N>)^zfVbXTV+&oc$Lr2`t=8&$G02gO_4iHW#Kqj_o38b
zY7DGH4^v|}BmQA(3}@o7D2(&j<cNnx-_1tR7WMIk(&|a=dc&IZwK3GM?f9mhps$_R
zIEMuFLxQv@GgW2IAwla9kvb?iJlB0B2LQ~J>HnU2Zo_I7Qwg#z{<71w2Jv0iP_RJd
z8gdU-K^ocX`v-rGk3!-R@8I+Kg1#2zZb7ui`I2+b=EFKSG#0MZDQNC#njkYqDQGM`
z607YLGh*4kkQ4YNC@gwQr*gNqs}GRKbONJ?tJ6f5^@Q8w<fSNqw_=`ntatGB0OIwF
ztmf_bW90A(w8($d*_Wqs<;|V#cgoApO9A7$s!7~cY|d9(Pa}6dcT0KsEom0t!|Mmr
z*U4N7Z*^weU!9q-B_E|?()u8((Sh?^w=-!6&N|%@t1i3U;Zh_P`CSB_AL5wN^-al)
zowAa+5>0OQq74i4LGO0d+ZhkdkP_7%pv!aX4>mZU!=U#c$Px57tT<rI5{a^U0&RRa
zH!j!1Tq4ztn4u`6u)SZ$s~BfY0&O{c<CnEpoT&9t{9<kJfMRa27JJ_zR59mfXmT?)
ziW?S6MT1p4!V{|;81dQg=Gb!O``sS_zOG`4rH*rCC&iazwW2hH&8T%9cS?lSy{PQg
z{RB&f%~)?x>tMqnzfgs0N>ajLB_R)3pO`g75t|%e8k%#~!ve&@q2z)7B9-QjVSAab
z8$U`q9(pOTnd|h=cLKwF*E(k%Gz#DH6P=c^>&8l9dRFJUFX`y+Y;k0KcUn5;d;g1;
zJCnMmQ8X&%g(<Tf<T5s~43&ReE61v)KFJImx9bMdc;KQXsibpXI!ZDXN-j<J3xAlE
zM|$g@Q7`oC3G@th_m}g>Kl}>*K(qaU{DwxeMXK4Td2fJ_9)2ZKy}r@t&#lFpayB;{
zWvpdGZ^ZNa#-0Pctjbz7_lUAyRq6&+)xei)*-P$Lyg468lOtxHFpYi8IV7YwB$PNL
zgg7K*IF;`H6dChSw-dR^X3yQgMP5AnBu8z-!ND%KDNc*aB`R)KPH)2SM%;rPDm?Cy
z{DUv$qt)9l;|t1@=Ce<51hF}|B8Zym9V8NGW+K-7Wg@Nf+%)Jc0qgw#!waV2*@qgq
z8vNFvQdfpCb_yKLy?-OdgFtEuOf@o|um#LA4!|TI`Q{W7@a<z9U-Y*@M{y{Yus$n?
zZugs9mI!*f@{zSH&Coq+LGC1TYi9Ps)xN-1E4~Wpm^d!Z*J_%hy>CK)U~Ad?7P51F
zsR^x7Y|muv|9Idd^PW(o6f}2tAMOOr3zm9cq~@U`aBTm=x+9l>ctP)Tcy)STW}U&*
zuDNjqCwol7n^@!{OkEFxy1GE|S~B~J+&YDyuyWffp-+CNZVXi2lJDwbt2?^<9n40{
zuYxbntY+QAuR`+}kgw*CfA|l{NpMttCziK;qwsW2|IDO}MH*jbe^-B<LsC!+7^0np
z=5<{FzPN>L!0Q>J_gJa)tM_vB1Rg@ImkYtUKy)+&P4JOgO(myksg<^LnoOJ0Ogg@Q
z8u)xX#Rv9hGPmr>k1v1WaOiyqNL3^G!3sWym8|B;r`~<CiaAeS*H^DrTheOFwqB_Z
zc1NkbC}d#mq+#db`m1)V`SURG&}L<5#K&aM)+Vfo2A7m2A|WC<1BjxA3`MLDGs?o=
zLSA4XieS&6BfX4F@6l92q;pPRIa3D<ON+{8XQ(uoTC#dUAL>`i>A$4(@2As@P$s2+
zU)wO%50V}Ac{1OhzCOdwN+blY8hT&QNAGTN2)U<<7K0(wMm;%-7IU<|sxQURfkZZ=
zf^-N9=VNL63DQ9)=*ZDo+i_;KxN0g)dk@7RY@G$QV(LxQ6$N==`wdYi*|5SVKKhy$
zPS-+(_1+CR5-eIx;A2{9NQDo4IT&LELuwwEnsWu~@OVZ!w$gSA8>onmB0zoFndn2H
zR?M|0p4~j&`PzBH8`fnC3~qVQ6y;H^oU20<5<#w{*w|6R-erhzMW*SfE$p35Dd(Sx
z$wMV%n5cy)UUm$LG{_ne=2I-5L;z&VI)AHEtEiwxnMCGMz`zqiycHS4VrwJXoQYx7
zN{-jDb%!mJU5qr(M82O$?464=m6MvE_2vA_X<5aBSW2D0h`05#7rHXZ=_JP9x^{oL
z0{aCV`NkQ6i55L8No{3eLB*}gTV3@rP@{SI?Gym<YzPl<>?2T7dkmnSGRAkpqCA!1
zDv;3%kBIzcw5T{mr4LNonRb!^Qf)u3=G9S&mPOHYOrNI0suP(Cy}=4A*7%GC`GdEE
zEcp)fp?#-XtmLan>S6mlqD-=sPlF2zDRZ%ZG2fyOw%%wR@bJ7Q#uvQ_l;)g>rOioG
zVce}+VIpmCT3OdOX&EI!-}HHM83cJM??zO>Txn=@jjIEPL7)TaY%EJ>n>u%YQgjqo
zIWx`X;^bwe8LhFk4RM5JSAHr%Yb)NWbbXBBAt<(%@dHCYddSI6n9n_jSGWYS`6<>Z
z)81U&HG_+utI;*v9!Arfb>`3zZym%Y8)w3DUUhH1L_|3hNyA9xWSR|}YJ1)dMOV~4
zH|l*7rR#oi4qrbubr3slH!)Vo3Q$0XKG?VA#%;e1J|PI9+1y2wu_?i2m<!voS;(;h
zye;OnrBoU!UQFWZPQSRL7{DT}xS%<BQ4HzL)Q=OSI#Z3VX^&Xym@I|}s)#-lbYdkH
z;$1{Txwa}JGaEBGQ&}=iq!OmmhxMvcm_XitrA#^+%kwQL0~5Ox^kyOXSSD*DstiTN
zMKGWQOp9q45+%uHveOCyycG5NVn0CD1xMDUBYtN+wqmjw=;DJELTnc{@Jleu<yNNt
z+!XBp<4)u7>$p-$)OHektB2o!_x5&dDZAz6SD=vE{rnjFy^p1@&bXE{RvMH;@Cz(8
zBc=lEL|@N(M|?2@9sXmy$Q}sW;Fj!--lX{2jPTtho89sD8iSB0cwohBN*>~G@699y
z*30tphWyJP=U?8Le-YEu#B$}ESZZT+O|*m`J<#ma94F8CHi(CDAir1-tVd20%XB4^
zO0N8rgF_@$D1SGXm!F?z3#8Ie{w~ymL!@9Re_M?9LY4n7&C4<B78cO<XJm{@Prd?t
z(^f+1UEKRC02N(F>Ix2SX15?DLRo<sO8glTH1%w(Ic3jw%gNca8&Z2dvG<;|wCq=V
zFny>_^b0Qpo}W$eG$=|9WlxAA&wloZrDb2;??YWxtZ6codj!F`8Ep27;Q}T*cD@P|
zzV;X^!d%{)kd_A&wU?lwQ&<b!KF9GSCb1G?rMQcoePuqs(kBn;eHc}0Et{x39lWaE
z{AJYl`JsKyb+z1wPVb{AT^ZKnU;)z^dsc~x+Od8j40bG1l>XLDx>!?X6wnSpNoAnk
zN75cRXY4JFuUhr%jjV8>%xy3)971zzu@+?Y$x_e7`>exZLQ$XHq>>k}U>`2>22aYo
z1Y1(XlN@+F12<MkPt|u{Ab*U$lcA)snnCZU*^th=4+q`(Pmyp1m4yYxz!f|eFe9=-
zSN_VFVss~mjw^qAUt)C<-6`WqRHRgNsg`Up(DG8{^RJ;TydsVfTLOAf+iPOXgI+MX
z5FB|UyY1-oM%!f>uJ=a<#LoO*#qUP^e?Rly?pnimcw%<k*vPpO!T$|_8aa^KYER5A
z|H8MdhPjXyBDeK3z#lfe$FUnwjGv~8cMrb_$iQ^)X8!nx-@+f*^4==H{^7UbSJ$IX
zVKcB18-PX(y&agNOH=v9IszVBzX!PZm1t>7Xi=h5x_1$q1<%<YInCb=W_tb#g+N-H
zm(J_-h3;z_elEqYBYy4dP0~;)v1jE(e|Encch^Ij*@tWP&110h$vqCM3uMMGw9${-
zWDIH!%#Rpde4Y)2kXV`UEe_+Lbp%ujS+%4;!BJ0kdHH%$_t7-Fi=OAYPVGcb1ezer
zL@>EIc3PL?ZEnPA?Zz(xLX6>7W%7KK5gCzO2v&r>&6K8`@ZFR{{Hhp(2?|9Mi4$C8
z+buj1^?Zr_F{N|DR7R5h{~SD1z}jay?o98=KnU>yw6DRoCRz<Kc#*=FZ%TXj8jUA)
zTJ+p#KBq;ejoR~^)>H7Tj=3i&A82SKAJ&V51C$dPI-#`az~HGhcGmxY?7az?WM^46
zTvMm&oI161_nGRc>b-iB^yH+MSwonFEW;M|s6e16U}mN>0W+F3%miHGj04{<zZ;Py
z85CkhM?UqFML^{O1wlkqltlzYL_dh&0s<oYmi+g9KkwP9t0ohFx%j+3=bEnb?#uH&
z?{YuSyOh_z4{@d9j;T_msk`_AM>H2~W5z}lm+^0+{1{6HMzV4yWo8Q$BT*I3-BIg5
z1TWFDTKXsm^cm7JFH5Ax3nC_d8a}Gk4Di#ka$-R$W`{O`8{(F+WizTCSRSo~2UqZT
zm#Nt)<Sn;-58JuI11nFgEn}~xdId1aBSP4Gv-wMxxG1DWeg`o2e`!bV8N3LFh2`r|
zZ76^NMX^x}JFAcY`wRkU-v<|S%j0ll|A3=*fVdT&VFJp}{#87q%3;%(FYW#_FitgG
z3oKjDZGtP5DhIq?blsr_9F!s*<~L!fPdD~0uY^rP+%FNi*7lE%e-SI9W7z&(hwwCB
z|1=ES&<@fAeoL0#a_UOHT9+%NzcYU3quz&2!}60j*gE9xH|_o#zju*KV0|75VsJ2)
zTYnZ(OU5pKKa2W$9h^=0`ung-ok78z{ItFV)fu-4*FEfc9oy8|@oyS&=;UeJ;^KMO
z#K3*Ai@Q4-B2H=yck=f58u~aT@krH1Skk##dJ*#d9O-O*Jm~5O2Y8!fBD6~)YzTA1
zTfQj3@^n=Ju*1<`e>R*~yosevlOMP%=!9K(Yd8uQtzp+0uL;-M?KiEuhy+2MDFnx+
znk0M;7A1{vN+7CGD$j;r|3femR&!s283V4g-0^L+WVQKm^IPA~@D*B6C(gat8&&$e
z>c-XtTwwFLbh#-73QXleMP*YX4HSbM;J7nL+Uu7hC5)P-$K?L@{tsA^fsZ?UH1w_9
z27@W}uv;$Bc-6+KI$Mvm@RF^Zu<6gXk2j%ic7rGO*M*kGgJEDA3ziZ#*;zV`z?l%e
zVMF0k<LEpYL?gWAY#Kq!ux1)W?4GNb^5J^76N@9Xr(N2{H`__mPW+Q3+Y20he*zYc
zj#d0&iT`xwqiqj4qMu}hYcNEv!cZ3NwSi&rsMp;yHf40&gMD9jG9d69H&vlwc)syR
zun_<UOA?;Twuz~5j6}wE<12WO%M<i@He%Bnv1N*Sj%{pHY?W1Wv8n!F{NVsVsfJAW
z-Rr@CEuzu@p}DG|nK&d#!Hh?N%}~tOHmpH4Yf5Wt5=#X%r8=oyV`I{!CUNP8##Fqe
z)JAjLv5+=4#%Y^tvA4CZX6K!sW@tstl?Hc(D#0agz-g^uGpx1w(xwo%%8XdvqY8>E
zS(Bg@22I#wX;ZB|7L8d@JbPso>_(%-n%cpHMI_ZmY`uJJ$zi86a&NRZBdQn@U*ZZp
zO*LkQaim3`XtV55TX~hE@%7u$AeQkK<h;d#<1QN*Nh`e7HG<IhF|{rpzOwl32_N^}
zbdyzNG=b^(nMlZOr$~CrWJ<iLXwqmlJ>Kp`)0e#i%^pogQ{whZe+M?6&rmaM<^DdI
z&WpAtlsIoNCAM16JHHm4Zw0>q)1@;mL>EL0N+>kHZP9r~gA1%?=GmS>xEXUf&xo_l
zvY(B%w&$Yh<uE$G-P?O1m@}F~HAL9Cy<OU;m+O#RUKmx|@zPfK8S!l?17{12>L^Z(
z>T=oDz9_nAxmIg0hV7-L9vl_R#+mja><sP7yc8`)7g}+aqopV|<4Uxg5N2gCVU~?B
z+oSCWs@!+LxM;?m(TWjbhlZVUv@^#AGtth394pa|Xvvy>Hd-bvz;qc2qKjm;^1^p6
zTHaHMwzqr1)Sme=tiAO+*xPp{a3Y%Hag<$W+Ve}Tly&A{^`n_+Hk!}#P;R*781x*k
zRQf`04C2~WD-9c9u%Ol8fO%INS8Wi&=)*y%RZB;kXMxe~M8i!Zxi<dxcJO0^IAr|b
zz@JC>+>~SV35-143}fR;Im{8Pn((WL8(0guM7Sky;IP68M!Zn-wf9n!infM~N41qP
z=saxOh&32y9Ars0Q2}kTfRbgUo=j9rn}RlO5?#R@WHZ+i7JiJ-ZY1MT8{+Hc`is~i
zEjMwMqgJjWBe+Cc);9b6sAWBdam5@X><G8f46(^lWjEU7lGuzQgl?!=f?_DLsO>U_
z5DqkM{A-W<xNd86$^+wrhmS27gG8i`t4lZPTBWelkSl`rB)S;4^R=hYZK$?%r#nrJ
z^6;pG(ri%_jE`H|^U%}Ii+cQ~Q-O%uo-RjStC$gKX75jdTO4z2En_SqbF`<U&T=c7
zM#dCbwWpV^g;6c{_`d9{sOO<%-1UG^{OlM<T)L5h#w*iHo8@Msg-aGC?OGVM*i1C7
z<jUxq*@!*MexpR-ZA~(<{$iBU5}pINV_=N99dy-RGP?JC^tQQ_`n@9cyX&VAXEE0S
zK?cg`pO237@9cvf=lmaKAh!(7mIUdfti_w#?zGJ9R<?H2+8|hN22&52L2`Q+@Z**W
zwno5GflCCaku(Kh6NJ80a;b-J#%O9?Jt@K>yu|5PESLd{fO1VW4@FIp1|3Q%aS@;d
zu<J|9Nevj7|J{ZXo+CtW#CpJ@xxt&FI&rYA9$e@oP~Fnz_3~!q)xTNZR*ZJDh7QO=
zxD|q{8&<I_NYspg0X2(ic~|bJAsk?^MV7Nzdt3$DeX%$u7O9>LlC~l<szabv+6&l|
zP~BCll@5Y6(Qx2E$aS_OHR#LUkdVREgrm^_+Cp9`ZWn2Bc+0J+lX;PgUN&Ij>{ezv
zePiUJ2AI7~$+)$$*484Xt*KlQT&wcV^#R1RbDCgAu2`K#YuulOB;!k<<sdwV-Bk&n
zmlv^IPI>$sW*{4<(5{?_FvVzP1X#8k@W$4a*p-w??nGe@c`HxFamhy}J8+lLURSZ<
z@V9hD+6dB5k+SUy*S$31Ap|ODIq$ZXFzi;xof(DZ(jG^2g1zrTGJO-KYXT|rZJY~}
z!6Thg_{u`Xv966PTnVe|wUU{nJraroRwkp+aXt0}z)=jq4wTJ3O(kMI2S>%g|F!~D
zSU1&Rd95ixt6l4g7|H9PlT)R7SM7#=H=E)2p>EH?-*4fMV0rIv;s=R{_eR~+#Km?p
z!2$kN+$uS6%jP`e<Y*jKZT46BaCQ_ZI2}W)g)#Jgywdeh73-m}5HmOGo(HL#v?74c
zqLfpTT*iIRngjR)jF(tBQ9xK(v97{)v32x_kyUy(o;~?;am+9-cCam2zQ9RSY+<F@
z)mYV0<ps=TP?&7wLLS8P+%x$V=4In7Cu}z%tU!NDE?+KVdo(R9>=^bb^NU@2oYJu|
zhw~-mH~8H#3K@}Dh+d7Q8WwtDcZi9QS5<dpd{y;gufkb=9FtiY^}A(ANv#VkG|ot-
z6qF!lDt%31b8-d%R_l)#K-5v3cpzOB8aF4Mf=Ba=5BxG^3MqTH1GhxPP^d<7la5P{
zn`7jT)f&e^`YN)UH`)zv#T#GZQY_bJFmqThz_~!913E#qolG2nkts{HxWsN2c#3oP
zam*E8Pus$VBPU^LENCr--7CL~!n8D5P);(l?`<GdLKesbvlXkx_$9X}tAyx{wad03
z2L#b@phJ;Ho~kArEKVH(8c}WeLR6OF+^C)iKipvAhK=gdo+LT!wXt+tm{v_}5&=6m
zrSyY@3QOFUbYdt-GC;K}68wNq*oRzO;biFYQ?NH=&(&$Qh|o3QUI~K=pI`hUxe=>J
zrRGdH?P!>~Rg~#iEv%M`lGH;Zh|gZ5ei4-3jqf+af6stxUQR!~J@jX`KWgtQMR;;2
z*pkbkM51n$_p~qHGITr;Kzc#`wNAQjV(fI%VG?PLK_lyMRx!@uBoUaHAG9-ehLW8z
z7udRl+g6-HD5^QmayfYMO-S1HL7vr--e80N0VfXpnLW5NBwr<EXIWXb+|(Ulw%t$_
zFFvA-hy^Jv_+}sdgawPDr{IwR$%wxT@%IC{zr=0n8BRQfeOGLHTLU=~@-*nJIHrq5
zl$s!!yt!w~g?E!?N*r4p<tbzd<OcQj&RXfsD9QsW|3!$v11QNK%TKqZA56>dNedd<
z=bUO_LCFi$pJsJ1`&ldDgpj|?7WuRjLcR=^fkMd2at9ZRTmo-zxry934al04PW}Q@
zg47Xb1y0l0C#aO0%_+}7wZEltjDp`flw#zp?=5f^7JlqlD>b*qDc2TZ%!Yy1jK60l
z?G6xd+W?^B$;9}r&^5XEx?H*%dFnik*f+&AP{D{XAeLrXl5;hi?Xa1NwsnivA_gI*
zn+Utf!?$B;_w5`Hr$=uoQ!UKMR<))>N5OJC=sx5%C{Zx;kQNwW?-fWX;m}09ie0hl
z%Us%2lWy(gr(KMo34oH^HjyeOqEl>1vhILSZeXyLtR)6`M0`YF4HeGpMiPwm+_UM{
z3*r)2z;u#rqdpvz+JJlP>*!P?7|#XvN26AIEW~Z#qbnUO)0#FI@jh;6jNFh7ac865
zuC>Rb%?Q~}Mrz*7?FQ{}#BW=XDcl@4V<+ku1-byl14+@bnE>Jj1l3qLfzm+uiDhWh
zCB6i}hFN$7GKeh*C3-^&0ZZ4Bs)ULG^)r4nVF4gKa7Z0uN2b<IQiJfJJsWMQAwWa(
z8X)=<!ZH!a)+Ss+ZD9AALD*eKG#s*p7{jXNnieN4c`Z;fkj<yOzty$Ed1))04>5;Y
z;exQe5S`cF7F__^F2Ge}SctYI#%++ZD&&Q=b{x$^sCgkm#)<SbjxI`!5O+q~tp1A#
zV5{2p5=4tCWfx+}L9Jkwxb)TFbyIIG=(Jx`y2ADj6mBQvlRK4gO&zSgE83-&!-wsW
zOvxN_EdS+1a608j%f20K=1H|YuSUCS2$k`+nIn^x!iQbi1!&`h0#9n#iLvc_??hQq
zEiEG`xs8o#yJ1`~<DO`Dw8xC+RF*{~C(2(8@;0K26PjKe?ST&q3AcH)iOS1;LG6|3
z;`VklTLS`L*KFHS;AkZs<F_ZvLorQmcH$Ttl)jB&<=))bl#WPllugEuqO7&HJXY&&
z-(Q<~NCPXuy{|_i*6RaN%m!d5X0V|nKcWD@R_w5!TgYkX$~TJ}Lb7#CvLIb3N<nL=
zc%som|AZ{Z7NrYrkZMCr%69;*m2e9Nj3geP2!N%T>%16~8p%-N)F-fGt*K5qMj3-O
z4l*2##!~u51^T*zZ%%t%8)K4s&UiGA!fu9@O^m{BZf}882nVtd9NKN@Z6)dKDr_<y
z!K>SzfHH>RFp7y0+!#ZdsQMFld~z6%o2mk0Q<h-TjdDnJvOR54Fh0#V0LHWO-5V}{
z1(_SOn>bA@K8GNz$ns{4Pc{S^ReO+VPGFp}anxG0C(VHhYC)qpRU29YIZjzC%tGv`
z(zh@GPCK`y$HJ94tvnR2T^$N_<7g5hMol0Mcck1Dpi*0uF+{COKS|5SusWMI)pVh$
z3SB{c0q<&-?#uOsbe`TI1k%zrS#fxaP6JV!*>^LNNM)ODvIDQPl4xqT_`ourlW`*K
z)50QU7%a#&StcTV2Qe{GJ8>K}5E>=0I3c%y)oD#8a1)+^>3vbI?RXsAE6NlD^V+V^
zIJ`wox6%bla^1uln1U3wQWw2J1|XEeYQi~#2V28<uw~rq=ISwYKhrrRnNr~}sv=rI
z&b^V9Y;#e6(AVMeqy*D)O#3Fjzyhfbo2z=Ef43@1mtD{#QAUkBA&4HRq27wW|C#%H
zGR)7$-`-!wk9F==;JX9K14b+-^doKvFsj*1lrmr{IMP_03~~r)Z8adhAms~4K_o<A
zE2ar12<=$^;GW(R`NH4D#SO>b#{Fs8EsnCj*LLyYO5rLlkl2HL+!m}{&Ek02BhSFt
z63xAAS|e9V*l$qUB>LV1N8E?vcI#tz%<Hfp;poTH-7)5|(!%cTtQ_9@XR#T+j+^Ch
z=ZoKY@d_{hYjm3d&rsrAb`})ZbwS!W_x&|okA#O`ecXJ6Zm{Dht|Id1)^ML$6ucN6
z1H6CBK}a#2lrXC9{<swzhcTE!<ey%;lJR+qRWFUotE&)ScZVr{^6cL3k0sF&6MJEp
zM5VLit*Acut1O6FX8lDQ++&zr)yh++fv#%RHY3z<_vgE|*L05jlf}^i)r~=~#P%c7
z8+&cuz(pMM^CS&Egz?zr=OJC)ipR4W+|`N#ERW#E3vNF;wfq%4xU!hqDztf>ouAWr
zZ%<J2C(^Wd(V6zpDOc<yU8tYJl{265XV!xFcTs{>tFxy%GoIJGa&_kL{l{XtpN=~J
zDD%RLG|VU{-^7!-UT?mEdwdT!Yb!JU96rm9xf6eYTGw8@x)jLdzqqxuwKjK{gkNs;
zCgd1Z;E#(?ld!EIT!oy|FD)P+(#I3$U<aXC7S~HUT6%VeAUW8{WvZn=K^#v!{CZRq
zg|p+Q*xJm<pv0-hoOV++JG|*?7FPpo3+C`#Q17Y(hd;ne>Q*2sS#EZ5cK|Oz!zEgG
zB?pl@J3cgr6s`+xKNhcNt1XQ}R?kf-FTN|e9xdGcuej?1EP1hI8il9Y_1Sh~X%ZV@
zlw^G_YFLJM;eM|DT*-8H+=FY%5Gx9CyJ9!09{VM9Cfl336LqSfPQ88A{q@cf^e$X)
z>eW_HwfGxWQS`Oo;OWq39U8oRuU6Up_km=^-0yF3N7BeWi(IK9^2ngrIDzr8fO%I+
z4@G<oppHjxUx}>8FLb&`P9J+UdAVDTNow632nAdGMpza)KhJSt;ql!ghpx3?NQZ5D
zExyk~dX?T)<hSa~;RZ_pp4np53Ov`$@!ObspJOe43tVx-MB6oJu<CLO4_#|KUDZ8a
z{dK;OwKakz5t6DOx;9Ta)cu31`+#&tD$S+yha_}3IOq~uLlf*@Xo6c@I+vr)=rcGk
z;CK@ESyga)-Kuc=O}kn+#VERIq&8=4FgJELI#517k961;xJ3$=q4-J7D^-8>)S+v2
zYZOZVDfOLvSl;2_uQJ9d3wzqa`Yvpor3=0)rfYFe9ZJ&ocmEyI_e$hRjvKtuN+~zW
zxYx>&HaK)`898RQq--DJ#(o<JH3n8o+;b}0RAvt2sRghCWd5zP@8VX`s+lDqryshu
z+S?cGC$Eor)n)81$DOkET=-jD7Vt6>Vi-TrIiib(HSW%`zUWWL(sJw`QOZqKq-J3e
zhV`63TUeKA4TU6cKMG+r1|z@a2F@{gor+oycWPf$ren_>eQ_}c<WblweRL{!4=;?B
zR^G?{7nDW;!F-KpzYWIc_zd->P9uR%RLSGOryuO9dCfAubqv7lSD0PxTlIrgjqI34
zE8RVp)f`2zJ7lzbWKTI<jC_r*(58)s^2B&H)`|ZVx#1i6ko&!l9TBs*B^mU_bYzRC
z-lo<pGIqLPzO8km`rVdDhr%P==*h8pq8%+g0=oE!g8$WpcKz-s>K<6Zn{0Tt{jdV!
zp4T@clWj|k$Lm)Sa=(4zx3eS>=5!>`8{7RxUW;hCHZWFV<fOxt#kcBVbDyhJt2f#n
z>FsTAUV3V`-Cnv3i_i9{Xft`|riEw(@6Ame=4T65sqHRvtVQE@029`tEqCBT$UkJ>
z?TJ<F!D~mA-EWUtpvYYOCYCkYJhvaxtIeGquS5==rRzHF?$Tc5&^?8hoYEX7EQd+t
z&{g^qmi}a#ei!LeN>$nYj;Mp17z>$nkO^d6ogKd-=cF~n8@SuB6#O@DJYe3KbX+U$
z=zuw%gjU;p3XQxOa>({g#u4qQ!)$ih_ypm&S`TbN?&zeg=YnB_A@<g<w#S$L0DGcV
z$rxzRUyoY2XSusHuGaVW+h<PQe;b<I$8E~pm3xX!i?;Pk>*)8j??BsPJ65sZccLw6
zzwfwy-^um+sWv)%yVl#+4(HIv!`{B#SeJMAL(TvZOb|8PumJsDRKE@a80?$At~~+?
zHO|(q*+_vixg1|03BDV`+}0{BU05bWnlaK1E}#eeyC5EW!zdQnpG0W+jlmJ>e(Uy;
z8^j`rS+Q1&|CXJ!(w<00o(N(K8+p3z$)!0A8x{ObL`{r6_>CrQtiXGStK54Q)pvi)
zl@{x-%^iqqAX15<sZ&v#-MBs7fgGg*!S3`;(dGl(Be_gL^b|@wcgHGBvr$vSd^CfZ
z2x05n+jLuH6p%q_Ed3!~ScESwTitzza&DO0QMh{sne5wfQEwjxJTf38Tv40HlGhG!
zCoqZ*ftC$8dk<ri1nB}MyCNDtf(d1120=!n@$TU}%y0)mld%_;oASFu0run5g>U>0
zQfnLwl=gUc=bIUX&be`=S~?H&ScYk0Y!}1C(*Zic+c@t>^oHLFj=cs3&Ee36{-=&Z
zdms25Wrg`KHbecNISOU%S}k2t;DaIy1Yn09)8#;2Qp?r^mvw?nrcf<y;ra>dM5kdS
z`_!?_O0v;d_fCWfG1dVHtj^p}ulPI4mBq@;TD7~@-7k#SfGybHT&e@KkCibP?Qh~|
z#}`I`s9Pfy0H-@}u(!JtSCQj1V>kh86)N)HzE!~zNEo0P+mHPomK<{7R*3GdC5#{Y
zp(DrTv^6Zn;t!#COIQXXn}xCRYUjvlc<lUqRGV4DQ0MO&V@RJN{|X@^oRX{VYT$VT
zy8I<vaGqmn3&O<jf@K*#ydg6F04$bbb;mvGGnLXV)S2sE2L2QJ1D&xpjU|A(kxFof
zzbbc#P!<3VKLeV{ZWzZetsy=!4gger34pG$N`MboP+_U@0l~O-k3X1Z?(h7Fpq8z2
zIV=H3&C}-Av0)94SYMaDYM91#>vZm3V|gnh6%-WLzBjPH#q&q1!5ypB_?^hal@z*U
z-yE<eu9bM6k@2cCYgx?kvWGlYQD;ja{%{umlbN5K-57Hf(m9TFyb;uRb!?Ns+ZgVh
z$5paMWrK?li;(8MeSo|1Tahfd%~j7QLgbqIAkwO9ZgqGJYiiuV)G%g-U|?y*kVDu#
zd@7X#RBnp@3F)17Vu1>UALbGUyWdyCb6+@0<wi(jZ(_D5A+H<R&H~A{ei!z=0oSk-
zBja4Da9(n*bg2_?H2x?l(!mKWnAK^LQ)r(+K-YVS&!768smtv*<?^5mK{BH5T7BvK
zvUdviNP;cvK}G`S;0ThG^@B$5<o@E3>g0ay;>X&i#KW;8?#l}*mM(DZ_%YNR+X&Qi
z{&&uNPiB^+Xr%gLj1HfqE25Lu!gZiEFln1WSBxJ29YQ$3TiN~37S`_MMzm6SD}V9t
z<bm={^Y`7?D;<dc9x)D<ds`0Y9lC39S}ZtCtQ`~<z7)~P<0sw>5mUMM69?|7n{oCq
zEe+>Ba`=uTc+a}GxEAQUW$mC(!@;wc|KkJ8f1L`A@}rEs5(@nZ1S|JiEMRI^nWqX)
zD08`YVZmvVP8S!Prcg7(zg!D&{66vfS>0rub+tKvEv>}xHu#4Db*PkHn$#g{gA;FI
zHmC!Z6bDWnG;1$p;pBoEIk(NJ8>-~orc*c6$+=ySx}j3eZ6$S^PTej^-DX&M)&+D-
z<Slr)*YOjE)KBGW^N$Scm3XHI|1CYio7j)b)=}X5*ew63W*KARsa?&2(Ie-iX4zSA
zLKVhJUU%njd7WLIvh^%UTs7z*jWKL%Qr-*5S8eorB;GvoDUk(bn{&-HpEVQWR7y`s
z;=Cz~^U@Qt%pJBQUfLU5J6Jb2h;^N#vrinBw-~vYwqLptP1VR_7ysBA55;589#u3k
zZ>MN@n(P;jy$Y75Tk?4eHd&f$%Pr_BX=JE&Wy0MR<Kxa34D@&7U5*z*DTF7Gc<%uo
z(eaZI-MiaC;)h3e0IqRJx(n$l9(uR~Fa|P)J9ron_gF>Y{yX;bDzMIu3!~<ZF!3=6
z2q`FsXxvTz4e_9y<AWdYdbvvhdbr<58L|9^PksG&SY9ZjS0EWyuth94m=n~|*md)A
z=L(ISiw6VWuZM<imyi7@4M0Yi_qfmvOOVPlz=8d%C}gW$-}`6)0v=c=4eTZg@xxVU
zTU%RXcVF7{V-iT8@6SPCKVef(aLPoD!6~|%h64}A8E-upX+1BSzq%AYUtsZSr&_>x
z*ENFhCLHxP6K8}&CW7{Ne<WDE+JXv0<mAAfE@p4$=V1Tn{(r)$a0_o5i;4JGz&6LO
z#ZLp*bZMUSPnjz=({6@)3wU(L=HTe(pqdKftKhQ!SxoNRu+vyyCDhsRM}Zv!w=wOP
zP$&MIFM&~C_yP*5-~X5?_k_hs_JR46@HS?9|IZ|kTb$(ZZgFl?oL8hi>}vTquT6b8
zR?c$+qbB=>_urQ0!;#KXgCY_ocvR{`ok>os_jXz@!QB-!tZT1krt<s4#FK{gWPhdU
zmiRtFMHe#JZClR(Q!ZoE7WY}&5j#w?dQxTmOK<|L+lf7Px59{%X!iaX_{r8V*rpaG
zcMs%JK-col;4Vzv-38XT5Ql#G%GL^2;+wjyF8U51w!;6H`=Pxebw&z`VE2cxVGMU@
z#9u~!#%r$x(MOPvrN0nw!o{~PZGTte=(E3+oV~_*mv6AZUJ!c-v#|ax*qZD2;<x38
ztKI$K)7ll)kei9a>wxQ_BMg=v3WW`ND3<);(k!~*TDyib3wB!?g&GIp4Q;;D!u&n<
zY2%R<d-^Ips{s7|=BT>3+tVcnJIm9HGrS4p9c%~OfplC3IQ&uKAj4(lEyrmv-K^$T
zyQk(k+?TNaMks&LM%ZIWLSplvwri~7$-?E)@^i{~Y6Q=D+{*9bG2GoDdR0qb2E8C3
zc6;;dU5{b|+!J)-o#chrAkDapz}$pS%7n`yB&EUSZ$~s=#PvWb52W(!K_K8Gye!At
zvZ1L0o$!a(+rUE4LG<)-4R7~7Jfy|jCIZFNy#zdfbq4D`Q2BC14Dfi56RJ?9)vhm1
zV@#!7mqTVvTiMRg)?Hi0a9j^|e;flOV&h4p9dE-XUM7znkl#kmI9hNYKCWK1_1DsC
zar@D4fget?s*CS1F5(T!A|+mEoBA>o*4N`Fy$<(}N&d?5cQFFTfr>T&jFEn~(a&-9
zTafySo3NadTBm#)V?y(vzQcr@9~<45<F*=l*keo1tQVK+UVtZ;UWVirVZz;Wtco7x
zgA!z7Dh}C>c(#)K55D;mB!c4oDL%Fytdw4khKkbu0Nq;oHilYnASRaJ<=Yrown{w5
zh7QE@*pA7I@cF)z9*}w*cpk5%KoT`}1DnQ{9ekOH8%x=?JbF~INO;=~LU0WNyh_1Z
zs)dIU!3*}b3gmLHMFZ)seH%}?x0e4r?YgMw4VudOt4YZDqesvNm7n8)dGtjv#+Xp*
zN8g<`3~nz(xXSud@hH&xb$l6!X;w?b44YB+`x|qXmMVA*A{}v>-P(Q(0T^q1^jvP3
zJmc4Bd@hX+qP~YC57Otl?Et^X$0&%40&YM+>>uGMm>()zkayr28*CV@+_3;cwyQ?Q
zwvROh-YW}m{NLV8;{6jOYKuDz7SIYi{yentjhKBrpI15%H#}2EFI~a(LF_8CVA8I!
z@J_B0<&$T~t+s@Hku0LBi1!SUm%THF)_F^?cph-*OUZfS^UE>KZ6PgtJf6c5W_=6T
zC3}Id?zzXy7W8sdLk~$c@m^&Q!N5*wIU!^L8Bo0LmH&XspnR-i)hOaSilB)0MiuzZ
zQ3hi`ZDOtKbAa0My{7fAVT%S%k5Kzf#gXn}Tszdoki$?I3ve(^rd1wwj+%JK3ZGW`
zoE1bjQG??R#uub;1D=YcIM^}t($&Snjkv<$V2BlNEE;iz!=^t(mXz4WdZsh#(m~_y
z{9W9QGUw^xHxBiG#xBaCUIsY4J8_T!4u76F$e=d(W00$ZHn4Yb(Ykmy>BHy+N1I<s
z$0$wJ*s$<EMlaiCpk>`%xu90ViKrX2D8X*^Z=e;MpcOYUpr3Qlei-O&T>+bEzz)@=
zMP55=ouj+7X$v1)!_FBp3dVvp+)Q+Lu47yG4tKvf3Dk9AAcTl2yFxg}OB{Ki)n?zR
zXg^k$b(+|N=LR_fEtV&CSIfOI-1<0%dL4aiS~<IWb6~yQW+GQ_3s`;{?yljWQSX*D
ztD);Q@nE2<E+2vV0nb$~s_a3{S^T9Z)9s%@8eaCvhlOhgxTRw`-9r=}=-lgR_X(V^
z4!}W~&Q6H*AP598d5=<+1i~oE%GVCwjT@RG?C4{s*>yX{fT+4FL?BUuyG}S(@m7h6
zv~4Z0<c{wCoq9Rx-!>w<vzshm#4d3d4_?ippfwfQIaTSzM-mTk0$rX3lLr$AxHJJS
zS)JO`jB1kyCiVcU+{oUAV3<Y`3~E>g!w2toGFV{2>Nmm-ukQhctnR@m(>(+-P{N8}
zuvcN%7{Ac=dvklXfWkp<PPA;)oT2I4_LXpIEvolM4;=i!U7SJ=UbYiB#J$JoUvWN<
za*AM)e?<otP%Ye5!^N?S;1Hu(rSuH&(4=U_3q!&5?;XPQ-Tip8kt^hc>G62$1sDy<
z*2~=hqF>yqkn#8j?$Z0Me8ZIh1dZCgiwsMC{V4LpW6O?Tw>o~Ul;^;%Pw8jZe6g%a
zlhz!{kv9(D$nX0PaO6UcCBcgsPk!L8JUhNP$BvG)x7&N$+WM6rKWw~M|8>x8@p?O&
zQa<q)pt!9P7f1?QYw}r4t~L2xJT^;@-Q^SSLD2X@S~zD;fR0rxO(18ZEdP$(7?|)Z
zICdNE{x^Sud$+2k_aMx)+Lx0Df>rc7W}}J$kW;H)>&w3ttWP5Y_07##n%G;E0oZ+g
z2JV5qX^5!@+J9cq#ua@H`vtIWha=bNO!o|W!YaBAMnIJ29?r!Rh+SEJ5MR8th+zlI
zQSClJ<hpx47ZZ>cqIz`kAJF60rx4GTGIVQB)QNS&U2vtDtZrDC7D)+=-0eUNq%nY_
z7wV=L88NY}geTq)Vqz(QI^KR0F6q4dVk8HY5-+RzVRsMIr5!shaYi@P)Hvfpk^ome
zQ9X`@!2|<!?e>H-dq0VSIr3q&<D`t`cNAR4&2Wfis~?X3MoWAM1uy#zc>D3sVx4d)
zA+ayi(c5<wk6hc<XAV7so^5(Img(zHM;h9zX&099<_@I%G`QO11AN^P1FSnUiqQ#1
zZA7L5y)Gb&{m6u@xYcO|uM~H1G7&9`3fLHoDrkL!7l+Sa>)h^7Vc4pLwf#tk4-}%R
zu5q6j*lW2E;;dkXXxR(O?dH;Q)WmuPa+q+()~M-7+(hG3jsn$c()cYjK11PQY6xW1
z^46$<S{?%k+nu^B=s~a_k>gRl+>ugL+Ac0z(=Z1WMzhz@FtgwvgI!9e>~3Lm>3Die
z0ZEpQ-j0FkB>8K`$s>-ZvIX|aj>>Y9qi06}PIC3o5vQLdr)li-OFx3N=9uSmcpP%2
zarACZ&0oM`{Kq^UaKx^2_S9QH4{xl02|$4-bn1pJtEuUkE!=sJSB!uc)<4SDt)e~9
z`6@j;a7=fdqYnHNe~FAWv;a-VJHgi&6Z{foNj;PS5Bvlt-cZ41&(#yJ!w34LsrWp^
zZ;VtcQ@ybx@s}}B1%A8;x2A`unRhV>jp2B9voxRfJ(bq&mp7*4r25Q8Ww};)&M1bk
zl?$=6Zi&epyM)~f6K-w&K`^1yvXEdU!pWs(<yHn?zZhOk=y6_1DuI=Pr3s8cU_|2-
zQR)mPW$ZA9GlrN?xP$S;zw*^`3_~GT6FBmqg&3~=evxMJi^<&Uca!D0YQz4eoj9==
z-iQS#R`fu_ScqblM(-eWap_@5Lt41mamVYiTG_?td6P7-Fx`H%`BiWTE5pU<2l(aU
zR0i^-S9&byj#nliS0T6oxriJZe$%i3u1o>VS{RYGKpIkUb1CqQy{(K39Ry>-ou5cB
zNKHKD>284Ylx_+T>K@)(;bIAiD_L9{LNL?_k^WXZ`Rmfp<V>n5?mHqtL)ExPqEdr!
z$htn33vWnorTr_^4G{T*{6KK^2(*<BZ5{hO;vWAHYpy=X!R&nU$ZZU|{#b;=1mtXw
zX5+6v48Ks%I=9E9Zb0*jb2VJ>f`rVEf*CTBAjCk*>)$yLn@MYPUCfSS0U=&xcizrq
z-XB2}3Z_2@j#}tMye=a0&#<km#I`oshcZ(ZWb!(^o|s7Hm}K3@kgkToZ4g}E)|c~7
zUDQ`_1%rD;=-*Rneb}h=*ZfqEe}o_0;rloGR*!#FU;p^u>Kh#Y7``kMWAV#q{4yTD
zjK?qI@ymGpDjv$t_0^Bz%YWq)e+OTCcacwh{R9Yj{C~r#T<#v71GmOM?ctg^Zg9@O
z+|@mLaDd+_#_JwEQ}D9q#B^-WUKE?KhrXtcJq~#R{!Z8<T2m?s%gO8)x63O21fV<i
z0}Lxw<FS)8y1OoqJ&%^_x<@}*$nzvCwRnmvndjgIgq88i<ej~5KNt^fd>kI}3*fd4
z$b6WQ-_20d7!nX__Rik79z0(;@d<|74!7m@iF;ta{U&{|E<((0i>Ib=VdLdW*t3Ma
ze8Qe33_6#!*Z;K6GyM;Qulou<>F0tsW%lE{n6#TyDvGzxc%3`3|FSVv?s)NIm3dj=
zJyoneg{=mUmNVLt<3|Ty<`<t}c3APnKL-Qq`u%BLZ->LV*Y&yO_-7Dd8L07>@m*Bz
zsQxd)vW<P%E4>VP{*IOPmU_8+=Pix$#GSV^%aeEB(kf5gc?(YRPvf^*p24qQp2aWM
zirBADtOubYx~acPT@Ez+SVRNpt!m_?jq>PKNFxD<R$E@jzxnRKhvs6nfu~q+zPm=f
z_G;6csNH-wwnV_(@+L!=VZ7OkuV<yj@2e=|ucC}gPb}YpH)!v?C0MO1H6{je?s+(^
zapx^?>mmnp^H2#mOk@tI5X%e4$<*;?sP<M~g*mgVHAjy2e*7}f$oGu&Y9G6Udt(@D
zo~4nBi(_`Dn&0^^P|bixNpW)RjjYu3duZHBe2{K^Jo-awnU{-Yo&@vC_*s~g?Z>^)
z$FU9quier;vdTq{XmEq*!Ulz#qYK>FxNvZEp#$hLaRg*3lPty)#WeT-2h-eNNb}(+
zC;v^o@LgEbExiB7Q!Na8^_+8kM!M!=FHT&KrD55h7r$cfN_fj%cW!F;h<D;s@JZij
z+x9icMDlO6#jBwE@qc9O$GTT3;vWZj%?VnbI%YOZ<_dw=C-_y@!B}OMpF-%xhnWRe
z%EHE%`4Zo|={t4wxyToTpUNTygZ1kRP;c=Kv&8WlrtaN}XG6{C$Je5C{;?zE4f5jT
zfbf3&)GQGE+4lFF?x8HoIfcKj7@lVjvU1zdl`pp5sY&Wkh&!wfPtP(?9fpNF&=<}t
z@%&d`S(2Pp45OaW1s7hIF3`G!l&<?~Nn8jXvk`fPjM^SY&0^*g;LF0xu^CL%;)Af&
zf?DR<s!fG*4e>e;!`2|6#bx7i!_8JO(KWzI6H9bRt(XGW>oC$I#Co_258pg6D#Az)
zY<C54!`@mJB;pB0a}Kx;?H#}tQ>EnY*i$GdzT@Yi9(=7Ts#&$En<hK0|2UE<zQt(F
zW<1Pji_b9j#Jx_A6FXBefHvMvuvz;gxp&dsTB7N??}8DoGHm_#W~f^iNN0D4O?uv!
zyAO2lAs3s;6&-elRQ%&E>XF%9)*-XI&rs&<3K_HFT(6x6HY*+nKyBKATCH8PPiP;s
zfSnn~d9USmsLDgiT`@yz>5)*BwW6x5QOjswLjY`qAj4pnvDzjV#MvzcM3LPt$L3~&
z<;{VmJzBHx7!G38v6I@j1jk(a;xx#Zg^Wfmja(3=Ic5n&WAe7@aCb2d^TzDW*bBay
zTf3vpW{qru@4{{~y}MsJxu+z=Ugs!kD}PH38}H#VZrO)8k<mu-Tg*DX5VMCOgK=;o
z7a!4<1%!PrP2-x8qq<lQXC*dA9o5e2W@f~5jw<Z9g~in&&N=E@6#1GN=>+l9m}`*u
za=8;l7Iz|QtV~4{Mn~6VX0sxXWWJ8rIp1z_6Vt?*_M|Rhjwan9;pZU_lO+UvkD|0K
z$H%!l91ehi#c+V?c62+@=<7tZyl{n1jx$?E=8Ao)_VHb-`?-e5I=<bI?)bE}uoB_A
zvYO+?nqoMv03xzxueQU~Db(}<u{Bieu2mNntjR)aG9Osicj4;_G8NS)I`LE3taXK%
zg7_K|p?E)?Di$rU7QpGBsF7=FGegSc9MzTs9UZIa+6ZgFX0G|ojKrOz_}@9A59UIK
zR*;q>V#~a4KnvpLM6)?+IWH!KdqbhiN*JJZW<$G|OZzZS@ZY)L(P})P8(KNExf=*x
z;_gtw&6VUA7l>TMK<+*n92ciB&~7jzj<@m9Md3|-#zq^;X)=73^Ta=4c*^kJOHj?@
z{{p9S?tN~1E4e&t!X3kX4%^*<<w*t!hhw{+V&9ljW`uOi0h0ssP9fbF7zBen9zT95
zjR~Z?gO=?lzKpOZ86lZS6sT_^Veuuy<~(v?uK%6WJaQi9yJQ}rIhjXjPUaDsbMuI-
z**qevAOA0~Jm!(#;HPGv&_4b1$bG1g<`EgPd4yI>3ZF)OFg|M@kyA7N6rDJaxFF76
zDcFnih|<P9qHi{jD1kA{Bd~cyPNS9w=Mfh~d0-yNS*<$BJo2wr&SV~uHHu%4`Y&@H
zks-OUqkkS@9WAwF9#MALJR&RRk$++)Hjli4V~XaHU!`e0{ulbyk9`pzH;=HaR=19o
zoAZbqRl0EtYx9We)y?^uS@Xz0GG)#qiu=#BMHV-iM-<z&$Akq_k!>E4ucKtnHyuVc
z&Ld)YbWZMfe+}l5ILF8R^9UJk$UH)?Y#yPlWn{)Pb1IaP$J}gTnKcE*b}P7%(8usE
zO8Z7>t}!bvNFa8>X{luR4;04ItxZQ&%mOu=1!@+%YV?DKCkl;T;&U@oM{160r-6=v
zC7`{aR?d1ZikYb(GDkIrbA<LH7t*(M8jc_h^ZFdx*u5|^i5ZD>aHVhom>`M{y;Cw5
zG?KX>YrFrvx!?f~^D077ruS*~g+JnaK$+fqQ2gWn3Mb0+K3y2Vi!!~-zn&l53*-Ln
z1+U@b{wt6d#(frm<34l6SWas??!S>iY}|h@jmfzGK3XWsD`a(2NxhcBjx*@`EA7hE
zom=)yRZe^sX~wVRh|`*$N3S_qiC18gOsXQ82Io5ylgu$@r_u`%bx*HeIq^A0zKoGC
zIPrOyA>iZ31boY53}Vjl6-x89(}~2d?J0k6WBy*2f4RhS`ox;$_|-_D?lTg^ep#WL
zGUJRN)8`zvLFPA|m-#WGCkoW3hsyjo4M8mA#~dypDS8blYIydMBnJMGj=uxn|6kOA
zOwdMnFaBeswWz9qKyQP^(f=*T>s72jB!6`Z{u-3~HOq6938Eb!6vS;X(3Mi?<ga3D
z1>|b&st2L_&36On&L5U1WKY2=_A8qwuG+|ZLJn11ttFl~NSgPAOe$Or6HjcC%zHv8
z38^B0wo7=b;0?jyYe~8HVn?SqtL$~+-zU-TzwrxlKx+>_ek<Za4(OT#<9tpISO{ZH
zCOM$um_3sNuCe(@<&5W_C7Qo0Cl2i6Xo>?19Q`20c!StW^1=JBmGRIc#6j3A;3RFo
zno8QpoxQqqzAJTRFPn9)SET|tcC5hyxG%yd6~JBcjeY^#Z=g|*e~GbE0UTFc=9CHG
z6arE;e#NI0vB~l}gr)$FmQMT{*qi`PzVD>()X^6pUkq6)iwWQgaxdlxsRv_tx6Wab
zmC=v?Ckp2udlUJlAb-n+_v2sB0)dw2l<w=ZDCZRZH;ds@`J2k2j#?<TlfSV#eq4x~
zldBc#@ailB)nQn;-|7pOlfPwUNvLP?H&M^%!tMSSaUCS`LjJ}9hw?YJq2zB&gz`7$
zL-`vEuQiC|Z?A)m@;AB$lD*M|vNyU=_J&OiG2O78117riUhPV63<5W~+Y*T$5V2AC
zHV=uLd?=SQY5`>fgY!hV`4}Kq93TNKZE7lC#7F;>2Nw5GBKNRG%tZjM#==6O2&7-d
zYEmp08ZS{SM=o1`H_Fi`mJ<((K8gmhoS4?ca`fy>r(!wIq9^H{peaqgeQ1gc1<e=L
z67kexZXJ3~c!~v0@D$Ano}xLyQ#9xBl&l$^lJ$Y$DOOW>N`?$i(F#08=1B0AoSN1O
z#8WPa8Vfs23icwNQrf^%`et}a35;1D4o}Hx)bb#nazT^_@Knxf%jE=5v6tuMa<ZN)
zo?;y>wFFNoy9`gs3OvQ0I}A^8!ULXS4|I5nWwp9>tlY#?a#ZQYEv(@w)vKHHHM8*4
ztC%wJl;Uy@1fEhp37%4H*B%oVOhq<4C0|F$oNu}m--xH)hdlCfxuqN*_v0xt+z>oP
zuMAJomf$I)cGW(R%UKacEOWDAfDMz#<rt)$$>kKo#s<d~l*@^*lFOMt1_@3p7$7K@
zvsO)jS*SG%u3ME{PT}hcGM$&pu~~uC@^U$~bYLxDaydq}mTp*8D3_C?3N+Bsv5Lv%
zlzTH5#mth+DIFEvIZ`f{C2qr98*(`%(lW2#MzJNAqhna`Vp2ooa#_27*RYt1P{d-C
zV`W&Z*2IG4t8gL~dnJ|{nJ}%0#lAAY&&l8({mp!|;aKd$AQi9}3qUN!T%BCau$W=6
z5G6`6Se+JNu)7OcoKzA6Fxb~vw*-T|5a;JB@m5S=4g*jJ%zr~L*w-1^VX$w&3=GCk
z9)p?la16E~e=o~_C<e<SHBZod&KQh=A20@^0O?#X*aM};1`Nj1<uO=LdMIfB3Sh8#
zwoIAp{Z9NwG*4X)K5TE|Y9n3#XM_QwW}JkY0zygzao&7xagg`fu#h9mS+Nkq<gpO#
zL$HwX-eK`x5epSKE5kyLvxZ}#p~M)Bg>Fwl4<n{n=sl@3+c&{Nznr?V7=y9Uz3@q~
z(7&NO7B?gO188xalBzx|B&Q4u$qM+xZ;FLvNw5$t1uP_AhlTciOIS!{8IFY*!@HFN
zN9E(kA4lO#)HV<cF}xq&lLZp5<n|&sys;r&3JBA5&mp|zb`tra9Ci<)^#6uG*ieOH
zJ1k_yE5zN1aV!ue)UH5|-_v~;xjOigspi9Nz(OobLOsJmlx(|k<4$0qWnm%adNwTd
zX+$CxV&SzC!Q0=;9OvpXM;uU-BaYr>jzC0{Sb}^8F(K)NiD?KC%>od~*#HsU4G>KN
z1j&Q@w{j^F5sd&5$q$>kU{oY%Bym=!2P7mPgGcfScr2!OB^EjIfdxkS)QFF8@0WSt
z5u&=e*Le|Z4-Zn92d|)Sm`?-CO6QolL9XlEa1hOfn@Qd9p3~5{0ni1sfYyZgrU0#B
zj75M()?cr3>U?hg-Ffu}&-xyt0idZT89-xO<^Y=1UGz=>n&#y`fX3BBwr}FU^<8e?
z1WDQcZ++K)6@8Z$nHn!`-^9vU@EN<-5PU|j44=_944;udFhX&3%;PiK6MQBX%J7+D
zxS>-W7$Z_8mV!$7%=|G(ajJ9pOygCU;WMcy9X?Zd8@dYkjA8olnW8y`m*F!;R^gp;
zO8X|{r~;Xis?X7>Mh%}S_ofX*iehHrGo_=VJ4fQPEb-7ZX254kq-9>8L$QU==;(B1
z&WlM6!Dm^!f7kGtia>nEGmZRLK2gG{mJFXg93$-UGMonNhe+N!{uL<Jjyo)NJyu8=
zgd2{<B97cs%8XcyIRJ|>?^G|g%piuz9zkQG7keZvz+`VPWOb5p7lq0GL@V;jwCTk>
zxW^xX({gKO{?DRen2cAk#fe_5A-!0$a-zb>4wF@31}5Vt#bgL#&Iu-)$@F5%-#f7(
z{{%&7t)J<|K7=CTJu%aZWs#anz>hx*@4<SpnY><%5xtlcsLu@5i@l%T)QkN+4A6_6
zPm0<)KCc)1IDDxW`wvqCnCxRngL~z_fbXKJ0s?&+mTjE3bC`@RQ)X2<@jdXatEq^|
zJ_#Ez+5J&dm`sTv&Zo{T4*0!*$&4<3{LhFE{gfk15t9|d80mz`6vym+n2fc}crU?Z
z;x}zqzreAO<1B~CGR|_COwH`{Q};)VA|{)0DyQSA%86XkYdYtvQ)hB}vO)YCDJCO>
z55{C6d{Rty-naWP*&NvFc%89R{nUFw3v<danL+@Q@hg6zeoB^)A~f|=v~=RXhRx}x
z<okL0P8~gpd@*#WECVnZbA*11F}z#1VN#UQkEc;M|JZhNenCH#3-8CXSs?LB4rArQ
z71F&hi&D@}4GTYC44>+!6kZ*ski5fWtd1WS;^r_}E-ybmFU!F3dy2^l;THPB<uF-R
zmV|nS$wWQlwOdn6#-ag}vEx%e#Ws|FiiuD^#e9g#SooNZ#AI|NCQBV#waGBv23M-6
z=!!#l+8$0f+a69=Z4aLVAd|BJGP-AgOdbMcY1&dzjRA$p&j6Vs86Z0!fJ{CH$mC;y
z>}o7<<YRzLJ_2ODHgK4HAbo~WJ_gCgfu-bQkW4;}snn5B%iIXREMVrgV1#jyODzP*
z^;aY<bz%+UUqUW&_WC~5ybp4T@2xj68X%WCia{=Vc4ktY7-!Iv^iCj`rrkcs#RY-p
z3e$;g&#hI@NhijFCOR>i6P*~%iB62>oK8&EOeZF*A9Ena9z${v_896D+NXbyA*(5!
zm<*Xtj8^ExNY+FrCa0#g2z6pEh+2p`vAn&g6Qd6?m%f=!OcBN`52q88)2QV^otO)v
zJfIWHS*<#WPK+Z<PA4X7WD_j+7}`ubWUo5wXsIPSF=dzO#AJm|jH89qiE(jYdkp`S
zrt$a!`qjmAPAA5)THQKUZtBG3sM3vFSksBAUfrCpnWYok%9N=SQ(Vrw(1~$$!KLT6
zS6#7PdrVj`71?xR@^zHV`JP25_DCcSHr5)1dklBv__$vuMur=Lx#*Q)F4|f~X6!Lk
zp^QA{X2Vm~6xd^E1ve6MkD(~-8>QVILj|$nawfmWkgZ|q)@F)(4Ao9mqo3_DWEz%9
zXjyWPp&Zpt104fP!1frb5cOOXGi#5b(othLNA5Aq61Pbf*X>)*4fDDPrO)j#WN=ps
z7k~*4*<+Zs-FFQ)sR%{AR)aK7_ZXf;@sGFQM7`FFutdo~QBkk;?*sfCmU{BN`Dnwj
z)Z>vCuoMeGEX7>0Afh$JQa3S(VX5cQm|&^r(*i8@#zIynmDEd!h;mp8r-et5reP_b
zyJTF_Ak}LP#!#b-<S^72%)n6m<S~>vI}G)bJ`C0N^7(p6zIlCC0Xt=dY%1b8V<$#@
zz}V?}Qo+_hXT?qrlnNWL6HAxJPG0F6j9b_`7jZjbo!bc;+)mikc0z0_taDRg8R!j1
zjj<rYv0@%1ZU@+Bh?8*KXNXhAx^U)ZiJP&-knY%Gh_lFW_qq{I5kn3w4<8TSVT=xW
zdqj;#Uen08KqTz~)p+#P#hxt0_Hm7+yS1vuGtd^>o5}~OadV`LJ)QSJ`n=!<LhxHy
zE^MdH%2iuNMmnpUme`7e7~VuwN65O>ptcN1JSiq~cyb_TSzF$Oxq-UE&XIa~`EuaU
zJ8vo9!jsPKEHKYV<8rM*XQVA$c1-$Qvpp*ob!>K4EXpu>EJ}NZMRjIcSQLHt8RXh`
z_3|LJ&^0p<>bj<Z&{O>&bRY$Zdy40sacntvhC1>Go}tE3>%uYW<#48K%_Uhuf11TJ
z)I-zck?HJcwxwy60WG~!(q|KlygvoQ>~ASXo==_Gk9(nm&OexfWRhtxNN&R?1<4cl
z^@HU7Xo=(Fj9moDa>_umtiZ+mrXX3C1SHc^0Lk)oAo&N7FXjZ5MId<)Hf03w)<rC0
zl#L%h1!eP({UCW|5JqNrKVHoOX+5<OBX3A|EsJta<#<{#d>=;Eu$?cqz-dy4LfnlQ
z+3N89Sq7@Zuy6<a!fn9F8l)ZdR1Bk@jVW(N+PgSjE5J~UtVLZD2${JNDYFVZLwyKe
z?%|}pHWkPo)SUlZpMP(xFF<d;Kg7QN5LYG+${KJyL7IV8gFut)v3?vS=mVN+WMfYU
zG{tNNH0hZGnp|F-q;~=|wI=BUnp{C;y1m`G_4zsBOqMgjnKUOjlja0x(wxJYvSv6_
z)(3(!Sxeze88VznD{v;8Gr^g1YN{o5mdyoW%kp+F(GgK(FXBw44V<ZOhBKAGnC0Pc
zrkqAC4dP4}L}>zN=Bx%I5}e82nZuc~o-58|9WAv4XDYi4XUYnk$sRWhXC9zmT`cEt
zCd+Dd>sYyoGv%n#jayj5nW|Se=WAx+%%?MD;!MTm{0N-M@h!!fie0r#CM=kWY&cWC
zj*>awv*66<Bk=@h@=Wxe93S`NOfuXMoJp??XVRA7Orv(yKG=I{MHI2j&GufhVG`XQ
zgXH#JDn?B)99K}cC&Eg%XZ{d<aXN6iJ!{nju!gak%<1+NzAnDQdt%9<xVpjs!RGf~
zDw+*0*uTIt(Tr>@ZDy(Q<fsA-babp@x;^FIv~(23%+l>C9TnX<Qn!~S9vUk^x2Hr}
z=5-jgmTr%ZVZn<@4bkmo?fzZEs47BHx3`7VO)={4qxi?Wa2lZ7n;vl1`2|=+WH5F(
z9{p*g3p~oqh)0<N)*iH`c=VMFVtDi|G$wfTt+W7-eyfnxNhKxS-WMT?!kM=j)9p<l
z&3F^<rE1O2zjSJtZf_*7+iOX;H&Qt<$;b|uPQeUZ%1??*5yYGm-QH}b+f)ADi4FM=
z(e2%bQrCS(!kM=$Qd4F>?w|&Pb$hdU-5w))F)2`=9je>=7QLz4t0GaX^j|@WZp5bn
ze5u>}4^sp9v_ir|w>OFJqN)M{wPDeEJ*V4a%amD_P8`C!uBM`HuLT>h*!@vcx;-U=
zI3wp4$F1Xd@1^#*8D0E1LUic%99fEZsu0FVCp@J%X3y}H&YrQh8Sf>!J@K2<?G-r7
z!K#e242ir!&HN;>_Wcs0*p|r_${$XV2)U#;;sDA`DQ+RRr?}<AX=oO2Fm9QHPl{V^
zDQ)W8aCr)Rb$p(&Q{3`RRKT1v+@cV`E&PgMsN9pq1L>&Tqoos<U~|en`A*Px>gXRJ
zUyL0p%SPP7458a&1n<`Em=tC7<Cmgr{;^*p=NE8GF1#P#nFSKB<Zw$aTp``lS(E~9
z85aH*is4h-qVVc4h2$M>VRiht5I2WMa(Vgj%d-p|zo)vrLbzY*3zx$!Sy>Y58Ez5v
zjMx4G>z0d!TUa#U7Iu8<_Sl5d?J*JR_LvV53kx4muSW;!_2>{Y6!%)vk$WvuN2vDj
zwrG4e-0k#P<^!2I&Z?Rho;0Z{5>A=n$QfR~H+MvWk#X$qCtSQ@9=ugg?xA*CwxQTl
z9@w4<W0nawTjGS7d75rdshMsMw~U()Md5YJC*T82y(dFurv$ZjF`otyK(jXvHJyC$
zoHL9{tvQ)GW^Q=Y)dkGlrc$?B8h1fdi+ITrF2j%oNFlx#Bwa=*WA><dqK6hrBMl8W
zzDOv?9<%-?kgX5OsXtjKW%|$=s{a|3qi1K<=?q_>S^XrvlY!{QbZB8w5`d>kz7ODW
z`GNjvdc+6i*2U+9?^yT*-_e}lJDL-GM{^F}$(rFiS^b!UKJ<uWPUsQ!3GLIbM`YE7
z?_|jE9j%Vk3BHq)Yj^4qT@djB@m=0t#CP<e9#P*6-zmbFF@eK(avC+>BEEA$ln3x#
z&T7?3@Eu379KMq^vdNr!M4Q!z=n>g<Ewu#SDZ32c$qIbOk;&mZE<{X^_+`)-dc?cv
zR~O4Ve8;j{-8xoo;yXF2bmJD*@SW<_&H0*H`0f{(GVz__a*hYS<4Bg`JH>YGF=4?}
zWW#szb(GBco(12%6^SSKj(WsPa(vv6@5pdN@EyG}d`DZ$$P7KA3T5OmH`60#O#wZk
z72HTjJ)$U$J5)&lr$<x}8xCjldPIh?bZgkzp1-R^v8zTu(<3qs%OtccsYjHf+G(I;
zU<sHWQH7}IqL^8FM5Uv~aE{a?W{KN`PCcR$X_(iqp!7LCBE4KGTmU9GM30!Y-FFS6
zsR%_q;#Sf)#c1C~@sFPmC+ZPDhSg98z>0drYc_54b9%(L7rch!ws#^g;5HV3xQ)4D
z?L}*f+djb{hTHC?F~M#3(E{AIyPPk@NhKvcVh*=Kk9YynG~5P+@^_3|&?64UYYU9z
z@Y*(*f!FxS<27?m^oV_U4Z4b4zFv}VUXNJ7X<6W=BAzo&W5frH(>_cp6xa4dts8LK
z1Es<SoW|1Sahg~95sX_8=D0<bVO<)-M!DCNDzU};NuXK`R=Y>=9v&5p(8b}M99&rf
zU7!zTB5sqHGO>cU9bvxt7A>~s^-Q(2iB)<)n~3{~ao)vwNP{SkiJ}KJh?P}8O$=+e
zBo6h4)zv_;u*l0NN6n$XT9X$xkmtRi9rag3`9S=X^MS$%1?J7m)PM46y_{}Q#b4eL
zq2RdQcSHGg88Te0@K#17<4s1mZ5bCDSS^<U)Ta`SBT?=U9`s6haiMf6+CcioYj7vC
zRF0@>s&Ta2hl?6VxD{_@rUM8F{cU<DGvl38F^c-f0v7gS$DU`!%M6pp%d}^BS^7ue
zW%T*KC%3<=mj}v)E}a2o*QFnXr2{S+?+405>B;-8vpbxNy2A4Y>mLh>LMpONA?dER
zCK<!ovbE+mj8|T%m`72^dG2{6cRJ&e?KBUoE%Qk9lgaY>C)4FM`*Di%{V9x%55^Os
zCpkX!8V>&dQ0h!F4#xQx!6(J}uf+IWJXracXsP3ij9tX}a>{VNtbq3XrZ``g1n1LI
z!1?lZIR8t?7juouG8E@Cf_Lj~ERK{76b&ewf9xN~OM`Ge!$W_Q1sa0$H>CT~EXp99
zzajiz6~p)8d`$=WVs8O2;{`-3ULo#AoNs|Xlw~jk=Ucds^o84i^ELRpoK*~?p3OTy
zh_o-`JfHw)!}%<aO{N{xrK#m(%a6Yb=aq1Lv9=(p2f+H@gwyip@tCBFRuf?5-qp}D
zCJbeRu74Tf`e3NYtfD9uV5r!`U?@FP7%G}nN{_?$At=9!Q`aw^nvB1JBI0@1dB`Pb
z^t-qs>%f{H{|&N)v?68;=v~*@-5>LN2b_n58`M8~r8T6>e<PL3hy@?<%g$8w@TfLZ
z7^#lnPb^tYgH@}_a-`yoR4f#{U?k&?R1ln08L5_C8k+xu(o>Mv<!lFwov#k+aT#R0
ztVhMFW3_25)$P^!Zy-UuE4I+;?D$;S56tmvaC9|%$Kppl%>FE~w-A2}ALPPPRH|ha
zt5UU+&Q_e}rV{@(yba@2OD9maD^eP}q8O=zPWNt^n#j0TiNB6$vL{dm??2&@$WW!{
z{oZN~hGd~ls<hk{TSZvakv%J+6{fprkI~@Lp@X~M+HtGWljMg)!l317pM-&nXVKJT
z3|Eq-59D5La%Li9pgEB-(45E^XwJzPWX)s@vOW+Q1NmAq1{pFL1FeuTu%!|igPgD%
zoKBQ6xFF76DcFlL2Bi%dgT9%JK?#gm9!|y}r%}s;G6ok!c|gXHv#O<W4Yu8@%@H&w
zW03V+WelvNrIyGTlwBrckQFipjzYs^4CGnJ7&tdL83W5|b?aEUDPxeMN;hs{O~#;l
zb#uOEmW<(pOqntU#pN0YG6v<7>{V85*B%oVOhq;sgM1w&bG~PhF$i3t-|@T@b;wuc
z__$xjK!zJ4W1v?iW1ubRm`3fYeV{|OB8ph%W;$dxOrk?(kem)#F>H``TtOYO2rC`3
z`9s9Yk<aOntyL3YMW|sWxxYu@>*6~+3z_MV*{qOW<aNku>A+gRbjXZsE#0uH@cte-
zsz3uB9jllQS-CfJQOqnIveHq}og;O~S>iUY@%|nq(lRfOv(h2cF)Vm7sUbS#tlhtB
z@(C58s6$>NbyNAo-WHaJD{va1LmqTr_GT|HAQ&!-@R2TL5zLIT2<CuMpVm|sv6Vqg
z7I7(!i7etWS|E$KvyjzECG}cjYCUe$#^Xl1H+4JGw6~2~bMttL47Ndc_Kf9q$fMFB
zk5x|WVC2g%Q{mp!oiIZt!A~laKoE0IbjWj=4q5qoCpP3iM2EZtF>2jsB<PT{NKKjj
z_>u4)tV5p5>yR1I69wvXLv_g8m=$%%7sCLwHbIJRlucX$U+R$m!_<ImVmH#D4*4<o
zE~+XZ(8FNa)^|RXEmLMyI`Lk3*VR<iAzuy~bjbHdP3e%82;y9EZgDi`ma}(^j4pn>
z57D7Rc4R4H;zAfBoiMTDm_5V9(jl|9%PH?AI%M&i(;*i)%R%FevkWZ0LCx%R$oEH#
zVp}FhKJQ4eCAp+G=0N0UQ)hB}dX>**DYj(s24l;M;ge#^iAq1VY=f_kKZvnYY<U5Q
zVNMygR0v>8e#J1<A<ME8p{YZrr4z5f=5)yNeH4ACj{X4h#n_>;Y{Zt#5IST=@NT^X
zlcJ1%JchFQ$Id6`7qDe6ydQ7Q0*P00I^<lqLb@|qlmfOK7Jf@He2Og<ULB^8yu+5P
zjvp7|=CEZhFF)>P8907Vb;yNqQ+?rb*fJ|iLOsKlqMq^E^HUu%iw11Tj!zvjn@~Dr
zCPE!D^Pvuzg^%e-Ju)4sM@}7eK6DzcJReF|o)6`PJ#>q7VGmuQ{D8IuS0S4_pHj=x
z&?TlgmT7)=iK!ylC8ixHkCmFOe$uQZ-du(PS)O)CH1nh`c@+yCd73U+X__v1846_i
zm@Zj9(k1gk9(go)`cv+vN$x_MD-Y8o%cnV$I^xY&3*Dq9nE?Z*B363=GF(JL^R#Hw
zxS5cfe7^o51nz^}>IK%d7!8nHy~ZFnJv(#hX;IFnC+VFaFipaJ2#m`E^dG}t`*Q2n
zbJFp$m<j%(Il*5vC-{rz9R89u!(X!cF$ZPnc*#xB@#+)Wr(eg*N(z6;kl`;{K}-@g
z!C!K6)F=LOLDWLj@#gJC{6!z?c=gTjmm-W=9u9xWY1CSn_{#-R9>8BYt5qk#UmRs}
z_)FHvCR^%wZPp#4<7FK!wFG}Dy9|HH3jD>9!{IM36imlEOVfBfNx!-{&fzbX)#}!<
zaua{aQKcKVu!g@>uWruQ%)(zCrcC^$xSWH5zc|vQI$p(g?J;4&RAj?n@^zHV`JM%T
zU53O>{$cM?JT%A0{rHOvHw1stE5l#3wT#Tr@v2Zp9&<AtZ`Ksh@mj%+gw*kh(!NpJ
z>39{yhR(UXj+d=r>DF*qKCk0dJ5`N-rsHKAmPu$?QpYPtwbMYyz!ESWuL@DmMKQB<
zyh=xn;T);s%@Vf>mpWc0(lD<%ls>29rI#y(3%~@2=y<cX`>tUq6``o(y@WJQG1PNV
z{NsD!L>=!7uv!_W;|;4D{hW^X=L%lKan(bS7jP8|KwQOKu{NSL#Z}ich~cW|(wN|?
zAEpJkYShn{;-r$2jyH#^pyRz1X&SBqg1C-x-`&eVRF|-!ckhE|dsxU`#-Kt`BfT-%
zDlwP2+ZJEahnJx5$))RAx?G>dSi9K!5(S);1#T+hIpZWoe84#ANv!2N2owd4&asXg
zP!RLZP!QKomC}!5{q!)7J5azvMGNgKRJ2gn;<P6Yc;d7t)U}ufv7eU@%l1a_@yj4F
zo|g4zj_j}dP;%nz5LA@4aFwb~J|Vk`U2J$yaTOCDE^y~F@)%iH@%mmXs_k!&Lbp2>
zjY+rL*dL8TgF1$@mt)Xxj#0l!KOPoEdd>aOh`hT+Zz_4~t5HjS6GcDjc^h~=HX2=Z
zktd4*sO@bsfRFW*QkW_Rpw73&0Co9J7k#1jjYcee7JR1Y3zfFs+C|#+{U|?!%oc*o
zKs$^o;_-_ovsvBx{%!asdfH2W5tdX{n>!pzJzoC<x^Nq;s-=oIr(;AsR2*(o>7%o_
z`-l$HnFH!3)$mN_Bpp3M&8AKc6c6k&!mR1u=mKW-VzII6n|qg|5T>Fqd0fjl8LpMC
zSGX2^|7j%OE!Ou1XtPd!kvjRQe&{;5$SAW{x&!6P^t%5^I#(!bMe}k-a~?%T>KV;>
z$QoN9;Fb}c8zW3fOsY#KTrA&zlHU2;%f}P6{pDksRleU#fc`U6M9-ln1^PdgI&(lC
zjOed`Pm1VYf|;PGExrbAef&zsE+Tq4Wr$u@fOvjWL@!H%=xHe+digp;e-HA-tfjID
z(Hq80-|poCADEs|yjw5BLQ6(JejG~YA3I2X9E9l^-jAP<1yUc_i0L<^`_wGTAWXj@
z{Pz~a_hEWXJ^5lgOmD?2#NCMLEzlFQ3|v3%$MhEN+P-ibFukTCM?J&zqMp(F_mH-o
zXJu+bF})U^JkQG9i0oMfo@aduzC6!LJI}My&hxDD$9dL*KhLuk0`%scLy}_eV86rl
z&SAmwfczi<!+~)Du`u~#{V1~T!@{hSXB_IVu=vfeFg<fvm}{Vu^iHtwbD3Tr7UnW9
z#ljEIVTg0W!YpQjg=tQ(FwF@Tra6a&WzDd#tPcbWvy#HXGGthoR$yT^XM%<0)Ktq!
z7wLkqC3T)PZ!cnD`Vb52n_*!^7_&Sa7M9bf<v}d$f+!DQ;hfc=PJ)HmJ9AiA)^o+e
ztfQrtU}0sKVPRQ;h1uhVVPUQxfQ8v}92RC-t!^DFH?goBRl0EtYgkzI>gIgSEG+ze
zOqp0%aXAMA3oD;Q7pd4)%VffWsmO+f<?AS!^F0d|{$b>iU}5SaACcqZek@Fe8-j)D
zm0@Ap5-e=guG$B>NGqa<Wo{;oW5Xo6NCwI2A{C>i7>+Bbixgp{i!^_T=r|oXU8J>Y
z0;)qT`4U~E!q>%jb9r4Pn-wTKuZvVm+t}jHvof-^bi=AbU8EdUpn;B#RZJJD+?%;5
zW|l5e>8R+=k-Eq%@z7WSx=1C`GOzt8wsetn3=3XNYKSf}YxnOOj#d$hIQlA5H^tGf
zNAZt86i&p^r67+|i+iR2Xn>!?(J!dwqYcN=Cy*C#Gz&l+&0Mh}p*6+PFJ}<L(QlwJ
z!O_1>3vl#f!hBXImDI1<l`L~u7biEbZt3AF(1#&mL&#WApJD=<*K>C-P2}~HUFjz$
zDkmPE#=GFeBVdMplAlyRi6G|e^pj_pe|)*J_jK_qviI`YdzL-dIlEB?V($5q7zoPo
zUc{>ViZt76`ngCWy{2rwp?Vgc?YM&Y>wFWjb7%L!N)uUky!f$#1TZUxrz?5uD1#qA
zT0W|`SDJ8n_a@?9%$M5ACu7+M^87r>b30Oq_rYg5MCAAwOpC4*s32j;Hm%oNc-Kp~
zx;G|Z9SK-(7O-v$SdSa9-eSNS_W%)C1NXKAfo`B^?u@PpdJ{y4Lf-_ffYN~Kz~D4B
zbomm2Ho&)l_I?2ETGU!C0PRuSyfhGH2dlv3z}oa4fU>Lb+YhWw?*Tv?7`H*BP4A5`
z8)dBmW3NVp`3kcUY5UBaV7{pU8^LxB8?))(kpD)wjXl`dpY6PhP@6&xe-$;XXrK0&
zH&;O75_i<#3!tvVdtskH1R*sf4?#mTVj=2%As{4yKi;@BIYqBg@aIl&!}>2u`<7wN
z1nV!~Fa+pxL$<JZHwE6j7z&aPfbs0&p#i(HiSxBlJ42nz4KVApZ5Z#|PyZ{Iy8V5?
zkFRAH@T?06<0sf6?I$jbbrT_Y#W8z^;IH98fSVZDgV3j5MzXxCr$I(;eZz@UN@v5#
zgVe(~oS{!kD}8_U@k-A^eTHCr3YrXk7s$+e$bfD$G7s9eO>A!{Jx6E^DP<$HjRVEJ
z3%K3#CbB-4yo=kpEpNJQ$lEByarA1`oBz_=rjDdQoa26P!YSgfNj2^q)_ak2UQeAl
zln;jOkAhDM+ne=%*#5I<-s6vE>?fAvdL5fWdrgh2=9mF@g}Ds0yNxCdu#1`XDvq*H
z$J4J9UkV%5@tOZo`cEBwI`YS4sWLhEF4@jD(17!a%Nq!u33<0(iRGb;e*9A?sDJD(
z>!if+(*xu9@z3M}lE&wd_Dge7&b2%*?2nVoiAf!77Ry(`p?Ox#kNe^eug~qdjLuf?
z7Z<{LrTISks5}WZ4bh95q|x_c8h<3$^CC8Sh_41-k%?_fJ-w?K1}ZTKW^H|2?%S>a
zj<XO1`m7y+{!8#B(5D@H!|6?BzO2)sys5^gJ)Fi`o#9P~Pba)VI_lDZqs5xASV3r+
zguNMas9~qMlI>kyOt;pqhP@ww_FrjNLzt9ywKtkNQWl=LZcSaeWxxg9mpWpzK;k$T
zC{0w4^#ajq@q<Ats@wzPR7x4h!|Sg_fW;HJCvlRF<cZ>nw|K-lhRGS!lR(<fY%2MO
z+ye6?J5C~K(8{t;(C~U@gLbFh{co|pxjKi@&Pmq5!X~l?niE+A&55jm=A5iS)=btQ
ztM4YAc90lq3723|Cbnt!>)%;n$sA<JWDc}K=0FlBG6y*|tr@6)cR|!v)W7HLMVSMA
zD09#^lQ}5DnC0PQ4ssf`JScN;L6iq%4moR5p+xGy(Ij!(49P$XYIk#sB3qbF_L^|h
z8Z{WAiZ_ljN+kja<(&y2WQ72N1B4Sma2<@aw=6&pe?C|dA1-Skf?!v7A_x}Us@kz?
zPy``ImNFW*uqJ{~HM==qGeZPX)1n(92yBCif0_{~jZiXNhC>>mEE8#j5^^myVZl^>
zlSatb(KzRO7HPz9BM;jr_+^Y;kIM0Rzbt|bIYbsguS^y}TQ-;_Em%zqkVsfDU2nIx
zF_{EgE0IYsP);VHI5t8!uAxjql$K1w{2`Oz1m|QDqzsyoFX*ThLu*BM%a&r)#hD0{
z+ak@ThD$*%q2{;I$jK!b-I~8)6{1{1jw;kZN5?-Vmr(xATof})E}?YPu+EWki7fHZ
zm;!PMCDJmlJ5g@QCFmFyyqMGwxrA{5$GY#DTtY=C$|W8{>ZWpu&!G6n9|tGOC4LNx
zpJDp_pKNUOb8?9nHS=D><r2S#ydalg0VtPXu9!AxP300FWDt`}{40%#T;j8|KrZo$
zRz9nfN(%I?l%9Y&g?K$v<ClS&S3UmJ{rUUQ1s~M4@1FCh*MB^+)uguE_F<17g25;W
zd7uu(lYh6(Q+Bs&lD6azN_s%5USFzSU#ch#Q{{SQ!L5DfLrj8BKGBQ(Tmm&%B^yZR
z%UQ&E7G)BsR2>xsn4(0Y!DPFKgI@RW!L-b&3}UNB0m&fV4<Z6Dy_>YWy@%sQ8sEcS
zl*k|=WuKEl1f?6&Jm-~XZ>$$`XY=<UV`SI}{9br?wGoi+F;%88J8IjP)Gp8kK^<LO
z$OEiE;OO$iG(Xjmsh8swq-$+=U{Lbq9Mv$NkClz=Y4V^KlUF}XacM#qKmJRS#WS)f
zOo~hU!Wij<OBKiL87?Isa*bUrC45LY%GM$q0%-Z29mZ^XNGQiZ8M86|`NjH|LF6?9
zseX6upeQBs9uU34(nU#l0%FXq;tgiksPyK+7hX^XFUJoj1%vBW9e>nH)JICb<;91x
zXpGTa11v_As~Kg1QPxs8H<rRVcAvp;?i%*z*9AD&xO?pAuZ{G>xp#ru$G?ZMQ#coi
zMa?mTa|&}A*z`7<#H)a7i8X<9^vlD!#NWZWuONSnF)EYbTmf%c#=vq+#k=)km|kV{
z<9CuLj(wOt#rP)0a)mg4{KvU~=a}|;b5S%Fr1-CpcA-3f+8-yyaxRX#Kp~35a;%yk
z_r=d)xk8?P{Aan03Rtc$++P&J<*;17JP9=o%ZZw#(UZY@rkiEq>Kx}d5&_G>lwvtc
zsL``;)1MD8QU>vRkTLKK^GEPJo>BV5Gi=B8e@1{Jo^h<<89xyR0ndmt49|#_kX?dj
zIJumpe}ZQ;BlY1K&YuaM`4|fL=-fK*obU__o8TFm6Fft6f@f&X;Tc&oJR>WJ;g)-e
z0rQ8sV1PG6Kb~QQg=b{Q@C>cMGbC|>XXMlr8%c-if{?AGL(SWZc!oa2Gx}zDMiIs=
z4~J*uG-`Pe&$uAU19&E9O)8Y&8TP207M0dsltG#3{-BI8lMyL_GRiiCGFFOc98f~W
zx&{Y_S6DQwO2>*xydp=ABhDOcNgP#N7qaL$ZmAlwQH8sfj-r@Z$VO%0_WrzoWU&)K
zqxe-T(1azUXa;EH>xi85Jqw`G8jR;WzlO!sV{&}nk7vk`L+}i}GCV_DD``v!4Xp*L
zi2-=VO6hvLc^jT#lO=eDfpU08acqQeTthq~3JTAdKk$qi2U`tcBw@fZ37**or$1-Y
zIY6T*^(0gRXtv?N1VbTWhG@1SFGUTkHSE|Y6EF^GSe*!I<fw8DbaX6ckVYkF=AxKc
zkVfgKX`Le>O_q3Q1p%Z{A}#ZJ9||r=L&vb-#iWKn8pi|QH9VvIpHk_RJEy$PsY9nL
z-E#Mo*M({E*9N&(Cdw11ya|S!EKi>DCK>W!9^-e996IeW`sqb1I{qI_2Me9}Td2Bp
zZ)Y$^Jytyav+!B=kFDVXlOKzZ!&28TZ*RDlgu?gh{4Nx&lR;b>F;OGE1M?2bfkFqf
zzPx$IgJSna`oi~S`a|sP3*jk4txvpC2jzVn${YU#OGu4l8M$M%|4r72YZy;DnT=s8
z2=rwIqD*cL={%nG?wo>7;Zy_UYl3jCAnc8<g}sTjLx&o*u(#`Q*ozMzIs}O#+-q{L
z2Q|3Y<PJcv>u|e*7fGVZAqYvsH4;16dY}GnDjhhjGF7E#{Z(Qbue*8*8rofl8)fh3
z-&rbcT6lc0z<7tQrJrAniuzPbk3d;*uN})8w^41BSKs==mRk<s${MVf@w$q?6~Ri(
z_rSrX*FhmKT{~2pR)K1>DDOiKgD1Gw;hxhReQ@goN$4dc6b<|6Y+*bEG7=(;?MvO5
zjx~kQgVHs7h90od^wiDW1CB0#in2Vx+5y$7FZ3=w?9Z+pa#Xl)(}8+sL{Dg-4>SV=
zsucn?6N)23W9Ee<Yil70JF&-_)xrrg913cO!YP@<?x_&n1qaqTry!P|Jk|EYsZ&uE
zjd-XXgwv-YU&dOcLv=A}iB1>=vxjlEY&R_vFpM0=v+_%{;obS(mcyiPwe&93=^E5&
zP6es^UGKC%;df7U*G~JBKKkjQ)BY5`v`_m}vd{RFvd{W6w3lygbdI$AVD`YNcBQuy
z+sSe5##ILn-;C3FaPx!7!}v_D9rA-2nr7AxH6xt3W1uzG3dS25;Si*<y>S0RyV}|L
z`(b%&sWvvh?__Dy0dID#chwCC<`ANSgDx4BPgkm4XlX&?5Hvo$_!P7kfbeExJa0m#
z#eXy%mABmX*8fEysP0L+(R=o;v7_Uo{cz~3=y}JVh#@%Jl*%#2oH8(^5ZIK;Z~W5;
zz+<MeaCo9#ixv)Q2RcXY^-|x{^qo3-5cw{S^qy_9hYJ!u*Jx%@y;~oN$yllQ@t062
z|5yz?qJF{snd0YMct8G176|?vU+y<ujdV%672PHCJ>+p^ThA4tQOSx^&5TWrZfJho
z(}LWgmf=UkF`5<=F9*A*VmSZ_tbYU0cKs{(IZHh>h+7m_kE`+h-ht)H6|14LP@{4m
zG6f<@i^6M!S&%SEl(d;gnxvuE-2p|F%_ENTZk$i(V*6${()(*j(lv_8IV{|_vv4E5
zP?zblY1c1cb3Qkx;Bna-8$F+l^2GUPzd7N8&P4oKDR$VlRowxHY)j?dvwLBu6Mu+8
zgYx+Jv5S%H@h5}%BtQh84HF=~X@H*-AbzFb<phWa@Lc)vU%*d!=J+q-vp98Z8>?`h
zH?ybQUF=YV$b1*)ykkB+Ol<fd8WXYMCA4hEW`Sxamd6Wd#wABDgC4mue($C#{<b%c
zKK+ZOXC3=O2{U~E##mMlL$b#8$Kd;Y<cs)vM6Z|Q1NZ>DJp&&c7hb;?G+8bOi-EuX
zMHr3q($#Lu9TTh7!u7AhyID)pjgjuBIFDJnNkW}P%VE8O^nLx_yQu@EHP_%z1J-<^
z%EH{2%LS~t{v^1ed@N?eTj!@4Sn;|w`=X3*Kp_@A>@SA5%c@n555m@YIi~J))~=nx
zOdLqAtbZF(+CdGcjIolAf)%`W23K}4IH3cY5oh%*WF5zcLm<pL0^%&Q`8IG#v@_y1
z>L?Vgu<NK1)yy~&jkvN#Emzp03d*W*>8r_(>o=g33+vb6x3T^-mUuJD)&@vwE44th
zZjVRf>t9DP@nO>h`t{d;2WHE3G#a(Mru=BsU;kZtd=o$A_?bxbn3yLT4-ks+RTF29
zHp>Y%wyJY%kNGFA2h(bAUpv~%qZg<ai=ZP+4Wq>tfajVSJH&@(Jg2g>kempQE5KJ8
zQ8%G!H|oHLg^apv5f!&g!i+^-+<_DzaFnzZ&Qy&?V=3l~&baET-+<?XQUt8`q#U2+
zu%5Wfu~ouO#<Bf8->yWJ6==~_;H6E_cf$@V$+5I4Y=gVm61ecPg3<xtS-^4>v}-kM
zx2jdiu}BEEQEx+Qg~M9Q(uWq8iIOKtuBCDm@?_ac7$n8vHJjCSk|?TME)9L!O*r6`
z*9$Q)lo!CkMe1-&2ugQ>K2OfkC+&xc+O%BgjE-FDuIiTFx^=jgF*T{ePPWoAmiO|#
zb7SWWjHA#2#95%98PZ+};*heA$s*(Xq|Z?v^d-{0;X+xx`vUXT=-PUT9Mr@cjK*{=
zFs>2HGR*bart7ob`g0Ly(Ty{ab4G(Thc#GJX`$1LuX$OQv3Qc{m|Vor>dU~;(U_G?
zj2xv+HCAXUw$t~Z1Aawgtc{o8<Kk#b2REKui!`m}Ftv*tlC*1uq|ZJ#J|2_D@u#@C
z@#3-JbK}tger|4jUBPSk+;}A?DolyY&P|0+pi?pxUPFtU3gyu!$YfcCJ<6s3p6C9r
zo#(_E|A)+TR+jJRJf}|aUw57}3Vp}sIit>h&vP38|5N5UYq0OYJg27m&dhU4`o!6V
ztBdbFyMHEptxT06*qNdj_PRbXtVda`gs~q67=<wQdYh8aKfThgV*WOH?BBsNmB+ph
zmU_%z%3}{A0_Cw!<98y6*YM?DPuhbiUv^4d<&V9Q1%If%ivf6uvk+oI8Bm0)1bYwd
zi-5Bm$jD?YshsdHSwhNVZ)Bk=@%Jl;>cqVW!uf?Tl*c~RrBf~aJi@%nWSj+gEU4J7
zV7=G7Vhul6Ni2)!hz>`U?qLe(q6#FOhnheDlyA2D5CKDls|Vra;Siz1Lm|UZoQojM
z+T>xNJqT<e>#IV}i@R9(GY450B)5>3?S-7wo2bnmq41V6fh$lplif~Gb~{-R-6Dkm
z2?U6565K?n%XA>pomllPC5|tC>1L$$YSdG0nFw@QV@Y%yJ|w!hYJcrubD;yt?%^OO
z)IANhF}W{8wHCSzaQei4EQCC@l-F^2*A89lb)7jpbZvsaleU_UcdN1d_?c`gZ%|tm
z!%*;>v{kvZ!?kBIjB9fVewD8AKqmNoBC3muvJp@dGz_J{r0=1#wS9RS@>#rG9rTvb
zLjNCoUjiprRpniI@6~&?^-`%$RqxdVIy|bYvvgPz!s5mvj)*AG4MG+okSKZB9Z+d2
z#AO_ZktkcM2#LmB#&N@O#1R!8w{bz-H}rEx(NR$ub^J!f@BcsNzNM<WL-<H*{Fy-4
zyUV%fo_p@O+c|f!Dqgh<x@>SA?4S-l+l$(Rij)C8+3E?KQG?KiBB&GfX!XK-#O6I#
zUwJEPlXZ|zeE~X!bGVjC=>D-imMZ;F^W2e2tuMIMI(8d%CByPYKhJo)3NX_KeKd3k
z-JlUUb~E!P9Nh6-hp;wdff7&ktwhs?+x)1o#_AA@x3Yf;>I8a+qT4M_*V_oCH6=X_
z#q=;&jlB}#RW@b71}G$)$|jNIQWh&1z-BiV-F|_A7YXPeR6n%KaL*uM0FG)F8t~jO
zk|TU0mW#OxIESc>RA%sm6qMubMX0XnLJaz|QiuBc;Os267xM`2o?#`3Mth@PKMY@w
z22!oP5y}eezTGJLiXs@ofMU!7q=6<w!tqUn1FEvQxER`AYS{s{7~WFoh3=!W890k5
z0V9jU<OjbXN4{v3@~w7;jv;j<@&M9eu{t6&Ef!3Ri;D#lzr@5ZG4U&y#6e7OBrt&<
zl!BN_#gbs+mo)K9O#BiPzk*2|#8iTvp`8|nj$%<*DHev#;^K|sr#%lg2H?lH7hf<N
zu0FDPkK=ES`q6tJ;|I?6FqfSH_K3sw#~y(eo26-jwyk~GCJJhscxP;cV510)5Ovt!
z&;a+;uAR#YVfUgVx!mtSZ?<hu?V=uON5l7=5$)b$-&lJvG*y&CQw8>$aFf)~i@_{d
zD;~hov-t{*3GlOVJ`<l|&f-XatwFK1LLgwE;Me~asGvPUJRH1ft)QpLS|PE&U~KQ?
z@kLlGdW8z~g9*EWjP{z?-u@(Ns+kOL!Lz%bdNwPY_P5Ahk$}fr@G+3|cl&`?<_RHQ
zCv_gusl9^P!d?-P0DDE`PRGuIjs#+`cm}eEVSpdunHnrO8-T$=NJk$$AMG-+F;MKQ
zbx*3=C|YSrkdoK@X{6YQj9{dQvZs-PnP;QCXW1wc+{5&RGogp&@%b^3@OZxRtdHSx
zJ+<7RSSiTC;AMzuu~M*rwu;Y}DIjML{noNf-Isfem4f3J&gaQLOGKx;XE3%>yc%d5
z&j2D?DV`4bn$Jpc%N%h=6Z5^MsQEQ9*RlxE#4tM=C$`eB#);R^8ERy1p~q-sB%(zl
zLz+dN59wq6YV|Q97YB(xMrm14eT*~-^lyKmb_eCqg6U(FJBRc!2TmWO6}ABS7^$j-
z(Z_^sWS`^RyD)Y%E;8fYvc>a{ch8<9&Wv~OX^NVEyxYrhO2@Z%(;1F$@1Y0dAjt^F
zIRR)H=Sb_Jaqh3%zAkcckc@Lm%Yu$`(lq{Z$2sNDf{k;^okQc?fg9(v!WLkhld4*n
zaZXVG=8@YKoIa>VZK&arri8n7jImSi#|rUb?Fb(Sv|I7~Pw)$S!H4nnTKq0HcsIqj
z_@P8>0cZ_yt9`8yEdg%zsUd_dM9gPf_%sQ1{Ey-zHvGh1@5r`57}^#-C_r2<e+RsH
z_k6Ym(Jyo3>;ROg(7Z#>T0LBTk5Iz`yj1HB!Q22K`R&J!@HQGHkOs#O0qsZ{r^+;V
zJpx`TeVGP8^2;;@m?s8co<NE$6J!M*h6;cq6s8IS<01{f<}(N^;Rq@YXHc6;1uOO1
z+#O9r1x*y9d-PB`*=CM@Hk~>ezJ#p;IFkF!X{Z1a4>*i%B8g&Q>=PR?Ez(+jIQvAj
zFJ0@>_5YpKZHLt@`k>H;;U{5ep3v$BOk!Vp62^#)m?s3UicxHyIG*N-?itpAZci6}
zt_MGF->2+|ZQ?kZA7Gov!icb(ZrCOkqfUqEhFPMI;sDOmAOR_%K$Yn0gJTri#wD*0
z&S{re4wQ?bLUpUh!5RT&s%o77cui`3XpNwIwl!iob3sblAdX}HO=%+=1QWN~AU*@e
z8yf_jbJ`#n@o+W>!X#}F;y);C5XU8L5M%-D1k~O$JhDMZc)|v8ESQ<FLD2iCZ4f4J
z+8~a7bT$Y>ElWX6G%e6B!tbBL2JtD>waW3k&}I&h4WdWRKdjgvd&53#4B`2Q*v3F!
zg*Jxc&`!}bcy_}{tpe?@)%HH?&;xo0xf0$lLOr_&cfq5}o^5?t6ImbF^X<d>KvO@g
z55L9ov)TIaA#k#>iHV!74-ynxAH)lT1HX~=K|G=Lfu1JogTxx^!xKtkeIONPERD`J
z7>zig?d?yc{ee!`zY~PHQ}?i<=hERT(7(n&Ks}dTV-{Y{J0iTv^Ad!F{UIU&_J_!w
zj-3S=4aEHL5uk#~pPz*JffELpAB1w!G+SS<w9AAj1QXihGZL+|BuL3i{xm=Q8#03V
zA<CZS2WFlPk&+)n;7j6+M3URC&b1zn$9DmxVVLlEzVdu5hRgNWasy(2AP0k=BBsUu
zAl0JMWb6;`y@vJ&hBw(Ccy^BetRV_dPyaw{fA|B?HZ~&xo}!HQg*R^I=>}_>pN3Jo
zTm<QhZ4>h=T^=Bvy;Ea(e4t|?YT6n;&tTQXJVa-xi}@ox#?~MaEjk#|chKozAPax(
zXB=Knae6do9CU+sbfREMbh^Rp^cP`x6pEKufWSw7uwfoD7F6dVO#pot&aZ>!a}#^^
z7v@Yu^T7pk%*4YMd^xxP4&clLkC`-8gxS!Kl~U_Lh-^kT@9RFq98M;f&HRcPyYabe
z9$V$PKOQ^!aWW?#?pZHp!%geL1oEJ<D3v-d!GnYC+yXCclcFRJE0}WtVMO9!0+yEM
zU;>X6B@ZUxpn@{IQq0eNFu??)LU0UXR)ysCOhQ4=Bw$;QIi3*a*C8RvGYNX80_T9_
z$V8`$y+H8^n~tW6fE+H2?j)4;q>W(Kn6#t=W6~uuCRHZyXc~8#uO!cPCC4O<GsD$}
zrl|RcD-U^boMLund@3_29G@!mnDI#>TE-{RdeDtehtA;rNzdSkTs(@Q>Oh{sQ(6{u
zypkp%{X-Fb^<Uf>Jmt`W*$9+7hin7~&PJdWwg5H)sj7t;=fXCUPEBGg<-a-BUZWU0
z8kfzz_Nq+&bJGacG`JO(B*(q^2e&E*Ck$@P!whcA859m~E9fzUn?$q>ZX__=i+(We
z^}=58zxMUln<-KUaQ!v+>2eW@gJfh=S{8I<llB0{vQPL8zT=5?$e&{^hDtGOvE-3|
zWyC%fWG#otaYRNBk?RsHTDNc|mYcm2GfW^4UUX<Jrk7EKOEgr7S&PlCkcC>1CF<iT
zkjVpkR$P(O4tW}I^WUSfYdifGE<?h}ls&b{InU79yz5NN-*qShaFXt18DXenWrwEr
z@70Kk&e09Slk@q@b99ddIPKq$=NI<x6Y!<|JL#wWyUE|*;;$B318^d*DMfW<Yruvu
z0Pj2r$><{zcbgqaDtVUfG!o|cC&e()S-K_|+Pl{X5PAPPl>Lr<+bsKW-&F<&fN-D=
zXXkLMGTiMj3ggaxxW-^U!l64{Cbfyy>@=d&5)IfiW80ujXJigWa6~#1DRyr}7I5gU
z<k4{L;q(!%P1A#QyeUl%*6p!-vN*z{cV!(5TGd|N!?Sg`X*qc<8q&5Lssj!js_Pkd
z1q1t5y|c&M<tFFj!qas7xE~Fs90BDGYLFpX<lA7);Z1H{1}Ai2VaJ&(I5IrOm#H4c
zpl%d&4ND7Ordnlbdf=<7{Wfv0n%0f$KatgEht)S%9V-m&*IIpmN!YKO@TeGw{aWy<
zKek^hFaB=->fRcd!P{9pRksQyqvg5-X6B`I!*V?ci<p?FVYwbffqA+sT|I`eG+*P4
zom*WdVR@dh!zrX{?`Bjr%#C}jemIW8iMs(gamV`Mc@my^OrE#nU3(A_W6S16c{a{7
zu7ZUdb)F3E_Nq%k8mb~0+LNi4K;$SgRGZ^D7+WSVzV_;!Yx-duKNWRgd-A~<Hm^K`
zYm`rCy;Nqr%8XM{Pxp-1J>zt%r)S3NnQ?l=(^nYjax&&DrIV>l%xpXdzlBVB<&S_5
zST+JDFl~%c;Y`*>paYVP2FpMjuw+9l*=}OVRwmlA6~%(XT)@P1Xm>!zo9WU(N)#n`
zSWf?88;HTC=bUhh3@)bA!m!oiDQ%$`VKX=sh}68g2qzPBPPfS!rucK5p2&lPf$;Z+
z{+#;zB0nPiQ>0f>+4?@}@c`L%o9?i~iLxX1$HJRDQ3iKGPL~z-dAh7aPnW&HNr$Bh
zZ@PoXp?tXNE{cHk@$yITq_%gi(`M*1>|VM3&hCf!N(VIm*|Lv<S+MSI!rH3Yx_dl0
z+ISY1P?2?)<B<l%)?I;sb(dd%6#%fzQV$0-o-JcclXX`>PiJiJ<Ub)_oGl|2&?hF&
zfXN7`iS6wZwCysP>mSE9G4*6tcawcI0q^>2V;~^jFT5PzBD_i4F0+MgHzEPH-N>De
zoduu0pxAa#1S;55`H>-9kCt(8gl$(SCrt@kXcO%+*oR<3du-cnr6oa1Uh=1H_i@Mw
zw%sUu+IE?FHbhE(41q5R+irpa4CgW{csL%f14_d%;qiRsc}xt~UhNReF8LR1L3oR0
zm&LPHcxn`nvxllv1E%K7y-oMu?LeOVXNl-kJCax6Js+4Gmjf3Mmwl>9Y0#`lUtUfs
z6q<AmH#J4guWNV~O95R2v!lWHN%X71_i8#rox?OeM&}?AEjkC%d@$-94(ZhYq&jsG
zje|t<ptLNg=0REo`nbQ)^JU7R1=Fc3cQ{rYy4TJ<Aou-fg)M+iU8;)pbl`OrVH-)O
z_BG~RkMW}sm@)5vn+C7uF>ga<-ZAeJO;PiYc`xQzg)xuWnX&E$28CnYjr5qYP9j>y
zI?{S*tmCb&m=ON;-r*{uagdC4O3Q+db<!&Sa>qL5(1MM1%AG@F-GQ?oYlSVqSSMAr
zFk@ZVM$)OL>hkUY>E)dPC=zYl7nM}Pzk$OL*TQ!ruZPvazX{O1%kFjj4*N}BsNUa#
zU|wy<XuK`LXkJVwUc4>BXlm{yHQyH57kqVAg5z5fRJXUFv?WKgKR!Bp6zSe?XZDW2
z7as#NTR%@2>gR72AnHRu3%<O64t=QHb*J~8Q9my_TBz`-R;6B^YE}F|`3x<gJW2r-
zbSX_WJ|L*ZCx9yes>f%%=<yLxJwD^p5-*B;M2jLHu~g(UR&?8Xf(@~SEW%0|s`4{b
ziQ|dcY7Qz_96h5FUlp=YyoxU0Nv%b>61se(O(^qQ^!Pxddi*33q~{s5(}D7Q+DiBT
zy^~O%551gTkrzFULbZPKX%ybkjpJCnuPvj;vW7Qp0Gl$yJglYKrjpxp-87$Ox#!~W
zFh|KNmojT!3JP(dTIQzyi>X|N18;1UxIr^i?!pEtPjH;Wu!M3^gApsQa%|Wr@!gT~
zF|F~a<tBihB!Ir>aZWK)8Haus8s1%7P7d(gOA*!sN?>%n&TF~;k2<mFY+Yzmcn4CL
zggR%OWq)#g!q7IMqKmqj!!{v!v<Zl9BH@p16XDr9$W-EN-AlmD{jgKTwu*JMFI2of
z*aL9(N=y|w=xoJ=0aHZ><yUSAq?MwJvVJ7Nc*qVnM!IU>=!avF4T%RStpPX=H}AHb
z3wri#r}(3%c8YbIJzObi3=$FuGsUqW3u2uNg_*)Am3jFf+y1<Eino*3p3hHYr}#&D
zLOX?cLOX?cLOTULkH}78P&L~r7<l096vWnSr(j5Erx5o6wNtze*j0|xsk=~*3uLD_
zc78j>{O8a5)d=y4*+vM6POA}O-DbJ1l$Un$JlZ;xWgq9!j6nk3Ue4}!FE=OC2J~cF
zCyuG%UcC8j6h8)X*eL4Vtu~6?;AUfz%g|;Ug#^Vm3h}}$!Ea=v5Km~Mpr^@3A+g3r
z@jT=U8wIJD(?&s9d;5CYDCl(k*Mcl}>fNmBx%B)BbXyDr#B<pwX5p3DLx?wNqaY+~
z6cGuqQAF-^>`d4wUXR>i7vLvhqhR+88--9#nr7?tm3Eo^gkVB@Y@=wUB|%DTqj)ni
zf{h}|o;C_*o(+-CZ=(>dnCVZ*i}~o>1C*vBgvay2y)lMsubv?`3i2=b9Ku^{6q3D4
zlCe>I^SZ-L&9~SnwjxjdvqW^NXC!SD_W^TbJE{!_&@K!gCNT%l5+~Bkw*DI+fvu;|
zdbj$&#^sPLPx5?$6vGbjPJY!6@m)GY-OTqS-kN6Cp^ioXT68p|Py4BZ>-~XK5AA`x
zl_K?M_CVrlT=TfjtaD!?3Xei3bAXPYDH#i@j**7IKF&*(Fpobl=g$&v=wRMn@6<DA
z<_wrS(t&s$O)_VraAQVv_zX|(B+fc%`HjvSOCB6P!#&_~<_Qnx;Blv>!)Mq5G|DG)
z!smOiK?0bW5d!6-PwRxw>6n9D@zFFdaWpM@PemC-{#*_I9L#U(@akwOCssJ&3p(<A
zm7KscrA?epI{?q-py8NjbIfr;t+55rwj|{Az}ptWI!>piWTcvVtojYcg2q)kR<$0M
zu1scnl4Dbo5&cC?QS%!Veq;tE=3xe{|6x!#X#JKRV^ENYmcfby$~^So8mkWN*I&!+
zt&eJ~YB?`G_kMkmiAOPN9mtbtO3Q){UD6!DSoX~a?|yw{#DeYDH%uT84(-<uA9XWl
zr{~_UuNAUT`}Gs`ap1=(MNYlcpTI7V>BMNl_2>7{#vax#kOMUB0%?AS{U$H$0tE!q
zF2HEm1sF}cfOw(iXEf~slA3mbeZkW%(3GGhyXv}!N&noI^tR9=Wu0v^=p<>5@8Kh3
zYvK;O$gV&b+6)#65bNig;MpUw85BdC!3x>{#9FX|SAlV#aJ7gq+5QhGu^RwLEe3=k
zv@0-ao&f-i*bV?ARs(<#77@e@wFV)?egFtL0{{p>A{<z=)fG(^1lkT@MUXA_p#|X@
zbAcW8U9C2R6|FXeNN4U5Nz#T8qCx-drY^<Y8hh*((1w6_-|;B?D(aj&Hf>OQLI>F=
z8%9fBx0(>j)gyNgSE|q3UCNY8*)?xLJwkV%r3E1;4q6cS7--IHM8<s<#)5#bqy<5O
z5gS<$5Fc>^btdtsnI?ePf`GF|#7n>=hTh1;0D#cM0LumJ8`)w8CWbR<V(@Gc*m+G1
z;Q1UjhQ$<hO{qGMIcyAsp^ZUBUGOXikL10m&{iRMw8@B#A>og041A}Y&kI57U=6~d
zf#`jq7X#lTvNN2Zc7|Rk^w+4JfhQu4rW0m{0;^o!8={$^lV%1nI?&7jql3#AfOrhT
z<$FLLuXt25Lw|VB-#MV?VeAYYYG*iMvxl=6p+$j#ursXL%o8ffK$sbh27%ZLAH8uj
zubrWT{Pui)B0EEop3u%9p3u%9p3u%f&m*!k7*x%61_mBDI|H#b+Zh-V+8M-sK<y0e
zz^<~KPJIRScre--vescknHS0b>+Rl6)srt?--oVv4)a6DEc3$&@}O4uX4nGTAASx7
z!v64kEN7d~NZ8<V<M~{*HrpR0D7HU{7xo8!Bm0ARLi+<fP4)+gHTH+od&T}hD(195
z5Z2!QOxhpl#QXIi%bhAy1m@D=E07ff0r6b+hgo=KmJ;Gk+8+oB`$I$m><^JU9Xk{D
z2N$_R=g&{V{=mrw><>cu-1Y~hU1nJ!n9v^EA6jWikP_P;^2iAGhbVj6ADDSIL^{9y
zLAYWjQXwy9+ZB{f2PjQN2#@E3%f@iML%Uhe$6EH4WMMFds1_51P@uwOOb`#f^Vy5E
z@)ITq@Fgwp_yHem5ELK5oisx{9@rbxsJ;C%Lu`T|?w=XrXi|+WqC`z|L>K*Pj(7r{
zp=Re4dW>dAB3d*%q)%k{V7iClkPTw(LfRli4jzRz=M@n2Vtcq>ybXug<^A#{cp}{>
z-pj=$#j=LZZwgT|7F3ZV(tohpAhi5{UK@lm=#UK}xGIN!Fx2uCBCAoe4MJ;d0c;Qn
zIeiKm*MYr@A*|zc>H^^AzXNj@L%iqH8MFpxY`i9l=Nb2LKLcKA?A2Quo&wVuZfQ7&
zgAeH8T!3?E)df8jk<mR3e*;g>=P%E2pN9n01)a?=ZdaJVm&zad`Q9=8)b>a`-aBrJ
zAC}})4heX**aENd5&G)kE$OSL?mNNIbtpnh8oZVZlEN}ZI-n=BRJ_;WLK5uwPgfxF
zA=)?E1VbIrnF7Q)#~5@PckbuDQPfN+g9SV`HR7j+!}=MnQt`XWT=O8iA2Zc5UMI+4
z-OAq%ygPuMkXW=Ll_#m>*<HAq3Q8T1TP8h8#D{q0eg}OF!DSj((%{`(<b>1wNCSls
z-hbe#m>Ic}#+8f;u%a?eTGGfG8g8b6GAYe8X-UIHHLo8aad|Abv3E1e9jSQLmOG`2
zS?uF0>f+Zti@?39du%MuhoHLf<QZp~vyGvmbbo3u@0tLn#QxM_;NrUoI9Co5pjYZ0
zcbn3?skb9N@0k#}3^%7f(zlz#9jftD&*mlP=BJ)}6Hh&toZ)VL>v;#JeYVJPq={*H
z>)Gy(&a=xRj_Z_AwyN3a;pg=fK-&l)<*yrMqt2xThME}>K;l_BH;fTv(aZ>573^3u
zBfCF)XIO)>`;)RvUOpmOw(wYSDJxf2tffY!;tfDOGe#$FtZ0Y&11|)Ner5^vGop2&
zex{#tBwIbHpTV;nkVFDfKU1SDLuaS@8L0B)>JMuWO#%0OWU()L53+@DolMn@$Pn*e
zGk1;5ey2RX(BhAaRDrX0Gi55&)i4kWoG}oN%T|)1(BO=q2uqqnd+|UB3&V#aO#YW(
zpUyK-Pkq<%&FGwd*hfACH442BKUKZ`qM-Vn3?7(gZHs;<)2$xS?__$_Bl?|8zj}IS
zyxy72pnCLzi#A?Kfg3KM?L~mzO<^vnKzBUDSD|^`1s{j@pzD!WqBFR<LPD^Cg8H8#
zo)VtHttpEI@i3@C-$A74dn5>b6&_1LtHy)Wk_TR+mU}R8&n<c>fx+g30^a^M@D8@y
zYB2QGnQB4Z9(b!RXjwDWPH{WsOd0PaR}qk%*#mb5IS*%0lwlwN-EDYzxouCTXC}i^
zv}daM8DNC71J~Mi@TKccJpJHw7mIs}?He<FGZ{XZjpv^?W-$I`s%-#oM@VV7SYj#R
z#e><P6=7Y)u8pN7c)fYap3DGP%Wyorjhu^!Ejxq7@*X0pb|6(Jf-1$z#!|O4Q0(4Q
z?B=uCyzK;WT}%lQ1#7S7!fNR&_HG<5_H8WoY%KNTb?E**cmun<u{2N|K!PPoOKGq;
zxUp2llhIW&Kxq(Sm(U|M!P`cLoc`hvo|L`-GGk=!6Oj1>r{}_LA1mkIMeBO~yw(E}
zKmUH(YWSW56kVxI=g?zzrWUQY2Sm{|D2lFPc*_UdAustrBU-zeBZamjCpC;RrLmqV
z=SDg$cgA)ro8)Q_w=$k{d&hoi4`R|{_S4ob(q=Y%&%gIT(RAFRRBk7G;(hF_?ZZ$F
z&DOWEuy59Eodvcwu3_Rxv&C7C2F02!fq-U<U;iusU}di!PLp{12V<HvTLOAEV|yq4
zKGAHE3aP`y{U0*3(&YB`E!1r>q3b`HeZ<se)_Rj}D*^BNPl<uRKaLyGn-K}PCcH8y
z3-LOsair6?rI{^sTM-G+ZAI>M>@1iONp1jn8uEumi60q+^#%}5qoCb-7}{kLsX&JI
z)A2ovHX>m`l9mK1d6PeH02xO{&~8Q9Q@h2?vtiz|?*B+~#Y`hZ*o4k10p<En1wvC1
zLg##N=f-fkzFK>=Ai6EGFxZKx7Tp%PZL0*GNf|kN==Rkkrt-^u(G?&v#%)Eu{AUeO
zfcgf|wSEO@EUT+)>UyAVyb#FtOR@Dh$l?Aewq8V%q1Ym7Dz-M!uZpc3=nNHGH_{WH
zfu_4fu|@hI@+il_wP)#&ZfikxTOuQWe%+Rmv7ovwX#kY(gK>YYmjBPI+foJ{(rxXZ
zZcA%y0d!jlIX&>Yt+0-h`)g;9Rd2&s(0H+qRkQckex+$_YT93WS^w-|YsY%NUi50d
zWYphy4L*34=(QYdFlaFkGg!TyLE&I^J3VHwl8BbUiUi91?BE)!4(+e~6YZ}RnRpbV
z)`8q#tF$cW&?U`5=4J=;{#s?kg6*$0OgOZ^Hfed;=l)u)kcHY`o2ZWiKTauf>N^kc
zeb};2qt4doFxnj$FrdYNEk-mL)wZ#p)$V*)qm0crr1#)D(|$G3T!3XB3^X4M$0a-U
zMdWcI*U0{bh>Pqq<M8Bs{^sSk01f1akcziyf0$obWBvtS-lm=O^ET}!KW@`*^7A%r
z4af)rD7)}3H8ECU_-O{kwc5=A8(IQ}J_71n!ZNnt)iq*bKjH*SMBB{An3?0>iI0rU
z3ENB)3~e)a2oUS{Xsnd?Z-1@@y`tXT%i9Uej$B+%;8jn8;Q?1ydEMB-2n8g79E1`G
z+il^Bfn*ymz;H<j)R!fXh8e)=Eg><OBqLZ_wC5fzI{*_qP6Q>12;|Ua<l*Hu!oY5m
z$dD-j(gyvmM#Dsth$b+i3s9-|H0}0<BArTfb6<$qWbkfkF%6L`igjg?-UIHWjzvwW
zZKhvrGd)S$Ov~LNKneRyzuIR6gX-qpxDFoaJ>a2LCcZL!_Prrc2rAmX);mT@d>*{%
zk`WgzD!O32<nd~8T%!WrG%RC!w>Vv5cLR51!!>PYytM-HJ-k}P7|{>_^)gfSA`JUW
z9r`lW)db|t+iiS<TzvfifX@}5nO8=(pSH;M^KTSz+X#4*?WY-rwjUAjCfiRljA<xh
z`w_g_aAMmJ+r}c)%SG%%$}_WVCN1~fh~3iIdMMgCX$g60GzANK_EMYJfEMg35bzMM
zCGQa<kPjn}UW6`IAY6r>qu~ZdA-qcnGY)oC^Wk8S2p68%F7TrCHeQU6Fuc&mo6_4V
zydu5YCbyxhoc<$Z{oN05$4yw1{=css32jV70Bcg6;?orynHb!Mpd)D{!{hKt@O}g>
zrMZlI^`R4XQpbbt^{B@IwLR&Fwx_!xQLsJnQ!b2jKu0>`Wc-iAi@RzHnSrsN;jwl2
zL?+Xz?*h*T;2BgrZpGf?cEci6*|f*)f$hh}Al8d7{e7?|(ccdv68!^sJskdWe$CCm
zVtF%#%;n&1DeY!?r+Bu9)&rEJ<W`R@Nr!jx`puWOwZ=L)2f@x28{*mJ;!ttX)6MVb
zkUd`5;gwf@)Jc2s?)aEDyt2a^kGJN#)pg(>?8h6=@hanaZ{Xz3Fg){KdMC9ERL*N>
z=!c!5T0mD38XD%ms^c|iLog`(4lC1UgTg<9uZ@>-0U8+;I4o;WY)}vg*bw;jp8)_G
z6vV@EodyMZnhXjOdl6%MCr=v?g952wxe|JRnF(lWdwW280@JzvdqI~w^=a06lRY5;
z@A~hHfxxHz!pm7jgg0qVV7AcVM<l?W5V_N_vryF@Oza6C05a(C`H^Xi+7meR!=CUk
zw99lyfeh`jJ)xDB1SxrwKkW&3AtTrmqU>o;VCLB{?^*VQ1otpik=aiOo3Ilkpj`j`
zKxh~ybj}C&uQ6PE^*k{qkbl7s5Z+=;VDW5~p7SXmXAj+f*-576%L9=yfqnm0<jH^5
z5M`%&UUHM{Z-BY+GT_=TTf#<&;QrYX?kB}i%Mdkf37@22Z3+KFXQ-a}Ej{7!XS!R|
zGo%k)7Uc5a($5^SB`l~dL1g4nXk`x2K3OGWK@~F604U!Fqb)(p|L3(OD1#2!686uQ
zpf$DtwuFS79(Wy1SjS0Q!tAlCy@;{uS{<uq+Y(j|CdZ~GTY_CpM$La$M+zBm&|)5D
zu<Bq?I9PSkV+JdUXc??Xpjq=BOlLX{*%JOlwgi!hM=@$0NLzx^vY<nkGzXcR9n7`_
zWyFHn5)2a#*%J2KmY@}~P_~3beH{34N|AF-wJ*JY7J7f)e=vl$Ve}5=cBeh<jzhOS
zKI6a<*$A>@KM+_yh8<K`vxhv9WaBw%SICZi2Wj?A!(ySqNevjhkr|?r8_C%;R2U;g
zcI=lms3<PQ8WL8Ar5wSi1Nd*GQ=7vU#6&iS&G6)W{^sSkU}gLxkS62G2j@ZPqvfH>
zFU$qYl74_mcwck4*W$<Fgb*Mj32<43tC*@dTGE8FdO~x6*Bams-GQ>S0L>BR!YV=H
zRJRhH7kMU2Oq+zyf;j$R0wQ{nP_OGZ!O$krXYiy`|B1XeQtyiG#?Ye{XYy_#<3U-4
zLk?^Cb1Z*WZQhuJ)|D3;>-h)VVJy4i3)Rk2dgL)yF+G#Fi|N6MIn(YzJT~Ocl^zd=
zPC%WOuI5(U>E`XqJn6BOe0JVAR)o7l*2#;U8NPq$Kr35x00?y@DBNQYn)}Cb#KXKL
zdJM{|HiSX3A*@T<5QdRn@?mP)4+h7>*Cz!5(o(KphVLfuOeD-mTe(nf8+p8y8HO@b
zwfeA?Bz;gm79G4KilPo}+OP-a7zY~vV)`&3OF<R*$MqZb;7X0QZ130ytc*e7y1hjg
ziS~H-0(_6R<2ua!R1m0p?`B0(_pk(5<US0oYuB$)9PCgWL>^jXMq!9W#Q`vhyStn4
zs91>xU+}6w*5J#%8iO;G6Nm`~hle;g=G36kxfr|}dL;-{T`qLi)hu?*;z^xcIX_Tx
zMpk*%#pBSE!xVUNc`F*}Ik=U08NO`p0OmoiYIfZ3fftX-PQcdXlvjSn-L*w97T|Ep
zz2&Vq#&7{sRy*3NYao|rRZ8y27%pv`0oSSH9nP*VdA*zQn*rLQcRqI67c=KW(_5MF
zdx_oc9*3?Mkz=2#b~@$3@>YMGC@I^N)AEYjfjT?#v~npoveGK%W_a|&pw0{G0#WA$
zbpfbziWt|h;4+sS5PznaEw5^;E>2?40y_?olvljf=)Za4@n-O?Iut9wy9*=T=*cpb
zi$%>1y}6sAqC3+K1$uR8>_5s|^X0ZRw;-v7gD_yy<#-{KN2sdnXEx@c0Y~S9YvCQ(
zFGw;J;u=?SJ?Od_2%{eCN^l!RH*8FOP;}!Z(@*1Onh_tH=I@*S`G@`oKkM;=FErvs
z#}*FA&Uzf~;EnbyO7Ga0oOCu+jpMrcqL&x>u4YfZ2;%ObM@Yn~4$VpRg7|rL;b7iR
zYMZKAVaf14LA2AJjba}=?bqQz3>4#E#WJf|F+PAQZ|q{?NHNZ_LxW<)xIjP`&aZzN
z0H_!j4+kGA#_4HNj7#iR#`aDw9TLSjsgSWN+7B<Il_s{gUrD_<leyBW-KiBIPTF=4
zcp_~(0q^?#h&DioZ_<k=;F|Et*cReV-XXzkp%;%xfL=Uur(<V9MiSAA4<UDGqWO_-
zP_^P5e4rH<%2g*iH|;VAhhRc`e1}9UEeTTcl0UWL!^j9)@hE$0#hH0FL`r@P8NS(-
z6_!=g-r8{6jMgD968i20?_7TnD3d&%5AN_7uDzNQy*T+7JPF|~dT|!dR^hpX;&JZK
zXOB3~)O;De;?EYP+>QEP@mA2!f7TF1r@IeFnW8=R&j9AeD}igj^x`K#0{2fZ{$x@N
z6$4RIFFs1Y>cualGgLKPM2}H5NJNXOf%IvcKBN~v$le)S$onHi6dr|!;Q;Bym5c>d
zE=U77SoPvs{y(o?Tp4soFTQ_zajmfh(2FPJ^uX&I!a7c;HtA3`=U8<m#)8HTI##vl
z#dq9@;D&i=Vf|sVN2$5C)L+7}1!ELZnz89B28CnObLqLOGWnvVNqjPt?PPwEY4AIY
zzB0Ahc@y!Nu}l!PjAf+%U>wVyh*`neT)X?1K)F@7?3x{@%c@zy(-4-k{EP6(+W|iX
zPcJX2Wc2HqOHFJmm_&5V^4H_jX89ZN!3&v=9WbDjwgVG_$=$*AX6EZSJ$f|nF|^!q
z-Q^ZLc2FM7)$$?^k77LA1^OQOeMoatv7p15v>6b~{`wdAjwj@*Rho<#h2o=PQwYVT
zEvq7e<>zP?k1p^6sF6h(ES{aw#2XEGh=Fe=gs&v%n+aGx8suPsH@hMhOiM1sXW3r>
zeZ_f+vPW&ov$P{`Zdis|X?oJc!lu%uZHy)U1ByA?rpfJOOA9#`H#Ac|cUW)G!s1#T
zShMSuS<qI1L*`uxe)#NyxmqiXNW8XyO}FOSE$lQjPf#evwql#<3~)!+LqJsb?B<cm
z1fwGIvnyhuwBu1d9Qd(HC7k>1u7-T`pS9y=v~>StD7~CpelPm@#;e%)t;*z^4o?mq
z&F?t-N6d~hW7zFYQO1<ZK~Il`b%)2ouHl%{D+F*TW3IL3;tk%8mxZ|Wx|JZh^tyx2
zaCmzkJ?B>@mk%eY*vYcgW-J@pT?$;6GjMbDq2o%<j#smg%UQ+H{JxrrKU3`_+#nQN
zqZM3DOuzxCyLP;WpvNP)-d^n#pW{E9>aW_&pk@0fFhQ5Ci0vd|TM_G;|0wWw5BIM6
zBgi%93Ve^7fG>#K^-n?kGBdV1DW=1AGVB4qxw3vVKWLS0{|w395_l*oiEj|f?$ae0
z@LcCpugU!UWsIgS{Af5(*y~x?yIIs@5wO2Sy~^^(0FDOXKM~)W<c-ol4xVM9o@z7t
ziD$B(7`%BK^yb-{w_*Qr?&fXSf1JO0TN}3a-n<PO;A$H_*je9>5BA}A-~(OecqYr|
z8KFI+stg<TMKxITDx1b}&2w(NRN$@8<Hf>wiThUDi|t^^wqo0OF+C1oBpWZa+vQ^W
z<-3dR)uD?8q9PFPL<~@A2IvMrVS*{Un<IK8r8kk80Di{zG{^U9-kAwOPJrHKfIa}^
z$1{?)uQ{s!=4~iQM00<0?0{m<<L(VfJkS(<x$WP;8e|=R1a-U?{4Q_JS!-VdkF_n2
z*DP<|243W#QNDaP^y3%j+&W&m1Sb$yiNb7@+?zm9cN~N=OUj-osJ_~@QBr{QMqxHe
zhJd~}0Odgdp3yV;p)n|;fhcI7EhN;{C*;-j9|OsP8eYT|MGN)tvtd-EMGr4&)F12N
zPo=C=PTAC7L*8xEroI8~CDEpjlIC-Zw6Leay-$**jnVYqz+8rcSlK$B!v_111z@=)
zEVp8oTVQ!*D|l|jJh#AeBt=*g(=B1T6*Juurdu)7En&J9Gu;By6%)BG^3hD+#QxDo
zT3YEN%?E})ViNl99K7xm@>1+*_)_dn_Q};w6a2|YkInwK_8ZI3VcKoiD|YZ>j0NSf
zc6-OIhzZ^$zRt;aqvvl{WWOAB-MEdZBSrQR5CaX071;s--8H|`$x)Flo|S;6BAcGF
zKMG&vp+!;bX^iciT(k^|?Bz;}j8fYFQlBld$}Dq=!`_aWlsaAi??IhAwOiY=>QGzZ
zUH>0qAZY`-f4mj03GdBul2HG>PxxKU@Vu)mhSwn`N%j)73^y!8Q`-5;@X9y?DZ_kl
zH@3jpslnN_ggFZt%01=x1je4DIQB?w<y@)BQP{3oiFK;FSrK{I&zKJ{K_u}KSn#?t
z{!Q>@pgoU5+cMo*3C((03H6}P?=LzMR&-#hjA1#C$GMfX#_>=@S|W=M&q(0NmPWwZ
z=}LGOb9&6>g_I(XhADI!<DXZp7L^)2t0ptsqGk_M)KD0Mfe=oTiqMnh3dNZx%`=19
zZU`BtN4hXDOrDWv6>>t83j^IzVArVCRV!wc&Ab4b;v2jR*|zBK*+6V<GfY;yM4Q8p
zV9eC|C=dES5goox=XSE?hS~+0$F*n|IO|k>{|B(1$K7pnujlR6bFM%{Uh}#H6L&$^
z`r>ZW1-!U188Pd6^+t<&^}-;6(v+}2f*)*};3umezU;<D4CW^JdMPV~#}vg;N889L
z#cZjqm=<rbO=~&>fHnm!7L@-95UEZaDh!i|-_=Yo+o>=16n95PznvpbDCTg%nyU#q
zjWprrwN8aBc4!_65W(502#TE&t;H!8JFplk`s_W58C=lTiQ9=6tGB3AzY6?12Q;g`
z@cP$msf2seN|L`~>nbv&OS8|GmcZLlT%z8tVV^w$GU$Tbb5dGdG7Q)Oy1Ha?Q_P9T
zmCD7%#j=!6%cgFmGl4>Em%>(fg|c#@qDdrH-N57duVAiT(Zq6IQ7mfO?qYtlx7e+z
zO_ixnNp6p04YL!mmFs?qiPvzs*uA&Z;}*-sO0mZ%O5TS&bZ+dWevJO<(u5o*^as=@
ziNNJ&DG|7QmZ(URAig$bv!kE1eq2-QZlWUMZbp~fMou%sqs1b68zYMuNnxY{Q*f>J
zbSWDJWo5WRuY-#QO|1?OYn5fS%DCuu4SY^O2Jy;D**_QK1$q<CSqF<=PZ`)J802U&
zPir6#)cHhBtGk#B1EntK3^byGg}i|+782F3ZXh>-BL61P2?GUrRtae{Ol(smuL9Yl
zJw^2yZkZ^ef*PP$hy<W*@2q;aQjftH#($RdRnJF#LZ#TEnv6Oz(KV{(0os!$?a1fD
zRH5Lg7E?R9;J0Wz+La|q;JW?=nmyL_yE(s!*7Xm9{Ko4L#C3fYbC}o^+PtpcJ4c*Z
z*AE|=Os4Dl!Q?Bzz2VCKUy)mFsolHUs?^F@;*%CG@kszCPxMAh{BIFfm-zopXSl@w
z6+MsJ@p{1eoO|sQBv*%v`(=(s$)etK{I3CgS?$_*Rlkgj`8P1NEan07bpg3LT*WW5
zlNfA+0sQ0IBb?8f_4`OcV8hjVoN)AhxAx|_7VD&27wgLg?Q*nO-{)HW^DOd<!nOK*
z1(>xqXI9N?b2oJ{%5fR{pMjfmxPBVTME~h%hs&xZKpqcvRyO6aZY$uZb#=3gzlrgD
zhWGehvmOUgy=v)v+aE=O@q#^&*{w0hb<NE&%H0!?-xbh504L5aZz9GGc{#d%&3b4*
z5(snlfV*2`=0Uix^`WrH)Dho5lDVtuJj@!>@d=Y$AJQMM56_6!hY*Rch)A5BSRf+s
zs}i^)S{cqKD6C7qJ0GqItEH{Yi>};&Rq>Aj7q{kIuGfYDymK2@T=7cza?X34)Uy(J
zL~60d1YBZ;iE6C)Cj!|vAcMw*xdCD@UV|2@9niu=8B)_CsNkrKOSaXH2wL);MSn|{
zq(96uqCZ^Isj^|q{PedlgY<{YQ2NP<+4P4Qw$RUP6ZCJXMN3L-m@>DGvL!@I%B@i_
zdx5!^ly5>zw4{71`nTpK<)<MDjkhp$^O916;w7bcv5Mq3T2hK9TvF20w4{_+v!wiA
z<cnTWXfaDl(Km#Bkc{`3Su>5jeJ9tHbh`d0K%P7G9sEXnq~f()2=u8K2r@R;8gUlh
zd*dYg1^@5O@GWaf=?Rl$n>D4Dp(*X`wW0!jF3v#8Fdy7KEpW5el+sli?&+FRxTk#C
zjyc=WvZiFN`&v^nAFe4$yoWy2X8?93N`O=sH)Am{>t^FXtSEah6Z#^;i?}}Ckr=TG
z^<o7n!D;A1C0N&z*z&63vX*3avX-oNV1g^~I^$ympXJ7K5|?so3_Ng3jK`H_^#si2
zBn_9DN)@L5c&r=OGUPOdhLoJ9NmC13eO@uIF*0M*m^_v>g<&b3EPAlW5s!;6mxJ|8
zv7ka(EbMqQIElrNkTE}CmuwfKWCuS-QCgOpBA?p0%yLtjiY_-987((oDpQM{j1Kip
z--;AVBqdyg%1onW5y~l2?M%DEMdlyq#z^@LPT;uT`5Rc5Zb{7NBbyjh4LaA8Co-BW
zV<Pk6x|D^BXZ7@9Wh(Q1x<m7qB#Dj9>fPtM)L0t1EbYQ#lI%eJq}9=eH6zxgS@D@_
zLY<=`3}{$2F^JR@m#M^rBq~}>%Tmb$%ToEq%Th_usdC}zvQ&aP6bF~321IaTS(@<b
znkHP9vI9yiOU3&z%Th(4D^oT+^@l4{$uVA;iWe(W_AB$POuxXmoCva6nUY*BURg=!
z%2Wb{z%GT=m8lf1l89BetV};k%v_mDTFy?eGG#wh;>xrKD^o_8N>h)rP#30x+VC<N
zn=iJnAGNzitYWFuW8p^hp5XUH+S?s3S%)jd-o2$hUAOj`#e>YWO}{#d@5jV$HES0I
z*R9Q)Cag;E5ON6jg*+B%`S1T{?Nb&^#xy*miys(_lPe@NG=(x-H6Gy-NlVG`>_X7E
zm2Fw}hXi+^&yt3gvqjA7mRp<pHp-QEM!P(z3z!P!tJUvlpooGxwKhyJh09Z(q{W{1
zEa^A6eI(~rZqZ)B8|`u{7Iv73w@YejIKS7V^HN{OSoCa37xfW2qv2wIfnG(oqe$|C
zc37dBz{rM?RmZH{jXXJi73GDo$)|v8D@iNm7<s-Ng+Y;NLR}F)g~V`Uu<PJg#GAr#
z8oXhGA&0H6n9=Z}PERoYK$D>IF42Y<?3C9)X+U!ZdfGB_XfP%|mq?;+AUA>1uuWhl
z3>4&P#go@wN7Te<YI(tBdLs2mX}d}VyM7FGq0%fd-U*x`Kt0+d)otR16)IKGLFA%#
zm*0zaR|wSwB8bOZcJKq3GVH0;Vzi(eEdTq^o;u|f`N>{?(G^orGUc$=ZM+pdf#o#b
zhEHvW0znoTs!{edqcnc2B_0i0o}WB3LR7ogZpLgY=xUB$g3Sa>G!td}7N|220vEgi
zL~CNDd{<L?Nj?kaB83UQ-jWtN=D<Y;zC#|&h3O|PDgFs#@+^|R8UZO`<4V~kLs<~V
zYs6hmNHmR>TZ{Of2ww}Lc_UbpNv2%Vl!MlnEHi2$QHfkN;tZwMg#QQ##iqwKz~$%%
zc5wehMd-;{Ca=H_c^7n&fn%1>Z}0&o4m}^H2dWp5AkK50R33fHHufzNI9f2ZGX#-?
zvWh6M*r14o`LK8at0Hee#U!_)B19!h;wg|TCc7o8d%PVNg6iOYARaBa0xhzUa|33E
zj7imXIQzG#&Fc<+i5z%hCs>S^Bd}vYVvFgCl3OliMsT-Yrn>UBB98oEqKmF(>;WFf
zDZ|LZeFErTf)di*79PGSrpNv>JGF|ayv)=&_zq8gXHDvg;AhBs*)Vnri9;yi8rG7#
z^~h_CU(j3GSH1`xZ4O3}vS}l(iU*5R?@;Pop%GTXa_vmR8=aQ2U>h+A5btwPhu@}d
zWcm(->aPf8J`8yu!X>0&Pt&cx5>gS#Y_lq>JH3o>FRMHpsai`Uj1?1x<tM)pHTq~=
zej4%*P%e8o$f9!dwj<wyqy9?JhR`qvHpOhf-&~Y~mk4Xgf#c~0$kP?%ThPU1wtQT4
zK!1#AaVpC@oFxc~$+LnYps_8JpMvED8GPI9jC`?D8Wti-X{WLp(@{tTX~KcFym&|w
z&2S18#$pi^Iz6PLYy<*{C%!yIkR9n_s34P2iO=FFTNx{!v<hhlu$RYrikTg6XU&Lr
zMcOIlM=BMZd0Sk}%AQ<}7_$+9lnKy2q?BF0ipX=Gc`4HNEJ4~Xq`f_flu>x0T=l3@
zwRpQc;p1v+YB>l(f8eApLtQ=xyl!{;#=9?QPeUn!J549LC(`2qJB_^UiP#LcJK`@m
z8S!IBB75#(w>>=}5qP8s&dNmaTLjnJi%#4;*#_Iw+V}B{^dRbYlJ$#9v|1_=$1g#e
zD0A^r*x*X1x^%>Ld&jT)BpP*|Cqh-mvA_|@E~VGJ3Pr%#Ma}puFC(l(`%SB;OCPf1
z9c0nnAWgi|rCoZfmw9DnHH>cM;P;5Zp~)7qGi@V|mnq*0WKKm(>7n6Jd^{;Wl2ClK
zpDGy`8J0?EUcm=0L_OBpacDzPt#QC<2$17@QaBtKEEnCfp5ZLAj}30)YEj!f@9CV9
zHo@s-@C*E)*JHmq>MY5R^qbyL`Vyy-AIVRib5uC&dpPVZ6YWvEGO}pNrL|>N-MFOx
z-Ui&;=dKT@-YM+NSt>z!D6Uz6oYZc<QWzQTVoP_twh_;hlDB2u1mnG2UhX2a$G+Bm
z-IvAE<zn{Y?Ui!bsk4#ymB<^q{UyMY>DPQ}RU^Py443`GAQCyr*A9M%BIhyf^@5MV
zRS@bh?G>R^(e$LA1;3NxosU-u-@XNwjpipm8L`C*UPmrkGGP~vidf`5e+c<m!TS;G
z55rk-d&a$qw&AQ&f_h$!7tUacLbjZO?1gmTf8!C(h?fl{qhh1|fTV~+RZ!fJFU2&c
zb?#nims6nox#Wuw;|LwtL^Ezr<cB?_qks-6ga1svnM$UK1p1hlD-^T|Sp<&5G=C?|
zKg;YLR1C)$uusm6TJ?TQT4V2uk|q4fx!oMjTo_}zYm=o~C}osWFZB+jdmiX+2b0><
z<y+E*irh%S_&B`e+8w(h)mphFZy~~S?Dn+ZN4_IP>?>s29lsaBZI+vr;Z7=A8gaLZ
z3UlC$EGzv%9F6cq3gpoWz-~!9LeR{9>2!RbFS5dY{@Z^}X;m2+o?Au=!8aizZMN%O
ziWkmu{xT4XJpot?`Ea2g)$Vh3Gfu(fR{>%B{rJWF%RefFzZ^77NASUWfPedMK?uZj
zJBgwj-Jrc|OJ$;M<Y=}nJNrr&rG7YsZ8sN%Wp-&RZEs|eCC8Cvf3#xBA{9<Ve=1X6
z1@)qWn{nMqU4nl31<ZRt`enDe)EOU1qi1$Z-;C~-0|sUsoRy%P=ES4ql+i;!fI?-p
zgI@b4x-lN;{6wTNEe)1O#4|>BzPRY76CHKQ8-aCLJ8j;Sj2`#a3bm8v6&Pso#h3@>
zWPMq-9Z|QaoKVi7meLTJ5HSQj_DB+nt)Ur;A%IFFoARw$^hrhR*3q&FwQVCEae!oE
zBH0z7BJk>2DV<Gp^A`L4<UsJthj4d-^iS#3lfjM#cy8Cd9q$FhM$$XpjZY58?<?b#
z&DTkNdu3}c0t!8CBa6LkWi#5sEg~{|v)#DeAamS*=_1h!-UWGy*8I;yee$1<#3XMg
z=M*~C5HBYVJ2r4mE#7~Gw^v)$P7atj75);;S%-CEE=7_Cvv;^>2VrH3VnX`FlMES<
zd=nu%--R@T*Jbdw)o`V99Y^%xa^+TF>oJ}sw+?qRpf3!ln1F%a7@`LdJISPnC6804
zX7UmthP*gr=X(wec}qYZtFm@(xV~<%MPSuUDU^D*Qm1Iuq!h#sR-*%`cTPSD-Rb0W
z*{9;bNbYJ!!bdwNU&Zi$i^8#x|7S({exk&3j9z}l4@(kP|A6`z6D(i$M_rT$%G;GM
zjaMVCe+>JdldNgN+474uNNMGwR0rVyo_ka!Ft<46<ED>XZPM~5k;KM;dOxW`Un%N^
z4=_JiuJ{d}-v^|-oGagGrL20Jvz_1I?|M^ir=<{BI7|~JOz;AFjx}+?i<^8ep$`-i
zv+bmVYv^acolczy8n2OlE7%O8axOZ*t`XP04hyA4cxu)w2bUlm?{coHWZV^{j6~pd
z&1^X%H)dq>rp>r1u5E~mC42vCQl?~SoObW3S?Rg)<5uEwu=Qbcz=F;Y&&z&-ol*eO
zzY2NoB>m;!Vqg*KFesFRZSdtiwEPt%PeM_IOxY8fGda_5yQ!y}^vyJb+8A3JEGdtG
z7r2N>Y0Z0<>q!o{IeGppjt_|rUPyYwn)+LMAZ8Q-h}oU2c1Yj9n(C)NxD9bkAf7!*
z&+F*<p%pxbsU;qgu$!I)v^@%n7gffk;EfLgqg8H523)srKFm8UG*4@q@w>K+<tKkl
zaeOUsU9EvY$wbhUj!SCSzO~E9%{joqe_FdO+>=!4@euQ>Bxc(&xD`n1!{n3JT)Jv^
zX};x^-j0tV|B-GjnkFo3Wbk^HS=dnHHuH3F83LAB!L#sz4o^x|?~BrCA^jWC0z+O5
zY8}+>ou@&5gnYAuw*jFt@<R+LH}1lRmBaYpEzFK>$xe-eA1|aV+Kmq*N*gbZ0A$>-
z<(gV!Le$z@nKZ=1TnrwbA7TAK56G;>hplPmylcyaId`JAEDS~;lTK|kunGc3GKEwa
z9jGu32{Eib7OEUYHV%ZSnWv6Kb*?4Taw$|9Y`vX?l|kBHQhxzjy;M8K@GHSb$S5z$
z$xnXwcyvml&4n5%*o1=ROuv-(%BwoqwRpl1e;4A)(1|Ill!p^->Fla!QGP`Zgwwj>
z%rx;#dMI*jykLYSot@~ko$Pq0H8NyiZOr1@)0uH$?|32Y62b*UR6i@f(wtQ~Y$~i+
zG!=eYDtGB@LZTcDDH+p#IflLnvMLP>EkgP`a$!V!%cu`6WZ1#=nSLK@?6BX@jhN;a
z^`+E@%<lh9Uz(Gg@)$=RV+NN*zZ#AK84G$f_T0EY$V+6K9B#sFy;>jSpKn`hUq*h^
z(dS63d^_v!p+%D~gmn8ahlji*#N-DU!s>0RGb8R&8_SF*Orm_(hIJq8(d>D@%|b8g
z#DW6(Z`qRa@Ja193H7sUOW4_HO$lB9h_q<8c4|4`>+FN=;F$<h)n*#3p4BW}w83Fa
z5fF#Y!Y*U^B3&JZ5b+?I<EPZClR7%WYkEY*jLY<Zy1li@yCSQt*e_Rf(x>?$KIvC;
z4$**urj7&5jVO$Xx<asUZCC{ksU!5#k|F8E#wohpajkER$YW*cWp}d6ukE&`u0f$2
zAE%T@^QCk>F<-iyaJ`dHcxUPgYzeX(A7k~>=O1Qa2xEU`2|rXm2#$$Ki6~CTC~!6U
zQDP5Xf_%0>cQ;K0qiMI=HBrOQI2bGdcJNq$W8mZ1`4p6e|C&cUu@ya*n5B1-&gOUb
zhn)>ttFr9L5rn~vI{G7WH@FW6UXcl<>xGEH(p3j~Qty_*{on(GsBA-8d24XmzNVD_
zhEyD3_zix-3Yl+8NeEQqPYIK=ahy}?Vi<$1!~{P>#I3b!(>hUz2Mq`PRRW@-<Al~Z
z%cApxv|s~^H5<;O9sokOb~WS6wRCya;wVx?gwbh`F2$FwqqY^Wt~#Uf-b?_(BL1A@
zFSl@1Ql~Ms$Jx%f1#$J#vjeOWqy(I-G(LsG>$D&HN0VOM)YLio4%FJ@FIjc6u7IR{
znry|CO}<x&D4Y{cchS!ZIy<<D#9W02{(CqYpI{y^YQsG+K6pXnlf<F(hR0B#@XwlN
z%K9orT)}`<91VpvL_768mt7Zgp86edNiJ3}!@SP0rX`nY;`YA{KoIG_icw2p1ba0d
z%fLGSHFVu)mQQFCr@l6%-iZo)9<vS${23s`8tmWkVY%t$*ZBQg!Ynv<)GThL>p`-n
za9e~NzAZ#+Ry_U#IG57+tl(Dn=jcv1K2Q9pQ$|SyG7DT(7Xt|s1!fosN+iXp)~Kg_
z2ux?kq7T5tFcESbL(Y#w{9`y54Dbq8ZjNAV-p+w-Wq%2?K-+gy$Dxj-eb!ybRAoh*
zPP4m3xN8g=?>=88-G3u-mk|b0e-qq1Rm}eAu~O5hYi(eSdst#wagtZ@dQhjGmF1n2
zQ{b3JgthSnvIji?zlmuiy*eFzk2OuaWzPN>YP{wX4srr=y~v=OS_8V+PqwGi;V|(|
zR+X#<@ZfxJn4ODg>9#q;Stb{(rdNNT6(jk}0Cy~IPaVAY-dpX8b?>dUlQ58q&#8>l
zzuYQcKe)-NT)*Lq+-gR*T^XkjG;nMz8b0@$Uc)W>hochEn1Hw1y;%@fJNfOl2KnhB
z-d)H?W0{f0JKf_7;q*w}f}eL&vL1U;J*K{}V)Tb44?_dbzmXp(ddYHcMx!AKPA_I?
zQf4F_yB`+h^7VLn31z8vZrWgVqbwV&p6fT%uw6hRSTKpQyT>Kc?m<a~=Z>7Q3-f?|
z*Y=M@7Q1cau}Jb@UwgmlBSM}G#ylAjde60R4<}A0FNM##-0l@RL70Rp)d&XR8bSVs
z<sWP=|ES=bv-~qCKeKZNo6E2D#r2AullPaAh+Zj2ZX50ub+?6O<-L0XqouS^%2qJc
z%^W;g0hG8nwV5XrFp&bvl?WJotab5Iz)&Tq3l%UCFY(PQU&l$=DPM|KWlLqKN2N;S
zE6j%Rlr1A=5H68Cw(*$1E%LQi@|csqlrNGnmwahSAX_3wJrpaIudrAaWlMz&!X?ox
z=N!CThb-olFDII#LEe|}!evNf3v|0P_CuWm@qMV*!G`Y0d12g{Is*G!Qv!KX3X_#F
zoXBYAc|v|4EBrVY(&--yr%G(E@B#7*nH8rIWQYqHBy;C^<oEG{Z%+PFewp3e@;ihy
zrX5z~`e@8j1-zZ`j<!X)ciNJ>9aPqj2fiGHooq_Vx}8eMIwPS=1oh2ebJx$QfSx7m
zT9@G*I#E9@&{97b@1F}KwWZawrtU6deluoGjd#HocP2xjbh-gw%wWEVQ2~>qYHoGb
z@y`L^G9C^}@Q(c>m{#lNOufF?a@^o4NIIISu296BQZ()*8cbg?JU^Wo^zPW~Aw=+`
zQ`h4AVyrQ{F!3W~kVi)T3ZSfm&JlbYUqZ0!-+*we2d3%sS0daBCV<XAAK~>UTHV)8
zi@Lj7**#pTcJFR{8E{sQ^n_4`L(ScNYvU_Tm<ZuN1<8SxG5%R}gT76q?;<NW5BTli
z_$5-LQ%#Wubx@X~eGRF^@pU?+T|XY>;Xk{6vSnA>g0p}Fj+{ECnZmz-B)6k6oDE0g
zs|Xs&0wx~<FA+y=%&x=eWwH%zT`!^TXqx$f<#?8KIX2o%{S<g=Q;Yc<)+yUI>L>LK
z)RCpxp2d1H?z7>><{(zF@*TR$|AT_omS6J?l6Vs*Jk0Y_;P_kSDf5qB|8Yd(2LFbE
zU3km=3(w^|#+@qkpfukUjQsU4LD7R=1X|PLKN)kYgx?E#7-u)W#UxJS+xT#rMp%9s
z%x@U}9r`Iy;y}cGVSqRg@ZB&#90>Sc7$6SRPdfD}l;@==k5li((CL4_g39fjw3lQ4
zbRmAsY&O^m+EL8sfF*f1n8c?5T|)*7+cu}3$#x^{I4ncL0<pniZvjkGfDuiAxL~Hr
zNGOt-P$Iw%nYxekg!g}m{EO*s1_~%?;vLgPE}{@xOlPqP=lP^e)}xjiTmfS2qLcQI
zLsit4`(*1*R$9Uy@_*n3OTW)h?OVBS{5z4I|3IMazX}b0IJgPFkRvFu2<rOB5+(R#
zrS1d#%Ls2bB!RR`9I;@_TzfkrHOcWG5GV7?dzFb(y5Z$@$n5^9_TYCuKjZj!hWR60
zyZNI#OviZQqMz=OBP{<&kfFu1d_UnnDsoSLI%b-bu3nt%Sh45|*Z(#6tK5V*Nz^jV
zF@qx7Pp|_Ok3~|j6JInx(?fP)l@JDnEz*Rbw+lnYY<PUrV8c%JCL)YG)&JBgk-mas
z6#G7CWPgod>EecS4Z7J4UCeHXb-^_S+p#_B`V(yA=-`*y?oHT9u@u69ljr{7{AN7=
zLPXcOd!RC&bD>Ze`+8a0%nz6?8_y5v*kMEI9oz!StZ4=W>m+&gTtoXM0K6aJAdDaB
zV;c`JB~ko{4$^f4=;A+w{TN~PT4+h&@!tv}8vlh5xcAci6S}AQTONb9fR20pA><hk
z6##uZL4T^rR<Ry`Cdv3)U!sJH_%$VZDii%&6G?aa3%HHUPk@}iCx3(2#zkd!UO!1o
zkKT~QccqW7(`rWVaK7;%K3*-174G0Y&?us61_R*dT<*pAUMp>jwE7dEJqKJu)imh|
zZbkliD|j_NymS9ane0v2#~{qbW`_U461TqE8->|k#)i=&i-;r*{y1>eyNhU==h4-U
zy${2sbmPAfS4`Jra})ZMv3G`IC-fW-dj5g*_^&~RoO>N+O|#Zq?|T2&%nZ9dyz7Sx
zjb9-!Q;TL|--yrvPdarc@bI5C&C09~S;5V~SBIsA`TOUPB9!V?2=s48J%m*}st*5q
z=-iMhQQw#(2zVIwYDvX9uVeSi46%m@cS{txSI4?hGL&(1xOGtfB|t)~bjvWVElT8I
zk-RJNa;YDd7s^goN6fHwH;<K)l^H9=ZN^HrTx*&QDI6=0EpOd%c?L?BBOz1LG=76v
zoQ>|niu=7N43@EQri1s<y$tT){gLYf5<eNBOVZAWvSjfrhw{97>f_!(-dD@V_|{r1
z>*36;<4z9?%Ewb|IKGR&AK>pN_*?TbB($o76Q^*c^$++v5&;kQcRk>^z3(>sF}Jtj
z@16L2AO1dwzmMV%+Xzyh!{3+iXH`#F_eJ@hy6y}3uEEY<1fF}$fK@$h-Nz*6taVI<
zz;#gJq}C|q=dXK@1a4mUF8OYoIK_qIX8gStf3L^iTk!V|{Jj@{Ybbh?4}v$f$-+wh
zj>+#?^1EGrZ<61S$nSs3ueFMhOXc@$`Mp|x_sZ{Q<o5yjb;bxeB)`YY@452(0{Pu7
zzn_ucAIYz?n()iy_iXuniTu7*et#stgGUqQbosrCzjyXtHz0FT%l|Mc8@s<IUyAU(
z!`;@)pMwbO%b2{D0sdv2ZB1fZkZW~wLN~cfu<VxKR$O=Q2d*7DT|=iT>a*@NL{}AJ
zjUKq;lL`Kbm_0OR#bfToFiyV&elPZ@T)d$ZTUEOC)2p9B{Zu>UTN#InXDH>QQvT;D
z-8lHJ+a&54TV_hwe8cwAIGnh5g|XtrY~=`2nQjd8Q)w(C4BJFH^&tqu#WIg&U_C$i
zb}+`who&XfG!u=}noQKt<z8w@P<q_|EGXf+!9*NormY%aNpfue5ok5yctXzziq0eo
zq3$NIvd~NWPZCV&P(&dKQX;aFkth<%<fP8Qm;aES!K>DU!ZP_FMPj((yqpUf2+L&Q
z7zXqxpoWUXC<kDnhzW4SRG@jJQ`<F*6y^cWM0&-EeMTN9R|>`o!lO*i(oE7Opm*|G
z253IN#DwW;&Ay$8@{_MdWLN=l?(NPvdOImR<_At{3i)%*3=&()_$fm`l>NTTsFlDm
zm3Zt4l@SfK$5n8I3%E96>dkCS!sCm=^3Tfu`;RdHePj%^u$Zj;FG0{?u7b#Yg~E@#
zDZ3?nWt}VyfEH7%n7;}DnP;nQUS*p_8!cIJ3xPVH!i{MNqgn)c#q#|W<PZxE#INN#
zZR&H#ym2HEV_fAo_+o<IVN+*`D2R#w2Z#V>O9aQoh2?;SrKVj?jem<+(^e0koj%=^
z8WyTR%RiIIW7JxLauR)|9DEJP%hwOV>Xllre6&(Sv+>$Vylz0QQ=4yy1l7SkEZ9jV
z1mm#yH<^5-LWZILE>|?-c&j{?u__N)FbYG_fh}0<y{K|e9Sd<c28qT9SqEjtuZet_
zHBG;LOXz|DcDaV_BAQem=7+BY?bpftgRtP{;plWREmJs72!}J-TPDYzio-7dbtE@A
z@>ImHkohv)rn_rP&-l1LL&K@wS3Lh)m{;MV&j;~w1FX1k_6A2B(!n^K+imRrv;E)8
zx-!5FI5+x(`<4{bSE6DUaSLc2M*@TM5&rF(+NLi^Rj(Fxue6z$f!19zckJLa7IUQ?
zH5M4x*OU=Zo_Y{T^ZrtlpfG|b#(ELxABLZj9FV`Xjy0509y|f!<^{Bzj(sf?EQ0Sk
zsQ;}t>{uPC;MjZyBzp+m&d|NOuM?pHIriP`)B|KN>XS?hehW0)vnX5b)Uu$F=$%5F
zsVOW&>Hx(^GRjZ7v7CgX-(@Jj4CYtDQBKy4g9*$lq;3dR&non;(Jbz9eE>`x!P=NH
zw*N=?6bGiyf(sx=qvVPZb8|r~<X2W?5cvzFfK)R(361Mrf>?8fk!2aJH}scQECOvf
z)1z$6?%L9g`p;-x-g{qHMyrxLl6lv%RHf&C19?Fvn5D`@VFcGGCnVx`h%rd+pBqVS
zQ9tHwspqA}-Y(l1;l4LD@N;!@or7kcdL?*e`*{>QXF4EOXD2rEYUr(DJ-TB*>B9N>
zpCQ{inQ;t~6hv;?Y`+H{6(#Hh=B0fM@R#DJBo`;_j>HHhq#WTRg7jrClb!k>3dWtL
zc{;ugB?fdjLujOvm$9W{$|;*ASAg-52K2&G?ewzx#XnO~ho;U?Ud@E6ViADtz3G%C
zeVQeA#_0NiC{!-2X}YnAYIVONk_2%DY7>mqacEomPTBR+wv>OB)g?<C5KHb~yBv$e
zkxX?=SK+QV^#>O8YHX3t*;kUDu7~W}<XtT1_oH&ge8?sE@Y^UJtzs1@1s}#t`ROGe
z#7{oZ;Y;fLWahY-4-DV_J8WY$d{~A0S3VF$$OpQ~hsBCW64=2CE{Vbg7Sgf&N8sCB
z{;cJ%1YmQi9h4(1HFKY<)PnDcz{h_^68xWnT@Zw)qX?5LR>7hyf`CS?&5vg5n;3T&
z%NPpDaUdVeS%VLmLNCAK2kt)5{d9b9kUoO3TJEU}jz$wuIO&7)BRHlc?d?o#!*zr8
zs8UZG?fv%^J!!OsOdV}dS}YXH&j1F~2M?wO)`>|I<+4+ok>8DpcBTc31jF{*fO{By
zOeiY$9DQ@A<@p-`hl@?-=#anfW~SQ6XU<U`LVh=iT*`naZ5B!vqx*sY9gkvHhjP_I
zzS}*&+dCg;A~ODoKwie79d~LowjARCpgSJ>(&`)b#{Gw&a6qf}pe~KPo_I6M<4mRw
z$Cj1GI%H(2^8~Uw$UzHG$7L%xgy592R?%ymNRXo2I0@eoXhsl&oA4N-F`mR&(?nG%
zVzV2Ar>+5s!DN-4H4&GK=;(<dj;NLGYUc#_;ijlJx|#eiSTKJjlAsKR<=WHLPTez$
z@tc{*b|q|1doHnK%U(L@2VB9zb){u^df>s45U)Lro?Pa}(O&2mBA*%N1F#an%5jY%
zYoQZalgv2l3GOlWqAZX(^yo-ShgjW};cZ#}JK#HNu}gas-LXfd6Y&xnXIO;hVzee1
z0zI6oT8IuRK$^3iE>~H^O+V0)b|X~g_S~C>eRaiZK_|92L+Jls^z~}!dj;3G!>2jk
z^&9U!ThvR{!q|`0&gY8Km-$p56Q<>+rEtGbxjG~g1#A0nQ3NxuJQ?}D3cQ+nK|hBc
zJNOa_a-A~fM?oK`vd983Qr!&gl~4rH;rh36uM66jBLf=qceeT`qsze4t+HwAYrrV&
zf&Ek(@iMOu7~GCqs<5%P-f8bx3-*<(o$iE00N$3p(o&wbs64_8#~t*44xU)kY(PN)
zvW#aI{b4j5>>$gF@*n&0s~wVTCo$K~wq)MBJYx-|&P}ECLcVZ0UlH?5W4((e(5>zb
zaEIG;aM8d;@HY5kRqScP`A<M@CWSpsXbq8c)aDYnwtVv2QNKTEO%1b_mrn+3!m;3`
zmLLm04qi-t8o`#J62E^KhFi>*72*@D7LBCS$Ng40SZXzrRwENh=XmWBjj)4HMltG!
z?m&{D3W86?amHt4g0?BOZ?O>d6D=ve|6@)$R-y&5{5w7fE&7gs#ZPr*a5N=C2}p$d
z8gB9nK8@_qv6DgEZ7Y7<OFRyXpqAn@5j_E&DpO~I7TgI3TN`N!vZ(9nzeld2aIp}!
zgC~onIJW;xNMqgzp2Vf2IIj#dl7N|U_YUCZKg&M@;>rcdS6DN$AhCl75r&g313yY#
zq2W5}0qVPVM7yfOb1pwaLJe1_D{(f;s&`paPgx2vc{WIg>g95LMvil?gic%HCZf2q
z#`R6MtzC45<FCRhz&{PupFjzb+DbG|<5~D{D5V$e#7eOZ<B37=NHUrxK=4N4CIjr?
z&2WSD%)gH3jyr%J^Jm5dZ$gyocQQoU@F|$L^PeO7&b#5FHuT@km+tVd18z*U<s|I!
z_-@DF%klRH{CyRFT(Pde--Y<wf<Nj*{|SG0;?JpGy8N+D^|Iwxt+@wY%T5QUvu(gy
z+nEj?8#=3<!4pFFVC+QjDPeH65S(h<LvhNXM9QH!C4<A1Ly45g^KlWv&fv5dVHnJm
zCOCM!MyG=(hH28l8DZFy=m>}SYw?=WnFuhy>EJwi^y5r@jZ-;-JWW94cP<b-|FM`@
z&jsjH1eCu{dg`-8z|gZKl)qu<`3QZgg!0!(cTasT1U_4W`5OZ70`Su%RDK;LQ$N*i
zr4!jSg-`tuEfL#ttl%6;DZkCsm#4mn9z$Tx6&U$#!cy&2?7dUB3;?uu>WBPb=jq=d
z!PF8xxuc$H(sM37uqG1B0KeVDKba{d9%#fPXqHbMhl!A)?481v8+61|H{zo~ko`q+
zrV-MZvPFk(QBLuf$KPW7_26#^e>gc_(*dKVV?|A^_q9G5Icoj-31tAgE&c{Q2^y^b
zWPUL==!TFpF+NchIegE@!>id$zeMdl$4RrN;HljlnPCL(Liker9fiMK%a_zLy!Fel
z@Q<bF#b5F}awO)|7lLOsd@nNJ_2#=lzQIO*!txxCsneHWj_I1}qXfj>GQB%YtTiqB
zL}dSmHO;LUQ`bC9{PP$O)ftgbok7WA-$siI|5^U?!98vwkNaq6o<2GasN>L)YEPb?
zr;kowc{}>yQSEcn^Yyvg&`F}t4fshnuE2*~FTEUnC3c#j+lkEfFC^Wl>KntV7BhA4
zj;q>{;LPe`Q{(qVHO?|_L;1A6#V!`rH^Rh5eG<My_~Uma{xHW`zSON2Cr%0Fld-JT
zEdHQj4=!bm;ox6znbzP|{cK5Aq^=!fS!>RF!DKBEQn1~^e4k^!lkyFw_z7k0Oh}U$
ztAl4DSOu;nERs4kYR9%=Ynn#OSnB4952cRLDs}SsUzdL+2~i$B2(I#<<=^!%G8j<m
zWClPPjOPjS$)K%zoUV2U>+2hlc=C%e29Zzb#HKEQP&KZEkd2&@z7iXia46N9Iup%B
z16QVXMuEUrM1lJh>uDmhgBySs(~9T70}-F(C*7Fhr`>66$CskcVDO<2^ZO@)2e0P3
zYMM!ubR6;{GHaUf)-+RN_dO8j?yH7T8hE1w=JM6Eys3|Y&a25@ImbiZo_Jy^_X;Q_
zkfY?xc7fhe{)u*L=T$(xLw@$6G3nY{{cmdVzqQ4GdyD^{TKw;B@!t{o(H}_`{xqcl
zyG_22o);{8E@)95G-he3*9cD-CK?ND*mhN8@lU8Lp5qM~NM3g;h5H6vRbAY7U(prS
zMO(HGm87UH$~7DiQ{8bPwQNlF7I)ds@}sao`~Vi(j{F8Yhz!?P2mc~r{FN~1)+^|b
zo#h#r$?xalp%UJwW=-9IM2)LKqUA5cWUnzz=aR+?Sdh<{a&^rDum!-HCbTWaRVO%?
zD-W)4p3k(br>BDlw+IgyBy;p&8>So3at}`(fsAoxcUq#B!DCI63@^AIZZ9|zzZiP_
z(=f<sX4W)`x;J<wVQbqI9IYvRe7I^t(HRNp3|_%6*NVK4;I%@7q^4z(M7u(C0Bv+`
z`z;VJS)@V1KoYn;D<%bM!JR;c^PWQK3yBywiTm^rw`6DN!+cthEOBMLH#kkPpw^#1
zd!ZK^t<<eTZ_L}6OmMDm@@Xir?RSEalh1)u)`P}2=}I|55==Q<VW}%iAgnTPi}*!d
z8||W4*r4qS)zGx_tH-Ob79bJ9W^l<!Fl-s3b0g1m<!A&KIyV*EyjMr{iQtCq*n$RP
z;PEQA>@TSAN#u#E!X!^DHvdTJoSkbanX6fontXq-&wTw<^|UbGS!IO*f%%5#wPt7A
znaEa_o+i&9?K96KQ~gm{EzvFBCiN-&y};x`>rC&;C(q8aJCSFT?3ld27v`PNZCctu
zjc)VE)DcgLb(=i@JWHNz<UZPi*XlTfR2sAuyV{DeJ8$a3qp{X}ye-YizlQZ<HV|;G
zbw6bYRVZrz2AGI(Vh27P80h6!{4Z5Mn-s(C;Pnt&jkA54NVF}fy>U1Agnh|6fWWx2
zmwkmAFQ5>Zx{*zf)8u!XHpsK4)TQo0I<C@x7g0qTv+F_{r>>Gtr_y){6a-TnP_Vpb
zH<tIIx3Q*Q46@v*Ujd@A0wK_J{S1SUH%(7)8OC+L1~MDhBB^aczYk#CaY_igTAun4
z$SHW!#25SrqR@38o(*1(RQ0}W@b~!2bv7Mdwy_d0Py{ws;hW;Q+Sej&DSh7wc=*r5
zm3_g-k#}$l0*g5BkGBWT63^8oFZNW=Dux4Puoc;T8ynLwULFlbU@uSM!>O)1h8J;v
zDV0A3QR2QYRbC3W1(?VFO3%iggr@Xa<b{^J2Oso5>D0eqa``&)QyC!pa@FljeF;Dq
zwuZH+x4~C%c03b|3GRm5!;`^Z<2U#Qe%nUQcY=?=VGunVoWxz)xo~^8*|F|)1s?^F
zWoLseN2BO_;VI!o(!BpRy6_tDxA66FJ7^MjHn<GHJ<D%XNB3%9^D4DjHr_0KE0W-9
zW}zy={3Zm#*kksNdcl_o<W9c=<ooZ1+n!#7N?H3Ja1m}+P%s1T>V_U_mT-@VRPirZ
zMIVzClz_<r$e9+>3%-KjE`JnN?mrf7tJH3J)vn;{2*m@x?}^i#xQ{d)NK))D#r<ZK
z#-66|1kV8<4I%#xLY%2T00R0EsX=@CIKb?xFGd~F)ire;Wmlw5YegAW#Z6lgW8MM;
zVV&W!BbKo%_&JImR`f66Zk&K%ds=^`X?z~JcfkrFRZ-2a?v4<?5eQ2d$W;t*ha*!3
zUjRHzsMvF<t256oH;zYyK~P@Z6(M+iOp%E#B<Ou}96J&s|1yvp(6-g!hLNV%2`DSY
zo<5mG{9m@`Gf*>zI+Lb-H7>`b{OziDhBls9QkXvY4014he-QlOPVssP8_NF~k)=+r
zS}Ar)m1#!xCxdw>3d<zlFO!9jfxoMSmPJP$7fSIfyP$b1_oyd^e>(m55$R$N_s%ai
zNF_-rtN=;)bx;&B;A`+e2zE1}>s4`=xDlYQGQ<PvthA!1!r6E^do%68q;~u|<YW#3
zmux4M(kq|96~;5wvz?w22okg<zfNiIDt3)x6aN(Xvt*<bHxhRRx4{#94%Er3S4)Ch
z*&UYoW|j2kB^>T4R)SkeWw(cG`@2nnrD^S}nPk{Zw8ych*O8+~HdSix>W)Yb-T?G*
z+gGCZ*>1COyUj|w^#W~)Y)Wfiiax@gy7Fk6{-2HV`Og*S<t*y+#K|)Q!SmsSv|lYD
z+Zi$~&MWDB0i5>qv6O%YoWWK2kzv6$4gFd$O8X&yIhZSrIIOaL^aPxDbB(?Wb2>S#
zkLv+~nJ$w0LJs1z$6%(OdOiAh6CeBl1mUf%WATa2keb)97hH}u1Lg1$AVQ956kt;2
zIgPS@pgQNQO}0@%rb$}8KT!sZh8`?&)uC0c!em|le^EB^sM8642z*?e;L}(Q3~>LL
z?qlel=I_uV<RV9(IGA=lw8)+&pcrptLpOH+uu-nBm%+g}D$PX=y>;IN)663&Mk7cG
ziXauv^=*{cHb;Vw7DD*z%ElBWs$M`9kve}RN@O^!x&dkh<2ulW>jvLMLoi@p)yhR*
zt%J=CWI>mTfN~KrQqliFN$3&*pf27{J<i~^rHet8nKKZMZt=*00c<|5|9ezjgB=hq
z<P&ky{#&}FuYwfJ8z?U$5k7Xvz-I=@2%qa)kf6p%5hl`M$=y<WAx8#o*dGMPa>IT%
zK6%N}^g97Z|CW(|$0g{4Okf8LFc6UF92+dQ#6JYO-jKvU0v_QdMkxx%DLe>|5XiJ8
zI<Pk;VSj}zLs%Bu4ZesHhhy3=DP7t@^Vbc&gaGn`bIRXf_Vgy;Qa0+@BvVEl0bwCA
zU9-`}a-xA(emvO@(D(;-s-Bd-!O_=@#!V&DAw*+>pCC^&Qtzq{nYPodk%<=Me+y>W
zkwxVOCn%n5M!+~tna=1@hQUm|FXLB1%xEcNh~9?c%V`Ewr<rTP;lCe1N<$|2DYExu
zYZ2NlMLR2p72*U6m<@hLIz4|m_}*ZTrTtcYi|N18;qnmI8XjXdWxR<RY-|<CNV{D=
zsLceI-}CSya@eL;a-DQ7Ln5pRbE9`-=bY}`z=ineH!v#8LQ*qIbOD%1)|c9q##&HQ
z)V{|b0ePVj-ZY4i+XM?9VD(FD<z2fh2i_5pNnibFa7|`>H=(4f+q1@ZGkn-GVc3Vs
zjtRd7;kbx0)A(D8aJKPMe2VF{H$Yr5Bj9Nqc?ENc869|TBW5bz$ZK5BbO3!DKpQvE
zqlEB?8Y<}yHa1R72_vU;UI`B*g#s{&$4mMEGzzQ~3O3m=3K#iS4^PB#Sj3zQ)yvj`
z?SBt|a?>UaajRLWf5*J4g~rS9<yxYX_JXlRkK4Xz3CbjGu@7JNXHlOZ^9Jk!MG>@j
z(Kbsv!kgoE=&u0&oaXP!tkU#3JY)5isEuLPK!MHk)dwdC;M62e@L!;~<~hNM_{L0R
zUT*4{!0}e#s4m4mU%vo`;3D1s$K9L2$yrtT-<9X7wYQ|xovKa(sfN(8=;}^F2QUy>
zTyQ}LckF;d3<?sF2fBkx$_l{+XH=qb+y-$OoJDbW#@$iIao@#l#*vJJI;i8gZ{zxY
zf9Krisi!*~7Ulnb-uK_hQ+L1j+;h*}&pCItf}Wzr>|nJ2Vpvk0a|AXFX}5Ldcw(>p
zDo|nGG)xx~#{lo77i$XG3mHbNQRR@5lG=9jN_jRS8+$3X5Y2y2t#l>3$G{F%hu!Hh
ztn25VqK&5=_S#lCuTF5Eq8GbYVHh4_<5%wL{3Yr<17GfQcFlHWGZh*Zk-fCiX-}=<
zWGX_QVfL9SGTo1BM{8puMHF5y9EW)UCXKQURsG&#3?_kTB^9DmTgS#P!Zwg}Ge^al
z;8<W!YOITAo6Ylgg7V}8pdhrT?vglyhP6-<Xs9flIil=I+51ngKsBuVH=^_9LzsTX
zt8shbT7^7+O5=wq@=RNxOhm02n#h+gMvD!~5`0n1#D);cEuzC0{W6yI<SmgM40o>v
z5827=v*aim<45<|vUe0*FU~*qc=G-k&Avg1RWvxvEzo#Kr=%ybqZFdKQsM5boo=9>
zL#3gz^b;vT%u>^$!1uqUSS}v7Y;vePefOc#G}l%t#&W73cT6bMxp032gJJSGO4kDe
z22AoqM$*Z8|JDzSz|61Gi#t$Fb`raMk9QGTwUk4pQ*}?{0q7eR^T(hEm5o_jYo*%u
zkrJ#rwOQ1eJD7SxON3tYgj+Vy4J<$L6bh2cL}PouLDSv}BUo|)<+eAbu{ItVVl`$b
z`cqHG<0Sw9|J&n<Z(K+o(W-x18?~{M*9M>Si0D>?JcQl-7w22T>F^TjroX^Lzn^GX
zdp=K&V)ywnO5JN@G=4wQ{YzPB)o(*&^EZsrLti4F(e6uSL>;-hFU#3qF8g@lbTnZY
zHM4mnn-}A&J4eM#-b6OAoBw{Kb3oo6BWHb)e6No>Dq^ZUzmux%p(y2SX&bY#gQ5uP
zlj>vQrO}_4;ec)AMAG0fFt>!P;;9J^)&GjLDg4*U-g+}<bL0D79~T%fULl`)T7L&6
zU-QZ5MjfT%g2*jhl{1-UXpXn5hN^g|_8X~o)DfPOtyr6b+mnL~!bVq<xyV+}T;!7u
ziM$rQfA3~Z#Z@Thd!;D(C{Zk*=HP6<#On87T-j6!O71|3Dm%5-Y8Z7?x8sIrLPNo5
z*J@ve!H@TQ$Y-Dm8z0ZK-TWv@s5S>TMF(FgX0IWp19&khVPkagc`&zWeo%jqG#{gf
zMvz0ko6m<x%d0K%NNH5BmFI|H3nVLw7%8_W$fv%An=Hd>L(ycj_TB;$q#WY@pDx`z
zpe)z6Mpe9I0p1MIEO>6km@3`;19T^s8?7T1%5up!VWpeDig!wJQ}xtFxXpv5o8Lt^
zc?s<pqEH^ZyGaHU`5<W6o_vGGVi}bc_#K6^6HA-<xYEs+=SrFGi-xOEkO;enBwa@c
zQ7`1vHQzh=w(3VYjcwUFT&o{ou~Tat7-1AsH`Eir$xrBh!~J7hhN9$CDt5q!=HY>9
z<QhJU&&|L1omWsDcIpW?--@$7GT7e0yFi21R1FS<yh{y0rs_J@Z-)m_M?J{<Y?ME9
z)6H+mWiyS`tx*mMWujKQ2IDCk)VHd{XXT?Z>R8l8bVY)ghf=~qK$eldgUj{|_f6gt
zUVZ(EdkLQE!awpc6-e*#GR+G*6L=%^-E8y;!K&7D)}2KSTXr<-@ON6>nxk7DHrk)Y
zlMsaJ*WX6!+WWsH;BZ>Q6^o)U68K(JDy9dJNkvsYaDIWRMHTDL5nE_pNyLNE2pC=<
z7>>+J8H}3e%)OF@Lh>1<v1XXul|@``<L3)W6M}p%q<LL`S-f@8SUft~`W$&2j5i!a
zX%<AYAX&J(?JK~586ORPHo_cP^d#tqbpFi+dA60i@|dnh^-+h<N1l5uC`L760M+`G
z>8sE@*7FzswTBf?s1u=clKvPfbVXpSN8;<sjpB7tb5*%M=18*n{0*dg6YUmtG`*N;
zR{glM>-6-@-5i{0dNz=_e5>^_l!r(pt6I0AVqxs^tc`8l-Y7EM!!CeTne@@rVLO?M
z4Kg~-Y>JD`{#hS!icM6vqlJPA`Z(kSJo#{G7Wa0OnHnw))_m>zA>ig3d03d!1T@W>
zqbP?)aCXvRwZ^jrs6=a`wj}k*O-z7ogZCSN1!%K@oL!-Y5(o4@7)A!5GzL;zJq^Y@
z8)00wq2yY_IBd(c)y803sjY4OlJy!%csSF%s&y(VVzt$^HEgY}ez}cO5Z~Ih>eBO@
zn|H>pmnyf$_ABYvP@}M<yI$5t_qFD8i`MGJ?yKaOzmlxFua>o=U+yMpd|1KUnS30V
z1#6L~2;$PQ=pn+VvIssup9g;50)APTnEY4NQK8dgQR`+(N@3^-pu`q4QRi>4qm*N|
zD@!FV&R=*uE8)oEge4~1ly53|xpfQ121)GdlzhSt(PJ7ZoV?g!G<~I9cr|dm)#y{@
zBhOzCwbyNZ>pw_5+Bg24SnOy~>mW|<1xq}cdT>|N5oT<z9rQW2wyEM8Q~*k0D2}Zp
zA195b#rn*8G-riGAH=iFo~ZQ=EK`4nXv5dB^tZ3`F5mi3T$$(9x`6UNxxR4WU%)13
zV`5Y|0odOL?9w%4*sD7B+VyDEK#w|qtx8p*`Ad#BR2fvshsj;5FSU=e{GJ?-oio1U
zdmP+JFj8wM-Cf@c)9;Z*B1v`*fqFQ<MYU6isPngkZrE_!7skHl9WFFCr+25Elal}2
z4fjTZme2Ebu;CZ-w{QmzkNOGa<h?>pWvb00MHPymI+dw?Xjc}LO}~dI6{84idYG{G
z^4vRNt^Xo~1hRYTxGOuAl)mH#GRgb{Fx30DuENSfzFC`Xtzfy(Uuh1^4xq32G%Buu
zhWig<J;JSO*UD_|ly6ZHeCxBm2;!KuIl9rbk&kduRz6+(4Z_igrBxHF6s8`*9naq5
z#RR3!nTI%-!<9u?(8^_c9lCSo-%VvkSpTR7AsUMov4-#>S*b=L01Z&d`-s>+IS>GC
zExa9?uTFthu_RcWvcZEZRn&k{`|T@Ah=>f_;}$KXBq^wzTHjXo%jy$TY!Z!F-CMZU
z_!$>YQk8AKuwL>J0?_iZmWEK5=2a{}-u+v)Xx3p(y^9CgW@hHAqCuUdUxxWa@`<er
zPhA*W*F|*421{P=(oH1~+-StqGPlwCsm>dci{!n=hR1s42=i1h;tC3P+V3%@yW7Pk
zjC<YA@kRev^y=_2>d+k6&JhA~En)n3aQ0u!6DyVKc3*UJNy_8P-y(LkCY{b`QS-Wp
zFN1XrGA5<j`CS0WQ)L35OHhOPV(dCXkRYtrplkw=952hO<OV^C7`Qp8iXr%kczM5F
zR=79iyhHse&skCrj1THn)}f}0_5O@6>Xs$g9vYLJ6MMfMC>*^p<?~opIGOxyT*&92
zGILn|?;oXBe&%=>W{x!9BU-)j;572pSxtNtOM3ngmyTK6Ou~)$I*4X7`+J!&P0&1j
z*9;*%f`><ASNY=RY3J`eUz&o@=%)1wXK96#z`=sNR?K}y2S~SO2S{noa3AGz-t;KQ
zG@tQ~u3RY`+Zh=szAtL*GJmwuc=U=vVSZT#o|Fxy@<;l2)h@F|bx(^lcj{w2ZnzuW
z8;F{+VKAM_X^dZHp<X&e{{-ecRX;c}ewdw3Ey<TrcfO2Ep%C$9+>fKmj4$JI=&E~v
ze4r}l%a9|-m*I!*9rHb($na&zp7CYCH<A2^)*gh%qKJdj4CAr*A%4Tfz+)lD9v)OQ
zh6_31u_y&*MCY+!)y24fJU@kfh5qNIJQmnro$^><zaizZ*jG6H#zS~4eoV&n+fw01
zrt5bJHx72-u@KmS$HFf%Iq*^MYv>}gYJDpCU$W?3WOCvAb38_B3;7rf7dlQI>Em$R
z_$y?7h^Un@j?|q=L;MeMN61bt25(%`t*rTNHssS7?)Q7x36F7!n&A<`YsY`B46y)k
z^lW+TQjA9u!;Z;indaD8k?rQceO#JSLCNQpvSU_h0n<F?m)--q^mbm4#moW^BVpXp
z@6?6>_!B8qn?cl7iSOg5LdH;~S%=v|l?>&7Q6=cUzK<D`LvRmL;Zsjf!GDs#M>>EK
z^gDHdw~etPxtH+{AR60SNvAbZf<)J8VvRA!PXq{j9D^Ajhw~s<V2=l(Ib@fhp+Pb>
zg9WYctQw*De?z_@w9OTe5I>q+3g`}EhH-HNwD0NU18WAn9wCEY<}x@cSH+&<!zea3
zgya{*3>mD*5#X=!?hznQDdHZ{m4XOjIPks%_5yi1j#Bmlqm+z)2J-za$){Fv?{7RZ
zBRnI`YvbkQS9p7tbIt;wtPbU_fhj8GuBim>nuil{ikewTmx(;ks5d;E{7i7JtgOix
zDwJbj0a!Zo9DhN2`EQx#xNf+@JyYdzQ7bbESGcmrod<*vnMt_9mEGpr#pm8EIDXSR
z_dfJoobYATARK}(89vEAEekId?iCeu=C)vrvEy`DW~?5M7jo!#j^_n8wCUQx8#TR;
z5t{6lreeGR736y<l4)B;o(rI2_xquk3n>OteGrM4zOBr%O>Zkh=`3OFwlZ9^h3qaO
zJI0kiBfIRjG9(BWaVX`JQifW^7cF6UdIDbE2a_u9Je1$52gDt@a#xBB5O5VtZRYY^
zA*LKKq{w1EUyFb1vv%8P>)LWh7kIEdES;|PQu?9?og^u^V0WE;b`KbL9%68vWxpzm
zn)j{%L$>*AK*gV4;Q?!joL&Xm2svTdP1Ep})%skxI!7hsXABG8_J_L(tb{8UTQBd@
z)W=^KY0|Ul&MbNMMvu7Il}BLlN+$ptj@HNEJ{$2{4`8FweH3whgeWHeW_S{5LU6Q}
z^^>@uW4FWH>!TLfhADe<<e!N59;0^+vgwIg@3vB8#=B6ahjYNMzpAE=bFkw4rVJX{
z@LV&+oTXZhd#TtStQaSNvo`^@Dq2r|M7K>YM}0=?D@d5?Mp>1*sr4Z02lI?XDY#~N
z37wbYNLUJSbB(#h&qEIm?indJx9|wO2|m~w!_FDog=f8`u*~^5vA?x2aJ22I<HF0?
z>%EtHrZp=YKSGatCtOxH$Ni>{s)`$9A$x`UZ73Tn!C-A{rc`U3Pa_6J7;$av+;Zy(
zHITY(*;oWLRA^rj@<$<RxwTeN)D`2hGY2>c3)K^bE6uubN4~wQZf7X+?p#TBfDgC(
z7-2%##?_EKmZ0HM)j4l%%<?G7&RiOmo?Kuag0;sE#B&pkuDZIHpX=z-$s^tY1r9qK
z($c&GqD3Dr0`Gt-GIeCA&}*UB4JqgfNgf9ncJF%VUAfjl<>cQ<atH3pRWA48%5A5U
zQ+<Z6<aG5waLyj0Cvx%zt-jen%e2Fu%%T0D^^LRW8}EZ=Jdz*l>DZ_5;7J_&DPhGI
z#bO4opm|JQupY~~hcnNdv-yx}Pe^B(9-`rIWF%b=W4~KrNasK1e?p-lx)sm=nRvWE
z4@2?^azA(yM?=a!a6YR<J#>~UaZdm-z>`S{(OJ^+SFGrjzv7r)`736;{1iK%BzG{^
zK<m_4s&#7P-0#?(?E4ZhOrF{t+xG)i{qg&LEVnDDT9Za)99&j-get~gbVfzLd{w?7
zzEM7LKaBHj;A>CLweKMng(ukWDfW9m`+cPSUSPkM+wWqfgUgvyZ%={YIpg1;m}v8W
zt1w8xyf*M7w2mMT#K*3rfVmIylc``C5}OAbH#1Lk)3vOKr$D-LCOmQ0-RDQh%V_&T
ziqv0P$Qm!?6Dnj=P6tdM2dCqrgP9d`jZ+A`A3s3^uDJqMiATxv%FL4;=yJf~Ja>hR
zQg>KD`nkjo%JZ{*MM1A3T_fr!9*471#FRRUejMRWu6R6(@h3(dWoU;ooN83m6O*;*
z!wwJlu$LEaWL$vXsPIpsQ^Nxan5}{tA|e|z`{yq^o@Gr`ZQYYg*lHz7a1Pd{;T5Qw
z-lW#ofXb~GbI`pV4P!8s%r}HZC%}xVu7(~<QS*r7>X8jnGc;!eIB9b>q@qI1k5W;g
zfGxbu!!d$sP3yhLc@DJ$dFNuNY2}n@?hD-=w|-{0l3yl#k**~TzpY`~J~HJ{eP!3O
z+AHDFUczHS&T^^*b9+0z2i$$Y`nUq6pi8D5m^FCV*0p7|AMI?XC@$etLlFXx!;u`e
z_4GNFO*$kn5oFoSe5TyPuUjt;O1NSZR&jWybK1ZJUoTtTWEja{dcxT5(Q<kmBYVH>
zgVe*=NRUSv1S?!KA9r`ouX{?_25UVnTCKlAmsC!TT+Nhd)q*lMuKFwwO^5a4;2QUA
zO#fEvD%K8?ZkZBoT$=JXjN9o__acC&RiA(%T+1oNcQV&qpqE8u3yS-g5{@U2@!!)5
zXu{hN?R_kP*d{$-HP$`6!J`fvMU#<9Zfq&L+UwjK0a5QQO3N@#lr8UfOvcFx*rJwx
zw}TgF80Jm4qEzo;8cm88qQYjNu=CYBk_T^3{T`KfWWbF`ys;5q@jFfdIn0fB%hJ-N
zw@EQRES`eZMwO23mtyTaEw=MCiY!E{H}*w_gN>)PpBkGa^x{#vJ!Ytx^oIxX2#Dgj
zS1=^C?x_OfaV{GQuKHIujvDBdReRJ>H<_-5jFT0vkh#}pNz)+O%-YWT$7v*fp3ZBX
z|IB`)bvxr7ed8J_%R8DYTCd^Uxsja4Z)=hpp8j%i?oDJ{aVftU!DaY;8hPn&yue}7
z+&eUmDsZ3Le0-VwK9c$AeTDHzeqYY~r0je=mfyECKfMz%{s-u1?&q1G#CyhnC%?+6
zX&K_&h4}0di@0?k!E|cSUI4LPtk5&pT%*0x#OHTp675bGCjzsdyW7(YF4GRXf+<)g
zK!Ns^n`1Cil#}}_`}8>bRhb$Al`_gj{~_uG?!g$>1MbWeILX@s+%5qp`V{}6!;zD3
zUkrz)c)?MV$ovEIfLI&!>T(--s6J_39+J=E?Lmm0N(d^{RS=rjVjd*btwL5_#xpd(
zoB5{uG^KLu9<yG_B-ZW7+UV|+k%}c>CP%S*xr|bGPKIgZ?(UWq$!d)56=t8mTv>Oq
zPyPTYK=Dy^pW?A(be}4_-?lzo){cJtwlx|roDLh+BUDKU|0)9D6N<aCP>76iY0iMZ
z(S2kDpJ!rKqP;RDM4VZ!Onp=%(OGvM3$=N&+&@9I9CL~*C%M^L1y)81R6wYe1qRp+
zcS6|hCl2UQ&W?m0;<Z;39X%LRe~v^i6bYn`Vbeg6!a~EK0Rc-)$8cya4ii&&N4;L7
zUN7>F?QZEt=Aqb`mzsU8Cm4wc6VuJO(P}a=?HVs|6>;hLHW2LExG^1i2o_Tj>uaHM
zst#$%vWSs3c3vmMAPH;MTNkVGbVe<$;Qvh7$nlG8TC0>76Gxq4+HMg!C0+;*Tue*A
zb8-q#%H#ye2oA9uAv21t-H`VEC14ADSOc_e4!VfD0YOwv&IeZR`$XIo=O-xB_j&D5
zyuk;6|3koED%z9{8q{5Q7iJ#%W=o+KsRVsc;*`?D0KQtqaV(?_s{WLe=>~(a>BzBh
ztkzpH)RL1Ks-xCLSr#Jm<~l<pS!Uc9Vc)E$UJbrsc1ZsMeDL&=0Pc;LgBmq2TpZR_
zaH=tuV&HJvGQdgzM%_ftY>=#OG_-=mJ|#kf5rJFR#Mn66r*kcbgH<FP*FDI!x!-^B
zQ0R=I<TN=)4GQ%f3`^D;4j%5ci}^yVMu97Y@W2-W6UbUzfd@omkhhs&L7N0_1ISo5
zG^RMqhHM%aQqu;eo$jWKTSQ~sun6FGEqk=1G4&Tnx6M3id<%G}oL1(cJ!IhP8XR=K
z1*Yf1;5xUnZ|uQ!p`+E##N3(+j$dsL1Te4_G+*Sulp`6v&Bs-WfjxOHGDT%*YB1Ba
z?!h@A8B<kNLdr5FTp&}@1u~x#Ok>i=oyM1Bvch!}CR4I~GOr2dewjC*(?J<yC|?X^
zhoRgsByHf+MV_tvf|sQV%@}t7k|@g8OdFpx|G9oK`6Vy4r-#h?4y=6>$@Lg<>ojOI
zd2MD5KDM`ujc@D8(oxnr)kxV4*2{9SD!z_n^Z&q4>l8fZpF)qwX`;OfXR3*IwU#G8
zf|z*bulr(Er`UZ-09j6fZtj<|F_ficsr%>FD`C(?EC1b>LKU_byf^i8{j16#)xRpc
zG+1~p7Q1yaBsQVm-n)2r>GpKtlHn__k9GP8-)n`G;rOk!RqH-3S$cYDJF51RqiNLA
z3b>wv)?TG^+OscEg;HUFmjbP-ZYK2+-^?>HKg`(U8!<c2<`s}<Qiy4J7-+XsO~wd$
z4pwT((+O%_%@4eYSq*FD<Vw7Pj^ocPt>gH1wrlDA{aE4d54Hmo!_&pU_YsYawrk2O
zUd`{nT<j-RjeWOrYah@Y3T-;@2Cb}R+nG67GoPx?KZ8V*m&UCLOc*g^f3HPM|8Xm(
zA$WW?T}8bNR6<lQmr-)L@M~p9Db8O7ET^X82<u8BQ}HH0>h8GpUfYH%PHI<pY}Y36
zrDpy<R}@W;??(+E?@`K@ewlMj%+6f{<w|w_xvGlRBo73C`pY1H1z7_5but3vuaq6g
zUu9<Se6=}(%=>H1QR)6QCQn^;ltOwOWCm5CAA&nuu{xHsg~0A%K9*I-^5`gs`2&Iu
zR49Q=C6TG@WGb0VC6uY8(sHT9I#_X=OS0H$v+sk%psYWyYiw`eFeF?>ADH{9UVFA7
z0Y)}(min9a3irqBZxyxY#pv;O6bZWiK0qR;AToElx7FKT@f9^Xh}J~$ZrPYqCGH&A
z@0R7|<W=U<uWeL$!Ajvg3mI9^4)k%FPZ(OvGaSUJ9GxiI_+w{L>50_*b>zVgC!W8O
zrHrfS(3&DHh&|zB>etsCt;JeUS(>~6musY(zX)Zn@L0@WAl*Q_aPThC{NE|Ro=*20
zy!LO9QR==?l_y{EI=un&<D$ckeD}VdpSu0BI*`^@_xC3XdhX=Q1o^?6M?mrHzv8ta
zWb-=9M!$D38&+>BAGX?%jX*^}F?k^sg+Nt-YI*)`wD{y+d+NA#cY5+Z6=823yHns#
zp5?pP`8}h|RK?aCgbMZ;=7yQt+}HQ^wr?U$+JoLKJ3<Kd;>%l<*{KcR^w!7M-N?)H
zu$Z>aX4~oSj71$KXuU&Fy(n%D1Tnqo6;bj=O6B?`j8v3%9;s}8j0#)8Ia^3@p5HI8
z^8K<-Bhs&}&GOp?e>&&%bnY40R({kGr1RGcifjk}kD=DBut|QaDs$!$VF$l{4PYbo
z)W<<2Qe4_c$E|mgLHBKn_v@(jH~3Ao-iO!Jrl=#|sRoNPW#i7|)r$UhbL*E$WIn8h
zMCaSGI_CG$xjJfX)z8;np^f-E1a6ePGhbKeGmopo<g)-*@6V^dFl@#h-l!ue=U*!<
z^~V2y!Y{U$7~$WqMa@?C1Nclv&CPB(C+aAQEA9O<qe|<3EJt*rwHpmQQSx{?om0yP
zi54Xv5df?)Es^x|(jw*vDtS*0uAuNp<6W_^8#MS?c$O^fTk@c9NuMr#ORlJ+l34G^
zpm(`uUxk>4UIJ8uoOh4IFfH4%3$XseJ&h&zb_;l)mz))V1~LN_aXwQs{p99}&CRWk
zf`fgE+I)2CdOxn*(~39ZWHA0``7#L0Dbw8aR96SyXqg&QaHGBJne44TVe{oJG=S^U
z>#bX&A>KD9mm%Z^D?{b6jf3sRn!adV_hWdrN1Fq@5$^VEsl%M`5dzU0-u)=%*ii8t
z6tmCr7N=`vADE~P6-|luAePyllSew-J%LbwDP}KK%kW%g&aycxIi@04!G1S}-jA!u
zV)qj=P`Ca`GfUl1VWNh;QX8pqf?o7!r4X$YqLnRL4OU(hwlgrRZoW@LcY8-UH-;<g
zhDzrQ*XEzb@;d3DCY2}b38)WO7YFbvEzj5!h5(^*+AbY;71JZ}Nt+J@oA%GWV%XCO
z$>IzK&BN8PjmNfk@=85^yl3N<up5ji*fTIK-tBwGT1&6n?)uF~YV9MCTM8P^J?3yt
zdd`tLnw6Y*ntJA6Su_V`kfCD#P>H!fHRT?L%5hR4=xPBA^bI+uR*Ne))QX+1+rlPQ
z5#S1p$>9so=}37L!V?<K;SPCz4`@R#Q;JN(pya?*WJ!#Mu$t|oV0%^6z0L0`_d7T+
z(g&MipI@hnIbi?AJu)zXWAUIC3coFEyZbV`{};|50c{)3(X;+pfXeHz?}#+g+IT$=
zZH6uFOCpPC&EP4lz8nnXaFIjA?KFtd<Dv%fY!^0&=QvBd1a#9pqPNgIxwl=xc<r_@
z?o?XIFfR8J7?<}U7$3b2j61%6UD$Sl<6CPg?Qu2UHV><7UL(Wdbj?FAUnE!q)|X`Z
z`1EPo@Kf3N#NhH7!Z<y}+lI*QXL0)_Wz><~ZYr5||69}O=M*`1jpqljcR$b1*iiW#
z4t7k-JCtE2ZLhcpUl)_tGbxnpcXk#P={9V^6CU#}0V9;fpTC(Mw#F|{O&B;0d0ChS
zvye5+<U`>diW0WjoV#ppFM8?-FWG7}QgHy>QEeYzsZMxs7#b_p;3T(+0IUz1)oO4K
zRHcw1<xlgW@&p|u3d>QgD<m^=enCdDdlSZRdAMpXDlk%%P@JZRDMtF*TZn9FNNb6T
zo~Y!BvY5zErs+Ya@@>FD`#P}6GtRi`FxJXt=LKg%D^Inxnj#vuNu*+u{{XlBF%+*B
znPPdm9lIKC3I_b`nh+kdeW2avruj7RHF_x*J`Q1g+Q!+X^Nl(pAfrL#K^W+i@pMsd
zexM$@M%H?V!aP@oxTY`vg^G4^kU5>HCU<8%nVz)k#Np!h^0`bEA$k??srT143i3A4
za38bZ2+|i7WI1LTh3V2(F&K7yyz@pb*EK*|$US`vFv8;9fYl8=Ovbu`4|p9N?)RrJ
zgwNsrI+%xFYcDf6=B$KLMyiZa@<!C%{f9~fgsM$Ds>6yP`341y3=9ugKEnfHu0bai
zRuW0rbVPYg06w$iP1j|TrN!fJ9j=ZHwbwXcL>khUyaBj23`6ZBL-<r?z7bk5D|i@@
zsfri8e0aGRyu4R1Ruv^$sTR;_TlkE%smLg$6_KLTiZ(JvAFvn9iZZwgH~Ib?4Vm;$
z?+ufz>8EJ=?Sr&Cn~GJw&JLNKq9;250{X6OM`GBPB%H6S+<>?WlEZ47s_BN{VwX(9
zn<k+t#{=n)YQ~t~r>&%#3<nZ9weofz9ILe%@l-K2SZ&sS0|I%eMzeNp=4QQnQlt5e
zGUE#JI?2C_!Wgwpn-eS(+tIY+;SU-vS8xqOfaKXXJJMeo?#~{$0V`P@hWn^~7&!k^
zRDfC(1cnFF3hgjv@T^t<F)<vLXIf*sY{qA48{QUVtZZyQ&|mR8_Qoua$JN!DM8p2@
z1>;|FGZa~!Ege^^544XdS5deCU+r*7q*XdldF)L)ZlX@5^2~Ru$ahXfb)eO-jvV<g
zovB<S;$RxDX7j+ztq@aK^9&bR?D$v^*~4+#55~#&;Wv~Lj+;SQF_VkaK1lp$p9B7Q
zI&O|n#(I!g<b!gQ#~~ba{?tz^a0js4y-3?kv;7P-NwEQ2-k-}VEt|iP1$@MXuae*A
zEk87W_6`?2U#1Sc4*DB;`2lL&m0x5EH@j_~9_2MTeqHk>gUL~umuuYoieg(77w<qN
zJU%(`j^|ng%hZFUdo${cTRs-|VR*!*cN1B>@v`gPM2o8QZX%O66qUQjDt4tiDI<xg
z7WbpanWLy3-VISJ#^eb8t14}@`>$^Nn;Tzq<KHnfkE>9bg2~3`Vqtl?Q22uN<r#9F
zIytueVMj&qylg7d$vX*0sF>#RQ20^i8Vs(IK#A=^_xsVn=kXoM7$LJixMg4b;RQ<+
zuWaxk+H^>`;(v)aGGB)IA>wS^jw3So`q=*z%d5A{yAv%c(P;7q;kek62CeQCl_;9Z
zE#Bo*?U-I<1|^Pcl}^AFbqr@7B0XEQwGfn;o-IRU$A2xYlx_8-2%<HHg2@!3HM&1l
zuI$-@JS@;eoX~XD76F>Io+yhEs?!|Y$Xh={TQ+-c&A~0mw4NxybD1q_2t)nij2frE
z0Cdr4%T%2)ZzUtV<gvm}vP{j_u@=9#({R)gi7iqa8i+OdU$RMlsJz^2Vi4Ocr*SoX
zl&rN3MT7fK`e01iocZ7gN<2lxlZ$~I+cF4hHj&U8?a*+4_E|)-)VKB9P=h0C^`@-l
z4U=m&u~bl_n)nW#!kbSteZ(dvaSM{#&Cnd{@(9{VwM=7Xpn{*^rY|C|ksPf`Hft7}
z_X<1eR@2aw<!6lIXGDQi6qJ04qytstu6r>emr!YvQ#<%q6KTVYs-{gdQ3#KBJ48uQ
zA<h2a`Xw$OxDh{;!!tGs6>qBKaTEzeHhfu>T25=GC$b!-50^t|;iVe8I(1Ri6=|Md
zbsd@vNdf}_DAS<{i`X<QPAc3v&CBiOtX%Dw*!5@<6%iTJqsc3fENP_|8JSz;Y$L1c
zK&Yz7DoQlU<oa6E$D6FPjrn5{>B(4XwokiLWTDn8nl3OWhg^Y27&KXVYnC{<+~s8*
zu`y3qP6Z4BDT9RLspv`#MH}g`q{5w$TnfuOsc10xW)fF9u#Q{^7UKlUTr^JP1|9E_
z#iRgQb4i;+o;EFCeWEELsiXz2vpzWaHK+dA)SgAFy;VYwFrB&%xcwRpBoe5zIVCbq
zV(C7NTWu=BA(pfrdg7q<(B&-8XP~&r;+bATmQJQZrgxky<_b-h$s@^U5%-6qH0h^U
zEm<J5lZgZd(xYfgNtTZiGLv5s4~NvVIV3owpUug&IquIQnjS>f54xW68P$fdg(3)^
z-Um3-gBS)o^dLqZ4RurWY@3eFl}H<ErUy}Du0P7y$HTBV%0Ukz3b)Ha4<g{ITiK>4
zl`P6?rKzcG`VajPRp@Rb*;E$kKXf1~rvH!%Z3KocOLq{e-zkobWcKt9u%0`CuE~{D
zpX)zl&*H4RtQR&Bl@<3w{f9n(Y#<S`*RKE2wdm{I4E=}U@k%eqvT_xul8Zl@Rm}0q
zwAPbITBOe{#j>KA41<Hguq(hB<81btp#g2;dNFOeWr+Qhxn6>c)k{E{#%lAv7Vj`R
zmYtWt2CIr`L9Cr5ePlJ)fhZ-7E6S~f>JOb(hWkthqC09m;Sl$TP}{UAxtq}a0_)ov
z4QoA3h|r1vpYE^a6(QO>B!mpq7U)4#zpm=;QVm}-Er_8cBNDf}D&I^WqI+ga5p^~c
z6|P=(ua7TVMHN{WM}-FF7wLP=<@3+tDvrH^Yub&H=iv17`nNH|e#zE`zGk&m(YL^%
z_bFc`NdYgHhvKKD<A&o6?{8((zZ>r8y=TBrrXFH_LbIwXPjyKaDA`K*FS1J4V5U`9
z-6Zw+4uM@G`2AC-db3WQ=shV%3ErpZhKiY^3GXCnaiKiZ)+-Wk7%I>aY(j!;Eo~;d
zoD!3(K}w|>Zn+h=N6>>cWbYh;o(PZjfQ)Bo^aXIi??I-gSI((c@Rp(ugLXQLX<k`O
zk5@H~zFwbdcwSmya0KK1!nF8S)7JAg7JHDj@d|HaUoHeqz9H(-(W=&nhVHM08~6F&
zaNpSdhS9Emlkec(5V`k%nzw%A<VW(ix3c7J%s)ePqo=c!s_stTmf53Pe;3=@fdM+D
zk=R!}do?7-wxH<VLQ>zyz75#FY_#_+{CcVE(U(4u`b{1;N_4gpbrhrA+J?P*D^?GS
zI?BuzCKIiDGoC|UmPW@%oYHl)J*&GBu9xt9o_op&o(L@;7^U&;2@(bm<y!M43=M1x
zm<39zt$!5@&%*qQ!Jie{H~%+~5*IJ?_d)WawFk!lhoK$nFV%M6w2WU&S><F6FrtQ@
zIqJ2<LJy)z;U(YVr~*_32|SjJPbJj2i@M(-wRE@0G;XHkSm8scnY<+iC*M}UwTw#>
zC9k?0)bbW`#nY<pM(|`hw>|VFnEKPcdk@gYtGAy~!#&0~!Kdp@nOcA?Hrwl2f2(TT
z_xPhv<`@f)J(;6_?h_lcZFtFHo@3H_x=q%KqVZ3rzwgA&cjrH8ex3}=Hb#O~`nmoY
z^Q(q;kFh0-5njKnHYfd9DRu!!#x99K_M;L=QjlHY>0sYLvmJ!Ryx{43fm;Rb-ph69
z?V|i(-(YiNEl8WKYuy9#Yj5zJLQA}YmY^v&IxHwd1a6B*z11UBALs8ot}t|3q3>v%
zg~CG%oAwp@&cv=UT=-{e#QnPJ+Q*|3wenhRA^ZI)SlzjbuVTOAB>Tu!%qY$|b(=jX
zlf{k;r<49)g-=i4!=}-%&T#G+4GP|elGpPVwoO<d$H}jNPKQ0y<;nqc5BbV|kOcX!
z+C05CtDAfc7hp4=nY<;X2U<HlV83F7hB7e>S-Ss4+f6PWf~3+@0ce_|aTX3JaqHxC
zK<Uw2kDAiH(E>#0BUI0uf)_S01BP*_#{g(uRD9bi5oK6rh7NlZ{g`crMlXd}XEs-B
zD?nsi5o?U&ocA@2J2APT!swT@h`~YX{Q_0D?x7SXHlo&FFv`rok~k@>lJGNFTa(0@
zXe5+V?%VraN+lwv**sgjSJHzfD;~Et6U!gfS?GUU=I`^2=+N%<EwQcgIM3n$d`6&*
z8ei98<7`o!RVewKS`op8i0YU97u#gnQv?^aYIGnDu3A-@h;@}Q7jhmdw4~6VM5ZBA
zW08bj^3sj%b$kDtx=!x>AN&2G{r=c~f2!Y65G6X*ys3VLQl%A9`Ngdh0a5C2T$2(M
z_r1E+3At4Ji^ku9dCEmPkZ7L1c~{h&*?eN8w+uO4D_ljarM{>+z3pj)5qsO^m|HJ3
z$JWiOqUM%u=euK@G=pw^ggH*ycBYx9Z<B(At*6N`E?)7?yQAhAN_L-ZEsJr+wsFNc
z(i|7L%21BWeT2qSc74(KbMV}Lh6eDD;?}1No5f!mmYQ4t#S-73vhN>_|5cXBRru?B
zX6{?;m%5{IrQZevZDH#?KhgLb<i60XddkMf05L@5zpeMP2rs=6jK7jt(fEh?-F#{^
z{sEb5qj8DTZ);jCd2JiTx>Y>u(fGf}&BJLS)wch|z4aITMB^{Kk<`aW<4?!*hWj}F
z`aT)H)a`M%shF+r<%dSNk!;^&R>8IHdaPStZSFUHnrxp)-SFT1&}jT+3V((Ly$b90
zGen@LhVOJteRtH|rq(x5z((L!K^v#qQ!a41c_nwUu%~Za69h0<w((ghA4D-nFnx+J
zdVdf_>MwGpXCGW{Wm7kG_sE%_?Kd&6W1{457%HaL#BQ#1x4SHgBs?c~+AGl$aq^&}
zHAtPsufNf}bH2oTxTpo5KR`A~j3X)Pg<P?!okUNYNH((|v3WKTFLu$Hu#c0cUZ7qo
zqA^z&lczC^CcTI{|9>F$G9GQKRiD?VzdV+_m$8otIBXFsHVP(h#j`#$S}D7e(W2~r
zz4sj=zgM^q`Tm>Di((zOL6^)0Z~ub4R-<b~tmL<qp$6;Kj9orhpBNdUf|RS|w*Op>
z!{1&GOp5z7T+f|$8iL>7!?ssHtu}bur?G7=x(@;0SAc#zK*QZ!=}ZECpaA`NfJVT%
z>ca^5kplGN0U8wN`p+ZaCkoJy2iQ0%8I@Cj=WD8e+-R`6{6#u>&OcLkYWD-4zIb}D
zTxzaB&5c%=?f!D9UJ5JAa`H{Q7;d4zQsKB>UiDI%c8E*4UgAMqJbIocFWOQV^_y|M
zQM43huLpad<mAeQOUU=%fiZ^Z+(9&T85>gtAXB5fIt0l?$^C)1=Ut8M$g;g`tdE^X
z*`AtfSLW9rrQ_UwmOKw2dS(9cnuJQa2u$vaNAe9-iD~G4TE4N?cs9f;cK7@GV|DY_
ztBEhu97UuvNdZ%0voFlG4_6M-H7L*i;Q5Hm)B344?^9aKA-$xt7@uSxshl)*EsE2h
zi*vTe*%?ihHOcl^{i9Z&0Gf;7AFuoFSQc@QuV9^P^RDHqA?fRCZ*-y!U79iJ2krc>
zj-$VVI*v+S9Y-bA#t~FUz*TBfcPJ|BepI^k7+}=;bnnlgwy3fFTH3HwxG&}2ta4kA
zB3x2jqm$*<1IE?QrU%Nc^^<19w~{;*dnI|8{XX1&A7Q_b<ahqR>4cM>`Tjbs67aQn
zu0NMjmYVAuOq=?P#$RzGGtWzH4!K6wr<rvb*6n8)Hz;n?YWaWAM8jj@_P+nqFev|M
ze9r1EEdIsqe9t5N&V09*-`1<iFdD!1M&`7qd$VlZ-QFFIzmb_x>wz~C;%kVrh?)PQ
z@z)W@*F_r%)3-T%vbQ(7x&lwl=~*HFMdPDk9$l5qqbEj)amGIV)uHA(THlS3_g|bU
zL-78244ECYegx}13(S$I%oV-(@GG&V<ZO+3YaRaDBWKs0%X6vp#*|*gQ~e(r(~^hx
z(I4tOhw;1`B#Xwx)_Krwf16{=zmN}#Lfi-L^2>-Tw)<pQe7rk|m*$t!zZKQT%ON^9
z4bnS}*k>fIi8Tj(gK~K#fKfQ7O{Z7~{xhlsZwQ}yioT<BehO<J6FX$ZvA#A3?gn?U
z(FfmZn1#VdHYAj%Ml~pv7oBVKy4HuNo$2CM0skpn!cai(F19Y9V)6VSb?iIHqs*Jq
zw<f8q^T!nm^}6q+wKf<hz4k-%+gY8kR5@Ell+0rEC6D5_?5N*4f2@`)aWwxkib>j9
zvP@~oLVE47+nBcqj$-RVAP5T>cDj*{RfY0WYc~PDG<mMpFqTf|&EF*5DyGU3%GcW)
z;K4W|uD*D%);gMbX=<Qmqar*peQ?ph!BM4wW)6<_vq<47vRU%%Z%@U37Wqr0@TdBk
zjo`g1HjNv863VvSy>l{9uwV8SE2Y*vxwI>Qcm<Y7J{Mt0=|kqXfH7`ef-i?9+H^L@
zH*xI$9&G)U`f=q-v?;1&Dg_`jyFY2|R5n`M=r$$Yh_2=IUV5OuO`gS|r-a=;H$mER
z73TSn?JR74tc@=AaN4EhQ?%kItn^~*iTL#A9Ro!xWYD9HaJ?pIM*?Hz{Kue}kutAd
z)r>^M$OJPLcSiHyqd`ZiH)|~QF5mLfq&5THltH0POk?!cio^KtQuckTM*3Hc3`~q|
z8O{87PauR2$R<eP;Yn?XTnHH>%L9Nbf;l|4aRgPteX#lrp+#_b{$?O<OM7si-XzGp
z|3ej784s@<UhXv+!8&3oye0=vFS@!8-ZN~iUjTN5k1B^D!WpR^%=+EPs^+HQRe_tg
zn!Oi5TNM5R%;+1yPJdf=c7$5u*iWppzKUL$U9F!(4smOatQl#N8Y7NNg%KFH&d0lG
z$L9ow^{rmgV~&rtPbvJDXw14XdTVTCII`i|a>~g+Q0wGMeu|d;))x{#402r$-ThtK
zFL|coJ%gYAF;8028Nv1!PngyeSFpo{!|E+7L)MkXi;JxU(AuZtzjn(pX}Z+EG8Q6K
zR;MxRbCX*B{Fv?0p1J**wVeE;0eBg?m6La5cE+avfyQjibp*u84{Wd!rnq0t?1m=|
z%>hp@jnW1TM_N33Y}$idZIEk#0e?k183ZMT<`LIiiesWaw{>OVGO1vCkeOq1JIq`?
zx7*A$bAN8;+PUk@JYw#xW*#~BVKdjwA)G||W^L~KZt0uju_yWT&yBieV6Nqs!MS_5
zWoT|-*y1do8+Xf!x#Qh3Ja>P$tektaTSn$CbIa)5v)r<3?&WT&&%Mztjkz1$GB)=m
zx2&G~8VCoBHFLjq%i6g$2|oL@W)uQlq@r~tXq>!5Hx5v(SfLn?ONGD3)SbgpcMQMO
zqO|iXe#@;VkbC#H=AlEwsH05o`kMyjdYd;5YWw}bd@C@A^GjWBEWBsn<h%!awe=(-
z3|4&<5-YZDA7FuHdqinmqWk^BUSjbUD}%h<KfoHh<OPHy1Xjn^<4DlDn4j+N$OnXK
z&9DjBbl%%L-96GzcQ;C=VsPox+?&}iExIZ43yfcr@twcG(D?Es;Lu-of6-jwYd<Z1
zmh;KfibW<D7Jg45grI(U{spR)IYzn4Fw3F~3&St+sG<(Z+5E3i(7V7;5?x@(Ty%jk
zy5Iss^368@Lhk-zw0Gis2k$S0riJ$xDtEd~6Dw%9mL<KGI?P3dl6d^&4qQ|$bx$#N
zaqpf&i@*Fmg-%8pwG8E{DfG8l|DqDf`r^sBq3!hE;V}0WJ<87Y%JjK4TVvgue7M0(
z^U3Zn^1ULqUICwqOC^VHUO9xQm$<`F`yB2LW8+a!`H@h$FK@I&PQP@)yTl!aay-l(
z#&2kqL+>y?8g&#f-CB5uAtH=A>W#^7m}6pF)!C?(U1#Ko%jS_2fbhFEmMEFsWe6iM
zs%WsYZ2BogIdizbsLOM)Aux1(Au|*mE;f{2A<EZtYdxNBm0fI5E79d4rzKCNcusbv
z(D`NWspxQIBpi;sfef+}lhpH#ndezivu-h4Z_fKQ-0v-!A2}`$IleXXJS*~eaqDfF
z9}!oDh;Pq(jt0*K@T8u3cpRL#^$%I<v!b;j@jqsMXGUwxul0`1OLW&e`x(id>%5CN
zOP&4X<GfpOR{0#4&u4iqpZ6`uXB0ZHbEZZv%KJT=g|Mv3Mfj(~lrx%(b2xbOaTdax
z!BWp<^8p7}uw>zDbKxKCh4=85&)_|ZprOX*sa~9Xh2Og%PFBvETsb#-lr_fUGP$Pp
zCb>P&CVAWV#l9hQ=Wy{_PFArl4}%noVN(KWGAAiKx0Uu;y|f1VZN;q`FTqu;RGEzy
zp4;v3G1)bA9QjT`E_|*B?(b;~SQy{W`6gO*iuad^si@*l6W_-61@YO)4|A~5D<nJC
z_%7#<X+2fee;>ZAXD=>G@xOog_%*7V!iHqPXiJKTxh;%aH?qhnwhrJ#VD0yeK~%Y8
zW*R!0hW;Uhnn`(DKYSGPe^hR&O@ndV7n&wFt4r{neDpHHidWn}=JI(}G`^3d-54+4
zC+Ze4+snBkbf0zR5j#h3Gb+x1fC_gbr8hA)IPq7(Uv8-e2$li_3ywO9#JkTNI5Qs0
zVTua6C2T>u?u8n0M+lW4yZ_%o1s1NV3r3j=GkPr+IskgT>ex}`jP;PszND%qrg_?{
z&7ri>DC{eB6K*Y5*4e`_)3vf*ewkpTMy84l*VuM@8OGuAXJA~Rg5cz^963C5dxX|2
zVY*1ZX&pyr_H)27u6aK%3&jj1sGM^-Km)@D;!MdcYE(p6+=d()s-slUPz8BdA>Imu
zp<rU5zUf<8*n#9LLZ0L9->{ZVPFT2}^>pV>?&7e;akM##^+1Wx)%stKSvZ-SJDGh)
z>+f}7-%~$PCIV~3iW^l7`c%o*bU(=GM-RYDT{}y^Ffc%rN;%p$+FzVH&l^7#R*b7A
z?<mO~Buj?_X_!nS!fYNFakiLu*O0ZB?4*V9wrR*gY-rV9S+NTqE=Q)sz$|wSOe9Ur
zS#hV2Vd581-;Tk*LZ^nnm@Fpd#Y-_pJ7v=&_e8as1y1V`rwLlbB(&gaP>KbuIaGpe
z!)1K?iCd`$nK(U+sUQ=Ovv<@hrbq5#%Uf_BlD9k!nm$tI#mUOsE$dkm8Z$_ujv^Z%
z6%!L1a4|6k=pZ8|xGMo{IM*hME>Of6P%JzIT<9;V&wrNDq<bWJMPqJXCwuU3%C2Vx
zH<+b+cNsozK+^LMRTm$ZU#TmBB3pMo#k2lX@~(S9^ZzE;wkm(Oo+K-yfO&P~%7G9&
z2-iB#KPRg{p)<t|R9CXtQ;&?2KVTH+Kf>>xC&$yP^+?|YnSisDwY{GFPEj>ZJ~FKb
zvDPcrnT82jW3+0dX?u@3uHytKs?Xg(S4zz8+}@7|Nm*=e=Op3euRU6>JShWlAE~qk
z-{ehMF=jc2@=}Qup*mSIKVTKi55V-jiI_b*;@Pdwob0Th<~sBZ>0DrVP1?XNyY|R4
z87Q`pRc>dec{1CBc3K2Vftt)rftnnF-*lI1KWf5D7{>cLY8<b)#PW$D4rrv8#7K;x
z(lEp*or*NoyJ8!jd}q`V{Y@Q%tVw8-Jdf^>P-qe}hyWavUIg^;aMq_k%~vL8))93l
z{|a429T9i18e$(UP@P%b<h$W|O({QZ>?5s7L^A;vUPPV$5CwOSHa~F#pY&!GXe`<%
z>mmAR{)*#OoUz|tLK&^6^xRLvojkSYzD(|?ncL*E_Vj{wE2z_RUm^F?&27x@U98EI
z`El{O9BZ-zGk=ZX6ok&t93osUT(}_APa*w-6{paz+qtRsvHF_=kNPU^v@zt9*nh}8
zfQ+4QfVDY=`0Q><f{$BY%THt&*Gy^8W^xG&6q8wh$n9V?2Ib;aEuK7DeP;Fc`U2qA
zkAv}At=Eh0?p8%H<vag5;<1!5pRzqBs>A(Uy4lM1ih<PIwy6)53LgXNA5pKZ@4&Lg
zmI+*Z)YsJQozYb1CQ3B*^xwdm>g-@_`PWX<NiL(4OQCG6@FdRfm$jEQk_f0OQxCzt
zVT02bXZfs$ro7usAH#u^j=B=HzId#0_u+;Bll7$Ssz1>YjY=;dPA$2K>cwl4FUzPV
zU&7FvT5#CH3eP#Lu(akLr=gD2`8%|()qPhR1gHm$)swFhWuktduW<k#fJ*Xf%JVQw
zJhtg8zOIc6k0-6h6js5Hj*%?(H-Q-t!o8Xg5NOczzGV%x8QrSZy}Y?{t!#BTmpULb
zVO>4>EhXE6x-|0|Dd7<v7z{Qam+TS+5DKNnrc>)iIT|;orbI&;9FcqdEJN=64|Il|
z5mx`)$(N;ExTH#abjb3adKZH7nakFbE5NXP7>@m!Sl-gqdkKF=*+15L$M7E~j{*3D
zr)rt}VIZG-FU6FT->VWlkkEXHc~s1!!jlcbqiP=6n+?M4vX*KEPv1~s)fC4CW?x?z
zJ|mof4;^0^I~u!SNC@n~kenwvi4LBh)i#^J4xYB>PlL=Sq4{r7pFQXVJYG=o*7Ewo
zvgrWh`eS<Vu0N><@A@-ScuU3`+k@9uDanq7c>Ax#c$3EhyvgG>@V0Vg4~~_0>%p;d
ztHYtbEXKP>YrPfbi<4f7$K2@Ud2-RxX6iADaW`yzWxKsohf#}+@U_`4G;C8`uP4jt
zU+qoy!n>`B7KOmJ$P3F2i^emcE22_k`-&J{^LK;ZjP@T68jRi`7NS->YDG~i7WI^i
z)NS7x*Jq0H*l}y;UI?_YAENvm5}*6Lp#PB(d(8YKplx0L2tZX`OKW-zF|fGnv2{(*
z+2En&26t3_^}bRW;rv5@;@$1?tb<jq%=VQ_Jh8dUr#p7VKT+u}V&2i5=lkX}DO-PG
zR_veq%egFCKs^U=zHm#v#>m4x>-_83ZuB~AM#4^ezGi;~d9sJ1@7c_c(EFkJ_Rn1~
zpS7ng4ddjy6wy9=tq<N_Y&rP`o*RNH<F&I0P-q!x&{Q@_W!oT4n~oGI(46vx;k=&h
zZ+hw0Zn`c-4WrN}1csv~=~rIYXJB8wI|~B+kp&wOBm;{0$t)r__-P)1V2jiKxxMoA
z;Z2RVLP_>!NtQi1OJYl6s}UT?Dau~HC|p@QoA#glimwZFl4<f}FM={zj>#S*{|GVp
zCOw))i0t0p_n=+uOwHDPy+a|N(Da~#UT4T;B{hGQQ;E1B?_uxZXn3)FYymPR(0<Iw
zGiD7pQ6IZ*q7h%$=R|7nh5IO?*Ul%M2Vz}e<>ubo;~H0c`RT3m1^G2Xex8-Ovdu9*
z$NfZWndyp&G_P0|?kDaMgcmg(PjAXeGV;!ojuWQVR+4e`%F(9;EprU{$5w6qKiTZh
zq|tr~?Xk>qX*6GF91~#ey(Qm=`eN7nCeT9HJcm-Oe{W3dmIKL_2Ysa4fARdYS^7<Q
za&_-e*x5~&1Dl9jGs@IK&>rxf<o8p}YbJR|&FzK1cFEr2gNLKC_i~!8UD`W`(LWKu
zkuYziHBDBMEW0PIjEahe@0ysrZ8W)1Aa6*=T(ybz41)hzlviwB4>J2;`Z%iW+Y#>I
zU5s!A2m1=#SSbZblF9uJo*ye^V?@+^+}t@}-0^%~WU6E%d*q|HZML>`9UP*G=6Jf6
zb6q#E^w(SKseo}XR#X$)Gu$oUIZnPVIJx}CU?q7PF}i=jj_P2)!~uM>^Yv73Zly4~
z)<lPFZLGFM(;#<+pH?2)A$bjWMWUX`Vwn(@?KLkU{?Du}?!%zy6`A3d$T?{v6FCmd
ziFR|)-#*Tn6yX^ZukB!^YBNL<le~9M8GLI=g!ck{yZ>CVa_>jEKUcY}HRQ6eoTDT0
z;~cTLoZ9@yY2M^#kl2O=S$?H5d9@u1PoVJrI0$3{ZTT`?QMYShrabM-9*6l0!w-CS
zeWvTUuYGb(V3&hAuMq6*eY;~)4HT<zIxgEXTCp?cN@On#@ea&yC?ZJhejt6Dm^V~e
zB%cF}U$=20g5%@95A*kfRsQ*u|4YjEL+sc9=x?_wCNaEw1uLD2<P%iWc`f{H<>Zri
zgvW4PNci&yhbvc1utejfceF2CacOOT3sfm>3>J>Rr<bjMP$?RBAvpgZ;`GJi9|4$C
z=(2^lxy^a?-$;d*`r;<y588u0hX{xJ;_>T<vHcA7JLDy`?*EfbXj5m#qR~5Ks@yyC
zZDk`_h{xC8D8R1)@cn$6{Qp?<Eu>xiy)NgMw=a(O|9AHvi?h2ro$#3Ac_~xn-IZS)
z_+ZsRF1(E|Hd&JGXVi%U*)934$N!FehfCi+%J{C+n{gat8B3u#c)i2lAoru$Uuw#9
z`C_wDyw39;gQ>qBuSa;FX9b?=7dOW?F5=-hnJHU3#kZMR>fXc5a`zN7E8SDgtaeYs
z%r4NE_qa2}ZFDT7U~Xl%P`+7#-TN!GoteA~aA?Y5PCry+axx=Z_jDD~(JxPoEEd>w
z|3TYU`Jmc{sYH?86=WcXwxGvY(B~joAl#_1AT50_tnKNLaBRzZfXPWgTGczMcwnx$
zkF4QgRm};ki3`8dT<Frc%X>$jcaT@*zGS$NS4BR_7H%<e=afJt@7-?zgUJJgr~3(z
z=J+A<vT9$XNm6-P%^kYiE!lp^Wn`N}5|AAW(odq9Vxdc%|5ZI=TN;FBF!|x3EeLc<
zQd?&PJxSMl0{~#jFkx#W7j|owW^4<~x*qbJyQJT_OE~>BjG{}R$3Jlf*-Rdt>PPam
zE~|yGUodh&@LUv{oJjS#S~Z6^esXubLg-ekh)DD<mV*CDLfSnAb4S0u2&^8p7|1b?
zmAlulV9RJ}-9nNO?F7MC(N3?%$1aSgUJ`XwuRQaK=qF9Ge9Kr!5_Qy^aqH0n@&SsX
zHu(zm|FzaT)+7@6S2rmq+YYJ9yf1tYUx%iP<Z@x?9U~`_s|HLV8rw3Jwoylr8srkp
zS7mC4v{y>>YHW2HU#+r%I|Z@Zkz%{*kaNfwb=2)SX?!6oTd$$7?;k=P(YBy5K+S@1
z)BUMk-x}SHrCzi14`V&YBYUBt6ftklZV)WMJE!RWGV<16){;j@9W|Nuu13A)S}0ze
z(Jyg@0mW4tx@#fFPF8)8YK`U^vU&A2`D+;77t7bh>~0$LBsO(-Y@~b;<!U{qaYjtx
z8fWg{sB$Jr7mh0OSz=U?w~s0h7gaqF=OLqt@0pv0q3Kj^;E(2OypVPlr9>T-6bSy$
zu=;*4HW3uti{}Wc<^<K(uJn3>a8q__vgCWBj?7-Sb~on_7X0R=W%RaF=ZT(3o=fEM
z08IlKJPXT9+y#NVOHJVJ5OF_6PX+MI{;>E8jn-2<SE|9BU5L1CG(Yd5Eq|-FJe*A4
za+k?#q~drezcb0ZzIG#?uFfAbN)KrdxP+cb=Jmx>qa5JBl0mw4fA(ba-{+^lJs2hD
z09JYa8aXSvPLY6KWpd;E_9n5mAVLP>byj=@F#Qggnw!J%m+2KLCr_d0aq>j3W$!8m
zhhED5N+XUenhQK`B{z1s^xR|{)`75j9W3^q+iIgD*gCOzE+3LAhfv!)jh$AQglF>A
zycxNcb680(|6XH*m5-cH0B*obtr~DuQ^`MQU{&W&px}x6Az=CTSx^nyOH!4o!Lq#`
z=?b&XDcc*FwfX^*x<CK1WqT>J)=1quCK?y)m>A<*bHR?r`Hk%tjuh)7rS@7>yYc_P
zaPh+Pt7e|R15LCgDGnVjH8;=vM~%vP-Hs`=AM9sN_u|2(heNDdpZyHXPTsfY5fpfy
zn)&4Pc)k&Q=r86(^+lXxghzrpXOR~tiGL?AKS_+c@;gM2XWieBTA;`Ca&`L$E4JM=
zrg}W(lhflV#VC;#6m=}<e3JRWP4IXawC5i6WLEaXlymOSlyg2rWsG(o>c+#|cm#&H
zaFnM^fo*3D<Lr0;pgwYjv?jcrohvICGiAT6ugdB=A6_8-*^B&+&*ky&+)!?P6CQqO
zi$LihPrPh<hrHj#4~zi&RM}ML=(FWGRG*}Qo?J{|UQ=SGHBJ>vE+MpQc<9(~Piq{*
zqQ%&y7($Wsb;*=&Ma4BWj_qUI;X%pgp`BnI#>#uft~$~6aaO0Q)x}yqrDJPqbtvnJ
zlqJp>q~w^GpNT7SrJSL}FOnxmB9*9?JV$}93D66i+MPoDBtdMg+0pORx#8$d#}tuy
zCDPx=P}gI?No%15uJbR%e1;_&m$&QxvlyBFzsR-zMak8Qx3tR2$wg}X(pFu!WsTQ6
z=-a$hSp-Fvna;l~vKGj-EhyDG4p^GCO|*vEXVji`cVL-nGVP|xUdzo@RvwyLPqs@$
ztZ(Zx_&HqeR%YL(hlO%d3ivAR(LN=IUiJqm1V%}|{6b%<m;k0nvOw3j*%gSz<SK*I
z)oC6ADOz*JqvX$tvY>WXS{m0&xkMTvYhcUcLv;o=@g$D2$bpxt&JD_PU7@Sqm@%Ti
zjL6BeR7PStFN1<c*L~U3x4S^iYg#$2^K>q#Gh+5GV%dqC$8LF4{s8!1j>sukT7=rZ
z@;Yx`R=rC$Zw_BU3u#tq8=H1fp8i7n1X22+U$@sLvGK2j1>1r~Tpw|3{7^tK?O&}2
zFs=H8U|l^<{*78VZsH^XFU%q7KJITcCYoyB^q!=gsAV;WYR>#80TzP`>w42EY<^nb
zdYM)Zu8Xp4VlKQJ_e%=1L&Ygh>$Cn=X`KjEQAY!GrKi1gK>KauNttJi$1YNHB~qqB
z%JfH3S50p>wH`zk2$QOW<V6699*CC!L9Lp+6c;2GZgmb0?indIx1dT)?5f-#GiM&5
ziX2tg|CYiszvssO*22Ki1ZfTRB1UGONd_0vo7v|xk1OTN6!8U#+ElS+*nTclWa)Y+
z2dYTzSMyT)QFZLxxOIeDW}3RVp2@*lPUtscS-Mu?8wrQ>Hc};LPBH`qm2|JCLfsc>
z_B8dIt`5-Kww&xBiQ5-z!b=`&LBe#U``p~*D`1kHxpXQ$xxhRWW(yb>c&!8llMYEw
zS)YyhnfA$|9j3I}<dELArEG21JEP7b?UPeShN``ms%=QY-y|>|M<zzA#X`DP@u5CW
z{+-A{32JVv3fD*;$#wX8OPUhju87ac&56j#@%FU&YP!tn1HKJyzCmMb7<cH~Ih~M$
z*)7~}^0#mc;?%P^%OLCYn#}s@QBW^u+1w3gClPD1*pu{~EViF@Nc#~_d=HO#Bu8uV
zcn~^R3q44S@KnKT$~9|OXSL+)Z1GhKdMP!BHo`*eS0t>N+E)aokAY+%I#HIXyEC<p
z;XqB&sG;Nwv2xihlBzg4t*dZt8ML#)?q!{NfSgn9tQkm7w9n3nHo1tr7%D`m)l`&y
zLF}q2A4Q(#N5n+g$PWZZ0OSeSgVt6N;?x5UQKrfg29~L*&7{~&412CEr{~oO->!vv
zlx{LJ0SW4yQ%4*oaqFej(DOa%r8H@vMla}fgyr<0l7)JK$L2NPMG8;@bT=rGIMazf
zLv$XHv)tD5Z0|H}!z&7|l05`7lB-teL+yo&u`xhpIxiRY5gVS3WpHU_sIK~a0sZ+K
zmD+a)*0tsk+r1xx`Z_FYKUH)1#%?9n$(_vs*uwqlI5zqT7sNY#;IGeQGr$9>QIKbg
z3TJ3Y=g)b8wTt;qwu>Rd#!Q9Z=J;_d=6;L62mXlLI5y<|?%E@T-eUJ`44>~J)0-1(
zzLOe=mCIUavtlw(3~9QTnfxW4qrGf&;9y^6imSL^>weGPan`;p;zjeLCJKFmOR|UR
zx5Y#9Q^AK%KfJ1!Ub-nthom=nI7u>i0>^~xd63e3KiZ<z%kLQSD=(QJE9ylcrS%yd
z^YkA=TC1n7TUBIJRcH^P|L|P3<NR6B;-o8{G+FNZvLm&p6U9Gyy`mgU?+|E$*Wl58
z6i~yrJu8E&g6(FOy64E8zZiWH-N#_{bB?npO@D{U!_v;rE6sVHUGjDn@#x_AM>%!`
z$3MvNSY_Q4DitgeDwP?8O7H8g-qJIr6P<7PIlW@{R=0QXJndW(Ej&*%M0DhTN5n(J
z8NjB(&?$a~_StZFxN2i{v8XQ+$=c2(d8M#BDTn!~#A{;k(~2HChO>?#t0OG=6QSV<
zxT*}U0JR=3c`{b|g<>b~;cPNk-)&Z*wQSGNn$$N;Dlf44M1`L8=W4)kW+#uFj5nya
zs}iv~3|4EdQq>L4fIiMi6P`LbsJjt7D^=4bTQx}yJ8j}+DxQo<Up`bRY)DN*KBp+A
zUbbSInJa#_tMe*)aiMB>$Us1JL@zWMRSYfAGmDhN3#rjyW$Lt4+*`x1Vp5Qcd%qO|
zgTWRiS`+t1o%)jE-nHZ!a;hcI=Xd^HpwG#*V;#cr`zmsRz=ASLcF+5XYqU$5Sqs#X
z=i%LYw#ff{0691?Qbq$s*_XgkN8QMyAKI`_BoTz|=SpuXtou}9fcJ=^->0e6pi#&A
zS4TZFxr7AiTg4f^Jcf^~`)MW9CvzY0S`%J#pvLxMaSqhJzUHP3(8K5F@D&Q{))o2$
zpT^hI$^Yfrs~P=H!(!+a6$+9k0j6$toV3mBDR`N#j78dP(!7s9-t)di`hBf8UJLr~
zgnr+i<kAJgTCw{$8Kv&yF?1p&Uzw>}!4kn8uq8#@dKbmH2yV7Vv-9ibKu$>V-9$o0
z_00U$Xv>&~w4PiKPAts=`9Y*<e!^5WVG`M?OyAd{@ijM!-JwPrmW;RixjZ@W4h48W
zcsO{6a`4{h@RGma)0}4aw7|FXsp+|65amoR(1Oxcb0?28yOxpZ9jVekkn|r=n=h<i
z!|I2s6DgXxO}%N7z=mf@PbgI9cj7?JMe8J;Ovl{|)gGrt9hu1nV(6g#%-}u-chou!
zG>S*uqD<hG#uw+Hu~Mp@#lmXfR696t9k-qJhVeYsH%F@`%k=~KWX4X(dPjMtym;|-
zB(MPGS2iU+ed<dl`{Yt*KztENqM=In5}C#B6J(US7h^2>3gG_>ul?m;<(s;j-s9UP
zplaPGI&21F(Lm(=F2+cEy0qr8h;7jp)PyK#&KRi<Ri@Uh^D(}Lx}loC-^arUsTI}j
z%AMCt6ZEVwF9{DkVQMZ@r7loh*iLh~@T&73m$efLc_J$05hq`varHiBmL_{eQ-!dq
z87lF@?hmXW#eo1!81oy<VC;4j$)q*O#A1nuvSw@{E`OJmXHa^1QAgE3oB-ZX$!gEM
zq$E~aH9)|-q<VL(UP-<T*qAOXs5(|mZ-{8oQUuvOl@s&s?NDW?YSMf3otqKGWU>j;
zds=rD3+n<MJK|y3c4<}kTFd@IpD@j(gFmXC?N8<NpFq;vvC8L`Lwvq@h|jkU@%i>4
zKL2%y&#i~}d}pB#8tBB}hQPuyy06)HnL`1DWC7T70e{E^{2>IO;{Q^Merj|SjPm?t
z$xY7J*m5WDyY~WZ%#xFsnQf;{vHk+d_kfJx#~mj4`wBjqYo~iMC{4l(A6++jRvfLn
z;3o5lBR41a#K@Foo`(cqNJ52QhcLjbQezpLjc&S*`{JlMmL<HcJoYOOqIw=7H!|_u
zR$FeU0&TW>xsCU%cdU$qDuWC{8KieWL%9?Z%3YI|yVlCJ{@at01d6S_qBr-fe+q0?
zM$zURtOY?zApug#2#`ATg4Cf0(f~c62I!ASp+C}~KL@e>n_T}?9My4{Km@||;#}9s
z#i71GS>!vDk3wIKt*>$+AUP?iLF7hIyKWN#$@B%>inst0!Cxhy2Lc<i-{CR2XF-rB
zXT!y7lfPH6=3m{Qg)#=w<?X;`x&IGw7Q^vk;P|oN7(>D&i+Sthg=3U<j`O#AHh{5A
z6Y`VuA)Xj0#%5cQLSLk*e^0h_Ad^N;6s&IICe9Nk-r`;8BV3fgqew40(Dah}qoh29
z+g?$rMra4LoUSu9f#sR+SKv}h5r<U%O|4o4Fot)%{bFk_Lu+rwH}r=%;+wMd0GXr{
z31cbvg!`K?;Z19X3ur&9e&1L*h;&D22q+S-!crvpZ!P2Mte8!9<)+D%QG6gxuVZet
zjmPp|xZKmo>vooRu<VErtlJ4!!tBI~We0Xxd$maS=*8(gIU<W`^5%-2<#juERCY|l
zwQvAenhBn%)$==n{GNK4{5;!%YA@Tdom`QUFWFRgTq<qU2byD9<_b!4&lhwll@`t<
z=4o|qEeA!Y!sEAZ7XvhTlx6Pld90bnL;a^B#;a$|a%kMBAbgt4Ph*omZ8I4;BLmB)
z)8Iyueo^$}MzB;^E2selOSbl2oGuCpdkN0-&f7Yj?4XDg$IzImNVMW6qE-V?<)>Bc
z0zWDJQ#DM=C2fDr)dsgi%j*w=W!PN$iFlo9Mv7*Bn8K>K{aR06(_!<cmm(~#3VKy9
zE*jtt2>S<Gr!kG?%ef6Y14)WJlTjLEX85@y^r<oCWMCT*Y^gS6Ff<>xm`D5g0sEQc
zXP*7P*OM#A9<`35CKGcr4=r4leD7|;6nFDljs%%euS?O+{8X3Ln`w#h?{Ia$>)eak
z3&7LJ_^!G`on{-GEo<Hr<&>F4FJ*>4o_eOUvT=EYsrfu+3J>(T!o#kc{K1;mdPa?j
z`tvUb=`O)A(a1Z-@{ZLx$K;7)WAoQhUh6C>hHLc#S0m>-FM`p`<@J(GctKi?w4OU3
z+zx_UmrR@ZJh~H$t-G_*=v(as_W4^=pZ=BvFnHy*eJt8C+N-NPoO7U3J77gQ@Wadv
zx&nevXXYC<Uaqa7_i^S6oQO)#x@hb<?A1p5T+(1_C2U2^1bLQ9r$>L|&c@I<Y#pV-
zx4eI<Qgn92hTfqy0dj4a2g3$*23+`tS#*<*v4rRLpId~lpwBzDINE=P9cR7VI-c-!
zhpB!X6?9IT?okib%}tUMl*G1>oO4749p(>-UYVGl(VLi(WuUde`L$Wb3;PO%nH6*I
zCxXYa<LEID4fCMu)Qn6Tq_2Ifi=*sjriuFF>5+<QSErEb)7UuMDQl&e{53=oq)$GV
zN}uG!K_GNL%YAU+glF|+K+Xo{<-i=?&MR|gspo*R{!tz~x4&Z4Y6O5(6ve=NIn67@
z4o0S}l=C*H1}A`-FX}*Cc=_u;0WUhyzk0e5_>!E5ZR)HPGn0AD_?5DAtZiB0Nb&?*
zqJ!%LYCgLJYEs^KjRlUQhZatJPKu*qVLSdS)ULf{J*-i05%P^SijG4EK|Zy0G6cc(
zw~5eS3Zi(Wv_CFaIQc$F)K_i6d4$G&>tTa&rPkVpTkKrcCpGVD4;qL3iXp!;x`Qpf
z#VZx|Vt!roDodW(v2**vip7nAs9u3Ii34*lOPlT0;POr5pc^B_hB5h7ctcMx_<3NJ
zE^JQmp^d?Wmc2F&9~uu%r%Y(2nQsbcogE(wEY@FHu=Z9o^|IEo21H!f#73C8!rW0U
z{0-@bg;P_%)Q5WM3pn^pcA<-@2nMBaXP~tI;_7T;d-dGGa`Hq13~eK@X!abXIu9&v
zFS|OVClQCSsh(VlWy5e0?%q1%P-6bhuIEt@tM@3dX;z2J=Tub^=5~{WH9&`16Y6F0
z+RXK~-aQF;?<t%oyLi<qiTQ!6>)7(%EhB8ypQo3uDpPAJt$l4mzsU4dKM<cU_N4F<
zmA7%p&MH?LEs01Fg_EX*{&F&By;pDIS)-?nj<pK>&ZmlYqRQOQp*Wm(ms4Z--vZMJ
zd3jUzc^i_KA+ORq3Wr<LmypI_D2!dOcb<L!aOv8S3hz<!LVbFS?t2g&vsdCejb<nA
zm0CDQN2v^LX@2Eey_Q<-@!3z1hDR%_!kY6cmWwklr!|V{5rompIlw%ctA9sVrPCuk
z7G?+#8Vmt##xk*k^aqa5YFufZu8NmEMP+Vy&$7#q3H=i9D)HP~wbI<|nDM^!sym9C
z>gsa>T|x9Y+?4M!+?4zhVwmUP;ouB(wOY6deMswWTdz5@RRrt24IvXo9DPY*cqk*H
zpSFEe(73HX9(1tRkaTWa<s0G~<y*ry&euL>J~|4t&F{6}YwY(m_WO4G{g8g=ra|W1
zc79x*UpQP=(0)d;qY)Qk&If!iwSe;q(~~tv?jer;@^A<Sl`s9IGkmA=weKJAejv)*
z=3|u??|zu<SGxV-vhR2MBV_+;w?9($e{lPwWd9f07sGmX1V@tCmyuDuAMn|@CdGUM
z@$S!YLoh$l3yWL#Q4Ma1Otpe=wvtcyYLCucAsoCb!@-)#wUcvSSm-Cb+!@^O{qs>y
zlK1XsjF{ZZD?0o>*?ym5zX-l?_jm~IHD^8_m{wUo`3bBdQydmY3*XiAXY~fEi}>%W
z&LF-#_wrq1@Zi0x_G-#h-g|8D;8fMrgYqKl_&&-rxu53ggD5a>`)Uggs&>jjRSR<N
zs|%0c>pW9}^Zul(17|#S9~WNb34+|DY-Ga%g6r(^wBGvu1fyP<ivM+qsW`~U_7$d1
z^!fL`QDb8*8rxVxy`KvgeH5PtJ{5d6R@*E6#@W;fhdb!G->B8@*-5Ecd$P^I*#ORF
zAJZkP`?cEOAHk;H=i*xPp4Hi#TEAMxz*ntZA2$2ns7#*P@TGd>OB<UDB-iA7&4)lu
z=;^5AA)-&e0qlqS`UumP4^RD;GRw`2#98=+E#)zL04i1fKo+9KkCn0T7mdH=Mud02
z3tZ}oAHj=v>I%=}dpX|$zP}81xzq35Khm!JmdYdbyR)X?OuxrqU+Q}z{!4voPQ_PP
zKHVPNOMQ11w!1oh3TwVDsoz~)R+`^FaIw@Unh*`7<=>wBCB$9odp!OUj{j556b`lN
z3;1r&y;S?kZ>hS<k5}91Cfm=DMDV}xeTwfd`Ch{JTE4s5PkE=G%1A$zm40d2hcjPE
z+&A(a&RkrFG#}MP<G{!GKL3B|_jc;_Zob2r?;z}beE+A-!<C=<zYG}ujxRN@#r}G}
z)J*+TGxbl+#r|8>=uuA0`~dF5eNj%#d^z#f@hvt_!|#rKi_@j<_9;hBuA6KwpKPvx
zv3;_6(PXnW*&Lp1u0;9FWb+A=&4J10$YgVHvN<~0Tm}E0{~Mb`9DOL$d}njo`wu^-
zT^Sb&`ZPY|?Q*AI8ZP&FIsY9w`vp1s6M|jiV46qXp8DNc^XcTL@$f1>!6aA&gUVK!
zD&w~N)B5Gp9WMTzh3&46ulnTSOzU@7;PG&<9u616d;U`!<Uh4X{ySVgDgIR#eQLY3
z{nUo4uRhgLUs`5bR$4~tpPFfSYNqj0^S0nw3di|5?QiMEi@!JExA=P<ev7}i;kWp^
z9>2xk`|<k_-v{{)XHUyZVM+5%%e=ktH<S16eVW_;Z~Sf#H}9g}`d$;hmt*RCMfh|K
ztuI}7++KeFNL+ndU+8;J_zvfvw##BT7P}XxU+hldO3ke|QgD7wdlv4!eDi$I;k%0O
zGQQ{XMT_P%%|qki8^zRj{2lz(6Hi~dB|8$kzV-}L*O8jYR%?!0Yf~4~8&et+8}pXU
zXAPV6R!uhRlTGYF2tj+Z7ax8e)4KM2K8*o+dpah_OvCT2UHPT?<nu`V?yRXi{@Cxa
zq+RMeTz+>Jw!1q1Qn03ecXe55euu-wUFDz7Pk*W@JZRp#GiHjrJ7VVNv6s>P{=e}3
z6>w-=J)D`2v4=Ak*CEYE{;543cmHoQ)A}9GJRHvMYX8HPpZed`<!#kuoS(-o#C^Cg
z%FSask6!9a=cU^-mr5(Yc3+*N!!c&DH4Ek^WRmPJ>M8z<QpJCtCgD<Flq&xFdm<d}
zi*kzpe!2|ho_E2=`yhoo^WE7pxBiR*!YS$_&AR?ZofNGAMK8nsr+n#i&bkP>tEuge
z%}>;STi+j>@8QyIeK7^zmA#@$es|<MY_BLA>+R&;$4X9Rax7{+nA3dNf+u-eH?_J=
z?EjRe`;NcIe7^31TMyOQ|H0~pM*q#KT6y*MGge`Wxk;ZEr20-=^rhe|_SZ$a{FFv<
zWKZ*HA0G!+p_+Js<G?E9j=(D9j=(Bpj>aT!y`(ZNwOXNi2J8)IMy-bfc%0)$wt6KL
zH>Ufh>2hlW5qNb=EK0Bq=9rJ1?SiL~gL+aiq!<$j8hAaL3Z5QJT|eWhV?)JNlzuu@
zQJT|;${nKfTO3o^`skG3A}(A2Ec&b4-ORoxaaCQv=A8h)?^3ghQ*B>jR?hX7?Yj)C
z%a~4l{#7a0(!R@czE913=kRU)85P{88*snFob}>T8PchGoUC+~9k+~Ah*)->#EsJ2
zd$Mb#;#33OV$IQwE9U-LA(f}67fuLd>?U^vF|JS{NczYr)7-yyw{dx-isBS7U9CGS
z@FXg|B(ID{2l?~jk_@if{{TV-b6j{7Ft66Vo9S_b5jCeppml;;4#_oR`7<7%#>SQH
zwSoI;ZOZS`9Chv3{khk{EAx+5>)Scpd5iF}0)~Lbj2<&zz{IpVt9Nm_X7bQ0qV^iV
zHST&OZ%-q_+?81@u=5nE19qN@A*{$L)7)o=XMKv@rzuw4-J{T}qmG;jFX@)&o<m+y
zNB+sDaJP;!v>0A42IjrGvyQtR!i!g++#;G9Dejh;JO>_=-B)udjNY%JTjD9052Q>B
zMxz6Q@dZ4bwFfRM_l42tGnsFcTmo{uWS;f;G^u!Y*#L`^kI8jva3KUFCJN!PSa=XH
ztx@0V2qelG?oy6xRq|SiW5b9Yc}i6iffD1V@S@7eX9!2nUj5oi<J#7f)Iie9aW?s`
z&GH4(XW!v`<JP6*f_RFM2%C&DPCiR10|!gImVU4x-Yp+HW(r3>xKPsAfw+^k!6#L-
z{bScqwFt#n^Y=NnQ07(SqFd%)h_m(I@LFoj6pzq0OqvK<9fmPx_coICja~C4#<>X?
zg_6zk+=*v$U(cxASnLPKv%mE;|6RcDJ{_PXu5}CTPD7h>&D;ZDR=CXgVxCEPM}U`6
zRG6I-C}7knU?RC166iBRSP>PkcotMagWM{_S;I%g-SX>pDWcsh+O;_mj@z4y@a!}~
z6vb1B+N=EJbpXaZfv7!i-w4RP0@B)Fhh#@uJ1N)XLp&P_<Im?YXwx{kg4oFND9p-E
zzDfv!=2^CB8I@X`+(6_uQr`+hMW6~vUXNdh{sye#kop2yz>b-G4m0@#FNjx?5Ah5C
z37S{_1zQ#FuH-9NlGo}-HZgF9Xz0E7<{2*0u)}5XK*gp9=Jx7QOukE2_2c^BNPMeo
zo8jLqWuB#+rvrkJuazE3F7h<9fJx!?DvZE0;8o)3WK{<aL`Rs~BDq<$g|)_msAH%b
zKB~3nRZMR6VZz#EEp1YQCK;wcDv{QmYs_DLjbgn#|0+CqxNfSy2ye+Z7!W3lCTf`{
z!hN7VM}+3&1@JONNZ#uAcY+R|>vZ_cJekR_dljXK4)u&Hboi-!1o>HnK!*Zh0Uhpx
z8oJLAoCeR$z_rfkP`R2OPUujtrW+l0i47epY`4lzs&p0TFw0hSC`X<S%^h`Ah|^)R
zS0o5MS~8<Yr1r}8S~~)HzvBJ+<O2Q7>gPv1=$^Jb?4zQcsSgiVG8#pd7hXLYP04}=
zwzx0P2(>6eEnT1Dej7{n=EAyKP5Zo%#>|nPLt|!?Zeo<W38^->%|NpeYb0R=KlK*`
z*ae9b)BydY=K@6;KCPMohiaZ=7#x}?dabpex=Mv#av?RJq6n-H$0|0%sol`(yA%O_
zys3+ZD|@dLM!g5kMg+c_KoVRj>{f@XQ};%m@%Q*mpN#K0%BI#{KU{_nSP`qqFJ#n`
zvX#}Cq>}3BE6A#tT(5LrGyoPhg;y`_DeChrXl5Kd(ofc%L+6-(rI6uWro3r+1uUue
zY)`%;|H|Z=`QK3D<S$~FP%5O=QnoMmHG-e~+pFN!e6*qmGx=WtqobX;ZdZ#}+ROWd
zgvm8?Z&_=dN@uF`q`QjwJ)U|<7}<~fe~5b%0J*9v4Y+u(-m9%U>7tugoler#EFB+J
z-ATGzARtRb1O!n)aJmv9ghV7!DXj)Xir2;sSE3DqLySS=f`H46I&S02jE=h)7gPk5
zQCtAWeH(@U`_8%dy;s$p5FG#iZ%EyD&%O8DbI(2Z+;ex;?7T>rx;=Us()dQf*GrBx
zUjb$>+iNR(Df8J!Ba?8nAusb|<bN>u0V7B|>;UIh2f%O_d*3UKa=tOQvyAOStRq0C
zep2z3Wloz&q|ss178@PphM=Ua^=AjraGF=MigN|wtJ7w2W^MvA`U|K|5&9pOaoxd#
z)Om%4+Ec-*decV!tz1xXjrF34f{6y<Q>^IF=jnV;?nF4`|5#orZBKR<i&sXZCyUv9
z($u_;5HA&ia<cLDdfF-EwPe|Rws}9m9YCDWjTvlOp>Q{8h3F8=XhPBsMFp{~C5;hd
z8i=B3B+bV(gQ3>a7ad@9y6$(R{K4#aIcjF_V)zP#&J#ld_aTN?BY0n8DB;?-{1$R}
zsOUG6fu3O$L|U7Y@l>q%M7iocU*xG&aYY;<f^4=<JC53$n<%x;Ba%14yt{IM!syK$
zz8uF?3L>>mo7B(zju`6zH^=Zp-PK%;1eeBqPP36JM|BE~3zf6m3evIgEO&E)DdWBd
z^`n9+wQJIOu~^0$o_*_`DF0z``C<Fs*j;`Sgzhco05mv@++#S<s|_sQQR*%k&81}&
z%PO(-dZ`eT1=}MnFH!g~L7?cfDN!SzV!fa0{Q7e&G^JU)wt`wIb`a!7uLRRERC*O0
z+qbPn+4;BhnoD4nj|Q!8q3r1XoHipj-wdYi9vy6L-jV?nH*+$r44ih44z*tWSi}u+
z9I_}jU244aYD6<Sbw9^TKPAuSjh7DHW}!~=4bWvu7RF1vKp4kMq$e3KiLYb4^aPY`
zjB_k)k_6d)7BQOfk`yLAULqhFFOdU!t<+nY8|F5=%nN~URAhztAS-u1I()hlp7=`G
zC=ac^YB_#H{rBX8e17{DfE)NHCkOH+Tsn3)Hj?&oDAjvUM$UKGvDDgD#ydpEQc@Bb
zOC`1aS`diZehnNBdFiHyybSIb@}f_2GpRbf1`!@z9X|4ycc;`Lvrdh9Nm){d;*0B$
zcj>$uJYOL^CrPNoBVL@;p%g1!hXf>b$gFhCTU{$$E{z5|n!l9Bt1ix$RY!3CpwS$K
zd4awEYf%a6$@ORNDT|qf+14Vi`uQEl^Rn08*1<`aXUePt()ldV`Iwl_t}*mJ>8!Zb
zk?M#H6`)lE^VxGxZ*S`ZC~HA8cG^-JbYvV|+xfW3%#zbHy+#fs7m<UZ)<GYUG3@@>
zIj<8gaYh5vE!NH<Fnie>p!&e_-;(8aR7+U29l_{euGjEWUXltYOvA;_`48|V1Yc5i
zj!!$sH+GIsJI9=5=(2N|N%Kh1g-+&JIHso|X=2Fq;;v4CtJVFzeDgTO0`PH+%+Z|*
zml12$7%xtncrRr!nkOM5x|4WlkdD7#f8k}8Vm$DFE{_@9PA=9At$m)1aBWCxn2VZc
zVP~<Lt5%C4mgP+B8sUeQ*WylFI7u+9BXSFGk0<QnU|5*LI&7Z8U_^_#$w5EH2;`Q5
zG9yC<KaHXDkeyJGBU#bw!EW4wLMJ(J6<xa^bPmwk%GQk(DACg*L-&B^hqG<D(REDL
zX5xx$vUl1{qK_=-2x9s4@OrhVvvM~RPMrG?th8qBirC|L;my!Zy_gmeQJT!-i)`yH
z2nyO9qMkW=Y4ArBw3bOJNKTzuC~3rmD;-R@^1PUa1kLBf-`c?>VR{*T;y0z!LuM8+
z3%vi?DFx=7nnkfU+A9A)(gvf1<D!F5*EP|jtZHfUNsZ!E`O_Y$3>^h##p6X#tpu5u
z!C*;B@8i%U_5>Akg=zG&+qX>Kj0f>31yD8|90e0)T>m39sCseowMWW2UA6z{s#}wh
zdts!Xek^qAWw?jJSfHFpA6{pOrD-}b=y!v3TwUbDfbDmIv2y<88NkCo+g_tLBLr5%
zPI2ViU-TA!d(k`LEaHWRBb<bc-U@Fm8-5l18tZF)0nN2_KillDz|kw6Z1@!fXrz_6
zX~PS`_W)1>jYO@6$e$5EJO%MNr{rd)Q15lryD>Tr)4@1wZJBDn4GIa9uvg&VkBrTC
z0Zn~t_Of>XK6ZvX-q%|4Qqb_>b8)~|Xvkj5Ak^h+pvB}3ks@xOe>FVOO-Sps`MZ6K
z(`La|j<lYO<az>HUmQVZwku>_PMfT8eK9>TLGTtJ64{J)Gt_C*iRCnUn<OEVgk5+R
z+i4TV421)<Ss<6pyivh_qOhX3!&|TIJMLgAuG9Pw*(&_wvfr4rn|A;Ua$1Srq{4d`
z7P+~(Y;F$zqFls)u&D>|9Eez>;dM0Nk(PH?eI9i%E;yvLa&D8>Y7y-tDdH-;U)53E
zeq7>&SyP;SMZ5<7sdn_k_k+5!SM<56)G*Ig2tziGXDg-p1_lh;0Nf^$j&}j4{>Up8
zvQq1oxQ5C$gi^M$()uYv%D$Z74}TAV(w<`wixL!GHLn#HZnx6q5N4&p4eAHRlQQxH
zknrQc+#B@g>J`77Gl!RPN0^*l1`|2pht)WBuOFDe>Wen)Ih(f{^q@-}<s}Alm6bWY
z$lyVBa!@ej2(B=zJmf?-BP$0;%2_K2Dg<nuz@g0)9SHrFrQ&hgl#@U#R`iIs5RV_-
zN(a}S-9|STy&I0KVQ?=#=ck=EBaTCdQ9cw01|UQF1(_qb2tzF5hwtu0OtRnD=8%tU
z<|N?apTTuFZUu6)bIlK;P;x1deHj|lyXj0Ozl+zR@qD_Vv&KE=;GV7MfKM6)O;;z7
z{FN%G8~sqeN$K(KsPaT%0}=UyRKiXv<Jb^h@(`{#ZF0p%<Tu-jpE(1QhATzRCExS_
zf&e>!&@0MHhBw3Ow&ucrXZ;DadLo=_bLv+@QC}>%tl24CyLgR9oikQY-P2Pa)b?-X
zlWIm^jnRZ^3nUq&j$vyAdzgBVW?Q0b+zS0x+mM<D$23OTA#IgLKjyd?0q3iC#&jD1
z9=2i{X~KCFrxQF4RNA`b*mjbSG#nt8mecRE>EJ4MNo?B>=FB=8P#G<5>aK#xV?HXS
zSaVC24{Re^8^6*Jjk2?jMa49H5G5v4hBxDim5z{#39;~wCaj8H6Bx>1y-^8vh@wVN
z$x?}>4&^wIw(2U8tyuYBEjBGy0Zb5Si?~#!`2h&jJ%_Bo<nP_@KuQg9^=_F`>-3jd
zJ6J^-Dvj+M2-v=Rteg)>>o->!vNuwl0g1&m42j6Xh^6gngj3?6tq5&h+Gbz!yUeDb
zG=oLjkxGiX3Clsol>|r=`?wUoM2sng<VzX1D2P^uiJot;8)@|WmHu3Sg$S&~lnZm1
z;VT!W=g?z8@#0bt&R{d%)Q_B;)&XW?rL)P6FSEM9D3X-2z*>yR_81?-qYgD;|B5;o
zKgepHl*U1V7z^V|9+g@-S<^l&Qy9+_IR1uRMHN)LJR9KkN(fyR<N7|jgDzz-yTrvM
zKYw888WXx&L#v?%S4Zd$nbb>7>SdaGIaBlQ#UDb>U@n!-<sXo(Sk6kicLn#WC}W$V
zQ1LR}$6~F;OGOiv(yd~0wju%_HAuX$*yu<j1mj107lCPnte<?Rjj|}a>P+YVmJ2k2
z#nzC##7_ML`N@9bRNGJ3h58R61a|7b!SQ07^uvt)NH(cN;;W=V_(^buCMmI~N%{#i
zH)E2DO?55uodB<mN$9kh??Oi4M*xRR(MgQJj}q8shH3=z^-jWQc}SjO1X_FUV+g4q
zykL|i#^hrZr}<wboA#RCRd}WJ?f=f8HY04`GJ!U&U-WPV(s+x!zL+rqr*#OYSmE*Y
zMQ(mBo2P|X(gW*Lzr>C&9gp1ttu!h6ObVZ}3GpD=rx9sGb?rt>cil}@br<yHmBx&#
zF5Xb>=?uXw_-PYw|4l)ZjT~FR6tp2}Q!qQ<6byP$%*B3wj#L#ljuo|>P$Bp83-U)Z
zFsT(xEj5DGrIz>dxKzPhb!5Z%INmM!IGK$IYOhgBeGC=pLLJgEePq23^|8N^Vaa`x
zc>U;8bcB{Jq}p<A7LnFD^V14ei?DW|rd7L5>)Q&zDi~oRL?Q+5PDmS(z~-Z)Yx^go
zO8IAOyU#+}x@|knSVe5|yCyrUSQMpaQ9@3gcpskOu(9(5jS>|8hiE94MQlEPC~P2-
z0vbNH$s)1ugjY_Rys{Db%`$kIFG6OgL}ud}#Xu;)o`j?|9y5&2RGXs@lL%pqtDwBy
zG^I^gW5tHXxz)Z@(!u>mN?U|Et1Z%rR73Xc40>Tmk|oo_>vGe$@l&)(L#Cc4R%%dL
zv<u9)>IJ=c(T_Q^79e%R35e*<`Y5j6fIt#icNB$6w0xxzOq_*ZT;nsK7|Q<0zoY6o
z9}8&NAOD%bTxpnLP6d}YDJ-a#U{^6;Yd;k(*mE{50D)DD3xuiyH8Iq&##Nx=oE8U-
zAhio+#PydC!*0jxc+g_3esuM!kQ1GB&rz_Xyt`kIcp4|Rq(<40&B_l2r3l+eWN1Lz
z8*W)jlvy4FwJ%c3c51R1{CBG{)bL)^m<>s*u?0r7`&444b;YBZUeRh?+@KIqpT#9W
zaiPqPc@HYv>N61+Mw^IZrJJh|?&D^*e8U(JEQuY0h_#llufVvqoS%-z%XyBM6*e~}
z#+%vDz_If;%D8vYavCGo{m`dvt51cRB=bVhU)0QtN#;eHd2w1YFO-Y09E;_mW?p!d
znQP0Dw|G>AijKM+Vv<6X7GGcWk_tAAM$fL<<TL$C)n;s=JoB`mE9nAG)Uof-emI-q
zo-6)^E3hYbwDs5(ndgmsc@lfbxrw>yU>0Yzb*ca-I)S%(j5*Z_JpBU%uIU7RNMd4g
zF^%(c0>mcrH1OL3Jfai$e8G8iC-5c#uI&WA5sh)=%SWYw;rnr2W^LW<mr!I!tTDN2
z@*ON)?d&wzMNzqrer5P&Fn=2p;0j`Sg4P`!mEpyJSQaziV;err1ZBN}MOg*m%G#_(
z48O@J^m~#d{0{wRGkg@|3j-89e0~P^oolr3GTJ&u18Dme3zmo{3OE%{0gJK&i@Z=`
zi0yWb)F#@WwQ28Q$+OW{=y=gr>EI2UuZdTuV)rOaJ>L+I7kyJ)K4BSsi=S=&juo9n
zesm|k@XW5c<z2ka@FEXg3o+@1MbUSd2p9f;4=$}?W~kQiM@BQo8s^*&b;S|1g>@se
z*(_z|XZsvGG5d8Shdmijp3?8MSvIq7pS|oB&e<-?UP`z5Mogs29%`B4P0y@W8qv2U
zF@Mn*Nb@?lEbzMNYGHa+sdXE*`mbfq*=aLgVts!XKJF19Ka=%k@!2UT%oxxw!z7F|
z{LFh{HykPbi_}6}cq6~G*+~F8a^~N#1_C`}M=R6E(JyIn$#{L7xXn+e3z1^rg0mtO
zI}+bg=Mon^I`fXl>I|{7Qcjyi(_fM$*f^&l^kFg?9k1rPK)g7X&K}C-RD#N22!9Om
z=C}Y;EyR&G3Oy(KTr6h{)u-;&P}}{>CVh*G%Mq-PMzy+O(;iHXqJ!%s$K<7SbcC@i
zltz?8+JppxBTR421@(n@vmNT(^&8RWAN8o}PJ}YC9l9t)=c)SuItj--wo<o}FFTMV
zAp(P}&Ui7S^+N+=DXKL7-{3JW)`dw#nhJCB@I;C{xk|N*3L`s%jj1mzNPHZQsqF63
zs+u`mMa_t-6<U){9W_ah@6JG^HpQgQre;FvNcu-=8{I8Tgv+*3m76#(&W>v1G9X-0
z`Zy&I*AZ(NZz;tvLp@T#ot15_DK<}OTYOU=-CK$Z$0fPUUC^POb2rrD()`nNH==?$
zNUER0d6oZ$kgHx!W^WiJJ$plcJbS~*8zNpOjZ12t(>4UHpL~xEw9__^8of*o34Wcn
zkxx5qgT6Gn3mKs&`#v0&Ti@v6-e0H9AXzsnqDYJ&8#&O6aLKhY`3syxkSMz3dKYFP
zIM4A@(^rb^v+YMnHp?F|f@XildsCkdqd;M_fo6Z&33~=%KktOmERy>aQ)y`x$?b|M
z7>y#iYcU0*O*G4!7gI2rM6<kyF$H@Z@m-CZ8&j|+5cY~r*e^x_;|-4zuXefPN?F{*
z4!ZQ2IMxzAKy~*N*cY>(EQ56~tKodigM{7S$P@E3Q+Px^x*M#Ct%@Jela20y!`_`<
z?cEn&-8t8l+WYlGM0#|4zaDx2-tR<+Nm^?E9;r$CX7Sm+8TGF3WMGX5azm1^5vdBI
z?I=!)5)XFJeG(9Nl79Gm<cM)Pv(&YkWFH?ahRhm~N8-ig)ph%gSMa6w@nHbNjCyc>
zGw8jWw`_418@*#bmzT|ZHT6Tu&f<%`${@yLh+#hQvaji02OE3N&M!%MaEUC}QHIJs
z781+3={bz>>1@Q>XxXen0?XtNWa~I%<q-v)G{enEtDK#@uPo0_1+|X-gG<lI<T-B*
zBS<(&eS^zR+mw`X$Hk-}zucKD?;*bbF{YngU@rCnM1zFg4=0(6{Uv;lI2S9Cb~tS&
zRiV`Lc*H21Pg`%h2PWthT%pz}+doj)b?);_qZ4q>il$@qAQCxkCdFY#dUUDYd?)Mm
z|HF7rn@(aZ{))in--sP1Bk4)RQhZh{!7ZUyxCI&Y<UBt2VmRT$NRF+u!jCpFqFbb6
zY!=xrjjOZ;7XAg1p#p_a5(geb12#W{ABb`cj`zR#VIRhQQg+?5e1)_NA%=|riO5bF
zc1*3Y8FOX}ZGf>9gnLsFd4+mxtaxVYYzy%rq>r4A(^||_UNMkj+4MBw7{Vns;Y9V>
zJ9C&R;{-JQd7Wp%<P$D7e?Vb5knu58>Q3Ej`$l{o%{FQ(H8#{DBG4VNSAgC0DQo@a
zN5MUrcAm=mrTS=!kIG)`;_i&X$#JPS#e-R3VKe5{gi2|^=^AtLQgLiax(5_zod+|r
z4>#F*`)g2y2Jss>P}Xhnw&`<cUiny&uo+CM7b{^FJH2b$RaNtP`rlIv{f~@h+~~K8
z<#z^)c-!>3Gp{9<Nk_1RIU-4pF#ewLA;WaB&5cb*=kd=1Ke-n=8?5SU{S7&_j(Y{N
zlg%>NER^*)o_Z2NGM)m+o5HEJJk}_S%tEhw=iwN7eLN$jvyDJ6ef(Ou{EK^@KZ61!
zjx}`jzXVjaMt|xK_=^enBV2j^0P_-=V_5g;cXQov02!k;h^OQGAiz5wt7YBr?cBr1
z^{rW+x8DoS{=XL|UL&DMhJ8Rl9xTQ9aT@O9y6DENb9f-)fWf_4><>8{GqWr(y9f;l
zdR%VzATW=eBR$v;YhJ-9Ozv5*Tu(Yf%f&u&0(nN%1s#lW+T=2}b8MX!e*0m%pk$cV
zTQ>95IK9(m1!x+6#c4=c2g6N82%NYyWwp5Vym7pXQWor_tqR<fIrG*V9<5o6JE)yD
zMI+f4frs1#qP;3tCwcmraa^+=skC~T)xb9be6Eg|vA3z}H19wH^nxyS?feaGrzgP0
z%Q9%l<*~ERoxIzx{U&K+AE1Ow8_N!&A^aD-E$@}KA;5V3EAn;JCXfDxZ>?L0<;Wb{
zRkxVFdx+87Oyo9~px_JE*YblCIouCCLyv^V%HAR5G<!xbluyba&$S)bMJI;xQ0*kO
zvMN++oi+=H9*PcnsAWI}5mKL&3NHXs8Zlc$Ai^YlqqiWTg}I%1Z}QfT;)+gWyW4!R
zmiGo{AiNj5=E2qj3S?{K(D9;&i4n6~8F;~9w$E|UeS8<)PMgWFA|$Tc{4sEK<_H7E
zwDsXb5+3gluAl4|u51P;V-}#x1zqD6FhxqzX0e)sU}3}nr_Em%iz+N%^96tht40($
z(8LuIXae(MtmrD3E!T!kwyk^d8=#3UegPDGN*6=%lN8*>fK1qry0T|$K415TexbC3
zDofK5M=MQ7>Y>OWtTVgMIU~5<A`|7v0{zVM(@t<^>A@S`2Ox6f!BczhK2r=tnnL5Q
zfDrk_P~(^6AzzXO@@`AyHt{-b0-JlF81QaVTT-=|V&?VeIlY-fN$pqnngZKWQc2!`
zB$zmsH2ay$wMi~V&fEx(n+@Lxr}iN&uV}B)J5~)rt@5R$s7RtmJ_$*SO8gX#p<QrJ
z@)khv!8yU8sMkR`ZHe8Mh~^u2vSjr&%DHLRpPM${ifn!ySaymdNoOI%YEr{=OL9_J
zjw{AYR54lXiRi<oLA<-Neai_OutgchhZ`OaHQzjvY&NQ@c{DvsF$eM|l;;GtbHSeK
z;L$<$WP8_q9^uF($=ZG=#C8_Y#e{~&PXDF~V#;G_o{I~X!pKP>O`ZTPB!wzYn!w7K
zr(B3BGVPLII{}s~(1r?`A3vD1Yu@R_KUzlt7#cU3K6<>UOvi2B0)ZCUi4FvS%A2ln
z?7qBowEpgN0|1Czd6^%fsa`?5p-mt*kWU@!w3)eF$+C3<4@I~mJarweMb(Y1Z!JYH
zIg)|4O?Fqbwj@2LNt@Z0v1zy2v{jQ9J;Q=&X=Sz#Le}FGU?mGHoq9x&25{n(ybu<w
zEVW+1d}TEkVrNURzKDMAg&Hwt4OtL0Zv*F605^;3w1q8_VR$^s2Ds*wgeqL32QG+H
z7GeHGKXgt~^9WA>3Yio4CtnI`pxaIC22P$#T=I{nC&?i<j}VlFbx5<1F6gQK;!*R|
ziXoRESsPdz@#GCd?jy!qpo?8U>(6;U7Fc)Mwm)^h78FLDVYkSczF|oH1yU-FVm)wu
zGs97t-c!n*jWu9wHsGU@_d!>T<@m(YLk{lrzC5uV23c#_XbBxJs*s|@W>`DVW?*#M
z40Ioz&G1OL_RnT;<({7TxJW<dCP;ttaS)nd75GbF^H@rue5S)YEdty39{2b}Z!Ce%
zpnbhpd*C#a!EwmI7zJ^keJWtJm&B@O2!udV=$I~gDL(Oltajf6kwkDKfwBu;#sr+7
z^)vDPPHh6m59!cV1j%EFj)cNkK<D6AaKQ)~rDljy3$`|qs{$KdC;j)#F`&|$c|2)l
zf0&iK=~-r_%M&{TN3TCXjUXdem>A(Yrowpkq*qz!qHOc)$dAD9#z2~&2eTM%bO@bn
zbSND!8Wo?VWI8&Ge)MY%;EfKaCp;UU7!BjWYcD)Q$rJi`{~6a1m+-dnrMT6I7aHLd
zwYNLW@ir|7WhT1tX-I^gm>G*&<6d`WpUg_FU`Bb>_>bW?X2%8ArZ0R75U{C+@UR{{
zS)+YC@<v<J5mE}h0AvqToFlf0^1FibI_rT;&y=xN>c`_m+*w2~5j;Eurz#ZVtbAcz
zqp-SQzUl`Q`Z2xg1B$K2JWnO6u&@p!OnwYkpWsQ_Gl9qt<k>Wd;iI>~dugV_LbVFt
zup2;RSvl*5{yb(0>-JH8U+!8qI_f~xQH!!Z=1UVbHTg5m&*eBW^EK$D3Qtd!us0B=
zWTuO54o`9V!<%tZrZHLyR{gw&`ALe1^hnse=(H&ttRqO$aj&-Bkn(>!`qUG}wuyNx
z*t5gydxmq<c={8s(E00qeJHHgDc~XAbIImHen>vtpfIdT9q#nVHqZ!@gHkcP-n`z6
zs{y1cap*=}&Jo)<3dzsbkOJ@2<A1vq@l@Q`f(P0(J4_?vmAXQB4)W%X@Ny1M*7>VT
z@pt_IA3J3{Y!_!xxhVA(PdTsS>Mn`$hu2L{zSGcA;P&!VmfQ*i)P<mo4L5=yJE#XU
z`Fb2kR@p1(yM^yW4U&{b?qb5ai7YXe5?SgZl4&MCXx>KiGcN-#pU_n|N_mM}IQ;cJ
z>f39h=xz%<>~k2Za1l0F`Rhc=HA*3FE_NO#KY3>k{UQWSXsq4fdcky7pY+BWVpgB@
z_6DbAD%JItOk?J>hE0EL=RDgdy3fm81^F5gn~geX>^P^*wm-WZKVq-VR`G@Vr!GXj
zjy*%HE&(lQb(zG&apI9wVl~-j30g3*haD!_@TtgW0Joow9p=ESinSVcgTUL>Qn3+5
zVu*+$hAEqPF?p@RpsBh90@FOxU>y%>LQ1!9S<UMMAwSBTb&WbtlH+p1RR(EFb7>^r
z4JQ^LM#_T4%nwyKKO_q=>nC<CKr--=zci-kA}VSEotu;!mDs!)y0Uf8Tk#?=X5otC
zWdr&6I}8Mu<=$#~4cq`W@-B$rlv{mX&Bn7S$M90$L8gv*wp04Iw$w4Mhc_(3`<FrZ
z3~CE^xj$^as*CWNuzce!JlVst2kH5TjY+{Ywz*HwjXVVJhCMq0sVHRmg?xj3Zse~F
zsBF4G!Uhor;4*{_B8=m-4TC0Z3Bmweim)XJ`xV2Mn6M#)0XT%PA%y*qVM8WtDZ&6;
zg0Q6s`!vIrny_UE18@*w%MiAWVarU|a)bd`xlkw@4qu02*ZweqDBCXCMsYtFpYY&+
z%C8Jdwo&*;G8klRqu93I4CNf+=`w#CwIO)pX1Kh-KV3(z13b&0mTZyRh5(Uu*-WPa
zvQ6&O3k1kkInH);r;zP(3kArQxrG8`+uTBV$kw^e6xbj~g6D0J1BLAWc?J~oRd`$U
zn~=<+#Kk<TT;S5Y4KoeRWBJ23oONTJr1LYsgL@KmV`6*AiBFlkUtg-=(Z+ZdABQ5d
z^;svsN3N-KM2Xo?JZo(}u_9!?jGN5uI(FM88f`g?t^wu*+BCP|8*kkOpx-M5=$jZ`
z)`bQd7FMC=j=vJ)>g@1&W5*BU7n_yQqi_{8#KPxXe*wQZA>?E8(dKe)xa@Nq(uEN7
zasda3%*rS-ocg-HfBGYopMMo;YNJ7A=e9AhIT5mP_(nvuR^m&=XBEC?`J>|VkxpTd
z01=;s0z`Zk3XnQqC_toSp#TxMD`0D;BvCRKf$I!V+sBhLL{DU2D7HPO3pb#Bbr{i}
zSj*W?YuSxfqqs1SC+K9ONjk!U)J_EvtZ0fs;l)6UXTa4E=FOgqa0}$%qO6+2Fn);-
znw+u2jfmXi<fF$jX`8<oF`8Eu)gKhF-lqZ5k3v5a0p@>V1kn*p4Wsx-xL6jG2qL}g
zL^)R3f_gd`WfyH;^k-S26Q;Z4_k!J>(<Z)IiUB)X?ftfbVCnrf#AHo_W+hqn?GM6u
zBfT(D;wWkfr6EkD<$($PY#_zKI86u1-vYn!`QdZv>0}L<C^_UhGsp!?cH(Rtv2k3%
zDETxlr%gr)L=TPi@*E}$DOL#?Egrs9U%)m%dbrG6Sfbxp*j20ri<L3hQ_@Y@IzA0(
z%1dHEQ*7oN(00GaDOxw+NduFEaC+*MoQvmx=Ws%4dK#}_=cjXfcIJjR<E&C+v?o~g
zBOgb5ayY_-z<g)W&($uUL)%t)7l|A)5;@C8F4tX=Kafm_=o0r)3uhq+Y&}0(0R>&`
zmzKiSKA-ZODBGfgC9~(C4*lA!igHSiifChQOBVFCoHqf_schGY*cUl+SYLv)i*D<2
z1KbU5?QwHa3M{kEeC2uP`dJRP`%CuF!Wc53F4oEAC#!o?fI7@ysB7rz0B15KQrTB=
z&I^M@K<tCxxrtk`cFwwfJ7|@?Jyr)@fO77S4muVrg7P_zju$<SPIxKO?n}|Q&2OPY
z6b?j3GlkQpW0(>hLr|N)=2Dql*aSxEk>dg6hVUSK9w6=**263Esk$^PkMW@>IBz0^
z30@sZe*;-sC~>2K(ZOQdopA{69>TX={>$WAy-Bc=88p9xNGmKZQojE=Xr=}Q#}rC~
z8B^pk&wxIBQc54L0d}ho`Mno?NWRP-#kjFPoB@MGALcMLApfk;QTlAY>oGC65Tmen
z^-LSGH)eGd#dvtsSWAR4seXv?>Gb>LyD@odg0cH*6;?qt^GB6M2ad#}TOLhWAyH%r
zH6Y#eaE~^IBXbivZ$)8^=Qlb94Z4y7o#;wR`Fve@QDT{}3P!{-VP&Cyu^2oMUWqJf
z*T!>uk4F&N%33<v=tMf0`8t6KFa^m_x`flUa7O3)4Uau2M%tL%C&+TxaR~;mD|6^I
zRt{mq4W@fA9N{z&KC6Ah@>vfBKB%6ht&!Ip@VvBGO~bGIQ2g-aARPPgE+R-~^L*?M
z(2?^t1ck3+!Q{L~nE0VjoDAneJ<#Q1ej1zdUPDAqrREP~Z7MtYV8C@LPA)gXml6lg
zy27X5=i>{dK+_Ii$uPLDpbNZS27Bb>UX`HemT+&GlbdsL!_#vQ9e^_^7wCm5?(p=~
zeL6qsWuAigr=dLsa^leKt*^oK&YV+7r4fI%&mt-1CDbV-pdJxl;=SF^ZOCt^T>_dm
zVVjs6zLo_mwQh|$RJ)Q@6mDi{R?FQH40>$edL_pO<iRiuyPw4vFr`1v<B|0tC+|+r
z&7O>k$J7qG+?BkhB`;HY!;|;saQL+*6aLk{$*%?&3I~#(jIFrWqse`6m5sRYWoR>h
z2j#cI-^vC|-)-EZx_=09Syx<3z<j7b7hZ!>=~@Elo4ntQg_kAqaMOrC&41~**~y>R
zE|HO=8t!+zIewmjWx(V$IC33OhyP2Bn~hE}A};PFPV;7jjbnJT8?J1%t0@eYBR1Jy
zfgQQw^$6lopKwx9oC*|ZOHVSG=w+i3Kjn~RJDvK};Va|rWo>LuEc)ZzY37GF64~WW
zo2gv+4KctgvR4U@0Di1{5C?fl{y5>00AhB8@y8aSH{nO~XJ}twDT+7lkGutOYmPXw
z|3y^5KoH{n3Q9Rd!+et&Y{_pz01hJ!gl}bx6BWA1vjFsUI1ELs!J;hYwj~yPv{Q~i
zU%@|BEZnm8x%+Y9l5VGgZ}7Efw&KGg(4Vjw5BD-H15Be~)}VN0R`0Kq{oS}R+fA;s
z)2r9;%EQ@AA*dvUH#Y1^-RP}tcs}DTjPPUTB@q^JqZ=|q$j=y3yCx3t##S%#;?R`{
zXzfmgVhem<>z!Rte+-i<DJl^q*p7r};zu*Ya>41S2guWt>3Go@bf8h6Dy|ouDXt$q
zMciC;7F-GmQ_*EIx=crx@#r!=U8bii>A-I*S5HpK)m16EYTnAK{Do%VN;Y!)>ln5`
zGA~zt6?C9x>q_P#eGod6$7;ADcZz~?rU;D4X;KkHk{%1<iB2UOz5z6VGiQ_blL7Fg
z=~xI#BO!5F&PbIdN|h!27nTKWgwb93Rl?aur2PckRmo7v-wAgh!A8+R*as(nytDEg
zR+q@4ld8<gC0LtcYhOU_rdi99OvK7<z8&$#(1heelgX`;ddoBpB@`jwFY8R@Kvx8o
z8MrV6D59s4CFcWdS(1i>F%oX;_$evA;Qf(AcYGMA$QQ<T<#!>zFtmd&A4(eQy$MU)
zCg%5wd}w`XbPke0md_=XCp&F=lTeDGgjo8XnxgMTY5G1v`d+QET}d+qStB-Ae&tS^
zMAkUwQCTDU;(?j)-Oz-ZAiNK^-fqNhbet9V8qiAf#+fOj#h*?}L6^8N2CQoSCj%GP
z(tBo#Ufj2x@bf<nKN;I?^LPJrF=I*-;78m9U|mqV9u)o;(Y`-6z1ATTn7f{i7d?Xx
z6vcVsdeQlCSrW#g%V=~hobl;rd~4f%l^Li`psm5bq>4NBvFJ!?173%AMx)#SjG*fR
zI$pGq4(Pg&`5-@r(q%ARhSQbsL?4}%;_XY*y!|F=ggzo3SAJuCM3k-|j`b0-yOM{1
zAS2gmQWa#4ES;WGqD+U~1FiEJ<iw8X=AYY+2!-2Z$Q2j-v9fS>ie5g>68FpBCB0}{
zOyJ6I(zZlSMCUNnw5`t~f$E%dr3Nw?T;SfJXpVy3pzL-ln$^PyxPw$DZ>ppeN=X!o
zS;+<;pi68KQyL9s&0RndZ8ilJH!0`SQsv~kCUH4`fJ7`O<Gb>^P&paeQBGLIknDSz
zcuyj0dr>FPL~2OZMRdIAS#YRT2<_A=j6j)^7zyp?q-ei7MSJt7%pUrM>0J4xej#30
ze)p<hm>|(FOknhjj3b2i;V+2XwBdp9e)^2uG)?^`<v#!SR@8VTDY1Fj#!jEIVT%~}
zKuY6A7b9mUD-Q-lTlwup&!&TR_Z)G(@R!hg(H3~f7{;f|xO5qrE+b=H)@D3OAvPoJ
z&T~_|dqtXeztIA*9h_myBlunUZGIfjWsKp}2(xnKxA`2rVL<zVxw`Tjw^tJ23K_P&
z-lx=x&{Rh;5+@>Urs5@%l$Qw9i<A4X-uQ@x=y=ueZuDG4p!FU)7}aFM-ys~$`VvCH
z011UF{(CS0r)f?l@TZ-Y`>YGO3{))uH#`7{qUQktxc+?NAupa_d9gPXze?3#8imj$
zcz~{D$Rc)<C+Oh{Jk~vXtsB}AY?Dmp%5Typ&6oi84nu`yIwsi2mcR_gFnLGUo%ucM
z*r1We6|luMtYH_$Y!l&5AP$DSKJNAjRt2qr*Wv9mx$R2%CPt5rd8fgbr$d%#N2OR0
zUb-5i5r6!6CtQgq8%jBtKPLl=#*y^7=2<wDm}{ObzfY6jbL972{LZjpVc_zcW%j{=
z?QiDO0u_1fh))d+y-l7PXdNc5KG?E*bZP5Y`nRzl7@D=13M$Y?o#OnAyy}9k;Lku#
zDcA*)jOFJ>GfXmzNjoq66T;ajQ{mZkIMXj2j>;4~wjcSYR6FCN6S00Rk|NY4W4rR3
z)a64!kFE`M$xu_54+F@4#7XWr1BFSy?dV$%eXZT(b28>}M2+;}0)>l<GR*p1S9pp|
zi%HaOWfQs+%cfK&ZrH=-aVdFqEv8!%UZo;s=S8v%+e;*HO)w_9{a)?^G~;4@Rl|&n
z`wib1-<4FVe`xb3d}C+_-#DZVD@bcC!^>C#<SQ=5_Xi`4<NGRHQ7{<a6UHedYc*bO
z(ukYTI-RQHYtnVRl<85&jPJ_t{@IO;FLon8RQsVRuxky%VdA_u>0&y~xTK4L5_|zt
zqkFxAju*WU4hu{uU4rQfJk~vpR9UvC%W^35y+@O~f<)!@5XIyQJ_RjSq^_XG^(z6F
zB$%z%h{iNV8gt*M_SqnEm}j3|X{Zzzy2iGvbtyVum!>lmp1W-(z*B?Fm1<MwO{6}g
zT?t$Ut>H2xAO(<jOF`OvirR((apU~)uz4(>uTSScF8SlxMI>|OccJ_lYUES%mjR4i
zpU?S;WB_v&a~I*A0^$${0XR7o8JZ*%btrz&=4RG{N6!Fl-TL?ys*n3x4|Hl_zxjHE
z_{}-_y%xVSN3#Sesh?$LoK@6mt#A#(BLYFliwq$W2ZV_KA4!KyOAUm_kS5msqZ`Le
zzdohkw<*alrsG8~p#yvBrKSW7WpiLKU53+@@I>zLB2QfJ*QM)yEh)q}hIm~0)q00r
zM3k=lDhReHvAgmsARWgrsc9liq77f;>bH#L+{|gHWBzea^H^l-nkx|w*6AzR=el~p
zMfZ=u)Uy|u^?C*vq5~l5gP|l|hMX3_d&EBkFZd_;|G?IjCN-u`L|&)(&~uTxWLgE(
zy`0oZ>NG)*Dm7>jEOvXc8(j^gklj}hcLIH-LSIEF(nu&=MyB7w8BO@*WS)pR!24ol
z_p%#A62^}9C7C9ks{4{yQA{oO1%)D-TI{zaKlv3EdAoBJv(%}LtC*{NZgj3<&LQp_
zD&m`o^xM#Ip-4h{Tz_9m=5>_tY9vB=UjxS*%X-_#3%JqlweZ#XoP`V|=)*9i*U|Tn
zqif)=p?PSi_|OtLEp;a4yyjE}+!^y33=HTe1{%yt2O3}*Gvw%l$Q1|=ajB=Jofv9)
zJ76I2b#%Pw^>D~>Lg^ArSKy~{@+6!F5p2A3CP>`mWb?HKEN)W6ZvYtCTxUY*C0_CG
zNP5(#;pIPT6ei=)=z2znj`cE~Zy~VDN|I!QNuS&Qusr=sR>b>IZ&!N3WFBXh6fA34
z0(NvWzF_9*Gv)w;ifdvV2h*G6&*e2)j(-*_;MInA2Ez@AN(^*U80bx5paC%uZe@Du
z$6g27;aDRn`d?$&p>;bvXSJtm9`4k)1Vv>b{A7m9(wjHFRA1Z7$~$Y#7r@f=XL^xS
zpIcwzd-@`pOoQTW<2V_r{*53Jb@I=2yy!+atP(=$5=>X%Li1DS$@@{)S}IBNKgB+!
zxs&3Ep+YgT-oZSx(VI*j^fE8;|B~h+=MWcV2hXcam0HeqHszvhm1|<>!~oE}lc*q%
zZzc{@l&qdSpNs}V2GW&4tiV}oau*YM(M=}pTTC>98QuCBj_$WYxxXAJna^%X<3(>Z
zam7XBB7Ei$h#V2nBNG(?HWGx}NX>m()nwGiNxvELMsE{*<|y;q;mP7;BV8=)#PUdg
zN}7-Zli@t2Y|CIXNQTkO;p8_Z?I?N&qJr7)WC~24%<zHR@TJP3knePmVhM%I$O+}I
zV(5E~z?-|QqnnA(jot-^w9*^X3JmlUBg0cV{uX#a#jPgPx&(7=6r1*CiEuUd`VOzF
zdn4E)nhEDf01Y&6RD(S)3A~npw3fK$3f#95mue}lv$D1X1Y*R!)<i`Pa@r7z;`T(8
zveCN@ZQ|}Wyp_kov6LIU!Ac>@{vO0chVL~A=w*?`f1v|ukvVWTdLQF~jDIl^=x0Rn
z)23R9Hif66(2w1kSTqvs%P%L-n8=r3Yp|$Il+4W&T{3sZ_{M1Yiz8QQR5oA^U@HpH
zx|XF-`(yTB8Sg_dc{?UHcPHgE{oK{I-D~rqd<hznU{2vYz$D@`FJ`UoYdzGNo4!pN
zAYkS7AVX3J8SeOym(X}YXCNkxcA+Ap_k&V2*AKuU_voc7e&xmEK_l+~cQ2D03S}i%
zUvzguzV<#f>dR{|n%LNae)Fvq6Ty?PR&?ECfbUgY+m+0WWyt)DWhh9=^0(1AsGZij
z0hCw!W^M#Kw~?{JyKH8c<z2<~!kds=w)Lhr8U}>#g?~|2mR(yP1yli^Odzzr5Ci<y
zcbVh|F(B9aH35H&0r^(pp8@E{kKll4eh@TJ^8QU+FZz(Ue)M5+bJ0h{%|{=FOI|WQ
zUB;)&_;eYcF5}ac_{#J5qHGtC=Vq?p-LVAw&0B=AOe~B&`elfVvAsZvN^9WxrUpXR
zgM!XC^%U~D9R;24H*c1Nq)kC<{N}p^L^2hG3Vx@6SP}&t=r?Z@5Q!ELjD4m30$VR3
zDb@N7NuI4=p-2bHN{aa=B{mL8u;0wvelt`3#<t4woNIKwK3KK-z}5unDJye&uC_(=
zTe4d@{1>FeoRDaBsF~YAH<>Q(`RWF`gP6O+WnmCYmJ&YP4Zl#~)t<ct^zAKRpgSP3
z<NgB_LAw6a5N2J1F-dIc{+z^81NO5fDq$>(_@Si7bJ7vj4{)RZV$e|QX<!Sg2kp<z
z)ZxBX&!c7=dy4e|nplk2d;q-{pKX}Ni54jGN@McJZWg;zYP0M^;s=aI)#BR%oO<6q
zGMLj0h<^p}b6pd$vW=pfmCi-6)(e>HNivxHwOz+souuIzSsbY6iP#AbXZgo|iyy&(
zW6w#R!0tD2pFnsPR1oU((^=u(=TQzUFC_=XKS6j9eG-oJ(04)%!Y@%4NGr!W%V;aQ
z(Wek&plEJ=8_>tMM&+%oqIm+_X+EEMwV8+C`~+|~ZDxx#TAmqH{yG`l|4UmMZMV%_
zvHJ=a*5hOQmh&)Sd=Rc|hi9x5L#J!FXPcMrYouw5hkV>So+N#Psip0CnJ1YvK~Xce
zNT-%5sp`joM~(v(4Pz9F4Sb}xgnQM5T{#yu4}840@!N1OLz%n)HsTMCfd!=IX7fT6
zyy$q%&2V|zdoj1n<XUIdp)R)r#w+KwT#CJchZ-lIO^K6=ksJ$Ri(y-#)S(2(&Ksd|
zy2lXd6&ihRwgB0zkC?bF26v0R{IrSa`HbNs223Z-boIA7v(jORDJib#XMy>a3GZe2
zU&A}4LqrHW*i3cdR6XPRQ%7Y7{dF?t!66gMgOqi~!I9o8J4yhl;E}6R%wrMFRI!_%
zf&{I==KoZ&-E7X3rli>GTW!XNc0|+y>ZvZ91@0D8ir&GN`6gt3Wd`Vze4C#}j=a{4
z%)$LtdeHKooF@A|?wZsy)?dkt{w9+HJ2FG9jc4+~c(xU;uch?{+Oj{tExVZ$5pN^=
zF4Y-D$VFw+r|k)&FloSpJ@qAwf@j|Sj+QN(?Q#?Uor79=Fr~Ln0bX;C9(pAkOdN#c
zT8+8N23)KToAzM@?<v(sOtxKM5S!~F*6OMYQ?!Ce+!t5R;_xe_Iq%{F<oyb8v@x7~
zi@u-=_4kRsV|!2Y1yje2G>*-P!A@Ki09mJh0qy#2)viOW18#(RCOz>UPSKqUs!OR0
zYoCIyVjU*}K&8D#VD+y7gla^*Y~~kPocTn%mFqIMeGz2n(VZ{FUth-8%x8E=>?`=1
zWkBmCye;%%-p0vW)fM*c1z@)mwzV_f0}H^M#~|LbJL9cf0CqBAmv+Xxd;!?Cggw7A
z-t7y(?jfwz8E;WIA66r5rZe8U1z?vG_Pow`I~Ra`ZUNY@7Jv;MJ|Evngx$}ZS`*%1
zxd3b@VGnf1+p_@dcZ5CI8Lw8G4|_6Us}AhQck=?Us|dT1x4b6w{WD=ZI$<9q>`k4p
zI|$p^344IBTxY)d`h3`7g!OdBJBhH~PS|F`7Ing2M%dy`*xLzvIOr(HR~LXiL|CTM
z5pQg4K5TO*Od69E>+5J+v*H!%6R!}Sc!lP~E953#shPwp6_9v^_lZ~7o_K}hiB}4p
zc%^LOt)XU;dv%MmR1Gc4yk8v%e}S$;tNeu>(MlSP%^+7@mWp<HN3<S|#+H$<j-;aT
z65%A%UX8}aQmC#@MdQ7~Nwof~#$y92XRB+Ih++phna@He^H1&+c67+%w|L8NZI;E1
zLBA0Yixh+YDj<>{gNjgUHM#FN1`P^`WW}Hr0^)7VF^G>;)Z{Ye7{u$DYjPKJ4C3v~
zwb?&I7-P`$2y&Vi9G=*fuS9v!x1y7OC3X@N{jt_86}pb(#-HgluLfAv6Q?A{MzF57
z5|uW^ABKfLLmjq~M-5Dh5*vo3IM@%N3UO9^HGcKNWl8dFa74ybpooZ+EZE-MT+x@2
z4#H{jS&Ff;@yHm8S2ow2ne(*}?BAX&wSszKgTNtOv<=*NGxHK4t+|Ts0I6D6(N!Gd
z6MX2<9J%wk<|MLEJ5jQ1ddPm}Q$WZ;-qG-&v;Hb_sSVBi3w&2TMW5g#2vc6odtn}7
zK+qO{^GEdQMDjymlJvzKle~re)``IIegqKd9V9&)eVvXM?V*EH2@fDN`WieOh>6So
zm$uONFxJ9F{s;>Hh5;5VbEX*^;#IkVMEo<HHEjM6bkuuoh<N=OXDKKe3Lhk4$w2TM
z%oyWe=KD>Pueg{nW!Q|zWXXW{Ta1G+y3PM)c|jZJ{VQ<wT#k<va+w}Z28&G&S8cyT
z5a%uPc#)0n1hTmF-)0VWJZr+-NTA?}xZBkYe-5gJ8>0a(&?iMK`AiQ<PKx*)VmC$n
zE|CL`xF`n0W)^oA@q3JeI;D$yk5XkEF=aIO1mPxutSw_l^n_h^5!Y$%rPo2`a3wo)
zD=;^m<B0c=*<tw)5y6Z*qaW}amrBFY19#u=2Hf2ZxCa21j%c)A{LD*0^Cpf>+dl%7
zl1Ddt+1oG|H1@dcrF2J|F9s(|IN7E7!H_-}wxo{Ea^Nkq4iGHW*?b8i<K~HQ8A_7H
zJF=3W;x}Vhj7pgc@Z1>V;kD@`OmBPec3@}+Tf9hN5-<nbxJOA6Vy}rV6AY7C=6gB6
ze`$!ph2*43eTFbxwXHBZfbmIYgZ$l6i#)gd9Pq<~48oo!Yt6dTVvwU_9h{{ZQsnl6
zEe;0d4J2OAr>Q3IwuKfduwhw7X>en@7+~mv9`G_RM!s8du4ixg(!e+5lP=-3W+I#r
z{JfZLDKd$lhSJ=U=R^#3-&Z(a+$G9L1SJ>o+q73Va{=h#pEL6!)I#(NgqhF#`DrEc
zzv-F17r!cmKgO3%j0kXLwRId=C*LwB)w+8Pv^*{$DysBQ9En48;pdRwW}PSb31HdF
zE~gM4nZ1;52~Xe5VjEX<AA;~5@%yLxeHFfk*GE5tFV}3tQ>>qCM0iR?7$@FEh&A<q
zCUn{)7jI*0(!5A6MmnumvAXqK96Am^`Z=>{GvhI+Q@Y!?ET6=rgML<fG3NYIoW^M$
zPEmwBvt%mI2fryL&jJ>Ch8iJf-R9#Vi&zO!A36?<GmB8GZ8BR!aa9{?x>YBlYap&B
z%)~WkOMIDkYf*<v(&oPcFNB<EnkV6VOUdzr9A*txf<!~;4nrs#fl?4`ZJr{HgXxTi
zJL<?Tv?=mAd<c7Jjh^CNDr_?*A50Y&x46^DmbExm08*yF43vIMT1W%4xomT%BE9qt
znxGF8E0RD&s#rh7_%SKeK<RZh(7^O@NT{tW9!Hl#tzf^J%V6JI=9!|`Sb13Ecmb1|
zm+7?Hiq*xKr^pSh8mbKE*753!{v0m;pTsWrIBp`^J^28`^yRqVMXNnuF>mUyHfQbx
zJ9}|PmL+!D%rZaoBIrSxv&;5-i#)!w&d{U3LT;H7_RHK-IotXztCdq(EQvBYTm_sf
z5(4`3z%Mm`>z|~(uc#kVaLZ`$Wz3T!?TWH5(Wh}t+%sQzFCMGs;%Q8NJ%x=aajTP;
zoyH4?qE7JIFD{X?S3wmpJ685n!N`>pVSLw01b|EJYesQYZC}+hzkn_dvI9k0l!(ce
z&4g%qG^hTaI$k<wf^tu=v)qH{<$B6!e1za~kst3T7m%%C!yPF$6v>7nFSqit4a*1k
zi<S>X;X^t+mAZr#nngH`UoL5F88S<9qdkOfbf=Y9UXVpS{|PYcB9TkVjTUft-ONGD
zXcVdBG<l-E+9%Rqa>5CS!PuglegCPt7VkgCK3`7U4>ktZFW<1_!aeDrDz*};pyPD{
z$SuMY06DfHQtw_*r5Be!V3w@V$m=bxdv@lBH_7SPe6ac_zCP?B=jDZ*qp_BP(=e++
zSw949Bm;G|Y6*mn7t-*gJwEjVkEYk3=nGN}kXw>$9A1JEfAd-!lXf1OWxP0+%6{x1
zFo_>fLv-R({#2u);exFbD^!b#@?*1$!?yJ2@Z4rl&dJpPtkdag-+8=4WNb+}i+gQ)
zp+rc7y}Skoa391Bn<w$H)TihBYgZebqUj7_P<KjD{eWN^R=#j2z#W^1RQtBEgH#*$
zG;of8aS!@y1Ua}pBKj3S(u)cYbORpj2K*8L_MpTey4cS=6SzhHyV3suYI?yF(uN!;
zC2F~mt5Nd7NqTu>m$5474RT^1#m3yRsB75;&%Dg7lGqe3S!)+}E@T}KIv{v>o%Hq6
z&67OBXu6T0*mQdw5L(mi7=F{{^)t7Feq(<z**yD;CX@ttGSkZ?05!~%6ud=&R45Wz
zW128bwk1%KIM*ytf6iEJ<{-47o4iL;D)JZ$k<sd9j;b8QhLehroZ>)@V;Cp}*7AJj
zA77sRq?8upz6sr5#z=8?shEJZhQlgDro@zrrdrV~w=3@*py-fuE}glTeHkX)c;3D2
zKWNgGS{tYs?Pelbno!A)egj0XOX&>i{f&{V;h4oW;C5u~@6oPV(XMBjd23cDbgX!w
zsk0|V6Va6;AxBp-lqfB)e#^p+iMi0S7VVHF(D(70)@PGa&s)<v2rF9Cydn{{WFplI
zt!y3t4wR*H#p#h2x1<Engt8>#YZ-hYKega>Mkh{<Hh;k^UI|llomf+=WB%&*bt2r`
zvY7OXZv~&8CH*2-z-+tke{<5jDJ8mIW)`cUyQGhVDZs_fqd!e?ORsZTGs(oK{g}eX
ze0up(4w+KO7yQQDPPq?4A+#)f^j^?kj8M*+`;>864`SlMU3*EIVxRhsW_{UbM9|ek
zyM<(5N?<d9mNPsv%XTYpNf7jsu8^&{9`tL8a5I&p+b?9eX-KUlA1_P~!<zB^2Cf|i
zk%n@)KpJmN(<}r5EH|lTseBl<rUjEul4C4MFGZQA(e*p1X=#HO!{wjt$E0SW-?R0)
zGZV08qCaR$CP>GIe^vnDse6L{v>^14gt}r@N5924Hu1ITHopTVYJYPZ>Qbi&P(>04
zQw0*|``Vp=&TM8m<mzG_Q~nO=&6sjR$CSMV8B!LVf(|DiVy=az8BYEMzJd%VOZ5{?
zN4l!BBOQn&iPMe?g|Q^lNxxabQ1ag>aYoUN!y*$7wHal)j><^5^S{hH@k6MIGbhF%
z8X+U%C2<Ts2+l(d6JoA7B1j*4(L0Uk$73=0jqfxfV=8zmgFqdbe3#<bJT1j5o)6G*
z*xwLq>;UXkj`*c{;;kEe#|UG}X|^hLyoXImNl_>Lx+in8IxbBT+Sq#U67C;81n<!x
z4=g8>Ok4pYS?1<8`uK;-$as^eM%lh)@*7wwt%Rqi=zn8Ozlgy-ETGoRccIg<ME+MP
z3^@({(J`|??ie`3oB^g2PYxxt#)ag&uk#8C+{!45!`MOS!1w`dbYP>NK`LPZ313UC
zKT;^nSd_S2F*<qHaBmTe35t6}!c$o+*ree(L`s{9ZIXSPhVe$6`XHm=4Lc4`{Ar0g
zt+(iSP;184Ist8CQ=ASD)_@fBe99Oz{IE=8;~9G{v=v@Z!sm2r`z||Tl}4w@cqQ-M
zAZrCKX2Qcp9M~zhaCf!JYWO6Qugs?IQ*;_LklM64aJqn5bqxDs0vZVcCf>wa&B{<>
zpbgVRC=m<MsCk$>rj$61X48k~f?y2gK8f<`)B~>Lq14$3I<Di~wYDA7EX+gEMW$$B
z6DWmL-n*H2FOssIvn6ElIIcd@QsX8Yn**-+(FS#11NH65o>SV$*!#mOvuS0fMJmUp
zl$jPnIMYJC?Pb1aWksqPf-04c&OsW7??SqhR<eD|+IJ&9XC&AXTE9%{T;!pq3fJ%z
zGRnHg&JW78O(guUk9X8fN<A!$AuV;|$R$yZCa)AnQ3e)K=+DLF<Q=VQ@1Zqt&?t%p
zroTMws7*l=PTni;Hm-2of$*O|zmC(Mi1hq3>oU^4;qt0wGM`!1op;@nnOSU!I}lwT
zCcoVX&j)Y;=KwgI3Zz&2t;23g^;-nj7FGLDuU_Vhn6uiVeU;1915pp1N|c2&P%?ej
z#*V(LWc#i>;%L{!@oaTua&cKV#jVDjfw;l7(prg(%c&c|Ot*y4^^qs3b?Wq3)7KrI
z?(0gRhFLh(K8Y+H+@(8V*Kor0VxU%Z*vejo)kA#KbwtL*tM>jSKyqU~RtYL-(YGcE
z#!hqEIRuWKsBTVf7#Mpj8{H4%Xm~7$anRM%^_$P++Rj~=gT!DW6)P7Jm5+BRG)g3~
z$1rzEPFHk34rD1!1;8`}Ps`vN4OJXF`^3sqP&0>m1q&QN>R8fXG|)Hp7F+HZXHn9S
z3fy+qGxZoP6fiRYj)oZ3NLY1oWoP|~km4j|9BV7&(GW|UP}6Q5-iph5hvk6>lMFYQ
zJ{wVEB6>-LE#;!LXK~syKu-`IBo5xhF>Zyf(xY2I`v|B$6qO}HbfAgXPq$5}kS>oO
zC?Fklc^9xLy~Jr#g!xPeT|K*`(jhg#w$`D~h?@G0@-O;K1c~~LAEM9rVfC3yoh$PN
z(1q!=qDL8XmFiJR1U-uB9_mmx^E8vr2`?ez+QN!9IRO=jmum3A^&H_1s$lAH0ELkf
zQ@L$8hqqu5yV}RcVDO>+0s2+bClfzL+UIoS!8M~KpHfcp$vvuk<c2tJ@?DzWi;*Ay
zl$c=akq0Zis1R0pd|#l3M^eR7%3xv~MH8`*q9FkbA3ld{!80oOR>&pOCKW-*0DDXY
zv(u)u*$illkiW;mWglhv%jU0DB>ZJv34i$k_A?kGt`d)4Y(~z|h+G@+GS32@D`Gs@
zbcWe%=npP~*abN#_!AX_$$&bZ%+*YK@*=RXp-m=bnY4vf#Eg)WHH;=d<|{8ZB2WIg
zsMN&Fz=K90k}ofARMrq3PC8vop9*Xqjft6}$6_EAAziSP@~3THzcm{2p#63%^!`@r
zeItt<`A8{ji=b7d2vP=E-8PR7OUcCJ-e^B51hzZ#Q2?Qe_ZV)`qDae^dPgm*M}Jw@
zPk0yTR2c{+mLPS~4myNIWCenOA+^S!c!Yly_OM7$Th$kBonF4VADofqPn|}MI=;-A
z>EW1>9t9b->rw4W9M0A@een`IG~TZTv#2`BP_i<ZVT7;%$P$ln@Fg6rJ^EwC$&|Re
z8CXmrXesHnRaM(zH3Ww-1-svi;<GNb|DaCeP>gOzC962BFd>`<p;*A!jpYFA9sHi|
ztsk4h$k}Sv4QHuSkrfZ_`@I_-9=e??*zMefF%3@MhtEO*3NjYrm$tub=8F_y{ArP7
zYA)^&gk}F9^$siz)xStw_$ScsVoB9lHc6|Yg@abJuf9a>*Ar1Dv9rVHqO^DqPwNGn
z&Fzh-T3y;A$6Xh1tf;nD2@o|+X*Blm$=&#%fc^%|zAkpzHmg#`UP)2npr}!h#O0yY
zq;MVzoN9a4hcF=q!uVop2_rH;C&@(V_}=8bwX@L%wS~~uaGQAuc<p?Q?r?UHWZ+58
z1WtW;D{wzs=E>L@Ll)jeS<ta0o)H7A(vW_-Qbb~Q+||W+aL0a{XLoGSq9kZhS5R*f
z)Y}!*lLYl3C~0!qdYEbaHcPICiDTC8I7~O`)p58tCb@OeTP^icA5JEoSE@wIk;+al
zMa$?hbHq#e-RAEwwvfD<D9j9tnCaR!2a^N}Skes`0)WdCL@j;IZQ$*5$Xk<l5Dha;
z5LMwAqxc1C6yu5OWKRsU!mY>0b1RHwE5F#xjmy>Tt{801z!gFa%?CSW^SSyo*5r@t
z;Fv;;V^(AQcm?Kih=Z)akY2k2gOLTjI<mL}oQP+{$R6RTpLr?9`Rt1g(-vG)Vf5+w
zYbvaRu~WbTsSL>rZ=C@MD#<@H_2@t?iZ^@#s8qHY(2#=2LO{sSkpu8IZ6dW9Fp?FB
z#7O|FuuMr%FtG?J`Grxc#8Etkknjq&6OEvtAqDM~+SIxSiJrG0L|$+~NF+w&EG{!a
zT=QWRGijg&x3N1SXgp)<ONF2@PzJy~!$g%G6Gf_0R#EPg$6l&~7j7MaP(FOghAr|k
zOttSq_#e(}z{4$gL}nO1EWOe<Cu^)5rfb`?c-P34=LNEO>d2KxkFt3F$mPQVS<l6j
zN3-tG%DlU5W!4?W>)38I1(Is5@5c=ZW8tCjm0+vd=iHaWKeGX70<q2KBtM5FecV!4
z5N2BHW0G%egk#-+!@B{sZa}>oFy0MV*$r6L4OmS;HoRJj1e+_H$)Qa=7j4}Ps<)U;
zMmd@MojnZkS67T@6rRbVdN7bKwXWM8YaFvDNs48nAByPfBPqGrrNlDYeMzSoJ#v(z
zibQuMNqW4>gorwkF3ATXrZn-mtBynMFC>}c*(HQ4W0h@D2!P_TW8F5(j;B_fHj&9d
zjUSLeIvA*JCsUwDBy)Lc$$gvEBbZT-X`-s6hkG9>0?DQ&@nQByHZ4I;XwweDrhOrF
z4t7<faKJ)c4CJb=Vf@9&$<`;tAx@hN0g0??IP|gAQBJX$L0bz~f?4xHxPuBnzctCc
z6tjmQqG@CzK7yIYa2zNZaxr`pkbp^~D9)FnXEhwCO>#?<Zpd0agK-E3U5tcDYLYr_
zmW*`L3A;8pf9*})g}z|9(<bt~iJ{5T8}(w&On%D}CDdp-LsSjd`5R1y4on3uP?^Q7
z{lerG>s$Eb5bBuO#H(Fy8EbK!t6d4cZ|t2iBZMN%I4XzgiId^X<@g)8w~fl9V{aRG
zS(?3V5@tjyKsP2bb)$=Sm(XTm9<}1QvL`7y3aGN#<jxH21UbWa%{Dj+ssv#hT$@dW
z2PK)60#y<kxY;EI#7t6vm+oIDGR8DVAI9!9RiN{Nhul_^ZRWLHX5iHP8zeT19E&n_
zlBqVYx6X^tVdLTA@9Pj1gMoxSy<NOpl+J6q4-Yo2zMWMCStHK4s_?pqc;}|mYm<a+
z$6|@CDj~y&vQBda{a*bL*~Y}JT@>H4hm{u*1CPrt_E8aK&*V3a2s&-*9JEepJ~Gwc
zyb*-~xr9vD%tyNYcd^Q}Hq+SC97-`{Jzt&5*Uil!hGUPwBfEd6>`#8)%O3x72vE>p
zh*_327GYUIScc}(k1cS@#z$gVv0fFH6)nq(m|89u<q^zs5txc)*xcm9<ejWQ;Ygns
z^ox#=dMm{(R){DG5hWxol_8yvTyM-@5re~`n$%~tV-N=$aWwj4Uabjn(u?r9NWp|B
zEYrxOrpq}y{Je#VT8E$M8gJNkIs<l_@ei~U3v2gEYq{`r`ku38`YJBxclIHlrTP%d
znlr4<nMwS3Juq%Mli$(#o9CGPq0}}(DG#Z@<`&Y%DLI>rX_&8QJM~wW@cF^&8!>)J
z@4XeBVw6szU(DXy@LFmI;T(6jvp#fUbOk0cwdqjbWi!u5IrwM#BN;uL3Nqi6lE8cm
z)oD2Ud}bc+=B4_JJ^Qi-kSFKxz6Q4meLM4WXw#yLTNPVhLe)1Pgm*=~$8R-$iWeBg
zhZ&vKB@D*~@v-vY`ngzuSQ%!kt5;6o;MB@v>L>ZFuO&&3^jmi(zR+*|An^_Pt)C`7
zWb!|;PkYr$V=#ORb|;sxXL06Sd;~&A_<npgM>x>VH4nu1(BuzsL#j~c3w$vA0Kj`{
zR}O8XIWWA9mf8s4Uf)K0uex>{Ej=?1Jp*OuUu@PMgRqY6d5=v1(b37bnqx<F1C9iM
z78KFgb^`lI_v%%mqX0IR;i>6m7bp?tWA^H)2TfC9vO|v(MfAq|_soD1rs5yLIW@Ip
z+{mo$d(h#{kU?5~1nTJV@VBR|J^{-XbsR?y-@(X~iJaVP%=uVu1U9>sxDu>$vGF}!
zM*x=r6#*<Q@_OnA;b6ij9v8&xB5;axf_0~#oBXNr!^@x#k#VZiUIVJepMc4&cd@C2
zxA0d;#e-@HLXpW&Ynq7%BS5CY6DZRWKQOApJ181)!7z=l2r>1X!yuRGq@2FoalrcL
zjB~>YcY}hCX=e<T7o`Fc9-w2_=$yiNyO7VswQoCZR`M9M5t$oTrIg1mI0@TjAHF4q
zdVqIn$eHwFeW}tb95njOKJd=F8i)*C*Y|YXb~_7zKgT>G6g`m{+ljxE)1If&qesv%
zr?iRHC-(vAI8GKmUkIRC_zZuKW~Q;^4j|4$y)RCqLzsorNGwUCkF%=mH79@%I6g}p
zW-2E-mL%Z;GB|8F;zD5Qs=yxg4lA%IBlR!dfWd{un7?Tsk4QYrL>H5dXTdQ8y^D09
z$8F29_ov6fhnyu@i%9t9<{xg9s;<Qfsz0&~xUqujCo8DFZf+$D46O)VADy7dxrAD(
zFSvx-14@_)YCvKqOQ_r^^mvrU;IlP!3L~2ZRic*#Rn;%2!kZt@>5YRucmTS(82bia
z8so@~;U))i5QA8K0G@nvjb|V_2|hl?-Ejmf7L5}Ts>$(O6~58l#4%#3zVK5J>*xuL
z8Xkfpn$hDWmHrYe5t?}Pw73GNZ{Ca8qr>O*4zKUe7RCpiHieN>Qj|lxdQ?9J4~%j~
zTm$F&G5M~amFdy`ES?<I_+>mVTHuL|a$&f@S4TJV)lrPE@a`y9(I!8M#{49b6GW$p
zvo$*1xKE~QIebRi^AviN9J~<&kEJS(ex}4=9m+VGA7Bj~jH5ruRxWb*Dag$8A%`ZH
zA`Sv#b2T(c1OLQ4qta%L4&mipzq*(~wl!m$J|J_|6E>9K8tBNUfpP;k@U!CNdSiab
z0{Hm3CLfGcq+V^!F-E*OkjoV0q%9Lhj!P6$?JG>@3v+qczqIyc)Hpnei!ok;mvNXI
zhC_7i;w|YGA%xA-v35&NbEcV%PS$QkX1O@U4_UkA$AW9O>9n$T%a~^ERuZMxZtdO~
zr!6g{&6<`~MSjStB0rEXgQ41CZ2dbchx6xa!AN799@UZFuE;75tjO{M_HZW-v*`L+
z;BqrZ0++0Dw%Ht=HVYwi@I&a}2k2n1S>0@Y9F)lFCUus+W5)hec5R)gQ4J=$jH%eL
zjL8o)2!qWoV+zLZWlX_6Ow$JEf(J~cjGv{LwL&^p3(-RoyM{Eh(MYvPO(T6$LMyvw
zI)!WsCSd0$brF6VWdug*jOHi#Ey#o8KL~~y`8XtvQWLbbc`>K(KO~j(N`giJv7C!$
zGi}r^(<#2ZMC5`Si<7K-YABXZHNenLNgdxWN|ZFxV@Okgs5zxox+^IHS{g%R>qMhc
zyJ%Wvvg&a*EE8Q@nNbXeKo$anL1|G(U>Zr2rq+H<BF->rm?X6EN^IlIB3?QCEPDvE
za@hO?n4IIvp?uYjamS#lsG@i>R_vf`=1f!>|LQC8f}s$b{5B6jyh@{qxm3N%ET!==
zlwm}Pvg$w8<0dhsEz+*RTT*4L9^g$a#KyCZ*mA)yKl}`cYkrJBB0;Lpb$oZPNtdk8
z>w!pN6M7b9cp^up6A+!wtk?x;R{Tn3W$IRCJyqH4JB<Vx#~N(&q7ncxvx|{Zb>q-9
z-84yq;syapkg7Y-M};R%Q0l<TyoVKlKUM6ymaBG<n2Or;njdA8QGEKn?=BFJj3FDF
ziqfgy3wD4?zeLdGTb0{=_Jpe6cvl$zG&|RDSak&nFaT{m1fv0nV>zt7GC>m6juln{
zC-)QEJ{GV3-3|t%`^;A$N+s7=av|)4O?xmQ>enuET(RhO)?ru$J6%{6eFwl^_>J^s
z%aGvhd|Pqct*))%qzE2mq{7ctHsf}wtsBOE!#*UNISlchk9gHSZnf>l!-_q4F1d1H
z4n|0R`Q{3GZakS>3|9RlC-IjfKKqI4;v!?)c?j;y$217<pj-8GEm!J(a(lx1=_t9J
z4?CA1YLBb#IJ+D0v~IvT0MK?O4kJr9fEKQC?qfNVc<pkg<k42h{N+r-ljY1LmR-&y
z1of!_qM4HA%rBv~WLQe#>~iLIrB&_w-$Pg7oihY?A1EVC%HwCaHbvf|eG<Ch+NK1|
zU)vPUw#hWmNLCq*omw6wbl&nH(Q$cD*e$v0H?R=Ig$hQo%Y%a1#_ouq@r<fx60VgS
zo*A-ItTU{U<w3Ts)Eh%qR@MQBU3y#3Z#;DdN5$ozx&hPOfCc~*7oy?Z09~z$hfx*r
zbqoTw*D;)jIPsajZ=+7_nZ9rF`(rS`pMe-oo4JEQ%+ol=6gJtIVu{_d!^kKGa74ck
zQ6*L@s!~45XQ7pMh9;t_=_t@vR0#oL8qg)Gdr%Z5)5<BP?Z~XG%rSuGd<NB#X|Y`?
z%NLYG*2MyA?8+bp9{)C!T$!Y31{*wY=w>k=&+x%U_)X9<THMK{Dyct#R~W5=cU!qA
ztWmK_mWnEZVVO_Lji?Wn@S3o|bCMOT2wALxFG+5WU66puJ!^1_07xXw;}<AX;#y51
z#u69SCrDu)q~(bg@7(4Sq-G0*ApJJvG-1NDNX(k=3o8=v+Aj%UZzVB&3M7Y}DRxv8
zqQt;BFcN6k$z=;B6|iNpKB2t#!VUIXt`&r91s1O`JqKS>K(qR$Tw9=kni={BKXV#n
zXXYOwJCGFE>WN?sHhl7e>u;vO6pEc9Cmj(h8WA#Nq8j;unC*?@lpPTkg9tJsnL&np
zD?j$gj&fnm`HAdo*gIm#&WIKwFH*D9!ybi1eC+NS!FlHboL%$BZqd1KpP~b%^$JJ&
zxg_TlI%Ei^{2oz&IyqkGYMSNjzL<!`x0P5q@}}pw_m4GK_68ee;Uu6=8As`jSfv)?
zr0kzxpzKDf_R>F`5A?Qw*uZbR{|HC>hYPv^8@mA)0>J)(Xso@$xei=oZ0rdv?e?`Q
z@5EKsa-F?Q^kFAHw@T?wa-z^o@yaE>p}a?0&qM+R%G6rx-{DW)5rZ5_<=}d=jZS<v
zc_TM*Nb5^6f?Q)k6l!*i9jLTpYXo;w=)_o)$Hds%u~gdIEx9?>+X+~DJLq{o!?mr;
zP+pCXr#q1f{RVku%?FISAV(aK5jt<Via^ZKeqYn#YE3m3C$SNM$gFvYY2BXu+4->_
z*?4$oPIEJBJY*koHUua$jV&QGOOJ}@0>TGTz-SX<Yn?fn<4}gnQHJoR2*HqV>qHH2
zaw0<bYwXV~xioci*sAy&1m{M@aVwkp4nWM+_u`$vUyx%l=FP->k!FL=gkDXe@sJm7
z=2PLm0C~y-JJ-N!JAk(Hs-R~%wlL%>GMTqwY;k@B@qV;i=kzw>28u>+Az1YTKbPMn
z-H;@o`~n`-HirLbpay;I_#wdxKQL_DReQ?dHUEiRMuUUl=ij!QAiLpV*b7|4{-z)t
z<ripkGY2A+drFhBL=cW6)I{Vb^fZV^yqjS6YfiY=*bhS!EpX*i@iE@%n0HYMB;M*I
z9zQi6?^h*0N2*9USRD0*dye5A^ZhvDT|t=(t}i;3>r2ky^*zp#>wB>a0E_nl*T-{Q
zBA<23`Rn@&L4UFStTH&d2}{X^%7s|f#)jh3hK)EF<mKc8hlKO;;g@p-`N$#ug~OZr
z!Sc;{d|uF-uWZioqX)wupC1_2Y%ceVfS4a`*ogIQUFF6}qwDN)`_KtjKK$^*4sKJ~
z<y6YvE@!ap?{b!ubGw9pZ6tl6l;Z}J<AzeOwI|rhQq<RBpUDkUl=>6OUiE}cn8)=%
zxt9ll8z2Xm*4?nNH&;D@H0Fh(6AVRpTfssV#%pHw{=@cw_Tc1OogjacQz_g;zGpKW
z=QV}ze}W_rZ$b^djuJU~x^GH%PCRatcy9P-jp)vg2wa@U8@4!y!@nSIf^zm*Xb^sN
zaP##W&oN`LY8=-M|Cf<tw4ISj>xqc_JkrX#4^RWUSQjOT0ayrc?g9fC1Yj@?SOUP3
z1R!~L;={aj8lT&Z&+W$NcH{Fh>p|a@MmDP>F7AB}e3ujQyL?E`h6{TPr2@-?SOZmZ
zyP-;RCzN%zKt9<8^1%VG&a^#fDn;C--3>)P*(F_2m5p;y9*!q5`nQ@GH^a+79dp}%
zF9_4Klkcltj@t%2JNn16DA9VDDd=;9RreX$I4RB_6UP{O%He%ZLOd!j^ZOKDtg+(i
z29Q3dVx-)y&^Ks(gY+%2z9p2?ccNzru4k%U*$QfqDRyNC!A%#jcV(AA{kVv^3okSV
zuM<7{WH-2B<GIMg_$u(#R)#-;d~ahDkn*|m7A$q1(RO&y7Gb!iQa=KnAw&f%4S&GH
zeK><Y93INmCC1Z8zOE^$4kf>^8^H8s=u*a|`x<s~VF`Qb4c=S|uk>ozi5GWiU$tEt
zbuIg;Hsx6elj%zwGFXinJQ9GeI>A)RX@6<DNR5$G;!tCwMR($E(R&xe?7d2GZUqk9
z0)URD$S2|Ht>aRFEpS~u&4>cKYAO+k7k=@JE)5v2Ay;-A$c{ieq1ZpN4TLLGcURXI
z>ti;eKRUfbUmjw5(EK~pNF12k?N>Iz0$FuO(1T&k=@lsB<1{qCqmW9-1yc(zXLp1T
z$5;>#S8J8M-B#ZgCO=sio$f7YU;Q48^hSGdvJEAZ(x8j)Dos8vjg$h{SWKCymBx;;
zpQZx+K=_AL)-aEAyK%S0CMx}4_2<_dg${^%^FpvA0?$of4Z(Pl;>_)Eb8|a-eA_hg
zY#P388hJJi-!_drn}%<jMxISWtPqsu{eEmhhz;>GlxbG#_&KOC*71neF}<wgXTzOW
z#{}Y~Y5Zbc&Q>tJl}>LEb4X)X=J|(B-499C3yK|ksd^KbRK3MnNpZR-Zv;h%+cBKq
zJ=9xYWoX@j`c1{<f#Z(Y5QyD{%BJ2zWz|<;p$wu%pH{)b?unYd>~+;@zKmrpX2g)3
z6)p=v6;GG*yY2EW_Vj(EjG{?5-#2+Pw<nJFd({z07``Vk0ir28SqRj&%?x8J;1M>~
zAVjP~&|%pa5wipo%EjF<q&9JTV6gggYsQR>eX>)=s*6i&ZURU#=fEOJT6OV;zhBs5
zOclX3g7H*l!_cO`AECZDaO^r1AeP^!;O#Eir#rlEaQ#3S@B~r^EUPe1?3rMYL0x$|
zT>k0C5gsxxwGPGD$!_78IS4H^YEs6%=y`N_)cpDUNY7(Gmw+I;1P=GZF}{q$YG*s)
zayjrvP{q~vPcRxJ26QK47mx<_*LbEJP&`_WUo5p^@=5X)KSoIe+XXqzN?{lQGo9=j
z;s-83P<!Kj!21l~?S6|y$>VsC=c|~cQSx#Vo4K+m1reCNROb<B@N#@hB*)iAs!Fg$
zV`%NTPU&tNsQJd%DUk@gGD1gb|FEIm@KT6%+N^-_6<iS%Iu(h$!@`s~UM<59fASu-
zQ~BI4HcG{&%C0Yt?1TSW87vGdQirUjqNQecnd(x<EJqpvF-6kZV#?rYC@cTseR`Jz
zr^wl5{7B1Ls~a%W4Y(8lu~U56d&x1OnS4ICV^bb>bKp66M8@>RFxSHcwSge8Veitb
z2R771GLzo%p{~P3zDcv4TE-Fxy*d-2cj~bu-Af>ZX&dOcGmqc}=bj~C{u+pIt4&6L
zKo;LlVkCFw5jt-Tgy^^iA}nmvr{BOr5cxx(u7St|tH$gI)Hr6&g3<AgpkXEB1?GZP
zVTaT>W@%CcyM|Wi33pg4T2<KLRAHUKY$!my!<zL5^jme<CKVqeKi)hYmO4@R0?>r?
zGs8e1T}cm~XKT~-pw_P92OiCa(>w$*bW-gKLWAgqaH!iPbVSJuSHo2hbX%1`=r*F6
zuiKa&Z-wJmb(`caelVPL1<gZ&V1>y_qk<Zy6WzuSqucz<zoE?Bb23l2#l&N72Ba}j
zqsPlnT+GHQMG;tDstlV9_Cm%q-wI-4FHilJr+z!wL?@<%;OSC_hP$gXpIE~Qu4&~W
zXy<rv7hLM+6vr_S&Du~MC)8>YM8^?@=s12*$6+Zz>Mm6-tGV`4tQEGvq`x^TwI@X(
z)vPz8%CugkBB9Di2r5bIPVXF7<`~MU0dTET+y{q~1W5n-?he`P?q6|shMIkN-Nf?N
zM)bPY+r2%}z*iomAJ~_P3y$aY(k}&>qBdW~4~?oKysaDX;%>l;2neE=z@d;6m3H7#
zSJ})cT&|ZpnCyJS1#?N`Wln%Q!us95MaaO|JA5oSQvv`*$X1uuy%DbP_xONR?Dn~Q
z*Mh&u$~HvfpL-eas~J0ANi+rpS_$bl*+egAS)>RGN7WHzZ3p#*M}U&(YDUEi)o>K>
z3VhZ3-LbybpTXbs6nOYJRw|k|xr;HOC$^K?Eo2+sImfTIZK(<IBX2U_=B*sosK}S;
zq;2!#k?j_#6>GOJNn*E1g$h1vw>$z3opuW&vk9bV?P%3vw<LMQt(ru@ZlR-g3)?jB
zz&9df>=r5BR6!YCst?b65p(y33qo}Gc>vHj$^H@+kI=H2n>|~XOCPHvjhKAD+g33n
zcClH@!2+?eOq*u?nc72}HmT?&<_YOEluKtd)OzB(@ZeVbQuoZ6BM_QbGM0<};#K$%
zTO*sf3gzZr79*ceaphhmx#9?7Zzc1!Oo>+TM9SW4;6YOY=>%i4UeEs~m*f$Qg8l$I
zi_ZfY#w2e`_H9XxH^wDS^K8&X*%XR6cD8$Vc+M_$-#nv_2Tph_2xz?mNM%QWy~mE2
zkwCCPI$sU1hZ}L|f(MeZ+iV~!6Nn918c2Pf&0NF=ia+w5grv9b?K9)>B&ixL7)xz<
zf*rXmm=kQ3Yzzh2=D95G_d3DNr!%JTgZuOM$|TT7TDQQ3-2gdd%;vNtW<gVct><sS
z#-3{LszpE?N5l3u(Pnt|O{O|vb2A;UB^l*)QH}8NSRK#=dg-=Qj^yiQsP33Aw&<mC
z;t*?+!}`?sI`oKf)}4vYYwVRY7dH`b6W}bC#`&I}5{i%En8>3*WKR1i@`8WX{+@aA
zFvN2^nL#Ok9X~kgyM`Zlj~<S8E3fYc%yk2<?FL*2K-xB9zNXFKemUk@F-_+T5TOvK
zO*D`Rahhi#U`4HU3#8W#Cor$5GAw5fhFXPN&|uLLNUUj_$0HBb({BI}58mS!dU^n5
z;b#y&nc^2jNhm_-5!K8OQO(j1@q*U{$CM<!c@aqCn38EkH=o9~z)Tcobn^oFrquC)
zFi?f04h{T^PE4@|W>(O^bZWPQZq|wHk!4+kXGp`6s%#SgCQ1auM79M#bEx4DHcjCM
zW8d|0T-d`+>9Uuc^VTR4D;;;8Nc=Y=KL4~#mY<wCI2g<~S9zO^Oi>-lUCGgJTb&xO
zgHWNcgHWwbJ1R;Y)JclV`c_46t6u8sJS7#h3Rbi3Dy%TyB2?yE#ep~6sN^*--lq^6
znc+IBw6O3juseR($c?TCO*sB?0~{;!PXs+L!W^Tkuk%d0sn>amsnaA*n~5v1xS86Y
zc_GfEG}mJ;rq+5cnJm(NiN<O+0N26hZ3xp%UMn=^@Oqy0CoZ?Sfys|IKB#%Q-VO9D
z#TeY~Z?vJ!XCiX(o|2rp)BXV#Ef(1Nl%ainnG)6j9N3CP-n@vo5k%d}`FH-|4wjt=
zbA&gdF-GsWZV9UCC~P*4b}>kIy$!26c@rV#dk4RR=tekVYfS-PiF311u_Lg4KO8e*
z_!_K9%1U&fpL23U>%t3A3%b-iJoNym;vB;@NWYEg!;9D?Qn|R7y^|K@aqgvbaVg9-
zVw;dW9liR^?SPD(_5ZN<E`V_z)!q2|?(V(&ly$wz?n;(+l@NukBs<O;QYR#Fcr-lP
z@<;=$Y=SJup^XdKRB{SryTVWkEd>XMh!ztBnDA(Lzrq^=1PByL>hcT_!uumBlu{lk
zh2;DF&Y78ecO^Tq34H(Zj}q^lIWu$S%$YN1X3o5@34)HOV{dE&s_x53qETTLFV^qJ
zg6DtlnpKn)o-O?wz$bGfI(Fh7Vb1ANNglxv0&sj}mfOMTsSo-i7l?mkCpIPsXdFwQ
z0;)OCCcj=#SiRtYXJa+V00$lL(Ri-U0EZlK2i7?au<C$#*l*MTM|ZX+>iM1d`f<Ao
zL1u^6xi5RnFD311VLwg`j<m$Z(OexTRZ6HFKbgI<@kB6fE|)iFRK72p$g0h+LEqq9
z_#6TQx{#V~tbZkkTl?desCdaL0PYeM4;z4^OH{mMbcqVDU%|0C+?c|9SFm6sE^LqD
zB`VOSxI~5WnocyqcaGg4TS@mAjbG-tkR2$-Xls2A&#(`~4$jzr+(v<?{@iENcPOr2
zhq8<CUDhSijT$9fj7b!9gWT(|iA-l9>vZs5N{Qxm7^$%nJjg+-Q^;tBBCy<;1=KVS
zjgA=1T4u>~;6-Lb+s{E8#~Xci0(6j!H<L^IXVH|v&PAG>fbFfnS`Z;0Cm4h-9x6XN
z^7%v+$+szc$d9@>Ec$^4SLoGKrE4@s)cA07ZPRCaiFQ3A3x*z%AMLMRW$K4^Qz>LW
zw`ezI^cu}!u|nVDbtdJr46JS+nMtNb%<P0}X@swF2%9Y#*4RMmj5<|)_9&Eze|F5)
zeI;Wg+aH5Dp?gr>AE*0ObbB3sRLj050(c$9Y$^P;aB>e75w)*J()pJ|IcaACaUs~W
zmyK8_llG!<KZUq4wU@(ehgW<vM{Y`DLR`Pmz5&tH=XFR!x&28%&`psBHZe$+!0iN<
z9)l;CQATJ4uR~f9omrSZUrHr_`l*de*ghnZ#;HHSfJn=wXzt$hX7Gf*J@mD4(~aMK
zHN0Mjzk3d#XY0vjCG|=yW++j)6mxkc=Bt5|V^Wrs-7zyxwm*U5vpW_ax?>`ezV47#
zEygSiiWkJPj6_bK9xH*;-5y3cR;E&jh=yds+Y}<q;3L`DQxZHOz{-hdt<;-pV1f9I
z8nFlmy$(T=zo~LlnLTWpJYYzn$XFVr&U>Sw{Oq&&jyT8d7?*}_+eXUl<M5Ns+a}M6
zY;Hr1J*f3KB&85t^O8V=w{7_=qmO=@T=LT6l6dDNKmU4&fA2Eb>rqB5gS~+tPKe$}
zN8HZ#x_-bv5m4@4gAaQ9pR%{tG1AvT!!u<((gE2zeArOZQ6cg!zTW0-MiyCZVc>+0
z7^9&gMl8HYSq=~nZXVB+YYV&J&wH7gy1H*75kdFO_)MM7bH>%pjl)ID)CWx}iJqUo
zGDZm>lH~Qx<U=Jegm7bM^iCRTUqjtWADN`%n`oVn{O~$tj@rwFvEqj`l8KSMEQ*SD
zMUPC%=(uZJIMIrMRc+x+6xqV1Y6PRRg&&3tv4t~npDmox*#|`guVxF6@^L+s;A*K<
zh)nvt0?ydNBci<yB~5MNf<+l1y*yEfEu0Rs-X~73_Z_AjTv}ip#jE^Rl-6o~xP%Lj
zz&waAuu_!T52D8u+m`+uz)qTgN}$+CjMX9-7@0<~FkK&8fC6}Uh9yN#{6vO1C0ke{
zhB@p_)L!dti000AUq_ElDTcalg=g}|cM&gUPyeP9bevg{#MD8%P%oUX@%$};)6=Gn
z4$hzYh8_d)%9$K?+lsXs?fGiNRb8U(m@i?n)%uNRu<(uNP<L@G`egL2&q98%)yO>O
z3ofC_|G3n20LI7?z|b2V)^g(kFzDoP=O4fMWKF(>WW6AcqK60E?z}TO+kHEE<kv@b
z1*1E6j3)*54#I-^5O$3g0KD@$MtmoMnfk!4Y<(SpTYm)LwFG8syMSzMVz&D(dc6+Q
zuiw^vxB8e6zW1n)Dd2mr`j`N|_t7W(+>lN3Dq(D)-;BK;e}S2tY>3ss3T{5E4~jZ7
zHz2SIQrMen^#gAdF1MtJ-S-nI0hl|G3EdA^K+OO?XaV(tfqV#%$tw(N%k$@fq3V(8
zv<`me{|wN{onD8sR+huz;;J<Mnzg2Lh;63*qOW?4*ZDAFVuMl9Ydo9PTkaBou`Umb
z(mA8s;Av^WD?tD#SVum7fa#wBv`orPuQ&b1-zF1@zh=K-@;G@@909KjB7SV3&C0_?
zaAUvARoM9=7h_>d;jJ29<>g{XHM3W#xfp|d`c!r<#+?E5840?W*Cu}ieifwMvrlPt
z=>_zo_yqOwo&FApm57;y5{%I6@xe>(I9Uk+i$V!T=*RHMA~drDk`{#$jL?rWw6+Ub
z(PhiLd7TLw2h(v2sfGzL9g273xn#PK<#i}(0syBa&kjY=LL{FKMb$zS8AVwke6>(f
zQ_2NqQM<ex>Ud^~I-Z%Ljxyub*@~J?rU$jl%b|{Erl{kYDe5RQ9z;>pY=1qdU0x1#
zJTpZd&rDHAnel=#Ma{<CgWBcgP{%V<)bY#|b(9&d3JFtB5h<7z;lfK;Dacd{oC?!6
zfO5qnH4@<Cbd3#Q_2O0$DmPpr;)Q_?V9sF%w~8<Td1P#W5TL~gGYEak`fWW@twBuI
zHPXzI#|RXi{dS!FdNy@7+Wh=wP!{F_M7G58DbVhs1gz8$!x1o=7NfBxo@ps0z~pRb
zQHC;D;)z#<+{7~}mCX#6c&5<wn|LOr)+&P$FUAQ%OiYtj2oNa{jH~lTnYSM1V?-*Y
zO$P*x!{|5{m1ljF(t)Ce?veUSw+gHY92-zLv=GTd{9;z%S%u>!W)cH9wLoe{UQDU)
zs?2bg>yse=rds`3h|27axULHQSsYCO%+M|Q`m-5<8J<a={%lrYhCh;@Kg%u#iG>xW
zB@j`4WakbTWZ4T{O!1Rqj_%T8)rTaIJrV-3Q<B-#3kW6d`hbM8dqOCdNd>qLq0FQv
zf$XU+Zb7E8IKZ_Vk>_#BGsGEYgqA|HkYhrz%@I&^d=eKLc2^62_Im{AfCE>UV4f8u
zXj_#t653DkDhIDTk&_bQplX-Y@JpKcWodn3=;VlZaq{AAIE+&rY5W~~!^b&;#3v97
z#_t>Onf&I+3t(WzL7w@yp?MtSIFZ4!&Eeogb^fz!5`e-y!`KRKV8?Y%Z5@vXecZ>T
zqp1lTPrDviVr%od%nG{$Mn!}3g*WvC;_lDJIUEjrk_7oR^?Zt+_I~NWX|s0sz<8a{
zBB-`2d2xNq&K+HPAWApl!-bG89excxd;1FQ*$FUXfNz7&zkwbo=hF4tXCcrG+wg}l
zJK@&&mgXz?B&}ZqzM%Q7sZroJdGZ3AC|_B6NjGotus9?cPb$jcorS6UIg~{&o54*(
zI~7UhLb!Jsx|PPP6vAY8!_?V_%gz;(O-b^@vqF6(H6*<sdM}l@9OdPoL5TZfSYTe(
z01_<cv}AFg*ZEgO8wSCQ-r61US?TpUp8;I%!rndCr5hPgFxoGYe*K>b>3kZ$a~c(&
ze-WS7=UHC+azsQs;X-UpWysC>y$<Ez_)9Nbxa7j8v=`>Og3jwuAdY`Zd)LKt^X*-8
zU7|;}5_fL?!iz8b)2Bb#5hHOIF5L6<ox3jFGuLJ2T#S~wEeq!`<YOT<?*}TI$R`4E
zxg9_7NkXZ6gG8H!mecEKL5WqVgqWeddI@e&evXU*83PKH#6sN2DyU0hl@nP{;7Br)
zZ54ugv2i6>lF#B!6FQ24KbOyD=8ArOTmZRD&?@*@+>=ocZPepT)C{8fb4BPC0Tk>R
zfn@XLxUEWv43u9Pt*xwZgk?`9N}%<n+z)~i7?e^!sREkg?mlzpL2BXW$D@6I9&}@v
zZGatm7jAa}QucJ>9DMob6v`H~c2Ovd-@XI!%{I#(y&{3XiUk_=BK&+Z@I9CP_oZ*7
zfdi%%esfa~Ft(Smg#-8NF>yAQ;cs7!pWIY={*j<y#X_{-ejBEDnE73UP`h)3RQT;X
zK?e6&IhvfuI{_i5Y6vdcp%3;!#^bJx4E-?rslT12SM>LzFekvgAgtuK+=S^P1nWyk
z;&r|(zv})X+<LwI{+9W6CEP~7MIwJ4zpcQ<5TK30Ft2lSZwvw27!30|U+aw_KpTT$
zN?0rx1>Ph<U%)TUoOzudFIK=939B#hfJ&<`rT`F^S@y-P_Qw?f;<5mJafkck3IK7*
z4#xF5By)t(4t43Y#fxzn4Y8l|7DB$8IzV}%x>8t%_=%`us^L(VK0UNDytQ`6op)k6
zZE=-a#>fbgJi8yGZ*q_4ar-J;GPBV*vtj1OzmgI>z_fxooP?K^yYU2sZtGKFQ>YKg
zv^|GIB3rIO{;Lp%=j9D$<}0Fyahb)hJm}|yS<2gQ8DZ&h=s3$^A`7tSj?7>j%(vHJ
z*N3+LG0#!(O(we_*M1cgBz&;f-uA)7C3x9yNcwj#@e-8o??g|~5Q<^Qk9$WNNm<K>
zJ(efaWtljyZnXjp&OhSKeIpZnIp8ZOg4f|McP{aZ-H=V3H&Umt`jo->gMF#hg4F#g
zQw!1BKlq7rpah=B{-LZ*d|VD|(YDehw_u_eP)_-L6o$hZiP5|jE1geUrTQ>JSGh`Z
zFVXp{$&`&^q~3V%UVUWrh6yQVb1!83vQ=oXLfcAZ!JSoUuu<*-x$ZzHz&*A*sryV~
zH#o49JoP%laH*TdL5PYBmu0-n=o}wYP4G+A!Y|bkzf@tq>I<AKllovg1=lf|p$i6G
zZRX?6A4<MHsy30h1?SLLVTo!9TQ~8Rg^SzbE$S}Y)!ZQ(oHSajAFwD7*9+M2!}S3+
z{BS*h@A{eF$sPbBGG!^{LU~~!M^;e5>OFvrxu+n9Toc0zH`*fZi{&E<_7y#xQRK8>
zfBR~xFgEOT^9Pf!@fxRLE(NRhH$Vt(9>uKen{eSO+i&BO##>(L?ziCL5+wup6+iOg
z7>;Yrx_^$LxGAbbMD5$KHv%&f;+TeA^E>#eZ{J1DoY!~*XxQK#XJSCU7(o_q=<xS*
z?2=AA6S(yZfZ&GGBW@0N{)XtGt9BeFi;QM5{SeqyZN8d`v92mmL1c^De8>EQR#(Wt
z2pLSe%AdU1>wFjRX}mRwmd`NHYrGL<5GHBh229+gxZl?A&>czDxoO$|`(Ww^;b8l%
zSm4b0(@7sY+@1EtRv0Z_kioT8nHeb}CtH=1vsm0`_EUMhO%DqQ!uj3<K^vf~$(x{k
zEs#=mi?5t%zaRc$cG}PG+u#iqvmzg-gP)u$YYp<Xa?4NXa8?&9mh63(QizIU1bum2
zqG+9SJ{-dX1toae59F-eU}?YOa5$c%(cAxpJg0L?F_~4y?R|o%{b1l>2+7e9&6jhf
zDBtP(YK-=KnNvTh2G!{lZo%4^@@U)G%93J$O^VwL<pyrk1il9t<p2NhlkR>WA4)sD
z{EA;>-nKKZ!xUB?kq@IzufrRRs0g|tS+b}uV{tEWU(l~@h3TY?*hDzo+yoz)$Uh{j
z|32EL<T<@AEeM%E^U^&9HfO1p=a`rfA&Dgj40T#7D6!;8rnC6sA)lS+L2=Ks<I!*<
zSdKFf$+G<i^gTj-eLNMU!c)vdBzCHe@kT81L+Ohcek+OuhTq0dy8G|=kkRz=D}L&j
zh~G>Q<2Peke$!2Ue-YB)Q-8$y&2*OElF0CzZt(jHk_P-{mX_aiGcO|aIyPs^Z;1(h
zODsWP;y8Xwo|fO@vHTW~<+pe&zr|zuO;6JCo4!7NOKi(;i5>A<6Zi4^2fzV-|B#<_
z_doC<pXudS{Js2Uf*8LU)AE~c^81^s@tf%^za^33H{Ia(H!Q!IrR6u>%!>%Uj?LNf
zTVjIW5=#)6IF8?vr{%YJEWgEL`7IvHZ}C`u(-ZNVzCM0SY|C$n9r0Te3%?^X=Z}B`
z{QggTv@h@ykAn{QdzmM^l=g)2<Q{%;45U4Wi9z?rOyRe8(*0jdmb~-;<E>Bb;g?Ip
zvo79{Mw$N+2LEbCKrNcg*ngs_CZ5l{_Fa^oN#Q=|hrGp(2hzKtc^Fl8{^b4RF{r&0
z(GwUo>|rd~L+l5;Tb122!S3xBf%PuB3{Q(AW<}QPu$WkOZQO^}WAWkHx;yWjl?#8i
zaObKf_Bt#c*6;aody0q_sYi@rW2rgSAsCOx;};3|=}C|^JH&7_yPU-gP5W;-YAw6v
zr*eeqriw5%Y%gDL9pVM@=Z3+CA<PTe`C|Eq3rR{mE}D>Q2Qpj#kb`_JG4~_+7hxe-
zjZfo=6z=Nabwb@l9wgS+sb>v5GA>WMJC*S^D}Z>bZ`YDKB}c4V@6r)pYYDS)Mj7WL
zB}uNFgIBYyB^WIgjCpj@0$Z}4w160Lwo}jAJqg2k=8Q`&2G>*yQya18sPSXYJOrFs
znwuN+l6V>~2CE<g#LiT?nljk@4A@K*^$<8<PEIYSG0{jaC+S%lToY8W8sj%#tYfk+
z^5@^;&$VVqXIaW68#WeikH7+r1^stC2nCJ>{URQOLdSxBra@B3`Z~!(+fq`_F}*<L
z8=H8rm-w`@*fy)#+D=@}u%n1_OyvEhSI%3z<Vf>dhBM|qob23rvdg%>uK5u=UK@d2
z>;v9WbK}_JPe{Yk@<c^k6}YP6s=_rau3@-F#5DrfdU35^TF#XVTcB$an7BU8&n}fx
zJ`5yF5IMthR9h)k!SxxZ!rp;PHlkVzeN>V}#7oF=u+$y~hJMxFka0b2CAJ2!mWFky
zW#)rhy0TTQjEy#*twlV0>mG=;c`PLF<K<-DktV}Cvv*IptjO&C8j(aaK~}VZ1xC&@
z;M3*cQ<~zJ8%U*axk?_&Ms{gz`8LXJ#E`)(<tA+N?kNn)h=a(uiOxwZn;@XMSouDM
z^)g$$d=gijE#s%s@^N9&QZQFY4KKk0jaw8^;FCKTg-aop<_f%#WK-75#IXm!UCemd
z9+>1<2qEa^d5KS9na$={L}t}imU#}hGRr7xb}omK!t%}CB&t5PmcUrF&p_-ec<(y|
zuVfp})lTImN1AEeQw3wqj{uuL<E_xLa)Dxc--e7T)4`<I_z75HF15jiaJh93xI_|h
zs?3MT1r;CS7F2zRWPlsHmX^JA<EP}HQtg+^ji19Ct5~f*!$*y^@1p7q)Dnwn0hO60
zNhl}NL?W=shIf2He0SSC%8&&nYW!D}V|~zIf)3HFG&H4T9YqqcA7(Z~+5QaZMb2XH
zWWi)!cv-?cUBlBJ4+A&P0V5SG+{Ak-^A~LZZ~p^h*vlY|vhKH!kpwJ}Qm6}<l9Bob
z21IqS@Sn&wg=)B6v&T3xnc$t;{4@IC##wt#WiJ(j=>R5f{G0<*XNd|^1#%<yT<XD=
zz0{iVkZ-#*RGjgUC%H7#oAHppc4??KF>-6%Nn-hs6OQW0*f*6ps3a$_1@)Kcz`7q#
zp`MfNU%@@r!uHfp(BI)NXIlK$kHaC{dR0Ou4QPO%!5&a`;~$&A!Ho}IZ<lWUx5-M&
z_;twEt=w)D;PCj~2skpog+N(h(J_Y9aWZj##L>AOX;G^&mbl^e+fT);!EfxtDJK<a
zFu>pNO)T9$2af44^Kfh9g(#S?U_Tw4FDBi35EyeMpr*KJ+stBYbH=O1OIF)BI{#=8
zS3g?{AcV$lDHWWa+zn4U^^g!)x01xh-;=)Y$Q7D<F2ks;>!ZCGS>}1eFGD{p2GZ~t
z(!K)maWACT5g)6o9iSqiq1zdJ{e`z9Lf|jF0iT7Fqw?`=$qU*4wO>mN{`84{^#XJN
zsfCvZNQNtZ{|8^*qtv)h9=ih4&2NYP<l<}+D}u@PYmlapnI2etBK#R#eD)ng2K;Kk
zi`fl9vVBlo62E;LF=3q6z6K8D5(IcTv=L%X%}oZ1KWN?>W+oq*Y`+Q#F_dQd_9qd4
za^r%Jg6w6PF_TOxS2FZ*zR|}M!XuuD@9ywq8;n?4B*lO`$4|POX9nOA$HEW5cRzUL
zbtFzlqI4Le5rVXd@_}6C06319><L>3Si#Q(Quv{TSD+*u|L9!@R}c?$^5-zH<q04;
zTXyB{#!peygJPt`5<&A;ilL;r2>s-Xn5Hs=3kxqO;_k3b56Dzg3$H)|?AR5~OEt7#
z1qfC{EA98eG5wWf^{nHOI52?Ihv1p|Sf*@};%dz;TzCi;*MewV+t&U%lC|H19}XQh
zG|^|B&pxfX@xIkC*oF=+gO`<*QppQ_SeR)o4oLDV&o8AHi;9Vtj%KG$!CtEDm3Ztj
z9p=vG!<EyxRungbUa&a~77K`}NVY7X`?LE9Ll*uMcEBb0_Fc4f1~CE=p3K>2&|OVc
z+8+d=r){Kf6&~2|0fZ;3rwj(k>Wqc`0t;O#)Y+{+gu5zrF;Vuh+8Z2Hz9(hx%3pGQ
zITGQVIB_8$C0E>@NN7G#{(ldh#)hv1lOGvXChcV*7axZfvX_imd^}y`mawcbNU0|8
zCog8dBbOpezXKWH%a$K9jJk;D9<LPnBdC2H1PY5mH{#=U1VRySRDcibLZ1cLZ~rTP
zgGLn~f8nci`wL&dM>PO((k?PioTgFc76*ablV54DNhv1o1Z4B~o3{j$Ct-WFX_8Xl
zy-Wcc(83}Xo*Sdc3#-UxmA$);VaS8Fln3I=zhq+qk+8ls4^=sT-*=)nmL3&$(F!w9
zc1!YU+!xWhLv*LQ$MKWymhrLps*q&<!M3UC+BcwVCUN_dbW7r7`=99+49WJV=_VR<
zWuKzEN_U4@%Dk+J_w&?Kz_V_!!nu(1acjpHNb)1!ZpU4*(9Kn^!|cXi0g`Zn^jt=g
zDX@){NhCH;m`JxUl1;%$BvSnCiWH#0p*4{{9g9Tf%H+GYP0?b0?!5!qJ`BCxWjt&}
zzHA7*_Bd<BYoEXm>LN(2#pG!T^=?;J%{Onp1@nbHk;SjfNU88FoBC_pb>fam18KPQ
zTs_gU&E@TN$YJevH4en^B;@YnwK2OCnrSou(csL41oMjGA?z`OhS`rkf#)IZ#lcw|
z<@ipvY+pOu3kKpHv~0a(C+6@~vI{Sx;zD=jby(l+_fkDvjOMSGi&K$FuFy<d?f{B%
z345IkOeqNir8Fo*W8pTeuuy5iT)u4vKQeVBpi~I4Po??s)l(v-q)bV=8Ehesc@;;x
zzaY2^S!kcY>_wD$`y(s~ZW>gr!p>8BP^eI8tXdVD@6V@zU0J73@}ON&dh)-0JosBG
z5)c-lg%`d7d0+S!{7hO+JDwQCI{VL{|F%2~Kah=N;!N;`{aiB2In{m}^3NqBEtnT)
zkQVjeCq*F?GD2A8ly7CUjrxgOA=)n%okc-`y5a%C+BT5PwqoQ6h9Q-*V7n8z;C#$<
zCAJea7Ad16Iqanrd9hp*N)@LWg*3>%a+{+U2e(6+IKN((k*ico0qjL2Vp}Og*=T_7
z#q*)5OW1e-i@?CtpP0JFRg-<0m)3^G?B?UbwL%5PHyj0N^{owa;o5LOA?%n@p+$&K
zF&qe5r2(Wn<#ncpEf1o&eWHMRk19k(0a6$jg-b$kG7<%tfT-Kb&8Fu=Tz$-I>2IG%
zsTd3gr$-142Qz%pnjs6{bn@Xb$VkzB7(bM_*cG~(6or|spQQ-3@Wb<PX^}jYfpp?^
zkf(ou45T9R(<)E%pMu6{V9$e}=R>h*F0D$dss~031ALi~U}-TyIb))TH-o!ShGz!S
zIB6XTNs(96o~mjknaQezs7mm0;*jh|lU5mi3w-4!X5^E0m@%G!ifw*)XmYnF#<b=j
zzA)5n%6Rp&@hbTmEH6C{x58sSsCGts#1uQtG@>tBa#AK*C_LLz9cAactQhOz6{o3n
zxUZRyvEuoQtAY)9IZ9r3x)r_W{65S|8<Sx5<a4z5<Y?gbtK3vI*;qrX?J(*|aQlfh
zkkNl+JH7O8Y2Q6Dxrblcfq%|^Z9QVb{WH2p;NBt!v1R&(i+3@^NNgI(%4}=nbawm}
z`1vJ#<Mh-cvQmnTliBgT?49t<qRZGgIkjo=zUz3PcJtz?L;OxHPKy6NiyP#-e)0DO
zURvBD-~9Yn*)3e*C;ZET#zqvdfWv}9T&De)$%LP2pDVwABERR!?_=@1aGRyvPC!Rl
zq7HvI<h_MkfU!%D%2`V8z<-J88Wy+xLnMd7(aA<Z9hzF^HW;pP7SmQixFzt_b@CT<
zsFP`a#%pf?wO&WC{Q%g4HfGp9R1~S7#srs@fwn{M!XRo#A(#LNBmhK5S}rD0Ev${l
z6o~I)mNu=CJ&pI{n6vQ+TpNV<G6Ju05*UI#jUrPIMHL-jIotokA};(7i1OPc&}(Oa
zsSQ&%&S$oN3CMKGYyX0zt5>MRKtMpgP$HA5=X0Pr2I7>LexijuUWz=-9FsxqGH`>T
zb$swzHhzc7e*1WQ7haAW@)Ibx#B(z(T;O14pOc7{@fRi-S!SP{Y1M!fBfC03>F&7X
z&Ng#D<gN28iP4b=9ftSMvjk@5Sqo!8?#9ViNxRt3c2UGYnvU-A%t37#i(Um4u?Z=1
zYS8f8r@+&G0DmYkm6?-H!tPT^LYm$TnqDTdMUdD-FmV?*6XHGbGw><Y&n{sUi3S6n
z08263{yvd4Z_8$kczq+Q6Wvtvi-BZ^6AJA!krpObRZ);4!P^9I`uC`Xop<3JMvMa<
z41jVp^n-;zU~sVTAO|FyPXNJSGsf>^^ND1F&S&3=2EB|j@lpta+y9OhHJ;d;NNndr
z9?kD3$EgxGePiml6%i`9BLO|j_fT3!`8u9nnZ7Bd6Q11oJO2>3w8>mHUy*55AyZB&
z;9y1WQ^AuR1F2<sog$ceIL3CBmcUDyY&p!70nl+0juUHq0uf^1S>E)FpDU}|m*vuD
z9LzztiiawKE9>FOZ>CO{jMcU}pLi!9re1gnDuZ{B&&bqt%WF_k+0ehTKDfP<V@{ln
zm-3l%m@nI$_=bfRfk1>93OFR#kO>DWE&Ln^+Ft-_U#7C6R_cT8uK*&WfP;*M&VC@w
zH9w<+ibA=xc4{mvWWu!v>Vx6hZBeg}q2*dcUyE@=uKBf0ITPj%9F(4uq?*wUhNdub
zACO)&EUXLw&YZ!?ft%2UK}WINz8&6a3_P?imLUn?79UH&p@FmkqCN9F=+YS)4n`>s
zN)f|B!ViehY8X}NhA|Bklq&)Uk+Eo9&3Ni>P>h)g)W*pb4wB0U4yG}rs~k9(DIX9U
zgd3=asjZIzDGrYINSn;NtqfzMiId^#w%zg)P4l+o@rcLv2oXi+8;??H?WPFtZhk)%
zMfzH*x_kTd7h!ZpQ6R_Z&!tz$vD#>U^J0AbN-@qIS&YZ;c`+Wp`(ix)8xZ61-vKfH
z5JYJ;F%~#w_{WgXm*10mSWQ{Eq5M!`sA!Zj`lU!K<GdsGT}VgOI2~i0!8LyQKwe>J
zP!X(9f1oNwKAm7SIC^!_6L?T4C+0n<NGOQh0rX%Dzzm4Zdlfxs-vc_k`AOA-m}}v>
zPRuIs_z)FgKCTF1Cxjxzw5NV{^Q*`oCoj)7s&M>HtniA?3<FhyIL;S=WH_!WHBx`P
zncu3vY^2O^lr0FeS|U52lJsYe!E6u~qL`|>pl<tBUPFp%vGfN|XVc{@^cswcVK%1y
zvQy7d9rjaO|M#d4>lFe~T9g5&(c&`jfK_C`!3y=`V=|!H@2EteM~7Gu7++lk#t$a~
z<5mR5f7e7n#`N6N^Hq%bV>Xu@=B$)ntfz29s-2e%D+`&Zzb&6~OU6xIGFWlpG`DEv
zn;r7>by+js<1)Z2p=Wv|!|QNhSULOIARyL1($eSpQywJeD3Z%GGBw_qrvr22jmO~~
zMjlv&GO>!|B;2kmpvD;xD_kx+ieAfX1}fuS3apWMnV@kN0*e`p*pPbRVH~lZjvq{_
zB-<ZgD9Ym(kq5JjBhdh}jG=*oD>M+)I5S3rm_?!KR?>i|3lDcREL!vR!k=PQv^#;K
zV+tx)U!4TEoo_x9EISB(CNKR5OfO*1ej*AQJ2sl!LpWwkj|Jvw7<-AxZ=c6}F2GNF
zH?U9PSfga%w;u<X1~(oIswEf`_{Rg>y)S7fcYlu`uR|)tEY@wnW$EF*9$o(=!c>$;
za)ZqzN*RUX@*|-j8G#g#;uUr6r+~;<j+pgGG0N?W5pa^0MAx-&nO!0+dxM2c$!mLb
z{3AdAK?=f4VF0|$>oAJtiPvE<uqlA$G8qa_IxIHe{5Vo1`$O#~3tbvbk}E+lr3iuT
zix5t_(uo^D7xz19rZ~{eEmE4<HtbbvUfWBRhMd0vJAEI5YDlBRQF+dX<&sqPz-D~8
zZv)0R5)$A#dzrkTqL?t#l4|oaGdaEI{xn6bh<cJ@zu6I!;`ySFrg0h?PYM2j#XHHX
z7}stqvfW8iXQXu+Zt}oOoPr|13bK0R%OH}C2VsdS*&e_u0c=bMS$<ilNbX@M4M=}R
znVVv2YzHJpm9ZdEfDSp8GQV;^px0q`y6modQDj3pQ@6PR4oZX(PWe-|{yzd|6|>i2
zKB#1VtZ7a1)Z2}9uQIW~oGVwl@i-N1nMAe?yWjX#n;>72GP!JTzQjgJpZtV-G)Fu&
zt9hH3E5v~E3NWs_5tN9o^%JkhVB~7>$?Fg(MmNZjxM?1N6p4EQe1_PFdk@@=bHSHl
zHfTJCU(xa<HJfrHWNB(NOl8B8zAwhfst#LHVF?4JQdr8$V`SCs%`aJ3X$Wc3*>I>o
zO*$MxnxSw=V>WN19#(Wd27A)w%+xo{OjOZ?QDKh;L8Tz>$&`0vN{KamNu`SxnB~GW
z9|yoTj%&P2#d_5u!8i;SaSjxtp%q7Y8M9*jFHzJSqUPG)<AUm~w50c^!g$T5`V@wc
zj7+@kYaMc?J?-fn$mL-xmq2!={?-fQFid%4wskw^lO-1>DTOR*;{@(hIIdi(Or4tz
zD-lCW)i4aJ(pQ&;O>wdAuPj>^t_z1Tp=P(N<(1-mDLgJ*r|-ap6;wnetY}4SzFKR2
zUAZ(e^-#nbiDk4t+v6Pt?)515s1AWO6DcGzl;xv!;RukAgd?Vw-&`)0%cU_ad94e<
zuCWMr97ROubh=V1PYs4+z%mw&87v<O%cpb6oJgwe|AUgPDB$V;V!|=B<{)Negg4p<
zxx++wzKvi;`29RQ{m*TL%waG*0ujm}a?r^0!e63^#r)YYT<8F#1~k0*s(T`+>v(7J
zpWypywqa>i^2A^ccR50$FlPzcFp=g8NnZjht@b}an-+c8`EbQnE@;nCXm7fCD7bV2
z1_*9@nPyYLJx;l=qF>@Y#~v)blV>J|kd2H1e-Gc+Fh9)-yF#k|;s&UXz-$ard6C^A
z-sW%nlRN7dig9e>#_ziQT#PR|D4Dnf_;~iIezqv(i5r((tdkLId@sT!WbY<;=YNKN
zVDBk#;ZW4zB0;!P1yS?}rvR`k<GUcMB%Vbg3HAqv^iZLA5#d|1ABXQ1a4b?kV<7}T
zCh8})Z$;5hnpk8G?H`ES0aNu{GrQJnU<ViSo}c+%;u5{4qw!Nf`eP>>+n|gTiaKlj
zH@ZT;i5o%XR%y_YPFxK-*kAF&#c1E(Y8(8j^S=ZG(67nXEy-BND$z#2>38*P^usd;
z&<MPbwEnP@1AHp2DX;!8VQC&-E*Sp`^y48xtX@eM744_QD53Fq6eHRwIk_HtgND(+
zzE)&z9oSYsW8?Vz<B+S@rdKzWJsW=ARHj3za=XN+CvGl#!`7MiMvW5}mK-G6H{-`_
zv#3<tXCQ^v1O^5<3|(*Ujf1C6M>JOBOhnDyTsvw0tapPB3w<b(#c=xA42ef)PgyUq
zd?j=@62x}Dk?G3->8?r-l|K*Ecx6)ySFdAd6Hczp2yu<=>;RKlztLjH!;9D2B$aJb
z?+AZpVsL+=b^;q0>NyR*y^efCWmGqw$j{)$vH6dXW>cl}-*)r}<4{J%+FYyTu>bNe
zhzQpt!$<(I8lSU+iK&c-mBz|U`KpCyAbUP71KX`X^%UF-wZDiT+zw6Zu$6j0Ecwz1
zvejL<iekT<Dlw3eondNZ*N#4Ln5ym!)1xclc;48g5B*_1PSD&Jv@zkxHSW(|D8SVZ
zuzXM`Dl-r|?3)O&VId>DBag_FY4GHqM3&ycI)wfETzn~+^)h&~@jYuUfm`e9&)|s(
z6*q33jSlri+<;KOY|}dYZfq9td)g@{;P-(ikIw%sl7uRg(pu(k0zgH~?k)iO=6kSN
z{2gR2_I|*K1CTOT8V(<&&QD#a+9u4uXn(;vE3FspFIrC(9*l!TCx!W8`qDwBx-&a+
z!Hz@9=PX%Vb>1*F3f7vyFpo{v7-57#b4j^q?*fEDpZ{B$GB}mC;9(n6w+SufHB#8y
zKFI~`N+V6D^7WPA?=|FWhq0pN=Uh^oK96Ba`p&1ZNfaYne%#1bLq4M+{Pcv_F>Vrk
z+LTOA@mqxcz-l(8S904*GCKq7_Vl>PUhldkR$;CzO>f}=^MHF<+iNY|sYC^IQzv8F
z#h{1t9J6Ryxg;(kZ(M`fw$9<uSxFo`%rUq|BPLTVjf!!%+?9x{Zx;5V+f+GAB~FUt
z#XD!%f{x?EedzsES`(cssIi}x*&B?wxL0_M)v8m;cr$(ZeRaz{(_7#+{J#MC$r~Bc
zGR-Xx*mS_%12gu1cFa31h_?{bcI6OWoykw#*H4?5aAx_gqK(h!LCZwdH!x5BJb4l%
zcEYlO@jU9AL`WUy^pod)r2_8CN=EyXP+^;YfXi}Fv(uQJNDWUvO4AzeMd|~!>e#+b
zkV3I!r$%Kr22*iYhRVnJ``rzT5Y^3Jn+nRBKt+q$h=@hmsKl+F4R*8SrbaPV)>QV(
zTMw?XFSc{DmCL4xOaahs8Ko2&40dLiCWAG(lm?4@YK}r&DUC@oYfy?w$95WY=+N+>
zQp#`9sW>Y=l3uSvKQiG72y>)MAc2_xR<LR7z9ts59{SnUV%dFKxUmS_-27SW<C!`R
zOIDn-;GdRPH{)Qj3I+Za*Yt*IyTYzNR`oV)^m!7b)UDrv9#dnRzr<Ztn<t=k1DL5%
zku2CYV2$~7f;fe3vptcRx9UJ+-wyq=ZpTnHn0%bJ4NU6)G}bt{XBeZ-Slg|nBtoq5
z+B27I-?6r9FnLvzz_wuQ{?!)DbQ^*D&#hk2_PZhjubP%Dael<KV?*n3FRj@5Nu`N~
zd>Z(nI)$c1z0aMnn7;Hn1gIGHt4R%^{3Ar0fvIGMST$M6Po1Dx;^GsJp`&FHf#&DA
zKOiOV#yLHR>=|9C!tmus=)-jAIY0eg+a-!|#A{r<ioSf5sh5c7P?vF(V}cSu?Ppg<
zYV}~GSxM)k<8?0e0=2plH-JaN?G(Jzz&{pZaq6$X;K?K4v6|ZM^Su<z;MEUW+iEC1
zowez8_-TJ0Rt{<B-3P!cWAP88Jk;CRy)%Cfm}`tqyxf6FbZ3<wm8L&kMx!)Grv-C|
zn9A)h0rN?odia!wI!%+R<ffjW=u8Y7dN@Rw&WsXE&@%f-H36UEIM>Jyv&BH>%NXmy
zCf|I8_IrNfg(%M(q+f6)MvH{H^S9^K09FWmRqZ@esB$hwRvOfq2BwmKLuq)f?ZLx1
zY6dej_9g@v%h^q>IBg1}`?+Ce`rF_v+kvXH4D9BOzoc%$%@aJzhY32&Ho+<H)_WTI
z`}(J@BD;s_>m}++iR9Sluzh_mdM9bFuV=WGAnc)wohPb~>j9cmy~c~diiyTEC|EKd
z#&B2uI85i8Jh8i~?P*-RO>^j6Z_IE@ef4~=cWsY%#Q4U43EWIv>j%^eeGsj0FLB`!
z=)oi2jc0;#Z_K&s`N+A}IY;(O&KkKE_tXn99|oeyC(Yu?t9`DapbdG6CxV7&Vn1Q>
z(yL){oIWYJhhLg(pNkRMp4Zb1c@`uKfad_v-3s><pACvabmJTYybhzbH-qoU>DDMG
z*0q<ILtbwb`DQdU+Kul+qm@MzlkyeF!fdgt%<xeTVl_)tYK1FiWCzsrx6G227{9(?
zmZ#{M{$ytIQ1a4iSQ_rsqN95b&`f%Z55Y%eMK@{HcP+exg_2;>m`z}Ins}4YNTAwT
z(H5%PaSmsu;16#v@}v<;D!~Vk8f_07c-w!A%EEYr)=F_=V>qltV)A<>>{Yq}rulVP
z*K}_Wo1p;xjYR=ohgfL0AFwBvQYRN<h^JmHkz{k>$z0wJN|?2U{^Em4rksSrx^v8@
zrcN3zF;mH6i?>+K)SihgL1|boKgvLC))6u?XJu)@EW*C_b;7Zw2i8w<u9c!l>_JR!
zu)Owil$#F30VUXov^E@Ecr}1(`9eK&j~mZrzZtyL16qp@0;QYQEuM`}O7`M3e!d3l
zRcp$*B<@!ge$td}P9UYk;HU+XO1=r=Ady~*e2i)L<JcaQij`UowZamSh1c*{u+YN$
z&iS|A7`UG8Ojo2wh>{=9&9B`1K*IQ=n{|Xidr7}oGWRlr@io{6q``YBS2&}B`GGtN
z^?cDdwE3kHPeq<@0T0q*9mDI0$$^x=t${O&K6X=J;D)nTSvitfpiSotjCDl7a68=;
zIgI-P_8~4<osx6C+2*Yo9FjhbW1;{LP!Undzj>(of`?;HJW&pC+9-3daRtEG;$ZE9
z<-{X)s9o^D!YeQxU0`oJfv2e2oQC3|Z<*FbFNIBl_H^P#(Ee7^ULW6v*}k6lHQ$0S
z-lBd=sniS7C@}W`V4SV*F_qB)odCjVro0_3a}Q%23{#kUrW=>DP_o4?3{uT6n=N#i
zscG~-^}(4X+<A<R6zI^x>;a718!u%1SW=uGXA4R-Ka2dlq~>_@i5OtB=p%+3VM-2P
zO;j_utv74fGO4!G>BKW$FGnXKAL+#TDC?ydOL$_#nMsy$^C&0CWgMmhsB%G}I*{5{
zoSI5{IH^TyYN=%7uj;sGvz!i0<P0utn#qIyRxVqa!Is2L|C%m)9CipU+s}_7FYtnM
z1n%J;O#7a{g#9x(WWH>6aQ{0VhJpGjdu<&2&&j!G_F-OP7-`=|{lr6l1wS~@*biD{
zV1bDuu3^IyGdLf;3+MTgGdw80WAcgK_%rY~TiJ=1?eI4{wyVB=+nkQ2$AM4oQXb!m
zzu79{T!+8eoIg?7HJ9_NyXO4$yXIt^y8&@8(YsM`E%BAe7boR|#u6PlERDa|K*$aW
zMS3lB^v2%eL(x_|y+2~Vdh8t&col7jLfmZ>d^gR)s^%&RKCZSy=$Qf&-ws~D#)><;
z2b=gA-<0;p*v;)^*COL=G$&k9GTQ1shB<fmiyfGhMV=uqX0m#+{h%E4*6>qq4Mt}E
z08v;?iTM;*Zoc2d)P2iS07&YC1f0E6K9|iy7Ptnyd;mKRm(7C~B_IB3=r7xcEif1>
z9~cgU<qBr{PY46$W8)vey2XcsG@MSF**_<upT#{45OG1z_K&L<=p}Y&-SixA!%O7U
z&vP8+WdyZ7;Z)C^vb^P=v2bXK%?YtNM=W-x0$tt_i(R$ASBQu$3b9212IYy0(m<vH
zdIkU(QovdOD&blb2fI#Vg$W1eaKvM<vJ>!J7|vloYz4S;%b4co=CCKW0#ftKI0TZP
zD-|+TU@a`8J1NYSitts!;xf9G;v90UBHh3;kG;&5*1|W8?1oG0w)_Hha#wkV>wq}Q
z6ke9s<_a&1YqNzH%WW>-a2<BUvamL50kE)lohwqt3o9w(<qg+Wi94P*0P#{wjCjEX
zz_N$yV8X>RV7;*QS6s1L$#%o=dZDNA@Wu-dZ@lpEvhZ7Q`LUB199;s2l9QJqk(VJS
zFUN_z92dz8HZ%iEIg*!($V(-Xm#WB16@aP=(6GqGFaV<p7!lDJfkcf~OJiGJ%UT|Z
zOV;RIX?-{f$r=qy;rh7}`hhVaGaL#_bEP4AE8);G);fpgO2^S#4Ubz6%i(czC2W5l
z6B5I+G&-QF5J?4asqV^hSPd(4rK$odVRaent<|~GumY;#@Nzg34$qZF6fhi)EQez_
z#*FpM`oPvla}>3bUPEbppoda;<CMZ1rxac?6FZ)+b_3<qhSMvh+SF7gtQ{!9Og|12
zR6QK$zoo`MK#MGg<LDa4!|{>kcf%T-wGdk_sP&rvj8k-+b3GO;{Q>U-k$YZo9;7^f
zBQi+!KTeF7zvZU-WaA}3+&!22GueH-d^QA&4})VWEgD;nymeau;1=5VzY@35GM^_Q
zAO3kACdGJv{QY*kFHcYKDoA;H0>dV}MDds@c=urh$ThfEB1f;oym0@cB51q{u&ILe
zUCkIs**FLXo(A|algT?ee}Yu-*k^UlQ?Gqg=dtQ_PwG4lekATN6)?zi10AMuj}&+v
zrg5(mcpWB*9w$Iq(}}E~NW6o65f1GuE?k8&hiw_eg!@qDV8bUCT$VD213$!o8&jaP
z(GP4vWh9beW`bjy1G&XVAkf@MyCj~B?IM@ZYNTfsaMtycOSZ=qco^V%C+%XFOg~Lx
zu;4+=*w~6XnN`g4G?I9GFav|V5ULmTDwt6=9MLCcbD^zbM%QL(=s|rr%$b!mgH<Kp
zlqgR0VKC$3D3_xdfGAljF$?GWI3A|rd4%cJ$;Y1I)pI!v)ALHdxlr1$2CD}quO8MM
zmg{&_W<`Zkq!hQVs+$Tu9NU57Fm$I^;--wQ!gnn6tWJ0OaJca{uT5bEQCJ^h%aaVm
zX11n&g{u_qmHmD;{pMvKdP;P+m3tkHM{<whI1c<$r^jTT19A(EbODFtb5t>1QN1RW
zy+mDeaWYT53W`)g9Bm})iWY+26%}rY(WYa_b-Exz8%esL)x07pSFGS~S9$`2)m{j0
zyiU?%T!^GRhBuOM#S8K7N{<4i+S4znz#nDjU|UJNkC>4@;t%6}1U;)Ye8N}jBnV$c
z-)bKrfmRjL<5(Q^J_N6-tr(D9+32;8kia<RRr)o_a20i8a$KQKw4G>Z9Q7(48zZgO
zM`)HSFh_kv#BtkJmKHU~mHJTNtMw5Q5J_RYW6mo!*GEWHCxLg9>u97aiXeT2QWWP+
z)W-X8M=dAn^(A@K)E(W@M`&OVZr9HHa7V4D4|mkw9d6S{RL;z^bEsfQ#EjgKNON7C
z_xFms9U+oSM=kCgy~@DeO8S1QA1%9M3NaFMRfwDrz*uO-@W{QwYKm5KUcFn0#QQF~
z1*IZRt|^eyD)HVXlI*^I!O)_zZMootJH~}bu;X|msa~yLNGA58f8gIZ50lEe=ERLz
zcfB5sWbu%Towb^!tLsH?6E~jf63}#{2|i9U@QwF#Asm>;L-smU6cCxGjf0M3vjM&a
zQ!lXrzLpN!0AFVysKkbZu4V(=hMb)ZP&~2f+Oa5*p4zgoxM&@d4RAMe?(p|WHb92|
zR&9XfRO1@_EIt8Q|1Y-zy2AVxZGcD06K1{NkPYz2x&D@IfPKXLF4_R2BHm**KsLJH
zm<_Ox-rtH1@Sjki)op;(YR(48yC;v%2Kag)?*2J&zy^2;K59#hY<vtlIvd~Hfzj&_
zm)Q7-pz%(?#KtGSYZ-$!zIVXUW8-@=BFAiePf@S6@m;K5XX9(bPa7XoIU66-#B6*_
z6SMI#NuQ1HtyuSoY<$FJY<$FIY<$FGY<$EJ+4#nKZG7h=&<$vx2v0N@np>QOKQ@q^
zTigMF7?_r1nhi@H(>qHZ(?=5?O&_10DFP04kY49vOz-S<Odp#+DuQSjwxsDfV?=tL
zaWQ?^Q-ElisOe*4PfgExA<{?lDz$bBrj(sS2q}^6&6Fh?X&PE$%*YEb?2~Fsi-N%o
z)DWNCT*(cwsVO@Oiow~@R%J)rfMzO$LtSM^Q8D!JBW5i#G(;msTM7<pElX$<lYz<1
z*3b3Y#K@r@)c?Pe70yaHDs;0F^*K2a<Bvp$Bt_>W0;J?evk_4p27wvgtIr8dgf40X
zF?1Z;N0SgyJqAG!I@cf~bkPJmhK^zsO+G|*DLPZ<`_<<R0uj1MpknAKQ_-A5G#_+5
zZBcKw`b!0kwy2{}Vpcj~i*mY5EhBSr`P?b3&5q|G=obLcqs(>zV04LEoS5F}GNyN&
zGs$~fFVh=cqPmRfoi1bgc>7@XQ7r-?lUwznx{T=~T}A|PWl97+x{L^nE{$|q#0e{-
zON*<rB4$jr#27sSX5<%z7H0_(46fo2%MG#pSY0L<oGud#uANv6ksMkYOo7Czvyva7
zYZ?|qBzhJDTScVHDrbJh+HQ!>sjpRe^1Ce_VpG`;CRoYXzbHN@<<g)9)UUk+80iOE
z*j0OJfK@l*b7B&qi{xJQgUQ3{2eh89YA+4wLFZ&9LKjI*3|*vKAv;~wUV_ePFGX%O
zLWC|7p%}VIx1w!zReNzS;V8@`{EJ&fB6|t7d^{wwmoW2H>?NFL$E_lfy@Z`@JY>Py
zOE@fuhrG~*aD)*L!G(<GZ3Pb8;vtdsg{>kUf+v(r8a9!5$e+3ps-k$vE=K`%(ox!S
zyhIKBl>J<_#=9}T#-`u7JVZu3{#?*_4}jPvCVK{Y_kJ<D*nK1l?LO}{5St#)rL5fh
zH4iGC-A6nzso1e7kUqPQ!hUVL&t=TH!`~y>eHi{*wfm5djSt{waSyWoUvBqth50So
zeU6mpZ_e&><XnHtcAq|Cei!XNQ4#MkyAK=PZ_Mt~NAGXN?(=>WXmz^}wc4*?_xT_Y
zcRRoVyU$*H`t3dpIy$@0$AQu75SQ3}h@f!;U}E<X-zOP^cArnc(PQ`dD@2ajeY)zk
zcArJ{I=jy^;HTY(shr)1X<~LCris~on556{^Tu@C?n7M0?n6w*?n5lb?n4Zb-G`Ur
z#`d?cKXW4^dfZ$^21bNLqhTEv5hfEBGd|;Hi^luF7_+HMu-LJiAc*y<bJDBECQuPh
zj@(wD)ESjviKC3HLypY;!KIL~8cLmHG1yMB_6t$H<6li~_b5eFM!N}QQmX}z=3Qz-
z66D5)q{yQ+Zbxuz<`tnoEMxP^I5QP9NZm9jLb@6oV*9mXM1!>jMQUbe2I)#Z#B5D5
zN;wZ$QC~7)TgltV_!LpvKi-y9eaosb_R=0D1E!g+XY|^mnDAa1zNciEwyk?keq|Sy
zD9L+JeyQWSqH6C!`K7k(io#Z;JrZ@S@=Lwj6|IlC4Q*bpx4K(}nKrMZP~f%&z~<%j
zxLSG^;%$JQJ`G7wzal3r+IFRyf!(&z;}UF@E<L@9fshq?oWOn!DJWHsOK==zZ*L=+
z^h~(s7ELz2szy+%9@p?VPG>9=Rm1SeT&C(v^H~LDq{kz!MphEds;4s(P`{N#fc@Ih
zGB&Rza(Y}M_u5J{pVj!#uN^IG3yRd~aiw4-rTrEYlhZ1k5IwHJao$FTH^*G;u<7k3
zB~{;klZH?#?8U6|%m-Ur9OJr%rrE8a`d+b}y<1`{c0FZ&PnE6GZ10Z5#x%Dey+<TA
zrnv>_JtDC&&8;HTQ~cgBk{0D|NNh}V)86+-H1^?7&0V}qE51L9{bf8PviC8+RqTB<
zuiz%vg#%Exjr-x$rk+dm5|7txaEIwPaoW>c{5wRHldavqhb!)XexLsZeg1voe;$4{
z{pE0RuH+>iZ1T|aHaKnbIGlr7dD<q~eIZe#qGPz-{RDU&ej1+#={Q~U7NixMT>MRM
zM!+2GBeC-}wfXq*np*61O^4a=Y&?%EH@*P0Q@pC3o-e{voBV~>Vd2dq;VgIbJ~*ET
zXUW~m;CvXIMK^DPFSS_abfSYYKTXfL@}%m;xE+KHfdxBy6a3$hn}VY^!DBFa0@=I?
zzW7`uZhi_jJYo?agOBhw_&%lMDcoL%b2*ED&D^zMWvOL3lDqh91+$QG@ZTtyC5?lh
zqhOXd4t|z`rGSf+0Kv^;sVkoV$046Qp8;R_1UQpt`knw6Y|RgOe6E<`jn9#1h6~I|
z9!wUV(1+KOwTLzz>rqN8@tjZMvCK9e-BCQ}lXzr;jYoGB&-o-CxgznjZK({rlV_q*
zjr-!5IWEM)ku19KzP6Qy93F_D<`dkpinlLt$3Xf3w>%H8qVQ?l1|Y?zU@$ZvP=N0P
z>^>aGh|WkBk4T4;r<}O%9z`>J5<F9#!J*krHyUcVgm*YPl8KiYJ+R8_%#@%W%f7Su
zQ*PrS(d*0<-FQg!Iy0p=9umFIOaZPB?j_SC!d~h-DRi~9mlCw%{CLYicG?r=yU@Zp
zw)PXRHswj<>77=xoN6t3JaL|^z*Qgjc>H|Vj^%WPp@eB@wKo*U>RU;|G<3K(beN%p
zX(;oEFf&WZduf^YB_lY2EKRI%B4wH=mX=r0EcqUmX36)kG)s98OS6>sh%_7ONV8HW
zG!v_#nJ6Nf-`c}xrD|Lb_Y33dXZNyN2{RFdpHT!UwbEuH2uq^~QgCI9iNO4#ERKce
zj(*AgNc2nYN1|Uie<b>a`FBPCQSm>O7y<u3i}SL)3u0=(ukG}LWNUvbC$}z)G=Ip!
z1jj7v5igBC5BJ@!OAh-pxVY=kRbFk^Anq%{O;01uTU8&OhCb<9=tZx*B&}vHxA;;t
zJ^#=W9%6VIUA0|@U@XckUPTWEPwG1$zN+}V%96AxY#AUpIJAT}8i)m>PsE0Yh-jQr
zA2HG3N1s<Uy-X%MH+P;l9QiV}#+T8-5L#Ul;W{SThL@zx9usZlh#F8)iF^@lwk`9{
z4*t1VmZ7ti#!W27d7j0l`lqtAgC#RKRj&*S%<@3WjIuinnpZCIm>`jO7wW7ggS(vG
z8G&25xZS>>pCT^x;=RncD0YYzz>Tx`9e=<ZK;af%CyQr=UxZq~{g~y(*Fhfc`bdo!
zS2a~LuHjU@V4NfVdVka(D^HYg<3l?ByS(K?z<LyzK$JncK833rH2YD1Wa&xE{+PcW
zA3O#@>ZUIGwXve;CWEmQ4)sf37JGjFCmf^7#T>l$_Bh;JfosN=@NWd2I4-up8EAT%
z-whUD0(#1gZ-7<2N(NUR2Bzk4bIj7*dG`94k>+<a?uf+oIxNR&c%d(mJnbRmd*{VO
zg!$F7IxCnJ8E4h6TIVokAj|c&K1Nzgh(FT!3No(OtRJ-^07S@^#i{Y?>#~A^Y3ijc
zao|>3uk#NP4)IHPRdGas@fapt>P%V~u@VS{bXEh0emD>c14CiW5JW$7Q>yA~gFXTW
zvkq?^7wNK)76n8>3Uz`5j5fZ;V&jHM<(0Bw(s&{su8(*)8u4(fmxrkRul6!=NCC=3
zh8ZTVq|q_4tVtZtYJGkUH+WDG%ftG8A|}?yBQDmD?`0#TRfrU(Xsua4Dmq5v%8HKo
zSWp~}k0Xtnd)TOTGs){+aUlhtqlU<5ROHQ7MiBXoh<r`NIC<J%9IfnbaI!k6wJ5^8
zsvxS|)lYCKrfmv5TTHPt;=k61KPFr?`s1Q}f&-jrFj!GC;#sqPBWsGTrgcNi^{m#7
zxO1!<jZ(+eppey5T>6G&pxNW15nIo=V#GSDnW(K~*j8#8(^hQjjR2!6`I{Mo`e8({
zADy5_3?J3{jxk(h$O$d-7l31U*(R|3Y#1rD3^!sPG2ApA$MBlL;P`W*Vu%>7g00-F
zMhqX0_+5_JUFqev3b3i`jS;u&Cr9kAPe=T&Z|GzAxS__?z@P#g!^_HW^kbY$yb;1~
z#!e@Doqt4y;O<g?WLwMh9||)1Uu(=qA7BPnpV1^nHcU4_Bnq(|Lj=(_W>cwve^b;^
z6bE(2zQ;xqsUKVk8tMTN)ktFns%lRpK{dJ(G#&%lQHqgHlvN3_BNc_OcW^t>QTV8X
z+Yyw)#~i%6#QE|qu7JbzW7-@+%7kELJ%UsS;o>?$Se7?+cl*6{hk;(K?u?FGDF!F@
zL=rJ*tOQNRK>r)W;JaRZhuS<@B2S0NT`E<tUeEwG3r~m1U1?!rZk@c=m_+mQr+>f>
z3t@_kETD~VQ9vu*E07+>&%KDHb12?r%s;QgAlN>yAOg8d^vHJ$$>?ypU<{t$26}m5
z9&O<}baNiJS1>0MhWLpar<^s0L(;fqWupt>EG!=KbhkH?v$A-|{aqSP%Hkn^>C$lW
z23qd5u~^HG*fIKSN@@q7#Yv19E>vt3M>WUy6V65<7KS6)D8#~WBpb!OHWpNewZMUs
zcf-bYkJ?zyfdZgV)KY4JJT!ThxA+<~sO0`i<7aH-&OfI92T8D(Jfz|K#h#N&yd3=+
z?KH{qQmUNB^b|X!4>kT97z!DWHk!umaO2iWdTD8C{2YE>Sqak(GvxB|A+Gc9C?qRO
zsS0uAB_uesznJxCs}X#_L9gH-PT~*%(koKnC}wMo|3DzFteh(tcV?~#yT}g#1uSVh
z3#{Nu%nS@UNjqRbJf;Sux|FK^y2Tk@N)7*}i(`j0J;kx(8CM+k2Y$lZf|54eRvIih
zrq~vp)C1}RwjjqbDNIsqL5^X<BrwZiu(qJ{?h#wiD<~ke1^ooIqP8G)(H5jGu?4B~
zZrOtF9wyp?G^W^s)Y)$fB6Y?V^y^@yElAUgEl8ZO1qt?}umyR+;;TVWx$z6|>aL7I
zCh~|x_Bza~#~O5ynADO%r?CdnX{<qX#;ifFgm<LzBjl{sAo?*k5P%vo==3@QH%0<+
z$E-oGig3uBP{ON<BLa*IKrtC>5F;9E5S_*vL}$zzL~qRy#OWY&D?2}|7%>8krG-i2
z)*$f@X&SL&2w=4FV-{PiLF9_E0h46$L_9RsAVQ5bh|ZWb$YA@=UM3DT1fWc$(=c%*
zjlv@>mLzdJt0@ZSFN@#cG1ef-+*pIeZLC4!j#-1mUo|vYK8`p)_!y&cWkriMNN^N1
zjpO4;<G*^?s1<To)*vq<LSGX(w&o!6^==BUSSN&@L9IryPOK`4DtKxRk`&W61<Vr!
z82J}-P)xeSIw1*+EQ@tQ04Ev@<Rbw_KE*mA5meYzSdBS|n5{WT+{PRv?wC19(l;an
zMQ+SNgd1}ZoyHtQ=Wt}5ki@3>iaAICqbmAhoe<#`>_;c*5yMBd!eb2Ym0G9|0f;$>
z`Il`1!|!^-h#k#AEWVNRh~cK~IEL2@2FvgIiHad&xJtI7Gv**-Hs&BYjX8+Um^p~_
zsRWy5Wz0dsH)9SGw=oBaJ7x|N|G1%s<{$wKD!?(ktPE#g{_Y-o!qv#$+JdzI=m^N!
zf>>QWwjfU;7|GCHAPzDeLmZ@S4ErjG+3L^#p+d4Cp}DXU8TwN8NxkugdST?}NMj|s
zYHu{jVssVQxWa@uJH#_8Sj;&j+K%!Ru4W;^?Vv~DY8E2g4wDqFW+B4WEc8>+#e&zE
zg(8SG3q=rT79t2{A=Y7l<(IUsg~FakO!wAdOiU;ewN*so#8s-lu?lSZf0;;NjP51Q
zHg*+fE~3O+a}isyGZ&FP)?7r{F}w51-Iv32H>^g#r2JMiw(bLu>_tRzH1;BnADzAE
zS3qp-MR(Bssa1?b9IC2W=Pwf6w|KiV>u^%YZHV7RQr(95Hm@GalO)}@A&efbD0kmZ
z&*Gc$+r5@fHJ5>ZyjS~?hL6U0cKrMy*uK1Wu9ooU3m<e_3!jFUBXp$|C%4`~EHT4c
z_nicI9e&ztkrLLmnQL)zx8#vd?7)}p*J}?TFsBhW;5`b-<+-oJRoxH8hDmF2^Lut1
z`tjX{%-Qm<J;<EY_SO#RrmlGXU?TBu&a?3@Q~u<<xA+z$k#gg)5o{z}!^cPX#q)^4
z)DYHzlc9Zb5pN%0#h9Rd7hxT^+^7O;Fe0B4HbbZ*9iYc$2=0@9J&*_W;+43!;0@wj
zOXnNKS)lVx;v8_$8eD$4Q9<%BEy?{d1DV>d+Gu`-E~fQ|tt+VK;4EbP5lyX``(q53
z)T4AUYk$2><B!m#L}uZ{OB<4NN^=&Bnz+tjO<m8s<fPUVjKE^nN70GF>rkjFiUzS(
zAQ7^p074c?km6xIjw!1V0Vb(rx*GMaY$oZjNecFwq{4nl>X;Q{rIgI19WiN9A11A<
zuNcdvLWK4@>u?$M#p(v*`6+;j;x$rGRGh+dp;d}5<Oug8CJ2nkAz5UiBn({j2d?@9
zSN%b6iMS&K^2o#)P3@{baMd5U>JMD?OX*7KFbyGQ>a3=Y1R#h6AczDYZ~`E5D37@H
zNWgl<11g1|u_6fTjQC3hi4+o_sf$rfilS;#;R9I|)TOzQZ$Vw^hiuhWX3~zi!fV>7
z>_V_6brLO1G%0JE5-ie`!XeF-&C3w%T0lVlF5jyOd?yGh9sQc1t^!3V5x&OTpVNcB
zDoW7>@m5*SNu^LmHL()~KN1B$5(OxsNQ~-vO^k}t#7-8JW^Kn#7UD{%UeKgg7*tzI
zE7gXfX`L|mM18L|Kw~_NHmIvEq}I^Z6;mprsH9;^1&KDGax?9+KA;Vgj5ldrkI=8s
zL>)-O)Xt>7)}*yvg6WZ^Svv(9(@ilgR39{HZI@tFj--v$ut=n;6)LlPH3GJkf)BBp
zifaUpK96B+fQ1%F0}~(1@E}TkOe2IS`7sR=nEc*x!m65q6?!b=gs4W2X{Zn-KZeml
zl=xT%3`~9RnBlH8#IcPTqMA9jVM8qaF^n8ysgGswz~uL8iNk7%V;MihYUEgk5V7RP
zGKz>LKc;~M({s%^l{f=7lK0SVvEqDNRnG-@evoM#$C;lPP31@$womFtJDyLg!Txb~
z@s#fp58rj;J^o3L?}~%Yop=z_Y=X!wzLtYPcZJB(;_Jk3kCJ0x@J|HT)8I=pi`USv
zM|*jyQ*BRC9=PD`X!Drq%cIqk2d|nFzD9Y>9DN?GzC7l7@|dyqtwYG`y{x-jDxWN*
zij`7o3r}ifa@l-P2yv3~4`7u_z>1xy;~%T~Slm;O^>H+i=94gmqnYei!_<|Hb*Rg^
z;?$N^14|mXe$~Js2?Tw7q#a8Yv<{y2P`o*qE@yGnF2jRvJb&9?K8^Xmt&lS;WckcL
zikI)^WNNr&ZV_Bgrm8KRuu>_7uhR0ciN<+7C-2LXH+jh`H2@oO@bq!Z`moo=OIEEH
zTXDSPu=VXwc}XU|4guibxV+b)k8Hfg*>%~r;vpY#A#7#wkW1X=KQ^~`NZp07;l)Gl
zaM(Bni--J`3*iJS9`bV+!f8=Fr0MeE<OqjBX=Sb#_R{D|z2+tUSc{tQ>YLOw{T>9-
zBc|#1(ldS?;%MOeBEN*cpMJ9k^aFG^GLTuAmoKDwxwI)rT#0*#--ot0{*tFZYg=yo
zmA8HQ;(WbSsE0+qdcBqBg0N;pJh;VaTj;m2Jtk<u2F<JtD6^c&wxHq)_QX)F`ROo?
zRsn-qz1n<V{cL$urIg}()a?nr<P6&}7E?(QpQH|hk!^Aq*;$Zl&2Qj*#+D!9!Q3!Y
z-B#OH%4+mcx75hQV`#@hTNVzXC~F!tc4#xg`kv^cE;>#r+XN84hBR}NWTYp_dY7ac
zC4qo8r16_1(SjfI9C1m8qa=`G)ifqaw06iO!!8Mqp;*F3`Us1b37MqolB|!CtnVW%
zT5)8Oic2yYB^m7_Y^<mFWtU_uN;2jMW8G9*_tp-X+rzj2Pt=arp|Zfyrfu37%1b)l
zvQQ{!X(ZJ?IMlenNBZDU^#UI?aB80j`xsCDSdc}%J`S{a<yeu8X_4aKkb5h;ur>JQ
zop;K5)TPjE?_YIXC-(&M27`iL5lClIx3!m29PQ!B`o{54cThSU=E;Z;opo%;7wQr_
z&Q)*#7@`@PGZpkkXDWV88cw(;X!t$s!vGyT&%B7EIC&7N+z!w}S)qZ^FN3%}#Ds{F
zlQ5^_2C?2}LPeiRs8eTyYX(xd9E4R9i0+bLr@97l!6HVpqgy)|1B@1?79m+hmm=#@
zz-5WS^^J-z>#~E(XwShlmQ=j=Zi)eyQOCGX#FmlToupXhKA6Ngy+Q_$ZeIpU2GZr^
z@<6(h!cR4gADmowcMRO$@omd9AxibUKlA^ZdruSY8FDfp=l?MepL$px*1X0gyq{;=
zd<{$4Ugvp*MC$om{B8UcojBTOGI1X;Ro*M>JRgDeg3*GMlk<Em?cWaxbzypPqi5oj
zWzH7enUkD8gUik18?mIl2l>rE3yE||TMj3C2-URZMjPQt>|0`Pc-i|*G*n(CBbgV6
z#XtFCrBtD~A_q|$r=St4Gg)q&hE$U$c*(|JXzAXxTIo1;PbN6#Jbd}q*_>Um&yz8~
zpQ!Yuvk}V^xn<v!|IZPJf63{`v;2b_$9mcD{=3PB5h-?Zf;eV0qng4TYX+*y8kvvm
z!>H;5)TxrGzfi^Igv)SX9uydlS3Q3^KYs`7PHF%fxO3R0oyQLB0(NE>lOszQ&8=T5
zrIVveB|kZ~R0@){rBWtY&n}g+$$D<7luOq0OQn3WURWv>lJ(+JshF$}ER_b5^|ec-
zwO(m(%absTgW7H7!h%1C-CJE$N2w5I!UC=m#jr3lht*O6rd+hzDzU~)q##VU@?kM>
zxQbymEVfG7Fdb$cuC$A0aP`D8xY8MnbqnDDNHBB_gt>5_Rmz2am~*&%7tP@6iDhv4
z*)V7o!?hs6;948z!?mqa9)sV!!xgw_23JokgDb$k2k>ic#ILoW3%GJ9V?<ZlMRT}f
zv1}P};2-=dMEoj%F7Q5&GDdXyE}FsB6U&w{gEAJvV#Kc^>JhvLJXVi^i)L{3#Ij{X
z&kcSJMEn{+J%aau$LcZVq8VI0u?((MI9Q!24Tgi|Gq1qKd)TiFS#B+3PbK6T-)aUj
zjqh+4a*gjun1XP_u|7;gz~LATeF!-mW7ya-Mn^5oK-l4^XG6$(R-CyI0-qCSK7`cg
z#aRd;`UP<oL&$$ooC6^m!GJi|hHKd#TGm$ZQRss|K-+Zplb!w{w~0tL`AB<=Z63<`
zXt>pl>-ZVmn4f<k;=7$jA4aFC4^-xTY+?`gT_m?*dC8#hFet?C2VFR}Wn{`37hb+&
zO-7@92vH=9%_k_PB1T5pa@Ix7YP{<ZZxWlBh_Wl5k@=fnDVvyR1L1v3)7--(5zsLl
zBAw=p;9>7a(;P9|WI?7kX=0p3E;k-7`do;^7Hs2XwtksoJqAyq!y)AG@kwhGzcz{f
z?h#06?F|0`nnzI=*s}F;#Pk+^AAt+Utq0>i0)Oh#tG$FbT~6)cccT5=k%T|!wV#7e
zZpvS{#m85xar&WVyI1$4#M2?R)2;+|%+0wit@|+m&^__fek!yv_^2@nS$GC8cCUwP
zGIi;znB^0aVBo-YuA)<W2$m>F$(ZeDG7VE(z_S35vz&$ohV8qkwsCNN7ZA<A>#>PT
z7Jh_Y{W3k%c@D-+A7t5uSY-D+W+(NP7MgK`7+9y`<TuU$XYvpeNLWjP3qJON10WHC
zaz?{6dWYO=kAROwNL-d(&GinuC!rNnj0z$lj<Fx`%7$T$fQuX0LA2K+!bu_Q4^T82
z#N2#~vT@%<A&RH8lrSJ>am!&ELj^6kP=c93Xu>qULeq`2P@EDfgq5)P3H(SMlwdw2
z>6I{Oldy6rODhIJP?%Z%GxTIZ4|GF_Qg6OF)H{j%#9x7@A96fp2kT1B3Z4EiIQ*4$
z3I8(1DIChB{qv{G^E(mdM?)_gt(U&MrYkFTT1^G=%n+Fb!&+dIWt#7p_VtVuxfqv6
zwD8)DVSLu`ty~ihWozJ^glmPaF0F=|SWU7@6k|HhJ1BK_(3W=~i@Zw<@9=A>@U^jE
zgJHUiGbW5sn=v(}9-NI)0zK44&^Qyd2)-V0d__%A7d^n~q8m_k$uh=4?Hj;%uS37r
z`6PbJ?N0)7l2bqe^9_1`@^lOyDf6ku*Vc%_;ND4Cwi5Hyai)~KqG}M9V+_o&F>+@A
zRdPucLYuexlZ)QM;_+ysl4X5J*wSS#W`F4uHS38Rzv--p6h!E#&Oh^elj|XFMfp~_
z!7|oIsD_qgBlBMnrA$7Y4SM;f7{RI2KVsWBCf7Z?NPF(ABqF_|l4_RgCVt`u$o6%R
z?fSUcCA#GWZ-r*d*Y#T{7pG2K{1+t5?#EWpEG&V;yY?@B8h|i0HhaZv`HtjOnEMs8
z^)1aW!t}TWGYn|D4D5(IVJytn*M{jCI%SV(2Gxr@TW}jwb~(&0mrJ>+jbU!_vqYEP
zFSi!eM^DaW!W_mf`>&eHtE)bWN(ghXOrp20k2XJDA1&pPGT)nW3sdG@O1d;<9x2he
zgTzmlONFV2XBKZ{j)ndEr-wk%<(wK#JYw-P0=#m^c{aRWZE2LuiYQ?LI5A3qo%F5F
zW;(dl!<?*KDo$PEhs7&P1Ng<fxU?4Ea9})<_+?^tbSGTbtxY6m>$#mf!nF#m=XTL8
z@KId&CkdGZmekpL0cq-6XL+KP2?!fue86@rhsA2Egh5JueDm|zPEv`##_;^ZsMD2e
zYW~QsU~YUZ{$>k72ColgMs{Ki3g&)*@4OR488EWKQ`FU6{@nOx{LL2p4E!0qnvlnV
zTR`tj+=<8vtr1$;8Pw~$cI16vx(0tX5Sdi4hK8VAxwz$Ah+9w}-5G#>ocPU-Y%8~}
z#FhSE1nV;>4yGqzYVq^*)ppUpLjeCK!Gkf#zY3&kApuc=)pJ;OTKtklris7MkL`0S
zupR2fhDi&#GP)D|GGxN|aSxE`lT27y?in&+fuGAu<Ew3b?HzaCi3->mR93G81o;Tc
zVR4dGEw!f-fZEIXRYJ9<6^fe9@hml~TI52jnsSjx<pHcxq+m$V5$^1qLZ$Ps_JV8K
z&~ALc(~Q(3^{Qx|i5t&yiz;l0P(U1FP29NCfvJYDi(SE|I54#b7FHB|qr=T6jui}D
zX1c(EDL4*%jRR8x9QeN-n1biP|K`AyAP0V<15<7t_!bAI06OrZqnk4C!0&ajDZL!a
z1&McYwG@Bo-7)iDKT)<_%d>3cgA)}C`)~xSTG-=lUI!<JE$pNSHezAtMzHl3c1475
z)WV(~#T&D*%U!(g_d)pzT8E=Fj@BQ!G!u^2_e3y9>!YKzj@DmB@f@vhh+vM^P6Ttb
z7976rt)z9t@O4}kBvpXE6Q!%f;r|}Nt8w@%BlvI}euIN|Z#!IGXFGZ(dh#ko@SeOL
z7{Pn;I?chm|IWPRq)T#qFJx!q`lL{`v4k(=2{X-0I9m8mP8l#k`ZnVy7r%_p_U_l|
z@jCpx;Q9pSH(yl%KbWSTy>0O(xVGz<=X*y8`#%Vy3?~!sL)-rd`XU|moOU_9$o0Dj
zkBxIU7Z%jpFcfC)LeI9qlpruAz*kFfvn#=bMA=-@pw0RDhkeu*ZbDKqh<xY?5<E5$
zI1(i?S*|l#R!o+oQxo3eH$YhTJNTKZdW+w59-OuLmi6G+ymImuK)^}H#$$Q7>tKEN
zX1Fn$!VHNnEQ>le9~2#~a11hUMnb07D)<^)V2^^7FIo$r`!8K#c?TV1HXaHSX$*A%
zxCqZQ9*H5J^E`^4#-s5&HJrjU<z^sSWhg53r1Q#8frpR4{jD+FnBKc0<bm3GRBSqw
zn)2n>Lyji?NJF&{tx9Wm>#=dj=5o?U85{4!6gnBu+CkUUeUdN{XgrxNV2Oiy@N_P}
zI*0Ka=Sg86%io|e6M1?<gc{5dBq6aId++NYkRO$~onv`#xuRlWESv;y8Bgddmr_$S
zcOJh6>VyBiJlayiY?|Lfe$s-XT)m8vD{xFp9XUYUA2m2^$xMhzA>wo(hD+rx`+(1)
z&Xisae83d|U>T<fDq7&v(UC_|mB=3c|GHFeoQ_fCmtR~;`xT!Sh>Fe;eayltGhzDW
zTi%2rj;vjriDINNU#sM}$AQK7D>Gn#xOy02VU5S5xPBFj8_JvJ4QeY&CuV_*f7(ni
zm)dfDG?(()PeQt$36%joW(q4E`(*A(UFKc_I2ZBVO8|cYkH%MB$TNqen`>*VY-y}z
zT!_;+pUH||Lxk9GY=aj|b`y|9YLMo4T?iv;Vp_`{%=Hjm?^qSLCT9juG#NaO>1_rx
z6S?xH+q{MWGR`WvQ!+m$-B`nf_9ErJY1T>q#jVH6;-X4e^Ong+dW{Q+sIgssXYote
z4)Hxfes>WDUU2^TD15I+`>SFykCAZ>A5n6u<F@6KjR&ES1z-9c+}h(y)5~BtVBpU*
zu0=!6mNRhrq75?Tq%c+aeZ1i}=pIa3k}ErvU}V(1HQ9KVsshk*7v-GmE2q$(N^Haz
zIs|%=(w96y+ks(HV3_0wFP?j>nh>PDgGpL;3^)=WL)nij7<ph(i^|E`HYsr_1>(>2
zVLV{-+kXCr6jxA@$7q<sQaKj(2|vHKt(Ely{90RuX7m-Qnp*QiF#DJ+*gsg_|JwO$
zws9(sBL5Wa%F-TCL=-SCSC*Uo;`L>j-`<^cGd<Py<;hdgL2-QAn4|E~#}T0VD2Go5
zEgzSDKw2hiqLc<<k16jirN;78zh5qn6{gl_y)d2e$>?NoAhW-*6WHbs6*Cn+VQ}&{
z!c_KRR0AfiJ2CeRDl@on<K&N-vW2Oa$D7J)M3+4T`R+u%axeP*QkB`t=Cq%jJCxJm
z+w7raW#^&6H9CgLB^SQ}s^<VmRW3L*=!sNGQ)ynW=YToa(zd##!m*aJ)$4E!T83^E
zF25KPz(ivA?DO_ttRa;s1T#Z~)OI0^+xR45H5QEU-LOP3oc0KfFdUDNxbxy!>=|SP
z+_=@BH5(=KfLUW);*8rk5fKuHk!I@+iPNxgB1$w4BF)w}Nt{hKPDG4}lelxXzD43}
z*|{TL2V1|!E=Bav;rPb!^y++LNJR2D$&K@k!4b9NEORg47$G7R5&HSooAv5^>m_1!
zzV%YFI^TMUxqEyYnSUDkO0=a8ClRW!C$Fuay_ZAa+Fni-#>dtq5_>7L_1s>LpX&pA
zIdZPA+siTY<UVsLL2}`b(2%-61k4-i{(zrkZF~1ej59L-JZAG<OdI|KezP)Dw<|Le
zxx<tg9@5kPW47@5x3C|VS&r22gD`XWgtTuWK|i1QnC<7WlE93(oY5pu5>+b(yuGz8
zhvCI2w(e*=vrdvsW$ZGFB(LhUsF=ac;To~JUHYWP2_AGw3Tqq|Ji~<zW?9{iZJOs;
zw<>(Bw8A9Wi-J2X+dsjK?IbRHXi6Xn(Os*DmecfxYq|CE7Z4<LiTw!5?EpR99@-Jg
zc$89;*{_bIg^5^9EVmy64q|bp(rVnFdN4~n?eQ?h+W4)@(RHkucqpv>x&3p8&b6l5
z5Niv~FFN#njHtq9dw&!qUzv#!LqIhSu$c%^h%BaCzxnY@8C~8HVwx+!gROU<QLo^D
z#ahDZPhqNwTnjNGz;hcxvvpo_)|h%B1<g-nOyB)1$kPo@o*+6;ybF0sZ_^yMTWON&
z#vZuej2LAoMk}NMYe;uXjIvvP2{G#DcON?N*fPz2g?T}kol(KTe&IX?2eW!3r&e%s
zVO|8sRBxE0;COu!xS}alQFXr$s=~rdp9~Qct52JsR;I1L=Jk$X42TXJ9kX#RWCdG)
zc~^o|6hSJ+FdbQtuoyr~y$BMvQahC}QyQ2W4AJrj_U|}^rIG=}!(Ib~H@_bS5U%G_
zxMYb@7W=h$GmSgAhBY$(288OE&P%)$_4Z86)6F9HNxI05DS#|<?|A{&oBtE42LLX3
zcYh2w2CS)Ah^&B1095XOF|OBPk~U0vej8it{q{8hlKup+<aAX7FMS~}Z@AC=`<(_g
z@XHCuBI(DiW}SSN*CEzvNCi<;W@_6ffraj|R&Dz>7ope#jm1V8xeoSXbS|HiHc0Z2
z$ucwfzwCW^oLp6vf91WZ_iE|xbkRvwb$7a|SvowrI$MP$tO>G;h=?pz9YS{}AwU!g
zIst^DnsymS9YGrtMq><$BQ7}OZ0fAPaUGFS2ji{?>WJg0DDKNR@cVwxxo@c@G5(zS
z{qg&yKS{lN&%O7Yd(S=h-2GhH>sAsgl2-jD=rTNtZAg&-wr1C4W*=qTH|efzYw3_L
z0&Zr`C$3BsHumQ2cxuN!l$nmII&oH2qU~g~frLAEl?@hs50SEoIu=<Sal7?T5E8F{
z0Ux*iVf@yAfS;aqUqvB+E+KenVM3Vd%5SAJdppVB0oR?I^2rP&HL}%U9qzafSShyk
z|A1rSTTso(`k%v@Tm2=?s8-)7at7I!Y{{7@w+_q90VtABt3C_Xsg}y7CD#KP{oo)G
z_v{NBvzfcEtI5rPY!4yX9^bEe(vH0Vb;LgzzzVXlM=tl5E9ZZOoJT{R6NLP_E#&q7
za_anlwuQ_FA-`!0xjMl1Uu_{j4bnW_782&|nYNI31ZiSCn7ACh`urleW|x0_(T#H~
ziFXSaHhUty%)WZhrk8nE?}hX-qw2ksUgl1{SJKNYsdp>A%!hhs=@sH6G=9Mx$y?qy
za$?slPGm2zBqPmVB2BBkqdlmDhtXEzH$OnJz9PPp-?US|3$>rYlA9#F`#P*D-VQQm
zec1JW02L$Xoci5}IZ?GNTb&UD<8#PP^XH(6gD!iCeh{%D>$_eg0#+N3dv}-BM(DAJ
zK-iy~o+(np2@LU~Z9mFfN!vcy9=Ar<P40Q*s;Kx9u~UFALtSAve*uJC&K^ZsKkzQU
ztVP}b)~$b7o0;@pg7o`jhE-hqeO+fs#Qqd`_$FiA=4Bf4IR_IRQ`H6al=_{aE#e>A
zTs5Fkr>LM}09p-O9ty+Wt{-m$_F)aMKLB3rl$IFak^nf3JBS8Y2!J<Y!_okkZLW@$
zGMh7{rCYI|Ywlk;v2P*oDfSHsDO)<8z*_|@B{UwHGV$D8Px)xBQDcqB#-Z&y5r%0j
zcSFrSW911s!97^{@(8XO<#0&Cv9k${iAdN9=eRVHTm3}2#ydzRh7-oX6qwqsSb2h%
ziB^r^m<w#97S`g7%LK3M0beqVjfpi62<28i>f5Lqtl-%~90oLTGEQH-FX6ouId$nm
ziRd1GAksMMaewGL20<!5<X5=}_xR=3i1#Wau}VkCcg7mrIx~J1%!nEAfB|EVer9|-
z4hxDuQOYYEHt3kVszI-WlR^B>Ac)^8jAh%rN^03x<Fj?z__wNm^Yl1wVAyEO{`;TC
z7u>>=os23jkRqPd5>I@c@s7gXJ`DAza9Dcu8ED|C@#U6X^X@`sWc-?p{SvZpqpVxS
zflxvq&vcJ+ljZnrO3CqW#~AORcQ<h0SU(9nU`5m`q!i-4g5|yxBL|JxW5BNl*uY@M
zyS!CP8lgfqH~|&$g;c~FrSgY96^-aq`6HnsFi=4zST4+FUITcOZWn7Wuy+m4{ELhq
z5`dX=nEw`t2W%{-0LMq!f@KxiP398cQI1>K;`64#<nBVz9h{nEHBVnETBFoo`7&0r
zhlXSnil%jplPqj0R)b^?k|h_4$sn1uEvrHJ-Pf&3;0f@`C!Hd6g`z0+_m(G|l#{|k
zq~0H(EKX{qw!7-!kPQGYCokac2PjqDCwoexTnjqsla2_G@;xW@D_H^<LZVd=0drqt
zsYb@_SnsvKyU*X*ki?a5@{S>*ki(dfnkeSxpowDG2DM)L1k^h3MBWCO`y~4y9Iuq~
zketNRp{E{MY~$yl$23N5IT<lD8RGaoi=Kw8qjPtfWW43Q4mm6j&#nNS$R<|gXe7)S
zx`;XcnAKp7uE=VZtws_)??lXT)v3V?5Ew?wR|ls=0{lK?Bl6F+HLF2vG~~Ac%CjAY
z{1V}g0aa2WwB&~cMZ9d#mvE{$g^51Hdp!`$?B6Tvf{Dtvc#@T+86UU(u<=h@!co0A
z%GMP1vj(t@&FOfPg$X)+%J;7z-=7ls?m>`h1T=E-#Nx5onO{eNtVSAv&R|W$cVnn5
z0P*@jEJ_P75MA+=(tdanZS*b3cM6)1-x>628K8xgeS@|NWuQ1pJ$@>Xl1QVn90;W%
zKK~}Nuk;K!qU4~TpbUMu{}8+gv%n>DX!z^CE#)KDuzVc13#6rhT#*rIP(tyACB!p?
zT0~rp4a-PMSV~B=lu}a$r6fU(7nD=Iods2Rmy()*&Y}t})p4xWe0B60Y&K6d>2XzV
z9UM!J#Xc=^&<n7Pe6U4f+&p{!60{sM;%oG2l>Swj*^foQLCVu`Qjp??F#};Zo$jL&
zo#I1F{jFfP$=H^UestBj1`mXQBxS`)X&XEW^;5`PS;KW-&`LJxg__CgN5wiFDCu4(
z=~P5XlYVNUm<qJ5XvorN<;zrf$6=DzqMV658(+YQ*&u<h1d--5rGBWut1#DtE*`-1
ziwWxB0p9Y!p~I{+0yqY=HNb_j1H!1Tv+jrnyBKgtW68Q0aa4(ex*PXI@KPm4Nf<|s
z#!#M<-UvmFDpWCoqDIs8^|wPXg&+dv$zkjzz5(q}7V$WM8jZmcL*={R7TE-)oPF3I
zYyVcgOipyy%M9tNm!+<~HzEhn%O#LHpk7|g>_9KG5~-J&Ypc-@pV7;7YB2ROqlsRo
zL*+XW3-vOwQ7`WSmfuS+?*)Q3z0A^xUe++t%cu#}%WR;~%YmO&;_GE8fgH&he=Ios
zyQ7sUruDVXn*IV5n*%K9(CmGIU0Ej<&W#v|A??S2>`>-LjIMK|_W*Tqe6tM!-#p5#
ziz(WDSWpdx@oGGQ$LaU)jYAIY{d>V^p5-|U>Xd&t^gg!~sN%K$MdcO9fcR|sN_Kp5
zY;Fkxr}}9{0vlC!EpAurTzOHx+P}!wFz&gyvGdSB{VVhmCJGkjB=16=(r^^2;>^H_
z(LA9&a4u6P%p17t-i=IfqTq~iGO^2hkSSr%*7&O#SIK0OAq>ySNVa+`9Ab_p>~*m?
zKY(4mnI1QV(PEfJ@L~cL;=`lGEon1JT%Pg~<K$~Pg~w!Y&V2?4m*Y6(iE$uLJ{Q+t
zgmb}GdzNM9@^0ikLbFOBI3VDVnt;I#0ZR$A)Qk<z5Ul%He-G9?0-lzR*ZC~Axl8@4
zM$ECvjGg208USnfFG|GiUxcA))=646i~<O|_sKZ4SovPDxBSA?$keh`MUFa0YP(8z
zPL)!doz$}0u8}R%%Fun~vlwS>sVz>auO*V8fRYSww1%rPKECogDTf`q0_EVnX}hq>
zvd8mj6|s#*)Hd~&SJ|nJJ$7nS|03*zPgXTAxa_#ra>i5k#-5bDsn>Oa5X@iKek$+Q
zG~W1l&i0+UmiP~l#m@-e2I7Wy*#CuKh86y2l(LBbz3^w+{CE>B5D>=iMSp-5&ar_w
z4!rx$WaxB5r?W2)(ca7U<)cUkF3hYAo|Y7C)c#v?7a<VID5d~`FkcB_4s!NClE+=%
z@65bxVtkuDk+kC8pRzGn#^L=reV5B2=6NcBQJ&PAr}`RyzrXv~%)x8Ln|Xc`&4PUD
zpU2{`j;x0m`wPEIY^yKc9Av7yvEVdJeDUToLE9YRr!T(q4Vd^ei;TmuIt-1+_Cx-b
zq?crPeVzgJ8s<1VrtyP8k^nZsjj=fMnXG>Z`NOc4xs|+P#P(n82xOli8c^%U)+lqc
z;%qCKNEJ6$y}toh1`_5*7#C{tSd+m$BTPy-g2CR*Uf(E8V(quG38vby71T3j+*D>>
zcD|7lw@m=ydKGSm7B_~7vCTqqIV{{TKoZtx<g^sw=z{9k!<WWgFioeZO(7?V6D(lC
z-1=uF8Qo0w#lXiqU>M6rAXbC*l&gOUahAsuRoYA#Qy^}X$!3ZA<n9l;%`5)J=a!zG
zxD9pi*#p->4xA5aff*E*UICV7;{i`wYDBk+(+PH3<gg14yWlWf!eP^*$YDp2C?D26
z$o{RJ%SmuKS=<<*g)^kgLOz=Ur#so4sBZx$dQ&391DN<3-e=Rf`gVlyN{j+=6FF1A
z0U+6Hjfj*fKsM8hM7X+@kuHOK3!0J6dNXnttv5XO9jPT=0>cfk2*gQgm2qhb<AQi>
zIljDe8kd|S<CJ$><XzozKCu1~)-w|gV=rh6(tHkeXEmfPH`v(fe}Wi3fX%M{006+p
zDD}6)?RfoIJO>xpL|4dzmag}Hw2d-UX*}V2AAq~(F`VMzq14x78SznUY%Ic9+KQbJ
zJM!{a24s<ED|QmTPs+X<7r<8x&)x*#>OSh#g>i1laSg-!Cn_i@_t`{-KdZ5v*~wep
z2N8x*?@{o2$6%SFc`RI3Lw^}*0Y`-pflki-Y|j1Y5uLIdxOBbZIDj}V{zu^Z9mmC&
z{FdDG#htzcCgagOIq@pxyIaQ0O2@k~r2QB;Bqy;v<j$}Gd~jlOXosI?UD{0sS&bu^
z{eEk16ki>06QX=+g_BcQWEs*lsC)t(+&4?0qs0SpH~}hHc*xo!xH*Oh*#uq3h^u)t
zKA0zwix?x}-{6!sgI*g)JN#i2h+qLsuot%ARN|?qoqf&_@be7B6LTdbm#oSOzFurv
zkN)j#C+#y?U})ugz|mvD*v*GfE0VRL%2R;t#QNe^jLF8c@uXRfaPk#&0W35|qq`xT
zLYeOBr7~C(dX-Q6*pM0~E=+u&*{wr5jrDC;z8uw(p_N@iyHI(hk+*!4;v!>y+>JzC
ze1UagHOL=)$S_)Q5zZy6!ZzIO!npznE=i_#r!mRqy{&UFAL7h4HiZ9c@c(@LFJB2H
z!esd^^=_UKo|n&VfiK%?z$;q7xR<1{b1h&@H548|B`2fvAc%H>->KbIty;~a5fFbx
z1&dG266Bbrtd3={($30F0iUoD6L^EhsgCtXp_97CDok9z2xB5&e_aip@z3_nc)?@=
zwqqjiNYa+UrQtJ+g*IPdE8_b0%xLc*d}NW<4qAM;zICbXn@gijgz&XW8boOEkxQ4_
zz9}|E6_A0^gb2~$-MF5J$i7)I#TC$jVTB0QWxI!nI4G{53dq3rLWJnZZppE4c8ew&
zB2<Jg0ZkabN)fSdbd6>lB4o&z@olOW3Y&GPCTd70+ZPq*+0I1Rhd0kt)}eJiL#?Cz
z4EI33sCs4`f#%3WuO68&W&yB5{Z<at%7|b!810mgBAL}7VCVe^!X7H_bfFV*>x<Aq
z-1RK3#ZDkJ*R$>}M0JyTKIC&q)tjpSE%)hxiZL)r^o~XcbieWL(L)4sL}zXjHu?t=
zd5q0AWD`#P4$!E-jft@?l&b$FUARCXX!bbuTM>-Awe{N=jb{$bK_9ejZntIQmA?~3
zp_yEN4aN0;X@Mr7Dp;EOi;<QGB=WU!0}*UI>;Ygkh!4dl@moVXk?@ShKD31|Nx#e_
z7<4_!L6_{~Can6$q51MvoW?lmlYpAj7-aH_B_<Su+Sf8n2DQO?2`E6u!m)d&{xEQ4
z)~y2_IcWzy8B`6}&8mS4#>HeFjKffaeB_dCSSiBGRLD6R5FlH#i9J4t;grg4OUSxh
zdGoTnMo{Hrx!K-NExHjm^14J43jp_z6=u(pD1!%%GBo>ki837IK?o}X?^+0$vI5pw
zFn)lSt9wgvyXgreGe?B7$?e|HLJ=@)i8zEp`CR`?oNA)reF}W5KZ$4=E)=t_E(V8S
z+X!Q*&g%7tViH1O!;~V7B?70oa=gid(Nc{gra7Eh<k&h9dmC`;_)IG9Nc5vt{UKyw
zbq1q&b*`D1UG!<c6cT~*VIt58K?x(|?HzAM?(=c^pcV3nO*B(HY!mhSax6v3NYQa<
zo9iK1T(052u7_|eru+O~hTI0(IOFvwfl6#zvzy8BM$p~YIcOWMe_X$ONfMho*uBH(
zC5e`ZTn{(^_27_|okT#g<^#n8+dIz002^pZ&e4eNiE3{-Gg}K-!DN+pnsGel3ABfi
z(vf%q4?&3?1QOEz$Bw-YIsFRqE-EA~It6(x!*otW6$!gCq7!TpjLO%s^Zy(>6*dgn
z`j^%*2I2V#*h$?Z38_=8NK^v^RCH8YmU9f=_n3oE;}84Kk*!AS^4)79?h4(ayfFY<
z3lH@5%fJSaPb+o~%GEN)em%mvkFhayJf6t%f~IZ6{e^&6x^@h-Q0Sz`G4dk_?HnVQ
z`om2<T)lxeas`N_boPKtIbR}n&K}_YBHh2X8Z2ZE2Fz&d5F-nE^Y&2GTd<2!?;xxX
zso%8Ce&{zH%aeIIbG0A1=!IUy+Mq#BKp`-)XkrY8wifqci1~a?=Xcn1tB{7zKVq~a
zbt5_SzJlBvi1*cq`^ypcqj1ak5qs6|K6I=?CN%G8iV-pKs1SKc(U^HuNV};=w$;=A
z`*>rj%4$#)v9raRGKvA5AaHIaeuOopelk+CrD4i3Et?s+x3l)QFcQYPbE_Xbbfo{S
ze8je%+CC2kXM?-9VMw`cDmu6;?8b<ckU`j%8^lO<AFgTc3&&_VhR-0B52qgzCe>Ss
z*dKuYzhVvzoS+J;1b86c`x=D}=bgkcGlLage@?_Kgl<flj<8+hkGl|NIfOBUOJ4ci
z%*_GN`E5WRbq~>v-)}=<=Xd9YE{X^9*1Ly|XAst{cWaLJjsKZOER~`$OD$1LT8w?;
z=b{<nfQTKKlpnuaEuYR)s?5WMV~<P(2N&5eafm11Jb{j(*(a$DDf8!nSE>&ff^pR^
z*j<?OarqWql@C=Fn*L(wC3E~hj~(PIPv&*+Ac1!DRrDJ&Ym)5)JQf(|V}Y~)Z8nF3
zqaf&%);@uso}|QIbrJ?yF3xN1O3$5yEW!F*g4;8RU1t7e(!+`fz&*}BO;*{DL%)Mt
zdL)hBzE0NEs`yC!>M3w*%T$n32qkOIKI6dQFsD4~lXH?VtP#Y`I#{yCNo)30xm90<
zp@jxUX|fVG41;}cA?r@=l3$n&!O6T}eH-)lwU4EIndH5&M>&4Ao2Q^u@tfa)A^*f^
zd?&xK_oa(CPW|;55_#W-tTs<(P5HM}B8MPx4#~w`*5YI&+U%--ZRx>u8*pg$`+=<=
zj>-6EHHa7Wd?!-)^?VRpKg?`!EA<D+S8yx!hwv0}SWWGEU`x)3WWT&}umz_DDPJGL
zwEb4@zo2>yPm9<tT;_XlQ!_s7dl)k0d#V{4mye`@5goIyh}#aqCL`12f)Lb8ynKh1
zN;=!7s;)DIi8#v(JO9<Z_at(RJIihgVNNOxL&a4K653;7s|TT}WEcvIE!9B@%~(##
zMQG9uLt%uaIxL~-Eb`9Pic<d>G?0r`Rg!jaiEmf67fadnrNq~R2^W2|RI{s^!RV4c
zSA6Nx5}XL=QUo-B0~P^8^Me!t`+x^2LLyoO?38kBR`PzoB21t?bt!^#kRqV-KS&X9
z=lUQ;aH2)P;u+g&X@i(4hL*}zQ~USgo3EydTf|kUCgnR=O&Z8h)fLEa)isc1RYxEr
zRUEsOt!t6zFZ^GY=hA6-Ct{ur*C}O0&M1QI5?D)Hc(hG|DZlOFTf=U2sZW9_{Oz(|
z!(Mi2u>`Z-v^JX>)*OfA?T6CDX*3lamDXB1D#^7>RLW~T(H2naEqRzcAFL!IhzBl-
zNb!M7B2D1HB|+;!NfIat#e2!`SCak#=b$AKc|34QM3@g;5@`tsE(sbDO5&g-?2%5R
zHR=C0A-`c1o0>71*p59i6I@haKP>YHJN5)bk@teokF5vP+VK>W>JG7qc`E#7?Q0~w
zE+n^uHXulE4)t5;K=fu1f#v|`CEX2Lo=yr@gC9NGc}4`lvz^V;2xt(D9&zPGV$0H;
zfr*<yW^>|r-?E`#Xppof^UZCBh}7IBX=>l?#GV3AzQ(@0L0srNBepQP6HweVfxF!J
z)Zo!o0XLV}zt_giZMBezwE<YKQ)`Mn$-5`8ufQxMg*w&_AiVy%0c?-_oc$D%U<9E%
z2ADu&lQJ;hify{M2J7S<Wf!UtZJE<^KQjoi8mt$wC5c<242nS7O>Z(Pj`Rt`)xu>O
z+Xq-B3vf&hV3&(NZ13_gLB?2ZG)DEZPUR85KDa$+@((RR#$y*3b0MuQv+e+p4`F<T
zqHtQEBrjQFQ!<MqFc|aj1|=={nTvQ?#H)PMYOwC+&cu&e>4e&ma^Mb=mZ2AAz@BTQ
z41J~yxG4wZeWncNS{*m6E1%9LW$)|R(D#o8b$<|>o!GDp2yB`d6^oq_P^azA)?6DN
z=N!qiZm44b1UV9x@GPE}g?bHW$crfS;hH4=`8GW<QpQ3a7!!%QvGOsWqc8`WE-#@q
zM6wf=7BPrOZaxuhClE<vdlR>jO%1Aj&14amHW@0JLlf=Rd^8707>E-DTI)4V5e{q!
z^LFPr_mCrn!}2SASm1;uKHRZYJFosV&sHhkSotvJ+P4#$P?KU5cCK(~kO~&?F&^}$
zZzmLo6ue)cy`fb{?1VxRk<tt|!K9Hj<=OXPz)TTs36N@?ef9CM;)0!9e@zuhwVar{
zz*sC~JdkXEK5#1ZDEFqV#<Nh&s0~v3t;SjSZMQ)xFhA>RgOsYm*dX-{ib{IlpeU1=
zv)o+_in7g&|JckiismM~o`^r639SY{-ZLOFKKpq0DaMTt1U8=UMVVg1zQJmoi*(#b
z24t#94`Ao;BOwb`<2-o$aJpN9(HO$WzMHWY_C|fqUMwDK#4tK=t4HGdbH<td(to)z
z+A?~KYXk9vovvT^Cy4fY7XuO<=F4|?7Q@}Ed*3#<yZvZk!T{7(AamG%{bk&Op&^p6
zu8?`2f8bjA<2vV*>da|P<eJ2!gt+T{HhdzkO%lZdFSH|FNeq&8Q<yO--=%30S=x0>
z!_a7{g{o`VYzj;huO>`Cu3v9h0bsT<+ux*1yF$G3r{gPS;4x1^xYVRex22xuv*{n2
zz2(o0j9I)h7yCNO^vF9gZ}zZ9mX6o^upKdRWPB$<JPxs&BLgP&k4B{Mu0Z+pM|h$l
znq;ZYs=4DPCnzLZZg$lpUFOml?>v{8d8yUlH&~_3@C6C8N}Hxzc<;oPW6bak<P$|5
ztPX87mjW>@@-S)}+Gy;+;`Ez8!3A`a-1@0r>Yte6%E)J|g4JMI^3_Q}(!78LYw$NW
z_Z<B4xL<ixA?!>Uf-`otU2_-06|P5U2z31Cu(9HM)+7hvo6M9mu&d3K^l(1{^JuKY
zu-n;WP_hXN?)a`GE(Q&HJt(dk;O)Vga|{0^0JgXzL6|-8Eg(g`3DaW?bwF_w#ww64
z>8mQf?fWKp$2*Z=r`HGMnk=^qHzZ|YI)vphYtF;`0-pJqafO=3EhHxy+jVA~RwyTz
zx=EqjT=Ox@!Km3=OfoK9SofwoxaZlPmq->M<*X2rH|z#k5P<EdUZ8Mr_Sa;c*{Qh#
z#hG3)?vr2jupgS+RSUDA`Oga|$jeo-rsA*k;akIhT>A^)Te$*g;JE(x72983Ygr(f
z=F5CW&S+~VvaUkQI^%cal(spe&8aR=PTRObO4lG<1x|l2AKmi&Z+u{$0w)Jh<|$m!
zrg|~`L$iO&^W{es=AH-dr085rY;%3HOPgJhn|)cgw&u5FyLl<F_zju_{03bBpV<@{
z9yG-v0!>pKq?>1exTgPa+72a8`C3)J8}E7_mhoU%!YQvoi&WTa2^+gGY?a%KCJ0Rv
zwwS7yMVsbBY?{m!n<i5>pU*5d_?w%%1i$y0rb!5!rhfCad*@yNNcBGdD6EDAO_R~?
zzOJQdDhN$;drxkAq;Xzlkg{<K_V~ThIJbMl-~d|Zec6=XIwgdyGYm4VQ?VbQb-r2F
ziT?;~bEj#WBS5X>a`#Hx6z)~M5T3s`+CE87<D)?^g|yEWXugUR(%C3W{q|X8QnpV+
zg8o3bxW3q)FSgT2cF<N?L#C~=oYGeBMO$44RHm&O_`PVWgtoO+hUV^-wyN3Dvg8HS
zC0`F92NxktzP5epI*N@g-t8f@MljlOd(5rfW1@*lf9|0U9>87O-1fAPg;}ujQU?p5
zE(Q)d*4kc88*5?zPWiWEI8q?%`&hBZ^IZwv!oZCT9Cnu@Y;2{K?~H#K#+I04$!Brn
zJi$l4aQw+vZ)TgPBp<o-jtlPO!LxZvF53CWrJWDWT@J6`&QAud$i8ZB_KV$GH+s@5
zk*IAi^;q!T9~)n0@@&<Q1{8zAD&k{+e(Yz$CF@peicYvSVKs<7PzuKpuTctKK*Nch
z9rn*s2I>WtW#e-6y5g$lYYNf68(`TcIF{N%Vg?Q@`-dt69d58&@Hwkcn7aa4C#!|3
z_TDUt7AQAYgWK=D38#wCFMIDvK%%`jLjo0{o)#6Mpf0_)prnFOhv~h?!Hfg+-eHi@
z4~qH#`eC2w*>k{8uJeP{-h|W|S^?Qq6))~LsJAew0G^SR@IeFUHHAlapTP{CB+<+B
zE#UHtWh8=|(k{B$NnEkaCWbv`av+f^qy*;R#Rmi9CAt|512M5<9GdDRvO+e_u>lP0
z%=F*{bV34QIz9;G5TVC$)5%P#N6O8$e5t)N?$BjVL8JA_<><7ZSV3Ha?$J@j3eZ)p
zr5q4{l3I*@vOpjyA3`1w5;iBacPDo7@6FSW9M*b#b_C_9rNwEMnU&S4WUt%fWMH{J
zWcl1i<h={qBXC^)iLw)Gm}GPrCF>Es`?OgVSRQ2+F)%GP#(ODbd0v(@0}-f&f`KJd
z8MOVr?7at~cNyiY#(hDkXL<sV8Dq6Zf@bcBM71n>ndi)}gzV?iQomHoOIp=(pq0Nv
zCHLF)GQ|XX`3t4dd6E^{(8~mumdsP5=x~f0M2BP47Q^$bB3eoPCgw$!t;@2T2m?(W
zhncn8DFDq{?O5Ad?KFZg&f;rE`mE4ZL}0_rk}lgyxOs6%f?)fRH0n7#iBo?EPQ%Y`
zf})o9`*aWRG4SWv7=u|2l7%9_HBjW56ibf8Buifg8D9rVV>ikvOs>k{M<%G5@-RVI
zwd4oKrJTvK4W|amnyZU5EDPKA?{#r>1$%^a;mit#zi?qWZOFV>)L<!GB*n^1qBc~k
ze;2PcVd}d?$-7CMwv;6&9=YOjTIJiA`ud?M*Q~dt9K2W}p?dbsiQSGi`>mj?E%w}6
zN>*@CuGzPe5qi%?%V6vzg$sYQ>lQ2x3!kx|Cd}gccT!e7g>O)XuqQ4tu<C?=X2}dT
z0=VVDOnxIcqjqR04K`fOR$S`$>Fe666B6Y+afYY^qG;Vp)L%z~Z>WZ&cOME0?fOAd
z_+ED?1zHPc!4vaOx4g{7`WY(^GeuZ-!G`<73}53gH(mzUKAwdEu-PXAlqtOa=szj&
zu)l%P+=|-vTSapQ9`spO>=wx76Raz{xdpJU=XTBFSg%<eYi?#@vukmhwgMa(<ZD|r
ze#Garj^5w$oR;M(b*Ih>(-*h|NyTa~C(>fHoveZEd|PCP*=cDf378v$x!43Q*<S|y
zdc+k=&McU}%AP5<`muz{V7XbZ@r1LGEkB;$7?=;VL1wG|PBdT~!+#5SgT8m&Yw*SM
zU8wX33KzH8C!y;VWR_B;G-CGgL7-Ufq$cr-pB_9uE}MWkx*$Q;srmN%Tv~lh6t_Y|
zF(QS`BvyPD`ypm|Hdz!(N`MOq>>r#nUWD#g4hAmUP=hnDPw>K^?U8>iZ7;&Vx08SV
z-8L<OZp>h=pk9&2o;GgwvL*U43?qGS6{^Q~n<a7K2I2=i#h@@f42He~3`JXAw}7u2
zCTwLaEFVpx^NX?;3)z#n%|GC9I(b~yL1PGFWZi(5N%9i!vVe=)Je(DuRT;x`eYv{S
z3hh}cJ5%H>i5c!1i%a>_c%<9!i*u(vA3jrY{&ly|h@d+@Yft3ot_8PCgLBv5W1D$M
zbzwX=euF)clfZmu*d=zZ(kFqV9|tFFNpLQJ8AW%kLL$+A5JZar9}j?VaLw~feEEmr
z?hfWBckfJ-4)}M{pNF3g_;04a06!h@-$MT&{B-DCBp&0O>rI$*VI>Arwlo%7)+C&z
zH%z5@aQOyA#Az2y@usat9iAzfD{o*1@Q15GhUkK~0plD)*r#lOO5G=KfRY8yZ%+Uo
zGv~v}w4<H4&0`{4WVVOtr9bT>aPxH9E#fwg<_pVwei@!CxzYRxQ@m#}H_8^1MFlBm
zOa>Lyl05}Q`NQ{>{~bCjw|%U4tY<8P6_vOgkyrlXG)yG7w2nd&ZBPsgNu>>na*$9P
zG>MUZ!aEuH$B5rM1>c#hJA)TS&HPuQlM@WqXs(HtoDl;nV8+yT6AcFz@J^gYOPXkj
z8B7scvEd{`Hff?IOf;d}8V$3CqNpgXf%U(_33<!#+11KVs<5S6WbDh`c*qM6|5H4K
zmbI6bmq@FGaS++1F_J_@90_z<1EE<Wfo^Lc-g%7#CR+ow-p(-fb{gxAtUp~HN$*rT
zG>Kn1T8Em%^-PkapCr*OiPonkN%~0=eiGcS>!hM}t4R`m630*Cc1zM;&zBuiJ-e|J
zaINw?Y%4ujOejwF4$W<YfbaMlY+nq-=dOkuZ@j<~%P<$--EtP&>+X=OEZ*-AcucIy
zw^E~TfgrCwA|*!{S01DOm80dAsnHK2WaUt5^y~cQQnIzO@`&=1p>%n87;i5uOP2>m
zaDua##`S<-u{-<`<_ou@Pq_(ss9=`0tlGR0&T>CA7?oUcqk&+(lzRf`|Fg-VP58gj
zzrerX{VmGjFY2R!m9JvE2rpz_!Y$`BFaq^aZQPSho0V3eNoP~u-yx-`dsw~Kc$-9{
zUFMsF9;*Cf7JdFeil=e2Dd)8PXdghyY;uD^b2(YLXC1N;<BswgAkXByzX$HI^X9HY
zJOc97p-t$DBP65tgNG^)W79ZD^g<+(Q>KjLEL;7oJdPu*<-2@G16Oah$6!~F!OC9P
zoFo{ke91qn;8Y%3_g>UT9wvH$VX<IXob3xSz!Sl+7-hxVz{Fsz_zqPb$_@0F%OKW2
z)K;wi!S(|6BRyU{9;!StJdh>DBZT4+*=$G=o(RPwkm88!5u})fGn>U(4p1Cm1uki?
zz$IY?F3Ao=h;Q$xz$HMoB)fzaH~{B>RN#QKYDt&c+uaFUzZ$IzMj0xWNV<1Eny{He
z`!->9WN&MWSZdy@TC4t*lj~?Z-j+sj>O5+|mUeOKJH^T4PNzNs=el3u$106BDM;4R
z8=CCSt+^NBH@BzxV)0zBp4;$Q_gRVVY4js8NaE{uu}G?XG!;CO>dlgBbu<-{MN$=_
zso-I%@^-7Vt|iGc(IkV>B=AU*ldRGPQ<Uuy^h43O@JQUu>~lWr>i|rJr~^13vE^(y
zG92sJI4!{{M#OCExu}xnERrGhtxP@phd>y)P~#s*{szFXASsQtun}XWxa{YWhSeYf
z%z1voyqNRne$19*=m9XiID<9E=OGVPgVZPbptOk0dp=;e8Et%*Fa|f=E|#dQXUT&T
z`!48n{U(kz6I%31`=cryBDKL}jMN5`K~fuxgO_4v-OE`xGZ<|_u0yt#!D+Yf=wP*5
zxQ@?s@Y*e$*@z4aH{1wGmG+Z}O$X)1(DGu<zUEZMm{>3oggRzx1CeYSNGNf*hc%aQ
z9J=-$sAoI24YU%nKAhX*tw#;u(WP-q)UtOLE5vHBk$Gp*?VZhE+tHY^RiT=`@~HzQ
z!DyUafu=C};o5*^G|-ycPC|w#TYwVPuB66n`IIg19A>0@0#4{~$!0$;&Kas)vwaa1
z3jgpx1v_+Xtgw%lE?B0OV~^Our3_A(#0sei84E%<ql%_U1tILmq9Hf<YaH_|Rmora
zI59}TK5W>$PpAeS#~yM0P~0-@0xNWZ4f?P-pWyvtLq4n;;G3tyY$x~EVUmE{gCQ&+
z_l6J_kh?iR9g=%Ih&NA_jNPcki+DhUa&`%LFKe8Q+Yw~P>zh%7ohzNPy7?f^gESk6
zhUHE<rg{glLA8Yey5uQvtk)1_eG3qxH&V}5dZ@>K4!Zv#Yd1s)J+}69z8=%4v^sM&
zVq-gtF>Zbjh@bp!q*DJ*`g@Y~2e3%gn>zWW2uRl70uM%pv<Q!_h`=zs)nJCaEN*;r
zX)lFKmAp8sH&@}|g;icYW_Gb8cMYgwC~0n9!i<<)vNZAV&aR)n{_hwCt~hq~y0)Av
zh74>03P$5qk6YhH4qRaExE9|gDQa(wCMflBDZbwYUrZGY=wh?3F24&!PM6*IPH|X`
zCQ`#F_#dOxQf=r?=7~^2%{g_y0m02X;btW;Nl+u=ks8spfD=LcX0c5yn8OMn)(PxC
zcvGy9auTj-x)h(IWl|hx1UN`C&4>G#kNR7Y3*%%h=~a2&9OizL#1Js60ymeH7smqE
zEs~!gLK=FDh#k2Wo6)Lqqy__~GV=jbxo$}r=idPqEGfMZz>l#SUyEh!+kJ_C2@%=N
zm-1sZ=o1OkR~TLf@A&OjgQ0v<fqr>XL7lwM-ySTmNKCeavyd;*^MW9JCgI<h8@ZSt
zT)rQR=0Tnqz<UK@Jhtb!tbfe&yq>%mfEtqg9b?s5&lz43UzK-t!Or2!0f6X30!d-J
z;CKV_^gU^tEVHz{32a)>Bh7BC{ti@OdaV9Vd@^J8cj41BR)04>z4Zt2J3z5~997Ai
z*!bA4`26P&&<6Fv27R7EtIxEugxq6>8D8bLicQFRVjF*j)p$AbvI09S(u(L&kkMb1
zbOHlO7mrB#H~q9N3Ma(i<5A@!y1*B2@CJ8YO?~0OPi<%;Ou5hfAqY9U_t9jdy7N`~
z3dUCu-=Ogg!iU_={Q(krH=#<j-CMC|126wzyiqOfyoQDHJ$H#`gVbB|ZhB<P%FeAx
z*!d}}+#daTh>OfhA+WDT1jQQ{+w<QSeL{oJX=lZ-Ro@A^vo|A!>^Vj3HTw(m6I`3O
z>N^l`<+>qbW<k@T2b{eRNnun$BN!74gR>taR4pY)MsxwcC%MA28m~o;c*k2PKkif3
zVXL*ot=|qx<w{abO)s&M;b7T>`Dvf~1(R!2*!qi+64x|IK*mitBOJQ{<EGiqAtuD1
zybx}$%saDNuZ!KNAU$5rBgkSWAueaGg#X^1zzB|h3+Z<}gOz!-@jqhrkAMy!>+21Y
ztlz?40cg0f2*s%RDn@lpy0niy4v6cb$5^RFbJ>*#N-lMPwn1nq6@V|*x^rT0MLN|D
zE&Tf(>|R?5Z(fVzebFxtPPSZd;3D~Er9{Z2;0tojR?SMamQDtmiOOG&UjnlM46?jA
z;mvLM6&>!xa;;_e3!58D?{oZfj1QV}+9&UZ3riuT{*@#AjIQ+S{U82UOT9}Rwm-#}
z^BbXhhr@Pg=%p3HwrC)W6~gvtW7~mMkRS3+hn)Z$C;id5O}vZ(c_*E5mK7upHqAt`
z6lgWrKD|3cBItz0fs=tr>oE~qj&-bmL>ttSIXeniV!0jLP$;JHSOwlJc^ZXOxyDUw
zT)5ty!QJN`TzT$=6(H!;;oSoX*zFl`V2@|OwTrt4l6EPzdmx3k5q1xx?NVm<Kn4a3
zb`SK}rQY2Gy>_W@_duUrTD*H;u{F@Y4(}FWWPvxEsv}+#xt+oO5cUb3YAI#>yg33$
z6_?{Q0uI9gQiaK6@niJ~D^o%86c%*=2-Cv|D<DB~+;{;XNR81~9~Q8jAblS%l%#{?
zu*m^HkQy5^h#V3hNT;%kvl%~iZx%zb#X({ie9Zt7rp_=jc0>KV4=i?_l%E(DWW!?j
zq+n0hFLJMw3Q2-Khk|}8ZWR#{C5p{el*msFjv{`PD)0S(Z2^i57z{{=B1yY`C{}<1
zue%WxW;~5Lz;aiBqK9i~(W3W)jR1ux`WQdT`Ni4(LX9h2xzm6BU(Y;)*HdT<YhN73
zNnp-tACCD!*6<xnLEi8k!rgP2vDz0O&L$vua4dtNN*ImW7axH=MHqzI7cXX$5JEUg
zc>jo!NM||=K}?Gib`B|%g!W`1l0D+YLtK<jLh;rXMU+mg-BC`fxT|m8>?n=e=4i<z
z)XVG8tngXT&pr64Zr$MP7puW2RH_o!Sy6_*W^@73;jAbC#H0eE!zqnU<({^&_r|%<
zbAU_V<{&CuG8dF~Rf&toIX*<2aV0x$1T8>B>jr3ljN>Ql>t|mF{p+2A83?u$&wy^2
z=dfXRzYm>%CA~ilysv_Hd=7p29ynT8k6wv}+k7L#hh~2y)~RXJ`4h<dlQL#w5Qek4
zFF~1@b)kb9QQ>WH?=IlPVh*-r#EIc7=}xS{36JG2*BXeFr?UeWPJg-H>!?FAIH-*?
zAFxC6`SPmL;@)VARFHzl&cYO_e62T?TlEF5FXgJPcQ+8xU939dF7^9;;0IBzAD~>Y
zT2DIy$YjoB5r$isZCpY3UX5=rzOTX;S1FPLz~)&}Ay|TU%eOeRJYZ2<&AkDo$-291
z-fNLyp9Ek{9L?6L`C(NJ%esY47&5uuYY-C`AKFO4;9=7HBLv~(Ry$FD3j&OJxij8p
zUpGF4)8|{R8((hY{39Mlou&&X((yQ|j@^$!S;M`{ZYNc-TRE}@CsjE=N<`19E@3B~
z7;$Ry2rgEXq;D?bOcZc(Ua$dQ{>|+|+5Pu!=62Il)ZNjk-7|Cd(vPF;y14+r9}A!m
z0MJgHSQ&VD?;yeAq!ZU+0|ZBEy?e+9%nj*YfV;ZAG`cyt9h<+?uoegDnn4ZE%m`!Q
zQ4V7;j}R_1GD&MB69f6TWAn^B{&X$ppCJlkkH83S+&c-K={yS+4M_wcEMYX{h9HDx
zjfUJFgs{+N<URJtet+>~o>GIc`;ONmqu%lO@nw{c1^kdQ+OIN-eH=a&eS{->AvX5J
zXnx2YLhTLlE>Gp#?$D+ch1TF?aTWTy{61_kUBsp<W9U(?hQg98MSmb(#F3?w(EH$D
zv9=4p!?j&}-C$5ZI0QQ*hug4kTdd9C`ukgvN!Z`SE&?xc_g6mRU?a+$XDH$%|0xuC
z{s%gKh>u?)<TrxR3GwN{6DL*q5SmO53G?`0!2iKr-n&2%K&$Z<FpDNjtj1f_g|k-o
zs|z=0-bNQv4<Xes{x8G-kzL+9BsDJkn$$4HW>PN;QjdhGi%3;U@h8on%r5Wkf&eE`
z41yB&=nRGu#)>8bCFnOl2c;e+?d4A&e-`iZ-X=&&I1c1v!Ag#g1$VuCEQ=#p`k6M%
zpCkA)u*>@k#e(NJd@MN6=VQU3-^Vf#!Lo#Dm-2^fE#-H4?^P@~NatgL5kMac*z98g
zpMw&yDoTU=A$v>1ySzVDET{q>3+lkf0(SdY!0!MHtE4o-A7OI|cJCDns=~*Dy6~}p
z=RTHF1j{H99Lb-f_;a)`A*Im}%aI|Lqe3i4N3a~jv}62P&Yxp_Nhuu@V!`T&pO@t!
zmSZDWJf=O4KjZu<`{Gi<1l2FmaUquR5KB3NWrAr}@Mk4|Rt54h5n@>pVp$ntSrx&u
znrYYYr^27LfxN5^v8)NPU_Ha<?%D{J<C*pZ{+!64lLC1;KE!fDh~>l(%SjO|>zMXr
z{+z;}Qv-Qf7h*X%#BxfA<<tn4)0p;j{+z*|^?|&c7GgO)#BxT6Wqkz82BtleKhNUN
zS%JK42(g?QVtH1G<*W#nvzhiB{+!F7^8$G}JH&EMh~?Z6%Xtwj=QHiI`Evn(o)gH+
z`5~5PhgdMF_Uq_55iA!n?Q{8a5r3W+$jgNxmgk08E()<cFM{P_rhPttF5%A$0(rSO
z#Pa+Q%OxR}7eugJ%Cwj9=W_mB5y;D>A(qQRESHB^u83f%GA%od(j<R22J(Vq1%5li
z^x1EXlOdLk5iD0S?I!+Q#h<A_UakzW;3}n$<*E?NR0PX3)6Vc`Gk>-O@-iJ_nF+CM
z4zX;BVA;yFSMz5Zf36ASWowA#>JZDe5X&_YEY~vab^O`RpBD!5a&3s^x)96u5X%cA
zSYE`m*YoEF{?r3`c~OYv`Vb4&WqqluN3h(;v^Vi*mOncJdBOUZUq?5ESY|^kJ0e(i
zGVRU$xrINs2J*5q#By_p<(3f3tr09QX4>2Mb31<;fxNsp#By7R<@OLuBZB1)rfu?P
zjz4z>@^VLrr5R$G3$ff8Vv!>eNIv=!jH~$Nz7fAK<JXK{BvOD>q6T;+L4aD48SGiL
z{XUAZApbCum0@3#+=geUs$R-7yqIWlP}pSM!CUGves;f@Zrz7ZZkOf(;!AHHUM4o)
z0=!IYyo2yE?Tn0GEbp(-R~tM-t$2o8@hoe_GZNt8P^tw_u@w&nUM(5I7_22n7>@Z_
z;;^m-6$V``WyAQZ6<1#yuEhZ^4lrAB^|#^5w&6OW4c9<`ivyZgTua(;Ep5ZaI*D){
zBQ(E^9AdTNVhyqKO$}j0)>=l^OB5F?Myrs6zE)hUr6?{|Q$!drL~F%W3UF~4+KOwm
z4cC!vxQ=SWb##D>1LIa)$F$)ZYs0m?4cD;&t`6}kd2P6kYr{3(hN~Rl>XfgEHe4&(
zaII{^wJN~XDPODGaII;>RcXVuHo(;>U&puMI-w2MiEX$}3UGDG*Sa=bC%54`r484q
z0j^H@I;{=Y>20{qXv4KWz||>V8`^N4*@o*`ZMe<~aCOSp*=@MaX~T7H8?N&LT%GcD
zejBc5x8b^=4cBu5T%GcDVH>XJw&A*{4cGGmT%GcDaT~7Zx8b^^4c7|-T%GcDX&bJ~
z+HhUohU<y|SEqbc+i=y|aB*obs=qb{xH{$Q$~Ih^+HhUfhHEOo)hS=oZMbIIaBXhG
zwI#sSDPLRLa9!PoYg-$xYXV%I@^x(+uIt)xZEwT%!T?vNe7&d**Y$0<ZfL_*4{&wL
z*NttsZfe6d+lFgLfU8r!cDCWVxeeDXZMbd?aCOSpi`#JB)`si$He8JWSEqd4(T1zp
zhHI`3*PQ__kuMow>DbWpvs{oo2?I18d+Bh|bh!w^U@j6UV@T5$5Qw2&Bv1yHrejAS
z2YL*}I%*>J)M7JMG*sr{-DSp&GdggL(hmlaGff#qnlK?Bj3{SxNNK`^dN{nCX`1n+
z3`%7Lq50MfdVk3dUOAu$N_XrEG9omEQy7K^S)c|mapwRPuVORMI{_7{-d{(tD>hBd
zVDHbPp&am*Ufh-TZCz>K-j#Oa5NZEe2ko6*Y2VzH_AOm$-+G9&-_t?+#;&w)>PmaI
zEA1VJNc-I#v|rSf_Vrz9-_VtI{SaxtvxD}vU1?v}mG<_ov|o6Lv>)i8y|pXttGm+P
z)|K`(he-QRI%rRKr9IP?_U5j%w;Uqv&h~v}SK6Dp(!Q!I?Wseg-PyijHQZNn5#55V
z2VcEKbjxH{+8Ym%c4zy(v@7k)y3)S9EA1-|k#=YMzPKyx=Xa%jNmtr0I7Hf=?fb&6
zw4d9R_C;N3KkpD}ced~IyV8DkSK1eJrTv^kq}|!R&+bb5oUXLb?MnN+L!{l=zBhEG
zeP&nM&+1D1tV5*T*}hNfO8fM#w9n{Dd;KBO?rh)dy3#(mEA3Od(mwSNX?M2o<Ga#6
zp)2hZyV5@C5NUU|@6}ytujxv=(v|kwL!{l=z9+iUUeT5I%C59m9U|?{_U(10eOy=C
z<6UW&50Q3f`#z>C?Xj-3mv^Oo>><+bY~Q0@X&>2@_EBAFAAN|lJKOiNuCzzG(k^zT
zT{=YCo$b5OmG)p)+CyDw4<91!&i1{eEA6FSY3I7q&L1M}&i38km3Fo(?IXI<9ymnW
zo$b4)EA8H{wEMc!UVMnOJK8tJN9K(>4>r@gR9DjJuB0=ENV=nWQ+hf`Q+UigI2<Ul
zJ#@@L*&GgK3Mx%o*4edi5S(xwARMAXa-wShA#pT_==@(u%7hthB0BdkTHYSa0<Z=U
zmzP<&3ZQm#RvbBd4-WrW^}Pt6?ZJ6qb1M|jl&6F9{rfoQj@~G(zYo!yoHXN1;3t7#
zd}!`X^yxXVYe)cpS}LBy7xW$H$R$n7-BE>v7e^Z;?LTi*e?O@D&)d{L0FNQca?ysy
zZ8#%l<H%P!fm4EU7k1>}n@VbB*l}lS2CvH`Qq!i&WcR~O&EN@J%iWfZo9e|2ecQD9
z^}JO)R`qdj!(%uzc(&bfr)PQ+NuWb=seh+0?oQ!&vz62Zj%<9&ptF-x=1>smN)_pH
z1#WfC7&6TN^9_x-y$$)dooQI91y02t2T4%G>JTd*WK(Vu_=(L;lB%K%ioh#l2&V}9
zWw;9XY5xzX@U|9tftzLE5K19<P$sfRc#?tzCkv*aO$lV(W*cpTkYH*CSJ!an*irnn
zAeTkvgbSwrw}KX4gv{F8(j=EjI8!(^2|~;e>ZTW{=tRzOZ*B^haZ1uK2Q`*Wn9cOm
zGzuZ&j%(+njjb(ug&UeVk?HNAhm-tTHfLMLPM~%`CZ1x|;&{1Iw%zFgGz*ZzOO41g
z9{t4eYNeanHh`LwHZPQ>2WV0xi`tcTh*ZfbdL!kG$F2k2l-Mc<OA}Mb`g8^aP*Ltw
zuP{+)Gs~z+oQVr)Px-W!qLfjnPazvPA_raxT@-a1&jo-ii|^Ov3j?~-ahOs>WoB&D
zB?YoCo@C|WOq`Y(j<C>RGir^*@a2=Iq@Hz2lSHD@>4$+bGot53S+7!F$`C4HDw6<N
zP{i}B;1shM-!_2r{-jC4Fnm{JQv<O4h&qRG3P~-d6y1jD7i5QS(`=+(Z#4A4(`nr7
zo02w-_SBnz5XR9wd=a%FomngkGOHj1(kLghqaX;>fQ#6ugQVY7j5M;~IN!m9$gZhf
zw#S?NvPzq$R)HAL^o+SEY!Zbf>-vD7Ur5=Qx=_hH){BA@Bibv2r*VoOKQ4~#GXprj
z58_g87Qhhq+q2ejA~xff9c>6Drz+@S(c`>Cfr>=^3cs~sfZujD5fq)oDUAazPHToV
znHh@}o<a)=o2;DIodUgo<(-jjEGuY2KTNBRLzDN5L&T6T;XI6cDoK`0%EML+u`(JE
zElUWdw&6;v(N-!)e%YWOs81<G31=FzE7dA(hJ@gNZh)mcv{y(h+bei$8Z21P@=pit
zMQBkdwY`wPetX%0vWb2`V}UO6naS1ytZ^z!)LT$(Py|{|$A$ulDhaJXAq=sBiVzJU
zRhdoVl#Ys=5o2bE<xR-ldiG5TJ3cjyhGWO4r*MYZl%y}dtp~N+i(Z21leC{_;T=As
z0wC*@Gs%(RDCCM>hz@Ds>LSxk`O>TBum2Ebz8N$%4z7CeY_2(yIw&3-N+lL&2JBZ9
z?u;|InSEqlBB%;Vji^V;7E-2nW>|xS^`VL;){)IKrJROpO|VUcc_Iwq_ajeA+B5?s
zLmr85*aVt_3OVGM-w_Eyo*9-G5Auw1AoJSlQz(gHpED>COg92Pkf!#GN0s{LWz@nt
z`V9Cr%RWTz1j6$9qZrn7n8=7&)xgbw=DU#r*d$TQ!4E_|?}&Qd8TGsi9vs%*Y&Dp`
zb=;xJQhJlIXtB>~Fr`3ot1k*C5`h<5;lwBK!6=+YTyQI-@<t5MG9SR@dzR6^m#jo^
zXXC^#hj%s(^2Q*G39B7)Y`*?M@NYS+cBt>e^wB6k>zDl@`~A3o!aoi334l#y=HAX+
zYLV?-GxtD~3J6V&<s}F$KtN~)EGj`9+6augo#iADIs&@BxEc2<{Pvw$<oCmPXprv>
z29FQ&^+MPdB`kQVkna}a5kta)hYhQEu@Fxl5*9pzST$zc%UfxL{@4@@B*N$}RFLES
z6H1+dR>Pt7e02s73*y8(kFSeS&0^(qG{JN<Z1kduON>Y=KeBmTp$Ka}=Dd8N^2g}t
za{8PdT(F*M9>epWyc;x+;0*=O;tiXJ@|Fcp=Z)|&JyZzm<7)7pddJj4I;fYRK76J|
z>ceM#q(1yAYN-!Ouhs|ZA|BL5&;L+eluGj8g{h1rMiD)@f`fOqybqx=V4>KsIs=B&
zOmSOfBvU;wYA=-$N##fWAFhlW^xDV!aj9bLkyi!xJJ=@1PtlvzxN7!S^bXCAu(h&1
zS#pP_#a{a@Xs;bQ33}+SkrbDbiJ{GG`zOI1Y5O(E0{^TAV{uOQ&j{*#|N0<mfK&pz
z?Vl!MOK;MAitexQrWBv1ZoZefF|S@X|6Dx!=5_Ng#A9B(ZvG{FGS0)iB=!`?9&tf{
zHj52!qLP<R%4a9#mI;l24?%4bebr4?XWZefR)hGfGqB(6FpLDMxWPH&FpLBcmJwT|
zrO~w?5bM-O1F?Bggig~|aO33wc^Dl%>4*P}7gx$>ADBiBlc@vct(MmO<GsZ^tP%f~
zeB6P2B+zC{7fY`)|4%5x9DndM7jNavf3O|!p?1KB0l=l}m2-^hIHl~SeS!hb6r7Cj
zIKyx;qT>v1+9#K{43)}5s1rN(56B1qtl_&p3bM_AMqDGRc5!3#BlKDge&GA4`uNe<
zA0q(QKM27^JOzFn9$T8i$|LZ#VEpbVeB=05%I5<cBUlYm+VRfgAxICwHQow;@Br{X
z3*fW=%uY>iGqKP670U1<$X5L3_re~*#87-Ezhm{khuH{uRVZEm2RJk3mBx~Af3%NZ
zk}2nAum4JyR=1>QNv|_;1<Y9}7gmnWegg5-qpyyYzKScDyz*}rQiL1A3cT`$=aw<P
z#l!&b1b-Fn=RVVk#9<?&@`O8a1}q}rzV@=&Rlri}H}9C8(1Nib$i`rfS5b`R-J-gB
zEjyX=_Oo5iLO*;0jEqmXR^0n6Knb`K-sc#o>otD_9>JU??~7}d1%+Y#De0Nk!W?<j
z&~M)LmEq3}<IO2tN|dT|ZTH^$FrH&Iy7$iDp$jo~N*tB1`L#=*bD#QfpGd2mKpF|;
zS4{WnxS4Y>{vlt5mBX_)Aqxe~&1+k8qe7E|F<D@y{N!Or);J-BgyiluA@|Oh09;AZ
z0OLm~B<a2Pjc=a44+M;OPYOxzXQ;^WqQVT{b|G)HOUCgzTS67D&%u87-TNSbVoJq_
zqX2-H-{iy5I&p!Djl>z;g2kAs)|ykqZDK`L`8woYT9N#EUqNjx2dhyULfyeF_hN|P
zR=r0NV61sD3zf%B4%vo%{zch*FNS^ZL*dL--Jr&!*@Lbzau6+y)u0$n;1(L&B`lvj
zfHp^?L&p0Kcr}@h%M!6a0e`5=>|)gd2aN3j8-{(vh}#V^INUzf<}JclZ)*g;iPR3l
zyGZSz(N2)p30mC=;)Pg_m##PY#gQu3m~S`%OApMi71&!VZVjBJ{)oE}agRpaUc|jR
z;$8<gUIVacNfY(}as8aH&ctVwfAQE-<mXMa<ADje!&qDKYO=&ahKFW<foep)o!HZ<
z&ikM!z!2U!2=9clKgFHUTE@+-{x0s2o7<q;XYV_F8`Qsp12w?;C+?Esb|Pn(aN!Cf
zXRL6I=oFN9N#&a2;oG2KN(svBZR8KQQaXGaG!T~3u@Sx;z6~1k<)jE-4&Me1`Ep)_
zFNbe~hJ3jq!k5FhK|{V=6XDC@+n^y|ZjJEe|C`&OoXa_}=zUOGjbX=(bsDpxqU+#t
zdS600z(FXl35cIVAIv<swa>eU^kQkAUS2(9Y~$r^Lyn1zmzNDm>F|9}SmkJ86by8<
za0<3Md{%YdcR73?l!iN6`E~d{XiGbU6^~Z=I(#3r^^Wl2`=B)a(b|R%-v@1NLx=B!
z(q4$)4;{V_ijfN}hP3L{|LgZb+pcbU+?~>~mzoVRO&aUI7|cZiUxH;qKko>{eb7kY
zyaviZ4uKr#F%;{Do%cb_?M)d8nv)b!`oSR5oL(|vLOvK#nqwCxOsI#$OLKlj+oEz?
z3#F2H_&zB2zc|<~9lj4LlMTa-!}mdDu4TA!_&%siH4Qfo-v>STJ@?N0B!};VMs>^K
z`=C+Xa`--IRJR<y4|;Ij(s^I(@O{vzZaI7(G^$$;-v^EAmc#c!53XDOzr7DC8#a+^
zoMtx9%@!T<>b1{c4M4VV%odHg532Kj*~^gty;#~Z_uqzd+CRp*NJ|c6>J5e;l0?M+
zRGa@tZT=tAFAqZ%1VLIq8U65(<2pXOH}^2&<+Aa}E3~~%F163iSt;))IKQTs1okEA
z|7qx#bosV)d8Es?rK3NR&T6nAI9!?E<>q(cI9W2ki$}=#!Lc#iv0%Zn@nmin{vq7W
zNw|ZLhO?kJTAts9BnSth*7Phm!gITjg!nZ*(J;M#l2bUj{%JgqE9V96*bBf6{snhT
z+()~dEX8@v9{_*!zHRg81XvAz@G|wr=FdXE_dRe7r@^Lx%bZK}>1YBR_^TuAP~PTf
zkg$K<*84sX``2x~C*i>>88FezOib|ARyveA$~3S#8M_`wd4B?#8d7P{PewmIR>@N-
z`w8>jU<vZ8GPCzFYjRpwVM915`S}2r8|dR(%x7i$ijxD2oh&Y)WEXq?iM;G{)q`dr
zUfd)Rl(lSM4c8z0b|HM1_d~|?A86JXmA~RE&DUo8M=ktK;x4V@{Q%K;t8R1={_s4A
z`0<1RZ<&+|TXDONm-=wW!)h@1c-m$%%hO<OuzVHgpHjFDQOa+H7?>xXOG_&EKtgcm
zG`|aXND8|KlF7kcxI89DpOq&+1=id^cHL1nj!S08271Q^dd3Da1Go&uQVmY=<>zz2
z-WcCP#+l042ho1<+DdHQf8ZRo)gXdwwlJx(Z(3YB(&BKd)cYBVIkOA$@5knuTebxg
zKhqZf=k4+3&^FSreVEqS)0XBJ9cdOJgGj?RW771trTL|%Syx0%6QwolDb4yox@$&L
zo@8_&V?tZAl=37?13g`dr#vA((A$-6vW0Fw+sdHiLFp!2=;pGmg--f(!^((OoheBx
z7hKIv8}oikrJ8cJ=G@hsw_!Sj>Nfdm<*=(IZNqj5f?)F2${ANV(}vB6i2w4rs@DC#
z5!EW^9%j%Mcz+d#8AKsyOGU@WXNHWDP#6YY8NjeiPQ{@xbg8`2#vU>R!iqv~k++WA
zb?-)t!y}}>LIT_rb-iEHflK7L`VP?+oe;+v;eq(B>P$~EzcpDZZJx$`kIku4Y3p=0
zQOG)z9T9P9(Z`rF7;#;<3&ymQ$H`w{#F6^V?m;l(^|3+~?~=Kt{`JqrJJPg9z|6s(
z1=jw(->|&6Uq=wES?ETB01X>p%|bU21c>{3j0tNNX5)ZRJ)7*rHh1MW2zBrqlsfng
zLY@2uq2AK52V*!c7`Jf}SG~aU-ei6=SWZs2uunr#4_i?Wn|X7)o#D7$+!bTS$!`YB
z4}cN%uod;NdHO&MH<mo23=gb$L>V4f@Q5-zwBBJD&iA%H4&BH*%$6-$09=+f49-gH
z12?7J^y1hKtSX?VN#Kbb+?z&E<KjAE(2wBdH0ekF*z_Z}q8?rLBiBej!jY3Ua;K#Q
z##Q%Vn<?xs+_o61KX4!@>>iSBQB)})O4u8u+M;Mn$EEdkpGUS-MYQI{=t0vNwC2KS
zHq#Zfk~ezFbOfz*jn*;UKr21daVouhD?LXwX;*rV>P4lOYo+I?mc#9dkmKF>p6H_U
zyVZsAsWoqjE?PdWuw5;+q=Z|UmFS|>;|gQqu>O>CYv~eQba-50yHK;)B=7fFvDJ`4
zzUvj|C88ea*QcOh^xDu+<tfLWN#i}Z04}e-5ia-Bo@dh97@z6<0a|jiGdd6W)CxOS
zPK-Vm@-w4hXwF-myn#P}D7^HJXVH=vu+KnSZk|aNH{;Iu_yu-;3tqTY1b@wl<G0v_
zEp{OaG7+rO<jgo;4z|4?Bi~F5=a1+NK)Bx~7oZWXXtFuJ5)Yn5+<x|D?C$VBk^Jen
zAXhL5CTSg;!?t`Ozyug-f<PIU6+*m`5RSeO;!|OW+!^Vh6O9s((%eVT@z!3~92h!&
z$%M{qLHg+(e*<GeV~-pWym!X=AZ9FY(tGK4>|T`kRdPp<Zw6z&lKq-LDTwdXXN2o7
z#U(wxnxC1S34-;_UwOS31{LZrL8Rudf!%8GcLH}g_`UnOd<EB*)Hxc%7#ov}zX*_6
zu3Q9c{wEV!4f#mqdTi9(k#l0_LYQ97@kOrrE5_4lGHzHcYW@;_+~~qfU359PwJrB4
zB}V1D5bYNOD}$_tBo()-tX-(uF0SfqTBsVoVsD88O9xDCQbbXiG<!Q?$-Q#>P6}I@
z$K}=AyW}C|=OLZ~kGkf;kHV=BGhzIl1Q)twA{*Z;S6(F->l+-9<eI+#79;CVquzfC
zp5hj9Xa%Y--j_(s1}30#>2;q)v@W@~8bsw6p_6@n9z)KXIOdc0Sq`%j8YhC!@H|Sx
zkHtDPD7ut6xffX_A|L&JDKRXK^d+kDvayS&jYU8b>z9KixBzw_nfn+D{&m<F`kyR3
zW|$p?@4^s2*1-$!b}zi`%<M;df4jDKC-xPzrJo&cOTTAZ$_*se&3A7a*@O|$Dy#w>
zNWBD+U@%E!zy};!U1y!WzU2yS-#a7i8y4r#DREiq7f`d~eWilV8xpZ&Q1|!ou5s`@
zd+IS<YCbQxCXMVy-r>HYHITDAzTF<jMO=B?T%X5Q4{pfwoz8S=iTWM$LbklM?c{bV
zG`G8k6%fJ-&ai<E2e3g0ZwYHK9Dd9p2TuhX=;8oc$~emmbXf@OaYhVqBn0+4MFT8`
zz&_l^_pzn`#v7nYW0`sMd%ra#C2Br{+|teri`R_xMm&q?ktJBDRtp}m{BO0L{SNjc
zY+}hv`ZoI!1FS`!6$|Z0kP0iW7eT+1{RmPC>_;pmVpJ#RrAz3BB=i2lR(yG<IyaV)
zOVTVlUU-!=X=0~<&zd?zl_w+uE|QTQ4yLM%=nhWdMQ2ydML>&@J3&|}vqgeM_rf&J
zM^UbLjCQZyCw-8RXt6y}UP-GCFf%dZV)9Nx$=$}(1nf)9aOzJA1ZMP2;?c^d4q{{C
zz_d!Gp7KhXmuSPQb|u<!0D}_wT2C^!>eJn6`6fl|W)is@$C@C&^*0~E`tsWoud++9
z@ZFAGitifmA%63p&`!cYd?&y4Kg5V?=Yw#i%Whm9nhy8B_W>aWU2ox_s|OU&P4QEI
zw+ld;0K1vO2Yj|-%YYy2mas=9nYj;X(e*HR!a<D`HjY!yI^w-063=qRHRe_J2nKKu
zq9}oh$_(kCNb<$&a)Ovk5ecv4OPV(tk+UnHhknjJsKK0$RErz$;$RMWA_`b8NMH!S
zpi*zO)V~q7fSmHWES_qwtr-H=Dop9sY7Wdlq-u1E)q*lcG6eAr`C3vybi(`_9<Tif
z0t%_g8lHw;?~E}W7Hc+E7Y35BT{Gu^QZ}htduZ#z&}IWEEuLDK#(05`J7<%7{q-H-
zTKjjzf;X~juVu!^&U5$A?7xJtd`*9WWf{_fD=bI8R@{X35cC?jy1cUD<V-T5i6!gO
z)Rz5IKoG#^QDX)^z5kMO!O7(?Zt+tw6yQ9T!=y&Ba>bG-YW26G$~eDsWA6fwe<3_(
zor7x<md>MPhMeumJ3HPCiRn$v#SyFiVYufKbp1Q}go#87rZU#3WToogLm-U%#Jfes
zyx}7hiLZkG?b&$!2Z)<CoB$h_t<20`__!b5!Y5_>XNI=SxuDCSLd_WD8rlLbvI25a
zAx_?h2XzFHsU)x#QUWf(08z4hwI;|WJ5vBANd{7|^q8+Lz^<fbVPZU+STPKqw!t%u
z1_8{>zA`95Hdz3fY?5LHAz1Y~NEs@K(pM{}FmvT6UCzPaU>a|Zrzf#C2FqA`vuUhU
zrnBiROpH{%X}S4YlQN%mRR`OFjo4EEcJF84;yf#6nQ^mf@bI+A+#`1d#*8Sy0eDXU
zCPQK4$lft`WXxIO9m5t#wQrm&;T%hNW7;sOkDmj%;-7D8rnwjxtVFYqpLqRas9d4l
z>;)iRe;EEgY+1o1VXhC8nEFEiV6MW@T>TU9ET>u^5-LJ|RS~`)jFeFa3Qb!Xr-SB8
zFxEEuZ>j1(n5wA1g8Ho=39%Qp<Li#`C@x<M+RZE}00(i6;j6k%=owwd7!!-}#&ton
zclULZH7LFAX^h^JG@|!fQbEB<h$^^=K*6o>`RK$vw7p-V?IkSlI6$AaW*=dRUjvRP
z1Ufg!M^$y7YOh2sA*ze*AW_TL@|fiaJ26b;m&QT#E77b5c@uyh1%vQzeGak(S@gj*
zZxu2Djj9QI%gdaU(IiPMNGr6q00kx!Mx<Q(n45E8ASOyF$Uqcx5Jf1^uudLUb$sO6
zIFb50vVPpPFh|3xadN<<3X5Zpw}5BA5`D$MKwlZLVU-A<GEUCb;?<B`m;i6c&3yIg
zIPBf}#1Q5?@k*^J4>OBCC0WkH8mP%^3VMN=HP*=dxX3Ja%1y#3GT|v!5EbP>syymu
zeXe4e*AEc3X2I710Fi#}m%$_|h9fmbHoXw!HJh$3thDn`u|`MuNY;K9DF+f^AqO($
zVK<vu$UTiI2Ev|RG&K>=X3)E2Kq-^WkkVrkl&?JvYr=_z{L_naPcNc1RJC{q!?CdH
zIdKHc7yWV(#wNcEbQ{v5ClO}TY-%FwLWvnxLrt-7`8?VUni_2HsO(w|YKTxjVB480
z3U<3p2sH()Or?_EO7LERtYRt*^(Aw#y%h1gMu9*O$+t;A2O^>{zH|3=8!PXXkiPh;
z3w|HW5F^2(!w6^msJSI5Om1O(xjL-9D03oKMwxFwr###Dbu{Hs3;kREuD@XCpK~U9
zo!JWjuCGC_SzeUiJ5LnjFSV97hu{d*X-+(=!Gh)>BkcPv5v;hRAOG-gk2g%zP!E~_
zT9>q_b@^4Tdnq%{xgN@+>wdpR9U7f`r0QH~57oI#k<8T*=qna+1bT$gzYK`)6qq9S
z)v!}vi`r}!5RS2Do*zR!XuQp3gf_^N+!|PTVWw9MSPkOD2;xR$PzROLFIchRK$lA?
zj4mhY71Yb6bWPW?+u|AhE%6c(i<Y<=;#aM`9#z1eFyWm>7wZ>Q85>3YLT8^0*qZ*?
zw;(&S4>M0sfoZp!!Y~uQ)U&J;qfRcrH;*-RM;8fo@efi({k`_P<rB4hP93{FX(w0M
zoA1GR4x2(Ob^ZHL*%;v@7bd<hvlu_!lYS47+uPbRXf`6s6ZvNTXYjol`Om?MRc@g$
zGo6OnCp%xQWkByJE4k2{8q05)#&1D>hw$s9@>BWRG^RAwo}^p(iesVMVVZ?$4BikM
zzle=r#KsaoB5%_^(}{fo^!`)yHMxM=`vN&7<3C?6%#hR6^N?1&@D77e6)^Io3=K$0
z0FbQ$9Eiw`s4cAjJ7p*eicb$XM*;FqM=e3W&@DJ+cwHXj!4T{XLz`$=t-6rfHboVf
zn!;GpUpCRe%4d?Q|L~x*;UmlS8z~ntFI}kubA||vG^R+`bfE0A2;M13vI-pmGo2}0
z=$ISADLY?YRM_9+=1?O^DIP4!dm9j&gKOw-{Fc&B$0N%5!f*Jj4Hfo_0vL2*Hf|I)
zEH<P3xopB$*a<CHJoYS<>%UO0rP%L*M68HYBG4r`xu@e(6IL?q+UO(1r)y)%`DvY8
zL$j>?l*?APbbPZ_e_INA+um_T26p_aFg;eE#LxIE=8i;Jt@=;VT$WqjICNxxY;J@w
zyKbSTH7|DT9OQ+6(fD(th-X_8Z>~glT-*VkVu(j^YPgT{MBsZf<X_X);~<xIRyaGb
zSB|#pXQl&*<7bRI@wM2U;Gee~S)XUd)x}imV#d_P?0QEr9t%BtFREkisbRp*K~2tn
zt3P(*+?plW&;1c$=MvVF1#CHCKMr7{gpCpQlK^%+VQUHdX#hK)u;U5)Spd6|u+s_q
zc>ueSuoDRTMF4v_VJ8yy%K-KU!j2{ER{`ujgq=ayuLIZz2|J0f{|sQCBWxXEzX@R9
zA?!%P{wsj}hOnaudpdyi9|2gIuxA3;F@#MJhJ^~lt967G30oAvE+ni(m=(aL3G)cE
z1K3W&RuC2sV6P->C1HsGwwJI~ggF81&k0*im>a-8O4ul2$pH2x!j2;>6~Mkv*f?S7
z02Uhn>}0|+0c;6jrx4Z?z&yfEC9F4qokrMcg!Kim_fX8P&jGeLfPIiK^1wTfV)jXT
zSp@ZdiC*SPz2Bmj#MS#0y`-Vu-_T38t2g;gc*!C4E}@r&R_`diESq{K=w%VqyN+H;
zr+Uw(mqMuCi|M7TsrO2HDQ4=umR?Gjc(so|3hnY~=r3*i(w?P}?|e-h!xLx1g%TQv
z5?TU<z_qLqKR%nRb%3aobD|I;*scb)@pDBPnM4@$EgD}bs%pnS*`PrDZfrT`EBv#H
zcR_0mkL8Ne3ynSUQh)w^|5)CKeJF$#eApHKmhAmwgFb9|2pjTYmxQokA9hcOZ<!Cf
zEsQtf!(JQ2YaUNF44J%+#*llH-zS1NWBDlj`ypJnl1==#hVa2?{D%T~^90h;g>l<^
z9)wbO7LRfBU*_g^ql_p`{#bTnf^Po6y@GE3z`c@g{=mHoAMXd4sWj;VU^PD2bRh4W
zbYl}3Mn&mzG|<^2@$Z)<XAMCo_9&9BL8K;s;I7ckAGp`zqcrF;^&G>dyX5(BJ>P_u
zF!o5-dbULpR`%PY^N_5SN%+CHwKyS#1JkT#ET8Q}tJdMY#$L0+k`p6Z^`(BT_EMi#
zxdesPTRsLxIyGj|L`-YM(uOdW+IAHoutbzZW?My|@|X%kZVx8*Dn<ME2Kls>sDN1_
zm6E(E(l9jpZRDT2C=t6|T7E269^evMzS?gscr}Q5B46vrix3p2iFhKn`WuPdnoG;8
z5y`t0!I=6`$`KtiBauJxZ?B3lVl9`Uz+hafKi(BT@cxI$W<uUAn!uPxQzmMq-c|ir
zB_Ntf$$A<mc*Ltd%p`JVeJLUQ#p)9CQQSVs=|-ui=A8-q1ZG{#iG360d<Hr<tc!H$
zgnjUG&Pl4Ox!?62GMDffTX`I(AI{~v&|0hu?ZIf645w=Wk8BhtQ`LAC%PxB{YTc6x
zA$$FCuvTK_BQonRR^E?eO4DE@4uQ_#gEims2JQ`%4PIwYHeuFtupkT10-i_VXNJr3
zzFB&M^k4j`K(X@ohMya#)8pLpw?r90Kv<XF3qVZ8LiEtx*YV6$36ZFaT&Y{kVWe&|
zn5IZIV(|G`$SmB)NR*Gpyu`4}WH_-0pgl$JeHf(r*$H^}8Jw78X<5RPa1a)=IAx!^
zC+nDECbRU&$`v*#c>2_o?sI-=i<OUJHGmpbMM57|NR}sZShQM(=T{8U<eqE_%hNgm
zF$-43%H!dJ7*SLnPNg`pVvDZXNJ@vUM0%IAVgw-T3w)1)dh`FhN#?ezlFq4q)*6x3
zDrG$GK}ZGY42~<!%niS+08}a3s;+5^{+9HpGu9~PvQ@$A*k}Tx{w2}cC4S9IrD9uG
z!nBp-O+!^3uon1buQXjAhcpb@?j97MJ)bkQX%Br13%V3wYUDBLh>Df{Ot0^Cyb*ix
zX5GGLX)ic+xihjBho#8sQvcdSDbrhyQ}#h%Y0^zqHE5GyZ$bV|#ONV7>9$h+o}v1H
z^23g8K)xTtT6-=7ddJ5xr(c_J?V0@<sBQ#J?YHxr_xCRn&)T#-I)XMa13)~#Wq-eA
zusy_ez(i~(5-dV{QK7~TOi%eL%sz|W>mko0ney>y`6IpM5`@f7qRm?kjzV0xyelCs
zGyC!WPrim}=&G+_u@WbiupI&u$*Ueh)_ReG`&tWnUZ+_3q0uZNhi?S^c<flvH!?P8
zJA3@yGu)M#j7yW3?E3sC-<{Yb(pYTc+CO|0B_Jm@xDGIQ=Rp14hZkL(dyo9dQ}T!V
z9i-@BF=spWWG3U=XG-ff&s6WT8OvLb1b+V_Is1U<5<9jk%-fNc?RZzQdDz~hem3f7
z6Fw%79OqQNz&v)QojSC%MQg`Jh)En)Y%%EDD5t&iOdA7aXigc3U1Y{(x<cDL2~@{l
z;g8iC^kPuOj$VS0;cdjY-<BZgL&nId&nz)u;It0FCV${QnQs0FAM|ZNZGTLP=EZo@
z{^*eQCn*hWX@Nqd{vwt-r+6*F%NA%*ql|9sPf<pmVMV8gV=d`^JBKY~Vw*U(yg~D7
z2;yEqRWK#d2cpNuQac(xqYkajAx;Oya@<K&{vqMiO23(Msu>(GM8c}%$r*yBc(?Kc
zuHi?@)Qtpid==Q4=R`~1tr+!3Q~GX(4sK5CV92`$rN)X_P8^!W6+gmG*!AQ_{RY;?
zJr-0WQ~BJ{>}zgND{Or@_On6sa0ztckOLk1v*YS>@Hmmw@%?g6aj5bGk(qexCy2{G
z9(NHLIF&?v&uLN5=~2%a^msdwx90jNd;>i@ZY=_SRup~?J*qUC=So2TUGJyNofq|-
zA5HS?sON&H=Q&Z&h4kpmV|MoASnqxriJwhqgIUPqcoKa(UW1Lr`a8M(;Ju7Ig*?S$
zKh)y?zfpc$r!t3Db}RPD|F_EiDpu;y>@PWH?<<XJ{qh`@>LQU$t8peoL39xvqKoLT
z8Vtr{5w{e@>Af7-j63Je)01mTOsnxMM5SKhSNqsR?Cpk^GJaq1Zbt%)tNJZ7KVZs<
zEu0^eH*pX}YEZ38R7X<>q8sFm*!(1%bZAC=$PJpGAjax9bj^yHN<jAYjG2ySpd!w<
z8f>GYDQ%1>qTZq_x-$$f^>;uDgott}R{mNOD{q|GsiqFl=c3GP{pffXY&^fgiGUej
zeA_PCxl+OGaWhg5$LNdVx5w`_ZQ0(jC1}Ocx_NvVyNVB@SugkNqHgK}^D=4|?+;je
z4eFK>Mp^{r?$K}l9-QbWpx`?OeMhM$a4o)P=Gr%#1d1nDT5K{(thV<GP@ufIv2SDS
zlwco>YNNu;l}1fWQLGK>v0Qx&%jFtwHK@!K0{&nmOMQmyGNOaw6N5S0S3cn!-Pbr(
zVI=PkDHqiw*h=&{Zw{b*X5D?@0Adk`*93^qDPi-C{#25KGU{v&%79lUTEP2t;8k*x
zM1Go*In3pbR+5}L5DB*VHLC3Q`%{QGuzayg?%X0aC7C}sB!}7ut)IjRR!)+R09}^C
zyAxUU=R~ER%6B*o0%e9}!4my~G8rpVpuPT-M=6I`ICt_>Vtz#8Sr;h<h09{|gqK|1
zL!NmspfwX1JMgei>GaBXG?C9?#bw4pGTzbgHAPMvBxcrDgB_>00Ru(p*QpIu^PpeX
zK%-Nv20K#qV8haTiNs`fu@@pzB7GILna*uKKtlNAc!2uH*GgLdLGCynFog7D#t23z
z^%KA-4SBAOsG|iw=)(v11aQf-W<7wlYBbWHdoJ@QI177J!r4ab*m~q&#&8^(tWZ3z
zIkpAWqi3_KP8E|qQgV~~_a=*5{P&Frf}(zixE#6Dl+Zcn(Ke1p7V!KP-W42;J%fo2
zy$0R%wQtr@H%^XhtbD$GE-_?FO3S&YxP_0+;AXdTk7;u_A&n%DVV1e$R#cDDJs$1c
zk+Jq!I@Xpk#vu$loM=tu)CVTcK_fUKHmC+l4}$m!f<&2^>T{$81VNGNKq}>rLD*Ka
z2o9=PDbkDD393mW6j;|`goq3n3?d8~AyV-OjP_`bbhg@SI?`)um$}&tFUKCa&|kow
zr>v-q+p*V+gmX-~LC2&QAu#YfFY38C>Un<Db4k?mf~e=xsOK{EG%x2@Mv>?>NUyX(
zmT2H(V&h}oCt}}5{@8DpFyUaj8s!-K(j@8Tv=c0CaB6G6udvd3OeN8wGHz+Z%4JqV
zsEXgjKx{`C4)q|JZAdW%rS}FZ1xp|fH0T@ED@E4`dlbTib5;CkTt8g|%rsH3)gUvx
zH!;09bGVefK{Mhl0E!s}^-e<el36WWk`-P_c61%a`ro|037jNFu|M8h)m?qe**mk{
zbN4JTOEI$xyTi5IC<qFOg5sN5gx%R)7g&VGnH80`#}V%X5QG&FSj79{d7>g-=tJ>%
z!m5D6kLQWv0bVE%1%BUeL{?Sy-TFV~^O>s5$cV_u$jFGytgPx1`37k!5B9`ba{(`D
zu-UXxejfy{q>P_qIet9RImm?Cka=2%wkF`^X=SF)5R-ima=C>-b_jrS3xOh7rF@>s
zr~MLC<ap9S(pvVr{=O%Djp;w_(EM!16C9aKQZ;Lisp>@bcA#~3>o_;cE4xupq#KQX
zbu1)gy-U5@`@-);$C!DgF{vV^b^kMU4ksP#(69-bRe80SE6wX)kt|U-8naHA2j`)M
zqxZX_u1NO$@?%N;J*_eM-MrlPjJG&T>8^DP>y2B+&(<k058&Er-~fOyL%8zT#t?H5
z!0~F}5P$>Kz+nJ;tAQiex?|O_(QDmY1jFgBT@}I}5|u^5uB!%8*nO&j6n14bkirgD
z11W5_8VF$v>1rUP4UR=aDHHiBX%DT&r)sCGfs}T#8c1pPs0LEnp=uzdU0w~Ow3%uk
zq_sL`VxUUe!>aKq?f%t3N;_2zq_lfh11arrHIUNwRRbw)M>P=AT0Ju{SS9V@)%cY5
zfNCJ6U0n^Nw0l(pDeXu#kka;711W81H4xHTJu@*>CG8Q__>}g*Y9OUuQw^lF6V*UU
zJ6a8-v@5ECl(wrH2x+aJnHa8;_Q+~{N_$W>kkam34WzWIs)3ZYW~5VEYpCmRrnKGF
z<dD|tnTe4qX^*PLr?dxG11ar()j&$ScQugG7OH`i)*9-Ov^~|Bkk;y%iBWIYL~dus
z9rX(Q(L;B{E65Ka4toXpaYVdeCqI~o*YD&<6bG<>PQ1J)zqOdd`NWAl=nFlDK>;t%
z35P<LVNvKbJn&kcGAU#XmqJ?EjFHU%+2jK@xq!`zfK7kErY~T#JYbVmHicgD86=-V
zz-KJrgBD7Q3TUD<sem?0n+j;8G^#LY_zaNG5c%vK@L3h`nF#po74X?J;Il`-XQkmY
zPCmorvtPhx-+<4WfY0iH&s4w%r&m>;eGDI;d`8IU;DFCT0iOc{J_iJR_7C_>2Yl8U
zK5M~elx&U)*c=(KIU-<lc);ecfX$%+n?nqn^<X3GBA%l$YpOmsc<d;f5U0u-s&Mr5
zZ-V*BB?i~6ntbsA_)bnMUH>ZFu(fe8W<{KyE&c~Cc<v&l3KA3tQ*D;pWLjOv^fzqU
zLPrbY$-hyWiiuFAG>)6_-zCB+nyE4&ch2?P*coUS=lD>n8EfVxbo|6U^o+4m2pm@U
zGw=K<c@`gu;=&OfQ~7W)s|88G^>NoUp31NNS+L$&W9rIf3P*KJtqiH+(OOs-NA&yM
zue5PFFD-KF6KcHoo}W$5asy8`S-j~-biMiutXKJ0=#--q6PO~(+G^si&xVJ1Ch{Th
zmIycy0?&(pgCX#-2sji1-xL9dL*R!Z;7ABu7OVhonivg%J0i@n5I7WJ7SbW~nh3R!
z389~}pdBIf>=3#{8#M4Gu9(Iy!CVz5y2j;{6rT`I-1XHEJvb$$@Qz3jb4p6#r$_KX
zo6lb&K0`KqAi^KE;eU$oM{M{=gg<J-zZl{#ae9p{@XRl;1wQR8Zs2fw8w?#EJ%}<G
zl2;HW>$-8+1kaNgW#FM<&c76;aE#-a?Ca(wwx6*1v5Q2TLv8K~s$F6=sC8dc>*;o_
zVJ4^*j6Og{2L<XUhRU)HvZSykEa(qy<HbchT|UK2<+ks_{^ikmd{k=VX1th(FGX&|
zdoZi<MX<|6^(W=G;{Y{&)pzc+<oFV}uo&O&+TF1l558W8C*88iIXZotJWwtSOn(H;
zm-e3m>@@2f)Q>1)Khncl>Kj;hzH4ean@G=qGoZ=gGlo;cXKa{3X)d`TpV}}pd`4e<
zAh}^slG%8N`NjFc={r5Be|#Kc&i^<Yd%LrECYp(tUMX*RBht?JS5dX@Z){>dI6U|H
zf0f`rNx(Jw0vPhoEwKW)K)Gqo?B}>8)`cRuY0ebkLGB#N%Df=GnQ2~--oi95NN;7D
z7o=apG%u4I=1)cMJA!Hbe)lSc3~qq|=GEWi-0O0A|5nPZuVYB^Ld1&z*Z&d<o#HKW
z{Ui}@#@mML(hlEU|01Eya1TPLps2p+5dyG15CD4N8h(Rl2s)Axw0203K<qo|j{g)T
z`|hFeeTSxeSNgB!d|R(GezXVr{N`Ez3lwgCGg>}>J1+Xt2<vfUJPX4=H@B|a6^i}j
zC#6^8tqG#yTaq}V?y9!!{z7l)=B@OQo_)z_N90uRIZ?S0V>Z7<dPduqh`kqe@|_Sz
zI&gF&>icI@pY$F;C;c)MLGT8*V7FKm#WD9E-kOnAB00M@2UVwL{4b-OsU%()0c_px
zr`9LE*+gpAe-e9^T|`iG^3u9xn4Za`(ldBB2IpFgp$UgvCY6|ezvB&VmgaEG$7AP0
zUd}b*`RRCk6tCdC1ES4;i}IOQaA<?A+mYuR)o>1Ihm0oEEZ5tJlYXj<_)J)DB9_J2
z%wXJCqMIXD`9OQ*xf`!t8xA-`;0X`xmQh=BazXovD#Bj83>c|<WDDN@U>4p3k6(Bo
zZf_ltcw17vme!s2kHd3<xzo~PGhM+Uxa9N?Q@M3h`Ryrswfy#3zV^-0oUB8dO>CSy
zO^a2m{OrgUgSV14h`%LZ_+O=r{#STaL^UKMbzZDX?Z}J00Yo_K1O0HUuL0d{pi6AW
zsfFD3j;XU98T@Mo8giBL?Ot-$zYV5-4)*f3U&Osg;q2fR7oU*Wa?VU@a7(cHNpF&x
z6~U6J?K2%oZ~Dq$?5>AQoa?CYBU`xbI$o(4%=1*6_}*kMUbPkm52%oQA<Q^N3Nf-p
zMaucdLjPKa6FUxdn7QxaitgV|g$bqq^(gs`DEVJu((~^?T4${T(_fi9()`%G`x5ly
z)=j8{z9Ek7zmM{F=5srp;hl3%A;U`#Fa6ljaq>Hz5oS7g>E&g`PJGjGV5c+6OeZf{
zUUEC}S;xVh&KNUYye#J>zjLn38QSR-(#&=9(#Old&N;?T|7(yj8=r$s<&2qR6R?kA
zJ5$J1<a#P{{Z=le{5-PDTX1K@&J;Q-a=jI~6;>{-?2=?RV8NYHJ5%Va$Ym>XcB3$$
zq`4{b8?@2J>`bAnBDcIEXSd2zc4@L3s=!KD<hm<zeHA&oSrWI$jm_oxd>qfPb}pU)
z`}D39$#<zW4Nm_`)@Gju?z?F_Se`q1*vT$ugdM#L7a9caIrcg3-83iM`(Zh|oB<jR
za`-TG7w=s(3f%i>FSzGvfw=d;a&|dGv=-z*wSxB*u(4gv7|jv6UYPAJXBeip%NeB6
z0k)hriF=lIi+cx*b(b?r<3=vy?b12kM<M?l&m!V$O4lImV6ru{)5-I?%^BcrBZq)M
zCA-ZTR47J(Kqb4)8B!<)fIua?P1$Xv{R>pMZ&P*~Vf|9>?Giu|N&!*|ZNM#!M&p)^
z@5&~IXYgKiqA+;Wnfk%7z@ipkjDB%<&Yi~T@XZ)SlLtBOj^ptF!<R|eqW=*9mx$$m
zlqvS(__xr^B~Je)?=Yv|w;|&cp0AU^1!i>eXU<2RMM&{3@_(oWg<B$WaDGn+UH`kJ
zM5UY)eiL{8DIz9*#KCDkB~!2Kmd*yS%nK%U=P=C+(%YHl1?h8{<^}1OGR+Ip=P}I-
z(&sbH3(`fVc|rODrg=g7WlZye^gPqNxFxCq;>k^O(Y$mA(Rk50!*kId`e<zoVi_fu
zGd)bma~NrhX{1DHX|{hiG=nHDrH-_e=Xlsy)t4K?Gfnw3hiASA0{a{fDOVpZ=XlWd
zabbvwt7=mZ=xACG=!hCksi_EoTrt*urEVSO0Se>9Ga$(!{2raZn{tc1JT)lY(qRq{
zQbIXoz=W!ThX<4X5199Vh-=Wc=YgN-4QB^LGTfzeRU_D=!9z?6#}Auut`mrgLl8O9
zzv&;nnVG8g$=ZOo^q^B>Z$Ur%A++v74>2pVCnm7*w0|Jl6WXkm7-;+}tXmCi5lWg{
zIAZIJ%2<WBQG0EtvMzM5GYnO<LU(+ZN%gq!JRA#N?3H+PsDpDp(PyC-r{PafEPlO#
zmX}Qr%<lAmBAV3v=<H5RZ#7-$LE(>47(sebyes(FL*aSrKH<nXK_78+U<Sy6fw>RI
z1eD9+z)w4JC?JB!Sm5X2I0WRo!T3(Z`e$N#fN#je{rgZA-|fYx<bT9k7hevvY$_Be
zg;TA4$l@GJI-A7oG3ojD0?|vR{Ch~i11^}AlMhb)XA`a1;0xP0b&<u_kAx5SB?Cq{
zmy;4kDR64V2M4<oGaVv0<sm~aV1&;hC52Hkm2Sl+j^@u~L~`K+O+Yl$v^ai9fGuNd
zo2v(kNsEr++ALM6vgyL>6v9Rt+nf(H!>>z0Zc3vXRW6;-vvQH9HfICHBoSaBHra?i
zl}iVdtX#CA&DlUN9^M>B7m*FMsa)`-A(#cOh0IZ(eG=aQRg?5))Oo9ACTG-rtAVCw
z)Pbv=rf1ZJtGS{F)QhXtqGQ#OtMS5K)R(Ib!wSWnSGtQrubxj{<+vN2ZSjqB*c?F$
z3746RoWfq4ox;f0O-^A9i9NP%!en(2slAb6@ifxiEZ!H1<x-qSY9AJFa0*9lcJKob
z4$kO1V=NrqIyZTyQ&<C(KETQ82*O7I#{oM=U+iOP_?@^b6Ktz3ad=Jcb_#2CSLT(-
zVy>f^i|ov+nbDB#KMdth-t(^!x&ALn#rS+7d=vlN601W1l$++F0Qf4Dm3eVX6a;8;
z(_DmBA{sAli6R0`ZkmhG%0%M@n|6nNI>w(dk-5SS+&9a25XhY`{gBt}Zg?{$<cteT
zlAdlZs}%UC)o);9EbxDiW(Da#XqpoEl9r}9C20oUbup(*s6YJB3FF;%)c;Dx^_;X-
z;}P`{#Uti$_>1v~BI&ssk;$C931ku!wh`MIaJ-ZvmAlToPr@9zpyAwuI0p6Ve1e=H
zKUvFsf(e;VFoCGW7r^Q_ROQh*ZqTPDzW)|2wC51ywfaz*Lma@JEHcam`e?vEQRtP!
z7rk=$qSw49c)4H6JDfWtq)ob3W@8IImvgbapDH40wmB9TQG`bYp7|UajzykoFfP~A
zc7@*Q?`oTtprikRZGg+98Yw>GjgKkwpfEcH?-wv<GCW`@i*GQvJIBw8KLb0shA{YM
zl2p&5trLB5d@?FyewQet2U6Eg-wkgoyL4yh*GdY@r*GxN`xnqB>_y*q=|nttcRa_u
z?;^wMeBB)9+YA$Ty)YczZ0zKA4(Jj}%CAS(@wd`Qi`&U@zOu;mU&1oi{|gIcd~Adc
z_y^!NDJw03NtqYSWnarQFGyd^G%rZMj%i-p66?gEl$++FLHP!v@q$5lj1Ef9S<Xa#
zYMUakQzDAkCKH|;H&3TrSeQxT7n0ogK#=1vDY@~%Fsr|~L}HnR>FXu8C|{XI2}Fe~
zbh|6g-+0aqCf9?5H(SrSVe-;=!rgscJdvNlx6zpxnBlk3nHofjPhZ8ioh;gdzWj5j
zE=SabN#Wy~qpsw)LQJ0elHUn2dC{5tMu-5Um*6QlX5H9}0=@X`JZF5_p3gc<dt&@8
zAN}5=+7aVVJ#g#Q+7IIwzHqu%x&f|(tyk|trFuE}&?%;2%!yxEg}~%)OKjXUIn5Lj
zac1x(%DIGo&;4fX0l!MtAnbm4NVW#^JvIXKJ<8sNwLHV}KOrDyjMD2@&J6nhKt6-t
z1>wZSD$8FvGb&~H*$n(hQqnFPxN@e@A%*<VSqd{Bi*OKyeNu>TvRBtQ)TGAYCN+*U
zt8uhhjblw}ETo%MS;#c2v(VA3(n4pmTDzLn+TFC)o|;;ptmw}1YhHEnhN@1rFra?L
z7_R7A3j^v>j6%AigDn&`&fs)a^s|Kn>uDhhdb@=v?46dfK$op#fwi`f1=iI{78pZI
zS<rQ@WWnHQAq$MTl`Js5ma@Q5>dNv|rMbN4cRxPA%3LfA8iQaMV+dS<g+hx`luCzS
zp@_XG4t~51^#^{z!eJjZmxaTzl`!nbR>H88S_nhqZ6ORzQ@Q9csiPShcq?IOy)A^H
z#k3HH_RvBYT2(7yXfl<;Xo$p`O6C+ARIsFyS%t<HEY)OQp&<rKHAb2sq~RG8K55QC
zla1%X-$e}L+AleK`ZMf7VyMoax@7)zf|)<bTu0_ecW{pMF7mFKBSl5w94U^k%{H1N
zy%S8zykIVLCDXhheHGKZAia}mUfdGv#2iU(nv3R0R}+mF%#nUOAqyAI-=n=J5x7JQ
zOfwF{-qQ`3bucS?PfY0Elg@fbI~&X+1Pv1)e6x;tg`WKp)XA^Vle<CR!qpPlC1XJ_
zZzyz6KVne3-SaS6QYucC&btAsmNmu+m2;sI6#^L#hK!D=MP@>prBY-fq*>96%!4G~
z#ym*0t@9vJw$6h@*E$a(OBf9ss`DVbJ=y@B2bmT7rpZ-UuDkJVoCG=UTpSB&*NJb#
z`rEYc@pLS9i>w`4IaJ4rF&|>3m=CeSF4?5$gsEUQ#0qm)&5XbDecSJyS-b{0zXK)7
znGB{rDc{1%1M5Yf`{r+E7OxGkyqPY{fs!`X0I=@AV0^Ec#dil-cm|E>muF)Q0_&0g
z{?gZG7OxAiQuw?*XK7ZAL%{mao>xECT&`hYP2TaQ<D1Jh0<6B{)_$nDT%*8RcGYoD
zHkWG*SodAMbWU@*@FNEh|L@1Xt+`<MxrLeWPoDnt)6FF-bO7zk_rCZo%|$D80&S1%
zJI-w(TNlvY`Le6g&}N-k=my%Q$GqwTEoAEf+RD^to>ND*uE@-2K$|DV{x-9CebDKF
znORuusG~o9^jBvVZwRmgGqbQn9j9zKbJfh^t^h5tGYgHD{gH3p^6<>!jR96*XBHMM
z=#1X|?rAQVbkqy_k9Ar|MrFMAq4(U^Tr%4BxBl^iUpJRbZ0Moy{cL3m(b!M-BoF?2
zbI~~J-qiJ@zc!bQ*8PY64bN&J87(OB@Gm~xTr#?Y$KU(tKbs52VfSOFcvf@4#J1mh
z(&Qy|B<qgMjJ^5HL!Q8RdQZ^jftguYY~^eJ_Odt4EZ!7g1!iVpiJ9#&cl~)Yi|-B4
z0yDGGsQ=FOzrt{OUw{_anT5syaO`it{J!Rr(K0^#{RdBME*Vv}>BKK$Ff|p7&gFvJ
zzVhYff)&`AcPzf!Z!Q@}(-V8Y=eNxzqm{j3?V~?zE*Xb;V)V`N7J|`-9&*<Yf81O!
zv5a3`bN@rlCBu)|z#3nDQ=z$NwAq)u=wsigBU(>nW>m(pd+dY3^!}jB12eO**iG+x
zdh(c=#Sa8nftguY;%7g&=anCwS^Qvt7MPiZM$10r#&=>ceJH>Rtjxj^Wqf`1^p`Z3
zjNNp_cRMd@AsG#*{MSb@nwm*Q%f9=J*T12;WE^wPTl`S5xnR;uKYeKRQ_Ur#0relV
z?7hte6U%;2Hg$4y$vEaNUVOpdTS&$jeBhrC{ZezuXg^=veeYxo$!OY_|KN?ktCS4$
zWKP_$^pMG;&fl=~kolud<FNFQDWuNku=KEIkz850Fw$^ewp-Q}Cz^Fdus&E8JI~C6
zN0&I~D|9Y#9#F_Gan@GIEpb{lyu>(NNG~xE7rK`iXbb&IjHE+L^sR-CB|6VS?-G4b
zA-_cDH?qX>P{=IN;0rxVG@HVTC0Z<Btp7QV`?>gJ^=_Uld=wcTzWgu?r=1e-MSSy>
zr*<{N-@U-$4#~L1Z!&kJ$(e81<5xDcG%i1T5mNHI_hIG^W`^c}gG$NmBdq83sQjED
z=N6xV({bd@GJa?JX%zFMn&7?`nThaA0DC~em!89lS(w{iJf5^CI18@<TA46yr?t!d
z2?5sK<(8sw1-FWwCv*9P{6-VIDca}$7}%6~!CLL(O!I>D%}n!x^nWtVi(4XVtl{LQ
zxo8ddNuu!ry&SO0tl{i^Zjs9=5k>a7nfSN&xk+5P&n*xh7cl$WtS;K;mRzvU&F6D9
zd)U+h7H(6}7sd?rAS*YMr!HjaX7ZvBS-T0KjkTL-S=Vl&WL>+7j&<!umRP&79lCa-
z%)wezl`d<yF)Y_MVYhk}wy)y}uG}``6&v{hu>BzX41OQ6+w=Ejzhf+D!CF(GJ6Scw
z>w;q0wWukc4vHVRZTPY#%>Q!a1?SZkhs^i7`?)W!Ee@GK^tPLx9~NV6os4bl#2J2`
zlPOVo_#rdxmx(ScJgK;ez61|lP;nD|Nu0O9IS2Wm2sM|x5<BbrL-LH1^;n=P%wJjP
z7BJ9>%&+$oec(!b`i1D=C|t07Cw%bALZ`s-`?(hPp(}^$Fdx2htRC-?D@W_G9=#H~
zfvmEU^;mtuv58ygs>dDsc|nsZMaRy%X;Wnd*hU-?MwOZ=bOmBoYNpT~$XTVDLXT-~
zCHqmZIiN=GL#UI`Dz&51F@;ykj&AA_cqMPPwWALA5sFxkeUA~QN_6yUPd)aXb!CSs
zb=KvME>SjB?1uw!Dy4^w)e{~HR*hBb2K}c>sA3NbQF$uaqfs6Hfi;?^&bkC%&A%Ic
zLi{TBLlB4HO7673?t1Kd*jQmxX*ZD4R9n-vJ$3j)IrZ3&!anLSN0-!PK4O|wC3_c!
zE4frzJQUnnkNdFEK$T)JaFk6Yci3u&e^4!VD6CW9)p|#@-C9to8TM3<6jWA##wvcL
z_)xH7SM%>=k5Hg0`G=rOf-AXW2paTC_An<SWo5sPLJ4)4!yAm$<KAs5tz<rIkgG%=
zsm~j>p_;@~(lmd@NPRQi?V)H-hm%bbu2A(?g!d&KA}4VOkgi<(t-uqGa4~EoQV`x%
z!Cf70Eq{p=b=a%Bt;3(Oq7Hky+gk3774?|Y*Vf@J!J?MAM7dh#8Y=3rmnc_<y@ZNd
z_Tp|2snxtVEW)caFYZ?0m6~U$Ah=TT;%@73XQ-&dT%2tk<{B$%*^9fa!=9m{4tsI7
z_1H63)N*H>tHWF(MIG)E=jw2mP*KYrgA8MJeU0Ynun4WvJGl2Kyi)HHDTrUGc>3B}
z-q6=bJ?3<^QfDP^jT5!ZIXpV+u$M3)d@4t)INLh>B~H{~FHw&0N^c;6q7HioxjNk8
z42K0?sTpy#2iGvCyCSqo?ewz(uGEag3BoIRi=VCKO?`FO<1UW24tt3bwe0C>>u{GC
zAzUieF0Qr?ca0LY?AhI&bt+(#sKZ`ETs{7b6T+THq;;atbIw?cajK8=sMxfSg_BPB
zy%}s&$m&T~2dNpJV3jpgHmOTmvzEd)0P*mY0U(>g!&CDGK!spIB@a(0&?|h-sn1S(
zWRK%yv&SJT=;(ae=fSA<*{K{olcI3teYD}3kar;~*WI56lQJ(@Uw?*aUXcDQ)4U*k
z3)8$H{W+$2aZ9WOYjC+~E?R?sfoQy74gTzUYjBa!DG^21;7t76Yj6@*uE7Ojt-)Dc
zv<8=)y$0V%rQk0-M@Efc4gM@>4*gD@$Qs<_sTWy;n>=-cSJ^vf0s>JGL^1$fl;cNa
zc&=;?^~iZU`&^myfUe1<19VL;`qwqNsDJ#AKimCv(LR>vY@#mD*_>#3&RnoOPlV4;
zz1WM#W3h|nJQ*vKH7u)=H7qMKYgksKYgp;)iN17S3WvUA#pyo>`oN=AR*{oKP0t1(
zo0`Ft3L9fSbC~I6K>&Ok8|N?JLj)T~%2Q6tV0U6k416zTBl9d;k0Qr$8s5RL?MaTc
z03YZ!HV>zDN;!_sv+_U?)FKP(Yz1?iZW$JAe*G~Uux2f_ZNzzxF_oi@CgP;Zs3Ny+
zA&<AE6}gQT;>-@_^;BM4ErcVS!J35lZL|@7FzlK(T8Ur~c24VdB6QA-wB1g4cB8`f
z+R1Zus>OENiL)>bIy0%0aR0f`n6Yl2^pR~KLz13BFi!-Qm2mJn59j$d31%mTCg@tc
zgOPU9hNufm1CS-tHVx14NHqaTf`KM!NLVGPKxETk;29dV3A}hhc>>u`qpUTu6&2AY
z43%02UgiPofCzQg>VOBhR5&vj+ff1!E>#e<RszqP35kwNM9-Ewprt5{4!O2;z@ubR
zkJ7ZE0ZecVN&9BN19qwa?H;_a(#i^WI88~6i)=>&JUeF-wWR`{JX0d|nC<9*M?;0i
z4CERsFy8)zX!L{!9-BKviy}P5+QM5{Bw_<{HdZ^QvCpuG!b7Yr9Hd1;2Wie-njUTB
zCM}}y_-Qb(8~93#M2t<^W3<*NGFUX>*;5lQ+tLA@vNlL7YUDhvdgyaRG!tnXhJ1@g
zT#gbM|Iu0p;R)hEZEffvJPTZC6(eoo!h^kS>wuBZC_!ClJ4%SoUh9Cv>Y;M>W8%n3
z(cq!!$ODQ%2MrvEMIxdpjS;Pp2eF7~J4&P7)7XJnL>$>dq-tyAKP(EGj#gtdP~$&p
zRUkuKh>YKDtpZw(R%7N>ZD>G7wi2}prB;I^&I?uBI*_4lk!0J@0WC*mGkR;S0~y$M
zHErmCj#o(3@wR0IGO|@RHJvuhfR0y5jD@zL0*-8@X%I@y(&5Bt@X)A(L(#I@XyiaF
z8ZiSUQrQ}NQJX3}b*`Fg<V7tK>RRei!)fS0ED}+*%GP}OWYa{azFVv@EFzlQzpMjx
zsuHOkw4np`X+?V)1yf5lIvt@g-k{ot)|vsGj@=r(VqAY6Y1Kl%D>T}l?HNIM+Q0dl
z(yB&$waR7&b{iU?cM}?8IjuDyzCcLKth!nQW-($*M!S(G=RxFY<UcGTN+vWaS!4fU
z(a>zPp62euBH_4J65|RQxetqmW+ODsgNQ{Tu3bpXG_(x`&}=M{wiF<vTAQPzx{(95
zW#jZiX<7tQi-@CIX^hux5JW5zF&v?3u^h8#IH>LBw5J5lt8L-hPy)xbP0}!sTEfxm
z3XK^%ZK!~wT1XnGAlQYnW(BlqIh4|J7HScR9VnIdX(I<})6fo-#zcfh{=+7su9ZlK
zT+KYx_)v?6x~{0F+Jn^50`1MNrm+*XDiVuRs^+^n77aU9NX*!7M+fXxyP7t1K)0hL
zM%QiVfNn=<)Ogxc0bQ>UHJ?ma8W3M4B<-t!&f2P_4F%A<S&eBJM=inV41}c7u57re
zWv$0(I1gWV-bKOQVq*_t5m7iHQcXAV9~K48MktKV8buL{gacb8YcL5lfz%?Q)hLOv
znnq#7qLFEVP1KeKWMLsxYBz1DfWz9Zr=bhAgrnV9wKUq&vM6LsYc(y_V-^uDM`_d>
zwx<FPYrCd4bRd4$uBja*a9j(G2?`D3h}9lhSZFoI>$YPETvrH@+Gvdu!iO5xb~Ww#
z<R@S7;a2<M776V@NsMfbT&P7uI}jS9f(Fx2i$XN5)tKSa$b(u$)U?pFnu%L9VsJvF
zYHJipEfSiWie@H9ZD>HcREf+itPLHoM}@|ytqm2>>)6#ajv`ir=y&V}wV?z0T_tHT
znXsx6SEWRzPh0DNu3AWp<84C);@gBq)z+2@WamhT>Ic&B*@*Qdlcu9$HF6y`G9tC<
z#zw)z#>TuW*fMS4FDz_~;#Mm!3mYb4Sl76SdacCRRk_<}B&;HMTH8h=F<e#IjpBkO
zH0;1wKqFUZA!C4=ZThxa$i8nL1})y4KDFPEaF)Rn>DJwdVQ9o|_$bR3gimXA9JSX<
z%>NC3RZr@16+Y89$5r@LA9FkeH$Bzi$Vm=tJK+F}94&C<5x*Q@k@E#kiAMwU01J;W
z;0d9g4Kb$;`Z7Gg!l(b)3=XiEufQoJIKXlgHsiu~bb96d%Ja<m6*-48H2-3r2Z@fc
ze4Q25d;&m@u}D#PjO8?P*6)a2#={!;i{2mkBDj=!!5Nj?nC1oPFEPyv(qCqp7o@+!
zG%rYhm1$m({u<M~AbmU2ytpMwg0n7i(_D1c<r_rfh37l$_e?~5r^F&T<HE$hea3~v
zm1kT8Vx4heb<r6Y$=PRIu27XlXI!W)oN<|fT5-mO`jRs)CQqHo85fhM-t>%%0Z@4W
z;Eam_P=f&UhXAS(fPoMox{Mb_3_y>?@P|ivE(T{)YR|<;kLtM?=}<ivBmJr8Vx&9A
zd#7J`q4wtZ)we$Ily>I$qu=}JTeL67&wAFL%cLuDaE5x*gEQ1obZ~|_IXDx(#qwfq
zEbCh=r_=btw^+_F1^PS)uc=fPpBWU(23$??#-Lc1Nj1eGbJ>EZDGr&-)_6^E$XuS;
z2F1`V-(&e)_#O)ti?>*)RJ_ANh2rdtj1X*;%ILtS71*Qrv>p4A-x6i_;n95X_6hYR
zCzdy%J<*|Rg5}gN!C)4=+d{aUSQdD6-kfkb^-FkkAe>;HSFUBw!`5|p^Sp8$)^gUm
zmbDyLuH}vSDtvbx?wI%?B-Y`N*$_fQZ3UQBj0m_=GYC>f%u3B59wGME<InTf%04)8
zPSsEeXF*}n8B;=)3*qRe;KVr#L<<6sPJ$9H{YQ9o5>)tz8fy7V|J7lyN~pu1Jy?f5
zl~Bu_Jy?%9HBg7QbYU%XvAtU6+JSZ0i|y56FC8fCy<`U8H!|;BsWwObIVi2NYkA<B
z&?=ipkB=$5(&iy&m%uA+o^p27;VviL>#^r)ae-H|N3(kBvFBm&TG?R-oyw)kEakX(
z9rkk8o$yNOVIcK{hg}*WtJupq{W|Q?w<=Hco&^;zO4x>4tIS^55ME{Wq6C3gnmv#E
z6I^NaqJ%o!*@1PKiwf#6*B-28FG{Gxo*h_+y{Mobd-h;0cUoT^=F)$4xQq4G;VvC0
z+*9dJd|%MAdMLBQ-wdr)nmwD_CGcv)=W%`FTQC2x6M5jB;7ZG(=k2b?US2d1HkGym
z{g`Si4IeG*sly))tH+*i8q{G9Q>e?FuNu^mooDq4uF?$5va=p{z9b=)R!R<!qiiaT
z9t&ZFhL?bSrPY%Qp;b07?H72Z%}e(YUTO4HKrL_B>PS82Y=0fz+Ih9i85cV1u$R6Q
zK9ylgG*E}XbY30yVtRyEYDRjm4trW&9q#bZ!ve>z<7Dw7FXlS7-9w=r{uWeH)w?j*
zPJvh3JsRDu1y%hEaeJho()1y&;#XDxB`J0_e|ckq0@Vzxu{zw*I+#zb{ICZjW#zcy
z`x14S!wN_0ap&6-waodhhcKz+&DT`w@J9ElCMykJ6tK0Xcgcj%D!b>qE&{GJd+9yG
zE6rY7U(1^Y+g*>lG`|je>APC?Y=0f@(sRP4((Xk8b+~Ka)w1V!>#S1&`>qaqy67G)
zs8kMyxhk!T-@WgnN}Upy2KY*cEWLDvfbVk1>Pr_2{9e1Pz;wNU9R^)g>#_lR3$m=%
z)dRL3WMQp~2)-C2YinIg@LTR&Qv_==eLsdFqVoM1LW1pu7osPl_hYiMzwmsszaSd~
zL-ReK!Tv&b!MFAp?qV(V_ZXxo++!#Td#sfbu@468<?vg~cYsTo7wipulWAU%{ua}`
zAbls(ydeE;rg=g7J52L}^mm!&1?lfG%?r~1%``7af1hby+!7_k-h<pU7wtXVO*CGr
z_a3BKPKiab_rS!zz4t)k%Do4HSbGnwF4}vLoW1w(nLwApcbch1>^;mw-LN?7QT858
zp1PF12a~5hb??Cds8rp1FaT;+_Z|#@>eamm1E7upz}|xaP|*O4hXB!bys(!6=<bA%
zy(~9&b-ld_u>{?l5JS+t39$p+n-DY5cXq@IbelqqK({Hx26UT3OhC6O!~({9#?~Az
z27u8)ZR?H&H5=_%Fef_}+;_rngqinyC>YlE6bfs53dFTNr9mVStHc>pu}G}(DFfE{
zte<OqRt_&9_J?!p!Amh0qNDI?1S{lTXovrD0HOnI%%P6p#UBfsyVTu^9X=%>cJ$(p
zh0G1#9z_lx5D*!0F*s~sVRN6gQ?R2)10sm^;*W)n-SuI?4j+pMa`fVlg^SJdF_j~H
zCM3vpn}|K_QAKXuLhO|z7?W4@D4n_bE#yADs=BQfA}Vm_nf%&lBZ5NMHEpyKkumI?
z*6qYZ4tw$Kwi98_sIa|uV(;E)v7L6}iA{sf3|@M<2pTii%}1QFb7n}w=O1i~ylA5@
z{#YakqQP4grfb7z1SE=H{IO{Gh*Mw0FeKsQ5Rzav8@%{q(eR0_(x^>Dj|)UL>%||7
zh&ExU)H1?{20|3Q_+!!V!KhYb24g!);IX6%qSi{_Q)?m7aTz@=X{-ZUiqhziYfA@w
z_$c)#O&c1JXOBYCz8UaQsw%*E$JPqqQ(h%8F0u_P;IOSAYD)!tG^{nL$81Lj){8&v
zkm!trSPp)!7`tMD$A1M7%m|`so7Y%`tbwzzC};;l(ZXX`Bw`0bqaD=PZ&*ZBx4w|l
z+(}v_qHU#V5%Vk}+MCjt!QEN~VsJuZLP?|eXH~;K)oOH@wxt6)W~I`K8aYs_9{L@v
zM{TEJ*tclJ?byOaXU%97QS`TH=z5i;MTE3y=&F>aRh+bl#9<3n+d5$MGZm@rw4(%i
z1QpIGuG$XFn=h}51`ka~UwLRAN-Po)EqJv;MqDE=ViD1Hltyi*u@kX~II@MPxgWJC
zXgXSr(Lkd}V$sOZ79!(&8~9O+gqEY#w1}n_jf`w1Y86gxD#m)DYFh^~v@McqKN`ME
zY*j<cQQ3^%TI)atwp~pdRzSxqB<gtEG6EUdDw~>4qflZshmKcC%;0Im3^=ltrfxWu
z-Ra=l0k4b(5Di=3t}tYc9H~Vkrl3SBUt>>dQ_&QJO10O>lUgLyw@|3@H1r`BiKts;
zYrc%KX?U7gX<B$vi-;ztH2;DQ*s)5aw$O$S*sm4sX|(pRWTWE|8sibF{U|mW`3VV&
zf{w>-O~cieMMK{!G}@o-83E^`LezY1X;mZsT4ieyPc0&PIH56?(^>=K4=l-QG+@px
zTa}2X($_0m_)&|9l9|^l7<?N05Q~OpqxCd*Ar=Y8wUU@|-N=PlG&CEbX&y){3Yi%Q
ziJ6Kva-tRu&Bh{WO93*fwK+Pf8#z&{9<dvxX%S2<B93aMF`l<UAhAfqaD=ACvdp64
zpthUSo)Wl{v4v|x2^`lpNyA`j2}iFhG-m9yp#qL-A*ri^@F`KaD^(Ti^z{cd)W&Ya
zA`*KDUYg)AYUD_58cs=-#zcljp429y&Xq`qUZZ)rMMIre)YB-WS~RpfyPEd2z_p1|
zssCw13+!AWF=M<P9k6%pYTD2N-H(zOUALhFx*wrYBWh0t){8*x+5zVw|Dp=$w1vdD
zxd!3H>QH()t1&gvB-o#|Naz%Vq|q*IxXER$&1g8mD-+G*iA6-=%&QrsY2-&N3Yv|1
z$$}IO-H1iPprw-4osfo~_pwN5HA-TvrcpStXvEFiM2&r^O+~vAD(%rWRKQ_v*VB#;
zXg5|Z(SdI&G1};~1>>03YFf-GEFxNt(rBb>PX!#-c1>;QK>V&<Q#(rFxE2}{92&$E
zt39&7&}xj=ZO0Heu7yZlTeT9xC$`}WLDm*7?OR{bXzocZ654~37#SP6Qj3Q6U|!LX
zVbs8nSQMght)|5S%_5@4g{IZa+@g_bj1Z~%8pRTegl4CrnaNTc8j!A4A~P#%LkH|x
zp)nTJD41BX(fiodG>#?~5&e(dpf+?s|EnY|CKXmS;<A*;^l57y&}9pWiQ8?cK$a&$
z(<-3ave7FDk=jnR3c^=qtfzl89TlsQ3$c;mc}+JqT9Vk<eCTEjrGekDurZ2*r-h9i
zhJ_6iF|4ayMf6EH3ms!u<!+;qu!`U*ZX1ona5eLa)=h*R7z=2lg&3gb`DR-!<W6Gq
zaA>K6OTYH}5zaDrQr)_Z7=}jdhL5;xLG*<n`qTDW$p^DK?y7szDe))(&gaNc1w9df
zvpjNIK@SFC9;YW)^n3u%^2n(LJtlx?sOMMov;dCl$l(P&G=MTWzo2Iac(g~(Fz68i
z9_^8H40@6PJ6#oL8T3UWo+hY#k;oiqkT2n$4+ZG&#pt(im&;k7Q_NW(IjDn|h@O9m
z{8;FHU{!s<$1VyF_$&!mp6@v~IFk~d@A(0klzGAVn;$aG3(`Mgnir(+VVW1D?`4`7
zx5WB!Mn`U%i_Yl$m}tD<Teu%d)cH+O5xztW9EsW6{H7?g@|&Ve*uN?I5l2w%Us5Ln
zoW7Bt163gkJ@}nao(YP_HU#a|vo|F+5cTXSzYEG1%E=qevXOG|Mzd@uj>zD<wwjl=
z$}2yT4?k-w@9*$;PWk89-?bHO>KPePrk;@zUFsPbQKg=dA$J^hVS9}x^#)D8lRrZ=
z&7TU5Z^UoS<CkXmK8qJS79Y~>gIyGQ`@E@>6g}$=&R!KH$7ZjZ3(|#dJJX8{54uoy
zoJ!?4<8zpWt($JhdU<>-2w#SM{`Ad`XbWd)C_E0!P;eZnq0l%pLxKC^xxPfMFSS0i
z4Bys`d&8T(!tmBj{JqaN!PM|fR4PbJfN281izUy4@SWOZVQh19VC$xibT&S`8DGx@
z5r3An2~n2^8V@v?RC;)GniQxo*^HzUjK{zoM5r<~yg5ZGROvON>PUkq4I2EO>hR_y
zNm8I`Mv_T^Bn6Vr;Ir04M?Lb?(@*F6(seZR=6afuy~-w<X+qRUGfhaEXr>8OBh54+
zu{4v04WzT_Kr@*-nt4k-&B!9UiDsG*HPTEIk|vsILe)q!O-L-wm^VoS&2-e!OkEY<
z^R><2#>=h^M^h7`Mw)3t(nK>&s2XXe35lhd4%kdbwnH_8qmp!}2-4zL)h!{?ifdKx
zgg`6aRh<-Kv^ZGxRSfpEPPWji?iIhU_ZkMr;M?>45^qm6@mAs{;_cBIZ+{Ijs^hI)
z6vo@j$WqSJ*1og*KVVYk1+ny}O!I>D&zR-~>7O&r3(~(}nir&h$uuuW|B7i|kba11
zUfdF8L`;^O=AxMV8=~=on0(@=<-G8S#1#9tzNL{RVp(ySS&7R`RK;b2?6^z@QCyZ>
z6qhg3a2dRhTcRSuxJ*r0ahb}n;xhGN$7SjSdAy3NahiHT9&h4mp1MIEFXCEpTiff#
zB009>hufX;`)){lO?zcL`J-1Kq@6OJ|34S3)jk<NWVZY7+9l)bI==d}_Q-g4#mw2-
zA>$vs?0>gve~iEHc~5*<x&wio+A-asw;-@<EPs_7i>=UDo}M~EG4Ppf>A!4xVD>8i
zI@nT>ADz7lv6U*tr>}cZ_-^%_27>55b3@iR+`>`oKH-Rd5y`1pL~?2rk(`=DB&Py-
zMwW`>DOf6uXJu(feMyA(TwiAW2@WDWeiFjJ7FF>XK-Tl$#ab6123j^13WO9sVV%Yt
zxGS6V{A+;2(0(;>QD7pZmlj3{toV+2V?KBj1#4E$P=pZ}CIe15fD7-C$|h36Nn&(k
zMu{Zm=p7<8B_c;J;FK_&;z{Ae*-K+aah_exh}gmidVp}Ib<hK4!jGa;OKf&SMo<nG
zIM7pETc#RSK3&Qt1;(Onwz?rBXb0ON9)zYms!(NPW+O@Tl(3ODH{=85U@@0~%;Y2L
zR5l$djfajBHrnEbe4ra_fN*L?K2)Z%$rvr0Xg7A$%}+l4G<-ToK76`(LN!qMbn%61
zr|{|G4b@!X)5RaE)zYVnOH||KGEBUp+A!C1;uzJGxhkVcR}RJ?09@z{Y;`b=+vF6w
zkm%dIY0fF+kjfy19}FEqa)_lJNUV_3!L80H3(s^$0UKoDawNK0IJk9ga+_1gBHzP;
zJ|wz?DuWV4n@gb_@wvLb%SpU>fr&Q~H#VDaGjZ1^24ivmV5|a`IM(=Phlw_SVRQ7&
z4*$bsIA2*52BMo-$aP<B9Qqx2lzBn?_&w9SApHlXc|rOSrg=g7QKor8`j1TWg7lx5
z<^}0LGtG-zqKJq?a?@NChyF@5UJ!?Fskb(i_LYcX#UN%S1~E|;g9x%?5E(=<NODmO
zdTUh-q7uRwL@ih`h>Eac5Orb4AnL=8LDY#IgQyoP28n`@$NLyoOd6lO$t)kGGhwG}
zj?tao!l1!<O1S16KkK3NcJ0IQH{5*I7qtt==l^p4;o5`ahd%ba_iG1^zvk5LQ?&oa
z-+p%D-P(QQAN}#`3fg<)gWvn<>C$;HPg!R!tBOrjBV&`^8Jli~c?EfmO<E?g>EkFw
zv@(!7v59&|Y@)^yo2Y5TCTbY5iHc=xqCy#)s7S^p8dn&bc60TK*d*@#qo{82F%)Y|
zl4>hs5?tKJD3cY8#Gf~$jG_>{nvzD*haS8kWfXQ8Z<I6&H}H)ODWf<e0Y*u~_<|-h
zqKpEIs6z;&fPw}zA`AnGC`0I?2tx525r&b2st~#;WQg#M2*XeTMF?F@j97(LG-3oT
z1kPN%lo|?rx%ery7sLqhRBASe5#p=VdKe?bU8xZ<Mu^8!TVjk5r==#v7(vsj9D6~G
z*x4isaC>H3eB<2A<OiBX65Yj_!!8am5eD7^L)3AmaUd^o;Dsg*h}*6g2Wa0Q_rHxv
z>*OBz5YTs+7@EI>UbMTg7QQ|n?eY2F=iIh*E{NdYreyEyrIHz&G1>DZ%Sp5rpRajL
znl)e4Jl+@6`~{l#O}=;+YCyH{7fuX6mo0yePpGq!bLum$|KfMb6u?=@dG+Kz*KRIT
z1ZO4Z)*F`1US6gM&PvX&@B96JE6S9>S-B2#?6X$we^!|SI4e2Ne$xq`xwOpsot2zx
zckSDGfB9vS<$Qbe*`GbWJdZ53`)Sc`u%;Uj-JWK2`(0{G<UKx+cRU71vUa&M{!>8q
z9dabU@A4@?mQb>93J^?#_jjC0=k5GP)BK<D%j5oI_<8X8+kb%{KK~<97fmaje;X@5
z2z_%a68^_o9ee6#CN|9P^{ZtUIHfHRR5%Hf$>W@X0so6s8v5xoL}bi96VkjG9<Do{
zn@)7cN7wbvuLbq|He9sIM7}#-C~VxEpWQg1sZE*g_`pm@a%_6o$zSp^$U2epc3+pv
z`?rE^a%{H48{3jWHQw%||5?@qb$y8v56$1Bp%}V}$KDp`=Kp&eDzOt06xRke#$H5z
zeT9u3UEju1ci#3FiGpflhkfwdua`)uHa7M6l}|}DR2%!#L8BWbBC3tueepvdm#C;V
zR(R==QxX}~#?JlHGyWmbQElv1D;N7DLIyVW^$Hss6dU`GDjRcS=Y)FXkafk5rhDfX
z*^iOwxMOFm?w!A}3Mj_6fA9Q#m2k%$JH7nB&=DLYZ(|$$yC91rV{!6);}kF(W1%9t
z#h<dPH_s0}MC(&3%l^g`28Tqu`#~tP?LQR7znfK+0xx2C%^Gm%O%z_}4GKcHVhRR=
zg3!O1g7KgrbTp>G4+=tSF$HUbg3xSC!Fp35dQq6#&{<*o#7{Y;C#WbfAgA;Xrp0=k
z(m$CN({V~qGA(xFl%8T*jK(QF&9qpIQ;KyXE#~5smN6~10-d_Cx5AI`&sq8Lmkz$@
z_G3Qwed85xaEdF(J8mB{Uh&d1)}4Oui@tM>@ro~e=jWf;_59z)j91*T_c5uT{QaYU
zHD2-7JKufjKHt0XNaGd%d*GL6cE5Vnt;Q=p@cR32x$W#{Jta~&g%|kWgAF)^XPf&o
z%zcfyA879D%zfJ2_mjI@*t+gO2iMavPIm{OGkTW+ma$<Og#}1c>rlRKWh<->AOs|i
zx*UyLW%dmWojp=!-yqE%DYI{oW{;HFH%PNb%Iq7Y*&}844btq9GW!N;_DGq1GkHZK
zx31vu>5&^x_`6}&iJ^7f4st^?iJ@76&|VU;3G^HN@KC~k5{^DIwR~*Qo88a>Cpv?l
zEh}u?y8AjWKRc1h?e`Gf>3764a4b2oH-mOae8Y_R1{r&vT=(smUyb3oFzUp-iyY5q
zU~)V)MrpOD#we}!)EK4Jo*JXH+EZhcR(ooU(rQnQQCjV(F-og%K}ds064GFjR!G|c
zS?Yu|V*B^9MGR>_LPA5@hWQVOFR6-TM<TR1#ZRIs#rsKg0`iIC14yoNinjoqz*@Dm
z6}_+~jV1C>5cLxNm!y#RN{@(Fe2^@p4-m;T7A6=A6Ln%?cRb&nFu}0Uqe(==#8As<
zn9QxiuX!aaMG2%uf8Iwa9(4Slqx0Q09rL>p{1+Z&$d9|l|5_gN)^*H(iaq%!!W_5k
z(AMH*muB|cp-V<33Ogl&i{AkLO%wU~Hy*I;f}17=oD#9dHi$F6X<~5xt%Un$^U)u?
zvamQvN!{W%K|6V*$w95(VqSgrfzZ!t*r=(6Qc3j3`ij+hx#FDwt@3hEuW<DjA*`uj
z+E9I){DRCK%$%>SMyD+N9a<<S!OQ9QAEib%2W2Hf7akAFWiNdY@(hdJpRRUK98WNd
z|0Ff^`Y`Xn;}|;*cm4(1njiT!^^<p$<SC$rN*b8|{<0Vf2TkFVR-tMRZD4&xmasvR
zArBa_WZdG@c9FA(U6f=FY9<w}H^uy+LB5z~mNHKnpYE@6V%|~@uw~*X18nG$Z?M<z
zdd-m8!tozNg<5{2v{TDJ9BlDe<v+E`m+H`Swi@t%X%#)DsZ#%#see-yJ<C~tP~Kgq
zob?CgU#Z6*^#|oIt3%JZa!~&A3i`?UMXJdeI~{Wv|8LNU*nPa{h`qao-p$S?=+=#%
z-|Hl{JU}uTfpN^0a`Tfg4{HW(hF%;qqbxDqg}Vwc*IuUK^?5Je3&_GA2LhZ&mY=mO
zs#&>WCzwXj#Np)rm!<(7P>wg?&OfI_B3G`(J;4O?tL5Y_SO2fez*h2ZsZYSXDp>Mv
zsb9dn`i~M@@@{E`fO++wK)q$jyQQ3fc~vk|*d|)z^iR60Q|_hbIG3KYZw8l34)9_Q
z!f?*b0V<=~<>2CQ6yM;)4ubq6G8SJfW6@``J!$;@-A;)L^W=(%bTRZAMkG-Lybv)s
zj6yZ)Jn9tD40O}4P4Cw>^=ljY%aqw&y{B9J)KJX3^qfNPejW3_B!A;4i=PDCk6}1D
z{xV(*YyCI}7x+^5IO7r<rQF2?%%eB}hn4a7z*y^$Yv<G{UU3G%_j5_s<)+1!igDoX
zz|PfhUp&2rUziZ7rY6#bwfkZ3JsV%>L-!T`3c^)WJ>2iM0A3NBYne44bdtqo;3LYF
z=HSc(dnQ+$0a(+1G8UV1QWhc`jBkwa79cV$h|(AF*qvz87}})cKzhRQ>87I5pe+FN
zVN^sbS(EivcVmL^mu1Gtrk?3ILOOQ340Bb#;I8g+u<I&T=2E3Y+IwRgwl8GSY=1c~
zQX=hHy>G5#s-W#jUfYS*^aCMPToIrp^9Y|>e(5>W_h2m1%2gB^_T&|g7(6Ovfw=`+
zy+Mawfl<Yt)ln4B;rlI$Uz|Wij-Oz!!!^qoEA9mtCJvG_XnPZMs)7)K_x(*^MTkNr
z`i7i)9b}VK-WP|B(B*|y!i`%MN?&-fPoOUf=nF-}=)q{Fsn5VpFJKMtMhLt}rPE%8
zx;m*Y>F8^_oV2Jb9jObCfjW%^h`OYg(2X+2X7aP%=^eSg_|z0MK@c99Y?zfvB|owe
z-|h+oKc((xAbJ+t-F<*0r|)unhA1V1fAnHkLiTaUKBiIL^>Y3L@Ne2kcm+n64ySOG
zrFJieL6}sHi*A!es<k^l2EoQo@62^g9X-|^Pmcv6q3W^ydz0y%@dSV~Qo+<9@}@E`
zrv=#k<75KQ9lO%0>DxrU?T~LJ<TFn!md4pfnW>fIgU|Zzt2!2$^^zW^Ystd6H_J)%
zrW<euDT9su>7NvOJE!(Z6~@o#8h`8cZ@Q>2E(G{0W118=-ZP#yB%<)b(bK!7Po3D&
zsF#1vm_D)}Mnz7cS2H7$IaV`ck}(fd3e4D_%HrJpnab+l;uSuD>85Gx9OoFr&n;0Z
z3>E7Zxb6~VM3Hq129sMFMOm2_Y}R}O21-BQ74UarIq=^DI(K)RVfG=m$&$hkWpHB`
z25r*wYAV8bF}JjEgUXX1|H7yGpJOru<M%#uue`|&g4tVtVlqSHx2-LH*kp#sKeB#Z
z&SXZ$pZmxqzc886@sqp%@rfI-ttw(u5AoP_p$z9xK9%7rH=YZg+*2=k0ETS9007vw
z)Mxv|7z7|XrANpRA>nxdLWT(mPXrJ$LP&5XK&l=kr22^r;}7T5#bwZ^o=?Ou76X!Q
z@NR&+VVm+Z(lpJ$cCin0K3at?m$tqg_k_&LiHt{7N84PWvq~;PJ2lc2N2)D!PyfVV
zDF^x98SC(HB67=l(7y;<Q-}kSY}*jzx`1sfq&K^TJdW47g)CA%IGpEtbICceSsSkh
zrCGttBbBbeOU4q2xO>9(aB5%*iy96td?iI>!1I_J%roE=6!dc(TTD;wFgR%(TkOkZ
zGk98x3;6fpQIJrl3tcGc%yy1$&UO|CQG&-pS^}jR6g*W5(`lS-%y!KA19Y8TH~^_Q
zBLGK-B95JYW3I1zYA>h6A)m$cN3gmBHr+!rMDK>@?ap??vD_2bC%T{ZlfMcAGBI!!
zo>nn2cohU=V(2P9v0`fYDn7GfYUC<DwPI@YDn7UBS<kPkd4*1#nCwTJdb7QFP$BLu
z+jG@SUpAXXd$ZEs<=N%g-nqU$tW8t?AX=54$@bxinn(_0L=1V<Gt34jXR^ytCaoc(
z{!~{IeVb(8c6uF|EIxCH-*WHUj7t|PMs#7!>G$)XMwID6i+i#?h2En!KK=C5=%W=?
zlIF6xP|_8sAfL@c(!5AIkR8b8=K2Oj(jk>}Fpw0;futiw(t$uyG8$@6(xE`o6_9jA
zc17W6kyMqNyNm~-Cr<R{UZ{Y)0VD&!fB~cez@P!71Hh00Wa9y3IDjMq$VdPQD;f<T
ztjV~!orpfzuvk`}Lcb&ZS*F)8Eh`wu-w%42ytW0F>#rl)(ENAl>cyXUu}_BnMEE(S
zeZf}7J`?!X;poie<4*%=<MzV(&2D@o%C6mvL&U>T-e-O&%8xTY8080;ABgh3%;&>A
zj!e*Ho7&Fbv`b}iN)!y==fkva67oYQs{si7A=mlp4@EaliG?CR6CP%90&z+#2A3|3
zbtZHEo@C~fCXvZ+pDFWheAH&}<lj^u_9-s+_W~m1>~#|P*<M%qt=>D4Tl=#q>_g%V
zILpUaKE`roIc8WU#@60nmk;P4mioNd!&+Sor29Y$cdpDEa(m;pxChfxaE^Aw&c!`L
zP@#8A0G(UhD*}&O;E4#lHUiI<$sLvWxGhFFV<C#oZy<!u*|qx?IFhrlJ_65_$=_5H
z-ypfb_N;bO7PQ+IN%;{Hw9wQ{P@Q%QxVGH_u4uOrh&ndyCQePeg|N2W0<LYhfGgT<
z`j9uYo3}dcrYvZ;Et0mIkg9eQRHxknu5Gt~E81-YqNJwX#Hnew5Z1O^z_slba7DYx
z-`FnN&78J75xdjuZ|RWET}C%HagydncdmTD`J0<PO=0;8jNHyS10Se>=XcH+_+SNm
zV5i}-a~q;m$aJUzX)t6uTmc^nnT}MzhYiyqFwJibnT}Q<jf70A+Zae%-LgOj6_Qpr
zGiZKwGXtj8EmNigm6BFBGhkZX%z$Zi%U1H|VE8*QXuI~S8+#o6x)<hZ>aZ}cp;2H~
zLxbytDbRuEb`Ed%SE<WoKF|E#QGS4VKgthQ;SW{e4_D!jRN;??`2Ic-*WAw0idyo_
zTT%@$Z%H*+g+Ek<KU{@BQiVSn;#W#hNLN&o-${Vg`T+r0f(;75l5D7&WVo7Sq?%;Z
zCgHgBDjaTd)^<ZU2_ya@SLQqbOL@#}*>CCG_Fb|t*DNCHuQC6R$4)dcES?yhaS;G^
zUl&h|AhlLf!$|p(8bWGZQiDhhNNND7UP<L=+%ZYGyRVy^)G9{ZT`)ARpZ7x@Wm)?$
zSPyQ_IC%-qQ%NT$360Hb{)D}))$DYcFibw-_-oVz*k~SH(HyN*mVhSD_Ud|105Yj6
z3`pHB>y_t4PB;KGSgqubCdscQk)5;hO+Wk8*FW?Aoqw#*UMA3<2kptGM5H}4pTV{n
zX8oL*By-o9O)@iO`Hhp?uG14N&kK+}@TYHtOcSy`KU3G|GGS1;JQ;-Aqn?aJk;v1*
zsMY5*7wiXkGWV1I_H>S9rb?QN&^WV_Nf@3kvM21hQ*b_EoDUUbqB?O`KG@S=Vr;WZ
zJ{|1lFL6p^ms}K<a8_fN93FDxq(ya+iM=1yy#ltOnB2gfxa%JwkNqonEFDmpJ+Lx+
zP-XVu%Ix~e>>-ueLo2g~AzK)~<Q9mtbOh3iyc7y!*XJ_pe}~>%q+s5a9e8ifKL|bB
znKFs4baD>+%_i5Ez?tf~K5vnNd&!A3R$kdSj<ov+f@s$w8-SzeVSxd&Av|&zzzvuU
z!fGunFkm(eXS2fs17-ugpgwRiU^dhX<w#B#FdOV8Be;Ua<fUhh%3v|5edfhhq0jgn
z9A}|*Npm=;dGJ`)I!8%Hl~;ZSGiKrQOe=kil|I%=Kg&uV$Fwe#N~|G=L7301e=qbu
zhR5t15UB`O?Iw4w1e||QZxp>^EC!&bV;kodsnp~^0K>`%Flsb8XkfBfnp>nglS4B*
z$I0q^AW@OYVF5fH+YSI#m>eMhBm_`-$x#5v0swUth0KwsQE9h3vI5&)Si5;HzP;dY
zo=a>mjBlRnMrHsv<a%-QwvXYO+>Q+w`b_TO$@(bcZI>R{KArN$N1^$-jP4^kF{oSq
z{{QO-*FT<qY-s*nZ@^NN&pxLEIsIc$f}LGFsbxodJ8>$4o5e>0EOs<D{VT^m3^~U?
zgiIJ4T-m>7Bj8St2ANZ$#bDo)H+Zgh%2O7a6kxoCFjfK>Zy}6U1sHE3jMfDhZy}6U
z1{iN4jMfGiZw4mqV|-*kpk;W3LJDl-P!KfEKLYIt;(`)R-|zTGv5i4<YDH)N#$&H%
zqw(jsSUR6?EC(xf$HmGz%wwtUxLA6J0Iby=7i;qnfW^AwV(}gVuv&LqtnNbqmg|m-
z<$nOcdfjocI}qggoYj-FEvB6#a-OBI9xa?L9JO(a5sqhDuq{6}{ZsV=$=Gh}^{wJw
zUuMcz%|SP!qMh0a$f_+&bnHr+VKFxS!+hs@1io0VYyEcEv-S<=Cnja)<l;1yPdYa{
zx^btyJjKd^J(>=1=}8T4UU01yR5dO=fx#URTx)eyjY|(<a0dm~TCi2)(sLNxA;Gm4
zW7W8HDh790aC@VrcQr2kjlmruZnW~_BA`MI^h5@Al&HZ<bnY~n`;8rS8P8J-4Q#z~
zxac_$frYCg`qvazMR-=V{`FyB;lpo2n~m=@eU^;}9l=PawvdfC>a_@4yNyE!&$vVn
zwfz=hYsV>eqn?Yfwd)kSQQt+_+IfoIsP`gl?LNhB)PE7ScA#Q6=)nkCyHJs<`Y?D7
zICj(yyBmocc`kONJ`BqodF?;>4tin=Gjfi@Y$EJf;h(@T<#5d=cFxV6mQ7$k6%&@R
z>ANQ%QXl7(=#%A%Die6bp*~u#>W;a;cer@<XV9zDw>=Af?Umv)13#Xh?U-7pndBAX
zPd3VwDtW~WUhhlsB(iw?WJ(LqzCH<(WNyFjOl~*3a7TlCw3{cpaEw21MP2ipi}=R^
z0c<E0)~*y0(=(Mgc^PLW6UWPmm`%I!{J3rl1X>thHzW%aR;Y+;{!|43&Z8bw&bsi_
z67fO?kLW?-T0BM{Nx3kKWZfC86LKCNpfj!oD%h<H2GCFcQVv2LObs$FCStz_{ob-h
z*vK`4r!yd(@t|f7OjE5VVi;-6Es)5QCP}Y(c4P&b39uC06YBu1GNx*g<s^V%LaP>8
zp%q0Y!fFxC3NY&yN^6-bFqkt%upKA%QndRC7tf<!{yrz>tX}Ev;JpLqFy4qmBIOgP
zzT%sZ-0{X`&<l>{FZ|Rq1+K!pmzP0;(*gH|rvn^s2Vv#oK@Q{Kt+;a#WY0!QZ1y>*
z*N46rI!9yPgi~TgPKm_}mjkhw0l3(KOUChv>u?@G7#43Plji`-E3PGQ5w#RQ3n2TS
z^PAgozntxXJpRKtOQ7ckky{()T#-d<EB>12PCDj~X6c`hzR19D0@I8uygQPs_ed@x
zgvN`XNMh2pu0QE%_IJoCY`SCq#*hW<PG!6k<((<TWksuT5QkXL#x(09v{w|vHhD#&
zri%CA>J@LtRqWCU&*z!`>C*m@9_d}?*3rDHnm>{HbV|Ib=1)QjZ!$)ZB3oGe2&x*L
z89P1D-}|7y3-NqX5uupg-v;u!qU{NzJo2ljJb{by{%zff(2-Uq8t4y4Rs82;1iNxw
zxQ<qUvyl-ft_9b#fPQiqZF@P}Ch&~6h@l?$^2Ogk2kycRL=zjr2#~+|8MJ-rxoGJ8
z{l7!%WTY0EU1Z8X1$8eykEK6j>GPQqyi<t6>>^W&cPdMN`3K;=fGNRyAyJrJWJ>W)
zW9hH|2)q|DC3ycq6lNEhQoI?K{`RlHn`KJyHV}o`MWz(*be8_%3E;h$DZx8~D9kQ0
zrFdtu^pB2n!O}*i1aA{jm|bK_@#a|imu}!~W=in35QW)ArW9{0vsBK~OPFHwm$u<D
z|F<#Fp2gJvjw5w8Q~%rpsdJE8WWgd~i_H3`QpMYmnm>6@pq$IpDSIRJQl?%wh17XS
zEwW&dutjE-?0lr=?;uK%sXO;W>H?;|yFXGdLu!!)i-avQt7P-cQs$)vrYQ5$4qWD+
zcL2y<P8cuaKa0VEy@2vv$WrH6sQ48u<z>7NlQ%7WB})@0p!8KN<z@U?Vd+IIO`VF;
z5=(g*e??gOYL<4KiPADlc^Q94Sh|Sp<Xh`H2FKm;R{G!95Cwyt_ae4=yyEY9xiK9M
zdiu;cG=+cej<<nmLJ(~l<04O8?-<Wj%pxEdj1-c^S7dP6g3Cm48?JD3ABm7>SolX&
z*+SSQBP{QAg{7?6v5M^@aXOMU16d*>BW>p)fwW%nQ8e11h`8!yAE7GfYCEJo$vUmr
z7BVSDt+>PSXX$p}93Q_fW<{896I<d9&Z55-t-x9Ii`gj1O#gE_?vs!mhw^5?0Fx&o
z`EN%&#oh|j3uo?wm&LFxy9wnBm*ax74rGxkehuL+iF1dX-Czflz;rHs={d!(qhM7&
zy>Pt*4aW2_)FXQtRsHTSOfsf<{tnz5cg790oY#T><f2pJy?8GBxUTu2U0&>B)Hfx4
zvJ0eWR!G#56tW4gSPWU1{@ER>7SU1&UMfZ<$@7p@8n1W((*9PcqSC;QJv8WFt7~*F
z_czG1ntCp>i!&PJ@-qXccSs~j7Jmg*bviN@x&|-7iBxAImrjTk`0s$B;{1CWZ$Z$?
zO@1KVZI@%qF^kCnP_gQ|7VCs-F_VuET-%3(v4ORx#I~RSRMwYti?qCKQX+g@GR60z
zL@f}X)o4VScEo(M_S^smcM{ojHe*c}@ZN96zm$Uv=J^t6tA%;K9{mdQd;`0=$~L!v
z8l6atz&4o<ZS!oD2ewK28rvkWk!|i7+Gc1Zk!4jHDBtLKBUnMqH}RGzU(Q>1ynF@j
zlP|(K@-INAZt?TD;&p-TkPB_`Vke*u{$c(j6eV)ONmT!Jz$m|sOmJ9?={HNdB<xF)
z5nP#!mEXd`60b5BOT?b7Y{^$R`fnhQw<?dQCZ%yoEbuQT%G(9SFEV`z(<NSU65f)}
zF;cK?{_BCMa}ka$&Sz^;{nr8s{UppwY?YXUBkd5|f>Y6!Nt2_Nc?OY<5F>??p|GhU
z=d;>4HC~hE+*EYn#a<BTKoqmOS1DKH$Qhdim-s%8%d6p&E~-$!trW%e-$->_3M!|>
zE8ClhzOfMUXPL$Sd54AkE3~J*rR*q*|0b|^Wrn&s4NJNVu>52$@Wsc6?I1GS5!6FO
zv}5_<VLg?)7v^uK?C$`kQ{ok8irn%$nT?mP<SkLYins1Wd8gdt<#*wZFPBu>ES$^^
za5DB)giJC&EfLu%3BwZknZ9<4uVlT~uoV5oDoj@rRl3X(e5WKh!a<B#>_IsSTKQV?
zDDkR#w``ldT(#}1iRDy?BOoDE+kUs8_^+a1*D+n<m9|~o2&Y6{sBJ%`(mN#~kK}Yp
z<X_vUs^(PN3W?Z<Y!7XPBA^ey9`#{`G*KHARZP*cmFqzs+KO%SK|MsU>UsSUmaW*$
z){2O2Dxy)AZ;(8%Y)3p6*&^j;I|Ba1skTL%Kk<FB#a&1_C0@BKDx(@#t_z=oa}@h>
zVwV`3pI>*RbAe3V{Y4-y-2|%n1CFkMy`QjykEwuth%l}><_|sIxj<<@N*LD{7VKui
zxR$VBpCpXyhWVpI+Rp%nr`PU8+<z<NU=mJRlA;$p^U`<g<YhnI*KrcL1SUOv1J5ZO
zDsSc?BILTUsiDB&jXOu)b_ihD^9hprLSEj}2@~g(2cVvD_*i-F<I0kF;B<ZER3;2~
z_$5;YR~Mpmk{!u}pLHPfrLH3b3XAbYoc`7&G3LL=p_S?eUA)1Ac6G=7x3H0@i+z3=
z?rS(_3RmD6d?xd4z`)*1E*Xd$wH)t=n0E>Dsc^0rkG%wZ?#I4Y9X<)=*V%0t<0r`@
z#;IH?s6#`wXf&#hzpsmzY2@X_JYLn&*`>;UGV0v7zU)Dr4XTRx;~kEGdoXns|L=qM
zxw6051NCOmZ|;7BuJnC}mrJ?;%;H}*0F!t!w*ij#v#=vL-dlJ}ls`wSI<?Z#7B8jh
z8DGd>eJt^u5@~~}0fH%cz_Su6esgkP_Fcb!1?jH{Uc4-Sp0x4u7kEpQZ{-csk}u-U
zmq%I3JBxW|Iqy<_XvpL?f;nGb51ICp`SW>tKB4$dR9F5I%CY%%CDUKl^i@oMMbkT(
z{wjHZwc(YFaq$TA%Hpk>#B3Zd)ExT>?BB=>HHqzLAQ7b(I=q#5TKY85V|a~r2eD-P
z%S&#b$#0)cZa@7TObbGEU3cW=1GMXTW<ksFE9_v1eMR1kK@D620WhP+@3#YpxisEW
zS&46;EW8Yho0}Hifoq?aH%M7P{<Jq|$oL6&ps(HoAICLid9WZ%2p4W8b@9)@wJ-+o
ztMI^x_*bAUTn-xlcVv&Cz_#G0-m{_M3nVbZL~>m&jkk1@Vp{Pe&#5MHPIW3nXhNXo
zfq>b#PaXBRJQffg@fBY0oXL}e-d%V$_Abj`LzVRL4*giYKE53YK_7oz)6&P^AR*rT
zBZK1Y;H`eci*03pp?@PKlf~kfvryCPv8;o-^H2(TRVzg_4-+6yr^Fh(B6YKXcU3)E
zUuqdzD~n3Jdh5m)e@;#}!qzyZ;)#VD@y?uV0sHSEkpA;ikcofVc6a_ldieiFX?(u(
z`j{pY^LPBtB)jADzq=Ukyc454F@M~<4Lp7+LfsYgo4OC{mcK_yVOE!X28-VEe<KIM
z<pvM%Sw5;x6h96w<-3WPDBjHUZcYCu(?4JuBlG)mPn7TCeeu6=EkA$@M~>X-*HW<&
znDsPttH8xOfH9q$|28DTSI3d@5vVh|cZ*4p)Kely|0}HPM@UtIze?~u3Kj`VB2S5!
z{_QNhx3-Y@T6iA|OG>DfDY*~{6BP>|Jr_(7<qoh#AJ<YTH<3mfQ$y9^NQ*@=0b{L-
zq+W92Q(%q$PR8y=Ut4<mCW@h_{%6<IlUw{W8~Q^^=oUZ2^p7?DS*Cx2v|GFdN$j<M
z4mYe>sA?tizYB;{B9i|tN!GTD+%V5)E!rgi+YK<u2J7%@%tgwt=74t54t|XL{*fJg
z3*~6vQr-56{RoTwU@G-dRA|+uG+tZub;yaXqCNXxLmExjZe}MX{civS4;-}^zd86{
zfMN5;f~DcuWSCSN0Rs3UCAa#MuiSnf9MqR2V|SsQ2Sn|>Q`>pQbL#bDMLX}TkD_8}
z3nR<%wViJ9R#aWSAC<VpFCrQC^cRpZJxw#g3W<R4;o|vs;#$#Or$i3uMk3iAzDV)4
z8@UHSpQLe~1AOt@xS$U=ozS>#q(>iKT^}XvCDUUFO$5OY$&s0U@lLj+YPR?=GO!>h
zrS`u=nfujK^s8s+7mYX~U|@u_!OJS;{|?9@|MC+X%g-i4{ukFrQ5%tASc>`vANL29
zii$Tj=tunTL&%J?$Qmu%@fL0aoUtq|?}tM?OaVl<-vuUQ`&0djL-j+pGft{2z7F^=
zfq#V=2!Lh~Sa>t((FjWK7Qak3cay4L-D`hYTwlNXoqlmS&LV|Yeg8bS#DGx9EYaZ?
z`j_Yr3S&zgJOzJ=W>J`4qIL_1FHtLn<CaLRQ^TD9G1Nu9xUrv8DfkQGU>Nc6<mc@s
z;3eh<f@F96&>Mj5E<OTovh|`%_{BdkZ?;MQ29;?%OvvLZdD^&Q-~NO}Cb0be9rK4i
zH$;XexND=l4X<rsv0Lab-il%b+$%#M+8zKu69O^4{yz{0lide-OO*cyH^xmuc_)~6
zf$RF<QqcmQ$Nvy)3cU;0pr-kIpBJU~d48DAFHnC=KLwZh)u)Ew`TbrLrQZ{!4f@ZB
z{=N+n$_F<^>B+e;ZO}P~ku|UzyUNHG^pQ1JS#y?|wj|~c43e0u91*4y^Dha~P|GjC
z6l(b;Z;A4+c;hPck{`kV$`2vi4V%<^Fk9)y(pAfU&2qe|sCQFNHIgguWXn7Gs=sz)
zdqMWiTpI~n!wUY0m0*zYW;p4*EW&3s5k7OkSD?(J6#taQx|w-LXup?OI`|DZK?e`>
z7PjrT$f0Sx<%$!SGO-=R<ejLs?ICU?A9IjTfkwU;1rzJ??@)?5e@{kW$Sm)Yr~SDx
zeglWTUj~vB4X+ILL}by9@(Mf-z<PMc`3G{6Sv&yOg==BOlc&16IhD{YDp~qZ9%_KP
z6EL|7t=Gk))Z@iY#r=Um9&6lYyzZn3)DcfAMQ1#Pk1Tb2{x>lwx(38nCUPlE>XZ0D
zfYd3D!j+0|n%s>IM6NtwYW|Nv(v6Kfy~oWx;ol>0|0Q_Jq;1${no6&Lor=$)KXs=9
zA5f0`1xm7Khb7Qgg6C^wFB<zT*Wz=B`D;7kUL<a3LLC>6NaXi_26VvGiv15xV2dR3
zMFg(dGiY!krDc{n^*{xxPn{E1{{ilwX!Gv_y*6Jd@mz+F^8%G$j9KP7HY_*)BG5bY
zU&Ym5$%(scN>4sw5Z0_4zT|u?D<*RDr)_um$s-q^g_{4cqz9dwCWhw!&-xfX357G0
z0qwrdnxv~w_yQZ=2AyDSm+fX>-UU@>x|0iMjo?YBx3Gols_jVQyA62v$D5e{3%L6~
z2G)e5H&<_Q|2_f}dc#(cWV<!*UmteeqAT6)I{t3pyYtJ=1-~CKDg8TntqUL2oq)C|
z4kLMYDu^U~z%@GH7sYxU#K|85gZqUvbGP_vXh}gQ<CrXV5M;~DRpI3`WI}XrEs=mO
zb@(Bi`%#)3(#^IeOny?!L_k5!_rj`!n(^IL?jKCPNOstk7#?LOZi(X-t5hF>Hv^CS
zD6?2J^X@+ag~KoSr|yY6zXSRLCRSk$>%WjG>flKv{D&wBb5Dgi8Mm%{i}OIvkAn*S
z2F7mjUF$$KgA1N4o{n1w7Vs~|z5I6+d&M)6RGeWSsc~Euwt_Y0@<d22tjEVcuosv1
zp9g69F~GoJBN;rd=}qK7y7ChWm}BApBF)wj7PL+{;wz?dFTN4$|KcWWdC(t{FYlBY
zyJRKu=2wg~weW1PB$!+k%#?yr38{(??=7tSIOG%+CYZqYaWDrw9c$%-pqoVTD)dyJ
zhhH`FKO_&bkt!Y!MC|CqliB3*RPi|EGWa0_6!RBplEoi@WZ^aFw25qb;fTGEdA5tP
zjEhH_n}Li+nNtqh@>&ktG8EC7P3tJ&7E;%PYx+9o<1ckC$aXBSFE8rroIilsPLu7L
z-^y&4W^v3cHl>?Ph{%Wapk)JKjIR-#l<k%e8SVHq_TBInemvND%JyJ8>TqIifpog-
z^x#-u@BA&~+iR-H&Ogp<R<qzG-!S^<gDbM#FGt*4)`t%XtWIW^7dN1~2Nti(v-hup
z;`<VdHzCuH_1JsRAg@20=uh`AoQ5JPUl5y&EjtN@h`$RjjP-mTvkFPSA=YzqkiIh3
z^DNX8i+wjX{`&xq^gm)f9|MjPyDc`mV%ZAP4P#I45Zn(&pW%@Kx`L-B*hH^*1-s)P
zxD?-s3r2|N{|SSl<H4@Z`Ss^H7o@a-N&38Hz2t^-43n`g%7i_l+`^yHKL4*AM-o>#
z|69*-<NCws9w%R3hI+6!lEbagTYNX#x#Mu`5iV>+s{Bvb8ov2Si#rSX;v?L&I~2X1
z0f~UmCfbt`+IHlJlnv@}ihFU4orkKhrX*TY##pC=6|;=7e*ng@z%q^&-mTHnw{}?!
z77=@<%&nyG%@|4<Z*>yVa1iv9TDaVSuaJUz&8Xu)fd;P%M0_bFmodv?Mbc5qxkf_X
z9XW(LDLqZ{&G=9$l(8BkP+E8{$TN6}fk1Edv60DkOpT;OS6$(@Xj(L+M(Gt#MB67i
z*ZjmuiY>_qF0&4;N#m4Ve+*Tye#fr=JX1e`|1Z?fI`COmT<JH;ZjgvG0b5MQz5sn6
z8u|}D`!L=^oku5pM{2n%uA?s=se_;Qh(<7eg^lMXV0}7*@%mLbf|GSea7st8vFN_E
zj^MNz!R9Mu9KoKBV0<A3BRHcY*m3bqD10Mo87xi40v{&CPL7SAAB;Vu%fZ+?GB*3J
zm>GNcmMKQ*VQ8<r@Ge@mCk~+a6pYI&K8<TGzi>4QI+FeV7WBo!F&G3=oRne&59)4B
zDz)%_luUW4h4%ry3$vofL5<&|%LSU?=DYkJjF1B=Ug>91n^M^n+LY2ZrHgnZ;w9sP
zoD$*q=__$o${?=tVZ(#n=zDO8I(YnR=+JS3Js}P~n}}R_Hi1{+;tM_^U0)jRI-~A7
zV;pCPy6eb$i@P@7JDV2W;-Q=qn~CjNQXNv$k3AOo!N=muLO=Le-!k!oe6GeWfoo~U
z$Hmx<q~V#ATAD<aOB8fWC=MeTClrS>5l$mgK~AO-lH(eK@53I!aUaYfJSfr3Azmhf
z&MPk9UQPn;6?Y)n;T2zw8$SwnBTG^!aTZor%o-AedBqD^p4Rj$kX8?rQNSx%*nzbA
zfMs(24C2HV-?9S!j}wKZP82V`Bg}R&`>rtC&Fq`QY!9=Sh1p(acZS(4vXMHvD%2sl
zXri{9sEkQYjOW0Qq<%^S>b&VKY{}bs;Z$n}LY7k;gOx6P9+QF$zFY_s?0B%hbN=Ee
zIC(N-ctB&+2wOQBOYa}+VtjOv&K(^~68f*yNq4Tn&D8Ar%cN?=MXPEnF0PGb4%Ipl
zFQk>2OG(3IE+zH5^33)qv{|P>D;9R6S@?{iOnuVQ4n1tOa51A$Gz;o@u%{2lSJ7yU
zEt&YpFipywp>y%Qm{Pzmyb(InS%hdEbp|ne|NV8o5XI~jfh{vmPY%OgPXqqZ(jPU!
z`cn4D<+w~(u{Tq^mf&&tU{B*PJ89wX;3xBkr=l*h^c0I7cbw{p;b8^M0TX|9I<(8U
zKSY5b3&$tVd_Ds*g}#$573WmtJ9C!XoIm+|tao^xQq(Bu>PyARb*5Cu>i3Kb#`hK>
zinuuK6?_0{VJ!w8W0oVjc_wuuW0?o+E@mCUiO)P}-G!52G<;{_RNQrva}5+!rZyiO
z>X?5!D3aQFo%44fV?vSmJh9v1Si#s3tTk3RKGt;tx)63m{$d@`C@WA);o3!VqBA#k
z9`474vO>v&lupOjry&q}>lWPLYd(it=xc_6l`6gmplIQO2Mz?M7Y?U8k30NPGMQEl
z0E(7=9@yn!q&Z0<CZ|}uTT?8Q5SthjgewnH=*oksaOJ^bU3thnp@g`3EZWhZ`4?6i
zvu34{=cmv($6a_Gm*SrYmmU3BcYF{F^JYtqe|wbyeMM80?x_<i7a8erhVuVljq$N&
zYYg~+>(C{A@qW&hjzIHQ<HL5m%LkK-zreh;cnUBUZiJ0uEph|bB59dE^2=rm|H(40
zQx?>sbRFWv=63|~7wOjpa~`Cx2-YEY#tOd);7I>Hm<xR&_J65+6F9kwYJdFBz1_F>
zNqTzHJu@MhuuO8Do|!DelCVUAYyv7#feauC2_P9Y7rG}1X?h4d2n537f&nG^K+%Uh
zMFsRdaX|$|Fev&21_V(=5y1uZA^yJKbLuWV84&!v-{<rH&u98p)v4{&cIworQ&lU9
zt?Q5j(5A0p9pVLa<e#lWxV{0)U~Ql7<avDRBm)}R*Ee}xGa!_RbNMAm|3HqZa9uM8
zm5LR>cBJwvsJ!MZdN%m={|oN;x<;X21C%GN{*9q$BV4M-zY+Ga)<q3?KYFHR{1t4x
z<R_zV2f#R<=*JO9GdALc4#d|r;y=~8MiOdWqx2#zt`S&1u2G~AcL6o7Q3(8BSR*hG
z+^L7JtPyq&EW6M$YBzR-Ifw<_PBfizwXI92yYLPF|6M<1uzpx<=C-!iv3?i;9Xtqq
zFPsB8Xs4P3ZEtrZADiybeORThxO7Ni>5$Sz6vmK^*A%ff;KBsZaOsfJ<q)JdSUP0l
zONXh~42l|b<YjGxwF8?szIIq))(#brs8$LMVTjUZ*Dm5oN3c4(a^A_lPI_F-_P5Cz
z;vLq`r$uXsmtG2Jm}R|`i`Eb?_54d~h&|YpuYC<6!57)8KO^ghlWcD%FicI(7~vX$
z6~duSnk|DvEZ~J~Im31^`ayjdoG3Ol{9R${gk$d3R(+#+82>Hdc0)K<RjK^lw~KQi
zb$dEH>-S-dd;6LG$^71cbl%MTx+TA)-@|kqe+Nm<pSfL1LU$aw=jagjSN|BK=J@Zz
zxBlE9aIPPUIJwmL*_|LGqO;^51_+j*Z>52~l;aWBe@mEhO79G3xm*ixI#@T_R<Yvk
zjB3LUN<w{!KeUOw147&#*{?VhI3)aG%>0AXYk42~r@P~0UU3pQ9spWF_{I=k-wAo6
zZiRdFcZLHgt78{&B>X;_$wYlVrDk*CnA8Nqw+;c<!;pV+pff3QBy5^cxb|7}{pHoH
zC~X0hSgtu~We9z<<sSaGAZ};Y8J~x4pqm<d=>3+UitHjdu>`q2HqK@rolno99B_Vi
zybm7fD+{<F9e3l@JBLt`Y5{xujNsjZoU;?o+zDZ>b<VS`cN}3kl;v@bTZ~lrC&|f$
zJbe$G8r~1Y#K+G?!|CdAE}iFvPU1O!UbrCar}L7~S*7#J&^bWodqd|So$m{sLv*eS
zo%8A37CINu`R`%A3+cQt^j$>frqDS|=QW{oS33RBxf`9QgwEaRJT-LgLFa>^b1|Jb
zjBJX(gidrV<J=QY(T5A(ajGvzXWY0HU}3yAzA?1z%b0YIvkK?jg$mb8^!Xlxda(B9
zY@EV_^*Ch=)~GaFEGfx|dDLb@6HlId7#A3muYL7~78p~W3}d1ZtbcU;-9fdReKxoD
zaSWV($MoB|!1%4`x8RWuLFq}MxE(i`cRh0Dxrr<~pCk5uE(o;`7OhN=_Cc<*W+IKZ
zAq~f~Q|zzPv1=o#88<s`z^`R8*7Tt7LVhcMT$$a=(JU)7DX*iK`>#WWeS_uNHu&Oh
z9U!Iwe-GP++HV0BVE;C01IKsJ90;B`Ws2Y?2%kNWhY(cuJq!#E2kt`Ec?&@|7`!)v
z&-UK32<t32jnm4g7rnX6-wz(c6K;JSD2T>C74a#DcKpK;KI^W(K8a)boj6cWOQOC6
zAq_or*MBtdqa{(F6ZgB0et5lLjFyDg&m7$KHxi1AjmKz7)R#vw@PLqi8_7x1JBl<E
zLIQPrE9kr>n4J8-psvR9SerJNp>H5*?zA=cqdnPt6AX+2+d@rS%h?ZPt*nfxkbK>a
zEZ25Hof<jfpO9kxc{V}9Cxa@q(tDPZ1(2AOpX>ht9-1F&0(Son^b*aP@*PLcKe8j>
z(gmOc=7R>dCaI}4k+MD9!JU1?^gV8>l*=j`!Wx?)>kAQ%J8djeu+!#o8snTSCG4ry
zfIjYJI)_Fi*xDa4upV#FRLN2Q(V)HJR0Er;xV1`>Csazu75p4)BTfvjWhRlT!+{6^
zRfmI^DmY>~{r>`T-4)#WL}>kMMD?w<KZ=Nbj<?J~N8{ERF=g-=ZU@u3yX~Kfpt$3J
zt_^XQ##Wyo4SyXG;+SN=emmO}ecJ74^ZtrL;FbfVf}Q#gpcaf?Y^6!qL^d@5?Y+Ng
zMRTm$R>HzIO%};m=1C{K<Z>9oHu-`5Ewu9k`=PY+1N&QP=Z7L9v)3dt)^XxSrQ|s9
zOaiI6ted;d&?!;GH<Xu10%6D2{0s`VprhiF6EF}3$!HKX-%i|KH7v@>ac~R^jK5&`
zXbGoG-j?d{--GNV<AFXbEm=7cNM)gvOUjnApiEhcgj&mp2SVT_148IA?vh2`?_j%0
zJ?{BsIF&S+Nb4ABA0(Koj_E4E+XxUA4N=Y?1XBp12FpBH!As@18v@qO`ne(Xs4iCT
zw0|MfyCB$zjz0>6h}`g;fb=02)2uPho9Hx44D2UhiIFrrE^hq>WFpP4B|x!+_S@D@
z*2b+?C!E$TcH?ctZ3lb&5SSQng8O@k%5TsCn)KB$Xu`(fuN3yT3`<`P!?4Sz2>U*!
z`z*uKSHpyjAg#v=(~Wqn%UkP_1CzB!lbxM(hNcmDfquExo4|v;lWkT%4Y^<nmGVcM
zV7bVecl=MX6}m9eunDw(unBZ0H?&jXmZ8)O)^isz?C+7N?jEK?Syalu7GCCfh1oLt
z!YgbU=|*EAEdnFnye}o>KIs^Cxa?9gIGa#Rmi-0jTF|Y@=qZnU7oH%P9c7DC%o;+^
zb>Px0DhQzUhY_tZGW_ExXu@oGrt4S3&kF~o+o$!%I(G#X5nahRGkk(=Ewq-O6YRz5
zUG7Jqev=?w&wzA!JAz_vFty#81KWYR@DliND@-Qo0c`zI{GO~Gd@986NtNJs<`bS1
zhQ-a2L0C7Bu&LVB3~QvlT1^Ev<By{MWMoXI(ixuvuzn&wLSp_&Y0&pYMqIIGF0!U!
zEMWS2lQr`=wGWM-jh?iTV}MFMvaWn59Jcomnw)1-B9P<#gs`JQDaYS|Fiz5c9)P5G
zIl-$*Kp&^OJyD;I5_WcaADue<<}m!vrwBhfIen@pc~>#c1+hG^yecA>cDMd%8cEG;
z>d4oGkxhoLC-R3FnS~BYM{PS(wyCrGNEjo`E{yScyCL=KG;U`VHtvw`o$~z(zMb`D
z5M2bzSIh^Q7;mC6p(QFRbkG{xHwp`ex9nZdoM%E892;2Hk?60{u+K(TtOd_PR{l}o
z1nkB*twIbkAO;x~>j*KxUH|4-m9#hZv?mdRkXXPgMhr441R^oWs1PVu%z;AZltMe5
zFSiY*bpcy#>%_dlav2mBZv=G?u-FIhrIqp_7R9{39}29aI?5aSGPtRONgNRRPV8MO
z)E?kiG8#Rl_S*01Y&ZMK(`t)qa85JM>9v#SG-^7?pJJ>%$8g&16$;Ub+3if`$+yP_
zPzE}L02De&;F_Ty0@7iK0|e~JfrYY-S1Kk3x)a5sY~o??choi!hYm#v@Uww~=rWa(
zY0wXf*Gn#@H_X>X7bi1}`UWXMDK&l_q<f$o5-N>TYjxpVP@8QlIOvD0<!1#lt#4Vo
z|1FTe!=4FbTCjJuO}j&A1nl$LrhOH58!uU0wZF>ZE$fE1>}OQ&wWmG)9uy1%<2rV`
zlk85%-;A*+d`4M-{zm#3B14)%KFjc4pP(1tAT{n!(mfZ6cw!@8p0IH1m30*7wS?*g
zIn5PFrB#0Jok~)8B;m4XZjR7e|GER{(X=+`=Z_&&wz?*zLiMx3ZwRRl84v7g9D#6{
zNuB~Gd<ur?fI!QNZf@YzK(7C51oDrR5yVUo?T5%v1tqFslN-FsWW63)=hLw*&_ZTl
zVOqCAxp$e-ZO|8)FLY2?L_UX?lEPM@5$FF8yijWT40NdJ{}nJ1F+sIM(rO+B?}?eE
zbnSL_q_n>j9Y|KE=nb;@+rNw(9{4*7Ki<o5Gk&<|)4E;S+>%8N^-d@|=9-#&;b0b}
z0_!M6j9CO1!h+YofntN^B&|-wS;4ky90T~CkV}At{S1&)?orwXq=&T{y%LzO?vfUg
zQ%HeHq+dokz-w`LoM@;@C8w37{Ai*xtrP{bEGSAsDGHWtg5l}F5O*maiAEERFtVi>
z8Pcq{l8*R?&8@ARrdCVz3}FTmY`ei~<aXaAz7tI>no}ir@Osp8R%<yMt7W6CVjC8e
z)u5Hp&pDW5aKUlPe_B@Es{hiO$@;~Vuo5AuAI93U1z&Ka#{#I#D7`gMKLW3M#lXUi
z(pv*D@bOaxeiwksj?!BL>3%iU2S=n0kAu%ZTR$}MXhYwV8a@qm=-mn|o5U`FzCVOA
z<%vSJ_7FOtYx<nZU8Y+@OG7;e*0AUf;M}%#wB#q9UX)E~^Z$lCFgZzQIRT?griWa0
zhS_#t?|@{avwkPGWV2>P@Z>~MR|FVd7*nD`85=9AVxV#$+nQ(Xc(7GO_LyUn)|oJm
z0Uq_wvjys;P1!!je-x(c|2w|WvU=Ic_d(z0vv3Kgp7y^3Yau<5PYJpiSxfi1wT`-d
zivKAFdjy{V@M!{mhK~twGu;p4WAry<PXHRO*0BK|Sw$r0ru-Wj_)GYt1e<&s*c2ei
zPDSWs1RY#6G*CzjKG-bf;vQ=w7tcB)t^=DRC}8YBBa4|M!JA-6NfCj9fOhT;VoHm4
zAEC@>XgG&b{|^jTxCRbGXHTG2sqcxA^(3(hC%Nr)#WAcVH9by78lpSJ(u-VSG3w~I
zBJU#ClCAOvC0NENsl(o=cQ1>j^x~-rqm`FW4}eHYkLXv~Ldxo$tL?uZ=Afjqtln3c
z$sq&;T&(w1g2>$xBrIoASWXQ~4iFx#45h{q=5RI84;W=(WF@&H5i8D4df#9saYXLg
z9+9uV5+V|I>f9ub<Q8K^H8=G8lr@ODd>6-GdqV0Bcp2`pelVCRj6gOrx<viJh}Gnk
zG{Omn#MHZoxCsk-H*J{Zg*Qle93q_M)tU6ZOZN~ftyArs=UwZ)m@JM19+bm+7(R88
z!#Y0JwOQ=K><y5@MeN!R#tFMPanDm2NjyQZ-pxu6v?j?HO|k2l5H3_TddP*Q?6miN
zASXd1UK!jQ`?hkY>FN-si?FkmGLdFRMrPvJp?Y1OntAIUaFJ%>YEchW4GNE%UL{<7
z#+}b%u3XF+kzY*th`fsKu_gzd&ML$rp#l;|i0qS=&=Ij$`~XTp_Jsq{C+&ou{SOFB
zfu-Ps1Bv<}XiPH>K4$IpGvy2Kv>U9r0ld}CB0K(%9BhGAYFDyq<@(XUgPe}ao~iq_
zlKsb#E-)_LU8Yua9U|aHvw1ExIAF5CT}fj>q7p~>DR2i8Cna+}<u;_vy)aiv9vo@X
zYw%Y5K)OBY3hQjdm*_{fRY5;G9%0LnIhOHEs`BLnc*0PabrKA`>3RTakF7{e)b;y9
z05LFJOpeilxAt%{gOY^dL?vI{!MM8M!aFU-)eTp6Vh$3K&F;^maTCgwfK>xml2Sqg
zUGSNzf1oRXfn{b{V6f;gSSSXGN-j$BsaHr6shcFRsotZBrw3<>7M!_^s2!6smvr8J
zX!3znw+5;hMF{0XW?66dwasno6ISmx)Xw@NPxwXbl{(Vlvv~bhyZfCG4#^TvM1B5w
zWTis6A?qVIG0V{0`=+3|Wp3OAba#)XN_UyxGUUhk-@%bNRtq*iT4(tB46G=mO9!+3
zV^hrX=#3!$A~VideM6c)j$XO-VRlu!zs6%&-u<YOerFK!e6iu_@q_7Y<~H_S?Q@Rx
zYcj?7lPPWETGr=WOpO~yVH>A&d>3r-jbF%}E!lt**iKWx1_<lteqa=C4AI8VXoa0h
z*lDe>8e#8mh1Cf=y%lycVHe;N%VRBJlkgiQ?4s6i?;&gwekp8FPKM<Pn}l<Lut_+#
z6E+FwX@pI}8Qb97<?#^|YjPgf5;iH1j}kU1k1d2v%Hy{sz@Ek@RxiIH>{qR@X9@dt
zE9@U-!2XI)EUtyABnD$=sNI~jPKni(zz+QaU{PHO>`M$6l|x|PCM+t4z#bwjDu=*c
z=mRWjBZ0j{*rYtNa{-%_M;Bp}@|a85q&#-M4X`s&iCSLCV>iN@t+0a#8*hb;5O!88
z>{1Z;@r|vpj}vxwE9?~F64kThyBF&(>dyju6Jb$*7T7bagQ!0XY*(fiwYk6!CM;@m
zfgMX&*ycL!ZMjzs&&GrPk+&H?g=0kyy_Uf80OHMuc7#7HDiU*q5NJr9<xa#560rcd
zYHHm$^D;Zht-g@rt4@yyRi82JF=r`brO?P&NzV;;O~GBbF+`!4&cl0vR-FsFEmSJ&
z3>4h*rDuR<J2I2H-Qq~7qau!^>?10q|3GH|+XABCN$C>!{X=xdG=lA0NhSdzPL9g2
z1tc<>wa9xlX?UlPs?&{yY<0ewIWk!IVqRy#%3U%ux?Yju`0G)fa`lo5JI(BI&lI!A
zM4?c-4PD2axe;0~>*<2Ems!J+Rv&YWRoDsB0OyrM;9f(VqP>o6bxv$D14^t_qbP(8
z_s1|d7#w~&1rEqm=a;-Suvq682te2xo`;D6t?8vH`#J+NBb%0|4(l7}01pGE1poYt
z^wl>~cBX?`j#a#uP8rYQd>@@Ml*PG@P8r4G^y!oVEY4HtlyM-=Q|Xi;CC(b1G9tuT
zr&9)lILGLeaUjn1bcPBW8&9K?q*}Fi-cKiI2X&rKr;HJadj_3<C&?7&20C93oeele
z*JTds0c$nfwaZ}H@r&Srb*W5`7t*dI2w`z|mCIU#wB!Xe&qnT5#Iiq!PR>i3-??;h
zN>b-}baFOQ=lOJUB2woCaO#xKEY(It)OIm!B0${ufe>~HY~!4vY9zh2LqCK&sGbB?
z<D8*tB)u^hXQ&!UZw$s6sz%ZqgH;J5d5^)!Mbt>{YSY?+JjiWKhV4ukNnk7-xeZM(
zihDAMSdAn#7LMG(<n+iLOiqv7!Q}MFy=Waod60Y2I*4H8UbGG(7`Yd%g9yg{q<P?s
zsi{-8s^$^F*tD8Q1Y`SZ9ubU<ta(H*cHznO{0DT+$@%_~FlpZ??w<&g_KjeFCQRBl
zg1tzXv~L9a9bwYGQF)&W(~Drg55xT#giia_^I^CM#?CrEgu+NKmQE85oM_xiOUFE(
z0dF%Iwwe46N8n@+4&xfLj3p3`>e`Ik0|hX_B^=+i&&`Z`)bi`GWS<1vldvcOjyIj=
z1r2sl%~CvMt``rEg_uW3=%lm8JcL7%7_9M_M@UwsX=5HCftB`+d4!}^8ad_>5?yKO
zm`6xpYve#;9wDi%kqwD?ghaPSUL@ublI|LrqsXInGV3pbkxEJDssz_kkQv>o5yX={
zIrJn~8uw(E4n4`9#y#1$Lr?OlaZh&g(31?S@g%Vv=Nut>A>-mCk&Zb@q+?DJ>6nv5
zI_4yiR;LhOnIa`UnJWY)^Q0si!DO<Olp~nTn38-1lW9}(AWU@7um+X6NhYP31|SZ0
z+gLjGUm%5YWZZ~+WB|8&@XTGmqn9ayPoNGDb*WDP|1r*HFzFN^>OwksSM}5A>@Q2p
zkw>uQJUQpZaSp60@+M!iJJJOo2|dTvqL*9ELGtn|%tDZLRLkkiwUiSXziCjLlsCn2
zd*z~Eq&9GothxX*agBoNP9ixA`jFMz!KKZ{?G{K><np%xeiHK0t((Nac*1D>92L|1
z&!<K0u8>g)Ml~}gA{1aCB9yM-Zr*k8Rl)6vu1XynEoN(5^ddfp?i}bv7!m#rp;8Y7
zF%YG=W`n2p3xrkmOKkWf8Sh?vN-3n1u1!CUyIp46G}W(XBxYNCA8kz|KWJOitu^&v
z-{m5!XR9^sNWiK0w<pT^?pQg~HVzX04)tl(E_=+{K1VsA$ox!pkv?jN)m^m;ubS?2
zlJ5S9y<JIOYq~t6cQWv;f5rmq6g0{kr)(5z)(n&!?1WIh=--4G%4(z1618`rc)^)a
zQ~7s<mEWRKg>Dn}n_b=*)M>#wbcNO_>+x8GSxdZr6vt~Qj+X-gydd(k2oW&$Z$)(&
z#@?WDZ-_?ACZFt~aaVH20_F2<t6=SUkm9gTmuG{)!Y#bq6l0cSYd-jIjxFfMum22Q
zoEX^I8KbFc{<+%ez(Vy&$I0?$<-S^H{dowo<Z6@+dgr7?)Jq=735m-tepKKjKnkBO
z+@X+$?Bct`lawg%B%5eFKOvqZNr5N%MdNvac#<}$XJMR-qk2}~Te~^L)LG95TLzZu
z!!7>b@Nk7pxZcIYGCfX)J6qjzoOCjw3si2AWZl8JwU=Y5T+LL{<7C&f)m-i5_Xkzs
z;_~_N%fYcp=FS|^H~kAbv1m)ioaclq(#w#Djop;HKv3(4L(1IT1PC?P=tEQ7$EoS<
z?NG6lAXOg~I@pa0z!~`B9B5yhHJWwRT&QM0Zp_8<D!~=xKZweKw)Yaux)VZ3C%GOT
zMSryYEa6u|bs{@4Z_-)X@1vw<92aVIn0^RCsWim0+S_%{63JQZGxc1p*gYNVINZMv
z${-t5OKE{8^XGozdqTQm54^>WEsk^5oz1|Y#1h+>KDwA$6~B8R7^P-3{CFyHXDNZJ
zWs<c!9>*9qie)9Yb_tzk*R_}sI>=XQ=O3W!RpN~`vgmY(eN@MCfbV<%Ili3+-!F#v
z{uFbcQkB<$?+d8o7`{EH!}-tg{W>yj#WyMUqrH##h8OjO0^}XyL?_f8N*k>q71=*B
zRi(<=R?d+kNA9q^Jp(!Q|D*gw)Uthk)QPEIh;EzoFUA)=+&@38?>|?ilaZ#)My0G{
zANNv_Jm7TpOYn33zu_yg`TBR!>tm|nm&@2}UcrG_6TLsXL71qr;86;W!js4VKoRf>
zkPstr+RX4DP!I%55GlP4={5x%4}!7lSXTfipExz>FQO4#T=F5vO;wF%funM%NM4o`
z-&Fl$6qxLdlsO*uftgm>)cA+P$cr5nU1?-U=w}whH>1*)FohD|;FdICP(?=$y!-8x
z&m71)X)WNDQx{OcrhsB+`N}BYDN;Uy>Ud^5o3-&gQVD5u@H5Qa2y-gJ1VyF((7-;p
zBqJ=y_O*}|UpJ}+-0vqP(5)~C9>U1;#P0nWEmYqG0aFwQR{_RqF7Yqb9GN%PzNtB$
zGw?gYio>ym9YN)=Eq@g&4aXK}I`XChc6rr>yTJJ}fSf}75QB{){57y(XX=AA8gzKG
zk!th9^yfA|J*57U!b{XxfBuO$f}b6~TH-KdOnc`r(EL6eX<$<3tp1;osaxi=4KKnb
zeF9QGVt^+?@J-c!jDpqQj5-sZfDf+K*_O43aHz?f4>8`rbU7my$#DDa+HXV8j`3SC
z8TRfeduehE5#BryrE%Y)2=i<mCasO=1;c4MW0u1<njF7^n}^JD)tT-bN(ABNDYG1A
z-2*`jl>tfVdcv+f|D_=1oE#_%;7@%qfX8ygX+D!952_Wa)pU>}PpTEFGt)tiJgQbe
zj$>ht8BMwN*$^@`z7!R<ku|UK<$X|^G1isiKa5IDcqgFs&}<)J?bcVbDgOgjXqUhj
zTfcO;{tw}hOCkJ~2%&Q$R*Oh$J=1D1w*N>F2+=-Izy+LAxQv&xTX<sD@!7P{216n#
zZQ;KFAlE<P8VYX|@B${pgkBkBE;_;dC^x*B`7vYoN1U}fJUY*N_)5KdfL-vT$Xxp3
z7Fy8py<N~Hn%4#3>uCY*)K|CyGty~MAGI6wl=nr^<;2bhNb@Pr18#L2U9K?EiKWT|
zobuA19ACN|w046ii!x^^@%Wy!k;`1dn*;FH4cy+v2-ugBm-Z6A#cL_HB60r{_)zy<
zvXzWF>$f1MdJT0~N~GmIKX}VisALsQP)VphigfZ59@N-op8=e*F`RH!UX8F^3>GNp
z<53!*1oeCwBj#xa9LOf3nA*=n+m)aQA6}mabvjm{>QCes?}T0tHQp5{;TWgcQlVIw
zG`p4BC-QS^e+L3O9&i^1CpH+ZGh6*}bR68kSMaaG>{!ARI8#*Pz>MN_DX%f=>rm_<
ztd>Q)+H%%0E_jh!KR$_?El&4ugrQ-)OW-~Gm{PG=l$Y>I9SSdYcsIePR2sh)g^Z==
zD}5@KUYRzPI-^G^iqndn^}W${<~T)O*pxlD;jsv40_0V>U`BBUR>U)OMGW;{yx*3R
z=PK$?p(g4FBYOWbGM@OO&O|$Y)b9b)CVHGOtmE)ogCBURDd9ghaLNN<we~}M&43A2
zaSI3daDqlu%Vj-<8$hiS5Q_f%BTvHo-p{e^y&H`Jp5$?IBOK8YO?CYz2z(H{O}&#y
z8*0NU3~0n%Nau7JU(b>}3?gi{dY0M0fnG3_)3B!X_CoZWkRRya?E^<4<3GV}!Ik5V
zX-s1GGWsUS3h4MA9iq1IAwa4<8UINJrgpVIg4jx{w!qJJ(kXu_K#6)4BUm|H-5%QW
zG-`!+n%mx5#1vRqr)o!Sz|cw6)0p))7`@NDwdq=2r=nQat+%S~^_3u|zeWDgX))CF
zW9&o;p`<t%`EgSp<SE{TcxRwK5`GRyL5hU;$y{#`sP)(P!#9Wb0pS5Px877bDm3hq
z%3MnL83cs3t^W{PK?<AlhM3X?xTFNV+0SEpGvRk5m^RV`0(uX@r+=vSIh3x>dr>!_
zy%W}Tz-t5BJ0jhQY%<q3iJA>8$3s&nj{h6B01u<-9^ii<4`|EdAw>W4uu6eSNmoZ~
zQVA7DY&IptOuzNDfZ)iD4B3>=!RpFbb>!{A*~jG5GDvYhmP`@sQ^a)<Oz4{eSJtdx
zk=66UedUBqG11(TGqX*Q0Cmw%NBl-qR@n~jM^W^|l6Neqt`r*#p(*V%D6KcZ=CN^0
zfj1vExnXhvEWDERRVOSg=niS1E13ln<}bPX19vODIhw!Tydt<e2k>|6dXD4pAmDl?
z$Ip7c!3_<%4M?i?4v6SgNiKMYyXBgL$Q#dzE)=v=GP(BOjLDFTjOJGMP)8_k^Aoh&
z4T5}JXzVus4K`FZ*OT**KmRbTnqV}9C`d4p_-_FvCGo-8?37jNvGUZ3=6w7~O%83B
zw5~x~O_oP_Lc77dgt+9!Z-5nVj|W_XA-#5kIZjD_aaw~&4|oQ7PA|qfX^Pnwow86x
zc;ZrDMpp*+d&%bRb7<W9K>!8xi+CvgaxA{ZFwVZ>_<uyWaD?B8FfIJjAK(izxj)hw
z=ym-AV0yd+7;FT2s8mFfs>8<n+lT^`=p7sC0ibofv!1)ooLtXytz*y8de+1FMs>`s
zor0kKD&3|&c+!F>$vR8=JTdqGgsgSopy5Mi&D)cGB_-@yKHb8urK2GwL#cp+IsdHJ
zUkxOJUJrWu0G;MUTzJo;W$kQvhX&&ScF1~fkvR+YwbnE|d5oC}_S3CtAA_A^0{n*c
zEOaE$m-hm~xN%K8ceJRv31#Fmh9)#recmX|MUJ@rhv-5YOlwz|8(A;jM=@J?zr+XY
z<qyKZ%kLQ|RX+_5=XiiF0|-<(gXOG(bnQVs`?J}f?P0sz51Ax%H6WOST~l;@N%vvI
z#+hD8*!7vbhjl|1M?fTD*JtwHR($YGC1g<>Y5TlczUzG_%}=2)c-Z38G#Yd`{szp=
zI;Bx(x6?ZS)zSaKK!_)288sSSEY#zQ(2$iBg7Uus_@5*Ff+>1QBw#m~1q1|Q3J9^X
zZoPm$4T+)36rASG2qk*lVB4&7B@Kf7B7$LJ^Yuie+|`1s=6KFHkJXH_jG)3g^JC9J
z#M>RX6PqHl`Wa!7jLPkOQy&$nSxw%i7j7Z+3qZCxVn8DU+R55uMCWbNwEr!9DKe{n
z;kDvBG#Ot4{wcl?v`Rgbj((OEPRqXsmRo2My81=5!FlY5X081h_}C5l`)|P{pBpD2
zB_uT^_kqY#cMw-HSKIVr844ZVk3MNPn0&f^7AEHcPVY`hd4+P8647FUIf>>pRuoEC
zgC)iI=djieR}^-Gr2xm9s4qZ2sUN~VW%x#-*nbWv?d|}El=gFg#waa>#tnk}-5677
z8|5_TOaBuO#`btDOccH3T(XI>2Yi(3^-Z4ZbFxrQNo6VhtH|kOq2Usz;EZj;;7-XE
zMdV8}QbkywmBIBy3){(*5*P77mzzu5l8d!%O4qiA4q_!KYujMcOX!mB?OE0*KN-+P
z*uS835i-T#s*WQ$*rA|ruIf07&VDN7>m?o_2noHv<Cpa@JV@84H(Yqrah<;2Z=n}j
z_(=d9DZb;s6@A6e12DD)>rCqV2e}>7n%l8-wkF*1Iub@B-ik)l8#cH?my1LQ0%0Ou
z-WP2ubXmiZF2_hT3G!>F(JPVG1sofo(G}3>&qp*`Qg<~Eq0x)~b+Ua<te1vFl5;Co
z0$*UsaQ=>_UuPwUY!3HQ$O6!0Xx`@+&d9=tDy@#+=O_N#-RDQz#;_O4SYTF;zaDvk
zEvdn%{}~_IpF9kdXS;pRg6xZsXJa~KQL%O;-}62+wVXqe%XhOA9l6?jNy}8Ia0KQ@
z>_}7A&cDu1tAlB<4VS=;bp`nJ+knd;I-nGPOi)^XJ!bQPA}_arMQ-?SGMEO|j)C~(
z*U7tF#4?FaSMy5@C6iE~+`hkAPu_-x#p#QafH3$fhBIdZ_X9?S%wVSh>V(=?5ScRG
zB={rBFxTh|-WIM1TQ)5NA<`F-DC=1F7P_p%Pu6(_WZ64~V*-9G`z|nfSDEH$lmLhZ
zW=80A`YBM_G2#mqO$-JmD<_Zxhls3@7}MJ6Rnkhi8d4?_6aIgLr@7dS7xFY;ipGm@
zN&gB@L&8+{&X5{nnb1e%FB~X$uvHVy+i4`5U!~FDcVHTLo;&I6Y<>kszbz-cT0qe~
zF0H9ZG(OJC=w(S%=FcxP9ni<-f6_y2{}tN4CN{3s2Y}%RP!9<n;Ko9FBfj<hxxH}@
z*k{oY#S+o=&OxdA5`Ke)V?4@HB%ZD>s5}~m)BcgL4wuq{(QOciflR`w)TMUts3`!0
zxV)B#49qj`oGCUvdCQ65D?#cTm@ke=olcW`_`gQlm&kZ|0v#L0{01W7iVOHRzfNnS
zd5;)4Io13DY>t0EadiDA46a_rVFs%g#z^UgKV=MDy@<D2z0kX5^`e07S1-4MX6Pyr
zG=)cao8Kf7P`jr6Znb}a_HV2GV%oo@_KRSbS-AOK0+P+|&_L7P3zK!K^ydxMnoD&(
z1Y*jPk*Kn)G>I5#Fl%Gd!54ZH8`55yG3t!8Ti=Kf|Lth+m3HHMh=@~fzhF7dDJz0h
zNr;<V%!TD)E;Qr0wB{kc+vTy<Zm^nouIu|S2a8y{5uoor5TqXc2*^5Q!25!L1ZY5l
z)PsnyK4U0SCjJb{e5v%GE6`=In#q@ii?83n9ww9~2W?qyWW9y!NWMalUwj2(8Sef9
zTrlP@g;$?kic*<7SJ?kTb-B5fB4q#N6jCW6o0u49Q=RNi;+$J2E(W!|&B(r<<>y>{
zlxmwRDsGzSG&fYV$nkUuvFC{*=riZ`S_0ta1(pf@NA%E_TkpC>={Y5!Tklu<I#cf;
z=B)18qUBKLdj^FD?dJRhe!{v8^)-GMYu3A%$noldtN_9jabc62)@S?Xqmv0szRe0m
z2ikQU9Y`f}s+T2a75e0`f^?a9AN>_ZIO1##<MjEv@?-<qi}7_-`7j~ga8{6NEG6%F
z3cVA3{%(vDo&zf-{oPvt+bTo3+BIPc^^sm~EP|>3Q5OYZOCaJZY>XEBZtcP|+fFgn
zaT%-QX;g>2#D!D*tR)<+dj_Ba=pRQguBB6p--Xak4x8$pc7uZ)USg)?0GXT<tOCS_
zK)Kf<SFJ0Y7v?i(5?7STeno@~mt)JWZ0&%vvEuqDa^P;u;7lbEgCnMSm)BOp-=rqg
z19t=soD+a>1qu}QY-IYI7;KC%r7=NG*Uk;1*s^n5`vm}+EzXP%8srBKs@dlS0gKu7
zduZDC$6#{fR|x_n)(0+K5pgTIRN(No^MkmycR5RxFXjh&i}~2Fd=WjgjQ73oiv{I?
z=2p$XNU;zLD({H2S9b}nD-Q>-j$b?_e!vAmeh4F{B_G6whI#8~T5%dSG^QC9KfIak
zKi<JbhBOk|QJT1dYGOg~fEfp}_aUM(ec}w$%#h)+xij?}0oP`pVS86G5N?GkmWxH~
z2S0&iGaBFj1?-5w1lO%>19HK2E2UCRTE3)egr&~fz=iPbjNR_gX*3L{bKFya11*$K
z;T{$6S=b5Lwe6@&^j;L(y31bpyv^wxe|UHHG{?xMU_ak6?=QiAwKMY$Oyx_R^>{MO
z9!xrzSo<seKXb~Pdlz8joDK}?zayiJM+hl1cOa<jlQ|V{+;3WoAU89J40>JDP6sBN
zBAOBoqO8&K76rD`Wz{B^aQcU0I8pq~i|&*DSMcQ#`VXT1pxx<mhkztuJJOLZmlBVD
z62-%dBNB>K$-4&82E~iKciK-OKBe%FqVqvz>HV%MtP2wJYI{6{eQau+GJm#wpFaM^
z)=FwSB_`ff`x%Pp)?UC@D1nxC19o>8UxWrq%5oy6RJ4ImSD~%CMOac;_djm6>E0IX
zKex)C6`3LIFIr`;KdyILF8F=%>Of#_ds|RAFn`|FFhzf0XO!`BneXUD&0YtOT`WSC
zjf3L@hr)eH4UQR{>;q*k3F{`ryCODE4)o#li_C~R^vbo{QHDhA8~DbGtOFK@sBuXK
zIu9eDi5Nw$yQmB$s!Kcj(`EmU0F8x1(afbo<=PGxGu55&jip+an?_|f4N5^0V#g1(
zguq(L!ObO>wV61J@=0wE1|dbH%(9bBe>uvXqqKQBytIuX-PnqinPcUt8_P32Z$nyF
zGA*f-EN)M0IeZ48AK6M*W_5Hwv6HETU<Th*{cL=dbn4jGTLszwU26hqUlpZo`=neH
z$)@CVTfQ2<2rt^EF2v4>;e7Zm;3-yM+>P<rb14~}@=wOExiZJUNzlyk?-m{*yoXK*
zrk?Z{1t)VW-K&;TZ_0bcq6*(?Tl-iG*Xj1FIl|02Qq~gtqaL^xGi%=m05?k}BNe`%
zkOsflp+HgRf}v)6+6{(9{nASoy27h)JYPLkdXv}EtTC*mnHJX4Ol!Nfv;hAv*3!f*
z;N7V;AFQQY*U!x571qzhQP<B>NZ#PZ^)nq)ub;P1t9AVx?I8Tn;6_=<j;OP1q%RWc
z_&@K!{ZJj*+T9o-N}%e01ohnzlm)@5Z`#2*f&3xqODsP2BS;yiP9cz^OrNgtBXRpS
zVg&jlrqCbmW8znwvk{idPQ|F)_#guHF3VP@kJIM5y~{?nZE-6rvTpCu3xCsle6Cs&
zpH!;%_>tb872CGRZN$AB7Czm(Aa6X=>D~n+y}QCQU0IP&_byrZv_$Hy_AcF`w)wqp
z+=Bj@w4eiStp^Tx7ZzN?v!od}p&2$Ld-oZhFJYa{bN+!qE3@KC7+0=6+2wYvPW7x=
zrQX+f^|vPwX>SuL2o9Aglq9)1-=3_rMnDRwp4I8DFojD0E5#Lfdt!5;Jz1WdNToFq
zq?+Dgbtb^7OzA+yy9L8Q<_hlL^ADGk{1|xI-Ip~`@6CtA-uwxT`U?o${3)%K=Fe!z
zlBxNaSUVg}Da{|zkq~d(;bVKBL!7ygQ7}>VBgzqc@BklVzr#cE0P`Y@cv6iC00(x!
z?G~QfJ2;FRE3&EH>`*e*TaY_1I=J`9eEi>lF7#!~^M9IN@-Wh_-H+pl^&`+s1<d|s
zz7)fxmTZAvrgzYPhGb;%Cb*bX+U?B_I~829fjuDrh6vc}T=)WzbOG4F5ArSyEo9h%
zj6Vk{$PFBaArrp?pUR?l;+=5hf|DRZrZQ#!>wqJ|P>J!|Gwu&HXW&%r2$Kx5PfRY&
z-Yc=H!#$p$PGKSEY91m<D=#F+$t;buZ5<nm6=~O&U1FbNH)!|B!!#cyw9<S8Mw(-c
zZkj(gCPV5z%bQW|4+$+`%92rKf!uZ#xkuzI5HA4laiKOv4~#Mu`4Ne&GUlM)IQ%%5
zo@i@5Gn7P?#tMVFnKSg9+nX7BM*AM+fUgn;mG~5^QxavG)alqhd|_xBTM5gM$AK6k
zWlYJdtLz4AU|>IXr+r#6862*lcba;Vo?mIQ({N8ctbV=_!xXAz;(@Z598v~uyG=se
z^86I?WaUcvNh9Y2*AJs!6S#zYMXuUudtc(rlb$hDaG)Q$BAW&sOD%eOB2#b^!**r^
zo-s&_1o{THHD@O)L%xr9A@L5PW2G)R9=jG`82mRZOWp{$?cIiSrQ4xr754or^0mD$
zDr}#9ucp)1KvR4h9OvF=5n6|OgBf6zcp>_eGWaML^Rgvm`D&$Yz0+4Kpke^CSEH_(
zR+j<5NrK`32}xr$a8Hz;4BmdW2%e2#wa(zsfRbET>m1p?)FNVGSh_SsrL3p~luA&J
z)%}cqIN11Xh#CF1jU5(NPRn<@5(}lXrQkXAV@Wi1wa~`5g#C>jWMD_TLFyM#H!b3y
znS~NM9cT=|#>S5M?J&T(uqtrZI~-yE@J;`)8<KWUvb+$NySJv_k|^Y!*a`bG(=~l+
zj;4<e%k<Nd{^b7k$khF7cWYp^_OC;<;^mZ!?PWmBNf%tv6<_37#U7c5vrhTyoLe4$
z5*eks*7Uw{<>oDk%E$o_6mdjabMRwrE#?^^x1!;CR!cayt9PF*ZZ|&F_c)cSacgSe
zoyKHof(R(xWnxI+r3hSbx~_)Od>A7$DMqGibuqC+kV?0tQcOsiwkmjFs?G-U4>9Cl
zFv&fI(wN!pSF~1|&(H`o$$ud*Zyt4R|44g--|;8-`2#+3oHa<Bdvg4HJ!$JPgvn{^
zd4w5L=e8j+2t5Yk;rPd5y6HC#!x29bixnNLQlQ+bJFtDaJcpoj0R?uT=S2rCn}wZa
zv+<*T8qXt=Uen}{{vG)B;8$HNhkdiv1Ld@Gwz^afCugg>%UR@Xbx2P6XRCANV05-R
zTTUEjtL5507~RgL4}kC0-M8N%<qbNYjsFg%^bP{R`wn`&UHd4)x&l?N(}B2pRhqv+
zShU}7X_TA4hJlTdvVc|oum}bDh|F^gI`Ce*!RB@RWk|$sFy6p!4yF+}7#k#sM4oU5
zq^d`Q_s%il85fKNBRdE>jWIDjgfR^!j$&dr*sqo>0l9X1_gz_j8TTDJ=%m@I7+q_!
zSP6EG9KewTv90w6^P2{f^<SN5*FKHHH=ji^)jqrSz0lER*PaU<IlJauW`fz{&mpkg
zV3hIS^CQ(6)mhY;rNa%(v888E*@3)ovjHTAzXoN_SNB!P_`hMdw5`zLcy&PKo<k}U
zNJ3r#pn)#<jfH;D9N;~0OwB06+#V{!v@B6=#a7zAtfR8=OBAAect33kyCH*DfZkV$
zUAf5s;E<k%fxFjn+gX#=VybuAO1!-mOR>Sx?g+g!>DZDG<6s70I>nS@*mw*A-5Wiy
z?XWA`I?)^!_C{E(gKePjcQfx!X_=6Il!c0t4@$_J1<JE9S@Lkw@wUfb@T-;3ez86;
zn93xIe#sJp5t+WmV5X3YJG&Loh4Y9&a^>~$oVvA=VwEudJd)Glqs3AC_zNL87Fclh
z_e4YXueP1q9ZPW5NWH@jg?eInyO1^Z8F3DLPtZ+Z&7l$_#asta*PDN}3QD_?^t5+h
znP&PPSQ|di#HnWdUL0`U$c|f^$Dr)ewYT+Hr)*@8t{p@ei=i-LURy&LsWW!Q*53uX
zg4uYCCiYqHMO#td%Pd*`#84lw8-Iq0*Ja90TI|M)1ltYzDz75tdXr#`@hHIur)dD{
z;+@YKMx&MIQ)doL%h|x9{v2tUV^Z9<#bi+7(;t}0_eCd3&UfpdLZxoNDqlp5-VcZ(
z*XX<lS^EvK8r%gPJH)6-6!G|wJwt6=yhXT^84U`-fFv{u0PPt}xFk0LpP9BwIC8&A
z_)N#T7{umU(nu+H7TgpT0<NsaF@kEBvrs~yU8Q1rli`xBK-EPqIgQ7=3+0H<d}y!d
z7n30c;4v5ru$&1Cf#sA28=1Yj=&q0$EAorc;tb9nOqM+i-rKc0?wU@9GxQYpGjy%W
zFFp^^D}_oi+1tAk|Eu%W^=|jdQi^DHt;rQr2P6=Jv^9s{Ed1EM)dREy`RYMxnY~)g
zRr%^}Y9ks_J79rV1%ZqOp{C(7#$4_0u%goCm)kNc2a-0HfYa<uy8d>YJeGb~N~8`T
zF`13uT>OUc+a159_#KGfTk(TjQpU<jFxTOC8h+#WU4Y*Q@%ys*ZGw3{emCNm>fL)p
z3U>`0@!#T)001qu;Xd>*n1>tl3S-`3%ma*hwlR+~=B37bmOT{lziixl8gn;e-et@m
z8uMGmTxHDLjkz~XUimphOD(wx8aS8!td$WsMB6ydoF1nSP1k=yy6ZoUuiQq@(T@AR
zWwg`8XlDpquPEFc$K;!lgN{jvEB=Ck(SQA`c-o0dr9A3A%0ws^T7%l-->XDP&RDl_
z4?9r~;@NXBuB_(YkQGKR4Iy&PzY@?pz4<>h%gvWy^xL@Iww%=Lu6>m}kbDq~^fqao
z3!ETVfjpJxAEzv59Hpe@-XIQ})^dGIEFhk!oR9^QbYKRgfs00;Q9$o(Y`PuA+WVbw
zXPCkmfa6LFXUYJ49E-$&f6kn{@Ex7sZZ}xh&Ng9|`kgsnn*;EI-HiXp^fnW~%wnS}
zHR1}5&>CA^LL3YuCTaI}t!W93DYC^qyVYq>Vf{JQkAWrWtWY`7NmdLdgNir74%R8v
zl~_Vu0N3eSy()`$R&2L>l}V#LA;^p_=&)UrWqTs#2QoIgpx1UQCIU1(LS({#w%ZkX
zM`eNZFf7MZ(LjWqRjZ&ZuKD5K*|0O=;LaoLxWJlo@@km;bD(`=H`w1s#b2va%Z$Y*
zJ>)^J>H<^Ik0X*cc7UKXW*CEgT4Dq_Ykrh{=-kC5wd)Uqoz^;)DmHlFA&(U@09<E_
zu0bArwYU)M$!HQ(M;7eN$yG*^0FoYvBYQD(O=`OREitmK5nPFoa92#XlkUiL$6#2U
z9|S|CFh32Zc7|136u|%%d^e0YB`T+x-j&8)-D7MX)46qITwr{4o&R{uA3O&7QMUgi
zyGyyGvV%^vrLW>_+v4|<*SyizWqM!PVgI2Q`_7iWE)CfohD3jGEz11(XRD$#V=XqZ
z7HF(qk7l>iJBMbENp+@4bq7s#mJ{T^lVkh8C&swYJ6Q%{QNn2_6g_(XDD026tQkKF
zKEt6%vEZhzRqsHGxae7KdT?Yb$9bHonMtFvf0OO~2C2q^s?|&v!iD2WHIFkMHa#gc
zZoZ6EDF_v_buRfO($cvE=M~<@N$C)K&JPk_wwmsA^kPxaWFJjf++vshZ8zwJT3LO(
z1S)5%i_rfFtgO~(;+TU7Z7Xp&LjC6a&tVs|X$;xQn7!y;;>2hud6Z}Wgzf#9C3Nch
z0-t7zco=&+X3xazStjyC7;jk^52u7^mv~9FOFZ15E*=uGr}hQVdD4xUxEqoxu;k@!
z??GUZok-5@%<{F>U{444GbMLI$-eFMT=sQLx_uZg#1Sg<c7qvh?d!4|%w=mIRJWMJ
zR{z&XitS6VzaOg^4#o-{j2Su@Nga6dDP9>lc<>o01Cufc?DgTkJ9G~jO;`z{A`Zbz
z=7)C#bpTBVAgkR-WnvI`cSE-M70!&JABSD```KJ>d2=(5G(q<_Hw$9v+T3iX#mgfR
z+bgi#w@{(IgYJq3PikOj0d5x--GeEzn=nC|4AcJ*`gfUlb*nH!g9Ua5)!6~1WOy?*
zp-hyg&x5%|WFichb!V$Uk1TQUtF>Jol#YF0<6I|km|oVMHAS3}C=S(#S#R8R(!#2(
zMA)4{>v`R9swN2!D>kPgY17d?HboP=hdfE4ja^Cjeim%>bt&TmevUDCqlol|goF>E
zuf0DUAnTx{oE5%a%E)9zttIQY6|{F{M5nt35t4C}b8w`JT^cPSSi%%!q>huq&x3ai
z*Hi;(U7io;YTslv2}|X6t&lDS4VSLernOxoKG%V%@($R|bg`uw>*qoUiY)D<zAv!X
zURI7<_I*YR`@T4&@81$MjZ&TtgbFB6DQ52^B2icwgc8;e6$xvojf8z&bOoc4iG{R)
zsf7+Er;e>ocSwF1UdRu_3i)9;Lv^AWlUkespUJf-Fyu>9Q%5_#9$LscmB`X5Ms4qT
zQUs@2MuM0R?}MvZVaDhugi&Rc?wHEz+mVC>7mtenD|Ro4EjTA3rCm&HF=alg14r2(
zYMtx)5K!qAm_%KA%moN@F80c3gR%}MMYCt_4*%NBl33)b4;Q&=!wOq1tJckV+5uO4
zbaS4;gW0e&;zrdmWp6JCe@IQm!Lu+psoSmG%LA7LGM=V~pjtyHG95xc`}c!5Ro$lW
zAQY@du5OA~V9<zU#qRCYLcIYI5ub*}#{wz{{+n~!g5c)$T_8WR$*`<>iSrlK!5G2J
z7*#`HS!-R_2>YRabsi*nX~iO_9#cEBR?I#|umZu*$)I8gRX?+QNQV`Z=nV_v_`e1v
zE6<-^n+KSB{2n-MKx0cRRIZp;qLj4wHzWMX{*y$;Kz;{^GFzi)#K<3x$cwzoizo~K
zf{v+dQ5C70#%~V9?1M4;5bbtjJ`64FXz$|HtD1CA0xy^v>`e`xGc_2Ct*O#RkDLOG
z?zug5oq;K~%>_WT|CgrR-AygBmNwCpf+m|%M$ErbsCGPPQmM9;H6|K?HN&3HP&65d
zCPV95D`~Ao-F^&nhlnX~#*|WsTq<DC?FO?YgRZHOMb~u5ZfnYhsfG}b>H1G00oaMX
znaX>VO*LZ!5{@U(S=gnH3cD0~&O$|sGJ>_(c=$NyGeeBD%~v7-8g3Pgcze=43C#AK
z0?hWD0?hWD0?hWD0?hW@9?bUK4vO{^m}$@BiD-jgtRjbYcDsgpAsp9T6iW0~;dh8J
z>8>7US1#i)$9hL*HJ@DV*5+!Y(65l38hI?VG+;`@;0S0uaFmYRv1gK~y_?l9^Eq<k
zSUVV|tP`}}yPHzwj+P?Plma9-t(Ck44Xht<q>Bi-N%vYgGqzP$2ne<4m+WdxfhH@0
zCexrPg<ziSe>ZH`|1_fZA9N<h4muW7P>*uH+5t}{mA+PpiKt5{1PDBtl9iQHY3YBa
ztiOf1b-O;c25A|(^6HaH^8|)$Fnsrd879i?)!NjnnkPo-G*6O{{G#2J`|L&L!7uCs
z+)3jO+8gkrWR>pfGH@|#$Wgu<@%!O;5q%(Z%!&KBaYuXTh&A(nnE}<)lyX9m0*i5-
z9*@xiIf`vkb3i*WAlr-R(`3QGgEUxtGqHOA&Lutk1VzfIRsr)*1Z~<UBqfVwFVoVN
zgM$gI^?!lV1hrUzjmhgo0SEI8!!z+QF4|%;)TPc2wtpN-YDf#2cM<=hqOfDJ0zRA~
z+gk#Sw{nUnBi(>gTnjtySZi6LiNE0v#UD%p&5*BS0K<8`9=>bb=?a-ZCLv596E?gb
z$HpzFNB)Hv2^%<yKmo?@iP_&9v%imayTPD>o84eYv5p_-!1f!?zmMV5T(@0NCNyPG
zUxSAJu~hwUGObe(022#w|1j`YT0$NKBB5Im09!PRI(d5H>m)tTlV?aIr`wQZIl8Eq
zvYFbJvKd}n%7#Rki-wdE;{D{QO5-Fag9Y<sB8FuxhP>Sfi{w9q9LNZURYylyd31zf
z+2>h%G?@WSse#wi58|>2<|+Mv`N?8{d5J87#Wg)c>zBIk{KKAF1AZ{hq+$B5&X}hY
zVrHK+Xm1eGd*aaB)HZOkk*GB{01noS24o^MHm#K%zrYb}{AtAQVLUvic`$QabV9xy
zn$K|~2tm9c`<e>Ra#K-k5<76*Q-!I-!$4z`$n}4F%Anm-1jSKBK@n}kyx2yP85)u)
z={e`wwm(i{QR{_X7lUI9eudh4*6gr?I|rkTDMexZ+tj(0Khzr2RXPO+6IX|Npth@O
zgKoa&DN~igx`&4WWR4oA-|0O_g(1CfHRch4aD<tgP{^4$Oc)#tSzrGoH<a2jmR6Da
zZ$x-#2Re0<L~#Wzat?g#2EVc!Fa!-9alDN5pgLk&_FRT?>ZdXGd774nYl=^Uuz^{&
znEnQY>OFB7yC($uXTez+TCCv*Af9KGS=d}r32yUzrdPnGlCFs8L_N^ZMTnyd&$9s#
zdSVN2!r}%zp%y41xbUtNDM^#Xs8SI|ikK9<`68p-ZouU2_GD914H#=Do)9{VL<C38
zVjyrlrmHd04_F%Z2L>idV9G&Hk_w<F>z}3;g7YGk8>g5T8BnG%=@^*!m~7C8XrH2$
zx)F?6XfQaW+PQ{TY;ZZgsZR>r6$$E65t&WmNt<M-GUTPsOxyban@v}eoJ-G!lNVg*
zyPV!RbnX{8+g<Nm0+u>>ZZ{SYWh4*34>qhnxgCFX0W!54{B{pP50I9weY>b<q@*M0
zdlxdC!bU?zY&2TlkA~~}b*qB){Y8vpH!g+|#N>L9?nz*-52gTfeJ}->>w_u4TpvsU
z=K5fJFxLm$L9sp%m>F*$h|1i&1op+BN4;nr_3V2I?IvKXa+;GPX^@Z+ZCTp8`aXF5
z(`dGwsKn>1>2yZb!BhUt0QVIJe}{u;ZP4+!>?u%_<|ZHl1@-E?c(b3}nLsdA%h&IM
zqjm$GcF`T9&A)9P=mg7CodeG*JuCF2&3_P{!fiICl^RU8m@K+mi%F<HK>-7ImjeWi
z><>*<f>Of4K_bek@eD%!1<W;Ch_rtkF#V^6xLgX6s_vD>vDc^&X}lyVh3K%0=}Cpa
zh0a6~k6Le~jukbn6a*CSsLrfC4+cit=2D(Nh+V~DHocmcAwFmt4W(%fwiOS)R))M{
zrh91TVkTJr9f(20^}r4IZNQK2#ar;v^<62872HFp_r7v5yR~^K(lHCbl34+kxCAsI
za$q5f`PN_slTf=cr$M-7f)^OP9o$B7T5Fu?CTuZEdOE`vO)y&u)O*6BrN*{y!LHbV
zCUzoBD0Nh`#g1Z0Nt8BgU#V1{|BPMi5Tet(f+eZV+RVCS?OggW3K>(ZL=BV{WW#$g
z?H)sl+THe4d)m8-^v8tZYKeaVdFt#8gV^n^bUV?Jrj82#!g)kUQlcq?Dyah!<X^@W
z<_Zo(#%J%e+fz;U3cEcmt!uYuq_pks0JccB5*d(trbm+r(&UgZJn>!_#Qz4G*a>N&
z(7@q+XX*&G8ypvADF(%5jn0!pDcK-(yHc`2>UO8NmFo7SwryFArMo3Holo1|)yQ6J
z8jfq?jt|Ej9|;{2vw+i>fbbAXs#=7yW9r(B|0zI%PG97h{8dJpORo3CrOZY<0Tf}=
zT9ailS*A-i8`2usZAD7vFkxlVMQlujY6I#D6bHl=Wq^Pt14$ElV5m?w4NW!;O&Jc5
zdE3^BsE`{u=QP-{aJP+^F-dickV|9oxtDqJ+zWJjWNnG-g_E`8(I?H3*!mG%r-bjn
zJZLsukyjfx9I;l<?rU{&F9yi4pAaeb6Pj#R(Z|^XZNI&oP5XhC(ew!%2hn+P_}Emi
ze?C(LaO_c$ur1bMbR7)>#lEI;k|3s5mkRJ$VJ3dHrkV5%zcppV++m-itdDi9vc6a(
zWWeHiH=uubAIHa##0UVwc&-d)_U;&A6d@Br3o%rNgsnEv4j3)6$y&|B#fB5E#OZ30
z+8kozn6^p=Fb#?lf%3p}(E>LGvWBdUBU;r$Dt)ahy;$Ty*q~bUY}jbzo0lNYr=*{-
zJlxcuhfV!_I+(T6Q%zd^;dcLn{a1#!=4?g+Sd?5zBiX!)2B^o?FxmR_rAcp^^rsk~
z{;_V!_440=ldPA;6FYY+KqMF*YTnV<aolj=z#5Di2P(DNha5u#pgt&SN%JArSD)${
zS5%o6c<M6(pFj~;f*J*;F#Pbpkgb+<V1^^wNm_oRiBm0LGGu)iM70vo=~x$ra&Xg#
zvSCPruK`rX&D(6t`n0qaLBb^(MNevTno{Cy8cX~b>TtnqQ$FZIHo_=IT{BmGo7v6W
zy8`wz^rn_%%mp4U<^=B+bFJbX^EaWB8|AVnS|1N!{x^N(0A{K(BD5WgE9R5&-Uvn<
zSA9s;P^Z3>>^*BGIH^Pi7ZB8nZuf$G5klb^uniqpJ+jDyX9M_7AL^_gY-f6kiQ2*|
zp>6#cjJyH_gPGZY93MgEYZyO*%u>i_B1o?G7#xZqG8;KyCaMfIEYC4;DqV`-nfT2y
zX5N?-4HF*!?K;U_gPY;vVUIIm-U;(${Hhy@$#kavL-2$BV*65P`*CQyFSOkh+CCrJ
z9u*t3agom5A@t7Bc28*g@6h(2V$(REK>hV!nM@2-YNe~}Q`!@?H^9)7{L*qxIpMv`
zEx<)~Z=QlgiSc$i%JOjfEhK;f)V0n|C>ZzKy3mnzV;o)7#^eo!BWS=AEGk*lD)4SX
z<nrdgR@p4PK~nT;b<d6g`najCtU;G3qnr4^XjX{PA#?yE@3u+!>;in=1AH8BAL_JI
z5y0%%r-)V=oAd^wl#DSP!PNVl1-UFdE5q*iH^5r=)2@i*z>AbYO9hjZZkTeBDEhgR
z)s}AO@P#(e^IVXcWy^N~3+(rZU1baRDqMD&zsGo+OuU|^MrlfDTs6gj$)<z>F(s5l
zm0+3yoRO&ekraMl`#Cq78W~cjMy3@_txQo^0Zo+aW+skxGiE5-bcX6~nW0dJoLh!q
zKEiwFr0mLYRMT$CkUb$_eYx`dXKjt${65mdAqB0finKX4e70>-4@?#e5SuI@&<5!u
z(5%#%Z$f15H<M0ELQegD^oeY^$P2I7dw`uQ7cKH$;3DrnBnCDJJA1Tcuq2d468*Lc
z-=iMj1Ro`d)<%_Btarv?eJA9tD3)DIjcK(*eN&i@zmJS%1`X4C(&@!n<g-EV&E_?v
z_858hARyJC%|!46q>c&pej3T<1I!C~5=v9tlJ^%-?>c`HCiAD69DoF44@Ohrd(2b_
zxs>?)znl^=>k-*-)+2V9^%P0flazi#V)_}hUvNhzE8pB>ED5;s9Y$do)s?UJFsW2o
z)-^jK{%2*LWOmsO>*ewvk%Zipta0RS<>O;>><<wTaUJU!#Qk@POVI0_W5X!h&#`tR
z^pqJka>)!EI%S3pU8{09QJ<?F3Zfj$v7w*Lv0tXo<T;i>bdJSz8c3^oxT`V@8AtsI
znE(>7N&kXojUi1!c7DW~2*#j?=NPh%kC`sp6pvAX;M^%fq3LLVVHqZQ#9+kyPKX(d
zNMvZP(7Ydl^o@O!!|TUPeGv}M!t{R!aOl{TeO>9sNoa#xWc>aFz^p50A~-W=@GIlT
zNv1krdp~6yH7fNxsJ5bx`t33M1H*vVy06B<+GBc`ehY}`!WySH+zrrfo8djolt{BU
zN%PO_%uCi>+QfggwMeY?mo33HK8YDay@~RoWTH2-uw45$c*Yri+1ddc_YjJV(fbqD
z0L$rE%Ooe{)%YoZIJ*5Pq8fEXYz)N@J<P8E6qVKdZ>Hf*09lCf7^(gVHYU;`%{lzF
zrpMdLqGL|BGdod#_*If;+7}^hX_JQF&|qnFAmi{j?6Fqj#;u1Ri&tF^L>Z$=Y;msJ
zL}x8j>MQt`-}WBm?LF#8hC%DA(c3n#tqw#6{4@23BS%b2vlzlbd%9GixKnabA72%Z
ziInIlLrz0GNT~M@_5x1i>=>%-*hX8#i~o!v(SK?B(q)&bWBs$}Rh=(8+7_<t<$q54
z@KZ<>^*!qvw5@bFT=sz2W52|u##q<TE@Y-W{{`H6K-Y07D=sYh$_|*HQspjr_)0F6
z11ltxVm{TCF5>}K;Xl%H6BgHDJE7M%pF|4bjPVOP>W{mCKLsn*{aztZqWSowuu$22
z#jujt^{*HpDY>DuGff`VdDVn4m;IdKFc7=EXW0Z0te3qr(X%TF@An2!X#wc`D1Pkw
zDbW(R74@C$#R`S!c^4r*>R0Nc!HR(BUkoU-ZiHX`cvQ0reEY9;{82PCnrVd1q(fGs
zI`tEyVCZWc3w)2}Sn!nPY$b<#5S-NJ6<L|ju`cf#S@b(cSXM4Xx6oP{fgWfuM&}|f
zdE12CjSk=LkV^)mgB^!HF8W*#k4?*k1AH%GHz>6Hhs;S6C`JpN(DI3p8pwZw$g4Ut
zTygp#iU-X{5j_^8vhTGrdRRqzFUk6YT*#`S%oKsf2=Z5>60+69wFXTEH>841rFwq=
z!eGW?5f4VhLI#(|vN`;fNI~9+eG*9G=okmq23)!jqGWDHxtlXJ_4%u3{*&BF$#TiX
zaX-lu?2|BR2O?8Ss3}H|=bNrczUg?rkbpCzBGhy!#gEm@@XeaHcRI?5+tG5hz7Gb&
z7vzTB8UmZzascJTZw>;RnjgAw+1&`o++$KWe*OQzElV<XOOR<1QgMrVX}jX7Z$!z3
zd4p?A4!hb;ZwDGIOki|H*XWAM=!)L*=!*K!NU^p0_^pUQv3d;RWVVZg+hY)<{@+2A
z>aHe>S<E7-)PK9QrZKG+&k&OmZjUsI&%6|pHC@a>BJV$gau;*O+@`fXBWiYybP1gT
z?Pm^9l42_Ln@HVCg(kanu>hgH*6J=@-f5_Fd2PDXZWr^N#rFE05_Vei35K1<>m`{P
z@=%TLVqT^}T);T3RIGgz%}^|AI~RGaqP6TWeDHT0ew>`XX-u#YZLnJX_!ePOCQbhU
zej(hrX4u*p<1c`N@FY6DKawb6-@iPXP&;I<3F~8s`}uI3F1ZR$yFr`>mZ{lW>g^nr
zhSQlxJmc1{qM$<QLAY2k(cx=#o3Pqa(inH5U&#_oYgZ<>iFRC;2I)mMRd+d8VuoX4
zFc>j7KfKb~`5ddAWhG7f7Lb)SgVO3>GQ6;FT)5EX_&-GNQF`h455Qg-dP*(bLyurF
zOYgC5Wb%H6;82HKs}Xfzu73_b1N{aR_Zg#)-C(5pTR;^2Zvy8kuHa;@7?fh@;C>_u
zd0`MzbnG;gkip@LarVbxEEM5yh$NHxU)gAwyP2Q_<*O{A1E+lh&-&L?i_3%ZB@fNF
zu(9_ex#rVIf(NGbbv`_<hgL{>E^y-cohL}b9h?fS9|K79IRr)lY4|4tV65+l70(DV
z#P2n^V4Wus5()*rVMMO-=%6W4z_O6T28z-kz4;;D{-iDOdlsAe?~cWDFke8wl%~yA
zcQhe>fe?6-DvuQME*>Ci!?@G-)#SQ{9>RUPGx4;}{Txz>*sY}r?O1p@N9F#I{O@kf
z{5ujPUq)W>Hst3>hRYLbB-N-MtJ!DW^?yS6fr>juGv^!*g-x`OVu0JK#-0Z_?;M`?
zzYTDGG{i1(xFW3~lW-MKggEB7)&u9#*hhPdLsx*WkL{b8ZL_l3H=EA-1HPpNIjaJb
zf4Xm0Zcl2M_Ka7QP)vu~sQl9~2#^%Mgd1$_nf9#L5lavE;mM!jf1YPQ2-^5hbR?R8
zp^<F9Km)?^KZu!Z{#i`7`J$Mq=3m83H~%JPrujcK8%(gZIPIDGe}r{`a_6n?0Efu|
zfoo?BS8loT&y*{P0=Zf;DOY>Wn_=o8Z=It-u|^WU?lqUoHRVc~a-~hVGNxQvEf=;L
z|2VmP?QS`!;`$e(5<=F71BMcqRpWILM~urjFyVEZa?V_ku|5ObzbG`CRqtn*)_d{k
zs_%pjhD)s=`4OKieRc*6m+e<+B>e#xQsi6;gE)-uXetZgYdWE}jL#(0volpc4i38^
z4cuV!V)ZPo+hALk>z`$Ie+1!}JJG%&Uz_$JzKS6{62{mLTH#x^SZy3*bZxm#->YYt
zs2e#|nLvR4KU1jbb6@V6RIIRE*Ij2hLAkE`xRwiakNv9t80sb9ozF)(zZB9j4IpoT
zV!9h))tN`SJD_I42cN$l)@gOWxR?6WSHioH>67Nq_-o+GG|EMEig%IT9FI?vPB+vF
zVIG5Da_d(Rr%BVogJ_o~xCmJt()4#n0-RCAu{iEnLdSu|XAd}3Z8!)k%Sw>;U6@U@
z^mLgx=#+~aqV+9%sLh^==^Hm4Q*xWc2C<$gc9Oyov<I8$S)B3IfU;$Vu(Dr<^9!;@
z>FdV&B-%$zTJJ;pUzRbFM4m0{4IWj9))gRrRGZEwMYx^=yO?WFfJKF9d~`+6DAWdt
zw6dK{3bP=M1TH%DP&ng^$uRVt=GT_Ds%*F9ZFtpxmeo2EIsaRj+><`8*}(U1*u6Kf
zzOPjjsm#Y@jIcngyg~;&6z!8+|3_^76g?nK)9K&42h&e8O&HY1R8z;B&n$#j{4My(
z+og^fMCPijJ7buawm>mHhZf)t-fUw+msB+7z5?@H#Qcsi-vj%Du)D#{A<zM`;=jcw
z0-!VtL<}N(=2rg)&@jZNqad?;CZ=hkfdr+lq3@+s18N4x6mP?<;LTI22MBLP=vK%T
zS5UgBAs0QCt}g*8><8~FnLUBbO36oG0-7ba_9hTEbCY%;(Uee|Su-ZaLmVH*-W!Ae
zg>WehG&K4xsv$|-U8CZ3mNK>TnZ+v<sAuTASoMicR|dG3aIbi_+FeW+vsf}_wNUif
zTFjzQSmc<{iyp!C{cnolG8nTvwAX%uY!xA?y2<yU6qDwy&G%WIXImXg?;f@~p0zsF
zzE|6f!`sA;vA>W>l9wXszayl1+&wXKj0EBK1<$%0?)xX`hTd+Bio=WA4VxJ>IQ$Pn
z-8Hl9jmi_QM7npf|CO70hQOh282-TsW~^_9)q6juJYJ{X%)xu2kgerDjGNqaW<m=S
ziYxZlAy2t&eWC#RfDozHxhrLP^Ode!xL>++xmCcNWn=kIj3AYU$Zavv)&%ud<NhZg
zP==Sc1U}WBc}-gfjz}W{*gM?GDPSxciGs#}kd@y3cq4<r-h$kYY#do}picG8R^1=b
z?7Og7Dd6#(&4Pq1C?Lrhel|d-43}J!jJgZrQ~nd6--8<~vUqSEX{0m_)sGl{E=U37
zhSw~c_&n7@84#|yM)hVDL0#%GR8XW@WGMKu0A~?tokKVP0tZ_(bg;2P2OCl6Oj{le
z*@V1w9}0q{{ZN}m1LP3Ldk93zBu-ICjIPPa%64>?W`T8joLL1`F5~dPuH06I&&8p3
zHo&#A#5#bDXh56RVudW8o4B^(@P{mG80J^d?|MC%l5mR+wugf~;Z18{9od${7wVX9
zI;EFBW8-!B1(b;K_ecD%vfqkeZF3eu-I08ChMnHb%SzXv@2Qkk&p#pNQxZgS%h~1F
zzAcu23GYeN75Ys(%ZL}|jM&k8I|~B0kvggy0?M-5IEIqe7eHJ8lejb(-Tw-b;@KW?
zd=(BOXoP%3K>rC4UhN!7ZyGql70FU0KoWUT30jzCs98qBB6-zMo>3^K)AEo4l_txZ
zvl<`zlSORtR7Sj;UC61>y6*tqg-nz{DUm^nP(s85ijocndMLZjbcz&4XDZ5}W1{Q<
zUWP$f{b&g8nv_e&B{RILg|K3_Q=~IZjm|IBQmH8?M<!^2Cdf@}m76eqV#G6u$h&#f
zbL4<N0(MY}I7%B2UQD2wyGAw_liP-;iK7CCyY1yRob4<o2UCb3_EKtaT9I<PhndyS
zQPU=?Qf^}UhEiUoLU|(<%Jo~zxXEb#K8|+e5C2xchti9%8}JKcKOFl!jkZq4KC4lr
z{)4HS^AY=$YO>Z11Ft_*XjnU8t%VmRb_B$ed-f<0?BAwjIT^f={GtA~Q)-Xh7HlM;
zBThq4!n$xejbyXPZi&@Cp)?7mDRAK<z6yN)i+xbI)~xN1pzPfX_IJk~!(@<`OFKoF
zmcz5%C&AAfK^KAj#K1mrMxnL`(9A^Z`%FOJMHL?c07#=xF{#Y?2y*nl1G0pEr5cc-
zV_N{19w7S`kRK!^dFV`2BqicfysRNh8+|56-ZRIYZ&u&lR@Y9_3`bZ8Tx-pwopoM9
zj!G|i9vaf|GAM$it~B9Nw9(gO9ER*W`zIaV3Y50l37fi2_4I4?;LZlA6aQ;Sw^?E+
z1Gt%h8LVw2q|y0Bc}F&{!`bOp;4A_cP&X<bbO%Dc$<UdELXW;RY!9JOqi=<F6Ds?|
z@pLgB*2y+;9EfoN9eNhQUC)+>!nu}F3mBEhUH_fHn->4?Ap3IYT#M_jzc28n#oq<p
zq{aJt^qzynY4N+*i-z!`r@tHzcK9F91l2})=ox62yVx$mvo*U|ziRD{tUZx+rdY|h
zB!UN14&?xe9!yEB{|t7`24*M5Xkyv-anQAte*?bt6M#x~@qOqkiS_3*)WXCVO}uCF
zjc%ce_ru8e56Jh2_@@0w@vZ*_HIQ9=wM4vx5f4qsBk|C*@9h}w0<ZfLg25;vo7uDK
zDP~lCH|`r4=4-1l&-yg+I;>X5c+zPovHl7sIg}WqN%ele8_96L!S96y#vB?+zY3$i
zqa={4T^A;RTbbPY3V>xXx_$j=r5%lK4(WHQ_H{(W!`4P}fB__WxyQGq*Xlb$;1#6_
z^m9C-aSYjVXCZ1Jkm<aRwgS=ONCVNT&`36SkY*%C!tdA?)}HeB`ul<H$S9sF14qW1
z4sEBwj;{mQX>izTXGX5vXUBC&ddJ4=?uRY;I}O%~Jm#T&*=evJD?oa*(_n8_fb?sp
z!RC?mhP+zWq!ZjGSR~ri+w5HJhsKhq%HS&-8pR*}zSCgM4(t!4Xo;mtCsd4fu*E~Y
z^>l}(rJIvctYKU|^ct#<{erp}{QFnhZc?*JpMsE6stQ6rsUe&vh<dQ;FK^W>|F80t
zOp@`m!8gnFzzLG9vN(>VgXQGC*f;Vn#wZY!P>t&thO)hr(50cxIJy8g#kzAgE^o6&
zk6D|mq&z$ZpXI891AtE#sm=ceqUljMT{lqa^Xt((r8715!vquNF{+6kjlAB2yaxKw
zReJ2ocn8vTulC*zST0o_U1X;qCBQo>;sF--kt)`4y<HL@pJsq`e|c2yqWu)|{08!z
zF`At*nghc-hD1bYmao>$6Ny~K7o36ij6VaMi|uifV))36-vbvH_5+82%pFHZvL(p8
zj9($t?Qp%_Q3a`mJ5GY+ipgv>kB2cp_uPdJT;}fR^TWHNu~&=t+EV&no8C`mW5z%0
zN`3DT%nrvk#buoCV#<H4Q(N@x<n98k#iLP++g~YRqY@JM#my?7UoPW~Y8e%LBQ59>
zOoBX?%>Ke-@%^)JM(t+u(CZ6!LbAaxyuRQ(0O#Y!gRvYybT7UYAJf(pFbaQ`D=WW|
z5_YWqG0qH$M{k%ElJhiXv43EmO3Qqm_FoqJOZe9B;~e$~K6ngm)UI9Rf>ra;f^Z&V
z*Lpq?IS-3x&)FR-g}Fc_BeQ(Q?}NQQi_=iQATlwt_SbM8;^SzCUW>`a@NUI~;oHD7
z|2>jR|NUisyN+~sUzFopQN2m2$u;0{*H*s4^()BQn+E+A{~KT-a50w#sZR$Y(vNxn
z|2x5V3kk=Pnd4h!ztxJ$c5!9_jCmU_=}H@_r*8xPe4?0I53PzedC|=DGu`4tnw%eP
z+=jpNZn6c8_O|6Ugnyb>4+hQuWnQeK<-mcm2ntqD{5ci^&w>5ffN?(`n;0yl&JO;s
z00vJd^FeIF&~lhPP^lBjwuZln=hJlVdy`53e<MZK4fhi7Mw^;;@YV<9Bv+kfWb7g;
zO#7W64Gv!HX>E;%U!^sIws^x{QCmRfZhc$&5GOfkfgWr}(=hsh%&%Rj9Ndg$@?VBl
zh4|mQ6{2a~7#Mu&RdNmbz)n{0GR>Fo-*TT%-^@1oVlD`$f7}gZwupu5XkAYsYdHgz
zV`MGdhrI}N<U1&fid`rw5Xw)%i_REw7@3oZ=%pxW+H)piY2K#4gIKOWfyY?SU?Ne?
zrj)-5N(m_gs{LpLdZb)f{9P19`;sa%>oD0V4l>vOgUPLL!$?&9o4%G1?C+%{8P)e8
z$NJqtFk5&YO&OcHapzd5%cJdNbgB14jsGh}G3wW0FW+|_9$hj7{9j2=<gqr6dCWRS
z+ugP@ZL{XK6;WTH2_tQ@PE$MApkshtig8-T5h*h}A5op7?ILdiMFMf@`Mq<7?Fux9
zmZ3)2Z-iT0bbocBw(68oJdM(hC?SKl=>C){A~w;Ngg?Sv@4)4|922sIg|`lI(5v5Z
zg<Rl$Ob`Gi7agt)4+V{}+H)cm(~yGE@OSxAS3(J9bvGH+xxlUA%u{}@v~#CnP9@<$
zlU_uB8zcNy0l#}9{CGI2x^xQs=2mh6(%8tzY7S{%?Ht%@pN#XO+vK@Qqo8?ilrMF6
z@12zI-c#he%Xalr$Y3iNDBw}Y6s)UY-7eQJnOv3cp#1!M%*z)}ZHA+*?hVhWU5;6@
z{yYZX1_PXf3nO0)fu_}5Y2$%uYMM&Mjk?lXf;#73kz?U?H0%3OxirRLT7y<yb?0y+
zAU1ol;QwAuKq!XUE)OveD|2y~B*Z@jH6`N&yEr4@=!A%H%7i2i!@3rFyVV{nOX*!o
zImOg)zEZ%r#~la=k%f=!gFcEEDqWdZDYgU)X9x}w7XRy`7c5)+Gka1!#P&}Ovx{LP
zL?&YwGk!hvj$xB^idn@b<9O%%Z(zeAWwq_f@xIoYcZD9WwsH5^Nw)^}7p-}-+h!mb
z!u-@aX{p+e>ygLy`W|>DxDjz9x%9Y9c^2KAGeL;0``CV63vhaUsKf3WYR3|gr`d23
z;?T5ePwkX5At$7WFgvlZHuBNXu}kd|IPBPAa8V)NkQ0HXS?9A5fsVi-heW*CA&2Uo
z3;B#Cz=3-fqO&@kI;(P$a%Eg|b@*x3T;0rV;o-dMu5PBZ6`V5IV;0DN2M9mdX2-h>
z^^e0_NSCtk8oJmISVr}r3hTuP0Iud96rer}_6-OQiin9cltA~VL|9tLlv-rZ({Y+F
z)U8BsZHGJ5uH=eDswz*(ZnE|~(hrzYD<fCEcB??Vgh?>cyG*6aMV#fHS`?oC*G1tO
zNC-s~4skja72~4tRJq7wVtg-zmKND|O!^(OVn-5U@N}yfT>VQ~78t6iTTtMf5oPm%
zEcRauExg;hpzUGzgEyqlvL0XAX7om2U)3gWOV5PP^j5Ul{cJOB*(1=h;HadP-wAtf
z$G-O?UB^EXjVI#ev3tP1_eIRRTgFM@vgt{)SEnmMr{Yzbh0J9T{Ir!4X^7Cu8P!$K
zbgkH|;AFZhv!b%XoR$|~ks*S9a0%e}M<Lg-4^U`EAz2y=0ssBDI@n)>59pF$RZMvw
zCO5K%>y@;h1=ijL0N`?nwEt(wsDs1!e}UaQ3@L(N2n*<41OOJ)nwM;kK!%p79nT6j
zGVoY%jM|v1GF(CNOId6icNMd8@$Z+B$=vGh2KCE<y2$!O&L=WdR!b?DD&kgyYrRd#
zoYsn3t&~q)&QcyI6lymRg@S40d^o<bxGJ=ncfT)a%U+>vNu7{oXer9bA)@XYaTZRq
z6Wy?OkNARAzay2NO?0^solBSz`Ko5F3e+`Zq^uxY^3XrY0Z|C~W|N#@&7HC+Q+R;=
zM!ke-5N}7elKu~MZvrP*QSFc4xwre?US=jUnMwC7$@D-n;bwYfl9^#i!WOoGC<rK!
z2|_|pkRUX4Cny;@1l%4<f)Upk5W)iyT%He?=R+T^sNhCa+%PIT@<egp9{j)GbL!T;
z)0qT(`hK6!Kc7t3ty9~n?bNALr%qveN7cK0FneTPP--11Rez4!1Ra@~nd+(6gS4H8
zHA&6^R0F_Qg~gw6m+Ol<Vv8>-eRw@?W_qSSGYDIW!Xz=sWcdu0Oyt!78pdU&2KwQ9
zEliO>@sCg+lu3<(c`F!MuB&=~<bE0d43?!4$^g3Ztz$GAh!$Z;Drnv{$1Hq5-DTFj
z#C{S_WV4TCFWKx2j4D3~lF5wiUX${QPPE+?^iy;mTX`2SwtECu?E7O2DEq-!(MB^e
z7@D<NF!U<A$B-o#{J*ZqU}LZ+5dNR^S@G&|<{T95Z&J=Cz<1iZi`)^MZGk2rMj;Ro
z?G84<fHZ)o&4Bw3e%2EOU1fXRVzY4NzA}^d1jC`HAzc~h4Nai8l@szY$?y~=?9*Uo
z{|=nRe4|FiHsRj>JJaA&o(}?UF-anl1tLl2P`T^-l|xhgEab^`Zy&hdW!~{1Q|-~5
zs*UFH_V=0S0vaHH2zX(jm(XXBX7|HMsP1fMBuLL|)Zq!o`Exx%$e%pg``~_$<!CP9
zeBQ;8oOF6Hx9C~x({+gDgY|7_;pWV6AqYnizxox<j$?s^Il`{I9VJM;akGw@Wv}@J
zx-%oM7rK+oQz52FmGio3SEpgjD7&Msju{C$4(2-Nyh&wi7@y2S8jk`tmQZ;mdPzqt
z7WqOUyqT56XUcp^eO>2XxDTMdQaik?lJUYpQ~^)Igf|jt*^)2bgji;`s#Vn*Sx&U2
zd{j2Uho;g)nBJ06M=CXhC(ylc7`e_GosI66VN;$7U}Y3-6boOnTJKNn>dY!b3TY$i
zoz{Bm=6LCPY!-KQsw9ZVFmVL4nMcFUCXaWx^U^KaJ}#sHZ~v%%PoWoa6=QnA`gxV>
zP<PC}{~f(x85g6)zAtluz2QlJ>mz><{v<#tbkjPP30bji@Tu5vM?idD5H>nC4s-_0
zUKp1f!hc0#UTK?-ZiTlYFhRFKfSexyZzJ0<BTGg>In*I=3&$?FKh`3n6|=SQg$^1y
z#<wFmMuNh|bgaYK|5!)%=-ijDLAgI<x$#^955pq-MBC-7vu=n;k%opL#+70z#4kUf
z@xfQ1WdoB~hFnnFhPna)(v#IMq&#rF+h1UL@)BrN9QU23w3r<2gSvnm?F$Du^e)Oc
z-vQtDBaRWJH5!%@Jytw}ySrIk*h^B=%GlD$&CF$R`A2{GBEzqI2>c49%r}9R%2Yle
zzqjGHb^+PK^2<!DH;}9OK1I$=0zcTm$*2jFR_hh`+$0w?pZP2hc=BjdEjFo9TtBvD
z+tTW1q4p8phgOIF3J8LazG_JiAK982DuLT(Q;6s+-PxI~U4?w>Y^22>LUncv-fV+6
zGguN=)*$Piu|hW8)tZ8ue?T@P{4UE2${pEs0{9&Pw)(???3c>v{%4U*M+T_uGo>u(
z5Gq^p`l!J2R9tO@El~ur^V#a$_s863te5h6lmbz%^9B6jztu~L;J74{&`a6#{f3VK
zf6kq~-*5P+#9|z3obq48{f1(seII^IGu%BtJZEq3OK7AH=%&xp>>RwGAnNci8iET2
z;U|%cv@)%i<%%KI-$7^geqZ5EEgE%ccKV}y&AkSDU!kZMF>qml_XMWRGjW+fBOx#1
z%Db8Tm%tTQI-unIDaBSSt+nP2wz}@W9`S!H^r!JE!LF`+^;Gn&Ud57SJ=(8hp@^>+
z;N%}W7PN-kFYvLtNlps^Y}W5oCY%HYdKc$94wtESapbU{cX6<O@n2_Wq(^g{(|4}w
z(U3>sF;oMtt!cd?@c$gy2-jJ&B3xhO^qm*!{N#4)-x@Dh>G&$}q7C|2hBoiy>?5_d
zV>X?Lt5I8<H8SFHEu#*io*9yo2;JnFVF|{DdU0b&-(YkRDTP0}{L}M7uuPJMLO)p-
zvBJr|%bg?%s$7k^o%4qR?6Qi_rUr`?n@GSL5I~Ql=AOcaywQY6v^Ud(!$(H5(aA1Z
z&n5J5>;=xT!0SP-191^p`z#)Le;5bFAbA!6^T|StZX%Xr34Iel;4$U<U+^t@Qay*?
zj@tPmipgYEbMnh5p28Z5Nz{cNJ_{Kl$RBoQ!%z?B7PKtdVWrLqCF4Gg>Yc)E+g4HI
zquslS_F%=<k%M|R<E#aj7^>gF$fi-nK&+*~3S;#-fpjyn!opXRJH<rxH(0BD2pqq4
z@qExjNLY->AuGr3Ed}a#=gXHuIJvcN4StI&jD%vfY{i>_afX50`B7Y<F}Am7x>j^#
zY`sCan?u$c+CK8V5!@#~5UD-iJwnTv(88R^7Vs+@>h?U8$8ia^XZ(%Rm%uXn*7Q5i
z;jLdSRHbpNJF-wnFLbn&ahDcJTOxr9RMA_IXG?oaduHsB_FVsSOezZM*^%LD_D1*O
znb~-ET|JM0TnrE$MALAoj#jQbGpeser1lv`$j}<EJzN6{7+d?}56x=Vo(O&b;4=W<
z7s1r?It1S$-xOh<C#22@Gh3z#Dq*21mcN+=pz;}rJ?y(=pj|D@H=&FBHIDd%F0S}R
z7gxTNC%O`d{zQ19&mj7cC}G&qj9pzS{1SUm45o^d0tOa%kl&Iu3=;~q2l>_*>8Ala
z6Mx*@aW2rmn3pk(JdB!lcn!9;7CDJ-*K6<r>ijA?I4M)-B6V=JpTLXNxkQ~RoZ2nm
zkD3?X5a-Ji{|@X-9Y*ry%pVR9{o&YCe;jzG86l`W0EVo&yjqX@gYaHdwHc;2L>VCR
z9%*pq!GA|4sD(_Lk)wY&1H^-8{~g&%nIYNQ0I`DgnOFzF4gU){`x&{l8i^x6$WfFO
zM_S!lnrc~rez^#L$#E3H@%E`5N93&+A^xtIo(Ua_l?GC^9^gfhObM>h4+wxGWbA3`
z1~@-u+MzJkRvmy5rPz8#ZrA>>`37vwGAzQ5T*k|8U7=Ep)c9|r8&w$^Z@|+bFx(K0
zP0#7=i{$CM%W=YQuw^P&f;0dh&$%6S`x)?w&w6Dv>RB(TyC@66rk&Dy@tIR!3FQIc
z(gn!Ggv%MCZm0g<^WU$dX-qCWJ5}KhrRaJP4C$;M|MGA*as1m0xSYrM9CVF`zJeq*
zxXj7#?5H9!EP4DZ(Rrlz&p88@?BavqK0OGw4X4tF^54}^SW}xqF7>B4b1J&Obe(;g
z<{Z`}drjAwY?|{P{XRFkCjgm<SSi7VA-o^`k7qv3je(T8IAB8#qy)wKlxA_w`Z>pJ
zMQB#O+H?~(sj|93>$5_F6|Lu7Y4e@Uoyj%21KAC)!f|xNVm!VaOJZrJnyP~g70Z_B
zV|Pu+;)HKes@H`X%e45~g92AUd>64U7q@ONpMrJ1d_pj+RwDB-t)fi9*enq4F7WZ`
znchrScTFk0Lfo3NFxfPvxX5I5dt=RRa1y9({+aDSKgfbzsBuFCOCD`8gnKA8$-zFY
z-NCj+{|JA3t26$?=$r%JKhkp!Sa2a%<yJ_ca1rD(Hsv#zjkpKELOqiS<=3R*524*#
z)14=``kg0xt?83sI*>+Tc%MXg2o;6aajgW#GaLDaRFFZy_5g4R+nybs<@qkyhIZWg
z$HnRI0SQ<NpBrRa{gc2NWW<PKhaX46ep4gigd$+VwBa3iTC&0rq@HD$V`MiL2A+<5
zY#=ITzl4psRzFo*jcp1o-k>u6NgQWVo7Moe^IhJs;Wk%_)cc38Kpyd$9iO&MyKW=P
z;kH(gH=d@Upf|H1m~;eOmUHYPUJpVnCn$K|1Y4OYYkF6g(#@n<pC7VI0kCF$1VE8v
zDwI#DqwjFBeVB73ya|Ou91TD&yaC_Uo6*H030!hFB25$FTTz6eaQD#p$-E#8-hnK!
z*nK~qg1eXa$Tdw`;?RsJ_4|=*KGLOk*r_X7VY>U_E>tp~uF%p$p|i6X$g`IsAdx4j
zM0AnXfmz+pW{_Zge!^Btus-4!)<?cf8-<`Fk33%+{q6bMX!-NCkzYL(IED)$jKR94
zo|)jsD~IFfA8SDxl8sxi)Divxz3hhrxKj|dS{q1$=)pH@U)ct3$*^s+)3t4;_6juM
zZVk-2^Y3VmN2hPIvr$WxFdq{2GRGV2mC6tdZ-gfog|Ppj5X8}w1d(rAZ+mo3wB2f%
zQ~e;IS)4`Fe3xu0ge4u2yr=vohWdQ-&B6w;l8Def{22!a<b>vYZZ4=C<b?C!Fivd=
zC(1*N(*c>`8jO+0q`nee4<#gtell6Z@m=r8++Yq)@4f<zpZE0cA)elqp|*KHnAG{^
z@a@o%U+wikkL70uDrEGg9_vY$slb2n+tE{+-<<JN%~>H|cj?IPvA7P59oht;X(E=<
zj!Sb=3N}@FIqpdmP~P8Ux{H~b6UdI}2oguWY#LY`YJnl5Gm&X@*1|K+IR~!+fsT$E
z4?dNA$XQyZIc=mZ0x?9uQ%K^HfOAhzP;@{ToiRMlev*)eGf8Gf2AFHy`2X&V0Y$Pt
zQIR4K=|l@B&m_Yqk-z0-U57HR>CPmHd&8L|F~oy4l70dMaCo{iNkyR{B@Y{4z-cCV
z0KP&Von^Y<{O4Sv{2KZ03xMkrar;4pnv<IsV5BU%uyJk<rHF2`myrgQvyv7+lMQ#;
zUN#33_uGS`DJN>au}-09Cv%+flcKXC-+3+Ycyd}iDvvUIW#tzo@yI9}n2V3P{ESF9
z!*4bs^wnujNWg$g&k9*^BAgDHh|fyi1e|tSoTfkXWs3|*dw4p`l4rhm0gs_+&wM51
z`Okc(peSRH`owzn%kGJBiqC$DQ4*oOp8X~Zh>uVPkTpo-d^m{{-Cv_N4JW$K5M<AD
zf5Em&p65zFN-vq$?&rB398d9i?!h-Voaa8wjwGK7KAxFPJ<nyH|KNEpv#{s6EMd3v
z+&{94dY&tvXn)e3d*MEX`bzDlp6C9KNXvL#ya}<)kkzVI9%0}Yq8R`GJI@tb8`>(y
zC#bBSS9uII`-jeRc?IOZ(XJi{5c?x}Dv1-_1W3+8St?F+Ek5~j_muWljD}K~mR<dZ
zIQ?{b;?y~a69Md*L?>mjGjOKTCZ6m536<L8x$fT(n4tY2;#1FcWrQj9YB<+rU6SXz
ztczdaTJjH_>)JUpO$+9$S7VAr`#d6G&UK09^PlTJ4cyR3Q_pqxQXbBAyZ-fsl{d|~
zu9S8>1{GPPb+o<~I%Md;&v%AR{4&?Wc^BjZEC-9Oyd-@9YJ<Z@I+b^VS*jmMK&pNa
z9GF)%A@4zm`Ft-v6Sg}RGagoc$>1FbvmU0g9;SjP<jsw6A0kBB;5myi27XCeSg0>y
z!IR8y7#GD{#DQpu-l;}Fa$*F;m<chm-GYNlDUsa|RzU53WLb{p(O~x@hY)M`g9WSI
z4*}!cf~8u!9}MOVJOZuV5AhhgA7j{A!i-1QtkpuFs~r&RgTZSlI#ca<5V3?E4=HYX
zJ05Om?07Iv(vAoHZW!C~_=Br&9Enl;fg%n{<VB+azKS4k8VyisPehMB_}IBU%mWEr
z+M`3=JKxzKeL+1xOyhn4bJ5G}1-X|`(@rLXE__58_?iLx68hfG)9lMsI0NZb4b2nr
z9@X^qy%-v(his!cgA<jpU%LJGBazaCuoa1RwX{_4!uX6-B+bBjH&Q9W(hbRqD;>hx
z;T&|B({c>FPa6c>{*NPbeVsuvk4E!ea=QnWC-PAiFQj~)`@IMy@t=<HQvb*-^A$p1
z^hZuOv7H;`{`}cSQ;Kua&Z2kG0~0>H8cD4xnRGX>Z9Yu1l2IDgZxF&M3FgC7!!wNM
zdU!~li(pO?;o)p%XhDpnpfPVK@M@<rv{Pi^>rlsEv5z(LZHS38$<r|)isNliJ(UM-
z<!$+V`2?qHGo}J8x<moBqZi<5Z49KMMpS?8ZGeVPqLBQq?&j)}TdaLLQ_A~LN<J`i
zeZDh3q5V9q?hx-RnKg#t5WC7-kg=>>8bxL0q;YaDiXS2&7oB?E&-xGQN$MRczI>dc
z@u5qASai%Dt$&E>w6-cf8=-a|AMoNJtKoo`Yr%<3fPe1Br6{w0BxkXH9>q`P2)+8j
z^rY&Ch!b0_tshPR4xD1!NrwR<JXdEpkKKg4ITv3J_t!EP>xW93`Z72v(R>CA)}mi3
zTf^eVT=0JP&me<qFtg-Nvdqf82my^g0^g<|TAlg(E6qLEon+=pbLSHY4D*ogH;tL4
z{opD088b`F1LSsw8wxluk)a(axi5E1Et1+T<un)MPy7r)7JNLh27&>vly^{SPP)4c
z^;Wv8C{3liL@q&hC09dtwVpKI_Enx4p5=PbJFJ{f#M5yHO$TQm4&JJ5;7&@HO-lbw
zvgIqMf)Vg)%Q1**2PjWKJ*yTBk7r~avER`H%q5RGNpDxUKgu2MfHe}4R@HXG8y<ik
z+8$wyQkzCu06$Yk{%#jf&&1`{?u-)VdzytFt5q@_mglzNWbQU#6<H(06dr#9uq(kB
z&=Sy=^JlN9oq|2?Kt_%6<IW!2)OuJ)>tVHxhe@%{h|TB$dhBO`KC!DTrL;gD9frj*
ztD-YL?Pxjd7Nb_$De7mp%oh3iKmliG14TL3hM_^^sY_iqzwlVs_JJOJ$x_#gkDc4G
zBVt$YIbRL0Jd7f!fWQ$irjk3-(V-ng>041I-qGB;y~B5<gS+_<09&C*J3+-^s*|ll
zgHt~tT#t_qSdn9sC3-{?=rDnbJ`Y&8a%c#*hOtYYny&=C<2h#r*RqXRhz>$lQ`WKr
z2?$5<E9Zf<*=W{XM*X|jU1ry~?rQE4KJnUm8fL5DW6;ugQ0!M|luY)0|64jry3Mq_
zyNtWV?Vi7_@~>#56z(vpaRQo9d$K@UN1ECV_cxeJfEHKCd#bRcklNuHi}(KE-_IK@
zU<;>0I=k^k;{ZM{ZzLJ`n!#8>klI9wKN#Eg{1YbHI_Ns|){kaDYz2*%Z^a6lz~{S@
zbd43XgNcy=sTDK^iWRg|+{t4YF;)8}BB>~GFb3W>9q>aj@U$p-y0$BZ#_2yb9q@ta
zfTUKY_?4PzX%?`$XLoRZdT?PXIL6_wIE%ONp^=9{JIqcds{4=PC|elinZ_su7!8f%
z(C!=O4`h4Lt>{C5yvsGwPpyK{77)d5^Db98507~*EYGVhU|=U=lW(T=3PJ6bIQJOy
zdt)GkxY|!R%&PrY3{P~xofz$=1=pI`{hNR#R9rqB2gSLQ%$xX##dYvVxWAS4g=LA@
zMrQ_WxpeVGNrDrv^zM*lQNeoS;YYsmea9Q~EKH#M3FKT6pRyc4(N!Bkd1k)CyeYwE
z(t6`~ltBGDch!dp{DV%KxereR?)tb1@qP{R`5o}aU1)hJiz%}@{k`!NjS-lu+6=%B
z;wQdTi$|(BQr=H9Z%;)j+JejgHX9af4T?rsjD3S|v+27Vzh`@uI>Qyfh@)Whewc{d
zxy%S)YGB(sdUwd)1%YEvnX^*Y;p2XPkhE=58!*JpiPxHGE@i~+vK76`d=FrBrf<an
zmQ(roElg?8o+!`mM3zH9pz?iS$1K^;$+EMFhy#rHA5lccv-y=~CE|sQ_Z7yYQHQDV
z@-Hx6;RVL)O~jkeaz7*Z?N;vWM7&|f`*9<Ff0VY?hFP}&QA8`Ua$lTZO5Vu%la8b2
zGK66qE}3nWTQGZuWEe?5Mx$VSm%sUO2u<=b?93>_u#@PWf!wIqxMnQgFl7{uf76Tw
z4_z6Jg+5ac8tw5VC%<wliuWrYz;EpiVhcj9<CuDx{7Ou%W9gMXnL4)!$K1LXnaJEy
ze>At~)48Sn*$I5^V0#tA3s9o8)VhUeGxRvhltQ?Ma=-9r#EafVqjrwIi{?utn9nrs
z2rLwVh|E!Vuub8?whGON3?tA`k_eNcjAypXU!*@YKBrYX9*}Lpg|H`(@NB&lPocn*
z{@@L%;kN1tm>bnAIYEAn2-waZhq_^9co_At#4e(Be`OsdhSEBD*Da!TOlWAGJho>r
zB-qlrwd{|G)-lA;I^az`#M9vZjb()GAtY=Eqj?4jl|}qs!=@_6-}zlF&DD1TZ=;zK
zy%_FSmSdk=I|3btEpU+VVGbzY=Q#7{>t1qY^b&c|)zfE5rsLsq;KF~dvF6;$Z~U>Z
z$MBaiF2DQn$F_%DM`%EKk*Kf@Ru8_@xp+`aI1W~io6qmR!4TtM70ToI?UG+0gYR#l
zD(*GkrcCko=m;fO95XzJx`^_k;>cXLd!!`WUn~Nm>zIQ((-gWd+;Ui*(d1m5D<4>W
z@w@4ci2WegD-%t^T)D6Mp)WT9UZ|EoFwM1ePj<o8H(%a#F$9RfL)+q3WX*r>F;Oe9
zU@BLWk)}4_Z2S=cN&+~O_Q&5+{4K-Za{Rpnf8~=p2djP8v$pU5B!4I5_uoF#gzp;A
z8LU2V6XBoP?RV9KjI-&pjlWk&C7zzzYC0!tD3NO=`>zGx0sg4-N;mpre@1Y=9l^h(
zzdWb33~eY}0ot(ta|lNp3fsaqoVIu#@Ebka+k6anq#?~O!4<h*co`-EwU=d^g@+s~
zuf_fk*X=iOa$MvN6};iV4G)Bt#-KjdSJ@vCKuVx(6Dh2Tc8~xf1Gk%)T91X~vlp_)
zPE_!JWInOXRL+*lmAqx~55RqSOR)QNyvigdjC4M=w)F9y6n2i8>Ro7Jn9i0f3I!b5
z<0^ka<N~l=yMkNT?D#M7z#x+IPWJ}7u(~bJ?s1fIa8UYq0R9$#9Y5_xz{;KG;x3d8
zEor@FFEW8C!GA`4ud<PO=Jy;8uM~lzfm>Lyb^^-cYt+AXAubv+=e$}PmCHp9nMgt=
z!YyuCyk`n1+nEG~wa5%N7-M6l8cU+XhTMC~XI39a<7lN54}=S+;lzep`5=9BqTQO&
zZg>F+?Uu}3ZjHCxhQ^L=jYqp<YL=mbnTgSM(KVBA(F8=MR6dJU&-kUPXO#RNUV8Sq
z=O~66%B2ceu)^y&&;lK3s*5+`<d;Nt2G%u=-5TFVCoNlzu~P$m@-gtl+&)e(FauIz
zZojes0lAdlPa+V$p2Lsw?Sbjj(LjH?GN?(YDkljLmut&`aG&Kkt=xlXxs=R|d^zg{
z1z1f(iN0(BDsRN+KyzWy<DR?<=*#cm18(Vvv9w!SIl90toz1Teqac%u__btomRl;1
zw7I2)kRw1K=0o5Ga~MUDvto1TJSXKIiE^<TE<yWO*W<^mhLxj<k1INB`9SEvs-Y|n
z#f|~oh4G6wpxVQ&5uo;A91IPX4iWrebfpN}358(i_VU8%V+N(%NLv7`^3b9L3k^;5
zo!f=!DIEfIrC7eN`*~A9wr64BY9W16Mn@VpG1B;t29-+<>97JBH7q)8Le=mvcN4@Y
z?SAbez^fzJ)x1GW`0B0wcF1~3ww<pz{ZBeg$6$Gs?_W51P;%Jqr6#TZbLUJPL%K+M
z8U1zPn{+k$137%zCt#}14bTMDKgOS%(VXrz)6!_J9zqkRkV1|l&!N&T!}?O9tq20?
z)h+`ih~H<bA5R7%Re!NK3Hj}b1Wb|No&boE-@cUt6?r$vZ(ky5>Mw<}NBJ#t*^~U1
zWk&Mblkh#A{Fa%k{B|>uz_#pKx{>^L3p`eS%RE$mD`3iR85#0h$z9~P0)YHhayi$X
zBz}?nmiQR?t<JF{QD+cj@NbGnY%`z8sIgM;w6vKo`B<Cz?xf@;ev#U0e#?-b%78V$
zsWM>ZnUDcXj#dUN`9(6|TNNR9Qo3<c`gD@LF^x=@dT<Y+TvVhz{0Ihm{}Y}A8=kr7
zR8I4v+|oRh(q$e>>DGr*dhk#R#EC>lDT<owCqn9H1vOmcl-ScUOvIEek(3hV+fhK4
zGD-*?iLl5h`C(*~nT(1kVZ%-&lxaN3$X0UWifKZvwW-ERtWN3L+cCx?K_%xPdEzG2
zSM7s~0T<Zk$Rbug=+mphoRVZm$()sER`14y8>~JqzcW6_?}PBGX%ZZ!=vM!QQyXn4
z(>l&$<C|w;2yfgXzwhL4wT?V?o5l|$lVfxV8fDzR87y@TmiqUQN@zaU7nk)4-;1#V
z8Y>q?XrBgFp;<ks$%#3bcXN1#+wd#v%Uh7nLpl+_CQ=!jl$9qDF+UI#vHle&Wbqhq
z<)V-gkaw%dTwhxp&{i=)z7%LY8&5`u739~5)7_A^$eRa5^)nW*gP2gh#eO2a@+vE7
z<R*(BsMKBxY=oP_K89A-8=Rs7V-{l|T>veQue?B+`dPk<ePs1+w10Rt#{4ECrhNH4
zl*u{ml@?9p%6R)Kx6)g|Z?kl?HNh5<S6Vv$sM1un`6Z+QUU)qa+x&41Ef@_cw?bAW
zi_QJl>!bxC_;0^9ibYQLmE?<Aw<sO*Xd=gYIMA6dvRi!%IVJsh6S9s}X;tqwq5W$0
zZW$7O1tl2eTgc057vQCW!Ig?iiD$a)w__=O8ms;W3tli4%qJlB1sWiXr?6ed+)28X
z?{TRZb4&d=Yzl9t2X)}O!tE04qOa5E+#%mD6u0}hB{bsp*vLoX8*P6pk(AWP_Z@gI
zps=-ogWVBLJWz1Avy48Q3}m^F>26P?+xRlz6Mh5`ye%Y|cp+w5S*^Uun63k-bJ&ky
zL9Tt$xwv`)>uomVELKxM;4YToQsYg7si6*>N@<vftwNojpxtyh@;9@OK<ennn;E{a
z2kHf_4}44yU$2w6fu`*%ZX%}IPHE>T;KYB*XrQX4#d4zxj1}E3w-nOtMia|nkgLZ-
zz1W}9Kiid~p*b!tV4;cHl1<dcCi<9dBJCG2mh#V_Z0=326;u7JL}Z$3t=j1)sLMtQ
zX?UNYZVM6%{RH(`keKHusMmtTHa|hLBaj&8CuGjni{$WY?W)y-TcY>3Of8G1mR(xQ
zZd1!_vX)ua@)Nd}9D7!OLAxa?Qr?qik#QX@Ubc=FukHk1Xfe{B!{J^6mPxUs8K9PO
z(a*ZszLllYDs+dR-8$rE^TJy8j6aG=F5{!wFC?C!W<T{NYtYLYeA?E4Wu@fK3fFzw
z(Jb@Q7!i+*(FIcAn$`N6vW9_{{7|N1r_K8m2!N3{Z@Ju^$X@DlJ?e5h>LT=gz#aAq
zFxjvPK&9J-X`Ie{;+cEOl%?Oo{{h`-mXK8Ca(w48=Hrl-0bUW*+@iDBtc7HwCBbY!
z@QimhLGq8Zqm-D*<2Y;^z6+#05gVn4H;<%wdhxz=pCW16%dd=+xFSB&vHxC2`YN%f
zrc>B#o7bGJEAoB*3ayw1W&)F2^uA7-bolScE0EEE16-n=$-<fuHxpUVrj*kU+^WRQ
z+^b@@!{(A3ykqBf74e~if5i?)_o73ET8gA19eyd%xzX6kqi?k!WH@OSpjkXDNe-kN
z>^g*{3vIMFx{YDmZHE>pa5snTR})1)Px=vej!k|fzLEOtacZ{dDB1ut8oUZ$%Zr%K
zh$ig$O+KDTB(m;e*59^SKc-bKY)#C6eJq46(S;tjL~Zp&TIfnuK^k%63LlAYWcyv4
zEpYw6qctgqV^+pPg;$4U;BZLH;E<?v02B=i2_Jt#rv7Z(3h1BN#P<hN@lA<<NO%(&
z2N)X>b5dv=8wn=m5yPY`k9czs;(?-vHD|<4k}^`Vboihx^RTGtg&wTJ4J|1(qQ5vY
zD0tyRh|aN>b|_2aKevco<=4PWxRzA+tpQJ<xvZ|Q!usjjWvRYeywQ?WKU=(%@iU&T
z(DgO=#J)gMPSOL-5;|r>Pi^;9_y`gIxu7HXP@>9zN+U~cQ)r^$Y+VIzJd1hCuVG_x
zr<%{9QLLi3opC}zOnFj46zLL!!2?Up(!HCQ#o$?5SZx5(c(-yTgzTF7BVKjvWXIgM
zDw;^ILvS*ZD~e~L_caT63oj|j!e5|Pxn1e`ow;4gqeU`$=zFCplNfU=Pa{sH3*{=k
zbVb7KgT_VYC>!iKibjTMfTw{0%;%0|U_!UZq(vm=J@XS#{)LeF;8e~j*PdbVcm;>c
zLwUB*)CSdqA;Y3ktIO=D{06a%3iN~1UECmEs;52E373lK!a3KR=)MY#7oFsW%m|UW
zuiF=C0@i`E2lQ_n_L__vSz9lzz$3LdsCm@Hr(|8?56zP#;Fn>$a|lFxx>OJ0ltltO
zwZF$IiIwNy5d$!@OeDuL*26YPoQ$2zPRCFX7iAOY#c;Qf4zAyX{Dzv{b#yB@mxDB8
zJ>>pPLj`voUF^o*fc$(BpiP`V2y++DUBSWZg}9{chaS76iv5J}?y35DC=EQ-W^6@!
z>#t_f%b|59H|wbME76s%{Tpz|u-!`ikZ(~d|9F>2_Mb$Kd9So=)evse29>+ut$miI
zc)~pZ9MoO{zn=<ECfFZZmFioROZAM*O!bYF%LhWeYos%U_oj>GL6EY58Ej-scrwP#
z8dn1ULQnNfu<9w1{#IX$&+s5rTemDJtZA%D*vg2cBjgXVz&$bc%58R_1v=2&Fo*bf
z81gZ6lvjg}xgYw>0e1ogt8g>MHrrBsh46ZM<@~G%61*Jp*BunL3ya!lz;~<NMe$`5
zHW$=<kz?N1HpIvy(4Ay2gv|(P$rcXz7#kX?zh_e?qt$-RDK05$Cm;o`sY}~KE30-c
z{NbzdGw7SPpHU?IBZU7u;Q?AcK+6YxBL|e1!Mxc>XMmQUUEUwj-pXj384aHI((^v!
zxs{&VjHek02x)+P<Bn*XhzkorHcTT*M;a1!zl!&!@LXx_uNd|l@Pen#Q^)zM(~@bL
zfjv9qoSt(As!G1i1GkJ_bZPvh1uOI|U9oBymp*L?egMeooIhucjZzrP8rksh&jT9%
z&3_2^d;n|VhA6h~*D-haq)6O9h<j8VR~l>Foi*r}t{6QJKdbUV&uF1~C8DTJox~%r
z;J=$;zh1WO=q}`Rcbrq-n(PX5);so~JjwSA1E0q5*x-9(DD}hEEA%BLJPtGgfE%ZC
z&d0PHgH(X?2&U<`!R~X5=lilC3^eb^@a47tM3_C3e+kB((DfoD*Rx0Vft($NvG>F3
z)q-f@FC`!2`BTzU;qdjOpq$$^am*Yv5;78r)H1j<_5|j5+COZXr-d&8{8;>*h`+V?
z8^9krSdJ@c1P6?U9QK_Gmw9LLSH9E_e?-Lm+AeiEh?!s8SDi)bELP_jIvf9sl*+HY
zTw#}}^G0><ROfDWzNXIi)!C)aV|0XqxYJS)D4}-~70RlY0mWwW&Po;W_{5g;Yov=6
zk_#oYN^~J0dB5%6{I2Ht)gN1Lq~DD*>@lbLc#QvEyp=H<dB22xuhfPa=9q53kHn)S
zu`WxxeL;U_5xG9MQcySil`d~sE1IOqCC|z#X6M1&{rZErYT)hYUdH#sK{(+gzfnHd
zmm}cvAKqngO=Nc+6Jd2(#<cD3I=Ygj=2E=?IO4foh(JR0cuubpRkh)G59bcnA-aci
zKKn~$|K#Z>SZ8Ts*KjdpN9v5VtC*|aiKKYl4Y?+=Ca&5RzSGg|6v?9;=uR??_6!$I
zDF>WOKWq3H1$a_F4!u0ruJz}l7OMH7kx&ey{+Ll$R-a^@B$MzeY&fKJS-r_u0Rgtv
z(a4Mc<goY(!oBqevW;52b#&cICtKEA&!vB8rnio+&`T3i{UuvQNCL(gu9xSe2;QLJ
zjV3U<{KC58I^2^tb6sJ-P%C37a78-<{c;Gs=oh-ebxF4(fJ^z%pu3K)=yOOwZr7>#
zYU!gOXz^>3=K7an+Uv%c;zb}WEu*DX*CSz~v#aMUieBE7F{J%6?sP2IeqlSk2Dm53
z;ZP5R#%LJ~jZYvqEn9U>1~mjc%=%NLl78*&Y(u|xt;|=0jETG#WblSK=PlTqxfIQ<
z<){PCMORo&&Y5B6+~?LVq|6h{8Uq`cHPLoq+;PT@GT@D98N<9ejq^8I?->K@5i_-y
zqnlw0Z)GksJi`|{Wi)`wSzJ$k0%Q8@oV^@9&HGA&Y)cnM3gh-o9nU!%<+aNAWw%7*
zmt{kqfnRDZ86<qcrMWy8=gkKqNJm~K{%*;}x=dpJcL)#U;<93H_#0%^g@#b>d?eRp
zH8IQ)j6$_K5ZEq_TJ3j8Ha}{h@DrFa@wlB4joU+|OWk#JF+2~W7vq+$j@zX`bJ}ss
z02#N>z3_3XrDe3Vy$qFU$1V3MpF`c-q;Hje?qS?&ZDd4)vew?O1651+wRB&{?HMuG
znb#p~x@fj}MUKte5=7gcta78KPad?-y-m459~5dkSmItPsN?8tC%jtkuQtq$3(VZ0
zYv;zH><P>X0vqSV;S9r^IFc^rgd{X`B9g(iOS>_K?BTe>;t@wsVPd0%D;ZD?4s-Bg
z&Ox*{X<a<0m>zSA$owDAshKjT*lE$6V%ff+sB=n?@C6s0Q^z7gG^gzMKVeQ`-ld$I
z(H0$S!?<<37B*q;U>jT8H3=Y@r@mpRKx6k^#uQ94><BVhl@oA<RsG&X>alw<cGsg9
z!h1p8sALRnQWgdc8R{9sST3w7QbD2}+Z2n%*pEm9=ruO!qXD5bAl`1CfYuuPg>J*W
z%5O<!+Nv-9Hz<1?F*{m8aDwz2<OGF+3+Y6g(Tm`jx*3(s&`zG!kMOXa@p?wOy*|7P
z6MERr%<^O-Ioqvqn=<IirUnkTGjO<(8LVCn1ZFfPY&;4B^A~PabdA3n{lI_jBr#im
zIY}0@!=~)XQsGOPnKv{STiGsdVw<sv9Y5Z!-L56SH-P}6^fO8uqwH7x77(aOdDT-s
z7JX`A>rO>swe>Q&ziz{T3&+P*a636>hf9gr`9iesCL>(?PboKiIk3wmD=^=${1H_w
zj<goA4}BYgYqzroMQB=8D4tO7lvv#HYKCzv$)9u9b86Uo%#!iSc9Jbo&Yv|-8<K_a
zWyoC1-)+|`{XNO<j&{8ZPjB4v#&OJ+m(i13-fXnxwY%M%-R)ur8&sr!6oagYDewv#
z_sTP1xip;+RM^cj;UcS$9rIvj=={CxmrYD=ng^p~(&dpyhC$?!(I`6(-B32lEP|eK
zsFP{GJ3zyo<oFi}Mu)ynEF0>;Y^XssmFIeC)6BDVKfN*8*PtM5zjYkBUga5%2+Bc5
zFn$W?uXshuK?D}9Jb^67Mi^2#1r>uZ<mV*N<mb2@EV8eM+dNs=hBMxJS?_Rf$&+n@
z5>Z&oL{eY(3a7Gp)_M?GiC=aRgVol5j~KvD3TrES46wFz_qL{Oaf|hfQ7^;h8IM=5
z5SFT60%!1^sc|rC)9WuozPN>fYiyc4r76;yLhE;ksb8`x?j&>e<#)W_on+a*{Eowb
zANd1QO{j3?@YECAX&&;SZh(6^(}o{H2&N%XgMdsw3>(NLP_m}WtZ~+^5g{020+q7h
z@&fbamYM%R@8*%x%><<z-w&to2Lp}D(QIdU%JeKWo*sHi^x!oM#dolJBHG@IwI;)T
zz$tI|rnM#f&O;p95>~_{8tn;}M+t>C4bj>m#)NgR@_FVS+l$$PV06T_tPFSrx-yVx
z+eyL{MA}q)6_d(_=bQY(zBc?;^zrTJ<9>d8(p$d-J;(v~Vz@)IJYe!c<h|3Kyp2Un
z3dzGQ=qTCWK+Xm)MUMQyfOs2X;eqX~bW-)V!vUKU{tt=X7Nqe+u8wXH5Zz0e(+2f>
zdM2qJkrj!EU*?79oP<7+{+?tZL(AMrW-rlJqvKiR&`cK+ztv$4nF1#|gA}6<<zx6D
z)H);}ig2K(1%^imTP<V2?$ZTNJ(AT}=38;VNR?u{ri3NZu!b*To3YVP;Kx-BO`P$1
zwUUT%A|s3yYOe#{o33Nqkzd39+vy@L*%t%IZh<<di1H(uy6!I?nNEbSqF&^s{A!ES
zKdf?m-b>(_K{v{f(+!kCQF(k^z`eX|-|=QCt-{IC%HEC(^xz~>R%qU?WiyBn=@fii
zj%tbzjLAD$TZUHI1{4JIOhkQGxswdWvuxoTkVKhig+&Z?con;v^d;?Ji{<p#_5x>&
zvuuhhpkpj&j4R~aJkaAQ5CDc5Yj->phV5Wts8>TwiaZ3}n#I_imXD^0trz7qbm)Xv
znkPM~VtM&=1;1Rm!@S(Y2Bnp>t5A@6vkC9N>XSH$mr*?(Y{sEFWsR+4+jY<>y-54;
zNQ7O4CU8sh!gXwl<9S#eR+6CQu2g?B@NNp<!boep;#iBT4{s^N4gZA!=!n{-+%m*h
z^xnk|0;Qo_yOWVPHiv=BY_x$JUIS2gC}vQtj;|c8^}hiGFd+m9Y6}pu!QzjkPDh8+
zMfnox?msT?`59L`k@rBwN?0%mcx&$<vK!w`{4pE1umw5LMB>2@nvD?1R&89?i+ww1
z+P+=1Ti?niGwxe%2-vqgK>WM<_U&4{nV)grj?}iI2AiY;aX&BGy`K#z?z8upKBKFv
z!*X|0JhCoG!z5ekMro<{GSyj817<K3Zi?Y(!5gCXlC3z_l|m?6WLaV4OZS<3Zo|>t
z+mPG8e?lAHyvH`Yfo&*Ni`#H?_ck=3xDB_NHl(X<c)U9)9=2gY+eWJXX_n3VDd|u+
z_oX;umtm(~;p1sfxi219d0l6h<N@~jZ^WQecA!#6UQ_7DStxAj_ap)tn5F+EpJWnL
zj6AL!!}{a6Y{McXL)OugE3Yy>ikXFq>kKU)Ym$fnGD;$1ukw%y60S1}lHGe53@`Im
zd9<)Jk)^=sacfQhS}f!QFpI>ayXNfnz&RcdXGRijcS83W?MPj#zT=dBqjU~-1N1}>
z=b=3740+;)W7g;*@%xY?_>S##()H`%V9rkxN|)fl2U2*UM?lzSw%r*~40n>TwTJav
zBYBmRSOl7z`>_4simX*)YYfe|!ZX+0uDsqq2;m{6)4c=MqaG(uI(Hgar1zs7H=GGl
ziFNM=qNM8<_rfL8(#abE97c~aCa*%elZ+;~ty_%N#ZeWZ1<fj`%tL8)Cc>efB!*?*
z6={D$u9M*T%TX+9D{_8%9D9t$yjrruS+`SCBQP81Rfc+s@IpL3>VH9a8QG4(%a8L?
ztYq7Y$1KP2=0_tMFi9ApF>BC;&Ht!M<u5)!Q9atyPZbunRX3o=s(*dl$~02-9jG|^
z{AM^Q+$$?q@X(=f{Der`rbNGm=b!E*fx|d~bSHm+FSC;_EIicm<sU}@!k05&%a?y$
zpx}m?UZMKZha7^s3NKFN1HmJ(cmQw86JC!tL_6B@3xn8rGArRl&}&2ny(T?|7qb32
z_yiLJ&4N$H;)Byn;&U1BNn3ny5{e_WKXEQR0}g0|sgA))l%OXDa*~rj^bfX_=^hzd
zDF+Of>RM^P_#1CRJD_jaG{UIRQVl(diz;MK4CJ+y|2epj<(9HGN#W*X4RiBfS#GL+
z3!QZRRyZK<Fe(v#7K0O?)Rp=iKXv}DL|yjbJdvZ3v@o#H4|xiFY~J<!kUR8bp0ErA
z&1A_IM+jd)XfyOTGs>63%9+@iQLW~zMk5VMIjd35zP23TDF_xNYvtd;^A3Th6<L#%
zpXA$VqGjpFX&Q~kUmHXXF(us6_<gvAbtMLXmZr3;<n%0w?PM)R*_=mSacfScIpc1Z
zoaWEn^J%`AEDO3;40e$SvsLLz#o-crFqYw$&;W9ZMp{eR<DqbAPXjs&IM06tP*&bf
zRjqPt()*AGFV$}47OyoZTuat=;8^Sccb*a?@=94*0dBi021Afg^{>X=R7F71scht`
zLtd0Jin(ZGZ~bXpL-9-zsW4IZ<(D!FBJRsCWE4^zUw-wBQ)Lva%aG`UGHnjZQ#Yg0
zHEn)olL#%&*2Hp(dbW%uU*^Son{aa!b%VwR-V%k*#)*YoD!?VWyivz%$x?M=UiB?(
z8fj#o5LMl1hzSjjtZbE64gbi*;)ZA<(v!vxsED0iQ8nf>1!x%Zy;$<X=x=8p#~aT^
zPe*g`Y?SVFM@bTp+l8g|zkyZIc(y$KVRrO>NsrSp>=dClhW$X3=wT+$HF>_S#rxsc
z(eZ=6oSf^qvgkGFdS&nQg&!st1yruO2n{4B<f+0~Dm7=ctvd7xEF-VPPfac%cw2^B
zQ+N(`9U)2sJ$az1PO%4w0EHlwp%g-qp^%1F&@L}x-<ondT_q!$q@YQ>@Qy$)L+4br
z1g|Mi&?rf3kVPANedn|_iPE}1_H^I_f&+#WjY@dM40?Xes-fS2NC*-c&5?U!(iD~9
zY*hISQ2!E9SL=Wxs}b~dE~OplY^m-_9E4HGN)<-?{Q-8onLMKDsX;7%=c=8j$YLrD
zfO(mgGg9jK6mmT(6@vQO|4?24)C-tTL>6ySWT=_HW_6^b^H@~ee%MPh3Y4m6L;A&h
z8L>D48xDPV8&Z;;3oRwZU2VCjzPI9wJ0{W|CYR#G*4&hQpu4>ao9O+bXiT*;%tCn5
z!bcm66Mp7ww0w8AvVqfmS`im%0PV5p8p#|ucPV1jT%*a#c$D=H2(94gjA#YZ_)<Gk
z2O{jtZ$uq9R#VQ&NIM^CMIoYgD)PsbDp@hmm?J@EYm2|}14x_gd1YzFs_QDhKs(P@
z5CUV6m?6RHG5&Q`=ZM;lvdp!hBT%I&f_Yl>NsRi};73QjTiBX&iwKh|SRkaM^ZdSr
z{lS)@*@3jwR@^d_zG=>^8p_}V>wL~TxH1XW-~<UwV$;C4zuXN@<{)6diO3G_5K^(i
zkP5nk(@%V~!SwT7)B53qGS5X3Mz=1axWu;eotL3*AozCvB{gBd(R7_*6|Cp@f!7tR
zguXeQ_=UBEp7l>$RkW_(&I*7Bh-k+Y?HUQhnk6p#p878PN#7IWsP7r<OQgyuIt-n`
zz6SsAgruVy@^N-H^k2JH3iH9)(-U-MR{ELic(I6|#TD>?5Yx^nVvhgJEA<6BYPE@>
z-XqkQ?jD->Fc<0sA7Z68ewe?+W%@SP%>3}-M%wyI0=6kzgN7}RfD7k9D!t7PB(Jcw
zeh0IMT{2Y+(Q7Tx!FDtN%O@l7a@kp4(OxeT;C8JO;zsjsfwU<xGHn_@0VMDOD}H$y
zg>|5<3+$QD|Aa<sD@>J%f7q{n0Z0y3zsX<bOWx%gyhX#gfGYfeRk+!z*KjWQL$mZL
zp%I9U9%HSw&9wc_D%2haY!e%^sGriJ+7&BJSJ2%<S4jP)Z+lJchreQ>$#qQ>3887N
zjk-4cJyw&-FY#0V2%FpL8YEz>E6@1(FYdI_gV9IB1u$-g4aisLe=1t+5F~VeJPyZ-
z5{E-d_B0f?v`h#AS$1t3uoyfH);QHar4KnT2Bi;KvuIv0nJ<Zz3Ywg({#eR69qG!P
zBU^BMeG>4izKKZ68qIziAC-RE_)+Av<@|+n<%7DLL)cTQ#}!m-zeP(@jdL*J7lnT!
zw2A4JMtaVVQRWcKltwOqCk%5~81VM_tJtSqZm^CY^?xJwupAbLuZhC>QUBO(;XGx7
z`OTpI?+rno@Y~1?<8TXW`59ZwKo0m&`+FPUa%R_zt??^RvoH+|-N`$VFE~5>=o-ye
zFZd6%mNEeuIR~tN98oYUA(g_LM@$MwMC*U!P`f7@S)s=aQ(=})I&7lTn$lugbuSYJ
z02*5M613SC%st(2024M&m`4PBvmv5y)?B|qHi=7(Vlsh1lGCUAjhOF_&v+PDj_)wM
zn7N$k@xz?yX)yw2c^1k71<DTtRi1toa2{qqdo%#)tv>_36OByiTdf377>5>X_P*9d
zK(JdX-6+4IfUvL=O<#UR*$YRLs3+r5qAdMR0J9f>d;q|XgISNp4(zSI7ageJ_~bCM
z`COM&rX3|a>0AKV0s@eaZ7RF<7PVFHLw42tr|lGi7718KJ?`Y1RN&Z0KYGxg6s{7N
zo(ouN<b;RPe=5A9BA;LZn67lKBw0KnN&XARlAbW1$vJ@y0^Qx{U_za7&+Cxp;D<9f
z+!C~~CfdrnCn3)@V&^On{3H;Ak#i)OPsP?5sIuRve~GcHd)gK!TX2dPYfTYlg_6p_
zND^L(&X>Gm${H@Fh9mQ5Pl`+2eFwM0oQ1?efch&}!f-2}*ThOI$LA>&H=dX-3OodX
z)iYTf)nTwO+Q431Y!{y|Ipl-V@JKo+mB&x$-Fy)_Et6BhuP_scsj8PC9~>N;WZeed
zUH$oD9wdW9XXbwQ3V8x+M+jzcN{QWjDsh3PG$lzf5o&x)t9lvne_foL8x}aRrABO@
zl(PwagzZ9msSKW$J(CabL;Rrfb^JEZbT@tjZum|7K)1g%oSW%}-_nrq+i+XpzaMT#
zDyqAwYjLLYY=L}dr60|Qx@W^8a>uE8RB71F6^Pb$0~GZawpS-0GgKvXxnnRm!@;2>
znKR<*qAy2nUxF74s#mgtSW5k&BiyhT1q_V@(t|;1q%sSLO>|APRNshLZZ_;jc=Z;h
z*avy$#1xZ^sNCY4&<xsgrC~{jJ1fRtR{!XW-EbD$r-&0yDQPT_x`x9jzBpkE>_};O
zsGk&ghb^#tSoO2;z$}`{0S{mB_F^(|+9Xa(V(F<|*{?pubZ!7k9zDQ8=)2zCI+OJM
zNmd8)q!zz)uI@fWVC0Sc%5F3$lR6QV97Fp-LXl{=dEb6Dx+#Q$Yp$C8Pc%*k>T?TW
zxn16TT!$;QK?IWucLGyC{0@HeX+8)I!N_;vvGa9?GrR0~lnWehT26bQ)Cyh@REa}8
zT#CHOj^HeQHY%d*NW`O$12=CyDN980Wm@RW6CT}UBP)j4z?@}B8QtATS?w9rYQvs*
zX-(>f{cO@C4cnIhY~h8fgmdZJ(`MsShUAC~^yu1J_PXJKt)=qK<hk~jdb0GWo=oLS
z+KSZkQj~3UHU0xZ5Nv*$POAQ&aKI<0oEIY>%Bnrw(K)o3^YUe3dxE}mpr!PCSH*s-
zRaFC{vu`C#FuES473Q{irf&j=4hx^cS(wJ6f{0P=0M`}{0&!RDb?GvL@+j|vOu;!o
z<{%Lp!m$-m5^i-h$Rg1k8dV@fcM8u71JaB~sKPRH71aw|h`bV=BM?>pP+^~j;(8pT
zf-j_2ib;s24qrUJ)<DX=&ILXP5+BOFR-3UvH<EiTOsM{^V?b`#LA%Ml5=&m=9yk%i
zd8ccW$iQarO$Mf@_~8g^ksMoce+N4PZe1ge{Vw(@1`pj3uVRZvv3SVPbH3nAgMOVa
zQB1wj5s#~bWL!xdjVzRDe9czwbm%VVY|~71_b_G9*VFHTG_4;V*jO*Qkc1ABIa3Ii
zGF(J)^0jNay?Sb>%L|twA{glfpgej>Mz;}O{WEM7Eau{(%5?3_D!AbxNNC%Gfl3u*
zoa&x`v9t#<j^-Jo`I3{)Gi^Kcqw_H4l1m!ej^j{a46eW~M(vyWLZ!zZD;km`I|^`5
zbobVN+{=n=6w*z(BBJ+ygyq+pNSc!$9wDunkf0nxK*aZW$sOfq*(`4|TSjCon`6z`
z)BUByc)|P23L0L?<n;T?I6NAyl0Q0xuI?`nglJEE*K@bI)B~eKuk9Ur?EX>v=6J}v
zy!EVq)HjUeOS)*^8PbNT@DE`0jM(;W#B#$KWM!9nz3wFaS`Ib~=O8<pm(I<if)+Ko
zHp$gE9rmw8D4AZmd+N45j(bh)ho?05lw7)t$NgyxmvJv&dmi^^AmX&+{&T1i$Gx~{
zX1aFVgWXzzgj(Zh-CQE$oES!J$uz#COpbFbEzVNXN{;h>GtQecr7IS-WblejE)!mc
z1>KtUHN*b<<{nJLy*Sx+qc!P9v=%q9sed2JUCO->Qd~)+wrKbYHr6lVv3woJqKsuP
zypZivsD2P2uli~H3e#5G1`Ib~EAe@@lFW6re~wQhM}ck9*D!6bq)k=tkJ46~?n-R2
zRwGXJC*Z$RlCfrpW|xeyEv&5~au^S;*oAzE^dV%ToL8ZP%l+itl!F_^HF)tV=@=Q$
z_<=ldi>>BHyL-O~$)ucUCVfFGL3#brz@PRkO4-eqkoD?=fIL;YV(luJZR}3XIj0Rb
zii<c?6__lmYgg~wt_$zlg}Xf5@XZElXiWHnS0cZI(buWU?U<9ZSIjvBV<QtOsipFI
z&H?iR6D{RZCL2^fjc7QR(iIz$%{i4P0D-NZ30~{{Nd_^ale;T$+~CDJhEm>Ely?Zn
zmNZ}uZ^q&BZY2*VAB2aZp-SP(<_I87RhqeICODF{ftcS~5xx?wQ$Ei1g4%mfa7Jlf
zcr(7kS21X~G4%|@m9&}^I&zv+qT@a)${xOtV}yLdGPsADvG0R*{WEwEcaj}2+^y`1
zn+eZFIgs6uFR3$VS1y2EuJAALKd6z-eYBKQUg+eIrL)wV?S|(eoh5c0K)Mt~^YcdX
zX(FeJ<|pI$(o)I!c`))j3^?-EH^)}KJRg^ZxEM8;7G)M?Go>YqQpH@kEmIm9&&m>y
zCo^P~!pQIz?lj|d4EY?+x=JqHV|l1s$dWc9w|ENT!3A@eCiP2WT;^b<o^u9`MINuY
z$#Iq;z1df+#e?z17Tkte{1`HJ+f!RR(!oBPU`hf1oJAKvKOX~U?TUPRT1L;R;Zw3h
zOM+6kb|Fqg7wLwiJU=L%w02>;Um7(#6ogOEU`uH%0-OXu0ehGc1z<{j4|ShkSeq}O
zAIw>kFP{Syi9n>Q&A1-GLRHlIXAF{NTlxXnp&pxS2Bm7Grx+=jeWvm^bnN`jW)_gi
z%&9yo*+lnyww%AL4HYyC5cf}Kq54O#U1crne-5;6Rc_;#(3jkcf;4kbiQnJWl7(fo
zY=t93mb0OBwj;HxUqjv6Ie-szq<6HZ0nKHGKrUpIwUelk$8?=p&LJo37(24xNjc7D
zQrb-{jY6bwHkUwt%+a+FLWJ`<^5nQoZOBzFXP?Gea$jazkT`Ks7tRZ-8!Aw}213o+
z>2*Uz8G*yZ@WB`_MmLn0(1-@ZqW#ISICtG`fAY$I(*EQ!Aer2sY_q!;SS~EC2sK<4
zd)1mDP0hftb+pNW;8f#K<|<*N!xsX7(qSBTE`&lz%50&qODdJjw-VijS=T&*G^l1j
zc}xVNZHP4J_Ef5EDJv-WqDMf@5j`T<*m<QwY7@G^U9n1_e3+}s=dLOm>zZ^l@Z`V$
z{k`iBu7*#eO*WjB$V8-$=4$rw3Ah0%Cv`qXA~`9#d*Gz@w13c~e)xJ0O}&DzXNGSi
zAm*dqOt0`!^0j9^>Ka6xmXEr}jCOIsN71!>REHa0jf7MAs3S4Az4gQ}qSH*{OUfjj
zejD1|@==#3_$ZRnO!xqZ*6`Vx($WJ?0$Vk43}&;_fxq@W{4p&0W1Q$a=^{7W>C0tG
zhvK}sbU5j_nkEwxfB5S_sEV{rY4xc^O?u;3*arLJ_Sq1L#9??Cf*+Ww2hq><X#fS%
zo{x(&LkSeCJ}{#NLqHjc7MVaBdx~?LG=pQ0de_i#V0oIX@+W*YC<jAhiUsXO!P=~+
z9ZqRX+6Vc2&T8a;6!JIc7PZ%*r(lMfx5`_}v$F9mY#6ErgF_Y8tlp`3cvok3J*w2y
zk#0{9@m?GBy>br*YNuNk_GVZq&1k<Xo$Yk?Il#PWTch6jCTX-2T`9f(RkR@5D?|V;
z_9S7@AYMQyq+N_8SlXL20>UY0X_1DitYe7rV|x5G_6|lST`R8_kI3t#3zL0%6O(Ve
zm#L;`ev3M{!r9k{uy5Jd`~dDRqMv<TM!VX+X5f^*X0*7k-S9Xj!wf8{;yBW>?|BC$
z+4qvo9{Qd+?xpWjLl6Z?Dacd%;suQZYN7vA#=+<w#{sqHH%UWB<KRBDdgC}ySYjLy
z&@c`N;y8dzjGxnvgRe6V#sOU&2N+Z0QSEi<U)(kS2>Ty<C%VdEDmlKykYl=gAjf;$
z*J@fn{2232(qpk3Lm4RLQQ^lKyeApxH;6y@3UMK<>U6_T5k+A|P%py6gDBP_Z=n1C
zqlMP8^oZ6nmM?LY)?(<T!WA5Zs;)o5Pf^$B1P#T@{L-T1#WmXvsenKHQlqo}6bX`E
zB^>HVD(?Gwl&LC-!m_T$U67<wzt87yjooHg?z#~JRD)Ftq3N~pYo_t(?xFGbv=(Yo
zKm2TC+uyyn*8Ub-TX?LKf!6csC4CdI8}yP0+PhxTa(9xYRQ?3wDLZ<KAZHt(^s4R0
zW27Hhlc*n=(wFoq$C*w6i6|Ih+B(yIbpOuw)1-d*Wof@y&#)#|j+9<eM>IZzq@Lm7
z<a><3tp05v;)eGkgT0(cs?4|7$<EXB$Q@=!kMqbEA+vBlEcoH~@uR0IJYAEF8;>Vh
z7?uk+{07Rap2MVHC+Y-!iy)p3DG2TBVFv))irhQu;Y)~zQgYOwF~=^5<2wtmS9>eR
z{v>mc4zCuTZ2ac%YT*&;*Nu069O7g~FO+g}6j|L&T+BJA1~h9x@&GhZ0BpJ~#Elby
zXc3rb^yQ&hKv#F36XQ6dyCupSo59@pvgn*JhzjTV=pBfIGeSH>vD?`w-lgc$^HM!1
zOr%#F6X&Zzsd<|8Gp3~P)3(-qit;}f3GHB~pkBIDJ^+V%p8`_lboH}v%#kT*87pVG
z$f6s58>y7g#k6g?%n6RpXihMduMIPb(LrJ_twaMjq@47a`LN#12fBafe9)wR_&pA)
zBrO+nUn^ZTPb_9P$2nwwz<7Hi>h}{RpeAlyw_~MlEGeoRBlr?c>Gru^DY6R8AhCI@
zEkyo-=QYP64>_;7)YO%3Btx8XUc-R@H|I5q3UnEz?Gm&^Y@{`u*X(55pbzQV^BVC)
z=QXo5&@O=z*mz#^B56yhqdBi(G+(oo^BQe;-dW&3X|vawHlvF+JBVJ`52C9ZDY51@
zouRTvq`RjzR2B(jB?=dPs#AoI?`?d1hi!oIAuig2uALY?Q2$3_Gclqy|9Gh{5s$_W
z6Zw)<$BxNInH!on_#PsV4*=`ngG&A$nbyBcSoj-!&IcdtX`D&M#Gcf^p|!(k!*ewa
z^yI#XX>6`0%+f6Ml1p(=qr#@W(gb}&LE2j~9Zsc-i*S(vd|oRB947igip|W8pyG-&
zn1wfDG7l6M`L)|Hxi)yX4MP-mZcpM}Trv1AS8;{D1?w;**PNtIiTcs@fxY@PP*`X(
z6@gERj1c85E<eW9W?}6w$jf@5mM<F(?q|?K4*(BTj`I&h-gz<SAI<<`IVd9x&37m1
z*8YG*&E)_J6WqLI#IWB$%kZyo0gd5Fp{U-SgV9cB@gYVY>V|)nLPNfnheLGrhTOcx
zzH$0wuP0|@)8d1xW?snaw!3<;WmDW_KutkF_YJUlK5WY;^Nvb?Un(8d`GnodU^wec
zH&JJ9TBg*Q;Zuq<dzC45ZsPd#LK=2rEyWvhqZ0dQODV4NiPPdEb-vlu8CwRH{rq)4
z&0bXGkb#!K58-fbin~!qlA7%SpTIatODOSv^hZo~pgZ|vxU-&Z!m~}vXHq9GEj)&V
zh(Vi4MlOwL<jP^>OknB;d<EeKN);q`R-K73RpJ2f2!u_@vhG5`QlpUW&|pW{!qJN|
zNjHw*M8rR#eOHm#LGDBsv`_BD;>?L|Z3Yun)1TRsWj^G={P;c!|Eba(`N4ah!Zk(V
z2l<3>*ELPXmxk{V>%)M0kTpxye?li+-$kc2RsX5D>H5#$0%?}<A>{v3_OB@Bd18~U
zdn~ITy`%lr!-1vxV*SDD;|HT;IsEqYvN}v)w4qXRIIM*y0fI&nK!nr}Mcdv$&Q>9V
z4m3T{w4v=dRuJ{lImllzhnxW>8F2UqV@0umg@cIIrpp59vK+e1k*-#p`!MJXIk#Y(
zbQ_b^npUo9GO;MYG4&2(?^?2eHg{xkNAolmcO>5_fh<S^{hG)|IAD&%WC^=;!0a|&
zUT?+=U5uAC^kTfwt#!+IId6~S1$+_JDmg-4z9kwH7zIB!)fU$dSvI7|Sf(AXZ_x6m
zjMtKsf88F-zb7vLAzMC2=zU0H_b(3t8;r?^i4?}3zU`VA-!k^PMxJ-b;m(wpd6YX_
zb;;G!XHIqaNCD_<hOpDczoE-^G~v?G4A@Z<YYo7s$>Et6-i^duI0zNSx{oFLt;5mR
zV<XYmX%_ay@d);&h5TZ@G#};Dm)d-`*fdYtd?qaH9-GhA4f)(C{QeS~&t{wE37gLf
z3;VLo=U)=}fQ>ixT5R*V#-=&letpTNezQqU8sRy|v6Jvm?8OX(2P2d4-@slBgx4ai
z`TPaYF`p}A=vR=XfxZQK$|sEu87<&P&;u9}kFuwf9vy~qPD;=tuEjW<<$Rxy%cLvd
zs`5OOHo(bOYF_AdhO_r2??mqtF1^nH)B9%rV8%QKAP{<-PP+aC9D~=T!0Y7a!AofS
zAX-PVDIa0btpY7P(De$`gu44`O-pcPF}R~6L0#jdbW}AE{#eR30?ALY9>k0;)6liJ
z`3`w*(z2K~F|wsxOfl4JDHk+;2@$n<L!zRD(1l^P$sna(w{LtBa5o$TtL;^w+nU?>
z6ab#9-@o8@O1^b1^qi-#*XO@*K9X!=YW-qV{bB~yhe04V?l;p(Z9H!__a|t)>YoV<
z3467L&G;-}3kW;k!UhN%By6pP9ZXo6unR2gWWt6BdyR#iN7yi77g|`Iu$hEiWMS74
z)<Ias!ahh?Ct(*`*xiK9BJ2_i`yOEh!m1Yb6k*UePHn7NSkr$2)<xJl3o8=VOW1k~
z8zyWvVV7FiQH0GQ?6np)L0BJQud}cUVfzqvnT5TPuzd;JU}5hgY%XDw7WOg1<`H(e
zg?)vv0mAALOlcnvf^JOEEZVLn)!{?#T=V82{8^l}Zsb64D=7@6b=P2m=u_z{HRj61
zaMLKFxwBjbok;`&+cbEjKq{|9F15SmL^s;EpTfCHJ<F?+Ir%WUSXU3E7wanB+TkqD
zm|ZR>bT1_!w`*>``V-W1ip8M}irP@^y&LP=GoVFcd`M+(BTmN=P8anou>)87CX7q{
zzfn`3q!^kf-oxBUx}s=7EwIRc0MMcz6I|j!u-q9QLp0HDY(Kldwk!TwzmIrA(63*z
zRa1Jm>S=s?;ajuVw>7&P@rqlj{wt#5g;yI`lZ92!ur*>if%7=#@5^F(hqe3;#<0An
zaDYZKS*ZX)$=jV|2~w8aUKu*et6YpgVPoWB@f?h9=#%86fVFcGnD<lWm2wMe#+h^F
z)d;Kn8mMOC&)PlkODz|Nz|fS(dPsRopgMx*kEO`9$RFxJ@%!gezUU5hq_U<&j;lgP
zy3pYlI)aT}l+RF4wrkpi>GI2>5ayqJYCVyCdLZ%adIIiGpD7Lo+tclSdoZPG&O`M(
z@W`zRN;Z)MWue`oVeN?qYR@JbYgg1*Ddp?Oi+E~B>vcM?uY3oqO`XGp<Bdayf+G6$
zsyF#$%w<_yLTGhFZ@)Bj^6<>YZWubwt~Q!)<>SDl_9}KLdHIHA$He)>G;tIi=*UD%
zlmcorH#mjAzRF$yR#b^Io$eqfxmZuHy%?pE`Y12+Q@AgW$F&X*<+kyRRYRX|Jj*i!
z3*-MTJ3}IF^CINzX?to>%K^ZBr^>N#>(8Jay>7`7H~%&hxmMi#<465B2!p*|cao6;
zS@3JCnTP?d*VBMU{kH`BmE#!Y_xRQg*=+PDjQvq~5l^uC?+}iDgbb*&GkhshV4EzL
z^*Y0oruZc6M1<AO1RR<rt!a%xSv_s_tQI<M$QCgLXCw%w6(Q^>S(w|JR-}~H0H?~G
z=*r3!?9a7C`PW3rke$;tbRF)2xRuv4-c|UaLP|I8wfkM~@Qd%LU0_oI-aFpq`aOg*
zwEG>k*VxeN;6>Q(2qCWi(e@7pGqL4hCc2e1h|dwuR-`K}1eYzzBXOyk_-aCG5hNJH
zWqRzD(hm7Q@>soQ8zDoZcJu;X6M{xD<IA40AuqAK$xP(t6cNxg(XNuHOc~t-XcT!u
z$?P6g9){aR&Z!)`Q{-WPKnhqgbSr1DS?F^o`P-Zn1kv<{l?4qfQ27%UmqK_J8|Pio
z>Qp%=hfMy=Ou*1x43F3@tp5=ZYKNM^@Fzx4Dv=0>ModcNy5TBjy4;;)GKGk+`3vqO
zvmV|DBVV$JBUHY?p%9lY5rH(<ym`Q#cM22vfnDhEw+zj|xoFo&fZuKifQouqQgDse
z+rJR?bD<lcnAE8EU28_oLeir_DCqJgYY}%+`JRLZ57}Uh0m*=P%mp54!GoZ%isU&B
zmSxHh*8w8!fn2qzblLqYqC-oUqow{gqBDX*3()-~0<2@k`6Tk@_=?iW(#&)b;qz)o
zaj@yYNe_>Rb&-QVXZet5e=Ca^#$-z4%P1<Jl1`1HlIcbH>U2p`Soe@5l7*P01I4uF
zG0@d&K(bj@x(o9L6l`dHJ`#-#rJ$lLUDsOcx}}_u)E$)iT0^Pn4!R=8Q384)8w5?x
zq;w@gV)I70%r^#@&D)4u`3=U-oE3d%pj|6BM&E4LwA?*9jdP~*H2NJ^t#Qe_R}EC=
zeRyEvVnW`r7Q0BnAR~;L2z=`kCTswiz@J3O;0*;Cli$U9$bZ%I*ac^yB{n?^oHp{O
zdf&}W7gx?E>^Z{tlYo&EQ`qZ~R^zd|H}a?YW(#vI>{<&WhobS`ZDH&^E%*Hv<`c%B
zM7e>D7nhqQj6aEZIJPxuZ?^g63FA*9UbBV8`L$SBoVL}%V*F+hCT$hRYa@(5a<fv~
zrJXSTB+8X7n!w_6Ws4@TI6v8<2`nyGwrB$TfUTQs(FAsfg~=98U>~(G*`f*TP7CX{
z_<hR4dMxZN3zMy!r2V{w$yQEaU$HRR$_Z@QvC-I&t(?HVVdIr-8Q-z6ehd4dh3#Wu
zKeaH~@=1P=T9|D41jdtOZF|}B35>_e3X?6L^ie#<=d%p{B>G6U^a6|fNVfC>i~C5n
z^a6|fNVfC>i~C5n^a6|fNVfC>i~ERM`s!1tmQKkLdjIEL*dWOaT}bbY&qtw);N8fd
zYK-Klg~dpYSy<e#<4kst&1!!};ZOBtfN5JDU}0xi*nx!cC(%|1Sy+t5VhfAWSYlyu
zTP?M)xUCMhu(+)bv9P$U4z;j&JRb(w;9uPJZ#NX0ZsY02WhBzob5N)0-xYdR7X#%{
zyI=?KeQYLS(yZu~w`uA}pfIe<!oY@0%YYoo;$!ikL`W$Vs{y@S6(m+-RUlke1qPT^
z;iBrJL{QSm9hmA{_HWXAIfEOkv%V0Gfy0rcda(5_V-Z$TekE&ql`c^0uQN?T7k54R
z5?Aewj1aRLM=`bC{mYoE3oNb@y<nq{W=zUfd0xeT$u=uS=PzBOz0;n*OxKu_v1xOp
z*H$ezb!t&)H9-Wf6fJ8b<-+7SA{ImA7#1V3<6?>(mEU6HX4z3$12++I{Bzg8!?X=u
z443=p#s2HCA+*tEwvoI34u!3wTf0VK%LtpPj|UXOLld#h@k6*Aqe5fvWxz!m0dHZh
zF_U@>o7$bEqwL3WHae~&8YWi43lN9$L!Qd0OANFTAslJqm%1LIRYhIj38aTT7l#Au
z_}Mr+-cBU;f~*}}Z(~H{?Kv-v@>ZFSIR|+`T~Cu1^<#mpoks#Wj`+ueP9mi00!6Lp
zW$nbDm`8-mJYs;EN922L-6>Cd7yAr#r`uTf_dHMCQO|#{zCt%%1oUiu`O;MVc-APc
zuS7^G6!oN+n?c5^9EJF-yd+6fo{^;T3^0`ktNLzJUAhUO!i}tHCl!*+V0tl9VP3z4
zPP%>q9PQh)r|H}7kr&jrA3zy($v2{rq(@prBzB<LLM;tdVq8{@NYE85P;a`Govil_
z5sR;prM`?UTUSOi6}N+wIB-39k7)+FjlF&w<LqU`OP}W;m^(d|yT}-yGlu(#RIeyy
zUl^e~f}{OJplN&mbgmjN6^IeUkO<UI5{L?4LTR;=1)_o#JtjOwASylyIT`CO6Ub~`
zk4WF^F9&2!u6(@b3lMS~%FTv4VJcK(N&BCQSmk{K^R!B^ekbGLzMzS7CFolHG{m8;
zCmf%!#$z952eB%2Spm94n=X;1OBCr6F}g&DE(@f~OlAL=cCNuVBQ2j}k2#sSbTD(5
z4rcZukYN5IkYE8j25>c*CF~f0+ANE(Cr2!2%CR;9X8R|FPYEP8Q)F^j32_w_>PTUT
zL!kQU2$waF=ZPz1ENHOa%-AoAgL{H=(RQ>e6uuk%l6NPWG^lKYCy-Mn(~`W=G5+1@
z^P~z(*qA4EUY;jUrbC_(3$aj7j~|5CVI~n&gUNN#ilj$s1{PucHZwu!PTA7l1*D~q
z)Hb8Y4-#~~h*xOOCi`LdBN-i=$#&IOAb+$44(0geN5koL$Z$t;DE$<gWlDyMl5n8l
z?U2OaOd#CbfcW8Ohy?^P%t=+Hanq-lM3E4C2JXte!3p$@-lyDnuR}fA>N|m9<(KHo
z`RD*~H6iXOmgi@(+whce^-pW@q`AhyMHjiQ7)2I)q}WN1eb?MjwDjc*#EWYT?X>Zq
zyZ(KqCFwSjnlCcCyZ(Mgfg&N@@Cr<?Q1aOu4dPv$w;=zO2^u74%jH$(n3l|lIi_vS
z9ODre{I%n+AAe<-ktu|HmZv^}7Ar5H_gGS&mGt(|OZ|@e8T96>->`jZ4sqWbJ;#CD
zmbd~WcYQD}R41&(x!`qD6li7IISS>`PO<iCZR0*TYOj2GCZ6WI1PMShA40hzyw4Aa
z?4t5j1VSD7YjAK%t|B?2$u&rI1phhtVTEIL-L%TGSl7Ww_R}d16TP!S#!cg@I8)js
zX1-z+p{XZXc4~|-L@R0{hOsXfXPGP>%7?5e*iCUoh=-LK)REazH<4H}n64bg=vibS
zHjzm)r<`p_X0t8#Oa71`;SVFy$DD@}aUcLDXi6L@H4z8Xn4m-)!%SnRg0YgoUUw=m
zu$zl_BHxPUi9P=#FSecY0K6F8#;Nk{JxvwKYHw3T*6Y_|4Dz3Lhb~%$(eum^$$ByE
ziDl5p`)J{_{t8sDjAhTjWU)RIFil(>g<c(_-~!~_FT#LItV3p3bDJdM<vhHzBo;Fz
z^H{3-VMx>j1gR>;qIH(TzGeaJYr10F6Cz=N8B8!;I|O8IyaaXJZ45{*NnI}jqRyAR
zl7R$FS@(FS_(J3>wnU{&*wkKyI=kU_&?`Bb8~Ye$a-|=AoY<Gz7XuiVOZPO<v5;4<
zm0;*E+Ul5hy)0S%0XrY7()DJ5&`of!KV)#HteXuwhO+#0!-(YFja_7VHBV;dEY#R`
zny^=^1Y%e)VTx7*!db|;TxaN3I*{6WI_W_Srll(>5R<O5t5LF+WU{uTr#<PJNl${s
zWs$-Gu>|3On6+VX(LcNGZEi5lMYnN2J;pZM>$DLa;X9G<8HqK9%wBP1fzE*!pxkEk
zDa)tnsuZ4%^pWz=3^yo-=c1DJvr&)oxGD}6$7A>!!h5Svjycd;pu$nCv#AV*S&Vi>
zi&5fjs7OEhaA(a;x)#M7DwYS@&+LVl@f|2)?LKc9ZK|dbAqjONcam8oqJVM|l89oc
zBE|#La$HEM8$_Ao{icKHMlzURv19DW$HiYi!4G{B5rrQ*hndBa8u4<T@=bu4C&TK+
z4%^IRb;eQti(i)ix(O>=1OElaicyrY0>>bX6(P!4anE}`%Ax(c>WnXe*;BjRl4uB5
z02y`5&~iK=V5~_fsIX1hsA9fc@~ioA%U@}5V1nf$tjXm3u?Gx`MWuTRJ>#bNJ)36A
zm|uSr>S<&d{A?Wae|VlTAGhZ#QG<l!i#nBcfkkcn3eJg1g0zKiMR7Fk17kD_4s=7+
z#@018va!d1B!ogTL_4xQxelJW8=txajoZMdhJQjO$fxc*g+&F^Iz5j%{)0pV^2829
zFg%v-^6II`-VOhT4AtTz+xQub7wi^b2NfTpU7{et({&cXl{;^t4adc;u~ytKTa?{c
zL3{YyaB=HG<eab8@f+yfHn!V&NXvhvys_0;eJ3J-qE$aEZddhd;&xXb7PqIG{W8OQ
zt0i$~S6?LVoa*`F_Ej$vx0J2EQ$KRmyZEt*c*Fz6LmzO{|F7sHvKMq4hen!l_CgLL
z+L5YXjJ%<lbP0>lzI%~YYYK1Cg*E4Uz-0<sVAdR2VVK^oIlXLa9@k3lBodN6T$VPt
zB{~dMxU2yT5S}tg|2^l*DY)oe!2YiSINF*j$cJeDx4EdoYmtR_3=jUeGgyGX8Tgxx
zzw-WWs<woK{&g%L9^O~89$rqeo}Uu!-J?Aaaay#dV=(ZN7&N(Ef&o~bIP-W0N{;BX
zNp>0(-00Tw>?L>oEv6&s?yb|X-ZC3ej^i>-Pvut}`<A|Peh&Udh%u)yhX>up;n6O`
zqjV4F%P2PXGN^S4(lKx`TJ0>mPJ+z7BHG_3R=kFN*Z^C45f{O3WM97w*p>I;#_Jns
z(%OFzwt=t~yEmJJH?dV7e_ujk$K+Vkm;w?z#^g96lrF(^1&(s56IX}38?VR&i3JVY
z1ws-Fn&#E8U10W!t$>!3jDzh0i%!Hz%HGq?`+y5{Dcfa-o|D~rKB%6K23PtQz^FU-
z>xvF-j{DUs*&TwOaGqfoTFhW4;kQUQQA>ss4Nd<E38y~}59EQ_sb%UTEqYE){`w-W
zdlV1g_+4XqY2%84UGtqXZWJeSVe&?*0_75MF&K;CY3TB>hog*r(;%b%fEk%|F*4<t
z0aJo*t;94hfN**BIx30*aycB>mMC~(FOy<SFo3Rv{3zP63csa^B*t(n)oVmVAQ9=~
zgTI>Li5MtSfaD_GjI}u}HcNN!*RM^}uS`7*xr1N*tMm&C(SF$%ctUK1ke08o$ESwu
zt;e)2|8M%tT$q~2MpOcFo9QOHjRa)Abkm{4zmb4M0tcf|vkCPE!4>72EBS4t16Sc&
zW$?Vm%YPAtC5zYncic0PZK)I!3E~AJg++pRfk=^{n~Yl#o&g?4vmVA!Phy|K=(0vJ
zs_au3tx*&|#1@gUeu`EHva%1F7NpzQg2RkIovchUs$MW%(^AjOb6$!3A&-OniOT!+
z*8`bokk{V;PqatbPxmP1T?42{-h@1jAajzbf`Q6uSk26)<NoP39V-7SIpe29@-NRh
z9ObW)wPCmNg`rj?$UV*y+dooPCL?88t1yqswbMmxgkH=m>hE2cnx;+(;g4rtDPEv2
zA&V9htPUE9dL|M8ux3$ddJ*kg(>#wH=|{1_tekJIbHEC%=Yg(Z?NvNVld*wduByns
zZzCj}hi>3{EOD9`4C*5pM{Jf?--7gRPyJdJ*8s(<-brXm<9Z53yO4ff3wKER+#F~z
ziB}xScwHkYZ}xag#Ne=;L9b5$++Rp$gI<pSZsF!sW6T*3p&@uU+8-CG+N%3}6}(;d
zVbQh0NJuGht0y2Z@vwRIt?=vhLK%<qaCWqs<AE}-+s%-tYiRqDF9LZb?-*;`_U40Q
zvVdV@Cl;#qfx8fY$KdZ}_&Xba75s5QU;HNgK!Z@ObJiAfywG<Lsy3akdL3{J8n@Mf
zUktBD-QyIz92)zk=0+)U9CoHH$=pOJC2k^!T14}%{pMFc$~JihOZtZDpYfTXiV3UF
z8L?62I8Qhoe|4Hs-6p$MQon-3Muq}hX?gAY>(BycqVHAa50-#&Dt{&W;8#DrB-(Z=
z9B)ZZ9OEMed0_tSkH22y(qA4!4$NKbE~^0`S+~pODBuP(l`K`dpqFQwfCS8J!Z0>d
zP7nJ3Z1leuHsOxPaNY|&xJ%xE!o1Q#F?mlTAH8@ziUM+&!V8Z^ZDAA)yx~#!3I<F4
z5(K-O=KTSQ(UF1<eOBXm;1lIZ1DfM1Ej5Ppo89)biHb)D@O>n*(`2PK$vX?hW`}5H
zyzp7f)1gZuoI3n=U^S~pO6~|;uN~+df%NUcV4ni<7IL9opI&IsXrR|_5y`e^&C39V
z(H6Ho+n(u>^yR$qEMsOFinGy9X|a#^3iP8VModW`=cIzZGtw)rWwQ(%TMYWn<m+2I
z`I;eK{R{l@pCYNGT>=+8dArx8FK`t~Bi9cUOAD{Bz`~{&>@Skmrf{`kMVptA5@2~%
za>2pQ!%;rt$meR@q3qi{i86DF3ZJ6t^)scmGp;3c;CMVm*Cwc}ez`t0#)o93ueqzj
zw1r*Ka$m~tTA5zq`S0NKRrJ7i0lho7D^HIHtRB>IeP;+`WDUnib;;LYA7&wYB9G;o
z_qyAf%6$e7O6L!?dj(I7zQ7OyU%hB+@`_QdmuiJ8Kh#=lHJWF&EGB_8Cq>|An>tcB
z<l<IsxH)La$Rmn{8_E~L7Nfo-fR0yad#az)BwU8LH<Vw}4uxJmH8H>jmbUFkn~3Sc
zHfh$rHSOu5ey+YD3hRo)x}z{%SC^g(gL(l@*G7gjS?a3>*@+4KiN0#K!!PGE7>74-
zSaC#}2;;xVz`mr+^qyy%^h2j@#EUlY)S|zG-5%XWR^xb#!@cp;cK665oP>0aG+d-}
zZ{wn}CSo#Fjy4lyr7i)H42k2y#t}IkGmtncr(<j@rz62j%IPrHm%EdU66eoFm5~3B
zx%U9Gv#8?6Z*JMUHDt4!-Ay40C2-lh8<H#~fT1@Lk={Gf)rEHxDeJvPKzfiOy$4Ww
z7X+oKAPS<0AVmq%qzM87DpJ1R@0^+Q&imdi!SD0`{P%hG&U?<xoS8Xurky!6<Mnj9
z|G6LJD7pW+9%M@UD!-+v@&4QWPqw*ShU3~-Ij%V)5~uDEOSm(TD^*4|;x=R1j(kU(
zMh0hLGjkuqkDrYOD`wcm*FoPrt~|vyB+mq;ZiCJuG=hRSq}i-bL-kCKc0>6UNRND3
zbX&6T$z=Rwm>Ftmkde3(wl3!*wn8<r(fLYj&DKzN4d|HHeXD0ug`DALj+^o`-2y;2
z>lZ?}gpFrkC~RKz2DT#PZTYT;+)#Bv*Xxlb00u_V?>;0uNW$DRqN{sG)je<=h}%g_
zgkE&x?IhG`(awqZS)<Z3iwYr%n<$KE|LZVI4;TJe7t%9W_`CFiy+mlunRF1wlmnd0
z#p{C`Tsi5c8|^M+NNRDsGjSs<j#X}XFH77Ob5hSv@LJ1Lxz0TVbSmFR7O^qz7r|!}
zY>J+OFt{~BN9A1Lbd7ceXvX>=mHde#S_PrWe|2=7(R9$&z56&%@!q}UN%ro~VUEv9
zXHmx)(OCDLg)4p}zc@D2S=x=9is#uZD|7|o4;hNX?U@Y61bw(THq-Ug5u3y~Rbybf
z^wx2%n7Iz+xr+Uuq|w<|4c0FjGbKzU76^(`4Z}c~m{1}NQw+mE8%0zQ#tEDwH?||B
z(#=hCOPBY^U~YoGZhz_Ppg+}vgq4dx5_hg#Oh>vvJe8+?psH*rO0p{;nj5D}xe%dQ
zE#+x$Ppz-R2NP@2iVxsqL#?u!qTIt??wp5Q#e$(<E-+~-&(}qt=suh4^`*XiS4(+?
z`USi}tS3LQrQBJ+-~jpVY=I=NV-&N4EJMetxQ9qegZJ}@fa&u|K^PX-cMEPYS=9C8
zaZB2ZdKD~Y6}SpEZ{{J+KIFX2!mcsxsQL`Vfd!;kFbU|4@|m9ie}M4z07zSB-|E>x
zrX^-oi`GPjZKH)~eZ^bO9O_03&bIWuh_0Z-*j>rkJRi$JuB#qpV(bR7%aSV?7JIXv
zz8CQ*Vvr>H)t1Mx+VZkIqN-lF-<B3#^Xa)56P%qn&u-<Ty?^3G;yiQs6(`#Xk!ER=
z`c+~A{i-d{H61yXl-Q03?bKZ6Cgg$LKizb<cqkj}2wk8bP)Y|gpp4@KtQh>M5IeD)
zxuWaDmd@CdGo#8SD4FeXh(_sBU>qHsj`ZWJY_MMjub>B#xcLerP&f$E^{|9S9=T4~
z5H9<Wc$b8sMFYj)HdrxE!orV;1Z#~M5t&iL=bIg$>8ANSe-u7TUW=LkxV+l%e>w8N
z6Q@^+TUYr3-9qIGI{C_C!R9Mh!VSbI*VAcY(%F#<`muy;b&9P?;9CeKuPg0~BY0g#
zwqqg=$=!{$yfSEPBI=}?sC6Ob$!Tw|Jo+Jup)&Rq_z;he*o>lAN8?<c8ytER^lNnN
zN6XFGT;Y8g|NG#-JYc&h<Y&2`^TSs#YZIFp;bM8WB#sO&Z$@0a+d?jv`;y^UFXd@T
z9P0=j<{zvx493;<*TwRMlFF*1%Y^8X5M4&5%Z$=xqI5lP3Yj9tmIKlMCHF#Bc*M`y
z<Gm2l2=_t=tIoUvanwBYOs3|1H^f#L4-1x_#p11`L6|)aa)JaQoC?AmYAQEL5W-<9
zERmA<o%j<@kznC9NZ~ik2;oGKk+k@1hyM#5KIuLH>ET~>lQtAe9;R6qIn@2VDww$N
z8e}zE0k{DHuO+ydf!7f{)WGWre$T)g2;OGkjRc=E@Fs%)G4N)B(;oE+-9m6918*gG
zpn<m$JlnwA0d_y0U2v=Gq3EKAsx>TK$ZjetS4|BZ!*3jz7t_mJ{}X60C3&|T{NOme
z8(g{DSpx7#duQKr(Va*X2bASG<h`24kBN4;82mbr5+%3TY5=^V{28L}HFaMLyY~=*
zYsa$NTnXr=``GU?!y}AkNRaye{ovNx#m*hdF1DwxzH?@)t}dzKtlSGm>V~U;_W^Y3
z{`<YUKVk6d?OiwCM)lyBOy^4{FrSyW;j^a&d+ntYffC|*!g+;B9TQ>lntG;#(B^af
z)Q2zPLXNYXHayH;>_>;tC~G^N;AogRFW2cZAAJXN%|1j4a@|II5{`+%prOISX)va>
zj2U$EN+Jw{i7=@KVQg*2c`#MZ2P5BMI&RzHi#h|v<nsy4C3?oz&!;OJTP@`&^$Vyv
z1NJJqV)fWkt{dn=QIEDks6huGH?6#B=xHUlOx?V4d}fCO^*sTaikD6W(@UqZG5`)V
z;v--B9>GIw_`M%x!_r%he*cVI1TE?^wuj5V<Q!<}?{aHKG8G~2H4t(DLy~|Y<Lyq$
z=_btUPiOW}lZ>i)QJbzqI3FHlbhS6)J$g0`CfeB>ah9c05`?C`QE)Vfv}Jb0cy3#+
zX0G!imqWVgc6c5$IYK+MY1G*axWqGifVM@I2a#y5tB(o~*>CwJU`%)(qJt?1Z$hcS
z{#)h=dD+Ja*XC4{O`7HIbDX&9QXM?voAHt?)?>oGNnB&ObDDAji+SJ}4s6}dYPcmv
zI+Ceem&eIGRq}=!VmVk-j7yhc>H54E<O~4YpkE|u9Gi|ZVq!W<gqx1WQ(2Og$|Bvw
zWL4ypvmgG2a{6DLw}h>|o0)gc#?0JtM}+oacm=kG3>i$+31X%yfz+yz)`nb;(8X9I
zCrdAJaxIa;B?*pvbN<emT#`==Wqe}L1fPgVa3Z!EdIVmwQTjus2fCAS7X?+_hqC?1
zqCDuSa{UE#H?F(d#4VVq4R6lX>p>X;E!G|RTB#SwMXfaGhxEgVuIjd-yDC2qmTbB{
zYuU^;-_Sk_Y!Q!Y^m`8M*PsXsA4P$p4-EV*%NHwJeg_b|e~j3pT{EjPN=1BfYQrVo
z!t3GAW-fidCe1~OtB7dg=+f?TwN5wDrQP7Fp0U_KG`F6Yc-a7Wk#Kr=Yc}>r*t3_v
z?1H-;ZMx~s=r)ocYN~T9Jx17El(_<J148>|Jwvlr?OdT3R>>Wuap+zvzehgH9o|}5
ztg{6FIPh+=aG#$nga*leuCR%-4FE4liacRdtT%@lw;3uNlQC`+6^zMBAq<0Yn?!>!
zZrnyy{nW9OZeT`#4;kj}wexpms!-*7X5{<70PiV%Q}X@u@FDhiVoMkOVGMRuXJdC2
zH+@h1t=CFnN%v=@59xdk4h)XkbEUhPz`ofjxt?4OMxu;3uoiHopU^}4GuV~}>q70W
zm$E;D0@WXE49(1?1~|!^$_f<wC1wnoTo~T1gM=l6SkB#Sc@LIzeR8mo5m-%96e!H;
zrr3bahVur#Q};C)s~M-a*deB_P$v=W{}PhpJX(<4MVwhze}NEcX;4eYamD(En750|
z4S;2>wOBS55qHjSijr1Q^x`#hJf;)M0c3@!P!9Zf)Cn13NkTupA5+V663X&*lqGr@
zoXM8%N9LpV@F|aWdYf-a5ARV}`A+K{TNl;+&M#KW8)ZvBLrlCtv71<f7hwi2`{$j_
zu$GR^z>DC7;B^NT1%0t@+8)k;Tv%Y6AEgID&>3Cb<7Am`x@&ld!J@IqOJH80%6j%M
zTqp3)jh!&~IrIDewqf4(d*Qhr%E`6{-ldN|MF<Us?W@M4^X9P?QqdUV0r6h~)<XQB
zhoiF1jV}JV^kgd1wRGw<PV2<ZN~!wcIYvt=kWeN{Nfmgpb+V;jffX|KW=~uCwL!Xs
zV11`_iuXFc(oOUAH^SH9Z_Gd$d2c1>(BH6eH!IieR{nwvdV{N}+Re%g0jFZ=Rg~kb
z{qKvhhH8_a9lkH^%5-n2>n@tE|CZUZ>ng;`NRspOXzB_3rEM}LU1*(y;@Lb}GN7w1
z;{80@LeF{DExEAGN~GS=$=NPVU`mfOeWXENnvLFq`y3<bf|2(Vgz+ZbfhQTmJtP4f
zb=w0^D6V$tF65)rhLUD?Zl4!s{|5ecMfD5FWXut@Fi+x2&my^s;2<^PqHuJ@xE!LS
zndCfe1C&kAT{2Rm+I+~ZQ&Yn`r#hT@#<XSdR&CLs^=YLs@CTMocvQ&DarA0Vgl0!R
z5gPA;mi|m~7}12Qm~zq$MzrVY-EPah{J`(I6nF`xL;HM@%<(Hhx9|wPq(A?^T?fiC
zf+^XQS{4yZhs{*-fNgxjaz?DwiX75MLIjI8hLl+nJ=`n_=J7wHIHBNlAxY~K^rpeD
zu=FD=(>PvHgL;^?(Zt>-H{G!_C`07S%&$SO5E9EVjga03mvh>8q01^s7El_A0axgp
zscz5MP7F@O$N<#M;fUcBLfL-q%0@Tc1-&^++2SR^Uzu6drLLn7m-bJbuA_ee+SdMw
zcI)VOK;O523yt<4x2A#baV{v-(E|*;hX|#&m@5=huqXkkvv%mFOYrVem*7>F!1^`m
zu`7a;cBJKsq+G;mxhM}-E}~tzUJlA-p;<2ET4>tZ{X^ytP3r+y2D(Ah`X{}4<}#nz
z3i|2+lOepIoU6Qs6#d?3L;~D5kM}-1)k@-Zges4n(3tJeQ?G<^%>)eBcn7FnYw?ES
zy254on~Iz0a5TTG{0+EV-6TcHUT72MdrD{$1H8pZMYpaM%-c$4a!BUyiksqa>|ZMH
zkhHKBk9qIXxl40-&m6w$U0N)kvksvZm9uW4=^(c%rsKcdorPft_Zcehf>wF5f$tG)
z#&a)nsm4D5)q{S0$E-_G;e+Id*ki~!EWBTXN+OOf`9hbxpv&^pWijcpaCBK9x-0};
zW`HhJrpq+xvc_ayIrJS)UH%TIk&PHo_3wj_uWYTt4+Il({zI22eVDkwkK;Z}z`ZkY
zqbXcr_(WU@t6-N?%djdLOan7A1IJTC9_W>FWHY>be?H}M!7ouojoF?YUi{&ByACB1
zy(Ha%W=0sHm*jX}$ZQQ6PwS!VU6Ex+G3)?W{)J5X9enEUu%D8vgY98sAnN}{7zl%F
z41^M4WGMM4jTPblPZ}%o{V}laewJ0&_leI(;=NNmv<IQF9(srwgK8|um=O9TAhe<n
zOtJ4x1{Q76r$ON9Vc?$B6*8Y8Af=oIO-ng(tXmeBE(=JPMWV|bN#FBD)bRr8`<O1*
zTMr^%SZ@*3u8;_Jh0F42Cef}d6unddwXgj=msZbFH7sFz>#ASJ+e(hmz<sMjNRY1N
z87`|6#&+_)L5V!_TF&Gvhq(p9?zY?lVRTdUG-qe;a^(P-fGszhoXj)!hWiqF3|$-G
zb;CFL9^uMRPo-Wrgk|s~vGNq#%BJG<ONyDyociMQG4(j)*8&YwE5{|Fjq8WSV07Ri
zLve1p1JdH3*q=+CV~C=QrosHOY0w?$V!^VKcj8zE#f{Kh?#&J|Z6ySiH36a4|2t#?
z{1gO9^-mxI`QTcC`+MJ%dW>VYg|Qz&;Kn71_+5hPY>JivuYz0c2R4^Ygl_6v_}AB`
zZ%3luNF4Q8n#_{LdbBY>W2u&<uS{OJS5TV9K#0$I68EL~msq>?&9IK{3=R}R#;?s}
z2S6w~Ek@sFZU~gy+q4t1VX+hwXxDt;A`zwM2C+0fD5P8n7h!~}^)QV8iWQ4`rkhaD
zEyq%VHB5}IWLf$=)=7<ifx!~mSRz#Ssc{pYB$iOs9+2(O{!J`iDmnP;txD9|R`LMl
zqu@X4{6~==oM=%fD*`b_eF7~I(G5OYBR^0M>eeo21>!F|$aH#UWe1r|PboXdRC=ao
z2T2w^^C0Q;jLQy^3=U}wk_y&V?T?}Lif~P_YpF;|=H;X%hn+|a*HYQqTc}D9lGUlZ
z+*U>Ea$6P2D}F$xRj0X&raE<6)CBKrthTO<11wx>=EnuuK_a|TCnqZD{J^DX90TX$
zXt%PTW}b;)4ozk)<LQm{A1(f)&40A}k5>ONo*&?AT?Tg}iJW8yNr`+VA@Y@U$XAjf
zUrB|0WyZ-@<_LT})%fbKBhL=9(84r^6~2;~T=zxl!ayeHwh2r}uZd|=17}(J1AitO
zSXE^QS)_#265&Of#Y}h-5sGw4?v%4>Gw+DxwD}R&-slF?=8fpx&S#Zj(Yql5eCFfN
z_Pk=_oA@RmJ@ic-bPAPDIKEH13w%Gq=H1%Mj66L{8YK31=$@DBV8mpLsns==cf+o;
z%)x2;?Chq|;lMar%ubn^a-UjI^S%z?#o&~=bN6)&ZC))0EHtNm7qPctdUQ#VZd|@%
zhIjVV^goP{s1G81Wsyos`AJlu;M5etFj#dm(IAXdly8-F?XL^oK_@j4pftZp{ID)*
zG9g$~^yb>jb*`J5;)9AO+nQjG&kjz7Pj8dci4jl~u3ez!3-71krZe_*h0-<@5?-)g
zXfJKcZ;Y3P%uV3Uk*Ir7sx``QQ=w<Q!oa7z9-^+g7Dy_sVn==d>#$T5ea^s9prH6A
z<6EMMzlSBe-2I@F5?Fw(Q&(Llh>OF@Lq=|I%ST^C?ACk`y-sv$XyCbgU2)*MNUF3Q
zb1V`rUzstyULezvS?LRz@ta_CEtA<cv+_}yc7Ai7y_&0Y-+SiJ2lzH#=ox3txZtW>
z>#Fn>CPV%%i@a<5sLT8lw2qQF1*?qx4r`444yyzG&PgbM_UDtVKWAl2zr#4v?=X_|
zJB($!lB~#t91`K>kQLgqwN|O>8M)M;!oRDC<mp|ndPd?^wI77Wdfa#C#b9qSJIK<7
zhIWbxjYp+p(=`o-+AbMDbf}$%xPcT;2Phm{&VMY=4-@AVJX$^sy`o3k#|)2I#ea1B
zkCphru{SHXOB~I*$W>MbHrF#XS6v++{imSjU~In(9<0R|W+<JNl17s;dv{34pwuBV
z+%q>j$oz7QVRkvjFn=6lm?4fa%ug?vOe(BvW&(BniPg0iEsZL5&A2)MH^w6n8796=
zStNl;izF~@j6m-B0;sN;XisO+*P0?!8p`d4u0Di&z7%UX&7c<?@~~%$dD0A>sGxJo
z4wAiL7?hc)L>TfI4^jI3;BGBq0zoONpvZJ%!)U?dXb5tpcp1Us#q@z}Rv65F=LR#n
ziOJ)^48Z!`l+7A{@m|Uar1^K*Bmw)+HHdF}USkmCp$AD~fa|4GsLW&rbk058U0$~!
z_E7h#P-CUk{2W}C%tAO}YAk7BuwlwPGDWxlUx;nMM<MWW2z(L(pN7C^A%MfjGOK3d
z9M>dCBt^I8?pmfVlE%;?X$<C+ylT_-D0sUi&U@=2y`EWkS_yAMHBMUrYmj_r=`JMK
z_}sM!v{Lj5*pm}eMzvzZa*rETJlxmQ?&Iy=*ML{5<TPP6S3R7$dKKY%TXNL}9_T6R
zB{1E&>VYAS3ryg4@VMTUbJg7pn3SvTZve>kdw}GQXVko0_`;Vb(CNz>tt~TlxlAX=
z0Ibb^O4cpbu8Pa))&JlH38sp#QHi!HNJ3&}!QmqAMPwXu6k@?~g5<n}0$JXx$@%J-
z%tWMHkhS(8aPr`FW46TZr#Dx3faZ%bJqzL3XXV6>(!HBqVw}2uiAj$2ETd7i|H7*+
z9XOw#%`A_&cQOqP$-8|-wcog;r77ABB`OZc(`#gcU#DW0+=6&G<LvI1pi)rULhw!+
zx-`9z7i+o4r8y?mS;sKWP*0Exu@M&Tl(T&16Xg3_>~Hn1gl))aJ<g}wciRHtw(sWN
zhOo|10x|I-31%6(msb?c3v`D1;U}dErFRRQmR6(FzNFd3>g#gqTJ_?kj8gyQF&!<q
zih-tJIPuD9ss`XKN;u0r$V}HawB~iP!`B^g^)PYaw&L0w!cKchd!3$B!PyO*Qz@j+
zsjQHB@HMr~5&MPXv_8nE@1X3LiVVq}4l$o{coQ=(c15}Y$%LWQ%f*mpMy!q+%PTqt
z@?Z+a5z;9_L6t|Q<vLis9#}U*pBQQ*6#1b1WO2*HtbW}Kos2cv;lNjhtj8cHP}K`#
zoCQ?LSwP7l8OO%F>H@_Am0OaMA7_vG*bvu5_%@x*lryXC<!xeN`*Ffj^X^Y5d(5rR
z&$~bW|BQFfCGzt*c{e9pIvJdk8sg|ganfz)EwqN*jn1qa@}6r0>Z+=!`&ea=tmh+#
zsOMPXTKuG;Ugx@aTu`TG6L{8}4Shz3obS*%ON?xgu1>Kwe?=>#ZLOR1s2nde<G4h#
zGrMAy=g!P=7i!z1O*f2$GvB5>OB0bfbuRv#neFIyK4#I^SYCCAwk74%nA*y8*voe`
zFIm>vZvEOfv%t{1vl}mtX}-#tbq-LucGXcjlcK$Rwxe{0est=G=rw6$vXFJLJWlE-
ztD$$qY7n01`s(poq$~-Y+&nTwo2%0txcrUJto0?$AN7_UNdG(Jn=V7xwDF=}NB_<c
zN*!CqWM04=n}5*}9BE}5I2&RXon+t~g00K?cW3$tUTnUr5nOYs_vN%c`jUZb5d6^;
z@4F_!TP*Hef)5(VWoz_|fol_d%RnwnqcKnTOn!mj1Ow+0T*bh33C=TcJ%Za9xIV%C
z4cvg>Q3h^EaFKx<5xm^MjR`(v+}MQRkIZ*dg1<I!GlI_<xH-WwPx>N!k>JV(Zb9(N
z27Za);RbF=@N5IWOz<uPw<7qcfnOo`f`MBD<V^)KT5SiwsUEf`9(B(#Z3f(1F~=<Q
zzlo8&amo0m=mQWa1}l87>`UipS8nr`hK9^|&Re(_yafdbf4G7ll=V8Go{p$*R_3r=
zw89^;r?Dm`O>PThkf}SBhl`Le1bPY%-F!-x!9;#LKa~d#32XQP8Ir#_bh-R$w|WG^
zcbw6^l73__LV?*f*2j(s|Dp|$FO_@FX`^in+>zjZ2JS>~fq^>{Ji)+S2%c-;t^|K*
zAScMtod)hs@F4^DAo!GldlG!rz`Y3m+rYgEHa+F@ybr-;4cwRDss`>ya03IsN^m;^
zIa81JH}C+0M;ORie{`XN2NAr_z=H|CWZ)qLi%<Jp9ZIll;MWLlX5iNe?qc9K09H@M
z&%%CwE#lW<{5q!{Ux)MSTz*CTx|m-B{G!Lg`S^(rHBwx?M3)=*O@N(?Zh>?zq!bL`
zj*7;GN7~m>_I0#<4dScHAhN=Vo&>G_C5Wat5s7D#I1z;Bk~oo-7m_%UkXMs95rnO7
z!vlM98X^sECBupQ{3D5D`J<L+68V$zw<d99Le!bWiFi&+;zaCvlQ@yRc}biI;5JE|
zNa21-94je0Dv4tiMwcgXBC@|o;zTlEN#aC2-%R2}l0Hk~MA#-jo8XIxXI~O0GP*|+
zCsKWE5+{OxMiM7&<GLhH8rLt9IB9>+Bykk-=s$*|5T<2Ka4A_6TuQD4w+rdTawWKw
zTnR2ESAt8)f#6ayB)F6evALx4EVxvj1((XR;C4yoS#YU53oeys!R^YpvFx(JMw9=9
z7u?x>YdaF$G~$?{0Jj2hY_I`tW#X900M|<#Ga29(FB)@Lm6;51eGJD;2Dr6|V}lKF
z+Y!f%2e^HRWB(Q428m+@1h^^x$kc@U4#Tlhf^a7h$3`6B&L@tIIKbUN92;?fyN@_F
z;sEy~acsl^?i1qJhy&cTKLf``9N;z}P831XuStDuMjRV)5N<c(*oXt%5yY_(2e|JM
z$3`6B?jnwjIKVwm92;?fdy6<W;s95C4meS3#rc~?92;>EZgt|=hy&bC#IX?zE>@S)
z7N`4{Vpj14CfeL?ryFelUB(d65r`k$atB=(R|l1Efuj4Y#-HDoPu^mv^R!%M56st(
z;hcWyqCqvb5H!5j2Ios_wKjZp4BHcPpU&X&!1{i^D-^49VBAJs3!gr`3OV<aH)hwp
zM<45Mbg|-|qZc%7;`D68M)(*2KYG`0&BtdPcyC7Z`i+<w$|YxGqlb_NZl>d5;x=5i
zL00gx4S*|^mseQALl?@esnRjHtxiH~nCu`qR^Rby?o<x@iqta&{d^2*y(v)qxU0tA
z|1{76;W9Dkfa+o$&<5D6%7P($ry9!E40ir?K?+!`M2<jhmKMuwm}}JQfj{<h)JvgK
zk$UMu(HhIUgsWAj0&1@B?T8)$KZ;RtNowv)_T%movPFyB5tLWilu&r}UOL3OR%~Rl
zDB=DW=$bJu*OgK(&XdnTxl~`eRALGxzLtw8nRVU{$=M9~SINOSoiE@LUlzSiHo<%$
zSkpK_MO~9eu`0uIxsy4hJm)94roMCma#>~Pk}F-q48u$|M&(P_5r;BKkh})L-l~EH
z_2yn{VL<9qf@5tE-&LP0b)#uU=aTy(pDlRJo@#ShFLcAAN7V4M=8X5BYt1UE4MsQe
zv<f1tYK1HB8K}+6K`E!Txg6?FS)%sIT@be8K8O6^y?QdbFmMk_**JHaH0=BFJ!9HD
zx$m*5IH9j8dc-(C1BcdlL0~hs;iV8Q+4_9xTEu{oXIfeBh+OwtR5zf3dx=Nm>?g@K
z+$O;)L!)ydC+*VhCD#gId3P7l=cTPUqoY-mZ>w+h8EC^bJS3ZKbs0%e$K^b+cy|Wk
z4chl1Q@t1BDy$*0m57%RABnd1AJOb{Yq7aX589^t=WR_2HFvhPbhM2vAEc#f9V-%f
z6+4sOTt{0=YYXf)+gjR|X>Dv>#wD*|`o9L|wl)zf+zGMG#8R9cJq<e+l*YE=_!OBS
zOWZjpWm_9{C}?e}kW99<xx$E4|1p^8Mxk$NFWm?pxV0?LF@6`aBSoOK;}*G|_MAr0
z3j{>b)w8N*&D|*=XI<-~rsutM*VpT&P_wC>cq699k?i$d&HcVc*;_xJvO37IW$jnU
zOS=iHG5&07$8}3{zYlNCOM`BEvo%mv&+<7G^Mbo0d-{}3idC*pH+5oh;BwO@28q~4
zr{CLc)%`R!4_?{S{}XV^SzgHt@~!!1x$P-n{QA3bT<{vsFd=_xmnGHmvc2Xq7ob!p
zfCt=e&XsOqW#oFHiOgmDvYpUJTAkvR#2BEi67{oZST}P2l!kFNBRcqcRZfa>lbi}_
zEhnrC5G@U*TiGNKSd47y=3LV0WCI;)=0xOkDKl3m%VlgvF#jD=Uz#=jRyk_uXs&DN
zY|ED$um^+tL?^W6>)Q%*&jCw1tgk2pmF<KGbs>8RQrq<%Z4Kq^i>(c3^lq+6w1)E0
z*jj9D)Z|vt@_KKH-PBs&+9ZYUX#|bVi#mBZC_Z*>!%eewbAH$=+~BQTayeJS`un1W
z!4&T8@$AuyvVU_MxQ2UO=``Us%-QI1dMDPEenfOp97BV*%F}FSeZ)VB@~>U|mT35m
zb-^@dMqTN4QY`A!r=u88c)}R6S2z>2rjVAlz0ygX(C{2k<C3nXs1=PfFm5dl{2FN;
z&35ni4cpr@U7N7=pj^Bw@nq1_`#!U}>pL&2!xRhh276Q-y_}w{m!YerIBj}gp<&we
zne}+aPkbAiWV)o0=RD=FE|zie_n`ke_?9o|u*RBz`G&oOP;S9n2)sr|&vNE45(&**
z|KE^sQ_dbg5V(0P6j|2!98v7rxv6|OOwXQ25vTRc{IdUCe&&Y$bN88R`p@#r9{)LS
z=5qe?3o|?X=ejeS{O3A-6LNB^txPZbZ$$ztv6RwQ>ibRsJ5j#63^rvmr;vZsS)=Vu
z=)8`DS52SPvw9H&rW7q(M6bZM63A{%&sMqv(omi&)q;a5OB(|fwgR)7?yS~36r!BN
z-KhP4fwxd?uIq;)zp-QXCiT$obJMARI#}+`+M=bdP(Q6lb6j7CVLTNA`#3vus;*S#
z{GncA<BD0GPf;IMx)WvS-U9DdZ~_#IY4_Az=~PrXO&O>4lsIp|?KhIC%5jKiJM`Zn
zFrjh`oqXk3I8aFs3OGnVk=9SgbYK^q{VOhx&z#D3kq*+AZAbUYcsM}OfprURj|YI$
zWOPKb`d>sASDJgb)E#NpskAptTfT3(`rgJO5^0)yu6Q$&6MZa!js>p1xOdN94KS|g
zQIY{+>^O^b&g+9c8Dmb{U71>57L%qv7~`;9)5<e3sE6JPSu*8m4byh-%cCK7U<$-2
zGqJV_aw0QbytV)zVaxifqsFs!$~-NnR4;oT2rt_{rgrid=%kNF^gz9R0>M}beImhF
z34Id5SowW2!C3iy3c=0LSXEO_ZEduRfmGQ>``zbvc}^pEsQG@6;CBr?o!}J)o<Z<V
z1J49l<xlhn;B@mrHl@xok7tq|-=_zEq8E}LXPZZg)H(Fv&%$&0#c&JH!;jc9CC*1Y
zjhPA;@^oQWF-Q<k!8i26qVfSsdg?gQgT#$sW)UAuJYUnxWscHn^R`oNu|3k&HtryS
z<feB@^eRg2Q0d1-?0^C@T)6;A+Cfw~t#ctWLF>L|_?M(W@v#UAp07w4Skg#_;S$aM
zl6ywv)go!53?*4#^b&Z4W{I0UiQ<hK&E@v`emt?)*it8*aD(t~alP&bzr3Wqeu(Qr
zMc<)&uG2Ep*VCo<!<r3Lfn-NC4BdX#r&$wADkkj>sMt0(@I0pd%rmY|>89)N(NXFT
zbl5lj8}4Z=w;0E`6CNX8N96P`s(HYxw!)9nFOXd2B4l<htVx_+CV6|sCRlol8iHH7
zGw{C}{&_t|c?Vu-!Rw~w^i<_yP$}<jx0GB$@XI*ySZZX|UrKOY`X0v^H{z#q8F9Ev
z+XcCt;OMU{uDv6AB3w47W<fd0J=Xk8j~7{zD0+A1COfvSLZZ0WNz$h|7RySP{&X3Q
zF7rp1(djat^lSB*zoM{LVa^dx_;H808SIjvH=iWYp5@Gw_x2Jc7at_-BbjQ-2%M-y
z80IJl(}}K~s6-g%wrBY`K^R&R)j4ni_?rmH@`ThTX%T}kX8%BW{Q=6%zi8rLe2=>r
z6sr75_i|U5N2-^*(mcwb67-~3(Sy;_UF;9&LEp5;59vXAX^*RcbK_5<js3~BF}iUZ
z)61Zqkv2B`vmYoo+Zf;E<e!%`cTOQoalQu0T2Cfsp4SS-9TTM~Smiok{HX|>J)Ec~
z8rGoXU(Z~h=?N>fd__nUBpyXp0^ux<dqGB$Oa^M#Fc4RIQfx_rF4LwfG*AZGwtopO
z<#?jWE@Me|#b{#q$#`aC&d3QHb0VC9jhNNwT4p|(guiIE$;u4~SmjT;x^6U&)KGbo
zd3-4;D>s`*N{DWOhm4ohJ@8Ky-_N;vr;B=*v#uRkIS3pd@*H@X5|CYRFax6xJ=S+g
z1FwuC8r044jvfAK&E%%Pn#*Kn;c=f;*PFa(S*%B9bVS>r3}9@h*cyVd(Zzz8C}ACP
zk~~$cPYpYrc1{mm{fH%d*pZjn*TmT!(G?&uF>Snvk&`y96^XKLc95<VtNqg)-)A5^
zpT(3Om#44<L$<{1pk{|?9nEAemuO2%$R^A|=%(A!o1-ucd}3R&`$&TE>hruA_7ak*
z+<`n=qvPE(l{*FF8l7N%3=Gbs`9>pA^2$~TT+nX`hW0^!7N35?5CZg6Ab3@bA*HP_
zsI(OZ8+MF;-tmlXnrH8g!n1pQ_Fa!7m!92))Z93aW46x1ymB|N!QFTa6r3w1h_O%t
zp|Ii$S77ZE)<XTTPl(4e2C^Q2Arn0S5y>8abh4QZ*&y&2eF7=f8TwBUw921!AMjK2
zNc92tz+<Ss`~}BLx@lhiXB1u{Pi(VXX??F|zSI;=d%<rDB<DvuJ#tU6_2B+xdA+Q1
zFLJ0esGbHFq?~PUD)!7P%Fu#0l5`F#FR9#z(7fy&SD50f0XJ#MnYOiIsP8U&m%wwL
z52}nQpvo8_s8?bGP<&C5f`%(F%2~*4gL0<kDjF<Ni;U;zER5ST$)*rWEI9RJ(*mjI
zy+EIT($~J|>V+=qWthG;hw&1=)F^W0LSY`r6F0)$ct3ZYUk|!fyoBcZ#h;T4(f+8i
z;B_<YI^$)H1X?#cNLRANo)G;W;rX@wo}igGHhcow2~wu5&sxA01v@~xD9T|3SIaIq
z9B%J)9Y%V)vbwoAE-MclKqtFkXNJSUb%q~kk|Ga(Y1JV-YjBN;qdVKrWm8b`zaR(V
zt61dWTEQXnbhVfF01e{No@kSMNJA!bI^;hu*7|Eb!YY(EL}ll)v5-|gO@09mdEl<x
zLi7Q0qPX(%`2~kK>@qJJwz&|kVo;&_08^Ly)ADk!g?k2KGiPLqCYZ%dc=h!QRwt?D
z3r;~-h+cacwnq{%BvKw*hdVG?fI?{;c;L)WZ+Y%Y7|rS94uN@WegSWTSnH?BQnlsd
zVr}aRu#RQ9i~{UnP<}osv=zAD#24?{>c-cVu<`2jR|S6)9K82{cP}CzXpzH=Bfy>r
zfD%H-rNxRWLx${b&F2t$FND@IcIOv-g~hlyRg9u9Mj<+BNJ{zn^AN9p9w;@HHx4+C
zov!-c6$;q*ayc1>+2dM^xz-`refx8(<93H3*o~(jYxCI<=kxr}na{@7M&`3&)O<GN
zppvf<i`$=DR5xTkrPG;LnCu?>&SC(Mu0h@~e&=P=Lv+PBQ>SyW8Iweg7ncs9`cim?
zO4$X4?b$L(<WWzAo^mRrt!aGIrybm-6V2r)G^MX(#&p6c8GGK-v|g%~$U$MoHfP56
z$;-WMa=BVtbFQ~2_ga?gv29nHfR@wNQkW8^@~)=R+I-r<ZX!A{n(z`?GO4u%*8w;V
zBodNWS`rD34HFux2`!UMXtEIPY8^X7Ldy)3&`vDTxAODpwvB5YCpW*hVdp3=RjVd8
zzA!Z`)p{<m)*!K_zKoP=oLnvM3Om^qc1r8`#WR*2s<8Vo4=I`1OUdWw(^EQGR?T(O
zC4r%2hR?F3i7fC$=(#jRWO<Ux$s$k0CiSD_<cJ}1a+4=Q&!x$UjAW^tJnD(ib7_ch
zxJ>ipB~OH&OG9MuA&C6j6QSqQ5c%d1L^@w~-2y$AhKO8Mlj6ymo(MhrAH`H>l-l7%
zG-;lE(G#Jk+)^_Nk&Q@XQX$&@!pvbXCYevT)QYxmUD%E;#GGw31mR?eT^VA7{Cv7?
zZOM-5P|Z+lTmSnQVwjneR~y5oHB|H24FuNuD~7QAe15jI7qZbQARuAo>Q>EFF#Two
z(AwUg1+#iqEVNFDE=6dEknUMy9%(%v{OT?6gBq9!>34?+jKkk`J>yy@<PeeHI@%T{
zx&EVd0!M|vyE3--=MlvBj5P&RDs@JsyMWVn(=ks-7Z3BUF(pj0@G$O<52|fb7AIY{
zTP@oP-T;46cDq08H|J;Luy=9>=4ZNZTIl};7`+xRStv{!*Z&XzJ=j?1yK>%3fI*`x
zD!f9moml995P@8_C&?r7Lv^u5rw(6H)#39wEo;fe6G7}lad54ZIhRw9KQXj=d`U}N
zp$_vG+`iJd(h|pgJjAL4+9>&(ExDdt=zoAkqXpgK8B?58g`ILY?`z;peAYSM^sO~>
z;q{r8O~78R>*j$)XL4P)fJNz9QTZoBU`JMp7Zk|tBu8r@^{mvI%zowUR68fyx>lU#
zXa=-$db(8k;y0wZ-ohS!<}9Wk^Ke{7WI-<|?r56JW2!kkBf879>9aSia}({l9QM6S
z$D-ic8tNpz`xd_rYrl0uPyNdK1r&s8Kt$l?^0>NaKa@}-$W}VG*xyX0pmB#z1X+XC
z4MME9F;wloxLE(?GP6;b@0*<Fn##Dw`i$oKY18Ml)K9C<;&HJzC=jx*oy+gs_ZJs^
zro1M!kjn(FXVyY%hGFPK1hHJ9+y4(lG+;vnFkqt)z<zk_voU?vPy)IBO$cqFP^k>t
zw`^&>F!b8=U)zO-iYF0yGeTH6GB2>m>;G;T^GyPQ=Vyd1-3=I3*2hPJKm616Yrdx(
zUM)9gd;p0maCTF4Fse$|u!Wv-Ay&$D&KVy-KJ=Xy8r=I8atd9+ujv#j55tjt>m2%$
zvni9J1jD0NFqrU<TInLa6L;*1E<zT>LTB#%K_FR8vG?)8h-lIq=dp@wz@s&rsa=BG
z0n$7SGACgPaD7A)rN!7eD*V+K+V3Gr_VF%5ErldXDRe|T7=`F6`*h}+v=&~kiMvGa
ziJszBb`4m*(~b2<di~-mZ1>S4AW?HiHxw)6FxBWR1zpGEVeSTE=!Bky2(M=$iC_bU
zdqYG88!$>f3<Lf##UPB+#%Q@-bLFC&F4rt6*Th$cC>Pr??=9q?)3dle-*M5C4-S2|
zg=}&B4tepK#}c<V^hW2$fDSZR5(<w(5DS(Oq$}`g@m4AEqEDrV9J+J5R4v=<u55JE
zWm`kaHZXMA3YnKtu5(QORcFfmU^T!|9h~Tje~*+C*i}Ke@;I=?=DD=4g9?HgJJnsa
zXC0`jz&{{ZdA<)J>$y0Dkbi<9w)G)o6&Z)%Z32}i8Df?XA(tmF?;v@j(_QP@+rkT5
z7g7cON5qgWy>7j|DBv$@1^TO^v_w(_bPUWQItJ#0`$<fVJEWw+8ew3%EHGULr_1nk
z8J@0$2RC?!-3@T5UySRKRHPnB#uUe-m1qh?_@=-F5}rhOPo~-fTNJvouug;|)`w)i
z!q$QoMbvPu<qaoMbkh>GzDU%shmt7UXm-l@!9G;OQ%J`v<Kx$A&YTUer{NW}28Kjc
z2o}5~NS+ETJRR!&8HO@eGH8MaL?{np-7N3?I0W?0rQFlT;7wOry6Mtx%F?=P-&fRY
z-=!ss(O+p3_%<$Cex+!+*L)`(9gfeM{xP-zoSEs`G}EkevRnqEVdlJ`{mGjqDZ2w{
zAkUy6DZFfTJX?#GmiebzywLe`Eq)oy&@0aYpRHbxOOGng<8$t1V30fIum;!y?Y=a*
zt&5`kbJxs?T2bHYsCT!IzktZFQ@|~A(gt57I61lpJQ?PeIn|doW7nXYJ<1Y9D5@HX
zIBELKP*F!?;-nmZ0Z#d`_6}^^A|KiGKD4_Pj?BXxfV_fyku_-Q<OG|#lpIZ+Dbosq
zsb$9&D@-9fw!Xp=WydyDSQLsQiP0q)x}-{%^yrcfUDBmXdUQ#TF6q$~dh91)Z7Kak
ze4Q1OkbZ)+W&ezcVd<i&$c2g|Z*tEx6LL?4Z~M#udkMO=y#%p7B(s<xLxlHazJo4=
z7s3-2bRk-%APn!sVljg-t{GlieF=CxIE9I4PA)2`z5)c+4q40(t1t6AFW+jvy(ZcT
z|Kw2oLdMlE2GlP`k6wbDRo}-~^_VH}*d7uU<z5Hw1LBS~+zP~fNZfIT+laV-68Bxh
z?MK|dh&$eJ#}fB%;!ZH!v){mJ!;gqN(QsEV+<%BW$#B0Q?qlLkHrz|ZeL~zRhWm*0
zJ|*r{!{y#UxX*}NWVlKF2#3{PzIvMBR$w^1*qpC^&*R9$F_|{-?=p->+0xGJws3-~
zuCx=r{5wKejb=X0;Vn}#HLEtmr=smk$o^e%Ss_C18dRJHkqx0urTSc?Z(zaMy`f<G
zzl!SAOHkhPN`z=5<dEWhDsDd+1M#NHau?w6&Jd4$QfczY6;PU#s92TEitWN}S!57@
z(H;n^`=);-JNOgz0~c7$ylNgtB|Tm<k7JV_ubaoBq{kcd;7{6?=S}lSnPL3RJW^&D
zZ_z`tdu}p~x9P#3^#1SP%_Ft{`;L*iJW1+ZdhjPr>OFe!C++bMdhjRhAq`19Qi)4z
z5|32LrAdiLs^rqH#N(!9cBOHN$B&X8(!#{!CrJ-!X5#U)q=&RM@pvfdAq`GE9!+{k
zs}qkWlOEFa#N)Z7hqOQOcqQo}jZi$^N_wy*cJEldoHrq4*(!g<uN<+EW$vBs50`&3
z7x}xJi_lHaMfPQ5%`P~HL8fHq)9uFv889K|Ay8eTNtmUwX<dd{;QEHwx}A?Xh}zL(
zxm(&F3GwWZ`u!m5&nm@!oI{<8co!gEu6G`;69zR=m^GH$oxS9tpwi^eJ?dE9`|^_A
z^%}3>v9(0x<%7sAxrY9)fry?fsfWT%&X_q;fAnW015!>0woGRFs$P${WoG8l`i(Ky
zm3d62N`~XFdMj%qkDuyo{3`J4c7E0I>&yxGD)Q?Te%15qIDR$YEBf12-iEr7;LIO*
zu!-OYkOS?dni=g_{48wY*KzzBi=XZ&Tct?k`Ug--z2%X2L6>+JboXD~a>ZE-i*8Q#
z;VK;xNA6UM-+vVUN+-$Q=vJ!OBwyxDWI}Fs#QcZx^4Mh8eR~b7N1)$zQb#u}bq6DF
z-O(x}^e!|xM}v(d#3_uV1{oe|Ud}K!KViVc#Da+Qyqsf{w~f(y8HZ3>FRlENdKr(e
zfVXY*5Z>ZwjpOYEe06^#JJ<!+8|&oc4H!+b`;MfaU!chawqo<7%WD^U@d%+40l^U_
z$-8^<eCYgLsD~@WxZ7<G$X40zJKQVqa__g+wfE`N_u+@|>8kNLCfm!i6${>Xbw{_`
zJ>hwj)LASBudd^tM}rtlWF9|^J-3?-xm6kQoX~kQ#^_xC+eL`x;gCu#s>YT&-y@UB
z^vHaIR+qfEHKv5g+qH<e>bPhZ2u^egrRN<=Pj1<rr|y<7jl;aJF<X;dZAv(&f_t_r
zEDz_()ERP3Jyh;%s3kJb%4jU~bei=}XGbBJm*Ps;*rzj`vHBy0!Zu#+++HYs+vkUx
zj|*-6_FwRzCexk;%x@DedB(+x&IYx!18?r$&6<#Nktj>-)ftv0t2f5Fs**8=diw3i
zw?P&|-*=I{@WxKnObuL&>VlTGvve%VCY#El>nDVPiv9h*pm7n)Dl}YYKgTT+xuqao
zkY6cIEQ(sjtrT;84fSHa(XwQ^>%V_#H#*`d6HfEz^)!EbcLUPXvjokVb+^#H3^Xm_
z|FzXg(w>5K!xSL=x?wWE!*zq7GwK?FarKJ<^^4J?pN_+=9V_6gdOGLKC!x^MW5lgU
z+!=;@nYh`+ooTp#5jTgpvkceV3fxM>ecy1?iJL*(*@jz<xIW^}G2G_Ftw!9rhTEOE
zdBmM(xWkBBow)N2cN}qR5O;y$&LeJR;x05C*7=83*Cp;E!`)BZn#5gfxF?94OWY-f
zdyTl|h`ZEq9}~Acaf=N%Zai>h;;u5>ip2F0cdg;(5;v8&n+&%lanp#q-EeyoS0e5%
z!_6nIm$-WkcOr2!iTj!1E+TGK;vO*E&BV<j?jgfHK-_fV9yZ+5#H~WyqlUu^PKQ;y
ziF@2|SYI7hU5mJ<4A)NF+QdC;xDs*e5ciznzChd;h<nlF(rdOwkV##$oysQZ-hQ<;
z8wGm!HCx<h5^FZfesax5Ot5B?zM~AAZT>~quosu(UCT17{7Ekvq#ng1wPcXW6pz%B
zLAWg*sU?Gmn0Ta?3?gUZky<iH0~U|el0jOrc%+sL(j3JjwPcXCD;}vOgES=ZxCh(_
zR-7W4;_+b8LqtbOB|Sub#N)}Nhcp`TcrNK7Ek`_FNqR^V5RbQ#9?}lP<AbD!GzRhb
zB<Ue7LOcq8OB7JLJ@IHsdPv_V9utxt(y@uhvPlo=-Na)?(nGp4@#sx@NS`Jit0z6A
z!xE2qNe}6@#AB1Bhcr>~_;S)i+NpT#ko1toDjs_zJ*361jQ6D$&SQh<<rjNZ-QQdX
zZRTQ*mka)h!Lc#<rWx#@i^YMn*p#FFK{e1A2iFau{pB(ngAV`PoM+ViC(#S9hiusX
z6R!-atj~<a2L>fTUa=Tm335s=p@O$8i5FEQJ>0Gn@<Mw8Y!|z`X7tpJT62GlvQ{=g
zVB8%8Yi@qkxvkOCZ7A+ycUqPnrybn)T=%|OE?gM?FH8{ULrXPT;`2xb1I1|WaT7Ce
z7RsY~!Oy!lC%oAZG>kWVHAQA7m5qQ77$l+ciUnf`l0g#cOh0W?JQxIRD1G$WetoGI
zm+^lDW^gx^u3Rmpi}WkC2akNoD;qOM`N}4A3YATn6nUJ>?8u78Us(4OXAZyjcr7R^
zwZy&pLO5}+zNCTTFl82tA?OMoe5PA-`8@-RFfg>}r5Vgg1&aG0S6sTmO<LD$ajEOr
zQj3%EFXwHB_{N3J3FIqZq*JJD0jE&96>)QX4}>B4Mg)Da)VLUJM%SaFr{FyN61Fw>
zB40>XH=}g>UhtkZyaTKviF($^8<I@HpGBMGj-tt~2XEsot;4p&yk!UZD;dlVlFG=r
z1aFx*dCb6cnGjvlk@}9`36Ia6F_Q3{v4rQ0W-DvP4K?nNL!yFpf^B^HeXmQ&r`|E$
zY6aa`-XJ}NFP#ad!-U~%IMs_lO%*T`i~Z*SBR6w(;+m+H-ttx8X7qOsrIGP-`KHX5
zcUC<N*ZG{cTqgODH7q*~Om6t%qaHiF9SNm1AgcWM67u7>6JeX-mNML&(pJ1B{DW4^
z;E*Z7g4G1ca)FTt-Xp<&jB852&eBlEVFpb;<U-8AHIM_Z!T3J=qr1Hv%MsSfmnC8S
z-U{CZC|=xws;>Z)`p#x{LfTuC5ALkj5c_{BxFn}+_UDlmPtuCV;XGH7++eRrB525r
zD9@3z_he`VaLR)rkSTE$$v0vPqJtqn;y#WvL<Sk(7$fl~*s56xd6w`d@oqe;`zi9m
z9*}NYvvfZzd8E-#`#?M6ADoBls_g@vo=n&h8`ktRMaP?*nz*b(4sDIXbpPDdns0ET
z1CoU-+FA!x1lO{jWyH}4FqvXR*Qv<nheNqnQ)&KzH!&oX42ctY(*)z_**ob<I^-F0
z%;IgR)s9QJ%&?lI^lhJa{1^L^Z9u~pSL{zJ+X7>6Xy+;tK#fV%3zhYmt1P<d%KGIf
zm4!w{l9V#0B%9=M>C{t7M_)H&tORXJ={WN15P$iBUa#a>`5UH*d|{d)LPR&6uSZA8
z7he865h+NO2Knhf9!Ta#d|iH!)EJi(-E>lqkCK%1C!c@5Cd1Hn;EL6k>~L>SZXV)0
zm5Kz=<M9>oil=hwrC3x0LH2PH%H&J&QUmmGCB{2krSGx=Q1qNDI^A^9|1?U`Iak>o
z<>#NzvNHn7;Rs)4hoE@z8H~z~K)az9jl_+@aSN{O#G+)Yd*)!4Am6uo;!4p?4zWO;
zEVQzPLrNb&k)?sb1E$M~Booq!B*T(BLJs|ZLFQP={*JMPQ;g=6pQ1n1Xp$cp6MMtM
zfTSq>eWDL!9~Rtcu^<ob_U5v^=o9&wX7r1rFdF>*Z`K5I$bM&JFeziZ0MlLdJe87G
zB$PV_EdFTG#A%BLK%^e|4TOs!gk|(~!X<gtvHtRStS_L{iLw557CDyYT|odN_HJ-E
z$IoYu2c6|&o$qk#pTs^1J9s?5D<)~x?|_s}VWwsUsB`_xTS$4}8T?e3D4s8=8+h77
zo>9_qlzvOJWC^0fz!V{Y10E1BJfKI&gP{ItZ&U{ka7?6|uK%}@&{B+vw}B_UX`c9Z
zzbDNec7Y&mud)a7=gX(lh&_R6#~oUJ-aFp4#YQ*(Z7Q##UR|@NJ1;fJY4ich_3o>w
z4wH&HCA$~M76BGZGAQj0FfDG97bkAa1tbB3!r#FLKV2dbSSrKLxbzOuu-Oqp8^!?@
z0of!q6I7B@LB(u`R5;tAtH^fl5s?yRPU2Q~rypO6!rgH@Dh`iJ6Wgtj%#Zd0@00xn
zQ<aKmiZ(xz6vO!u5!yFoOCO>ny`d*FlIS>gteyl^^<J1{4RDNHDEW{!mA-Fd=&8>{
z%+YVJnfu5hys{5S`;HezdG1z#XOXGOzVHf~BSWG&3KlX?kg_i@`=Z+U;zZp-!`LdJ
zjUSAX*aRfP7g?szsh;SolC)kzupiU?zv%mfmS6bE_$m}J?A5#0NH^UYGc!kSjgUB!
zQF#KuRBC2EM2d7UsOuIuCbalBEnZ_KiC*;pgsAdI3}E{A!6bU&frdNwew<Vg+(CxB
z!f*#0?oz`YVz?g~?oh*BXSlB!?k2;1-Eg-V?i+@?({TNU`-$NWGu+P%cevpmGF)W1
z^*8fn8!+6X7H+=b{$RKThI__v-vlli`?hE2kp$-&cr?L%4ICtRs)64kc!z-%f`2iv
zO0fCwp7OT|&NXl$!LJ&~0Vg`$z+(yCVc>BD|7_s#1hemW$|n#k8F(VWtqf$B5Y0F6
zWP%qMcnZP$4Lp_LYX&YNIPP7a(Dw+gZQ$tyziQwa1Wz;YOoBf)@GOEa8u)#J&F^{2
z=MY@Oz;g-iZQywXPd4y;g0~xZ0l_5(UP!S1AD;3>1m_rdF~QvpyoBKK23|_=Rs%01
zxWvHA2{yj(DK93thJjZQ+}FS>37%%)RY~xN1n)K9s|mhs;I#m&LOyP**Ad5`C~lY6
z8!m2_HyAE%mp2+NZi6=&E^dQ28!m1~w-6^Kr-7aJCAS(b?q6;*T%70IiIZ|{_cPyC
ze*|1K^#jkuI|*)U;ExF&Z{S@7?>6vmg6|mk6M`#!=t<o}a90EGC3u>F_YwTLf%g;q
z(7>M&?Ea@G^>c!I8u$Rg(+qr&;Li>GCBY93e28GrzdWg55!~0nUlTmfz=sL`*1$&y
zX8-Nu{)XUO10N;$4Fi8m@Ja)JNAOt#A0s&KBTwr01UEJCaf076@DBuUHSh_7uNn9x
z!Kwf8r2a^7djp>$c(Q>{6TIKRX8=}(e;)#;;`6NGJ~rH+443`bhx@bP>J9gt;l>(n
z32|i3!sq!#zAXF;zsQn>FYt@SU-%+^qIN{nk@IDOn;ZBF!EYJ(8o^r)e4XHH2EIXX
z>L;Gmn*_Hv@NWc9Ht;Qi_Z#?kg6|mk4#DZ4dQ$Ha+}gnR2re}69|UhU@O^;1-?3DN
z%BfV(sfV}mX)Nf9fv#7PHZcIqWAGw<BR`$h7Yuwp1feYY$!#)+^}hi#5?$AQKy0D%
zPo^Sk$n!Fp%;I5mkAWspCO6Oq--UH`&*bPY$gcu&f>w7x#V{<Xp41sXvy#HgQk0o-
zYRgWqwxkZ%>DMKbm}N3Lm+uTN^C~%ZfqCF$=#V>+f4;Mu?H`NsH!f*jDeC?VoZlQ)
z!@P9a-?@x8&*Z!X=m}lg5%KP2&f&e<FVMa*P0_P6QJcInW=hXaRIQ%<-qa<d6IeGR
zC^_RBYG`Ct`8S9LOQem6`xkIor>YZwod@I94f)gMyUyl2``S#CwkG(g^b94MVIk)g
z=W!sck?6xU5?#MW0{5Awa{uiyC=BQP)Jc+mv7uX|iyp3NNXJd^W92%j`B}f$5;r^f
zrkkFFPZ@=Qi=FzS`UwbEKEhA7`YAvEBcGq~^JDzL+S1>2CV^alf_kDn)T^8icTZ~*
z+0kfXkMpbk+$Y7?&V6n|n+e*h^91{J{Nwcl+}*hl>p00`c@+bhO&$$)zRYU5DcYBk
ztj!7+C*zC+%{}|h;?j$`r^|?RrEo}sa(xlpntEXbDT(T=rkKi}yO#6}q*%!c18YKK
zLB})`p_zD<Jgx~1r8hl;&~7J+YoCpfPySWAVNDyXaao5|S!M7`*S)OFYCnED79Eb=
zB<ao6hv~*W<_Z)P-($8oiK6R!%oz+oK4nvT>gY2w$Oo3WW9SqrSvt@&<issh^5WK2
z3gQ+kb>h}nif~0o|DqPh@6!fbj?#{_^K6QawpvZ7UnGoX!7arD9jIi<Z$q*HYiP+L
z9ysBl%OJGmI5#<smICCaq|s8I+_Gu36fZY5jh50v;K(Zq9&<*QS)t3c=`u08q)wOQ
z=t_L@Uv+w9*|Y{{+!%MjrIk=ksz;sCl`X9tLld*5QVdPPef}{t85@T&G$mUq$I!Cb
zQcny`&6au%(w%yhi4A-mQb#w|$q(Ihk2D9-N9xjl>wBbT6ueT8pKP^-pAGUkmY<FC
zxePy>@Dp5cD&bw&f`)@6N+9Ml$G6H8ebmyYg6`^wp}Q;CD<`_ERRQDaAKxi4PvyA=
zvK-oj@k(RKqxN6|GONS(U<)Y-BuAHY=#m+9wUF$`9!B~#{TQQFS=ySu2K^X4gT6+I
z3)^c#qaS0+iO|eKl{Hfn8vPhO6QP;WDl4xhG>+)eGYD<_@9cNhN4fZy?)O+K?f3Yl
zy&FYlTDz#f7BXjQl)aG224mScfathd>9kkI5ARt}Pn99wZ_7VFBnI1=6`|<o2fWQd
zH`bX#jml7NQ&YmIKgMJ|GALci4P>?;mteC#<2_}Dg;oqT$I#Ah#%;1NUP4nyL}Je1
zZ3wQ2_Z7yWr6%?jHe@rkBgvIE&;X;_=@cpx=%8J7h+C+1iVJgnxK7Xb82B^F*<96f
zlX7yBt88IXNxUjwnRfXwH^p|RYsu%H;ZN7Pc`<WaUW2D=#SDd+F0UNji&16h)3w>6
z=7govob;Z^ieZlFGKX}TBf6wdmxSpGH`pFe0WVm8e!i?EM5{>}GG8VUn=g}6YQ9WV
z&@MEUFbvuy6Ar@IOhvQeML?9rP~En=PMU7IliqTaPWnAB`jv@D6M`{`PN6cH4g_P0
zxP{8H;?`BBid(EqgRASOH^7rCZLXNS6V<P2WWvn^QgZNnYTB7%3NPCv%!0$Kka(N=
z9@J;BN@5m=iq9;U+t3?G8Qk6rk*UD45@Wd(-_zxD9i$<}1u1bM5iAQOgL$XRB<M2F
zbV-gblcTHbLLX4f@MWo_43U_~5UGg_k&MX@X@~NGzJjPwKH~m_2?{OdKm|op4=F&x
zn4yq@Ud|owJZ#JnZ8`#B#U<a%;rqX`!;oDDp_JHn5PH}vppO~m5UD`0pU4nWB>IN?
ziDNQ90x$U&z04V<>>VtRK+&fLu0XIWlXJc+5}ae;41)0qwUr2NX}&8HJix#b!G#8{
zLNI<mq?_PH=36HCV*`5#K4D-lz<9>K2iquQBeg%;?wU2-bhF+|n)UEk!=7o)dM1)W
zvtE@>p)!jOn)PgEK*zx3-Q<3aT)G-5R3x&mHffYX$Is4pLT@c3-GDe7#tV99y|m9x
zQQ>G>Xagk1wm=eenHSp0&{Z2tAT?ubCu!Y;5)eTk1!*UYYVCwk11aa2N>r_sn{w$;
za<PW*6CB^^ruqK$rRMt_Bn`gz(J53`qXWLL4%hMhAQfG|R+5$Nq*{9}s}NzoQ1ule
z9hW5FcP<4ZX}NmPTOuS?Fqg5(dB&m3kaWfW=acM`e})rAGoUb<A?4x)26b)l04HM|
zl{J9O%JQ|cCO&Q3v{QX@No-EBdBw_Ho@c5G7+1a2%7wZTEGM6hb)re&5nXB%=whaw
z>nPnuDU~$C^rQFC(llmTJ2%7{r^D4ZUDP*weQ19~f(O1iN_~TQEIgSgx!4LqC)^NF
zL=V*sJ)OS2w`+QwEcd(l&(f$()?}YN7s-{^;u=I&8EX-g2T{h+cWr``qm{<wpq=Ec
z#Od<u7}tA}w^0qQL`FvSyje?T@I<vyMX{J3i^qiMG6l4mqMRM(IF`_TF?6a85*4&T
zr4)w2Xhh<PFia&3gVhI7L72pP!p4Dhe(uMCFCcidHTa;z!aRUg!KF^*tZN>r6FKXd
zN9sh*`sR^3k+Xq$q)y~)XdbB(IUB(v9tV!4u+@$O6P<k0P4`FN9YsD*(-y^x!jC2|
z{2AztkuZ9vO_=^0zSTKPwWryp7(jdVE}EnT_Qjp0Uoe0~g*-4I<w9V}#rlwU%0;Z|
zWDx7687{0@G#H|4Yu0+{lZ7p{e3|6<LO0EqQ<t7Er-yvm6j=dZHiOgsX^Jm@M{^oD
zgJox^;h1w714w)@g#pPNfx(xd`NL4g9|leFho}+wbJj5Y!2^wAUqv^~pR<>qKR1T_
z*$P<!f4%~zMs7HoRv2J7*2q;z5)~|AK(a>Qq4~lf#utW5@r9^bzHmJMDtO(=zLq+y
zWgQ>rf)8>tHTrkD0~e4FuFvn*KEJU}I!-(yP}f<y7-u5}E@U78lPCZhqeN>}^>F%h
zHnII*up{KT%GN9(%x-yGd+B_VI0p95KrY~B1C6Z+#8#lNf`%bh96(+SBq(Wh{~+`m
z%cq^_C&lmXL>C%E)^ILoqP6X2s^bUUv|L=lC?njP@yobBx!2@^2T=}MBRE>W4RQu4
z*%pqj5kIf(wwzBADv7y{5QNOohq5DZuu>pi<}LJavlQb7C$t=kYvy~?96#u$`ElJS
z{J7Qk5tSW~B+9%aokC?NI+*Y6EN-E)3ta5rRkwo+3%;><*qfB86S{}}rOgXE8l4rJ
zU+k`tI6&SzDcf1uo<woem`nheF3*zTl$lVMjFg)K0N0h^`R7JaV~ZeaCIjqzUK_1>
z4zY4PfF;ldUB~IYy9AWe73|dT<d75%mBEa#Qpf?iWC2|gpex~AA9xnaoSr+dSiR$w
zkQAjxtBA3Jsf2Al*2FMfseC3ZlUAnem%vOt>^{(9hzd#R5_pcP;1{x{;-UF=6`mT|
zneJqVZd!Kk97T3u_TOH*gMork`e|!b*p1m0d4Npq#;l}9Bdsz9(8}qYy=-cfeuupk
zZiIuuF5{yH7@DrY!;D1?V|^|IhD-zhiK=CqHL{-$!>8pOpXjFfbl=kO>E0BdJ`DM^
zJ2C}6?Exp&bh_D$94lY|&nLTlQB0aO5}3juWR4JFyR3cZh(U}u43|*O65%y-vY~5C
zc|e#_BRk7Gp3qJ6<e^b`q6QDYWGHu^C&!=TdoljVZYjHD*fu)|qO>P+2Nvx`r%>4&
zj`oGQ_$;E^7Iu7-<)*~)lRsJQlYnxP=Xty$K)VAPY$$2)kx|J{M&K%+uC4Op^ow$@
zEc=33hsCJUk{QPs&NwMyB&t>z<34#G_@mJK(kWE-qk}&AtKt?a`@;njxR-P@`XiYy
zBzYh+8X@9`p(DU?rRR$-T_;H^S0>G#ozj8Gx=hma+mu1)DS2@GoINX4p15g9@7OG6
z9!8^^kaW8e(?sks5wY5_Z3QP|bkj2S+fif;mB+HP63IcjEGJzShpuCx^d;YPeR|v@
zGq%(tqf3v>_*S7LlB!Umf(q3H!Z7HznPw2itpkk{T)oulbXIhHpqu8yv!n3g5;w+I
z4?xP51M!3QbP%0<<zPC6${}#HJ^eT1`Jp7@$8*y6<GCfs@!SA62CJfCN;tYZt=l?0
zY9tw~8O@nr6*r{823$LyOIc92%n0k4gy=FV-MFkpj^VZAI3r4KW&Gx0Wfm~3MT{d1
z6x5<76NW)eGvy#munWSx_>rCY2_s@=OjH;#IkJ<H((cD(c0>O87vTVyQxtp+zR`{b
zex2aS27ZI!y$1FZe9yqc2(Fa#qz(tzeRMT~lepq@00?(gkK`kp`B1ar?)78@y_JU{
zqx)aL?Up6jc$8j-q(;9XILpAN33eO!GQqVCe23r{4E&hjR0Hc@1h}e!?F3gba5}-Y
z4D2Dej)8Lt&NFahf@>JKHNkZa+@0W>1|CFkt_NLR;KqZ@Wf%vtrPokQz2oIoHqCZO
zT}f_x*)`y0;szJ;DS3knG2sm^I`6-e_DJ}PcC|{HkAPMFM8}%_`~u?m6P!Qzrs3jn
zM;Pu3i+iNu;`0Yb87{VSKH6}xo%5jKVms$=87@A5P%&I=`&>0#Z2SCe!^P(h78))-
zfAAgRga@hTc#ok6f6^D+9BUpab=q;}ky599*E~|{wByYqrA|A+JW}ek6U`%~PCLmw
z7NUMjAK(a+YX43)kJKGAr<h0Tj+s-<BX!5jBJ)VyF>{)Er0$sco_VD1m^s}%PE2O^
z4D&cW>2aocoR{=C%RDYidVJqJu1<QKZ5}r#J<c(YA16J|rH4pKs%p=p2Y=F1a=v+_
zq~rqgNRhhGJW^6}5j=Q0w}b(lhX(1U2lBUNAip2E)@x*<=jLV(llOykQv9$j)-MJ%
z+gOp?E-n#_I}j-kE?>$NG2SsOU5215_`9<UR&hC@o6gDml9TSdpMY0=%4&mrITLe-
z{VpTf|KcpG9$^$peu6H$>_QLLs`Lr0Re_;TY=##c0++BdQDYFNH$e%zT?y%?OZbtL
z@Hi`B%6@k-OLelATIU;`eOP!o`x>#fl_0RTrAupDx_W3#?_Z$pRgI270*AJ>L?l*S
zG6&w1yF~ble#;EXzVH<YSmjU9r(bEfW3B(b%5Ya0?gxg8`}7|gF7B(ZHeB3SUt_qq
zzrEIQ@p-T7fQvq~>|W0x{E4O(a_)@54Tf9Ea5oxmrr~Zf++4%mY`6^#cZ=b+G~BJg
zMcV^hcpH8B6CDXqo;^}d-cH=f4Dure;ZJmZGRPgo#rMMAN$|%Aq6B`-X#5GP;x6L&
z6FrM?dZyxT!@X#@pBU~9!~N87?-}kMlKKdsCV4M|@F!ZS&Xd2-a5D{ezv0#}+|LZR
zzTtijoXlHt89dpQi8ybOmj@f8EfA=#<BaK_0l!z%_%YEA7vlo419^uxOx5`WP)^>8
zE3JhMyY5Y+`3SGC$Ep9O(UmET&RtHVK;tiZ0^VAxN0>AIMDGKqO#6-DJ~iB<hO007
zaKAO&c*Fh9a8nHTnBi73-0y+wu10f!(2P6|M6|Pkf1p409WS{1>Z6H&@%wU5kRE^1
zgT<5d;7{7)j}{{}SUg1!{-k3(Z62v{=Na=zk$ToVQsd5_%p)~B`LlVXW+%^?M{0Jm
z#5_{h?>%oGsq6RtVjijM_g*lMCzID~zi1w*8@pdJkJOFbFPlf|#_m_l<DTTzcz=aQ
zbi7ses{lDN&vBy#U5plk+~mOH%?&W|8faM+q8=@{X}AmC;<uPzBei%iX{Ldg;4t!v
z3sn+by~w0Sr`G2(K{q{Qjh9ReZ!?3o#c}vckl7!YKHlqQCP(Z26pu)Yl}36`J!$ji
zHuQNDtk>ZmraFAtSCVVGJ7;#3OU{bTy%_R33RPasaI=uv${WN@k6xdX2`QwLcjjzE
zq`Olh-Oj%D|3~EcN(ps+Zz6xrXl`=!>hoD=%vqX^YmIfl5M^Zd@qYSKVJV?DVZm^(
z!Ra(vAQ8^1=tY-)=vrYjk<aW3_lK;DL533MFIo##%eR>n#hap<%M-)L3G0g3?r3T#
zZ2%T7b}te>KlF=)+z?WmhiRD^8)w>)oanOp;nvJOn88rd04)Ylfucb(ABKSzgXIar
z1X>K1sdny?u)kl;$ur%wJWpIYc|HVXDag8-_Y<lFH`aB|tgGvqIRVz}Zc?T-`WCVT
z-LlgG^V#{z-+=O43qha}+CzMaiNwuUgzB*8r5GroNhiYbB{m`;jRdnGDh!BmM&ES2
zTI7VmR8H6hKu*eCb;ax;(M8<>Yo%DoV}pv8&~u*U<x8sl<;CPYa3+;jdE2MK`?s#K
zej(pK9wT}eUgNu#J)tVyI|oicyvAHlL!I2Sj>NrITiz7H9NXO=-jwa=ECva9mUXxb
z&NW$?%O>PubteyWArI6fo2}CFqsW6>{-|A4*X+sCuMBM^1qG*+8$1>loi1JJz}Pm~
z?{eOAt?=Bu8tZx?@B}+#b23<MOpy7&w4vf)r`<>54uZeacgV0^aaiiaeb@w#)^I$c
z8@Cy~P;Zq{cqC=ZW%hx~zi<IFapp*4fVG)p*{A&-EU-2s2C(l4#$7NXn0JBcw!I1!
z9gXN#h7!fyl_!Bw3nVPFM{cPwfUuYVLnv@btbu26S=ceCXy6$vw4qJeoUZA3M>po3
zUe`H$6yBK%epLn(8JRaGlex~?%;z3Udk#(xYVtPwSPWwPsQd#(DQ{L>Ag^z?VNBw(
zU6@mOpI$vhorEBQ%t9(35ZfUGRWUtAxnXR(Ai?H(PrAN_biF5CUqiZn7}9G7q+1#^
zK3?gI<9AEW8q(1@CbFn>SpvE&UvT(^-WXMh#b$&AVjHc)OTt5pV+@_>Z;8;ZRVfG8
zJSw7dU~RD02O<4Ld?FHE^C4BvL({YJ_kcs^Q8Q<o>tv2@TISXoMdnaG&e@)WdwojI
zI{iIR6VcU;I(eIWCP-)vm3SAf9bxU<#SXD{Ajk~-m$#z%<#8r$AEIF89f)h>boHME
zH!X_c4=P&v=&`718BPC1&s6{&%(3;~gtQ|b$y{^o{rI+<vl2kx%mh*2ObBNZND|df
zTEm1XXqa{l1Nk8V$`L8hB?-Dh10`&mRi9Z5w`LB+h&{{O9EOHRL}~98%yN`;I1|FQ
z3{y*lVX{3_V`?}xMpO`{9GudHFY_1pCTu_xV*n?KR1?xo%hZNTCsQ|~@46u+Q<IlQ
zl!l*=Z;`O&!7T!u*$;DM3HyPv259N<bL^FZ4y4IX!N;0+y0fJ9P7nJ&nW`^?aO^A(
zCYGHg$0_YB$I%O&rI@8Lf>@Ea61()BC6+oPkQSRekQSr6%2JRHJ4=w3_$^_4?JR4$
z@%Xab3K<6_tE@4|CB1o8Kr(}t04zD5H)Vz}KPhIe9!lm(D3oN(`-uwWFrKC|CErmp
znM6lPg!g3HiH?>CZAU%`vz3TXM53cbla;)~WtMC%e51_Em=~Q3zl2)1xiHagF3iQb
zp9@=P&V{89$ct^rO+t%V?=5yLlAB)ff|QXa!blVCNYjMRleW+#jl8m`G9Uai+8F<;
z92?T(#Ye!YM@ozHAM;3QaXvPWlosa`^GIoNJ~fY&7UwhbNNI60$h+n$rNtRz9w{wO
z);v;LoSb>2v^aV5NNI5j=8@9k)R{+0i&Hd@loqGnJW>xeG?>SuNxe^_dHfAao>IKK
z)?^;<Cq0_sLDkUOt~aKO-Z-He+ERMsrBMxyC$*GnNN|uSaWM;~tE!>edB!>}7j)BO
z!Zu4cCTy?bnphWfE#106?5Wz2JzE#Bo0ScZN;^yTwp(n#a%-2Py)iBAxIX3r(;My!
zh2RcXjSCLYgLlM`R&d2@@O(By$YOv&WFyKJ0-Td^eak<wnf`*~72TLur2}d8ybF1i
zT6^w13jYqFdD=BE_{%(;RrHRG#rYf4zBw3cd2$670C<b44_1<Dd9AGKWHFPd4x;49
z%g~G2Sh+ZXA-BR^L3(+{UFf1pl5=cB(XS^v0XJNdUQf0ImtV?zPwOLZKc@afgG^Vq
z|8*!+8kdxsqAB$_Yoo0}uH111pmdOo;V>^#t?Sl%c<M9gXUA^>wG(+x+Wd2I#$#w<
zq&R!X4x{&s$3%-C2_I%zg&mI$%yTtHH+XblFR~b~<Zw=x&s+)j7V=q*Tq|9m;KZ({
zUYBR6r)^Op)o3V+5`H>x3Z>PLw(^x#Eh&0qIli}n#{%T0{6)XRI8m7hU#etqfEHiH
zx}rSUC}QQu3VNJ&@SNvx`%g_KaVgY(D36e#tTVAd$AI?F*b;`8_wtZN11~xbS^?uo
zD`3!p%Q#BeI~D6X9?}hXctF6z&wsDAuw@bwOEmn-WME9?qzb2sgvzTIibpUg9vZns
z3Jl&ELJC6<R}RY60~9L!MGvqlW&d*uLR9$^Y`QH=9Df4bRO0v(;HDYwSlbhwZn!H9
zx18bPebVI(7u&w9V7S=!Wkurn6Qnx>AWlszSl`tP-Jo8+5!6dQ^D@eNYarVzBl5_y
zJ;W;mdR~%I-7Man1=nl5N-^Fo6*;$tDw+|brs6xXd%98-j-uptGgC#Gl$8z#!hJ8I
z#8p;-XGb$z2fylz^{TMkAK@0)ckbL=uMy`w-~Fs_8*w2Mm|TTf#S)Q(vS?3|7+yPc
zO)7}y-Ub&;GFm}%Yq2lLb<HW{rj46DCHf=8YT7vI38Ir%8*^A`O`6)MvLCI`*ulvj
zb3&I{p-UEMe^ih&zJoHqq_4EY##nnrG9uk10qqr9>bvN5!Ee&&nPBh!DMDw)`siP9
zci8c0;*~NYU@;)yJ@^(q#PDr-jfUJ|k-Qf94hnX(b#bEH6I#BH6O2%VoNnOclx`rW
zN2;8HF^p>JJH}EVXweKIWu|Xpe4Z~Y8g2SGWKP?3FTzy$lb$-yG>_EOc~$dBO`T_%
zM{4Rk8y+%OueiB-bfu*~2Y%6S4D2KLzJaR|oZjd&yE?(G4P1lZkp`|waIt}N2|i}v
zS_D5baBYI6CQo@Cg1Z{{1%js<IFI1H2Chr+9Rt@RxMH&>wLZa}4cvg>sRnLH@O}d~
zBKW?68xt(Gcv71X+}*%U37&4?W(4mxaC3sM8TdtjRsIB>;T8b9udRLwPQse>%Ru;t
zAGhSUd-##_Dt|YgT9Y!WeleVWF?KY5Z0@k?;rOb)!*}<NgS<x9(^T~9#QojlsM8JK
zPd^di)K2pRm2jDJ+gp50WcauE;&LP`IhmiNB_}bVB`3$XaoEt}UsOWQwJmJLtnw$?
z95}Uw_=@4SH{8~S+uLy4818F^+tzSL8g4to9cQ@h4R^ZXb}-yUhTG9_R~v38!`*JU
zoeg)t;dU|HZw$Aq;hr|!Ziai=aJw7s9mDNmxQ`9Dr{U_C@%-D%aP5ZM+i=qjw~yg^
z47ac0<{EB4!)<K1uNrP^!|iXl-3@nu;SMs~frguJxPuILjNuM8-06lp#Bi4w?oh+s
zXt=K#?heCAvk+Ok*Kpska1R@<-*A64++l`$(QwlA=n*vch~Wfxtj(_m3>V)$Jl}Bd
z8NCID+s*DM{-)tRvT#QjE<4WG`H_ZeG~7{!8*jLy4L8YfgN9q)aNjaqx8W*=Tg`A)
z;)JK`8t&VM+thFi4Y#e~zGJvO4R?&;4l&%Z#PKJv^*+wRMHcS6hCAAD#~bb#!<}Hb
zlMQ#G;m$PNNrt<?a3>pXvEfcJ+_i=~)o}TCTx7csW-|*H8SYjKcN%cAmQLuwH+3@-
zy74+*_w!C;rybo53PYRAqJM3}81iMfx5aC7H4VV&q_>fi1q-N7o|dgEJ;_<t_mBr$
z<;WS{)0r!qKE)`%-<_*41U4}k)$R>(*t}vfXB0AUC6wfAn7daQAfYlP!l_JSB`wJ%
z^r$Rnf^VBSzR?BWL^X~x<8%kk7QT&d9gc6YzTpfO3frQxYA;DV6hg4d+eDh1yEN&h
z>*@kYbN;Yty1Lp2F8{)PYug9omjCekU{*<@{XY{q*X4faY&$Tidsb($P_Y_LuIpv+
zU@>brtUx3<roIfK=DlEnAd%0Z&sj34of2cvM2!-Ws63&g@9W%7Io0>zzX&cS?!mj9
zEOcq!02fmTdvA`n%1)d;eMt5M>i|2Ptpd@Kt)7d_RKAa&^5pO!mS|;k%}CE$uUPkY
zHvE;-b+dVxOV)fEpNmW7`8f!LORn2-VE8H)15FC|UAxbAJQO3J&X^$Ao5)xZ8-|jJ
ze1&OYr%<S&7Ko+k0MRA6(-=tcWW6i^k81Y+7)1)LXR|{~Y<ktSG?EtSmlCPBrje*q
zCYq?z4XfXT0)F5aKKMc&yY*V4y=>vy3*B^kxnA1KFGp)Hi%>@X{TJ=U*+@ybR2<rq
zP3SyiyKFY^C3*jgINz-7)kfK%(|SIiMcr0&Lp5cdo5YNSt0COc)BuU9ln8fc2N@>F
zN|RiyDeQv=k)D!%e;w#yi!2=+YDXgwTu2edEHWm<LlPXO-I9j2TLw(jF%gM62H$J?
z-7mR1rJJtP+oevYj32Jwb@cvU^ntQvdI2)*D=Y2;#p^<N1%2T6IQTKR_AhFW_9M}2
z5UYD|6jR$MBie10U58?M<)?-2i}&EThPy*(F;(f@2Kl8_?+CZwh;~#jM}2v!7Fwtd
z-RCl8t2;(W)EyC{*4>t_?&zlL?ry2Olm9=fyNi(FVe0N;c%|!(!Na<{Q}|7+a+yQ2
z)g94}%jXAmXQ79zJEp32$FCvkj_4uk&O(n+cTCypju8@dN5rUg_hnaibklWrztr8^
zqt)GEkW>B*)0d7qxcc5R9{VbnAnU#st-B2TFNJ@)Dj6rh$$r1!+-W4t#tg@EN6tb(
zNTEN{w)<nLe@4@qlF5X(B_-O`)MY{aTj(L{pY*l<`87oS6Fo%zTj&w$pDA1YGeV;N
ziKwmrl-=J}uKww!>;G3$|2ww%epf8J!`InqtDVj4h`PrvrJqw_A4wFbvT^Aw<jWm_
z35(VvcNAgRvJ2F#y)XJp>F_E%wuWH*-S}rrUM@oc&^Xmjdva#^d3raUGb-oC;vLAF
z-yzl7b#bUG+FYd4<T4RF_ZYXON*f}j(k(eWMK>;b478M>Q~j3SfzDY@kZVr7jNBzM
z!i2OoNy+*MqFrsWguW-X(9RG-viV{49vp>UcsZg}@8#EGe%;5fEBJLkzpmsLU-Vgc
z6~FkH&%z(zYl!=uwsv(%H(i&HNnNhpK0;k`Os;11&$Z=LU2?V@tSUZV%U0XXA0q2R
zw`^IPR<35z<bs^Xnd1xMj9iVp`?{`>OdfV#d5wVi2{D|f2!UbdDGX!ng#i=og@{CZ
zk!(E0Y}^=U<KZwH*C2}YB_h+6YXR!LS4aJ?`N)(#A8n2j=7MvqR9oN1$p_uEd^|1k
z@$s<o0nRc>a#%|_+!~IdjK>U`;4u*i9)nLc`P|m!lWsbnOC+BMO&CFr|NA~^(yUSY
zr0d9p5&NVkkT)-<+9$a<L-$E>@Z4j&qrizi>21)8Bt&hWBvjcap%cs8EqxME+9#0`
z`=n)g27+kqleFt)F@48mQRX};(|n;iM4fEs>V$5(PF|KeS-0bVQYZfe@lnQ!>qo7V
ztC6>4owztd*GU{a_t=i<I=LUTA_-AjCqmWN$xozCh|)SCC94yn!#ZIxeVteoS0_Ss
zh&tKc)d}5noxCA+GPZMsI$?j$w}tr^_iy3Y&HlbCwx(X{{$4IFtlWSino{sVu9R*B
zMmw!8Dwo1T5jVlhX*d4HtS^akbN~wBD^H2$2Y%(rsd1-VR4ydYKQUcuH<()gBM8_H
zD<69DusK~lE#Yiq3bI#5eTP4>qZFj6$c8NGSdS)jLhT0;$sVnyKik386Ww$@y(jf_
z^hotI8TG`w<A<MP$+$dosjEkdro-*c$bEK@zx`qqF~mgeQ{-@@1}OGT+05RV<&UYE
zpFJE@o%V%H3jOEM?Jf?Udu%5#E72D|0a}rSsBL#b)wjE!O1qOXkui%%$=V&!VY_4L
ze7mzKY<CbK!g8Ezh`AOUGwsajrt9=yQm5TrBeXq^QJ11l?_pj=!Ncin*!HwK4si2k
zo+X$e2Me0qVNyGsFb-s<;=hc`piA!}>B=q0cNuRblv>cyS8gRV70{}LZX+}<`W7-5
z=r`Rw{7gR&Ph1Y|=ikvHt=~v9j0rju!W4`tKqW=eoF5QNmuR|zM+RwUO}$%<Zjljs
zmWxjVKr2O*h-qMKtrWw6u#ICPwE>xA7!Z~<M5P1TF@oAT2!)3AOE+D=pGp1RJW~Ds
zkLS{*<ye=uqey-Zm|7*jPC57y{B<rp2EqLi5ei!4#Gp$h8PuYLMs*QnwFyj}5#K6f
zoyFTI3?jU=Zjpg|CRr6~Yz@-?9+pv_)3hVtfgAqmE0=d5roM7{C%@#C%OCTLZ+<Sk
zi(m5I<=y<^OP>pW!Y@AZx$vj_;`^Qp@8Q>z{JNK4f8^JF{CbLC_w(y%e*KJJ&+zN#
z_=+Zx4`L<v3xKX)O6Zz*adJR6EeG}FYP2<I=swyI>to8n*E0GybUT+Z_H*{#dYS73
z$g&?_h1GgB=z}cDX+E*KftUCkBpRy(&ku~}$SGk^$HcLxBi!G`p)#;YqNfai^bKqb
z6a3lL@rQ1jKVyYI*N()W|K-^BOJqAc$lqbdwl?JOza85?4%(28ZA@y|u`Ldsdu%r_
zD>1fpO+t4pA!^4qq3XxBdu42sGRfFRN;b9;9gb}*ogdpQiW}Pq4>z`vDEmIT={jwf
zIz8<FaQ80obrseA_~}09?DNQ@**(cQc{L|MQw}*v+a!VkN`VTfh@hyD6oFC{0j~rT
zs`nCh#rG8jg~qCt7DVMLzESaceQ>XWh(M8-faNJ~K~TBs^}_%AU2A5)k~Db#`ujin
zY0k{7nOU=D&6+i9o*VS;Qs)1G>j<?RNbs)#{qyKP(T&%#Eo1^;CdEO2Xqdbnv<K!S
z(Lnb}YV-#Nsrw{6x9($-xb9=(nC>HBPTiN7k8_enKGRL|xl8!`*#DD!7C!zAb(x3H
za*^>m#4DedCiuLjE5c`@0iPu`_{$*qEaAEN%p`F>GjWX11kC31b#jm4c*9$|;B9Ol
ze-BcMZz;l=T1J0lMKO1dy@6qN@BN>XR%7#U?2M+E6}c{2>Fb$ulQT`1a}T-`11vDI
zONY1NWATGR+%!woU30t*A4~8ghEweA30br4mJ>|9=_X}rFQT4210?RU@BRbEE4c&n
z3sfmSUa?jD8vw?+=D-M!-+{R$%22_e+sc|P@+$p;*)#`)j#xP8v0!C!WYA-z40?<W
zj^WPc^NEJfbd!8uC47ElAwIw9?`{|966=kiJjQ4LCP1PrUej&6Ca)Qt5QJbQNM`L-
znhgvijJ;LRM0iEG@QM+;;MID=E4oQu?IXPUXOOT<nfyobY6mEf^Xg_+HX@EU1l%F7
zo(w|Zm1H)&l5F4+VdRyBBfKJ9c*Tfa@aiPPE4oQutrlM8moC7of8^LJo8Z4h73LWe
zB>ooiK*ruRr1<KvZ=VI)?bxd}6LCd$<HD>5F{|{u+4Tw0%(rGLDQ4SJTG~kFChnfc
zEU<Gy+2q|MPjh7=yFWq{=daPVR-&3?t(D-Y4HjK%4YJS%Q+!822V5mK9ShNYLi!Z5
z-Q$;4T!N#RqZ|D}7Gj=zpPz*X(>11#t;-V-Tg5tCM$rvM8tG!hWa~~H%7)?k#qo<$
zsUOa}enIo}1)Quh8-%0JfDyZ1>&PMnw;Hd&-{{xzlanQ^rh-`arEI<8Whch4p?4PA
z$q~Dtb_b3TEeBY38SmZM=4Chb@dlpjxdS=RH9L(3|5jALKB)*x8BZq+bED)p`xZv&
zW&GQSlj|;fgJJ&d47E%?NihrWm*~37erde&u(Q>jgEojs>R<?o1NZ&-TZX?c;I9pT
z{73km_#^x|{6*o1Ae=!P;c}uraD}ivDF$=IY=^Vzkq$_zv6e$}SvJ?{&W6i>rW+58
zq;J}m>^>`cP_Osl$8?``r2A+I=ya`+qFATf!d%aUxuTsePKfP$Ka##ejM_s;NHG5)
zINC$l`gZ;kWC{Bo_f38*_*j<WBZ&b%f}{A@^cG)`h4`TF4a2y`^={yuwZ_Hr6K@F+
z6kFaR&S)AeZxIwr!*UWUTLg)?M-qnXEr~hD$)-osO^z?GWY3<=R2LXuK1yN0zfi45
z*DYl|<A1SdAT>|}<_=USHYkg!?*9s49d_D>u-v7)2bxVjSaT=h%@)E@tO;fJAfYr$
z>l;u#9fCNXe<%oHJeP7aQcmQ}2ti9+vu%(Uifbf$)0>jA|2dRA+1wlSm~5oSNRbdK
z5=7x*%{dlkWUu0Cky)nE@q#{;UKT>>m6y*5R_U#s3U*k*4N}W%4;(8v22oza{STHa
z#tI7-4hJI#v&SZ3f{$~O*ziGq9c6jXZ*jfB$Q@nCorodMRnwh1maXM%+#7v)z@0iq
zq;MZ_W^Rknp0aNB?*c8+nc3y!rW`v#V@f1=C+_L$auUX{RH<LSTiO4N40LZa<k7X=
zBIisUC$wBQFD+=3bc$~SY!Aml8I{a?$NZ{w?0X*arIfo#ckr<>oT1;&kM;aoYO{Pd
zh{egP@HrQ;Lu_T!zGMo6k{Z<$FkA^!U%SEgQ)Ay}WV(T+!2&Io*a^|kj>`&dy(@@>
z-XXe3q*W*KJ<IQ)zW)){R~Oet-wSAD01uu~3ic^HB<RIo{WT6AOuCKBkULRI{iq;#
z4}%BgCXR>cfHz+X`W4xG0d=PNJFrY$5%%t(^5j8amR>%c`~|=NDECm!n0jV(OvR9n
z@jj#DJ;ycO(`ZV4>@)W5M@QbAM3m8M*@4!qDX1Y*P#WKFON;#I%?DN?1DMK`!dQ<i
zVA+UrBK`epRGngEjjlDSPNJZp8HtWAQP7oapo!xO?ciDC3Nu8<3^Xi3k)c45Mbn^t
zi9eP`_#1h12|FePMbZQ^z`lJj8HIn+d8l@{jz!mY9`tQ0<*C!82VIJWn!7gx2m8=$
z-8ySb`5V{Bbtt(Hb%+fm{{4W2Hx_(JppB<dU^-!Bz9fyz;RqMC$cXqHE<-~M|0avO
zLnLKK;Q=Jt#GlFKfJI(Sd5{tONnYOlO%Rc|y!#L%1l5b;s2*knf0C#kVFZ7Y5swBr
z5@kHb2>v8<JkAIyd~Lk&Cm6w>WRBl5f<MWKCxeJY;ZFq-iQCD)3nCJ?lb>dU6rMo!
z3?ulHEd2LDL?Xu@f`~-ne+(iLg+CiaBwiKzFGRrZSd>}^n_J}JRe?PG8F7>U6a@dm
z;CVstzZv{o5d15H*9F1<VepY4_#A`o9#+zxXK?o*n5rPSCI~KKaD5PT7<^X{Of&eI
zAedqBr$I2w;3GlMWw5x+mYZX6APD9eJTeFt7(6ow78$%K2sSYIjUd>_;B7&$DIVJ#
zk6nx)lsIjd$I$Qo6JwFyX>LJ;`n<rmgn9o&%pcF;cJs&jjITJk&vFaA)%sj{#$oE3
z0^b45$)!xq_G_DB;&Q~fQ;&Aw_2Eq{WfSX}pEw4)Z2!<=$RShA*?U^TE483D->}}v
zSMOzj^Va4`n__lt*i5FF5BA$)YW1L)pIGnYhJm?@8GjhYi}3mkn__k`Y~cR`#Zbz$
zm`#+8$%aAPcV~l1dnxQ-!dUGH?Cpdxa|HG!!q^HC*rSB8E()Wp33@3g0u$k9K@phr
z02UO1NjG3Y5t#G^79_C#!$j)LP5Jjb7;)EbV!6?q^6VQ<YELMjOJUbbHBAP2w9Osx
z1c|E`@C8XL5ED)G3jSfqoZ)9N&*reMrt_Q4=ubB}`ky1Cf8UDO=&xp)(s;CJNo#Xq
zO+rp`wULmF`pfiZ)nB5&*+jHTz&w*%k$|ho+7S@_kWPIlhF@oo-78uqZ~ciAU5Bw(
z5cCxoDc-*GA+Pud5wY`XLW=oppXL&J%$NQYB1EOT^f4EGB#D$^>w&o^UdsJ;1eh@h
zuxt&W4RyVdRp>sSi&}lK?wCM~5Yi+s`x4n@eRw33h%W2v#Dh`d>B2in^vFVM*mUm-
zo9>@X)6q>f-Me?ybYin{eTo0fI)E6<?YrQu+%N3_Mb;pz$+h54K%&PEm_jPZ2y11L
z7p-PYRSn;TSoL+o*PF_~_&OefrmE+<Ro3^WA>*4mA2m96X^{Aq5u4=TeXMV%^=aas
zAo0uhwMnkp-}+v&+W0ha6^S>ImQ5UDH?bh?#RB6vyNUQBFb=1im`!1<(d3WTK%)>r
z1ojMJL=b^3I}k7;5EwcyOR=4o&AE0H@l9kgE=~OqHym^=J<th^OzH%pFgoE3qM%Ml
zqzlF9L!lTkG3|fJ<ZP7pN3H#T!Te%$g9;Aj>b)e!bnD&dH~oEg`fY#T0|B|`KB;0C
zle^Ac$Q^rL_?ng$7VF(oWUO~f!Li;grDIM&QrT&lC+M_H9t4<D1GjYsy_VVJZF!Mw
zW|pqYjM8<PDcMm!8gh8TaF}kgqkepT4(n~<k1;{yW3j)xz;1DK1?=?@q+rox8OXpk
zeIK2yzZ{Oyqld+KZq=pEu_TjWs6v?EuG9tRd^JjNf{)C^ITn-B4a&;Od3Mfo!}Ta8
z7RE7kuoT5Cu}usDVyjSFt%RB77><7ao=9aikY7W94^^IN7)&?G;BCU-v%#mir?C5B
z*y4;YQ@fNY!xs*uq>Pq<Dl*8bN|}*qCE-##Mi?P57fvjr^$F>{5N|2h5vHFgLH=6}
z`E--ye`W#lgV)<X%Y>kh#n2Vx5jqJMIvHW;3>T#8hLlM|3f&|rS1drvk+!{bZ%|Ou
zPROM8hW!0R);$T-)y^rD5Uh3*Y*stJic)m7)4kxdk^7}i29=CkuLrK52J2S=i@%L*
z{s7QaiuHZWb$s(3m%)5)<GWceK9W2zgmi;QS8qf}Hau4##80=Hk8BM8m~YpSJZeR{
zkvGA<LLRh+dX&`mUuVWp^v8>%{gLFLKeDvQiZqL312L8^qoto_QU{`L*9f1ONY{ty
zQ;t!(1C9}FIJP~>G4Lsy+7Gzc55sexEYNg6H|(7(UgUxpFPr#%<hZBsdv4vK0=yDg
z0+Id^TVNF+vvf!8PDTwOikv;maF%X_v)>{oTl?3bJHCY7F<bjCA>nalDJ&x;K)VSx
zaF0-Okp<Hgc(nduO_@|`%CwddA$yoJQGcFqTnoDe$0N--Zwz<CNN4vwi-??a*|Z4m
zXYp6T-(L9JAAg7A?*#n41%Kz@?}PZ;ioem%;K#}7w>SI|pdY<53V9JBmm0{qTx{N(
zkP8G-scpkWMSmYa>hB;Du2I+iN`}9fus3skR+5Y|_<AO}i_a76%it>+`~`CO`!TpC
z2=33|N(SYt)vFooo!oq_b7u0v``P=Uk3Wa~P*3+mV@J_b2X~{QAiEWR-C!M-TJ%sl
z!jO!OMl$F|B;$uF8F*Qfya{aqHaB@gmmHx>KG0>|>9W#vSzEfSCSBH#E-OZtjoQzl
zfU@TwfRMv85dNCLcVOT<DDWK|_|^u#mju2;0^gy5?=bOEKEI4Qvwud{`Q0+62rRsI
zJL-&Yh9gJ{Ot2k6l3{`!SP3RACfJEs5@dp1h$U4f*o|0{W`au*Bz-2>gCL1C!D<0v
zk}6?cI<B#Q_rI+<Gti#4ohF-sdG}p#Ovi07(7blxzZ97{w7uOlDc$6F@+%^ooPT6a
zj3<IJ98XkF5;%u;BzQjUh}Jf!px>O-$IuS^H~B4m2us&~UxwV9_%j*4efo03_!D{S
z>u|#O6M?-VfW13-|LceV_UQoj$^aI=xq2i~eUT%GEI}WIAQk4n7#`A%bc_46TX6jy
z=O*NzWxx3jR31Ct{;PmRHF9NWrLptm{infFpt|J~7q4b<7UXNFRo&1iA~rnxB(Vu-
zMxkIY6JaZNnyFf!OGBrNS4w3VNd$q6Q$wIUK29<FZ1v0>3H2=P_i|hJjb|G^(S@wZ
z2RxQIXVER!uEe-M^*C9Ehs>D}QyjWePYA5`G#vGZLVPrejL7tB7(}(`vKqLTMlY-c
zaS<aK&NE=_Rx(<5E7`FbE4@YLK|BY7W1ePQDHrR0^rP<K1{_Bb>P))<w-Wv}_^ZEM
zv@?f;*8*{UzaaQJ2J3+;KZe2XAof@Wu|HR?byDw-AxPuL6uyz%+HVrOZ}v^2+VxB}
zj%1WYVI9mOx)E9Yos~sL?wf!-GrwzgVHDjTHHt_qj3N?=VVuPAlMbYcpL8HOPO~Ww
za>CS<7bd66^mLh?F4NN$`b3^My3W?CimCP&&<VAw_)G|UWyESiScoBR6T)f?OOQ~o
z!K$UjrYdJ-2P%P9EN8M&r3iXxNAR2V#|7<eUshN(+j<yW%ptqNQGFfCW?PxyaR{2b
zUf0?IR=!JUcSh~L=<1j2u&O(j=TO|yW_0b2<$trmz&Dmam#DeMkduAXB>yB?bPp2J
z%$$*GDvD?taG6*mY0MrZh6Ue{MAvpzbVv%{)FSlMT@4H1BX!;cT=Wfl|4#1J72ROJ
znkL5X_^YqLhVO~Ai5^3h{S#SFOd3@9gV1j%;}V+lLHfx*P=XU%`jR{tqiPQZC~zj6
zajK8-AiW97A$F(I-%fr@W~oQ84j0MP%z>XtR9!?7G?&5GFscmc4MWL!r>t782Og`|
zb;5HJnSfT<WLkl4a&XQs&<dyn5$m}Y&RedPc?(hNyoEj;ncoBS!MufFGcvyjMZ{)$
zk=ZJ7i>=P|^USK{So#LU2elJbbuu8V-8)R}=q78|v_S2GS#>iL9_eg)aXUuQsrNwJ
zW@;W`;ov6}WPB+WTw#zcEa6Cv2$vc$!qkXz%o#u^#}HP2M8Q7|iJWQvLZ%TdLqH4M
zLHuzt!C?;{uYx3t`F=W5id?USH5Qu4wNcRO2a)lli(_#dAT{Nrb5QIQ%VFlT5B$E?
zR9m$26{Rz+`A}&R%*soNM?#3T9t^4|v+rh89{}+`3v?l#=hNr&Hp-BFc-qB>K#Q{O
zE*im%g#*2lqabV-^AEhrE<Jr2tMX=)8GXP{pY{7Eh3cZdh|605p}4%$hzs4MxOB17
zyRcLPap{(X)(le`GQJd=^`#^*hm?^?1k)9`=-&0<%Pif?<Pp6}OM;-NUbXhP;xr>u
z2xI}V;fiwic9eBp&<5sNyrR2N+F-4l;QTo+jPqhho`K@9y5iQ@dHe~4f)08&XP##Q
zLXN-7aGY+E<9jT?@v!@`G}se@G=xg21_~B45m`+zT}e$@%%wKW#dD^QeBq2dCn&=6
zdh`_mqMgNcmJ#E+j$3?NW_Ewyh{Vn`f6?Eu86y3?87^kb@`vvZ%ZWGtZAc?MeJQyc
zgvvokX6cG6{N_hw1Ow+~H4GL3U2tBS+z!9>1vr0-k?yiDG)IWC+^=X%T8XpJv_dlq
zMH?_X+d`^9U7<W+P<6%4wjY`4jErV)N3>aB8VO#`(FN9jCPLJX;|=W{x=FbjS)g{H
zN6@IAnmspR@w4Y9%o3ZM?2b>Ka3!JtyUw7y>0d~gQyFnLolW2573fS(q-{PO92h*I
zJoREwcrJ5P)GJva1hdX<z0XvWZnB#DOEu^JW_H3*(8c{}6l#0wSqE^j{Tz}THlQTP
zC=`rhkPRrQA|oB)GSV?()=IO_T!Gm%bty+Xfnj#>ep4m7I=kSvXr>NgZTR4aT}%GC
z*c!~GAE_Y=0t<s+^MRWEkTGUqfLdGr{kUs@R;uBf*ZwBb1RnEV1kZzBFM3f^O#ByC
zL~DE6Wa)`NAzZ{E-SD<Tjpgvueuu*~2Kv2o8R%-C_oSAsRr{Q6dH~A%MYO!NsB%~y
zCWh@89uFiiR*WuKGx5kh{fFCAjpSGDW#kuiJayX*z@45r0HC5X&5G(CVMA`P*@V-&
z37Oj{64hSY9d+eLOa1^3Eyw4D#H}yRowXJxFB>huWY+T;(l$<N1<Kn-n_LP?%K-%p
zDa<#p#FhNzi5&Jc&k~_^)nR9O1xW_~v#ECh$Bm#lx-J$$hc$gc_cA4Cq8&sw*1OGz
z#EG^kn5Y$0{hDuy-@S7nzp;<^M`GtmbCFG`oDgJ`HtMA9HIS;kR?nGIK3)g<nm}LK
zuv1QM2pJ9aJ#r!x_yVoa*y84;&J&AJ<*{O2CfYf@&T{KcFDKMQR!DiR$dp-1tu!)%
z-AcBa2r9QO8JJoQgh)(&eGz$Xnu}ji!p?{jcDSL7%xkLm6ol#$$TK^hUPfe18BtJz
z@7%dpLD`q}vN(>L)k$ZNCm+dT>UiGHR;^<xo~3`0tOM_x>OWce>R^aFdyD#qo!YA*
z3{wYFBF;ATJq&?9Jgj>Obn4V<1SZ(k`Zq+QjgY)vStI)LOz?*PbRcQY3}%|$ffAN5
z;bL9lI_P0N&H@QM83=Xt_Z{FcmVVErll9+42P+isrknBKDZ#A&9&ug&z2fHl_lcYL
z-wzjkFPmz?+BTja3D$R_w&+<Ks9jl3#MU*tRRg$mWY(+}4?{PRjA$yT8Fq3dBod+a
zEvbzFXXBLp1J)&)3OFx9^`%l#cy6PZ1|dcJvt(8|nhLq)a0pqTL$f>7ZkLZtRV1VE
zCa{&q*n)Zp=>taZ(@hR#$1vICs)J+ux7upZ=HwyAAaaQ=n};s>K$kV8%jTj>+Ub&3
zx<ZoJfzWb^bx7hiW4#uTu)<kp#3GFBsgVj90ZE4TA|)k?0rPlL7sX)vpVDhHlICbe
zO!*0#J0mM*GqQ5gj9A+uD4KC<1}!T00l$g*@1VR6V#xx^ZNh`}O&oyehWe^NeTY2l
zmX}t=-964#+ef(PY62Z2nU3Pl9-{!R4HQ63<vJ5fLfp#~H&w(&!CvyRf?kkUV)$;E
z8=vY;(J7_W>Z7bqnMkd=ME#qb+Wj)z`~QmiW31d4bZaO4000yOaXDtbnF<5{oQnTJ
zCZ0YIzk{CROf#?K^a;|4jR&JA53JU}Sqw~U0PaC7`Y@3|sx9S-lUd+uL}T%s5%L*^
zS_{|!!{$k6nnexfoZ2an_T>wddDfZ`57%GPse^=K(7bD62bLPDW)Z@r6c9pO!G7<q
zacRZDxS%$sr&Gb0N@~@ZU|#+WK$wM55t61p!7i`%UOIdS_Jz>XtJqBW%6-pppIigh
zpK6kMDT*}^^_ti=>2O_p*K`cL01{+u3ffG!%*+?wJ_KfA>^YxK#=n40*8eaa3_%|e
zH|t+0uIpa}7j2eFJ&*RkIWpEnw6knKz&2HBC;C~DM$7LJA9qN?tfY4EAz^bxZb!=r
zxw9f?6(S=7YcwmV9Zy(IJD%(@N2=)1BCH68mbX%XbZGgY8CvKjhn5K@n>=-%p@qDn
zW*{Tzvd(nb8gxlJU6M&xNZ=eLm--&sgX=h<J}0tZEFs3IUdG&)pr~FBPc5)m8B18M
z)$A-giUDH@K~W50*(A_rB$3gK=zau6GwP5Ks?5!ZkEzTV09avhMgK%}<`$-&{wRK>
zhcUD2OoB8b(3u3qb!Grb>P$u?bta3V&O8Ur2%X6!^Ok9KCKFNL?lLiz5))X3P5;!V
zDJ)P*)RDp4)Vs!`6@@||0_YXN$uXijTPHDYUg}L=Wx$*|X_willNKW3hD{&myJ{Z;
z8Jj*q-^c0OO5Z2w`y_o^>H7(NpM;ORa8ehi^xvir6MivMe1yJj^j%2bcKR-&?-Kep
z(|0L-GxU9mzHiZY8GYZO@6+^sm%h)?_dWVP3*Y3W=&QOpemNufGx_ddPyOElSh%PD
zIl$}-LH0A6p9c&|_6j-~{|ij<Y<#UrwWX%3=wh+#Hb@qG)>KSp$sH)34}^;6!$$GY
zO)8%Ei{iO@9>v3A*}qsAT`6LF_<c>ri$-7qIf%*>mrZS!!HR7X>?s+uCt~k>5lKyN
zR&kPgeJO;B(900)e;H5`z&v!Bimt#_y<TW)NjF)`8L4Gr5lSuhfMMjJ_9?zCSqa84
zb7H~XL~mdCBR}>epsr<o1*94rL;Kp(tu!xjpO+U@2l9G@cc5kR4`_zSAtrn|mYWFv
zS6SI`?TZK@ECK}!7$hqsjDFzC*}b^VXPQ9gGvPpZNf#=gkg3n3DAmob>fOt&sj6)z
zXI{UClvV>%efU=bz|tAPNif5@>qZ}{OLH@Fbnfebg7|OH$@<@fqde!`asEpPzZ5EY
z4Ci!i$?VG0cFyng2EQ4E<t%|9R=L=0<brNeF1CqW^sb$IM#pklH<m_Msnv0nn_lE`
zI65-5^aUmln9V%VQ4ZWDXzGe2x1XDX+gBmw>>l#15Gq5K|7`$BACuE%0vr~ZCLFsd
z(gF`T8$W6oK{v^WD})gz%*6<Kf9LazzfBv5Z<k$wl;*H^W+2^OUu2BN@1RKNv+vT$
z_}?QT<kzhGGe9xxUasw7FW|8k+r#wirxt3Iqu6~ce?IvTYfmTxtC*E6V+Ohcr`<HW
zeVJ6+muZ9cWrk?`!u%m<cKe!h^Y|uHbEfuPuv1rfzK_IU*uT@s_&=bN^?yhQR`!qJ
z3jf0UJGOrii>$D|FjTrw6X46rJJ3H3bQ~tx5vx{*98wkm&R)NfH6aonO=Zn;sYxWF
zChfwCX}ip`E+Z5MD*5Y_IxNO-F_KHSU%$?#PY8XD3D9h$l`g5F%hKtxJi1zOw(Gl0
zzYT3t<_(&Y2%^o2?n+S9C=Gi&OA(1+G1jbQQBe#K2!f&*RK0S|bW!S6py!ve){)K(
zIPLvdABScr)_ZkPzxGNlPaMgg!?>OP9b7#f$h0@?Txu5g@0eq8zuccQZ)q=14eYP$
z`=Js2V^CvNxGer%4FH)WF8gZ4hW<|`p8gN~ibcr0YC{vG5rGX&P~3(NAW0jV5lI`G
zMbU=-ceE*NXeODrOlw0k5pC#QCZ-L|1lES8KW0PoU1I)Q2oG#m=7k9?=;kt?!xMWy
zA!+8wxSpiINA++<;tI5-FOk?E{J0Tpx=_io=+x-c<aoo?l<molUvcKSErJ#kG#GU0
z4m5LXm_89Toge5o4Q~<oa#~TsCs0uAn}*l0l*AsKzPkTYpbGZjL{P2)B=X{cBrun)
zBq}sfG|Cq!=wy%*CgI5T9O2S|7-6>O%oCb8|195tycRJ~j6b83^{<1Y_CoTkin*90
z4?!}IYMG*28JBZdr?7ePw-5g6<M!<7@vvY9g0rXk>M={grndQ{Ko?s}N)1@SOiIt}
zM3dV&F3Rg6;l+%b$YQlcwwm^)n;e2~koLZAt|1t#W1YxCArG!{f@AAk_bZs%=(NaM
zF!Kt#nK`yee3=<mI(1O`IpQ%WT~8<D|AJ1|zX6W&K6sDE9I-aM7a7s4W-MmS6^mt+
znD~OwT#A#A1uE`9?cWhH?30FJbdwCbO&Io<c^F1Q$S_udE(@hA)wnvmP{(w_6eg4@
z3{%QoIwmzz8PIkQ3xyDIZgVPJ{*$*$E;f|X4Jobt6zQk#WhT?Tt9rIjmXrsBGr`9~
z&Zh2@3axrc%o?5Z4WAo9S>!nIO$?%L0){K$^EAw-iU<!6|1wr}#MP$RJG9w%AOg*P
zGo6h8OFCKq7CNv+ZiOqhNH%pL>YNSEJI-Z0D5k{WsY)%&-bD1VQ&#+DY5bT~MbAVE
z1(7(l{e_?iRKGtV<OQwt2sx=;ZkuTrx?#KMn=%gx!_SE`JlN1-CCF70Oqb-)B>{A$
zNZJ%<fFJR>0JB1<cy^Mxb?~2hn%nh?Ct@K~U?C87)Itbt3>GHh$<plf>_VRBP#Fxy
zE`9b^T6v?4Bh5~`HtTK3i9=AvLT3n#d^??te+Qkc|0_5P_ifE;`u0oMmVzbLw*_IW
zZwqd13p{Qm$6@Fu+v0c97B|h)7A%@PXMuEC3|&DU>CH?h>|#Rc%}go1nMqA=zQ|h9
z{+$4V4R_JW`ghZTtp6IWk@cCFtOxUs2VkU0=8C<mw{n>kYWbpdIV#lpniC5#7yH7*
zCvgahC*B9GE2P-O@#wW+lu`)G_!7fWx{*Whe<Cx3@6ycv?gFcA$A@q=hXe}q$OmB_
z84(*Ou<Osf6OV9K5B@U?UFM)GoC}Shodly-PThjjcC|$inP45GTuzI``;x|*4&_P|
zdOD|?%MP(asyY1W5)Jk5Kcj8<PxSAlh7)ulTQqcdv4ZZ@^JIs!@rUF!V05R17-!>U
zCLP@=hnNF1Ox6>oGK5XO3q(XN?FKqRh(7~QWuc<BObJNAXo4F|oOH=$8W6;G0MOKo
zF4uN|OUTpX)EZdo&C$Gl$-EUDI*Vp5GfOMaWsn$E_m-_`{~o{~==ZWgXybE_H9Yrf
zttGLQK8h%)_Y~ebO^v=6KjuWHkZn%D!iIF+%8C}f%^_22mVhtElxq@_f+nv6+mfeb
zm3Ou$2~v|sXpF9q#c(-?S~&<!E7`SF-SR0mB#zqAP3o3rX~R`OFjpH2;gDU!n|baX
zFjYir)7T~`qO}!6Gz~O6kw(&(dk3cn3g|w><Hdp-sZZ{Qf0ivS7L%m1D`0X~Skj_r
z=_ShwE2w-Bfd(JwhJ4WJa+~mB!#sRoA?(9~I%1_0E^2`hMuUp|b1-Cs|D^wY+VG!l
zSgww<-BNC1`88tLY_;q#mZYruJ%G}z(d|D-+CpiTxQs$UF@vOBQbi~yTqtLRp*%$L
z8vxNI9%AMM1^S?fBrsgpWC6pMu||BKYbok~YdF993~C>nU+vC>AdR@_N@)=i2^SI>
zF^j~90R)MUF!P)wN&-uwBnwEavt$erpEV6bH!?)*#c1l9Y2u(O*(0P8E~GKSkY;CR
z#+Y~%F)$_`r<3uYfYWcM67dv|X$nc0)r7h(_^%>CkfAx|62xxmwo&xw0ahN2){qlK
zf;wh{NGUNJL@2YF)r{0cX60C>jglx}-w64mUFvefLApuN9%8b|?elag)_|-fjdWQk
zT`3BEC?~hDX*-7NQOpypM=@hmqd@Br6xAr9tw`+BU_>9Y6_XQu&SL!EB9-NdPQ#uA
zBvh{ZvuYe?WBvT!3^V8^nX#`hV`rQhk$xWbJt;fmOM&1AgXD{ZBO*w+)QAyA1ViiM
zDdw^`1A9WCqMzPiWsC2|e$LQM7j(z$gM&zS;@chvD{LQQGtiw{EA{I+Y>shcjWf-H
zH&RY{BlF9V@BjvCMjEN*1_ch~5F*n<4%rOokR4X<cYuY}vxZR|+HTCHIJ9F<XlE44
zcIDb5|B3$oyx|YsWV;@rypTR<59bSPGNIFTY$xvb0Pk(oi_;`+qhvir1HuOLm~BH2
z3pDnU!D8g$C4;^2S6|_lYY#(ACmt2!&8@u}L`?jO0mKY5@FJ3>dZvGJ!}GW^jTg%C
zi7F|w_B1m;!}MsIfC#n?>3i!O^o=b*UlDnh;IEVP^&0y6al3@1S*qyn!SLJ^_3xAJ
zlWo7+?IaCNPtvsM&1xYO>eGNhp*}+=>;E1O-=l7At-X$ztr9j%WOF1|-8%OgnVyhj
zCTsQm&1+<&E3rl<GzQv4*2si<tC(dWO%hF>f&Qa{66%^U)=RbR6-E&0CI#^rVeA*@
z>VVK5tP{0}kOx<aLtD+gM#j{34ixH8<`s>@%(1BthSDz>(&$Ep(i2FPIgdf3ng4V=
zGnVs45&ycid1ZaKQripx@c)2fEZg+t>mLE>#~QQ7m<uPe!7nk(oz`@1JxjEjFRe*4
zzQm*6%t<~-7_@Mlc?DdKGqJPmOc)tmxLiR{baV;FC1Q&WDp<e%qG1T#WLupoZS}?{
z=3BoeU9Q{<2>IpU`Qt5MOSU=FoUNS#4E|qGEPBL$)5-XMrIYplhYlv{&xxD$pV#ol
zqg4C)i*QHM$p*m`f|$?q%=}+a80OqKGhc2fH<p_+0}~n9aw%o%hvH#pykAfZ4}gxC
z1EBoQgFOUV!5M!O;(61idb0`Pz-gtpvlmDp1jWHC@s)^-9#hYGIUG|r-=oLOY15xU
zZ+~`Rb=DTW#1y?zBqdX62=V-89z6KMz2Ygr^Cu$A4^}o^3{QIEVGuA-1cz#G0uK@Y
zUyR@MEPrvX-<(f9`i=UT2Pbtws`@4MlSkb9{H7y!H84~a>${n~sB?j9;ywHc_M%wl
za5L)mc{ZbfPwy|}QiCtD_f66%o^!sPV}x0|k}s9&zSeS_ePC1QRwQL00hdcb6pA=p
zyAY*B9;GozIC$Ir%QN&ydt+YOQ?5KzR`k|aJNb=A8|k6AIC(Sqq^Q*ojl_y<*;oo-
zeb31sVDM3d;aw^-&&}!mB}%B0y5F1dqyf7pYeko}pi8RhvP8PXO_y0QX5~`1gJ0~!
z;ff7Wh_)gQS+OCKz<MO6fwj&wE0nlH$f(FBbv=Bsn=@O94PR4HT8N32k7B|Mmt@X^
z$;O75f;$>oEvrxD==W6>S+6{oQmQM`=TdBSPvTrkc$X%S-UD8691qq%^|e4xUkjgD
z3BjG3gs4I*@jNe=edsD|^2x*q@+3s<>~M?Jp#VgWW~TvQQ;2(*GtC5gDn^d-u8TsX
z7&$l0b(UZ}sQ6i8jimH51WfZ+_fTOBFc8^8#g1bDiJjEL_`nE`I^;t-wGl4=Inyi#
z%VxEgVw9D7;rO@<n4*#`)qwn2B#cA~l;h)-krzrs<Qo}61B~uzmJ3==4QY}3%u9sq
z>qa&<a;&2r=K>2~pr|X`KW5{9*$hW?(eN=F|6f!X<mm$l1Kp{!6&ADcrwN<94iwK?
zD_Y}Bv*?Y~(X=DCM#8l585y_ng;F#tUA6H@b8J5K6+<)K<PiF9p=DP?sPKSeJO9}^
z^n{OmgXv0rk=fYEqj-#=1v(kONGIzz(7_nmC~nqo64&*c;c_oP@0b0}c=e>oJjgXt
zOHjFe3<Y4(WZ^M@bx7#?b5KpGR01wbW~`-w>nLCc0DRBdG?FY-lG3^IlP&cU`k7QE
zr;7#zCK7jX<&L~lI1U?_L5EUe#t^A6P>BmQ!n#nMutDgu2)d-1F456tadZvCI0kS(
zB0dHXnT!F%CSw561Y-bkM{GQ5cY>leUTFQYK*2={R5@$uQ4G-PBq)kuN_M1%%>w<0
zDYiS!sE+P`;P)^!dx|PHz40t?Ww4aq$Qc5n?zqu@Z3FVT7+9@7TaS7^5bQB7UNrgm
zcbqe8dt!c9yB$B1?_}_$z*%(5ofE4GKL9@sx!&!$RBAY%>s^#jrG}aucgo{_ir{wK
z_K5?LYU-K*6q9qV6MWV5N4n^bq?dyS-Kq0gF-K@8jCD|0avmI6^Z0=?&9W5{ro#*f
zwuu|Li)R2tHPJ=@>P;Jr=ON!F^XD*kDVqD|NL<_*%g^sF7k5?~CKrP_xd}YYR1_BJ
zwAht1K|q@t8A(+z_g@6b61Id(4lQhfo2?#+&OI2T^TqbaWp{oU%lDWGv!kyW&e4s`
zj%LU-S!fjOC{!|l4$jMF-)m<oJ1+}oAIuY*j@i9yH5&XSh=&N3=w$p>I$6Js4pdwj
zE*Q)5{te}31Gx%jWOAXOI4Z#lAoK0au?V}>$8ER4W*d_Cip#N$zdv)1M`~;u8Gqtw
zM1u&aCQ<D_m`jKTTdy>1r5j=E)_|=fh+2Zh&?PFmf`D~~AuT#1<R)usc^q1kL?peR
zm_(BhmEn4rnRsJ{8~YH~dyc@o%AR8NyOGM+Q05VH0Mw?ElV7-uEgXivtjUgN`>c2|
z+?GP0@~coaVP(gxM5Ee4-LvTNI}zXi1M_rr%ozNX_T88<C@>LC7EYcKKV89dg)`lS
z@L(6LHdaS0K0UT3EyPGo5;0kp62l3m3suf%XXq=ZFY^V?zMV;(1YX?{jCo*^e1V%O
zB^4f_kxwB7m$>CSggC}Q6mn7`uN?U(s&v^dE^$+r=)9{pwel#PcLnR)Um!mqUf(d{
zMK>Z|pI7mMt;<p;{sdieRx8NoiWMRH7Q8jh(tZzM=y+8){f{LS2zRF>f!4IbBink4
zKn7xS+C#Di<b93h>w?fX4TW@*7SdOkY_j!bb69I=MH0o<6x8hhIk}(6@iP=>CJIJN
zri_erToEB?_E`69qK=QTj=e}~t5y@pZUQlf$po@HAbc9+DpM=E$y$9=YBm3Jl&BJm
zV%1mxT|pbUnZbDJ%S<4BnJH#1q3^-$pypeK8oEhpzPA81;H$o?{3{u+h*Bl``#=`F
zg+Z`+ZR;K&OumI7gg{<7m$?XTc>f~M(btm2%Yep=L&Im<0m)vgkcBn-nY1P5`h>iv
z==ZUr7E+*oT`mwKh>|l*8Jz#)Nz7W99Gv>L;S}8@r+&Bqr*sYXYNonE<%b6xUJL0B
zA5I5V=tm?M1DMc=)@7~P%2Ers0vCDa{3kBYOdH5EGbH4hpolyxvS=FEcf=n_V|J~n
z=lOOZ{~7Y_DF*wn9h+!RWX3sWUdZMd1rx<rE&Up!<W(Sz4_8a#uL6C?FqtlxEQ?|=
zxadw@vjCIrnOku7)=~RFJxl{3D-wBTl<h(o7%Pe3O86oT56ByMj1iXf^S~D4H3VL8
zj6Dc$Xjf2$Q>j;m<~rOa-|pKB7+@;sjV^ioyPwQ~gnidko^DdYZdjo5#wwCY_dd4r
zX&9^KBdt=ZDsNxPW8dYQd3Q?RWwhSjp-+494?srHiwQQpnA$AXivvAym*66L#qhl-
z27(QSTW4WV9X;n-HA_xNDM3*w4RtyTu_lThmZM(zAnLhx9^0>u9D(Yd9)YY50HUqf
zF?_7?jP#rR3|KE>$zgt>`zb4snp;6XLY@3U3D~WV0OZ&YL5RgCIndnX4iB!-O*Z!}
z3p6)gl+0jP=yoO}?;>k3x~7Uw@S#A?DHWFnA#@3;bVh0lWkafIEem1j1B|88AtUHY
zttjjEJXttzWKtPznARGWVKj3}G*QQ_c+ecV=N~%*pnP4496`H?mA(oPqxgq{Z$i|h
z$%YWsk7c~4U@zJO<buGQQfJoi9EBb*PsW20f(9+a@rx}(H`y|GFVHgJ7crA>QYu_Q
zOaAQ#Ii$`G8N{T*Af~na3&oi^<7^Y1!~NUYI;UeKKE06DkYQkmO-w`tM--|$NFXl)
zggWToP1WfptN!4^RcCQrL&~OJZR#4?cZ#e5Gu^ED1*tNfH)H_`i}mPm(z*`|+inM>
zH{-S14t&Jr%MkR*XDRK!<H`f1eQ%~?A9+1!;y-62bsJllZdlFQn}B2LQC8E8J!Nxf
zTi$f!M^>jES%3+cn6o@C6Qb#*Xt+Y^dFo<V!9YTY4kVgNR|(md7p306Na>txc{!>f
z4{`JH&&f4GaFoG+3WEDG_>myEAA{crg8MUgM-W`i;9rB_0SxvYZVOt&;2}ZqKn70@
zf(J2pK@dEc!EXe?wG7@F1Yg2n>J=9AAq*}Lf`>AAL=ZfT!O0-_QU<pM!Iv?3br5_x
zgO3Hl!x>z1ge~Y54DJ^Mk6>^^5PT(r=LNwd8N4zG9>rkz{`spAjLh*~%^-TokBs=x
z4aG;#ygj{ufS_ru-Hhy57$Q;~FSo(W2}WFk&3GAphCKWpiI5_=^!vfb5?5T0ifTL>
zXz(`93S)6#F_hOe<U1syRbPX6`3?ydhwzLyLecM#{EW5zv8gTHWNrVrKyB6X{S#9~
zEZ;lHZ&?^b_aud|d`Sp&FezZqA(Sq`bOkQ;4fSZKC79Z(&rrKEuV`0hj_J`*iM)>Z
zQOT=KCFv$B`9BL(GJHz#BUp*^1*L7{yQPf@(l-82;1AlEVAIBVus>#1q0WLRB=s0W
z>VFtg=_W~afM!?E#3o1;lz}`dt%S`%E5W;<RWSV^A%XIFwqudeTE(~trwai7n5hi;
zK}}3IS()4dl?hiNSO(VF1!)4BQ7G8SL=+`S#W8AM$Wwd{#U#NTis>RR^J&J|SY-O&
z*WjKoPyZVSl1g#(y+~q>e$Fk!$Mw^Q;SIGm{MGPR-`Bn&EXxM#kiUMI1<8EjID$rE
zpw|=BD-VY!k6lOJ6^Qig11Go{4Y~h`;XmCZ|C<-!KX}RNk*6dRV{CLzK{9ntL7z%g
zY)(P2k*K-n6r7*@TKW&`r?}`-T%3ppJ&9n0i)MGMCy9LXO{sWWlXTnGF4lWkg<2b`
zEU)vEI1|D(QlgiTnGwex+pi=a+ox=ujPl+d$b^yq@uJvb<NC6+e%9bbpvL=Vd#9Cr
znd_QE3V4P;U#ZDq*W-~2&+sF7Ip@<SAczxm4Y~5lYuJjo(Jj4*Zn7223%4S%vlWTf
zte0C`KVrW*<PwwCx-6HNK|&GRjundc659H6-yKw2e?4+o#i09bCkezXpUF72K_DHG
zhfq!igmu5h)SYg!?%fO2eVv&tpauC>F3!zVnd2g>$9y3z;|o1mUx>g=Ns0!)7)!n}
znl9t%N_^yY64S{*#Duaa$CPqAiAl}s9O{A>?4=#)qAs!ZkL3&0#f-05cai7Y-vPu}
zzouhWVroF(pNnw+8A1IdRT@uw262#E+R8^68`L?p3lPjUQjLtkA5TH<hCeE+mH6Y;
zTD~BA2>v*OKN^2L{jeT?Z^9pM$?=rJIrw`w{?5bSh4}k8{w~4a<@oy&{=R`fzFIZ<
z@AygAzQE5zq-!^F>`jI~H7LN3kR$2Zj5>2>Sgdj1QRho@rMyZ@pb7%A?V98n4Gn1M
zOm&`9U|K`ZYUumwd{BY!r6YPc`nvMUA$-wTrXvszvYbL9Epa5K0@4N&)Cs};&PLqO
z5jmg>IoO*fn>#fq$md@k?v$6X^*&z@n21*MCZC0^<xJd)F{ijBHTk-2*gky|cTKs6
z8lJ<X^~cWib5k(gWM_Jj6u*m83EaOt9Oc5Yi|^~(r;7EXKMj-JuY~>gG^b~}c|I6C
zRosBnZRWfjOv8)GD!Z4_l)|I>9?+*kBj&@jw<Hy|C+N!1fVYSxkQQxm7VqWt^M&70
zRsftgXd&n6)FF`bImT|$IhO)qpqJ!b`A-SN=p}(%21rM7lt<dk_%0ee9N!CwVfV40
zVH<@XyiXm2zc=FVEc~%sjPms%2j5v~VVyn=w4<Li5E%hJL&ygVMBcjjEFkr>nMHz^
zGbrC$li<HGh;OZ#*v~PDZ>^c&=NZJe)+)7OFvY)uL40eiBG-!iFEIEwnG-2vPT<*U
z5nQ@S`PpCOXMXXGe0Oh+Bn`BbG(^T1?q_|noXtomU4rRaIC;k~IYyU!qDuzRC1>c8
zC3MLPx@1CN!>BDxMyTCE-yBvk!E;%~!}w~X*d3oji}7E$+e)%!Fd*GB7?5zaMEHGX
zl3zOl4CsSyU>!67D})u%0G?50Z8XrSRnh>y+01%rpj#`a0ld7)8fpO5CFv5-LmX#h
z1}cu7QC0BJad>#I|9w*zKq%#Th^c*WSMl6!$XhvgJAT{Gy#&9}ZzdjP+U|bzZ}j0W
zA{x`XFVV^RUuI%{)$S_{i|?!AJJLxH<n>^CeNpSgYlwvDzBX6v>ul_mbHyHOW4}IE
z?6{5n#$2(-+1PJNEGf83eB7X1kI0D=nS!B{f)G=EOH%bXQ&dS}L%A})*a;i3wdf2C
zhlUi+AJ@w{%W5aTRjs9bWvnspTyWa(gE?uDqMQk#O^uO5Y}ZhR$W)ObvQ=b=jE!2e
z<Zta{kSNwHd2B+EBl6UQAV}n)2|<#`GZTU+kw+#3St3tN2*O0Zm=L6i_193Vwr#5~
z4cn?M*y>ADwffQ~t-dh7)fX<eDvMi%hiYKgR+G!r&y%P-M#1FT2IKv2qs%}*_Yv|P
zK-!D-{fsJ>MYX6t)(>0BH)y_#r21hi*_Qbpf|2>r@V|4991quvHlrKaBYy*lYwf=(
z&`&~0MoNc_6Ehz8Zo-<neukE~`?+MFZLOWcyk_}c{NNq4Qvs2Bx<mjG68#bG(GZL3
zBKqc-PZ2!Ve2Tj0*>F{arHSmYxKQn|(ApWGj%tUfB%rz>T!Z*NB4{VvXgEVRspltH
z#a(==CLF$HxkOM(UH3+v?~(Z)VOm47KA7bZY-;#M6mnUvGS-j_*Te)9x~ACjwT&br
zr2KkA`3^%lT~IEoVc24%J0)3mK{<>JqLE|pY$(CWc3PA=614MQdFm{bd+tw=tfJnZ
z!rQLiYvAor@3ruDs`qE`cB%I|c)Qj6b9h7hjB9!1JD%7TiKLt4`#DTAxeNP@{ptOn
zQNE85Un>-Q=NBjvt0*_9b0ZwP-_jR!Gg&5-6n2|St|c=u_I`Emb1$>VgUzyIX}NN<
zEKG$!fF$x24$i-PQV_m0B<(0L3?M8sasw(zZlcidga$MbkpxX7+0axHiMn%cPSfkN
zuu%gQELp7foMx8Tx(@-WqZLmql8EEeU6e8J-j?wBCS(a1Dv%w3SYC&FTf(NB5yh6r
zV`0+rbdxRr9%=dcEi2TYWm05W5?w)S_%VB5im63MFu7q&WQxzs^Q@=-lK4R`-kuV2
z=_biNZvk>S=8>j*MHdjG>H;j0bx{{Ab@9DRg3Xc%&)?O~2hva>{94E0OsWn%rxTB&
zU^gd<5>OaT!UhO4J}ff?sYR$eZZVa@g>R`8-DIUcyg;Rd*Lq&&KB*UxDpA~Q3v?X8
zhO*yaY8g_d-ys)LLdtG6l;O&yP)0XN+2(~PvuoADr)i>$Gpn8aCU{PcDP2Oym+gpX
zPLRqdeH$_c(k`R)?S|;v4bgOyM1O1nqQg~Q!JqL3DFmBA3b=$LSBeQ2k!FNhagjDj
zr%s2<e+lZ}1`_-`kUF5AAGr5_B@i<QTuiNXr$EfwltAtRMEi3m_o_S1vK2q5c{ifi
zL2wXIT8wV8^4k`uJgP^!SWQwxmo(62$#kU{)QS3zXNsxs!pE<eTbRM@Vm~s!EJzW-
z>>f{au^zuO!K@#VHNQqGbF8s4)NGGfy%W`jP4DkSENhPAVp4Ou$(nz5ftthAZmoTe
zi9!L8QZtGkHD{0<km98NL#F<rzGs@*m1K@sC53<b-PAd3P+5$>2YIl+w)Y&1`)X{8
zb$KsRMU2h+5R4j|SCcI`i6d;Gn`Fxu7hsFpinO2Z7u`atv=7rz2y_d<rVrDgi0Kxo
ztFGTaAUH^~+MDz#wzo#H5p1xrW5lu9y?`GHE>>7^(Wkg#yPX6ZT(fpN(T156mrdeh
zHY;PtY_3d`oZ6MBmdtpFP(o(K{sg>l0+1Dfv>DGa$H<0j(~?BKwuQGvkXpPe8YbVx
z^(u46d@d}K*rGPpfP=%p(+|#7B<hn(akYo_38#g4v(S9|NJ$mb+nOB#H3Pc^$#_VW
za7h@Mu4}PEdo(r7dXke&Z6;i@G>T50!48x>Smv{$(J+gOhKWp1eMhY9-vCHq#`1{>
zGu@;xe|rI8PRtJkrN{u~`$3T>!c>Z=L<0FH*htakN%@9GP)zJAPU=##zCHN_+g8q4
zJcQhv_%r!Se22aEN336H#KVl>Pcq_>AY$UNSdK@7h<}MkJQhT}J09_P5YcjEI$HP>
zj9@{@!hah?+!rVJNk))@WR9nTh(wOxF@o79JL82v9YidPM?4cmtcpkco)N^CMD>Rt
zB7y3UK|})8vxw-wV$*-YacceeB3ydH!OHcfKLe0<)c+^?Gve>Rp|%`}&SiS_F;acZ
zGPxR*Zu$#+o1X4Q#E&V4kcCCEt8uBUS^oquJmZsdYyZhux!do^TR+dGQ{E;bbmWtA
zXMKo<BvVeT!?7TwTo)l!lkhd8{=<Y^lL=cPi~83JL_Uo+^}{ssuAMv*l&PqZy#6zK
zxg&i3G*b87l<5SmFGju3&2}KJv-S%^cUtD0S<+qhn-Pca^zDZ`WbnBc4h-Oq4}7??
z#qf@8&U6bs8b(k(l`+XFV^MDkU1InLvUZhDJ%ql-f6mk%FT%*)NL-TQ{I7v5pQV^E
z_H7pVQkKR`n1wmLM`PFZd<lDr@RBe;tLe8f+}(@zP1Sawf_^y(s3ZaH0uV0w9rU;P
z-E=DcGCH+=!86QeTN!BeOLWq;yMf!O-6FrY%I|ORYwFBBliyIkoDVH1GmR!UmzENA
zaC3&Ail%)?(qdmMOv}n9(mL|i56+(9tWOuH7;xHfNQ|TwaljjnyoHiO*}dkE#{r7Q
zAG|x#<J2Ajsr9l`dz5aoQ+tdqs`EHpOBc_$9Z0%rI|0?-Vs-6`7Pq<%BiSZOn%)kM
zB{+4Y=vIe@vu<_YAz;3Xc`H82#o^ZKs`1(rgp~anA=IB&qnw9>a*A3|gF1N0n1wf~
zQ$kxXSOW6ONMEixIntZ29y-!hsE&@5y-f90BQ0LG_ai_!f@h#_N78=KGSZc+9z0Uc
zSI0-ZLUs8_BT~L*#Pzb(@fA(AUy&S3pi{dKLB9{QIhES4;jfGo5L*DCo&(kNIJF0v
zXPS~cu?#Y81V!3D6TXRKQuI;k_hi0l!8=X=ifrvpBEdOugen`<tybT#UKnHGI6aQo
zlayCiIflCBf=hpy+v1Ax8lnW=_JS4shwDg4$Q#CVYjtQhNHYC9)5~|Jf_r`4-KjL*
zBU^;sY>7pU8;}T25e~m;nMu79_*SC5>PM6t6yL<-kg^>OJM+tHH=t5GQ@P&fpGO;H
zC73IsHq73$!R-Y&b>e!#1}Jg&jA;=PNDqHO(`sCLyjnf+<VqU98!F=`njGnI$pLoD
z-K111lUiI#<qt)0xzi)9wxj=wa?b`6SiftZZ0ND6Vd~fJp{sM9n}B~K`dYczoNcK0
zVyPV;Tg-3HjpVa#emfPNtg|=gh98mD!)ABrF02RSGr9710aPo)zXzZVOSrksm9Y<t
z7CyW(_F7Gz8-A$LP;brTOazZ%%$P`IeVDk?F<ea~q_cp8V>6lD%=lPSI#;NSZ!c6f
zG+7evYtCXRlW5b#R~f5pU{a+BBtDEjmrwl<wBsXaL!&2eMy-q07E#Eh0t)U7q(A2s
za+QngSvcj3wOTF1_aRA>4iFaFD?0yiM65*83kUkZukHX#vq@ZSS(hKHTr7;MwhZ56
z5nk`qZUhZFl(dhPT&F|Y5k0=TSbbTbW+P;n*&<%?j5EyvAeY~<O>lYH;k&wJpePl~
zrAEB0QuG?V#%*3>Wo$<YJ})!;1TY<F@@)nTDK?j|kRwSEsEluB`f*8LUiFAqEPD+Y
z_Bit7;IjpNzuZ)RiPNRzH38|MA!{)2HC4t+O?4OUc&RC%_8zyeHRm;1THWE_6e?p)
z1<>?u;5x0^TgsJ7d0<+`gqywmP)<ChyoPftO*p4CxWl)jPjG-M;3WZ$YjioB6}BRW
zm-F(TTf1L4%Ym)n<sd9t;zjH~{O0Nw3{j6l7NiA*b;aIG-?s=lBabZW&;(Aky>>5<
z_&ETa+5<sLp_19Ql3NDZA`l#Vt;9-KAEH1M++5C7S%FVsfOV17%MBJibfl779WLQ@
z8}JItLu9k(ZZ6^R2h!~2XG#UfD=3?bqtxymDp4xbk1m6^qR~_Xm6}2o<TXWgkk?dd
z478BfxR4sE41YGNhAOItPAoMT4OCGL<P|F$yoU9qqKEO9t>ERidWD$-j>i_ZHUj~O
zW6NmV_zapmyMJFgl`0IN^B(jO^u)H(;!3HdFxcQNu6Ql$#!8Fv1xgG&-r{x*dM)ki
zN-eu)7i<Dymp4;d;&@AxT_t7L60mCt*@bx?mA+wDIl``Tj9ukYTga}q|1G;(6YMI1
zU9Ia&B@frog<alOZ%K?@03c4-C2?fez7IV2{PTs%{&&LxgTNg%NZs=0%_S%n3Z2(%
zl&H6O?6vhhP%h;QHYpw4YnERTx#n%aF<x5iEiSLRLz8)#15X9++8vPV(G%cHW|xea
z;jE-^p>a2tFa;JvQ%qy8vN=@l(bAMqL~lc;#(KY-ck|RP{B`r~;%kSmLwp_Zb;5_A
z#(c-Bo9m4>J(4%(%d39pmc7chU5f!WWkn3yXG$H8XS8VN=)2f!I>5Y+`XS{K_FN-k
zurwkDOH18h!*?&-@L!*^pYXaf$9CIKI??c5>r0&;wuPnP+qZfhGY7mm>?Z&qP8wd~
z(D0+b{3{NYVo>Mtu+&wlmY?bv56gN{%O4lXc%Mo=k#6~GTKrsp*$chtG3qjWq*|vv
zc-*199R}JU$f@^XgrUba9{m_3w}V{qj!7~Nh&mj)!Dg+Qtfrw&NJi}WbN?KMlN3B^
zrGlZ&Fq=4uaC0+S)OOd}05A^b!lrUM^j&QKYgW7m0|Ybv3jCsses%VuBXs)%^iI=S
z9cV*>m6~7`o!Uc?^M0rHFdcA~Yhu48i}BBy797%h4)_@XxV(i-ew{gOC0OcaEy9vR
zkRfN9g$=&Q*~D2U?k-7;5TF6{N})qydO1IZv0hdft~?<*#Kxr8Y6xsax?EpWIms4F
zI)O>ZH8jectwZN*Vw@{{q6PyT^}UV5RxLJFL*3J<_ess;bzk+y|3$@>d2<of{kIUs
z_IM(oNjX6FuV{1H6;DMQ+%%*!&E`k3A_WrYJn&Q6cB=Tay@ru05TAcgdr2AEhT2{`
zPTJuMu<Q@9{7y5a=ESq#)<-MCwm3ehx1^qC)|CUcEu?{yEsIE|Mg8dnIOC0Bx`-Bp
zGFaBTgR){g?uzqRdI`#y&Ew(y0e&G2UaA-k2V{=j@0emtFZ?^z-5{O2?qPp-<eQ&d
z?<uEOwWq6vRWuA}?X7~bLbqC2&Z9{5rUw`Gi#?cLS9DxmgOOUhx?n<0Cg*E*2S2$s
z(Z)s8vLiM|(QR9?IGxLkxi{<NAv^p~PUcs!HK#*>L)V;M0-vrq9SWZ_%@|p8I*c9-
z%bF7-(B=}4shBHj&#XD+QV&9_JkD_-W5<C~zBdD)&|E4+{Fo+W@EjwI@XA=)%ghY8
z{DrFN*|43k62A7G8NMfjT6uYlC0>C)#d7tz?G@xa0<(rpn@q2~e9p^k&y|qQYnZ|0
zV+lR{tDHQuoxg}Gc#SjoQQ*w*uO&%iSkll}azgZhp9JN#KcSn9UI?F;ugo;!2W8Bl
zu<-_%zU5MLnU-S{a5T-pq-m;bC^dV{xm9cMv$9i)X~tYp3v8a5S?PKRBMnT;065&j
z{P=4Ik<FO3d`rTMx3f&Zqh+>~OJ2FO1lB6jw7}BzT2Q9vc`VbjWqLuGo|K6&(iC9p
z2}uA-nZ)6tOs~`;Wwv-rWLoVN^Ioyw_LWN8J^U}YULikodM^)#o^hgAC<Okow^SIV
zRth83x2iGp*Nb6_vGr&-H)tz&d%4sKLpN7y1tG07r8a3W2}pyrqQP20ahsBjAP8rJ
zwR%Ky0F6dhBnhS=TMF|aip1V!JpY*~x%DQ<hC73oKQSc-h=KCT#~n!3xR>3r&C6zo
z(iKd6tdtG?6t8@)B#K@Xo0;i3xs<JV+4kd@8vrjGlgYbA-}FDQkZ>`sTB!Y%3RT8(
z>^8_hv);Ov{YZL;uD7y>nXs&<N<Y(h3A3X`*IQqj2)|6iTwc}we-y)Q{_E&en+4W)
z)3XT4QnUYh!tDy`%Nc0(4_D_E>bw$8y1I7aV63vHtLwzY`f82~Yt>=@RfvW@8p2<T
zlc}ssS6cAKtA7A9*D6d@bL2P8VIDQ7F2z!doLQH8rN_iM9=eTGwyii)J?_XVXz*hI
zf+C@#f!^nkdFVi=_8eGhYgU#7up$Il(d4+Ghg?|J)Y`{zX<JmFa&*0Rf5E>FzpH-_
z-Z|6K4nk1nV(307U}-6V>=2tp*3uQ}@O|pa0&iL?mttk7@HcuFeozw@ftqMZ!fFH3
z>h9Rq|3VVIkTiccL@%r`!z(sX=XmAf7n14!J!zC`GQXAy<W%JdUpkmR7L^)Ugvb;l
zD?Y={^l|vrRoWVkZ5I0<a;En)2}NMbLlFC@d>Y(YMZ&bs#D3^dd~AuxG;kH{>;oBB
z_Fqe<dTOo69Mx6MG&|Io2Fw090=6$5tm20C1q!Gxc(;j^L2R-9B13lh;>ga=<BnNC
zBF=Ty)^VS5ulO=@LkB1+v4T+6$H$NW0G7+eaJsS>PLF}()+7Qa32jcTP3Rsn^dD^8
zapNvG?rY+3MNw;D-sv^KhPM_gm0E#eTnq*P{fACH?^MbPuQel9X?IfCg_3_xwPG+&
z8uw7+jvDt>>dIz>dbL(scrC9;sjGPN>7QwfHDrtRJ+Q*L1gp&MNIsp<iCLkm%-P{b
zbCnGZ!sX`7&>j76gMG%9MOz-M&Oz$1fk|%{aK8#J?Y#OS&NQQ|?I%MEGMjs|DB7Ki
z&PL4{)w97D1kN<k^^7Z4XPW516%iYWDzEyw*)M2JE$&J!;<`K65v|VsdzRI+^6Q4Y
zOtn`j8<$Oi4eO)SrpJWZezPAC(uMtiv@|0a!g&>Cng0L=E7V-jW(J@o0q9ADBguK8
zAY%~o4f5B!Scyoir<bu@DE2GXvm4Q@?J$cQ-2B#Db+K7OZXEudG;a6sgU<Ak;B$GE
z8WI}ny%v<N%(lZk+SfqFFrKW;b^x-cfqWIKw=1)qfV3INdfXFQne753-3>df1xtB?
zyi|r=GI|+sdS$QexDqT2EQG;mX|K2HDy)aaBM#@VQ^rc|Ub|OWiS=VHg%9IdZZA8u
zm)GXCtk}bAtE}kpTD-RL_Twuft&wcw$c7JQ0xO@M!(x0(&U05axX3ZSHCNtNFB)%z
z2X`>C)FvckL0bEG3G|f@I0p7!WFNQWb*u5dr2G7<AabQrxl|neGsaTz7Pe)+yj_^-
zwG2OFx$R-m)viZ-mfJ}10NRF&)_kU2nX~$QAi|E|@EEE0pdQ#B!{{t@rA90Ti}Txp
zQoNS#gSLa6<-Sr+UukJysk^V#)mQ2)b$Hn(T$q|Z0$B?em8xEcTi)tbH=jCoD&jib
ziVbvnT`rcpG^Wezb~|jK+gs{(+Q3q;$L+F#9$mn9hc5BJr;cqN8nP3=?OqptJG^fE
zc6v+k+vW9atM5x%RtB_i2c;d=_%K=6_cDm1*GsxyV{7$*MSp$o^FQ0Vf2q)hIycta
zkmn+=u#zmes8q<8@;1Xm*kve;!HUIfC%OtsyOFaW*trcbe;Y_g7iJ21>`*9U!qm3R
zdsPTVPl08PLR(25*UcNNt+l_v8nb0SjFtB>F1vRg_&iMD){@s+TGEPz<(3{}ihB*c
zsdLc}3h?mkz>sz<vo*9Ec3X<xZiT`QEX;B{q-FSNfL`uQlj_3e((afPdb@d<&81~v
z7xW*3%Sw9~5FKxiZQkzQvXT3}-OAoF><-Z`hK+79HVj`G72Z}<XFc|JWYX4z{hj>Q
z!e*}-`#bcMnl;>n{T&Ho`JZGp4&UxIS6dD7nBT25`oU|>Z$(N>+nT+`nv222vgVU^
z8?O%)TIux_$`^BjiyJr`rwiDC^D<)>4rCEix!BG;xD_WQ!gD?HbtCpdy#8;-#&9&W
ziS9w710>N1vDXsV=g1i;>Sl}O2Tq6AqUyK0*lQ3U5Z8&a*%ody8V+wBe#j2Z%A<zi
zo4{Kvoo_8~E-iPuyyX_pYNx$j{N8dj;Bs%d@OJo7;BN1*5#vF`sz>998;5^knR*%K
z*%4*2^3+{w3QGEj0~I1&VDaWa;5U1%vw<^0iPps(y4I*c+2^QV;DIgJ-sj{JSFNki
z&#TdjwMH5&wRZV!q9wt#?+IwIO;BQ)^f-m5edVHlGSXEB;^hJ4#H6w?{3IabrOYUf
zwO}4%z>VoVR#7qs^azksGt6AGcuoMP-5A2goH%(bm*?_$F97K)<9LTNglESvqaCZ2
zLD1lJ2JB^JN)N<8fu>a8-xu+!iN8NqJf(vw<LMauu6dX{LesB-cVBKn^(*(hOnLPW
z85FyMcMN1btymvYa?&#xJIJxLIvMOTNI2tePgllT7D1`BI2eIj(%JH=pZC8lof&e|
znU+PE<YtH5Ot!^oNduNn1Az9;rTQ`N`z_bB9)aili`|sNL9DUf0xjD(b?iPkH_Kga
zZgNW!oFIT!Zt!wj)BZC!rY7Eu|9k7r`hTDoJISTo=(R8`yqxA!dDHD!$u!OEC9Y-V
zwoWsD32K#oB7hpka@KgYb=dWa)#A`z4pvACUa_{A;u&S+8&HN}<T$*XMCvS+Y{E9L
zR~)O1ZH@s8a{+;V3~Mo(yyl@8Xy<%iBM9khYH)L_#-lh~lhDhIbGRQI!m^pR1mw{A
z6p*)Vgtag+CTMNfzwDub@Tp38Kb=ILn~fa1lhRSJAZL8)6fAPAy<ro6949u$8wB~V
zD_$Zu!UM`Mu_799P_Y^5!RZ0%P|Pvv!9ptJR}M*Ic=@oEy+YW`94ezNy%VCEM}xWf
zaU9ahkK;fELZvL44JIBIrfMzVC|1zM3pu2~Pd&pB&SU`Uxlk@RQy^*b?pS^tssxKu
zNQMYlPLzunDfsvl#Z2JE2q6l=%2<SKn2yoZF~T*y8%Z6jWE69*e84KMjM3(IQ;)+!
zev<u$Csfpg%tZWI_46zu%+?~uvT*Ih9cv%cFdAZiv`1y^c*y8BnTA2+f2mVoE@-)B
z)pVM!+B!D$u;#?dPKc11HAU~Gi(#LvRRq%1ZWO`LW0=@c={OGT%c4(J<Q09<OTb84
z%F@N4<O@K8mT~PQoQJH2o>I(QU9+V1qK>Jd#|>GVVE`BFbyGbM#uFDz?&W$mc=^bA
zB`;sfNsYDKq3dx?0mFizHb$HY$$qFL)w1qX>=iBR08>^w%QB_FLgb+j;tDoF$6u>b
zZ@@D##teT~u_!Gd8>hR3!IjNpm~ib9k>=Sh?8>+XtxW5No~o1@JG{nqMuAdRhMw{o
zJC371E!I!-I36}&Jgj&)1cd*M90>8-fFBHmYqV$+QyJ^ofX!Xurlv(0YDoYvhr`$g
zMy&b*^EGJuD?J|u)`QML2QL>#ccXGf`Hkg<(GRiv_H4+FK|v537QIuc-qeZmyW%YY
z@cHNOdHzId5lMsvd7SS61ickI1YXn73WvsHdu@qyc7o7<ai}J$v4;?%2y%T&@tD?@
z!q)3KHX(P-X`s}D5qhy6@mu{Vkg0h<tSOrck<`Gd3Si#i@e(%`V5aCUL5t_{%wO+w
z5aLxlJ%p25>>b|X+!*#7avEL2DG_!$OggYbu%z0$5|)($w2d*6AVyC~wG4kB+Z5vl
zF;6BMgBsX7y{whKo(*}+CC#V}u`^kXhWgP~0#!9bxG_7<T{yUpAvNo9XI~@naIW!H
z#&N<{I_`E4DZ<&0P&u15!=C_sIH^IFp+^QCau)N4?$RE|ZolRhQG8tM*o>gAE8#0;
z^R3h&;?x{I`o+Ea{LGF9v3PrBQ{E{za+EQB7UvhaJ<#{^TqW4qeN8e>ICkO=z;$(-
zdJnX1hFEZqPHR8(VYQh)2l`}f+?nPYzecVTMF-WViq7XE9acp}5!Olxi(&|in<AfB
zK5b<jRAqzY%qg0R<~NE|^SAjlp;2!f;SsevGg!b1K7sY7D4F-FvE7DatYUw2t?m@`
z#HTQpXvJa2@hk^xiGg8rV=liUo6A4v^oIuC|IZTY5D3ebb)L8S+7;6?&_3*wnVAx2
z#w%R>{4LD+|0WvP`{dHlV&fTaS(JvAzsLyq&|>2m=WZ5$+)ljZrdk*F4#nOrul^)v
z7G<$t(y6zjpKxvwT~o(Sd}RzahHl4;dEqk1BgVSDW_IT(;ZE-&3}+fgWumQzH(I21
z28@}CrxQihEO*-7b+W?dbD2i_>OB|^e;3$LR0Kt*_Gj*o$qFZ@5KvZVZ!RAOD{i@=
zC(B%5<k8*8AyCaT{3J%R2T(U>TDBaGkz`aV41_X{zin=+w@@V&N*M;+yqDSL<qIQ^
zyXC^RJPu6C&g$sLfd*Fk&|73l6IOov@tC6EfF%x!uIS@}G^^sd<!v&(2Gyjq9ID{@
zZZ-+d*MYS#b|pzAOai3CMf{AnA6LrOv8aNTL&XXLPmSdQAk1g9J7r=G4R+Fb`u{mP
zEs<U>PGfWcay-}PGN-n6yOB4j$i;YM5UWM9Qy{7_JN#R`BvHE`ds0q~S08YAzRf>@
zd3VR7e{fIXg;@hgYYgylJmNkF<yfP!{GL7uhx1nEdueOAW9$UX*Rx^M@o?OklQcK3
zFd<%~x9_GMh|w!dOhbB|)By0_h;L0g1AF%VWLx(;dHkdmSMp2P{&G+1-3;MhSJYOR
zSOVDa18)D7!AEA^k4sV5PX1RqS^ooc@GReX;%5C1!sY#7sc_o=5W%hf`Ee+NfHD$Y
zR%i<LiKYo1a3`<Grq1l&^tLvnoM!ro%U9wBp!eazmwsu}oy1o>&V-qjh+NM%fHpaT
zW)P-C5Z%A2AIPTO#Vcd)O2q#ga03;Kp4dizGQsB}3AWR}!B(;M=PXFN4KFkK7qC8f
zAHdXIf@oWDG4Rr@J+ug!O`Vs)eHuC<?Tk2;{`5wiDaXCGL8lB-nAp`UcQMNe&h&>#
z-LYs7XZj=7%iT(WpKP`+C6Hx+d`-){@u0^`%Pl^W)zwRKyb{-t)4RdMh|jGGcH+oM
z5=D+@O$8xkhi^K(5PTsH%G?W~gLa?hQYwU^^u#d%Nw{msKv3m3Fz_}<ZW;Q_X}rv+
zjSy*!t}e6<m_>KuD@(x9W3V0AjgZ2C{HuhXhwEVg;?@2ud0op~JZ3IDAvE#*NRoku
z$tUJZayTCxnpy%;Y{k2lFJ-si5P<MB5o4OO8lmlU9{BnU?IbHbOHpKIu*sR4S^?4O
zL8$(^%*J0r`wx_yc6n`ZYGV+!U*@bGh{AVR&dc#Tgss>(oA@BSQ_n%(8}Jd94=})T
zb5mC#+tgV$FFJ7**x8AD#m)M=!R@~sA02`_u^JiiSszACOTuYMHqAs+zW|m<ci)|<
zGX5TLD6tHh`~*$SF!k=`)~O>!5mp@QF_2JiEK@{%M1(G6U4r|M#??KzSZx=0>vLGP
z?Z-z(Ot)LES@)!q^=r%l4204pn6AL_)~Ly}7gJ~aemYsdP6zxLU}7HY6S(*!N_>oT
z<Q(4yv>pH96d_^LOg-_%0@|TrviJ9Re$q%0V<$cbc%P;mX_)Lk$_g1^%;$e1oyx$^
za{R68XG#7i;io*m10zY<so@LeRLT?YL9qSw@xI!f0668-Ck{ogI8EbmCg>%&<m$+|
z2<F|5p|n2;d>E9b>82;Hp-itaA;|c(+Bqy|4n`tyW-ar8Zw&JOmoFXwB!U3(gw600
z&36c$tdEyWB|D)+Loi)|^L@yp*_pvZj(b(OczX=*#(WLXqE_;>hO}GGP5i7iS|QVV
zhY=gjDA6sW=QU?0?nS!gsB@ctEPzHG2!1Ek1DE3}Hn1^>3JcxSS30fzT41_{JyLnT
z%J6HP=pl7<r_af$DiAg)y?o=smvQ<yq!`Ghr>-ui+_UklF^g8Gayq7SJ^}7v4)Zgn
zM8|3KU(Ymc{_%8#=hT-uIi>`(JoCX6<>&B!(d648F11bQJODF?0bdXSp8znvfH3*(
z044}D{mrl#SkUx|^1EJsPm<pa_?^124Hc)r3svG1!o(*z#V5JNCm6&hSk%7Q6Leod
z{$ifk>JxFjV~TQHbkns}lv8)&od`;l(|>w;usnG)$jwYPz6$l*4N=-<A~Jh2uux{{
zrYG(*GAkj-?EMU%z!L^Lcu^A{adJ@0_K9C3B**<$*WOE&v%$%9j)|<Lo!XP21U(5~
zpT~$yxjO)KtK6|yb+T98O=>GauVUJ{q;d)2+Refq@CJ~Ip7TaJS^pGP020q&|2k({
zVy6jRI@WVs?QR!TAX<`zINrp}8UIu|S^qTVMIr`ed{<e9JqH_+kwkU=TV=8_&8+Uk
z73e{NSn`Gn?{vfh@tf&n{ePkZh4&V?G@c}Onjy@|ByyT5r{35BDnle^Fk8l-pp*5_
zqyr>xg-aw7JIxS~NaQqAPMtv{R|cwglG!r;6rHSp79AkjC~nq&8{Gaa&a|YOmPFHp
z0i`6FW`-$DD`521mpIOIrRlc=QW<-$<kLgIKf@h(kauzQ?9lHq&ek3TV<vt>{UYA>
z30P)$Gc!~BI0U6(XQMz}f!>V+*!oSshE#bsd5l@^0di$=7;h6eWm_0MEG?~#P;ST!
zX45_E>Wk8i&U5Y-V4ivy#nc|b&vI<su1!^HkHRl^iY@KA6^~kP1GI@-$lZK#y|vJD
z9Hw+w)buhJRyO1+C$7KwV%Y=D5C7Dum~!p+MpviuhosWGLl6!(M$x~J7lD4s$TwpC
zAod0yZt%nC^aQQP3CwAV#rj_QUER-emW*{9rpn3p!_w-Akti=fn8$=~v^xAa@MdoO
z(^nTT3`PoBF>fJ~be@u~Q@hgMf1t&-0@_2LHck(8q&tUjIQGDm*>rUk2HMFmu5+Yo
z@@@n>r6!YqrOtUVb<WfHf!1a%(-NnTTkxsWa=NyS3Pg@ai4XPT8Ll(o{t<jM`mMG%
zm^bwpe){nJ-2Gk+)WP?2CtgYL<PiX>H!};86-aG>N~}kfq?FsRv#D|NRmhm1`WcX%
zoeS=tpL9~H=}@#zzf)~AG{V~wdRvVbwl6C-_0>*PBQ&($LAl8Io8VB5XKJ5iH94-~
zJ3>w>^(<v%nyFxJF;&B+A2+5ljhn8<Zxh~stQJ<dQ|&_31*dgcf4aP-gypU+rEI!=
zOUX@lY~iVGx4ebtLb7gUOAcNh(steUEx8K)SP*tQ5RVh#`O)uV28&%bTx7*o=?r#E
zv(;uE=N{`TWoo~!@<jtLS8d@cGC;0^a3Qw(BBUb7q{4}+>b^XQ6{f;sM-^KVNnEvA
zxVmPe>Pw<RcPyAX@rv!1oL98<@(S$|2GrEfD|C!)@$zRNNV+;^6S3PYBC0E9Q_+~D
zB3s>WHm>q)T)ne#^(Jw#MkHC<DP9M*mec{YMBRc~b!x3(;;>@*_A%^L<*Q2$+#hRl
z8N4!aNd_n9F3I4a+a;L}FL#ORh-~Vlzps2%anfq^`lR5P`r!Bm<Stqt?!w0F!*gso
zqzUVT>(!7cu&uU}G6xa%a)JpkS7AVcO<?4dMzAmx#&o$VTEXT8aw&mLYGDCBw5iP-
z;DdlzSbz@_V)Gh&B7(MhRs?P3LJ_o;Ga@K8gM?dT0U;1^TWCNCx{HMcgrL9Jyg|j#
z`7A8Jhu&xN2KdmGEiAx?zHIXve7NpQL8`1CfE<bP&|0eU&>E`p(7JVOL8W#jZ@Xnu
zssEa-&wd!!XP(tzxdrrDx^qh@pYGaHDx|x&l#1!4TX1GCs^hGFi|95S8R$gc!hsC8
z%jiIy{BXOC4lH^N?oz}zU~hHw5S&`c<MLC9=h|@c0un}LkkEn4lHI&eE%7`F6kcA{
zB95L^`*4@00idFSunb(Ku8FC|hH4iwGL^}QyI0V<I3yBg#Cr%;oaafZSe!W&TqYxR
z^AIvp5t|aRuv}e+jKpPhGwIqBM6g7o!AaKuGLkNnF^g2#29Z=IBk9@)8HvkeBweE*
zf+ZRvINo?oR*~U(33#Q)H&J(KS8qaZ5S@jT==It#UQ-tpcQX|n8^>$vmar;vHj&q~
z6e_QgikuYhIlEPQX1B`jvs<NocB?eaZk6HLt%8G`$yV`Zw@SzCR#`f`RY-lJRqC@^
zrDt}d>@mAhMrSuld9FqY#}{o2Z5C+@^nKeF7)szpTi9laHiI?{ngI=^W05vYk2Z{q
zML6Y!u?VLTFcy6sSL5f>4Vg|ae@UjxD_oN4_KKHemU<1r_;m0;USD9$Y8-t-vZGUQ
z!6T#8$s?oBDX&J6Q(mdW4UecQaqll8s^dm@LmrL8j-v2}JQ}C`qHV1<M$eN(RWz=`
zpwYYr5`q__tcJ$P8IQ-CWO&P4t&Pq{B52nbSeEifSgs1Wv+1A~SVn=}Mq%vUz=wjW
zkUU#16a&l1R?#IC77VowRrCp)4k}A3Uqz>|_<){e<f`Zu3WGMVLw8Uv?i|`-8vWI#
zGow$TiVkb>fwwH9p^6@>um*NrmLW>Uwv;qlpk!=INuy~?Nuy~?StVoJDU@z$0<@D+
zGSWy?i&`?TMVeLu<195nD?u?@s)JU7W>gr6u&o4@ZSe)I1f6Zu1+4_7ZSe)I1g)*G
z1}X||rNA(Wv=YV>n=WW23@8>~&`KCl6c%Zvz(|U;62>~4E@&kTb{1dIN*L`F7PL|$
zYzZiW%IX>DftW2}?Felwu_0uT7MU`Gv^J3r(%Lvn(f1nuR(*0G9-8~pZ2RL!ar<Mp
z|2y_ax@SwN5w}~nl$z4j;+9f#y4tX%v^ZUD+)`>uSDUt!u<F^orL-hnUAzUy|Nj<q
zMMuMKsAH-TF;l!ow+G=yugOK3c)-bPc2O)ZOfPm(GM=9C@cLaNJUFK0qI{kAdEOEi
zWaz{XCz4!HGgc~9O0A<O;$o0qE-vtjaTy8#_X(0#4~NOv%&*V`(dIA~F?v?AkA{{+
z12i9=vuXmQQO%$xZ!t6kXa%TQL5p$dsf?RC9zZP$!gXudPoNSYyb{ETK*?*WE(cY_
zWsH(0WGsOyW;8~L2lO1NiQZT<i-GIKpp>`_r6s79ArL`I4G}o{S;a+hsi7f)_EQB!
zu!@EVJd1?sZlkcqREWkBuUZgSXe@P7Ujq`cl}4xt019j+s@a6yRe}a=5lRgWxRPGo
z3pB8bh6Yw~f6%}x8X9n`UYJVWnEEvFYE4E^8LCRihdWe~&yYpVuL2FkZn)(E)n1^K
zs0^h|sPszEKnu~(fWx%aZqUFg8X9O0wt%OsqM-q&1u-(==r=&7KD5@oHV7WXi?^(3
zX^8S}3oXR9&_ZkrEyOmlO2h_fgWlF2;k7|w(;{pHGK{g>FTA$u|Ha&U$4OBH{r|l?
zdz<feXYXz~;vLZ=BOn3>B&Z}Y01`x^Ao*aAB_CM?1q396fEYkf2?jtxNlFwYh^UBw
zs2EX1KtT9?s(QM2FTmsT{PX?s(%atmR9973hv}J}?(tBXx(3o-N>lGZ+DB>XAV~Wu
zO??FEM4Hv`{SoRX07(qUKkQ0{-U1ZBJST-FpveeG`TQM(&e6F$2-<MI9+IA~hooba
z%-cn(=I<hv@^_IE`MXFke-|kQzw&gE+WET(HP75#q)7fAa$Ei$QXzj2DWAWGr044)
zIJ@TSB31Kukt+GS2v$(#?IPqvo-R@;e-|l?0_E-^e3?U~j_V`U;1~6+xIR)ke;=ut
zzmL#Zk*ANO=kFtB^Y@XIg8B$|4cSY$Ysg*_o3P8S!BZUBHF%06yN2u~+%<UmDZ7U3
zC9-SK=>tugyN1<GxNBJ5gu8~-P0%%TH;L~RR!2dvK+loa16D@~%8tSp1X%Tk3xX6g
zB|W9yynp`t1%U(SjV0Jl!A!(oubG6u*m(|r{bmq<G4$hak{QBZ4DkB;p``o&Z|D2;
zWSn7_<UPaED9AHcUBlMp1`U4JB$jH}y4;`|ma`+1YS@~;(%@%JT&ad>(n{kX)i6!H
zR1ITuM>!CphUv*_9tcsxw80z?gs5RW;4BBiSPi$sxrc|sSPi#RLt(6j+hH_Jrfwu>
zf0*8w$uu<&;KX9h90Sy$s7xlVajaRQNj-{uPsI7unoaT+F;q&rSsar35~xp+Sx-9p
zlA3km#6tyiVSG)J440%d%f=}k=eVF`KI&FfFdy>fpS5HBQTp_(9RrZkr)TXLfh5yc
z0m+zkST=Yp;^5&PjpZ}KMr8{j1{j27-T;k8Tq!ssT0Wyz@IX6!PQ;1R@-LBwZ;GFZ
znSkXVRSfhYh`1iKd<oD1PVq}l$G|OZB-04a*Gw3>CGx=pLV(z$W9XL5MPoR*?1{OI
zrO6ah#2P0y%jE<b#mQwp*~z?d7X~=nDSi6F0H-_2@C$;ve8c%pGJRo?NGCkW5@7?y
zMQkv`uzU`{XA~_7A;2k5%9-#PA;7qwj&q)5$?zG)4apgWbvY<Im7Y<ko)o(rl$}bB
zmE5WHj6(G!?o@h4!F8rPRcuB<4yqZ2?nvCJ^2{i7H;V6Bxn~sIhxCo%xGse0nk;Kv
z7s7l^#YA@@OxPrg>q3~ZNfy_IFlCbrcQ;iR!kkUAxGqF1Uit2OTo=L|S21<ri%G6h
zr+biYjd9n#nC42kxE_Rgu4HjN2oqh&;(8Efx{}59AY4C47T1GtX`q<yLAW+h`g9M{
zcP!$15UviST&xGt<$+{zT?p3)lErl)JyOMWAzUFyxwtNb3o6Ah<Wp;P#qP53(hO>=
zbV((};(8FSsU(Z_Ae<Z}it9i+DsdeMmsL_Ot^?t^N;2JnQgEe?GjyRl+u;QLzq(Ra
zSLw3v@D(~=pUPf?>r;8|!S$)^FStIHodwsYJZh@zQ`t+b>r?8~e0_?J@n0|a|F`o6
zY@^+Q9!te<$@IHx4SeFMQoOq|dy|QGe>TjZm)1uj^lS2DJi?XT3Bp)A;mUd!50kmF
z*5j`;`ytX$C3`J?za8@j{hZ6X?zD78hCO2C_GUNp#gy(<_@+wVCZ&IpQrZi9J#=1X
z|00jHGzO#xv*+U(!N|+8blTLzcyy_3IC4J5@Xn)1iB?*CnU-l92O$%mB{Dd6EV3e&
z&R7E%vKyitzU)c(>&k3|82R0iuOJhPQKH-9<`}ti$7nqj=Uo06jcu)Cv@kA4hZMeP
zjNT)qf5{jn2p#v~k7}Jq;&kp)_@+8Hlg{%6#67!>4rJu>SX#&Q_O|*s#l2VDS1t2G
z9E41KmdJtFv52po)|K&DEbgX1F7Ee2=6{a+7Anr)`Qz?yuVd64T2+JZsPIi=w4Ib*
zC?G~<AJcwE=El;x{GJZ_IK`-8+*d6#Iu1f6K1<~N*s;jJv2?~Cu^3H`k5RqH|4WQM
zrs7=8AER;|b&Phz#b~I)H;vJ5QhKR?7<KBTV-PtNOY8D?@2rngjF!iJ)iS@tLCC~s
ziB#>P^GAlo(iuVgOmFpHXJTAC+76ljxgG7J;{208Mti#I7}bYX)sBjFi&uK1f%8*R
zdRfLOuK$*PLhBqAr!%VXP2+x$bY97)^J;gk^SwBoEqeSHKR+j(SM%xY-c#!=mlP}e
zdWCQ5=TXx6Z$6#3_0l@;j??+H!Z+3VHR-&TPiI1Jt@D{Uooy7psm|l1^Ljp=Kd8*!
z>}7E}Yxnst@jOX71y<bio*;4O-rwU??fg%wPLnDdsmgus9o$!!*%gS@%`Sy+TIL@~
zsa^S}&nrXvX`ShDI(I94Q=LDPP9vYrq5ZYaK5;ttD11|$zmZNyKArQkw9fHyI)734
zraJ#1oe4^3T-|&cr|P`{mW7+D`ioRKNmcH;SvyescP37$5&17lFOX7K0shqt#;W=9
ze^T`isd8)o;>tQMPS>B=|HZAVq|2jq={A!V)n#26r?j`iHx1x*QtB<BtUt!7nlbpl
z_-DTjs(ktVt36cvC*mf)&nSFT{}M>4zX1Oph*Ndz@c-hUn^Yy{_iyM(?O%^LrF#^<
zsee9FnpA*)qvKSWqyLM4Nu(-Z`6u6zi8+U`r)ThU$2mb9vYxLVLFsUM%SCtz8B&GP
z8(XQg^!iq+aC!|ZRRmjwvRKjZB0OMC8A@ax!w+8c&^djJdvMgmS3EcxB8sE*l|K1<
z4}03w9e5};Crm<eB}rx)oW`@`#t4S|H}gCeT1X*dL?OuL(4Pv^@XiB#hQqy=$W$Rp
zh4~=f3{#90-De${lV1CY^m@HJ^`nQxDHj&$^2Z!3BM@Q>){k~F`jbR@?XI1d(5j@k
z!;rYAQ@Hmvqr!2cQW5LWbL4v2=A54dI=8Nn=LnS2zYjaL&aZFG|D<os4fTzNKDz#c
zeQ||<C#G=J!BPrQnB$4npVE`?oYelEmN>1lhUcVbJi!3lUCGkXH>0-?`+Q*|68D_8
z*hbN{1Wz(PA@?i5bGy~C*$T;q@h~o=(=)o_>0Bf_tC%ZQ90w|HCp@al0#-P}a}qs9
zf7(`q^>~(ev}i3_;=*-_CP7D0E{AA~f=tF*g`!i7Q-rbhqA;p*%E$OZlgqR*#sGRB
zZe~$XZ%AAVuf>t93_O*Mx8p`C@Zlo%%;NbEXZFMc$Q6FJXNPetCk+Pm@`A$j#UcAe
z5lZ7t9{8Bn3o9kKjp7Ynd`>X<UA=HoppCL5|IIv0ZIr(oBZ@*chyFl>@?o(c{>o-7
zzmsia1pUn_1Yc+!1b?B{FOx=A5lV+y57+k?*zAC~VEynAtVU$L(#IM_u@)k;oX#80
zqQ-CKO>km=6e%Zjwafe$vGN%XC$`{`B_L(4Ol)%Ib-H-LFoU+T4D6XJD;+8moYkIU
zU!Jji!Ant)bwn_UdlaWbNL!`JK$fh77#QF(x(yW_r6ZHh674g;#sM@=-oJtlp|O1(
zr%%coSzke{9F`szGF(=dlSf>0y0qri#|AQf$Iqf0;x_n2Yqn%bd2<dnXYJsl0#W^p
z^srD?2?~_Kv7^N%)>5wGa0jDS3HrdgNBY2GlMMdEx<`D{A|sMAcnvo#jN@-uWQ5&9
zyoiyV_lT8iZs?HQb$A5j%@UbZ%cMQ?1uW>nBlD!%nLV&P;&ts7I!M5hBl9wu8K##}
z#+DA3!Vy}nN}nU#0eq<vxf|_2yJcxCEW-jEt2m``9K|U^9|<{S=>x?nhfgX79gP)(
zzo}yEmq#t%DTCz`>9CTdHQv2g6mP*1n9Zb*gq-s90kakO6RRijN#^Nr%shWn=H<G%
zY}DyE2h}MZw0xo5mIGvF#9b(Tr5aecslM=f->mOSA)*i8iko3e5px8ZtcMFZ`CYtL
zs0mrB$jA7y#1=qQ!V#3E3O?xkMPKQ&GJV27dM6;pEOC{`V>&9=pwlvQ>?x7C0M(pB
z!ZM4IbqGt*j^E;oIQrTLxUySOefc9b@x?8_Bu18@B0cg8mW-0&tO&%Ug6zA>piFr5
z*O}c9FxhcDkem?t6<N##na5<mY&GE&CP_sqio^{VvN&B^B)+NA_sVr4LbMcRhKK;I
z5s4MLDmm=PxfLH&So%tz)#y|1gN*e#;$JGWJj#X6Y)geDAq!5zEl0eF)$Pps9c>%$
z8TT1}SEb^v=xuoYYGv%AONu$G+m*Qrnf(>-je}Vf#6-`ia;V}gETZ&QF5-#&`idAJ
zza)AhRbI8eR7!N0;4wUVG}f<Rr8s#JcJrF;<CT*g9B$JgBZPoaz*WGKog8x0sbfy%
zwqj0tQnHs9Q}K2o-fkIhtHMlr{f3b7#(Se*5dj%*q~8_+8E>Sw%NPrBNMOw`$D7W1
z{gAgmjaxhm8r2d-#p=}WQMHk$N7@ERkdSo-fEPYu30h8d_+)oFvj0U<b866+gq)i6
zflhWCe<tMA;!kJJ?fmJ=sm-76oI3a<e`(GAAbiq4eJ*6hj$A6UKZj*U);DOigPupN
zWgf!!SQD4_;*Q51k}fzb7ZNNNoYDoXa3ojx&AM{2`UJW^jYdWu(<gaM*J4gVd!<~X
zwwBodgSMArBC~U#aO+!#%07au#=>PEL1h{-8ez3^7?=rEg8IB1?=|rb!h^O&{T1u8
z1y|NjC~C6DQ7I7*HfE=y-(__L!He^{Q&Y{S!ku*qZIoBL*+)>dWF1G;%4Yq9zuCV)
zePRk;{m132)JNtvobIfnWCa5hmD}|4z?JMXDpxdpm2NS8qvjTZqGlM#Dit<;Sq~yn
zRx;WJA^Sdjr(LnBG&uYv>2i3ohoa+{j;wL`sOZHSL5GK3_wX2+^)prGY`l*!>kXum
z6H;h%77BNz26^1VZ=Y#Xh8e<cCdk6c-4;mJ^h;MUy<_8v(zrA8GJ=!rvMPycgX`FI
zW&J?TVMjb_s_+iKx+d_64;^o8b<}-q_^AsC3_o|^gO<Y5XWoWFeaDY>5$ikX7<W>>
zgq*wR1AXCc{!GZJ$Dhued-&6pQ=dLZb>%ie$GExVG(gINlrh!^v4$Prt=>0+lwgMi
zmUL$Qj56gk1gh9iibVo8H6#_1LXyM;8(D(Q=H?Z={Rl`*uxR9~r|knQ>2pZ33)z1m
zzQeH}7>pLeRB{Z8kv$$GLDmUWW`&~YFT)X+>*z24Q)v>sDQG%epkCOT3kqou3vQ2S
z5X4QVtYjCpM;F?oD_47T72F=N?-40Ol~a2}_pJUf6%3~UZ^bhC!W6<z7><e<?_yH2
zbj~m?LwM=7{GRn43g}NkgQE(pbWa|au@p$QRjVJ$rb?owTb2Tw@3CJV_A61gR8{BH
z5M)br$d;ObH#mS{8^HuOw^I){(`4`Q63M>EX9IBp@n!#w0uE31N2*8g)i1xAv{6BQ
zKL5(`wH@k%{>S!|g3hy&N`?y)<{L2#|Dfk>jbIoZ;9mMjV6SrSqcj@z{rs7b)0jV<
zIZg0Mvni5|&8GO9noZTRXSSf(uAD{E`P(h(V@4pHG`AvAYi>oltO*f$z{94sqYQr^
ziME!77Xf<1x1t_3%5-3CL`x!<!eLkTO3b)2A0&%XCMSP3LYxi5C}%6=&X=t_Wutv-
z5-Z;3$->2<_m$R&9*v=Fx(AMj9GTgWz{enb3|fFejYnr5g*{pAXwtC#c#0=lmU3cg
zCw8z($Z8LKEYl%G#q2++Ray$Wk-;<^OLofFJIaN}gYKrCfw9mp>wc7pMlfxjdzk6s
z5sC*4UhvGP5!(2X<>=gFiI|?)DC#UU6+;+)1H~~O??zA!)1xR^LlDkoS?Ayx`X3dc
zZUmRt$FZS*0mZPajEebQ5s$%hxCXt4kvrKNv*gWMkXLo(LpRh*_2SHa5$6!AG6`7C
zgIXacdG3SvN!rCLqW%veh1#}V6tc~J-IglThitcE0}D#in2qq#{!*rq^%F-v>pDJU
zPv`5WyRnBF_GZ99lzESV@hoD`4B-=ldsCQ1pJ+xO2|3O2A?Gm;(TJ4eA9m&ftyCT=
z@X4=BD;uurixe4)E2HITAM|Dp62YdpoFDrYQU;Gbvo&fqT=j!gz7NqIy6Ae_($`de
zCRDRPxH_5u<*#T<K+_>xxTMZ{3KfO72^D0|CGEK?<TdyLZAr&*q2J6C*rxWK_VS|l
z(TBOr&WtS(sp`khie$U?Bz$vbe2c%;O55eZcC>M;&fb<Yv}NgvkIP*|Yt%yov_yJZ
zynK4FYv;IwC31c1EY*Z@+lDKkkP~}~(o4jdhiS)`%qz5~Iv!P^_wLZ98mPiUSg4M{
zDeEg*u%7iLeS^c)4j#fMmp6m1O?c{_^DxRKs~a~L=}TCCOzXvM!Rt&9S9NBu;EFVI
z9wO;*&Li}JBkgipBE|P8T0uAc!(Ns^8CY#Es`92;q?5l|>eIt~>jN=iWo$D&%o1#o
zRVo{-jN3;u=$3WG#`!?i!cr%65k#kJ%dR<RU@OhX(7Fn7U9yP+WDt`C+FR6WcjUKJ
z)XwYhRjh02X4Qtvsk|mjPHD&GZ0o}fpCI-vA!}v5g{nGSj&>Dr<7Qj#+zIiy6Rg|`
zZ6QlOq{9d5pXp()6SQxx6}IdQTLI&0{u4t9b<fT)hwj;$Tz2HNp^t=|NAW?Ec>bh0
zJk^Pf&o?BPITXD<^6(tYY3@h2$!v!?4fdv5ixWJX#anq~UKd}_SrZ)EfXnVQ!np5~
z){ghu%4tP*=vpQN`t4dj-U3B_jG)8W@0Epe16y^F!?=fHIoy`ABJPGLWR;n=H+T}I
z!Nz&c%$`W(w6kOq_!`7u{gf}OZ#m&i58bhvtd7tG&$RlmJ)-GLtCE2SIfL!)MKcjW
z{7+j7(Tt$H^}S;C$bgY3Jrx}9-EI_Vw=njtR%9@ZSOPYNN7luX&q5~7+LW&`yl4K6
z_(@UgP=92@vzDGhrZ+BbrpL&7pC*Ww)DTEzJ&wo>+6^t<NRgMsfXrv$O<8AF8n7e#
zZ|s?pwG3IZUc#TUS-0Zvpl9sD?#rr1$!C$o*_#VbHW_4@n2EZw+%z8@;>DkC_=6c6
zOOZ`a<~&q=b~gxMyOJy~Ol3|4DT_7amb(|A-N<YPVLD-Bfe&VZ7r~O9h1{$^oHYPi
zvtMxGPkkuJI)s{~6ZEuRw3Yg_UTwJ%(ZWJ3FU1KK0|?#X#K{#&5;(XBTUW}jGKY0s
z{`R*SmE_1>*BIEVly;?6NyoYoS*vtL>y7_ugAw|q?-hF%no5_DxOHu0_Cf<%=B*f|
z*7}&=%`PR%4{UuA_JrMR)W8m$Rx(Xx_Q=d-3*pU%N>62_+JMrG$p6q5c$}qsQ&r&B
z2K47bMxJ<ikEi(}=g_!ZS$9(xq<-kiwjt`nDKqV7L;q4zMB2SHcS1j*u{$9am!6Qd
zYL>bK_P?Uu_An|$_cq?=u2<$TFboRqsW)Lz;LqOruEXQNb|b3>W{o)=NrcW1ZD7mE
zwmQ+_5p<viZNW8y#j!&b0BWUe4kcV!)#xstGkOQ6RF(YBLG+nb6|90YdY8rMGpi9Z
z@`ChKh<VW&U*Saq@}dhJlIN+IA6-dc1Rauoa0dGb!t4hnTv_%0*M5*5IS%1kR=7}R
zgC~$)2Y>j`T&V%mt$RPV1S;Y5%t&^)@Q0sou7VY&cq<h4hfJ*?xBIDaT;{kn$?kM#
z4nixejHBTSl2%Q!yA(|Y4OeJi(Qi1)(z`QeRKi)(L3h=EFH~WVz8L8a2QjjDqmOXT
z6ZC;?s_>EZFLh<Q*O1c#U%B3zP#fWS49jC5D;(joAtjs!en4amBk1t7UNzFOr4>@x
zxC?)AzNdqkgP_tfMQx7GOY<$gyj?pk&17~dFMrpd-LNgCL8%n8GFDabVZ$;Y<@NcK
zU1}?fl*_H^czxeZ-NI=X?;4@=Z9@32ewdvjUaSG{zq?UR8MDD?Al8)_m8&DlHP|N1
zNX9t*B$RhlM{MTji;M%xo`+E`aw&E&(tf-a#9oa%Js3M9o4{g^MLAuOQWF%g9{U`Q
zb};5i1ee=&oZUf?w4Ttsx!of%L2bA8Q_2iIatgbPHL&dFklmgI*!=^N|H<wn6SbhW
z`!-mv@)mho0n6?fvfHZwyL};<$L<e6GS0&$>4TBKVrgx+-(+RRD(^2ESa!#g-QES*
zz3UmRTE)3wyX#|u+U~8-=CQk41IzA2vfHNsyS6F+(e8+tptk!rSgtr{PgTIOJDKeE
zEx_(akjxY3#?w@se?-bU80r0-PHVfrf#tG0Xu1NH-6>?ZpR((wd9&<CA45{x?L_@3
z<0Tv`lvW~AY=%A*iNw;d`YrdOU0}JamYS)6W%W6-+Mle_bIvW5%|Vd6fz3U!Ly?T<
zwV1X!7%bjqih53aCYj3O0_L*ySxkv{RPOSXo2B(fM#j?G)<LiWZOtZI1GFvN9+9!E
zG+Qh5X7tDPdGE}>F&z2$@#;cp=@ld6ViJ)Pv9vaM_naG;oJS@Hs`_&Z+7FJ$!9~cC
zCzc=LSh^>2Ep{Z*d9Id%t#7#cwt>YLFOoS=0jv5JlF^7&PI*njHitt{*({>UXjwfL
zI~KWnzLwKgmx9Gx)fKpyjAfHCb^XJ(oC~xLZ?QbKdd7}L_QcZKR;7hEu=OI@8YFGG
zg|5GukXPl(XnZYJf1e?usK1txc0URw5xEqT*7et8(G4uVOctZD`lIVRF5h9~P&Rce
z&r%JRiL`h@AB*gYrFHolEWUxY<z#JezF2O7yt1WZY1yi~L?4U19ZPFlRhHhs)=IK9
zMA>Ss%Jn+rm92EIsyNG7xfk`p$kJF^8!NKx2FBhXV?$*aG0%ysyLrf>>}5FP`W`(R
zU8rz+?MV7dS|ajhEUoLV&dWD2x`vDnQ*{?-a~E=Gn^of4OEt2YmhOvmdPPe_uEo;Y
z<_oXhz~)<IbGWkU6gsYVF4r2p>CIJKpM=5mMv=c_2O}$2Xh9v<F0b9d+`D9ML_u*a
zwo<F{W(<gn>i}8C){#RoiO9@VT3VO!;n#0qbR!uZ87pI3)pmk!Xf581&e;A|6>~Ke
zb7<tp*zw4=H?^!T<_oKDU~v;!%pr@hXG6x)*Zb@v=#%eeXSc<h?9@EEtMX~&8g0iL
z*&qAjiyV%9iIiKbr6NOPX?R8x&&-yUY4*7X2jYjo><2Iz#8RWJ<lQ(Gj|B0*v^{WL
z%=Y$JI=AiAw+gnsgKUp4!1g9&P;ESSxl6pQk3`1ArBB7uxotOkr(oMV$@YZ*vu)qI
zF+cjn(z$JaiUS43d=J@vssP(_)@!YK>f60RABhZ)OaB^6=eFH(W5KpRA=?xG&$jP<
zFXqSkSUR`u^6wXH`!llrbOE-5o3z$E<$gYPBof}Nr6TiV>D;!9eNeFNLu7l>|Jiow
z4`a4pjiqzjF2AK<+egUu<N|D0+p4wZDfgk+k;vd}S}Ia_yH4k}y$J^jYHMGT?Pvba
zwvCUpy~wMvbZ*;CJ}%hyF|z$^0k)^_)LQeDyX7u@Bof{oOMe+l=eE6IPr<goCEHW}
z&$dhMi`hOMOXs$|{F8!hpCa2+3$R_~Q>`^mxo`bUABogF5KG^FP^WX-u6w9p+uxJz
zY5!;2^*`74B8`sdbZ*=Ce^IdQGi3X@nC;#;kGXNLEYjjjWSE5WP-K!yc_Z6Y(igc(
zNm>=_kF@y85>4bAEV%#d!d?*aOg53vWRpljFQKK|&k%5{OR`_chv_jN`sVlHnlj;y
z)c)GChRvlZDSg<XXreVaF2IXxN}SgV<n`ir@?r*gLHCbz98O=v4SbG636=6jI;*5F
zw!YUNS*GX><B)sRZ(a}nBoAg55Qmr#gN|8+_eS1TNnhj=C1o6%eq#yTBo0$Z=7zO#
zp1gQo#=$L4qb@wu9u{A*;@}<iI9>f0mvb#VHxik3$vTwmkPRT=|NZ*pWZX5wF93KH
ziY8Rp1K??Hh`HA(({CFj<54Z~B9(ns{x<NBY6Cy3qIx5DD(H*o^~?UqG(~UN1`f5p
zS@bWH2eV^sK(|93|H#XiRZT=LsH88V*E{<oja60M(1+Zsp!2rFf60eA%7?f%u;r?<
zEZacgSR3f54#nEQ|MRudH)sR7*G%VY0|K-9F>~{^fp@Q|HZc8P6@|z-mGnjQT55l!
zl@h&S{By6c&KrM&JeXHN{I6bDmSy~l#^OIw9g4;O|M@!X8^k~NdhC4hcT(x+=Zk-J
zyUiMhj|nT~jkK^?Nnb>-)AmQUD0;*A=U%;?H~t>-U_k-#pKU11`NqJIIuwil|MNB8
zH;8}kwch#S@2Ao)%oqQFQ^kLxLq#FtNzn1vYry@HDT>}O{<&9%=Z$}WJXoaSA9pTp
z;!!>bm-b=1O8O$DpU~&QiEc~ahCbw8NuJk-5c%*z0X{5DR6Y#%Y9F5RSxL-`x@#Y%
z`~N2&a<4qk>q9E}uvq!v6kXK3Xm~(d-k_4ch+c{Ak6chRF-;B;$&U1a>3Fjx&CBFn
z-P{Y*^O{a0(@Ugj+&_!6T{Ea{M^w@m(JR*dku{3m*mmxP?0Ib$CELriZMW#I%H7J;
zwil?RFQQkr`y(e5joHo^kKAd6OUSazA0%=wde3XW1lfP3Ap7M)+J0Y^^hNY4cz<M_
zqBpmndx3mj`z6W#$~gOvSmo!*mGvW6ia*jZ+43gN82uzuxLEP{!scE=pVwF!GPYV8
zqx+;f)^98A-iSBFGUSWs74`l|XGL#rKKEk#yykBq^KZwMwR5hrM&4CMd=b6y-XHO&
z{-=`XUX!2KbOkcKkxWzje!{XF*`;)QBUQq>+<Jw+KQc?vxN>hr?({%>_sYF?Kd<e|
zWc!1Bwl6EyxWXu;ZR?f%{>aCQ-qd#PHU4>RS0me7mF<UBylGM&Yg;qZRD|{ARK`zK
z$fogy%)J9ZUPCp=&<<U<PSHu(qMzZt5qDu-M7<e+KQd0yxFY7aoO_#qyq0T`<(+I<
z{YFIBw0zQzm9cA){AHxy9WoZ<Pkb?RZzPb{SRFF9N5)hBc3FU}21WDRDvF!bMT@8V
z<2!5aeFpNHx|2+OVwKCS&j)f`h<vVW_#%440e_@tF=bhw3Ni|^oO?5Zyq4>c<%4l`
zd4qP-rMR*dYd7=hW_+9Yfacz<Ag`?kWb2DKTY1_|wGx&MUqo+Q;Ex#T%5ton`7J*)
z^kx@d_mbtWbbRS|=mP5U&J1NKR>nK<ux(n=bgcHJGpszz<lgfjZz&s-t#7m~b#Axn
za$G50M!orgKhmkBvK%X8L6&oGjF8uIGqQY2#~1GdvdS5$QWpBhSH(S_S4vwcZzQvf
zmGt49vr2s_U|KZ}8Oug;@1&5|b_=q7wjkTd$5AtEJE~IN$QLR}w(ERrN!-x(LXx=Q
zjg5!N_8$e=?s@|Gw%{@A$oDGcjr2TeL9+de`ci=H50SBKr2na#*=|L)|0LV7AC&&4
zuUKqMpS&DFfB6-UV$%XGK7wDnyqOj7bW?UhCHZ?(gO*Jj(2LUPpCA7Zu34p8l^WG*
z+**f7f}s0n^QO2(=}~yza;jUryudC>w;UAd)&EIa`YTr4;uAx^GeqguEk%Yezz@=v
zzQ1)7dfvYpzQ11ACQ3Kxn?=7X(LcLLu(esTtfD7?FPCjKL>Lb)B6%49Z^fpza8o>1
z3%=Yf#4H?u`=T@U+{ZhtMH$H8{*ky3&u@N+eR(rH_zp&ob(Y3){3jqPa9DhU|LHr#
z@UJy~9HnoxoMvP>o9KA~8v=;(c&(dErIxjcW9MvG<+JRfl6w@a4p!hf#dV!Jp;JNR
zl}8srpG>`@Q_pF+21qqwYm>{U)OLMzB~ob(QA48m2%E?(Y8Odj^+B7M+?CkvJtXsr
zgkJ?8^@?m9Avv$;qEo&xc8jIxRJkQeuAF8;%}Qxjcb$}Tiu3o|#Xke7yn_NV<rOuN
zlGesHk#b3*++@4>%8q3MqR1i}=SUJGiVKS!I%yOA(&^}5|6m71*0=Osn@FBP?3TGI
z_1Hi>GYA$EQ@=;;cDErl56cE96&6j7+JuW!iypUIsf!Vra*8HdHu3Hffmrp2e-taH
zXrozCizSIi^wG*ArKe6&6}3QKC5g>Qz5f~IJ&Y99zEku^O16ksx7oyTuD9JU+QbPo
z#UzngQr1k8D35w0yGde4A)83YQKy)HNtO2_Ls{zwIT?e@4K|T8lw!~fZAwPy07@iN
zFV9q|U5J`wMG-41rBkd5DlMO(g-Lxs=#)8L)!WF0>gb!6&rT6S9YyDn-SSaoqdB50
zHQUFkR70J2ola$=-lSYH-Lfm3Qr=geqxALGIXYZc-VZKjvsy$otEQdeqfEQi4nEhZ
z?h(}@+G0thEZf{`GU86L`iijXqZ7`*(wAS)s2mkhu7>we?5Ci-@@VniDs>wcnn``l
z4k@4e<R})^HtHry<`o02{)QHYmMQymd7J9p!=|ddGa9QL{j3~GqV8>Ws|}UUR7an(
z`ixgh*QqM4Wsh=-!HKdTC5aj9WM4=UyN=3~R|wrh$7QHKxCOOEy%DQNu^fWRRz#dZ
zdr3tfc8U>67%jI_d+GY6@^l*FC*#sV*X7TsBboR4V$uVzID=M9noEf4J?!ESl&^%S
zc2#i7DYEaBIUW<!(01i0`W`fsmXNpu{Z#hfM=PmRxuU8k|I|VC+Q;jw9&px5g+&f#
z<FcP;T0Opmm{3D`a0?cdlP^wDua9iwN#e^-RnIGqzAO9SFr8{|rM%*0)Gw82m2ITu
za|tn{yVCrAO{v){(z;1GuPB4^%CYVnv?&>l-&@KYUNOjukW-9?4Jx@;)YUmImr`|f
zR;R8YLQ+ddjA2v`uc(8(l9{t)biJa3)rP!c+ZpA-l{w0*2lUYlZLQXHc{E9Usz;wY
z(Lcy5r>LRZ_{Fm}tA9*=P#v9(wj$*ot0-#_<GoeCPLTyq<<V&vePn7mMsphfoMP84
zcB?mjVYMNrcvZ_)*P}|wc`EPk`e;H`)%R<CrR*-=D=hyKbdL7gtGjjH9#(62iVisI
zO0PDeJ<D@Szio;=yG-@{&k#x3?tiaow^FI5I(n>^O4atMyj5ROW6q}aiUoEm|LV0<
zkvxFbPGb)Ji*)7>{Gr)}4RfFAV{F2++a~I3GVB!QC`>Rv5@WDrV?WMRM55SBiDooG
z@%;sxIQOq4WuYu6t|Zx+{E6oT%d_UQAELZi#}dU;n3b3m{YsGzu=gS~H7+g*EqH0h
zr2M!Td5mo(ey(yoj%#T0dG!@Vy5Q*_8?0}A9(BdGx`-YuQ~F3urWccvI8&0$mSA_h
zZ=3Ych)<*g@(gA2%r`1mAF+tZu)~V<6E88jU;8sqyuqXho-31jBH}G3OJ+-dI*7qy
z50jHx&v48f$HIEoLQ3;!@h!_lFlUk;jut;~*_-N;P8Mh&_;>KK%Jq!+jdN`|t;key
zo=IgZsvX1(VaM4ZC@yH3S)v$|IzOmf^F<{lUu&7g;vO5-&e`8>Vg=fuK*`%M`3&C_
zY0Kox3U*D}*=!j>@i=-0$*e#w5LlmtUQHwl(t$}^O;(C1lZYm7pv_Sm`#hv_y)Txt
z%<q=1sMsW4W71IP+ALmY>rE}|lf^Fav5nfsWV8)weV5qHxrT+&p3%<whIWa4Odhky
zRgeQrenaF*CJH@=ZB$=54eX)^qEF;YCYwsfNWeY@G7T|)OPSpw+5RFT_W{m!M1<Ha
z((I(?L!E24C}OAhv|MOonew*XqB!fRJ3^8ua+Tm*zo36f&3i>nRB8}s(io{{r#@H*
zqt2H1sK@OS4XEP9qZu}f>=%t#=DncZBK2&2ne@A;WO~{LG3lXmJ!2crWW>)(^E%sj
zwtfP3q^-R+EZ>9m0b1syZ3>eWnw+yu<C5;|FKulVKKpDYXZk8)+Ltpatx1}FJ(EWL
zluSwcezx8R<Ds-(-hPH<9>r|ta$`Hn-q?PXBQ_d(zQ$~HD~Qve$d`e2Nt)P`G2;!2
zvV9b3YA=P0u%H-j$z<4?*>7c;xtO0(t}-As4Qk=9qrQlw+M3&I8&ns6rrMcAMRWTd
zoa<4`dNJDr_C`#E*8HHoG3zO@z$UH@z?=Z@yl&1iRo;~(3i2S6FYdFmOjNYAw>GFn
z?Z>7slnb?Me~ih87?Bj|z`1&9J&)QSXHxH|(%jD8g?)arf)Jz87Ng>Edry`LZMA6<
zVRC(oB3Q)Dq`a2tW*^0RYLBv8xq8^gvP>N<^Q3(WlbI)!o?iBu>~n@CgQr&Q^O#Ju
zWQZ)}Tnn^^z3oew1gu=0ZGG&^+4|#%Pwk@AEBn}2uuSbMHjDJNui|=lT(yZYm=i=r
zKl>Wa^&NVpBI}tvc1p?gx4*|E5%&$GOqTsa)*NY~$N>9R_PLBjgcxW)z%pxaT_kf2
zw134d>K?5*+x`ptvsKGP?SFBu#+I!$wx~V9L2cE@R(b~8gAQt|)h(F~w!!vNEK^?l
zGsIqrWr|xeTWmw@cQ9!@-Y!b6ruYoCH)4`CP?8Q}n7t{JYQNennGyEKn7mV1k<s=Z
zOkO#y$XNRTCg(;eGRZ!SNxvTznPPv6$+BgN%(p)WpM@A!MESGO{(^&g(-`yu@^G?v
z)xHF|gt+GkmFrdeGM3qexgyE@YFlZ4oi(RpG#)#e>U5QTHAmz1Pi+=iZGW3(YHf&-
z4NOjAelByZvA@rxHfDK5?zFG5Zw3+K%?FjtI{U{g(?aWc+kS}sSqPsg*Bbjf_9HCQ
z7FS6`GC{s%f97d_-nAcNnJe1*yY^G8=X<T^UHfU48Eff@ijDSPm^_WvD}CN%|C7l!
zv~Wqb*#imGHp~+-lAJ(MbzqDlnaN_Gy*bOQ#JXLXYoGlACUbBtBgrZI@B|wD?s{D5
z`N@vou|aaQtzYc3SZ0nUf7st+neUIQTz}YiF!_Bp?)Us<6HnML*!L&U2>A`p!bGCt
zqWv&rglLL(NaRfNMf*|C_40n)>;vh55&WkF>IMJKQn{|$&#}x7%p;_pf9?M;v7vS(
zaT_5g`TWvlMSMmfCt3eNTlX17Sf;V|&}Wozz6gI7ZLx{#J;^h_QHEu{{Xvo_NLeRE
z^=Y(2l1a4%jf#*Ff<{^*tw1U}1<(n^he#AlZtJoh8heSfwV6geCc`i$D47PV`9ZXV
z$8dKb)mF@C!sHmPCKPFgQsB<uzmh~nG2;Oy4be78CMt>>t(a8RGU>+ST=q*^rlj#C
zYxXUYxh9K}#z@ZfYMjhymf3;!Lz=hP%NWy`?6o{3GD8weW(~+J)^i<^m;RJ7=CaHz
zM2yH9ds$-%%M8-C${Nd<6hp*hu3L<CAVKjN>Rpm5#%?Ab#*srD!~MgoT(&C4mu%~t
z<<DeM-8jo6GEZ5rZk%IVEw%OP#@|f3X;Ra;&bbyK*IRbGIB&nraJZ=6pR&jr5Eqla
zs2wHaWwI%bBr@3-rzgnd5k!M>k)C81wbgwX)gH$G9mH)$n90gBl0?PrMtLUZCkU2_
zin_*aF6tMHu+b9bii$gp`mA{>YKO>VahK7MbG2NnG~Z?1$7HM4e7Dh-$pOoHRMa=R
zF`1`j8W?@q)@jRDHKVc7pUHV`y|IzyLMITnA%@bQ7FhaE<$6wAf7lqzWbArbiVort
zV>pxO)2du8jj>El-XqJEVze@zX0qDyu!CrAOkr}wvYui*YCMm!3(;!3O^keyqVcFP
zi#;5Lxv?a}jO(s3@aOAFHnDC5^^_bV;3jhYxUk4*BbCVum?BG=F-8d{&pxVT#u`y3
zhj31pGUJS8OvV>hWW2GHNi<WD3C3ScCSr3Jnd>Q|sE4eNM1PiKqS1`Wo*FUIipkq;
zVx$d|L-^r9<?77js@6Qw=;ooeQRBQ#w8kBasF-N<#g7fRQaFa+6PRG}F_YIiDw$`D
zp`I5}gMWN2WrTRv$YJtH92w1Iy_Jh(#xfC>W+LNR^ENA26l8*jTEfyocF}Dl`7_0s
z%pP8-V$)<XlM2-&Sz|0RwsWrP7I_=wW0v{7s*+i19AcRZ7TILHXdGji<+yhzZ7nzc
zV41Hhvcp(z_`KxL9!*vnmAn+O<K0xQwZ;QXjun!&J~K8LBbYphJ8`7>Fvw`u)5ao4
zK_;+F_7gFgxhylnA}1iT#7l8rvr1~l{u#zfFV)U%<COIc#wyPBz9kbCTa2^PXHB*m
zf3mILKe35D_&+MP8Go_N(EXBJGPW5P*wzJ0MnL8g%XEs9`G-lZmt%UaGAW8Ph}68p
zu=yxry+2i&KQf$546SFU;bvmfGP?~wlbTv)w~@re9Y=ybipD*bbzB`AA(ojECnHIX
zIFiCL=U!4C?lubfs0O>>3?hBrXOv)>r8?IEqbd`-F6lv|CX;)$%pv1;CWYfj9Upo4
z_z0W$aH$QcL&hCUro@rEI9FqfL?LrGlkf0r0p*H{BL?0V1rMWDY~rOYLcDE!W8h6#
zAR+V=B2jU|Xw9V8V|FGxjPH$}OiH6=lFU)#M`JXTVwIJi9}T>N3VQZ*Q8GUpGnuT@
zGCv!5qZDK|p!Z8#zZtJE`M$lf^_TH3lg?e0p1+Mxm@Lyi|83wcQqWUP`+Uhb!DP1f
z`I_-3lZUj=!r}H)uDaSEY(>Z9S?!PED9Yp|?GLs_WpYNB%jamw<ae#d=fE4Ap!tZ_
zljL}miK+cbcJyMhNS7<sF^0)tttZuicO^m30<9;_@jR1_+Mg1Rmzk8&dP+LpXVO^5
zr=$aKM}nU3wVpDL{Y-Ar{*-r|WO704sp$BZ$y3^&iVnP&2zp-Ada5{rOg`2A)O3_&
zQbX&h<*3c1hxVtI18*XN9z)kx9Y-@JEww*)IXW^)(e+i&5oOXw>#66!+lQd%y!NMo
zV-l0Qw4VDN3z#HmJxv^InQYbNYU02fhoEPt*3;avgUJ<Lt`?5NOtN&j9&-G`q@FIt
zLyq%IR%z>xIGp$u30Df1txZNt2i`;kvdYqf-sPytWQ$d<O(1x)5M=sWKA$k!IGQsV
zs6A}sc$CQq?O}UIZzi8<TaP*LHX-O4rENX#n8#$Tw)MCJZwG=*CvB^fV-1sbx?G(c
z?=d-~%hlDfpGjM7tD6I_27(@^w$<J7FO#C$R(FRBPbmb&ZY}eqBbCXgTINZ-E|_F;
zv_HKZm6>E~e|kA?XL3dR)5p<_Ngb`HuLE!Efu0|=t^ST-Opa@r{tmo-2QpK%tpSc1
zOqy$30~`yPe5h?j9IKf$(Phte;MF_ObI}?TP8d;aQBK6KZABe;lMcvx+Mgkg3rt?n
zwuU$$fdA@Z4nX7K4r7=jg~?0W)^G=2qXU_TwVsiVhD>^BJtG|tF!@pYJlfHf$&*^o
z7zbXV13jr)&p5{nCKa^L;~aP+4rGpMnF)^9n2gc3COF<=63{+RbnIj@OWS(df!E<c
zPXn!Ivf~1i3EI|V?0HWz)pcDw>qufUO1JrE9cfIS(`|m5qcW3<+SYRpyxInOzSMOw
z!_k4sw_0X~18=H<%v9~qY)6#I^YCZNB03MwcHk8>kSU3h5{Zg=j>$|$BdSDp7>gW>
znAC^QM2;GZ9d9w|ir;M<?~|Uz4!o|CY(Wo^sCd!wF_Y4W7?B;uD~_+3EQB5+M~xMZ
zb4)(yY!jO|Q?3<`>r7_VQe>qgEkv5nLywes+ffC-N(9BTxZ|<zH9Eh)>!=!{8OZ1_
z6xraY&N7~lCCPMdbllG5tB(|U&v7r4yR^(^$HS~=EoPol^HxV^mYKd&<=W;L#N+`@
zK5~p^57)F)xjuGGVVP~e#>n)LEh8wp;R=y7PZoO|bD4y2HA>`8=N`v`5Y2YBTOJC?
zyujq#Pf~`+GA7Tr!&MS;5qX(Olek>VncRW9SW4y%CjEEB^sHvm0(ah&%vL5{=EP(q
z`MOF>W(Ui3?w6NzSc_{S%b&e0bH|S{@+p&p@5VGAWO5m;K;=5b(U`GN%1|`EVwu&r
zYouhpVd6Rv)AKEpd*Wn%U{dO2Oy(yh^{o1$i2cIk+^(3+A51#p{)V!3j>(zzF`4sB
zk`Kkm-%J+Nj*)-3-nUy3i^A3wF4rS-rOchqeU58P%31Y(4~Q+9TJNG?qzryJayXKy
zg^#dWW>kFY2q)9;JDF%>V{v~cDh@b`ajsFxcJUK_Px{Pxz|n+r`A`ZXB-4y#I<=ML
z7-Swu9s|vzhAWvb9X(j)U`UaZj=@ZZo05FyJn0z9#C={^nol~0GkFTX1xQ<`9nUi9
zc1)6E&eM+PnVds?Ntp|dwM+_Iwmx%SbZlbs;vyw;(eWXZ*4-2dCv4+#9l;$esV6Pr
zBbMnnM9CCM*vm2>W-3xDVIPwQy(QTyZb|r(bM;J8GMNd#vdq2did0DWoym^_l&wk$
z7n#uA9%;R5!oN)3#=TQXZcT8cPz_cOC_Ob2d?{3e;Y3AhCit2B^`s)VCnPfId%KEi
zorDnUDZW*adI=?%oGh(!-II{c<ZE4u7S57PmTK~_vlNrdewC}0vvdlLqF*#qq@%M8
z%gp^&+3MoFjmhwD6zS%y#iVvn<?8OdJ%z@oC3v!i%8uWOoVB?Wi>-FJ#o60=7n3qp
zJKW*y@4Scg47A$eE|7LCv(Rc|he5isOw?*WC!7PF-C3rV)mqMg3<442k=@Fl!Ome^
zuG6|)L!G0UG~Om<Hi{hQ4A!$}zbaRb^LZxkbeA#{T%(=yIM=AAO7m#v%9N$B^-N1u
z((%qU?BN_MS5%C5uH{@m<GNe6gbB_KOiF&E$kWcvOuGH8tS@pNVp1VTwVzj=Ke9hV
zv_C7Izc5*A#Tmb_IR9nqKHbJ%cN(eG>Kf@b_NFs|N#?yu^IE5qNg>@+-gdf}^y#WR
z+~;&NnV{Rx=T0w^#%q+!Urs-h2X%|O<V<4nNL0zVT!B<-^V23NlH^Ke^4lM(>;YFH
z&Q(_H3Au_eses=>WDHYW#h4^#D?MRX2`0Bi6shV;XL5ThMQ(RxFqv9akvm+am|zW@
zrMaD}Ec+8`q2kltbqf>h`ESW|a8=@5Vvx$!(RFJo-4B2ISw*_Is&lTox;^)DHDq$P
zZoR!-O>mzuD1z4bgWpD753|e*)s?LYuHH<{up-a9hA^puA2DP!X1PW%NzGO=b6n%t
z!$+nonYpf~S?0XfGuQPD`+RR@m207E2Ircuqq@wskaNAFOZuv75&K+A_nj54msrNN
zUD;aUdWFd&y6kVbUSsm8F8dnSThi7QRi|&cHnYq$obhG3Ho87wQU<>PNwUSYi*vo@
zQ?|Cb_OeWQ%v+?)cGtdC8h>7~MjIhMaUEpR!HNcvL!9dX&Ym*YC$7&~W*O!HM1=U<
zb(~2>Ym6dtlF3l3TtrSWnQ5IXiJa&7T<#(D>~j*KHvf{<a}T>ecU|CIJEkdH$6N_v
z@_C}xbIj#p@|88R331G2hDlF1D_0aG#N_%p8L<iOQ?4+Rr!8{S`JJn1m_~pTm=Va5
z{^Y8_r2GL%PCL)L8gQ<pgOW^fpLaE58UGcP>%8khmN{Z+UgZAUHIzwbZR>(-G?OBh
z<|*!Lt|?rKW!4yuH~F}xvrKu+;>e#=+cnn=wsrEVvUSZhlVyrqBijn-*~Vnf=dz?L
z+}B+nvF2Nv%UlSadnc3Nc_~9=Kj$in>jqhN;r@onQOo*Ro6~(-%2@Rt6;Ai}OxEf+
zd)z;>=Bd_92G8BOe`BAY(c`?weV%jKK9m0Rb=P&*EJSts^*q^ng{bSU#bl4wcZk$2
zM0Hy3FX`b?XI=N5Oy1B@ZR&2yq?WF)7VcJss7}x7I&I<Zz?w%|{Y!`z?oLcP=@!+(
zJ+KgsHs9-(NrbF-*DbS!JDYQ*>z3KtJ(+XOwsJ*9Yxh)^xor6(L>u=^CU@z!+Qz+z
zNjvK-Ofrj^1g%km$P%{RUYEU%dnuE@Dyjb7&ApaOT2{A>9`1LTyq%(Cdbl^Uhb{Za
z$Zr)r+}l`BRM+W~?gN}_r`FTY{RPWh(X)a<?ha`b)o=B=a<IEg8pY?C^{V|0ad&0%
z*g>0UfM-^tVwk%-lS+t&BqQBfOp0qV+C7BH*JvA3X1seGlYo|a$~}q61DZ^7Pi1nS
zw)L!gHj{6(o@wqEn7n^NX`b$0mPV~^l|``D#l3=MifTQx+^;jasP(+z-pr&H$|OD9
z;@-!kjLx;seSpb+ZR>0I_aH*_(K6q-e`c9qwdPaq3rv1`*CyIEp{tTV-L}FMRmXZo
z{&E{ks{E+P-)<+9`!%`X_7|qwsfS-Zq@JtpaN(t}{*a{yZ{c&N6{fQP@q?5hQkeDh
z|23AYIFlj6Bspfk?k>%w>jov`@Kj(@?>j|2o*GPS+8>YSHvFC#6jkdf8Na74%S;}o
zG#B#JXEH)-F5<bL$=!D$ZulS119+N4j}TcHX(g%X=?EDis%e=@o+mh0DNSzo^yiW`
zvxpG&JcC*0LV3IRf?H-i&oCxc(3^-H^)&R1X7UuC&m?jhWDJwfag9%8fVYunGL!PS
zJ|(ikdB0}{lW(g@lICpenZ=}^w$;?LkjaO)N||3hk9b~Z(omC@o^?znV!lC|qoS2(
zqm<FM9`$@!m}>c~w$;Y7m1XwpTx~rcGnuTdck+C~<cMX<;qB%*!la!hPk6p&@~+m?
z-E)%3L@Pc~(bMx2lYsW8pXWUL^QrbH%X5ikR#=+Lc(Xl@BGjHMYcj~=XEImoiF#6*
zRKmQD%AV#N>`7x%Oj{q~DbD0~OHWPja8Fq#12h@osleo{Rf-kPk)EnWC}JD6hod|-
zS>`hA$T*Mj)M4_hrKhoXf~Nr!Q<JAW_cH0F<1^9In91gfO3yQ%hnRe4wU(%u=4s1h
zm_<5!XLvd=nX7Zn^mJshT9fBJotZ59!e)6m+tZE7J}ooH(}PKtCUZT#n4Hq}zQEI;
z$-6qvi#!9F)Yoxd>>13&Ymo`w7d^w7eDa2{tiR+L&E(85<<Bdg@k}0QrOLkCGl|Lf
zcveeB^)=5FCN=OIB9Q^!Ri5XVJgmv<o>@%((WQ99Glxk>?el8Sd?v!Gi!|q2&tfJW
zET3QZzU_I1$wA#(-t(+3LRTDRbX{!stY?`SntbGWuLzBY2kyZ$O-VGT-RarPGOa8U
z1=-3ZqRB4L$4qYjSmr9@+~wKJWW1Ky?K#9`Q5-qSq(>b2hRIe<_IOSeffM{}{Jt7A
z0_^ep2!iLaTi6AWtzy6DEazJAyd=1<<-waSA>+pVI+^Q`$6l032JT);^0_CWDD}an
zn5#>2#N%d}nmX4}kDp0I=laSM;9UD~29deG_Jo+c@{vtUxJcvkF;6O!X^4g-r#$IQ
zCTf{qJvEq|uw=?O&w1`*a#rX1%hQm_3z}T_Jj!IY)|2MVDoXWr$s$6O@(yE}sXA9F
z??fiAYf{tu0+Rt+&mG>COy+3vh<68*(VDdJ?ql+{CLO(BFllqbCMpl0vUl@-%Vg_*
zMV|1UDmn&nK6FKq?%wa&=X<SOSXJjuC`P4NXXPT|Dn_-_PiyY!^)NZCHTUu+GWkW5
zKHeY`4`%Nlo+E$yd6SD#z26R>C5d=Tu*}6xN@j?+9FzBP6)9zMytgu0rpYAlolNFv
zGSzz@lP#Le_CCbqO-<%{+cEiDlO^6KnT*zCg?Av6LANXGYrG?w9C<+bywf|0$@kjl
zgWlOpT$&v5E@tAxoOTPIVBacEdY3c#L6aZ7?=g9)my-F}yO&9tmif(ljLG{y+r$j+
zaesJ!!@?3gRrRFZBImt-vdn7Ckw|8Z&*{6u<a3MEb~=66nY{dy(&O|Q#i=g7!`x45
zcKMvesg`?b8Mn{Nq~|Y6#^X!mT$gk%zc0u#BXzEzFO|tCoh#%k%H&ZkQ`lFY$tF#T
z`>HW{OXn)#tHI<hEmP80i^)|TjZ(fkOb%#L)>og&IE%dOtKhqz$%;5a>!E^Tw$4?-
z*M!MoZL6}c1qk}Gj&oICYnjXP@NH*xUk4^NG^ye1&LmBfI=+5P9?+z&ZxEA-x_0jL
z<uJ+A{@m>w&t$sx=N{igCeEI!-tYH4%j799e(A$=cu{e`Zx)kNnzZ-5%H$(WBEAhw
z23q80|2W^?;?$yYJW9_v-#(W4)UC)&-<M3*YCVg6zcaa8>sjt|m7u8B*SVJa+$BhJ
zH;dfqU+*izGS6CMlm7!>X(pTENChTkEq_`;raF_(+WIzMZ6?oYvd34SNil8xOJ8#)
zg|*CYzTQk0>XQEH%L2jdUFZ7S7iF2zn%Mmlm^`3~*FTTRtD1!T%b3j9w!;3mn4Hrx
z>Hhbae6Oun@b6&qg(j8#pEB8?$!-2`nHXBn?fxH_&{KA@-tX|AV{*HeY2?4m<f2Q-
zH1XT<3rJ8@)G{snCX;rWwDxB(`A1uS++USRC2gyVzb2E{v`lw@9VQ-4hWlGFc|emK
zfBSSAZK`WB*58$7j%(`^{Jog`q<wzMpT(qz&h@;19FvDFe_r-4^v_PGHg?z|`#|QT
zkA<xUg;d!W`WJAnDO%6V{*6o)Y3r-}AAtzbNz1(B|CBYqq&4sHf6F9G%k1%=W<A%m
zo{Ro#OcE_}+JDubkU^0@W0h+Yh?~h;o$IRK&!l#Jn;3?fUQ{>|!%Q}6l9*TuM2H79
z2_;s`umOGM!&A5;>9_UbiS;?xFMaLeg?gl?RAP$^ipHh>iquMcf@S(@nYxLCSZ1Oo
zEfSw)8N3&n^#l{!C%(XBfh7}6d@S*0Cdahq4v8yS&rVHxB<^9E54GmOiKm#jEY0r3
z(TRUDF*TW)XfH_-3u!&CC8jWOW~oxFOf1IaA)RYgVi_hKEL-lxb%}Q~DXL}OOMI9~
zb1m~xVjm_WG&z_!ipg<JjweoK(opO9IdLhI%a%+=;)TR@Ob%J3SmMRR_n55HG8YrK
zF&Sx<A|vrq;vObWtE9ye?Ma_AdEK%V751bPOv>xBJCe?T2(cIKP}Z_L={%F&+ULSa
zzETv!+jOpyNhM0zkj>PjYEliBxeHGk6vh8IgCsR(GES3bNzIuwD5Yc`NP37#4=pn~
z=}{(4G#QiBp2<rVnUXj*sUwriT4sDw7bcr6GB0sLQV%B8+t|f7Z_<o$Vp1<A8DHBh
z@_bS@ldAAX$}COFVe-~xCG$?wSSI$LVq_|lH*g&{zZPlUkTioyg&%Ad*_1SwNv0-S
zlNK^5`KVpo@i+CakCK)!8N9}3k#CY#G3gF}q|Aw=HB4&k6c+g|X&saMG&z&Bfk`_}
zeo5L?iu!4J%*>^p-;zEoMPughlh}hKm1^f~((zKZjG*{uz9co1{zy8(bsEBzILUk>
z{z&?+)Qe~v9ZpMveRDvlCA{+%euH2=e<z)0a`u#zxte$-=`5394oQ-hbS3F8ChsE}
zl<R7u5xB}^9`33Usg#ruaFiww@6ehP0!}79Eg7un33y7A^;udb6!0-QY*~+r<UokY
zA#FV+kiukvWj!iV0)?1V|6E#+ig2JPlZUkCv_NqtODxTml8Ob&G1;Uw7YkHmGThQ!
zDXC<jI+JnVDa~aAcc2s)S24?#5xYCkq%=jo)<Q`pi~4~_N>hCWuqao`)DN^SO_9Hj
zHIGDuXcXwmnoEsUGK~UHFnR2Xs*8IAJ(+axt86t6^kY4Zv1^Rf(=-q%y%hTXz8E9f
zoNLQErKf3NFq27E*?T6n3`}7%T$jCd;6)~nTV?N=)HSdU1W$KuQPz6}4zf(^?-c11
zIKt7`qN6c3@Eu2Ekkt-TZBqh&ajs8#sa#V67my3*<*SN37r4r#oo>(11-xabZG^10
z8Wl4FekQ+Z>oWtvGNh+Tf2k+K_Ix0<3`OI9OAqdl2hv!k(-~!JR-iEJaXc@{XG!w|
z87y;;mRS%e#WFw6R5D8f6<B7NmU%HygJp_oJ+B7pu+01Ylt0S@cd^VrPs_TPCsqXR
zVdBwxRs<R{nQGaJij{%;Sx-qVvntSxW%g))RtFwt^8IAlerhMJ3AAEzDUP&bQf-p5
zz9!I-<1^OMEX3MCw=&dL%UGp|f;_>w-VdpWy%V4vj_^C9F2(x5Al9?{M=2x3`oIvD
zIcbq7$WSIP;|{s(1)BpSne@^n-4YnjWRkY^X<#Xry`8Sp1A$jr=I+x<&%wZJAh?T;
zezBs74ZA5E3Se6}c(@mlCz4@171+e&IW6;dU^ka^4pu9ZOjKM79AcSXuqAU{3LIfl
zznPS29Jm(vt&9!EF5e+#J`vXgXIak}OXi7yBY0L?$C@Ll*%3U)Wb+iM#}RM^FEVjV
zRm6v-@8t7qmQ1C9Kj>ugz9xZSQdz2<`C3mPXtK<CP0U~sCf{lj3T7}Vr){MMGnt&R
zd`=03gV<^h<@!mND=k>P?2Cx%bW0Cb+k=pYS9D3s1ZyyPRL7@m@HQrGn#*#f1Tuql
znM~KV$_MXcQfIr2p(9Wscn_21TBc&~UM^{(r6($G4K`<)at}z&QBghkAp1PxPE{Ax
zgAXwYY0`uUe9qARbh5~DO}Yi!u*?@085HOl?962U6jeJtgWZ^<>KOJ8_GWUptt!R9
z;9w>@wdS1QSSCMPWKv*aa0-(*bx9`%r!%Rn%QYkT5|j2gf64YUJNO!x>nUBXIl<Ri
zrsOo~;jF-FBB;SlT4r@{9m}j;EcMI^tRn)MZdztta6QXZ&^5ThBL7-GHx6tFZs1&*
zI@iYFM$T1Nmvom!MrpDyxP@i*=#qXC+`;4?UDEx*T}%e)k{$?t%C;72TL*&&Sf;1e
za~OnLW^<gIy1#+qh|hzcv&=Z0--#3pejYr+WFyXTM6l{7_*GdtFTa5^5s~wOuYxDI
zjUBggMa5Ua?>JW?&M7k2H^Cp7d=ar*ntuphVm;Xlqzra}3DVwvL9w=rB*lVff<`&&
zr*jfzt|*>KaFipN&c~JJv%v(G`J|r8^=Ht>GFQJ>GJggG<;dr6wa-_B#aO2OJF28t
zgXv6e(LUSEa!hvNIW!p!msy!@rQWanahp|G=1ts1mnC(ZRhiUFRn|RbO(u_JtFkAW
z4a?CLbf=G{^{7ZPo3hLvD~4wRN#+Ag9(h)24w$W&EPYy$klB`rcw6c@6DV#z&Ey3u
z8jfHI^EoC-nEyx*)6E4;nmwoVlr&c{Nxnz=><E@NzhzQZ=PGOd&g8okRjymi>r9?I
ztw>$7)GbsyO?62dnRS?$xbr5h-)r8(WZ3VD+-J6CvPzTt&E8BJ{;Xsgn*(m4h^1Xs
zq=}i$GDEcWrsiap*@~+YY3pHg7L$!S*CXa4&Q-mSlqq9-#C(a#*<_n|{w^D4HZ9Fp
zn9RH^G<lWDX`5Y>l}s9<24${R=2|9Q6O^7-<~vN*qV+17jZEs`=?F<4GdDBwq$!z>
z<_;!FA1RrR<}N0)F&CA&I-2{K9B?RG9nH^}RM*x!nunPj-Vw`nl*ux*Or_@-lS}X6
ze)%6Zu`AHgJb4TCxL%kE(>e$IqGA5TGJAi+zCBF3n}6Iwy(w|7B&oI@=0BXP4@L<o
z)5E;Vxonsx5GiAO(zIog=1osXax~b>3@}-S=PF5N3y8^N{{1nTBAGNsJ$G0VJQ-`2
z$)q-x)=!e9W^c1>Ci$~|o+Ptvz0F%#&)n~2DUJqvn-y431FffzS%+ncHIdej2K$(G
zS>{`eqU4Vdea&WU>#CJ23euc&{cZVtG?-<!=3Fy%u87%{b2UW0%V<Q*Cz!O`D*b6|
zPBXhRDXTS4GkY+(W|h5zIo<5V<lq_U&%WSvvp<thtr$)*pErjv`NYaK&zxnBU=sX6
z=1Mc?m=l@2qHWDFpJlQfGc@vWsX5o2#$<~Xu@xZGnQX^+NHS^WJaaCS)>_Xzb3T)C
zO=U^nHs_m*nEZ)*?=sf{^JOMitoTI50`pZSg)n0znO){W^ED=~X_<xQ8<_Q>9ipF-
zOflPH^DQPz`br`~FPiUit^rn5j|N{hH#6}ymNHw+<>o#n8}3tNrFo1=wH!%~23MKi
zF}eGoYAtV?XPE?WCL-%cgKNyoOg^>Bz9smM=`T<1Fk~p1cg+Bk&+k>X)|(mSsm*_T
zMv{HO4Q3|GeAGzEyl+-v(pZyCW-TVYw=2z?&H7Bfu<HGA@B_0slOsCU7V{A%v-YZ7
zTg?tkj#+KvSnwlrAd~lW4Sr-snXI>3LK)k~=1?XN=~8@bj%RYpY8$@>cbZd~9JSiU
zNOPAti^-E(^KNrKlLc1WI3L_&E@EQ)ReCtm+-ttV#C=2(tkE!6a>QEUPO^;rC*~V0
zbGe};Tg*?)wM=fY+K({zn;V(@pncwNZf1f#wJbfKnIAD3q9b;|{G7?)#!B-+^B9w9
zTF)W#ba@(ooL0H8O5Xg9N&oL;Ya#MGlNWHlAfIEzW!WNfwmh}xjeVsp5jt%C!M6Uj
zTKH$dBjyE`Ij;NQ5%V&WIl6y+VTuZ4pr@gwr<m=i>8wEQu-!LOGiG0=hspd(c2TS|
zjjP8@KNHtPMNXQ9n4Bx3$SJcJll>Ra+mI_NPMf8fw0{vZLDqBHEYGCp%ZmJ9R;ggK
z3DMOj^<ai()?}G7c%nn*`qjLX$!}FuuHVc?OfG1dKg^~TsHarkB4wiDg4v#BR$*P6
z)N|2%oJk9;S(D_l*_}!63DV~+!7FBO*7M+(O3%M$gh}%<%EN!n!JMnhBAd9>f#Opy
zG?d8?dlYFH8pCAwSBl&ldWOkEC-4g;=ej>Mok{b@6=@Qh%cKW>r;{?xLW`MvgBVKE
zBJ?VgHHb5jsAv;<i^)GV?Uqd2(0feAe4=u-3vFdG=T0TlA+(>#YRt8y=8mB+n5;xg
zkfclKdnU#|igXM8!sOH>X?>RYMCdOjBe3U#%=JX*Jd>*L$Xt`m?x8D8y5S0lWO{;J
zV={5M(mWt!uSo6i^f09-67n#qpfwK*1(<v!RIZVs!c2~01d!Ipgi15{>Q@!j@u7-L
zW?oa|sZcE@?XRm`(?j<$8TyNonGtHi<X*HWsd-kY4U_X&AtK4V&=X9a?WANDhk7x2
zAG=#fnHNI?E7Ht!Bia~|S>}q+D3%HSCP@eLozNI22X*ay5SqZmkG?GRYza+alBFZI
zEi{|Sow!FNWp;-aGkHHrS>GFag{|+wJtAp+U+6WKiJ}k6T%U$kF**CKvUMP|j>$8a
zfsjlG^H69#lU2Ix$3h#K%nvI)$3r`qv~elxCqjFfT-&E)PKFLJ$y}kxsnFL<O5?gx
z`g1yTn#l&-kCNnv(9cYI-mYYR4E@2Rp|*Y|^f!~$vz5&GP(meYQS)^RzZCK^NpmXA
zBDoNg7cd%2TejqMCPluNGEre9mt*qEkBaz`Z)K7)Lg`6OzKcoIUzJQ+a$_bnwVw23
z+EY0w20EmNQBg7Z2_{Lp6qS;DFqw$)hx}=kTs3(xlM3UM=Bmj<nS4-GmGsu+F-%VX
ztYlgy&jJym<yBR#*2xPh(FmDkX^x7q$s0LW539cu*~~JvFxHXvsCX)QE6Xe&X%ipJ
zqp@y&@^&WWapfz?qU3#*sD&>_E+SE}Ecpn_bj7`H&tA&)TJllW{2XM6M8zA)Cs}6h
z86~qW`8y_)@K@$~H~D8KDcH$al8woKvaLZ{&-=-jSmq_P7Af;V@?|ECwe>B@_R19b
zNsVoy2BNYhxINiZnS6fxO`Et6*LzX1BRRligC;wZ(>NFHgh?`6#m?lyOdcGMeXv*K
z8KB^<<V+@OF-A%9X>wI2_pQaQ_bhWD`8FmW;F~00B-dlo4SiXXFO%;D!On{~4<3xt
zFGt@cw`6|~prn%gko<UMs=*0PyC{wpjNchkI<cNY@Q%oqpd+OVlP={XX&VZr^knh}
zc6gUE!IWN1zWiOvL`7Q4048(Gs9c3pqD)q!Wlr8g5i6WB6#fV?8y*sgiXtgbu|Ji|
zDpEXUI_Jvx%O=jABY*0p%w)0~<EkX}Q|2*gj60l?G)P&*<e`Cfi!@4kk;yE?N6Orv
zvXV(%O`4^=#bn<RCG$YaMkapT&5*esO8JmU+Z9UY;gpY=ti-&IWSWOsrtD*K{4FKZ
zGUWi1ueV7(%|oqIjxwo<79};ePWg&S0)EAlq;1McCiO8Vk)(afk4zj`|0PL>l;4<?
z!4s{LbV<3)q`a2tmU5k=dJ<73nW*TVl2C<O?_gbuzf)XHzSm{HloDd{XBDOSa!O$)
zAE5@NEs<J^$@QvA#+_P~NxH6!U@Glm5fs~XNt09WVKN`*3#q4YYEve6qwKRrVjsL<
zMr!LS)H27Evopan45{r|W@llWsKvdYN@@otvoUj!q<U&^CbVCrB(+krnGBw&WNN35
zV9k3G4U&n9J5tB6%owy5nX6IiI3~YoTlb|-W@5+cV3O%+Hcp++q$KVi%3Li{XEIrb
zGovIArOs#Kax0mKQ<pMXg%%}cTBa^%G6wT8N!q8r#bnR7igZYQpUJ6IMLMQ#XVOP|
z*d_H7CX00`dZd2AC4CeztT>oPfWE0Gt5A<Sg&uboj|q{~??8g$7RX34DD@ZCa}+DE
zF0G+{`a&wrlY?R#p4lG1oygMEb4>1AXS2w%)Jtru0isGW*nK+nUzX_`lrkO6?Wxz9
zH0mkI1aohyy((#5G(JWgRjJ<n@Mq&g<n!KCClfm~Z(B>652m`A+yxnf%XK)_%X&V>
zT%tVYzFUH4QvFPl(-rwC)nxLnmiaX`jmf=O+a+`To?3!Qw51|vQ!|;&nybjU)T&HQ
zX+0NGYcpy6lFia{Iki5MigOeRg_|*Xx`j<VxthkY<nTjG{wStMYWPtmtq0-xmZc<<
z7VgO8_yc&xgGrHacP{%=hz1etP8sgQGC$!Cu#_nm?#JY#Whz(2@DR@RD@OiXIfj+P
zIZXN>hG((548OUAM^~k`5kcF?UPN)m>Oq#-j9ikm2tUi3n_^Zu8`lO~g3pC%9WM6C
z*=MuJjPNWbqtGj*%*^n7CQZ^6nH65jq=%N77hc6=CazOtt_9(@n9S8=QFtSh5k-}r
z#o-T`?C{z}<vJ9xrQx0I^P$~%wiyKblY~EEnKI8wvL(1Y{3(-ZyA*jXe1yp?ztXcR
z{0)=sn!FzVj!E4;D%Ts~pP0OaQb_A-!hbR;e!G%c8@|ZoG0fGa%-i8>?BPDAw1r(w
z!U@$VhM~PG*N(7@$s1bp$KgaKPEB@(lbKKqrRLq?B20W}W0LF*|9`~23A~O~_XfP~
z^E`$InVrLV40q?4qIevRgounuJ%%SKp_D>~q|9zZQiM_&%g`KAG9(ctr4k`YLW8Ij
z%8*LFYwxw!x{u-Y_P*c${l3%h*Y9%ez4l&vT6^u`-j8pY;}wNjU#tShfgjFsHWaI3
znc4+~`LtLK%b2#{IGc;rw#?sJ&z}{$+A=5JliarzYhjs7(Gyte%VOqtmGDL)JO^fW
z6l-spLlcGBS*){V?!jEZalS5gXH{bX($K?iUvB#0x5au|W;&SLUNUX^d$HbCO<!$+
zzRFC2)O&0?HSq<FVKBZ@2Uw;fW>02{rw+GLjV=+X^wbAzoLVYXCUvZ3wpS9V%+$v%
zvmSNW@p6-L`P8Q@vkPTsref-|mTCUG#Hp0}vSrpa6Q*+N0?R}&U$9h_)TNf0Q%2%c
zOMTliMc!bhAJt9$*fJ-Ih*Xo*FKlhJLv5IJ@CJM8P8+8&<~UCI`qbT)8HyVM%(P1V
z(K3%|DcYnSw9K3*B~JU)KP|HaHj|}pPNleM!BMbm%ydf4Ynif|&aJ8WEb}|gZa7Yt
z)S{MYJWiPIsp*!PcE2z^Q!^}cV!Wi>C$*Ags$w4GbnZ{hvP`W*T&^(%2c*`tOx^Mx
zy@T5|s|pNCy}~kGu|i~KNNRn{nB5G+^rNAvjV$v9PO>=8u++Ae`DHVw(~riacCpNr
z8fRQ;Ps=>3aVDh>jGLZW+vU}dCZ~?D%rUeD=QSgBl$DyS>AaLW+A>=;oq4I_En_@S
z)@MQLW0tA$ndtLc>Qu{YdS2qZo;t%asTyZV>NA!x-YKWEEcFG;wAS3;N?l-?w>9_G
zsmm?1>pPKpFLkwLjK9k1tW8~OnG&#d%zTi#-ZImk6Xv7T&n)vjtQN=Fkh;?{qcqN^
zse3H5Qkku(2P{(x-XKeDPd#RtnK<ueW@qY2%e)7hz|5}HeAP@pY&S;Ye4SdvGJnIi
zaGY;b(=9Vs^V*Z@TjtNJMQU$q1<Ul*I6tITu}nXV6i(;o)LNGLMay*{wZ3K6s?@>M
zCYEWwUUEN_+S)SZjtX-)wS#4h-^(c<P3>ZtA=(xxX?-k{rFrE^8(<mZ8?#j2w7@cE
zhk=>=Y2z$&byr~uq)oEScFn6$+EmMo*Su2GW?N>lwtLC67c5hulSiHHimX)He9QQq
zQfToj#@3ZdTWpz&l*ve2Zkfw)-pz3`)84ks6?chL`Ly>fvl#DzaGZ*1pI9b$36ZLl
zw#72WSLZlY(so$pJ9wVVR7?BLGGAdPVx~sgzG`L+F2RU14Bl-{J7D8fR}B+shb;3{
zM@hL=+7Zi4P^N9#3Cr|WsbpG8mg!^rVA(jY8`APv=6a2DW7<WQX@?n><8(+XW|`}-
za$%-ZTFf#%M@jBo(#l%qFU@^;T4l?;30r5RZZ0@Ht%_wX!(Jt)Gb62<Wr{A5l%Gng
zZJ9}!9ZZ~lG%u~CWiqv%-$?6XnJY09aXN3M^~y4H<tnUP46~kAq}^-djK+y7$9c~&
zdC|j}S)Vr0#_6nO-<USaGINyKoc6F~_Gr1bq)o8QIF0jJ+9b<dd#99ZYuaSXG|)KP
z(w?%+K+JKR`&VhtS!Srl*_AfWGTXH5-=w{6nb$PVp0qczOyB4Pe|70V<2ihvwgPeR
z6&L)3cI`}!9ZP!~wSl)N(SMlvBW;~cC$%<y+X~+`^`k%2KC(=~9{8mvFsmtd@%5Iu
z^lo9YivONvPEU3X!LL<WsSd?6suMCB)Cn2luOD?RehGfUgsA=kX4cb)5|ygwGJUMB
z(aOYm5KIKj0Ql<W@8*KzN>sLtS=E|9yyRTsQY&Tr4Q9rd$g**2;CzRf2_-JKdEIy=
zr?Z|OEm7YxNA_`?^)$mVx85&tW;>=d-sCZV>*+nmd|qGTY;jD*{=yt_Oao1)P&)EL
zDK6Q}ar#lZV|q0<cVJB^N~SlmaaLlT!pz0#&9H{R8<Ow}n8{4P#xn0JQ!c%gWx^V(
zn4Yw?(YlTmqGfbx`b{?Fp4~Y2GTx=>9jfO+%7uN==d$!pHqO<*vJ~E6Pw#Bg`3ByF
z`Rj+@6S~7PCEj7FWz;ymn`NHCdXVEZPVZq;{u@3UGfmQa+Bhp#i`0$jy=-0;RG%Bu
z`&g#_>mt=Yy)S-P2=92HKXW=ar}wjQ`m5A!>BFj<Cp2sH<TwSqF6kp|UOf+3A(XvK
z`Y0=P^Im59ff-|&UdnV$AIHp6$*WuXM9bWwOwaVkEHhr2d(t1bOp|X#>i+a6ZCivo
z4@jS8``EfV9A`ZZOn<KWNa$StJ&_s;CW4Z#c$b+vX+ipnmKm+g#PqqAnX1gI>GN$#
zKX{v^sunt!{+eYvyeZ6~^hK8W+0|jyLcgXjwag>SB+hT?Z(8P-mBJiOUtyVi8s|v*
zD$A@_=4kr6mbq4$W9e%xbE)S3d-^)dbkI1*(?4b@jq^wP2Fuh{=Fjv^mU&90{!0JM
zGG8fkB7K`>hN{kgr+;agS2WJa^qrRJsc|UwwPh~VI9}{K%bZXqCAQZx<5emW`_VEb
zRl{iPXUjaTadO2DavV)3ckDOI{H#o#*ip+2Q6_KfxMk`pb6)H(%jDC%&X1k6%-tI2
zf>=roV<GR>I2XopS>}Yca=utz%dAkTi((g8X1q$}k6l#5Sfp}~bG!GW0<nTMjJ28h
zxiAG|g>9S@?Sv^DD`uH`ICC(6*vF1tY?+5(`ORM$uVk!(WoF{;lljBWWUR7fc4?f9
zSXImPP^NsWy47&2N>z?sZkgrEREgEGQUfm+eX7OkTju;#!dww+Y?<|U2vaB4)H1C!
zud8FtE%Sr3B$;0G*!7nA3^SVfi-BonnTk$oOzO3<q-E+mrhs>Ctew^Hr@KVz+F1J<
zW^||GT+jR!$=@c{(MnzFn6%<I#5!9hqD;Hk?Uvc(>UmWD_Ob3Yuw7178nInnPdCNx
zwsD@-a&>Uba%DQjdfPZ{b(Xm;*4HvYch<0scU$Z}tMlV4n5kN*Yiyups;DKoGd9FB
zqm;QT7FcGlN_C5kw9Ks<r+aL)WtJ+_BleJGmZ;R-v2m7pPMMyu36`m^QoUl2S>_34
zddHryOeGz0ePUBAGg8yJCpO(OrBteK>}kvNRp#E<Y|GTqbo#}fwaivc=f2nrmPx48
z{jrxV^Sm<sW3O1|JWXdn>{ZK@P-bB4b<6y&DG!P*vCOp^XK-wpWu`5cwipt7%eMP4
zoQ;~l^)xj0wr#;xlQ<4e48a%+&_<<3#8zA8<Xe)?$k-aoe64Xt#oo6}CDrGF*oT(6
zL8V5=)?4N(jq_k^qh+4aIAda)EpxZVc__BkGFNI|568Z+%nvFxHnzhuLzEd8+hv&>
zG@VCc-&p1&O=o;;k7bH#oC&dgmRYWGCdPiU%qLo_kH&tn%sS2MvDhKYT%;{HDR$U0
zPpdtAJa)`7-8AJVVt-g>zNY+S?1W`js?_8dWt+A*rczU45zG9oai+#{Tjp-nXIkt$
z%Uq;V(_<G}W|_vB5zB9xNy<DGD`c60D)n@%sAckKoSCsS%j{I0=fu)2^RP-i7b|6%
zl^W;en9owG^MY8WWy)*Hi(=(1^NUI?i(O)wCK_jD>{848t#MYzs#@j~O?gc$%QC4d
z^?oedGMA}_AI54~<`<P(AFE@Tnkuy^R?jk}RO<6s1Iv7&akj@AS!TYb^Hr>=W#+2X
zH?eE7jin7o+}>Er)0m&Ym{tyF&jXGbqA4GYC2XAcwXYtEwXw`KePrbR8oMF8F#d7G
z=h6L~cO=%%G9_!B&TKDwI<u+v>CD|7PG?4PRurcET!qu)JceHpGJjzlYyh9eJW}j*
z=BQgugi<}vka`(6-^^baXZa1MGml(zIunVW&iMGHMe`S?lWcc7GdAsXrgDqZnWJYg
zi_WOSHfPjWjq<0b^GBQ0ncM50&U|0#bmp0|r!#Z&oX%WP<a7o{diF0Yd-HOqGe4xB
z&U8GZo~NHt_Hw7Rj`96=ea(gMN2VX*H?ha2&?V2BUt>OUnMYMDI*tmeZqYRSvSwk_
zx<_?~rBF@FUE@$9nD-QZE!c*x{S<Gw+t7E5c$D9A&9VPtP$HNxp6Ef;6>hF$KjA7H
zuK_%mMizaEJ)ve6?Nii!qHsS#muqe4@@YtmCBU_{sLf%#NN3S8jGYb^-CjS%arXeR
z>@c9tHuP4Npth3AML--c55@qe()BO=8kLpk4aA{$;ie|%RswCv2)~O*x7&D+KZdgz
zixz-miIqT{?@zagrjd>w-DTr7&5)Ga0CBvRO9;0Fh`BWv2)7Z4xp$@tw;qVO(nyu_
zH7&~A^e2UT9*DV8{e`Ot#9Wzsg!6%zJB;?=Ql13jl+S-aYVtyy261TLyHi|U4F=+P
zv_@+8JRs)!<0c+U4F3~fx!5}Bk8#f^4SkK#^c$p3M?ivQ#{sccAHbY)Dq~c(tjcad
zC`;@HVu|-(6>c*Sb5{kPYw0hF3c69bEZA@E2W1r1o#4^kR_Cx6*ZD^DYXZb6?|?_o
zvcqm=RFE=<c+>~71<AandY?rVzr(&5PzEJd;kRimx^fWS;sWw%S0Q{QjnU)Nv!w*>
zQ|=YV#VLC$ZVo{L-@Gj)dc>mqU1ik1fHlBlHoek^Jeq9LOx#46VbKdXv7T*Fan$bf
zKpx%FEX9relb7K4xvd7z>?V5I#@klHvnWnQ|53gkg&LTA=i5{cosbgUiTgOlM)=gW
zspM<oy>4|0x$Ny8y<xfA9g5R|EnIS+1{Wl!^DRrH4*tAD>fm{-_)HxngM~%7M9JWR
zM+J@R!10p7AVs&d7w)@Z5^sf~36DzX2#0(+f&DU5S8>|a1;5>a+~TwycedZLsCufP
zpHSZSZ8<ieM|^Bi;gNX9&LUbvwAG?{eLdIu`MTqGox%Auv7kr0E&3a)bw-`{d$h+&
zEI@icT6FI8LJ6b6f&W<Iu$3tB`M=iLqYXIoIBw&$`hw_$MW&CZJZE~?Z)m~X7Co>C
zzmjUv@{^vcm+5#df@|pOuP~F?(6R^63Ko5+X!3fQXG|~VS!i%+?wuYzulfFj`^lW1
z$(Q?3*xSp)u5svbl?b&eg+9p=g*CU8WAMhM)ukX#mbu+-hHWni&Zk$N@aSS2dVK@Y
zrBTFlbx<V>cLQx`<;7C+6Iuu3A;GnF&&SfAz4d~&bm5VLUu{+HLnoUE+LY!xh|_bk
zJt~hpvS?c#?n4D>?TwzDe-lBK3EWQ;!IAlb8e(2G^_K{4d0Nn@mju<&(5HtBcl|s;
zGhHfiy66w0%E&iPTbg-P4JZ-ZfgZ~#7q~!B|1Bb$OSz|B7H*Q}k%3!QEV~OQ1&qc|
z7Su;k7e&Jr-K3}^=0=u%_aQ-#YHr163Ag_lK_4jkQ_*fkdC-?Ry|r4CpDKDmQI!!A
zuc>PA=L^E+eNj*yEoGA_!hNW%@KbfEwWBR1v?Sa&)?h(W&}Pi+%zdTk*<r%Hs%`m|
zYVfO~J&Hb7t$tJPx`~oXTUU+<HN+g1jrNVuRXC+I`9|ooT09yfblB+}p)I(D#-V@J
z=W;}7=n_GT3g9&to60`yi81PPorIRIA?UR$B$WvrgsYERW@griPzjA!c~A;nY12Eo
zmK@5}TqJU7yhk*>2Q<C;aKKs9FYgpIqOHjOs;NA1oNFUO2Q=OWML!{5PGynGPEd40
zQ|WP=q<p@cKO(e7LpLZ|{*#nrh9XbVJ?|1Vu;p#5sE?wC@Bp|r3e5AUiH+CD&0rCl
zgZg7lw<e|C_Mruts~Xl-D~Y#3LtAPpRTTC3U1Tp-?rTU~WAi<4yY!)IuD8djKkD9S
z6{lXS86|@M-B|T?T-MaF5L&Z`usSg%PXvn}5wu*<5giMSbgUNC^jf-67NOEVO6xzP
zy=gLRBG+jNteF^fO;2&{(S8|TYOyuc0ynxCZ9L{tOK=|jg?XPPwrfAV8u6H0ak-=t
zj)k#1B{c1QK`&h_E%Q8DrnSv&)r~wGMCf_+rlf5JX^;P9D;%85S|x&&Zrzv&y1XLX
zah+4TD_2u%yt2wxQro^+E&3?eTAsE7{BGA1abE+aG_{N0dDqqK-Rn4C+y!-g+@o^W
zaE;?P<8cev)HB{phP5!Z314L>dRx=mtLe>B?n}odf^ZI%`K@&zGg#|DX0X<Q%wVkp
znZa5I;S3heB>%hd@wwJyoyVm;BH4oGWC*$=U6A>;Pg6sQpjd7}@9F&UYYpM<Q`tf)
zoBu)yJ@+^=^8)ww0l(rm)NS82?PhioBD86P^z8Mpa2)R|we4#P;7*<G*<aqw7A_Hp
z_4!}+@oTZ-<9d0*jlnoo#z_&|x<yzcGP=)MfjDIh<dGbwThZ${H0HQOaM1Zz9$gu5
zDjq$HnU4FjSt&8P1gkqn=WA$o!0{5nlt<VTOa|9F-y#`QbDmZ*xK}yx|B`|DVaY)J
zuw)>9SW<g&QhRYydvQ{GaZ-D6Qf+%O5I-y#h#!^=#1Bgb;)f*z@xzjV_+iOF{IFyY
z`eC7W6Z$lvpA-5tp`Rn(P3z#<m$-*z(R_?wGhb%W1VuNacDq=vrJ`;QMQA(hJ<qWH
z(d$gzV|Oi0dSY9w__$Ag>O6o%@ZW2i2*eKyb#5JqN7gzJ@33`H(s_ri1Mv>CXpPe^
zi{4PQQPC}!e~mBIIuLKOb?~UO&sp@=54?w$MGF+&hZ33cW>GuWV<S}9)mnt!M?5!b
zU0p?K_B4Fy0f{JG=6s(-P}F&rQTi30g3$o0!UCKdxCOjs|8Hbh%x77T=HteU*~d%-
z8*s19Xmz&qLJguhG$@qKvQb)uRLuTCl$L)gtFix^lvDbjo^sAvW1#Du2_0_<9dDR9
zbsm&iBcbCh5rk{H|JAIKo5sK*nRd%ff4Mm?Hw^@5>Nz*{0Wy|4Hyy@0fa9I-yrA6l
zqgxx~rrkgs?+dIO&5l=u_W0N#wIgajP*01@dVy2^6PBOnfIooxBGk*#GSWtw^hiUl
zUC;I~BOCSuUt86u_t1BFk4)Ml<Z%B!g|+gi8Em`J555_6VRU~+id*l0*ojM-2=X`P
z&_r-qBSt<wh;>hYXqpIKNpLxQx?!6~L%{j8w-s}&=?HL{ROXnBg+29orIblg$3>{$
zJ6!h>nqHG-BQ$HbN24Jdp}Wr!8mFr<;>VtnN0@S)`nWv8cs~8sG{x>WWz!2-otT}c
zY`Wn)yp@Jj7(D^x)0>+-%lVYw+`>h?3_6Nip^P3tdzifupI*Nug{A>vchF}$>C-mM
zjV2!I1@k4xGcCxwGwnvE&`c}w$7`4YEqc9F3cX~}ZiMnq%vglZ*HDw5N1GbTp3HVw
zmDg>k2k-C=i_98!g+-h3HTOFfjhG|t@xWf}OIfZYUj8v!d9(|w9Y&Ful&ApG`xv1<
z_F_Hy)S_iCc(m1`8DsEUSyp!GVM#e3JQUL>@v5Jz1CMq>Q$Bb3`Zc26R$}!?-YfN}
z{lpa7V>z=YX!c`0TB@Nt4`Tn%hVD@GL0x>uWV!rB1sSalTdsCg+H&9(oJTfg<QG(<
zf}o|%1$D;lPSfwRsRmA47(LupP@jmP(ai+S$s?%XR{Z7z@-0Z`!_PLYT9C3Ze;6)K
zv+~Oh>E4svUpy+hk7tr(u;n8`*Kc6t>E44!`_pBAjizD;&6aJVj;I^1<lM68CA6=}
z&8Kw{Y0FSz`E?%sZDorgJx(R$Wc}vRp`9K@o;P(r2OdCPi_D&&X_+{!{nMj-;Ie4U
z0xo$L4Shz?_d2hBrKnSx6uVpIQ7v%X+dWu*Mq4poGJ0T&a1YHE)IueSs>FVkn5q&p
zoJ2DC9X8DLx@54&A&>6It|aHtu#D8?R(t`+eSER*Mb<qox~$nK^I#OadE8@{Zx%FT
zlc4PfJSt>sXuBur?N#o<^%8HEhUQjXPDDkkMT%nOg*zXm<k8dXR~|D_>W49CbdJ&n
z>}r_MD7}TTYRVR+xv)8=wW5?alT(S(9M}!hi=$KqJGfkq0cZ~+n?=omQXz5nRy|u=
zwsmdkQ)!%%nI7TOSezc3JbY^2nfIT4nu+~!9=~tokzL&~@8Sj;a`SbZSJxAS>Le!!
z)#;rQJW{GtIoJ|o;i{9ID)@8{(qk)XtgUa;Yw{b%^J!>3;oiWg;CS7@G1}1|mJ8|m
z6jikCDybLm$rLJw^b$ei(p*D{;CMA@1(Ees)+3SiDYRFU+wm@hN0kQ196A@4e}o-*
zT?T@;I?r3>QB|O9dPVIEoJePLHeyePt<SrPp3-<@T|AG%l*8Qi>$y-=?WyFO^UNkZ
zy^(s(85(jcigW$N=|e?BFBC3JB}8pqD9+EZ5;o;X1WmCzW>l@1pc0q|4VN?D#uss0
z#<leeQj;&(ABxlaK&JjO=?Kn+Y5>LQf}{8?MxZS1O<5`%rtFiM8|xw-S|9sT4J^9L
z*=LUe%yc~0u6z({PJ||dl^3z5K3$F-z82uJ=?<I}CV)IL^K{apFqJOgc~%>*bGOO&
zCYxRpl$UK&yWZTxl0oZT!d<^rP#o5W;|;-_!sx%34eKDR)3}Z(E=MQmm!b8NVat2F
z<<{Y?fNmC<a`XbqqDu8s=w6E|)RYx?ckG@UpEVJ50~&zPIJLw4Vb)P`nuk$lJY-lJ
z*zv&#&8FvG;uE55nwdw?Ugfqx)|{MW)8wHX8mG&g=Z1b&lItZAjJR1)9k((}1oi4L
z7pGTCb1HFqc&wm9kT5C7>CSP2T0oY$TOSrQ7pX9}TxI>eWcy#7>ccjfvL%9)3fyjq
zV1HY&8@nCCOIWTBF#81@&!afjrlwUr`l7XP`7;@1(-F5{7uR};lhg~&o?N{og83Ln
zrk)eQm6u43i++jV+Zhu2pQ0?<7=yjC?b{}kQ6~MiL(mtPNghOKCT*_Gt)EG~-{HDS
z28Z2Vb29h^EzNy*4|HMlD|`k<-G&R=tr90D2>09wMwztJ<r}4$uM&+zzENt9@yn>|
zYVI3Rn)kDy65p^aIGp1=Y9;z_@aRdPL@)#P)M$`N<uHCt`({%1LP2#Vr_gl7!(9g0
zannx|!9z~MrwxO-jeJVMdAv!*r;l7u^l2RGic>bJ%z~^>6<x|cnf)u1n@?uf%AjOW
z!R>Y@gQ|)uJA{?f<I*=IUyr_rPi=Y~&Zm&dbI79zb$A(f7l6uA<EkFLYSA>Df0!C7
zOP3=aqlYnHa=e-2dCtp4jWD9j+!&`CXoba)h*J|F9<?_r>aJ)AklCqB1ck60YOHq_
zJptdA_cw0ENwo>hq?)kGCf^W6>9P49Edv*&Kd+PCz8UG6R5Gcl(>{}CpxxfKvKP9x
z%%s1+mR1c@8D3Y?`}$j=HIT?ANiR+>K|e0XI3Tt@-=a@4w-w0flBE)?-#VMG)MO^T
zTP=k)SnlLpkG5D;2>p+H&NB2#MhgqGUCX3fU~^2*$t1i0?n0kHFX4ET-Pq68zL5xC
zK<u#Re1U&uQO`L<J1sg7dng9QX*6~|4N3%$W{^F5N(3LZVU$gS;f0$#%G$nR;^oZa
zPPB5E$2X^i-U_)ebT2~xodzdrhz7TJQUv|XiP*o><yWL1=C=R8%xznle^&Bor<DBA
zKgjK2tQJi<5<#=Pg8pf4Yfq`kqyJTI|E~W2KBYu|{)0T0w3Ko@>uN0#oLQncZGe|%
zdd}JV(9H-5+l^os|6MORGv9w#w$xMVFV{cFBj!dxBJeJkQl441vzKW6DJ44pU*y(0
zkUUyz9{;W!{Z2_a|G!8%=a^2{zP92Y_Uu8Y)K!sF@<;@+I^0@k(=-u0c8mB2yRT=&
zHB=m_B!XS1q+HT+nfQO$`WIV{peg$x?^k3Lr%temCKb%9n0q+A$4^PGyp_G+l=LcF
zt_E6=)2rps+0!%k%0gY@R<__NHJ)v`x~Jq(+j2o3$wTTOr=|^0Nu|D(NS=~PBg=I>
zPg2?EYBFak=5}AGUvn$*`zdvBo#kG4bq`Au<@BOCYOUER5^b!+f$Jn+X}7c2(4JE?
zxY5d9a!T25v0PkhT*{GCgQ}-!aGRA_bxJCCT25p!AHml%EqHdVhM%I<-B$LMQ}Vb6
z98Rn5C%WIFdh;0NoXgA%8P@J#8}H2d^1m6iy^vOz^6*nq#)xv3CQdRZCxYA0nDfqN
zMd3SQMPO!U-+D$Sk2p<p>z+7$<JLWpb^d*vGM&em435BC8Vy~rPv}rKEzV73JkxBd
zneEX8iz?(7u7TsqkvT0j`IfV%s;t2gtTcJ==F-mvy@^c)vp?ihVZ4v@IMQP@6$oF@
zyZv@A$8NlwYUSLar>EJo#CaJ~c^b0S=}sr>)4}sSdd8+F@i^rdHMduQa*^y-<f2(g
z@qxSQ$yBy-63^3kQ5pn~(fE2%>ePn4(kOlCc0{;DMk}Ajm**8}l>VBOLJPq~sqH|#
zAYjpUw-+9z&n{q(J4*PX#-&_FQSA)YFG@9Wmj4!H!`%v>x?u;%>{0mi77*|I%z!`n
zHsX0y4`<eEEV^WzprY{1*IBMhlN5WKC6g}yjr(MjLamIZpCI1p+Hba;q#UK=*atTL
zZj{oGNO{+n<h`3HE#1KTlTrEv$Y_t#L*>HU_9=Jn+K_TY>C}3uZ8d1F`HJ?*;1G7G
zOlUIr@etpUO9o?B2&(&upgXXh;dn!F=bcdxMFUC;mr&GM(JJh%vjlAvG=HW@yo3?J
zq0eC6VpK~dI`5LuA&P1~Dco?hAWKY{BKq~zc;!|5@{dWp#KVG~J1)8H_Jk{6LeQMb
zg1StVl>6N%+<=CH=5}Tjr6P#O{r;%C50VW2?!vt@87$4_K9mfy-Fg*w4US1@7e$Lw
zBwqZegl<5+7<-indSZvvAdh~j#k~o)kkB`n8;cS#T7^)yCB|-SL%&J}eX$G6b@ef9
zm_gYzFTii~AvBZ5^i82}EILG7j!f<CnbiFR?|Wm7n4e`cX;yLGXU)l#?89Rw8O&H9
zHPp6))N{Mpf-)XrT{7v`izK~2p@G?3kJBfr!E0`mWzrY#<8GDJ?;}Nd=d-23+7$P>
zOx-7g2CF5H&eNnOlUPlddPxSIdkb1#OHdgN&EG}16B?Sohj7u`1qHnX9ll#o3k_YO
zp}TuZ=q^pUi-vAi*>Wm7RYO;*>@t;YqM_qecDrg?OUuzm)7zvHWfiUMCR)wyF6epX
z9#-x)<$h7_;jSXl>rO%4lxwM6dF2)=SL!a2xI@u#4Xv--X642z_l=h5k~<`o70N}G
zo2=Y*%1yaSB*rul)LXfZ%9T{^Rplzw6N&p2k)mrAeSW3Hds?|J+H+<oYNBYUqKb-^
zDH^VAK2ZBXQ*DI{wT8NAymlI|yvF-UTcLu+E2Qzh)%JZs<K@%wvG6u2QEBaK$Fx0`
zYwaG;e)XtI9M^JeQi&&3qOs<2NF`p?JVvQjO;xK)RAQ4#bW@4?DiKwQuT)~1mfTZK
zKhheSpf&lvO1z@zenp>aiLTasr)W*Srlm|*U2fMr`f15`DXOUXZoXRT`OSucE~+nR
zoQ6);&^wiDsaz|S_(}WUWy-y;+ya&Dr=e|{N^al91?_7hsK0V?jkj949m@5nCKA+4
z&_v}jlzUydFLac(xl|-PEzw}*Dk%4ia`z~=PPx9Sb42x<u3RPM-chcVau;ejW+?ZT
zaxGNnDaut)?q21h$~Dz`zWFjKTcbvTK2t7J<6W*?1&#NHa@)1Mzi4^)tL$Kn*Qkr+
zQN5?2sP@DUx(fHVrdLR1AJyJ|o@y{vLo?@#>{RVJ(aOTDRW7dFugY~$uCdzKG0Jsl
zEUEllMbI~@!9B{=(0K1DcU-xLs*3Ez+P({wYp&dO<!;eDe$i5nRW4ogSgKqT<u1^C
zrz^Kbxh|T=T;*yjH$u5W%3Yyjp^CO|LFIBQw?gZ0q1NB`%6+Na*6C6k%@i$DR9R8u
zn<U<X_JYbQH&M9@v8TWu)G(Djpy*abfy(}%vYnOtP`N28ae<<!#=BeN71Ca}w616{
zQqd2J=IZ?0Owk}k#TE6rPg0rQPf!cx?o+O;a@Q%hL%H0FmMQvH<2|n2O66|pCBFQt
zSQ~InE?O%ZtgbJf`FWp;_qw%%_|F;e(b;dWtf<H}!ug7B8X>a%6irZ+rn2=^;xdPL
z-Oa1nwAw^JzhKs(7vyKes~Fax(*()mnH^G&aqZ+JJ@maRb(azyJ0cR_z9Hz9tHt}@
zSW?y>=8XWeBa%tmZcHI_&pMMXYR@|&nRZ{m=$A=nlaSTy*+U<^*P~-r*1RC_7f^M2
z5nq6swMHg&aHvgCdoH&}SQ{RV$2!V;(X6*d{w{aMzCe1W1v6<_KS^0$B=9MQb#iV<
z_;kPf%F3r9Sg~ASQ>phl-=oOPu^;hgK5k2&?i<A`FQ4W$<@Ht~SUZ`u!ruB6L0?Xj
zlm2?IF!Jen)OZ1#uhfQ5!&c*lo8`vggxstG@zpANSP833jZXxv#G1H_<ywpt^c32S
z<K=FhLKST2RFvp4i`prQE2^Vt4kWT{yfMnPnZ$Q+6T!Q#-zS1f?(7|>xnFs7xs^!6
zMS!{%-I?HB5|0v!W&@da^XTXLyu!u(M4Td<_VDOkhZ4cqsZv9CO=N_9FNB)=5vY@S
zjIbwzk;m&~(I6Q-iPLrN?R^wg$s^norKA^MfzwismuHi3MK#_ajdw3vi%0yN6hVvI
z3VKPo#)E`QQ8Zc6Xhl~jDygWe+UNR;Dr)G3iiRjEuJInZN%9>xUC>drz%4XhSw#(N
zO1ui!3M#DV!w>m9IT^gE=#}gE7F;s;c{txVN(L8Ur_!7|Cxf1y1pRVYWcOkJz=USg
zV=8;X6Pq*3eesYC-ndh^9ynd+dVX<*Xm!m!!p*{t4TlbyCR}et#|lX364(QdR|<Ei
z7(Ia9Mn(~6#b{#*;dUu!>>7tY{;0&et+eRU0%z|Wx>a*qsmR>G=FrKiy(zijvMKW_
z34QTJLDgGI==-YkA`Kl`O#0+-q`>`je+xnPR}|E?xS+bID~?wcd*O^S6q)bdnVW$&
zVpLHjuDU=%cj|uPs~Yc9^aGZ78?D8tMgz&Mho<uB8xqfyjpOyyl(TC~XjjZkF0_K6
z3$78g7&nMHbYM|NnRINQpm4vb$NRE-RHBvCX?xYBiS7g@cS?HQ6@_E^rascXdFKhb
z=_Nshm8-Auj=Fg!8QiAvF4lO>HC`^|uE$8>zEM@V7h&O;dsfjjMHMxbl8Txtx>8X~
zO?l^RNw1q~mC$%|H05wd)3gU`aQIb0C6%j!Hsa8g%>~_wmSL_AT82@LPExx?JwcW8
z3d+!4+^>L0WEB$B8a9?wxk<UM%5_$W(i-}Oat|qLqM`38_nC6Fl-pcTax1Iclgjy;
z@3k80X(~@C*GswAlv}FYBt<W4$}cE4Qqf)wy-cmt-xrAWDU!mYER%ld#ItTDJ$bF{
z>b{CT&c4qb?uI1pL5&pIZQ5ERTx(_1<z;cV2i`+A;bRkru16a&cPrY6(bXE-*>OHi
z#SXn`BVWIAiPAdk)i-$2_?SzuJKY2*5nS&^MeE?kiCoXEgO6So^rxb49P+5hM*QXz
zWN}l>eLaP5X%&sdIZnccHdHh~(NAl{BWtW^zM^ku;$Eqh{Y6nBXlhQ$JQ5EDH=(!U
zUa5^|JSaX%G9DD8kH8t<0^gj$A2M~|(d<@&nmH~)_u$;XghuFRca{~Q-{Dyr8y2B_
z&fAR8q3gLOBlG~~1+&{7p;oxf%;*wDW3Cl0uRD>5P;*7i+IaSyDMCAz^Vw5`w!S53
zG3>6<Ig_4vFoimyY?(CSLg`JNPU0Ir>ophY%Y7(HEobtbC-_pe<^JDVoE@8U&M5i6
z$|=PvS2mokxw7HgeOC^Ys}!#T5Q@HGN(4{S>5Ok7aBjuB`{7FItJlOvtW@-tLz#3B
z>cG?=ZjTjV6sMgJvAvJez36Kuy-d3ORlEXaOPTfqZrNJ247Je<C`t|2d33Ku;n_}j
zy7?P=!~h#AnnvlH$|*Dy9KK|YinaI*V}Y&I2g<Efu7i42*$yRw9d4DC2)=hHi@qGj
zI%m;thkUAnJIrRS=2PPY_YIF0xjN0H4={6@d^4%X5|&K{Z@(eB%xEWLtEThjGATT5
z*;Z9#S2<6MPhiZcbS9Y-7)HN+FEzPS(V~5va?bR+It?=EAXY5g!=%@7%H~X%Q)V;;
ztuPWbnMvsmMX3o^nq$C4=+S{G^axOt{us>~MC~c<W0q?$5${l0bmdhkG{d4LsH@pP
z$)FhOl-uJzolUzc3Y;Cvr2Iqp4U$aSaG!izI<!y<J#W+7`zfy_qjYn{6q;+fT<#m4
zDBW2&g<iGX+K2JBzD0*e^N7mIahEvbW%hEjXb5_QNd<Sdl^cZCW3KjGiT8aA;l9&&
zeJTp~h;r8z7cP2|-^z*7*|b0RdGgsx^g2p(32X#<J4*B>boOcC3?5}6%Gvs1pIipt
z){L!8s#;BY*b%oL%%lw0i*w4((SDHWP@CXqw2?V0Zxft1OVDxHA?7;v5mX&5%^YFY
zV07XUL8H*-%y}Abkjge!uE=<aw{C%;8-@#7s3~8q+(uX$PWid~g0?&@=)zYSd31dR
zS(SgL$oz`BS*b_p&%1C3*Y+H_yWml)?wDP`<y^-%*yXvE`qkJ!;5GZ4^|E?z`~$hw
z`(TWHWA&m`3iF`3;}E6Fm!{A<n}^(rh^j6AcXt=U+XORxo>Opl0kgds-MAI8ipM#=
zXvSKIxnUTMjGl%!!f0j#37wyT8x>ZU_OPss&h!*=j<<97-TIw*)`*gv$4BYR(HNyO
z`*W1Se!mm*;AX3p89m!98t!cDKaY0}cFVqkY=mxs<@&~^Vs4eNy)r59wVYU~DDB3q
zYx+=>%3v-tJ0clW`ay2NNRD<3?a;YrtFS~p+?*GsDzK;fZN4R;-yw^Z7v$SYxPyk-
zk7w~a^d65`keoATWfw0~@B82;{zmrAa*kwkg8vFi#8#fsnWH<C7GowceIuLtpU*9r
zO`~vk!Muc!P5El`eVS~F=I5L4Sv1AX=UMdTGh9Pi^fyNLQIsf?%45yR_uKnl!`?_T
zcoBVr{ezZ&^H(I9wD1NF%{i|&gq8mjsbIXgews<ezJ{Col4%+9wQMen<Q`O<zPO(2
z@AP=*pAwJ1v^5-Ff`R8|ZYG6!oGp~^ZkfAap?;x6$oX`p&YWKUQ*!fZF6?O$a6bKv
z)t#{nKE4lNgcoh#`I^>G1`VChnhe@UWajLv`&R{F;dnNErnw+rS9jOyif_m5;-QGw
zf`5PD5#MeL>!6bBYj|O9s7Sny-emId=(a1we>VH*MrYomb;!*hK2?U7%Mw=}<lcmD
z>wl55y;4_Xqc;h<$-S}V(R0_c?Eg0<|4++?S6cp2iIPFO^JJ32h1zaSwB070FRj(2
znV@z>1btpj&;Z@N99&+wv5KZT**Hyyhhn~C;aW3e3*YP&<`V>;PGWV;p6ZmI;<KKu
z^}{xgY3tWh^jdSCHL%XBCH>%j?Ju{x(Ty)~v~QT&HM-!}Ko@d<4#%5M`|@)C^QrI}
zeibtuN8#9t(?~7b|Ef+s_2tp`bW}WrQzJ9?;6;IRjDVbX8*3-IhH%HVo=3&)=nlC_
zxQS}GMDR8G2JeNh*e1K;a}<Rm^k-kj$Gz*sM#y)c9?8349@Xs1?cr0f)T2_T<y&Si
zf3xS)XrK&)dejbMu!4<uVu0Mt%z*5rHZ+d+EqF|~(z~X0H*)`D+r+KfbB>H@^Nxez
z62Tv^VWw<}ARqiSM$<7H7<-Ti7CGe8yXW!!*ib8<=EIv~OL%CCplayVtjq0c9cQ|_
z@+qv{u#~23)lMm!M`776{DsRFC*SE8r?{d|oPKfoPBoQU%c=8WHv)XRORZj5R|6iA
zRrHxU<7;(zpk{`R(^JsWlr2v4F`M#tXeB2IS3|Yhr&`^e&hdQmd&x)+^%D(3t+2k<
zT5CL1YEtSCU%j1?hfkmBd?d0t+vqU%EzBCiC&|qtNe}Oc^yiZMR04gC+tSR_=2bqQ
zWL=vKE^+JHWN?K;iQrnazUd`#8jRk=vhP*n)g9hzQIxffUuDJHS#IYTw&Yc|FFqY>
zCP-`!cEQ>SCtnis8zd$-pKgVRT*vAsUnct0bDG>%4@aK)3Y#U2E>~FzLHL4kzu4!S
z9m<)9na^4FLF}tAl3CZM2}6Yo%MofHmdI$@_&?HAQjX}?g%OexMQmM}uLdLPZ$zjW
z{4nEr__VVazGkzzm51dw?*{Of)aK<^U%&3>mN_*ZTKXH_gW@khO&%QYdaX4^VR^$+
zn%7~thR)U=rpDWzq7|onIv1uK)?|%kqLr!1_Wz<LJ<5|uY@K<3&FF%YW{e89*@rME
z8-x)6+sXZO=2twXaqjG9L?0_Vv7(<nF6j7Gg0^RIDUq@wX&HPgjk&_4jNR1@ImZ#_
zCh>e4;dTRjDuNSyvoC;iXRMicUto~#5QJRV|Jvc6FV}Ne_u_Z@^x{q~xlcXZ9wV#@
zB+TA5*LX);f1+tlPI@+89#Q|mw40Ie>_}!*GLUh;(|MLY9X>3rUlq5M&HU@r6+cU#
zOxz;lQp!<~9>m*4++$y^FKCp;t6xK8&(<SO%$6Qe7;6_!WjN}deeaiG9Zd}-gR34F
z^dNQ;n46@bvmnb{A?$B3`cYA<SD53H8!PYYc*|+8^4}=ENi1egZ^@iccCqy*wfj$B
zBG053H}P*b_*8zhcv|va2Htc+&*86OBxRqDU=B6E_TZDbJHu~hg<P15X(N^mL(e85
z@lZmYkFHlVR?+QlUkZHyewf*d#9QM{d5<DaH@Q$>L-DFbdl^yTH#IW%;Ol5NA7NLg
zs*Ja{Q6lcUX13yQZ_JAre7+Fs*I2b0q)2q}Ni@x=i*T&{UADDCt-?^*hx4dAR)IXu
zufX0Mqp(Dw&T(BS$!lQn)wasoN=k|M;m%S+12^D>HLJ__m?it3rqx}aN-AM)?@bWv
zbGDkSJ4H18E0>^9zfk*;&YQ!z3r^;_Z21aGYnj=Uxr12So3D+-Z>v1o*b2M*c2#~r
zOa4|FwpaLl2i#oYP!H)b3ft`(ZLN_GovpQScJvDOD~}$@kP&*k2BSpK>jFU)N-)CP
z6Y$&3=#JCD34(rcH-zH!r9+<m&WrnQSf^n>kk&%)JWHF0HNFoTa1DiDpBX=!IjKMP
zxlZrJ_rk|Cn&upDXVwee;M3M`qu+>0KMi|!BDi`Yr-vI>_=QVTHlH5AjuMwLEL&LK
zu$1Rb=Xb%dciKVP{N;s$`s2)yOLU>GAZO*4lDE;;pQdPz_JakAx<Y%No$pgr2JOKq
z9~dOL9ezr<V6bpukNwa4P$=;p<^ayE68eTgVf}^u5B{55t6>-GY3_e#i|5-ne>j!b
zaQ?w5hq)Qg$b6@cy-AElgA&0P=r8=${-5ww%&0&=#r($cO2?!X!trZfM(J<u!Pz+Z
zzA@*x46SlFABAlm>UXB?4C^2)Z_W`QFB+bn+fb|DnYkr`jo3}$HD{Mg7~w54_zPTD
z;n+HNIYRACKV{i3u}jS8qSC^dZ#PF;T|$Ze*ym#F(-iX{OH5G|#xt^GtgMVJteM`G
zl<%4^J+UliAx`B?ow?Q?K`K7AbE{8$ee3K!UNg}7Eu103RKnT_tzPAE@|KEN>O^49
zIk`^FIj2G4o{UcwoTuv3%dpREUw$kD|G<{*utPrGy_U=2(`&V)Y@r6BR-vZn?pN#3
z3N>vWoy#&h`%E{oyySK?H;)B;sfSw|JiEM(T`)$wGX-tS7W9|KTcYv4*LYuQyzew+
z^9By5XWqbJWZuAG<moP0F6>EjU45mp1qw*K=_>n>$}V@gW!he1WN|MSD=LGcWHd0g
zE=ooNMp3L-7`=;KKSsk*YmBZ!tuZp|Uq;iM?Zj(B&hjUNR?Rt&Wbmo(MeZplmf!T^
z$+i{DdcpLKbMFOtG!ULI_vd#NnO?`7k32Y)H=!w`R?w7Db)1VEgfkoGfkx;-%s4Zk
zL4@`?gxB4*hrO?}L5~mEr@>n^PBxP&yZw?(O6$!#Cpkm+!4Kn;(Jai#j6&H@K4ot>
zlOEp02)9vm$2#1vleJp7euK~YBwOIt!9w*EHan|~-&8?c8v7ilRTm0MrVE+|zl3eO
z`Q0hg`gr*Zww+ON#A7tX`7an1Zr=CFjA<i_y$tNq8Pqyx1M6rcS_heKP0~8JR8dtI
zir;WUt<6R~XW2JkpSNu;9A+G>s7xy8Np3GAT&KjT)-YZ@#r2i6ILRw%aZ0V3V&4V|
z-}d6%=Gr{Mnl!eU^H?-f(3!d6B{7T{vzLY!0CW#URyMreGCLDE&2T#yp{AU#d9nN4
zCE|FCPm7lU>&^Og)bpcH;J=s?9gi|~&pg}%=&K`Odmga|VR>amAD+9!?P}Y6yUrTC
ziIn41=opWvI2}DIXaG)q%?Vp*sguF2ow$vX!Mu)wmO2#1^X=;hrX2VUGOT(TiB^0@
z#e03S6P*aYfgfSUWg>V0R*J`}S+DX=xvU`LGzGnhUz%#GyO-lp29rm1ec7!#)pjfO
zHo-)kGMdn+-643}mRDvbyjtwe2k}D0aJKSsDz2l)gZ<-?Qo&i}MDT;Ntcl<QXIT@$
z$Ii0iz4h8+fn{uYR0g(bjcvhSa!IIJ2e3sq>i|Z3E*2y{9M%xdGY@@boLsmS(7)5Z
zc0Se~ZLVYgIXCv>BxQ@!a@clL$~X;x#bk74+5dk_{!h!B2>$<RnVkClr*=1PfA7!q
z$(*T(1%_=`Yg^d$MC^h&JMPnMt}XEztZU2A7KghU9)&YvxEkx7WV;sTi{H}3C^K!2
z_pb*F`uhmCKEBBC@w&9_8@c;P-@u~HaZ_9`K@Te?+?q0sa^?|gFx+YI-{d<C{n^a%
zSy~%eS{qqf8#tWCXf!%!(ZnkREo&+0;x>Z1wHIW5b<wm(7BzGzr}mYws$`3KBleKF
zu0C<QM>yqD&*L|@$CwCY?Ekw|s%gp{G-Z<>=aC6dhVxy4amlDHYMfDMBa8>N&e|6<
zo3cl{6Z66+mXn=S+|$6<5`03`1AWNUq)+D7J)hwk`)s(@x+>>BWOBnBp{@9?Mx1I^
z;M$1OYRDQ1ygrK6C!=bxjt;5kaiv<HiE4fR!j1^{tA|`0#c8o?qd29zHo{nNZ4{?p
z9^y92xl3}=c`euxMn5fX_w`J_XH*)tbF;03!C2*+_Vs8e&d>}hNGq_;V|26gPYcpF
zsBw-r%&mnyy5WqKwMRGS6>qbVqQ&q~%-s~+?^5*BQ=a2C%n%f|QMi7Smhp7|k8gKu
zv)aq-7q0DbucsQ9C|t3Gt(7xgI9F_Pd**Q}&_h~lDaJIn*2en<6&fnYdst8|l~|w>
zEiaTWxy%kY_gHf#!svILS@W!BW^t28=)LCL9|~7(5$9>)MUel~^m2|tS)0b`3D<Mt
zB)@EkTaG`H{YKFzuO@DGq3(UVm&U$|SxbInxxTtK2*==Dj66PlcwCWb>AjGM)8T2-
zcVE?0nYzxhdh{($DY(|mNfOsur{#joik`XfE%|y#nd|gyRzB3q)ct<jhf1MN4*?~D
z-EKu6r@A<^<}uj5wrC*s-lK*1mWQ?KgmJ{E{ios=pG41Q4_Rz`*b|Ym^C!<%_c`aN
z&~k<6IOnol7#|1uUO}A1hIwkk_`U`A=c#U01TP%*%yngUw|I1$b67@U{cU&F8^6^H
z|B9{NLd<F=UYwRV6pk(QoH&ocIOX|T?8d37++=NMgG+dw9H+((ojVnrhyEj7;0<FZ
zn#&Qkd03~W|M46U+Luqhl3N=l9`Cb;7AcG;vj$dPZbpn#y&+N?7yluap^~D|(wxnw
zJ`PXDSjRXW!;T2s$*%{A_9HPG&He%Z#xj>^wOU})M#pR~?wd>E%{yPv!^H)4ga6E_
zgthT4bmrFo*&&~LVR!#8o8Fl#jI)QzNnzM-Y@c~`66PjW883RfJhG{!dK3xmFDcHK
zs!nBJWBsbrKDRp<)w4?60LDyWY9nHMu^EFA`;H-x#?T7L81yKHdS+|U2i_8+9hiR&
z$~i&{A)ZMkPHS|YZm;w7(>hN#K&^3ZMPN%#^*pNU$ysalcv=Syr*Ny{*A$$Ogjckj
zEPlrc`I-_%X&LlmQ~_&0$01*XLc0N906omy62*BdR%5I|RrQQEsb|!!tb|Iwi9k+$
z@!L9XcOel}b~ZK<)WWV6*U&6@+>EYK3w*0u;I?Ze^i2Dg3@SBeo$-ya^B(Yf(dDEZ
z4c+bs-W7*;!etYG1FK#qkqCZQ3Gqb}0X7%he)~He#UhQrPSDUR1QkTBnR>x$8{UY?
z!>4IS*fwD<!;YcxhkV+M9>&Oc`i#u1=DlocS9)>W?(F0Smk8h#IGsnK?pga9s&f>c
zK65{!?ipdL)S>Em1yypkGZD;GiAGx9KU89?O7vHW1uC(&f~407^}@NeKTpshmDsEj
zenknb2>ZekpSix42qt9<S6xFxzddXPIipGh%V0A&m3N*Jv_VlEHO8U!6kR`CxUGu5
zoyJ_wc`$EoZb6UU#AxI`emzDbqsLwQV)qPlGIP6N85q5xZ{o{b7Pa>P%pOYAwxzLu
zQM;4Coa~z7O95C`6Z)@5iYXD#h-?M+LsLd&3ko`ORN$3x>{XfD4mo%3+CzJj8-69B
z1kcIg{bzIncWxE>w%GB~IY91U;MOGG5@3ry7CU2R?ZPLcQ!P5vSH^3I*iSS&S@<PK
zobZ|w#i{DY^1Jn+gqaaJl~9){xW&MJPCv*ps-^pIBX1O4cCBU<r}N=o@twO4+vFAa
zlU0O!?xb)j#J65xk+i?adIopUaN5VcX@ZWor*zDGsoX*3o>gwO<M2D;ZpO*Eu9%)K
zzK>W({K6RQAJ=IB#ItjF3KgEGh_~+3$8L?|lUWBCiA3<c`drJ^L!Jarn){GB2{yAc
ze!*{wjDYZbFgztQr-!Udc)t1+)+DUeze?Ghm-%{s1HY;cUyoCfd+>NO6t>-P5gLRV
z=igxLp-B9f2+hFSnd8aL`3U_8Ps?!FbuPik*E=WpO}LrDm3H&FPj|YVMc@9ufsys?
zEjUK6y3;v7$GztJTwUP?rz<ahmHj2@SLW2itY+hyZ%)(*9=x&WSTSGDmLX1|4{W@8
z6B?xvSiKt!qV#1MZW(;J3(mArlt$s?kx_A+#hBh6rIVP&xdner2s&FUq`DI#tSL&d
z9~PlMu*+#$CPF7rYmEBBnlU<nJpe|dF_$q~h&=#CX>A0xYtIP3Q-)SB<?txwa@Hlw
ze&=8~{0hC(K4(uHy?|Q=x9^+;)?3=cmTT`cHE!w!Yg26n=@DVd_*EB_h-<@?h><A~
zBU2(qCSSJCl5Zj?t@B$kovlXcY;~26<V_myUX3?b<GrKvU{YtlH#Ob{jaO1<KdBei
zp8Xu7JtLz%BcnYdqdi-B(LPS1eVj!5IEnUg67Az8+T)8{r&XLp`#6dAaT4w0B-&#S
z-f15v(LPSMxl&?Pl*+Xmr}n;}k6bA;sk(lH&>J@!%*~aY?RGquw9L6%@NDfC*55x(
z<=p+?|5bVzDcr-%NMU3~%D?V)|GV7Gxa53`cM^2&`ZIO^kNO`<`LB9nB6!QKZ1C0)
zyg3sOoa@DjphUKCVafmVd`<1L2BvlynezTCt=JBkF_W{`{qOUQTl;rvzM%$K<J4l?
z=~H)S9dV|K{TyRsJ({FwvZCpVW-59{(F=;^Dyr{B9)97nEnDS(dgg!bc!@x6$|m%t
zY$A{wu!%r!z~Y+=_#b=&HgX;2H_YiiJ?_>*_>I><_J+H;dC+}3XYKuym!wb;NZ?oB
z9P;U2%-tnyDsuND^jgBTDQ>9D7du(tsO)@-#pKzFt>|F%ScBsB?gF=#%%=FgRLq>b
zQ*;4VvyA@E6to}x*>GX2vM0kk9cG`9k=Z9?B%T)hc6@Wovzqu8{0m1Wy>Lbh=S%!L
zFly3_>6~X6;+4iJ;bt}L#>1YnrsgD*k@1WenUhRLzf>3W26`fM%dQpFr!^y=8bEsv
zEjpKdvqaDj2Tg2W?$vU9qPH<F#lAf63mj?5zw(ZE60njpso;LjG(iin{$*|_TAz{G
z_c7n^d-M^$MlfIF<5#IJ;T22Hv-~sT#i=*G8#AkkIKEnClugas$#?lPUzX5LS4ikY
z%<TNd|4|KHprNbkNa(ei^4}Ud_67;9p|Y78+6sDb%4sUQTSMP(A)%{P_E8OOg_)CO
zyJ=_x4Xs+7L$j%xD_b_*r{yT15-Cmsb_hGnre3mXP()Imukm_mJbF#yeN<lJ<x=fe
zYP`Z4?~7)l%ay9jNY&+LC!0-kw63mp`DW8yT0`YE-WIKwjT*0`*2Vzk>bg3}MdlYD
z%~ufkl}d+leyJj-1-YnVY6_LMc0+E9gl7r(J#efN%$hi=UlU;$>>lCX#-1RDzS&=p
ze5n%E-<ycq(|?Xv1$zaIYGbc}Q4IRI(B6C>DXQNhpIrlULxUw`C5&&#Rd$8yw?wtt
zcE98%zk=~kwMqmhpXRsV5<x=y+FfW%^Il6LD2W>4mHI3VeI4V2Lu+g30Sz6BHs{c<
zHRYlj+6b-Bp_NtkQw@C+{eVL+($Ena+6X;@Ll0`oSsI#wzF|VoUZ+xj+)MbkQEOD^
zxzV@3YR{{{a<kb!hj(Xix-o!%O%+z&Nnqax=M`+n_s<du>2>Fp$fkuO*otP;&%*^h
zrzoPKE0nuJx#EgGbD{W>`aN!=oWGJ9mRI^v&Tr?!FQw#*ApF|5ref~vnf`~puhN2w
zDK}5KYsyOKr8Nba*^gz-3fIgP=gt?uj)}gOi4mGjQ_yo5b%dNjzLw1=(EzV@It}pc
z5@zwi&zpD`!0%)vwc*>{1)~eT-#Wy<ahNl`4>4Dm(6jwMC%3+7-`u%-VE@IGBN<#?
z0N*!5E4<@{(a7kVqQb5HkP%)KDTG&*5HCVaUhpUj2){y&?`*bOdo`#!-qf*ZfFijw
zi}kt6{=A6j^3!A`o<}B?A8i|%R2WTOD`$aEDBA8$rSWPfHm}Y8!P)g&@HNimY;JVr
znVN?Aiq6?|5NBCDyKGbRoua#XOK3t-2ZzFXNe0W`l$R(4c_cdHB_h;c185bszu0QN
zPCC2x6;<b+xw&?8#_Rk#R{pkZ6*S)6h{v_|g4WfRXXO`-O{jT+E7T>dzbtBcl>MP>
z>bH`$&!(OZ;pI(5frfsj=;sw8F+;gEigsw|Smll>YJvAuxyHvTiYw}&Xn>;9irOoh
zqv-8yN$(?vGH6j2?}28JoJ&S%=N`N=g8JiIq6wflJ>c#dU{B#B@1$nvZ!~A<*MJ!$
zztQZ|r1NEGyGL9s!=yhknvkAPgOppOZ_5?i#Qix=(arD^ZM<q7@wyWb_UaeH-dhxo
zvL7*ex>>G7VUG^j7W}KAptcBQZtU-}`x~Zwc|I<Am>bS&kw-6^UO|j~Gi%@`Dm1v)
za{KGaeT%|}<@eNoPz|<Yyzw|6*i6tnpUMcmSatbR^=sp}Py@U#;I#6ITpm8{aQR|Y
z<jR4s4nC5UW%R_U2qbvld-rdQvgyq?r2m!7FQ`fdL9aCzbW@g~Dn$j|dxfAGc?6AW
zE2uksOzxclyhBDavG>ZTtD+W)7Qk|GC`_zF(;bS?5R}q<gBqdNiVAwWydbIjOzo%K
zJ54XauV-Jx>7gcF+2YjSl`T#eyRzYKEoL>NL7a}Dp1H0nUnJ<p6hZQ<>~VSv{-lYQ
z2sTucUL4!bso*`HK)#`@RFB6N{{}bv7L)&wHF1c(!@OWlOt{U>*uoldJby=zU%?&8
zDdP<X%q|0LXp#HHKAStoLv49YFJ{?kkl=pWQBfUNllZ0Go%puJreb8rSTq*ju{?5G
zDzA1+p~q|}A=G^LiL$Q8-B*=Ovz$p~GPs<#a%Nr0ZG>MQbM1zg24Gpu?2@yT4eyh3
zoLOG}rh10WZ9eif^%tS?sOQ<>B2>!R@d)Ml9j8V%UPahWuICrJ@T=ZFNj*o%ysP`N
zoj)$$1V729vhQ7@S1lSgge@F;okN%jFthXNQh!Af4>jrHg<}<7AM{&nbusnwrbV^-
zODQY4cEej1&K~$wOD)5Poy4x~M{cGZxR0qeX98yDw{3b`@O1-+_QWj2GguFY@NKx$
z)TcA+Am_Kf_vGQ(585A-UG~uK{(7gJu)T~^Bi=LbbC7#GzH39Rt+Beiu~TeL#|)7O
zmT<rKXtjpEG(bZ4YRXsN%e@5WdqZVUp;I@m@of5fET<BuGEP5y{n(wymPh8y>tAa%
z6{lLfN6`$vD5J1Mp)R}gNc;YUdS)wdBVJEpGy|G48hM*=i<KL%TzDt{e$;`n3>aa7
zXnG0G_qh+f+Fx{;iJCN?j7LAMmX@y9T59*m4nb+xb2$>h9>?+8WgY51r&sz1<`lyv
zgVFfTm67qK82wg~5zflpOQ?z9l}Dw9Ok0{7Vjukzq{8nwFfwZcM&@>wL44Q6Adl96
zCSL_qSc7vg%M}OOX5(dGEEqc!p%-rF)odsmvG)l%J;@_tU*b4551;<3gIj+{&!?;E
zaKF!4@_|=yzR4g1bD7Z~8T5$=`VNx{b8Sip>WeiZbMI-qrOk!wjCp}WYhccE2=j+Q
zKJ6Kd+lD~cufuf*?pMW5$mp4sF7Nwn+92yexxb53##?14Ybw6sVA;>}3F_1j?+@9O
zcfeZgwdgu{rM!3e@)l{M;W$OvkI<ZTum-JQYA6}3LduNHnuO6p+^uEQK)LSt=9{^4
zu<eX4pD1WDd}ZctMZSzaLWvl4SS;L;ej-uyJ>kk|Dy_?j#3A@_EL(q{pj-t7eS+S}
zp%XF%t;FuC;c}L;Z)dKTWKa@g(9}>eSUgO)3d;3?Z^5CL4-xeHlY){OI#ko^06WeS
zJ>WAiI)Jq#qZ^?Wqgl|3kyl$#wd({u(niqqn*?2t6Bw4L><Oxsml3R<_Jgpc%|3&X
zz@FAJIb9FqT?u=|J)$peZEzn7CCt9)A;|KJ6J{LwWM0HzwCx+*J-3{>$;-&>0WdOq
zMvQ9C;nllO*F7WXchv6rnC%n6WxsNdO$P7$$$c^zT;qCYGH8L8Hd>*LrV6T#yBf@O
z-_2ZvjI}jf#O|w@ejm|SP$E<Xd&nGG;0H-1;{wUI9>yT2HxI34kVj9pz-<Rxwvuni
zXl%V-LZ{t>7a<Ue|F^>%gBHn6%ABpR=t52zd+@oWp2L<2$7MKH%{)!m8TaTnSU8@O
z=U}~%+j6rMO}k3$fhqZg2=%G;Ej;)5)TR}qh;4KBUt}iEIRgHOvTQOK77_H=A7s-@
z24B_{ZWr3u<dF=Xz|6^Luu8O8C87J_$8x9-Z<A3&*c?W+mI^vrTteHI5H#kfq%sjR
z6H8nKE5NABox;5apPIQXm=_qm_Oyh4=SgUZYXlv@s?EgXlGjGBO9mcpQx&u&I)Z^@
zP|ncJNUxX;ZTkT^G#N7@b44}^TKWZ}3>|qnYxg)jM$=2svoUKhilLN@reMS~Dteu8
z(^d<*SmO;$O1#0CXINs`HG=Y~>{o4t>#Fezxp+DI<e7cfC+Xupjm1de{!#<?OU#RT
z8Fp;>Kt6SL{VMa{^sC%uJz|OSi^P96)~B3J#n>0)NBDGTyo`^*n1$GXdC1L25$cWJ
zUI`KrT6!0IHxXJ5R27^@&$@W{CIqO4<;>Zb`N9|HfY*wTv=Og|u($Lc;$2}i7=1*1
z`M3LWjr+Rd!_5%PLi{^5MrWe|douNa@Ow(IiEJ(2!(73rRB7SzIU9jnqWF@ALvP=}
zb^|YZEyv2srdJczu^Es@58!;2bGsbgjqwgW3fm~O3=QBNvTd4~CLZ1r*efpE5sbH%
zHoZG=+rPC%T@=Z#OEP%su@q{D&}5JbFOpIJo5`U!VS!l#Q}UZ^yniYo?S|J^T#a+B
zbwVmR{hYEl;+C4#FSL&G`VZduL=Bk{iv0+T^KMr5URdDX7Txs_`!7B%Rr@UO55=h*
z#y)%Sp^Xi#XyYW;UxdDa%{I0@LO%iZL&_1_g4}ptpbGXk7-iQNZoP)S=MdhOhgJiv
zR?>plS8=O+pL(yB9%kOp9%kc(tshD}j#<~_hI#c2*<`S?gY=;n6}8rR>*NIKf4dZY
zq-eIHVpmDLsG<z`Yuq~<J}RLJMU@man9rd;6-B#^vgMF=!)q?!O#ONK;#1gyar&z!
zeof1Uo^7TxCu}?d!q%643!L!k%qcwrrz0QAJot<v(@P$*dB~{6%cZbfCSOLzhJ|Aq
zD;CU0JdXY^w2IS1@M+j$zBv?kE|42eD4*tDoDA;zKx+4%C7f?E*n>Hb>%M?mi|J}D
z`b-pwZq9BbgY#f_Sz<;)&@qR?UtEUG)fL|q^#p%+ZI16}oGnfU+ZOWbGZ}1g2=){f
ziS5wuu#@~|*C@BT^XVC^L(R?12(36Mo<~8*a^GE!KF%oIs~UM0*{^1@_V_&vtQL*s
ziqK??!BIfTAPZhIm-6m+1zprs(5@ze%)H9+=6)ooP-j6`smGY|z0`OE_^d3EA6@~Y
z7nS?rY6-o)k)RU|1r1OQZqRt2rbuW}ctM=r2O9dQrm{`Z4~mxKbySvkLM7^L7EQCY
z^@puvj@PS30xQ0)`0WPUpGPB<E&pBUIgEC=+Re7_E=)zdMDS@F&dsOuFd8RXOViY)
zl1)G1#`M#O=hLa&GpBI)dII`!9*@7y>3J#<%HqpY%$ywWdAF~E9a6VLk2Qqr#UABz
zwd+$|mvYWhF2VRUBPwop+D1U<@K-Q0DOW9SLErX7Gh5-SY4~tv*2tz7#qoW!MW2E*
zC_E#GQ{f|cr_I*iJ$qzFvp3Lu%T+<oe%&JT&Z4Ptk3Q>|V!5!CKAANW=WE6S&zI+F
z51;b57jbjyEGHM-T5s5V7oI2Hm!#~|+v_Ed*`qi#5f~51tlGFlEATIVY42T&M3&q4
z1IzWonC4f$PHpM+{~|QhG;9Ut*w&p{2WKm#N4wS9K8QVd?i(B6Q=3$9+Tu{A?r~$E
z%h?UQx~u+>d>_Rgg=sB*`H+!Wb22h7wK7UePoYgVp4nw$&b*TGx#ePCaJ-yn>gGi>
z-ie;|qDMOr&m(gR&s@vdjN(-PH#z@kqNi2nj=$NZ^XXcwfJ`4kf2oSMte-bXUgy9$
z@j5y0xpx$idB+*!$i>4;p4b`t-g5GeCT3IIP&4af_#4okYt4K^S;gjN`YG#YJYSQW
zXLrHYSVXwRFwSaVJWIZvU}TMct%JO10n>N0=?eVcgl1EI%({%;`BJz(I|NlI!0))?
zH>DI+bqKynKJKU4^dS(Z@+tgNgOb6J0uuTN5Qo0@fTZ^~_C}bysDhvo%>`A?5=2D>
z<*g#A6hr;7?45-rv;xlZnM*AzXorS2QB+9dc^dBk_GDQ0>Dq$!s>Gv;vQ+kBmHk6y
zUsBn%D)FhJ7Zm-fXeIWqINya@wpJQiQggddbDN=|S8C{`8ah}*J7b56Q{Ls;1Gl{}
zgE7}sQCCG{741wF*+Up*ERh$zol((uB(z~432iY%LbqW5l;btSjvS+;h7MDmSF5HQ
z(K|Wb!wWb)pT6A1vOX1tSGxN-Gos|~3@kq+jQ5bCenbY1h85s3I0LiuPj)np&m|}&
zzocC10zN_Y>3xj&gErngtOw1F3jE^PC3vYG9Ix$-1<9bqDvyTQ+<w~*pVx9`$Hqux
z&;yIus$@_t>`VP&L(Q4UNsDSdz}6>&UN4nGFWGXKP_`R?Vg(tUXHt0!_TG%?3_5^3
z&bM6Mm&C5E>4VwI%8u<UcI_>kdgMnupH?Cd*53HkMtl5nDs-6v{jkn0f%mU~@GZ|I
zyftJ~Ha?uuFB$BGPtATwRm`D`G8FA}-bgZN2b;~IKOz-I6}}R#e^=qgId25N+2m4*
z(<7J%`Tgf`7h7I~h5x7i&@<{IbylvQdQiivaUL1=EX!z+VR!ONa9v^Fth7Y~%cM}I
zMSEb|xh5|~&*uIjJBG<%{@<eg1E_IM&+KS&o6GEyVeK<>osaUFYX*h&xAvr@()2Gu
z_n_9fhMLz9zw;(fxQ`Sq#=OAsk{Yk&C{873&o(C)CLVrs7yng6*>DT#1i4Xha**_r
z(%8{tO?M!bDz*+*Avdmr;05dsT3Oi#P6o5!bFl`|&qezx*cUKd26<DkTWeEkgfa6D
z`d@?wek-A7EO6*^9VOrG+hne-<J!ZguW*KIJOH15tSczXwUJM=rm=tE(<qH6wF^IX
zw#-(a?<cASU9#y?%#DodD0-=ZaNd)G0@x;wSL!xFoi_^_4quc*m#OTQ;lg!Cdzess
z>sv(H=mFRvuB&mnDj%fimiAJU-wl&^D-=y|r)0@sgr1jui`{NB20hw?v1O1?xu3vq
zg&<#_%3$TiBh;L%aK49dlFn#)FGd-3AM9E~NMz7sXmevlVTbyQZCZhN?ECcnSnOYk
zOitO?UYrOX#@-Ek1;6?!)YR7Vi)d+sd|I$ZZ1KJicpPEHTaYcQM<+gKlnjdK8tng#
zEjiPI;KlOE+!KAO?D{=U;Op~Q0&XkZ!U(_a2+PVVQaS0*`Fge4yW!fHiCX75<z<X`
zM!m68;#Lq8(He@_onAAx@Jo))-bYC0fC!nf@CNEWLKnw8x)!w-p(!}UV^peXiVLla
z8OPjqz$pc6w$UX*y%fm|ku%?$O7Yl2ZkpaKH<RRyXT~(^cQ&o^mJwa*DoRASyb;<E
zlbOl*_dJIduIW)L+xnm5#NG5su7eva`oF1zP-mH8xhBmFo3nPq-0aMGTK$E!X6oL|
z`&{>o($LbzO5wLNF+Pk<jF4DD-XAx$2A|)}=Qx3JZRwHJ8t$98T0`x)y2t6-aoI66
z<@mp>moSgqx5&K$=`VPD!u6MIn(MqOpH{m&HfQq%B6>m;u`6cdWnlG*k-|RL-_9~*
zQ-PnwUpwHuuWagr@y79PQuHLw&zY;TSp2_k`y^g_MU~MW9B=F{LCd>{Y-`jrhi=mJ
zhGK?bE`r)+v>ZF6i~{&bj5=w&?fWI)4e&uYG#6IPjLN}|Gb*BJ!$lIW+iXG0YfHQ&
z_C{Eud>09Q<1s;_T^_#e2kgV`#7tsr4)+bdwXw-@+4fssPOs`L(R9o!g3MRH9C~<$
zpu*UzVy-_d4I}gYG^08yaj|;qcfkkY(6$9db{D)f=5pb-7o$5SNoWmiqaCp59J&JD
z1EasOXU=H1qMKI<_wXx%?)*;j^)VB(#8j>4)$oUyyY6)f-Ruc^OXJPac*B*OIZ<Rg
z4Hnc8<JY8z_sB}%w-kZ0>Bk}|bTh_uHmz2)QBeWdb`$E8v=RIb_=KIo;YJjE8g94C
zF#j?V&jYW3Vjqe3cw`p>r&nL&H;}BgFmJ2hfmHB5>qFw9Ow(2vq@|p!Xq}ew_~TLs
zFGCBip^jQZ=V_}>(^Z?fhr;pFpAw0Fy1JV@Oj@<v1c|q2n4mM)R#>U)=zh~7tcB3}
z-ECc60u31TMTvMuT#C@%Hnb}Gi`kj*>3p;~ud;qdFJX!C=q0AsaAyo{X}E0KIYo5&
z0NxyzV~UQ2)z~v<ZV~(qM*d<!<>A{J&ZnDkD%j6zV9v&Pwe$Klyk>$|fVJO1o7>`F
zrG|dc^de|WPB|A=MU3XW&!~0qbQb$-t%E1s3Zr!}!Exa}b%biestiLO5t`eT*I*Gc
zzZhcX5B$p0dz_w6-#^DbQZ_A6T{`5Ge3z$7ya2n{T(+$zaN8d#CxfGyh1kRU#QB|}
z2D}evegQR3+b~a?dQJo_abm})ahzo{?OPzclmGr<_6l%jgB=^z^e1?D2DJ%3$<JP7
zo8XY5B?vVdv<X%@<WpGVU;iwp9x``he;1zqL(mGpVl$F^BL9vP=Qj2=Xkhz`%xd`h
z0yQ+=N_g;)voIg|>R;iP4Yel2l*I$UeaEQux^~EIrcK$5ZqCE}4g%-<HO2?~b&~J7
z_wcZVbC2|raJ)U-R@!ZJGePzGO1#QCE^pL$cWAu%C>!^+zjP!wR*6z~NNBjH)d#K0
z5{)mE+_ovYL(%Vw?o*Ukd)Sl8RZuQlxepYLR+OgklFIE<l=_Eg)f_${>-P#qBcqhZ
z#QJQ5XT+TO8iA4dLV=O_YQb@e%r_0p^?6&6`3izL^A&_aSd&2mV~4WoZ27L#e9xUq
z087p3$!@4`Q+~(xA+h}bu9t+Z)xCgdTCtFz4a!}hT)k2f`c*+eHIy5tT)N7>ps1O~
z8>U=cO?i>ZR?>J04eg-Z4JunyLsu*6qw!J|HB^a7if&hl0g7g+2Fo?xM;cm1xpf-v
zn4+g#JnU+mWpB>hdY&}TScVy6xYm5C20Lz6CsFG3EPQu_Msa<Z_rCD0B~FNVMJ2Wg
zce{1vl`>maUS<tpzNPT>PP9+v#<bZV;@hOgg7EL0F*3g`##Y7LkKh?G{Pju08J`+^
zhnP9dD$u7c@Z4B7HV5zULDPtS$AXm&ZWZ$!YJTa8Wevx9MBXKO#+G~~(t8o8Ak8>m
zcKD_olsPYyXwz2ot5}QYM%-zB0q1g%#mn;xi5A-QZpCgR=V5NGnSAkj5?aB`A6fM9
zR_UEzsh813(MyU}D#}*Wqq&UzzvhXJIH~)<+dq_)S5=pIn^pEvMJ*H!Q1tB#P0yiZ
z@NK5}TsLFa#f<4>a1(akO*yiuh}x18D<$6w%3Y@1NkzF7-Qs5FY#LXRWpQKXemTQ9
z(>5i8ir8!6e9g^Zwp=}G2r{>dnfqDifKnBNd#t&jI$44W6lIhQ7PXNQneS{km3PsW
zj9R}g=pscWaMI7A7dn&-I(Cv&7OQtXU47Ab0jb?XcT3Cs5D~6Cyb(^X74Cd88mOr}
zj_=x-yG+}tS|8yG=&VsIx1`d<6ZD50)7jL~X@ENup6o&07n67|mt=%{pc-1jt--RX
z>Xj0&B|JgaWv=$WI*OLuETQc*-jUwIoqJ9>=t`6fUcz|cmfo%P+!~{d^X;XrP*%~8
zuC<cEz3@+2c7GreTi`{qYz1AH^@RV-T#Z`=-Hm-m!zF|2w~7XnbgWkGEUC=tDQLtV
zX|2XOV-IpQnN9a=A5ZyM^4NnrES&EKZJE!URmLi7qJ;i%P|)$aB)96gE5x$%a5Bnh
zyP_<tvY0!D8v%?y(-mY)WuuB3xOp1C7OpG**2<+S_e42K?`_rj9o6}B)p?)OG#U5{
zr4<^WJy@4V+$td%R4c}{i+xP(Ydva9ypD>RDk`t&N=27BgmaDGB)9F=r9IXtYOfZl
zj-s2?4mEHHUwloJ8A47>c$d@6U^#as#iD!at>f2%+)4?jT<~qpnkk!VIu5T|V5gk9
zZ7$T;Jyk!)p6b0=<M3?tJ1jb*dtn_J<tr>`ODRF+ZjhZ>Svlm?#r)2<nT5RnhrRcV
zud4d`edlU>2dN@W1WD*1y@Xx`DS{N~9i@vJIw&O(2)zVI=p7NHiZlhJ8l!@s(nUl?
z1c_2aMe6;HIp&;eNj%T_pL?EjU)+25tMU1+F~{t^Y_a1UkJkS^RJoO2v{<S1qQtE6
zoRYY$jeR;^sZ2#X#QnMM_wf%xIBUgB_k*|vhV@QnTe54ZdlXB-mB3r?BV@AYEH+s8
zrqz`nmKZoxv+vPjQXguGs_N^%jUJ-Kr1y00&oPqUo36v?flH!4dfob=W?hZ+HD)%f
z=dTNVZ~Bx`#`0^(U($;b^UzAwmFEEb-A!8M<Q4GIwe)JY&Z8*tN)tV{IQN2<{F#?N
z#l`1tXtWe1BKz>XJ4zgTQ;$K4s2SRev6T*)_G*)^M`5#f{OTngqj{!9zw)Hk+umMF
z<tuCHfLcY25^K>a@0MelW!Z2$OiJ17*dm#w2wQv(sZDGHjNEuW-7ZG&oxBJu%$lFn
zQodt)_iGedR{Dxt3s_TaBGc~$%rJQ8mQGY~%)idSp+Zf;Y7~_NysV0O6pydIM4jP1
zFTYHFgrhJ$rM=W=ZMAZ;7PmrqJQ-`&;76Jn?tvvZRV!np*QBGw8HAq7y(4t4I%dz>
z5q_@HsF_1w9A`~WNGr6S%_}yvp3PES<!><bewcfpbn`4a-4Gqp=_)m_j)qYm#WGqP
zFfG?vGvk|N*f7%*=QUD0B?aeO`aDgvXoOJ}m-bYg^knIEGg^AGye>JvX4BH$B3gRa
zNIT73e4k-o7<R3kb`fK&G-#t)iRZPH>rWk)1XEYPHgQ{EYG{2UO)|0UZAKZty{@fv
zHdd~hwCZKtK5nGa#!53|<)pDP%vf1q!V+uTK4YYQ#!5$H<p*OWgBs;x?Z2pw?>Ljr
zrA#{8YE+8<*~5Acl~}yHh4nw$%fgPyEu4v#CCs0R=>CZB<52yG7K763H0Ym2OFx>r
zUk_~w=X41p*+%MMB<xEoy~fymWfv7=HCr@ROVu&*<*##^YBn)avz6O4`wXWnSZ`eq
z-D6L@so7nWdmg#{IZm^^Z)z*oOgdjNCARbs{dK9)Yd1`@QAT>vr2SNXRmhaO-6rkh
z%#5H0`c-bZp7}<%T-7kTW_G-;mJXfJt=R_{G4j{tMp~<+XmPZ;PQUtQ1*rFA9m{;^
z12|otZl<M~X6)GXZ_WNN<uA#UwJ4lBWVg$g>6qs{uBGuP4gB@wC~YNTj+Qdd&{98~
z31q#hIElbg&!zh7<%`-%Bt|mI9%9bYPi79W;J*Hv-t;(?Ox$vy6tjzlv$S-iI!jpj
zoUK>3&(5_~OSlTsSy|f4V)VeRxBoRA=Ge?;!|iuck5-N^N=dIA<Fo^M2<j_vCQHQ#
zr>)f}7ypuq(oUr=N<_TD>*)Arpd>DdSOZ1B!0YY5L*n+i0!I3@yBRI!#_4#B#Oeaa
z?dxxKx^y>RC!+V`uVeCSDSTQ>WsKhYTQnPB*sfEWy=7Pz<Msu^5)Np+%7%?J>}|s)
zsgUB0bCbHmbLy1*5+i9&)BdQnoGvX_>Jds!<UXf{Ka!c(M4wjA_=>GgKRrZ$&Zk(9
zVn)DcDs@k1iSGy7;)i!A#b?70?!~{u7?WGBoy&AQ_WYnza=a;%KQ_?m+zeJYO?yq%
zQu#qzTK}AuzD2LgdUwvU<u<YT^K<PEjzuqE?~cakIAwu0><aSN6318I<q;`~X_hQk
z_-~jgEJcehm@ly9{#A8I6U;bq$Uz;Cr%jvVVJ(PV3{BE5rkdK=&CK^(m~udC9_)hd
zK(j=vBrHus$!2M>>7%|gZNzHRVzw|+U!(Vz=@AE-uX&9$*66J^_NJPzm5fvqD`*^o
zKQX6c$zQka(3x3q<dODFZ?xED>lg`RIrBbkueup2WHi!GCVa!qoGzF7dZo2?JHf1s
zz1vZ<Uya+3jN1an?JeVWrg8hear>8Xn_}FSF>Wm*Ei`UFGHzF2*Rf1B<AWcK)DmZG
zIQ@2;wtdtmI?NF!U0$fB*#yi7Rf?NFc_zjO%qrpjFH4<`o>yG6!baLrP`hYr!raA-
zQ0|%$%G;)w?3Z1;*l0?&YxY>)F<*O_9=5Ovb9-|lIg1JND;;#G>Y6ZrVnVgpNUM!h
z--PsM6TUXa-^M2N2`0=7Oh|w2sdHh5anVGDG)hcfWQkj{|L|Y&p#5o{ea=*KHA~Fv
z%6&j^$Bw>otEa!>MH|ebxm6j8uQZ?W-QpD(H8aHjzoU=mv0hphW%Tg>bV`rs*yJKw
z+%hS7&a88lG3#7I_v!f7cu7k`)H)aD_Nx9yiPb5(<xj;~Nh&$G3joG5|CAg0>qD$J
zaSyQ=?J2LpyI9BkTc%nS)1uSNpY`(Hvcv=V^%+Rc2C|$7En$R|x}deqD5ZvIfwMx2
z7E#H%gq_Q*!+c|=madz6B+$=r8Lzfce|_Jqhkb9Ps%B;E!DHIRxeeMy0pm8kk=8uL
zA&3$iC#0QAPB(MOsLw5tQ-=OC6A#L1j*%`0I8}$$P%1;X<%h3%qzk_feW-dr_?D4F
z6(w?EHpXcmok_EXk87q&Nw7rZ##c`9Qbr;dQPQ`rhqaY;CIq(%XcxP%!&?}7c(c`G
zhP4(*-^da>!QxthJ8VXxQwQwZf<rp3j;it!EzbU|bFjyJErsT4>1L9a=3s=(Ie6c&
z-fwF5vti8)n>#>%tze|Grq}(&%sJZ`mff@wj~f@ynXl)HXnU5?yJP07Z>srfo7kP0
z<@4-hQdqlq!}OtBO)vRYBVEGESI~O-jEe$>Wj5?f<D&jR?V{;$Exj~aOW7xD>9&c7
zYxE+GUI}BRg8ACWd_8B}UN-ZiC1&(`U-cE`%`F`KM<i|l&{?bULa!PWkau8c<W@lV
zr?=@}A(+u?k}T1?t1S7qg!FtBd%}%5t;!nT${OFwicW~fGboc~MGwS-rL2nKmB<P_
z2MgX<(qZ8@B+1|4KMUK+H%ok^QXF^Uvglettvs(c(Fzcc^!*h%+O_1;PNyu&$QsoJ
zv)PJL%7$?wf31tUK>p$+ZzO7v{2D?_SW8NJ=R0@?!}numO&)>b%_P&Z?xmTCbgTDQ
zqePiWwp<NBTQW|cvaN0;eFh^qw$*;%wNT|p@a(1b!!mogh@tYsGJarpQ~7~DL9I*i
zZZ5?<TC5$T%l#_TvTnfKifi{rqqVdct7^>VVqU>g3TARFy%^7B9IuYA!QCtwbGo0$
zIYTc(z98B1Vz`4ZrKTp;b{VPjG<_DkU@e`dPj}}vWc*Vn-15ro%*XkxZj^X{Sr(lj
zZWH^}3_bI2S3*laDi&OieL7LkT^>g2vf=L=)KGr3i9K{(uM0eXLrd?yp`|rOqW9c*
zHPm1I)i-yeMC)OAOF+i=j+&=L$#b+Ek3{tGTw*(;Md~c|bPnPie4O@e=O!&}N1pL&
z1>HpbAN!l}J6)dFqyHs8aGn*t?o03^S}fmWNeTZVqWWo+A@sGp_V4fh%d^C*s5bhu
zK>fBH-kreQo?PI~(1Cgmrq9*mHp^=L7OVdPE4^#VBQpK2DP9=CoT)cL74+jYW{dqL
zYyO448~I;{U^{#pAYJ@-_(u2mbQ!;mJq#}64>4L|sZ@3?RY2)v_J4l|I$G>R{a`Ef
z9u!M8jr3rPW-qkU{yvdgOS?C-6imO{Lv(%=#_lVf9>eH$8kc+ArZis*;VZrO`fukv
zg74u`D>_uBu0OioH&pvEx~tyhsi#s6ujiSsqwtm7Mwv1cC4N@96(vel&}Hbq&R^{U
zFZ~)9o+&wg+)kO2)6A5da~FkpQ-)rjKEc}}TXkyCEeI}?&qnf!za@rZJQOQk_@RnH
z3-{=Ykoql0>?C1cF<!<p8&;?$KjM~N`<)?K#}V2$|6R!l>~&CE9Lzy_dvT6*;p=JN
z@c%tup?1r4WqJ{f<~_K-hLvMlVa5wDC@=G+TfG;<GZwC^{?6VQRSu#=;skDYv2ye=
zmo<!zF>~P7JBt~|=6FW4?De_a<6J$;5bNo*iW2&*NxYDVH4mCc;r$%6lRT29eqjm1
z=QB&_kUD}+HIY4x68?*vi4r3Q+Ui^+?JiLn$N!N&&aGZqajKw}jz(*#Wi^(9CGnrT
zpnT5qzuE=Ge_5f_@xIk3O0vZNs3h{6#sf@A>}ez&-(a58dzSP*CQiBz)^+PY+g0V8
z_cZIkKOAk)HGVC6@r^Pib<SX9gBFBKNfDHim9msj?dBS=>LOkNknDf%VuRH4UC;{*
z+>STGxM_?0ItJxxr<B^Lavvr7kF>=euqe?O@ntFAFn_$(urEfhQjgxT;W5KDj66P(
zjNTVzw{g(puWN4V(HxbCN5^$_u*b(IYHOXh#9?Wr-6}o1(<=n{AC5!1loT{)a356B
zrMNC;Ph5&=M~9_i2m#+7oq`^gW?s>v#BSYY*Dz8W=yBWL+R{>8BOSyjh`;{1TuU1k
zXe)zJ8~JN_jAL24V%D2Z<<iW;9y5Pk>1iqdui8ozvs1W#wEnuxjO!Mdaoy);T-N}z
zC${&&bRFiok=kvg@|uk`p=x7Bf_`55r<uoI)~VYf8{EoV@b!Et*|a%_O`GHAU>>A1
z=YF=DdJH!c?E&ZcJ7zq239Z>l>Br5^`qr;LPl&Y*m8-bf)Qe|3mi)JCYOmVFZdjp5
zT94sOK99MM7?#VhU52$lZn54y?C7vG%zXX8uxo}@HCE;ucG>8CV_0FM_i(YcTxp4x
z3K%Jekv1*TUz@$9rIDDGbEv*Cew<jT*>2-vit+b|(!=YLOL^9Yw}!A&L+x{$*l46P
z+gsgUOLff|f-_hf=C9|F3oIR|r$^>nv4_EI;|~4x3R*5^`!{N7>*xCGXtbUDwYzZ}
z@v~;#{?<|)Rzz5@=vZxKfcZM*lGdAmQp|b>k8Ad1PR+towDkH({k0tSKG{W=C$!WX
z<(?RB<>Ay7&!|3~&gbf*Ma{14HX7|ROHraZW}iIM^hf`p_Il?m#?hw^{x+r98mn8H
zZ;_YW=JcMRrL~9=vzLtY+z4H_I;$D3W&E{-_SX{HU))?#{$f2)`HO$WRsJIPmA`1=
zmA{tI{$eJf{KZ?v%3n)pf1?DwQ2dRogH&=ZNGW@gp2-zg_1BW;iz)qr?*z6)&g{WB
zr%mi#tU$6<C{arvHPq6x&uXd33@w#YELwDcm7m~mv`GJlrKHlZ!Ymn9SZWOyEWHdX
zENxR?@ggqz4_=w@rMDWOC4^;5yoGe;Ii25soWb0bbNbv8*7N7x|1SMoT9I!Q7TlUK
ztyy~1BR-q*!Be`tWJY_+CvaYa#48x93?nPtI(Dz6C4Z%tzVaD=`pOc0Wl6Wn(W2!(
z-5Y%SgO;k8HT};TYc{yNmKvJ1`szhB>yB|4_bF9!XlamPO$^Ive2X=EHeVX4qWQYS
zuxm;Ru1o#fzSW>7*xxp>_sZ&;oOh<K=Sxi+n*nQXT;msG&5fn%YqeCuxTtSfQzH#u
z!+O!8##8$By?d{4+l2p{z0UsPv<OCIWEt<peW~ZV%`0nm39DQDH5x1azsRyy9<3DJ
z?Zcj?YOiqL3}ex^P*d=-F<K;+e!ixq-stI=b-}3vehF|=C!ttNtp72iSIq{mCM#vJ
z&d<`lH}JxaWKB&x8ok1=PNLoTR)={yLO>yH5xaE;$Gk=CD@KYnQlgRi7-^J|W+@5p
zxku@k&l$z`EYa9VD~;62NK5l-z2|!CbS{K=aQZDUUq_l0zlaqe{(8XlZ*vS=VO-F^
z57Dj0R<Uo+XFpoS4lq&<<O*476`RgTHLzyRtc;P$tMY=j;4__S|7nTXjeO&f{+}xw
zn{fu5OG&vlx|HlhIpwmk0}}t+Tx(NaGR)B_egmbB^?LrQ^DTFJEnRJ?Lw^-HL$fE$
zmQmU{M!Mu+7w$#vVwb54TTTAP80m_twODC1C9xDvKu`!!-~QzC?1&PmGvr5kYi@!N
z*N{8qt@meR#w?}i7DD_jrEq&89!RN1Q_ZT^K(D@$TrBm3h>+5j5kh2?(!P;e`lPE6
zStaY;T}wTy2$55=bDf3ABc*R5w2RbkTCY+U?VI}sT6n3qZm<qZQy1^TN_MXq*3qTZ
zB}#{?S7mMG%`sY<i%@Zx_YTxy{%N>QgA1|x>l27u8EJ0~1}5}gT6wG1RQ>h&7j;@K
zhQFMCp&>d{5hetsuoF^IS}BOuk*&;{qOJ6LOo*!TYqeQAEYWR+s3qC_bUMr<(JyfN
z!GVhJ9po9u{PjZEy^$_nz*o+r5-oKO{tDmNkNU`84nZa45vRdUq!7FK0Xf58=S<cq
zDPGq3QFV|GK@39GNc#2!(uzw-U*r*|K{C>XLwciv{#rG^_U%ALtZ_@XGvOQO)_W*n
z>^2Ej*zICi;nGwVDaqyUGOTcXw;(S$MlZdjL;s_#rTOrK<8~8i&wg}6!m#DHP;$6*
ze%VS}ejJuL1l^D>oCf(30`_+ra)$j)*G~J<F1P-=&9Gjm6`Yb6o9mL39kFD~A0m7l
zg6_x<mI^_SrT21bxBI8*5X2cjrX!uXB&LkkX<8GO*|$oF8%vpu<tj)QcJVvfQ;yM4
z)D%vaO(;Y!%3S!;!rQ$pmDlMq10{lUwJGW}hwtm>b$nk#8Dih6q8_p3Ob7wz>iek4
z{I&9I&8nlGGuw?6V#|k-t6cYwRM(+$nrPo9!wRQ;x=3B)pFwJHzD-7|acl87Lco?!
zA--HDUqxOr`^mIY3)5@2*D!+OukV=paSb`mt;%=EY0j<FNFffvSx39bjZ(+)y^0#Z
zR(2p~I8AG#w6lw2Xr(&KG~Et+TrVS$_8jxk@R!}DqO>!cjI?5Q9;Jz`v_;wFv@Z$Y
zUXu2fBQH7M3Ybzd9jVJX9f?@7m9=O^nJtCCTmw$!)Asf}BSdd$F9rF_p}&G$Wq<Ft
z*HTZkYn<XSrqw%!&~q9bhaR_5Z4h6!at-Yehc8uVw|$W=9FKCyOAcQrv?}b|->}Ca
zy<+@0T1<y;K{uTr^YOL640DbG+HE%E(E!OBA?9qQJ!&_H?-%42`*sDTghMcCgbwK-
zr1Mbe)-`#V5$zDy^NVk4KYAj6-;{c7k)~|#VjG=r1(AO2Z&$cwY0qRGg6|Mt_V@8Y
zIyI7!rmUB%u(nqne#A;Y;t+FA$qYqw{kVnN$o`&%A1v)c2)Lh~^nzvw5RdWF%0Zz+
zu>DEhPIgC~VYf|Ca#)&bq?Zvsu8ma?dQO*gaXQRNs8JlMw~*(YZ-qN(D@#p_6h_*!
zUU}p%`!V=M&GMjx@z<8fnaMJwxms(z9LQge(Wpw=kMyY1+^Up;WwsZA)Zp}c5h=v%
z8|3N?X>TuT6!#j_5OWUcCB%p&$JD$-Q?%R1b7?8o<nIi$8=M+<QG3{J8N{4@YtU7f
zk{SpLhk0NVUCSn*UE?~_2#j4ki~fki*BT+<uQgD1xt#7px^SIYgRn50Xma{9)OZfT
z7}PSh*AeB4>vRk(vx^<bUv9bfBDXkH*AY_gC2t^)IMuR_(pHX}+&YRBXUio`O}>qi
z$Yu9~?z-lEiSTi|u?^*gT^#JDbG1EEh(mQAUpc3D57$y<lj0AMGi)UW;bTAU4#hr>
z%)vY5u`45`%L8><J+!oysj$qYb3a-d_G7-W(tWnBmqSr6Ii25qUWarb+6Yde2<Wku
z>~PERSZDIL$1I(unMP<oK1Ex+M22cL(u&*cjBRx~zhX*QZsZ61n-x}A@=zwpMR3KY
z@@V{*+A3PH*;rgC>BV_kdhIStj_A^wNBWNFjky(t-Vyx_+Yzh3(oJvriv6vL*snlH
zEzvq3b}1m?74x(Dt&M9n`0ZJo3&(C6oq7p|Dh0K116<&)FY<_`-i@{NK4Qe|uXnUG
z5-kX`T4<G7Dw11EIHado8^n^n27UVqZR{55+u&hZdVYwO<|`I-u^0aCkS=Cb&{E5}
zTKYRiOS7wLY4;0SqA;`DAqX=|*%oN2Eou+5I!FVS+BDKqF|=mP>MzmK1`~q0MxvOr
z-i|6->Wr8(+lf|%r4q*9jsrAXhBD4yYsG2l@H#Ekny;nOCM;EuGs<!{EuBQ4!tBX4
zT54=ks6OgGe|;Hk1WToqy<j?1F6@@+oM(oXD7TnJEz%O@8?&cSl2{tLR!ga{!0dJ7
zVz_bf7iv6zrJQD|sgbH7q{M=us-Gmpei<riDOk#A*xp3VzBJM`BW*NN#!Omov0+=6
zY1Yixt7g8wI7fed%}5^`=?5dVHZBGlNf;@wktQ1#?-*%o2JOd8qc;tum}4nSsPeVa
zEU#h3jWiHx&n|v6Rw}Bm!IYeh)+|}3<n<z2YJk$j?A>-+%7nI<S#mZl(c1*f=xqX)
z=xqX)nzhzaHb+aHP>=ZQK$LNodLb8Bx@<yFz=R-V{GDL@U1Ids8+$tp``EBc<+SDA
z#_b#vs+mS_!Ah+chuTPC38v6Yl!(t|3cYTm@kZ)xq>)B?&PeTyR8C1z;)xWr%xkGt
z-hkC}TG?^rI`uL5;Rt=N(vj~3(u%bs-w9+%pGFJ1&<yAB^6P!}7_2DqO==O=Qsz%}
z%YXGW_Z6=A?hL;x?utA=aIfKtjo1%O!0M$d-Z+Z?u7VULPU9>62dE>awzI`Vv?q>O
z`3ClNrBr-6UNMtj+m^I(8iBs<-HG?^WsHityfWs9HrPv`Q{#?E|1|eFj#!jeOBp9{
z`0#J4({#FIou#F@b$Aub5$`wE(zshf%#yyv&cwfbN@*kX7D?$2_SKe4sm&AkM>a^<
z$HA$4?i+`E%kjm(zhE7XSd_S%kzf9g5<{`?!spvhA%)J$c&t2!T^(sJ1~LCZO8-4E
z|6h;qzN{Q0{2RB4Wfp{fx6Fm&`4Cb_QG!ChSH_&qeA4I;`?bgQO6tA>9CPH}5O#}y
zXK1ExF+K4#TftY{N#dJLrRHnNLB4ScO~dG+I!bYr*gXPo;LGw-4XdGi;^Q52cC}J1
zoU=i>$4#?;`5N`QElU{AWn9wbwCr>GmO;xlI*)Gc!v7s3M*lOtrO7xkBh%nk70&bj
z+67iZkyb@zS{=t;YHm)oa>0=i|J&Err9yls+k+bOw6qvwYGMV&*C-oL!ry{oBTi_L
z)FQTQh|5}w*u5FGRMW7-hP5>8jA303yJT2@!+tkxgkd6+_9Nb~oQBOdte|247QRw>
zw3WRDwDfObu4eQO8@+#vM?<4`!RY;4+*%vGUya_s#rGwncgN`cTN=D>^uh&oJpL_R
zwi~^wM(^L!>Y&kUVD$de^vfHqLogq`B(*s$Vh_Bar9!Q=^q;14abs__v3JziD`)Ke
zr}<II*n8jDJ7?_GGWPz{e5+^d?KAeS7<)~Oz5g_STNrysjJ*fOUVCHjKP?AcjJ>nQ
zUV62D-y*h`vG<>rmsgCvpN+j-#@--f?>{Y9!;QUL#$F*~FIL&(e-*#D5jzs{zk2?E
zNr?ZIG{B2+kLg}bzvIs@wNn4qBKDc-IK{e}q&y3>6up5Z^iS>4tD%**#CDv};69Jo
z734>hxc(T%C3381VW*J$&=$@0803!|Lb{C-8~XC@aPVKshmW$vZ_>(qBdsvf`(14D
zJHA?i{$cC3ls;8o@h^r(T5epNNB?$T+9MYgF|x$ln&#^@BWV}>e>Qxhk4~XeuWN~J
zw}r4bkwpKS!C(Cmt^OJ%N0wpeMTs#7@F%42l2re5j5ejTV=Uh=iV_)&<lW$ZIFAyJ
zky`x8{~%sKjKltZ2G}bge77`ueO&rc&sg4W?4>u-UF^d)k^b7o@~nG01h;D7zK0yY
zXnUNd{11}v!U~<dz$i$ikR>J=$xkc#M{WM^<?Y?L9N?xv3m&z!h)pe{rH*B_bVlv)
zMu~|CAHS^neKL=I@LxM-q}o@FR9(?yC6^)B{HLQU=wEd!$r7gjJ=PKVaPyS@8Iu38
zmHufhN{;<#{KqpJ9?48c%yY=}qnN9cfTMKj)GrisUh+MMchY=CNw1<yc0uG3kEGul
zZHcF(<+Uhlk&yns(KZF=jr1yYA;i2*?B>lZ;Vp(SxR><y|5sAuzbDUI#2y`~>&&;E
zS@JFa=U?r|_4w-Zyjq&7#&G{`@Bb|>{&!OC|D4<ZCsOx+C-ncl;S075wa|YQmn}of
zBwI=JIzF+WUVY5tOG~}#M(UN9nO|c6O+w3$yZ_V{JL0A1wNxa9%YBsm-}OYaL(L-v
ze(|{;rs8BPB=ql+#EHV6V3h!V<8+)NT|dYFkb*ekf+DkHZBZA*6WOBRSj34l?a}vv
zM2Ol2n7q(|$z$R)c4<gwH0~N^fs{e4DaNE~SN1)lxS&WLkmq41qsUg0b(Vk1;mImq
zRb;Os*~BtM%6-N<ImEHj?5epUxkP2G1(NUAR0wm6Wms7xQc;C4k2sF;HW62mr$w$x
zM3ThHpK(?V;fWOE6d8d&wlhcpk)nu|4gW<9Qb=T|%ytGT-wTUu)tF3Dq^L-hBuVVU
zdP_gJDlRfqC!GZGB<u_YDJd375+|-=>^KUfl;~E2?Rc;=9;A$jQKa41IMWPLPUNY{
zI(bwqDu{Y@nY^V)v?%y2lOBpx7H&NvheT{{+=GQwRTPvYPMq(If4~K)Cf*uKI`I+j
zU^S4EyqcK7#FU?EVzDH?ooZsYB)*;MqW=i8lOSftT4IDFM0GJ%lCj24bumSf*%2!a
zVAT%ssxEdYaxMqnuZtk^ks_Bt7D}CDNs=OxTiId-NDXmB62FAk5GN!_$h8A&q~v=I
zaa9ub{T=D*VZhZ!keZ_48x&@?Lw8GSi`W492&9f!5Fj6e)D<aABD!YA$QSOP6Soz~
zI^2?J_?#$;-4s|B8?XYlPwKQ{5;1Zdr}J}Slq7MY=0i(-0n5*csfu)4jC;`_4MeIU
zbD;A*NF&j1Bw3CVUts<77m&u{uq5%~cj(*#d0zac$hNbZWFJMY;v<&6Z;887hjw6u
zxMcN7k2`r5xoX8a;-khm^Nxr;FUDa73~T4&Cj5F8I!(j}iWIwyJ6ibGR3uAs$s$*z
z(^Q<7gi|#Pr5D7_0HIWECbEnn%W;C@l?gh{#a2n;WxOaB%|*dj*3qfaT#S>%4|7W~
zPm*{O=9Z#p9J%tt{G#Zrhz@fr(N7XT%$Rh`UvkD-lQ~bZp`eIPF`o>69JfWA3*nQC
zIN|<Ja%L~uXT;0bxpoF`;01}-C~S+oX-I*8knH2pih#5+;rSRVkj<?C@jg9+e=7>=
zcyrJLQSEN4T}cuR9iL3hZpo6_&gh)NtfK~We6j_7%RYQ>Z*&rIy0jj2d@>>piFpPm
zl>ebaqy<O^F;1pD*UBug+EHAWBu=cvo<;}gbP~1SBJakEgLnh0J4k17L6Ri#RCi1C
z1L-0PjwPKWQBIMrqK_h^GY~r6RQuz%65SPvGc8hgv0k})3<p5pfUEA}Ry<iw5XaNm
zVl2o@qRa#$aUvDH^fZv3VvQodU^P7vq?d@C$T}ZFXMrS*B#9Rba7SweNN>?jk*v5|
zuok3`=o8Q(SA9jFNn|Hpkj{G`{nEtZ6_Fry{I>2Du|g6~)eqt76|tS|$e8X2=`T(M
z$fqE$iCat}7M|o5DMmz0X5Wk94*ZwUi4lz?Nfyg+&-Jt<Z6q0I(lADJV^@-#mpU<1
z$WC&)B51>Z0vRBNE22y905P74rAzMsv0f2fdIyT#0YasBpeTk@L}Xdl(?KFy5nWFQ
ziH3?qq7}UgSA#@rMfw@?k|Me;4-$hF(RF!{h-YG*MlSDzuY<%qMReU6B;Ho8PTl7;
z93*xt^6V*1zE-Z<<>0<xka(bUY}D=>GK5*Cal9HDlAno{@mFpE28r5=984ABFX`&C
zBD1U8vNawg3Qm`HtP>AV3qlm;vWo07q_!l7tm`26rJVyz#4g-yaNiSRu(+sP9i52x
znI-vC5#1&X7VZq`m+2h_iwcV9mUf7ksmKEC`jmwF5V0GlOpt??Zf%B$69JM1ehn4Z
zB{^ihiBVHdkYQrtY;u(#_M>(`4KiH(A_>>-q9Evk=a3GQG9V*GbtXcGd6YQLBx3Fb
zoWOz3C~;1aIT#}`xhRR>gNza-63KG1(D52AVkF@<p*rl07MB&FHi7Jn5e<{bRh*zU
zp`IiIB{^g@&V#ipkXZ4CB=KT3NGp&yF-egp9d0Gw67vE&WM{0HH<v8O3(}!hVqBV5
zV!YTdb^KOhy!c9zII-kgOLT;t@!~gS=QzmAAo1e9B8|$k?-N9ZdF&VIkgJJel_I1=
zzE4Wy`($y9b!3~+53VMQcJs;3AydYth>?;cTRL~9h^>m~vN1&*2oNe8Q^h&9W6H)f
zF<=2%_S=N%VzeT<1(+_TC~`F)_tewHVyzR27c*dax;P|BoH+eA_i@uj!-dkawH>)L
zOzNCdq$*OL`oS6Eo+29tbM2lXDlcMJx|NtA>N82FTZtK>sUo_Sm?3&7SGtv$AqF!s
z^=pP$rHC$vGsRX#bp4tsnk-}A-~Al(JcMwjm?z1hblZF5_9I3P3HaA?(&3si2JuP|
z;pIMw2bm?xND?PJj3KENO%$71M>IENrzC!!CW;iLqw^G%VuiG9MxKcxt0Kv`vqz(*
zL{U(Y4cLFC5GINWk|YZquSAh;l^;ShY|zOYAlW4;AxWHg6){afERsY!MOJ~#2bn95
zDUt%R9Aut|dYddCva*4!mZX>@@uDKgMv(cUvLcmn8<6_$1)^a<hx}S7`m829@q%=y
zUM!L)E|9urR)X$F{tkJ%rClsmNmqxgjTlF5gPp~q=sTp8Z0V8J5>ZwWJ^ETAs!DRn
z(qpY9qM_2!W38pCR{A~lGBHr<aK0m%#WE4cu1x>FTuhf_w#fes-c3h%mWySI)IlGY
z46;&GSVJL95YIml;t0s9G%di}!dokKOx)iV+0qcPk?puSZE+lS-WK^JnJu!M7UDd}
zJEFNFTgKz|D##jn=23{*q8#Q9*FfHtC&`G!G_b`VlJMM<V@joElgNrWg)Z|<3NaBE
zFk5F*PLb%XmI!YlS6vh-iL9fU%VyDEk+(1lpfSmNVvHg;Fbg2EMa)uUxN`NrSf<E1
z^rtk&-YPCDk~GK?SrD>qqB%H~pHpa&GQs!lay+a_4v-xpCZH1q@`3n8k~nb?BeY^5
zABqR86Ojk$6AiLQL?BHlzqTTM=s$k;h~|=T`ounlxQQ+S@-ejciWo_FR9PRc_K6FU
z_$}>z@jwwh`r0qDLz7x#Jp<Y=!$3sOfcA@~N=J{r_KVhv=+W1H(T$0vXF&S}{i6-p
z(PPN{;+WFWW61sDFGchi@_=yPm#!=#lsgARZzk!ABITPv|DYJGbaab-P{b*sd!mD4
zL4Z(CbVzKK#2=-6jQ?_CzjW)DECxv8w~)zVoYK*=zhrSNKxp=tEc$Pgc1+9viCCnF
zZuwKhT1os8o+3VBV#;%h_)d|!`|uCFh-r$rsmNZm;q5>^6_0Hvzv6{1^Ph>lis%yl
zxhSKEF5!noJw<fsJtEd9Qn#Qby1?=mVxJ->4+_x(<fu5T$Wvo6j{`X-z7LQ=AYY3=
z6`@-2Cdf%D_A-P-#)6y@xdLQ5$eA={{;Uu?r7JT}IV+xKV$$cVh*m_`?z5tvB6l!O
zpwjY<XsbwR_)g@U=%>i~L|Y`m_ix3x09g)lLA)Ixn?Np#eTvjTpRya|XVL8gj+aiu
z%i@qCI(@E)GXZh{u2RL70HGASCY%r14!Jr4a#Q3|gi`Dj$R8qqfP4q?r>Gnt^zTEr
z#Rf^@#BhvcZi4(RzEy<UmfMm%+P2&i-mZV9^F2|3iAm>sqM9PQjNKEx711ewUkp)1
zm%0aHq9VG~JroNS(e0|R)+(agRm<9~h)z}8D!7}|rxSV*Du<3$S&<@&xK<NMuqxXC
zuNa|Td)7Loqw^wU?F$gfi*(kp0HM6dVEqyxloy$;hl*rF?qr1JtX7si93CRsL9$yh
zis+U<mqjmg23!6ot(gHrE&o&2qb+|P>(SgnA(p>nPp{7Tr2B14<b&^#R>_Z~U#6x+
zSrr2$3qD3!H3MW0I?Mc4!vLY)v!K;S5?);?3d;qp>yr5EY=x|g`^YbU1+TD`DoK3A
zI=l)*Ybk}TTZ-%fDGfV?t^11fKZCUdw7o?vZ$HdnJ#!LBMd%bUIysb1QKM5q=@hjx
zDOb90DrV(S<l<g#A&Xi06w$p^ajS?Tcd&v-ZDw(+j3T<%d&a7)$maKX<nWADhY5OJ
zoJ2qfOIXbUgnHPL)=P@4e`twkp;O8lpvYnn>bpx@qZL`WneCLerUnSvDPt{FWJ-Qp
z+9_*oROC$%vQy65ElHes5tbXnuX0x91C)jdq9Wc$p#O*~Z#_C{s$eyiI-IASpi{vb
zDoK3Ahcssdsc4N><P(rSl1xzK{%@9e4J6u{qsZg%i+bB=YlR{!KuD*OwMmifN~e;w
zPZGcURJN+3FA0{PDpp-d{C=>C)ha;9uPRoKL*y#itaVqlo|Ys&qWckE+o@_jqsT}Q
zO4X`X6-D~0)s<>i9YsciSkS3vbyXxDGeny8SGRgAk_19~3e~L`MN&_5>8)W6SHw~!
zvxXI?$b78r(7dvyHC>U7Aa5cTHLXR8P|2hjSuJaoB2+SIbXv>WpvdEB$7sE!wslC6
zF|bn{u4-FfDl!#>+QZt`cZzf$%d^@#R;nWXLCE(y)*VH@RP_rlc2P2+4*sNKQP)bZ
zh^`mUT2CmV>&3HH9!2hAEK0GcXBAW=+|ZV>sArW_q@apLeXE`#-yi1us&BPW<PHdl
z^{uXo#A1y77Q+0T)mxE7kcpDSDDv%i%-um6Si=?h3nWpJagrpP9gT)oYzoD6w%CC^
zjz!REWX+N!L9}?w7OO#?w^k`)KW~c-AWf|I6nPiEZwF~=?NcN)4*3Q0f^}6A9%FBd
zz<D$rNg}^4S-O30X$_WyOE~GgXeBWbOA~pOua&h@5`VtjDotH(WnB!|`4qmlvfliR
z{POEXYiq0|@ez@AxjeVFrYKSwgvxVkYmOp?99}tTV=YpoA_%p{ZLGHy$%!>0T8C_F
zZBe8E2*skUwNH`9w(*`+J1a$zr$A`_)y|?9La2;=gBcm^TeY{&D3Yq?Xzi^Z6zPEw
zQV-I>`bCiuAk>3&uzpvh-eK%4q3U+D?kds|Bs=`*Xt`K1A-_IRI-RTxid<AWoviGN
zEa<_jJ)N!mitGTPg45Y5qsbBWtBX}xk#9iAuP#;{MV6^}b+sBPvQ5RStJO*pzZ`b6
zD#JZOXnN}IR_y@Ef^XfeMgc-S^-HQG_`4oGtX5JdNi@Xx@EFpkht=Z?vYa3$WyZ}2
zkY3hdN!YK8AbqS0O6N#kv_Bwyt%*n3)zE1;w+PbDIwlFbqSEq;bv{67=G)&&4G^-7
zUBhE+XVwH;+yi;dYAy-eAy=<kT_i~oow1kXVa60=y`l)MY-a))V2x6QR=<f1v}Q_@
zAST`yA_vHzH1%SzmFFw+JxTnAwdH)!8ElmgkRl*Mt;PXT8f3WDU6Iok${5HSR)0ml
zfE^+uttA0hl|V*Y+XAE(NUU{Ok_3?zeG2*hmUTNo$oFwp!LK=eNQW%PTg?N6EKjsX
z1_)W6Y^{+bNv@&QN{_Wu>z*Psi);X$X;zuz9Csp3L8e<h0;Dxaf;BHdI)coy4hP7~
zAZUh8_;&h&Bv};#gl56>t&ssT3}k_IKoQ!5rqdCNt>XbQ20BZuI{`8gWSNx#Q$lKu
z<<2$8a_ebHk|aq2Sz(n4ki{S?t-1lS3S^blN0D*Z_1FNi+L{_5TS3-Xn*(GQ$h+2Y
zMYi<7O<R!l)-6Rotcb=NWTTbm6sHD}FF`h2^#bG!$QG-AfP4?K)tVC^S3tH~yA>&Z
z6LUC_o!0dLc>uD@Du_`9m0r>bZ^KHC)h<A?fb6#>Ns=JOzlgW8JX-7AtaO^47a}io
zlC8@DQV1l)ibTIomPv=g{F&8GkrcEWlskv5Rf=>)YLtYlFRX%R*%j$j1UYKODAGXr
z^`*5YK*+DJtqTD{ex0y#eZzK+<mR$*%4!lIR1!|By6mrTp0Q$;&fl@Ns0qtwtcd~g
z9LQPgxFXR=v1TCW(%AXV8hnm?pDn7Owdn$#@2pFTT*0~WdFa2sw<5k}ouMT#?uE_|
zRt-g3WkSyg@?#py7irjtU$U2LmMw-u$0xK7Ia-qX(oT|?j#K57Uq4x`75Pq)pVL^r
zV)c|d+-7EhA6Kl`BuNk_!uWS^g!vbXZpcx*ZsEnWl{S%yiu`#S<rF%p)>cI(&c*9g
z2+yz9Zbb?VvBgx7->icHGE0)r17tqPHS2hQtN^)gl|Ts~-y7e->2Z)7R`~#VPm*c@
zvJ>Q{^{gUU+F+LxA^hEHuE@jIOm1176`_+(`{C*jt7m|ufc$B_s>l}9%A+8ES+R<2
zROD}Kw$^FG>2udwt;kwM?pq%yQt>{@DeOE<lNZ8HmOB2*zpyVVS54v9S-28*w(lr4
zl0=s{TU;k#H&Ns$$oJ53?2!Rd3HjyP?<-POx$^8oiZoTOLiU#dLaxI0c|}g4UXWiA
z_BBPWfRJD5?0W%1t{$^_KIqr4^mc{|aEvey#;dxQ;VQk-;ZjHI0O{=#Qpb;bdb_eD
zV?~{uC}02TDzjbY2RIJwm1MRj{z!z!#$-9Oo$aC|;_i#QVxQSgRm8#BFxDCV6YDJN
z#ODt)+u{<F$JSfo5BQ$ho+`;~@%1rF+yi;s-mP@fT}9ae$!;I|S^4z~pLEJ;H@wW`
z;$OIZi~cmHy<3qR&>>g3?N6_;PN|}nsEL}J$G#pQ-5(PopPdWZw2M0$uOL!$5NUT(
zWW_K#n~C)ndzm6{!*yso)?4huij1vli}T2xg7#E|mFzqi!!a#v-%_Myf-N$_Rbji{
zudI`R)OZ4<sNLi@CY!UctK#-PMfx<;WaKs0`D>FVk5Qq4U+ZA!DcC7)S5ssW{K}4R
zCGC-l{CEs|!cSr~!;Zhfu40s{()KDv;uI-ouR$wJmaE|w0_9*ud(|x_KOlX`PDOjs
zUrdHVhe)&?d6&sW%*cpTvL~Q6lASM5Hu58cmF>g;c?P7Ky-JY}p2lhiNDVv7Lw0o-
zZEr1*XYF~4y!b8Wdp-M>B2{pHgDlsx56N5_D}F*7{v1dHI~Aiq^1VwW?$CfVw%53l
z$gz5JkS2CP)EUyb1i#vYG_yA=QUog&<f?_;^9k13fZTow<V8DHk<7EvqoG8#vezrJ
zq9>pFXlw6Qqyuu0?6kEjWG6d*9c-`asb8Dg+dZVtSP??q=?how?Ny3Uc!q;?v!6tK
zD9k!MFWY$(xrW>s3!NVJu)_cJtG_){lCk29O4a`MO+~sORVkfcwX+mq%V&{a6z13L
znTouo(lExpSCVz^sB|7^uPVhP0wE+jL+o{>nOuLFb8x7AS`xoS8fK?T;-|(iJ3|?A
z6({l{Jc+O~%&uO6?JPn4S`YG;y+#pQIoky?!Cs5DoBFROPh#%^WTu@WNt`&onQLxh
zn)WcsULQ@aeBYDo=PD6NlK%uj{c_U3xN0hOIKRG!UrF{zNqjpC?J(}<P<Ym$m3TZ7
zd(d`KNydscXcJQ5YLQ*LD(Rrqp+pf`Y{yn-S9{Qo{SLCkzOKj#^qw@{Se_<4EA2cr
z$d&K=O8aL?IGt$^aix7TKn^^QF*b@UxniAr@N2c*Op@e?p~*ZuUTa7S+60=LueDn$
zojLh6X|2d+D8!@nTWf2wC`l78tH}{-LFm=RwRR_VC04=?)tz^>D{&Nly#k#Ls)Q$t
z885P{O*%Yc6GAu{er>kv)}mM>i&m&#)JDB;H&f(mlv!%k-?#fn5-(~govn81+A{89
zCdwGO+G@9xBw4(HbY`-ib!00+X}Hzi86e&c><gRJ&?&Y<hcH5?m``+y?a(oe&?)8<
zonkw5+)auZVp43UwqsIkmv&`RY>!>04yTV!v5)M=Sa}Ji*nZ<mr`UeGt<uq{alr1U
z$RMODDwH^2Pm?4;bjMxFj7W_G_999AQg_f^9UzoqhwPmJk_{x;e&Jb}7c!lxWTx1i
z0)$HDXZAOeTrwr|h)U;6CY^nv)A@*fNxJg$^oWY-B~x0C*y-xY)JS&*;{}S>5&LmP
zeg>g$N9^2^Tr&Cfg&{h>e4<PE7j{9mW6J7LJElITyiUWfv>lU!KG9|VxIK+srTb$f
z*QOKp0!3yFwPlSvVeIJIbRtdeoVMSQuKe6NW4{+5lsjkbeE~wbbIvY_(}B8`pxilc
zR}K)$oeL%}bS?PN5M2v?w5Ll~mm+lT{AkaY#Lt}{?ah*4ms8cjA8ogROfgH>(;w}6
zis-uhqg}Egr>brNezdDHF?sr<T~`sEr$6cxGkJQ^5S^z!(Rpf!$<v>-E0cql4beIH
zi~YRvUFYCcyPYCB2d~<Fn3&pq)gI7@<E3lmZ}wzK;sy1~R93Iqa{}aP<kvNOX@Jn^
z>$<%*Kng(ThW(i$)SHve@AgGSXbeD>Z`m$JZ^(B+y*ZP-icpVV40dkWl@+0J9ohNQ
zel|eJufObO0a6C!Z@WW)M1$P5M=C-iG_v!+PEtgV^d8#V6rqtG*?DLmQ-nr(6dub-
zm1L~=6YVs$;f~`rp;(L+hpSk!zi^y6lHm5oFWmBnoGnbu%5BK`Sdt_`XIFY+?JMM*
zQlwF5zH=0IQWZ&GiFG2JqD{%K1mP)?&RHZ$l1Ngn9&;`#vO$sbPMH_jRX(g{)IcmU
zI3p#&+D<dJoXOd#bQ&p=*?Dv~FpD!EeH->BObeOC;ojVDA$_9jU>0YUbmiB<EDrb7
zehZn!d9?NOiLNO=(KRKDvsGEv{m$dsj;Sfx4AC_uhatKh%jw8rhw$gQxlO!uYvU8$
z+T?a3Xt09R&@s*JJRyl6)7&bi{>UM>_T97zKG8AtiH@lurcHQC+c7bH+7KPnNT;9*
zkB(`S)0l}x<YR=spwm|A=oX+*n$#%lydrh{R=u$E2D>sPp@=g<5uH9ooH>f<^eN&j
zS459ViZ~k;(Qz;0>{3L>y@>NE6EkWm>YP(Vx5h=CD~jlGT~X(@B04pSJ0WbY(U?S+
zmS>zCis-(wlv6+vonob&@`~v6DQognlX8Y=SLK~L(iNu|wGz=zqX40iUbNF*S=PQ+
za)v9SLs-dK$;8U>36B%1I>`Y$WVxF2MSx_H<Wzvr9#C~vm;F7Un$AV3lO!(1@`_na
zCqqk0AM6VCz-a`u61AKXij+K#9ZrziPBTS1Vb<RYq^{E`Kstleb0#X%7Iyl8G<0?=
zQXO^%f;4s>!)TlQdUY9YL4q`Oo{)r7YywC#r<f#uZEE2(R79sw3um|@It^PnD<84b
z%K6|CJ8hg(is<}m<NTqB&eQhJqkC-~oJaTCIyjH+wRLndx1xA)EOJBY>=cqDIo*hR
zd>^E%Q&N$~i}4<PSEnKqbHAXg(@GJ2^RBD2M3OkEgT-&r%~>Z2`;~wc>+XCQAoD<8
zcFr-07>OO0l5o|_xu{5V0bAZ8>E)y<Vt3^|&0fweNiJD*9%%*a^m5=7zho~h8U36s
z)<~Vd*pBSuHi7hZvbC0}5z%5hUQz++<K$r??{<;pKF)AS;=~1<G21Okhc<p19t7#@
z%wZCd_cZ<=2c(~~h>2)Z9-D`f3~wu4iOC4hDUes3+U<zMi8oS&Z0q_vZ!6Lky*bsC
zSDgcj3{m8@G&SXQ=R2vBguAnrTswW;xf&qJsLL_VABxc09_?fea;)~`dy*hRdpCof
zECF&JAspsZ2#}vaMmX&hxr!M**%{^Z3=mqC9qq&f$W6E!<IIs{oJjqX#~X3Z2}%6+
zC(g;%fx>giqVU{-t2k#vM^2yRk7Lyc$uZtZk>rv^zLQS8<6#UzX?SZM&xI#Dk&;}p
zp2aBM+lf6yC$<ag)Ww`SBghPAMOWWdE|59SUP(AS`9S76*O`b+Me!fUAoHE(-N;qE
z_yjlaN`owNBC(UIYZJLz?lfm&T&;9AE23SkPLqS{oY<GhPLk+`@$Yp=>zt_pLOHnJ
zS*VE4!A;JZ0HGY*?0g*{l!Na(KLrTo;5O&BB02{@a7w()z7wGw{LtwXAe4i<oPLt{
zt1Ek);ga}yy2mMm_Ee_^wfuXWPLlX}y2n{ANrG5_JRO6TrTxxsrK9uofYYZZ+3|BQ
z*(ueF$%(Q&?@n<lC_<@0d6DAqn#?6@ztTD4OjJ5#nRJe%88Lq4Wa&+o{dj$4S`u9j
zeWF8n(&*?iMlbZ!FWJ)}JZFdwp-*%Ozc)HMgx@<QWO%q%QvJH*#0CiE>Ces_MaUKD
zTyZW32<iOd+zSxO(^RKPABt&`AXk*9zotozYfcBL<EO?or<WvtJ-z0v2oO4Ne9d`}
zNd)y5bYJGWvs)7Xw9oZ4W&XNzLFy!l8#nN8m&l##PSL&`!aa^9>VVvEnk!=8<lUT`
zPA5tH5Z-iRlui`Z=^Mh;O=q7X-816MB*-l%S3kBq0;2-jv-{JD43JLH`O7I9Aap+J
zwo^tCy5rLmI)AHJ_~Y<9Y2tOqSteawvhw_Zb^|GX$9YE*Kg|E;O3hQO{=@l((H%Vp
zvGnbaJI?!TIo*eNg=+>PbjR77#`5QqaDLH=%{$Izc4fkI*ZCu$L-q8o6Y&bAkMHWP
z(?^nI>q+!Yh0+Ug&l#>rbJSO|eBVh?q{9}TX+CgHC_*O|UWLgA&X0;DVI0*Kemr#k
zVv?>>FP^_!uG^n{Pc|X6+#F2O?ZC^QG)%VK!iwA}!z-?qTV9bt$Wzv-tw^VnymD)~
zO_^BPOX4jg#KLkrDe{_%h3&3au0H6^sp_~0428$jarcRiyK8iG+&x2d+zrX7V-eCi
z8FegtqGMr*r^D<M9p<q6fef=>D<j-fDqa-k-pJGl_jg5f2p@CPQ<fl|bqF7G^C+To
zC%rq4iOHReZh|D=Tlc@`@|@9~uUt_HuYgp|=q^`8hdHCGR?*Yxm}W9W$J8e}zcRVI
zl<zt(GPws8nNpX}>1A?{X&sz%pp$!<+<LFcc%|z!053d9(o&J0Ae0)J-I0>;Zbg68
z<;UGwN=MhGtnM;Ja^v2_An0UuKUd`NI4&Dm-Q!G5J<aMq{W_<ruBTbuB23azdr0*(
zt6NKwxQL_~+Rmdp*I8X&Vc;4^VfKm6!ECzxcsd7tqH{32*2$>rS59}d^xe<FoLa}z
zIhfP<u5-}nn6jG7Rl6SPbPndyb~5T5^oh<vpXeO)$p<P2bGh*<#dHql(&0&`bMQ&!
z*CFr5Gn~s$xih3It_7cBERn}u!ghpCpS<pRMRfW+?e1a{q0=YQO;I{JH6q;;N=KL8
zNcRUtbW9`NYl`TYM!NSD(J_s5)5XZL5usxm>E@8+kkGM+bRR7VQ9ACj?H!MJ`$U(7
z{5s`LN$`n|X#uTcN<tw`WWH11<P$n`LVgu8zL&-R>Fo^Iqt~uXNhq48Bos9|I(>>7
zJGw;qq)k0OS5VBj(rH-SEyyV*>+)gLg5uhaED02zXOt^038YifEh$}bNf?2eTgt7@
zc1%eq?KW0Kr%xHTJrh$B%DKIij_$k5xq}qZ=~K>)Q?7K`DDO^JM900nyHF7wuk!91
zNjTpr%;nSMdj%a+)93m`_d6AhjxGt&It@)p@QIFTC9PvhLKRI+Nif9pRzA@&t&%3+
zeH|TlpXj((F=5sv!6&*$tLko->BBil=lQF-A9EU-9IWnst%#0S4fh8oCI@S|*OZRV
z!CLM;rK5Y{T5dY@3g`zTbi8W0ITX>csO1(=M8~3*TSgKNVJym6Ew>hvh}UoNtfaQv
zQjvq1d2CbLrS=OWtB7?`nhcjDP8`7tR})~TwmVf4f3#f3y~M8MO2u^O)N!qW(vBpw
zE?U>k93Zq__pBQ!39q3g!c{$YBI`ux*GTHSOBGpiidTE;yStcRk$_iM>bpmj&d0c0
zL2EMg-QN@`bP1zH%sA@1nFn#aI=;u_vHETqCgR<ExPt)S>$|xIOC9sNMMJlcBx56v
zsCPUXy5%HEPN#3yH*{+-v9?ace;30}L$|debOW8<6=~$YB#D1(wUOITl6dho!kh(R
zZsZPEWH>@d=YJZz@rvjhbI-f;0)+0zz2JT+NwP&cbce2m`+b1Wjk#8C#1M`btu<{y
z2-~{Z0%R9Rdv}T?ctr#{pMZ377X-*xAYI&d*_GLI>F%Zk$OY(hcdrKs<@-ynGt@5$
zl<zOQxg<#tA8xY5&v4bl9nLxtpV#J6*VCQJL=0@e>uf#Un~Drwfi(xX>gnbk#(DbH
zXiNMlNl_*;Pwz=mYxqC&w3pk2iHwEw0oLN&b^($Rq>tMpKyrh;;?9>OPP~NhP=3Ac
zZd0Ts&asjoF>Z<?-rIPk5UvKejYhEVl&WPU=@cNfKnA-#-e8?6Pg>#ykYVmVCNhNW
zLEdnW1qj`8eba4+ePybr->$@n5oDy>O_6gGuns55tBMTuFg}#z4MlbvGJ%O$<Je+^
z)Jarid3GkF+?9&VP&%XCt%^|Hp<4-K+>yuwghzaY5*G_QvF<oU^xf@PH-U+aSG?3&
z79a^A<J^g3*v?M)wE|?ao1n;Agonr!cYz|SZsA=u_&U|47h}oyyJ*Kqn&z%o<TJEm
zM5epj6iI%T>(>nTBSq+y2)a=?(@jx?@@p;pN^m#FNy{?KJ3;2S?pu;X%s$GqwnR6F
zB9%~=_d+MpEuctgSG~yLKBGuI=zJ`7>MBBa#HiIubXzH+Z+j)Wy%gDi5PmLQ4N^q6
zY>Dn1McSg?)9w32ceNtA%}jI;FfnarqI+BsojZx{_sUh*cW}mD`jsk)zYdU?W(<(%
zKDw%(=svotpXffis-NU$8Aoa8Tb}10k0+8O(&K*RDfm9m&4u=qh?mzA7eMB_DU!^V
zuVm1<<ppl4A{|@dY&_bQg>H^X<O=7^FJdhUt`@lk6rs01eg#?V)>MSv10k}+ZLbKm
z*nfg7RWaq>6T=^|%pELsm{1F_%pDgX58-OLJBLYxcbWI!SGtQ7p|@G+rtM01l_F<A
z=x*0acY`9j^;_j`Q{*JtLyFHT_ai2<98!4RHY1`OdH9Z@Pc~z%+WRo5LpM9JfvioF
zgKOPm(sHtu6Q>ArOPz~T$j>-IqyWgfX;NdOJ8v54BwN%1l!wm7G&-BzKGR7jN#sRd
z)Pl}tcY-9Gh7Cd9bJt3eoUVUM9+SN9zNg4&5OV*%`zaHvVoi?eR`;YL&w<eBYpZ)*
zl0za}PFu8u<!x@688U=?s|DhAw}~S94V>-nR!RJFxZO=<BA&;4akS31-CdJFb~wy*
z&u)jiKR~EQ+vy$)koNHX1NYu6>3h0`nfSi&E;nK}hez)~?Q%ycqTis{?M`K4UU1s&
z-U^T!SQp*x&P-&>5ojT4bg{=>CP|!pbEZ3d-{YQBWNr#}dq6&Nb0tYvCYSfRJ?0WQ
zB*_5i>`Rk_2i-jLNyo1R2i<}JLbc$aTQWdsZ}gB`DL}@+a<bcwNyMyXSYZJ9%<U$L
zKZg7)P09Ssl<+G!sX`+npTuL|vpItHxzW+Jz$a7-65-e9?ltzy+*Ur~-d04H-Xm$^
ze$?H(^q+A*>h28?iu+ObXn;`MkGYovWC?u#%5A=k>?B82z{zoH=TEw$C5bnwang-f
zr21$c|D1HED>C*M)IZoc>C!9$c@gpDdDIk1mMB8^bLmaFlkRFJvX$5_b-rU_YQY)z
zwj_SapK*sTC(E<N_pp2ruFkkqS1|eHAzo4i`NmCEq#s(XQy|~EnKAMpS8cFgbOGeN
zTS<{$kvl(weCIY%WZh?IX+bWy6BYRzz22W7-@9uR**O!h=Yjm-mRLoW6GY*yXvcQp
zMvvQElG$Q;V_ReZ`N=)4$aw4yWCywA=E10oT>YLKYo{Pr+^Lex7MZZ-R|e#&+Z=rx
zg*o*}v`8S=-4bh<<iUE~3m~`Ln6*rvoN9}XAh+EL?=m^~64up0?zk5f>4`cx5ahnQ
zW}R|{GvuQ|9=bi&GZ~F>%XAROi`l>=3S<dL*gL$DNP;Nd+Y;+R9`i0rGFy=4Eg<Q=
zHJjMguecBU5lBX_)n+E`u|t~zlG!`0$P|!MAWwMhFpHp=-a-p`2_&a?K@ob->ITS@
z-lOM{p7L;wj>2Q!n0m@vB}uY11Yy1hS5J9#^PF0KBI$Pv@w9hak~l#mCrD%(%lW;j
z$je|$lHWTlNrK386}=2x<@fS!lR6^281GbJR9Vm~rO024m=yAAOA;q_O2SoPZ;m3Q
zL!_v8PLc7jQwgNFH+VZ)juW{+o&_o4U01~EfqU5?rMw<HSZCkMmS_f2#@njM=H+as
zoL6}#>%@VyhfW1=rXtQw%ws^Jy+ev*QKYih=>vAv2|K;7L8q!WRgq&^Y%vU^x_3{J
zoHs2I2U62p^dY-ikMPU@sq0-=WWFNxyvn;+CkEk}3!Ue@iHdYnq@j0Ak-u=;co}pW
zd$o77t6Uhtt^sM{ZB^uxSlnv^dBJPGhjlKk!TvKyb8n|2ClqPvW%!77K1X;qLZ_8?
zeJ_)d^DrU+Y3m)|&!qTTPQwmfj{`);iQBM4>D<Y?AW59aio76KUA%gS*j0PjA>X@u
zQx(|=LizQwCqDN5B0D|3=8BLG+3D?VO=g{b%1%Eo;u9ue75DyLJxLNo$^wi~B5-fQ
zJ1t4PIF5FV<^`{Nb5h6^UJ^@T65}=hlu0d=UMi~tyuE1SsEl35?%NLdKF~WZNxWze
z9r`xNqkmu_J0(Cqg3e$s*I^<FVhL{I&<)TbUK2%LMP3jY=8aaQ<1(BvgR2qVGDS+G
zc9PDU-Z4pF`7)0@M|r0u@!!}S<@GtjA$&E_5=UTXl($n7|7Fh6-kL91=SQ^a$DuRE
zd+I2Yt54vb6iA%cN|D{mg(!<L$yhH{k+!gW5jx|%ZpX-#-^+~m9-SAA_u73$Iy}0d
zQCz%tT9V{+<JF4+6TAzGELJZDOz^HKGWi&f0VaAk6nO`P#t9R>JBobuHS0|B?5|~b
z(p?21ok?DLMdFmsWbX+@mMERcULHlde8qOAcm)+11wwYFcqJ8Shn|r}_*1=#igX8|
z5&l%KCKIb|c^<(|^O`8q8-(IM%{!+^DGc-I{g&z8ZABV@Tt%u*_i`PVv9NOf%`a-s
z@M<ek9E9x5@YXAGpfKj|J29*E@|<8-8$oEqnBa|5WIXciCM+j-3l-6?m(TJxOM+J%
z)rfkQci|+bVeTWG8neC2ij)PR)R^tvP-H3kN_Zvacz-MM9tgRg<GH6eJRe&e!bESX
zBHuiY^HG>dC3#B}DVLSWTyL`?Q{jqYG0)qh$Sy-ZW0J0+3gJBOE2Yy{g>attjUqR3
z_y2FieZKdXB4L%z^S$h+IfUoSaegiE3Mz6FgwlC|w^fnPUDjFX9a7{X2<a^JDxYCH
zu}Wu=*HDoKN@tO`TajDH9eSx|v3FRJh$3ufvDfLWw3F`RHk_(UydH}58N=@yE%62@
zQoIYVa4zviC{hK4a%YM6mLe$y*srDD3`J&PJXR7qOTD>@jDh9m@OG*9j@G%&rEaOW
zRgrf<D5guj1BxVevE_JmnfI9@%RuPOu4UeFNz`m&59Z5W*>5;~?w!Mk2|8=M28wv!
zGFj`jW@270eb?)ubZ8z|H9f}1UeR-GN0;7pUKvH`Ryd8H*LjB};T=`dUgv!iAT+05
z?_FdfvPI%wDG|c;-UB8P^*|^!Hh5XTCD&td_Q@8J(AnTcEAk3-ih*qOT1gTg5dl&L
zWRurj5`Sd1$r~)mZ1Ek&qR~?4@&&RyTbz7Th}s}qykkEwSu+slMM1WCr+;KpVlwVB
zg6#0xU1nk-CCJVmugMiA>7dgGWS>{`7bZF9pceu;;5A8QG9wB1@IX?$6h(@mubc()
znb+`F(n%0KFgjffa@cEkjmR7^7bCq7K~8uvH`vbH;drY6<Qs3zA52EJ#k>IIg4gX&
zCeMT10J-Q@_=`ztgva_wh|69RMHV8a89`FL^(b4E8ut;eNRXRe%->AJQ%wHwD%@eR
z2eF_OyY1z<%Ot~m*179VROB=WrQrkbo+5Y9<CA3(Dszur9bd%639V9O(o%L63SCqr
zYMBtl;3^{2<378(szR8-kl%8%oy>;xD8M9ZC|<dmftXf;o$R4SimXB!Qh0KPIz3>^
z1&}`UQe5uPX+_>cOq+l_9m-&%>qYuh9gQ_?kV2t`m@^Rh2{||bq-dzCB6x6D&TdME
z1}idWCVFz{lnp&P3#bq}CUyL>S|QW}trc1RuoZeCxT+8;ffZyTR1y}0R1U2VGkFbT
z+KnJJLa`A{CR9V60I3x^uE_allor&=I-&kJn@D!96lC&jXuT#+qjbYn{m^Aa@;`y~
z29O4!ed);+m&`9f8l{Ovi%`*wq{FSvW$3gB^#~ApN$<tb?f|(5(k4_G>osr{F{3a3
zF%G?X`%o!G7QDo--?tA%E7Iv6&*<BSYAVuqJkP}2hn|xpP8>xqL;E1@LnD>WPLO>d
z9YRwj@yAFVLiMqJt;0;O^mGWd50KDaysGpMk_Du5s4we8(5Vkv2k06aEQvp^>l#|3
zh+b>zrc%s5!QL&jUg{)?mY5UghUIP{+83l1JR;A4^bDO2kg6d4LbZ|K$O|)Pd_DB&
zE5xsdDqswOQK4DA91yB53Fi)_&wx;~0HG1}z)-sYp>?)Fq5c8V2)+*vT@R2BAR|Kk
zbCF+hf^K0G86CPJNxaZ+?~e`LRfJxnrB;1xDBY9f3L|`wSK(@GC})5S1{oJB5g>1Z
zj1R4nBu>8V{1!-j=$It4g?`(4VyHxJnLg%i=SiXalK81HIpkq~QRh3Q#^g|@0HM^F
z63Q7Mlp0e*kpV)fF)dUkK&FDs3RTF%@j8Oud><?)h3Y6$cmS8oq)@W}SpZjaL+vCP
zFY}8|s>}=J%FA}f6v8Xt(3u}96Cm$`EC@ZTNX=($d6ICUb`?SAWXRP*?Mf1IwJ6k@
zT}2dwD|%URaj3T>2_pX_tPn$IacHn4+;@KnvLy61yD}wedFWDrd<>oCq1%!ivYJ=J
zDi+AfP^Wwpi$hjNkkcS<hhim(7o|SInRbx1p+yBbrX^?C;wO-Gp*@OpPPFmfIYtGc
zR7J8TG1(BxP>5W`iB^B1?}Dq1q2rRoM^r~UP4U_oy2M0uyovuih4#i!1jc++>gYcX
zZo<{3&|pQPq4PJ$=1>eqfuu7p7XLm8@?I!UF(xqxPk0~3386WP<VAQggKP~|F3vjR
zppymecZ5nj!(?hkyf^`!ouQG6?5e<{$`3>1n3(ekABN^Aos%UjQ2?$$Dv+Joq9ev@
zr9t+Dj!BXr>TX3F4{|V6rlR!A<W5TH1txM&p(%7yLcJCFeHdQLlw^P+hlexyH1wt-
z$#pEz2|AyJ#!HeUcDCSGj6M&o3Xqqfb2v?3@I{)o?u*d+XbNGHh(XKNAFjR#6~j9P
znhXIs8mbT=u^?ZDrb)uB7VUc;4=oRnsn9v`50VISD)b)fMCdmy&xCeM;<wLdLYEZL
z?eke0km8r@jsF3wskL#>H*_oD7o8408*-}o>AYkgMqi<#k|c;PpToQQAm4@dRVN)L
zn?WvwT&xKaSuxobdq6IR3Szf|PO#IyC*2~s6ngXy)TPj)cc6X_@vTF@<-Zb|DD80i
z(2bQVp;-a)3H<scw2Fy1QJ>EiriNnbkneG#Y&`xY2Rf;tWr|Eu<k!$<Md*J$&O+z6
z&}~KNKLvgOxfZI8HC(dOHwORY1#&$!PLY@L;$;Sq8=*OhY{p3DF38Q$IYnk8HR#^W
z@1aFVJ4zp_4eoxd35Sj`F@4-0p@I!q=iYs+(L(2s&^bwFi*O%X<N~=J%GQW=HkY<V
zA&~oNN~Q?klscSZbT>zY?=g}0ZsZx@a6PPgQwu;haVVGVa2qDFe$hA~6z&-y<=|I1
z9M2?T-3ZK*K+=V0C{p?dd{2kf=I}g4cJ$(X#`NJ;lK3SdL%8|#G8QK88N!d2jSS&O
z%SOgDI+@exWC`=g(;tCk4exx!udLzRP005oak;%M>L3<b!$kw6F~}3)BZ{1k#=l~L
zWDB1Qkd7cZ!abU@ou?l1KP==5kCenOy-%hI&y(S77(<ZnYp`xd|DNz<xC@hr4H$R4
z49mI0{glpjtQz)}WO#rK1bHgluJb>A&l8T3BtdK*jenU&Z=N^2Op(4=vm60ePp1h_
zzOdVs?D%2M7hd!7KSP)=e3OX@VPyD$()sLlyyFVXk>LzI*cB1lC65YsLJ6Rl>h#GU
z9;8US*K9Ebt_p;wDsr<M{tX<YP<T^-ECeZ>Cd@^{2b9iW)ZDkBQ#5=uKsJID3!hV@
z8+5jV6c7KVNT&06*%joO@Vx-}1f)cGWN!|0RJ<*Yfs_nS4UjV+rNX}}k_UEv04W`I
zQ9miBM6QCA2~Sd_E$rL^DI1;}AooGag?A{j60SlAa2_&zU6J+!umb~9A$&hTa)DF~
zKh~H1BAqCZ=x{DYzAlRYGzF;?9v&d&K`Mu9_hVP2QyrvAIN}u|3F6Q>%!fd#hFdB!
zeLGGKfm9DadJ>~X_|X;D8sSGzV$@8NU$w)rY}wTJ+F>!6ecy}ucU$;XJ6u7L+=KC&
zA4uKsU_}}zQZKw!k%d@SAf4yJ#fOj`ysm>DpH|u%hU+NumLiS9?IcMOKfzT`xN02k
z6CkgFJRi<5l<XvlY*^J80@5U$CqPDnG!3UpGFud=fOEniFNE&}2-Ub|;a<bYPJ+k+
z9U{%c6C~l*m^$DV;TZu!<ER$lc>zLuzAe+ZYL&)St2C}!hacTrZySDeZ@q2!(Y^I{
zY4WQ>cooOO<X4CAo;N67Ng_X1JEkJ;9m0nLBoU-zc<LzD(e=Gkc%>qvF|Jz#ozCGy
zico!j2c%p0=K$FR(mhQqUQQE>m(#?eN19ml3g45K{g$m)c=%fs!UXZoKrTPM!aEgN
ztIA=Y@Gp`iiSrM5@1|ea8cVM5dc!G8e1H(X5`H2;4uQNHjtr0^Ag_nZ1jt#CLE!_6
zP~ZI%$guG70J#P7M)<-wTl&@M8T6h9v7ZvY9v~S(#)MaoC!GYbwgLWm4J0nSRgp~_
z&?bP44Ifjae;F=^<I|*1eE1gYm|Ttzm%z#<S>A#b!Q!wJAKom9-&;)ypJ!tFf~nzD
zrBfycX7d=qP7Rls&9OM2naQ+pe?>avWimayUXfgV`6Z1R;Z#MoB6rBn%y9lWY^Qn&
zTU0@K62fHzq&~=;a0f-YAyu1!%nkPokj@|r!fymfe~=~NIRP>ZWLbD)fQ$uM8QvWr
zGeA~{XDs0G)J})<y&&&~7X`>lkagjU0rD=$`ta`y+0|f_DEcR+4dD!nh$M(sb8WE+
zIvdmE&gSqysgoosPPWAd(AgXw7a;pV-V4tQkk3H2gs(1Tzuul<i?2c65C0t?=RvlG
z!^?b~%OE?#*(FI3<mz{j55fhM&SsDYAiKg910>TStN^D8^T*)^N=JwJ<8b=`p)e<h
z`v*uK*!d)!>upYrA+O_<1xQMG`2R)LxxiU9eR2FuP0hJ;?>YCpPZACFucY_mZ=^DR
zB~fbhF42=hD2kz?s8JcrXiAuBFfnB!ib4ouRH8vtdKgNQi9vd&|Jr-6b@uI^`F#3(
z`g}iYt$p@hd;iuxk9!W1TY$6xvMFsnlJDS21NKhKEomDCQQzE|qFezsThc1g=Dus;
zx09UIds+1K>hxNCU3{6=0SSA4>{_s?Ov_3j*+9NZTZ*LrCV0C!kZ;n;IFTB@E$zbu
z!mh4tOWT=1ZU(P!(|+ZoBBcq$xdq5~X-ARV2!wfUPfLA;9brWZBkX->JJKvcl$;##
z+|JIlj0D2oinB9qRsvz~!1+FHBa)ubQx<u5+INDaFv8xewkPcX+I(~pGz^ZXD(y7d
z92+Rws!D57Dvl=`#xNKDTa}i@iB!?5(5?V%;7%B*1wVIS6|E|?EBG;_>ia^fzAvQe
z`$Kc=Kw3`H@f=8-wpL`BcGL&bDg+5M>X)>y(dM~kwUoP|@4uu~B@p(lhl6Qj*ReS8
z24=8f<kz&7oGesYeGT`-fgDO(pFrjS`7KTVK(tP)yE=5thtryI8##uD(*}Piyt3ea
z>{AfuaN5`evIxlUX=67C8>**&q)p{S&cm9tM-vDe`I@x61j6<be}+c>@6gEq9UA!~
zp|*~O+BzC)>sZL^M9Awz$m?Xt>vYKLbja&Ws9$G8{W=@!m!d9A7@wsu&b8Dvf+(}$
zTGIv?!`f<%Ai-}&YO9ftST1ta-r(^v{Hv{=k7Q4`TKpH^wbeFA?yd!Ir{p#{NcuN`
zvwl$i+Ujgh<gYert52ZK$8grq?v~b8OOUkQPUJm7lu|gt)jaY>B=j}3+UgEYW-1#e
zi+kC%)%=h7F)JBYLIvSo+mO(c`L)%IPlOF!qfS-xkkC`yb<`qG<dvm5>J}t)WvQ;Z
zQ+RO&_z>EvtNxup*!6@o)hZWljW{nwsQ?>QZJ9tSfuyTF6UZJQntDqDISj;9A4YOJ
zj4Bg5Po2XFyhQ{ervdTRkrmi4xccM)sjuFZK$-x#P|Z&u%&U>QT#(?ad`;9<g7AJ_
z4mM5H$^?=Hq^X+r8E;Fy0rS;dy-*NkXm4?ayt&#2$>)8DT!mirWPWpX0NSv7<Ls-T
z&DH5him$GvTnBAks?Om==HgQIV<eP|7V0)m;9Ci^;QRx;TBzzqc7z4W&^hpI6p&V`
zxK1MP7qnHAue`NYlh6Lzs>wRvR!u(pYp3S(wuDCA4sCT%mnIMZN=J2N0%7+Z{;RI%
zME-8;GPT7fk-_KTp27z3%2X!^60FKhbsm!cDJlH744G;PdYyz-FbNvVRR2Vq1{aDo
zn5n9pS!B5eGgX6=T$NT_rutt&6k1=I>HtpU`pQ&~pbf3BOf~Csam=*7GSxys)MwyH
zId)g*a<v3)XvJNwHrpb+XvK9>J0iIrt~%yGFFL8$C6I@KT%nFc(jWTHzAMy4ElMEl
z8MChHG9(W`-`PsJQeDN#OhtoHoeLyO-SVYqon5DW9!Pg}M*?|)ll=+gH6Yi7R!T25
zb1RR-R|=FJrI*?(fqVd7z0_d|1c1_89iKqhOt@an;Y7}aKI%qc6a12^uUaLDGNFgK
z-rH9lQhDwe_EpDoB3DXZbrBL;DcNc%da=HL3I~*p>q1u8erk)aSY)|U`i0g`KeYq5
zk@dZw`pvh@OMWA@pPKTWAXLr!t4)!xucm$htq)Lp3Zll(im#>)3?0uvbttzHNBA9h
z4OGVqqC5?&dk>I7>Vtx)?QqTyQXk_)&iO&=QweeQajzxlMZc6BtgaPA84kM3s@`CA
z6WUPK8?5d|n<A`wgVn~{c`j6{dV|%roXFM(tCtHKK3fh!>x0#v353n(A?ol1!Yas6
zwOkPXtAsznYnZx)6Pe{<>S-jD<r~$=4t_kmtz+PIqgpS4{0n5bdYK^VZK>kdRX3~G
zB6(zqcxLHlbtsZMfxzJ?H>-0J;?%8R<QYMNT#Qi5kg%u0p8^FKq5h6>erqV&8lfsX
z#fW9VJY>)NjZm8)X^A_B5o&u*<QR@nuMjrDiW{MJ=S0rK5o)I@7P&y#4fnRp3>LW?
zC-apH;cQ!jV;-qyb0Sup17wu?3nyZZ8Q?!wJ(57!?~-m&NA8oO3PY%jQzs@6cE&MY
z9ll?*-uw`}nE)c+q1OIcdi@8;U8<8nS^$}-&PpI1flOB09FSgJfZV5!{)H1|)?ebA
zQxB*)oD?YE9fK<#aEADRx&v+4`#^et*Hkt0AoH53Tnoq37sxbq11Io3=sm(_y86Sf
zBJ!K#;Jxu+^N?C2h?)U}<^5rGz#(R{Q27wfo7kv6tQK=ppseo?*E7LuhI)#VT=g{|
z%<ECL&2P+WzS8|6k&8#w>72||o*63U*erEEC%FoHE|<NFV3zs<Ck330fXK7eN+e}U
zErpS}YJ+NV%*^XHAWx_hIhm>a_zR3EkSEn4zY7~iSikbs8YH_mz}*2L1?rAJn2lUb
zPpd`^BQupu7_mpeX1+R-lU!v9+}&nz3e^%$<Ws>5)YIto<j3N-(hJn=KY8n_-$IPW
z0(Fic%ENWxjjRx7fm+DPqntbiWT9Hc$xLMe*en3DNFDtbkE2{R0q$D?d0w5!$)lVw
zo5gDJ-=eK|n~QVUV)Y+E_!H6Wn2XiaBO(raBASsGR0qk~y`o<)s@X`Y>I<8f)b*Uq
zRAx04HYMuVe^{IXCGLy2yDw7<k-XI$G!r7ftZqYMeGk`%fV`r%IV!x0?yIG|2V{lX
znG<+Ed|EB#BOtG;)o9ZnY`y@pQXP9-cwG%-H;`58aU_eMt)=`9WR03}O4ztlYVq#@
zty6zOvU`E}PR+aOX(U}uu~OEnm8XT*!2-D2193i3d!J!src$S|$k#_|9w!CL$1r~)
zko%9+2LB4L<<PnXq+H#7R*(W989+9x)hV_4_)JTKD>*>6s?BOKlB=+`*vNmQ9znv6
zhyAjCn>wbpu<4sYWEPUAU?vEgpOL%;t5T37NdAT~>;P?TQy)!baTY4`!Rrbj->UhX
z%vAn?InS=8Y*)8%Qosq*jU8%-x}tSv!;bKK)ktGxrt(#0E#+#6vrC<Z<Vkokk+rp3
zEl2VOl0B-bGOq&V*=&)Ez3K)efBgizA@HhFYdFc}HZ0Ch>Wql+x?~^R2LQ59%}5ud
zE|6hB4yeO9$yI)X$js}Y+BwQ>a@8JieT=EiuWENr3Y083cNhgWzp5p|h7;DW!)lwD
zh<wi&F%y1Q`*8x#HO&;e?i%$*B;Ughb^}DNQO9xu&!K_M1c+Rt?$%fw`PA8;>OoF&
z`4hHRr^8hUwbT%8xmUyY5W(v&bqA7x9pQ;zApfXsO<^+@$Rj|Gs$)4>sN9a^m^z!2
zT*d1r)cCl%h?AL0A<TJ})8p!Cv}po1Oj}N<V=WdrS7E<yV0}NS&awsh81B9?a!Ot2
z2+|O|*r=XXW3C`|k(^OSBKh|QVe_wA%*jlp63JQhASVlzFJRWqg*Zy2r^n*JolsD%
z1wd*?{(=`8GxAq^_yszUx)HUWAj80GIgqr-Iwa5fDaslk>5<mwF`ELV0Co-^0EtBg
zAo(5R=#h2j3!8_*s{(A|k&Fg{?8D=6A~P-&<XTXz?O@|a-a}FY=cjvs)QfCGQZPM5
z`4vcmNP~vLi>dlQKpIARBdG&%P6N3pl6+oyail`n1a}!Oj?{26U%93;JgEz{`Qk{U
z3>JC5(gNZz(kL<($uFRyb%8XFR3RBX2%e4r@}EfFMZ&AwDY#<~q*<u-OCt3yW;P3z
z%sb!-3b45((!G%&Lmq@HZ*V=OMPwZkwokYi{<Vx$Az^EWk+zXKjhR=0(sN)fr4^8l
zk;X`_Uzws@4&?Gk8In(+F82V^HFP{zMz#o>U^K3b?BHaf!dmYI|E`S0;PuYznAdiz
zr3?bnEixp5i~w>?qznmsYEQWhNbg8>0%2Z#BbiM^oE)%Wk^4s`Cy+@%21nK-Y0@2j
zD+J``NUW*wVq^}G(UGx8IzXJKfsBikCJ^Rzd*nEhR$%iSkh>x+nu$1!yaZ%YWIU29
zATm3``yz`H2<z8_kxC?2f*0%8!;#Yogn2y@x#SWNnLUU98j##bW&&9YWNu_IlAakU
z%7;K6kBmU_G0dn>f#gNTBbmJce$fl$iO8Y^@->jBBHNIB2)Wn=<mpIibJ02@`+zKn
zbU<=w6@1SH$g`2*NV<IjU$X*I6j_5L4odPbkR_37BpuEdUd53Hmx{=2ebs^c0WU>*
zClEHO%OZ1-d<w0{z@{{^E`c~eUX2_?QV2Eo0wAwPoE9STGs^{eBhnd3r`uAL#$dBL
zl9NDM16do{h~yNk>@Gk)h&U}poZVG0SAl#Q>6t(V0@)Oqfg}zYWMpfk9LeW!%%gyO
z8|mCi#Hj+!yaUMhkqHUpULboS#R+5@kRKzJ2_zTD&k?n?h{K+<V_v^SvJ%MCK>mo#
zNFYT(jzrcckXL}5h@3{UANs|PM@i3UBO?EeM_4;OJAtsa>ZZ?1AnXX!)7K;rc7%F*
zHIh!3!tM-+lis+kh<q6ybN%$;34|T<h3Q2|T7cIEAdS*@C)luFG)u47PR3!qXqi3)
z3G><vq(k~5By4BJR>~FW_1X(BMz(`Z*Yr{(O!a>P(k=a90{IO{kMztA!mIy#P?Lf5
zN}rHGQZ|Fyq?aLi9kLt;GAR9c0;vaNSbFb{BF-J4y%z%+k)D@8nAhm^9Y{U}8`jpX
z>CS(J7bC2#+tY_5IUkgyIgm-|WeKD`kSXb@mkF<@z^e<82h)2d5au;KeG!s}z=o~&
zndw^+$kkvoD_zYLaoR##><H(kXC@HVuP4$cA}NA6tY1&37bOtpwIIC`Nk7npY#`63
z8<&g7%V1Rw1@e4)a`jxC-Ue-0br=aYi_?pcFjZ%yIK4q95r--5?Lb~ipOZlD0kSMT
zc7?DRwh`Xt4rE383M5QL9|Q7QdO4D}Vg5V?WL5gtNSKN~1LV#0?~yPSWnYwjGyNwd
z4RYYQWljzuSpji`&0k0wX2LVu+$N*5I3A{%S3(tDm);#o8hE`1Ht(j7N5WL}Z6NE@
z*CUC6%?Ci<PdB=VIHao|q<2Tcbd^QkkUlwqRDjpV>7_`RLRJE)NZ*EJVsp4p3*@tO
zrK^a{G?UqEOmB?jbF|r%-V+H^QMS9-oIc}9;l;>q@cJVCV3r`4V!pmf-}XOAeg&KF
z(sy4a$eXYRj{@19p4Uwf9Y&RX^Lk%;<L-iN1)DgKgXtwmJ_b?`NOgMbYGLym+SH`y
zATi<Sn9Y&&El8M#Uj*cMy3#{<F->4I;dFY*HIiHkHvgtiyjBpV03CtUitbJzR|2UM
z9e<s$Ve6FHM570hu=Uj&h#no#OV}{NzMXAEcOYTw;$|RD)afm3F1Qp{KM*(C7YSP_
zcLDLD$t%T=jzt?<DSmW65?U$sqcg4-k!ht|5LNm}!d6Pd=qe<%QW{4m^%XX>Qkq2z
zkkGnl9(@)Gt%By!7m?7MZyv2gLUX=N^av7~;q9V5vqf7ppW8>LA))!)F<O>D*nGY$
zT7`t>^A*w94I&QB-p<iBNNBEhiI(;gHZ)hWqC*A<LUXl8bizPM*j&9fT0BS)nyY=I
zIfDhExjHD?W{4m(S8t52M?!OTM6~fxVMB9uOf(+}&DC+y{YYr8-Vv=gOnA{;y*oO5
zxFl?@PKs{3SrD45Q=$V#NW$i7PV_VqnyU{*7mXA)G*@Rv>y46x&DBSv>yXe~eJuJn
z5}KKFLNjx2G&Wkqp_w^1T7raTW?pp27-2&*^QmY}0%0?=AX+w7*wD;e7|p*$5Sp3K
zMc+n38eSCLjD+UulIYh+NW+&zzehr|cS&>~64LM`(ch5Jd|nc*cdKZf=5tB3GZND9
zm!l(*&<rn)u0cW?zC5aq6LDzHuZVU=LUX<>Iw66uIsaO;7zxe!H=|pSkcO|09!El}
zU`@2ac+nPV_*>B|B(yHxjvl{F*wDIoCt7`nAha$%j5fPd61FZrj?TGD5Ly=-qjT;S
zgx1B@=*WqJ(7M<btwuuYVn=kqBw<7AVs~@{5?TdS(IZG`73_~5nJl~*VXNRkv`vm6
zv<ePIHzp9a3Jyo}9}qUQ3jU6Ee^3xw1xKU169`)c$D@m;3L9Dlr=#1DkYb;S#-|Az
zS{MI@*2URq3$&qiaW=Xmfv{1n6<a@D#G#d<#_}GLgxN%6s~#4F){Yq)K0^|=cI;S(
znS#*TsTaHA5kY9}G>DBuLM!FM*xg8IU0fK;K|-tG!dM9sS_O?`8<EhQZxU<psA!93
zc+*%m5}M(c#AYNAHp4HCtwBOFymhP!3C-s=vD8^2GR@w$vE#EPVLOlxu?}+tq1oFh
zwrH*-Yz(`^8b2-w&E9UY-g$y#{0MhoAn(`34kBp)JDI6KddEti5H{>wkL^<W#)_X5
zgl71FSc|6wp&33TR)~aV`0$vLFKlRrkBoIdLNk19EVWSB&<wvd)?kq!G{bL?ZA>6+
zhTj=0dsf)c48J!v?KwechTj)!_Piu)hUdiKvnFs72)|LqJ;}7#6-a14Pmd+<Kpu(>
zM;n^Y55+PTi#Uw1ah@4#yhIS1&yU57rIIk4d9mTeg3x@<k7c|d37gMP$D9`hq51qw
ztm{jH(0qPAHW3Ncg2ge~tJ4f$8l$~B)q<t5dFVxReraqz5~>ADW6vX@Rj@R+5ecn=
zWwB}`R102-871NfX<aOjjYUGWU`1>l5?U#*#%hqzN?94pSSI2y!dA-bu>nYErL2z4
zKti=(O{@$Ft(~`Gl}M--yd67&gjUnqShG^m7S)1xV`VD@q1Ch@mRTkV%it%mnw5gk
zYT6XbdR-7&O_i}4B($2oj%{2eY-lxo8>@Ol5L!*&$0ocf2(6~Qv293bHT@LJS}km7
zH64geMnbFUP^`r|VMD8_I+ppqAheolVy6=bTTOq*ln;dst)>&PY9zFpPRCYl5H^gk
z)%0(y<Rd|7HPzCpkWjs-t)2g|u%Y#pswJ<lI$9UBq4``#y9o)+-ZbqNBs5pkw24S)
z9;Ru9NNCnYw1Y@!wxny$C*pW$ZbY?ABy`NN&=G3dWVE6AqiK!HMI0J=BjjaiFQN_g
z%hJ9?Lj7{I?~qWx9IXlo^~=#xKNW3JzdUUS66%+)%|b%`s;8AAp?;kgI>P$eezc)}
z)z=Cu&h6I)A+Ls-^_j4tel^stLqh$!Nb8S;`gM^u90~R7B5ei|>Q^Ie8xrbQV+}rj
z#1)(R^&hP<66#lz&=EG(Mxsq8_zl!7n5#{-^+-P41y_iHGz)oMqB)ybTk<K3OSDW*
z#Ba$LfY&8jA5JPFH^H@Bc6ahp?M5W0W{Nv>mui!d9DvrBg4d<mG$iW|!POUN<5F!d
zl22}iU%GLdLO~RI=jWx`P9*fiOAGA;C*pWs1+NyGwwWDsMT8=^)G`D~sk*tA@&?$n
z)Y=FVL~f~#L_(2UX%K|P(dd{Zp~#X@-zA~GOA_*`L&qa+sPC<`JNfa5ex<?h-&<+Z
z#1RJL+*+eAbWmHZwOL91YOSqF>Q@`>BTg17`&z@bCK!!2+LuUvhMDj_kha=UBpL9V
z8fMc@tNpo{b#owt%%;6&Aenk1MJWf;LEDJraUfp<`L8x`i|{HMCP*i3GLpM*sio`(
zo37eRNS1?54UjBtRRTE)q?^{}3lZm&0{G27yvytwtq4h<v9%N%$hF!!PUb89FBffH
zr<Hxlyyh!kz#Ua~Jbkpnt&%hVuYTHuN=6E}O)DUSwCt~h&HdP~;o5#AeWun@dV<Z(
z+N!Um%}^ktw9;=x9OiX9kg>R$<nwjow6bl?W}!02hc|bD%{c8tPQ(*;4{-tp@K>Rw
zw-sw=Jk7&8Y%jsy>?X<E!)x&;Rc_P1<Z&uede|w-lVEeZb`S|0pF&RRe9Ky|NMWQH
z$ONqslHq7`x7I3wFq=u(dU>5qFk4mvnT+JqI&&a{t3zZ1ko&csJWhE^=2mzcHjt^>
zB#iv=B=HQ)R4oUITLRbT!DgCPiKH=*AAvliwfIgPGn*~dKxS&wk>rep`%OR|(ee_=
z86c0+h-n$mz#Cn@fHyR0*KX%=A}e5qGyQo?y8+2^_-(1dZH6M*d_R#<NP2%Hp2T=e
zyA4UsVIq@|%!ht49eYfBfRpl+@i3|$kNgahd%D!($2><XNgx-1&0NjcA$rQRt|^c_
zZHgd)Mm?cDii9-kNsY}Fcp9b72pFGM;Ps^TA;y_7HAP`hHRo#^ku<<u<ZBIfingwT
zBkam;ioRz=%tNL&1=<QuDioSyPivK&lq=NMeC@Jb%uCGh9uQ}N);)pr2eL?8!HI}`
zE0D$7`UG+xkQX#-H;YrQ&>VY3>%vKeLbK%+?PftD+DoF!lxnvMqEePiwY!ke+9}nh
zVjNmKrP@=Re5%mwU9LTsK-lap(@N2cX5A|7sy*xoK{M;8D0y(qZ)ig}DNxqHj9LU_
zjrJ8MqNgtcS*PveM2_KlEp;!8Q=zaG$JW>T+IUXnsBX~e{lIKyDz6l#C@Ub&$J#1R
zKB;}z;1p#wkWVzVipPn}gJ0mWXRSZcx^p6O@h-O+nLsLle5TDvAUlA3p%o{P13<pf
zhWyAPi(Z@rvP=7z6PcZT+6hi%cJ^tJpO{y<LhF6M){v75m2$CPYbuCBx!A8=!->qr
z&sx6(!g6s?8-Z~s%heb;SN*a`>>R4Kaoh&p@BljpHX7C1G(l7^MmDpMTzo!}JS4e|
zh=}!`tM*$e=2$hZ_gu9Ryc3M=ZK^fsCj3>@VLSYDh_?E)_zg>76KHrq_&4TQP9?b+
z?#nR!IUGc0Phv0|N!asajQk$huqPWC`6D2G;l34%Qxg!j4?mZ%CqvF9-vy+Qk48m=
zp5d&~UO<u$N61FCMk_-yAMQ;EvR;ssZ+g~Jba-m2M*9j$8Ir%X14uRixd3dAYA2CA
zhvc|s?Bnw}Wfwfpb_v*=)Y>Cif^D7B{wGMFho`i@Xu~wK4S1c_?nE0>$TQl5Na(Hg
zXSBKKMZZBf6WaHl(TcgveC5h!@P1>6d`3INiCAA*K>pQ?{p^^<4vndwqTkF(1;3WU
z=0<J(RzXyn8@2U2k<hxRtv|>~u1d;QTYm)OuxlwS%eD1VBs5!6^=c$ETT*rNXFi7f
zX+!2!N6$n;*{Q4NBcbd>^mYe?7tN@ceiIU!QJS8Qgl3ecuR}sP)pYe25r=Xb*Owrn
zS!e1SkkG6%^}2_c*Gy#-%tLm}rrrR_??1zJI2dP3U;i7kDNlJ1?)0(eMP0oH$!qZI
zPWC*TuU}j(YzD(!S4QgTS0R}WPfas&o<0@{J>yzmFGaF&fOr!1e0?2~b+Epe*9Cgx
z-$mpuuqs*W7wXxZ$R~$0^!o%!Ve@bp9P>qbA==P9yjU;gM9iO2U~{oP=nocIkO@GV
z>SH(&Pp3}-(p=Byq#}5-x~0At39ZVO`U)hpDqHGn1yN}2wA9OykZQHmzd|pXnJx7l
zNN8rZ)T=mwU&LPlPfWq_wA6>!uw$;^PjIn(wbq|ULNl|C{tgnFnQiosk&uqH)sG>e
znb}TH{ZmAynb}b<MnW?)Qy1R>uTW@aUar4~HZ(IY*MCMrGxKu21_{l~EA*VdL|ddb
zUG(KhXs&kEzd=HCwX1%XlU((7sLO1p*A+)hR-&$Y+TT2<LEY)9n@Fhcbk&<7p}Nym
z&*DVRsIK~WLHLZC3nPD}z7}n0MrG+cI4M;2|C6HRgH4ux+Y#2fsNK&2`JX<G6QNP1
zK(5xyIGL?H2Rm4%;n(Tl0)ORoK7f7+a)8_9Dh*+mk`7tEPXC*eipamM#94s!ie8t3
zHmA5vd88C~!q@56KYW}cgFp*e-MLP0h~!!rKtWm{dG$vkosfJRke*121Cotob3ld&
zl5zwHt033ulaU;S@p%_WFI~i$t*%F}Ub=`gTRjkvSGm`0H3i<fD!f*6Ql4_<ckm<>
zj8rduBS!8EgpF7){WOvt@GcZKV!ib4M_J!Lsm;hoy!B<Al&7?TQQZurw_eFfuG$jL
zQ&^ln`p-zd`AS6YqaPMT*|d|0cZ`o}$|x9B7P*h!3&{W&RYv;iGXx20WwxG=HcX?w
z1DhN4oZ~!>LNltLUWtTiWj}rJ3DFkS%6>YVD{TM62zw%$$fw#t&`j2g{(%jvU+k<+
z5~c}^3<zx4T4p0QP#=$N&4*tc?13X37})IE2Tz=V&7goVCD{))gY+fnbz_!@JXkM7
z;=;43%xj4L7ANv5))4(;PQ)7;*-9CrZ%rU<r3}}rL>&G-JJ!=t`m~c`#HjVrdOjy|
z#f{MyClD5AoL<Jsrz(xl1bsax<qEC13Hp{(A~KE71bsgzqB<OgICttb34|T<MBO^g
zyyWVhtY5@Qxk9V*0lgz96$-732lN3*C_4}8I~4f&4XFAq9OtR}aQ?~T3WY{>s$N}3
z*wCm>(=*cqp?po#w?-H#Px%G*Y%5^or|UbAY=f(Oj69_Of~4`E!scQ9D3YD<gg>*H
zq1Q<laqdm2rJRJG&eStF5z5bUI$O^}o08X{N`uX8{Wy{jfiP`(Om7?&asGxo6|t?1
zB<E{RC|`Mcy%_fjvQwa!XpB@SwBic%X}Tb^;+_s=aK64@*re=#5Ux-`>xFtroO`9z
zz%KVZPHr<8ky&1#Pe~vw%Zv0?oX9K}=^rN8WI&u3^v#^eyuYYdaZ;g@LcXXEFj-r2
z9=@oTaw4iZTa_>B-96DSnh7uI+2;vDGvOt@-uZ&i$}Q0$Ec{i}sapom_d=W!y<r1p
zBl-oBpe)ndCy=Ia%rEO#C6JatUeR+B2)hcgLeIH?$ANd>h}!h3UWSC-+hS_-s{S34
z88?W!{HlHs$!fSS!+s_4s@~y35oaS_Z7$O%a57UVMVm6cn3DqK82pN@BOK34U2Vv`
zW-7nI^Q)bJyry^NBsbXMzpfh@%%(t5SEMLeVDq}(JAqsaWVN2hNv^{7NCSbqqwnTq
zrgHE%_>CqfSr>^oN1$KKYrQ@P$<n2Qe5_Y;lB;|T6>TioY}D)V4*?hO{n!K`oAvGq
z<bEJq^@&K{AC#gn@||9S#A^&!6oKr~t2oJ3SHY07z0FU0HQM}J1y4wV%};ta{)u7u
zH5`uo0evJV@TDPm(t8ou9MJQSu-}Xn1Nl{7hot$B@B}xIYCYCi<l?QlFg8H`)SK~-
z4(BRsLDd;KqNnmt4Cg8~?93TCrq5_Dyx7kCLm(&hRY;f`Gn>=;oEE}n3)pM~a#r8M
zNr7U+ZyB}%Nr~4W*$=-<+6|;`d_zky^6Gi;Jxw6d_<kf6&<jS4c;i;W=3qT|(<~4-
zUWjBhjL*M7&W~?Fatv)QiaV`^*U;ag##O=&KR%L^T%{?To3mcDjBi0Q1g<%FVADF@
zqK)VU+tV_ecJX{p3Y7CfpEJOwL%b5nF8GZhi<}wHY%AKD-WcjKcy*1BO&~ABnM=3$
zDkSe*1m_mu)jfV3$yHYfudCyY+le@gFt6+4c}RZD6kfgJ>yeZU5MI6G2NMYMx*<NN
zy@=z%Z)(^P_KUAcAgzH6iMQz>Y>qS+k%z^{BH4!I#`p$Kaus&g#ztd!ye<FavD_`+
z9M2Mj@0L44<Pq^aw4uGt$oN)HauxQ>09%72<NMKub~_{EBl)M3<vw9#Jd(+dQ0Q1^
zh&(c0kCTcN(z;RcCP_A<;~kT1#>BfLVRN+`#2Fihu<%!2C$(h?C%49v?*fmH=X0-e
zg>1&h|43+y?L}|LI2Cm$^6l~CNnR7;rI)i_l&36eBlPgDP@KEtZ*iN7$lb5O_nY7d
z?~cEZWGWDLrTy-B1(Lmeg-T3}e~IKE5T^4J<J&nABgT$!Qv4t%3zafxeGo*R6xTbk
z<5{S*FG*2u0&-8h8Il{CrYN@pxfe%6#+eeo<O)7pg5MKOiFf2g*h~bkDe>`~$Pv3g
z{&Rv2JDvyPe<YB-wHQ%5^YIDBd1`!>ASv5grzj6X<mvI$F6Y`j92&!!@d-&bGeb6y
z#&;yyJQ}i@9q-Zg+_q+iY#xheC)qp}Uvwq+O1ZDS$nxBf*SvT!w~<+%7cWIZS)Lbv
z1Id^!VkSHue+S7uK-f%pJpM6~FL1}07vGFzI}mo)BQKP}C*s?<%|hh_+>e_DqxwX=
zG>aYcLgm8$!gX~ZPsUgMPmpWiF5Utl`SJZ%333>`y27tkpN<ddCP)mtdH|Up@7i6E
z2B6r*;I$w=8p$6o!P^&sEQ~*xKvn^HCO#ht8!<Bj_FD1c1o95pJR2`ZQUt4D1CZzA
z#aD~A*j)V*$kO<tYZxg|E`K0J*#ytwzZhSiKz0HtiB}=1Itp(!1Fx4u>%BCd+LOl#
zW_W3Q04H)jm&SK+GE=z|`u;P-SrKn=t!Vv5AV-0`9?JWh@wV5U8~M$67f!@XNQJY_
zH{(|$VKX7hiBKfD23N<kxs5!Y)uFcDikBwYycM!pORA;qd^JU}p)E-c0Ac&OfYf;o
ze#gpwv%fZO^<upc$8#Qdt&3-IQjtP7@5X->Btntji_=|liu_*u2)8Lu*#md_8bO@*
z;#s|A<TgM)h)?IFA`*E=T>1YrJ{!qvtB5>-q^kxy8JP2*#up%&2zMC-S&U?Vl)RQ9
z`K3OQl}L8MZ>}LY#97CQ9QjY<U9V?HDDT328o!zoc^Br>cppK6dt?>yfr140$SUGD
zA)%{$74h3J4&9fjh)?1~-k13-J}rT;`!bv3b2*W<^2>NJC*s$g>=z<m#w(Dx@XHQH
zzKWkf!gj*!_ZQpZ8GTs47V^77?3XX!#fKmn2G??#&GvXc5?13_oSpGEk#xk!yW>A2
zVP_@G>xX!1UlEz@1{wJ=UW(+j2hR&YmiNVD*}{hHwV2J%@is_qg#B1H*!&W|9SJ)(
zXRRNKPeU>gTR$9MjD(#xu{bsHa!v}AykhY?j=$pdZeVQ{D8IoO2m58m-ywxO5}zP!
z0tGk{e~%L}6WBS?k@$%O!YbN7@mN0=SzOH+3dj6U{CrL-RJta7G~NseT{k`&?<h#H
zpFbM!frPFSAC31%FS<&6G(HRo&7Y(3@#sZ&D~`q&A)#x+$Ko51&^6&>@fsv7r|hi%
zcs!#&>qP~Bj|U?s;=_^9_1=^5SxD%5@5y)>61sAGGQI-|UAa9O|6+iM%&vXi3EFZl
zVRw#B#dirCzK0wEV|Y4#0=;Mtc_wZT<QWXIb0*%96OkQumF7%5`6`WKBwwXTH7?~|
z@@zd~WN{+T#3P0}L>x1niKiRNFhS@{Jl*Jxgs#a%jY&x8+&pTOaw3%^YSh1x#gR%9
zHIkJiYFxx^Dgq^m8O;O<lq6=fK|(VjW^@)LxWgMWx^p6xL^Jv(5T+!CF`N^rB#tqj
z6FI7mkvyt?XjIQPCUY-2su{){PUNU&7}+<UJE|8Mv61JF>P4YZz1SFnHZ-ai8+n|_
zQN7r(Mx8sV7l%gmV&gn+BS*E7ks(Mhs*Q|hNN7|W865-(MzxXAnG-pxjg4y(2piR=
z#sE&_s9tK^!HLx8ON~WHNS|97zab%gZfn#V&H5$vxxLXF3F&hOV-^z9=l>d|NJyVA
zH%=fSeeP`38zUl<K6f>$kdQuS8O~T?L;8G`k%@%#xw~->64K{ujK`6XK3`|NkA(F3
zdLwyn)7PlxHgd%J8l7)pt&1!(?d@wkm_V5JW*bj%BDFW$DB?tF?+wOsB&5AJ7;g&_
zXzvZiXGlnUZ!or@7isSe#x5i@H*PQvq8DlJ4Mx3N*)dn}YfbDbXg?zh32ARXV<HmL
z-u^~061vwmz}St1w0EG9I!;6;?Hy>eKtkF(&=`V*w0EE}cD(Q+?LC(;?Hy#?BW$?#
z-U`|~*vLmO(%vD)3QlBph8S;iB2{8YNF{Czsl*85W9}tYVyv+P+oJ2?V~yfF#4(fh
z-eN4eQxMYLTS6*vtFa$#NF{DH>fOb>q)OasEa60I@2w$~xYbz3ZKO(!Gs*-BRAQX5
z1_{lCaUty;XKdg$QYFS4pC=He5_cFoIFX}zxA6xjQYG#-8r;o#u}~qExW~8~38};s
zqX-GxL$Y1m{YE7cQi&WxohagvN<3(^Ktd`p-I$JqRAPovgoIS$5#v`Rq!P1?j7cIg
zsYI^P9SNz#9OEG*q!N!C&mbX{c+%K}gjAv+q!ROu<J?A$*nFesJu=HoCFUEs352Oc
zq46vyQY8wFQck2wEHK_eLMpMq_*jrYB^DUpAR(1lU{s+Osl)=~7bG+{78pm+i&SEP
z(fD3=%u*#58oiN_N-Q*{At9A`#wbHVDzV5oh=f$)S;LqtB9lryYh)rJm3Y<|i-c6-
zS)<N<!i!YmT*6f1Il~q<TqW)Vm3ZE0i(aG>MMf`9WOj;-!JJ5yC<>{>(vV8LWQ^fn
zQYA`_9BhkJqSVNGKpZov#Bw8Zsvx8i%R?%$!kC3Nq!KHPb(~0*SYb4u#^OkoSP@c*
z6-HZbBUR#6BU6w-C0;eMkkCwc)#xoqu$Oq%7{G~Ci85nE0%0ogx-o$hIjXCTM>&xy
zvD#RLgjC{fqxN*xi-o)rv2&t#j5bI}CEhc}A|aJnZxkURmH5EefP_@yBg1@1L?)Fe
zH`*W}m8dYLBO#U8Xskg(DzVwvfrM0Ii(x%1B9lsNH7-R$D)F^(6B1I1Z$m1v-N@rM
za>TY9yEzeAW-77Ws6T_XCG)<+Xvv9Gi5*5~PNYigG_FNLDzVcTBuJnVJB@KjNF{a}
zlhKP*Vy7_`3C)e2#vJq_mDp*lLqg|q-y2m(NF}~EjG3$#6~R+yyNoO(q!PQ0X-G&V
z_828dNG0|dTab`S>@kibA(hx;<UA_cB9%CoFqPPA<O&<E5|cqCelSYVi&Ub@_<$3c
zohoB9CsHM<LMpK@q!Pav-*GRg64gdEwnZvYZLG-^$4n}5*qAs+5K@W5A(i;uSdTWO
z62BWYoXFYoyK&!K7DuYY?;(}=-I&g8q)Pl@%n~F}i9d`yBs3HLFct|CsKg&eF(*<b
zYK&JC2vdo_jdh&JQ9WjC<wUB)G2;jlQi+qsHS<_6q)MDICLke|IBOImA(c?f9Y{ze
zYMG~zkV@1suYX)bCY4al2}npK(#?%|!iH2LW@bGh2&sf_jzvN$VVFyhkV@F*DkP*5
zp7|3JQi=0S^+^_4UJ*Lq9FByp2sJR1&q^*ZR|%Won!^QV%2O<kRFVtKD-#IYZ(L~h
z<3uXSh2|(uq>?l=??OUK($JhLNT4JQ%{(NeBn{1H(TkL%p;?TC=1)Vj482H68k)P2
zkdkDWsrjrI75oj2>}pSj*#QadH!d>AA|WNY*epguO47*Oh=i1+ky(R;l%$c_pg^=m
zO47*u5eX^Dxr8Z6WAhJT!<A$zD9L|J?P(E*l%$E-loL7Uo0#o6kxJ6UOulw;iJ5#w
zsHJ%&_mWD|&K!Vkk&?7C8!Qm5lajPIoo56gC24OaUlHnHjzk+$k`87eCsIi|m~|Ji
zI8sSEn8{a!I+z-_kxJ6hbOZ^Mq@&pY3C)C#W-~zoCFy9k;Y2FQf6Xfr2vd^F&7Pdd
zQSD-m;6y4(7c&nDDM^<30}?tb>1M{BW&M)ZF0MASkdTt}FmsTQlJqo-kdTt}G7lpm
zCFx_vo)eKtNwUqMNJvTgnfXXaNd}l}kdTrLGJi)xN;1?;dtO8)B^hpBj)atCL`Wq@
znd7;Q9I;X6JDf<B7-b$yAWS7jo9RWYEvXWt&GR^sDlx`vf`n9JjM-k0KqbbQ-I0(=
zj4^LOFH(sy<`5(_H^!J_(Th}Kj9G|;RAQ{T9trI?#+ubgNF{DD8!TqMkk^fGHHRP}
zl^AEvKtd`p&MZYjDlyL7hJ;jNoLRP1L?)FumoSwWZ@w#RxJo<%Dsh{+1HDKkZa4qp
zL}ur9(<x?=rApi$Qi(f5Dly5-;9gQC?lU`ZBCl}XXP$mh95boJ{pPw7K}aR;52-|s
znYv8akV@p3nVd+K$T2_QM5;tiNF{R2Peq*Iy72?%7C{1)c);9-gl576W|bg;N<3g5
z<V32(gXZ4}gsH@IQ+b&kvmDi#rq78~iJ4|+B%~6v%%_l$N<3z+K|=eDx#mG6q!RPY
zj8|A&@EujW1C?iXM?xy`l(_&2sl?Of8YH9=g=Xe*5r<S_p}7GGsl+04KN3=j=gbRN
z2rp8J#bz5Mq!PvEXe6W(FPU>Vk^7BhW;GJpZ@e5*l2^>^SI-^QSIieUkxKH4`9lI>
zN>Xb6#femsQZuED#gR&~+|-efk}NmR7bH-U<z@>cq$JDD%h8LJWVxAzgyzq3vp0H?
zk}Nl;At5DMVU{2vC0Su^LqbaOs+qcyA9HXAs?5wnLQ1mI9FK&QWTlypgp_2ZxgH5A
z$x5^RYa%i!$+?6n$!q5Sgbi1cxu7Jkn<LPRlw_4TjgtbUGu*FaZ|YlRZbR}p{2DGF
zyxuUozs@tL{O|%ii2!7s`7)9r%f(xN-#4p}d;`C`Sp_y9nYXXvUco-I+`NwysZr%2
zjruI4QJ<TSa4)G*mF6N&q()VmBUg*jAdULU9P*YRq)}gmH0o=!1Z_y8zBYGoA~ou3
z^SZZL9H~)XhcxPI^9F7scQW6YLj(yl>Kk(;5}IS*m=gpEH0m33GAB}_wwVtn5T;Sv
z%{)$|M(r|R;zVlHF0&E|Y1Ce`(OT9Ec~11BnT>=rYM(g^32D@Rb3GE$r~_sd64Iz&
z&9>`AWYVZ=GaCtM)bHkEB&1O_<~AgxQGc1ok&s3mG26W(B9lfPGkYN+jXG&gM?xBP
zCZs=S%`$EyN9?S5h7+kjXU!|#Wo^m4D^?#)r2Z(@O`J&mNwIE6Li&?p-7iR>KPlE6
zB&0tn)&le*{YkNkkkH&nu}aa4^e4sIfrRv@mZiMMj#-}X)Uw(jA^oXsjYLA{JE>L?
z64IYKRyh*VpE_1G64IYKR=xG2Ez+Ml*30h;Li%$qVfs_oS|e<@{=5sCkY;_2UZg*&
zRn3Xaj%pp}M5=^pC7<s^t>p8axRv?=J07VLj#ZBnsS=J=wLu&+sf244eJlv6gli?A
z?|9Zhv>}!7tOlPjFF9L0>qSnaN_bZC`Hp8T=QdI$d~1~;flBz+IwUj`e5+iLKqY)@
z3nx+~>RH<p2vdpkt^J(HQEh0Q;zX)MLo1`4^+Mi-x!CHDgmyCjv2u`*N;I{~kdR6=
zv-Tq)m1u6&{ZvFIm1t>QhJ;k2jWq-bsYE-gszP{?N_4QwJ`;pg;=fiU5>kmwD}AG|
zA(gnoYJh}PqN|mOgjC{x)<{m|PNtisY+`ZbvozhU<SQpvTgAdAsAyMPTRD+Ra<!#x
zW^v@)=wW4WB9)|v)tVEjB-dD-k&u#HV_hpqpd{B=!;p}YTw{$xFH(|gth<oV{JF-O
zhF+v3*H~ppNJ)BH+mO&srl*zqIqQYI279g50SPI|b=E{Aq$ItpMMy|VdRZHgkdpMW
zs*#YA^s?UEBHAJ)IhQac>1}NgHe5+Q0wuZL+KXPKBz>&ooX9!f$4dP|=7K#-(<h`P
zH-waApk;6`sU*X!#+*nc8D>>)6~|0Ua-+5XD?vy}ZVV~OaI4MN!iJP&xHXm&Ia`KX
zhd7Z+GCZUt!>vC>oZy`3ChNE$fs)*0Dc|t6g105yWW@vtl;kGM;Y2FQ%~rz%!jxo`
z)q)c_s<&9(IFU+ni!~96i%+kOw?08aN^*x)jf9lsPOHT>c7zKRQj)u@@kmHXCR%w&
zNH^}aRv{tXm||`DPQ)SIxZj$vT@ccZ2dsP~q#IMMEl5Z=9<r*CkZ#PhtQ{f_>BcOp
zGbd6va;<ep=nUwwkZ#PeI_zX|<QUGeaygN@F~=%TAnXiiuC<dBsT*^xgPcg+m}ebB
zLb@@}s{1`_t0K^id6tiabYq^?M3CSe0`shvNJuy4S)I{~bYq@15eezW<JKZ1q#KW0
zTaeHWB+pWIiQ^&Nc*4p;Lb~y!H697+#*<b)64H$)t@TJqH=eZW?GcelH_jzYH=eSZ
z2pg^&8$mbntsdw_x=~<_;zVYrz`BzYksYQR1tHxi4C%%q>jCa1bz`xWk8QCrWWQot
zY~@smV<z2LVom!=5Ymk$A>CMNZA2T=jiuIUPNZ%uwI12W;z-?C8q$rW)?98QcOb=9
zz94~a6kCgs&`c<{N(2dXqu46rMC!&1*4hNZbfd&7=R}TbskNIEsT-wM=6-g}@~q@l
zD-Q{&#7b)e5>koRtZF2r600oZXAy@~Vzt!)38}<eRtb_d8Ss4-cvg0;m3lyUkxHzy
znjs;Tc-I<>gjC{vs{{#Y!Uk&_CxyzlcqQj!EA|VET&T3gXMjHqX~Jh#XKo|M=QC>{
zCsGqWv*srdrU@IZQck2MY_!&LA~j)?Re^*wVUzW(Ab}=qvJN02P1t1pgI=_k*kqkX
zLNj5Lr5<Gc5_OQ>VcBGLMnamf*&2(4G-0!~2nlJz=hhY^qzPNB*smfoX~Gv)2PC8k
zUs%JDkS2U#%|Sw%@P%~{32DN)glWQ;)=^=@HDN1g!dA;WBw8m;sI=O0BC}Izb>T#6
zLS;x3z6oi<cI#U1B{gBUH4@t*P1tSqJS<u#P1s}g{zDMb1R%o%q33e<T8q$zG-0o`
zg%h#9zJq@4wSGdv>M|ogTCo}yN31yZm5Tk=1xVP6V_$_hV6{NP#+ljtV(mu4GRWfm
zYAJt;I2|!^wbd92TXD?m533N#@yp;_ZQ%8%Rf&Y<i`o2bW&9=Luq-q3kJTMX6Nt>n
zF>5>$wkm&tI47(Zk&K6D<7<GNw#qmWYmgn`8EeMhEOMdp2K+MmC=kW&cSI1jDp}-I
zJ9&p+*B;Mp<QlANznDPS8ceg_;zX>$vk*DWF6X2|r4^^zUm>BV<yCvHAi)|`?LUyv
z8dUAm=tXN#wQK*wj#<9*O0`u%g7>AUb|w;9gAqIVeJK%pB-+p#Ot+KYmlCz}(T3ia
zqT7EVp>=B7$?r?CY~?6FLWS0;WhcKc#j=~B4ZSbLv8N%S_oaAtDH2-UzFmogR=01r
zx|RJRup&b5OYv!ZBJ}1i-~LB<Md&?UzTLO0@S^vnNJ8&R@$D1X7U{;hgy}{-JM9?n
zDc6lUU&H%<?EeT7yzipE-I)_vm+RY~a3bq+eS0%{(VOV%+usNhRN?cfU%~GEe0vvq
zv31Jc*?7Laj}uvi8`!@m5LSg7Qr}g2t6L+A9E?~an|{rdi|;yX6dJ=u6emJsC<%>W
zBl{F@T`FWFJMB0dF+tdy2b$Q)ZysoFU&3vqLbkTEIFaueXl*azM80RBwY^2y@KwNe
zR;}$0r^GxY6>Vb=I4uaNXdC<V89_)h+uB3^l}E@{cU$`hPGr8?hVs?cKEQ1%f_$~3
zQ4R9dE|jl!_V3(F=BvGZB7v}c{g=i$$X6$d9OSE0C|{jI`RYV*f_zCr`RZiXJuCap
zcDbEG`RWqN*Z*vbd&zwDu$yrr^VP$i!HLXQ4||QU3G&s$Zcqz8atwP3%GWh^=h}i$
zzOJ$NrwT&(>S<qDhY?xhdfFq9P>t(l&qu=akm-CMdj%4zaoP5IBvj*WuqV_Nk*UV@
zxAT!ujT>aIK|(cdsGXfAyv9XDjl0n<LP9m}CcB<0Y^cVKusb868aK)wiG*t082fo7
zRO4>7S8-CP^nl731N|9iXGB<JS@p)-r=x;U)w{#q5fg-}-rb?9H_1N5ZRBoel5K0u
zOV+_jc6I_`E9D-03@5S<-ecdxiL8V7+7Bb4I(V<0CrD5S@3j{rp*nc4y#l?c4&H0O
zfrR#=_uA{wi_TB)wGSepIygC02PfNx&iW;<YfTB&!Taniw4plqK&TE*3)R8tb_se>
z9h@GjgVXITXhU`IVLKx(j)&^tOuIJ{s)LW%laWvze8hfMkf07eLgN#t#3Mniq&g_Q
zNW&koi!csp!Xx%lY>VpPxrEihN9~ouhSxz0=HV>+bM&J9^K83{6Ilmm+qW64r&3pE
zhjeweJ(1f;UCpI_1-hDR=LnnNY&6%N!HLw>$Lz-w2-DShq=$j7K1q>-5qpwsB2)*T
z42|KF!N}7XJ{cOrC+$VNby)|W4C!h?NLLrwCEQEu>T~uwPNc3rXB#FPL#eCJ+1)vj
zS0<mc%WRxc_&fUN?JbTVq^r-{lRZI5SBvaQPGr7{?4drhk@+eL<*SIsFv!m0P<9sE
zBY7N|oh9}i34~?m1v`fmnfGOsiy&XisI4GhflZLFWubg63*~EBC|}F$8N79wuVtZp
zm4@<FX6JD)nXfnOV(bOIAL$MII43e+Z`dvBiIJzXzc=i{`hrj$eA8ZYz95vZH|^mU
z2txT<9jb$??X}!S+|6NUKyQcY;5+s|XhU`IJv;S67Fm4Zm(|Mk_C_RB2S2c@kx(7{
z$Tk`ZFRFv(_Gu)oZWeX0!tR_QY^V-ywAUe_I=I>1jfCpp7F)SUcu^hv((Z(W>fl#)
zZ%$+#{MufJgk6DQegDRu(U`@NXMf+>o&O^U)xqyWb#S-+0Jo8KaJOB+iI^Mg8T;M#
zmkET`!9DhmoX9%3$FAW-*1^5@86;E(_uA=A*zw5gw0rIIkx(7nYc~@lxK6v*ZjFTM
z;9ffuy{HcEwZ|i&I`~7V4*p>0qYa%8R)y-|kM;(%p*pxfR0n?v)xm>y<EEltR0j`+
z>fk}UH`-7gJY*Lmp*mP?Z$UzJ@UVRZ3Dv>F!Rn^-!NW8@fl5dls)L8^^P2G^4EDx{
z?FLAw4j#4}3KG2S@La;`;O}-zVZ-a-c~A%cuzR5w)xjEjBqvf=YwRyMk-AzF($yOK
zTeP8fU;k<E7LkK9jz6iVf%g7s?-w>fW&G2w=0s}mU-q#C!nF4vI-3ZT_5?)^#_$BG
zaiFv(f{~|DJrNq!6QNN(VW(cgMqVoIiICEs4k@kT7~D%LZ5^jEC$ciuai(!1m9~zv
zO4tNv9CaMEg_xP7v~`_WOF>9!>pF{C2|`Mn<{aTfW-!f}-kRCS45m5BXY^^#EN&w!
zn(8F4T-8a=m+ItkFPX21^GpI^`HDGsH6zHEL6L)e8DtaW%W!DNNcl3H<W*oe$*aI{
zN_gusUxt%>MsGXGXY{_aihId?HE_x~k@;%iG-$)dQ0A+Flg)|T$uw}*wG+9Zd|lw|
zXfFum>jGy+M?olG7dpE+k@>pN8TMahBlC4(C|?&kqqvRCS3?@rV0|?V<*T7{8~2j=
z%5Wwp5SFh-l#3u=O(}Aaucl-Z<f~~YUrj^#Y8uK{Q)eb`UFNH4C|}J(`D*1n!M$X@
z+B+qj$b7YTPK$m8Zyas!w7E=-JndxKJB61ELiy_8Eb1f(<*S3!tg|4LuZ|8~qh@hf
z?e6Hz;x=+8lj&?nLTB_>I7g7sPNs{K+J!}yJDIM|IwZ7{$#Qlhp`A=ON9iiOXeZOd
zDMPaABC(U{>C_;hoy>Jk&XvN8b~3%4A|$kv>EmobLOYpkC;6&%f9Eu}kvo|IPJR}P
zT&NW85m(U%I!BPu-e#~f<SJn^a09&g9!6}K)1#Xpw70q0Nxrf@(z%=4h`GUbG9#U`
z1j2SQqnr;pkvo}D&X=6Xoy=%w7ZTdZjCKwR5}eVGc1|Fnoy=&bZg+Ns6~Rtsw4))R
zoy=&*5hS>>J=*DxgmyAxoa8IpW1I<SLpzzVPV$xQTbv@ap`FZlC;7_u9ZvF<?Fo)@
zH9zLy%Ju{&`O5YLry1JNPUbFW8WP&cOms?-&`xHOQ;CFjGLxL-E8CN3d;*o2<oqMN
zf-BpT0^OjqQAubgGs!uDZP6M1xrFUx?s3w3@SgIWOa|;^?sfhnNN{C)veTIpsjHKn
z3QnZ1P7dknWakSJC)l@4p?(FrI>q@G+oCJmQ=C1VNL{_pIha70u0BA04|H`pMGi)6
zx|4imdwOULr&F9@Hz)~>A$alDrLIm7>FSJ-uFi5&u3@7pb#<;&j}xh@bDfEt$T~RJ
zDG@fozGbcxyH3nQ($#rRi(Z0|uFi9|^%jJ5^>L@o^^C}TJ?^~AiOkpIp?p2=e8g>J
z9n7Oq4f2&2%2%GViF?U>J>hIiAS_?`G|oZ33Mq1sufkBi3PbrSq&PvoB%yp2IzRH(
zWxfhS`FbXlujie^+)L)G*h%ffM>Tlkaj`R;6Pd4KCtuhE`6_mfXNz1=zFu(Z^%I2h
z^@6jZzaW&a7ejUMMW?|4W+Ut1vQQl?bsj()s)H+>IY{Wr_N&g2fg%po!IjQ5Bvc1i
zImJk*4z6}`1_>|ryac;@`<Al-3Dv>1jx$8qP#t{7$wWeR@I7ZZ5~_pmI}4G}8T|&Q
zloMG8KXNjMvdFRye(V$>p*mRZC^rfls)L_7TaZv4{5(_#zi{l~%uCD-RtLXuvJ(ia
zgI_vhIFWVmOXnU=WF6e<JdA|u;8rJ3kf083brvI`I=IzYfnIcFd#m#X5~_n+optC%
zXY^a0gGi_jR)*?erDNR0`X#Sye-)~OUprZ7Lv`@mP#xS6s)IY767-@o`kkRVxYOB!
zHdF_9IT<&L<DojZ$LWoP>fl~yG7_qTdqZ__FO5&25__Fzg;!7q_l7h<64Hdd&SGqf
z>fpJA)xjT}SA`9)gH53hRymu{i_YkObgDR!y85FtXawu2)YTtDy85G&d`ABh^()ZT
zpPZX`oQmN5{U_%ZPNc5xb0#JbrmF{>>B1|hu!l%R1EoDgZ3SZ(*aT-BheD%zC^V{)
z(5N1AX7kpi(jE#a?ctEp{^=BOFR8Rgol@)tT{}JMC?naZN~JyObl^muAs%(+jK(>J
z*Se26rDFskr9I}fxkV6C+T%_hCo+S_o#?I1MrQDMD1*lxi`&S`c!EYX$l!@k22VKk
zxtGk~N#{Qagk|syjdPH%6c;ri$XAM+ypu_BlUG5CoBW)EB$Tfdw;gX?<}1ZbKBG@{
zlh5c?w=4IO`O@40oXDMw=9Y<m1!stwTP19Q%BZ>BZ#y?%y4&;ibMvLUJMK6)UvW42
z3^DF@n80jgWwhMnGep-dKpU!zzFUlhDq}r2?@keiDr0?j6%wk97r5JyP-V<;*WV?)
z3j2!6c(I#$w;)s*8@o9Z1)<8=#4SQXm9d$-0SQ&c=I%)(R2f^k#v~R;R>oFtF%mjM
zZ0)ArBW$QLwsptfD+pD_4sP$sf>345bd%2zJGt|@jhGv(GInw+69}t}SGfB)k(KcZ
z_b*OlW$f&pMM9Oavm2YjT9?<lJG&Pkp~~3VZ7xV~hS=F{i-am;XEzhQs4{kT$0MQ2
z*u_mgL+s+_qYa%Qc6F1_5U+GMpbb^VtK8%>#H-!pGsGTl<NHLvs516&lg|))xV_Pa
zDq~N#7ztIz>)b6!s516)k07DS*vm~mL+nN46R1Ql_q_Z0@dTBzS4a~iAx-GzW(cp~
zTKBnxRmR?KD`CScV=JhP*So#Ziz;IucPuATSNphoIFY*A$4$Oc+Q&_<jD6kxB63jC
z`ch8=rS0ohW9xLz*w;P6iB#Hb_iO@TO52}QG*H^X6ge2f!DJIu#=)Uc9UK}}NoZ6D
zyRjUW3#qh&LrOa=q_j7?^|+T*+A(emPNdR~ac6NNE8`e<ov;a%c8nXFDrP2~gN$`s
zOcR7E<5+jibU~;x-r~};G;}TQ7T0))*+``w@7|AuuEpKqK8J*q_D;792`TMeZvMj}
z4k_(KcMTF!+I!s{NJwe#bL-6%UVXBK(&o5BkdV?o=o*g*8&cY7ZU-c!v=6yMkdV^O
za0`);(mv{za3Ym<mOK1W7FnKy%yxGpA*FrH&CV4z^t{bHxA9|wkkURGQrdiXAh(hC
z8S~vcIg#3%@2*H7OnVF5_c@W;Ti|ZtL~8HT?oK46y-&Lb1PRVco_3ERA?<zIO`XGz
zSzeuc+KnP1?S0yH1mSaxJ^TH%+Z_pM@BEPV&UYuE4QX#-NP8E!MQB6XyC|f+&xf?P
z$W`X@V-Bv)6@|37$Zdu;q`gbrX-G(Wi``Nrq`fb=l}Jc?UvTN}3EgLWfyO7$jThX1
zgjb-wFSv9+g|5!M;2uXCQi&Jb)7TcBm7GhM_P*$*&*MGi+S?Jd_a(QPAi>qS5;uzz
zsl6rc+nh-4EeUCFNl1H_x$ld}f%Yz=o(9^x%>5KwC+%J4e!+><-k04S3503ya?;g6
zdskBAU<_9Vx=K&rtPG9n%Fw8;42|ka_h;U^)ZUdL?Ohep-Zk!@+)HZjJFfb;SQm6w
z@{T)_6RExLxP`(d(B604gHMQ=N!t6at3D+NY45vke!d{2z3;izoX8Bm=iX7kY-9%C
z3uW*<_a1H|&q~(Qs0R63AIjHy_d)I@^Yy+vJAtr#ZJ=BP`6{Q#LB7h#Ca9I=p?sBx
z@>L$nSGoH%Z(ZiAJe04`LizgKUBbO&zAD`{oXA>P>BgRBV<_`g>1J^v&mt?`l0uOS
z%GXzJ=>kD0UthVI&j>>K`r0kzL_Uf7wR;eWi@%BZ){QM<Uh>x#JKQUfP_6vl?Tv(L
z<u13yv%-sN<sLU13DwFfcQO*HmHXT^&k3)Q_yo?+?r|hkD}QlgMZ$(^<*#lVBvdPZ
za|a-yT6x$_zHe3I=5rfaEB|zh7qiH+R{rG<St1D4$|G(u5_VS78FcKJo3~WhP^~-_
zs+DKl54eq(8|<v)jC(49u*&$as~594vNHbbUcia0jAz~ENT@QNbuSYnsElXbo=B)N
zo^=PJ7hSJA>kdakmGP`Q7QN`K<g8nWges%rC7+cj-g>m5%9!FMpOw_|s?mljV;wK~
ztVH#a&q^X*_6uw@DuT)w@siI<B3=&KP-TpITaZv?)V$+Js50ta#)~2{RYu)QJ}c2Z
z9G^fXbnj~66;wvuOTJPe2~|ejyB6D`%6Kkel`-xO7B;*x_JA2>cvH}e&Pq%#j}xh@
zrdR7F)(fetrk8wHVtUDEC6*WAUQ%f->S>^~mS+l^;0m7QoyUn(TH9-!K$y~c9$woC
zl(s%a4#u!P*#t^kKQyZKL!&AQjcR?bEpJ^aZGA8K`p*Sk^7WsKye`~JDs2;Q04Gvu
zn|NiSU%~aCCSH}W2`Xa~ufxk?{*cl(^#;5m2q|q-Z+EF6q_oYv%;k*83^w!Daw0R>
zER?}!-Ur-9=Ias~)gWJ&gz|NXSHZnxzM6YqB@mXcmNd>mzS>gcAYW}m`Dz==S6hk`
z+{u!J^3~Sc%UhTEY8%Q|hfuyUy+hnf=BtaRtl*;>+{x<V4dFyq#x7o-unF?j#j7b3
zxuAS?^^U9*g!0wZoAtUNl&>qjDo$i&ywXcu#caekC9j8ddX?7(Ne+C=hLN7$SWe`b
zW*=`35<1ho!FvM<RnPw31|(EH2Y4IaU~P%_s<G!u26_9DQ1u+@sc#A!s-DBW<48Ke
zHwxL^uA9BitA!0!&yijw5~`k~y(37ddXDw#tr1>SJ#Y2;A)zzP+r06d$X{*T?iIhq
zyb2YnjCXpA-WG%^<0LQndfmO=2i!)UMc(Ue=S0jFRx9uIoV6^DTsxD!rku!HIobO!
zC$d&f@wy?QS~<nb79^;ZQ@l|~s8&w#?m{oBl~cSaNT^m$@ur~{)ygSe84{|M_l0WZ
zecm>-p;~!=s8;59sq0uzD-^1gQ$w}#p-`=S*c*>tbOrC>P_2B}%SRikl{3BlNT^mm
z>KX5d)~Qy`@-mT7t(@g0pGD51@d<QeR!~prIlWmPombLX<Sg$d5jjFCG0Pi;ZBeZ}
zm#|tn+q+xX@LD+xR$Q+41bR`ee9SB1M9!ASy!!95eo3W$ETpuLg=*y-?;`FcwRaBn
zG|=8T-X+2&sFicPwwy@qo$GZ@AWVDnNLK^x&8Nu080H7MN@tPzp;65bjcR^qRP()S
zdFxVp^F!J@Kcv0ScmuhY)ZQX*0w=Oo7J22OUqP)b@{S9eKzob4-tUVUMcTXAoA7}k
zq`iy1BOeMv+PlQd-oS{=;1cfxPGkm`gfh6q`;^<rd@ZF>4f3@#l&_`U7u-wctJvF-
zKv=$BqFe;|dW9kf`Fe$Hg1yZvp?tj(%GWEQe7)lR%v+aw_=@L#Bu9h&!ts?*23LeK
z_?mYS_mUZ0?PYQzGq~Ez=R{V|)n2)<2{O3aYfvt-Lm6D-)%#Qs%HSHWxIz%h;9K5l
zPGkn(@*eq&*~kpO<t4vc>@9CDw~=r5c-zYtB)F3Ewzmigsqx!hi6FrmeA_GIMCNp@
zw>E*WoWARob0Ww218)~6qT;jf*?r)pY-GnQsyQPcc^!~2ooC-}DEEdVVbz>{;ibYW
zL_+WS_{`gagegCZv&s7%39IIeZ1Eay5^b?DWRbUeSx8uYXXGny)n;Ks?+E(FoA$XN
zO!=A3w_Y(4R=cxd53t?)9tpku<9n|f$v|v<kEd=CaafjFoGPykC-NOZKY5i%=p8}(
zLe+e~H}MM=M~>=#Zz(5YCa`M0-`kTw*qQIoUJWOrnzQfp{p_9PM7|H?fEW9cMV9sb
zfOnoCK{Y?%HAh0#{D5~EdQmk$;B`ep^XGuq8@;HSAMmCjp=$n%SAvAz2l9)z4GC5A
zgI?-ZeuTkWQh)Wbkg%MxZ%!TZ#v`FheaOp4LN)i0w;l=A+(X_)Ux~<68P6rGGXCbZ
z7B;*xj)KZq?Ol&vR2dI@<2aGoIqcobiL4HXz2vtP)_BQpDLmpm%)O+xobU><EjEVi
zm+U9J;oHP9lWv^!27D(7>BdPf`F$X#ykfK=B{}77<3uXSDR2087Dp<{DQ^rX@{6CR
zya|E??-o1l-783-B&WTpNN6UU_8!AHbWQlQ_Y@~mNzQoBB@m`0ivJ2Ha#U0Ob(}~g
zN%glQadE|^`6rQ(lBD|$cCdcQx3b6l-bhGEG(QIkDM{Ra4hboV<-do7l*ILSBOxX6
z{oXr8TYtmdfA+=C^ZX(tq$KD28<3EaT;QKXLQ0b1Yu}4Fq$G{}i;<9$H1WH0QlO}C
zmNXt_W-~tz$s<TE@l$uPI0ecS_y*`0_%3jBzc-Q}kX-5~pF6bhKM^*;n+#j{e{mw!
zriI^TH;XLiPfNcWCsJ)%`u#YOYSYRefrQ?L(#oG8NT4>Y{OL$YZCd&B(2LZjm0y5_
z=2$Dg7`;esTKSboNNrmC$B~fQwDz0rVZD&g#kKK=AfdOKwDk*-klM8K*CQddY3J`p
zLTb~_H};Ciq&DsR{2v4%wK<nCwQ27!5jI?H?t+|l@YkaksZB@!J5J=f=;$BkM5;|k
zKUr-u{baT2?59?-<B@9fKffL)70Qtx73C5*p8xqRkdXdd<vaUCFGzp7`PoQFf4cdL
zk<j~yy8E9XA^qv@ALpbzrQ|jEjym+TyFYe6Kc18ify@BX!!JVeH&o7CPG%fnHVc&t
z_QTh_fn4K1#fj+qGeEBO*Kjhk-r4FDWhsze{x(4rAHIdnNN@iS;iX&*<Yge&`;C8L
zk#qSDZ6%OC{<R6@Z6JO9JCU$nd<Z1lpN)jgDCU*z&rcxC>jr-<5~eN8rk}qrfiRo?
z{%Is^)-js_ev5<Rco<<e1O2O!JeysMAM+spW+XSldjAw`2KzY)<hBY$8R8cpY5zlt
za_V(O8S0lH`FpSU9`sOun;@#+B87hsdZ_;+l6RY@D7o;>`l0^sNK#<L*f*nx`o}q`
zP@e0NqO|11IK+;*B6wD0sNW9>&E8@Dcup277f(%5w!kqD^A9GF?|=;Vd;TV}%#Ls$
zkP-fxYC)F5?yCmKXusKEL4Ja-wAcCuzKr1a`(2Rz57ttmKyLSkBiReY0dj}GB!Qd{
zWP-mkfm{saPJbPe|NNDrGzD^(-{B7txom1Jr7e(2ej$>(2B#>O1G(4lT_bE5=>}x7
zzlD=RW%l6|{*Czi{nS5&&6I`krF*c+@i!p39=@eM639co^Ovy612O@~48J>)sX%go
zJmPOa@)7j?Q6RJY4o8I7WAH8YXMoHLsd}ED&uye`<oV7~<|Won7OeL?zeNIh5#l`Q
zPZvae;Uh&!e*>P?_h%#d`=S&iPjE7euQ(SX=KDoxV_Yo0u3q4ma3beMfnP4X#BBKx
zo*D4Bp$*NJ`Tidw4v$<0$1~rL9b?B_p|1TGuC~Je3jOm0QGV@TOIZyzg?<+#UOO?L
z7y8#BxvG7NGWR@C5Pt}gK}eqQZ$+XvgS@X(ltq3{0(lQ2Kkt_#`7BaP`3Ojn-{?3$
z9)*$C;I-7xMDo|j6lDV(VTqrUK$usFzaxQMvKG!g{a=t&^{u6_-TQL?2qz*to55?j
zU;6}W>rrJp%pbM}SNKs*<Y=t$>j|Pz-&gqmK|(!U;o}_^g+}95za84p7?$}Hkg(BU
zeSghgg@pS4x^JEoeW#wj>HjZ*u%5o@_eVngddtt@M9db})3^K?oQR%&1zvCYZwap;
z%WwPT7>ADVZT}1s>ghT^c1j!%^=qBq3JLZ79X}HZW%*sdG=Z?5zV9DFLOuP!A8`8I
zEPv!rJacZ}EBx{V!unp}XZ|Z~Se7^W8<EgxeD1>lz+Z(%^En`OsHc)pPro3qI@B*o
zsPA6}Hk84wevN27h5BCUH$TgdFopGW2ORS^ffx0Cn}1n?%@1I+-S3$|*qr}9@S>UU
zgFgpt7-5lrILC&KPnEwY!G?{`K7UIBVQu~F?@l1Bt%E@v8pFe=b#g}ipS3p+@TvYD
z|L<#<%*fQ(U-#bE>vgx6T~XGA(2!&|$udG@7w-s_Fm{n8jI~fhwo0-kF*05#Wk^yf
zl!Ro9OxEvtKF>M#-Z8&FK7ah?kI$#~!#U@9p69tQ_xbv}bRpS>yuR-5(j_FpI(7yu
z|6RJSBwpLOQ2I$EZclQ-Z7Cf2OQk!I3`hQwE5nh$TzWpqaOAI)UP*+b`cLVC0a5p%
zKcrsb-+XQ7-_q4chI9H~=|+-ZE-peY{wv)TW!#o>qx1mM;`(#L^^kLMtMp8g;aqrx
zb8)-$Y?9$z+$p`<M??>Kw{#8>&R1OUrjLm7iVtdWd2?DgSk6a8O(+~}M1*si6l^8Q
zY~_0EfbuWMBn3PB$Soib1_uzCk{VD1DIUCcEmJ!9hLpjG2|r2)r%5tSjw#~pztX`?
zD3f5f$9^>!+>S)ng!seozF+W|B-w#oFv<v`25*r}+c)EsEU=>mn-&l$WCxnNq&DnM
z@CYmZO$#>gkz`4p_K`Utqz5}oJD$(sU=JS=TH)XT9}!xSAYl0OdJ>a~+mm>t0ga5d
zE7LX~`Mz^Nj&Yuhs8J&CWn8V+zXp^dK+3vA$P~*%f{$QS%egXEr#M9g8JD=dUwK!C
zYp+MR_Euz>q`G6`6sR7GOX7vkHdyuu*QkeCE5314EU&yo^gk|f{i*6|u|FPRe;##Z
zxHWl%TT?YxhFeqhJVdmn8ZP19xON^QTFPU2i0C2f<{_fRJ>e4WTT=26(HrL_!gAw0
zG9nsH^AM3%vphtk)xsql=e8~p5vvSk;gY021LKrxK-#%7wG!eKXe=IaBj4VY(O`xq
zW;-4^*5+Q)&<rTu3;Sh`8v*(G{&TJ!5e<>APA*}e)0nuayTolf9_dg5=KPS0=UFTM
zSjm9W2uN2ZNgLW@&3u7Le9GHc>s*pFuR7+!CGr14&1?yFJi@K12itKy?8zklo2qEX
zBODEna5P?YwKy7mT*A@lm#_cnm#_cnm#_cn&vufu67V)Jw90`@;;)|wD9=K^T;k@!
zC2pKO!nqja+TmObc8Ms9ET|hpTq4S%Go<Aa&eu>^rphH)se^|esc}J(c08g1*$tLm
zk~E|*)G@I9ifiYCXECQPar5O8H(wsPR4$<O20O!DJEFZ005ZZQ?DHEgc^F<L7x~Id
zh65SJGH&G4nYfYn$e=lK%4pDXiR<%NSBv{Pk8ECxW5IY=CPrkEOGJ$lZTU@?93PIY
z`>o(G-)J=vQlA<82uVWMR|Cp)Aa4gZ5jp)V*5|kL)x)>*)x)>*)x+7r?Y^{NU{vM?
zV?H8A&$+<^J|afX44OH3bIAF@AEitzAfhn`Je(gaRZ!TACECAXZCMm_B$=p8a7iVW
zNyYZQC|H|h2DzjG$z=9|Uqb_ni`<BHsTilc18L<YnLrljky#7m-8^IikfknJUIFdA
zA8abq%1~NB9Xq)Z)}FymK2i(HYk6=0ktu~xW<_wEj|iC$f(wb%B0DRCnLhFbq`oS6
zMiQL2h;`hWV2yYYvC}e!Vr{-Qn1Upc*E=5t+mH;mi;se1h;Y03IG9a@+r<VdFWlu5
zX>14{lrpoGW7DAJf<GIA$9-f!kWImhM7q^gl*2$i3*PjRpMY!)7P(K@o2`5ac1{A>
z7OdbSe**a;_>_-a0J0-Ez(@WC@?~(QkK6{bE4Y<NJ6OZ~um@^V@H-#5?|Vhr6TIpp
zNkH}m%|htU0r003kp01WJ`w`*O|YGhI6w{r2lz-OAcul8edJLf-vzf3d8!h8y$9q-
z@Pv;v1oA^LApuhtGEIT}7<`n-w&@t>W5EVKBI5jOur-l^6z7w{G#?Rh{w+9w$a`Q%
z#Q9WkijRmm{}KGaM?{?e4DR<45$AKkOFkmv{8vy*M4!7+oG%2c`G|<~#bBzBh&W#k
zj`5K;K&}SY`bZj(|AHrod<;H|vbYtz?IWTrZU>7O#?*z3D2uzn%042>B2I1XBcdz{
zs3U#kMIiU7D~Y61>D;gG_YqM#MbxW4B1-20)w~~57g~dX6ouU`@fVA)4zuppfs|68
zkuqLiS6Xc+Nh~lc8+H^yrnGwRN=j4Hq>Q&J(bT>^G99!ub%Z3@fxQy~%3L72I*rH*
zAd7*7)lHIMznTfeP<Ie{5>Efu05R1sktEKV7EnHs<SQZ%y~Tv@2{-SEdyJ-fnCx5+
z$0_GwN6}RK6%o;hCC;15TK_{57zCC#OUp7m5TDe7ampuOD~hE~A(_F~aCTv-swq~A
zu|UO1I4iK!StQfj2`J*<Y;_@9J`S%X!Ccf)Gl`^uKl>8kH@?+>h<v;eUa8pvD=D{h
zjH_@n0{kiKl9y%%lx#^jKA}x;FCGRAkV%sHQhu8rP`;8fRf%lc1HaTM3Hw~6CA@nn
zNgpXQOF2?0pq$wV>o0YvB)As-1!T&pf1;hll79x2KY>(GFA`ZuBXtG!I*|#F#wmYG
z8H!<2`D0iX71X;V!{t>$E%bo!c~^m!P=X@z71U%&Vu?X2<%(*MWSUXwR8%dJ`3bZ{
z-KeBiAeoCm{*mNSl4<f3&c`aNb%;C*q|E(_Qdvzw5~$xTpxgkhht%MM!XIyss47Q3
zX<{g#6gZ+NRjCztEyb0IPk?<|v68BquQffQMx|xcN(4KPsC6aD4pfHuYEdB7)B%!U
zE6{*c=hWk86~i6i8fyDwS;~R_k$_@>ObxXwkq<zoJdm0yw}Ku2;GDLWI*?=r0Lg+J
z)>6k1Sp`H`tfjt9<QE`gpsv<(Qy()J_OZcoZMV)BD~|p==E{@@B2s_MmHCf6tmDc&
z4E0%9e%$R_`V*<^%JhX83J>dXE&^xbvHsLkGs(l8SplV_l!5;Pf3bM3^YvXjT<7b%
z{^)S_UK2d@$XY1#20$9QGBx0ALPR4aUn!@kpUBj`zAi=G?jxeFOHuJ=es<#aZ5a8+
zl#A@d-Jdhbky_b->eM4OCZDt2-lj42HsclUZ5peWQ7ds9^;(UoAIo<8vBqjHS-$dL
zKxqQ`YOFq9ROAM0R7)UFsVPLdQj2S<wjk0A`b-hkr`3T(9)R9&4fKA^)Ja5YLhmP5
zK+mW%i5#bXthrjX7^d|YwcHl!d?Kx(KNNG?7Haw8DAN}D!)L*t7V2OkLn#_9+@AlN
zjo7obaLe>8)bNf{i+jI*4daxql7M;mi^X%F>Df62wf99S!#(XCuq=Ao7H&N(20H_y
zHMLZ0myjO1y=W^njR@DMR_Yuif!r2xN`KI5rM^c*tP4cTZKbXu@(HXx{|BVCn+ri+
z2hvvEL^3fTlYu<z$_O$WNC)*xl38{zpezHD=E?}N8b}v)Kgrbl1!cOrGJ*)1ZZ64!
zquYTn4!)4DhWBt~9)})D^kY5LBWO9X?@+jL2X=bq>)Cp$r=(1V@*0eJ+oa5=r9=!f
zl<lv^N%CU8w0fz(kqm3~Qt#fQ)jOY7ANAqV!ZNnOosd=^wWW{Df}NaxZd-2C9s8&O
zE_nfnsJ#Q!m!wuKaBe>KHUrgRL~f?x_&zXS>I2nLQYJ(B1AZZ>s0n))>Ic5mg=a6R
z8+=5}0bWuM`AB^@S{bC~B2lKShu#Rt%j(Xc%vVCG|L`RJ6?H!nC1Yto`SKaqVNk28
zQbzeW1}gx_`*3v~k%@3`=Ma$B)v6lGe6vB3Gmw$$LLU)YZ>Sr5<VPUs>R}>>A@4$e
zoZ3*AcI19Il2l1ziR|Gx>g!?&!(!O8jpH6WVK3MbdnumG96IwI$7P|Uw&Jw36giJd
zSO+TNUcorEC#DtH1$It=hvQV1Sq!I~LT0>6Rsrb+W6F4SE@_GQ2(1ZfCK4Gju?sO#
z{f@{G*l!U%(iFC%9Dua?gB_2|Xor@ks<+7Uk`M8uc$!*1B%%@vybt*jHR>(34iZHW
zQKr+?W<<V&w8Y$RmfAy-3}xSsu>J)P-_BRZW~(nt8LZ)dfy``m2HFX%9TKPf17wam
zk4WQ`IOT>U%aA0B7>az&Ro4*Nya0C{=c-#sD|ik^;kjzhu*gM*GFgN9>JRW=YOW;N
zfgzOEJhgB{$apiNd1^=!^sq2!%~KzfB$jwg!Pc};ZAfHjFiy@+7phMaX?;6DBo#@3
z{aL7vF+6`tf#pSNQBx31%Lej}+CY+6qVpi^A41-js7;BqRpHlLpeij<TO$el2&6n{
zEm21h;k1^hS(0Gh9|oDF>J3TeC=0=IEg;KO)ykXt`)X53ywsPgt%=lxQAVV`T<w4)
z@Xi0?lzL!ixjKdjr@maxk_1zK5@c4Wmn890{~%x8SVaV*Av{~9CflBe&B4wp^+icy
zi6igF_^eR}5;+59Dpm?>)DcMB$gfe)NRpvUhnkQIcGjvL9M7^C(LPdNhzb%5l!7r%
z+?V)R?L(vr+@<LTTI<vtBA*f2sCFwOw6X(pPr_XrklCtEBU0rw>}~?tuI?pLc0!yo
z21u5Ai%3(LM@<2;Q*Bxn?IgiI|2!ZuwGWX+aL;oIkiF`BA_|P}tAXrSf0D$jy$A9|
z^?-Ut%48^u;3m&{(8@29lTYjaMs7>XxRMgy=cwUw;{PMr3~A-4&r0IW`46h}eQu!c
z0f-IA98#YrnOiUli=N~V_o4w?!!hnVwI9h8Zv?-}2U;FE(mWtfSiVzVCYi=9@czbk
z>L?`c&f8&iDar78%3<{jB7Ej@SUp07cjFJMmx%Cg{P${dd6CmtfX@_;s^f_8e%(*%
zVo9<C<)P2a2A_Y*7w2F9PXrPYX~pkri+iWPx-*&e`N-duVJ!@4c`}XQMw#fbe{;27
zgH|BC|3l4{9%7685w!kLw^We%O5pY2pK2Boh4)haREt!UG79gUoKd?}5+pm2179xu
z4tD-h#}N68$OZL%BG1->-wFVk%jy~;HwHnU3FL~plgPTkNUo_r5Ly2j%$7kWSG_=F
z2+7=33s%O|N5M``+)?=cT`f<fFzgHz0itO2iF^qDlmZf`y+EW3X~k<3iHt4`vt^Je
zq`gICUjmakM7G74EF<zD_)|`5eMDrpOFk#E2XcWj-x7JtmHC-S``v8$43Rc&T33lw
zfP6h9)4EB-a%B=8!e~qoCy!F5yChz}nxOT~NB-v{Vy%~;y(URa;XR^6Z6*<3gCuH?
zJd9}#xdN}FL0XAg10v^$6xLc1X-4FJZ4i+iM2cuLh|C8fc7&3&#gd@U4Z(7fR;`Li
zE9TbBWbJVz3hzrKYpIfWIW4NC`H09@Q4RO~vIA#}!pS38F6NR0`N;D?QuD|JV2y@a
zFG|bVfqroA&`HV+K;lNMm^Ma|82mmcuI!3ww}@~Ii)rsv%^SmF+9yOfhQ+nrL^y^e
zv_FV&3`=V9kDwinVJWScBwh?lX{L{K1D{nb@@U?uhPCoY6ka8TwV5QttE7lFUlMQJ
ziD*VOVaJPnM62v0Vl^7k>Piv|eA7El84Rf#+EPif1I1qmD8qr6S`HB#NIDQ(J1&Vg
z%0#t-)kRu(4l)&FqFOCUyiumC)_@3)GUc?TM0k`br)?v`qfB`%n+T6G<u$X0j8A|^
zney6DB0S2J*N!4_N0|yt0zArigh!bQ+9|Tbqf7;@LrqMJN12MQ9Uf&K(sD?KN0};G
zN-d$49r*J}?A5Di*+g!^$SB6sD%x#H#wpLd6sOFFh*j0@uPwB^@_Ixo?js99<`J!y
zB(cQeFXQUCn)U>dt;GXM7U);go<iczwW?_YB*D4g`(UTKHeV7<tIkf?rP4A<s|B3?
ze+)9Uv{R1>e|8o4?V6%|4&*WIDv>{d#DLV*wmgA3oiH;_IRvD>c9h7il>y}!APuy-
z4N*qy#hn4tNb63d0PGuI0`jCbpU77*r@am&MLR>J4eYlF(nK>Gp`8a`hK1FSa1Nx6
zA#wtCMTAT<Z7mV8S6LWjnrpd4&VoNerlnS-3EC06j)Jt-suL0W;exc)(uj11ou!gs
zCskW2$s9$6ypM*pZhNi7Q^F3m0s~|^Xg!fA<v+zWV<&AKl7tg5#)<v#PTEu=YBO9n
zb<$=Nx&Mtgr5xDlq%9(%xON~R_>0B2fjMpEn2>p2%HZy<D8c8oEJ?BhtG|NTE6ks}
zYPpikR*sB^u?Z}9*D5y^KF?8x0I30_ht`vb8V)E8f%MkK6Bz^1cp69_Z9Wmh2`FuV
z^wmC>1oQqJkp9|LBncOja1}66yM;t)0duV^NOhoA;%ON%rB;_Xr3+{c)ShdGgxk&#
zZ445*56}l>hG@Bx>?%+mRsjL9Gh8e1jL_P3ze6z`p(PV}_f0%u8KG%JJ^~{4`A2AF
zkQC?y`<a5gs#PV@3+xPov|iKFh}4H$7H<G~T{}ReDaeRaM`~9ji3ND>H&Qd2i+_m)
zc<wh+Yfgmcej~NYtx$&Neq*%lM0oBuPWw}mT?J}>i#z1ww1TZ=P793cf&IoftvQj0
zmIRdX;Nf_!gCyz7O!&oWAw5xBOQaYOvHv_#J4NJGs6S#Z`lhzHjgU=OngDqd>`d4C
zwH0KRQXFdCY#?uIBP796UI1i{7DJ-+hcXq?8QPCX67GYZO{@Ykw38%LvlWwDL^@r7
z@2$a3hSsZ{&>p9B9v>&~b<fwv6FGYkR#G6dKx>eSGEaaV@m~wHbRt~`VNMrl(<Mn)
zR@cIPk_FmQBK6y#%tB3hR%oXyxny~v_5zU#AR|u17HZ>(OoC{vgVYyk$J(RTG_tc)
zi#~^>A*8+)WR_}6i5vsVyMQdyE)g-IhJOX*J*`6rp*2gH&@-TX2V}Xng~+==egd*W
zOYSIS#wk-yz!@}<541EQ`XNQ`HLcYCCBiLbm6p&+XnEtsDlO<EqEA?*m6s%zc<l+?
zlUc1*C6dq}PVT+0*6JdWbAZ#3`WmfiXJL6)fzPkO3INE5S_dLoKyCwBr$xI8ne2e*
z!xMjkJN8-{kwwslCj<FZ8%ZPzeYg%}qqdmH9_X>l0@<u>Bl11;&yN84Oe^vNS{6Ix
zj{(`LjVB_`cb){YO<PN335+|<fo#|2^gylTRVcGltNkJpapEJic4^&+h~0QWc54%f
ze0>@EZy<ZLC6ZvB?+RqE_K_rBd*7#hPK4Y0K5Z`%ZtwfF=DkGfu>iOCZ?yeHxV`6S
zKT6{5&gE!$-tC?A9sK`|oRMjH^TYoy%UAQs6znZ>;dz)}>rg%q4{0Sxi+9=&X+w$d
z{`_~^`$S4WPa<|E59hP<y|z`#U=0_urth_rlEf0%oWawaBidOc?ri6XcAYGXJ;q*8
zf<I^_`iNYhok2j3YLg|2Nv+{Pe%7u^f^(#FAiv}*onP~Lcs!rX@q98T{!gS+-@I|o
zuXR%E>yr_?MklqYL`qc&$bF>W@}>2=w$!I3;{1C)nN!*dDTDEO6Y_pa+a^gY@ldxo
zx%+)u%O)}vT5c9Z^R%`fi5vOT+8IeOhO@xVpISmcFY*h4oY5kZ#1a?7EKckVp3}+_
z2}R<Rg79tEIjt%Z*YY_nR}!?G33mR<my7e-u>K+~T!VZFGUv6oC7GBo97cSxM}0wC
zNF)d5bx1OaoOH>0BAZKMpLs#sNyLU(LF<69^EHupSdAh%f<$?ZW*`@|Tq1AO2q>R|
zKNqyR17tLmc|<O1BP8*@N4unDkc{{~S7=?PT*Ta$RIg}jrA&q*Zt89YnJZe8fx@!)
z735W|wIs8Y1CaMGLFTHq7>WBm^>xj9$t#_&LFT$v#YYYS$<>~a#M^VYp`{Yx_3{l`
zt;ZC;D{@22kTThUqA<r6yAU_D?LN!L!17IPzmNP5<d(bY=QaKv?cNpr9r7pJUD4ms
zj*&mSqQ9e=gD@KG;T`P-Nj!h<Xfq|je*SMr{jOGEu+Z97fKOE8^e2dj{bx~I3g}M}
z;kjr5eJGOqdFEMAA4!B~o(1&@q{TDOczrsN6Hr@9g5~@4c|<0__l!5dpF;WvL>`8b
zTzHnKpCYm+i%Il<=<};EE~CsCB1bpkIZ>j1i^$_A@zkuazU^hydId($f<METFM8S#
zBm+T4%m$P6SBE0unO;$S8j|~YrdL#-L!{#on4KPmog95JY4O~zsJ?~B3$(*oR4@1n
zTITb(qIywD(iNvJ_AN#AN|MY{f)50g2f)LkdJ7`&whbsHfE3p|k)2NKaei1zA1+BO
z@gq2673Eb*A5G*uj50_jNis2E-7C0GDW%UKnf*gpW*(7a(6mu&36V^=#RS0z%O4PF
z_!_QmO6eaHQC+f`$Ozc|My(x0KBH6MQu-bu5jZtNnFEq|^SV;{4Ij}V@1^w8!$b^W
z9{`RfZ6Kv}6N%ermezYpf_-LrkO}IGBtgsKY)jR@B0EEiU^I075Rq4J!LR!T;O?CM
z6OusT0DfVu>&kGMx|^1+x0VFcdIZu6>2FKooi2s-b&_D}V)x0=zd<{R<L}}Lov9y1
z;#xNK5hFxeXt@qpw)DRxnWdzI&taI!iC4$OUo3t+-T#T|cw6Iipds|4Pl8q%{oa{X
zSv~PpVHy2t4l-r+YLdhfzZ#C;q*v4*Co(02$&*CdE@AQvkzT76B?~N8)Y~C(b5T*B
zED7eKGo)2X-y#W)Ry~1K)*pOL`lE1tuBMkE5_~&Oc?D#u>FtpuaDA?(KTm|~b2Yse
z5w5G%^p}X-g*CpoQC3YKMuh8OHGLEju7}n1iAa<SA-u;}Enf_)>6s`aSL@<lQ#C!|
zb&-o$;+$u&M%B=hiHIF4aei7u4<d2D(66DV65(&IYwEp_xG}7$kC6mp_&P+RmcCSy
zampOHmogqmZT;Row8!*yq_qL=y-x+1$Mj2*V7X@id0bB(DSZwkJ`|_C52U`nM-p$g
z{Dl6eB&a2JSDw&s`p6p4YN+4;hAcrDjZHvObi5aro%ko*I~DVUrh0WL<Bg|H^%Np}
zU$m*-g$Uo+Y^skZ!Xw(#I^C6Z$K0p&T~a1H(3r;Dr}f_@L7%h1pJw`HANd-{Gi1lx
zdvD<q-dAs-2S$l}d1G!1y@Vt&h3{gu&?^w(n^!IMK16t2ZmF*$!ntUvUzEi2xn;gO
z)=Ezt?L}4Wl(y2VNfL8+cU$YtkjNYU;=8}rdLJVET~ZtU6(YR5+eRNpgm-t_>T`(j
z?(VaCi7{9=c-{S+-d2)XN{1M%NFavK>D`gIGpmmJXh|^gWk9Z@J{RpIuDBn^l+OA)
zL@vXeSM(d5^X0v>zT9W$7^Kx%-y#XlTmAylO@Cl4ddR2by>ycZpOW|1=Zr%cJ|!QZ
z7n~qSc7RW=|EI(Mgg@_w_E48_zxs+xxL+NnH<5N?iBsX+{3iG_TyII_L6>xp1fvl+
zCS<Bk%IotR`eY*P^C&%SN?xDG>A7#B&j;XsW=XI!S)Vf%$(-ak#Q^e_zJ<u9W_V{{
zhU+uOXQoRytywPN_++?*PgEDVM9dGxjq!I~!Z*g3FiGMY;~wD~$R6Pv<1TS;V|s*d
zV|s*p36Jm{a*y!+@TKfeJl_vr=8{2lKm0wHaBuUzOZa|xrc1cxE_Vsf`8~q-!#%=x
zznAOBW$9q;6*s+CP!AbP;5*wZ^|Mk2YfCvO)0O%^KJo~V)%qPD5j$NU>Iu`ZwutkK
z`XKX>{+A@#%4(V$f2@~!OV*Zzr{S(hV~}C8tFVzCP@a(_LNdd4!d|x|<&h|DVVCbY
zNuHdIwXQGBKEzDs6MZBR4fc_`g3Nk7lSscyNIuogd8joVWO{+j20ewyc#skQwoxy*
z0A)%-T1aH0gjQLoCfuR~t&MKvlZk9%lEk;=H@k#y%X@@x%X@?)?-8!69^t$39^sqt
z9^rfM9^rfME{W%R?^|3C`BuZ{dS#h+EO(Lj&-EHU0)r=z0g}W59F1-I>qIyjU+8c8
zw1z>%w(E0IM&bMFJM}Cgd^`P1eau3UW=!F`=wIr|i?A%3!;RK-u(L~VE(v-lEXVY0
zN#HaY`UG)jX`g<Q2;ZOoO3x+2_vgRTPc4>dCGc(eul0m?Fm?9lYrQEE_UCJT4iUZ^
zzhA#hgm1!sqgQ+v?eM+#Z}m1r_-_0Gy$=z-37?}cCc-!259&WklAZYEW4Mw!sGmR*
zcnZ$eXF}c&>IIgFv}P&QN5v@%fE?0G5K-QP-Ekn_>2)N@PzFy4C?5bhthXgnc_NI1
zK#u4Gi0lBFEkKUyGl{$oGFd==)He{x0GVMQ!@V8-2O@1jW)H~xtRE-xG|3#(uMvp{
znQuVm7yUMoGV5SB9>}kH-K8QI8A@HadHxfS<9bgbbK$g0?6aNFE5DC2JK?*?6CiU^
zA5Y}fj&aI4AiwMH5V-}l<r<Jb^i4#X!v1prek=V?{Wy_{FhdjMoSu-0mPJ&Pf&8s^
zBXSpRrl~+K=<A4VhE=u=<f6Wv$Q~e-fLzKqbGV}KmonZA_KMzZxkxLf@NMub`dT7<
z_xqZDmI&YU{!hO~gzt6V)B`Joo$Nqr)i|XFq<&j3NMs7k!=C_hms)prQh8WYi#dOR
z5U2>P_*Z+uYw93VAT&~Hd3)UjL*pfhDSTtRU}y$fR#+=OgumvHoxqmw3oVl}UcYf)
zXq6-xN({<971Fvdw4KPYNmvgPLWhYI1=0m%3WsuuIFqp+-XBswz|uJfc3uRTBB4i#
z+yO0750gTzi7W$|0U+~0Xd#i$Nan%Nr$m~<KJ5^YNe=BLG62X3AVovkN=z&Be)uvP
zNU>0PA}0%A%`6sbP2?8rW{8?uJTzoAYP}D3#(`FeP&$!Efe4vWq4`9v<iI$&0rm<)
zdx?xsi&L7w7^a4f68W-6obndf(L<%zpyltN9?k<24wWae7_^oFF+#0b2DDZKu|lVa
zoB^%PK%$}OTC~#zT1qyMa-r5l&Ou8#0Hi`_01?qreg;x0lqtz<MYNRjK&piBj$($g
z11#SHQZ3Z<L$rJg&f4PPMqTyLC?Z|J!z3UzL(_<4P}`{;T1+G!T3l(6c`TInv9L2s
zNrQ+*fz%DXEJ=oP|MPK5B_Q=f=|l#D<!V40gl70iJs^!j?-E%-t+H`wEs=*Ht)?LJ
zRA}=$^m!vhEEPzzP>e_^kP&IM2;I9=(JFLa%6M(LRVeopVF&AcH_&PoDzsjZm^;R$
zhN=_cG3D9N86rHUJR2JSDQfYU(mu3<2#+bxg$_yr@5#_O*dbJ8L*CRohbBnkjf34n
z?-Ai~uzP3=5grG-ho)_msk`Ig3!y9|3j6#*C}9(N$UeUi>Oh2j?h)EZgnjNAx<G`-
z!52g3X0*fOV6RYhB0LWE4!uHz$H6|K^+dQw>J$1xl5Dp}>Knp0^SvIaU%noxAN77Q
z_j|p5p&#H@F_+*RaIJsnfV7;U)IX>wTcA}A4E;>x_;Yb`^n59FiO4rU<LEg!6u(8}
zD?`Z|i>Jvihg2fJLq8_YmxqKNB9aE=C8#Y!Lyd@3ACGp1h1wI@GY)zrkQou`Ph<wA
z{#s}ZkvAyyk)gRnQbB7BXpIW3BBH>~_M1S)guWosjyxP2${|vyL!2D($AzvExdxWS
zh(A6Q{0#Fo6?~opb|!@C64?Si3z><bG$L0Z^>;vKQfLg3&ET_`OH2-B5?M}`r-b$r
znE+aup!H_x43S#k^M^pDh7z`7>i>by;?#axs4|iAFuM@stx#(sZ<5UP5YJNjLF!_3
zm=WSxN(V??%u;5C29ws_P4E%`q%|uvoXF2$Cod@oX(1UyGA~0kK9^c-xh+IPSbjUS
zhV4MUI%LCl9HDJQ`UBYoT602Yh-i@0uYt^UQy)mFXM~D>F7iH0nGGI(2QnEUo>@Ib
z`I;BvnN<zQmzY`24^@>~8A_&z252pC$xiTDkcFYzB-0qkk3bf=c1l7ngq_8qJ|wdq
ze0~Z>t9L?~MCt-L30m)l4iotU;&T?r5;v{dl={+qz38$~fo&pR*k_8<<Yl2GAGr*6
z-U~UB#1h|GjPsVvP$i#?(8>%oyhmnv2+YD?Oun)rRskO2yN)Yd8NTc25x(pAfh)sz
z9X-N#9X-N#9X-Npkd>|-?t53cgjYZw;of*P%OvrtWDS#e?u|Xd-|%{b`)7}E|Gd_<
z!{6|J=o0R+J;MF-N3IO_;UBw%d+c>C;U4>wP;*~-{Rd_GNhtD#DEC<63v_m~DO8ro
z$f~#(w<%N=Nnq4A*inO7)27fCBAZ~ZsSxayd>*Q~UD(MEOz4F>OJ9bbA~G3ns)(-_
zcZFV%#G8v|hX(nGs2ka#X+BaCEbk7b?2sP1-?{7!4IsihRQp1EiSQ29w;_5x&s__D
z=Mr8EAEs8|`SZOSG5*HcBm9lCNBA4(Bd!*Ik?Ilt#@QqMjq^{g7JuV>ER>SvwZU@7
z6y;c`wU3CsonJ$1eMIc-oFqHhNxX0K8<AZP^1cm|>?Gc|`7KmsCze+i*l!VM6TgMp
z6DbV)Eut--3gPPn*@5+c<9^E@p`j!*0M08*LV5oY`kqLg`LO<i@;V*5M5HyGXoxh<
zvWM}!M|3t+{!2_<+`Sb4^;hT(BEM!S((+%SnM8Pp>U=117i#5PLx0YPY7?32k~!Hz
zW`ZK_s)@7O^PvH|1xZ&{m522pczB8Om9F#xBL3}is6h;6PP$|ykx~$2@iofj(BG2m
z4n+UMZ$htzZV|CJLt1d{_G)P49$_ataG1`QuZNVqNNRyU;=gi3>xlFv4|7Ac_lbYm
z9oPjux=8C*=wC^)10Bx7S{VNAZYcT{+UW~>UqVI+kC!Bt$ZuX12roqvs5%^P_Z0}|
z5*Z6*Hz*YdFZo*7i3RQ?;@(BU@Kz#aK}O`FVEA_;XMl*b3WZDUN3D{DQLAvcCXxN5
zRXE&H61?*!q?5uknZV6PvG11@K1yU!cdRWBgv)<}`Re^7-q<V}?nY!G<kW(iSv-80
zNCwrz65)d1qSi&1)F+Y#MC>}22&WR63IA&VyyR0dyiAf<fbW=<3a^%AcYsgZONBS1
zOyWl{&uk5$FBQ%vI~h<{ABFl;Dtw2?omp6a)UbU(_%l~I0O!>8Kt>JMCDN~RKuH0j
zg?kX${XVXaL*W5LYQP%{EkGt5UPt7&<^kn7AV&BEkz;zC(i4as?vR6NHGrHB1mc9(
z5Lp|7nH7*|IETnzpfv_a*>LNFsI>s*&QpO@2=6Cy8+IY)0;v=}{=JaF{!sKk4~5V9
zi0FT+gh2rQ;I1`&&HboL_-k&D@YmecTp9kF+au+{P8L}7h>#KEMYV9QFZFl8!|LJg
zM}&tlg~#r?;a7<8*j+cgln9T@^};=WKrJ54>xC1JO5(1q>W3>Mad$ZDhc^=8k@|@+
zpDOaW+#sAqGCT@53}^jFX~Ak;ysgnFocR+H9)+I_D?ba89heDY?u#%NeKI_fNF%th
zumN(K5}qpwmW8O#ja`2@?@hu>q>Q(!Z4%y3gmd~-IPDmw&beqBzIP4#ba)=ga4wpK
zHxS{u#53VbL^v1C^ZDF7{NOK`7Vn|82tQ7Q_t090I}zbMwAAo0BD{yzK0KBPuPZx*
z=Sz|u;61dC;mEHT!%47X_60<&OBi>|ywSW%xU!VVP`-jV?~*cEL<&NSI|!s(_}=}5
z9&TL~Ge+@7he!C0j-IXzztQocOZbhBUM{J54euKDb_t&g_i+io(b3l>d{XQYext)9
z{6>dI_>B&a@cFVw_>B&a@VS*o_>B&a@EaW-;Ws+^xjysz8~wxgo@Dh8^KYc`dCI`>
z;^U$Oz20VE_(LBNz0IKT4j&P-otMKolHfO4zd{KP2~R#DYl3@{H8i{yiF=a8#5>6v
z8s0!MJR=$!-bQwKmNGPa<`i1y8PTwChd;2^ao&fAbBKHbqm>xrMue{tSpzdGL0%0X
zJB?b4=(Ov#@W?Yr9wn{U!`06s84OzDZJ&|h4n%T5>kr838{v^e?f?<5MU4utCDIOv
z&>tPHd>-wL2Fpm&h~&a3Eam{C!><q#_qxRxH^wc&C*Y2UxJ%=br1KLMB@47%68|a8
z=Y?gLB+Z2x5!#t4E#nF1dGL8m_>?5E09zg#uKu^sjwQ0?vEiXe0&IC~IGbeH@>thH
zUdMSv^fux}mvOEP_dgR{!Y{f^&O^kDE>m5?FS^XgL&R$>GhM<jy1bo-2$|U~;a+R5
zOZdyg3?@nZW#T+0@%)XUNBF+Y{BXewB4TqC;o&ui>Vj|$NwDqQ0<tjtl#e8wfPH}Q
z7#}GO<o)nZl6d=&AB3+H;W1@pxX49WItq^<E5l2P@CdugZOgnCUL8J6GCbz44j;RO
zc6jBx+8w`mBwCYiJY5^UdKtBNB>FI1{R;U*<LO7?IYf9Q`Z#<^5^oRo<8Xz4gcimp
z3VB~2ZX!u6vHrS%QWeO?a7!XKz4^H@+@8p-z4$vU8^g~_lA#!IL+Jx(%NxT(i8KNt
z_Ruzm=Mt#`MC@yA39lsb0Flqad`gw}1D;ZC4f840Kp^6j>htgqr1g!1XA@uK8=JO=
zAGj*=m7(+o%QYbv+rv>JZv$xnBrDvM$m>9!2C_3enMhk8ZGe24&+@MDaVdi>w<E~x
z3SW@Kdru}iOz)Vv@5yAlGW?!QcK8lz!PjEgOJs+OUc(aPId*oKUytDzW<0|0$#{g{
zlgSQ8$j-+xTy5<RS0%!)$LwXx?&~og;n!on3O`F){4&hf;TMVU%P`-D$4G+pryE4$
zKsffV%!RuPaU^_{2=7At5N>)MWq23jSa_Qx*@1Q2;Kd-Yb26MuWW|TjV*xoEwsVD6
zhH@eedYZ1VVhvaKk!c|Fcen|WC3R8eLb!vE2$_rFeng5^K$%P7kv<}1E{CTRSza1;
zZGl_~FC}vOIVAst*AscY5|XRoY$EHxLvd<$Eu7;cv%t>3;a`YM01t)C_3&9A5i+^q
ze~DZ#k23#-<Nm|E3nFB0gdZd_6+9H=W;jUXckob<Th#w#DBZzBL2if3lT6vZ0VM;-
zop22z4t&A(4v@Ryr+h@nD3MemS}BwXM0)v%kco>7A@V)sJrhWQ$VeYq3nV@=mdI?#
zyEvsvh~TTX8HykqK&EgcgJj~Nbc9S&WTTG=nFk{Wh%A7-Zv#>+@}G}n11S*+-@u4n
zhG+<x(vdDcB4pIad?JG&K0+oGx#c55CK73P6Yc!g8Qx_9VnzB9c?5hG#EFa{@+*{%
zAY~#MM8=JYlcZcE(?`AsnF^6_iA;nkfzYZPIqM@r=HW=fElj-!*!dO6BazBJ@+XjL
zk@iH&fE^)IGcwpmgiP(obRu6s>3nkxZmUK%5NQHhqBpJ^DRdjtIt)1#q+TRMWFKhl
z0j>Ix21I(1))SGQL<#_T5&Gu_ktsx0fYv2Qy<udrk6Z`RD3VF!wYpFTfuuzC`$+sr
zSjR<<5jhW06*5mnlJB60f(V(Wk;+8IKustDq*-L3j}!;;Ok_ThqfirsOp8dCj|iET
zk@H028U+*$Nb5-SE~b?>3-06qX&Y(hBci-gBmIf&g@`@58NTL@j3yF=d<pVgWHyn5
z;IkkdBAG;nLYWH79V0nJ+5vHZbdKC0@)w-2R0h%|QbZ}Fh~7_-8bG>6Y7)^#!pSv|
zZjlrp5fOVKGJwde#;`*LGCd;ei5T#js31KfM~M`<4`xlU|MOy`WB}9ZG8Nuq1exBE
zM|`9;kiL<piF8!slxeV6G9WU6$YPhwCQ>!XGRugxbIHd<#%_Y|(ZTY7$X+73B=b_F
zdK~)m9=s#e17u!`bR)7Fv<3kg9GOU@27F060>}`z*Anllik|J2$PAKc4|giYfy}T-
zCXod|-U2crvX{s(AmY3AS0m@yGLQ_Ac`Xtufd0${58nmydL)O)79gvDjEYn*h%(Q^
zuF<DJ#zd|XNtgq#ZUY$`NsC9B@VGeTYao*%<0YA`2yz6-)JXDuLT0wI0^Up$F9ytr
zG$pe8nSk;e$jpl561jCA#y22yBMl0n*7LAObREdN$TT7c`UGGT8|KE51_>x*z#6|W
zkj0UeME(F7k=DDB)I^k7CUy!zW@%)yBpJ#|*m*O6ydOF5BV~bPMv@B)EqGZGWU2sJ
z9?2lG7sz8kK8UO(@;Q(OKvqWf5%~oo)(pt%NWuHj&V%rkO)DU4B7G!*U(zWOP}&1o
z8%ZvL9zFmsN_7MBQDmqj8Ib8X`Az7$$V4JPz`CFx$b1snBFQY}rB~vV{{dMaxk}{4
zLhxdVBn6W&^`r3hP*D@UM2^fPGG!Q&4UwKDP$n6C7BU+nm31VK!rK~xY>Mo+kgSH*
zGzu(ljvR|3Nun9-mdKw(RuK6ta)roeM7BnhGN?5K+Lw5v|MN&Tkx!>V?FI5h<S3E4
zAd?1Vwj*-yzD-u7XIWv#y9bgLIV=gz;$}e~l@+O7PRPU(f9{Q6>wFn$K%_s^x-9s&
zFC$HnxZhTM8JR2zep@jY{MnT+_1%&4QU=pn1~R)N?aO0YweG;H3tz)X6M3G<>gO=6
zJ&|6Lpw=qT+7lT`GW_=bzQ|G}?)&`vA|)$G%K^Tt|8>M6!guxeN2(LyU*9+onMQ<v
zed9nxsfc#?_I^$zNs@G><T<Dp;7?AZI*}YWi4ec2awzh;B<QmkOTLRt_mS<O^<Cs0
zNxW|m4o5PPxVbnSsa^?F=ih2M61hc$f2-w($ll6A2KN1CLPWvxPmzm6zIqkj3;}X1
zqC6yIJb!+T6!#I~&#w_%63?IGk;+J1e~w4C5n+E$MpizI9<o2bMJ`pz>(3vNXjLSw
z4+NBh`{5pAq!N*>C*g((r2c0<pU+16N*S-N{uLQ6iRa;8kugYI5C4iNkDx#7;op%<
zMA*X%`TV&|b=8Z{<;cH}N;~csB9|jdHMA^tSHy2XT#ig8!fE{znOq%ZIIXMsEMJfG
zuOVbGty7Tq>yh!2c=`G-l7qy}*ME`5HPJHH=bMpsM7TcRiu5ER{K<ke?nX8c5&no@
zUAY@+UJLDTeO8Q)lAu4LeJREulyUPOXUrij&U>7ZSUayj1&z`~*q?Z#JQ4OM!N?)P
z{v;TwkLC3z(ddrEO+C@*Lo%FtqH%@@NB(|eOC7YskuPFk@8^~2gU0d4g$xq$9ngaY
z?YJgB{Uz?sB^yRvv?J2G0MSS`Dob)&mPIa*Vn(n&$t=Jx_(~depAaNnIRd|=Q}A~<
zM>F7m!e1<jEtg^<?|2Byd5N$b^km4gZj6+cPY3vyeRN~IB$$gLkd|(o_mLnF!^oAy
zt5LR*+`!A1sJ*t)x*_`9|1$ip>ozzMGbRxE7|!FwE@)X}jwG=F|B6sKqtBCQhwEW^
zV*?Q`_X<YA6qMmQR@oRyglj@&<7g9<;hIp{INTHo|EkeL#xY6KmEV@Zx+(@|ZN?2E
zXMu=!2C5jfpB7r_O6{Vs8iTw)Vnmw>;zg{6QCSj<*h3&w!x-Zuq7BwIrb^;Ptd5b1
z#BGChjFe|EEsj{-d=aZ}tdufd#GWv^w7`6E#2Og$iEzXk8s~{{#8Qm3mZ-%MOEIdq
zM#2$GF%sILKTT9@-HnYhlEeZW!zM;mNoFZ;u7TejfVp}TLroQ0FpJ9xD77IPAVZ|Z
zfACczkf-vsou)=(DdY9VO^r6BHRlkl6hNz~F~CRK0%>N9mINa&;@rxZ;Ul81wlS9Y
zNDm;X#s(i51mrm*<|A(a>1_PsBh!F%H7@wbd>}mx<yjdY`8DMSK>8R9B=Jglkg*Pl
zTgrp-mFfSCzU?vcT!Jqf!-;SS4lyPX;SwBX%pt-hILv6>0qt-J4$D`=hZ|QrNuS;N
z{HnpfjKDp~8^+I_(GK@fZ{+E<L{Bo>IL|WFlZ?$*relrDX~K?Ireh7Giy&SPIo7D>
zBcDSI#~E#WWH*or#&Aizs7^9wB5|WS$%ua*edZWWF^Uu67`|yliEzZ;GDZ^Nh`nV@
z>xy<b&eM$rlHhzyoQY32wn*Z&_Zdc!Zc@t~Q{FbJN#fPaw~YoU<N7=&Urop`7LyF;
zVxF;@2<KwHv6TpWxX9Q`g!8q?sM}rmlddE|Pb=n!iwyGx%opc$k#SfO^zZ=0d9iU$
zlG6eHeZ6;$J3bj<XNggyhp>ZMKY-Q}qpBpH)-of-CnL1pGursbanO3t;9p(Y)fLBr
z_wx|(dU>YNO=`sgP2t9i7%!F^gMCEYidkXg_$-Stca;(9DLgzKV9TqG!9F4^uQ9TT
zu;sPJVIL8eKQx-Yh%vmr7f<ol8Iy@TZDCZ`8K;O$KMF7TfaP_@gS}9zxQY4t#IT5*
z?}lW(QC*S@rR+ZN6Qc1cwH@zEla203Ez05|$asYFwaJwcM5MmiC7iD<d5Fl@XU1Te
zI+kEASl(u=lO*OwY`c-`Bf|0yqd{+xFRv`Jj21p3EblZrNRqBR2IVD4wsA%hJkd~2
z!P?45?j!9eogweL!Q$6OnvaOI_8TjSa4x<vs`o`LL4@URjgCY_48{G8gGL`DftShh
zA!Dy3m{U;?zcY^bh^X`5843M_Wt4dUJpA6MjznqN1n$=XIbzf&(z89h=K$mfqbZTL
zIdEeL$Wfy$k;|}#jRN`67*C|nB{=N@a?IF5<lN`50}AAXagK<{#nV83&)19oVdSEW
z9A!i<{xHh-$Fks>@Q3k>kBAtaHvS^QG5piW^$`)nGe(ht!VZ>BYe@YsV+<1I2dKSi
zKrR>q2T2)4L{+4I$ykXbq1m4>27=5bW1S@FN}U>UN?%FN5K-XE7g5Up7^MdbJF}F8
zYp{O?GFOeLB$)bZK>jsSB#F6o<3D4jkBEHTFpd%7eBCrs{wFNQ6s{Y$jJ`y;Zrn9S
zO5)W7#eCC8L`_i4H9jJ0LY%o1i4wXHP$mE=VD2YU8g`@K0#eYd{jx|MEiVL8$UG`Z
zx>5>O$08a@X6g_jldf!sQ+q*@&E%m-ZjHb`p}3h!q;w|iPJv7ba}1HTOHn3ht|h|1
zk*b=9iCnG;pUH!kY7QQTmXk)po(&M)RE8tjn~rVAFw07EI`Pv-@OH6nR!0&L<-QNJ
zY;)TPp>^7AO=Zm8lB6qp*TD`1$donzA~FKn#g9PBnZZ{vt<6*LSDz}F9f&jpauQ@J
znl)b&GTyA<VRL9cQs;FcGg}ds#T@csGu21_0y|aAX+$2G4QFUTs+w5GX1jH)ntAUU
zt%f;mWZu+km?Pg11WWKX*r{Rm86}7ppE~9UByN1_n17EJGU*DJMLn~`7$grvdF?y`
zE!-R+i5J5s%p&P1bEzfXuWMjdBl0P{z$3I8nyExKjlwd0(p1I@E%dO+A8>wQu9GAk
z`a!H4&CI<-KKK&K9Aus`UmGX1yj-*}CnIrl(ZakmUdp(o+}czppog5VHf94!yz**e
zf?4>BC2{?6Nj%pdk8p3CYIc%#Fc&s>_^jE>M=As9U`~}Jmbf2Y-K-5H&74hSXH~4L
zY33p%fs-Tf)?%9ZK9T*WVSf=kOEcF<f@ulMY33G5W-02-IOQ7bKX)@9n&?G!H)!=R
zpYRdUL-sUVOOl~H{uZ<yu+!Uo#YaRx*3TU0BjPKP0p<)M=9_V{uN!EtB(ehXCA0>a
zM~Qqw<bUR)lk)mA#BAv!!k?k$U`fy)VQ09x$45l!ubMeTo`OB<CgAgH<}Dw22FUAX
zbh1b*LlH7<fQ&SoOX8LCXtR$b7{iVrGuj-5B;mCR_<DJ|IZ=|?%6-sIdw@*3`JN;=
zlj#R!toezLybNT#x%VDBlgu0<7k_|Lh)?0P!aOR8_wL*z^A6gPZ}PkWb|#ylDIyo%
zyK_^_rzDxBj2nbI<WtNpl3*?xd<(03v#*ad`3BC{%~yP6JXoG#PW6$ufy_1+`^YjN
z^UV!DvH{3D=CwCv2_{^J-GiHO%9&~2Cc>{XWt#C*Q6}kqmPsOVV?L9TM7~{&x7;($
zFp<9&GATpkormCsSV%q7tSX5Yu}rhQB-sJ+Qr`iPS#HiD8GglRg_(nP<m}=I$gD6=
z`p5|&E6sn9B(#S-iF~awZ;>5gc_1A6tTF9rB46WW>HG~^Yt06dc%}29nJURFWi|9#
zS3%}O^A}05bVTYOn^%2Ar2dIn<SkjsiBH40BU0aBmO$dZ&a}a-BMGLiKrgV->_9S{
z(@o|8NieNKAhXF_h(u`zbDJ#iev7#lNy1o|&qH!RHjo|8=@#=RNieMkz|Lo;GF^J;
zzJIvYEGG%3RT5;jnkh(R+cAJ_Gn-3-Ev1YkY4^x%H+xFrmFaf#P1KTke+aa8m@7$!
zbDCv-hjwI{RtK3Z^Q4c|2a;_*Fax8?HEN$(ib&ffSjYC65h7#Y{R9z>eP&rAuP$Kn
zFcJQJ>V0NSNigrCeeE+-eB^0JeZToG61Sz~m@9~IyT~y=BEoGa$J|6j)cKBJC&$c^
z#EVakd0G-Iovt8r(6naeEuBMV6G_m+ULbSGd=ZIT!w;K-NsG(<u$dtVS{@8q-<umq
zh9iH(+$#yz@ZlhH#H=t&r0%74)NF|)f$Q^6W(P^UT>NB?k_6Kl2X=lo7n2O9b<A9c
zc4R4w`h3j%+(*QC@vC_WwE|qjPnvOWW4Ut;KWP>w!liuDEP=#rUnk8vl3-8rCZzS7
z*^Ok_pWn?%l3-3}fz0pbJRf-%$Z2z>k9-8=oaxM#@kzMzFnrkxXEztkN<>7t7l!(C
z(X2*9)J)L>Tr?ji;!vM?(R>n#+m<hyttIiIdeIyq3FaaTQom##BpJ@dW%K?yUU}^S
znagHbA2|r*AG0o!gte99l%IiIGgF8ZZ3e%11>@H>v$-VLx=%`(@jh}6NUr%EY4JJZ
zP4j0WVuTfzZ<@aoVaqqo^OAV^x@i`hD}2V<@(*a;GOJ4B^}V;v6iLP@uRaXFj|MWg
z&EAsCR#NUldryFSFy>++#jC_A1^$H798<{<mc3blV%3ubOSuThC{}YHDFr0X8tfw`
zkb>4sAE^YSkhKm;!p$jIriHC7l6d(lZ2c+;=Bp-X-EZ9@87{9PR`R?;!b3Tx6o>j#
z#Of&tdRPy%lB^*<@)VE<t;Igl21rqBr;nroDPf&Pk|25{Q4dR7mn88#ENzvVU&xJo
zZ_o-_)g|#FuUbtdL4RHX8P$3oi5v??0MV^plHfdQlq6#%!TK`+NXUBo9<7MASQ5{l
zi1j6E$(H*TXc^WClHrJ%*8K|#fzRlVm=T#)DIb{wTDH{+iQ7Myv7RHsy>S_<D-j++
z%2<6Q@%$-cO_u~qa0ys0YsE;0{V8XiMmw?}TLCiVtoVh}L$^1sU?of9S*~E!lmsoW
z1FecyD#@_rN>(4V<65p{O+w=Ky$@M4NsIgWhpbJKpykbA`C;oY$*|=r))}-TEpG>z
zDpvd=>9ZtzfjnaANMtD=0#eO#h;Uo3W>uC1e$fD0+)*hrLK5mXfK<08`^Z@!HLXmt
zBYFv8xwf^I2wSdgZIHyXT-#C>7jny8jLVN%MSSEk*r{vvLgJQt1M4LsJT5n|h7noy
zKWw=TtWiY7xEweG_w=mEl6d9S!1_oMjA|i}X=t4#8IEcrEBPJI!v{d7k=4gXMBkEP
zZAaqPjV4yiCnL0)SOwqp><F!<RwE>Cxi_<#`DA{LgR>;7n~wy+PIGG*X%!iTGoqH(
zC?XZ_V=|FQ8JL;Fhhs`hYdVpOa592qz9e2WT3Tm`aNb*4p(Vm+d~G!XskgG;lmy$U
z*fnZrWk`~t6o+?>gl2nd8Ij&VssZU>t(7Des1LhOSzxiF^%;`H=ir`RYnZEdw04rr
zAi8zm(fXE1qvfpivm}`M95~tUXyqbN`h0}5<uprKD&wp?>yiW{313&E)w-38M7E2^
z!NWAmA(=l&rkhpCC$k%T?q=0N;*RFstwuf>u}{+7>OeAs;mb0S(;ikgBIiCt4|`aB
zd|JYC4{N56$Thx|OIi=jKs&vy!ppq+BeZ&3rF}$b^|9(8aXsvBHTTIhhMe}dI`~K{
zAOo#`B#9*sgq?vjAcL)&L~gmHz<VO~SYn?^amou)ridh17JVe?O)|Zqf(e<ItwHx_
zy=)ElX}v6EKJ}52K!#aaND_EH|GKr8$dd}r@L#v^d~jmIpHJfpv9DV>K0A}Z&g<4i
z(&Eu!v~`_`co{{k9Y$MsiA-w{Cueb^twQg6ah?r!@{&v-<1Ghe5_-_wZ;DlkNHy?q
zBgjm#Y7^->6kqJ0Vm0tt{#?qm^pR{JQ?1EJ6s|2Ztc7Gp^s5IzW`^~iPwRV04*Q6B
z$90zV8`-G^uWC;R^0sx3?C_fCZR-jVw*0nr!)Hf$__mdh=|w|$ILE4vMB#Qi->Qp5
zjw!;!`BsWgOW2ujbt0|Y(O91sS})wAwb1J4(-Jj&p*6)vL=9hLt?-dTFk^hz+T<hR
zcaxV|`;a8Gtb?^B(>myr5n7qnza(?uD)tF0tUErL<KXiOtK4##_XP1;_*oz;ttv#4
z|HkitR$8@?$e!e)lxa;e<)6nIwbtrDgzNKKtD7WV-@DdYOoaR153OC2;2g3R%!od;
z3a;?V;wGf^k(GfYfotz4*1JS>O8paSr6gWjpIEs>IIZ<or4NK<Z$`b|Y9I-=?)%Qd
zeNpQik_67zR_h88-dWme-5|o_@>VNuCC2c>r8q8cwF(m%{2r5HMEb$+x{8(5Rx2cl
z=kr$UC=vGgb1P+)^jT?A5x$%P4?nm1OF}+Fezsd9B*F1Z{9@5|YZA&R6<};SzXNtE
ztQkbOr`=(FK&1K{9CvnDJBS>ZjJ0=%b(Bc?Z&>Cs5#I0JVHIBOm6w>)?yyWG3EU&?
zw8|6VRpd^qs!yvD<ZGw(49W2R^De6$k$*a1>boq+F8twJI^ug+mn8MP19ynv-?Ckq
z4;loN3UKSyBMp1S$zS4*S)HY2y!R#S?6F=#lE`-US|dn??d-KaCc<{UvhF?O_}ap=
zb<gtG)`5F0@3)TLV|l+-WQ~X+yhu+Tew)wo0jsH$!E&z-5j$WF^O1vaJK~@<UK0Gm
zQQQPOWE~~a9!7leE6Il~bFD}#rZgh*y_HJjf%5Q+s9Rv?#9B*aPhy->1;~%q%nwnE
z-@g7eUrtY0D?gICaASDVT8AXSF+6D<CBixVJzq{wS!F-YYv&ZD6_fWjM0uUEs!Exd
zYxxgrJQ241XFkhktW9XywR6VWaZg%jt-U0}KA+83?tkU8eBMf0m)Ga>`QmflDuFVt
z&wpEWiLlQX^I5)R^^`JRuXV{v+bGhSr91<5{+mx=FU6|5Ns!q}!`o1@KrUMf%nOA~
z!P0TcVIWtmY?4Vn3cFK4u3A@#te*fU+d!^a%{QZ+NACudi$JdD^XIzNMap136z}R^
zw+2WObAQ)9*CqUA;!SG^$?#W)H?2uT_^ZP^G~4mMxV&reSM&UR<y}{1FMI(ZX4H4B
zXY0fNgWs9uuPN_x>IwWcrAPQ{%DY^n6#gnxu{jq9z;b^$@Ae3PI~ixs_2s=jw7~-Q
zQXgpoB;GzI$>~I`1pWehf_(}};Q9%8Hw<Pe3HGB~M4U4cLKNo&`!PxIL|#NS!A_Or
zwEMnIqMe2$@B!RJodKCnwENzpm1vJ3nZ|H;B@5ChY)|$P(H|DJ*GhsVC~{H6{>ew$
z0C~W^gj#MclI>iw!?{SdL!XIUcs?iFwIuO;E^0r4#PzwT-TWS{qIPGJc^JMD5I32N
z*#mrJIFRD@d`ZyfdN8RiWq&|2gXX{&G$2!&qB>DVwdQ)*5wf@Wv_uaXv`cOkK2KB<
zcH^%$tF|c#_SmA&RPB$DxHrml8|UGt6YGw_b)0VRCaqGB;>=374-xqu?tR(dk8b}%
zgl~%(cGb^C>gh^(sAEFLuvZd!fQVz)-X=Yib1mU>IXhF5Sb%*lZ?7f7x2DV6qrMPY
z-aWmF_FN<Z_OPP;9+4Ny;qOIOwAT^IDunkFD%n{?cr19>K0t)Wf=BF2M0hNyX_wnB
zQx9-XYuhb}*k9m!ur|dIe)EpTo!WL!lHsxGF*}n;&*pK;PRM&5JJ(0VNL0_Bxf5e3
zUSsPFb+wV*aTk(|R4j`o_Ul9rz&W+(C7Re1CGmRECiYB8utvQIcAD6yk+^lEseMTj
zuWmH8yJw5EPP=uZnT>svS2vp36HvyDd^7tkB3w6`+3O^k=+=am_L$wm@<fGeLR-5<
zOs3^VwY@z;67*TrjrR6oNxaegIs4(8u!Ml|ouk^pPS_*t#1t;mj`kQLT&8LE%DpJV
zW!l~D@Rjt(t%p7A{gQZftfzejiCZ&!+LwrMt?OwkUrWpG-OHYK<^6)BD_MK+E?+Nu
zG7(Xx_rbsQvQJ17bMxNIK2I{Dj+K-$GrmE~T%UW}>xgiD?qh#Pg!A6tK1GD{{*oQ~
z7VU7}huD1%AmQ5kiannQ*WOp`!$dgF!|dc7%$K-}CFW7X?OY=LpcM>+I`*3V&_N;N
zmEcIbwvP-2nK$eyl6Y|*Z7-GNv>WHq_DYm->)2>}EfMY$M%!Z#=gmdBok@g!PPb1G
z;e3s?gWsbTM|GS%f(S=-ynRLzuLLLABaWaJ$9a;SMTF!0rd|C9A(O7Og}zR#PiNSf
zlAI23<Y(FEe?&XnlgzerB}rGf+-KW4KcSuMPVo9G^rCZY^JgS8yTLo#K<3#)iD>iS
z-+?T)-zV}JXo+2{CH58~<3Q_iSZOY^bBJt(K0FJ2U2ac2hL*o-h;Pa*x7SJHmEdwa
z`iqe9#*`IyWl6k#V}<=Y61U%2nXlhiY2P3%ZaXXOg1-vOrvuz?th8qzN5b)0Ykw|D
zx-#!Y*qMa!eXV_s$n?T-$|$H&AK738{$fdd+Vu&Ocpg(c!u7`^?9ZpJ7S|1raNXG8
z%5Y8C>=LdCTV2BCzQZNl;&!@(Yo<rI_I~Nga5Q$=>Ip2bl+P4J%nNtfk4fT{SGJwv
zBckWuZ3j;Zt(e<K?XfHUCW%{K`|L(Y+!nXbZbgJ+xX*r$2*+oi{UQ;L&sX*cNz#=k
zN5lC%)WdJ=#iuZJj@Uta4H1smVSB$M6BRKs$`zSC^bF=y)D2PRf3>d?5xuC`NBZ3!
za273doKM^D6X7_YvH7J?j`JCN9m#N<&)VCFaGcM%b!;B25Jeq3XV*Q4{#>dHzi$rY
zZ@ctgf_P)@MZ2~nURhkUXCZON+)MUiNxZgm$+pf5JKmUkC12aQV%J6)w{))9jfq@>
z*-meW&lS5h5fN1pv48Bfl8je&lT5B%`)`?++v5JS-y*_!zinqrlCJcJZ?{DqyKUpD
zKVA6>?yiXO>yCX(%3w~XK{W2zUtJKEy;+>%975vOF~vDgGTa6gXXs_2l^xgt{pAU$
zEpg7hJ%0h`i7RNC%d~*gjR==u0cSB0F6DyGVIo{t<DKMx&<@wt`<yf)Tr(4$r9`-9
z7IAJ7;W}2-Df=(l;fNJ?sz{O@5Wilx8}d`!X+WeE+{YGo$V)hji9AW)O_X#F6PW@;
zj29)H?CTf}VOh)pN;_k6kvs_fys#W}j!H5|*?$AyyHK5C{|T8n%6QlhzqSY7qI4<~
znZFQzrQ!gb@H(kP7PN+2)6jmx&UhkU{tE8{KnWVoI!UlhMZaM=_uUYdy`JB3k|ptK
zuj8yo;+Aq5=iV7(8RrOTaZg*uIYESb{xZ(`n<A~#?u@8{b4(JiHC1qG+{)`uMW>!5
zUfZddFZGH}D$2NRr=ruH2&Z1r8B2uA^kHWM5w5EbJDqNe)YBCk_L1I&_*8ZJ5aIRC
zqfX{sl;K%!P3Kkswk&-!qB_pAae{a)<#DGQ5l-uIr&0ka<3_a}<tyf{(ds#kP{z$y
zJ*PDh&R0F>01?htL#IGNVHrzM)To9|2_k)9*H(O)*vPqe-!H}Ka*tMu)1OF<`B*a>
z=hJH9OqMdUl)$=xGVd!`gE+?|nXPPtK1#gq-o*Kv$a8h!w>G5AZ6Xgo7^f_jq-ebG
zdA70xwEl&jt%;-hNG6oUQ%=-JDt!;%JUESfWG%=vbD9(B1Ziym(%k9mBcB6l;S42G
z3{u|(q?I#Ek_<(VuYk067L&{wcx6SjowiQ4k4yreQ=Mt|q0d5Q29Wkni9$$vy$5fB
zz+ONHr>>6(t&UC~B3(P7OlN0~j|iDGCyU5m(3blgQk3VN<OH-VNI#J2>U1OWKRDaE
zvlq@ZoxMKt+deq2bgCwz7WV+XoS8my2=dj(S?43ifDCYy!k(7!XOL6JM}m;n|D2va
zBJw`e*?+O1EJ2ahk%Q24QEkE72x3fm)fp?byz%r^2Qd8Mez>Ts9^tzBT0WVPF5#N_
zhBH%I_Uim7=L8Y9Guo+ozsOg*Qtv;US*7Qz&tskOQpU40*2yg*wBU<fY6au+X^nUK
zB%zFG-69v`owNt@YE8(eHPI=XEM&aiZ=zGjN5l^KB&Vg1h#q^2ljb9*flPHimBi~I
zr#o3l<ZMu!GfsEDC&IrMIm0<YgufP?;nXgQKJ(XtGo7nMcx0UIY%Yc}+}q4`PDtX7
zDRZ6L#ZiX)x_Qn<ByL}~AYUK8!1<B1cm!GCoFc+~-2!KQiM*-5;~bP^qVg@QiA3bz
zan2xdSN-ogw|zuJb%|4~q_BfNUk0+wF@59)kW6QWBwkckI*XCGQC;bLLWHBb%GpMQ
zqq@o|Q3`$LsIGR765*(R=!`9$H(wt+t0nR3#>dV!9}zWSoij8jwcMz#cg9OHOW`@d
zdS?rf@8LHA#oJjMoPsK*B}zxsjg8JsBAkm&&U_-Ai%rfYBAkoO&RPxaa4xnw?e)C5
z*yfBv;(EBvnIH+~OUyjCIhmxz{(Rw74xt_PXS-9K2&cZ?nL>m;-07?&!v1{eXyLs6
zWIL&nq$@ASaF-_A*-u1#VI;oK&33v)gcf=z?)L0<j!J@kf{552r-~shyZPGd)I<_s
zpZ7Wqh_HuyooPfk7yF!tOkoG!5TN<tey1A|(Tm=94!%`%W=i7iFns6KwesfcduO>M
z=yNg9`ri4}M^qq3oc*N5aX#vV?Yz18(RmDsn~NWvCy8(_estOp;avRW^d!QO|HWBK
zgnNnO&N@lZLopT{cM3Wp^;t^pR9MTv7jeg(6iK`|pKyLb;>P);bBbg*&L^ESlEC+a
zAHtWCuzPUQ$&6xDV_(7y7xMnQqm;q4#14aak?f39hlto=*l+??e@-_d$}TvE1+BlG
zrINszrir`Fmz=s~WyAuU_sdR$a!5GuSDlMQIPd>DCCUpK%)9u?_+Mv`Br!K%*PV$-
z0-wGFcd?+3U3X>@;qtofd{sf%ftQo3;x2KnbBG9gnCqM%!XEzTTq43A-g3UJh<4b+
zJ5H`7vy@)YE^0yE?>Lc4p3h>RHW01qBcd0Li#GBR(IXX%w)PP*Hr*HfS`x1pO^hB!
z;`XA6(H)gVTBqH76^`yD!ucv3H6KD5&e#3XQ$#pl4@56Mj53_B<Y?(CUM@tfOO8I_
zBO+hP(UFpPwXSINyd>#L^%<~-4=dJU(VmY;%Wip<h~gU7^SMNH3d*>(r9?E72>V<z
zTI5k-CtVREn(!wWU0MTu=3E4$-D)G@TxiiHlFU+?RfHEXpmen83Q4@y6pF6%5z%Xf
zqA^LlIu?m8elQ-=^y*I}syrsrin(PGiS{JIkvF0%iEu8===?gUC47b}H;NOj_P9sH
z4xSTDA;P&R6U~w&JFxu(_Pu4I$#sQRcHk7;?Ga-^ndml2<|xx)mRltUZu~}nmIQMu
z@>M>1$wwMPG%7}m)Dw2RI#wy#4T+ntO3|Z4xb0Mq{y~I2tQ@^Ug!5iGs??X3-S+-a
zG?@sOSJkK~NzB~=el+@eLm3UXwp5RfMdH@*>e0zWxOG>LR&6A-(v|5{>uN;DKPm0F
z>*ZR}TSVByTG1j+P=-sVcJ$tr-Q&?Gr3}WfIYjL7=s+Y1wXy?BM<Dg1uMm0HC1cRC
z!YAPMqsNHw`@Qv}eV;;~XFrB#*$tzaM81U@o(1`77_Hn?dZ_TZdBf;XB7AP165WI(
zVHos3;<T%AG=~VEn>UW$`*v~TD852`+C4Y-2%npKgwM?zN6%C0{JwFM=wnZ#hkTOW
zge|+T5PO7A(wjz`NG*(NSBT-$(H>|gkTDSZ@aEC}M8;6B-aI;#(&894kFF)cac&ho
zPJ|=YDw@~~J>-bBjaEY9Myy@5HW7|kyJ%w~eAA#^v@H?7Y0xg(l?X?yU335uj##_s
zYe?J|p;M!85#flXMi&y{y9cS!RYW*q?W3C|!H5ljh&>lQj52``>{q=Cq*L@5kp(U}
zMRqu1ouZ*<Fd7`OF40y*IAUF*uM**ib&D=S;zq1{bR`jvSoi2gA{?>q(JzT`#JWch
z5aEb*j~*k!5$hg3hs2H83(?y|IASkE3pdAHaKv7Sszf+qJ)`9$!HA89_`DcRL76~j
zcrkJskUr7oL_Ts!D%s(P^@&a+!V&8q-9dyS)<1fd2uJLt=>09Ehi=3MMT0~*VuPY(
zh;YOPMIR-?5gQbJf(S=!P_#J_j@Y1RCnRpf21oxNTjv62Q}sRYeJ79c9vXQUx%ZxX
z?m73Ib8ljZqC7*C5i+DqnMy(`MKT^^%7n=y)rd-^Qb`J-My5%kggi2SRGN^AC=~Ty
zYp=D>Ip+R-K7Bs<T6^ua*IxU*&%XCFQ63u|e2j_m*y!MsOq9pQ2A`FLJoXIu=fU6#
zl96M92{WsQg7t2a<*Js$?eyVbQzC&jsq_m<4+rn>gEDj@5l8ArgY$@pcJtuID`<W+
zc!Ejx8CX*Sc`P`(uS_LY@Eb3W2hTJ4Zx-zgJRZ!vnPgUWrXF%qaN;dQGT=u2>!4>+
za85rWHRq&=_kc_Z9?nFvK)$UZet>t4g4z9%czY@N!78^Rp|YdR`N7(f(ES!1Ve^9x
zB`Fb`VD(oSyzyjkGm~C$hrAeMo(fhQaIv1Jf^{YF^gI=8Dv76OW^gnUrKcdcL=u`^
zU|t2m6-@fV>ZT@;r;|o2MLf?x9Xu~nO@*6M@avG^ji-YP2BL*i#qy1?8Ur#r_@*SD
zHwuFvO5){S7%X9;a(^Z%_h*8&2cc$4wG%Wy6O1s)GU&VY`AMnf2S-bpLQ%U-iYS9r
z^MgwznJb!$6!8;~1;M6+QS)5!{V(ul><949ZIYg%;9x1^m7*wEAW6B5Ui4v6a2XR-
zibcWmlu8_h8axSkEec+hg?SZ<D)1G+HW*VEC*}2Wumj07Tn%@mAH4)#RSNcy#EYMo
zgSYw!u3TOY=1AiC=at|ZAGrXzzZNVTLOw)~;n&Kq2Tw~<5_qmDoI*&FHVkD-0uzB$
z`UPdOn4||u=FQ+OcaqH3vn2Coa2S)NKrV$;ZwJ$dQ%O(tr{7#y8MGytC-9Yw5XihA
z?7}jS!%k`4=J4%yFpFhoeF|?~`~+_w1!qX&m3>Wco{yw~t!sj7B=PEEZE$lo=3X99
zb@5TK;%lNG1?Sv_GIPaB@Sg+rd=y;4M2FgG3uImJlDkO{&IYlT*9X&?D9sy^YH&kv
zyp+ikm<nTcLvRig^!)grg(yx+RUF)2A+O?KaKy!>*qD@RWALDq@$%XjJS$1ASTqLC
z6QC3&!S(l|o?I~lZnyOYvN<^Uej*<|0(;>=wgx9ZK%@<vZr=&y>)^C8M8qVxLk+RI
zBX~rTJb|Uy0j1cLWY4Z({Rc4>)fYzQu3&~F6q(r1e;eE^Nv^mZzFis#dF>8%A4hrJ
z0k^8EK>EGG9g@KJGCUUS4IU!mjs<&zs~);Iul>P~E0D6_<_hFM@USElEojgGf-N3K
zJ>_m*2ZI&gkUSVPNyg3n`(WosWGc4@I2_DmqGIExV2ueVQz%}7m(m}GlKvEI$mHt>
zQ$#M1Bf)$o4?&Og4D>(8lDzs$a0AJ>eZnuny-B3v`r?;h=0wW9Rd;yp8S?riSSAUL
zRttdq7A$xiWfqA0VC-59<Ycg95~b?13hw{Hznu#1eS%0s&;uQ*I2}yOMdG!}KZ7kL
zq5I)@E5;?#Ke$>y8+4>hu2>3tdU!JXcklqG8WK$riy+lM!6QDh6v+8t%_*2ysX&?K
zK>iJO^pRCSL})CNS9Q{JNoa;7UK~~mt&k*Fta>O#yapw$9BMulHIqI2z{1qftm$4}
zXixRfQXfHkYJ@iX2-;ICB=WpeXiuF`J0{AWdZE6Oc=lWx8YT(lUJQ1mhbnp_J#@mS
z8FQ~6YCprv3v+J}TIeH~d!x{4CMx%)p?E%~^6INu=vp7acG@hIBMI!+&4U*^z(1FV
zGM>a#UVXJpvM?ChC1t2~(85sYtdF3DTF89Lvl%VaLqnM;3(e4jl6do$Sm;S6YTjan
z7D}=}d<{E_I67FN$V}9{Ky-OJMG`yooFs)JG9(~s!)<3LRB_gn2rZW~)Mw(paU#^P
zK>A0tgfSPtpt&kku{B*4nl5FiAH%WWs?d5Ss=c=grOrY<C4oPoy{`iwwo1~|Iy6tp
zcyo!?p}!@eR{0sEY8|RM8}$^5S~)N~1=2pWgvqCk;UA!_ULV@b#DFitc7RNm(5g9<
z$^o(;NRLqSLL#_peFVr&p&m@|zQpY7;ruj|#bj1?K%4@Zen~cGhH_bE8SMZ312UPR
zxlD4wTY=4R#u{4A<d-Hy288x9$+`>nkw9i(DE%3-=dD8|GbofJNv`;5Cfs;A4lB*1
z+_OSUp2bw;dAvuR6$&hr#NEjm8dC3_s(aK!Lltkc3=O4HD)$D?(2#nsQtdU}8G200
z<cguZ^M7Y(HIrdXvO}kt;N64jVDsIfnv2n%TzSJ5$%s(!RasKE$IeOeVNQ|{?+vY>
zR6_aizEBwx<-?JohObG@LizCi&`3!<AC5}$;pouPx1`5pZ;U=1o#ex@Nj@B#<ioL{
z<E%%W{f$lX;lrV!%gGzchYyEdV4{3DKD3vK^5J8lh3`=+yuX1yoDj<VP?ps7;lv~#
zPE7LQq|n6GGL`GYCqm1Z4C6SQ9NNW1c{MkbwuVwEuTBYNOX7KTYLZu{hl(~}Dlamp
zCwX;7l2>OWd38qUFzZoXoss0#nW0-h#=N}9oEe(SM0xe;&~_%utFuD|C6r2ebxx@B
z7Fkl)tA(K=NxadaFtj|0q<x90Xx4=BQy99Ph}#C|a!I}W>T^RmoJy5zE|<%@YxHc0
zcE8KryEM;+N@OY;iEu^#Y^c&!Dur6nFANnh!LxwRz_J%Ysb7%{mL1<DEDFtGf@Mdt
zB-HThi_5+=w2=sW&jvj|^lVE*JDGgW<h9TdCb9PdV$T=w9c!p)yVN71Ox_Ol{f0=(
z2Jn(7$gB*d?I6;e$?DK{CUxOkyee={W_{=^ld09=-FO&NJ`OeCNvX=9pRWt8U}Gp}
z7n76l`WcXt&@M@G#S>8W#y~y~wJJjyxc_`Bd|U*2z6hN-K%`AiBHKcz4<hku`J0e+
z2#FWH--NP=xOKWSDSCG%Meoi~HtSKfyfZ0!_k@b2j5q4-N%H)jB+u^)_4*zyEELM~
z`$OUfBFgiJLaUf4&;Jw}_an(D&mRl5I!r`){`XK86Xp4np{bJOieIwet7teQI~|(O
z1Yh870e=1~^eU4+AtGl&A25lxA#ygfnF-cl7*d@JjVs68b43}{Ad>T;Lrhc+{uk=_
z8_B2|41_D4Afjrpa=76iNW2=X7Oq%d)xs6W!D``(<6yOLw$$U*d$sU9CaMN&ge#7W
zb;2j4j8}to!Yxl-Y)_rAlSGC|;^kE*{1Fj1#_A^7TsK_8sgyl+lkBM<R;Om_UP}G2
za~kd0bcyN{>W7b1swN5c3D_<!3p<sGs9S=K!{a5HD-P6v7hj-uE)SP6ISe(3q(!)6
z6-+f3?s5?chL=h*Rn*)Zkb8_;cv@AInJWH;Z%=U7F&e%zl~SF7@90~Do>=&KCielk
z7KjtxC5h+NM7X#brt)ez5pGl+NolIOV-EyQzJbUu7jV6tP_-<SHxl9IGS#LO<qgnW
z8})2TQQo*J+_?@B<&8Gs&64EGa&-X<uL+B~D3dG8g`{J+Q#~Y}g<ZluB=Icl5<dH6
zWsoUJ&4|;Pc$e@nDN`ce;hW4|!n2t~_R*<pmv9jib;1jJn8e`iN9^ajCFR~deEFrG
zJ?NM2VNDXxo*v<jl6blI2#;r?a_<o?Vxn^Ik(7JSaC$oCHCNnRHz3~G4EGqrD;gl7
zl`oEreZo&Pl*FyCn^mm3wR3YgpJe2TGe+jkNp;#k9B<^63v0Q5xV<D^YwEA^a$D1Y
za7JU9dtmi)_!<T584xaLLZp<*ZQ=B0NOHxHiS%Oaknmt84*|j7^%xo+DM_K&+n9du
zZ&-MdBwoGW5#B&D?p)%I@VAnb25J<*4*8dG`!Rfg3GRlWf9?pUUoP!&Z62P~0}NLl
zb7uv^!%ZobJ9{6lJm#LmjtJ*SnR#+G(FbC6M7Vu(%xkXr^;7T!kbA-vS9YVqTdzbJ
zuMLh0R|+Dbl43-S3U3Zeo89^I1K~LlB)KBzEx6GMn#Y85bRr9%fOk`YJQ!|j5NQUH
zf;IS1I7gCFw-gVBcd?8OYdxH$JQ{XPN>!i9<KY4(Z^C_?|KJX1Zg>Ne|G`aO)I25p
z4U?~2a)b$<+GDCI;m$GAjQ7xxObw4?vYs_h3om1`4|Zv=?9;=Cne@G$cIWcK*%s;P
z?UKVxwsESwa8sLPHZqwJ&SWyD3F*lX-^t`@myBle1Ki!c4}6#(KEkAIF1&~X<jHV`
zLz>^MN_u97N5_dQcggDsB;GBHnc;VcxDhooDe7h>MbymjdYQ_LjhW$Nl6bK(GhF*B
z%*(syP!O(9#Eq7Ma9<{>Rn7`8xmu<Qs8(4RwlXfZd0se!h^uE__#l&x{B`hxuxKk&
z1#WRkkO_{S*aIv`iuvclo7-V3uUyZCwf2&TJ+ON)9{l`VxSb?kdw(I^R}!!Pc_I84
z5w|TbO7iNWq_(^$EIN?QYJ6Xm<oTDveWgsUyodG#*z;0&ArlSufAB`xE8)y*QBSUT
z4q7+fD0?+r@kZI3;fgoPmWMlEhp83_d`k!SGv5u5lB7`10dS{cMR*z$oC6?vFI*%^
zt~dhogc)GZ%J6C?zkm#q55hY*6}C8BO{@w3z~ms4kHUX&s=q-Gu5Q+c8+W8qTmU^t
zHiWO21m0NCDEE)UJ(+w~pU5ZSOeR;un_#mb_u}v{)-w$JGY`n8;p|SN8T(%BB|Z&r
zyB>+xE<O$KBI3r_r{O_2P^!l8wMBo}7cB|TlcY4DzHcfC|HDM>oO}_!q_fl<P+vuT
z5w0zX7e8CVoh8W?%EB$-UR^J?a7*~k?iX9QB|MUdYvGpgNl9{rvT$qI>_NFJ3%7>n
zGEo+O6Mlh-vhbUv+Sw6)P0DyS?@DSryTaeG9yOxv3fH^wVw-m-wSwJAtzdV!DW!79
zg5622;JffWQYKgYaR~NJA?CjePhnzIqwnL&!t<E4gWqVzc5yI#n8^li7vG07dXb;;
z4gZA@8|7iqo5*7mQsnzBKZl1id63DG@MtFMV5PYjQXLIv^r2L^Ux%&oSoju6yq@HE
zI7brl;cFmsJiNe1-Usq~c&jATlWYQVDttl`+C%#W$eHlCn<+1xuOj&;eEt?9@2A3f
zE|CAiPCq0xo?>4Y&{i-}wNptu%|z9E6|Hk7rBcySRr`sE+mF@Mj<bx4pPJfvNod`T
zbJ3bw{;g!sxD7N4*V5JxAo3pcErVc$t);~VA@L%rw$@D&&ttW<!IF3*NNp`!60fJN
zt?`_{+5vd64LSjlrsdp5rBGu*U2P!~H5Sy>HZxIUL0xTJ7Nx@Z#!ukGbZtA6H_}qX
zD46@z*Cr1knU^7&@b+~Bt^H6Wh2pp3fcO<sHPkB3qZ(^_rHoh7##)Wrr5@L-jkSvF
z)5coG^=V@*ol?2&y|I?VM2#0sl{ehEUvuqiDdW{nb1iKc=AJ9A=G9*d&Afw16DA>T
z+?_;>_uv~Ks4rbR&EyI=2|WiTjcU_}lS~6RZblhXdxy!3&4|Rb@0eT-Z7}dFoK0xQ
zCGl$6N%EMZrDdaLua+IH5fRs82~GXlpxW7Xi93@?Xw6xV@=qekKdrTKQik?3tAd5C
zwfws-&OIY3RXa`GEoEGL+9lOsJFVhMyq%Uxsob8eot7;L)DDb;*hgKfO=hC@>pE(E
z?;$^{{kqOc9_y|pMxu=8)$UqfNjx8RPqO(&t@Hg<QZ@U!QS0~s5jFejtt}iwxvMo%
zU+o|hwI;e*`%Mxr!ux5p$6jntKP@bYXHP$EI1$%}{k4%Sqk5$NTH1qTkLr<b)qY{3
z`k%qtc}eL0Gxk4&ll+sVy*2J)d$P3El6W>}X`f5t%>lBK>NG2<PP4S_l*(<DSz6{p
zWV4F8p-J&`r#4>7csAduEq@qOc`wxr*D@X<qIMxhXd9W}JPM=bK5ZWpoJS$KUpvV}
zjf@Xyk@2KQjf`WoUXpmxGETcw63-jsw6T(S-WZqUjd9weB;&TYaoRK{YLpqL9b}@s
z@o<ti9@E65WTD!Vc}(m6*u~zMpdDhOyzzwg$OMu>Z`6U7J5_s$33>y`bZsjW^hSLk
zGc+;L^F~u3Pind(o;M1T;-^5nP0D!QC`j@~fp!PUxZWtxMlw;}D9~0hQQnx9<c(*v
zhL2zDjc2r+Nf&!#uD1ROBFY=jY7KLVsMvTx>%c_C#v(17iHeQI+CnBOHeS*;O5%BA
zsdh#ZiVge*VX0Pg3g+dt<yW;4MBKLgx;BkvRNwNtHhL<hQhm#t+F#R<c$(kVnohr1
z^E=v$L|n})wB;<LG_TN(=UuG%eQkI?61eRHd(=Uw<qx&VOge{%tk#N{+&7HK8tpwM
zgW(%_Otn_q#AN3WL_X5?GPw!9YC)NG+6g9k3*a@suVLk)b$pU?$8%vFWHxByn4FnN
z=Q5vY#Y`r>345m?Q>;~bic)oYk@oaH)rK+oFqd`$H)%^}lFa)qDR`O)&OBR#o=w`e
zIY_*=T%wiv2<}~!Xziat8LtLE(`FNK{rq`SgnzCr;8bci^>b|r6BW;&C&lxZT5v8|
zsLnmV)SAvCqE6_xY57cW)Vmf+@wIlI2}U@Q?b_)1n97UHZ?q!|WGP&mztK(*aeL!$
zw40ulG66Lk+^G#_qGp3TwHzi`3Y;zP)b3q~sXQO<PReVyHd)GeKHRMxVxscetNqGE
z<+WEk&qU?5SL^s3=9Me%{tdn(FNNQ~&<dD5$fQjBL=w-Q1KKW0yxb3HiRUja=|Syg
zCMx%X+Gr+EKawK4fL9M{#Y|2E!FlfwTBR3A4_b)!{Fu}q9!~PcVQm?wQhnWFZ3`3S
zjdE=d6J<}icG#B}dcHg<ucKP?BD80!xD4i^eZc0UT8<>1H;!xLeFP)?xVBvq&p*HN
z*j-Xh?Y;l56)%z{b>ruE?JN;@wf?)7`69}c1l0cg39Ud9Z`FT7YrB{{rsgDnYJDXs
z38-E4Kecg8)Gqp;nz4j5t3CWPTBam(MHcU(pVjhSL7BOt%~DwB!OqD)+CoWS_RgmR
z7qk^jI>LSoevNWLJMSX{z+)G*eoIl0*LMEZ=1AiC=U;6F5!V|cQgKxxA{AF9BC>|{
zs2)H>DxQ&5ip+TxbI%pKppU{;cBM$xYeXKZ1@~6K!pf0hOq#=n43a955lo(jlgB%N
zRE>;b@*I=Y$V4VFT>XJewa9WNqhKH4ZXh)xdzpN*07m;p@YZ4^_&Vi|ce+M_Or6MJ
zCLh*;-Dn{7A`daqU@e2>vPja(F0xR{cwTKB2`)p;USu|ow34Jme8y#O9O<|cWlH2r
zbhxwKBr<Y65$x-bToK9Hda<6CoV)irLCeT!DdW{(%SZ_kw+2H=H5iI~$*EKy9*XRe
z#C!89lvIOygyN9CbTcc%dN88yKH=;Fi4p0(4Q-w#zJeNjc^jPTMV2zz!XzF^{fcBJ
zfuB+4>PQZg$C$K@>|$~`cphasL^^*>sTwos6j{$?WRPUKL|SbpnH(lPBFmY)-<o84
zN1A>^GVe0EIkJ#R`ZXleKhkgq$)qtE6v=1Or4PvriJWHAiOC(2?46WqNhZnM6*<hL
zh{-*XfxAd%{#&#wa)0DFlUXhS2g09{$|_p!k0_$ngQHxcqGfF4iEmM}7l#i=@+I+N
z<Kf6%yHUoQ!H!Rgjq#C+E7tLmk(A0^v5rrQjfs)1QYKem`@%KI#7O5oGOqyIjHh^$
zB3XNpz*`mzNoGo9yCkInHG`d&)V}f~NA_J@uKY-)?~r)yD?f6nBwo4llggE!RIdC;
zQ%dE|6Y?WDOjJMiR8mQ2MYc&9Z!cw5q|$yWm)c929m!{+_EP3X(#kF_#j}xxl29pd
zw0br&>;TGm^|df^*Z+`AmAB;|hyLgJ$TUf4&4{N|iy}=AQtnj-1?0Kai;?Ff@w~A(
z$s3C!D@n#(rz}n?>Eg(GmQmhV9LYLF_8`dvdtQl@NitXN!FKu<P8lKv-=oZ2fvbs@
zKwghj{sBp$_!w?l&Vp2LMw&8t_XLr*BON61PNi2wI!og9nJXfFkE0&1&wMX3@h>8(
z6?~A?XReKmuTmXSdC{^qa=a>%a<|^sMtY`7;`W*A*kj&(t#y%1l5tzXy2$%X)QJBH
zkBr`ZtxqCbrHr@6|0L4A7Uo53eC+3oBWr3CQKcw}MAC@7c^Q0{10LHPIbV-R)nn9l
zwnQ>6CDMNky)nKuGMC9~HEE377I}@y^>FVLN4>8iB}}s3CGvITYbJf*3ka0i9{GXE
z4(PFwd=vSF$rR|Hk?e^4#pFupjgjn(q@<HQqoMCbvMZ9tq$lh7HZq>cKDaA_GP@&c
zr(#nEy`#7%qIN1$cn^PH<d96|^=xI43zB#dUKXiTA9MHGPFZA`Bqf17{x<o4k@J_4
zjM_&!6sgjXh^oP#B2Ag7-KU?DdZhBmuO#E%VJMHBmZU_eyvifrHAc-|)E$ZZAc+^@
zM<Pch@$P{fiJTzfe#L(zQt>{?u}Jf#7i&Hi=`V@rjblme{a8}(cPx@csoYj@EV7J=
zYVXIB`h*jav}TyQ*ZZA_OlG2bzmt*UOjPgpXJo+Tp3PfehJP+{w<P6mi~BqBILXL2
z2{#;sFCZfMB;#86cjO2YwVF5|NxK3ym%Ast=OY=C<cUUY>5Tq-q%V`&Kp@D)g~&io
zg(bxm$A!pvN#H~k-zfzm^s?qu(&J1n(dS)>#EZi!`VmQ}ma$w_^fNwk81@UQ>M1R~
zvJd|eW~X|Zk30^frapp*TlO^l0ZBanr0MxYTyLc5yO=0%)YDUg7ki_g-j<0fX+3?Q
zBwk7D>jj~UOWIJc_>E5!JwqdzK6T-x1hBc8-Y9}(L8{mazhiR%&Y1NpnKT6Q_$5e8
zNj#5TsSlUL^VpU8G#@E~zOJRd+((uI3F!xjxc<@fpCs}8qv_{~xc<@fB|3RS`A63`
zGf`_#UH_el@{g|9j8aKeB$)bEN#HGuP67E6i><deNT%{*6fJQ*-6W!-rImi1$rLzC
zdK*g7MyIud_myZ{{gTDdHNwc)YEp`Lt_*&mOg{~;X(QQX2gE8!)lP30L(PSvJ)Asl
z0CJ7qkI4p*`2t7>eLR!0J<wYNxlZ58<i<Y&q72COdYUEmxc8Ad>&xRv7KkeX0a0lq
z{MMLW#$*$J_t!<QoFJKLK=Ahqy6R1tJO(#l@OKcp=@yaH_x`2dFX*nfmxOBhFy!7{
zAAJ?-$rY)O2LzHHdaxA|lEE_Hs5`BZcy-!S&yb|leaoV!UM$Hp`5F?o)0_0>Z7|g|
zd0VV%IouZ0(=wzU_jQYYdRAK^s-N$#f5W6Pyo-)~LVtZ9ld_u?In1OJ+$g*Q6!h2I
zw?jR-0&myg4V+u`iA;{cXoX~eewvB8lQU57cnzh(yFDm#n_kSM{mby>8F*u`ews<<
zD@2CqS?wv+D3HNax9ba;OavJu!}Oh!lm{9<1NTxsfEBV{#so_`Ns=>?(09-nZFlN5
zI-q7Ery%z`^_V2nL;z|B$#6Ye67L<MY`vI?dbQ&&ed4vKCr@10hju1&^mUSyx+jl0
z`XNcm1Inv8IwXNVo2sUN54|JQmq+^b3y8Zx<-M*9wo0`5J|^B<$}Xv_YS1I<ofD5J
z|J<+iR961EUq37@EEJ95Th1}iV~^6)u9M}Gud!k7KstH^PnSmNH9L9aZ}8Xy`e8}D
z=pC*9LL{Ip9Ic;Vq9SUvKJa?fQ|?Ci7`^5VNOA?%JDx9()5kH{FqX(e`Z^|y=fJ5x
z><>PyA7)a>d&?8_VVy~jdZ%lmp4pX1SFW!~`VvXJce*C&#Y|L7nXFIiMyW>T(ysMn
zeY+%uV$^*pq88+ytJmy~GKJ!0Xa)6wOm)ky>V3L?os{unb-Lc2iK>g~dVUY7$L*u?
z^re!}jt6=^Pt~CNs`d;;Dyv$ap?AI!^?2{w%t(sEC*4%4cAnHTdSWW?`->;_d>_Hq
z^rYUt7s;p^d`e%zM74{V`pDiWL*Hni&9n4ie<EA!!&eKt;oE<`FB7amB!&7>CO5(t
z-}vi?bM?rrl<HGRg)L=)KF>!m)k1wc6TFFv<azz9B;J@?r2jk+^>{PSBK<c>sPDxH
zFVg?<k!DbXMO=fWLiuNro;FD85vqMH(%Umpo?onYmc+|_u|9-k+}ZMCJzEkl_r>}c
z9|=P4i@CnM+?VLnNsmx@EzzHr#LH`mUPMHMuc0?um*{D?q0NP&BdjkT-3s5i==V$F
z<-SCJ%tvq}TB5(@BL>*>l3pfBuIwR^ysQr%EWP2*U|-S45^>x6EBZtxDq3FA=P*&x
zvQ&S8iSp{}`dUfgSDS|gL;~`9L;s0oRI7YjKgC3~ueWuPh4$piy#g%7+j<U@3#Xx%
z0P>E0NRnxy9h`09TjlTSbB185Y2r8V5585kQcoR9dYUw(zIT-#xt(OP;j{}=t<u*^
z0;^ikgORyf7sDu35BP2!BWkVQoXLFnr86R9B`Fm6_0Tm?uC@9!CXLp@EEwL5U8m2x
z6ZI5|ua?1U8$j0U#Z2xSKxBhHc{s_8XY#S$CYwkC^c;d+kx%rVl9ak5<3_z76V=;n
z)bF5FZg2Cco-2trR(`6#?<1YS=1=t#lF(R*WRqTU7v}Dbl_h#}9L9XT`e*ubNxZRg
zvwmI@Z>-#`4;+E1rV2GOZr0~Xk}FnsAg^xGcd`tQl?{&wu|+@6M2(eO^~v{<H&Sj4
zi0)wFR{bd^Q{Xq<kbJE_%j9RMnoHr#V2A!8ljbnPN3v7@mdSdS*`*(6G7|OyQ07~`
z(nu<)io@NiUv>Lum$)OfM^wyvM78d{N{>5I@6~I{yu9|lPY+4rwdH;KZ9dWmO1e*<
zBMG%!B;V=v?w2;ZEqA|8CmQ8$%k_vV*M7YzrE+JL`}HCws#PA)(?^jvRC_<5XERal
z{eSuqNv4Y46X}Hadp+X;Of^-`U~#<oK`)WS8!La*w=z-D`=kD|B%U`8>z9m1J)SoX
z>zDh;tx)#EdV5L88%TcAUzfxi9m?4oUf)};uaGjEQdDG?>y5`?UYk<Xob8C-T@u&<
zJ_LKcN8yA{A1Mj^(jxR@ct7*FzL|;g*l)VJ8>Vh7{H908qGlRBhk%7A^j1u8ZyCuc
zy%Q7MNk;OQ-d&PSDXJBm(^DQrJ*Dn=aZazvMEUTXu1Vr~>~H;gAIS#If9t~}A&(*X
zNB@%axFg#6B#)ifcS#w~W9Rj>$1e8RzxsGdJpcTsZ)c+X6Nu88OQC#S5YPSs(ZmGQ
zQz+jexDV{PB-)+{`UgpsXjdlaA0*YHy_x*_9FdyQfs%M0s}s$dezC{uM6;PFkJX7z
zmc)y?wCFiW$cOk^LR$2)JgLWRUv;A`iMZ{nZq#9-T1wsMwM<k?sTaM8iHe{4(IHHf
ze;P#ZWun??gXklYc=PZEQ98l&)*ua{lSsz3r$MxUiL$3b^m!)Ao`%sknJ9ajL_cSu
z>}eL=Er}OV&7wz>NTnI*ACeghwbLvbl!Rgo$>q`6l6bB1iYTADy7RFsq6?*r7h_jM
zQ}R)>*D6~?E4IojqmGpEqAnCIV4_N)MOCZZ`#kM7Yf;tW@Jm2!ae7p>Q~U}5i5dM(
z>dBQ~0wS@ae=#|JHOVBR;z_hHSAI?KD9BtLZNvoiAh{-*!34i3MA9ibfC=hB(#_RV
z2KFH79etQ(_OhOS(fLe<v7SNERZM<iJ-0`9N#eDFyQ0@EkkRY*8+S#!Gf}PJuIO+{
zyjs3HI>|?-f<1RfizJ~sMKU6K>9bO^+i&DV`HfAtPIID7rHognIng{Os;9j-sZQ^U
zt|HBDPdh5wd?A%W)#>P@Ivt%<r(=`q^r56W9iLRE6QWPcymH0Vc2vugq6;PQyqX&o
zYcKX{ZZwsN@@j6hB@x#@Q=+tj_C}&9(WsR1JU=Dc#Ydh3KTnBfOG2JUGBqkb!rVQt
zPK(~lM0qtY$*VJ>3#E+LQl5%tth?B&1xa2lNb>5eB(D}Gd39crSD%fR%DlXm@_h6l
z6V+0dME_-?TFPtDX6w<yT%lUZa#xRPDJ!GxSw^*#HPOLLR7?3d`WO?{Qc9vll6ZBx
zC3^c87uV^QXbuxqr(2>^iMVz8W%MbQQR~Vtqq8LO>h#O#8$MD9HTY$8vm{ifNVY~N
zZn?Nlw?)gDs5<>RsZO^?)4wE}RUf`Hx{HZwDc>g5>9<LBx+kelze}pq14(syD5<6V
z7#+WrN}=X0<<TC$UhLKKXeJZo)$-^Al6W5bIr@~3ECm1j99<>}c?`*s=oP<7&2C*B
zP3nJ+Mk7+jYbi&g*-VsIe~Hc^J#KGvJbIRi^5Jhuvy|VG<|HShLw-kl3gw*voTZ$O
zj+DfUu`|*2r!V%#nP>?U<&87ZgOYgOI2--jM;3$Tv(bisq8{=Fl5^4bCGkeszoQ=!
zaeL#xqs5YV-uOFuo{93t`Do-XvQS0Th3E<<${YVhGtQulSFZn}{xuqw{lBPxjfNz}
z*zh-|DipXz!|&`W8~d5y8VyMm<1CX+EK}7;`-f6J2x~NyNj0L9cr)Q@Mk^-Dht-Te
zl*(NTS2uDb@w{5ynCc_1frZtLC6bU=k<>7*IWN88##l|GVjo`9=qzPCuhujsGf`fx
zZ7e4}Zj9A2uD>8PyWjQKHAYGTFO#379frEbE=fE;*EPNuFhKwxo`bt#=+(ML)c}!6
zuogy=p5(&@Nj_|7#APbahmDN(Oq35B83RbO>%+#zXh}RDHa5ol$lH*6V<VUJxE^a_
z<P&k@u!&K?M8#MWqf!c%!h7YQnK7G*T0u867W!mx_p+I>N|Hjc1$GbWHivnpQS}nk
z<5_rxk?te7YjlNirH`xvo0}VkBwpKTVO&qdt*;hFrX(ej;4W56<71Xl7HUcU(Ju1O
zI!L7%r4{mu7<8uK%?cvM_6oU2jGRgr`zLCgVxn@78s~j7=%1+3u(Ib3EW2Sm?IWLp
zJ*M%7BwpEL#-~Kw`idD_nW*}T8Oy6&Y>#a;uZjfjLpBe{-8tL%FcnFm___dIse!y4
zqm0R?Kz0CWWz?!hdQ>SgjD}299A+5HCGl#xt?`{CUM;sXe)bV8X}gPRc|YWJjqxXG
zb|bUBQL{SbuFBQkXi7xxiojE@;#$LIauDtkBk5%HlEjOI&c-kzGSv@|S9jw8rE+K8
zy^WtFA)AkbOmCxE4b0tJ+4V675^>jYeT-pD)H<$@F^Y*=$MrQPGf}1JXKZAmdhGtj
zS4`BpvcIuk60!$(O8XmUeB?A(IKW7&DJ_)eUl>sXjjNfc`Wj?(B;u})2N}<>jG7S*
zG8QvYxeqdyOG5AR{R4RoGCpD%W%F&u=S)=DZ!^ASqRKwl_=$-s`%vSwB;JaCm|@h$
zQWT0Iuuq%vJDf8b-I=WaG9d4H4mbKr;(6mP<3k^*4yi^MdnKXK0ZEQ=PaV>nQv>=R
zAom#0NaF2u-DearQSp4A@jprOQm?v-PG(0M<xJj>D{`8M-2F!Xj5IRSFt1#3d4m-3
zMJjw1Wkl){835&i;Zlq;E=ZE+jwz#zE9;TW?N`D}yrn49jY&CtCyp&;w9%i*kHbjM
z7$b*C4ECN;^BCiCN%DlMi!sImAHiMpvBoMUsxBTfMqf&~{{wBOIr!%hBP|_?S347o
zd`Y~vJi*xIBRZs-U<B)v9z4%QGSPTY60g^KJZW5h+<1&++&1{QF^!3;i^q*+K7u8k
zWSEy>UfwEclCet?Z+xF@G;Dw}-oC^XV}&HSA_bH@e+<@W#$F~@)g&^_P<sw1!CUx-
zz;r|H1mao-Nxm!dC(Fz<)V{<amYHRUhLpRSV;35An;`LgSZK8I5eGb0XbhFa>usJf
z=)RV>OZ*IvMBdKQGe(X~mFw=|KVw9iVqV_qz&v9j6V)o`8^<Nd73Us<uZNGoxt?*j
z8K%k=Gw&qwyis;JkqhI96dAj&AhPoxin<q#<t>P)lD=rHXh{TjWt+k|^@~Q;AQ3g!
zddWy<qR#POHu^~7oeRHg%weK>o25ph5bE(-?ouPjL`BO|V~r$U^uB61VNB&GhczT#
zUA$^srb`*o7Upbipe|lDx-;p2JI!0(HbzQ9scrz7cZ{Qwc=h$JTRW;>eb+caGVUJ!
zyM_~`QmAshXKa@wSA4mVTK9WK#2|YreHsv#eh=?m7;Bgmz?panc=mncxFqzeSlBK;
zG`85JS@i%P8kHO*xuW_II?Y*a^q0gt{a<a2W*K!x|B;azr&On4&Q=WRKXS{ZMu(4#
zYo&}=7atkjnW(z>$mp0rJ>JW%>x?x_z6Af_%dYE<w5v#_#ce6#Mxg7Bir+hYY#fp@
zbkh=Fi2c||w8B)Sfri{0e`54yf_fT(%qK~Dij9hQpNb7}HR>r855PY5t&sah<5DJ-
z;l|5QAe#)6$@`HMF#<?wlIG1uCds(-@Xbc046+cvOG2AB8yXX3^A|>ECd%e7k~D8I
z-m9Qzi?OSMo-d6P74&?Wq-U$~NL%S=dBfxZD8*J|xg@1R<^GkC-VSAQ#glNS0>8=n
z+PGE{&-2@jJD8|ad}B;wqV#-Yq+df`?Fx1A2;{XR$)3H&W$iDvXRpy+63?FRj1`i2
z_Uup6Q)V2bRPqkqY{;w3_}51k136@*cfh<#183{Oo7F&mG)6L+d{c`2)~wtpmZT(b
zPn6yq{@FMrNv;_ECdKN{#^`HF&juLnF?xSCwljGN$kb9K8P}1_4tN6@WsW4-e8iZ^
zG8h|cz@8(<N*}?t@vE_wNjBJwdQKYMJCbH)^GTyf63^y8jCGQDHveIq=Tv2E;U7kJ
zC(<*8OL595VWMn4mDEyB84a$-RD~i3TFQQ~@N`nS{xVFGaa+M(#%Gc&5Ub$~=toHP
zm$9A6%(vl}x`CWC%9!BqE>=1LH)D;?H(*{1L?+b5Wk6EQX-vB60TBUG#azau8I0Yn
zfTX%ahnwd}YME<T<~mpuVD9xy(V0ro7wR2l>YL-3OgIpb_B1xPGl{}ZMwd@v#cEdU
zk(&QMq*531D%NQa(A?Z?;v=^LX=yr4ntTzEaTqeQC80587|2A-(LQo75W}2LB=yp<
z@J96eaK>RSV)6;kPHpp5B4We}A$x4we49z5m#7c7%@2sk9sp0xY_miXYTYLEQI46~
zRhGhidp~Zb5piGIkDGJ5p$yrKdRm#wB=PiIZ5|@x>S=ABU>Wt>F|EyE-90@ILrL43
z5BSLAK&~;T`N#|)*P7S&APWyQr+N4dW-lUvb8sX0S&+HG9CxFX3H%LZS|mwkPa>DX
zYivt_bT-@fB4T|DUx!H2us4xIFydp2>tgO@5`$FlflL>3+)X5NC#3oaNLRCKA0*!F
zqPzKoB;=p2+hC<>7WhaBr0Qut)>rDOcIGAON&1*mnAC!C2XpUZKE>ooXmLa;#$g|G
zo|N%&?_)YQqh`u|2jtbq{6><}YMF4*AA^6(H1{#7olcrF&F`5kh40oeuT1kelR33u
zt^uXUG@IT+HlKp_MWmM`l-Ey?SEl&}%c#5tnC~%pV+?5?V6JD<7WU9k&j9ndPtQrv
zGr&ygM|mkdgUsqop1Fo<XONjL$pSGQEIbMG`9WrTCWpX6B!kU6m|!1%4m1xj={H{%
zh*^)*Z@vsQA5?mV!{`Bh_#I|G6B8`N--Wr$e3r@QPzsdEF_$v=I0N=lPQvQXOvyx>
z3&nRpE(bEsY$M46(V~qIaUhSHH#3>Hg2-d$NG7j9stk~sU>;+Fao88g6f?a)YF;3g
z!2B==NWOVBlQVY^dCDBa<hSgA7zHu~=42+z!DHiq%rgIwq)=QlJw?m{vcRl&D`{Q?
zGS2~7XttH4Q1pb~Vp|2|C9|84d<^6j^EMwT1@fvnipd<9k726U&51sOsopSW`v|6b
z%Y2{7IC$mgYanl%8+~LSkax{pKJq<~_sk<qw!%z!U<t$`_r~5gs;kTsB;$@mtIR3`
zu%vX)3L1h~W!9IZJh0^f`bDP?%qu0Kc&-96ADB@eNt5I%ADIV2ADV#SPif^Ia6|hT
zSh&XQ;FH0;)|x$iWO8-rJIpK}83cF8)|sb>h$}ZxAHLoc1JUNZ)Pg*C*>ok$jm=ah
zE#TID4E}As*_eo!+#*Gsg51}eSF+4suLi_9Nun&%yH$#K5b|1Yc4Bg`O9nDo38P-I
z)O;5a_fGP9^L`&`w-NP>mn2vI-qwGR*9OzPP1-C;%|AewIgN<agWmYmoaZCxjZLOC
z_~Me5n5~(pl9rg=nRL4heuEg=Pl-8_h+Fm&a~u=p!xD2D6IJ#SGm=FXs<M}u6-!!@
zRMHajRZg`P-gU%1na|93nA`(5KkEZ2HP=XzD~7|1qnAP1KR1^R!MvtP(h|rPGwpWD
z9c8Wt@|D@yN3H|1-F%RU>-nAL1Rp`q?=+|R2zqsw`HYXCSHCrv_z1?>?xcCk9@89#
z_IM-69&@fF)Cy4Z9`hw1LCt&3cYOpk?=y>uh);%5Yx>S?bqAFc3I4v!cV-chR27-~
z&7~}(qHceZh5OA_EVBnj{2ReP`^}6yrDivx4w&711TFlZ*_Vj4ClgW~OwxSNEMXZ{
zrw7e#OjPY0G7tO6ZJ_4|bL4Q$oq8M0>nHQLBzf+y@|BzCh`1J(n^m(tn=#eTW<wuA
zA09CaiKH&(_I}iSj>#}???=tIh`2F-)O??1lvj_M>sThU3bps6<_;#x&qtGD>}XPq
z9W@WhRMfifg0deoSKUo@ighs-$ggJ25gwTc<aaZRh+FnQ%#l8VWj|$Jk|R^OB|UA{
zV4_NT+HB6`A#U%d&CW#JvY$44F;OKwom8&VN##0ie!;0!z5i+MV4~XcU*>*Ea#Npq
zDj;S+xz3npiMXx%jCtf9ECsc9Y~6pGnfH-5RQ&vF=KBb?ZV_8e#BJS|#7cYwTlXcg
z{}D-j{wMgYC`eT)R?cKSkhzkaAR<Z!!YUHxY?WgTM^f%co(GvKv7Ssm1o8@y)Yvc|
zc^gQL*g_^Rp&lT$V<(vG2T}|qE!OmY(mV_Ly03uLj}=MsS>UZL0dW9G<Jev%wP2s*
zHz1eC`i{a>Uf<F@Ht&Io<iXKMaz%rG;Y0}jw|Q)iBvVDbl7Kh^dRoMGF=@IpApQk%
zWvu2HOf^+}{~x7l8M}>1<yJ5Qfqx6e=14MEd{_^@p*scN^u@MIQYf-uWULEBi&dOa
zM`IZ<BUSTf7~VxR*3n0B4iJs?@DZE?7_r`C(H`nEF9*%B*bpBH194&_eZ&Hih%NMy
zHbAb9r9X&zO2iLP3e3Gttgj?_saO6$BYvCM5Jlj3FpH(ky+p(VE*Z-*OX0UIV5kH=
zk1@ejB+eY##B!Oe?wrEplNy+3o>09+8x({;o2nw|2o@?*S{Z*4729$K%am5eettF#
zjcsH3q}lBO+Qy!hq%?40Bz)HftFm^nSD7e1?PBYhC_UH2zVPYk2Dx7o+v6iQ0cjum
zl~XCr*Tz!Ep$|&~O7pd`rc9LP>taDksJ^fi*Tt@48KtLVtWyO&9b>~P=;;*8k)$MW
z1?-lg?>f2OP<mWa3q6msIFE>K<T002&O8hIkWj8pu{BaNeYrUdMu+QTCnWL4<r`v^
z9`d5@c1YDZ*2qV4fOL&Td}Iue?y)vLf@Qxk*2PCAfK1QW7$2Dqq<3tIkKkz4Csy@g
znY-*EF~<7FniCN>!(4PWr0N?>eMHKL*_Xh#Fp#QmtQC`GOm2=1WAajclDQ>TKqU2-
z-4yfvVy`gyrw;9b^oxDKr1tG8Vm{>6FSdb+8VCEuJ|p7BbHCUwNfy9+g(>0%nX1*J
zXyF2J8|3~vkp8i>$B=lv)}UBZNyzh9%Y$OJk6@2ID0Tx8@x(U)u@>~)7Q4+y@}TTP
zVh{SrCXl%!_LPro1Ckwk#Ygr6$%%dJBZZ*n{@5WOIRY{d#{Th<vp~kjnoS_jqdnD5
z!>L&;!$%qcnHuZkBT*nv#_sizc0gvua+&<^XZV#jAoF4?B*_(zgXUX+%#VG?GB_(3
z0i-B)*hfYKSrqFviR?j{2|$*_1~Zujbuk^t%dv+f@jU-ZESF^5p5&F-93Pnlsg}l;
z_z1@HYq8}%@+`=_9&0sO=I+Mo8?l~DPM!*g&JezD#0C;^qxX&2yj-$bMeiH2jZ9SZ
zz8U+CiHhF0Voj%Ds$6k%8#;4Y9-AgfUaE@T<*@=HqB%q_&Q6!d(x+l7ip-b5=H;;>
zCK#D3fV>;irlCxsXw(C~iv+SN)|QC7&ix?PMG`MoKZrf*BN(e6#NHty)cohe*lH#l
zu7mL%G_Q^o`^XLN!>TrxKApUwB7AKu<Rcj2>th){g3((XyV*xDdOwSe^bw5AFJm)&
z1S4~MY>|&(OW7TJ$49WG?2B#m5o`qqV&C})#`6!cKYaw_`R7>8JgS{B5WTyA{2J>b
z$)=PTyk=7l<Wy{kBzbbCcRze1e>yh8M}7sFKVuL3$QdAKVtGDN=}(vq#^(7*9UvEC
zP4g-D1^Cqh)Mdcx#Uu#(El5(V6_QMqE9hpB>JqDrWv-bCcOihJT1}rKJzvAiCszZh
zW)(<MC}xfdi1t9LTgREC0qG8;rgfIdx%&g+W+1h!`ZH0F*W&6}!6edjHp=9Q*{};b
z1X9(p9`KR7fuva#=TUX7nNr5vlc{Sh^bw51y4Eg9J`1!pQpEkBr=Hbd4(9b);3kOh
z2|(&wx+Hlb3ggAg5I>h$?U{6fc7ddU)tAY`EYr|B%;Zk!Tc&}YMpmyvD#d1q@Z+Dr
zeAS}&;x=8P>b<cwNXpC=4%|7J38|V`cl*d(AWf}tl6W3#W=(!Z`cS-hE+Ae2nP%2<
zB5tc}ZZ&-lWu}UrYL;ttWHJio&r2ay3oDyR_Y`RFKw4T0nY89qL2Eseo8W8R4?!km
zHGQ5mrvljkBy0tl)Pi|$2@uVy`2xutu1iF>vYB*Y8N*sH3G`YwLJt6`Vpe7mrpgu9
zGqJ6`l1vr5rc)%ut<y}l!$`dsQYDfip_Ns7GfWD7r|qq*uY3e!zLmAdM{q`cwPnAE
zxqCCTHdZ$uIRtrSShxDf5g_fXM~I~U0`ml%igmD_VDiCzH1q6W%^)JmC(|6egSAAG
zxv7uLg<l2-Jsqsih=?k$1;n3{?C_BbK(4h8O9H<h4l-5#f;ptscQM+$K)eDwlQ+QE
zXC1A9KGG9NCo7xDQ1E;mNOgmizJyXe!lbiR!ld!I6wwf5x>&7VA{m=WS8J&x@H<)1
zx?6xuH)|D>j+a5%f%LRCGui(>>@@-Dl~g;utv{p;?TZ$Ig}trRmoYDIU$l=ElEfQR
z`dAr0(g8I0v9cs72~3B-b%y`?T4yCG4XAz5o2@FZpk`0cEmk8RK|Qxv?IkG*ybOQq
z4gdAChDie7dcfaqh5s_G_)^s4X};CEP7*2wo=FX`ZXy|YQ<YxQ7-(fN!F2)Nh8kpn
z64X;!?Eq)7f4r}8v#gP%IrTDVr^6ukEbAdA182c~03buG`Aoi=O1=6}Yl$S~0i5lO
z0-4*b)K}5wLQ&(|fOrhZ9hUZ*ByKM;+-fBW<vtB$hFg;*DHWeX^v(iuSCWNyTMb`F
zJyTQjAouz2!*@Vd3ns0ZjIg3ibm;v)NQGIYmBHjbcp>ds(0q^8SrX6Yd#$WD$!04*
zMZ5?yBdz&FT$}H=mP!I|hr*irb&$E=DtJrUBj;?ZfQ+_QNs=qxo&k4PfQ+-6Ek~JL
z(H%5z2lB9W9h0Lo;DiOpc&itaN#N(7fIMoQW%3`Kt^WaJqLuNs%uA$!%y}S_tizIc
z9(y9mW0S2m@5ofCU))POCzGvgCP%@Z4lo<cwU#mYdn>#i174kCt&+s^&s3}byQs$-
z3#MDyl28p+J_Gm1th5zW(zDQq*8wuaG9{TR=7Y_b0m-+{O5)l4q?P`jv{3r+3Xplq
zYAH#nP|-Wnx{8U4@L5)8Ci)Th%^a|7wl$5(AD6-i3*GQ+t4tEF4bHI+`v~qM&9UmP
z#N0^+N7zEEiI0TAo@cDil9b8_cYw^Z9+ia3-dd7;mciL_2O#sUjQ3G<X#i)-M2;}|
zw?6z@ij<+bgx3b=TPLK<)YQns0da$rImbk`!39>zD(SIQ)drunYD(hO*FtNXBwl?z
zZ|$R0($6=7=I5=yB`K{|3-ZF%dXbg-fwb9egGJU^NytCA+q1|@{m}Cm?)EIP8u$qA
z_PlIe=_9z?^QvV^vMELFuDovD?UO;x%dCfe1U0{vr1|Y6%`2?w6*RB3J|R7+8z7#G
zp$^`+wlet|2=4R0Z<R?>DpdTevLdUg>?(d%CB@GNZZE3(x(}?mG8NTeCU|wVwTg%^
zVZRQ?<+awAlH{eD`Ebt)WY$_cnXJvD)2_AFekKp?QK?Qad7Afx*IMaoWW9@W=o9ew
zXxCa<lH|#q|NDV_WG!K$PKDOFHmiPhoppp{WF%k@x!#(yR@P~1)|h~J2=r{Qiin8Q
zurG?_V{0qRwBdcWPpo|`GZ}VD$HGkJ6YGeNOoCLOSPefSuPQ$mTLYOWKNlzYd82DH
z`gsQE*=VhhsmRasfs|P5ePl6^QmfWF=^t6HH-UU%wIw39HVw#q<84W^g0HOWrA(f<
z3tHtzkm@U|7n7l||GW{%*Ve5}CNSA<4P(*(ZenZ!nQyFxKJqP)oz{9ua>Y%M>JX4`
zt%mD83y%ZYV>RDEp1+U|C*aU)?YAOKa9)RZVD?)MlQI}D?uR~Vzm>rRckHqE+i&$@
zvYR7nzcql#>OB-u`>l~omT^Swx8@KL-}AZfe(M94QRg!Itqn}nX~lkPI}>$UvEMq)
z<l)M63bWs8_A!-fy-T_h5&7WfVrlb0Ccg$~4-G8*M5YomAr;BwOOh+L%z<7V)-wC8
zd7DrsSNxnE5a+>%W!6$A+u>b=OJG;=fK|ri%F!tze>a?wS<OEq&3jnS_f~fw34jxS
zupVLZ?9za!0eXJ4CQFhl`UGJYU6NL%l>7Nh0-_0!pRCD}ED$@v<`$BaF_{P}vKWw`
zt-YUPDz7&_Y8{q@`c+(sAGKO-mKM6L@|aadL`>Kb5N$!vFILSjq)e)6gU78#M8qn{
z3)|pvE8-*9L#pG}t&&jNnYJJH0jwNJO5GXbZ`Lv<YRvuJIzoD+Jvd+e!#YDU?kx9|
zCAM5#uG7{uN#M7Pp)Ptt?x(GLzx2w5dsgSHaXwOcHS8W(ha`dZSIZRH3eH=Dx5-pu
z(W8nCXL8HE)Kbn{_c8gfDy@LdTjQAY0X_X8_w&|PNpi&vKhiwmymf*}KbJKB3iHYp
z6Cp2bO^}Mo9YEkh9gv1!lgt>HW24M})|~A~O2vaNInLzWQkca+s{gF<-;m5>@O~6j
zj!3Z!Bq<aPkHNkvSeRlD+kr9^3Fx27_Ie-52AL|hwo}T8ZXX5&e1I=f?XFDjg_5G?
z>h@$Nv%uz2kgB?U%Pvaw01%X^VP{F=)q4$l`R<D?tZDC(Bv*`Qn`_!{>_M4av2i~9
z>NosfO}m82OR&C315(>QB8eB_b?jUAVyd|Ue?#OUu&0iFk0i9uk0njB$4lb*u&!Oi
zMES6;O)Jej(LI~`jdc4LDU&C%;Fmgab(3!Y=OZ}2H?V8&qq0BJJ|HGR?hWn9Odje9
z`y`UoFT1$x4ebb#fI1awXoE8NQ(778>nWLv=4{?>Pb0gdOhqLv1er$m07<+$ZETP8
zk>^3CiCyF)OMx`AYaEa^%NDl+NDI4_kE{a{v`Zv`-<|A7ulZ^Axc_0QTyf@ufcP9_
zBKE+8M0)q3-)l4N%}k1h(F!qUS2{#8NYICt{i7saY{c!r_bB7d!xMH(Nj6<F9Nwn;
z2J*Vv?!ct9KYhQ`+RkCp6233E8)~_Yy+M*Z@iBOQH>Aq2OC^~q$pIj3?J|~ms%wh)
z8AyBk2$OZK;fxhX2fOwUWKSlP3*-4(yNM*;yHD5JSFwz0ao5@dB%$8#FVJ(XJ(5z%
zTc#I)TxXACJ*wWXORD$l>;fs{)q6*K9;K4?h4yr`m$4rFDgk$bI@;n#v^fv%G*iFP
zNs-jLaK9IOl1_Fi%c!p;I@$G!NX=+-C%d<gTyhT1$m~2x;EN1C)9h-`k)+f;1L|t8
zXQHCFtNk14NmVy3yV?IRIr9?TTI^=09+ozzs{5JU?D|Z4fWdfYvYUM+5!b?Qc55H0
z3ag3kNf!37dr2A3!XEZ`Cd$Gdb{^?Ty%qAoyl%AT`81<9ZnRJN$fe+op7s?#$=Ik?
z{4Jbo!HD0-)|d<!7Z5E$rjKni$r%sdZAsFGi0qBAb@#DHOOh*kJw!3q*IvqG3Z%kX
z?rZOnWV&1SzV;zWsJ+{u`DXi=kF*8S&ps^)#SfOEzumGNZ6<=LZnZo62&NjC<ip$S
zEGgsp@HRW2iSprX_C_Mr0@-w<ez5%olUgtv#98HFdzU2hL|@pCyaDnWY+wGftarCu
zS$4uluug|0*)!DcE@eD>hT7wpD0_z5Q;1Ykb$Yu!+ou`5al5_FN4jo<?;?}(8g3t9
z&8nRax6_YMtg7f8Znt2fB7C@QF;USw+`dK<_}-j*_2G6l$+%_Dw#WMjmi?|Id+xRi
zShFhE-F6XcRu<lEZ)T$My4&6@3H3-l!Sf^RldR_{xSNWj)jjq(BI4@yG!wqZu5naG
zxNGx0s*kFrdVqWF=2C{@5WRY@Z4(iAM&BRuy3fv##On|5vsaT$D(b-=X{7xLlN&0*
zFA=~@W~BW&lV8r$YGS0li-@RtL5O0R>U$!t4@cTHk6mo@{dO}+yxd3Gy(A%<aqND;
zevpVzdzGW@=@s;hwio(RVM)i><vxP-HP&wW3&jTZwAhn8Xa^<n>it2xha_{QR|kWC
z#@X4Dcosfvk2o&%$a38UGLP6V5lMZyCiUSH?KhYVfL>xO$V{}~Q-u4UiS}A1u~HZj
zz^fDO5=lIJCfaR(#k?qY?2#T<wOkqRS&awHlU$<4xJh=!GpR}TK%XA;&m?>MZ(b=T
zfu1Mq;P2!gwThf#n@p62Q|wku@J0ugYl_{Th<FKhA)b_^vm{<Arr7Hx@q9SdUUkCD
zeKw?;W*?TMw3^C&hJBog%4>#wn#o=8YwsADGwkz30xwh!i0k_zNjr&}ORH_22CtHW
z<{5TFB7xsvU!qv1nnuKJJ2UKgl6V&8+lwTjI7ADdw3k&#Rba36$)H!Cw)go+$FJZP
zfqjlhYGf$&y>sj;e~_OGIx13e?4Dz%OBt^honv=oqWX<F_At`pwy#3F=_${v*k?Xt
z7ZXWUdCj*EFd4@7%(ss*ss1vJu=DLROfGvxkxHk@=9^rZnoRC?Wzv~kI)KVGKdFbD
zZ#R`PUb*Jm-I=Iz&9^5?LUn=bf(5qyr&lgq%RFoM^O2XKb{5)`eB>=4&)X{`DXliK
z2DQpX_8KN?4zS2BCK5RIHuYMI>}{k+d<Xkl*eVy<-*PIvQAXqsCKq_Od69jdh#OIh
z?8$$j&0a*kXpcPOmEr@iaIszNBc(u=+J6&CeH7Xk&Pm?1Q_hm-yTUyyjQKb1>O_RH
z`Axe4%X}~}Aoj{sS1@^{7rZnpiN>i0uA!2?X**0*yLi*yE{WH2-?R@&;+5hp`zWQ7
zQHP~iZlCoLEX8|vwR32*r)Ra@R1#0m8awBL=Z(XVYOP)1BmV-~Xs_~-dVj+Xo_*QB
z<PFtJ?65CqqWaz)c9@CkwRYGJ5ixH&tr>UNkNih^RR6rgenJuMpLf_Zh{zqP805ag
zp2Os1Rq9E0*y#d3!h`wzc)0P>O3E~4Qs9yxk<^(ydhW1INj(4TupbDZo<d=*g1dg8
zXQw@l$p+BV8OXQx8cASf2YPVkx!b-V3C%ovgUoLG$`ol&>I&E`90=q)J4!@!7)tvj
z-`NQ!-EL8&9h3F2`%(;=zq5NW!B&ZF@H@NzB~r7jcO?7mY$5_z&_f}wGW(OtD3dGx
zf>LBla##}TMMnWSWS{hrhk^WPr&gh|uYpukf&6T@mIV6nRw-f*kYjd7CTc7=X7?fz
zID8k?#WDL~NxZy{*;9RF0qFVFUMNYSz`Pa%Iid0jJpW=qECcd~y_q$4FQR><KkUj?
zy|QCJ|A$>$5-*-l*)1!`oVEx1$UC6<Px}cXZtFg4&tRfj?pb>_5mATR=~??(mQgW(
z)?Ols7e8n1^wf(jJZInJBe?eb+a5tgj2l57`^SD%5>L-Rc7ZPymh`-R)<-^qQe3dB
zR+D)NEh9yI3gllqO%hMfzji-KC^EkQng8seKC%Nyz?nd)s$r~_0jcCnB@$3^Sjj11
zqT;ZU)2lk>4liKvxn5<bfQdR&sN$@ZgdzcBwTiQuWC9qgKR{kposVl=?6IoO4j)N_
zJW`!sh=`kDB8q1>)to9dDR(tmRdWEtpVG=|_Ep_!AY~|b^kH?!A>!^Z)Nncwk@Il8
z6<ovV#bo|HbX%i_^RZ9Q5wN+2v)M;}2U62%Rg3BZXM=cOtF|-EN6vsu9p{iFx#A9x
z!G5EzGp;tKDi0`|>pG>9kj*6Xm5-n|>N<OT1aGR;bH0~^T0zP`u=D1eki@&~T;I7s
zsl;VFVXX{-Sl>yjLpI~yJCW%`WZzN^^wf9W^pP|mmpQwAq#=-o&KV!M5=dj`iZrQN
z>WKkq=5!+>S{{TtuO>uu=Vl+t0GSrfolJfo40};PS~?Fh**YObbOI7`CQC9^v;aLf
z0@0jLeR?v1M4jW3z&9fk=v2{gB6ZQ8Tv6$jfEWxirjx}4>+5bHmUBFvyn$pakhpWk
zN3aI3aw^qF8Lz&sc8VqOV(e;X&Sg@MJhPh!dRjZL5D|ZMPZ3+8zS=m;S!SX`GolQa
zs1t+?XD!RDevWD<!})^syaGFKtzjjV;Z*!mAj7Hnr9g&L@k@cW&TiIxWFdT83d8R;
z&i{zW`oflSjZ<+qwY_u3Co>hw)!wPqK$cXdngirIr>l=F0dj+rMI=?t0lGN%Fu4?_
zaBqT47iSEUp|Cl>LXt-%p?Jnt(8bA>WUd$s^QaG{Oc9fH52c7tfOK_gHbi^oisdH*
zVl$9#&JszecJ>45>6G}$A3*v!M|`9@tfI4=^hRE}S^~M-S?D9z0C~VE_K{nGJn9_x
zk+DFgIgd4#dPM!{DdK4$vz*yJG7rdXXPJ+@2&B-N*u+cq7La*PW>X?ZuM3EEKo&aL
zOdbTXQId-N#zLoJzp*f>-+0dXlk~Xt{(@5*A2WdOJ=LB=k<)~U+F>YiB1GIBh9c)`
zmce}qT>TX}-B?C_gHYsTGEx0%5yzO<*A+QgBqQyq4|WteBPHQobSUW}XDjQ$cDe(|
zOHTL8$v;TG2lAS;!beU5dCS=<iPv)9aZZtpTlRO@9xv+Nb!uKAHA@*BzutA4`v~re
ztZ*D6qHebo@h{}{p3}Dl*|QbMZ0Kp<a|SZm3@!J}3M7*y@#Zb>Idgra671cqbXIVx
zozOpH&-T8PaV2S1uj{OG21t@CUgkSyA2@TE{5+Sw2l>!h?n{L>f9M?d5j<sB?U*e|
zGmZr{Aoq`)JBYX~cbzkeiJIZBb0#oR>$r7Jz9PKevd&pZ#NGW~=d59(<`V0iFNsJ$
z*Mr>GJBNLwF^~<;c_Ol3Z2{zCr%I4)#(ovaCr%wAsj6Qsc8Tg&i=9R+qx#iiu6OSj
z%8H$clvyBt{}Aql!46filf&d+CL5hKl28psAoowznCs3ZN}SD<m%x}$fJ}+Amr2_!
zxTy-{Gv^4CYVaFI?SPazr%AJz3#qOL^0{*)j3vz#cYY3EKmhr|iE6U!(qoxGwm7#F
zaqDZFGlGd)dv0?cV1j!x)!!3hn=@XL1>$R%z26RcwmDf5)a-qI|CKXQ68eo5?2WfO
z=}|BD5s+%Tv)u5=I3PQnVoAt96M*b;nwls>Bp=8gr^rVz!oPF&#ypw%AhX};WqIT+
zAm2N$Ns{M&NpaYDp9!w)u>U#i6f;pfREM1^wzN<j<h9jdC&*;NY1&Oa>@1WdSFGv)
z_fjCQ!%mhXQ@LI(ce05HwcaUr#<PqKx9M;mRqm`~vd<-@Ow_um+}X*b-mNqTD0j+;
zh}dkZopL8Vfw||3O;BGSgFWTWFiGHy6}}n4Il#}(Rwj*MEleZ>ACrT%a7$?HpFygh
zorO$p2nWPgAV-`dOvcv=h;M-$bq2PgR4H)x8}%G>wlhg{$vGmaDx!`#m9C~#YG3`B
z6J(-V_c7;CYm#~MOPYE9;tXqpWPx}Ly2moe{bF(y$ZyU_DN`s$+>;{C0y*gfGAPw*
zNL3l`GM>JO)CKaFQ&Y+miUW|U36QhScwZ{a>+g#Q=5@iD=1YZniTDXlg%*ZD&n5A!
zwqEW?D#uT^L*kvSSB=-a1_?!Y9Av7-n@UnBPD0DQ21vE|5=nB!k1#tO3@eW6@t-8g
zb7QPV{0}0c59~g5hEz4;qCINPlRZgqAT{HwIv~jvbs(N^1yU<M`8sKj*bBc9G!#hf
z_%=ysgvFk}ZoEtqvhYz@+1866_sQTGcWHb{N7Pdq_!@4a;tVZ4zRE{(Ky!M$VJDI~
z2s^+SE%oCOCMpu@$GbC8kx)OrLXrjI(kD~I1EA-!c>C*7&jQhC29bvGg_6t_F&K#^
zfK21~XOd9=JPk;b_<l*eay5$|^ARk?<#BNXY9<-{dgzMy8Y1rK(A*_zbZ8#`jATTw
z+ElLQ@jX6*t*LqZ2OpUQ_Oytf@R0>TTE-7|mbnY`A$lwv@7{&TJ1}Qk3`C3XVlu5s
ziuisX+z^N#VxoMg$3<64rF^Kz$4jz6+zEPK13l6B5hhPEG2@xtFcsDEN|3SQBYk8&
z5GOvlhtw=b5S$xl#FzRA&W$_9H~R?AjeEpT`v}gB`^6jH=;iedXwHgvmxMfzv*o+v
zqkRNt%cJ8(K7zC53Gou2o@1bAdi<;;h2m{kDO7=5n{(nzdtzQh8UUFe@7v2Og#qM+
z_(UJ+3FNi-aw4hy3#fly8UKZe>YrD}&obH1tF4vsroE-+)N^nP7k7YH#&srYEweJ-
znn~B=v?shWeghM=kF+x0mx)^Mtc(w2(wF=2mGQfnROLQ=Wqh0@xuOTO(UDM!mGSd^
zsO;^4j03VNp4nGgD3;BH{cs@b;@M0_WI^NuSsx$Aq%+JeW&zm{pDf8#@fxIB0OaF%
z=UY$@jWUaY6vrn^QYa=*42U;?d>TI?NuE24`z)T;k8)R$`C0r#CXxkW?hjxuq$-V9
z?@#2yU?N|}gG~0pivBZ@*&c5t$y`wgsrCZ-Ha_iEO7#uY`*9%q<I5!}6w6vdj}GKO
zeB1z(DHPRO!_Era={Ou;!K4KGLmkNRcw`{y>2U(?(f~OXZ_A`7_y@^f@f(@w;GbSV
z&cz2xGFNniRJQ>+AMZ2B({m3Hk+_`+>Oqo{cz_A&83&|NVxlCZ=LsNH5-V;ao2$aP
z=S(2g5~Btq@p|K0iHVX>U-vA?)J{AjiPzVqC6@RI_H}g=wTGadJlWe|k6kYjW-<`w
z5-)+CdWp77Zn=Sawt9)~KAG30%yK3laj$-9Vm%YpBVC#(W1{N)(nS7H^3OI%^$zGs
zPo&*W1S8=iAeSYUGPw)v*#@LZB4ZfIT*IVU;#o<&e*TKY+md)?Z;@E<BUtt;6We_R
z`}vlM{5zyK+<rdj64lQK6Z1*N?dOAu*L?*0`CwwDk6=F^N)-DD_VZd|)txdgfqq6G
zMiUK(6A5+<h<!ke#BwI8pEnb0m?*Et5__2_uf`I6v&lbup;tcydaOh-lmD1F3G*(L
zq4>dln?&L|A2|-Gu1fUqkyAigB_>G%Z?MBG7w7Y>6R%0)&8S-^-e;oDWm+eS72$K4
z)`@LI#P2Xi!g+7&L>UvcVr`vp?j~=j6>FPBA4$9wYepiUiCVF?O)T}L!g)*E#3~=b
z6>Gc1X(np-vO_{2fqB6VNtln|E7lznIZQHPc7f}Q>k`W($rI^w0^$OAqhq2~4q1q#
zY5>*`iP1h%2T13{QXgpqq-)|F5%;D+w?vhDq#kz`*DY}=5%F^+T9tH5G+`OFPU)72
zv5Yzq>y~K8GWB6sAHCWwF^FaGY^yos-Yqeb37%~cc|ww0G5@!K2uqm)mQnY*yC<67
zOC?oN*FDjmiHf@JiP4h4Jx1tz9njMwv0M^Z3qvih+ylF=iLI1M&Kxp8re`92A8FqI
z1e6p=??fvfxe-X8#8M_I5^hO+EQuEh{StpLQIU|Ds5BBa=ZZDFzmb`^ToQU?9Al$@
z!t@c0jaw7rnd|`n^oQIBCFU?GXL4I&8Iu}M2SgUg3{LF&Kf2C5K&R?|{CCFo3}Qm|
zH59TwcRd%Oh%zEeD5MN2LK#I38OvmiVaRTjwa^fvEQ2u!A$!JFlCsA~Ncp{&bDwkY
z{rS&p-sioY^`3j~c_hKF8@d7M6gK*DTw@{jw}_P2NPi$*!V@*}F_5m|g&G+P<c;uJ
zA}Xuh!Z#$j0dN0PK_)(2z8^>WZi{GRE|4DKCXxj0xo3EUBtd(AJDf>GJ%jWL?<c}z
z<}%RJEBvQMRs-oBj((ToqP>*$K;8-GXF_|_Ncw~ylQO|xO5X?xM$x|Ea#AMPOX(Ya
zO6r;PH{96*disVNN-_a<(2=|wZYRm2!thJ(K>CN@mgFzk%iRlPKzOJmufche!$1ax
zr$|yuk`KdQO7bK0uWXP>3~!R;dWmS`ERZ4L!;<__jLFdOB}v+sWHKzA^F6NR<&Q)g
z7ogOLa0yBF!<}K*fFy_OX{6*u_+l>HRg#Mk#or(^CcIISe9$a0(sAJfk~pv?xd-Ia
z@C8Yh!&^>#6FMmz)t{}Gg}s72(NV^faA`^MkA^qNP-<G(k_1~O_V*d#VN9qG;ut<7
zJcS6)1&@NB8R7Y|R6Mk(5<q5#PfF4r$m2j}g)d5i?+~j3nH`Q#V1L%$gxLegoN$^X
z4Pi`$VFAc?NoGOjag3T1J|M|zIo8by-;ksT)EAd3J%Ba85Fw2vISTc)0(J-HgnLV}
z6Y7gesw6hl7nAjpd=B*mo2gLhtR$PEzVQ9voN)g4+13Rh?4cz|Cn)7pTuUW61K+tc
zB65;RWaTg?9FU;R&k3I=nc>FaVSLhHPWUPlstbHGJ11;>z}7MIO+oYAa6L(`Rf3EG
zNeg!(!g}!SZCW^<h<c-%7S5C;c%wQme3MC3j>=KS%b;goxcor0#a}_b2IPxyA0j*g
zVB7d2%x`nl4(Au)5hOF!_!IUDx>KoJlH8PJemHgzYMyFbgL$$K$Sep?lcW)>j|Ko)
z7%u%G%X|&1@{fTm4)2o$Z^23ivLxK{BbKQF?{~%n`7+#9lAhzEjcGuZhQ|__Z1gA|
zWo&?5k>%k<Qf3g4`5==XUMtCCu<AzgO?amySK(=5C6G1YgHq22P$~n+x^V0ew*KsD
z_+kvmhHx{D{0t-`oJb_ah^hyt+<|0<H%c<U8a%ncthYUULzcP&-?`vj7CXX4hN9-l
z2Hpww7nIr=PLO0RoMQS1$PeL(l4Ny&X9D;(X?J)T5w0DaJ@<ysF)@PKbAR}TMsW5#
z5ROkmTk4lJ4u^*jQM2cf@JdO7+4E>PQ<7lzJQ_Z&>A~6aSh)5ur5R_>pTmig1T*7_
z@M1}VnepU9E$U==+HlVE4<EocSrF;T@Eu8-4~MtJKu(3l2$pHuj@!oRa6d_GXd4wk
z=1h38Bn7)h(T?=5;f5ozRElxQfxAaQ=4|+LCXsKz&p+hP`S2=Pss@~+_Mz1I@L3|0
zjl4}@l>+3?aOq^!JlWU>&)s-8!o_eyNj5-zy#O+o!{a4s7aMJChBkC1JYSNAl3Wdc
zPlW5V4V1bT-bExUav$UM@KH?$PvBe+pC^)HtcJT9Izy?O;oP5~Kdc93{tg$?2+k>Y
z!WEeq1K{sCvfT~WCX!+d0zKQak<`;lp`L%k&uawdT*G{oNod~`9>b%}o=l9-U`Fc(
z{zRLJM3RhDAU%QPFmsKfx`<>xml;bW)hHVS-#39wF7q`aDvI1@Z;jxL7Gn-&5?L+h
zGb@Zn&8fy4Qcpg!2@$0yzu8(NsHdPA&m^=BdK=C%kDBX=q!_{7ypNiB#@wIPLS_+-
z;Eey6S%pccx13XoncXxQ%waLJpGI&tFKLb<!l#%LAoj9mov~yqR1}`Zuy!h#jhPsO
zVT8oFse+j(NeX;>!eoaeeM5XAsDfF19Oap!=zfCq5aDd#8MDXDmo$<H)}JurnHaNS
z?#8*Ys+lJB1Z}LUxlt>HaaA*SX$0F?4KrwC!R%SfJpF*4TIPRRDb!Qj%sXD?8TFVE
zJs-kq5VK*MrAdZsIT?Jm&5l|r)Z>`lHG=CpVZP7A2u>H*eW<n6HPf|HsHdK}UL)9A
z8kqZ-L|RKDv&yHO=U8ZU@MvH(GP@8_t?n7Kmqu_k*u)&lByt|9skvF|!B+Pv#MRV1
zpp`;@o;Ocv1XsCn<~1gvZ7=gXpq6IT1a3d^Z}QrvrTHimT3z6X-O?<r5nPM5GG}T8
zR|T!jr9|LY)xe)A;7?ogKO*W}_seGPiD)Y;=Iuso{bjQNlc-nVR9*)B?Paql5%qlW
zvRR3U+6jEwtf!Iski(bFo|4Sp!Ft-8vxuCFeAnOJTq;R$eyqI-2H{^;uCyk6yK)Ef
z!BZ$5%=1)gs&No@WamO$9n7{VlrhTBVjvyOeoTxKU>(UTW||~9UWXM5kXOxvOy~(H
z9Y`nhcPWE!laX{buS%KV38+hi1gpU==D#F!E~@k|QO1+teHZh=yN0@$58gG@#eDFt
zq1Vj3lQ0VY<_Pz-UN=iH3BCD#G~HMEMkGHMAV1&1!dH<;`tn(|ZV{Q_L|Hep66u+2
zY-$bX6Hdd8E@n?6+``dTy!nAfwls%tYRpuPV5@u6Tuda%aG#4dzJ>hsG~*|u&%=#V
zmtYMAq?b9J$krS;fMgL_D9P^MVD$y0x4BA^(Jw$P19`{HB$8|#lJ(xlyqk)eCmRF4
z;kmny89#+dFq`)?jj2qkZ-G?<=y}g<C`pZ`ux|_`!JPIPc^G+0`oQGhNzXE7JjY}2
z2WA?{Of|YdPkH(bd_`j3mE>Dk>D>lB1I-(4Vem4}89~b&B=fvA5AK{q!!u7nGIO1V
z^N=w>K9n+<xhl)k=^vTaH1fyDmNFli^(CnwWfILMMAY|;iDoMzQ;jlkzg8@0PBceo
zq$H3b=6==_86`e8uWAHa%TTl7bhLgh>NB{>2hTbt$+(h3ePIP#0rVu9FOp1F)KYjJ
z%mC>m^JOBLMi51k881l?X_EOVmx^R{Sfm{WwuYGtNJh1~VP?84h2NG|&Ic{YG-jZO
zEQ3!jBg~LSVu?Je5j_1k(kxAc^YbJ`@rij<BQ=4HGF#0=&3q0P>vD`4Pb4eSbH|$R
z5=l1xgHt-#m&cleSSAMZ<AI*BW|Aa$BL|KWW6e}qYDi-qH^!N>nM9r<$D0desbJg~
zZ>}PuvO3<ZGz&e<G=i*-H&clu8CkGL^fXxi)clsnNFx{lCYV`7RC}Hn$vpO^rci34
zd5~l{KP`w%oQ<}av;~r4_MUTpekPkkiKzUfn&XM6{G^&wSSBXOMyk13$^_Y%Vy<8k
z$;MQ3oh%h(W2(7>N!0uBOuZl4>QwVzSqd}X1w5Q;hURj9f_6C794JYUv8m>HA}V8_
znfcQwE~85?{?>k)`Mo4T4yTzv5K%dt{!k95n@31SwchFGIgQ|$Im4_l4{fmwj+wJe
zi^y=Jo(nsC5XEdWRT2kA<6c1KnAJbWQp1hh&<pwlNi)|I$%+bU@N+Y6KFTB+<KTWs
zJQw%5*_#M_sV&FeFU-Y6CL6U5z}r;N^M(045w7LoKo*$M3s4V}@jw=twTbX(lL}<9
z*;XUCzw@Oziim2N%glX}1a-08G!~-fb1^&T@>*iK86uKwbb&~5?YG=)`84*tWaE4J
zj&->iD`i%}h>gFeu-vS|dZP9o0)N5!a&t5hRXgcH?K~3LijZ7EsdTw=P$S7oa|7F=
z5po%5UTJP8!aHWTZ?(!iA*~0QUt|6$Nig!SF{2k@q^vp5IXF#c=GO?;`&#ocjbO~{
z%(5E6(fB*_Ng`XLgBj#|vmFt&23T))(MsKglV=;uL?T&{5g@~yAW5(W*ld0#Nw5ak
zY|bT;WUN~m1$#O0MUR<5WQ5_ZVY0<6y%^&fVT^;bMz|{2YF3wI6g+?6Xq;&dBBHXI
zX(kcjoh8(qX^tVH;@W0@MMSM3v&^+brW)VCs$c_TKFch<1g)nSU&1;(3&?hJ6cN>%
zc9<y|!8d(7&4n7lUEm+guQh^s-WAMfMlhr8HaC!rTC?poPjacq$iLe>PbA5hDo<?g
zHd}p(9;&!@o2QAehnTTF<~5CAef?<W{EAwOaSQH9#5s4rSyUs3z~}vDEsfv_z@JQy
z2)E2^kU3yBC8Fl;gJxSvf|hykp&9m|nMN{MMli!3GOrSuYP<;ViGBsmhs``o$-~GR
z>4;fSBbdV@W^s++`uV6?K_eGI&oQ$)5tW~x&Gkf7y&pGsXr(Y?$IW9J!Hi{_7m29Y
zPnrJ^ITslZPn)4-=<~U#AokN{Ng^EAb@1o3S%=7Eiu5j!Gv@O|RO|iKd`Tl1>96K1
z8o{{En(;)~pWLu>{hQg3h>G-g(^!uFs7T>-9TC+w&YNX4f|34V)+VANy=XQdq9VOy
z#z_)HddYlE(}N@SCG#zf;D~+2Owb7S%D>DJM3m3h%^hE(&uqN_#C5|wsgYtp{x<(1
zk{o&p<`f*m@0dB#Df5wW{*IZCNo2&nV>Xr~@cFJeiinEzu9-$8%Lwk1`PcMTpk{UF
zjA5-O!liJAHLSmwgnoI3XPId0?gOQwt;ChAC(s;i<^P5vHIBmyAIIlhR;nbp-pBxw
z+bX*XWmFC3ww@xw*2_aSa$C)aaGm1&<ru4tMzAjOSzR@Pb@7O`LnAov#9ED4qpc((
z2aLU^55s8<YZQ@Wn!7R2g{_H_1osRSwx%%&wSt>-ps9jPnv@A<&%#!^Myi0%g{`|p
zRJ|9ms;@!oYBqn&N{}R&&5K$~iNJlQ@cf1E+lpG=w^)i-4la=5R=P%>22#R0PlWS>
zGh-?1xwTk|31+^G)k-7SGRs=KG=hDwoOO(ddIl+P-Ie4F%nlh)s=U=;9cs>sxed=L
zn2qvQGf9e7=lqnn))G;%m$zzv$FT>IR<Jrq609LBSgAy^j0sKo3Gs3329e1|Z?M%2
zB7NLy_dV)St)-&XhY07V706VyrfH--kV@7*A}SkCShd!x{KSIBC#^Ul%6b*6EfG~;
zRji>zR9sc9{Y2RM>tL&zbw?vTfjnj9-+;DQrZ14{)-yzuKQ*nli12KV>&#l#FqR4J
zf~;c8tZj`aqO8}p786k(*0J_U6685-T_B=Xabe5Yi2h7AHb9;Sfj?oZF%gwj)9OTo
zeNF-y(;B6bQ9vwfBN2`QTa;rR)d=1=;aV3pg6+_=;x<v{>9!xdgF;vxiKw`Q)tiWl
z%eSUV62w*4nooqIm<0aRwen=3W)(#}t2hz%5a*P7);*2PfKv6X;+x4InuWgv(#VP<
zqWpQznomSMGd8u1Em%r<*wpGpBsp~N3e3{bF`8NZB`J0_%D^>JGb>S&(y;o%J7=D^
zMo3Z{2;SfOyft2uU~ljRYl<Wvz-}St`2}m2B+K9z1khG<>wqMifuODCR<<OKK{Nh_
zQJi&Fl2?Fy50S=Mmx!bo&0tNk1xO34$X3ds@d50j?*`J+a)@vaaYgi!)r1M{8sT$p
zYpXSptjI1+Yb%}zx1YnHr?r);krP1LSi4ydWgh!rJF9r6stX6=df5sS;kjTN$h5bf
zW0}z0COk@Xuv#&pJ!;(5?_l-YhI*2Wr(5x_+jOw*5=k){z|&}dSXFnhN@tNRV=Jtx
z@XLjcR`u;%Dy=c>G{YLHqt!{0ZD8wn@c9*M2b0j)8{8{9TgRnLu*&UhohPE&PiN~E
z5!G6{SdZ^OTdGC9X4N9X8M_L$Ub8xA<ZmEdtxt)lapMhZmPRm#-K=#))HoJzZDyIs
zIy~O`k%;mz-a1W0dDz{0@R_KGm3Jrl%uh+Uj(XFoLL|l52XFeKaz`0&TOSjdY<vPc
zz%f92TWLgw6T!K=uT|j()Wb4`LFQenHW7}!ERY0il}0K98DRZMM8*Dr^&b%x=|C&r
zF4UYHiFBY<oQR5apjCy4%KRY9lO&jl23c<qVSj3Y^$)Fa8gYPpWNjg${26TR*9g|d
z5bL-`8bYa$t-`y}L*;XlRf>r6ImxO*MERU#c|?@Y!>neK1U?V55{OJS+Cl5>4&&-@
z>vKtP_wqTgKEm3qkrqHkTCsa5W7G$6Z282hrV$*&M_F+i!9F<JTFN9chL5q<Niw<`
z-z+r7+D=48F~&MfL`5;yIx9&K#aOGrkDQ-imw232iU{X9H&_pd+EE;5)gl>XYrOR|
z5!IeQwVszGm_a63aYWR7F~RCcgzLRM<Y$64LL*&(OtiiuqUwE;wNoQl?~|<q8o_!`
zwesz~zuu=>g^8$opK6sSqN12;)h42%_{{1=WUBGItmSFeEJ?7IdxEX$)*l+_3uK0M
zlL-5a9?r6?edrI5tAjvhwl$1Ma%kRGep@=%8bc&2s?ZCtKMgW-tyD=04~CsxAZgZN
zO%Jw>dDbl=Nyg8|VU7ct&#h+r(H4`>fXuhnN^<H0`1TFnn=iCF{6zj3(_s%J1Ed#O
ztB9y<EV8x|QSE23wNH|u{VbMIsMXFA>n_Qp7&VgNTq>M2SYkCkfVNVM$ve5Hd}WQ0
z<Y#ybd=>t-)S7h=Wq5Tl4}4x`6+c9!BJbaqTUCjumayCkYXn!+Ut4vFs3_8{7l`ov
zT1!Cl3hQMeTo<c=thTxnQF{(+tbURNPj+jp^+eb@KGCnSb`VM8(HOk{)+%?Hv-%;7
z#yIw_wd!l+d$9GL6|a%%AhW?5D#<apd+j8=Rorad)?~IqsjXJABdB?Vu`QlYGG|#;
zh-5_tJ04lqK#gEFwp$Z5f~%Ar))z#$$L#{mJFVRs`3cAmR`gM{rSiPndQ>CWp7&U#
zG=e?uN2?7HHPY_0US*lc?6A-3NkrAoK5HNm)#LVC^NCC~y1^O%$JL*#hR4t!-tou=
zTL-N6MA*aJ@VA3jSB+ro2d#b@!JV8#)_jfN>h!Rc^Jmno{5fI`C8EZtqt-Ygs@{)U
zX&S+K`Ixnah}x^nwsuMq>{Xty_Dd4%Ri3cU5#e@-E4>re|A?qvk&{;Rar98_|D3dn
z5aDe62H7}iJw=4~e=Y+#Wj#wo<>!nQrxDE08LN{<Fh9RolQn|*`PE7z!XDy|&{->g
z_Wc<<XN@AFGWNTbN<?MscWbdmFk|PfjYL$&E?D~|2{LxkIwnbwv5VGaA}V7St$&HA
zj9s$wp140_mn?oas@^kRvLL1KFDqB@<a@~~L#5O>cFC$tM2&uztS}MoJGUUum#j`2
zxd-I3HHiqvj^p!HD@`NVcdl6*h^U_Om$i+EYKMPWhqzRv?_9Ue5>Y+nx>evLM#{Eu
zPv(YITqC$AbJMD*5nONFwk#sb)*b6>A{<vt9#~IUM>P@)<gQiVl(L0!{byAtqN2EG
zjb@pM&-bjEM3k+2)>0xW3d253M75tN`w9{ErzBX9vWuTa>r5&DiMCr2;n*>&Iqk(7
z!DpFV_I@JVTF~d*_HQf`c?QX2-;(4@`Baj}&VL4NB^me(@)X$0W7j5<9C-qYvAh35
z*$AD16Daru6l3?3WI2>#GLJ}7BpWgIav~}lF?I$Km5sdipOOTtrhN9_L{!VnXWt{j
z*)YMwe0G&zRepRR`Ry)5R68tS56}o^te`!Kh^oO@dlnJpPpq9qMEU%veVPbcZw$5y
z+3{zU_2xhd+cStL>yO#Xi6~n|?eAG8lAogX4kF4{QTr$n)d!2&=OqbNAjRw=zbWhO
zz<P1}LydF-Qo{a(i1MeDJw+p!jnei?BFe)u_IE53@vw}&orv<VjD3`d%2-)D`W*VB
zd@g6hf8k$NuHappBEjlHkzhnBXBQ+r+<I|OxSVY=F%m%=?pal^n-fVgKK1zN_;Gs#
z5w+X=xP4BN;FkExcK+YdLwMu!B<~+qwkr}*`KfGI*9fk5p0I5qTcd;XEl=9dND`cH
zsbaSzqIz6ayDO0-W0bthy_%g#Br9?rshWL&i4mMEddfZ{WrFwSPuW+AsLVfQH$IP1
zC|lL-wnUVz8unTu%2o|~JClg5n)V?n6WFS0pCzJf)wI1olr5}_TK0=Xw&pON<s8<r
zUnY_nl>n!zuy*R$?-SvyVjBzFBbkKS!FSNO$7tHAOpN02JrRx@rhShH_pct%dQCg_
zPqfaY9}wH_N`y6k0K~B~iST~rB3L!mwG%I3sT5<tK==g#kf~=+CXyWbdmisl)wgF#
zf;Sc8o>hJO3rX<iZ6;qya%WmVzL6v+L@^mO*SFUbQTtK#?b;WW&(le!p+>#{(!d^1
zgrmUyv4-}SOhR~1GFopWiPGH2Ua9H%67)2(Gc>Xa$g}n%m(aS@45YE$kci69b9Nfb
zgf7Ec{TkS7YA==~|1tg*@}_n=5oNupy^qLLqa2)S%()p$6~D}peh7Pod*G&#W_DLe
zMjVCT{Q&a3y;zd1Kx$ur9Yy;*lhBI);4K!&G`AnTLASYG?~00I8${9EZmSWj<relF
zCUnmm?r^?nFO+21Q8;lArCzj`6H!sTXz$VV93q*E8bQr3*?q2(_0W%tU~LF8t?l<E
zIg!SiTiZh<d3s(zMiEiATFbaN^SD-TZC@st6k|gzcqe=bN$G27ORWLg*+s5%R)ajZ
zvn@%29KLLKmL$k?dpkjrpe{Pt$xI@7?r2YwGWh&{9^&d~m%gF$d<DoWc5RK|F7d1P
z5qy&BWH(@$&?gWD_T|oYOGz@{;CG0f?bjsvuqy8x2Snwkv;C%KtNdQnlc15C;7=Dj
zTO;>?bhY>1<l6bKCOj+eh7*$Z5hg~PoqQ7Y4f`w+W$O)l;@_NAj6Eg<-|N|{h;UEA
zdhce>y`{2|at_W++DkPO3#Hz)zthMZkm+Ub(8zKieeG<Gl!sCY_N?3Y`#i{=FA0u6
zdH2BGV)hD2TF>QsfCt&@B&i7F55B(`WN&5?iFA;?Q_4)75^aRR)*w4uk{BQ!k+YKc
zK%ORYk%-FAAiLik_7Ll<G08x)gnya2nm-kg2T$q_vNO39?dcVzD1Ow)3!vvi`-Voa
zP801S|EN5-2ALstMJC4Y@ZKQ<tPZtpCZTiP;GP`NJk;(f$=Utf#)jI{h^Q!r+G#99
z{?yxtrM}ikC$N=d@6<>SAj9qROlXfW7Ho~OuM$z3N7?1>DxYbu(tcVaxOXwyj?>8J
zpl7UI;9o4I#@-3GPlRW*cftBZ`&A;zp%Ji0gyUF>-A$69@1)qhh$w$j>@iYLHtdHF
z1U)JCRE@k0u}`w+OY$MSQEjpX_L$^|q@D+-{2$~ll~N<p6gxZm5r~3){updcu}kGZ
zqT-rrze<FAQ!>bWX1~iMwB!`Oftqd)lEg@fGIp&qjOlg~5f#^TJ57>cS9ZF+o`~{i
zx}8mg{h0{1rrUpNWCoC#cD|hGA^U^l*etuGMq=S_v+bH1nFpoj*o}$s$_mGXH2Z5J
zSuuF06V}eW2q`*><C<rGD`l|0z5+e-><lK6w^Z|NBbUnI3X&P8k+ncRx2F?fpSJ*+
zZ?DtHP9O{H<4i(VV5UY}3+-Qts2nb|FB0MW>?0YGTUkE>WRcyBh^oOQ_7_Ch`WcY<
z(q6|TGzOj!F92C;Z<b^*tXY`sB%-V@wa*h_>({81m*@W0vdo@Lgl*jdndSBpCZYco
z;5?_>E0`FE^YVGobbF(eDVQ(Xh>n5Pr=3MaSx>irBf{20B$GR&T0%h}E9^={RP3wl
z6qX774fA_xkXda{m!wL6{(Z*P_B=^S!g~i?HLbRnFfl%o=crfPYltX+R@*0uus@HJ
z=8GDs4&+<Add&U#S!+L&mwcw%&u}%k&VE6XW1C=I45ilDttG*hAc(vo$#;d>=XLfQ
zlFWrO9<1kWNy?svn-Zwhdy*8+1)~I!4<(5n$?L;)_Ap8Iz`8dltl8Gt<A|t8*V&cw
zsXXrtp^Q$NgXZsSPm{rYw(sq68fgtO>+RD_=qvS(KsMOdC3ywDuz3T>M%&0wwv3~b
z;46SlaKDZH2ocV6Pm-xkMAh;pdpwt-*`Y7UWY`Ndf}_@EdleJow{p?O`yjK`&LW~B
z-D)3{Bp9Q%+D|`%{;>7IR4Ps*p8(lrrxW3KNjSD-*&Pa~jE#b^WxKstBcDR49d_P=
zN@gaIUAChU+}qh>chJZJkonOb&BUm(hv(D%b{dn=k)NRlfXse-u_Vu};`eC#?F=F+
z(*5=ev1ncG!0fks5aCF_B|Qlm*$m`>olQh#{-FKZqbdq~LOf&-&<HFcjl*^-6JwKH
zLmsieViFqgI{(JO5j&HJ^6-dVy3qX|9<iqoVGnnJKS%5@H1ZRWV|FGH<>Alv6NSmc
z(C7sC&0lyIdEBna1imYcHjY85<91z1=1%5&`HtJoWT{}3IBvI+1p6S4636WhvQ#ii
z9Jjkmnc$A`<Mw-!U|+sKr9PJALOD1;M%KqkQoejZrV~-wIBsVW;n>ensUk%%E){9E
zeU=E1y_Z1dgngHY(sRo0`WR>9v(xY^i{Q^GyQd_nu$#f89}%|oH|RNKPteGJKu+7U
zxfJ!dP+oYNvR7-QAdp|}Od`s|v-TrJsZOH=<hdBg{AQP95}8kbv#U!I^ugckc|<s_
zScv&I`%5D1VOh{~&R(mLDnQQLxr*JNpFiv(L|9KPkonWD!o*0058qrM7wmV5sEl2(
z6D0}!xnTdI>A@A_1^WV%&^b7vjqCY~_Vou!U9@u*r_58vuwPuX3uxqNuzty|L`3z<
z%XU{HYK?T+K0t(HZvv$*+h;V=63A7%d<kXiWgypVkBF*^>-Kn-2_+`;ujSsbr!a~9
zLeLF+HW8JL8+InkP!!94hFcu%mr5#ISUWfEPc-rxSpVCeN`!sx0pyl_h=|gB+x~@1
zMNaPBwy$WV-hooL?SD1$0g!*}dZq5K<-7J;B3#QuK;~cj5R=em*v%LV#BfeX5-Jb(
z<ZJ+^o!=z+K#rn@bCrnl&~Oq<qb*fChEu5wSvQ`AuRl^qb0QIrbS99T&Nz)M0Fv7|
zMua`YcN}?~D;mM|VT^N|N$90m-iyoYM3tpHhX&n+8<9aKuM@+B>S8Hq&g(QJqI}Nh
zw3Q@iz4@G@MBukOrO)}C+T~C)`}_^)Dd;?{kqtl|bv`1(KI3oV6mk|5Q7!5*r(}8d
z5clG+7Zi1#lqC4gyP}RIN$@*jMV&@Ol+Q(-w}`MmnP9!BGf*Qx0x9ksC8DgCa5_{V
z>y(W{AXC!$LL(=Dlya781iwKj?KFIxN*U|m#KKvSDdW5-iFFHBi|65ttJ77ICxPJo
z&t;wWm_&Xtwyg6p5fw#Q=M$D8e>Ork$~v<(ash0WbH33CwuB1KZjE67s_68rh#qn_
zu0yHH&f-dn+yU~0vxZ1=DEOwPinCFYptV$Sb`Vjmw~EuVGU`b(M!>T<e)(I)nfL^g
z=+5vp{B`&O-PtWkF&82LQr#)?B+HZqnVj&OK((B<lH{xlPxL@)JL4pIwI#g80%AIu
zRj`!GkL8>u!f_P_8Oy0r6=j%|1Y$dNiEyi{2leGTZ8TB|WIU%g5!Dievzld$)O&DF
z7G!*9I}v5wcMeJt^b6l<SdHSM`odM5@AP{L30pToPhDrWM$n(9oyA1h=Y}BDz*(b_
z7l1T!j&P}vD8^66&p4+fxem9;Vo!O-xg$v)xU-Q-k?Qwn>=|bo5w`UbXnw}IMT9-X
z5#U)TuEzaQG<N<W!ZID8R1+sxO%>N`K%R3-F^SyC+{~${$>508%&DP~H=)$?&a)cn
z3#7TzQR>MW0XJ_0iF00;WCiRk<LWfdc}tRBi(toyWD<y|+KF?j*HRv0UBo#9YZD1w
z`V8(70zEC9p^`X{@Cez$8O6k?3Qv&*pr5vITGhc)N^=WmDG|=$FtFajxvi1WKwfl0
zVJxLuR4eBbBAmm?AoG$ln+ZLwqd#q&1(GDb#!qBzoMn>ih8=QTF}88m5>fuNadMkz
zi~X4mn%g)<G_nXtJ13q9TVD?3Wv91wzlWWimNt^)(AKB<Elg*py(B+D*QUK(=QT;z
zyeW5goi`=v9x2sVk`eLIG*@<ZK9HoGoGUv!9}`hgbaqBb67;6d&Mb#KjLb5f9bUz8
zR&ky1x^shM)Y|3^C(~8gSPzlD;XL>)UN`49$*`Uo@Prue#CljtjcnbWfkZf~TR~5E
zX9p3^A-1R<PBTFnqyGK_$h_&a)(GC-`IeJNB*~cn8=SrYnO@HKEE5XBT!7Eiy`8O+
zT>m>DyNRg$^mZ&CZKW8y;EePM(9_%5M}+-32jm^+lty+!Yw7D;*2ra$dDqEb7xk!?
z+283+gd@ELG6~LjB3Uv2ON}z_0U6*-V-i)cVziM9ep_*XbB0M|)jhy5>Y--Vlb>W-
zXrwTZ_nlXXu+L?H40KY7D1Q>2TJ<Tbq1OsV8C5`Lu;WUS2x9{7vki6{NK$AZ?`8~k
zno2UJZ#4Ck!A>h8Du;ueRYa7n!A^yz$rjZh?gS2TYHOq>SpV30jtIx)0ZDSYvrMS?
zZr+a?=DZ`x4#*GI=`d#?5oLXtvw>wIv%@fFw?=ReWVmxwBe+j8!Wq#3Jyd!|KGX|F
zI^#%2^@3z)DG|;y?p`K4TQq`wXOwf6h|0!jr$IwigAE|kF-}(^SuwpbIrC$ko{}W)
z;628%PCq7*mN3?tsOfnQ^o(_G5K*?qISGxpmJ=T3-NNxsq9kXJ1Y`se75n&y`to?$
zmpM}G%bz-bQYo&l7GQmXlm8i2%WZ*7bh>H;XW>cC+Zw_AOm;>PQ9h?SrJiM<`^gz(
zic?XNa`4qA?pjZAo?>ETKgVybr#Ouz@tVR&d<$jLiKw`yII)dUvl@S<I17ky6kWjQ
zDb6<<=?UaB=PD779e?9;n$xuj>QO$=aJCUij{NTAOlOZI!S7(sbPf?w{>*fY=THw@
z?+dnOI<1H(&9j^gB5WPk#<QKB8o|5e=QyW{D9v-7noT)}xTA>o#?N)?5@B2KgRQwv
zoJNKMndfZeQq*^FU+Z({xJJ%G4SwNV(FpFC&3AG%BU_Q3t_4m$BFdiyPH`erjRm`5
z&IMZwobr;4kYu6Lk4OqV)lLMNMb2_5gKrF{0a@&<*9iVT%9qXwBAlNkK)!NrX#}6C
zmpMhAzrVh|b`pprN1mzEokS*dw=;falkR*fWvW1qaaEA+OeLb?N_SQh;jDfG*3+FE
zM7RcVrMJRq@dD+Cvicp!taLgN$%+}9&g;xoPP`<;U^c@RzRKy%B+}nkIVnWgRwn3K
z<?JJ(TFYwZG?$9H2;Woh0+}^V)#l3jPekf#<QR}|o#sSTTx*>+MA+6DkXh?YBBE@q
zbLKsu=R0RD>xt?PS3I4EQr|mKacEs>{@#fp!kVv;Ofikz2C~8Nh^Ti!8=XllD2m9s
zcayVFl4n=*DsGdrT#{g?eUr0Bl3+J}le1BhV3%)`lO;)>(!8g)$@x)|q*4JnEXhA`
ze**3eZgNgaat+qT!=M*za?VK-EqClUIhQ4A79lq!3HI<eIsXw+`Pt-zUR3pk>z_?d
ze<q=(WjWFe=Oan7q=y;Ka7hBq8O~ZFN^^#jL4-4Jz*;=R*{6}bK(;ugTcUN9`K`{t
zR`+K<(-|j8koim}Rgxgjna(Upf;?wB^Cby(Q!|~Vk_5Y{na(OEk^SCGC*~!xZUp<i
znNB4pp&-&sr#cZ8X{KWl;Yc5axH6qaT#EW2o}kEb5;cM+Hn%(HwNj;^)DGwQ)@&W`
zL#qLK+36%o5`0It(>Y5-S>Neglq6VV?{sc(DYE`JXx{1MZ9|%gR0p!lDXkH#_dU)@
zA{>PUGCw-^h-Ag&f_qNt0@>^2X^VQYVzLHB(;9NG6U!trZtQh>65$atH%RYwhA}Z5
zc<+E`pY}RqC7JRVJe$HTa{HWANjAYg8}5qicV<iS81$4zVErd&p+=ekIpD04WIVJ?
zlsV{Z&<M&La&}2l7|yDp=EKfGNh&XfFHN8~9dS-evKiWZODJ{J8Q)H245K*etYBh1
zlL0e6$$S@(O7I>D>hzd%MkAd-=D2f9k|6eMC+cO=Yy`2NaPmrmvF8CjC!NBQVC>yM
z&nc(0Bp4}@(@teco`n96Yos$y%|K5X*tCHO^%uvJ<Pe-$!nd5iIt|;Sb*|;NLC>$w
ziyBD)@|)9_2-hG!<DYXr)W}C5^Sd)rBO`(Q;Y`%X1RxijbRudDzw8X?K(UAZz6ZaS
z2L4=e21^p`3|w(WN)qe?TyZ86QEmQ;Q@G>(wR6RJl1U`1SDf0C1TE^SBP6*4Z&<Kx
zTyvUAQmZ_ZznoV!8EjG4op?<K$qnZnNtVLt8tgm&b0%nH7RcOm=4xaSklW5ujjRN6
z*BS8&w*=Ia0mN`KCD|lvFo(NOlIij-RZjQ7tM|vA)4jwb(!X-LHzf($ST6UTBtbTE
zyP-~O9oraYBad5DBN%DOEhh=KI+TfVYiI;z^16;BLI29<HjpG}nfcvjl5~=7^%3_a
zNrFCD!0jYS5PLy4Rg$1r#<~xl8;o`DcE%{wQ&Oz^NEamB!uNoOv2H1i905|utw)4g
z_(>pz-HAk0TP^DT#WJDga!e@Z-jO7Di&xCe^BUza6s!S?xkV%iW};$l1xbP#znEK7
zl3>O!=GK)YnDL9b%_IqC{9<l9NrE?z#oW%4;5>*c#$s-FCXw?A#oYIZsJ>Iooh3<n
zRoK6WCzoRGsIC+R%?>!$m2f9&<O1ZUgu6~7{{vFW-OD6YtqboOm2r<q@+fG=)0k!4
zQ%sD(K=9o}8TUMqtjLX#W!%`;(Ym@HyNnx0WU6ri-bDNhw#vHWB*B$=Za6Pe&Yh)^
zSRfVLoNu5WRfCVa<-4i4@VUF9TU{f?pj0Jyw?=Sp=Lxq{yefsy?^WEM8mR!Ks=A@>
zN(T3co^q!#F-pR>+jz@d4R-;P(3{u!-Ej?frIcAU3hvK_RelY32N6{}HQiY~NV5^!
zG1_<vY}ItFH<>I4Jz*fV+(wcNijWs1nGzvwi6j|VN>HhTL{f~jp>QucklOAoCXufW
z>$tzY#kNkj<a^cXxW?N|N)3ng8a&z6aT{x74-m_p!6X#?UV!U<DP{0xX*@mRx*M28
z+L-GeCo(mZ2Je?YhOg#b_pBt}02!PE$yFk%cYAKV{^$?)?&c7M=f0qk)8E1Vyqicw
zoq4P4F4hQ+*md3711K)?2U|itx1mPb0eRXDy{}}jZ8UO=Yvc`(dDdO6ky!BTId_Lf
z`hrYTH(Mik)9mx^1&w?FGR@t8G%^&(i*Ei8(0Y<_<}jQz1oDzQln9SnlYz8x=MN$e
zjf?N`FOar(S4eWae?Zo2WG<9y?^gd1OQ}}Z!L9uf>%msH7-TxQM>UcT<Q4Z~BFdx~
zXW%!~zJLYBt8VqdOfoEZ5{3TN*&QfJE9kl3La8oprX)7pU5qlXxs`@ssU)L7HCX9^
zOjkGO$7~%}u)Bf8yTykhQ9CC++-gKd7#nuLjw{IYaO+Fb1I`G22GTv@O%(pi$`y=k
zZ^`*WwS-=76Dq|y#QN&xw$ey8XzuL}WMXubUoP}<CrT20xzOh!&3)XAB+5plH}!Et
z!;x@X{RK4lao-}s*8c#~*BwYijavQOe>EBO@Lf0G2+9w&)vHkIJ+}gr(3C{DI~+)Y
zTUC;>@Rb%5i;2+#)>;Pax+b`biKu!{aI=Z9hj~b*`be~;{2AcZNmkYifXw@D4<?~6
z!207r65T$Ml-$8@sS@4yCAkB4Amh2gM0bcJ*+9_4L^oNI4jKHsljwdb$rL+U%1k4o
zd`^^^XAg0<N_5A4f*z_-BGGL)3JJ$mg*=={M8!4Oy+MTQq87*uaZ8L=kv0G_%&pHP
z)ELIOI3Oe4CX(Q9<Hi9U>9&w$c5|NfM!M}JDcJ$OB%o4ViKr+>KGc3jx@$>BMKRL#
z#;7Pdke<av*k?Q|lI#{5t9-`R@`>AoNvOsaJ~chcZ6`@tAT>Z{l>4S6M>q2?+>LUF
z5K$hEa>o(j9OAD1C^wsk%He4D#c|4d50Dw-4qy_h3E$fH1v1_pEJ@s(e5Px>J4TXH
zT>|nM5oLY6n?Z!F4<J2{j7M9_`loJvBAgA}=bzxlX#{u3C%SJi34H_4L->|qlKZwK
z2N&>~WRjaeL|LEoP#c@%t|u8)JCoe}pQ1nPVIp`q$?Zgh{lQsgvU^V>!$Bt1eQbit
z82UWbt)vlrbN!iXG70tE#cv{}xpkQs-~P*QuBW+;i720^x$}vzKc9lFX>P%Z$`-bk
z>25=fp!FGUOD3VG_Ht{P>Aoh(aquM_O3ifNm*fkWi7<yV-Qh%(^_lKOB5ZvMSfA-e
zr>OkQ0y4`jLxgK^A&@z4bt0TGY`t^chD6Rq1>Xjyxh;q&TWJr~PMX_^WZ<qL*o|KX
zn$z67Gthd9@d>o>bwK93)-3iXC&(OH4R?sUgEg`hWR|$2H1Y$GFWpr{QjBddH~j=;
zsXKo*YyP`2?CZeSg3H}AOd=!yiibR0;a(ycjugK!T;bj&k`;PCi!;B{jhTa*vqC#M
z@rrt-TU3(N#{*JPl5}`=n+&t?O1HKov!({5z9dV4^Z;8c-R4XpzgzK*+eMPLE%}ax
zZ`@vz>;>z+pwu_+hmuTa!+KV`qa+D#;alTQlO*`!a-F+Ck}tq#{N<5#?rKR6JPEgD
zg68#ZCK1lYG05r$x7l2bUG?q^w|yGd7q0owfy`z%l?dEx4Qp&X+q}h{CCS!;(UQ!U
z<f{q+SxQ8;pDk{!c}nvo(7eU%O+;DW>TV{&9^$Tkrh9}*C>Z&(+*3@9eV6zvq%8M$
zBFa{lo9}aF>jv1$a+?uRwzj+87bwHF{sEaC?z>DPr@{BQgCtqj9nLVo*{?lrk|f)P
z!|%~UuiWE~mZb7I{-SV?n<B}pE8zDVsnm2yg8j@r?tCK3=RI!c`O4>#RB8qh<@1m3
zULx#s1(4b6{>CJ<t6{WJ4c;m2cP~lu(-7GIxQ65w5oK$?+i-!h^%UsY@9rR?Z2jaG
zU!?LA2AKnHB9lmdvfUAq1o_E!$4T<K%ulwPDoOCPp6$+(#08m6;B&S+Uy@omdEJuj
zE|p{*eEo_!%yw5v6687CT`$Qpc-F!9DcNqOBtf3D-Q7e~?Ab2gKc8Y8tOajZE>Wq)
z7^(VN@PvDnNn~s}?OI=Q#)7W}PrGd;3BDFQ;|`W2_*(E6H&v40Yr$XLg-jw}3!Zhq
z)k@*{!n1N5<66eG*13m9wsY<cDy3$|Kt`>)&$-_$qqrhboO5>*;rXH?*gEIdUyd?t
z3un*Y-8d#j)jRN%05a#@o|5!A3UdXlA^&hk5J@t619=N%{&c;sQIE>=MYkal<>5v5
z2O?~%Ka{%Y{;m<Ue#xznuKdBZ#AUYy5%&2*D0S8Sm}NqJ;Wyo|4_<RWktFz%>zX@}
zi1O!}dz6Us=bHP(3bJMVG8KN;gY-P3ktDG7m)lPx=+6yzx+FU<!P^!1V&|qik4fYy
z`=+~2BcnmjP4|FCCIb1}y`&L*>w3%0vl9K`NIwIa+in#is&?+UO*De1o&Rx1Xk-qQ
zy6axj$U-3hxwkZu4#e;hzfpPK03?SuN+Uaf<o0T>LYb_n8t{9pcnU7B_o^iLOWe5k
zmDhVqlB%`&`_sH$0+A%6Q9anjf%gu1y&EhOd0Uas;~hmFZLo#s^B(M#`8>Y{Oj^(@
z>wOe$Y`6r!((dJ$i?S((H6+@Y4tGoy@a~dk)pHAaRaT?Vs+J3R=f6dwzNaqah1N0&
zdTwE_jwC_PE#ftkB<Q)1d9N^u^xUE{3f1F^dc8?TSug6%|DJ8(e0mtNTGYEpM2)n?
zyn5?VhHDwW(kkw?W)k^ItEBgeB*8aXCA~L@s1{z*8=>jJ-c-`ttC166y_9#JiQz7S
zcMd>Gdv_ktQ`!q{Q2wBv(q3ncT!d0(y#7o=^+s_YEa!bBNu}z1TV^?LI1%MxId3r$
zZs9jUPdV?wU+5_B?PNXFoBjov^4@ukpg$G87dDcIMhZlc7f!uY@>(+q1^cv>yjLU%
z_Gv45Z^%-?7b2CszC@IVmAuc0u!pgvc`cXXJu4uUz1U4?UDaR}Zw(Rt&0kz2RrNMX
z66`Hk^|B-h_Li%9KT3k<H}E^Vs@_o|%Acy9mw~oYjCHxAjY?p>s+U28J$wpCHSZ51
z%Acpaiknpp;;2>K6HG!EV5Ng&W=*e=B++ocDDD#1^x}vp>ovX4G(D-mW2qe)!Mdp9
zJ+*~w(VY)CN`yU6lHgQ%*lQxmg&BMnJ?wQNqHKk|FNttmVTdd2T_mF7GQAdCRa^pO
zEN=*tNL;R$BFQW7^In1L&6flt#T|0j+e1WIcfE^5lr7h*m#J*wTGaE}6JZaZ1M9vw
zm1RPKt-9VECdL)WaR$^}UGFO*%2r+P2bQ50g|$=HJ4i&mk+1JvA;Pv=fUT#!n%g+f
z!<z6&+rX<!L}_l|y+VXbwS`g*yjet4Tn)X8tcR>Ghx%&d<;hZ!z6zzD^~x}zuN&|z
zL=&&FBzafyQ$Q211`%bwi5EviMbYG;NT2iCkqmp-9c(r8Qi&)JpZD$(;qkCH$h_cH
z-OjP!`yNg*18L#aVPf=c%eM=*@Sc@2^Ly}Y)xwJ-qC9Njr4wQ6iKNHaftr=|7rj<Q
z*gD?4-O}sFBx36&Z!nWkVCyAs3=w7PC2uJawly4Vz2qI@Qk3~IKw5hjHG;jVtv6&R
zM|uQyjZ#6TotG@hLfB)RLF7{+%2qosoe0}XBN^idRi~)=Wp9&4Fs}CADUIMWV@L0Q
z8d(H-I(ea8O3z9lUA+=aBH8HXJ;5ZBjc%SPN$GaHGuh31L6YKvpQ*cfJtT<*f_r-1
zyhI`@u5RA%MAUrR%`<i@e=x3YUc5%ugNO0nhfG4p;U1JMAU(WclGFw}yNQe=qHOi>
ze%AD0etLL!iKw>G(~H}K);Z5Vfu6U#u|$&Lr7gF*x4mghj6aw02=KPIfQYj7_CqU&
zx4le~QIWpwoj9ay9Rpi$dlxkFE0Eq^{=+I8crNZ8ub4*u1ev~GV<IYw_q_8&vSL=r
z6Tkf<B>4KQzju{oqK?6DiQ-AQ{$9=_Xe%qGON4lm1oKyauOXAjO0T~+hX`lvZ}6wT
z_ahPRU$8xBBzV7Q1n;yQ;N?7uwv^8wc<qTKhpvp}7B$f8!z7aDf!<IeD$fJGeMH#$
ze_(x}SMZq1SZ=T}$n!Lks}S7m;dRgmwy{L-UnY@Vh{0a2pGi+>%m8_6+IvKjt#E?@
zw&%fKaU#l}!CnRtRm+3Dg2z!0dsqmp5BADvq%@F^y@o_MW4Zr;+cvz38bJ?7c|)?<
zpK-7cfV1#uFIke{Z0cz5Q%SnY9pKU4R7oxs<av3tH%F4U$^>MgB=-shWVs|+WdpKC
zk{s;=>ls8;?4!N5Csd>rA+FKhJR&kK$if)!kVdM3%oy*kMljM(y-g=M(qKnug123g
zpe`nOdnL)&mS?L8-VsSA!E*zy&?b1Ni6{>zcxz9gW>q^Ayqu@W7LC}r?w#OO(1;Hn
zrg#lCf*z)NpD_uI8p&(pDc)R3X2RPy>`ha=MUwms>pEQfP4Uu+D1WASInSt!H3eH!
zyc$F}V=n@k>ctaLJ!O{H@E6Vxo|nK#XM4>g`2>FT8*R<@T1j#fcH?n`ob7dxB$OkN
z=_*O_#{$w*l18x0$9nn^Q9jT1^8BiNjt38Cd(RPJpL+qB<BiY=W^94?;o19rUg!;z
zWb-$0%Qci*=#7!YkQrO(O_C(|a$%u2Ly|r3@Jer?_qim;<!W%D_oXDIBYIX5QBf@P
z+WtoVP`%@6@P%H2M$qTQUM7>sx_61UUy@+myTm(5L}^~~(8#~UGtQwc)#{dbn~Ct4
zFa}~@;_cH&Dv+<dGQTSiX98L3H7253Lb|t{WsH%l;2TwtSrL%XyAiTR$_(w#qt*&f
zlE{<P3U8y783pGC@u@#TLcz1u3NK5_1kYA0yaSSyZ@}MiL`WzveBXp$cC7HSNk-*o
zh3B8gxH$F|<a0BPd=KOsZwe7^QConl^41ekv9I-N|3UeQjM(cuPm<^2_>JK@uc0LC
zUJOVxNrJt~bzUnX%ENVD63bBAz!_wnH&Y{j!<4qpTcHvBlJq-oheq(k_<GO#Q$_j{
zM6tmeNkn}&y3rdi3GVLVGulRP3K8YcMsF$0kU!WmH+u0GIQGYS@|)02UT;aZeZ*tJ
zCNDvfQgX+2lb1+DY2NfuTixV^E}~}DRyTP&iEw=#gD5t6M>X;*kj-A@OXLrE_$QDp
z-t$CMePwzhSSB>?-Du+m$ZYe*NiwDgytyWlN<?|M%{xtmts8~0)K!h-1+v|%e_2_7
z6vz(mbt20858gbM30;9amjanx-V#Z2!2RJBh^!)_tncz3yhC7@_uw4@yFKFyT4xWR
z1U-AaSdG*Hve)ZOgxj+RWS^HrM0xm=x1MD}&%PaPyZ~+NfR`yrxGdilbHLk8M0t3?
zD}Gg3e+D!k@J10~Te$0Z@IHbkbq{$9v{KJQsl(n%B3V&?LQlznc#e7pn8e^0&G>|P
z)VsnYvi3XbmAIy?w*fszy(${%4CH5T01@^FZy-GGEheI3KjGbCna~zk;o{!KNzeF;
z>NM241ozyNUWkZ_{iOFK5zc%(*gENX8tDV%v^SFVP|F+u<czmcBcp(v^D>DjfBy8w
zUuWyV412+wBFUIfU^g0S=Yls|k`vFu*96dWFL(<i=^M?X-vw`(ByCD_4PNlp5>ZiH
z@Y>%%TdK!h@ZyPZT+_hA3toaoJ_mBi+f0PBiszOud%HBU1Z1vwSBR*%u6eco$8o(S
z$ArH;SCV(;z_<&g{_+|UQ6B!~jU&STtRtCO8rcfuhW7{Sp*&+7`=57RBR_!5O|RHZ
zw66TQ<;4+!HNU*A<+j&Wk~ODz9d+C5L`3;>+nYy({W%DlZ+qz)ISJ$+?_btK{`>~y
zt{3{7VkdG1$bVjABFdjAF^gp)Gh?)vFG+A$RkT>jBytusTC9^Y!K@c8GKnakqeY2Z
z%KBZf9xa+_1V{BeBIj+C;kXLIm>3d8G*SXcUhz7S<j{U-gE&g$6K_fK$TQJKd63B`
z-jxKu(ZH6OPYjX-ztLclBuNd~GV_UXM3m3@M1ecXpC?FjX^qqd@`!kg2)9EQNCA;b
zL}m3+(fJ>WJ@QtukmxQ+BRKts@AV3acO>}}&ST@sp^z9LNohIy6%s><C=UyXI(JdC
z>N|zRgEuP{5)J=9GVCGF?}fx7mN8!V3*JLsLbBt5Qbok>e>oe$`@tgOf+WFPhR4Kp
zNrJZwMMd8KxK!|#p_nMmB=VM_xb#{1Q(V+085LJ?aXqR)q-`{YJQo+?Xe69@Y(FJL
zcOoi3CB-`|6AE^uONs%K{BQ&AOog4|l439sZgtH;b4jt3WvHj%K1nIDn~18@GNN=2
zvL1OhFDq&?3E_?qOczF3(U6Gpr>uC52-|86w#tf6xfI!g=4_M`pA%8G%8P9*6R}l6
zWD`-ED?C*16-4oz=%LDC1@Yjw?G*%n+s-+}Z#^CtBXVOYbwaYDSWARuI)cv?Mb-l{
zl^&9*B#u5HQ~4neD~pRHqdfe-WQOLsKZ^fLChZ}a@iAD6^V}7Dt}J#F;jH2b$tT2d
zA{<vNNIxmA5Xp-1Ch<waD&lV@kr}^=$eCAZeiJlT5p9X6`l>3v%7-$nxev%x6MKkc
z#cYLdfw8~W5Qik02qY0?YKYTZ$|wuZp2LWA$d7tdE!PkSiEvz_Nv6^xD5I>`6f=mh
z^@$);OQaJ~dg=(H0BMf+Q%8iDL|uc?W(Jh1BVHoHdhnE29no7Oc-}ZH_GkoWVN0AP
z!XC~8J+`P*P<e>Y1&)X(qWp11ZzAv=E1V5m45eI=$TBf?;a7XGH@PBRk{97!Hja?4
z$d)8H3+jqcEZSo0%SlfMA}T+g*hYloS`9Kn{6!=y2G17Ofb#XkJxPMIh4n=KM>%7`
z*}{6F1d~YHs3#f|Ve9Kbb3Kuwk*z@Li!>t2p9bQOLacebeAnMlT$AJ~d<};uS{sVn
zlJtS+9rUoFh$@VwIEp=>xuGaeL}m3^F_VbuU(brQMA*ZlQ0iF`DuQ~HKaIsTBCPoo
z$TSg;J*I5^38a}2M6zO@fx19{nu|t~RDyLB`rKSRFUhY!u+29YFG*4bzWc-5TAGVa
zOd>gKF7g*eTkPTgz!u05Q69#LqQ#XzcR{9wXhlTD-df}=fihV!^}gWsb8C@blAy=6
z7DbpubuR`7-e4|hExJmw={kQC(ORsPrP{6L%(oU9L{wH=i^Zjs&jn!zp|$v(2>Xnq
zO&f8O2xk>Xo3<ivY4-2~I01+mYbOdZiDaXlC{Kj5Q4}<{6a9#&Y`iS?5n;{v7O%a?
zUxxA%*%|04ibyg7b_O!QdPngD5tXryB8~{#Dg(AUie(z91mqR5g9uy4zT8PvElaj&
z{yGUAwX^UvQWHvb5phhYce_Bkig+eQMR@i^f4YhcBFdkxB7ZrR)%sMbHW3y3>*6#K
zj{O3hB7H*`<vFYP<bvZyH&KX4vf;SV#&wYCCdv_k^HH$YY7CmYiRxS`lKFViiU?<;
zCCJ2!1R~0Mcacd%W*%gEh*L~LAFpQXJ;gOic2whb*i+mlq9X12(9GCV6t93$s5aJ9
zoF~HmbOBpEMgGT8M)~uWxJ!in=?*e)3$r51FzE-Rw|JLGlCd%z1#3^Z^+il$8Csp<
zzIs2gK$0y#@QztOv5bjvu?3uG2R;47YALh&b2z<DB!h^GtDh)aNm(xmw)%;NM3m3(
ziHSrwuCbt}zgR&eE9$Rt+~X3&MoCJ-n-Lss62vYhk@`w_D2EB+BFU&6{$Db^E8m~z
zK!!cUwQ+)Y@Z3&<c<_|Y0P(*kNKfQ8{`W=sC-2uhNF)$Zr*sC1R7ryM^M_)CB*FUm
zBXLlYVEvpZ&M}Fsp9en_`(Sa4WK`^fMUfil59fIj<aw}&C!*?Nh}b}cTMM2R`&b;%
z$aE+*RQ$mtavEWnxF$*eSy9FpATvzdC8AowFcDW%Szkgj(}}Px+@%>V7Hb4o!Xv~Q
zCUl!Ro@y8=iPAh$WN4bxLGwrvTMKQmW_&J47K1f{nm-XK8u=DVjS@?l7$aWf5ps-J
z$0YO#+^>bR)fkaUL|Gpr^4C^zWq_VB!Xu)xI#ygG!v3K3apJB<aKs)j^3+j2qdyZw
zA&qPYk|G)~iHz#0qA8Pz&#9uVlnH!J6`hDEpHsyNBC2hqimODpZ5#kwsiI+6`GYx}
zB93VUeV!^VYXm)<Ci0q8D%1l;34A{|QwSyz4`+)0QYP?lrbr~BJe(;qiLgIEgXWo{
zh;_d|vqX|c&VbBpF^!3VyYc6N%n@fLdE++U{yIl^HtJEf=7^z0*wz&)wU3BuKXXNW
zM_IoKGHIeM6SDO$ka;3alEBtHaf67mHBZ!YQ4ib7Srki+BcfW%=OW}OTlqld3sG7l
zg@DW#wKY-_$O6%p3HkE`kVPU*lE9xu;sz1r&mvJzD1T~Dsc}S<KZ}LoD}Qi?T_P%J
z1n;!`QVe8bEQU90IKzG=HWN{{zItek`bz918PyKI5}~@v9}E2XN^~Hi>SC$*MI$&y
zEfW_tf_HE&7lrGQ&!PDv`0Zr6C?(059eih6x~N1%d6+KVVi{V=pyqVZUn6*mX@yAB
z2=<F_M3wr==epqYDlvdaa%k^P-pgGr21|msVBx#b)nXJ8Wqq~Sr|EeH^sE-;pGM89
zF4l-tBAkuqLFQYrRwGy!YeoJB6uYtZ8l1-gnRVh7BFfe}5l@8MVF!{~MMT;9PE=_~
zdMF#Ofz0<JP9tb*y+~tXT+JVCya_TJ#APDN)&_Bl2;1sIGR+#@AJ<0lGZBt!0LW|-
zziH%SAe%**XULxr-j|EJ@tLBsB!9uFA^a`uOc9o3(kebdktyPcD1S0V8WHwq9B9rI
zSBa?Dw~4f8RqT^NCQD>$1Y_SWiZ>=1V;;Oao(VELL=Pg$)((+Cgl&CJGMPk_t({_M
z6J=`&$owE?GYNeHHMj=I9<e}@NkG;UStdzAI61t9$XX)G`X15tIn>P7caY3{BFg%Y
zqGnTNeJ{xD6`n>81KB4!F$uMXQT;TKpG3SQ4y+H)5$R1tS^w#w{{E9#Pco{%|0Fs!
zQyyL<Jxhrw4-be+&npkFgUmtEj7eyQd=qh4w2}nhL|{ueEIJcW{u~yGL^vD&f}X=-
zHxXs)h)8@v*~(cA`l?9N2-f>Caf6957~XN@2brJ6GtIG-vh}lQMTBh?CYdxM%GPmF
zEl$}g2{PHj(ntj$CqxG(p#r<$CIBF(L{~|^lXY=Q^dzFJpAu_{u=P4rD%1jPDeI@j
zBqH47u-?yzSsL-6)Gs1~NhlsxL|E@<#STe=x%;fxM?_gaE6Tlyw%GbJpy#Y;O@wXX
z`sX*1pb=dAof9b<c^*prE|xQitai?eADI|`RpS-fd2xk^vVLCVZ>g-e0zKzNCn75L
zKg2;I><_MF{uKFIsk&$nr7nv4Od{4VizZAW)-Q|JM3nW*B7q3U{yONnEHa5G>sN&P
zlCp(!%2m;aNod9+JYW1J-j^g9?&-q$;x93Th_dyUNF&0wdV;OL#8o27)^*XX_5HSP
zh#5>mkHdZgzGu8CK9^*+v~^Q_NkrMYDRvWKTYbUSO;NfHYF4)X77K}RR&j2+CDJwW
zK9ssG&S(UC(?8;(MuvgRT`{mN`AjProWK4PJ0uBKGXIJ4?NCN}_@C%bggqPwdj1n5
zh$s*5iF)l-HYS6N;rG_a=Rk7!H<%a&AB{G?29n!v+=2ah9LO3XlbD2DARCCxBBK1s
z?N{%JrP!aXB$G%)`IE;l^NRB42apN*RWx!CNM1idBfkK7#Q&X1sOfI5!C3!_B-5dv
zUICd{{}vPDM8#<1e?;P5MO(_lSbshd_V6yr+#|v@h)=$c`UN^E4|5cUTV4F8n1pUa
zN6rhRkZ%%EnhW_a5@F4;Br}c($6h&~VHEZ+vL0Gp;5w>^|BptRz_Y_+e%{XHbIgnI
z?Evog7WE5B@;H!Upt-1Dnn`3Ips1fngrh*sMg6v2R1{^PR5AZMBJ5!`ASL}{EED<w
zcD3;twv>NHlF1SBha`B10QytPzd=OBUdkW(8rovbbwG0|e;*N5@1^}`yDEQh1SsQo
zVG>HplwX?oJtWyESB&NSK17tQa{hyF`pWqeNk+}E|CdbK8)*Gu8TJtCy__G4e^BPX
z9vm0$ROEoKB+B`*ZxV^@LX`I_F`-{|^dR=~etSuRy^9L|TapC(8;|=RNrGPwHGonT
z{m~kE9!O<>2NAB*RzRNctMo+cs+Oz!8B8K))oS>ABnf^CpoagmBun1qQ=K*Z^F&lu
zYxvGv94Yz}54LLfjWyB-NG*Q^5ml$P{ewi5o;tF2R95TwH%LZhzK&m{m&)n@&|JrV
zf=MK+Vc(N7_||m@$b|h~k_0(4{lSu;&m%#`^2cgq0uaaFL4-3l6^QHKC8DCJ>wnmr
zvKrcC^6q6lf0!hH&*O~M^Cw6WWVN0@OOha~_53A7R5t4Qr-*RBm=D(L`Ij`Z9LUpt
zwRcpVt_IS;w>7c}NF%?WMzD7`_O~zzJ^BKFt=z=_L6R%a2jnM77DY%l5#?bMzgi!(
zuCmd@e~AeDyc?`P=T9WUImCPUn)-7!f_?dUe>IV;7<`k3Gi-BzgCux+6`pWw?r&of
z8MT`GXNf55&HdQE+%~XI4}kSJzokZg2GYXsOe8A?PmkammX>~ZNrKaTE&X?xL~OP6
z#}QGsTKY4IaHMBJb1VO6A{^-jATRk>Sx;1hVepI(q_tnCA9|>A*xIj0L}_mA&nLo~
z??9<G{x*$7m54Ih`Ui-xt$aXU_H(~Wnq%<m@)AHg`UNCuw*<bZBT}46R1EAtS0)nA
zBob*ye<=~=Pe=bhBJ59fDD{e8?me`{)=eO<`n5FjG>|TS91*Bfc;dkG#;^NrC3zpt
zlQajJ*ZoeC+%6JryhJ3PNyMMm{iQ^dKd<}66I3m?hf;6&f=E_O<o$);T#}$pyZLP-
z>HjqEvvu=dl_WSv)XncE$tUoJt_x`H=J%2$_+GD@-(Ql#$?(P*+G;odBT4QI=evTt
z`NJhCHzFWoB?-Pj@8(Zt5{a~%Ka)w+<KyAY30ePA61=an7m#>=l_bL;iUc6t{f&~~
zU4nyw^ze5`@(o0h4CGD!CrR*DK$Pj}XG@X|U+hi*@|J&2k`VYj4anR6RY__}(#yXi
z3Em1g4`h1#IR{Xyiz)_phGCt)<8LIAWaM}qZtNiP;5~uw`q?ZKS;@TXUm(J5Yz>rp
z&#(5rYGWIK^!FPQ$%?v~6iux+!B1im$zj4n^Lv6nj%3sflHk|+K((K3pgF;BMMSl+
z0sbl?+`@N*%=`Wi8aV*ugZsz{AcOqVB*Wjr{0`(J|GXqG!_#OhSU!K`UzcQL<ACHC
zNI8rdv6IKTkNo^hB5{4>#}VQDTq4c$h_Ht@fF%0q8u<svV1E<qi5Ul@C|V!l{~$>)
zt`70fFp1b2;^!QM{-|sW@xLd+)}!G*xR3p8B5XYd$WZ^O4>^kZvVSG}rX*iSNL@)@
z9M9j0C;QJzQlbI(%4EN}B(bmaS^Z?cjU=x?6nM@&+3&<8;&ZZphzPg3a^O$0e}hS+
zjg9tuf28WY8pw?C#}dhk!5i}NSKh|@lO;KOBp|bxL~M=qqZ5^$I-qB)-<Swz4BzmM
z^EVOU{CFTU{yu`w@1OcVYBKn%d=va%i10iJff^J29D_NlL48g1^D~L~GtuuvMAg?s
ze-sg}uLfW}#osRV6rRE-y(jtmm_%JKA8kAbGL!sLL&#P{^CaIVqBKwPdk|sGEuhq7
ze}P8Y0!j71A;PhD0W#I!t`R&}In6&oBr9g_Nd8^38UAmQ)Rwh8!@tBN;?E2}|HtT|
z%JU3=B@y<gC)k?lXA)uS?*W<Z|4c+>b&mgwBtcf^_<u5q*qY-TLzOLDHO=v-5Mf(`
zK=WMxphkuQN%Map!q&$C`P{!pBrB%L2hql7Ko<CUlDJM^hMhos<FmjoC`s_$!~(xK
zlZZbH{1HS{U4WipsE7TT4VoAF&k<qk^MNe#J85J&kR|?mM6zPKW$^mvEB`}D;x@ou
zILLhE50fOA<G%98F^Tx|m4BCrs*A7uq~Xe+ji6_#pFxEE!Kb8U{?8iO1~SY1s~Xu2
zWVxSv1m_1=gV+nw{Q{D#g>Rg3HJI)fWfJix-LFPO<tN>LjR@!GAZT9U&yjj&P2|{D
z`imdXv(o=f(*r}MvC_XR^}KDvIdstTjbCOYdZ^}<RlY}rZT$i=tNf8fICgA5tNj%k
z!TTK6_}iI8?sHh{@0BFD&ta{9gos)(uJvyc;Yjf}Ti5!zlF=Wwg}>{%&M!fP{rLm@
z`OdFLBrEFqJkiEgAm96gnM88<y+2aZgSV~TPw>{(_5LhP25oKd^M9hOqdyz{b{hE`
zY;E#;5=k<isRa8>Kr;NJEEDSVZj_M=ZZzKP7aB!+=$B`aZ1GD=@>x8b5eBl=U(Y1+
zn{JtY?a^E+_$}H@zrG~F@6~4dagqdgvt;_^$8f1T@U>Sl(46Vlkfa3MX<3FyoFtFc
zfcq7IWcfXr(3}zmvfV#RM76rTzA+9pbLL+JnSFi%jdTF=li!?(x)<Vr-$s(J=fhpF
za0mMV|5ZueslZ>=9q_wJQsF%wHxBr{BniHBJK*=1r07D}JA_-F4)`BQ(!dJz43`AI
zn#U6Y2mG;;yb_T~C8Ap00Y7y-$5nT1l<^uwallXblyXSf=mF%QpUNb1X8Vvoi;1yC
z#&yUqJb^Pm6yoZV6K;R=TS*d@aX~3bo*2lH9`Y|s@&d&54%j;6SD(mwT7b{2XQ(8P
z!#IX<9r9O6@^(ZfXNvN<Kj~>jMAhJN|J6w-!!<Y>WU~Jsd)EPORdM|Ho^$Ve4*|tM
ztSG3&-h+zooP#y?L{wDls2FUqMX-PhB4DqmXozBoBC#MbiXD|aYitokMF9(-L1O_6
zV*Jm}%<t?yd*9*SCum~+@O|%F_IGAyW@l%6xs6AaAy*LccH=FKxDuS!c&8#L!D)^6
zDuNQ6*7%4bXHYJ#B|g&{n-oFmOly2z5tPof##a?V=}c>!&WJ0WX^ppD;qqn6Vp`*q
zf}~|Jz41js(z2M|xZ?=1A<ANU;}AuzB@IUtpXrSg6@i_nH+HyEQo+vC8+TF!b|yZj
zkqM1^17~{U)lB2s%;spGtDrggDwnTYSf8uP5ZkW4)A$M_QeNYT=H143%8&;LdB3sK
z)yyZg#>~dG6ggLW;hBvaDY8K8&dkOw7;$!<+1OiXQlFpMI8Ia9xu>1y&T5>X2sqDb
zoG6G{_Ez!US&dIIB04`t8qR7gjkFpH@)RMn8#^%KJoCfGI~b96-maYdv+)T*(vw9W
zH9o5d-f#J+@fAi~E<S4Pbd9sB^_GtscNQe&^Ks)If|y5p2c{3z(~ldEE=%<?rTSOn
zxn+ngi_aRTGa|W|Ml_!{u5ztd9xu$yZTy8Iqx(zkp4+&AB0cpbmbs1H7;!q!ZM;Zm
zQp?Y6{JW+C=Xs5j6#?gYjc*BJjv~%B7xNnDFd`bxBn`i4T=Ngk8XpnzW#h(W$Xr6c
zYCMt=R~GXd%_y5n)*NiPf795YNFS};-!!&Uq@?ZYH;pR@lJ>dZH2#heDbs(GtZy2}
zlp#xZq~C{Y{HhGGb`GPFf3(si7poFYF}kG;S(}i$=t)Lg8&w~@pa|Ni`sg)9&_>lq
z(-c82>Z4hTAQ$z~Cycn#sgDL-C;HglVIz`WAI)Jz@@0K&si@8MZ0EENwvIXolD0^#
zqYD&4i_|)LQjr(5MQR-tM>8L@lD6utqrC)S--t<i>*z2>q`d5mtW9(lBVw`bh^B4y
z2qR6co}<;mT?kn^Y7!(Zou#AcWvO~FO{*JNI?J+Uu}rjC8Dd|~X&3b<L+r~rKZ|}V
zNcwV4hv+y(utL=#>d%O?YKQ2`GCuo~^bXO4GQ>(>K05eDvAkXLJe+7&h>k5oen-ek
z(QS+jYj~LUziiLAa&)&Mc06M5cC8%UuSk!lXhnoltsG5a#ObqgwA4*5@24|O*D}QF
zvubn+BVy;_MAIqyV;OQ8A*)4iNUGEmR*&9M<hR3U^@(U!k3Ll7Yi%V~k3LhR&v~*k
zuzEC~5vSqm(Rw#KYh1^C;xc3mAzh+zjEHC2SNMJrJz9p?SNPV9o)@ISzB6zarCKX`
zRgr(u%VvLN<ZVWr^tGbGpPYRjWSXvJh_%mp(MyboeV!$n^`mKJ$Yeq`j5^-Jd{X;t
z6m?N#^b8u05Y0x>`igu-CoOH6ZWMJ@1Qy#UiWT{YZu!~Ww~eCh8F4yq6ipNw_UCt)
zbGutzF09U*M#nHBI{%Akei@AsnpDHC(Ktn(r<JZRh^A{aK@sTFHJYdhO0aA66eCWb
zuF=;*!}=^>KAp!{eO%kyEt<%P=+kBux{VUO$B5(882$1#o2seR3opxyzKzk=iu{xA
zCfohW#%L!+E~c5Lz1P+l^-#pVp=jp?jZrT~oVPSaeajHLk`qP!%8>S?PaIuPhO9(L
zlHp^2g{r$Eu8rC%x`9(kzE-1DTSpI-A?p#cZM5}R@r@m6Ro2dhw~KaC1irdm)JKsS
zRNptHRNF-(6=_3nHg;oVv?9yV3a}uP8F4n;E_z33xGcJJs;|lr>l?p{?*FsZM|9qa
zXm*I6EJOArWT&WjyXcHpM0SqaD1ui+c8)qQ;-v2!oh~#i-JUtwIl8h8vC?;q9%DqL
z??<wBi(V*04kzR{QJXtNdV8H;>>hOhLTmVTMRE72BO^}w?orH$a6X#&>>iybsaPK?
zy+<^z46);}J)$N-8aAiBe!G*kSM<Chtv{93-Myk$8F8}qispHI_KI5H$vUU9_Kr4X
zMD#h4^w}rcx(pdWNU!K9Mw(g`^`y#v(TR$*T2G|!7o8?Z+Q;n|jbubT+~#7x=uSpl
zjXNNk%!o)on`9jry<3J{NXWra@h+=#Q>!`K%O2t(Q5!|t-5}Bri8=_9N<Sp}B_kr;
zo+COW+Pe(7f;b-<4Jt#d<@-b(##vdS&uF4KB3iu+8B0jt=nzKS_~*!|uOe-=PdPF=
zUJ<lWM@FY8f;Q^NXb>Z=ypD`MWW?F$$Y{B{oj!My^rNCKWyphs921?$h~)HfLXM4w
z3({a${+}b{xabl^ApN-LYDS#&<Dz@Z_}KpIxae<Xh;5OM&(PS`=7eY}(}=}hCRry&
zyNzcbYdGy`X(3OF4panf%Sq9>j5z5hMOO+9d*<uJ=cMT7GGsa-zmFa$LuL_ja`a*u
z@-ZR(qM2pLJVN?sI9r`hi54)8=)8bvPK|o~MRdk&>$GULBFM#Q(N~JV>rRXM-D6V?
zHXG2sXSgcu)I>uVarrtux|9(qoi;>sdUQt_V$a~65ltvV?0D?VXlfZ^J#%n$_FtVR
ztVn#$jxH@j)*$4Z=<kdSYq0IJ?YoCYlNG^uY-seBBJ<aj@z~I4HX}~wq0xr-I$7%y
z=b=##Mx193i~h=p<ZD0L?;ajKT83;wsm_fiGt$&*^AiGIH99|fOA-5$hFwQGKbkE_
zT652jwz|(rkBHCt(I7@d*0zLP5PibPU}NV6dlPbL)Zu<9ix;{W)0dDD(Lh1cw(iPk
z-~*P%)!eJ1a}>c_RaZq9DuUViRnZ7V(92vEjZ$PbwY~Obs;i=#6~S9oS4Foo;;edA
zbjgEOx?8EZDw@cM_~CJ+^HtF@53z=<vz^^s9c?5?IwBewZ6SymMel3b6{?ZZ&Wd0i
zU}V%=5qk?jXr5BUo{<)0w})Al*+W;%Mn)qAVd=I77#ZDKhS(P1nhcGtP1i;fnMQKa
zk8<&cXyZr3&Zs-1qOBD{3ot6`%ZRhjsOV%ygwH_YGb)-SsaT&Og#0n;_^7kbHH6$0
z4Jt!yO}Q=VKT)KkE{~1QRAefh8Mup5jg5vWg4eyqMi(oBHP5lpRf^zsud&f}ir{sx
zvC%Dx;B~LD(Ktq2zQ#s99<%yLzW&P64`M|8+1l{-Xk-~;e>wDysQ9=`^(dvfGdhBi
zVGY;+N^aiW6^&HH)^2;&`mV@4VN*HjcSQ}1xO#e5v^*oOE{}_LV?;D;B3XAwzY{*K
z@T&j#sGlOM_oY+tL^D1bBuH9w$43t{BC`I$G@mfyWZfIxG|A=bU81=!n#4#`tEGF%
zXn8{P93#UT=F?029}>-k=oLlqrtXAjsv-kue)<X1yeE88eI`UZ{mse}>9#gah^8<i
zIsJlC-5)hHvBgs94@B)0f%FHW6%?`3SEKTJAnGhg;Zl|UK(s3(lJ{?k^8?ZTWk`u$
zKY1`ZnGt7=hoZTRh(2wI=HV!K(%EM@LLQCQV5F&V2%Yv>g^-ESW`d+SofvJ)h)D0k
zG`$#cvL27FU_@kXNHkAGH<TgW2>Dy|w(w~<a=47%o1&SD{OUC6Q<|br7;!$<6va<D
zJKH+g6rIk9$l8iHKN;Q6NK>nW2GYJTAx}k*DH6Rwzo^E@(~6vu(!3-{n$xGEuNiUq
zdMavo+F5Kj;`4O06C+K9No29T2ze$tPmq+)Gtme}9G_>RO`mam_NP?OMkg{NRy~xE
z=c0jS$dQEnJ-U?<>f??IOg}<ijP6pzzFazhk^2-mf$qN#W@MrusXi}88$au8XjhhA
zjIL%xY&e`!y%fF5i0E@MAumUtmm&6S#y_HV&sjcAt%lJ!!dmr}Xaz-%Ck?GWuSA^%
zNu|FM?Zk+)#w*bXMnw9RlxlMH4@N}#C_-M1ihpNWh3h_}mm&z667^7IKIw87BO?S!
zWlf3ZFydrQiH1DyEPpShdOdoa5s~#UA#X%4mLX3PGBxV>g5(q@!KO!D6v3~POpn%A
zWZkz5<~2$+J?bh*s?YT397dcz)1y}z5$SJHsu|H2WynlI-i=my(dqmdAv2=`8EI;@
zE1mteqpw*}A4Q<ytms%p-n*GzBB4>!tmtGxQhjDc4>98OnH8<@l9Tl{$(kMQ%ScnJ
zFSeAm?hm5gf~0&th#qD{a$!$#e-J%ahS>K3K8)rvBBgBT{M<jI178-aE=S(dgEp$?
zM12)05%NBzniCzb$f@)?oIU$JCptxtRQjCA->I1sjba)%{+SbP^oo_`aylpK&WPw!
zPx^cm4PvCJFqi7Gy#?@b^q3&2tdFDTJU$;s>rZwTTblU%D>{Y|vBu8{`6TLJhIAz4
z)9409np%CXr876WO_6@H<+S14=x#-}?hu%DDAnBPAwg1o=0?G**?i57mSsfpWq*fw
zUetpT(Pwi)zKHrT(o|?mIqgo!m(iaDNjZNR-NA^n*q6~mj0opnQL3+^Zy0f$zmD3y
z#$}pvo*(TYNXmJBv>zjm^Ze*MMuhWj#QB@(DMo~|y_LBjdb<p<bNp|kxr{Wmx?k4{
zzKa$pGEUbDzKe=eSf5n-chPQ)IO*R-tzLH}xEDz`@lK31wL<MK#61*gOMYnEx<cGb
zkivHf{l+CDH!Cujem!%4;!}t}5hRsfh_`)%%Ztwz+EZSIxVIqb+@To1z=&AmP~uaH
zmwuCT(drM~r4H7`%PC@irQ%4Usf#-clFF*9kX09-z%(xJt>R}H5n0C(pQYlZrdnBI
z`F@17j#n!~&L(7;cn3zBTCLtw*0I~izflCOMEiIjMeIxRc6X_Le6S*RU)Y`+Y9Ier
zkW}aP@zsooK9`fM_VKHXh|adR>JS&+avIt<NPix8X5=z6lRV)XO0|4E;BB!OPT;H<
z4^afWiYvw!2$D))F}|J=k$w~LSuvJh@epg+^FJ%aQ@m6w#s2$RE5-i%S}VuXHI@BM
zQu~%g$9Sn}Rzs0BmSlB|S13d7A!OCK7b7Cwj&?f56U&eXiKcV>iXaUGH<q(TtEI>m
zWO-^t&1&%srLiYf9;Z~R#d8HQhtNuwMOKf$WyFoO)`%OXTMeDJtP%H`;dFkQQgw;1
zW<)f6k&s`+w=yEB-Xvu0coHK`t#-Uk_LtX-pHl=UxYmnbQRIqV@>14%@l-|jpkE@g
z`#bB!?<w-C)`IooIf~3YTh2?Y7td8>Qi?24WP6&C*}ihUxcH9v#(<eX+9>j?6zQPI
zYV;P9ZF|>?I|@?RidJB3o4H<mq#&vPtQY_MUCa40uHCblW)nfuU#i+L-ir}uu?^$H
z8F3cdBp$>_Q{hm``{%@`Yka;UvnlTj2-z$ip~zgyX=ydO>k*GBL)sFuMLb@Smz1Vk
z+*F1vM>Jc;FDkMR*~ju}jNdCmET1U;SdnYVK9(kqgZJ2m1&dgkByOWfPo?P|cP>LL
z%~tWciZqf{I}x&V+*Og^kX6?vWSe-~GGr4%wvBs~ArT?l#rrdInR)x}g4v#s?c+XW
z$gc_cReZaqvgf+@C1i(+_Hc)I%=<PM&ck<(*PLk)sg(y&s$Jq88IkhpL&&aizcQpB
zA-l(e%aF4P*)zU~k)~Ep|CL^5BBW=0r6POMYhxEO@<&BJqZ6%m4ZmkRMvy{BdPmy!
zDLv!Q1xbCZXN8aTj5nE;&Bea)){JN?O0s&zXE7qVxQ3AZ;t`BA75+SkPQnwie>_=`
zRM!6STa1W(#xTu4%a8}@H?R(f=QAR*?jo84<1J^iZ?v*!Q|-$_2gN%Gl5##M?!kx~
zp&b;DWkmSgOMDKBCzK%*2{|PGiV?|$Z4Z0L7kpr431ZJW9vWX?hCE5B4vQZsLtY@H
zPdrr+{%t|4Vc+-zMfTW{PRddJ>KlKm$Wi2(wsiW&3m9=NWZ$^=hgr+_jmI-0xp;$Q
z9T|Vhh`U8{RQ$Cf&(H~N+cO>&7yc<0>vf$-KPqk`NNTa8;yoF0zIs%AC?g_k2FW@)
z9xbT~*U@U>Y(kESXESn{8A&6(PZ;Smhh?RlkB!%2#Bn}0-kcHPJfBkiE<ROK6&@yU
zDXdN__VN85pX1`kJU++8FP8CXpj5}l?LK1Zh0&x>sST~_$9o8p>T^Q8A0tkm6XKza
zh(5~@pA+Lrj7YiL8h29shVV&i+{y7filD}w9DgWCD(mF9&BxgiJUKp_5s|eV$?6wB
z#)ymtS0SW-{Int%ef5uDQshf|i@^3){o~ga8AGc<g3M6F(0Jbdihcihjv%Q%{p0Qb
zmDQ(zJdhF5XAP2mO8g)rlJ|89IW_)U8L|l>r^RnFLiadGmc7+7AbwYoOI7-Sc#a^c
z^a1hupJb&Eh_7Hoq({VgVEhUrO@(k<dUb)2GvXCKl``F%Uf|i8kv@vp6<|A)IwKw@
zNGj`$iq`myc&?_h=U00WpFwe(&xEr@_9J9)+*gr=)&`FtWJo+n5!=omN60zxil5t5
zVxKzt-#PIfj5v=vC+^LN<m+TgH8j4yEY$!)hQ;?V(o`5vzB+`E;qg2{(p(IW{kiAx
z*vz%kUCTB+_Fobk9{Vqeog3dik5i>DiJcd}CP+GRxG-+>g{5&XiCq}4uLxceyC~jU
z5!@2JI6hVp+{V2mK2wnNw&|ss3uiGPVlivOOXEv8mCF}s%2SQ5pjnaHQad8DH|kCc
zEuV*k#>~BfexrtwNsJ6O^J#ZLWOe@1m7x7~<4fZXUs>b|GmFaNd@75};;j`qpODK5
zxgtK6ktT!R4!$y;!pLCr_pUTUqV!kBTYqi&3^rdL0Hob~LEhaT$gzs_C$5qTI-hmD
z<l@RS7oG0)ku9eI8Kr#AJ{o+cD00v-<lU67E8|ZT+3aTeWt$bLbmL3E5q)}(ryUQ{
z;Oh8VMZP;i#`9Ole^X?+v6AZQ_<2S8Eib>oJ~E!7$TI(?H?fG%$oQTG!nq3}Hec7r
z6aOv98}!>df?OCb!}hsZ?Q?xRsVK;xlRz`EB*^h8(z8yGb58}$ZuNqke<qL#iky<t
z?9?DMr=>LaC~_FREM)!W`dIv@$>4XTN5>7VY^o-M-;5p|?@eQ3i{O{0Z%R|)m!|)e
zBKQ^QTjD(>Rr-6`x5c|Fg5S$_2!1d7Hpptg?`1n=)K&6(*|$Mf1AZ?X$Yti`$HeEy
z#@#p<&gaL*BN!QBhR|<M-$CUyHa@3~&8gHc>n(T2mzE)q?@GHc@rbr!4g41N-EqgI
z#j5?uS8bV&kGE<kG^f*ggCIvTGR$nXJCGZd26i4F-^GZlJLBW&ilFX{k2hXcWTEbi
zkLM`T^I~w``e&-om$U;z`5GS&Pz1H$zIc=(s3{ZThW5(&PWn}ZfNu4~qZK)Z>V+-u
z2jbfmX`p$oMIMa5R%A7*7dF*Haj}E&xn?P8TONszT}hC4sK2n*cqBeok=>68%u@7D
z#UpXCqtLu^JFSQi@>sl!BB#=x@8gt<N%4`2%qPUsJQ<JfB&qf%K9=({@yITMtgf}`
znYi081UdE!vClK{97V3WgJx3q+El&Q7Mj%p;qzSlo+7tuE}nz0rnTTXcxGA)UVtAO
z)Pk4d7uU6%n+$5f%ixpNg2^d@S}-}SDX0aLAuFu~4nZxL4C!etm>kb#>8`(cH4fIZ
z`V27x&yccsHEylQYlPUfi&x_giaeYm9Tj<o5L@oA#%n8bz9O&1hcn`Ot10myMy@bR
z(;G@pQwdIqCrBz@d3&Ca*L5XFe&^A0emj1@jK;nJI4%CB46!fuO^-XQZ*wusJpFHa
z;hX+9BmS)-Yxa}%x*72>Mexq#jQCbT(sw3j#7{9I(i6)3jCe*FV$W~96MrH|!wpXu
zGm(&Y<F6QLGV9Q~v9;K{al-~u%Ad6l%<m{0@5bF28D{pUx??@_y|@P>GYcKxp_8GE
z93(Ui7i=4tlZfcO_*hM4Zx6jj_IWRUNNMakl11K+=PGgpAyWyN8E>~CTchEA@>R=c
zcHBb{wzHK!J3g)qd52QXj?Z9ZW~=+uh9AV|3sU%CufY7}AGD_sk5=S9s+Ers^3V7Q
zMVb`(IG)Lf_}E*M=<a&_bs6#zA@kx68(9ryZ1Vw0pC6B9WEkJ}UO>oq@hgI`&S#P7
zzl%Rqnj`3Ue1bKo4N8KIEuSk)J*_G=Fw$C)oj;<p*o<^gWc*a236fP95$VelO_2PO
zkzoxbN@ZuG#UxV1wlsEUq?l}{$V<dWkY0?4w{#*t#iXCoY*QzE>XS1RDbV?-iKJ_N
zGE|Y*rpRhxeR5G5pLK{&eKKBX%$roETM*JZc}S6g18D7wkTyw^BI~|TFgp^`HhEEz
zojTK<$mi%ctds7WSo?^Ew%nIael3XEd9;jwmQGGDqq%}!nOP<|kC7&W9<5z+wIXP>
zmQDQo_#Kj4%lO!qzeDmcBf}bwI8sJU%O!tP<ak1C?OrZ<UXl1MsXNOjuPU-VA(m$O
zWEvxqiwDWFD<lh)=8C(;hASt<O>Iu)9s9lMCCrtRHj3D}=S2Fpa?*hj;bS?koOBk%
zEb|tvZP3ni$7I(snjU1;Rg(P~nOWFlhB50m(dqQ$I7VD6x_UB5`LrDzm?Ox;S5I1Z
zv-Wm0Yb0aKQteBe*GTSX#PtPTk{6Xvygr?UB$~A<?7Vi;_LrQ~v@WlmbP>eZ`B%R;
zjafUnNs+gS$Kmw1c5;Uz)2KZ>nvivp`xM!4_rRP;$hyg6iga0(#?OSTmprS;*CT~y
z{baHt(KUi>kW5$PTzb#pY)Z9Z(!Q(JaIhIm>u2`Y3N}hMWJD}~4r#bak}%?YY|~^{
zMc`w<Ob%c~Y<K~2-aPTgqFW}vFXMbDjnKAC&MZUreVrZ~OLno<mHIf#*|y<vGE!(v
zE1DPVH{F;dnNgPNDw5Sb`8OjoT3xh{?2T@d)NN+-HKVY~<>FD>B&!J0>I9nI*p`2r
z<QI%cPOm3E+a%j64ft%I?B?;=KI!lA**-aw5y|_c*XX^S<R(UD7QWaiF#mejn4OX*
z%4o)rteunD9?h?lhRvO~+(R_KNj77|@!2amfRVvw0F77eD`7p8fs)FsNv+n-?-{dq
z@|4naQDol=&)hFLVGAeAdjEdOIc12w`MY28UK#Su$HwfR?ADD_nPqkj%wweC0m)w#
z=}PC!pCRO+<WWU-96{$h2st=;t_*pZkVBGQTM8fh8i}PjEIC|}E&nd54o{9#Wb#ZJ
z<q=Jv<TOQW-Fb_UBa&f^$gRV}=NLjLEA;P)`n3<F+C)g-6j@r4qmog=hij#!IVKsy
z$P)ol{Vr*Ut%gqoNOioX5^u4oPE1biE;LB>`((_v*;M^1WSx?HwL>=5Y02#0WK#`D
ze!j0o+<L+pNoPhTnO)bT*Z670?2P0PM%<X~jAl|DTaoIX8d6QHNHwIF)o0<dE@hf>
z4X4zQ>b;6o>+e@xRyU?8m-S5zsT%gToXb=7U}WL>I<O*Drvs{MxIWXA%R0G+RD&u~
zZFgXGSv{DhT-L}MQr%pUYEBKQzN$#I^+DA&+>L3<H5^exs?imxX4jBvZbhp2;OZLg
z#5Cm^URpz{Q5C7)tRdCxic}jPQeDHCY05P`r-oFQR-~FzL#p>GQmx;+x`y4Drd-2Q
zYDjfXMXKj&NHwJ*)$)f{*RTuIlxui+4XIA3NHw8`RFf)Fg@;wwupQHsYuKxXRDCK^
z-Bd%WaTTe)sv%YJaGQ&A4Yy;YycO-ih>VDSOC!BAlKTW{xRG8XnMmo+Odc(xvA_0y
zW-?i6a0+Em@|GfYZ`7t5l)PV-s*aKG1ToWTZ2T^b3I-)z`dAHzF=A;3Cp!tkzpXQZ
z`tHHW{)!B3O>Y}hs=>)1MF#bgG343FNJY*k#J<;bcJiVkFZ7mq<&b2yBCiu-X@(@7
zj}Ylk(h8>?%bt^bqR7N~bl#0*4Nbmc#QlEU(B#11aw;B^%w?L9f^aSt5HdXZqzti~
z&rRC(6<OPKrh6`3=(p69QH%^WlW7g@yO)f)DCv5n(0oQ3TIAxSpCBx&Ev337xsee!
z!XJ^0Qv@UYE0c+eU|n=%((x$ESw=*iiO<MnJw|4>!p*yDl1E$H5}4V_(96k}kkZ#A
z-Grvl^DATa`P?Ggm+@JP_*|PD#fa1Ay5tl^pwIQma7Cccjmd+Ih}UgFd~Qr;dwgz9
zzVP^rNg9r}xo9%r^XFtZBa*LOh|iysKQiL-bw~0iMUbyMl5v8h`MM(+c#N};<#T6p
zIU|nGxa3+zz-L@?vmhy-amk!x9iN`W=kDal-#O%1Lhesy3)1lFFgY#uX!4yR{plUx
zi)i2c(WL%3PSx;GinJ5NTzxa$TOvM>Cf^+IIA2D{<H@ooNGjaFn3Sw72>Z`9L^CPb
z`b0}Jv+x@E;c$A*=GkPyNfwc^xRYp}Pd5L(MO>M_l5DRC%5-wlQxTNKl%x+MgUzYB
z8b2kO+RyU2%#4^t+7ag|$wQOd5F+JeSN`8fOn;GuU5_`Dc8mzkbCl}sWMiel{@09T
zke6ykGMACTrio^ycFy=-a^EQ~Usl$8$wWq+|Gb|(RYtRb)~Mf4{^8NgPTph0={!5x
z`c%t#u=)Bik@Z0`ni01{_d)WNBFNVV$-vWWsv+hdO|oV+N9Q|DrRg`)*>K9~oa9!f
zac{GHoZKa;xCGxOnvav`7#U_Zpm|)k_h}_Cd4-WC13sT7T~8OQuJ9q<52M=qdD5E^
z$wkj^jG3F9pfpG|FB!qeV6)Cmw6jmLzDx!Ul$<U{$UH*6PIfy(kV*SedD2?t{A45}
zO$M^QNuFm!WPMAi79=x-roo<>97d~H-z6U~B3^gvT^1>xX*tg<Os1E_b}Ui@)V;4F
zqY1I^#+&ZPGa{+%dse3Vg<h&c_kS_cR6wdi_pg+u)3US*_zP<5yPtHH<l?2%=?n<%
z5r*CUmA6v&^O#0*(Uww`x<AB-s~7d%I}EaX+*(sZ_xlw=y=dLtpCPvHK8I;szuda}
zK7%bE*Dp7hst?nYr+U7IR8uQb?QnK=Sv{GiT-GBsq<XF*)#gL0%i5l4%4OYIL#l@=
zQmuJTby;1Rrd-yj8d8m^NL4?yx~vXNQ!eZGHKZC;k!ofQspeLsI$&6J4Uc4+at)uV
zA=N7tsk#oYE^BM1DVKFi4XN&_NY&xo>asdBO}VT=HKe+*BGpGVq*_ps>ag>wYj^_F
zlxz5E4XNI%NcF4ptIO)iH081$s3Fx;6{*(0z?apH5osaq?_ad;z9S=U_pMDu>({3H
zflTA{Y191~k8^XWrc|Wb;livw&86zeH081$uOZco6{)&kR9)6?Oj9oFff`ahRgr4*
zi>u4po@vTujjtiq#EMiKUQ%6F%rxb)#@3K(LPe@IFRd=CE7O$Ay0L~-<0?|EdRcW@
z>oZNctZQpXHKrofa+g<^)rDy?vT8^*rXp46E2_&{pJ~cv-B?4aaTTf79#LIZSEebK
z)#b|SsWxVs@>I9fkm{a_RO?<<T~;@yDVMeO)zwpVWt#F-V{1q?p(53ok=140!!+fx
z*1e{Bs%}hEo@(uDtEcM9H07zr){tsKMXC+|P+eBcH083!*N|#rMXC)()gX&$%4OYF
zL#hcCsn+>pby?k*CL^ncR1+#vEq7gYSzVZ>T-KE}q`J8xRlDn}%j(E9<+3iUA=Su=
zR1Kr6%j&>1<+4t!A=RLYRR63Y)mIg%dfiZ6!#+$?uHh3kq<XO;RdQo>S-UY!xvbl2
zNHw7%)fzWdm$fm|l*_uLhE$^}Qnk9dx~vtLrd-z08d8m@NLBb#by@A0rd-w;6{-9=
zew*&+F^!C1m!mm;o9-hSnOQjYR9RbY+x<_9*i~!0LfW?bctKh{aImbDw(V}u)Lc2y
zuJi_G>&<Lf8GoK`nAq>L4zk}vbIvBs)A@Wpqq82C-{A+_knW`pl=KU%QB2XCw~7r*
zW>^;+R?7AHE$;Z3?M1Jz=<Pn6uZQSlkkv!tf$4Z@dAz!Q%MTGdJ#wZELo;n}$^V?6
zOSri8_xatplgL5%H##+B^Rq0SF|^?d^k>Uq=sgl|OQ&Kje$=57?@zB4+V5M^3)xox
z%g>>J%IV?bvvjM{i4#kA!WM$l={t(kxj79N&}l9kznb23DGxt?L*kI<^T|uM2A#yR
ze75T>=@D*xp2)#>gbUgU-Q#qc$EHJw{35*VNcq0MmUAQX3(ToKEZ@*PI8x-k$$snj
z+(W;*VEG~he}s*+>Sw=;K7m0w`0?xM#Hgj~PNx;iL*xVYgMNR$Pv{0bE#Vtnj{>th
z*CTolX}aY{D~_~|ZTa2%wuIp0=L7PQ4}{2vAL2Vg|2z1hTzq}uchCprfOHZDW^eYd
z&}^>$GH_X&FK2(`1L>d-LSL`FxcxzSxbWLgg|F04DyL1Q+-T#G<*hVC!d4t7@1|d4
zvwHOUPQTMRENgE+{=l~u56uG?Sbjy*ht_IsJNL#r7N@;At$(Nw@MnZlFX+vF_3zt%
zFLH$+y)MLj>FsIeOZRL>h~AIUO9)n<W4l}W(4gIcT_&p^zd(1ltRApG<RZ-TH{UP!
zm?(N7AIKN@AcX!qt|j!RYrBB@AmtO9v+0cpt5+UgE&tF1auFV|s^uG)IV;;RG*hn=
zInCom6LoC<`(IWSJNJJ|z9V0G`YtZKTE6e<YxN0Cd-hXT?kJBuyX5)VSwo2(l>@?V
z+Ws!C{M5<^{^`>LuV$CL`hfOl*1x12=V?12p&JK%aGQJwJ=*bF!wmvSj}ZOiz2ln4
z@%<vYv1;uP`FZl7S2eo4^oxo^{$})+k@dgc^ooep8zJ(6c3SYjNIcYfPG{4v6nmgN
z5dWd`1^x5NU&axxU%0Q2)iW^vI9<x;1UfNd^E;5vHQTV$P{I8;=<ppO+B^6&!tZ#T
zO)pA#cKvC_=^g~<17Tox>t^j0nuE>~yZzYTXX!XOD;N6tA<cV~9`>I|=b~+SSBrl}
z?{k&c3y~L?CwrFXd(q=x@;HFz8`@q$&Z6RyK1lf@zo_3WjqgJDn9A+;effx7*q=^q
zX?e(ei_U&&eEq><|69+na>I1IbO^mkWXlEZlf>!FIOFt=p4M;l^8<Oj5}5Dkls(sX
zFaG+@Ql7p&+I}tcXkX5x-_Eq@(Y_%B-u?>t4!!&kdfh$C@^$lyy!g>)2|s*4UE^r?
zgnwXOrFUYjUblZH`Ple#2_gRqx;JLO*NT5bH;}A;;{TypiRBj4`abcW^qIcDrR^Nz
zQf{HH6BNy>`-mR+{v@4uuzI{e_f~ECCpiqw^Bj^NC|}Uc=6;s+;Q6R)Z_poI$bRAa
zE5XTsm=E2bI85YV9^Z$~=vlevJT7`Xs`5rFJ?gu(YoQr*ujqe0w|Ddc#qJUZT_d-D
zp~3e&9O)3gv5WB8j_!V0eU3fch9Uiel$28zr+KqSH+!1Zzi75&`jXj_)7P1$E-O#(
z(jBAxTV=k}c$57#G)M21)dzasaIM(u7R@K@4IJfw_`078ABoc`op-FBuKZB1efqt$
zoc{2nr4P*(M_E2a^Et1>l+4r2r_Q|0@p=RP@PCPi#+TnxzQV5|<qtX8klq?nzZ0Bn
z)L5SHO1oy$!(RilBG;=>+q<H+XC<{;ov!EAYkSt9^{SN_a)*_-l<7XmhON!b18h0b
zZ%^`i1ih5U{dH(|<MCWk=}T$8_B+C+3(SJIDIj}Gx}p(#m5h`_ot8tr+P^{hv`YEp
z*;mTT$%}Pe@(nr@X62sBejA#0D_A{>X7A;#{w4F0uD3}&rQb)@aWukg`w*J#`bxf6
zQob0Ee0G=RTQCx$e);jx{GIN&S~`rQF~0T3H?p1-n6}&>Ir@H&iyg7vw1et{e(~Wu
zg};QsBFoFu5Au*7tQSb=<RT7#L|ob*tcSr~mG)WOc7nbEt$5pVkkILiIP^sv`ex(#
z`sS5WUb)t4XS4$nI=#^zNc$S3?JM+_(9t7~_CFhU`9iyl?`ZFRIp~MbZzfv*UfoRW
zTx<B*L6$x+dFkN~EwyhR{o>{)a?swo_5^bB%0ExPJRJN`5A*2Ij^%wvdW<)*p3!BL
zv?J$!(p*U68M@DJ>yLcLxXq7Kf577yH;x1S^%=h4NBx50@F%HnuATUsH*WIVP1H}&
zecyb``U|~;#p49GF9CaEp8rg5u><0#tYPD!0giF=a2?lSpJCrAVpn`0bB4q*ZU!B~
z?7Y*>hcV8q?R#K8r#FjixnaHs`w1T!|75;{4q@%-F;1&ZPGDrd6q+4$yo+?uM?!k#
zl=m-ayvF+%MbobfWrzCl37gx{>FM(uJ>BLzFmG-u`A0t_{t}u`w#ecWIgasv(adXQ
z%e9o!<?$1`mh-Ev{9OLB<>qkM3--&>{pZRTdcp3nFZ|B8Z>@B-<<qY(z8#!j*DAMG
zI=@`ezO@wpocFirzDg*5+D_-)vVIeoNpr>jWk24nH_Cj7UN7bOjq8t4KOcBm_@Q0H
z`YHDH5yw8Y%*)+6vrp&8ksi3r--C4ifcd=7A9yx&>lc4HSlZpi#Sd~|FU0foLcS3C
zbikz@3et7?EKcjdy~O^YL%$9j<%V<%my=&EdFfCte);?Ky@rUrvF|*eUQMy>Ekdae
z^m`=Qf4{Mkr4P(;Ut7A+U>{8OW$3*n<#&Pd@%L+Bhg$JO&n@`$z~y{GU^Y5I^3j=I
zsj>P=oYtFoeT-gGKGo_A+>blDH*~&-5cx-V8oeHG?K6~agIRv7tk7IMG(*%5Svp#m
z{mP~*ny{m!J9|ePr&s@{Qb3{b$GMEqMD`BRLhx;P9W^kAb9&l0Ren3(D(PMrFMKiH
z@I&k~$UZO4OZgl~Xzt_v?xJ~2_q`YXy=2~I|EM!l)lZ%dC4b|8F5!K1MW43qBtDg1
zleGDIdpp5r+%0<M<^O)ok3XJ;pWl45^4D`L*su3P_^TiKe1A^wby@x3uLy6|ef0-<
zJVWDJ4vS{1ttCGRuRjzF=ssZj&<I{MlXM&;>1jTs^axM+rR78CjS}Gpx%+n4xSmTm
zb1R9%&e?Mg^eb!Ih&?b4MI7Y~9CAfZ=o6-T`gXzm0s4RXwv`i_8+qNNXdXFN^tx#}
z!DK&?7o_$<y6bqoitgii`>o6IzC7^2NSw~!sGZSIiQGWthN)c06FWNj$mb4smFtD?
z^uD&9`}t}Y(SP;JY`$O*N4H)V`F^>s6Wy)r&RsZ8cV#&q7{t;3gYL{fTfRl}7OxkT
z(sLJibRvh|6=u5xM$RdPnyzTp)qNE4hd|fY=}l3#Z=iO=x;w4g^LT^K-xVYuGg*(o
zJlx*KLnHgH#ndnH9qqz5tVhwnjuNL|-C(<hX2i8(U!14%<-M!&P##jAf!ZxJeYyQE
znzhG^|N7ro<MRhavzC5Gd4u0er`vo4>3(vg`4xMFM)aju^D{X8BD2QtR=e!HvhW#>
z^?#1jK7fYrzGCx9^GJ=q&*x}dJn#F-Iv>RMui5VOR-dL{jrW!5cZHOH{pwOq_<kp^
z*U}pT?L_`x^t_iJ7dm=jQ1?~*@8>Qn>Az+^p=rOWjTg=1$`A6P59A|`@6ZR|5r_Og
z9xD1vy1*d*${?v<(>Qeb&9i5F)psiEM}Dg7r+GN^TY2-W{lMQ(cQlv3D~FysegmI1
zwBJHL@jZ_Z(t%Dwm;Yz=ydlnmAe40UD<pyV|21tSgdd{Zq`YWdM(t8-T+S`H@#IRH
z{#`Bip&I{0<0wz~A@(=XzM_AsHSDMJ8=UV*cpORjT}#So;tP^roWJw=zM=JV)AmA#
zu+#I_f9bcj{v~)F_oMVXL`C6ykA@vpj?WkIOL%{Z_Ca~Sk@gdHye9LKl39t{|2lIQ
zkMHUY&J!;CmdHoAfL?~P`kdZb!bi0p`k~*xqTNJ4DeYfqHkdB?%Hs4}g4{2n-KX^l
z)mQqBlD4aLX1Q}jk34xIH!$+Op#6*+4{prk7&@nYk>yj;_P)-H)o}^Z58Y1WY{=t2
z+CS2M6>`x}NV{FseywDLf1UEL*M6<RY|3_PmCBLyPA};fi)Kr1M@nY9;a0xW%eRm8
z!$kx8T(09!zaN8sD35C2eL2FvXg<_=0KOytQm(Y`%KDZ_V_Uv;nvcqI_4&Xrpg;Hn
zZ{A<R)DN=smGUm#vpIhYP4jqV`iFRaQ#7;I6o1Id3oGmbz4P(|{}nr+{43?=*-7*$
z8qv$8LwUT*<G!MfpIp6>a;(>SMZY-A<C{RoIT+Ww@!3dj*ZuKXDIHH?9Ct&rbWX3-
z9y+eXd_wH#<{cRK;5+j3JFTxGuawpw(D~^Q@6GAlxYv)P96|5%Lp>Lq)_r+g=<2!X
zRj2j4Uh8*5s^9fTS$_%WEoJeWT@JN=NWVwK=jp-}zku&)RN`1?N4tZ0>q+&(&yQms
zwBBhV=eZSZ7@AXhTKb}yLvMZ9_740O7v1PFQosE3<T#Iwdm31Gkn_cXk#oACo(C@)
z$ydn?y-@Ne=fA7dz03Vcbvm3o_s{R+ocz~1zxU6{FKRv(o?klmqw5+7QNCD*$_sJc
za_Xs4-bD^WGezgiV(-BG`5h{DYLiEBInjCXI<fE2OgvONIv1hm?fmpd>3FAFDE$rH
zzsb-C=H)9zuHf`*XMApq=EL0IRnp(mPW<ZN<0XHR4|m=T>uBQNq1mXf<zLi%lr$f8
z={Zfq=i}XZa^Z*kmQp&gBfT=t_N4PVYR_NOD?QeZ5(efuwJYkA)HgcEaf9fMxY#pH
zao9&fdb?cfvmZx&&W3@Jdh5yy_a$njyPM`+_DuG5YF~fd0_!5!50o%4w@;LO&DcT8
z@%x6D548EWZ4K$ZM|Z1FXgX>C@T(&&|G-H5=kjUkZTq$50Ff`{C+S@~NBam<M9*67
zQPgprgs^YrdKt#mdG^Y~QGcb}+&z#Ur-+^fz6V3M8#NC42l;#(=;@tmZr5EL>)|J9
zI?&@@gHJE<Aidv(b!G`2K3nIHxVMJzk-M$^>E(T1_b3=Y{+50(-X;0+<G9!GijLp2
zcBkKP&cWq;9QEURUIYB|>@9SGk@bE0ohJ61!1N8oZ~Qpyg72^!LX=0Xap8}3KZLZ7
zrsoy%^v=VpmFF8=9${Lp_dhJ<B%v$UJpR5teET8all5NM@k@yv1rH43+3(ce^{{ls
z^uB18zVbWLOM4m`^v6i&<7?4-eYTxI`v*G2B@E0XdM@3Mqnu<P0sASTj*n=Z$K$4w
zj+<yatMyUjxcZnE|E2EVpnsC_7t#gFpYApBxU676kACiyb;Zs;F8vAVr{7@*Nk^~g
zt6jhc{W<Id9O-@B=P&ZX7y7$)NbKV7lN@%R_#e*YV0?)F(C;62P<niSR`0hWeuv&W
zg`R>h`na}Vj-D8=!XJ<0^S)tv-}pOf1Fhd}PjAHA_V7&|Z{wUx)*l=lzMrh==FO3I
z(#P@r*Xzsoo_v2WFo?^!BRaRarRah46FBFYSI_fs__g28NInb3$I%`lM1B#+x|)PR
zdjCF8{^G*(<YNC5`-PYXV0`e%a4ARNqt3PQAl;A1#zV8M?sxil(%F_rG533eeiyn@
zN;gRPVICvnVQLq2{b}=)rJSYz#CW-AgdhE0M9z0fUrO6Y%%^<*DBs@wM2^gB!}LC{
z#NGL_`Mrg%-#s>@{XrVPS$p~E{Bp(qCideIqMdk2@A3NOG}Hc=1<8>xFuz$<+QmME
zSsdZTis#t_{X+BK^X-Uq@FRr2-tZ^vWACw&=!bjMs2?kFKkCjU;G7N00pnx%Blte8
z^K7~A8>IJrq0c6Kew^M#&~Q_>XJEdHtsbE{JraE|j+Ju|fjL0;FR|Vrp?fa??Nc5u
z>y;R<(|LqJRu1Bo{k-Vs`t1Vu&-B~v^jj-dPuSbPcLco~cz?-_&vE_{=TRWP{h7i~
z@?S{rC%~Td{5>$64-&ez94{Ja@9AaID&L`xq^ENv+)v<sjSC@9=$zh?UwZYI^BtJK
zzD(ICe@0yF5a!_dbkGZ-yiY>w3|hYsPI*V<AuPAIosS*b-`a)h1>2{f?Ks{$!TDjd
z@3`LtdeBjO#rx_-(@N)UI7cq+0n!!Cj(Xlf$}2GMbrbnZ?`^}tOr}4p56+cCudMyU
z^d1Iqyw7sPuHyg5r+g2!+=^<Sk`cN(GjeN@=hF+nqSBR8I>^I#Axr1{Vdgl|1AY&G
zN4aGAxO;%OCzL&3Pw%>L{dV^Qk^W14KLP3F+`DTJn#Y~I$8;VJJ3Ym5S3i*c_uQ_~
zFV|}O^0Dq;p<UUA@7v&BVrWWwuL}O@hwXHK3H<%<!1KZ{ek1LVv|FJ$T*q6ZI|+_@
zbyz1UU%?Az;ok!juPfyya)WeVQ|#mXa-Vuj=lojyr(|%BUFsX%KjnKpbe=)=!#zcO
zm-V+$?|&4{JDo*ee3x+|txNN|SHVae_s~%ftA+HN>^i<(shi{v`N2Iylt1p92u{DH
z$A0YEPx1R=TK{VO{s7NcL%nxgnSLp5H|RdznO47|wnrs%9pCG6`IGT)zCQkU$xqRI
ztai=&E_NwZp`+h#(*4$~y=Wgs?dpH`?d5;3=X9uVCDVc9b!y-GT)zM5e8Erh@+04A
z|2fAl|DF1yeEksh2e|V;-wqNFEBpw!*dyN`F}{%dP>=)v56q@}O8em39qEAkdS(69
z<pX;8^#l0A^>uvEo<Kh2!T(3=xXJ&X=l?=qZ&vjDN7`9>UulrFLs8q?lJ@V_>kahD
zvk$&YJ;XiEx?Dg0zVsr$vb}-baV{SA0*><Vzr)^wyY?07@g4RSy8Qe>p7>!=@5#FI
z#&_r=bfpS9$j$PBT*nV|&@am`zg(e*Z;xs?^!C$1kHuw2@I$_SEW0EB$Y<7`m3IH3
z%E!-tR*(F0MY?M3hI}uj?S!PGdk);+SI!fp976q$dXnEyp?-@!EA57I6}q2J|NXz3
zuWIEa-}B2`zUTMP_%8LTvi*kN=IN15@B5RBBR%|C%B#|!^Kd^s{5~tcWM0$t0vUe?
z=F2T)UL)@+6wS9BcjFJAuOEjT_*Y&(n$4HvFX<5XLpT1(OW(YFpHE&K>pP)Ay8}7R
z^DQY|T}AtYa{0b|vg;qA5&6~U3DCEX&iC5u{35TNgq~TyfPI`j{!`!c>?e3J*Y1nQ
zFDvU?9^dBe13MPd`7+8UYj@E3_I7w}au>Zm=lQwFcjMq}KA<PU#a&OGUGn@v>{-<L
z^OAa*^)I(Rku5j)cgw%$mBUY^Ui$SZYcJ==dAOe*^+s^mbJ6Q#o*dubg|1rtL_I?O
z{BUvC+e-ehXP*D~`4YM%{cF~*U{{o9em%~!^G~IoN_$m%|A~6&`_aPd2khtU+EPAw
z^)y><i{2izR4=gu@`Z45*K_BGdH&{?$A4?R_RCT9uJjM!GQX)@M_63_EaYVU$dzNY
z?|J3%Q>p*8mdE$27nSAOQa-+ZNS`gQMX&dHa-{s-xL4?wi~~>(zJ2_5XHn<bez|1p
zV`V*E(q7non>_!ltdG8ZQLchxoDDm>&`;;brJNi+#u?3r`Td*UzW%q%`9~!ChbKHv
z#X#q5KIeB>0(0UaaxUQNUJ`;1anK`<eG|L`<Hz6PcL3;quHHjG?nWyw(Eb0=47|z4
zv42-E_%81qx$k&)NcabO9)Zqb@VQC%o|f!$<>5uM#TQndJI{c3m2l3Xn*5f2k2QbL
ze?!gx>KulqBZu@Z1=G=eVh-t^A%_Ly+b<gr%_u#m4!ofE17PooZ3D_L?OU&A!_ZvZ
z#)j_Qo`w54>V@<B8!i^V$c}4jrK5V?Z2C~kk;YH@z2iHiCh2+W5u!iNNoM2po}<2>
zgYp}z@6Sl+`$f@=)%$M3r(hONPw!nnm8}o|)_2SAZ!7xYzTi6J%k5GyKAn7bevk7(
z&ErLL!ef?S$=vyo@CBW`@9fUc_<WlGUQ&K_DL>dZTmIF`xw4#KcRA07dX9a0oI|9W
zU;I8pXrATw8H(mYekZZ|_iFn2cJ83R(*S+Yj>vfd*Ul{bd!@ZV-+Vqw+Md;==e}A-
zU$5oUke1J)re9p;3;$Ypi1R5pU+K<^O8Gf_;q6Aj4AFPR(Z8Vn!Ou_+;1`I)?}0Ba
zeZi-i-stbqKS;k8roRucS_j)+1m=NG(r!S{yfBa6$9+3h^Bc$m9qNaVOaI~OG0w%p
z9t#g^_XqG1`DlOq{v_WocG_6lM+tqou0P59F5?F}hob$CykAf-7Y~qra??T5{~W{j
zmka6m0pkeY{;l*}H}ZuL_aP8Rn5P%?$@}i>4Y?T4<fUsV--YX0FpEnL><)PdVK?|^
zUYPaI&<uXT*0Z8HpTmMVdYp~ZJqL}ya;J?iKK<bj2%$gPv*zuz_~Z+Jw7V`uySW#i
zr!AQAIzE!nA0JVF%;)b5Mt(Pk?$hoi^#JG4`zasPSIooYTyoL;h3|p7`it+<K4P9m
z@9^+B=DL(#+WEjd!S}-5?|}Gn{CT|3r=|3e`?D{~$8Uk|v!mZ~>nb>ZT}_VU7xUZt
z^xU?eZd2|Til!HzuPB*UxPPcK2XnkK-7Zg9zYWbV+uN{c=JWe!uxI5xK{+Q{G<UsY
z=_|kET)lt45V&8j>hxT;%)?6NVm%iEJ4(M2rt`g);^>z!f5}Vl)A{<#JkZ_q0Ke}`
z_a)zBsLl`e7X3=89rEOUw1=%<CB2VQmrD=6QjXQ>k$>^)N_yW9{d#o~mvdeEdpy3q
zaW6t}SKdAy<ebU;+&u}D2fkNpC%)zP!fI_-K<9_9UN_$!`SgglG+j0NIx}}}w!O*5
zA=k~1U@w2Xf&K>VydM|b{Z7@Q#wX}_%fF{1?LontkJIlkXt|;P!+M3UM;mUR0`u<~
z(oXr`g+IM7tL>QoeNp3b9@X8~^Ye#smH45v=a)O%a-{b&_m%R@qXRB_Iy*tGgn{`5
zuh+QsDUnC--SD`wXk>jS?>l}^4)=|!$FZK0)sNm^<?#~MSBg5nrS}m|x9ydakNY}U
zhk@Oyl?UX(FYs<6a0%%gBHK4if6q?l_fEejv>zPI{U*Ij%kP5LnX7r7p+0TD;5X9V
zpnhS#QTw_S+ADv3e>0sY;Jn?!*MpsW%p3Fg`gk5+$oKhGi%UCRx!(SL^9Okdv-Wo5
zQjCxN&~M+Q|IZsI=ix1%_xXA(E`Nc4iybhY{O{M>_dAp){Otd`pZ|aN>m~kS`@zcd
z;ixA|{KML(tbf&ee@ogA89y!Yk0t)Gu=WG(2*M@)vcz8&<}XY9V~Kw(%s<eMAY5Gj
z0zRF2T{<wY)ls)k<Dxe>ESfi$vGI~wz+s(f;Q2Xz&$(cbPUu3Vqxa63u9VLE@eT^!
z5t84REvDbW2m8SIo%tp6FR2&Va<3ehNjW<FzkQtneuvPXzx(n3wRHu*yimSN#@E*0
z-8~W51%86i_YXh5#9x|gH(I`K3H!q@5r_X)i!WK9lzj!?KNr{fB+9{G?**PMpT$@H
zS-$RFCCII{+(Ga2Lw@{zEE`9Demd*Y$S?ATe4~E-SnINo2l*1x?>Xr^P0$nH^Wxd^
zz`KV2egw)Xe|(a)2hN$ebXhsTtChQdo(%MPIQT-($~evg<@GO%t6u+9$Gtzc-tfz;
z|IohakG!7;d8jWxbbZR!2l#8{dUn<>OX}5+?Vmr@_Fzf9%C1M{)i<f<OX}5<dS(5E
z?#1wZHg_KVhZ^_)*!Eu19yB+fUefR4K7#KbQV*(~<N5DDN3*1!S-;16+z&TD^!rzg
zqkX^f>6VOdrQbn4{IUIY$@q5R{X#WA{!h;vtLf+0za`^cS<n5k>sj;V@c(a}V~M{?
zdz1EiHNMC2WBcope&K(+UpQ=A&ky;0=#q7iCH2huMfG)%y#5S0?h{Ho=kD)H`;U9M
zZhxj$dW^UJzwNUvsjt>AE8o9aQeSJUuZyccNBvI6FH7zfkYBp<6Byqj6nmka!~S)C
zn71$eQ}y#D{vz#`zwQP9K#1>t{HNkSdGE*Mz561+BO9de`N+E`E`HWTs#dgaiT#%i
z_1!?kzi%k#n%wV$;`eM(@8o_p?l%|ozI9-5&su(urC{#h^VNYlZ)vM1{eHCG%f`Lw
zi+CR?G?(-5y14t>@;*ad`ukkIJls#0`d%<EpD1=f2zrr2zss)g=m5t%F-ZT5P2_&O
zqz}{g&9e99-S5ZZoi@=Q_syNYdH2fYzPf)e-PsTK+2uZc(cCh?){Bz4fZrRdGavJP
zcb8uDD5%{71G~?ARr0gJYqE|bztio0FB|uj+v~f5<~pIr{dWAmGD7*?PkJBkRH>(*
z=zA)H7Yx2nWIWX05zWJk%BN(qeCS-2rvD|s!%<MWAf<!8&<mlj|M%0YV8Gw!2RR6l
z-~Y5dd_50UyCL-L@O|}dKAkHsu}faL=J`Qo`7Ye9)#ZJ%l=yo~?E=5^%h$*A`~&tz
zSexDb{N&jw&#sl}FTYCa@$38^Mddq6cyFiH@0;%<_C&jYaNeiV-bxslE~A7l5BJOC
z<}F1}*cbI3{1J8<YTFy4_1Y&t{aEH#Oxua!R|x-8^_?$2J<17TZRM3$J`Vq>)DzfO
z^hNvXx7#jXC@0j9Y`TJZdRwtK`1*c;`%cnd7R(thivNJ#w?E|Jon&90&maEh>ygJ7
z`Iz%_t2gz(8v1^+@bs1SvZ(L6-mUNN?#Abgon1HTApU&Ec3FFgoXYx~hiB~(n*E#Y
zFC8wwFCLiDTAzLU;r&7%hh6{tjxDdioYGVJ|2e;vd~DWL?6=-&k{`q+49xMrZ0>uQ
z;-DA)1yfr{zw55=Bj>fpEiE@0?*<0Hcb<*Y`$BqN9N#6xyM*rd>9gs8gRkRrS!c1I
zgq7d(<YeWB27EAH|If-tKJxROm#_b{{;+F*9e;{li{>$oyLSsghkA{778kev@QZ(_
zKHa%~7u7#Y=I@LbQh&|r1swkA`~-B89yr}k)qIMaf_ZVc_~+d`Ukl87r`UQNnr%;#
z`W%mt@0Twv^?t^^wtXm=QL9)yFoGA1q^EarFO+nR!-a0}8WO)`T6wyHne|tRukjn<
z|E9Jp<2IG}?=O;c;8%Z%#POcjK8M+OU>;uIhOXWHr}8^zuH_$?PAdvOv=h*C)T+X7
z;?J_*=bs?)ecDU7ZYQCWb{PF+!F+g`;JpvGVPMAdxF|Hzt`^O5D>wJOU|`SBT3h~s
z>A$(ifnLb>0sBe%wTr6HJc+knRpOg#IY2+8m-!#9zwtc0V9;I*9-1$HBYY+`i2RMu
zvmxDY@#y7yXykh_O^5kqmTy7noIFYAaL5%q(YvoYj`YJ5t`WUnJxKKQ;}Z^*{14RM
zgE&*)L2mv%%Yu=9n%>#v@nLBEaR$Z*NS~#ndU%KE0XoP9J=zD1w?Qv)Y9}?l(7X5i
z5O1DOLG=wx+rc6qevkI2T6(Mp_2+t9FpvIT?1ptI-=D*R*j?&NXoh?%azQ8l73loG
zV0tcNzXxWIm9liGXa0A@PdiEU0AHUT-xstK{;f~W())VA@Aubtf#+W@=_Gw<w&HfJ
zsP-(S<?quylS3!t4$^_=C83dYMYAQZ*Az4!q;ZT>cIEj@V1CB!Txg`ciaNe<dffjo
znUU-${!%cA3q8gW#q_(cH`0Bi?JV9IfL(g`lk!0bdrRoXq2MFsf_Xy0;GKgDp0s*~
z=28yn_d)g$zRmk@(M(xJ%B}hD1v8M_ReFE^0->wc524(@<Z-6!pB9dzU!r##HQf|_
zFVs)Bs5tsd@b%-6@8gIgME@ZD7rl4Q{a9rPIbz2!wIlk!Mdi~x|Dt*HWGQ#F=dbhc
z=@iVp;{?yX&+Oj&M0@m4P9K=Ly9vF>p>^#=^i!l4e|7y3=6h&wkT28&8F$d{^YpTQ
z7??+o5r6z>HLG7>HhIg2VcK71@q$5o!ll`C!Vlm5koxCyvh+W8{Bj*%4P-q6({&zY
zlg4#-?;`m|JBD~(dj$K5{#33Lgpb&b-l6TO<;?N|BjXqPogf}R7E`;59~aE8bzCFk
zMvSWp=40&-&<|(hmF?^C+~3!koA(y^Qm%oHQ$uql|DH|J{EGP&Or!Q6=x2|<K+?^h
zB;lR<z4`X6dV7~0=L9-VB)_jReyk=>^rv@?d0niszd-rj|5q&s9p}T(VMq9%#0%zK
zZNKm4_rR(B;r5g4$No`iZ}cD8b%lcFlhy}x{Dty3Q~4rXR)4PuA^ZyEann?*|M#t*
zsDFXM_#XB4&TX>w5c3iF?$TkLjdZYAHcs#0|61&v#T}pK)8TtT+nfCL+-m*m@;okc
z?J?R#KkUT6Yk+lmH?P6CtDpAw>+G5J8?>WnKO5V~_ii6Zy+?f?xsl)quTi>hds}-4
zCf0eH&+joF9|q=Po#*)9W#20>`2DSGv>ii;{Vs&xzHRj&`e~w1HXfRz&yw<Q;CTn;
zXMsT+{qOY0CB5{kfk7PKFMLtth+RV6&%*d4zkTWSyx8p@eD0Oz3r~ui54FCcJir(A
z47iMMLvsk%ucEnA+gp4`yCdyppueBt`ZLVad^<~dIXhST-bLpZKHVR9JtHtEf6Tj4
z5AV6&=HI=mE$hZb^T4TM7oVSua|81gj~7BSbaz{R^gDVypD$^-)tOzmJnKzI?q}%t
z<#^s3r0c)f-}d=q-CD*ofjN-p$EZ)VKJtMrpHRo?1tarQgh9Hl2|tnVVFmuXr-hGv
zFQ(t6Uv%TWHJ=cF06)aB4gmk#=mhcO@4L<}<Fg?BU67YsTe*SGpW(-W`8)TAp?Q$Q
zqK>Oe#veZ~oUYE?Gh52{hnly|_vV49H<)Mmeu#0QulMQ4S-Y0ZksQ`(ehcP@(mSue
zKVnl`9?s6P&k~qh`MiKTPxV9T1^f8xgBZVmdA|7RqOSWLe7yJ_`hRKn+<64x2+!tm
zd%>W+6Z^UKMZ^(eoQ`^r5aW!zb;V<OoaXvVq?7uGb;i&vv%b_re_gTovgAwF%|e59
z&b;)nEBqAwE!s`2PeKojPe6xuptJUGhu$dl?JwM~24*jvw;_I@&fg?nFbF}1?^ypu
z2)vK3Q(_&$p9e}m<L3L=r+Ridu~#<k`p-NZ`P=_eNsoNvd>!nPU8i*GpTP6hIq@Cq
z6Nsa~#Qx(Ow~OE7`+fthKB4ZD77e~*{Dt(0!~U`!47<B^VUz<x&|%#e<$w_5Eriv|
z1$4qMFmG%x_QW|UoVUYw{7xz2r|5b;=)c}Z?1Arc?kY4D`0`>W;CcSh+4B$K8ydl}
zFIzD16R}UI>+0@1`~-T!U;H@m?D~9|u6qK9-Eh7Q{^t81_zUj*+NXoPCa)uQ0YBhk
zcb8t|qg}*!!L>u8XVDzW`wJzrIft}gS7pDW)^;k7|Dv{Ae*M6Dmdq=IbYBJa0rf}L
zuU-9Fv#t1Hmd<^@;oS1?Zk+=B0$txkeBu1*T#Sx?LI2K)QjeOK4?PxN2>p<6<PY;P
z<Og~}KeQW*JH)(0LR$CH{V?G06SRW}fx}O$^?&I1P+w4gg->8)TukR9xSuGRHoU)2
z=PY?%;@0nF{NVQQWFM%Mo^SNWli26W($$%%JYTLif7NxcQ*}Nj`>_~DBMgj;FGC$)
z{&3?;*azYF-M?(<_$<4=<@Wv7(s?iZL+lx*_1hoMHR<n|K6QkxxB2T`pRX<Ty7_Um
zTUW{M^U;2;H{X`@q3#>G{TJ}{(;utrANZc#7j)|@{dgV0?MGrgv!%GmfjzOF=<JuZ
zEB0I5`s!x9o>tKH*g)4~-MRqye_IlJA2dtsI^jwQQNJ+%M7$fX>xbr?i9(0^h*115
zNXM7icxax`br|4S4+j6Q*ATw7`XTm<F;Dl$+p^A6)b*T_j^FEy^l$are>PO~pVitW
z)HCG!UR_7SI0WYs{B|yHd=EZIkMX9zuMhnDj%(5Xf=}Lf7Ul67pC57K65!|XzFuh1
ze+ynP-}iij%=dzH-c)P(W1cun{oQX@&>x{6f#2taC?BjFW4-u`&t-lk^WVViyMgro
z$hVZ!fA6^r?B8YUN#(fGU$64(ldNkMbzQ8Ku50;p;M38w6Y3S}1^ga%_vgL%o;PmA
zI^F<XZ<BM47<UEf`W?n;$UnwI;O~#uG0(+#@BO>W=hp>u)qN5NA6Xyv&wsdcTUeix
zex>r<hxlV9J@!>m?`m7WqVdU0(eH;^FY?Drr}O?)(VTXqtrsP;+gnzCof*t{y&1sg
z(i%)_9hWtK?t=O;J@@n95~6-%{~<3f`nvfV;!>^{XCQw+eLDCn`oU`PyA$gdF5igz
z_5lvQi2u-Z!XM*D7vjF0=t1Lp&W9WCA>UH3e|Q}GJZQK4IP}5yyim@&y7OLs9DHic
z7uI<Y`st<qxbjC_=v@6kdz(FX8kjwGT_gM5jc5IS8RHPpV>~ADLV9i#?YDfV^9Wm8
zKXv0Bi90)i?)Kkj$I18bK2>OBeYt2(e%iKwC6jEX<7ECG==V^+7c0J>#^+vXpPAFU
z@BVtL%zH^Ml`HbxdKiAcc=IjG$0<Q7?+(>R*44rkM?Z5Le=isb16_Y}^IFMgXk<R%
z&iCN_kj(dk^jv9MJ{MFl5?10^ACPex%~yE8ub}*~?o}}DblnFb_W3Yx_`V_b9cSq8
zAtR3S$sZ{G?2)!S19SGSQm$z`rROeC-wyk?(A~GM(2ddk0qo;peHrWANGG8?w}<&7
z&N*RU2>Y0*Z_CXPIX>U)d5ysM_jhp50Cc~3%KB|!4(G6778l=tohbIeeP3TrOZ9Fk
zz1%0ndQs&)r&{g5xXQ7m`onKfUQ%z}{R}x5hxM&O`a4y%(qlY^^|bYQU8`vJ+Edz(
z=D%0k(Ql{59VmVY|E<-|7(Y$DOVaOql=u(gxMwfF|3LT7d0bgc*YkXRo6pA&r$6$I
zazmKa3-^?1z3X`CcSiC)bkXd}`6-#d@VOI5*F2w4>3ur7FVFY99NxT~{O^8x_=o6M
ztkAD{{+0RY#=oN;n(tP%?M=~0zDt^qI@P;A<?q)Q*!TPTQ#JpowcemSBn-@$DK<X^
zU6&3_`$-b_^{-WLoWsrfO_)<JEBzUE!aP#sR?ag~Kd}z;{613ealiA7ou&RYj~8@2
z<H9SJlJpXifAhT1-OqsC5+3K!x}}EI(oNHQBS?4m-XiD9S=P>h`IPUy6pX~3J~BQk
zm}>mz&5?Y{dB~Qh&&%(Is-Nf;n(OYfa*F0XwKMcX2t6^5_Sc({&qGhi<{$hTnSa3?
zx`UNdFqi0k(WCUfF8p;R)+<c)fS-kpmTzd}yVLW}4-rgu_S1<zbk0l9S0f(?k)J&K
zpnu-*W2-Nn-(|gU9wSKg>lRqO0weuQn7)^Sc^dfdul@(SADjqZ*avzcgnrfR4L<`P
z*je;08016Nah+X(!>&>uMa^eP%Zc8J(|qrKx#SaeURldg^bK^sD@@-Bfgi|t)VEL3
z$bHCyIZMx*_1wwYBQOQszv|at<l&u_!|tTd<e#_)4ZFxWn$R4xv!!?CBl2B-p^x~J
z>t7`Qv=64|Iv##q^pJf!IyZBtjTcQ5uNUEdO2NoGGOk_y$01Ul{d6DKFL(I2*ctvr
z`{iuMQfg<|%hzA*6qvEBAJrqRXMVel@ju$tj$Ci({<GGTYVsu?G+yKU(D}UeZN948
zHBWEoDfSKY+#c#N?C#@5^Etl<Q~P(67xr0Eo{-!8_sV@S&|{s!=aa>e-szeB?(l`n
z2c3Iw3H2X-v>WduyZ#F2PcUCYxa#WSzs<*K9<Sp8%u{i0`DQ)`=idMMlKWRb9-4K=
zi$CBUBB29bG%_yEOIOr-Q>sdL4X?YF%wd-;T%OcJ@T)VDu0BoY=M(GduunFgZy$MY
zFEBVihB)|S<N18hUhb&%*w@c5SHC=c`c{9S>PhXUoNErvaNf@>rt2dM|6VeeoGI-l
z%2UcWG=BMK@uES#eSNa_tb7+LYo~(o<32y%UfFn<>hGt+dwuXv89%$<%gEwIgZH?a
zPlxZNbX@7ndyLOvx^=0wc9H%I^J468N_mE<{d`=~RoX4fr(i%Q^Xwqyhd922Kjz~o
zHy;PRpD)yR37s6okq-ReC%zoup!enYevkCk{2zYn`zy*9?U669rGDzC_w_{_`9tXI
zk2t;~L_T0A8Be-)G>aEo+`d7MU*8bN_xgHiPh`EeV7|OY;-6k?L+6)!o+kZ_+&9O(
zzG$8vBkeW5<6RdY&&CU8@(AH4>xcCF>3shy563+KHy=9j1<@1tr2T%|?|-EoLHf%1
z=h^2={q3Olg|qR{oTcwr3>YSKh{F%$Jsj5__o6o1+Hc|COXhR!cd>sDKbH2ZXvVxP
z<sdk%%ksU0Q1PNUish8dv3$>k%1`IX)##+YxqIc=IQ=d?kAI8icwPshedSHF?HlSV
zaIDj0<Dq$7`N(>W<Fm>ju}`&f!}#oN9oHhBE#IQ?zt5d3eu;CxjUP#TkAuteLBIdV
z^U|XBqt4&QZY}zu{z{zA9dUY}j@~I?oc2{XEE=ibB^^K2nQw2f<yddp-(<rEGg$BU
zqn$zfB=^ojbLJD44)&sbz05r(j2{ED%zlzD@iXlIVf`L)_#xsg|BiY2`&)}V%&Yu&
zuCQN#5c3k5FNEp4YQXV6m(XMX$i3%?c?RBh{Gsz%jsHqRq+E=ytF_{g_7%1L>h+y`
zU+Fa)1_p6iw=Wp~93I~N$-}X3hWjHj-*D$QU}yBl{(S<R-$K6T@j3+Eo7K>N-wu5I
zb6SWa9YU<zN$A>D=!JB6uPo1Re1DK~ckl4|-{-Zm^|SWx3ztjhboIR&_#@8CK(5Gh
z{_E4ryMsj|bk2Vz?%ulqUxeTfxp=>@dAzcI;Qg87xSb8nzt6DslkSD=UtUiGv&N<p
z_v@=K=ZCU8`~e~4F0OVVuY5n|br7_Bi(bxBZY?io+<)}_2=B4Te7}&sQ;hv{tULMT
z2LC}Q_N<=2YW7C{gwFY~#NGM_;%Jv)XIbyZISW@`uzr_a*QoU8{rFwtK-X2>`bQQo
zm~6cAU4lG+fZw6MNj_XVlC9VDzQ{mZZ|M9pw>K_7etFbtf1giQ9`f6A|JqUCi<EU<
zw+;+EPha02@Ta?YJ&xW-)OMx4?r%!_g8Ech&OSf1i@rbkba{SPE8Xs=$++%D)ff5j
z{S-LDyz+f35`MUMyl{VV_JCjI<p=$_pD*7JZ(U8spB?`u{x?+b?N^kej{A`xgu>tH
zm92LU7rD-_eZBJX;oBAWPq6Ode@FYU=Yv$8Xk3eZL9`dhuZ)B79scFw*k_UQ2#nlY
zCL3KRcEY^G&xdbclxH<MpD+5`@$6^LjwpAj->yCJ`TO6YhcCxZ=j#tU4dMIQ&Q8fl
zu`j-7L-)HGc{s{ZLdQ3cUU2-bFYbv~i#s~}{({e6)+s=T(AOXHVfP*L-YnldeL~ZL
z*V&8aBAw@E^F!|zUMux5i#vIu=l7+f_bh8HKc8+>Js0Dbw;zXpp}u72Z-JSq=kxGg
z;-LXuwmwz*JK7t+zJp(_<4(U`$hZjmb_j!1FYuqq<Jzz?9~r!urdzc9I6YuDv|o~c
z*r#mXuKRY)_wzIl<8g(XAN11l$m)stI>rZ1j&FBqH)x-g`2^|yO_m?h=kW!O@hH8Q
zqy4JzFY50rl*}LX{DZHDl#jDl^ZClx!{_(X#ZnKEkF%Gx?Hu-@3ugTbrN0*aLe;Nw
ze3@-m-S|%AxqcAi)jw#y;g7IymX9kJUvHc<f!-}mf7z3gPpM~=FJAwHT@f}@FMiN^
z?fe_-aX2^7()_K^PV#sCDmHZfCi@poj?Y)tLEO8%zTIIbwA+aH(Ry)_+6U!|^7&vb
zJC3N`FMYY-b3C8_pmXDT4#d|V;{~*zxNo+nzJD`K--XLt7s|sizO1%h1bH|7&ej|H
zoi{%B_rtAEL0%W0kB8<)otNk3BM)zB{(k$CEl+yClEWV^e`EN3nLFPLKgjxr^H+>_
z_Bl$%t?PU$dR{%B)FuDJy12vx^ANvh7n=L{++xx6>m+mo`boQoeV5@pp1}L}?wx(1
zqj8J(I~;x-ddt4I+uuYSdV@~x7X-R~9;W-yYi}X#b>4S>{|oDr;4AxIPCn?dKLS0_
zzUIjRKcvULnw&$g+;0PpeN{>4&O69H5}n^UOY(=`K>)qfb9aA3_T$}s9$8;??b;e|
zNI4euJQDP+mLGiY)?WMu_RH?)g=TF&zv1q2e82An(|kJLes~AX<xl*Q+Cknwbmxj>
z-N^NuC`UhpJ^b_7dG!kPa<0tz<@0<Wkj_zkBJ~Y%tiQ|eMO4<8JbXtzzb4=D4tT+=
z!+2%=!|z;V`4vo8z2|`6ufX~{;w}CC3)m0m;7`=?3);<r+`qYb6XYy5xm~S&-TS!U
z|9$f@WUQ?pfv$^&=DaN}|H}2T^>zLRd5fB#r}TUj+F^uZM|vmpAjv1_;CEB^7XQNU
zpd5Fj=r8%8cYb)irl|K|O1e*2XQ2P0(u0q@Z%FMY#_buo1%3Z8F!#5$`cXU4(S}7`
zS1qZ2{`<=G?h*6DxVm7LA0qAGIsE(91x-iqFZ2)`?Q~v<@uRGNknLKyj*~qvhx66g
zhoaw+;B%xd#QmlJ75!k>AKQ*CEhp$%ZM?G!?|akxac5fp2~FWx8`3!wju%X|?;<BK
zxS!_7pYCh<(eHZfYwIcX>$?8)GM{59nGHEk_Za>|bjTmhmEQFZsY&{Z9o#)t$se6N
z;BiA}c2>QC@8;nsFSKJaPQg4M<CXk%OX+Xjckn~ISB;-v4u1SUW$#+$)><xjKUnx;
zov<=QIsH`1uchS;KZD)AZ++h4eDVK@T3>@+((kqu|E?r_O8h&rp~1bK6=K0VbLj8^
z{7$^vheUlu|1aZFH&0vCd_H`V=pp@fX#RMnjnlisoc~g)Z>@Cx`h(Qpg2B0{g@4C=
z^Uz2=ZF#@EsJ}}G|3SZY9`D2A_o!N~&kH(U2j33dKDvC$dQ9cGQr1x`<w37@dcV<+
zS8ER+8)W_1wZDHkP5L?Pr%T*@Z|{A_`p#8)UjrfVul3xZAHJybR<ys^XF)y}wcM(;
z6FC2|TtV`WbAZ*-<@G;U7tUJ`mUVZx9xUta?p#B5UEZw+3!PgJ7JVz*@vI&5_JJyK
zoL5BpY&=g6aJQdT&2D-7x8k3be(n2hwe-IJ)%5YpF)OcNFy8U)4>|DHy!C#+eE)ul
ztyi#{3;%GD;LsO-G@gIAfW})oZ^HU;^LVl1cb@;SvE>_@tJjhG{OLv_=kmu1F01c2
z7lHl7tR3h+3D0MX>Hgy%_1$XJpXTZF$}?|08}m3<AEaM!c7lB{&O`f>tv7C6Q`$B9
zeGgsN|C6rk;~wA3Ur4<lO17}&;`8_O<@*cT?`m|_zT><-)=A{vA?CX-^!@Jp=^Lcy
zlUthJm+$9G{N0Vqt9@V8_8s;|e}{g#`FvISo%nCQ-!;$2^@FwgLrd-A+u4s}e0L$Y
z3$C5QyljTzOZ2z(o8AFw;rU$O-hRAR`{Vo@{2c3ZetRYDYvp-K;65L;e}4S}eIAZ=
z*IL8R^}P~*o$AXoZ2#fb*ESp^?I%Li%g1zIv!#AmZ5<7IAq0Qe*Z&=L*rirF{Eqx1
zdLIVqVD~)!n8%6zEBlkYbUk&QR(?l`-jCP!rZ7M9<%7TPM;IUZ<BpcjuY7;UzOb){
zpCAAC>M^dFuj|tYg}>|9{ra>cud@YawvKzy&m-M*o;TBbBHXWs>H6>&ip%%VeEc)(
zr!+2NI@%Aa@*RHb*B`%~ul61DJNQdAde}QV?sok&#syMuL*0L%-(h=4>fw^_)(&oc
zM9!=K@7QN?`K4cftNA5<@8Lq-$M@;|ezm3azCM0?=JSUgs?k;Z{^y*23Hpc}`h6R{
z&jz`OSL1)%JegNK&0*y}5ayNA&*8oR+Cv&&>b=VCcz-w_hhBcUw6wiKzH4o-AQ$cS
z_gzm#yVr4fX~*8v_Br75bjbJO53z14=P3#%Z++Fbi{Fp>c1Qm!_ILAGp(_|ay&w1G
zRr52HLp8c;-*G<Dm)}L}iJ#AE^M0Qm<1fg;d0GEGFNufdq2**enWYQO1^murG5rpG
zG4Av83AruB{qr5w-bcgu#LwTBdJX{j7^3Y7^v<hq)$IF%zDo)IdG^l3@h&{>J>Yk<
z<oyYE?h*Av?g7*O-bCB374-Kg=^h`S7YcK5&=r)fGLG{h2v2IEzcp_s|6C8|{qA>1
zWt@$6#jRfg$M2b9y}J3h<A--_@O$J4#r}}*)(!IX#`{y!ez<ek;P+QO2ZDHQ{2?Fv
zL)ecF%_}^<F6!?+mGqplqtE(JzFl!HW&od$q4tzRy04{i*k>6%|KR5j-}CZ=`N!p&
zKD+Nk<)H6G;C`aKr{dnF0giNX&#GV$mwhg`pD*hu1p~eE^hJ5yt?!f}td<X-Up5|^
zxA<IC(LAg50dn5#EcFlfe*Ak>z%h>i-#j|O3;J#v-ou4ms)d31Sod{cC-^18JUit1
z|12)wz)aI}#`s|2_geh@4Akq&5ca^n7WDK(pRQUy;9m$AZV$8rh4j5Sj0a`B>-Kqk
zJzx)<A76^!Z3wjd=-jl9(_4zSRNo&<ue^Lf->vnWcwYIS-SG9r`j<a00KJq$W%~<1
z5qXQR98s<<^K<lDzW-O^3tu0g-^=6mySnt8(h_<*AHn*;qT2`l3jaa)Q}d%dKmA|H
z-x9xHynf$Od;YKZ(c-Ene!rF1AGQ>4shxd2^76NEymCAy^lqGub`fD-`?$FE@$KRB
z$9Igw5n{aW(`VzA<9XySOXutW{&{rxF5|$!$o+V%BNo%&Nw4;OQS-IGu5V=XLBBtm
zgZuNE=F=5*{!>clKQhjvc>(W}<;_psxsNPgdT)&9Q8e$>`4rY0kbkVh;J#(8<3f4w
zf$lZ%dt0Hw`oYi!yM7gz5gfYv&!bd6_Hz+p-Zo3`>-c&>Kdjqey-DH)(^9<`yl>li
z{~ej4*+B1y!tW45AK$Kd^%M0v8&-}>7v5gfP7gh?u8VoC=m&qnc-{F4<nPJ%9??G0
z{ji)k_QAytZk~qv=-UT&yP>Dpdxza^7@D6)Hl%fz&23mRCv~x5o$12oljwIIma*{$
z^9rwrLw_n~o$vT^a6k3+&a!U01MgeY?-28S823JTHG4o`_}jkxJ_>$s)!n1(G*skZ
z-SE&Gt-gVI{wf>Ny|zp|G^g=9gAT{LsE`AGejN9v<op}`PL;~Vy-1&4;(-}>ht-4L
zN93?*260$2*Kt^9ZsgG23(Mo5edjRL-?4D-8{_vDr9E-?O>xgqeqS+6e;4xjQ^h`;
ztt_F>U(V|nRZc0rzY00>y;6_9d|sRG`?V3iD3@#bo|P*X(bKJq$^BLLj=bm->bh7_
z?`2hfm;6=!?q&1*oxPA>yqn|G%X%E-meTdZJi3iIzxi}nfArJK`P`!Ui0fO)yv6me
zGM`yG_xnO=Kcx1>Jz$YjFeop?^ZWt+E%yZ7Jid9nXx6+z*8jj4`ySc#ipqPe)#(28
zH|sY+>ZjRwsQD?F=J85@U175L;cgo4)m!u)#BsV$rE&irH2kr7ylBp9C+!aOSgwPW
z6PnvQ*^u6+ZEM4lY0dWsoxU;;3C*5-uifGAM532}zuS-FUM=)Od82;=4t;k0h3K=v
z7B-}M$@iWE^8o7^rt2(7hkM|!pD5}2s-FILky|ut^SODqE+O`)*LI^JZ8wCT-pPB*
z=9BJKa=N0HV@c_0Uq<zuF;4WYCih#u-&Lo4AlJWt9V%a{&z$d)=DRL!SN_KRTwogY
zT<&kx4+nCHcWndn#3(5zl>4RpoqqqD%fG1QPrsMMcCS;p_3CF0X+Fj8+`9;i#;=um
zNc{)x%OU!EB8We%`}c^;e!pvHYNeNR-+=)=;^2=s_+xyCc0%^=u>Teq+y_Sg`O!U6
z?g)3hRqTy>>Cg1G^)4_^ziR2|eSUt|vtWSluD|PW=wE~nLZp9_-#;ptNxMk>y<YFV
z`}}}^%=a!sGl|cu7tQ7R{v5tTUN#;Y+_#3@IroV^2$8Q_RL?VYoCo}zy+l9cYirFH
z=n*16pC4oG6qvR29bUx$%<(YAao!wuK?u3f7jh+k`F8f{kZ<rs2)@u4_J^Ln9N@PN
zwRWqtKfc5M*?6V>;fHPYcaUWK7MLxXq+F(+D)y6e457L6@8WkpzV<VMuXw)rq0w@g
zeu|{;&F`esy&8TOy=dM%+R~NGR{XtS^628NvUHL!YLCvdIGw}%IlVbY{fhWu!QlJh
zI#0UjHOU9;fe`O#AQb-%O#N3ve*^n7)hE8^8>TqUol5BHY4)9l(D?5+Y}a4xQ!5>Q
zhegT{=acAnh4^=m3TEs#qNjv3p58?G<2&XNG7rJNGR_SYOydDUzv&@TUWi}tm6R9a
z_&!D3AA~-Rboh=C^It!FVZ7C!-f8%m>aFpo5-HbZs9f!Mp~&T5FsLVZ_g?&!-nY?u
z?c*mfUaa`O*?CrOWjf$_>9X?Z{djI4OJ=I}9}AaXQu?|IddQW0<nskxR=<3{zP=A~
ze^4^_YrjxUU!kw7pobpNH;*sqe0_bs^JYo;L!VzgYvZ9=c)EJC#}~F7(Z3bU&)SLK
zO1n$vlR67uw8MzwU3K5T5r^OU{_XoO;`4c&3_qrGzv>UboA>8ZO83$K5%)fDSytyC
z@Ol37ps0}ic@Q*8GE6E`QZg$*G&ELLR<@`>S&<N8QloN(Wy{J6%QkAPFsZa$QCZn?
z4a+TTv~0OXMTNySTeewa%bKnCd#*p+4>vu-?ft!<_w(W6d!2KxbDeXp^Y=dYdCvWN
z&Zo9-od*)-djyJVAFWsYZll|u$2Y9AW&CxAvw!q<ruql!8M>XR-kQJI^5FXtgt#|^
z#(msBPxFgU#%Il6z_5I9ki51ZcRAF5VE&wRG+gr&t)IH(qUBrV2BsH1-`akMl3yyn
zOV{yT=V@)H1KmFJ=;ho_)SuhC)6T!$-`^ik?Wm~onbdDokIDyR-RLp5NjoZ+_1&j5
z9_#rePych$0XoO;HP4RYeyQI(_|w<y*7iM1`so)hTYq2w_qGp}=cz2ZpUPv-k$GXV
zxJL@A-MBsBK0{fL@I0>14L*~4KijKA=KptSUF<c>vh2L#F{S_JeChgtpXYVI$z!;G
zd(FGD9**X|b`I;iPVA!cPtpA4H5#tpRpoV*w|`!Ww(fsvG3Q^)_3dt7|GcmBz2Y14
z`*)4U=ry{2cH8-_sa%fTf_mS?dveZsG2I`Fb(=gVsQncuonrHgm6+Ts{!1C3_4!5d
z+x@+!<3p|wmFqo;%dh7^2JRa>`zN}7b>mFB|I@h-PWNl{JT9;6ob{giyY;x;ZoT@w
zifHRaP3K5Chj|;VTmAj($)z$rJ|W*jS9kR)u8$^K=i@##u`jQmeTL;6|FcN1r{905
z^0>>P`PB8Vu8UQVqW-=)T777J>33?5q;<Z>w4BW4VZ{Bg)Iae3rdF<Jx1H5JR6aFd
z2fMC5SUFvPAFTYr%Bfy0pW4Y?&T%Jmf71FGcPHCV%d4o*-GBZY+tH1xU&q}O=y?v~
zJ>BDp{U92Lz2>I1tbd>z-)&A}z3QL$JL|^xt!N$TH$RZ|<nlvV?%@FI;c!oXILE_t
zipX(#_<fj+-x|*8;65dK?(!PWw@>CHzqwQTiI)H4jhrrj7tGnW;cz^MN&fY{gpOC&
z(er`Vymx@doony1dc5XS$-lZEI+DxND(zI~LARat`!?GCqxFv~VpyM!bDzuaDJIeH
zDUe^<XT!Nt+V6JmanW&|5&KNzS&zO~()(@oe!^(}I`8v1?Tn-B?=c$webKMy%K5zp
zzCU^;+gr=&4(EBpV^+yJI8N3r(ek7I?(?tg?=dUnc~{rf1JP>^%;5a!J`=n3{h{CN
zEMhx-dpMqlDW9sxC*NDbJ?rv*ob`FlQ*=Km_StE@@9z(Pm)5n;cUhyANBg^myX#BO
zi@K5bd9fa$a^gPwm9{*-{&KCG&E?bj`J>GHYB#MX^^dl1toLMSJeAk|bGN^)OCI?i
z=ZD*c-`r2*i&Jl^XP~_P-oR@Pso?w{teiU^8ZTNtwY>U1;9$$C_E!DT(v23b`?~IU
z`d&@_8NEjRRo@>*@OZ>_^%>r8^P4khUoK$Q?c#B3pdOFW_$=o&yzcS!ugg?k<#b(i
za*Rz6=R)Y7qrvreuyT5yMfb1W>2-Z*^NrsPw{d#>Ud2gI#|=(T*W=E22Q?r39Y?%p
zrF-|B_*$+XmDqOWHTPY?>2%Tamfvu^fEl~R=EGy$a%b<g{y0}k@&S<#_RG7=<BtFT
zRXUsFxIJ*aI_-hmN5DKt`)5JZLKtKIPW>{}KmXl(JI7}|cn+s_<d=38ka0a|Vggp~
ze~-`kh>?7RBp<Q;`B3|{(zxzCFT8g+j|2Lgb@oMEZ}ZQx=zQ1xZ}J?f^P!&0`StH?
zz2Wy~QZ9Y2DkeQ%!+M;4p#C4^+H@UzvfVs}{k>uzpOgdN2OdIS_x+r2eILed=lz(r
zPd9Qq#dprB-T9)nx7+vFat?0q$LF#A)V^v*eI8TyG_t2-2eqfJ6V<MozdX5bTJ@eN
z-=}c*&(H3#<<|LB(c3?t{^K*wH>1~NHnV&!wO5byQ$?>y{SKE$?V|e!>gI4?|Gu#L
zvz#+Oc7{0}Mz8suoX>H)A0Rm=T-|q)zpp=@j*k`VS+9;q>aXhwK7Zh>CkFZtwvXCX
z?+I6oW;d-LP5<%tZGL=)$8l%e<aICVo5pp2f4H6-nkL^B)$}9LzF9dI`;cDfotn?@
zSza5#^-{RVriXJ!^qlQ8+)n&bj{(E>4VqS3H^rC-2}Aw$b+GZD9ckN5jOYo8p4fxd
zlSlOzl>EdP))x|ev7&F-LF?mo5fnZDd%k$w{=dtY>f`dpNO?n&&sZt%Fe&fwgD$V?
z<#G>gKW>K}!-)GH<at5e+#c{f2Wk(F+(3VSf4pezU)!mBeLr;;kLP#ObDiHT@N+-a
z{-@zQKltUmYG6n?))VL-&)oX-eVq17eeTis{hHq+<oCt;JgVz+MU`jNd#Uw##$#TS
zeKAhoW4fh3>hq_L8;Uwk@$ZrGJ!@L`c#V#`1II^<OEO*#9RH9`J=^gzdVhxfOIlyy
zI~lZp<uM;F;BZ~vX?b*f(s4+~CzWUPnolS`=3yxhkEdSq^_5(ozY>47n>*ev3dcDo
zdT)YrHyE$%c}*R!RG!0q{r;<eYsVLyx1;ryj+-7C&+wffd0y9WwY%nz$32|eY2@;&
zKgS#F|DWacJ*~GtebuM)@Id!q{r_#c?tH7;-A;7A*Y>2}pKzo8j-J0af$y8YWbNxQ
zx<B)%-21NmgV&)tA9~CT+2_=HcDuD7O&e+J7wvc(+g<gmUVZ*Zr*lXi!{{{|%UFJ(
z+h+pO?lnJ(+}<PdNAKNnpFiaj`E|KB)4fn$!}BY?^FZ^iSI))yWPbEZKMNRMUpVs#
zuU|suW13ezM(0VL-~ZQncBuFVJI_Yb^S{os(e&~7<Jg7ghv@VFP<q(TL(gAB*<0sB
z9ykB*^!=~%cC>P9KG}}{cllI(Y|n#VU%2zh^@-<JSqDV3`#`y1|GGfsd0g^I|H5-3
z^|yembAvLD#z?;l$+~Fh_0a#Sm;2E$S#J%O^2PP9x7dDO>G#g_&QtkzT+;m)XP<({
z;h>4jv*9u3w(EHOI@ozz=U-iyaQ?i8*B8#Z!ac7opz+XWUL^FJTWKF9&|eOnhYnWm
zRMGddA@sTBxSa(g{a}CkSJL|suhI8!m&v+@p966YL(<Xs_IpQOtOxA#HQxHkzK+MZ
z<8i+kJU(;$7>OV1kFU?2Y!7{|_8b1bdO*If9+dOGPP#l#d8IvS`}LTi{JC6%<<+0d
z>+k;^#z1{;{f?XCyWPJ2cB*>Z>HI|A@82}j&c`0Zh~HJoJnx>Dbzar>cAm`lB{HA>
zRPJ3Ls$CUHyt8iNblvX!|DV?f$5VfH)(7g=^~?LGalRS7=2luyJHMaN^|Rto&jk(7
z+Ht{aK9=<=w?|#SI^VtI^@HQ)=XYJ7IO+c;p7W>gg>*fp>)`HsPEVijbiZ2D9q4v`
zccbO`&*(h&=zR}74|w|L3*G<L@@W2e{p*w`TKQBykM_;*{wJQtRduiU4wpZgUG+I7
z+H;rg6aMfER15lrx^MVup!+E~*P`KX(f9T+e#ySJ`oALQ!J@fmW^n#B{GBnJ|ATe^
zT%NB~Uf0d)-o1TbzV{^#Oz&T=@T2xydHjyz8;gGP;G}`_?tM~ChuhWQ{Z?IvbN%S~
zoWbZ0*L}@2*+0Kj&avvaq^RxK-LCbyXCQjzo;ZD8bk3RZyzDhUD7EEw!gXI)=WU&r
zhw|s~cCa4y$NO-a=bU?=s;HbeFDB=M^>>H^{qa4>m$*Lk{4npwJLicK=pHwn4|JV^
zeerW_Jg2;DH?O(q65HOKe(tv8!12Ii2D+Vi|9M={_pF1*2OSUm@?Pi2AF}-w+21+0
zrgEcX9^v=acz;0aE5FhA^ZLGB?Qw8!=l7txpZ;^wi|<I$`(}^f_Zx%XOXz#RXyNLw
z<A{zQ>hFHfq5dj25WQxVyua3YS>>bYQ91oR?@;nOZt45!q2zTO8cJ?@l<|fAQO`8)
zV4qRO9Zg@~gRp*|yccrbFS)}v(f0>D{qJXo%9oCV`o4cCd7U40Uu-CO9q0dB`|JME
zQ2KS;f0@1;>oqIrcVW@ntLk&lTl(IK-#0n$`P}2M+pXiVj@!DAqxE;0tV<MipHnf~
zezC4&RIm0+Uf1e4=bVq!a6Jd0=OFcWrSHl)3peVyNsg!IV;#L8P&}_$FXwAmFYZks
ze_y}9+E3qyKPu;7en$J-`nx+tui^8V>c+irGR|muHJ<x@Uo?AZJVvkiYz?m`uKN+A
z+FMceYkdujulf4l^+Y?zs_o^;qj)|mdDD*jdY;E)-0nkZzt<!7@|uD9bn>VET0iP$
zJK)^d12#Q;w*}9WcAnSrYkSf9aJyCCIooVLopU{N-eNuaK3nf~)pn3A_flwj+8(rB
z>$xq>m!_}s+8!0VsyMv^Qm?8n;VJfym3<j)N6*UpW!0ys@rKHW{yyn*`W`FBQz@^z
zJ!(H!{pwac*z{Dt#$)uFcjW$#Z`bdH|F`LAy{g`5?S$p<`z`6uZ_w{kz2=^$t=)Y_
z>qXnG`fGXI?MeNkoh#FG-#Tuw{Rgj~v|dgc(0_2=P3m3Kb-T5^+}^a`IsHQIqU~MV
z^PALv96M<Ld1i*SgMMdC#|=eiocnM4iR#z<YrYvBz1rRtHJ;X&#?$%T9beaP8m{qF
zkNT^gXz^8#KKHxz-18ETAN%Co?-hTvZoCg6#JMOM|NUm_Gb|S^oX1bRFB3U;I-1|1
zQ2Uq82eZ@cJmLI4Qrl^?a_jm>QOm7vJ=d!9tG>s*y`0A@cfO;gqxGujjyKde#`{*z
zJx4n3a{utjzN#~>YdJKY%IUlwEuT8Cx$_rIUduBOz2=!izui767fqkLzO@|g{J7^2
zZRgSSYPtjQzt5+xM}8^i$Mt;aN%GvM_^+j0e$9V|d>8GdiR|xo*UGr;E+^~rn$IhF
z{iErsUhR)sE-k<6VRZK0`TVb*Kk%4~<lbnV4|TlOaaYq(_v7+j-0jb9{qC=$pP#FA
z-GblC(SDD*op!7F{?8bFyyWr^U7tEHYdY#yRJ#q;A2q&?FB+fGna@>jV7POyvaSpM
z*K}1sV|4qde(fhZKWhAgT{ozFwDjERM3dL?RZ-hh1I-`!osK+59IQTV|B6~pjUO!^
z2Rq(rzgPW=s$bL7b&vkuZIzt{vEGihPSWQ+eI9f_*Xj8go!>OQX#Vc>kCOEck5hx!
zGin$2d38P??Kk(*b4I{~X<qdhU8fIx-g4TV>eKV?>>eCmx5L`SYtrB5@lf^Z`B}}c
z+pYVTr@G>`$nSRcwpe{WbNae((;Mx(1p2!Gy$8i{Yk7V@k;mVrV_C2I>vs_ty@tz$
z^G++dd|ED*SGUUR?*sJr7vJvhH+*kB_VaUW`d%|I-ob_k`t$dn^*D0eE}Z*&V(Gjy
z&ZWrjx3vGLTYraRrn8;2U8z6cgN`$u^1Gwo$nTC;%kPd<F6lvQKioSZ`xg4$mw|4d
z85rMbpK9-~K4CqaKWASg_3VN5sP&@r`Qd9K!v{Z~58Rh`_Q`esR`qE<7@dA#Pqo_e
zrCl4Dj?+JNyiq;PJ}ZZDk<Q7hoKs%!C=MStob_tDuSmbxw9JO%-X+<uP`&PaX*><T
ziO#9x{i>kOV_HwzPu=nK9Qwi9Q`39lJhlg;SH36WGdFE!e;yC;yFqd5y)cY}<+Xfj
zPj^1I)4f{wy?J@0-3HgU=Fc5}eGklvdg&U&`O|PsSNB7796SAPmQ#JYKdSQ4^7$y;
zPvS8zJ;U+&Jr>SK-XEFn;C%CY2>pG!(_VDHdFM4;ZpDHbk#^8_HdwFb|6R0UTmEY@
zY&?7q{vFPbKJSnGnRTPxc`ag`TFBwi%B%TOdnu}2|5v>_4(WYrJbpU%h?XBM=XdvW
zzTLQk#zCCt@NhWiSN9{F=P@mZuA|kh<!YpP*0J;BWH*ob<%L$S*StjgW4gY^`DF?p
z?9cKZ^9lVv)d{bX`vO$2rt2=Z=1a#XEx+Pfbne1yzM*jo=Rs(E_89iZJ*1MZw)=tU
zcnp`*v3obolW4~>U-IvTaG#>slhJF`zd`OF)BFt7@7Pbn|4!}EYaY7zKexM+=yyx_
zt|I+j+-E+a{^mEi)UNTnxBE~HILC97{GMF(57izA_HU2*T7HkBsQFiYAJOmYyylPe
z9VdLB+T|W6?eG}c#}D4a?ZfTPaD}T|)6sMXqBB2TCG*K$R4+brLcLALZ+@|a#|PD;
zxU7@y%jh*@G6#+$D)%a#kHP&pf@+^9wp;t+_jw(x$0xtb(s%>&>9ijncRVuw=y>HZ
zH~iS9?={(SPRNY|^*ZfF(|I(X<DYra!18Li#@F9fD{}Z?eR_^SQRg{cx8j}xnx{QR
z{iEs8@m$ZJx!syC&8PM^_qeLzwX)yt#%STu@}=o24khOf*XKZe&#38-rteUB%^$Aj
zdQi7Me+^6z>l9fR=<n~j|9i~g>D;aqo6^{=IIfuW|4GId{hpbwUvyvU)FV0GQ0b`N
z6XYI^r^m5=ce%BkVVXxhh7rI2lW|eqI_{~P!+l2m)ei1*hcY<7CkeXUTkhd}T`<nd
zdCgw33w{qF>x%!*-)~M7JG<j)`4xw<-%#~*z1USz>rM4Xv-38(7sP8`r1<#$xBRX}
z?dPs<eb21*?{;hby&>zUXz8kc&ENYo+1~1&(8umsvVK?pq2xHf&i4WMJd?+;K7EeG
zy}B1!{XTP2w#DfFTF#-$q50BrZ=l;}TIBiMU9N#{NA3h^|BT-L_`I&h@319&pxcSB
z{+>s<oGP#DG4}V!I^Amq%K7`#8)#3jId>b|OYc8--#4YtLHb;z<C3lmK1j6v%O~GC
zbk@I`Uk>+}>SCJ??&F=u{ZaL}+oR@B{der<{AoLUMb=~5-qd{*t-o;(6`fCU=1G-%
zj^g25GtIv~GmM_Ya1S<}3k;Y$+HE>P^T_d$<CrrKm(uTP^>=qZ^E92~@|$d0*W%u*
zZw+_y(Yp=mQO760#Hi)b{GCYmPv9PEI-iL9+htyM%f0+7j?d^de|l)3eN<n=Z>+!9
zT>1@%v)j|}R=r;g=kP6bkC&5Q4tLf|T3?C>&b4;Jc~^Qa)c2Bp!|g)P58^q2<Z%9;
z<oxFC#|P$D^P%an9O8?9-8W?%{C-v2r}k@ZU$_@<1*fC_(e@{!`D?saWZX)p^D$UA
z%kSjX&U#OdqWbIkz1^R3eYwNiWj+4=8?7CEW(<8t(Qj^h(&js0bbNHjOQ!lp|Gu8f
z=MMjr+6TV(K>BrG0rM99UK78^r1XM@$FmqoH)M7{Y4aJ|pDyp8>3-pVzppsqc$+`3
zc~b7v(0W$;B+>fSV+NwvTt@F-Jm!S2xO^(#Ais~){U_Duj<5B`{@(uchTU@hB9Zi9
zUrJE*XgYe%x|jCPob%l5@90xEuTy>f=?sh)-Jjz*=OOj{g4$j88+CtDziXi5J&%v>
z@6YPIr}gHz-Q{%er)l~5ekf<$Yo-l;ubC|Ks_OX}ts|X#P;_0UdQ^_ro%r45gSI|>
zM(0zNQ@6^izuv3G_l!FGv$`*=-_cO{Xz?e}J;-{`l~XRhH_+Sv`$>&IUdpTO%&lML
z)L-kPLe}MOx61KzpwoWbdeX^0Uc=u@aPB#F%jx$N^d4jl{|C)0UUM?dgHAa$T=U_M
zKhTYHn{*D@Bl*C3S<WA`zu!!hb4KoX>aXeW{oY<PL++ta`Gtqt@osSbIG=-`EA{zL
ze-Ay-J-9t-dHFsX+~c>J$02oV{!~uK=?AXl_PLLKkLAvvGY@LKfzQuAQ%Cc)-|VM*
z{qcT*_Wgrq1fBPcF}vvg&XAdK-nW<EosaDKHb1y$xf>8+FI^XDJ_fqcZi3&gzv*_i
zLmT~m!DnVu|Mi;=pOwdbXh|0FJ3!a`rs?QCH+@gDohH_C{$@~m_>Rw2)*UpvFSmMP
z%yd^ibbs<-_a&R?_XPO9m+b5F_~JKwAL!uvaqlauJ*!GMzul*Ee)YLb+kuXE`o37_
zj~{-7V!-ZNewAnU;C8xksVz6w^@%o}q4Sqi!175Ui;ldeuNW=8Gvqn%bb0O`m_O%t
z_PYP1dIs)W4lc)=aW?<>-Z`z;oP23~x1F_Jym&LBVSL{^)0W3?HhL`vOhY=CkHayZ
zP`FRR@qHo*ADI8a`C2abO)z5LSDxR8il_S{x=;G{2M1R_-0twcMcyY3bo&OiL!Bp&
zqTlEF4DUnu4ev_?OyNP6Gn$<%&_-;%#M1i6XYO#-yUsg29t@uUIXwD$K-ZBxPU80y
zG7qSI2ZlTCLic$U_4z=N%Y)yS$a^70^;iAx$bM!kq0byA<4`oYSeZvomwPh5ruU#;
zv*<_M-uU^>>A#wPx4xmCyI9^C|24nsWj%URrL7m#_kjHo$3C1NuQ`$0tIy=pexFD3
z>G=O$+Os=<Y!5s)r`U4&%o~5V>G@6dGZq8pEV(a9<DL8?>yPJ5LG{;s>$uoN<Dz39
zcR6p~0X5L0_loNN>K(50%BpwPG`9QSWWULs?%kAMobQwV<PPt7)#e-bl6;5rKhW(n
zyJ&snF?|08WMn?ezK!KIAF5Z^(f@DP&Dw5MKd(zYa(^m*U)s#+tDKJ8it4ZN|4H+Z
zNABnLnx+BoZJc(~C~~?^RX3v(Z(z8uU!OZ&mDBqZ2fCxjyMork`rgaQ->NA7{rAA0
z!tFut@2>fh?WFai_Siw|58O*D=nmf??;jbx=3&~u@tD0kSRbSFUPbk)9!2%<ko(XT
z-QnNFalRGZ;r#v=zq_IH3LbeMtZuwVqIT}|D@~X0E%z8jx86hhY<ciJMd&l>a(|dx
z?jq?Qj9ybr{bq1_kJEgt^X=g9J7|9P7)5tFhtd9#$1r-$tCFr;?kZ`gj83~$xf@R7
zdQwahc@0<l=(zNaj1O+NTmJD8Y_G8VzSbQ+btH!uCvbhb!*w0$ZlBTo-SNkeUavWZ
z&}THAX#Vc_7k6_09us>Ebo)%-c+Ph;f7LgN?qzi9SN$sj9Dll?+WBUB@9Z_LguX%h
zof==|@00hIuS>rhYJI`+2e04U-^1qT0X$FAzKrudH$7LU=||J2;qLtCIwx8@{$7;(
zo>af#{5j)WwD?ETcMEWOfY4(Gx^b_EoI}w3DY8CYe_<aWoBM^%tLk>kYd&<{?he0h
z6xXxc-yM(l74dswI=|pEi87zM;}uGMKapYc=QBZiF2sFFQT*NUAMWOImAu8++XXdP
zM`*q1djxgs``~GEAEx3D<UA(JJLjp{4*n?5WjH@b>u;w&X#Uo2;QTN;zZX{b{qo%k
zoj3J6V(TVyJk_K1_??rjzt_A#i2J^8xAovRnWtF)fEibA-9dAy#CMlN^|<w_zplUd
zdt4r~Ae-y?Bf6i(-A)I)-SxjK*~a&plO#X7kD~5@={oCO{VvzH=hKnfEALmhzVRHG
z^zC-Lr(Ntu?_WITxnCe#){f%Va%+BGr}IJ1`-F2F*$(dfX#Y{v_$ue#@6>%qZI3Fi
z=KvKoT;DUOzm69={<u-o`|~8W1H1LR3|{%JpU)K1eiQB`qVp#KlYcR{n``MjVvOPM
zLWIoKaz0VZ!})dWuldh(^=tkPgp=O058M3s4eQ5utH}PrgVwL<@4u4kae|yDQ2)ni
zd>K6cYq;jqoqr8?@B6AhpDT0L-R-pBgy(Rw*WmW=j;HC?ujBe)#Qg2DtJ_|G7JI4O
zP~n=cme0Lk;*PI+HC}hG?GGN~?gyHGmE-Z#IVb9N>v>T=Z{joheplm1%U>=1&c|yK
zW#62?tKzor;QCd4I!|eS_4!8MyYTl|yyk+dZ9QNfqICQwMEgQRr^DZS87hA`S4QW!
zy(XE?NBK<iaBlahvL8Lr4ukj0bl)r*@;u?#LFWx!PwF~<U^<Sx+DFg(>v^Z4<Takk
z70LU)6nU<RmvwKlj5{i)_2X`jNwauf*yifTD(|jOt}n0AcER6Y9I8GBm)o5$cRKpM
zMAP}t^`PH1Ie66iQsnQYc#XTi=yz12g=;yYjeG9;(tXvduVA~YTjidl{duq9_a{Di
zF80fFW5DQlQuzB}UfGBANx0wS$@7q+=1<G1?xF0d`I$uPGOywNexKp}e!uMZ2V}oL
z*uUTZ-^y!#w7qHjjCNk`tDo`sJun`=yGiFT@I6}U-}=7KZ(3zMb<6AT+O(W=WSu+z
z(t-MU93DK+UVk&!-?=o74Ia1L?b)6FQ10T(tbVL#3Gw~x+pODXo{{}N_xzyybSosD
zTmOd7ZMmZD>pScF0$D%ndY|1sbISWXelC#j^{9T`k79Y8f2QYIuRJgKOlFkxDQfrI
z=sgC$6E68yf7Kt&&F3IIM$bdsxCh09ea@uwNbdT;{bsVC;?^6@|JO8*dJH4>WxjPh
zb$;i_?~n8x%;5A7cKxsKN&ijnS@k`zU)E{Pd)a8=YA<ac`h2PH(bcWvfy(Q9Fh%ws
z-0szWdM-hKx2LG#s&}5O2YKC(=gITAT}SheW~XTK(foD%(C5!R@*ElskCo?7MLv(?
zk@GQwQGZWzpRBi&<bB0Q@_con_=m(lTDjcz(tGjrdqhdJkMB1}oy>Oo_Hd6G=zs9-
zQuhzE-z#eU4b=`*p3!S=IF-lGfo`9<!S!6C`rYMMx8hK88tyLtQ1NSIoM6O$Sd?)i
zTD`f;{U<q>w~^il4etLpiT?kq_Y&vI@7iym-x=cjYINQJzYB1=^>>Q;`^)#`z8n7i
zuGbt#<D$<TxQ54f{(XGFOuo*#gJwBljJbn;m+3JZ<-B9Gb94Xg`8$1H=ldve9*54q
z;r%A1=a=;HyRgOFuJrf6!zQykPR8{yf3f4g-XGzU{A+xi@09!xv<K>4;_L4xhl!i*
zgzpc_`-kZ=j$KXr6u3|3Lz|w*+#>c)r1Kp<qjq-hcdDMIBHNE~UjZTRfhEMb_;{-i
z=}A5QU)%RYDTkTMcGLZgi_WoboD;pz=F4XmlN;ww8mxc7_$1zoGXL>=ZjVvyzwcAV
zPwkJF(Ru^F8ykSmz9-*jkNchEoVcF1;@^wo{Ngm5zH^UqG=J`QUgLi6uIDGCh3k9y
z|5Z-owSCI=eCKesqq_5A*gb~cqoRLxvD^o5vwu3ZAD?-gerM)4*SyZ*?2q5Skw1R-
zBmVlmd2M%kpQE0`c7NxO@6*6@+WRmg+Nt(4#eY*j^P0cL+jM>M{X6IV>T&Ny=GSAM
zq;`XQI%HkK>G_S`Bb#?7%m0DO=MlNV=XIZw_obhXXL;U7!tYwnu<g%drj29&(7o)Q
zE7&}i-FMM^h;yZXU^#8aL)k;`>s%-8{E(@v??O87;xUXme&G88^1a=T?{PZsUTx89
zdg)xU&uq?R{~yfxc7J})ir<ORxn7?spKaxEujsiP?;i5^n8&ul8+wP5`}eOo9p7}D
zZ|A%)>&5pDTzcQ#Y4v){XLP;@zo(b`DBbRdALIOJ|I_uMwi7)M``xuH$Ir)Jv*UQq
zN1?nI()|nly|S*K9$#+dyhiU;Y%Aq*?Dz-kbGr{#{?o%a{{PqV%`#uQ?K0|oPG9Zh
z#xi;C+&7HN`#qVj>S+GZ{cP=*`nw4IZm8dAe|O{0E@OSXZ;Ri{()kzMV?l^}{|WUz
zSC8DAG`Jr=P3IN$yC}~0N#CIOj^2aSr{fymE91o9_h05q_ruEQ9#W6d@AF3U*L1m^
z`V4<39`o0Yw*3c89AVG|Xn!om_y|MhO!<zs#=rh0EAPZ-dCY$#AMBSOxIgXOue&mj
z>xI+BeZDjf>iKa;?|;shv%k&n1Dx*(t3I{wV^l7`;rhZo{$%IiLD&D+GdRERd}zz<
z+^ZXHKH={i;5+nXHlELTWxS8JP8ry4y{38*$9rv)Mdv%V(bD7Z(L47c>-PY<X#J_*
zbHI1G$?eGTeap^$>lL(L;)J{1f0O4DMUAiRjnBjR%)OJ?PFxRKzaGQiNA((gZ@r1u
zJ6`jMJooAS#9U6NUuwB|y{!G-W7f;>I_&*3F{T0Z4-*20fUzdaq=3>*CMe5fz%LVF
znZP4}M*t@PCjgH$D<QGUOoV$P+-I2*&jM5LDFt0<mV3Tu5<HifHRe)aB~AlWngA%l
za~be5;9@fZ6aXc7s?3?7HKrPV)$pr^UyX?c1waX&TEwpfUkknk={yALHLbp0(*$bv
z{n51e{sjCO?vH_g0Ua=Vd|!j`+STv%WcuSkqd=oQ#r{N338>irLr-b&R?mXqgPxVa
zjh@Qj<DSM~o2Mky=BW=o=_w68<tYR03_b0s3vGtqGoDsZedt-w*3fhC-{R>5?F>Ed
ziHrTYCmvKE`h}-Ew8OI?^txvYs51DDCo%S2@b7~E$Ws#YXHdX9FErd6jveK#4<6!O
z5E|{R4<!M^-kqUTZ(V4Nw*pibI@DVmnuxGtyp_Sp2%iG?Nsu`iVW)WagX%(sUVm&6
zWJ(ZzrgvrVEN^x2Y|wnrIiPdlcOGZ~`18G$u@`t(1uuZR6j%zp2y`+0%Yfyeh2Fa0
zB2b05CH8xu%RrZdmU?%^E(6tpuJV=!mxFEu-2u8A^kZ*DunBk{@F$>V@IM9K4}1W$
z9@GkY2=p*$Bj{(KCqPen+lM^`+6;OI^epH((9gXM!56%%gIm4xgTL@L1z!aJOYhoX
zySF*G%{wpnk~d@c%fMd&e+_yC{0`u&-p1go;C}<Y6ZjhFx1iU(#lv@cONQ?P{vP-i
z=ntraE`+@ed<XO{s2lVi=zY)!pdQd}(1)OpK)s-ky=B2qy~V-5fj$TIf&Kyd0`w)q
z4uHM}AMh0iV|??1Ay6!6I4BM@0yGMg=xYfk0h2)~;KRP6U@G`AzQ$l0C>{Jb;Gyu(
z0Dl<haL{<jX2Smn@Do5sg0kQ@5p)#zNs!M59RoTRayjsu0?Gv)51I<f1D$}d8Nibu
zcQWV{P=T)!)L{yNg}|A>nZP1o5%5&tslZ}jF>nrW4zL9H9nkr{R#0W|yPyk*I!r0T
zF9LrN@M7S_z;a(na1p2ibP4EkUq!ISR~B3X`o3@V$UA(c!A9SVk&V8Rk!yf!fOi4!
z0zQE77T=x`>p-o(&XEs;Hh>-n{Q`ck_=-k#fPMq&1ic3OE$9PK4`{!yYt+9$0e{!1
z9RHq#<NOJpY5t!0Y2fofC&E1gcoOhrV7}iE+LKTKD)RS$_9PS|Y%b!=1%JAKU;OF7
zGyVJH&jg+g`LltSBK%TdHNvZbOAx*USnJ=LP!GJt-<z-&^bqI~(4(MjpjSX$p!Yx@
zf<7YJn~)snO&AM09y9}VA*cd$4d@4;2GEV5CQvh|1+)RQ5%f5y4fH(dMNkLmFM$Nl
z=Yf{szXJ_1F~Qnk2oxJ^jvWRX4$2G88+jsV2I!Pv_sG+N`{GXv?nx*K?vF14ekXXZ
z=h9$;XIpR$<_}}O+3UgVYmD8tuzV1hD*Q0uMB(jr#BmY)2@!lj1V1N&KQn?qKY}k8
zJ_&ePg#XeA{^|(czM|K>*=-lgk3sm85&q9d@OG(XWilZ1rSLZYcIj^YZMp@*+w$5+
zO6zZB>@=PJA<l7u*SJ>ZW6+0q#<Tnikd?RmnLcA~smJdEz@HEPq&3(>6aE@lb{hC{
z_}_Iao~6NCJ@?_+&&n@_|HIhtnF-$NxeI!19<Byoa~*!u34R6m9k>f~F8Ddf+mBj2
z<~;BoDVNQ|8ptf|;{02F2fj&R_1p{or+6N{3cSs;@>b>(e7Do)AyxD&7k=~)afSeV
zEc_Q{<DMw+PeT4D_&x9%@Xv#vio`YlpO41f-tgZB|5Jb9HO&&YbEVfj3Vt{8{L3jG
z(+2)+$Y|N0g!>A-Yqme@Sqgt^hv&iDwDvz|OuO}$yxFbP-SB?^@A`ft{8cx2&4=JW
z6P^34JopnoGR7|D6A(A|Q!e8Q@Ymq?E7n$DLT16$_}v8jY+Y=?y)Sml<2dB=z*oj3
z3*Uj?4IBzy?PKkk;5TO7O?dYS|2N=18=0|fN%KG5%0uS6PjOm@fw%1>AO3Gc?ubk9
z{dtk`A`e#QnaI!kqQ}Zi!0+K9Vva*xwUtflRLIOjz}1j1Mcc6Uw0TooS$kf9-vrp#
zl_wzX$~3RJ9K7|<n}zi}(Aq@X`5Nf?a4qM-%4?fH3^G5*v*4XT%U7dK+H`H18^nfI
zej3VR^KcyewJ#LFe-rk(?t|YP@ak{*X{+&DcIzJ@Z}}kB>(&k=-)js^ht;JM_e|0A
zy!fZ%zK(YAR{otwJmwYQ7bmjKt^ZlrqxmiTFO#^oj?RbM=4Ti1YWRN-{iqxK3h>%C
z%0<Su6U!g-3il(+KZJ85h>m-&&~C97w?DhEX-z>|UkQIL^58)`vifJi-}VvP{=bC%
zZ5dPHe+kA1o1a_2$FIZlEW&LY@O|Jhnc(k*e`b-#?1Riw@Mkm`GYS5dzw=ZNwNooI
z8Z!1L7S?}vEY9(Pw>k~_pw(%|itt@{&bKniUw>V|{Rsv<`+C*-+kVuJXzLJnKlX6o
zMSbLkUmJ5hWLChV4GjRp0`X74|5ot3A(w{!Xl-TrnC0BZ$sdgc(Wqb8ezYF)wv7M6
zyI?DC)6)EG6n-OQtp8^_jClh5lP>?BQjd97WZp+Utqq@d$t=d5>c0?~#Fx>wAd`x8
zZCYf1@LHD75T<#sW5R3L7qj+U0e{=ht^PF;GWSOCcAV0<>mqn$z2ARZ1aJGG%G*A!
z{2LMc?g)Nk1aIy3^;PzZdThgAzmL15kWcIXCEg*u0e%PUklJC)AHcsMHhEuU?rij!
zUg2-Rm~ZW1%cb+n+b;Q=a&VWL$j`ox+k<UalP=-5x*L2P^n4B(YZKM~ndtFIJ`>S!
zz7#!;`OI5+)oE?m@i^PrmgOPrhgq8+CVH@?KxIsqG1C*k_=P@VWn#fw8`?Hw;~w%|
zj~M~9cK#T1Um|!rPX0y4)f1reu+Pz6;g<^j3+%yJJ+{7j4)>bF#9zy0>&W_N!Qa-A
z=F{?bAd;pPdnVh*ru$Ef+g7LLQ(t8nTc@MZFRV>0e+c@E@*g0d$3p)a<mbyQwymvq
zO=}(aeR%et3Yilk%4=onQLdBVUm*TP;OBr}k1>C)@Gs*0gSE{H$PdT-t97~rcDB6r
z{}_Ac3q)ot#yVRr8)x|Uxh$3sgSTzZ+UhC{&KJXP8~CHn!5#{Dt0(;dkEs&=oBJI;
z9qr@__%B7?R{q;Vbz=Ds=Ht6v;(smT-T?k%=+S;*=i(fUldIsr&BOk8fZr{=&Ck`)
zvk+^NA4y!h4zcr{)iV)gZv)z~San+d4Eyc__O@f%vLkuCvi^2VP<bme5;7AduI(=?
zke1bB`6tDn)}IkFI>ufu`mg#m&({f%v3>I<_%B6X?K<Z%@Sh<MKgV9U9p@~6K?}}4
zgP#NW%HbZGf7c-0<yhD4hri{A!*1Vz*RqU*pYlh5zZZ0Q1HMHV;XfI?E$@1~k2)E=
zwU4#c8Q^1)md@j;lFv(FT+8eF!Sbaj+~wkbTcOun0bcF17Q8K^mFWbp_ECS;lYl&E
zT_|s5tWAD$me)KT!~8CpFOGxGc_WZ6;#vMtYz*1?^i1$t7q;w{hY0D>dbBzN_`S?E
zA<QW#=WpNknCrn?|EDl_uN2;{6>kB5FBGi8n13gD%|Eh6{u77eH%#!i^`iPM{~6wY
z+Va}G9f>}UCS;yRT03GqW&`9c|4-~$w}IaVUh{mJ<k{+1-sWHVXCQBRZ8OhD$SZH<
zmEQsR9q{m{c+5`lwv3N<d(2zH4}Vj5=+Sk~`QWV`-h+(gACKV6G3ozF{Fe%E_20A3
zWBvyJd(r-G#yH@O<+N<MV!&Jff1yu}w*KJlS|u#JU7utKf5vxtJ@XlK-ikYP?7HF&
z*yjkWLpE7G;P1y8W;7l?ZM(Jlt*tCS{|s4gh&`>pEpJn?#~cg!x53+bJRZE(^>pE_
z%&Z8R^TAu4Zz9j-!gpYeVe8TQuSI`Rz8T}Bu75UyzeMC;hkTXrcb?7u6Ojk4>xn3v
z<{#a|*fnPZ<k!G|J=%#rL!EH7@YWyc+Hqznc)OO4<f**k|048Qo7=VGufbdWHZ1^+
zCziMQw05@qu;I>lXmzGS&-V~X`@24~psM<xF|Ev3Icx{ZFGI$yO{`2Q#$L-?|D>Zm
z<_PGw{?FsSD*Nn^0A6*@0sj^H%TbWA{wlu_yv>`<gWAoO(dx9%Be{^b{PV+j%&~E8
zyR~Df<uz}%-tDu}bjaI!w`1%nHZA01%Y7d6T7>`dIF5TRWDrbxj;r#T{qX--+Lf)N
zj}dl}jKiOazqQ+!5xgB+>{vPp0XALRkL=iD%VnQ`tsN|%fc3EDKL+X8ZtF$!{4r#T
zQN~|Ezvlm{6dt>7!q{lXu5FO9wz4vo-zm??JHX$XgL}0g{|5NV9mb3bGk*%kz0tzg
zJm~l@U+?g5{K(<YZ*%w`KEZqe@@e%S3O#Q_|AYBn(r@`|FLL;4x3awT*R(9JX<7cs
z7DuM;L5Dv~^5a3}+cMfV5Q~3P-odjg(zP}@7JCIJgSRp}ai?1m_~Vc_D}O3@o6oC}
z&(p!rL0Y!$Jp?|%D!UN(z@@_e@VD|1HL38oyq(9be?6XaZ-I>MQ(L~mI?wW`-@jvy
zz8m}siEG<{t#^GkKMZ>8m=l+VHY_@=jOv6*`^PjpFI)XKZVt}%C_mNm2wV9%&WUAU
zP6DrM7(14Jj>b3%>0928rDseAFJ*rOya)ENWwGfhZ;M?Z`LTQ~WNh4Dfw%Uw{mAYK
z*uJA_%|RO0|H&C>w-I?zTUq@&msy=Q57{qyOgnfx7u$Z+hD|P8uFKILw}7{4U5By#
z&-q+0_L+1^A$TYl4c<PV+H_yD^Dq2Mq05%VKEGIg)M;MxToLpCEXF;S!v7Y}fZM@a
zyV*6*yxFYhBIMyO;Ln79T{GDAz18{I9OMW7mVfCq&hrZx#B6)8`Lxf)wq4n=#g2`3
zOt5;c#yXbP9^n7r^O(YUXg`p*&&ccMv#o3!_%nF5;a>1MrrC9l^|yI@=p5*S`)G_U
zJI-Z(FV4EW4*mq_d}t%?Y!u$E3Eva`o4fHGC;V->y!T?|e-Oj`3h12ski935$NWpt
zU%clrKitoGwsmCJxApM1ZTLzVTRwvUY@2*e<Zawvg133reIeT>waq^de_aP!Ue|}0
z32)a$*59sS?AUJ8)%BQ_v2_h^TIcBc)5_R+;VY~URv;}~M^<JH{`v82a@EDmCp3A@
za^c5;zXANckg@U`p<^BR8r0n_A`|)<&Y*+Wv3&!0Z3A|kKMZB>f&Fb-A-qLByWE&z
zCfh6khRgv^Iic}hLg@Ea5r(|AgmK<03FE!j5GH!BCk%U65~h1^A<XdIL73yan=sec
zM40FMDd7y?gM|6MM+l32thd;=iQFYV);G_``b)*XO#CavztZ<4$yfV0pS2QRC*k!H
zZ@FNDgs+tFRT6)-kIU02a%)AdN#vR(zb(FJDZN(T3xped?Sz|rzanh&y-K**_d4Mg
z-!8(fzPAb6rJUO(oeoK-Q_|Tf{=3A#OZ>ZiZ2um?Uf=tqZ;$UI!o5<CeZD>9?(=<0
zxL@ph!1p=1jsFWmzyAPX$nRNb>pjjNB#ieDCrlLo1O9k&hXPzLaRIKE_yE^SVu0&0
z9ALYo2iPtd0k%tKfbEhMV7p|Co*dDWD|+$*T#qvXTo3tyBucj^Fov)=a42C(fZNHu
z0Jo!7(YHbLZ4!NLlCRB@uPu_Vt&*>H$=7ztSBL276g@jd&o0SVm*lHk^3@~x>Xm%$
zk$mlyd}Rf>U1tZmUFHPYez`%mUtW;yHzUa9&JS|Ai-OV*M7~7i=ZXCMAlrLEknLR>
zWP6td+1?dFws&Qa?OiQ;YDG_-=&6@<mrJ@0LALkGAlrLYknO!%^3xb(d#?><Qav;U
zClWRXk0ERcP9f|Fa(n5NbazU+yCmH%$$z)xzen=lEBW6e`QIz~-zVwzN&ezvtX)T%
z?3g@CFDFLq8Y6a%k?|!)#uxD~ieY;fi+qXTJPDsK;R|B8K1yS_KFUO{LgXq%u3Gfh
z#&A8<#c(~;$8bF?kKuY~h~auzN%;<$RWaQER>yFEY>eUlw>F0RV^a+G!{!*ae}}~D
zlz2NO-Y$vPCGol?UQZ17-(HEoN96X#@c6MWhR2P*7#=r5AsN?0Gs&L0p<==k!7}k*
zDcBm~cD+GxQ;6-~7GnEv4zZoLgxHQ-Lu|+P5ZB9gk?#=sPLbak;`-VZVtaOl*q+@X
zwr5X>?b#b*d*;O2{EjpWV!uOJ8e2j6u88G%Ytt}ppKZgqedY|8b~2pv8IJot$*0FH
zr})irD+pWS8VOtD9w6Khw~261+zY^v35{SqaU)ny{0JEbM{s$=Be)->kKlfkA@Z3b
zpC$6yBA+Ajxg<Z#l#O@`=?pg&gdww9;x!7c9l`CVX$05X_7OZ@bd2C}rgMa~_i)oU
z;sesNf5aX_Gm`cC1w(>yg7JchgdvkNQtUNS`qfAouSUvvHB!c_kzC&5kzC%Ak=$-;
zC48m$ZxB73L{A&(8EN`Penxh!A7%B&n$@Fhy~moyQC#mW<R3DdB)ol;Z6~p2yI{wt
zWs7XRbV>ML@!u!dH>#e({qd|n9MAF71vBD*K;bzOUL^j-gdwv){Hw*kR<JJq28y>z
z!kfjvMdG!I|90{35bTV<nc{Uz_+Ihf7tih9Byc_x6F8q?!jQ=#|B%T|SdI9@O@6`}
z!lH!xNMA_;+kZaca8sJFp2Eu#Hc@!Bgx5*<@`Pt7ydmL53STYZYXzG{t~KEmlG{M(
zg-n}-Z;|l!gq;+=J>hNA(<$M*B)mJ}LkjOn_=Ljui2uHXKJxFA{F_5K{~^NRCjOAG
zDLnBI)|)QjnG&8&{=-eqA;Ah;|1%`KNN~X+Y{$w&tX*SGHDSmsKg71%ShMPoQHY0j
zc8KjyezWC}M7aHC>mkX&fax9`ChQqKhOl>ZI^mwt;|TYT&LG@3`f$R&(V2w%M^7L;
zFglCSBpyZRPs}C^B_2Z<mzYBspE#K?F)^1goH&&*Ju#0kBXK%mX5tLOti+QEvlH_P
za}o;)a}$dQ^Acwh&PXgK%uk$4Sd>^oSe$q|VM*dV!g+~j5zbGXPq-lQT*A`C1;CK0
zOyqH(I+4eL+C*#Dkf}@LaiBht$ARUEJPtG@ay_n0<Z)nCq8(=gxD}M`*(&-w1$T=7
zE^&8Jx&d>5+}H+6;`IGVoPH>Y(~nEy^y8B_{lp|rKb*wrrzdgx8A&`oW+w6cla<8l
zm+T~-A99j-e#lMY^-EsTcd6Vnl6aoWPvUX5D2eCI;v}9oOOkjTo|k0jkC2(4bTP$S
zkW@ifnsgaqSyByQMba|D%A|V2>ZBhK)+XIRSeJA&VSUnS!sSV82pf`qM7T2PCxok#
zS_oGsJw(`;^eExlq$dcQk~R}ICp}NtlJp{BYtqYv8<IK*HzmDB*p~D=!p%v4Al#DF
zO}I5_H(`6yp9r@neL~ogw2!be=^unUlfEL{mGli^SCapG)*jtSv4lNIBMEzxMicHy
z3KQ;48cVn@>2Sinq$3IUCuI{JNIH(tBu^#uC!a_dO3o*YOP)m-pFEc^G5HL_aPoY@
z^yKpiGm<YN%uHTHn3Y^fn4Nq%VNUWDgt^JzC(KJ;PB<fZ1z~>j4+)EsZzC*DZX_&8
zzK3vL@_mH!lOG^lkladGn!J&)EctQ5isYvWE0ebnRww_0ur~Q6!n)*F2<wwO3703o
zLD-P|7U9a|cL`S|_Ykg5{v%;y@?QwoCjX7FDY=iZIr&S%mgIjEwkG>7vGuYcIYhWA
zc?4lw@*#wqlT!${B&QQ@O+JjUJ$VA*_T))~9mzR_oyo@&?o6IexGVV-!mi{Z!tUfb
zggwcp6ZR&bO}Hm{0pZ@{3kmln^Lni>c_F#?Ctpf<Ai0{*q%0-$r(8uCO1YLWE~SAm
zKIJCD#FSeJ!zp(Xrl+hW%t*PHFf-+T!mO0_gxM(@2y;??MwpxO6k%S<bA&Tewi4#2
zY$Gg6`88p2%5MluQg#x~OZh$F{FHYH7o>bZSenvHSeEiJVMWSc2`f|nPFS6?pRhLN
zYr?t|@1?eW>QiC}m#4%LHl!pFu1rZLT$PeWxH=_+urcKb!nG+!5jLe9OW2%}OW2Zf
z0%2>)$%GqHW)f~nDJE=7`3~Xcl(Pu8q?|{%HKmlWJ*Av*d&(t*9Vu0Wohh}1J5#PC
z+?8?-VOPragxx7C342m*A?!`LgK$sE-GqBnnh5u${FJaS<w3&zDUT2yNZCYa!cP+V
z!_N|i!Y>fUh1&_^!@nX-48KYk4!=&A9^OTm5q_I6GyFbbR`?^r?C>7KobacFx#7<V
z^TJ;c&IlhM%n##70jQUvaFDP#Je;s398WkeoJ2T3Jce*V_)x;qa3*0{cp_m%_!z><
z@D#%8a2{c8_$0!*a3NuR_*BB>;S$1z@R@`w!{-vN3SU6DI$TEB82%pN+VEn+rtlKN
z=5QThOZaNS*6?+N8^SjdZVIm=YzyB`xH)_m;g;}^3Acuu3ERW#2)BnHChQ15M%Wo{
zBitE&hHzK-=Y(D1UlMkQw-fe+cM$f5e@nP0{3hYva2Mge@Oy-P;SUM-hyP4?AiS5*
zq<%)|PyHuhDD_{2ajEtoZOFu@1_%>VhY^NTM-ir{CK6_(rV?hRjw8%U9Z#5@nnjqC
zdNg5f>SV&aR9<h)NagiLeyUw>1WZvXuV0E&d3{upYS%{rGf&*}#l0YP8uSEAX{udM
z225G%3FNLwJ&~|7mDiEgsV9-UHuV(3y3_)~m6FaX(u?Om$xkEYCt%h}{H9c1hc>73
zI<zHqCdF?}odpb;o>X2JrH|otO~#m0;Xlk|jwvC`8gmZG)sEryP2Cu~4jN{f##}_<
z&0{VF229%+F7M_sT;46>-YV|)F<jp5W7s|&65dJSA+vJ~+jG|#wrAHEUcYsZ;q_b3
z7|v(!7+$~a8N=(hy<>R&wr>ot-}=Vz`fdLhUcVg}!|OMb#_KnK8kaMa#_PAZG+w{O
zr*Zib(|G+BPUH1kdK$0aGSYbcmYK%ux2!athqBY`JT%heq}9R>BTa7ForHO5j}y*F
z+d-J0)=OBFHfphzD^ANJEJ-^Dh;?Bamw!PTm%lWP%U_np<*!KN@>iyD`K!~o{IzLZ
z{<<_Se|;L4e|Z|0zd>+i8rxx&*kQHUp;7FxR_xFuc4!tmw1^#A#SR<94x7XdZE3uY
z-JHhj*sW>2er-=%PUY%Iv;8k%I@7q`ccyVW*_Foaq$`cvMRywagC3FV6}dekw>NDC
z^aaemv>OTg(rzN$pLR3hfwWr)O?oo*Cx1HkpHMot|G0E+|MBUZUSc};gK#>ho1V`3
z%Sh+^Wu|lfvP3>x<Z{xvpXR1>KP?vd5|N)L?)l`#zCb$HYiT;yYgsziYehQOYh^mu
zYjrx;Yi&B$Yh60mYkfM`>+*E2*M@Yi*Olo~pXuDLSEqBkZcOKPy*8cObyGUG>*jQB
z*DdMXu3OW&U2jO|cD*T`+jU#I)Mq-^=azJSF4-#OXqR$qmvVH7yHngdrChtDTwPQy
zJSU4?dc;n>V%I%n*O1vOdiIH)KGCyZ^c)cTn6Ydh|5&z9Xe`?&ZY<j;ek|K3aV*;>
zJeKW~K32xJv235rv235Lv2360v2355v235*v235bv233iW7$6WW7$4MW7$5%W7$3>
zW4YbW8(UA$H}l8xbK8Qkx1n8zOzBvjhsws<c_?5i#@hCVb=+8PAIryb`)C-;?PJqe
zI}T$XWh}Rg%_6r&<hG8r?I&PXjpKH^dK|ag#&O(k*N(I8JY+h@vEH5ISnsZJtgmYv
z+p&8b+p%YywPV2aj%%cTv}fF1l<&}?oWHn3Sx@|-tfyA|>%_nQP#Jd)wfj*)lbNv=
z@q;ES<Hv;A8TS$9Wc-vcH=~6xFJnF7jEsi~^D{OQ7G-QAEY5g>uq5Lt!g(3b5YEro
zLbxE~1;Wyd7YWNUwh>ljY$vRgd{j$5YAGK9({-4gS3_pr;rtvr|L|8JkN$diCt>N~
zZxEIp{uW`y;qMYw9^OM(efS><H%t625`U}2Z<qMnC4Ps*@09pECB7NY>HEiX`l0ch
ze%yFYKYl!?pE#b=50B^c)5mlA8RP##`N$mqH^Qv(eZYXp8UH1@SBd`BqQ6n}uND1G
zqQ6=6w}}2$(Z7N84>Mik{{?-+Oirf1%3^Nj2w=$MWhN8O$V?-QJA(T|{1MzQ6OZ8j
zm30I^UzHuf?Wp1iZby42aQoUjfycpp6F6Sq1n#%{Cvf}&6SyCmBYFSBe<VK_9ypT2
z8?rJe{gqiq5bn*g{;_85#G~LIZki?@3k;aPiFt(kCr&51(xW)NvZHMJ0kixlZvPEO
zar<vSiuD&y;`c8lllc9|yh;3CVAmw>M|&r++&+=(6S@79W>7i@Ch@ou%4WH^Y%Xtn
zb^(PaX3r+<%$EL|E&Vl{`}w}?(-4mQXWMx$WD<}54&1RO=jgKtbB{icFz;wP?!=lI
zN0*X2|LAgH$W$CH_7M3dk#83H7Ljii`RyXVOXRymzFXvbM7~$#{l{>*GLB(;&J%aN
z;CAuvK8EYHNBpynW%*r##X0QWoWuIMa@Za{;vb&O{w0F7llgr{-Q-KCoQ;z?{wDEn
zBX_LXOyRL+%j7DO+clZ%vuiTfXZK{T&mPg+J6YQ2WUiOJg8L@dQv5!`;b#BjE6JTb
zh4Yy+h1+wkV4nET5X=|<BEe$uFA<z4{`1AXK(JK&%LFR~D+Q}Xu2!&4{OiTNe9Co{
z&xR@d9KUkPjpSZ6WfkG-DQwq9!L@=-Q`k<;qOWBNx7*e!Z08MAZm0O0rrbr?Hii4&
z<|#ZM?3=>%(<k!#r`USJ`ZxE-Bwv!t^YyA+*0(zMcjVtF?zMtVxtzadk#EW6dAv23
z_k}j(@_Cdlaqr3Hbi0n{c-?{r1jAE#{gpnI=f8}pyk5wh%JY7fglA9X`7&oJmnU~B
zuOsp#e1`bvOZ=j#ysjvo%IR(r?3l{q*Pf}Iuf%C=x8iBmKh{)E`vc02_Yc#$32UeA
zCajzGC$dNVG+sw+m?q_##^Yf3G+X}Rrf1qGBp08@^_7^%?K+&t?K(sJGsQnk{Im18
zz2@X`z2@ez-n={>Un}xBy~;c;&&oWucT=9M3&q_oxIK^Svm=k|aX-Z$X&R>YA%7#y
z%IW{S+~Vr#{~~M@chmH*Yps8?xLc=xQ)k^9rhBfn*fu>#xLMp=r-yE|{_W!Km_F=I
z>+YN$_kbPmwx7u5>Nt`6W#@_9pLd>U>wTmtnUMgwk!GG?%Zws&x6W8b@e@zt^GP`;
zGxnXr<v01P*PqXNL;0*XE}z>|e0~eZ&wq%pLgXq%u3F@3^V!~Y`P{zh^LZXwp3m*E
zA)ouh%6x8jtMb{dtMj>?c1k{WivC@qzf1IYi~b(b-z)m}i2l8zf1l{@6aD)||ABlS
zr%eI3cYgu*w@?AElj90_K8r8l{*qY0`?ui&-oH&R;QiZ-0&YiH1#GYE0=8F90oyCL
zfbE(mdS{5<e8D2oUtGZbr=)<_;qwaY{D<e}f=9{D3ksefEG^*Y^0ETnAFe3i{o%?2
z-XE?m;Qis+0^T34E8zX%`hv|Ae|rJfLq`GEbEo8cr{s5+q}L_>-BO-Dk>6jy`;`X@
zp6C1&a(T-Nxx5vHT<?{IT<_I|oL+4q*Lz(d*LQs(*Z1;5uJ49Iu8)<4Y_C;?Y>(B2
zY>&o5elA&C$j>EBh1@@z3;DUErI4RXS_}EPWJ4j3Cz}fSJV{$2pEKE9$m@|Ug|^=Z
zOnc#rC`Z6-FXVlw&O(0P*jXsg@rC@n(N!qV@rCVF?mdNUzrBTA@B73KePW0GVuu4_
z2Q!oH;GfBM2+id7A2*Zj5kHgdkvLPH>t?b&(r0q}ESbsav<hyR$#&l~lkMFm`ZmvG
z`)!$N=L?_NH}fUr7hjQ?`76TxGdqAI&4HP}A-BJX!$U<J9#_QS@kKT~WSWb(oGnF?
zei5g;p@`GjRK)$It%&=}<|6JdTZ&}-ERy|_BDVYXA|7u$ig<qLEaLHaXAzIPnX|Z`
z&6~yP&7Z~TEttjSES<%6E1SjXSIm;}dlt`+)go6b@#+XM9?$BgayQQUh|1L=`a4B#
z=PYi&yCi<sEN;Kuv$)=RB;DRwTu*x>{k?+wX0aXm1ozKkdmNa>_As-#J^N>Kdk)R!
z_8d2x+jIPEwpZe8wpVyIx99ZP+@3RLb9>I5&FwgAHn$Hft5MH5r!t%Emphy7FmJX!
zcRI|(o%$Clci*XhCrm6J*<$NIqxfiG$gG{i_1iRu?cF?w?cFkm?a?}i?Y?0S+hfxl
zwny6>u7}NYxczRK!*=NqeVw9jr|8=y`nu+nP`dj??tsW8&gFcB=W;&M=W;$W=5jtV
z=W;%>=5ju==W;%B=5l|^oh$7^;#WxgN{T<yw9Gw|(%m&z)=_iWUfpxqem!%!J@ty7
zJ(AvD(X&tV_RZz_GISc}H|{jfZ~SRCzt|@|t(MX$IZf)}G)`y!X`If2(>R^d(<HyA
zak(leKF%44zUtF#IwMWu>35R8j?>u=ou_kpJ5Rrl{LLAh5C0j~AM$5BK>pz~IK6E0
zNBcN~<#WZINA8hk?U@@OKhkuc`5IyGnV%De&PrKF`p(KD%scCR!ue-iN7!`MdcxMT
zeoNSO)|Z6)&dPew#)~`qJi^sy|B$fh>}Lp@&+aDNa`uSzR&MY7JYdLVoWteFJcrAd
zbq?2m_BmYcoO8I|bI;*=k2{a;8-E_#H}O0!Z}>d6Z~A#`-;DFvzM1E-zO3_Df71dh
zH`4T6a3Q5%dm*P^cOi$@U&!)};=fk>o5a8QLe5vqg{*(O$aRQZr^xLTxyEwVzqVY`
zFK7MD<)WvY^|Y3AIX9GZIX9Ja`)(_j{#Gvit(^PY)^eUN+RJ%7*j~=_MMpWWXFAJy
zy}q-Y?Xs(!$EmJz9-q3)d3@?A=kckxoX4j<<vc#^E$8uRUpbFYedRnp?Jwu?$-j{6
zA+(U|A#NepL;ONcFL5E~JG_v~m%fn8ow1PZkhzfiQ`SP>56oU@&*7uJF64ce+=X>i
zKY0szoj+qCulw^C@^e7Z!mBB~c;R(~B@1sPoVRcl;rxZS6E0ZD`!}Tv?;>~E!XFb>
zENmvMT)2*~df~%_`xkP39guvQMVxQ{BCfB{A}&wdBCfCaMO<Hd7d=Mt_brn1=Zn~W
z`xlA6MO<!E!SenJKHn0m5PcPG6hFR#>!Yqh+G7Q$zr2FeZxH#F6`cMm(YLyS+e>E!
z+hJ$LGo)`<1-FB)3eHEj=<liEcGO$Jzf*`?%;E8iIo-s?oNjnAr&}!HB@#YQ!sko)
zg2h~p(#4#wvc+7^ip89-%EjCssuy!Rt`mLrqHnqAYY=^_Bz(1mH%j<g32&10nkBs!
zNv~DX+aT#}lJwdZb9px}=6<tfG54FTi@D#lFXn!;eKFgsV==em&c)nsb}r_AvuiQ;
zo36!NPu+{T-}Efze$%^{>wV8+?l*fEbHCZQnEOrNVxHIcFXnmuz+zsfnkt^({Z+hP
z3RQ7`imUoLw~MM@5{9d|p3<who-(Sqo-(Vrp0cXA9<r;r9&)O<9&)R=9`dTV9%fW=
zJ>*xhU5cvMF2z-Bmy#;B%X~?1fuvU|>6J-(6_Q@1q*pEJ)k=DGl3u-}w_MU|kn~nc
zdaES8)m2;%ja6I^Ypb{(nyR=Snya`TTB^7nTC2DoHdJvvY^vgVXshCS*j&Z+u%(LY
zVQUrFLwgn1!}cn!hmI<)hfb-7ol*~7QvPl!e~*;ESIWOf%D-32zfa2FC*|KS<v$?h
zH`Q!!e>K}XRL%B|t7d!0S9AFjtGWE)YA%0zHJ3l5n#-SA&E?Ok=JID(bNO?sx%|1+
zT>iXjF8_>bE`NSCm%pf*%U@E>?P*>$x2O5l+@2Oxb9*YS=Jr%p&F!h8n%h%lwQWxU
zv-k2ay_ei~IX^e`UA}<c|CkyshrfpNAFAQ=dvP^<J}<t8^Osn|&jaBa)}LOpo!WUu
z4d*wrhTDHu4WG}-u3>xS)bRPf+!`)#UJdt`8G`vDUsSV$^cB~zy-Gy?JkdM9hV8IG
z@>^QNzgsG+VS889@Oi{a(NkUXThdos!{^89YPcWO*YJ77<u!Z`u|eck)^NXGRm1&v
zbq&`?V-45$+8Uk*nrgURG)uZIQvTK&ZkHQG-=>;3DgCw@Sr^ps`{*r_?pCo!yQH&S
z(&-TS&Kf>%xl`P`B)u+)*Ddzxsp+D0dc|&gB!7Er_`Kylu}fbKx5xcbp9iF#%@VFR
z{}OILp(Q_}b`iHk+W8W;N8*zAD4p;UJ};NPMB4chZV#DDxP50W;pfF{k<VGe<;Y#a
z{Wot3x3d{bq@9ag(Gsqo;w9X!N|x~WI&TTLqxqs|!4j^|(j{D9WumV_@>#ir>$O_S
zQ7h%DTf*m2>z8o5SuW`|NIEM;?<z@W^%8E!jZ3&au9bLABG)YWZ;^brO1U>I;d<V*
zg!@t35*gnloh?$ntz@s^rlj^m*mby>SNjR!{MtUUbM8{<FH3nnHDl@5@DG^UrMCa#
z_m4|?JTO=Ac+hYK|9)@f6>P`V;%*do(-q!U8?X5a9yeO9;Blk%3T~g9B)m<+H%s^y
z32(oG&mnFX|BfqoeCfP`=c`>3-X-DP65b=>dnA0XgzuB^J_$c?1)sAu%XmBuEn|0_
zxD%JfQ2xWq;s`Uuohk0@WeMb;vy9JG<}FJm_l#xSKJ%AxK8u#gyeZ-HBz(SvFOcxE
zWoZ<@Vp#@ZwYY1=UBB!I@?XA;?b#rDRxac5VYP%eO88m{Z<6qqWn6!)%eekFh+Nw;
z`~Es)HcR*x3O~l!HiEk^j`A4Gj|Tlzc>KKGY!!Yy_+JS>3H<McpAx~J7{SkskUtIl
zyCQ#fgv<pI{37sw7nv&XV<&NbmVrMC{2bs<KsG;kz1`2F>6#ls$4<q)$-vt{w%nG#
zTlkk<yp^woe1jkN8Hmh|Ajj#RhVS!+n12;AGll;IyuCNZ>W#_sn3mzp*CB5+M;P-0
z{D&j%jS>9I5&Zbkj?Bztj++GeMYw0c>O2yBS-PXM;ZWuuh5i=d{|LT4f-lQ-WXuuF
zTbYaqzGZ?VlYgWmQx?J73qNfhY+Ct8MaV?(w+Md<%Dz$fa`1DGX89k2zfAac@Y_!?
z=4t4(b<uDl%OqrbOb__S;BVVcKJE%ozAS=oh~Qfy__C87`GyESGv7(;<=LFp#jxi`
zr!&72yieLhGx(Jij{N$ooO-$OdWWC6!r|wDxAyr8<@#9o#1o+Z21jQ64;_Bd%?`gl
zf^R|Nw0d%3hxQ2mWxU_f_VZB$ABzTT<)<O7mz$YiF&W=UTgUv_@Sli16)RH-zH9^Y
z7eoKdjm$rX@-B+tKW=0H{gCnD;xbKl4tT5Q$I!FmDMw}pD$)9HvHqJK|2fY({4LKp
z{KpaeqURm`w}7{LY`Q(*e*@mOjX6Je{5MAM?Z}vwUk>>jw>o`!<}Vzb8^K$dcWv2U
zWd1S8H$?C)!oLasmTgX2AHT%>u<6Lp%T9iJ-evzWN8^r&Zsr?v(Witz7yci=$No8p
z8~Z-<W#COO^VdQqbC1);DkAvS2);Lx-|NU{e(La-d3jvB5&AcdVBXqr#UaewZ;-5u
z;I~EayCZndXh;6A2)-bKFOT5YB{}ljBKX}AyeHX_IV^%Nh~Ud3_!SX+LAn#SJc3^l
z!LN(pw?*)~BY4kPN6%pqd_e@?0vp+O@_W=vPb3eUs((WP^RdTZT$<1PEbyK+eE+O%
ztA|DK1+THpo6xr{f-m^3<8SX?vHC|Jk2=a{eiC?30rRJU?<r%x5@}_WGk+8KGU4wB
z-x9%REM%EitxN>JZY}#SfzI7OVZPC()y({};13i21MmgHho&OkK9>2rO)K9=dCol+
zV^o2|=bz5}W$@2G!`I(`TjsI<TKJny%-cNYNAN9+{iM_8xjlk!sAB(T5Vx$_-><VL
zf^WFo@i#RN-*Bs=vn7JhxXtm;kKh~bXaBd5R>h<K{<*2;3HIL)|At>MKRyTf|0VNw
zJn7lS{KeM)*UUcvzP-bdY56_#?biQ8=0nFp=bs~F{_XJX{s7tJILNdIn7;&kMv!@%
zZhMU5Z$gfL&q(HPhJ0DPBh!<>yw%x~6zI2S!$e2k<Tx^A^O%1G@(t%Y^5#7D|2_PB
zzUTPoU&8+Xu==ld{4-Xv|A@)RbED(m6T#cd40X)U0B`$6HstdkWPSnojP=ahIj(FI
z^UqlSCzyZV$_xKB_=X6+C4z6*?8x^%8|bg=j9;+7&1cJY=FgpicH7DP_2Bb`-w3`z
z__x6K2>%uM);~KsTe5=v<!ZoXP_|rSFeaFzn71~}n997(e@`CsHV-DB`FzNi3BMG4
zOQ9p5U*yPVo*L{gOY2;RFPrDcXI#p>Z9kb+j!aPmUlGCkuXSWv?{oN~<_P{}htE7d
zrauq8Qysoyn!|6;b9n!W5&S6*UlhTwEO7iY=Q@1F=?=gBI)~4^K7zl^;kP$BJXSZT
ziJt~Nc(TRqf<RpCWF7$88?9P^Sdio9Adg7|J_y7mP-Z<a9oPyS2Yd*a0el#U#kP3_
zm<8Mb%m!`*<^UfB<^dlA&H!!#<^z8QECN0bECxOSECIFw%YaV;aTv%v1*``?4O|Y~
z3~T^C12p)1*1Cbu0oMYz0KWk~Z^ON~Rn&$9U$AaJo|3E^_zUX}8S|n=6#SPKQPB3_
znb3YQ=m5wz#rdEGpesOkgB}2V1i}@`bT`&a;Q64dK)AxoYzI966F&rc4D=kR9rPOL
zZP5Fmzk>QeUxH$gn<UUU&;_7{ph{33=m#JS;pQIDHqhIkPeGr9Fig^2xU+%hfEIx&
zL3N<zpqoIqgYE{kf}R7Ro12$F=%(g#&;ih}puyORF$a_jnhiPwbPlK<)Bw5-gl3Og
zwl!j{h&%N_Z-G7reFX}{z#brU12YS>6!d-2O3)_I&q3QkZ-Tl(e+2CZeGT%XCXzvE
zpbXFvplr}&P#)-H&}>i%=t58hs0wriXdP%1Xe;O+paY;0v3PC-9SxcSnhrVzGzWAB
z=seJcpbF3xpsPUFgI0nb0zC`b4(bB+fc_2&48t8>pz)w1LHVG$pff<rKv#oq2Hg(2
z8?+Ae1n9S*cR_yweGd8x<QWcIfzm-apjn{PLEi<Hfi44G3A!G18)yw^Bj_2>o1njd
z4uB@1>&^z90lES780baNcF-R|{|3e5Svwt+3pxoj3v@B)Hqcw3zk<F1eGLkZL?-|p
z3Yr8u4^$1h0dx;&9cT+^2k32(XB6Z?lRzhe=7KH(EdkvGx&zb#+64MJXgg>Z=mXH-
zLEnJl(ECP%(m)eHIiTsFQ$R(a1)z&Tmx3+_T@AV(^h3~Hpk~kp&~u=6(CeW0LCFcQ
zDd-Z=i=dsL4?rUiK^p_*faZa&1HBFUE69hTF9S3cbS`Ki=yK3<&<fCM(1W1epaY;7
z43Wv8xuA1E7lCR(*MQnUuYukKy$|{r^f~Ao&~RLiodr4ubR%dDs0s8Ks0;KV=wj@J
zRDza*ZUVgk+75aZ^bTk*$diKp3pxZ824#S<K*xcmgRTRu1l<n$DQG=tGpHT(3FtGB
z52Ic(XaZ<5=zLHas1j5I`ab9fpvOU*L4BaIRM-`CHRuM=y`c4=pMjnRZ3A_JdO?2$
zeF6F!bo3bXN6-nN63{uIGSHQv4WK7MFMzgzc7omo?FRiBv=5Y+hW#(lL{JWBI;a3t
z0=fva5OgW%a?lFUEui~AEuf8{r$MiQx<Q|VMq^4l6qFD84(MFaMW9PT*MjZ>-3w|3
zJr3FodKvU8=nc>ZpkC15Kwp47V=?xCW`GJo<)AA;*Mn{bJp|eW+6>wXY6raz>H@t7
z`Vh1S^f%ByKwp8r0fjK-jsV&3=#BwR038RK4k`eh3i>Xn98?3U2i*Z`20a352fYq@
z7xV=v276_RpedkJK*gZbLGwZ11yzIULDzw92Q`7VfVx0mfRZ!N&OpVW?}2UrtpeQx
zdH~c0dJeP=^fu^2&|c61(CEWZ2GC)kDWF17HE0FsHqbiIBcL|W^Pt~=-T?K0{sj6I
z^bgQCpyb2R=0OucxuEkwe*w)KkNN|x2X%oy0DS`b2k7ujloM17x)F3YDEkPc4f+*m
zH)tQ|pP-lt7%xDHpc6r5pj$xqfbIvigLZ&+f&K(CN8*l7&;(Epr~ot%v<$QYbO&f1
z=rPc9pm#vufPz_=TR=yE3P5LoE&we9-3s~*=rhpdiO4(Xa?s<TU7*iEDMw+P1YHAK
z1zH389cVu&WfH<b*MM#Y-3q!BbRXzJ&|{$IL0^F~veAY>H-df)>H_^6G~#Hq4^SQG
z8PL0+4?%wh{S9;g6g&oX3mOMH8dL{r2K^rNDd>=6(Oy7{LDzzA12uzQ26cko1N{;7
z8R#oeFb88AXaXn?bT#M!&_ke4Kz*QpgT^0+@c?upXfCJ*bRB37s0s8C=qb?4px=Rd
zL7##C2?|U`Tl|06dlTR&s()d-*O^H|X0i<-laLUSNk}F$kxfK40U;~`vI~fah=>RX
zh{z@)vhT8q2#AP)i0mRFvdbo$h=|B0A|N0lA|TuMbhka{UMsJq_4)qmy;ZlU=iyhU
zr%#_gefsq2Ee$!45BI?XP#apq<M1Rr3;p0_7!DKQO_&QyVGA6AAK^AAWob8%3}v7y
z)Q85<3Z8<l@I3T`VK5FB!jEth)N;HV03HZJS*Q%PpaDDr-Qh)e1xCYb@D{uaOJD<h
z2K(SNB$lU%LREMeT0;lu27O=zjDt5|9xR8=uphpK({Kr#_cEq{iqHg}f*$Y!41(#f
z5<Z6Q@HPAhH{dR~Do{UA4ALMA0#F7jzynYl8bJ#f3sc~ISP7rNCfE*p;7d3OXW=(c
z?qgg52~Yy^;68W|9)>pX4D^KlFaoB)JFp5i!XEe<PQqFE8PtkwQ%Hx(Py^~iOXvXI
zp)ZVp*Wevk4C`PU?1y7;8h(Q7a0iOsPk#<gpcV9i*I*HBfjw{xE`VH#HUUZChg_%#
zb)hvp3C}<;7zkrwD$Ig~@DXf*U2qV-h0|~WuEH&FRAxQF59Od5G=Qe?I6MvAp*Qr0
z!7v=g!X%guvtb@Af{m~f_Q6;1Eqn)O;V1YNeg~-v%Z4Hl3yF{c_d`8s0Ue+xybQx&
zJiHDI;ZxWLhv5YL2$$g++yO^b>KaNyDG0#>PzTyT2j~pX!%Hw4UWd0}0ek>!U=!?w
z18@S)!mn@_ywzwQkONhqHgtrsFcaQ`)vy6RhcDnP#6Cd(S&VJT{|%uTw1#=G0zQV#
zZ~!jARd83Qzl8v_gvX!@yadBwF?<XgU>h8Q@8LXL0l5a_M@WUTPzN4^r=TAUgQ@Tq
zyayZLYq$w&O^yo?4=E6Ud!ZWChj!2h2E!Pb3=3fs?1fYCGhB!G2iZrV98`h&&=}f5
zH+TVtz<AgNKfnc$YtdF99?~EHWuPk5g(u)?=m~>h63l{S@G)$I1Mm%;fS=$FxN1|k
zkO0Y03PMm0sz3p>fG6P@cn)5G0q_cpfN?Mr=E5>q4eMYt?0~&+5RSlgkPBEBC<>{N
z2{oWDG=fLqF?bTXLSJ|V=D}iE4eMYp9E1~a1#Ux;I+PijLObXN6JafEgne)XF2W7a
z>(U+}10I8Cpf9`&@56Ff3mah@?1!)67@P;=1AR_NhWnv8OoT<S6ZXMzxB$06sn0P0
zf>0J7geLG9JO#aABFuzkuoDi$&)|HBI)fAlLRoka9)gz87J9%kSPfsmNw@+L4H%a|
z8U&ywG=Qei3cA1`m=3dH5v+sFumcXldB|)?+lR_f7n(pD=mkSzG)#k;@Gh)@?XVBN
zf^Xq_xCl2uZA96?1GS+IbccR06kdbbFb@{Nhwuq}2A{)CP#>l*f^-N%WvBzsKra{!
zBVar%g)Oif&caWiHs<&Y>2MEJgNLCtJON#y7mS6eunG>tRnVHyH-HyXArGoSLudm}
zz(5!ei{VQ+3TNO3#5U!)4Ovhcs=~9-AI8F)@E)v#-EaU-!bSKE5}VO>AprM64X6VR
z;Sp#DouLN|gx6s{d<dVxUN{6N;WxMgk<D2jNC7{The}WYO`tt=g+VYJrowVq3wz)Y
z9EA(;JE$$#zEBJ@p)6E|I?xo_K}YBY&%;abDvW{G;B|N#-iPJz5v+qB;R?jGWWRtE
z$b=x2g^ExOYC$7t3GJa1bb&!I5vIW+SOz;`AAAMJ;WV6w>u?u}JVGA~DNqsuP!1YE
zGk6R-K{x0JBVj7chb6EUHp3qH8qUKVh;GIB97@6cPy^~gYj^^lgMly%UV}H_Em#0c
z;S<;dJK+Evfs1e*?trs3`9n5ThPv<ww1ZyoGR%hg@DXf;gYYe!hAW`7p}j&fWI;3N
z4Bep*41(b>0j9!SSO_1%2KWL_zz^^XT!%a0e3bQv1W1KaP!Xy_J$M+}!L#rpybL2?
z987`PFb@{N3Rnx9VHX^LBXA1N!*!6_(q14HvLFPNp$<F@&7m!HglC~Q41|#|0p5W3
zU@h!~{cr?M!WsApZbI~9>_<=>{1AllPz?&8Ikbh2&=q>a02l&eU=D1C9dH_w+Hvj%
zb)hk|gO1P*rofx99JatWa2?dg*=CRgc~A#>z;yTow!luf2sc4)&zJz>AsbZ5xO-xJ
zCqa{(L=pV+a2p|pF9*j;#kq5m#`o{Cq+}i-N|AC&DZ^cpvZR)iGNtm8U#i5^s!VMt
zRhL>xHKfP*?rjI|h;)$(q+Z++d6DP321<>kSNJylt5S1mxYR-#Aw40Dl%A4CNl#0o
zdDd&9^o%r_Io{;k^K+!G(n6`5v_$GIt&*PO>#;qg^-@o13%PBRdP{qxKGHs^uk<Ck
z9+zH{PLT6=JRf#S8YZ14*B{9BoHSm#AWe|2lJjkHzAH_UG<mwD%Wp_7d6pC@&y%9$
zg_2u-Px8ns`BLm^zAE&w6en+z;^obfPu?OW%iE;l@^-1DyhF;6cT1V_9?387m9pgh
zd^Pn8DNp`V%9p>F%E_mtit-QA{qh;9vV2ymDxZ_8$v;XD$QPs<@=sDd`I6K?{#j}$
zUzS?PzesK5E7D`~uhP@<Z_*3$4XKZOQ|c=#azD9<JV5rygXB2*WjR59MfS?C%0=bT
zaxr<F?2})UQ{*Xfs{FcKLVi;&DbJQO<+*Z}{H|O|eoxMo7t49_GC3r#l<$#0lFP_z
z<#O_R`CfUGe4qT8e80Ryt}O4CtIGT22jnm18uB5zmV896Eq^Z;$QR@~@=tPI`8T<~
zd|iG>mX!u_gwjxsQX0weN@LlpG?7!4rgE0jOfID~m+w(p$Yqq4^8HFHxw6t)uBEh*
z8z_&;jg+=>OQoIMN_kv<LTN8QqdXx$t8|c`S31fsC{M|Qluq(+rL#Ozc}9Ls=_0?O
zJj=riUFCO_?()0JbMg|UhrC+pDX&p_$s3j4@@C})`E#X@{H5}u{FTyIKBn}OPbdTA
zQ_4&78Rcd9N97gyCuOL7Ss5l@QHIOEDkJ2p%1HS)Wt4nP87*H|#>h96aq{oVMERyN
zS-z!AmG3C8%XgJGxOq53men_9MV%#U>RYm|&XFDJT-m9<BfHdh<p_0w9I3u1N2!bD
zX!Qd*MqMt)sw-r#x>7E#ekiA^AIWLz$8v_cUd~iE$bNN`98fpQL3N9KkGfSZqi&bW
zse9#n)i31=>LK|)^{`w~Jt9|9kII$#ENoTvJGq8>O0KDXFV|9kkZY@#<pTA0xsG~M
zuBYCXA5tZyi7G42RYiGRRh9OtrgTsp%9E;7d0LH7x~WB!=Twi<Lyb{-s$S)JwV3jP
z>Qnlv$x1)9xH3>pRfekR$}lxU8KGt>Bh_qWlv+v|t>!6X)Sxm}%~!^$_bB7l^2$WD
zqB2#jrc6^GP+nK7D>Kv@%1re^Wwu(NyrtGr=BV|RchrW;LiJ%~k=j^UtTs_TP@5`C
z)Mm<3wYjoPZJ{hzTPiEmN0gOnD`l11TKQ0IqpVgRRX$Q5Q`V^Ml#kWNm9=Vn<rB4=
zvQF)xe5&?R)~nAe8`R#)M)d_{liE+&qV`v|ssog5>Of_W`jWC&9i;42Usm?3gOxAT
zSCj+l5anz2RpncCsB%;trW{j;D<{+u%J=F><p*_?a!wts{HTsm&Z}dU3+g!KqB>sr
zS)HI<RwpXIsIMu%s*{x8)XB>4>J;UsI#s!)PE#c9bw$>uD~dKtQMK8MLwiecX>*h)
z?QO-a%~fKxca%77o|2%wt9Z5fN>OcrlBg|IifQjDK5dbbqP?%AY9A<>+7cy8TdI`O
zmMJ;fawS(=sRXoDN}l$i64X{JA#IJ4uYIhP)7C2YYU`8=+Na8W+6JYfwo$oX+oV+1
zHY-)Mtx7fRGvxton^IlduGG|aC=Y5om0H>^r9k^!siW;y>S=qFhqOaVL+xv&k#<;V
ztbL<2(T*rhwQrSX+EJysc1&rZ9amavCzMCDlS(V?JEgUDN@=5guRN-qR@!PmC{Jo<
zl+M~&rJHt6>80IJp4V<Ey)~!$g62|R)FRY=T9i6KE26%nMXN7s9`zM1MtxO_RflSE
z>ToSy9ib(tBQ>u&N-L_4(Gt~hS}}FJmZVP5eClgjvN}miQ73Du>QpUFou-vgr)%lz
z46UR(Q_E0iYnkd>nqQrxWvO$uY;~SiN}aFes0*}Qb)gne7ioFw`&vj{tmUg8X!oc~
zwX*7Rt(>}2E3ba2-K&12RZu_H?o-!l71edx{pzP$C3U@4S>32rQ8#N<)h${zb*uJ(
zx=pLDZr5t4JG7eWPVGT;msU&tT&u0_)(X@;S{-$-R#)Ap)l>It_0=!5htvaF1NBR-
zp?Xkjq<*D6tRB)Dt6ytP)Wcd+^&733dPHlkeyg=mk7_N|W7;F?ajlhlLTjy_)Y_=u
zX^*O>w6^ML?J@NSt(|&C>#CmBx~V^E-PQBjbLs`Hhk8-#rT(lvuU^%9tJk&u>hIb>
z^|r=0QuX1gtdCSReU$3dN2@M<oEo7|R^9p(HAbJNdi9xVF@2Wm)8A2(^>@`&eSun1
z|3LNYOVm>Oay3U^spjgd)R6wMdXK(Vt*mcWtLUGpRrPIZHGRAKpuR(`t?yFn>Yu9*
z>ATg2`X053zE^Fg?^m1a2h<k&S86N$klI@RR((uAs<zjUs~z<d>eKp3^*Q}J^?Ch!
z^+o-(`jUQD9i(4U2kXD6uj<#-q53U#n0{LwrAyjqUDL+t5!ysOQk$YjYtwbN_NMO9
z=IOE8yLz0qKu^$?>t1c8o~W(WleG1EhPF}9)HdmUZL^-GZPBx}t$LpJnI6)%>G|3Y
zy|lJVFRSg*D`<Q5O4>fXiuR@cfcCXsT|2Bd)xOc2Yv1ZEw4-`U?U>$5JE6DMPU>y6
z@AS6X8T|?EoZeA8uRpI{&|lIn>4UV(`e5yf{)+aiK192rzpDMN57lnz!?fG_aP6)>
zLQ@<gHPtanb2vt8PRAI{?HH?h9OJZD$9OHy@tT(4n4}eTOxBVdQ#7Ars+QuIrlmSw
z*U}v`v|PuVTApL37Ie(g$~oTF?sdGQRdBqk-RGFERdOuQsyG&E4>;b_syp7-YC0Bc
zwH+U5^&CsIha5|_MvfI)bH_@prDK)Gw{EmY9c#4593N|sJ3i5#aIDjwbbP8k<=CKg
za%|K(JGN+D99y+Mj?c7yj_ulD$1ZJ%W3M*Mv0t0u_(FTlaX_2o_)?qf_*$FdIIK-`
z9MNVvj%srp$Fz4G$F=#6liEVZciMZ7AGF1eGum>;S#6c$oc5vPN9_~GdF@lj1#P?I
zvbMu<RomsbrhV?Xq3v<}uI+Q&)V^@s(!O%s*1mS!(T+IoYR4Rse%vAJCmgE&okP>V
zcj)?QheJQ(aO&qBF8!h-Qvb;jrT^k6qF-@D>%TeN`W=TySDZ1r?u^x=oN;=bGeJ*q
zdi7$?qI!xmQBQRy>FG|Np5aW<{m$Zgwlh^P<xJCaoh9^qXS!b6SyC_S%+T+3X6luk
zS$Z{RDg6Owj$XrAMz85Ct3T*0r`L9t*9)BY>h+x!^oGv+^v2GLdUNOf`XkOtdMjsT
zy^XVq{;0F6-q!hm-p=`;{)Dr(-oaU*cXZa#pK{jKJ2~s=ot+QsU7U^euFht9cV`Q|
zr?aKr+u2I*<7}h%bv~;1ced3BIv>+ta<<b4IUm;tJD<>pI6LUCI-k^sIXmjZolof_
zot^YC&S&&-&Mx|RXIK3-XE%M4v%5ac`JDcSvxoksvzI>0`Mmy?v$sCi*;ile?58ht
z_SaW92k2{@1NF7em-KbcLHei8m-P+K!TKiWEBaRF5PiGzReh&(n7+$7Lf`Eisqb};
z(!X|&)(<<!=qH@x^^?vC`uEO>`VY?6^s~-M`Z?!h{ep9f{*!a6e%U!q|IPWje$6>u
zzwUfP|J^x5zwLZemt8Y;)iq0Zxn}D{TyN<yt~t8b^|qeqnyV+d-qDj?^Yr4bcl9*a
zd_BXpK=->A>e;UM^jy~>J?MI0&vz}>%ey|%?{zKF?{h8HtGSlx)m_W=nywXkfoqjs
z&-J1Hkn1D8k!y|K#I;s$=K4f$=~}0^c73Y1ac$Heb8XSvySC~bT%YM3UEB0duI+jk
z*Dk%Q>vR1%*B-sUYrp=I>kEC5>wx}>>ySRw^|e0Sbyy$cI;M|voz%y>zSAeW&g#=$
z=kzyRKk74Fzv#1ESM}Mh-}JX#H}!e0Tl##L)A63m<#^v!*71R>oMVZryknW`KF3N|
zCC7)Z%8rj*RU99?syf!W>N-AkZFH=6aklv#XLf#B;yTwRo~t#Z*hE>%HX}!KMGBfx
z2ahb3F{7Lp<v-?l`Bi(~7gzGFZ*ywjvG(so+R#{@B{Qe~ddQAyZQ!eZX4=_r_y(pK
z?HIrp70qb-*LKdedD8mfKTR!c8TZWO3a|OQ{^6*w<sP|h=Ui~ej&g_c6+m;|cHwBo
z39eX}X~y^dtVk?ZEbVrhy+&n9@GV$#j>4AlaVMUaGpCArIht(GyR5jq<|TL-uB-Vw
zu{1G9VYOD+T8f&S-b<ExnfZyF3yU`LX~Vwe@5UbH+K(CC7mf;Bt|-;lM`h_Ha}Mt%
z-f=LakHgW+JX1c>Oq*I+`J)ZhqSmZBof2NgHy5}TV*bu(5!SZ!7T9eq<|20_%&8?_
zRsQ(hx$wNAEJf=mf6QAdJnx;)?Gh{=p-9usTyC<ZXPZ&w8g^MKs`eJlF3Yzr&8cat
z?3Vp=xQ!2F4y&%(ea>}j^LJ;%(b^~Z7OR<de78MyO?cjZpV?`jKWev#*Gt+_%jUAQ
z$edT3W=H?_9Out+&&6CuVN1I)z+Ubo9+0%k^4BH!xAQBkRDWH9e`k&Zvfb7u@Wipz
zCoYPyqwX1sw8X5nO^@5#x6g;Nw8~6-_-k2OYevSrR$sS+?+b4<)2ei`+x^<<_I`ec
zr|Yej(`TZc_V`zJ+gQgO*1Uf`hsgQw=GTeGU#*s1HOh|q_u$LSW=TbvD^FFVon~6f
z1iLK8x>==qW4xXAZ<nC3{0gg=!q%g(dH=e0jWyr*r)?x^vascfW&HJ)`RDT%Hplv3
z?W3tT#%@F3r`wS@LcAS5mVGru`J?S7oZ()Ixo-WJ*==n>sv;dU)5H-cRKw2imzQMe
zh&lD-T;9DgqZ7lq8f-?3bVa&oM&E>^X?yJ!+lb{}F{hT*>^-0kX*bL?qtCYXDA7}Y
zw2XTZ=2TJACcW*Wl~|(=^SO4LWsFcF!abL9<g|`aqV%scvFmD?TlwP{x>mLK+U1R8
zDay>{yUX@*U!;Bhl3fSWe&kBC`McA{WGT^%jH5<zGny0b<rnR<*Zk4}J9;}D4gSJT
ztCeDxw0!tzaO(-Xqz{GD_O-Cnh7Gbu0978dw_8M}eaxF1-o8Wloz;V^yDtB6M0}q<
z$0~iD5_YfBgDAr+{Una@)=~G%C+yME<G1YE=sMJ1%TG8?TSqWs-?!G>*i&-MT#TrU
z8C9=o*K<3?j>P^Uj`4f?%2Gvhj#-R0tC`W!r|cTv>f^iBW?Es<hQqQ{?@v=jyKlFJ
zdmZM~la$5kcV|<U7G_%46uY&579RDL4eu#p6x2MNCR(RhMhos8SnYH`c<&Lp%-CaZ
zX_233ljRxBwKdCfZ+KpjvnaDDY1i=HGi;W<eU}kgN9@8zo2A2RnHfILTx)92kxZX$
z&HE|uDO<<$db}NNrM2H=_Yrpo+i5?3%X2kmnYXhqSijpwOYHoow8DN@Sbl}&QrPd3
zOWP$V%jL@M=F+|nmt|c~?kt&UAHQfvk8HHZW^*sv(J`ZSn!U<^x%Rq={KPWGy<zVk
zB2E16)SLF2`-<36R<a$9%CIBj?~z)4Y?asTXmxmx5;=?QG1+Nv)oBausIWOi>Hqn>
z-6q?0@ORgv9HWu`X6?QouD@YR?0Rms)Q*;%w4=k}XmdEa7>+iCqaVYO{u}T5n#(B7
z_O*JhL;LN$=K@D7D@{ZqKapmP^{nkX>H}FCVdi(0zWvW>FI2Io9y!ImUGsOw9OKRC
zw?(ov)r@{5vX)y|TJ#!wt1hPwtS#LwntPPyyr0t|tmtf%J@vfLj-I;T?%~9?6fI1&
z4bcun+xY7iQCKejiDmpdCH>!Ac&;Pd!~NUs;D2K6igqtbU)Ub-&-=B)>RI&sqIVp{
z@y+T5{<^;}tVjA!EaQK64T&}`>gwO#3jecfNYsm{tAD$O{u9gi->ty=I^oe_VZFuw
zy&4iNM{Mc;ZA1Tcdx&}wb@gx8(Eq*d`=2QNe_|Q`TSNb~P5x*5i2ua){ZB08|E05?
z!mhBC{>{EZuxcaM*UYoU65QpnqJ;4Mo_crft8f22$_igGENtEfUbfG%#ne*I@z;^e
zvWPShebmC9V?jCld|FIRO|Y-{i?o*A`Ac4Z%CE5BJ<`v<{x>aLX5&hrb&auSGy7_z
zxF#r;F=dP_EisqTkvq#)^l&SCw7z(>otAWldokwk#MQ=`WfW<xnU?phJ%`ApcR1%?
z$a$l+i~@TtjjNa2%(Tr{>?;$SKCz=6Ywc)5xCEjs^PZQb-R8XgZ`kcXMF0F=mbm62
z?m7G-*|nx5+1I$Ay-jVH*S_j{Wa)ref=KROTlZ{4T6#}=EsgtI*6(ihvU3r2FY2JM
zNUWup<2cU-SZn^B*S_a^ZJR6|GRv~4p53lO0~P70nfAa6`>N!vXuB+B!oNE|%HF=Y
z5AjzD%{fvYu-oa2=Xf&SO#AV1`(9<Rp<OS_SWBxm#C6;LY%S|b(U)v}D>@yH)_U!n
zvpU=DB_h^NE37QNzOwg#<*(aUdroH9Ie*9946A$+Ey7ybiHGgz(MEPjYq5V=`$F+>
zG@yZ<c8i>?sa3gqXhm5g73rM0<`at8%P{U=T3dPqSDmdjH?EahSFQF>wIgxOa>#r3
zK3G_pMftK*?R}xJvi#i8E`hPlt@S-W)UH3#Hg-hWYyR;^_Hw7QM_sbEYB>7qJzng|
z3;QY3Rde19u3g`>YJ)4na<<I9qW?sHP*Bm{=EhSN)|!h*^cx~=&YSk{L?nLqRJiS~
z4fnu*y_TW}ULL-ZD)Rfgb#)K-_^fs{o&L(Y4pLZ}*yF`AmM)bgr&;5oAMd%tz8e3}
z`?|?b+jrdi*0=Y7Mt5W>+FZtpmUfzGSN~4bfIA`9nv3YKbN=h!4d;4xoLS~JW$bqU
z*O76rt(ZB-KCZ@Fy~Rfy!BWjM5oLXCKe^KFZF`><d$$-FB~Q1fitAhvGwkEhnxG<O
znmHTS`K>;}xXy1y)wt^>N{|~affb2djK0MB-K*g{r~~PxtTb`l7bO+t6J<8aa?jr=
zi&%!ZUt#3Z-Q4#@zb5X*EX`A-d(E7^^^`xJ_YqswsM9}BtuV^21EZu?&c^R5hwH$K
z#2Sh95cN`6of^5+_)}R5OA|SZx-#y5SzE@at2+P3x|;cty*)w>JIZ;3r~J%O!4+DB
z6}72lAJz7jwYT)SaMWXzA~iIZA&s`9XNN0NGc&ErFgp@yVw)E*F0r=$`MUNoK-AFd
z$LvzQ%~9N1qfX&_Xl<FdwYiL^pSO?QMh!h~ris=h(h7^3gzvjt_|;xF<9PX$nM>fJ
z-8a?XUb$5QQF>9T{^6<OcZF@4WpCMA=K1j6*sZ^vvsiP{I>mk-!8q3Hcb~pvp9lQ^
zi9~NJo+uMfnHBbwlo+iWcdxBG)#8{UriwIims{*dg`I2s-Kqcf?+Po+-%b1HWf61y
z+fl(5S$fuNu?ND@Ki|IpZ_XjkLko*UP5#~O_MiBjC{^X~a|$BuucN<PzQS@TY~FwV
zyNltzSj<~k&VM&e<RYTKJ8xmX6S;`!@BZ$uw?|>Q{M%{&PMHfUmB=}TC(nAC{eeik
z74EY|+W$tzU+l7v`(niX*Y#ptx3HcD4~EaY3hSFTrrS9eHWm;^`)OP4<9S?yJw8~F
zW=E65Pmo*-KS3hq5M#Y6m*qd6FA-BWSF*=16Nd3O56p3$Km7dK{qtq%1+$eDHno0H
zMH*mE6~EgM&SgL$xfC{aayS>`Nw!za{5G8CX&W<|#dSUFNl$S;D6Z=n^=wVeX9Q|R
zMw+!ATKMXlct-9L&qQ0lyUR5#Ya3;><7vo0t%sPy#i-AEk3h_EAJ@68Ty}P`uh{gT
zq)3y^Tzora>2))Dbew$-_Qeo;xub}z<u(jQ!D{xi)7_8B(kye{-Ot!hS6&Q1FKWDb
z@Qyh(?*)4;3tNVm`qplHOnA=-{yu{_@4E0d>Kooh6T@4<cph`9`8)CKB`?+gaW-qL
zxm9}cB(JEeZ^AjR4d?uRIOo6K`h`6YEJ|Q()iq|RjHkw}GXk;A#hy~wek9IA#T?>{
zYRf_Us-N++@OpC@BUsv2GZJ&?yoX_p?_*gvs}96ek)KEtWfA53>$2>q%r_POv|J-U
zYkdoNmeV@liVi=2YSe~Rs&~0^XZ>z3rQdJnBG#zxXZE?8*jggZs9kFgF;%2>4nNUt
zoNF91a~5YY;v7e;xk!65eBR>@pU?O>6Sm6SB%Jn4I4!ZIUC$yv<GQl7Zeop$Ucjmi
z{&d72Q^)qSw_CjncG{PZ$kI`>%<~^oq*G=j)>71(sExwv@Aq)sucY5NXXdi6oFZK^
zBT-kP1Y)^jX~w))!*f{e+1TH1nrY%HooM&s3jKxGWl1SzT#FPXHO@m_X4;a`isUvU
z(OyI=F<OrGG_#mjthuODvF1jp63qPmx>O=RQM=+PZ?Wb^{aGattx3#VmVVN@T6Q!X
zi8?JBzRM$)A?7Wte67Y5k{{QRtYzG$@3i)AkxOCiMbvJ)EA}(=#hvz(>4hy<tgom^
zQM;nX#d1ZxB;9A1&#3$4zft#vmEg-Mc26yqQOsfY8!MyjzQlLkzCJ0YigyMkb+Uga
z*631odml8)SMvW@zI`t!f852Z&fSb0^LIv+Z$^JT?_W<faw%`-^3`m+EF#Jezbzrs
z)SCA1n$fdbJxEIUD!aJTx|d$mY8#?IP5zlL4w(C8xzl!kFX~_`V+L#LV@$P1Eg#pi
zM+M^<GyFNfvAK3n-Gsi_8a;?PPAm4j%fq>d+7SIgVQH<B?UrL4ajdc!M;t3MuKHP#
zaRt|kT+C6)tV!c|WTid5!+vWuhO4z!nm8jc_D1WNXI#s*#vrdRkojxHMvrvzEjz8o
z96J*8j?TAhWBU_!t23^&{ZYI3*w2dp-K(&Zrzlc^x!h=?24+;1sHqtlIkz&Si5>0d
z{?CT*W*FPodhUN2BO_~#L|OJ6x3{!5(SA!qthtX7l$fKPxeVjoQY#wA+nycGw86R^
z-EiB>h>udFF6Pvm)Kw2N67SNc(l#FT8#QU{Z&uwK@5uHEFJqt?8F$32v90lDiS@gZ
zC-~b~=G0E~O(V@nyn!s<&^kg%$D32@F|T#}?c3fy)-L4==@fISD3!4^Q7UWi5%1C(
z?~cqc=P=$>wxSu7#d^Eic+1&}manpxb|O4F+$!<iCv)Ea@-|Vpe9gm0d*dFYRl7#Z
zw#qE7VvA9g*gwR+FXp|(`{#Gf+P&7_E=%G7I}$zIPToJCZ<cBm%eCsN`+QkiY^Gi2
z8EY%;{%E@|F>1p~o7K+V9{aeTV%6HVs`h^QRTVoD?`?MuPtB#BTD6f;!hW}^$aTi;
z=5nuHv!ff6Wod<(X1qPW#*B=2=B+kqyhm@fjiud{KT7b#=XU!u-uSZeo5?#))*Q#S
z+qG-F^KG?V<BfVNdOp0q8H_fq`V-?iG5#}Jo%M#f*uHt(k+tez)>6CfC$r71Tttl*
z&^D}AEZVbZ<D#t<OR-zn1m4uM+S-44Gkbyj$6MH<-HSKx#U4<f`_9(VjQ9PlT*TDE
zN>x}{3TyWwmxv0SLzr7;XJ6%ytrg9hTdhR2Fww4#P^zuw9HIoGHvV}X6t@40H~)<O
z&+5IGg~v2vjJcY<*19URj{ReoS*ns8nXG6&Y5UEz)a~}(bEk#fUQQ5Mzk76peJq<^
zUil-f&T{?&ra7-M9<ti$9PY?kWl4R6F}gXm^d|cVQI^O$N`AZ19?O^Ez0XtT@7`gA
zV)X~&&dOG<l2|SK>^!?=KfBA`1M<V~mL89?_uu(k4Y1}ASGL6+4sq9`uzMZGyR=qo
zGTx=NBI8|JD-vsIY*j058T<J;v-HMWwbpWtcU7&a##^<Q%&DR^8E^hwHPeiDX{{?U
zh2>|w4{PNoTF!regVx%o4>BIImLZla-kTN6702#gBkdXzM@ccYu;bg5@KLf9ZOuBy
z7uF`ldK9)N8@-BkycAa)j5p=~d^8Zp0OM|{)gr_kiGA$0X3T4~HIeo<XVzBvjAKO$
z^9bP%A6K7S$KQT5>)triv~m{F5n895V;r&HWB+iPk(gSqxxIg+RJ6xFej=;gA3x7u
z!8GS6$6gU{MlI9qWqcIw$3=f?oZVR^74>puw7m?`*2abRt>c^tTT3gf&lYFpmpyi^
zbuDg3YP=ooOtm9l_^iCJrKLBs+xUCm+U<GFP`l;KW^`kf{+Pqws$%QU_StF1RYa>^
zjQ6aqt^dB)j+(J=S!rV4V=H7S$*eyuoU=F%?(b@E^W!hrwNWDcJ29dVZD_<w{uZ>E
zUtuk_D_7~PW2mTuM<25LusuAtWVJA{4~o%<u_s$?H|c4+uiL?B#M<}MI6JoX&{;hc
z$#0fmT!JhG%*at)kxHA9)1^oi%&35?gH_B(ya_B?@n=QsUe9=5&nlIuwdFjYQ`4N+
zcw^XFuJM+$wQm3Y-C=90@y2jna}IGl+JD^Ms-mvMI9Alvae8H|q-oSaBQqD{7;5Eg
zj2*2=ymu^0D&Cd8&G^(RpLqIC^h2c<*du`Nf90<%n|rOX4_af^W|QnA(>BI5cg_8L
zGEsB0EF#Ug%GAb8t2WS{x5-p{x#CD?9EGeSQ(;G;iQyjeS4IHV5wR!R+?t~e`B_mZ
z>eQNghR7;a9-{|q1p2^Sd%KB}wpwN9(!aJnuV{%QXo=R{e`7t`o9kiJq*Vt)nAeIv
zXKxfO!s^#P+iC9~+u!Ez3z+kY+7<n2pEtP<Vonv~h|!FEtul+Uh_q)K*g1=|1>rI4
zxb61X_P`Fi#TuhhtGAfM=-TR)f1{7BY;L!F*260E=*#46mSrkYUo(p5Nr^#b)Pm&>
zHKY4kx6x)a>%X;oE5A6#2NTVypN8jnnmyT?SCm<-n}}vb+hrbAVE4~i;WNHD;j~IT
z^Eu62M*Yw2IcBnqnP%E;_K&${)I_)2S{BhlGp#>ICacD$g(G8BW$g<?!(;hP;aU^h
zP4sZ$oJrgb62BAosQ!8m@yyeey7qWuk%(w@))>TS8&+Ru^cGgj7JZ^I&RJrvTdRdU
zV{Jw+vt_KF@NN2owPxDw1fD83BhiXQE<>x@?Mn1WAF^+4Gv^Q^3ga5ybhG6|(dw*o
zlG5QwjChPA>~3@3*0c!g+RexZ?Z~)RV6D*vej~2zSZUS6Wmyr9nvAv2!HQS2OPavh
zwzcOyMlM!aj59CmOvE_zvLbP{ThwIY6#H0_9zKgM7tW=yIqLRNqyy#}{Se-}#Tor@
z#^~0Td6;p|Ve@yQu0(#n(u%FMd~1R|M`5Er<GR#wGZ%3#F8cAU@5s_wbLx=rQM`P3
zgd&dEzIW|W?!#PLw~qG4ILxZGuHiJ1vxo{?#!T}2$z1L~&u>h)))E+({CVsxri$KC
zj88?Hh~5d0L7wH>p|wVZO%-eOMY#0E3t98R*7vXH*!MkOsWEFqj1<HkW!x#WN@e_w
z8S9w*9KFi#<{Y9_&(Qv?yPL*!bZd<H5__37uQ4K%a*c8E70v@3W+di)=Oka7HPgJ0
z+e;I<TxNV=^=o2|pV%AY%sIsG#L^CYVV^A;_d2Y8^0g>?d=<s$x|lida*oMXD;DK5
z?xh;z6~2_fU!Te}qer;YYDI;OK#ePb*7_QIinagVA3o>wa1^qZ;R+uEq62nXan3cY
z-f`{%J58*mxL;e?S{l7iu30{@<^#D}YxP57-9&z3s#u!1cPzH=oh*C%8t-seZQK|!
z{<*b_F}m0nL=9bF&8>a4urazQOJOB7?jqk~uG>E!!HcWs#u{12b8()0s1qXvGv_kl
zs|%^Lh{|S~I3JwEUQy#Of0t9rXeGwesaD&l+t+Tp?FaDmtT}JBZ}^IU8TAjR-QSs~
zUClJ(=+exL<}t2oZAQjBFxDKs_?<OX90$djf9M!rL^kIb&X~d4%f#=J=5a^SEZ^_p
z^GhH3S#2YQ$hrzUfb#`wMBxh0(f6!<)P0a+?NjD5)`i>drf}O8Wr-yhtIV^*M>^wt
z|5<Zh;|UF`e4;GIIk9zQH~MjF?-55A(PI{NFUvTl^fYs>ztBGViR0F-N9?iuli@4x
z=fkDC_KJPf_%a-|qODowoB4wswG2m97_D1%Q13&=ljd^YWTZdHj3TGnM{MJmY>hyT
zda<J31@a&B_GSER^$cPg?cvC7)xp78_U{T?hLPV;b7`VZZ-&p%-shU7)hlakE$gqY
zJwarRmL`YO#JKLCU(@>MbNrVP@@Mv2AL4K68C!6)xkloz1Bxf7dR(+?^0SimsOsRi
zcI0u|Q)B4stTUSnU)yIfJD#@hP);~%Umd)-%${nrFzfvpV+&gIKHS3IE2@;Ue^*%A
zz({)z(N2wRF3zncm}@k@x1Haw9LuczO&lS_vqyh7O*}heJPBhx{bc-QJS!4oBx8@V
zo_nzWx}qYL;EN;*UlcLENs`SMNsMo?JBf4nE(zBTq$pfQipJ&mP6_w^_)3W))#pp^
ztOH*v;Vzn#h#N{txDnqiq2J)ECG<;tvqa(hA?diEl!5#6^%C|9mZL~7vjjyNECui@
zQV<W3^6{%IQ;~-A#S_ZU_f8bPE>Z!HmMY@eEMJk{;$wdb-zlkvKbETFwR{6bkv@@X
z;Z1x8MUgi16%<9<K}i+9UeW;Xr*w++1z$!{Bw22X9ddK*lv`q#+zLm?ZE&P)JpUgh
zx5LqLdmJlwzyY}<t|oWFE#%Jlak&dM)*kc3mE4uM16HIb<?h5CF+GFagSZn`_y$QY
z;?7u+o{@VKcfpGEqTGkLFQ%^KzQp}8XNGcr;(?g@kp~jLirLrYLBzu_btMlb9)W3n
z@(|)tm>QFZ5|6=(G*%u?JPvawN*;+P$fHS_h!yEIc`WfH%yVe+c;YEok*3NMiKk&j
zdR?AGJRK|28}bx9L!L&;n^=)%@~s!1KErGyc?R)Ym^UZnnZ!%6A}y0=6EDZy-H_)H
zuf&S9N}fynAy%Z-d?!YhKEiBYc|P&SnC;8AV`S+QtVrwRMZ}+CMOrT}Cf<NK<CB*V
zZ^CSSc^UB*Ov#lMc)GF*zoD$gGn6&>O=T^=nTa{RDeLfi%6hy=*@)j)Hsi&Lali2c
z%yN}&_)}#EUa#!Jo0Q#5-Ha7!i?SDQRrZte8Rq(pasYp>9K>HLhwwq=F#bw8g1=Rc
z^2?)Gk&Y?H@p0uODJQTZeXpFtr<K##p`O7`^&EDo=W&#J5f@P}@%w13Nb%}roS<I8
zUiB(2re4EI>J5J5!`vNIZ{ke#HukG`ahA%5XQXVE|D;lwJy+FnW7UaUsuB1RH43*<
zqw!;^2S1_4;)QBFUZ;BTb~O?2RFm*7H5q@d7RS5QG`vqu#|PC6{FUm*htzC*T+P9!
z)Byfo4dT;kKK?;1jnAlM@maMzKBrcogg;_Mx}a9X7u8DmC$$Q`tX9LnsMYax9@|i)
zTWT$QTP?tM)VlbtS|3YV11xKeu%b04PZd+ET2maUHOEm}OI$>2g`>4L*sZn2UacKY
z(%NI6)&VDL9dWAG38!hD$*lyYZnZABl-3pJXx(wH)&rN(df{?fZ(LsMgYVV&4v|zr
z>yPi#2I8vPApC$f7+2SZ;2PRcTvHp4YiT2KZEZ9z(8l71+IZZEM-JF(+9cdWn}VD2
zN1N%RwCT8|HUmGS&BR@`*|@(p2M^HZ;(^*c{E{{wPtX?PiP|Fknzk5E(w5-K+A=&v
zTY;x)tMD{!HGW-NgQsh2@tfK@{DHO}FVQwq8%r^Jy|$TnIcBfXwi0i^v=eO`-ly%r
z-)Ot=S#38yr|rc*YWwkd?Et=@9mE&4L%5-Sm>e2m+NyqpxG`p}^`pd1F~=SKIB|1K
z4d^F{TVh(Weu}si=E}8xn)oTKNS*XE#7|>I>ZYH={q*y=zkU%9&@VA{Af}e|%XpA}
z1;4Cc#e?;0Onn8@KkGM$U&ZvX`c3?rej9Jo@8a#ctZ+Qi`M8j@Q`hn5x)bl$Bk*r}
z6uzcM<LkNyYmQj#cEsa!hgXrM2OWvHmLmz*b|jPD(oq~g?nuKQI@0ksjtqR=;m5_C
z**M9WgMH2bPId-yiZdUlI!og;XIWg%Ssqt#R>1c=E8_ajO86mX72MES4L|Ixj+;Ac
z;`Yv3xRbL0KkuxIUv$>T{hbZ)KxZR7$k`Z=bT-AKoXzoQXG=WZ*$Pi^w!ssfZSj0(
zJN%xrJznGNfY&=a;&aYUxJN{1+%uvJ?iJA$KOfN@_m1d+`$qJ_10#Clmm>P$K@olN
z%MtzY;D~{ENW>sKG-5Cw7BK|B6)_Yqj~I?uM2y5MBSzy@5o7U(5##adh>7^4h)MYK
zh$(n?#5BAof-e_IM<Qn6?;~d7vk|lLxrjOVe8gOQAz~iB7%?CJ6tNIridcj%M=Zv_
zL@dF#B9`IX5i9VWh*j7Vxf;hruEDX9YjJ+$I($#$dR#hkBQ6)Y8JCaTifct~!?h!K
z;DX3qxK8A5TsLwrZW_5CH;+7kTSOkjEh7)%M<Ng7R*^?=>&T<HP2_R>Sma6EF7gz9
zJn}StD)J2O6nPH!h&+!6M_$D5L|(%4A}{03kyr4o$g8x;+n9BUyheN%D^g<A4dP;$
zb{KV&*oSF{QMZXxFl!Wbm$*D;Y#AkU_pWl3iXVt#SCOhmIq`#05x7=V6s{c=jSHeY
zxK30ot{WAP>qU8S!>B~uC@Kj*9F>f_L>0%+My28IQR(=(s0=(h%8$oHW#h3?Ie1o7
z0MCvJ;<uvm@tUa8_~WRucwJO^{ApALd^oBi{wAstJ`z<0{~A>dUyZ7cuSeCyH==6c
zgdzplTcj>7TBJVCFVX<tQ=}0tTcj~ASEMO!RD|!2Ne>rki5nMbg`X|b26rve7C%>{
z9qv)2Jswk}10GwXBOX_z6P{nBGhR@n3tm*DD}KL7cf74g54^odFTA5jZ~T3cKKOKz
zzW8jB{`g#xfjA<15RQx<jH9B5;LPZu*dIL{mx>;VbD~G%2cyU0TG8Wi?dXZPee@*!
zMD!HgF?t$)DtbB|96bZS5<L?SiJpyTM$f^sqUYi{(ev=z(ev@T=!N*x=tX#a^kRG{
zdI|nIdKo?vy#jw5y$VOTSK~<c8XWCji{0*ZxVU>gPIYg@Y3|LqgnKJacW=Wv?j1PS
zy$grjyK%mIFTTgUAD4C?z-8PAaas2ve4qO;uIN63tGkcl8t&t`w)-S5aG%0;+^2C}
z_ZeKzeGb=mpT`foFXG1TOSr51GVbQSf_u2H;-2nnc(D5he#Lzg4{_hdue$Hzp>A1Y
z%ewjSoHWj@<Ja6yJjoq_C%dEY6n8Y9>h|Di?pXY$J08z;d+|JXB3|fD!tc40@gjF|
z{JuL4FLtNn58N4eiQA7?y0h^rcMjg~4&X1`L444ikH2!4#;4t7@el6u_>8*(KI^WC
z&$%n%U))vj6?Zj!&0QT|ch|%>+_muU?gD(%T^HYS*T=G_0aiSXaHOX(j`B3c9#3-|
z<7tUwJ*{w@rwxwxw8aUYb~wq?9{W5Ua7j-`oZ;z&vpt=0DNh%i<LQcXJ>7A@(*x&u
zdg0QZ-nfjX4{qq`iyL|R<0hVgxT$9le!?>tckm3sPkM&pj-KK8DbGmU%`+Nz_l(88
zJmc~6o{6}(XA*wFGX?kYOv5jFrsIL08Tcj7Ogzjp8xQx)!J|EM@fgoMJk~QGkMk_V
z<2{S;1kYkT#j^xY^(@27JuC1E&no<(XEk2!S%W|Gti{_r>+p8Zdc4E45%2VD#s@rG
z@gdJP{IzEXKJ3|rzwzwGM?8D+x1Rm@sOJFw&T|l-@*KkFJ%{lH&k_8y=P17HIgWqv
zoWxf=r|_?y)A*|A4F2774&U^g$B8i)aj}?7I63ArPKmjK12I=|Ud%NdjJbhBF*k93
z%x!#M%w1eDM&_zTl^7LQ<-=8+YsWb812GY}dQ23q5fhCIV)(X|R3|1DcZ`Y0PsMm~
z=a@wNOiU8)8<ULt#T3W=W76<|m~=caCIb(P@#En!*?4qJ4jvN|z++>Acw9_A9v@R0
zPlzdtr^J-UQ)4RNSuqvy?3hY;ZcG*YPE0jCFQz(vH>M_@A5#l2h$+B}W9s4$V(R0a
zF%9spm_~R{Ok=z^rYSxa(;Od<X^Bt7w8AH2+TibE+T!yu?eK+|_W0+R4)}6RNBm1n
zCwwKQGyXNE3%(lD75^U79p8-Ufz{YvSc~nAU9o*|L~LIi8QUL6#SX+pVh7>q*ugk1
zb_kA-9g6RX9ga)Kj>P3+N8|FbWATHr<8iIniMV#`BwP?X1=oq4h8xFD$4z2q;1;nn
zam(1*_>tH-xK-?2+&Xq1ZWB8nKOVafw~t+fJI5}@&%`dl-C~#F?y)QIbFr&%kJ#0?
zXY3l>D|RjJ8@mqoi(QXjiQR~Y#BRo~#%{&4W4GbAVt3%VvAgg)vAgm5*u8i|?0&p4
z_5eN>dk`OwJ%qoDJ&aGq9>H;OM{#`Iahwo$65kVd3YU&MjmyTJ!S}_T!v%5Yanrbq
z`0=<)xOd!T{BqnC{94>qJTvYZo*#DuzZZ8CFNwR2H^tq>TjFG%G1?W!M@OZ-aXQ`~
z=fq#eMc|`xQTTXVG(H#S!RO;*@h@@l_-dRN--=7bx8stqBR(0s;)~<R_%vKBJ{>oW
z&%n*%{kVC2Hf|Z8gP)EM;Lh<u{7ig4?h;=bKO0{bcZ)BNpNp@6d&XCEa6b#v@5NWb
zFUMEGQ{t=PsqxkE8}T*qjQCo3U3>xFA72-L6JH-6iEn_vjc<gH#y7^t<D24>@y*Hk
zJ4_3YZ;5}2Z-uYNx4}2!+v4Bj+u=L$?eX3C4p>j<h#d)?usfkM_9S${!Gx~3YC?D1
zA)yC;A)yz3F`+jek<bTEPUwrLB=pDcCk(`k69(ZA5(eWX2}AIjgrRtS!f?DHVI(Eo
zh&f6ojK&ud#*%Uo(?Y!CaVhUaoa3E@gWf4P<ei4gdZ*)Z-Wj;OcP75qI~!N<&cXM2
z=i=txdF0jtb3F3S#~r*2aTo6*{H%8|?&@8FyLp%4?%oynIqxdm!@C;y^sd3Zyle6E
z-gUUQcRha5yAcoYZpH(>Tk#O@Hayz91CR0U!ehO=@i^~ZJlVS+Pw^hWQ@scAH18q&
zy7w@i?mdEMdXM5+-sAXv?@7GgdkXLHp2j=9XYfJqIsBFPJpSH$5uf&6!asN~<E!2)
z_@?(NzU94!Z+mZGXVIJ3RrEHFD0&x17L}d!S4H_8uT-QcC(lxJQ73j6jo^B}2QzXg
z8imt}M&nXNJ-ANMSlpm!JRVZii^mmB#9N9c;m?XD<1dOD?`9n<nud=TO~==YX5i~Z
z{rE=FY#g7MgR>F?xO!p`_e{*kFD918eG|*#eu?GrsKg3*OkzbmKCu#>m{<kROss|%
zBv!}E6KmoXiM8;`!~(oIu`b?{SRZdqY=E~XHo`j+8?$yhu_CoC))YThtU2ybtR;T3
zSS$Qgu{O9zv9`Exv3B^CV(syWVjb|fVjc0+Vx92JVx95aVqNfpVqNi)V%_nEVm<JY
zV!iO`V!iQC#roiD#ronZN&Rt)q=ERUq(Qhx(qQ~T(h%G~X(%3$G#tN{G!jou8jYtV
zjm2*#jmLA7CgOLJCgFKWQ}DY<)A0PH>3BiX4E#aTOuQ;-HeQ=F2X9E4i#H|B!`qYQ
z;~hy0@y?`0cvsS5{CUz6yf<kX-j}oj?@wBVzerk*4<)U^N0Zj#?~~Ty(@E>`g`|!6
zV$x>(Q_@y^DQO%2Eole7mb451p0pd^OxlZYCGE#9-vJ!!JBW+=4&fx<VVveWf=l?0
z;&k6}oaH--1HMzZwC^-7<2!@z^_{~NeCKf`-$h*6cL`VVUB*>?SMY<rtGK{-4cGJC
z!1aAM@k74bxPk93ZtjzLp0kZl#ch2$?&33^@O;)6fxG&maCcuce$MB?y?n9wd0#y4
z?epS3zC`?@FA4YcCF23U;&`Ah4Zq||$FKM@@Gzer5BFu`(Y_o!&KJOwd_g?Lmyf6U
zO5@jkW$_!n@_2@?0)ER^5zp~e!teU3;Q794c!94vUg)cd-}BYNi+lz6BVS#-##bM&
z^)<ks_!{9)eU0%ZUsJrz*BpQ8Yl*-1wZg}IZSZ%#w)j_HJABpG9{=X+fUo&F;_JRn
zE?K&PIcoSiV>!7CR+GEp$mH%gI=Kf<NbZG;CHKZj$$fCi<i7ac<o>uq@<9Ax@*w<3
z@?hLEc?j;6JQVj$9*##PkHl{!kH&M7$Kv;s$K!3u6Y=)sNqA546udWi8vZ7EIzEy-
z11F};#3fQ@<Mfm{I5%Z3E}JqBS5BFa>!d8iO;Z-(M^hH#r&E^T-YLuQ%PA}HsFYQB
zTFPoXJ7o=Ckg^spOj(DQrmV-yQa0k{DVy<%l&yGW$~J0g6=qzNvIB2Q*@ZW!?8aMC
z_TsH6`}xghn7u6J06vg%5Pz9+2p>#2jK4}b!fy^?#!)Fp@%Jgm@#&P4_=l8J_)N-a
zesdPH_obY{wThp^^^2d!Zx+9ZXBNMNKPY|~FDZTnZ!CTlZz_Hb?<sx*?=5~4pDlhH
zpDTVBOQ~`M+c%Yuwo8$zTws-=Qk^(CH3Da*Mqz(yG|o%);IgT)xMFHNu9@n^52hyK
zj;TqwQ))8ql3E;hPff#pQ`2$3)C@c^)sNpu&BpJf=HPj$0lY3Xh_|HXM^IO(rHS{Y
zmc{#1%j1)&74Ubd74f;$O8CdrD)>rjHGDI*I#$zaVlAx}j!P@R@o9B&dRl#4GOYnF
zoz@87o7NcDOKXbjr!~jT(puuyX{~VQv^Ka`T3h^lT01->tv!A<tpk2Dts|b9)(L-{
z))}u&>w-T^>x#Ffb;k$Odf>0pdg0?~z3~reeejvIzW7dBf2@}nh+QQH;fNB0ade3x
z*j-{MPAoATXO|d>?<p~wIw_6Wn@Wtu4N8p1jY~|#-AhcuFP4~s$CQ|cXO@_b-zhNz
zFD)?>e_LWUK3!rC{<Xwhtf$Yz-t_r6C4C{zPG5wpr!U5h)0f~b>C5oo^c8qQ`YJp(
zeKlU0z6O7qz7}suUxz<WUyl!`Z^S3lH{%QGTk-AmZTL?54(utp3zsOl8{b!QFP>C#
zKb~Cj0G?j*Af8$B5PrMlVZ6BH5&S{Pqj*Wl<9J2MlXzvxQ+QR$)A+-ZXYlHh=kS`6
z=kdoSFXFW&FX441FXK;3UcqNeUd881Uc={0-oRH&-o(F^yp6Awyo+NpWS&PTk)h)B
z3>{}=IB_r|0*5l9aDGNKzBj{zt7ODR%2HKK%gKnxZ8E&LZAKz~EF%fG%Sgt(GK%Bp
zGt%&&jCA~JMg|_5;m5-=vhnbY96T>0fZxps;`cN1@r{hq`1g#m_*O=Fmgvi@fRi&T
z;*`uvI3u$P&djWa{h8HqR%T6HF0&RcpILzK&8&+b%B+tYWH!JJGaHd-lg!5WvCO8V
zw8M;8GMnR0nJw|tnXPc=%r>}tW?S4NvmJglvppV~*#QsB?1+bFcETevJL8d=UGS*P
zu6RslcRV(;2OgK%3y;t2jVEOG!E-bF;-516<Exp*^B^}e2jN?pgYoUmA^1+_P<%IY
zI9B{4vF;y@UH-8+!ap8I`X}N9|0JB~pMs0|r{NU;be!g&flK;l;!OW+?Dx;XS^l{=
z*FO&j{PS_Xe<3d8Uxe@VFUA%8OYnXEWw?fa1upQf!gc(sab5o!T+hE2H}S8-P5tX}
zGyg{1%D)-6_HV^){M&F_{|?;IzY9O*-;F!@_u^;$`*BzQ0o=`h5O?<<!q52+;~xGa
zxTpUp?&Uv@`}t4e{{B<=CI4wW$bSaE>OY5v`p@Ix{)>2o{}P_;zl^8&ui&ZvtN3;Q
zH9Xya1JCl`#P9fT<0byPc&T5GVn6b$_!B=j+oVtZPQ23}fe-nk@C|=7zUlYiTmD#l
z+i$#ktz>zzD=QI4WF_IqtYlmwt2j>2O2Zjh>9|T(2Ckar$JMg3@dH^oxK>sG7i0x-
zoveIZH>)&mo>dmN$SRLpW>vsXWL3l+vMS*xv#Q{yv#Q}|vZ~`QSvB#qS+#K2tODF8
zt1cduRUgmFYJg{FHNqcfHO6bRn&MBgn&Wj@E%B#Wt?>G+Hh4o;Tf8x=9p04H9&gU-
zfPcyAh_7UI!fJMBtYvq>dUjWwklh`7vwPsg>|Qu2yEm?s-3M36?u)Bt_s7+;2jWiI
zgYeVYgYn|*A$Vo>Q2bH$aQsR3NW39?G(MC)79Y<Zk56Pz#HX_-;UBW6;9s++;oq{S
z<7?S7@a^oGIIYxdoL_1VzNge&T&C1KT(;DFT&>hXT)osHT%*)t{9vgi_|a0!@Drt0
z;3cJ2;iaWk<JG0s;H{<B;x9|B!v{;P$7f4z#J`r>jHR5dJSQw;+D6VcVii+MImX|W
z)-l&2a&{3rF)b%&H*o}}_Hy>(<edGucFqA@kaG|}o^uHA&N+<t<Q&0!bB^L$Imhvx
zoRe6|J%zR0(>OBs435n`hvRb3<M`Z*I3f2E_U2y3zT7LgMDA6bo_h^v=ib19+?zNr
z_cp#K_bx7-D;J^Oa#dU@SH}<JI&t;f2wWpK3K!%?<Horj+$1*^H_eU5&2qiCMQ$Q)
znVW<k$xX(sbBp6Aa?@~!+;seOZU*k2>&MUKX5;?3Ie0*B01wLz;^DdZctmb#JTA8^
zo}61APsy!--^i_q-^{Iq=j2wwZ|7FSb91ZXg}F8Hd%3mnqTB-fer{d7IJZ9jAh!Wt
zlG_L`&25aA<u=7TbDQH`xh?URxvlUwxoz;#+_v~wZaaJ;w>>_Y+W~)<+Yz72?S#+e
zcE&&EcEPuDyJAP6JB|<ZzzKm~*c<4LiwFAP)IeXH9q5ls1qR}rz#v>MFc?=348c_b
zLvho<aNH~~5;qTw#*YTZ;>QEyar?kT{6t_9?iiSYp9)OFT?5l`x4;bCJunmZ4$Q_c
z1m@sAfw}m_z&zYHFdz2|EW{%Ni}0wxV*FZQ37#HUhTjORz%v4?@SB0v`0c<NJU6fw
zFA1!}O9Sii%D_gvDzF)U8rX{02e#qufgN~9U>DvO*o{vF_TujX`|+8;0em)a5MK`*
z!Z!kk@$Z2n_-5cJz7;r*ZwF4|JAqU9Zs0VQ^3Gs6?;KY0&SN$2B6j3m!p^+Q*p+t$
zN9SF|?!0T*lXnBh<lV%vdAD&~-d*g?llkj58F?zs%;O;p>A^fFu9X*oYv)DbXY!(P
zmpl)CHZK-;&5Os~^1QfvULt-jFA4X^OU6C(isN2+X}DirI_{sBfk)-}@wB{b{6=0*
zG;i);>MAdQcjN`}-n@LgFRwJ-pH~)tkyjoc$g6<A%&UmM&8viu=2gMR@~YwEdDZa`
zc{TBwyju8dUID(CR~P@3S07)>Yk;rjHNwB;HO6=InqocJ96N$7u`}2T`+{w7a<DB<
z3AV$<gY9u@umfdI!}KJ<jyNya2?v9nahYHjd|$9Dt{Ci&?+^CCm4dx+<zR1ICD;eo
z2=>J_gZ*)x;6PkAI0)AZ4#xF^L-0evp}0YCIBpmmi5mq+<A;M|apT~4+&VZBKO3Bc
zy9TG=@xf_$N^m-!8k~V=1!v;f!P)rT;2b<ZI2SJt&ch!B=i?>8g?MRj5&kf^7_Sa4
z!E1xd@F&3)cwKN6-V|JoHwV|?Ey1;TM{ph98(fbM1~=lbf}8Qt;8uJ*xDB5U?!Z3=
zcj5EF-T2qwUVJsUAO99SfUgA);#<K(_;&CxRzgQ`k<d{b9XgIZp_4c!bP5*@oyNsO
zXK-rh98L?J$629^I6HI+mkM3RIiV{!H*^&TLf3F!=mrjkZsM|`+qhilE-oLE-Ha7O
zDy|&Tag~r0R}DqrnxQECU?>{b3VCqtP%JJ8#p605FK!S@#0^79xKSt>KO8EK8;8<x
zlTbQt8p^;eLw@{7C>ysA<=_sX0PYwH;-^FTxLc?+?j9<Op9_`8Jwg@mi=m3RZ>SO;
z5UPR)hN|J0Le=rGP)$5MR11#{72t89x_D}+KAsk8fM<mo;derf@w`w|{C=o8UL0zP
zKM1wLOG0h%(okFcQK%hW6Kan)ggW4jp^kWas1x21>Wp`Vy5RkxuK0^kcYGk!1AiIn
zg%5^$<0GLy_}frld^FS_9}5k{KZXY3pF@N3<<JoPTWBcu<PXOQ`6ID6e>6_XAB!{d
z$76r~M4XjB31{a|!GZi~I4^%X4(89mW%6g@viY<BKg!MoPLjJW^p))Hgd>U^3f%-U
zD<C2vQ+IVq0PCD-=IWj9*&_)yJu|(#&CZqSp6qV8HOLi2G>USFNDvWtJS2z+h&+O*
z;Pd$i&xb^PN(7N03PD7IzVEM&?&_YNNu1C8fBnDeUseD5AHVw#G^gGQyk_ccz-LUo
z9r(<tcL1L?^-f?k^)6sM^&Vh#>b<~)srLcvQ||{hral0?Zt8=;*3^f9XQw_4>`Z+W
zxHI)JV0Y@{z}=}&0ADrrN#N_IJ_Y>wsXqq3e(KY}U!D3>;BQR*8Spo!{v7z;sm}u6
zH}yH-XQ%!Gc<0pTfqyym1>hH^{tEcDslNgK)70MrzdrRv;J;7(J@C6zUk2Vc^%dZy
z>Q{k>)UN>_qJACtQ1xGck5<14e2n@n;N#VA1FuxS1ALPDUEo#f_kg<kpFl&s<YBB}
z>LH-3qKc<HTfGc;OnoqLNqs2rr22ippHv?PY^o0juBnd%w$&d5o>m_XJg1g`>*`~H
zyXxbBFI2AtzDPX^e6jij;49Q80bi>=8TfPRQ-H5ip9=hW^=ZIgQKx`!P&MEiRRj1|
z)dK#y>Hy!Ny1?I5pALM#`V8Rh>a&0!Rz2WH)ByNVH3EKIod*67wF>-%It#o*od<qW
zT?GE2dJOm}wGR9vbs6}_>IvYVsHcE`uU-fIlKLFrm(?clAJi7`Yw9ZSpVT(+o9Y?h
zy=n*eE%hAmU)2rZx797+zo|C>zo&MA|Do;zk7(zC6WT@KL$v1uAECVv_(<)=z{hAW
z1(vj*241PX3^=L19C%cFCGg4GtARhNy$1Lc?X^HvdmT{IegSA{zX*JW_IltmwO;|w
zYHtKCXm19d(%u5RR(mV(I_+)1>$SH7pQF74_><Z@flcjQz~^f30k*XF0^8dAfIHgz
zfnDtbz@GL&;I8%|;Emdcf#<c40xxJE13q8-IPg{4CxEZkJ_)=<`xNlC+8+adPWv?Q
zm$W|xzFzw?;2X3*2fju7Eb!N~&jH`6{RQwg?eoC5YhM7qOZzL}yS2XozDN68;O*KM
zfgjNR9{4-jmw_MDz5@JR?W@3#XkP=~p?w|rC)&RNKdpTe_~+WUfd5<jHt@6BcYvSQ
zz6<<I?R&s4X#WYkOS=T0G=HZZ0)A0D0{n`08So#q2Lr#VJrsD4_I<#wX%7Q_Lwh*z
zo7y9R_iEzL=3CmMf#20i!27hv0>7s{4)`D1mB7pNqreC0PXInxe-iK^`jdeV)t>@<
zxc*e&BlM>MAEQqJOS%Spylw!m)GgqXbO-n&x(mEYe>(7K`ZIv0{w$!Sdq7(cfQ}vk
zpP^3!pQ%@Yp*{<Y^m*Wdz6e~@j{$3X9e7G#241V50A8n`0=D$)fGhfQfE~RFe4gF{
zp3_%>>v|iwp`QV6>K$NLKL>oFz5#rZz6HElzXA9%y$k#qeHZw0{XFm$`bFR?_2&a$
zrN0pPbNY*cuhU-&{3ZRTfv?wJ27HtLa^RcwR|0=ke>Lze`fGr1(_ag`O@AHm?fNeO
ze_Q`W;QRI013#$$3h;OJHv&JTzZv)m{Vl*d^tS>(slN^QY5ncM&*<*}{$Kr_z|ZUN
z0{*4`9^n7e-wXU({e8f{)87yLlKuhUSM?79@6kU5{F?q@;CJ+o0{>nA81TFL$AJ$u
zJ^{Sk_$2TLj86d{Zu~LuF~+BXCF4(llg6I`j~agt{9)s>z$X}=13tz03*e6#p9k8;
z7l4lOSHOz#H^65Ze+&Ex<BLGg_<Nvld>I%RUjc^3SAmi7HDGLf9XM_L3vkBxCa`LJ
z3)nHf4Sb&Q9pE|RyTJ3t_kb@k{uB68;}U!>{FHGB_%p^4;LDB6fUhv*{H-?_4+Xx_
z_&(rUjE4b#&3HKQt;QpPzi#{>@NLGUf$ua*z~3?+3;dMvIN&#oD}moMjsovBo&fxo
z@g(5C8c%-sCCayf;Bw|ufR8ty3cS*M8gSB_0v<Ir>ijT}eabX|mT3Wh+;o7~m@cKy
z05Z-^@fqQn&j2o(&jQv=4|vQBfORthHq2?@vRMVLn6q5F3S<{E=ZUw0@NLXR;92t+
zuw&MNuQZo|uQpErUt^vEzSg`B_z3Gcz(-k4;160YV98pgoiY##!fF%00?6B0XNW%@
z$egu0z^kouK-by;{<yUTe1>%c@R?Q@=v%wMz&Z~Mt&6~E>-oTS>xIDU>=!@$dCDJL
zrYY;nH-JBT=(l4_xoqMQonL*@WfPC;{2K6wI=}v;2Thd8dC<fa<UDBN@#It?Ab<Zb
zw!4=p%0nK6M<v1!5FSbR5nWOK58;|;D$099Mfr!SqO8s;$_r|Ul^Tk&ds0z;o$wvP
z7p_y32mK^|3kmQ3rz@3a=?>s?OLqcWr8~cVrLt1G8@O7!`=75=)=GEZd!^DY9sbsp
zNYS4NJW~pRXG=E&JEc2-&nw*vJXgBnU$0cwOV<E5N-qFzmR|7fE0wL%9l-6<oxmGP
zcYfzeWvA5m_bZidsqr6ID!tOJz}?cFz#B_<UOK6qFWn2gP`VFzv2@?Wq;gZ~zVDwz
zVt@EylSu3jKXOueVd)Csi%L%fzPMxpUs5t3J*m93bo*l_m7gko1o+dXk6baS++4a7
z__ETyz@I6FkDF9pUb-3hiqajxSC;O$a#DF!>5ik5%BxGC0p3!&3;3GSJ;0wW9sc1-
z<+Y{Dfj?Ke{6{90*OjgS{(R|)z+Wic2E4U&2k;k5ho3x&2Ehw}uP@yK{N>WEz+Wld
z34BB8Zr~eBcRzJfc~j}~t0t8<mu><6YUx(sTS|8Vf30*c@U5kLpEim1!M#(HXdhgz
zPNIEq1@P^qtAM{zy2_kH`{3Qc-z?n&d}rx$Yf|~G(&hG~@~+aOfbT9{0enyC3TG1C
zge%-h<-Mh=fd9R8)sIgq?<-vc{O!^l@cpGZe^R-<)Bt{<bSv<8N_PT3Sb9`2sr+u~
ziNFt)t^)pE>8fxN?S`x7CY6trt^t0uGza|s()GZPmEHvWgVLKClgh_Sw*mi0>9&)T
z$|p)!oSIbbC|wWyWa$OKKP=q>{8Z^Pz&|Q|=GsX#BkltJN$GCjr%RV#H;HD%6~I3&
zg~0z=Y5@PNv<CcNrCWi2Ub?k8iI&8jz|WTMeD0)jXX%R8r1H7aHNgK<S_A$?sR#VO
zrF(#%FWm?H%hG)-lgbxLSFBDdca^RJ{#EH3;9r++2L4Uy7U2IY-Lf{R{B7w?z`rZq
z2K-{_cHrHm+s{s-e{p+fQu$J8?%bsE<x&Iq52ZEWS4utLKbCF=ezkNf@Sf7G>yzkc
z+zI@r(p|u>ml_+B%0HK`2mVXx`rS$88>MyNH%sd;oK)^D-2?nq>8ck^qQ|iY{B~*W
zrzVwuE3N(Xr1G88+Rc;bbleR5Zt3P%Orq0q3-EiTyMX^uy6cun<v&Y}*Gwu(xd*(Y
zd^_;c@*TiK<vV_MQaN0{<Ci9tBjr2ZFsV$G?*m>|KK#Z>v_ftMKDd1In<kZqln=jU
zQh8|k@H-}z%gdJozps1+@cYZx10Pnt{#}#G50q~MKD>N8@Db(P-!rK^vV8l0n^YcE
z{tWO3%Xa~PsC*Cb(dB!7XHt1g`JUgOMAPJ6V7Y95Y*Kk_xdFVQ-1yX_^0@LE@bTrf
zznMf2W$lZT=%L&SJX*dD_`~JfflnxZ2KdDCUBD-m@A~^m^i%EzKDm4!@JGv+e`!*A
zO8E-lkCm?iKDB&3@T&4{z^9e(0A5|b;~yuLsq!6PomABFoj|R8H&8F%{q;%3DBlY-
z%lCeBQnAYSetQx<mq-2EBzi7S1Xjw|0NwI6-<ec?yu1c{dbtO@rrf*aD4H)f1D{#G
z8~Cj9;Y*JyKT$q>=&0hA4<A0N_~l0dgYpxBVc7&m<q#N`d%)>(@5oVQrhGH7TE6+R
zqv*@L2{>E6;z38zm$?QwU!DUll-~_pEPn=AE8ht`R-SwCQDv#z0M^TEz(#rPAxF`y
z=>d<I?**PH-v>NdKK#(5%Bk`dz-!AU@Vc`3$fL^j<q-Isa`@<@%1@RXz-GDe*rUpG
z%eMks<wsp{R9Pv{0awe{1J}yePaaj;<-35V%XdBTsB)%!*N+}m&X(^1cFIqD%2DNc
z<u%~B^4(86iZ0Kiu0Dz`j|to?oBB~SdR_qBF2BG&s@zci2ymzT8DO`353pCh54c-C
z>>O2YEYAVYm#+t2D6a!AmV3aP%Dtx_Ri0n&%^pSH=Vssw%Wnd{sQjk6qsoiR9|69k
zd>8Pg<-;#gvOn=*k^bHGzti~PJcD1ar6^zey+Ouk*^lBeI{zCj`_2u6wu@!Yrp;YW
z8_oZUWpcmE+T*X2vIra_|0`Z6ZT|DjpiJsW>e1g8_`6x^>;EdLZGikfJt-4S-!C0;
zl`kK;QTc}>=asJ<d4uwggs&cXn{p4~Ye(Lx{1f5pgnvHrTgty2`LOa0!Z(k6Lb><I
zA1U8D@;NO0K8JnZJy`es(IwwGa@QsQe&nw&`R<XwyX3wjcVF^7!haC{^T?MjQ6|1|
z$t4rYrI!*8O<Z>A;faS_dISr<i3#h{%O+MXebB_}r4ODscj-e24<%eav3}|IO}yvQ
z@1OYOr4O615B&h);e<yJ9y#$7haN@vLBbCa9!+=*p+qPX9!t1_@HoQb30D#(2}cP(
zOn3s}iG(K+euVI3!jBT3LijPlQwdiQo<_KuFhx)a8bK!*6W1Ry2^PU7I1?{ARGE0m
zA$Q_shkktGRfnEFam%4=2+x@Kr9;o0_~k>-BK!own|Sjff8q}g1rz^vC?rG^|9&W*
z`0k-;!VIB0apmD>PfQ)2op}1;xrt{So+m6!R1Yssyy9?;aE!1-s1q85Wx{d73BpOj
zDZ;gc>j>8qo<sOaLX+@ZLW{6MSS73x+Jw^+A3uC%;tvm>ow(<4hwwbYIl?+&gRn{1
zB5V_GAnXvjgdSm+aO1?c4xcAnAY3HeM0h^o1%ww8UPO2?;U$EZ5`K#C(}bG|FC+X6
z;pK!^5MD`m72(x{TL`Zq{4C+Mgr6h4j_~t@Um)B{_(j4m5nexG9r@*nYmWTNM0n&4
zgf~w7^^rGC{N0f^PuzXvR|#(+{2Jk{gkLATjc^;`?S$VTyo2zYgm)5ti|{VOy9w_h
z{5QgT3ICn&KEiJk-cPul@BzZ_5I#uwUBZV5zeo5m;Uk2P5`LfXF~T1ZK0a|~g2{(h
zh@0NSI-vYD@$(71DuI_=vdz+P$tBB=QIzWree@bddH$hq#ESB|LsB#O3+8K0T~$>@
z*E}OqgHW%SPNc`09z~JiIHv2lk*?aNYkHQYQE_qS%+>zZ?&j*npw;cIx3BiPo7&YU
zEosB9ScazuhOYa*7h1j_Rw{O2tDZrIAH)%j$5gB}0rhq-+B&_sNwnF{B6WZ9q}J3l
zO;w`J)t!smz0THV6ijb*dxklb+0XJkBQT@bS3T45w2B=DfocV=W~*9k=vKwoB9o-5
zRBT_3E0z~%hHq8kN+pcqIIP5>9Yv~ZnMTETD=`(fx6bQLewU)!wM|1}H389u?e<P*
zqrKT{txJ0K?C$0{e#6FG{YHLwT5FvP{5G5QUaQwx^>%hz7pt3{UgP3+yWY8}{R~Z~
z(P}N44-H}qt)BesU!B6bH&^%g)f~<C?ZENW*pF2w3`1WvqR7_5(DPMIH(Zssq@rc{
zK@gaRRxu6LRKrj+btmvm*Yfo^G;KF9Lo=kJe0C*@LO<{=J+K{H`ooH?ICOQ@jVhi_
zOHRf1Afpd@ND6CBK+x39gX-A_mQq+-Y1hxTwB}NvH;0m@BqcZS1BtG+yFk<Ba~YZw
zXl4+*s%plO9r%@sQ_*<?+cy}!u3@Q);plWkY*uuSG3kY|Rf%FXFf`BhDt=_}igCrG
zVq?jx&P7Yj^b0Y5l$njz>QZOBJs(PHsoSb|&TO`NyF2X@o!;3&Nfb!Ia9(4l)md-v
z3@U}4Gwp6~kls1HYH6CuNYVkc-&t#}thdg!^%Y5VH}o!zHqUdX=FY}ime)>a#ZdN4
z>&Di)wcYA=r4qwRe(W&vo!BueTE%iq+thv4ujr=l25QAOY&&pm-7~1T|M;WO(M-=Z
zW22&45wps(167S(kM=4q1IzOxU$;Uk&J)zop-t1Q#8GTnUL{gP&o(^25*u+GR6@fu
zm|l(yQj3*A*K89mq~>Xn5%`YBR5U{`0&1~usN7R=f;e{gHUZPst!S#NIj$CjzAl|+
zNL8CrO2zt8qt;wlo||jV%zHtzKI3W4Jll)vnqFxJ^TTC<YZ;bpYiej&6~lFyU#_Y-
zeiS;YS&4j$X{GtDsxap~->+zn;WHT=9>jBFPq&>=4d@gWKHs*PnTq8_h8{bX&SZ1E
zK#zUL*0f5+WTfh`;Z_{qWj$4um_=5PblWmwJFp_laxK@lBBCl?>cxSox%2@&YPoUj
zdAdsn1fIuQ<+FhLaTwV&ZpM~JFIWK`700TlS+=9cG_E>sg?@LOfG@xjuJg={0Fnyz
zl<8@Pwu-z)nPb{9uvO*Ed{|eNSwfu<R)YrX+X+=^U+C?$R(r(Gw0q5y)Lm?Njq2h;
zQ*9O!8i}}V=*7IDgi$OpiwUcku!{+Y#Nz4G-F9!@t8znSy|uBj*5ZS#Z=dCdIk&-2
z<7~UfPj!VH!h933#*?ecSyegLAyBZp!9ec{>};}9Gri7sPWQT8-PycRRW4AgeUYAF
zpIKs~(Jr{AOy@kUUSN;Z6wTKvYG6kUP}Q|Vi+xUyt%&u6A>=zuH9hc5Dmt#Gv&%SC
z(!J2}DlTiYqxq`CM#u`KI<dvr(Uf@to1r$ivogI{Z^$Dk>4K5%bJ_v(lx0MTJ<HdE
z3X8m6aa5<mDAwFSlc5#*j_&%QU$I;&G6^eQ7})H_e#HzU-C(r{w8&C*O%FZR*ig4T
zD%J>fLbcmi?;a<TZj17~B!)LbGNTJUvXiY)Q<xtSPvg115!w|dwFWj(@l=<E!_=5y
zJfO}EmB93M+m7rC6G{!$kPZ!5kXfb;E%JRZ4z0oi(W8OIVh}MMbc?CaO6IXDnH6vh
zSufnka-txnVx7R=rYR~Lzr!4hn5epGRYIB5hV7ZGeylC@S8PX)!NYn{?71rCwiEeY
zq}r};vf1*%Si>r|<7={H%2y3Rl0v?#N?UPk^U#jx$%OL)*S8JFH{+O!bpo3rpVuTo
zSZc5BuC{GW(P^&|y0NZStT1+24>k59rn3gp!g^U@j+>rCMa@txme<&@EmvpNw&l^o
zFphmwbA8rbR_1_;EYD%AnnqBmuwt<61Rz_EZ+oimtG2<Nc&><wHY<=H=&q-6GcU3X
zmo1SI&0@j`pl@`_q@t^Os%7dr8>Y$z#ggKhk?RBz7r8M#;nNGc%g2lDuws}#3smTu
z^qI;}%u3CIXT*^vODPx!^CmRt>5ze?SrscVU9}SUo>lQ!&LfsOjaGsR74t1v)^DY?
zeugdaEPJp_#UzVqrg@IavK_02Wtm|`mg>-tnUrk#uIt6TqtDBRjCs~V+l)d}1^J9)
zCaPm`AJwg>bYHAS^r2GQ*;;LPyTQ(Sl4x(YcG?T9dO>@qM~>s`x~B2SR=}vV9My|`
z7FN@YJx%4q#q<j(6rHBKj_H7PxEit0;$ztidNvTY2s82wEpXI`iZNZGY5^k<1ctew
z8?jfZxM144VX#CP?654`yn^TP>w}jDmdbh)RU9|Ae3uP|QOgDFUS<%%)nAE%T5G4Z
zLA+Op$1%&ww3e*g{M2@aUT$VjPL(e@69u#B75oIP_0`?=R<Av;DXZ%p5MLtonx^>R
zHk;d9TkACt*rj5cku;RHG<_(oxx;B)H;2lZ(nD$8vPsXybztq>YS*gsI~xFH$I{rb
zcp}2k6E%uyo@gk|6Ah(#qM<ZTG?eCvhSEF{Y1tvuemc%9@2u`@b+=9@gQn5m*p@yc
zzq)p8wOc#axo|9~UxaG7K;G&Jt-q=A=tAx&)9uan4wn#>U3PYJ>->6q?M$1oxpg|;
z+9Chkn7mW0D}&v*kbr<1lt9T05)d<k1X$-FVUeiT7hSfjV)jtNp@bRP@S00?uX&@^
zv;@)WXGTFtb}>h))#~*uZ+Od4s?p}|2JgMH-hM8FIN95^1mzYofX+*PHr6a}GmS2H
zTW1myLD}u5zca1w*`!vHRt&qXWW7im8BPg8-!B|s?dhEon4#@SJl%kkXo7NRiY!LW
zuC%<e+T31gr|}_FJt-w;2vJWm6MTg=PVg1pZ-viK0AJBS_O<5fX^C`C8%7r0=$dKF
z3+v7K#V~4W&4unRwLpKmZJC`!CA4-RH#^&{&0cklu{kqyab>4Ntjg$<IkS4Uz0pnw
zS4}8bE=hl?Yx8GL^D?`Djpi9%kfGM0m{4!8)|fo!c&PU3b{ZqEVL4iw*GpqbJy*}`
zB{8YTa+cLgW0I%Yd0rYz>Q(YQJ&8$sOv0?aG?wI9cAl5S<XTg8vwNhmq&*|ggDR$U
zWqoUvpU!sj;dfUyT3xwjcV)BPOXJ0X$?V*KaATrwtph<E!Ms2mX<$=Rj<<KZFeLbD
zG?Go*t(_QVi0~=s!|~Z;Stbnmn=T6PMA?$3>v#B0zr%^ii(9&u<)txsNzIVFKyPfW
zK<lR!<;$cM<;$dbAaOdem7RRSX8FrYT#0q%+a|H3S<OgG<?E%Ty)>4T+Ib#dFRxe0
z^Z0sMp62FxX^d;-i>B>ur!mQ6X(ey)Y-zg76Q!}_I?Eoa!}6QAlf<MB)E#-mWIUv$
zy)@Q5+itD3$!eb7+UiL}CIoMtVE^fi;OlQ~vbV{)oX1u!_SykFE;2I&!Rz&Q1Simx
zwJu<FYqQ5S=?am32oRYYrM^rsS0{SDwas@;qJdu9gseBnjhAY?L|!wEvR-VbvE-97
zaQo#+G|4qA$=zV#RXPNrTo{Nq0Fu^qM?arM;r!%L&9U<+IA<O;Y>5hK5v|wHgfq|^
z>V>pBrsY?{&era>zeVi)*3P-k=9$^{MHUAE5G?wE<cMBG<QQ=Zn}X4lNV2M@(R3#n
zY#LI$;3u{Gxy4|%UcEL-QgtZKsOg^q^z#}sOHmY8>oZA>*$Aw6Hmy7xK`SP0EhRro
zi^~hFpZ%LlWc+rKRw--|k}=p1B-P&$B$00h5+7^_k{aC*vb@nPL9z!-pFJ05%%E`>
z7m8YIYx7%cQt86hj{Ly?k)Qq9Iux$-Hrbo28{1nuJ*JPOqhOGPUy_r3dPer?LiR~+
zGJ%ROtTne~P8G8l%6VqW9AyN6>A(?yzJo%O#sF(Ot<$~c>C<ax+mLhzJu-#xa+P@k
zD5r9aP?s=<>yu}X<N8nrS*9z&&MGh^%82k%GHHp?lhw@|S>z>gj<D7SwOe1iVT(8m
zMQam2Tu&0-8q7U@TiGw<?+%O-a{Q>-*lI3UHzhGwOf<IAOuswb?xoQs)~Dr8QnlJW
z-dgYEsS`V$UOOuZ&bC+2WpT(XO*7zP8*r;2Y%NHjN(IJ~>p}B*F=Pj1pGn^kTASTY
z^MczXdcbhdEMAA2C*cU99u`HWqsD<BxlyRYIfmI4Id<SxG#|P<wq2N~R7~1F={AW9
zClewEF0hj%3`@7u#6q>+=x4*abJMS#R4jb`B)$I=(rO4X4&7$JeKSqZutI~!apS<{
z^=%8@q3SrURiR>_`xOI1ItVS-3n9ZI(=c>c2!W@Dfd^Hq!D-YL)>z+yQibCmM9}?_
zu3Jt8_IIG`ko^W6Mh|Lz@OBkea(UI{?efInosyiwJ0)obVN)&(S{v>4^-fFT4fw!2
z67kwy`4N7tq^JeUB#cZr6#*>Aietx6ud0gN0#0}6L|zO@3ByG3JjZnm<NyJ*d&Fng
zU_rW$>Z^Q#P_^KUzz(Ehfx4B%5CKSWWSb762)Nr^f^f&?Hc+$`Ck$M;x3Cawh|hqj
zLa<FEhTAUOp^$MVjIU7ROH>RvNE)=f3A30Xqs$ZNbIp;j<ZJMLBh7K*FofCa8LAs=
z@EU|eU`JF8Oq0(LA%akiumTg*)?lAP<-=>X=z{<*5X_<im8%!1T*f(D(|Wtg=8nu|
zYqRFhhB2!JVKwV?qC!?p@9BY=JvmiAf{?&8%X-zU6G<pC`GPqu%<|seVU3ulQjHl7
zZAv={o=t72QXQ(4GD3Atgc=M=s6|r8)7JQ@u6dq_40v`yDmte-t3oo;cVkIOzWC1S
z+0Kpa2Fp~p*V@=l+8CuSd5onfSVW>%TRg%06Z)j3bjil<`pN8t_K=e-cVqI_x3<ph
zZr8TXbKNP1!GPQ>B(!EBp%)WIF<}-H7KwhB_7Ul3T&>j+;Zc}Bc*59d^L4w0!v1qe
z&3?j>%i;vc1_ZBsR*IYRUVXMXw|Ig?5!07sFdz@*qYR~1_=W`NGxoro;3B%pDnJ+_
zy7<Hy(Zx2H$Z&>fue8^bU4|=Vv(XhKrf%Wmr=#WE+G$-VF}~heYIbz=s8b3?a*#KI
zF%$_I24kO)8Gb!IC1kh^LWVZEa8p;d*q^TLZ0lpBxZ5qr#H;<Aq%^^*ZFNV+dP4gV
z6Z~4pj;s_qBFlqj$YM|h$rT8o`gza-SzZ!LS_WTFHxSu!nyXtI+dJ^!+H1|#vn@)%
z!`Go_ds#9=;@QJeB%bDEV?Hfh77?$eoy(_9(D>x?EY?TkWuhm1z8sCGfi4#gq4CV+
zT}GwQRD#OOH5n=|xf%YRRS*n4tB^(`c!<p8YDo5K9syV9VG#!JcAGox8+MtylG7mw
z_RiqCK|mkrV4_J0b3BR7@2(?wNEa{pB_uLt+FaQpF+j{&9$VcW7&_BffCER}vwgUP
zp5etND>rf=b_+O;t{$3!qr+!}g^K*a5Om&<)!lQE-?=c0UDJZajJOMNlpexCcU**0
zu@S(ORw@;}B2re(hdUW)j;bT6GT~$Up2Nm#RDy~Dv)n+%+=uJQMxhxx0>038*_qgG
zSotHv<L)f*>>36_215wzj)*(`POskEVOea#d6GvHAfg4T>5>Mdc$=gs;768f11!TJ
zN&v$HfX49ypE_h~GmtYP+lTk=M;hB!#RRvpkp!D)0>t2+iUwcTwBU)mNE<DLJP0Zc
z7ug-+I4-InzDraD6vI?ubX!)Wg^1G;C<lntJs87?bOOyY;Rdrg(_&p(RrLV2x&ga5
zK<xlkbUzenCg_#zSg>{BP$Ts-lpwJDijO=&bEp8**$(I;`29$zk*M<NY}F0z{N0Iw
zKDKw(+pQbhEV5c}i!57*HLdbGh&;GH;*IqH5h3hmi{5qu1F;EI`T@A0p&(R^OxNHO
z`<gETOb`$Hg>Mxwnksy7ek&doH5H``+i)2dj_o)eSd$L78bMD8(*aDtb|aUH$LDK7
zbGA;*Muu8Zbpshdti_1I923#B>LCeWd<2eD2^l%Qq4?;3RM2jamquJ>_&R8T3WFcX
zXJ~-{I*eh4u!3+2sj7zH)kUDC$A~N(G*28b3uFQg>M9WkU%=CH71BA~MhK3aGz29y
zkoK6B0GR-vLyeIA#vv185m1SBJ#ZtK>w?B0f$~FCTaadPf5Cg0A2b(nfAG5~Br@Q^
z8wKpdVAEwR4&z-jd~U%p(t!((VWc>Qp)8P9BLxm&fJ2ZX2<~9y6e}}4Z1q~l4dtYv
zoMJc(HsnG=YjR_e#uoC163mvtrQq#@ghk?jt=ACNt8CDPONJ7TTpt65c3Ot(3U5PT
zH#L-1e%ot9V^}$BKyM9QWn={QhA~1<ry0Y<G<ls(I#wtpIOZ9j&QNyfeo!;{2t(_?
zp&YA2`*KCT+)I^gxtH8*xz8%d8lP22qxJe68M27;F0xGX*$A>O8-;b5fswAuyj}aE
zfk_Hjt^+9&vUu9Dj((EqqrGCV@VW>)S$84tR5MxA(0eh7?oSs<X%ts9gB1cio4LdY
zXJ}hGVl`HMq+Li4P0vI=D671wR4f(kA4FgbXC!a22pl0BY#q@xLOb0FBg9XdiCqlB
zPZmx?Me_r~3*nVWS(%~i8>mi+LWmhru})x>KIk!71<gK<m?uywVujC3T#-6t3Dk((
zGyyj#$*eCgG@l*7{+1d8-cVXL!W>F62i&2wPQnvPq6<rDD;ZZP$z%Ubem#rVh2}z@
zD%x)7U_=l#Y;~#wrHEM7u#p<_2>X8#);)#Q9d#oWu{-;NgW?8jqlWGr>m<@UOSfWF
zJ)~km*a=Uxn1p`=e}v9Ox{}8e&RL#F_-Rrj<EKe9*C#^Tsghhh%3za98K<m&sYJ$e
z!_q1RZkS~B`CpP4@Vq27%Ja(dhNtP-mSjWm%8#y@NWf9nV$j;CtcWl(@=#*|iEt~(
ziP1M=3p=R4DXbGf3+Q*SauejBwYIq30@osuFj4xcoYz7@f!C5(6aEVEKCgv%-H@gM
z`+snoji5ia^F+cS$P)t&L6TG85F}|PT8L^S8bp>AvJ*xOFvBsS_(6`)rHUC$p~+45
ze+CNY33WmRH3V=i1m2ddnsgvK4jzhva86ihV32?nM(m&p=wJY^D0XdB9<5ODln}W;
zJ2M;}3l@;!n+UNFx-EtCgc{)(0piloFR<wlhh32VSn?ArF2KTFXh^);UEFN*yR$M6
z#*aMDZ*|kOki&^;U6!+qL_RHpJ-5~Ec2?FeW*Gy7Sz6y|LkA>HU)$c<l1LvlV$;(>
zjTqty>n=+S%0=%kEx&<E@y^zU-#H`2aA?SAYz-yrA~aau21V^sI7pEg@cc*&czz@b
zBaKv_t4F*)(ui;L`4@@QfgHGhDMKUANZ%8TS1#S!zQ_-19ca|T=n*}%1j9pD%!6CU
z(hZu5GOsAEIR|}21TCVo(}WV9i3B3CJyC7UGy`uwnwzV7O(CU4@luwYLgoKT-6)Y4
zKd@#+WPHChQ@Qf&{Z~w1s|NjlzirC<KcI>asM4PP6i(m+=*k1C6?*Z2T7$0Mr_xa0
z?Neu@+xDq7)MNY9>37yX<wH-C=x>gUv%*IiEgri6Xkq`xqXm1u%+N@mMoV<$3HBZ7
zW9k;Z(Lv41laC+hW7>RRHN%+)R__7bcId0z-;4Bn`k;yrsFHL`h`Pw$xjND<yzB$5
z*V^3Ly#EIG42pcXj@(%4701H?)e2vDpISqsV4ph44g240pGw7VzfYC>Yhvh&@6*Q6
zeA}l^|2ywfKJ<zAtuy$#`&Su!*l~3-RsL)$%TH5wuMAz5=qPq9c^P&*s7c;<>^QAb
zz>XzjAS;$sA6J${E-RM!0B@F5Z@t^x-Z?FrM3NjuqqDqGG+MF;qGL&cRLc(<nlPDA
z%Cu1;H^RsZFyb(g+QD&(TqsNxKAA^FBwm`0fdCxX3Z$Kf3Z|t6s0`aS+5k4(8?aH`
zH3yo>dvu~Hv_T%>uQ*{0<4g2yeRyobtAV59z$-%MQJ838rVhL^^fgK8Mx=|rI+7g>
zG=!Q&GgK3mUkq0iZwXNIBUuFaZr%d=n|`&iCl{rUJbNWE$Ecrep(#e?PA{ok%$3S%
zHq0Iy^=8!YV~AZCT^`!;qVS*Cli0RLzo1tNHW*-9<Dt?^2|Ao8$f8uMqVQ@7$I3=?
z8m^O643ND-dPCB?m<(8Oi9q5_$BKMGq_KT~;RXK{Y?%<677DenVbRt=M;z5!e6OIc
zL6^HB87L@Yf)klotxz*`A?D$P>2OtJ*m<g$Prx1IW*%fcX)0=%1cBXSy(Rz9{%|K@
zg`r>!C94IP9>B4qB9w$O!{Z9?iQxhUTN9!oVKDWFdCp)ml~bVc1MX5Gp*0H$Omzm;
zjA8=r#h}D0ChTIukwhw@nW;|CkeWurJCoidi2K0iiut?3BNKL3nNq{0Akk*7pG5^`
z62oYi>BGzGiz#zIiwZNxRCYJJt<&ucQ?J&@*>0f%ki-(1JOsw{1rrVrt-|4<_ZAo6
zM}$jW+-L?f9{;+E&~5INXl-XCNpQBszpmD{)-R^nXOXZJGkgq49A;yHIN#?>BQ~!f
ziS=w9VJ=J|Y)z1D(_qYCRU@>G$wzx0Hm@I`3J>qch(b>bA>dH+r()=031!2qg}u)R
zi~_i!Hd^GEI(b-ru^_NMFi0~VI+29A&LcyA2d0i1JEkla#z879S4N!~VoD+`UbOQK
zTep;X2?oL9B0qNGN@!MCWEk!)vj__;Si6vxQ1<dln(f*ad~gG+n8>9exT%q8#~RNA
zqu5bxn8q=p2iUSyq#sP=^DvZyh^8<XRM8oCu;PQ1MXfr*U<*ltrRb<Zdx#z!;m2Dv
z5@8b;!<c3nfyWXhrcDtQ2gDw_uLi`PrFby3G*kglp%9gI7`-qYkYl@;Mrgb!410{#
z9P0p*TN+Vp4PKas?VwCPk3O=Ihhuf6b9)y~xvN`PnfaE&$MNZkIKphn)LBvzYMgaf
zMa<5>YQnVB0t;<(4f5Nw9Zk#}VjtNB!f+eac?dc_N$g{x0a*`$Z6#!zY}?Vv+Tv0p
z#c^2pu#juchiNg0L9$IAP-Slmxt(3Vl|Jqut+SH$3-aa@d~LL_e^r8j%M;0NDZlB)
zC^4Ar3~ov+79++YirtJVuioGd2Ww9ufy(iqL@y@LDI1iS#e`K%*u{iHVu(-8a9QC|
z2pjWjR=R1UfGnHx&;~4dsT8U>z@(m)FG0MGs00)?`&3V=m?P_)=uT00c%h;bU>gJT
z<tmHHa&^$K)HM5mK}#Xq8z!EbNTJy7MG}V6i^lei`2<6bElsRws5nPJ`&U_#&}XTU
zD6rH>r6#a;#$T!Qw#b|7bbJ2p>C-5=*agOjl=PLMNaWl&q6HoasXmW{c%Mf?JQ01$
zZ>DXeu~$kW;kG3S8|w=UJ22<PS`U$%jSZeirdT&4%w*uE8?0|!wLdS7LaY+u*%}TL
z4fA01hY(Y;GGNNW^mXCZWACAxrmZk-5jP2+4&5U(V&q3-2RAJ63Jgs|5a;_;-2Zlr
z043c;#xr3?w-%vI$6eE(Y<o7Ny;ls89S@+swB1MRA3*(-min(;F+^BAfIHlO+tQoE
z?>UB@B^{Yo+=q0|*j{<PK_?&B*nTwZNNX&f<7wEv^#-KQ5Q)8~;uw;1Po2T5=48`I
zmHu1qQ$Ci08)>8XZu>TqZcWMFu}__JBmwvE1Z5W*xu;YvlIH!c+NW-zvks~{eiZG~
z=Ad&AZt{WE>wk%Z8XKOS`M})g`3lUmgW4RPj|a3ln1}~d8X7PM-*(K581p7WXvaYf
z?ioKa&c-x2I&==GRv0z=)EXKv`_xHp*#EryRN^)7ugU`{?|-9xZj*M>{nZ*868p6D
zK-%apdHb|6x^j&9T0@_IpJw_UlXHKIYk2=TM+--~VzhXu4@L{`r%{?7yNG4{#r*M-
zf$?9cTNsW*6Jey;p)q+-#pM3|&O4}PadaM3?*TO?mHHicP-{b<;Gl{RxV8R(JgBwe
zsJx$gWA<tp!y_L=`gus)mXG5x^@^L?0o4jaVV_z<qhOyp!vkQSO2u!#PnG^>KcKw-
zjrOTC^s)D;^FZ3@f8u@GD1P1js|-HuxH<!VvrOfgKw#=eCW&>&d5)2ilon2%!blqY
zem0UwK{+H*`bf)CZ4lxEZIHA8CBQs4jSg#rP?qw$<-7C^cjb~%HuxYfos_BZuH+6B
zZzMHPv5{1+RzkF%DBDP8reh;f=`#6E9$O;gx$0?^0#{u!23&PX^||Vj$hqngA8^$r
zRp6>ia+Ir{<qZ+_FyJLSH`S2%fWt1S<l%A8Lv%Z(*Zst_)YZ3kBy;E{sTO!Q%OAQ?
zp$HQYsUZq6{OnIBQW&HB2yYnw2Ra-eCq{KNHqb`Ie#2Gc5Dg}L)ZiFFu^?M*4L=~_
zp8&fG*xL~rs)6vdu#-cv3l6yDBzKh`8z%%fZiw6<vSE1#_@odvw5ef%0iPR_lrTgC
z^`OV2FhJu{qZI?G0`8Pt)K*cD)m^({;<gI^TbQH3OQ$0Gt|590aMYpC6H_Lf8(`UL
z<FEmF1MW6(U`56Kdjkcr0UIDsBy4~@F;KcmatcZ}NqYaLX*e6J&BegS)O~s`TF5eG
z9Usb6@uq~^2~GHjzGu>H9_psJGeNN*ZzXtafLDnNBn7QMv|Gjb56l5u=c`0&WT7>U
zmkNxkP$fp}VEJ^8=l}-T-@scyLl938uwUhoQ93oa044@TLR4G|_;5OU!3Y@8rgm}t
zgV2Z1YT~;DbzQuHpu>(t1wjs6A1rjRoPyzsLk|QE5i$?dVeu29qOzPQka#{7(e%cX
z4Z;z$038e07AVr%qPy+JwvM(g8e1wRNK|Be;a&p;L>!1<hlU#zbm!o@q9$zMi-m#U
zsa&g|1MXDtS;Fx2cp%#Jy})D$qf|>5g)oE}3sm%QGlJm`ex3phj$z@TzzDM%>meMw
zuq&Y#hH7KX+R74BBhXne3T2f+12A<+R7hyeLIP!^K{Z1X5o%q<OtY9kX=za1E+!lj
zLkvR}g%zHKFe*b}jmTsOHV)YhRfqA7>bYw2oluO%IZce#G|ptyih~ZdIIVMpAF4Sy
zZ{AU02Ak6Tu;OF!vI0NburaMb&l@dl)X-rGBTjSB)-=R^3okBclf#i`_&D(KL)@{T
zY#oJo&_RQrit~g_eV*o3)gl*vUM@1K2zxRMp&g3-aL;gbW14WaU{yN`x{wtW$rC!C
z_~=5bnvcR#VZc1cBb9~!EPRn*IFL0>M0^;bQ)=>PA;KqJ9?VBm3CBmsC(%qpDustR
zTYS$T*kDmoY$OG6{;}B$od8ADAjHA|nE-M)99-cw36Ulvj&~s7TF^uchFO^o4?TjB
z=_3olSP>py2uBXRb);Yxl?f~<qHd2;x7ZD0l8&_+%z4%}T(uyCw9$TZRohXRu*^Or
zkr=tLfWg^Ee+or^tm!-t#=a&FZ%`XoFb%*95uV3zy@!9B5J!W|D&!=H+7M?TNI-PM
zZ5776sj)b)mWr$f2SpBUWK2BXi0&45z%&3gJ6?!Ki4mMSC__f5w>z*hSt2m^3j=Hi
zP*XP%e^8OdqJrp97?gM$!q=1&(5*-y(cR-Uuo;j6;&5yFQ`|09NV2S8FNkawpEWv7
z>U?n@#a5$2#Q+ltp3$J&SchckM+@2VWC8G!1x?%)VU4KZKg__Hn~tqD;u%~-BF{mx
zjQ+4lDKv2`MW0ZS(Tax}mJv)enYeU6^Bl1zLmewdWJ9`dqk8DzU5==VWvLh#s6M`r
zTpQ;{;tWkZrkO#2@2uEkaNtQ2$C9ie73?XnF+d#4*rbz%i;aUy);vDBqu^JKg^VQ3
zUpruqaRJgS<_4AvmhI!V2#&2(#Ne}n8N9~E#4SCOu^*uP8zLFPOa?7r99Uuhps?mx
z*izs;i4P$@6cJssiX%3%6SENB4gX64)5$?_%(r6PW66jYByoAkeinwTy9k=_)hJ%S
z9K}b<hm}oiqu7b!v#$CGm|61z%f%pp5g!Na@FBNm;v+ahLT=(?&WtR0^eiEw#)%{d
z-;OAg%ar9T9{lXlVSGXO)l6UnP)MO+dOHrrE<TQ}i~t#;lH3D_h%pY7BE)pK<O;Cj
zkTJvakco#$MuDTuIIOZxB9UQQ50=<MLTeThdNE-X6J{}C6%%$b;gA?wS{;^F9)d6s
z;mHcqS`)zvk2WkaAp_k=x&l!Kql>wTJ2Qmktdp?v8Jl=!W6I;6kCCowl>^WV_IZU*
zf_zbSLcTnj04$B{)%Y=E$l+KLzk9fMlZrFU_(~sJ&s;~6vyZb#sf#a;fn!KAiZp;U
zme2qaDSE^lPA76WzDwfTK#DS&WT0y+nK>#e@!Z3VMEgEwlKjleOcJ*fhcj9AEgaJH
ztLF)EO4E<qc{D?frTP$ROgdG)wavzslr}MgsNyVuC&v0Y%jhIAkl-X^U+<~ZPCT+|
z_%||Wz{WI7JfK!E9b(2~qJ#Bz>;+<G2GRkV%W_6V%)~(`Fpvf<Wgbxxe|?d7F=O{b
zVvUPaHWDhLM-ia?f+ji&DJ)o+UL%FYP>IEXZA>sNG}Ebwr4UmMxib?Qja!joi|;zt
zFq~83sTIt|XURKgkcpOlUzC+65*#*3B!=^O_5hnr%UV5rY#uOxDa@s7L<`b2Qhn(f
z@xFA8xQP}|gmFEH9ZMq8G92n*CnAf34~{DPqUT|WEzg|TZs0IBd44h7$l{6RhQ#;B
zuPJ1S4?z+QlVuIv6z~^JxI&OXQ8^Fs<cm<h0v?hnSuDi?*5Z{uiAfZDMhl&IPzM)e
zl+_+vGas*vF`j^3_Da0}x|ohtaM;IAEe7mZhOxp`@L;D#=+j`vie3)JF%|Y$_8&HM
zHaQ%^A|DMk9JaYW$P}JBS&%`yarcLdHn0l1%*FqxtN|G8h}VG_!iN0{Q%Z1Pb`2Zt
z1(X;V_E_?1j7-eqc}drWghKHN>=v&DxKY3{ByQ#Kz{sgQ8mbUjhzN#=PgNcr)PN6x
zDGG*ZbPhWgRG1PYxn!T$9UQ@7ZHM>+GeIPjkZ-tVc5&K(lRKW0JrMHHWXCb+2s}<k
z5f=V2R+u5L>Vdj}Ltt)4MYOKyK%E&QYa3WU2&w2Ap=g2gNDMI0%wPlI85!CU0!<pg
z!7^`%(`1Mf>a!%Gp<$A*MU}*mZMhM%EV7K%Dq<Sd>uj%IBwA<X8>eWVlUo6rw`r9<
zd@5+;=Ad|pwKQBL+#tDnSg6!*c!*gveC56jxxsz+JQl0fevdU=wCAz*7WbccP&Bj~
z_80KN@-2Dk;+@X-)X;^Yx4F8t*3MG}fjw&`&SKiVvs-J+z0(Y4%m~CO)<XMy4d=m_
z6Q}v}I3Y$6Oza^fzjk&9LyY7Kw4rv>7#>W-5)otFc55Rks|me>dG}6R43XvHI<K&k
zl(997cN8q_ZbX-g;v{!h9wJd8s3_~}EGJu-O1J0Qr+ayPsdMHmiF`F1TFlru+w!7f
zxRbwh8t<=hg(Z$VENw}<Eu3^$#+binPR!lCMPjJGH#hNmUhQ_e^Sz#UKX(<eE$^)C
z;>S-?(V7k^?JB`8&LYz2{>viuFu+D(4}J?%76W4x2cQ$N(qn&Nxq>!=AYyHFA=1&h
za%E{|`Z4J=4ZR}xClG-i8i76z&Q)}fT-1)xt%6Ks0R!Der_A*H00kvW9Ad*Ez$Y*>
zmx?hSh|vzMi1|0}j6t!*k*#Q(q4WUpf~9nf5~9m@5I3gMG`eK?9ARY=51(k1L8(HH
zK-WePg?KDQ%MuzRzk&!lju49A-@a_Zq|m{_zM91oQ$naJagHk{N|1L{1}COXXf|wc
zMRg1_Y3!<@z&tzjp(pU*iRvhw%c_RYc~rKjr>R(#LndIIi0={<=TNN^uirRVh7NQ&
z9j#)pF+)nwd1#brLNz&fI<;_~%CkW{vBcZ-2V@V9;SJO*ah;16C>`b+V1rl*!$E_L
z0d-~#SHyWfR1gseJsjP`1Y#FbK|+LC2l2{ohOIPM3YaL0X^aY9LbUyCv|4#c>;oY(
z(G!iGNF0-+DI20A8}JM&&%m0Bb|}mkoVnx26`BVc5Y!gx9C9*@;4ul$fbYR8!%sjD
zjSmZdhtGrSY4%f`w&EZ)P}wQrKDY`<EShGRQfp92Fd!^wVw6^3-Jl{Pe*Qi286LaJ
z%zi`uq?>w#a{D&>*{sH5pZ6>J$afPRC?M0H2Ng3}SGfl3t=;wZGnH$y>u@`@j(bA<
zV~YQl5a)=U_3kqjEKM1gbSXSG7y@YGG8u$;g}1~GirqeXH=6FT(?VUN1&CX6b|V81
z-F!Fk+Zy>Mn#d?U!>NEZg+pMNb&NWu0UEimL!o0Cy8z4%6XieHAp9zvBOv4{Iz6z}
zU_IINnSuHtV_uqsPYNl`JX63OU}Crl`iMIwl!I}1>*MA~i%sY=oGc4fY;$XTjf=Yh
z6P_F1!6P<o_-61xViz4jR0Hwj<l*-i@*ZLX#c4jc;4M&junFK98mJ-R%$PZgx+RWt
zG2nw7MeEW<a}i5k?jx37;K5LiqDKveYJy&Piq86hTOD+}nRN6TE_6{T1?LcRKXfvM
zJ8aW;sA@6CnH0KsMS?=d;{o1;ll!CO4R-<^X*$Y-4-P<$868h<2ls)A7sAs8%MkTb
z*mU9&SI7R99>($>FGDPDFuCAzqDAV!xZt}n<1yC{1vRnl3Kf^|x3>n%N4V}l@w>xM
zeFLLxeiv7s*Iw=AK6A+Lu9I8sW;Lr_8AjqXWc?ypED^%W!f`!w5U)t!Z%idIDg}>2
zm6FfO3=Zj?01gk6p6L%S4wX!J459~zCZ~-dD*hO77R9$ws;JT{CmR3=>k5=dg-=Qc
zq8f(6Db697_wWc%q=#7G?P5<sEtWNsbqE|07f5n00q7)tAMo@{IVdBHQK>j^gyW6J
zk#gNiD8qh*qF8WTc|jgHu6UqZFk0Hjuf`ShQK-?v6oJ~ecu1BvdhNbfCDO=&;BEA}
z93v~Lx8jij1=vhCsHom`a3y)^gKNmmM3Q)awH{cd<fZPfslq4hOPv$6H8sa9zFmSp
z?pvw<N%yUhzum#@6eXnxG*!^-+P7AHsV1t4BdB`e#l~Xfqi>%K5J0Y5(I+Mf4dr+0
zcfz<z>D>;jl8?4Nsy_B%?x%^tv>W#n2VN|N{h2cE>hv8BtRnAlV1)w<^PU_MsE_u-
z&`28hn8iUft~~jsgGoQG3QgQ!g>iEyp{)udgJ$|Y-XEx=mF~aB&>QdDPVu!5sx)}9
zeQV|4p+6EwpE(@~z~a0ZSE;y(NJo#>$?w$fgmIP9yB%0%&)gZkQS#C6r-{MG8ut_j
zUMz(}Lwnr)N2bPTl|6H3w8DWm$a`{V?u@oDG?K=>WN{FUD^I#{FoMQa*)w-WAEMup
zg7S>)q=i{kN2)PWI`}|)3j2-jDH(d_F{J~Y&~b%>cimH(_joc(AeItOO+!zd4qRY9
zP4=x-oF`)|<u~iU=h#~54G*p}G*$L(Wzf}Qs}xtZu@w$}1}W{2=CRkOZ*p**p$Rj#
zm4mO(`?No0#<npue)g#`7(-(#$jcNql(BUlNR7hmkl{842~Ec0Xj%VTj1~;N+TOy!
zTa76jOpMXO^wR<JQJ<@_jwLPj6c%1`PuXBp4i)uZa8GW301TCk46dQFp+PlNvVU8J
zZ`;2j-&~c3w~Sly>3Imy<%NX!<a~>ycf>ttuBDm8v+TYmT~>kDON%8UgI0bUTLJ^r
z=c1+K94c2|uGQwE`Dmfx%{4=>k(32<RWinuCAUaLX=|J|*G$P_sQx<Ur=+6ncYAlm
zQ&tNUBq`xHQs3(vZsS7|pI(6+rnrUF^yKQ<Vi|6ihDuh4QtSN#Ws27fwO1@CG{%$U
zEfGylkD+(kz1{7FttI?u!!GV+8H41Bo!0j5wm8!Cash9i81h~0(KnqNJw-$2CqgSV
zj^W<nK22ol7Q7&+e|UVj>qAU|%#VW(v7Lq+YI4vUOthHupwIw79D=4A+(Wp4a`v3&
ziz<y~2+!3-J54k%IIl^=^cxvs$k|n>%%HM_Xdli2EEw274h{-oym8<Uej9~f1WgZ1
z2&cwqg@sh~uwq3kE`UcPcD3juSa2~-RDmMmXtkgt0QZ4sghz`rZ)8RAL{Q|w&!I4^
zC_>VL5*@-ZN=+(a_=>nn)a^u}59K15JSdl8>xO$pm{RD^pj$vi<X#*X#9?$8wIeJw
z(LjOsfG<qAe%P|19T*^v^5JRV4I6GDl~6_CBt;L6E#b?A*vTT0a#0b14Mjz`&TvXq
zG-P;%NOW!xk#ks7gweVKTNsmI4*c{v4+#r@o(o=*9L)tA4hP<FK;dKK6u?3oLd2zx
zuNZg_K-&$Oy-lxhL!76<EP)Ho7fa-1*vun)<8(nJk+`Vlq45q0+l-!vIYXbqXA;$k
z0CPq>m0|>q|8uy9m;*BiV57mqM%##EmzV{J8AApEpUY1<PB4J*{%IyUiJ~Bf3>KdS
z8cJ$>2@I9dyFu;A#eahDr$c(Zv(n^jsx3UUpWWcd#;x<GJKeJ^4%|Ai2tQEHg$CiC
zYAhAQgz#`BS%vPW%E*!_h@TK<d)w)+lH;q~PjO*I96Ycfki$1hs|`K!-b#DkYHyV>
zZ?(75(2kH}yu;5k^j3KbXavBK6;?mWkgz9lY!2sBjuMSf7!i$B@zxkII^aR$P&Yts
z%rb$5#lc=%4)a2MjdBPUp3G-#vz5hKv{0L_u>u@8P^5f%@qQ{vIUAC%Z148!XK__I
zU-wx)ljC=mv?lqY|B`GDJ`SV(gkQ>xPc{a*YQ-P$6}ew_u;JdlpjcK|zS$-Gfmc(1
z;MBBOe`p^l78DxF`a*UdKl7X}FEX?bWEuHB;IsB8%e}1qJ}L|Orr;}^?F;0{;?KLH
z^(Z<Z2JB_JADI(cqa4|XJ|i4fd~(3BM-L!S5cF_T0t>zzN9w~thYfDv;+JbssA7FX
zi31;vfr3cE$LSy{doXnox^Pw-5+Tkoc3|<N9nB_ypL#vO{eT?SDQ9wWW+E#f5;xe~
ztch^xQBy?24xb$k6*+$oaRe(XixtinSVJry#b?yA0wh*=Z^OF*K9>UpIe;ezwW9yX
z_<$deh(Ql<OrXI_M@oQVDE=YLKtb08)kJh8aB0j+jIKAAv&R@{=OP*tX9oCjumWUb
zsCS|i5V3gSV-T?b`hYxG1r=geag+zqVnY9gg;n%i5Ne>$7Rt$Z9CU{?3oi(w4#L66
z$ORBf1}v;-Qm_y3ikuORf)(O3gi&a>q3<UGJ>HB*570p1!=NFBRt=tb*+<~@qt#rI
zqg>gYP|o8?*kADxjqnC7JzPgbI5EK&B3l5m4sk!oZi?c9xP72v>&#BO&B?CH+F5~P
z4^+C^5Aa7L4u9pzkllzUM6~2s;dwhB0R>t-c*o&m1?k$4JXBoxrVL|*c*8F5`kLS%
z@`FNIJ|rVwX(XOg%Bko=(8QT$LPZD(AQcjk2C50exjD%Sdeluz@Fkqo&v5pGml4`+
zb(`Ibg!ZcJNX^b#yCt_{t|f;W%JgAqAvH!n30IPgI~?91`!qzBV_Kj==qe&(Md}*_
z3X1ngPEY_5C0Nm)teEJfAfG~Rf`ARJb}$lA9Hmbc{F{ouYb3Qcor+M6MlqCUdzBM3
z#44WiXOTkf{Z{j>-r1|8F$F0iDn%^4XxoBtAWCDEMGG7}2F!pXa7Ah=9-Q$VLPZ3h
z%sIg`kjS8viJ}&wTr@UOoD^xQhL#Ttx6ChG8=?G%G)JuUQHB(`I;vkPj!{y#-x|kX
zG9D`EWr_<Woxxi{9TZV2YCSA22p>_j=L}L&1`d>ZHBjcgle0nM;TkvZTRZKwU~6Ng
zv&rvLfOGi`7VkZI{c`bL-{HuYZd+<EZ?B>JAhEQi#I~f^Og{sRWA&Vrpo1~JzO~X?
zmjp}dAVEpo*-Q(vlWyxYoSu5sj}aN{B0(x~%XSc64J8n6(cd=;OFDbQV2tgo2g*jV
z;?Sm0EGV>)JZ_N^$TIRBAV~ZsGa`{;;+#}8&rm}EhX<ubhKB|cxG#g4?H2_uEmRoX
z3_eT`MCk!6Rs{J-BP~`VyojSXz%q&oREPkaGp{+*9zi++TiF9>9<vwZ>*7!ebk*Rn
z&q~M%qCz~dpd!;{$p-TT`{x`~@v_9J>nK2Dz<_`9e6lep6kJ>>>=)qcI1I+cJnl76
zibmCo0n3|+OLnkmWUP3pQ8@LKu>|G81|)J*d`WRCE(kR0!65it0U{ewah?OM<`x%c
zy%|ZN`o=B-lER^(F30kiNU?Ev;jm<ij8RZw^tPy2tpOGVAg~Q(0<dP|K#C1Xj*rJU
z$3}~e#aT89amT~tGW<|MjTn3x9b}O>gAjwIGucqnW2@y<01zQCewI`55shU44teDC
z7Pb}CIY67}PIfi%xPe{<(sC+tXe@GAhzKYH5ObDx6?KC^$R5tP6@OKn*KP%TMU01N
z6c-!pHxkEN336~YY4#{~Ya9jRc_ZZGU=@P;HA?V2wH&>RL>Y}sAtl5K5$D@mJQEdh
z1A-Q)Xu)ty5c(7N+QoAg$DeZu5N9N?eL`mOp%nB@Fi*iiCzA7Mpb;zhB!iIR<N%w4
zfmv^G6sAU@a&6O(IMk?KgIG{x1uqc!aTUGInKUb-?FU(li%Vhi*<P^dSG@%}&#@X;
zsoFSI1H1Q{FbUF(YdPp-t`RLs^Nq#yM-D(sw0$`O^0+rwg@KS15AyYW@{N7+wPvss
zjcH|EuF<c1Z8MDGxx!_$(J7?#bHQ?&nY_#b{lnAkbX(2#wwye<(^_w?ooy~f2`?m6
z*1Fw&N=}35wr{$r)m+=?4(bO<*I`(AqW{u#bfZc~TuY8<3M{ob|8llUm$iHS_)eZF
zHR|n6P6EuT3=-Xbb`vALMOxq(3i(;%n5J&eTTc@C5hW<7Bvoh+B{mf8gvF6%vgYo|
zJ2zS>GX%^oX`wMzXwMTQM>Jt1k4uNr9Fvk9IVfe#^x-7h>$Y$()>*w+XlL+TJW$rw
zo;>N3YPY-F-dUy@x^0l?^s|$W+f7t2vRd^)sym1#jfLokox%A}n|+WbIZ`=yo+inY
zZro|FOYC&^D;F*H&bD__-Hyh^?KY)bdvc^6`|3ugCw-Gu<IQTjJKI~hX-h|d-(nvH
z;mOWYB6np^PKYnL8%Js-kDk8pW(T+7TsYnDj67%1J$X*nM|o0O$-5@c<D${5yvy<`
zyLm*e_giO@rxplvL4G8gAxMmYlSX(rv|!RWLp6<r?b9t(ZPP^DxsXN*4^`V;VUW;i
z*@c709W6;e>PT)Yd4^1roU@iUSI^3$<`D)LO^Yfix!}61J()~{EP0UG_BjgAC6J*(
zJbSs6kCLV5Tk@JiS%Z-~TEY$XFHEf}MlY%3b)3n^-8Sm&bu^0FYlE!ro*XLW^%u4n
zS{DcDZofp{1EUU{2qve%(l%dyI0Nn1Lh(|&yPdtSjM%024OvPGwq%*g(u=Fz?PA{6
zNSafV`t{RQ;Mgt*B@--fK@_Hv#B{sY|E8jwyT||oLj-B%UW5DaR{6b?Sx;gskH~u_
zYpa|Dp4F1)C%V%<6ZCf0n;eyx<pk&jgU+VK$t=&}$^6dZQGRHWLT6@qJZKhMO)qA!
zh)Xf<B9ECx1urEhJ4Y>j_beUty1aEiOB(AZl2>5ZP*tpmT(38`wc1)wbNZ7!O?K0t
z^hL6XoRy?=Bu&U8polCR!63uyUfkFi$~~9dRPG<Nwp%Nm^-fQoVzro%(uLLrryqH{
zC~3oAlq#Eha?qg673=2&A*nam%IBNWLV}CP&wSLFS>zp;I3x9Bv*y+7C%`@w9H!Qr
zV3SEg?iOa~ejkgavswSfA^n3YbSTIlyb+iy@V&6M0b6ykionE7OrlXXMa30E1~~6g
z=C+Lphc$wyf?Q*F$N@p%csMl_+cr)aLAMZ<Nmv!&>I&wqaC0%+g5wJbi8+E0^*F`U
zu?9@fTZ*xHj}**^(TRqujE*oUI@qs)aRREXD9%C`aLfwYn<xTe;)uyeD306Y+(?Wz
z#6PQ8`|-F~$6^X+VYaPBiiKeah@OXqAnMFwY6q$gPXh{oQ$esgLfsi#jYx^G2}Di+
zPAbP#@EoA1=qtm`@P#_YC<1#}_%sR@eke#nn8I*Ec@?uhp4dT26EXqQG!#_D%7cpO
z$zG9ypa2d_EIuspj|o#AVp@*(1R+HzkyxDLPS(mh)|R(}@kLXj11`4um~Em4%;Ufu
zbI~yr2?_SVbSxbyCM!_O4jRI~ijFOG2FE+06OB?ZG7z4hig*{bQ@)e|fu&;xF82DM
z$_QCpxICcsqIJu|qH~NYDN2v%3fR&Qut%^o#dV&EeXVeoAe<}N!}5zIBgQ0XPBMNh
z$g>bzO2{E}$e~AIq=L_b*Sl1NnU5O-l&|rFi)J}iz?kLWaTg0oNE~Q#?gBNYqzA3a
zk*j{1u+2h3v$I4piuh_U3&m401R-W&hz}TXut89ehcShFz(}ciOU$Jdkrgkm3Y<Z>
zC%99^i2)kGaN5wX<rGxj0Dg*C-J(othYUx^4wWy12|jE#3*H^3t3+WIVnKzXJ#HAF
zO(J1A!RW~kj}ode;B<Gc7q6qR-jFL<&_`mrgzN-<1s0vql-LKuh>Q3<%y%wNAPTsQ
zA81;vWw{R9HRu~AhrvNtOrC(jgInf!=)LBndfl65;Pj=Fg2qQDalN;YW@p69P_~?)
zxRg|=E<m2lMc(m9$3ucY7b$}rV^0pBW2BC?C&$Th;HR)Y)s`DgpJfU<sQ7)eMEZTR
zMEZS6B!b-qIC!$?C1+qJiIjAh^XB3GHaWwty1;8E<V2q6_rVP3T`V@kMQY4N$D_F>
zPJW|=JY$=wv3@Pl^IpB!Z9%lufM^RKh@>;KUMuEi<Px@Q(sv<CF|JxYR&2RsDAOO8
z$*~(r&6JAF5@gXx;*KTD5o#!l`pflGc`mena%^_O1xRE04j`v#XC0AsPHk!N*-_A_
z9_KBWV>xJBxLZwcu7;LolAKO|j@8B8EDsUPrWx6j$Q5uXQ0tVK$iReOA);?dpQtW`
z44@>=Lj;(v(h*Bb9#1RfeH~~%;DCF{>_haZW2A-|1dJ05M})N>;G_hR9j0?I3)pmE
z{VTX3$D09r5>pa;f3&;B93S&==z1~f!)6zg6)jfCL4_VOJ>-ZmW@r{We5AV->`*Wd
zfvJS;Htrb|AA>wh$6;K<#ef5VH7O5+$%@Kk#y>G^5O@w$WUYsX%F(x2B{1iZKJXAQ
z*%2+kAICIZjuu2E9G<C(n_oEVJS&?c<_zo(0nMQ@kC+nMbxr`rFjC<(K{?79OK~!>
z^TucqkpV`Btgxu<%VvYm1S-Ow!Q4fMz0Gb!!!C|K;M4NL=<>6!_z_zOXHO~YuZSEl
z{bMgk7Bg5)uuWlSV$Y1}BNjDqL#P;w<O3e6xQ&s68u7~j;{%SCjaEE4_^N<k;>HT+
z-(hW!_Zc=GEM~<~LSn%phZQ2U77Kj%K0YnNkQd=QcR{{@&_jG!yGY>?tK<Fx-FcX|
z$m+2{t?=S7sz4ABJFw)z|L6N65EmykIEaDo1?Nh^v`0?mf~^g!nTBv8KoW}rESL~F
zU;~Q%12#G^@nGu0`HwOAsW66k5`-f-o5oHOD}Oo?YX=P8G5NtvUL4hM%vXS9n-S(S
z2w?kx;UL@=>5Y7CWv10V%a6@&0VaWQ55}Fynso$AI4r<U2+Rk$35Gpv<Pi<ahRF8I
zg3caY32@O4;)Agj7AVM&xRim6`htRVq{4oNNef;I#CjOZ1^O0*geS%vlg$bF5*68~
z;8-!{`6gIiv7chLz&6PfBHsXG5(_Du1NDtBr(<PpD`zjy#hCr&=dGsJd(mRdq8Tfj
z^NpC}ly7R2%%<SZdR!2{4e~(&d9^ujy0~3(&Qn~SRu;XeCVEb2cWW$p^V6}$LKIdP
zhKia8l%Z>Iz=a2v@_i4u^uSU^^8uIcUy38^{jWm^zki{K=toM$1$Mu?s`W*zkT@AH
z@4qy|8OmTy(~&$Dsw6qhe$GjF&V^DOyx@R8&q!Qu=LwomuFca@=;VopALP+%qoqaJ
zK=Sm0aGCobIFHYJ(^c8OmgLI|$(jAsrj_Z<U0{M^O-JxT>(dD{fYH<+chdvm^YlRY
zJY5)#QhP`#Xj(bjzA&Az%jdmDFq7<GX)Kk$iCj+D6SdhyMAw(fWqA~)vt-7r&nRaS
zxOn<>x7|ykCnPtFY8;Lw&d*5H=e@bPJkdC@7{mM(H)$u5i12ZR9V`UesfC~!&n+hj
zK>=W0_S5k)jpT)(1Zgzc_nSDMnr_f0ot?*v-J0hK#shOX+i$arL~MYp6ilj-*OLu>
zOjf+)O^aq)UM;Ln3yV8zN9e?v!k3|6Gpla;%daZ6nJTa7)q`p^W$7fbRXK?>y0E&w
zyVhP?UaF?f25Rjc*my8qBnRf#)}}<-Sv81k%!%7w$=l9r7BjK*ZDVA-+LIb9)xDy{
z#3)zHZ?A?0Pz7&Geg>ne%1LX94ng{;&n~={#D|8{vt^iuyBix9>-ucrR0?IO-sFf=
zIbIxRchwp!eIf~`K1IqDDDW(HZF6xp9bM2Vat^r?fHyBCv3k@<ei0ETzX@L-b-`n4
zQnY8#Tgh|`C6*mYuQX{TKaGBNFimC$(`0t^U1pU96enhr?{iX}Q!Wr9ZB9YDunf+(
zxR4xPv9LJLz*M5SX^)YuG&C8(L=vtAm8;KQ2)$^INf0;Zqj?4hXmUEs`l)16*A{Dw
zaxTUkjerLxxOt-bnquh;_`b)K6EoGNx!U6594C6O_gcZyTp~AJ=g4=7H#?ha9r*Y?
zNyv%dyE{8@pCq-uz7o!Do$0JDlgJFrXW(4OQX^T7pvKBF$2UTB(n#Ne#^+%0-_)KP
z?V<EZQ-veos6rNQ0FqbPqqLNmzhs3&3Qxs?Jt|7Y!Xf3PV!_ylNz@PadzfP3(8Cl9
z_B>3naOh$3f+58SJd~p3+Nd=>Fd0CqXePP+YI5D)YI*K>-Hqw_y|Xz}6u3IrMI^p)
zHC2+)mEajmc>)rwnditroge+OJlK%vO$ip##VB8$!YtiioXA*~wTWM8F%^uE=rah3
zkFHr{?OC$O;}uv5yTqiWjEhK$rUr?`!I3O$6oge)USS8w@|(=9ej+7|g(z-9p~X;E
zQYFo08Z}5PE;odD&Qi=0h^y%Ze5W9#la5MK>7F+4RTr}U^qNv(xh7J@rniu1b9Fzl
z6dhlL%$1d*pO>^KsfER8Hd<U@7hwAm+MC_6PE|5kD!k=6d81-(B0()?6__ryXsN!)
zs#C2ex5GJs*H~VPGJ$FK3}Ms|T9sR*OMG&#<%QXW#S;tgQR-4VYO2kJ#6=B96>~hi
zqZg9m0Iraf^M4CTIhnPPl*1(oN%6;6NQzG$l4l4T^2>MT!)>kAZ`f_^w9|~**$(4F
zKyqwo;?`n8<V>01W?^*DE(k8et88!YY+dMVz)BB0H+DpH;a{YYi%8ivuC6ZboimvZ
z&A6iFo^YKz?XFxn;Qb_gj{^H5O<&uLmX;P4N1uxeGc76n@)+=aPb_)0jG<M`VO=OD
zIS@9fm|vVEM0j4fJc)8$@|%9vpvL#jd~6Vxt_^Dmfsu~f!m!0NRGP;rOmm2ivy`Bh
z{X}69_w$mis-H?2Dg9J3zz3<NMa+MP^W*^p`9gRvk(z8a2)}v8?e-?Bpm;Yaph4Bz
z2o^*}ve585x}K1=XFVaWzf=&1dP7uzP)hO>OlMXi0G`5Mp67RojNaB_y{61%Kj@Jx
zr#)Fy)@lh}Ugz+uEK5#6=f>&J`OVg8NwkGvTxg%^$K`3aYvN2MvDpu{HoLvnX0Ol&
zZXmWc*{5qVjB9;_G5dta#(cdjFZ+5~YUqPydD$n*>uVT$%gVMCWjQ0M;z!GBjC{0X
zNhj2%k0s;ln6j2e@J_MOK1PS%C@AMKMS9~{p*M(cfsf9&w)?rqq+gEh>6b!#dA}T!
zemSPd0==+2??+3D2e<Lm{Nl2(BNyPBDGiYDr6PGPkBy??f^Zxu;RJfBifsv;Nm*&J
zDUmt5$fcrEl19;1S&sYhTu_wMx;DY#@@ljrOLkWEB&`IEr2%reG(aww6u-M9J5%a@
zPH@OnH>EC!VY1q1B|>gw(RvhcoRB)J6?OzjmO2|@qS8F3K(280F$G+Ki`el6I5Hex
zfTM;n1>6Ikz&-_*J*I%0v;L1Sfc-YMK;9gk?YwsqbR>E68m!H+1r1#Oj4$B0rm+Rm
zS7Qqr*qw|opcBUz(23&<=)~~_I8_~6AiX=j0Dj8&0x;n51>lck3*>u@DVW!5G<AGz
zx6Aj?$9#{Z+s7BsiQ^0CtMLVN$)19s?+j}6?y)|<C#yD^(>M`%Dbqa>;nqb7x$h+s
z<?}&8w2u|+b3udZh%<zXkR|-NEFv5R7&Ib9qUx!IEGEnyG8zk!pmCs=iK101Qm7{g
zX)aDqBns3VJe2S$7}y>NpD^{a3PbFKERR*MDZ6HUW^oZ&Msi&=Uu&Go;;7dJ!X$}A
zeQjADFk4y*a)f5E+*pj`dghs4nF9r0^5*Kpn{K#JAK7&!C*eIvWOUz^ygeJQWcGOv
zlAuTH%0hFR)vYEGxpUe%^=J;vbdi+MS(vW!oBW7jpd^J34jRb|HBX2*Ch5~OHhAl#
zfL%N<=c^6kd8X_LNp8xBf(qiBF3@7yleI;}a(N<&ri9SU;`}0bQN(7GpnU@&R`Qj}
z^}C>^pc=;|THDQ{ON%G!sn1a?7JY8cx5qOq+fbHTV7zjAvy9QCG<}R~>nZJ{oNsc!
zoN-ZC&NF<s@eRlr%W*ufAv6SNVKb}-4Uy!*BuV4dH8M8BhCFe)?eUXP8BIp<Y}6=9
zoRSSthQ@GqHV^g|<eOhs5^)eI?PX^=ROf4R)u7st@ukcyE=)J)s`Ers8Vu%UQ`m!9
zW<E@7bC6e!=p<aUq%x`@?ERQM&L*!VS{X7;GD%~0RgP?sFS~mxP8{G$-ZWEH_;iD;
zXd$T9W}>Aemu|rTi3gL}Bx)W!ffAg8<HU?d+?I5m$PSaCDg1%d0ga5%p;Xb)O*VWB
zRTInN?8<ESX8A>Yd5o50e6r*DF`vA0q${k%>@|~NI!H=gNr~jNFb2WonDD&D++r|`
zuvf4M8RdfF4GM&tu&1OU9t-y53Xft>rqJ2a%jmYswBZTs^k1_Y;JI9(qalU!lrU10
zY-uEkB%HA&DlSEgl7%|Mfl)ZmjN<DK^aoOETowxkLPFWgZ^puEC~MlXa!g-V)(DHs
zgQ>Bs#JlV3(>+SH<J35wv8AiWvy)|sOt(?%f+{46+s1Ry0mLw=ZEe6f+vz5%c*n&B
zeQTq(zS~W%=mB@TZN_2ZD2vous<%W8bv@BwA|?#G7|tDj`q^rNdYY3?<t5%^dJ*n*
z!U(7?#EWT-)zd4-6}$o;S5{Y6<>7kh<!!C;RL7Ohab+XPN|Y}XA8*`vi>jwr7I%Be
zb;&Q63X}4<vgDmm=B7_5vnP}~%=AIWJiE2JwbE&ALR^cE+u8}a)80%Jx>k4B>6{bF
z+0F@8uoDV4nkVqRcT(~BhRT9~e0a$k!-CV#l7UsoONLY-ErY3$T=K%|$+VxlwOOLV
zq)pbllgj*sCTX6geNz15B?M82$2vK9qm!J<ys^7}67>I+uwbjfsp0^tE&F82Vp`0V
zWU|5uH%HbV$rzbLtZ3EvRDl5l>d%m#rs5DY3@+{eXY5S7+c<Kz%|G<|SaRaTAGO)$
z*s?U1oMiHahf7Q1BW_`nl9gZoUN?YRnxr#xj>HB~YgbiQp#T)>+xeHP-)=trrz1B(
z^2_+X`tn(Md_>xGiOss90LtWA0T^kVeEko{S^s0N{2#sYfBcoH@!;l9mJ62mKh;lv
z_MYTCbTH_B84YN$33`D+kB#G|0hQjzPr46#$!hq+5P`~&rTTHPd|nL3Lo4L-a6XzS
zWadDhGfznM+gm+#0E(4*y7`@t;sg`K-u<w5zQp*o;d=1iaJJ%?i(dBSCZ;*KT>d?s
z&4zqP<Hy_K_G*p#U`_)2y&ukj4@)om!^Lp-P8&{zwL{i6{T4G-r=bIYN|lcEr3&V9
z@B;pvz>-dJ?va1oDjnvfJeu)@-@_I9G$jZNeA$QVqnE_?9Dl8rM+Wc(JIsg~X=aL<
zX=aRBr9{L=*AmU+Y1P7b`|9p=x+La$>fxIMH0Bvg>xwp;rY1%}nBdQLVRJ|0=yvgd
z!aWcaG~6mnpK!p+BHu30<}&t7_<){D@GaZ-o6T^(inwARL}SEd+GYp$thhz~f?fY?
zStpf6W|vCQ2Z`NS&0bDL{ci7YeZShFkns*>oHh2ABuYlUG9B~zcw3MU{^Dc66k3<S
zci1H;RWc3lhPeH7WHj|Mh=If1&&}d~^FS+kWwdTkvLPP9K#J<mhxblLf*FtvmQm|g
z&8>$L^>&A}*};j@N#a(yR*-r7HRx+IUp{%33<M*o*VRjg3=?3E&y7UBj69^GOHRvq
zq%NA|%P0rh9EWA9S*HY6{(D^d-!4B-p+`QnY>j?|_hS;;!tuJZQ!g#8<9h*?>mD^U
znKunSKGu7oyvz?m+QSKwV${5I9LnzOaEQC}*h|pvzFjMGV$C|3zfYEP1NDs=F!cwO
zMtRpPB-=LnSFU)tn6EZ4%r*Jruw@Z7i~R$kJ{}GPsH;le*TZD)Z$*7uunvVuf0R9D
z1g*QI;Y9lseQK$SOu!rmD0t)CQ!_zm7!I!ci@T*|sk7>Qq_Pc9B-w%|SfkqO!X&-k
zIIIaf!O=$+r_c9?{u4!!8kLr_XMDGb_I3CyoA-p?uF;+uqT$cvWbi#p2@wrmZAa8D
z#fPO&7%Hg*Dt?|QEGj1f)Kn<~oh1+738iji<gUOi`g-`B!XBfrdFs#KIF@tg74Uwn
z35l7jXcH;rEms<9J(v$yD_G6JM2%99L8lO!I?oAB45I<nr(7rM1y5P!U@S&@+&<`+
zvq=0to=Y|D3hG{;j<5KY(-BS$HeW_c*Sj5#U|0UW+wdHXSo?L!1y+9J5o`7umB1!2
z3qd?pg#_klj(@E};7Em?H?1DtLT6J>)~yHRKe)=o6TTcjCEN|w-5(9H{NfLT<T&1e
zxAD}y9>hs?KD(>yEG*Tz3Zc$9gj!Z1fl=oY;ob37CsSc5(<+2aa|qc~A%T&ph<|>b
zj`q2qqU8D$KP|m~+3&pNyAf)e909g8xx@DTJW$%|fO^t9pa0(oQ;<>bdPNWO|EU>|
zhmR+tcDbfa>FMcaWapKM)@(kb*OmJX_jf(&4aWNg7_)gX9QVSYi&IK(;Hu=**q-O@
zW-D7y(G12<kYF9muxqu1oEb$w8oMVm_Bed&3*!hrioEGyr`zdlV)VKF_ESndf19ty
z3D^89c%A^*Xd|qKt=$oDI&2#wOdc|r<vN-c))tycFbB$Sv0RJ|aNbX(93_=)tDY5}
zp=XZ4Sh5F8A$^)fNJ;F)V+!P>U5Fm@aYAn%o2k*qvu3!qZ0<(Yhhmh`c!zR3YZXA3
z>cLSfteyldxAvehmSb(_Cbz6H3Q#xXIZ^~hfgidP;`5gvSaW{UA)6yzcgb1B$$*KS
zreiwGFEC*KSr{Sr<v@2{_EwMj-DCaJz&#l;v?lrbA1)v<g3m^R%WNc!4iYD>?Fd{Q
zy4s3($+b57w4Xb)XHN``(;d@IHv@7dfKRuCXeOI9Z&b?Ju-*JDpj20riV>)8z){`6
ztmW)8=qA*hlM)7;-ZO>Z9>ZeXG`M8|>b|*Vt3vcQ-=*ozyEK2nV^+7@HFupfheF@%
zhT3&ZlvQpmJsPYyk#=-E7}}aK7<WQ>^#kE?lM^xhCXh~&IzuJ@rwmhgJKv30=R%|Y
zV=gINuGp~=d_EZ;7^61#v4eSaLFjBcKZR3oeiRQL;>V*r%z_k$S*PJ-??h9UFO4^_
ziZ1t0VP_A+#eGwSGQoMOy^zEg@223`_{JutDwnZE8jO9(ZB^_O|EJBm;u=*OL{`k^
zhsn$-xC%LxpiC-dw)9B`Imex(Tm!S2986wxP>>-#T=1)8U$z{*2VTT8tVYh3GaY<|
zmu+9!_Ctvtr{8tDlKC9${39D@_Li}*ATxm_3bfyzNQmMDlc&^S+}<F&%?0N*BR*{_
zzL1I-iPox7wrN@edh^wkDIEDXv*SW%hs#p;o+ZsM`aS=8`eERU$H1r({TOgxt&2|J
z^~G*dEX+5rYE-^Vdx`;Vo(w#@{P|7=L|fjx0Ds*sBtD|2TA>nStdLLj?%mhQn(ChM
zvuK|681O&lztz7r+h8)7G;PN4eNbVe3iW`!S=>cYQ*!w3UC^J%CbB;NKG8V@UN9Yj
zpU7Q6LD-+fX?{OnK9LBETv#+<H30A*-~e<7BxZ4FXfZgz3K|EoCp`tL!PJ(dPvb>3
zW3QnT%o7_ezDb{O<anZ$vqo(so2!CyNZAvyCEPu|Y&G5|uJ+PX2+0wKe`~E!UcG~}
z?}(6oE0d1l`X%t`4o=E$1Z^(-HI(CUvxNtE&v|LDG_5cG5san}h{{B$yjyY`1sWew
z(vG7`<+I?lc9(|4e#6V`6H8`lM}40rMj-RQ#x<r;ZT|>3WiE6`eFP!<iU77;(rd-}
zXlrzT(M-vG6KQyDpw_mG0D5C{p5Szv0^&gQ1$*tD#7jK>Sn@^_J~Adb0anT3LbJ75
zN*OSE*)+(7AZ-`gs;W)dWgBHMtdODNh<x%O=yLcyCUVEA(&y#!(UHL{gMx;ZBD`m?
z{WH{R<95Zj4{K%lZD9{&)Pv7U@VoW=a>&GF$iJ@fjAVvSN7uubnZgU{c%Sqpk+@9D
zqp#v=i}o|#?FK6{VX#bkOa0tUzatwT(Td{<j1dRgr~e+e{~q78;4G}%Ycv5^PV6C^
z`Klo233Cg?gpp9-`EwQb=oC4xazQ?KyNv7<s})S2UYOGI3WR2*>k!)atfRibK>>fB
zGA&_9>)65{q(e4@z|5jBcRnGPSNF$xBRm{TILHBC&!mq)F%V|!gx@YJgp#{hiiP1B
zeYpA9d{2}n^6Qx0WgWi{dg|CadtoaeCeTRw>>ZmIaFvPY%Pgf+iW!UF%+m5gA~0B&
z1|T;ArMmXiOeEY!y+LXo25zf|1|3R^;r%_xVB=5PcVMzfxKm>*CcX6tr%iI0Vm13=
z=qbJ&)-SukCwF(4eA)t-@>3D8H}}kCZK93tpZ92rmpo+j>9Fr9@|X(Yq@ek6DBbTO
z;=@rkqf5#j-Zx)$6<f-7Gs=@}hn^Gw7^0d_JKUP#Y?U@+a;EbKcL{fyWWhPJ8(bHW
zzb(X=nbNR#`#c>tyIRA2F4I<FJ4%w4E560nc5$d4d&99j?6HC`gsC^9<0KBsaD7H$
z@Oip;M4&o;RB}x%6+S>Qp*C@;dy7{J#WHJ8d3zJg-1xK<q)9!&n%TuziVs{zxMnYp
zsj6HohG@UkUYh}{7pBA;gk_1Uip!34yzwqebj3bMKM>bm9u0+^*;vo&ETqTSAxoFB
zL-KDyujDe;ItPF4E?uwJr6>mz(#f+7Cq@WeGMSV&|6!n?IysQaD+RA$N!vQJe!EBZ
z*e6+cAh#mMVyARBwW47!l;IFMh`pdWy8_8NZ;)c5yzy7^;@T}ec@AT3*ABv&UCSah
z#Zeb(ZT_b?)Bh6QM0s1jHWaW3a5R+W?{$MQT%?;1Q1IZ+DFYbB<W>d=H@v;#4aVzP
zn_)(5LNt<@#P6o-xsA}-o$+pIb__(GT8>^Tu8(xegW=qw$)jtAFA<9`XS$)hgx@Yt
zVJJ@4>){JuzgR>u76EWw*tMB0a~HD$=+X7GCS1&UA#N9wX>-K!Hb)0JX_$0K<Q{>p
z*LP{x1MM4ArEh^i+Q;b%9U>gc%SifXl1llk$Dh77GZ7?UlmIX1Y7G-j#Cb=i$I%U^
zvfxSY780&Zh8KFj9^T7OmVeJVgxz**TDPpb2v9wvdj5b*<*1b{`(N4b2~^t}<EsWw
zlnl==7MnG9h$7ixa!L`TV%#TFqrIpIPD?s}ZTJml$Z2@&$(j0C{y`x1K9q*4%OfYF
z)VIm*R#R8Tg*H_mjA@h=t8R#q1f0>mCtTIN`8vc&CljxPkNxbmbAnpGWmACa!&OXe
z9mdJE<la*Qug1)Q=hvZBVwUg1B#&)HVF|TbMuhp<3`b|_vj}ADw87LoCo%D{X{aK_
zOXgHIH>6jG`VCeoodc(S74mJt=PpKNg*UzvIC1*U70vK6cA%5P01|vknsH&$1;cKJ
zGl<B?`qF|bJU*H3rj0JwRel6}ukP&fO7PBRuLQU@kuN>`b>;n46v*EA0d`^IrD*F~
zup1mRnTbMtLAa{pQ0cvVEtN=25Bo%a8J`ihR)1RF<_E{*ppVJI5wTS8(T{3yt#-cR
zXURe#*G<G(0x7cki-#$n#!dt61$y)Bkv+qc#Y=4Ab}~B<Fx-!uEiyUtJw}bk>O^&H
z&o#pv7d$`c^>o!BeNU)&fA0gmqtN?!<_6bpBI!wc&c?BE#owc*UpSNJ;To=&FN`LT
zYFVxz;hx(sO!NQ?e{7yv??9XH4?`52KsNttr^rlcgt0O~U+*W4i#0FBFk<d(zdFfQ
zMxC8pk_d7YF_%%M{avOe%Op#awt6|#((F+?Y0_S>n`V!S>ft?0{>&$zkWzLgq(oD1
zYexYu%w8b@x%*CTnaS7F=Ber5nWBVPv_hKIvxEoLddy)dR#&)aJJO!ZIMXEeH+flq
zeGykV<4~>gt`HxI5~)3`mkSH0mo%ZkB`Eec+vf*jtNhiJJaDL{r;?{<$FNAmQEh1?
z0-`NFKA3@vAhv>fAX{dKDM<O*SefwE^0wwlQUUbPHpegveNkK7fJUlI6PqQhZoP^|
zTP95NPld*)XSu0}<!dN(s;ou55LD&ZEFn|pw3qoKjavCuA+mIlMj%743TF%9Q|yJL
z-buA1l8g03z#n4=r~Nv3&bK5X_kyHlgE}j_@&>{XNMjTuXr&+Rqc_?69p@1F=tYOB
z2h*o|MPTwH>aQq@*Fz99#{~B*I!JN)A_B=BxTm#T81)UZSX-omKtui?`B!-1A{+ZK
zeYcib%OEPI#7}mc_rWAT4wa<paJnkj+6QT=M`XGmSTQFaoBanf-sdF>jkQz4H>bTM
zqJl6vDS7YG7)_lxqv_y@j~Jfj`{rWHW*WAAsUJ?cF|+XB^1tDq+u}cLdFpk5ZD`Fj
zKWA`HqHTIflVYHG9P5-#K{(Kq5kK%%P&=Ddp*oROP&-vsP&-RiP&*G*P&<fJP&<B9
zQ1oA4>zsAeC_>XYq7vCo4`o#6s|v!Is)BHisvw-5DhTJL3c~p%M{H2rRq-W|Gi8pb
zxg9c1zJniJX5Bc}*Q&Y+#N=y1Z{Hu!1I!bB;BW~q3)sxzY$qgCL;n!IaiP;rIySo6
z9?HPUi_q4vV90wa1<>ttM1liYd33!e&QsZ7uALA^q&qb2$#MjybBO^t!T<*x2JoJA
zjyMR>nNR)Okt4{i9bmV9_JC0Y(~ax~9UdFSnz;9{z1s{%vYRlOOUPM1;^edkmutCR
z@Dv-X=eil|5&I2+v4{#BZSVAeL2QQXo5*pwShyNanDrJqL%~v?vejXKU^~bFsjaac
zS~xrqsrn8@j4^LBe%Q3520lsXC9ih7#3=?|Ggt|!_)P=Z&4?_0VsmbhVs=9kGqWF(
zSe6K3ABA-j&BA_{$ErbGz+Qa$j2wHj<bH}oTr4+x0o>IyXvBX=^39J%z-N-W_4TPZ
zF&Xf8a5Qf3Er4kUIa=cgi+wDh_F|RUwd3U8e0Okdsga@g(57PN`~ZZ#MnEjt0i8=K
z9<U5qJZ5$tEJj|URMx);;*(7KlKnsz8T>fBjUCN?N;L|sI7LM{Z1_63)VCeNu#P?V
zdY4t;o1~2}$y44ts~BJwwbx@`>;YCN>zS57TS~M`@*pj92god82dE#Glp?23z9~~<
zF%<D=K)%>;!}#~O<7hjZAj}#IQ^Bz%=-v6&pod+RG!u;P$#&crNPgZTCOb8fOghJp
z28P0etfzOIbB+)gRZ^k$c4_eY*>q)qsWf;qLn2p$$>a1TK^x3F9MO?^?S}Z)R3&{k
z0rD_QgpYiC$a>HeMHEulN8XJWSQHtUIP3t`5PzI4Rfu&40{ul(5wPK`u>b7FtO&#m
z>;s1}JmN$rBiL>^mV}Uw&DqbUVz0yU%ci=F%tjg96fpcMGtVRYgFne}Y_E_pRB9Qf
zLK!|^o*_{ZQvq+0se1QSs)Vb@HX676@o;&$25kAa2&N!={T;5a3FDd=F#W~#Y&dRw
zG<<IEHdl+LLo=rwHPQTc>_<ry<Rg}$#zEg?O*ag^hT;<b`va?SYeZHrg8EV_oINa2
zK=^5xfX7b4)_nCB+P-g^CWzu(o`L<zzc=5QJVj2v9?s1%(sGR)Wc{Q7wUTK!te+g3
z57;qVqO3;L<bqZRVJ>X776|~lAn$AX=FY*18D>=*VgQ$MUq75d&qQ+Bp$sQamj4;k
z?PmRQb;o8EWuS_*+BS3c`S2dn5Jo+2cWG$4yOHwIj$8C0i=5UnY&RL-RB*K;zW(%8
z$4IO=EvgyuRxh~n^ENItt@XP!#go!u&2rw2xld&U+KH#_Zfr<PVvUm<$+*=f-qabD
zf2)kZGGsWqq@sKt{w*7r9OLtLJVXW(`MS|jMyn>$6y9I(o;L{myr;g%db5}yIXd@;
z8i4s~%FUjN1P54Qv`Pv{RwE^qCQj{Slnir)8YPz+ZL64DywrP|m^U5yAglbSfCHhR
z5JM%QvJ+`jF$rBFg<GBF+TNorEUWof=5gA4xm{C5@mCq?U${s+!qf;|iWyUNNoOi~
zc_M2k6Ng9IBuEdm=>+P#M8hydtVJDLuL<j?uY>S+i_Ja9uGTL>z{=@j!sORZ(N6Z{
zHi(C6S1}d;xrM21dN2M^pm_GJT)jXR$DUxRZ8REbT!}R-{2FsB?v_$i>XDT)QiGU*
zkcDVckT8_R-f*Tx4$v5AO|@Px*M>D2B7SR3DsrSH*V+BThDhHjvha8Xu?=BJEJ$A?
z@}#95va~Rr!!f|#iIcAnhAHCvj9oYL9ETAUwKmeKi@M6hLOx<Tycuz+fngYqR9Htx
zXW@+AT5o4Gq`O&>XM{iIvoCrL-+#Eg)(HAgDpX^i)tHzAEvcJ_Ks0+hI3Ip@fUn&p
zUYgP2^(*c_=xP{jE-#pfh6}t8S-!Y5yu@qPg_%#dSl{S#D|De>-3N9#yoWWxqaz)3
z!SXmO1ZL9PWkLUJ))j_zNu)#K%Nllzmq(P_clK0;{ACR_DMW>@OnYEKcS<(Ibiv2-
zIbwT2JE<7(<rLk8jCdFuZi}}OY<oDflVr%ymK70uJj38S7Y<=a>42CJ4k>+s@w6zs
zB9<=Z&@z#vCP3*j-oQJ$xOp$c&Lr&xyG6+?#crdBsPx3jQ$-wNAL*6!cbes3hc>)o
zM^7X6)cHk(t%gu{V}qN?sj2IXc*imGllw-;R<79%FuUvQrKYGG)aOQ#D4j*%e%9EA
zf$7AwteIDEs=Dyz_|cIz0otkZLU5SvgEW#JERzaCO2UljBh84iG|2+yL7Au+d&CcM
zfUJ&)mSZoTZ!xRfY)6BhDrZkl8GcMv#OWmB&U+4bha}b-Ho;={q^zh9^`$T^Uq1@F
zPew4fSW5A;VT|o3+%U!`AQ`fxSlU?35LR@JnNujQplO=(8SE6*gAW}{Rg#dXjuC6<
zF1ei0Wnt7wuaYN)?9o`}yOC5>s>CUqjEsC+XwQ*R+5g&UeQ~h}K!OuYNq=LzscUx*
zh2^AJ)iAyeCp{cyePfx@<9yZDoT*F&da?t7yty`bKMeQ&(XVa)Ql7T=+oP6hd~6Vx
zoZ}-PC9q1shlSKBkyG*eA-OeDR4XzekuITh;Wcl`mz^kHZ__yaK3t=(&LONuB@!0Y
zvspqlfh2gIfSq?r<fwr6q`hqlDb3v>r#H2}?SzOuW%rfRGfN{B@!`JHYFci#Ij}6@
zRcyAIaoqD(rdgYmQxyNBU}o;t80nmVIedpwHEGIqr+zYUK(G0OP#^m#FttbN`EEE;
zK^7vlO$?cC@RqBS6#<FdJYIimGemeGgwbWX$O~Hk+6merS%|jfY~LJS>vAVxxZ(by
zrpae*_0jauWbTq;o3b0No6aNQ^k65m9g0Vzga^&y={t^6yR;~_OQd=`Nj=(i`?!<e
z4rN{kdzzc|swR^44y9O;YBH<irjUztU7~*_b(9-yiT0`YEQnzw!@h1e+nCw+1KPc)
zoMuF(KHgC4x>Tl#E{bhBJ-;{k_4eLiKT6bQKj5+Ixpscs#B2<!rWYCzjCj~*Xl_c@
zOy8xgZA_{uSQTC9B%v-_KI#q+T&SB37cG-hM3S8C2EQyC_lN|SpNDI}v36P<qrq{n
z*VX18F@p%k9;Za`$DWqUH+Qd2#FdKQd1Yqdy>klv+8}Vj3^OkPQe&cSYb%P0W!OTM
zIDA_LIpgf&V!JAYlMxmY-nWHlmPANS3&o<vi=;&ft{|2tV`gmol-#6@hch@q<NFLe
znfxESGLM3=-2u2|Vj+Zoa}4tcxE==}+bMB}9E-F7n_~hD>$^~MZW<>e@w4fKxq2}{
z_`4H4{-;1mp-tK9S-EBM#Pn!Rk+|vaC`jGy_buC2h!xJ`ASEzgMUjX0Ksk)vXN6(t
z_SrUI9(6VK=X`(;K;7pkAI%BfjgZ3e82FCh_tSx7*s9i>GC*X~Dwv&PLB!Q(e<G+(
z*_D5V<FtsJq5FrR?tWk|<xXB~Vd|{)E%n=v+qs|7u;QjW_(La@%H)di{u!q8yta}d
z*!I#gGuEV_a2UQ)7g8T9w?*SGnmELmWR`2Z6J6gN{rYym?Y80%?b|BCsYCI;Nk^Ds
zQbU?<icU=5>2JfeXYiB&z5mG*QV=VjjXZOSne%G@UIN_wui#&np`<J%i7JsR76R+3
zl%X9OHreBc!7vx-&Ck%Ki8Um~WlbM!7t7HGqg4xFOEO<N6n1!uE&*YM+6J`3`zTqs
zH`S8SZ818%Alc&Ha~eU}$cq6FT<kk=GE0z4yD{R`^wmCiuz$n_zg-rXjpb>B?rGss
z5gy<UYwgIiMi~56P~XJmuHBugE=Wz>nNyDgBIeb}?llNddPLJ`AW=cuOv{@VSW_Ws
zgQV+YgTg2frsfJt?G5KEbHFL8N0LJ3dvRwL6?x>LSQn!xz9Zg<gIjinS5l~6w{49C
zgVLCN&p?G5X`QxznS#!m)bjs9*Mw{e$f#I(EIIRO*<)?ERK%$)3|-<s-2k!Z-AGor
z4eHJ2C7^RGaHR)x3VE_pwe9I}U80<#@@XoZrDR^y-Xm@F*vxmM<>~UfV_)ya+^wW@
zAw6yI4bU(?J25aF8Zn2$InV&@={?TS9y<MLKq!)EUXvp-KTV9TY^`GrJD)pM^G9>F
z=B1t_v$im7Tzte;>1G~;=#5oMJz!xB1@vPXRa@sYUuk7S)(MD#lTv13h!L~^8sMf#
zC)mW|Drm!&(WvYjWc|8JCd*wCGjgOM@WKTQ?dc0ghAg9Y>d$+cBi8`iEei}{Lb0Ao
zAjuMF_QL080A`6M1ypr(g=uXmiy$|pRE26=HA@cBl|L!gu&RuXj`2aIh&InB9LXEz
zfp8QNDjw6}d-HObV7i_CrbW{GQH<N6rA#&7>=BuIJoCMfv|H%BNjJy6G@+>J(rpRS
z#mZIUVF#mWJ}>|lUiS<^W*xAF#X=S}!uK^_dI~JCZkOpTvpubghKy{k+YI94R~>b#
zVVzR&ZJMWk4jQh4s`m5oX_218g`}Cx8O5#V4E)k;VE0xH&PklxG%9K=dn%{c#V(y<
z42*4SgRu5ZZeZt&))MOFHC-r!TQS~_vOZQA_Q5FtcAJy!e_Lw}XKY$aauzga17*3O
zBQR0JLsW|OQ5tb{$$P4gZjUjzWnN1}?pshbPujMbk7kaj&hIg+Wp!{u%vBv4>N7rc
z)U%e})qV+62B8wQ(6OsW4OW;=0dd^Nlg?^Hp%*M}5eEB`z>CRL$A&%4$-22wwYQuF
z8!wT*V{bcHh+@-<gR#LfGS^}aH%@+_85~k!H(RDJ(s9zko`1ai{`QR)7-&q@0pT)$
z&v|Cr{+rDN6lWrzCU*yd&z5&=G?(k$IG2AtRe5xh`%9Z-nl6q!+xejNYA9HYmJ}D?
zHe&-(=-E?YzJ*~&qBtVxl$gf4Q#hSeVdUZbqggcPByfJRoibcYR*g@pFl8SS8;i@=
zP@^Gwu^_%xm>ot*E`-_Ow87rRDNF|yrsKKVi8XS&=Mne_zF)F&%>-2>XZ9J_D#m9U
zB}S-L3OdS2A6)03(Ay>X!6diCS<ZuoGMFaHG+HO%^yG~zHJ}BeIC3cz{gqRe6MjZ2
z$M|v#V<J-$=JUL;bpoQ|b}*?EKx6+fMJFOX*ulr_Q>3Z1iqzR#2bG|@fSn*xr4H@H
z-zR=yNy=|bm!I6hA{c=lF9;bLQMX?C8M)twQzxCJ9TAr4O!qB2=LoQ)55CrR0^Ga`
zgOU$(>`12HEob!THEM&UChSQ##E-wand>vc2*sZFjCVMDDBY9FNK`Jr!i|lziSP&}
zROpiAlcA0x2f$s5vjCgOV#eWPGxGEtH(k`f+f8$G>!L}IBt?Ihg4GSjsp>dUCP#qu
zCPM@jf4qBpOuMHOQta>*(!^1-KsTakxWGnh^ek=9*5KNFJHnDkH-YH!o2>&^cMh)=
zRUo!yW>F>${>ztsE1H_qAyZ|Fq`mZK)^oQJHHacl)^nsh1T||TDIv1z6r4aLHb(k`
z(>d+%`1J)B#wbtjBR|e?g5(A4Q#*VU0m%zlj)xbr3@6AOI0g0N8Fth;MuHS0!P$XX
zPJz#$fDzO2_sh?3-UZ>d83xqH(My1TY%=HxQfhs{O>%h^M5M(5F{=gCm-nrJ^};2p
zX{j1~zgiRN#D0KoQBfkEF+&Gtvq(ZH&hlVJjbKwn-=S_x_%r*sj3KOhu26}1{}1EE
zh<h>nFyvfKU|*;Ihjgq-=odKQ2w|`96_%H?fWIu8$7Y!^OhF~oywO%9<yV-(MB$Dm
zSj50m=T{{0k#FApR8dlMS0puCg?iIf1e|(Rm^UA^RBDF$8M<BIekWt8$j{UJ2R0%0
z=A^GtxKyl=tHAe+z=+y-3g-WTeSR~24X*l>@~vm`Q-j148(^AhY=VMy2uC4&`G1NQ
zJk*2KcSs+gm>d&f2_WJbWCEO6Lt-wRtw@8!!ue_Ed=WtS-d%t`;!6(O4JDW8aV9z-
z(OKl3ysJ|7xH%Xez~d<qcG(#2@s5*xg36-Ppa<!Fw8I$8TO54l+&2d8>dlN;EMQ!l
z<S~<6*`stYZK{oIQxz<wA+{)dN!UC?;x%*Zyr>(cg@>`VKZi5zBF1k$0b`{goSc=y
zpwfz2q7SV92Lr~3sYL*n%fxzM>jlPXBn#2WQ7y+~ykQ%`-Y@Om;mU(d1@cRA7(3F!
z*vm#Tmtp%lxF!q(jb^4U6^`Nd8QEAE416<A2u)-}7JU32+Nsi<>1FF-^8~0ruGUj8
zA)Z$4oFvtQclKDE30_l=gy-F^g(BYLP_Thb0@MM_*VBcOCD1IGS!&q&sZnoc8X5Cm
zs)X5EX49u4L8>9x$2fqn(gAg_d1SM2u+!z_1z}cBD=mW|QXv>{aVCSk*5GDbU^S1V
zOBfcZ;A$vU)OiKd|0%N4`gXIKT$$j<@<1NLwzETGdLDCH7<)IAa4JXV)C<NN7}YAX
z9m&Q$C~iMmdk2FzJ2}DHR}zHjX3p@>N#P08$w!-PGzRfCQ&Gc(dQC#LQBuV|q9%zw
z?c{2Ea4S=?KsA^lY2wQST(l%Lokd^>a|FZnc1Cz?UhK&$tR2$Ctr>2xQ5(hNtKk$n
zZ>RfLJlLbpTZG$6s1S#Sq0wQc?A@>h)>Cpo_OC!R;Yv^TH}0On4(BAW4In$#Q;G*x
z+Mzgvp0Qj8$yw5+NMrq|5A#k>`ksOe*a7&SujfMc9v!4Kd#t#5rjeNz;%SpPJKPuD
zL6}bme34bFM<Y48Zk{?~*1tuxtYdSWZ21dsC3QOXijjidqC<?@s@PT{?h=4ckV3G5
zxYh?P4>f$`9*=npLDnAGj%Q&HF<ohL-wU=;m%SWDrAk&o;7cp%>*5^NYpe2(X~0Ar
zYjcevHVuAhh0b!JH$g&;TRv$F-n#*9+|!w`hqN4;w-m*e<}sfi%2aJK{rr3T9;Q|i
zAtmrGNH!DDJRae`xKBdHuGVyV<yJ|VT)>aWhgXT<!pme|T<Gj8Oh{|WT+hqo#U)1C
zZB;$IA6O{*l(y{6a@A~!DX8A(%9JBRiRPpJ%RLIysr<Z@DDwiU^`CL&z-&~A(%$6!
zRyCp`HO-<dLg$g=$gRT;DbISl^!wG-!i8Q{a+my-3~BgXl8XaN6uy*#XaMBwZe<i*
z(A4UvD+<v&u|pbd7EUd(+MMS#{+=|fkSXb)LDH|7>Zb0_9H5pu7(l(by5V3@XgZL8
zuzf>J$)QUWOEL*p(OS|aFMs(#ID4tQIFwZE{`0xzLRH)YWUDlLY!%n)1p<aaG$Z<i
zD<0Q;O8E<?7?IHAE?VT2Ohp`wSing27XFwTqD1fr`ZTNEhEb3pQa3h%hG{a&9F9>=
zx0?<3_$skv6FXuO{1#cruJ|PAr>GhmxOeAnENZ2nX5`4b7dkyMr?DgqH&{NZ5o$YK
zmfLOL78dDnV~sJ8XzSr%Bq}PK6AW0Nrzod6=7~hV`J2429~8LV-2JN4S=SG1q3hxE
z6)x%ufitod<}*n}ILA2rQ6^hj0V=vV=&o?`?PAC^Dgx4t3R{)pk(nV~RM^TZ_%$CI
z{GHtxG8LU6bh%7Lz`nyUoycKcHt##Vvl^kwbr8p!JUa&2;ytbEt9#my*j2Ex9YIkm
z0eKF}A94y$1T7ai7Cwr7H^aADKsKN7oAXts(67_6PJm_#A7%$nXK(5V8P@lk5xB7R
zl)C`h6>S)Wk8n>uE)2xLS=<tyH-m+QBzc6C4KC<TyI&w*8y&{z$7pVgpuvV2z3$P<
zElB!+&;95b`wb)MQ{Ex5m(}646a!xd^u9%gaf=&#IgIV3-P0EE5nC07MH9OcoXWta
z*)MF)*~}o#QLrX~eb^k}$I86}?8JQ(7+|#(g$^-;bE7`V)k2PVv2d8LH-V^@EEqX@
zj-~@r(rp`o9w~?>BVImy&RMw1-67E?bqwBm&AgnmXGGbpA;xVKgsu*<=18i|oNZ}n
z&l+_u(^#)EP|Ox(mv+0{rKtYZ8sf8cm5W56bvSLQcf%QCP34tOvQz##pgP$Ws>*Ic
z>laB6t0L3aSkqMP-;OhXTn8E7eK16IKNz50niglKg*qqOYagKBOxkH3Px*3?sU~SM
zt?{$@sz#N9wW%hl;jcNYU(@Eh1cv1<NeBGvG|ES^hMLBQ)WMBiZd=w%zQZ~q+n;RW
zU(-py6H~=>*^O*?x<}sOOZ5HKnMZB*q(I?iX`k+U%1#z(uUZp#W=gpnOunq@85B`q
z2ZhVCn>*a{5~GF5bfQ@U+lYYDAjL%6zB`3-MfafcioWM2-Nl)HlEcM~n92uAuih3+
zHuMqT@`@^vlrkkzg<(;i0{rVowkgMO=wZ#}UUG#&l^vhPQ~jt$(@|f!uurb4Grn%_
z&o=8Bt|F|{GJRYpLi;>iaVv+l1gAB5vTJC1oBmV!dR@pN(;#!N%&Z0^AIlE;Sk$^?
zXEmJYUB5#_xz4`tbiI5w!#R)X!eob2iIK-z+K4bXbrPp;WPO?tvkD5#J}^6s!A3Hi
zf_S|7F2PKe?JZ*Z_INYSvwxNK2&|X{;{n?`%{H_37Vw7}KiK7BGMNYpG)L)j4uoB5
zqU&ZFF+TET7oSLOp-kr!lbEf4mnq*yc-8EtlAt`(&`98<X~bMUo6T`sGQB5z8y&-i
zsUxvU_NTUWh{XA9pU@~86SizcN;Tf4!@eDe>1^|jd|>JfW5+2bgcB_^CO7mb>7&aY
zJF2ka1EeC-1c&0LDNYwJB;MUi$R0ncO!_*MP*<bhnqHzyVvm6<nH}1CRTCIkH9D@!
zaJaRGpwgHB-ePOmoBJah)VMWYUcP#|Gu&LH7n0;b$qHMOth2c^9Oe~T#_$N4gVpcI
z*22JomMB4TDOE7jEwgI~Z!Yj($mQbDeu<U7IRuzEw#lWOH=`|XwRNoA)}&4#HS9~V
zQKHjGI~31Ait7?<X96ezywh*fR_3XN1{-3=Lbo!=EaWS$jM4{GDAeY3cwg|GaE)S@
zy9yplkXuFJ-F4nbHB|yq8c8jGgXv|*x*wP%R3=;74@ONl=JFctc1vI|*{;MYWb4#*
z!L83jUL%)oYV#6mJy|<_D?vUQtVW!V7=AaXE#c|K_~zNIZT16nB*~_`5_I<Y#wHhS
z<qMVF#c*z}fD7%Ona+4E23Mh`GL;E_F-t(04;y`hdrnzrmC#`xe2mjEX_0hs6)>)5
zlHc+Zu4WT@&NeQ<sZ(0p7g`|dL3_rL9)l<N#|aZgUxb5NA=w<nf^5Dti0zb?9D}C|
zd*I=RovMNEAi2k$x8-=Uk%B2QSVL14j<3*QUTZKCaWuWRXD*rD<8-oR0;z-%=g8^*
zy=8*WZO}EO_pnKhrTcg=KX$U2WZSCT$s#X0PF1ZO!eJ_^w@7QJ7(3}I%3oF`b-yW%
zPnoDRZ=KteWy^^}EioLr{)C-P3C_qoQ3*44%_UYPCT-^ktV#x$jwX&!s_lCNRh6VW
zvso|2A*Ck4gp!0$8MZi65Ub51gFGIkG(mRbrEn<m>Q39&4%LQ!Sj^_AbRHW|Po~=F
zQ#aXf<kUqaCGr4%?fo4~({k_*PV`l=Lt44a&cjt4ekI_Mo+49Gm>fNLlmKo@C<){M
zv0xf+AMoqN8L9Tc$r@ZcBwDb9Bg=}IDh(y5Cqppl07gv1_A!Vdigt`_q~&x(iPct)
z&8GoqKX#EEtCnP43OuxXkIoTb7HleX0ve$TQ%UMe54%HDR4};fpo>Qj8Ma5%{FL)|
zfMw5t?ET9e`8v&ui3mc(t$UDIaEDZiLsA6m;~#!^09Sm>stzkPV_Ks=(>}<4i7$4|
zofRGn8z@|yB+M99`J*J$oekAMT^2!O=^ejs0<$`|Y@{S}dV;-^RG&k0fFtZfcrd@{
z=yne|j`pEgd1<s|JFGPPh$nx5J<fbw<LmL$(U~mqh2G+<vO?WmWeLUkV-<Rf`^Or^
z0c3?<n{UgU_8QBnD)bhgkTr@I$O=`hzLr{Do9D}%mE3Dqp{jF*s?HTE@0B&mE7T~j
zP@}v;jpD_!LiI*9YA!Z&t@MI*D0W{Js`t%k^0-;jn#awI+6x|6D6deX)VW5fWT1b%
z^F;Ho*zlc(b?(IsS8#YH@d)OK3B%fxbZ?u?QYIdT`{cBtuc(Y@VOMt*%@kY}P8?%I
z-~iWRl&T;fyA@$k3OvDRWFcd2FP|wifiP&8_Bh!Li~>yB$W&pxe>#{>`DTKhEbuUu
zh%Y{CjWhgm=ESR=w1Ha<2V;wmuQ+>RQuX>f%7MG}|7*qiuU|Ewt~xL?tBDD!`@h{_
zk8Z7RfL2-q>^?bzXsh3+lg$Io1j~g&llagw43FhRwHym_ijY8-<{(jvsl)kJC=2l>
zf3K^SGH%9CDXW6m5^H2Q?-HB+#Tb1iHKTXf89S)0wn4c#R5nHkembFe7Iiw}2%U|w
zIL_6%2&Qk&_EU)FJ&U4>+jh_}8pTetV&TO(0erQ1L&c0+Xq<UoK5I);NLs%O27_2<
zP!Q(ng1F^M!70A4TfI7zE4$6GkVZLU^)!a9)A<&yEj5++pDR542G#GG{AFu57ZTHA
zDHZy{r6KlJX{o<YOFbUUEQA%!wPS{<dD$@<Jm$Jrj(V#^-o_&%S~380_W&rxWj{t&
z!<w0nVgB9*s{Q>9Q#|jqF0I0r)*Kdj$`J?epx<$UvP6Xo_FTa9;=}J2Qm$I$Vh^L(
z%4j<oLsb`6)eJNI6UrBmK*e%7K%)5WKViIT0x^X|Mr_)YL?U#D@)#xV8Ks<=d$U(v
z&uFhM!kwAk^?yvF8rR9Nadm%b$^)f^t`f1AMn3AtyA%-eHi6j<eH^rh#Mr>N2|zq9
zUzG-k6O5&>ARDPp^j>k;W;ct#womB{ezIRi-xemFsUP_f#sEBB82ZgPn~Ww*uhz$<
zp~b(DD)wr9G30h?JbC->-9kPyjZ_52He?;?=*x$#ay5S(z1!jTg!_(u|1zX}W+CjB
z=F>H75Y9}D7!een81outM#Y$n#j6DS(5xvDsRY=-e0{qhm4QbFCWH2`9ZX#C?;T1P
zQ+OxXkRJ_{;$4B$MX0#*DI#E<Ao6oVS}Sa+$<gJ%K`Crjimzb+{>Z<&L=w6&+SxlK
z^9jPD$#tk6MLe(~hy&JB8+r8x4KIT`+o<u;NK(~%IpT($-U~OLQ>1>*^rP*Fo+JHm
z!fUK2yy(&ZZV(mzoq=kR{4vB(Lg*<be@511Du5Amhf-6&oB7IubgfTsVZWNzgdzL2
z2lj?~G8gHw)z9=vzt8$%K+zNpwx?9ue*gYk@cERV!IGb;ewO-4n&gu;zOr$I#Ka7h
z#CnWcYJVqtxsSuy-TvopCrHlL^E=exVcMme7Tn0ol^-nm7fago4}Kc{`EYD=DVK7e
z7RzUDl)|g*nz|J6^*@DuWZ@*w15y6o&rw5x8=Y)OAcpmsP=po#dt=hx=Atd1&cA?n
zze3Sm%DY@&Zs@n+m^PBPa6L2%^qlHvt{>!hZ0Zd42P-pVdM+MXZXsx#kjs!GCbO3W
zYjUb5IMzEO&Foj>PZ9K%SI^|h|N3tH^U={ygQM5S{JecVxHr=4pMM&>dHu_=qi=pb
z#@Rwfe^%(P>?Eqtf?B9$XIUM?+k5VwvkE(Y{nM`l_6t>EZ;yTo)Cw!8XZQ1)w^d<B
z8MV55cHD7Y>Q13`f`VFhmcSxgVFk6y{_^%$a+>om;{{|8%;+;c%$C88T`{o%H?IH|
zfjL1>-4MzgkU-gu{d&XoC-_WEbYy3j#599n0kf&xC|aLzw%eX8;{wyj4>Swg0+)D?
z4=1p>rx8=9v?c`<fUsK+eFgc5vIv^fvF|W(aXPFldbYai#LlOVdAUvi6RjII_ZLd7
zkyVKRMJiSZOqjR;6-}apYqwzr(^Oz$CQQb{vKeYej@${s?5CSCl@g)S^MA&phskJ7
zs9^$>_cNkUKYP+Dy$%0+pLDP=*XzaotMm1UhNFFNu77>~+A(qA8AC@|kiLQMJl@=5
zPn3b0gf&6!je68<8!9yWj#1dZR{ZQ$>2$ohe?=QH2eGrb*V@)Sd#DxE!p*o*;lhxF
znBk!AP6-Ru9)hj=9z2bPg|33u-KCsOGEnYYabmeJPg+i5Qjb7+Wl(%pI)1T4(L--0
zDGO_$;TW4`7}Eq6VD5*yM}p%|icP7gpX?rl!r4?9aZ-SCk5Ox040Bri5(t)m0zKi#
zXc$<1tl}7^DH<z8IL{D;Qo4jyC-|9zPm1Pje#*kfx|TLkhW!8W4%y0r*3%ER>R)*Y
zdUR}0aBSBT33nj|q94njlo1ja)}@A3QZgy9n7i&s)U(}GUL^HQ@e@d?J~<^qDz!`X
zQoFQWZzndMYWF94;o=M>jGSM&UQq4PzqvYkeRTYG!u1ihv!&UNxiG?ELVx-7=<VdE
zM9>`hOF~+GED`f|G)^F|lRzw@B->7?mUU?X65clk&v!eCwu%hV*c#{GyOS&6LF@z2
zPH@y|Ekjf;G||pLR}DNC?ELG=`&+KDz}NU-6ft;<cfY)QJ2~R}Fb7f2yO=3{CVjho
z&*8=h*Kp2=UNa+`rFV|Gw#Za{2{tKaie5D%SHp&*dXYDyo7ocEo=n+xQ4Jiw8#Ger
zd-i&Zi#?gK34sH~-7PP_S+1~twR_m?6BpkbCkJfv?PK0$!n<_w#=A7Vxl|L%r<1`R
zQDW*&thx234XVi}ZtR?B0@MV-MD*!e%z47^mS(}NAYYGCfJ$eW50N?$W*fY=;51A@
zuo_J9;z&nm{a(e+OgS)2e7_%FGOP71QHr5mqSytJrh`h9XZNvb@1eukH?rqc{_gKM
z4sG@5$Ms-7v=dyq2}5TmEt+2IO1^rOhW^hmD{F?4R(S+#c6BU#A~U7ZFj{Wk%Jy4G
zKkUE-Yc<i-{r0B_bj#z6qJLtVw<A6Mlb<6FxfO&%a5<og{SBMp61~FoE~Lp;;#JW5
zNbv1zKOly<qztf3i1obo6wa-KtB0Bpl9Y(Sy>u>83S3;b84jJaDHDAM5$b9%``o0Q
zVRegu3+$o2NXbb8bn#n8a6!a6C`nt8%$%k}soEq=2TJNLK`rB>!@5am@&ZwjO^Jv|
zES0GCaL+j<-|X8VNa|%dLGst(SdJBN+HjyYV0^{Et+DxPjeSZn(G@${U9kk25qLNt
z=hBI;7eQrAp=MzpnK*wK2qx!Vr>eD1=c^#{iUpZ$=PSR9ibfcov=Qe6-*&ic%CrmF
zw@chHZ!+zi<QY-T+%ryx6o(lyE%MH%7;=Ep^DT1#Flxcl)xk;G!P`2r1zJz&gS^66
zh{%S!OsW4{O;aD%IF~`xC~Z`uqa}?o#7Tifp{cvq1yPgckQmgGje1lQlh#!^wa+j@
zM>XOX-g{iUz%{rCvsb|NVL%l18@Cd`pk)efP|R6Q#Gt)fPc<=bb()ywmv|)-z}lRq
zU^I9To^gz!r&cvH83JB#=B~ZL%bWt5@3;sO5cB#u2MdHE4Q{h<K7<7MltZsYs%PgN
z!tDZ@=AKL*&<aWGjH$Y=0^T@cZ){|3Yz)}r;?G<*s*Obm2o1b~3z6l{Iffcb+m+$<
zDG;1?JO{X!oi+umW=umIEo@21;)>abz`qCZ!W?z9t%lh$Ij4>|1H&kcGWC12opTcn
z@+13c2M;U=x?`eu%E1>N8pju_Wk8x79m7Z?gSN+XG9NP<8`<bZv}<Rz9Ft(SLzp{V
zu2CaChABF6!-3TxpmmaYx?^%#;!tCC@-GzSJZDpS_uMYU8YvJrVoiX^Yy+Cf!z(V0
zJPLb-rvP<p!i+0Y0%hnm$^>5#_~1h?G?+XfKWhupj3+q^xQ=S5?T#*50t~tl^zhJ|
zpR;SU7L|BXdz#)nLv1GA-+7pt-XaOe=k_(V8MSlusZq2=HQ*ruY&PLk8-#F_g%ry+
zM~2wZNrS#|f!M-hc!^;JYk|f5#!%b>XUiKSJPhmDO7C5wiPa)}Krxivi5Z2D7hBI9
z!4#Gjpwt?^!8aOhyo3AnXF&*D?P(bxnsa2`u>K{CFZnUSR3wH{qO4LH9l1`NuIJ*G
zTRsOF1%uNDISZa7<uu<&44@qfMG!umS+Kp$+F=gDW*S>aop*bnWz%4A>5Jhwi<KnC
zV3<t|3h(g|bHn%auPqo7e%a<(@VPnGwBh8^X|s3f>A((7(Jji&)SntN+5AQOI1#em
z%*4?J%N9X?qlRU4IUTQ;?eb2?qMtYjMXwmWlC)%+y?BanwH$Q<Eb~lZr{PBcEHmnr
zL&hls<pvAy7lBwbnxw)M?gI>lJY~}*_<*Z|6KFOh@a^0uLRV~bU5MPU^w4_SlTC;D
zW$ESDNB(CbD{aq-7=waq6>V7P+Cn3{y`5b&lkR>T*j`g&SO+jY*#x*Zr!$@TG@<6e
z0X35c=jgnp43+3ThpDNIx*2iOjmRtf$LM*zd_Feixs4Hrn4Jd>A>j#N@GK3x4E)$v
zeS>K|dTW|RsY)DmXUDz*{!;|!78K*xP7c3D2BnC@;kI!6I5}V3ZRDhG4^XcZpw=Xq
zU>Q4VgjaF(E#2w7QX)R>5+)_gnF_Z;WG0Plkd#%$1h^W$%n<cvEJ3P?#1ZIV{H0R>
zvWF(YZ2=kk?A%j8c!!Hz-Mf<}%pk~<Q-CnVya|^lGPyJOHi>R68F9#4RSE3!r9wPw
zQ%Od!QzRP=0>?5<U=wJ_Py%BoI&Q@01m15eWLhIyd?S+j4n4NUYEaaLT?$Kb6>i(s
zh-*9dfLHBfKz28a=H9?JSj#0?w^Iapk$}+XU|Aqzg9zo52#8ZS0sR%vhsipiaO39<
z6*LwCv#_;Yb<mJA>Qc(Ul79(Ai{o%Lp-sJ(n2gg=5&I@X){%DFRh~W~SS<*T9+>n2
z6{gj!po;>U6riAE6vqV{<?NI>E-O;*(NYyfTYxB<PQw!YUcN<wLdWe;cq=!ch!`$g
z4a7NS4$v?G8L#E`5)n#L46&EvDQo&f#vwt+R)jgG;M1oFKqC+kH4A7wax=t0XI&KS
z4w(<+n3!cD$Eh(jND0G4{$e88c*F%S2o)~KV~%5->CE5KSkr(d5s$095X8fC7KD4e
z<R+&k+(k<#8q?uZg4s3Ey@P2c&<`n$u8s2aCgN_bx#Onr^LCg?R6oOt%kb#nX)L5H
zCaxFFad_hlGtt3%V;!F<4C*}^CDK!SWF*Vov~4O9(Mzj^N$$1Q8wc51pTbJmGIx$+
zZE@Q6nAor0<XTsBUfrEe*Mu^B3ZhWfg&fE_kl~8GF-ZY8T`Rq0j(%iJ`+h^+V93z;
z?qL;9j;6`vU90su=qD&s*Ua>`qbbtj62%e})Kg6Hrx-I1GOFp+Uh?vB$}U(x{I{(4
zy-#!UN^3!^IG3xOSw&HQ;}vSDP#h*?_|uxKXp3(=qfLeh_WKC6dWzy+6B0&y88u&8
zN(?(X-lGTil~|@KKUu)#(r#xP;%=wfgucEU{vWzfU5Sd^RysL7mi*g<e}lo!(d*Zb
zx?VoRswUTs`Jr(ES-Amx`65coKQ1t?9;Ky0D|7wW!}UbF;i=TO&&}|$$LTZ&7@-bq
zj4n=doDu*CXS=V{{4^UXS7zSXNECVG%!o4P9`h77Euf4`?p{jB0wFFYOgNli3c5=P
zsKx8ow&eBxy~TV-e4L}`+hQy@o=h;lus>(k@5!SmpU#qR1S#AtY4!3<f7l`*0l7Xp
zmSvk$FV6Oe=8xh{L}Ar0k)3_gOPea91f*Off<o0-0!pDZHRmAxxCxk<;&PSvNLhjR
zLf9f_Qzk4*(lwX2GHvSJe>}PQ2%|2LW3Uc=(5y0c7`Dv;W)26OOHD*Ey$&;<I^dhk
zTvsQ$n^3$wIEwj%1MT$Qf%xvV2XVqfhQ2K{Zk+0wdu~pVF=>m5hrLAPa!E@#L7E7M
z7#G`>gSrG}?I7=}ElHU9J5AiDbYsqeIE{fOcEpk4#-DvyMu(VhC1!Di7Lt_8kx7j(
zk(7|8Mu<jB$}-K9`9kinI204Jvp711n-w{fir1>iU}Wztf~(^kABR~&1dF!~P<%^(
zCSAFHUQa(Y%mNKR`t~>{1(W^Q!`@=Lcw}K+KlU`5IYNp&pf|dIPT-u|oHQBh0SnhQ
z{p+WnbkYM}WR2HkI>s;yGswO>gAg<z|2B~321E))!dO+cMB(SmNh@JUGCA5{gtma3
z)zG<RBu}K(fN|*AACZ}A6&YH*LVjD5KMziDCWn-Owpenr2k*o`t3NXrI}NyeUeb7Z
zfhtVTnSK~RdcfFeonu?uG8Py?XDs0I$lsf1NG*)Bq!gefqeAhSltRV{7|_9F!69NY
zWrmuwJ?k}Nd6${C(!OS*=go(`8%ZKyPxs;dF}wel!1@)e#KzALXB8Em9<6Roxrfy=
zzb}%cR57{7^>Dyyxw64~IMiI#91c=vse=xcwkj{7io;H*RlETt9}9xZE&^#iQvWvu
z1P(IGWmu~c-JEgtc}D6l5P^55t3WoMx`nJJ`y_QB;PT(Uv1{3lju{He%T69JgLRgK
z=2GqcEf1H>HQrq_dF<Y8E>Ey+ff7RW@k2sZzU{(rNOt$!X3NB--nMo$QJk?f4zbER
z;JcA?32lffQy2qizvOpJO3@2cet5c{X?}2dlH7hssfW?Dlli1|heww_mJg~D$CDNk
zi+u#be1&$d7cPDiI>#qc*3<Qh&iFm7){I-3^^0`|txn5n?*-18_1S&@+zg4u38GGN
zU*IR}CK0*r%*2Onrt#7Hfkic>-U}~!lh)%C$z+BFrP-MsXqF%u1BZi2)|n-ys;EnK
z)}9)g(0s&vB98U*aMa9t$SfWm^1*_;YNK<t5}|M@%-Un1>_ZWbWx=aqK?+sF)auH9
z!YP_}x)l1!2*zqNsKj1$W0<SaE=e3zm-3`0$;Dg`7ZfjszrTXBy4~WJfftnB$Y)#&
zF)=ns4+KaI=aOrt6(^aZ-@&1r3OUHOOz|g6h7Uvb^K{mG&-uOH1B*6Ho4~szDlrFb
z!QqM$yKeXbW?&W;Ch4MKr!ib`^K8M}0yf=iid&DssOj8M9Avau^eiL9V`+n3p^fGJ
zg;UE<rYMV!`nDMAx~kr7yOQT4gsEmlA{H5A681VAK;_AROl~=Zezk*jg0g+S#S#;1
zfY=)W^r;@ERT40?Bs3pwhIuT0H2Kk%LVmDaK4}mdP<!$n+mnX1r}Y0sv>s=Oz>ga~
z<~qQI0%G)`5KrJu>_lI=-tJ!Z1uw4@L5!+J)K<VCjnX~?WGymP*JHuxSv(Ccsj04`
zWF|*m#|N`niXz3=4v9#e;EWL9yUa{c>K)Q5<?Loy*XVjN0HlYS_3sbU^=u^qmn*`x
zE|B|jh4^z#4vua&1pgSQ1CiAzwce8c<m?4m4@U{a)FFX=_iUF?JxR=VDN=n#37cSF
zY1ov?Tsjn@%#4Qd#^F)lP_s>G{FDV#5zA0TMg*QI;@k=37;J0^mmbsdGhaef1ePZi
z;%%rJCE~PH#(Y$*<F$ECQJ>B>L$>!e*!5(v>ygcOjB%RvHp!ePaQl=~I=O7JEOf+F
zQ<X3?=X9S`93c@U?eJ1E2DHEpz7~1dfNT30t4V7v3ZqVs_tI#f>r9c*@nwJGvgr}7
zc`{UOb?{d#MxMD?hZxq=YXisrnAb7SPM8eBlUPkZOg%e+*P4!BQpPZvum{<2Lgd9h
ziOC;rG-28g$Y+LNi5J{4P`U@SOuo%vON^S`u?@!n$2Elt7tZ9yr;Vc5LiSWJQpYO^
zM|lGBwieBox6Q1_w>HzMVe@E*{`RrC*^afzLgL(;^Z$L;8+@Ag2Dfu{Oi0iElt64a
zx7H0XZFU+tc{6bw;pdEAQ`AKyc)ftw(gwu$8W2*A40Ge0&iGFv$ZfqciaoGR#wj@5
zEktBvw&Y__^2DIYE+N2<_Sf|!sT5QU|CURIz~#YUa&;Hjw1dHc1)WbdrElTK(4KK^
zfObpXM%S#f60igsn^Z=15cJ^$X!c5K*O<c^w!c$(FM{#ZRFG0I&1;dO`@IP37;Rk>
z!EHt()Tfe^cB)I<0x=7`W|C)^Adh74qiW1G+c<d2G-iTS$jmY=eI@rl$tXv$Qy*2P
zJ0erLI+l*tYL_1Q-p5Q_D8#pEEJqn@Qp=cgzLA=PBmsTK_Cb?tUne+&c6R#bbah-)
z{;UzZcBJ9hQ%PYK_Fd9#gYT;nqk9u#9ilm@gJacF<9s@j0E7;!4q@{9VHit-v@&&c
zUcxrqtPZ7Kv|5c$s~|OtOERKe?C6KJ%^vyB4uzMs!DFBFZb-hcRp0w=pyovSOjnKi
zgwTl~d25HjywJg;YdSP4gDD6CE*ug~Iw8EfUWuMMMDEbkNgV>cBH=}sHofoQv_S`#
zy;6rD2CPHC8W{T{AF5bcb;9&{_$gZdvRDo~_@7awF4cLA^l5bx@cQ<F?Go{!+#xON
zQsbM~%o3x5y=*|biFKWjzk}F%Z8h)6GW=ZIT)u8BLMx1_P<#0=z4Txt)($-SV-{ql
zHHUOPUBqZ!BG591LxfSKfXPYIay;v795BuoGK}X1!QMDN=?#cJD8v)$Ypdr@=-z4>
zHf`FOwXZ&;!YDYy6r5oS7ThT~UFR|=A-km?h*H(-$LaJ=3T@}@PlIs+?yZ(^nxC5a
zzLuhRaqVBdf>qN7bw||Qm8=ux{G(mlF2xjg_i#^V@9T{$$(>8%q_4>$`T}g7lypS`
zNu%T)CX1$TLY(_rvI--ez@+yDmc{crlaB@NAn%4GSMmD+S`&66b9H$)^=-qYEGR~9
zvw4!0-^G||3W4F;!C^`|f%&9Zp`Pfdj$I{MX!opP7j~w|t)ish>EJBqCAMuV!+uJi
z&qxQ0BB64+zA=y9g&1Gd9(}bN5p$@f%8a+;>t^4Lfg4WZI)!LjH#JBh=jL;b+HP>D
zPm;fo0~t`>0jk)B{leOP(xka7m9d6cR|GQuh_pAyz$^|MxQvR+=-?Q}l|Y*OlMZM_
zD^Kk3Rv@a0nD`v3$g2uhRXRmG*PCC!?G8)&;=`XkQ#T=%EN!tHSej%v1j9YE3@l~v
zcHNxK^sh^zu&e2WcG@F%2{F97MDOh`?V)b}B=0MA(rLA77_&clWRWRENs>DRHEdeZ
zk^EFK4^kOO2kH4{yG|a;oYBwXDh9d}B(d8Mf>;9&rBG&k&}NQZSCoNth)l~LBK!Lq
zFMB9BT|ILsOi7)a_))07^aC~Ig$|LM15wA#qxJ)(8{!~g^y%q#_ULO>i7_@OoCW8_
zvx7e>bUmCV_n1pWVQF;i#LBymPK@mApipgklc>0mG$s%M6oNL<1uM-~Xq4_PSx9sv
za)yF`LAFycWx~sJ33+Acgv1<~R)|hmUN<^aWnT7pr3_xI6YsIEfDOdibc9Rc)TY^c
zvc!xiBoBo6WnOG1P}P;-^XVMn8b7p4|Irs`X253h4P?syP{=kyT;<!Fo4cSu?5MDb
z7~>jBJ6YNx=q)=0eS#f=TiT=y`s|ZB!L1~iDb%<`6XBa;YKZe0wyIGZv?p+I#_?UP
zgXYCcXch#xmV)r&RXmrY1z~JAs0E_U+hFabA@+XrMjLk>ue?rxJ;fj=!nw4s3CZwz
zqjlQIlno0NCX*?m?0^hLTC9UxjomF|C85wsv91xx8hoc}NFJ`!!xH+T1knx}_3ym*
z+c68ky!Ye}NvdI}S%dm#*ZeA$NEj__41mdJB+Q;9dO3xSTe1=0ELuCqBS{CP;vJmv
z+QG@AgWvDqbB?!Exz8IhDJn;Og=~Z)Zau_gdN3MI>WG1jBoBJ6j4QV3O9?YADNmyf
z%>k2ftJr4AJ`x?eKNT*)4kRtPJSKydU%MO8au&w+LsGDeXK5VUP`=DUm%M+6HWp2p
zJb7)d+h)skiZ6~yJAJh-G$e){934%>9`+ZK1o4ZILJr9J9hp>tla*4AgX?W>Whe?P
zH#$6IT)^XR{;w8D?veMH>%il|0v{W#ahI3Fg%pIR2*Wu?Wx1e8_z!ml;cWPpzL4vf
z8kP5yY4Z`S#hgGB6QgPCO%}bum>FEY;b}~hCE1~T(ZoLJIYbzs=b)MDfkBi}c`=i2
z=d?OQYw=qBA|KYHvR^~cfLWU+e2djA<QrWlsPvFb0dvOQNI&T6W$5hwXavmf?_{WJ
z76W=tWOS<`qsK}=3t73!gRCB59*W_+q3oPRHKB@ttzk0Q6sxZXgG-MQF2nVtPI~;U
zpIiRb$NHuaqJiB^(aZ82-18%@O3xw?mSFf+C$znDlLX#LY==+ya-BQR(s~ce!umjw
zJSZ2L);MGa`^|DBtI8hQRpc`PniY$vXz*4><F+b$Qa4VD%lZ;^p9INPD{TH|6U2BJ
zRU}9wksi<ZI0f*zpcG)@ym%skeH?cSCKSC!nC~%mk%tPG;ftOhSf=SwPEHE51wnv5
zJ^J5>T0~?}doojqjBikT0)=Xb=et(8pL8;C&5<VqbQH<}E!hS<(0dyz+xA73376=*
zW?emIot_zJ4**PmC}6Ii1$EN%Zau$5XQWqAokLGy3f$hse6?W`Q7}Wt?PO)s39dzL
zx;S6Xg<yTZ36SYh6ps7xyQ8+gG6R4fqw6t1xHe1zVgg(XRR1u4N<VZmVdSH?#Qc;e
zP0*k&#$EmCcKpEBf+kTlFimAvzT32klsw$8`3@DuGGHM^GE@;@Fj|P{Uz~^-{$bM&
z7th=fy}-^<vfPBRhFx+DWI5Z;7rihGL?F~3FPW<JV`i#YKfzb7C%O?+GY#ClzOX@~
zQKh3s_HJ-8?tFG%6e9iCs|%ffw%B&TNkO$@XN7{!pOqlio*#s`<mU&0d<H)VQCY!|
z-y$I0E$l}@UfPdBDegx>S`yfX@*d@-(08NZksszlQ@vb?tL3TCNqC6t^*I#6U_V4o
zpV`^p!~2rEN{yo#g-DTmG%s(DOksPpOBvUc+*AY{K-ZqX1XI{QgnF_65a9w#i!CGi
zAEE>!@eeV0i+>2kB4viv(GTC?0xkBo-O#`q+vUxyN7oqGq*1S~tnui>nxxLFapeJj
zdb8ei^Vy?$UVCKn+oKuh1XKErX>x_e7oDDQ<5flF-t))7_snCQ4&I_Krn0+<Rb|`{
zVWdpAOt^c(?SFQo(HQ?jEPt*4AtEpOKg6;wNdmNvm)^E|d%Eer#fh%_Z_(79|1FNy
ziB+;I4BV;DKZQqK{wa#;@lWBMb}`>B+O)8Y9B!4vF?QPIaHP6L4#!YkI2MH=C5Lc3
z<sYDWnFj(W=K%F#KVKr2LR7Y4ItO2=_e%_h?LSBG8vSz|Ef<;<eprg?abP(6*0@ud
z{~?yw=zoYvQ~VFHY^<1@3C#g;N1ghhx4>J)UPz3M!+{zThePW7u9`fLmV>k>G3koK
z!`=`<BV6+4_VZ1m-!oO!uqvN$aj!LQ&InQ<2wQPZ)zvZBV;>@?TX$00Z{?P*M52Be
z*GVvvC@@hqns>J;d~P-r38Ul={)}04&Pp%&9tCKM%z|fzVF_0_+_LuIi9~&NC>F^#
z=vAa|i$|Pf>hf3P+xVm=*^#XAd|%J-%M}KlDb{M2puBzlPf?IINdS~ks?#O#zFh)`
z(J>D0(%^pcRc|S$wv(?4_K!yU=CDWkJbWo7hZVfbRqYZbX1<h}x5@wQ5HKRoF{t?G
zNt@!&3dn}I5toh+UtJuUV(?xGEOkqixmPuz#O)INeY>==3CL2CRrLJeDLTxXBcmGC
zxGrMBHwOU{M%3u_R;Qb^TXgAkiKxn2T60Adsj1)|t=uP<%Al*gFtcR|7@NaH#(vIv
zHX`YJtF#OpDDR-y!=Nsa!9X3!Kb8*Vn&}m-Qio<1i8Y1XWI3=ys!=Lhqx5%;j>8;6
zJ0QL~*)MbNLmMwy2~M=%^A{vJcC!+qOB^AqJ1jJmel?;Ov+XZtfypY)x;@2OA11Rb
zl^w2fOXIIgO_x%1scuNyrE!1nb~x+OzAU>qCpPk~T4jbFt4p+(GLb=fw{a(#`0Mm~
z^U7>RS^5VrpR{z<P8fZ$Ly?$^hE18Z4BF3OT4<9M<2&QnMP!)P<Bvls@=#?LvrDd<
zgOkJuYx9(wNZ724sj8^@N>0pnFGtiykK@}Z-7Eo}Mk;+R@k)gu+h&_x5zMaK$IFfY
z!d6%{8JYnm%k2dATPTMEQ|scMhM5olmcBd;7Qv+}S`z;=Z8_`iS@{HOqW?}vr~^7Q
zTwrWloL<*Ccs%53HIdsYy9BkHM3G`SRc`0QN&Qks@OG~$k|4RYZpy^PFhh=q)$wjH
zLDvYu-nEqHx1rS(&DqbW4iKG8S5wAR9Y`OUa_k3zk3XQlpdwzt8Xd@yq3m|8buk?7
z!P2#+OshKU>Mxt+@eOAgm)F6520@QE<)j(USdOh(DMdr6d(o}L@LH+V?)#yLHA-;I
zDT;Z<ptdwucSs~7`S~`0s{fc389knTK9zwA;XV=d>MT~3Z#X{sJrZSfqG-f0%2~hY
z8_#{+MI{=um-^I<$HPa;m~Vq}vz$F)WjdU2FWz(v-x$^7(IR4R&tw{t$uK;jz)sfu
zA7;xDf=>5AXA=vyOejx+u&fbP^u*4~^!)yJ8d=AE)QIa0Ma%F7#o?M>ACX*wvHxNv
zgVpKdv@%oKL_Ace1dABcR}_vu%bvTWps6ctTms71h~g5VU)&mMua+!=Fw4plxSad?
zE9mv;;)F_Ac!7{~R?#%wMC@u@z&IFtt#&{R0SCaGP)M<qum_XH!h39ut;PDqHXzer
zKXtw*ACJ=%nr3q}F)Xl_)M~oaB~6s5mBH6SE8e$anQ$_B(lMfp({65An<+}qmW9L6
zDMz?QY=~=$j6N~_LCmKT`&R|74uLTIa+DKz`UfnVY8qlEa{!}Q4co;MyDT6G3s;C@
z>aex^SMdeFTVX=RCsKz(FG7i2dX*m${u9TbN_lBUEEI80j96sXG*%&>tnZmJ78@)d
zukO&?-dAC=v;BT3Ko;S%Dx&1Ywh)(mzi`xPj7c|&l0wW<jY6tk<S;RO)s{f@6r-r+
zBP+xzo4qiNrEk2-dZxpPCCwPVMh<5RMH-aP<|(7lcz>*hcd4n_)T$*eN|}Pd3MW(e
zLX?HD8HN@TriKOaX3KUBC4jSks$HC7VvLp`&S4!QlY(#SPzaTf>To*Zrb<rp%$l-P
zlw7ISA#&^(@-k8q#4e;$HUD->96Q07J~HZELgdb@U^)V$E>-uK*SdzYnJJz6(~evf
zQq+pBM;ebBrG(TuMO$#kM9xdWlHfBRGo7I+^7Dk^LrNr=*@Dn`1<^bru~({^EP>Ua
z%$E{WC2|@qg%TBpZ?B>yqFD(^Q&-~qpt*vDxI@@m=#hkuE;MbEmUzf(HK(u+l@PNL
z;hdwJx>f<+)3X#_QZ)G;WVZb7!~~OkMdwYvG*;4_!t>Sv&Ro|Nb)A+zCY+kgyuV9Q
zOgl?i$FmcaHDOX!qa7{3WBRdNW6~0qXFc3V{EPz(ZksUEmz%h$#pd`F_Ol(R$9F{;
zz`d`WVZ1!&Mhr{V4yz!N9UY`n&_4b0`~Z<GQjK=A=Hk3VnH(hkydP6J$NO}0&TUh@
z$N(0!LR~a5xH!4ao>W-~)eYMDGLy+G>vXfVw%hEJbRExN$c;>v2DtznptRHhDWft<
zDk6;09{oc-q9QJA=3cyY-d;x}omI7h*Z#2TbJ%g>Oe_BW3M{U`4<P%|#okx=%Vod{
z)bL%wOKdj0iF|k0I~^tsJ_GG&(Hw7JL)j@jY>E=tb-$e?{qeXZBgq2sE#7mRE52yX
zW+9H4K5^pezEPjT={_&a<IKbKPFfjcdevEDj=Q;>uebhkyZo^9P8!~SSz`0D<}wU`
z0nT)In2?lPssviW4!1^u?RxX(cBz7{d2pyrCRbpNoW68Wr}Jw@TAoZ1fEY!HN}YrR
z4M0+tA)fn|{<`T2U*@r7vgOb<^5}q=%YdYT<*|3(K+FEC{&=`lFX*us15M_`tBW)4
z9GiHXupDqvv$kaN^pQY~iIX#<wtkrZ`jcS_Fo5Alt=5<mk&<aRpc^`T)*zM0vBj7r
zyscoS<8*tZ#m$afJx7@+k+X&~yE}t*+|B@1B3jRIP4KvhSePJ-CN(0fmX42a13lyX
zNP=U{Zt?<OaYmLFqqi{!Ai|5Xk$B&)4QH>Y6Q(rw#Js_tGK)xYaJXXN${(bPWy7d^
zpEY`q3}G!RD>BtPslF+r4BsW9oi?=74v}DC&#t{r&I=)x<lBZ9d9I<h$BrPzYDg_D
zsM(Q{8Zk5-E&?=)w!olu%9tf<l3t1YiF{Y39qv&=xM(>m4WlK=cf7R6=`N`<Y+CJy
zu68o;7x-FBY;s|_`HVt;=~6fxy=Z(H>31%O+aVFFjzO>1D53A==)rV>b-=31b=`XI
z>*g;j<w_o34TAr7!3o>>8T->9W9?EzL_IfQil8DWvQgBP5{dKJp(LM>AxE-AuC1~P
z+^Y*7rxiu-+ab{ARd8#XE=vph-Ka&K=Q9$CbGG?IH44j6R~m&O&jA^g?S5t5+L1Fs
z?MkJ3)`Yup4oIl-``R|rYVsGSg{isrc)6~@g5{dlxSEIoKU}ru00(it@n#m6Pv{_>
zcDTT=*?|<1oA@!#xK~*zK&xkbTirnN`(c=*#y?7QkWQr!7f<Zrs;-m0#tu!)&|a)M
zQ96cT4TO~U_Ez^a#;jMvF5q!ndW(QvCz6(mK>201W`Ya7tVQNylJ?f%O*~mdG0|?G
za&b)S28(-1FcU@s)#k8qD%B^Q6cDrEp&%xJgGtiTnRHNAuIH0`p&05{p*uvHSCmwf
zRRurB+l)CHill4m>r*9~cG7TcAzvSsy~kzNq_`@=^oYqexhAD$($#aFXf-Jmat~5R
zCcguLusbDm5uC;oz)C-AV|n5-i{pJB#kd&X6|;8qp4Yg@wTpv}Ww~yt`>lbu^fuPD
z22a~%k1gqbcAk?g63r+R$3tus$uj6DjXB=;Z0rwa^ZixDRDN6aX3OOxj~j8BJojz`
zT=n2Y?{HatH+g7|e|mE~ut?=XKtq3dcl6Gq*d>9TL_r~EOJw&1?j#CYRZ@vnt`97=
z%hv~%y1do(fjij-t;)8<vbxwcg1gyrjbO>v?hV|@HfUA0C04mka3_&f*=YHS!IkWn
zS3U0Fz8tRNSS)%0xIpgoTj8%VgK)0Hc`M?@nJv2lZ!p+y{^+9r$*7M(WEqMoL>4TV
zqmQK;$+5V7PS-*y&gw7jBVJ%`v*H>`)SWz;$q<WhGy0Gty*lRv#Sa!IWOk1z1cL&@
z*_7iU_f3SQq}q$-qy<UA911SM1^L1fjFwTNGNh;}h86dQa*SXHd!Lo}w}m~hdl2?p
z`^@i{_ZUnk0P7jQu)NGAI$gz%V91_GFT<%#Jau!ER_|uk@Y~wI1jPVs7ug*nA_o4j
zY&XZh9{uzSZp-9w0@D3HiRIt9Qj1`&1P$8TrPz&rvI|ER)_Yj>aJj&qXNx+3yI0TH
zO8$-2?E}OcT)NvR(X-Xh@Nu<21^A3ICzBbsNU4{k>bz*jnft@`8fEt4z7RIaMm|N4
z`&<<Rj;Ca!<%m7}KHXRHLN`7QZ3OXM@6ZfXh-WswZOGC_rL&1H(GU1TW-;ls;3IpC
zN*k!!4#Q`T;aGLkt@(Y@ojp2RpsNU(YArLwn8=!e^@9?1zny$ae3j41y}}r>*YdyD
zL)M}QC-*}R5-qyKm;3P#Q!POsKZuu`%`1ySr=1%BEBf7lrSij?9Q_d@dBll~2itxc
zh;(D3wuiHubMXU#_-UAql`_I1q1_#{SfchOSVcI*xr~*rBjEm<$(E6Ado(<3unvHR
z7AG(*4i-mVmRzc8!nKbVW+7_b>Ck(f^x~F`W|r+odn_0pIFARd?a;rjhmUxhr1n>9
z#1&4|*l@M3<7};J6ip2=BC4)_x6>cfK|6k86_ays_!;ynoPjAYTUwDC{xAO8U)%~Q
zuPD1DR)fD7lYb#r;VO*T<gfji<gZ@U4}bN%2mZ3g(YFH!*E`?3O20`2SgHiZcH6!i
z#Z@~XqTxCR-2L#Je};88$5}eYB?BL5VfSya&Z@94Xt<17I2L%#Uu>WNFKOm#LvFD*
zcQ}dqi-Q)*Mmphph6u1F!VV5Fbep*D`-{opX7yKZp#M*6MmJ84*0jf33>BLe9Lo;Z
zL~4d-x~*~D`>@y|Ljy2ZwY^i$BW=EMXk!g{y$w*jY1#`}*zM9D=$%nbaY-Q2k>K*d
zBf!==2mTr7tup}#wD~nj*2l?OXD!#7<6HcEn1IXxw2pY}YBA%7<Fh9HvYn3r@xfv2
zYM{~BTUgL0NK}|32DDX8<XEBXK-9oB85@iaE`I>42OJniUM%p#&0w=b)y7aFI<FB+
zk^GVug30YX%&R9Cp%Gav#~T%bV!-m@In>{^gzz4R18A26(Up;gWK7+iLddFvYeTSG
zi6jPnQ6`<x@h(BWyzAs`jaWVG6r;LJm^7-mpkWQF8exw(-;HHSx!<artR^76Eum3T
zA*iV-r4T5gAmf~^5{5J?>L&^_4=1ACj3UT<=({AvluFO0wTL#^!4qSDz8IbJZRa-d
zfrtM>8`sLoZ9V;#Y8|I!Qb0HxR4t$x@vnzrNE3fZ*GpX8MO0RxfLL8kM4bYfc|eu{
zUtFLJh=BavEo0YLX|PiYs>Fb#)CzF1eDKh<KSGejRE|SYE{I#>O69~CZ3fH}KH^Kj
zmk);n`WLdQSiQKTj~w3?$HPIM&&g_fICy@T+#D>XuX~?!p*k4VC13&4A=o|9IX?GE
zcS0w1X7H9KF3Yj|E``dtcnS>`$<*Fsx`IEV9M=C)fNwlaM;}U7a}X$QO(vU(Mqk2u
zBup%dgv<KWEA^~-E!?H;9d%Ec=q_bbHa3_Xa8NJN^XN;2A{Pv1Ww}m4AzCfmNeVzB
z!n_(Xnna|uYxH@ajy~G8N?0w8Z-4&fsK&3^>D2h`@tZdt{OD~LKmN6YU!&Bk<6pDm
zsqtI3iXHs;O$S%~zE<_S{`vT*#&3_ffVv7-{cBwHukqWXqc<I#_vzrgPY36HI{4AM
z4zBmB!>>_Rc5vRegR`ZpalL=We;=-<s_<|5g)WcPU<Gf+D;nf6ha<J(g=>68`WoNx
zf*qU}?BKj$jjwp2F8=e|8sAXi4o-(<JUd6deslbKooZRA)IC!fY<iatPUqJ6hR)6S
z+3{vE`l%w2fnGjGundomGhT{C3w?k}LuIO^?cy6oN*%6-?BFzH2d5!BI3p$Fr7kpY
zrmEB$FR>U!ome$qVlgy2v37CBS{<&g%XrC!uG$>zssmJ7@&J{VJV52m4p4cM15|3B
zsn*d)?~a~QrEFtF8JTc)yjqNC{!FkK<dF&Q*Q*+}EE%Xd+!Is;i}B{?62r<k{^j^N
z)xrpGUjNi39R2dPOE`Z0YnSlmZ6VO%HlZC?6Rsw(4$cJC!I_XcI1^BX+c#9<_RUoI
z>WIN#;Wn&0IK#MuGi)n-r9qVN+%<`iyCxBG*AxPut(ra&a?>Y5&h$;RO3pM9a;Ak4
znI=NcG!e`I_W0+YkKRS5#t-^3Cq_1?hcv<w<T?m#BC=g}UT!1GAMX%9W<fv@#rk<U
zocA9$4-Tt%l8c2Cc;n!X0en!~7NetxYL7Nzr!6AF1!c5~XUHg`!pWUaxjsBa!<u5!
z@IoAxKxn5NaIdhyDytBZ`&Df=6#;L=+G@Q03H^l;;3geNF%!<U#tCd9ieA*@83?BQ
zIhvu1RKD|gjvQ4?t}TIXzb9DL=vHcswhUh>NZvWu*<(4)j+JS0)Gx;(1YY|kgkH7Y
z%9Ylr(PzyhXd`y5k11SP3}=BUT8dPzHP#`Dp!(*)PF@A&Lo%vG4CSW#7)3@{(qI+J
z+>It9+<Z3#JQ&$^d6f?Z__=VRu;)U-h7SU*<befog_;dNE_Pi!*8&U|MpNVMQ@IIc
zH{u*I)Gm#SBwW);E(d}U5$>kA#Fx+pTb(sNw`sHKeL{7=c1A`8JeM}xQ+%8ck<2Qs
zT}{01$!R;@Y}*Ic8$Z`pNJp=ae+pV`kIoXFlQH*qqMTgZ1g??R2}*MJAdW`?%o5;*
z6qk(=PQ%DCXJE=!d$>StYZtJ#ashf)65s~`2k{!X8TSaTH|V4ZM8()nGw?VxHeI3f
zL|~=!h;^`=uho=i8Cs>p>3o?dNBVB3%^YKF7xUmq@E~)256&$eIQzP@_oucs4obg9
z{Jm0B*CAKqQ3rJ$z}a1g`r)dJBU-By-Ap@Zzw}idD>e1u(Eg5>)$E9RmtOj?&RiZO
z(j>!EvrM!@-KG2Vn&RStn(_%3v^9?R)*Ai9_PEBqC=^mPk#Sn1XPXXsfsm-G?5Ki0
zH#=JxeI6$b9rNI?XFqwhQ?GZh)Z`taC+v_k$(R9n<f7#%z?4OwGcCCq0c|+g=rl%a
zKyvaEpaj&ISOmtRRAC7HOH%agft;P(+zwd#;uVFls5z!@Pgc?A$gJ4<Z{?zWZBCiG
zlu0LCsmxGCTISp31!{XoB^JOA*%32Zu$es@0U3r-Qgza@gdqt&NLOjBMI~ZeBj<|}
z@K-W6>SalYm6*gLwxpRqhfE3XM`yN8q|(z-?0{G!3Sz>$j0Sh2J`Qz94!W1xB4bY}
zH@$@~FOuBg-qvi?D+=V<q{2CuF3n_G6{`?s)osKou-l4N0Qn(ItO(*5W$9;2tX1l<
zgIO`_Srv{rw89jg&o5N;53&&|Zhfnes5q)WJ9GPk#D~aA`9oHaTX#EdDytHQ`;4QF
z2&r$XXi~yeC~pwVPiY%-ipA<)D5?|s_8m$&$XH^w`EX;Q!6~?%P?er?_h`SlQD_xQ
z<-)hc`NxtYU;NJT#}X!Gak6D9ROJ-s8w*iyZr{jWh@um^N9TLoqpkdqWXaZN$n5+{
z#`RRVdaam3_vk9M8`B4Foz`mRMos%s!>VZ~;85%j=3BI?6Wg9{vfS=nvdYh@k#3MG
z`-31ExXGscrJLfh(=1@q(u#X3>|_d!P4{Ms`jM$6Z8R><Dk9Frnh6%5Uynam)IV*Q
zPx!K?n{J2<NIxHc{XyJrNHG*;RvJ}F&X;K68rF!4mQSWtw6IRCD1Eqs3N^WYmt@D8
z+P6PF9wPs`LoN4;eil!&uCk`jD~t}WFdvfX%wuU`r)v-CHZ~;$@19lq`CwjxXoe&;
zH&0LWlqBqjXi4gx;$aoX{ousEUtMzFB@m9^^f<*Cz1Ew>1Ot5$bZHbUJFX7qv^;v;
zA;<UFdX#IY{6rr)BmnJ!sd&-HVt`<-2yrN`V}Gb))4gs2Fqfki-3T0S@RI3yyTPX$
z?3Z%NyJ60fQY>rQJ<l|^ZUiMIRRY;6%S0+^sn6J_<L&R2iZOc2MSu#wIFr@Ro1cze
z+fZJ+i(T8fvc@jo{qpYZ<T!%*@w_<u@-;vjhT|-4SS72SI!HKtr<_TSV;sYD92sbT
z6rlD*0iG}E?SLm0ELDAw<9Z#hY0Q0&*w!Xu+14gtbDvICFiomcQRft)fN2gWlueEX
z?Hu#Loi@78r05w+8oTjNL`@Ct>u?Zht`1I%b#O9!uiI85IxK2H{>t3M5%~6Q{r}pi
zlU6FYWqVis%0Ns(XgOz`I2WGpSP9bkM<&rC%JO(|6^D65j(E4rZ!2ZdmvNcpMYnC5
zgeA`0S?5IMB@)Q_Z#(cJ(*>?P3pii!@QwYdF&Kz)1m>Dc{~NSyN5XlZLe(0PU#g<l
z@7g7+ba7IhY>2L$_~7JiqZ7mya&d&YT{@PK4z5JC(DVK{P)U;&M2Wvcp+$BmcD<VI
z39L4eQkkWTkJxmS{Pv0BlJJD5dy7g;h@9H7`#U3TT;moPT4+@GRbjplE1?0wrS92_
zM-a`J*d>gSgP7hX><iVu8kWW^!DOtMj2rID^q$v9$b#6tP&EOzAk4SU@I@l}-~g5P
z>BM3<c5v?;S#POIL+h%9kt1tb1X%|qM6G0+T}!2ROUq8gCc+M7u<{~q*Do?x@{z8!
zqSf_i@WKy1tHtWFN5xJOo0O3`U_$H9d|8Q_-PorlC_?oKdxV<6<U?KEWUYsRs#_-o
zjyXIdy@Yd}NI~?ObPh(Bpq06msN%-`ttH0wXkHLil09G{`1D;<ig1QGszme|utSnm
z_kK82JI7m?9Tb~LBnhd(jVn0exS&McFa{3Z!)FrN5xP9XgGHuB^FLu?HRlYY9NT&y
zTAf)t=d*zPiwT5*P$I~%Bd}-5-NIC><J;B@HIY3l6uXKjBrY-U`T8JsNXD=PYL6@N
zVW8pWA)#27%Bhq`wHHo^UfFac%=?MPjUX5tRs_1UgIl8el3-QAst3pKyeLEL+OtF%
zN5~)VLdMG!p|0T-u%#}Dz9n-OD^uStIe1ALr4AYAd|EaHslD9Mq5Sy<G&j$Our;5X
zjkO!Xcgh~HsPY(p{p^-tw*Caj`-I^bQfNfBWiE~g`778DVsUwzF1M94sU{LJ0qsX0
z@8zwgW+IM6YLTxE<|bG$VhNb(5-OOj8itHGsBPL(NI;C{fT*ns4ovyytyM+0ns}Ce
zf>f)8IXG@riLo)dG%J>#Gw$bP7GJO4-k6}d#}$wP>BCm02!phe>TGn*C!+Wl{9hu8
z6STblOFSC&e~PCM$DGUk_x%2+c+!-_`=~+t*y2m%j$vg0C|txwI@O)USp?D*dd+Zp
z%t}P&1aY7aVdss401W|?Uyxc4xm|u<K2x|%nsBec*CXptrWvL)`?9Ys*elwlIqP<V
zRlUby4wWX%5vCX!#+jlEi=YKk%bMcbrV?Xa#r97AO>#WEboC^Q%?Q^Bng4hSW%i8E
z{{IvAcD;2TNuK8;6b!**7=~dOhG7^bZ^7eoyCs{HWm{caYfvO5vGv9hDcjxN0&#eF
zNSziB$vTJBi@O`GMx)VaG!}cY*o*l9i@{(q7ke?7tGycR_uAh-BIC(?UJgasu4>rg
z$&7r@jEszkjEpBk_NM0P-}UI?8Z1w-ZU(bs4rX$Shq`u}1}d0k)Ml<Dfu5E!j4Tj7
zJ6%_o?OdV7fEa^pnL#uT&YXS>&mOU8Pa06IPF;Hg5OqcdcR*72(eHU9(eHU9md`?G
zu>(%0BKRmZd!z}Qz$fq_*6$8=6~uNw7(yY9!l6pyV>BMuWpEic$ImHkGQd%!6_&J&
zqoovsLHlMbXL=jQ&-lE2orb+AIj&<B5BokHu1==}CVI*2A1`%)P5^yC-eWu9%g$&E
zoF?x$C8a27;xbb#J}<oH4hEII{@(4D6het}CqZj*TlUC=r74ikQo98M$pCY+Q730!
z?f7Bs|D>T}XhKB_Ih<yav<qh_ru^@NOC__4M<{)_oztF9g;u5sb;ZnrG%(GCHDvpP
z83zDGxmYh^bRiPfgqq=WRT*Vm*#x;EVGAhH(HQZfY$DHm@j}<WR0g+RBtI&`YtHZ#
z5ZmLZ(+bd<b1nrWaR#*%(8(YjQ3tqV>gu8zt#p3gT%i->vjo;-w#CZm;1Ha&C{LH*
z3^f!?7Tf_G;pASRpdE<Eb!zS14c^kcb<HkCVN^tyXrai=5G~JOim%bS3Tb~3CHs=>
z%D>1eStOAMdM3NmuW}TwTT|syX#?Dld~*tfr77j+B$Loe0l1OWk%4n6b=HEP1nNf0
zZE>`N{U+SMwyrlB#TS9IXrC*PR8flYjg)$b4QQjIIYo*h1eOdiInIs2Gq4c2OQ3yb
z)F--T?@I4aEKE9_8?DdFi`fLKy?Ln}Nh<e*nf~T-y*C>09%!u=f$@gQ%!<M5Wc_BL
z!0%j_C0(AMv{?7MH_tZ<n|y3Nb9uSqZ!XVEak7$g>g8H%wwsB(w=t}*yONW&^B){w
z)FW4Xqn(}{I`vM^adK*TKb!BPJ;|+tOodh@!{ynB8^H{)*<FNJ&!9vpGoZ1los2dT
zYrNN{>Pc^I@SY3}B<-t&SC2zv)ZFTt9}yYw&E#m<hH2`HueIgO%Q~(Pc`48?;e@;m
zoudCZEE=!z*!aL)?Xf;Nl%pm?<J89)Hn!w9y{M}9^f^z`U^juas<{a^oHK76xqLok
znt8(pufE=DCc~MvZWbH8YCEyW?NQK<`8oC8Ti#gLZqEgbrSP|PCD<W<DDv^1u%0={
zV2=3m+_m>I87c`cPV@||@A@<7ak{V1kWhOk_B1EdJaz`vOm+dPnd=P840ndD+_bTG
zTiL%c;I5+szl#TBxl2H&Ha+O17Un_?K0CL^x!);8zpm}WN<%FCX-Uow8R^$(egok;
zEasobOEs~}#c%EGE||m247#(|0g-F5l}ij1;1=}eqYg-<s+Q07eKg5IY^zwlTJKh*
zi9NZpAs>_Q!pvhUX(7ANZ>3z>=uIkglSKhI)xH+=G8}C~sg^7XwUv%V5~R-6zj=@w
zygeKyuS^=WaSKJ<6~8$@tEm&KskzR{H3{RTs(g{;ly4T(sdyWMpbQ>8Eh4a^Or?Y+
z2;-BS2^)cD3zt8;0@`ID#7iuG1LmfJ4N#55xg@z7SsbBr`d*C!mxQ4vPB~Uvu!-ok
znA`%RLN2yLS1qBlKUMmK8`u;?TCAH~KHT*P{WJd?dRtusH)`L;k!^yTnN;G^&}xyS
z@4KwpJQRNo`+B$|=aUI)FQ0mWta}?i;RH4BMyW8$wH9Qjnc={`U|~IB2w<K}VN>Dj
z`(sR<EbZjrA^LwDM%gV$0`}rrN*hjf@mAlA<PxXR85}5>$~EQQn4sKU9vls}$NSh(
zB&dDG%(q0W`ypRlo5H|rn*bA2#WFNt7+W>s_|-h%C2%Ss@&X@ZPw1M!q<ZO3=|aWg
ziQ#Of?9rjLZ|d6B$u?~2d#lbfR87&xSp**YD6x7N2j+`!LjFG)v2BLaF$|8+LLVFi
z=;VD${uRFn<Glx$5$ru7!Ui%vcTQ7kgY2B}?L+K0tL>BBb$%qs>Q@*AW2c*I{>rLt
zpc}pFaOgi=3KKI=A438td(im+_~A%@`PVUfG2a@R%El)$!^wqco8P|i#ZAkFBSjBr
zqUpK;AEn=c>bZ{XdG!>PPf{0*zFV9bp}2*^5mY~WdX;*(3)Uz>Utj3}pOS$3l(S@M
zCI<qv86TOthhD>KlioW8#ndRwt`b5(YZcRO*A7T2W=g4K#m%BJBJ#y>bH)cf-FeIP
z+o^&31Xxwu<J@*1jGx|_RlFS0oBI?yaUf2Ec>27yKI7$rb>sHQa4@S_(Q9LVQ@@h_
zdkF_IREz=p!N}gBIDq}AtNNM82A1groyTbZnCwsZhY#?ZgZ*6;#60SMjH4Ow=R{Ud
zT7xlAwIjC<8jJm`?fh=YOzz;_WUNqU^_@e%#JMpG1Cf>SVDA7+5WXPL%`c*PNr!zm
z$)Mg7Zc!{YJ|Lq)od4SxOfv7=f1@91+c1FidA2noOz$JO2X56Y2&!RAM8sHTwA>-!
zF*;pCMB3bhPEK$yxgWH$2#jUa6-rX*Z5~>>dg9WGMYoa*h!W&wESVb^b@tHyfRy@0
zqlzlzx@=MnBm6LzCWI?0!S>{U1KEwwHdt(RIY(%nMaIRu&48&LBd(rtQOs8dUC$(J
zu#B8TxMAh%14FI^90Z5kh|dySb=>DJj_SGGOd;7WJlhx_MS@vH(LUlCg0;?R5Rq=T
z;*)#ntwJ)Uz!}?}5oUR0<$6K3%yZKZ=ce4yEu!nDiuzzNt=<)TvLuhHv&wAKXIvk6
zbS!Hs!1dcDk5ZopxasqNWIlHp>&{zkqIEUFjmKXvqq?RNN=49SZ15za<AW!b1FL#{
z;vDS`rvk2~9^+Kz4+vz{fPc{4G435*&AowfgR+?C&P!N*9dqzrved&+N_Ubq2Qt=5
zO6yq#;Z=Av^$Va8?l`QQW%S7IhUz310T$`-K<Csw;e)4uAbV5u(UDtC&xZg6Ya0^Z
zB|bR2p1d+%0)y?D(VTpDpk_s$)#1);AP;Sq*n-##$pP>srpT)(G7fRQb9smHAUexh
zZC2gfUc$_IkE?0L<`OYWT^Vhk?4k7C14+s3*0Xml3?B<iDCmy=Z14LoIB*A|ho@#G
z>Y9bm{O<F$-w{!*IL^KIN#m=D+Znjd2RFuCA7|(+l0g_epxD>GZCO%?yNBe6hI7OZ
zsycom&oY)dUEX4uXqUKE&>UHXkOOl=`!yypy60cHG}~dO)wnVaAD9>U9mRM<KwTm<
zA)__`I$<Aet;;w-9C8g($J0qx!x(ScGBpS))CP$V+C5_GQ2muVC{A6Ds_O7jbX{M0
z*f@d0)Fz?eoZ>j@D?qHH>;W`bf~Eyn`$qSe1vKevwSkHReTo@|BJx4UBbYuUG4mVX
z)#0#alGTh3H+gt(aL-C$7>$fL#B|nLi5(2KW7R#(_okncluq!R!_V6sm%=8;?(Yu2
z_~P=H86b8%$7IoXvk^s;k>l_QIYM5hBgZ-7bHrR$<!G=`8KQP;@{+-_md-JG_sB8&
zetGe$&xC;TqR~z;wRSUsi*CKo8SLl0W+^-^0Nkz>siPv&P=w?>`3o}{CZ*1?BquGO
z?((NaT<mF1bpbrboyE@aWFMIUwaTLa73R+MU1UzKMfVKa`0i+$WArdbP&?;{7B!fw
z0=#m_hcl0JHdA8CKW+wP+w}}{HYvxosqi(E0ecYFf}lu2ji_U@Xf}1hG8gb+raxu&
z;>$a*Z_xiTk=-bsu5>a~CLf%VR^w=W1m@$5gUPQjR^X@b<}NxZmSgzX0CXaOG)#)6
zuLKd=<ur#P_rQ+2*<$n9^*TJ{foUxAjXMmMDQQ!>-`1yyTGr5wBDuBClB~(lSYbU>
zr*N>z#cf|w2ezz_M|nxr&Lg87sb{N(GWA8+Z7Li;_q`bCCKk2<<D}N*p=Xfd(l<@f
zjxj$Tr-eG;9`HQM2~<YiA)Y63I`BVuR(}o;KKgLNP(9sQ`np!o7Aec42R51CU48ob
z;s#1%&8)q4m8MUV>?71`bhEPY1A0R?_C?%oyGx)M#FYTE%1<Q_6nD(@JH?M=h}Uz9
zq@!S!FKO{?KRzgM_wY7?Ft{kUxYk8~8jvBF+$cedS?oobX@R00NU{Gs%eBFt2RJ}I
z;8u1VvAHla?P*B!FrK8XW0X>ZW^i{6m`Zx8KYd}R?3@gbO;N(*L|9K9vF$~ace}=_
z%F~_chb(&vffy;Iv83P(J&sp;9c>!iv6X0>C3rQ#6<f?WiKGFB??{gCLTW)BL$|Fu
z&94dfUbWN4064})%%p#^sR%5xUE*3}aiODIUF1v-mPT@p(En7b!)zcFn%3Y_ULER6
z0!dD^yE}xuqleEfna(cL-43p}vZYZUOVfz6TBzXk@rDK%HCzWK8>B`i>Z%nBjRc{9
z=|0dnv=bU}mb?)!y{<}If@*pPO^-H>YhlFb*~4D@VlMk2q}LMIlxxeBkZ4O-RLuwD
z8&xxiMtoQn(#+RGG!$SbJREPMQrKBqE>alboD@!!z5+CRccjlYV4>2ksXu{_=JjOX
z6I#b2G%%yMg=dZ(eHt(o#RV_aEUzy)I}qhFHmS@;|5weEh(8Z1lMs#gC>Xo6QLk$0
z7!U|^&7WjX3R=g$I>b4^`S`1l*2o_m4CbVs%uQh+eP#)$Wcut8*r^gWiguF>Vr&~S
zYJulPro<(d<yL3AMF!0dl)Qj!H)33vG#6RAx&ow8G$AL=XldSJh+Gs-?8gcp`O~dJ
zQfRWNQJ^$iMbm0v4f@J@(nO$~J>LDwZZ?f%dI<N@)a&7cq5rZ)gu_etX_OZi7C%DH
za<HpBVVr&$mJrEK1W(aK1)X(B&{~gCqF91}Ia}Z{zATZ|L9)qra9BIyp*TR)6>1y1
za`23%>XP*8QB+yDk;(B|6XwamlEmF_1yXy82G4or5!p$h!{oezG0-vVU`*FMFh1~K
z?DJ=r7xCI+^XCfNh;bCIVaDr8Qm;kWWzxJ{o};yf4iq01#pLcK!qSl80w$vFG$vw9
zT?B`?vXtq6#Kqir&3tBQX_i`cH1J4bKs~~Yd%%=}9%O>+#HGiWuZsU(JCN@ln*_?#
z;Cr?hb-6mv&Y|26*ZFf~{Mdo=$7;1XcjVzmqh}s)e?XRg!eAG-Eoj5`pe%*&Y+g4k
z(e845%aA>=HYFC=S!d73Xa>m^F~yRHbRFQB$->JexN6llPEqaET)tUWttQB0-JT)G
z)DKR@S?`!wG2_+g7mH>5#+@=Ihru#W-YkLeEM*k^*wVqXq_@#i?OgfN0eZv|uzUjF
zHz^@^xsEU62SxG0lyi5=dAWt=OiC=i3x)6H#Vr`B$Ban6|M?i|FycM=jdzdq*)@HB
zui75qh};!bP<Pp>4wKHi<{q`XQCp78AkjEZ#h)AucAd}P$LOM1SDuFJ+Q;15x545}
zl|3(JnY#rAwc+ZW>!eD!={jupX=Jz3cApjzxk^9eHR=ysZym!4agy0VDibO=WUi2S
znrHWVy4AbQV`+<9TX65(?^s;Ob$wqs#RO^491VlLk;5Qfd@awzXkSS7FtyZS=CTg&
zT1|Wj1?}j`HZ+|Mh;!fuQmR0K(;viDi%8FEVRodLVbI>9npY_#UEFGd(z+QiSbA#X
z1)b~$rI^)?uZO*-9_}#dNtV-t2P-%)gRwxCL(`RGL$;fAVHsjtRUSYc9a(lhSm6P^
z3OkX59Rp*g!ndIDps$N$gUr$|lPSkG?AyuF@w3~IW<*et)CVHds6u;Qzw;5#StXn2
z+k@@Vz5?abcT1h~?%mRgNADJ&%&6|>wvMW0^ez5@*_ob<MbPIwV$jr(XBdrrq}CbK
zJ3J2@bD_$$t%sfr#>XkB`xq#GWEnh7A;urqY6%jzYAHJLs*tT9z;~s6W>VJucQgI!
z0~Pj}(RD=F1NcZ~641VGQNXw;H6?bEW|#Fm5%f`U4{EtLaU;O~e|U)7cRR&EmuuXu
z0+jeAq)pzY>@p=KIe$<cDO)=GxVc`!li|tsft<O|NSKFj=m(9(TAL{Z3PT<s>qZ*v
z7m!GVg(aU_K%EVG;VBGVpJB2{x+k#eP&b3JX}h6ZGlw0jzjzkapCKvsrNHd1K(Djp
zF0ibW&K6D!S}9nYK^HhkTX4GAg%{oHCg!en(`G$QBps6JxXQ+HpRYT=5+vN|LKB<Y
zO@JkDRZw)itk+gH&welz=^b3LE{@UqN={ikb)cJF_4=E;qK;t)GN~2JWvxYDd(-ng
z_a=|+B_m2SzY{QgD`MEI?3+=ToL{jkxh&(hYSm-%i3w1M494?$c#Co#Mo=k`eQB>B
zP69Y+1C+}iIz<k9=oAsF9l{-P5%CDKSt2;i!PK8sy@HKoI@O4?BR1}Du1o2Tz;k_h
zaq-IKjc1eXLys<e`Q_D!Vz>~&G?x*zhR}`h(v!U&fu|hIOh-L0Hl^_}OZ*D9E0!)%
z!vaQ^C?G0}pffpw?xY+hh8Nt5NRlO)K1i+H0C^JkVhOT}vVhS<3n`1TLapt0YZ%>I
zo9S(0m$2F08^UQfML?Y!d`rrF0YI}AT;IlK)~#06jy6;>SA_%gXYzhAXjU(&(9Q@3
z1hW{gLbJ(T8u*d`bQ{u;<4}bhQSMCBnsE4=c}byQj5bEnmT-bcj~=GLQF?^WdL7EO
zUIHJ;Mor`OA&Po>oE@o=%;cZJ)8z<3ArbNvgwK7Pf}^Ja<JKw#jbZl3`C^+#6xJx$
z5RKEe46_^u9o1$!brvL7Gtbb2u90gmB~vgxz6ZU=B09>R)KVMi?JPKsMagtrrh`9j
zO97ecORp1)2IBU-0I{xVBh}}OsS<j#q=TiMK@(F;Gde)p89)HIp;NOk?R*&~Z0Pzb
znVg!M$8l=5*=a3M2X+vM&V9|3$b$BzB>#SeiWJMizKpq#$th2Jo*rpW1#&z(Dr1zb
zS2Xeck+H;tRuV5VhL2jXjnQDg1u83#djS_F`r7Ev!DqCJ&hLQ|_4bZRH2$XhJ_Ijk
zh>M~~J4I|3=!C&bJvE7-&=EG{%1wAQDaYwCSd=zu8}_)BC*3Bvt=sGpD@MU7*OY8g
z)C!QA19a-+12}cxr%c%$E@14XkBqqlmn#bk3=vp~qd?J5=+PlJk8#Gvb^OT$@G$+(
zm>X2IhxWa{6^<FSxLlX$@Q@q{#~TpMViDCDRYdJsky`}gsw<a@U0#5wy51HASoQlC
z$O_;L3cR2FANc4)pIGDr?Ruc0YAiC!co04z-INyzHh?0Iv9bx*4Nx|vl)_+*kAxS=
znh~e|1#sfzrkh~r3)Iq1#G-&5&K+ptWs7_brnP`;cH4C_I~~}pok{Z#UKLeQtcXpV
z6D=SOwzYuMg-%{)T8m6-E<N*TK^+OYX^snB_@oOmbg(BRMcq?>R8m0Tc8vEcK%<Ph
z9Wy0t8hmp!Q%18oK_iFTgT0^K+g;k3z(d<^5)0S?E)Nb0+JSAfD+}whop(f57`dBc
zypCZxonzx1OhhEx+w|~gwJ8Y>?doUQarJ%Als00<#_4N~0V!Ms9CZ>IGm<{n1S`qH
z-#U$HAUi14=xZ$vl!@AG6blM`?*QxBLm8VmZ0oQEP^LA^y!RsqjA{f~zX*c4cSlbm
zwlz)F-O&}?-U!X%wUgsxwLjflKSURZx?R5y(OQ|HuZY;WIx;w}gOjxbB`44F3Zex<
zVMGAchkl;w&ky>;Y+y^SXN;!D@_^r#?AH+wC~IcayhJOm!RzqGEZ@>8Qbx0)kk*v9
z@!ruo(}Hkgl>E0^ePeGmm39k5*Yof>LNq>7=U9jh#Uh(kbb>(G%jm@OVM2ere58_(
zMkvoXXZSbfU+TFr8D{(;X=YYExVD0Ut@${Hb(TAvV{VsuGLt|nH(P-C>?5m{vh;oK
z(b{u!mZ&?-TT<NZTcQ=$6sK6tmTm1}%uOfbgV1~;dUtn=9z?=S%cBoB@?D4NthzrQ
zK9rj(u&sb<UG&XC>yz%l<6D4K+>Du7Qaa!{OQ1G<gaJ;}KYnKAm!^}$X~aR^2y*zv
zN76v*RJfy+%G=*hB^uz9r|!Up3H3`FbD}Rb;a<8#@*cTD^mhpRoSo{LuV@DhkJN!p
zI*=oC(_7Rgy+Nv2e1|_Y%pP%d)6s=pTkgVS_W0%HtH0|>vUeRlaJJN1x1t+&y0H2}
zrJJ<Imm<2*TjN;|6vyS=tmt05Ks_<<LYJqL-7eIwYr0@@DP5>*%%ML$Nt2^4P+H0^
zRCkhHD4KvS(8<Q(ZpYI!_IO+(bql2L*LD-`9{1$t%b?wy_r_1UKzB(!nQ-797rvYg
zp~V{N9>AC|Avtuf0~@w89hD{67P{k8sj`+1Ot*iHOhb3J3u8GuL{!oPhMp5V-E{aV
zV5eyWlVwIkr8;uIaRI5dl1;D~(~V3<%-fn1r@n`Ru=%?ScV#-iQxGez|KLcN%j6ul
z1f^S6X^;xAZZL}|-V}=%M$+YrXM8PU#n5QPzMEaZX5&54j{?Gipnd5Alcu4S0Qu18
z=8N(xd@wS%iT|!f9LLKtyt`IpX@1Daj3x^2k~4QFX_uy5Fpm!GrnHfg#K%$j%)6R2
zVhpko-{a6Jy3}|IuKTqjEzp8DyV$t$v?KejM0&*a-<8t6Wv#UHb-we5$FMtexu{Sd
z`6!~Z$s)3j?kM2OhDgcWz3aJdy^KYMnY74q0ahdjD%p&c@PtpP-$lw%;c-(>2WNaZ
zzD%Bu5?fdTLD(*I$-f{DBaVz+<o1`ovVkms!lcYr>-x1!-P0|qE2D}s(3d_i%PBkF
zB4bh`=2?qnEAnVDT24frs_DMH$OnO0`06u0J-M@6K=C2bh|AYOk&N4fA{L9{i;r3r
zElH7#ZZ00Q7tkHop*rSt91T=_pQXqg<Ezy#MH*Tek_*7zHVVV6j`bFf4v*}!OFc;|
zH#@ntV>-Y>#p`u$JQ^jHug5314>2DudZO!t=}{ZXdbUCPt%6ASCM*_pK@2d>>B2kT
zC9TPAL(vqpxTTW{um;?pf2LR1S&0<|N+Ob02T`x+Zy*Ke(3@_KOL|kxe@TCexiRTY
z0?FpJ<hx~FYC^qv$!!lOy^XIK*$F*gOc7lg&F&3G*)1<5bXLZ0+ehz<Nt4iHf=2<<
ztDE#$*#f%eO5FmIdX@}ii-fh&OfOG61va0I29KmvHrck544QUeL$j|f>V}>cF<L5O
z<3^0xK>CiWkJv!tBh)Q=!%&o?;UbnzoeT(#ED|MI);A|!XFAD?Oc<Q7a|(cOr2<gj
zxOf$s@glXr<N}%;@6-oZ^174b$>mNBa11SKh<a<XS)_5~+er#q7En(0J}A@L0}h(n
zlT^3t2Sl?Gn(hPBb}yL5`{2=fUs_{NomRTpu|~0G5_6mCS)RH_p?caMHD*wBF6>&0
ziG|*xz(52jV6!f0l6_)J<-4@9yyWkK>|{0HpO{TA2Mk>8z<ARzGyC(%q#i|hR)oiP
z<Bp1Igy_9{xOIY=?mF*2X2wIh9HJPz#TxOaOD3c=;?`iDXiul%OAaa7(Fi1QA`ud0
zX=sQF_`IT+;-H#TNm+TJhLbg+9`Lv?8dn~)EVgY39azhL+e^xPT(XlD$q`MVTaVX?
zW%R_%$301cR#K|)c)Di}>`Hrern?qnQ#sUxTmaT~Y7%DZwVGAK44-6V4QJ>)isSK-
zYeFk^R2NOpw2tyRLY*lo8E-40FLQz=)q3@0e9Yq{v>%^;_8Af#7aH_xJwoe`1`*Vk
zAaqBb@<=e}B?M;rAcMWA*@+}g9h%DH!G1uF8nIM#RVEyf!|XXCGDvL*bunA!^Dl^=
zklPuZwlBJXu10<%8h3QC;_&}Gv}X|9XrXaRw-U?tIU8Mj4UTn@B_jc7(jgYR0gT&+
zCN$kDG=W$ZlqE;Qts}*^d?kcPZZU)_Lc^-G?Cu@Z^#w^tiwN3hj3y(tjTb|E|0k1;
zI;c%Km@>IZ_hD5>J{->2O`NX=sx?U0M2=nbN()7CBSuZy>)29Q;;;y>CzjR}2fWpy
zHKPXJaOFx(1F;ctiUhK)n_nb@JxH#S3TV@N68h}@<VeX1xRy}09Hm-lv97s*6*ULc
z>>le4Q&b`RqmBZ?fQ#5Hw{~lUuenFb;0*)W`wtI!SOnh5rGt_RfW1gWwO|e=t@m}~
z38aZcxa5{)lpwIVClRI-33{jxf1pJ@+2yYply4qhUX&$&bsKT`u7xxT3!v|v4lIPd
z)!}rzPL*|`${^HufEFUiG)C|!rJCim72x<X4+wQlTmbO}S^vU-S2^G_Ks;zr^=xDe
zIwJOvWv?UKGH$G6ez#pmxw(jU5UR%V&Y~J9n^kU53mv8J`zr5<FVga(#}4|PcyHDY
zJjOAtMpBf)6frfB61bz@JARlV_IzOF@QGJpu?IK<qH?#6wxFhb72hW~aCtnU6$4Vg
z{i3U$X_>aIgIbd<3z~Zh3u$T`Ht`=WKV)R&jw>AW#D8o}w|0uU_KWbgN1hl6V#cSo
zbV6%vJL-lkZ0*s9MTWfKwt#I2Pyg%j(IWSRES<7<uv{)?+R5f#CIijOOpbz2xZd;a
zTHpBCCMaUiZ)UBw^(#_LQE5JRRxvKpMP>E7WiDQ@FS3ZJw)x+dRY8OXoN>DCz!HQ>
zrU>|*2nHRq>&|L@e1tEbefj%#z|FzqksMXk01Em2LkX$F!zh;^H^*wo?Wip{*|Hy@
zhD?Wt<b%d?k4HA>L>H*`+8MXo098juX`EUWwn5spWfn^LDNq7goi5O6b(t-fmF~D0
zNG{(>@N1PatF5FRe>0rO@9Sf#__{hVa}*tdwn{xvJ0WM4Udu?S{5No{qI{-7=6X|_
zE!uWAN>{eDY3{d{&6)yLv94{~Kn4`)d(5cUFdX<Vi6#en%ywLn;0|OQ!0^MPOk^&T
zRdv}VaeW%Hz3^!Dtd$0fw&zt28J#KqZInDy;hVX=1J)BRPiYJ}gJpi{%)MvR+^JcQ
zaY1cQFFmFSvQ~tu^?r2FG;V4=x&eb#7s9$VGNk}y&>^%gH&5KA*`r;UTD?E8H(oP&
zQ5!(5<W{JM4^FaxTSeK`LImk&FirYqqZJQ7J9T^~C1^b`h`@zavdi$D*aEo=+?>T&
zAUXHcLlcu`z{Uee%i%ssX*nzdTc~L=`+Q4*%_rQWuJ50Kl5z-!`=S#?_RGj|8Bw<)
zm$?hjw;7)WWRl7ww;VoMIygLdHsK32)u0ZkxF{k(EmjJ$5PFZDV#>ogU@yrN$lw1o
zK#Zx(5fiKBOWa8+TRIa+pd=P_^WJbwYE=N=dibQ9*#_AK4?8_TE0P*Ex{|^V4&;UK
zAjKHr(4N)jcp0T*DM7QNMpHEPIK|X<5lrLQn)!?mjvpiT@IY0r$L=3KVGSM*cr*oN
za*|~F%9X*hS@l?&OA9Scrvl(2Qa@^))6dM}rc$0*WDma60!Qf==F{Tz&ZtwZWzh+5
zCf5aoOhrsB)O)y=DXg}7FSo!t=)E75EuRxdANpYEE!+*J#19i#Ew>5%SSSn!TaPr(
zmDP<cY5P1j+4_OEKnus!%|-rQ=HKW1yTZRO`1d9MzB<N7)b{1eOUHT*W50-N#Mbzx
z@^OXVC_PbKk>L#KKr~*LVDxSr8Aig41(otG&wH-ft2y=u$xm8w+FDVCBvD-ifo5O|
zG0O$6k{>5^_;Vyc3PKVVf`oacFg0!^U3z-5%U^_Lmr}7$tA}7T4i))xcfg3Z_`|V<
zOdzX?>GAf6koxa(C!ZRzZzZM}(oqV99E)6^ASxuGK1JjGPI>`aq{QRD0@RRolb=%g
zuVgw*Q<_*r!^olcPY+2VzAht?)u*Ub<vx*7YEC?^UP-^<6T#GR{N$*+^-XDm3|FZH
z4f6Dt!(_)`b)-c30ZTy^F+$W+eoW8`Gyt%wjX0|GM%+~2sW#r-abK7s;5(+<DT3jU
z`5H~p8`%OhL2O!5*sMEKSUy}+a61RxoO5Xjls-Nj9`2_cnz7pPH7phQG0O3yaEUD>
zLTTY|c5#Mj`T;{EKUEVz51DICf=vu#Pid)cQ~?;CKE^X*Bxp6nU!;6Gev0U%2r~z@
z&<h?Gy$E#F^V1$M^fSQJkus#?JH^!X6x=$<VV}0!JF`%y7PW)Ea+Bl-W(vd1)!+oe
ziq8#)&Fe)3d5B_eg_&8iRMZUPQiGj7TZ6}eq>41j*ua2whz3}A1d`RmUEcU8vG5e+
z1Pc)MMqJOrG6W<!#(P%6JQw13H(LWJ9*<pzx~AGOveZ?yX45M?gNbr!8`9TmO@AI7
zz<_Y*nY};pjxP;mQla2&6_-G38Vp5vIIJHOD-ZRnhdlaSTiKH4->f9IzPie5EPZ2w
zF>fuoeSk9Ufl=vXiVHn~N3}YX2_2xTqYKn^pN}3dJiYpPT~(c`dYm1sLCzG`QRS$Q
z%o=*sxUWz<N6{c;1u@3lO$n|jyR440<z!&1q>U+-R@}Vhfe7jj>C?VtO9^&+@B^>E
zEXb7BHfTx$i%I8GZ?j{Bcty6*_E9Bdr#{;aYzzzOCv425pmJ$Usczk-&@$4$ew_;^
z0Gf>S6RKku4DlzF9@Ws6EF#xU-$wEBOG61*d@CqHL;}{5;?Af_UEIHC97!B0z9pEm
zWrmcpAy2QP&#wEFz(zBR7HZ^6FqA|o#O)dkzjOtB_s)B6wuBn&0R5M~Pg}XKhX$xd
z1x8(8b6e(mKHzOSiT*9}R4uqH<Kq+)xpu2%p2h3lCBcn5N@38AT2rKjk=A&DkKUQ!
zxKbJKHe?J&D}kITYl4a;6`|Vm%O<N4wLYq^Caj)*YB};L)4JBPp22ML907%M1c%sS
zr0WW1bx7mf)OXa6t4aK7+3<wU?12vnIO>4~4}gJnGjp2z4xB!9VD9~?13qZinT#8@
zj=i&*mC^LtiS=C64ZSJmL!0J3*hv@H9zOlX5MpVoR~6!svrqLpJ!$^+o;txaG46pa
z0XW;tLa70aDF7G!oj6*rMuyS61o^gukyfd88J^JE7vh>Vts?YbQ8jzmsDILkK~fs=
z=pHRhP*K-|LucFs#Nf6(+t$n{>S#J@K}dnq#@U3vl%VjAKgmSCC6ZL99zmc5#F{@i
z9=dwomC`B9Evt@Wvp7f~$h%zIMrKyPPkoUk)-S>9>A5jEZq^mm;QES91Ycs80@W`5
zE<}X34n2-Df4DV?5w}OXjK-oCG(plr`%1B>ou^wfiJ0BvTc`D<+Jv=Q9q&Di3h!Ik
zMN<nh8%P4$+`MfY)u0u8c}m5dK-wdN-ETdeWnxZHjc-dN<m(oy-em43Nb70e#%+O@
zeU6*Zaicb^6^!)BaoNPA6&GWdTAvN}kL}ij14V)z=OG`bl+b~a2Khp98+20JSI37n
z$aMFXTcG8ABr63Na{BQjcEjURM+q+1Jlp(=hU+d_9%FD5ZkDih9PTfY)_ALwa&3)s
zI6hN+ZwfC$4ZLKwU#@JAx9~a3+k|JBl~NK?m=9R{;<8Z?rpY4`rfM+9{|L6+<Feve
zl9@faYll4HBGg00<+lSS>w%{pXBt`%CZYvF)!?X|s&KO$;kpCdDksMaf3E1YcyG^_
z(j`b#j95Q<%w2yl{XWlk`S7LSyq&7UP|N`H{n5qG#n!+C$~~q969uqvA^;YCusyb4
zT;3l&<U0s_>;Vy5nt6VYr~V7t99NH+{KK8#wDBKmtmg)pCW>M2J}i>X6>|qGJ0=H;
zCp2rF8Z@y4`;f5eU}C*4MOd$g$Fsq~6Gc$%iaGH}>Vh$|tNR;!D>vb2KTEn%Re}xh
zmCvqx9*{lubA&gx51-};nh6**w+_`+$bB6g622q583sgTg6cJGCN`rY9BwHjn!%?e
zFbYh7HKUgik!-0$I>lwJBtBRg>trXEQcTOr^NgO1rX!Q3MoQz$Dk-EPdxxg}^XQAu
zmk(f``M5Yg#s@;ss_ij$DF)`M%|i04g=6=Crl3Scfp9d3^iJyI!F0@37XWSi0^o0V
zbQ*xr%7Iw60}_ImP`Vxe@F#tP<On#=28Hj6ny2Iq^NxRM4WaHw7uIU`S1|6a_Nb?+
zA$^5*fO4(^I2`SA?<}t$NhJW@WYDk(%No$%PF8%QD}_W53l*5`%~#`@V#?ymgBN5%
zdfG7CiWlSqAI_9d(%7kA1W%o#zBA?1MovZi+utdoZ-1vCIdX&xcPQ5II78A_%Yfs$
z<j{I*^IuDHk|!nkK)iPv!1Bw2%7nbIDcab|)N`3C`eELObJl6x<WzV^N$#TNqH=vb
z%Tw|k#)SFivfW!|Sj`?Oab8*{Wv!J{g+))X{qCe-Pu`z2X=P>1Ey(IJg<G%*0+}?e
zqn<HjP_VKYQV*0WGj!!4i;|<W$yKDW0rp3x1?J(-aC71ELV2leuq$77VCxH47jJc;
zi;JK4L9cw#16}yyv-{l|t}HI}KxwT9N^3pP%U|_D7q5KLlXqe9t2Xq`;yQW1>Gn+h
zUF^)w!ouYaZ1Hjzw(vz4w)j;Sws5rz`~0)3jW*z1ACDHVTv=#>wS0@0o3QViQBlR!
z<wj-xhQA4el5wtLo6*XP8S|W!<U*rS^Yz6^Gk(;FemB`qmJ`)qZw^i(%+-lsO62Q_
z(y+o$)|xHj+e9Y5NYk0Fuxk)X!x<mNusdyd4oNwdjo&4tg#!cd#oO`p(8E$9A*`D5
zwk5J#8gaV3ayaBu+p0<ToES#!i;1bB*YFjCpQOmdCfCDVaXe-Vg7y_fwM}h?4eL~2
z9yoN*oR+4J?{UmFBCb@aL5Y&LpstyzGpUkf1YE<oNPY~BspF&Q0f@j=f}g;s9u*YV
zm4bSDB9O$elqm^SqUaG!Y#8i?OkR`{?T9xpn5%9grXFfJqfS$2$hgNKly3t3L3f>w
zQh_(r_K2m1sYVvkwGc%`9he-)w{sobne9axbF5Xwtzy^;K6ZesAn%|iNUTN)14SBf
zY!VMqaDZRP?(#C^Md48i?vAI(SPl`_(FQG1?7`8_(gFI&lxw<Q#JFHDVr1r6<svpR
zqjJRqKpo}mC}NZ?V!4~}lXVHN;15xs6{%w^Pb3Ue?=(rSDZ4%19my@1Op-#S)_}PJ
zs{vAJ)7V>~$Fe@O5DnR{KTWlH@M>X${0;Q+GXv<>uK{qaS_7m;BpBQtX->r<sfS1@
zEeJ!3#FL|gEr05?_0TfU9&L@ym*DX;hd__lIW%r9m~By<q(#&Z(VWV;QKW8iWRy`(
ziz2#iM{QkJXI7EA$&pb;ITnhjdUZedYTeG<x+<{%Md~J}e-Txmi|8ijUm0ZxWt1V5
zQHD@PIqQn3MpQ=a9Itz&0hXzDa@VOEZ=D(^c%5qFU96)vz%t4Z$|!v<qjWMw^SSGF
z*`rlii20$EZlqc0`t<aCjbqb6hHzFiX$3Z(9k>a$aoZ3kt{U*Rp~|62IRe_t3*S&*
zZ?#mHV$2m$f<RbwPhqJ^fK4&ao670wv<E{b;J|i(de<>{vyRD1OR{>~M$V3fxrutD
z(OU{Jf&Y^SQhWVr*HnF0cy^@lK~8_~A<N}%C-6nZ_AG7pYNwvp`TmzCQ<LNOLmo#n
zrdLmCD$V#WBD%J|KX~F%^MSo-*=8)2o5$Ofq!+MMgcbv`#?`=JZxqp*5l1nGb8*kZ
zB9_tJBIz0*k49C9#$dLN2_gY&d6D_^v-dhw)o+LGsuu-^L9}FM#)003bC1X8=C8#=
zs=`CF#YY~{MX0GuJX*VP@hE-pOUWY3@Zky0b**MKRy)*jkWRf8Xwr&PX$vyuRJ3;<
zsSd5Xz8z>+;0e|SsBI}(tRpf#_K@2=dw3f=zPg`F7^N{8{)x#HQ5|;EmE!d5HXrNd
z5ap7D3$O&<?}6E+SV|vw)s*5$F<j6tzJEyMm~Z0pqn9a1s8e^AkH@R_*yC{b-Y)0y
z2sb|!2R&`^eLu_%E4k;rHru(jEdHa~@Si)^jU5rz8knawiD#+O%dv>&2jSTJU4>*=
zew2c`&9}GVoM+s>Y@p^$eYKF*&0&b#9so6WJjADgJuvYfcaq{^n_(_Ztd?EI9O0)9
z!k4yMvQG@kCXMj6Z0l1P&d=NDp^*iKWC)vCo6GMo5O{of{gzmuM0*+_Wp1P^<2_wG
zTZv&KCO_%}%|;|ccIt}L9QubXL~auc7!4avq*Pn~6c!rQSB+MiX0r(yg!O@?-#0TX
z3yN<s3lq568UT(oU}{0ve<_PD{!%c^aCOHd`_$$8x5XA)O)7;UiiL6DWxpDg1qMSW
zp%xKgcH7)M<%=4CrP>VVsHBrRP2;jmwWcP0Y`!|)o>_wC0!(+;NzJSlJKi=s+{(oj
zvBH{fmsTP+6zKk7JR2?H+5=@MW(^RCeUITp9N3!O-|~Z?VFI50!l~Ks#+a**kt~6^
z!{D3N3Yc7F=DoOD^3NY^9(tVT9b9KAQ}SrUO$@HDO_8O8LSJh}VKP83gKEnm=*w~p
z)-l1|{PPc#*_=Mx(C>Jrw=i)lxV5WDI{rPP>y~PVe=DXl*CkK2S_FBE#AjG{?%W5H
zw`KQ&Ajh{Xl<odt+g**1rWW5ZAWsSItXy9F%!xV9mK2BkOY!u;bs<GJ9u6XS<KD)m
zY*w}wKU-Lg+$C)5N)4x2j@(&^>>GD3=X#4EY+iz|%#KgKyz)gvsRy1frQKP{p(_dI
z-G>oO@kS@NGMtKXB#n9Tt5j$${c4k>;BY$y_9Nho(oJs3Q;Kju1*bV^IK#`hNJ1On
zm(u}IBQ<qN<!kzq;_2;RVj~ieAv_wTFkhv<1KrSiCkQgi?s)HH8gc0sBfOo12#K&T
zQ6~D9;%IW%Ahs0}#I?O8<O${%QGT+woAQZrAp=8h65xhDFT^Fz{xf6pWb2MWkhnw(
z!gHjMzuHL=Q82V6uw0hQb(j&md$J$FZy%1Q`$va|5r^-y0_IjCg*O4|>QXKHsA~;T
znpa(D+Ll1$z;islN39udB{J(^@^Q+l#dB690gN;^AdI{bKQzuIWhXI(IP4(N8O-`g
zmyrOFsv<_I)T_iord+%|OQCO&FLs}$$c_(7eNDE9vcHWWr(6W@@LhKvi;il5P+BB6
z*^NiOkQjQBLe1QhRNCD~P3cCmCpTm4feyQ!i58>Ea9e4%U;&KBw{g8w!WZmYu0BM&
z3p59pT&hJTspsHSCi<E-pNxSI!)aH9HLDzJ5vAKjjB_p$iosA9?;Rq65~{BWgx@K$
zXg4K>FiNSq2&YNJjnw|3FMOmF(}j~D@BBk$t7G0!9j%SE3y88q2EeBpNS`@=*Lg#K
z6KP7{E~&$s4{3t<2s}5ED|&jO+wdj;WN&0xvus%KW<tmrYCuiT7;^!tLA9z+Xj{0n
z>@+}n^Q?zt7I)fJN8O$_l&-q!vs^SOmdM;E2B2-WXK;@AgYw%p1}rh!04#m6&IY3Y
zZBVf)mW8|A3Gb>RyJ@m4qPct^z1@y1v<x(9#ZQ{aeki$hrsQ8M<G>YJFWILn4d{Hj
z1$}OoQG~nklL6IsVc=`9*lHS3ohgmEk)a9Gj;M<q7vVHFR#X<9btcVF-9SR-)Ieap
zMH5a(k~?~~n2*`ss#x3%MJ?31>^2)D`O4ELkVd8-fajB%pxW0TM$Mh^We75nA(pzv
z2is+&3E3WEET#1gGx^99woHWMwo{M)uv5U9abVmmgvsu;rFAOYA|mTSRwQ-eOTnaz
zIR%n$KZMB$%^B@+SWMtx6Z;giA6Y+q60ws7447<~`rX>r-|gX0KQeV9jHy4rN00PZ
zsIrL>*uEnAzN;na&lWU5zex~O&{P!)_^G7O5Bj6$2(SiQhlG)gd1t54Kp#4@kW8p7
zuyKMnGYp6Z&y)em!d**>U?-vTt4_k+N#93v{@jD=xrfwiDX&olTc)ETJlF|^lc%{0
z&+69kA)m}sjabIX-oh$(DZ(SFP|M3mAdn6_IK;Oo?yZ#h&V9zJz{X|@2q98XR%1$A
z(F7`Bt)wvM2N6C_u|v<W&Lu)TA>tfY%n@H9x3UMkd6=>tkB|1B)c|-0ZWXYz8R|`z
zUMV4%c$nK4*dN)ORCjn2WC0M|ev?0BU1|BsD<DD6AkJBFSaJ0aYiuwq0S-MR(<QF9
zmIN5XckWm^#H|IPtro=U$VJqi+cu^;c3k_BVp`klTv=Q7+?dp1qksv%8yVuowdq%^
zi19r#ud~=H&&KPBlCDWtRzt3h;8AmQ4V#K6Im{uuF|_I!oc*ekOtjhK8DLaK&|G4y
z_N>myNd{8Y4p0ovE9njl%B2O7vwD6G^oK)L%HA-2t7;=STR&qo$>sM+3LrtFp9b3^
z$<NY=g({eA0m_yn0dYa0j){GxYH3z?l3OhUWP3ZXp63dq+b2@u-Z`nb?#1uMNi{i{
zL+kKNT0J|dwjVp4N}qD74kIvp$YtSUDYPCNVOMbcShu?_7n!CWH<RXHXXAuV>m~y_
zoNWobj<&$6{+$Bs8vT$(KY!34Z9e_}pg+@t9oR4`n{5ndkE`)9%^f~je4^28KIsnO
z4);cv&>XAcJ0rZ>>?oo`P^Ka1b87n;!1B!nInjYG@cP3k2bJ<uxs(kX_8ve0VJ9r0
z*|ZVm@|6#6m@RTDzX8Tgm6Oh!v#{E$lz>zI2`%sK@1$<Xb4di1LeC<KrYVBEJtMRe
z3{SDuqbD}SOr2MbIrH5^4<?fUMX?^_0E!1hghXsMpBxGZE?8Q6rfOaEv)+Q-MzT{9
z0A90*$v(3I;FI_JTdoMk%$B-WZo=<f-?z}sXWP^9PQ=k#LBzJ8f74y1qeU~n7BfXy
z-0Eodq&jBNLTbM8w3=)^WwoB_(c=-8-%l})Mziz`8_B1vbn;tY$MYehW6QMMDNQUr
zZouVVAVJnf$M&Jz6dmt8t)B8=>uJR)!(a5VPpj#65({sR6sh?PMTI>2)gn@YkkRY`
zKGiKU9eP0NL0NOYCPaD6m5OILvC9mrX0p00mRtAw94*^eGph0%CgqOVE!LEDxgJE1
z<$>cJ%vqJVqjx+hykCTm_Y+VQjbIt$FicVOTdL$C|JHXI>(gq3Z*x?3L!rP1|0ZdU
z?(;c%V)Z0>d}>fLRNN&Q>Y*QYHSW6!%>1XrRmpM`uFHNfb>K5Z7R15-ky0l5w=-kY
zPdx<5$Pp05;E;k1e4JN%_Lsd|+T|*Nd9<W70)cFnElobv70~BAOPA@@wt!#@UD$f&
z>o4DeI*4sz?mZejGs5wJ`=f;~jAwTJX9*BxQT(e`dW!1<x7;duA`dmkb&!cj{f$Jk
zXTSh@<Nye^2ZW;W3FXM!jPset^fhc9!I1~f*zDizTy`L?vXfLSl~~TKCYENy@i>F@
zShoRCo}3JOnIqS^??a{LU-k8thR&BsmsNtDB$tqDsHaAQgA$Z{*pwhmGwub}4vy`6
z!7)VX)Xn*ZBv+&clMy3vjpxx_cs3*QeClD8kf4QFg@(={I(O8+NUt>>G{uEmfa6z>
zNj$7Za%@8?2DHzchX|VtL7z&FGMIqqQkt*71w@^2tw%s$LEX$JS57UFs{Bb2B|*-?
z&Io&WAeRKy`u*!$`=h<V@L2`%-#VJ^MpR^r+cx{Wg6#t&JB_r44a!7+c4$;G1u=V1
zA$;Q5t(`8|;op2$nN}>t^~vIKBt9;}vvA{|POd+s0x+g5NQxlVrckhiDar>s4xUB$
z;Nh67%?uc~0Y|xSBFL=Fvx?DsV6t>{B;G*?=l#ESNWj!gk3;EcAU3f5PVBEUcBX5x
zxaopXI9LP%Wxw01YK@b3u)hf7k%E^M#HomW$Z2jrZ5jmNnW=twqa{b+_LNW&3?@7*
zSHvl}pM%FaDC+51xgYW-{8d^lj0jjC)(9txPyA<QhE}*p+2UrDW>{3E3S*Yln-qt&
zl3FzxSJX#`*dXt9%E#y$@ii<ei&}&avZX6vFx+8InKL$xLUJ!s`ND^(^)wfxeR&nG
zOK6d~7tR1fPuVV%K=rzeYxLTncp<NAlD@EvtLB_a4K8dHu(WO2Ds?4^?aKgT(eOJ{
z=YWqe8{`6#?6xzcUdjyeyVD$}Kg)+8ylEQ|m2!&S6*T}ZxN0SHCQZQV(L*esd2*J)
zqb^8iM$Uj%F-PdbhP_|OAPgE&jO6$cAB4@Z35($JSB6cyprr83dDPo`eqq9Elni%`
zKwk=7tFvhYeR<LqOru7%#9osVg1WpB$_`M2?__KP%5F&0)vS~4>-WPM3}@a3`3-N*
zf;5vOM>SqS1GTT=RP=K+(3@9<%)s43`rKP=eQ?>Y`30!^(STB6&N4O?jh7EyDJP-a
z|EmT>FSIHOF(>ADPGRU)9sZ8DLztpi9$i^n*}#ZvGFs$&4a!=A#26*8m>ti6hkoUA
z%8Pe?MUwEC6hng48%Gg;h!(vSM61iCv8;U~ny5eqCNhu#Mh9|~Ig-jD1L_T3fMQ2y
zkjbk>spwV#Qt$Gf%tiC2%rLojjA5WIfFqQp3o;eL=IAc&8tPQ-*c?myGXp?4JyM(&
zdGe0T*^uIj94m(%8QWA4X<oH1yrC5p(ligJvL!13G4=wqmprT%Aofl(Cb7AIY(2?M
zNZ`|%m0E1-Ds9=3b8>p$wLp<PD{{*9iv|%VT8_sVRY2m12~d6J1Rxw<+pevF%dW?W
zIOkgvU{sS?JdPZxnr5!G*|#`vQeVyXA`l#Wm1_h=+0hZy65VIZ9$JDZq%tt0JNQab
zuxVH$$k^blifY8n4`dU#<#)kJMv-1`$pS_tra!}3FD(}d4-TI2B(wmKvxpfh`8YX9
zQsaB9JCAyuQl$<dw&+5+2^4}*pb31`2Go7E6ME-c`l436R|@50#0{u-c{q7*suVnM
zFCS0$VanYZkXjP_1P!Bpy{CQ)rT7?;S<mhjp46e`XE32dXk`@14GJ>TpB3|DqY#s$
zA7({A&LKEXD6R{@(2tpXT}S*x$%(T%g=tbz$v*m(Qd__3yz|)>P4;+7NfYXYAS0G8
zLmoj+^k)>ui0Fp^gX!=g6o>9Y2Lh-a8{wmr(a#r-JC(XVeySfo`8Z@A5fNohK_5(t
z%shEld1m^f8uhz28$9AuRf9+SL}0<4=}o#@$)3gpGg;1F7h+jTNs@OrVVEVjs5D(z
z+hitKkt^LhS3?<CZRxXayE?wigiS#V1yPcX_O!vklgTAUXwK&^Eo+P6Hk+r@zB1e=
zj3(RrE_pm9n;zTOK%CWXapy#`rt3PEB}@wIshFH#Cd{m(EUqc^Esf>PkzITr;Sbl$
z80EZ^bC);Y$ZVX%`HeQsaDl|CkCM`vY3Dkoj<|BDj)oXWB|9gRiOm7Ckx&c~&{bR#
z<GZS6pNdPZ$GmI{-6g67bijU1ltXFGc+&G2h{ZMWBfM8~jgTCi_a{%0#O&>sKX1ZA
zlD{%m(c9w#yww$e^7g&}qc_NflDd_BTL8lnz5&!i?c{<>Q^ew_+HKj?@=16d;=px`
zVb~<G4JEI^iWmFvX=8F-JDKrBe>Phdh8+UX21mIopV2b50wQBmGf8)+{4jI!K1JoG
zCJLZ6*MP7E8_csbIFXy__2WT1-FbyFd9rM{7P-sIm`1`%@=3}iO#|+zS{J9kw(TI%
z0b6SWT!3gpb^hl<irEn3bU3W*gT%T4R5VaC<~5)mX+X53NrB~*T(dny!Q)Ku!lH23
zSHzHRZ6yOdw82Nf-RUysW9T_@x(wkwrsXTBlmofH%Va9m)v)1k7|4Xv1P>?5|G2C+
zeF9hPJsLF6H;jPow42bD(KMydq=$U6{W8NLOSABJbW2CE#(i=y8SsGs$q5cv)1l`<
zHcTCU6u`WNJd^cUM(;6+P`o7+vTi94&~EJcopF>V>)`>qIX=C>GNgbiF-3x)#!l6-
z@D)`9=v5tlEd7Pb93E})beoum*ACDhdQ7uMGuvZJYkn8_nY^)SlR?0XOzKw3ua2>2
zbT9|yuA}mwky7Z>Jv~&H11TMys9RFxTb_GjCLmukQH3sY>f2YI3Y0Om*SeprT6eRM
zPw8Ld`xQn@>I<O^9>g6{2B~sa`DK`E_Hx|vOvlLTj6{0}+ToGShf~n3j@E`DOPd@X
z`&=<d9OCM8@Hd{nbF&dAYWswhjR{}CyfZ!Csk7iFOZOw@kwGqy>?pROf^{*G#oIf)
zQRIhs*d*d;oJ-{rb^~odk%bj2qen&3Bp&Nod-yY`<8pscN2sBU&Wfa^6Ogjb$U_!+
z<K3c-`puqIE$V=kI1?>K#Y4%VAw0F6@?2J$7i3)*o6UvCv`X;davaSf?IVhMSX>C(
z-{77nlYWPCo51<T%R^lIuO8@1L$}S?jZu@nWRHFd7@()(!zZQB!!A(D^DZ<~2v2(^
zj{E7>K2H7UtgHdH24L?G@M3bfks{vRTZbq}kAJA{EnnL@;P;0gs;YYBLiM<+zI|9>
z&r=;$e^GtPe^2bcOVv(wvD&W=tG#Mm4XaDlK{X=Rr~K{`zgSKA9b2v`DFZ?yU>7TV
z^Hz_@ckao0b*oygHmYA$3)NzE!Se5uYex9j)t^!4k)`}5g?Fo`)yLJ}%}M#YYKi{r
z_tx`gb-6#QsxQ~cr5@q&nB4lS_>kUT;NL@o4*5GZh(@9G>im8Bx>RwuM=VN=7|jLB
zdhSbvBmV_b4uSJEi0UJ&X-NEl(102b$m#W6V3gQEP^0GY0&_E}o-y`wudUL9DP^Wr
zb>#siaQjW(BZKf>&|3D~7py-AtcCi2fgHR1tzO@zCgq$_U-gTN)wy%k^M6^dR;xQC
zM@P%)9#xadr+a9_kFbW9r~b5DXI_RYXIX}JU#qq2X*quK^uF?0^?6nOa+CTdHbobz
zyZk<3X6`eA6PD?qs@~K*{n`-kLiJls>RWBd)2e#)LiGu0gwBsZ*}q`xjPy6b7l5yV
z>dRGiM+^Cge}}XrByjkJYMu6`{8L}FWK$OHLPC^4ud%J!kX*{alHNG`Y^a^NsCIst
z-u|!D_hWi@L|-P<9r#4QK8UcBj87919@A%@fAOz+4`=qE>w%5sgwbj|TyKNO)ms~#
zwCc@U<akznL;iiX0o(DTGj8|ao`z@9PxW3KP2|A)r7gNwRiEY=E(yh$+*&=Y#er>q
z5rmzp`nub9)p<f5ts?H(Y3YP9>@ymXSFN<KtCfFaqmj3I?;0(L#6-We_C8<LtJg^r
zajIV1sBS`<E`odKsKLXF)s^atB7V903XIR`SB$uxdpGhgfRSTrf0zi<x%VT*Ynqqp
z_0CK6R$8eS+j#bnk?>t1#;Nt)v$gQPOc<STcg2Zs-KX5!oO<qq{vP+`X!g1<N3-We
zj)ivbcMNB=x;jF7M$joSq{NXOHNv^Gln_4Zpim1tl+ZD90o)OGj752Ve~n-5r>S99
zV0NbN+m;?w++$~^)|XG)MP66C<?8u=>F<)rn!1H+X8!J5m-pBRc@qi=J&%SwwKGrK
z?^5-8^&dFA1`Jqa8{0xF<tMank{_(5LE3OfwBjeF&UKNQX#EQ|gHGFPBBam%bKk!0
zA6K4H-;*(;9{W2g{3EWz+gkT+_Jgw$Vh`B=?>f{Oigl)C8`etnvU>kCCZl?HkDQ+4
z4mIsiQq*-;RquE$O{Rns?VbI)gy&dgDUP7o{;OV%_;;++?;Z70%Qv>EkMp&92NUwt
zYNL*KbKR}pyxELXHzSTZnrYR0c}!}5!hfRCI~vt5x9QnIYI}{8V5ZjTA(ZCh5+-!i
z{0hZ7e8_pH4%PWDtIJSX{eA&`t<HZ{T~++mh3YeyS~v_si==#Jp(~yn*j1y()vJr7
ze6EtOeon~BzCWzT=Bs$y=G2+H>is-RJ*gi$tj!R9PmQ9dv+DO+nN#LLy{#V1pND>y
z{Q`5O|9;J8a;E(Pe54?XJL9f(7w(FZHgNPkLHc=<>TRuNr^Ng7OE9{(HA9^;uYXJL
zbPj*48DJmv<oP&STd{R_M!k<St3L4_h{YFvX~$~>T^_F4pGdz2hj^>ik0PxYK|t?Q
z;{Kcxr1g}zfdFu0&X}WC^7NFvMqAr++9C}akY_JyTB6KgP8rfZjhVd<E{o1c+;T2z
zojDXYB%XKzOs8S>NjIP7x0{psU67#WtJy8pTf0#)$B^j%Dmzo$`(=&6C{#~+Z#ni0
z<re3bBfYmAQbBJ!z~9<4$|G^_8e@J6r&cALKTJHM^V<?cchvIx(=-F(R~@=;lvnaZ
z^<fT|<t|iz3)Wtzl?&D1LlwGplxJD>aT)8YXVGXSH5rX+&R_09^@>yp)%&q#d4Cmo
z>||069UA_j({QDgRO))7)rpe7C3a!R$QF#tooWU<Fjl63iAuNgIjouQ3+VKtR(*oC
z%Q~!C_9}SNE-P5G>>`lQTlpN;&L<APS)cRj&3w-5Hepw2W1-RRG4TcPzs#3mc^raW
z?kVfAX1*`TS@ut51#7qAux8n-J^36~=369JyA6jm+Ysz(t1nvJZdt*aW&LDsj>BQi
zd{?S38DBG>!z|yMI@g7_ccF2%FW-!ls)oQbiDQyncmay&`PePz9gqE2l*+jZ{c7Iz
zD}3``PZwS(t~smDJO1cb^X0!+?N>OYxW-+bcU-B?`}ivOoJFhO$5Fi(W9Z>M-iy)n
zq`lw2YuBk;tLdD<H;me)VK~<h%2==b`;N|(F5h0g-GzzX9FaTMDP^0aC_jU$L{)M+
z_tB&^H5ApSK8kM2ZK$*)v7kauDXXso-q-(<zZ7@YmEEdei6VDflTJYNO(IP7dLw4%
zK)1wAa!WgP6a4!wok!hVejfF}IghpxyIg-UU{*L&?nojG&PPI)^g7}Ih1t?`cs`BN
zH7k#ShpwZXd*jDG@|n$b#>};5^fv*&(9=$E>!;0Ta}-f~XnCsV|7nA6Y9Jv%zjy!|
z^is9Sf2(ZmO^&5|{Qd=Xh~>UuY8BT^Oa7cN9hwS>{Rbwhw<j!5<~I5E$^QhV)sN?9
z_Zv(9u8^gfo|fH^qM5S90!axmM!m8Gis>+2V<Tz{H*;36+|hB(7VV^b(!T-ofu2>F
zl@Y&X+6%QuWyG%m`BfR~Q;X0Kt7nCJgoIMKcs&is<>m;aFv<Dn)Qj+`v9DA@Fu&7y
zfS`E0s@~WIZ6~I6&?c>}cw1Uqv8oq(Ht2;0p%L0Uo2{AA)_7uD0(BuworGoOaPgs$
zYC=k<%xk_??s3pm=l>(PhA{D#!<G%Fq-cbNe&au~s#!f*z2oEP)c0lw^4nE#Ljv;v
zZ1!2cgvh4tC1tPJZ84d;RS?6?x6$p;as_Ag&P5cF{@*or#0~K3E~7j5T0psn_#lVN
zJl~<Rln_krw{i~csujWB@4|`_zm*`ipUBOGeo1W_f_qk(Nj)*N9>>g^;&s856=J7#
z@E$V83)CT^CMBES4oN2^Wv;F0<+GGf?(OPtD4`mv^N$E|xNSJA`<R-w`f=-%alm_j
zk(48=p{a=Ro@p&qtMYPR^tM=w8{oqRt9F^AK`MyqH+R!mq%K@$ELe$A<}j_Nx7fUR
z&|#&WTYbIEd^*M|pVpsuv9#vB(=15^E~SqXcj1L@vUK^uRmq#$FB{Y(x+hkqy3&S-
zj7#C9*%q~vO4Dx(FH*wmI`@fF*ZW}7wd#S<S&d~C>=U)U&c9`&z^m+pMdsoP{}#cc
zOUwaG&J7(m2lc9YkJaXswtZ!tl8PzNs_L%I*IoUU+Qi1wsrw4Ii7&3(*`Wv2;zy#@
z^=bd5POR+M=0Uiq-Y}O}=j9Jv6)p)&ROZBbEv=|7teP`&878&*UKp(Pbh@LE@7@_T
z=;9-AU%MsN+i_R5$4JUtDyhD<+gnh3tv)PB;q|H1L*Ij=zvs98pEF`nr_WeBk0`Ik
z;VOf>^lM@`H1*Z8`nzQWSz`pTk5|%J?fvQI7ye2~APik0r2RIpKPoL&LadzT{w(=5
zijqdWs6Vbc3wq$VmHX3W-Y&2++E*$$e|Nln=h^A``|1GiK5oLLAlBSzZ#ky;uKEvE
zwbab{qL{9xb^1CBzYq6Sz49@$t*cqz1)|XDy7sj{!(PDut0ro>$<p_6199!T3ANdv
zp4fT$ToC^2gi&c-2k89M*tDA>cQtCRRO}wnQJtBZ38&q;-e8rZj^>4LpAb>4YOe>S
zj5`(aMt*+zSttI-cXhPjzfUMRWq<$JS~L=;{2EVnB`zfWeDM37pyzpJnxoP+K`$l0
zxNQ7aoG^|%qQ$;Gncf+8KL6)F)Ymp_-X;b?U8cj%$cWJw5my7Z3HxCb#v6HY#9rW)
z!)_@zAv80N3a=wdU4pPir@Q5SqBMBj{Kk!_7S+u<w55IG`i^|+K82tK!x>v^{)XMG
zuh!J6vqh&7G}%PBWOugwvS{ev=+)aHuITU<Yi+%Jp!`C3u_aCzG7}JJ8wA_qV!-`?
z7Q3OX=jEj9RSsB}%WWc}Lrbd_Yt}?U>q)1K_v5i0j#_(fr9spiWi*N|PDS69X6;<`
zzKM+OGh6Df*s}h4t3K}Uv0r1xA!hYr#bE-=`+-}2v*)*8cVG>#OOx|fq>5ckx9aEb
z5Q3R`)$h;A^}2_W)~Jq|t|-NlrYObIeb`%K(wymDG2IRaeG6uKss_w;mere0=9ON2
ztbQ$4-%{r$Rt-KLi31wxU(rqo+tu5BIlcUqGna4YtUihPI71KK>CanzTF&Gd>UnQ|
z{#=*V;brRT=8w9370+H*U;e1eap3HA_2sWV?4QRa69Q{2{&@Z@&CA)HgZ`X-Bka%F
z*Z)?|E6x2N+&{zoeDI=DRjXcUZ(qLNZmDLyzAs<4-o8>*XLlsZ^N#;U8?p9P?=DDX
z>a=o2n`zB8Y^F6=t(mq^&tgFx?S9(xb^7_sK0GYS*6C$myXnpTcGH`EF48}4)6D2$
z6OJO_(<UU3v<d$V)y-9u2j?y};W@urZ>CZEmrcm&xi3P~KjS~F)h^E~*MzHAb(z<l
zjlaiv4D0$kKi6Fd6t|Yez^-yZN)X*5s|KCt;>nzy6!#~#d5UdGSz{?yRttU1wkt+-
z_DiVDsvIeA&MmcV#k}ug*~5-cOuLjaq5Sv*BT!u~98@26OLPUg>UZMO)Q6IblHe|7
zM`r)~ITZ1rSs9Y73-5@N%1m}?b=J)tB2$0;A7EhhZyQYa*=4W(io6-gE}1Pqi!9b;
z_Nrc%Q}Wo^CQB3JeK>^utaW=IZ7|(9sy8%n9ibL~T={~ou?)YK9{=mE{>j<?_JsG(
zLG_w+lWxsct@SN?6CqWr>vP)Ub1U)0G_L+sL^T%lZS}_`HKA?NUA>!Et110f=Y0mN
zFH5=IHEM1%?>a$g6n%4P<YH(q7(qDqS}s?;t$CFe-?gINdbJ!H;^m&y4f-k_*a%iK
z3_<dpg+}x}_J-B_V%Ym?w=w^M9KZNI%yVqx>g{E;u($b7q_SpFKl~1TWaziGg}mi*
z`+tOH{G$T52etvF#|sG`J@3a|ZRi{c`j`Fibu>b2FwoVP%QlzsIzhS&X$?xO4vj*L
zO(Q<{JBcd7&XU;p%7?Bzu&y76MNBl$ZoWLjn7dr_CjJINwU+1XT;bf0YuQ%t0|}<m
zo2p0JE9D_#IbQj5pw;;c)&HX31<jL-Rjxm2o7=^%)V|ig>K6xSp+7=rq<PT_OPL@w
zKxl6r&t>)_?YDN2bV(W8RaRE7V92Lgqpy7+x}_seC9;s3v8sAAa%`q!ruwCfG@a(?
zXpjcncZ){D?Zn#}pZ7$@k1Ed?-p)6oYRk39IxL%c>y)=$xu7Gr$p4XMKw|4I|EX;$
zJtPAAg|2Q#tq<=?uvZ?RiK2#&RfBe;%r||+eoqkQ^g(&550$e#!jw;%?nks17+qa$
z=hBFLZwe>MGNLV_rdk)U_J;E5EYjNeU2d5}J4vgkIS!1`e$a8t(=2Khy`rAW?H=d?
zTQkzEO)DZcL1V7IY?qPx$ni!>uTNWLHDAKT>XUZ4Ztv>6SH$j=k5yvU)f3U<pzy*z
z&57EmY=z5Nm%>39q<d`FVai6kx+th>6vjBszF_B?_M)%4lx<4krn6r4GIz$XBIms@
zkrS3lP3QVz?J%w94s$Q|OM7uhyl<|>#yM8g&l}NC;hR=Ov-~6KSv|d9r>|e#o8R{L
z=8UDUp5BKpF4XNV^tXFTi6z-O=!6iRo1d>#g_iivzIbhc6Z13vaf9@ZaAKGF_Z_cY
zXq5RK^{WT|is02NhVyUrr2hhi>MyV-NN1p{h5b>E)UW;+Wt-NVT8NX;s>h4E>OEHj
zin`r1F+%Sh-BzP|-D#&|arMe~@G9rt&a_^<qjna1<%U|2xZ$r6GCmKOIp6F45KNRN
zZb-EzDj!N~>UkZ<zxDpFUa^_^UNcbcL+ugga{SiVYZgV*E>w+9KYX94v|8-zUp4+|
zb!!ddT+z(ywc?zX{;GKni01eUk2pDXe=LJ!S(XTYqCWLdE2)-B8Xh%NH%jhDGvmUb
zR#a=f2c#(?Mr|dQeo&oz@YCkP=h-cFv`^IPfLFJ{Lo|6TUn}h<=jz=?MO1abEINjk
zE9R%O=Qgb9tyh@pRR2fU`@r|Z2!40WzE@8&Z$6LT5l!}+DCO4)qF<eII;9_CLE!U|
zYps6qJ+wd^kn(9I)Rr(;^g_MY+9AZBmx2Ms#78=t+g2gkpIOYdd0B13@~xAbxamY_
zpN8GbrRwXKuSH`O^&X1z`VqZwzFTt;=W+G5RzO^|=0o@|d<lE0JkO#TqHE%KOPqF_
zk#?!>XoYodgW~eFak{-$INC>AC+C9HH@{j@dG$aP&{knh^H)Oq)}idTsDSoF6W^fi
z8_}kEsU795ijL|gR<teC;ZR@flF#3giBo8<C3XJ3+dIczpR3?j9Uq;a6_*r-kf*H*
zwGV&Z+PmweS<!qs4<=nq?Dlz5nrM+uo497vEH@>1>io?nx8zHfk}+AQdd9AprOu3g
z>-~ATwQ|YJPi&_bdV=O0q;QZvEpH}TQr4WU)U@8((P~}$qfgGR-oIzHHl-?A-AQt*
zo@`P_8>dU`(pWXGu4EKGxr`fay2K}{o2{q(<n^<D*-~^OYY(sSSF>0xi<=D@(d85I
z%g(v@Jd5IK-MqFoR(*iVw7+i6Xx3-t*@@ND$ym;3>?-E_%a{%McL=z0=iMgiB%JeJ
ziH|~)@F?S=sP?Rqob6Y-S|hDZwh!~UQtiUq3uxZNrzuaI9D#|^mgd3Lne_3=Pse@D
zgmZ4{XWv{nCCOYD?f%ug-IX6bcZ~&n4Rr<zZ!|Z;ffZs=ikkmEQkwcr&8bTCtHfWX
ztyuZq`JBva-K8t-%%7_*bS}5LeaINv-4nvD{{As<=*8}sWlxvKvQucuHBhcqkOriw
zkvg4fS`AqDiAu#@m!?DfexJ3G<zHUy(Wt#ltBh*3<Y&tkWziMx0fe7A2}{mNyTm1V
zw2Sm4G&mQGXK;SX^Ej^%ct3BipZm0LG@@hL!I^i}oCw3Jt9|)}=bAI|M&9mn+6No-
z*Yz{i*V>Jt8+Cf4)smE>JrE-Z>f~1a{yfg+{l*&Q)vKmfq2!j-`isu;>iY-eDm5js
zOZ!$_`?JkAIo-%KB~wwIuicYIeU{uKoC+-S6D5xxxo{kF)}|1ds;Z|U`DmnC3qN%v
z73`#k<PYd`@G+x0hxVk-FR<_V|Nf_G%0-E(F>$`3bdbA>M~JD7x33PFs`&JQ#Kg&f
zT^qs=(Lir4QygWEg4DXv+}O=6`r{_AT5huEUB*r0E6Is3bUuvKuT64HZNu^bF<TV%
zUd)U7?q+j&(Y*%M>4@he4MsY-4|**>eW~71AHo=%_P#C2L=YRFB_VO{i#9-)iJVKC
zXLsrQ%am!d@%h;7>x<7zb5<D3^M74uFNxZ_MldWj`#YH@<?I9NUqDePO_b{{jc<Ma
zPyaq$Y2XrutGXfA=Jq2{-FFtGO-5X$q`6j}c_b;bLz*%X6=r=|B(qJr1C!3uB6U3I
zqdB3J_R9fhpkAtH&;KQmaEGqCp@68IHs%GM&-LBnIT7*=6`M<?o!iyR8+RlzZzBC(
z!cSSXWgfep|C=A_L8tQUNPG#~zxi_&?AyFXW8J!I+nz)1l7IGD`BOJtZg9Hst@k3M
zRR8eX18AbBuaM*nN&AM5Zy#}_$dS&v?Mdki&?p^>WVFxOu&&O15RSN(+YwxSjuk&U
zm0)xyA-9T<l|F7VGMAc~;C0*@U0cg7&>as0ZG5yUC!`U1cHT;N=+dyC`*b~x{aQUE
zswvMzz7yAtc=f67!|$|usNAag0{7nH_57C1xU4t4{>V|CcLUMtweSFle*gLZ5H^O2
z)z2=GN3q{sF+#LPr&@@D5>54t@h$@rySrNbj)y{SDY^>e2_19APS>`$**RBBtNz%$
zp^^>uQd`xpi-Y>)fvwOc7wZ?rmTG^t-SxGZV4I$A^<cD*1=e&5jdX2Rj-acqZTI9a
zWVZ0Va}9pIpIa7NJdYv-#fWEfWhrr6M`@AIt@ZV{>|-t&Cvkt9)dzhw<&ht7Qmiry
zng=0w(7>p*$!qkt!N%HhveBPjk{IVN-Oj(S4G{!kUddTe|MP!dw%sS@QC-y3E3C|U
z+L~0Txj!AH9r68D+S$(zzh722{?*4R{49?y&C;Lv@ZzDapDXq5xUs>6gz%}Yzs6x2
z(-yg!B<MbMXdmf<M|;K0am;=`%Jofm)MdNt0}-oD)+>}nODu`_7U7fSu=+MgFO^?S
zKCF0V^~!(X!5Z(xg#un>S)u4_=oZ!OebZ<OogEr!p?6dcZSYuYNAj4uzQM&7jQbTC
zL1tV72RO;ZRhDN0C)w50CM?(K{mVDE)c5;x@^rGq<oUMo6UUeO^!^6EH<-;~d*WUA
z$g?Y9plnn7q<td$3HNJ8J;K5+lb*zCKL58Rrn&tNNE4^5v1K)cxIEN3)D;MReAirM
z>n#5NxoPVYTtwemi$sg~^b_hXRp}m(SrBT9V@|%>q9Ln1_=d@l)+B1zLE7K9%<KBm
z;<K;4;8?8t#|vz1-3f^PX$!+;{O&Fx=@xXD3D3oExn?IzT=Uje6DXXJwUD$GE<(gc
z7lqXUq5ity;`KJ~bAlG<TMEXFHD;4c`MW{cRB3NI_UY(TUxhGF34dU&V9nj;teNsZ
zlPb7I?&#z<&~eAD@wq0@A??;L)gpX%M`>)bAU(G%l9-8ANvfPsm0ELO9qqjXdKTk4
zcQx;@l75|`<kCFS{SA068QSTQ#@{917sQzSQY2YIX54!^ftF305oEMh+Vep#gjd3v
z=BQoE9rCkqRoLM?ur%M9I^~fzX$h-8-lSBQiZ>a8xQ~dnDyf`yYL){s9aatbE|HdQ
zwdq_xiE)-KM(%5u*}a7KZ%Ag5g^0V?tv<fZ&A<{fns@A{>_0sQb0wD6LfBK`*`aH>
z8O(z3nR)UpWB6Tj&2)qAD=v=5$)|RS=(~DSuHl@K+*`JCL4uuY(wypE*s()3XNvQJ
znYq>MVf04+JIb{=Q{TRC)^+-514rkdP9bf|33BzV+`5Sp=+<AfQZ)0J5o_$(Vp$Ia
zHIwtGV)NdEdLL=WsV=8=Dk<zy3yuwb;K{;Lf=+09Gu5BpRtF3J)}O>UciZMS`qy9U
z;g;*ZQ$<&^q%0aP>aG(=dop8lbH_2x?^kR+HL@lh4UPZHj!rFWA5ix!*PZ+3H0|eW
z&v`UIF==zW&e(PPDh!awTZ&Rg%!sVeG<&ku=%+)PuiW4MT}(^Q|0z&Gte!|}bK|zR
zO0H7!gfk9d4iKz@Hmf=(B7LT<_5A;y*9ncn-9Y9W?3e9A&}-2Ox6J74wsv=P+Ub|y
zrZ^UAWi%k+!!kMB9A|KEe~d|_%`11U?><YuvQ962$2f1%Z2N!0o{@j}Y$@rk?{V!;
z_jA%LlV{djqUA@iGNldt%kHLTtIienwDq@Z2?YbQ&xT@sbj#0R_xmuPh84T~&dM3k
z*=bOB_5Cy}YJ2`)+sFHScBFs%Iy<B7uZ8jjc0-WRc!<#~ckH}+<`3TwDHi!oOuX;?
z`8AcO<bzfn!E_~d<ej#I8O1TZd&jk4?W@k}J!ki|t)vYQ;gd18YOdZL!pQWdd?*7)
z&4t*4e3&nDps1JHkX(53bU|7-jZ5|E&;t6gMyR>V<?c~e*TARxW&d2<q>myG)f*a9
zzUZyq6B2|=x9e#vzJ;m}H8z?5xaLtk{Fbnk0Xw7&Ao2%{crb6otE)ZCnhuH3d&aiW
ziiciB3~(Ixc8PGWua<HZqZa)(uQ!4eh<rK=3GSS<F+Db|*CUm>jHfm4x|()1gyU|$
zs?NkfjJmIva3B+Xt)oV&`2{Z~Kc&^OHH}dOM7NnI^wInIqSmy=&dy7OkZw)=5=Q;h
zkujs(RKKY9mmLAMV%i{qK&$cN=bd`KF6;Rb{aBMjqm7@VCrizmenelEWG=l{_vJ^_
zu-2?0#F4V5v*0uH`iefLRQ*E#{v2A_-2<k>f7RVVAvC|{qc`Xq8DlK|n)k{}XuT|C
zk1<O;H|Rz6S*ifxbUe=xJrMUMtd^h??#IsElIBc8NZZ&t7;jNy(TA?$z!~#+W`zmY
z+KcLnUbO8LIyHU!bJY}#q0SGji9BNKt3Cc-^$UDiKl_Z>n(cMXi?iTC^F-gB-R$Fq
z`xuq^r*lWZx}tNi&3I~sM1g|FH@O1FfEn0nrTWjePA$*>hjXB%9x*P5=2a2Lg%Cmn
z_2nij9~I8_3{7H<iFZaNS~$z}GZoMO`zoE#dF#bJBpF4*aI@;*xcmviyawh84Q-6o
zDocFu`$<1z{Cr)ZM}c)E=H!~``0yGfC6o_YXRpi4cztfo^AoY_uUtX9Y;&Xi8<VS^
zyCqa}6go#-$vaQwuM?5p-&v)G5<^d`(R<O4QdZkmlonp+Ii0~Zwe5;xEb6HqSBhuT
zZqb>qS=ZSu)D$+<b||wx{>bMx#HK)G=Mv(<f63iQT$jM8)l#Sw*PFbBjp_RhW-@a(
zWhqxZ&Yxk)38nJ4qiFnt*PVMQ6`iX^wZ)`rb92AE;eH|}{lm{Wnt8n~Ik1*$_3-6K
z9GLAwzA!_OHm#kbwEX)&#d!1Tv_`unN|6=kBG9rja2(Z0e&TBW;m6jmz4@c&6Asf4
z4DHJmM(5n{LF<YjcCa2=mwl|3o9qAbHNb!UgQ!b;{qtGdPoMhK)P1v`xx@Z?pqYOp
zWwYNn{_DI$#|I$Pan)Uuz-m);56V(k7Miv=I(&(ODOSBYNHvX8YUo79Ou`k>$~t4l
z{bY6yFVarG&Wv1rHOxD=%Yo93K~qVVH7uFk37X&E+UcwiEu2K}qMoz#>?iNt=l^eW
zD`*Ah-HP?2;?JjsiYbZ-oKIk#?Pt<{zt%vCc|Gjbd?q#3FV_sug>WLSF4Tl!5v~72
zd5;=iM?%br<#cqN*Rv)X&mXaNgj5@i+wAB6a<<{eWx05<`6l^&R&%9{nfX2OnfWmw
z6TziiIiY!XNLQ0DJDW0tP)(E5zRIJ%51aLg`_Rzc52~XFxp2T<w%W`k*+^WBdQg}6
zP4mJzBrx?r5A%ZO(+(7uq>K3aG1!`mH|1yoQ3Jh(mRn2Z<T2N)9Da>YziW@LTJDlR
z6}Q}P1sI#s&BPoL+gEYMCyrJ+<91Hv=WB-%?8V6c7&I!*P}+I^pMBEfzF8BhDf7J;
zo#<LZ`;g;s?qkZzo3E(n#}0;$9yT}Pi;nNivPave?|dPYa=7x5_O3{wD1qsY{im&~
z*iHWX3s8B&UmcbgFqyjm^W*<jzgY%3x*N`wIBlo35`A{r08YQExBr})d};iy*z7L8
zomZoTPl*n3E8At2@~U_n?&(N^FXNm03h9VhXx{Sou}|}7v!gO;Stw}h`*!w&JxIh$
z)YxLTf2tKgr^jEfo>9rKl1&n5B;s$c+d8_+UF#GC@~1Hq<&K(5*dP7z+x8tL;_<&Z
z@sK&0?4i5UAtweh0n2whZMn{o)X9(QWb)R2nW4~~@4M$mMrIjT#La~h2R|+RT3_2=
zY=uVRi==beU9#AA*;pnu$lU>9EowfgG(MH=UluWNexCb=)h4IEOFyMfBMxu{XX#Zw
zC7l`S?<GBYrzEm>Sv8&6xbpvvT=}0a0W_K1qU>dr^>$+xg8!b|kJbhkY0#;y^?R|l
zt>joT2~-`zPg~8FJpFR@J4aDU)n{mN5Hk|I!dXYtUEeuldj2o#3{R#a^RMiD^L4u`
znbBX}lr%<MfHQ4ppCD0%e|GXY|1R%O(v2;N7BcY;XJQ)mGwxWLG@<`+>rPSokT}P;
zy??Ae_{FtXAB&cW#yEGqG?%tiHqJQUh2MS?e;PH?n^9>)wGMd{%e}j-x^;)#GO*1C
z>C)ip&PBTWe2+QbQKFnf$)cco{(qGOW<I%eaq30F)Yt~lW!yEr;?=qYt0`=S(AFeN
zVDQ$mby#Fmf|eg&noxg1{?mjA>ThvG^LCfu?IUO2=I6O=ux&c&=2fYaC*LJ%pUUlk
zhA5)ZtfN#ay+l{I2NbKU`btrvpVpUHm9_NF5Vv%!zyD({O7(qvE?hg6b-FQgx=+z=
z6M}`RP5gj!4!urm{@&eQ{X5-Q!sz!~qO^4d-R+V!Z~eTTHel!rMfm@Z*xhl!|5$mi
zJcat0%9lXL=l|tT)u|vm>Rg}YPai?bGpzahPfP4~5mjA$Y6EF22bJo78q<G#&7&Kh
zJFd{$?Do8l+tU8~cCCv9bm~@!_Jfz6Ha|Mz;RSVlyTYDsigG%8Uv@b<^*;Z9ex8a?
z-<<PS?&XKTRBUZB@NiopBGE6ezZ~YdUc;|G{&5M^c2%oW(9?Jo4ejUCtfh|zKIlq{
zflHxjJR9k1XdOQ~z1CVgdGBS$uZeqs;^@)K)Th(SrO>t{u2W1LXJ#>is}u?($?5q&
z`5?Vp!Y>KIk{$YW8@?g@HbMHWI5MSQl$J|1Nc5J0={zl&7<P5Ry90*4)PTDP<mRne
zG;lhoNogXbiP+CxW^%i`wAs3tWvLay@YUaZ%xU??%d{MXr>&TH+1XM(aioW`J`h7&
zLhCNINVw&Rms)`y|Mg`%of|v*<14p#5eMdGNnJgRx~dNb3)h93!QyMG{l38zb$W!_
zUiJA>N#ER*cr2DtW+2Wq=97CK>s!{xIz9hyeH?D6N3--56sjyfztgUH(YTw)J->ud
zwqNXM&$E;B|F8d!Zr-Tp``HR_!}Gi5-u7YwUT#obp}Rr6pZ~X?YZ$H>3id54QT|BX
zemSIhISl<dktgez!1Z^8jM~O7O2rtecO+}C8~3aG82OLZ4y#`Ge&2%n;OFyo<qCzG
zyl>{1aK}%Spjv*MIjm`3>l;Ff4F5FYW}{Ei*-P!xL<{eMoeWo+P7M4M@iJ=-DjGet
zQXkDP6+6cAeXM*@Qhn)Dfm+VrKHyZz&mVLSYwmQmlzyr;kIm=y-j2M@=yAwbd|*m`
z-52=pGT%h`JbkNK5ap;oK3mSudGO&M1&q&Lr4JdNu{@tVe5YBy{s7spx;>C+?fw3o
zUS6h`?T=JNFPd;ZWOzP(X6y|eLHXr&^;Wq@62^TbZnwM==%@A7*CDONW{-m>B;vMF
zYCJ~~E#pZAPi4xB|7bm+%H_w`vh539hr9QENsQGE^-@?=uDfG{l;6>Z?l*LGs!J{8
z%8lyP`jdXY>9#D6t&K^#L=nN0I<PLgv;?Gm==l7I^=!|C)0!|%H{5)?OW}Dhz1ml=
zA5A`jGu1uux`QGFE8!PW&dch6l@iO%%e#FkN3Gdy`<l*uaxdt@E4~u){2#-`(gNEm
zvk7X<U-W1aogr4^`P7vg12rmLs&`7{Q4E_qZxBc1Hq$!8Wk#cSS59K3Qt>xWxP5p{
zODH`t)A?$Uo$9R!tx~%d4pMt#lSP$2PBNM%M9ZK1>}Q>`u^9z~2+E(&zUob1_@d@y
z?GbIZRjtwn`dyFT*2(&|xmltY)vrYA-3C{soB(?N)m!zs;`?-h$nuy^-t#dC9SCCA
ziJiaZ9-<aBPR*@b`euUbu73g%d~FOtQRMb9e6cEiBxue0d+umfl9h9O03kd&dMSMz
z#8p39U0;DX+FZDBs~jP!KUKD#@uB9D;nBP+xAZ8&kxcF^_nYy&Jua#%J`c8zRp46n
z4Vbve{K(K@mG8S&Z?EIU>zdi>FK6gS{hzhEKpo-tYlC{KFYgs?YtzM7_F_yT#!U}h
z*2A~DM5lT)<~gvxdR@N0<Y`R5)w>?MnBte&J<IfbxjOgilI7zQAa9A;&<*uPdgpyP
z_s-`y2x@-ORy9^{s=iy~Tw^vx;Lp9HkBP-cD`Eux_EAo9HP`c2zK7hMA8?ExVVk90
z<*OAq*Cp)LJ9F0OeLp<4em(2NhpJY2@u+p~`@nZ+y*?;0qpw7D-W@krpGd#q;^85T
zh8)>T?01^f!ncc>mGWu5R?;2aI9&^>U~B)|7v&Cm`X%G);PxNx0@FIQDP`Eu`E5g2
zENQAM`fBjq7>8%P&#L}vz0+3gTOHT#ekv<MUZUo=da&}Abja<GX=vvCKo=$n4~0ou
z-S{kk6wEqVbUM_O^rh;`t|ofx`moKG25S_1-q!Y4?X?x-Dk_~1UVZAXe-~K|9}DkF
z_SbC$o9`(s=NnCWaL)Gg2K(9R#bul>w)^ZmzK`Xx8s81fyTWb@6FL(p-V)ZeVCS9c
zRBwuU-eVVDhmwf76)P&b74%EH24?X5eRe5~_v>Cx+yY<ju47k=wDh&^G{P89^+^|B
z=F)YXk%io^&*4cE=yWIqiFvDV?gLRleYgB({iWVu*>3^8j&mX9I3?X`xPyPlZ|2qT
zic0GPPixetd0QpE$~@jSUg<7;OtewG79nV}g}rSLdn?rk`QBT~N58ukGpI3Z>=i!h
zf};0PHH27tGk3&azNr3R7c8^SlI&!vkA1B_Wo$aDJ_Uzv5!&E$Tlz%g3jeJk7T(|-
zj+|wl>Q{Zx7neln>M1F#ZnRnV&d<@Z<yOwRwtK9W#&H*npO<HOexCQ7Vs+;O0q$3k
zmiw{LZsX&~)1J>x&JQBzr}R{_xZbWS?Jl`-5*JYwag8y@y{#PgIjCOUWc605yL#LA
zyYJInpYQiN{;9;>%l!L-e+o;))$amy;46N=tm7u2zbW;Y>aT0K*cF&vxW8=ms{9wJ
zc6>v;CFO;<v@5v=qd|!Da7^kQp*K8qomtWg=jy|GZMXtK{ihV}Y{g}VFdp>5zs&BG
z?HZW98LeFG%l~q@7Z}Z5W<=_NM%|yxue+1?SABV-=0vr7>uctzInPt;OZ5KK`aDlv
z-_mLQ6UXaZyXIAI(DnIS?{!_n*L^kk%$=$HmD9@4YrXoouT*o+yr<QvBV7E6BRo_2
zFHh@h8+TP>k}^)2nU^gUGt<P+qOHq)eeA>kqRemm%0x?L5B*Guaa}a(ckVZRrMo+{
zw`?!Y$wlKC%fF!K;*5O9_qKj&&tFjXg*|^k`BQuDT-=ZA`3uXwpyw|vzudRp7n$iR
zoFHdhx8A+{QZ<~Z7cW?YGxXvGHJqUrFPzU8_Tq&#yc#O)>a7S#LRjF$!+HDL0n-`<
z^xTzzW>|0wnTzW1ny>5BxdLUoOkL-UCxBzTEPmk*CyKc6HNt18=@V&ZMA^@f*DehD
z_@B$wXY}K0;(m~j-fc@%QG4~4IC|G5x<*3!K1mNqTP7Q%Fz)ZgpH!~~l{<Gn(YZG-
z8s{oWYJ>l7SLarnJHf9vUc3Xu|DLs$`S^GCT28~CRxNKVqYXGpnqH)k-`_zNlnm<n
zUN@(e2E{EqCE+S1<fD8apRYZ#wpCYhxpp+pYfZWMC)D)rcZLOv;AKm;_{WRi(p|kO
zbrqV#^$n1886=Lu<-0=N5lZ3a*6vbpADc>DN(jMZG_Ju*jiT@3hJsrPS1Au=N*&+8
z4aJ_Tz{{bB`c`UwS6I91MxREy05dJ6jjPw2rLtmOJ<DynS%ZIhH{aCycSEJ@k{Ij9
zxJv1MMpON3TDimms!cy0@m{>P4C}oCL~heuNgRt?UO&Y0s+<JF_R=C0-;v;}nQEeo
z`s#{qSM<AL@bvnq?N&yzJ|R4=JEE`c`6=hII<Jiiv9MnWGA@LOJT5{q&%N#OD>i4J
zCTR6e<Z8mZxpfTo<re%LH=<&{SHZm%u*p}Y3;hDZ)`t2vZbL<g$@^AWufwW0y~kqS
z)5sbS>rVl>%;CW33y6<2AY$RYzfrRw-Ybc?y07$mLkP#$QlNEJ_<ahrK8%o`{8E{i
z?mrhcdT=N2xbA+cUX4^KdZgBp8uS^v-}i-7^A~X|^;z}z)j0%O9S7ecBFSHK^|5Zl
z7fdY9cjAJ4#y=OxC5VGbpPV)4+4Fv`df#jxtkt`1NZs3a+9_$Rdf+-#st!D@<ZG(O
zh5xD!gV7CDMcwLaH<`=Sl7&+(uZ9YudP52yU6-u#i+ZkRA@o&sXCbKlP2ulfnwYLt
zxNW;~iC?Lyh2hn!!7ymQ>H@+K(M`&3P`h^3Uy^s3aCKf6RZA%5Hc`y!;%U`Xh1w6n
zsGjRhOBnxtUpcM2(T6uS>8I2}su}iy__vI$R^q<;4ZC}to>Xr|NaD9ff@=BI@1U^O
zyVo}9^$o)JSq-U*f+Z7s^||5Mx%ay;jX>583t+5f>IU`dDv~*SGjd1y%n%lJz8kqR
z>>|e}t8qrl3{-A!+_W}z<zuw85f@D@(_s<ci+D+=65h;76Ai51jB-xPX!)&x{QvCT
z%dcfso+tKwgi;72gb+fh6hcH4LL{bx$cP|_#59G1OAr|y1OZ$~Dl3&nyo&;oN03EQ
zR;eSatJ~dDOYT;yWO?LK4_Y30<dFwf$zu=vmw4p4f1mw5>+Z+d=RSfUvs`&~b?-fA
z@3q(Zy<h9GN7Q?uT}!K2yY8Xs)v4X?HlFG2_SR?myR&CvG3PyHobIkRdRKapsp6Vu
z-1}Td3qBaDcDZbj)u5)LGx1;cvktqf?UpB%f}2m<w5H`3A4wkqDbr4ieeKau#Pec>
z@2fp5PnGNq{)nyPO9prw)mM9%n;vaayZYh0<=W3IT<^Wj#`U$&*|@&e!}T<7sF!Ki
z-9BMZX00iZAEtzr`$GNo^*WA`X0kBtskG^@+@HHCE3Nxp_mpd+o*vq4JGxtif8&_E
zxn3G{q5oa?xPGz~I;U+KR2i>_Y68Is+GoZPXgTfiLZ8w-U3TrMvN_`-{p$JglS7Y(
ze*U%b^Hca)o6BW^((9pnyn1kthwiJkD37Tgh|YE0L(A9KT)DL0-9wLEhhi;_edy;a
zmYjO5HFOWoua9Ky<osTq8MU~#`P_AH_qXq(Ha}|DHlFVN^4T><`D0U#qbF-Eo-51G
zou53HX@jPtDH&`$x95e10>m2bdz;r>f4{GNXTNy(RYd@-miH#JP@?VecOH^HtR9*s
z=*?Qis&x<VcegyvgDuKaNJ+dW&O2LnrK`8*ji)h8hOh+uAqc0@(%#itPiMnz+4q{X
z+gv-hd^~6-#!cSmoRPdrPaK-uir<i%n!vYoq8m*{gUIx#;!I&wcRs1{Z<G(XQU7J8
zp3I$0FP`tQXwOufxaFC;Gb`OE5=i+YdcIdeS+{KYYg%UE)pE<GN#i~ve~0OFx#hUe
z^Tj1oLd&C%;XGf|RrXkJxzy+K=u3UhTCS(MTFXeO9B~nXN2d}vv>s!&TAV%`3hXni
z4uD_=?*R~`^+6EK`n;!2bBhhT`WAWZzpV?`+vt;MGWCsUW0RG20q?-)<wdvtd@`SX
zp5F<_=J4ma@c2L+4%Np2cpRdS193UCj7yW%F&;Qvws`$S)0nxu=85t2tT&&sv2%L0
zF-(Dl+UpS(r<Mm<pH7(-M9(Z~P_$>5@Qj8ePHXbCT2J0=gUr)e<h1zo;<Qtn@;cne
z+o*WJ(`(Kj{PaH4#QRW<*Ud!lBHjm3&C|C^wZo0P4etY<K7eY&(+5*+o5alZMW5@*
z<3)N8Qa#t3(Ua@x>TP3A^=I?BZPc3T(dfBHw(C=iI@|J(Z7{WVd)O~7fryT7w4KEx
zu`p>ntI(_`<hMaFZM_G}q6J&(fA5KtQw#R9inhdmgY8?bTQpivBUD^o&8RwUv95Hi
zJ#oWlKF&HTpZV))PkS}u1IFv?AP0`uXZr_^*SDH+twA-dOUMygygA46^{RZBQ4lLe
z8(PabRi}OS^`%*4+9)^ebKG*jKG(I+L-e_BxrO^fg{9jfL2s<9?O)X{n5m4RLW^0)
zR%IR$<@GwhE?FE;Wj5MQd)XdO9KM(RB8pirm0PteWmj%8`Cd`sy+ivOl|^+M3yedN
zVN*d{qPrYTv@EgV-n26iuWFma__<KV=7;&!f~=O}kFPdqYD+YmU0BDX4{!2hGBLc)
zDdphfWrnSn)ubZ7clF*`ME!}GnCYCEnL;yj;|0>!D}y$V*Jk1_*KCQI!`Js}(Z8+e
zICbZ33xK;fH#cXP>okvOF>Raiv#ln}(Btoi8s`+wY#Zo)sqJ|7(RXl~IWoPRZ8_Nw
z*LrR>?p6s0^X3+v?ib$&#J#-TWqzPvp!@752ik^+)@Es5tncMM9^<#Q92%T<wRMkX
zUu&xhXIHEG@kiALjV*ZZ`UU*s=h__i^f~iisVbPsmV=o2Mc>hg50Lq@dvSP{$9DbI
zp&B{8+H`4s^>IDS+fJ9HU&-uH-|PALSU+kyd1kNrnVwe<wL9@~({bl_o9*6wmM7YF
zH#O>QcT=gJ-7V|Du1>GA8Lm!YY<pzgxmZzO+N`P?=X<_&k2NgM%$`ox*mhd3M(w6!
zCra6C_i*}~Q`5p9aC9e!@uvN>7OPsmqx#mOhAB=nsAg@aJ<cF|B>je))0S=Q?$PPk
z%dN%`;_hJ~+?0fE5N@_yf^d7Q0m4Yw;UHX+#$^bXT5dwPU#kJaNcrI)T+)bT2$x!J
zLbzY6)yZj0Cr+F~+09yr<@Re4uRm+?Lvz^KFlTAHIc3^8-=E%End81#+P`j9Ycqy#
zYYnUI48ygV?myJ}nM(Hh$w!y(&idGZc)iDc?|Q?qUC;kEVjH7jvTil9!_((iwZ#%e
z+Vf3A%~9v`>GA+Q&DQHn&eYt(`pW%7>vnB58maY})~lLx+Z<_~2W{~N>nCeQZu7}z
z!P+{W^wi)O*6~cQZ}Tks!^jqNBN%<3(Qzw`+72-Kwglt&`WQyn4@1XTg8{~TKOBr{
z+hEMMO&F)w2N-kxFfhg*3^3;V;b2VL24lW$!Z^J?z?kcE7@MxN>sE3^4!Q^1y$0R*
z-tf6S*;;q&6=-y1Xf?><^!n<dp-t;)(5M0W!P^h*o1Qi49_|b=K<;f~u&UY0aSSkq
zb+z8;x2bRGtvfl4G>17YR(ml>zPDDxa|7&=`r%GDf^2?oKghJ*A2Kb*komqHvL@?G
zkZs=E4q4jn2U%JSkmdV!$eM&NLAH5sJ7j6QA7p7UK$h<dkUc#0<oxtlqPj;n?{CUv
z_vnC88)NgirM_D0;rU?I^2qU8sg?&f37l%yE9Li_b=s8O>D{^fjPGvpaC~=@j{V(r
ztUW-K807S1jf&MGwS2$N%Fge}?>;ThZ_=>QYoDj?Io)Mh_BmCYyV?`h@8xWpY`E|4
zYuh3BRu!&m7<=C<X2@oN;mTW;_vhtm>s~I-H;`x3^7y=)uWP>OMsY{Z>nuSlR6i(N
zEpL9O>z+wwoh{EQ5vS_69l&5kb~}t<dPK>|ZdI!?LD4E4`Y{_{YrM{l`!t$!d%mc?
z+RE|v<ZfNbp)afRn}<B4;$nq)@^u;dN7akftsm7JNNPpF;!~TO=wUxP;b-UYW977<
z>GS=_r{La>OPQ`#XmB>l)#`-D$E^qYF0_13t)k)B*6%M>O0=1;DercsPvc0d5aG$E
zef4WNGikApAE;e*Ps}B2ld5WGJuNQG+iqewNa2VNzXBhb$!mYf2i$*NSFD51>zKlA
zhv^Kskm7a@dDAMjz47rE-RVeStNjcxk!ld5e%8pNO!o=tAD|<b!wF>b^O`nkuLfs#
z#IzSz?K@~#s6o~W#^;tKaFfFAsR8$%-dC;Y9v}M9+BJDvs_$(=-1qf(c44FfYF!LE
z!eMMJ`j+SBTvp+n9@H|Xe|jHVf++{aZR=2`({r5WFwD67_Ok3)jc@0Ny%2h^;yu!m
z7oxhB%B$*O<IZr7>pNvF)d#y%e_ns-cXpJpJgk>j29UTb#Q~CQJo6FP>w8WGZRa@R
z`q?^4=R{@a{#r@xe-2o(>NHwy56w5#OX=KB+dYykTWoz^!ZOs3U31!&R}!49-_(M`
z_nzWM?Bl0PeLM=gaqYRuS9|G8Uz2^_RaJGZQ6)QU=9)tPyxe<UtzA8sbqp_84+C}o
zd5>3j%FYT$KN%zZd$)Eloao03R|bpPoyndi$IIA^wRr*>zo)0YO7XL=RLjqb*Lv|p
zvl8SZ_Axc(@HEzfc9ibcTdvgl+7qco$GVc7*dg{Q6hx~N9lUB~_am>=w{gw79fAc%
zbojbr@z?8<b<Ymuj!ldd+R;Vcy32=`wkBthdv;+YZ+EpLz`HvNwvrqaVjBl)h4uqa
zr&!N<+MREGWV4)6Q)yqSxsx5d?C#2&CH|t;-3=p!u7BD+R}j@K(>;1<a?;&T;&Y<h
zZe8!S=i#Zn&-2Z<)M0LQz*}mx{2S|0l>Fi5cs-vUKnc)k7YQsc{?O70do;YiY5r&y
z;ljLsa`59iU}h7R$Lh|h`aRRtj<j?0=LRjxAxdmVHYPR-t-gGtXh~97bT4~h-8Qjs
zm2~d*a~~{^)$Q+8dy>J@yuR++j=;C8I?hv)eRu38LJ^!__2-q&HK8Qwj^B3OmsjdJ
z{C~fm;ALZ1BVDu#MrK{eBn=EymuofqkBi^-01PxBA34&9zsbvx;28bDr`p(hKcAWi
zH=0x&`}oyrKOb#V=ay`Sy?{pWx4jlI)&Qi<SF<Xlvis4s!jm;_M~FARkQ(rhtvS1f
zitp8Vh<^`cop`h{)k0N-@tCVfiA4bQVzqWwQ5$S79vn^UE1M$|+UV20*1oBrYhwjl
z)w00>s(}$vsu+b9%zNi&#ABFR?H;^RV~kzMfMs{b7nLGxzc1w=$Y1r2E`c92(p>~K
zDvkSXQ@36wm@~}?>XshvMEEi|m*yBXdNgGoQ;)L1HG$lK<Ld4aPIW|YqgO$C8b8NS
z;vO*p+h!ovU5&s}G?<P>KNKI}ii!>#m_yZFLs|Go{R9wG-VW2<pbX6z3I+olo)u#B
zVtwy$r8ly#9lm${2<)2^h-)1BTaWPO;d>M!9<tXfhwt?-3iEdhN^W6+0>5ZIF*{M*
zaO*^!2e~Y1&6pj~^JzVgrDTwyO*ksq-O!nj>-hutxADw)j5#gi=(>kKDJQfkgMV7r
z%DA8Yq!veP-u+2kO9J#sADBMZJML=#aK6tqPH)C>f2qIRFUP+V3MGt!@t9)1pD351
zxPTIZw{Vd)W0m@l>IYhM4||t{E6swW&)CN=%PJgZq_frQzGIzV#`i`&m+*_bibY`)
zP~lwHomqY=9w14^_?e>Xoi7!g%k6#n(pJ1#6261gX}0s-(#j+<XvYnKA|)2di4-<H
z5B*;1eZw9#e{;Q_&}UjVKai*PqYZcx>P17y-`GllwAqVrZV11+dbQ^^{x0E35(Wv-
zVhZixwZ?L@rs=tPG78eUM`Fo&WFc1Z;mlaG8nq*zz6nwAzggdU;!<lRS%vrK-CtH;
zEOwHQZPsNnZk^}xN^z{aqr%x|!M(X<@=*QkUaIgZ31`9_K4z24V`^>EINqpvt4%++
zBqM{?b@xaKTXJ1TMd#IFf4INh&3^~q-xeL-uP}Mc;n>c1i*xO@C+*zGDg8;w5X+In
zZ93ibXoxUUEKp|os<w5#Tm8J<Te-mV_6VMC=ap&|4?BLoO%|{+r0tvfd!i^z)>4v<
zR2!kYdw9|t(hrjO@<`7Nc4dlnAW6!;6gwHK_1~Qze8Ujvr#LW<Ns~mM?f%>H8Z~8g
z$0s%Z@MPko=v$-YIO_UkSxZr_XMa_=qRjifCG0kmw1a#3sXp!vN6=LC*?q<?Mt3e&
zM8Pt&pg(f|YT>MJ5m^$z7Qag!LbHthR-cmnrY}H#Sc`m946x+a$>lw_?rWoe-NwJ@
zY|!Dy*`r7KsSSJ=FIBPXLM^4Wsn-z)idH_qR14Y8Rk`=Yy6-rEXX@u%wK!Y9CMnL>
z?~DA{42Dbf{Paifjs*BgwLep3qi5=qNuP`TXtim6*27V;C`)*Kuqg2}<A|Z<3(5xX
zRdSo<!mro=!N1J>T`gYN-nM(wp#)PLw|#@}Piq{wK3(|xgaS5C=GqH&{RMP<?I@gE
zYI~u2AAX9rubrt;Y}d9}_oe#mB^NIg6c=jjpVp_Rd(PNS{?lsb@0q&$RR3#>wI{Rz
z^;7l#Xqc0rogRA&tBo0nfjOBlX-MvFH|9r|2a~Xem50r?-xYqm$q%WxP_T5by->8X
zmDRFdT4s~+`Qp)~`j2y@2<_07Zh9$*lTEdzZ7<c|Xjxhxg>#-W?MlmSyLZ|h$sot)
z>a#6eq`6Lj{f;s_$Go)Qh?*R3oGr*&q_|y^H`{jaG|C_Dzhi)&uCa{AR^ru5b;Y3~
zs86nO0AB27ouPlk5e|Z5pcw9)tMQIXF}irQU_T7SHrswzd<OWJF)ge04k<oc5dNf>
zLNZVCS(2ah5{c$0eW|X}16sgC@i27ZrMg2)@WC<%oWdV=_l5d=bR77;aP_A(%F}!O
zv95Zgt(J~kmf0@?_>NpZh)PGda5#Bb3%A*}`_17!-rN)NC?W>@INS3B{TwvK54==7
zyI54bP}eRLWpNKhU#f5N-0$;epfU;LosXtVk-Ed_(o);+ir)bL;iz<}C`wZ46{`QV
z|G(2~jR=G;@f(h0a<p1}Kb;aa{G@&_6pcg^v2MH&|KrZN;v5ZhGU5690g<t89Y-EU
z|KiESQ2bJSqNvn)m|~LiB}abGR%`L<t&iBKIG5o4zn48ZlFy1H98MRP+E$L-0KK*U
zjN`@n5sXnxWEQFk$dUMk`oUlVKy9t^be&mdNDJZb3c^tVA4@t;AJzUvmJh3`<bK+A
z0pY1o95x*oo;n%{$}Qgfow#nNV54E83rwW7@-mScEyP?AKD~%Nb#gx6=Sfi=X8Qh<
zx<Yd>JW-5K1VWalC%R1x#7!)~fmG1V{y!N&2nF~T>o<m<ljjlynA|ki5Jm@K3<Ugv
zAbj79xHZW;thST9Y1{7RKkQG@@B8jp^)l8V!^@wh5Ru$}AerJKnw!XtpGbajso4HZ
zG5@Faoo6DOWKcGGwnXGi-4!p8T!Qg*-4)^GglF{%%T)Ewv*{<f4<DAwMzluHyp%YE
z?(i(>os7pDiZNZ4afuvVH`?!k3lcv73M8SH@{7<GI8btxg?_OJB;1wQapM>22bfe>
zsQXOy1LdeUH+iA@{XL*CW&HfxcNL_gYF?HVPqk@VZn)I8``ulF-Z>h7eBVohk)mZ|
zJO(dA%;=?vOdg~r@KXIJaI`DJs>USFq?`2JotS+lT`w{y+AC&c{E0Q;b|?M6RR4cc
z-;6|yi8xJ8je_FH1m(gq2VPE%Qq)L~`9m3+OoJlui{eD~MYcx!`8&=>&4c3USqPM@
zF_je0S7qiOi&R|ff#lj5Ify`!fyEd`R5_3hAjJqOr9wteCZa<cp)(dB29i6&DE7o%
zo?1@`gB=t_9H^gvG^F^$tK`u#0P=Ze=I6Irrlq#s)x%f2->8wWZELlsHXy2WZ?@~6
zBkyV|M1!`97%vw4#hSE^7bXmZhCk+__~Jfy@1J&+H|OKyQ)M*bNp&)*gub<49rVND
zm9wg+_mAWf3&iE|=IlYT`0^9|*c7AL5H6E*WGO_^oal=M2P;591f$6$tLo4{&AOz%
zq~EAWTq&y}8fLA~f?bTIVnGgq99B_SN|$++Bw#GqQ8~+Q9)`2icHJfPXRq1Cm;}KG
zWAJpr#9TD)&@Ix#T8f8Q&*bBJ(UvSEZVPV0c!r||@=w=&Tt%a&>k~tynwA4A^unC%
z_d_B?d9nG)cvxoR@GO<{S1-I0-o}ve5o#5wF*#U-U5}T6JzP?8ia)@Mz`_)gQCu;K
z90^^t6ISsaYFA=ZxR6x;^~d`i1|yUpVNX?$@M@JyiMa^1<miYxj^2lnglRjo0tZpQ
zafW7x!-<`fKhh*xMn33JA1zm}d@&6~OFT#%jXSgi?y!$ssrIr00$=e2t)QFoPtSX{
z=-T(nmWcpF5egIjrlw^K@kD&K7=z3io8+-cBqw8om47cMR=q~P5938rBr#5`3n|JN
zTqJ!kb6S~l^@?7sC90X9K@mCxcNsSQ(;wF=LP>nZfx|lXkzLb|*r=qudObY1$RZ0Z
zJ@6O5(2Z1+IWkQ0jw)&F)L|rT+OGS69MQP=iPY$66nU4Th`DHmC=WH!0nK2H9_sIG
z72e6y!dF?Lmh4!S2l`RaD%D54h?jyZ=_9G0Pw_$Wgbyr-aEEpanMAbm!_-+=A3+i6
z^vNjrb+jLSv!!$%X0)7@1(z}Lix*@A_|%LNeHFDP;1lJ7E%rw|%?HsO77N|T8fw5s
z@4OdZM@x-M5>mD8CAFtm{2T4zu|a~~EGsLEcAle!WS_ROh#*SD%@)%91fBHL)99vE
z)tzsFVr+GEIx#<-XaXxve_&;fl$U1fYj*lbHZykjU`d|0>waS%>eha60i<M&Rq`o#
zq^g0MB$K|=0<ys_mOuE`h<J=6ctIa{Cpt_XNEiD;N5Gump8Z6xRABs%lqF`1<)v%1
zF5VI6$tF1hi;<5m?TtRh#v%5M6=IX<E=q_6Q@LqXMtlVeuTqiNk@-oxx6A|Y#kpuR
zZr6Paid+35qggFO&uAcjgq!g?ED3F3dyF9xru%f~sQ5|p4ujvcU3c?8V&Gxi+d*v-
z5HkbBk4qC2VXE+mm@>sghha;4PG}ierT}|=>p@~;;z!9Di_SlarTKpJVF&qX)MD2%
zJrRE$ziu#+LMM1tvd_M=Qz@A7uzE5}4@}a?F3|*h(^he<2kG#Ez<!is2q_OSOD--Y
zVqyi1+!lVI7?VZ?i4cPhbg2qNjw=4#<XEg{3FV&n&)ao3|1VVh{(pE=yo?Qs?MD3;
z)6k#H=dnO-by++M^2FOD<|i%sNzFL^8;Q$K-u%C*8KdWcxJu2)Zh{V1b%XgNIHDlX
zND>sGB2o+#uF#$=g`?nU=Neuz=$xF9fEf-)U<tUZ9HzbqA#<NpLI}*k34=2s8`1O>
z0p;qDtVikAE%4DS8(I=bf(Wg|+R#sy0=RGz;1H(N;s(As)}5FWaFK&N4?m-6d<?I4
zG|Puv$bFDypSSCNcQRr4(Ma%pw#HZKB7U=pWD99xm`Ek7L3T}3BuF5S33`}FExE^}
z*$Giyi*><1&kGJnG+8J0tTd;tC8kB3$`T{d?J;||%Yuk%NF9Ti%$j=e3$g&n^Q690
zlN3PtbVP-|NJw6oyo|)@4MC8I@{z&Bw)`|pLOtCVGm&9e#VaIyEk$^MX9<I8Gww<M
zcs@!a$cca_3^o|21AKmuwTP(|A_&#k77{>BlwWY&Rc?<|K#w9OX=ZN#=zDwxA|(8y
zlu{Y}uxU|U=z%M4)MQtjVPwI`QFV%&&;%xkj1)<eq>X_((E1##sT=Edu`JYVNkW=_
z7m1iF;r@N~)8njctUT)ZL<mryT@{gFe(upUn!yY6n>+y{heJsciHX)Y#h+&$&QmD>
zN(A*EslbQZKm`P)k3uN|LCA<sY^!P)XO&tOumKDy=7A2}1`y_iJ{lv+TOD#S%(Vje
z)%qo?KQHjNn)h0Yy}fNA91-TRzW*OKNN$e#)RRyZ2%Ms5Awdhq-0mwx0Q*TbePn59
zW@cjwgzp+3M4ag@iOM{kVBT<yN}}mR&@Hs0TB+(+miXFX<|KA%SHoBRjy%MoV*7-w
z5AWZ)JJ)vE*s)}%mEEjue^uK<J3V@#Hunr0Hg+qZuvyiH6K5EFRLGbLaW&hvvVCmW
zHZ~qG8~fTh9&P)lt#>xo{zdiSR1*8WZRv4pkBuR&*kpC1&NsG^Wph)dZJ0LbI2oW$
zm3-6IA*WV2zrcpew#9pV-7~f%4d@S>YL=kyzI>%`eYO7DqYvW0uBV61Ku#=R`*vzq
zzAZG~1SyFMyiTcT8&hm*X;=;8+cxDCh;{}*chzT9vK`9yrVs10&1SZ4whbEF;mKyc
zY_;hwIFsea1snck`x=T(&ku+IoUN9jW-00uw!7v0BpdjQoNagu=Vd=UK1JJG2XQYv
z?YH8b+SV8TQw1Z~g7ra(Wp~n6zv22qfA>t@-1|$<XOrO<^*<+qv<-vpY%ILUSsU-H
zx0&ZGC1*O=$UV??()a0{=a7>$Y)1M`QSrm-DO*%+(P{?{IO(gqkdre|YEUj?cnh?a
z?LE*mVmO(pyLz;7254WbzIg*%tUfJ1KVBz+*c$p#f33DWo*LsbK;;RNobx3}8Xk9d
zyMDdLv3uL+@zx*`^kLuf>pI13y7g>x)BXUXei{XbqZ+!MYyb<itiYyzN8*OlR&vJ0
zU_85rqaE+8H-POHMmEX9Uyt3T%l)@zPa@rIi|xQ6TLW$U+d`H5=8$@WFnSlqpB=w(
zdrIr^oq_Ww`;Fh;BG>I6j_Yk>bhDeU7LLQIZ!eV2kp3It{x60te}i3{^2)dQ`R;Ao
zAX^bCHK&mCR7$QMv?bBzJm-jfU0W?je7KInprRM3m<@d6^VHfoMa@sN?U>D;>6Iny
z_2|;Jjk@jK09xnV5WHqR@Z+QY`Q}r)w>LLkzFn9{?^unT{r2|4vutRS4?Pd30u6Fq
zk;EHy<3=47(^UDZGPDGcSR&Q<_?G5A+dlEJD`<OUhe4;HW6O)B+;8+RKekKLD+iyb
zV^!YkL8HEJuK~`%aNVOw7@~62*!F(4nVP|_cFj79=<ObA40fuBR$N8*2s|9+@@=uE
zIWBu_y;znQmC1M*zQdEB_Yuoi)g~nCo=6|lvo0bGLr-Bu_Xv@7Y>zWs-sv5}Mw^GQ
z<?R}g$bpG-jAJcx_i)2!%l-ZswJB{wmo4odTfQE8{Z&CiAd3oH+l2#O!@GaG>5lsD
z5%fi2hhcqM_<m9UXKwX@=`(2ZPN^x*ftrfHU9gcv)u4j%M~xT$zg@pgX}bq=r*V36
z@6oYp2J;w1bZ=4-x9#i%rpci~41^IV9K+E)!7!kGPNHEfqa~D*43PrLTS34>+LGC?
z>VGIOhBo_wzp62^PZ+*yc{~~Uh#NpZFww(3NS|0XE^ubpz_bVRnQi>nhk(%e5MbRq
z81E5xnofLFpX2grl~(kxdwzc@MGyTlP<W`f@o|IQ`GcO1i~Eb72dLK{NcZ?$UcRVa
zKdCl$dN+I3Q~y*j`l6(cQBOby9#TX5$tD<tHQl{$R=|6;ey`WDv9Hw5^Lk139py0Y
z{ia&rpWf;SsJlH0uR2Wf@=pC9j>gJyXoB6eXh9sz-8<DwQ1*_GgD{7zj{6~bUzGgR
z-up*{Yt1zZ%gJDRh)h(QhhJDrBiR~<XK_+p?cYxjPO1~?4bHeZE<s9z(<n{|>Fybi
z-kpA>t_w|3nbZHM4|ld<+s&{VdhZ^Z;_HrsxDpt3b;KJ?=2r3L9*YWAE*l*jXck8u
zNy`Z*4f=LIK&-kka!L}}kP>wFxi*o=oyU3_jITMct(|u<9`$<lrrqnaK32WvY})4W
zX*AsfW6gM@!E-NohNDTltAS>?vK^M4^4?yeFz6e&h9_6g4>W6#<Rqk>YKPW4y{{tU
z4W8C6T6b_jwmv!NA@=XnN*#H?pB0aI!9CvH{Es`uJlU<GnDf?TEZS4@iDDSYX&gow
zb6AeJsX3YVdbRQHA(?9vZiZy)klPV86<z;gJ47v@*>>m$q70caIGV{KSgX5-+`X$)
z^p=FWdw3vhV%2Hh*gf9Fbz4w{hW(kK7am)ixR#4vtr5SiQwZBJ6io!CG4bjV!B=x)
zO&n$c$#dvG7`kZ>1D&^ocU88TN2^ouxL6R(qTXw7l$<bDsvb;sGp6mh4VfsTL1_lM
zFGbK*d3mTw+2%-<!8|cnarnjD8#Tv!tV5(LZx&~b_)<UiCw;!sU=zc~FpVo7f&ouB
zNf{l;MwzkuH>uK9O<>?fcYns_$oF!JhmD?s8e^ZD3IpYh*8<sb4-5CVoV{7g-0yZQ
zld#7LokJ+|LFrPohu(IlgTJvO6XZHUOSmxAv+hU94x3R%%j7!UoyPdGoXi-bu1?%;
z;R|=JV#8UX7`(Z+1oJ4})!C*TVj1&0KdZJisb4uQ9jtk->enapHcySdsXn)Rrh$fg
zij%eIaI2~OS&btUaLTn$UssjdA$oW_$|CO~m9BQzn#OUiX%VBl)Dx+YkCTr@6MTBG
z6!40(M0xZ~<ss+lu8+>SSFoM)J_R4$W5e^&Ul_!4hQ2vAr+d(I@7GT>;N{T>-JMC@
zy1QOnCvn}Kj*F|4K<ngtZ(BT3QxZ?smG0hgk~jZe+?m`js^8aoOj=k^%&t_M;&ux?
zA1kc$dC4iBD6gX4@^uArX+>^mQ*c^6G?uy6X3t4ILUPD$j+txJau&Jgzb>iiPG9TZ
zER5eMjD?K;r`?~_h>^-~d;28#{gcAxbhSpIb0szA*=V=4duOci6@c(YEN#M-!FrGV
zV@8TkY`W(uy14qgf0$3`%)gs7v@Rpd4NN$mt-`MfjZ8vjrEE@uF*{|-&kR-8YMEIz
zEp48_9D%DQ9o@Iat4+9>__iXz1Zmc8o4B-MFl!$(la*)9u$TzXY=qg|%*pB@znPTG
z>P$0b)*EDHo7teOBr)roDbdWQnHx4&=GUqra~j$(2!Vylo71qS+Z=QjIiXC(HDh50
z&ishURFp9v=c)-AOEyfO>cb?v`MJznTjCLzO|$w1vuWbCsxs?|t$WfZ%*{cY4@6;8
zwWw>(2?g*h6SZ0OM1-u6F^&~a)(x7wfj<gcVU^i(ytQ6XON$BgZtf_{R!obcqlqPx
zrrO|bM%0HTGFhExq)^^k9^cSD)WJ>Dqpsoy3Zfa9vjibBHmp_!X_n7es*{z|R(6?8
z^PL2cj!c%DnIdI44Lj4j))ASjG7apzC*Wtc4joaHl=_ROTG0iVf<H5;`b2%bm@X&J
z+Mxyt(hD=PS*k@7G9ycBObut<u)lQ0ylwPCpXrZ0Ta%#g&{}U<7i@mb;tbb4VHB&5
z%>~1Vi-Hq5HGQ2m@L(f@IE$y5S3{MoG=)Jpgac;y&;d<be|iT6nWY(7S!$sg2_<b=
zR02Mqvdj+;@D@GcZkZcNgr_xpT9Qg*;#}6}p*^aRF%Zw~(foV&Z&ve5^Y6zd?AU}I
zo3LXO_WLwp%vm-{SecRad0afF&kfK>F4z(gZjiCgs%WNNfRsgO36$K=bzw@DI||4w
z^$||QjAk=bf-Q!cgX12B3fVAaWUINDc8)e%9TNm(E2*GBc*TiZ<{{(|1Q^LWC~iiG
z1OuUjWpD`}IM*B<!ptWSibG+{TL1<cMqM9Z<kYh=293C9E{dD8Hcs2DE}Pr*@%QfE
z9=m`dRN}znD3%%=N3q9I>>oOcJ$3<X(yhAyu8X@9xFqM`>SUkUIoLAD>?`D0WzL@B
zlw@#n2}>>Ir&;$c4~q-q8ac=;dzQy=h_WVbNWRqaMwz2r+vqYT&P{Fu3i)MnQ{3hj
zlaGO#+s|@-IgY%EE9EZblJcMA`SNYG6xo#QnLCvm$uQx>)q*n%JG0za2*5dOElZOJ
zTXyY7mYodB;$%6wahn@QCvI1rC5v}q4FXh?{~DdMx5WS~$)RPMMo5OOonS_`ie|E8
z-&5_#a%q&%YqC=zglZ3-$Pk4OaOC9mDdQE6paSlp4SM5|s>l96-M>E$0eZ#~-{TPA
zI0QH@Wc_0(WF3b9$05LR2yp8mfGUJQNikX-B@;919@)|@_)#km;s{^tZp(y_ATg!n
zOgosiQhCwNk1$eLp-v&>5&UIZOI<}sCYTYBnG6xu34H{UATqjgzcP6$HwxTFRBJJ|
zk~+8qd%g>!)KXF-5kM-Z3!MZ`!ZG7zf=T-Xu_!0}bY1U4LYoc~T&Bb?%uE?xaO`sm
z@R^=7IRkRkLl5|>|A-M#5uDjCn&3;|nqX2mYl6abf?zjQ9?<IFj{p{C%Kn+yGBF`|
zM1xFcWEufR0`i2-0?QWa;TFun4Vs3xDi#`NB1mt(3llSeVLY`XJQVc82p`coW8!<J
zX~>NrG}B({a{5DsOqK{e$(Jxa`)a`oB649A`zMVf#6_J<^pFjy0?y#BX(W|1H7lIc
zA1Fx~*)$?ZQ3F*?dx6qeutII&G-z-Kzf!pu8lw!_;&M_A)2Ha9FZ&WBPo7PM4lTfq
z!zc^-q&wLiX7mQLy}&3$=J8ic)CL9lz#EdTN(o|#7HKB4a3g1M@d<<ymZU#ujNUXa
zsTHk2EvZOkA-#f=M4?iuiEz$zs6=4@pYA^#rvOE~<0|0sT=wx?w%Slk_Hh;P|KAfq
z$5p^T?keDM3UHhPNX(8?fIq$zK!PiMkxKb#Ya7iHNCu^KK1-RT5>gSVy?F*Hmef)L
zi*izS35=9dD$`~#a==TH6^Wp9&EZHA8A-B)Nn$01OA_syL@9nXg#by4v{%9;Rg$K+
z!h;k_N(YwAAX#mggTka_5}u^B5>4r$qC!ShJ}^>F<<v*Y0PvNf8AHMjIw_oAw2}Hr
z38izAS&6XpGpVK#ltPk5`YWx3qhu0I;iw-=W~|^vQweKI5t*$4JIcdZ%AHg_YckCq
zN$4~GgF5gHFS3>tjil1r<A?Me&Q`Q46DaGzHN}O@`{ns0nRu;Vbk4jTc<?M`33#AI
zQvH-}q^Rcd+-v0+X)Mkp<&^|WcvEh`H!_443Kr(jK&lvmu9*o0Ef`YpAO$2358#E@
zsG#HnW|AjWk2Fc8-PJ2@kw7v+w$LmE1sJy#vRUnnd&(L)ZA~9wGLm0c(NaG~HA<k2
z+y#ylX)-cCrwqo{;<-6EeWs*F#!w=wQ-hykgc1pvlIkmMMan$u$;>2@BKnY-Ph*o>
z<(z0O9Y<*#fj|0yLg9r}(%cl`_Ada`;X)4%8$#NC))#Auy`65|d)I5xdv-&%#r-y^
zWWV~b`O0oT%l60jhJ#ORFSD(~Hje4WvwlNO?ZUGZfAav38~xU*@fMHq+n0y_Z4Szg
z!&U9;wgJW_0$XkDFMhS?plI|}(bK-~&HFUwseSI#ptHIE`770@jX8F$+u|_YO`pwC
z*@l+go;D2RE#x-Z*jA7&b7*1T<ggK;9egnKU0X^XnQm5CZ1c%ZVLWUdLucDdz+z{v
z?M^l_w0+Iv-LuBGg=yHQ?^v3bYa7Kfbltza^|9<K2E(V-H~tLAiY#qw%J}Up1Y48d
zcNE4GFHK-2apPUJa7R_A6LhDR+I~~_+IF!?>;G<w*|^<d={V-x>7!8f`71>g+f1^H
zzj3Z<;qID?<Lyvw3sk=`@nj&}-oCr}KTpxKXNCyw7E2;9pRL)FU68-7t<=N0B-zuG
z-GKI8ovgNPm)`Y4G$-9$DW>N97U#>HUY`#`8Lrp9p07vuhAqVr)hD~v?lOG#?nKe1
zy{88X<-YCZn=p1WmNuNXL424#2fQ~aXa7^fr~6=8akJ5REGV{|zgI#%C~!NNA*U3%
zW25@86BDMPb9eK9Unbk-0_5xR7q-OFxOVEmK*Z^BFh@iEVhz7(SDN%~j!GOhS>AoS
z4EyVAA`Y+)&+pIhLo?@ZmPZ~0V_9Ht)95#Uw@kpXVV+7vcB9c)Ce$vu!IZX5_;xH#
zcZMQ)c6M{iIg^cqo~+~b{(hMP+vH|UkMANm2Pn-Jg>4cshT^u%#3gDtYz@W?TS?o-
z^qg?<SN*m4Zf27)3@dD&uMO!Jz-nvZ=6NFfZ7*+I6?f~&w)MEX_*iLh&S+r@ZegQh
zZGg_E*TfCBM|U3#n^d=LawTqGci+@sxY#brBM~l}PtVrh>4_N(6527aiFLXk#@Ox_
zHVl8W4c(nNm7{xRGY;IXXPtv0Qpq_#n_J0iqxsc?;s3BkCGvqhF~W}vZrgUx*VR+~
zoyWV?&HsFuL7(iA7b*?=O;6Mw)A{byIAI>ZE^0&(nA$Zi?42XG?KG*)V7$AOptGI1
zU}y5wtPke{WC!eD6`PDXW`6hJ_)IK2kVnVYJh;ye@ctN_ap3*4de;8kP4;vT5~(fs
zF17$?dV<6_ydUr2rckpJ3w}fiKU^Ajc4W<o3i`LSyfhxKr41)a*ad~omTR2CzmMuW
zON?61(_kJv(>*aZ70V|&v>oQ(RbZbk81@AA&K&*GT{>6^p6kz#Gea-JaN0!9IwTV@
zT3wx2hhJy*P6+89jhW*mh9jHM^7DEg{+{lhU-C}ku$((U`q7evo#>M<N;jAcCkcqx
zy1N?HyJwpoHmWnD4p+&6SiBf0hSMHT)Imbd-l&vd=jZjwz2ShbmL@IrGCr4bua6rq
zRwQg@emFg%L8R}&bc1h5T=>_VpwP}iY0@(ou@falaS0O7mV_1D@7%62b9~k&{@s;~
z5WbIT*DL`SHc**)pW_jJbgvCPjp=uAKU-nDY-Po5fb4qf=QhE0m;PR<6FIsI%~Bke
z=WAL$>wi1PlJjY2tbEl=!a(CTQajPKWa8Pwjycfv+mc6m*WD+06ME2v_v+M?O|6>p
zn^w{HP083_tCo7%q<;1B`4pn>U88<=JH{I*J1v`Ze{;F=Sm#k#{iO{1d$ktN<7+!P
zQ`o7@(M}K<yw=$63>LR|u{(!;8}Cz2Ih<8k>T^>Pj?m-j>m`ve9W3QwdpASI?j(Jg
zp8TSo(aKq0)j2e1!~)CCyN8>{xl)|G-j`;r!8%o5YPWt@yGupLx2gyJY`6M#7S;Hi
zka5Ja#dbdXQa%6Mf`EN(=fSqzj9(Rf;B4XzKGr8AcF%1d64*RWi?mv#x#@Yj_u94i
zux)m%(PRq8m~Mm3no_q8u>11O;@JB=zdopA{X!{zmwZN-V1BLVKs$XWQB_J_sFE_I
z5nC-O5z3NW@6W?J-MdcV!KZM;F^Zx4JpOhr*k-$-p45H$o8LEP_rFy<7x8>rBd2)X
zz1Mtf^CUMau>rR->L77BfjcokFdpQirEY`ljb*IjxjKNc@l6!e-FUs1(--S%)12?!
zcE5AG#@uSZ?{vgu`N`)MA#%zT$s=)eie4|pwMph<kM!N$&64E#?&DSrks!0rIWT`e
zUN!F-ixgf>p=kUXbE&%@C*s|~qQu=jN8hC7PRx(4{B^ZbE0li2D3v2mOwXaJvz{Kn
z_4YLWdbYdvN<HiJz}Sq~C%Mnp)gzyg>r*WB?Sy}=f)NNEZ~1xk)+)c<vsY?7RvgWF
z*LEge4!mSr+OeGaPZ<EtRm{KnKQJo8d5aka<HqN~B0>t<&4e~X+XAaiCz8};NYy#l
zAt-98#D@j8Dn|?8yPN;%`vz#RMI_U^0n`#?BTYh@ZD8kn?!EU)Q4p`m3fkuY(OA=g
zx`W*~n0$@Xdq)$$eRwV=n`}ihc34cZ$?Y3GtX~zDC4o18mmQWuEa|KHR12CjJ8BL&
zZ!5B>-2Ae6baTySQq7iH1z;}Pk9qN|D^U3{gKbVbyF|^}o14y-1hcbdS<O{<7hWh5
z19z-~gSj=&yIY`=loq`A^Dy^>Auspj?{=sig;0FOlqiLBvK5Kk;c|U;)Z$XF-E+6n
zM}w(5-2{ZoFdn()JOT?9%|UFcbQL7tQReYH)pXz>{5K7WlwRQJZjy)oq~dFv=4t#i
zLo;X?Gf6+;|I6Z$0>u~gtITn>`&GBv`LaGWBg*(F#Dsdypy7sz5?8524AqaTAFueR
z+TI;?@Zm)@z=UYdSRF%@ejMi)<2L1Vdi$a%QU@~L_@-Ap7@*v^KgUK=p~3OOg&Eu&
z%Lw!1^f$+bL7j<wN1c8A`K^w-^wyT8(Wlf&P4?ZQHA5lznbUYK4S%{WF?DzRWkIYg
zhR@@W_{AzM;q7Kp(EW-b7}K&H1v>=%(}L=l|B<K6^wOrBJ3K({kjlI`pu3~O=tss7
zT&+9bj#eAc<Vp?BY!9_*%(N8QYx`T*`vXVk9%g<N<#_C-nP?(l$kB<>OuE=Za!0wl
zg81{2qfGbE-GupcGX<!kb`|S}HqE~!lpfYbbe|j!O7A1c>HVMgr8c(V=#altuhO_O
zlY!q>PtD;hC5(fw9js}$Gw+48?AObJgx&dZ+11kDwN<`e&wp62jY;^%k6Uvx9zBxL
zJ?5BJu9juPBWp+&+THxuyTusH(beFUHy=mJaR*HdL{#E*ab+f)=J^k$V7#$?NoXp1
z|M=1dxZ7BloZyy6s*`aCd|w?Y^_p<?0)S1z4UAd0y7{k;Lbl=Y+e)<8*p5u2?)C(h
zP=(95jxlp<N3UI*9!DKdQQ`DQNAEHAQ+zYXHXAUFXcH|6kp$1(50vY=-PbGTQC9z?
z+S84x|4Jg$!hg0w8G492mP+*cl>RM?S&I~=N47SNM4KgR(LL7s%z711OHG>1{Gb>8
zUsnn`z29Bg_FNNTBaTzyC>Y*Ny;gUh2{o2dBEg;xr|j!v?5&o^?9Q~HdRzOA5ze=s
z#x%J!gJXjRe|v{TkQSp^)+n^K?9m=piyd9FJks9CEG2Z`NoUysX$h|TmRDNvYAIoM
zR|<TyG%;^i)VIZh7B5=FX~CogokHInLu=ozWthgzB0>u&E$q$G)hsE_VpGdwv&=V(
zSq0&6u=o-z7L-~_3^#$hC94+4X4$Oei)|sNF)Z=)Y!;$g@MuA97GzqYnq8@OnWBrO
zsVI=8$#$-052PU9LQ6Yj!JqxamVbK6GEpf*7FeR5g`8QI>wb0!qnd@Xmf(8MGE)oc
zEpc`Yt+MYGJ@uXaotAMLKg&Ta&a{*`*lK49ti-0h@e)@p>x4_C9uMs&GTpte?ul&w
z(tvwkn|}Yn`(?zO>pW{$*I(<e&)VPhWrZ+8w(g<)=kS=IS-X=5sX+HYDym7nEI(FL
zT|FkuN#57iX~|`U>|d23kQVjX{r!0wMRERA(PMSlvLzme85^GF3H2~u(URbZUt>I5
zAd}SHiQ4$q-Th}pXRkv#S9Rb&ua?5xR=-jA9Zux#zA=h0KIxKqzWDisSN!#mddwY#
z$}KbGnHZ$0afa0tr@j3BlW7HN`sOO;YmA)~$|&*4Mr?JwR9%>4I41vwk@j&ImF(Sh
zx~S4qrhknKxeKiicz4~^X)S_Nna&n8C`3fdc(!z{y9lbW3Em8g(aKe+Q;I%G1T40{
z)^%@kZs-F4ffGYiHKqNqG~`0HPfu(vh;UQ@UQV{BP2c~iE7kj<Y4cDj;qcb?G{Npp
z2j+P-M;J1eHI<xxvFp{=9{$!if^O)Ue$3|-NsOc*^hj{>rPTh+^`5_n#iX97)9{T7
zTJoGX6XMs2qCDEf(PmXZr7S(o*hy<2QSpU6t=%bzhU!%dPVg;D%Z&r#lu68szR(v1
zlG;Z~r&KE*UE3-6+VZS{-)KLt*~UIJ+@l>Y*LbZ+c(Pkv%GK6p{PLiI;^TlLln|er
z-?40|Quf!394SrGM*5l+O9(R6h;YdBZR8eG?bJ-;ZckNP4F0T&8Cu<%uB>~w`S-$u
z7mGlHm`)8&tFADG4UG?rnT%!1c4Gqsq0@cK`PF86FqPs0o$+bWn{hrWf&4YmtVzG2
zNQ^uO7@&OwGl<Rv^Zb7OXNly3vX(esj){5Z%8c;iszqa0UOB)Vrxe>)2)+Z$)?=T)
zQZI5I8@9$FhF~mQXX<;K@a@V(Qw^q3J0?2o@lso9=CZ+_v6lJUT}|4y3BzXXtGQv^
z9t>Kp`o5n@X)uiUB6OE7)>EW!T0xClYqB+{Cxey6(nG*dhT_fE_tbGsX%xB+loGTw
z`pg|Kx%bM@7{O_;%>Zy)aWCn4N|Uy5D80N<%S||-W)9o9_VC~;+D*;Ic+A4^?#QZs
zx|{#oEA_~UzBK3Y2sp$NHHk>f`b51`kGHz#jatvxPVR{k8Z<=moqrw2BM1}(2f(dW
zi_QLNeS)$!<}{IGcr$chXtji%oF(W}>(;zaQz)u6FSd3Ys<|9LEIe5xyIKtFef&A^
zg$3sug{61n1piix83b%7mUmAWX^0qyqUGiUQ};}uYSHAFmFUvcbm7U9jS6EQJW-K5
zYE#pl@|${}OaI?@-+WIr?tg#(%$&xX)SAXx1PhgV!8%kV1YV_-?tz&4zo@4N-`|~I
ziqH;>5+BejX`1x)<zs7iG9BZwq9`*!J|8Q?vH7GH100d;&6s_&=({SHaJ^ut2<JN(
z_SVC)VJ8cqqeV0hT(Gf}dA5pjA2*mWW^S;DzK_p-2oJjS>&g=^*RPDXu&Rg(r@cq#
zN?i*andAb^5apBFR|~Fb0sF?@`VY8uZyu$$P$SrHD^&F^^<LW3Ue{Q`!;xUlD2ch|
z@mb${(I~ig&&?hBrp%C`rD9;cyXexvPjlXx4vNJLeMw!jtKDlu1U&>6n{e1*82J^X
z#c8BZ6QC?{Tu3>J$|$ZC-`=ZhDY%ib!G33UKlAu_+=`21N0v#7qWljBuc3nS)Vk;H
z@iuvSpmjMp*go1lgbaJ`apT?M2ld%#_hQl3`hn)r8rE%`Og63xhoyGiRhF_v<a1lW
zUTx$3IPh4{$v=0wC}V5+d>!1OwCL_rrJ;F#^<@ji$WF^$;%A4v;K>@Nwc8eqOgC|~
ziC0`~vU0NXv-%}^4SmNuOtpUMF&h0ZmsFuF`OE2hfit0uiQd(ZHrs?tyw1<oICodZ
zq0Xl4gD(}37Su+&U+lH(QcopqYF)t($7}v<!8WOPt^%fiy(v^!v&nX5c-w#>`KD29
z0nz52nYp~ym^L4Gs@_@E(0WxY8x&kdK$&Y6zZNpu`}}PYKLz3?;UmaX6EO}=rU`c`
z{AY*j6P03UhxzMdA6)YG;?S7UHQJfOjn<4*J@MS;6Q300&5q1znjPUy*l)-}pWl3X
z)9Ecy46gP3{qyHfb*ua4*SZV0l8aXF_wAPCeX+Muqx!x)$0=dLQRTCHVzZwn6}A9J
zVME8&1G~LTFvh91f)*sdyi(t9#Yhajo!B#x`W_jH%S&yR`O<j3sm(>dw|-tD2y`0U
zWVDU6`NUNJ!Ib@N35G&xd|%z>ew#F}u5H4*iM5<Ru9=&Q9cZBu3t?$-59RLFe$r#f
ze8Y6w^EmTu&t2{vPG-Z6Sc?x&AFW_EukuV?m_7x*LrF6(cq~=J^3|3S3fWjddOYBr
z*|-$wTOsvI^=!npzg{ZLZ6ri)rF{KKnYkyc##BVi9gh22-PNA$E-Rk5$%erVe$&$j
z73Z4u&-<j@blVu>?wM&n1D^Ber?$Gnx#y-&Hpn(d9?ITNm92WR$F6&9X~o&*v)x_I
z+jKu1Eau>AO1n;`rzX7%ee_Gw6}C6;4X~LwLmTv$u$sCXk~y{)MV3Nt;pgg`pI2y`
zci2z$Hz}UK(_O9e5qQdQrzMd4joBdV?s&OY&AqaQE>e{d$>w-&|K)1)T>b7nxwG_?
zX;gS8gm0dz)r49fRz^AtW_jdoPc;m?x5kURjWw>oHvNiq$s~qEdb;R5x|wx#u{E!B
z-RG@fG$a+R^0-^x>tgYiUNvl{s|MLwRpOV*YI)Z>N|_8cmAGuXR`)q+C%?kiOSN)J
zRe8K!wfTjHRmtmJPAjsqw7V~#vf|WQ((dB*qK0M2H@cHG>ip>wm4-)3TZ+}BD890K
zfBR<@fSY7qhIv1G`?DJF{i4nbd-iO>^4=KwpVly^)Qqlya#~0r8!08UNmbes4*smT
ztjP6pJtK~5H0wSe#v}=1s)56i_94b=+-)QM*VTI7^Vni%?6C}XyVol1xfKfLxij@N
z3??4y2WJcN?)21Sz>#G01#>^xmjoUcCyf2jU}eWEP>b)UUZ^Nx@CUoqr$t|p>9N1-
z`+dkt(b$LixYbv`RDL|_etn1D_|mW9{n5K4IL1(Pm)<Ifk|CTZ85={JZ4>zIKG;xe
z$pdyz9F8JAmgn@unptT(P|mk)9=3brT0t?MH4>ls-aKp3=j0rQ4f<XQ4#sZs*mSvR
zuE?R?8>C?F^EZpk@AmL~P~6k|@Z<&z51&|5lKooX@@u=*Q)G|d7^DTItW`?!l75n-
zu{@*{FBQ+U^;ca_?*|$*6TUyYQ|;PR=~Oe=27DITW{F}Z1{$qaKN`m>6R&?+oZd97
z?UMj`*41r#`gzHXeJ@^a<PT$c9ys(>LHR}XZmoJ7EtX@RWi_i^eeX<dVmLqL1nMrW
z*J{0V=a%|tMSFZfhhd=z`gIqt7G*Zq<+Z00$(=6z9c_QQe#ga^J|BHzx9l)lW+gsb
z79F*cFAD*(9i&Pd*XPo)nb8dKY51GG!NM$lwqcRjYjwU|PnpSGa?+r0t!Fs@;#Q$Z
zne&^{MSAZLhBm?)p8Mu4x-;`D2SRtLNp$mR_^yNvv%#0~4*2m@{hgM{dal$mfi_F0
zpSB38mE2zKdz`N7p4*d>%KPY}NiY!=Dt6D$uVgm%qn;9np#32x!j>hVyKjTq5A5`l
z4*6@jno~2oYqWQBE*7Wwkt}ln>0klahBhky>I4=vEebp_w}-ef)q*|!yJrkfcX8>-
zX=a3<M&8ojvrAjtvgg6H5lH5l*WNnSH*ZzOr@7WlzAw&Ya}$C@Ee$VzXNaJRp3hGE
zKa$?Q`HSAp@MKeqlhp%lTCy$G5f`Su*L){?ZwqtwYrw54kdLNKrhc2{P@|YEw0h>1
z`c5_)MVd{?BB;UoZ}h+S<hGn}D8=(yp@?ac?o=ByQyIe;i+EIK#|D2|F!Da&jMrm5
z$jZ2G>5d8H?!tJgvRxf))HayA>tsEPt<e3mHD%bE)Si|`L%l#kJ|+t*Z`m`njK1-u
zd4_iVND}thn?<!IM_@z|6_RZ{63Yyhwt36w^Xalk$-tWRPG)KoZ0~zN#>b`6nwE{F
z;X93VY8zflBXu8LDY(WlTx)e$Z#_)7<xJj7)!*PD8mGEj_QUhZut6)=+<$(v#gXKo
z7AA{xhiSR)(fJh_3Oh2!t$S<xlp?ur`N24{IaI%oZ?gm&*5(PG{gBH&PBm+HDEsp8
zdm9=*S>SQ+rLsMjYxGoLy3eQIUoC3VB1=B6mi&)*wuut?U^HsFGL3!5wO*VYGQvdI
z<ypR*k2l`P^xZ~e(H2I0ZaU%-BcUtwpiSLw)|CfqKObdmS)c6wtJ;(DV!?+OsX2D{
zT&hac8-2w5Mz^}tw~OolFRcIXtpC5*t?qeo(%QFbeGPPD8?al~-z{7B+bwe3cFZkJ
zq^|DYoI>p`ZeBYg1#kYJ%-Xnw2FMrIKq}61gh|keo}jOtq;{iEL;s}8Ut`k!NuLJ)
zNs$f#t$X;o8(+IP`S!x(+s@?Mi+kTf-f3SU@}E?Ixq9}EUaeXXxfD=M*G3GfZFkSl
z`iY{roz?E#Y#-KK>!k&z%{Z?O>CWMx+e{2cP+o0)B+#0NtV_xEK^Vuuem9I;&^^QW
zwYlIQmWmFow5)f-8C@9e9LWj&;^mS+j#Drw%rH#`x@I)yl-#x+iPUGON7iR_Ke{qg
z?p!Y;x_j%`+me^nBYGcAjoxiNL+*7CzEWn&8hU@hr2ND5|GMk0Y`=Fz!|>LaO8c4C
z`G}`R@Js_{hIaKgFO(I@Db7>gY;FlpkrR$I+Cc=2v(ocm*pE2+`AbD7>7SGlhS9Ol
z%K~N-{Kfu$iry{d>E01I?pFIYsU-v-pnJ0JUYboFo+xg$Gh$w@Ct1Pqf{1ZgT4$#`
zFFekk9HR<qx$C7qBEz%iAAGr<8nBoI6%|k|Q+z+JP759_9BRe5-eo>McA`nt$EUbR
zfRapg_X@o}C>noI|4T}LLAu9|ann9*3-zWwZP<ysS_0QyXrGQK_qUux*`#~6ct)y5
znp@jLbNxtm>+!}LQkG@zXp}T+nEw9pcPIyfOKD*S?=4#|{pH=Mx4X}j-e+)rCq9`B
znDy85$@L@g=|`uloNVW=QkUggEv4xm-<B9`q#F-|r1_)9_mpQO&)pNl6G?hnDyjH3
zD*>F}*0xy$dNof%x>_s#^SVB@DGmP3wW>7{eZ7q{-d;5KrKTFT6+fm6Sh`&n?>6`O
zS`wCRc(p=9Cho`O`4og(Y}3}$mS=w!l;c=gL>ynnUdB7%ph<?0yT7c~HeY>Et!_P0
zpZByOx%bUmbkEPP98s$GwzMBf7k=3$R;Eu4NtG#*r8Mw#dB>dCM-wax&`L~`>8_e$
zd5GQTL9-mIjTBAjo?p_SVR_LIEwtyxo~!u!+GC|h&FkhxG)uCaOehmTre{n#wqkL-
zT{}x{_4s(n*)$DLg5C<N-J?q-ZiU56_N5Tp%_im&1JK&;v;C$c#E3>}x}3@T=9dS$
zn2b?6SSrq%WNd!F*3XU+TXx$6>83NAn71FWKQ0ys%QnG7z*7Zc9BZBTbZ_QTfo5$?
zw_~=!Sz$w^oZ7cz>Ljt5pFpx_tJO{gl}KZDEfwzWqoed8lpE&jLRL((PmPiGyJeh<
z+M!%RJmyDLAWl6g?D#&%GQGb#Iql)#7Mo+NF6>sw>Trf5nueX`d<HHD`~8f)Fr#5u
zE7_jG$^FB><vL$ie8<OZXDQcs%hk`_s-IbR^e_5!>uSN*q^ngwH(N~2T2ra^T${^K
z2P}hi%i)Qd(?SA#^FLpi5pBu$sMn|zP#85Cc}J#LSsh~Onh9Q!<gh$@=xbO8)UxIH
zLAEZXc%P!EZD||kvWoRejE(92O%t)q+GVIGk@TBOZMKOc(~$ER2G5)+oH4EyKi@kR
z%{q+j%+e@XN|>Yj=7O(>wpitc<J=y4qrSI;{`PNOzUP6>@oJg%#m%cnRMdOl==p5>
zth!m(=kvFsbg<!X23eYLrN$ZG?@mv@558xMqMUD0+Q27qXm(3|y*ATrr&E)&?%AcM
zl)V{rPGop;9>;ap+j8rpxH8Z$FAKk2{k7_4cWHocGjcfWGVt!cKdXv`$+A5sd5r~-
zhu<h%9xDpbbyW{>jZ7nv$lz$l7GiM9(YV#=rMQI?n9_R>t4B_k!JVGNeWu@6I83yx
zewZBhg|#&~(fw)lccFIe{Pz*!)aJ25km$c4v9bK)>b{w#A8!<lm_{w~b}HtuS@1+D
z3V+tO>N9I$30*5ZS-tdh6`GAXR-%-Mgp+}(dAUHxw6p}F>knQTKg(d6^#zOPC#@^7
zyk36bQjzG@V&g!h?lEm!x;UKe&=N=Efu(z3xF@k%Uw!s^eg3G5=1Tn1882wD9!2m+
z@t&;lKB=oW3gah>URkLo5by5txj%~N!PC{sX5rmxHG}Uo8low8LlrlL*sP!E$H6|`
z;|Jl>)VjM{%a?l|b-!^&n&kJ}J`AVs3>1Dz9jtBO;&N@6U2Y{ku+3+qIJPDet=%*+
z@kYtU&+x3J;7L`w$M?TKIM?oh;nYS7!?o7Bn|g=SXQe=2td;1m>S}lQ3l;y7zH{BG
z|Ljns;j=e{=DMS=o>_l(&{rLge)rYUvp%<H^EuD@+@AHhJ^O0^tTk(^yM4}D_4e5s
zwtUVTHS^h9XlvXr+X~<T<Hn0dVN!v5pY<Fg4T2J-)HjQdqVi@)5^Q9Yrr&K<Kyw<7
z!D`1Efb6MSch%;`@(PEd<Rfi<tzChW?erq-jJDdhO-5ba%lV`L|4BW$dVB8V$r}uk
zrlrt8x<bKx0%bmVv#U?R(5GOW(JDl^KW;CQzkXT3qjX_xP3RPB*iO0Y_4NAkIxa6b
zivGM??T0Xs&d?fmfDNHXC)Ve1_x)`-<#^s7UDOBe=M?V`syG7TvP&1{)N*~8UWsi;
zUN&}i-CcXm|ADq9cf7BmtJ3eAWgTjN#+gBnrw%S*Z`19zM}hw2^Euoc9b1shW;=Yp
zEa~}YrD?ya4W|io+uG3P!n%`5!JE{l$D9Qj{(ALHaz@rG#iN5Wsw%-<T<W=L$#fq^
zy9yI_UT|7DO6@buE{#BPy7n1*Ed$zXHI}znyR7-*OL78ZlekbwfhMa|kH&$k<>k6H
z2l~$+FY%XFjQ6cHijK=Xq*kjOgdSQ>C15Js-95vO!{U6M@jD)&*_ISBQG|yk)%)eT
zDQqSkV$J@Wu6yT7!4+FaO2`O5p{GdAcn#?g4U7+Ti{uW_UaB73YM`<ZSB5(+;97zj
z2F8uI7t>59iL0lJ<DOy#a2KrcrH$^crW7W~bT9V1+nrKzdcsrsXtByr<ZhDBZ)Xkk
znA_c*yS1aUcJSQ&Mvatsue<KN=`kH7NW%_3bkyS2iV=pF9wluMv9L3V6+|hOAl)gZ
zdbdBFH0j4X{Yc&0tV~{FpbGV~8pR61Ow8cmuqJ1qz3LJOhRAD~*R^<I=T`a;9b1~Y
z>er9MDRPn!U7=r`l~6yDTfX`7#llO=oOzsh7Y{!w+M^XMwia=JPItfi-9axK_qzF<
zTWaQ-^ApB+eYr5?srv8N*`dTRua$S|s28(4px+6f*>L5ke{Rxi-o5mEr~V3AxNk2)
zS27VGIo{s_<`?P?hwd~2XRCU-`!n^|X{DZXHma2dP6E}+6V3v4zNm9hZC7!{2wpj$
zcbmNQ>6HUo<XliM5ja;@-S?|E_<5bZ6Gfc{`a=EMxCT#Gy=WfZ&TtJCoVV&!RycT3
zy_P7q|4;V=@O6K?+P|6UsbfYQoe|iCsRY1Lv@aF&90(M~IdazluiB`j^0BTsT*o1}
zj@5N6tz&WJaXu3ZlY~V0scPpC-b?kALt&`^5g|at!*$cCj?_4azumt&7J;6Ww_6wg
z&?3N!utTgOi(tz#5o8II5)wG48nbRM)>RgV{a}Tpl`L8;i&vnqFGSLL&`w}xeTcOa
zqCJ%-SZ5=$M2?X3)-?UGO3qAX?Lb4NBz!Ee^O{+|*lg!kOGcfaOsJ`mE9S}1*QhL`
z^N|@Qn{u77Of8&@?DZ~u1dqYWn%;22^8P>F-yN$!k?8ijqhl5LL#lv1@xmr*PZ9X>
z1Qt|~*P$@}3xcS+@WQzU!YHbhBi8MIPgvyGZEEdls^)Mcz9)XG84X4ye$ExWJyS}2
zsXkHK9Lz3sa@;xSjAaDZcr)+{%6xY;d=5%yjs#}R3IAwR;TfN&4kJtgi`I-(7CibZ
zY~0@f)N$(n=GX)rn}8Cre_CGf*aTP+?cEMIn>Ro(Ie7`32q{KPQJm38OyYHK-nt;J
zV6d1FaYs(S)JoLBe7#tAWrDIiCWqN#&=?~Iiy;)bT<BXea>f=hF;b2p$-5)8Fs67)
zFJc&di-W+H_gdt-cR<K#ML{V%%R$9lNhJm|31g;OI-qY^F+<2~imMpWWVrD2t__){
zyinwHuAa+VJc579^AZusM@;vH`kdGjozNmF3jATjSfc|+)8ab0IOl<`U=X))4k9=I
z#dDw%(Z!gHVv{$ciKtdunpgPA_4A~ph{H?vk0WRo8i)uFbOHbN*aZ}kj-$Y17w}Ij
z3OsfJf6OjG2E;+g5jb{Pf^scq=o_cUL2|KN6Zf5$Tyaqxjw&2Cry$|wPbn&JfwB{Y
zSZ*tQaylHEjD|ys158hG*Y2q3rAWa&rI5?H8_kb`P24}X>`uzfoOwQjUp-Lf#Z4#A
zk^jh^lyve!s<?jcmKz2?OcYj{o0S#933RZK4Jr`9PHqMFl$|-&mwJr!kdh3^0xM?^
z7GVLZxgyI<u%)mhloAjLJ(QCK8HzrF96=AtaoAqPmFy2U1SQH%DeZ%a8&^AZ1?+;1
zlznhQ(5Aqy+Nw7Ndxa}JRYl$Zr~CKEAwZGnI0QHj0ggj}<1Fx>N)~t=0thMom_q=8
zQ6@@L^v+C{P(y`8$RwN*;t8yTWWtLCeYq~E6N(8d)OOTugg9z50w%LfsTrl%EC3UF
zq{g9+VMTy&Ng$@8p;jSS$-(==Q<Wd#P~L|sOcb)E9wQJE#t5iD0BUU$rl~#&sxpt4
zCxvbJZk>XPjj(D6Hem{Gbre^HoeA9pS6QbZgcLwpGojL?l>kw#CZVA)4%P|()Y$}R
z!a$h830+dn(o%g()k(0d#*>*r{hGv1h0Sz>&w^02f-wyiJmQ;RG9f3})sEU~3c;z6
zGV3JJO>5z%@Lw$p44EDPUBW^kDco@ucQOqUKDY219pD5qp)w9g9@->|zO6z@O)3&3
zw9VXO-s_6ip&@#!Z;>w$kpXuyWudQNqJK1lv6zeu;3Iy(k?f|L2p6q|!;ud?k~Z}^
z{0Av5h;-=-RJfjmL4A}w<B<9$Sjcu}i_t;oOoGu$`a*ulEGla0IU#=D<r`{}n+5}2
zK|Lvo7?Z3T5oD}W(kB1OZ)lJ?XZWj2!Y2|3tCl>#Ajyt8BZ;7Uq@IqF2(Y4fYKsS?
z0RQ1Q1?bsxyc~kq{Zm;E!8Ifs|6`pCKCS{XpMR_qLB}b;aSCvp0vx9R$0@)cX9^$z
zk~~ZAqzlp(DW`--N+BVU{8?O@6h#44iX#~}lOW-+a6^idR8LYNDODzuz)FNt3Seu+
zj*>fbLDG107)k(H*kC3_!X>SeVp-6TbX!uFCI6B@z4F-#($W_TVkMv!i})lF%aRc(
zkM(lK)iyIJa82T!1XnViBn;ju0%Yx<<jE2bMGk4UB1P~78`}v^m`Gal)0UwmnMN<z
z$sDAKuuzzgBpOrtsL%pFfAwn~3KY_P)PbvV0Lmw+&cb0>Su}%+D2JZfNhS538K9);
z65!B5k12*o#>0UuenAsyCz|=B5416xBxN)=2#+jomV%=%+64l<PC^=fh97W%QKU=~
zYu3q#cnW&urOdtQA&I;qPLf|m75I4u9nj7yNIa1&rzj%rmi&Ss#TT-R)7pTUJVkCq
z``Hr^I)yIaOTrB^ypoigAH!YTwD2gJ(BQx;vY%PfU<EIbrPPp;7QRWnji4An!*GYL
z(Jtelg^~uUDyCWB4LiN!EeTX&LScL%nMvzWhg{Gf*U*?nqkq1UzAU*)(FeDD0ww+P
z{6Rn6->#5Yr>YP-#zMmoc*MsLr1Br~S)_^($Vnx$>=j87#NSk22pv=qCSt4-7R8Iw
znlgq0RzhFx1CgRc>S0;_iri`|*ozH<`;42q8#pj8tJ1JT&x{?zl!dk`HXx!*szlU`
zNs=si8m6XNJ<UKx+z3Yu0tlEO;WeDVtXhW($jqqd4V8#}6dzSnUt$_4R;o@Y<wy02
zsdm>LhJ)%bM}Z-G8wfe*BJ6PS1S+5fQw@UDwP2XfIO&;8o-+igQlS))Cqg9xz94qU
z5JKsW^+H5UF_d;}EQCp+AF|6@5F)+Arn4?Y18YMXnntS-Kw(d>tPh>dXMPDW5D){9
z1tD3!=nP>}1WefuF)>3AS<0t;8nO`!EGAGy4(s%XDa1UwMi5v9jE7MKARdmuM%1F;
ztT5K_1}W81k`O!sP86DLrbI>rEBJVrES&@yJmPJMJWqob>~Q!%)QA_6U}q^G3V?w<
zOYs|XF%*_;OfcbJV8}!15mfF+P^eBT#ljPY=j&iMaO#z)vXAj(5uWBP;+a7P-tdLQ
z#6Pj2aIhYscA)-U2^End0K$<l!0lK9q=Ynf8nl_pIQfJOD!v&iIu(t@GCgy;fM|gZ
zf+BR75_I*Q#Ur$UF;2xc^BArmFJS{G1oc2bJ<nMhAA#etL5EDNqn0T$WQ8j+PPhev
zCfrdCwkm9<7KAoi6lh?o$NGu}69G@LMCgXG?qMNS5D10%ddxLg!yj}66gK*Wp`O@6
zZh=Ba6tzvT<w+KtFvUKg1k4C={D4mwjZ#D_q8Ixa+GO!dL=&G-4J;IpihAA{;Nj%)
zElL|l#;~9|tj)V{q6y$&ER;f_ICykQa7Dges(VHvGw1<Ue282SW__YntSxm&r93i0
zB3WV(P_=|#Mh!gt5pIJ#L0l|3DM)~fQsgmnDn`V$&=CEoyAc=^*V*C7IjH#%;X$Yr
z^U6HX6_SW@k+(Q~^k;zdM+e9#vq~l?FX<y)32h@W3B?#h)Fv}}AyqgP-^(zQa&$yd
zeNt_@$N%zkuIt5J<DeQUl2FtDEqs~g-ULLokkw$Z*kK3obPoh5viU?kN)X?XD2yT+
z+Q9KS7{NATGiF9q;{=g10AVaKWC2-LOpF-29!Cq7hz`5V48{4!@`_BOaIwGCf%;Oc
zgdgJm2s4Fa|BwYt?t`1~@LK7gG6r5fA{b^85U>%l_|(80iyl>=4usn?)Hv!&`Sid;
z@WgPTXoOWLq907lGJd9^`PfX%87+KZOcOM);}LCKk(tF*i0i2qnAv?CZN`wPB*MPK
zw;3HK7roG*a-%y1^9|mKe)SyX#>uF^-ZN#F%qkp%J+8orS|o7tEPSX}qzLw4#Lwhq
z33gx*H6T?HS1>1YVkl9BN{D1g2O362P*Q(<t?MYmb)h-=BoiVM(nn$9qLR1r%CHs{
z7$t#dXh7Cril-<<wZH)`J%^)IEQUYEk<2jZt}`LIpQr-06V2ctgNRd1X4D#lVilv%
z&~T07<4DHmkb{Hoj2hgcA*36}8HH#iN6mDATDt_+-IvT!j76Ley@n;J3&ac&iSk!l
z@`1+U2zbyxT*WUO4Q)vjPJse<Jgr3;9iU=4JCwi+kc3Uc1fa+rW)p2fL{N1YD=$n!
z42XLUdK3(5#F)R-hS2dE5nlosf2lo0kR40YKU2Xt#dK*AHNaq`O^m@W%2W`ELN&2T
zcA*U-5O#u^wGu`}5{k(L5e+KL5+g7SQ3ck>N<9c7Q4$59iXb0GVWA#efiKb22R1N9
zj0iPC@<0-w!XPIK@r>jZ{BWiijG#!0?;&#3g;7pFsE;e|!yY!qKtZ06;qe4<<szcm
z5vS0PKrw|Nh)-t#2_MS3PNcz)2JoWT#0wmW@zBwT<OFR&fp*{^j3}t@P(20#7xcw^
zlDe1$TttlsF$Ig{Xq||d<Zut-Qv#1y+JG3$ggu4{>~VDZ27&v*H|oQzC7O!)@Fdry
zeVis2;To(Wx0H=>Boio&-%J_m>m8)-hf7gU_wbq?MD1t;qnIdL2`a|NQ!(T*GbAp&
zqz$N(R0_v%iF`8ZAZ8qBG5FCskqW7XH{Sc4Y@f7xUIa#l>J-GkTOkcHr7#g69z_bO
z1X%YWTNE5okOHCEM#@AqDRC^k{}`2If#4G;2pb*=eF_U10D>IPYb*rjS-}?j%l;XU
zcv39lFUY4nyal1v19anojR>Zwh+bn15QuUz5tvBKL4xJX5ToF)5nzO=1T#K2o}1~y
zZo=$o?5DJ>I?us;M5HKCj2CQLgu`zT0>)PB1ni)JA2Bm7a|#w16QzhjYK;VeNz#UD
zP!#5vYI!CefJ!hb#sWDELCOOX1`wm8Y6KkJF%I!czn*5CqKcr7v}g&NsB9br#m6V3
zCTQoKTCC+t(wQi@*a{8t9^Rh8BeDlGJ%L+{5;=?UBUR+4nMY4ikGLuH7OjFGeoV8(
zgUag<#0<YHC=lPAJX{Y9B6>1zp*qFV8dY&2?n)$#a<oS3rLPuKNikx$^afje))r<c
z3S;tZ1iT;{jJB5K5e6}@iE_wtxafOyiEc4~+^L>%j%#96<CxKi>46cWNN<dl1P+B5
zf$rw-h<id!O<Uj+ufj@rID`78O;m<gO#Z|lQS1gN@r(6~szZ;r0svv<m)I|Y(-%OZ
z=iC316Ceg_IuVYu2mmF!=+0=fJg5;lf*P8~nZ^ln3aDmqCX^JD6tV|6CKi8UmVud+
zG|_*a#VJUJ-jPAbCB_Oz$p)hzy-S1`=-3nPnS8JoAb}wR&E@)q5gutnUbqNkOE^GA
z@K$@o)y~)?Jc+J5m?8>{wWQYxz!D&k7&d?$kUf2Zne6%H5M!ZGi@hW1n66Kl({_PR
z>;!4Vo6r$fd`Gm4uE$v$heos7tX6_8(#i70I>aMs86AQNEb)mn(;$`sy|rOoWEfxr
zal%koqA|+Tn*?BNO$sFXLiM;u6ht#Hqb0ob%#ILa8k(@txG01oap?&n=`!iy1@z0;
zu#@oS?kNsEWUt^)*=VE@$boNyQ+>o*YDFuI2>t|k`b2%bpci?L#l&eo&nO9k!AEjn
zLZ)~&J`PkVf3c|13w@@)*c+7dBwFhY#5Aw@TD^ddui}Y}%NF?zQc_96@L~U-?k(^*
zTkj~R-{rL5yyJfPEWDhPm;>saLg#fM(=!L1yEs1c)Cqm_lk9TeX{E#KEgHPtFWRS_
z+YS4B&UpMjVc)3}3O}h+J3s8-(z#RTA->kXv}gJJ!FJkYPNH?jpVJ7PO6bKU({l+A
z!I`(eFYJOvck{nosUruM-Zbf5It>|za{~Ta39L7=Il?w){0~Q6=MY4PUlJWhcseMP
zC^)v%v4%OMln4@?zp56FnnWJQnmP<JM|2{ct3NK4`Ddjr|Exbeyu0}iM*+3H<pb57
zt@vRt)z?bje%}ZnT0`M~JqijrGV}Kd?rs4Za1pBBsBrWDI10eqX#R&3n*Ze}2>gM?
z<8N0ymbf8aUd$#A<||}KqA)&;7fV?_UWLCB;qoZ_FW<vM$(eXFJ}LPi56m~oAb3Ch
z$rD6G{JAl*79zE9@q#B38yGphPGpiC1WfUKiH1b}iRO59SyOVFWUKMeVo6z&(Znl>
zmP9X}6kGAf{3JX?vs#LA_<VgN8VN=Ca?go1Qxr+*N7kyB#I}5IJh<y3L~)@XF&yl9
zD85{DlYAJ>+=(yuP3&Q$)D2S#3xyJ4yDRoYr^J29NyVkIC?gvM?umnpE^5+C1^NGK
zg%}V_O-9%z_(bHS%+O7UljJv{v7AEiB3Dp007QZ|>7Aew(1ZpfB4(IN3=+I0;Ymm>
zh$1+GWPl}Y(s$}hP-sDBiVz9=kQOrpxWYkUkpx!oO=OWFFeC&AFX&PMB;*MRlSn3v
z3|j<8=_i60s9~gsr1eQJB^;QVU^9geP`E0jMJXahkR#TZjXCH__@p!mnT?V(LFG=^
zEa`!rG+sJ_HXr~AL2KbLXa%gE#y_GW=_1-f#Rv*`BrSq*9HPKcMM8(N#D|!J3k4~F
zJTs}AK$D{4ojxQ?@N$LFCS;dFpb9}_6!e4U38P(0;!Vcz7sn(k2}T)~P!^T-4+dii
zU5yiXTJVcLj1P`C%)?_;z~NL?L*b-fltXLsu%6|k??@%jl($1gHyROtgo-#OBPDRj
z<=I3-U`)t~5fCT#1QnZEKnTljumK5(4T~lBkq@|=8kf<D6avUpJ&XBzV<89)lEfxb
zqS#pZARK5o>nT5rkb?rlVMMUxJP`^O0r@bJ&}7WyYm{8}DIWq4Qe%seiMP?@w-j5S
z$cm2sr)s9}sA<NISQ6J5niP7&4m}6Y<R?UdH(+?+!Be0X>cNJ<xRz`dUa(?_SYG&h
zT7I3}P99Hq@R}h)M<zq9G`1UW;;-OgRCuB`tW*h5T`MX=;PHlhxC<jK@E)DwPZ&pc
zs4szM^HbF{z8;tdbt62CYJ`LEppNJOk0^ov{ExnH2Ho}Sb7YuVpl)~r8r;D@N(@3&
ziVvc|Oe+-yODY5UqjZc3-jT{=%c#pV#9xsa(n;z_GpXlD@Cz^Sz+KcxtrnkoJk-EL
z3h22QzBmlpLA&tQQ>YDJrVriGgQtgOjB89VD#15?juDIJ#x+y|g&&HqS6CaPykH%#
zU2BMbK%2VLGN5tpInBF<tW%&|ZzOzhcppSwHYqCox?X`)?_Idy{CUYqdu`bGtp0ZD
zdd_QiM*A1_+_&{+l<vyweX7#l8<;Hm+d8@Z^XkugJDlP!sqszr><u@*Nt@hnZ@%b0
z`FY>=<GMN|JDbnD=h?t8?L#`%UQ_Ko9q=8)vNzTQYA;Bhw>&h|H~-^71em{CWMJ4p
zguJ>UuUN?|A_g+GY;la-63BbV-DX1WJJ!v=|9;S)5=lDjeJqD2!G$D<o6_U$1D}=*
zdTZA}{yoxtJH}=S@!Q4B_BMpQktY&)?mJ23e+u$VZt_m}r23E_D|QrmnJ7n<$t9ro
z(7Vktx$jsv|Hto(0CTBK8D}h&`vSJ}MZK$oU7AZ#dtq;0tm}O@N<a!l?VT*%;pVMJ
zt0xqW=FemGiSC!>PrRuqqx`B{o%*QWK>KCiK5riTV)E?xCEB$#`Qho^h(?4!L92T>
zJt<2KZ=D(4|J&7vWx6kvLFbGG8)y3O0x?;PknC(-`LG<?JN50o`sRfnUQhc}{d$u7
zKT}8x8@N#Sv=>bMq`nCgKd8SSR{uY#b}|CJ3+uRM`PKV<Ya_b%VYQO<o~!FWtzUt#
zw?DsIf8VQbp!I4WGfc*Ruf9FgKO;<dubvQ=aJTRFW5P+a{&cnea6Phs1<X(P&%*O3
z)#Lg4mD_yS|9;RvEeLqGdK2KBt=<LiAOyiP{a7Cse)@W^dP51A8e4dUMy|h8*WT&x
z8|lOPO)px)0fcZvD>O5jz(f!N6OakB<SxP{&!G5+_05~X&(?TGhx^(7N^k|UfJ=xE
z+V|^|pit=fUbXFB6PmVE0i9($#zr46CwsTPNiEP=xb;r`!dL#Q4P0<Ye>l?-Du|z{
zreZkk1^BzwDF7gdd`uW3K^GgeMCv5KMB|<6P)p1Yn#c%w3=>hl*Mp$nM8?DlSs;-%
zKkb1P$q+TYVwYA}n!kXLa1vW2&V6Jc1jfm{3ld{3rb3*Mx`R+*FubuceSjB^gh-3`
z`_>=SlMN#bM_kk)AfOKfA}$f9aY6%WEK!hpV-)Hn4M%B8C7KP}2(mV80w~Z#bT0Pw
zo#0Vy@Di>M`f-hgS8&odWsMr(3~@|-4eJRK-hmBIDZMA(k@PBvNybt!k%h~xg~kby
zcj`f*epVX^yM@b=9^fQFO=+;DQhETkv;<jRDiBf!kSs}pq(KSXr4dHcZxX9ai$Y66
zgUm@f<nV}wT~aS8j&w`X2Hj-znRZP}RRT<qJitzpDp`<_OQ(`l7>N~<ynqVS(pq#e
zo&+W9f~3hw)8KotezlS6Wahlt0sTue^p8qtsZV&gC*{RtEHkR{X|`0!cU2Y`!Ckr|
zVN9_P&O}3Rfk7%O$)fRr1a;9Dzw{R>Wn$a2e1P;43`A0bhtqiGic}lMDq{N0M7$Il
zRwf$RxtI%FO(6h9{SsOjNvLpGYV1E+NK}mtQy5B=$x;%q6jE>_z6Nb^Ot0(~jA1I}
z3{0srWg?r+)Hby`yiP*elGi95jz-qVFG)<5OzA`KY&}T_0m#A`3J4Y)OVSBSQ~(e9
zgHw7dJ;gJh;yqDUy-OO34k!d)k{Ky+muySP!4s;H1JFbw@C=<99P}l-Nxzv<SKN_u
ziw+b3P#sq8l5H{+UPUIP^7vGV?w6zjES`$?k!Vy`p)+Akilx&T0hJX;z=G?fEvY<c
zjIVcNg9@Jqp5jkmX>*H`U<lI2CK5+3iZEh=Zn2PR#`3#HypRVG2tgC&R!^a(sh0pg
zt2UH5!vvlKd!v+52!;e}f*|%FCk05&J+&Qb0a~O4ks2MfKt@*y3``<y7=ReL#tdQw
zY%msSW8))w%msCUH9?5*5i<m)h?#vr9mXPSyqH4N@eFZBbo8Lcj7mf(eYy?`5W|-V
zNF|K$My>S5<e?7^<TJ{9w)tvCfzT2NR0`Z+PstW7jU5vU`j|ZQqJm~LQol=WhA1=S
zph>ilN*5#O9;1$bG0U#uG(|?8ly|up$_P$4P?D%<3<($rc;NLdl80_ai|V2`Nduvt
zh`FjBsL&bQq?2)ED72uoG2fv(I_T3=c<gUr(U)&2UxNmAR0u~xFOs28hK59e%hO~B
z-P2m-%{chx2RwllFJT`C6L-rPa2H@^@EAJnBFRF^$RKLQ3F8ifoz*HJGcwbyU$pg<
zU)0qzQ-HRhVt!pUI@93^&oLBn9QEcFALFfohb$Ny%SaJpp@_C$0?02?CZZ2@egFs&
zX*SC}ARs2DU@IR-X;L`FnurnBA*>#-FLp9^3rV$f71GQMrZ6F3WB~~c4^3qBuPuAc
zu8NDO8%0J$*Rhy*vWFN8dm_s-gDu_@Yp52;837&_r3hijM{u#)$ViLzEOD;$Fh1#(
zScM*}ySBblHQ&&Xcu}Qz9pA)(1kK3CMn&R<spzeTL{dhidi;qW&qR56Uj8Pr5*`Ig
z+zy@4B@t&h!yLsR>7SQHC-9PlsCfJ=tkDLB#F-%my%A6vrbhRiUK^IwiEra}r~uf|
z938>URDdY_gLhm}%&sS6EWsTmh)^>L%GaQd!jq-Mxo`y~Wdl)M1U`Ezu}XWMX&@ow
z-$=%d7T_)EgLhiT{GdWA0ZbE_(w=FA1>VO=;2f@l5Y-qQu?J_t5TQ)Chz2ooBsPjp
zy2%r)$g&YUYXl>P(+mW8k0ESPKRKq8I74Fnr`N_IgQ&`(G80-dCEzy#*-Ec5GBl5d
za=n}kZHy5^e>wtY1{GgWl8)iEXCnWMx)>Kec;<NypWMV*lRi*Kc0C!h9EonmI!4u9
z@=jm$1FFn_#_XXGu94V8iS9-V8BCIhD|oJ@P$)8;SleizBjbT7ZXAqoL>+LWws!b|
zJFE%VXa$*M57<}wi%Lm@1wXWwo}nPfSe(Wk5Yh;VDjC7)gb3nOqopPL!X|1Nd(L{$
zY8nGGjyt+VLP!C}T5;#i-!Y{SAzsvj7>F{U96y_QhEW6@A&g<fY@iVY0v#8D*$g_f
z8j(+2L2xKLG>u8Yh+ui4xPCAR=n~kVAWMb9@YW`_mtzgDXk$DR%4X1b9h$(paHV*X
zFv7r*bDWQ*!dqch`e7s7gL*6x`Jfdz#gfI<Ck%rg$x9|e(~&~!WHiwSG8CLx5T9_)
z=!i^*LRwZKEfVI?&3GyjMDuVkc0)frfY6VXLA&@VVIsLfW=|*Q@D!O#PymLE;Tf`z
zQVF->%UM_&&4$7}G>^UJslgKMNzNWSqIVLBTV#?gL|1+Cb^63b^2hgr4)(;ycfWKQ
ztkKKR(Oq7Tw<7})KQ=2qEEc2LRvH3^=8?!n#0}RxA6mt$ga@oUyJrkIClUY`{L#}d
zdx)~Z79Hp#s~THM9awCl4i|z?LFggfOn^^j*`25eERqzFIQ<K0Nku%AevHCuH&p`@
zNnrzE$x^e}6gM#ko7wyYnc;!qi<99uNe?~Im|Y5wW829v`9}-)P&jg~Enbj$Qbh_#
zPa*|zNMc45cP|kd{Q?oY1UHgJI<q_iM@WfY=~N5|snI@|!qteNj=r&pWE^$S626R=
zCuluBBp?SJ=uw?!Cr%42d>sRaGRd29SZgv$hT)DQ@!Ozhi^U(tBa!}+F}9xlh{YiV
zspjCM&(Q%Ah!!{<n!+0nIG_j8N7{HJpV=(jOT2>q!g?_b_~Nzr4$?+jT_GL%)S50O
zf*~CwN>A($uCstBi}GNP#o+n1@qFSZu_f8TS5^Zh{J4TbydcX=uifVfgEM-Nc^I;h
z@ml&PLAC1V&X4L9@-;!z|F3szKlVvY_k3Ox^`BO$^!-{%{6YUh`OoXxht-2w<UiB?
zQ0=O}#}Cur*_!t0eqloCw>610p9stJtkU|&Yp9;ARwoL!w7*fyyiLu2TJR1panBUf
z8OsQ6{=Xm9!)<N-cxEco;Tq}iN<a6sy}Pt}qlU96`@Md3`LFB$2L-;x)F0Mgi><SU
z-`evp>gR(ZXqzr=i?xGNTbPZgW*ffR>*Z{r#&G?luC!@R806Zis$|<QV9u_=^i@BH
zXMaF;96Z^ruKju6=jSyqxXA=FdFB=a^}!@xef&bT1##9hd{v)6F5Ew^ezMX74H|yt
z@fywz%Nun!i`PA|`Mi}P7N2)F|I_0=T5s%;a=t0z)8aK5C7}p#sXD}tZJ>=OHGzhG
z$Z0vp$3?_!p4bjn$<XfW^%Pc{KFz`q?WYSs5Y&o$s9VGTRsDDht6J~Bt}7T_h+YYv
zmrCl1iFWBZVwq>#i0NT@yzZW>WdYtU@p!v?v+M5r7p1coyQ@W)x9e|hq`3M2yt<}&
z8~$2PvN!6lIp2f%kIWbXc+;kk`=Fl@Zv2Jdc#V(Q;%f!QPTxxV6UDBNdy|q`UJC|3
z>U$#1f6<dJ@@OV#e}>w_5xr~chq4sGQ^l^+$RCsN>+Z3h0mGt~XfMePKBX(C+nNci
z8>kUh5+7rcU<R@Jf9-=}8gZ~zsjVQ%jG@`^Ci_bmMi8P482(lDTRmPJLlDbBoH7TV
z)g)tEFsEGg@Vve}gVLz+$sQbR5d6RG;f;`?kQG|)eGP&u<~bX+va^RqHn?CO=>bi{
zc@x8;=9MMtkQcL?jW%tQi|c3`s7OXyeg>v9OFadfF`e6Xn0n&+mF{{8{w8-0H~t1y
z&hZXs>sM&>llsqj3;l#UzCF4A|8#viSHC~)y1N=Y-7`mlX2Ok2Z}!xln}*NJ_Wxzk
zDn?}qr%5l5qr}v>M54$z-Z%bsCvm_^J5uy&{W5fElNB%BV@rMgrr`Os+P*jR^zgK&
zp~bqN$6v3FMHjo%#U(-H=^BlZ+AUhLQfA&GBi)^!*QZ)P_#-;bwKosad}8;**DELy
zN+qd#tKg<P-NShzvdb6!b&u=bbJtM!Mp+0Rn#MHK+oU~oXf)U^?N&c__cjd97Zw%t
z-1&Op_g2@vy;FL4qo?NQy|su9$-0{>1%Wk{U)M8(%!?~%p?KogMOiCz63WDJ(MWgL
zp6*vW^?aNRuBY`_i^<0qb)7Yh)3d%2Z{O`ljwQr#8cpXtjTSe$)zz^*q5Ym6w0HTb
z@y0W{96!-LyI)^B-Rs@UHR6_MAKujWp|{fbBUw(e@KMnZmT1>o^K(Og<29rW*TrWZ
zJNOyFN%wf5Cza$aD+8N64SiJ0hg>~T5Y25@FJsRpUW@DqGU7*uI17jI@pSR<s~X34
zK|HI_`hlJ5S<n=_k<q*RdB~~sb>}v9{F~~He`dYgim|bk?oKvqcfId#Q>MFrxl_;n
zx_(5ER$6{gJP_3BmAB$ozN!Dy_~3d)<S$k$!P<v=ZCkw2Muq2Ce-bQaYomV4etbI}
zKQ^AUf3%i?We9G=$oKEouHl4YR_95dSCea!x2L<+#X%BqmKVoQ_M%B4iQT5VcpR&W
z&hJ;;b-C<frD>=5Ctitn^7*Ote`)#P!Q3sob;#EGspV6LY|VETB-iG4=~UsDFqy5z
z<L&rOZPUqGsd#at^-lG&X~#}?-MR6|(Ft~c*ckg~g^kk0ZuJ>^wYn=dsh)m({4~j(
z!=07|)0s`(2~Wb&=1WFCcX!;k4ZPCd7YmMy_5YjtPS#Q8*X0L%Zn6;TeWF^Dt}~_c
z`E<5heZ15sPkZ!!*<&78+RYD*wX^)gdwgiiEP1TWSg^&<@q@e76WdECFW288nnd*{
z`)glUR6r`OSKHFuN98G>uJa91IRCd1qfKn_AXSZ8v4^E2PaLdedu>m_n#Gh+v!?S{
zLhmPv`j?9K-G#%o-s$Q2LErPo^|^aQ3c5cHo8~m@$v?0Id^&52cIXNoI^;Wv8{)18
zd+$fqGPkX_w##1JAUi^HW1+y-K5zcJ2wm%xLdUcd9&DBhX8Zn9$1UjM(mq~;uS76S
zlE&e|R#1L17XLY^-l%YMw_u6G_)Sm11Oel|n<JeXoz+_~8K;KGP8=f$R}0H;OB~t(
z4X@Ytlt(_UPr|b+^)~@%Qq{E^zWG1BQal6HI2r{|IQiHjhaama<lCxNyo3_QS2aBA
zzuSK%U!Qib)Sb`z2$EE!$K75wS{4z&RbK*T(AL}P^s;O<c1;OV5zLi25l9cz<MS0-
zu$Ny8^xqb2+QhHDS69<_H?fR!Hn#EMH?JQ|k3C2%koJdT;2XWz$qf$8z(-m>vri`T
z?A$(xr1<zxYNVE(M3B%UdBVEZaM}WHf<`@t?5GLeM*CCSJmF##_)zn7i+3yb9%>5n
z9H2P9!+s5MVG36*GNtx#iYd@8Q7LYVCO_-Xgy_yq<%lMX6>IPsU+t+-cRf<0@Eec7
zM{ed!j6tlpR^upgd_G0t@mYAdTe@?xJp8NmKZatSEsRTvH;N-s@|<$9B#)uR)R3)i
z{_DdJx6}a=4MVdp%?@#m<Eo<~w1W1Mb6$P&eLyjHXbDAE-+b4xhHWXsp)PTQREwCt
zRAR%mqD9JxXS&rd$MXh4zL;7j=R~PEb{~f6OI%p}&5(jL&zIn1n(PhSiD*yL&l4qX
zD$xQ{Ar{C|{2T{6V~>TyRb>0s*wal@215FAZ&*=cTrdj$f*cA+G5<gE?k-lZ^STrJ
zKBTBaSr%m;MO6feBMOSZ5oATCC|cqus!bhHGV4g9Ov;W&NmGiX6vJ_BS+ZRf2<A{T
z&WzkKVA(Z_K``h9m;e)Cd=V7B7+``)fEK+d3Uq)DFoR~$s{k#Ki(Yhq_M$-7@A;pH
zd%qv&ocGX5GJ}db@5kQH$9mTKum4)lv!A`+WinOk_s%9+k5yTVhu4O+t^e^-%M9l8
zu(1fRE#~sQ0ja=irSwbH^>`l;&g-$_JFR_bL%ehpF)CSXJ@Le#l50;}3#;Oko_ju4
zYSzZ(8q6QPzI|0I!-3vDDeYAhO_uOZEoJ{&b<wAwy#%q&*3pEqzO+Iplgy6Eao8_c
zdTaPy$NeEuu1WM`QO52{Eh5=Z@xIQV%N-rEaTRXxa+|3cUQB(wR?c6kl<7ZdD|G}m
zA3s;+F4d<O>hD~+(1~H~?VFckw{?7LA)5u@n8fR)4#H!zQIAF0m)+k5(QcvLitP=n
zsVYY6?GD<Gj)1XW5X%&9?;c@>FOL9T`&+w@VbK|G&di&o+;a_;T=NTM+?Q)YR>uA9
zpRNDh4V(Zyf6HvLY%pE>j;Szsjh@-PZuHCLgfm*K`&%r>%X%9-5z4UjUw#xFcfS}N
zT-Xt=gk_(h8*44n#}}*2Z`QDDo%hQ<<Ly4X)AgYq-WIc#9dgUhFU!5=1JrcVvOMc-
zGs}~sbhB#(siT$Ia5Ow_A~Zj{Pf#9BG@5z1XEDQSJ)avd`_ImzV&05h7M&p5jX$=W
zD{$6tO#Y_V^kxIAmRv7gY@x~V?6MYwbU5f&HFm6hTaT;5m-h>3xi1Ila_tD~Lr^`u
zzE}HWiq)OPxZ!qr&Cy|pt>5dzxHt*9i}1#DF--3w;dxB*r-?%MU^T8Zx1iP}<G)#s
z<YI2bQ-W(@T*lN-LR^mt!`;gUG2Gjg7bA<j$)VQX+3C!(c9yfRF;3SGP87$cbrbn%
zc9%?J?L_Z$1Zg6Je9lO>Cr=ld-2{2|BA@JG%!6eiqjpIB&8jbt3{cX4rerl4I`>%R
zr1@v>?TalI9Ir{yi}h#G@qB%Hxz0Ra-(ITsWY90xr(W-|VeKqBz}?@hzbt2vwa-)*
zrI?K~mJ@ni7xg*OS6e&C)M)n6QZ3>}ifK!ot`Jist3H3tr|E*+ZZjycJ{u^4Wbq{n
zahpv-dcIW0EZ8-IxZ`tG-h8Zmd+<Uf!q3&Euk)4W9IuO@=Y}uWyCbjEk<Zui;Dr{6
zzgXcxbY5DfE+@nu%Dh(P&(#IVS*r{OpRHqGEJ<uO*j{&fV6@dTE3e%*o|p2mbw|M3
zF+1^mJ6`V()$6z0#f7J{)PIKz*j?TF8&1>B6#HyxA;VcIUM>RAdopj99X>N}2Np*{
zym*?I?NGlhOib-)1_wcz`Hd;=^7^sX^a9!N`g4;}!8L~I7)oZ5wLc!4v5_?k6E<|&
z*Vj33I+{Y=dNezn%L7ld)U&w$$#%Jr9Y#CV^f&AK)!LUj%J|sg64^MDj?}qy@K{{{
zaw!U1vP(EYdLpfEGtRGEtn_>Ng57F8WwE?p2-~Hnm)<O0_gPmiiPC8T9GS3s*Zq6j
zHpQoj0+=LdYL{ROk5}r<TjeLeRk{uqhsVFzv?IaN+PqfsY*v?Gvg2#Gv$vAVoWqyr
z5!$_D+1m7S{Vd1c@VJXpaD(AI7-JdM#%+wlqa<0D_+<LrJ-%Uj!7rA@nVxPgq9?q?
zql59js0Sh0dellRT-I13$w^W#My{!6c!2N76~mX7*Em;f`9f()G{Y;TTb`srwaX&$
zug(U;;}@&WeA2tQ-5&cxob7Lk*ux#uCHLW(Wwk$Fvbba>A^b+w<I780I<>6sUUjT8
z&;(Sl0+eK2vmDnKIf@bPURGy#aL;;Q)epT&U}?yLdU~9-)4cApo`pxqIJ+*=d!4hw
z<^5UrCVF@!ew6Kii=)as6NfmLOYgD#az9vmhQ!ktLrbgGAD&vZE<N*}-%QT%8EnjN
zf~asc`ML$5jt5{@IiXL<hhb%SrlVry&+g5l7rxU%rafx(U8#kl^YBG4)7-0bMQ7v0
zyD(edaM(R4Wgo2Q{&GpzWB+_9>@9MdGGXS$weI08-k6`N&G*?^VAhtAVR-bn%7<JU
zVD)h;=+fSfJziOkz4nh+9`yCfd#0CRhDRSS{)wg&0d^_dw%5$dEjPtn_#rY+B^o|6
zMeSJD>}MHwPuF{K@mg(eTGZ8a1lqxh(M;p-v%B>P6C}2L(XGGG>#IArz^6#x(X{F~
z<~?TGXUF_>CQ}pLXQxuYEt#|VV=vuV180wE=9<x#Cv5I?Np74=j1tY_ulwI{YB}FQ
zF-A{@Hyuy)dm@)mGZUK5Wu{j-@clAG4(mbYaQ9LiKQq-;e2E9LRJU^Hw^&dP@J?f;
zwMXV{W5da^oM&;v!`Qa1aoA;eY8hflH+{HX_m$Ll`FePDUW%VN6Wd%aiSfrW*+bA}
zS=Qh1)-t4x^AC0Db$Zn<3vO~!8cC)#T7mC<yK2x#&ne30mv6qG_`lmklC>=F!3L+_
ztT~^HnQXDb2Ht1qEn+;2bBN{f)jdX$XGA(lZGN2MeOStHBU5(k%&_V+=a#S{U7NFy
zOq|8L*$6ee(LSs))>uBmnZ9eI{vspK_cTVYdA1$iS%x$DZy#x2bMKq^$8k-!l`U^2
zD;lCeU)%UpNxOFNSBBwhVTdu(+l;`=cS35Gqn#gR%bXYw&u1-JX~BHr!|>AVno%wa
zLZ)?yw<>yEXi+Ph&p+Rg@`W23pyBC?*s%3o(|6P=p<3*m3nH|v)Jr>v-2ph=i`S2$
zoQNpRHLPh+o2E#8@a3fQVsuN5+1RWge?eljt%~z`$nyLtDj1&KEE~>dDa-g~F*|Mf
z#AlXyo3VGql4XALX0pas|Iy8+UU9E8fGgbZG$wktm@qpWplZ0S$4=Yh`?}#ywY1*z
z5F6fP)jWFogE611Z}WJne(s#b=de_#%e{JAr>B=`CH7wyUAAjIxLGoG&$hCge4(%6
z)Sid$@X+M&i<?e+UIMV$9(A!s*E#0%^;!OJPr`D3=(8hep>J+uduZiLkEAxoI8j=3
z5r`a}FS6^6t=1l0oL@Xv{c#lemWbD*(b_ucuGDtpjLNmbZ?+lHxLd+{u>QvEYj`lF
zt)3)<%SG==iO1$+Q}jDsTbz`>{pDIc%BF?ku0`pGQ;WxJZ|Ix6MlDR*Z1V~$sY~;*
zy6Q06rIXH-NjrCREG%dF<*n?%@_TabB35?e-0yD|0Os#I_^adI9mMH+9BuTM!ohci
zKg}j@tVC_+;N4?pv+!hT*s7PON_nIEP=~Y2_&6Tk+na{8#nQ|3?oo!$)qNv*TBxA5
z^d>$2;8H3Hd(C)Q)mWMVE%ua*0EY{;edbj4@93*PE$_dJ2EJ3*K49JT!<q}cc(Hn&
zUDKOJFsyZ{N?2<c?e53Ia&@V1X&g>v{i;6_9y{PPJz>9b6+v6MJ#@Hh{QP_!<7>ki
z5oCG9-Tl(=@cKMYb*;pa<~P9htc}i(SGG>h=bJ9fL*K0xjBG}1arMRdwih$;F%L|O
zi@5n4!*IKObe=Hsg<4^nZ*w0R|D(w;vqCqGZBJC>pWRfj_V9c^ZoN~g&#jU<EN}6p
z(#h%h7HgC4@>}xeuMM#Nwd(7!(q*p3uHCb|?$B1br)z|6r?P!xnf02)b(^K9Yxudr
zo_6+|J6xY}UC?tf+>W`tTpk0ocR9}u@zjd#_Sy}nQ%QHn+2X2Plm6_yRaUcpwwARP
zUd{88^8Btm$T80q@thCO{qW=pPt)-HFV6x|#<RWhToBL9@GO+^ZxNAl5WIv*`|P^2
z5BYNp>kN0giphs_U4FQCetg~EhI{*Z=5()8YolFrS<E2yc(pKOrRTAdBoh!v^W%m1
z<eP;uoVIouzGRc}irkQwtwd&uvbmn|$&AfMts0Lqjn_qX80o@X-BsZ)R134~Y&+Dh
zo2;^iVReoEFm|$7`ZH%Iy)%79dAKY+5WjY=BM&w5=_;JO^{qDEu6ryz-sCW5SZh!9
zYeVC)w1>sWGqT&5C02Z?jXb%gG_BXSrOs=8-m=59Hc8Ul>@||U<3gYCho7IUKabz1
zm#n3kM=bW8xz}jJY0JZ_tLf3K+RaQOHm0piv*)$fS8FlX$NPNijj|^1$g2I0ZP%^9
z{RXBnrcZmvjN|Q|Q}hj=pIw2V6}TI(OwFSec18`)<V%}3*VYu%!)MGqjI`e*HkG!|
zv=W2Qmn6y1voEP}-FjLZY9`pPpT>(9Z~vTaxz#@SP~~2;$9txCw)*<5;`ej)N<(s|
zM5^Jn>Dn1A%4d|BUDHgClV_tuVm5M(moInBzFzyGn=GGst?Eys$E;kj!!DXQKVLrA
z^7DupnHDC9r)9+l$Mqv4r_?O;^ZOZ}Hg*|R+t4>%N1ErfXfOLHx{uz_^tt(1u^&dI
zRV#1xoIvTu)DWh+V@i@#c$o=9!kw^3^7!io4hhWhdX$qpgFTe%c-;@&pJefP`|NRk
z?%b`PBYiLF?q6KLo~fa)-gE95uAa|IrETgMfe_NqHY=C;JLG%G+_RV<ZX;1Y-do7M
zti6@!X!hF_incH9C4nH3H9!-9<_@p#^xTg)TDC)si^fw@=`Pt_Y)V?K?Yb*(dP_$i
z|8r&0Z!UBAubgX(p^G}4wP!%QNCeT)&Y1B)HFuAfwa)AwV)WOgHPIL!;xybNWZJ|r
z8#abV=Lvn;Muz-;&2V<Q?QFiK-ml51<ROk9yY-3X@Sv1yen0Y5+e2G4G7+DDZpgA!
zWVlS5f1wFZO{6=)qgeg`1^p>Nd(!SxBag)XsnJ)nrN~;v6*wYvS3kybr-}X5x+IQ<
z>yq6o?izK!NY~|w`j*9qK6QStJqPMUX>M9mxp^5rHLQJg`LvrPEXSI^)l%mqla8@m
zru;!{mt;!t&(-3<r7AnU#bNE4Wtdu4a!Cq%hd?cPYg%}5^w}|;6f&j{sFV67H9uLB
zj5VTp`W$Zepvzw_DQhcd?F#=wEp61Nm!7M{@Rd655v(s)-JhwCN0wn7nxxV&!~!%a
zIeEDxu%*;<ZEQq+zIxB}@Oayh2ye3<H`KB%WDa#7eV<g5IH9`prRUG7XQIQl!yVHS
z!`6TEax1ViJ<sNiQQ@?SU##XY)<DcL7%H<khRox`#<f!cQD!rZ=zZUKza0vZQpz`L
zNZ_{C1~;9XEV|=pq~Rp_RxO>ZiZoPY7U}^hQ!+xQ9W={TJRJOXJ@jC{*Ej~3PS|mN
zJ8V7pUd=`Pd#V1py7#&IXUC`O^1nL#&0)Cf#X56oc(mx?Qx)pG4(mBKtZ#omSmhqr
zt)-e_9crx|Jy9!E+B;D&@^9_2-RdorKDJxw;Q?82uKZjp0NcF=8}>l6-f(U@{+>X=
z8jVD|v)TRPx<OIjL(3dV3y=cTwFmm{%r+exZ?7Njob7+OXBr;OTk-&$;qmG5?)F;j
zCD2HynuNpA={L9R4UbN7Gq%=e39n2Nis3dgqJZJvoscj*veTIb3*7@DOE6PEHCo8I
zeLU-DN6!>4tlSJ|m+6#mt-M}R4_=$~HS1~5m;Y#)buQF9on^OKP|<wu#B+5ts~59r
zH-E|g>sId3Wj!ojlWt|7T2}Up)sK)Bf6Ud+NX6e;y?g9hHtx-m+-xH3Gu)kPWn`zd
zCkof~h@B-z>!ChNj-Hx1>Y27@7Fy^>XItn;=UcD}7a6XUG~Xym-zbSZb#|wt+FdNG
z-RV)!<^E0^o1^b;x9cgsW4p6Qd%LqoXWNCbrx)7oW24Ejw|;cC-F|ewUC(<S<&7Tf
z`+stBG?ICQVAuLMVk?@9lI3^5zDW;lm9Eb)d$f{LVKtmSMxfa=sNrehu8LV+;1`~&
zE1iK@{3HQ%-QurH@L#!9{F1b;ud?^mpR7iY*Jfw0JoQP`+~llQSNr|Zji;XJ`|3JR
z_no7W>{m)-`dQ|?!{&*Sv-dxypNZjFZR0`9llSd=+gq&cQy?SYZ@kX+*Ur4TV_>+?
zl+{Fad@v+7^R(sRV4-E*W4Fp;?Y)05yc~S8{=6&q>H4d5`ry;`hy6^ty;i+?ty=Y3
z<?FRd*K3up*Q!ykRp+6dWH5ElqrQd{%0w1VoF<dUeRZk%=r8JZ$MIC3>zR<}y<}h5
zy}S%Z)?wsalD+rBXXjo0kh+_w%&ywTPWCyE7#TC1`6ZCy@w3%7T#E3|w|9FO?Bo@{
z^a1gCj8r{q_u;OE{vfo|HEMrP)t{%Mw+EoDP^v6*YF?V`f3k0)Pct)_8mB(PQ)dgC
zrd6~d$$zhTSe6dNq%QSzTy<rwt}D&vAjyS?XBXQWcV7gvW2Qk9{p|CeJp9bm4vV9S
zw{<@lvuCmokBg5Y;guGZ`l?}~YTpsccQ&hB_4W88ZQ_TcjQ^LLM~P?iHIEO^mYl;Y
zi}K7$+wXzu%PyPM;{4vBYt>KucX(v^`3ogMUlPgM`*2?#h2v@|&sTyb+`Bj2lXEYZ
z75kNj#;AAV$uXx_&cheKP%_a{$Kh~~{B!Y|*>GR%LLZiyvc9T+`B#1cV9A+>&(@3p
zcN)Qnoz2p3pRm`&?e2>ut<}rK2G=|4XwwI;8SA}LZDq%BrhW0B;eq9v`&`ppwRER3
zjcdNceMapn2ljqpdo0n%@bHEDF8?NT^5QSmXNb63XI#Jkts1f4u~@2$^IvN1eFV(0
zBo~Xl$!7_vd*amoh08}eE_N^Xda<&l)}GrhZ*jOYtHnXcJ2kJmQkZckXl5*J)^Kv~
z9;a9HtLLNco5L6V`0%)ysyvZx`ol-r=Tg}zn4anLu~|HO93iAEM%;$})AObK3^~^-
zuWqxBof+91(Q5szSIX8|hQ-|9EbNU7n&%4-^ZeDX*^SwV$RK+jmk|40crOWR?pc}p
zg{ptHdV;;gkiJ~S<0t++a|c2EvqzoT`EynxW|x82*0<UEKAFepDe|@(OU37%+fPQ9
z83Db~fS3~tFWxh|EGoZP<6X?|nq3b44NP~R5*BjPen*lS$?$BS8%6&47~UEAL?MnI
zWqtVaM2p31`>1`nR$At2x4Rq{b=d9RS*dx>Q`U_v5T0+NeY0$xyU^UhiqW+{&6P>}
z*05GfY?=E70ogM+X1equD)R3z(QfSz=U=LF`bloHtj#gQ*|nutmgA?7y?bz^+M6|o
z;=u6Csx{!F_@&kn;<<_6^r(e*YIQ}#`ereT*R~jXVyCi+YB$O~(92ycJ$0t)v9p-*
zbU#1eXSZo*?Q7HC+kPB&;@`5+aNTgI<+?3zmiI2p29qNvx8AKxW#@agQ@Qe<Wh%el
zvrJ|GdzPs@ea|vAbJ(*?pI7WQ_L{5g`1oJHbCh|BS%{fKY3jlG{M+~bXV1=XZ!)3T
zSkbP4?ke&2%w*3p)x*}0r5h&6(kyAnNS@P&jU;)`H3lRhF+&1Ej=(l8+poU%mOX&s
ze3fwXWltnJ0W2rh;nZvz)q_KK?k{Z1I;F1Rj!w&sxbMp4@jfMRY;FDJx|({nu792{
zna6<Up?3-B<MUyo_=_d)>@s<4yWOgp>nnW%oTbP9oSxZj;@67s+&V9SAll*C`TixP
zW4Q0rlEt9kdcXav)sCrBEn+TgESwE*CKyO9%N|+Azf=T(QiirAzF#F0G)=kKQWBgA
zssP>>Bha#z)Ie~@hc6ab-2(0bvJ!yB2}c%Adf-f}^%$u>BTTk(GaWxs9q-I_ndRBb
zVy%L*Md78wJWg!Tm!&MmvS~&d)9+rMVn$$PPW$|}9IgI4qVUhAbYs6%a50;V()+w_
z*$6AQ`v?qus`a@~Lm$OM))TC{SOpyJe0N6f;b?Zwo-N|>B#Hub?f!AWa`-%`O*eQ<
z?>-q<oyQE*KJMip9G=RqrrCSkIahby@jeJBFvCS?Ye%zsg0i$wS4Zk6bht=blJ&55
zYydsE5+?R%wzzgf1Ag_)R+8bau9F;TD_IN2Dr(IgYgYgkj@7!$!m*033&$#&E*z_<
zw{WbY+`_R%nXTQ<mlNL>kCnye+OyiWc&sA%Lb*j9*v&d$&QH$l9=#J!cVFvDnHs^a
zYh5W-W7;*YDz!?Py|N(fEZWUAg+(1K>d()l4Ug^4Rb%emnCVz%k72y4+o9cTu&t2X
z*>TI4ONJZB&WdXFHg}}7Id_ErPg^Ms%zQ7T&3vy>&3rG!&U`Pl&U`Oz&GhIO66cRp
zpL1mvYgNB9W!gIP+>w%H=19Zl%n>`UcSlNoDrxUBd!b1?d!b30y*x#klDVyU%X3|K
zu_oSE%I7uJR^DgE+`RF$3|CvO2eE;i*7Z170&qvR(Diras@GHdtyTCsSij<S@Rj<z
zRBQjQ)O>3=v{|b>!y#K)hI?%lk$BoRlFb^~Yd9P{S7rP{@v#0{qRt)J{NlH3tLB{-
ztF13oowIcvzRK41{qvRV*z$4X*ip{{wQ(lxU#yiy&wBF&xNHcq*{x(bVV0V8ujy_J
z&&Hjuv<wgKRIVqr!-G=d{>yyJR)mbHdc5mGOVhqp?Tb(DEFbQ(Zbu4HY_8{fdJpm`
zo0p_<b;Z2aMEmts*D9=sZq`}R(DSy8%5|@A6l*S){6duw1(U*x%flT>^&R<US?5AY
z;#$bH*7Bs^+V+;bO^=h~cTdNlM=cExx`kO!l1!=Y=63De1N2_)y0}zlOl;iCnk0O>
zVm%zJ4LJwDUVrZvDvWqIbfsDw4$+q<Ad)vf95B5)Gu#oY+9RW!DUq4KQO#KP(A65{
zu<kMc)`wkd%U+q5gx_V;rX0d^)3(>Fjv7rg&0g;mw%%$bNJ2N;YtcJmYfge4v2~-z
zR-$98TTMSn|I1!Aiqc8l<w+m2*fO>0*qZD4p5BAio;Rw!jxD(p#G78dSD)W39WBS!
zVo4Ed9$V2*$Ck~p!PZ>A_hfQ&t@SvOr}hJkW6)!;Wu1D8E!m$L#fUB6X0bJck-9&(
zKT&6PV#dO9S5o%L*6?7i^kx-Uzx+%lY8pp(!@*yzDW4gHSiSfRslL`Y-<LM*6<_;I
z-j_`atqZXt$@~PAZ~ZRAZpF1%PE_CU@lNHy=56$2Hk0K6lW3@(-S$RSlgAU=GoxH9
zK2dRD?Y8XZ`Nd)z>^5D=+<6RBEoH>HRv2AP*SGp4HlCW1*=6-mt)M~Qw7<o<Uu@LJ
z-g2awXxDP`nIrDf8t#?3jq%f`#K7U$;u&YRGsYVku!!qewRIyFFRsa1wW|{Axl-#}
z<q0SITJ5a%`q<)eScI-JqFI?Lr>d5otWk)^a=S$9rz;oO9z~t6Y~%CGuRnI3^$n9|
zPT57qqmH*e`|Lku>uPAVSP1y?ZY|<L{Oy_mzFpQX6j)jAo@1E;?iSbCrq{XKzJhaP
zGV>c3VbqL-7puoCjildqD&{Z!)tZ^-2znw%^xW@HqjT{rE4rA^C@vNMxgHtaxSL0m
za>g;7sP{!*%c4@hTHAl<FxMckVa1wz`@I!LFr7;e_x8K77S0@9IC7(vOQqkp>R<fK
zm9>Q<ce`itr5bsj-<plZ!|mtVu}k$N*Wu2oOcgipoJvyPA9`hCgYz{C*quhA!pl)V
zyPU;JvvEgQB+Lxmb>yMm&nt~#vut&-%FsH7EBO!k-GbqvF2OD(ALwP+58utTbhj+f
z4_%J!mkf1%`%+!=eR}@*gSqZY;(m>5uI8~XRzGl@`;+F*-u+zD=ls!2<)bI(`#Sbw
zjo7`la<wb-XCKfH9b1!vsJS+e8iA+aXUVX}^x%ulBFRLcFEMIT;)brym7Y5fByL`1
znY+$yuaop0!)1eqU7z7CqM_wjJ`<kGPOHXMkFfHT-*+r|x4sj{W9?SIZk#w<n&`LA
zjG5HMI;QWwZdlk@hmDeU;VE8Ij<77<y>~d|=hBCl$T+S5^4siI2^Wpasmr+#8=F1(
zS9{Brwq{jIwlZCuU8%MD8Q_mjwqoq1?cJ<&)!xHX`Rs-Yo6TNP9oo;-P9yiMMc7-e
zkv&6lZ8_F^Enk_<w_sxJ%X{S=Y3-%LhuKB0*q<+}y6&y7cXw*}wbfegp2PEGPv2<h
ze|x7^zx1=TYOjsFZHXRUS)Mse^Q#^YJ*WMhl9sicUu@AGhpWoDdrQqm56`#NaWSr7
zmFGQ>9o}prn-?E06dzg%Yr8~uIsdLqYKQYyE_SQ${Lb}V#d~s>`Z>Q_eJg%DpU++Y
zJIj~zyVbYnap&`S9zr{R_cHws2WwVxbT)^q?C`c5Iq&wT%1yUF<!tg^$C4ipcl1x~
z$HFTktTmx}t(C@lt<|=AO>SDNgq8EQJ)!MAIdIz-+P+u&?OhJr<;v}NJrl3i>X)3v
zMA0|<#qfB${_r?dPx<>|V{o$?D+}{=hLiJip#Qk-*vln4^CJ0z8KRt{t*aa}D-m<Q
z*|NcRD_5GFy=#=2?b?<3HlET)doPW&_ZmgLx2weMJ>!P998dWtXt15{<x7k0d-T}W
z^6PtBzi;nlsrH`stl;H)+OsB@?`h9-HS)dMdurZKmof7q_Y7Nq_h-E*w%OF#)5J{E
zvq&P9Na{N!njJ2b{d#U@$>vf9yH*sEE2!ToLSeS$6YmiO<DG0-YMNeR8XkM+hBQfQ
zgtlA`%w;4gpL*^r98OIqMDyqSRR2OHn7>lxFVw}e*D8d957_jr%%(TC)sMexTn_Wd
z-leu3bcK>8Q>(R^OM$EOu4Dml#oh~&kM2F9$XR+_xonMU<+3I1%4N&N_OKJ}mxHZP
zYVWq7VYO1_>U;F4ts;UIO6@IuP`XN6MJ;W^{?52|riFx+%B_Z0o8VV3SsGpet=e1-
z*V%%<YMW(~6?-pVS)ruMH>-_37kXB0bG5N+v#_|LoU4spo2!q#(7R&q75-K%StwqC
zA)@)!*d%33Q!BSyx>~vHYOG3zwh+2vyHCK?<9oAp+KpfDuY7sp%I$AQxl^mjlbeK6
zcG!2FveUln6lPBEU$#QezH7Ava9{FeNqT={Qm5>*?|y1T`>wNJeUq*HW8eLhpR9<t
z;Ag+%=L7p4i#j!yeWBn+484h3<<mD&t2D9iT2IQ0_GKgEsyh4bscp@=iCQ<O_d?N4
z^mTLNs+e^XeeIWv=)FaTefQO3#7)$?89dpfvVU!~Y4%M>cr(~&Q}~<ctFUqCR9iY}
zlk`JvbIu{RO%L^Iez~8>vOUY&cb(O2V)-T+yw{d{t}x>HS~u6%YWAP+s~GtvBwWq@
z^L?!rVS25my%i$TSibbOukxj_eU&d=?W=rgX<y|_KQlK`@3dBuC3}l|E_RKN54U7&
zJ*8bFYPWIs%W^J3xG-$luRly+c`L&`->O!omnE`DJ#4PBiZk9f;G)93gu}vPeU~nP
z@37oi*4^Pu*>Q(6Ww9O3l&*I;Q&DAyGZi^*Y-E^Sify;;?{Mx3+_mGmYV*c+inM9Q
z92RLFu;U#h7F)+nMY+hhy%}QRVqe$ubW=}5Nt^STJuGg_kgZL&aMaJt*{VOg4mlii
zvD4)kt9@1lbNR=^nBJ+2;?BNZ3(ll_xAZz+x^EgtJM%w$(=RCvcev<i!<lx5V^$Yu
zAOHQu!u9s=Y2RRW4?gL!+a}H2xa87u=jOZ@uJ&E05V!9-g~ff<VU_*Lrp|t4Q>SEm
zIGBTjam|&6XilrGR9kYdEV<sFtmAnvDckqzxxH6w?Y;P~y_c`G_ws|U%(Kg~rS%iF
z3Os)Y)7iq;)k2bW>FK)m;zhe$LS9?=3D0FcxfEhO{dBeLCqS)|yU^+~32w!e^OqTi
zc2n<^A(yr6B8+FbZPvw+{!o*JmQL)Xb8Fomg`G`H!=B|>hc#G_6}%U-+!n8{Guxl)
z-1aB7iFXeV?Jh-obkouJiq(v4l+R`)HAl2$g+31=DO=x;RpeWhqb=Mbm{v&ZVcsR{
z`gXq5-XSWe%X=ZJt;-l^#?<8?ms@f&2Cu!Y5o)9O{I;}RXSP2TA|H9V+4!BZy31kX
z4W^xw@MF70@$vbRIB=e;UMs9@|BPe(_$=gP;|reJtj#4Zxc3bs<Bc_qgCEF97e|(x
zEr;98KH9kIQ%2&LPeznarJ?OlG~dgW=5MTV^VhV44gKpjsJiWjPug2vDr?BWK%wcO
zw4?vNozA(SRV&r+*)cZR8f){MO-?qa^#=rGv!&a>a=j{B9J=4(jP@X$_Ff2iz*aJG
zq;GFY{`0wN*A~y=bb825O)gCK4X``iP(}M|&rY|t=H|Kap3ueXTr#MBCt_{&IOQ^{
ze%yT5xBV>E>Rb7mz1vnx^EKmZ7b1Usnp^d<eVanIkzcL{t=TT)p&xz3W7NY^+U{53
zWP-N+utiDv(xODmd+b-^e!1A|V%;hb2F$fQBXxdQz$+j3x6LOfcEYm=?7>*u7+$Gd
zA$%9lAKNq1LT1aim$Srt*;alf8HzO*@}%xNvtuf0cf56azGU;>727QdR&3YUONx`L
z*&wBxCiYol|9#XL_Sr}AQp=e3vL`PxYJY`+eb=e6?7L2lX5V%8Kc1Fj?X#bDyV$<#
z?0-B@R;*anFM5R8+mhSa#fpAWG5+rF6eIf??r)UsW&G{ofsLcW2{s-<xIFeu<q8e$
zxA(lZ@N(mG;o!#S(#MU@C4Kw6%`rDV_wtVS@;*<?mxMRUSJu%!(?ahz$Q_UOb{y~R
z_}ts^xwo^etJbE^T^^r%J3jYzeD3Y|JZ(qTKqrn@#&qLz#oaslaqrV_HHOK#>iy1X
z$tqiqmZNo#$!qVo=RKqEpGn<6m(+Lm&)QO#MypJFuaUI(8by1r5w!P`zP*>^?OpC0
zYn2q+pSm2qzno9s+kG@Sd@ecGtu3l^dh$*V-<|hP9`EGwP9E>%IbBlIf%mHSrPXFW
zn=L<*1KE=Kxx%&g+@><S<!F1JbNOc4UA7^8$C=c^Pwy_9@0_UYHn*)MM>GG~vBlR`
zllhezxm$O}N6+lq>eu$$>c!G-eqO{LslG}vn_ccWhAXS}_A~YI)<@UJ7Yl<sj^)>1
zE0pauqdl>MhNfBQVh=6Hu5F6TGWU0CJ>aFbQe?BdEIPLmBzqm_2`6f27_U0Bg9O%`
zW}j|Cjwwpt8P>kG>KNVDlAl?!3P7ShBa{K#wr`$c7DB=uM*N`B?A%V>)N*pK66t$#
z>*7~`_7S{V+O~c&wz`A-`|8V$2w5*#?nCCwZ!YDqpu^6=ML#ceys{cPcIJsW418rj
z8XQNpY`(w8nC@}=z;D(q!B=YB*$Phs!%M4;Xmd&JC751u6Mb4+jq{sD>Vbu%Ki?RA
zd)4)oRduIke~`;^zHWWomOe@+ukA-CVH-F5WcGixZFgRxn^*TE@2s76@QIr1XXUZ~
zAXHyf4__^_*|6em8L7MT*k&Vt)8C!ZUtbGY<tkqGS;>awI9B&pm9Oh(9~fFu|GniE
z5Od$xC*Cx@=1>^=(rOs$z46}J7CKVr7~}QTP_%cuODtF$=)(@nv^rc|wdZBrxdVbr
zgY%_t;ODOK+>K+`_A5iLdA2;|ty=vSFUR~~2dVD*jq+tHcw@<7#hZ>s<_|~j!OHbG
z!an|K`5xbgdzYWbQTx?I+RuoVW$(?07vxF#o#pB64J*dyQ9n1Ahc+p1@7Y`F;q}%0
z>_TNfvJ5w@$(pjRnA_XOylKwYj=GANTAtNbz18#Wc4OS=m=}%t*odLkSz&qB(iv$<
zY}w}C8`fA+D{f7*x_f0NFPQSslD>|1mblT|irIR%INi8?&^;hszpUbi+~==IHG7{R
z<68@*7xK~j7Rz=2AFi#2lgK!gYcWIZ_*tTxC6X@IFC2V*HSgV9WAi%LL4yxPGak9H
zlkSHVBTJXb{ON49mK(G4;OT2SS@7Q6syqI4Wipkz67cJM%oR_w0QUe*AMrB1Ie&gO
zCc`(sx03{4yT0)0`qNgw6}>dQVurn6yDy2J_qp0+wW?orva;uMt-aJucv;bDD@~Jc
zr)JL8s!ZFLp{ySn&RSgR)(TSFm$B?zTL;_mY+HkF*E^Thbxp5HwM+e4HQMoPyBfQr
z)U_V9<GC99E>cB{yOoGW_bRb_FWM*>cacMhT20%f1S{3L+#V&$wtJM=UDEA+g1fY#
z#O}Q)v3oCa@v`<Vy=3ir*!qXLeDqXX;`R$Smb$Y^z;<k~urbmxzoKoi<mt9(qO9MY
zQPaYtqwdJ`)1b<D;#+=c+k&UXa_=_J__Y(i$(;-Q>bi6Xz%JPPZILtWTe-?dEuPK{
z&edgN6M?w)s}kO$)|`L3ggM<rBzi=&3j1{Z^Ih4pz(+0KN2xta#w=LxTff_tZ>OuV
z*%3wq_K;ak*74IdBIOuQ8D_E)ZQq4m<;-IAF%BK}ddjQks?rm!wsP9m#?wt-(Kfh%
z4LN|TaK81s&;WNDbn(Xtr&HCXm8a^6?HHQX5i><J;z6iagV1z0DZz=80p>lIY8>r|
z4<_L=7*!4y4f7)v&LC(E)O8U31!d7cK|9JQ!a$TFZ2tj!L*#}Zv2Y))=8Af@ewUKb
zMXt9{Co}P<95+_u<9}X5B#tV@sK$;cv=I-5((acK8ki^xk2wR`G{%ft&2=9dPFocP
zB3uw)<U~qy@CARJi$V@@fPfivnGxif5)yrbJY7I3A|bT%1{A(iqPvm-8n*LsN)ohf
z^IN|g`|=pJr?p)3;h`#c=z!{kjdKvmF|Py*hh@)=VX6@mYtulK^9d?57^2Z{YU?Ee
zXMhO>rMZtzI644%^uat4CR9ZmG-L3z2@0VkO30-zbi~94)-I`il)~x$qtjfGa9snW
zXHaYSBRwNvKBK^Iz#0@JPz5cH#QhUN=>gn>O+ZhCWvHMCqM$KOqz83E?sUhPbOs2}
zuO%qf?r{3W?Nt5?)kYxnSe*l$ll7E5ONyT9W8?RQ`uz1ec6M01iCWLyRISZn?V0^c
z_$xIz{ta^8blsA6;a7lOtO>U#qjo(lZu2zp9p3+HOc?g3W`OUe_nq+>h$)z!X&61;
z&Df$rfS+&~zH@}p8CY%K0|Br2PHPOV7N6!+q+$NV^Sp~SWJvHM8?G@hp8yP<g}H@a
zkjcM10wt{k%ppdROgYd2GZ0h*NgA_OloSz-S4k4+EzyF+j--vq9pLx&!fSd(5?a%i
zv1%bSZUoT@8Q36cX3`10;W@l#jGQKV4&dXpdf-fs(V+Y>It*j_M*3JIVL?r7Z4_}e
z7SW$x=r+-;pLLwh=tVeT4?0si_VC_A40)9d)6;RBzPLp(jZ*-1YlISo#|UHSNifoU
z)XBUCp;_=u*a&FVBZR=(TZ~~1IjRW|l+aUvMyaIHN~J73!FXwtjf}S!S4lx6M2L_X
z%jHb46zWgphu>(8;070w=-4-+#Mf9<J6*W=m7YifF=I9yuY)FSM-^T>;p$aAJ{d2e
zzMQ4{L{pMbrg27@JWe}gV%d<r(QC&!lK8AWxPc>O6PMKu9-ti(;*C5g2BdUnyyhR1
zI;R!d#S?n*7gk`*;E^Thlf2BWFD<5q5gHBDr3JQ1`!of&X(zUImY%vC319$3f6m4~
zv<@Wn#7eZ0a~XZmq8-*#Q;S+Q{(w*Kv;<9H&o(u)05)F?gIXz6ca#t?L~$7^5fB!j
zP(FipBjgC<Fk4(Y6c}~$w3wQj8KA2#$rLbldJecLk+SuwRdDNs5S1A$pNYDnut**_
zP<DW$ZOTY_ax;ZiNQxk$G)jt*9M^ZC7-tAGq=%@UE{s`i@I)}a2TuCIDmem<`ZR8}
zV|>ob6uqwiCQ_@X=e)BAIqAT^xMS+-hbEMWrutY}3<#X}j}^$Ng;+p~#?;-)2%>lH
z1ZZ9B!HIJ|DaWc%6Ut_3eMJXhNB9ZoTVl*qio{C^k*YyAQK8(R0!805EIt~4h)F0A
zptMDN;Bh4A4#<>=^1@A2#6%I98Vnswhxfk{w}mt)34_OGeME#-J>!jSU`G={LeQu-
z9ED_KflgOih!d*E`s~HyAi!|7>lodV$q+&}+R%S!j`GxtVpt{qn`7}NQshkRtH)4N
za79geq;Ml9u@R;1<i4!0ZCWvMGQcFFiFruO1dipnRv9aP5R>YWKA}!&>erjv=rJ@#
z3OxkRBx2g=GXV=o;=xQyst{y)qyy)fmgID&J+eklvh#oKq<?<l94+XbEqzlL_(&Y>
zL`%vVDag@DWTxp(w&BzCtLKz7s#-opx-l%{8$4xDQcP)3&HzqaPty@6u!x$~Fn}(C
zj)Lb<C1X*CVR`3@9lBaqkDwG6F9SQ^V^$^gPZ9>;TNK6=z8ReNz$+lq6NRNr`U6n?
zYgvEVAL-ZFed~dQNjnf3E+C`oNYmYf+@uABI4pqXEZIVYdJeb|pgMYrag7*}b$Me-
zlE$U<%q}D(d0Ox}T8Yk#Ub`7p$Tc7cyc{1jN7uANPuk-)9q2$vnhw?2lKf#y#~}iC
z*pf{2uOAu+Aj6~GeJl_EE(IxUFuE{6cqD)Z2&I!G51MBTO@fb(3@DL9eH|*>LBmW0
zilUSUO0cAsK2XP;0W31;VLSa`0lGGhpjjiDg(G8$PNF?{A#m(NR82*^uFcSz+U%oS
z{$t>&8I-bxBamfSEI~zlMXyvA{KP+DGcFzNM`k@6x-;rVny6ZP@j+6@axA6aNTZFk
z8R8)`d9_F`^@4q4P?A=H040=WB$$FMt!AuB`R+AZ4G74`pjx91-{V2?W~D-!Aw46Y
z1)7R?(!66dM?+fS!`ky*3lMG$kujtk=|i?`4j!Znis=rdXx&(}t{qk}4n5LNzAI-0
z!9AU*MV?qN-{>i@u0@-Z%a%mQzT<+;K5JP1*k2zvmRye6+v-`7uIY|TBp2(*yLFAq
zb@*?$>&AB9&F-&l%O|xfBD;L;%XoXG=Sqw_(p(jV;^C-k>{q6Hf$qrF>pZZ1@dpoP
zcj4Jf;2O6jFHa!IZx9Zf^E&`~xqf}!9=^A3{E)gw@A|Rm{^;g5zQ^X<xZKM8#*G~=
zGo>H+R<$_YQytyeP1#zzHr00aOSy~CV^)8ob`HBXZ}*h<{J4C-`tKV2*XkH6jXzkC
z2g6(Jqo=;h$&bO#TCM+%WZ%h<y)zz#-|sVQ((PF9Tx-vdh0yaty>=xt_o%o^oBIM?
z2hDvqwZ3|CUZTxvDUYGf4ugd@AMKBH?w0O%DV`{tWY2g;bE59%oNt}Hc1mU`RNMNq
zt2=d+*Ipa-!b5WxYtLxuPHkMdVShh9J*#c#`)b>3litRC*TX_zJC|*;E&LpJ%JVf3
ze0K-bk`aA=nMCi^0_$6)6F>R0tp4JU6*LJh&hN&W?%(QntH$4UZ-1ikeYAP0B<2%&
z2E{I8{<Y0kF82X@;D3KmejZ`$UgVCXSDMH9>7wk_;epF`V=9-Ct-Uy}(fzj(51U6d
z8IIRNH4d1UXri&lb}M0I9vPkoHrLNjE_mB+wVPbetTMjE=QFgr3%^Gzir6*OpE|q@
zZIiJr)L$&W=#jBY>%Si4Kf7OW8A2D^TxRjs-U6E})=lrrS{TmGYjQueTmNU~W611y
z!an^6sKj3U7E8QXpZzd)BJw+RFZd&citMx<?-O?izE*N~esp)W*m}6UynbTR<ApGH
z%J(vM{O`Mm^Q+jZM`xp0rsIrtUe7NLuU7sbLaG-F@vgV(=SJ+vb2LAM*6QEa^A^4l
ze09AI_eICE@gq7N>Mn_VV%N8ueEBi8?D~6W7+xIjVVZxI)2XKO)StcMOnkRHPlWwW
zwd@CQ{`1NpWwzh0?D9g5=!Sglu5f#%<k;E6CEJxRi^8I=+*T~EW&M>)%kX#qK}S39
zDqGw2Cq$L0_1!(olw^CBsa<1xmZ=>BdzPsTWY02{r?;nO?3Bl3?4_X<N|laQC{<co
zp;YN<g;J%d6-t$^Rwz~4T6jW&Y_4Z?-naKNu2inZxl*|r=}P5ltSgnP(XLc()$tZW
z_H2(=mi1RES9-bc8<i=3W#;)=c&$Bg<KYYK+zZ7EcJ^jBcR!26+H-2I;T`Oj=a(cG
zNM05uG+*$95PaW%(#cOiU8*e5&w##I$MIyI71#R|RjySTKdV&pz^`QYaGvlr&Qg^6
z_6=UbVT;cknV+@jEBAf6Q!;XiEcsE1ML&(-;S_5cmX7+5apY6xke)k~Po>rE&*tmH
z(HCl*7h2s<m#k%*8&BucUf46OXOF2>3E!=0G+Uk;f8XJFJ=f`Pme#aqKIXYmUo9P&
zv1L#6wK`TmS$d||F<KdDB9Es7rF5Uocp{4@8OY?ts^QsHYswN9YJa|GzVIN5$$9%-
ztH-M^`2i&P!BJ9QY2O@IwtpA5hPs>43?uhwUaWG)QO6%K|C-L-a&O1tY<9SphUi7a
zyI8O0WF#2Qe4*a`vPFJ4EBeb!Fs=2c7EYhab-Z@IuRUn@Jv>KR`0=w;e)Lh>SBJID
zaTP;f`kwxd#dIFs+sQMD`ZIwl6Z*=sHr{RXNm5SRNZp`1GjMvAGntd~(oYtaJdwwm
z&?oEF`iBUOD~1Pl>#4S<Jj*-vXms&t)}gVEA$@0@<}-HqCkv|9kAAs+w$8to>fiJA
zZ#Y<OKKNXXL=8W9_jt`daz_Z3(Q?(he#nB`6E$W0%m4R$^=no5Y`uS~UeA?7o~ief
z<$O=qyQQ~J*XJke3}-#p2KGeJkmWy%mCx7FC+oYV!Bh3^$@+V$%6+=MZ`QlEvh01X
zN^NfUrp#t*Ppw+Qe$^81r|QV3wp+<^t(GhhT3kdEmj1E;|Ea3KS*1^voR(58=RV)Q
zt6@?6yA+%C%@^v|Pc&ft(a@}O5=({6cGUXhQ}x-;^BLgjR_@dF>4p02IdfULbo^``
zJ6G>=J|bv`3Mql*sp+XYqQ>y*nR@cw<&xy-@=2dgm*qVR?~N+|Mh)qW!hvkk_pFb8
zsy;taC7-C0pQ=Abd7?0A_4sn#wSA>ZpQ#o;U4QDGs-xDCuU4<tbx*douGHs~b>?K%
z>=!pLS8J!MT$FvP&J?phVnvsa`03qiRZHu+=3#~Ya_jX>of#f|tj<`0rC0LM0BuJ8
zE3FMoe|lJZG^@l}>%Cm1b9IXGtYu@UH|rnChm)&GKyGWsl^IrzRpc<jt0irXa_jfO
z;Z&IoUUSt00xdxEyeJu#DDX_3fxBD@{d5`p$p!@G?HGTq+A{Q~8%TWWmpERiQb9NG
z3BZ`vlDFk+Dh8cX)g}aQw$}Zs`0#2j5jX}&m|?SO=yNZR(B^a1qE<nVnQZcH1AnrH
zNN3O0A@1~aH4fQCAzIexz2>TgGEq~88LVrbCva$v2Q{vAWLWB0Yk#VQWhY8N4UiC$
zqarQADW5uB?LF5d7+$4JUYS?3G2cjcs$}J5xv0xTdn==|j|`kU6Xdz3Y5HU-_GSl+
z7u&wjj_B}Hb%g5>;Q9Ja`!Ew$<N64|`wP_?1S#V)1rt^67pfF4d!e;MWvE15>Vd@6
z9xlI8Zbyk!uUGEpi0@bG2-tI;H|q#&CN)DB$ioE^Wb$O4cLp7tuFtuk#wCZ#r>YGm
zezU$I4F;jsr|bAr+jW&;9Mf4QQYx3&AQa6YlMo3hoFkdz!$~7nm*k-kdL)b5PuH=l
z^^Fn9Ry9sN*3P0FI7LW#q~Pi5`N`_Zuc0H#c#WfL_0TQ#^@KdG)j6L@VZ7I>f5aMi
z(@0J2&+J#Sv{v!s49QlP56xVu@uQmm9@?KT$RQ2D64*ov{w53xwM+q&;6O19`CNSi
z$1tp@a=Ok6p@Oeku7U}_f~E)tL@(4a-}zHK63D{fjFP|zIDYJwLbXrnV2S+jffi0T
zxj?q^msc4t=>h1+^Eps@loarD!8VbVvoHy7kF-96H2F|bQ%o*o8=N5vq%gwad7kLa
zTMaB{se`}v%YfZqWh|K1AiA2<dA#?DYK3UdAuT;pi{Uc~>=*(w$b&F$2E;c7E+myw
zxriUU4R6Dqz|1Qlm)F4`))h4jnR2hx8NLLgd{Z#x>G6z&<u|H^L{%t%s$Lz1dg$%B
z&+s<S=Mh({4YI?UKX}&~?3+e<5DcG}RH(0P0=j_9?AMw+*o3e0Y^`AhAs%_t^Kd5I
zLLMyy-IwbVPgH_t9Y53hp$C*-p8X8Ze!6)uPd6&x$Y-qa_A}M4V|wMWO4Wqo8TMmu
ziHbCa7FaW!WVC8(Q7QyCIEO8Uvo|NPHlC`s%5Tr!oZON+`ULPlqfDU5W{c;laRU|x
z64893a**Wn${K>G#@yIJ*r!m+7PS+Q_#o(T7?1@{y<h{pz$5~U+*4FN+j{1&2|k?V
zxjM^})c{L1xEtp22mbmOthDZki~+Bxd9seyFe_H;g>jR5CsaljBNK4RrmjB7!Wqxj
z>(ll9)Ab2e%EqzQw&D!R043!SRq{a$Vp1IRi;slWfEX)RI$2$cd&p54I1=GtDbyPA
zkzh(Ir4QDJKbR)2p46l)oS+>>qkaR^VhjWE`scsepbDlIBdJy*#b8QMx5#iE)UMU3
zPuDv)Wm9gi5NG8kX$s|7<A~d;t{!*ck|={11{xx9j&nvqT+6^ig~T{n^~+7Ru1nU8
zSd7IXI#&@a@tP<vIEk_eOd)k*ovyRd?X@Z+jW-P717iS|QxGuOkfHHo8pTO;JDk-M
z9>!+uz<<b+_$?1`mamg28&5DI24TTr^Rae3wvbySGYThzyZY3^GMGk7eyjm=8}q4J
zynqs)jaLT2G%^(m75Teqlp}Arj*Xc>Mm3!OSw|x4BG+)9TsJ?Sgk_f5UQmD@(LP3z
zswN-jP|3UlUikvtNN*F)l9R-M$@g(Ul4#7(GX;L_Tk;C#H|>xZX7(r;o-KC}beWyc
zXR1T7@)``o%`gVH?~0Zf2<+P8gm}VSBQp(iPgut=$(@we4l{9395cM?d=hxz;NFsR
z1midt&}JZ;z7dNhk+7?=gdcHo%{jAD<0Qd|M**s$OBNsyB_K7bKUc%#X$C6YQa)33
z93pd3*E}zQ0-MNg1O>wIH>D^P6QK<%3!CU$=0gHXW@1A(kHk1s=Q!m$ryO%fI)MrG
z7>`gO^&>Ur6=29q<s@YyRO5Acl^NBwC_#z7Q<Wu<WK0rTDkm=`8*{Y4H#7BPexa+T
z|JT2psLAeGgFy?)RiP1KAr?bA*(yog5)LGRViEE%K!i?w$b|IxL8v&^grCGqlL=-s
zfM5&i8Hw66XjEtzn^i{aV-o5osiDA@sAeE2lUc>@%(f{AIQWJ(8G$U?rapgSrB8sv
z_{JbG83CmtDOypJ(kL4|608J5;Gl4-_MMKR3or<d=?Dzf_Ia~f<8vSfrZ1FXnT>>e
zMSG;umLAw3dN3MM#fbS4IgQsp{znQvc(%5F-p#O@Qb{9>2v>>p&Y4DV<|xNhUxyr1
z%s@?{0K#Ym8T1^0P#m9;pfk)b(V+;vh{vWs#EB}E<{wnUcLY&pp!_IJeh`#qUICVj
znpBSQl5rRhe1j0rV^Xd9qh@BM+GH{$VmKZZ)2j>CjLe)dB7m8#09$ep01Dq|DR~7r
z;S^MsDOj{b%S_XgJ)ez*UZYcnCm}h>tv*c{MZ8`@CL+qP$V|taOp1~`oZiWlC?3Bj
zB?b)Da$fwU254hT{cAUCT<M=v0W3Qy$%(<sI9Nu1m?xiEh@ROBN{pVP4Zq!S#znd-
zaymQ}MollqkP_M^v!Ee4=RR=6KA;aFbQ3-WabsXt`hu#=Nb8bjTeAzx>Lsii-Eaun
zMLE&(-s7yP_x5;_ZnI{vA`GJ<l4^~-Nw>Ku4bwRL8V{VZ8;fVM&PSqOnJo|TEk4E$
zJjBF*6>Ef2lR@i6ZO)&(8qu%}q*YF`_5E%jVk*j6h?4~}N>6T(P{k~9a}6au=QaSz
zWe`CeE!-W~(H`S-AEv@WdNcSQ00Y3~!ml#yWdp1b)(4n52%U@DLWz!b3NJLo2atYe
zHv+O0@4z&yg5zM)q)XburaX(?Q!;D`4Z;dv;~DY4qVlbuMBlncYIM@$sP5>OIG~g%
z45z^6iC$n~B7?p<d;pkuiA(IjR*BEtfyf}qmZ4+xmq-$^wWyp`VNhW^0~uZ=xRAhJ
zVtoj3by`490beA(p#a(f8-w$SF98HGd<*~L0$O&=XStMbO6Q$z=sM9%{jh+x3=>0A
z21eD2p~l<zr+8pU!mHq#Fi%~+xkx0I@D$O4$r1xFR6L%4iAwl56L=h*bt;38AM-io
zJz8NK0g5;s=hh%VDMm!@$^KLX5vt0deV0+O1si4}Z5YBBU1xZZgplL|+R>5(Rr_qL
zoPb7n0nxA|10g9mQMwk58igj%NC4z>dlMz|F_m`pU<^!wz=y5>DK5YY$r%VM8h|a$
zCp-44E8@x<P?AOf(s!{3cG!kGC@u+?);O18J4-zj$LkT5(wQ4r`4@pPqEdKPuiB0a
zVSrdy?gL9n`LF}Wje_DLtEgtyjWVk4BAl~S-WBAq^abpRBsr0!v2{GrX9FNS!Gj4F
zPD&Nm&?Tbd*WhSyutVX=NMR#W2Po1uOEEw)V2mE+C(+Tqx>$t?P^rMoDY9G(D~z;R
z!})jJ-U`qr$R}})$U+100gi>(DH)!mJDF6Utx*G^<dC{IEM4+!p(h^iv$m4k@zG$!
zAb7nnM77})xZ|}Z-cc>?z%lR?Balt*$6?jPMvM`{h6HMeg3;&jYFs7DY*ekUWWEd%
zZs?gWH->9S3k5)zk?Tn>LfN(=iOVvEoOH`KT%ci51dyPD(7sF3I2h$1OAhBe3npzQ
zJVazJ#~@sU%c-dhdvhpGAcdlKN`%4Si|W)@J_(y-GijkZzQw_nWO_IXnmc(?X{6Gd
zR<?%?7iok5*jW=;oBxU!AR88E#Xb#GmO?mC7@MXAI&Ol{oQ<Oxsv&8~kYo!oUWzqj
z770cTGS-1DB6B3A)D>sAj5Zu&9=$LFgK1Bn=^=A2W=Y&&?V6%pe>iTF6eSi-@N?QA
z5~2u1i#^fgI7xsBsYwtvbe(fRf+m=PUsNRo2R*tcoL3P79cLPr7-OJX)F+kb4HnU-
zez}XI0(Pb*Q5FdxkYUWj6LI2-`XB-HI1^gepA3<6BnDzGOk_NWU54U_0L=`+ZK5g}
zfFs6D#LN0ayoUCS1ETo|86b3`c!S_3x-u}1q#*-DxXwa^h9q4?&^V4k)n+5=W}4oE
zI%Os2Aa>e`>k)?t-X#M)vtUHX;x^0$dwO9Y{Kx=UNh?VZJC_(9)lh0&41^qu%aSk%
zHbd9Gm`XZez*@$mHn|*yTt|lMzaM<kA6@g-unRF@2F?UiVbxH$g_4+swqcqgu}oZ-
zB@H#vjhlvsAx=2fGFBsKcVWokfN?r>DbD#PHDCl-@rew=Ij@i|=CVJTs3R*?S|S59
z8WE%F3l2#fSLQc7fZC1R83_j0jy#x<qIeZlXEDO~&<Rj5ht!1UXpbg@1+-v<S-5mw
zI)e#$t#LUbNFYGK)FRMe1i-<e$tIsG|1eUrMKeq(5G7pFC4+}uVg*_UA0U*_7+ca^
zGFFS-@WgSN0C0l$2mnviz=?T;L=;HOfYFZTs4Te6v?j41`Y2YnVO8M*eWXR7Fg;($
z;vB_bcwRw?l+A1*IORlS@YAQEG9>dSEK-bkqD?Xa2yYT#)q#5ENY=vG%7#|7B&w+A
zC^M)LgE=Bu!V<IsSd7Jhyq65o7rp6$U-M>!n&~$weP=>UVswG9@scwXDW76;^cN<o
zwU77D#XqSV_LI&~AbWFeHipvpPQn~AGbHD;S{k~7x2WDgGDl%3YDGf{j$XAE(<Vys
zEC}q8M5L1Dz<xlHSVCH6hd=UC3;&7|4G|TC6(CW!5hUQN1v*K&ct_YhkwJ~*Bj7+n
z<2D*{1ghXfdcHyBOdU?}Js<+rEC=#Iq?~!M9Eq%akVl2V_@<Twe89qUSq;hJL1tq7
z(3nEINfo$8dNdxg(1(BVS8_W~=0voFp3DGfimkz@PhMpA91+AY60K>O^=N|(*jhPq
zI;IV2tiEW?7_mikNE6}p5CD5=4|Z5zZ!|;}?Qx)_Q8$2@n8xq;JToLtVhCPIAg{0=
z4@fG*_{saTETXm=xPX5$BawYmkJ@|mPOb-1{`fXfX-(PmrLFX2=>?}y1P&5*n1iCY
z5hG9`5aFQiy#Xo)ArHuCoAQl?`vE3M1jrZzZ6|LCXJ|9mcjDJ*n4@r0WDZ0Li{VHP
zjuiziaswpoB}_z0{eTe%2?&gvT#T78Aj&6y217<e1IA!HoRVg_A3f2H7HBW*84YJr
z5f@>d1W7%yD*4$~Xa<f1L*I-57Lq!ER^$(u_3aE>Y+v+)EAfgcd_tWW8pAQISSOYn
zPL}cvm8aqbqQf!|VlEl7Qob`000=P{1ZPkbWAaR|nMqN-Adu83`AIyQzkwQd(2oGY
zM2Y5x3#|MR6d06Z^`{5WV)g_ea80Df1M1ak%2E5)-9g|UgLYTnU7u`w+3kq86TTh0
z((itEm!G}!<6Z2>+l6lTNcfcd6LQaZzYC$?A@E+Eb;rTt{S_|syHM`8fOCgrTKak&
z&pjQvv+u2TcD&R78`Z1(1g5__UOVp}o3>=nzYP(+o!L9ztMu!hc;H@-+<oZt@%qa%
z1ioI{nY}NC{O-QF(E9ForJS#0dGf)<8e{sbdsv>C-cg-93XYdOE|%`cdk^$A-f17L
z{o=6pnPqj8+^<ysF)~e`JMmJ<e13auw9s|ZEPUCX?fv|Ne^z?4um_jOE89G5KkHk(
zWX{glvedUA6H2i=&p?VHKIw?qiJX*15WFP>BFZ}FpV+{=l;V|e9|HA_Hz#qFWALD1
z-{YFqf${D3?@IMRDt?v3(cT_jd!=NvZH0U`sytPn&(!-H^@&yzQ%P&<${SUhHu=w$
zYAd>oCWmWACNEOv@^-s#wDHP}v@f*SH27w<tk*YM`<J(C(a@W9#7JzH$tD-uVcu+V
z)7EagLbacCm1VFZtLEB(y5=4j)Mu=jYYh9<J-ykMn{7ihWMd>Pvbq3?Z?Cq$t4$-r
zW!j?6t991)q&J#$SL)jvb<`ahG<>DnP$KE><vJD{Y5PhY#mkrLAL*eiTY{i7x@Q+>
zZ3tx1YgJCWP|EhS&U!r@+eXCNSLzRr_0Q^f2z%SYWGw7zOEldZHD1>jjS7$K1Xow<
zGoPUwxsbLUi7&C~)he%rjJ(qKedFFHDIR*YS|bh3=ROjWzz+Sx7JQawF4H@U+v>y$
z^k^FyKd|`<=HtOo8)Van*u;mOzgpk)%2sT4wY^IWY7B*YUTkc1P204=X6C-otz}$7
zR@!hpeqxh3i#=U`bWE?=1O~fs&oVCZUTHG;%$oet26#TCO`Cn6tj}6DDq|#{)-TuR
zu$D3NZuT4Avo&o$|EA@`AK?lJAWOG3d_x5PlV=#IbC}p>;bH4Thk%MX0NA@i+%oW{
z{wNp(lM8bUW=E+0CG(;T!!tDS)h#tC88X+V)J8qW{V4&Sq3EAY8B-;4mu3H^${WiU
zF~0{;+{TW>>{8^IF+574G!AK^73~;r%nVG7?d}E+?iCc(0t-46^ymus6RbFTxpQ6R
z=fb4X2I8^98+>Rt5}_{XAc!V}*zJwPm{hAAixu@DT>6G;jM%*;z5{7)Ipc7seRvh=
zIRp4Cf*|z5aY*QoW{lN1xCQx@NO`t{7Qw1gvwZ`4YAZTV_%jauM1Nc#jgkgN)8Cag
zUfQEIHssz~;DV7WPG{8F_lYz@k{pKaL;AGE?P*Y8;Kt}F{avYc(E_JOb|Jiwd7-D-
zkX&>c7fYH=|AM+%2RTt%WPhWM(Ijf%A1r^lMiJYy+?(}{^!`X9tRxt_TgT{<GO%HY
z3x4565F`c9BtI+#JC4TR(A~9G%Dn<cY<x6WG`DXXPW_7icT!|Es1q(|LE=FkcBKcH
z!xUcWXm}5ED5o?_B2J?aYWbe9CLog8*!U#Guxd*3FyGL>5XHVciI+mCL`fhJ6ySts
z6cLvVF%=GD#{>XA3puO?oBm*e$H54#kx`J*GQXg8Y(bkw9ppJ4>D45k@j(DNTw1tV
zeM38)kpUxIt0Q=Z7PW;FXvcZu#?;}V_;)m>W^M5v2`-=J332}X{C7867=%V;Bh*ZV
zK+6#Tlxo0>(y50d#)K{|Fa13wc7bfDPgL<q958l>h-P6p=udPazEMLBtt7PJKPias
zbV>W{=va?YtP1%8wDZalZx0P6f0)<WZr|rMxcm1a4*T$vh#8}Fm8$uRG*gnud!!dh
zcVheCITI*ek?52NhP926cSys0Vn$x4rJf{(C8Po04e&Wuf)?_TwSu+e0Km-LIv$Xu
zhULbLlrTfZ;A;@-_N+)bW#m;%!nhf#VI&;(%t{DNdck4c1))`L<|q<jN+Bq@t@5BF
z^yn3(XYN$16|aQ`ce7VNXL*c5vV52DVtoW4Ergk|I9H&lR+HWUs_PuUh{8b9T8eDT
zRS^;)br61`m9l2!SZZWRkalZ6RjpdZ3@}~zLwMGDowtx@naYZhAQQPPepxxP@Mh8S
z`TCS=E%{dS*)OvQNl4!lEq#zZZrFEx2|z};Sv4Hvm;$pNEy(4Poc1j1*(Gc=&OcWz
z1(rRrGcqe<R-ufXWHdp?p)NWh0qFW%m-tEpt^=&{&l;5^NI!6(71#bqN$dKyVpY$N
zsaAc?5@9Zs=L#FCbKKfCB$Aij&(&w7lD3uBzE$cM>L}Z5HAu8XXuX_O=r~vIXl}DU
zE6vs!7Zh0s&lQ0LYW0kUCA+nfl0Y?$X%Wgu3lUkt%jg9q{qPj>s)M0vBFnbyS=)y8
zp<AOSsdpnFZ?wrWtQcA?bXBX6mGHe;XCTKCF8)8;UaeC?HmgfJaw!U*Sf9+51#A#c
zGKMZIzt>k%PC8Iu+jQoV6|}qRKq`y0^k98eS)ZYbBrZwQEgk17sYPU~sj+Q*oF~B(
zE3;+1ILQfl<Hc~o+w_quBIKnX;YDv45XTu|_D;YmUGfoQAbEBWoUP+lhp|QWE3hCW
z55K0xSfADTy1LQ^GIex8E}gS>F8qaYXbToFpv80x{#l1M&b01=DsD46sN&&pMOGtJ
z2jjsnM3@O{g_mInY@vj@Mi9>}?<m=WYiZ18s~2yfJ$z+stj3=lVXw#-B;y?8rE4ua
z8|~GW#>-H-zklkpKIyS6ebFQP^Y!o>o$1F~1v%)MHAxJ=5WqenQ7&3Qvr>@8Uz{bK
z5Sz7kkqZa*y75pwu&t|-+TgQv!B6xIG5U1`FOf`3yo!%?28U)=q$3xhGQnh%tcH*j
zH?eX@HO&TX@PLnkEEa__-tUaMCjK;_3{BBv_<>hvi@5J%0?qL^-n0ti)1`L#1ly;5
zn%SRilStE(xWt;Yr*%=BU5wTlTw*1Pg?OwI{F=1h{mWGr*7MKBF?ztm{3N<#t&EdS
z^~ZL(z{Uc@Wj$sbcu1s#a`NGCXiMrFkECU?hL6H8c!5_2txB_1*tBwxw${bRunw!G
zE^qZs8+e~y={Kx`S4<jlXU0x?eol5h_(r<K&*8Gjx}Se|j>I^|2uxDwN{bn@$Oyyq
z$ricfsunx&66}EK)XP6-9d|6(iseVFb*{aN^ZlD6If|W%=`P2&f?AwI7vXsQ;h1<R
zPh=}xWZ?md_&U$yaTqHR3*XWZ?=5S$^>$v84JsH5?r52h%L<_YPb+Vn@I<b7JM2KQ
zabsX-*_I!Y7E9}e9@v*JV*vJ&jqpAkLc`cr{Kt1j#KUBfGMlV*!l2LTpR6>k#p>m2
zK^zWZKecEB+iB0M(zKan2BT9hHikE&HEJ3pDT&ycKGaF{R!47esH7Z7{J}7}7K)V}
zHB$D#YRSLkTu?@bqI}qwN9tW<hW})9*vweZwuOcLG0SY}<gplzR%yV<bM+Kng9$t+
zzQ>9*Q90;);SKi7<Q>|Rd(aeJvLc2FQz_RY6yzssqHE=#hzA?5c8o86=9AAfgu^W3
zXb0oTjaZIN*@cBz4W=B2PBswjolyej!+NBp^H`G1EX$VAM=qKOkF#<X#K@y9Ovck7
zf~NGB7JY~C;6oOtEDsPf&(+wBoi*u!)@dj{E@EH{Qb2)LaYW(xz5O!Rl;w<w&S6u_
zvbsb>m?EhRFbu$Ayj>}tHoO-b!4Ch9bug5OZu~ILiu4gyGal{GOE^T{A@Z<Oa%a83
zR5(iwb%T8Gb+gZVI0O&j)|?9m^Be7uI&lWq!!MRFnjpi-aA2f1diKx<I~t!>!rj`6
z+{LkN@l*M*2)rfJq6NIoQnF>z%N(=}&HRXFpjnQiyjHP01O#V#haXZZp&dx{t+KWE
z9J$$lJcS?g0a7HNHja$cCnylV`BifAXjISf+~|xA{iA(4^f_GMGd%OnJ_p9unG@+f
zr5$lzdp@h*Kf|Q9>A^y`Pg(NPuBhOQ<2=@U5i1!V3-|dWy(SVsV@f%TU1MtzhLpGq
zGw~;WClb^gwJnmehrU=@Mk7Lo$!QZmC4%!L9>dx!o0u5gid`(t8)OT#M>3v~3`C?N
zhhD_Gnps$?LZiCp90s6yg_uTVRS3YC5fY3v0mPt)MEo(ab`s(^DG)NaR5~d*P;+|@
zC=>~R?KVG%6kYNj&!9mZs!4H7ck~Zo(Tv#3lMDd&(pvJ#t_dEYo7ARrJ<zar<98xC
zL@84?+4?{e<mEI`l}Qysj0upfQTfNoIUl1UZK9z+Mx_zXM_1@aCn2HeigxJKumoFl
zf~1KF;7v1_DzT2l5d;oIX4**H;=A!EOa^^S=zNsTd=Qez7<4I-I(WnYuo2zME%Hhg
zw2X0vtse(34jCg_)FeGbow@d;@+xIQ@=3kYO(qp+lR5O@IL&n@K-x)(4B6RQ77v8^
z4u%jDlTQGi*#IRgOc&YDr9pV<>`6C?kJyQ}c&<7;E#8}%w&;TI=};T=Z&o9(V^$HE
zIm0~Q-NZ|x$RpAb{Yj>>07VR*X1YLk5W{l>A3=<UAySv|AcU<9<R$2^1>7d-Nl5Af
zY18n4L_LT#uu2<=#|;UlbDeNuJfT2X924>xz~q%2q0eNwfZ;(A1YtaU412N~23D4B
zQil~nC$yN1n2w>DU<SwZ9`5r~vhx~6jZLunXpZnc!h(l)f(F-NJjpg;Sd8UhFF}^3
zaU*d<NEAoAlCKKlTR#O}<INxQaqMu6qAJo2-bWj{0)H_Rdpm<V5(m|YXw081o=rrH
z&~MyDeQt$r*f4WFZN;H*r+yOgNa&oh;8S8tzxZ?vuP9(7tb;j@m#!K+C@^$@K}5WO
zY&oHJGUa#NBm$9x7PoOM!3jhhO;W}aGS%gh31>;>qHifsTsLuuM+{s44A5ax&c|)&
zmTojckHk$@4#5Txr{Y3B;ZvEfD4jJ5AWLpdTl9%_#TBpAL^+vL$tHM!c*1W;;7<^s
zJg+dFOjUg5Nff({?}Vi=8ixZ2m}dz^Q4G@o2g;^BqHrwd1$s84W28k?Dv1@57==g%
z4TGsUchVsO6DG+tyaS8D;|%c(zhDnF*oN4DL}Z=N1?|ziW&nVZfWuKnm-j_$!hZCx
zJnR!CnV_Kpg82c>CF<lIPSbsC3QmRre1Icr2|_>!vO+4!LKOxG<!r3IZSjo@k;m;a
zHPejZ1d(v)!m+?ACe{dwXM?2VCVIiKdYQ<D4g(je=_z3nRN*$u3nVa9NeQThQ9_5f
zi5DPca&Y#VeA7O$6TN6T{Gel)O#Ys9C382zNIuljEq!GUidJI_jnk^Z$hf#Ch$YW3
z8}*5ZSd7)<R~!~lNRf!4j2@KXYY@+?sIl_xt$ziZ9Oy6WmE*AwF{lAq@*1Lp8sA9T
zj$JU5a~O_K(R^&fW{IpICJOOFh!N=jjROg=$)i+*Pe9`>#K>%mcB1cS1pw4d#?A)H
zCN<OnEOSI|&RaM-+GT6B(4(oKuBW8lzzL$f(qObl8WD$oh#VqO2F))?g~Rx%(&S>X
z8k)gijX=X^g>gJ!q#=6a&RL>FbBPjiTZ2*qmx#7HHApS=VIT?GbS4>()+7ittoKBT
z&~UP+_@SIef8+#qxwW!!i3C5AI!n4F7-Gl2jW1!X*eRijrg}q}vn3hjJD>~iI`BQj
z3rIwe$YDS2QBa^Hn-LXQnFtXgc|jr;PUF@5iXXxdzrua6z?0Y{R~P^=zN`<b4IW5A
z#k{nL`c*Axi`jS|MJdBj)E;n?H?vHtCA(fSPHlDF)OE^3M!9;sC=^ynk*g;-3b$bD
zgng~shpRuM4~vMH3<fSp5GtLa3DXTwah$!lG3^>3M;Dzu-a**n<nb+iX1z$9r)zy8
z1bsz+Y^hub9!yy<?QB2&nh-J_l#1%O6JFuUnga`y5C-L3iKG}NF`e6@(!4sGR1wuO
zCWVDc2qUpEuw+yOSDN_^I<0eaP(lwMy>aRSSna0*ALdHNCzygIqcRv{Cd3=F$pDEM
z2wgc3(wRCi>J3$LYmUtpSS!&dlbYa!WramHhXvThUp#?tn16&wcvl!#f{vD;!Jl5@
zK|B|kpdeTfXnBNG3m);TcqZsqrf@lEir0&+S#f3X@MDGuN6el~C-IP>3>;h-5H$e?
z*?D6^$^LqPY!V1Zh|dVM&Er7_5X4+~4-AU~>bg(}RHDPjl%sK@R2rCgBt`*8yc2?E
zHbIZ(k+<@W0bu--rCbG^JwoTa*BI#v(?r8r;p#~at8fLS*coGH^$KOPtKN!r@|0@=
z!V@?so|T9A9a@D*0Lf$kTKN=up*EyIXk^C(3Ac<7L<xsrW++lCekPXjb%brM!Jvc`
zp$snz4O&jRgDy}kQqhyw0GyfrqK#b>=DN&C-Nw!_7>?>=P9_(3!4y#N4UNT*l_WC_
z&<*!Ua+y2{*lw7@j7V$=Gh$0sQBe07N0R@A)7evZgn|VofE%PpSf8O9Gc!OqT{(lH
zSmI?C1<w?oR1SKyWl#*kvk6PK#GJ%bI1{}ZqTbHZTw*{X09f&B!{<F{*wjl;GANM-
znD7+uv$_=g1~#~dQiJ&<E>y<1%J?_gBi3QSM0qXo;7sB|v&;k3M$8gM$@m^|p6Md9
z(<HqmJBVKgoCrA!l#X(uP<C<_I-rXrdh`nzMyD;uwG!J7Z_||aIu^19$vQO6g=8Q2
z8SpTbOp4ZFiQ|Htv$T!jaT@pIs7dI!H7+9M_EWBtopypvx*PxyfLT>A5Zw}=AW48I
zOy|i>5g?kR3Ti`2%nHg>NO=B5v6KM12_HE}WW=Qf;9wkWGmV%C#N^>$fW(QS$eu-*
zf1qgUHzM`^vcXd^|84Ryi17k36DETPNMX%5nUZTu5<!bwBokm0E<_V_uQi6u92czQ
zEYA36TK;F659w+|moW-dK{N!38HwDy+EJ!S^ustwqaadQG)?J*qtrkI@x_QxWQYtD
zFVYqiGA(ET6V~#V)JALa<it>FiPz=0Z)4yP_pwt@Y&5k?8R#=7p<9WK;btKaedr$W
z#j8*u=QDVkr?~`d*%j1?O7KFT(5Q|Ug=?5crHOY0vwrh4iU8#76T{OFZ8~ZmMdw-1
zWWlUSWcEU<wB1CAABpGWV_?3K@DVbDuq5CpiK2}-CTDuyB^^wfqI({l1O*o5%#_dE
zQVwViwLx@gVZT+tmkGooV>eUCs$sG%T{8eghG&!A5R2J}9)9LPb!9)#zvdfYmIN0Y
z^zfCAXeFbdSd9Q2zl%Qb2#(^7x{hfATslSWG?4tr*tvvKF&QpWlW>@c4Z>BlraWyM
zXi&yQe9B@IdG!oq<^ftI4a_pQqlOP68~}~?1rXf#?*SfNX}HegXxhl=8&-?~HP9cT
zQHBS}@#qMel1?)yK=55ghdlg<G|&(aWnX~7qe-)2G;6#iLcqYGxvgeoQ&g8Is*7|j
z3rYlyakGxkEKDoI@;R^xNpKcs(t<Lw{yzT(8G}t~%XrKp$|hh^1tS{*^h0=G0}K>^
zEAB}}W^o{_G>|1P0}*Ts2=cbfijsO#k09*mu=RUcfy<Nzkw_1sQ^N?xsYY64at`U8
z@iHZppz#u_kOZP~RLsYM&*bpJh4wPxVH*~a{zW~wCG27NtPAxYxrk`npMXziJ^>SZ
zNf9#CfQuC~I5EhO#36%&m!7hhh+sthVZ3NStjUZ>%niH%O;gO3K$qE$xeKf_5r9ZB
zl?5Os<O^VwB^q%&K|0YbsK>du-7$PmvnkKzelJ%GA_}tBFv5wkArW;+DPk1*F_5GV
ziTsJn1XQ2FLX{yoR2G^N$<+)EYESmw2bCE)y>@LH;Bft%xWfTL{LsO{L|p!lxs97i
z0(+hhMLZoNa0omApUI_ozo;hzrO#Xj@eOm+c}iqSj_LCq17jRY0Saw~g*hR$IU5DA
zREUEUvpLlPknA%qjEC7qo`Ab4lDwJNB+mdRIR^JfJ){hwh#(lv@%XEjCGFG-x*;*-
z^6$OBG%&(CIM6Ab$hX+XH?a$HxtI~sVPAgfw#~W(t;_Bbi!qZJE{l<?&}HTeFvK#6
zy`pgzixOuLK&HCv#sh1EZ@`#ff+>?k0+vQ~qER_2*C!y4;GoKwlfgVc0Y0E`G_$EJ
zk@UnPkjSDzA`l7&k0epjGmORLXae^{NfHXqf@Uey*(9F{jA~H^pHzo3NJ6n82ChRs
zVK>t(Y6npzjfsn(6oBS-45F4+jR|LB5U$G|XocG(xg56sL<**mYC;@gSsMfLWU7K>
zL*}Cv#Q8D0MNnBNbdCb~VsaZ8F_6%)fvRPa9AShxN)eZ+hwn3;S`-?xVsF^M&#=Xl
z7!gD3p|<J$MGs+&E1AM20VJgGmz)Ei#>QDifH9UZK)Eif_lQruR7IHrX@Pm`Pb3jW
z%mTn0KIK33?F??Afp`ud$>Oi5u7uEspV&;cz|g!VJO%1(Ok;osl)ekBafZy`IRzN&
zHQ@&IK*mv6;YyG}PP|Lv3JzQUV)p`>^1@<BIq@a|1qdXEbgFqYnWcryI7OdOsKFZ~
ztwA}^h>Uy?jFX*ZUJJC8%Ih5mG0H&5z??x!!dn`XABl<CSbzo-U?G(AaQNf_>_Z#e
zOUJYu<R++c&d?4c^N}zatEvIru+E0W1{DKix#-gw<b-PY9=x-V*1(BvX+PXc^?Fg;
zFey-Snv{Z#DOlbvwG4~%D!$~1c*!i80g({RWGRc9!Ia`)0i*L^Tumd?%MDO*%tKax
zsE|ROrz`&umJw!j>SdXfL1FzrcyD$&r@R?w(iE_w4Hokr%*d6D92$U|6=^A+nE9>z
zgck8BzvBwQCGTcKmWCW!#)Zzu^7M;xASN0Phq4cQYm<$|QY?&;I1jR7@9keqVm96=
zvY-H-CRC`vH3arVTg_oYPU2Gr%G*O%#06LaqaemsPM6vNv83JV8W?C%gm;QeB#Rs9
z1^g&RnwMd6QWEPi3QLF~IrZ@RWYJ`29?50sjsu{|r~{XCys$QiGljEUL#;S)4^8xt
z@D+k)EMp=q?ja8cB5{bCy9E4c)p#<yQLa1FaDC0t@U6g3nO+$rnYH*zbbgr`HNjCH
z0bzi*GgfL6IOh!)<1hyg)FMs_DpJE|3c+MhL%rxy<bWz>iOMtk@g4F-cvudeNQ{ld
zHb<$#h%zqW0G}~V2A=k%X_WU@t^zovU?zYhDUPUO$Sex4K`&h78&eo=5+#IZ=#VVR
z!JwgPqfeKZSxTLhMzVvf&A_C(Yr+<r#8ZJB-1sj{Wd0*R;=eea1-K(?Wv=cM=ZnjT
zLtrfkvk7-qnl<SkYh{wD2W_DNF~T2V4FEEHP7B<dt3n_7GUfCs33B+K`*3^?P6c?8
z{E4FErfN|Gg5irirGo#^MCR$h&Ur8irC<Vy6&A_zK^DQ1P{9jqamk=3IZ~K)c)vEA
zWC2;F#DLh7=D|}OVVx|8$<R7efEtTxR>w*sYND`dkict`LM5%z3sOa~nO^t~k~~^{
z83b&YP>>Bed?t9Z6n(NVCrWT2OUmH~Dj^%G)PWaag!J9j)R*-nn>A)DIpGlwLtR<y
zf%YVb@MXk^n4IcjN~qIrMlYm^k`S7RDwp<;*P!I?x;=l96)`OtOej;EmZDj8AXbFt
zYw|IENk(>~8|QfdiFlGcQ#hjuvT9u%mJO(-9Z<r$|G($M%CGPtHuH~tSs~0tpPWn9
zge9{cCk(TMD9Hw}68y3=AJ7_WvNG(k0?a})OCorVEGfujL>*{iNzAOaeq%>-0lo-H
za1qkicla5j;!g~!XZ3;+lJdp`53M`nd(siTRelyS&<VIp=mco-hv-~S+~PQKYOpr>
zCbk%roJ;aayu>jA17A`}08i49^pbNYO%QfWcoN05A(zV1D5Y><iq3kA0Fl)S6p(xf
zsL9R=g*57+BxFJ|vLYsQq`sql&c>t&LIT0rs4&iEi7=U=oRssZX~~b{SZ>TJK9^0R
z3_w7^fRY!`L0t))jv1%detkdFGPR=}lb^te4gm#4f|n5pWKy4QexDdJ5TY?7Wk0lP
zgtUirj5{(WnD%A3Ob}>TufrMTIRl%byv&p72b}_wB#<nbh$KI)odP#mvo?v=54Y2X
zaYjzy?~4n@4><ubRG?T?SJJ-99b~#(&hac%1Ql5xA}jR5Agu>`@?pJ*gzyb9=z8~2
zXiFb)Q(-5qLiq44?Fj^kI}w&GAt=E}N)i;p6hA`O34^@G5ncytX+f$Ym5Ph<OQVJH
z5J@pt=`KF1wUpPoV8%mXU3(-=Ak!lZ4`=9tW~Er6DYj2A7e=K^NJ^^-jdWiLbkjP$
zA(G5^kkH;*=UH$}68*56Fh88hq6FC@FDA(3L@$U?h?5p(0YZYnJEC=;GJ}L!EyqLS
zi+aQy!aVs|(2)c}{DLl_2+v7zcs6WAJ7nXVZ0)@+sGc>}uoeqL1ZF|Ke8#L)dn_vD
z%uzN^qE$FMOUn4RktI7LU*>V7Wzk@aWZK}(?24;mg;lf;AL`LAYq9~`@@EnowRFRe
zoI}_6Ps%*~$LD!mX4yO+`m_PHRvo_^r^?hdg7z$iOHftPSMG*zP&pG&nZUw@KuZhB
zA>$ebntUe<(YmH+bOi7LDudTRE`ya83`;3}QX#-28X2W_0kNAO%&EpvP9YoPI%;c+
zqQqCq(}VBaRm(<0dITdPBQG@(GuMg~h#?M{kd$>Ciw4mYfCw7;vD46dLV)o^I>ZNR
z9FLS-lhdHTOd2_fY}jZ+>oNwi&<SUkFBSy%ttI3G&RK`!5Fx@48^DJUxf6=o-d0MD
zJyiz}-l7U$%ozv`0}zu6ncL8nPQ=Z5{@|=Zibmi9Fw6lSKC2luGcxbWvL-`N8$&}Y
zKA|?|fncyBA6QbA?-n&`?*gsK^)(RGq&vf6ec~7d9m4|znaFF5CE$Up7%rr+7t8t7
z>(DLYMv~k$WCNib>#tY@YmnE`RpcWp%x3L1^FW4(>X9+pW(NLf46p+&Fe*n56;gZ_
z&7fHFqF$eSVgY|%QPW4Dg(w$_ETe~R*qCF8+{{c+0||dK4@}0fw>Oc557;TJ0r`B2
zoiSNbJY1)QV1m$TONk`K9bP;e&m=7a!2~Qi0#{(fT5u+a6A+fPmV^L<VmE}WCmyan
zJ@`cT7%;pBb%8n_h|XaaV)dDMPDX&%aa!ge{9gYRcI&_Y;lI81cmDVP^x)YazxBWV
zzyIQY`!AjzZaKcTcKG1&VeL?TIC|9ABVG<1I(}g7$dOwe-TFTc9UnHfKCEI#4h_S`
z^`H2D{SVvgPj4L#9;yFs9o9Ck|H+X<>j#b<x^2BGZ(M))@PD*^+s4-QjUW8a8z0};
z`tIS45C7h=L&pvsu8K#m|I5S24^|IHum7vo`gdDv|E9hE+mhhGkvoQ4s+1CccJz7^
z;riPp!r?l3xVk%d<o^5bzvcLF>=4n99oqQB+JU<_uK&BWzcy^Y9X|N6wL^D&qE6m8
zbZA&RqQZfa_~Yxh9zIN-67hcGzrS{*b${<+W4ZU}`-g5D4jiaY^}j<~zqhgV{q^;O
zHG++6hX!r5F?{^!`*%~+#`{N0z5@r>OTP764ZKGE{f*BaG2o5&j~Uhd_pjg4`#iky
zy-yx4y>4v%c)MIxzyH?t14lNt{=qFnS>pEfgBx4Fzp?cP8(TkVJzRggy>0z|-hMCL
zK9+BP(7HKE`A0V1Ka+E353e8C*!shbt)JHSdS%j$_n$qSvnT7VM)-Cs^waA0<LkFn
z@#{zb>;GzF>w_}((f7|QS#K=={+ZG>1rDX~QdWCir{4pAZTR?bs2QE%58t_7ily3r
zw(;RV+W5hLck3tChAMXGV{02f_~XOtw|wkl8(V*JxPj)wBQ@-gtsg&F#yEWV6YIAg
z+4!BGKeF+|Pi}ng{*t2<U77~R`+q({zm~Tz=k3=Ht=G7&N6O1h1=re{>!ptaYlquN
zkG}tv6!==+zLmH4K7Rbr+7b3U`u=YpYPH_~ZccsBP<4O4d_Qj==IzIM`v=}O-v5Vs
z`S{0ktQq9!`+tycKPii^9c-Vk|I3vA!<_l)!C_cq;sd41wT-h4cRz{cuKxts-v6We
z-_U+^!RrtIm)qBGIkxe`e{#6~4jf)Tboki)hYuev4A=XyDpX%?Uq5tU<9B|eVfvP;
zbN`*|>l;7(r>#~i-J1KPQ^yNshc~XTl{EEwuwkx$I|2+px={B2rS-cvzW3RU?>)Wo
zy`S6o-p9*w8z21N8z20i8{hk<1>KFmeWCs@8~^y9Z~X8VHh%D@Wv`9zU210k@jpL&
zYjc#t`uxG4-?Dz-{xZaY0!#^iaN~Lb{}<M)pI_Lxep_kj@ckdFqd)k+jzP!W>xZ?r
z^?}z9e-$bk7!Q=kgXGr#Q(_;kw*$ux+*3oWQrC-TKHT`QK>OqN`GdR40o(DeGyRk(
zpDlvg`0RmOhl0~54zR%e_pX1ebWo_?_|fO|)Y|#c^BX_-*U=6DRe|dIKq)z24pdvm
z4i#qWwGLLBrJEo8F|6Ky{~hbMZ2ah#>VNqEK(Ei2@!FU_TL%pLvn5W~!}AV2Uk9ja
z>w{0MAKJM7kDCEL+_+>wH5BIfaN|cmR|gzY^7=p4@`YbmKXOC*IyO51m6R{#7Dj%q
z%ysxSdj8Y$@ehdkgFlUaestmPQe<hNbTHLGm%AAJ0x>U?m`6*%Ds}xIZ5Q17aRbcf
zHh%PcGxi@V@WWr8{@=W}$a<{|D0Cds*6;kCV~1G%N1xdEoxfjdtV2KiRr)EI6a#+n
zv67GVj~zIym@*sJ?{4z{`LT^(DvBu+|9J`IOZ~6;!*ucu8vEgYR>gnk?-%tH#%^e}
z>Ers{QOU-Se!jJeWeY21!L1J-TEDZ(*S8<>s*fKy;O&+;UH?=Z$wFHn-e2uhxO;T{
z=*DNuo3=4ny8Us<+?xFJ8q>e7PX*Te-!$~6tp&xkaH1@Dp+aK{Y+V0)W$kLCg@qEN
zyo|km@TcXZr8)e4?8vc$^pN^TN}M15lXO=jXkh&F{-L>1sUyPGD+by6art9GS%Yik
zp$CgQ4jemt;Mi>kj(zOFvD<<Bpcm>q_OV;*rNk)DDQao2Ri{3GtgKk-**<gYC)RH}
z#v8W(jvXon@GWn8Lk$%_3!{JgLRstJ;qt!&2f6>jLdcPW2M-Si@2_Bc<UotS57);g
z<HLuGE{{}PJyI2tl$0j^Kla`}IL|9P?0W&e!21FqA>a|Eg(N_WUDLbVHFvGurPf@V
zj$xa2Xb&C3Hto<Jx|U;YjICvd_R=XgQEI#Z_9Xz3_$J7eX@{H832n;`+p0Cy$}QD0
z9i^jom>IRhb~r6PBTw0u9jh~(snW37{(k2?4*=?G*MB9Q2z+^-`+d(n=iGD8J<rDt
zB0gCX0je-1cDP7Q{y7l@=+9Z4o0tz%23SG}gz$Yz&D7rvQzcN?mKMY|1_kbP(Y1}4
zjY5do4$|ac1^o*M)!WNB>dbg3)7jnK(`XpxFNoM|pqHyyXOx7@I~skF7#TF((c9GW
z@J}}Mjy85?3}X2&ex^hWm_7Dlj4;G+ADsF>x3<`9KG+zb(EWdj2#YLvZ~Gf;Y#-_7
zUzOYqf<2~WLN_|Bs|yp36qC9^xYOqPiO40eu3_L1Y(hN-puN~1p-$-m^C;UuSz@_;
zg}ja~0SkO*Z|`91dz}H3FU9HrF=gB2E2g#39@}8cj)oeoM`Z-}c1TetL+b!ytEjg^
zK}9t5FXGg|7?fMv8@<)2n&^xs;|PBAHF^xjA47>miE4m3fQ{06s2g2QWt9%o$~kOS
z3+$FfAHBtj(S#VO!G6L)V-2%z3`fCF6s?~PbFEy49MbZdS?J2;S+iCzQKo2p!l_Hc
zXZNsT6JqsxqgWrZ!qPR@Gs>MkSgf-oV94GrTCWqR>KnF9i=_n(@e&n_Gfxy}_7)3!
zmF~&8hZ`CIY6R3sljLIR&0^}7O1ZV8I5TRENcl9XZuLU3dcIhG8Vp@MS6_$#;n`y0
zi2C-X4X7|LJ<6&KTh>RT<7L%lqMnpOQ>|RwLz9z}A~!VzDwag~o<ni6a9pH1tc=t#
z=o`fA-`&_@;i-BtwY`|yZ9Y*7PdgY}u&hC}*sikB7_*TiNjB9SbsT6+WrhyW#A9i{
zs6i2)F=~cHNw8OJto4xGYz|8kdX0)XD%U&M@4|iNLu_7_t~HC*H(f;5Xcux%E#+!|
zgYHp(u_QeLWgPXzz#O%{f%bPG$_{RHb8zMOF1%xWKiU`x{B6e79?dFZ#KwxLz0lsZ
zy*(r;Mdh5iV`V;CU(uS{74cmP2!o{=%8Lz!AEIIiJ5wnvjn=GD*6GQ)kd2F0k*ThZ
zs@<uvkWU+u1>ezlAXX*OiGEpoCzm06U`Q`4bPjG8**j5-fk7;b&1^smV;pltTV}3U
zp0H!s2wTB&ekZ%3Ff!Xi%KGwg^IAXqu(BSgP0rY2DGXsGvGBW^iSRP}jbaiBqv#xB
zGWK!Aig?(kBudGLu;|Q9NL%1>=I!ktBh5mnzhdPaA(sC0(T_bSUpe@xF?ErIrEw6L
zdkkqYd@)5+T*nQHa3}~d3nR-wuJ1EUt1_G7OLw;LLE4fM3W5rTQH3$SW!ARk{!k+3
z^ao;wlv;qsl5`;WVCaI_iLo^2KXwT!i1_CgxC*;K+nlCZHdB>TxA(hDcVcyP^<#aw
z2$0q<VEutbP<y#pxh&TQTR$Cb!5bHQQifxq?xklV{O=?MU2ic5<0z@F*q=$ehSW1v
zsy0$6er6VhjFy62rmLe<#4M(;meKEO>?~HULhfSa7;J=nohdTRXUeo5GR8$5o$8s%
z*AA&Sh6H2vBIGMC*uvC4A@s3|kuy<waxN=H;)hTKV^*Q$(jD9#Yq2Gn`|AxP()J<;
z-lPoCDRYKGrtG3c0>dULM=5ELtG}9cQ4evC9MxTO5XvvzKnaz@YCR+Y81d8rf0J{c
zZVZ%~!r`hPLo()4WWjaH_KK;U^xqumRQ_U+&PY|qnV43g&c<W9e7MnvP=isKMlYa6
zQT01HpRz;9JyW#a0);FniE=7U?RWM8C+GSp{d0|PQ<p&&nI_E?BpO8f^`o*cZj3z%
zwuCtyR4DsLTWu&Es7E1mmb_F0Ve`_EGctzl94!;UPW;Q?uoG8Rie8$!Tug!Yy^Tz_
zqH>g0W5mlf2==odX2&>Ith`n-6tt7GGW0SfT}8%RLs1{jM#>%|+z)xnAc~0@)G^YT
z*`mBF`l^J46#JT-`zwv%Qs-2xXMiy!HsVPz1`!2=3jI~4t9CgB*r2i%xj~!x%dP|S
zm|jpT#yENAbB$tyg(SWU7b#gWk^=HF4JYSq_z!}NNKXnc(t(1A8SPrQo6$Z=AGy#Y
zgGzr`2}$QI!O-~Uim3sGbn?t_qxU`JkL1uYhaDDz(PrmpaJ5$C?h?1117X+DAEr)?
zNT}DJKw)LmVmWoV->sDNU&A3`Qw+(b*LELne56<##vlk|V`Yie6SFfED2ZVyEU%%3
zSKqS!8e)D1NCNBS4qELm&N9<aY;8O&+@OwX{Y-x>yeIly6+@GnShPe@+lsnwcex<y
zC&Y8*8ReEA9cJUqq%*P0pE^vL{%0FcpxQ+0O@M~XsEdB<VwJSE-7zg+pap#()N<em
z%QaJS{Kd*W44D(f>Ki0S+B*`m^DJP~Z%G#QbnwCe9k-9VSZGk)DAu+I<>11TjR%YQ
z{l)x1F?Y9Ey<4p9E#@zWk7+k9CFJ)|v3kAqGR@;~qIvvFHc3wVXt4bR-he>=&0@Na
zLh2u6CxVYMN;ADlarUq6whjYa!2r{JWh?9`TCB{hng{#CG+MdqA_yVFR|9QhQ$2OG
z3}Bg0&V5hgVf$0A%gxD%n-Fy&KV}u9Km+6t-x(vY=c7#Bxkjz7%RHoNWe+F}o_%5P
z>}7_Kf&OSH2G$zG)S+1rU%e-$A+&>MUmQGpW$^6FpTtAgJ~V>I6kG2=(O&8&3!nA;
z)#ABPyPypFu(Ma(p>_<Oy~;E-k@+#f-fOV+rB3I-JO<cy7_hCINy4s=(MM7g`PC>A
z)PgTI)B082aMQSfu>poVyW=)NF|9YzOx*5xvA3}?8g9^?SC@Od<v_-ghI{+Pk2eO0
zA|)^}gbtw?is*|)d*e6J#4F&&H-=EmpZY$=oJ@qohzm^AC%JY|QDYdec4e3DV^GE;
ziFXo+z@-c=pZk@@$15RVdf&0wiXMs0-`u@oWdKA;BOeyNvu&o{^!2iNoM?=K^7J!(
zopqirm(Rt>l+EQ?Jrx^>vhC>|zy+YIwwPNB6KHM?>nb+ZJNh8%jvYHRgBaw>A*ON{
zl!HbS!NF^ofvk<~BZFtJ73~Y5?Qn-pA8f|9uqT!xteG(6r|zN*!cs(QV1dx-<V;Eb
z>E?H`SThyW3C|*#L6l3ONM551HG@~=vzR=@p3%Xq91>0ssGwGL{;qNZrdY$t7;_}{
zw;MR^YsQMZ1*d5Cv-r#GbO{$=u{Ik$Ue6v&G_b0|64~fl%t3W}*ukuwa1sR`yIi@Z
zSu}5wN@8mKs2usYdr{m+@R#?5kL0n&4xADtx4ksC_4je<=RYosK3x_%*Taj|m(HE=
zl<34lG;xb~!Eq2ynO>InF5NU3mRMuG1_{9}T5jqs!0FuCgHqYn?CE*10Uy&<Lz!q6
zhY95=&20}oX$I5n6X=I}3dywNtn-NOq_QZN&5$>pn!TGz55b}>Qf>46MjM5-`Pp8E
z0+mdOy9nfD#%SZ=X0x+Lj3}IlB^pshk4sNE5|VLifm$ECMk$D^Ec{$OeSK^Z2Ae(2
zKK{ri!N9|~y)v?KA-4~@_E7>x23^2ImIuPUkP(XaSN^o5pqhrhgF!mmbODvvg;S~r
zH)WNOh&5dv%Mrq3_z831(nrBkhiFn4bIJh2uy>bTNT$X^4*`4A<=69gV|!v}cKJUO
zI*qyB1@dK<MRGufTy&=K(u_170BKZ6kHz@oVkj?=1Y8gm9FHK&b)=`K*@JZT^&_Gq
zJtGLW0D{*E^^9~Ob$wxAB6_%Wl~!pE0fA=X<L!j*NDS2?NzbOYHlv12Og_mITxrQO
zD#PRW%NF~h#Xj7OeSJM;1quZpZLANMT$Z;ThEPTxYCO2L0;$%)uUY*Ot9m7AsPXXI
zikCI|8{4ZIcCdjo!N(epyt7VO?SaOQjcV50#FFI48^iBfv8>zI=!U}lldf<k!ZBNy
z0<HzTGze*3BBn1RIM<7rL*Y!BzD%f?emTlqW<x+G>NWpsLd$oSkPj<Wm!m#ST(^n%
z&zeN8`F*%qi<u|*ZDei~8tHnx(TnfzJ+sjv6y|4JUTh<PzFqf~>;^{)+J=V;V&F4g
z>WkY^IwDb<y2A~uxs4iI<kwDy)q7m|RoyY=io{$>%p7usoW71JwxgKY74st^1K<I1
zVme1{R!duo5|=xRnVL>Inhh*-wj^}Hn7+m@iW=~ibS5Q40nwB>{K}9QE%51=JL7T<
zQiK^$O<@|36=!^-uTS7;+LHS|;c$xGU({LcjP>6`jULA~uG-*dkY5POt1+6_is{!P
zaECzPMPTz6C9ef`Z%ceFsdkOECddg%%JKSqhGKTPlRxOlPu?bZDRVs<y{_kpoG@}m
zx^^j>CEf0$-qzH~#l~l8x9n$Y&epJ<-q+H5Mei%8NW9nYzJgl|eGy-SL#<f7k@uc8
zHcDjRTPpWS9KP@D;%zNuR1f91QgkmH<#!_fO$Zy(dpT83Nvj?fg6w%uAo;FHy)*GM
z7;En!x4pk7J@ACSH+I@2_e%xS^1kAeXB$txz05l?*hneScu#CL3cfS&m#q5lG)CWr
z5$|mFT~od}eqUf0{7yc<Yh!Oq)b%Wj?x$-O!dOCu``61#A8UIr&)95l_LA)FPA#=C
zX0fa^Q=7dXYdosDR*6^-tFM=z|ERQigKbx1=zWVt$=!_)Z!Khd{GrdIp|UwkvT{dO
z0L@2x`v_*yRuu;-L=%>!QJ-<AP&*tQWh!<!)gw}-#Bv99W-@t8-u=q__J%&x_Ea0v
z91ta4Ha^g3R9TseySz%U?~h_#TQvS#)x@%{K~i>TvJn_Jt^pmZ8>>0FGAs4IQU79n
zFbxWYrP{RQM_s=$C7z(YgjJ^`WPd&v5=F}XLmXmADHwrN-r2uiXr$g^)oa!rD6WJ7
zyaFR!h>X-9v$vPcx#fR;ka9n0&{-}GqTyKe@K<zWJL)KHq5Pk*huJ2@f_Fb0YdjkG
zK2^-z_p3@_ZH38I#l3D6rH5<ZUJkgdy|vtyl2tde#ms%bs`$HiQx>(GkECT*)voH<
zMOkVHF22hEM|!HhPZTrv{i@RM-gjAa>kzA?`+C`E)F%w@%h?*Ms8o&UzJeP=s4zWO
z%-r{@T6%X(%c5JUR3&Y6v(exdTc7<No}p~J>iJSJbKmd%doGJ^rBRi%(X%aVH2Qd>
zziRQ_t`!znikbU<RoQnRe_3?v_^YH1EH)Zs%dz>_+1<;2jJR97{KwYNfLpq}?!ZH^
z(M+?#@YQ1GzF$@3-7zeSZlzO|w9&LJY&2SRbEBBK@Av-Qlts4^qDtE6W}`uT1Dk{>
zLshr8i<$d=@84}%bnED<q>XNKbY(IQld46pRj+RqGxz<fGVe~)vgp=ctE9K}S|*p>
ze6?BJ|9jtVs-j!E*+{y-n<^O-aHKDv<<cP&`(0KWt|Jj<H{Ly>tEG=csLP`HPZ=zO
zu{v&=+CSVFQboVR8vIMzQDOLQHuIjA(Z0&?eP@sFpYox`&KzMm(2Vr;#m42Eb^N6E
z?q;F)?`b3VBe@_~q<NPy4X`TkPd5h_{vN2D9VENbW0aMMmI)tgd?XoBCcno;)fr6>
zH2Uu^q6)D~EeBw*y7J$U*oaK=8Dz!iql_jPo+bX{MgvKZrIHra18<w6l?=aGeD%KH
z`^#`ybgK+kNpF+kG8u!kr>EzK8u-;O7j5q3-S>On&Z?p)vv$oM-8x5NwGnF9cCiJk
z%2{dyiLI$_f!i9DX}<92CEg5wxGdVZ<;&l<HFlKd&PLMKK)p`&-0F;HLqbhKoO+os
zVv*Rmjn~5;VnOq^!^bQF!~#`XHWP3nZH;a^EW~Ues#Bn{>%8e)_w9tV<C^q&eJ8ee
zbe^5qWu1FI^^uXV`S6X7)Po8`;a~KQr=sQ6<oPAnD3R#u9VIay`t)`a-W+_C-QG)U
zPmFZ2fEBY8jEa#zyUXF8yvrizg&)o}T&>|kFWr$oFxk}{t;d7bo$;&**z#~S-FfF=
z@=SQze1;DfEstF<-Egq0`@P%lE%AIVhNq~tpGomI`4YDbZm{Hb4SW0R?5%7Gs?(+|
z6?6NrQzdjUe~h14XUKc|86V*ZR1;~|e?g%W`t!L7xL*c>-TW2qxcD?xvpBh*3t1CU
zaKe5m(4HV)3eD~s>GEd%Y`r*pyEu8On5!4F!^O$-#q4EnY>YJ?G3(?Kt)G3fILWRD
zH*Ya}B``aAcguz3lMZ!mAR0A#e58vT3=Rz{Cl7e0Q<^8<CvS@swJ>h!1@gq5O}ufG
z=V6Sv7t|Rn#pemK6J+Fl5_+<w$(Ov{&OM6ath>gCv9FK_{c<Ot?Tvo&Y0GV3^Q><O
zQ8Y>@QtU;2Ot_Pg;lSq}B(1z@Q*q1b<fKo^pPVImK(}TzOS`lDMCt5Z{Z&4SHhIST
zO;Yfl6s&0X8Ftn|J1GZmgE~n$iBr;UKqQRc9_jMY@`?`T`;-{Oo2A*~K~(SY`rKS3
zTLNsQYq-{eVL>K2$Ig`ToZ~hbVh)}!F>aXwBD`;4vunp=HYokd5&0nHGTa4Wcw|vA
zn|vjRWK~7f^yOl9J45y{{z#y~+3nr{i-+D&9T4>N<>I+#K`KTzJ^rDP=@jHhDusJz
z=_LS1TAsVXXeQ@|xz9pEF?-eD<}~1DZTsku4;Cu~6&r2NaNgwNu2Gp`x_4m6v~lK~
zHf?8$_alv-AjIqmB>6speU#3($l%+>@Z69aPYGX~<Cbx!zTK0@oJ}d+YC#w{yStbL
z%j4W=R9*X0Mvam246cGRn~1y#!Hl+NAe0l7pTY>IxcDNH_ew%Oag?ew;<*N1fXSPX
zyu_s!f+rO$Ph-u`Hy$px@!%I*;4mq?U##?I(*0Qy+<C<9f~L}z$n&`B{4fP$1ZErK
zO42;{)S0r^Vju$%-YJ|vrnm&p<enI{@8zsgNR{H_>K=qNo?CS8oEw6acrv^@KhhP?
zz@h|qP`?VJax=_hsfb=aoA;73nBj`DiXRjgO>b^E`oOiq8k&j_B%VP-l6C4Hp#3Zl
zB7y?rQi!M-QW5j?<bV=?-?Y=qkaI3o@VOyG#RSJP*F-(>NOpu$tB}Ol%<1&DH4ND*
zD&98Vp!O`3P+HL760^PkQD)5BCV@{Y_;itX*5D@Nfv8J2V)8N=?;DoNeRfxnN4mQb
z&2ndhG1HvXX)rS#Z6t_!CAloyieP5gd6^dvdM2UULn!k(D@`uTj_?viyRJJZf=uRy
z9voF#>4b4pAp@bxr*1lQ9+)U4bki<z9r9U*%@o5kHQ;Dv2UWS(!{Ku|qHYxsI0bwJ
z12Sa)ZSBm|%zYHE*T&4)=*6a*L*X@wIWoVy?4<3ROJ>ANXOS0Prs$ec1yMr_uy$1c
zAP}l?qZ^<8Ym_J*D%)kMqDHa;NeU1ZY(F^YTW(9m{2Ei9ml+ze!m?hunH1rOo50Fc
zg^5vq1FO*O^DnSkT2GIj2An~5047;J{wYe)XINJxv!G_9&Iu^yzgYi3Ph&A~jyqLz
zYrK1b=3X<~IX`!i_w4F%$@nE-8jR|p$>v_RLfQIG{J|-Rk&vlmiyFUv#};^keUtm?
zCB4I>qd@gf_i+!KNv+zlY42HEm%GK>VG2^r-En5k#nL`^H^OfPyeFIwOLKmEghQ>(
zr&^2mBj$(u20Cc*@!I1x9<S)-6%lF1L$iCL!tQ{31MUkL(|A4}137agQsM!Y`6Cg&
z6!0>LgQJ=q3_F=D&R=Hv+zlQ#dKkl=G4O;HG};&~%wuD5!m%Y~*iU7Eq*QI{2%6B?
z)?nlzr5jY|^_FNPjUKv#ug>s!Ux9Np(Jz}pqgCU{Q{IT-B^sYl;KdUp(oG4Yx9w=$
zy;}${2@u@+2pbnvKrns&6yw7@H{xa|o+N-}+zw}(6@S+0DQ}~5W1!C){CVGi+mzwD
zc9V!-YNTh|h%MlyB8=x67{MyLT&9i%iO;z(lqLkWpIw3E*4yqz5(W3Efws>lG`ie*
zf;OV@B6b9|@}GP^MUy!|5>0rfn4j3*0Pi4i57it#BXqZGkCKSz3han<-Zb@ARcx}#
zi&42>={`qc)`Plzop4r*{W@2>G+A$AISc5R1bZrrbNM)qjP?XMqIF*`k*Xj;txoIu
z&+6*(`B9&H;vqpJiGW(to_*L%RCzs@$KTS1nLpqw22;F>Tk5zHjoo@RLSJwJ{TNe>
zV{;=JnBbh*Ovx(N*a#7ba_kx3mRND=Xz=Rzk2W6Xx!#+ud|NBOEnIG@H&SVv?cWyK
z*`KCftZ6(8ny;p~#s+6uNFQ(#U{}b}eh3VwMl`d1+l#%ZROi*u8o|_CO_rDkDs}~_
zqlkQEPRk;x-#*GTNt&0~@Rp}#%Gd_R?;2o!X$YzcX)b0=SD__Qc^G_v$H|Fs@n9pK
z9{QzR$fY3uB3cHiiU?4>{Bt7H2GiUG5U-j>*uAR+Z+R-sKgv+jsoE7$TswAN4LVat
zcsOk^if;ity;p8Jf+)x?3dBSfVzkxfKPS=v9r8YQkf;LLB^aev>TCAqlbnv3oqoEl
zu$IVAy7N5%pY(L;$%K6Dt&4T?p;W^lA@jjL2JoTk!Kp}<b2+Y$rZ<L&{NdqZ;n)VR
zL>=N6^E{=g8&qb%Z!Nx~c*v3lF1fMjsx?AwRO50y(NXz?U`(V3DV{!pXUG$ck**J^
z#zXHtljA9&mRrvB*fU$cr(}=>hQ6~7h%(jxA@A{`8=MFmnU;y=Hk(!U%csq@h$*rl
zeyOu!(C76uJP=4G4<i`NWrRaG#qMWslC*lcH8t%8Mx~Q*gCwb<FPO%i+i;!usGb{#
zq=xjB<Va4S6eJ>%#U@m|Eq%E0ke8iZowd$dZDh;cW|NuoWlp}V>32LJGoKY0;G)qQ
zD$a+;Gf=_MNEh`DR4E&QSeHNv#xs}1TW@JK0GAE>735SSJH`{f)AHd@bB7uaI^(v`
z!+QL=;QBf(T!@9sNvw4H2fxAsOl){K#|#@SNmeL6*le0@fT#lr@jc8h`Q?W!MuwA#
zNcaxG6KgWuQ7cbiZTR9>Sr=8wSS%S$p@4j-v}sKr4PveDC{EWk4k!Vl6fR3fP8emU
z2ec#mOn2sFLq137pARp?%q{o!NQ}C>0`3kNw%X~i&rXMZb~@~{(+7B(FQ#71#<Jo;
z8mn|t)mWHtr^lnQ!vSN_IsH_Gp9y$O{~!BP<_oig>CSgx{7{KsAUVeZifbIN%=Mgq
zrZ61oiMu-_U6l|G9Uo~twuyita^ey&q$UlN(<h`uh<?<3R@mNIE!Nl-F5%7M^ox+y
zsqkzuzdLT_mlnunmelLj&(%7A7+EokVwWe5!Q9g?4l;9O5sG5@5>HfT`tqgTv{_<(
zh6q(N1WdyHU50dttn;yhyT!txVqyHdag*`LIaV4^Q~SHdJIKt8c!2|3*OzCfZWU8k
z!f~)%EWBozSEkYh(B4;^=0&bsnj}?|_OSGpEiK<JmfmEnsSdMAIwJ=jZE4BJ>6UqO
zVz0d|y=K6k<AHYGgxP{Z5O-gUVUHcII|iq7OP$+#NEeVj+>AG=2S^FbZWRm1%W(Fy
z%zKGo%*z$LZT$&rtskk{dnZ|-32o|kD#>!Bcy8^RkY!<*0znF}98Y5V4A$Gn8BM*{
zP!}#Z;DsdxXKkohh|SExITM#|AQ|A}WM%UDazGI0g3FA{$oj?3_=W)$`~Bd};Pj^k
zr#~||{iMZ<g@d@&!{I{T>%6+K#^@%`@Ca$Ka99rc<4uWpSwe2zCO6cr*^#k+*}x=1
zDEuA-DXaN*K@><XP|SB{$|j0)ccr;9^hPoDre2iRLwE$07{q1$V6k)y4)U@?aO`nz
zu{oK2;fCk`&s4=;#`dP7BhL39krBFRPf$h!Zs92Pu@GO;N4W6RX51R*?tL4EeJKba
zi=c+&*@n&d`c*iQAnJq_CST#1)OcD_ESB*mrUN!!bVokpm9lDt-fZdb9N|k-;Z~fw
z<!2{G7-3kmN)WH5*oH4#_-00aLcm<Za^;|7$%0WzXV{T4EfV}%3Rtm8XEGm<psi0-
z?@j9m@--&jAmb%ZD9pzJcvm-)$IE2imh#O+<R_*gUFGLxR>SWGwc+79E>=L0_~*qS
z(yC;wSf;~G`~tr6>VHeFPk=ueZA}GP7`o&88V{SsOHxOR^+{(Zsw))%sN?8SB5oz#
zd>CdOpYBmqT&a~x)M~Ev3~l{<vGA&8)}JocFU5f34cK+QUhsm6EBClLWLMe9`s?(}
z1_@@egdX#k3N2q=i9|$(?tHPYSihiVSicZD<Y`{+Ww%idC#$u`a9uLV!tluNG%dW~
z*q83AM-csz(Ko;i+l=}S{^-WAk@jpelef^xRu*2he|57O%N7-^>yFuW<10W5H-gqz
z0@Evrsarrk(~x~jrk54teT|0{;?P_8Hz%Or9Pil1Tk(jYGn8*bjM_(h)uvSRQ*UsW
zL$p_xFhf-LIoH;&I=Qk6uj#0kXl0#mdv&TrmhS3YBtVJO1>%02rmJz>E*5yxxf;jR
z8{t6FyTRwabggoW)olSA!iT(1I=DEI??IvuP(Qx-KoZX0MLa>Q*zBYh`JxAJr!8tt
z3@%<txm@JspYYHwVkK=GTzsZjJi<@ah{9P6D}z+2xQOF^CnH@vCti!F!6wlE8`ZM%
zeUPmu7CSdNY>yi;QIV?7-spjpBQ$b^fw(+n5zIVp>SpU<!fW4k4lbUTs*A4`i}E;3
zr^Q!eI9MvEcS;Q|UXO$UhwvO5m|XT3XFiRaVg8t``WjrE6Z@|XWq>r)84DHsf9_nU
zwz(uv`SAyayHqUl&KLo1Lv1S-pDq?(FBY#EUIKOa6k5Un3JKl34<@la<f9|Jddu?<
z!62LhONVKqSu726p&kjlOppsyUW%`!pt+{5aF=$88^E}vbysa;9DK@S2aIDBAlyDe
z0{rzV-s<D{tk>cJql?eR&;Yhf+Tycn1p>NI<4Y2Fi}UMcO6)dldidmb=fMAPvGlZW
z5+h1%3xd7R7K@;axgpJ>%{`c6YQ}QRhbg=n^#d$typOlYL~_bBc`tTCo-FO71`=t=
zPgkK@xss-gE$#DR)GUHny1<mH*+fvLeT3e5r$|0uVeCr#To5E~3j`6qjrmv+NcLkz
zYBZ|Nu0S&q@^ci6HF>glyksoHh+ixf5@DY|5RW0^ofT!hFEMy!LC1^eEsa67_zqb~
zim}8z$YD!k{&Kkua#$SGg72#Ja07*jDTU`R2eOMZUerFJBOPz>161Zl8Uqa55g`Gw
z@nLTJ7i0PuOSPlnA&{YpWs`CZCmf8!54ObOUGZ-5iEzQ2fTOgr$){l%#d{-3D$$8n
zXQL1A%cMt@KAl;eOelEhv|2pw)|KfQBcRx)cqO|e^6cA*Tr8fdCe(=xC_561xpNTu
zIQo*D&L&beg)0hdQ2)@|sDG%WJ_b!nGZranu^voaDeniPK~$a0U-b{z^O*}K3X9Lw
zl~LqNHKqP>l<`ju<$Yvp#dE=nYtGQasan_Em*O_0hFj#&UF4om6%`Bq(#6=Ipu^H#
zy)?m=3TM5T@FK7Z`c<p?LM^}6LyxB06cyi|$fZ$U;a!r4h$0^_;fqr>0%-fV4F|Sq
z$#s{GDKJ;NssVPP_)C?~eKs`ME{Ekx($&jbO}+g+d>}M$9mJb-v=zwQcHLUK5&C%P
zDvIkWlFQqshi%oR>js}u^nSK`1d6tP)_J^q&dR(U91CceJ~@$PBFU-*c+FiwN}&f`
zW<%cTYtzsQs?cdv!gMYxdFvEB+=X*#Zr|{l6|Jw8SS=rRQ7o|{g2CMS*(&dLU|8EC
zPgfC-6bw31(3$nIH%KDT@$$Jyj8#0hO5$(5Xl5{mV>HIPbPLRGg|>@OXt^6Pqw<z9
z)Me0tN3e(2i}P;z@=-S{Eg$Czg}D5b_Yi!VC<;FvP(6wrIl(VNkbSupIk8Z;zTZ3Y
z+i=BfLx&Hxeuq`O#@)&9ZTd?4?~qpS=F02nO)job6yf^-ews|}HrV<)WunUW`<2<r
ze}S5v{vnd1kK+M(l!sd-ObMyFJXxVX8JRNymsnQ%n|u@p!&m2AXwa2<KXQ+huW5Er
z0!(>^X`8pWTOB&Q!2;Bb_~_C|l*FQrU$lF%v>lc&$f}YJk#jBJYZ(23G5*vF`N+^R
zD3)IjjBivJhlRKt-yB?i3;te56y5g`QJXE_+nRQdWx#a_*4q}({$zCdRRg?NKRGv)
zw}4mn75tVjNm4^A`)qV&cf6v#@&rMii--qLVgpr9EQ%gMt*ji>J>yq536geDOq4=y
z50_6D7$I!o8!=B-&Y?XN9V?xa)`&<g4XKrDG;%G-P78dDCvMy8q#cQy0;m^UVGak6
zmESM2*-M)^T(S~4*kb<BzM$e179$wNjJz4l5<p^D4=z4NMN^l#cYwj~%w|_OON~fh
zo{gIqksfv{UDz=QII*3A><~jK+7)Ue>#ZDdHVl64T(q*fo!;n$?@%K0)b!Iruf}{?
z9m<@YA=Z8|>-$q|muuzv!V<G`O8t}8Ctf1!%iGlhAt#qaTU#{{P-@u<#9AKXM=JBN
zs#IG<{WK~Ajm@<zQ_i=nT~Q$xkmWV~(YC8Scn4Byx>ua$qa!*Q28z`qe(cAFkNCwu
z7sdEFRZ~gzYiH3XzuaGP+t<e?m)H8a+rxbaWzY`<Kvn>9$P#}e>>55Yxh?J=JqfA#
zg&&s<JYRT>JE^E%bnWUX$0|aKkb_dLlt_%9JIzn=t&bQ-s6%P*H&Fb~;(}!W_T1|Q
zP87?}#CJyMD;I&#prs~kb;NkUp}cOBS2kDfbW+EyzEF}#t(R<WJ*g4~uT=>Tl<Ufy
zOqRgmMgXeU`S{&UdPmS!-wb{5s*8}7<!f+0($~T>NqXKoTpM%#GUC*@SD`^k3?!9J
z|46a+Mo2^qDa3B=HN~!2zK9x7UY|c&qDhhXRlH_S=29rGwwzLXD&-oUM(w9W09mQJ
zO)*`*Ey`#7TJT75W_MOufx8hOEw8)s%44CKeyqH*_(Zv*__Kq8IiEA}8SY!9fHKJy
z&|J66Ie0v)u8o&XoR7K82oMfMUaIO_WxtZ<&6(HYg9BxR>21&J13KB@a!pcg4t{;8
zn)d5MG!|vnhaCDcGo!^VJ^71BvVXTgIR!#WLsI?PgY2SZviabO77Cs~SxrVTdOeoY
z^(6@l0vjYKBb)3*Sk^<RiuE^3yx%IXck+66pp4%N{zxqzsdj{C_bCM<XvJC8>hf%k
z`)-+gFt2B-(oahdz9o?tme@x3w)orWwuX5AaWj$B=0_TjZ>E_;TK<)R_-bo&+hcyI
zBK~+N>uvX8KG*p8mWIn><>xHA#e~1^^3P7Up-{M?Srz0uQapdm=p*^5*61OW&PEv@
zG!P^2e{l)qxbcJJp1mmJrw^cpA<STljd@reKN5DyTz)fWjys<e`Y{aE4hbU<W7fV@
zoZE}~=t(bMG4+K(eCYmTkUs4X0uOOJdrL~0I@0*i+f&W)k2+er+!?rBtnAH)q-G9h
z%tt~f!51C)W@dW1SUd1RwI1>{Q)l%JHW6>n+l@~RSFPsCD@<W^6Mo;TdiL5A`fPCn
z1@!p>Gq;x5lC8&x{-)mWwul-(yvOnVD@5AKaPF;i&Mn-An&BLf$crz3)Xm{8x57Ro
z=59E4HEaPWlp99Y0ZeLkj+zB=4`uO~v_`*eJZaU%J-PBWAvN>X$;w{8@LAnP*+_<D
zD|?%N@^_B@%p-em%{4E7-!J^u;D6uy-SygNt=8o8?s4EkeUeLkOfV`K5RhA|*9F|=
ztko@9uT27O^PS`R|Md;P<%a-0W_*Lc`U6o!K#5xYUzzs*3hoL1rQrV&eA3)s7d%hX
z^+7|0pp#DO-GaxBJ}4Lwh-dwA!S`C@0<u}>KZOMiL9d`suwAeN(EFL%r#YhH(;QY&
z_f~EFDF*iNr)t$d4;}iewI8YdwHo`kD)Cb!{xy!p7^M!QukWOx{_)zc)PAY<WlpR3
zDNe1pFZ$Wq_A1wNTKa#ycC7Zr+OJXY%e7}}kBY+Q`0uG28Tu?&&vR))3Wx|Bewx3H
zfRV{bk2U$%`A>FF)=&Qw1o&t0r@s0q;GfI*Z;%tHe}hmN_(lg`H_pFIK@uWhYFXyD
zYE5d!U#4uf^NmKP{MJU{Z#-a1v}qtJHvi|p`xk%ue*+Y@-|DD$a9Be}Z^zD#hdLha
zc)VkG$0s^I+3_76dpbVV@#&85?0BN%GaaAp_*}>Sjvwy$s~zJVKiBbe$FFt#t&U?I
zzuxg19bfMF8Sb=p*84%IjuhAG4+}md7!o`pV9>StV}kD#a8ymL&hbXII!E`^>KvX^
zt8*q)t<IrJwfg4;98FZKbMRcP&S_?~`gaSyU+@Eh9~2xA{E&ciXKM8s!B+)s!AZfa
zU{3I#3jQ;}%Yr`@{O5xILU2{^ir~K#{8xf&f`2Ml7n~KG6MRkZyx_M5^MdCDrv#@3
z3xY+#l3-b|B3Koy3C;*Qt^zs*+XUiK?-Fzi8iJ;vN6;(i6Kogk5cCTk5DW+g1%=>2
z!A`+Lf`<hk5)26*5$ve}J|+0H;8D{a6ATMR1dj_oEEpAhMDS6;_tXIU1>Y<9D}wJ6
z{IXy|@Fl^&EBF<`GlE|goEQ9#;CBUoUvNS2b-_On{6oP-!S4zFk>DQ-zU?Ytm*Cq4
z9}|3Buv_p6!6yaZA=o4Ml;G2X?-V>C_>ADQf=e~P?+gAw@P~pI1b-y>W5GWWTo(KX
zg8xwP9|>L*{Kta-MDQnqD}t8<pSud!D|k}ydBJxH_6fcq_-?`X2)<DR{Dz?~3yuqZ
zQ}DM1|DNE4;46Z^Blx?5X9a&x@b3$LOE4*D38n<of*HYA1#Q7e!K`3TFfVvca7u7m
zupn3zED4qcD}q(Qn&6CJU2s-#PVhCs^Mc<NoEQ9#;CBUoUvNS2b-_On{6oP-!S4zF
zk>DQ-E(v~L@CSlF6ucn#Bf%dF{)wRWGk{C40e)Zb2ZBEoydd}^!5<51(74_q=oD-d
zNcVb|U_dY^C<G4*b_yN>bZqPB>getm>-heTAL#f{$56dChJwBNdPmK_=H%~h%K++>
zKT^gbUaLL+ORQX9idF1*ZM60`3I7`Zzg(Lj?djU%U*_@~wZ9$ko!O86YV8*(d%VoH
z@GnvPi=;gID_p)plV7ZzV43_yn*A~j|1GYcyuVLR03DBlzZSK>Lh<8e(cQ-hK10n>
zR%P20y<a9~$Jy<d2t899-Yob_;BL}0RIu<DYajce+L7Af+E3Ea4|4r+LZ4!A+43*Y
z`fm_E#?*x<9eo|!J9c#RcRWxZHv0LFqn))H)=DRjfNiUBLJKG4cwCDI3e-9|1EH7C
z^wm1I^OZ!t!dB~ipw>B1tH1UcIP=<P1)me_6+9{Uyx_Y8`vhMQz>SWVc^EPOnzhL)
zP=@NY0gCyn*ICQ_&tW~a+MhMEVC~O3PIf$2ufgT|he@g*1a#c1KW%uDzxr?SSHH?%
z{rmW<zx0*w`rZ2Icm2hGT_2}N^P`X6`~Cmvv48$p{YxEG_&IC+n4#T<e7NAde;gY9
zGS<uwz`@^ytiJ>=eh@Otd<p$&SeSN`R?tt8`Wx`-m$=qPZ0T!Xnfkf<*Z+_I@z?4%
zUw&+{{y)6(H~yRE@0EX3m|+S*9^C2Sz<I)*$60!6+2={|j4@Ad%X12=^Qk>D)l<hl
zj{)V$ke+Dfp{Jhz<_Tw?qn^iudLG&Llka(Cc|Mt^m*q)=9;a#_p0DQFa(T|0=jP?9
zi=G%MCZ6BuL4uyomN@0Xnx3APXF+<Bp(mi(a`x(ZYMzLe=c0LLo9DY(JI~GbXhF{d
zw5DgydoZuPI1W!sv!tiQdFGmJcoL;Gq=;wUS<kcDJl@dr)lBt#Ok44cHL2nGkJ8EX
zJYCTv55>T9Cq2N<gY0ZQPZdm>nIk>(<nlbDT*`UGojpo5Ddeera?UdhrHtpxiEAEf
zT%BBK&-UWjZA-3r!d)IS{5j37&(@}CsyZt*53`eT9(CtIa~@*nkR6l<e#-RfB*r}6
zFOTc=Kta1nG)3+QK{yY%lo=^%d5~fr9GK^;N^FJ3LpHriPKRjU4qMD@*<m<n>&n^`
zJ%!67^Q`5mu^vO{0fruC=)rlO!knkG%1%rD0RP0!6Nn|40wC5>!UI0-HCf~Nso72n
zUt*ny^~ng?Z{M=T);$qZffT>Q!qn;zLB&e;*j6$;5BZcSGBwYgmJXg~X)TWpR8aF^
zQbk&JdlaB29!fnA15D9Uh{V<dNUbgZ#LGkf6mP{dg~gUV+R|eg<&gZ8GICmqNH1$B
zf>NM54$}h*J;>3C;AB-mZNu|9Q|z4Dj>8ns=aec6n~K49q`5+Bx}(XdVV@pUDE;&N
zMn_~RDJzw2U!LS~ig^H{2UDgRP}#_Tr<@$GMxHztUpXwsN|mZiS~+EuHgWlZ+6?_G
zUn$9+Bk3ukj>J|hqx4Isl*T+HR_-fxjw)#)Uy_=65Ui72iE#XR0IYLL8I}uDK&eq_
zd7`P*HCMW-jHHR@6N|4><H)kL<d&*a=}1|Tno=T9{+7Sa1yht^Wn3)ew<A)nJZ>^&
zLZu+}<fAf^eac<?uq7#&5-z3XiajgcY6nkuRV&!0RF#fi^Bh;(&RLp$r&KDfsb{LA
zdF6&J=Q#5KO(h}Ko%lHh&y3AwDs@IK9MVoT?5vl6_Mc0awe!?<=l5r5P1%vxDPPvi
zLtRsS%bQ%X9EZI+PATE2Jfu^qTgn-tyxXesVXh;xgfcIka!FA)n&a$M-c|c5>|8Q!
zLG9p~rSdRmMsm<`I2)yd<H$LX3$6XBsid>Ku8#LqvYbQ8rMwXvxg-Ca!(u3vav5^A
zs#y~oQ>BRQIp@?R@-B6?%ZJoeGe|SbsX^thV^ne+mlQNzxl!ZUtJ0AN(AtypJMmQ3
zt(ST)*9#@u*(GnSCAD30)qHu9u%pY>LLHF{uv*L>)ML&!byzOma!o3UMRmNYtvYJ^
z_*|_WA!G0LPkFQzXHKpjQZ%)ZS|(RJ=YevTlH<ISTIw6ADE+0dRC6vUSL)G}YO$0W
zayrlUc5bVET&tXSsS}hM>FijY4QjYtztu<T3At{s@<H0=QPTGAT+Ty_e>mDyZY?1O
zYR1%yX_zT>VlU28Hsw_5bT&9nQ!7Kp*_c#ND%B5;!Q3>a9GkRtUdnOHYlf(0EaN;^
zR!mWDT@#c6r9jzI4h)NpJj~TAEfXc!)h^G5R}P%#%CDG94LKowotySA^;3V@n_5eX
z%3DXNj5%`c1*w>$aYb@W;-i%3I+`o6GHtD_p_JNVo>T2Qp6y99XNNOIY@GK>vRqG{
zYb-TLp0MrAkk-=B6z7w=BBj?kDBj9|oJ@V=ELAQYp>r>3mGjt<TG#%icbd5B9An~;
zc7SqgyXtQBMkR;plGKmVH+7*@PmWa-lcLGtG=Rl2XRjDbamVG@)t%1DTzO1OBUj$J
zPDv>_FGuBtGeKG^8TOhhP9ET`T#8HD6LQ#p&PxwrcFoB3P&(#1;mWIqF<qV}H`G+>
zdMPTlO0pD})45hjZ*f<HxjAr7*<ZERh>6%r1$mYhm^8F+Wkq?`9?A8{687oruobyy
z+phoO=DKG|)76w}5OskwP-;kBDJBm$Y2=9Iva`ds)j`fcX{JO;LBn!b9im>T)(Crb
z#OCGrl}y(;rB(XNH&=n2RnkdX<ji#Zj!4|3L)wxl(P};=N4koGvZ!7c53fqHSSicN
zN#}2BDQV(-R=Z0B=b*f|rt62&p1M|!NV}v#?rPpkvu8S6p(kszH2MDjK3E1mSOz{=
z20mB@RN)^i1ONY623)vYB;3lmxN9b8Am?T|H)}4EF0(FAF1ESBb(wO}$qk&QM{b2Q
zrqXQ5t&>Yt)us!Ni<%~li&8Fv*-|dq=4i~iEV*&gm#FFN0&j2r(_Bpxz@^z74Gm4)
zDlGn*!Wtzm)fzjRb>gqtB^J4ey8OH3x)h6l`YK)YbE(zf)UeELjZ42Hc9Bn0+9fv)
zeHT}ax7^O8L8^fvt}gg#Ai3ReOQJcE=BG17S<$S~2$znwky~309St8T=c29iBh5d#
zp<&`epPMOha)ox=V2Zdq?lgMcRHO@1GuhnSB5AhEQ#TOr|L@c{$=CF-&kr_&A8Z7j
zJs)fYKiCL<uo3(>eIxjR1@LdX1)yD&F2Zzrr5jI6LnnzAlh#b$dDWF~x=syKGF_Wa
zOU(6O_l^!3EgW4g+Dke+({1FMpskh;&UAC6D_w`0A#0>#T#H4gt5#9E$hC&FDs{c<
z7}eTHOG&#i9V}vCnq|{Ub0yNIQWuGfHMQF0d*0^KS~Rt?HMN<<Tf5U#t<JREw5`%H
ztOcoMtdm-2lclr|b=RazPAkq)r}d|+P5Vq&OgeZSn^v`!pCxs1>3Guq*3F|$s3occ
zRNGc;^Jaz?V7iZVH93Q|9p#(0WLli!uKTERUu&D{wob>ibhEV9rq;jiEOF4*R2pne
zt5DiIb~!6|(hZt?uB>b6;Fuh{ma-ghCs8?3Z9AVj&^Am7(r%WLjyYX^+U1T_dh6m!
z*S=EdNOkGS58KL-*uFG##5&ish2^7V9HTT%hoWP#wAQe<2i%=l!d-(dWo1F!rGwIC
zTVf^GbHAY6D9>V>w<MJ#d$hE4a3uNsfK(F)sb(p;oOGAZc`GQXsoYdJI9H^eJCuA{
zA@>Mkrv09~Ca=nG(jXn~j^BCccv9jVl|4EG96|1NbTujw&ON2xIjTg6s}xW7;`{Fa
zmSUXmSH_Wjumh0xAKVK1U<Z&|`-59SYS<5M1-Z()ru>_BE9iqAzy~{k4|V__>;OL4
z0sPy!1E^LccX#d<+_kvlbid<{!u^PQKOZE>9g2@IxR$wF@;-w54IkZbhm$)!_Z03)
z^ASSJxPP`~b*+0`cbnb`au@F%jNIqjzdI`TTkfjdVR>I6ciZmi(yq?OWb{|qs(Wj9
zNbZQ-C)%=Oa3|<PBkp*79K?PtoA*)dEBD>GzjZI3doahHJ^=S$;^*BSM`_&q8}8!M
zs&O>#!P1xELpb@bdJrY|($Y(6xEple>L|32-6Ptk){%Y|@e?{`_x@txZeQv+R(Hr!
zKKIn#L(0di+(S!6DJQ;`b0=x*dH*MO>F$4%4z`%S5O*udfqeW$nz-wfW`=A-+ITO?
z9i#W<97p!-4qW=C-$4xIb?!$UvGSCXBDZ`vNGWp<>pdrXl&50vUAw&VW(&EG*N2mP
zUwtaJZXM|$?R*GIp14;|pNP9|_r79~z87UzEG#3=%2UdX_x0QbJ5tA(bP>PYZ#%N;
zA#LxDIVa?%j~?YrsPK?i%6{G>%~3fnF-uQFdbH%5J8yf?7vKz&JNB)V${lHu5A7IN
zYMpKQ*r2>s0`)LSVfmtD=B{4qC>PEj)1<K)P5)7Pf~2o<mOdYOZb&Shf7btI|9JnD
zsq6bRzDJy%BHu1HIUi6n_G#Mn`gx#lAMdMux_S}WB*VUr>{YiM*$kwL+w>l@-mM2c
zY*|=Yw8|5;`hQpdlUn^>9%^^gzv#<Be^c;lf`0|*nCuws{2R5-<F(G;tPT7EqyKSU
zu>L9FAx7S<`21w8+qwLcyp&eHj27=r-`~G{S9%|RCu&ueqk7-$&(`X%f>M-m92GI1
zB<z2Q@VWQT{%oyRyez%9R{vjlyQ(?LyJ!B}^-j#*&X&)7D}_GytrU8)Hv0bEeeRnT
z`0TgR&3An(g}zYx<on}dt`ezc{+5fvpl_|!lyl1dWs1Z4zf5s>{+B8KWbI?$ytr%o
z6W>~~oM^&tfqb@W(U8aY5_1)}g&wXDQ1e^Zy37;54#De$lY%k9sDQT^5qLqTphLii
z0sv!z(fWlpX+QbH)cwXc{+DmmKSE;tqk?Z2>=Jxj@EwAW2|fX!uUgHi9|6LXRbZ_C
zzjsh*nzZ`=CiqdoUkDyE<7<MyZuEP2C9}>cHoE~Udpf&2`MlcMH6rbqZQaEW@&8Bo
z|6~0B3I6{y|9_VMKhOVP<o_4>|0VwaD*u0-N|S#k_;X@Iw)Y}n=_;{32JV{ois?rH
ztNRTd+txkONr5pV$4%ZT7zZr94ruKVTr_PLV0jI&a!7C#MEw|Cv1)Wx{8yh4?4>!&
zwq^+o^M91c^f-Y71SZc}#v!-51U-UJb@2(Xv**C2-{{WH?k>XJhHC_xo!u6jywlk|
z?DZ~by#{Uz?g`!yyeYT^X#I%b3l!UC;90>5!60CA+0Z4x>UqIM!9l?C(}v7w-INQ`
zWa*kw+gvy-u*a62oxK29v2a^bua5#IX8@}&7@7l2Z5K$&DVv&-I=sJ1=m22lHNaUL
zn6l+5x-6!|bnZfDw^U!V=9($fR$sH!^iD%h3nm1|1jhxoyLPJXH+MR_`=lo)jZ)#f
z;DX>9VCJBpX4L+s-w@o1(q>OzhGd)&=eP2S&KxrBdc<!T4-{@2dYXdrWab%xNY2oC
zF=KZ#F9=>1ye6=xnLC1efUj<+YM+5&!7jmG!G6IZf!%!dsNfla<NNB2;FRFJ;03{p
z0`dOpYl54CHw3Q>?gHBN&hEPSw+AFmouubRO+O%zK&Nbd@+G57fLXhpeY&$-;hVMm
zN!yt-G;7h>w*c*XfRmi{<YA};PepTbq<si5y9+S49dPoPV9m56h9Vb&ez^7bIvYZo
zk66>(X9bgjQ-Ikkf|~+~Kl{4C_Rd+j<uK+%X5MnAF9X^qOxr0K5?EyRs^BSs_|3j7
z7zdmj5QyZQp}98!v*I^*7cjraXw7JZh6$ZCI{$(h7X_A^y(h5W(-#C}@EssR?PmaU
zb~#@cNRs)3fajhCw7v?MI}d0dGvwIX#|=4{`AD<n`RxJ+Ge0cYCpaWH0%#vKbQSQN
z8PA#V+(Ed)c|Qi90-Uz@Q<i>i2r&7oX|~@sZSFSUxhsJA7~B(v4hSX%mmEzr6=OJM
zRMDN^3uxPXJH};benxRnpK-Pd@l!7X&h2k@m*=XObi*R&uA6ZKFn<DY`Wm|C^c#d0
zq{8|E!EV8f;Gn>9o)*;w5o~deNU`vYU_W5}vY|VM>~i6_p$UOS+B*%IwsaG)I$+d(
z*UteKUKNZ3+75XAiqRW}UN*#li^U=ETeRBZ5kq4F%JKbU(`tt7Xt5~}`$c<O400?U
zam0M>mO|$R7X>dwB3<*nZHsOf90Yt#WS^rnU(z<s;VtbG>=n=#-<Iy|R;e!@5{UWY
zQJY)ZWl*dauL_O{W(7-;ec0d)z|uXy^043u!G5!sCk$Ggql*chibN4vw&L<7!Ha;E
z0YgU(4GH!O_L_Fw&{G1DTCv(vXx5d3#$N!e4%zHV^l-<-^MWj74=XPVUKd;wtN{YE
zm0N^XhfTX~+N*%p&zoj9tqwz{1opo=3s{~pbli~SSiJx^>(t=Gg~p@%B|>XWLCrKX
z*0u}kg2=V4wPyq;04sK~c0_O!uxz#Ei?+J<7Qr*tTNeN2>qbTH%!J@sf!LfG7d$Pn
z!84NrTRn3{V6}BoIAbek?BvXwfVJI#bvr(D$B;;$xo2o6V96rOw~Zb$BpU0{lr68@
z+xjJey{%sm3=574L~Z>kz|t)TvVP6@tiU0yzX3QCp<9H`?lEeSvrh;{1qTH5H28dg
zNkcaTG(Gq{xD7tPBseE{Q2;W7&z~2(ECBPt=Na(e^K>-${7nHE3_gEVa9r@J;DX>a
z!DYcM!3n_&g6o1if-8a<z;D+KF@(YA*90Iw`21bLMZrA~KQk)WMf9w#oVDe%FA8ks
ztoWV1DxhvLJpeej9dL4qv~&9itvq4c>wx9GfCaiNT9#YbBRC|O5HKvx2%*~7b`x5r
z%VPP0(Q|<3j|!gRys3`i;wyRid(F}K#x0+!=VTSW2Ftgi`CPLfd;L0}Ea5|>lV9f>
zYn}ZZT)B<ohxqZa!5W`G=18JwX!1|X>pv~8|E!B|8BhLMoP{>|=h*(mkRJ(Trp8wQ
zS3MP|%Y?B=ULE&zbUvKQ_lNna@X8BV#uVf$pyNbH8X5MJvpobdshh*_2z8Bmo+}M?
zmJOj3$QcF{0Y)h?QtYP_V83~tggY^)?YF#OS=vzRB57#veo^pHk2T_q{gsIGS<P1(
zHNH4IUW}F3@uqRV<lY0hKpk8f)ZNARiN#=7MkZgeUB2XPv<1y<&rk20PES{*nIB>;
zuh(L5e7l$?_{y<mR`(kzVT^kDXrSC<)2*)l$UZ3KSY2zh&*$YFUz_1G#)tUXJSV9n
z#aB*<;g~4#;rr`(WrPu5m0-nKVtgPGEe`MrWLsW29zD-mln*YBN8;+v-qCH~xl@*z
z!_h3!*my~cGI8a&E%TXaFRhDy3kO_h7<_jP8mt_O%kmoO#TwsZKBSz%iGC9p1);7Q
ztQs7w`Bg-s3>cf<21G6yz>y|Hy?h(jE1BX$aB}<THm;n=;>jp6h(S5Ha<pQ_N)UDB
zP)O!*Km>?pAwLIibuv#n`u)~oBLYdEU1eup%gzW+20f<75wYeDWE;#3@*gb97`vfp
zeLTv>SBtOqm`gC*9xvPWTDDDaGPphDaK>5dVmOYG5BPQ_X2n?5PBB(V+hh=Eaw)pp
z6_M6#Tvje+Y%q#mgu0St@*Kacv!<*Zh>AcacA1`+*2Tc57G+m!Mq=tXj*vd4%<4FN
zjI$MKxkVQj8w8j;V|@PG&j62AbtW&$>d6@<-YlV*DXmAM?WLPm;;XG=;>Wc;6oH#n
zfbY^r5hhm@;c5b>;qou8e5F0EYA)0H0%=@1C9$j4!8bJ<wLES!V&oCyQ=<{<iC9k=
z>x-D*A+3SG{~RHuz0jN&juG_2hfOUM-#qQM*DlI(;d8Bl164XvA7W%XV#LSfIqQ?F
z-Fx*!LOvPgZqxtt8Y<iFw?&}{SjtcBZx$=tjJDb7cSAw?pp$Id;gevCB!mX*uWg<j
zi_8T#{@bGUNPh^0A;!darymJPcr`dP`6_8_#&dEyb_{ed@`8G*0)sJkcSJS^5}Un)
zA8{(b5|`E&;#lDRI_h9p^6;T^GQfEozSLfpiQYKKxf^9R(%tOgTT@(MoC(d5ZjMvr
zqqdF6Ww^{H4;UEb6V)xhFFxuaCOeybqkMPR1pXL+VJ3_hXy7a-#4-1@Vp4C6v9+^*
zv_Weygdge5T0TB}n^1Fb)RxMeNP2jb!-O+Y_Ei5kx@;p%#hs&2X(PcxBo5TdGQ=aH
zmsNQrk10%QzX8)7JwI_}g<{@=>*On)LED|3JsG97I>YOPDv$vZK`4%+@Uy>=2G|L;
zJNXiM2m$RV1hz+jvAx2v6MU;N0vs4vi!O*UXF0Uv75`@<hX%b;b?LIkdd87{;O3Xm
zOI>>q-1#W97pUr&gMmay>d&+<MA{dKK!&p1Au$P@#6<4URf9Aa=HAiGBnFj92=U}A
zegWALdH|E8Xg$l7ZyD17)QolrLM#u^;R5W9p(w9|gb?sSWW17GMVhe;CZd->bg=c)
z8F2|lm7Nc?muEAkDS?W*9?E{>WAF@?56|<daMq^QYmlf96&?X5pbJ)u!vfbhUptZ`
zNJh4JNmN!Z(WX>7yE|xgGxA!m1?^k6Aa-_Wh~EP)JdvF7sCls8)?c@;Sd+F!@g*YF
z<l>ZTCRf%EL>~)>qr*3ZoYw_hA0<OY9Z84b1uOYbG1lKdFxp)ODU}7Iq)p%4=s3sq
zg4I{g3tO)WSEMf9y&yfO-Q7m{vVJSr?TJuAtRJffOU}52B5lonyWfQ?&|fQ8_j|5q
zQ!JcK2w`9s%ghwA)zb&9r*=o_{We76)cz#mMO=r0+0_1WPH|v4th^D%5|X%dRrb(Y
z*;WwQe#db?LIJU#+762~I$9U|Kn%g;u&C|L$Qlbc9*nB$@I655TON70;*@wHl>{95
z>i95Zz@iabKS(`9D)PcIs_mGCrpJeaDi>KBAE<#N&5Y?P;X)6Xz!B`Pb)hK<BhWkG
z7hi{*8Y>f~#<th$(eF5O^(`iXJVlqYs3bOygM}yz*mLAOK>1>Y5PIVxh!6)YQiikq
z4iITwEbETPAjYfuOVp<e>d#OUM40L%A^21wnrLQJ61lF!D}(T3HyI(ku*{z6qi<B2
zWHiEoRCGcWKaO89dFf7BHjI(YaFnnO5QrIRNL^;bu{w{&A{|MrqyEFbD?`Ro-&|xD
zq28em2~owRsh{N7S;b}pgZEO%+R9~Bnze}{p!OHTRgyb9hlfdqTd7ql`NTlQ6f1>w
ztYC4HQIwMLpzlrx(LNBf-~a*Qh*?;0D|dQWLgZ30jy9**cBa5yrODvV8a{GJO=2`B
zSAy(Q2QWET&OJyz8OTVQ*!#)vg)7L)I2i`L5+APhgm_HtFUAytDBpSuG^j!|ba!7)
z4~Bi&bt$gR0lo)GW2Fd<72_#loAEwHFa|KzETTzf<9<$L8j9T-izQ>*&Ufvra$wd%
zqq7VaW1ER+%!`lIIC<WIix!iy#DQQ?X`Epx;$53lggA4fqSlntX;TqR?PoEMXgNs8
zD2aDb%Slk_APGjFCO^W5u%U2-lVBCKLa^ABv1q6e7+$r;W{7qfaqH(p#0~AB^J4X$
z>j=i8^kC|f(EqN{wcP{Q8U5KZH?eGt1hyMnlR}1Kj|sP3^SGSL9^J*c)!A$!1aSGN
z0_dR;?xzWa4qv%P`{lle985IO$Kco&ZLRGFf$g*<`g~}Ao3hOPn^<cw7>%4DLSJrS
zM~q1xG~o%!!}YL<PCe$$BSA7-$Dn<n=82vzvrXD%_PUdFa~ZKv&J!_Zo+&Y&dd9D|
z##G;?eg!#DhhuBIX>j#kAM7{C)|VBBVKDoCz6$JcT^xqu^sFLp9UMl(ddak&u(;Yo
z1N|}Z){k&+%HHMQL55~yab-Ro4784x3A@S!4@^C1(<^)Wk;IPv0X$6nzq~yL2HxAS
zG?dZy(UEQBl`0Bp2>wjnbWm;g*0$0<6npK6_oEL?NV7i7c+Mdx%W=?+#mDhtMSyc-
z)+ir`$uz>AY)_P<n}F7oZT%uH46+Q2d1Y+B7<G3RtuJO^u=OPa9DbN7^E=BFj#Zuf
zdR69Eqs$9s%KQt1tw{0c)n7Mj^6T6`sREbFz}j8{l+3IMm}S5$Fn1f2g-Jv|u>P?5
z(3p*dmD8civG2>VAFSe7ur>5HmK~jQ)^l0xL_b=?Lv^4$J1{p|?Gq(UPH0<me)cg6
zOCE#4r}{=38rKM^oc9#`qbzN)_$51Sn24Gr=2wy1HIMZvLpKR%%+oUgr+@oJPf%5w
zS;jfn&3Q?f<-n;)$OW5bRT`#%LK(9YQ6}nSv342cW5$M+=%uTQcZ4kuSvcH9!5XF#
zo4VnYE)L&lA5{cYT|qR?hhh6+0+T7a8H(8jxhw=3Hxk`|WFmt{8Rv8^Ra{Kx4GmYe
zxLN}PEda?l_m*VjC=6~J)M^F(AzGVTW4)yNshc76T-X}Hux7W5=-dT#4Uui5wH-E@
z+AIPo2{SoJTv-{vP{l9gBwGuo-Sk+v_NK8}@mu0l!Z%409Zch}L32zG6w^DyGK>&r
z?gJ{ph`1Q69t@RS#WN`ySPip&8YMqTn`BV2m}W}^?Q-QEMZCAh(MR^Yb~yKGV^Bo2
z)($I9_P}pkVOZmgkVDMXa&NQtbPi%)B0f+dzIt%bE@gLi3N2%t!wiV@5|zNKiclnx
zm_Sn()4Q56&%)1_>Bpjlfs8zxm+(KX=|}|oNh-P+C!f|%$wOwbZZLM!C~mzY%%5(G
z8GxJ-w;IOHZ)%RYn<rpJevJs|7;%F<!pz{9uGresqb}a&Xn8zO4>FN;$N_zP&z#Pv
z!4@tDT@AnK#ykSZes8Z<d36Sh<VD2r8TC1KyXJSF_l5l#lc~zefX2_36h0*${vUk@
z3^qJaJv%UhOz>Y1lN0wr8E$auf`1@PD~!#a#Z&p#sgD(^!zrj|R4Sr|V*CVS8c0=?
zIJ>T-c3)n4)dFWZS!V(YtDw%lE~e-m^6dvyW1ytaaXDrtpQ!X>tCT5$QP2k0LD+U%
z^c4*n3)Hwk)y^J3kDyNvU5DN_BYj%9dg4ZUY$QV?n5l-FMp+;unaF@unr3DeB@9vs
zRJ$@DSt7Kf*05Chi-LVsK?7OPkQMBy*EX_-w2L&?N)uHxoRSReb5zKh^}LKYo`};&
zUde$&q7}6v6;+ISAtO*E8c2C1-3pF6>Wv^Ac(KUJUyOwY_>q9D#|R}^caAzzrGVop
zn@{4H6BVL%R4}Qkz*U0gz)9U+QY}hQ8vht)H1Qt-N4VKXkupRwRVzHDBh4ipZI}Oy
zC}|WUilivw(CL^k?Pfr<Gh|lDstjZnN%U5=0cjOMUAT%rW3=~VhqT^6!#*TH_NyS5
zg~H`quhn>@0l=`jlhxu)v2X=9WIO$M?c+*AWg$d?P(Z6H9r+_t_C*}V^=-zaa~YHM
z!K?_FD2`k+R5r(;Xw`qTTDDICu#04>l!@R6c1l)U`@oAP6gL}$G|@=pUQ`89>b%1l
zby^c*<z%f3|Bhkx9d{GLO%9nar)oIQIS4!eg*NqnYQ5`32q%m+iRfjbF|T>dN>4X)
zIYNM{h?N2j0@p)-8i<x|10P}Qy3x~h?4T;vHK20dz=4OdHWP~J+u{|<`8qcfikT;T
z`Ud7UyIqE+&&Tp{jWQ1R?9EW=*{Pl$+6@H8@x(%n%T*E;u5}K$Y?5!p(L|Y<8Wb#M
zc9DZ00(HxkXmmr_>kTQ%)lHID*0AYo(fIX%*AlPmJ=D#75+u0IQoO`;<{%9bM`1@N
z<B4Wk8C4{fn>0i+NlYIaW$zw2MB-<jOMr97_K_h8!(Rg=y;ej5IV>MaM>+w1gS6)$
zHap!BDOK8oqs?ezYl+RYO$_u1l?a&_jL2L`LW&%N1lK}F>@7vr&;z4!=VYUcEcvSb
zcd;kE36&xsU1OLyQj~PN$l|Z{Fry>kvb*7sS#vuFX=Wp42{yHo;abJiMD}{rEgQQY
zIK$oG5(p%lE@zoAxXQt8)Z&T5l(Jh<_f{#Pmt*erY8ZKw$mOn=B*PrS<c0kJM^bY}
zwc!w=I}W#)zEe8U38<9IBCaDDv;xXD+M;R=i6o^Lt;>C@v?d~fB4zvR$7$A<Q5g!P
zfo@a=7glBBRv@BU-VA0B7))wK3s9m8gLf5<EEr_7q#}n=8pVSR#!B1S+gl339Y`ee
zs_6>t$CD}7QA{xWvQjeBEM|6TDiL7nq`X{4LBw2w7nhq2cpmb>vK;c!OThi44Mt1j
z(b5w(V3SYKBuZ5L@IaAj286hckz}qhG#cU&8mWnIrkK9vuRTE3Iw#mMJ`+ajHWiX|
ztJDg&f_t|&5Ir3FMqKzchx8Oikk-fjpFeGdj#TQoNQA`nKq5x|R9;TxWi~I~|0VBI
zUasWj)j<U#R)q?(C)<*O{$_piUskx0m)m)HD=uG!YY1v}%T(KlwZ_YcD^L#sxZ0=r
z5LotQt(~ztm61J}b|5cL=fyolXYo~CQCu#DY(z7e@Nz7;VT90hroEn*H>2Ogxn1i;
zYTGq_tkkIVc8x+l1*@2}LlPRX0*>1VIbMKByB9+l$OR*^O|?4v2$&o@{3aojBQlU-
z4n*WBLc7QxCQTDTsaq*@nnHohAyhBt<r;Edm!R^x&b`9ygcKDO&Ag1-HWZROVDkgU
zaJy2TQxm}{L{I%*h1&y&cqM^2auWeM6)m3wb_QgAJp_@Befez4bEDD*Ivs^~+#N*A
zgg>Grl?;POOhhu>vUx{dli%c1x$kQ)F^zd5DU=PCTkf*kmx32Nvw`qCf=>Hr&uH8y
ztlDTl9mOVKfg=o$>gH^fFULavwNHT`8J6aG{?U%EuDBJerN~|SQN4%mEU9pAIM~h3
z#==}wvnA3XKw*c=jn=p-2H`MKIns#!O@`CZNwm$2+W{^lmJvL?mS96<2`)@lJJ14i
zYQ=`gOT^Kcv90K0XV%GvC@OI&D=~LsZbdgFQ^?G!YF{XM+fcH$MeC{fnS_+9vWcN@
z^l9nH<-uzn+zxVd@N_rI980pi8L}gJHyd=Ht4pGjcY{ehl}%*!<$z&3%^r*Jk<7jw
zqBC`~n2lQcVJKdY%(;39jy@|>PfA?(^gT|klgD9M6q`+nIa%UxA{*Y0Ou$d?%y|Qm
zhc7^wU2<2}c?(ZZ@O}0~v^@}Tdq8oDQHRk)Xm*zl4`f4uh#(7pC&^_jruqySE;Bsr
z6y<G-=hwNd97GCX0VVkmA~pFEmk=<75WFbaNlC3fAJ4*Y$fvY8E!tUs(!1U)tMVi6
z{W?=mZigkL#|Ve*acv?B517bCq$?6n-ibsUtUR&>EodNWk7jLTp1~>1O{`75lkKHW
z9>Sn3=_Et$NZesTf-#oh2JX(L4sfnkXUf=8)3GEwPVNsnT+tG&+>*_lt=JSG<G@P!
zIvnz4Zy{<Sa|a`hg2ilPN9a`(&7ONAvhAWB!u8x}gqL8lZVE56FEc8v90(O%Szs>M
zJ$o_2Z-(VtWy3RS;jFzvS6-@6=)ELgdm@C04jh1D5ac{=A2JEXoaa>m-ckTb4p+X-
zdkEasiR6g%hJYD7z7d>#Dkt07+tK*h+tK*h+j%3hi&m6C+Gs{FXlDy|#i<F&9L&iz
z^bIsU)s0J}n>&m?euH*UYM4K9ZJ|1-f%GE^kg*#WQW@6l$wQ7}mRBp(#<S%#os7cV
z+hk5zRvW9?8#qX~Q%JHIqHy-jp3yGt9*W7!vv2atA-$>AB*p|lK){R(ex@C0-p<~N
zY<D-vc5f@$jASeKN|KSXeKR<)8N6K*@?O%2av%a#&fY8Utr_605Sr^GF<L!&DyGP_
zm?9jU2=>+J(rtb6Rk9qW6QTx*ZxfFq%*K3L;iQj{N~l<^;M8510Sql0*IdPBZ)Vd+
zc_}42pS`t_a4Ti?by}+0pFIW}dYoDD<c`eq`7-w@$)vfrLXO`Oty$GX1h!WJbwNz3
z6A-N5d6-MM)@zj1Ge3aM=+iUM%GsT)oDFX++N{*H?U`N%G`oi>QSK+19;Yue`Jp&(
z$ta-CG;W5(O>=|1Mq@0-IX6^|bB@OwP%d3O*1?_$5qfTvUz6uJ*mQ12L+{UCeXvYz
zv)1#QaB3rDDPrm&ZvWzPl*f>5>SoX|2uLI;{FEe`4bO7>wFtArRuxXZ6a~u5$>UNg
zsyY-G8(!#f%ZXZ_L)-3Rak9wVoBR-8Xy~mW3pHU3!t7!k0j{B}m2&Q;?_kMi#6Zar
zRl13=CSenDf5HYKFD&5x#oXOKD9!CIRz{kxq3Z5t802JH6psLfgYz)8d|E3*sEYPc
z|1+&~QKFajQAW!vMc$7JWJ4z~Op%07PD~d`mo3A^{BV=U^0a!<g~R*^$xpT|RcL+>
zjVVj%6xP>JOkd8({2n6n!w5!<j8o6&cW;htewbVTq%g85#sKtwX9CTYW3|>Eh>G<Z
zBeX9<+RQYa<q#+R+mgO4<+hJfY_~`WlJpU*`YFR~%O+o8Sqo0v6xuc^Q=Gh3@=^Xs
zt73Mb3Z2|3=}%rux=Fs6NCRcyB)2Jd)N3_G!5(eO>+C=ocN+s4iIJDr*?}_7bSWis
zPQ;uI?Fp6Xj!|sIT&6*^TGMhiAgf{ObgQ)6Xh>cXP2CR@5$Km-kvGBTF2oRMbC#VD
zD#hk!na$!)1q%}BArJ+b39TKH5Hb-`4l;<lkXgqv{IG5tYs_N9-9j#tiq4Vw7x+2X
z+6Q)2eUTQN%bw@CR~;zNme%4xa}+*;)v&@h$CF6tE1Q=y>Wb(pRf?Xm%tG~O8M#<%
z?b{{GcgeN6c%*8MThTj``g3E_eU1k$vg_A(x?h&eOYsZ!(z%0iC9$P_EL>VeOpFde
zrw{(33y;SoG`-4%Cl_<^@CuhgAbpI|cs$n%R*cU{tT5WPDXFzdu?|gI0+BYKn7PEt
zJewm{wnm9)E!+||>xvW2B3pOKa<EG`O1X}d9=fgysc(>8=cKyrIHnPpxi&ZBe(YR5
zxKR<)$6G=^f|$XVkd9Ulk97O2C`n}~ip}nd+qE<tj}5T3puG%Ypco7qY_Dxtht2|I
zEUaFUL&U(hEJp{Cq&`XEWpe<5m?3$Sd4f@h1#$joj`NoYX66Kp3xaYB(|OL@H%)$o
z;Qtj+x5C_ZbaV~xuaQ<y2qJ4ZSb3XIx#xN^^z+<4DV9dHoa-5-q4qO$l*UM`vms=2
zrl^IKPl}=O{BH>Npvp9=9-wN3C^?0X89tSD8lwiaU!;`fnw_ptWth!Q5E8H4MxwX7
z9W)omFN^0+WO<((s=_u!vsF{&!W~_h6$V2UyRZM4kJ(<d@u1VFDrpKcF^A=oBUPw;
zO@;BR<#>NJpJHo$wHdr+XCBMz>+I2^z}y8CA7f@AY#%G;&S&xVaS1Y)>VqqKf+g}2
zy`tsZ#29u(>Z~%@pHLO?!R;1<g_yKRlBGgR9mB|qIVtabq%Vo-5_|=0>F;Xj-D2)#
z?U4Cnonfxf4`e<j{oM+cq6+fC5gC?Av{!mM90M#Frwlc@OB-dtBPV<NL~lrUsQoaI
zAZFP^Mo&~x(5H3C4EyGf(L%^agi1Yl49(+E+>?d%L3x#tNx_q_FhW%3-jw2+A_`HM
zBs|$6s&jXO2O*1yVOnh)vF1DOCd}Onow}t2!MS@<c}{!Vwxe^C-;AX!LOxUxxiP)6
zI%ZZRy_I8aW-M)caG#Go`~3DqeSUjn&*PDbI}(UZ>D(uTby*p|POJHNl6QV6Yv3<H
z98E5p7;wTQ3RTk1Eb5Cn6un&N)a9Onjg}GO8+QTB<QL0~##3~F4HeVgcV`I2QZ?-A
z!fQv^S{W#*FuyBS(NR%H7g4pGMq-)G5n5i8Tm5!6KfDpFn%JGgy1r52`ep?a%L=CE
z;PylX3A-<l+ZUoSzpte4zAUxZdO5yi$o#$y`jtiYXUTl-#r6(WEu(y0p%2BNd@QYO
zJ6>SxB>px&#m;vANVb=)IM_pOwR(GV&c$R?(a*=`qanQr<;>cUbu7#I-NC&GVO9nv
zy94IP!`QT%R9Bs1f<*|mQAcp;nF-*Nlx47JJxS=k1aJG=Wb4VMLgm9@Vi|$F^P<Z#
za%ek3*hN`q{)L#rbYriQx$N^X43g~fols+fR3AR3RUI_hJXE?WaeXu=IgOLH>@glP
zXP~Mb{##64#4J-?RP~>ODQU?-ZMOAQI?Ai2>QT#dvX6@xR$5%c<rrSevXBcazW&VZ
z8sW)}REpkKs#I=B6bOK_(?DFp`ilUGeUKc);)f`7@EL-@`MDvAk(D_%7<zX@%dwhw
z_QeA+R5=yQ$Cl+W$9Bk7`^ZMp1k1-pgq8AyJZzuXNW#N66G=06j0&EpkMdxO1o9?%
z$eLF|-~c|V<KP~<HJ9@$i~vd0*tJ3!IOnac%0o}d4b4+-U+2-d+znFn{7v0N$r!-+
zj}&@i$$(}PF?NK1We@WxCYW0;qz_rPBP5C!ta>Bps*$ONG7<iU{Dg&Nd65(!EPQ@y
zBA+&;!w5LeZq`bk$8$(A>J3H_vpE{!Klfd%W<~zwzuxEVwaptx48c^=<6#8o()xCI
z*F!nhQoYo%_7kG(EZ7YnkXG41p(@d57UEGB{OG!xc&5X(t_v>7CuEWb$KZ{9mr^4`
zy&0uoVfuwkYXtb36M0d-d(?Jyo&j+md#A|yc}XWDPt~@cLS{mPRS~{z;qu9fe>8va
zASnSgG!u&XXPVd-1j-vQJPRzj11m5F9S0;H)F1{28M-?Fh0iM_D07^_zCve%yj3WA
z24FF*Q!=XP`=<(zR^fZ@1@z{PW8{co#?9Rj8CXOI`8<o3k|e5a>*Ki|dO>zX3b8vN
zi@e$$Psq^?GU%dsIb_)YAH8WvP~LM_R{N1pf|(SHPY0hEi4jv<q>Iz#WqV2#$^5JU
z@p#XXD<YL8U74xiTF!-aG}IatVeZFmK2k>m^S<D5aau1giMtuD0-3Qr6p_anV@c!9
z!}!Ytmo(~(<>f$L4(8=hUdHosI4`bQRM6?d<tfEJZp0Xfn>m^Bbmh#FpVBcr*VK3>
z^5<XFV1wEv>c{$#V7`7*{nslS&1P%I^KzoE){I-|4j_}BtyIukhynz}_F~Dvjp8*P
zi`9)K3M?2;eJCEJ!A8&_<4-pXzb&gX`ls}^vGtA!wsnY^@_oNq7}-%bw&_`1B<8Qs
zIY?~LXXR6om3kv<(1!*}g=gC%U2iY5Rc%g>@7z+}it!6go{@5&6=*XxG{=yxSb8HA
zg3Rpabp>RV2bE7>djJiRp~T&#;Ph)r+1Da+JtNmO+fMszWUQ7Ey3c;@lrmwlF(WDF
ze+U;zhLZ#F=$N_NhHIg_32*(uBgtRnNUJ<kS#323KE!?ctrcwA>|pGDO=T%23*Uqg
z4)^nxils{=H(OzAi}01ac$9a4-mM75duT=cLe31Od(;IgvrcSeohY-|p-DJiD8yF^
zZ5Lh_t{;GF#pyeIq6gfyGRug`;ixs)2W2ASlgy~urE3<<Yz&Js6wA><)25<><C|Ii
zHn%XmrI(CYB17oi8jnZ|Pv1^P-%hPJq`4*cG`y$~p<;a^=JLY6e%*K=IpmMGC%44-
zu!9eWtsJs051kKyJ8cruuK_XIN4#ZFv@i6lM;BiAwVeglQUsP2V*Mf!R{%<v)0Ph^
z5RdnNL=M5_lMA%KTLyu1>vUk%I*rEe;G-gB#2^;-OMQ5z13ScaVLw!>LhA=2gokkb
zK#=ZE!2N;MVLs_rEZlKI8aP}`&g3s9Rt&lf;rU5J7?Sn(JE4*$`4(vzCoALSYo->x
zuK+}Z1^l+YhZ+f6TG(13T8M<8!NRTBor2gpswbPGgCGd_?+>0I?kD7H)-k62yuSpw
zkiz8o0{*O|js73CS4tlxCSOtaWV9j#Q5Qs*xAayQYr#mrPs2I(O$-vX+x8fhabuLN
zny@LUcqU6(XUj<65|K;PTG%g|%d==Rn$u{LK{VG&mt**DxkH(W(Tx?DGbtqq;tqO+
z%`VP|azcW2ybA328;oN8O1|8)euaD`k+(GaU0LF>eq@&sj`XM8PUK~#KZeCOAC~S0
z*%00(Z(KSp$``vJk&+Cy-f?I~PuLUEjW?i@fCQGVn?n7`nUbUqvZM%)<y((0fP{~C
z{ps@Ui)3y%#2s(z=NV$+5uYb;bzYx<V$Kss!o*@evQdIiIXR>B`ZLV85CojXxv00}
zPQdys<Jg#$$0-#H-8!LH{nE?=>K*ehG{E}gmhh~tk-qSP+-8zyA*p4=$tg~xCITmD
z3OqHQs+<y!6Hy=p&Z)UR6T?}L4a;OkR&wvWevU?>Gz?pajq1Xy<*4S5r5&mog5TG{
z-vHvX@T!ur{&FQ5i4UuOeh3AjXiwq~W0xDjoK@gZEWD9(=M9p28P~!s-#GmL*!%N<
zn!4`~9N)J=gA~aet|5gcO_Hfp6j2mHXu1tlH@91g5JD);H$w;^gb+d!LI@#*%u@&<
zWd6SPKKI^wp3n1p|Ni^_^`*VfIeT1t?X}h(&g<-JE5GFyNnEI;h%15B0t2)r5hYM_
z2&%NxQn)QGNipiimNu0;*3?oe&uePwpM>9ZzXs?=RFCj#SsSY9M2r68Fv|E;3F3>-
z2BlkJR8i=+hddn4MujVx!h%o*PH3YQCHpg;CS&=6IQE)}TFki9h-WhgcBjtm%X0U0
zROb><dw~zHlY<oS5&>1<=n9BivJSP32$e2ww39IfrVx;1B`%(@>RU6m$cA`~oa`Ao
z3IKGnEl!bRsce~F#CnFs$?q`PqpOQ#LPJm+?pT8e1e`U6;!g2$g%uW}PPapG79C51
z1tV4%cw);Ux-Sk%MHwOV+oWVR7$iH;kpp?Tagg0`J0!_s(1sK2*nEvzJQkoT4PoUo
z0ZkTnqOXx?H8i(&at3q2ZYO(k7+`4>)-yD$GhYq!;r~p|kTc1ccmqI_j1@3zA2TB?
zD>ln$FJ#kA4%W(SMnwiXhY|^(868h)EPcJCfOGa})9KePm~l!USiW4gFv1ahboN5y
z@~JT5Lc3hnYH44VbJReUD4Qx}Y^s#eP|0XODk^!c=>Uxj7|%>M#FJa(Bs*~lins(t
zbZ}xd(LGL9Cw-+Ly~Q2Wj!po;P<8_nu@^_z=x7zUgh{bR9h7!}TwwR4!wq<hk|DMD
zqbH+iC)cvYEf|3}(%hG4s22~^p5d9&fzt(XwjgasiZ$~sn39x2(&!EBHI#|KIwTXk
zB~_C-?(Ja;(F6_j<3fM>x1^>6?Oz;I$OS{$rQsd<>hf?Lq0<!cj|_OvDa+8gSq3Uu
z&9Zdix0IKKsDBjq?`+LVq<sL&xHhA|ZK*mSfUA<}rR)Kbj1?}-hsC4KSA`&{W6<XK
ztEfrOC&9Eu_J}9$9Rp)OhT<faS(jCtOl>_H=fTNUN^g!Bdcm=cbasmhig5xYHJ6YZ
zMd_8!?C3N0?+~%v6U=5>4Ru5hs&KYJEY)kSPg%*yER3c~E=8wtEw$zz*yjPV7}~$=
zk0n7Ud!QQ?3<icpBbx^-Zi5X<2tym~6gt}C1{*-=b%>5NrUo8#9>pFIk4Jf&E*_{|
zm&K{c?qR^Cp}NiDJvc^$gAr8rXnR9YFBS6?3rYZZn_>apz$B(vurXk{Csu!qjn??e
z4Q1lYH2hi9{HT>PoOE8qHf2D#CRmBy!If@GAu*Q?^Ar3*&uC91Agd1DwN0_W9hGop
zpeUf2&Bd67$;9<vGWm}<`pymnQLW%)jh@l)j{wM9cPiA)b@N|}#pi4MS3DXl)iBr=
zY6lg7@n(jBThvg)NM$L-f|Ds+nM~0un<K9>&}5np;YNNO(g0eW@P~y63{Vjo-4sOE
z?ktEkfTdzJvM|Pc8iuB|r!=s{C>2Gt#<<bCt1_0R(qJ_BA2B*oqG8P_#WV~3{2xN)
z#MA+0Ha$^pYGUHZ#Ze8nR;NABC2hLJKB24tyiKGptvOYqQ(9)&fTyEok6LH=oE*4l
zr{K?)HJaWx@qsmvi{^5;a5?a`GXCgV4U&_>2~Y}D4R;_a2-Kl#Fkeow=0d2>ATcGI
zRgXO+RPRp*J*i~Vgw#%hOLW9gMek9qr&n->Rg^+!G%y|P{bvf*8>)pUl1@=mJh*yg
z_q0Z;Jv5vS9N2?O&cIOG3L+yNvAN1IeM#Xqz}N*3bk7olD)XUc7+~pZ5Cmb@5k8Dw
z3wouWpW?##Y*|35pdS~}gH`C@g`o?hF&apxNNftsNT7@WC18P+CN|)vWYY`68G{lj
z?aAdBf7xR(9TahbCO4-{34*30uP3Ykpif{KEDJ7_d0apdF3_wZDj2K6nKIL^WVc`^
zl`HNZvmM2MJSkHtlgBC34|=HyqPAUwj)>eX+i-_GCE=M(Fqh|`5>>*~37c#vKRF)M
zP^qRA!75YZl!_jpG|}0e7}LR4R6vmox6l%7uQ7B8u54jNb0lMN&aLZ{t8u4Ht-k_h
zq<D)1j^I@|4WQrlAedu1oi0hwk)u7uNKyrVP!Z)HEi?sCs5UCBTi8L3n6j%<1DR5d
z$u{G6855l{90N>mQuAatg}CA9PxYXaOR8+uIB9`Cu#zc}OjuKMXg4F48T}d@noAK5
zSYGL}3LdkEI$ai9M`KxVJ*&4Aht<=^)LNFRflJjOPt{2EAhnimqTqs6B$fYax|&p=
z>c^@~MRu;rRKmUnfF_l)Ss=aPa&qUi;kgXYRMmd5PU7Pz0u{<vaEY~r9s5apntS3>
znIaqaT*h(@q1#xHu~d4)!6k5|HNv(bFViDb!Dg)JZRDlAL(O0v6J(qi$y%D~MM+ly
zw{V0cm2mA;Z!W@H-X?#BbV>DBU{(6dGx$q01aTRF<&c&X)Kyuw48e{AU5}Nsx1d;h
zuxGTsnl&dif%Qo>T0zAI5`PQ~V^oN_LdCRDv<Kp)$sN;>8qLMvs0~^j&2$=>ndYEv
zQXQgfVCBSdspDvB77)(`;MfK#2iVu-f)lu4Y>-IPrEmc$@_-C30Bu0M$VgY2l(F1}
zzMW>Fm>N^_iu&0;CXJ_5L7h``=-9(G9JULcg)xj>Wqp#%Rgp`pU>%)DIYT?8P}bx0
zhNHNQOAN)4Qe43WRLBD=xd6PvXB0CYG9FZM5moY()m#92N?KM87r=Ch_E8!XkBdrE
z)n(iFbT3Kvm)4pRiK8(%T}o@svS`S&Xt2`KTFV1k>oOiu=}X}5GN7(ZEjf&CT1UD&
z!Ud&uq(rCn=BB!7hN_gk6i3Q(ra=elSOP;`CUtnBlx6|m<4=aTkUeuIJ<Whtls1I<
zY-N&W$hvN6C0jYsS5hf8tZ<Z)f`yaxBhVCTUy+gO12)0S*prjADcBavW6gGvx6(x(
zB|XxYiFTSB#|<}@j*jYS`AjI%@sbG-9$d5sjpld*B@i<kC1wdcn~H5<ENfuFUb-5P
zDeW|Gw%z8%TIbCulB;r>H?xRog)EY7@T7ULBI+0gi>I?oN&_{GX`T>W8i`O!SCEwd
zn4Dk*o#w=f4v{xDgsUD0yW$LI=?e~aN0+^@Z|t7co6mBF%X5Zv4Mr=a5++7X^eYz~
znmnCZpEPJa?e_E`^y3#wPAr!zmgQnxtX5&eOd4zpC6JkB94{v;HC|U5zm|)~1-wrU
zV$`I_lcngY(u(LFCzpT|E>8P#I+v`twNiFx<9K;Aj<qbC?&Q$pF)%z*rOB43&gPhx
zN?3S~JUoYM1=D!etXvtDoWWmg2_jGu8#Sm6XNmH-TzRw@x~Gc6E-8~?M!5KVE<T^e
zOB<cXH9C)zkvvX67%>HMVhT7`7fL(2m?=eCF&#I+kbKT`rB$(}7Bjz!kyFf7S4<1y
zbP_cuu)<5_g_r8mue!k#44Y|nSRBz#Eaz&3<)T#pFGGPb=#)Gxr<h5>?18=P#!+4X
zPf#*oC^*Hd<YXE9+30PYP(#b(3|ksAY;;wPQ*UTTQd-f`G(W~5skx};>VD2$YPm~2
zM+t;gs?81Z1~hOf8o9>)l867&rIg}Svvi`uM)Gvl$xsBTsH78Vp_tq=3y`kF0&pxl
zYN2$et4bwagNa<ah6<D9bR`z4A&pd`9K{Z{tXLRP8qiT5(2)z!l?UibE3O3FxK6BO
z-z22-Io@%vC81$V6WH`Oy)}DCE95SoT$GsAWGFA#P+Bn9R4nW9v?@-vXc&5et|-_D
zQOPz6>210$huGw9VboX#_Jj{*SQSI$RSc2Z6MAO1cB&WGd030q(1u{<Rm0??8po=#
zj85{5QiDu48l+qK5G!ifz$?yn(UBT+dYnC{h7O}50pX&obfbkZqF8S2bPxFhKIQSC
zHRFgo%u})6kl&yh_7Vg00Nm2;UJ8=tqS-Q#O$=!1bVGn%X|JYK<An+{7Dx;d=%NO%
zYJi^R(`lt9Tk2>kG6C@BIw(DnF(Ew>5=<pJJ&}n%E>wj4b=k)->E2YeQ^kk{35hJ7
zH%k!04Ug#wl%e#H`*_wk*)vO-z%(VErH2)!<won$=HiDgxaoSjn1#l2k@31%?op+p
zXY{j(1TG?x6U9W<D@?ku7mou1Y1?2R0rP^5#GJ_!nXs%ZW$TcXQdk8nE!aL6Cp>h9
z!ODdJrPSnbmt1ZRk`6<f!Gz2oeal*q!&>0a62nYV>av{ho`?nH>vqHbA<aW`qHM4!
z8$U`#@6+;71js;a3uc_si_vmsl%(KFCMQfE(#u(KWx7-%kb$#|61rx_TMmv9l`N9J
zD`!N|nM5gLIPD%UJa9{H7EUFBrsN`6*)_;c*RtvLTqoCa3IOX>&EjjN>VdI`st0R3
z8>!Okq%k;p9h(mgNDXPD7nH?uuaQfE_E1USOwunFl|i@*XP}ruF!pC?fR%J|k%A$H
z)|Hk*3(RQECD-8?ouP`KIiax`EKLSsX*xniD5wuh6Z)QsP6oI;ur9qGKZn9-uV?u*
zSPniDo(uz-N@o~w1T$)-ZOJg?sy3BJAr|GM12Zh-87;U()|}|G6s+G9SWkcfkVcL-
z8MeA?;}Vj9*P5V<zLKSXj3NhJc60(FGw4fs8bf`|P#YNC%rs{(^TE=)aTR97(qy!^
znZjnoGV(m+<ax;HVv}8v#&TnVN1Fk$<R(NJ{!;#?XlF1D%}8OjvLQAjNS-W6nk)oA
zCBqVgFh81=7A{YQ`4$yh9PS2tNPAJt)hDJYSlVcLT1>krDY5c^So!Qf1L?(R8A@UE
z?q<&{Pn<jt)?iFe#Q1d^N>N%OOCX<`WyEs{V1Ky<bp}*Z+Vli2im{P(nv9`r5rQ^k
zV4BJ(;YN@Q&g9T$C9**-!;@8(A}=vTDlu4FQQ8>?IJ1(G%ZW>#bU<WwFr%Cctib$*
zYCxWLMh$+9=Q(3-4O7mH=d6%QDXFwzF1&(;S5Z3f^DFEDvknx4!^znbx6I0bF(%y0
zK{|+V20i03^oG9nhP_WKZo1858J~0AKuJkYq(c~tXbp?0<;bn$E||~I{;Q`IsG<|_
z12Ej{E&LD+<xzvKIvoPjhfv2t8g;2rQ<WB%NjM9SS(J80BgX-Di(ew*+So`Lfd`b9
zsl+PH#5{!ccZPN<n=GbQu~=O$maj_*p(}!77TjBxt`MLoO+f}+N~kzBsF?<=CR}J8
zrqVz@7szLU&~uiuw+b_wnZ2<!iDqT?rt1JMVQ-eunk(6syEt$cCtYc_a4u;$OX?yE
z#T*DT%uG5|;m4I^qKeftH-6Gz_kitYu^zHKUR)k87V61KT&9P1W{`GfEMu4l^MjZl
z%Tjqs+aPAl%M_z77As~xSH8>;h*2lY6eO!KgsU)wg@#Cr!qzVoJ=0%1lPkoZ#Y*)b
zHAs5^BR%6@G>eAH(_GLqPNFhnby;{EcZo-LG2Vu=H5N@u&&zMa(j@2tjts`9i6Jg-
z+L>{TMJyf<j70i7FkmNlEGEJzQ!!hh<-i_iMl%^>ci?%p%uZ)UqYB1|Xs)5zEMtn4
za%NUC6IoaWQ~NY8E^8HJkm@6?W-Zr(Y<5}2okyCPPgR3O=W{bC48yWNHhM#UG7IF1
z3UukbGqVW9vP?y6rAMEor4+$VNJn#44AsBPVtF*yO46pLX2=?c)=En&<tQv;TANuW
z&sDCg!U=W-*Lr4HGAp=b6*L)RTV|!UL<4LqWt?L3d5H#>qm)rw$!v<Mc4n1!W(`+;
z0{6gjFm27OVM&?Q!cT)iG_*6ZS<5aMp`<qyPDUdzN08oRvJF)lLS%`(WNDlj3Icms
znE!E<$mTbh+#^<DR0J~&7<cH<UnRTaeia~t(|%Ytnoh#4OES5Bt>cDnNG$#^+A`6_
z4O@bsQdync^e3}HDm1mMosD>cJW5)#r(YaPe^Hh)0<v^b5bZ+=x1M9Q>(I0kC6-pA
zMAI@}O6a@>$tf=-sw|DFRGBcj<lYQt(sd$Z_Aiz|L)suE&gx1C3+3ij5*@CPj!Y^f
zu%C?5jvNc589P!QOFBY==nb~pxlJ1hRZ|L%qm!IcmWJN5Z$%{W+9_-T18OO73ey}q
zlVPpwEt5G(Z(6IW3@?<zCTJ2THc8?Nkg$1BQ&vNHRzs$O5*Nk@ZvM-vVl@nrCmX`G
z%YoyggPe~bnROv!g$tL+L)u&^Qi)d0W*yB)`RB8QD;2W?PBA60!Z`U5?O_dW;Fws+
z>fpA;B;12P8;>v;VOk+!GZl$^iX{o+TE=}Xf^bGBYgUN7q7W`k5DS)1yCmUUus>r;
z9!G2(<vcB;jwQxCMoO%hOU&6%Nlr6<L~}7YtbkO1ZJ4*zcx?&CC75a|plQFj*0Bkq
zL_QId#Id|-zZePJ#w+c7uIJ<BmB(|elTX4V30&#iqD~^8N=Z_<gfL%HvNO1m4lQb8
z%vyQuS}u9EJRqCX4oNuJz-S6*-GSK{Q!|))s_Pgq=mjGjy{zRfDJ*5KE|YA^d!~Wl
zW>c@_$?M7E=+Bo{=OA4VN(#7H6nG$21Ii4F7{)}O>J5FwA8Lf%Vk-ejAy-rpcPZv9
z4}fj7y-cT=K5$yXLM6H!FVID-iAAiZOXak2CSOv<b&Z(oR&;1A6%C0uYi2o@HI@~?
z1y$&(fF1P56ghsd_d$|Md9jt?AvJ4d%!)}8P#UWk(jx7vDy|9DT-lARq8e$gdiL~K
z+7Hh;>-JnbvkpJh$cSLm-^@CCpUGvFT5t*XR4bh&NE$&y9Y;zdcVRYLQYRe;6ST9q
z<pWrrg@yWKnJ7F~rPB=d;R~HoFkpF>6Qhf>;}Y0$YKCFJamgawMTw(1%Zbs95^1@H
zl+G+emQGbyg)uG*8(m-!E;KjHFuibgH%mv#hQ}<hBjZqJ8GF!$gwxe5I+a>`)?Mf*
zbU!L$KVqky#jRgqb)^GOR&OTwS#krJWyn#9i7_A3o+@VMvrMIfGnN=>+&(QWl0LAP
zTHHWJ<vq&+QZBurUro~xEULK}Y>Y{htd-tm8Om;2t8r=3P+96awvASY5H*6~qmFWf
zam$o7*IE}abd+z3R$*jAXEt(-l?HHQBz<6+_$<>98H=qs7UKf^T9z$~<g7jI7)}ne
z=<J&=II;}69TBi8%YY^2On;Ue5&&KZ27^R;k<RC`Jfz*kG&9SS>q0N?!kP3e2Ud_j
z$L>sSPJzh}x9rOb;tGIRQBlY&V@wIr&cbvB=l{@~ra<n;53_<;f#D#DYF`$%e5erl
zW8(<F*u{<+>54Dj=yCCi^hd+6Cr|&=FNxTvjX1HJ`*c(qh{YiNhflE8u!qmRXQJO<
z=>ju|%|?!He3D49-0bXk`C^yyJA=)8Gs5X%_E}Z5C)vT<l%MqLI<{rQKJ8*#jX11Q
zJKjk<o=~C7!Z)Psf*{!qjllU2DeRI!K!!Sdb-Y%CZgAmONh!Vp7f#mJYOv#zXaKe?
z*<1_nJn_r&Y`>7A4A~97<5y*~KY9=ta#A=c{c@8%K*zP$THu})3?W7_2w-n2X#-ak
zGFtH4r=Sd<q~S<q+Bof`aBj<OZ8d%4f>QAb6yp&npg+O@1)+Z|^BTgGba88WFiW|{
z5I=(~4`Ol*C0^swf#R~(;ET`Z5PVFem`SJMaoRBV?3)3E(yuQi#dNR$C>g&eK#5yZ
zqscxaScC8Vnis<MXAuZYep9^!8B!`>C>XPnu}YWPJ?`@<U^pl)V^uf^q#R>)&<_!1
zP*LEVaG0xtsxC%Cx`gU2eQgz&s%Sto0hGXRu`>UK67D-9P*vH0Ksexo%}Th}r5+zK
z3N!{kHA;ON4~3^uw)A#!0`uEYA3x^+zc=+9=yTj!++te+w~KS>Emshs0ho=_U}Y4q
z&hFHh@67x`2u1BYU0polXVvH}BM+OoG*=DtpHm;dJO*FFr#^l&jK-EzAFBfzl2835
z8q8<(E@2J8Z*tKzb*cv7GREAD7VJiorK_Q&Dk`f|@~DrG?vWV3)PP`Z{89srVC}^j
z)-)oA`IXEsV}1dbw2Zq{a+k*}s+N1;s0gA#K-9p;v4`+iva)cpA-!ile(E0g3BAD)
z#z>snMpHBHB^0rAjVwhe^TpK1c~vwIqX<7y53*Sy%fo5#D(0`Or}sEufrc>l;BW(a
zugiRE=DRT8llcbBH>CbzOX}mOPMSWS-FxC^a9HQ!V;_X3R8t?HKEY3_rT&^BNWrL(
z1kvZ^I@HJPj>eVKZeX7d;1NJ(=G!vAi1{=NpjGfGfSmgA%%`oTXf5jJG9SDKV5yeX
zgmWBe9jq-W7OaPRtFns+cPVAb@Z-}o8Dj`Ow!wWGr9eBaBl8WIKZN-f%x6r%n|q|e
z`*)hRfrWcBzmWNE%=e%^_IPP&j8XU*a@?ouvJgr)wpy59#rzEFr_$DHr&Urvol%0<
zHT0g9pPs<du=b~mS$GZ$@uxn1XPo9up*}X-sZXe%UeE3|n6JeASmtvnS(zCjEF_xw
zjPeXtKK5p5IiAd~fsZXq<}-RSS!vkMLz+yMD>I1Qv+}XOM8n;f&nV1{WB06<Oja^}
zVwa|=q`rhvn8}q!>%v9@^)n1uENfBbFDfo<Wy=ENneW1Ut`JtNgjFZWW8th)Ne;W$
zr9Rd=w7LZ5hcmy3g)@RBu`Gl&P}0cmpHm+bTk3NmkLf+8kTe9E&gN?@$dvhf<~vZ+
zr3vL#Q{@p=LjQH+5gzeSXg^ux6FyED<{0fK2p0zn!#sjS!nqMVq*Gw&w0J~4GC*V$
z5gZsM5D}uxqrn|`MB82%9wQ143=;Ft?BesyOa}}kq%V*3HuX2Ru=4XWHL^DMvox|8
zFkqmOubIHg$jryw+{)U@*F3<_ln@ObQ86{9{|6A_%p;wR$2oe86#0Y-<_bl#4JQdi
z5uj#hl!dVs=+xAaM>zyXgopUVj6+Ionujls;UldjkC;x35b&e8{Cu&`?BK9Kz7O9)
zAaeDcCGZnF`wPOv!2!Vn5kELALM-s{C&Y$FEXN7O{4jyQU*OLV4&aXxptU|?0Y5SV
z0ds@JL42PuzOy^H;3JL{2}b((iG`vVLi+PaA6lV2!~aOzlSjJJwEA`;f#aM=pAdb1
zs6ZSfM2#{^`tgV!O(G4KlK&sX6Qau_9k`msPCgMq_CkL_Q#r;w(w9d12~n~rk`nvB
zTA|M)JsD*}#-nM$Vg7>X>H7SLm@u(VbW^dtd89i_H^L{-PAnD$`$mcdV+1h~`uuQ_
zFkB!KgC#w9M3*J97e<DOn_`-Z8O$SA_C6sYa;~|9@dkbQ!Z7rdyTA_&p5PPaFAQZ_
ze8T*iwM<6BD1q1+ZKIJU?gB9_p{ar?keLaBh;RoVu@B!b#3v$x9~{9C6Y@iZVS(s*
zkzh__un0MPBKVY!fXFaED*Zko!QvR2)F;X(IK;;{L_ld02O)%&LWnt!7`q8XM&ZKX
zFfrI08ZHt<P*IgL0DMM?z5-MdDvT09yl8VNLmchxBSldH<B=j^=!oDz=P<E=5+fEi
zbrT<g8RE|uga|?*rV)h5WJZ?PIV>PJj1t+zZ<!$IyP=)X9{(nm6Vj1K+Op1Y_X%m%
z7fpgI(-bDR`aU6nLJ_1r6lM5OZ4^_bH{g+8v=CWZsaWd!1^I}kK}_W0Ys({pX~O1W
zCsV;Nz92e0B-k%l%-0VT2_wUy<4h0r`97k+NZMXPEO^AEc}<L}rhNZRo=j<E<k3vR
zNL1r5@Qn=oM@#rT(uI~U6)zbRn_3`Cp#M*PH6@Ts_avW?NI?^;n^MTg(RT*(e5hFc
zPeo|nTyc<(nA$7>B(NF3BFttx1P2Nt#LYWpIFH!;Bd^rdHOr?T86j{F@)^*K1x;ki
zS~^Y;Ep`hG=d2@?P~MrNcw_{vKpgb{zeE35MKbBpw-*T*J3N9z|C4e5?))anv5N>B
z;27p7^k*swacQDb)(qGK$1q3{I4%@5Z$@_vF0>i272;q&zRYOwIa5c75sw(qc$xIb
zYW=SvgAiG1`W`}uV9sWUVw!0H9T{n9`k==yBxGWQ5Bg1?jkld>cr&xroJiR);utL!
zgi&+i8tfmzcb2w@+98>!{$FkM@nd5*hPi*RiL+I-PFGQ&@d(&rzZiR;2yuwOc%nEM
zhAvnTVeIT`JTf>0a_TNd=Y%#DPU*Mz3HR}prW`30fuv>)#RP&ih$fWrv{|$#kGRvi
zn_GgpLBW1OQt{S@of3#f1dCk+VS(Zxc}_!W4g(`$dte=Dc995!HeWzHA0zoc32dsD
z8!rtanu#x+i%<$Yd?V;kfPqlJh65QRn?%TvNAzh*`RHyZvx0K2Hzn@HBi;Uy_&?If
zgv1^LV#I&M>+uMmmZ2{lZiT`A|1sE_@<@N0>i-C)zI!AarZMm~&1Ra(Sg240aSs>x
z!Mys(vJ)bsTt6Z*JX|Oe3;bs?JB-0wuJiI<b&e2vh%g3X9@Q+G+8oE|U`(6nm@Evy
zaIGH{?2joG-+kOjcYVIEkKb&6AtoDsK4D>)QPE*AG6VxH?6EO7Z)6R3w0Cf7R<4X;
z`oaD)1%BuUkC<?n2sv4D(h(mX>5EYWZU0vqnIZ7BG#x}4Pa98XaPmUrTzB@jvvU+j
zpc*$Jii&Y|XjYZnT1ivc3qwPL#dLJ~SAG9ZNTo+0auK3Z=x?(U`|wB))@W&ot}v(~
zq^3kROJ>U>=I$|IZKyHiRTwGqgMNAlg&`5fP)^KSLRgFaWsxHygF~P~Di&-OjVU!I
zJ!8fO`-y}R!T_=Hq~Hk5Fx|zG{=q_HNB>}0MHD0ui=jmk4uS|qtvtXTp&<g80)ccQ
zD-@{?ke4iDt^QQkNO5?im@^j5XqWfjROhh&idW+iC5(o!FKu{4W1IjYjbQ~VjW9w6
z@`zb;F=s=*Oz$DZAt7`IukY#?5l;2k9cDa|T2$FYP~RgY!agJz9pokwiiLhcOsnO6
zE;Gk=nCH96CN!8<b>@+Fv{E}kgkxA>a9A@jk(Db`yWlWpSB)Jb0-DN|jq&nHa5IU+
z#2~oYT$HxYE($8nrz;!U7S=*4rgRY_9fvSM4Z{#6qVWMj5jZ8EXt+{K`Ck(a8KwI6
z!T`1&`L9HSc*KIWGyoGvfu}u`)8CK}4IPJCK<PXI#vx3$`LZZE@BW!{%Kz`2vM71Z
zPCTMBfz5txFuk7Z6BEG?@Ck_!G)-sq-BEXln+P+32p8CsW?j~WN7~CWH_g~1u?{0d
zhexy~|9g5ZTkGgE4fMAcV&sr%>%WaXY>-Ttox`B6@^!D=N;jhsBOB{WtVo1m{>|;6
zyh=O&S&>j#e>$asR-pI(s}JOsM?SFpS1J=8=|_7?A8d(&<${U(pXp^w1I+tH5rU>n
z&3Gwa*STV)9*m`{P~;{vpG_oSL0<@W_0oqDy1Gw=3;92mNM?2>K$8R_Lw;xkbTlN`
z*N{I+x>lE(3q!trWC&d&4-FGUibXylhJ1OQ9>Upzu%W&K2l`n0Sy~MkWNslawI0;#
z|5k>DBRDFn6K0FsjR0l%=Vs?X|0vD>AKj+^ukxF+|EBV#DfCLaBml1NU3XG<tvi|E
z?%?jQW4CwPtb$S7S1elQT0iFvl_z@}uW->UFKYcF!hQS%UVgp2{2`8FpAfdK#5Pon
zU~buJ&<k@SuV`y4uL)QL`$P!5ns%Rz!~K29y!YKvCigFc-t%Qo|GX}5mX45__Cn~o
zV60DY7-5nt5E%Q1gh;de)gydc5)>|S9TDau2oVMe+_5>}5F_#v`$h@}mJ(tKcMz#l
z;O<6$FYEN+@H>Oozhg${RBt@LaNyGZQSNJeUHlUqR{z}EVf~aZD-OA~^>GYMQd_*h
z>}0a-+vP{+x2(_X(bH@8xFsI91?gA459&rtD%IJU__0Pi@>2J~CC{&q7+PhzZOD;6
z!c&^}Mh2@)*8kLXLve<^Vq=>NUsFB|d)4CXEtB$qZg*5`-#m<)@cvu;Zc)DF*jfD~
zoo~#U+Rj-#W^?5XrH;9EXCB*yX^p>J(K~g&+m?p#LF-~|mh~zsocBw?YMS1}tN}*T
zf2@7BDs7+gqrR;JLylj(NnT!ivMJBduRU+L=hKzDT3K6k*<=2<;DnRL%wq?x7@zxm
zf7FZZ*>lx*@Pqy=I=%N5I{pLP7b*bspAwI43KD`*9`|@%$itN=u}DPG8yZg2;a&*|
zXc~m#%ARQ&8V5(yvnY5p4@*n4(X=!lD;43iE_zSXN$X{gv<w=-Ihu~ug-4DiS`Yo>
z=%8U7%`}U&KGY*CpV3Vd(@I#G+=Z)~-t!uEx{bFJxG(IGd$zOw42jL2*_Q`zbo|);
zhv%OBXNu`#On*$|M}>afTM?C-px~nS<;9&}uKh0GIcMn**T;8T^5FwhogW_W5~%k^
zbFJf_(kIhRA{EZM)N3yunYAtH=J)fnlV`qCOv}z}7dr3lsR>i=WtJ>8suK6O>G?Rg
zuk*!nhc#zb&Wc<U6W!oBZ1%cia~|kFaXnI!u(v}!KR@8&Rhz;Ek4AU&>pWn|i}B{(
zS?-G*ef{S?J}`S<{E5Xmx_?yrXMA@G@(g$U-6{ED$cl{ljYlU$-0ZbyjKWh<_vFdX
zChqAM@YX=(;NdfhCg<j_Up`QE`%QxtpG;3}KiErg)^UaQOT6A))9t@1rZ8=%%BT9z
z!B4l0yVr0<pj>jRg@teT>pT9eDl>N9Xz_Vs&el~=%#^>rjm%wIH>joehuyYwHn*4&
z)_VNO9;?0&d(dL2WSH{42QN>K9P5#EIJIoL@|+e`LM69$f4$fK?A__)>#W<h_7yAd
zZkiidJK|))%GC)fou*m8Dt~`JCRTmamJwR7W8=GBY(!6yxaCXL`oD8BYZIQ|ZK`No
zi00p)zn580(%N^c+fbuH`c_(Z{nfp8^az^faeaf8u}yFFzylhSUumVkm)t1akh-Z$
z={eW98va(FxnqK-YIkn0n|@sVX->Zvr9B_p59!jOtF~IJmYS<C?EQ2k@0d}yUFA9-
zJ1v_Wsp7JK-GdYF7kU5Q#_O~Bo9IiiSHR$N4nG%KOtbGBwYt~&n#=Eg1s!?*(XVJg
z&80hj%UX}f>S^2dd>elJ=-vyKofz79<GWd#eSNotUf5(Zrt3k|&o#>@)U`VOta9$5
z_96YlkFDF4;q;@;YyY03ekGRW)erBSv%s)=l6lI9p3dVgtgya*`tGHze-f)&TCM%E
z_}Y$n4-K{-UDM~@-cz~5Z8knPj81FiHnU>Gtc4?eJ(Aj<`C466n=<Iz4CAx=zbu&^
zSF*V>JvR83(JrB$_MvO}>jsy1T(GlswqIE7;1l!j_lZ`!GNoff*!rWqI@k4iOEbd+
zFaN$=xV!k8YL9lcFF(B6aQC>->gwptYE^FvVsH1&J-C0s@LmJ@ZO<@0zcrxLa$NC1
z@sdkBex+0vJl<K|&Rl8j=#O>xzS&)I(_EDL)uhAN+euL$3dY*+9_vvdQF`?J`r&7r
zW+ilSG3;J+S}=am$Qf^xHYQq5=dBP&{Ag)s{4=oY)I;}gOh{`z$^7;0QEfx-_$031
zqA_n^qt2QsZHKIUyG#H5RiBHNM|EGkdot?4ka;&AP09WgF?^!V)tHVK2A+!ecIA!x
z@7>d84i)M=a=5=ddjIFemx9WM9qVmjXuZvL=9#W%MeU#JX%r7}UTx4S)9!B`Z_Xf%
zLl0F8pJ!K3I-TNwIo@Z!*^%&DAzosqqRAsF6>gj|H^2U)X0-2$o_SpspZ(=IG4IZo
zecfEzJz7KMks2b|KWcaW{N?`PxH$4ldM~@k($Oo;N5coMc@_Av{ea^)+Qt<qIUksJ
zC3lEf@uRMD8~NH*rad-qm>&0GW5?8r<*&Nt?oN1OFyTi-hg)|Kc3J0CoHqJnmpgpB
z5%vy_BS$$oj~?SPcATr*_zCVF6DLjfoHEtN*Uw)N5Ev9ZYj#Lzm@s^fC_)?=H8(nD
zp6LKHa|=tWf!2fin@}2LbkTbm{q+8S{rfGAl%<#PK{jkS7dlmX=WYCDUcGbksDMi*
zTJe(tR-PSvDEMCOZ~kkKSzp98`Teh&Tu>kM%V5^fc*_<aXUv?C-F@|^H<3CA`p%z!
z^QqSJ6w6HqPG7Vc=<R!7?aYw|`{ncQ4_Mbt@<si)`oRfmvu>GMZMQyUyKU3r&v$;t
zJ{z=TgUR0&7HjMs${xPH>@h#XY{!{iL*Kh(wjA-}>^N29Edd61dmoINw$(Xw^>sZ_
z<5&OXL2KJr<$6_27aU0o33qb){qESk8SO?+-kG#9KBamONi4pp{_VM^a?v5j7L|tG
zk}nO{QaHW;q$02Fs@XQFZR}hFYu;pix^}g`@MVM~U)=N6Udv@qzYna{jeHa~>SO0Q
zUHhI}DLm?{xw~UYmtT{HjX8fKhQI!P>7VE;QyaQJ$TLq+xiH{>cIzqnadk7j$1mE|
z>G0@QMla@VPQRG_A?NYnvHSXcDJXw?V#reWbv_;XD=j=e_jaEr!8(2uduS|J_w$nK
z%uY}G_lgz7?@z4HY*S)(X7b3!=7FaF4)~8$DoN<LRJe804m?RFkvHTM*-Ac=eA15;
zkaTjLWRot$oct!0#1y0A5mG}IkVnLfj3M91W#ULSkOAZb=|QFvJF=NPA$Q4WGL~#2
z_ec&2B8KEF(I+!W9I+z9$b0gWWRlM054lS6hy~e2+LC&*gA6CtM1w?=-ef=NMJABb
zB#?9<UoZ<zA+Ja+Q6WXdn>dk|q#JQ3pGg|YB_fiDSDx)i7+DS>jwe4z16f2?krAX5
z`AY7SD@2DR5jULjb({<#Eyy@hM-CB7(uQmy31kiFPcq0la+J&=Vseu_C#Q%Fc}OHg
zlN1wm@{Y_UzsNu`n<$bPvXc0c^W+XGB{xVcnMGEUo@5)DMwH2P%$6g`E#gC-k&Yyp
zOeEvUUecYkBs0h|@`9WplZhX>M23<OtZB}X3KEX_W-6INT9HwNPs)ia@g$F76P}Xx
z#F~^5AsI}xh=7bFC1fEnBJ;@-@}1a{!=x*TAdTcL=|e7%6(o!35f5^J7?9m$E!jx6
z6Mqs)=8-DWnk*&`<O6Xgx5++YOdgOZ;zdlzPNGXL5;YP`){~{=8tF?0kz?dFaUp++
zJ=sH4m0I!?m5G{yrn*L}7Ajf<=iw-|Qr1vYQPjer)tZ_bL|sjxRZA6RRV~F9JS7!n
z(yC<(o`RyfhL)118qONg&{9)YZ;8oVs}`!7imLdPQKeRzEj4&5TIxhi8Ar{uRO4wV
zswlN0EwofMiBd~VRYet^x`J8@E!4C9yq{luV{GiY_jBhaeVsqQ)!$E_PTrn9`@ln?
z&?EKSIX7=pQ$+<HZ`akpzy*`~_wV%T&mZ5zcka9#yJye(x~M3}<V%+}c3-l@cICy3
zD}F3k(C)*JA8!v%nR0Q>s8KC{*4NkB?cE!AsH*Ds%&lABIPTwns#kXQH}~9J$#aot
z+J@57Gm%G+>OT4Xd*9IX^jR)_`b-V6va(w^e7M4wZ{J*(R#bQeSy(iT-@e`A`imE;
z-#>m#e>!JQ#GdMEci#a6hWBgNPD52mX+q|O3xbiodd=8)_N;+v$BtVDN+eq9%F2gL
z)~{F7R8g_&t*yPGOI+O0M^B&jx$^dH@Hl<_D~k>u-25govWvEw+NQ2cmx?_N4UH{2
zcQ&%>(&b=HSlIi*sZ)PW%gOngJ7L1usKJAMj^4g~b-|%S^C$G}JM6);XLDwlm}Iq$
zkN>j6-96~o_3PB88=ijm&fAvH@BZx9ukx4!2i_f-Hm#&;)~u09moMK9EGZcy8Z_u(
z#^}*iYh7Gw3p_nXFS~Ya_KC{Me&;@Xc;UKxcl&ogf1X=zZ+~a~*s&7>%*`{}EL(PM
zm7`<p*WbUlP*PA>{Abak`W!bmhv*?gj_YmS{A^5K-si33$N!nWZCh!at?er1<mA1>
z)6$B2Y~1J+Zf&jf@ynM-e#OP7=N>r{x&PihzY#rpnDSe<?)>8KU(Mg2KZl;Wal>Wt
zl`A?OH8d>yv~6p0wyy3;$;_EsEwi#J5*!=`8F%O~IlZjx)5M)Sm;73|aMZk^L-Wi1
z{a+oQKE1zLr%stKBO-E2y}j3VTD<uBCRf)*+iGe89D4R#=+Up=p1~<8OIs!+TuK}{
zvhRiW?{Cg7DjH&-qZ709;lroJGiG#c-?C-Y-uw3l-+%mglE0bRII)dQHyw5L`)SV3
z>KZLtggEu?{k+J_Yx?FhXTnb2y!pXCKYvG=uW#O<)YRMonVAD`K7YRYQ%sE6tyiz?
zSC^Mh2^%=@=)KU;L|#&o|AAY#Ze))e_t<&YuEOe&kRSPzCaHXGXwbX%=FR>~0>PSw
zdGlV6+PAM`YgN@-!sEvi>Z7BDqxJMeUdG0~t#x%jPTsNOLPTNV_^k8idtI)rjotF#
zL3XWJ++$ex?hhnm#?<(nJh{Bp>eb7%R;@~T93DO*cG$48IfoDLt_TRIPH}QlZlS2i
z`}Xy#wyvh;wlh9HGiO;^e&08Fa%J$bW2qgMFZWz``n0}H*RIF(H*K=M`{YU6w~dX5
z`mbGU-m^`c6E}i`!*|`iyHaJ%nw{nu8ApsZZ0I?pTeq}!D^~C?zJBez;_B7EyC+VJ
zb~7-TxBbzhWW~h9#wlC2#Hp=Z*`af*R`&#_P7S#8^5yyX5hIE!gM!X3v9l}ayKddw
zsYXU^x@l=$o?lS#E6>B@cIb%{HiqrnZ|FX4#MtzUI~8B;R?rBuvm1A`aZa|?!)_}J
z9R`oRU$(wsW&g`*8(O3UUr*|PeS4XSRsI>vDdY3*<}PYgbxPq?x2xl`#eerIIx9XJ
znKkHPW~-|kF6i5(Ur#<@X!*DAB)#<oJ3}6=(>pS~;q0wlE`v(m^g0~b`GR(vb><aX
z0WEVo?z6Tg)^>Kpu6=vbJ}Qbt-Mvfhrl*s1Z*SuL=@a=R5)sjvGvv&kJ!H@N^<;fy
zB#CU%g0z@CnM}^fAvvk3B=y@j^6l_pa`@s!a&hZcvNbW0B;L3|Zlt7;l&@dOR}~ea
zvU4ZdsjpA;*Q_CH4jv>2ot=sE!-wRdy*;t_@*-Y$?vOhdE|3euhLK@kzK}1;$s{>2
zkOX$`PP%vONIHgvk+A*y$$k?PV)FDUdAe*FS=Oo*Y31%t-0SN}eRej<76^#o%^UJ&
z+cvUo-#)T$(<ZX1u8!2j#gRB8BVsgrHkqB5NAmjjC;hFgh}DiAWXHL4<lOS*Wck>!
zWURS4G5`IW{0;~p0iK@3Qz9V}8yjMS6ARQbGf8Ia)}(cGG>NXRCe<TGkP#IXq~gN|
z@}W;3(&xns^1{c5_;l_}Iu9RCh7TT01}|AcmK-@kj@-Xb?pIZjs<ms$+S*!DyLvTQ
zt)M^@-o7Po)zyi*p&>Es+Ld%IC?EwwArU4ek)(tKl7JKWH9K`8omQ+ME5?l@<65>P
zEqCoAyEHV2MobKeY14+ZS+s~O>e-X@eD#XFnlgn<dGdrjxp$A;8#<H>EiWhK+S)`L
z>whJ&n20?*h=-{uF<rQjEG#S}g$4$ASv-+U3<@GaZf?Y_q=b}IR+7rHGEz2R02y%k
zGP&HZAL+MuFWIZ5MYJwmBA3F$NjPTEf6dH@S#U53Rs{yp*B4U-{OjGD^oAwA{_`jK
zdHgsz{_Y)l=jccr7cVA@BO*vdXebGdk0<e)H<Qip-;?*FN0ZTK&yuso#>DvaX>uAn
z9lVz>$xA&wqUYp9oYt))>y8~G#||ALhvv^G^S^&5->+UJS5KWHrye~bkLJuFbNcor
zeXm?0SFrsR(zY#W>+eteH*6pq{QQXD#*JiSX(=fkGlq;gdXya9zMX7exst4$Ig`vh
zaDW`>(1CPlXdn&6#iaP=O>%SONHX%;HF9m>Kr(Q~3^HTXC^9M|gJk^pL4N%DMSe}2
zMy6$Dk*q&|$e*cG$<+LOl0Re!8RFtXToe_FqNOFV{QQ}G?$wL*Dk>sH)2EZ^vu2T5
zX=x<w)-7_YM-S4&!GSo8A5X@gKTpmtSU?sG8bk&yT}qbL)R3CpyUFg@SQ0yTE}1)N
z5}AZw%~9^sg>=cyCAsa|k#-gq#G+d_(oI*F=r%Tz#t9S11U{eeb##c%>(}J<$&=*d
zg9qfn^XKIGmMvt<<HzLjs#Rpw$B*RW?c3z`ym@5ai4)|+vuEU)tu3*2btSH$7>i_U
znt!i<XrH=Im^6W2(e2?7Q$uvcA+WR*RXm3Ym<)A$16A9HCijAR%|>@Sg3a5}_3u!;
zE5y1hnx6(0TMqTzkLJZfrMpAThoQ+eVDk)!bxWw?4zOYn*mMhQn+`K{7c8C%R*gs3
zhCpRj!~Cp=X#Iqm6hNHCP~-kk{d$O0JjCG<#Pu>*WC1f41yKuys_cR|UWfQAfkiq{
zWgD2Bhftd~5MMKxjBJ<>cbK_P=+Zyv`fCu!vtZLah;nbJYAwv5H^e*`U9%hJE(dJg
z0&(|+DtVwQx`D-yA#(mO4Xr7kV0yN}L`H(`t02lRVLH^%B@dv&E6~kLA*xqk7E_=O
z5ipHkA)*^0&Zp3o6JS=Vp|a%=jq^~M#V`dzh;&<svLCwlHB9JEsLp1HYca&WFVx{X
z%%KTXxe#V48fLi#%)l$C#T=NMDwym&Fe3>tCrL2lBB;_ah)pBJHXr8C3aZ@?;yVQ5
z@e$%+3l+Et@i+mKY!7j32esb|QJf3&83$9g1g5kOCR`t;?gh;6GKjk+OpykL4?CE_
z4;VJmVXits%zMCeX~JZUgGm-ZEKfomieS={Ve;NWg|EU4nL-U`!u+0t$?OcX^#tbS
z5>##!OxIAD0v<&6Hq>AeO!HWn`c^Q@0Wi50Fy%%tYuXTfKGgUC%)~mVpbLhnGcaun
zp*G4;_oFaj1EAs^Ftpr(IroHl_JKNef%@peoM~amYmcF&Bg|({sHFpjrGps84r545
zg;`U@P>~0<{{_?N2D4ZRbzK1Su@WXA3#MQihJ;L*!oL{mZop)g!DKmMDEtO<e;?*R
z5oY)vhJxWRAsHCrykPPbVDd&|m@&uD76?=E8RmNthO?(ISsO5n^nvLah@oRJh8_vb
z))<)N5|~G0nEMzEtBDu}!!U%d!4UZcL(35iSHEHQr(kGV3sW--CTt{3?{Sz=Jq%GJ
zFdT1%`TBt&SOunjBFyf43_0o;ew|_VgE0JC!@T5TC@_GDosS{>B24jVn22XEjSU!*
zFJKtmwBhr;k0uqH8y2U15}v=c$Z2?9&9A@~+iLx;{<`sO%m%|VCw``n`8NDs!13@u
zHw0Tus?s&HVxB5)nKR>g!Q8qlC0Wmx4H9)Lyw<_(+YE)>>PH_J*;?1D^{R?lw$ie)
z^RG4M_8ffLGVQ!Xlsa{wpWXg|pZaqy)$9@Xu=^_-z2oYTL)!yPRn478*MC`WaOaA8
zR?>_!<pUnqN|HxSUlG-_^v~x9DL%@rKhLjA)zLb!uVC+&w1it)%NpG_)Q&ysxzs7r
z*+<ts^{cDpw)f|6EPj4ML1pc`cMFtz|6Hl?TC%Kdq-p*;k$#6bOQWu>&dy$QCOP75
zAA2Rg<PRR6C4(PKHJjkIsn<v^vup0VQvxeDT8tli<8<#Gn|8dvHlFXg(0IAJR?oKn
zPLGu`1`WD;^w;w6T*I=v6|WRm^|~=N=>A8OJqP3cThzsz`Vc;S;~$TXPT3ERwVk$C
zt=+rGs`_^0*Iv+Uapi5x#-lbJQv(xkJ%9gsf?I6I>wlMwdy&>=`o*mw`Nv$gyk9<j
zL7@AAl4TbCoD;i8ckT4x``h@P#{*QqiW4ih4)#wT-!oSA$)wj45|Z|{E=#%`w6pV?
zx>J4TDp~J#9DJqFdhU)+4_npg2Djg<VmvY~eL&TD>rOjbhOXFt&bB&vd-os5+IMu_
zIi$mZRUNx4WM5osa&J%j+R<(I#3>IuG1WifsPf>MUq3}oEZNG_+qHV(I3hOb;(oVw
zj-uxsUDI(<zM0iwi-r>6l)rtZ95{CST;9;Wg3T_CDYwVgUkyvxZ~k|t{*qBV)g{AK
z&2^q1{@!`L?Vnb^XAin>Xt7Pte!@ZCA>W0sR!#Mp7_fPh@T{8Q%`~H_j?0#bM>+3$
zc;VCWP20>*7hd!8^(YRjuq{|x(C5(aa*vF`iFf|4*fi_Qr1Sk7*0stwV`LPjHe2n{
zx3#AxRNHiWyrWag!m9h1vv-Y{a_+U`{<Z72FCTDMr8d*oD&pIgA6+^+&F-o`uiewh
zb=_}u=6{{#5I8cjzTn!Wx9wg=tMm<W?f$u_+x4DTZx5T(bMVEp#yd|>HZ|!!Joaq<
z$jh2vb}Rf&FS>tib4zdIyWP!i+q`k|`Mx&y&C*$`!$wr+)p$i56(3xg(`NL9ZV`vR
zu5b>#c=?5DLYs`68xCA}-eR4`*4`TyE_%0rr-Rkohi}vb4>dp3-u&1tq%b+=wf%yN
z$F>=0h~w{k+A5rs<ughWKYwG3nMYnen>Metuq67Oso(c@vsC82YW4Dc<%ZQcqu-C|
zKW=5wg<(4;&1(2#aePW!ZG~To0}UG2opLER-LGLeCvMQZpbqsb=k2Tvwj8nP?XJ@w
z*DZc;WDpgTcyeC%2ipgBm>&0Im)a0}ch|dHVjsC{to||ga!5jP&E4VrQC)V$rrMT1
zs=5As1g~;|=X`6|uD_z<6$Jx6pL^BVYf!|qR}MY<DUR9s#qG}a6<)^c)>@Uh^j977
z)w8H>e(Ixpp^eji6@{BcJviL=glJ#u{#In}xQnwUC;#kr{+{;r&ic7O&S{?Q5^O)m
ztfGxy@4qd~UYM@28Zkh!&G7L6P3t)yqxPyxypl4lwuhcJZMfZd<H@To!>|7>e{z2;
z3D_4MIr8QF7QEq0l|w!M4BmU#;zWH`|1B3SW~$|B+}3kEGOzdbxnkbu^Y?4U-njIz
zO2>Hg+ivP5cV8Ypxrb*T^DTT~zu&gX`m2l@9-i*$vaNKD3U7tq>4whZAHGmGUw?9f
z&54DU{tI?bjt-t{=CV(*{nBwn`&sl}e(SBTKJg1@Y3#Jy_|mS;n~oum4Gd<xu05G}
z@W#@OVGbcPkM>!VWH&Z((x~HWhIV{;YH!PG2k-VX7lraQhh4hdW>Bu@)8f*u2S;|W
z5#79U=Zi<)r3=|z`wUGm%a1k8INr<uOiEPIh`3R`C%)*g*?Q}ws8J=4bBy)`&e&iu
zcEIlw$=UsvI|$n9Y*Z?bElj_V+TW^+;gae{ZGTQ2d0^c9T~BpXj$iJkGxMR>Mn`*}
zmHG9zKK{&eC(~x=Rx7>9`h4hjRo>zrzN*^&CfnUCe!c2Nh5d59HafYF&*%O*=a8!9
zdrcsyG;g&fyT@jyq+E|4<$j_0GlrGzZ#7qBvs$$4!-_}z`Qy^>yjVW0^AW{~&y;R;
zD*xHz*`*z)yz>vat=B$#Wb?u|K{KvgIIuLMQ;Kdu$iU1qw}!kP+IH`;evgcA?Te4j
zDb@bsZG5q{@3U>ohZbKQKdAkNjeRVC9KKT7FKmH^`Q$~_S-!PXUKJ#*?D1($--Wxk
zU++uEM8_^I4nJ8{y4of@Eu_Eh*)t<P=<T09r6OaJl1I<`5na{ScPP92J?Ds$_mH9c
zw(kG^p-hrdI8CMe+p{X&t~wXaWm`;K)5E&`$>>?V-5P`1eLUE=SRwOA@sD?1lzZL#
z^dclC);+zZz~IU5eSOEg&l&1$b0;&%&T#gl!vhx?Y3rTb^Xov_^wyp&7l)_xOZYbM
zfz}hR;j6|UzBG2iG`;chE0%2<^3>vFr^QS9+Fq_3GF><=M|^46lM(F{S|7=OI>qFA
z%y%ufito?$?+x@`5dX2&)U31_e|o*Vners`wo}}s`9-(Q+`@WTF1dQtYW?UjUwhB%
zryuvNeQ@IHcOTLxw!7-maO%N8y_4(4OuwHwrqpC{@Rr{<(~h(ZNLfF+^Us6Faz_St
z(ufGU=e%h5%BPEG<{Vh6wLZXqb%TRs!QVsrha!(8dHKw)$SiqVe2niJxMYeTa!IcN
zLgj0Y!{#JBpE|kC8IN_FeNMf8lV|H)cKpqi)1{wY3tb#_gSGvgzh>KoYfbC(VQ|gO
zO{*rK{o<_|8kJ|_eCN{M%#F!EzCH=bHw<*z<`TQe{OK#z`<aFILA+wGcXj#h6V1HU
zHlKR;bjzcSlk1lrTmH_kXvdMxgGy#RH2aqP+4{iBl|IfN%});ORC@1xi!Tdj_&#6v
zMs?eeXT8Q%+_@YRXurj&lSF6RtuYt>jP9VbC7@%@8>9R2IYOsAwb4Ead29ERzNu3J
zczy=!o_K3~E+6tC+SshqtxBCbt!p<_E`1a6^C}m1vin`ILplB4v)Q#*ZkC9LY&RO{
z<gm!aw(9V`vzo_4cXk@2diVYD%>~!)JG*NHj^kwy^|Cv5(tnnprs0*l3yvp52;cZ#
zX!+{?`cIZg4_v$wld9^Ux-TvYSi42F{LRzOEBCt?^jea(+r7jh{ZtQ|!OzCnw{J1%
z&HAvjwIA+YNom{{+B0rjuI*X1?1hh1@-lW*%!r+~<51V0CON_DJytCa681fK)h52w
zeWKOMKdWAz(kou&TX@R2=QSr`zTS%TUAqMLPrASQDSQ?EJMgui<*t^e`&+De-DOK{
zD{-9juLY{*>rOpS%Hg%y5*c%IQE8v4_gvR?uU&b?AoJa3^WUc|qKiTum1eG8uGe#L
zdD+F1NvDl=C;7UboAG6GiF(hcr@~TiWKO#<uJr7u-s`4cACa@D)s?^cVe{)()#SA}
z?HFOwt6RhJUhOUWtbFq_qrlw!)A@z%_KW)ud>)|}>{Pw$^-6{IpSynWwXuG>VrSIX
z?VsJ9ti*n;Gx<ruQI0BAKaRM4?>D8F<u|JpVLx3;ujVe;ZPYF#Poj8v`kz+k_Nd(X
zWm48d?L_^fmC+?nXPUbvJ6vo#GBT-Bx&N|T$DHgklxj94tCcT*^=?6g`TDcU#BRj+
z4r;S@lz-N|Eg~zIMDYzuzU|tzG0^N(<g{s3<hT1F&u0af)q83!)j62lUG<viX4}z2
zDgp+4O)OcV+ae+PVnWt4U+;Nqu8mqcq5R0t{4+zMf=h=_P)Hs(c0jfNvvBKsQ#=B?
z)vKzV-rmD>{L!FkAvvo|mJGY1V)|jz9P#2lD{882%~kH2*e|p@GeaZ9KrJD)I_=9>
z(_N~{pBHAH{QL8$@O8kMwfWD5rF9Vp`W1Q?-&<>usl9K@Ppdm)jQ0G{(|Y^sb8fFx
z$<v`4i}alLJEa#B9jnp8#kJ&<j<vn*_ibl9=4DTI4KM!w%I==c&8cVNa~eF9CoVcr
z5^Fi7yxqxnd(LGoI(%X3@%<0K9<j+DWutdb!F|@kp#tZmJ|1u8=8m6stAks@^c#1g
zLfSf%=P4=m*z%%iRa)nwV9$5nl4<9%x~!{v({@UF-;YOs^L`|)QT_7u$okEvTn6uX
zHhr{ZSLK%ztDoe2beVng?K_7ry)9oCoJ>AZa?SV7Ru7Yl&I3Llw)V(1n4{cxkW*3D
zX**74=`J(57J0iB*0`|Cct1qQc)UYfj2FK+V-i0W)|wBWY(v;~xczYS-*^B@76MSx
z8GsTS07?b}P|_WMl6(M4#sE;l2cTpx03`_klzai8#1(*&a{!d|0ifhC03{CrDA5C;
z#1Vj!=>U|R1)yXx03}HPl*|U8L=k|Jb^w%|0-z)lfRZWzN<0B5aR#7d4FDyP0F*QU
zP_hny5`6$lN&qOS2cYC403{0mDDeZJ<OKjFSpbyy0#I@QfRYmcl>7mp<U0T*;Q*8*
z15lCyK*<CEO7;LyA_Ab~82}{#0F)dApu_}#lH~xD+ytP+6o8Um0F)>IQ1T9dl2rhd
z>;$0XGXN#y04NavP|^Z`lIsAJlmSp;0YJ%C07{erD9Ht&q$L0)wg8mO0HEX~042i!
zD3JhA@&JI6u>h2$0#GssfD$DDO1uFm=>$N@Z2(GE0#FhNKuG}rB`N@vyaJ#k27r<+
z0F=Z6P|^rM3GELx07}dNDCq`3NeBQXzX2%G0-$6l03}ucl&Awx5(GfW1^`NW15ly?
zKuJ0PC4~T#bOE3w4uBFL07|9;P@)S!$x{GIN&zSt0zip20416Llzal9#0Y>A9RNxu
z15mObfRgtBlxzc_<Qo7bUI3Ih08lawfRfb!lw1a&<Ol#IMF5oC0ia|A03~e!D2WH4
zWElV@HvlNv2SCXM07|+7P*MXxNh<(K<^oXCAApiw0F<-=pkx#PC3ygp<N#1I34oHG
z0F<l%pyVz9C5Zr(tOcNC2LL780Vuf#K*?|bN(=!gaRZ=a762t40F-<Mpd<x=5@P^L
zmH<$)8Gw>t07`@alw1R#q#S^f)&P{$0#I@vfRZZ!l!O6LQU^fEQUFR`0#LFWfRY{n
zlzaf7<TwB&qX8&+13*b%07?b`P|^>8lJfwRSZ)m{6$4Q63xJZx0F;;mQ1TIg5<37&
z76DMw0f3Sy07~ouD5(IT<T(H(n*b<r0ifhG03{;<DA@==2@imh9{`m61fb*)03~Sv
zl)MI@Bou&>^#GI%1fXOJ03~k$D7gwi$x#4Go&ZoX4}g+v07@nTP|^{Ak_Z4w+yN+=
z2|&ps07{|(D7gec$uR&*tN|!F13*c807{AhC@}z_<Szgvg8(Q|1)!uFfD(TIO6CJl
zatnYGCjd$+0Vr{U%qhcBb1+$Uj|X?@eH&b-$-=RNHePy9^H5+W%L|~%MCrX9uG3}V
zwt&w{?<xMoQx*<ThKKaN2d-YSa6Z9%cCJinvZl(y@fGnT>HT6{OJ(8SP35CVIsJ>9
z(ccN-a{4<q(XWDVIsGk~==VXmoPO`7@+p=^PCptWqkjOx<@B32(NFELoPLca`cEUg
z6pr!D8+_;Cq>~mZN&~MBvbpx<$IXFr&+O@9bZ+XVzyhxk1Gl-_>MyxjvY~k0#x-qj
zwTsX?wNTgS_WUw(VRo0qqmC(CdXyXpJ6ITIHOpj=)8v@2jN%(n+s>DtaTdI9)N)_&
zFll60^@v;N$5y)BKQXAU+sNa)YWrm7D?OW0Qh)2mmi6O}W<5>(;Mep0^7Tb$R+fG>
z?rpzYvD^0C%1_zHeM*;(o%MQyTe}y@x2O3Z|Gu@4!4n&soy#+Kjd|@m@x#pzCKv8~
zoA51Is5E?v`j5Hoc0G^dEiYKH_odo~^cTYhPyL<pI_r+brn^V$4acwUuV9mZOR`|c
z0^aRm*RC5FEr`9Qx4HX<qECB8g}0}=d`Xx(C%^CGm)ko%{+(YiYQvB8cS&V8Ybz!X
zHs~90tI@!?ZA>a}X7ohw$afB!l5dGKZa%9DRc?1Yv>`#yXN%&=dVl41o8F$?Iyq%X
zU1$BQekwM*HiQoE@}-Agx1RyoUpjrR>0@x$Jo3x$i3gTgOj0~C<oK#KbH^Jr-c>&n
zIKE=f%(T4~<2%%jT~lLf?d!R5VCr{%`k9n@Z?4WC_S64rkMU+Du5%YYJCZkYXy3EJ
z?hl>fUbgjbt-5b(?}MQaej6<d4(Oqxrap50p$Dao{?{Icc<w9b>pu8aGR-#0v&$mh
zjfxY`3TH2zwe^AH-zhc@>XyT9T`4TiyZT0SBHsVUKJ9>{QNkgo{GM;Pv1z)AN0+&0
z_J#Y6`<m2BQ#`rtv{!T5iyEgdaNn<b+19q=Y2mn8BX3y5?{CL5P%3!R)n;vG;pU<i
zPB~#$mkb^*T(XC6Ii_o8UZcK9|A2QppPJ$6ulmQ>oH(iHXz^rFLe7|&tK*MeG&8w)
zynD{Va^1&YuU{xW+lF`T!tUBF&MQ(nuRrNpb@}1FO6z;-xB8tOq!?(GdOmi*_axW;
z2Ob}tvgw=6i7)nlJKg$}?RZz;uxHk(e!pI}oAWDGORrtV2A}j7Ki*~^xjMx^@67eQ
z<JvP+P9M>jrTk3bcBA!(T*b?pVRerO-(TClBxkLQ|LbTov&`<BAEn)V+}|SSX17ms
zR@#ZxyChm{8^fPda<1Ae>TJ?x%SXm0>o$xMwtU(3<1;OfdoC|htM7HY7UO$WxNz8&
zfCC-dD|a>geeOnb{JNe$zfS(#>r1aFvmFC0^U@WrR7~<+T%UjVZRFG}tM*|P5jPUj
zd?gPnosTW<lH%r~GwJ-ClNZjvRM(kj)}r!><NEoZ&i;1aeUWJ8`93|RcjD`fla|WC
z+H-m;C>@NwcKJyE?5HcH!`istd}iC;`{W+$`n{v{via7>qpptpc5ci5x!&H9{BeIS
zFRM<fT~+XX_q>I>zq@#yaq5(~>Zii<S!a3QpS-;t+*p;8^U!ODk)GP{%`a8YnE8x5
zI_>G)tIr-KPkt#nYeVfLwF%VT;yoMeF+6(De9rr?_dhVnERVJ{9X)V?+BRxGVb*{e
z;>vA_E45)TML-V`AbmJYy(X@-4lOwPZ_Jz7`Flr=TDN|<okqy6UVe+(>2`0wy!B|y
zO_q1!wEmtvb)~~7J)1Av9{nXpd+B#>KX203g}dJPeev$#`8zh`&*bLxHh*tL?`hn>
zud*;|ziHeyAez*G1Zo7b>MPJwhe!|LsiJ|3IshEjcOb8ffaF>Qtd<K9OvV^5GJ)>u
z1|*d=@I^RT2RJYVk^`jHN8$~vmp0H;^MLny4J_7BjA{~~vSyRxK$Q6banuROseM31
zeF1K)Jup;Tfj&9{bdwg)Ug<zAbpbl85ZJIcK$@ijtyF|@?if&H%YY8E13K$5Y`iCl
z1C}fR=&EWU!z_WjDg~;^9NZTG)#QkFWnlCQ1s-YxFi%-Pa2*5!s{nYj`-D%P06TRX
zNUsM#UX2EtY6MVTn}8p420rWx5K#I+cc}nB^$_@~K%lu+0^eo|ELRe+U&%mOl>;eO
z0|eD{j6wr|Knn+s%m)a!&FJC&KxDZAspSC_Rv#eb6p1bHZDWAAiU5YL4EVXhz<&J%
zLTwLFY{M{4ZU;_G323)$;MB$gPgak$L=4bq3xUQ;1Pbjb<mUshXd>Xtgg~Ng0e<Z!
zaBIFmpDhQ*s}|_Dxsb;apy6DBoI3|ho)vIl*MN`P0YqLt5NII`VK*5_vBSWpodo92
z1`?=@(YPP*W%M7F2`a}_hHc^O;GE!`;n2B&fFT}E4bB$M4$cYA84g4c9-Jzi8k{Yh
z9h?)KGaLkh@Zj+CdqfQmKR-w8;GE!`;n10c2d4_B24@Rr2j>Lm3<q`+9-Jzi8k{Yh
z9h?)KGaN*K@ZeP8)ZlF4?BJZ>oZ-M2!h=(VQ-iaGvx9SjbB2?F|5ecsI3|tQ!r8$&
z!8yYb1$+enrwXSAXA5Ts=LF{rM_MBuP8CiK&KAxN&I!&L4rl|kAMtQ%aJF!Ea87W}
za3l`#aH?=>aJF!Ea87W}aAXPM;Z)(&;B4XS;GE!`;YbSN;Z)(&;B4XS;GE!`;Yb?d
z;Z)(&;B4XS;GE!`;oL^KQ6`Y@3g8nAl`=I}_@{}}snnDdv?#hyMO}jzk^g_+i_>({
z=@icoz`a-i_vQk)Hy^;gPXO-C25?UZ;NCd^_e=rY;{muA2;g3S0Qdd?xOWG@y*&W#
zMFF^X3BbK20PbA`aBl&Cdp`i&n*!k8C;<2B0o>aQ;9eDgds_kA+YjJgHh_D%0PcwZ
z+$#le?<jzKzyBZ7-U2R*?rR&RyGy#eLAo0hkVZPByBnktQ6xk{kPZP+kd*F5knWaF
zDFuYH2Yue}`TpNI=lz}YuHm|8?>%enwf3I-p4l^8dj=5qUIXGDBOvYx0OFn`AnsiN
z;@%)2?(qTQUI8HPeFwz7V?f+<1H`>)K-}X2#63bl+(Q7wy&gc^qXWdf4nW)^2E@H&
zK-@zF#J#tGxQ7ggdw77j7XpZTtAMz-3y6D6fVlS=5cj+QaSs&`_rd{jj~x*ANC9z=
z3=sF60dda&5cjeHaZeKv_e244ZxRsqDgkki1rYbv0CA5C5ceVgaZd{n_r3w*9@MA%
zfVf9(CPjS>h<g=)xMv86d-j01Hvoux&49Qk42XLV0dY?S5cl)|ac>w9_eKD5?+_68
zN&s>13J~{X0dY?i5clo_;$9>m?#Tn<-Y-Dh18hvVU_jhc2gE%wK-|j$#J%@`xTgV#
zdwGDkC)FAv6$glWiGaBG4iNW*0CDdO5ce7Zajymt_htccj|LF;Z~$@d77+JN0C8^=
z5ch@vaSsC!_wWI6Zx0anOaXB(1rYb-0CDdgAntVn;$9IT?mY#>J#j$XvjoIFV?f*^
z0mMBIK-@C}#Jx~J+*1R@y?H>~qXoo0RzTc~2gJQ-K-^OR#JvMR+^Yk`Jpw@7TLi>C
z6F}TU2gJQOK->d^on>A?+!F!BJv2bvdjN=gNPxIU4~Tn4fVkHVh<jszxc31N_nrXa
zUIHNQy#d6%bwJ$n1H`>eK-}vE#63Yk+;alNy;wlpn*hYUM}W9j42XM<fVig%h<m4i
zxVHm{dscwB=MRW`9|3U>1rYb@0ddb45ce1WagP%a_s9WpuMiOTssM4X8xZ%l0C8^t
z5cfO*agPcR_mlx~uL%(MUI5}=3?S~g0^*(oAnsKI;+{1i?kNG{9y}oKode<?79j4K
z1L7V(AnrW|#Jw+oxEBS8du@QYM*)a?nSi*r0*HG*0dX%C5chBaanBAA_htZb?-d~K
zB?01IIw0;*0^;5?K-}8~#J#V8xTgb%d(42iw*-iLF9C5c2N3t31L7VgAnvsQ;@$=z
z?#Te+o-H8mNdw|u8X)d*0OB4tAnug|;+{4j?ll179uXk!wSkjJAHWcFG68aTkp(Wc
zP?6xlLl|L^(Gak(F<>we;gJDJ7!4Z+5e^9h9RU*-3jqlZ9Uc<}0~@@l4jDX(5*%zW
zVc}6>;Ls7UQ4o>P5n)kLFtK5<5a8f3kkOFf(J(Q<`3UfjQ4vtEv5;Uf;ZQ*_3<?GU
zA~rla7CIU>A`Au=3KASVDl9T40vDKs0gZG1pM;a^e>Q{SuC3q$96s;HdEkh9H?D-n
zg3!1SI<G=wLTDTajs0){2mrvPF&G!Xz)%A)18@Tf0Z0KrM`SYqSAY<JY=BmPWq^M~
z5hS4Vvl;+&?*N9G8mbbew0W^G1kpuPi1oYD=k=45=hB<xw=uqRRJSWJWcSVCvo>wu
zKH1$@_NR2@7WLLV6-d4OMkrd-;aSyll`5aHkAjT^-nWU40gr%*2A(euHQ{c20L2ZB
zm7xqYUd90c)BXSJ{135xaQ`a70!17Ez{k5YfX3E10JwjRVL=5r0JwiEf(4b~0O0<u
z6c$vB1AzP20b~s=xB$>#0~P=W02ctF8NmYJ0O0-&0u}^<1AzNCAjmUh4J|MrIPgSR
zU=MPC1BC^_;sD_O4H^~%jst-Ew*gR-A<vLCw1BXokfAW4(4cUj5FodZE2w&?N~jvh
z6jFy&pkgR_C!qbn9^|0}0BAq32YILv0JI<2gZy1jL9K-%hP?hU03|>T<RL=<(0*VK
z@=zrJp#8ue<nMYJ>M5wTP{e;6K-SO#bu{D*v>%v(JmeGrv>&WM9tz;Dmw_f&LoJ4)
zhCD;o&;kVq?E<LVLHj|~cijnf;oS~{f(C|Amq6Wc*8nJL$TMUOEl?AnutA7WXizv%
z2zNUeatFD9s)ecoW{^6h0u|p`gB7p`d8iYh1ORA1u!lMUN<e!T+Cv}@DcrRdiWu?=
z@&M2ReQBVMgN#A@fj!h|kRjLt0PSIDFF}<;y#=)xiW+hNSwjod(U3D>aQB6SIvsKh
zjG?apu>TVT)YDLJK`n*?f;>ak&;l9<bwAYQP&Wg65Doy;jZoJ?K?6gmOQ3GJYXB5A
z<QcMt7N`kO*ifiYcu+`C7{KjaBOw=1wNO=1gCP@04e|_SA%VUC08(J}UjiLZ|MQp%
z+H@yWK*0O8u$F-w1G)Jtus44es%5HWtYfTW*k!OB!yZ%JP~BjG1(pgdSg=^jH_JE2
zVEL;K3)HEAI@VuxSfGAq@K+rcsNWgLsyu>j5&rY@`X`+K&+Er>4eQ_a{`dBg6#Y5A
zL-oI&d0U-ID}P;YzXX>xuc80&9$S0TX+z$Vb+_>$SE7{%Vy)9g>1B~xIsUyI%ir7!
z**n*~eQT>wMX{t+7C*-`6imV60*Y_q;Um0vK?D3a6Ka{N#X8+10mLa|0vk%Yp>aNg
z8DCaE)Nv8!2hIvnq9aZcI6FSI{$26i?32m;XMIP;PLk2FJr@+)d;1|QOv7pK)v*QX
znYrJLN*GFoSK2+MLMD%Cq~87ds`P*-*W*{e2<a7O+s)+<m!{+eS<M=hlaI|L&v_Zk
zca$w7!W_>0T3}7REXe4@ZCS0h63%b&^^O(Mg1d?~%?*$g<YW-C=Y*rQOJ4HPy!eUX
zX#*~X;1LiI5s`o(0|C#Jz7y2Hg7zPR{vU$z-w5V^BhYv2e<IlbLxFyeczF2u1V9LZ
z5dD>Ve}(uzgycVj^uH0Z|3=9FheGi`6!6mz{?D-#^t;dj10Q1m3upiYL=;>{iUTPA
zy`CJGy5dH^&CcQ)+H>%K$soxkNkciN3X>uA9p3CgU)C_wr}38RriSQvDfm^d<dM|n
zYzya6^A17^>&^C8x8t-fqPEQXBf+h`ess61>ZU$pQXR6oQCv%;`GL_KO{2M!%Y8W{
zN{)QboNCRvu(fGdc$--rh_p*YUg^?~NRQ?AO3hhw2}cxh-KxSYj(*|zAeodh-InsO
zR?b_qNbt1!u%5k6|C`3t{?UaCl|QP%h;2X^=h<Goc568;zy7PnU@j-+T+0S^oCnsU
z9HHNv<7w~LW)X^R<F3D|GUmHgmTH&(Et$eo#yN7{X%%{{Q`TQG@sZ<0j#KS;t~y3~
z+Yc$)XdyLcjH#COeD_>KH7*JjT@tN~F734kUvBIa%414vDi-wcd*r(!EsS4d<4(kA
zJ${WKY`-ihzEOFu&1xFtD^i{9{bcF7ki?!^#(!e`7fS*$*|`amdxK4=dPxFKywEOU
zb@$7Go(OD%DOM(ehtC{df6M(8HOiVWs#{_v`+N%1%SeVXv+{Lcgc~tOC5$6M!>Wf^
zV{^8j;1liAOnJ+&7rc^T!^A#?Uvu?2VGa;Bd~cqsqn1jxpPTX`N(zPcc3Id>8Vq>%
zd8UmIV-ojIgdq!^8(sF`5_ZJkXKwP3B+M#C#bcjlO0O14KM~-0b4rPbAo{o@);Q$h
z2u!%P7%MN#(vW4#tHQ_iY=Yfh(qo_0y?EP-&d?1KN?WuY7zxnXrutM$!-g{CtbSZw
zoODH&Ce7)P(XWk{NH*mUujcJ=z^PJaeqd<ot<+iCNzH7U_{@X1=2$kty2v8?hFQM3
z%nsXa8oN)U<lMoxgi=z2HoZurWKeF5^+?(vpzJDe4Dk&TS;G3B^agK7)wnG!{2-cH
zpVL#JuZ|TCExuQ-_I)$(n2W+o<Fghx%a*4Ciqp(v2FZhpl^xg(URPuqsr-XiYWBk~
zsvFU$RvzATwczZb6`?&A{=g-NAgNUmZO-X0yzDo?^f*p>HzRiP19@`b80)(MFId#u
zcil%;hCS0#b2ENESbO6;a*Ce3<Q16%^b1Ye<WGOe;T~0B(U1PF^h(wd{E+vFDR5lX
zv{xh9D_(blu%X}x0bcKz9ie|mkQ8>Vq$T#DL_L4@Eh9gwYCy+~Gk2pkV?ipzg_7<&
zU6b1pi+zmY&lZ6z^60L|>N^we%*ByKO;n#;mFUJ#(4Q6gsfu!>N-xW7?vG&9VJb4J
zgogf{vR73!GQkMcC!zb6>P{v!cRG5e6%}4eN6F=!nc)_$u$<83EU)_(gIajrtqc6a
zWtJ`ZHhE(OrBu4&%k%!g@J%~XS*1ZZzpjhipwmp5459#;2S<GdFxYVmEmomMXb6Z%
zD6sIzm>5{#J{meUA~phea}<~gii`x0frW;GjE#YX3ZA<Gj}ER3(NHiE(2y};u;Ea!
zV381k8ay%*0y-)N92zVN3>G#fJR&j@90DdPHVhgpB035d20SJf0xU8NA{smfxPpO0
z1(R6OP!XX^NF-z|Oz@JVk7^%3QizPrxa4<;`g04na#(l%(vZn_Bo2OC_4eph_wZ$5
zE&1EpDzqO|*6q#RH7#yk?gH^@{Fk;;{tA{s&Z#D0?gVty1o7W}405+SStTZgqILEB
z$Ae0vB9qrgIjBQ$Lcqluw7`HgI0E9pP=ilu7@QDlPzusu4e0=Y^dHUtr31<#U0@5g
z{E@rV-@1VPo$jA)kS>(EtLv`*I}1n`@(1%@_5Ae*=|bgTp#~|S2gL$(frLOGP;AiW
zUt1{uw+`yRX|N3_015f4`==bL2b6$q)WmlRe`#^vFt9)u7P@N;0G>5^cO?v!-Hj!o
zG8C!5Wq;CtbYwvJUmfU@`c4Pv0f7Z$P*@abJHXvGX#Hm!45<Ik7gT<i1}jhxROcU`
zP&v^38w=$7&oi*0vOl(e%7EHGb>Edkd1$-Loh_8Ri|MZqsE)fB?qdG44T|G$T###O
z02%-o1P~4YH2@6&ObEyWPy^5afPa&~zyeSM&;UUD5W2jA_5%$73<AglPy^5aKz$Ai
z0Qw);gM0+Y15g9d004ml{^6(rfPXmP9}f731ODNFe>j*BkO!a!0RG{Ce>mVD4)})y
z{y~4?0DBx@j|1#+fIY|q0RO-q<U>Fn0Qd*?ARhtp0Kh-62YDD6Dd1lU_?H6yq1)<G
zz`qpmF9rNd0sm6KzZCE<1^i0^|5Cue6!0$v{7V7<z#a$K;{bacU=Q*Dz(24D`4Er?
z0RDkJ$VY%Y0Pqj&K_2Wk;9my#mjV7|fPWd_Uk3P>0sduxe;MFk2Kbi&{$+rF8Q@<A
z_?H3xWq^NRj|1#+fISYd2YCSCAJ~I@2*?8f|G*yPBS0Pi_y_hlGN=gPe|!KW0Fb0|
z#mFSc3AznmwN@9*Rc{-%>k1#^9_#0aNhVI1ke8;GAWy>@hT}Cy^3Zn#Vd!`oH@n|d
zEQS;z&8K@Fr?<7)rLRXRHXnAsYr`JQ!Jv0x-{vTZ@O(I5Ty8WQ{mWZZLn76wo9BHm
z6MT73uzt%4`f|5oLeYeVML&`a3kyLcS}l_h4H@UP6T2!trjVAl2bxs_n!Pt?UwddI
zyL)2JR!gq3HR*fT7s~B<8jd|ATZ!N3k<un3`LRx2v+Z$++VV+I90e&=e3Y1~8_W4B
zG024<mP|iV>(4MeapAN*2#W)cXDsj~@a>I2f$MpBdD|Sn>!_Z8k@u_lhp$_=4cHkj
z0A2u)Yy%tu977o(LNqyu2F-;VsewPM3TShx<L%H1o|}p3P8d@Oa}Fq|@Fmsu&6V-a
zoP8psUU%I=Iew`qVN+-|l@`lX`qb;HGZD#|BdQyBiAXdU^EhI60b$3g5aFEDrE+Qc
z2pjv=Lyh`I@t+6#1(bsMSgdGj*DMj0M(-&kwpPi>>cf7<&0}t9g`23$58Xqa8;5!O
zjTkocq+owIo9{>evuKT{o9F@>os~iae3ZWipU0o3JYFWC(EssHa`bkn>rEu>thn}l
zR>ZX5p;Xr10oZfW8v@UewO&ax_|Otwe&!@n2sT~4nZb9&`}|&M$9XgHp7#8wxaZ%x
zTkvM!$<D&bE=wwSW@=g2lbJpof7l(po+`?d>T0|~bHdlfiNtVvyRh=yx5U$r)t7;P
zEWI@b8P#~TXk@>8r&36|$u)D=t+@p)(dbFL+Sy1!ZeBbdy2F}wE8FXvC%5_w=RqId
z<I3|3@{iA7x+j=K^v_ej<27UZ89~ftGql3q?Z<9O|E(++^#$YR42k`A+X#kwv2wb-
zufd6|iiH3?92V`g_3lH(fVTFM^u0Aw4|_ehh-H6k#;}6D{seE`ahvKgFC`<wB#I@;
zP{Y*UFiuEAp0(G`%o?BMil`L%qD?qIns0v0X1{p5y!CNtU8>pYoLHj)J!RXHWa<8{
zva|b>6cQF>7*W?E?!z;pX&!~<LIlF<>X14|<>{v#ukTqV2W_AG?9&8zIQ-(|L9*~U
zJ#pDmdan8L=g+*TA5(K$7C6@`oAdod3*DNRO(aGzWA@{g#&J=$_QaIK>>BSxKAPzY
zwLf_(FjX<{v$Ltc=G^?&(*xO2Q`sYH<kxotkM}QhVg`F8AIO(Vb8EGIDR0t8Q>@n`
z;eFkqV2WPO5&6AbV2mxDIw9*g(<(^K%$a_G-FG$S?U$ZTg5Da|v%vs&+~!X+Op2<N
zG_V+$Z=O;qmbvPJM}j}FH87VMFFW&p^Ccv0`Pn0#wU6pcIm4{F6I{PV7*nSw<1nUG
z6Hj|Z?mhGp?@t>RYf1R@Awcnlqb+{&+)Zmg$<@|`*@!eeKO035t#7O=#A@W8V0<uk
z@Q>eh_zk~EWSP}f$y}N$@T6|z^2of&MX6R-JGlulW7q|Y?7qrAxBgmvgZqg1JB_tR
zQ^?#4b9B|mFDC0*f(&mq7$nRaLM0QB8*wtokyAK6p!)4L_dK5J66KHm-mzsKcarD}
zyGz<mo}O`aI9_^@bjldyo(3=B@Fv${IgdLd`{COc58qW`qryzo+Do>^Fh0)y(VFp1
zre&Yw-GR7!v6)}*1MK_KWHQg-+&_0`2*3okW_F=5@bM2k`0(g(ng#ao5xx3p&EjeQ
zcZI>23yZ{5i_#k|UwMDyn=gTJ{0bJ2EH9=FVfr{)2tE8|$Qc=EN;*gGslU>A?WmL}
z+%Z0tyL>ZH6}w=}PCe-rXzpmZHvOi3j)V;!Zp^OIj8}Sn-qcp+D~|5@!k2{;q$8!3
zYKqbPS1u2RxHhiKsd)~{_2?4F*irJ%i0kf!e;yt!%pj)Bc;7o$V*i-f0b}hl4X=2|
zxMq_HCs^5!?P}LhR4$lj9iebUSf7_8Qu#WV`s%>p<Amo}Pw3~cWNxpjj-(vawR*&?
zD*S+79WQN!S$=ZK6sHE>dgGK6DbpX=h+C6CZuyymxptsugGp8UWzl~Ix27-mv135=
z#HZR7wN!_QkMU1_7qop?R9Q;86;bN?W*CDgC{{1i=162A<#O@aS+g$okrSp1d<e=4
z1rJ3^A01+5!erneJ@cM?Ul`qnez@V|H)+wGm{OUSwuJ8T0}^51xKNP7L{opy4!n<|
zLtzOjiT0|4mmA7rT>jR?d~udQb`JijEu3Y&zWDIyB~2iO|JUysQ!HXntSZo3ljG%V
z>FVJN-aR``FMWlmmtV0**EmQi)d0Js_g0+1^u6ttYj!5xk09>oW3_NxOVTQ<2?97G
zS543R_y?#a%#y?6SZ}mYd%tMIz1DY{<$f-e_Cxd;zMYn2l1_2Nvw`CNMU$NDZ8m-;
z8UmIp|3|k}f=AxWv}#Q1r^0YAqD&}`M35WWlCj#{5PMtbIB9JoQEW!bt3zIm=eZ?^
zHoRVm8LQT*LwJ!hvMOR{dViv9uS&_NKZoc6iKyrA&eUeUP*@*^vV3i^t!I9lUsmqV
z65y;b<LBDbW_DpPnVFJ0d6_<N^Ev!vcBQqI-Xbn{Q54lv7WVeDhq*igs!0=XyS0C#
z-sfHso0mFBC#*hwHQmDJ(zE=tS=)zBG=v)g<UJUcxJ)`mx=8|^uZ4Ym6rQ|--?5{Y
zF!*{>`fC(#3_I4F(z9E0@@sgV9IR%fWS*e`diy&A*^c|k8>D-`U!vr{%uS&_O{Nsf
zr;k=BI&d!JG8Z(!8vbQfq2loHsx%vkyhPT)@5!-CyJ|3Y`o8w7!FopthKA9@+uB04
zce&+n8W}iW3LP)LD42}WKC1EVdN{Rc93s!w*u)+3JW+Mq^;4+W91Kt9tkbQ8V)Wor
zR!3~*)4F@Hnvp_yGBp)aqgb;)ihn6j%wK+$+juG_i$#rxuhio!qSkwz)!-dT?@l#z
zv_32(faqzrr}AhIBe153ZJ+n+_Y+mF54b8jjI!VE4>amM?NLG4&Of~7n|aNvVJfHn
z9ZAQs&lqhzh$l{ZQC)v^!H%@@rBD=Fm=53jDvoVZw+PB&oOrkJ2NktP7pi`4DXpcP
ztdm$qu_Y<3m$We8f2hznpaR8kma>0#dv|~<wACt*ip$<xmQ#L&$n8;GtXE{`wQ}Hc
zLZXcwY_1F|O1{|`A)>dZz@Vop-9m_!{*OX=WS6|^nBsR_q-tyL6tG>Zr%rBm+|lUR
zQq3n!u!*W+dEQpvbHJNS(=)0zZ=XXe>epGwC7T);(%tYwaHXk8uMHT=969WLe#H&f
zJ!D~UlQezl(6C#IY)%auLPHQ??H5DgcDSSTrT?&gh$2YQIdw5t|6!}kw6Q~f{!r)%
z2U!Ie-_!y${2k{&bA+I|LQ>!cK3IStKpYV$g#(pIK}Ap+l!I-c3~a*zX|M)qu!eyK
z!+*9xImqVD8q@>T1#JH4-YMOEKxI<@rF&QJ9WMpce^>86b^fsh_5bm67t5X9o&BE}
zAsgWDE^?rE7w11Zp!BW{kW*+Ihy$u0(*J|IHbGhlI2)2WUsF1GMi{D*%3%%biF#d~
zSvJbj-y6z~`50?b*`r^IKX&EEaV~vxeUJ4D%lcf|A|=zG*Zb@Rc&6pMGG(QUj=7H*
z;m5Z;3Dz=ay<G$4O7r9o5#CtW{S;ez!t$KIje8qq^-Fo6H>vqirCN>vED`w+M8?=m
z?ZF#blG@1^LGcAbNhpFD<M4W~@{G|N#awnW1`Q3q-+G8T(SO|kx=*`^{j_d$FEX^h
zqEy@Di#g&}+|Nylm)ZQV&qz(mya&HpP0q1$>4l$#6;+2kmJC?m=Zu+`z}{>|;y0S<
zJ3xHoNP*iNj^inykNO3^(0DN`q$*Sl=b;Zq5L}HNyOv+?#8gPUa21lL5)tJ%s;P-O
zBeCe@&{is3`f2;SU%@qENod+58D00No(C(xZ!G)~TU$vX?#`(uy6NUz;)`kHmYue7
zpCAnRiS|0#j|eX8(JH3<OQ}Yg-eart503nIb(2ZV9OuFnUm$;0cxE|VHV~^%H^dt`
z+jC_2CZDoe;T@TjY|eHa&0fPyLE>++SLj%NFY$Yy6a+ZEMPKH;KCXRThxhpByQCfT
z=^N%<l^v;=U8{$>bj%MGx1!S=IpQerUOeZQKOOkM!`nJt+7uY|r9XkQUWD=0p?I^I
z-_azOnNKk;1`~fDQQ3<6!1Ldx@JXDjJEUJ%jk&&AGsmB#mr4_p-O6I#yj&E1oppg8
z)7i_Um`twqv7{SLUK76x=fjCfMtT8nsmz1RTs1a4jqgtkh$N@hHoRw*q<e}!TdseX
zQc9eSNST!V=sp%jx`LSFE=ng<DE%M-Atv9-cd?HlvZe|yWVrA{{mw#kQ;mANM+(~O
z`%NYdw-N1+?Bm!Km$F~*lD|={bv$I1j^$x>5BHP#oG#RIJ9OdU2*)n;3rz*t0A7S1
z9os&J>UFfK*!NkNju@?{$*C{8g*V=l_UPZru_R{7eqFv^l^UA%qhG|x-Jag<&CS{(
z!C*=~8E#NG)me|AmC&k`RZvfQHH67EO}*v#8P5et!%3#g;nQQ`&1{!8DTA++C;_D{
zU25VaqB5%YmZB{;f~OJmTn`CSvAU;(10z2OhSI!`T#@7TsId8o>+)RE$d3N(aP2YD
z@cD!V%ZT@nQc@GjFJ6zV^EjACeQ;8np2NkN;hzTmZi~NH{Q7r|ppMvbE{X6{9J~@=
zhcxc$*(fCEu(eE`^1|6?1}M50T#q^grEk^p^|YKmDCt+e@zT3~dOp!(gjx{T`q1lz
zV=%$huMZ0erHs2R9trt2U5ClG_l*K6S9sp`7ZcvEh>~7!SZ{f2E9y6g`HK3oh%LLy
zRpS@3M}Ua`I<0LULG#4k%Ne-}x-Sp*4|wJ)>r`L3-W$8IV#=b4HbeFQaXcS)S(%Pn
zc+JCso-pXN@0-`DiOm-}Q*Y8TsIJCp9gG_`;jlFGdtCkP*Ca+SYWb^12DX;#2UON<
zoi+>lyzbZ3^bf=u+KI=VWZ@Gk-GAPbcc!wX`efH=5t&^R)o@UsFELJFSB;`F(hr;3
z7lJy_pY*{}Nbs%4bcc3(e?3QQ*A1hDC}y+oRPmzvmjh}J8*Bvm_|E}?JLTWa7^(&Y
zD$q`@*zp9BGhm<Oa53X!ymr`97W~esy-PlbB0`oMGa9GWhL$lcLTgTzMZi$zDc3H5
z^iJhsdyLM1zsojl^PHyH=OvRsNR;U?cZR_(*(Bmc?DD+kH$^tppL=}mzXLK&cZi3?
z^?ZHkOC|{A0t*A8(w^HHyh~Y8fsUn+94B|*r#ZFUbHjCLv(pKz{uCXo;F8$Wmcl84
zeUq$eMS|7&enQ|E;hT@g#hUCzb@L>1G$lbA#YqRmmk4g7dLhrsekkP->vujrpJgFh
zFuHWSveanv4Ev$G+&zbX_02xZY#3+8B}lcTc&156vIf4D@$7OlOMEen;2Ba+gD0zI
zT@4?y#ga=q+7SHyn8-L?YdH0%#mk13{zr5&n61gqQ%3Ixgd%tK=$)|`;5reF?cwnG
z8Wr>1WpJsArarAbksOS;h)oIYk;|dHcKY(MH<?g)_%qE35$c=RN3VD+z9&iy>c07^
zh!eDsu5KWd_i3{_n<bRrkImI$?b*o&tkkxauCdoL-s!K~0{HC!FO02tcCl)_xz4AN
zgeS=NDaXt)?CU<oX$sRsg)V%bS*4xK8ZG(hbK~aAPw>8pq5mi+?%_S~9yTlERI|Nc
z{LSFTcWs$+-0Z`r(hK8K1w`BaAD8W^=ilqhu8xo=7*gOX{)#u{{#@Iw*|hgdnQufw
zcGRl-p7HMrlhy+@TH?o+$`Og%`kBZJ1^F$nbl+;{JGt3nb?52Q=T3E2u|I8Y%vRy{
zu6PzCaKc-7AR;YlZPVzmMwn)2svxo>aU@lSQoh{5%t2mZNcj+v)%KCxh#|9iZ5JXT
zi;*E|Y|DzL3T%hJdFv1T4)SluTW7V0@<o!$Dgzb{OV2YDB1qqfU$H5NaSN>F9%5~r
zd!9}ZKjOFwcX)Y*%eRDPy6&w|pF>CCMdeHV?P*Eq{q!eI<zyEmT0RsXBi?f6VfKEz
zan%S*lte+*!76&JV*&et1%V=5L*A~h2(5k`fzj6L)q`5r=${(rxG~~>=gxgWQ$rjG
zY-edqhke}7{L7CHloCC(G52$iX?s#exW<lU%vV;A?3q<<9*#D@^y~}#9rE^p+9w;=
zr*4&V-}Z{*!(O|8Q{{X8c`bS}51Zj7As<r+7^zT$p#a3Qg#&jsIpDx6i~xiIAZY^Y
zE`Z^`d3tvnr6=YigNMR&#V1CE1D49Snv-@zFRS9~L<06>gh$wd<SV}EV~g*Ods*Fh
z+ic@|reXD5rCm^Vt_)wZXO2+085%wPxj}SEj~e0=&hS2;GxF*3gI@bKq_~_Y1w&`)
zfT`SVUUX}tP@8<g*-~$7ThjN*_s*5yBv`nj&z~JDZ`8(~JW=Y3Y_fg(#OU_T<EiVy
zps<1GM_=qdIgMGDhl?wDW;ycbq`jo8*lP@ob?xN&09Pb1xzxxt^1dch@MGn7jZ2aj
z=s|cfQq{v5265CV)xH>w`+L!}5o`CqkD9jmjP<mCHNiGkues;DNAXM`ytQ5BOBn+C
zK$S7|ORneH%!ZL--j8{2&;7_^^(0>7%4VMLN%j$ogk+7iVuzQVoH3%o9u)eKNS|&U
z;^2sE2Vvw48MALI;ZYorJrwqcpqcy8qJ=7+TR4nyRyCBWIGxd0W%^5(9Qg%D%vOfI
zmw}y|PjDk;eYP9tQJ4D$p-ky7i$dQ9(?#0M3QmIhBnIrSUoaz7ty3(pG{aJNP~hw-
z;kk|+nsel6f{o^$SbQTN5cIbs=TT;RwH(fim0X&x=sHZfx%efj*dcP;@y!3(OU3Hn
zljf$;GB<U-LQj%)VHe0ai+@TaKBjr{(_0Q#<~HSemt9^Lg+J(>E?&`cd0)JWBkaHx
zhdK(Kyi#G&CA>dJX=itf&<p3&`bD4d-#?q1{L+zocU3-!V7z;_g;<esG@uvr0muH5
zX$ONss%_KkIkO%AL&{JW(%a;39>`an@mXl^%(zI^Ws?OZyO)UyE;JKo>naP^$<t$&
zh1k95@zn_TL_I9u7f4n<(0NRM%+}L|DMvVGJ(XB1ley;it!OMb&772QX_k(Fsnvup
zJ1Sqe*eO6`LZ}K}3diS&*lHp7V?jKH9~_$T!;I%PqtWeF%xFv2*soudqsmi{Z$DyX
ziL_1-(&3ePf4{2*nMK;8TUGlB+tbg;%Ws~@BWO9s#A|46Bb^$!nA5d6h;mVNf7j8R
zM-AwZv%RUf|IJ2t6?gNfM>v`#_m?Hf#j|uN5@hAMjxwR`)7_3=ijUASWTPF%yeIf{
zrr}=f8f4=rX#C&}I~(et-mGYE#*A2TLZP@UM_Sy<7QN4hsjVCt5Nz1rX!CYe25UjE
zGX|w_I&@!lrnpkHyCToZq)F9{#xCcedUN00=DgHnqW6M_p4299C9<1pf};-yVO$K!
z1Wu})J?@JLbNt1R&yKCTabjaRF1Tuw_e$0?i;wj^mXTVAJYP;e@|~3t?U^89b?%UN
zB`2!Fd*(#*dVf8PQ1JR(_<?l%+J`_<+9;aiuBTT-AJ`C*%3E8WYQ7bepZaART9d~q
z8R*gPJ6b<ew|T$ehO3>AHLn=6Y3XLrB6Qugu)vvKO8?dRH`WN{!)}e2>KRN{BlWZg
zFU^SCqX}m2%?46ED9Ge7%TU2*UP&6OT$^y`Jyk|cm@3IHz&lUJ{_Qd<JKHd*K5CyN
zMzzT2uws&Ct8J*3<P*2!@+oVH4Ryg)Z%2vICUC~h>3dJhg9#e7+s_*d@Mc>g3Jy$S
zR6S9j)B?N{vcHV;`%2{4j%Q)Oo8rE#fu+_X>KmmX_&~3<5ELh#s;zl%P|~%;lCcWz
zRnqgm_QiIEtVwSZ351X!J$M&S_3y{-iDBY%@+auJ>2MGA%%03&OBU&UyxLMJb9`iC
zkTY0E^;O5YSXt|H*hhcQUnpdXR~IS-aBTvwc28275wiTR4u6y}y+CR<L3??V(!W1E
zeQ}D9_{!(v1zQI!13R~>j?umAg~V7>E<}akE~}sPr=N4lxKDPXFee-KYHdqYybxgd
zvE$P24!+=HZ*YW9m51}VnvNK$nHJHl4Y8Fw4U_qkm6)CJs?qNh!ncF>yUFuO>N0zN
zx=TmADUR@dUCXOIuQwb|FVZHEq<`4UdxFmvVx+boDEv{TGc2}r?Qoj>@|z@!>YESW
ze*}^F$8XV1+t<h*iT!*)t15o-%WwMK0K6yTv;Y$q$Kui|<#VchSymBzN3wTmsV<iS
zr{Y5jW#g?3sf_AN{0)&#5}_sYYRR1i-=AugOYbV85WVoKmqPp`*RUzNPMV)`&t`<B
zvu^E6bJjt_>$FfB?UcQ5v2Q=}I6qBTV1In__2;M6*{RnSLR#~Jc+|Oy{0H!Ti?Vci
z8wqdUcj{jIEo(fUR|@$I8!%V9Zh4lBhv%=a5l(#Jb)WNVlja+zxj1f53c7}Olrywr
zzhAp!YWgT}W0=dKtul=7RE@44+;|~{P#^r}?#DNPReadLW6u4E@fpF*!_5Mc<ABfM
zz3lU0=au@ymPCf1d?^D<aNmFKh_$?8)TQA2YPfVSL88{!rP}@|&~${D34aJJnBjLO
zYnS&%uj=EsC3T$Ni-eK$X2h^1bfUDM1|*hzRJzrD#__6*!OE*yx_9pOmm^kCTE99$
z-XNu@)K>U5cQd{nd6DxQR2+@6NBmVB^)=NMh}jH}`kU<JR@|`rLp47U{$Rt39Y~e;
zthIR0%9AdsZ*iT^;v7?X`0gQxN_L*T!x~S^2G;Hy@rf2~!sL#G+_Qo7!&ezZ#0t!h
z-Zk19<5GJLUlN->t8bE6t*N`-|Mt;x?f8cPa`{cobE~f`GZ8xOYP09LwXQ4=oQ$Tl
z+_8%Er5}rn{6Khx!;ZdV7lMXMTH(;;G4f#Qc3qgnzcl9XgAf+F0qT&_nV-IZ*;OAc
zU+`qgMpL4BBLU*d{pURotNXmZ%(Sh943Q0+nKO>MMg8{OPn3K6I)yZvwREsDdSoTo
zy5*}oQ<6cdvEle6c(upfMBgMFYAVAb^uwpaYjz>BlEVJO<~RP-T?a`S(K;GP*Y19Y
zMP>Z%6py}I7);a)AS@noccvvFW0(fb%@dy-PUZw~Rc9j#Z0RSJ6CR+>+-^s~$j$4^
zB^_1{hSy&Wbu5QU&wi_5MHOv3PWcruyiqWRDFbVGxVbKUo5O(gGh`(Mr<2P6ApKr(
zxBpl^x86<gi^bGOl3PA@iHUvzS(o&Nz4$BPFr6P5_|>OO&37)ec?h0ZDC=O-;MyAN
zcUbp&3|ok|@~wV-_H=rjhRwz()SL=A_{oKE1UIFC=;Ph>d`m8~j3JRpeuYLd4*1Ya
zj5AoKD*uQyzooV8mnV+(N!$@QCdGmbH!d!xRHC;z_E#^dJzvVlG374L@QL(1vQvw`
zUfNQXh=##BjJ4F~e<>s%V=Ws(@jIOY%$JQSxNpI*g%|cHA~hryuS#<4W(AG;YeD)7
zlV*G2M3Z*P`hw16m!+%qt}1$j5A6GzoMOhg2m+hx<yzSz8Z*6-?-ATb+U}<=NLo3h
zc{+;ovn|F?syE1VZIc}O!$n7(Ip$!8_v%N+3XQ}=YEX-OKB?qY-Jk3Y5Prk9YJ#AJ
zWoquSA8IMPN$rboQk8B&yhxiv9{r8c=F3*mgOGsPT3QAU9TUM(cTMs)qkbySF}vZa
zUMd;h<dZpMmFEu=z9&cI#>ll;a*H0|TKuxz*Nvfddw_mVo@R}oS-VP%#UhJkQ~Dr~
zgTgsV6G8nX(wedxmha>ZdoH&+N)Zn}_G`0y5x+e2QyFvQj4bzxeR?$u@81qd-($<p
zov9B5H{@whGG^4xl_UqOrX1Q!&+{z38Tmp2Oo|w;ziq5<;Pg<3)Eo_osz%&X{dvH%
zPLJ|*_rU=BM^XETXy1#tb2H-u58Vs@Iim%xHXfoJS(kHe?Y+y&%c)?(LBGgDy+zG$
zCcnAnNWSvM`Tw%#{wZ+;H}RGy4f|52y?l4A2<gGAZVbBFI%e*$klvHUdAADFv0kzm
z6tk|@=B>UwbJer=jhA5Fcp7IIZIx?R*z-p-(~W%OFE)rMx&5|9nF@Dq%e(7l%<Ysu
z!$^L;trcaSM=>~`l}$}qx!|fL@y<^tkINQ}ny(luBC37ek+tiLUnJ4p*exTdLE6Y{
zdpKzYuUYD2&!N1}#7{Iz6~^gognIQOac+QR$K)(gk04l0FCoA#Tzl}n4Wp77N#xE4
z<(K1TLgBxb=`drS3OPO)-9W=Ii}+08!9T6oT`|9-tMZ{Tv`M186pQXzqmbogMfFi-
zu1TDX0`axK13X&O^K!N41@A0Pq~-JI!r_g+h#E_{znPK^9C3O|xwM3I*y-pfTwvzr
z+T7xS=>07Gc#lpVI=?};Vxh|lcmU{bC^R<%y4eiP$$)NbLK7#b0k{FA0L%bF09pYc
z<B<O!6|ezgIsjAvE&wI~e1Ke-KR$TDIupPK;66YGfEWN503_TnJYX*8eK3ENAI#_!
z1am`#VWa^qK^8_1Mjp)DECV`~0M!6308ogKK)h@y4FO6+Wl-CpH1y66s1N?l-G;V9
zdE3~2RS)GytmB%DmD-dfRJ8C4;v5gP!trBjCm8(Bn)J9Z;r2B$aeqkYn0zA=vvxH;
zk(V0WO43F7N-8qCvQ#bPjP?EWSJbxJWF*}%ZyFE5$Aey_G47m1=?dabb~kr9!ry|;
zrX}go)1}WdF3oltpJ31zzTdN<o(p7N_+ZHQ6z4b~&LSJ}t*j4C3lnNbR?QSk`)+Ig
zi<cBvw{4$OIDcB5dm$q{xW7L0WkjaOF&^fXi#lxAtfJ(QUGA!XQTJ<XG^7o-<UI0E
z_IMG(o8@5_H}9Sqh4L>}6<miL4m3D;*Bb=+qQ6-y^Gp>LuymR~(l1uI7o1Sn_n2(i
zJP&*^iUBI1F9?vrzk-6&!Hx0nzi?`lu>buJ>RuQ&(6Rggf=~woDQ=J>BL%$ifA$Mh
zwgGtM|GYN^borfd0DqDIvVZ+T&&V(bumXU-8<;p~_h1m<$gmIzP>Jx+;YpCOkx20|
zV43ez(sK$>F!8cebFpzV3exa#u<+24gIA`3|36T)AvlYMq0TVMV$ORb;5#^U-TSN>
zMT)4dNLja!!ias;M>{zg!(~38%x0O6!9Nx?#DkXoO020#O~`c)SEZ+WM2T|wwS4h!
zP3aG1gr;QW<A&|YDY{-SbTxYgNbG~zrkx8h(=Bju3~UIbDE#t_=Y#wMvRsF(O+1%t
z=u#h-u4cT7%}EfBH+v)2%JkyJ!bY6tRYBPI4a+D!L$>Bag`Ii<v*Oy&Alu3a4z9BM
z+y})wL}mHL=#JU(PQ2qxt|ucmy5$QGl-*`j$OL+>kS;oCsjI%e5%=n64iWj0_3r9i
zp`q^TxX|zR^ju;^cK7!C+o8rSj**}}AJ-_pRwqSn5@iJOkGfsLrAT2+<YcmRUE(mD
z?$m9p!|z_<`G%+w<rHF&5j6}^;qS)4=ASDg292Pg^bhr6AeW~2me=S8+Qk#PEyj*}
z%`LokaBS6dsoubS0(UiH-J+0Xf?{Z5@GXeqv9;N}mIZgZ>NtnN159)hxq6~$sg&-5
z57cv(?|=PfDtNTKk)vFm({f#A*1+(Bt|l>g^)nY+Sxl;c<11+#uJCirgJ&nk#c6U<
zw(s6qv&FLp>?CbcR4uE+c&$HY6xfy!z1SCZC_j1W?RKG~&U?A4dU9iW)Y!eXAJon>
zATb;@c{>muRX4$x?)PoKNn{>OG@U+J#<0`>J>(QJ_sUGLTg{R;8O1;HMc-4SvKWuu
za%CS~Oa!$RoGxV{fhdJIHbt4302m{2>o&c0sW2TaV_A(%Q3?hY#(A0}m@IZh3KM1-
zRT6<S^=V#q?{vv@2Ln;YNkaI9fpKJ|{S>s@BVDY^Y+M}GrV)aq^w%VGQJNH3x?IO!
zln>6#oXUPqxjJ5tQnRgEiSKMQk`?cwBiSC-G%!uU7H*79hZHQjytACOAEN7A7+Gya
zIL{fX+%@Za8Y|J%7k~Q&r>3#0s5GcN_e$g=;l@?TU~64bz=B_1x0yh?ThK+;d&8<k
zDh01(QX<~yGW3&|o*d<&9o%k_Y4I_}oUzLK7o{lLQZ;?*@*A%n{kT$l$hLr?n9({U
zOA{0pkZdL!tfm0t{?o9{`!{-&?L#6($Jg8l=JXt0R@=(yxF)&=gwI?_h`F7n$@#^z
z;KHa)kPMM1(D%sZu{8=`3vM)M-j{rbD-j(sA`&~2LN79;OTD&B$f12c&f>>d-1Sw|
zw(TAT+h8`#PH%yF*(9E-<LH0`*HWPO!Cc!w&YJh6+2*Gsx*g*E)dPyAf}@gb%Ttdi
zreB@u8^2M1*FA4u_KUUY76}=dyNZ~2(fIaBa!_VNxx{OXvfGpjobpddm~N#@Y`lfG
z0w=jn)>VzO0pOqe#sbw<QWq6p`~)*SPMpOyHWqvbhZ>I4(tXzM3m$gcI4{Ny&o`1~
z0tGRk;0qLvfx;S4=mrY0K!FS>z*2|6gi?d&m;r>q06=+=f`vd03LpVx5JDl`6+pUw
zb?&x9ACNv&3dtYa5Nc2_l!i(``fe+<rv6`bL1nN2|5-mUxhwm}?w@*K?`%Q6)Sw=q
z5(?$P8u9@{4Xr_aU>$N-{!bbP2$T*1pOAo0YVZm2(e{$`V<>r%oG~Q$avrYmv_h!)
zBRp9wsh6B6&mAA_ZO|~w`{0iV4O?qBJ7R3})v|nOT~H6~tDcCEyoah-Ju^X+NOtA-
z9I6$H0XjKArvwB5M1X(hg{BOP|DNgp-{%?qb53C3|6>Q#VZH<7V}P^2=M|{z|4ksD
z{|4m$-+-$5H=wxw4JgKc17z=H7*sk2umn{O2{aD~5edxyK}AJFLq~_E^*~d1pt(8F
z6dN$1?oR&9BEto9X8s8NUxDV&{9B;8H2;===GFYO{%3y8KkNUPX7hh!|6|(C|B?M~
zrs0tOchhjnv#}mBksWmUu5*<k5zBHFO<jqn!KkvKFSV(K(1)|#f=-189f=BcCXhCO
zE`T0@F#zt?KjT7Xux0`v0D#7aSulUbg$`g1o&SXapz+~50BDRT4gif4!B^zZSW$?X
z8YH1{ELclX!$^U&6j*~aG`9Vl23Z(tkOn1Ece*%`A}9j|pd5SxfyzLd8rlRS^(TE-
z$6Z}eoj?bagKd9o{-!}OWb?-#(EVcz>EG3H=MPFlI*=~p4~q9LHYt#S>W9{#UXX#}
zxT^~?`Cr@a%3<!}yDPra1$uWrsO><12LpscUuGZ=7joJCwrCJ9U}0c>13=F%fn?j&
zUs;Z&vYHdsYmSbQq_e!xxh!a@=s}&?L5B6`{W!OmC40B`-r6~8TI#N3R<swu36QX;
zpn6H+>t{=d5U;;Y)t0n+Cu2Cd9_KJAd69;kF`9G6y>+-D#G%?|%y1M%y`aLl>l)F$
z9cE!NNC_wDV2j#!ST8|9oFbOvYVQ!iA8Z@7nyrbbl~F5*tX@JMfh=M4aWQyLF6dR=
z52D9{vm)h~80tp|ROCmul`wFmXBZzpdsd6-`G+$!(V))%!cX{i&Q%=fp~#yAt9V8m
z`u)4e{A{}*pLca{(Zb1F1#`J#Ecg*@iJsm)X-cpBv>~BYF038VoQ4oyo=OQ~p%>bZ
zP`)^+!DGs}v>>3J$K%zp`vs=ZyO;avetQ0?k;>=oA`Z&y8N81#Dmf*G=c(NBbm-k2
zI5!qZ)t?PTWDzUs`QMvG@oapX)%Y?<d0S-9fA5kaa?V;7)nc^6vQv?m{19b^kXKMt
zc7dqAonBTo2T!BZiWLqfNqu2m1V8iVlAF#W9-K*^525KKxTeRt{0I&`c~hdqxMHXU
z^!oc7aX&7vj#JoM>NB0i2q|6V*P<$1ws+7>u%aqiB@D<nseCSx#2<Z`w_?Gj*i4&z
zE)l}eYpv<qr^0DpiIY)}McD1TvznwOc3p7Ffks*M=;DVs8-)NiqcDk?Upom(5uIiY
z9{z>%P1&wBRmaX7`Np;I-hjeyg25Hcw=ZE27kE1g3>=#yY4oh%QcG>I3%(wRzTuiH
z3p!+t;Bq!(uAw1xHAiOgQe4=>A<Q!8em{tx++@B>dBX=kYyn>qZ{$%eoa?HBo|!p8
zuvjwC7&UlM#Qwyr)TlJWIpXB=C(0L={YOnCU+n0z)f)_~cnxf&Dyvw<CblzqF6wAn
zNzk>^)3QyUJx#lK^FB!Y$=hhbpFSLGDW<RYaYONJiCCifu_mcDdUBQ)lhf+;d<!DZ
z9$UE6lHGQMrzb14lkTEb4rz09YOO2H#4+<UIvxJl)!Vu4<}=@CzVQ$XJeVPPXuMWy
zxkX@%BeRSzL0z+YAiq;ul1HfKI5(m;a4B;t(^K7Ge@G#!W`#&IB%SF;Io+cg8D+1i
zysrKvRQyNIlVJtMSi|h_=<B?ip0*Bp!r(;D0Xy`V2*t?HiMlW?hN$n9NXk4bo)Exb
zh0(Fb%INK!>0n5lmQk3yO421Bx!;$5`a1S_&vbH5l-5ySa52!#^I)LpN2HW9ug}+r
z5ahy4^`9g<(}!F9DKq9JMRvvQNElt$r3eP|{pcZ_{&JZSeDWQLHWR=5GAXgf<~-(x
zqIGcmW=(CRWNp^0_&U3$g(TcEe=>_x-#Q&{(nt_K6fcis%UavGC<~u^FKdeA;N__A
zw)E`Hy`yPVrxS{SK2`Qle#<GpU6kd8B^L73s%qY1QMC}RJQ#i5o#>uv{>|d@;FM&d
zOfSD7XZ}aHpv<~IZ^mHh!#HOICeF=OgJdE)wstFP?8ah6X+EXvTKnh%t*Bpyb3y?f
zl(hHhnFV@2i@x%yKO@LO(MeaiF*BMaRu~GRDVHRBe!ClCC-QD;%+*G!deN9Wp~4pz
z_B)JiYIYY~p(h7=u6Jeg*QSr#F+AjZ$7x9==Zsv3TQB+H$AhmB+f3rA#ltRk&@i9=
zR4463eq1N^WUcpurX|kE3_b=Pi^iAXNsri2?biKAaz(6>3>*D{FLXnob3b%SLI!}I
zQHBWsCW(W0Fv5Umc)@@tV!?o?UBSRG0I&eC0YLX8p!1C=0CfJ51yBTd0H6k-1@NEO
zt<d?)3BU~?7$6(~8Wg<%cmt3E0G-qF0Ez(q^L|DfDEs&MatY+u0KNlk0~`WCa|f;f
zV8QVn82}Ri8-Ngi1b_^H0pLD>Ab>Ccc##T>GJpnvA%HP}Il#Z?Cj@|eFhC^0zu%9U
z2lD?s%lF?rzcx_*&$CbdJx<yL<+}hU0RKJ@p@VY~1pplY^nY+jz;Nnr{h$4G1&V(I
zApbqDLHh|00NQ8JxmgEn(+4mFfaGh#ZsN`We%rRl<mb`&dp~6eb*rq%qh-5{1nSQo
z+r;vmTk2(=(w2B(!&NLfd8h_5a$cYq%SmJr^nTRFnQkO?usdnGUwZj1-S!dDn}h=u
zi&ut&Vk9}C4+3Uf1kL(4*_3`K%U?_5VfuZ4{&J0)d%o83VYOt+_!ADK{DN>(*4aLo
zr@1;UxDy$}SZLxJL9fYfIu%i)(Bt0OBY!DRCFXTgJ`{D$UYEM<DBke>^+F+pQfQ^_
z{W1ofHw6Pd;<0lQ^V^86JT;%O$W_fBVe0-|o?4aWpM?1rhp5s%l)1Anj67>LDcnQo
zhUdGQ)30fVJu=uYvZe`+Vd`mRnaYXBg2@G6ZqVibw_@`1|GWqD&$t^}-;HYjZ!Dqu
zAV9kd0@U3Qpxpui`b|NA#`ph>@uA-sbe|Cd>R+INH3aCl2LZYV2?6>YLikG;opQ2Y
zR<JEDj}fUnQbynEk^N3d<e**IhteEhyvyHyEd03#$y)G7b6bg>y!rh^YWBCx9WJ7p
zu)7Oi4PKXO*(G7|;Y*wgF*9jqv*qmRAiT)^8JE)eImahT>N|cvtwzDn@z@hRd~ezt
z$6A!drP#Tcdk-^v@hFXLQj_5wLUpn9_u=oq@iRT3nDQ-s;kp0mKuh8mM^>T}>r21-
zpYNy79EOEo*;SC7uOcLPa(!BO!(<t~9FoDhxAVp@Y&y>9s~cRmNZQPD=Pz&Wdj%b7
z3Nl%_>Qsbe;tKjbY&(b(nW@Ub^TP(#d>1lwELv9;=G@XzSSYPDJ)Qx-lZl32M=4hb
zxFzy1JtK3^v50Y$8+(XlTe!vl)|%+8y6_LZn*J{_oTrZ#zvs`ONN$<P76~Q?JFW^p
zd4wPBdCnn5>K7(P#1f8n<SdzBwfkG<sllu2g-}10gAyamtz!dUz8@s6O{x293&so|
z1~ZCzW1g$)T0fd4k?&`wrKnWFj@JLkI5#PHnVN!0I&@ogWc!O(K9WJr5*0h!eUaYe
z-h{{{p~7e5KyAlU>ZjPZS0NH^mnEYfY{Rm?RZo^a3hdl#8cuZi_JIud_p%K~&s<Uc
z!?DW;WyTKDl`q~CJorqM*GTYdF9u2d8==%S<=QSq;3{42e!ADobv0jhO)`St^H0fb
z83T`9)gLvU5bCw{CvOymR*5PXj`E-X4!U8v#Rw_Sub=3+oT2=dc1Brj!RRP0E5(;U
z(gv@M_`_~rwd|sFlC0)I^1C5h{JEXYrjA~#E7tO?=RDtzH!oK-*N7?F3Ih)f=!9qe
z)ehb-pEcxAqQ4zR^c74neAN<S?k2<&@?C6hK;-Al)8{Y72)}#5bvIre(MWPAzR7zP
zRqLF@fy$Xg6H6~vA1=JuA}>I@SwXfA_vOa&_VEl3riHXm-{7OzYTA1P9ikW?Gu-z4
zbFT<r=4%Yxq_N#+atixkMF87kGUboZw9;iplJx2Rg`Zbvp0r~hr_D)(f@a}va68|#
zHLu?zhnB=2WswogGWS&p4!^u+d36<P@C2hmLS6{Zh+hU-$=5FPppf9J%&^i|4j!aQ
zst@E1+lh+xlVJhKq|c}V$O+zYJ|u6$tRvF(DWdw3+V-FhsbHoTmbf^u%%lCO(ks3S
zIgx-=O3csFYYoGBI;CcwXg|E=;h8rgJk0%{JAHdbrl)DVei*chUE3_)U$-$7PJ&A@
z^3;+JBZ3ZG53maO<48U~K9QoTnRi2w`}TO;tB&85j&D{^UY7d$nH6r~{0L)d-<VB$
z>^%mogJ>gkw)oj<Rw4gQ7oMBx8TZZ%#^(d?FBK>|Ex68Ph<qALYlU6#xFXjng0j=^
z({tB%zweFS`Z|S-X!h|FHEDO)K^$(#6ytNb+{Z_H`2x(F1=md~%5e=}*^qPSolYJ$
z2RsPUv8zqr{v=jhU4+<_d5JgY5N=qa+`5J6C;B0dz(a<nO@lc!B0T<gxsIdy*yHc!
z;%Wo-X}9k1^Q)GxFlHsTAAH%+4Uamy#zt>oo!UXLceT;Sug<?0EHHuKveLVT@%U3L
z9Jks}URsf+>s|$7l!X5C3+hnALW!L{o?Mr424p@h&m`6R4@P6!t%arZ&S<jU7M)Bs
zb0pssgjWsP8t|+<Ci99MdG(F!yExp)%~IJ0wW%SNvPx-%^EStQQiN`+fHR!0c~fHS
zlkWrKa8{;0aB}jHOC2Yg6Y$C~9a36(`DLw7evB`F{mkg2!wC+Vcfz8czUZ9~H_+~%
z`C^=FZQbM|g8jfs+2a$=)1k&FEoaI8fz62PD%c6rcq=21t>KOKQ|#Fme1Wa=O&<1V
zqPV-Ph&s71R=C!4lo~l}J-5?S-qlI#HljJ#z|n3L*jGKfZRjj#+>`5pFJLkhjW1N(
zNV|@QwGGaQB`p$p_&z0YN6>6#A8+ANFXjRTgLW7Gn!}qQm9A)GHftp_y9Cw5FQ{pQ
z?jhwGfqh+1^cSo91Zzmj;Oj#7xWgXKq?~=uH`X=nDnUV?40nee4dy+zFgfwfOh_%$
zqVn=i*7#zt=A(sXL$gh<<TOr5F8=$AsnYCKlKFX}pdl=-$2`A*c(ISR>*?5HEap&X
zB^Fw%z`AKS>U4C2PW^}Glm|FOFF(K5?L(`j@g|mLSnWF1PdlYSuQr*Ra6vUX%gCA1
z$<p}QQKjHs%rDfG`)ph@QoSPukJ#8k`-doT<osbfo!@JWLFZrQS^IJG@A6(NX$@$j
zmFS}{nHVJrWsy3uf7lEvna*zbIK_O}g^H2g!rH=hA*R-?GF|DbSD|_iPyMscxpk?B
zz9=jz#8#3w3n__wL}SRFWw4{G)#xLe31SVb1x5R+>yuUzS|Mtt2vPbv`v|P~qtQ|M
zd;Ux=*P7TbRJUJ>z3G<ldc%G56LlF~l{wLm-O#FYNl|t}@L_7fDoS+A$LgJW-NE?Q
zQOUPLBPu^{m$NgTtdxCPf5V^xXVF-Biej_WzpEWYhyA3*EDV<%=bg;!+3|&!BWgjY
zhkIt6kJGtcQdM;l2M5Nu-i~cA<<D`81RRwIzdc5hI?ZfTUAS;CjdOP6RYY>4`oBnf
z>!>Qexc^tWySux)yOC}YrBk|5>F!npL{jN)5$Wz0k(Q9|6z(3s&-$%r-QQn#-Q#-s
ziM=PzIeTXI*|V89-$yHlh>^P+D|t`b-|=zW>@2zNH`Q*@3r*%y^h%_2HcSIEIN^Io
z1xl0B?TzH`mT{Y}7)<L*Kk~}EN^1~!ry?3^G<r*D7o*-x^=B%bg=ZuA$aBVK*_Ve)
zd~69|`QQCrsDV@SX0Z>vX+_X{*?4WOSj01PuH<#4-B=T1Q}`wv<2LqdhC`mQV@dd+
z-yZT!CDsRy&*w_{LND_uJ(*sN`iFbBQ4^yEq4i$Z=U>6pE?Kv4Gp4y@kU7~XZ}sSY
zrx{d}9r^)opvj~k6~3`59T}x|BSwujlg^Zlt>ewQEYv`sRufp}5L_H7;d=hIjc(~(
z9cg%}-B*-uyj5kvFFfW`wd(gWEWH%4F`G|an-+~nx7-fGepvf`Dg4S$H0L7BtKeQH
zJnO`<Q&aC_{zr+%WQQDO+_fz4#pAbT_p!jF@?u}w_kUju7-FQkymC<6EZkh7(tQ3w
zTR5l9?O-U*&;pg6qNAEE>W7$?IL?cYZ<71uyo+%tyYt67KNQdnT5c|R7YFo45MH6o
zzFYMusgJ}r68-3JfKhecxAaVk6}|o!&18DmHLRejvS5b9ueIslQ8tC7+X^=q$wjpR
zdc<DQ6dhWgMmDL>5#y|hv5RvG;1t`?k@Yksz6)vhg~4&KQbz3iYVj^zNg4Xx7jyq<
zL`N9nrdFpx?<Ndl<2|;HbfqWz^{(B%*?cYd!(sZ*YlNX6_{8^<EZZ0(U#Bob`th;k
zw9Mu$u|z-S?o^M6<?Bfqs(VW(eDg71>-3rwc}k_}@wVUs*QslTimOwo>}0}3#I{D+
z;EU{cA%X*VM{8+rd<w$%2T0BCWsA0s{^C0tt&z7x`<-|2aKnC8E0T(BZU~4{9!xR2
zk+|e@zIhe(J_+Y<Cm4SvIqF(;wIC1%nHgotuixFv+{|ZoBw{*kJ}ntrxc#(;j2L?=
zSMY|PNM+&`ZWe8}{kCdkO6F?LR*&pk7&3#D4NP|vHPOWn1(Gj6IX@MUSTH`<EqKL1
zPo|c%`mp_CH<BR~WrB8{8y~A9h$SqQnKB}`qpt6iWuByv&lB0jkz=Mpf{H((sP?W>
z3iU9Q=T}mX$Dt~}Ltae-M^ouaBHc?wc-E2;msfUq0#DyKrhh(n{!ZthGff))s)d|{
zRA6~-CSz9rETHoAx4PM&`&w{GLDy&U4Bgii+UZ=&gqH&bkEIOUKg^gZKT_xrh$1Q6
zl5e<Zp}nzUJJHW3epVb%nYkYX^AZ~!K{|H-ExgQ4EXi*zx_OKdeg5f~qm)2fr?vJk
zNbl{pF<KZle!sSK&QB&lG**nICMG<>X)FsaX_8zyN9ic{--$u`N=ZfcvM~-Wxyj6+
z+EXEZ8mm3wPbcivf$gX;Zs_V$(^ixAhp{f7o{cFoH33KEF$`>yZbGZN7jg6+7GEZF
z{xI(S4mql0`3MJFc{&_&&-^KZ>BVvOPH8c7wI|bUIjNj*NfS>FmD2bCXUazN1ep=y
z5t?)siEo?5we0tPx4Wbd@NkOQdty|}3&ssfuO;o0CeuG#$|h#$hFLnZ_9HJ0&y#e&
z(P2WYe9tm(BVWDuHqLq-6+K`pXuzNv>0}B&4o#Yyy_?qU=h)&b)!OSAPt2HI;h)R7
zp9%Vw^ir`aNJjK8iAZ<RRBFC8KbZcCKR}JHV&?w+-Qjgb{l(|!a{;vPS)z^&{BCsW
zc=c^|utgrm7FW!5G0kBHKf#~%k8zp?+L||5JRV0fOfim|ytk|p(~H15(oQ@b#y*mv
z<cd;l`6|HZuA_b|&$rzgUzzzg%4XUgNyet-EB|s@SzT7?Nqh<sUXY$RPVaH9RS{8M
z&A0X$o|A@)gg<BbZh_tUmjf!{k<$Awj^*t&P68H$v@ez{6=&|{`E)S;mY@FD8vt4m
z+7}7WoZC!!!%I&%`Ns+4O+<b=eG{z4ZQ}X0rRjy2mgLCs`pe2!ZZ;#)@`3H>j|#V=
zD44IrX{^`#qY)~5>}E^@eT+R+h_l!!46ObRtqp$Sf`cVkv=3!W6Qs9|3X851qr?vp
z+I{Lu&okSQ%{Mho>Z1B{{`-$qR=Mb#&(#~4F=ZkGA1BxQ395!pbqTQKyv3PGoO=$!
zEK}F_B;amhsk=kOU;f2YZBYwt=F@*=$62%NY9-jC`&wx7lYrN=Gg!Z(A#=aX-yu5h
zMd7n?Lm8D_1ONJtX4~WKa`sZhm-}NrwlK?m%=Ojq)Yp^Y)2SPY@*i#;$5SQ4{U(p2
z(fXHRR7D;99dI1=u(zalt}ksX)1}m(+B^7D!|1LJTc^$72MGl-i!T!CTb*fEL@JLa
zcA@M=`|9`aaoEo;?Ko4u&C#<-;q+$8`?A&Yyrr2uXgpJ%Gj3@2s>tDd#W7=Azo1EU
zTPBSAZgWOsqM`lauzo8AIphe9cRp89n>D$pSd3cfon+3|_46xw4U};_df}R5pDUQb
zyJzbU{y)i4p1M0QnJRf5!dzT`OODuArxnk7_VB0kLn2I=Q@O}b^3CQ9&!*>ZY202u
zTdnHQ5@!-EWOWwPliHU<yKvR?u%MAl2sL^{QuvvY)?s_twesoDclX@e(d_XUJDe85
z42OlJVAAw{f<Cby!>@;e%$P;l`TDi|cQket_#?uX=O#=Y-d&O}&c4$OuGpO|kj!c1
z%6FBvVl#@rv_}o}I_w%ukZoo^i7($!Q8l9*#zsfGiFkf^2AjB7`(sU>VQM-JPlTm(
zZo(umZ*`!;IsdAtFRq~rHjxhbE;Ts#6W4Ra#J<_y*1u6x*^l>1OV7>>lM#H_R34E;
zI2kDndozFY(Hh-(G+xWDx7Gd{f48b^(d5IR_C;dhbI%7C7(>53nE?Dwp;Xpn@2c2y
zEb#0jM0kWJ;5pP7FlfkdXozs|=vbJrNEpcAsYfU<Fz9Gcz~gWcP%+?<!PAmpVGuCU
zQIVctfT!!iqrhPyKS4)E!GJ|YLxMv@0FUAYPuanOgGInZgF%HyLPx<sgnNRB1%rtK
z3!cOakA{kX1cQo*jD_|D9vuz=1qlNd^N4DtZim2T>PC4j_l4W$FXe>r06r6O|BvqE
z6?QKLq)O)5Lk{5PycU}9_)>M?+WB?=<fZNiozSAUw}ov?azbM#&^QS+#=#8m12}@D
z0!U7P0T4Gvpz-1X#=4%tJh{ezf3nMh{-n*H{t1cnYPjtM8{gx14x3bizHyhpcvjrO
ztg<|0vt_D9X6o%WCRjoiEA=Pcx5Oc_Ct5hewd^L_ytSw4f=`!`B5N<(OmlaGWk%6y
zwAQ|zXsic!+toyGZ~k4V_A`<D8%qhJrJ^n)*Dg$PD4r~p{UxQ{<~{Ox#bN7sdju}Y
z@SnyfU1p4%->kh}Q_)+MEGdWBRMd4xnBg%OuPmUQk~;~sNBdxp?bg;Mmck-X3Ur{c
zUc4d<dBokru~*(8^irRG6n&#XW-DhZw0fBxS{|%2W+ThjB$FD~p|>y*<tRGL!rZ1L
z)XJd5Hs$b{l4|btZL0}7(ut6~#fR-i!i6c>DBO3b&K*T-wmF`7q{#Q~S0a-&3PMIV
zMk^%a23Otf+^x<X^kg(hEKywwfjln<ae5Qlb`{%%@o%^KRE>68727l_Vzm+#P32g8
z#fa%oKDAPWoMT;9Icc!}u}aw>j8)Z3>DJ78auD~q%-3ZwGqb4((b+k?wgf1<L`8(Q
z@4_Qv8nmD2iwXYTesP*t7yfnmN*wONoX^6OkXa2*+!Nht(XqGGuVQUe9CqMX+xYA{
z<5M9cAq(5W;Rcs5MP`d8y00Pc*Ec`<BuhT~IGe;;5BGEH%*0AhvNcI|nEA#dww&t;
z75EQupTpvP8Q_g`YH8n|+2i;a+m3kW=ZCCIyX`aX6<Zj8gkv-iy6WQlD*iK(rE%_+
z$t~ZL#TV7z6Hc+aTP}jS{^Y*)Zb7b|`cXh6JM9<mMhfe|*OzJb7l&y>D@d*w`2%9l
zL7>DDn^TB)*q#Q%c)YUB?4Y2G#y0a1s(IIViHgKZ%SP)~ylJCVRb|T7Y`-W9LUE2i
z4BM%z6cB48r2KU=ze*6<T%$Fs`H3y0)!4$q55^&ztb?;8Mwvi*n{b}p7(tpgb1F6S
zJI6+gLL>s^k}kh9%ZE9aM@N+il~3eI2kR@7vhK~50m~$$29gMIE)@jijutj*U3zY;
zY{-8^SoTtntCxr>PiKto((-fE490bA9zrvM5qdbgbw#{6?dM>SJ9DQo3Agh;ubgg%
zPf6NmC?<LS!emo3@b=R5<r8_KNynS_f}B?(ZSA5PCYA9i7wo70fPfF;@adW_zunzR
zVOCsupQqZexQtOrv@1~d@s~ABH{GyZb@0QJ**3UqNED>#!=%zS1Qt(?+cs62y%NSJ
zmgsKd_V36QK1C$_o26~poizQ?XzSWfPid~1yu|$P`}1c$e?ICOa*P{g8dO+n?D&##
zDh6B!S>yW!pPlP3CZBQVOA91sOimGRG`4BoO3@rkOH_XA=vM18QmGY8)OMY&2@4%N
zz*=04kL>r$Kiwf)O?&F%mQ)b)G~G3XeZP*W<M(E`p}-&XN*TJNSE&jlMKlMPni>?=
zDc>T%-vGYdqZ*UsUNU{zi$?l+O=M_R>4n4(7~?r@14s2(j7*!mk!lW4TsG?Cny?Qm
zYQtUp0p18sO(i^&MDX+AcY^sc84fuwRyLt7@hR<t{CI75!|P;v<eg%(dwZ?YiCq7@
zXp8rH&neSaAFZaad!8s4TzUPBf!kU{k@}SuX%Y%Ms+z>-VS9P@G4T7kPSyhBfKZ=U
z@H>~Mc<q*)yMABdJ~_7~uw2|Ua{aA;=9_`&u&wCUI>S&V8<ih_>yFf-e|=bvDyYJ0
zCoX(aD9t?m=IfwbC&5O=xleyk4tSav7;uJ#hLFKHGO)1!hLgdQ%s>I~|0e+~lm`h=
z7s>%2`QNf2|8HSv9sjNCzp{VjP<?2%{|f&3P+e#p|LXqR<iBnIw;iY&RPbN<ztut^
zRQZ3F`ENh|)%%x+_Tk@tL96|5-+=RP-~SarW&i5@x37@@FAuHr-+pmbcRx5S{onIs
zlIi~K$-lX~zy<0oPk<WA6QIEI1gOURH&zebn-T<k2224i0MK>E1&|ET0hj^W09k+p
zKmh<6kADMz?s-A?!&U+FfGz+u;Pe#m05Aj)0DJ&K0O;P-C%`d46|e{}0t^CJ0MNL9
z4Imfr3J?zX26zF0?&X{Vh5?cQ=w5;?U=zRukO9O3z5x6I>3{_QbpPuR@D^YL_yr&W
zC;_1P#X|rNz;^%=paKBtq=f?b0G0sg>na7f0R{jh02ROw0Mw!006Ygo0WtyLQVr%N
zKY3CO*act#W&uHfcEBirAD|3)1iS_$0ZakZ06PFFpb}6I&;z6bXaQD$69DK6{JYO3
z4J<OC8?X=f3CIJ)10(?N0nlq4zy|OJgaGCMWPk=h6~F<Y1yBH-0k{E204abzARq7t
zU=3&mZ~;01%K&n~Uw}Fw1>glh1jGPp0b2k}02ROjFaszCyaU_-dI1c8XMiw(J3s`W
z26zeZ1qcJ;0F!_sz&gMjPzRs^WCJJxa)5roJpdk{4fp_X0$>1c0V{w206jnqPzD$S
z-~bW<8h|Fi9zYxr3`hf90a^ff0CvDMU>o2J=mEe13;^<gKtKtA74Q|%3D5;B0nh*+
z0geD3fG6M*pa>`jL<8^vYXCxkD8L?o0&oR10ww?lfDwQ!AOlbcU<Q}~t^pB%|5TX0
zp^y9j*9#Ub4ZT0;7=d2!=z{?*p3dwmHkesBete%F109+#jHW5%KmL*rB;+BwJ-I_3
z!MWIeLWVH)q}AACfwqZtIM`BHl>V~(_1|{;!0r64QR@C<LS>bnpw5dCX~J+}<>G3B
zVdB`W$K_Hr7*u7`(pp^jd;AQB^`i-y_<CuLyT%0i2lCc<*sKy6cvOATVe7=!?Q?B+
z2BM<$`F+Gr)QqC{r7a@84iA3nmRDz|(m_>r207>lvFY_VQO0{~)mtc$25zhKUmjRA
zIDXq$KIxc*MMx;`al7zIWfej|KNSc!gl#vc9n6)T3(Ch^nR?#f+3|tKZvQvU%#Qe-
zZrwq}z+hl8bMS|Bi6=KyCLgASAJ85((ElLOBi3kgm3rH^Xd<NdCwYD;u71qZKkCZQ
z{>{YE2*w{Awy2(1uh^jUVz%l3TG2;bX36xRO!kVdA|g-j=e0|_jt<&|!8q4f(is$Q
zgsYVwKrcN$Yugnpk7V=|{mr&e2czPdLmI$wXth}La}--;5GLrmUGv{FMvUzP+0?ME
zBKSrjTT8;m3#|<srPEHqp@g3Z&Une8Cl5leqwZ#|w&w=@@A_BnExDJYFB%tRSoYIx
zHW^8*44Qh6^e&r>;wNDAQj`OSTRXAzAAhTGBRB3$G(0!voR3^{b|@RO5v3hHW9z#K
zN6t}_9Ja%PaYUxxp~zphkDc@}yga+?hP~}x43O5Ets7QHP9<u^oUfkstwTk>)Ba(w
zIKRC4m0rdGZ76M0-w@0B_u6WELzwv|dQ_v1r&nnSQA``=`fol3!7g<Z_}C%LzjCyy
zQ%{mFIIg#eu{!CfnhmhO<l0ry6w2Xt5NKrg2oDOEzD`zwtvvQt-w{L3B$s7IOjDL`
zR&(~iW<lxfGaZaQ&yMhSG1tV4$MNA@V<W3`uTLr^nlBP>B_s65PO8YxXH%@2dbauL
znZmRJ-s0(xNWH$F8aJC~F3L_sfAHR-^cPWBhIp9DpNAR{y?5vvje>1=bsrzCJDYmp
z>}QrrT@;k1@N?a)9fqf?#Du44?^ITU)}6qFoSn@5^6YVnR708}j%!|n_ivM}bOIh7
zf^S=aiSr!RQYdYT7tt$qU+0=Vqi{_W`A7<7sW+7m_uh{UKHp*K;tagbOIfQGO<|Z(
z*sd;wB?PI8(PLDrbUL<YZ9I|1R<N}Z(u?Pf$tq?kFa0(z9m9gXsI70uCXCvzq8RPq
zRnM+3v0MYQb92iSb(tM^O$rXY*8;iAUrn*t36)?8hO<6w5ZS(OqNjdUa*@t3I`^IO
z(T-hS->V(*(@CcF>J5cT%ONom41e<w_g8`k+MQ4o!zdLCOfUTai^bwc@0W@Sx;4nl
zN=`G|yWrA*0Itah;M#)#`WOh{T#EqCSwLC_Kn{Qf-~vzqqyR(!ApjFV34j#VZ~!O(
z5&-m%0Du9Y0Kft80B8U*0C;vWxNajnIr!g`5&myK@Vp<B@UXOZU%Ncw;X6Hwo=8q#
z|JL`&!D%H)K9bj|gD5Fwy&NIzLWoNCq0FiX@B%~%YWd=-XHgLb>Z15Fsixp0=LB$r
zPImuZBrv?Nq<v5O$?W(JSKzGRS26kHgOAkQkO!{q$vgeKC>m~Bm>kqMKf7lRqWD^K
z#URjNt<mEihbRc7E+)K7{P|6AVk`~MWa>m(F;v***I(}Mh_M!R4C@)RQOVc=&dS{d
zjg+#YubB02!zEhT{7?z9KD`{$m?{5#=JCa_%BWcD{Lh@HX65ee_EyCX`@GldJwmjL
zXTzq|*(KV!f#{bmL_I3|3vyH(h2C$PM!rfK-<j1!i0R}xmg=*7d|w-xWZu4X-<Cc;
zDkSxMQdcBQTqfU137<9Rg~91`nLJL)4?1ej==!(Kj6NSWifmO6mV0>~h%qeVf;z5T
zkzRol{{#TKo~^-v{vY^UxB(o1U62z5Wzco;2Z(2YKMMRlP!IYXp}9T3LGBdf8bCY;
z>@N^Qb8$35Sr71?0FnR|P?iAfB47d94xk=D2sj2<f@P*aokZXlgF36g@`2bH<R^g-
z{e4jhh^>Jw0Ogi|7RZ8_2iTXuRsnkl>O%9L)&aqwJ`>1mf;_ZeE`WC+cL;#`1<*XF
za*+Gi9)N|`9}28Ju%!S~;6wfLLa>f`V3$Ds24G8otpw$fz=z(~YXJ0qaY5V)EHo#n
z3HUc4{|&@&z>fzx8eqQz-UHtOun5ZBfjtLS2jr~)!2lYNgZdHq06yR^0MtPq25<!G
zQh_)Rl$n6I9ry&mLjB$(P!<A!J`*F5!vr<}#CpKb0T${9!2{n1_@%)91~w7Y!3Wj?
zl(B$Z0k9Sz&IEoDC@TiOJ^<Q=4Tv{DIrJU=1Uaam2+cc#J_iy&B>>v)D#*`*Jk(Eu
zrgcH@w;lLiAjb$01TiyU4CI;tRlp|$1c5SW-WjB!l?J#3>rw)FAHXp1<v?8rV4?km
z`bF<R-X4GgfIbUuKojtDL76P@rvRG3rw2JRU_XH620^YI#BsoW26hPW9pohe<^ZVe
z=7KV)ABF?`aNt92oeuC4l*fYn3jp*PSpv%s@^JujP!As1OpwC`W%3|~-W#-ici?*i
zwgB+}Qc!*iEYu#Mwhr}SKY?YTdIZ4wgE$M+f#z(Nf|won0>Em3ydm(bfDHoN0-$yZ
z1}~qC0PsNBHn4$UIjEgL_052V`ohp0xi)|eh@oR1+P}9TzXmMS_Mqp_K<)1%0DA9G
z-?9<-uR#4(upA3u8^lmYa}4;^0H_`9gB(A|LErlxAOryQU!mg>dS6DM4g>I)02`p}
z5yXkWa)MX`_|P!|9Us9U{tCzd{w%Q3z`B7lXj{Xeo<FdgAcp20DgYm9tLVVb0sb+_
z+W?^R3se_6Z$NGF6u=0|uYo-P`BcCsKn$P?<k|qWpgafIB!C5A9S{Y|p=F@s3~GDO
zcQysA49H6Z-yQ&cSC=3T0QoP#KLgur1~K$~x`134h{b^)1c1()(0&So9Mo>1?REp8
z-)_*n$xZ+TDDMU_5wM(~tOi(Uy)2*%I#(G2gh6f)S`Ls6^3b`+0N9tnLf@AoKn(cM
zxUvthGa!b}Q=!1;200Y~)PBsNJg`R~e*&y1U>>a78(8Sr%mu`OI?(Y6o!_8id<NuJ
zp>+eh3}R?`9stz-V4*zl>w$$dPjo=e5ZD$#A;?{V*bS6J#~O6}AA%foUKRsD=VL-(
zsX;yqSm;=N4g7hK7YDu;s0+<y6#$kE&<B9l9|X#z0CXTm0OjbwjseR6m;^xI4fJ`Z
zgFJNXOaN8@DIm56HW~n(Uv>eVpxzS@GXmcX0G;=seV_zD`!Nk-Vn8QA0>ssz4hitX
zfL#O@YF7>*?+h%oUMTMgd?8?`fUN~U=Mm`o77l!9JMTfgND!j~ivV~7a!?u6F04Qv
zYG3Uj5B(Ot2Kfx&R|CHj0JQ<=ct!#FVG#2IvOx~|{-NzGgEDCOUJyTkI@SQ_xYq%B
zV*vDB6$2Xp>Tn|q3$G3^@6cdyu;)iG7Iu$gjZBSEF4cwdRaZv|Hy0#wm77UZn`tW$
z=ymra^+?OZ%Uf!4Ia)qtv(tS_X4Ksc*I^+`YsLr1$6XUHP)~!x!kimKox9#eyIK&*
zR5;y@H<28SlLU!!!6G8UW22LkSI3FB@gfTH%RNO?-WccF4~jyLGE-xB%#C6$#zP{)
z@92T=!9^s*Kknf_@9Ki>kWoO8U+bh<o$4c;;lq*==fRK=4@tm`ONt`Sphjk9mes&i
zJM9xZ=f#v1&kJWLJQ)<ZhQYu<pB|@LniwEnphIJ0woqiWa#t1gr9)z(r^Di6Kk4K-
zc9-RKm6e5+p6J1!k&%Is?&x^Z;UUN8YN^Czl^e%i9vX`lb=EI*o)^zi9u)K>2oH;j
zylV(`fEt~hJwJxEm>Zs-f2s?20uBugd3}s?e{GOuM_Zl3Bq<C(4I7!5_;^70T33lk
zFF%2^9E|=UclILm;KAWxcaCC=ghU{Q)kKRlpN&i1yQxdO?d*i<;DO=cKIs)W4~apI
zvQTBUs|n_*p6tY#pngJ4J>5?<0}Bo`T3A}@C-Cs_X3ETVZZbTsa7ak-)5By7$?+7~
z$<ZVk<}x&9wF#1K>wS!y+A1VQlcN+%+A=s=NkQ026C>nHDKVrO1)+4g1+i?!6CKzS
z!ND*=a9CLAa!N?@xTvJW8{KrPt0V0D!SNVzb%|1KDG`Ke9#6%5wbaN>@<V8I^MYw|
zE#>IU=-}w6Wz;d$ItGvjQW7Y$lj6v;c~M1$pMbxEqs8Q8uZ<CHw$R{oOiiT9)=?!j
zI_=^;P6@$HI_u^;mQg`bc2ySk?HEBH!9gIvKN}Xic9rIKbyE=V^w5-g%Yz`m4<4F|
z4F?DJ#7v&v%3Phpv8xZU$5o!+bF!CUraFwjetn2_2L=TN*<Df469<Ka_;gJ2URoN+
z3&Y}KuXa$c*2GJ+!5|>OpALy$0}-?*#~s|qw5Y7iIvSKFdC@GzI*NpPa&mCe!QlvD
z*zoxH!O<vDsj*}k)j{0VYrPDc(#punZYm<asgXo!$0OqRxR{jWAtA6qG%z&OL2>AD
zcxYtAx|&ob9!f%<TJrdMwIRIKI2aV<Gzbjza++9b;Lv*_tB5GSHp;QDrA%z3Ba5rG
zG0e8(t|9q$YKU~9a}Z_VWK`mw`w2I9ayUVnxdMX~H@diZZG>R`Y7hNpU94EMtD5**
zSWHZGEop2m9uyH_T0};AURYl4pfLC_a}^f5)KI)6J|rRjjee$0YIu73+%WpW?qRe6
zT{%20SX5Nx&`6}P$w86@X*G1U&``Lb&_t}bt})CJJ~T05Syfc!x=5jVa4PseumAUR
z5y0u;|GfTp8T7LZ2tE@-h2S*u1Rj6@Km<VJN5}va04e|)3xmexumCs!JOB}Z3;>N6
z(gD~2&@~&n&dC9E0hRy{Kq#O9&<)rC!2a(Y2C?N^pEswkTza`-Y}p>>%e;p|2K{fJ
zDIHhL<X2@Ex_31FO=T36x*Fjx`hDWIz(WAvPuETS4j~f>H)ws2sn!c6l%15!**I56
zY_5)FgDXsT^2q`9ea&-+;dT*KHKXx~qtZJ$b-r+g8`wZC@lVCt1=5KrAB8X48W(A>
zAJ3*n(ed_8-^&yAd<l@SdO_l07Oc5M%bFCWc-V};{1Od_@`|FWAkv$3O_y6Fr*Hag
z4+uHM&uWx78l3;JeqD*&>dU}M{<*$y=a(nd({Hgcu96Kl%5ayM<^qN-5uFq{Yu6b#
z_CFHRvM3{W$Ml(3;_{*~zHiCe$$a3zs@D5TNL$G~4{2+RS|8Ct`Wjqf>idw!M%&Nm
zU`S^}xIy_0(%K-IKxl;YHnKEHstSST263>{BBZ+^3kz2OX>YW<xGF&U8*#Op8juFZ
zdi~=pq{HD7{pJ+X;;4B?C<f_q2;lZJK$;wBjP~P@F2|JWNe-mVvB97z4C!+;%*Mq+
z8XeZz<vx&3hZii{Gf1l=bn~+_q}MTXC-V)`>}b%%359e!%2sR+A?*%q-g*v5ze9@V
zE(6l=*u*?)hjcu;5{o4uEf0n-sHu>ihf4_DDx~S*>WqmB>3ZCAO({a!9*l#GCXl|z
z0c(#jr17y*m;Mpb`B=8BiiNa3ifetuA-#{S$^#`x^FvG^1Rv7<u!1{LgS0<jxMkZQ
z{g34L*AtKi2zR?4BBTRCtaCI6X@OvuSnET2Agt7GhL9#m^W;}vNEc*aVyYR^2GK2(
z(T4OvKI|o|KpG*%%2{iWPKc%PU@xQ<G8`kb0qKQ!Y*_k0njr<vwR4be$bIe63rIV}
zjEhJP(hqSjJI;eNMD|6jNFf~&W=cysNK0h*TgWn`Cqm%YR|{#1u<5#QK)NE?=8S*F
zB$<Ygy1*X~G)GKQ?yZi_`7i$Qope47)bzh-bs=&uwLM1soH3B!>u-r#iE+~opCN@q
zrbLb>faXRP<_}MI;q#L@mA+s4P1z7{Tl*jZYI}~j8U}WDk1d5<qpaj``%JGIYk>8A
zHcQ~M{o6UwGM8afA|oZ$I1+isWqqkQgkqcl62yjgJoOjWa?Y-EHSaX91gGVOV<|s|
zhe_OygvXQ_|GiJ|`tZH~2Fvp4a^5UezLP?%nD<fLXn6P4+v{giLE_0grtKbYYiX3L
z`E1HJGKjC68P#mfzYlPC_M{KqVP%kdV^c@umX;F2(8!({nhA{PA)<SWU&<!=+l(mu
z<OqSAdHT-yyiLMI{HQy3$F9xe(S9oB+m}e%0~pwKRF=fx@SRcq<)$nI^Iu;MVSeZe
z<dX0*-Ode;jd<>my3FcbgmRkD^Zfa+`6l;;KELZ#`?f*(6yun%211b`G2!1yK~J4R
ze@utdPs`-O4hzqD(S3L<ysm~O2K?54RAyHH^hE4S#y)zXp!HHaUlAMU9yY^$(@~f1
zR=n}zstvstj*4hB(k{>ATm0#dDj634k7Am}^^z~8q}^=E1RoB=+$@l`r#G4<l&7#x
zZ<s|%nY?rAz23G3m>BH!r=I@yER0ps%(+-1))}rS(L8rXH|t-_;0XTEhxt*_c?mJr
zS7V>X>(90Iy*^q(4$V~&_p3KWZPrrzY%iNmTJ2RPei{Br+xV%L^x;za&(<VNE&eZ6
zW|@$V>aUL!iQg^ZPqmuMhf~FF=67}?-YO+D#;HpsFs6u*{puX%nnS_OGk#k+DDbl^
zLxStV^e>x%J)UjQ`k0{OS|<Tf*4gzzZ2$$#14gy~blT!#44U_T_nS!hO5L@U^swPN
z?D{4TrF?{yGG1}tH{rNq+PHQTu1yKnTN_g?BDT7AR<&;HhU!KP@52TY`=jS!*GT<u
zzY3H@$$VZZ5F&_uz3kha^<s3QX*@_hlYKyyy75~mS)h-s*Ec>2(WohRnM8-OryQ?e
z{zxbP`l@X4ypbpV@Ajif5|wZk4y{#bs0ur*Y}j38$A&1JWgqfQE@M<GJaQFtVZUw+
zDL?sU#f#!CpF<kA%D9{q233>59?OMM{Zeq&WZ7F-EO{-2n4ZB@_hu(14?k>Ez+rL4
z`AeEs2+2qPSKl3X3iWTvXR>=`{|p`s{r2m0!6X-OEQtPI=CZsQtUW`dPR!kV{Fq_{
zA4aez^U+*no>@x=gWMs!7@c_E_hc03IswKFA#>#DLh@~Xvh);q78e~s6-iPH<;{_n
zC;u~_sdyw+vNaw&v-{r^1}z<_B^<_7T*;&)`Oh1d^a%Gpyoy0t=8$~Y2*IM9w~3iY
zHlA&&(2fgyl!?ar&8M*cO!=GbuPs=v*~=HLrFN@DUaF59jLKctzsjR9kVG6^3X>J%
z^dhX#-<seterump<s(RhOU0_Q&-~u`DeOnc<}I~eF&b~SEz(VuT!_vsa)I6M_}om6
zQjI*j(O-t<uXRf=+mgMr2(2HKlg$70^PRp9ruuA&o%$Jt-%fZ|iTl7wEn}?9lHy0O
z<HE`()-)SdI7BhZH=%!j-0el1*}S3l^4LmvhH9#EkBXlukHpXWtkJEgnEkHnt3r%R
z2341PomOrksjz4j)j~x9ou1>@h*&gnCZhZX`+<0d(1(+t!O8Eie#})u!ms9@mR#Vr
z4%Pah21Ti1h#_OkY3bJ<wjg1q39j_kCfSaCnS@`eXE=Gpqc_*YW$%5@cEVWB%=KBD
z4mo1`x6lVJ%haPSGEo+tY9s;IY*fQaZuad}2K-7HGo$GqwU6_4o(jvxcD>R;w5=)R
zOmRy^=xE2z#@UxAk+|&<ORF`3JUM3^{QK0>I4@M5juJ}+NN3qI6U;iyloTw{+eiDI
z;!{9fpnosQzIS=1O_I+RUg4k-`f6|{1V$NEZ>u^XN^(ZxO_*-2_h3$c{ps|&=A?2c
z`u=_S+D{Tn@wyQdE8;_oo<C>NeHD?VD&wv`bC-tJLjk=8nRkv(ixTN@Z&wZEqvBHp
z<IO&$3nlJR(v_5IWE0KtSTJ_{o);~5F~I+z`}q^R++nj$$48s#GB(t%FS?zuRY)Cl
zLe6l*;_O3fNfKRysnhe$Trc~?x^w7_-t!qes(p5N!E2?lTZ1a=o+jY5Cgdw+(QXbV
zzu?LD!@~c-*LnVK;P~$er*a7j;eKz{C0={VZ+vE!C`@;MY*xKk5)HELs=Z;XjuA;$
zHd^@s6|&h~>0)(4D+ZgJb1F&gKI*a^^kgaO?$+ag9`mlrgVQtf>2ie@wO|Aq5!JNj
zhxCd$T0-{YY?EDIx2rR2;`iry$60Kxk>5~WSU;;pkd{Yl3#3<W_c~xbA1C6(edk5+
zdN-U1<!Sw=MSUiX@K^7WmGD$jLRSx4bo%HNS><>=<s>VVo+}o|zO2EeH?6-ecxvT)
zd`U!)Q}iqF!Gh+l)2Z+y)5zDS-ud(s-&Q?fVshK^pT$wrs-FoqJ0<lb{;{<Y^~7k|
zJW@1uU2RZu6RAcfU>y!&@~3=$e(@4<AN%>lcxX)njgJY7SqI<t&j1)T5qH5apMuG|
zBXD^2#}B?JV31<EFBnCyNWA`#D8|WlchK*5FFJ;KBo{$axGTh=@#b<A#T0&p|91D4
zgXRrgp0MjoMPpuR00OEyZG7<+nMt#<#b5(xCb!x9zZ)1K+6B*@S<z?>zdWq<$nJTB
zQe?6i#iwb{v|0^hj|Xb8HqA6>J}-LjCovYR`yKf=Jjdqj!e_;Ik=z0IL2OgGdL9iv
zIgN((6Yqm4<n2YqkJr!chPe5<<Jwn$`6R3>YN}*2aMoB1P5x|gaUc8Ksy=zxDZ4IH
zjaBgaoD0tTpSTAQ`GCgCtpU*381zd1hPTQ}+RU7I^{v5<@T3dZrRef(!Hh^VNhHKb
zsY%m7t12LH^?;_?^}v!d1^LIV&hY-D_kOeU>(hefH-#{kmPLJU--ccL_<T5g^CtfC
z^c3Uq)vIrFE-p38y}f$L+}v7bFfeeiwzef>Y;67p4-X{U^Ya!BWo29H-rkw}LqiIQ
zAt4{B1_!01{rw|vZ*K{Xo;};ERZ<#EI6g+ZtEkwQnVGSz%g_I7T2=K&Av^m!U18ys
zuDkoY&5n-eSxrq{UVs0Rucf9|N-#1ys0j)hJ4#8(1YBLgUW|-rhVt{9*cBC>YybYu
zKY4P3eB<Vpy1uaBQO3igYe7ID#R?CPj@;j`lTJrxt=QfD@*^=ZGxxi9c|r&XSg4tq
z4O~cIA}cPgAbn6!7TNl`#LC_t<0uo8y+&>AXrPzZr#~ntWVoTBITY;do<^jkocv^D
z9D>fywM)jvhxNI+ch7ZnE(^uP)V=5C%$w@!#{5}W-so&>NdDsDa(fvT_8w1H_u}*9
zq#ZP!;mN@PdnYxune_cV)kaOtfZy}y2aOI6?K8u}it+93KWs%rp1P~5E~lxf&14uE
z?NpDCtA<ZZy!v`{#M)b0`djnvj_^QEt~WwmeLj<qPv0gyJPk)dVLayM274D477;!$
zF!(`B>o`|jT;BK7r&fmI;*F=;+GqI%1rINzr8|NW6JrokQYxfAer%%=7FKq>xPU)t
zYg@5wZ0z(|T=c4<p|O<3#^$Ded?fvSc82+PYRc*R=%`vSIyycv9-aW>{ytZ?sp(q#
z`}g?*^7125L_{K-Jw1l0U%s5`2Ly!NOGqfawz4W8c=2Mpm4t+i*TW-y%gijdBRDvN
zL{oDzXK5+0fR@%qo|QE~FDa=^EGjA#O;K?u?(mSMzqxt(6+XT=^YXIamzOWs+tAP`
z2!H<cu2@|a`^n2|U?nQ5;fab$iLavaGX)V56`h{mQQ5>~v$?D5#i!|M=WpfZM{*Vx
zpL>#%i$&7Y3wbs-g{J-dVo$fXd1nU(<YI+{o;f=?H7&-+$HC0bTGeQ1Ol6mptg1LV
z)-M<s+?Jo8Bc1*E!!T}bT{ZOjb;5aN<*pJkGBI{*>#U2fZ`3gZgNrIBr@IL`Ilb`b
z&nJfU_5B`wecJDLcIbwG{d$|{>6yJlMMWd|^y#m6-@YxG$Hqor#KeSSxw<B;N=nMU
zZD{Cmv#}{1QC40^f`daqyu5_D!o<WSH#aZn5)d$TFf_cWY-yRWkBCSn>g+W7KtaJI
znv>JQw6-Sv<N6wJFC(Ll4F`vh*53Z>)Q=yoB?$@9NNH(b__DGZIVdS<#UmqA2zGa=
z2gk-#BK7qjOPQH{wN_SM7sbUT!sX>%KZ}kILczcwBK`h-(Ryo(XI@seFU-!ac|t~}
zJLJQMY8DO-A7d;m9LnnI;Wv7E_r+ho&N&ehin9OTw|@UWX8vcK;D0~w06G>*Z0mO5
z{}y;>rUdzJ{+blV=o82wzS?(`^Acjb#Y<B@orvWQ(_5h<c`otntTI2u5+;=Mhj!N6
z&wEAfgy<XQ9dV);9_$QgUp1m%={nS(tZjW$SU+#H8A*pTm?5W}zw1tD*d71g`o~A4
zif_=uE!YpGf`0U7;dgI~x;*G^<WZC!AiCC0$-K$M;pt*ZqP{eHd}mTqmXobRW}1q6
zlpL;d$f21irWEO<I45au#X2_3b^jjWb$Q?{=~K)v#?1IqEK%ZWu+59rMEX=Q{)YYW
zo=rWU+ye+`agC5Z@H=ZQ+gZ2$ydEfKlU{n@EgZt8Ii7xj^~B|)psec4&Q-6ozVn}N
z?gmt+w_Yju?>wF3UHB{HcCyBebxjs|izxN7weoq)leUjeoi&(2FQ#U5!;tVBlGqDs
zJ=FA4JO#CdtG^lFn_0Ybl)b`!%ghvqm!92EuPEj^v=KgxGm+Z-Ih6YGlTY^uoD1@I
z>20=kKlIWN8PPv2o0*000~TKs*`(!BNE|QMp}Bt{Kbq8)OypxU-S=iy3646X=^@?w
z(JS&{w1OuVhM4Xbl?KO+vgWCEg0G1YN&N2&L)$<Et18RJhl?ihqOn~&`Bil}dlt@e
zf@j63InGKe`~nW+OSFR>S<y2GWw`kmI$vSAO6JWe>$Tu7y9gN~4D?ajlS5Bg_jbR(
z$>x6-pV49;$08ABhbV%hhM8+1okGx7x8!oo*xLS$=dSx9$b9WJ@02Tbp2GeQ(iim$
zC`I}SLf$2|*hGTXHR%@5JPWkAo(@bTj?Rcj;8M^Xo$HbaYz4lY^V6oqzoJx?&64rp
z=rsA9zsfny{B^L>VbYj8DeR`!Xgr{I`28lK<88GQmCgqY4Y=ekbt|7wzj{<+GU<iC
z7>4)1_20g1DrZt$UJ;wmVMCk6^E!5K{742PCI36}FVaa_8u6cd(GXJvy`N8FH<Zzb
ze4|kxC7%Z$x~(s=H#dwp7r&}7>qCZz-MP>#JnI;fV<4yD!>Up`u(3=n#m2#Xf{cWM
zhzi7^foe1?CJZz(_uoB1=$;XD|M_1G{&NCA_u!zp0WZ;auin;_!tNK#t;0Q)EuX%h
z#n^a0>Mk01bD5e2<CL0AHTCHGVRW4($aOH!!>c=#HRTnrRgJ4rGW?-rl;YMtoEySM
z`5zPA0_0|UnclZO%kjy2+iK|N7)vYX`KY(;>R*Umny?+pCXMMDNBSPuxeRH{-SH?>
zK9ab^DU%K%Jy|@z8GPC=qqB3lb-~!E^z6@1zohV#xSYY>aAM7;5iTW^-U;*moees1
zvVsYnmfS*2cH{QWz4ciVgGh~k8oV*RF+==imjaLbvQ4a3W%=lRbA`Xd`*VI2=YM6|
zhlysk7t?iG-lpenx`65UTk~gOFzqw9PX}0I_P4eqKNYN7u2XgXqM3a;o!|8v&>%^L
zNl}K4sO!k)5YxRW#Pd!ka17N=I(Z{-A2aUs(-2GO_3J<F#5PGST0=x`a005bp6^lX
z9J1&cHek7S&)0^?5s`k1_#m(r?q}DZEqHJVYfH5od}IDvEoXFas}M@{9mhl>nA|?k
zbiQ%(IOfBLipWCZLq2Tz!J0oijN&)6#T{(e*bQR1Tj)GTl=ylzzn(p5vA##zTJ4pN
zAXptQ=w{47(un#i&`Xz&fsy)zEmOlQ-cn%pqoVZqeYmum=z8qb>zW=;2T6zf<JzH7
zskB$5@6DJM;Wu#CotGslt%+7y&uA?kkVBOk(DYxh<{#w7mmHOR!RUz~{G#0*_BJBh
z$p`^QmpT7$_~GM{_t8ss#)-QTn5m@b;k46MuOGLp7glLo_>y=lRe05DMuT+B1(RP8
zNpLQ?wI9-5IuO|vHR@P@Ou4;{;#+=mASps@?d;^~$HM3KLYSoRxs_Lma?5A3x3=Yf
z-;lh`;DMDuc-lkfxU4=0{%Br>+{lf9QP@&l>6gWX$7Z*pLaEucej5K+V#<%SvLP@J
zOxex_(}$Zr*^=C<4|c0)z?torKOX@Db0nGTQ#jdIi|kG)!@-?G64fr`{Wc+T$ZPtw
z+I#&$JZx>T9q+iBQ&w7mj7`UYorwX01bM^=ynf=VTGQW!-^=R9TI*0_!(@10$d`KL
z^VbD07#APE``qR@%iLhSe@U;ZbDqShy@qZ)ji~=|{-cK9`?0=TglGo7ENsc=EF{z;
zdbu94N+s9T0W$nIr}Qj6WKO#N0;wXgkBt;vq{YJD3C;XZ?s}9iHf+6rm10r8+lx)L
zcx-z;=+~K;RuTUN<2MdVQwCLHGAS-oWx}R8az;2$#g&En-XD`Ag@V2Pv9Nb-FKfpx
zXe_Rp(AW7cH&a8(5Leg>3fT{f*r|;(Y7%2cl)}))3!Y`Xm)G(BMD&C{uZD28n6dxG
zSIO3SG?AYU&H6)6e_IAAIsO%WP4O$oW*fOLN1LuxWip?@5Hsy0G0aWDpNLisMuyk4
z;joL-Sv1e&C6;;jh1Z)DmLS2+x$d%0cokgI<7y=*FE9pHirSTb#7YKSNqsY%&Mi{7
z^rT|ooXii&4SuPU^Vde@wO!y?5;|wE*!$M@ww*3hPn6$n;MzS`x48AyM@Y88`M5HG
z+-7oNyi{F)$~W)6ijYl}8Ha<4BKp==^ZsNJHD&lk*S?1~V_p|6x_M<xlfg80@#;IQ
z$Zakv;Y?$0eU04%i;7t${CL5g-wabcidFrtZ{AyL&WkM9MqhuBn_ScT&MigvUi|Zq
zX|H#g#W(zCn)<GKQ3jf-p2H4=6_uN{rE2}Ixauq}R>>2`lRVOP(X7peuh81fjg5aC
zWuBhe@8W*r+WGYOfaf}$g=maC2M?bmMeyKAc-ASca<_aos?M&5vSBhB9!k?&FZ0<#
zeyK@dP^xh{;qx^Szw~pO=Pb`qn%%?W#EurTZ(g+AU*jXj!JLhXl8%<+lW}-_eRAqH
z6GphWla7f~(AgY9`kmSxRSuJ8MFaySpy}hw3Gq+g&R@zG8U`$0YJR*fnh9MqqgYf*
z_&^la9a$SeTt|kxB>8YOjGi$f{?HHiH;Xu_!DVyFP%TsOFRzew#mU>;CszT_q9_XN
z<oljonm?bZujcY5_JRK}QTd$UbE}qw+Dk9HmHGwRKn<GR^Yn5~-S59xQDDB+qli@U
zYVjvj3tgy(#=BF?7JsC^y`p=_$)d2&35>7oiJDS`f9`9)M&GOUCLC`_048vOrYPnO
z9+vdivG#XJMmB7mOv}|>3^I(kg0**)72jZe5O$wlmnVE}oq5woW+lR7luW-W7_`c<
z6nkLz>D(Y#+zdzi=;xK-)Kw7WRLrv;ruXxvsJ8ErV{(T}_E6*!RfqEgU9p}TR0V&_
zB=P-{+0vo2J0LYc`6<06Sk=!*ODpbJ*b*VJYDm=A_O*qUR6UZ<$o_>&nY?Pop<g3t
zx?*wI_~Vl^9oe}9uc*;F5apve<_Gkm@<Q0<#7*jKHf&FY*s#ri(X~)8g)R6ol^Ikq
z5Ik0|g|?Td1klV_zrCB;R(9H6{rM_~=!ZgN$O<z5H{D;E4u5D-sc8+!@trpgwVL9{
zUIYaS?HGM3>i=CO-c_UN@F8%0;@Au6&Oc(BG&;(8*<)*h!Lhk2XHOJ2y;-4icJ_pO
z+ur?<Lsjmp@GZ~HzU{DY_IEK}cQ~;#&upeULCZOvQjI&*az0b7$hDFD52HmpU%5Fb
zgFIDqlbj-FaSS=)6X4pCnPo_+lx=>8P;9TyHSzkWh&sY~mR*=z{s?G{&WHVTvXFl8
zC^2J&KPSevO|86yMuf%v`Slmy1GC7^JrY#*Ec%b9l3W(ojkK0)yRQSil%zih>hqz!
zDV#M>|D;Bg=b&iI5K_y9yyuT_(X4B#bdJ`kJR-XPf@vm-TL}9Am6$;;@tw9g%oRJG
z1QFhdOWLOijY^LU-5wdGr+=-5Qh#7bJtxzVwtDlf`ko6tEE;vnn{IWUIE&X+w6cIP
zd|80*Tei#xp103&zCYYzWR-?%BE5%mZ4p$yn~CWyhL^eDK<jIFk92*yB=|_#s2g^`
zw?u_EZAHW{xgn1%GAdl=Om>20+-&ZHN+n>0**cDLk!Bz^q2S&e<{Hi|UiqH(TV0is
zs{Sh%E|b>NHCIh4@1Ad-FMAH$<oi~}39C9N)O@kGn5A&U=U9ebS3N8CCXzYeIGio`
zKuKd-E_N1Bta1}Jvx&F*uE=pioL%mtXvQ)1q@~xhB`f%zS2>R9lfN%!?diW}2*R80
zX38HG+AI$25BB}3EgC>hp9>Px>JXqs?}4MSj%!Wr6i&=(Q+&~XNIq$-EkpvtGmTZW
zA7S@<eIa?!&oCZas0LAX2*F<Llk3q?5Mij+o~G~=8U2}q!hU;M@LH9}oKf8OA4A)E
zT=aiQMlga;a9~mU<gmV~w<S?{=YDjMCr)RDF_bzP{+`$1zGfb+xy%+!@1a?&+stJC
zlxjt8tESqnT*O3Hc!Zc{LFoJZRnru8KR&l=1RRgaZJE0zeJQ?YZ>vTFhMDtO0UW%i
zwUP+kmRs8~K^Ka`apbO2ixKO>H=laq6}303E{;ii4Jhx?ewYO@iX(djz}?7Tf?p=h
zyH7X!lvSATo+Bdf3?;aevZ)Z|VDcequx#6#hig646zti$Ki_Os@x<InAAd8{^-i)N
zVlvP_Y0h{7+dNbUcUp}MHt$ybR-Pf!>#JxoF##5S%f8|-{NxDASDDrlnb;)rW$aR2
zf_5_;h!1%4OPzPM28f?0-lZk|@-rr<6;P?kYjc`98q|DAmwVuY*>Y+3>bc0@;hvfE
z&qse&F}8WbNvR%b;nPazmR~m8-$*5%Rw7Y52R;aw1dCZrh<?edcpZC4Z}Y~?VBptI
zNFz5ZC9_L!+?V*=TZPvQS^ag~Y*wqDGSBs3D+3;5ElrWH5zw=%2A@_c#@@tmKO2kc
z)*mT}?@g@1bh7P##~;)>kFmX0Dt`98KHr%a*5d218!>ex7VPX8Zc~Zg7n6?$;yeBe
z_Jm=dJQ`p6hMC8(QF>N8wxY=@jdlJpd(Lq}ZXb$!B~b2d`g82zN7F0zP*MT4#G29j
z5Cp<*+zvmgCbcgXl@(>j_lQR!<UvJihIGTH3dH%gAJvavnA+fL8$~dAa{QJ4z8K2W
zBqbq|OH{p)GKo@%aAPfvHqLxk@>b%zEK7a~1FWPX9MihjPsfP{WArt~x-E{+=^+X4
zwq+}vE$hxaT7IK<lL%87uJjJiv$$vJ9V$+)TmNPKfNRBEZIGmKbRE0SEsaMB-(-t2
zyU6;BvjgeHZp^tVTWXlnQs0}qEf*WYOZ}$uOu9Lw=5Gg2Nu?1itD>iiUn)z~)K^e<
zkrm>cvb=BR74u@D=B;~b6!0OCd~qz5$BrT)_|srVqw!<jhHc>b>{r53zA1)7{*OgJ
z^7X{RE3Y&BUSbd5qFy;M6n<^_!1=<@SB6jC_KjS^afnUS*kuIF)EoY<1u4gS`V{de
z7Ps?ll!m=H6Z1bRmLI>>xNT0Ooj?3Z2;y=qEesmC<njOgGWTBoIIs}wBE8{4yL<2#
zDea98pOcmMAMjJ@-|KUG!Uf@{r0@~;lTr@_7DZ0~pCaFJ^-*UTfAJVD{Pb0R#o>tD
zKF*SbC2A!2B9^Aycl5Smik+Y>y?;F_xggXbCD7D*v8B5^nu47ycR1%y3D+mB>jtE8
zj5Nl<xt)L^XR#{MfJVVG271?L8AuWKb)?fPD!zB?+N`M~hHup#nPM<M<5~T1`%KVp
zQzXe4z2q&&fA8ja{n|22=b5JJX&ZIyF8<kKq)m%zryY~w*8xtuw?Ct>EgW9!-gvo2
z<#)lJ87aQzR7Vc^{gW`+9A%p^6lU4Kc;~%+whw8?(twtKxkPsNK}WG~ZXO@%=l8L7
zI-6|8ox4%0cz<4bN-<^rZEYW6&WC>+hp6%6PnlK#t#6G^G<fh5{9Se2xyiSfO(%j?
zA~PNVi7%)1!t&upk1AU+I&t22_v$G}1P%NKDV#LqHs}$4nY|_?sr8aclQfyyi`g6|
z?F|UQX}lSnrZaJ4sw6+NafS2M;^k&U9@>XWT(V^1(2h{dYJ&+9ijpt)CYPy{w{p}!
zJ88uH#T!p>sn)w#8-$^FxuCM4fkLj$I8aq#d+5bokZ~zjtG>?}(r@gw_@R^e?M!^i
z4*5@^(97t8Uo>xfg~mqB^u)E6-y`UzUP<Ydp2|9ukXd*Hymo(a@=*avH<EYVXLF?s
zD<{vupEi56eww0>jNc&xE->=<!FeA+VQo&DbSkr18V;gGHIBxP@ph1<%gMxCqx*KO
z)A+mD<fIg>mDL={{dC(MUVI}qWu}|A^-f)f_>v9-mmTHtUq(sX_8QT#N26gjuT~Oa
zMcXP;vUR4Xx`=XXU&WhDT$f=`3;A5-XC;2&hoPcN{ODG{(b@EzOI)^H;l=N$zYqG9
zSI&oL&)DE}?Mg+F9(#7{toQeRXNq*Q`aJ(4d;Q)yIP$5g@@g#yCeE+r1&LuFT)v`D
zdw%8U+TZ#wl3DfrXaxRK@tz+NN;K9Z<e|+<Q_Eb~Cp29a^%o^$h?b=n|DoTsih&Xq
zges5rvv#cJ4O>j+XQXUBOyQ-JVJcQLcXN5|P&(tE(EK10fHvR+kO#&aU_cTE7t9TQ
zd<^WC_P^)Y5(;>plX_Ul;Nnx!koZe$Kw(vf<Pqn~^MeS1SLWkC&?t8A5~ZCP%2tJ5
z8^iK+T>d}geR(*QU)b)u+2(o7JQFfc5t#`QG8P#kQ>G+y=BY@8A|*r_LxfD3lPFUq
za~VS!lQNyPu)njv?+n*<uJgzF<2=9L)4uoG&wlrM*M9f1?svcYz6tI>R_Ley_8W(U
z^oqguRjr}*-!}-`j_<Qv))}z=ckR9M&C7{7!}Jb?Zr>x9xV5FNpH#FGw4V-&T*CXV
zfOe9(h{H%ytmm5fCO@UF@yGYL(0@<$-};_^^!inIpxjDo{Z~I8zLF8r8HuT2e~D!3
z5BhJ5h@OiqE(sjl>N8H?eEqqF$)u+CP5iA(Be%znZTmcodKDrn6Ky`ve7i?x^{$f2
zrsY(1T^<G10F_=h?WbR&#IKn`dVW%h&4+zbwVt^&mtDmv-)y2Y{wtLB++S;>-)n3>
zu?%jN&7|^40#`<?zty*dUAy>To>$m7@5^_Vkg#iKsf{e(x1Seb<$tu?`0USL_up%r
zH$}WMXP=LTWsn{Fz?@Raf)}1aF8M`U;j-v8w$VR-RsUH|bJ|eU#)SkVyw|LvKruz6
zC2(8ZN+A2FdnPsDrM`L8y#h63Nj$GtE%ABl%aK27KB>lEW5bbR7DkaUc)xJD{LGA+
zW@rk3hjD+;EyzXhajo=~pV4=Z=?=b&Jui|q%YDV*Rx%g9rLZq<6Pq*1-Uccz=|cF=
z+YQ58jgA&+OQ+817TkXm623xK{%v?`@ZoW17m@u>1EaU1=lYED*iSHtgfVnwEq+cc
z*_I<0mwKtz&UD=Gwa~;LG(FA}2192So@Z7;r3>9O(l`E{)9rkcw`PCQ`iU0XiJLrH
zx@U?QzSxf_6CYp8e!k)VVlhK7V)#0p7t3WQ|L6x&Xl}8bepxNUs7<fklUGVtYSpiv
zQpCY$y*}ptp*1$jalhEJ`%iMd!$iT)R|4ny2VGqjJZU9NWg~PhlE<sG67<wcn~J`C
ze}ed{A7QU+C7MEBowVlSFZ`LmojzLZobqYozo>7uniE|>#l7i~JKHzOyy3+m5GXh9
z^o=H2xhdw!)2=hIKln=Oq8uMZlG2_t8d|SrHQE0}mTP&bPqQn_LuxPPEr(5y*>)@4
zN4M(857V64J6XHqr-f1XZ36F{wHLZAP@>xLkhXM%vSH{3VX=2a;6jI4g#^9E!y!&P
zJ*Ah7Z;2cWe&W~juh;Ro{#hdwO5*!;xx=C2o?n~QcZCKyeGesmzt_8xPLDJ1#y6eZ
z@XsteCZ|ss-}KUB^7Mt_vwh_%ezBj+9@9wta(~Gvs`&MWLrhAgc~cCd@5u|{H*7Ue
z`xXC4B#Lp}#|;i&4XII-&TqPu!uR^s?JIxjHI_Nbg43?2Dv4_ux{*kl)Tq2aVa!}G
zE9j4=@1U6$x67g$2n|cPt9;6Ux7F5gefg7TYQtYHhhFVFXUTHD`ozYOo-&gbH_GE|
zOPa7BaQb#vl=$}?5%Y#{b~6t}Mj3V6=?euy-P*%%o|!3{N?Edp$C>8K==T{vRM}LU
zoCqqd-%@)Q#pkkcg7wFj$~U7k9C(lY$HxL*x)sfSexaa#Rb!rc^Ig)5Ks&=1LB&or
zin$U~Tt-!Ise11fyiTH3=<j+<g)5Tw>h93syGefgV$b#+6N>vS7Pr1E-&smjRP}N6
z${Y_iSn*hBi4R!O_;|Y9l0C)PCQIkh?s%ESHl=xT$HV%m>^-YR+|W^-vt#c4WaaZ)
zgbdzX52N_2o2_Wo1&$e9e^Sps(A{uO6`%O{<_Q+bjh})KqVpYyr+w4$K8u9u2#Oi-
zp7F(fo^|K;SYQVEgMcl%cE5Hen}P*yv1cXQ*H0BrRX><1WD`%XIy`9$=Fg2v^ySB^
z<l-jwBkIqtC3D>)xX*N<bcyUf&$F7i2f3Cq(l=y@8BeeX+4O|JO3hKZd7RI_dDLIx
znySx}!j$ah?A{4J`OwES^kVZWgKdT{nkTN5sQ;rGqUj&hs9z%~{z})bdC#ShTlVAW
zdxUylwC5apk8|SUJ$`GaXSF{bB1&+R#{?x9ocr@lzUZn)d3vefgLt_?TTRterKg>B
zy%X>8S@TlvKOg0t%f4B)$WbO$=;myPM^XFS_0Ol!+|}tn3zVtnrexc8*6ihZ!ZMRT
z@(L4ZzF59<ZpFj=={lj1>8XzuH|+Ah7(~x0e>n4wLm+%LdhF?zT8y(xv6X+E=_Rf@
zR(2F_D6SRlp8;x_-wI1)V#7C{Fs#4hIQeMAGqq;q`c*SFuDUUq-_y$HH@ylwi((DG
z%d6*`ReY7*WB-0^b$ZUdOKo>4IQQ0B+oxTbmpi^m%t`GHmZvkT33*4jd~S&-r9btN
z<wv46I)A3ny5Xs=59@Khzm(=my47t-9XTpn8oh2o`r>wbjJr%BKOUvs;Wqo*neYqW
z=n?_ZbMk*$g*e7LCY6oci3+Cww0xA#cNH~GT>15_eu(R4jO&!fWYoI6Ubo_PI@=28
zx<-DrT@J^R1xmrunQP?bAF8S+PdYBEcQ@QAqs~pBQ#x<^p-Q;j`%&8brIZut7Zx*g
zJ$#9}mW6Idf<Kvet~NXsyLIV(`ROx@-dQ>sEjin*SC4(*rDNcKG%efKyGAAH#9kfQ
z_@#EhIwSPo%*8(U9p61GSE{lenND+}^JgNH1PC>4F1+?k%t1AiKC30CHgb;r>>Y$A
zJ>{f5+}}aW=4^Ooan@UV<odgGyp7%45drD!-zz11bS|zukZRI@r)iUu@V;;UUeWBT
zsjS2Ax5kosF9J(FzbSqVniXsb?7wR384(~y`LN<%Vp_skv5L;3mpCMLF<$rI(7Eqa
z5qx&Ez}7Gahc{va60RALqwn+JwZ#VTJ_v{@K^h-nc)c+EZ3wJ~*A~NoHJ%6P5Q`mQ
zcztpcNVqLn53f~*0qbob00A)v1R!9276c$*J0>6wJ-P$2@)3shlOQqMhu22KfHmd^
z=nx-VL=Eo4`b3cM+Gp4wcr7#xSnqd$4zcVJhV{K5;W`S|Q-Op5>zxkJA?82Au)Ykd
z9oE5sx3LH45NjP_Sib_&03_T#yv7>_tcT+b17cc`P(K1<czrge|L~e_7_i;@03Bkf
zBMi6S2@=zP%mq@g-u|ctVxA)m>+`YNvHKH=)vk_JKMydb|8QF{;4RcofB`Yf0XiK2
zG=Sm0!Tp8%0Rz^+-^sy%Sm6L2)(-)UIo{wk?J!^s{2dMqh=mT&VSUXJhV7(SI35e@
z9$~n@TOcw0$Hl6FuL%Qg2P~WaWBi{2j2VA!fMLKIuLE?5C5|xMej7;4_`~b;VZi#!
z2j~!U9bs6Xi`5R6?FRwt!?CdH5r*~CATj-iV+sS-UpzpEnCS?^`V^3u@mIsD3Bbaq
zjxekr1PR9iZkq-q47h!l19XT5k1(vS#A?U>yx+!Z*TJga02tGM`1=MJaQmhQ=n&Hb
z+yoM~!@!Kc<l)_eb{{M(bA(}kx<O*bAM*ztZpY!M24cP=4C{-r+Og-8XsmWktokK@
zG5v?nhXJ=~b$|{r+YyG3KLUvve><!i`1?^9@VSZy=<s+R1sF5_@b?@rV2%3$I>aJJ
z7;e8FtDPJRCt%@oM;O-cfV2U5aO_~s|8UG;z}KPziJ5;Q0LJtOd;Y%$+F`(Y@dI?&
z{}zBT<AZ%X*dEoudQPnR9IW=E?i_40469uQtNuH{nC)Y~Ul*|IAs2=L_xB!1%<+Rg
z|NFxN5U@XT2k5ZAA7D5ZaD3o6z<@Q*2j~zB9AUWqmssuaJ`7lY>i`{M?IR2yUjvEh
zKN_nBjyDYWTsn}j24eWz98CYQ=l>hvF&MB$`T!mFzYAbY|FP%)D@Qf3o)@dW5UU;g
z^B9HIu7Op*05GQia9c3oE&Tm942W3|&|!Zb0*pES;eNn?HSqV?Fd&A%|AYa@XBgyp
zkZ}C5=YM$J1PoX&e1Hz?YmYE&$KKyNSnYaP_5T3I^dA?i2D@)GpdG#+aGR|lG2_n-
zFbvp!{Qw<e$s-K=-vJUc{@C-s9acSNJFxy4Ry!^hj=;idM;O-6g2eRy;4=*F!~R%+
zgaI*T-hlP@L1M-qvmICy2oeUwn9l{Q{|pi{{%{;%z?!QE=n!L$Ls(yh)sDTtaaiqV
zk1(v?1c~WC_VH$hRS)0yCXn!TVPM7|GtRKx_u!Gknv+KuZvO*F%=lx^|BhJo$Fb^P
zV6|h9XAD;R8LawW0Au<OUk?WCkM#jM#F%*!KAs5@GyZm1H6d77=?KI6agdnt$Gnel
z`yNL%5Q`pRSl@`%j=jHkvD)>q>h}P)0eP^mM-wjGCfp|&5L1GLeTMitNKAh)`vu!Q
zLBfDo>;N5p9-9G%+k)H2p8svYeHgHw0|F4R|JeuVu>A-g)P!QSD<5H4{|zK&`}jxg
zaGT~>nBfS+`XrE;;|Ft`!+O7?8i-|&Fs$zbi8+3#j@n_36Bgz_!mz#^s~y(CfVZ&+
z=n!iiVOYNk64QU|`5%rq4ES7HkeK;r3SdnCF`qkF;|&r9#8L<7a6I1ujOjo2d}x1E
z1M7LP>I<;ivHKH=)vk_J{{vu5|KYY^z+1}$bck7wFx=mCkZ|AN@c{P&2CNS{K!;f2
z2*diXATh@qoCjdQde;MVh=q<YtbdKwPKt%&v9RtDhV_3zV)~DZRRdoW27E1QkeKm*
z3NU8;xdDa&YrGE7A(lA8aQp2bG2@RtA6~|)=fbMb!)nLD!r@q06{~&*U`+oHKEvQX
z?9auc8i<*WFzin%NX+=F9ks)n04#j!2*dhMAmLcRZPS2+0qb23&><E)!m$1oRy+3R
z{Wey+4p#kdfHD2Yp8rj;>gfS)0tsIi24?&v5APnd`(R<2BMke~0}?a-*z=(SRy`k9
zeF;`O_IwhJ)vk$E{}W(L|KaPwfc>;OK!=#^2*bx8gT#!#9ac>+7FImMuzn0AX8f_|
ze|M~U5v=+KtafrNoPdSTVb$*fYy<M(*g+jW0Q(Qe3<kthAWe>N1h~cY2Ydd%2HIi3
zdhr8vIRCT)j2R#7<H7c*2G(<8)j!2*KkClGHp8&mRj}%(0LE+|`~A9rRnLf3pA0bO
z_`#n4{juuhu<8c@hGPN82aW>_*k|Vhbch9xFnqr%u-f5$7_k1<0XoFmM;Jc74ieLU
z?D-asHw^e(I*_mi;{Vh2|9kKpO#iXx|0|#!2HYm^0XlrYijFXB$NoG<VYO>u)h_~!
z=|6l940wC#03Bl1BMkR910?47hwlRnSby^X9pckR7}k$~#2jzf^S>Kby)agN9acN`
z{@%fA*Tbsc1{l+ST&x=GzR`eo%<&J8XZRRA9=Jimfc?LIfDW<b5r+ML3lcN_*z>;~
zRy}4ru>Lt#J1!QEz`|-r7}n2$#PlEb2?p$s#Q{3R%tsj3KLCjtf6R7Zec(|I#PUZN
z)_(zs8GkqqFksEq19XT_9AQ{rjn$65zj0XYXR+%40F3EB_VH$hReucNCXn!TVPM7|
zGtRKx_u!Gknv+Ku_U9u=%=lx^|BhJo$Fb^5vD&f6GX|^u3|9Rzz?lBS*MkB3V|{=Q
zF=n2Gk3Rv48Gk#hnh-3kbcA931W3&IW8O!&eUGCWh((Vutbc>mPJxB*VqyIw4D0tn
za-b_7kN>D*Uk+@1o|bdHe<V;}$1J|YUJY#+)klu=Z$E%P*sh9VHe1@7h+}opU+pp8
zZh7?sdpmaf^$8s|9_tWV{+^l~ePu-L9S2t{sTj$?uKvlqrmu)FD_tNh4-=K%FGs^J
z3f;v0YkSs=!q)b9OnZAYq+Nu}gq)~jK*-W4bk9n0erw}lG3xkSi1n|Uep}TE{M#9s
zb-WA7UK9I~A5gK^exuKRJ}uAZk%L4I2G1@A8)xadssH}G?mAJV&G-9l){EwNNtxte
zB?DUy-+^zkRaCg-23~b9$+tudCX2>>?<|F}JuuUB)c=MUOTN1+&f%P1$4Z!oZr#UY
zkk*^BJRQ>E(D|&O+v3uK$I@_;$Gs<_T$)dAY9`4gxV_2KZ&RbfiAYsjJjdBv6TyK)
z%21`mmb}F<YfjIv=&r@*dHYLT^R%yb&?NpVUSi>OoH!!?u)2k5Zh2~c*^+T*`Yvy}
z%giwo)ygcKe>0i#0#DK+owwQ0xXM&S{nHm3KAHASee#*tSALo#IzAt0@_c#$S!$Uf
zeO6bgx8GnoSL`e~CS7)H={UC;epzQ}dQxkrDNERutBkg^RyW>9x#KhuH2RuIv@C5X
z-4cHH#)4OVskfRbw3<iW?as2@TaKMPht^Pj*++O1ABb-ozbkzEC3{KY9~1iGWqMYj
zM3kd(z>SPQzJuc8Wqe5^9^EpUaU^fGTxP%eUz{;r)OEqx4^}&0>2p^!FZ3_jRF8M`
zB6|2Iy0PHc#0G=V;}Gxa%0Gfd9D1$GL05@HjB`|uNoQ5fY^t8-<O^aEqWIln`*-;K
zl`Zj>erF0A-kcEnq0Ti1^t1a+ND&_$8K<SV-I5ov)$U%c_E$oGhUf;eJI_6-#7XTl
z6u(d^c2^B_eTr>;LHZ3P_GkaLmuvR-g=_BX57|Zg-hVt6Io^D=k)U`eTm8K$MMhj}
ztQ@LKw7tAXys;9W-*4!9?o(=snVTL}!Mo<j54PTx{Suybiu8^4LaGO;fviaX+)Vi9
z^)$-+Vzvlps&MN*XLbo)WTHUGgSwEBip)~MpYH^&<bJmlS{HjhuT<EZ)MR;kPAGG*
zz<8Q8x`+5PBcnA6H;KS^^HkQjm1(};gz40HqvZ-`%+!rIL;UuN<<`8K{;FR?zKz^7
z0vdEJ6U)w`+X1tsFWWpfEEXr%ebTx=lWI=O$wm#ci$=sSI$lS*w$zgfG6k**q_&7^
z7d1NEb9Q%pH9R(uA&M6~!Q#m~^2^YQd6vg$({*ac1>H@LtH`My-FsoQnqA<EzuNBS
zZhyIOmCc?L$$G73RpI>;=ST%+0<IdpR@mcUiwZW8Oe<SiqVcNOA82lmQtA(0CdRC@
zFnj}ZAEQUK`(J(*XaNc^p2l!0>BBwLwu9PlFu0n)cY`1~L9&750Lcon2P|+tg8YP8
z=-}c}P)VBXGl_WJ&)%Yuw*DroHFP~S_YV#}F&mdd;f$2!^vMg0d@hY&Jrj#&#f^TW
zNof_-yY>5=Y6je2_UH~e7EH?PeYyN>m5_noFE%3cb??=N(U7pTiVxZ&J`Z2Dnf;{{
zGgu*EJ?>oh+4kuk<B6Lw_ez#TuO+|u!C{lNO@HcKzgu<7r8x=He{@PJtybSppLwU;
zWbsqT`_UWl4R`G)`{HH6;PA)w69EagLNltG&F8tVlrHdkly|DN8}G1l+U0E!5HSn;
zrkB0f?9%wCGwvT3os>VNsM=w;PEIXz@s~j0o%p-Aqf(x)ksXseI~ElAAZM3_$F=h9
z`AyXS=ev*K6QEHjJQN}P`y~w$t~=n`53??b00$)0J%!qkFus6Ws4+WrbYBu2hbKYG
z9UZVC4w+eTiQV$%^8r;auNUfyo?Px|4A=jWXS8q3;xVxL@AwQQtFY5}ORQ<xZu4wK
zDA*?an+o}&E65>`MIhn&@F7UpFUaHSLBhY)9Uvcogne}ZIS3L4=Hr2lF>UZOgm`*-
zBH`iTh>(yFvb3~>R8&+T$B!RJnwpxBnVA`6dU_g(ii$$a%*+sJX=!9(VF7BqAunFM
zKvYyz5N>X6WO;cRxq9^~lAN53XlQ64jEsy(US1x;$;k<ReEt(5Cnrbr_4Sc+=guLl
ztgOhDD_4+v_wFGL4Gl<ibTm>^Q-hS2mLhlW-bI3ff{?|<MTDK59r^I#1EQ#?2qe<P
zkkQdm#M;^#v9hv4+S}U^5)u-GiHQk$_Usw*?b|m*PEHQ#>gqy1efor)IdcZNbm<au
z`t)h!>({Rc6o9*U@gnm1^Jm1+&=4^-HAP%qT@gJ!JtQtJ4k05WLmobSh&VVnAluv9
zNOyNPQdU-m2n!1%-rn8_H8nMI;=~DrgM$NESy@5K%gd3-$VenTJsp{tm_T%Ob&>b)
z-y<z8Er^tq6cQX9jQIHYAb5Cqh?|=mQe9n*6ciL7;^N{+Utb?`?AS4=;fH+r@&%!#
zrA5rm&5={5P9e6ow#fMSIKs@#j8IWgAuKE`h=ha$LP0@+JbLs9p{J)ujEsyB1_lOX
zZEX$V;^IQ~_Vy5Ub#>(9$B)R%moJgl)>h=zt5--sKmd}Il!Wl`@IdWBWPW}g$<NP6
zY;0_hot+)T+1VK}Ffc$03k#9n-d-dtD+{@K^Cps=osHbObql$C`7-k0!2`tD*ch>}
zut3<@*pSrJRAh2;5*}2Dy}dos-`@{p`Y4gMwzh+VO-oA)dHVDz^5@SV<i?E~$jHbD
za{Kme1Pb}h&dwsk!@~#>5fP%Kq=bx(jUg#1DM(CA3}R_%i9|$103lHvq^G9`(b3UC
z5)%^<Nl8iM`t|FGqoX6Txw(m~udgGIA3sJyLPC%?Z{8r^zkf&0pFfXeWMm*iLqiB3
zA0N`$*@>Jyc@pX9=s@J<<&m(kFy#LI`-q2!2Xgl8S%ij$25D?;MC|PB5D^g(<j0R6
zh`+x-^8ER8BtAYKdGh25;_mK_)YsP|2?+^^fPet<`}c3;@87>jRaF%tDk_TX?(QO$
zm6gba3l|VSKR+ZbEe*lP$46XTT#&iBIYd)a6S;Qn8d6(Ziwq79BD}o3NKsJ{qN=Kj
z#Ky)VIXOAVojZ3Bph|&wd3hlO1O&+I*RK&16BA@>YYX}H>lad7T#OJC6C*M*GKjXe
zHX<k}h&VYpAqol#h^(wEvbws8<mTog%F4<JKR-V*Fff1w1_mN^b#=(Qckd82H8rHU
zxf!9OqeG^qrjU}75@cgz1M&6sMc%%Bi-d-TBAJ<)bwZazUKI|Kh3&lzf1j02$Z*Yc
zUK@w9ZCpBUDU`a#d06yDcMg#ZuC4Iy<QSe>VoB$>QnL)*A;T92Q3}M<>yP-jjow8(
z&@4~47x(?d`q{6+s_ZtG?3U9B!S;ba^&S)GnN&sI=w~E%S9!?4C|7(8#;1Fz$MSSU
z;+{Fx@r?_;=Uk3i6z>x>UGd*}+vB5pY3`I%fEYi;b=2R!e#Re3uP^>oajR_2d}H^I
zUDD>vt(E&s*2$+&p8cBN%)BWVS53<CA=bUhJK+w!z*@}jMbD{ilP4YOIvO{>U$t~~
zD2V?RN%NfT@u;I#t;lR{QBVrPxxCQW<)wc<O{s-8P~JEX%-2OAD~{%E6b>4nkeHO5
zf{KRj7$Y+anHc@|o&B-8hT+BMsiF4L)myiGnW>v+5qci-SMx%6WgiQus6<m|h|}km
zy!)b)S&~%+slujwPAv<U?~IL|EFXV3F4Rg&Ea1u5s7#a<NpXs&?&Hb6$`$`}mAgMP
z(U-F6NSwsUv@VX<#i{;$>>xhB^mZ=wt`aljgcq4)=nX?vf|P$fH!bbl8jI{Xl?#an
zQ59W%b2u+p&5Uxw#RHbc@~JOL7Vgfgc^n(m+`h(@NG&_~Fy%vu^O>5<Ll*Z<de_4p
zA8b3EBdMXwI%C1=F}bT-)0WWU?lo_=;}>ABeknRV`BR(?E;)zmruC@YQ-tKwTB+R&
ziO+Gtr16xV+6Du4=!rA|!41;1qz$(Wqp{#jt*9h?g5dY&BFo<L<@=)Ny9v+q_Z$yq
zvEW?H{ocQ-ARAE0$l#-|DrXZVJvV;r@vQXX@xaZ}cQwCjWqKUjh{`E%H3z<7{kFx_
zgHPDudCgeTO8BDo_#l37hrLioQ+)+l?`f&KcRf{^KlxHz*5`ZEU&E7G-ArfCo2Pkh
z=F65%*h$5_o>ad)x<^s54>V@2-v+jl))I^qJ@vt7%iszL6p0l7@`RViYol?iX2&{W
zt$D*Owfy(}ofYC;U7EeJ({2Xe7pODzdDrOHJg#%+@V8Yy@z?I<-J*Fb6%%ILmgXL?
zu;bnr<QgMGOQ2%BO8aZP@p$PEQ<Yqutn|)53bVCK_uNp9V~gSRbQ8Z+^DAv?cW(qH
zu2SGmab&g(@yI*MeXCJ=wrngGb4~u^T9vB3#FOq^y7y=erm{OXr&ni~bs|S6=4w5M
z->VY8xY-k6F>khcQR!2>-bW7p!Q2nIVtxMGi_ub}Jp+<P@=?C8c9u{2#o)JtRl&?g
zjnlc{iq7_&%uuqR#k+DT`hqm%snu#MH-CvX(8zG*bm5PkNS-)(E1ajTb#cA8dXvs<
z%uj0B!`5+a`n^`ORoMB&A_^6&D?GO=b3=wjrj-NdBeN2IeEV_Bd?#^W*<yfTEX7o7
z<mJp4Srp34tbUyQI*qu!g??~SO0B4ZK{&OCy-q*(jnw<TlXnA}|8jC#1l+HQ>C-#K
zCon;3So<VsBkZRgRmqhLfeY?l2-7_=Wh!5{VZ?TfR0mg+y`*fy!p6S!XJ-EFBG>Ky
zxer+~b6KyS*_#kaL{S3Ws<&NubHWs6hPO_H6HT}>IXA3LQx{UOXv75MY)&$24WH8Y
zS=Bwk;!9>)-s2b<K_*S{PxiukrkpB4V7km{qDXRE#R8qcA)5%&xB_+|S#7F3UY{S;
zeYE&zd3edsMEH<~-^n!ZyTC!lR_Bl#PCUFNmb8j)I_F+%Z^)NU#y!UtTJq8W<@9SI
zBIo6u%-?Yf8h{UIgVYBJqXP&NZ2@7TUqF~>69^OS17V`iK$vJ82oog%VImtKOoRi3
zi9P^fB2yqtGzWx<UIAeuJs?c91cZt10%0O{AWU=%2owDS!bHnJnCK-CCQ1OpMB6}^
zNCgNJRRCckYamRd0fdRTfiRH~5GI-i!bBNBnCJ!&Ci(`1iB1DyB3&R%<O+m|f`Ks6
zZy-z*0fdR1fH09^UfxC@5GMKygo(ZbVWJ`+OmrCt6A1!gB0?ZclnR82G=VVDV<1c<
z284-D0%0OzAWS3*go((3FcA+BCSnG{L=!-ms0RoWodd!|AwZaD0SFUO17RXoAWUQq
zgo&hpFp&%pCK?68M3q38$N~rx<pN<MA0SLr4TOnq0%4-_K$vI@2oqTWVImqJO!N#0
z6TJq)L~tydfiRIW5GI-e!bJW+n5YT}6Ac1kqB}sC$Pow=c>!Uf6d+8L284;qfG|-M
z5GJYv!bI&rm`EQ86a56jMA1N)=phg$asa|aR6v;MHV`KI0fdRrK$vI`2oq%iVIn^u
zOvDR>iOvFHq8uPhbO{I(g#uwBJRnS@1cZq=fiRIL5GGm$!bEmJn8+6h6O{sCB2^$v
z!~ukfW`Ho!E)XVq1B8jffG`mQ5GLXS!bGh=n5Yp56G;PMqF5kIBm#tql7TRh2@odQ
z0m4K9K$xf#2ou!;VIm12Of(CGiJE{g5hD;L$^^nhPk}IzIuIr@2Es)0K$wUG2ouEv
zVWPJ{nCL1HCgKOeM9+aRQ9TeQq6fl6B|w;H1PBw^17RX>AWTFHgo*9}VIoo>Or!;b
ziE4l_(Gws{)BuEu)POKi8xSUv1Hwe&K$vI%2otRVVWLk!m?#bi6S)InqG2FRgaX1u
z<v^I|5fCQQ2Es%`K$xf)2otRXVWN*fn5YW~6Kw!tqBB64h!O}Bc>rOe6(CHc1B8hz
zfiRIQ5GFDM!bI1BFwp}bO!OWI6J-NoqIn=pqzHtG?gL>WTOdqC284+yfH2V{5GD!&
z!bI1AFi|%UCQ1atMEF3M=noJkVgbTLEkKya1qc(p0K!DhK$z$l5GG0o!bGQlFwt=!
zO!O596D<N^q7y)vhzkf4^#fs|0w7F80ECGofiRIU5GGOp!bEgHnCKl4CW-;VM1??@
z$N&fv<pE(LTp&zz0SFTj0bwF0AWU=x2orq)!bFikn5Y*B6NLj|A^{*wbP)&>u>oPC
zKp;$%4}^)_fH08|5GI1lU%0G?OLj;t;L;S*8o11a6aX&0AT@#X2rdU99f8YrNJk*e
zf=fe486XvbGz%_|;SwJ%P2utoE}7x7A1uudmi&+wKw1NrkZ^eisR~?LLMj9)5?n4q
z8Ubk%TpC0A1ef@5ISH4!a2X3J4x|o{nn20}DFR$}!sR?%mcnH&T&hCK0O=oGhQsA8
zTr$F?DqM=f<u#;8kh(zH1*ssUNpPtTX%M6?kYYia0VxNhSju2&3aJ@fYQtqeT+YK~
zJ6tY9Y5{2_T+%{10;wll?m~(Hm+Fw_Kneos1YD*=3Ii!3T<St<25A|jTaZG+B{HN!
za9Ip#38X5J4nj%`=^><#kjg@u1efk`2@aR}kcL9~0jVoo8bc}zDGa1EkfuSZ2x%}}
z`a`M%DH2?wLy82cFI>LEWj3S~kODz!04Wxv32>PXDI;8hL%IZM38ci3LPB~415zAF
zRUv(bv>MVxxLk)+0@5Hz;~@2fbP_J>Ar*mC5YlBx86bs()CbZiNVOq-g)|G&W=Ojs
z6@e58Qbb6ZAZ><}0n#H#VIggW6cN%LNJk)Lg;WjFUPwbBZGw~v(n3h5AWefb15!^&
z=ON99R1Q*eNTDFLhja|mcSzMB^@VgDQff#yAw7lk8PZ^Q3IS3hNLwN8f>aJtMo5z(
z{e!0)AjO6>7@ksqlo--5csc@}PJpx!QddZWAeDqv3{q)G>*1*dNLwMTh4c)b;(!zg
z(kMuKAnk>84^m1<hu~=ocp3syP)M^NJ%W@MQbS0^;AshX3IU!@0Q`WEl0!L^S;lp!
zNbjMjRlQxu18JARikttI+mpceIe<r)fxK|UC(5eaMh^eK$D@7pKU_+@tm3A69^3v*
z?rz)sbuP8m@Z&uUhL?r^Sdz={c4d%J_{US~db1EG1f>wXwW7`DG&49?5c+l5Uge|0
zFA*AnTB(aKZre&yzc$II!`sBg*M7xIL{BOxyTh?D6Y@p;goDSvSM<tLQ9q=<`+M1{
zYNeR94SFeWDsGPTO=RF~*w*+^|FI8e&wO@vWlVpFs)#E8d!gmzkIt;0`nR0iKJg{R
zm^Zvj8@<uw^V{)i@Z$OReHKqhMwIU{{VSgSc8&eYod=nziI=LIOO3a2CZ+36>6Hkb
zHYH@%Np>l!30S*1thA@txKOCx(JQ0ndEb}EXktBrUqXW|cOXa8{n41+;A3l#)%{Cb
z|D&%d=G;^^0r)-{j8hyKtYnan;h=#qQIOz^vLUzleS!I3L9-^)zq`6Y*&5#qzL*G%
zTrljq(o!n@!H0MRPvbOILGas!Ff!ues@q!$=l7=qFBs)yW|{VA6<17<sd-FWZUj85
zXtV15zCHBu!?_jd^a@Ik--;cKpC5&P<|1+CnD8dn+&!lJlQJryd&~8Cm;0$VJe{Al
zJ;RvHPxIL3*frNx7000^y47#C+<yACh;pOQVt*{;Y&bgqqPAN}%9D6u{pZiVP0f!>
zQ%C(7Ode9c5*u=Mclb@NAetkHCrG02SbMfRQIrFdOr?YKr<-`3)UA0pkN^32DmOXp
zQ%V?DQx8k~iv7qf+x@nB$<wPYv$_oL@g^5CUbC|HSngA#sqQ^Dt|@zR_RcjIm%+gJ
z-8`=De2PBthUpWjk+cJ6WO?3OKlle6J2cJNenxAdNvhfWM|$`}RIdO2PEyw5yA{f*
zk(g?UEPAf*k6jJO{rvT_Y^K2noaZ6-2*u(ezK4y^NBnM9;{E8HxV5j-ms=R#T@t%E
zWNghP5yNV6X75$E6a6cFVUF4pU%tNff0m~voJ7VFX*8cp{YI-WSbl<4bnOf|o8NV!
zSH!cVYs;$D`;Yr<`#I!91o3fCWYedjugGyN+A!ACkbl~vXW?~6@okB<Ha)!NqnLVy
zkM5^us?4(#@y|Fh@5)mmR=f?qS-wn+zfkMBsrrB<j84bjHNJG`2k!;4bKXuvuGbvJ
zn6H1C_bnq%vK4K+I8tZp;z$>@vaM*C{OLzT=2@?ljXU;4mTBK&=66X?-sl)8m%7AD
zRxdd%JvzxuBc)nX*jpMLS7{)KCX_CEs{X6(L3(fcF%Ip(hv6#f?bQSk@_f%+U3NE8
zMQ_Y>5DF<D^SbxzYwC03>f3^+Q@lh?{;1{>Qu{HUlN1+9y8LS)=uUw?QN<+((dbr_
z^>U+2$0+d|jw`7s*SPL!Uie2kaqr}$(p{?>k(0>WM}}|pC36Ce&&R|g$1Q)U&nU*M
zsxUMA-JV<N&+^lKm&Z>~<;yRkA}93hUFo_NUv@h_uM4SfOFi|6Z=;{ws!pA>aMbBd
zH=d>Me-kEk{_f3N>vT&y_8t_SG!}8TjmzGwipOcI!$*scJ!Zt6e4{+JWji@%cJIf@
z!i&CW=ga5+{WU$Ud1|vR&fYyojZO)*lGd3S^CVa-zuOl@mwQ~dTT7C)OGs3WnI_BQ
z$z68V@y}z=&t%~^*t~to(rsUKvVWj&hu141Im2gzBEb{)+>&rJ?&;y}mwOLm)qeGV
zAbFvtzrDzP>php7+#dxLnT#{n<X}IJj8&AbAA4^to-Bdp@AI-W0pBELtKQzm^VXWs
z$-eFQ=;giIo|1pAZ=cMQN@YqC5}kW&{hIp%yTFgqRck&Sip@|dcb3SEmx8C>{3@wT
zx|=V{_`P+YLt|@s!fdTjXp`hBBI@_+hR3r1#^nO~TP%YY^Qepl_aYPf1=ePfGWx)l
zRaNgM?lf;7_7gTn-Yrj;e9kr`(Z9CaNQ-xwEm>7~S5NyOLc>jwGb)zqjNb8;o5vCi
z1(Xb4UC*ezdi8IsQy4wvi?S{|`TM8IX-Be6OwaDzu^gv$mtMW~r+L`$T&a_y(^rbK
zcOL8Kzw7&(bzW&QNhUNQ=9{Mbkd?u;-gI)NYYLRf=SW{(A-pK!v@*@Uvu&C&VMRH0
z>CQp`gFkoqZqc<zfpd-D9={gh*7zv7(6q#v{T7em{FmGdUO_KR7k}TE9lde4{PbPB
z!i3NtMR%m-o)mkLG$s8Tuf8X&eR)^K<f?_9$lv+#4!7Wi#<n6eCFu`|ro*3|&8|n%
z%Beon;U<1ew#6T6@OP7Lts)?YajHg-Ny?DwQHeO7`Ep<$mx8Zk^nC&*)3+KjjgNUU
zhiU#g=|1zz5WX_JEY&I>QgB>%<Ji?%4(iK3BsY5=-cs|uAMW^bvdiMv`i_4mB6H)3
za+TY?S8@+~@nhQq#LHepcyO}IM(cFVqIkug^j((Pci5KS9pee&@LK%7^nIXeQ)irT
z;ccT{`lGhEhh-0DinVJW5PWnv6JK#dFsS`{GBb@iTe9s3q4082mRh3MCO01UQ{7A+
zD-EHZzUS6aB0nrpzXVL=KQ-s@>}`hY(X^ZEAHQs2ICYAJFYG-^q?6#s`;aLbMxviv
z?=+FlzeCy*cH6O2KQlgtX0EzYJv0hqFyr}j_0Kx4Vg8>pFMiKf(|vptJUHI*WrV4Y
zA4kP<Mm_!9h!yYPnJTfJ!kQDYRF?!f2L$Tkh<;bx$N53K@apbGoG~-blt9N<#feXw
z=FGQIIt>xJjsv&kU$38?$Q8~M&?<_TU~AhsFJxYOKYkte<)xvJhK9bbh!^2D&8n4k
zWe<n*uFhM(Rw}r5(h)84a_GFc_B(T<NH*ij2hm!BjSkKU1Hz*@sVAZo?iEuBH3jCc
zk)@Z%ayOpTXZ}YR8iYGztk>D=$v$ZIA$X}I(fHIU{IACqP9Se`fL+Yf7r{-q96#M8
za5|!u3!HEAKaaQ_@LTM?bwIoS+@k-qy3?y4^`m$cmDitsCpU|A_hb5!wK?C=Q~M}J
z^r?MweV@yNxGxU(t-f;>DYVYa6xvZHCf;$@Qm<f0tGmsn_#(!Bs&Z8RmiXU>QpQhp
z)}vV(c3oFeGWhoRqn8XHDcPVdu~lmuWaBGO>y^Lv`7`6``sU{eljSuAYL%xl7d;6H
zNZ+g5r0L(F)te*d&nH*=YT9$fz}o0b5^wYUWn!;YZi!CzJiF^2a#^j=3yc{gFUZ3P
z1vkndIY3f^gjb!w#R6PCfTB=vqYRP*<p24@2j8E8@5$a^)+O*3zBEi2xj6;x=icFd
z4W{TXnHxB6F_k?(8zg8#8ZGzbP7SpOf6r}CQ?I{o^soQ;V@6+W(Db<a%r%=fZ#7r;
zWZ%&b9P#Pa>ZsprF;=!hXIaDOHn=}8d~;k4*&9|MFmj1}^d2VyTw3w{!o{?_d-iC2
zN<EebgyO%7@Jju&7&P5>ZVkTOU-_t-wB<y6C827!b=gn1J5x-gp2V2xSsh=fR*J;U
z=SnZQPCFECB9|I;Cgm%S#Xa#U<9WzyH?kO@XjxG%u-0YnK9nzdV}f>@MmzT9(zKND
z{f<*VQ^{wdt}1h85HX%OKd$lgpJB_ZzQot-C!5J?Rj6bG8+$)F%XD654!^50NTRmt
z^)t6ccJ|tC)u~hi^|Rl-ud-2H?5G^dyY2Zj{~zAh2g>gf)9#K^iwm7`Nq^B9@>l=T
zeUFU_InLonQJL~9Z<g_Y%~*3#b}Ja`oKGQd;@>p2$(f>9ddw3M{3&RW;Y-h$-~LE8
zQLj(rjXG8)(XzeIQg+h)f*0KMeCHBuKR)?z{C8;d+h^NbF-4b^CbSURhYc3!dpNvT
zbd5;Y1WJ#&s)+qaHu+QR#MgGSD?l;pByO{evjZXh^ZNDyu4)=hiFvcw6JamU*|QWT
znTuptG8<l3<wm)$lQo_u7G`&pWDK-g7>|2j5PzpcJAAsfm9B5{)=v5BR|Nhw-<ZLn
z#tZT|Jmf$?KTYWEmJJdH^y5<jc@`dyAijaRMUcBk^?mvZsC(T1{dhX80>7af-QWMO
z*EYao4-gO>z|n94_d5u1F5*80;Ew;>0KD=4DgY1ve;Nf~TuVS!9E~p=Ip|GH39f*p
z1y`dgBPxhGaJe@CSJoNBD<c7MLxV5!DN$4?S`-~h8Kr_!M`@r8P=+XD6mT|0qrf=g
zp()W+Xj(KKS{bc^R!3`~4bX;YW3&m_Gzt$5Mwk+h3Xc|#4o?|R1y3DM1J3}@5YHIT
z1iUbc5>1H*P8m>9(o)h<DpRUZs#9uE8c-Ti8dI8pZlS2qRCrXBfXLEP(NQT=sZgm?
zX;2wZ8B!TjnSf5CXwkHIw3M_|fWFevD$}aas?%!F8qgZj8q=D9T|&{J>G0?%>8R*v
z!N~z-Iu$x~It@AlIzu{RIuo$NC}p%Vo-(B}l`^d|9XREpqO7j0p=_XRsBElk0)_*n
zf>yy(p;Vz#p;e(%Q3fY2)KxT83{(tNj8#m)V4;AcAD%j;I+Z%DI-R<*x(YZ=qM>e}
zZm4doZUTl9rGeJK)1cI#(xBC#(@@q>(NG73+(5%n!&t)v3^d9BZGdM$X+UK_Yd~k9
zY@lMGZlD1uwxNNsfeCmUP=;tjJVQ!DDnnXBIzwec6+?AH4MPKPa>dxt1iVQoW3(}z
zF{Lq;F|9G3v9hs>vAVH_v4OE6pztQ(Ekv21P4G-8O{h$0P3TONO;k+OO*BjlObkto
z!O0kI>D7mRdi8wYk8bggK0s(33OwMCNJx%LLP|zJj895LK~9LmCB`8@li?#Icw~g+
zqy)G`#3(%Qg&ze%LQX`2gGT|JF3CvoiP5-(xa4?5_=E@<F$n=F4vGRzNP$m+A|k~j
z!zCa_$Z^m_B%}x~J^>z@kemWVj02v9heLu8k>QdP5L2L0gy7=Ega3|h;Ds3QdPeZ?
zA>0PH;FJOaUhyE{&B65;;Pz;$_)qsSe{T+}4{I@P@Ol5UxdP4?n1Ho_QvZh^8x_Ft
zn%QF@;Wg0Oz{3H0Ilwyj`taigrzm*cD|{Zj9+M0td>*`JofD)uNEMK_Aj3d5gM|AO
z1`-7}f&v>sfsLTRn*v4zL4hB=pupc?6az>OkYXT}LE3=7+D8}MB!lNc&(3U+Fa$)@
z-sKDhp-#&fXD_Yb(_DUzx8C&jdVE^)iLdp#;azMQW(vE5lk|?N9t^jS%}_U<Yx_K$
zIj)_x{X3yf^jAQElYbK3O9G{o7Rp;BT-KbSA(tLrOq4h-t=K*H=FbD%eMYegt-M!#
zU##v47Mm7!=-0^h-_N~S<+F43`y+4ks>Wl_3-;GyIHD~+UYQln$6>bNEqPJ)dXq)d
z)>%q9n8M`DQ|>Xt(o?OLe?Qc=FYpN&k-10lM-mN8^lYev>792OJ=y8nT=b9UTOc86
zL%EJ$Y--$;-Mrh6_n-FU5mvdi<!W*V^WN!azFu34H_j4^s~c3_{mITWl72_>2~`9w
z4H!e{4GaBuVW5eLaL5P|a&R<~5>Vjbk^>oUd@>4R99%*aLV!nvM~EUL#zo_hQ;-ti
zBSa(wWZ)7yLU8b-@kzlEj*Cx9fWo67BLv$aM{r4S&?LkN0S<}`7oQN1h?Ihyj0BCs
z1s@%Rn4AEg5Qh{+0UX;2h|xqixZpJjNslgz!bb=hIADJ;#}_;Xu>&4c>>znT3V=KT
z5=QrQ&#3~Zml}kRjU(qtLQ3tzHJdApBhdYO<ee?j#`m6YPlT+UJoig))rRz*WB`5S
z4DP~tdFpL~#JXLhB2pd3+kO<Xn+uNxD@gB}ENQ);{ImD@W!vLdRZHs|TwNoh%8woz
z)0j_C4Scw5Ix(&^)%t@=jk>cri_GnxdDzuFg0b~)<^HM1ebG&Vs@`$sUsGC&_MZqZ
z)#xYP5YFE!-tcoev0U!_Ch*(a0IgEd%{J0Y!5xo6Kltc2Pv5&cMCG{m^EA)b^uWu8
zaa9woc{<!~Z-n{i*fSDe)n7h~x8R^Z?^1aF;>YhyTBr}b+eTT9?`Z92n+TnLQXbEz
z>!IIM+w^qK62FJ;DbwwK;Cj1$uIY8fj`Vzx<a+4aAoI2HD+YBED&yxk&rc+8B&u1h
zrmjx*U%D(u7*pyHx6Py=u2N6+(r|^?E9rXPufbr|n`d|%r#64-%8RIVlPpU4T@LT$
zne!W)!hQ7jX7tzF62AOvWoq9w7+=wTf3Wx`mg210sg&G@Y5%HXqoe5GJFT=aF8`w{
zC9?lzkXv-F>C>_Gn*|+}X~sdO0SOGM`k~u(RU|#_@*hvMDA4%I6)woA^$O8QE-@F2
zuH4ZYSb08z&&$Ttx_0%_?3dphTkP~NUt2w)aBnlf7l}lPMP{-tUcEMGC0-PNL$crs
zmw(PK?X;2v(F&XA>bv8O*PeTJHRoO@KYexX*;$5^;7;23eSsn6_uf8l|Ft$!c%{1N
z*cH&rocwFm!k9#JH&bchqTWx9-+{8V2KTjb=D9@7NgC!(+S`6Nn!NSIWOnBcKi<^&
zl2GaNvs2s`+uevtdYOJt0t?3I3(x%U<T}cOw1}?Rez}ihL&tgQ{pas}FP`|$(EUJF
zkNUbOah8=7J<ERWULBg2@lidR=gyN$=6nwAG8$I9yA8z|d#^iI+x*iTRqT2ed`y%H
zk8wR;Ry0l+TDnGHcpA;__};L##oxU2T5<RwvCO++OLTzW-p_~V1j$m_mwdmxwBNZ#
zHzeYOH7q{6WJ`5SD6V%mRbqko&2<~J)RyYb-5UbQMC(!oA8#s_zhF5L5lf{-z+G!O
zs~e;GVVQ?%_(vK0XESmIsf@p$Yx^p~H56{K1m0+RaPO3I4VmEy9ov!B<}@G6%J|t&
z3@9?ikCm2D30f4Nze>JeCu6(+;tP2eZIMaBspeZJFZ1IbQ@wXN<x!toT*Trj`JXqJ
zt#4_I>ztdddH->=^@^x{urB_v-9=qN#S^E`ka89%uMb#=U$D(K>+`O3@S0~Gmby@E
z;qxbe>dKV6x@8%?<A8f-yEZF_W$d#I4Ogky09m}(`(v+b+q@`g(n}4WvuSF-$+nne
zsrME5bbjQx&2-eCvUoo;_gXPG;}@nBR|vjb6iZzbwGHoxd3UXS`?vb7qP#BkwF`6n
zpMqm+ZVG*<8@*Foen+BFhpsSgeku7!hArE%YMS}XhBcxJmP`C+3sK&`x>Chy??!Rf
z^rg{6hP7(liv9a?z@U2P^*5F~=`Q(l7d5X>lP1Kn)5kpUi7-v~d!xer>x<w=oO9W$
z6|ZRCM$I{DocQLEw0{GyuUZU;DJU<a%c^rHjkE+mbC~1L+*8?&^12*x8yB1YFTp9^
ziVq&{H!;XLYzXlrI6AFAH?Zy*)XuGp_$n3i>Ym9B=29o-1ve3#(+VM1*{L-wtapmM
zrA-8ce_SIQ!qs=9{JlHT!5IG}FrS&QE{v%7X?F0)KjC8zCDdJYZv_ZZ4r-qMkF56t
zefg5%pXGy~`-1;2*N11(V?vfdbWqRBx@t`J%CGa)Pvw7~j;`N7IcwJZYA5nvLg9Vh
z<JT=0f5^2-^S&7-VdgleCm192EjoZu@k3mWbGpgdM~|yTw*S2p`dVeG;(~WSr*S-Q
z_SD5tUV(hRvZq{ObR{zK7M(^BH)@Wd64}bdoM)7DPO-N)aLRoA`HgXsp>`*Umo;pO
zRp-2(?oA7Iyp<QD&NjpO0#lF0yt;pzd;Si&df{@@VA_*Ua=0a2AGY*x&OG?aa=|!|
z0k^O{F>a;Tv^AvPZu67-E9s<6^C6ai&jW_{#iT{9^Yw5#{-rLKVNyTM65sC}LSS#3
zBB*`V(As14I;-&QAt$m8Pht<1Vzw^wib|WCX;G3xL{|p#H^uO^ADkxfz0!7{_+58q
zP(G@p{X2Qi_)|}Et5*-Fv##2QXFpQSbrHQkqFMQ1`1ttdm%*5y-I@w{CoeJ72tIpn
z@ojmO_leQs)4jj$kD5P34lyS`wST@r85Blxp<h%|&O6kNDaVw8Y}vmq>-r2g+h}SQ
zsU_X?$-$HkeIeH*2|VsiJsC<zRo95O6B1+Y%k}9JN_@DFJpyN3dbS)c(0{i$@j^O2
zWGj*SdrO5lu0hh9;~Wjirp#nqiR7Bj`~!?HJdS4yh^plnDa7Bi>&;~Tv9%ZO`A7Mu
zqL9Bw{fN<c|H)6vx|d(JSig8Pe}i~eC9l7!K+m3fS7CDh?zySw9?q%L9DJ^K3u*{A
zR=%}-eKtnHUD$V*zoYLlW$)XlPch#5z5cgzNUlB2FiX*N(vSET6rv(KLtsEWl6!_#
z$(~qq^`R>V^_d2#KV$sa!rawf_-E9^lFw7(bVpCFnVq;*e`iLRVVgC1tL$%f*N=-L
z-Dh}iU6s$}Ku1xH{r#-SbGxc>=Io`<os8DJktX<AN_OXz9p%{t&$#+j-Fe0t{I2rh
z+uMJZ3PUMH)Qwtc=fcfiKh}Q;J>lPie1Ei_$p>c4kzrAIgTUOo7np?`12bh7V5D3O
z47hoKnX)A?)K&&Y%?!X$n+2FK8vrxw9bm}Z35>XHfDtu6FaQUn1<k>Ma6AGg*ptxw
z8JLfE0%K}gU?!dm48h}p@iF{j(+?O~*8pQ>N?^j>3yiy$fN8fUFrJPFhRzDWSUevX
zkc$C><xyaoy#Wlxy@BEM5-`I~0S3*4z~tK)n0Z?QBW!bEd|nR>rXjcF0mjQLz|`Cm
z7>B0;LvrxdF=aO}wq5~-*F(U3SqPYgPXmKyPhd743QU;OfXQ?(F!hcMkH+r=CeSuE
z${Ys3;5iGJa?b;UXi{KYUI|Q~9|2QsU0@_#2~3*Jfq`}#Fu?W$rrEi`q@5C&To(gl
z_Ca8VZDXs#*#u13D}gCC;C3hjU^E>B48`Mtfj1%e)|>^HmZt$@a5$MT0HbU)_}16}
z7({OXWAjO1s=fnEsJ(%Swh%By=K<#EWxxPC78swC0^{j?U=p4MOut=$k#{06o7M$}
z-%h}IItUn36GHQCU@~0~Ov0CdiTesL_HF|P=aCUH1hl|Vdj}YD+XM6NQD7!7#6>Qm
z1<c+VfWbH#n80%Y6KyA8Aa8$JlMh~OumMcZ6M;E+EHFMN1>X#p0rUAFV3gep49fk0
zX}dZwCr<%J<kP^In+KR+!|!m5fhqeaFnEWC<lyUlF)3h#T?~xYrGT+KEie`507mJu
zz}$WVn8@b>BYMDj@pOR^b|^4Bp9e<mk)e_36kzTx1<b}ffoXO(FveB@2Hc*&RGkuV
z_BLR49}7&uy@4tD7BDCu0;b(tz|cJfn7f+;WA#vA2HpmY>UV&FyB07smjwph_P{tE
zUN6wy`jKJ~7`E4x#mbTbbM<&&R<Eq8io*d+(-V`zs9b^B{SYv1&jp6vQouxh1(?xm
z0mJboV0Q0nr!NW(?u9tXgyHoQ^}x(s0T|oYm&GeI0h9QAU_4&~%++;)>AkU`2AwQ0
z^Bx7p?oPlEJ_wknLnHPfV0y0w48Dzl$+<T$D9_3Y<yZnn<m#%L_?6{R()`>cC+vaY
z_!clnp9F^QHNc3z44BP70%q-&z#x5V^_|=_Fpw_;rsiV6lztwVt-Asfc1vJ*J`K#t
zSAdy%H!!h}4UHwFrN*b11;+2@z~p?ew~f~3vMLupCy@Xe7}JYM;!4g>cJea-vvhC{
z2G0)|swV;?dM99R&kxMl(|{R03E+9GAi0nDo`K=UbE9CDE3Hh&a_^ryZuMTi=;|u_
zV~wKXf9A<&r*KU;#QtrT__!s-cKh)D#?jr;pZW5oUGRM<pS1ejSC^k^kC$I`<gH~+
z(^w$?c4@B(r&aU@b(rqT(>t0EI<5}<ox{Crol1A_(c&AofZ^2h7la2JBL>X9IR&&Q
zoz)ZGb-LVWx#hQ!;D0sUTygC9>uXhw-}H~I#FjX`<0!7Y`Qa3U-Gol~43oIc14BuT
z%SIuS<@Uajbyr`o?1g2e{3SeL?y2R(cvoXLCS}~U`h4IPchU8M?_Otd%%<4y3Obk+
z5xiXF#}$3m@-VtRFmK=_;hGqK%uDV!d9^sWE|x#(!%y7)$a3$wf91+L!CLk?=kGmN
zhBrRp<2ADPNnO6(_H6I5l!#GQ&bo;N-tBKUayJ*{NFtUBm2H;st*$*WY;dRitH^o#
z^!+jX7h{TentHPhuab=K;9YCG<blQ?+_y2H<6%tOe(<^BNB1pdHDAZCnGI$0s<8yO
z;$-I-Ek^u1f1Sw=BK{GiO7U(h@<19Of+#dvOX9@OVm2zzbFLS?ws*<*O(~*e*-pRs
zbX-PQ&Yqa!E2op?v%U-q<5N5`BITsSjugpebN!XS?q@P*B<Y7XwddH5ayVb~Jxk9*
z%|!e?xpt;0OHfULYm$|k`4~9yLRPXC_x81LRemQeTS1iBDx+@c4T8E~>0`T3Lu{V>
zLGjgFdi`!!caWE|*berIQxh0{&)wlv^>fFrW_q>ji})y|s$G;a%>you$PTKTQ93+Z
z{dK3QUi_7Cdn=HAmNip!ee|W+5?S>5Uf<>^*Ao@==>?vz|52rAah>^L-<H1<&y=;I
zG-P^HXqihg@okLux#q93eS7g;IWlR3Bp;vs4&%=Y80Q<VPRLa%c{43^>M@yt-@ObM
z>+Z|O!I~|bcWCAlhia@u<o^5)Z!K+naw#;(xi`7M<CAd3M_y|A&f@gvlngiB=O5Vx
zj>y*$_3-&^xL;sEEj_HxkI;X3Wj574xNv`#khA{d>@wZ_*V?&^4>}$)g9}fHJ`0ou
zm5S%S6c<$D7VF4MX_C%yIO%<^{@G4=SJ`A@FP-G`A)Qrp+8>prVe*h31JPqin|FNl
zKI^G1ml<~#>P<}FM^9z;y<*mNiLGfCVh_>0Vu*fhwQva)FMa)AjJL=(iOR(aN7nQA
zM*1axP@2-XeLfTa@QZE0$!yYu3tP0e7HJfIeJD6CU2XgB=Qoxag@7~V7asLbD4DEX
z_h+E}@aFp4lM6<FdMvDW3uz}#dqn%GkA!uVt}DKFY7>&>k+N=is_aG2+Dcmgoi~nO
zL0e^?EcKdPK5CqhwBpfF<#eLGX|rwM`$*4E5>?(>u9m93HD>3Zyzy8Mtj{l8VQTo`
zmBu!Z$XStiEJMsPG)2j{X1kubT-?2f`5D=igv;Q<A_G%+VdMt}i|!oZG|k8SMd8ke
ztLFdpzu?r=!FM;9TR81tCtQ|bCp-s+o$!1Zc7nSH`a+%%fRGjA=KyOJL{40QlaY!D
zbxJ~zi;0>TM_%#-x1x*)9~(V6{%L7pURF9XJOwEs9u`_sG&2neE(dt-4Ulg@!gxj^
z-dFr;B5lNLSG0P9srP5;x0?IGd@dS^LAB{2LaS%evw8lwCRKc2LlM&NBt#8yINLd&
zGrRV5&pbEybn?bs?^H7Lssu0dp15njbm+oabBzOEUAWjH_ety#jm?@McUfQiN|X&h
zgTG4Gvg}Ar*{FX4Im0QNIPy$a#oKIU&AxPBj-M587#1z{v$3=>S?4vGO(`-dyqu<G
zrc66;=OWi-Qbk!LC}r7Q`C(p#sx;a-JNbuK5EbpO3c-30yG!i_CpN_yyy+D!Kd>do
zWJuP2F17r~;~Hip5#Sr0%AclnSHAT1*{jU+Z`zVM`5n56hHR4xIJa$zgR~?<m%!zc
zk;~;bqJH3T^Nq$bUs()Oyv5yKe1Blw!;L~tbt58NokRr95t*yA(&=oK!Jet=)WP}C
z^~a{|BT~ne*ny({EJGJ3QR5;0=M?v!N*Wfqk}SJV%LmXHtjO1<32q0oURlldL6yoW
zUg&a&C07e)jQ$m0`NTt`H81jJqg9;z&<&5t>m1EdPt=)|pSd)fUM?IshwrN-<2A9z
zd>SW1mFG+ENiAyP-hl;*k&LEQ?RQ>A1cA)yp+o+Iynn{$H<=9frsQ?~s~RR<AJpPE
zp{w)@n%iuiD7R!<TG{cqFqV33JH0Y;Ra|^2N8_<{UY^}>$4w|zEJIx*tedF8subNj
z)wru8IZnV&;ZSi_gwZVjeG`Rur-qz0N&m?9!0U!4e-mN}8>S8<`?J57kn$ey6UXkS
z?Au#E@)EYVBt|CaZz#}RwcYJxGY~C0k5}^V)oBTv817xIKyjn+2}H5Z%rY}8-lI#z
zG=^!!`Pjr}zUrse{b2qM3CH5=Ci?MZ$1R*Y&AaL@J>CD7MYU3scKRP>O$6tz>#H3d
zi-A62|7oL#S2VV&>a`R46CZ4!9bOyzCK>!bSA}N#@_fhihv6=cWt6V3%wA@2ZzcQc
z3BBQw)U>3;7uOO>7P3AiU+wKn=$+(!TPkXykWig+BVqgd=3V;})N9l=v9T;GWQkc;
zCHgF_cb$?}KlYV0=T|UriHiFExAwj}DvIpgwz^48Y(UI`7Ev$}1Qive$sh=roiPy=
zlq8_y2-;0XKooNZbY^tSiW!wGB4QjJGv+J?X2i(bCvbnx{mpytu65sff8BCzcc1#|
zoUgtvs?Xl^>88Ej$#4DVJTEjBXG`k}9zBhZK6v&0&JJtuXVo|OZ7V+9(B`XhSY_h%
zZM!Z_FPhd)ZQe?SQC!{fc}AVOhst(6PXBap-k;86PoE#S@w3jJb1w?AhA+6>+3Bj+
z!fw0!>-7|-9+)jVE`*uvX*e=r{h$!jZbvoWbX^ua?zdm={*dKTmau5dkJpPPCCRFe
zJ`&GW>6Nnm{K}xPjx`2OBjS8(`+FQ1vE69FXkk?6w!O!!bDSW(`mlO^$=t00eTDeP
z%7f9zB*xD=Pnh*`)w{OWb^CM=#h<_Zc=U;dnr%zS__V4i{r8S3%-g(ut;aFROpUZC
z5fr$lt{_!aljvz_sH@<QB;Z%GYGS<Iprfg!t|Aeu396b>EfozNU3EQ?wu-tSQq$Fv
zXp1#9aEPizS6fh36NxodboA7vS{gc<+9C<wx6n{gSJM)tx>|U5Lsw5MNLBEMAn~hY
z4ZPE(C6?;xsEf39HB}^GKRP`7AXl#F(#z*B+uq?TKFHcSeYhf?YcZ>-Bupr}GTT&g
zWoDDi=J1unE_(t6e~Z6{baQtzT^;Y&-AJC9eX8r1l_U2oJGkod?WPzv%Yx}IHA_yV
ztv;c0A#&#;)wHwL2h3iqavJh=++&ZPH`Zy@?&z7|Z{E~fb<B<Qep;U+4?PPqx)mmb
zdtTdGsu%V;x6rKUo1<UOu8gPZ4LJu7U2Xa)v0MFbFQ*N@ymm`My>p*g@`0Pa$&RMI
zzrN$zkk{G1hQmI5I@5K0he&Vh>05g3U;W^D{HLg)16(HE{_w;p?6WMP*7r}X&#Mo7
z`(x*LxtrNa&tpS}jv1Gcn<6{BebzVcm8&k4%-A+=;<~nl!M(TF+1$LhcKnDwzkKXz
z?bu~u)6_)k-b=+#o4>|bnyF51dtC9LpShZ6+p?7=k<||!+mw0UN|&B~edeQv)L7MN
z>wFJ+`>4z*FGfupaItj#?|Ee<??MI|IN2sF=ozq~Pr#O^&38LT1RIwZ8|rNua8G>E
zZ~C6L%8RuPD|^hkmp|MlNZWLn$<dRq^@{eVt<^pDI7cV;j`@e8{%#3|7rw4IyfR3V
z6!PZJx+l?FyvBa=Ov*6(y0M~L?(p|c!5&)iEf#BcL`4rB{I$6$;FjUG=G!j{eeQK$
zt2-;|rvA7E)r0%Zh#Yn$)J*m1g<Gd}d%xY%BGlzehaA*?B@O?)dBOAzNjK}Y&o3+3
zGPUjXOv^UMO?OQib!z^K1uw1+n|r`w$l&=u7}Tx4-%HWo+M?;#UCv>{`p&Gb^O<AV
z<*h}+U}wXbPe$b*etf)8-9PxVcL)7hoj$#)HTdI1Plq!V_wN7D&e=7+jiFZ5OP%X|
zp6~eGcgCKOY1`6oWIj7}@>|8jkO_*Cjp?Ny-ZU>r2pAcl65yWl_2OP*yT4R-yUnZn
zGU%GkEa#NjJG#Bea8m4@HdU}cIiX;l>F%c|);hb73$&PcDz9mxZ_(G=@9Y}mo61jQ
zWmJ5eJ|=$2ftqpe<`f^j{>448*NdN0?{>|euQxOG{>o{~mi!Rq9y6g>wrt$*IX-v9
zXYTFPK6*hd`M77$HiJ#u<L4aexahFvt?dnkn*FESxDTil8~^w;=j0pBo&{@1=zojq
z+STD`r@LE!)|S3YFARShW}b56@U3s^Lnf@Rzh5|d(K$cSR0ID{DeAvg9uyatU3jc(
zmeah>Dcy0Nx=%pGLG^8c=0CN6(~$mW>2DJQgrKBbR@XK?HVA%h*JH))@-epU%FD;U
zK70Jmp^~MANnc*f?fOH#=0mmUOi`k@gI4Si)5QG5X|WH|k8T_pTRf?()0ZQgE+>o|
z`|9A&UnG|k9sa14?ix9@(Z5^s<G_8_jnazj+l-2Ma{Bk^O5c0q>reF=G`Obvw(Wp*
z*9?<`^Ot<mo6#Ty$bW?q3xyHe3L`cZMr;<0m>Z1PL>Ms@7_m<<Vv#Unb791MV8pJ$
zh@FKIbA=Jx0wadc^X=;lBc=x<Rth6F2S)4-jM!=zv5zof(_q9lz=-_>BlZJ~SPG0-
zcNnp77_k}{u`C#|`7mO`VZ>&`i21>Y?Sc{82_rTXMr;I(m^F-;4UE_#7_oUUV!L6)
z3Sh+g!ia^zh<$|-i+~Yph7r3ABPNCs%YzZy0V8G(BUTP0wg5&<0wb0IBla_l*i0C)
zWEin7Fk;0pV((zY?!$;R!HAuN5etG5`vxO621aZgjMzOGu@^96FJZ(QVZ=7Wi0Q+K
zErt<OhY?eQ5jz1RmJ1^`1xD-&j96P3vClAK&tSw{V8k}Th&jWEWy6R~f)RTSBc=r-
zCWR5}1|vrFU^<N0D;TjD7_nFwu@)FHI~cLwVZ?^Oh+T&f`vpd9ER2{1jMxkqu_rKM
zt6;>I!H8ACh{<5YykW#T!H6A$5$gjZ)&L{c9!5+TM(i|<*ftok?J!~;VZ=0G#BRfg
z1;B{)f)V=@Mr;_2*g_bw-Y{a-Fk)X|#NNV)-GUKIgAp@<5i@`hGldazfDs!2BUT6_
zW(gx^1tT^ZM(hEMSUVW8qcCEgFk&GvVmUBkjxb{VV8oWfi21^ZU4#)Uf)Ue(5mUm5
z-GLEX0wZ<`Mr<RDSU!wc9gLVej942Ou_G{IA7I4xz=$be#FoQ|^@kBNgb`Z{BbEds
z77QbH97ZewMyvyj*kKs4bueO4Fk+8k#LmNrJ%tfl4<j}RMobe%ED=U*Ka5xp7_k*F
zV$)&7N?^olVZ<)Li2VU0wgyJ*28@_LjM!f=Vpn0r_QHsbgb`DP5jzMYmI)(f3?nuQ
zM(jC^*gzPuco;D!7_qJ}VwYgV#>0qtz=#FHi0QzH8NrCz!-$!|h@F8Edjuo44@T@R
zj946uSUrr`U>LD;Fk-*Kh(*JQ-GmW)4<l9yBW4RDCWjHLfD!8nBjyDowh~561S56;
zM(iPsSQ(61Dva167_rGPViRD*p1>fz0NxX$ge}~vT-*y^F2S2@C;$IO?f-uLLHIv)
z_^$V>@82~3_s5PpSkIRO_yBc4KVT;i0lWmd02_eGz%9TYC;<|IFMt?G2AqL%zyv4)
zf`Iz~{u(yEcUyw*v62XvfC0dMAQpHBXaS3X5kM`_2lx$`2|Ncn0qcMtfg8Y3;27`|
z@Cm>h<w82(4palZfM0;=z+<2tunHItTm=RJhk&`jUw|I41n>pw0SjO^5Cyyjx&fPj
zslXjzIB*hJ2z&$Z=0DbENU%;rg7p~^tlN+Xg+L&14=@0h0i%G6fHklWm<_xIG=VI@
z3pfMx2DSs?z%!sDuon0MxDE^fjso+6kANDG2DkxLKu_RjAQX56v;|fI<AC3Rfxtmv
z4)7<S3*-VLfpb8AU>6VxyaKuc8-XdnZNLFI0VDxmfi|e1jYv~i4qgr(10Dmu489Du
z0o#BNfDeG<z;WRB;P+sx=@GE-N5}?egT2At;IrVf;J)C#;2q!{;91~V;1}Q*;LhOA
z;Pv43;7Q;~;G5u^;9=ll;N#%q;053X;LqUCU=6SaI0Kvk_5gc;PlHc`&A?{hU%|hE
zXMksbpMal$+k@MKSA$oBCx9n_uYs?D2ZINL4}%Yb=Yi*eKY%}grC=#I51a?~1N(u`
zgU^F4!It1X;631Ia5T6P+z2)X8-q84H-o2vr-AQ+?}8n{j^I<^Q{YA5Mc@{23z)1v
zk^?dz0MG~g0V^N|kN}>5IS>YP044%<Kmwo&xB{j?2w((^1#E$MKm{YD04_iU&;!^4
z1OpF%?_ZL>e<>sTzh86J8Y90uYF#s>jmNEPrdropW%b@xn5LGhtZsMZQbn5!mtBp<
z`s;S>Vvy5sXMtKz)9xd?P9Ei=B6pE==%BCHt&5?Pf&ZvF`!8>5wQ9;;dISVZ%*|z3
zuqPK}GFfid4a@LuS3|i;!~GgbO{qqEqc&+hw-)9}b5igzJ{9j_331tY$4jM+ew%W`
z3zzCGUf!2m#l+<3<S3+$_BNU3+X}=3tOlIxdh25Kpr&`Ow(&7_{a!YtwOz4HTU(;y
z(SGb0pDvUAy*p1Flj~5jPb9)}E>lyPPM0qFE;cc7nH|<FB_Eco)2S;hAMobgnT~&4
z)alnxcG~RW1LpxTu_-Ewl<dxHmX{e^xR|b<ntVpHrc5pi2$1Xh`=|6M*mAb-(+9e`
zI->MJ#rv0Z+mP=k^>N7<Tzp_er-`Gh)ho+A?Gj?rdu=Te8|oY8S?=6Y)%MCor|toP
z6)L3_skX&?okVgcXG8zdBOMZF=j!Gtu`pGT8h2@v)o~3ziH9|79XlAP;xm#iZT!ca
z9^CZ4tb4<~a}HnLx(|wvm0I@0yIrO|6jpopW@~4r=;`T*v-@t_l5A2?<ZBTTl+tGD
z@{zhePF}sk0)6ZgWAJX5NJ~p1&T}j|aNhFeg9@8B@2k`*%Q7@lQ&f$N^y`OzdFN^x
z5>Vgm)+IfQekR`9o-SIQIvA>}tBOV4W!=5|h6TI#3JDU61##8Drnkw4OY;|NWhRr)
zL8jR3J>WY$F}76y!i5n-6Jk9yTwT)Jt;nzH`S6~4FH;i*KDC(Je`n!&<6D=N-3toI
z2U;}-+uAI#*jc1L$aa8QTO$LpiOfV|XJ=Ju+w>;GZ0i;`HCHDe9Ur+;q)?ve{q$a{
zYN{fm{fgyk18uF(YS&cM>(!O(*xOq<S;x#4VRb4#C{~fBnW=Oe7(e^$u;%x*o&LB~
zW7qs9)o8_1uZ|N(C5siwm8zAc=N-Si_tNxq(i~!E?O_%YTq=~7o|o2DoNj;Ra;Dvp
zy;7-;$`ZYtWM{G5S*3@phtgo_GM|1C0cSh^aXHm=Yk{h*tyP)zo41}4PkFhxwA{}!
zB3Rb}?|Aj^*Ih2i<x7T_?AOCPUODz9d&@+nWsCdZ9j~EB_WSDjIJ>nSJ4$<)olRYr
zTNgad!vg#q6XSBaY*<>;;g1U=v^<^N+l?LVF*rU>AuA|2*Z<``cXe0iw1LI@wELR(
zaO)WoSUa@&T}6+E2U$ao;N7mh`|^x8Ecfj;dGwhf&2OuFJ-nYhVDEmBwUu>kpQran
z_KyhkGoC!A()3|Nsnwe|=XC4JG9{S`^>#*vT0`vycy^fRUuksZg0o3LkY;c5?)U|Y
zii(YuO^x}}2JOxr+Ni0iioAv-%vRu|5+nMA1!>_Ouf?6#<dfG8@>=oz>&N%)|GbWl
z#9H@}$6|nN^72NkQu@^Ml*7^&8fWyMwk!(p@P4>?kZZMZ&eGcY-KRe8JNdl!^K1W(
z=b!G@xI0QcQ!n3BZP%NWT>E>!>&N78PSQ6xniQgO<>7<<Q_cMxWZU)}ZAiZJDZAH<
z0*m>v$))=p$MwCx&U3};#w#U`Qw?8#Y3cs8^Q7cgRpavIMH39gDV=;<7Bw7u;+{NO
z&uGGuQy=1NGL@Tip89_I<>!ORXAXBQ-4;^5d4jc{=8S2MC*GBPXpw)(J#1WdY1WeU
zj~2L`a@f1pyZYwA$ECT!Yd0##b*Wih7}Z}i!hA$#)$Hhsx;Eu5N8Y+<MA&C(rcAs2
zO6vb~k>$cgrPod^@)xVF`~2gDOCG;kbR5-g_^FsZiZ&G!Ev(i|tE@<j6&Fjjk{cIE
zcYR%zv%62fDPHTIEjf~T!@r=(EOqIGo!z{OqvyB1H9C2H(uu~TA7X#`L%wa7s@tD#
zD)Cc3sZ|Vr+G)-*zw+?$`A*Lodsw_x+5S$~Ea1??x#IZHuPgSa&Cfr3b8hln<velj
zvOUe4K6v`xjSS4wOWk-sCCM_i=8=wV@}c9aJognZ-(hdnXuij9&H6o?@nt2q@@3sd
znq>YqICa&n-buGEk2iarxHMaS$@t)d#L_2)#nT^64SZIyQPyn#;Npq^r!5=K>ABCH
zJZ#N#L78y%O1}vnU$4K4_^`ob+lk+HB^ml^EOuF1y4ra0&CZgO3k#OFt+hMaV!wBF
zb7{H5%l(~lN9oyxd|pr&mT4xvt`vD0UTJwWWoGlj+eY_`=7y<kJ({<2O8%#oA>Pk+
z4>_iNxn=9H<sUxvNcW2TRAS%JZBCHcPfe4P3$jlHUUcquu}O7Teg2k(hKF;V^<%fk
zCU2{Z$=80AWLQ%;$=t6g$o}W&r30-msXhJNJIguw?w8^*GY|PqDofJaVJtD;-635+
zQu6gnmU+uZgF5f<-IHhb7+HJAuqwx~-?#o3F0Go_*nDI3`G+$mwOyIxIl@b4+o7W+
z$$69AW?jx2ydq%e_A|oEF{5X@dU<DP$xGs{b(vwC_}9YO;z8qH__bJGD5?xNb*WUv
z@k(T4vH!&!4~@(YQNlRKM@1!99v^L|P%W~to3MIDlI)s8p7f5*g63Eozq%b$sxs&9
z{RI+BSg_*K9AQFp=JAi4M9x_)KZiIsh=bGmUcVU|-g))wJC;RJeRoTyMF#$~XGX@E
zN0(k0pD(Xz44mC_=iBlj$#qA3y3e?n@@QYs@LPxLPv|eQo2>QG!S#)_Ix;H2Yv|Yj
z&oZ+KT^B#=YuCPbvFXWsGU<&~dwQn2g*_UUvNp+0H^6_nrFqZ++Z35W*Xsqjk$tVZ
z^$ihzwAzsQxMcL=i7K6cZ#?#4!z*VegUQxgtA-Cq8RXu0S5#$F*k#P+XDNdRzMj@N
zXXvTwzqV}sl=`*q<F~!vbmloszddi`jjv(F@6WEe7V4_Ec=|7uoi*YWk8H18TX@y=
z<&~Xfd1IUN3TKXOAJvO|SKvlq3-BvIUXNP0&v-yyYsmHmkBO#<!+-ODY|<c`l{r>%
zvyB`}c9V7DQh==cbp#dxEd)4#4AO!FT5v!M4rsvvEjWNKh{rLwAkck+kVXc>b^>p@
zl>w*8n{U|gRg83nIHouWUSex7UFbp@q+{wik14kvQ)mjNpG?SvJR&hLRk&eFI}NGi
ziYdkq(=U-R-jEIzc*%CgOSKB7hBUl%Yht=kKth#c+RT6?tH6|{#FQw))U6Jwql2j^
z2h*%NrgU#i{pT?aWMWG5fqcq@<kG;jScz#t9aC>5rnGWQy>5^iWsrE)kXcePy<tjR
z0=bk4`6j_s<_o!1O%`@QuBBo6IRhD_i|PG5rm`ALSK5#Y?vMf_AW<|RRiv0Q%OI)9
zwCap$rxMb~2~%$=WS9%4VGqd19LSh#$eh!V3b~LB3P>R-WMeHPnGTsoG4-lK29`tG
zX+sLuLl&HY+#HE1J{59Pg6X~nlFtLOVhN;_1oEZ|(oqFd-#N&)bWEFBnEua0ZjHp$
zT!yJq1SwMm8M7Eu+z3pmN=UsjNK*lF;54KTktJePEIPt;?Fp&jglSR(Qs6A4Yc6D3
z7UY~0ru-$CeybrfydXu-LGn6b+EiegufvqN7*a6>(kvVDs1$NW35g+vMDl>V(!z9J
z0m)hi`Iif6mIv9C4%zDs+3Eu+mkhb2glu+!6j6bk8wr_Q1F5+LvLOf4xEAD>4&<61
zB*tRMK3_<JJjl-xkhA5GXvvUy6_7h#kfNTDxpk0QYLG`~A*1DxN^X!Kevnk;13<V3
zR8$}VT_GJts$;<x<g_a!YZatwDkMcMB%~&!r#ob+Cgfs0<c=KDRtyPW3VEFi$)E;_
zQVW?ag5)SAi)0{Ad|?@~AZ^@X3tV6w(jYfgA=R=Vt+OFt6_ANlkW-$J8(xrj8L$g=
zunu~VY{`(GBFOz5ND^(x89&G)4_FRYNS$QZ4&9zuWCz*pNA5AmC3ncCbC5Qkkk!tR
z=Vu{HeIW&FA>GeFI-euor2>19207&h`KSZwo(_prNfy>YCi_4}>p|YjArCbnUDaVP
z#Hv_q1sUxHNu2`OssVd&8a6@|axfKA^ep7L3#7Fcq;v)>#2Ls|A6SPJ*qA)X)Otuh
zZOFS3um&0AJjupiCIkg-vCp5-hjO+<#96^v$ypF&0@*~I6`Ylv1v!s%R&Z8wMpyDF
zQj(vtg0qsdAm?$;$WM<$e#*$t`!hy<7UzuoEY2DES)4P;O+Mj@{FD`(k)O7apT#+o
z`pNO6e!|Gl;+&D6#W|Du>G+&U{j5J@41m=QtbW1@-d1uZ^|StrN&T!pW8~-k86!W7
zb0+n({yfgxc>d{rq@)WnM4T0zk)JKpkTa&&A9Dw(UjWnV4<_}KHog8N&fE0*lenD6
zIg|QXf5tdMpY>;~;B6&mQa_DzCiS!ajFF%BXN>$T&Y9HD`tvw%llsYivPr-q&I-=R
zPxm7~i*qLRljG_2r~PHTKVwoqjdLdT)A2cz`dNR*NTW~VoE4mvoJswxKVwoq>(7|f
z&-yba_0u?KQa|g@<Gf9;Kd+y-AQ4W4F!EDIe#)eN8s|*vCvAHD!N^bB?EWYHS)1Me
zh|77LGpV2TXN(5!N1C6qg142Nk)OpmBR_2;KV{@+an8uk;+#qS?ED!cKZ|ole%z0&
ze!|F4+sIED`B|JZ^0PQ+Qa|g@nAA_&q<+Grej4XY>Zftef*{~NWc3qP@V1gO^0PQ+
z<fm;?KRKS%&-yba^^-R8vpDLcan7WE8t04wa6j_v4_5Ft^3(mu&*GespSJ1s$MK|o
z)}Jw{pS0=qCviECb0+oEIA=i+a3AvP4_5HDk~8wNIA`RiZF>F5_yVpc?a!Fh&+}78
zeir9U>gV}c93x0re#*#C8TlzAKZ|oleir9U>Sz5Klln=UUVn0aavtYQ>Zfte0_x=X
zDJyte$r<@soHO#%Hog92eALVH^Zu+&uRqJr`?LL|ex9E)1|XYA#96@^`N<|ie##=w
z$WPn!`qP(98EuOM#-x61B2qtLQa@o4XHq|D<MoF!{=@x9^HWyvwvsdQvp8qur)_%u
z$@r+B^=FLyEY2DEd4C?~ZTk98`wO@qS^b2OpSF>oGO3@&Ig|QHo77Jj`B|JZ^0PQ+
zQa|g@nAFeuGZs)MjdNCTR&plwv;K@p{j5J@<mdevBR`9CCiS!aJkHzn^`D+U&Onu4
ze=zdXHu6&@_0u?KQa@?a>kmeL7UzuoEY6wK&-yba^|Str1=LC7oE4mvoJswxKVwoq
z>(3bZd4I;p&*Gd({j5Ka^ESQy^!x?fkNo<Bk)O7apE9YR#yOMvNt<4O+F!=v0%KA?
zjdLdTv;I8J+vMk;>_-~hhwSH{u!6UhoJswxKVwoqX_KFS!UF1~an8uk;+#qStUqHs
z|18cK`LW>}b~!6JBR@7VzyA@Jvo@)p?5EeC#042`v-@9+^Ji^#|C9ba&RM~k)KAAp
zojgBf1#c@kllp0#GpV2Fr%dW+{TY+`X`D0ivp8quXK~Ir3EYpYe!|F4+sIED`B|JZ
zsh=E2uRpJ!^_S88q<$LbOzNj`&ZK_UpE1(l{-pUSD|lPUnbgnvGbZ)3{)|cetUqH?
zKaF!H^|Ssw&fDz%7mJV|_andlVC1K5<flyPr*Y1te$uAbAB_Ag&Y9Ft<D8M7_h+o&
zZF>D_e*yO=tDmp}b+i7AN&Pg=nbc3?oJsvO&Y9HD`ZGp;-k&k@^Zq<82)GaV^=J8M
zTgms6`e~dqsh_mz^#_ysS%1c)ej4YD{JcMp^ESKxNq+(NBftJEKW!`deo{Y;b0+oE
z@i~+FS%1c)ej4YD{JcMp^ESQy$k+NiO2Xv**TJv<`8y;@onk?zDwg2Ylx&z($YZfY
zhR0;T4EymIo0wd2`iL-zp}~(un?1%cI9`?ZrTxfbIwr=Y`^h+DBgcHlI1f4&ADfJi
zC>@s`i{ohymiJ%h$IpwMXX}_W2RnC?o8;l=(K;46CyW;mJ93qJM}vD^l(~t&{^pSR
zlXTUxCS8esdD*1mN4G!JX+M9oE@!c3b(fA+lJxPB8L4)EUb~igcI};mw|DQm?QLge
zJ;26x;Gn^FLjr?>LqeyMg8pawKRp9t0WZ|#N-D@N#{I#d?>78a4=uZY*iQ~pkpKR+
zvE#%3Eks7a-~Ca+_Xh`b7y5x)w|*+NcsL$wT&CfFH>_zIBY0uOhA-M)_}?9m$#z1u
z@ms5uVxzGZekD&g{6Nxk<xNVibl-R(5G$kHvHB+hD|o!H3TZn3Yk#H!=`|M7K<te}
zJP_+E!V!()!|YYf!4JL&=M;~l!m)qGKa3PckHH5z`9E8%)Uv_|ozPQ+RT|M)`4frU
zQ5YqTk8JW?EQaQvk7@(yar_Xhi_*qXt!M6v5#oekdLA)<JI^_&C>E=X;&6sDkR=o?
zvRUC~|5yL<bU!(!wLUAX%xVSsUYy~0CqzV_p?G?16wW8&yR-VIJQg@I0U(<vR;G!t
z>May!L3)zPW3Z}<JaaR!(j^|p{QEu`)@I4@Zvf848f$w5tXCt?+rP$PS11JIMq=Dp
ztXFD%76m*z<edF@4swM^=GNzow8%40KBx5W&(ZhiK8QZo{un13Yi{P?d5-_C@_+7+
zVX-EMJjZ|U_n)8X*5{Zod7kZPA1721M{5eg8PCTv@PF%97u;QV-ulCjaT<@GvUf~~
zjF8O@jg1SBj&d-uwy-jhg+>KOhv0AAIhc$a>)zkaL>3nx7!?v25girkU@|{6&ct!J
zu9mKrePCQ%Xk<{td>Mv_igPfT6B{)&E;uYSGBB=xWO#6FbX@fG`2NAskwXLHA}!`x
zo5&&qqr#_$#>J2SJ|6~?$^K(7uaMBF`0)7oe>*1&D{@{@fsr_Yk@KBmVj{wW1LJYV
z7J)G_CYEf3_}Dpd@m^8WqyLNNGr)xQL+-fH;5o6#$=lcy8#;Rq&NDQ`KQ?@Bctq%o
z(76BNs5Y&m%CP-w9Jd7IAZP3oIyW>z7D4`ZFbRzFikcfeD>T+bHYeOEI5;#8Pvi8!
zh`3N*6dlC!AI_%r)GhyZ?)H}d@g(2?d&|}<)cOak$q(FrcWW>f@Re4=w*Qx7{&&ym
LfBOG_dj|d&SPE?d

literal 0
HcmV?d00001

diff --git a/bin/x86/Release/ufr-signer.exe.config b/bin/x86/Release/ufr-signer.exe.config
new file mode 100644
index 0000000..8324aa6
--- /dev/null
+++ b/bin/x86/Release/ufr-signer.exe.config
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6" />
+    </startup>
+</configuration>
\ No newline at end of file
diff --git a/digital-signature-verifier.csproj b/digital-signature-verifier.csproj
new file mode 100644
index 0000000..316840d
--- /dev/null
+++ b/digital-signature-verifier.csproj
@@ -0,0 +1,1625 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="14.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}</ProjectGuid>
+    <OutputType>WinExe</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>EcdsaTest</RootNamespace>
+    <AssemblyName>ufr-signer</AssemblyName>
+    <TargetFrameworkVersion>v4.6</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+    <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+    <PublishUrl>publish\</PublishUrl>
+    <Install>true</Install>
+    <InstallFrom>Disk</InstallFrom>
+    <UpdateEnabled>false</UpdateEnabled>
+    <UpdateMode>Foreground</UpdateMode>
+    <UpdateInterval>7</UpdateInterval>
+    <UpdateIntervalUnits>Days</UpdateIntervalUnits>
+    <UpdatePeriodically>false</UpdatePeriodically>
+    <UpdateRequired>false</UpdateRequired>
+    <MapFileExtensions>true</MapFileExtensions>
+    <ApplicationRevision>1</ApplicationRevision>
+    <ApplicationVersion>0.0.0.1</ApplicationVersion>
+    <IsWebBootstrapper>false</IsWebBootstrapper>
+    <UseApplicationTrust>false</UseApplicationTrust>
+    <BootstrapperEnabled>true</BootstrapperEnabled>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x64'">
+    <DebugSymbols>true</DebugSymbols>
+    <OutputPath>bin\x64\Debug\</OutputPath>
+    <DefineConstants>TRACE;DEBUG;WIN64</DefineConstants>
+    <DebugType>full</DebugType>
+    <PlatformTarget>x64</PlatformTarget>
+    <ErrorReport>prompt</ErrorReport>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>true</Prefer32Bit>
+    <NoWarn>
+    </NoWarn>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x64'">
+    <OutputPath>bin\x64\Release\</OutputPath>
+    <DefineConstants>TRACE;WIN64</DefineConstants>
+    <Optimize>true</Optimize>
+    <DebugType>pdbonly</DebugType>
+    <PlatformTarget>x64</PlatformTarget>
+    <ErrorReport>prompt</ErrorReport>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>true</Prefer32Bit>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Debug|x86'">
+    <DebugSymbols>true</DebugSymbols>
+    <OutputPath>bin\x86\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <DebugType>full</DebugType>
+    <PlatformTarget>x86</PlatformTarget>
+    <ErrorReport>prompt</ErrorReport>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>true</Prefer32Bit>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)' == 'Release|x86'">
+    <OutputPath>bin\x86\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <Optimize>true</Optimize>
+    <DebugType>pdbonly</DebugType>
+    <PlatformTarget>x86</PlatformTarget>
+    <ErrorReport>prompt</ErrorReport>
+    <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
+    <Prefer32Bit>true</Prefer32Bit>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Security" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Deployment" />
+    <Reference Include="System.Drawing" />
+    <Reference Include="System.Net.Http" />
+    <Reference Include="System.Windows.Forms" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="bc-sharp-crypto\bzip2\src\BZip2Constants.cs" />
+    <Compile Include="bc-sharp-crypto\bzip2\src\CBZip2InputStream.cs" />
+    <Compile Include="bc-sharp-crypto\bzip2\src\CBZip2OutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\bzip2\src\CRC.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\anssi\ANSSINamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\anssi\ANSSIObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Encodable.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1EncodableVector.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Exception.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1Generator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1InputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Null.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Object.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1OctetString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1OctetStringParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1OutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1ParsingException.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Sequence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1SequenceParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Set.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1SetParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1StreamParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1TaggedObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ASN1TaggedObjectParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\Asn1Tags.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\bc\BCObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerApplicationSpecific.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerApplicationSpecificParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERBitString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerNull.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerOctetString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BEROctetStringGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BEROctetStringParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerSequence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERSequenceGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERSequenceParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerSet.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERSetGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERSetParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BerTaggedObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\BERTaggedObjectParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CAKeyUpdAnnContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertConfirmContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertifiedKeyPair.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertOrEncCert.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertRepMessage.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertResponse.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CertStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\Challenge.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CmpCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CmpObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\CrlAnnContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\ErrorMsgContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\GenMsgContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\GenRepContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\InfoTypeAndValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\KeyRecRepContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\OobCertHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PbmParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIBody.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIConfirmContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIFailureInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIFreeText.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIHeader.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIHeaderBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIMessage.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIMessages.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PKIStatusInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PollRepContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PollReqContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PopoDecKeyChallContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\PopoDecKeyRespContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\ProtectedPart.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\RevAnnContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\RevDetails.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\RevRepContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\RevRepContentBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cmp\RevReqContent.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\Attribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\Attributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\AttributeTable.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\AuthenticatedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\AuthenticatedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\AuthEnvelopedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\AuthEnvelopedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\CMSAttributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\CMSObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\CompressedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\CompressedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\ContentInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\ContentInfoParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\ecc\MQVuserKeyingMaterial.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\EncryptedContentInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\EncryptedContentInfoParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\EncryptedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\EnvelopedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\EnvelopedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\Evidence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\IssuerAndSerialNumber.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\KEKIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\KEKRecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\KeyAgreeRecipientIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\KeyAgreeRecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\KeyTransRecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\MetaData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OriginatorIdentifierOrKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OriginatorInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OriginatorPublicKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OtherKeyAttribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OtherRecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\OtherRevocationInfoFormat.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\PasswordRecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\RecipientEncryptedKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\RecipientIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\RecipientInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\RecipientKeyIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\SCVPReqRes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\SignedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\SignedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\SignerIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\SignerInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\Time.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\TimeStampAndCRL.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\TimeStampedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\TimeStampedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cms\TimeStampTokenEvidence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ConstructedOctetStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\AttributeTypeAndValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertId.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertReqMessages.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertReqMsg.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertTemplate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CertTemplateBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\Controls.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\CrmfObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\EncKeyWithID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\EncryptedKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\EncryptedValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\OptionalValidity.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PKIArchiveOptions.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PKIPublicationInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PKMacValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PopoPrivKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PopoSigningKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\PopoSigningKeyInput.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\ProofOfPossession.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\SinglePubInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\crmf\SubsequentMessage.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\CryptoProObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\ECGOST3410NamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\ECGOST3410ParamSetParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\GOST28147Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\GOST3410NamedParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\GOST3410ParamSetParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\cryptopro\GOST3410PublicKeyAlgParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DefiniteLengthInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerApplicationSpecific.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerBitString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerBMPString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerBoolean.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerEnumerated.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERExternal.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERExternalParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerGeneralizedTime.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerGeneralString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerGraphicString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerIA5String.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerInteger.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerNull.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerNumericString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerObjectIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerOctetString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DEROctetStringParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerPrintableString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerSequence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERSequenceGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERSequenceParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerSet.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERSetGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DERSetParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerStringBase.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerT61String.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerTaggedObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerUniversalString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerUTCTime.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerUTF8String.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerVideotexString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\DerVisibleString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\eac\EACObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CertificateValues.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CommitmentTypeIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CommitmentTypeIndication.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CommitmentTypeQualifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CompleteCertificateRefs.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CompleteRevocationRefs.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CrlIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CrlListID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CrlOcspRef.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\CrlValidatedID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\ESFAttributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OcspIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OcspListID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OcspResponsesID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherCertID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherHashAlgAndValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherRevRefs.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherRevVals.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\OtherSigningCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\RevocationValues.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\SignaturePolicyId.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\SignaturePolicyIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\SignerAttribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\SignerLocation.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\esf\SigPolicyQualifierInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\ContentHints.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\ContentIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\ESSCertID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\ESSCertIDv2.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\OtherCertID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\OtherSigningCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\SigningCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ess\SigningCertificateV2.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\gm\GMNamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\gm\GMObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\gnu\GNUObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\iana\IANAObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\IAsn1ApplicationSpecificParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\IAsn1Choice.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\IAsn1Convertible.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\IAsn1String.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\icao\CscaMasterList.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\icao\DataGroupHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\icao\ICAOObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\icao\LDSSecurityObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\icao\LDSVersionInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\IndefiniteLengthInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\ISISMTTObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\ocsp\CertHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\ocsp\RequestedCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\AdditionalInformationSyntax.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\Admissions.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\AdmissionSyntax.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\DeclarationOfMajority.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\MonetaryLimit.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\NamingAuthority.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\ProcurationSyntax.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\ProfessionInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\isismtt\x509\Restriction.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\kisa\KISAObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\LazyASN1InputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\LazyDERSequence.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\LazyDERSet.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\LimitedInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\microsoft\MicrosoftObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\CAST5CBCParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\IDEACBCPar.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\MiscObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\NetscapeCertType.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\NetscapeRevocationURL.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\misc\VerisignCzagExtension.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\mozilla\PublicKeyAndChallenge.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\nist\NISTNamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\nist\NISTObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ntt\NTTObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\BasicOCSPResponse.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\CertID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\CertStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\CrlID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\OCSPObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\OCSPRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\OCSPResponse.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\OCSPResponseStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\Request.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\ResponderID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\ResponseBytes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\ResponseData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\RevokedInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\ServiceLocator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\Signature.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\SingleResponse.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\ocsp\TBSRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\OidTokenizer.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\oiw\ElGamalParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\oiw\OIWObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\Attribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\AuthenticatedSafe.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\CertBag.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\CertificationRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\CertificationRequestInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\ContentInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\DHParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\EncryptedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\EncryptedPrivateKeyInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\EncryptionScheme.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\IssuerAndSerialNumber.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\KeyDerivationFunc.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\MacData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PBEParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PBES2Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PBKDF2Params.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\Pfx.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PKCS12PBEParams.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PKCSObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\PrivateKeyInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\RC2CBCParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\RSAESOAEPparams.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\RSAPrivateKeyStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\RSASSAPSSparams.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\SafeBag.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\SignedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\pkcs\SignerInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\sec\ECPrivateKeyStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\sec\SECNamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\sec\SECObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMEAttributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMECapabilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMECapabilitiesAttribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMECapability.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMECapabilityVector.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\smime\SMIMEEncryptionKeyPreferenceAttribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\teletrust\TeleTrusTNamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\teletrust\TeleTrusTObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\tsp\Accuracy.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\tsp\MessageImprint.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\tsp\TimeStampReq.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\tsp\TimeStampResp.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\tsp\TSTInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\util\Asn1Dump.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\util\Dump.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\util\FilterStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x500\DirectoryString.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AccessDescription.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AlgorithmIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AttCertIssuer.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AttCertValidityPeriod.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\Attribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AttributeCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AttributeCertificateInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AttributeTable.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AuthorityInformationAccess.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\AuthorityKeyIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\BasicConstraints.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CertificateList.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CertificatePair.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CertificatePolicies.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CertPolicyId.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CRLDistPoint.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CRLNumber.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\CRLReason.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\DigestInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\DisplayText.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\DistributionPoint.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\DistributionPointName.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\DSAParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\ExtendedKeyUsage.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\GeneralName.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\GeneralNames.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\GeneralSubtree.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\Holder.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\IetfAttrSyntax.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\IssuerSerial.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\IssuingDistributionPoint.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\KeyPurposeId.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\KeyUsage.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\NameConstraints.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\NoticeReference.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\ObjectDigestInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\PolicyInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\PolicyMappings.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\PolicyQualifierId.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\PolicyQualifierInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\PrivateKeyUsagePeriod.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\BiometricData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\ETSIQCObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\Iso4217CurrencyCode.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\MonetaryValue.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\QCStatement.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\RFC3739QCObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\SemanticsInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\qualified\TypeOfBiometricData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\ReasonFlags.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\RoleSyntax.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\RSAPublicKeyStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\sigi\NameOrPseudonym.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\sigi\PersonalData.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\sigi\SigIObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\SubjectDirectoryAttributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\SubjectKeyIdentifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\SubjectPublicKeyInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\Target.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\TargetInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\Targets.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\TBSCertificateStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\TBSCertList.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\Time.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\UserNotice.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\V1TBSCertificateGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\V2AttributeCertificateInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\V2Form.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\V2TBSCertListGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\V3TBSCertificateGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509Attributes.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509CertificateStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509DefaultEntryConverter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509Extension.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509Extensions.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509ExtensionsGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509Name.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509NameEntryConverter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509NameTokenizer.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x509\X509ObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\DHDomainParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\DHPublicKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\DHValidationParms.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\ECNamedCurveTable.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\KeySpecificInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\OtherInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X962NamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X962Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9ECParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9ECParametersHolder.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9ECPoint.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9FieldID.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9IntegerConverter.cs" />
+    <Compile Include="bc-sharp-crypto\src\asn1\x9\X9ObjectIdentifiers.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ArmoredInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ArmoredOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\attr\ImageAttrib.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\BcpgInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\BcpgObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\BcpgOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\CompressedDataPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\CompressionAlgorithmTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ContainedPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\Crc24.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\DsaPublicBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\DsaSecretBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ECDHPublicBCPGKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ECDsaPublicBCPGKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ECPublicBCPGKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ECSecretBCPGKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ElGamalPublicBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ElGamalSecretBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ExperimentalPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\HashAlgorithmTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\IBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\InputStreamPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\LiteralDataPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\MarkerPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\ModDetectionCodePacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\MPInteger.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\OnePassSignaturePacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\OutputStreamPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\Packet.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\PacketTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\PublicKeyAlgorithmTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\PublicKeyEncSessionPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\PublicKeyPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\PublicSubkeyPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\RsaPublicBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\RsaSecretBcpgKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\S2k.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SecretKeyPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SecretSubkeyPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SignaturePacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SignatureSubpacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SignatureSubpacketsReader.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SignatureSubpacketTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\EmbeddedSignature.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\Exportable.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\Features.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\IssuerKeyId.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\KeyExpirationTime.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\KeyFlags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\NotationData.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\PreferredAlgorithms.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\PrimaryUserId.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\Revocable.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\RevocationKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\RevocationKeyTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\RevocationReason.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\RevocationReasonTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\SignatureCreationTime.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\SignatureExpirationTime.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\SignerUserId.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\sig\TrustSignature.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SymmetricEncDataPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SymmetricEncIntegrityPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SymmetricKeyAlgorithmTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\SymmetricKeyEncSessionPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\TrustPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\UserAttributePacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\UserAttributeSubpacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\UserAttributeSubpacketsReader.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\UserAttributeSubpacketTags.cs" />
+    <Compile Include="bc-sharp-crypto\src\bcpg\UserIdPacket.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\BaseDigestCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAttributeTableGenerationException.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAttributeTableGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthenticatedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthenticatedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthenticatedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthenticatedDataStreamGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthenticatedGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthEnvelopedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSAuthEnvelopedGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSCompressedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSCompressedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSCompressedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSCompressedDataStreamGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSContentInfoParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedDataStreamGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSEnvelopedHelper.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSException.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSPBEKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSProcessable.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSProcessableByteArray.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSProcessableFile.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSProcessableInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSReadable.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSecureReadable.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedDataParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedDataStreamGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSSignedHelper.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSStreamException.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSTypedStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CMSUtils.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\CounterSignatureDigestCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\DefaultAuthenticatedAttributeTableGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\DefaultSignedAttributeTableGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\DigOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\IDigestCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KEKRecipientInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KEKRecipientInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KeyAgreeRecipientInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KeyAgreeRecipientInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KeyTransRecipientInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\KeyTransRecipientInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\MacOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\OriginatorId.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\OriginatorInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\OriginatorInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\PasswordRecipientInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\PasswordRecipientInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\PKCS5Scheme2PBEKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\PKCS5Scheme2UTF8PBEKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\RecipientId.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\RecipientInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\RecipientInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\RecipientInformationStore.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SignerId.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SignerInfoGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SignerInformation.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SignerInformationStore.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SigOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\cms\SimpleAttributeTableGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\DHAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\DHBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\DHStandardGroups.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\ECDHBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\ECDHCBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\ECDHWithKdfBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\ECMqvBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\ECMqvWithKdfBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakeParticipant.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakePrimeOrderGroup.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakePrimeOrderGroups.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakeRound1Payload.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakeRound2Payload.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakeRound3Payload.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\jpake\JPakeUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\kdf\DHKdfParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\kdf\DHKekGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\kdf\ECDHKekGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\srp\SRP6Client.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\srp\SRP6Server.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\srp\SRP6StandardGroups.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\srp\SRP6Utilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\agreement\srp\SRP6VerifierGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\AsymmetricCipherKeyPair.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\AsymmetricKeyParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedAeadBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedAsymmetricBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedCipherBase.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedIesCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\BufferedStreamCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\Check.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\CipherKeyGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\CryptoException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\DataLengthException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\DSTU7564Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\GeneralDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\GOST3411Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\GOST3411_2012Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\GOST3411_2012_256Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\GOST3411_2012_512Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\KeccakDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\LongDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\MD2Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\MD4Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\MD5Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\NonMemoableDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\NullDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\RipeMD128Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\RipeMD160Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\RipeMD256Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\RipeMD320Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha1Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha224Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha256Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha384Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\SHA3Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha512Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\Sha512tDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\ShakeDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\ShortenedDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\SkeinDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\SkeinEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\SM3Digest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\TigerDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\digests\WhirlpoolDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\ec\CustomNamedCurves.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\encodings\ISO9796d1Encoding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\encodings\OaepEncoding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\encodings\Pkcs1Encoding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\AesEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\AesFastEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\AesLightEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\AesWrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\BlowfishEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\CamelliaEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\CamelliaLightEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\CamelliaWrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\Cast5Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\Cast6Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\ChaCha7539Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\ChaChaEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\DesEdeEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\DesEdeWrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\DesEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\Dstu7624Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\Dstu7624WrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\ElGamalEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\GOST28147Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\HC128Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\HC256Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\IdeaEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\IesEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\ISAACEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\NaccacheSternEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\NoekeonEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\NullEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC2Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC2WrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC4Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC532Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC564Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RC6Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RFC3211WrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RFC3394WrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RijndaelEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RSABlindedEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RSABlindingEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RSACoreEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\RsaEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\Salsa20Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\SEEDEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\SEEDWrapEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\SerpentEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\SerpentEngineBase.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\SkipjackEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\TEAEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\ThreefishEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\TnepresEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\TwofishEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\VMPCEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\VMPCKSA3Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\XSalsa20Engine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\engines\XTEAEngine.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\BaseKdfBytesGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\BCrypt.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DesEdeKeyGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DesKeyGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DHBasicKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DHKeyGeneratorHelper.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DHKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DHParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DHParametersHelper.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DsaKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\DsaParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\ECKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\ElGamalKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\ElGamalParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\GOST3410KeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\GOST3410ParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\HKDFBytesGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Kdf1BytesGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Kdf2BytesGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Mgf1BytesGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\NaccacheSternKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\OpenBsdBCrypt.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\OpenSSLPBEParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Pkcs12ParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Pkcs5S1ParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Pkcs5S2ParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\Poly1305KeyGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\RSABlindingFactorGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\RsaKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\generators\SCrypt.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IAsymmetricBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IAsymmetricCipherKeyPairGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IBasicAgreement.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IBlockResult.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IBufferedCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\ICipherParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IDerivationFunction.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IDerivationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IDigest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IDSA.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IEntropySource.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IEntropySourceProvider.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\InvalidCipherTextException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\io\CipherStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\io\DigestStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\io\MacStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\io\SignerStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\ISignatureFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\ISigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\ISignerWithRecovery.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IStreamCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IStreamCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IVerifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IVerifierFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IVerifierFactoryProvider.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IWrapper.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\IXof.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\KeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\CbcBlockCipherMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\CfbBlockCipherMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\CMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\DSTU7564Mac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\DSTU7624Mac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\GMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\GOST28147Mac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\HMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\ISO9797Alg3Mac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\Poly1305.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\SipHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\SkeinMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\macs\VMPCMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\MaxBytesExceededException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\CbcBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\CcmBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\CfbBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\CtsBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\EAXBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\GCMBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\BasicGcmExponentiator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\BasicGcmMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\GcmUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\IGcmExponentiator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\IGcmMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\Tables1kGcmExponentiator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\Tables64kGcmMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\gcm\Tables8kGcmMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\GOFBBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\IAeadBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\KCcmBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\KCtrBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\OCBBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\OfbBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\OpenPgpCfbBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\modes\SicBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\operators\Asn1Signature.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\OutputLengthException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\BlockCipherPadding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\ISO10126d2Padding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\ISO7816d4Padding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\PaddedBufferedBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\Pkcs7Padding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\TbcPadding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\X923Padding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\paddings\ZeroBytePadding.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\AEADParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\CcmParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DesEdeParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DesParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHPrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHPublicKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DHValidationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DSAParameterGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaPrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaPublicKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\DsaValidationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ECDomainParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ECKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ECKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ECPrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ECPublicKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ElGamalKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ElGamalKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ElGamalParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ElGamalPrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ElGamalPublicKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410KeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410KeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410PrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410PublicKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\GOST3410ValidationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\HKDFParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\IesParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\IesWithCipherParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ISO18033KDFParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\KdfParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\KeyParameter.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\MgfParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\MqvPrivateParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\MqvPublicParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\NaccacheSternKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\NaccacheSternKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\NaccacheSternPrivateKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ParametersWithIV.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ParametersWithRandom.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ParametersWithSalt.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\ParametersWithSBox.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RC2Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RC5Parameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RSABlindingParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RsaKeyGenerationParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RsaKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\RsaPrivateCrtKeyParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\SkeinParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\Srp6GroupParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\parameters\TweakableBlockCipherParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\PbeParametersGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\BasicEntropySourceProvider.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\CryptoApiEntropySourceProvider.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\CryptoApiRandomGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\DigestRandomGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\drbg\CtrSP800Drbg.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\drbg\DrbgUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\drbg\HashSP800Drbg.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\drbg\HMacSP800Drbg.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\drbg\ISP80090Drbg.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\EntropyUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\IDrbgProvider.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\IRandomGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\ReversedWindowGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\SP800SecureRandom.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\SP800SecureRandomBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\ThreadedSeedGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\VMPCRandomGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\X931Rng.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\X931SecureRandom.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\prng\X931SecureRandomBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\DsaDigestSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\DsaSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\ECDsaSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\ECGOST3410Signer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\ECNRSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\GenericSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\GOST3410DigestSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\GOST3410Signer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\HMacDsaKCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\IDsaKCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\Iso9796d2PssSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\Iso9796d2Signer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\IsoTrailers.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\PssSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\RandomDsaKCalculator.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\RsaDigestSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\signers\X931Signer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\StreamBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsAgreementCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsCipherFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsClient.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsContext.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsEncryptionCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsPeer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsServer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AbstractTlsSignerCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AlertDescription.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\AlertLevel.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\BasicTlsPskIdentity.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\BulkCipherAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ByteQueue.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ByteQueueStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertChainType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\Certificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateStatusRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateStatusType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CertificateUrl.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\Chacha20Poly1305.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ChangeCipherSpec.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CipherSuite.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CipherType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ClientAuthenticationType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ClientCertificateType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CombinedHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\CompressionMethod.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ConnectionEnd.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ContentType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DatagramTransport.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsAgreementCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsCipherFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsClient.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsEncryptionCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsServer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsSignerCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DefaultTlsSrpGroupVerifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DeferredHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DigestInputBuffer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DigitallySigned.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsClientProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsEpoch.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsHandshakeRetransmit.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsReassembler.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsRecordLayer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsReliableHandshake.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsReplayWindow.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsServerProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\DtlsTransport.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ECBasisType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ECCurveType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ECPointFormat.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\EncryptionAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ExporterLabel.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ExtensionType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\FiniteFieldDheGroup.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HandshakeType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HashAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HeartbeatExtension.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HeartbeatMessage.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HeartbeatMessageType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\HeartbeatMode.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\KeyExchangeAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\MacAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\MaxFragmentLength.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\NamedCurve.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\NameType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\NewSessionTicket.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\OcspStatusRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\PrfAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ProtocolVersion.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\PskTlsClient.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\PskTlsServer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\RecordStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SecurityParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ServerDHParams.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ServerName.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ServerNameList.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ServerOnlyTlsAuthentication.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\ServerSrpParams.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SessionParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SignatureAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SignatureAndHashAlgorithm.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SignerInputBuffer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SimulatedTlsSrpIdentityManager.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SrpTlsClient.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SrpTlsServer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SrtpProtectionProfile.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\Ssl3Mac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SupplementalDataEntry.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\SupplementalDataType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsAeadCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsAgreementCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsAuthentication.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsBlockCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsCipherFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsClient.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsClientContext.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsClientContextImpl.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsClientProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsCompression.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsContext.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDeflateCompression.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDheKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDHKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDHUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDsaSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsDssSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsEccUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsECDheKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsECDHKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsECDsaSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsEncryptionCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsExtensionsUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsFatalAlert.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsFatalAlertReceived.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsHandshakeHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsMac.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsNoCloseNotifyException.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsNullCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsNullCompression.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsPeer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsProtocolHandler.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsPskIdentity.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsPskIdentityManager.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsPskKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsRsaKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsRsaSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsRsaUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsServer.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsServerContext.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsServerContextImpl.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsServerProtocol.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSession.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSessionImpl.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSigner.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSignerCredentials.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrpGroupVerifier.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrpIdentityManager.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrpKeyExchange.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrpLoginParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrpUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsSrtpUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsStreamCipher.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\TlsUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\UrlAndHash.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\UserMappingType.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\tls\UseSrtpData.cs" />
+    <Compile Include="bc-sharp-crypto\src\crypto\util\Pack.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\BigInteger.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\abc\SimpleBigDecimal.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\abc\Tnaf.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\abc\ZTauElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\djb\Curve25519.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\djb\Curve25519Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\djb\Curve25519FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\djb\Curve25519Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\gm\SM2P256V1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\gm\SM2P256V1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\gm\SM2P256V1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\gm\SM2P256V1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP128R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP128R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP128R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP128R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R2Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R2Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R2FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP160R2Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192K1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192K1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP192R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224K1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224K1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP224R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256K1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256K1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP256R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP384R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP384R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP384R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP384R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP521R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP521R1Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP521R1FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecP521R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113R2Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT113R2Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131R2Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT131R2Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163R2Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT163R2Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193R2Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT193R2Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT233R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT239Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT239FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT239K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT239K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT283R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT409R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571Field.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571FieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571K1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571K1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571R1Curve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\custom\sec\SecT571R1Point.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ECAlgorithms.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ECCurve.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ECFieldElement.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ECPoint.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ECPointMap.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\endo\ECEndomorphism.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\endo\GlvEndomorphism.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\endo\GlvTypeBEndomorphism.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\endo\GlvTypeBParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\LongArray.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\AbstractECMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\DoubleAddMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\ECMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\FixedPointCombMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\FixedPointPreCompInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\FixedPointUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\GlvMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\MixedNafR2LMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\MontgomeryLadderMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\NafL2RMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\NafR2LMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\PreCompInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\ReferenceMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\WNafL2RMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\WNafPreCompInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\WNafUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\WTauNafMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\WTauNafPreCompInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\ZSignedDigitL2RMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\multiplier\ZSignedDigitR2LMultiplier.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ScaleXPointMap.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\ec\ScaleYPointMap.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\FiniteFields.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\GenericPolynomialExtensionField.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\GF2Polynomial.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\IExtensionField.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\IFiniteField.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\IPolynomial.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\IPolynomialExtensionField.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\field\PrimeField.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\Primes.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Interleave.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Mod.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat128.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat160.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat192.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat224.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat256.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat320.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat384.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat448.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat512.cs" />
+    <Compile Include="bc-sharp-crypto\src\math\raw\Nat576.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\BasicOCSPResp.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\BasicOCSPRespGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\CertificateID.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\CertificateStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPException.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPReq.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPReqGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPResp.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPRespGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPRespStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\OCSPUtil.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\Req.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\RespData.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\RespID.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\RevokedStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\SingleResp.cs" />
+    <Compile Include="bc-sharp-crypto\src\ocsp\UnknownStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\IStreamGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpCompressedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpCompressedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpDataValidationException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpEncryptedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpEncryptedDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpEncryptedDataList.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpExperimental.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpKeyFlags.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpKeyPair.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PGPKeyRing.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpKeyRingGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpKeyValidationException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpLiteralData.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpLiteralDataGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpMarker.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PGPObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpObjectFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpOnePassSignature.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpOnePassSignatureList.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPad.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPbeEncryptedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPrivateKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPublicKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPublicKeyEncryptedData.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPublicKeyRing.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpPublicKeyRingBundle.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSecretKey.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSecretKeyRing.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSecretKeyRingBundle.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSignature.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSignatureGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSignatureList.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSignatureSubpacketGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpSignatureSubpacketVector.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpUserAttributeSubpacketVector.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PGPUserAttributeSubpacketVectorGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\PgpV3SignatureGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\Rfc6637Utilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\SXprUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\openpgp\WrappedGeneratorStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\EncryptionException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\IPasswordFinder.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\MiscPemGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\PasswordException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\PEMException.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\PEMReader.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\PEMUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\PEMWriter.cs" />
+    <Compile Include="bc-sharp-crypto\src\openssl\Pkcs8Generator.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\AsymmetricKeyEntry.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\EncryptedPrivateKeyInfoFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\Pkcs10CertificationRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\Pkcs10CertificationRequestDelaySigned.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\Pkcs12Entry.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\Pkcs12Store.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\PKCS12StoreBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\Pkcs12Utilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\PrivateKeyInfoFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkcs\X509CertificateEntry.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\CertStatus.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixAttrCertChecker.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixAttrCertPathBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixAttrCertPathValidator.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixBuilderParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPath.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathBuilder.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathBuilderException.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathBuilderResult.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathChecker.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathValidator.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathValidatorException.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathValidatorResult.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCertPathValidatorUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixCrlUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixNameConstraintValidator.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixNameConstraintValidatorException.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\PkixPolicyNode.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\ReasonsMask.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\Rfc3280CertPathUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\Rfc3281CertPathUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\pkix\TrustAnchor.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\AgreementUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CertificateEncodingException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CertificateException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CertificateExpiredException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CertificateNotYetValidException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CertificateParsingException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\cert\CrlException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\CipherUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\DigestUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\DotNetUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\GeneralSecurityException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\GeneratorUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\InvalidKeyException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\InvalidParameterException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\KeyException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\MacUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\NoSuchAlgorithmException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\ParameterUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\PbeUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\PrivateKeyFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\PublicKeyFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\SecureRandom.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\SecurityUtilityException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\SignatureException.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\SignerUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\security\WrapperUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\GenTimeAccuracy.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampRequest.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampRequestGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampResponse.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampResponseGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampToken.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampTokenGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TimeStampTokenInfo.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TSPAlgorithms.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TSPException.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TSPUtil.cs" />
+    <Compile Include="bc-sharp-crypto\src\tsp\TSPValidationException.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Arrays.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\BigIntegers.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\CollectionUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\EmptyEnumerable.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\EnumerableProxy.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\HashSet.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\ISet.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\LinkedDictionary.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableDictionary.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableDictionaryProxy.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableList.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableListProxy.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableSet.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\collections\UnmodifiableSetProxy.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\date\DateTimeObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\date\DateTimeUtilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\Base64.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\Base64Encoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\BufferedDecoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\BufferedEncoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\Hex.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\HexEncoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\HexTranslator.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\IEncoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\Translator.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\UrlBase64.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\encoders\UrlBase64Encoder.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Enums.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\IMemoable.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Integers.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\BaseInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\BaseOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\FilterStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\NullOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemGenerationException.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemHeader.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemObject.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemObjectGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemObjectParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemReader.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\pem\PemWriter.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\PushbackStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\StreamOverflowException.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\Streams.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\TeeInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\io\TeeOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\MemoableResetException.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\net\IPAddress.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Platform.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Strings.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\Times.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\TypeExtensions.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\Adler32.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\Deflate.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\InfBlocks.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\InfCodes.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\Inflate.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\InfTree.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\JZlib.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\StaticTree.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\Tree.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\ZDeflaterOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\ZInflaterInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\ZInputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\ZOutputStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\util\zlib\ZStream.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\AttributeCertificateHolder.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\AttributeCertificateIssuer.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\extension\AuthorityKeyIdentifierStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\extension\SubjectKeyIdentifierStructure.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\extension\X509ExtensionUtil.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\IX509AttributeCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\IX509Extension.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\PEMParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\PrincipalUtil.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\IX509Selector.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\IX509Store.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\IX509StoreParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\NoSuchStoreException.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509AttrCertStoreSelector.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509CertPairStoreSelector.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509CertStoreSelector.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509CollectionStore.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509CollectionStoreParameters.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509CrlStoreSelector.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509StoreException.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\store\X509StoreFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\SubjectPublicKeyInfoFactory.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509AttrCertParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509Attribute.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509Certificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509CertificatePair.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509CertificateParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509CertPairParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509Crl.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509CrlEntry.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509CrlParser.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509ExtensionBase.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509KeyUsage.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509SignatureUtil.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509Utilities.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509V1CertificateGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509V2AttributeCertificate.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509V2AttributeCertificateGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509V2CRLGenerator.cs" />
+    <Compile Include="bc-sharp-crypto\src\x509\X509V3CertificateGenerator.cs" />
+    <Compile Include="frmMain.cs">
+      <SubType>Form</SubType>
+    </Compile>
+    <Compile Include="frmMain.designer.cs">
+      <DependentUpon>frmMain.cs</DependentUpon>
+    </Compile>
+    <Compile Include="frmPassword.cs">
+      <SubType>Form</SubType>
+    </Compile>
+    <Compile Include="frmPassword.designer.cs">
+      <DependentUpon>frmPassword.cs</DependentUpon>
+    </Compile>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <EmbeddedResource Include="frmMain.resx">
+      <DependentUpon>frmMain.cs</DependentUpon>
+    </EmbeddedResource>
+    <EmbeddedResource Include="frmPassword.resx">
+      <DependentUpon>frmPassword.cs</DependentUpon>
+    </EmbeddedResource>
+    <EmbeddedResource Include="Properties\Resources.resx">
+      <Generator>ResXFileCodeGenerator</Generator>
+      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
+      <SubType>Designer</SubType>
+    </EmbeddedResource>
+    <Compile Include="Properties\Resources.Designer.cs">
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Resources.resx</DependentUpon>
+      <DesignTime>True</DesignTime>
+    </Compile>
+    <None Include="ClassDiagram1.cd" />
+    <None Include="Properties\Settings.settings">
+      <Generator>SettingsSingleFileGenerator</Generator>
+      <LastGenOutput>Settings.Designer.cs</LastGenOutput>
+    </None>
+    <Compile Include="Properties\Settings.Designer.cs">
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Settings.settings</DependentUpon>
+      <DesignTimeSharedInput>True</DesignTimeSharedInput>
+    </Compile>
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+  </ItemGroup>
+  <ItemGroup>
+    <BootstrapperPackage Include=".NETFramework,Version=v4.6">
+      <Visible>False</Visible>
+      <ProductName>Microsoft .NET Framework 4.6 %28x86 and x64%29</ProductName>
+      <Install>true</Install>
+    </BootstrapperPackage>
+    <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
+      <Visible>False</Visible>
+      <ProductName>.NET Framework 3.5 SP1</ProductName>
+      <Install>false</Install>
+    </BootstrapperPackage>
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>
\ No newline at end of file
diff --git a/digital-signature-verifier.sln b/digital-signature-verifier.sln
new file mode 100644
index 0000000..b1266c4
--- /dev/null
+++ b/digital-signature-verifier.sln
@@ -0,0 +1,32 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 14
+VisualStudioVersion = 14.0.23107.0
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "digital-signature-verifier", "digital-signature-verifier.csproj", "{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|Any CPU = Release|Any CPU
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Debug|Any CPU.ActiveCfg = Debug|x86
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Debug|x64.ActiveCfg = Debug|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Debug|x64.Build.0 = Debug|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Debug|x86.ActiveCfg = Debug|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Debug|x86.Build.0 = Debug|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Release|Any CPU.ActiveCfg = Release|x86
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Release|x64.ActiveCfg = Release|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Release|x64.Build.0 = Release|x64
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Release|x86.ActiveCfg = Release|x86
+		{0D346CC0-83C5-4117-B2E6-2A33686B3FC0}.Release|x86.Build.0 = Release|x86
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal
diff --git a/frmMain.cs b/frmMain.cs
new file mode 100644
index 0000000..b7973ef
--- /dev/null
+++ b/frmMain.cs
@@ -0,0 +1,1304 @@
+using System;
+using System.IO;
+using System.Text;
+using System.Xml;
+using System.Linq;
+using System.Drawing;
+using System.Windows.Forms;
+using System.ComponentModel;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using System.Security.Cryptography.Xml;
+using Org.BouncyCastle.Math;
+using Org.BouncyCastle.Math.EC;
+using Org.BouncyCastle.OpenSsl;
+using Org.BouncyCastle.X509;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.X9;
+using Org.BouncyCastle.Asn1.Sec;
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Utilities.Encoders;
+
+namespace SignatureVerifier
+{
+    public partial class frmMain : Form
+    {
+        ECPrivateKeyParameters mPrivateKey;
+        X9ECParameters mECCurve;
+
+        public frmMain()
+        {
+            InitializeComponent();
+        }
+
+        private void frmMain_Load(object sender, EventArgs e)
+        {
+            Text = this.Text + " v" + System.Reflection.Assembly.GetExecutingAssembly().GetName().Version.ToString();
+
+            cbRSAKeyLength.SelectedIndex = 8;
+
+            cbECName.SelectedIndex = 0;
+            cbECKeyLength.SelectedIndex = 0;
+
+            cbDigest.SelectedIndex = 0;
+            cbCipher.SelectedIndex = 0;
+
+            //Oid o = new Oid("1.2.840.10045.2.1");
+            //MessageBox.Show(o.FriendlyName);
+        }
+
+        private void llbDLogicURL_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
+        {
+            System.Diagnostics.Process.Start("http://www.d-logic.net/nfc-rfid-reader-sdk/");
+        }
+
+        private byte[] zeroPadArray(byte[] theArray, byte paddingVal, Int32 paddingSize)
+        {
+            byte[] newArray = new byte[theArray.Length + paddingSize];
+            for (UInt32 i = 0; i < paddingSize; i++)
+            {
+                newArray[i] = paddingVal;
+            }
+            theArray.CopyTo(newArray, paddingSize);
+            return newArray;
+        }
+
+        //======================================================================================================================
+        // RSA Keys page:
+        //======================================================================================================================
+        private void btnRSAImportP12_Click(object sender, EventArgs e)
+        {
+            OpenFileDialog dialog = new OpenFileDialog();
+            dialog.Filter = "PKCS#12 files (*.p12;*.pfx)|*.p12;*.pfx|All files (*.*)|*.*";
+            //dialog.InitialDirectory = @"C:\";
+            dialog.Title = "Please select the cert file";
+
+            Asn1InputStream decoder = null;
+
+            if (dialog.ShowDialog() == DialogResult.OK)
+            {
+                frmPassword dlgPasswd = new frmPassword();
+                if (dlgPasswd.ShowDialog() == DialogResult.OK)
+                {
+                    try
+                    {
+                        // Load your certificate from p12 file
+                        X509Certificate2 certificate = new X509Certificate2(dialog.FileName, dlgPasswd.password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
+                        //RSACryptoServiceProvider pub_key = (RSACryptoServiceProvider)certificate.PublicKey.Key;
+                        PublicKey pub_key = certificate.PublicKey;
+                        //certificate.Dispose(); ToDo: See if needed
+
+                        if (!pub_key.EncodedKeyValue.Oid.FriendlyName.Equals("RSA"))
+                        {
+                            MessageBox.Show("Selected cert. file doesn't contain RSA public key.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                            return;
+                        }
+
+                        Int32 key_len = cbRSAKeyLength.FindStringExact(pub_key.Key.KeySize.ToString());
+                        if (key_len < 0)
+                        {
+                            MessageBox.Show("Unsupported key length of " + pub_key.Key.KeySize + "bytes.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                        }
+                        cbRSAKeyLength.SelectedIndex = key_len;
+                        key_len = pub_key.Key.KeySize;
+
+                        decoder = new Asn1InputStream(new MemoryStream(pub_key.EncodedKeyValue.RawData));
+                        DerSequence seq = (DerSequence)decoder.ReadObject();
+                        DerInteger rr = (DerInteger)seq[0];
+                        DerInteger ss = (DerInteger)seq[1];
+                        byte[] br = rr.PositiveValue.ToByteArray();
+                        byte[] bs = ss.PositiveValue.ToByteArray();
+                        
+                        // Remove leading zeros:
+                        while (br[0] == 0 && br.Length > key_len / 8)
+                        {
+                            br = br.Skip(1).ToArray();
+                        }
+                        while (bs[0] == 0 && br.Length > 0)
+                        {
+                            bs = br.Skip(1).ToArray();
+                        }
+                        tbRSAModulus.Text = BitConverter.ToString(br).Replace("-", "");
+                        tbRSAPubExp.Text = BitConverter.ToString(bs).Replace("-", "");
+                    }
+                    catch (Exception ex)
+                    {
+                        MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                    }
+                    finally
+                    {
+                        if (decoder != null)
+                            decoder.Close();
+                    }
+                }
+            }
+        }
+
+        private void btnRSAImportPem_Click(object sender, EventArgs e)
+        {
+            Int32 key_len, key_idx;
+            byte[] modulus;
+            byte[] exponent;
+            OpenFileDialog dialog = new OpenFileDialog();
+            dialog.Filter = "PEM files (*.pem;*.crt;*.cer)|*.pem;*.crt;*.cer|All files (*.*)|*.*";
+            //dialog.InitialDirectory = @"C:\";
+            dialog.Title = "Please select the PEM file";
+
+            if (dialog.ShowDialog() == DialogResult.OK)
+            {
+                try
+                {
+                    // Load your certificate from PEM file
+                    TextReader fileStream = System.IO.File.OpenText(dialog.FileName);
+                    PemReader pemReader = new Org.BouncyCastle.OpenSsl.PemReader(fileStream);
+                    object KeyParameter = pemReader.ReadObject();
+
+                    if (KeyParameter.GetType() == typeof(Org.BouncyCastle.X509.X509Certificate))
+                    {
+                        // Load your certificate:
+                        X509Certificate2 certificate = new X509Certificate2(dialog.FileName);
+                        KeyParameter = Org.BouncyCastle.Security.DotNetUtilities.GetRsaPublicKey(certificate.GetRSAPublicKey());
+                        //certificate.Dispose(); ToDo: See if needed
+                    }
+
+                    if (KeyParameter.GetType() == typeof(Org.BouncyCastle.Crypto.Parameters.RsaPrivateCrtKeyParameters))
+                    {
+                        key_len = ((RsaPrivateCrtKeyParameters)KeyParameter).Modulus.BitLength;
+                        modulus = ((RsaPrivateCrtKeyParameters)KeyParameter).Modulus.ToByteArray();
+                        exponent = ((RsaPrivateCrtKeyParameters)KeyParameter).PublicExponent.ToByteArray();
+                    }
+                    else if (KeyParameter.GetType() == typeof(Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair))
+                    {
+                        key_len = ((RsaKeyParameters)((AsymmetricCipherKeyPair)KeyParameter).Public).Modulus.BitLength;
+                        modulus = ((RsaKeyParameters)((AsymmetricCipherKeyPair)KeyParameter).Public).Modulus.ToByteArray();
+                        exponent = ((RsaKeyParameters)((AsymmetricCipherKeyPair)KeyParameter).Public).Exponent.ToByteArray();
+                    }
+                    else if (KeyParameter.GetType() == typeof(Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters))
+                    {
+                        key_len = ((RsaKeyParameters)KeyParameter).Modulus.BitLength;
+                        modulus = ((RsaKeyParameters)KeyParameter).Modulus.ToByteArray();
+                        exponent = ((RsaKeyParameters)KeyParameter).Exponent.ToByteArray();
+                    }
+                    else
+                    {
+                        MessageBox.Show("File doesn't contain RSA public key.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                        return;
+                    }
+                    //? Org.BouncyCastle.Crypto.AsymmetricKeyParameter
+                    //? Org.BouncyCastle.Crypto.Parameters.RsaBlindingParameters
+                    //? Org.BouncyCastle.Crypto.Parameters.RsaKeyGenerationParameters
+                    //MessageBox.Show(KeyParameter.GetType().ToString());
+
+                    key_idx = cbRSAKeyLength.FindStringExact(key_len.ToString());
+                    if (key_idx < 0)
+                    {
+                        MessageBox.Show("Unsupported key length of " + key_len + "bytes.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                    }
+                    cbRSAKeyLength.SelectedIndex = key_idx;
+
+                    // Remove leading zeros:
+                    while (modulus[0] == 0 && modulus.Length > key_len / 8)
+                    {
+                        modulus = modulus.Skip(1).ToArray();
+                    }
+                    while (exponent[0] == 0 && exponent.Length > 0)
+                    {
+                        exponent = exponent.Skip(1).ToArray();
+                    }
+                    tbRSAModulus.Text = BitConverter.ToString(modulus).Replace("-", "");
+                    tbRSAPubExp.Text = BitConverter.ToString(exponent).Replace("-", "");
+                }
+                catch (Exception ex)
+                {
+                    MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                }
+            }
+        }
+
+        //======================================================================================================================
+        // EC Keys page:
+        //======================================================================================================================
+        void populateECDomainParameters(string curve_name)
+        {
+            byte[] barr1;
+            Int32 key_bytes_len;
+            mECCurve = SecNamedCurves.GetByName(curve_name);
+
+            try
+            {
+                key_bytes_len = (mECCurve.Curve.FieldSize + 7) / 8;
+
+                if (mECCurve.Curve.GetType() == typeof(FpCurve))
+                {
+                    rbECFieldPrime.Checked = true;
+                    barr1 = mECCurve.Curve.Field.Characteristic.ToByteArray();
+                    if (key_bytes_len > barr1.Length)
+                        barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                    while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                    {
+                        barr1 = barr1.Skip(1).ToArray();
+                    }
+                    tbECParamPrime.Text = BitConverter.ToString(barr1).Replace("-", "");
+                }
+                else if (mECCurve.Curve.GetType() == typeof(F2mCurve))
+                {
+                    rbECFieldBinary.Checked = true;
+                    populateECReductionPolynomial(!((F2mCurve)mECCurve.Curve).IsTrinomial(),
+                            (ushort)mECCurve.Curve.FieldSize,
+                            (ushort)((F2mCurve)mECCurve.Curve).K3,
+                            (ushort)((F2mCurve)mECCurve.Curve).K2,
+                            (ushort)((F2mCurve)mECCurve.Curve).K1);
+                }
+
+                barr1 = mECCurve.Curve.A.ToBigInteger().ToByteArray();
+                if (key_bytes_len > barr1.Length)
+                    barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                {
+                    barr1 = barr1.Skip(1).ToArray();
+                }
+                tbECParamA.Text = BitConverter.ToString(barr1).Replace("-", "");
+
+                barr1 = mECCurve.Curve.B.ToBigInteger().ToByteArray();
+                if (key_bytes_len > barr1.Length)
+                    barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                {
+                    barr1 = barr1.Skip(1).ToArray();
+                }
+                tbECParamB.Text = BitConverter.ToString(barr1).Replace("-", "");
+
+                barr1 = mECCurve.G.XCoord.ToBigInteger().ToByteArray();
+                if (key_bytes_len > barr1.Length)
+                    barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                {
+                    barr1 = barr1.Skip(1).ToArray();
+                }
+                tbECParamG.Text = "04" + BitConverter.ToString(barr1).Replace("-", "");
+
+                barr1 = mECCurve.G.YCoord.ToBigInteger().ToByteArray();
+                if (key_bytes_len > barr1.Length)
+                    barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                {
+                    barr1 = barr1.Skip(1).ToArray();
+                }
+                tbECParamG.Text += BitConverter.ToString(barr1).Replace("-", "");
+
+                barr1 = mECCurve.N.ToByteArray();
+                if (key_bytes_len > barr1.Length)
+                    barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                {
+                    barr1 = barr1.Skip(1).ToArray();
+                }
+                tbECParamR.Text = BitConverter.ToString(barr1).Replace("-", "");
+
+                tbECParamK.Text = mECCurve.H.ToString(); // mECCurve.Curve.Cofactor.ToString();
+            }
+            catch (Exception ex)
+            {
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        private void clearECReductionPolynomial()
+        {
+            rtbECReductionPolynomial.Clear();
+            //richTextBox1.SelectionColor = Color.Black;
+            rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+            rtbECReductionPolynomial.SelectedText = " f(x) = ";
+        }
+
+        private void populateECReductionPolynomial(Boolean isPentanomial, UInt16 m, UInt16 e1, UInt16 e2, UInt16 e3)
+        {
+            tbECParamE1.Enabled = true;
+
+            rtbECReductionPolynomial.Clear();
+            //richTextBox1.SelectionColor = Color.Black;
+            rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+            rtbECReductionPolynomial.SelectedText = " f(x) = x";
+            // superscripted text...
+            rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 7, FontStyle.Italic);
+            rtbECReductionPolynomial.SelectionCharOffset = 8;
+            rtbECReductionPolynomial.SelectedText = m.ToString();
+            // normal text...
+            rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+            rtbECReductionPolynomial.SelectionCharOffset = 0;
+            rtbECReductionPolynomial.SelectedText = " + x";
+
+            if (isPentanomial)
+            {
+                lbECParamE1.Text = "e1:";
+                tbECParamE1.Text = e1.ToString();
+                lbECParamE2.Enabled = true;
+                lbECParamE3.Enabled = true;
+                tbECParamE2.Enabled = true;
+                tbECParamE3.Enabled = true;
+                tbECParamE2.Text = e2.ToString();
+                tbECParamE3.Text = e3.ToString();
+
+                // superscripted text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 7, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 8;
+                rtbECReductionPolynomial.SelectedText = e1.ToString();
+                // normal text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 0;
+                rtbECReductionPolynomial.SelectedText = " + x";
+                // superscripted text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 7, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 8;
+                rtbECReductionPolynomial.SelectedText = e2.ToString();
+                // normal text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 0;
+                rtbECReductionPolynomial.SelectedText = " + x";
+                // superscripted text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 7, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 8;
+                rtbECReductionPolynomial.SelectedText = e3.ToString();
+            }
+            else
+            {
+                lbECParamE1.Text = "e:";
+                tbECParamE1.Text = e3.ToString();
+                tbECParamE2.Clear();
+                tbECParamE3.Clear();
+                tbECParamE2.Enabled = false;
+                tbECParamE3.Enabled = false;
+                lbECParamE2.Enabled = false;
+                lbECParamE3.Enabled = false;
+
+                // superscripted text...
+                rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 7, FontStyle.Italic);
+                rtbECReductionPolynomial.SelectionCharOffset = 8;
+                rtbECReductionPolynomial.SelectedText = e3.ToString();
+            }
+            // normal text...
+            rtbECReductionPolynomial.SelectionFont = new Font("Times New Roman", 10, FontStyle.Italic);
+            rtbECReductionPolynomial.SelectionCharOffset = 0;
+            rtbECReductionPolynomial.SelectedText = " + 1";
+        }
+
+        private void rbECFieldPrime_CheckedChanged(object sender, EventArgs e)
+        {
+            if (rbECFieldPrime.Checked)
+            {
+                tbECParamPrime.Enabled = true;
+                clearECReductionPolynomial();
+                tbECParamE1.Clear();
+                tbECParamE2.Clear();
+                tbECParamE3.Clear();
+                gbECReductionPolynomial.Enabled = false;
+            }
+        }
+
+        private void rbECFieldBinary_CheckedChanged(object sender, EventArgs e)
+        {
+            if (rbECFieldBinary.Checked)
+            {
+                tbECParamPrime.Enabled = false;
+                tbECParamPrime.Clear();
+                gbECReductionPolynomial.Enabled = true;
+            }
+        }
+
+        private bool m_gate_cbECKeyLength = false;
+        private int mECNameCurrComboIndex = 0;
+        private void cbECName_SelectedIndexChanged(object sender, EventArgs e)
+        {
+            m_gate_cbECKeyLength = true;
+
+            if (mECNameCurrComboIndex != cbECName.SelectedIndex)
+            {
+                mECNameCurrComboIndex = cbECName.SelectedIndex;
+                tbECPubKey.Text = "";
+            }
+
+            if (cbECName.SelectedIndex < 15)
+            {
+                rbECFieldPrime.Checked = true;
+            }
+            else
+            {
+                rbECFieldBinary.Checked = true;
+            }
+            switch (cbECName.SelectedIndex)
+            {
+                case 0:
+                case 1:
+
+                    cbECKeyLength.SelectedIndex = 0;
+                    break;
+                case 2:
+                case 3:
+                    cbECKeyLength.SelectedIndex = 2;
+                    break;
+                case 4:
+                case 5:
+                case 6:
+                    cbECKeyLength.SelectedIndex = 4;
+                    break;
+                case 7:
+                case 8:
+                    cbECKeyLength.SelectedIndex = 6;
+                    break;
+                case 9:
+                case 10:
+                    cbECKeyLength.SelectedIndex = 8;
+                    break;
+                case 11:
+                case 12:
+                    cbECKeyLength.SelectedIndex = 11;
+                    break;
+                case 13:
+                    cbECKeyLength.SelectedIndex = 13;
+                    break;
+                case 14:
+                    cbECKeyLength.SelectedIndex = 15;
+                    break;
+                case 15:
+                case 16:
+                    cbECKeyLength.SelectedIndex = 1;
+                    break;
+                case 17:
+                case 18:
+                    cbECKeyLength.SelectedIndex = 3;
+                    break;
+                case 19:
+                case 20:
+                case 21:
+                    cbECKeyLength.SelectedIndex = 5;
+                    break;
+                case 22:
+                case 23:
+                    cbECKeyLength.SelectedIndex = 7;
+                    break;
+                case 24:
+                case 25:
+                    cbECKeyLength.SelectedIndex = 9;
+                    break;
+
+                case 26:
+                    cbECKeyLength.SelectedIndex = 10;
+                    break;
+                case 27:
+                case 28:
+                    cbECKeyLength.SelectedIndex = 12;
+                    break;
+                case 29:
+                case 30:
+                    cbECKeyLength.SelectedIndex = 14;
+                    break;
+                case 31:
+                case 32:
+                    cbECKeyLength.SelectedIndex = 16;
+                    break;
+            }
+            populateECDomainParameters(cbECName.Text);
+            m_gate_cbECKeyLength = false;
+        }
+
+        private void cbECKeyLength_SelectedIndexChanged(object sender, EventArgs e)
+        {
+            if (m_gate_cbECKeyLength)
+                return;
+
+            switch (cbECKeyLength.SelectedIndex)
+            {
+                case 0:
+                    if (cbECName.SelectedIndex != 1)
+                        cbECName.SelectedIndex = 0;
+                    break;
+                case 1:
+                    if (cbECName.SelectedIndex != 16)
+                        cbECName.SelectedIndex = 15;
+                    break;
+                case 2:
+                    if (cbECName.SelectedIndex != 3)
+                        cbECName.SelectedIndex = 2;
+                    break;
+                case 3:
+                    if (cbECName.SelectedIndex != 18)
+                        cbECName.SelectedIndex = 17;
+                    break;
+                case 4:
+                    if (cbECName.SelectedIndex != 5 && cbECName.SelectedIndex != 6)
+                        cbECName.SelectedIndex = 4;
+                    break;
+                case 5:
+                    if (cbECName.SelectedIndex != 20 && cbECName.SelectedIndex != 21)
+                        cbECName.SelectedIndex = 19;
+                    break;
+                case 6:
+                    if (cbECName.SelectedIndex != 8)
+                        cbECName.SelectedIndex = 7;
+                    break;
+                case 7:
+                    if (cbECName.SelectedIndex != 23)
+                        cbECName.SelectedIndex = 22;
+                    break;
+                case 8:
+                    if (cbECName.SelectedIndex != 10)
+                        cbECName.SelectedIndex = 9;
+                    break;
+                case 9:
+                    if (cbECName.SelectedIndex != 25)
+                        cbECName.SelectedIndex = 24;
+                    break;
+                case 10:
+                    cbECName.SelectedIndex = 26;
+                    break;
+                case 11:
+                    if (cbECName.SelectedIndex != 12)
+                        cbECName.SelectedIndex = 11;
+                    break;
+                case 12:
+                    if (cbECName.SelectedIndex != 28)
+                        cbECName.SelectedIndex = 27;
+                    break;
+                case 13:
+                    cbECName.SelectedIndex = 13;
+                    break;
+                case 14:
+                    if (cbECName.SelectedIndex != 30)
+                        cbECName.SelectedIndex = 29;
+                    break;
+                case 15:
+                    cbECName.SelectedIndex = 14;
+                    break;
+                case 16:
+                    if (cbECName.SelectedIndex != 32)
+                        cbECName.SelectedIndex = 31;
+                    break;
+            }
+        }
+
+        private void btnECImportP12_Click(object sender, EventArgs e)
+        {
+            OpenFileDialog dialog = new OpenFileDialog();
+            dialog.Filter = "PKCS#12 files (*.p12;*.pfx)|*.p12;*.pfx|All files (*.*)|*.*";
+            //dialog.InitialDirectory = @"C:\";
+            dialog.Title = "Please select the cert file";
+
+            if (dialog.ShowDialog() == DialogResult.OK)
+            {
+                frmPassword dlgPasswd = new frmPassword();
+                if (dlgPasswd.ShowDialog() == DialogResult.OK)
+                {
+                    try
+                    {
+                        // Load your certificate from p12 file
+                        X509Certificate2 certificate = new X509Certificate2(dialog.FileName, dlgPasswd.password, X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
+                        //RSACryptoServiceProvider pub_key = (RSACryptoServiceProvider)certificate.PublicKey.Key;
+                        PublicKey pub_key = certificate.PublicKey;
+
+                        if (pub_key.EncodedKeyValue.Oid.FriendlyName.Equals("ECC"))
+                        {
+                            var parser = new X509CertificateParser();
+                            // Load your certificate
+                            var bouncyCertificate = parser.ReadCertificate(certificate.RawData);
+                            //certificate.Dispose(); ToDo: See if needed
+
+                            string curve_name = SecNamedCurves.GetName(
+                                (DerObjectIdentifier)DerObjectIdentifier.FromByteArray(
+                                    bouncyCertificate.CertificateStructure.SubjectPublicKeyInfo.AlgorithmID.Parameters.GetDerEncoded()
+                                    )
+                                );
+
+                            if (cbECName.Items.Contains(curve_name))
+                            {
+                                int index = cbECName.FindString(curve_name);
+                                cbECName.SelectedIndex = index;
+                            }
+                            else
+                                throw new Exception("Unknown ECC Parameters in certificate.");
+
+                            tbECPubKey.Text = BitConverter.ToString(
+                                bouncyCertificate.CertificateStructure.SubjectPublicKeyInfo.PublicKeyData.GetBytes()
+                                ).Replace("-", "");
+                        }
+                        else
+                        {
+                            MessageBox.Show("File doesn't contain EC public key.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                            return;
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                    }
+                }
+            }
+        }
+
+        private void btnECImportFromPem_Click(object sender, EventArgs e)
+        {
+            byte[] barr1, barr2;
+
+            OpenFileDialog dialog = new OpenFileDialog();
+            dialog.Filter = "PEM files (*.pem;*.crt;*.cer)|*.pem;*.crt;*.cer|All files (*.*)|*.*";
+            dialog.InitialDirectory = @"C:\";
+            dialog.Title = "Please select the PEM file";
+
+            if (dialog.ShowDialog() == DialogResult.OK)
+            {
+                try
+                {
+                    // ToDo: Find beter strategy to open Org.BouncyCastle.X509.X509Certificate
+
+                    // Load your certificate from PEM file
+                    TextReader fileStream = System.IO.File.OpenText(dialog.FileName);
+                    PemReader pemReader = new Org.BouncyCastle.OpenSsl.PemReader(fileStream);
+                    object KeyParameter = pemReader.ReadObject();
+
+                    if (KeyParameter.GetType() == typeof(Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters))
+                    {
+                        int idx = 0;
+                        foreach (string s in cbECName.Items)
+                        {
+                            var EC = SecNamedCurves.GetByName(s);
+                            if (EC.Curve.Equals(((ECPublicKeyParameters)KeyParameter).Parameters.Curve))
+                                break;
+                            idx++;
+                        }
+                        if ((idx + 1) >= cbECName.Items.Count)
+                            throw new Exception("Unknown ECC Parameters in pem file.");
+
+                        cbECName.SelectedIndex = idx;
+
+                        var publicKeyParam = ((ECPublicKeyParameters)KeyParameter);
+                        int key_bytes_len = (publicKeyParam.Parameters.Curve.FieldSize + 7) / 8;
+                        barr1 = publicKeyParam.Q.XCoord.ToBigInteger().ToByteArray();
+                        if (key_bytes_len > barr1.Length)
+                            barr1 = zeroPadArray(barr1, 0, key_bytes_len - barr1.Length);
+                        while (barr1[0] == 0 && barr1.Length > key_bytes_len)
+                        {
+                            barr1 = barr1.Skip(1).ToArray();
+                        }
+                        barr2 = publicKeyParam.Q.YCoord.ToBigInteger().ToByteArray();
+                        if (key_bytes_len > barr2.Length)
+                            barr2 = zeroPadArray(barr2, 0, key_bytes_len - barr2.Length);
+                        while (barr2[0] == 0 && barr2.Length > key_bytes_len)
+                        {
+                            barr2 = barr2.Skip(1).ToArray();
+                        }
+                        tbECPubKey.Text = "04" + BitConverter.ToString(barr1).Replace("-", "") + BitConverter.ToString(barr2).Replace("-", "");
+                    }
+                    else if (KeyParameter.GetType() == typeof(Org.BouncyCastle.X509.X509Certificate))
+                    {
+                        var parser = new X509CertificateParser();
+                        // Load your certificate
+                        X509Certificate2 certificate = new X509Certificate2(dialog.FileName);
+                        var bouncyCertificate = parser.ReadCertificate(certificate.RawData);
+                        //certificate.Dispose(); ToDo: See if needed
+
+                        string curve_name = SecNamedCurves.GetName(
+                            (DerObjectIdentifier)DerObjectIdentifier.FromByteArray(
+                                bouncyCertificate.CertificateStructure.SubjectPublicKeyInfo.AlgorithmID.Parameters.GetDerEncoded()
+                                )
+                            );
+
+                        if (cbECName.Items.Contains(curve_name))
+                        {
+                            int index = cbECName.FindString(curve_name);
+                            cbECName.SelectedIndex = index;
+                        }
+                        else
+                            throw new Exception("Unknown ECC Parameters in certificate.");
+
+                        tbECPubKey.Text = BitConverter.ToString(
+                            bouncyCertificate.CertificateStructure.SubjectPublicKeyInfo.PublicKeyData.GetBytes()
+                            ).Replace("-", "");
+                    }
+                    else
+                    {
+                        MessageBox.Show("File doesn't contain EC public key.", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                        return;
+                    }
+                }
+                catch (Exception ex)
+                {
+                    MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                }
+            }
+        }
+
+        //======================================================================================================================
+        // Signature page:
+        //======================================================================================================================
+        private void button3_Click(object sender, EventArgs e)
+        {
+            try
+            {
+                // The URI to sign.
+                string resourceToSign = "file:///test.txt";
+
+                // The name of the file to which to save the XML signature.
+                string XmlFileName = "signature.xml";
+
+                // Generate a signing key.
+                RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
+
+                //Console.WriteLine("Signing: {0}", resourceToSign);
+
+                // Sign the detached resourceand save the signature in an XML file.
+                SignDetachedResource(resourceToSign, XmlFileName, Key);
+
+                //Console.WriteLine("XML Signature was succesfully computed and saved to {0}.", XmlFileName);
+
+                /*
+                                // Verify the signature of the signed XML.
+                                Console.WriteLine("Verifying signature...");
+
+                                //Verify the XML signature in the XML file against the key.
+                                //bool result = VerifyDetachedSignatureWithRSAPublicKey(XmlFileName, Key);
+                                bool result = VerifyDetachedSignature(XmlFileName);
+
+                                // Display the results of the signature verification to 
+                                // the console.
+                                if (result)
+                                {
+                                    Console.WriteLine("The XML signature is valid.");
+                                }
+                                else
+                                {
+                                    Console.WriteLine("The XML signature is not valid.");
+                                }
+                */
+            }
+            catch (CryptographicException ex)
+            {
+                Console.WriteLine(ex.Message);
+            }
+        }
+        // Sign an XML file and save the signature in a new file. This method does not  
+        // save the public key within the XML file.  This file cannot be verified unless  
+        // the verifying code has the key with which it was signed.
+        public static void SignDetachedResource(string URIString, string XmlSigFileName, RSA RSAKey)
+        {
+            // Create a SignedXml object.
+            SignedXml signedXml = new SignedXml();
+
+            // Assign the DSA key to the SignedXml object.
+            signedXml.SigningKey = RSAKey;
+
+            // Create a reference to be signed.
+            Reference reference = new Reference();
+
+            // Add the passed URI to the reference object.
+            reference.Uri = URIString;
+
+            // Add the reference to the SignedXml object.
+            signedXml.AddReference(reference);
+
+            // Add a DSAKeyValue to the KeyInfo (optional; helps recipient find key to validate).
+            KeyInfo keyInfo = new KeyInfo();
+            keyInfo.AddClause(new RSAKeyValue((RSA)RSAKey));
+            signedXml.KeyInfo = keyInfo;
+
+            // Compute the signature.
+            signedXml.ComputeSignature();
+
+            // Get the XML representation of the signature and save
+            // it to an XmlElement object.
+            XmlElement xmlDigitalSignature = signedXml.GetXml();
+
+            // Save the signed XML document to a file specified
+            // using the passed string.
+            XmlTextWriter xmltw = new XmlTextWriter(XmlSigFileName, new UTF8Encoding(false));
+            xmlDigitalSignature.WriteTo(xmltw);
+            xmltw.Close();
+        }
+
+        // Verify the signature of an XML file against an asymetric 
+        // algorithm and return the result.
+        public static Boolean VerifyDetachedSignatureWithRSAPublicKey(string XmlSigFileName, RSA Key)
+        {
+            // Create a new XML document.
+            XmlDocument xmlDocument = new XmlDocument();
+
+            // Load the passedXML file into the document.
+            xmlDocument.Load(XmlSigFileName);
+
+            // Create a new SignedXml object.
+            SignedXml signedXml = new SignedXml();
+
+            // Find the "Signature" node and create a new XmlNodeList object.
+            XmlNodeList nodeList = xmlDocument.GetElementsByTagName("Signature");
+
+            // Load the signature node.
+            signedXml.LoadXml((XmlElement)nodeList[0]);
+
+            // Check the signature against the passed asymetric key
+            // and return the result.
+            return signedXml.CheckSignature(Key);
+        }
+
+        //Verify the siganature of an XML file
+        public static Boolean VerifyDetachedSignature(String XmlSigFileName)
+        {
+            // Create a new XML document.
+            XmlDocument xmlDocument = new XmlDocument();
+
+            // Load the passedXML file into the document.
+            xmlDocument.Load(XmlSigFileName);
+
+            // Find the "KeyValue" node,
+            // get the public key and use the key to initialize
+            // a RSACryptoServiceProvider object.
+            XmlNodeList nodeList = xmlDocument.GetElementsByTagName("KeyValue");
+            RSACryptoServiceProvider Key = new RSACryptoServiceProvider();
+            Key.FromXmlString(nodeList[0].InnerXml);
+
+            // Check the signature against the RSACryptoServiceProvider object
+            // and return the result.
+            return VerifyDetachedSignatureWithRSAPublicKey(XmlSigFileName, Key);
+        }
+
+        //======================================================================================================================
+        // Verify Signature page:
+        //======================================================================================================================
+        enum RADIX
+        {
+            Hex,
+            Base64,
+            ASCII,
+            Exception_FromFile
+        };
+        RADIX mMessageRadix = RADIX.Hex;
+        RADIX mSignatureRadix = RADIX.Hex;
+
+        private void tbMessageRadixChanged(object sender, EventArgs e)
+        {
+            bool showExceptionMessage = true;
+            try
+            {
+                if (sender == rbMessageFromFile)
+                {
+                    OpenFileDialog dialog = new OpenFileDialog();
+                    dialog.Filter = "All files (*.*)|*.*";
+                    //dialog.InitialDirectory = @"C:\";
+                    dialog.Title = "Please select file for signing";
+                    if (dialog.ShowDialog() == DialogResult.OK)
+                    {
+                        tbMessage.ReadOnly = true;
+                        tbMessage.BackColor = SystemColors.Info;
+                        tbMessage.Text = dialog.FileName;
+                        mMessageRadix = RADIX.Exception_FromFile;
+                    }
+                    else
+                    {
+                        showExceptionMessage = false;
+                        throw new Exception("File selection canceled");
+                    }
+                }
+                else
+                {
+                    switch (mMessageRadix) // from radix
+                    {
+                        case RADIX.Hex:
+                            if (sender == rbMessageBase64)
+                            {
+                                tbMessage.Text = Convert.ToBase64String(Hex.Decode(tbMessage.Text));
+                                mMessageRadix = RADIX.Base64;
+                            }
+                            else if (sender == rbMessageAscii)
+                            {
+                                tbMessage.Text = Encoding.ASCII.GetString(Hex.Decode(tbMessage.Text));
+                                mMessageRadix = RADIX.ASCII;
+                            }
+                            break;
+                        case RADIX.Base64:
+                            if (sender == rbMessageHex)
+                            {
+                                tbMessage.Text = BitConverter.ToString(Convert.FromBase64String(tbMessage.Text)).Replace("-", "");
+                                mMessageRadix = RADIX.Hex;
+                            }
+                            else if (sender == rbMessageAscii)
+                            {
+                                tbMessage.Text = Encoding.ASCII.GetString(Convert.FromBase64String(tbMessage.Text));
+                                mMessageRadix = RADIX.ASCII;
+                            }
+                            break;
+                        case RADIX.ASCII:
+                            if (sender == rbMessageHex)
+                            {
+                                tbMessage.Text = BitConverter.ToString(Encoding.ASCII.GetBytes(tbMessage.Text)).Replace("-", "");
+                                mMessageRadix = RADIX.Hex;
+                            }
+                            else if (sender == rbMessageBase64)
+                            {
+                                tbMessage.Text = Convert.ToBase64String(Encoding.ASCII.GetBytes(tbMessage.Text));
+                                mMessageRadix = RADIX.Base64;
+                            }
+                            break;
+                        case RADIX.Exception_FromFile:
+                            tbMessage.BackColor = SystemColors.Window;
+                            tbMessage.Text = "";
+                            tbMessage.ReadOnly = false;
+                            if (sender == rbMessageHex)
+                                mMessageRadix = RADIX.Hex;
+                            else if (sender == rbMessageBase64)
+                                mMessageRadix = RADIX.Base64;
+                            else if (sender == rbMessageAscii)
+                                mMessageRadix = RADIX.ASCII;
+
+                            break;
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                switch (mMessageRadix)
+                {
+                    case RADIX.Hex:
+                        rbMessageHex.Checked = true;
+                        break;
+                    case RADIX.Base64:
+                        rbMessageBase64.Checked = true;
+                        break;
+                    case RADIX.ASCII:
+                        rbMessageAscii.Checked = true;
+                        break;
+                    case RADIX.Exception_FromFile:
+                        rbMessageFromFile.Checked = true;
+                        break;
+                }
+                if (showExceptionMessage)
+                    MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        private void tbSignatureRadixChanged(object sender, EventArgs e)
+        {
+            try
+            {
+                if (mSignatureRadix == RADIX.Hex && sender == rbSignatureBase64)
+                {
+                    tbSignature.Text = Convert.ToBase64String(Hex.Decode(tbSignature.Text));
+                    mSignatureRadix = RADIX.Base64;
+                }
+                else if (mSignatureRadix == RADIX.Base64 && sender == rbSignatureHex)
+                {
+                    tbSignature.Text = BitConverter.ToString(Convert.FromBase64String(tbSignature.Text)).Replace("-", "");
+                    mSignatureRadix = RADIX.Hex;
+                }
+            }
+            catch (Exception ex)
+            {
+                if (mSignatureRadix == RADIX.Hex)
+                    rbSignatureHex.Checked = true;
+                else // case RADIX.Base64:
+                    rbSignatureBase64.Checked = true;
+
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        public static T[] RangeSubset<T>(T[] array, int startIndex, int length)
+        {
+            T[] subset = new T[length];
+            Array.Copy(array, startIndex, subset, 0, length);
+            return subset;
+        }
+
+        private static byte[] derEncodeSignature(byte[] signature)
+        {
+            byte[] r = RangeSubset(signature, 0, (signature.Length / 2));
+            byte[] s = RangeSubset(signature, (signature.Length / 2), (signature.Length / 2));
+
+            MemoryStream stream = new MemoryStream();
+            DerOutputStream der = new DerOutputStream(stream);
+
+            Asn1EncodableVector v = new Asn1EncodableVector();
+            v.Add(new DerInteger(new BigInteger(1, r)));
+            v.Add(new DerInteger(new BigInteger(1, s)));
+            der.WriteObject(new DerSequence(v));
+
+            return stream.ToArray();
+        }
+
+        const int INPUT_FILE_BUFFER_LEN = 8192;
+        ISigner mSigner;
+        byte[] mSignature;
+        byte[] mMessage;
+
+        void bgw_DoWork(object sender, DoWorkEventArgs e)
+        {
+            Int64 temp = 0, percentSize;
+
+            try
+            {
+                ((BackgroundWorker)sender).ReportProgress(0);
+
+                using (Stream source = File.OpenRead(tbMessage.Text))
+                {
+                    percentSize = source.Length / 1000;
+                    int bytesRead;
+                    while ((bytesRead = source.Read(mMessage, 0, mMessage.Length)) > 0)
+                    {
+                        mSigner.BlockUpdate(mMessage, 0, bytesRead);
+                        temp += bytesRead;
+                        if (temp >= percentSize)
+                        {
+                            temp = 0;
+                            // when using PerformStep() the percentProgress arg is redundant
+                            ((BackgroundWorker)sender).ReportProgress(0);
+                        }
+                    }
+                }
+            }
+            catch (Exception ex)
+            {
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        void bgw_ProgressChanged(object sender, ProgressChangedEventArgs e)
+        {
+            pbVerification.PerformStep();
+        }
+
+        void bgw_WorkCompleted(object sender, RunWorkerCompletedEventArgs e)
+        {
+            try
+            {
+                pbVerification.Value = pbVerification.Maximum;
+                pbVerification.Value = pbVerification.Maximum - 1; // workaround for animation feature (aero theme)
+                pbVerification.Value = pbVerification.Maximum;
+
+                if (mSigner.VerifySignature(mSignature))
+                    MessageBox.Show("Signature successfully verified", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
+                else
+                    MessageBox.Show("Bad signature", "Fail", MessageBoxButtons.OK, MessageBoxIcon.Warning);
+            }
+            finally
+            {
+                // Enable controls critical for execution:
+                tabControl.Enabled = true;
+            }
+        }
+
+        private void btnVerifySignature_Click(object sender, EventArgs e)
+        {
+            string signatureMechanism;
+            AsymmetricKeyParameter key;
+
+            try
+            {
+                if (tbMessage.Text.Trim().Equals(""))
+                    throw new Exception("Signed message can't have a zero length.");
+                if (tbSignature.Text.Trim().Equals(""))
+                    throw new Exception("Signature can't have a zero length.");
+
+                if (cbCipher.Text.Equals("RSA"))
+                {
+                    switch (cbDigest.Text)
+                    {
+                        case "SHA-1":
+                            signatureMechanism = "SHA-1withRSA";
+                            break;
+                        case "SHA-224":
+                            signatureMechanism = "SHA-224withRSA";
+                            break;
+                        case "SHA-256":
+                            signatureMechanism = "SHA-256withRSA";
+                            break;
+                        case "SHA-384":
+                            signatureMechanism = "SHA-384withRSA";
+                            break;
+                        case "SHA-512":
+                            signatureMechanism = "SHA-512withRSA";
+                            break;
+                        default:
+                            throw new Exception("Unknown hash algorithm");
+                    }
+
+                    key = new RsaKeyParameters(false, new BigInteger(1, Hex.Decode(tbRSAModulus.Text)), 
+                        new BigInteger(1, Hex.Decode(tbRSAPubExp.Text)));
+                }
+                else if (cbCipher.Text.Equals("ECDSA"))
+                {
+                    switch (cbDigest.Text)
+                    {
+                        case "SHA-1":
+                            signatureMechanism = "SHA-1withECDSA";
+                            break;
+                        case "SHA-224":
+                            signatureMechanism = "SHA-224withECDSA";
+                            break;
+                        case "SHA-256":
+                            signatureMechanism = "SHA-256withECDSA";
+                            break;
+                        case "SHA-384":
+                            signatureMechanism = "SHA-384withECDSA";
+                            break;
+                        case "SHA-512":
+                            signatureMechanism = "SHA-512withECDSA";
+                            break;
+                        default:
+                            throw new Exception("Unknown digest algorithm");
+                    }
+
+                    X9ECParameters curve = SecNamedCurves.GetByName(cbECName.Text);
+                    ECDomainParameters curveSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
+                    key = new ECPublicKeyParameters("ECDSA", curve.Curve.DecodePoint(Hex.Decode(tbECPubKey.Text)), curveSpec);
+                }
+                else
+                    throw new Exception("Unknown cipher algorithm");
+
+                mSigner = SignerUtilities.GetSigner(signatureMechanism);
+                mSigner.Init(false, key);
+
+                switch (mMessageRadix) // from radix
+                {
+                    case RADIX.Hex:
+                        mMessage = Hex.Decode(tbMessage.Text);
+                        break;
+                    case RADIX.Base64:
+                        mMessage = Convert.FromBase64String(tbMessage.Text);
+                        break;
+                    case RADIX.ASCII:
+                        mMessage = Encoding.ASCII.GetBytes(tbMessage.Text);
+                        break;
+                    case RADIX.Exception_FromFile:
+                        mMessage = new byte[INPUT_FILE_BUFFER_LEN];
+                        break;
+                    default:
+                        throw new Exception("Unknown input data radix");
+                }
+
+                if (cbCipher.Text.Equals("ECDSA"))
+                {
+                    // Have to be DER encoded before verification:
+                    if (mSignatureRadix == RADIX.Hex)
+                    {
+                        mSignature = derEncodeSignature(Hex.Decode(tbSignature.Text));
+                    }
+                    else // mSignatureRadix == RADIX.Base64
+                    {
+                        mSignature = derEncodeSignature(Convert.FromBase64String(tbSignature.Text));
+                    }
+                }
+                else
+                {
+                    if (mSignatureRadix == RADIX.Hex)
+                    {
+                        mSignature = Hex.Decode(tbSignature.Text);
+                    }
+                    else // mSignatureRadix == RADIX.Base64
+                    {
+                        mSignature = Convert.FromBase64String(tbSignature.Text);
+                    }
+                }
+
+                pbVerification.Value = 0;
+                Refresh();
+
+                if (mMessageRadix == RADIX.Exception_FromFile)
+                {
+                    var bgw = new BackgroundWorker();
+                    bgw.ProgressChanged += bgw_ProgressChanged;
+                    bgw.DoWork += bgw_DoWork;
+                    bgw.WorkerReportsProgress = true;
+                    bgw.RunWorkerCompleted += bgw_WorkCompleted;
+                    bgw.RunWorkerAsync();
+
+                    // Disable controls critical for execution:
+                    tabControl.Enabled = false;
+                    return;
+                }
+                else
+                    mSigner.BlockUpdate(mMessage, 0, mMessage.Length);
+
+                bool result = mSigner.VerifySignature(mSignature);
+                pbVerification.Value = pbVerification.Maximum;
+                pbVerification.Value = pbVerification.Maximum - 1; // workaround for animation feature (aero theme)
+                pbVerification.Value = pbVerification.Maximum;
+                if (result)
+                    MessageBox.Show("Signature successfully verified", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
+                else
+                    MessageBox.Show("Bad signature", "Fail", MessageBoxButtons.OK, MessageBoxIcon.Warning);
+            }
+            catch (Exception ex)
+            {
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        const long MAX_INPUT_BIN_FILE = 65536;
+
+        private void btnPlainLoadFromBin_Click(object sender, EventArgs e)
+        {
+            long file_len;
+
+            try
+            {
+                OpenFileDialog dialog = new OpenFileDialog();
+                dialog.Filter = "Binary files (*.bin)|*.bin|All files (*.*)|*.*";
+                //dialog.InitialDirectory = @"C:\";
+                dialog.Title = "Please select binary file";
+
+                if (dialog.ShowDialog() == DialogResult.OK)
+                {
+                    file_len = new FileInfo(dialog.FileName).Length;
+
+                    if (file_len > MAX_INPUT_BIN_FILE)
+                    {
+                        MessageBox.Show("Binary file is to large for this purpose.\r\nMaximum file size accepted here is 64 kB.", 
+                            "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+                        return;
+                    }
+                    tbMessage.Text = "";
+                    tbMessageRadixChanged(rbMessageHex, new EventArgs());
+                    rbMessageHex.Checked = true;
+
+                    tbMessage.Text = BitConverter.ToString(File.ReadAllBytes(dialog.FileName)).Replace("-", "");
+                }
+            }
+            catch (Exception ex)
+            {
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+
+        private void btnSignatureLoadFromBin_Click(object sender, EventArgs e)
+        {
+            long file_len;
+
+            try
+            {
+                OpenFileDialog dialog = new OpenFileDialog();
+                dialog.Filter = "Signature binary files (*.sig)|*.sig|Binary files (*.bin)|*.bin|All files (*.*)|*.*";
+                //dialog.InitialDirectory = @"C:\";
+                dialog.Title = "Please select binary file";
+
+                if (dialog.ShowDialog() == DialogResult.OK)
+                {
+                    file_len = new FileInfo(dialog.FileName).Length;
+
+                    if (file_len > MAX_INPUT_BIN_FILE)
+                    {
+                        MessageBox.Show("Binary file is to large for this purpose.\r\nMaximum file size accepted here is 64 kB.", 
+                            "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+
+                    }
+                    tbSignature.Text = "";
+                    tbSignatureRadixChanged(rbSignatureHex, new EventArgs());
+                    rbSignatureHex.Checked = true;
+
+                    tbSignature.Text = BitConverter.ToString(File.ReadAllBytes(dialog.FileName)).Replace("-", "");
+                }
+            }
+            catch (Exception ex)
+            {
+                MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
+            }
+        }
+    }
+}
diff --git a/frmMain.designer.cs b/frmMain.designer.cs
new file mode 100644
index 0000000..42f7353
--- /dev/null
+++ b/frmMain.designer.cs
@@ -0,0 +1,1155 @@
+namespace SignatureVerifier
+{
+    partial class frmMain
+    {
+        /// <summary>
+        /// Required designer variable.
+        /// </summary>
+        private System.ComponentModel.IContainer components = null;
+
+        /// <summary>
+        /// Clean up any resources being used.
+        /// </summary>
+        /// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing && (components != null))
+            {
+                components.Dispose();
+            }
+            base.Dispose(disposing);
+        }
+
+        #region Windows Form Designer generated code
+
+        /// <summary>
+        /// Required method for Designer support - do not modify
+        /// the contents of this method with the code editor.
+        /// </summary>
+        private void InitializeComponent()
+        {
+            this.tabControl = new System.Windows.Forms.TabControl();
+            this.tabRSAPubKey = new System.Windows.Forms.TabPage();
+            this.gbRSAModulus = new System.Windows.Forms.GroupBox();
+            this.lbRSAPubExp = new System.Windows.Forms.Label();
+            this.tbRSAPubExp = new System.Windows.Forms.TextBox();
+            this.lbRSAModulus = new System.Windows.Forms.Label();
+            this.tbRSAModulus = new System.Windows.Forms.TextBox();
+            this.gbRSACommands = new System.Windows.Forms.GroupBox();
+            this.btnRSAImportPem = new System.Windows.Forms.Button();
+            this.cbRSAKeyLength = new System.Windows.Forms.ComboBox();
+            this.lbRSAKeyLength = new System.Windows.Forms.Label();
+            this.btnRSAImportP12 = new System.Windows.Forms.Button();
+            this.tabECPubKey = new System.Windows.Forms.TabPage();
+            this.gbECPubKey = new System.Windows.Forms.GroupBox();
+            this.lbECPubKey = new System.Windows.Forms.Label();
+            this.tbECPubKey = new System.Windows.Forms.TextBox();
+            this.gbECDomainParameters = new System.Windows.Forms.GroupBox();
+            this.lbECParamK = new System.Windows.Forms.Label();
+            this.tbECParamK = new System.Windows.Forms.TextBox();
+            this.lbECParamR = new System.Windows.Forms.Label();
+            this.tbECParamR = new System.Windows.Forms.TextBox();
+            this.lbECParamG = new System.Windows.Forms.Label();
+            this.tbECParamG = new System.Windows.Forms.TextBox();
+            this.lbECParamB = new System.Windows.Forms.Label();
+            this.tbECParamB = new System.Windows.Forms.TextBox();
+            this.ltbECParamA = new System.Windows.Forms.Label();
+            this.tbECParamA = new System.Windows.Forms.TextBox();
+            this.gbECReductionPolynomial = new System.Windows.Forms.GroupBox();
+            this.rtbECReductionPolynomial = new System.Windows.Forms.RichTextBox();
+            this.lbECParamE3 = new System.Windows.Forms.Label();
+            this.tbECParamE3 = new System.Windows.Forms.TextBox();
+            this.lbECParamE2 = new System.Windows.Forms.Label();
+            this.tbECParamE2 = new System.Windows.Forms.TextBox();
+            this.lbECParamE1 = new System.Windows.Forms.Label();
+            this.tbECParamE1 = new System.Windows.Forms.TextBox();
+            this.groupBox1 = new System.Windows.Forms.GroupBox();
+            this.rbECFieldPrime = new System.Windows.Forms.RadioButton();
+            this.rbECFieldBinary = new System.Windows.Forms.RadioButton();
+            this.lbECParamPrime = new System.Windows.Forms.Label();
+            this.tbECParamPrime = new System.Windows.Forms.TextBox();
+            this.gbECCommands = new System.Windows.Forms.GroupBox();
+            this.btnECImportFromPem = new System.Windows.Forms.Button();
+            this.cbECName = new System.Windows.Forms.ComboBox();
+            this.lbECName = new System.Windows.Forms.Label();
+            this.cbECKeyLength = new System.Windows.Forms.ComboBox();
+            this.lbECKeyLength = new System.Windows.Forms.Label();
+            this.btnECImportP12 = new System.Windows.Forms.Button();
+            this.tabVerify = new System.Windows.Forms.TabPage();
+            this.gbSignature = new System.Windows.Forms.GroupBox();
+            this.pbVerification = new System.Windows.Forms.ProgressBar();
+            this.btnVerifySignature = new System.Windows.Forms.Button();
+            this.btnSignatureLoadFromBin = new System.Windows.Forms.Button();
+            this.rbSignatureBase64 = new System.Windows.Forms.RadioButton();
+            this.rbSignatureHex = new System.Windows.Forms.RadioButton();
+            this.lbSignature = new System.Windows.Forms.Label();
+            this.tbSignature = new System.Windows.Forms.TextBox();
+            this.gbMessage = new System.Windows.Forms.GroupBox();
+            this.btnPlainLoadFromBin = new System.Windows.Forms.Button();
+            this.rbMessageFromFile = new System.Windows.Forms.RadioButton();
+            this.rbMessageBase64 = new System.Windows.Forms.RadioButton();
+            this.rbMessageHex = new System.Windows.Forms.RadioButton();
+            this.rbMessageAscii = new System.Windows.Forms.RadioButton();
+            this.lbMessage = new System.Windows.Forms.Label();
+            this.tbMessage = new System.Windows.Forms.TextBox();
+            this.gbSignatureParameters = new System.Windows.Forms.GroupBox();
+            this.cbCipher = new System.Windows.Forms.ComboBox();
+            this.lbCipher = new System.Windows.Forms.Label();
+            this.cbDigest = new System.Windows.Forms.ComboBox();
+            this.lbDigest = new System.Windows.Forms.Label();
+            this.llbDLogicURL = new System.Windows.Forms.LinkLabel();
+            this.tabControl.SuspendLayout();
+            this.tabRSAPubKey.SuspendLayout();
+            this.gbRSAModulus.SuspendLayout();
+            this.gbRSACommands.SuspendLayout();
+            this.tabECPubKey.SuspendLayout();
+            this.gbECPubKey.SuspendLayout();
+            this.gbECDomainParameters.SuspendLayout();
+            this.gbECReductionPolynomial.SuspendLayout();
+            this.groupBox1.SuspendLayout();
+            this.gbECCommands.SuspendLayout();
+            this.tabVerify.SuspendLayout();
+            this.gbSignature.SuspendLayout();
+            this.gbMessage.SuspendLayout();
+            this.gbSignatureParameters.SuspendLayout();
+            this.SuspendLayout();
+            // 
+            // tabControl
+            // 
+            this.tabControl.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom) 
+            | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tabControl.Controls.Add(this.tabRSAPubKey);
+            this.tabControl.Controls.Add(this.tabECPubKey);
+            this.tabControl.Controls.Add(this.tabVerify);
+            this.tabControl.Location = new System.Drawing.Point(12, 12);
+            this.tabControl.Name = "tabControl";
+            this.tabControl.SelectedIndex = 0;
+            this.tabControl.Size = new System.Drawing.Size(1142, 514);
+            this.tabControl.TabIndex = 0;
+            // 
+            // tabRSAPubKey
+            // 
+            this.tabRSAPubKey.BackColor = System.Drawing.SystemColors.Control;
+            this.tabRSAPubKey.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D;
+            this.tabRSAPubKey.Controls.Add(this.gbRSAModulus);
+            this.tabRSAPubKey.Controls.Add(this.gbRSACommands);
+            this.tabRSAPubKey.Location = new System.Drawing.Point(4, 22);
+            this.tabRSAPubKey.Margin = new System.Windows.Forms.Padding(0);
+            this.tabRSAPubKey.Name = "tabRSAPubKey";
+            this.tabRSAPubKey.Padding = new System.Windows.Forms.Padding(3);
+            this.tabRSAPubKey.Size = new System.Drawing.Size(1134, 488);
+            this.tabRSAPubKey.TabIndex = 0;
+            this.tabRSAPubKey.Text = "RSA public key";
+            // 
+            // gbRSAModulus
+            // 
+            this.gbRSAModulus.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbRSAModulus.Controls.Add(this.lbRSAPubExp);
+            this.gbRSAModulus.Controls.Add(this.tbRSAPubExp);
+            this.gbRSAModulus.Controls.Add(this.lbRSAModulus);
+            this.gbRSAModulus.Controls.Add(this.tbRSAModulus);
+            this.gbRSAModulus.Location = new System.Drawing.Point(8, 82);
+            this.gbRSAModulus.Margin = new System.Windows.Forms.Padding(8);
+            this.gbRSAModulus.Name = "gbRSAModulus";
+            this.gbRSAModulus.Size = new System.Drawing.Size(1116, 96);
+            this.gbRSAModulus.TabIndex = 1;
+            this.gbRSAModulus.TabStop = false;
+            this.gbRSAModulus.Text = "Public key:";
+            // 
+            // lbRSAPubExp
+            // 
+            this.lbRSAPubExp.AutoSize = true;
+            this.lbRSAPubExp.Location = new System.Drawing.Point(6, 62);
+            this.lbRSAPubExp.Margin = new System.Windows.Forms.Padding(3);
+            this.lbRSAPubExp.Name = "lbRSAPubExp";
+            this.lbRSAPubExp.Size = new System.Drawing.Size(55, 13);
+            this.lbRSAPubExp.TabIndex = 2;
+            this.lbRSAPubExp.Text = "Exponent:";
+            // 
+            // tbRSAPubExp
+            // 
+            this.tbRSAPubExp.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbRSAPubExp.BackColor = System.Drawing.SystemColors.Window;
+            this.tbRSAPubExp.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbRSAPubExp.Location = new System.Drawing.Point(64, 58);
+            this.tbRSAPubExp.Margin = new System.Windows.Forms.Padding(0);
+            this.tbRSAPubExp.Name = "tbRSAPubExp";
+            this.tbRSAPubExp.Size = new System.Drawing.Size(1039, 22);
+            this.tbRSAPubExp.TabIndex = 3;
+            // 
+            // lbRSAModulus
+            // 
+            this.lbRSAModulus.AutoSize = true;
+            this.lbRSAModulus.Location = new System.Drawing.Point(6, 30);
+            this.lbRSAModulus.Margin = new System.Windows.Forms.Padding(3);
+            this.lbRSAModulus.Name = "lbRSAModulus";
+            this.lbRSAModulus.Size = new System.Drawing.Size(50, 13);
+            this.lbRSAModulus.TabIndex = 0;
+            this.lbRSAModulus.Text = "Modulus:";
+            // 
+            // tbRSAModulus
+            // 
+            this.tbRSAModulus.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbRSAModulus.BackColor = System.Drawing.SystemColors.Window;
+            this.tbRSAModulus.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbRSAModulus.Location = new System.Drawing.Point(64, 26);
+            this.tbRSAModulus.Margin = new System.Windows.Forms.Padding(10);
+            this.tbRSAModulus.Name = "tbRSAModulus";
+            this.tbRSAModulus.Size = new System.Drawing.Size(1039, 22);
+            this.tbRSAModulus.TabIndex = 1;
+            // 
+            // gbRSACommands
+            // 
+            this.gbRSACommands.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbRSACommands.Controls.Add(this.btnRSAImportPem);
+            this.gbRSACommands.Controls.Add(this.cbRSAKeyLength);
+            this.gbRSACommands.Controls.Add(this.lbRSAKeyLength);
+            this.gbRSACommands.Controls.Add(this.btnRSAImportP12);
+            this.gbRSACommands.Location = new System.Drawing.Point(8, 0);
+            this.gbRSACommands.Margin = new System.Windows.Forms.Padding(8);
+            this.gbRSACommands.Name = "gbRSACommands";
+            this.gbRSACommands.Size = new System.Drawing.Size(1116, 74);
+            this.gbRSACommands.TabIndex = 0;
+            this.gbRSACommands.TabStop = false;
+            // 
+            // btnRSAImportPem
+            // 
+            this.btnRSAImportPem.Location = new System.Drawing.Point(406, 15);
+            this.btnRSAImportPem.Margin = new System.Windows.Forms.Padding(0);
+            this.btnRSAImportPem.Name = "btnRSAImportPem";
+            this.btnRSAImportPem.Size = new System.Drawing.Size(160, 48);
+            this.btnRSAImportPem.TabIndex = 4;
+            this.btnRSAImportPem.Text = "Import from PEM file";
+            this.btnRSAImportPem.UseVisualStyleBackColor = true;
+            this.btnRSAImportPem.Click += new System.EventHandler(this.btnRSAImportPem_Click);
+            // 
+            // cbRSAKeyLength
+            // 
+            this.cbRSAKeyLength.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+            this.cbRSAKeyLength.FormattingEnabled = true;
+            this.cbRSAKeyLength.Items.AddRange(new object[] {
+            "512",
+            "736",
+            "768",
+            "896",
+            "1024",
+            "1280",
+            "1536",
+            "1984",
+            "2048",
+            "4096"});
+            this.cbRSAKeyLength.Location = new System.Drawing.Point(99, 16);
+            this.cbRSAKeyLength.Name = "cbRSAKeyLength";
+            this.cbRSAKeyLength.Size = new System.Drawing.Size(124, 21);
+            this.cbRSAKeyLength.TabIndex = 3;
+            // 
+            // lbRSAKeyLength
+            // 
+            this.lbRSAKeyLength.AutoSize = true;
+            this.lbRSAKeyLength.Location = new System.Drawing.Point(8, 19);
+            this.lbRSAKeyLength.Name = "lbRSAKeyLength";
+            this.lbRSAKeyLength.Size = new System.Drawing.Size(85, 13);
+            this.lbRSAKeyLength.TabIndex = 2;
+            this.lbRSAKeyLength.Text = "Key length [bits]:";
+            // 
+            // btnRSAImportP12
+            // 
+            this.btnRSAImportP12.Location = new System.Drawing.Point(236, 15);
+            this.btnRSAImportP12.Margin = new System.Windows.Forms.Padding(10);
+            this.btnRSAImportP12.Name = "btnRSAImportP12";
+            this.btnRSAImportP12.Size = new System.Drawing.Size(160, 48);
+            this.btnRSAImportP12.TabIndex = 0;
+            this.btnRSAImportP12.Text = "Import from PKCS#12 file    (.p12 ;  .pfx)";
+            this.btnRSAImportP12.UseVisualStyleBackColor = true;
+            this.btnRSAImportP12.Click += new System.EventHandler(this.btnRSAImportP12_Click);
+            // 
+            // tabECPubKey
+            // 
+            this.tabECPubKey.BackColor = System.Drawing.SystemColors.Control;
+            this.tabECPubKey.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D;
+            this.tabECPubKey.Controls.Add(this.gbECPubKey);
+            this.tabECPubKey.Controls.Add(this.gbECDomainParameters);
+            this.tabECPubKey.Controls.Add(this.gbECCommands);
+            this.tabECPubKey.Location = new System.Drawing.Point(4, 22);
+            this.tabECPubKey.Name = "tabECPubKey";
+            this.tabECPubKey.Padding = new System.Windows.Forms.Padding(3);
+            this.tabECPubKey.Size = new System.Drawing.Size(1134, 488);
+            this.tabECPubKey.TabIndex = 1;
+            this.tabECPubKey.Text = "EC public key";
+            // 
+            // gbECPubKey
+            // 
+            this.gbECPubKey.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbECPubKey.Controls.Add(this.lbECPubKey);
+            this.gbECPubKey.Controls.Add(this.tbECPubKey);
+            this.gbECPubKey.Location = new System.Drawing.Point(8, 373);
+            this.gbECPubKey.Margin = new System.Windows.Forms.Padding(8);
+            this.gbECPubKey.Name = "gbECPubKey";
+            this.gbECPubKey.Size = new System.Drawing.Size(1116, 104);
+            this.gbECPubKey.TabIndex = 6;
+            this.gbECPubKey.TabStop = false;
+            this.gbECPubKey.Text = "EC public key:";
+            // 
+            // lbECPubKey
+            // 
+            this.lbECPubKey.AutoSize = true;
+            this.lbECPubKey.Location = new System.Drawing.Point(8, 48);
+            this.lbECPubKey.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECPubKey.Name = "lbECPubKey";
+            this.lbECPubKey.Size = new System.Drawing.Size(39, 13);
+            this.lbECPubKey.TabIndex = 17;
+            this.lbECPubKey.Text = "W(uc):";
+            // 
+            // tbECPubKey
+            // 
+            this.tbECPubKey.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECPubKey.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECPubKey.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECPubKey.Location = new System.Drawing.Point(53, 22);
+            this.tbECPubKey.Multiline = true;
+            this.tbECPubKey.Name = "tbECPubKey";
+            this.tbECPubKey.ScrollBars = System.Windows.Forms.ScrollBars.Horizontal;
+            this.tbECPubKey.Size = new System.Drawing.Size(1049, 65);
+            this.tbECPubKey.TabIndex = 18;
+            // 
+            // gbECDomainParameters
+            // 
+            this.gbECDomainParameters.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbECDomainParameters.Controls.Add(this.lbECParamK);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamK);
+            this.gbECDomainParameters.Controls.Add(this.lbECParamR);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamR);
+            this.gbECDomainParameters.Controls.Add(this.lbECParamG);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamG);
+            this.gbECDomainParameters.Controls.Add(this.lbECParamB);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamB);
+            this.gbECDomainParameters.Controls.Add(this.ltbECParamA);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamA);
+            this.gbECDomainParameters.Controls.Add(this.gbECReductionPolynomial);
+            this.gbECDomainParameters.Controls.Add(this.groupBox1);
+            this.gbECDomainParameters.Controls.Add(this.lbECParamPrime);
+            this.gbECDomainParameters.Controls.Add(this.tbECParamPrime);
+            this.gbECDomainParameters.Location = new System.Drawing.Point(7, 82);
+            this.gbECDomainParameters.Margin = new System.Windows.Forms.Padding(0);
+            this.gbECDomainParameters.Name = "gbECDomainParameters";
+            this.gbECDomainParameters.Size = new System.Drawing.Size(1116, 283);
+            this.gbECDomainParameters.TabIndex = 4;
+            this.gbECDomainParameters.TabStop = false;
+            this.gbECDomainParameters.Text = "EC domain parameters:";
+            // 
+            // lbECParamK
+            // 
+            this.lbECParamK.AutoSize = true;
+            this.lbECParamK.Location = new System.Drawing.Point(260, 239);
+            this.lbECParamK.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamK.Name = "lbECParamK";
+            this.lbECParamK.Size = new System.Drawing.Size(17, 13);
+            this.lbECParamK.TabIndex = 19;
+            this.lbECParamK.Text = "K:";
+            // 
+            // tbECParamK
+            // 
+            this.tbECParamK.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamK.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamK.Location = new System.Drawing.Point(284, 235);
+            this.tbECParamK.Margin = new System.Windows.Forms.Padding(0);
+            this.tbECParamK.Name = "tbECParamK";
+            this.tbECParamK.ReadOnly = true;
+            this.tbECParamK.Size = new System.Drawing.Size(139, 22);
+            this.tbECParamK.TabIndex = 20;
+            // 
+            // lbECParamR
+            // 
+            this.lbECParamR.AutoSize = true;
+            this.lbECParamR.Location = new System.Drawing.Point(260, 207);
+            this.lbECParamR.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamR.Name = "lbECParamR";
+            this.lbECParamR.Size = new System.Drawing.Size(18, 13);
+            this.lbECParamR.TabIndex = 17;
+            this.lbECParamR.Text = "R:";
+            // 
+            // tbECParamR
+            // 
+            this.tbECParamR.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECParamR.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamR.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamR.Location = new System.Drawing.Point(284, 203);
+            this.tbECParamR.Margin = new System.Windows.Forms.Padding(10);
+            this.tbECParamR.Name = "tbECParamR";
+            this.tbECParamR.ReadOnly = true;
+            this.tbECParamR.Size = new System.Drawing.Size(819, 22);
+            this.tbECParamR.TabIndex = 18;
+            // 
+            // lbECParamG
+            // 
+            this.lbECParamG.AutoSize = true;
+            this.lbECParamG.Location = new System.Drawing.Point(242, 152);
+            this.lbECParamG.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamG.Name = "lbECParamG";
+            this.lbECParamG.Size = new System.Drawing.Size(36, 13);
+            this.lbECParamG.TabIndex = 15;
+            this.lbECParamG.Text = "G(uc):";
+            // 
+            // tbECParamG
+            // 
+            this.tbECParamG.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECParamG.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamG.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamG.Location = new System.Drawing.Point(284, 126);
+            this.tbECParamG.Margin = new System.Windows.Forms.Padding(0);
+            this.tbECParamG.Multiline = true;
+            this.tbECParamG.Name = "tbECParamG";
+            this.tbECParamG.ReadOnly = true;
+            this.tbECParamG.ScrollBars = System.Windows.Forms.ScrollBars.Horizontal;
+            this.tbECParamG.Size = new System.Drawing.Size(819, 65);
+            this.tbECParamG.TabIndex = 16;
+            // 
+            // lbECParamB
+            // 
+            this.lbECParamB.AutoSize = true;
+            this.lbECParamB.Location = new System.Drawing.Point(212, 94);
+            this.lbECParamB.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamB.Name = "lbECParamB";
+            this.lbECParamB.Size = new System.Drawing.Size(16, 13);
+            this.lbECParamB.TabIndex = 13;
+            this.lbECParamB.Text = "b:";
+            // 
+            // tbECParamB
+            // 
+            this.tbECParamB.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECParamB.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamB.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamB.Location = new System.Drawing.Point(233, 90);
+            this.tbECParamB.Margin = new System.Windows.Forms.Padding(14);
+            this.tbECParamB.Name = "tbECParamB";
+            this.tbECParamB.ReadOnly = true;
+            this.tbECParamB.Size = new System.Drawing.Size(870, 22);
+            this.tbECParamB.TabIndex = 14;
+            // 
+            // ltbECParamA
+            // 
+            this.ltbECParamA.AutoSize = true;
+            this.ltbECParamA.Location = new System.Drawing.Point(212, 64);
+            this.ltbECParamA.Margin = new System.Windows.Forms.Padding(3);
+            this.ltbECParamA.Name = "ltbECParamA";
+            this.ltbECParamA.Size = new System.Drawing.Size(16, 13);
+            this.ltbECParamA.TabIndex = 11;
+            this.ltbECParamA.Text = "a:";
+            // 
+            // tbECParamA
+            // 
+            this.tbECParamA.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECParamA.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamA.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamA.Location = new System.Drawing.Point(233, 60);
+            this.tbECParamA.Margin = new System.Windows.Forms.Padding(10);
+            this.tbECParamA.Name = "tbECParamA";
+            this.tbECParamA.ReadOnly = true;
+            this.tbECParamA.Size = new System.Drawing.Size(870, 22);
+            this.tbECParamA.TabIndex = 12;
+            // 
+            // gbECReductionPolynomial
+            // 
+            this.gbECReductionPolynomial.Controls.Add(this.rtbECReductionPolynomial);
+            this.gbECReductionPolynomial.Controls.Add(this.lbECParamE3);
+            this.gbECReductionPolynomial.Controls.Add(this.tbECParamE3);
+            this.gbECReductionPolynomial.Controls.Add(this.lbECParamE2);
+            this.gbECReductionPolynomial.Controls.Add(this.tbECParamE2);
+            this.gbECReductionPolynomial.Controls.Add(this.lbECParamE1);
+            this.gbECReductionPolynomial.Controls.Add(this.tbECParamE1);
+            this.gbECReductionPolynomial.Enabled = false;
+            this.gbECReductionPolynomial.Location = new System.Drawing.Point(11, 120);
+            this.gbECReductionPolynomial.Margin = new System.Windows.Forms.Padding(8);
+            this.gbECReductionPolynomial.Name = "gbECReductionPolynomial";
+            this.gbECReductionPolynomial.Size = new System.Drawing.Size(220, 151);
+            this.gbECReductionPolynomial.TabIndex = 10;
+            this.gbECReductionPolynomial.TabStop = false;
+            this.gbECReductionPolynomial.Text = "Reduction polynomial:";
+            // 
+            // rtbECReductionPolynomial
+            // 
+            this.rtbECReductionPolynomial.BorderStyle = System.Windows.Forms.BorderStyle.None;
+            this.rtbECReductionPolynomial.Font = new System.Drawing.Font("Times New Roman", 9.75F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.rtbECReductionPolynomial.Location = new System.Drawing.Point(12, 22);
+            this.rtbECReductionPolynomial.Multiline = false;
+            this.rtbECReductionPolynomial.Name = "rtbECReductionPolynomial";
+            this.rtbECReductionPolynomial.ReadOnly = true;
+            this.rtbECReductionPolynomial.ScrollBars = System.Windows.Forms.RichTextBoxScrollBars.None;
+            this.rtbECReductionPolynomial.Size = new System.Drawing.Size(202, 29);
+            this.rtbECReductionPolynomial.TabIndex = 17;
+            this.rtbECReductionPolynomial.Text = " f(x) = ";
+            // 
+            // lbECParamE3
+            // 
+            this.lbECParamE3.AutoSize = true;
+            this.lbECParamE3.Location = new System.Drawing.Point(12, 119);
+            this.lbECParamE3.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamE3.Name = "lbECParamE3";
+            this.lbECParamE3.Size = new System.Drawing.Size(22, 13);
+            this.lbECParamE3.TabIndex = 15;
+            this.lbECParamE3.Text = "e3:";
+            // 
+            // tbECParamE3
+            // 
+            this.tbECParamE3.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamE3.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamE3.Location = new System.Drawing.Point(41, 115);
+            this.tbECParamE3.Margin = new System.Windows.Forms.Padding(0);
+            this.tbECParamE3.Name = "tbECParamE3";
+            this.tbECParamE3.ReadOnly = true;
+            this.tbECParamE3.Size = new System.Drawing.Size(139, 22);
+            this.tbECParamE3.TabIndex = 16;
+            // 
+            // lbECParamE2
+            // 
+            this.lbECParamE2.AutoSize = true;
+            this.lbECParamE2.Location = new System.Drawing.Point(12, 87);
+            this.lbECParamE2.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamE2.Name = "lbECParamE2";
+            this.lbECParamE2.Size = new System.Drawing.Size(22, 13);
+            this.lbECParamE2.TabIndex = 13;
+            this.lbECParamE2.Text = "e2:";
+            // 
+            // tbECParamE2
+            // 
+            this.tbECParamE2.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamE2.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamE2.Location = new System.Drawing.Point(41, 83);
+            this.tbECParamE2.Margin = new System.Windows.Forms.Padding(10);
+            this.tbECParamE2.Name = "tbECParamE2";
+            this.tbECParamE2.ReadOnly = true;
+            this.tbECParamE2.Size = new System.Drawing.Size(139, 22);
+            this.tbECParamE2.TabIndex = 14;
+            // 
+            // lbECParamE1
+            // 
+            this.lbECParamE1.AutoSize = true;
+            this.lbECParamE1.Location = new System.Drawing.Point(12, 55);
+            this.lbECParamE1.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamE1.Name = "lbECParamE1";
+            this.lbECParamE1.Size = new System.Drawing.Size(22, 13);
+            this.lbECParamE1.TabIndex = 11;
+            this.lbECParamE1.Text = "e1:";
+            // 
+            // tbECParamE1
+            // 
+            this.tbECParamE1.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamE1.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamE1.Location = new System.Drawing.Point(41, 51);
+            this.tbECParamE1.Margin = new System.Windows.Forms.Padding(10);
+            this.tbECParamE1.Name = "tbECParamE1";
+            this.tbECParamE1.ReadOnly = true;
+            this.tbECParamE1.Size = new System.Drawing.Size(139, 22);
+            this.tbECParamE1.TabIndex = 12;
+            // 
+            // groupBox1
+            // 
+            this.groupBox1.Controls.Add(this.rbECFieldPrime);
+            this.groupBox1.Controls.Add(this.rbECFieldBinary);
+            this.groupBox1.Enabled = false;
+            this.groupBox1.Location = new System.Drawing.Point(11, 24);
+            this.groupBox1.Margin = new System.Windows.Forms.Padding(0);
+            this.groupBox1.Name = "groupBox1";
+            this.groupBox1.Size = new System.Drawing.Size(180, 88);
+            this.groupBox1.TabIndex = 2;
+            this.groupBox1.TabStop = false;
+            this.groupBox1.Text = "EC over field:";
+            // 
+            // rbECFieldPrime
+            // 
+            this.rbECFieldPrime.AutoSize = true;
+            this.rbECFieldPrime.Checked = true;
+            this.rbECFieldPrime.Location = new System.Drawing.Point(12, 26);
+            this.rbECFieldPrime.Margin = new System.Windows.Forms.Padding(10);
+            this.rbECFieldPrime.Name = "rbECFieldPrime";
+            this.rbECFieldPrime.Size = new System.Drawing.Size(102, 17);
+            this.rbECFieldPrime.TabIndex = 0;
+            this.rbECFieldPrime.TabStop = true;
+            this.rbECFieldPrime.Text = "Prime field { Fp }";
+            this.rbECFieldPrime.UseVisualStyleBackColor = true;
+            this.rbECFieldPrime.CheckedChanged += new System.EventHandler(this.rbECFieldPrime_CheckedChanged);
+            // 
+            // rbECFieldBinary
+            // 
+            this.rbECFieldBinary.AutoSize = true;
+            this.rbECFieldBinary.Location = new System.Drawing.Point(12, 53);
+            this.rbECFieldBinary.Margin = new System.Windows.Forms.Padding(0);
+            this.rbECFieldBinary.Name = "rbECFieldBinary";
+            this.rbECFieldBinary.Size = new System.Drawing.Size(113, 17);
+            this.rbECFieldBinary.TabIndex = 1;
+            this.rbECFieldBinary.Text = "Binary field { F2m }";
+            this.rbECFieldBinary.UseVisualStyleBackColor = true;
+            this.rbECFieldBinary.CheckedChanged += new System.EventHandler(this.rbECFieldBinary_CheckedChanged);
+            // 
+            // lbECParamPrime
+            // 
+            this.lbECParamPrime.AutoSize = true;
+            this.lbECParamPrime.Location = new System.Drawing.Point(212, 34);
+            this.lbECParamPrime.Margin = new System.Windows.Forms.Padding(3);
+            this.lbECParamPrime.Name = "lbECParamPrime";
+            this.lbECParamPrime.Size = new System.Drawing.Size(16, 13);
+            this.lbECParamPrime.TabIndex = 0;
+            this.lbECParamPrime.Text = "p:";
+            // 
+            // tbECParamPrime
+            // 
+            this.tbECParamPrime.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbECParamPrime.BackColor = System.Drawing.SystemColors.Window;
+            this.tbECParamPrime.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbECParamPrime.Location = new System.Drawing.Point(233, 30);
+            this.tbECParamPrime.Margin = new System.Windows.Forms.Padding(10);
+            this.tbECParamPrime.Name = "tbECParamPrime";
+            this.tbECParamPrime.ReadOnly = true;
+            this.tbECParamPrime.Size = new System.Drawing.Size(870, 22);
+            this.tbECParamPrime.TabIndex = 1;
+            // 
+            // gbECCommands
+            // 
+            this.gbECCommands.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbECCommands.Controls.Add(this.btnECImportFromPem);
+            this.gbECCommands.Controls.Add(this.cbECName);
+            this.gbECCommands.Controls.Add(this.lbECName);
+            this.gbECCommands.Controls.Add(this.cbECKeyLength);
+            this.gbECCommands.Controls.Add(this.lbECKeyLength);
+            this.gbECCommands.Controls.Add(this.btnECImportP12);
+            this.gbECCommands.Location = new System.Drawing.Point(8, 0);
+            this.gbECCommands.Margin = new System.Windows.Forms.Padding(8);
+            this.gbECCommands.Name = "gbECCommands";
+            this.gbECCommands.Size = new System.Drawing.Size(1116, 74);
+            this.gbECCommands.TabIndex = 1;
+            this.gbECCommands.TabStop = false;
+            // 
+            // btnECImportFromPem
+            // 
+            this.btnECImportFromPem.Location = new System.Drawing.Point(406, 15);
+            this.btnECImportFromPem.Margin = new System.Windows.Forms.Padding(0);
+            this.btnECImportFromPem.Name = "btnECImportFromPem";
+            this.btnECImportFromPem.Size = new System.Drawing.Size(160, 48);
+            this.btnECImportFromPem.TabIndex = 10;
+            this.btnECImportFromPem.Text = "Import from PEM file";
+            this.btnECImportFromPem.UseVisualStyleBackColor = true;
+            this.btnECImportFromPem.Click += new System.EventHandler(this.btnECImportFromPem_Click);
+            // 
+            // cbECName
+            // 
+            this.cbECName.DropDownHeight = 432;
+            this.cbECName.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+            this.cbECName.FormattingEnabled = true;
+            this.cbECName.IntegralHeight = false;
+            this.cbECName.Items.AddRange(new object[] {
+            "secp112r1",
+            "secp112r2",
+            "secp128r1",
+            "secp128r2",
+            "secp160k1",
+            "secp160r1",
+            "secp160r2",
+            "secp192k1",
+            "secp192r1",
+            "secp224k1",
+            "secp224r1",
+            "secp256k1",
+            "secp256r1",
+            "secp384r1",
+            "secp521r1",
+            "sect113r1",
+            "sect113r2",
+            "sect131r1",
+            "sect131r2",
+            "sect163k1",
+            "sect163r1",
+            "sect163r2",
+            "sect193r1",
+            "sect193r2",
+            "sect233k1",
+            "sect233r1",
+            "sect239k1",
+            "sect283k1",
+            "sect283r1",
+            "sect409k1",
+            "sect409r1",
+            "sect571k1",
+            "sect571r1"});
+            this.cbECName.Location = new System.Drawing.Point(99, 16);
+            this.cbECName.Margin = new System.Windows.Forms.Padding(2);
+            this.cbECName.Name = "cbECName";
+            this.cbECName.Size = new System.Drawing.Size(124, 21);
+            this.cbECName.TabIndex = 9;
+            this.cbECName.SelectedIndexChanged += new System.EventHandler(this.cbECName_SelectedIndexChanged);
+            // 
+            // lbECName
+            // 
+            this.lbECName.AutoSize = true;
+            this.lbECName.Location = new System.Drawing.Point(8, 19);
+            this.lbECName.Name = "lbECName";
+            this.lbECName.Size = new System.Drawing.Size(67, 13);
+            this.lbECName.TabIndex = 8;
+            this.lbECName.Text = "Curve name:";
+            // 
+            // cbECKeyLength
+            // 
+            this.cbECKeyLength.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+            this.cbECKeyLength.FormattingEnabled = true;
+            this.cbECKeyLength.Items.AddRange(new object[] {
+            "112",
+            "113",
+            "128",
+            "131",
+            "160",
+            "163",
+            "192",
+            "193",
+            "224",
+            "233",
+            "239",
+            "256",
+            "283",
+            "384",
+            "409",
+            "521",
+            "571"});
+            this.cbECKeyLength.Location = new System.Drawing.Point(99, 42);
+            this.cbECKeyLength.Name = "cbECKeyLength";
+            this.cbECKeyLength.Size = new System.Drawing.Size(124, 21);
+            this.cbECKeyLength.TabIndex = 3;
+            this.cbECKeyLength.SelectedIndexChanged += new System.EventHandler(this.cbECKeyLength_SelectedIndexChanged);
+            // 
+            // lbECKeyLength
+            // 
+            this.lbECKeyLength.AutoSize = true;
+            this.lbECKeyLength.Location = new System.Drawing.Point(8, 45);
+            this.lbECKeyLength.Name = "lbECKeyLength";
+            this.lbECKeyLength.Size = new System.Drawing.Size(85, 13);
+            this.lbECKeyLength.TabIndex = 2;
+            this.lbECKeyLength.Text = "Key length [bits]:";
+            // 
+            // btnECImportP12
+            // 
+            this.btnECImportP12.Location = new System.Drawing.Point(236, 15);
+            this.btnECImportP12.Margin = new System.Windows.Forms.Padding(10);
+            this.btnECImportP12.Name = "btnECImportP12";
+            this.btnECImportP12.Size = new System.Drawing.Size(160, 48);
+            this.btnECImportP12.TabIndex = 0;
+            this.btnECImportP12.Text = "Import from PKCS#12 file    (.p12 ;  .pfx)";
+            this.btnECImportP12.UseVisualStyleBackColor = true;
+            this.btnECImportP12.Click += new System.EventHandler(this.btnECImportP12_Click);
+            // 
+            // tabVerify
+            // 
+            this.tabVerify.BackColor = System.Drawing.SystemColors.Control;
+            this.tabVerify.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D;
+            this.tabVerify.Controls.Add(this.gbSignature);
+            this.tabVerify.Controls.Add(this.gbMessage);
+            this.tabVerify.Controls.Add(this.gbSignatureParameters);
+            this.tabVerify.Location = new System.Drawing.Point(4, 22);
+            this.tabVerify.Name = "tabVerify";
+            this.tabVerify.Size = new System.Drawing.Size(1134, 488);
+            this.tabVerify.TabIndex = 3;
+            this.tabVerify.Text = "Verify signature";
+            // 
+            // gbSignature
+            // 
+            this.gbSignature.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbSignature.Controls.Add(this.pbVerification);
+            this.gbSignature.Controls.Add(this.btnVerifySignature);
+            this.gbSignature.Controls.Add(this.btnSignatureLoadFromBin);
+            this.gbSignature.Controls.Add(this.rbSignatureBase64);
+            this.gbSignature.Controls.Add(this.rbSignatureHex);
+            this.gbSignature.Controls.Add(this.lbSignature);
+            this.gbSignature.Controls.Add(this.tbSignature);
+            this.gbSignature.Location = new System.Drawing.Point(8, 219);
+            this.gbSignature.Margin = new System.Windows.Forms.Padding(8);
+            this.gbSignature.Name = "gbSignature";
+            this.gbSignature.Size = new System.Drawing.Size(1116, 137);
+            this.gbSignature.TabIndex = 24;
+            this.gbSignature.TabStop = false;
+            this.gbSignature.Text = "Signature:";
+            // 
+            // pbVerification
+            // 
+            this.pbVerification.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.pbVerification.Location = new System.Drawing.Point(69, 118);
+            this.pbVerification.Maximum = 1000;
+            this.pbVerification.Name = "pbVerification";
+            this.pbVerification.Size = new System.Drawing.Size(1033, 10);
+            this.pbVerification.Step = 1;
+            this.pbVerification.Style = System.Windows.Forms.ProgressBarStyle.Continuous;
+            this.pbVerification.TabIndex = 31;
+            // 
+            // btnVerifySignature
+            // 
+            this.btnVerifySignature.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
+            this.btnVerifySignature.BackColor = System.Drawing.Color.LightBlue;
+            this.btnVerifySignature.Location = new System.Drawing.Point(942, 19);
+            this.btnVerifySignature.Margin = new System.Windows.Forms.Padding(0);
+            this.btnVerifySignature.Name = "btnVerifySignature";
+            this.btnVerifySignature.Size = new System.Drawing.Size(160, 21);
+            this.btnVerifySignature.TabIndex = 30;
+            this.btnVerifySignature.Text = "Verify signature";
+            this.btnVerifySignature.UseVisualStyleBackColor = false;
+            this.btnVerifySignature.Click += new System.EventHandler(this.btnVerifySignature_Click);
+            // 
+            // btnSignatureLoadFromBin
+            // 
+            this.btnSignatureLoadFromBin.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
+            this.btnSignatureLoadFromBin.Location = new System.Drawing.Point(772, 19);
+            this.btnSignatureLoadFromBin.Margin = new System.Windows.Forms.Padding(0);
+            this.btnSignatureLoadFromBin.Name = "btnSignatureLoadFromBin";
+            this.btnSignatureLoadFromBin.Size = new System.Drawing.Size(160, 21);
+            this.btnSignatureLoadFromBin.TabIndex = 29;
+            this.btnSignatureLoadFromBin.Text = "Load signature from binary file";
+            this.btnSignatureLoadFromBin.UseVisualStyleBackColor = true;
+            this.btnSignatureLoadFromBin.Click += new System.EventHandler(this.btnSignatureLoadFromBin_Click);
+            // 
+            // rbSignatureBase64
+            // 
+            this.rbSignatureBase64.AutoSize = true;
+            this.rbSignatureBase64.Location = new System.Drawing.Point(122, 24);
+            this.rbSignatureBase64.Name = "rbSignatureBase64";
+            this.rbSignatureBase64.Size = new System.Drawing.Size(61, 17);
+            this.rbSignatureBase64.TabIndex = 22;
+            this.rbSignatureBase64.TabStop = true;
+            this.rbSignatureBase64.Text = "Base64";
+            this.rbSignatureBase64.UseVisualStyleBackColor = true;
+            this.rbSignatureBase64.Click += new System.EventHandler(this.tbSignatureRadixChanged);
+            // 
+            // rbSignatureHex
+            // 
+            this.rbSignatureHex.AutoSize = true;
+            this.rbSignatureHex.Checked = true;
+            this.rbSignatureHex.Location = new System.Drawing.Point(69, 24);
+            this.rbSignatureHex.Name = "rbSignatureHex";
+            this.rbSignatureHex.Size = new System.Drawing.Size(47, 17);
+            this.rbSignatureHex.TabIndex = 21;
+            this.rbSignatureHex.TabStop = true;
+            this.rbSignatureHex.Text = "HEX";
+            this.rbSignatureHex.UseVisualStyleBackColor = true;
+            this.rbSignatureHex.Click += new System.EventHandler(this.tbSignatureRadixChanged);
+            // 
+            // lbSignature
+            // 
+            this.lbSignature.AutoSize = true;
+            this.lbSignature.Location = new System.Drawing.Point(8, 73);
+            this.lbSignature.Margin = new System.Windows.Forms.Padding(3);
+            this.lbSignature.Name = "lbSignature";
+            this.lbSignature.Size = new System.Drawing.Size(55, 13);
+            this.lbSignature.TabIndex = 17;
+            this.lbSignature.Text = "Signature:";
+            // 
+            // tbSignature
+            // 
+            this.tbSignature.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbSignature.BackColor = System.Drawing.SystemColors.Window;
+            this.tbSignature.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbSignature.Location = new System.Drawing.Point(69, 47);
+            this.tbSignature.Multiline = true;
+            this.tbSignature.Name = "tbSignature";
+            this.tbSignature.ScrollBars = System.Windows.Forms.ScrollBars.Horizontal;
+            this.tbSignature.Size = new System.Drawing.Size(1033, 65);
+            this.tbSignature.TabIndex = 18;
+            // 
+            // gbMessage
+            // 
+            this.gbMessage.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbMessage.Controls.Add(this.btnPlainLoadFromBin);
+            this.gbMessage.Controls.Add(this.rbMessageFromFile);
+            this.gbMessage.Controls.Add(this.rbMessageBase64);
+            this.gbMessage.Controls.Add(this.rbMessageHex);
+            this.gbMessage.Controls.Add(this.rbMessageAscii);
+            this.gbMessage.Controls.Add(this.lbMessage);
+            this.gbMessage.Controls.Add(this.tbMessage);
+            this.gbMessage.Location = new System.Drawing.Point(8, 84);
+            this.gbMessage.Margin = new System.Windows.Forms.Padding(0);
+            this.gbMessage.Name = "gbMessage";
+            this.gbMessage.Size = new System.Drawing.Size(1116, 127);
+            this.gbMessage.TabIndex = 7;
+            this.gbMessage.TabStop = false;
+            this.gbMessage.Text = "Plain text (message for verification):";
+            // 
+            // btnPlainLoadFromBin
+            // 
+            this.btnPlainLoadFromBin.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
+            this.btnPlainLoadFromBin.Location = new System.Drawing.Point(942, 20);
+            this.btnPlainLoadFromBin.Margin = new System.Windows.Forms.Padding(0);
+            this.btnPlainLoadFromBin.Name = "btnPlainLoadFromBin";
+            this.btnPlainLoadFromBin.Size = new System.Drawing.Size(160, 21);
+            this.btnPlainLoadFromBin.TabIndex = 30;
+            this.btnPlainLoadFromBin.Text = "Load message from binary file";
+            this.btnPlainLoadFromBin.UseVisualStyleBackColor = true;
+            this.btnPlainLoadFromBin.Click += new System.EventHandler(this.btnPlainLoadFromBin_Click);
+            // 
+            // rbMessageFromFile
+            // 
+            this.rbMessageFromFile.AutoSize = true;
+            this.rbMessageFromFile.Location = new System.Drawing.Point(211, 24);
+            this.rbMessageFromFile.Name = "rbMessageFromFile";
+            this.rbMessageFromFile.Size = new System.Drawing.Size(379, 17);
+            this.rbMessageFromFile.TabIndex = 23;
+            this.rbMessageFromFile.TabStop = true;
+            this.rbMessageFromFile.Text = "Set file for verification (ATTENTION: it will remove any message text below)";
+            this.rbMessageFromFile.UseVisualStyleBackColor = true;
+            this.rbMessageFromFile.Click += new System.EventHandler(this.tbMessageRadixChanged);
+            // 
+            // rbMessageBase64
+            // 
+            this.rbMessageBase64.AutoSize = true;
+            this.rbMessageBase64.Location = new System.Drawing.Point(86, 24);
+            this.rbMessageBase64.Name = "rbMessageBase64";
+            this.rbMessageBase64.Size = new System.Drawing.Size(61, 17);
+            this.rbMessageBase64.TabIndex = 22;
+            this.rbMessageBase64.TabStop = true;
+            this.rbMessageBase64.Text = "Base64";
+            this.rbMessageBase64.UseVisualStyleBackColor = true;
+            this.rbMessageBase64.Click += new System.EventHandler(this.tbMessageRadixChanged);
+            // 
+            // rbMessageHex
+            // 
+            this.rbMessageHex.AutoSize = true;
+            this.rbMessageHex.Checked = true;
+            this.rbMessageHex.Location = new System.Drawing.Point(33, 24);
+            this.rbMessageHex.Name = "rbMessageHex";
+            this.rbMessageHex.Size = new System.Drawing.Size(47, 17);
+            this.rbMessageHex.TabIndex = 21;
+            this.rbMessageHex.TabStop = true;
+            this.rbMessageHex.Text = "HEX";
+            this.rbMessageHex.UseVisualStyleBackColor = true;
+            this.rbMessageHex.Click += new System.EventHandler(this.tbMessageRadixChanged);
+            // 
+            // rbMessageAscii
+            // 
+            this.rbMessageAscii.AutoSize = true;
+            this.rbMessageAscii.Location = new System.Drawing.Point(153, 24);
+            this.rbMessageAscii.Name = "rbMessageAscii";
+            this.rbMessageAscii.Size = new System.Drawing.Size(52, 17);
+            this.rbMessageAscii.TabIndex = 20;
+            this.rbMessageAscii.Text = "ASCII";
+            this.rbMessageAscii.UseVisualStyleBackColor = true;
+            this.rbMessageAscii.Click += new System.EventHandler(this.tbMessageRadixChanged);
+            // 
+            // lbMessage
+            // 
+            this.lbMessage.AutoSize = true;
+            this.lbMessage.Location = new System.Drawing.Point(8, 73);
+            this.lbMessage.Margin = new System.Windows.Forms.Padding(3);
+            this.lbMessage.Name = "lbMessage";
+            this.lbMessage.Size = new System.Drawing.Size(19, 13);
+            this.lbMessage.TabIndex = 17;
+            this.lbMessage.Text = "M:";
+            // 
+            // tbMessage
+            // 
+            this.tbMessage.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.tbMessage.BackColor = System.Drawing.SystemColors.Window;
+            this.tbMessage.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbMessage.Location = new System.Drawing.Point(33, 47);
+            this.tbMessage.Multiline = true;
+            this.tbMessage.Name = "tbMessage";
+            this.tbMessage.ScrollBars = System.Windows.Forms.ScrollBars.Horizontal;
+            this.tbMessage.Size = new System.Drawing.Size(1069, 65);
+            this.tbMessage.TabIndex = 18;
+            // 
+            // gbSignatureParameters
+            // 
+            this.gbSignatureParameters.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) 
+            | System.Windows.Forms.AnchorStyles.Right)));
+            this.gbSignatureParameters.Controls.Add(this.cbCipher);
+            this.gbSignatureParameters.Controls.Add(this.lbCipher);
+            this.gbSignatureParameters.Controls.Add(this.cbDigest);
+            this.gbSignatureParameters.Controls.Add(this.lbDigest);
+            this.gbSignatureParameters.Location = new System.Drawing.Point(8, 0);
+            this.gbSignatureParameters.Margin = new System.Windows.Forms.Padding(8);
+            this.gbSignatureParameters.Name = "gbSignatureParameters";
+            this.gbSignatureParameters.Size = new System.Drawing.Size(1116, 76);
+            this.gbSignatureParameters.TabIndex = 2;
+            this.gbSignatureParameters.TabStop = false;
+            // 
+            // cbCipher
+            // 
+            this.cbCipher.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+            this.cbCipher.FormattingEnabled = true;
+            this.cbCipher.Items.AddRange(new object[] {
+            "RSA",
+            "ECDSA"});
+            this.cbCipher.Location = new System.Drawing.Point(99, 42);
+            this.cbCipher.Name = "cbCipher";
+            this.cbCipher.Size = new System.Drawing.Size(124, 21);
+            this.cbCipher.TabIndex = 9;
+            // 
+            // lbCipher
+            // 
+            this.lbCipher.AutoSize = true;
+            this.lbCipher.Location = new System.Drawing.Point(8, 45);
+            this.lbCipher.Name = "lbCipher";
+            this.lbCipher.Size = new System.Drawing.Size(85, 13);
+            this.lbCipher.TabIndex = 8;
+            this.lbCipher.Text = "Cipher algorithm:";
+            // 
+            // cbDigest
+            // 
+            this.cbDigest.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+            this.cbDigest.FormattingEnabled = true;
+            this.cbDigest.Items.AddRange(new object[] {
+            "SHA-1",
+            "SHA-224",
+            "SHA-256",
+            "SHA-384",
+            "SHA-512"});
+            this.cbDigest.Location = new System.Drawing.Point(143, 16);
+            this.cbDigest.Name = "cbDigest";
+            this.cbDigest.Size = new System.Drawing.Size(80, 21);
+            this.cbDigest.TabIndex = 9;
+            // 
+            // lbDigest
+            // 
+            this.lbDigest.AutoSize = true;
+            this.lbDigest.Location = new System.Drawing.Point(8, 19);
+            this.lbDigest.Name = "lbDigest";
+            this.lbDigest.Size = new System.Drawing.Size(129, 13);
+            this.lbDigest.TabIndex = 8;
+            this.lbDigest.Text = "Message digest algorithm:";
+            // 
+            // llbDLogicURL
+            // 
+            this.llbDLogicURL.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
+            this.llbDLogicURL.Location = new System.Drawing.Point(690, 7);
+            this.llbDLogicURL.Name = "llbDLogicURL";
+            this.llbDLogicURL.Size = new System.Drawing.Size(460, 24);
+            this.llbDLogicURL.TabIndex = 1;
+            this.llbDLogicURL.TabStop = true;
+            this.llbDLogicURL.Text = "http://www.d-logic.net/nfc-rfid-reader-sdk/";
+            this.llbDLogicURL.TextAlign = System.Drawing.ContentAlignment.MiddleRight;
+            this.llbDLogicURL.LinkClicked += new System.Windows.Forms.LinkLabelLinkClickedEventHandler(this.llbDLogicURL_LinkClicked);
+            // 
+            // frmMain
+            // 
+            this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
+            this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+            this.ClientSize = new System.Drawing.Size(1164, 537);
+            this.Controls.Add(this.llbDLogicURL);
+            this.Controls.Add(this.tabControl);
+            this.MinimumSize = new System.Drawing.Size(1040, 576);
+            this.Name = "frmMain";
+            this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
+            this.Text = "Digital Signature Verifier";
+            this.Load += new System.EventHandler(this.frmMain_Load);
+            this.tabControl.ResumeLayout(false);
+            this.tabRSAPubKey.ResumeLayout(false);
+            this.gbRSAModulus.ResumeLayout(false);
+            this.gbRSAModulus.PerformLayout();
+            this.gbRSACommands.ResumeLayout(false);
+            this.gbRSACommands.PerformLayout();
+            this.tabECPubKey.ResumeLayout(false);
+            this.gbECPubKey.ResumeLayout(false);
+            this.gbECPubKey.PerformLayout();
+            this.gbECDomainParameters.ResumeLayout(false);
+            this.gbECDomainParameters.PerformLayout();
+            this.gbECReductionPolynomial.ResumeLayout(false);
+            this.gbECReductionPolynomial.PerformLayout();
+            this.groupBox1.ResumeLayout(false);
+            this.groupBox1.PerformLayout();
+            this.gbECCommands.ResumeLayout(false);
+            this.gbECCommands.PerformLayout();
+            this.tabVerify.ResumeLayout(false);
+            this.gbSignature.ResumeLayout(false);
+            this.gbSignature.PerformLayout();
+            this.gbMessage.ResumeLayout(false);
+            this.gbMessage.PerformLayout();
+            this.gbSignatureParameters.ResumeLayout(false);
+            this.gbSignatureParameters.PerformLayout();
+            this.ResumeLayout(false);
+
+        }
+
+        #endregion
+        private System.Windows.Forms.TabControl tabControl;
+        private System.Windows.Forms.TabPage tabRSAPubKey;
+        private System.Windows.Forms.TabPage tabECPubKey;
+        private System.Windows.Forms.TabPage tabVerify;
+        private System.Windows.Forms.Label lbRSAKeyLength;
+        private System.Windows.Forms.LinkLabel llbDLogicURL;
+        private System.Windows.Forms.ComboBox cbRSAKeyLength;
+        private System.Windows.Forms.GroupBox gbRSACommands;
+        private System.Windows.Forms.Button btnRSAImportP12;
+        private System.Windows.Forms.GroupBox gbRSAModulus;
+        private System.Windows.Forms.Label lbRSAModulus;
+        private System.Windows.Forms.TextBox tbRSAModulus;
+        private System.Windows.Forms.GroupBox gbECCommands;
+        private System.Windows.Forms.ComboBox cbECKeyLength;
+        private System.Windows.Forms.Label lbECKeyLength;
+        private System.Windows.Forms.Button btnECImportP12;
+        private System.Windows.Forms.ComboBox cbECName;
+        private System.Windows.Forms.Label lbECName;
+        private System.Windows.Forms.GroupBox gbECDomainParameters;
+        private System.Windows.Forms.GroupBox groupBox1;
+        private System.Windows.Forms.RadioButton rbECFieldPrime;
+        private System.Windows.Forms.RadioButton rbECFieldBinary;
+        private System.Windows.Forms.Label lbECParamPrime;
+        private System.Windows.Forms.TextBox tbECParamPrime;
+        private System.Windows.Forms.GroupBox gbECReductionPolynomial;
+        private System.Windows.Forms.RichTextBox rtbECReductionPolynomial;
+        private System.Windows.Forms.Label lbECParamE3;
+        private System.Windows.Forms.TextBox tbECParamE3;
+        private System.Windows.Forms.Label lbECParamE2;
+        private System.Windows.Forms.TextBox tbECParamE2;
+        private System.Windows.Forms.Label lbECParamE1;
+        private System.Windows.Forms.TextBox tbECParamE1;
+        private System.Windows.Forms.Label lbECParamK;
+        private System.Windows.Forms.TextBox tbECParamK;
+        private System.Windows.Forms.Label lbECParamR;
+        private System.Windows.Forms.TextBox tbECParamR;
+        private System.Windows.Forms.Label lbECParamG;
+        private System.Windows.Forms.TextBox tbECParamG;
+        private System.Windows.Forms.Label lbECParamB;
+        private System.Windows.Forms.TextBox tbECParamB;
+        private System.Windows.Forms.Label ltbECParamA;
+        private System.Windows.Forms.TextBox tbECParamA;
+        private System.Windows.Forms.GroupBox gbECPubKey;
+        private System.Windows.Forms.Label lbECPubKey;
+        private System.Windows.Forms.TextBox tbECPubKey;
+        private System.Windows.Forms.GroupBox gbSignatureParameters;
+        private System.Windows.Forms.ComboBox cbDigest;
+        private System.Windows.Forms.Label lbDigest;
+        private System.Windows.Forms.ComboBox cbCipher;
+        private System.Windows.Forms.Label lbCipher;
+        private System.Windows.Forms.GroupBox gbMessage;
+        private System.Windows.Forms.RadioButton rbMessageFromFile;
+        private System.Windows.Forms.RadioButton rbMessageBase64;
+        private System.Windows.Forms.RadioButton rbMessageHex;
+        private System.Windows.Forms.RadioButton rbMessageAscii;
+        private System.Windows.Forms.Label lbMessage;
+        private System.Windows.Forms.TextBox tbMessage;
+        private System.Windows.Forms.GroupBox gbSignature;
+        private System.Windows.Forms.RadioButton rbSignatureBase64;
+        private System.Windows.Forms.RadioButton rbSignatureHex;
+        private System.Windows.Forms.Label lbSignature;
+        private System.Windows.Forms.TextBox tbSignature;
+        private System.Windows.Forms.Label lbRSAPubExp;
+        private System.Windows.Forms.TextBox tbRSAPubExp;
+        private System.Windows.Forms.Button btnSignatureLoadFromBin;
+        private System.Windows.Forms.Button btnVerifySignature;
+        private System.Windows.Forms.Button btnPlainLoadFromBin;
+        private System.Windows.Forms.Button btnRSAImportPem;
+        private System.Windows.Forms.Button btnECImportFromPem;
+        private System.Windows.Forms.ProgressBar pbVerification;
+    }
+}
+
diff --git a/frmMain.resx b/frmMain.resx
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/frmMain.resx
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+</root>
\ No newline at end of file
diff --git a/frmPassword.cs b/frmPassword.cs
new file mode 100644
index 0000000..27b5641
--- /dev/null
+++ b/frmPassword.cs
@@ -0,0 +1,25 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Forms;
+
+namespace SignatureVerifier
+{
+    public partial class frmPassword : Form
+    {
+        public string password
+        {
+            get { return tbPassword.Text; }
+        }
+
+        public frmPassword()
+        {
+            InitializeComponent();
+        }
+    }
+}
diff --git a/frmPassword.designer.cs b/frmPassword.designer.cs
new file mode 100644
index 0000000..950520b
--- /dev/null
+++ b/frmPassword.designer.cs
@@ -0,0 +1,102 @@
+namespace SignatureVerifier
+{
+    partial class frmPassword
+    {
+        /// <summary>
+        /// Required designer variable.
+        /// </summary>
+        private System.ComponentModel.IContainer components = null;
+
+        /// <summary>
+        /// Clean up any resources being used.
+        /// </summary>
+        /// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
+        protected override void Dispose(bool disposing)
+        {
+            if (disposing && (components != null))
+            {
+                components.Dispose();
+            }
+            base.Dispose(disposing);
+        }
+
+        #region Windows Form Designer generated code
+
+        /// <summary>
+        /// Required method for Designer support - do not modify
+        /// the contents of this method with the code editor.
+        /// </summary>
+        private void InitializeComponent()
+        {
+            this.lbPassword = new System.Windows.Forms.Label();
+            this.tbPassword = new System.Windows.Forms.TextBox();
+            this.btnOk = new System.Windows.Forms.Button();
+            this.btnCancel = new System.Windows.Forms.Button();
+            this.SuspendLayout();
+            // 
+            // lbPassword
+            // 
+            this.lbPassword.AutoSize = true;
+            this.lbPassword.Location = new System.Drawing.Point(102, 24);
+            this.lbPassword.Name = "lbPassword";
+            this.lbPassword.Size = new System.Drawing.Size(80, 13);
+            this.lbPassword.TabIndex = 0;
+            this.lbPassword.Text = "Enter password";
+            // 
+            // tbPassword
+            // 
+            this.tbPassword.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(238)));
+            this.tbPassword.Location = new System.Drawing.Point(12, 49);
+            this.tbPassword.Name = "tbPassword";
+            this.tbPassword.PasswordChar = '*';
+            this.tbPassword.Size = new System.Drawing.Size(260, 22);
+            this.tbPassword.TabIndex = 1;
+            // 
+            // btnOk
+            // 
+            this.btnOk.DialogResult = System.Windows.Forms.DialogResult.OK;
+            this.btnOk.Location = new System.Drawing.Point(12, 89);
+            this.btnOk.Name = "btnOk";
+            this.btnOk.Size = new System.Drawing.Size(122, 23);
+            this.btnOk.TabIndex = 2;
+            this.btnOk.Text = "&OK";
+            this.btnOk.UseVisualStyleBackColor = true;
+            // 
+            // btnCancel
+            // 
+            this.btnCancel.DialogResult = System.Windows.Forms.DialogResult.Cancel;
+            this.btnCancel.Location = new System.Drawing.Point(140, 89);
+            this.btnCancel.Name = "btnCancel";
+            this.btnCancel.Size = new System.Drawing.Size(132, 23);
+            this.btnCancel.TabIndex = 3;
+            this.btnCancel.Text = "&Cancel";
+            this.btnCancel.UseVisualStyleBackColor = true;
+            // 
+            // frmPassword
+            // 
+            this.AcceptButton = this.btnOk;
+            this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
+            this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+            this.CancelButton = this.btnCancel;
+            this.ClientSize = new System.Drawing.Size(284, 141);
+            this.Controls.Add(this.btnCancel);
+            this.Controls.Add(this.btnOk);
+            this.Controls.Add(this.tbPassword);
+            this.Controls.Add(this.lbPassword);
+            this.FormBorderStyle = System.Windows.Forms.FormBorderStyle.FixedDialog;
+            this.Name = "frmPassword";
+            this.StartPosition = System.Windows.Forms.FormStartPosition.CenterParent;
+            this.Text = "Password";
+            this.ResumeLayout(false);
+            this.PerformLayout();
+
+        }
+
+        #endregion
+
+        private System.Windows.Forms.Label lbPassword;
+        private System.Windows.Forms.TextBox tbPassword;
+        private System.Windows.Forms.Button btnOk;
+        private System.Windows.Forms.Button btnCancel;
+    }
+}
\ No newline at end of file
diff --git a/frmPassword.resx b/frmPassword.resx
new file mode 100644
index 0000000..1af7de1
--- /dev/null
+++ b/frmPassword.resx
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+</root>
\ No newline at end of file
-- 
GitLab